search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Samba 3: added Samba 3.0.24 sources
[tomato.git] / release / src / router / samba3 / source / nsswitch / winbind_nss_linux.c
blob78a39f2873178f6f6b71a2d848fda83a65e844df
1 /*
2 Unix SMB/CIFS implementation.
3
4 Windows NT Domain nsswitch module
5
6 Copyright (C) Tim Potter 2000
7
8 This library is free software; you can redistribute it and/or
9 modify it under the terms of the GNU Library General Public
10 License as published by the Free Software Foundation; either
11 version 2 of the License, or (at your option) any later version.
12
13 This library is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Library General Public License for more details.
17
18 You should have received a copy of the GNU Library General Public
19 License along with this library; if not, write to the
20 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
21 Boston, MA 02111-1307, USA.
22 */
23
24 #include "winbind_client.h"
25
26 /* Maximum number of users to pass back over the unix domain socket
27 per call. This is not a static limit on the total number of users
28 or groups returned in total. */
29
30 #define MAX_GETPWENT_USERS 250
31 #define MAX_GETGRENT_USERS 250
32
33 /* Prototypes from wb_common.c */
34
35 extern int winbindd_fd;
36
37 /* Allocate some space from the nss static buffer. The buffer and buflen
38 are the pointers passed in by the C library to the _nss_ntdom_*
39 functions. */
40
41 static char *get_static(char **buffer, size_t *buflen, size_t len)
42 {
43 char *result;
44
45 /* Error check. We return false if things aren't set up right, or
46 there isn't enough buffer space left. */
47
48 if ((buffer == NULL) || (buflen == NULL) || (*buflen < len)) {
49 return NULL;
50 }
51
52 /* Return an index into the static buffer */
53
54 result = *buffer;
55 *buffer += len;
56 *buflen -= len;
57
58 return result;
59 }
60
61 /* I've copied the strtok() replacement function next_token() from
62 lib/util_str.c as I really don't want to have to link in any other
63 objects if I can possibly avoid it. */
64
65 BOOL next_token(char **ptr,char *buff,const char *sep, size_t bufsize)
66 {
67 char *s;
68 BOOL quoted;
69 size_t len=1;
70
71 if (!ptr) return(False);
72
73 s = *ptr;
74
75 /* default to simple separators */
76 if (!sep) sep = " \t\n\r";
77
78 /* find the first non sep char */
79 while (*s && strchr(sep,*s)) s++;
80
81 /* nothing left? */
82 if (! *s) return(False);
83
84 /* copy over the token */
85 for (quoted = False; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) {
86 if (*s == '\"') {
87 quoted = !quoted;
88 } else {
89 len++;
90 *buff++ = *s;
91 }
92 }
93
94 *ptr = (*s) ? s+1 : s;
95 *buff = 0;
96
97 return(True);
98 }
99
100
101 /* Fill a pwent structure from a winbindd_response structure. We use
102 the static data passed to us by libc to put strings and stuff in.
