diff options
-rw-r--r-- | source3/Makefile.in | 40 | ||||
-rw-r--r-- | source3/configure.in | 3 | ||||
-rw-r--r-- | source3/passdb/passdb.c | 114 | ||||
-rw-r--r-- | source3/passdb/pdb_tdb.c | 2 | ||||
-rw-r--r-- | source3/sam/idmap_util.c | 115 | ||||
-rw-r--r-- | source3/sam/idmap_winbind.c | 165 |
6 files changed, 134 insertions, 305 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index c72fc11ac5..1bfb99f645 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -286,8 +286,6 @@ XML_OBJ = passdb/pdb_xml.o MYSQL_OBJ = passdb/pdb_mysql.o DEVEL_HELP_OBJ = modules/weird.o -IDMAP_OBJ = sam/idmap.o sam/idmap_util.o @IDMAP_STATIC@ - GROUPDB_OBJ = groupdb/mapping.o PROFILE_OBJ = profile/profile.o @@ -351,7 +349,7 @@ SMBD_OBJ_BASE = $(PARAM_OBJ) $(SMBD_OBJ_SRV) $(MSDFS_OBJ) $(LIBSMB_OBJ) \ $(NOTIFY_OBJ) $(GROUPDB_OBJ) $(AUTH_OBJ) \ $(LIBMSRPC_OBJ) \ $(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(LIBADS_SERVER_OBJ) \ - $(LIB_SMBD_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) $(IDMAP_OBJ) \ + $(LIB_SMBD_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) \ $(UBIQX_OBJ) $(BUILDOPT_OBJ) $(SMBLDAP_OBJ) PRINTING_OBJ = printing/pcap.o printing/print_svid.o \ @@ -392,7 +390,7 @@ SWAT_OBJ1 = web/cgi.o web/diagnose.o web/startstop.o web/statuspage.o \ SWAT_OBJ = $(SWAT_OBJ1) $(PARAM_OBJ) $(PRINTING_OBJ) $(LIBSMB_OBJ) \ $(LOCKING_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(KRBCLIENT_OBJ) \ $(UBIQX_OBJ) $(LIB_OBJ) $(GROUPDB_OBJ) $(PLAINTEXT_AUTH_OBJ) \ - $(POPT_LIB_OBJ) $(IDMAP_OBJ) $(SMBLDAP_OBJ) + $(POPT_LIB_OBJ) $(SMBLDAP_OBJ) SMBSH_OBJ = smbwrapper/smbsh.o smbwrapper/shared.o \ $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) @@ -417,11 +415,11 @@ TESTPRNS_OBJ = utils/testprns.o $(PARAM_OBJ) $(PRINTING_OBJ) $(UBIQX_OBJ) \ SMBPASSWD_OBJ = utils/smbpasswd.o $(PARAM_OBJ) $(SECRETS_OBJ) \ $(LIBSMB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ)\ $(UBIQX_OBJ) $(LIB_OBJ) $(KRBCLIENT_OBJ) \ - $(IDMAP_OBJ) $(SMBLDAP_OBJ) + $(SMBLDAP_OBJ) PDBEDIT_OBJ = utils/pdbedit.o $(PARAM_OBJ) $(PASSDB_OBJ) $(LIBSAMBA_OBJ) \ $(UBIQX_OBJ) $(LIB_OBJ) $(GROUPDB_OBJ) $(SECRETS_OBJ) \ - $(POPT_LIB_OBJ) $(IDMAP_OBJ) $(SMBLDAP_OBJ) + $(POPT_LIB_OBJ) $(SMBLDAP_OBJ) RPCCLIENT_OBJ1 = rpcclient/rpcclient.o rpcclient/cmd_lsarpc.o \ rpcclient/cmd_samr.o rpcclient/cmd_spoolss.o \ @@ -435,7 +433,7 @@ RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \ $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(LIBMSRPC_OBJ) \ $(READLINE_OBJ) $(GROUPDB_OBJ) $(KRBCLIENT_OBJ) \ $(LIBADS_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) \ - $(IDMAP_OBJ) $(SMBLDAP_OBJ) $(DCUTIL_OBJ) + $(SMBLDAP_OBJ) $(DCUTIL_OBJ) PAM_WINBIND_OBJ = nsswitch/pam_winbind.po nsswitch/wb_common.po lib/snprintf.po @@ -483,7 +481,7 @@ NET_OBJ = $(NET_OBJ1) $(PARAM_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \ $(KRBCLIENT_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \ $(LIBMSRPC_OBJ) \ $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) $(POPT_LIB_OBJ) \ - $(IDMAP_OBJ) $(SMBLDAP_OBJ) $(DCUTIL_OBJ) + $(SMBLDAP_OBJ) $(DCUTIL_OBJ) CUPS_OBJ = client/smbspool.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \ $(LIB_OBJ) $(KRBCLIENT_OBJ) @@ -562,7 +560,7 @@ PROTO_OBJ = $(SMBD_OBJ_MAIN) \ $(LIB_SMBD_OBJ) $(SAM_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) \ $(RPC_LSA_OBJ) $(RPC_NETLOG_OBJ) $(RPC_SAMR_OBJ) $(RPC_REG_OBJ) \ $(RPC_SVC_OBJ) $(RPC_WKS_OBJ) $(RPC_DFS_OBJ) $(RPC_SPOOLSS_OBJ) \ - $(IDMAP_OBJ) $(RPC_ECHO_OBJ) $(SMBLDAP_OBJ) + $(RPC_ECHO_OBJ) $(SMBLDAP_OBJ) WINBIND_WINS_NSS_OBJ = nsswitch/wins.o $(PARAM_OBJ) $(UBIQX_OBJ) \ $(LIBSMB_OBJ) $(LIB_OBJ) $(NSSWINS_OBJ) @@ -576,7 +574,7 @@ PAM_SMBPASS_OBJ_0 = pam_smbpass/pam_smb_auth.o pam_smbpass/pam_smb_passwd.o \ pam_smbpass/pam_smb_acct.o pam_smbpass/support.o \ libsmb/smbencrypt.o libsmb/smbdes.o libsmb/nterr.o \ $(PARAM_OBJ) $(LIB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \ - $(SECRETS_OBJ) $(UBIQX_OBJ) $(IDMAP_OBJ) + $(SECRETS_OBJ) $(UBIQX_OBJ) PAM_SMBPASS_PICOOBJ = $(PAM_SMBPASS_OBJ_0:.o=.po) @@ -594,13 +592,14 @@ WINBINDD_OBJ1 = \ nsswitch/winbindd_rpc.o \ nsswitch/winbindd_ads.o \ nsswitch/winbindd_dual.o \ - nsswitch/winbindd_passdb.o + nsswitch/winbindd_acct.o \ + sam/idmap.o sam/idmap_util.o @IDMAP_STATIC@ WINBINDD_OBJ = \ $(WINBINDD_OBJ1) $(PASSDB_OBJ) $(GROUPDB_OBJ) \ $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \ $(LIBSMB_OBJ) $(LIBMSRPC_OBJ) $(RPC_PARSE_OBJ) \ - $(PROFILE_OBJ) $(SLCACHE_OBJ) $(IDMAP_OBJ) $(SMBLDAP_OBJ) \ + $(PROFILE_OBJ) $(SLCACHE_OBJ) $(SMBLDAP_OBJ) \ $(SECRETS_OBJ) $(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) \ $(DCUTIL_OBJ) @@ -729,7 +728,7 @@ bin/.dummy: bin/smbd@EXEEXT@: $(SMBD_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(ADSLIBS) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \ - $(AUTHLIBS) $(ACLLIBS) $(PASSDBLIBS) $(IDMAP_LIBS) $(LIBS) @POPTLIBS@ + $(AUTHLIBS) $(ACLLIBS) $(PASSDBLIBS) $(LIBS) @POPTLIBS@ bin/nmbd@EXEEXT@: $(NMBD_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @@ -742,11 +741,11 @@ bin/wrepld@EXEEXT@: $(WREPL_OBJ) @BUILD_POPT@ bin/.dummy bin/swat@EXEEXT@: $(SWAT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SWAT_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \ - $(AUTHLIBS) $(LIBS) $(PASSDBLIBS) $(IDMAP_LIBS) @POPTLIBS@ $(KRB5LIBS) + $(AUTHLIBS) $(LIBS) $(PASSDBLIBS) @POPTLIBS@ $(KRB5LIBS) bin/rpcclient@EXEEXT@: $(RPCCLIENT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(PASSDBLIBS) $(IDMAP_LIBS) $(RPCCLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ $(ADSLIBS) + @$(CC) $(FLAGS) -o $@ $(PASSDBLIBS) $(RPCCLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ $(ADSLIBS) bin/smbclient@EXEEXT@: $(CLIENT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @@ -802,15 +801,15 @@ bin/smbtree@EXEEXT@: $(SMBTREE_OBJ) @BUILD_POPT@ bin/.dummy bin/smbpasswd@EXEEXT@: $(SMBPASSWD_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(PASSDBLIBS) $(IDMAP_LIBS) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(PASSDBLIBS) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) bin/pdbedit@EXEEXT@: $(PDBEDIT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(IDMAP_LIBS) $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS) + @$(CC) $(FLAGS) -o $@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS) bin/samtest@EXEEXT@: $(SAMTEST_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SAMTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAPLIBS) + @$(CC) $(FLAGS) -o $@ $(SAMTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS) $(KRB5LIBS) $(LDAPLIBS) bin/nmblookup@EXEEXT@: $(NMBLOOKUP_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @@ -1030,11 +1029,6 @@ bin/xml.@SHLIBEXT@: $(XML_OBJ:.o=.po) @$(SHLD) $(LDSHFLAGS) -o $@ $(XML_OBJ:.o=.po) @XML_LIBS@ \ @SONAMEFLAG@`basename $@` -bin/idmap_winbind.@SHLIBEXT@: sam/idmap_winbind.po - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ sam/idmap_winbind.po \ - @SONAMEFLAG@`basename $@` - bin/audit.@SHLIBEXT@: $(VFS_AUDIT_OBJ:.o=.po) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_AUDIT_OBJ:.o=.po) \ diff --git a/source3/configure.in b/source3/configure.in index 652ae4f416..231a884acf 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -286,7 +286,7 @@ DYNEXP= dnl Add modules that have to be built by default here dnl These have to be built static: -default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_reg rpc_wks rpc_net rpc_dfs rpc_srv rpc_spoolss auth_rhosts auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin idmap_winbind" +default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_reg rpc_wks rpc_net rpc_dfs rpc_srv rpc_spoolss auth_rhosts auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin" dnl These are preferably build shared, and static if dlopen() is not available default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_netatalk vfs_fake_perms" @@ -3861,7 +3861,6 @@ SMB_MODULE(rpc_samr, \$(RPC_SAMR_OBJ), "bin/librpc_samr.