Add SeSecurityPrivilige.
[Samba.git] / source3 / lib / winbind_util.c
blob0c904ac569e4c00aca6b23fe88a1c27b9930e891
1 /*
2 Unix SMB/CIFS implementation.
3 Winbind Utility functions
5 Copyright (C) Gerald (Jerry) Carter 2007
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "includes.h"
23 #if defined(WITH_WINBIND)
25 #include "nsswitch/libwbclient/wbclient.h"
27 struct passwd * winbind_getpwnam(const char * name)
29 wbcErr result;
30 struct passwd * tmp_pwd = NULL;
31 struct passwd * pwd = NULL;
33 result = wbcGetpwnam(name, &tmp_pwd);
34 if (result != WBC_ERR_SUCCESS)
35 return pwd;
37 pwd = tcopy_passwd(talloc_tos(), tmp_pwd);
39 wbcFreeMemory(tmp_pwd);
41 return pwd;
44 struct passwd * winbind_getpwsid(const DOM_SID *sid)
46 wbcErr result;
47 struct passwd * tmp_pwd = NULL;
48 struct passwd * pwd = NULL;
49 struct wbcDomainSid dom_sid;
51 memcpy(&dom_sid, sid, sizeof(dom_sid));
53 result = wbcGetpwsid(&dom_sid, &tmp_pwd);
54 if (result != WBC_ERR_SUCCESS)
55 return pwd;
57 pwd = tcopy_passwd(talloc_tos(), tmp_pwd);
59 wbcFreeMemory(tmp_pwd);
61 return pwd;
64 /* Call winbindd to convert a name to a sid */
66 bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
67 enum lsa_SidType *name_type)
69 struct wbcDomainSid dom_sid;
70 wbcErr result;
71 enum wbcSidType type;
73 result = wbcLookupName(dom_name, name, &dom_sid, &type);
74 if (result != WBC_ERR_SUCCESS)
75 return false;
77 memcpy(sid, &dom_sid, sizeof(DOM_SID));
78 *name_type = (enum lsa_SidType)type;
80 return true;
83 /* Call winbindd to convert sid to name */
85 bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
86 const char **domain, const char **name,
87 enum lsa_SidType *name_type)
89 struct wbcDomainSid dom_sid;
90 wbcErr result;
91 enum wbcSidType type;
92 char *domain_name = NULL;
93 char *account_name = NULL;
95 memcpy(&dom_sid, sid, sizeof(dom_sid));
97 result = wbcLookupSid(&dom_sid, &domain_name, &account_name, &type);
98 if (result != WBC_ERR_SUCCESS)
99 return false;
101 /* Copy out result */
103 if (domain) {
104 *domain = talloc_strdup(mem_ctx, domain_name);
106 if (name) {
107 *name = talloc_strdup(mem_ctx, account_name);
109 *name_type = (enum lsa_SidType)type;
111 DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n",
112 sid_string_dbg(sid), domain_name, account_name));
114 wbcFreeMemory(domain_name);
115 wbcFreeMemory(account_name);
117 if ((domain && !*domain) || (name && !*name)) {
118 DEBUG(0,("winbind_lookup_sid: talloc() failed!\n"));
119 return false;
123 return true;
126 /* Ping winbindd to see it is alive */
128 bool winbind_ping(void)
130 wbcErr result = wbcPing();
132 return (result == WBC_ERR_SUCCESS);
135 /* Call winbindd to convert SID to uid */
137 bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
139 struct wbcDomainSid dom_sid;
140 wbcErr result;
142 memcpy(&dom_sid, sid, sizeof(dom_sid));
144 result = wbcSidToUid(&dom_sid, puid);
146 return (result == WBC_ERR_SUCCESS);
149 /* Call winbindd to convert uid to sid */
151 bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
153 struct wbcDomainSid dom_sid;
154 wbcErr result;
156 result = wbcUidToSid(uid, &dom_sid);
157 if (result == WBC_ERR_SUCCESS) {
158 memcpy(sid, &dom_sid, sizeof(DOM_SID));
159 } else {
160 sid_copy(sid, &global_sid_NULL);
163 return (result == WBC_ERR_SUCCESS);
166 /* Call winbindd to convert SID to gid */
168 bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
170 struct wbcDomainSid dom_sid;
171 wbcErr result;
173 memcpy(&dom_sid, sid, sizeof(dom_sid));
175 result = wbcSidToGid(&dom_sid, pgid);
177 return (result == WBC_ERR_SUCCESS);
180 /* Call winbindd to convert gid to sid */
182 bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
184 struct wbcDomainSid dom_sid;
185 wbcErr result;
187 result = wbcGidToSid(gid, &dom_sid);
188 if (result == WBC_ERR_SUCCESS) {
189 memcpy(sid, &dom_sid, sizeof(DOM_SID));
190 } else {
191 sid_copy(sid, &global_sid_NULL);
194 return (result == WBC_ERR_SUCCESS);
197 /* Check for a trusted domain */
199 wbcErr wb_is_trusted_domain(const char *domain)
201 wbcErr result;
202 struct wbcDomainInfo *info = NULL;
204 result = wbcDomainInfo(domain, &info);
206 if (WBC_ERROR_IS_OK(result)) {
207 wbcFreeMemory(info);
210 return result;
213 /* Lookup a set of rids in a given domain */
215 bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
216 const DOM_SID *domain_sid,
217 int num_rids, uint32 *rids,
218 const char **domain_name,
219 const char ***names, enum lsa_SidType **types)
221 const char *dom_name = NULL;
222 const char **namelist = NULL;
223 enum wbcSidType *name_types = NULL;
224 struct wbcDomainSid dom_sid;
