search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Apply some more of Derrell Lipman's changes.
[Samba/gebeck_regimport.git] / source3 / nsswitch / winbind_nss_linux.c
blobae2bcc7ade98c60e3b6dc4171b2b0588229e9873
1 /*
2 Unix SMB/CIFS implementation.
3
4 Windows NT Domain nsswitch module
5
6 Copyright (C) Tim Potter 2000
7
8 This library is free software; you can redistribute it and/or
9 modify it under the terms of the GNU Library General Public
10 License as published by the Free Software Foundation; either
11 version 2 of the License, or (at your option) any later version.
12
13 This library is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Library General Public License for more details.
17
18 You should have received a copy of the GNU Library General Public
19 License along with this library; if not, write to the
20 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
21 Boston, MA 02111-1307, USA.
22 */
23
24 #include "winbind_client.h"
25
26 /* Maximum number of users to pass back over the unix domain socket
27 per call. This is not a static limit on the total number of users
28 or groups returned in total. */
29
30 #define MAX_GETPWENT_USERS 250
31 #define MAX_GETGRENT_USERS 250
32
33 /* Prototypes from wb_common.c */
34
35 extern int winbindd_fd;
36
37 /* Allocate some space from the nss static buffer. The buffer and buflen
38 are the pointers passed in by the C library to the _nss_ntdom_*
39 functions. */
40
41 static char *get_static(char **buffer, size_t *buflen, size_t len)
42 {
43 char *result;
44
45 /* Error check. We return false if things aren't set up right, or
46 there isn't enough buffer space left. */
47
48 if ((buffer == NULL) || (buflen == NULL) || (*buflen < len)) {
49 return NULL;
50 }
51
52 /* Return an index into the static buffer */
53
54 result = *buffer;
55 *buffer += len;
56 *buflen -= len;
57
58 return result;
59 }
60
61 /* I've copied the strtok() replacement function next_token() from
62 lib/util_str.c as I really don't want to have to link in any other
63 objects if I can possibly avoid it. */
64
65 BOOL next_token(char **ptr,char *buff,char *sep, size_t bufsize)
66 {
67 char *s;
68 BOOL quoted;
69 size_t len=1;
70
71 if (!ptr) return(False);
72
73 s = *ptr;
74
75 /* default to simple separators */
76 if (!sep) sep = " \t\n\r";
77
78 /* find the first non sep char */
79 while (*s && strchr(sep,*s)) s++;
80
81 /* nothing left? */
82 if (! *s) return(False);
83
84 /* copy over the token */
85 for (quoted = False; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) {
86 if (*s == '\"') {
87 quoted = !quoted;
88 } else {
89 len++;
90 *buff++ = *s;
91 }
92 }
93
94 *ptr = (*s) ? s+1 : s;
95 *buff = 0;
96
97 return(True);
98 }
99
100
101 /* Fill a pwent structure from a winbindd_response structure. We use
102 the static data passed to us by libc to put strings and stuff in.
