2 Unix SMB/CIFS implementation.
3 async lookupgroupmembers
4 Copyright (C) Volker Lendecke 2009
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/cli_wbint.h"
25 * We have 3 sets of routines here:
27 * wb_lookupgroupmem is the low-level one-group routine
29 * wb_groups_members walks a list of groups
31 * wb_group_members finally is the high-level routine expanding groups
36 * TODO: fill_grent_mem_domusers must be re-added
40 * Look up members of a single group. Essentially a wrapper around the
41 * lookup_groupmem winbindd_methods routine.
44 struct wb_lookupgroupmem_state
{
46 struct wbint_Principals members
;
49 static void wb_lookupgroupmem_done(struct tevent_req
*subreq
);
51 static struct tevent_req
*wb_lookupgroupmem_send(TALLOC_CTX
*mem_ctx
,
52 struct tevent_context
*ev
,
53 const struct dom_sid
*group_sid
,
54 enum lsa_SidType type
)
56 struct tevent_req
*req
, *subreq
;
57 struct wb_lookupgroupmem_state
*state
;
58 struct winbindd_domain
*domain
;
60 req
= tevent_req_create(mem_ctx
, &state
,
61 struct wb_lookupgroupmem_state
);
65 sid_copy(&state
->sid
, group_sid
);
67 domain
= find_domain_from_sid_noinit(group_sid
);
69 tevent_req_nterror(req
, NT_STATUS_NO_SUCH_GROUP
);
70 return tevent_req_post(req
, ev
);
73 subreq
= rpccli_wbint_LookupGroupMembers_send(
74 state
, ev
, domain
->child
.rpccli
, &state
->sid
, type
,
76 if (tevent_req_nomem(subreq
, req
)) {
77 return tevent_req_post(req
, ev
);
79 tevent_req_set_callback(subreq
, wb_lookupgroupmem_done
, req
);
83 static void wb_lookupgroupmem_done(struct tevent_req
*subreq
)
85 struct tevent_req
*req
= tevent_req_callback_data(
86 subreq
, struct tevent_req
);
87 struct wb_lookupgroupmem_state
*state
= tevent_req_data(
88 req
, struct wb_lookupgroupmem_state
);
89 NTSTATUS status
, result
;
91 status
= rpccli_wbint_LookupGroupMembers_recv(subreq
, state
, &result
);
93 if (!NT_STATUS_IS_OK(status
)) {
94 tevent_req_nterror(req
, status
);
97 if (!NT_STATUS_IS_OK(result
)) {
98 tevent_req_nterror(req
, result
);
101 tevent_req_done(req
);
104 static NTSTATUS
wb_lookupgroupmem_recv(struct tevent_req
*req
,
107 struct wbint_Principal
**members
)
109 struct wb_lookupgroupmem_state
*state
= tevent_req_data(
110 req
, struct wb_lookupgroupmem_state
);
113 if (tevent_req_is_nterror(req
, &status
)) {
117 *num_members
= state
->members
.num_principals
;
118 *members
= talloc_move(mem_ctx
, &state
->members
.principals
);
123 * Same as wb_lookupgroupmem for a list of groups
126 struct wb_groups_members_state
{
127 struct tevent_context
*ev
;
128 struct wbint_Principal
*groups
;
131 struct wbint_Principal
*all_members
;
134 static NTSTATUS
wb_groups_members_next_subreq(
135 struct wb_groups_members_state
*state
,
136 TALLOC_CTX
*mem_ctx
, struct tevent_req
**psubreq
);
137 static void wb_groups_members_done(struct tevent_req
*subreq
);
139 static struct tevent_req
*wb_groups_members_send(TALLOC_CTX
*mem_ctx
,
140 struct tevent_context
*ev
,
142 struct wbint_Principal
*groups
)
144 struct tevent_req
*req
, *subreq
;
145 struct wb_groups_members_state
*state
;
148 req
= tevent_req_create(mem_ctx
, &state
,
149 struct wb_groups_members_state
);
154 state
->groups
= groups
;
155 state
->num_groups
= num_groups
;
156 state
->next_group
= 0;
157 state
->all_members
= NULL
;
159 status
= wb_groups_members_next_subreq(state
, state
, &subreq
);
160 if (!NT_STATUS_IS_OK(status
)) {
161 tevent_req_nterror(req
, status
);
162 return tevent_req_post(req
, ev
);
164 if (subreq
== NULL
) {
165 tevent_req_done(req
);
166 return tevent_req_post(req
, ev
);
168 tevent_req_set_callback(subreq
, wb_groups_members_done
, req
);
172 static NTSTATUS
wb_groups_members_next_subreq(
173 struct wb_groups_members_state
*state
,
174 TALLOC_CTX
*mem_ctx
, struct tevent_req
**psubreq
)
176 struct tevent_req
*subreq
;
177 struct wbint_Principal
*g
;
179 if (state
->next_group
>= state
->num_groups
) {
184 g
= &state
->groups
[state
->next_group
];
185 state
->next_group
+= 1;
187 subreq
= wb_lookupgroupmem_send(mem_ctx
, state
->ev
, &g
->sid
, g
->type
);
188 if (subreq
== NULL
) {
189 return NT_STATUS_NO_MEMORY
;
195 static void wb_groups_members_done(struct tevent_req
*subreq
)
197 struct tevent_req
*req
= tevent_req_callback_data(
198 subreq
, struct tevent_req
);
199 struct wb_groups_members_state
*state
= tevent_req_data(
200 req
, struct wb_groups_members_state
);
201 int i
, num_all_members
;
203 struct wbint_Principal
*members
= NULL
;
206 status
= wb_lookupgroupmem_recv(subreq
, state
, &num_members
,
211 * In this error handling here we might have to be a bit more generous
212 * and just continue if an error occured.
