diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/Makefile.in | 1 | ||||
-rw-r--r-- | source3/winbindd/winbindd.c | 3 | ||||
-rw-r--r-- | source3/winbindd/winbindd_getpwnam.c | 142 | ||||
-rw-r--r-- | source3/winbindd/winbindd_proto.h | 7 | ||||
-rw-r--r-- | source3/winbindd/winbindd_user.c | 97 |
5 files changed, 152 insertions, 98 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index f5fba5e38b..d7e6caa1d3 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -1167,6 +1167,7 @@ WINBINDD_OBJ1 = \ winbindd/winbindd_uid_to_sid.o \ winbindd/winbindd_gid_to_sid.o \ winbindd/winbindd_getpwsid.o \ + winbindd/winbindd_getpwnam.o \ auth/token_util.o \ ../nsswitch/libwbclient/wb_reqtrans.o \ smbd/connection.o diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index 77e073c7c3..3b8358be0c 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -427,7 +427,6 @@ static struct winbindd_dispatch_table { /* User functions */ - { WINBINDD_GETPWNAM, winbindd_getpwnam, "GETPWNAM" }, { WINBINDD_GETPWUID, winbindd_getpwuid, "GETPWUID" }, { WINBINDD_SETPWENT, winbindd_setpwent, "SETPWENT" }, @@ -532,6 +531,8 @@ static struct winbindd_async_dispatch_table async_nonpriv_table[] = { winbindd_gid_to_sid_send, winbindd_gid_to_sid_recv }, { WINBINDD_GETPWSID, "GETPWSID", winbindd_getpwsid_send, winbindd_getpwsid_recv }, + { WINBINDD_GETPWNAM, "GETPWNAM", + winbindd_getpwnam_send, winbindd_getpwnam_recv }, { 0, NULL, NULL, NULL } }; diff --git a/source3/winbindd/winbindd_getpwnam.c b/source3/winbindd/winbindd_getpwnam.c new file mode 100644 index 0000000000..80b618c4aa --- /dev/null +++ b/source3/winbindd/winbindd_getpwnam.c @@ -0,0 +1,142 @@ +/* + Unix SMB/CIFS implementation. + async implementation of WINBINDD_GETPWNAM + Copyright (C) Volker Lendecke 2009 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "winbindd.h" + +struct winbindd_getpwnam_state { + struct tevent_context *ev; + fstring domname; + fstring username; + struct dom_sid sid; + enum lsa_SidType type; + struct winbindd_pw pw; +}; + +static void winbindd_getpwnam_lookupname_done(struct tevent_req *subreq); +static void winbindd_getpwnam_done(struct tevent_req *subreq); + +struct tevent_req *winbindd_getpwnam_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct winbindd_request *request) +{ + struct tevent_req *req, *subreq; + struct winbindd_getpwnam_state *state; + char *domuser, *mapped_user; + NTSTATUS status; + + req = tevent_req_create(mem_ctx, &state, + struct winbindd_getpwnam_state); + if (req == NULL) { + return NULL; + } + state->ev = ev; + + /* Ensure null termination */ + request->data.username[sizeof(request->data.username)-1]='\0'; + + DEBUG(3, ("getpwnam %s\n", request->data.username)); + + domuser = request->data.username; + + status = normalize_name_unmap(state, domuser, &mapped_user); + + if (NT_STATUS_IS_OK(status) + || NT_STATUS_EQUAL(status, NT_STATUS_FILE_RENAMED)) { + /* normalize_name_unmapped did something */ + domuser = mapped_user; + } + + if (!parse_domain_user(domuser, state->domname, state->username)) { + DEBUG(5, ("Could not parse domain user: %s\n", domuser)); + tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER); + return tevent_req_post(req, ev); + } + + if (lp_winbind_trusted_domains_only() + && strequal(state->domname, lp_workgroup())) { + DEBUG(7,("winbindd_getpwnam: My domain -- " + "rejecting getpwnam() for %s\\%s.\n", + state->domname, state->username)); + tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER); + return tevent_req_post(req, ev); + } + + subreq = wb_lookupname_send(state, ev, state->domname, state->username, + LOOKUP_NAME_NO_NSS); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, winbindd_getpwnam_lookupname_done, + req); + return req; +} + +static void winbindd_getpwnam_lookupname_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct winbindd_getpwnam_state *state = tevent_req_data( + req, struct winbindd_getpwnam_state); + NTSTATUS status; + + status = wb_lookupname_recv(subreq, &state->sid, &state->type); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + tevent_req_nterror(req, status); + return; + } + + subreq = wb_getpwsid_send(state, state->ev, &state->sid, &state->pw); + if (tevent_req_nomem(subreq, req)) { + return; + } + tevent_req_set_callback(subreq, winbindd_getpwnam_done, req); +} + +static