diff options
Diffstat (limited to 'source3/winbindd/winbindd_group.c')
-rw-r--r-- | source3/winbindd/winbindd_group.c | 224 |
1 files changed, 0 insertions, 224 deletions
diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c index f78becb699..c1a898d73b 100644 --- a/source3/winbindd/winbindd_group.c +++ b/source3/winbindd/winbindd_group.c @@ -1559,178 +1559,6 @@ struct getgroups_state { size_t num_token_gids; }; -static void getgroups_usersid_recv(void *private_data, bool success, - const DOM_SID *sid, enum lsa_SidType type); -static void getgroups_tokensids_recv(void *private_data, bool success, - DOM_SID *token_sids, size_t num_token_sids); -static void getgroups_sid2gid_recv(void *private_data, bool success, gid_t gid); - -void winbindd_getgroups(struct winbindd_cli_state *state) -{ - struct getgroups_state *s; - char *real_name = NULL; - NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; - - /* Ensure null termination */ - state->request->data.username - [sizeof(state->request->data.username)-1]='\0'; - - DEBUG(3, ("[%5lu]: getgroups %s\n", (unsigned long)state->pid, - state->request->data.username)); - - /* Parse domain and username */ - - s = TALLOC_P(state->mem_ctx, struct getgroups_state); - if (s == NULL) { - DEBUG(0, ("talloc failed\n")); - request_error(state); - return; - } - - s->state = state; - - nt_status = normalize_name_unmap(state->mem_ctx, - state->request->data.username, - &real_name); - - /* Reset the real_name pointer if we didn't do anything - productive in the above call */ - if (!NT_STATUS_IS_OK(nt_status) && - !NT_STATUS_EQUAL(nt_status, NT_STATUS_FILE_RENAMED)) - { - real_name = state->request->data.username; - } - - if (!parse_domain_user_talloc(state->mem_ctx, real_name, - &s->domname, &s->username)) { - DEBUG(5, ("Could not parse domain user: %s\n", - real_name)); - - /* error out if we do not have nested group support */ - - if ( !lp_winbind_nested_groups() ) { - request_error(state); - return; - } - - s->domname = talloc_strdup(state->mem_ctx, - get_global_sam_name()); - s->username = talloc_strdup(state->mem_ctx, - state->request->data.username); - } - - /* Get info for the domain (either by short domain name or - DNS name in the case of a UPN) */ - - s->domain = find_domain_from_name_noinit(s->domname); - if (!s->domain) { - char *p = strchr(s->username, '@'); - - if (p) { - s->domain = find_domain_from_name_noinit(p+1); - } - - } - - if (s->domain == NULL) { - DEBUG(7, ("could not find domain entry for domain %s\n", - s->domname)); - request_error(state); - return; - } - - if ( s->domain->primary && lp_winbind_trusted_domains_only()) { - DEBUG(7,("winbindd_getgroups: My domain -- rejecting " - "getgroups() for %s\\%s.\n", s->domname, - s->username)); - request_error(state); - return; - } - - /* Get rid and name type from name. The following costs 1 packet */ - - winbindd_lookupname_async(state->mem_ctx, - s->domname, s->username, - getgroups_usersid_recv, - WINBINDD_GETGROUPS, s); -} - -static void getgroups_usersid_recv(void *private_data, bool success, - const DOM_SID *sid, enum lsa_SidType type) -{ - struct getgroups_state *s = - (struct getgroups_state *)private_data; - - if ((!success) || - ((type != SID_NAME_USER) && (type != SID_NAME_COMPUTER))) { - request_error(s->state); - return; - } - - sid_copy(&s->user_sid, sid); - - winbindd_gettoken_async(s->state->mem_ctx, &s->user_sid, - getgroups_tokensids_recv, s); -} - -static void getgroups_tokensids_recv(void *private_data, bool success, - DOM_SID *token_sids, size_t num_token_sids) -{ - struct getgroups_state *s = - (struct getgroups_state *)private_data; - - /* We need at least the user sid and the primary group in the token, - * otherwise it's an error */ - - if ((!success) || (num_token_sids < 2)) { - request_error(s->state); - return; - } - - s->token_sids = token_sids; - s->num_token_sids = num_token_sids; - s->i = 0; - - s->token_gids = NULL; - s->num_token_gids = 0; - - getgroups_sid2gid_recv(s, False, 0); -} - -static void getgroups_sid2gid_recv(void *private_data, bool success, gid_t gid) -{ - struct getgroups_state *s = - (struct getgroups_state *)private_data; - - if (success) { - if (!add_gid_to_array_unique(s->state->mem_ctx, gid, - &s->token_gids, - &s->num_token_gids)) { - return; - } - } - - if (s->i < s->num_token_sids) { - const DOM_SID *sid = &s->token_sids[s->i]; - s->i += 1; - - if (sid_equal(sid, &s->user_sid)) { - getgroups_sid2gid_recv(s, False, 0); - return; - } - - winbindd_sid2gid_async(s->state->mem_ctx, sid, - getgroups_sid2gid_recv, s); - return; - } - - s->state->response->data.num_entries = s->num_token_gids; - if (s->num_token_gids) { - s->state->response->extra_data.data = s->token_gids; - s->state->response->length += s->num_token_gids * sizeof(gid_t); - } - request_ok(s->state); -} /* Get user supplementary sids. This is equivalent to the winbindd_getgroups() function but it involves a SID->SIDs mapping @@ -1815,32 +1643,6 @@ static void getusersids_recv(void *private_data, bool success, DOM_SID *sids, request_ok(state); } -void winbindd_getuserdomgroups(struct winbindd_cli_state *state) -{ - DOM_SID user_sid; - struct winbindd_domain *domain; - - /* Ensure null termination */ - state->request->data.sid[sizeof(state->request->data.sid)-1]='\0'; - - if (!string_to_sid(&user_sid, state->request->data.sid)) { - DEBUG(1, ("Could not get convert sid %s from string\n", - state->request->data.sid)); - request_error(state); - return; - } - - /* Get info for the domain */ - if ((domain = find_domain_from_sid_noinit(&user_sid)) == NULL) { - DEBUG(0,("could not find domain entry for sid %s\n", - sid_string_dbg(&user_sid))); - request_error(state); - return; - } - - sendto_domain(state, domain); -} - enum winbindd_result winbindd_dual_getuserdomgroups(struct winbindd_domain *domain, struct winbindd_cli_state *state) { @@ -1887,32 +1689,6 @@ enum winbindd_result winbindd_dual_getuserdomgroups(struct winbindd_domain *doma return WINBINDD_OK; } -void winbindd_getsidaliases(struct winbindd_cli_state *state) -{ - DOM_SID domain_sid; - struct winbindd_domain *domain; - - /* Ensure null termination */ - state->request->data.sid[sizeof(state->request->data.sid)-1]='\0'; - - if (!string_to_sid(&domain_sid, state->request->data.sid)) { - DEBUG(1, ("Could not get convert sid %s from string\n", - state->request->data.sid)); - request_error(state); - return; - } - - /* Get info for the domain */ - if ((domain = find_domain_from_sid_noinit(&domain_sid)) == NULL) { - DEBUG(0,("could not find domain entry for sid %s\n", - sid_string_dbg(&domain_sid))); - request_error(state); - return; - } - - sendto_domain(state, domain); -} - enum winbindd_result winbindd_dual_getsidaliases(struct winbindd_domain *domain, struct winbindd_cli_state *state) { |