103 Return NSS_STATUS_TRYAGAIN if we run out of memory. */
104
105 static NSS_STATUS fill_pwent(struct passwd *result,
106 struct winbindd_pw *pw,
107 char **buffer, size_t *buflen)
108 {
109 /* User name */
110
111 if ((result->pw_name =
112 get_static(buffer, buflen, strlen(pw->pw_name) + 1)) == NULL) {
113
114 /* Out of memory */
115
116 return NSS_STATUS_TRYAGAIN;
117 }
118
119 strcpy(result->pw_name, pw->pw_name);
120
121 /* Password */
122
123 if ((result->pw_passwd =
124 get_static(buffer, buflen, strlen(pw->pw_passwd) + 1)) == NULL) {
125
126 /* Out of memory */
127
128 return NSS_STATUS_TRYAGAIN;
129 }
130
131 strcpy(result->pw_passwd, pw->pw_passwd);
132
133 /* [ug]id */
134
135 result->pw_uid = pw->pw_uid;
136 result->pw_gid = pw->pw_gid;
137
138 /* GECOS */
139
140 if ((result->pw_gecos =
141 get_static(buffer, buflen, strlen(pw->pw_gecos) + 1)) == NULL) {
142
143 /* Out of memory */
144
145 return NSS_STATUS_TRYAGAIN;
146 }
147
148 strcpy(result->pw_gecos, pw->pw_gecos);
149
150 /* Home directory */
151
152 if ((result->pw_dir =
153 get_static(buffer, buflen, strlen(pw->pw_dir) + 1)) == NULL) {
154
155 /* Out of memory */
156
157 return NSS_STATUS_TRYAGAIN;
158 }
159
160 strcpy(result->pw_dir, pw->pw_dir);
161
162 /* Logon shell */
163
164 if ((result->pw_shell =
165 get_static(buffer, buflen, strlen(pw->pw_shell) + 1)) == NULL) {
166
167 /* Out of memory */
168
169 return NSS_STATUS_TRYAGAIN;
170 }
171
172 strcpy(result->pw_shell, pw->pw_shell);
173
174 /* The struct passwd for Solaris has some extra fields which must
175 be initialised or nscd crashes. */
176
177 #if HAVE_PASSWD_PW_COMMENT
178 result->pw_comment = "";
179 #endif
180
181 #if HAVE_PASSWD_PW_AGE
182 result->pw_age = "";
183 #endif
184
185 return NSS_STATUS_SUCCESS;
186 }
187
188 /* Fill a grent structure from a winbindd_response structure. We use
189 the static data passed to us by libc to put strings and stuff in.
190 Return NSS_STATUS_TRYAGAIN if we run out of memory. */
191
192 static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
193 char *gr_mem, char **buffer, size_t *buflen)
194 {
195 fstring name;
196 int i;
197 char *tst;
198
199 /* Group name */
200
201 if ((result->gr_name =
202 get_static(buffer, buflen, strlen(gr->gr_name) + 1)) == NULL) {
203
204 /* Out of memory */
205
206 return NSS_STATUS_TRYAGAIN;
207 }
208
209 strcpy(result->gr_name, gr->gr_name);
210
211 /* Password */
212
213 if ((result->gr_passwd =
214 get_static(buffer, buflen, strlen(gr->gr_passwd) + 1)) == NULL) {
215
216 /* Out of memory */
217
218 return NSS_STATUS_TRYAGAIN;
219 }
220
221 strcpy(result->gr_passwd, gr->gr_passwd);
222
223 /* gid */
224
225 result->gr_gid = gr->gr_gid;
226
227 /* Group membership */
228
229 if ((gr->num_gr_mem < 0) || !gr_mem) {
230 gr->num_gr_mem = 0;
231 }
232
233 /* this next value is a pointer to a pointer so let's align it */
234
235 /* Calculate number of extra bytes needed to align on pointer size boundry */
236 if ((i = (unsigned long)(*buffer) % sizeof(char*)) != 0)
237 i = sizeof(char*) - i;
238
239 if ((tst = get_static(buffer, buflen, ((gr->num_gr_mem + 1) *
240 sizeof(char *)+i))) == NULL) {
241
242 /* Out of memory */
243
244 return NSS_STATUS_TRYAGAIN;
245 }
246 result->gr_mem = (char **)(tst + i);
247
248 if (gr->num_gr_mem == 0) {
249
250 /* Group is empty */
251
252 *(result->gr_mem) = NULL;
253 return NSS_STATUS_SUCCESS;
254 }
255
256 /* Start looking at extra data */
257
258 i = 0;
259
260 while(next_token((char **)&gr_mem, name, ",", sizeof(fstring))) {
261
262 /* Allocate space for member */
