search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3:pylibsmb: allow ImpersonationLevel argument to create()
[Samba.git] / nsswitch / winbind_nss_linux.c
blob4ab10b90f4f70579ece694c581c9040e0d459d85
1 /*
2 Unix SMB/CIFS implementation.
3
4 Windows NT Domain nsswitch module
5
6 Copyright (C) Tim Potter 2000
7
8 This library is free software; you can redistribute it and/or
9 modify it under the terms of the GNU Lesser General Public
10 License as published by the Free Software Foundation; either
11 version 3 of the License, or (at your option) any later version.
12
13 This library is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Library General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "winbind_client.h"
23
24 #ifdef HAVE_PTHREAD_H
25 #include <pthread.h>
26 #endif
27
28 #ifdef HAVE_PTHREAD
29 static pthread_mutex_t winbind_nss_mutex = PTHREAD_MUTEX_INITIALIZER;
30 #endif
31
32 /* Maximum number of users to pass back over the unix domain socket
33 per call. This is not a static limit on the total number of users
34 or groups returned in total. */
35
36 #define MAX_GETPWENT_USERS 250
37 #define MAX_GETGRENT_USERS 250
38
39 /*************************************************************************
40 ************************************************************************/
41
42 #ifdef DEBUG_NSS
43 static const char *nss_err_str(NSS_STATUS ret)
44 {
45 switch (ret) {
46 case NSS_STATUS_TRYAGAIN:
47 return "NSS_STATUS_TRYAGAIN";
48 case NSS_STATUS_SUCCESS:
49 return "NSS_STATUS_SUCCESS";
50 case NSS_STATUS_NOTFOUND:
51 return "NSS_STATUS_NOTFOUND";
52 case NSS_STATUS_UNAVAIL:
53 return "NSS_STATUS_UNAVAIL";
54 #ifdef NSS_STATUS_RETURN
55 case NSS_STATUS_RETURN:
56 return "NSS_STATUS_RETURN";
57 #endif
58 default:
59 return "UNKNOWN RETURN CODE!!!!!!!";
60 }
61 }
62 #endif
63
64 /* Prototypes from wb_common.c */
65
66 /* Allocate some space from the nss static buffer. The buffer and buflen
67 are the pointers passed in by the C library to the _nss_ntdom_*
68 functions. */
69
70 static char *get_static(char **buffer, size_t *buflen, size_t len)
71 {
72 char *result;
73
74 /* Error check. We return false if things aren't set up right, or
75 there isn't enough buffer space left. */
76
77 if ((buffer == NULL) || (buflen == NULL) || (*buflen < len)) {
78 return NULL;
79 }
80
81 /* Return an index into the static buffer */
82
83 result = *buffer;
84 *buffer += len;
85 *buflen -= len;
86
87 return result;
88 }
89
90 /* I've copied the strtok() replacement function next_token_Xalloc() from
91 lib/util_str.c as I really don't want to have to link in any other
92 objects if I can possibly avoid it. */
93
94 static bool next_token_alloc(const char **ptr,
95 char **pp_buff,
96 const char *sep)
97 {
98 const char *s;
99 const char *saved_s;
100 char *pbuf;
101 bool quoted;
102 size_t len=1;
103
104 *pp_buff = NULL;
105 if (!ptr) {
106 return(false);
107 }
108
109 s = *ptr;
110
111 /* default to simple separators */
112 if (!sep) {
113 sep = " \t\n\r";
114 }
115
116 /* find the first non sep char */
117 while (*s && strchr(sep,*s)) {
118 s++;
119 }
120
121 /* nothing left? */
122 if (!*s) {
123 return false;
124 }
125
126 /* When restarting we need to go from here. */
127 saved_s = s;
128
129 /* Work out the length needed. */
130 for (quoted = false; *s &&
131 (quoted || !strchr(sep,*s)); s++) {
132 if (*s == '\"') {
133 quoted = !quoted;
134 } else {
135 len++;
136 }
137 }
138
139 /* We started with len = 1 so we have space for the nul. */
140 *pp_buff = (char *)malloc(len);
141 if (!*pp_buff) {
142 return false;
143 }
144
145 /* copy over the token */
146 pbuf = *pp_buff;
147 s = saved_s;
148 for (quoted = false; *s &&
149 (quoted || !strchr(sep,*s)); s++) {
150 if ( *s == '\"' ) {
151 quoted = !quoted;
152 } else {
153 *pbuf++ = *s;
154 }
155 }
156
157 *ptr = (*s) ? s+1 : s;
158 *pbuf = 0;
159
160 return true;
161 }
162
163 /* Fill a pwent structure from a winbindd_response structure. We use
164 the static data passed to us by libc to put strings and stuff in.
