source3/winbindd/wb_gettoken.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    async gettoken
   4    Copyright (C) Volker Lendecke 2009
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published by
   8    the Free Software Foundation; either version 3 of the License, or
   9    (at your option) any later version.
  10
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15
  16    You should have received a copy of the GNU General Public License
  17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 */
  19
  20 #include "includes.h"
  21 #include "winbindd.h"
  22 #include "librpc/gen_ndr/cli_wbint.h"
  23
  24 struct wb_gettoken_state {
  25         struct tevent_context *ev;
  26         struct dom_sid usersid;
  27         int num_sids;
  28         struct dom_sid *sids;
  29 };
  30
  31 static bool wb_add_rids_to_sids(TALLOC_CTX *mem_ctx,
  32                                 int *pnum_sids, struct dom_sid **psids,
  33                                 const struct dom_sid *domain_sid,
  34                                 int num_rids, uint32_t *rids);
  35
  36 static void wb_gettoken_gotgroups(struct tevent_req *subreq);
  37 static void wb_gettoken_gotlocalgroups(struct tevent_req *subreq);
  38 static void wb_gettoken_gotbuiltins(struct tevent_req *subreq);
  39
  40 struct tevent_req *wb_gettoken_send(TALLOC_CTX *mem_ctx,
  41                                     struct tevent_context *ev,
  42                                     const struct dom_sid *sid)
  43 {
  44         struct tevent_req *req, *subreq;
  45         struct wb_gettoken_state *state;
  46         struct winbindd_domain *domain;
  47
  48         req = tevent_req_create(mem_ctx, &state, struct wb_gettoken_state);
  49         if (req == NULL) {
  50                 return NULL;
  51         }
  52         sid_copy(&state->usersid, sid);
  53         state->ev = ev;
  54
  55         domain = find_domain_from_sid_noinit(sid);
  56         if (domain == NULL) {
  57                 DEBUG(5, ("Could not find domain from SID %s\n",
  58                           sid_string_dbg(sid)));
  59                 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
  60                 return tevent_req_post(req, ev);
  61         }
  62
  63         subreq = wb_lookupusergroups_send(state, ev, domain, &state->usersid);
  64         if (tevent_req_nomem(subreq, req)) {
  65                 return tevent_req_post(req, ev);
  66         }
  67         tevent_req_set_callback(subreq, wb_gettoken_gotgroups, req);
  68         return req;
  69 }
  70
  71 static void wb_gettoken_gotgroups(struct tevent_req *subreq)
  72 {
  73         struct tevent_req *req = tevent_req_callback_data(
  74                 subreq, struct tevent_req);
  75         struct wb_gettoken_state *state = tevent_req_data(
  76                 req, struct wb_gettoken_state);
  77         struct dom_sid *sids;
  78         struct winbindd_domain *domain;
  79         NTSTATUS status;
  80
  81         status = wb_lookupusergroups_recv(subreq, state, &state->num_sids,
  82                                           &state->sids);
  83         TALLOC_FREE(subreq);
  84         if (!NT_STATUS_IS_OK(status)) {
  85                 tevent_req_nterror(req, status);
  86                 return;
  87         }
  88
  89         sids = talloc_realloc(state, state->sids, struct dom_sid,
  90                               state->num_sids + 1);
  91         if (tevent_req_nomem(sids, req)) {
  92                 return;
  93         }
  94         memmove(&sids[1], &sids[0], state->num_sids * sizeof(sids[0]));
  95         sid_copy(&sids[0], &state->usersid);
  96         state->num_sids += 1;
  97         state->sids = sids;
  98
  99         /*
 100          * Expand our domain's aliases
 101          */
 102         domain = find_our_domain();
 103         if (domain == NULL) {
 104                 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
 105                 return;
 106         }
 107
 108         subreq = wb_lookupuseraliases_send(state, state->ev, domain,
 109                                            state->num_sids, state->sids);
