summaryrefslogtreecommitdiff
path: root/source3/winbindd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/winbindd')
-rw-r--r--source3/winbindd/winbindd.c17
-rw-r--r--source3/winbindd/winbindd_allocate_uid.c92
-rw-r--r--source3/winbindd/winbindd_cache.c1
-rw-r--r--source3/winbindd/winbindd_dual_srv.c13
-rw-r--r--source3/winbindd/winbindd_idmap.c4
-rw-r--r--source3/winbindd/winbindd_proto.h7
-rw-r--r--source3/winbindd/winbindd_sid.c24
7 files changed, 129 insertions, 29 deletions
diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c
index e583dae4a9..d664a51671 100644
--- a/source3/winbindd/winbindd.c
+++ b/source3/winbindd/winbindd.c
@@ -440,7 +440,6 @@ static struct winbindd_dispatch_table {
/* Lookup related functions */
- { WINBINDD_ALLOCATE_UID, winbindd_allocate_uid, "ALLOCATE_UID" },
{ WINBINDD_ALLOCATE_GID, winbindd_allocate_gid, "ALLOCATE_GID" },
{ WINBINDD_SET_MAPPING, winbindd_set_mapping, "SET_MAPPING" },
{ WINBINDD_REMOVE_MAPPING, winbindd_remove_mapping, "REMOVE_MAPPING" },
@@ -543,6 +542,13 @@ static struct winbindd_async_dispatch_table async_nonpriv_table[] = {
{ 0, NULL, NULL, NULL }
};
+static struct winbindd_async_dispatch_table async_priv_table[] = {
+ { WINBINDD_ALLOCATE_UID, "ALLOCATE_UID",
+ winbindd_allocate_uid_send, winbindd_allocate_uid_recv },
+
+ { 0, NULL, NULL, NULL }
+};
+
static void wb_request_done(struct tevent_req *req);
static void process_request(struct winbindd_cli_state *state)
@@ -565,6 +571,15 @@ static void process_request(struct winbindd_cli_state *state)
}
}
+ if ((atable->send_req == NULL) && state->privileged) {
+ for (atable = async_priv_table; atable->send_req;
+ atable += 1) {
+ if (state->request->cmd == atable->cmd) {
+ break;
+ }
+ }
+ }
+
if (atable->send_req != NULL) {
struct tevent_req *req;
diff --git a/source3/winbindd/winbindd_allocate_uid.c b/source3/winbindd/winbindd_allocate_uid.c
new file mode 100644
index 0000000000..171d0ccb91
--- /dev/null
+++ b/source3/winbindd/winbindd_allocate_uid.c
@@ -0,0 +1,92 @@
+/*
+ Unix SMB/CIFS implementation.
+ async implementation of WINBINDD_ALLOCATE_UID
+ Copyright (C) Volker Lendecke 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "winbindd.h"
+#include "librpc/gen_ndr/cli_wbint.h"
+
+struct winbindd_allocate_uid_state {
+ uint64_t uid;
+};
+
+static void winbindd_allocate_uid_done(struct tevent_req *subreq);
+
+struct tevent_req *winbindd_allocate_uid_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct winbindd_cli_state *cli,
+ struct winbindd_request *request)
+{
+ struct tevent_req *req, *subreq;
+ struct winbindd_allocate_uid_state *state;
+ struct winbindd_child *child;
+
+ req = tevent_req_create(mem_ctx, &state,
+ struct winbindd_allocate_uid_state);
+ if (req == NULL) {
+ return NULL;
+ }
+
+ DEBUG(3, ("allocate_uid\n"));
+
+ child = idmap_child();
+
+ subreq = rpccli_wbint_AllocateUid_send(state, ev, child->rpccli,
+ &state->uid);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq, winbindd_allocate_uid_done, req);
+ return req;
+}
+
+static void winbindd_allocate_uid_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ struct winbindd_allocate_uid_state *state = tevent_req_data(
+ req, struct winbindd_allocate_uid_state);
+ NTSTATUS status, result;
+
+ status = rpccli_wbint_AllocateUid_recv(subreq, state, &result);
+ TALLOC_FREE(subreq);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ tevent_req_nterror(req, result);
+ return;
+ }
+ tevent_req_done(req);
+}
+
+NTSTATUS winbindd_allocate_uid_recv(struct tevent_req *req,
+ struct winbindd_response *response)
+{
