2 Unix SMB/CIFS implementation.
3 async implementation of WINBINDD_GETGROUPS
4 Copyright (C) Volker Lendecke 2009
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 struct winbindd_getgroups_state
{
24 struct tevent_context
*ev
;
28 enum lsa_SidType type
;
36 static void winbindd_getgroups_lookupname_done(struct tevent_req
*subreq
);
37 static void winbindd_getgroups_gettoken_done(struct tevent_req
*subreq
);
38 static void winbindd_getgroups_sid2gid_done(struct tevent_req
*subreq
);
40 struct tevent_req
*winbindd_getgroups_send(TALLOC_CTX
*mem_ctx
,
41 struct tevent_context
*ev
,
42 struct winbindd_cli_state
*cli
,
43 struct winbindd_request
*request
)
45 struct tevent_req
*req
, *subreq
;
46 struct winbindd_getgroups_state
*state
;
47 char *domuser
, *mapped_user
;
48 struct winbindd_domain
*domain
;
51 req
= tevent_req_create(mem_ctx
, &state
,
52 struct winbindd_getgroups_state
);
58 /* Ensure null termination */
59 request
->data
.username
[sizeof(request
->data
.username
)-1]='\0';
61 DEBUG(3, ("getgroups %s\n", request
->data
.username
));
63 domuser
= request
->data
.username
;
65 status
= normalize_name_unmap(state
, domuser
, &mapped_user
);
67 if (NT_STATUS_IS_OK(status
)
68 || NT_STATUS_EQUAL(status
, NT_STATUS_FILE_RENAMED
)) {
69 /* normalize_name_unmapped did something */
70 domuser
= mapped_user
;
73 if (!parse_domain_user(domuser
, state
->domname
, state
->username
)) {
74 DEBUG(5, ("Could not parse domain user: %s\n", domuser
));
75 tevent_req_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
76 return tevent_req_post(req
, ev
);
79 domain
= find_domain_from_name_noinit(state
->domname
);
81 /* Retry with DNS name */
82 char *p
= strchr(domuser
, '@');
84 domain
= find_domain_from_name_noinit(p
+1);
88 DEBUG(7, ("could not find domain entry for domain %s\n",
90 tevent_req_nterror(req
, NT_STATUS_NO_SUCH_USER
);
91 return tevent_req_post(req
, ev
);
94 if (lp_winbind_trusted_domains_only() && domain
->primary
) {
95 DEBUG(7,("winbindd_getgroups: My domain -- "
96 "rejecting getgroups() for %s\\%s.\n",
97 state
->domname
, state
->username
));
98 tevent_req_nterror(req
, NT_STATUS_NO_SUCH_USER
);
99 return tevent_req_post(req
, ev
);
102 subreq
= wb_lookupname_send(state
, ev
, state
->domname
, state
->username
,
104 if (tevent_req_nomem(subreq
, req
)) {
105 return tevent_req_post(req
, ev
);
107 tevent_req_set_callback(subreq
, winbindd_getgroups_lookupname_done
,
112 static void winbindd_getgroups_lookupname_done(struct tevent_req
*subreq
)
114 struct tevent_req
*req
= tevent_req_callback_data(
115 subreq
, struct tevent_req
);
116 struct winbindd_getgroups_state
*state
= tevent_req_data(
117 req
, struct winbindd_getgroups_state
);
120 status
= wb_lookupname_recv(subreq
, &state
->sid
, &state
->type
);
122 if (!NT_STATUS_IS_OK(status
)) {
123 tevent_req_nterror(req
, status
);
127 subreq
= wb_gettoken_send(state
, state
->ev
, &state
->sid
);
128 if (tevent_req_nomem(subreq
, req
)) {
131 tevent_req_set_callback(subreq
, winbindd_getgroups_gettoken_done
, req
);
134 static void winbindd_getgroups_gettoken_done(struct tevent_req
*subreq
)
136 struct tevent_req
*req
= tevent_req_callback_data(
137 subreq
, struct tevent_req
);
138 struct winbindd_getgroups_state
*state
= tevent_req_data(
139 req
, struct winbindd_getgroups_state
);
142 status
= wb_gettoken_recv(subreq
, state
, &state
->num_sids
,
145 if (!NT_STATUS_IS_OK(status
)) {
146 tevent_req_nterror(req
, status
);
151 * Convert the group SIDs to gids. state->sids[0] contains the user
152 * sid, so start at index 1.
155 state
->gids
= talloc_array(state
, gid_t
, state
->num_sids
-1);
156 if (tevent_req_nomem(state
->gids
, req
)) {
162 subreq
= wb_sid2gid_send(state
, state
->ev
,
163 &state
->sids
[state
->next_sid
]);
164 if (tevent_req_nomem(subreq
, req
)) {
167 tevent_req_set_callback(subreq
, winbindd_getgroups_sid2gid_done
, req
);
170 static void winbindd_getgroups_sid2gid_done(struct tevent_req
*subreq
)
172 struct tevent_req
*req
= tevent_req_callback_data(
173 subreq
, struct tevent_req
);
174 struct winbindd_getgroups_state
*state
= tevent_req_data(
175 req
, struct winbindd_getgroups_state
);
178 status
= wb_sid2gid_recv(subreq
, &state
->gids
[state
->num_gids
]);
182 * In case of failure, just continue with the next gid
184 if (NT_STATUS_IS_OK(status
)) {
185 state
->num_gids
+= 1;
187 state
->next_sid
+= 1;
189 if (state
->next_sid
>= state
->num_sids
) {
190 tevent_req_done(req
);
194 subreq
= wb_sid2gid_send(state
, state
->ev
,
195 &state
->sids
[state
->next_sid
]);
196 if (tevent_req_nomem(subreq
, req
)) {
199 tevent_req_set_callback(subreq
, winbindd_getgroups_sid2gid_done
, req
);
202 NTSTATUS
winbindd_getgroups_recv(struct tevent_req
*req
,
203 struct winbindd_response
*response
)
205 struct winbindd_getgroups_state
*state
= tevent_req_data(
206 req
, struct winbindd_getgroups_state
);
209 if (tevent_req_is_nterror(req
, &status
)) {
210 DEBUG(5, ("Could not convert sid %s: %s\n",
211 sid_string_dbg(&state
->sid
), nt_errstr(status
)));
215 response
->data
.num_entries
= state
->num_gids
;
217 if (state
->num_gids
> 0) {
218 response
->extra_data
.data
= talloc_move(response
,
220 response
->length
+= state
->num_gids
* sizeof(gid_t
);