263
264 if (((result->gr_mem)[i] =
265 get_static(buffer, buflen, strlen(name) + 1)) == NULL) {
266
267 /* Out of memory */
268
269 return NSS_STATUS_TRYAGAIN;
270 }
271
272 strcpy((result->gr_mem)[i], name);
273 i++;
274 }
275
276 /* Terminate list */
277
278 (result->gr_mem)[i] = NULL;
279
280 return NSS_STATUS_SUCCESS;
281 }
282
283 /*
284 * NSS user functions
285 */
286
287 static struct winbindd_response getpwent_response;
288
289 static int ndx_pw_cache; /* Current index into pwd cache */
290 static int num_pw_cache; /* Current size of pwd cache */
291
292 /* Rewind "file pointer" to start of ntdom password database */
293
294 NSS_STATUS
295 _nss_winbind_setpwent(void)
296 {
297 #ifdef DEBUG_NSS
298 fprintf(stderr, "[%5d]: setpwent\n", getpid());
299 #endif
300
301 if (num_pw_cache > 0) {
302 ndx_pw_cache = num_pw_cache = 0;
303 free_response(&getpwent_response);
304 }
305
306 return winbindd_request_response(WINBINDD_SETPWENT, NULL, NULL);
307 }
308
309 /* Close ntdom password database "file pointer" */
310
311 NSS_STATUS
312 _nss_winbind_endpwent(void)
313 {
314 #ifdef DEBUG_NSS
315 fprintf(stderr, "[%5d]: endpwent\n", getpid());
316 #endif
317
318 if (num_pw_cache > 0) {
319 ndx_pw_cache = num_pw_cache = 0;
320 free_response(&getpwent_response);
321 }
322
323 return winbindd_request_response(WINBINDD_ENDPWENT, NULL, NULL);
324 }
325
326 /* Fetch the next password entry from ntdom password database */
327
328 NSS_STATUS
329 _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
330 size_t buflen, int *errnop)
331 {
332 NSS_STATUS ret;
333 struct winbindd_request request;
334 static int called_again;
335
336 #ifdef DEBUG_NSS
337 fprintf(stderr, "[%5d]: getpwent\n", getpid());
338 #endif
339
340 /* Return an entry from the cache if we have one, or if we are
341 called again because we exceeded our static buffer. */
342
343 if ((ndx_pw_cache < num_pw_cache) || called_again) {
344 goto return_result;
345 }
346
347 /* Else call winbindd to get a bunch of entries */
348
349 if (num_pw_cache > 0) {
350 free_response(&getpwent_response);
351 }
352
353 ZERO_STRUCT(request);
354 ZERO_STRUCT(getpwent_response);
355
356 request.data.num_entries = MAX_GETPWENT_USERS;
357
358 ret = winbindd_request_response(WINBINDD_GETPWENT, &request,
359 &getpwent_response);
360
361 if (ret == NSS_STATUS_SUCCESS) {
362 struct winbindd_pw *pw_cache;
363
364 /* Fill cache */
365
366 ndx_pw_cache = 0;
367 num_pw_cache = getpwent_response.data.num_entries;
368
369 /* Return a result */
370
371 return_result:
372
373 pw_cache = getpwent_response.extra_data.data;
374
375 /* Check data is valid */
376
377 if (pw_cache == NULL) {
378 return NSS_STATUS_NOTFOUND;
379 }
380
381 ret = fill_pwent(result, &pw_cache[ndx_pw_cache],
382 &buffer, &buflen);
383
384 /* Out of memory - try again */
385
386 if (ret == NSS_STATUS_TRYAGAIN) {
387 called_again = True;
388 *errnop = errno = ERANGE;
389 return ret;
390 }
391
392 *errnop = errno = 0;
393 called_again = False;
394 ndx_pw_cache++;
395
396 /* If we've finished with this lot of results free cache */
397
398 if (ndx_pw_cache == num_pw_cache) {
399 ndx_pw_cache = num_pw_cache = 0;
400 free_response(&getpwent_response);
401 }
402 }
403
404 return ret;
405 }
406
407 /* Return passwd struct from uid */
408
409 NSS_STATUS
410 _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer,
411 size_t buflen, int *errnop)
412 {
413 NSS_STATUS ret;
414 static struct winbindd_response response;
415 struct winbindd_request request;
416 static int keep_response=0;
417