165 Return NSS_STATUS_TRYAGAIN if we run out of memory. */
166
167 static NSS_STATUS fill_pwent(struct passwd *result,
168 struct winbindd_pw *pw,
169 char **buffer, size_t *buflen)
170 {
171 size_t len;
172
173 /* User name */
174 len = strlen(pw->pw_name) + 1;
175
176 if ((result->pw_name =
177 get_static(buffer, buflen, len)) == NULL) {
178
179 /* Out of memory */
180
181 return NSS_STATUS_TRYAGAIN;
182 }
183
184 memcpy(result->pw_name, pw->pw_name, len);
185
186 /* Password */
187 len = strlen(pw->pw_passwd) + 1;
188
189 if ((result->pw_passwd =
190 get_static(buffer, buflen, len)) == NULL) {
191
192 /* Out of memory */
193
194 return NSS_STATUS_TRYAGAIN;
195 }
196
197 memcpy(result->pw_passwd, pw->pw_passwd, len);
198
199 /* [ug]id */
200
201 result->pw_uid = pw->pw_uid;
202 result->pw_gid = pw->pw_gid;
203
204 /* GECOS */
205 len = strlen(pw->pw_gecos) + 1;
206
207 if ((result->pw_gecos =
208 get_static(buffer, buflen, len)) == NULL) {
209
210 /* Out of memory */
211
212 return NSS_STATUS_TRYAGAIN;
213 }
214
215 memcpy(result->pw_gecos, pw->pw_gecos, len);
216
217 /* Home directory */
218 len = strlen(pw->pw_dir) + 1;
219
220 if ((result->pw_dir =
221 get_static(buffer, buflen, len)) == NULL) {
222
223 /* Out of memory */
224
225 return NSS_STATUS_TRYAGAIN;
226 }
227
228 memcpy(result->pw_dir, pw->pw_dir, len);
229
230 /* Logon shell */
231 len = strlen(pw->pw_shell) + 1;
232
233 if ((result->pw_shell =
234 get_static(buffer, buflen, len)) == NULL) {
235
236 /* Out of memory */
237
238 return NSS_STATUS_TRYAGAIN;
239 }
240
241 memcpy(result->pw_shell, pw->pw_shell, len);
242
243 /* The struct passwd for Solaris has some extra fields which must
244 be initialised or nscd crashes. */
245
246 #ifdef HAVE_PASSWD_PW_COMMENT
247 result->pw_comment = "";
248 #endif
249
250 #ifdef HAVE_PASSWD_PW_AGE
251 result->pw_age = "";
252 #endif
253
254 return NSS_STATUS_SUCCESS;
255 }
256
257 /* Fill a grent structure from a winbindd_response structure. We use
258 the static data passed to us by libc to put strings and stuff in.
