2 Unix SMB/CIFS implementation.
4 Copyright (C) Volker Lendecke 2009
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/ndr_wbint_c.h"
24 struct wb_fill_pwent_state
{
25 struct tevent_context
*ev
;
26 struct wbint_userinfo
*info
;
27 struct winbindd_pw
*pw
;
30 static bool fillup_pw_field(const char *lp_template
,
38 static void wb_fill_pwent_sid2uid_done(struct tevent_req
*subreq
);
39 static void wb_fill_pwent_sid2gid_done(struct tevent_req
*subreq
);
41 struct tevent_req
*wb_fill_pwent_send(TALLOC_CTX
*mem_ctx
,
42 struct tevent_context
*ev
,
43 struct wbint_userinfo
*info
,
44 struct winbindd_pw
*pw
)
46 struct tevent_req
*req
, *subreq
;
47 struct wb_fill_pwent_state
*state
;
49 req
= tevent_req_create(mem_ctx
, &state
, struct wb_fill_pwent_state
);
57 subreq
= wb_sids2xids_send(state
, state
->ev
, &state
->info
->user_sid
, 1);
58 if (tevent_req_nomem(subreq
, req
)) {
59 return tevent_req_post(req
, ev
);
61 tevent_req_set_callback(subreq
, wb_fill_pwent_sid2uid_done
, req
);
65 static void wb_fill_pwent_sid2uid_done(struct tevent_req
*subreq
)
67 struct tevent_req
*req
= tevent_req_callback_data(
68 subreq
, struct tevent_req
);
69 struct wb_fill_pwent_state
*state
= tevent_req_data(
70 req
, struct wb_fill_pwent_state
);
74 status
= wb_sids2xids_recv(subreq
, &xid
);
76 if (tevent_req_nterror(req
, status
)) {
81 * We are filtering further down in sids2xids, but that filtering
82 * depends on the actual type of the sid handed in (as determined
83 * by lookupsids). Here we need to filter for the type of object
84 * actually requested, in this case uid.
86 if (!(xid
.type
== ID_TYPE_UID
|| xid
.type
== ID_TYPE_BOTH
)) {
87 tevent_req_nterror(req
, NT_STATUS_NONE_MAPPED
);
91 state
->pw
->pw_uid
= (uid_t
)xid
.id
;
93 subreq
= wb_sids2xids_send(state
, state
->ev
, &state
->info
->group_sid
, 1);
94 if (tevent_req_nomem(subreq
, req
)) {
97 tevent_req_set_callback(subreq
, wb_fill_pwent_sid2gid_done
, req
);
100 static void wb_fill_pwent_sid2gid_done(struct tevent_req
*subreq
)
102 struct tevent_req
*req
= tevent_req_callback_data(
103 subreq
, struct tevent_req
);
104 struct wb_fill_pwent_state
*state
= tevent_req_data(
105 req
, struct wb_fill_pwent_state
);
106 struct winbindd_domain
*domain
;
108 fstring user_name
, output_username
;
109 char *mapped_name
= NULL
;
113 status
= wb_sids2xids_recv(subreq
, &xid
);
115 if (tevent_req_nterror(req
, status
)) {
120 * We are filtering further down in sids2xids, but that filtering
121 * depends on the actual type of the sid handed in (as determined
122 * by lookupsids). Here we need to filter for the type of object
123 * actually requested, in this case uid.
125 if (!(xid
.type
== ID_TYPE_GID
|| xid
.type
== ID_TYPE_BOTH
)) {
126 tevent_req_nterror(req
, NT_STATUS_NONE_MAPPED
);
130 state
->pw
->pw_gid
= (gid_t
)xid
.id
;
132 domain
= find_domain_from_sid_noinit(&state
->info
->user_sid
);
133 if (domain
== NULL
) {
134 tevent_req_nterror(req
, NT_STATUS_NO_SUCH_USER
);
137 dom_name
= domain
->name
;
141 fstrcpy(user_name
, state
->info
->acct_name
);
142 if (!strlower_m(user_name
)) {
143 tevent_req_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
146 status
= normalize_name_map(state
, domain
, user_name
, &mapped_name
);
148 /* Basic removal of whitespace */
149 if (NT_STATUS_IS_OK(status
)) {
150 fill_domain_username(output_username
, dom_name
, mapped_name
,
153 /* Complete name replacement */
154 else if (NT_STATUS_EQUAL(status
, NT_STATUS_FILE_RENAMED
)) {
155 fstrcpy(output_username
, mapped_name
);
157 /* No change at all */
159 fill_domain_username(output_username
, dom_name
, user_name
,
163 strlcpy(state
->pw
->pw_name
,
165 sizeof(state
->pw
->pw_name
));
166 fstrcpy(state
->pw
->pw_gecos
, state
->info
->full_name
);
168 /* Home directory and shell */
170 if (!fillup_pw_field(lp_template_homedir(), user_name
, dom_name
,
171 state
->pw
->pw_uid
, state
->pw
->pw_gid
,
172 state
->info
->homedir
, state
->pw
->pw_dir
)) {
173 tevent_req_nterror(req
, NT_STATUS_NO_SUCH_USER
);
177 if (!fillup_pw_field(lp_template_shell(), user_name
, dom_name
,
178 state
->pw
->pw_uid
, state
->pw
->pw_gid
,
179 state
->info
->shell
, state
->pw
->pw_shell
)) {
180 tevent_req_nterror(req
, NT_STATUS_NO_SUCH_USER
);
184 /* Password - set to "*" as we can't generate anything useful here.
185 Authentication can be done using the pam_winbind module. */
187 fstrcpy(state
->pw
->pw_passwd
, "*");
188 tevent_req_done(req
);
191 NTSTATUS
wb_fill_pwent_recv(struct tevent_req
*req
)
193 return tevent_req_simple_recv_ntstatus(req
);
196 static bool fillup_pw_field(const char *lp_template
,
197 const char *username
,
209 /* The substitution of %U and %D in the 'template
210 homedir' is done by talloc_sub_specified() below.
211 If we have an in string (which means the value has already
212 been set in the nss_info backend), then use that.
213 Otherwise use the template value passed in. */
215 if ((in
!= NULL
) && (in
[0] != '\0') && (lp_security() == SEC_ADS
)) {
216 templ
= talloc_sub_specified(talloc_tos(), in
,
220 templ
= talloc_sub_specified(talloc_tos(), lp_template
,
228 strlcpy(out
, templ
, sizeof(fstring
));