search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
werror: replace WERR_NO_SUCH_SHARE with WERR_BAD_NET_NAME in source3/rpc_server/srvsv...
[Samba.git] / source3 / winbindd / winbindd_misc.c
blobfab41a14d0d88af473039f3250a0b4a58474fa6d
1 /*
2 Unix SMB/CIFS implementation.
3
4 Winbind daemon - miscellaneous other functions
5
6 Copyright (C) Tim Potter 2000
7 Copyright (C) Andrew Bartlett 2002
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "winbindd.h"
25 #include "libcli/security/dom_sid.h"
26
27 #undef DBGC_CLASS
28 #define DBGC_CLASS DBGC_WINBIND
29
30 /* Constants and helper functions for determining domain trust types */
31
32 enum trust_type {
33 EXTERNAL = 0,
34 FOREST,
35 IN_FOREST,
36 NONE,
37 };
38
39 const char *trust_type_strings[] = {"External",
40 "Forest",
41 "In Forest",
42 "None"};
43
44 static enum trust_type get_trust_type(struct winbindd_tdc_domain *domain)
45 {
46 if (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN)
47 return EXTERNAL;
48 else if (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)
49 return FOREST;
50 else if (((domain->trust_flags & NETR_TRUST_FLAG_IN_FOREST) == NETR_TRUST_FLAG_IN_FOREST) &&
51 ((domain->trust_flags & NETR_TRUST_FLAG_PRIMARY) == 0x0))
52 return IN_FOREST;
53 return NONE;
54 }
55
56 static const char *get_trust_type_string(struct winbindd_tdc_domain *domain)
57 {
58 return trust_type_strings[get_trust_type(domain)];
59 }
60
61 static bool trust_is_inbound(struct winbindd_tdc_domain *domain)
62 {
63 return (domain->trust_flags == 0x0) ||
64 ((domain->trust_flags & NETR_TRUST_FLAG_IN_FOREST) ==
65 NETR_TRUST_FLAG_IN_FOREST) ||
66 ((domain->trust_flags & NETR_TRUST_FLAG_INBOUND) ==
67 NETR_TRUST_FLAG_INBOUND);
68 }
69
70 static bool trust_is_outbound(struct winbindd_tdc_domain *domain)
71 {
72 return (domain->trust_flags == 0x0) ||
73 ((domain->trust_flags & NETR_TRUST_FLAG_IN_FOREST) ==
74 NETR_TRUST_FLAG_IN_FOREST) ||
75 ((domain->trust_flags & NETR_TRUST_FLAG_OUTBOUND) ==
76 NETR_TRUST_FLAG_OUTBOUND);
77 }
78
79 static bool trust_is_transitive(struct winbindd_tdc_domain *domain)
80 {
81 if ((domain->trust_attribs == LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE) ||
82 (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) ||
83 (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL))
84 return False;
85 return True;
86 }
87
88 void winbindd_list_trusted_domains(struct winbindd_cli_state *state)
89 {
90 struct winbindd_tdc_domain *dom_list = NULL;
91 size_t num_domains = 0;
92 int extra_data_len = 0;
93 char *extra_data = NULL;
94 int i = 0;
95
96 DEBUG(3, ("[%5lu]: list trusted domains\n",
97 (unsigned long)state->pid));
98
99 if( !wcache_tdc_fetch_list( &dom_list, &num_domains )) {
100 request_error(state);
101 goto done;
102 }
103
104 extra_data = talloc_strdup(state->mem_ctx, "");
105 if (extra_data == NULL) {
106 request_error(state);
107 goto done;
108 }
109
110 for ( i = 0; i < num_domains; i++ ) {
111 struct winbindd_domain *domain;
112 bool is_online = true;
113 struct winbindd_tdc_domain *d = NULL;
114
115 d = &dom_list[i];
116 domain = find_domain_from_name_noinit(d->domain_name);
117 if (domain) {
118 is_online = domain->online;
119 }
120 extra_data = talloc_asprintf_append_buffer(
121 extra_data,
122 "%s\\%s\\%s\\%s\\%s\\%s\\%s\\%s\n",
123 d->domain_name,
124 d->dns_name ? d->dns_name : "",
125 sid_string_talloc(state->mem_ctx, &d->sid),
126 get_trust_type_string(d),
127 trust_is_transitive(d) ? "Yes" : "No",
128 trust_is_inbound(d) ? "Yes" : "No",
129 trust_is_outbound(d) ? "Yes" : "No",
130 is_online ? "Online" : "Offline" );
131 }
132
133 state->response->data.num_entries = num_domains;
134
135 extra_data_len = strlen(extra_data);
136 if (extra_data_len > 0) {
137
138 /* Strip the last \n */
139 extra_data[extra_data_len-1] = '\0';
