summaryrefslogtreecommitdiff
path: root/source3/sam
diff options
context:
space:
mode:
Diffstat (limited to 'source3/sam')
-rw-r--r--source3/sam/idmap_util.c115
-rw-r--r--source3/sam/idmap_winbind.c165
2 files changed, 1 insertions, 279 deletions
diff --git a/source3/sam/idmap_util.c b/source3/sam/idmap_util.c
index 626989656a..4e44ee16ba 100644
--- a/source3/sam/idmap_util.c
+++ b/source3/sam/idmap_util.c
@@ -23,119 +23,8 @@
#define DBGC_CLASS DBGC_IDMAP
-/******************************************************************
- * Get the free RID base if idmap is configured, otherwise return 0
- ******************************************************************/
-
-uint32 idmap_get_free_rid_base(void)
-{
- uint32 low, high;
- if (idmap_get_free_rid_range(&low, &high)) {
- return low;
- }
- return 0;
-}
-
-BOOL idmap_check_ugid_is_in_free_range(uint32 id)
-{
- uint32 low, high;
-
- if (!idmap_get_free_ugid_range(&low, &high)) {
- return False;
- }
- if (id < low || id > high) {
- return False;
- }
- return True;
-}
-
-BOOL idmap_check_rid_is_in_free_range(uint32 rid)
-{
- uint32 low, high;
-
- if (!idmap_get_free_rid_range(&low, &high)) {
- return False;
- }
- if (rid < algorithmic_rid_base()) {
- return True;
- }
-
- if (rid < low || rid > high) {
- return False;
- }
-
- return True;
-}
-
-/* if it is a foreign SID or if the SID is in the free range, return true */
-
-BOOL idmap_check_sid_is_in_free_range(const DOM_SID *sid)
-{
- if (sid_compare_domain(get_global_sam_sid(), sid) == 0) {
-
- uint32 rid;
-
- if (sid_peek_rid(sid, &rid)) {
- return idmap_check_rid_is_in_free_range(rid);
- }
-
- return False;
- }
-
- return True;
-}
-
-/******************************************************************
- * Get the the non-algorithmic RID range if idmap range are defined
- ******************************************************************/
-
-BOOL idmap_get_free_rid_range(uint32 *low, uint32 *high)
-{
- uint32 id_low, id_high;
-
- if (!lp_enable_rid_algorithm()) {
- *low = BASE_RID;
- *high = (uint32)-1;
- }
-
- if (!idmap_get_free_ugid_range(&id_low, &id_high)) {
- return False;
- }
-
- *low = fallback_pdb_uid_to_user_rid(id_low);
- if (fallback_pdb_user_rid_to_uid((uint32)-1) < id_high) {
- *high = (uint32)-1;
- } else {
- *high = fallback_pdb_uid_to_user_rid(id_high);
- }
-
- return True;
-}
-
-BOOL idmap_get_free_ugid_range(uint32 *low, uint32 *high)
-{
- uid_t u_low, u_high;
- gid_t g_low, g_high;
-
- if (!lp_idmap_uid(&u_low, &u_high) || !lp_idmap_gid(&g_low, &g_high)) {
- return False;
- }
- if (u_low < g_low) {
- *low = u_low;
- } else {
- *low = g_low;
- }
- if (u_high < g_high) {
- *high = g_high;
- } else {
- *high = u_high;
- }
- return True;
-}
-
/*****************************************************************
- check idmap if uid is in idmap range, otherwise falls back to
- the legacy algorithmic mapping. Returns SID pointer.
+ Returns SID pointer.
*****************************************************************/
NTSTATUS idmap_uid_to_sid(DOM_SID *sid, uid_t uid)
@@ -152,8 +41,6 @@ NTSTATUS idmap_uid_to_sid(DOM_SID *sid, uid_t uid)
}
/*****************************************************************
- check idmap if gid is in idmap range, otherwise falls back to
- the legacy algorithmic mapping.
Group mapping is used for gids that maps to Wellknown SIDs
Returns SID pointer.