103 Return NSS_STATUS_TRYAGAIN if we run out of memory. */
104
105 static NSS_STATUS fill_pwent(struct passwd *result,
106 struct winbindd_pw *pw,
107 char **buffer, size_t *buflen)
108 {
109 /* User name */
110
111 if ((result->pw_name =
112 get_static(buffer, buflen, strlen(pw->pw_name) + 1)) == NULL) {
113
114 /* Out of memory */
115
116 return NSS_STATUS_TRYAGAIN;
117 }
118
119 strcpy(result->pw_name, pw->pw_name);
120
121 /* Password */
122
123 if ((result->pw_passwd =
124 get_static(buffer, buflen, strlen(pw->pw_passwd) + 1)) == NULL) {
125
126 /* Out of memory */
127
128 return NSS_STATUS_TRYAGAIN;
129 }
130
131 strcpy(result->pw_passwd, pw->pw_passwd);
132
133 /* [ug]id */
134
135 result->pw_uid = pw->pw_uid;
136 result->pw_gid = pw->pw_gid;
137
138 /* GECOS */
139
140 if ((result->pw_gecos =
141 get_static(buffer, buflen, strlen(pw->pw_gecos) + 1)) == NULL) {
142
143 /* Out of memory */
144
145 return NSS_STATUS_TRYAGAIN;
146 }
147
148 strcpy(result->pw_gecos, pw->pw_gecos);
149
150 /* Home directory */
151
152 if ((result->pw_dir =
153 get_static(buffer, buflen, strlen(pw->pw_dir) + 1)) == NULL) {
154
155 /* Out of memory */
156
157 return NSS_STATUS_TRYAGAIN;
158 }
159
160 strcpy(result->pw_dir, pw->pw_dir);
161
162 /* Logon shell */
163
164 if ((result->pw_shell =
165 get_static(buffer, buflen, strlen(pw->pw_shell) + 1)) == NULL) {
166
167 /* Out of memory */
168
169 return NSS_STATUS_TRYAGAIN;
170 }
171
172 strcpy(result->pw_shell, pw->pw_shell);
173
174 /* The struct passwd for Solaris has some extra fields which must
175 be initialised or nscd crashes. */
176
177 #if HAVE_PASSWD_PW_COMMENT
178 result->pw_comment = "";
179 #endif
180
181 #if HAVE_PASSWD_PW_AGE
182 result->pw_age = "";
183 #endif
184
185 return NSS_STATUS_SUCCESS;
186 }
187
188 /* Fill a grent structure from a winbindd_response structure. We use
189 the static data passed to us by libc to put strings and stuff in.
190 Return NSS_STATUS_TRYAGAIN if we run out of memory. */
191
192 static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
193 char *gr_mem, char **buffer, size_t *buflen)
194 {
195 fstring name;
196 int i;
197 char *tst;
198
199 /* Group name */
200
201 if ((result->gr_name =
202 get_static(buffer, buflen, strlen(gr->gr_name) + 1)) == NULL) {
203
204 /* Out of memory */
205
206 return NSS_STATUS_TRYAGAIN;
207 }
208
209 strcpy(result->gr_name, gr->gr_name);
210
211 /* Password */
212
213 if ((result->gr_passwd =
214 get_static(buffer, buflen, strlen(gr->gr_passwd) + 1)) == NULL) {
215
216 /* Out of memory */
217
218 return NSS_STATUS_TRYAGAIN;
219 }
220
221 strcpy(result->gr_passwd, gr->gr_passwd);
222
223 /* gid */
224
225 result->gr_gid = gr->gr_gid;
226
227 /* Group membership */
228
229 if ((gr->num_gr_mem < 0) || !gr_mem) {
230 gr->num_gr_mem = 0;
231 }
232
233 /* this next value is a pointer to a pointer so let's align it */
234
235 /* Calculate number of extra bytes needed to align on pointer size boundry */
236 if ((i = (unsigned long)(*buffer) % sizeof(char*)) != 0)
237 i = sizeof(char*) - i;
238
239 if ((tst = get_static(buffer, buflen, ((gr->num_gr_mem + 1) *
240 sizeof(char *)+i))) == NULL) {
241
242 /* Out of memory */
243
244 return NSS_STATUS_TRYAGAIN;
245 }
246 result->gr_mem = (char **)(tst + i);
247
248 if (gr->num_gr_mem == 0) {
249
250 /* Group is empty */
251
252 *(result->gr_mem) = NULL;
253 return NSS_STATUS_SUCCESS;
254 }
255
256 /* Start looking at extra data */
257
258 i = 0;
259
260 while(next_token((char **)&gr_mem, name, ",", sizeof(fstring))) {
