diff options
Diffstat (limited to 'source3/winbindd/winbindd_group.c')
-rw-r--r-- | source3/winbindd/winbindd_group.c | 172 |
1 files changed, 0 insertions, 172 deletions
diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c index 12067f553f..c1a898d73b 100644 --- a/source3/winbindd/winbindd_group.c +++ b/source3/winbindd/winbindd_group.c @@ -1559,178 +1559,6 @@ struct getgroups_state { size_t num_token_gids; }; -static void getgroups_usersid_recv(void *private_data, bool success, - const DOM_SID *sid, enum lsa_SidType type); -static void getgroups_tokensids_recv(void *private_data, bool success, - DOM_SID *token_sids, size_t num_token_sids); -static void getgroups_sid2gid_recv(void *private_data, bool success, gid_t gid); - -void winbindd_getgroups(struct winbindd_cli_state *state) -{ - struct getgroups_state *s; - char *real_name = NULL; - NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; - - /* Ensure null termination */ - state->request->data.username - [sizeof(state->request->data.username)-1]='\0'; - - DEBUG(3, ("[%5lu]: getgroups %s\n", (unsigned long)state->pid, - state->request->data.username)); - - /* Parse domain and username */ - - s = TALLOC_P(state->mem_ctx, struct getgroups_state); - if (s == NULL) { - DEBUG(0, ("talloc failed\n")); - request_error(state); - return; - } - - s->state = state; - - nt_status = normalize_name_unmap(state->mem_ctx, - state->request->data.username, - &real_name); - - /* Reset the real_name pointer if we didn't do anything - productive in the above call */ - if (!NT_STATUS_IS_OK(nt_status) && - !NT_STATUS_EQUAL(nt_status, NT_STATUS_FILE_RENAMED)) - { - real_name = state->request->data.username; - } - - if (!parse_domain_user_talloc(state->mem_ctx, real_name, - &s->domname, &s->username)) { - DEBUG(5, ("Could not parse domain user: %s\n", - real_name)); - - /* error out if we do not have nested group support */ - - if ( !lp_winbind_nested_groups() ) { - request_error(state); - return; - } - - s->domname = talloc_strdup(state->mem_ctx, - get_global_sam_name()); - s->username = talloc_strdup(state->mem_ctx, - state->request->data.username); - } - - /* Get info for the domain (either by short domain name or - DNS name in the case of a UPN) */ - - s->domain = find_domain_from_name_noinit(s->domname); - if (!s->domain) { - char *p = strchr(s->username, '@'); - - if (p) { - s->domain = find_domain_from_name_noinit(p+1); - } - - } - - if (s->domain == NULL) { - DEBUG(7, ("could not find domain entry for domain %s\n", - s->domname)); - request_error(state); - return; - } - - if ( s->domain->primary && lp_winbind_trusted_domains_only()) { - DEBUG(7,("winbindd_getgroups: My domain -- rejecting " - "getgroups() for %s\\%s.\n", s->domname, - s->username)); - request_error(state); - return; - } - - /* Get rid and name type from name. The following costs 1 packet */ - - winbindd_lookupname_async(state->mem_ctx, - s->domname, s->username, - getgroups_usersid_recv, - WINBINDD_GETGROUPS, s); -} - -static void getgroups_usersid_recv(void *private_data, bool success, - const DOM_SID *sid, enum lsa_SidType type) -{ - struct getgroups_state *s = - (struct getgroups_state *)private_data; - - if ((!success) || - ((type != SID_NAME_USER) && (type != SID_NAME_COMPUTER))) { - request_error(s->state); - return; - } - - sid_copy(&s->user_sid, sid); - - winbindd_gettoken_async(s->state->mem_ctx, &s->user_sid, - getgroups_tokensids_recv, s); -} - -static void getgroups_tokensids_recv(void *private_data, bool success, - DOM_SID *token_sids, size_t num_token_sids) -{ - struct getgroups_state *s = - (struct getgroups_state *)private_data; - - /* We need at least the user sid and the primary group in the token, - * otherwise it's an error */ - - if ((!success) || (num_token_sids < 2)) { - request_error(s->state); - return; - } - - s->token_sids = token_sids; - s->num_token_sids = num_token_sids; - s->i = 0; - - s->token_gids = NULL; - s->num_token_gids = 0; - - getgroups_sid2gid_recv(s, False, 0); -} - -static void getgroups_sid2gid_recv(void *private_data, bool success, gid_t gid) -{ - struct getgroups_state *s = - (struct getgroups_state *)private_data; - - if (success) { - if (!add_gid_to_array_unique(s->state->mem_ctx, gid, - &s->token_gids, - &s->num_token_gids)) { - return; - } - } - - if (s->i < s->num_token_sids) { - const DOM_SID *sid = &s->token_sids[s->i]; - s->i += 1; - - if (sid_equal(sid, &s->user_sid)) { - getgroups_sid2gid_recv(s, False, 0); - return; - } - - winbindd_sid2gid_async(s->state->mem_ctx, sid, - getgroups_sid2gid_recv, s); - return; - } - - s->state->response->data.num_entries = s->num_token_gids; - if (s->num_token_gids) { - s->state->response->extra_data.data = s->token_gids; - s->state->response->length += s->num_token_gids * sizeof(gid_t); - } - request_ok(s->state); -} /* Get user supplementary sids. This is equivalent to the winbindd_getgroups() function but it involves a SID->SIDs mapping |