summaryrefslogtreecommitdiff
path: root/source3/winbindd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/winbindd')
-rw-r--r--source3/winbindd/wb_gettoken.c218
-rw-r--r--source3/winbindd/winbindd_proto.h5
2 files changed, 223 insertions, 0 deletions
diff --git a/source3/winbindd/wb_gettoken.c b/source3/winbindd/wb_gettoken.c
new file mode 100644
index 0000000000..26189e5a97
--- /dev/null
+++ b/source3/winbindd/wb_gettoken.c
@@ -0,0 +1,218 @@
+/*
+ Unix SMB/CIFS implementation.
+ async gettoken
+ Copyright (C) Volker Lendecke 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "winbindd.h"
+#include "librpc/gen_ndr/cli_wbint.h"
+
+struct wb_gettoken_state {
+ struct tevent_context *ev;
+ struct dom_sid usersid;
+ int num_sids;
+ struct dom_sid *sids;
+};
+
+static bool wb_add_rids_to_sids(TALLOC_CTX *mem_ctx,
+ int *pnum_sids, struct dom_sid **psids,
+ const struct dom_sid *domain_sid,
+ int num_rids, uint32_t *rids);
+
+static void wb_gettoken_gotgroups(struct tevent_req *subreq);
+static void wb_gettoken_gotlocalgroups(struct tevent_req *subreq);
+static void wb_gettoken_gotbuiltins(struct tevent_req *subreq);
+
+struct tevent_req *wb_gettoken_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ const struct dom_sid *sid)
+{
+ struct tevent_req *req, *subreq;
+ struct wb_gettoken_state *state;
+ struct winbindd_domain *domain;
+
+ req = tevent_req_create(mem_ctx, &state, struct wb_gettoken_state);
+ if (req == NULL) {
+ return NULL;
+ }
+ sid_copy(&state->usersid, sid);
+ state->ev = ev;
+
+ domain = find_domain_from_sid_noinit(sid);
+ if (domain == NULL) {
+ DEBUG(5, ("Could not find domain from SID %s\n",
+ sid_string_dbg(sid)));
+ tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
+ return tevent_req_post(req, ev);
+ }
+
+ subreq = wb_lookupusergroups_send(state, ev, domain, &state->usersid);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq, wb_gettoken_gotgroups, req);
+ return req;
+}
+
+static void wb_gettoken_gotgroups(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ struct wb_gettoken_state *state = tevent_req_data(
+ req, struct wb_gettoken_state);
+ struct dom_sid *sids;
+ struct winbindd_domain *domain;
+ NTSTATUS status;
+
+ status = wb_lookupusergroups_recv(subreq, state, &state->num_sids,
+ &state->sids);
+ TALLOC_FREE(subreq);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+
+ sids = talloc_realloc(state, state->sids, struct dom_sid,
+ state->num_sids + 1);
+ if (tevent_req_nomem(sids, req)) {
+ return;
+ }
+ memmove(&sids[1], &sids[0], state->num_sids * sizeof(sids[0]));
+ sid_copy(&sids[0], &state->usersid);
+ state->num_sids += 1;
+ state->sids = sids;
+
+ /*
+ * Expand our domain's aliases
+ */
+ domain = find_our_domain();
+ if (domain == NULL) {
+ tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
+ return;
+ }
+
+ subreq = wb_lookupuseraliases_send(state, state->ev, domain,
+ state->num_sids, state->sids);
+ if (tevent_req_nomem(subreq, req)) {
+ return;
+ }
+ tevent_req_set_callback(subreq, wb_gettoken_gotlocalgroups, req);
+}
+
+static void wb_gettoken_gotlocalgroups(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ struct wb_gettoken_state *state = tevent_req_data(
+ req, struct wb_gettoken_state);
+ uint32_t num_rids;
+ uint32_t *rids;
+ struct winbindd_domain *domain;
+ NTSTATUS status;
+
+ status = wb_lookupuseraliases_recv(subreq, state, &num_rids, &rids);
+ TALLOC_FREE(subreq);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ domain = find_our_domain();
+ if (!wb_add_rids_to_sids(state, &state->num_sids, &state->sids,
+ &domain->sid, num_rids, rids)) {
+ tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
+ return;
+ }
+ TALLOC_FREE(rids);
+
+ /*
+ * Now expand the builtin groups
+ */
+
+ domain = find_builtin_domain();
+ if (domain == NULL) {
+ tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
+ return;
+ }
+
+ subreq = wb_lookupuseraliases_send(state, state->ev, domain,
+ state->num_sids, state->sids);
+ if (tevent_req_nomem(subreq, req)) {
+ return;
+ }
+ tevent_req_set_callback(subreq, wb_gettoken_gotbuiltins, req);
+}
+
+static void wb_gettoken_gotbuiltins(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ struct wb_gettoken_state *state = tevent_req_data(
+ req, struct wb_gettoken_state);
+ uint32_t num_rids;
+ uint32_t *rids;
+ NTSTATUS status;
+
+ status = wb_lookupuseraliases_recv(subreq, state, &num_rids, &rids);
+ TALLOC_FREE(subreq);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ if (!wb_add_rids_to_sids(state, &state->num_sids, &state->sids,
+ &global_sid_Builtin, num_rids, rids)) {
+ tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
+ return;
+ }
+ tevent_req_done(req);
+}
+
+NTSTATUS wb_gettoken_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ int *num_sids, struct dom_sid **sids)
+{
+ struct wb_gettoken_state *state = tevent_req_data(
+ req, struct wb_gettoken_state);
+ NTSTATUS status;
+
+ if (tevent_req_is_nterror(req, &status)) {
+ return status;
+ }
+ *num_sids = state->num_sids;
+ *sids = talloc_move(mem_ctx, &state->sids);
+ return NT_STATUS_OK;
+}
+
+static bool wb_add_rids_to_sids(TALLOC_CTX *mem_ctx,
+ int *pnum_sids, struct dom_sid **psids,
+ const struct dom_sid *domain_sid,
+ int num_rids, uint32_t *rids)
+{
+ struct dom_sid *sids;
+ int i;
+
+ sids = talloc_realloc(mem_ctx, *psids, struct dom_sid,
+ *pnum_sids + num_rids);
+ if (sids == NULL) {
+ return false;
+ }
+ for (i=0; i<num_rids; i++) {
+ sid_compose(&sids[i+*pnum_sids], domain_sid, rids[i]);
+ }
+
+ *pnum_sids += num_rids;
+ *psids = sids;
+ return true;
+}
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index ed416de954..df6df12dc3 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -756,6 +756,11 @@ struct tevent_req *winbindd_getuserdomgroups_send(TALLOC_CTX *mem_ctx,
struct winbindd_request *request);
NTSTATUS winbindd_getuserdomgroups_recv(struct tevent_req *req,
struct winbindd_response *response);
+struct tevent_req *wb_gettoken_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ const struct dom_sid *sid);
+NTSTATUS wb_gettoken_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ int *num_sids, struct dom_sid **sids);