 110         if (tevent_req_nomem(subreq, req)) {
 111                 return;
 112         }
 113         tevent_req_set_callback(subreq, wb_gettoken_gotlocalgroups, req);
 114 }
 115
 116 static void wb_gettoken_gotlocalgroups(struct tevent_req *subreq)
 117 {
 118         struct tevent_req *req = tevent_req_callback_data(
 119                 subreq, struct tevent_req);
 120         struct wb_gettoken_state *state = tevent_req_data(
 121                 req, struct wb_gettoken_state);
 122         uint32_t num_rids;
 123         uint32_t *rids;
 124         struct winbindd_domain *domain;
 125         NTSTATUS status;
 126
 127         status = wb_lookupuseraliases_recv(subreq, state, &num_rids, &rids);
 128         TALLOC_FREE(subreq);
 129         if (!NT_STATUS_IS_OK(status)) {
 130                 tevent_req_nterror(req, status);
 131                 return;
 132         }
 133         domain = find_our_domain();
 134         if (!wb_add_rids_to_sids(state, &state->num_sids, &state->sids,
 135                                  &domain->sid, num_rids, rids)) {
 136                 tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
 137                 return;
 138         }
 139         TALLOC_FREE(rids);
 140
 141         /*
 142          * Now expand the builtin groups
 143          */
 144
 145         domain = find_builtin_domain();
 146         if (domain == NULL) {
 147                 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
 148                 return;
 149         }
 150
 151         subreq = wb_lookupuseraliases_send(state, state->ev, domain,
 152                                            state->num_sids, state->sids);
 153         if (tevent_req_nomem(subreq, req)) {
 154                 return;
 155         }
 156         tevent_req_set_callback(subreq, wb_gettoken_gotbuiltins, req);
 157 }
 158
 159 static void wb_gettoken_gotbuiltins(struct tevent_req *subreq)
 160 {
 161         struct tevent_req *req = tevent_req_callback_data(
 162                 subreq, struct tevent_req);
 163         struct wb_gettoken_state *state = tevent_req_data(
 164                 req, struct wb_gettoken_state);
 165         uint32_t num_rids;
 166         uint32_t *rids;
 167         NTSTATUS status;
 168
 169         status = wb_lookupuseraliases_recv(subreq, state, &num_rids, &rids);
 170         TALLOC_FREE(subreq);
 171         if (!NT_STATUS_IS_OK(status)) {
 172                 tevent_req_nterror(req, status);
 173                 return;
 174         }
 175         if (!wb_add_rids_to_sids(state, &state->num_sids, &state->sids,
 176                                  &global_sid_Builtin, num_rids, rids)) {
 177                 tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
 178                 return;
 179         }
 180         tevent_req_done(req);
 181 }
 182
 183 NTSTATUS wb_gettoken_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
 184                           int *num_sids, struct dom_sid **sids)
 185 {
 186         struct wb_gettoken_state *state = tevent_req_data(
 187                 req, struct wb_gettoken_state);
 188         NTSTATUS status;
 189
 190         if (tevent_req_is_nterror(req, &status)) {
 191                 return status;
 192         }
 193         *num_sids = state->num_sids;
 194         *sids = talloc_move(mem_ctx, &state->sids);
 195         return NT_STATUS_OK;
 196 }
 197
 198 static bool wb_add_rids_to_sids(TALLOC_CTX *mem_ctx,
 199                                 int *pnum_sids, struct dom_sid **psids,
 200                                 const struct dom_sid *domain_sid,
 201                                 int num_rids, uint32_t *rids)
 202 {
 203         struct dom_sid *sids;
 204         int i;
 205
 206         sids = talloc_realloc(mem_ctx, *psids, struct dom_sid,
 207                               *pnum_sids + num_rids);
 208         if (sids == NULL) {
 209                 return false;
 210         }
 211         for (i=0; i<num_rids; i++) {
 212                 sid_compose(&sids[i+*pnum_sids], domain_sid, rids[i]);
 213         }
 214
 215         *pnum_sids += num_rids;
 216         *psids = sids;
 217         return true;
 218 }