$SHLIBEXT", RPC) SMB_MODULE(rpc_echo, \$(RPC_ECHO_OBJ), "bin/librpc_echo.$SHLIBEXT", RPC) SMB_SUBSYSTEM(RPC) -SMB_MODULE(idmap_winbind, sam/idmap_winbind.o, "bin/idmap_winbind.$SHLIBEXT", IDMAP) SMB_MODULE(idmap_ldap, sam/idmap_ldap.o, "bin/idmap_ldap.$SHLIBEXT", IDMAP) SMB_MODULE(idmap_tdb, sam/idmap_tdb.o, "bin/idmap_tdb.$SHLIBEXT", IDMAP) SMB_SUBSYSTEM(IDMAP) diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 2a903deff0..ffa1c6fefa 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -1233,4 +1233,118 @@ BOOL local_sid_to_gid(gid_t *pgid, const DOM_SID *psid, enum SID_NAME_USE *name_ return True; } +/********************************************************************** +**********************************************************************/ + +BOOL pdb_get_free_ugid_range(uint32 *low, uint32 *high) +{ + uid_t u_low, u_high; + gid_t g_low, g_high; + + if (!lp_idmap_uid(&u_low, &u_high) || !lp_idmap_gid(&g_low, &g_high)) { + return False; + } + + *low = (u_low < g_low) ? u_low : g_low; + *high = (u_high < g_high) ? u_high : g_high; + + return True; +} + +/****************************************************************** + Get the the non-algorithmic RID range if idmap range are defined +******************************************************************/ + +BOOL pdb_get_free_rid_range(uint32 *low, uint32 *high) +{ + uint32 id_low, id_high; + + if (!lp_enable_rid_algorithm()) { + *low = BASE_RID; + *high = (uint32)-1; + } + + if (!pdb_get_free_ugid_range(&id_low, &id_high)) { + return False; + } + + *low = fallback_pdb_uid_to_user_rid(id_low); + if (fallback_pdb_user_rid_to_uid((uint32)-1) < id_high) { + *high = (uint32)-1; + } else { + *high = fallback_pdb_uid_to_user_rid(id_high); + } + + return True; +} + +/********************************************************************** + Get the free RID base if idmap is configured, otherwise return 0 +**********************************************************************/ + +uint32 pdb_get_free_rid_base(void) +{ + uint32 low, high; + if (pdb_get_free_rid_range(&low, &high)) { + return low; + } + return 0; +} + +/********************************************************************** +**********************************************************************/ + +BOOL pdb_check_ugid_is_in_free_range(uint32 id) +{ + uint32 low, high; + + if (!pdb_get_free_ugid_range(&low, &high)) { + return False; + } + if (id < low || id > high) { + return False; + } + return True; +} + +/********************************************************************** +**********************************************************************/ + +BOOL pdb_check_rid_is_in_free_range(uint32 rid) +{ + uint32 low, high; + + if (!pdb_get_free_rid_range(&low, &high)) { + return False; + } + if (rid < algorithmic_rid_base()) { + return True; + } + + if (rid < low || rid > high) { + return False; + } + + return True; +} + +/********************************************************************** + if it is a foreign SID or if the SID is in the free range, return true +**********************************************************************/ + +BOOL pdb_check_sid_is_in_free_range(const DOM_SID *sid) +{ + if (sid_compare_domain(get_global_sam_sid(), sid) == 0) { + + uint32 rid; + + if (sid_peek_rid(sid, &rid)) { + return pdb_check_rid_is_in_free_range(rid); + } + + return False; + } + + return True; +} diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c index 77473fe0dc..6a8589b5df 100644 --- a/source3/passdb/pdb_tdb.c +++ b/source3/passdb/pdb_tdb.c @@ -766,7 +766,7 @@ static BOOL tdb_update_sam(struct pdb_methods *my_methods, SAM_ACCOUNT* newpwd, if (!