summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/Makefile.in40
-rw-r--r--source3/configure.in3
-rw-r--r--source3/passdb/passdb.c114
-rw-r--r--source3/passdb/pdb_tdb.c2
-rw-r--r--source3/sam/idmap_util.c115
-rw-r--r--source3/sam/idmap_winbind.c165
6 files changed, 134 insertions, 305 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index c72fc11ac5..1bfb99f645 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -286,8 +286,6 @@ XML_OBJ = passdb/pdb_xml.o
MYSQL_OBJ = passdb/pdb_mysql.o
DEVEL_HELP_OBJ = modules/weird.o
-IDMAP_OBJ = sam/idmap.o sam/idmap_util.o @IDMAP_STATIC@
-
GROUPDB_OBJ = groupdb/mapping.o
PROFILE_OBJ = profile/profile.o
@@ -351,7 +349,7 @@ SMBD_OBJ_BASE = $(PARAM_OBJ) $(SMBD_OBJ_SRV) $(MSDFS_OBJ) $(LIBSMB_OBJ) \
$(NOTIFY_OBJ) $(GROUPDB_OBJ) $(AUTH_OBJ) \
$(LIBMSRPC_OBJ) \
$(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(LIBADS_SERVER_OBJ) \
- $(LIB_SMBD_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) $(IDMAP_OBJ) \
+ $(LIB_SMBD_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) \
$(UBIQX_OBJ) $(BUILDOPT_OBJ) $(SMBLDAP_OBJ)
PRINTING_OBJ = printing/pcap.o printing/print_svid.o \
@@ -392,7 +390,7 @@ SWAT_OBJ1 = web/cgi.o web/diagnose.o web/startstop.o web/statuspage.o \
SWAT_OBJ = $(SWAT_OBJ1) $(PARAM_OBJ) $(PRINTING_OBJ) $(LIBSMB_OBJ) \
$(LOCKING_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(KRBCLIENT_OBJ) \
$(UBIQX_OBJ) $(LIB_OBJ) $(GROUPDB_OBJ) $(PLAINTEXT_AUTH_OBJ) \
- $(POPT_LIB_OBJ) $(IDMAP_OBJ) $(SMBLDAP_OBJ)
+ $(POPT_LIB_OBJ) $(SMBLDAP_OBJ)
SMBSH_OBJ = smbwrapper/smbsh.o smbwrapper/shared.o \
$(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ)
@@ -417,11 +415,11 @@ TESTPRNS_OBJ = utils/testprns.o $(PARAM_OBJ) $(PRINTING_OBJ) $(UBIQX_OBJ) \
SMBPASSWD_OBJ = utils/smbpasswd.o $(PARAM_OBJ) $(SECRETS_OBJ) \
$(LIBSMB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ)\
$(UBIQX_OBJ) $(LIB_OBJ) $(KRBCLIENT_OBJ) \
- $(IDMAP_OBJ) $(SMBLDAP_OBJ)
+ $(SMBLDAP_OBJ)
PDBEDIT_OBJ = utils/pdbedit.o $(PARAM_OBJ) $(PASSDB_OBJ) $(LIBSAMBA_OBJ) \
$(UBIQX_OBJ) $(LIB_OBJ) $(GROUPDB_OBJ) $(SECRETS_OBJ) \
- $(POPT_LIB_OBJ) $(IDMAP_OBJ) $(SMBLDAP_OBJ)
+ $(POPT_LIB_OBJ) $(SMBLDAP_OBJ)
RPCCLIENT_OBJ1 = rpcclient/rpcclient.o rpcclient/cmd_lsarpc.o \
rpcclient/cmd_samr.o rpcclient/cmd_spoolss.o \
@@ -435,7 +433,7 @@ RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \
$(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(LIBMSRPC_OBJ) \
$(READLINE_OBJ) $(GROUPDB_OBJ) $(KRBCLIENT_OBJ) \
$(LIBADS_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) \
- $(IDMAP_OBJ) $(SMBLDAP_OBJ) $(DCUTIL_OBJ)
+ $(SMBLDAP_OBJ) $(DCUTIL_OBJ)
PAM_WINBIND_OBJ = nsswitch/pam_winbind.po nsswitch/wb_common.po lib/snprintf.po
@@ -483,7 +481,7 @@ NET_OBJ = $(NET_OBJ1) $(PARAM_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \
$(KRBCLIENT_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
$(LIBMSRPC_OBJ) \
$(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) $(POPT_LIB_OBJ) \
- $(IDMAP_OBJ) $(SMBLDAP_OBJ) $(DCUTIL_OBJ)
