From 30baf31411363ebd79a6366caf4a792850c40192 Mon Sep 17 00:00:00 2001 From: Matthieu Patou Date: Thu, 4 Mar 2010 02:46:36 +0300 Subject: s4:winbind: implement calls for allowing getent groups MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is to say getgrent and setgrent, and the associated technical objects (states, build directives,...) needed. Signed-off-by: Matthias Dieter Wallnöfer --- source4/winbind/config.mk | 2 + source4/winbind/wb_cmd_getgrent.c | 124 +++++++++++++++++++++++++++ source4/winbind/wb_cmd_setgrent.c | 171 ++++++++++++++++++++++++++++++++++++++ source4/winbind/wb_samba3_cmd.c | 71 +++++++++++++++- source4/winbind/wb_server.h | 13 +++ 5 files changed, 379 insertions(+), 2 deletions(-) create mode 100644 source4/winbind/wb_cmd_getgrent.c create mode 100644 source4/winbind/wb_cmd_setgrent.c (limited to 'source4/winbind') diff --git a/source4/winbind/config.mk b/source4/winbind/config.mk index 17cbd956e4..45164d349a 100644 --- a/source4/winbind/config.mk +++ b/source4/winbind/config.mk @@ -50,6 +50,8 @@ WINBIND_OBJ_FILES = $(addprefix $(winbindsrcdir)/, \ wb_cmd_list_users.o \ wb_cmd_setpwent.o \ wb_cmd_getpwent.o \ + wb_cmd_getgrent.o \ + wb_cmd_setgrent.o \ wb_pam_auth.o \ wb_sam_logon.o) diff --git a/source4/winbind/wb_cmd_getgrent.c b/source4/winbind/wb_cmd_getgrent.c new file mode 100644 index 0000000000..79a3aff852 --- /dev/null +++ b/source4/winbind/wb_cmd_getgrent.c @@ -0,0 +1,124 @@ +/* + Unix SMB/CIFS implementation. + + Command backend for getgrent + + Copyright (C) Matthieu Patou 2010 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" +#include "libcli/composite/composite.h" +#include "winbind/wb_server.h" +#include "smbd/service_task.h" + +struct cmd_getgrent_state { + struct composite_context *ctx; + struct wbsrv_service *service; + + struct wbsrv_grent *grent; + uint32_t max_groups; + + uint32_t num_groups; + struct winbindd_gr *result; +}; + +static void cmd_getgrent_recv_grnam(struct composite_context *ctx); +#if 0 /*FIXME: implement this*/ +static void cmd_getgrent_recv_user_list(struct composite_context *ctx); +#endif + +struct composite_context *wb_cmd_getgrent_send(TALLOC_CTX *mem_ctx, + struct wbsrv_service *service, struct wbsrv_grent *grent, + uint32_t max_groups) +{ + struct composite_context *ctx, *result; + struct cmd_getgrent_state *state; + + DEBUG(5, ("wb_cmd_getgrent_send called\n")); + + result = composite_create(mem_ctx, service->task->event_ctx); + if (!result) return NULL; + + state = talloc(mem_ctx, struct cmd_getgrent_state); + if (composite_nomem(state, result)) return result; + + state->ctx = result; + result->private_data = state; + state->service = service; + state->grent = grent; + state->max_groups = max_groups; + state->num_groups = 0; + + /* If there are groups left in the libnet_GroupList and we're below the + * maximum number of groups to get per winbind getgrent call, use + * getgrnam to get the winbindd_gr struct */ + if (grent->page_index < grent->group_list->out.count) { + int idx = grent->page_index; + char *groupname = talloc_strdup(state, + grent->group_list->out.groups[idx].groupname); + + grent->page_index++; + ctx = wb_cmd_getgrnam_send(state, service, groupname); + if (composite_nomem(ctx, state->ctx)) return result; + + composite_continue(state->ctx, ctx, cmd_getgrent_recv_grnam, + state); + } else { + /* If there is no valid group left, call libnet_GroupList to get a new + * list of group. */ + composite_error(state->ctx, NT_STATUS_NO_MORE_ENTRIES); + } + return result; +} + +static void cmd_getgrent_recv_grnam(struct composite_context *ctx) +{ + struct cmd_getgrent_state *state = + talloc_get_type(ctx->async.private_data, + struct cmd_getgrent_state); + struct winbindd_gr *gr; + + DEBUG(5, ("cmd_getgrent_recv_grnam called\n")); + + state->ctx->status = wb_cmd_getgrnam_recv(ctx, state, &gr); + if (!composite_is_ok(state->ctx)) return; + + /*FIXME: Cheat for now and only get one group per call */ + state->result = gr; + + composite_done(state->ctx); +} + +NTSTATUS wb_cmd_getgrent_recv(struct composite_context *ctx, + TALLOC_CTX *mem_ctx, struct winbindd_gr **gr, + uint32_t *num_groups) +{ + NTSTATUS status = composite_wait(ctx); + + DEBUG(5, ("wb_cmd_getgrent_recv called\n")); + + if (NT_STATUS_IS_OK(status)) { + struct cmd_getgrent_state *state = + talloc_get_type(ctx->private_data, + struct cmd_getgrent_state); + *gr = talloc_steal(mem_ctx, state->result); + /*FIXME: Cheat and only get one group */ + *num_groups = 1; + } + + talloc_free(ctx); + return status; +} diff --git a/source4/winbind/wb_cmd_setgrent.c b/source4/winbind/wb_cmd_setgrent.c new file mode 100644 index 0000000000..452d9e736a --- /dev/null +++ b/source4/winbind/wb_cmd_setgrent.c @@ -0,0 +1,171 @@ +/* + Unix SMB/CIFS implementation. + + Command backend for setgrent + + Copyright (C) Matthieu Patou 2010 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" +#include "libcli/composite/composite.h" +#include "winbind/wb_server.h" +#include "smbd/service_task.h" + +struct cmd_setgrent_state { + struct composite_context *ctx; + struct wbsrv_service *service; + struct libnet_context *libnet_ctx; + + struct wbsrv_grent *result; + char *domain_name; +}; + +static void cmd_setgrent_recv_domain(struct composite_context *ctx); +static void cmd_setgrent_recv_group_list(struct composite_context *ctx); + +struct composite_context *wb_cmd_setgrent_send(TALLOC_CTX *mem_ctx, + struct wbsrv_service *service) +{ + struct composite_context *ctx, *result; + struct cmd_setgrent_state *state; + + DEBUG(5, ("wb_cmd_setgrent_send called\n")); + + result = composite_create(mem_ctx, service->task->event_ctx); + if (!result) return NULL; + + state = talloc(mem_ctx, struct cmd_setgrent_state); + if (composite_nomem(state, result)) return result; + + state->ctx = result; + result->private_data = state; + state->service = service; + + state->result = talloc(state, struct wbsrv_grent); + if (composite_nomem(state->result, state->ctx)) return result; + + ctx = wb_sid2domain_send(state, service, service->primary_sid); + if (composite_nomem(ctx, state->ctx)) return result; + + composite_continue(state->ctx, ctx, cmd_setgrent_recv_domain, state); + return result; +} + +static void cmd_setgrent_recv_domain(struct composite_context *ctx) +{ + struct cmd_setgrent_state *state = talloc_get_type( + ctx->async.private_data, struct cmd_setgrent_state); + struct wbsrv_domain *domain; + struct libnet_GroupList *group_list; + + DEBUG(5, ("cmd_setgrent_recv_domain called\n")); + + state->ctx->status = wb_sid2domain_recv(ctx, &domain); + if (!composite_is_ok(state->ctx)) return; + + state->libnet_ctx = domain->libnet_ctx; + + group_list = talloc(state->result, struct libnet_GroupList); + if (composite_nomem(group_list, state->ctx)) return; + + state->domain_name = talloc_strdup(state, + domain->libnet_ctx->samr.name); + group_list->in.domain_name = talloc_strdup(state, + domain->libnet_ctx->samr.name); + if (composite_nomem(group_list->in.domain_name, state->ctx)) return; + + /* Page size recommended by Rafal */ + group_list->in.page_size = 128; + + /* Always get the start of the list */ + group_list->in.resume_index = 0; + + ctx = libnet_GroupList_send(domain->libnet_ctx, state->result, group_list, + NULL); + + state->result->page_index = -1; + composite_continue(state->ctx, ctx, cmd_setgrent_recv_group_list, state); +} + +static void cmd_setgrent_recv_group_list(struct composite_context *ctx) +{ + struct cmd_setgrent_state *state = talloc_get_type( + ctx->async.private_data, struct cmd_setgrent_state); + struct libnet_GroupList *group_list; + struct libnet_GroupList *group_list_send; + DEBUG(5, ("cmd_setgrent_recv_group_list called\n")); + + group_list = talloc(state->result, struct libnet_GroupList); + if (composite_nomem(group_list, state->ctx)) return; + + state->ctx->status = libnet_GroupList_recv(ctx, state->result, + group_list); + if (NT_STATUS_IS_OK(state->ctx->status) || + NT_STATUS_EQUAL(state->ctx->status, STATUS_MORE_ENTRIES)) { + if( state->result->page_index == -1) { /* First run*/ + state->result->group_list = group_list; + state->result->page_index = 0; + state->result->libnet_ctx = state->libnet_ctx; + } else { + int i; + struct grouplist *tmp; + tmp = state->result->group_list->out.groups; + state->result->group_list->out.groups = talloc_realloc(state->result,tmp,struct grouplist, + state->result->group_list->out.count+group_list->out.count); + tmp = state->result->group_list->out.groups; + for(i=0;iout.count;i++ ) { + tmp[i+state->result->group_list->out.count].groupname = talloc_steal(state->result,group_list->out.groups[i].groupname); + } + state->result->group_list->out.count += group_list->out.count; + talloc_free(group_list); + } + + + if (NT_STATUS_IS_OK(state->ctx->status) ) { + composite_done(state->ctx); + } else { + group_list_send = talloc(state->result, struct libnet_GroupList); + if (composite_nomem(group_list_send, state->ctx)) return; + group_list_send->in.domain_name = talloc_strdup(state, state->domain_name); + group_list_send->in.resume_index = group_list->out.resume_index; + group_list_send->in.page_size = 128; + ctx = libnet_GroupList_send(state->libnet_ctx, state->result, group_list_send, NULL); + composite_continue(state->ctx, ctx, cmd_setgrent_recv_group_list, state); + } + } else { + composite_error(state->ctx, state->ctx->status); + } + return; +} + +NTSTATUS wb_cmd_setgrent_recv(struct composite_context *ctx, + TALLOC_CTX *mem_ctx, struct wbsrv_grent **grent) +{ + NTSTATUS status = composite_wait(ctx); + + DEBUG(5, ("wb_cmd_setgrent_recv called\n")); + + if (NT_STATUS_IS_OK(status)) { + struct cmd_setgrent_state *state = + talloc_get_type(ctx->private_data, + struct cmd_setgrent_state); + + *grent = talloc_steal(mem_ctx, state->result); + } + + talloc_free(ctx); + return status; +} diff --git a/source4/winbind/wb_samba3_cmd.c b/source4/winbind/wb_samba3_cmd.c index 3945815ae6..2c846c4f15 100644 --- a/source4/winbind/wb_samba3_cmd.c +++ b/source4/winbind/wb_samba3_cmd.c @@ -1190,17 +1190,84 @@ NTSTATUS wbsrv_samba3_getgroups(struct wbsrv_samba3_call *s3call) return NT_STATUS_OK; } +static void setgrent_recv(struct composite_context *ctx) +{ + struct wbsrv_samba3_call *s3call = + talloc_get_type(ctx->async.private_data, + struct wbsrv_samba3_call); + NTSTATUS status; + struct wbsrv_grent *grent; + + DEBUG(5, ("setpwent_recv called\n")); + + status = wb_cmd_setgrent_recv(ctx, s3call->wbconn, &grent); + if (NT_STATUS_IS_OK(status)) { + s3call->wbconn->protocol_private_data = grent; + } + + wbsrv_samba3_async_epilogue(status, s3call); +} + NTSTATUS wbsrv_samba3_setgrent(struct wbsrv_samba3_call *s3call) { + struct composite_context *ctx; + struct wbsrv_service *service = s3call->wbconn->listen_socket->service; + DEBUG(5, ("wbsrv_samba3_setgrent called\n")); - s3call->response.result = WINBINDD_OK; + + ctx = wb_cmd_setgrent_send(s3call, service); + NT_STATUS_HAVE_NO_MEMORY(ctx); + + ctx->async.fn = setgrent_recv; + ctx->async.private_data = s3call; + s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; return NT_STATUS_OK; } +static void getgrent_recv(struct composite_context *ctx) +{ + struct wbsrv_samba3_call *s3call = + talloc_get_type(ctx->async.private_data, + struct wbsrv_samba3_call); + NTSTATUS status; + struct winbindd_gr *gr; + uint32_t num_groups; + + DEBUG(5, ("getgrent_recv called\n")); + + status = wb_cmd_getgrent_recv(ctx, s3call, &gr, &num_groups); + if (NT_STATUS_IS_OK(status)) { + uint32_t extra_len = sizeof(struct winbindd_gr) * num_groups; + + s3call->response.data.num_entries = num_groups; + s3call->response.extra_data.data = gr; + s3call->response.length += extra_len; + } + + wbsrv_samba3_async_epilogue(status, s3call); +} + NTSTATUS wbsrv_samba3_getgrent(struct wbsrv_samba3_call *s3call) { + struct composite_context *ctx; + struct wbsrv_service *service = s3call->wbconn->listen_socket->service; + struct wbsrv_grent *grent; + DEBUG(5, ("wbsrv_samba3_getgrent called\n")); - s3call->response.result = WINBINDD_ERROR; + + NT_STATUS_HAVE_NO_MEMORY(s3call->wbconn->protocol_private_data); + + grent = talloc_get_type(s3call->wbconn->protocol_private_data, + struct wbsrv_grent); + NT_STATUS_HAVE_NO_MEMORY(grent); + + ctx = wb_cmd_getgrent_send(s3call, service, grent, + s3call->request.data.num_entries); + NT_STATUS_HAVE_NO_MEMORY(ctx); + + ctx->async.fn = getgrent_recv; + ctx->async.private_data = s3call; + s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; return NT_STATUS_OK; } diff --git a/source4/winbind/wb_server.h b/source4/winbind/wb_server.h index b5576d0f40..d86bc20fb9 100644 --- a/source4/winbind/wb_server.h +++ b/source4/winbind/wb_server.h @@ -124,6 +124,19 @@ struct wbsrv_pwent { /* The libnet_ctx to use for the libnet_UserList call */ struct libnet_context *libnet_ctx; }; +/* + state of a grent query +*/ +struct wbsrv_grent { + /* Current UserList structure, contains 1+ user structs */ + struct libnet_GroupList *group_list; + + /* Index of the next user struct in the current UserList struct */ + uint32_t page_index; + + /* The libnet_ctx to use for the libnet_UserList call */ + struct libnet_context *libnet_ctx; +}; /* state of one request -- cgit