Fix bug 8636 - When returning an ACL without SECINFO_DACL requested, we still set...
[Samba.git] / source3 / winbindd / wb_fill_pwent.c
blob8f094802a90df5a127df794c0888de2fbc319bfe
1 /*
2 Unix SMB/CIFS implementation.
3 async fill_pwent
4 Copyright (C) Volker Lendecke 2009
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "includes.h"
21 #include "winbindd.h"
22 #include "librpc/gen_ndr/ndr_wbint_c.h"
24 struct wb_fill_pwent_state {
25 struct tevent_context *ev;
26 struct wbint_userinfo *info;
27 struct winbindd_pw *pw;
30 static bool fillup_pw_field(const char *lp_template,
31 const char *username,
32 const char *domname,
33 uid_t uid,
34 gid_t gid,
35 const char *in,
36 fstring out);
38 static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq);
39 static void wb_fill_pwent_sid2gid_done(struct tevent_req *subreq);
41 struct tevent_req *wb_fill_pwent_send(TALLOC_CTX *mem_ctx,
42 struct tevent_context *ev,
43 struct wbint_userinfo *info,
44 struct winbindd_pw *pw)
46 struct tevent_req *req, *subreq;
47 struct wb_fill_pwent_state *state;
49 req = tevent_req_create(mem_ctx, &state, struct wb_fill_pwent_state);
50 if (req == NULL) {
51 return NULL;
53 state->ev = ev;
54 state->info = info;
55 state->pw = pw;
57 subreq = wb_sid2uid_send(state, state->ev, &state->info->user_sid);
58 if (tevent_req_nomem(subreq, req)) {
59 return tevent_req_post(req, ev);
61 tevent_req_set_callback(subreq, wb_fill_pwent_sid2uid_done, req);
62 return req;
65 static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq)
67 struct tevent_req *req = tevent_req_callback_data(
68 subreq, struct tevent_req);
69 struct wb_fill_pwent_state *state = tevent_req_data(
70 req, struct wb_fill_pwent_state);
71 NTSTATUS status;
73 status = wb_sid2uid_recv(subreq, &state->pw->pw_uid);
74 TALLOC_FREE(subreq);
75 if (tevent_req_nterror(req, status)) {
76 return;
79 subreq = wb_sid2gid_send(state, state->ev, &state->info->group_sid);
80 if (tevent_req_nomem(subreq, req)) {
81 return;
83 tevent_req_set_callback(subreq, wb_fill_pwent_sid2gid_done, req);
86 static void wb_fill_pwent_sid2gid_done(struct tevent_req *subreq)
88 struct tevent_req *req = tevent_req_callback_data(
89 subreq, struct tevent_req);
90 struct wb_fill_pwent_state *state = tevent_req_data(
91 req, struct wb_fill_pwent_state);
92 struct winbindd_domain *domain;
93 char *dom_name;
94 fstring user_name, output_username;
95 char *mapped_name = NULL;
96 NTSTATUS status;
98 status = wb_sid2gid_recv(subreq, &state->pw->pw_gid);
99 TALLOC_FREE(subreq);
100 if (tevent_req_nterror(req, status)) {
101 return;
104 domain = find_domain_from_sid_noinit(&state->info->user_sid);
105 if (domain == NULL) {
106 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
107 return;
109 dom_name = domain->name;
111 /* Username */
113 fstrcpy(user_name, state->info->acct_name);
114 strlower_m(user_name);
115 status = normalize_name_map(state, domain, user_name, &mapped_name);
117 /* Basic removal of whitespace */
118 if (NT_STATUS_IS_OK(status)) {
119 fill_domain_username(output_username, dom_name, mapped_name,
120 true);
122 /* Complete name replacement */
123 else if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_RENAMED)) {
124 fstrcpy(output_username, mapped_name);
126 /* No change at all */
127 else {
128 fill_domain_username(output_username, dom_name, user_name,
129 true);
132 fstrcpy(state->pw->pw_name, output_username);
133 fstrcpy(state->pw->pw_gecos, state->info->full_name);
135 /* Home directory and shell */
137 if (!fillup_pw_field(lp_template_homedir(), user_name, dom_name,
138 state->pw->pw_uid, state->pw->pw_gid,
139 state->info->homedir, state->pw->pw_dir)) {
140 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
141 return;
144 if (!fillup_pw_field(lp_template_shell(), user_name, dom_name,
145 state->pw->pw_uid, state->pw->pw_gid,
146 state->info->shell, state->pw->pw_shell)) {
147 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
148 return;
151 /* Password - set to "*" as we can't generate anything useful here.
152 Authentication can be done using the pam_winbind module. */
154 fstrcpy(state->pw->pw_passwd, "*");
155 tevent_req_done(req);
158 NTSTATUS wb_fill_pwent_recv(struct tevent_req *req)
160 return tevent_req_simple_recv_ntstatus(req);
163 static bool fillup_pw_field(const char *lp_template,
164 const char *username,
165 const char *domname,
166 uid_t uid,
167 gid_t gid,
168 const char *in,
169 fstring out)
171 char *templ;
173 if (out == NULL)
174 return False;
176 /* The substitution of %U and %D in the 'template
177 homedir' is done by talloc_sub_specified() below.
178 If we have an in string (which means the value has already
179 been set in the nss_info backend), then use that.
180 Otherwise use the template value passed in. */
182 if ((in != NULL) && (in[0] != '\0') && (lp_security() == SEC_ADS)) {
183 templ = talloc_sub_specified(talloc_tos(), in,
184 username, domname,
185 uid, gid);
186 } else {
187 templ = talloc_sub_specified(talloc_tos(), lp_template,
188 username, domname,
189 uid, gid);
192 if (!templ)
193 return False;
195 safe_strcpy(out, templ, sizeof(fstring) - 1);
196 TALLOC_FREE(templ);
198 return True;