summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/Makefile.in1
-rw-r--r--source3/librpc/gen_ndr/cli_wbint.c157
-rw-r--r--source3/librpc/gen_ndr/cli_wbint.h10
-rw-r--r--source3/librpc/gen_ndr/ndr_wbint.c71
-rw-r--r--source3/librpc/gen_ndr/ndr_wbint.h23
-rw-r--r--source3/librpc/gen_ndr/srv_wbint.c93
-rw-r--r--source3/librpc/gen_ndr/srv_wbint.h2
-rw-r--r--source3/librpc/gen_ndr/wbint.h9
-rw-r--r--source3/librpc/idl/wbint.idl4
-rw-r--r--source3/winbindd/winbindd.c17
-rw-r--r--source3/winbindd/winbindd_allocate_uid.c92
-rw-r--r--source3/winbindd/winbindd_cache.c1
-rw-r--r--source3/winbindd/winbindd_dual_srv.c13
-rw-r--r--source3/winbindd/winbindd_idmap.c4
-rw-r--r--source3/winbindd/winbindd_proto.h7
-rw-r--r--source3/winbindd/winbindd_sid.c24
16 files changed, 488 insertions, 40 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index ebf6024923..5f674e8d0c 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -1190,6 +1190,7 @@ WINBINDD_OBJ1 = \
winbindd/winbindd_sid_to_gid.o \
winbindd/winbindd_uid_to_sid.o \
winbindd/winbindd_gid_to_sid.o \
+ winbindd/winbindd_allocate_uid.o \
winbindd/winbindd_getpwsid.o \
winbindd/winbindd_getpwnam.o \
winbindd/winbindd_getpwuid.o \
diff --git a/source3/librpc/gen_ndr/cli_wbint.c b/source3/librpc/gen_ndr/cli_wbint.c
index 3b683a73c3..710e503e3c 100644
--- a/source3/librpc/gen_ndr/cli_wbint.c
+++ b/source3/librpc/gen_ndr/cli_wbint.c
@@ -1162,6 +1162,163 @@ NTSTATUS rpccli_wbint_Gid2Sid(struct rpc_pipe_client *cli,
return r.out.result;
}
+struct rpccli_wbint_AllocateUid_state {
+ struct wbint_AllocateUid orig;
+ struct wbint_AllocateUid tmp;
+ TALLOC_CTX *out_mem_ctx;
+ NTSTATUS (*dispatch_recv)(struct tevent_req *req, TALLOC_CTX *mem_ctx);
+};
+
+static void rpccli_wbint_AllocateUid_done(struct tevent_req *subreq);
+
+struct tevent_req *rpccli_wbint_AllocateUid_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct rpc_pipe_client *cli,
+ uint64_t *_uid /* [out] [ref] */)
+{
+ struct tevent_req *req;
+ struct rpccli_wbint_AllocateUid_state *state;
+ struct tevent_req *subreq;
+
+ req = tevent_req_create(mem_ctx, &state,
+ struct rpccli_wbint_AllocateUid_state);
+ if (req == NULL) {
+ return NULL;
+ }
+ state->out_mem_ctx = NULL;
+ state->dispatch_recv = cli->dispatch_recv;
+
+ /* In parameters */
+
+ /* Out parameters */
+ state->orig.out.uid = _uid;
+
+ /* Result */
+ ZERO_STRUCT(state->orig.out.result);
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_IN_DEBUG(wbint_AllocateUid, &state->orig);
+ }
+
+ state->out_mem_ctx = talloc_named_const(state, 0,
+ "rpccli_wbint_AllocateUid_out_memory");
+ if (tevent_req_nomem(state->out_mem_ctx, req)) {
+ return tevent_req_post(req, ev);
+ }
+
+ /* make a temporary copy, that we pass to the dispatch function */
+ state->tmp = state->orig;
+
+ subreq = cli->dispatch_send(state, ev, cli,
+ &ndr_table_wbint,
+ NDR_WBINT_ALLOCATEUID,
+ &state->tmp);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq, rpccli_wbint_AllocateUid_done, req);