259 Return NSS_STATUS_TRYAGAIN if we run out of memory. */
260
261 static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
262 const char *gr_mem, char **buffer, size_t *buflen)
263 {
264 char *name;
265 int i;
266 char *tst;
267 size_t len;
268
269 /* Group name */
270 len = strlen(gr->gr_name) + 1;
271
272 if ((result->gr_name =
273 get_static(buffer, buflen, len)) == NULL) {
274
275 /* Out of memory */
276
277 return NSS_STATUS_TRYAGAIN;
278 }
279
280 memcpy(result->gr_name, gr->gr_name, len);
281
282 /* Password */
283 len = strlen(gr->gr_passwd) + 1;
284
285 if ((result->gr_passwd =
286 get_static(buffer, buflen, len)) == NULL) {
287
288 /* Out of memory */
289 return NSS_STATUS_TRYAGAIN;
290 }
291
292 memcpy(result->gr_passwd, gr->gr_passwd, len);
293
294 /* gid */
295
296 result->gr_gid = gr->gr_gid;
297
298 /* Group membership */
299
300 if (!gr_mem) {
301 gr->num_gr_mem = 0;
302 }
303
304 /* this next value is a pointer to a pointer so let's align it */
305
306 /* Calculate number of extra bytes needed to align on pointer size boundry */
307 if ((i = (unsigned long)(*buffer) % sizeof(char*)) != 0)
308 i = sizeof(char*) - i;
309
310 if ((tst = get_static(buffer, buflen, ((gr->num_gr_mem + 1) *
311 sizeof(char *)+i))) == NULL) {
312
313 /* Out of memory */
314
315 return NSS_STATUS_TRYAGAIN;
316 }
317 result->gr_mem = (char **)(tst + i);
318
319 if (gr->num_gr_mem == 0) {
320
321 /* Group is empty */
322
323 *(result->gr_mem) = NULL;
324 return NSS_STATUS_SUCCESS;
325 }
326
327 /* Start looking at extra data */
328
329 i = 0;
330
331 while(next_token_alloc((const char **)&gr_mem, &name, ",")) {
332 /* Allocate space for member */
333 len = strlen(name) + 1;
334
335 if (((result->gr_mem)[i] =
336 get_static(buffer, buflen, len)) == NULL) {
337 free(name);
338 /* Out of memory */
339 return NSS_STATUS_TRYAGAIN;
340 }
341 memcpy((result->gr_mem)[i], name, len);
342 free(name);
343 i++;
344 }
345
346 /* Terminate list */
347
348 (result->gr_mem)[i] = NULL;
349
350 return NSS_STATUS_SUCCESS;
351 }
352
353 /*
354 * NSS user functions
355 */
356
357 static struct winbindd_response getpwent_response;
358
359 static int ndx_pw_cache; /* Current index into pwd cache */
360 static int num_pw_cache; /* Current size of pwd cache */
361
362 /* Rewind "file pointer" to start of ntdom password database */
363
364 NSS_STATUS
365 _nss_winbind_setpwent(void)
366 {
367 NSS_STATUS ret;
368 #ifdef DEBUG_NSS
369 fprintf(stderr, "[%5d]: setpwent\n", getpid());
370 #endif
371
372 #ifdef HAVE_PTHREAD
373 pthread_mutex_lock(&winbind_nss_mutex);
374 #endif
375
376 if (num_pw_cache > 0) {
377 ndx_pw_cache = num_pw_cache = 0;
378 winbindd_free_response(&getpwent_response);
379 }
380
381 winbind_set_client_name("nss_winbind");
382 ret = winbindd_request_response(NULL, WINBINDD_SETPWENT, NULL, NULL);
383 #ifdef DEBUG_NSS
384 fprintf(stderr, "[%5d]: setpwent returns %s (%d)\n", getpid(),
385 nss_err_str(ret), ret);
386 #endif
387
388 #ifdef HAVE_PTHREAD
389 pthread_mutex_unlock(&winbind_nss_mutex);
390 #endif
391 return ret;
392 }
393
394 /* Close ntdom password database "file pointer" */
395
396 NSS_STATUS
397 _nss_winbind_endpwent(void)
398 {
399 NSS_STATUS ret;
400 #ifdef DEBUG_NSS
401 fprintf(stderr, "[%5d]: endpwent\n", getpid());
402 #endif
403
404 #ifdef HAVE_PTHREAD
405 pthread_mutex_lock(&winbind_nss_mutex);
406 #endif
407
408 if (num_pw_cache > 0) {
409 ndx_pw_cache = num_pw_cache = 0;
410 winbindd_free_response(&getpwent_response);
411 }
412
413 winbind_set_client_name("nss_winbind");