(user_rid = pdb_get_user_rid(newpwd))) { if ((flag & TDB_INSERT) && tdb_state->permit_non_unix_accounts) { uint32 lowrid, highrid; - if (!idmap_get_free_rid_range(&lowrid, &highrid)) { + if (!pdb_get_free_rid_range(&lowrid, &highrid)) { /* should never happen */ DEBUG(0, ("tdbsam: something messed up, no high/low rids but nua enabled ?!\n")); ret = False; diff --git a/source3/sam/idmap_util.c b/source3/sam/idmap_util.c index 626989656a..4e44ee16ba 100644 --- a/source3/sam/idmap_util.c +++ b/source3/sam/idmap_util.c @@ -23,119 +23,8 @@ #define DBGC_CLASS DBGC_IDMAP -/****************************************************************** - * Get the free RID base if idmap is configured, otherwise return 0 - ******************************************************************/ - -uint32 idmap_get_free_rid_base(void) -{ - uint32 low, high; - if (idmap_get_free_rid_range(&low, &high)) { - return low; - } - return 0; -} - -BOOL idmap_check_ugid_is_in_free_range(uint32 id) -{ - uint32 low, high; - - if (!idmap_get_free_ugid_range(&low, &high)) { - return False; - } - if (id < low || id > high) { - return False; - } - return True; -} - -BOOL idmap_check_rid_is_in_free_range(uint32 rid) -{ - uint32 low, high; - - if (!idmap_get_free_rid_range(&low, &high)) { - return False; - } - if (rid < algorithmic_rid_base()) { - return True; - } - - if (rid < low || rid > high) { - return False; - } - - return True; -} - -/* if it is a foreign SID or if the SID is in the free range, return true */ - -BOOL idmap_check_sid_is_in_free_range(const DOM_SID *sid) -{ - if (sid_compare_domain(get_global_sam_sid(), sid) == 0) { - - uint32 rid; - - if (sid_peek_rid(sid, &rid)) { - return idmap_check_rid_is_in_free_range(rid); - } - - return False; - } - - return True; -} - -/****************************************************************** - * Get the the non-algorithmic RID range if idmap range are defined - ******************************************************************/ - -BOOL idmap_get_free_rid_range(uint32 *low, uint32 *high) -{ - uint32 id_low, id_high; - - if (!lp_enable_rid_algorithm()) { - *low = BASE_RID; - *high = (uint32)-1; - } - - if (!idmap_get_free_ugid_range(&id_low, &id_high)) { - return False; - } - - *low = fallback_pdb_uid_to_user_rid(id_low); - if (fallback_pdb_user_rid_to_uid((uint32)-1) < id_high) { - *high = (uint32)-1; - } else { - *high = fallback_pdb_uid_to_user_rid(id_high); - } - - return True; -} - -BOOL idmap_get_free_ugid_range(uint32 *low, uint32 *high) -{ - uid_t u_low, u_high; - gid_t g_low, g_high; - - if (!lp_idmap_uid(&u_low, &u_high) || !lp_idmap_gid(&g_low, &g_high)) { - return False; - } - if (u_low < g_low) { - *low = u_low; - } else { - *low = g_low; - } - if (u_high < g_high) { - *high = g_high; - } else { - *high = u_high; - } - return True; -} - /***************************************************************** - check idmap if uid is in idmap range, otherwise falls back to - the legacy algorithmic mapping. Returns SID pointer. + Returns SID pointer. *****************************************************************/ NTSTATUS idmap_uid_to_sid(DOM_SID *sid, uid_t uid) @@ -152,8 +41,6 @@ NTSTATUS idmap_uid_to_sid(DOM_SID *sid, uid_t uid) } /***************************************************************** - check idmap if gid is in idmap range, otherwise falls back to - the legacy algorithmic mapping. Group mapping is used for gids that maps to Wellknown SIDs Returns SID pointer. *****************************************************************/ diff --git a/source3/sam/idmap_winbind.c b/source3/sam/idmap_winbind.c deleted file mode 100644 index 159071e292..0000000000 --- a/source3/sam/idmap_winbind.c +++ /dev/null @@ -1,165 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - idmap Winbind backend - - Copyright (C) Simo Sorce 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "nsswitch/winbind_nss.