+ return req;
+}
+
+static void rpccli_wbint_AllocateUid_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ struct rpccli_wbint_AllocateUid_state *state = tevent_req_data(
+ req, struct rpccli_wbint_AllocateUid_state);
+ NTSTATUS status;
+ TALLOC_CTX *mem_ctx;
+
+ if (state->out_mem_ctx) {
+ mem_ctx = state->out_mem_ctx;
+ } else {
+ mem_ctx = state;
+ }
+
+ status = state->dispatch_recv(subreq, mem_ctx);
+ TALLOC_FREE(subreq);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+
+ /* Copy out parameters */
+ *state->orig.out.uid = *state->tmp.out.uid;
+
+ /* Copy result */
+ state->orig.out.result = state->tmp.out.result;
+
+ /* Reset temporary structure */
+ ZERO_STRUCT(state->tmp);
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_OUT_DEBUG(wbint_AllocateUid, &state->orig);
+ }
+
+ tevent_req_done(req);
+}
+
+NTSTATUS rpccli_wbint_AllocateUid_recv(struct tevent_req *req,
+ TALLOC_CTX *mem_ctx,
+ NTSTATUS *result)
+{
+ struct rpccli_wbint_AllocateUid_state *state = tevent_req_data(
+ req, struct rpccli_wbint_AllocateUid_state);
+ NTSTATUS status;
+
+ if (tevent_req_is_nterror(req, &status)) {
+ tevent_req_received(req);
+ return status;
+ }
+
+ /* Steal possbile out parameters to the callers context */
+ talloc_steal(mem_ctx, state->out_mem_ctx);
+
+ /* Return result */
+ *result = state->orig.out.result;
+
+ tevent_req_received(req);
+ return NT_STATUS_OK;
+}
+
+NTSTATUS rpccli_wbint_AllocateUid(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ uint64_t *uid /* [out] [ref] */)
+{
+ struct wbint_AllocateUid r;
+ NTSTATUS status;
+
+ /* In parameters */
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_IN_DEBUG(wbint_AllocateUid, &r);
+ }
+
+ status = cli->dispatch(cli,
+ mem_ctx,
+ &ndr_table_wbint,
+ NDR_WBINT_ALLOCATEUID,
+ &r);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_OUT_DEBUG(wbint_AllocateUid, &r);
+ }
+
+ if (NT_STATUS_IS_ERR(status)) {
+ return status;
+ }
+
+ /* Return variables */
+ *uid = *r.out.uid;
+
+ /* Return result */
+ return r.out.result;
+}
+
struct rpccli_wbint_QueryUser_state {
struct wbint_QueryUser orig;
struct wbint_QueryUser tmp;
diff --git a/source3/librpc/gen_ndr/cli_wbint.h b/source3/librpc/gen_ndr/cli_wbint.h
index cf9166a6cb..f5fd812073 100644
--- a/source3/librpc/gen_ndr/cli_wbint.h
+++ b/source3/librpc/gen_ndr/cli_wbint.h
@@ -102,6 +102,16 @@ NTSTATUS rpccli_wbint_Gid2Sid(struct rpc_pipe_client *cli,
const char *dom_name /* [in] [unique,charset(UTF8)] */,
uint64_t gid /* [in] */,
struct dom_sid *sid /* [out] [ref] */);
+struct tevent_req *rpccli_wbint_AllocateUid_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct rpc_pipe_client *cli,
+ uint64_t *_uid /* [out] [ref] */);
+NTSTATUS rpccli_wbint_AllocateUid_recv(struct tevent_req *req,
+ TALLOC_CTX *mem_ctx,
+ NTSTATUS *result);
+NTSTATUS rpccli_wbint_AllocateUid(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ uint64_t *uid /* [out] [ref] */);
