/*
   Unix SMB/CIFS implementation.

   NetBSD loadable authentication module, providing identification
   routines against Samba winbind/Windows NT Domain

   Copyright (C) Luke Mewburn 2004-2005

   This library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public
   License as published by the Free Software Foundation; either
   version 3 of the License, or (at your option) any later version.

   This library is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   Library General Public License for more details.

   You should have received a copy of the GNU Lesser General Public
   License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/


#include "winbind_client.h"

#include <sys/param.h>
#include <stdarg.h>
#include <syslog.h>

	/* dynamic nsswitch with "new" getpw* nsdispatch API available */
#if defined(NSS_MODULE_INTERFACE_VERSION) && defined(HAVE_GETPWENT_R)

/*
	group functions
	---------------
*/

static struct group	_winbind_group;
static char		_winbind_groupbuf[1024];

/*
 * We need a proper prototype for this :-)
 */

NSS_STATUS _nss_winbind_setpwent(void);
NSS_STATUS _nss_winbind_endpwent(void);
NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
				   size_t buflen, int *errnop);
NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
				   char *buffer, size_t buflen, int *errnop);
NSS_STATUS _nss_winbind_getpwnam_r(const char *name, struct passwd *result,
				   char *buffer, size_t buflen, int *errnop);
NSS_STATUS _nss_winbind_setgrent(void);
NSS_STATUS _nss_winbind_endgrent(void);
NSS_STATUS _nss_winbind_getgrent_r(struct group *result, char *buffer,
				   size_t buflen, int *errnop);
NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, char *buffer,
				   size_t buflen, int *errnop);
NSS_STATUS _nss_winbind_getgrnam_r(const char *name, struct group *result,
				   char *buffer, size_t buflen, int *errnop);
NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, struct group *result, char *buffer,
				   size_t buflen, int *errnop);
NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start,
				       long int *size, gid_t **groups,
				       long int limit, int *errnop);
NSS_STATUS _nss_winbind_getusersids(const char *user_sid, char **group_sids,
				    int *num_groups, char *buffer, size_t buf_size,
				    int *errnop);
NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid, char *buffer,
				  size_t buflen, int *errnop);
NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, char *buffer,
				  size_t buflen, int *errnop);
NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop);
NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop);
NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
				 size_t buflen, int *errnop);
NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
				 size_t buflen, int *errnop);

int
netbsdwinbind_endgrent(void *nsrv, void *nscb, va_list ap)
{
	int	rv;

	rv = _nss_winbind_endgrent();
	return rv;
}

int
netbsdwinbind_setgrent(void *nsrv, void *nscb, va_list ap)
{
	int	rv;

	rv = _nss_winbind_setgrent();
	return rv;
}

int
netbsdwinbind_getgrent(void *nsrv, void *nscb, va_list ap)
{
	struct group   **retval	= va_arg(ap, struct group **);

	int	rv, rerrno;

	*retval = NULL;
	rv = _nss_winbind_getgrent_r(&_winbind_group,
	    _winbind_groupbuf, sizeof(_winbind_groupbuf), &rerrno);
	if (rv == NS_SUCCESS)
		*retval = &_winbind_group;
	return rv;
}

int
netbsdwinbind_getgrent_r(void *nsrv, void *nscb, va_list ap)
{
	int		*retval = va_arg(ap, int *);
	struct group	*grp	= va_arg(ap, struct group *);
	char		*buffer	= va_arg(ap, char *);
	size_t		 buflen	= va_arg(ap, size_t);
	struct group   **result	= va_arg(ap, struct group **);

	int	rv, rerrno;

	*result = NULL;
	rerrno = 0;

	rv = _nss_winbind_getgrent_r(grp, buffer, buflen, rerrno);
	if (rv == NS_SUCCESS)
		*result = grp;
	else
		*retval = rerrno;
	return rv;
}

int
netbsdwinbind_getgrgid(void *nsrv, void *nscb, va_list ap)
{
	struct group   **retval	= va_arg(ap, struct group **);
	gid_t		 gid	= va_arg(ap, gid_t);

	int	rv, rerrno;

	*retval = NULL;
	rv = _nss_winbind_getgrgid_r(gid, &_winbind_group,
	    _winbind_groupbuf, sizeof(_winbind_groupbuf), &rerrno);
	if (rv == NS_SUCCESS)
		*retval = &_winbind_group;
	return rv;
}

int
netbsdwinbind_getgrgid_r(void *nsrv, void *nscb, va_list ap)
{
	int		*retval = va_arg(ap, int *);
	gid_t		 gid	= va_arg(ap, gid_t);
	struct group	*grp	= va_arg(ap, struct group *);
	char		*buffer	= va_arg(ap, char *);
	size_t		 buflen	= va_arg(ap, size_t);
	struct group   **result	= va_arg(ap, struct group **);

	int	rv, rerrno;