414 ret = winbindd_request_response(NULL, WINBINDD_ENDPWENT, NULL, NULL);
415 #ifdef DEBUG_NSS
416 fprintf(stderr, "[%5d]: endpwent returns %s (%d)\n", getpid(),
417 nss_err_str(ret), ret);
418 #endif
419
420 #ifdef HAVE_PTHREAD
421 pthread_mutex_unlock(&winbind_nss_mutex);
422 #endif
423
424 return ret;
425 }
426
427 /* Fetch the next password entry from ntdom password database */
428
429 NSS_STATUS
430 _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
431 size_t buflen, int *errnop)
432 {
433 NSS_STATUS ret;
434 struct winbindd_request request;
435 static int called_again;
436
437 #ifdef DEBUG_NSS
438 fprintf(stderr, "[%5d]: getpwent\n", getpid());
439 #endif
440
441 #ifdef HAVE_PTHREAD
442 pthread_mutex_lock(&winbind_nss_mutex);
443 #endif
444
445 /* Return an entry from the cache if we have one, or if we are
446 called again because we exceeded our static buffer. */
447
448 if ((ndx_pw_cache < num_pw_cache) || called_again) {
449 goto return_result;
450 }
451
452 /* Else call winbindd to get a bunch of entries */
453
454 if (num_pw_cache > 0) {
455 winbindd_free_response(&getpwent_response);
456 }
457
458 ZERO_STRUCT(request);
459 ZERO_STRUCT(getpwent_response);
460
461 request.data.num_entries = MAX_GETPWENT_USERS;
462
463 winbind_set_client_name("nss_winbind");
464 ret = winbindd_request_response(NULL, WINBINDD_GETPWENT, &request,
465 &getpwent_response);
466
467 if (ret == NSS_STATUS_SUCCESS) {
468 struct winbindd_pw *pw_cache;
469
470 /* Fill cache */
471
472 ndx_pw_cache = 0;
473 num_pw_cache = getpwent_response.data.num_entries;
474
475 /* Return a result */
476
477 return_result:
478
479 pw_cache = (struct winbindd_pw *)
480 getpwent_response.extra_data.data;
481
482 /* Check data is valid */
483
484 if (pw_cache == NULL) {
485 ret = NSS_STATUS_NOTFOUND;
486 goto done;
487 }
488
489 ret = fill_pwent(result, &pw_cache[ndx_pw_cache],
490 &buffer, &buflen);
491
492 /* Out of memory - try again */
493
494 if (ret == NSS_STATUS_TRYAGAIN) {
495 called_again = true;
496 *errnop = errno = ERANGE;
497 goto done;
498 }
499
500 *errnop = errno = 0;
501 called_again = false;
502 ndx_pw_cache++;
503
504 /* If we've finished with this lot of results free cache */
505
506 if (ndx_pw_cache == num_pw_cache) {
507 ndx_pw_cache = num_pw_cache = 0;
508 winbindd_free_response(&getpwent_response);
509 }
510 }
511 done:
512 #ifdef DEBUG_NSS
513 fprintf(stderr, "[%5d]: getpwent returns %s (%d)\n", getpid(),
514 nss_err_str(ret), ret);
515 #endif
516
517 #ifdef HAVE_PTHREAD
518 pthread_mutex_unlock(&winbind_nss_mutex);
519 #endif
520 return ret;
521 }
522
523 /* Return passwd struct from uid */
524
525 NSS_STATUS
526 _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer,
527 size_t buflen, int *errnop)
528 {
529 NSS_STATUS ret;
530 static struct winbindd_response response;
531 struct winbindd_request request;
532 static int keep_response;
533
534 #ifdef DEBUG_NSS
535 fprintf(stderr, "[%5d]: getpwuid_r %d\n", getpid(), (unsigned int)uid);
536 #endif
537
538 #ifdef HAVE_PTHREAD
539 pthread_mutex_lock(&winbind_nss_mutex);
540 #endif
541
542 /* If our static buffer needs to be expanded we are called again */
543 if (!keep_response || uid != response.data.pw.pw_uid) {
544
545 /* Call for the first time */
546
547 ZERO_STRUCT(response);
548 ZERO_STRUCT(request);
549
550 request.data.uid = uid;
551
552 winbind_set_client_name("nss_winbind");
553 ret = winbindd_request_response(NULL, WINBINDD_GETPWUID, &request, &response);
554
555 if (ret == NSS_STATUS_SUCCESS) {
