diff options
-rw-r--r-- | source3/Makefile.in | 1 | ||||
-rw-r--r-- | source3/librpc/gen_ndr/cli_wbint.c | 157 | ||||
-rw-r--r-- | source3/librpc/gen_ndr/cli_wbint.h | 10 | ||||
-rw-r--r-- | source3/librpc/gen_ndr/ndr_wbint.c | 71 | ||||
-rw-r--r-- | source3/librpc/gen_ndr/ndr_wbint.h | 23 | ||||
-rw-r--r-- | source3/librpc/gen_ndr/srv_wbint.c | 93 | ||||
-rw-r--r-- | source3/librpc/gen_ndr/srv_wbint.h | 2 | ||||
-rw-r--r-- | source3/librpc/gen_ndr/wbint.h | 9 | ||||
-rw-r--r-- | source3/librpc/idl/wbint.idl | 4 | ||||
-rw-r--r-- | source3/winbindd/winbindd.c | 17 | ||||
-rw-r--r-- | source3/winbindd/winbindd_allocate_uid.c | 92 | ||||
-rw-r--r-- | source3/winbindd/winbindd_cache.c | 1 | ||||
-rw-r--r-- | source3/winbindd/winbindd_dual_srv.c | 13 | ||||
-rw-r--r-- | source3/winbindd/winbindd_idmap.c | 4 | ||||
-rw-r--r-- | source3/winbindd/winbindd_proto.h | 7 | ||||
-rw-r--r-- | source3/winbindd/winbindd_sid.c | 24 |
16 files changed, 488 insertions, 40 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index ebf6024923..5f674e8d0c 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -1190,6 +1190,7 @@ WINBINDD_OBJ1 = \ winbindd/winbindd_sid_to_gid.o \ winbindd/winbindd_uid_to_sid.o \ winbindd/winbindd_gid_to_sid.o \ + winbindd/winbindd_allocate_uid.o \ winbindd/winbindd_getpwsid.o \ winbindd/winbindd_getpwnam.o \ winbindd/winbindd_getpwuid.o \ diff --git a/source3/librpc/gen_ndr/cli_wbint.c b/source3/librpc/gen_ndr/cli_wbint.c index 3b683a73c3..710e503e3c 100644 --- a/source3/librpc/gen_ndr/cli_wbint.c +++ b/source3/librpc/gen_ndr/cli_wbint.c @@ -1162,6 +1162,163 @@ NTSTATUS rpccli_wbint_Gid2Sid(struct rpc_pipe_client *cli, return r.out.result; } +struct rpccli_wbint_AllocateUid_state { + struct wbint_AllocateUid orig; + struct wbint_AllocateUid tmp; + TALLOC_CTX *out_mem_ctx; + NTSTATUS (*dispatch_recv)(struct tevent_req *req, TALLOC_CTX *mem_ctx); +}; + +static void rpccli_wbint_AllocateUid_done(struct tevent_req *subreq); + +struct tevent_req *rpccli_wbint_AllocateUid_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct rpc_pipe_client *cli, + uint64_t *_uid /* [out] [ref] */) +{ + struct tevent_req *req; + struct rpccli_wbint_AllocateUid_state *state; + struct tevent_req *subreq; + + req = tevent_req_create(mem_ctx, &state, + struct rpccli_wbint_AllocateUid_state); + if (req == NULL) { + return NULL; + } + state->out_mem_ctx = NULL; + state->dispatch_recv = cli->dispatch_recv; + + /* In parameters */ + + /* Out parameters */ + state->orig.out.uid = _uid; + + /* Result */ + ZERO_STRUCT(state->orig.out.result); + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_IN_DEBUG(wbint_AllocateUid, &state->orig); + } + + state->out_mem_ctx = talloc_named_const(state, 0, + "rpccli_wbint_AllocateUid_out_memory"); + if (tevent_req_nomem(state->out_mem_ctx, req)) { + return tevent_req_post(req, ev); + } + + /* make a temporary copy, that we pass to the dispatch function */ + state->tmp = state->orig; + + subreq = cli->dispatch_send(state, ev, cli, + &ndr_table_wbint, + NDR_WBINT_ALLOCATEUID, + &state->tmp); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, rpccli_wbint_AllocateUid_done, req); + return req; +} + +static void rpccli_wbint_AllocateUid_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct rpccli_wbint_AllocateUid_state *state = tevent_req_data( + req, struct