r84: Implement --required-membership-of=, an ntlm_auth option that restricts
[Samba/gebeck_regimport.git] / source / nsswitch / winbind_nss_linux.c
blobae2bcc7ade98c60e3b6dc4171b2b0588229e9873
1 /*
2 Unix SMB/CIFS implementation.
4 Windows NT Domain nsswitch module
6 Copyright (C) Tim Potter 2000
8 This library is free software; you can redistribute it and/or
9 modify it under the terms of the GNU Library General Public
10 License as published by the Free Software Foundation; either
11 version 2 of the License, or (at your option) any later version.
13 This library is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Library General Public License for more details.
18 You should have received a copy of the GNU Library General Public
19 License along with this library; if not, write to the
20 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
21 Boston, MA 02111-1307, USA.
24 #include "winbind_client.h"
26 /* Maximum number of users to pass back over the unix domain socket
27 per call. This is not a static limit on the total number of users
28 or groups returned in total. */
30 #define MAX_GETPWENT_USERS 250
31 #define MAX_GETGRENT_USERS 250
33 /* Prototypes from wb_common.c */
35 extern int winbindd_fd;
37 /* Allocate some space from the nss static buffer. The buffer and buflen
38 are the pointers passed in by the C library to the _nss_ntdom_*
39 functions. */
41 static char *get_static(char **buffer, size_t *buflen, size_t len)
43 char *result;
45 /* Error check. We return false if things aren't set up right, or
46 there isn't enough buffer space left. */
48 if ((buffer == NULL) || (buflen == NULL) || (*buflen < len)) {
49 return NULL;
52 /* Return an index into the static buffer */
54 result = *buffer;
55 *buffer += len;
56 *buflen -= len;
58 return result;
61 /* I've copied the strtok() replacement function next_token() from
62 lib/util_str.c as I really don't want to have to link in any other
63 objects if I can possibly avoid it. */
65 BOOL next_token(char **ptr,char *buff,char *sep, size_t bufsize)
67 char *s;
68 BOOL quoted;
69 size_t len=1;
71 if (!ptr) return(False);
73 s = *ptr;
75 /* default to simple separators */
76 if (!sep) sep = " \t\n\r";
78 /* find the first non sep char */
79 while (*s && strchr(sep,*s)) s++;
81 /* nothing left? */
82 if (! *s) return(False);
84 /* copy over the token */
85 for (quoted = False; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) {
86 if (*s == '\"') {
87 quoted = !quoted;
88 } else {
89 len++;
90 *buff++ = *s;
94 *ptr = (*s) ? s+1 : s;
95 *buff = 0;
97 return(True);
101 /* Fill a pwent structure from a winbindd_response structure. We use
102 the static data passed to us by libc to put strings and stuff in.
103 Return NSS_STATUS_TRYAGAIN if we run out of memory. */
105 static NSS_STATUS fill_pwent(struct passwd *result,
106 struct winbindd_pw *pw,
107 char **buffer, size_t *buflen)
109 /* User name */
111 if ((result->pw_name =
112 get_static(buffer, buflen, strlen(pw->pw_name) + 1)) == NULL) {
114 /* Out of memory */
116 return NSS_STATUS_TRYAGAIN;
119 strcpy(result->pw_name, pw->pw_name);
121 /* Password */
123 if ((result->pw_passwd =
124 get_static(buffer, buflen, strlen(pw->pw_passwd) + 1)) == NULL) {
126 /* Out of memory */
128 return NSS_STATUS_TRYAGAIN;
131 strcpy(result->pw_passwd, pw->pw_passwd);
133 /* [ug]id */
135 result->pw_uid = pw->pw_uid;
136 result->pw_gid = pw->pw_gid;
138 /* GECOS */
140 if ((result->pw_gecos =
141 get_static(buffer, buflen, strlen(pw->pw_gecos) + 1)) == NULL) {
143 /* Out of memory */
145 return NSS_STATUS_TRYAGAIN;
148 strcpy(result->pw_gecos, pw->pw_gecos);
150 /* Home directory */
152 if ((result->pw_dir =
153 get_static(buffer, buflen, strlen(pw->pw_dir) + 1)) == NULL) {
155 /* Out of memory */
157 return NSS_STATUS_TRYAGAIN;
160 strcpy(result->pw_dir, pw->pw_dir);
162 /* Logon shell */
164 if ((result->pw_shell =
165 get_static(buffer, buflen, strlen(pw->pw_shell) + 1)) == NULL) {
167 /* Out of memory */
169 return NSS_STATUS_TRYAGAIN;
172 strcpy(result->pw_shell, pw->pw_shell);
174 /* The struct passwd for Solaris has some extra fields which must
175 be initialised or nscd crashes. */
177 #if HAVE_PASSWD_PW_COMMENT
178 result->pw_comment = "";
179 #endif
181 #if HAVE_PASSWD_PW_AGE
182 result->pw_age = "";
183 #endif
185 return NSS_STATUS_SUCCESS;
188 /* Fill a grent structure from a winbindd_response structure. We use
189 the static data passed to us by libc to put strings and stuff in.