struct tevent_req *rpccli_wbint_QueryUser_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct rpc_pipe_client *cli,
diff --git a/source3/librpc/gen_ndr/ndr_wbint.c b/source3/librpc/gen_ndr/ndr_wbint.c
index 9dc9e6fcfb..1476e06e75 100644
--- a/source3/librpc/gen_ndr/ndr_wbint.c
+++ b/source3/librpc/gen_ndr/ndr_wbint.c
@@ -1258,6 +1258,67 @@ _PUBLIC_ void ndr_print_wbint_Gid2Sid(struct ndr_print *ndr, const char *name, i
ndr->depth--;
}
+static enum ndr_err_code ndr_push_wbint_AllocateUid(struct ndr_push *ndr, int flags, const struct wbint_AllocateUid *r)
+{
+ if (flags & NDR_IN) {
+ }
+ if (flags & NDR_OUT) {
+ if (r->out.uid == NULL) {
+ return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer");
+ }
+ NDR_CHECK(ndr_push_hyper(ndr, NDR_SCALARS, *r->out.uid));
+ NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result));
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+static enum ndr_err_code ndr_pull_wbint_AllocateUid(struct ndr_pull *ndr, int flags, struct wbint_AllocateUid *r)
+{
+ TALLOC_CTX *_mem_save_uid_0;
+ if (flags & NDR_IN) {
+ ZERO_STRUCT(r->out);
+
+ NDR_PULL_ALLOC(ndr, r->out.uid);
+ ZERO_STRUCTP(r->out.uid);
+ }
+ if (flags & NDR_OUT) {
+ if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
+ NDR_PULL_ALLOC(ndr, r->out.uid);
+ }
+ _mem_save_uid_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->out.uid, LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_hyper(ndr, NDR_SCALARS, r->out.uid));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_uid_0, LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result));
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_wbint_AllocateUid(struct ndr_print *ndr, const char *name, int flags, const struct wbint_AllocateUid *r)
+{
+ ndr_print_struct(ndr, name, "wbint_AllocateUid");
+ ndr->depth++;
+ if (flags & NDR_SET_VALUES) {
+ ndr->flags |= LIBNDR_PRINT_SET_VALUES;
+ }
+ if (flags & NDR_IN) {
+ ndr_print_struct(ndr, "in", "wbint_AllocateUid");
+ ndr->depth++;
+ ndr->depth--;
+ }
+ if (flags & NDR_OUT) {
+ ndr_print_struct(ndr, "out", "wbint_AllocateUid");
+ ndr->depth++;
+ ndr_print_ptr(ndr, "uid", r->out.uid);
+ ndr->depth++;
+ ndr_print_hyper(ndr, "uid", *r->out.uid);
+ ndr->depth--;
+ ndr_print_NTSTATUS(ndr, "result", r->out.result);
+ ndr->depth--;
+ }
+ ndr->depth--;
+}
+
static enum ndr_err_code ndr_push_wbint_QueryUser(struct ndr_push *ndr, int flags, const struct wbint_QueryUser *r)
{
if (flags & NDR_IN) {
@@ -2047,6 +2108,14 @@ static const struct ndr_interface_call wbint_calls[] = {
false,
},
{
+ "wbint_AllocateUid",
+ sizeof(struct wbint_AllocateUid),
+ (ndr_push_flags_fn_t) ndr_push_wbint_AllocateUid,
+ (ndr_pull_flags_fn_t) ndr_pull_wbint_AllocateUid,
+ (ndr_print_function_t) ndr_print_wbint_AllocateUid,
+ false,
+ },
+ {
"wbint_QueryUser",
sizeof(struct wbint_QueryUser),
(ndr_push_flags_fn_t) ndr_push_wbint_QueryUser,
@@ -2147,7 +2216,7 @@ const struct ndr_interface_table ndr_table_wbint = {