225 wbcErr ret;
226 int i;
228 memcpy(&dom_sid, domain_sid, sizeof(struct wbcDomainSid));
230 ret = wbcLookupRids(&dom_sid, num_rids, rids,
231 &dom_name, &namelist, &name_types);
232 if (ret != WBC_ERR_SUCCESS) {
233 return false;
236 *domain_name = talloc_strdup(mem_ctx, dom_name);
237 *names = TALLOC_ARRAY(mem_ctx, const char*, num_rids);
238 *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids);
240 for(i=0; i<num_rids; i++) {
241 (*names)[i] = talloc_strdup(*names, namelist[i]);
242 (*types)[i] = (enum lsa_SidType)name_types[i];
245 wbcFreeMemory(CONST_DISCARD(char*, dom_name));
246 wbcFreeMemory(namelist);
247 wbcFreeMemory(name_types);
249 return true;
252 /* Ask Winbind to allocate a new uid for us */
254 bool winbind_allocate_uid(uid_t *uid)
256 wbcErr ret;
258 ret = wbcAllocateUid(uid);
260 return (ret == WBC_ERR_SUCCESS);
263 /* Ask Winbind to allocate a new gid for us */
265 bool winbind_allocate_gid(gid_t *gid)
267 wbcErr ret;
269 ret = wbcAllocateGid(gid);
271 return (ret == WBC_ERR_SUCCESS);
274 bool winbind_get_groups(TALLOC_CTX * mem_ctx, const char *account, uint32_t *num_groups, gid_t **_groups)
276 wbcErr ret;
277 uint32_t ngroups;
278 gid_t *group_list = NULL;
280 ret = wbcGetGroups(account, &ngroups, &group_list);
281 if (ret != WBC_ERR_SUCCESS)
282 return false;
284 *_groups = TALLOC_ARRAY(mem_ctx, gid_t, ngroups);
285 if (*_groups == NULL) {
286 wbcFreeMemory(group_list);
287 return false;
290 memcpy(*_groups, group_list, ngroups* sizeof(gid_t));
291 *num_groups = ngroups;
293 wbcFreeMemory(group_list);
294 return true;
297 bool winbind_get_sid_aliases(TALLOC_CTX *mem_ctx,
298 const DOM_SID *dom_sid,
299 const DOM_SID *members,
300 size_t num_members,
301 uint32_t **pp_alias_rids,
302 size_t *p_num_alias_rids)
304 wbcErr ret;
305 struct wbcDomainSid domain_sid;
306 struct wbcDomainSid *sid_list = NULL;
307 size_t i;
308 uint32_t * rids;
309 uint32_t num_rids;
311 memcpy(&domain_sid, dom_sid, sizeof(*dom_sid));
313 sid_list = TALLOC_ARRAY(mem_ctx, struct wbcDomainSid, num_members);
315 for (i=0; i < num_members; i++) {
316 memcpy(&sid_list[i], &members[i], sizeof(sid_list[i]));
319 ret = wbcGetSidAliases(&domain_sid,
320 sid_list,
321 num_members,
322 &rids,
323 &num_rids);
324 if (ret != WBC_ERR_SUCCESS) {
325 return false;
328 *pp_alias_rids = TALLOC_ARRAY(mem_ctx, uint32_t, num_rids);
329 if (*pp_alias_rids == NULL) {
330 wbcFreeMemory(rids);
331 return false;
334 memcpy(*pp_alias_rids, rids, sizeof(uint32_t) * num_rids);
336 *p_num_alias_rids = num_rids;
337 wbcFreeMemory(rids);
339 return true;
342 #else /* WITH_WINBIND */
344 struct passwd * winbind_getpwnam(const char * name)
346 return NULL;
349 struct passwd * winbind_getpwsid(const DOM_SID *sid)
351 return NULL;
354 bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
355 enum lsa_SidType *name_type)
357 return false;
360 /* Call winbindd to convert sid to name */
362 bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
363 const char **domain, const char **name,
364 enum lsa_SidType *name_type)
366 return false;
369 /* Ping winbindd to see it is alive */
371 bool winbind_ping(void)
373 return false;
376 /* Call winbindd to convert SID to uid */
378 bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
380 return false;
383 /* Call winbindd to convert uid to sid */
385 bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
387 return false;
390 /* Call winbindd to convert SID to gid */
392 bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
394 return false;
397 /* Call winbindd to convert gid to sid */
399 bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
401 return false;
404 /* Check for a trusted domain */
406 wbcErr wb_is_trusted_domain(const char *domain)
408 return WBC_ERR_UNKNOWN_FAILURE;
411 /* Lookup a set of rids in a given domain */
413 bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
414 const DOM_SID *domain_sid,
415 int num_rids, uint32 *rids,
416 const char **domain_name,
417 const char ***names, enum lsa_SidType **types)
419 return false;
422 /* Ask Winbind to allocate a new uid for us */
424 bool winbind_allocate_uid(uid_t *uid)
426 return false;
429 /* Ask Winbind to allocate a new gid for us */
431 bool winbind_allocate_gid(gid_t *gid)
433 return false;
436 bool winbind_get_groups(TALLOC_CTX *mem_ctx, const char *account, uint32_t *num_groups, gid_t **_groups)
438 return false;
441 bool winbind_get_sid_aliases(TALLOC_CTX *mem_ctx,
442 const DOM_SID *dom_sid,
443 const DOM_SID *members,
444 size_t num_members,
445 uint32_t **pp_alias_rids,
446 size_t *p_num_alias_rids)
448 return false;
451 #endif /* WITH_WINBIND */