rpccli_wbint_AllocateUid_state); + NTSTATUS status; + TALLOC_CTX *mem_ctx; + + if (state->out_mem_ctx) { + mem_ctx = state->out_mem_ctx; + } else { + mem_ctx = state; + } + + status = state->dispatch_recv(subreq, mem_ctx); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + tevent_req_nterror(req, status); + return; + } + + /* Copy out parameters */ + *state->orig.out.uid = *state->tmp.out.uid; + + /* Copy result */ + state->orig.out.result = state->tmp.out.result; + + /* Reset temporary structure */ + ZERO_STRUCT(state->tmp); + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_OUT_DEBUG(wbint_AllocateUid, &state->orig); + } + + tevent_req_done(req); +} + +NTSTATUS rpccli_wbint_AllocateUid_recv(struct tevent_req *req, + TALLOC_CTX *mem_ctx, + NTSTATUS *result) +{ + struct rpccli_wbint_AllocateUid_state *state = tevent_req_data( + req, struct rpccli_wbint_AllocateUid_state); + NTSTATUS status; + + if (tevent_req_is_nterror(req, &status)) { + tevent_req_received(req); + return status; + } + + /* Steal possbile out parameters to the callers context */ + talloc_steal(mem_ctx, state->out_mem_ctx); + + /* Return result */ + *result = state->orig.out.result; + + tevent_req_received(req); + return NT_STATUS_OK; +} + +NTSTATUS rpccli_wbint_AllocateUid(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + uint64_t *uid /* [out] [ref] */) +{ + struct wbint_AllocateUid r; + NTSTATUS status; + + /* In parameters */ + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_IN_DEBUG(wbint_AllocateUid, &r); + } + + status = cli->dispatch(cli, + mem_ctx, + &ndr_table_wbint, + NDR_WBINT_ALLOCATEUID, + &r); + + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_OUT_DEBUG(wbint_AllocateUid, &r); + } + + if (NT_STATUS_IS_ERR(status)) { + return status; + } + + /* Return variables */ + *uid = *r.out.uid; + + /* Return result */ + return r.out.result; +} + struct rpccli_wbint_QueryUser_state { struct wbint_QueryUser orig; struct wbint_QueryUser tmp; diff --git a/source3/librpc/gen_ndr/cli_wbint.h b/source3/librpc/gen_ndr/cli_wbint.h index cf9166a6cb..f5fd812073 100644 --- a/source3/librpc/gen_ndr/cli_wbint.h +++ b/source3/librpc/gen_ndr/cli_wbint.h @@ -102,6 +102,16 @@ NTSTATUS rpccli_wbint_Gid2Sid(struct rpc_pipe_client *cli, const char *dom_name /* [in] [unique,charset(UTF8)] */, uint64_t gid /* [in] */, struct dom_sid *sid /* [out] [ref] */); +struct tevent_req *rpccli_wbint_AllocateUid_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct rpc_pipe_client *cli, + uint64_t *_uid /* [out] [ref] */); +NTSTATUS rpccli_wbint_AllocateUid_recv(struct tevent_req *req, + TALLOC_CTX *mem_ctx, + NTSTATUS *result); +NTSTATUS rpccli_wbint_AllocateUid(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + uint64_t *uid /* [out] [ref] */); struct tevent_req *rpccli_wbint_QueryUser_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct rpc_pipe_client *cli, diff --git a/source3/librpc/gen_ndr/ndr_wbint.c b/source3/librpc/gen_ndr/ndr_wbint.c index 9dc9e6fcfb..1476e06e75 100644 --- a/source3/librpc/gen_ndr/ndr_wbint.c +++ b/source3/librpc/gen_ndr/ndr_wbint.c @@ -1258,6 +1258,67 @@ _PUBLIC_ void ndr_print_wbint_Gid2Sid(struct ndr_print *ndr, const char *name, i ndr->depth--; } +static enum ndr_err_code ndr_push_wbint_AllocateUid(struct ndr_push *ndr, int flags, const struct wbint_AllocateUid *r) +{ + if (flags & NDR_IN) { + } + if (flags & NDR_OUT) { + if (r->out.uid == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_hyper(ndr, NDR_SCALARS, *r->out.uid)); + NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); + } + return NDR_ERR_SUCCESS; +} + +static enum ndr_err_code ndr_pull_wbint_AllocateUid(struct ndr_pull *ndr, int flags, struct wbint_AllocateUid *r) +{ + TALLOC_CTX *_mem_save_uid_0; + if (flags & NDR_IN) { + ZERO_STRUCT(r->out); + + NDR_PULL_ALLOC(ndr, r->out.uid); + ZERO_STRUCTP(r->out.uid); + } + if (flags & NDR_OUT) { + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.uid); + } + _mem_save_uid_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.uid, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_hyper(ndr, NDR_SCALARS, r->out.uid)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_uid_0, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_wbint_AllocateUid(struct ndr_print *ndr, const char *name, int flags, const struct wbint_AllocateUid *r) +{ + ndr_print_struct(ndr, name, "wbint_AllocateUid"); + ndr->depth++; + if (flags & NDR_SET_VALUES) { + ndr->flags |= LIBNDR_PRINT_SET_VALUES; + } + if (flags & NDR_IN) { + ndr_print_struct(ndr, "in", "wbint_AllocateUid"); + ndr->depth++; + ndr->depth--; + } + if (flags & NDR_OUT) { + ndr_print_struct(ndr, "out", "wbint_AllocateUid"); + ndr->depth++; + ndr_print_ptr(ndr, "uid", r->out.uid); + ndr->depth++; + ndr_print_hyper(ndr, "uid", *r->out.uid); + ndr->depth--; + ndr_print_NTSTATUS(ndr, "result", r->out.result); + ndr->depth--; + } + ndr->depth--; +} + static enum ndr_err_code ndr_push_wbint_QueryUser(struct ndr_push *ndr, int flags, const struct wbint_QueryUser *r) { if (flags & NDR_IN) { @@ -2047,6 +2108,14 @@ static const struct ndr_interface_call wbint_calls[] = { false, }, { + "wbint_AllocateUid", + sizeof(struct wbint_AllocateUid), + (ndr_push_flags_fn_t) ndr_push_wbint_AllocateUid, + (ndr_pull_flags_fn_t) ndr_pull_wbint_AllocateUid, + (ndr_print_function_t) ndr_print_wbint_AllocateUid, + false, + }, + { "wbint_QueryUser", sizeof(struct wbint_QueryUser), (ndr_push_flags_fn_t) ndr_push_wbint_QueryUser, @@ -2147,7 +2216,7 @@ const struct ndr_interface_table ndr_table_wbint = { NDR_WBINT_VERSION }, .helpstring = NDR_WBINT_HELPSTRING, - .num_calls = 16, + .num_calls = 17, .calls = wbint_calls, .endpoints = &wbint_endpoints, .authservices = &wbint_authservices diff --git a/source3/librpc/gen_ndr/ndr_wbint.h b/source3/librpc/gen_ndr/ndr_wbint.h index bdcb23b2be..65eae1cc47 100644 --- a/source3/librpc/gen_ndr/ndr_wbint.h +++ b/source3/librpc/gen_ndr/ndr_wbint.h @@ -25,25 +25,27 @@ extern const struct ndr_interface_table ndr_table_wbint; #define NDR_WBINT_GID2SID (0x06) -#define NDR_WBINT_QUERYUSER (0x07) +#define NDR_WBINT_ALLOCATEUID (0x07) -#define NDR_WBINT_LOOKUPUSERALIASES (0x08) +#define NDR_WBINT_QUERYUSER (0x08) -#define NDR_WBINT_LOOKUPUSERGROUPS (0x09) +#define NDR_WBINT_LOOKUPUSERALIASES (0x09) -#define NDR_WBINT_QUERYSEQUENCENUMBER (0x0a) +#define NDR_WBINT_LOOKUPUSERGROUPS (0x0a) -#define NDR_WBINT_LOOKUPGROUPMEMBERS (0x0b) +#define NDR_WBINT_QUERYSEQUENCENUMBER (0x0b) -#define NDR_WBINT_QUERYUSERLIST (0x0c) +#define NDR_WBINT_LOOKUPGROUPMEMBERS (0x0c) -#define NDR_WBINT_QUERYGROUPLIST (0x0d) +#define NDR_WBINT_QUERYUSERLIST (0x0d) -#define NDR_WBINT_DSGETDCNAME (0x0e) +#define NDR_WBINT_QUERYGROUPLIST (0x0e) -#define NDR_WBINT_LOOKUPRIDS (0x0f) +#define