+ $(SMBLDAP_OBJ) $(DCUTIL_OBJ)
CUPS_OBJ = client/smbspool.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \
$(LIB_OBJ) $(KRBCLIENT_OBJ)
@@ -562,7 +560,7 @@ PROTO_OBJ = $(SMBD_OBJ_MAIN) \
$(LIB_SMBD_OBJ) $(SAM_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) \
$(RPC_LSA_OBJ) $(RPC_NETLOG_OBJ) $(RPC_SAMR_OBJ) $(RPC_REG_OBJ) \
$(RPC_SVC_OBJ) $(RPC_WKS_OBJ) $(RPC_DFS_OBJ) $(RPC_SPOOLSS_OBJ) \
- $(IDMAP_OBJ) $(RPC_ECHO_OBJ) $(SMBLDAP_OBJ)
+ $(RPC_ECHO_OBJ) $(SMBLDAP_OBJ)
WINBIND_WINS_NSS_OBJ = nsswitch/wins.o $(PARAM_OBJ) $(UBIQX_OBJ) \
$(LIBSMB_OBJ) $(LIB_OBJ) $(NSSWINS_OBJ)
@@ -576,7 +574,7 @@ PAM_SMBPASS_OBJ_0 = pam_smbpass/pam_smb_auth.o pam_smbpass/pam_smb_passwd.o \
pam_smbpass/pam_smb_acct.o pam_smbpass/support.o \
libsmb/smbencrypt.o libsmb/smbdes.o libsmb/nterr.o \
$(PARAM_OBJ) $(LIB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
- $(SECRETS_OBJ) $(UBIQX_OBJ) $(IDMAP_OBJ)
+ $(SECRETS_OBJ) $(UBIQX_OBJ)
PAM_SMBPASS_PICOOBJ = $(PAM_SMBPASS_OBJ_0:.o=.po)
@@ -594,13 +592,14 @@ WINBINDD_OBJ1 = \
nsswitch/winbindd_rpc.o \
nsswitch/winbindd_ads.o \
nsswitch/winbindd_dual.o \
- nsswitch/winbindd_passdb.o
+ nsswitch/winbindd_acct.o \
+ sam/idmap.o sam/idmap_util.o @IDMAP_STATIC@
WINBINDD_OBJ = \
$(WINBINDD_OBJ1) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
$(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
$(LIBSMB_OBJ) $(LIBMSRPC_OBJ) $(RPC_PARSE_OBJ) \
- $(PROFILE_OBJ) $(SLCACHE_OBJ) $(IDMAP_OBJ) $(SMBLDAP_OBJ) \
+ $(PROFILE_OBJ) $(SLCACHE_OBJ) $(SMBLDAP_OBJ) \
$(SECRETS_OBJ) $(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) \
$(DCUTIL_OBJ)
@@ -729,7 +728,7 @@ bin/.dummy:
bin/smbd@EXEEXT@: $(SMBD_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(ADSLIBS) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \
- $(AUTHLIBS) $(ACLLIBS) $(PASSDBLIBS) $(IDMAP_LIBS) $(LIBS) @POPTLIBS@
+ $(AUTHLIBS) $(ACLLIBS) $(PASSDBLIBS) $(LIBS) @POPTLIBS@
bin/nmbd@EXEEXT@: $(NMBD_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
@@ -742,11 +741,11 @@ bin/wrepld@EXEEXT@: $(WREPL_OBJ) @BUILD_POPT@ bin/.dummy
bin/swat@EXEEXT@: $(SWAT_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(SWAT_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \
- $(AUTHLIBS) $(LIBS) $(PASSDBLIBS) $(IDMAP_LIBS) @POPTLIBS@ $(KRB5LIBS)
+ $(AUTHLIBS) $(LIBS) $(PASSDBLIBS) @POPTLIBS@ $(KRB5LIBS)
bin/rpcclient@EXEEXT@: $(RPCCLIENT_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(PASSDBLIBS) $(IDMAP_LIBS) $(RPCCLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ $(ADSLIBS)
+ @$(CC) $(FLAGS) -o $@ $(PASSDBLIBS) $(RPCCLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ $(ADSLIBS)
bin/smbclient@EXEEXT@: $(CLIENT_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
@@ -802,15 +801,15 @@ bin/smbtree@EXEEXT@: $(SMBTREE_OBJ) @BUILD_POPT@ bin/.dummy
bin/smbpasswd@EXEEXT@: $(SMBPASSWD_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(PASSDBLIBS) $(IDMAP_LIBS) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(PASSDBLIBS) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS)