	*result = NULL;
	rerrno = 0;

	rv = _nss_winbind_getgrgid_r(gid, grp, buffer, buflen, &rerrno);
	if (rv == NS_SUCCESS)
		*result = grp;
	else
		*retval = rerrno;
	return rv;
}

int
netbsdwinbind_getgrnam(void *nsrv, void *nscb, va_list ap)
{
	struct group   **retval	= va_arg(ap, struct group **);
	const char	*name	= va_arg(ap, const char *);

	int	rv, rerrno;

	*retval = NULL;
	rv = _nss_winbind_getgrnam_r(name, &_winbind_group,
	    _winbind_groupbuf, sizeof(_winbind_groupbuf), &rerrno);
	if (rv == NS_SUCCESS)
		*retval = &_winbind_group;
	return rv;
}

int
netbsdwinbind_getgrnam_r(void *nsrv, void *nscb, va_list ap)
{
	int		*retval = va_arg(ap, int *);
	const char	*name	= va_arg(ap, const char *);
	struct group	*grp	= va_arg(ap, struct group *);
	char		*buffer	= va_arg(ap, char *);
	size_t		 buflen	= va_arg(ap, size_t);
	struct group   **result	= va_arg(ap, struct group **);

	int	rv, rerrno;

	*result = NULL;
	rerrno = 0;

	rv = _nss_winbind_getgrnam_r(name, grp, buffer, buflen, &rerrno);
	if (rv == NS_SUCCESS)
		*result = grp;
	else
		*retval = rerrno;
	return rv;
}

int
netbsdwinbind_getgroupmembership(void *nsrv, void *nscb, va_list ap)
{
	int		*result	= va_arg(ap, int *);
	const char 	*uname	= va_arg(ap, const char *);
	gid_t		 agroup	= va_arg(ap, gid_t);
	gid_t		*groups	= va_arg(ap, gid_t *);
	int		 maxgrp	= va_arg(ap, int);
	int		*groupc	= va_arg(ap, int *);

	struct winbindd_request request;
	struct winbindd_response response;
	gid_t	*wblistv;
	int	wblistc, i, isdup, dupc;

	ZERO_STRUCT(request);
	ZERO_STRUCT(response);
	strncpy(request.data.username, uname,
				sizeof(request.data.username) - 1);
	i = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response);
	if (i != NSS_STATUS_SUCCESS)
		return NS_NOTFOUND;
	wblistv = (gid_t *)response.extra_data.data;
	wblistc = response.data.num_entries;

	for (i = 0; i < wblistc; i++) {			/* add winbind gids */
		isdup = 0;				/* skip duplicates */
		for (dupc = 0; dupc < MIN(maxgrp, *groupc); dupc++) {
			if (groups[dupc] == wblistv[i]) {
				isdup = 1;
				break;
			}
		}
		if (isdup)
			continue;
		if (*groupc < maxgrp)			/* add this gid */
			groups[*groupc] = wblistv[i];
		else
			*result = -1;
		(*groupc)++;
	}
	SAFE_FREE(wblistv);
	return NS_NOTFOUND;
}


/*
	passwd functions
	----------------
*/

static struct passwd	_winbind_passwd;
static char		_winbind_passwdbuf[1024];

int
netbsdwinbind_endpwent(void *nsrv, void *nscb, va_list ap)
{
	int	rv;

	rv = _nss_winbind_endpwent();
	return rv;
}

int
netbsdwinbind_setpwent(void *nsrv, void *nscb, va_list ap)
{
	int	rv;

	rv = _nss_winbind_setpwent();
	return rv;
}

int
netbsdwinbind_getpwent(void *nsrv, void *nscb, va_list ap)
{
	struct passwd  **retval	= va_arg(ap, struct passwd **);

	int	rv, rerrno;

	*retval = NULL;

	rv = _nss_winbind_getpwent_r(&_winbind_passwd,
	    _winbind_passwdbuf, sizeof(_winbind_passwdbuf), &rerrno);
	if (rv == NS_SUCCESS)
		*retval = &_winbind_passwd;
	return rv;
}

int
netbsdwinbind_getpwent_r(void *nsrv, void *nscb, va_list ap)
{
	int		*retval = va_arg(ap, int *);
	struct passwd	*pw	= va_arg(ap, struct passwd *);
	char		*buffer	= va_arg(ap, char *);
	size_t		 buflen	= va_arg(ap, size_t);
	struct passwd  **result	= va_arg(ap, struct passwd **);

	int	rv, rerrno;

	*result = NULL;
	rerrno = 0;

	rv = _nss_winbind_getpwent_r(pw, buffer, buflen, rerrno);
	if (rv == NS_SUCCESS)
		*result = pw;
	else
		*retval = rerrno;
	return rv;
}

int
netbsdwinbind_getpwnam(void *nsrv, void *nscb, va_list ap)
{
	struct passwd  **retval	= va_arg(ap, struct passwd **);
	const char	*name	= va_arg(ap, const char *);

	int	rv, rerrno;