261
262 /* Allocate space for member */
263
264 if (((result->gr_mem)[i] =
265 get_static(buffer, buflen, strlen(name) + 1)) == NULL) {
266
267 /* Out of memory */
268
269 return NSS_STATUS_TRYAGAIN;
270 }
271
272 strcpy((result->gr_mem)[i], name);
273 i++;
274 }
275
276 /* Terminate list */
277
278 (result->gr_mem)[i] = NULL;
279
280 return NSS_STATUS_SUCCESS;
281 }
282
283 /*
284 * NSS user functions
285 */
286
287 static struct winbindd_response getpwent_response;
288
289 static int ndx_pw_cache; /* Current index into pwd cache */
290 static int num_pw_cache; /* Current size of pwd cache */
291
292 /* Rewind "file pointer" to start of ntdom password database */
293
294 NSS_STATUS
295 _nss_winbind_setpwent(void)
296 {
297 #ifdef DEBUG_NSS
298 fprintf(stderr, "[%5d]: setpwent\n", getpid());
299 #endif
300
301 if (num_pw_cache > 0) {
302 ndx_pw_cache = num_pw_cache = 0;
303 free_response(&getpwent_response);
304 }
305
306 return winbindd_request(WINBINDD_SETPWENT, NULL, NULL);
307 }
308
309 /* Close ntdom password database "file pointer" */
310
311 NSS_STATUS
312 _nss_winbind_endpwent(void)
313 {
314 #ifdef DEBUG_NSS
315 fprintf(stderr, "[%5d]: endpwent\n", getpid());
316 #endif
317
318 if (num_pw_cache > 0) {
319 ndx_pw_cache = num_pw_cache = 0;
320 free_response(&getpwent_response);
321 }
322
323 return winbindd_request(WINBINDD_ENDPWENT, NULL, NULL);
324 }
325
326 /* Fetch the next password entry from ntdom password database */
327
328 NSS_STATUS
329 _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
330 size_t buflen, int *errnop)
331 {
332 NSS_STATUS ret;
333 struct winbindd_request request;
334 static int called_again;
335
336 #ifdef DEBUG_NSS
337 fprintf(stderr, "[%5d]: getpwent\n", getpid());
338 #endif
339
340 /* Return an entry from the cache if we have one, or if we are
341 called again because we exceeded our static buffer. */
342
343 if ((ndx_pw_cache < num_pw_cache) || called_again) {
344 goto return_result;
345 }
346
347 /* Else call winbindd to get a bunch of entries */
348
349 if (num_pw_cache > 0) {
350 free_response(&getpwent_response);
351 }
352
353 ZERO_STRUCT(request);
354 ZERO_STRUCT(getpwent_response);
355
356 request.data.num_entries = MAX_GETPWENT_USERS;
357
358 ret = winbindd_request(WINBINDD_GETPWENT, &request,
359 &getpwent_response);
360
361 if (ret == NSS_STATUS_SUCCESS) {
362 struct winbindd_pw *pw_cache;
363
364 /* Fill cache */
365
366 ndx_pw_cache = 0;
367 num_pw_cache = getpwent_response.data.num_entries;
368
369 /* Return a result */
370
371 return_result:
372
373 pw_cache = getpwent_response.extra_data;
374
375 /* Check data is valid */
376
377 if (pw_cache == NULL) {
378 return NSS_STATUS_NOTFOUND;
379 }
380
381 ret = fill_pwent(result, &pw_cache[ndx_pw_cache],
382 &buffer, &buflen);
383
384 /* Out of memory - try again */
385
386 if (ret == NSS_STATUS_TRYAGAIN) {
387 called_again = True;
388 *errnop = errno = ERANGE;
389 return ret;
390 }
391
392 *errnop = errno = 0;
393 called_again = False;
394 ndx_pw_cache++;
395
396 /* If we've finished with this lot of results free cache */
397
398 if (ndx_pw_cache == num_pw_cache) {
399 ndx_pw_cache = num_pw_cache = 0;
400 free_response(&getpwent_response);
401 }
402 }
403
404 return ret;
405 }
406
407 /* Return passwd struct from uid */
408
409 NSS_STATUS
410 _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer,
411 size_t buflen, int *errnop)
412 {
413 NSS_STATUS ret;
414 static struct winbindd_response response;
