diff options
Diffstat (limited to 'source3/winbindd')
-rw-r--r-- | source3/winbindd/winbindd.c | 17 | ||||
-rw-r--r-- | source3/winbindd/winbindd_allocate_uid.c | 92 | ||||
-rw-r--r-- | source3/winbindd/winbindd_cache.c | 1 | ||||
-rw-r--r-- | source3/winbindd/winbindd_dual_srv.c | 13 | ||||
-rw-r--r-- | source3/winbindd/winbindd_idmap.c | 4 | ||||
-rw-r--r-- | source3/winbindd/winbindd_proto.h | 7 | ||||
-rw-r--r-- | source3/winbindd/winbindd_sid.c | 24 |
7 files changed, 129 insertions, 29 deletions
diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index e583dae4a9..d664a51671 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -440,7 +440,6 @@ static struct winbindd_dispatch_table { /* Lookup related functions */ - { WINBINDD_ALLOCATE_UID, winbindd_allocate_uid, "ALLOCATE_UID" }, { WINBINDD_ALLOCATE_GID, winbindd_allocate_gid, "ALLOCATE_GID" }, { WINBINDD_SET_MAPPING, winbindd_set_mapping, "SET_MAPPING" }, { WINBINDD_REMOVE_MAPPING, winbindd_remove_mapping, "REMOVE_MAPPING" }, @@ -543,6 +542,13 @@ static struct winbindd_async_dispatch_table async_nonpriv_table[] = { { 0, NULL, NULL, NULL } }; +static struct winbindd_async_dispatch_table async_priv_table[] = { + { WINBINDD_ALLOCATE_UID, "ALLOCATE_UID", + winbindd_allocate_uid_send, winbindd_allocate_uid_recv }, + + { 0, NULL, NULL, NULL } +}; + static void wb_request_done(struct tevent_req *req); static void process_request(struct winbindd_cli_state *state) @@ -565,6 +571,15 @@ static void process_request(struct winbindd_cli_state *state) } } + if ((atable->send_req == NULL) && state->privileged) { + for (atable = async_priv_table; atable->send_req; + atable += 1) { + if (state->request->cmd == atable->cmd) { + break; + } + } + } + if (atable->send_req != NULL) { struct tevent_req *req; diff --git a/source3/winbindd/winbindd_allocate_uid.c b/source3/winbindd/winbindd_allocate_uid.c new file mode 100644 index 0000000000..171d0ccb91 --- /dev/null +++ b/source3/winbindd/winbindd_allocate_uid.c @@ -0,0 +1,92 @@ +/* + Unix SMB/CIFS implementation. + async implementation of WINBINDD_ALLOCATE_UID + Copyright (C) Volker Lendecke 2009 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "winbindd.h" +#include "librpc/gen_ndr/cli_wbint.h" + +struct winbindd_allocate_uid_state { + uint64_t uid; +}; + +static void winbindd_allocate_uid_done(struct tevent_req *subreq); + +struct tevent_req *winbindd_allocate_uid_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct winbindd_cli_state *cli, + struct winbindd_request *request) +{ + struct tevent_req *req, *subreq; + struct winbindd_allocate_uid_state *state; + struct winbindd_child *child; + + req = tevent_req_create(mem_ctx, &state, + struct winbindd_allocate_uid_state); + if (req == NULL) { + return NULL; + } + + DEBUG(3, ("allocate_uid\n")); + + child = idmap_child(); + + subreq = rpccli_wbint_AllocateUid_send(state, ev, child->rpccli, + &state->uid); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, winbindd_allocate_uid_done, req); + return req; +} + +static void winbindd_allocate_uid_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct winbindd_allocate_uid_state *state = tevent_req_data( + req, struct winbindd_allocate_uid_state); + NTSTATUS status, result; + + status = rpccli_wbint_AllocateUid_recv(subreq, state, &result); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + tevent_req_nterror(req, status); + return; + } + if (!NT_STATUS_IS_OK(result)) { + tevent_req_nterror(req, result); + return; + } + tevent_req_done(req); +} + +NTSTATUS winbindd_allocate_uid_recv(struct tevent_req *req, + struct