NDR_WBINT_DSGETDCNAME (0x0f) -#define NDR_WBINT_CALL_COUNT (16) +#define NDR_WBINT_LOOKUPRIDS (0x10) + +#define NDR_WBINT_CALL_COUNT (17) enum ndr_err_code ndr_push_wbint_userinfo(struct ndr_push *ndr, int ndr_flags, const struct wbint_userinfo *r); enum ndr_err_code ndr_pull_wbint_userinfo(struct ndr_pull *ndr, int ndr_flags, struct wbint_userinfo *r); void ndr_print_wbint_userinfo(struct ndr_print *ndr, const char *name, const struct wbint_userinfo *r); @@ -69,6 +71,7 @@ void ndr_print_wbint_Sid2Uid(struct ndr_print *ndr, const char *name, int flags, void ndr_print_wbint_Sid2Gid(struct ndr_print *ndr, const char *name, int flags, const struct wbint_Sid2Gid *r); void ndr_print_wbint_Uid2Sid(struct ndr_print *ndr, const char *name, int flags, const struct wbint_Uid2Sid *r); void ndr_print_wbint_Gid2Sid(struct ndr_print *ndr, const char *name, int flags, const struct wbint_Gid2Sid *r); +void ndr_print_wbint_AllocateUid(struct ndr_print *ndr, const char *name, int flags, const struct wbint_AllocateUid *r); void ndr_print_wbint_QueryUser(struct ndr_print *ndr, const char *name, int flags, const struct wbint_QueryUser *r); void ndr_print_wbint_LookupUserAliases(struct ndr_print *ndr, const char *name, int flags, const struct wbint_LookupUserAliases *r); void ndr_print_wbint_LookupUserGroups(struct ndr_print *ndr, const char *name, int flags, const struct wbint_LookupUserGroups *r); diff --git a/source3/librpc/gen_ndr/srv_wbint.c b/source3/librpc/gen_ndr/srv_wbint.c index 522230e8c4..498784d249 100644 --- a/source3/librpc/gen_ndr/srv_wbint.c +++ b/source3/librpc/gen_ndr/srv_wbint.c @@ -584,6 +584,86 @@ static bool api_wbint_Gid2Sid(pipes_struct *p) return true; } +static bool api_wbint_AllocateUid(pipes_struct *p) +{ + const struct ndr_interface_call *call; + struct ndr_pull *pull; + struct ndr_push *push; + enum ndr_err_code ndr_err; + DATA_BLOB blob; + struct wbint_AllocateUid *r; + + call = &ndr_table_wbint.calls[NDR_WBINT_ALLOCATEUID]; + + r = talloc(talloc_tos(), struct wbint_AllocateUid); + if (r == NULL) { + return false; + } + + if (!prs_data_blob(&p->in_data.data, &blob, r)) { + talloc_free(r); + return false; + } + + pull = ndr_pull_init_blob(&blob, r, NULL); + if (pull == NULL) { + talloc_free(r); + return false; + } + + pull->flags |= LIBNDR_FLAG_REF_ALLOC; + ndr_err = call->ndr_pull(pull, NDR_IN, r); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + talloc_free(r); + return false; + } + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_IN_DEBUG(wbint_AllocateUid, r); + } + + ZERO_STRUCT(r->out); + r->out.uid = talloc_zero(r, uint64_t); + if (r->out.uid == NULL) { + talloc_free(r); + return false; + } + + r->out.result = _wbint_AllocateUid(p, r); + + if (p->rng_fault_state) { + talloc_free(r); + /* Return true here, srv_pipe_hnd.c will take care */ + return true; + } + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_OUT_DEBUG(wbint_AllocateUid, r); + } + + push = ndr_push_init_ctx(r, NULL); + if (push == NULL) { + talloc_free(r); + return false; + } + + ndr_err = call->ndr_push(push, NDR_OUT, r); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + talloc_free(r); + return false; + } + + blob = ndr_push_blob(push); + if (!prs_copy_data_in(&p->out_data.rdata, (const char *)blob.data, (uint32_t)blob.length)) { + talloc_free(r); + return false; + } + + talloc_free(r); + + return