NDR_WBINT_VERSION
},
.helpstring = NDR_WBINT_HELPSTRING,
- .num_calls = 16,
+ .num_calls = 17,
.calls = wbint_calls,
.endpoints = &wbint_endpoints,
.authservices = &wbint_authservices
diff --git a/source3/librpc/gen_ndr/ndr_wbint.h b/source3/librpc/gen_ndr/ndr_wbint.h
index bdcb23b2be..65eae1cc47 100644
--- a/source3/librpc/gen_ndr/ndr_wbint.h
+++ b/source3/librpc/gen_ndr/ndr_wbint.h
@@ -25,25 +25,27 @@ extern const struct ndr_interface_table ndr_table_wbint;
#define NDR_WBINT_GID2SID (0x06)
-#define NDR_WBINT_QUERYUSER (0x07)
+#define NDR_WBINT_ALLOCATEUID (0x07)
-#define NDR_WBINT_LOOKUPUSERALIASES (0x08)
+#define NDR_WBINT_QUERYUSER (0x08)
-#define NDR_WBINT_LOOKUPUSERGROUPS (0x09)
+#define NDR_WBINT_LOOKUPUSERALIASES (0x09)
-#define NDR_WBINT_QUERYSEQUENCENUMBER (0x0a)
+#define NDR_WBINT_LOOKUPUSERGROUPS (0x0a)
-#define NDR_WBINT_LOOKUPGROUPMEMBERS (0x0b)
+#define NDR_WBINT_QUERYSEQUENCENUMBER (0x0b)
-#define NDR_WBINT_QUERYUSERLIST (0x0c)
+#define NDR_WBINT_LOOKUPGROUPMEMBERS (0x0c)
-#define NDR_WBINT_QUERYGROUPLIST (0x0d)
+#define NDR_WBINT_QUERYUSERLIST (0x0d)
-#define NDR_WBINT_DSGETDCNAME (0x0e)
+#define NDR_WBINT_QUERYGROUPLIST (0x0e)
-#define NDR_WBINT_LOOKUPRIDS (0x0f)
+#define NDR_WBINT_DSGETDCNAME (0x0f)
-#define NDR_WBINT_CALL_COUNT (16)
+#define NDR_WBINT_LOOKUPRIDS (0x10)
+
+#define NDR_WBINT_CALL_COUNT (17)
enum ndr_err_code ndr_push_wbint_userinfo(struct ndr_push *ndr, int ndr_flags, const struct wbint_userinfo *r);
enum ndr_err_code ndr_pull_wbint_userinfo(struct ndr_pull *ndr, int ndr_flags, struct wbint_userinfo *r);
void ndr_print_wbint_userinfo(struct ndr_print *ndr, const char *name, const struct wbint_userinfo *r);
@@ -69,6 +71,7 @@ void ndr_print_wbint_Sid2Uid(struct ndr_print *ndr, const char *name, int flags,
void ndr_print_wbint_Sid2Gid(struct ndr_print *ndr, const char *name, int flags, const struct wbint_Sid2Gid *r);
void ndr_print_wbint_Uid2Sid(struct ndr_print *ndr, const char *name, int flags, const struct wbint_Uid2Sid *r);
void ndr_print_wbint_Gid2Sid(struct ndr_print *ndr, const char *name, int flags, const struct wbint_Gid2Sid *r);
+void ndr_print_wbint_AllocateUid(struct ndr_print *ndr, const char *name, int flags, const struct wbint_AllocateUid *r);
void ndr_print_wbint_QueryUser(struct ndr_print *ndr, const char *name, int flags, const struct wbint_QueryUser *r);
void ndr_print_wbint_LookupUserAliases(struct ndr_print *ndr, const char *name, int flags, const struct wbint_LookupUserAliases *r);
void ndr_print_wbint_LookupUserGroups(struct ndr_print *ndr, const char *name, int flags, const struct wbint_LookupUserGroups *r);
diff --git a/source3/librpc/gen_ndr/srv_wbint.c b/source3/librpc/gen_ndr/srv_wbint.c
index 522230e8c4..498784d249 100644
--- a/source3/librpc/gen_ndr/srv_wbint.c
+++ b/source3/librpc/gen_ndr/srv_wbint.c
@@ -584,6 +584,86 @@ static bool api_wbint_Gid2Sid(pipes_struct *p)
return true;
}
