2 Unix SMB/CIFS implementation.
3 Winbind Utility functions
5 Copyright (C) Gerald (Jerry) Carter 2007
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "../libcli/security/security.h"
23 #include "../lib/util/util_pw.h"
24 #include "nsswitch/libwbclient/wbclient.h"
26 #if defined(WITH_WINBIND)
28 #include "lib/winbind_util.h"
30 struct passwd
* winbind_getpwnam(const char * name
)
33 struct passwd
* tmp_pwd
= NULL
;
34 struct passwd
* pwd
= NULL
;
36 result
= wbcGetpwnam(name
, &tmp_pwd
);
37 if (result
!= WBC_ERR_SUCCESS
)
40 pwd
= tcopy_passwd(talloc_tos(), tmp_pwd
);
42 wbcFreeMemory(tmp_pwd
);
47 struct passwd
* winbind_getpwsid(const struct dom_sid
*sid
)
50 struct passwd
* tmp_pwd
= NULL
;
51 struct passwd
* pwd
= NULL
;
52 struct wbcDomainSid dom_sid
;
54 memcpy(&dom_sid
, sid
, sizeof(dom_sid
));
56 result
= wbcGetpwsid(&dom_sid
, &tmp_pwd
);
57 if (result
!= WBC_ERR_SUCCESS
)
60 pwd
= tcopy_passwd(talloc_tos(), tmp_pwd
);
62 wbcFreeMemory(tmp_pwd
);
67 /* Call winbindd to convert a name to a sid */
69 bool winbind_lookup_name(const char *dom_name
, const char *name
, struct dom_sid
*sid
,
70 enum lsa_SidType
*name_type
)
72 struct wbcDomainSid dom_sid
;
76 result
= wbcLookupName(dom_name
, name
, &dom_sid
, &type
);
77 if (result
!= WBC_ERR_SUCCESS
)
80 memcpy(sid
, &dom_sid
, sizeof(struct dom_sid
));
81 *name_type
= (enum lsa_SidType
)type
;
86 /* Call winbindd to convert sid to name */
88 bool winbind_lookup_sid(TALLOC_CTX
*mem_ctx
, const struct dom_sid
*sid
,
89 const char **domain
, const char **name
,
90 enum lsa_SidType
*name_type
)
92 struct wbcDomainSid dom_sid
;
95 char *domain_name
= NULL
;
96 char *account_name
= NULL
;
98 memcpy(&dom_sid
, sid
, sizeof(dom_sid
));
100 result
= wbcLookupSid(&dom_sid
, &domain_name
, &account_name
, &type
);
101 if (result
!= WBC_ERR_SUCCESS
)
104 /* Copy out result */
107 *domain
= talloc_strdup(mem_ctx
, domain_name
);
110 *name
= talloc_strdup(mem_ctx
, account_name
);
112 *name_type
= (enum lsa_SidType
)type
;
114 DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n",
115 sid_string_dbg(sid
), domain_name
, account_name
));
117 wbcFreeMemory(domain_name
);
118 wbcFreeMemory(account_name
);
120 if ((domain
&& !*domain
) || (name
&& !*name
)) {
121 DEBUG(0,("winbind_lookup_sid: talloc() failed!\n"));
129 /* Ping winbindd to see it is alive */
131 bool winbind_ping(void)
133 wbcErr result
= wbcPing();
135 return (result
== WBC_ERR_SUCCESS
);
138 /* Call winbindd to convert SID to uid */
140 bool winbind_sid_to_uid(uid_t
*puid
, const struct dom_sid
*sid
)
142 struct wbcDomainSid dom_sid
;
145 memcpy(&dom_sid
, sid
, sizeof(dom_sid
));
147 result
= wbcSidToUid(&dom_sid
, puid
);
149 return (result
== WBC_ERR_SUCCESS
);
152 /* Call winbindd to convert uid to sid */
154 bool winbind_uid_to_sid(struct dom_sid
*sid
, uid_t uid
)
156 struct wbcDomainSid dom_sid
;
159 result
= wbcUidToSid(uid
, &dom_sid
);
160 if (result
== WBC_ERR_SUCCESS
) {
161 memcpy(sid
, &dom_sid
, sizeof(struct dom_sid
));
163 sid_copy(sid