215 if (!NT_STATUS_IS_OK(status
)) {
216 if (!NT_STATUS_EQUAL(
217 status
, NT_STATUS_TRUSTED_DOMAIN_FAILURE
)) {
218 tevent_req_nterror(req
, status
);
224 num_all_members
= talloc_array_length(state
->all_members
);
226 state
->all_members
= talloc_realloc(
227 state
, state
->all_members
, struct wbint_Principal
,
228 num_all_members
+ num_members
);
229 if ((num_all_members
+ num_members
!= 0)
230 && tevent_req_nomem(state
->all_members
, req
)) {
233 for (i
=0; i
<num_members
; i
++) {
234 struct wbint_Principal
*src
, *dst
;
236 dst
= &state
->all_members
[num_all_members
+ i
];
237 sid_copy(&dst
->sid
, &src
->sid
);
238 dst
->name
= talloc_move(state
->all_members
, &src
->name
);
239 dst
->type
= src
->type
;
241 TALLOC_FREE(members
);
243 status
= wb_groups_members_next_subreq(state
, state
, &subreq
);
244 if (!NT_STATUS_IS_OK(status
)) {
245 tevent_req_nterror(req
, status
);
248 if (subreq
== NULL
) {
249 tevent_req_done(req
);
252 tevent_req_set_callback(subreq
, wb_groups_members_done
, req
);
255 static NTSTATUS
wb_groups_members_recv(struct tevent_req
*req
,
258 struct wbint_Principal
**members
)
260 struct wb_groups_members_state
*state
= tevent_req_data(
261 req
, struct wb_groups_members_state
);
264 if (tevent_req_is_nterror(req
, &status
)) {
267 *num_members
= talloc_array_length(state
->all_members
);
268 *members
= talloc_move(mem_ctx
, &state
->all_members
);
274 * This is the routine expanding a list of groups up to a certain level. We
275 * collect the users in a talloc_dict: We have to add them without duplicates,
276 * and and talloc_dict is an indexed (here indexed by SID) data structure.