418 /* If our static buffer needs to be expanded we are called again */
419 if (!keep_response) {
420
421 /* Call for the first time */
422
423 ZERO_STRUCT(response);
424 ZERO_STRUCT(request);
425
426 request.data.uid = uid;
427
428 ret = winbindd_request_response(WINBINDD_GETPWUID, &request, &response);
429
430 if (ret == NSS_STATUS_SUCCESS) {
431 ret = fill_pwent(result, &response.data.pw,
432 &buffer, &buflen);
433
434 if (ret == NSS_STATUS_TRYAGAIN) {
435 keep_response = True;
436 *errnop = errno = ERANGE;
437 return ret;
438 }
439 }
440
441 } else {
442
443 /* We've been called again */
444
445 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
446
447 if (ret == NSS_STATUS_TRYAGAIN) {
448 keep_response = True;
449 *errnop = errno = ERANGE;
450 return ret;
451 }
452
453 keep_response = False;
454 *errnop = errno = 0;
455 }
456
457 free_response(&response);
458 return ret;
459 }
460
461 /* Return passwd struct from username */
462
463 NSS_STATUS
464 _nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer,
465 size_t buflen, int *errnop)
466 {
467 NSS_STATUS ret;
468 static struct winbindd_response response;
469 struct winbindd_request request;
470 static int keep_response;
471
472 #ifdef DEBUG_NSS
473 fprintf(stderr, "[%5d]: getpwnam %s\n", getpid(), name);
474 #endif
475
476 /* If our static buffer needs to be expanded we are called again */
477
478 if (!keep_response) {
479
480 /* Call for the first time */
481
482 ZERO_STRUCT(response);
483 ZERO_STRUCT(request);
484
485 strncpy(request.data.username, name,
486 sizeof(request.data.username) - 1);
487 request.data.username
488 [sizeof(request.data.username) - 1] = '\0';
489
490 ret = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response);
491
492 if (ret == NSS_STATUS_SUCCESS) {
493 ret = fill_pwent(result, &response.data.pw, &buffer,
494 &buflen);
495
496 if (ret == NSS_STATUS_TRYAGAIN) {
497 keep_response = True;
498 *errnop = errno = ERANGE;
499 return ret;
500 }
501 }
502
503 } else {
504
505 /* We've been called again */
506
507 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
508
509 if (ret == NSS_STATUS_TRYAGAIN) {
510 keep_response = True;
511 *errnop = errno = ERANGE;
512 return ret;
513 }
514
515 keep_response = False;
516 *errnop = errno = 0;
517 }
518
519 free_response(&response);
520 return ret;
521 }
522
523 /*
524 * NSS group functions
525 */
526
527 static struct winbindd_response getgrent_response;
528
529 static int ndx_gr_cache; /* Current index into grp cache */
530 static int num_gr_cache; /* Current size of grp cache */
531
532 /* Rewind "file pointer" to start of ntdom group database */
533
534 NSS_STATUS
535 _nss_winbind_setgrent(void)
536 {
537 #ifdef DEBUG_NSS
538 fprintf(stderr, "[%5d]: setgrent\n", getpid());
539 #endif
540
541 if (num_gr_cache > 0) {
542 ndx_gr_cache = num_gr_cache = 0;
543 free_response(&getgrent_response);
544 }
545
546 return winbindd_request_response(WINBINDD_SETGRENT, NULL, NULL);
547 }
548
549 /* Close "file pointer" for ntdom group database */
550
551 NSS_STATUS
552 _nss_winbind_endgrent(void)
553 {
554 #ifdef DEBUG_NSS
555 fprintf(stderr, "[%5d]: endgrent\n", getpid());
556 #endif
557
558 if (num_gr_cache > 0) {
559 ndx_gr_cache = num_gr_cache = 0;
560 free_response(&getgrent_response);
561 }
562
563 return winbindd_request_response(WINBINDD_ENDGRENT, NULL, NULL);
564 }
565
566 /* Get next entry from ntdom group database */
567
568 static NSS_STATUS
569 winbind_getgrent(enum winbindd_cmd cmd,
570 struct group *result,
571 char *buffer, size_t buflen, int *errnop)
572 {
573 NSS_STATUS ret;