, &global_sid_NULL
);
166 return (result
== WBC_ERR_SUCCESS
);
169 /* Call winbindd to convert SID to gid */
171 bool winbind_sid_to_gid(gid_t
*pgid
, const struct dom_sid
*sid
)
173 struct wbcDomainSid dom_sid
;
176 memcpy(&dom_sid
, sid
, sizeof(dom_sid
));
178 result
= wbcSidToGid(&dom_sid
, pgid
);
180 return (result
== WBC_ERR_SUCCESS
);
183 /* Call winbindd to convert gid to sid */
185 bool winbind_gid_to_sid(struct dom_sid
*sid
, gid_t gid
)
187 struct wbcDomainSid dom_sid
;
190 result
= wbcGidToSid(gid
, &dom_sid
);
191 if (result
== WBC_ERR_SUCCESS
) {
192 memcpy(sid
, &dom_sid
, sizeof(struct dom_sid
));
194 sid_copy(sid
, &global_sid_NULL
);
197 return (result
== WBC_ERR_SUCCESS
);
200 /* Check for a trusted domain */
202 wbcErr
wb_is_trusted_domain(const char *domain
)
205 struct wbcDomainInfo
*info
= NULL
;
207 result
= wbcDomainInfo(domain
, &info
);
209 if (WBC_ERROR_IS_OK(result
)) {
216 /* Lookup a set of rids in a given domain */
218 bool winbind_lookup_rids(TALLOC_CTX
*mem_ctx
,
219 const struct dom_sid
*domain_sid
,
220 int num_rids
, uint32
*rids
,
221 const char **domain_name
,
222 const char ***names
, enum lsa_SidType
**types
)
224 const char *dom_name
= NULL
;
225 const char **namelist
= NULL
;
226 enum wbcSidType
*name_types
= NULL
;
227 struct wbcDomainSid dom_sid
;
231 memcpy(&dom_sid
, domain_sid
, sizeof(struct wbcDomainSid
));
233 ret
= wbcLookupRids(&dom_sid
, num_rids
, rids
,
234 &dom_name
, &namelist
, &name_types
);
235 if (ret
!= WBC_ERR_SUCCESS
) {
239 *domain_name
= talloc_strdup(mem_ctx
, dom_name
);
240 *names
= talloc_array(mem_ctx
, const char*, num_rids
);
241 *types
= talloc_array(mem_ctx
, enum lsa_SidType
, num_rids
);
243 for(i
=0; i
<num_rids
; i
++) {
244 (*names
)[i
] = talloc_strdup(*names
, namelist
[i
]);
245 (*types
)[i
] = (enum lsa_SidType
)name_types
[i
];
248 wbcFreeMemory(discard_const_p(char, dom_name
));
249 wbcFreeMemory(namelist
);
250 wbcFreeMemory(name_types
);
255 /* Ask Winbind to allocate a new uid for us */
257 bool winbind_allocate_uid(uid_t
*uid
)
261 ret
= wbcAllocateUid(uid
);
263 return (ret
== WBC_ERR_SUCCESS
);
266 /* Ask Winbind to allocate a new gid for us */
268 bool winbind_allocate_gid(gid_t
*gid
)
272 ret
= wbcAllocateGid(gid
);
274 return (ret
== WBC_ERR_SUCCESS
);
277 bool winbind_get_groups(TALLOC_CTX
* mem_ctx
, const char *account
, uint32_t *num_groups
, gid_t
**_groups
)
281 gid_t
*group_list
= NULL
;
283 ret
= wbcGetGroups(account
, &ngroups
, &group_list
);
284 if (ret
!= WBC_ERR_SUCCESS
)
287 *_groups
= talloc_array(mem_ctx
, gid_t
, ngroups
);
288 if (*_groups
== NULL
) {
289 wbcFreeMemory(group_list
);
293 memcpy(*_groups
, group_list
, ngroups
* sizeof(gid_t
));
294 *num_groups
= ngroups
;
296 wbcFreeMemory(group_list
);
300 bool winbind_get_sid_aliases(TALLOC_CTX
*mem_ctx
,
301 const struct dom_sid
*dom_sid
,
302 const struct dom_sid
*members
,
304 uint32_t **pp_alias_rids
,
305 size_t *p_num_alias_rids
)
308 struct wbcDomainSid domain_sid
;
309 struct wbcDomainSid
*sid_list