190 Return NSS_STATUS_TRYAGAIN if we run out of memory. */
192 static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
193 char *gr_mem, char **buffer, size_t *buflen)
195 fstring name;
196 int i;
197 char *tst;
199 /* Group name */
201 if ((result->gr_name =
202 get_static(buffer, buflen, strlen(gr->gr_name) + 1)) == NULL) {
204 /* Out of memory */
206 return NSS_STATUS_TRYAGAIN;
209 strcpy(result->gr_name, gr->gr_name);
211 /* Password */
213 if ((result->gr_passwd =
214 get_static(buffer, buflen, strlen(gr->gr_passwd) + 1)) == NULL) {
216 /* Out of memory */
218 return NSS_STATUS_TRYAGAIN;
221 strcpy(result->gr_passwd, gr->gr_passwd);
223 /* gid */
225 result->gr_gid = gr->gr_gid;
227 /* Group membership */
229 if ((gr->num_gr_mem < 0) || !gr_mem) {
230 gr->num_gr_mem = 0;
233 /* this next value is a pointer to a pointer so let's align it */
235 /* Calculate number of extra bytes needed to align on pointer size boundry */
236 if ((i = (unsigned long)(*buffer) % sizeof(char*)) != 0)
237 i = sizeof(char*) - i;
239 if ((tst = get_static(buffer, buflen, ((gr->num_gr_mem + 1) *
240 sizeof(char *)+i))) == NULL) {
242 /* Out of memory */
244 return NSS_STATUS_TRYAGAIN;
246 result->gr_mem = (char **)(tst + i);
248 if (gr->num_gr_mem == 0) {
250 /* Group is empty */
252 *(result->gr_mem) = NULL;
253 return NSS_STATUS_SUCCESS;
256 /* Start looking at extra data */
258 i = 0;
260 while(next_token((char **)&gr_mem, name, ",", sizeof(fstring))) {
262 /* Allocate space for member */
264 if (((result->gr_mem)[i] =
265 get_static(buffer, buflen, strlen(name) + 1)) == NULL) {
267 /* Out of memory */
269 return NSS_STATUS_TRYAGAIN;
272 strcpy((result->gr_mem)[i], name);
273 i++;
276 /* Terminate list */
278 (result->gr_mem)[i] = NULL;
280 return NSS_STATUS_SUCCESS;
284 * NSS user functions
287 static struct winbindd_response getpwent_response;
289 static int ndx_pw_cache; /* Current index into pwd cache */
290 static int num_pw_cache; /* Current size of pwd cache */
292 /* Rewind "file pointer" to start of ntdom password database */
294 NSS_STATUS
295 _nss_winbind_setpwent(void)
297 #ifdef DEBUG_NSS
298 fprintf(stderr, "[%5d]: setpwent\n", getpid());
299 #endif
301 if (num_pw_cache > 0) {
302 ndx_pw_cache = num_pw_cache = 0;
303 free_response(&getpwent_response);
306 return winbindd_request(WINBINDD_SETPWENT, NULL, NULL);
309 /* Close ntdom password database "file pointer" */
311 NSS_STATUS
312 _nss_winbind_endpwent(void)
314 #ifdef DEBUG_NSS
315 fprintf(stderr, "[%5d]: endpwent\n", getpid());
316 #endif
318 if (num_pw_cache > 0) {
319 ndx_pw_cache = num_pw_cache = 0;
320 free_response(&getpwent_response);
323 return winbindd_request(WINBINDD_ENDPWENT, NULL, NULL);
326 /* Fetch the next password entry from ntdom password database */
328 NSS_STATUS
329 _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
330 size_t buflen, int *errnop)
332 NSS_STATUS ret;
333 struct winbindd_request request;
334 static int called_again;
336 #ifdef DEBUG_NSS
337 fprintf(stderr, "[%5d]: getpwent\n", getpid());
338 #endif
340 /* Return an entry from the cache if we have one, or if we are
341 called again because we exceeded our static buffer. */
343 if ((ndx_pw_cache < num_pw_cache) || called_again) {
344 goto return_result;
347 /* Else call winbindd to get a bunch of entries */
349 if (num_pw_cache > 0) {
350 free_response(&getpwent_response);
353 ZERO_STRUCT(request);
354 ZERO_STRUCT(getpwent_response);
356 request.data.num_entries = MAX_GETPWENT_USERS;