+static bool api_wbint_AllocateUid(pipes_struct *p)
+{
+ const struct ndr_interface_call *call;
+ struct ndr_pull *pull;
+ struct ndr_push *push;
+ enum ndr_err_code ndr_err;
+ DATA_BLOB blob;
+ struct wbint_AllocateUid *r;
+
+ call = &ndr_table_wbint.calls[NDR_WBINT_ALLOCATEUID];
+
+ r = talloc(talloc_tos(), struct wbint_AllocateUid);
+ if (r == NULL) {
+ return false;
+ }
+
+ if (!prs_data_blob(&p->in_data.data, &blob, r)) {
+ talloc_free(r);
+ return false;
+ }
+
+ pull = ndr_pull_init_blob(&blob, r, NULL);
+ if (pull == NULL) {
+ talloc_free(r);
+ return false;
+ }
+
+ pull->flags |= LIBNDR_FLAG_REF_ALLOC;
+ ndr_err = call->ndr_pull(pull, NDR_IN, r);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ talloc_free(r);
+ return false;
+ }
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_IN_DEBUG(wbint_AllocateUid, r);
+ }
+
+ ZERO_STRUCT(r->out);
+ r->out.uid = talloc_zero(r, uint64_t);
+ if (r->out.uid == NULL) {
+ talloc_free(r);
+ return false;
+ }
+
+ r->out.result = _wbint_AllocateUid(p, r);
+
+ if (p->rng_fault_state) {
+ talloc_free(r);
+ /* Return true here, srv_pipe_hnd.c will take care */
+ return true;
+ }
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_OUT_DEBUG(wbint_AllocateUid, r);
+ }
+
+ push = ndr_push_init_ctx(r, NULL);
+ if (push == NULL) {
+ talloc_free(r);
+ return false;
+ }
+
+ ndr_err = call->ndr_push(push, NDR_OUT, r);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ talloc_free(r);
+ return false;
+ }
+
+ blob = ndr_push_blob(push);
+ if (!prs_copy_data_in(&p->out_data.rdata, (const char *)blob.data, (uint32_t)blob.length)) {
+ talloc_free(r);
+ return false;
+ }
+
+ talloc_free(r);
+
+ return true;
+}
+
static bool api_wbint_QueryUser(pipes_struct *p)
{
const struct ndr_interface_call *call;
@@ -1315,6 +1395,7 @@ static struct api_struct api_wbint_cmds[] =
{"WBINT_SID2GID", NDR_WBINT_SID2GID, api_wbint_Sid2Gid},
{"WBINT_UID2SID", NDR_WBINT_UID2SID, api_wbint_Uid2Sid},
{"WBINT_GID2SID", NDR_WBINT_GID2SID, api_wbint_Gid2Sid},
+ {"WBINT_ALLOCATEUID", NDR_WBINT_ALLOCATEUID, api_wbint_AllocateUid},
{"WBINT_QUERYUSER", NDR_WBINT_QUERYUSER, api_wbint_QueryUser},
{"WBINT_LOOKUPUSERALIASES", NDR_WBINT_LOOKUPUSERALIASES, api_wbint_LookupUserAliases},
{"WBINT_LOOKUPUSERGROUPS", NDR_WBINT_LOOKUPUSERGROUPS, api_wbint_LookupUserGroups},
@@ -1439,6 +1520,18 @@ NTSTATUS rpc_wbint_dispatch(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, co
return NT_STATUS_OK;
}
+ case NDR_WBINT_ALLOCATEUID: {
+ struct wbint_AllocateUid *r = (struct wbint_AllocateUid *)_r;
+ ZERO_STRUCT(r->out);
+ r->out.uid = talloc_zero(mem_ctx, uint64_t);
+ if (r->out.uid == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ r->out.result = _wbint_AllocateUid(cli->pipes_struct, r);
+ return NT_STATUS_OK;
+ }
+
case NDR_WBINT_QUERYUSER: {
struct wbint_QueryUser *r = (struct wbint_QueryUser *)_r;
ZERO_STRUCT(r->out);
diff --git a/source3/librpc/gen_ndr/srv_wbint.h b/source3/librpc/gen_ndr/srv_wbint.h