574 static struct winbindd_request request;
575 static int called_again;
576
577
578 #ifdef DEBUG_NSS
579 fprintf(stderr, "[%5d]: getgrent\n", getpid());
580 #endif
581
582 /* Return an entry from the cache if we have one, or if we are
583 called again because we exceeded our static buffer. */
584
585 if ((ndx_gr_cache < num_gr_cache) || called_again) {
586 goto return_result;
587 }
588
589 /* Else call winbindd to get a bunch of entries */
590
591 if (num_gr_cache > 0) {
592 free_response(&getgrent_response);
593 }
594
595 ZERO_STRUCT(request);
596 ZERO_STRUCT(getgrent_response);
597
598 request.data.num_entries = MAX_GETGRENT_USERS;
599
600 ret = winbindd_request_response(cmd, &request,
601 &getgrent_response);
602
603 if (ret == NSS_STATUS_SUCCESS) {
604 struct winbindd_gr *gr_cache;
605 int mem_ofs;
606
607 /* Fill cache */
608
609 ndx_gr_cache = 0;
610 num_gr_cache = getgrent_response.data.num_entries;
611
612 /* Return a result */
613
614 return_result:
615
616 gr_cache = getgrent_response.extra_data.data;
617
618 /* Check data is valid */
619
620 if (gr_cache == NULL) {
621 return NSS_STATUS_NOTFOUND;
622 }
623
624 /* Fill group membership. The offset into the extra data
625 for the group membership is the reported offset plus the
626 size of all the winbindd_gr records returned. */
627
628 mem_ofs = gr_cache[ndx_gr_cache].gr_mem_ofs +
629 num_gr_cache * sizeof(struct winbindd_gr);
630
631 ret = fill_grent(result, &gr_cache[ndx_gr_cache],
632 ((char *)getgrent_response.extra_data.data)+mem_ofs,
633 &buffer, &buflen);
634
635 /* Out of memory - try again */
636
637 if (ret == NSS_STATUS_TRYAGAIN) {
638 called_again = True;
639 *errnop = errno = ERANGE;
640 return ret;
641 }
642
643 *errnop = 0;
644 called_again = False;
645 ndx_gr_cache++;
646
647 /* If we've finished with this lot of results free cache */
648
649 if (ndx_gr_cache == num_gr_cache) {
650 ndx_gr_cache = num_gr_cache = 0;
651 free_response(&getgrent_response);
652 }
653 }
654
655 return ret;
656 }
657
658
659 NSS_STATUS
660 _nss_winbind_getgrent_r(struct group *result,
661 char *buffer, size_t buflen, int *errnop)
662 {
663 return winbind_getgrent(WINBINDD_GETGRENT, result, buffer, buflen, errnop);
664 }
665
666 NSS_STATUS
667 _nss_winbind_getgrlst_r(struct group *result,
668 char *buffer, size_t buflen, int *errnop)
669 {
670 return winbind_getgrent(WINBINDD_GETGRLST, result, buffer, buflen, errnop);
671 }
672
673 /* Return group struct from group name */
674
675 NSS_STATUS
676 _nss_winbind_getgrnam_r(const char *name,
677 struct group *result, char *buffer,
678 size_t buflen, int *errnop)
679 {
680 NSS_STATUS ret;
681 static struct winbindd_response response;
682 struct winbindd_request request;
683 static int keep_response;
684
685 #ifdef DEBUG_NSS
686 fprintf(stderr, "[%5d]: getgrnam %s\n", getpid(), name);
687 #endif
688
689 /* If our static buffer needs to be expanded we are called again */
690
691 if (!keep_response) {
692
693 /* Call for the first time */
694
695 ZERO_STRUCT(request);
696 ZERO_STRUCT(response);
697
698 strncpy(request.data.groupname, name,
699 sizeof(request.data.groupname));
700 request.data.groupname
701 [sizeof(request.data.groupname) - 1] = '\0';
702
703 ret = winbindd_request_response(WINBINDD_GETGRNAM, &request, &response);
704
705 if (ret == NSS_STATUS_SUCCESS) {
706 ret = fill_grent(result, &response.data.gr,
707 response.extra_data.data,
708 &buffer, &buflen);
709
710 if (ret == NSS_STATUS_TRYAGAIN) {
711 keep_response = True;
712 *errnop = errno = ERANGE;
713 return ret;
714 }
715 }
716
717 } else {
718