= NULL
;
314 memcpy(&domain_sid
, dom_sid
, sizeof(*dom_sid
));
316 sid_list
= talloc_array(mem_ctx
, struct wbcDomainSid
, num_members
);
318 for (i
=0; i
< num_members
; i
++) {
319 memcpy(&sid_list
[i
], &members
[i
], sizeof(sid_list
[i
]));
322 ret
= wbcGetSidAliases(&domain_sid
,
327 if (ret
!= WBC_ERR_SUCCESS
) {
331 *pp_alias_rids
= talloc_array(mem_ctx
, uint32_t, num_rids
);
332 if (*pp_alias_rids
== NULL
) {
337 memcpy(*pp_alias_rids
, rids
, sizeof(uint32_t) * num_rids
);
339 *p_num_alias_rids
= num_rids
;
345 bool winbind_lookup_usersids(TALLOC_CTX
*mem_ctx
,
346 const struct dom_sid
*user_sid
,
347 uint32_t *p_num_sids
,
348 struct dom_sid
**p_sids
)
351 struct wbcDomainSid dom_sid
;
352 struct wbcDomainSid
*sid_list
= NULL
;
355 memcpy(&dom_sid
, user_sid
, sizeof(dom_sid
));
357 ret
= wbcLookupUserSids(&dom_sid
,
361 if (ret
!= WBC_ERR_SUCCESS
) {
365 *p_sids
= talloc_array(mem_ctx
, struct dom_sid
, num_sids
);
366 if (*p_sids
== NULL
) {
367 wbcFreeMemory(sid_list
);
371 memcpy(*p_sids
, sid_list
, sizeof(dom_sid
) * num_sids
);
373 *p_num_sids
= num_sids
;
374 wbcFreeMemory(sid_list
);
379 #else /* WITH_WINBIND */
381 struct passwd
* winbind_getpwnam(const char * name
)
386 struct passwd
* winbind_getpwsid(const struct dom_sid
*sid
)
391 bool winbind_lookup_name(const char *dom_name
, const char *name
, struct dom_sid
*sid
,
392 enum lsa_SidType
*name_type
)
397 /* Call winbindd to convert sid to name */
399 bool winbind_lookup_sid(TALLOC_CTX
*mem_ctx
, const struct dom_sid
*sid
,
400 const char **domain
, const char **name
,
401 enum lsa_SidType
*name_type
)
406 /* Ping winbindd to see it is alive */
408 bool winbind_ping(void)
413 /* Call winbindd to convert SID to uid */
415 bool winbind_sid_to_uid(uid_t
*puid
, const struct dom_sid
*sid
)
420 /* Call winbindd to convert uid to sid */
422 bool winbind_uid_to_sid(struct dom_sid
*sid
, uid_t uid
)
427 /* Call winbindd to convert SID to gid */
429 bool winbind_sid_to_gid(gid_t
*pgid
, const struct dom_sid
*sid
)
434 /* Call winbindd to convert gid to sid */
436 bool winbind_gid_to_sid(struct dom_sid
*sid
, gid_t gid
)
441 /* Check for a trusted domain */
443 wbcErr
wb_is_trusted_domain(const char *domain
)
445 return WBC_ERR_UNKNOWN_FAILURE
;
448 /* Lookup a set of rids in a given domain */
450 bool winbind_lookup_rids(TALLOC_CTX
*mem_ctx
,
451 const struct dom_sid
*domain_sid
,
452 int num_rids
, uint32
*rids
,
453 const char **domain_name
,
454 const char ***names
, enum lsa_SidType
**types
)
459 /* Ask Winbind to allocate a new uid for us */
461 bool winbind_allocate_uid(uid_t
*uid
)
466 /* Ask Winbind to allocate a new gid for us */
468 bool winbind_allocate_gid(gid_t
*gid
)
473 bool winbind_get_groups(TALLOC_CTX
*mem_ctx
, const char *account
, uint32_t *num_groups
, gid_t
**_groups
)
478 bool winbind_get_sid_aliases(TALLOC_CTX
*mem_ctx
,
479 const struct dom_sid
*dom_sid
,
480 const struct dom_sid
*members
,
482 uint32_t **pp_alias_rids
,
483 size_t *p_num_alias_rids
)
488 #endif /* WITH_WINBIND */