index c91d3c8374..97aec299a8 100644
--- a/source3/librpc/gen_ndr/srv_wbint.h
+++ b/source3/librpc/gen_ndr/srv_wbint.h
@@ -8,6 +8,7 @@ NTSTATUS _wbint_Sid2Uid(pipes_struct *p, struct wbint_Sid2Uid *r);
NTSTATUS _wbint_Sid2Gid(pipes_struct *p, struct wbint_Sid2Gid *r);
NTSTATUS _wbint_Uid2Sid(pipes_struct *p, struct wbint_Uid2Sid *r);
NTSTATUS _wbint_Gid2Sid(pipes_struct *p, struct wbint_Gid2Sid *r);
+NTSTATUS _wbint_AllocateUid(pipes_struct *p, struct wbint_AllocateUid *r);
NTSTATUS _wbint_QueryUser(pipes_struct *p, struct wbint_QueryUser *r);
NTSTATUS _wbint_LookupUserAliases(pipes_struct *p, struct wbint_LookupUserAliases *r);
NTSTATUS _wbint_LookupUserGroups(pipes_struct *p, struct wbint_LookupUserGroups *r);
@@ -26,6 +27,7 @@ NTSTATUS _wbint_Sid2Uid(pipes_struct *p, struct wbint_Sid2Uid *r);
NTSTATUS _wbint_Sid2Gid(pipes_struct *p, struct wbint_Sid2Gid *r);
NTSTATUS _wbint_Uid2Sid(pipes_struct *p, struct wbint_Uid2Sid *r);
NTSTATUS _wbint_Gid2Sid(pipes_struct *p, struct wbint_Gid2Sid *r);
+NTSTATUS _wbint_AllocateUid(pipes_struct *p, struct wbint_AllocateUid *r);
NTSTATUS _wbint_QueryUser(pipes_struct *p, struct wbint_QueryUser *r);
NTSTATUS _wbint_LookupUserAliases(pipes_struct *p, struct wbint_LookupUserAliases *r);
NTSTATUS _wbint_LookupUserGroups(pipes_struct *p, struct wbint_LookupUserGroups *r);
diff --git a/source3/librpc/gen_ndr/wbint.h b/source3/librpc/gen_ndr/wbint.h
index 96466fdca0..caabfcc9eb 100644
--- a/source3/librpc/gen_ndr/wbint.h
+++ b/source3/librpc/gen_ndr/wbint.h
@@ -144,6 +144,15 @@ struct wbint_Gid2Sid {
};
+struct wbint_AllocateUid {
+ struct {
+ uint64_t *uid;/* [ref] */
+ NTSTATUS result;
+ } out;
+
+};
+
+
struct wbint_QueryUser {
struct {
struct dom_sid *sid;/* [ref] */
diff --git a/source3/librpc/idl/wbint.idl b/source3/librpc/idl/wbint.idl
index cf42cb9269..a624a466a1 100644
--- a/source3/librpc/idl/wbint.idl
+++ b/source3/librpc/idl/wbint.idl
@@ -54,6 +54,10 @@ interface wbint
[out] dom_sid *sid
);
+ NTSTATUS wbint_AllocateUid(
+ [out] hyper *uid
+ );
+
typedef [public] struct {
[string,charset(UTF8)] char *acct_name;
[string,charset(UTF8)] char *full_name;
diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c
index e583dae4a9..d664a51671 100644
--- a/source3/winbindd/winbindd.c
+++ b/source3/winbindd/winbindd.c
@@ -440,7 +440,6 @@ static struct winbindd_dispatch_table {
/* Lookup related functions */
- { WINBINDD_ALLOCATE_UID, winbindd_allocate_uid, "ALLOCATE_UID" },
{ WINBINDD_ALLOCATE_GID, winbindd_allocate_gid, "ALLOCATE_GID" },
{ WINBINDD_SET_MAPPING, winbindd_set_mapping, "SET_MAPPING" },
{ WINBINDD_REMOVE_MAPPING, winbindd_remove_mapping, "REMOVE_MAPPING" },
@@ -543,6 +542,13 @@ static struct winbindd_async_dispatch_table async_nonpriv_table[] = {
{ 0, NULL, NULL, NULL }
};
+static struct winbindd_async_dispatch_table async_priv_table[] = {
+ { WINBINDD_ALLOCATE_UID, "ALLOCATE_UID",
+ winbindd_allocate_uid_send, winbindd_allocate_uid_recv },