719 /* We've been called again */
720
721 ret = fill_grent(result, &response.data.gr,
722 response.extra_data.data, &buffer, &buflen);
723
724 if (ret == NSS_STATUS_TRYAGAIN) {
725 keep_response = True;
726 *errnop = errno = ERANGE;
727 return ret;
728 }
729
730 keep_response = False;
731 *errnop = 0;
732 }
733
734 free_response(&response);
735 return ret;
736 }
737
738 /* Return group struct from gid */
739
740 NSS_STATUS
741 _nss_winbind_getgrgid_r(gid_t gid,
742 struct group *result, char *buffer,
743 size_t buflen, int *errnop)
744 {
745 NSS_STATUS ret;
746 static struct winbindd_response response;
747 struct winbindd_request request;
748 static int keep_response;
749
750 #ifdef DEBUG_NSS
751 fprintf(stderr, "[%5d]: getgrgid %d\n", getpid(), gid);
752 #endif
753
754 /* If our static buffer needs to be expanded we are called again */
755
756 if (!keep_response) {
757
758 /* Call for the first time */
759
760 ZERO_STRUCT(request);
761 ZERO_STRUCT(response);
762
763 request.data.gid = gid;
764
765 ret = winbindd_request_response(WINBINDD_GETGRGID, &request, &response);
766
767 if (ret == NSS_STATUS_SUCCESS) {
768
769 ret = fill_grent(result, &response.data.gr,
770 response.extra_data.data,
771 &buffer, &buflen);
772
773 if (ret == NSS_STATUS_TRYAGAIN) {
774 keep_response = True;
775 *errnop = errno = ERANGE;
776 return ret;
777 }
778 }
779
780 } else {
781
782 /* We've been called again */
783
784 ret = fill_grent(result, &response.data.gr,
785 response.extra_data.data, &buffer, &buflen);
786
787 if (ret == NSS_STATUS_TRYAGAIN) {
788 keep_response = True;
789 *errnop = errno = ERANGE;
790 return ret;
791 }
792
793 keep_response = False;
794 *errnop = 0;
795 }
796
797 free_response(&response);
798 return ret;
799 }
800
801 /* Initialise supplementary groups */
802
803 NSS_STATUS
804 _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start,
805 long int *size, gid_t **groups, long int limit,
806 int *errnop)
807 {
808 NSS_STATUS ret;
809 struct winbindd_request request;
810 struct winbindd_response response;
811 int i;
812
813 #ifdef DEBUG_NSS
814 fprintf(stderr, "[%5d]: initgroups %s (%d)\n", getpid(),
815 user, group);
816 #endif
817
818 ZERO_STRUCT(request);
819 ZERO_STRUCT(response);
820
821 strncpy(request.data.username, user,
822 sizeof(request.data.username) - 1);
823
824 ret = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response);
825
826 if (ret == NSS_STATUS_SUCCESS) {
827 int num_gids = response.data.num_entries;
828 gid_t *gid_list = (gid_t *)response.extra_data.data;
829
830 /* Copy group list to client */
831
832 for (i = 0; i < num_gids; i++) {
833
834 /* Skip primary group */
835
836 if (gid_list[i] == group) {
837 continue;
838 }
839
840 /* Filled buffer ? If so, resize. */
841
842 if (*start == *size) {
843 long int newsize;
844 gid_t *newgroups;
845
846 newsize = 2 * (*size);
847 if (limit > 0) {
848 if (*size == limit) {
849 goto done;
850 }
851 if (newsize > limit) {
852 newsize = limit;
853 }
854 }
855
856 newgroups = realloc((*groups), newsize * sizeof(**groups));
857 if (!newgroups) {
858 *errnop = ENOMEM;
859 ret = NSS_STATUS_NOTFOUND;
860 goto done;
861 }
862 *groups = newgroups;
863 *size = newsize;
864 }
865
866 /* Add to buffer */
867
868 (*groups)[*start] = gid_list[i];
869 *start += 1;
870 }
871 }
872
873 /* Back to your regularly scheduled programming */
874
875 done:
876 return ret;
877 }
878
879
880 /* return a list of group SIDs for a user SID */
881 NSS_STATUS
882 _nss_winbind_getusersids(const char *user_sid, char **group_sids,
883 int *num_groups,