415 struct winbindd_request request;
416 static int keep_response=0;
417
418 /* If our static buffer needs to be expanded we are called again */
419 if (!keep_response) {
420
421 /* Call for the first time */
422
423 ZERO_STRUCT(response);
424 ZERO_STRUCT(request);
425
426 request.data.uid = uid;
427
428 ret = winbindd_request(WINBINDD_GETPWUID, &request, &response);
429
430 if (ret == NSS_STATUS_SUCCESS) {
431 ret = fill_pwent(result, &response.data.pw,
432 &buffer, &buflen);
433
434 if (ret == NSS_STATUS_TRYAGAIN) {
435 keep_response = True;
436 *errnop = errno = ERANGE;
437 return ret;
438 }
439 }
440
441 } else {
442
443 /* We've been called again */
444
445 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
446
447 if (ret == NSS_STATUS_TRYAGAIN) {
448 keep_response = True;
449 *errnop = errno = ERANGE;
450 return ret;
451 }
452
453 keep_response = False;
454 *errnop = errno = 0;
455 }
456
457 free_response(&response);
458 return ret;
459 }
460
461 /* Return passwd struct from username */
462
463 NSS_STATUS
464 _nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer,
465 size_t buflen, int *errnop)
466 {
467 NSS_STATUS ret;
468 static struct winbindd_response response;
469 struct winbindd_request request;
470 static int keep_response;
471
472 #ifdef DEBUG_NSS
473 fprintf(stderr, "[%5d]: getpwnam %s\n", getpid(), name);
474 #endif
475
476 /* If our static buffer needs to be expanded we are called again */
477
478 if (!keep_response) {
479
480 /* Call for the first time */
481
482 ZERO_STRUCT(response);
483 ZERO_STRUCT(request);
484
485 strncpy(request.data.username, name,
486 sizeof(request.data.username) - 1);
487 request.data.username
488 [sizeof(request.data.username) - 1] = '\0';
489
490 ret = winbindd_request(WINBINDD_GETPWNAM, &request, &response);
491
492 if (ret == NSS_STATUS_SUCCESS) {
493 ret = fill_pwent(result, &response.data.pw, &buffer,
494 &buflen);
495
496 if (ret == NSS_STATUS_TRYAGAIN) {
497 keep_response = True;
498 *errnop = errno = ERANGE;
499 return ret;
500 }
501 }
502
503 } else {
504
505 /* We've been called again */
506
507 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
508
509 if (ret == NSS_STATUS_TRYAGAIN) {
510 keep_response = True;
511 *errnop = errno = ERANGE;
512 return ret;
513 }
514
515 keep_response = False;
516 *errnop = errno = 0;
517 }
518
519 free_response(&response);
520 return ret;
521 }
522
523 /*
524 * NSS group functions
525 */
526
527 static struct winbindd_response getgrent_response;
528
529 static int ndx_gr_cache; /* Current index into grp cache */
530 static int num_gr_cache; /* Current size of grp cache */
531
532 /* Rewind "file pointer" to start of ntdom group database */
533
534 NSS_STATUS
535 _nss_winbind_setgrent(void)
536 {
537 #ifdef DEBUG_NSS
538 fprintf(stderr, "[%5d]: setgrent\n", getpid());
539 #endif
540
541 if (num_gr_cache > 0) {
542 ndx_gr_cache = num_gr_cache = 0;
543 free_response(&getgrent_response);
544 }
545
546 return winbindd_request(WINBINDD_SETGRENT, NULL, NULL);
547 }
548
549 /* Close "file pointer" for ntdom group database */
550
551 NSS_STATUS
552 _nss_winbind_endgrent(void)
553 {
554 #ifdef DEBUG_NSS
555 fprintf(stderr, "[%5d]: endgrent\n", getpid());
556 #endif
557
558 if (num_gr_cache > 0) {
559 ndx_gr_cache = num_gr_cache = 0;
560 free_response(&getgrent_response);
561 }
562
563 return winbindd_request(WINBINDD_ENDGRENT, NULL, NULL);
564 }
565
566 /* Get next entry from ntdom group database */
567
568 static NSS_STATUS
569 winbind_getgrent(enum winbindd_cmd cmd,