140
141 state->response->extra_data.data = extra_data;
142 state->response->length += extra_data_len;
143 }
144
145 request_ok(state);
146 done:
147 TALLOC_FREE( dom_list );
148 }
149
150 enum winbindd_result winbindd_dual_list_trusted_domains(struct winbindd_domain *domain,
151 struct winbindd_cli_state *state)
152 {
153 int i;
154 int extra_data_len = 0;
155 char *extra_data;
156 NTSTATUS result;
157 bool have_own_domain = False;
158 struct netr_DomainTrustList trusts;
159
160 DEBUG(3, ("[%5lu]: list trusted domains\n",
161 (unsigned long)state->pid));
162
163 result = domain->methods->trusted_domains(domain, state->mem_ctx,
164 &trusts);
165
166 if (!NT_STATUS_IS_OK(result)) {
167 DEBUG(3, ("winbindd_dual_list_trusted_domains: trusted_domains returned %s\n",
168 nt_errstr(result) ));
169 return WINBINDD_ERROR;
170 }
171
172 extra_data = talloc_strdup(state->mem_ctx, "");
173
174 for (i=0; i<trusts.count; i++) {
175
176 if (trusts.array[i].sid == NULL) {
177 continue;
178 }
179 if (dom_sid_equal(trusts.array[i].sid, &global_sid_NULL)) {
180 continue;
181 }
182
183 extra_data = talloc_asprintf_append_buffer(
184 extra_data, "%s\\%s\\%s\\%u\\%u\\%u\n",
185 trusts.array[i].netbios_name, trusts.array[i].dns_name,
186 sid_string_talloc(state->mem_ctx, trusts.array[i].sid),
187 trusts.array[i].trust_flags,
188 (uint32_t)trusts.array[i].trust_type,
189 trusts.array[i].trust_attributes);
190 }
191
192 /* add our primary domain */
193
194 for (i=0; i<trusts.count; i++) {
195 if (strequal(trusts.array[i].netbios_name, domain->name)) {
196 have_own_domain = True;
197 break;
198 }
199 }
200
201 if (state->request->data.list_all_domains && !have_own_domain) {
202 extra_data = talloc_asprintf_append_buffer(
203 extra_data, "%s\\%s\\%s\n", domain->name,
204 domain->alt_name != NULL ?
205 domain->alt_name :
206 domain->name,
207 sid_string_talloc(state->mem_ctx, &domain->sid));
208 }
209
210 extra_data_len = strlen(extra_data);
211 if (extra_data_len > 0) {
212
213 /* Strip the last \n */
214 extra_data[extra_data_len-1] = '\0';
215
216 state->response->extra_data.data = extra_data;
217 state->response->length += extra_data_len;
218 }
219
220 return WINBINDD_OK;
221 }
222
223 struct domain_info_state {
224 struct winbindd_domain *domain;
225 struct winbindd_cli_state *cli;
226 struct winbindd_request ping_request;
227 };
228
229 static void domain_info_done(struct tevent_req *req);
230
231 void winbindd_domain_info(struct winbindd_cli_state *cli)
232 {
233 struct domain_info_state *state;
234 struct winbindd_domain *domain;
235 struct tevent_req *req;
236
237 DEBUG(3, ("[%5lu]: domain_info [%s]\n", (unsigned long)cli->pid,
238 cli->request->domain_name));
239
240 domain = find_domain_from_name_noinit(cli->request->domain_name);
241
242 if (domain == NULL) {
243 DEBUG(3, ("Did not find domain [%s]\n",
244 cli->request->domain_name));
245 request_error(cli);
246 return;
247 }
248
249 if (domain->initialized) {
250 fstrcpy(cli->response->data.domain_info.name,
251 domain->name);
252 fstrcpy(cli->response->data.domain_info.alt_name,
253 domain->alt_name);
254 sid_to_fstring(cli->response->data.domain_info.sid,
255 &domain->sid);
256 cli->response->data.domain_info.native_mode =
257 domain->native_mode;
258 cli->response->data.domain_info.active_directory =
259 domain->active_directory;
260 cli->response->data.domain_info.primary =
261 domain->primary;
262 request_ok(cli);
263 return;
264 }
265
266 state = talloc_zero(cli->mem_ctx, struct domain_info_state);
267 if (state == NULL) {
268 DEBUG(0, ("talloc failed\n"));
269 request_error(cli);
270 return;
271 }
272
273 state->cli = cli;
274 state->domain = domain;
275 state->ping_request.cmd = WINBINDD_PING;
276
277 /*
278 * Send a ping down. This implicitly initializes the domain.