+
+ { 0, NULL, NULL, NULL }
+};
+
static void wb_request_done(struct tevent_req *req);
static void process_request(struct winbindd_cli_state *state)
@@ -565,6 +571,15 @@ static void process_request(struct winbindd_cli_state *state)
}
}
+ if ((atable->send_req == NULL) && state->privileged) {
+ for (atable = async_priv_table; atable->send_req;
+ atable += 1) {
+ if (state->request->cmd == atable->cmd) {
+ break;
+ }
+ }
+ }
+
if (atable->send_req != NULL) {
struct tevent_req *req;
diff --git a/source3/winbindd/winbindd_allocate_uid.c b/source3/winbindd/winbindd_allocate_uid.c
new file mode 100644
index 0000000000..171d0ccb91
--- /dev/null
+++ b/source3/winbindd/winbindd_allocate_uid.c
@@ -0,0 +1,92 @@
+/*
+ Unix SMB/CIFS implementation.
+ async implementation of WINBINDD_ALLOCATE_UID
+ Copyright (C) Volker Lendecke 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "winbindd.h"
+#include "librpc/gen_ndr/cli_wbint.h"
+
+struct winbindd_allocate_uid_state {
+ uint64_t uid;
+};
+
+static void winbindd_allocate_uid_done(struct tevent_req *subreq);
+
+struct tevent_req *winbindd_allocate_uid_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct winbindd_cli_state *cli,
+ struct winbindd_request *request)
+{
+ struct tevent_req *req, *subreq;
+ struct winbindd_allocate_uid_state *state;
+ struct winbindd_child *child;
+
+ req = tevent_req_create(mem_ctx, &state,
+ struct winbindd_allocate_uid_state);
+ if (req == NULL) {
+ return NULL;
+ }
+
+ DEBUG(3, ("allocate_uid\n"));
+
+ child = idmap_child();
+
+ subreq = rpccli_wbint_AllocateUid_send(state, ev, child->rpccli,
+ &state->uid);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq, winbindd_allocate_uid_done, req);
+ return req;
+}
+
+static void winbindd_allocate_uid_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ struct winbindd_allocate_uid_state *state = tevent_req_data(
+ req, struct winbindd_allocate_uid_state);
+ NTSTATUS status, result;
+
+ status = rpccli_wbint_AllocateUid_recv(subreq, state, &result);
+ TALLOC_FREE(subreq);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ tevent_req_nterror(req, result);
+ return;
+ }
+ tevent_req_done(req);
+}
+
+NTSTATUS winbindd_allocate_uid_recv(struct tevent_req *req,
+ struct winbindd_response *response)
+{
+ struct winbindd_allocate_uid_state *state = tevent_req_data(
+ req, struct winbindd_allocate_uid_state);
+ NTSTATUS status;
+
+ if (tevent_req_is_nterror(req, &status)) {
+ DEBUG(5, ("Could not allocate uid: %s\n", nt_errstr(status)));
+ return status;
+ }
+ response->data.uid = state->uid;
+ return NT_STATUS_OK;
+}
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index 65bbe75cd7..5bb76c5b06 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -4356,6 +4356,7 @@ static bool wcache_opnum_cacheable(uint32_t opnum)
switch (opnum) {
case NDR_WBINT_PING:
case NDR_WBINT_QUERYSEQUENCENUMBER:
+ case NDR_WBINT_ALLOCATEUID:
return false;
}
return true;
diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c
index 0f0802109a..8bea6ac03a 100644
--- a/source3/winbindd/winbindd_dual_srv.c
+++ b/source3/winbindd/winbindd_dual_srv.c
@@ -106,6 +106,19 @@ NTSTATUS _wbint_Gid2Sid(pipes_struct *p, struct wbint_Gid2Sid *r)
r->out.sid, r->in.gid);
}
+NTSTATUS _wbint_AllocateUid(pipes_struct *p, struct wbint_AllocateUid *r)
+{
+ struct unixid xid;
+ NTSTATUS status;
+
+ status = idmap_allocate_uid(&xid);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ *r->out.uid = xid.id;
+ return NT_STATUS_OK;
+}
+
NTSTATUS _wbint_QueryUser(pipes_struct *p, struct wbint_QueryUser *r)
{
struct winbindd_domain *domain = wb_child_domain();
diff --git a/source3/winbindd/winbindd_idmap.c b/source3/winbindd/winbindd_idmap.c
index 5986c3b6c3..65cc0d1f53 100644
--- a/source3/winbindd/winbindd_idmap.c
+++ b/source3/winbindd/winbindd_idmap.c
@@ -557,10 +557,6 @@ static const struct winbindd_child_dispatch_table idmap_dispatch_table[] = {
.struct_cmd = WINBINDD_DUAL_SET_HWM,
.struct_fn = winbindd_dual_set_hwm,
},{
- .name = "ALLOCATE_UID",
- .struct_cmd = WINBINDD_ALLOCATE_UID,
- .struct_fn = winbindd_dual_allocate_uid,
- },{
.name = "ALLOCATE_GID",
.struct_cmd = WINBINDD_ALLOCATE_GID,
.struct_fn = winbindd_dual_allocate_gid,
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index b59d11b78f..cbb57634ba 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -721,6 +721,13 @@ struct tevent_req *winbindd_gid_to_sid_send(TALLOC_CTX *mem_ctx,
NTSTATUS winbindd_gid_to_sid_recv(struct tevent_req *req,
struct winbindd_response *response);
+struct tevent_req *winbindd_allocate_uid_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct winbindd_cli_state *cli,
+ struct winbindd_request *request);
+NTSTATUS winbindd_allocate_uid_recv(struct tevent_req *req,
+ struct winbindd_response *response);
+
struct tevent_req *wb_queryuser_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
const struct dom_sid *user_sid);
diff --git a/source3/winbindd/winbindd_sid.c b/source3/winbindd/winbindd_sid.c
index 8f09d5f7eb..717a0272d6 100644
--- a/source3/winbindd/winbindd_sid.c
+++ b/source3/winbindd/winbindd_sid.c
@@ -141,30 +141,6 @@ void winbindd_set_hwm(struct winbindd_cli_state *state)
winbindd_set_hwm_async(state->mem_ctx, &xid, set_hwm_recv, state);
}
-void winbindd_allocate_uid(struct winbindd_cli_state *state)
-{
- if ( !state->privileged ) {
- DEBUG(2, ("winbindd_allocate_uid: non-privileged access "
- "denied!\n"));
- request_error(state);
- return;
- }
-
- sendto_child(state, idmap_child());
-}
-
-enum winbindd_result winbindd_dual_allocate_uid(struct winbindd_domain *domain,
- struct winbindd_cli_state *state)
-{
- struct unixid xid;
-
- if (!NT_STATUS_IS_OK(idmap_allocate_uid(&xid))) {
- return WINBINDD_ERROR;
- }
- state->response->data.uid = xid.id;
- return WINBINDD_OK;
-}
-
void winbindd_allocate_gid(struct winbindd_cli_state *state)
{
if ( !state->privileged ) {