+ struct winbindd_allocate_uid_state *state = tevent_req_data(
+ req, struct winbindd_allocate_uid_state);
+ NTSTATUS status;
+
+ if (tevent_req_is_nterror(req, &status)) {
+ DEBUG(5, ("Could not allocate uid: %s\n", nt_errstr(status)));
+ return status;
+ }
+ response->data.uid = state->uid;
+ return NT_STATUS_OK;
+}
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index 65bbe75cd7..5bb76c5b06 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -4356,6 +4356,7 @@ static bool wcache_opnum_cacheable(uint32_t opnum)
switch (opnum) {
case NDR_WBINT_PING:
case NDR_WBINT_QUERYSEQUENCENUMBER:
+ case NDR_WBINT_ALLOCATEUID:
return false;
}
return true;
diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c
index 0f0802109a..8bea6ac03a 100644
--- a/source3/winbindd/winbindd_dual_srv.c
+++ b/source3/winbindd/winbindd_dual_srv.c
@@ -106,6 +106,19 @@ NTSTATUS _wbint_Gid2Sid(pipes_struct *p, struct wbint_Gid2Sid *r)
r->out.sid, r->in.gid);
}
+NTSTATUS _wbint_AllocateUid(pipes_struct *p, struct wbint_AllocateUid *r)
+{
+ struct unixid xid;
+ NTSTATUS status;
+
+ status = idmap_allocate_uid(&xid);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ *r->out.uid = xid.id;
+ return NT_STATUS_OK;
+}
+
NTSTATUS _wbint_QueryUser(pipes_struct *p, struct wbint_QueryUser *r)
{
struct winbindd_domain *domain = wb_child_domain();
diff --git a/source3/winbindd/winbindd_idmap.c b/source3/winbindd/winbindd_idmap.c
index 5986c3b6c3..65cc0d1f53 100644
--- a/source3/winbindd/winbindd_idmap.c
+++ b/source3/winbindd/winbindd_idmap.c
@@ -557,10 +557,6 @@ static const struct winbindd_child_dispatch_table idmap_dispatch_table[] = {
.struct_cmd = WINBINDD_DUAL_SET_HWM,
.struct_fn = winbindd_dual_set_hwm,
},{
- .name = "ALLOCATE_UID",
- .struct_cmd = WINBINDD_ALLOCATE_UID,
- .struct_fn = winbindd_dual_allocate_uid,
- },{
.name = "ALLOCATE_GID",
.struct_cmd = WINBINDD_ALLOCATE_GID,
.struct_fn = winbindd_dual_allocate_gid,
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index b59d11b78f..cbb57634ba 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -721,6 +721,13 @@ struct tevent_req *winbindd_gid_to_sid_send(TALLOC_CTX *mem_ctx,
NTSTATUS winbindd_gid_to_sid_recv(struct tevent_req *req,
struct winbindd_response *response);
+struct tevent_req *winbindd_allocate_uid_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct winbindd_cli_state *cli,
+ struct winbindd_request *request);
+NTSTATUS winbindd_allocate_uid_recv(struct tevent_req *req,
+ struct winbindd_response *response);
+
struct tevent_req *wb_queryuser_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
const struct dom_sid *user_sid);
diff --git a/source3/winbindd/winbindd_sid.c b/source3/winbindd/winbindd_sid.c
index 8f09d5f7eb..717a0272d6 100644
--- a/source3/winbindd/winbindd_sid.c
+++ b/source3/winbindd/winbindd_sid.c
@@ -141,30 +141,6 @@ void winbindd_set_hwm(struct winbindd_cli_state *state)
winbindd_set_hwm_async(state->mem_ctx, &xid, set_hwm_recv, state);
}
-void winbindd_allocate_uid(struct winbindd_cli_state *state)
-{
- if ( !state->privileged ) {
- DEBUG(2, ("winbindd_allocate_uid: non-privileged access "
- "denied!\n"));
- request_error(state);
- return;
- }
-
- sendto_child(state, idmap_child());
-}
-
-enum winbindd_result winbindd_dual_allocate_uid(struct winbindd_domain *domain,
- struct winbindd_cli_state *state)
-{
- struct unixid xid;
-
- if (!NT_STATUS_IS_OK(idmap_allocate_uid(&xid))) {
- return WINBINDD_ERROR;
- }
- state->response->data.uid = xid.id;
- return WINBINDD_OK;
-}
-
void winbindd_allocate_gid(struct winbindd_cli_state *state)
{
if ( !state->privileged ) {