279 */
280
281 req = wb_domain_request_send(state, winbind_event_context(),
282 domain, &state->ping_request);
283 if (req == NULL) {
284 DEBUG(3, ("wb_domain_request_send failed\n"));
285 request_error(cli);
286 return;
287 }
288 tevent_req_set_callback(req, domain_info_done, state);
289 }
290
291 static void domain_info_done(struct tevent_req *req)
292 {
293 struct domain_info_state *state = tevent_req_callback_data(
294 req, struct domain_info_state);
295 struct winbindd_response *response;
296 int ret, err;
297
298 ret = wb_domain_request_recv(req, req, &response, &err);
299 TALLOC_FREE(req);
300 if (ret == -1) {
301 DEBUG(10, ("wb_domain_request failed: %s\n", strerror(errno)));
302 request_error(state->cli);
303 return;
304 }
305 if (!state->domain->initialized) {
306 DEBUG(5, ("wb_domain_request did not initialize domain %s\n",
307 state->domain->name));
308 request_error(state->cli);
309 return;
310 }
311
312 fstrcpy(state->cli->response->data.domain_info.name,
313 state->domain->name);
314 fstrcpy(state->cli->response->data.domain_info.alt_name,
315 state->domain->alt_name);
316 sid_to_fstring(state->cli->response->data.domain_info.sid,
317 &state->domain->sid);
318
319 state->cli->response->data.domain_info.native_mode =
320 state->domain->native_mode;
321 state->cli->response->data.domain_info.active_directory =
322 state->domain->active_directory;
323 state->cli->response->data.domain_info.primary =
324 state->domain->primary;
325
326 request_ok(state->cli);
327 }
328
329 void winbindd_dc_info(struct winbindd_cli_state *cli)
330 {
331 struct winbindd_domain *domain;
332 char *dc_name, *dc_ip;
333
334 cli->request->domain_name[sizeof(cli->request->domain_name)-1] = '\0';
335
336 DEBUG(3, ("[%5lu]: domain_info [%s]\n", (unsigned long)cli->pid,
337 cli->request->domain_name));
338
339 if (cli->request->domain_name[0] != '\0') {
340 domain = find_domain_from_name_noinit(
341 cli->request->domain_name);
342 DEBUG(10, ("Could not find domain %s\n",
343 cli->request->domain_name));
344 if (domain == NULL) {
345 request_error(cli);
346 return;
347 }
348 } else {
349 domain = find_our_domain();
350 }
351
352 if (!fetch_current_dc_from_gencache(
353 talloc_tos(), domain->name, &dc_name, &dc_ip)) {
354 DEBUG(10, ("fetch_current_dc_from_gencache(%s) failed\n",
355 domain->name));
356 request_error(cli);
357 return;
358 }
359
360 cli->response->data.num_entries = 1;
361 cli->response->extra_data.data = talloc_asprintf(
362 cli->mem_ctx, "%s\n%s\n", dc_name, dc_ip);
363
364 TALLOC_FREE(dc_name);
365 TALLOC_FREE(dc_ip);
366
367 if (cli->response->extra_data.data == NULL) {
368 request_error(cli);
369 return;
370 }
371
372 /* must add one to length to copy the 0 for string termination */
373 cli->response->length +=
374 strlen((char *)cli->response->extra_data.data) + 1;
375
376 request_ok(cli);
377 }
378
379 /* List various tidbits of information */
380
381 void winbindd_info(struct winbindd_cli_state *state)
382 {
383
384 DEBUG(3, ("[%5lu]: request misc info\n", (unsigned long)state->pid));
385
386 state->response->data.info.winbind_separator = *lp_winbind_separator();
387 fstrcpy(state->response->data.info.samba_version, samba_version_string());
388 request_ok(state);
389 }
390
391 /* Tell the client the current interface version */
392
393 void winbindd_interface_version(struct winbindd_cli_state *state)
394 {
395 DEBUG(3, ("[%5lu]: request interface version (version = %d)\n",
396 (unsigned long)state->pid, WINBIND_INTERFACE_VERSION));
397
398 state->response->data.interface_version = WINBIND_INTERFACE_VERSION;
399 request_ok(state);
400 }
401
402 /* What domain are we a member of? */
403
404 void winbindd_domain_name(struct winbindd_cli_state *state)
405 {
406 DEBUG(3, ("[%5lu]: request domain name\n", (unsigned long)state->pid));
407
408 fstrcpy(state->response->data.domain_name, lp_workgroup());
409 request_ok(state);
410 }
411
412 /* What's my name again? */
413
414 void winbindd_netbios_name(struct winbindd_cli_state *state)
415 {
416 DEBUG(3, ("[%5lu]: request netbios name\n",
417 (unsigned long)state->pid));
418
419 fstrcpy(state->response->data.netbios_name, lp_netbios_name());
420 request_ok(state);
421 }
422
423 /* Where can I find the privileged pipe? */
424
425 void winbindd_priv_pipe_dir(struct winbindd_cli_state *state)
426 {
427 char *priv_dir;
428 DEBUG(3, ("[%5lu]: request location of privileged pipe\n",
429 (unsigned long)state->pid));
430
431 priv_dir = get_winbind_priv_pipe_dir();
432 state->response->extra_data.data = talloc_move(state->mem_ctx,
433 &priv_dir);
434
435 /* must add one to length to copy the 0 for string termination */
436 state->response->length +=
437 strlen((char *)state->response->extra_data.data) + 1;
438
439 request_ok(state);
440 }
441
Samba GIT mirror