2 Unix SMB/CIFS implementation.
4 Copyright (C) Volker Lendecke 2009
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/ndr_wbint_c.h"
23 #include "../libcli/security/security.h"
25 struct wb_getgrsid_state
{
26 struct tevent_context
*ev
;
31 enum lsa_SidType type
;
33 struct talloc_dict
*members
;
36 static void wb_getgrsid_lookupsid_done(struct tevent_req
*subreq
);
37 static void wb_getgrsid_sid2gid_done(struct tevent_req
*subreq
);
38 static void wb_getgrsid_got_members(struct tevent_req
*subreq
);
40 struct tevent_req
*wb_getgrsid_send(TALLOC_CTX
*mem_ctx
,
41 struct tevent_context
*ev
,
42 const struct dom_sid
*group_sid
,
45 struct tevent_req
*req
, *subreq
;
46 struct wb_getgrsid_state
*state
;
48 req
= tevent_req_create(mem_ctx
, &state
, struct wb_getgrsid_state
);
52 sid_copy(&state
->sid
, group_sid
);
54 state
->max_nesting
= max_nesting
;
56 if (lp_winbind_trusted_domains_only()) {
57 struct winbindd_domain
*our_domain
= find_our_domain();
59 if (dom_sid_compare_domain(group_sid
, &our_domain
->sid
) == 0) {
60 DEBUG(7, ("winbindd_getgrsid: My domain -- rejecting "
61 "getgrsid() for %s\n", sid_string_tos(group_sid
)));
62 tevent_req_nterror(req
, NT_STATUS_NO_SUCH_GROUP
);
63 return tevent_req_post(req
, ev
);
67 subreq
= wb_lookupsid_send(state
, ev
, &state
->sid
);
68 if (tevent_req_nomem(subreq
, req
)) {
69 return tevent_req_post(req
, ev
);
71 tevent_req_set_callback(subreq
, wb_getgrsid_lookupsid_done
, req
);
75 static void wb_getgrsid_lookupsid_done(struct tevent_req
*subreq
)
77 struct tevent_req
*req
= tevent_req_callback_data(
78 subreq
, struct tevent_req
);
79 struct wb_getgrsid_state
*state
= tevent_req_data(
80 req
, struct wb_getgrsid_state
);
83 status
= wb_lookupsid_recv(subreq
, state
, &state
->type
,
84 &state
->domname
, &state
->name
);
86 if (!NT_STATUS_IS_OK(status
)) {
87 tevent_req_nterror(req
, status
);
91 switch (state
->type
) {
92 case SID_NAME_DOM_GRP
:
94 case SID_NAME_WKN_GRP
:
97 tevent_req_nterror(req
, NT_STATUS_NO_SUCH_GROUP
);
101 subreq
= wb_sid2gid_send(state
, state
->ev
, &state
->sid
);
102 if (tevent_req_nomem(subreq
, req
)) {
105 tevent_req_set_callback(subreq
, wb_getgrsid_sid2gid_done
, req
);
108 static void wb_getgrsid_sid2gid_done(struct tevent_req
*subreq
)
110 struct tevent_req
*req
= tevent_req_callback_data(
111 subreq
, struct tevent_req
);
112 struct wb_getgrsid_state
*state
= tevent_req_data(
113 req
, struct wb_getgrsid_state
);
116 status
= wb_sid2gid_recv(subreq
, &state
->gid
);
118 if (!NT_STATUS_IS_OK(status
)) {
119 tevent_req_nterror(req
, status
);
122 subreq
= wb_group_members_send(state
, state
->ev
, &state
->sid
,
123 state
->type
, state
->max_nesting
);
124 if (tevent_req_nomem(subreq
, req
)) {
127 tevent_req_set_callback(subreq
, wb_getgrsid_got_members
, req
);
130 static void wb_getgrsid_got_members(struct tevent_req
*subreq
)
132 struct tevent_req
*req
= tevent_req_callback_data(
133 subreq
, struct tevent_req
);
134 struct wb_getgrsid_state
*state
= tevent_req_data(
135 req
, struct wb_getgrsid_state
);
138 status
= wb_group_members_recv(subreq
, state
, &state
->members
);
140 if (!NT_STATUS_IS_OK(status
)) {
141 tevent_req_nterror(req
, status
);
144 tevent_req_done(req
);
147 NTSTATUS
wb_getgrsid_recv(struct tevent_req
*req
, TALLOC_CTX
*mem_ctx
,
148 const char **domname
, const char **name
, gid_t
*gid
,
149 struct talloc_dict
**members
)
151 struct wb_getgrsid_state
*state
= tevent_req_data(
152 req
, struct wb_getgrsid_state
);
155 if (tevent_req_is_nterror(req
, &status
)) {
158 *domname
= talloc_move(mem_ctx
, &state
->domname
);
159 *name
= talloc_move(mem_ctx
, &state
->name
);
161 *members
= talloc_move(mem_ctx
, &state
->members
);