556 ret = fill_pwent(result, &response.data.pw,
557 &buffer, &buflen);
558
559 if (ret == NSS_STATUS_TRYAGAIN) {
560 keep_response = true;
561 *errnop = errno = ERANGE;
562 goto done;
563 }
564 }
565
566 } else {
567
568 /* We've been called again */
569
570 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
571
572 if (ret == NSS_STATUS_TRYAGAIN) {
573 *errnop = errno = ERANGE;
574 goto done;
575 }
576
577 keep_response = false;
578 *errnop = errno = 0;
579 }
580
581 winbindd_free_response(&response);
582
583 done:
584
585 #ifdef DEBUG_NSS
586 fprintf(stderr, "[%5d]: getpwuid %d returns %s (%d)\n", getpid(),
587 (unsigned int)uid, nss_err_str(ret), ret);
588 #endif
589
590 #ifdef HAVE_PTHREAD
591 pthread_mutex_unlock(&winbind_nss_mutex);
592 #endif
593
594 return ret;
595 }
596
597 /* Return passwd struct from username */
598 NSS_STATUS
599 _nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer,
600 size_t buflen, int *errnop)
601 {
602 NSS_STATUS ret;
603 static struct winbindd_response response;
604 struct winbindd_request request;
605 static int keep_response;
606
607 #ifdef DEBUG_NSS
608 fprintf(stderr, "[%5d]: getpwnam_r %s\n", getpid(), name);
609 #endif
610
611 #ifdef HAVE_PTHREAD
612 pthread_mutex_lock(&winbind_nss_mutex);
613 #endif
614
615 /* If our static buffer needs to be expanded we are called again */
616
617 if (!keep_response || strcmp(name,response.data.pw.pw_name) != 0) {
618
619 /* Call for the first time */
620
621 ZERO_STRUCT(response);
622 ZERO_STRUCT(request);
623
624 strncpy(request.data.username, name,
625 sizeof(request.data.username) - 1);
626 request.data.username
627 [sizeof(request.data.username) - 1] = '\0';
628
629 winbind_set_client_name("nss_winbind");
630 ret = winbindd_request_response(NULL, WINBINDD_GETPWNAM, &request, &response);
631
632 if (ret == NSS_STATUS_SUCCESS) {
633 ret = fill_pwent(result, &response.data.pw, &buffer,
634 &buflen);
635
636 if (ret == NSS_STATUS_TRYAGAIN) {
637 keep_response = true;
638 *errnop = errno = ERANGE;
639 goto done;
640 }
641 }
642
643 } else {
644
645 /* We've been called again */
646
647 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
648
649 if (ret == NSS_STATUS_TRYAGAIN) {
650 keep_response = true;
651 *errnop = errno = ERANGE;
652 goto done;
653 }
654
655 keep_response = false;
656 *errnop = errno = 0;
657 }
658
659 winbindd_free_response(&response);
660 done:
661 #ifdef DEBUG_NSS
662 fprintf(stderr, "[%5d]: getpwnam %s returns %s (%d)\n", getpid(),
663 name, nss_err_str(ret), ret);
664 #endif
665
666 #ifdef HAVE_PTHREAD
667 pthread_mutex_unlock(&winbind_nss_mutex);
668 #endif
669
670 return ret;
671 }
672
673 /*
674 * NSS group functions
675 */
676
677 static struct winbindd_response getgrent_response;
678
679 static int ndx_gr_cache; /* Current index into grp cache */
680 static int num_gr_cache; /* Current size of grp cache */
681
682 /* Rewind "file pointer" to start of ntdom group database */
683
684 NSS_STATUS
685 _nss_winbind_setgrent(void)
686 {
687 NSS_STATUS ret;
688 #ifdef DEBUG_NSS
689 fprintf(stderr, "[%5d]: setgrent\n", getpid());
690 #endif
691
692 #ifdef HAVE_PTHREAD
693 pthread_mutex_lock(&winbind_nss_mutex);
694 #endif
695
696 if (num_gr_cache > 0) {
697 ndx_gr_cache = num_gr_cache = 0;
698 winbindd_free_response(&getgrent_response);
699 }
700
701 winbind_set_client_name("nss_winbind");
702 ret = winbindd_request_response(NULL, WINBINDD_SETGRENT, NULL, NULL);
703 #ifdef DEBUG_NSS
704 fprintf(stderr, "[%5d]: setgrent returns %s (%d)\n", getpid(),
705 nss_err_str(ret), ret);