void winbindd_getpwnam_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + NTSTATUS status; + + status = wb_getpwsid_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + tevent_req_nterror(req, status); + return; + } + tevent_req_done(req); +} + +NTSTATUS winbindd_getpwnam_recv(struct tevent_req *req, + struct winbindd_response *response) +{ + struct winbindd_getpwnam_state *state = tevent_req_data( + req, struct winbindd_getpwnam_state); + NTSTATUS status; + + if (tevent_req_is_nterror(req, &status)) { + DEBUG(5, ("Could not convert sid %s: %s\n", + sid_string_dbg(&state->sid), nt_errstr(status))); + return status; + } + response->data.pw = state->pw; + return NT_STATUS_OK; +} diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index 6dcfdcfbbd..80a4f46b67 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -711,4 +711,11 @@ struct tevent_req *winbindd_getpwsid_send(TALLOC_CTX *mem_ctx, NTSTATUS winbindd_getpwsid_recv(struct tevent_req *req, struct winbindd_response *response); +struct tevent_req *winbindd_getpwnam_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct winbindd_request *request); +NTSTATUS winbindd_getpwnam_recv(struct tevent_req *req, + struct winbindd_response *response); + + #endif /* _WINBINDD_PROTO_H_ */ diff --git a/source3/winbindd/winbindd_user.c b/source3/winbindd/winbindd_user.c index b1591475ac..4778289aa8 100644 --- a/source3/winbindd/winbindd_user.c +++ b/source3/winbindd/winbindd_user.c @@ -417,103 +417,6 @@ static void getpwsid_sid2gid_recv(void *private_data, bool success, gid_t gid) /* Return a password structure from a username. */ -static void getpwnam_name2sid_recv(void *private_data, bool success, - const DOM_SID *sid, enum lsa_SidType type); - -void winbindd_getpwnam(struct winbindd_cli_state *state) -{ - struct winbindd_domain *domain; - fstring domname, username; - char *mapped_user = NULL; - char *domuser; - NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; - - domuser = state->request->data.username; - - /* Ensure null termination (it's an fstring) */ - domuser[sizeof(state->request->data.username)-1] = '\0'; - - DEBUG(3, ("[%5lu]: getpwnam %s\n", - (unsigned long)state->pid, - domuser)); - - nt_status = normalize_name_unmap(state->mem_ctx, domuser, - &mapped_user); - - /* If we could not convert from an aliased name or a - normalized name, then just use the original name */ - - if (!NT_STATUS_IS_OK(nt_status) && - !NT_STATUS_EQUAL(nt_status, NT_STATUS_FILE_RENAMED)) - { - mapped_user = domuser; - } - - if (!parse_domain_user(mapped_user, domname, username)) { - DEBUG(5, ("Could not parse domain user: %s\n", domuser)); - request_error(state); - return; - } - - /* Get info for the domain */ - - domain = find_domain_from_name_noinit(domname); - - if (domain == NULL) { - DEBUG(7, ("could not find domain entry for domain %s. " - "Using primary domain\n", domname)); - domain = find_our_domain(); - if (domain == NULL) { - DEBUG(0, ("Cannot find my primary domain " - "structure!\n")); - request_error(state); - return; - } - } - - if (strequal(domname, lp_workgroup()) && - lp_winbind_trusted_domains_only() ) { - DEBUG(7,("winbindd_getpwnam: My domain -- " - "rejecting getpwnam() for %s\\%s.\n", - domname, username)); - request_error(state); - return; - } - - /* Get rid and name type from name. The following costs 1 packet */ - - winbindd_lookupname_async(state->mem_ctx, domname, username, - getpwnam_name2sid_recv, WINBINDD_GETPWNAM, - state); -} - -static void getpwnam_name2sid_recv(void *private_data, bool success, - const DOM_SID *sid, enum lsa_SidType type) -{ - struct winbindd_cli_state *state = - (struct winbindd_cli_state *)private_data; - fstring domname, username; - char *domuser = state->request->data.username; - - if (!success) { - DEBUG(5, ("Could not lookup name for user %s\n", domuser)); - request_error(state); - return; - } - - if ((type != SID_NAME_USER) && (type != SID_NAME_COMPUTER)) { - DEBUG(5, ("%s is not a user\n", domuser)); - request_error(state); - return; - } - - if (parse_domain_user(domuser, domname, username)) { - check_domain_trusted(domname, sid); - } - - getpwsid_queryuser(state, sid); -} - static void getpwuid_recv(void *private_data, bool success, const char *sid) { struct winbindd_cli_state *state = |