570 struct group *result,
571 char *buffer, size_t buflen, int *errnop)
572 {
573 NSS_STATUS ret;
574 static struct winbindd_request request;
575 static int called_again;
576
577
578 #ifdef DEBUG_NSS
579 fprintf(stderr, "[%5d]: getgrent\n", getpid());
580 #endif
581
582 /* Return an entry from the cache if we have one, or if we are
583 called again because we exceeded our static buffer. */
584
585 if ((ndx_gr_cache < num_gr_cache) || called_again) {
586 goto return_result;
587 }
588
589 /* Else call winbindd to get a bunch of entries */
590
591 if (num_gr_cache > 0) {
592 free_response(&getgrent_response);
593 }
594
595 ZERO_STRUCT(request);
596 ZERO_STRUCT(getgrent_response);
597
598 request.data.num_entries = MAX_GETGRENT_USERS;
599
600 ret = winbindd_request(cmd, &request,
601 &getgrent_response);
602
603 if (ret == NSS_STATUS_SUCCESS) {
604 struct winbindd_gr *gr_cache;
605 int mem_ofs;
606
607 /* Fill cache */
608
609 ndx_gr_cache = 0;
610 num_gr_cache = getgrent_response.data.num_entries;
611
612 /* Return a result */
613
614 return_result:
615
616 gr_cache = getgrent_response.extra_data;
617
618 /* Check data is valid */
619
620 if (gr_cache == NULL) {
621 return NSS_STATUS_NOTFOUND;
622 }
623
624 /* Fill group membership. The offset into the extra data
625 for the group membership is the reported offset plus the
626 size of all the winbindd_gr records returned. */
627
628 mem_ofs = gr_cache[ndx_gr_cache].gr_mem_ofs +
629 num_gr_cache * sizeof(struct winbindd_gr);
630
631 ret = fill_grent(result, &gr_cache[ndx_gr_cache],
632 ((char *)getgrent_response.extra_data)+mem_ofs,
633 &buffer, &buflen);
634
635 /* Out of memory - try again */
636
637 if (ret == NSS_STATUS_TRYAGAIN) {
638 called_again = True;
639 *errnop = errno = ERANGE;
640 return ret;
641 }
642
643 *errnop = 0;
644 called_again = False;
645 ndx_gr_cache++;
646
647 /* If we've finished with this lot of results free cache */
648
649 if (ndx_gr_cache == num_gr_cache) {
650 ndx_gr_cache = num_gr_cache = 0;
651 free_response(&getgrent_response);
652 }
653 }
654
655 return ret;
656 }
657
658
659 NSS_STATUS
660 _nss_winbind_getgrent_r(struct group *result,
661 char *buffer, size_t buflen, int *errnop)
662 {
663 return winbind_getgrent(WINBINDD_GETGRENT, result, buffer, buflen, errnop);
664 }
665
666 NSS_STATUS
667 _nss_winbind_getgrlst_r(struct group *result,
668 char *buffer, size_t buflen, int *errnop)
669 {
670 return winbind_getgrent(WINBINDD_GETGRLST, result, buffer, buflen, errnop);
671 }
672
673 /* Return group struct from group name */
674
675 NSS_STATUS
676 _nss_winbind_getgrnam_r(const char *name,
677 struct group *result, char *buffer,
678 size_t buflen, int *errnop)
679 {
680 NSS_STATUS ret;
681 static struct winbindd_response response;
682 struct winbindd_request request;
683 static int keep_response;
684
685 #ifdef DEBUG_NSS
686 fprintf(stderr, "[%5d]: getgrnam %s\n", getpid(), name);
687 #endif
688
689 /* If our static buffer needs to be expanded we are called again */
690
691 if (!keep_response) {
692
693 /* Call for the first time */
694
695 ZERO_STRUCT(request);
696 ZERO_STRUCT(response);
697
698 strncpy(request.data.groupname, name,
699 sizeof(request.data.groupname));
700 request.data.groupname
701 [sizeof(request.data.groupname) - 1] = '\0';
702
703 ret = winbindd_request(WINBINDD_GETGRNAM, &request, &response);
704
705 if (ret == NSS_STATUS_SUCCESS) {
706 ret = fill_grent(result, &response.data.gr,
707 response.extra_data,
708 &buffer, &buflen);