bin/pdbedit@EXEEXT@: $(PDBEDIT_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(IDMAP_LIBS) $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS)
+ @$(CC) $(FLAGS) -o $@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS)
bin/samtest@EXEEXT@: $(SAMTEST_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SAMTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAPLIBS)
+ @$(CC) $(FLAGS) -o $@ $(SAMTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS) $(KRB5LIBS) $(LDAPLIBS)
bin/nmblookup@EXEEXT@: $(NMBLOOKUP_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
@@ -1030,11 +1029,6 @@ bin/xml.@SHLIBEXT@: $(XML_OBJ:.o=.po)
@$(SHLD) $(LDSHFLAGS) -o $@ $(XML_OBJ:.o=.po) @XML_LIBS@ \
@SONAMEFLAG@`basename $@`
-bin/idmap_winbind.@SHLIBEXT@: sam/idmap_winbind.po
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ sam/idmap_winbind.po \
- @SONAMEFLAG@`basename $@`
-
bin/audit.@SHLIBEXT@: $(VFS_AUDIT_OBJ:.o=.po)
@echo "Building plugin $@"
@$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_AUDIT_OBJ:.o=.po) \
diff --git a/source3/configure.in b/source3/configure.in
index 652ae4f416..231a884acf 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -286,7 +286,7 @@ DYNEXP=
dnl Add modules that have to be built by default here
dnl These have to be built static:
-default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_reg rpc_wks rpc_net rpc_dfs rpc_srv rpc_spoolss auth_rhosts auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin idmap_winbind"
+default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_reg rpc_wks rpc_net rpc_dfs rpc_srv rpc_spoolss auth_rhosts auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin"
dnl These are preferably build shared, and static if dlopen() is not available
default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_netatalk vfs_fake_perms"
@@ -3861,7 +3861,6 @@ SMB_MODULE(rpc_samr, \$(RPC_SAMR_OBJ), "bin/librpc_samr.$SHLIBEXT", RPC)
SMB_MODULE(rpc_echo, \$(RPC_ECHO_OBJ), "bin/librpc_echo.$SHLIBEXT", RPC)
SMB_SUBSYSTEM(RPC)
-SMB_MODULE(idmap_winbind, sam/idmap_winbind.o, "bin/idmap_winbind.$SHLIBEXT", IDMAP)
SMB_MODULE(idmap_ldap, sam/idmap_ldap.o, "bin/idmap_ldap.$SHLIBEXT", IDMAP)
SMB_MODULE(idmap_tdb, sam/idmap_tdb.o, "bin/idmap_tdb.$SHLIBEXT", IDMAP)
SMB_SUBSYSTEM(IDMAP)
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 2a903deff0..ffa1c6fefa 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -1233,4 +1233,118 @@ BOOL local_sid_to_gid(gid_t *pgid, const DOM_SID *psid, enum SID_NAME_USE *name_
return True;
}
+/**********************************************************************
+**********************************************************************/
+
+BOOL pdb_get_free_ugid_range(uint32 *low, uint32 *high)
+{
+ uid_t u_low, u_high;
+ gid_t g_low, g_high;
+
+ if (!lp_idmap_uid(&u_low, &u_high) || !lp_idmap_gid(&g_low, &g_high)) {
+ return False;
+ }
+
+ *low = (u_low < g_low) ? u_low : g_low;
+ *high = (u_high < g_high) ? u_high : g_high;
+