358 ret = winbindd_request(WINBINDD_GETPWENT, &request,
359 &getpwent_response);
361 if (ret == NSS_STATUS_SUCCESS) {
362 struct winbindd_pw *pw_cache;
364 /* Fill cache */
366 ndx_pw_cache = 0;
367 num_pw_cache = getpwent_response.data.num_entries;
369 /* Return a result */
371 return_result:
373 pw_cache = getpwent_response.extra_data;
375 /* Check data is valid */
377 if (pw_cache == NULL) {
378 return NSS_STATUS_NOTFOUND;
381 ret = fill_pwent(result, &pw_cache[ndx_pw_cache],
382 &buffer, &buflen);
384 /* Out of memory - try again */
386 if (ret == NSS_STATUS_TRYAGAIN) {
387 called_again = True;
388 *errnop = errno = ERANGE;
389 return ret;
392 *errnop = errno = 0;
393 called_again = False;
394 ndx_pw_cache++;
396 /* If we've finished with this lot of results free cache */
398 if (ndx_pw_cache == num_pw_cache) {
399 ndx_pw_cache = num_pw_cache = 0;
400 free_response(&getpwent_response);
404 return ret;
407 /* Return passwd struct from uid */
409 NSS_STATUS
410 _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer,
411 size_t buflen, int *errnop)
413 NSS_STATUS ret;
414 static struct winbindd_response response;
415 struct winbindd_request request;
416 static int keep_response=0;
418 /* If our static buffer needs to be expanded we are called again */
419 if (!keep_response) {
421 /* Call for the first time */
423 ZERO_STRUCT(response);
424 ZERO_STRUCT(request);
426 request.data.uid = uid;
428 ret = winbindd_request(WINBINDD_GETPWUID, &request, &response);
430 if (ret == NSS_STATUS_SUCCESS) {
431 ret = fill_pwent(result, &response.data.pw,
432 &buffer, &buflen);
434 if (ret == NSS_STATUS_TRYAGAIN) {
435 keep_response = True;
436 *errnop = errno = ERANGE;
437 return ret;
441 } else {
443 /* We've been called again */
445 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
447 if (ret == NSS_STATUS_TRYAGAIN) {
448 keep_response = True;
449 *errnop = errno = ERANGE;
450 return ret;
453 keep_response = False;
454 *errnop = errno = 0;
457 free_response(&response);
458 return ret;
461 /* Return passwd struct from username */
463 NSS_STATUS
464 _nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer,
465 size_t buflen, int *errnop)
467 NSS_STATUS ret;
468 static struct winbindd_response response;
469 struct winbindd_request request;
470 static int keep_response;
472 #ifdef DEBUG_NSS
473 fprintf(stderr, "[%5d]: getpwnam %s\n", getpid(), name);
474 #endif
476 /* If our static buffer needs to be expanded we are called again */
478 if (!keep_response) {
480 /* Call for the first time */
482 ZERO_STRUCT(response);
483 ZERO_STRUCT(request);
485 strncpy(request.data.username, name,
486 sizeof(request.data.username) - 1);
487 request.data.username
488 [sizeof(request.data.username) - 1] = '\0';
490 ret = winbindd_request(WINBINDD_GETPWNAM, &request, &response);
492 if (ret == NSS_STATUS_SUCCESS) {
493 ret = fill_pwent(result, &response.data.pw, &buffer,
494 &buflen);
496 if (ret == NSS_STATUS_TRYAGAIN) {
497 keep_response = True;
498 *errnop = errno = ERANGE;
499 return ret;
503 } else {
505 /* We've been called again */
507 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
509 if (ret == NSS_STATUS_TRYAGAIN) {
510 keep_response = True;
511 *errnop = errno = ERANGE;
512 return ret;
515 keep_response = False;
516 *errnop = errno = 0;
519 free_response(&response);
520 return ret;
524 * NSS group functions
527 static struct winbindd_response getgrent_response;
529 static int ndx_gr_cache; /* Current index into grp cache */
