search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:descriptor - cosmetic
[Samba/aatanasov.git] / source3 / winbindd / winbindd_getgroups.c
blob3bdf762c458e85a9ef004fb422b33f58971bb8b0
1 /*
2 Unix SMB/CIFS implementation.
3 async implementation of WINBINDD_GETGROUPS
4 Copyright (C) Volker Lendecke 2009
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "winbindd.h"
22
23 struct winbindd_getgroups_state {
24 struct tevent_context *ev;
25 fstring domname;
26 fstring username;
27 struct dom_sid sid;
28 enum lsa_SidType type;
29 int num_sids;
30 struct dom_sid *sids;
31 int next_sid;
32 int num_gids;
33 gid_t *gids;
34 };
35
36 static void winbindd_getgroups_lookupname_done(struct tevent_req *subreq);
37 static void winbindd_getgroups_gettoken_done(struct tevent_req *subreq);
38 static void winbindd_getgroups_sid2gid_done(struct tevent_req *subreq);
39
40 struct tevent_req *winbindd_getgroups_send(TALLOC_CTX *mem_ctx,
41 struct tevent_context *ev,
42 struct winbindd_cli_state *cli,
43 struct winbindd_request *request)
44 {
45 struct tevent_req *req, *subreq;
46 struct winbindd_getgroups_state *state;
47 char *domuser, *mapped_user;
48 struct winbindd_domain *domain;
49 NTSTATUS status;
50
51 req = tevent_req_create(mem_ctx, &state,
52 struct winbindd_getgroups_state);
53 if (req == NULL) {
54 return NULL;
55 }
56 state->ev = ev;
57
58 /* Ensure null termination */
59 request->data.username[sizeof(request->data.username)-1]='\0';
60
61 DEBUG(3, ("getgroups %s\n", request->data.username));
62
63 domuser = request->data.username;
64
65 status = normalize_name_unmap(state, domuser, &mapped_user);
66
67 if (NT_STATUS_IS_OK(status)
68 || NT_STATUS_EQUAL(status, NT_STATUS_FILE_RENAMED)) {
69 /* normalize_name_unmapped did something */
70 domuser = mapped_user;
71 }
72
73 if (!parse_domain_user(domuser, state->domname, state->username)) {
74 DEBUG(5, ("Could not parse domain user: %s\n", domuser));
75 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
76 return tevent_req_post(req, ev);
77 }
78
79 domain = find_domain_from_name_noinit(state->domname);
80 if (domain == NULL) {
81 /* Retry with DNS name */
82 char *p = strchr(domuser, '@');
83 if (p != NULL) {
84 domain = find_domain_from_name_noinit(p+1);
85 }
86 }
87 if (domain == NULL) {
88 DEBUG(7, ("could not find domain entry for domain %s\n",
89 state->domname));
90 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
91 return tevent_req_post(req, ev);
92 }
93
94 if (lp_winbind_trusted_domains_only() && domain->primary) {
95 DEBUG(7,("winbindd_getgroups: My domain -- "
96 "rejecting getgroups() for %s\\%s.\n",
97 state->domname, state->username));
98 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
99 return tevent_req_post(req, ev);
100 }
101
102 subreq = wb_lookupname_send(state, ev, state->domname, state->username,
103 LOOKUP_NAME_NO_NSS);
104 if (tevent_req_nomem(subreq, req)) {
105 return tevent_req_post(req, ev);
106 }
107 tevent_req_set_callback(subreq, winbindd_getgroups_lookupname_done,
108 req);
109 return req;
110 }
111
112 static void winbindd_getgroups_lookupname_done(struct tevent_req *subreq)
113 {
114 struct tevent_req *req = tevent_req_callback_data(
115 subreq, struct tevent_req);
116 struct winbindd_getgroups_state *state = tevent_req_data(
117 req, struct winbindd_getgroups_state);
118 NTSTATUS status;
119
120 status = wb_lookupname_recv(subreq, &state->sid, &state->type);
121 TALLOC_FREE(subreq);
122 if (!NT_STATUS_IS_OK(status)) {
123 tevent_req_nterror(req, status);
124 return;
125 }
126
127 subreq = wb_gettoken_send(state, state->ev, &state->sid);
128 if (tevent_req_nomem(subreq, req)) {
129 return;
130 }
131 tevent_req_set_callback(subreq, winbindd_getgroups_gettoken_done, req);
132 }
133
134 static void winbindd_getgroups_gettoken_done(struct tevent_req *subreq)
135 {
136 struct tevent_req *req = tevent_req_callback_data(
137 subreq, struct tevent_req);
138 struct winbindd_getgroups_state *state = tevent_req_data(
139 req, struct winbindd_getgroups_state);
140 NTSTATUS status;
141
142 status = wb_gettoken_recv(subreq, state, &state->num_sids,
143 &state->sids);
144 TALLOC_FREE(subreq);
145 if (!NT_STATUS_IS_OK(status)) {
146 tevent_req_nterror(req, status);
147 return;
148 }
149
150 /*
151 * Convert the group SIDs to gids. state->sids[0] contains the user
152 * sid, so start at index 1.
153 */
154
155 state->gids = talloc_array(state, gid_t, state->num_sids-1);
156 if (tevent_req_nomem(state->gids, req)) {
157 return;
158 }
159 state->num_gids = 0;
160 state->next_sid = 1;
161
162 subreq = wb_sid2gid_send(state, state->ev,
163 &state->sids[state->next_sid]);
164 if (tevent_req_nomem(subreq, req)) {
165 return;
166 }
167 tevent_req_set_callback(subreq, winbindd_getgroups_sid2gid_done, req);
168 }
169
170 static void winbindd_getgroups_sid2gid_done(struct tevent_req *subreq)
171 {
172 struct tevent_req *req = tevent_req_callback_data(
173 subreq, struct tevent_req);
174 struct winbindd_getgroups_state *state = tevent_req_data(
175 req, struct winbindd_getgroups_state);
176 NTSTATUS status;
177
178 status = wb_sid2gid_recv(subreq, &state->gids[state->num_gids]);
179 TALLOC_FREE(subreq);
180
181 /*
182 * In case of failure, just continue with the next gid
183 */
184 if (NT_STATUS_IS_OK(status)) {
185 state->num_gids += 1;
186 }
187 state->next_sid += 1;
188
189 if (state->next_sid >= state->num_sids) {
190 tevent_req_done(req);
191 return;
192 }
193
194 subreq = wb_sid2gid_send(state, state->ev,
195 &state->sids[state->next_sid]);
196 if (tevent_req_nomem(subreq, req)) {
197 return;
198 }
199 tevent_req_set_callback(subreq, winbindd_getgroups_sid2gid_done, req);
200 }
201
202 NTSTATUS winbindd_getgroups_recv(struct tevent_req *req,
203 struct winbindd_response *response)
204 {
205 struct winbindd_getgroups_state *state = tevent_req_data(
206 req, struct winbindd_getgroups_state);
207 NTSTATUS status;
208
209 if (tevent_req_is_nterror(req, &status)) {
210 DEBUG(5, ("Could not convert sid %s: %s\n",
211 sid_string_dbg(&state->sid), nt_errstr(status)));
212 return status;
213 }
214
215 response->data.num_entries = state->num_gids;
216
217 if (state->num_gids > 0) {
218 response->extra_data.data = talloc_move(response,
219 &state->gids);
220 response->length += state->num_gids * sizeof(gid_t);
221 }
222 return NT_STATUS_OK;
223 }
aatanasov's samba4 branch