706 #endif
707
708 #ifdef HAVE_PTHREAD
709 pthread_mutex_unlock(&winbind_nss_mutex);
710 #endif
711
712 return ret;
713 }
714
715 /* Close "file pointer" for ntdom group database */
716
717 NSS_STATUS
718 _nss_winbind_endgrent(void)
719 {
720 NSS_STATUS ret;
721 #ifdef DEBUG_NSS
722 fprintf(stderr, "[%5d]: endgrent\n", getpid());
723 #endif
724
725 #ifdef HAVE_PTHREAD
726 pthread_mutex_lock(&winbind_nss_mutex);
727 #endif
728
729 if (num_gr_cache > 0) {
730 ndx_gr_cache = num_gr_cache = 0;
731 winbindd_free_response(&getgrent_response);
732 }
733
734 winbind_set_client_name("nss_winbind");
735 ret = winbindd_request_response(NULL, WINBINDD_ENDGRENT, NULL, NULL);
736 #ifdef DEBUG_NSS
737 fprintf(stderr, "[%5d]: endgrent returns %s (%d)\n", getpid(),
738 nss_err_str(ret), ret);
739 #endif
740
741 #ifdef HAVE_PTHREAD
742 pthread_mutex_unlock(&winbind_nss_mutex);
743 #endif
744
745 return ret;
746 }
747
748 /* Get next entry from ntdom group database */
749
750 static NSS_STATUS
751 winbind_getgrent(enum winbindd_cmd cmd,
752 struct group *result,
753 char *buffer, size_t buflen, int *errnop)
754 {
755 NSS_STATUS ret;
756 static struct winbindd_request request;
757 static int called_again;
758
759
760 #ifdef DEBUG_NSS
761 fprintf(stderr, "[%5d]: getgrent\n", getpid());
762 #endif
763
764 #ifdef HAVE_PTHREAD
765 pthread_mutex_lock(&winbind_nss_mutex);
766 #endif
767
768 /* Return an entry from the cache if we have one, or if we are
769 called again because we exceeded our static buffer. */
770
771 if ((ndx_gr_cache < num_gr_cache) || called_again) {
772 goto return_result;
773 }
774
775 /* Else call winbindd to get a bunch of entries */
776
777 if (num_gr_cache > 0) {
778 winbindd_free_response(&getgrent_response);
779 }
780
781 ZERO_STRUCT(request);
782 ZERO_STRUCT(getgrent_response);
783
784 request.data.num_entries = MAX_GETGRENT_USERS;
785
786 winbind_set_client_name("nss_winbind");
787 ret = winbindd_request_response(NULL, cmd, &request,
788 &getgrent_response);
789
790 if (ret == NSS_STATUS_SUCCESS) {
791 struct winbindd_gr *gr_cache;
792 int mem_ofs;
793
794 /* Fill cache */
795
796 ndx_gr_cache = 0;
797 num_gr_cache = getgrent_response.data.num_entries;
798
799 /* Return a result */
800
801 return_result:
802
803 gr_cache = (struct winbindd_gr *)
804 getgrent_response.extra_data.data;
805
806 /* Check data is valid */
807
808 if (gr_cache == NULL) {
809 ret = NSS_STATUS_NOTFOUND;
810 goto done;
811 }
812
813 /* Fill group membership. The offset into the extra data
814 for the group membership is the reported offset plus the
815 size of all the winbindd_gr records returned. */
816
817 mem_ofs = gr_cache[ndx_gr_cache].gr_mem_ofs +
818 num_gr_cache * sizeof(struct winbindd_gr);
819
820 ret = fill_grent(result, &gr_cache[ndx_gr_cache],
821 ((char *)getgrent_response.extra_data.data)+mem_ofs,
822 &buffer, &buflen);
823
824 /* Out of memory - try again */
825
826 if (ret == NSS_STATUS_TRYAGAIN) {
827 called_again = true;
828 *errnop = errno = ERANGE;
829 goto done;
830 }
831
832 *errnop = 0;
833 called_again = false;
834 ndx_gr_cache++;
835
836 /* If we've finished with this lot of results free cache */
837
838 if (ndx_gr_cache == num_gr_cache) {
839 ndx_gr_cache = num_gr_cache = 0;
840 winbindd_free_response(&getgrent_response);
841 }
842 }
843 done:
844 #ifdef DEBUG_NSS
845 fprintf(stderr, "[%5d]: getgrent returns %s (%d)\n", getpid(),
846 nss_err_str(ret), ret);
847 #endif
848
849 #ifdef HAVE_PTHREAD
850 pthread_mutex_unlock(&winbind_nss_mutex);
851 #endif
852
853 return ret;