+ return True;
+}
+
+/******************************************************************
+ Get the the non-algorithmic RID range if idmap range are defined
+******************************************************************/
+
+BOOL pdb_get_free_rid_range(uint32 *low, uint32 *high)
+{
+ uint32 id_low, id_high;
+
+ if (!lp_enable_rid_algorithm()) {
+ *low = BASE_RID;
+ *high = (uint32)-1;
+ }
+
+ if (!pdb_get_free_ugid_range(&id_low, &id_high)) {
+ return False;
+ }
+
+ *low = fallback_pdb_uid_to_user_rid(id_low);
+ if (fallback_pdb_user_rid_to_uid((uint32)-1) < id_high) {
+ *high = (uint32)-1;
+ } else {
+ *high = fallback_pdb_uid_to_user_rid(id_high);
+ }
+
+ return True;
+}
+
+/**********************************************************************
+ Get the free RID base if idmap is configured, otherwise return 0
+**********************************************************************/
+
+uint32 pdb_get_free_rid_base(void)
+{
+ uint32 low, high;
+ if (pdb_get_free_rid_range(&low, &high)) {
+ return low;
+ }
+ return 0;
+}
+
+/**********************************************************************
+**********************************************************************/
+
+BOOL pdb_check_ugid_is_in_free_range(uint32 id)
+{
+ uint32 low, high;
+
+ if (!pdb_get_free_ugid_range(&low, &high)) {
+ return False;
+ }
+ if (id < low || id > high) {
+ return False;
+ }
+ return True;
+}
+
+/**********************************************************************
+**********************************************************************/
+
+BOOL pdb_check_rid_is_in_free_range(uint32 rid)
+{
+ uint32 low, high;
+
+ if (!pdb_get_free_rid_range(&low, &high)) {
+ return False;
+ }
+ if (rid < algorithmic_rid_base()) {
+ return True;
+ }
+
+ if (rid < low || rid > high) {
+ return False;
+ }
+
+ return True;
+}
+
+/**********************************************************************
+ if it is a foreign SID or if the SID is in the free range, return true
+**********************************************************************/
+
+BOOL pdb_check_sid_is_in_free_range(const DOM_SID *sid)
+{
+ if (sid_compare_domain(get_global_sam_sid(), sid) == 0) {
+
+ uint32 rid;
+
+ if (sid_peek_rid(sid, &rid)) {
+ return pdb_check_rid_is_in_free_range(rid);
+ }
+
+ return False;
+ }
+
+ return True;
+}
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index 77473fe0dc..6a8589b5df 100644
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -766,7 +766,7 @@ static BOOL tdb_update_sam(struct pdb_methods *my_methods, SAM_ACCOUNT* newpwd,
if (!(user_rid = pdb_get_user_rid(newpwd))) {
if ((flag & TDB_INSERT) && tdb_state->permit_non_unix_accounts) {
uint32 lowrid, highrid;
- if (!idmap_get_free_rid_range(&lowrid, &highrid)) {
+ if (!pdb_get_free_rid_range(&lowrid, &highrid)) {
/* should never happen */
DEBUG(0, ("tdbsam: something messed up, no high/low rids but nua enabled ?!\n"));
ret = False;
diff --git a/source3/sam/idmap_util.c b/source3/sam/idmap_util.c
index 626989656a..4e44ee16ba 100644