true; +} + static bool api_wbint_QueryUser(pipes_struct *p) { const struct ndr_interface_call *call; @@ -1315,6 +1395,7 @@ static struct api_struct api_wbint_cmds[] = {"WBINT_SID2GID", NDR_WBINT_SID2GID, api_wbint_Sid2Gid}, {"WBINT_UID2SID", NDR_WBINT_UID2SID, api_wbint_Uid2Sid}, {"WBINT_GID2SID", NDR_WBINT_GID2SID, api_wbint_Gid2Sid}, + {"WBINT_ALLOCATEUID", NDR_WBINT_ALLOCATEUID, api_wbint_AllocateUid}, {"WBINT_QUERYUSER", NDR_WBINT_QUERYUSER, api_wbint_QueryUser}, {"WBINT_LOOKUPUSERALIASES", NDR_WBINT_LOOKUPUSERALIASES, api_wbint_LookupUserAliases}, {"WBINT_LOOKUPUSERGROUPS", NDR_WBINT_LOOKUPUSERGROUPS, api_wbint_LookupUserGroups}, @@ -1439,6 +1520,18 @@ NTSTATUS rpc_wbint_dispatch(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, co return NT_STATUS_OK; } + case NDR_WBINT_ALLOCATEUID: { + struct wbint_AllocateUid *r = (struct wbint_AllocateUid *)_r; + ZERO_STRUCT(r->out); + r->out.uid = talloc_zero(mem_ctx, uint64_t); + if (r->out.uid == NULL) { + return NT_STATUS_NO_MEMORY; + } + + r->out.result = _wbint_AllocateUid(cli->pipes_struct, r); + return NT_STATUS_OK; + } + case NDR_WBINT_QUERYUSER: { struct wbint_QueryUser *r = (struct wbint_QueryUser *)_r; ZERO_STRUCT(r->out); diff --git a/source3/librpc/gen_ndr/srv_wbint.h b/source3/librpc/gen_ndr/srv_wbint.h index c91d3c8374..97aec299a8 100644 --- a/source3/librpc/gen_ndr/srv_wbint.h +++ b/source3/librpc/gen_ndr/srv_wbint.h @@ -8,6 +8,7 @@ NTSTATUS _wbint_Sid2Uid(pipes_struct *p, struct wbint_Sid2Uid *r); NTSTATUS _wbint_Sid2Gid(pipes_struct *p, struct wbint_Sid2Gid *r); NTSTATUS _wbint_Uid2Sid(pipes_struct *p, struct wbint_Uid2Sid *r); NTSTATUS _wbint_Gid2Sid(pipes_struct *p, struct wbint_Gid2Sid *r); +NTSTATUS _wbint_AllocateUid(pipes_struct *p, struct wbint_AllocateUid *r); NTSTATUS _wbint_QueryUser(pipes_struct *p, struct wbint_QueryUser *r); NTSTATUS _wbint_LookupUserAliases(pipes_struct *p, struct wbint_LookupUserAliases *r); NTSTATUS _wbint_LookupUserGroups(pipes_struct *p, struct wbint_LookupUserGroups *r); @@ -26,6 +27,7 @@ NTSTATUS _wbint_Sid2Uid(pipes_struct *p, struct wbint_Sid2Uid *r); NTSTATUS _wbint_Sid2Gid(pipes_struct *p, struct wbint_Sid2Gid *r); NTSTATUS _wbint_Uid2Sid(pipes_struct *p, struct wbint_Uid2Sid *r); NTSTATUS _wbint_Gid2Sid(pipes_struct *p, struct wbint_Gid2Sid *r); +NTSTATUS _wbint_AllocateUid(pipes_struct *p, struct wbint_AllocateUid *r); NTSTATUS _wbint_QueryUser(pipes_struct *p, struct wbint_QueryUser *r); NTSTATUS _wbint_LookupUserAliases(pipes_struct *p, struct wbint_LookupUserAliases *r); NTSTATUS _wbint_LookupUserGroups(pipes_struct *p, struct wbint_LookupUserGroups *r); diff --git a/source3/librpc/gen_ndr/wbint.h b/source3/librpc/gen_ndr/wbint.h index 96466fdca0..caabfcc9eb 100644 --- a/source3/librpc/gen_ndr/wbint.h +++ b/source3/librpc/gen_ndr/wbint.h @@ -144,6 +144,15 @@ struct wbint_Gid2Sid { }; +struct wbint_AllocateUid { + struct { + uint64_t *uid;/* [ref] */ + NTSTATUS result; + } out; + +}; + + struct wbint_QueryUser { struct { struct dom_sid *sid;/* [ref] */ diff --git a/source3/librpc/idl/wbint.idl b/source3/librpc/idl/wbint.idl index cf42cb9269..a624a466a1 100644 --- a/source3/librpc/idl/wbint.idl +++ b/source3/librpc/idl/wbint.idl @@ -54,6 +54,10 @@ interface wbint [out] dom_sid *sid ); + NTSTATUS wbint_AllocateUid( + [out] hyper *uid + ); + typedef [public] struct { [string,charset(UTF8)] char *acct_name; [string,charset(UTF8)] char *full_name; diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index e583dae4a9..d664a51671 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -440,7 +440,6 @@ static struct winbindd_dispatch_table { /* Lookup related functions */ - { WINBINDD_ALLOCATE_UID, winbindd_allocate_uid, "ALLOCATE_UID" }, { WINBINDD_ALLOCATE_GID, winbindd_allocate_gid, "ALLOCATE_GID" }, { WINBINDD_SET_MAPPING, winbindd_set_mapping, "SET_MAPPING" }, { WINBINDD_REMOVE_MAPPING, winbindd_remove_mapping, "REMOVE_MAPPING" }, @@ -543,6 +542,13 @@ static struct winbindd_async_dispatch_table async_nonpriv_table[] = { { 0, NULL, NULL, NULL } }; +static struct winbindd_async_dispatch_table async_priv_table[] = { + { WINBINDD_ALLOCATE_UID, "ALLOCATE_UID", + winbindd_allocate_uid_send, winbindd_allocate_uid_recv }, + + { 0, NULL, NULL, NULL } +}; + static void wb_request_done(struct tevent_req *req); static void process_request(struct winbindd_cli_state *state) @@ -565,6 +571,15 @@ static void process_request(struct winbindd_cli_state *state) } } + if ((atable->send_req == NULL) && state->privileged) { + for (atable = async_priv_table; atable->send_req; + atable += 1) { + if (state->request->cmd == atable->cmd) { + break; + } + } + } + if (atable->send_req != NULL) { struct tevent_req *req; diff --git a/source3/winbindd/winbindd_allocate_uid.c b/source3/winbindd/winbindd_allocate_uid.c new file mode 100644 index 0000000000..171d0ccb91 --- /dev/null +++ b/source3/winbindd/winbindd_allocate_uid.c @@ -0,0 +1,92 @@ +/* + Unix SMB/CIFS implementation. + async implementation of WINBINDD_ALLOCATE_UID + Copyright (C) Volker Lendecke 2009 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "winbindd.h" +#include "librpc/gen_ndr/cli_wbint.h" + +struct winbindd_allocate_uid_state { + uint64_t uid; +}; + +static void winbindd_allocate_uid_done(struct tevent_req *subreq); + +struct tevent_req *winbindd_allocate_uid_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct winbindd_cli_state *cli, + struct winbindd_request *request) +{ + struct tevent_req *req, *subreq; + struct winbindd_allocate_uid_state *state; + struct winbindd_child *child; + + req = tevent_req_create(mem_ctx, &state, + struct winbindd_allocate_uid_state); + if (req == NULL) { + return NULL; + } + + DEBUG(3, ("allocate_uid\n")); + + child = idmap_child(); + + subreq = rpccli_wbint_AllocateUid_send(state, ev, child->rpccli, + &state->uid); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, winbindd_allocate_uid_done, req); + return req; +} + +static void winbindd_allocate_uid_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct winbindd_allocate_uid_state *state = tevent_req_data( + req, struct winbindd_allocate_uid_state); + NTSTATUS status, result; + + status = rpccli_wbint_AllocateUid_recv(subreq, state, &result); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + tevent_req_nterror(req, status); + return; + } + if (!NT_STATUS_IS_OK(result)) { + tevent_req_nterror(req, result); + return; + } + tevent_req_done(req); +} + +NTSTATUS winbindd_allocate_uid_recv(struct tevent_req *req, + struct winbindd_response *response) +{ + struct winbindd_allocate_uid_state *state = tevent_req_data( + req, struct winbindd_allocate_uid_state); + NTSTATUS status; + + if (tevent_req_is_nterror(req, &status)) { + DEBUG(5, ("Could not