279 struct wb_group_members_state
{
280 struct tevent_context
*ev
;
282 struct talloc_dict
*users
;
283 struct wbint_Principal
*groups
;
286 static NTSTATUS
wb_group_members_next_subreq(
287 struct wb_group_members_state
*state
,
288 TALLOC_CTX
*mem_ctx
, struct tevent_req
**psubreq
);
289 static void wb_group_members_done(struct tevent_req
*subreq
);
291 struct tevent_req
*wb_group_members_send(TALLOC_CTX
*mem_ctx
,
292 struct tevent_context
*ev
,
293 const struct dom_sid
*sid
,
294 enum lsa_SidType type
,
297 struct tevent_req
*req
, *subreq
;
298 struct wb_group_members_state
*state
;
301 req
= tevent_req_create(mem_ctx
, &state
,
302 struct wb_group_members_state
);
307 state
->depth
= max_depth
;
308 state
->users
= talloc_dict_init(state
);
309 if (tevent_req_nomem(state
->users
, req
)) {
310 return tevent_req_post(req
, ev
);
313 state
->groups
= talloc(state
, struct wbint_Principal
);
314 if (tevent_req_nomem(state
->groups
, req
)) {
315 return tevent_req_post(req
, ev
);
317 state
->groups
->name
= NULL
;
318 sid_copy(&state
->groups
->sid
, sid
);
319 state
->groups
->type
= type
;
321 status
= wb_group_members_next_subreq(state
, state
, &subreq
);
322 if (!NT_STATUS_IS_OK(status
)) {
323 tevent_req_nterror(req
, status
);
324 return tevent_req_post(req
, ev
);
326 if (subreq
== NULL
) {
327 tevent_req_done(req
);
328 return tevent_req_post(req
, ev
);
330 tevent_req_set_callback(subreq
, wb_group_members_done
, req
);
334 static NTSTATUS
wb_group_members_next_subreq(
335 struct wb_group_members_state
*state
,
336 TALLOC_CTX
*mem_ctx
, struct tevent_req
**psubreq
)
338 struct tevent_req
*subreq
;
340 if ((talloc_array_length(state
->groups
) == 0)
341 || (state
->depth
<= 0)) {
347 subreq
= wb_groups_members_send(
348 mem_ctx
, state
->ev
, talloc_array_length(state
->groups
),
350 if (subreq
== NULL
) {
351 return NT_STATUS_NO_MEMORY
;
357 static void wb_group_members_done(struct tevent_req
*subreq
)
359 struct tevent_req
*req
= tevent_req_callback_data(
360 subreq
, struct tevent_req
);
361 struct wb_group_members_state
*state
= tevent_req_data(
362 req
, struct wb_group_members_state
);
363 int i
, num_groups
, new_users
, new_groups
;
365 struct wbint_Principal
*members
= NULL
;
368 status
= wb_groups_members_recv(subreq
, state
, &num_members
, &members
);
370 if (!NT_STATUS_IS_OK(status
)) {
371 tevent_req_nterror(req
, status
);
375 new_users
= new_groups
= 0;
376 for (i
=0; i
<num_members
; i
++) {
377 switch (members
[i
].type
) {
378 case SID_NAME_DOM_GRP
:
380 case SID_NAME_WKN_GRP
:
384 /* Ignore everything else */
390 TALLOC_FREE(state
->groups
);
391 state
->groups
= talloc_array(state
, struct wbint_Principal
,
395 * Collect the users into state->users and the groups into
396 * state->groups for the next iteration.
399 for (i
=0; i
<num_members
; i
++) {
400 switch (members
[i
].type
) {
402 case SID_NAME_COMPUTER
: {
404 * Add a copy of members[i] to state->users
406 struct wbint_Principal
*m
;
410 m
= talloc(talloc_tos(), struct wbint_Principal
);
411 if (tevent_req_nomem(m
, req
)) {
414 sid_copy(&m
->sid
, &members
[i
].sid
);
415 m
->name
= talloc_move(m
, &members
[i
].name
);
416 m
->type
= members
[i
].type
;
418 sid
= &members
[i
].sid
;
419 key
= data_blob_const(
420 sid
, ndr_size_dom_sid(sid
, NULL
, 0));
422 if (!talloc_dict_set(state
->users
, key
, &m
)) {
423 tevent_req_nterror(req
, NT_STATUS_NO_MEMORY
);
428 case SID_NAME_DOM_GRP
:
430 case SID_NAME_WKN_GRP
: {
431 struct wbint_Principal
*g
;
433 * Save members[i] for the next round
435 g
= &state
->groups
[num_groups
];
436 sid_copy(&g
->sid
, &members
[i
].sid
);
437 g
->name
= talloc_move(state
->groups
, &members
[i
].name
);
438 g
->type
= members
[i
].type
;
443 /* Ignore everything else */
448 status
= wb_group_members_next_subreq(state
, state
, &subreq
);
449 if (!NT_STATUS_IS_OK(status
)) {
450 tevent_req_nterror(req
, status
);
453 if (subreq
== NULL
) {
454 tevent_req_done(req
);
457 tevent_req_set_callback(subreq
, wb_group_members_done
, req
);
460 NTSTATUS
wb_group_members_recv(struct tevent_req
*req
, TALLOC_CTX
*mem_ctx
,
461 struct talloc_dict
**members
)
463 struct wb_group_members_state
*state
= tevent_req_data(
464 req
, struct wb_group_members_state
);
467 if (tevent_req_is_nterror(req
, &status
)) {
470 *members
= talloc_move(mem_ctx
, &state
->users
);