search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
samba-tool: Add samba-tool processes subcommand
[Samba/bb.git] / source3 / winbindd / winbindd_sids_to_xids.c
blobf500f248d4ae97eae7adcaa53dcdcbe15dc224ff
1 /*
2 Unix SMB/CIFS implementation.
3 async implementation of WINBINDD_SIDS_TO_XIDS
4 Copyright (C) Volker Lendecke 2011
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "winbindd.h"
22 #include "../libcli/security/security.h"
23 #include "librpc/gen_ndr/ndr_wbint_c.h"
24 #include "idmap_cache.h"
25
26 struct winbindd_sids_to_xids_state {
27 struct tevent_context *ev;
28 struct dom_sid *sids;
29 uint32_t num_sids;
30
31 struct id_map *cached;
32
33 struct dom_sid *non_cached;
34 uint32_t num_non_cached;
35
36 struct lsa_RefDomainList *domains;
37 struct lsa_TransNameArray *names;
38
39 struct wbint_TransIDArray ids;
40 };
41
42 static bool winbindd_sids_to_xids_in_cache(struct dom_sid *sid,
43 struct id_map *map);
44 static void winbindd_sids_to_xids_lookupsids_done(struct tevent_req *subreq);
45 static void winbindd_sids_to_xids_done(struct tevent_req *subreq);
46
47 struct tevent_req *winbindd_sids_to_xids_send(TALLOC_CTX *mem_ctx,
48 struct tevent_context *ev,
49 struct winbindd_cli_state *cli,
50 struct winbindd_request *request)
51 {
52 struct tevent_req *req, *subreq;
53 struct winbindd_sids_to_xids_state *state;
54 uint32_t i;
55
56 req = tevent_req_create(mem_ctx, &state,
57 struct winbindd_sids_to_xids_state);
58 if (req == NULL) {
59 return NULL;
60 }
61 state->ev = ev;
62
63 DEBUG(3, ("sids_to_xids\n"));
64
65 if (request->extra_len == 0) {
66 tevent_req_done(req);
67 return tevent_req_post(req, ev);
68 }
69 if (request->extra_data.data[request->extra_len-1] != '\0') {
70 DEBUG(10, ("Got invalid sids list\n"));
71 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
72 return tevent_req_post(req, ev);
73 }
74 if (!parse_sidlist(state, request->extra_data.data,
75 &state->sids, &state->num_sids)) {
76 DEBUG(10, ("parse_sidlist failed\n"));
77 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
78 return tevent_req_post(req, ev);
79 }
80
81 DEBUG(10, ("num_sids: %d\n", (int)state->num_sids));
82
83 state->cached = talloc_zero_array(state, struct id_map,
84 state->num_sids);
85 if (tevent_req_nomem(state->cached, req)) {
86 return tevent_req_post(req, ev);
87 }
88 state->non_cached = talloc_array(state, struct dom_sid,
89 state->num_sids);
90 if (tevent_req_nomem(state->non_cached, req)) {
91 return tevent_req_post(req, ev);
92 }
93
94 for (i=0; i<state->num_sids; i++) {
95
96 DEBUG(10, ("SID %d: %s\n", (int)i,
97 sid_string_dbg(&state->sids[i])));
98
99 if (winbindd_sids_to_xids_in_cache(&state->sids[i],
100 &state->cached[i])) {
101 continue;
102 }
103 sid_copy(&state->non_cached[state->num_non_cached],
104 &state->sids[i]);
105 state->num_non_cached += 1;
106 }
107
108 if (state->num_non_cached == 0) {
109 tevent_req_done(req);
110 return tevent_req_post(req, ev);
111 }
112
113 subreq = wb_lookupsids_send(state, ev, state->non_cached,
114 state->num_non_cached);
115 if (tevent_req_nomem(subreq, req)) {
116 return tevent_req_post(req, ev);
117 }
118 tevent_req_set_callback(subreq, winbindd_sids_to_xids_lookupsids_done,
119 req);
120 return req;
121 }
122
123 static bool winbindd_sids_to_xids_in_cache(struct dom_sid *sid,
124 struct id_map *map)
125 {
126 struct unixid id;
127 bool expired;
128
129 if (!winbindd_use_idmap_cache()) {
130 return false;
131 }
132 if (idmap_cache_find_sid2unixid(sid, &id, &expired)) {
133 if (expired && is_domain_online(find_our_domain())) {
134 return false;
135 }
136 map->sid = sid;
137 map->xid = id;
138 map->status = ID_MAPPED;
139 return true;
140 }
141 return false;
142 }
143
144
145 static void winbindd_sids_to_xids_lookupsids_done(struct tevent_req *subreq)
146 {
147 struct tevent_req *req = tevent_req_callback_data(
148 subreq, struct tevent_req);
149 struct winbindd_sids_to_xids_state *state = tevent_req_data(