709
710 if (ret == NSS_STATUS_TRYAGAIN) {
711 keep_response = True;
712 *errnop = errno = ERANGE;
713 return ret;
714 }
715 }
716
717 } else {
718
719 /* We've been called again */
720
721 ret = fill_grent(result, &response.data.gr,
722 response.extra_data, &buffer, &buflen);
723
724 if (ret == NSS_STATUS_TRYAGAIN) {
725 keep_response = True;
726 *errnop = errno = ERANGE;
727 return ret;
728 }
729
730 keep_response = False;
731 *errnop = 0;
732 }
733
734 free_response(&response);
735 return ret;
736 }
737
738 /* Return group struct from gid */
739
740 NSS_STATUS
741 _nss_winbind_getgrgid_r(gid_t gid,
742 struct group *result, char *buffer,
743 size_t buflen, int *errnop)
744 {
745 NSS_STATUS ret;
746 static struct winbindd_response response;
747 struct winbindd_request request;
748 static int keep_response;
749
750 #ifdef DEBUG_NSS
751 fprintf(stderr, "[%5d]: getgrgid %d\n", getpid(), gid);
752 #endif
753
754 /* If our static buffer needs to be expanded we are called again */
755
756 if (!keep_response) {
757
758 /* Call for the first time */
759
760 ZERO_STRUCT(request);
761 ZERO_STRUCT(response);
762
763 request.data.gid = gid;
764
765 ret = winbindd_request(WINBINDD_GETGRGID, &request, &response);
766
767 if (ret == NSS_STATUS_SUCCESS) {
768
769 ret = fill_grent(result, &response.data.gr,
770 response.extra_data,
771 &buffer, &buflen);
772
773 if (ret == NSS_STATUS_TRYAGAIN) {
774 keep_response = True;
775 *errnop = errno = ERANGE;
776 return ret;
777 }
778 }
779
780 } else {
781
782 /* We've been called again */
783
784 ret = fill_grent(result, &response.data.gr,
785 response.extra_data, &buffer, &buflen);
786
787 if (ret == NSS_STATUS_TRYAGAIN) {
788 keep_response = True;
789 *errnop = errno = ERANGE;
790 return ret;
791 }
792
793 keep_response = False;
794 *errnop = 0;
795 }
796
797 free_response(&response);
798 return ret;
799 }
800
801 /* Initialise supplementary groups */
802
803 NSS_STATUS
804 _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start,
805 long int *size, gid_t **groups, long int limit,
806 int *errnop)
807 {
808 NSS_STATUS ret;
809 struct winbindd_request request;
810 struct winbindd_response response;
811 int i;
812
813 #ifdef DEBUG_NSS
814 fprintf(stderr, "[%5d]: initgroups %s (%d)\n", getpid(),
815 user, group);
816 #endif
817
818 ZERO_STRUCT(request);
819 ZERO_STRUCT(response);
820
821 strncpy(request.data.username, user,
822 sizeof(request.data.username) - 1);
823
824 ret = winbindd_request(WINBINDD_GETGROUPS, &request, &response);
825
826 if (ret == NSS_STATUS_SUCCESS) {
827 int num_gids = response.data.num_entries;
828 gid_t *gid_list = (gid_t *)response.extra_data;
829
830 /* Copy group list to client */
831
832 for (i = 0; i < num_gids; i++) {
833
834 /* Skip primary group */
835
836 if (gid_list[i] == group) continue;
837
838 /* Add to buffer */
839
840 if (*start == *size && limit <= 0) {
841 (*groups) = realloc(
842 (*groups), (2 * (*size) + 1) * sizeof(**groups));
843 if (! *groups) goto done;
844 *size = 2 * (*size) + 1;
845 }
846
847 if (*start == *size) goto done;
848
849 (*groups)[*start] = gid_list[i];
850 *start += 1;
851
852 /* Filled buffer? */
853
854 if (*start == limit) goto done;
855 }
856 }
857
858 /* Back to your regularly scheduled programming */
859
860 done:
861 return ret;
862 }
863
864
865 /* return a list of group SIDs for a user SID */
866 NSS_STATUS
867 _nss_winbind_getusersids(const char *user_sid, char **group_sids,
868 int *num_groups,
869 char *buffer, size_t buf_size, int *errnop)
