/*
* Samba Unix/Linux SMB client library
*
* Copyright (C) Gregor Beck 2011
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see .
*/
#include "includes.h"
#include "smbd/globals.h"
#include "smbd/smbd.h"
#include "../libcli/security/dom_sid.h"
#include "../libcli/security/security_token.h"
#include "idmap_cache.h"
#include "passdb/lookup_sid.h"
#include "auth.h"
#include "messages.h"
#include "lib/id_cache.h"
static bool uid_in_use(const struct user_struct *user, uid_t uid)
{
while (user) {
if (user->session_info &&
(user->session_info->unix_token->uid == uid)) {
return true;
}
user = user->next;
}
return false;
}
static bool gid_in_use(const struct user_struct *user, gid_t gid)
{
while (user) {
if (user->session_info != NULL) {
int i;
struct security_unix_token *utok;
utok = user->session_info->unix_token;
if (utok->gid == gid) {
return true;
}
for(i=0; ingroups; i++) {
if (utok->groups[i] == gid) {
return true;
}
}
}
user = user->next;
}
return false;
}
static bool sid_in_use(const struct user_struct *user,
const struct dom_sid *psid)
{
while (user) {
struct security_token *tok;
if (user->session_info == NULL) {
continue;
}
tok = user->session_info->security_token;
if (tok == NULL) {
/*
* Not sure session_info->security_token can
* ever be NULL. This check might be not
* necessary.
*/
continue;
}
if (security_token_has_sid(tok, psid)) {
return true;
}
user = user->next;
}
return false;
}
static bool id_in_use(const struct user_struct *user,
const struct id_cache_ref *id)
{
switch(id->type) {
case UID:
return uid_in_use(user, id->id.uid);
case GID:
return gid_in_use(user, id->id.gid);
case SID:
return sid_in_use(user, &id->id.sid);
default:
break;
}
return false;
}
static void id_cache_kill(struct messaging_context *msg_ctx,
void *private_data,
uint32_t msg_type,
struct server_id server_id,
DATA_BLOB* data)
{
const char *msg = (data && data->data)
? (const char *)data->data : "";
struct smbd_server_connection *sconn;
struct user_struct *validated_users;
struct id_cache_ref id;
sconn = msg_ctx_to_sconn(msg_ctx);
if (sconn == NULL) {
DEBUG(1, ("could not find sconn\n"));
return;
}
validated_users = sconn->smb1.sessions.validated_users;
if (!id_cache_ref_parse(msg, &id)) {
DEBUG(0, ("Invalid ?ID: %s\n", msg));
return;
}
if (am_parent) {
messaging_send_to_children(msg_ctx, msg_type, data);
}
if (id_in_use(validated_users, &id)) {
exit_server_cleanly(msg);
}
id_cache_delete_from_cache(&id);
}
static void id_cache_flush(struct messaging_context *ctx,
void* data,
uint32_t msg_type,
struct server_id srv_id,
DATA_BLOB* msg_data)
{
id_cache_flush_message(ctx, data, msg_type, srv_id, msg_data);
if (am_parent) {
messaging_send_to_children(ctx, msg_type, msg_data);
}
}
static void id_cache_delete(struct messaging_context *ctx,
void* data,
uint32_t msg_type,
struct server_id srv_id,
DATA_BLOB* msg_data)
{
id_cache_delete_message(ctx, data, msg_type, srv_id, msg_data);
if (am_parent) {
messaging_send_to_children(ctx, msg_type, msg_data);
}
}
void msg_idmap_register_msg(struct messaging_context *ctx)
{
messaging_register(ctx, NULL, ID_CACHE_FLUSH, id_cache_flush);
messaging_register(ctx, NULL, ID_CACHE_DELETE, id_cache_delete);
messaging_register(ctx, NULL, ID_CACHE_KILL, id_cache_kill);
}