s3:rpc_server: minor refactoring of process_request_pdu()
[Samba.git] / source3 / winbindd / wb_fill_pwent.c
blobc1f83e5e914e122a38183562801f8088e65916e6
1 /*
2 Unix SMB/CIFS implementation.
3 async fill_pwent
4 Copyright (C) Volker Lendecke 2009
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "includes.h"
21 #include "winbindd.h"
22 #include "librpc/gen_ndr/ndr_wbint_c.h"
24 struct wb_fill_pwent_state {
25 struct tevent_context *ev;
26 struct wbint_userinfo *info;
27 struct winbindd_pw *pw;
30 static bool fillup_pw_field(const char *lp_template,
31 const char *username,
32 const char *grpname,
33 const char *domname,
34 uid_t uid,
35 gid_t gid,
36 const char *in,
37 fstring out);
39 static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq);
40 static void wb_fill_pwent_getgrsid_done(struct tevent_req *subreq);
42 struct tevent_req *wb_fill_pwent_send(TALLOC_CTX *mem_ctx,
43 struct tevent_context *ev,
44 struct wbint_userinfo *info,
45 struct winbindd_pw *pw)
47 struct tevent_req *req, *subreq;
48 struct wb_fill_pwent_state *state;
50 req = tevent_req_create(mem_ctx, &state, struct wb_fill_pwent_state);
51 if (req == NULL) {
52 return NULL;
54 state->ev = ev;
55 state->info = info;
56 state->pw = pw;
58 subreq = wb_sids2xids_send(state, state->ev, &state->info->user_sid, 1);
59 if (tevent_req_nomem(subreq, req)) {
60 return tevent_req_post(req, ev);
62 tevent_req_set_callback(subreq, wb_fill_pwent_sid2uid_done, req);
63 return req;
66 static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq)
68 struct tevent_req *req = tevent_req_callback_data(
69 subreq, struct tevent_req);
70 struct wb_fill_pwent_state *state = tevent_req_data(
71 req, struct wb_fill_pwent_state);
72 NTSTATUS status;
73 struct unixid xid;
75 status = wb_sids2xids_recv(subreq, &xid);
76 TALLOC_FREE(subreq);
77 if (tevent_req_nterror(req, status)) {
78 return;
82 * We are filtering further down in sids2xids, but that filtering
83 * depends on the actual type of the sid handed in (as determined
84 * by lookupsids). Here we need to filter for the type of object
85 * actually requested, in this case uid.
87 if (!(xid.type == ID_TYPE_UID || xid.type == ID_TYPE_BOTH)) {
88 tevent_req_nterror(req, NT_STATUS_NONE_MAPPED);
89 return;
92 state->pw->pw_uid = (uid_t)xid.id;
94 subreq = wb_getgrsid_send(state, state->ev, &state->info->group_sid, 0);
95 if (tevent_req_nomem(subreq, req)) {
96 return;
98 tevent_req_set_callback(subreq, wb_fill_pwent_getgrsid_done, req);
101 static void wb_fill_pwent_getgrsid_done(struct tevent_req *subreq)
103 struct tevent_req *req = tevent_req_callback_data(
104 subreq, struct tevent_req);
105 struct wb_fill_pwent_state *state = tevent_req_data(
106 req, struct wb_fill_pwent_state);
107 struct winbindd_domain *domain;
108 const char *dom_name;
109 const char *grp_name;
110 fstring user_name, output_username;
111 char *mapped_name = NULL;
112 struct talloc_dict *members;
113 TALLOC_CTX *tmp_ctx = talloc_stackframe();
114 NTSTATUS status;
115 bool ok;
117 /* xid handling is done in getgrsid() */
118 status = wb_getgrsid_recv(subreq,
119 tmp_ctx,
120 &dom_name,
121 &grp_name,
122 &state->pw->pw_gid,
123 &members);
124 TALLOC_FREE(subreq);
125 if (tevent_req_nterror(req, status)) {
126 talloc_free(tmp_ctx);
127 return;
130 domain = find_domain_from_sid_noinit(&state->info->user_sid);
131 if (domain == NULL) {
132 talloc_free(tmp_ctx);
133 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
134 return;
136 dom_name = domain->name;
138 /* Username */
140 fstrcpy(user_name, state->info->acct_name);
141 if (!strlower_m(user_name)) {
142 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
143 return;
145 status = normalize_name_map(state, domain, user_name, &mapped_name);
147 /* Basic removal of whitespace */
148 if (NT_STATUS_IS_OK(status)) {
149 fill_domain_username(output_username, dom_name, mapped_name,
150 true);
152 /* Complete name replacement */
153 else if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_RENAMED)) {
154 fstrcpy(output_username, mapped_name);
156 /* No change at all */
157 else {
158 fill_domain_username(output_username, dom_name, user_name,
159 true);
162 strlcpy(state->pw->pw_name,
163 output_username,
164 sizeof(state->pw->pw_name));
165 fstrcpy(state->pw->pw_gecos, state->info->full_name);
167 /* Home directory and shell */
168 ok = fillup_pw_field(lp_template_homedir(),
169 user_name,
170 grp_name,
171 dom_name,
172 state->pw->pw_uid,
173 state->pw->pw_gid,
174 state->info->homedir,
175 state->pw->pw_dir);
176 if (!ok) {
177 talloc_free(tmp_ctx);
178 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
179 return;
182 ok = fillup_pw_field(lp_template_shell(),
183 user_name,
184 grp_name,
185 dom_name,
186 state->pw->pw_uid,
187 state->pw->pw_gid,
188 state->info->shell,
189 state->pw->pw_shell);
190 talloc_free(tmp_ctx);
191 if (!ok) {
192 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
193 return;
196 /* Password - set to "*" as we can't generate anything useful here.
197 Authentication can be done using the pam_winbind module. */
199 fstrcpy(state->pw->pw_passwd, "*");
200 tevent_req_done(req);
203 NTSTATUS wb_fill_pwent_recv(struct tevent_req *req)
205 return tevent_req_simple_recv_ntstatus(req);
208 static bool fillup_pw_field(const char *lp_template,
209 const char *username,
210 const char *grpname,
211 const char *domname,
212 uid_t uid,
213 gid_t gid,
214 const char *in,
215 fstring out)
217 const char *templ;
218 char *result;
220 if (out == NULL)
221 return False;
223 templ = lp_template;
225 if ((in != NULL) && (in[0] != '\0') && (lp_security() == SEC_ADS)) {
227 * The backend has already filled in the required value. Use
228 * that instead of the template.
230 templ = in;
233 result = talloc_sub_specified(talloc_tos(), templ,
234 username, grpname, domname,
235 uid, gid);
236 if (result == NULL) {
237 return False;
240 fstrcpy(out, templ);
241 TALLOC_FREE(result);
243 return True;