--- a/source3/sam/idmap_util.c
+++ b/source3/sam/idmap_util.c
@@ -23,119 +23,8 @@
#define DBGC_CLASS DBGC_IDMAP
-/******************************************************************
- * Get the free RID base if idmap is configured, otherwise return 0
- ******************************************************************/
-
-uint32 idmap_get_free_rid_base(void)
-{
- uint32 low, high;
- if (idmap_get_free_rid_range(&low, &high)) {
- return low;
- }
- return 0;
-}
-
-BOOL idmap_check_ugid_is_in_free_range(uint32 id)
-{
- uint32 low, high;
-
- if (!idmap_get_free_ugid_range(&low, &high)) {
- return False;
- }
- if (id < low || id > high) {
- return False;
- }
- return True;
-}
-
-BOOL idmap_check_rid_is_in_free_range(uint32 rid)
-{
- uint32 low, high;
-
- if (!idmap_get_free_rid_range(&low, &high)) {
- return False;
- }
- if (rid < algorithmic_rid_base()) {
- return True;
- }
-
- if (rid < low || rid > high) {
- return False;
- }
-
- return True;
-}
-
-/* if it is a foreign SID or if the SID is in the free range, return true */
-
-BOOL idmap_check_sid_is_in_free_range(const DOM_SID *sid)
-{
- if (sid_compare_domain(get_global_sam_sid(), sid) == 0) {
-
- uint32 rid;
-
- if (sid_peek_rid(sid, &rid)) {
- return idmap_check_rid_is_in_free_range(rid);
- }
-
- return False;
- }
-
- return True;
-}
-
-/******************************************************************
- * Get the the non-algorithmic RID range if idmap range are defined
- ******************************************************************/
-
-BOOL idmap_get_free_rid_range(uint32 *low, uint32 *high)
-{
- uint32 id_low, id_high;
-
- if (!lp_enable_rid_algorithm()) {
- *low = BASE_RID;
- *high = (uint32)-1;
- }
-
- if (!idmap_get_free_ugid_range(&id_low, &id_high)) {
- return False;
- }
-
- *low = fallback_pdb_uid_to_user_rid(id_low);
- if (fallback_pdb_user_rid_to_uid((uint32)-1) < id_high) {
- *high = (uint32)-1;
- } else {
- *high = fallback_pdb_uid_to_user_rid(id_high);
- }
-
- return True;
-}
-
-BOOL idmap_get_free_ugid_range(uint32 *low, uint32 *high)
-{
- uid_t u_low, u_high;
- gid_t g_low, g_high;
-
- if (!lp_idmap_uid(&u_low, &u_high) || !lp_idmap_gid(&g_low, &g_high)) {
- return False;
- }
- if (u_low < g_low) {
- *low = u_low;
- } else {
- *low = g_low;
- }
- if (u_high < g_high) {
- *high = g_high;
- } else {
- *high = u_high;
- }
- return True;
-}
-
/*****************************************************************
- check idmap if uid is in idmap range, otherwise falls back to
- the legacy algorithmic mapping. Returns SID pointer.
+ Returns SID pointer.
*****************************************************************/
NTSTATUS idmap_uid_to_sid(DOM_SID *sid, uid_t uid)
@@ -152,8 +41,6 @@ NTSTATUS idmap_uid_to_sid(DOM_SID *sid, uid_t uid)
}
/*****************************************************************
- check idmap if gid is in idmap range, otherwise falls back to
- the legacy algorithmic mapping.
Group mapping is used for gids that maps to Wellknown SIDs
Returns SID pointer.