854 }
855
856
857 NSS_STATUS
858 _nss_winbind_getgrent_r(struct group *result,
859 char *buffer, size_t buflen, int *errnop)
860 {
861 return winbind_getgrent(WINBINDD_GETGRENT, result, buffer, buflen, errnop);
862 }
863
864 NSS_STATUS
865 _nss_winbind_getgrlst_r(struct group *result,
866 char *buffer, size_t buflen, int *errnop)
867 {
868 return winbind_getgrent(WINBINDD_GETGRLST, result, buffer, buflen, errnop);
869 }
870
871 /* Return group struct from group name */
872
873 NSS_STATUS
874 _nss_winbind_getgrnam_r(const char *name,
875 struct group *result, char *buffer,
876 size_t buflen, int *errnop)
877 {
878 NSS_STATUS ret;
879 static struct winbindd_response response;
880 struct winbindd_request request;
881 static int keep_response;
882
883 #ifdef DEBUG_NSS
884 fprintf(stderr, "[%5d]: getgrnam %s\n", getpid(), name);
885 #endif
886
887 #ifdef HAVE_PTHREAD
888 pthread_mutex_lock(&winbind_nss_mutex);
889 #endif
890
891 /* If our static buffer needs to be expanded we are called again */
892 /* Or if the stored response group name differs from the request. */
893
894 if (!keep_response || strcmp(name,response.data.gr.gr_name) != 0) {
895
896 /* Call for the first time */
897
898 ZERO_STRUCT(request);
899 ZERO_STRUCT(response);
900
901 strncpy(request.data.groupname, name,
902 sizeof(request.data.groupname));
903 request.data.groupname
904 [sizeof(request.data.groupname) - 1] = '\0';
905
906 winbind_set_client_name("nss_winbind");
907 ret = winbindd_request_response(NULL, WINBINDD_GETGRNAM,
908 &request, &response);
909
910 if (ret == NSS_STATUS_SUCCESS) {
911 ret = fill_grent(result, &response.data.gr,
912 (char *)response.extra_data.data,
913 &buffer, &buflen);
914
915 if (ret == NSS_STATUS_TRYAGAIN) {
916 keep_response = true;
917 *errnop = errno = ERANGE;
918 goto done;
919 }
920 }
921
922 } else {
923
924 /* We've been called again */
925
926 ret = fill_grent(result, &response.data.gr,
927 (char *)response.extra_data.data, &buffer,
928 &buflen);
929
930 if (ret == NSS_STATUS_TRYAGAIN) {
931 keep_response = true;
932 *errnop = errno = ERANGE;
933 goto done;
934 }
935
936 keep_response = false;
937 *errnop = 0;
938 }
939
940 winbindd_free_response(&response);
941 done:
942 #ifdef DEBUG_NSS
943 fprintf(stderr, "[%5d]: getgrnam %s returns %s (%d)\n", getpid(),
944 name, nss_err_str(ret), ret);
945 #endif
946
947 #ifdef HAVE_PTHREAD
948 pthread_mutex_unlock(&winbind_nss_mutex);
949 #endif
950
951 return ret;
952 }
953
954 /* Return group struct from gid */
955
956 NSS_STATUS
957 _nss_winbind_getgrgid_r(gid_t gid,
958 struct group *result, char *buffer,
959 size_t buflen, int *errnop)
960 {
961 NSS_STATUS ret;
962 static struct winbindd_response response;
963 struct winbindd_request request;
964 static int keep_response;
965
966 #ifdef DEBUG_NSS
967 fprintf(stderr, "[%5d]: getgrgid %d\n", getpid(), gid);
968 #endif
969
970 #ifdef HAVE_PTHREAD
971 pthread_mutex_lock(&winbind_nss_mutex);
972 #endif
973
974 /* If our static buffer needs to be expanded we are called again */
975 /* Or if the stored response group name differs from the request. */
976
977 if (!keep_response || gid != response.data.gr.gr_gid) {
978
979 /* Call for the first time */
980
981 ZERO_STRUCT(request);
982 ZERO_STRUCT(response);
983
984 request.data.gid = gid;
985
986 winbind_set_client_name("nss_winbind");
987 ret = winbindd_request_response(NULL, WINBINDD_GETGRGID,
988 &request, &response);
989
990 if (ret == NSS_STATUS_SUCCESS) {
991
992 ret = fill_grent(result, &response.data.gr,