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_IDMAP - -extern DOM_SID global_sid_NULL; /* NULL sid */ - -NSS_STATUS winbindd_request(int req_type, - struct winbindd_request *request, - struct winbindd_response *response); - -/* Get a sid from an id */ -static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type) -{ - struct winbindd_request request; - struct winbindd_response response; - int result, operation; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - switch (id_type & ID_TYPEMASK) { - case ID_USERID: - request.data.uid = id.uid; - operation = WINBINDD_UID_TO_SID; - DEBUG(10,("db_get_sid_from_id: asking winbindd uid %u -> sid\n", - (unsigned int)id.uid )); - break; - case ID_GROUPID: - request.data.gid = id.gid; - operation = WINBINDD_GID_TO_SID; - DEBUG(10,("db_get_sid_from_id: asking winbindd gid %u -> sid\n", - (unsigned int)id.gid )); - break; - default: - return NT_STATUS_INVALID_PARAMETER; - } - - /* Make The Request */ - result = winbindd_request(operation, &request, &response); - if (result == NSS_STATUS_SUCCESS) { - DEBUG(10,("db_get_sid_from_id: winbindd replied ok (%s)\n", response.data.sid.sid )); - if (!string_to_sid(sid, response.data.sid.sid)) { - return NT_STATUS_INVALID_SID; - } - return NT_STATUS_OK; - } else { - sid_copy(sid, &global_sid_NULL); - } - - DEBUG(10,("db_get_sid_from_id: winbindd lookup fail\n")); - - return NT_STATUS_UNSUCCESSFUL; -} - -/* Get an id from a sid */ -static NTSTATUS db_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - int result, operation; - fstring sid_str; - - if (!id || !id_type) { - return NT_STATUS_INVALID_PARAMETER; - } - - /* setup request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - sid_to_string(sid_str, sid); - fstrcpy(request.data.sid, sid_str); - - switch (*id_type & ID_TYPEMASK) { - case ID_USERID: - operation = WINBINDD_SID_TO_UID; - DEBUG(10,("db_get_id_from_sid: asking winbindd %s -> uid\n", - sid_str )); - break; - case ID_GROUPID: - operation = WINBINDD_SID_TO_GID; - DEBUG(10,("db_get_id_from_sid: asking winbindd %s -> gid\n", - sid_str )); - break; - default: - return NT_STATUS_INVALID_PARAMETER; - } - - /* Make The Request */ - result = winbindd_request(operation, &request, &response); - - if (result == NSS_STATUS_SUCCESS) { - if (operation == WINBINDD_SID_TO_UID) { - (*id).uid = response.data.uid; - DEBUG(10,("db_get_id_from_sid: winbindd replied ok (%u)\n", response.data.uid)); - } else { - (*id).gid = response.data.gid; - DEBUG(10,("db_get_id_from_sid: winbindd replied ok (%u)\n", response.data.gid )); - } - return NT_STATUS_OK; - } - - DEBUG(10,("db_get_id_from_sid: winbindd lookup fail\n")); - - return NT_STATUS_UNSUCCESSFUL; -} - -static NTSTATUS db_set_mapping(const DOM_SID *sid, unid_t id, int id_type) { - return NT_STATUS_UNSUCCESSFUL; -} - -/***************************************************************************** - Initialise idmap database. -*****************************************************************************/ -static NTSTATUS db_init( char *params ) { - return NT_STATUS_OK; -} - -/* Close the tdb */ -static NTSTATUS db_close(void) { - return NT_STATUS_OK; -} - -static void db_status(void) { - return; -} - -static struct idmap_methods winbind_methods = { - db_init, - db_get_sid_from_id, - db_get_id_from_sid, - db_set_mapping, - db_close, - db_status -}; - -NTSTATUS idmap_winbind_init(void) -{ - return smb_register_idmap(SMB_IDMAP_INTERFACE_VERSION, "winbind", &winbind_methods); -} |