870 {
871 NSS_STATUS ret;
872 struct winbindd_request request;
873 struct winbindd_response response;
874
875 #ifdef DEBUG_NSS
876 fprintf(stderr, "[%5d]: getusersids %s\n", getpid(), user_sid);
877 #endif
878
879 ZERO_STRUCT(request);
880 ZERO_STRUCT(response);
881
882 strncpy(request.data.sid, user_sid,sizeof(request.data.sid) - 1);
883 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
884
885 ret = winbindd_request(WINBINDD_GETUSERSIDS, &request, &response);
886
887 if (ret != NSS_STATUS_SUCCESS) {
888 goto done;
889 }
890
891 if (buf_size < response.length - sizeof(response)) {
892 ret = NSS_STATUS_TRYAGAIN;
893 errno = *errnop = ERANGE;
894 goto done;
895 }
896
897 *num_groups = response.data.num_entries;
898 *group_sids = buffer;
899 memcpy(buffer, response.extra_data, response.length - sizeof(response));
900 errno = *errnop = 0;
901
902 done:
903 free_response(&response);
904 return ret;
905 }
906
907
908 /* map a user or group name to a SID string */
909 NSS_STATUS
910 _nss_winbind_nametosid(const char *name, char **sid, char *buffer,
911 size_t buflen, int *errnop)
912 {
913 NSS_STATUS ret;
914 struct winbindd_response response;
915 struct winbindd_request request;
916
917 #ifdef DEBUG_NSS
918 fprintf(stderr, "[%5d]: nametosid %s\n", getpid(), name);
919 #endif
920
921 ZERO_STRUCT(response);
922 ZERO_STRUCT(request);
923
924 strncpy(request.data.name.name, name,
925 sizeof(request.data.name.name) - 1);
926 request.data.name.name[sizeof(request.data.name.name) - 1] = '\0';
927
928 ret = winbindd_request(WINBINDD_LOOKUPNAME, &request, &response);
929 if (ret != NSS_STATUS_SUCCESS) {
930 *errnop = errno = EINVAL;
931 goto failed;
932 }
933
934 if (buflen < strlen(response.data.sid.sid)+1) {
935 ret = NSS_STATUS_TRYAGAIN;
936 *errnop = errno = ERANGE;
937 goto failed;
938 }
939
940 *errnop = errno = 0;
941 *sid = buffer;
942 strcpy(*sid, response.data.sid.sid);
943
944 failed:
945 free_response(&response);
946 return ret;
947 }
948
949 /* map a sid string to a user or group name */
950 NSS_STATUS
951 _nss_winbind_sidtoname(const char *sid, char **name, char *buffer,
952 size_t buflen, int *errnop)
953 {
954 NSS_STATUS ret;
955 struct winbindd_response response;
956 struct winbindd_request request;
957 static char sep_char;
958 unsigned needed;
959
960 #ifdef DEBUG_NSS
961 fprintf(stderr, "[%5d]: sidtoname %s\n", getpid(), sid);
962 #endif
963
964 /* we need to fetch the separator first time through */
965 if (!sep_char) {
966 ZERO_STRUCT(response);
967 ZERO_STRUCT(request);
968
969 ret = winbindd_request(WINBINDD_INFO, &request, &response);
970 if (ret != NSS_STATUS_SUCCESS) {
971 *errnop = errno = EINVAL;
972 goto failed;
973 }
974
975 sep_char = response.data.info.winbind_separator;
976 free_response(&response);
977 }
978
979
980 strncpy(request.data.sid, sid,
981 sizeof(request.data.sid) - 1);
982 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
983
984 ret = winbindd_request(WINBINDD_LOOKUPSID, &request, &response);
985 if (ret != NSS_STATUS_SUCCESS) {
986 *errnop = errno = EINVAL;
987 goto failed;
988 }
989
990 needed =
991 strlen(response.data.name.dom_name) +
992 strlen(response.data.name.name) + 2;
993
994 if (buflen < needed) {
995 ret = NSS_STATUS_TRYAGAIN;
996 *errnop = errno = ERANGE;
997 goto failed;
998 }
999
1000 snprintf(buffer, needed, "%s%c%s",
1001 response.data.name.dom_name,
1002 sep_char,
1003 response.data.name.name);
1004
1005 *name = buffer;
1006 *errnop = errno = 0;
1007
1008 failed:
1009 free_response(&response);
1010 return ret;
1011 }
1012
1013 /* map a sid to a uid */
1014 NSS_STATUS
1015 _nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop)
1016 {
1017 NSS_STATUS ret;
1018 struct winbindd_response response;
1019 struct winbindd_request request;
1020
1021 #ifdef DEBUG_NSS
1022 fprintf(stderr, "[%5d]: sidtouid %s\n", getpid(), sid);
1023 #endif
1024
1025 ZERO_STRUCT(request);
1026 ZERO_STRUCT(response);
1027
1028 strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1);
1029 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
1030
1031 ret = winbindd_request(WINBINDD_SID_TO_UID, &request, &response);
1032 if (ret != NSS_STATUS_SUCCESS) {
1033 *errnop = errno = EINVAL;
1034 goto failed;
1035 }
1036
1037 *uid = response.data.uid;
1038
1039 failed:
1040 return ret;
1041 }
1042
1043 /* map a sid to a gid */
1044 NSS_STATUS
1045 _nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop)
1046 {
1047 NSS_STATUS ret;
1048 struct winbindd_response response;
1049 struct winbindd_request request;
1050
1051 #ifdef DEBUG_NSS
1052 fprintf(stderr, "[%5d]: sidtogid %s\n", getpid(), sid);
1053 #endif
1054
1055 ZERO_STRUCT(request);
1056 ZERO_STRUCT(response);
1057
1058 strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1);
1059 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
1060
1061 ret = winbindd_request(WINBINDD_SID_TO_GID, &request, &response);
1062 if (ret != NSS_STATUS_SUCCESS) {
1063 *errnop = errno = EINVAL;
1064 goto failed;
1065 }
1066
1067 *gid = response.data.gid;
1068
1069 failed:
1070 return ret;
1071 }
1072
1073 /* map a uid to a SID string */
1074 NSS_STATUS
1075 _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
1076 size_t buflen, int *errnop)
1077 {
1078 NSS_STATUS ret;
1079 struct winbindd_response response;
1080 struct winbindd_request request;
1081
1082 #ifdef DEBUG_NSS
1083 fprintf(stderr, "[%5u]: uidtosid %u\n", (unsigned int)getpid(), (unsigned int)uid);
1084 #endif
1085
1086 ZERO_STRUCT(response);
1087 ZERO_STRUCT(request);
1088
1089 request.data.uid = uid;
1090
1091 ret = winbindd_request(WINBINDD_UID_TO_SID, &request, &response);
1092 if (ret != NSS_STATUS_SUCCESS) {
1093 *errnop = errno = EINVAL;
1094 goto failed;
1095 }
1096
1097 if (buflen < strlen(response.data.sid.sid)+1) {
1098 ret = NSS_STATUS_TRYAGAIN;
1099 *errnop = errno = ERANGE;
1100 goto failed;
1101 }
1102
1103 *errnop = errno = 0;
1104 *sid = buffer;
1105 strcpy(*sid, response.data.sid.sid);
1106
1107 failed:
1108 free_response(&response);
1109 return ret;
1110 }
1111
1112 /* map a gid to a SID string */
1113 NSS_STATUS
1114 _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
1115 size_t buflen, int *errnop)
1116 {
1117 NSS_STATUS ret;
1118 struct winbindd_response response;
1119 struct winbindd_request request;
1120
1121 #ifdef DEBUG_NSS
1122 fprintf(stderr, "[%5u]: gidtosid %u\n", (unsigned int)getpid(), (unsigned int)gid);
1123 #endif
1124
1125 ZERO_STRUCT(response);
1126 ZERO_STRUCT(request);
1127
1128 request.data.gid = gid;
1129
1130 ret = winbindd_request(WINBINDD_GID_TO_SID, &request, &response);
1131 if (ret != NSS_STATUS_SUCCESS) {
1132 *errnop = errno = EINVAL;
1133 goto failed;
1134 }
1135
1136 if (buflen < strlen(response.data.sid.sid)+1) {
1137 ret = NSS_STATUS_TRYAGAIN;
1138 *errnop = errno = ERANGE;
1139 goto failed;
1140 }
1141
1142 *errnop = errno = 0;
1143 *sid = buffer;
1144 strcpy(*sid, response.data.sid.sid);
1145
1146 failed:
1147 free_response(&response);
1148 return ret;
1149 }
reg import