150 req, struct winbindd_sids_to_xids_state);
151 struct winbindd_child *child;
152 NTSTATUS status;
153 int i;
154
155 status = wb_lookupsids_recv(subreq, state, &state->domains,
156 &state->names);
157 TALLOC_FREE(subreq);
158 if (tevent_req_nterror(req, status)) {
159 return;
160 }
161
162 state->ids.num_ids = state->num_non_cached;
163 state->ids.ids = talloc_array(state, struct wbint_TransID,
164 state->num_non_cached);
165 if (tevent_req_nomem(state->ids.ids, req)) {
166 return;
167 }
168
169 for (i=0; i<state->num_non_cached; i++) {
170 struct lsa_TranslatedName *n = &state->names->names[i];
171 struct wbint_TransID *t = &state->ids.ids[i];
172
173 switch (n->sid_type) {
174 case SID_NAME_USER:
175 case SID_NAME_COMPUTER:
176 t->type = ID_TYPE_UID;
177 break;
178 case SID_NAME_DOM_GRP:
179 case SID_NAME_ALIAS:
180 case SID_NAME_WKN_GRP:
181 t->type = ID_TYPE_GID;
182 break;
183 default:
184 t->type = ID_TYPE_NOT_SPECIFIED;
185 break;
186 };
187 t->domain_index = n->sid_index;
188 sid_peek_rid(&state->non_cached[i], &t->rid);
189 t->unix_id = (uint64_t)-1;
190 }
191
192 child = idmap_child();
193
194 subreq = dcerpc_wbint_Sids2UnixIDs_send(
195 state, state->ev, child->binding_handle, state->domains,
196 &state->ids);
197 if (tevent_req_nomem(subreq, req)) {
198 return;
199 }
200 tevent_req_set_callback(subreq, winbindd_sids_to_xids_done, req);
201 }
202
203 static void winbindd_sids_to_xids_done(struct tevent_req *subreq)
204 {
205 struct tevent_req *req = tevent_req_callback_data(
206 subreq, struct tevent_req);
207 struct winbindd_sids_to_xids_state *state = tevent_req_data(
208 req, struct winbindd_sids_to_xids_state);
209 NTSTATUS status, result;
210
211 status = dcerpc_wbint_Sids2UnixIDs_recv(subreq, state, &result);
212 TALLOC_FREE(subreq);
213 if (any_nt_status_not_ok(status, result, &status)) {
214 tevent_req_nterror(req, status);
215 return;
216 }
217 tevent_req_done(req);
218 }
219
220 NTSTATUS winbindd_sids_to_xids_recv(struct tevent_req *req,
221 struct winbindd_response *response)
222 {
223 struct winbindd_sids_to_xids_state *state = tevent_req_data(
224 req, struct winbindd_sids_to_xids_state);
225 NTSTATUS status;
226 char *result = NULL;
227 uint32_t i, num_non_cached;
228
229 if (tevent_req_is_nterror(req, &status)) {
230 DEBUG(5, ("wb_sids_to_xids failed: %s\n", nt_errstr(status)));
231 return status;
232 }
233
234 result = talloc_strdup(response, "");
235 if (result == NULL) {
236 return NT_STATUS_NO_MEMORY;
237 }
238
239 num_non_cached = 0;
240
241 for (i=0; i<state->num_sids; i++) {
242 char type = '\0';
243 uint32_t unix_id = UINT32_MAX;
244 bool found = true;
245
246 if (state->cached[i].sid != NULL) {
247 unix_id = state->cached[i].xid.id;
248
249 switch (state->cached[i].xid.type) {
250 case ID_TYPE_UID:
251 type = 'U';
252 break;
253 case ID_TYPE_GID:
254 type = 'G';
255 break;
256 case ID_TYPE_BOTH:
257 type = 'B';
258 break;
259 default:
260 found = false;
261 break;
262 }
263 } else {
264 struct unixid id;
265
266 unix_id = state->ids.ids[num_non_cached].unix_id;
267
268 id.id = unix_id;
269 id.type = state->ids.ids[num_non_cached].type;
270 idmap_cache_set_sid2unixid(
271 &state->non_cached[num_non_cached],
272 &id);
273
274 switch (id.type) {
275 case ID_TYPE_UID:
276 type = 'U';
277 break;
278 case ID_TYPE_GID:
279 type = 'G';
280 break;
281 case ID_TYPE_BOTH:
282 type = 'B';
283 break;
284 default:
285 found = false;
286 break;
287 }
288 num_non_cached += 1;
289 }
290
291 if (unix_id == UINT32_MAX) {
292 found = false;
293 }
294
295 if (found) {
296 result = talloc_asprintf_append_buffer(
297 result, "%c%lu\n", type,
298 (unsigned long)unix_id);
299 } else {
300 result = talloc_asprintf_append_buffer(result, "\n");
301 }
302 if (result == NULL) {
303 return NT_STATUS_NO_MEMORY;
304 }
305 }
306
307 response->extra_data.data = result;
308 response->length += talloc_get_size(result);
309 return NT_STATUS_OK;
310 }