*****************************************************************/
diff --git a/source3/sam/idmap_winbind.c b/source3/sam/idmap_winbind.c
deleted file mode 100644
index 159071e292..0000000000
--- a/source3/sam/idmap_winbind.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- idmap Winbind backend
-
- Copyright (C) Simo Sorce 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-#include "nsswitch/winbind_nss.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_IDMAP
-
-extern DOM_SID global_sid_NULL; /* NULL sid */
-
-NSS_STATUS winbindd_request(int req_type,
- struct winbindd_request *request,
- struct winbindd_response *response);
-
-/* Get a sid from an id */
-static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result, operation;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- switch (id_type & ID_TYPEMASK) {
- case ID_USERID:
- request.data.uid = id.uid;
- operation = WINBINDD_UID_TO_SID;
- DEBUG(10,("db_get_sid_from_id: asking winbindd uid %u -> sid\n",
- (unsigned int)id.uid ));
- break;
- case ID_GROUPID:
- request.data.gid = id.gid;
- operation = WINBINDD_GID_TO_SID;
- DEBUG(10,("db_get_sid_from_id: asking winbindd gid %u -> sid\n",
- (unsigned int)id.gid ));
- break;
- default:
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* Make The Request */
- result = winbindd_request(operation, &request, &response);
- if (result == NSS_STATUS_SUCCESS) {
- DEBUG(10,("db_get_sid_from_id: winbindd replied ok (%s)\n", response.data.sid.sid ));
- if (!string_to_sid(sid, response.data.sid.sid)) {
- return NT_STATUS_INVALID_SID;
- }
- return NT_STATUS_OK;
- } else {
- sid_copy(sid, &global_sid_NULL);
- }
-
- DEBUG(10,("db_get_sid_from_id: winbindd lookup fail\n"));
-
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-/* Get an id from a sid */
-static NTSTATUS db_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result, operation;
- fstring sid_str;
-
- if (!id || !id_type) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* setup request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- sid_to_string(sid_str, sid);
- fstrcpy(request.data.sid, sid_str);
-
- switch (*id_type & ID_TYPEMASK) {
- case ID_USERID:
- operation = WINBINDD_SID_TO_UID;
- DEBUG(10,("db_get_id_from_sid: asking winbindd %s -> uid\n",
- sid_str ));
- break;
- case ID_GROUPID:
- operation = WINBINDD_SID_TO_GID;
- DEBUG(10,("db_get_id_from_sid: asking winbindd %s -> gid\n",
- sid_str ));
- break;
- default:
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* Make The Request */
- result = winbindd_request(operation, &request, &response);
-
- if (result == NSS_STATUS_SUCCESS) {
- if (operation == WINBINDD_SID_TO_UID) {
- (*id).uid = response.data.uid;
- DEBUG(10,("db_get_id_from_sid: winbindd replied ok (%u)\n", response.data.uid));
- } else {
- (*id).gid = response.data.gid;
- DEBUG(10,("db_get_id_from_sid: winbindd replied ok (%u)\n", response.data.gid ));
- }
- return NT_STATUS_OK;
- }
-
- DEBUG(10,("db_get_id_from_sid: winbindd lookup fail\n"));
-
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-static NTSTATUS db_set_mapping(const DOM_SID *sid, unid_t id, int id_type) {
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-/*****************************************************************************
- Initialise idmap database.
-*****************************************************************************/
-static NTSTATUS db_init( char *params ) {
- return NT_STATUS_OK;
-}
-
-/* Close the tdb */
-static NTSTATUS db_close(void) {
- return NT_STATUS_OK;
-}
-
-static void db_status(void) {
- return;
-}
-
-static struct idmap_methods winbind_methods = {
- db_init,
- db_get_sid_from_id,
- db_get_id_from_sid,
- db_set_mapping,
- db_close,
- db_status
-};
-
-NTSTATUS idmap_winbind_init(void)
-{
- return smb_register_idmap(SMB_IDMAP_INTERFACE_VERSION, "winbind", &winbind_methods);
-}