530 static int num_gr_cache; /* Current size of grp cache */
532 /* Rewind "file pointer" to start of ntdom group database */
534 NSS_STATUS
535 _nss_winbind_setgrent(void)
537 #ifdef DEBUG_NSS
538 fprintf(stderr, "[%5d]: setgrent\n", getpid());
539 #endif
541 if (num_gr_cache > 0) {
542 ndx_gr_cache = num_gr_cache = 0;
543 free_response(&getgrent_response);
546 return winbindd_request(WINBINDD_SETGRENT, NULL, NULL);
549 /* Close "file pointer" for ntdom group database */
551 NSS_STATUS
552 _nss_winbind_endgrent(void)
554 #ifdef DEBUG_NSS
555 fprintf(stderr, "[%5d]: endgrent\n", getpid());
556 #endif
558 if (num_gr_cache > 0) {
559 ndx_gr_cache = num_gr_cache = 0;
560 free_response(&getgrent_response);
563 return winbindd_request(WINBINDD_ENDGRENT, NULL, NULL);
566 /* Get next entry from ntdom group database */
568 static NSS_STATUS
569 winbind_getgrent(enum winbindd_cmd cmd,
570 struct group *result,
571 char *buffer, size_t buflen, int *errnop)
573 NSS_STATUS ret;
574 static struct winbindd_request request;
575 static int called_again;
578 #ifdef DEBUG_NSS
579 fprintf(stderr, "[%5d]: getgrent\n", getpid());
580 #endif
582 /* Return an entry from the cache if we have one, or if we are
583 called again because we exceeded our static buffer. */
585 if ((ndx_gr_cache < num_gr_cache) || called_again) {
586 goto return_result;
589 /* Else call winbindd to get a bunch of entries */
591 if (num_gr_cache > 0) {
592 free_response(&getgrent_response);
595 ZERO_STRUCT(request);
596 ZERO_STRUCT(getgrent_response);
598 request.data.num_entries = MAX_GETGRENT_USERS;
600 ret = winbindd_request(cmd, &request,
601 &getgrent_response);
603 if (ret == NSS_STATUS_SUCCESS) {
604 struct winbindd_gr *gr_cache;
605 int mem_ofs;
607 /* Fill cache */
609 ndx_gr_cache = 0;
610 num_gr_cache = getgrent_response.data.num_entries;
612 /* Return a result */
614 return_result:
616 gr_cache = getgrent_response.extra_data;
618 /* Check data is valid */
620 if (gr_cache == NULL) {
621 return NSS_STATUS_NOTFOUND;
624 /* Fill group membership. The offset into the extra data
625 for the group membership is the reported offset plus the
626 size of all the winbindd_gr records returned. */
628 mem_ofs = gr_cache[ndx_gr_cache].gr_mem_ofs +
629 num_gr_cache * sizeof(struct winbindd_gr);
631 ret = fill_grent(result, &gr_cache[ndx_gr_cache],
632 ((char *)getgrent_response.extra_data)+mem_ofs,
633 &buffer, &buflen);
635 /* Out of memory - try again */
637 if (ret == NSS_STATUS_TRYAGAIN) {
638 called_again = True;
639 *errnop = errno = ERANGE;
640 return ret;
643 *errnop = 0;
644 called_again = False;
645 ndx_gr_cache++;
647 /* If we've finished with this lot of results free cache */
649 if (ndx_gr_cache == num_gr_cache) {
650 ndx_gr_cache = num_gr_cache = 0;
651 free_response(&getgrent_response);
655 return ret;
659 NSS_STATUS
660 _nss_winbind_getgrent_r(struct group *result,
661 char *buffer, size_t buflen, int *errnop)
663 return winbind_getgrent(WINBINDD_GETGRENT, result, buffer, buflen, errnop);
666 NSS_STATUS
667 _nss_winbind_getgrlst_r(struct group *result,
668 char *buffer, size_t buflen, int *errnop)
670 return winbind_getgrent(WINBINDD_GETGRLST, result, buffer, buflen, errnop);
673 /* Return group struct from group name */
675 NSS_STATUS
676 _nss_winbind_getgrnam_r(const char *name,
677 struct group *result, char *buffer,
678 size_t buflen, int *errnop)
680 NSS_STATUS ret;
681 static struct winbindd_response response;
682 struct winbindd_request request;