884 char *buffer, size_t buf_size, int *errnop)
885 {
886 NSS_STATUS ret;
887 struct winbindd_request request;
888 struct winbindd_response response;
889
890 #ifdef DEBUG_NSS
891 fprintf(stderr, "[%5d]: getusersids %s\n", getpid(), user_sid);
892 #endif
893
894 ZERO_STRUCT(request);
895 ZERO_STRUCT(response);
896
897 strncpy(request.data.sid, user_sid,sizeof(request.data.sid) - 1);
898 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
899
900 ret = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response);
901
902 if (ret != NSS_STATUS_SUCCESS) {
903 goto done;
904 }
905
906 if (buf_size < response.length - sizeof(response)) {
907 ret = NSS_STATUS_TRYAGAIN;
908 errno = *errnop = ERANGE;
909 goto done;
910 }
911
912 *num_groups = response.data.num_entries;
913 *group_sids = buffer;
914 memcpy(buffer, response.extra_data.data, response.length - sizeof(response));
915 errno = *errnop = 0;
916
917 done:
918 free_response(&response);
919 return ret;
920 }
921
922
923 /* map a user or group name to a SID string */
924 NSS_STATUS
925 _nss_winbind_nametosid(const char *name, char **sid, char *buffer,
926 size_t buflen, int *errnop)
927 {
928 NSS_STATUS ret;
929 struct winbindd_response response;
930 struct winbindd_request request;
931
932 #ifdef DEBUG_NSS
933 fprintf(stderr, "[%5d]: nametosid %s\n", getpid(), name);
934 #endif
935
936 ZERO_STRUCT(response);
937 ZERO_STRUCT(request);
938
939 strncpy(request.data.name.name, name,
940 sizeof(request.data.name.name) - 1);
941 request.data.name.name[sizeof(request.data.name.name) - 1] = '\0';
942
943 ret = winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response);
944 if (ret != NSS_STATUS_SUCCESS) {
945 *errnop = errno = EINVAL;
946 goto failed;
947 }
948
949 if (buflen < strlen(response.data.sid.sid)+1) {
950 ret = NSS_STATUS_TRYAGAIN;
951 *errnop = errno = ERANGE;
952 goto failed;
953 }
954
955 *errnop = errno = 0;
956 *sid = buffer;
957 strcpy(*sid, response.data.sid.sid);
958
959 failed:
960 free_response(&response);
961 return ret;
962 }
963
964 /* map a sid string to a user or group name */
965 NSS_STATUS
966 _nss_winbind_sidtoname(const char *sid, char **name, char *buffer,
967 size_t buflen, int *errnop)
968 {
969 NSS_STATUS ret;
970 struct winbindd_response response;
971 struct winbindd_request request;
972 static char sep_char;
973 unsigned needed;
974
975 #ifdef DEBUG_NSS
976 fprintf(stderr, "[%5d]: sidtoname %s\n", getpid(), sid);
977 #endif
978
979 ZERO_STRUCT(response);
980 ZERO_STRUCT(request);
981
982 /* we need to fetch the separator first time through */
983 if (!sep_char) {
984 ret = winbindd_request_response(WINBINDD_INFO, &request, &response);
985 if (ret != NSS_STATUS_SUCCESS) {
986 *errnop = errno = EINVAL;
987 goto failed;
988 }
989
990 sep_char = response.data.info.winbind_separator;
991 free_response(&response);
992 }
993
994
995 strncpy(request.data.sid, sid,
996 sizeof(request.data.sid) - 1);
997 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
998
999 ret = winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response);
1000 if (ret != NSS_STATUS_SUCCESS) {
1001 *errnop = errno = EINVAL;
1002 goto failed;
1003 }
1004
1005 needed =
1006 strlen(response.data.name.dom_name) +
1007 strlen(response.data.name.name) + 2;
1008
1009 if (buflen < needed) {
1010 ret = NSS_STATUS_TRYAGAIN;
1011 *errnop = errno = ERANGE;
1012 goto failed;
1013 }
1014
1015 snprintf(buffer, needed, "%s%c%s",
1016 response.data.name.dom_name,
1017 sep_char,
1018 response.data.name.name);
1019
1020 *name = buffer;
1021 *errnop = errno = 0;
1022