winbindd_response *response) +{ + struct winbindd_allocate_uid_state *state = tevent_req_data( + req, struct winbindd_allocate_uid_state); + NTSTATUS status; + + if (tevent_req_is_nterror(req, &status)) { + DEBUG(5, ("Could not allocate uid: %s\n", nt_errstr(status))); + return status; + } + response->data.uid = state->uid; + return NT_STATUS_OK; +} diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index 65bbe75cd7..5bb76c5b06 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -4356,6 +4356,7 @@ static bool wcache_opnum_cacheable(uint32_t opnum) switch (opnum) { case NDR_WBINT_PING: case NDR_WBINT_QUERYSEQUENCENUMBER: + case NDR_WBINT_ALLOCATEUID: return false; } return true; diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index 0f0802109a..8bea6ac03a 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -106,6 +106,19 @@ NTSTATUS _wbint_Gid2Sid(pipes_struct *p, struct wbint_Gid2Sid *r) r->out.sid, r->in.gid); } +NTSTATUS _wbint_AllocateUid(pipes_struct *p, struct wbint_AllocateUid *r) +{ + struct unixid xid; + NTSTATUS status; + + status = idmap_allocate_uid(&xid); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + *r->out.uid = xid.id; + return NT_STATUS_OK; +} + NTSTATUS _wbint_QueryUser(pipes_struct *p, struct wbint_QueryUser *r) { struct winbindd_domain *domain = wb_child_domain(); diff --git a/source3/winbindd/winbindd_idmap.c b/source3/winbindd/winbindd_idmap.c index 5986c3b6c3..65cc0d1f53 100644 --- a/source3/winbindd/winbindd_idmap.c +++ b/source3/winbindd/winbindd_idmap.c @@ -557,10 +557,6 @@ static const struct winbindd_child_dispatch_table idmap_dispatch_table[] = { .struct_cmd = WINBINDD_DUAL_SET_HWM, .struct_fn = winbindd_dual_set_hwm, },{ - .name = "ALLOCATE_UID", - .struct_cmd = WINBINDD_ALLOCATE_UID, - .struct_fn = winbindd_dual_allocate_uid, - },{ .name = "ALLOCATE_GID", .struct_cmd = WINBINDD_ALLOCATE_GID, .struct_fn = winbindd_dual_allocate_gid, diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index b59d11b78f..cbb57634ba 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -721,6 +721,13 @@ struct tevent_req *winbindd_gid_to_sid_send(TALLOC_CTX *mem_ctx, NTSTATUS winbindd_gid_to_sid_recv(struct tevent_req *req, struct winbindd_response *response); +struct tevent_req *winbindd_allocate_uid_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct winbindd_cli_state *cli, + struct winbindd_request *request); +NTSTATUS winbindd_allocate_uid_recv(struct tevent_req *req, + struct winbindd_response *response); + struct tevent_req *wb_queryuser_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, const struct dom_sid *user_sid); diff --git a/source3/winbindd/winbindd_sid.c b/source3/winbindd/winbindd_sid.c index 8f09d5f7eb..717a0272d6 100644 --- a/source3/winbindd/winbindd_sid.c +++ b/source3/winbindd/winbindd_sid.c @@ -141,30 +141,6 @@ void winbindd_set_hwm(struct winbindd_cli_state *state) winbindd_set_hwm_async(state->mem_ctx, &xid, set_hwm_recv, state); } -void winbindd_allocate_uid(struct winbindd_cli_state *state) -{ - if ( !state->privileged ) { - DEBUG(2, ("winbindd_allocate_uid: non-privileged access " - "denied!\n")); - request_error(state); - return; - } - - sendto_child(state, idmap_child()); -} - -enum winbindd_result winbindd_dual_allocate_uid(struct winbindd_domain *domain, - struct winbindd_cli_state *state) -{ - struct unixid xid; - - if (!NT_STATUS_IS_OK(idmap_allocate_uid(&xid))) { - return WINBINDD_ERROR; - } - state->response->data.uid = xid.id; - return WINBINDD_OK; -} - void winbindd_allocate_gid(struct winbindd_cli_state *state) { if ( !state->privileged ) { |