683 static int keep_response;
685 #ifdef DEBUG_NSS
686 fprintf(stderr, "[%5d]: getgrnam %s\n", getpid(), name);
687 #endif
689 /* If our static buffer needs to be expanded we are called again */
691 if (!keep_response) {
693 /* Call for the first time */
695 ZERO_STRUCT(request);
696 ZERO_STRUCT(response);
698 strncpy(request.data.groupname, name,
699 sizeof(request.data.groupname));
700 request.data.groupname
701 [sizeof(request.data.groupname) - 1] = '\0';
703 ret = winbindd_request(WINBINDD_GETGRNAM, &request, &response);
705 if (ret == NSS_STATUS_SUCCESS) {
706 ret = fill_grent(result, &response.data.gr,
707 response.extra_data,
708 &buffer, &buflen);
710 if (ret == NSS_STATUS_TRYAGAIN) {
711 keep_response = True;
712 *errnop = errno = ERANGE;
713 return ret;
717 } else {
719 /* We've been called again */
721 ret = fill_grent(result, &response.data.gr,
722 response.extra_data, &buffer, &buflen);
724 if (ret == NSS_STATUS_TRYAGAIN) {
725 keep_response = True;
726 *errnop = errno = ERANGE;
727 return ret;
730 keep_response = False;
731 *errnop = 0;
734 free_response(&response);
735 return ret;
738 /* Return group struct from gid */
740 NSS_STATUS
741 _nss_winbind_getgrgid_r(gid_t gid,
742 struct group *result, char *buffer,
743 size_t buflen, int *errnop)
745 NSS_STATUS ret;
746 static struct winbindd_response response;
747 struct winbindd_request request;
748 static int keep_response;
750 #ifdef DEBUG_NSS
751 fprintf(stderr, "[%5d]: getgrgid %d\n", getpid(), gid);
752 #endif
754 /* If our static buffer needs to be expanded we are called again */
756 if (!keep_response) {
758 /* Call for the first time */
760 ZERO_STRUCT(request);
761 ZERO_STRUCT(response);
763 request.data.gid = gid;
765 ret = winbindd_request(WINBINDD_GETGRGID, &request, &response);
767 if (ret == NSS_STATUS_SUCCESS) {
769 ret = fill_grent(result, &response.data.gr,
770 response.extra_data,
771 &buffer, &buflen);
773 if (ret == NSS_STATUS_TRYAGAIN) {
774 keep_response = True;
775 *errnop = errno = ERANGE;
776 return ret;
780 } else {
782 /* We've been called again */
784 ret = fill_grent(result, &response.data.gr,
785 response.extra_data, &buffer, &buflen);
787 if (ret == NSS_STATUS_TRYAGAIN) {
788 keep_response = True;
789 *errnop = errno = ERANGE;
790 return ret;
793 keep_response = False;
794 *errnop = 0;
797 free_response(&response);
798 return ret;
801 /* Initialise supplementary groups */
803 NSS_STATUS
804 _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start,
805 long int *size, gid_t **groups, long int limit,
806 int *errnop)
808 NSS_STATUS ret;
809 struct winbindd_request request;
810 struct winbindd_response response;
811 int i;
813 #ifdef DEBUG_NSS
814 fprintf(stderr, "[%5d]: initgroups %s (%d)\n", getpid(),
815 user, group);
816 #endif
818 ZERO_STRUCT(request);
819 ZERO_STRUCT(response);
821 strncpy(request.data.username, user,
822 sizeof(request.data.username) - 1);
824 ret = winbindd_request(WINBINDD_GETGROUPS, &request, &response);
826 if (ret == NSS_STATUS_SUCCESS) {
827 int num_gids = response.data.num_entries;
828 gid_t *gid_list = (gid_t *)response.extra_data;
830 /* Copy group list to client */
832 for (i = 0; i < num_gids; i++) {
834 /* Skip primary group */
836 if (gid_list[i] == group) continue;
838 /* Add to buffer */
840 if (*start == *size && limit <= 0) {
841 (*groups) = realloc(
842 (*groups), (2 * (*size) + 1) * sizeof(**groups));
843 if (! *groups) goto done;
844 *size = 2 * (*size) + 1;