allocate uid: %s\n", nt_errstr(status))); + return status; + } + response->data.uid = state->uid; + return NT_STATUS_OK; +} diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index 65bbe75cd7..5bb76c5b06 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -4356,6 +4356,7 @@ static bool wcache_opnum_cacheable(uint32_t opnum) switch (opnum) { case NDR_WBINT_PING: case NDR_WBINT_QUERYSEQUENCENUMBER: + case NDR_WBINT_ALLOCATEUID: return false; } return true; diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index 0f0802109a..8bea6ac03a 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -106,6 +106,19 @@ NTSTATUS _wbint_Gid2Sid(pipes_struct *p, struct wbint_Gid2Sid *r) r->out.sid, r->in.gid); } +NTSTATUS _wbint_AllocateUid(pipes_struct *p, struct wbint_AllocateUid *r) +{ + struct unixid xid; + NTSTATUS status; + + status = idmap_allocate_uid(&xid); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + *r->out.uid = xid.id; + return NT_STATUS_OK; +} + NTSTATUS _wbint_QueryUser(pipes_struct *p, struct wbint_QueryUser *r) { struct winbindd_domain *domain = wb_child_domain(); diff --git a/source3/winbindd/winbindd_idmap.c b/source3/winbindd/winbindd_idmap.c index 5986c3b6c3..65cc0d1f53 100644 --- a/source3/winbindd/winbindd_idmap.c +++ b/source3/winbindd/winbindd_idmap.c @@ -557,10 +557,6 @@ static const struct winbindd_child_dispatch_table idmap_dispatch_table[] = { .struct_cmd = WINBINDD_DUAL_SET_HWM, .struct_fn = winbindd_dual_set_hwm, },{ - .name = "ALLOCATE_UID", - .struct_cmd = WINBINDD_ALLOCATE_UID, - .struct_fn = winbindd_dual_allocate_uid, - },{ .name = "ALLOCATE_GID", .struct_cmd = WINBINDD_ALLOCATE_GID, .struct_fn = winbindd_dual_allocate_gid, diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index b59d11b78f..cbb57634ba 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -721,6 +721,13 @@ struct tevent_req *winbindd_gid_to_sid_send(TALLOC_CTX *mem_ctx, NTSTATUS winbindd_gid_to_sid_recv(struct tevent_req *req, struct winbindd_response *response); +struct tevent_req *winbindd_allocate_uid_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct winbindd_cli_state *cli, + struct winbindd_request *request); +NTSTATUS winbindd_allocate_uid_recv(struct tevent_req *req, + struct winbindd_response *response); + struct tevent_req *wb_queryuser_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, const struct dom_sid *user_sid); diff --git a/source3/winbindd/winbindd_sid.c b/source3/winbindd/winbindd_sid.c index 8f09d5f7eb..717a0272d6 100644 --- a/source3/winbindd/winbindd_sid.c +++ b/source3/winbindd/winbindd_sid.c @@ -141,30 +141,6 @@ void winbindd_set_hwm(struct winbindd_cli_state *state) winbindd_set_hwm_async(state->mem_ctx, &xid, set_hwm_recv, state); } -void winbindd_allocate_uid(struct winbindd_cli_state *state) -{ - if ( !state->privileged ) { - DEBUG(2, ("winbindd_allocate_uid: non-privileged access " - "denied!\n")); - request_error(state); - return; - } - - sendto_child(state, idmap_child()); -} - -enum winbindd_result winbindd_dual_allocate_uid(struct winbindd_domain *domain, - struct winbindd_cli_state *state) -{ - struct unixid xid; - - if (!NT_STATUS_IS_OK(idmap_allocate_uid(&xid))) { - return WINBINDD_ERROR; - } - state->response->data.uid = xid.id; - return WINBINDD_OK; -} - void winbindd_allocate_gid(struct winbindd_cli_state *state) { if ( !state->privileged ) { |