	*retval = NULL;
	rv = _nss_winbind_getpwnam_r(name, &_winbind_passwd,
	    _winbind_passwdbuf, sizeof(_winbind_passwdbuf), &rerrno);
	if (rv == NS_SUCCESS)
		*retval = &_winbind_passwd;
	return rv;
}

int
netbsdwinbind_getpwnam_r(void *nsrv, void *nscb, va_list ap)
{
	int		*retval = va_arg(ap, int *);
	const char	*name	= va_arg(ap, const char *);
	struct passwd	*pw	= va_arg(ap, struct passwd *);
	char		*buffer	= va_arg(ap, char *);
	size_t		 buflen	= va_arg(ap, size_t);
	struct passwd  **result	= va_arg(ap, struct passwd **);

	int	rv, rerrno;

	*result = NULL;
	rerrno = 0;

	rv = _nss_winbind_getpwnam_r(name, pw, buffer, buflen, &rerrno);
	if (rv == NS_SUCCESS)
		*result = pw;
	else
		*retval = rerrno;
	return rv;
}

int
netbsdwinbind_getpwuid(void *nsrv, void *nscb, va_list ap)
{
	struct passwd  **retval	= va_arg(ap, struct passwd **);
	uid_t		 uid	= va_arg(ap, uid_t);

	int	rv, rerrno;

	*retval = NULL;
	rv = _nss_winbind_getpwuid_r(uid, &_winbind_passwd,
	    _winbind_passwdbuf, sizeof(_winbind_passwdbuf), &rerrno);
	if (rv == NS_SUCCESS)
		*retval = &_winbind_passwd;
	return rv;
}

int
netbsdwinbind_getpwuid_r(void *nsrv, void *nscb, va_list ap)
{
	int		*retval = va_arg(ap, int *);
	uid_t		 uid	= va_arg(ap, uid_t);
	struct passwd	*pw	= va_arg(ap, struct passwd *);
	char		*buffer	= va_arg(ap, char *);
	size_t		 buflen	= va_arg(ap, size_t);
	struct passwd  **result	= va_arg(ap, struct passwd **);

	int	rv, rerrno;

	*result = NULL;
	rerrno = 0;

	rv = _nss_winbind_getpwuid_r(uid, pw, buffer, buflen, &rerrno);
	if (rv == NS_SUCCESS)
		*result = pw;
	else
		*retval = rerrno;
	return rv;
}


/*
	nsswitch module setup
	---------------------
*/


static ns_mtab winbind_methods[] = {

{ NSDB_GROUP, "endgrent",	netbsdwinbind_endgrent,		NULL },
{ NSDB_GROUP, "getgrent",	netbsdwinbind_getgrent,		NULL },
{ NSDB_GROUP, "getgrent_r",	netbsdwinbind_getgrent_r,	NULL },
{ NSDB_GROUP, "getgrgid",	netbsdwinbind_getgrgid,		NULL },
{ NSDB_GROUP, "getgrgid_r",	netbsdwinbind_getgrgid_r,	NULL },
{ NSDB_GROUP, "getgrnam",	netbsdwinbind_getgrnam,		NULL },
{ NSDB_GROUP, "getgrnam_r",	netbsdwinbind_getgrnam_r,	NULL },
{ NSDB_GROUP, "setgrent",	netbsdwinbind_setgrent,		NULL },
{ NSDB_GROUP, "setgroupent",	netbsdwinbind_setgrent,		NULL },
{ NSDB_GROUP, "getgroupmembership", netbsdwinbind_getgroupmembership, NULL },

{ NSDB_PASSWD, "endpwent",	netbsdwinbind_endpwent,		NULL },
{ NSDB_PASSWD, "getpwent",	netbsdwinbind_getpwent,		NULL },
{ NSDB_PASSWD, "getpwent_r",	netbsdwinbind_getpwent_r,	NULL },
{ NSDB_PASSWD, "getpwnam",	netbsdwinbind_getpwnam,		NULL },
{ NSDB_PASSWD, "getpwnam_r",	netbsdwinbind_getpwnam_r,	NULL },
{ NSDB_PASSWD, "getpwuid",	netbsdwinbind_getpwuid,		NULL },
{ NSDB_PASSWD, "getpwuid_r",	netbsdwinbind_getpwuid_r,	NULL },
{ NSDB_PASSWD, "setpassent",	netbsdwinbind_setpwent,		NULL },
{ NSDB_PASSWD, "setpwent",	netbsdwinbind_setpwent,		NULL },

};

ns_mtab *
nss_module_register(const char *source, unsigned int *mtabsize,
    nss_module_unregister_fn *unreg)
{
        *mtabsize = sizeof(winbind_methods)/sizeof(winbind_methods[0]);
        *unreg = NULL;
        return (winbind_methods);
}

#endif /* NSS_MODULE_INTERFACE_VERSION && HAVE_GETPWENT_R */