847 if (*start == *size) goto done;
849 (*groups)[*start] = gid_list[i];
850 *start += 1;
852 /* Filled buffer? */
854 if (*start == limit) goto done;
858 /* Back to your regularly scheduled programming */
860 done:
861 return ret;
865 /* return a list of group SIDs for a user SID */
866 NSS_STATUS
867 _nss_winbind_getusersids(const char *user_sid, char **group_sids,
868 int *num_groups,
869 char *buffer, size_t buf_size, int *errnop)
871 NSS_STATUS ret;
872 struct winbindd_request request;
873 struct winbindd_response response;
875 #ifdef DEBUG_NSS
876 fprintf(stderr, "[%5d]: getusersids %s\n", getpid(), user_sid);
877 #endif
879 ZERO_STRUCT(request);
880 ZERO_STRUCT(response);
882 strncpy(request.data.sid, user_sid,sizeof(request.data.sid) - 1);
883 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
885 ret = winbindd_request(WINBINDD_GETUSERSIDS, &request, &response);
887 if (ret != NSS_STATUS_SUCCESS) {
888 goto done;
891 if (buf_size < response.length - sizeof(response)) {
892 ret = NSS_STATUS_TRYAGAIN;
893 errno = *errnop = ERANGE;
894 goto done;
897 *num_groups = response.data.num_entries;
898 *group_sids = buffer;
899 memcpy(buffer, response.extra_data, response.length - sizeof(response));
900 errno = *errnop = 0;
902 done:
903 free_response(&response);
904 return ret;
908 /* map a user or group name to a SID string */
909 NSS_STATUS
910 _nss_winbind_nametosid(const char *name, char **sid, char *buffer,
911 size_t buflen, int *errnop)
913 NSS_STATUS ret;
914 struct winbindd_response response;
915 struct winbindd_request request;
917 #ifdef DEBUG_NSS
918 fprintf(stderr, "[%5d]: nametosid %s\n", getpid(), name);
919 #endif
921 ZERO_STRUCT(response);
922 ZERO_STRUCT(request);
924 strncpy(request.data.name.name, name,
925 sizeof(request.data.name.name) - 1);
926 request.data.name.name[sizeof(request.data.name.name) - 1] = '\0';
928 ret = winbindd_request(WINBINDD_LOOKUPNAME, &request, &response);
929 if (ret != NSS_STATUS_SUCCESS) {
930 *errnop = errno = EINVAL;
931 goto failed;
934 if (buflen < strlen(response.data.sid.sid)+1) {
935 ret = NSS_STATUS_TRYAGAIN;
936 *errnop = errno = ERANGE;
937 goto failed;
940 *errnop = errno = 0;
941 *sid = buffer;
942 strcpy(*sid, response.data.sid.sid);
944 failed:
945 free_response(&response);
946 return ret;
949 /* map a sid string to a user or group name */
950 NSS_STATUS
951 _nss_winbind_sidtoname(const char *sid, char **name, char *buffer,
952 size_t buflen, int *errnop)
954 NSS_STATUS ret;
955 struct winbindd_response response;
956 struct winbindd_request request;
957 static char sep_char;
958 unsigned needed;
960 #ifdef DEBUG_NSS
961 fprintf(stderr, "[%5d]: sidtoname %s\n", getpid(), sid);
962 #endif
964 /* we need to fetch the separator first time through */
965 if (!sep_char) {
966 ZERO_STRUCT(response);
967 ZERO_STRUCT(request);
969 ret = winbindd_request(WINBINDD_INFO, &request, &response);
970 if (ret != NSS_STATUS_SUCCESS) {
971 *errnop = errno = EINVAL;
972 goto failed;
975 sep_char = response.data.info.winbind_separator;
976 free_response(&response);
980 strncpy(request.data.sid, sid,
981 sizeof(request.data.sid) - 1);
982 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
984 ret = winbindd_request(WINBINDD_LOOKUPSID, &request, &response);
985 if (ret != NSS_STATUS_SUCCESS) {
986 *errnop = errno = EINVAL;
987 goto failed;
990 needed =
991 strlen(response.data.name.dom_name) +
992 strlen(response.data.name.name) + 2;
994 if (buflen < needed) {
995 ret = NSS_STATUS_TRYAGAIN;