1023 failed:
1024 free_response(&response);
1025 return ret;
1026 }
1027
1028 /* map a sid to a uid */
1029 NSS_STATUS
1030 _nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop)
1031 {
1032 NSS_STATUS ret;
1033 struct winbindd_response response;
1034 struct winbindd_request request;
1035
1036 #ifdef DEBUG_NSS
1037 fprintf(stderr, "[%5d]: sidtouid %s\n", getpid(), sid);
1038 #endif
1039
1040 ZERO_STRUCT(request);
1041 ZERO_STRUCT(response);
1042
1043 strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1);
1044 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
1045
1046 ret = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response);
1047 if (ret != NSS_STATUS_SUCCESS) {
1048 *errnop = errno = EINVAL;
1049 goto failed;
1050 }
1051
1052 *uid = response.data.uid;
1053
1054 failed:
1055 return ret;
1056 }
1057
1058 /* map a sid to a gid */
1059 NSS_STATUS
1060 _nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop)
1061 {
1062 NSS_STATUS ret;
1063 struct winbindd_response response;
1064 struct winbindd_request request;
1065
1066 #ifdef DEBUG_NSS
1067 fprintf(stderr, "[%5d]: sidtogid %s\n", getpid(), sid);
1068 #endif
1069
1070 ZERO_STRUCT(request);
1071 ZERO_STRUCT(response);
1072
1073 strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1);
1074 request.data.sid[sizeof(request.data.sid) - 1] = '\0';
1075
1076 ret = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response);
1077 if (ret != NSS_STATUS_SUCCESS) {
1078 *errnop = errno = EINVAL;
1079 goto failed;
1080 }
1081
1082 *gid = response.data.gid;
1083
1084 failed:
1085 return ret;
1086 }
1087
1088 /* map a uid to a SID string */
1089 NSS_STATUS
1090 _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
1091 size_t buflen, int *errnop)
1092 {
1093 NSS_STATUS ret;
1094 struct winbindd_response response;
1095 struct winbindd_request request;
1096
1097 #ifdef DEBUG_NSS
1098 fprintf(stderr, "[%5u]: uidtosid %u\n", (unsigned int)getpid(), (unsigned int)uid);
1099 #endif
1100
1101 ZERO_STRUCT(response);
1102 ZERO_STRUCT(request);
1103
1104 request.data.uid = uid;
1105
1106 ret = winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response);
1107 if (ret != NSS_STATUS_SUCCESS) {
1108 *errnop = errno = EINVAL;
1109 goto failed;
1110 }
1111
1112 if (buflen < strlen(response.data.sid.sid)+1) {
1113 ret = NSS_STATUS_TRYAGAIN;
1114 *errnop = errno = ERANGE;
1115 goto failed;
1116 }
1117
1118 *errnop = errno = 0;
1119 *sid = buffer;
1120 strcpy(*sid, response.data.sid.sid);
1121
1122 failed:
1123 free_response(&response);
1124 return ret;
1125 }
1126
1127 /* map a gid to a SID string */
1128 NSS_STATUS
1129 _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
1130 size_t buflen, int *errnop)
1131 {
1132 NSS_STATUS ret;
1133 struct winbindd_response response;
1134 struct winbindd_request request;
1135
1136 #ifdef DEBUG_NSS
1137 fprintf(stderr, "[%5u]: gidtosid %u\n", (unsigned int)getpid(), (unsigned int)gid);
1138 #endif
1139
1140 ZERO_STRUCT(response);
1141 ZERO_STRUCT(request);
1142
1143 request.data.gid = gid;
1144
1145 ret = winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response);
1146 if (ret != NSS_STATUS_SUCCESS) {
1147 *errnop = errno = EINVAL;
1148 goto failed;
1149 }
1150
1151 if (buflen < strlen(response.data.sid.sid)+1) {
1152 ret = NSS_STATUS_TRYAGAIN;
1153 *errnop = errno = ERANGE;
1154 goto failed;
1155 }
1156
1157 *errnop = errno = 0;
1158 *sid = buffer;
1159 strcpy(*sid, response.data.sid.sid);
1160
1161 failed:
1162 free_response(&response);
1163 return ret;
1164 }
Tomato firmware and modifications.