*****************************************************************/
diff --git a/source3/sam/idmap_winbind.c b/source3/sam/idmap_winbind.c
deleted file mode 100644
index 159071e292..0000000000
--- a/source3/sam/idmap_winbind.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- idmap Winbind backend
-
- Copyright (C) Simo Sorce 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-#include "nsswitch/winbind_nss.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_IDMAP
-
-extern DOM_SID global_sid_NULL; /* NULL sid */
-
-NSS_STATUS winbindd_request(int req_type,
- struct winbindd_request *request,
- struct winbindd_response *response);
-
-/* Get a sid from an id */
-static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result, operation;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- switch (id_type & ID_TYPEMASK) {
- case ID_USERID:
- request.data.uid = id.uid;
- operation = WINBINDD_UID_TO_SID;
- DEBUG(10,("db_get_sid_from_id: asking winbindd uid %u -> sid\n",
- (unsigned int)id.uid ));
- break;
- case ID_GROUPID:
- request.data.gid = id.gid;
- operation = WINBINDD_GID_TO_SID;
- DEBUG(10,("db_get_sid_from_id: asking winbindd gid %u -> sid\n",
- (unsigned int)id.gid ));
- break;
- default:
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* Make The Request */
- result = winbindd_request(operation, &request, &response);
- if (result == NSS_STATUS_SUCCESS) {
- DEBUG(10,("db_get_sid_from_id: winbindd replied ok (%s)\n", response.data.sid.sid ));
- if (!string_to_sid(sid, response.data.sid.sid)) {
- return NT_STATUS_INVALID_SID;
- }
- return NT_STATUS_OK;
- } else {
- sid_copy(sid, &global_sid_NULL);
- }
-
- DEBUG(10,("db_get_sid_from_id: winbindd lookup fail\n"));
-
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-/* Get an id from a sid */
-static NTSTATUS db_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result, operation;
- fstring sid_str;
-
- if (!id || !id_type) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* setup request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- sid_to_string(sid_str, sid);
- fstrcpy(request.data.sid, sid_str);
-
- switch (*id_type & ID_TYPEMASK) {
- case ID_USERID:
- operation = WINBINDD_SID_TO_UID;
- DEBUG(10,("db_get_id_from_sid: asking winbindd %s -> uid\n",
- sid_str ));
- break;
- case ID_GROUPID:
- operation = WINBINDD_SID_TO_GID;
- DEBUG(10,("db_get_id_from_sid: asking winbindd %s -> gid\n",
- sid_str ));
- break;
- default:
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* Make The Request */
- result = winbindd_request(operation, &request, &response);
-
- if (result == NSS_STATUS_SUCCESS) {
- if (operation == WINBINDD_SID_TO_UID) {
- (*id).uid = response.data.uid;
- DEBUG(10,("db_get_id_from_sid: winbindd replied ok (%u)\n", response.data.uid));
- } else {
- (*id).gid = response.data.gid;
- DEBUG(10,("db_get_id_from_sid: winbindd replied ok (%u)\n", response.data.gid ));
- }
- return NT_STATUS_OK;
- }
-
- DEBUG(10,("db_get_id_from_sid: winbindd lookup fail\n"));
-
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-static NTSTATUS db_set_mapping(const DOM_SID *sid, unid_t id, int id_type) {
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-/*****************************************************************************
- Initialise idmap database.
-*****************************************************************************/
-static NTSTATUS db_init( char *params ) {
- return NT_STATUS_OK;
-}
-
-/* Close the tdb */
-static NTSTATUS db_close(void) {
- return NT_STATUS_OK;
-}
-
-static void db_status(void) {
- return;
-}
-
-static struct idmap_methods winbind_methods = {
- db_init,
- db_get_sid_from_id,
- db_get_id_from_sid,
- db_set_mapping,
- db_close,
- db_status
-};
-
-NTSTATUS idmap_winbind_init(void)
-{
- return smb_register_idmap(SMB_IDMAP_INTERFACE_VERSION, "winbind", &winbind_methods);
-}