996 *errnop = errno = ERANGE;
997 goto failed;
1000 snprintf(buffer, needed, "%s%c%s",
1001 response.data.name.dom_name,
1002 sep_char,
1003 response.data.name.name);
1005 *name = buffer;
1006 *errnop = errno = 0;
1008 failed:
1009 free_response(&response);
1010 return ret;
1013 /* map a sid to a uid */
1014 NSS_STATUS
1015 _nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop)
1017 NSS_STATUS ret;
1018 struct winbindd_response response;
1019 struct winbindd_request request;
1021 #ifdef DEBUG_NSS
1022 fprintf(stderr, "[%5d]: sidtouid %s\n", getpid(), sid);
1023 #endif
1025 ZERO_STRUCT(request);
1026 ZERO_STRUCT(response);
1028 strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1);
1029 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
1031 ret = winbindd_request(WINBINDD_SID_TO_UID, &request, &response);
1032 if (ret != NSS_STATUS_SUCCESS) {
1033 *errnop = errno = EINVAL;
1034 goto failed;
1037 *uid = response.data.uid;
1039 failed:
1040 return ret;
1043 /* map a sid to a gid */
1044 NSS_STATUS
1045 _nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop)
1047 NSS_STATUS ret;
1048 struct winbindd_response response;
1049 struct winbindd_request request;
1051 #ifdef DEBUG_NSS
1052 fprintf(stderr, "[%5d]: sidtogid %s\n", getpid(), sid);
1053 #endif
1055 ZERO_STRUCT(request);
1056 ZERO_STRUCT(response);
1058 strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1);
1059 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
1061 ret = winbindd_request(WINBINDD_SID_TO_GID, &request, &response);
1062 if (ret != NSS_STATUS_SUCCESS) {
1063 *errnop = errno = EINVAL;
1064 goto failed;
1067 *gid = response.data.gid;
1069 failed:
1070 return ret;
1073 /* map a uid to a SID string */
1074 NSS_STATUS
1075 _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
1076 size_t buflen, int *errnop)
1078 NSS_STATUS ret;
1079 struct winbindd_response response;
1080 struct winbindd_request request;
1082 #ifdef DEBUG_NSS
1083 fprintf(stderr, "[%5u]: uidtosid %u\n", (unsigned int)getpid(), (unsigned int)uid);
1084 #endif
1086 ZERO_STRUCT(response);
1087 ZERO_STRUCT(request);
1089 request.data.uid = uid;
1091 ret = winbindd_request(WINBINDD_UID_TO_SID, &request, &response);
1092 if (ret != NSS_STATUS_SUCCESS) {
1093 *errnop = errno = EINVAL;
1094 goto failed;
1097 if (buflen < strlen(response.data.sid.sid)+1) {
1098 ret = NSS_STATUS_TRYAGAIN;
1099 *errnop = errno = ERANGE;
1100 goto failed;
1103 *errnop = errno = 0;
1104 *sid = buffer;
1105 strcpy(*sid, response.data.sid.sid);
1107 failed:
1108 free_response(&response);
1109 return ret;
1112 /* map a gid to a SID string */
1113 NSS_STATUS
1114 _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
1115 size_t buflen, int *errnop)
1117 NSS_STATUS ret;
1118 struct winbindd_response response;
1119 struct winbindd_request request;
1121 #ifdef DEBUG_NSS
1122 fprintf(stderr, "[%5u]: gidtosid %u\n", (unsigned int)getpid(), (unsigned int)gid);
1123 #endif
1125 ZERO_STRUCT(response);
1126 ZERO_STRUCT(request);
1128 request.data.gid = gid;
1130 ret = winbindd_request(WINBINDD_GID_TO_SID, &request, &response);
1131 if (ret != NSS_STATUS_SUCCESS) {
1132 *errnop = errno = EINVAL;
1133 goto failed;
1136 if (buflen < strlen(response.data.sid.sid)+1) {
1137 ret = NSS_STATUS_TRYAGAIN;
1138 *errnop = errno = ERANGE;
1139 goto failed;
1142 *errnop = errno = 0;
1143 *sid = buffer;
1144 strcpy(*sid, response.data.sid.sid);
1146 failed:
1147 free_response(&response);
1148 return ret;