993 (char *)response.extra_data.data,
994 &buffer, &buflen);
995
996 if (ret == NSS_STATUS_TRYAGAIN) {
997 keep_response = true;
998 *errnop = errno = ERANGE;
999 goto done;
1000 }
1001 }
1002
1003 } else {
1004
1005 /* We've been called again */
1006
1007 ret = fill_grent(result, &response.data.gr,
1008 (char *)response.extra_data.data, &buffer,
1009 &buflen);
1010
1011 if (ret == NSS_STATUS_TRYAGAIN) {
1012 keep_response = true;
1013 *errnop = errno = ERANGE;
1014 goto done;
1015 }
1016
1017 keep_response = false;
1018 *errnop = 0;
1019 }
1020
1021 winbindd_free_response(&response);
1022 done:
1023 #ifdef DEBUG_NSS
1024 fprintf(stderr, "[%5d]: getgrgid %d returns %s (%d)\n", getpid(),
1025 (unsigned int)gid, nss_err_str(ret), ret);
1026 #endif
1027
1028 #ifdef HAVE_PTHREAD
1029 pthread_mutex_unlock(&winbind_nss_mutex);
1030 #endif
1031 return ret;
1032 }
1033
1034 /* Initialise supplementary groups */
1035
1036 NSS_STATUS
1037 _nss_winbind_initgroups_dyn(const char *user, gid_t group, long int *start,
1038 long int *size, gid_t **groups, long int limit,
1039 int *errnop)
1040 {
1041 NSS_STATUS ret;
1042 struct winbindd_request request;
1043 struct winbindd_response response;
1044 int i;
1045
1046 #ifdef DEBUG_NSS
1047 fprintf(stderr, "[%5d]: initgroups %s (%d)\n", getpid(),
1048 user, group);
1049 #endif
1050
1051 #ifdef HAVE_PTHREAD
1052 pthread_mutex_lock(&winbind_nss_mutex);
1053 #endif
1054
1055 ZERO_STRUCT(request);
1056 ZERO_STRUCT(response);
1057
1058 strncpy(request.data.username, user,
1059 sizeof(request.data.username) - 1);
1060
1061 winbind_set_client_name("nss_winbind");
1062 ret = winbindd_request_response(NULL, WINBINDD_GETGROUPS,
1063 &request, &response);
1064
1065 if (ret == NSS_STATUS_SUCCESS) {
1066 int num_gids = response.data.num_entries;
1067 gid_t *gid_list = (gid_t *)response.extra_data.data;
1068
1069 #ifdef DEBUG_NSS
1070 fprintf(stderr, "[%5d]: initgroups %s: got NSS_STATUS_SUCCESS "
1071 "and %d gids\n", getpid(),
1072 user, num_gids);
1073 #endif
1074 if (gid_list == NULL) {
1075 ret = NSS_STATUS_NOTFOUND;
1076 goto done;
1077 }
1078
1079 /* Copy group list to client */
1080
1081 for (i = 0; i < num_gids; i++) {
1082
1083 #ifdef DEBUG_NSS
1084 fprintf(stderr, "[%5d]: initgroups %s (%d): "
1085 "processing gid %d \n", getpid(),
1086 user, group, gid_list[i]);
1087 #endif
1088
1089 /* Skip primary group */
1090
1091 if (gid_list[i] == group) {
1092 continue;
1093 }
1094
1095 /* Skip groups without a mapping */
1096 if (gid_list[i] == (uid_t)-1) {
1097 continue;
1098 }
1099
1100 /* Filled buffer ? If so, resize. */
1101
1102 if (*start == *size) {
1103 long int newsize;
1104 gid_t *newgroups;
1105
1106 newsize = 2 * (*size);
1107 if (limit > 0) {
1108 if (*size == limit) {
1109 goto done;
1110 }
1111 if (newsize > limit) {
1112 newsize = limit;
1113 }
1114 }
1115
1116 newgroups = (gid_t *)
1117 realloc((*groups),
1118 newsize * sizeof(**groups));
1119 if (!newgroups) {
1120 *errnop = ENOMEM;
1121 ret = NSS_STATUS_NOTFOUND;
1122 goto done;
1123 }
1124 *groups = newgroups;
1125 *size = newsize;
1126 }
1127
1128 /* Add to buffer */
1129
1130 (*groups)[*start] = gid_list[i];
1131 *start += 1;
1132 }
1133 }
1134
1135 /* Back to your regularly scheduled programming */
1136
1137 done:
1138 #ifdef DEBUG_NSS
1139 fprintf(stderr, "[%5d]: initgroups %s returns %s (%d)\n", getpid(),
1140 user, nss_err_str(ret), ret);
1141 #endif
1142
1143 #ifdef HAVE_PTHREAD
1144 pthread_mutex_unlock(&winbind_nss_mutex);
1145 #endif
1146
1147 return ret;
1148 }
Samba GIT mirror