diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2015-06-12 14:41:20 +1200 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2015-06-24 22:34:57 +0200 |
| commit | c31c30043bdb0b3736f81c4b391ec96f236bc227 (patch) | |
| tree | 0fe80b6313473a5d93cde9a9dadce0d8d524a3d8 /source4/winbind | |
| parent | 45b7992428f646b8586974e1d86e3cdad869b059 (diff) | |
| download | samba-c31c30043bdb0b3736f81c4b391ec96f236bc227.tar.gz | |
s4-winbindd: Remove the winbind rewrite from the samba4 effort
This winbind implementation is undermaintained, out of date and not the
future of even the AD DC, let alone any other purpose.
Removing it will reduce our security and bug exposure on this
off by default subsystem
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 24 22:34:57 CEST 2015 on sn-devel-104
Diffstat (limited to 'source4/winbind')
40 files changed, 5 insertions, 8701 deletions
diff --git a/source4/winbind/wb_cmd_getdcname.c b/source4/winbind/wb_cmd_getdcname.c deleted file mode 100644 index f3c24825799..00000000000 --- a/source4/winbind/wb_cmd_getdcname.c +++ /dev/null @@ -1,133 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo --getdcname - - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -#include "librpc/gen_ndr/ndr_netlogon_c.h" - -struct cmd_getdcname_state { - struct composite_context *ctx; - const char *domain_name; - - struct netr_GetAnyDCName g; -}; - -static void getdcname_recv_domain(struct composite_context *ctx); -static void getdcname_recv_dcname(struct tevent_req *subreq); - -struct composite_context *wb_cmd_getdcname_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const char *domain_name) -{ - struct composite_context *result, *ctx; - struct cmd_getdcname_state *state; - - result = composite_create(mem_ctx, service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct cmd_getdcname_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - state->domain_name = talloc_strdup(state, domain_name); - if (state->domain_name == NULL) goto failed; - - ctx = wb_sid2domain_send(state, service, service->primary_sid); - if (ctx == NULL) goto failed; - - ctx->async.fn = getdcname_recv_domain; - ctx->async.private_data = state; - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void getdcname_recv_domain(struct composite_context *ctx) -{ - struct cmd_getdcname_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getdcname_state); - struct wbsrv_domain *domain; - struct tevent_req *subreq; - - state->ctx->status = wb_sid2domain_recv(ctx, &domain); - if (!composite_is_ok(state->ctx)) return; - - state->g.in.logon_server = talloc_asprintf( - state, "\\\\%s", - dcerpc_server_name(domain->netlogon_pipe)); - state->g.in.domainname = state->domain_name; - state->g.out.dcname = talloc(state, const char *); - - subreq = dcerpc_netr_GetAnyDCName_r_send(state, - state->ctx->event_ctx, - domain->netlogon_pipe->binding_handle, - &state->g); - if (composite_nomem(subreq, state->ctx)) return; - - tevent_req_set_callback(subreq, getdcname_recv_dcname, state); -} - -static void getdcname_recv_dcname(struct tevent_req *subreq) -{ - struct cmd_getdcname_state *state = - tevent_req_callback_data(subreq, - struct cmd_getdcname_state); - - state->ctx->status = dcerpc_netr_GetAnyDCName_r_recv(subreq, state); - TALLOC_FREE(subreq); - if (!composite_is_ok(state->ctx)) return; - state->ctx->status = werror_to_ntstatus(state->g.out.result); - if (!composite_is_ok(state->ctx)) return; - - composite_done(state->ctx); -} - -NTSTATUS wb_cmd_getdcname_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - const char **dcname) -{ - struct cmd_getdcname_state *state = - talloc_get_type(c->private_data, struct cmd_getdcname_state); - NTSTATUS status = composite_wait(c); - if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_DOMAIN)) { - /* special case: queried DC is PDC */ - state->g.out.dcname = &state->g.in.logon_server; - status = NT_STATUS_OK; - } - if (NT_STATUS_IS_OK(status)) { - const char *p = *(state->g.out.dcname); - if (*p == '\\') p += 1; - if (*p == '\\') p += 1; - *dcname = talloc_strdup(mem_ctx, p); - if (*dcname == NULL) { - status = NT_STATUS_NO_MEMORY; - } - } - talloc_free(state); - return status; -} diff --git a/source4/winbind/wb_cmd_getgrent.c b/source4/winbind/wb_cmd_getgrent.c deleted file mode 100644 index 79a3aff852b..00000000000 --- a/source4/winbind/wb_cmd_getgrent.c +++ /dev/null @@ -1,124 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for getgrent - - Copyright (C) Matthieu Patou 2010 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -struct cmd_getgrent_state { - struct composite_context *ctx; - struct wbsrv_service *service; - - struct wbsrv_grent *grent; - uint32_t max_groups; - - uint32_t num_groups; - struct winbindd_gr *result; -}; - -static void cmd_getgrent_recv_grnam(struct composite_context *ctx); -#if 0 /*FIXME: implement this*/ -static void cmd_getgrent_recv_user_list(struct composite_context *ctx); -#endif - -struct composite_context *wb_cmd_getgrent_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, struct wbsrv_grent *grent, - uint32_t max_groups) -{ - struct composite_context *ctx, *result; - struct cmd_getgrent_state *state; - - DEBUG(5, ("wb_cmd_getgrent_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(mem_ctx, struct cmd_getgrent_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - state->grent = grent; - state->max_groups = max_groups; - state->num_groups = 0; - - /* If there are groups left in the libnet_GroupList and we're below the - * maximum number of groups to get per winbind getgrent call, use - * getgrnam to get the winbindd_gr struct */ - if (grent->page_index < grent->group_list->out.count) { - int idx = grent->page_index; - char *groupname = talloc_strdup(state, - grent->group_list->out.groups[idx].groupname); - - grent->page_index++; - ctx = wb_cmd_getgrnam_send(state, service, groupname); - if (composite_nomem(ctx, state->ctx)) return result; - - composite_continue(state->ctx, ctx, cmd_getgrent_recv_grnam, - state); - } else { - /* If there is no valid group left, call libnet_GroupList to get a new - * list of group. */ - composite_error(state->ctx, NT_STATUS_NO_MORE_ENTRIES); - } - return result; -} - -static void cmd_getgrent_recv_grnam(struct composite_context *ctx) -{ - struct cmd_getgrent_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getgrent_state); - struct winbindd_gr *gr; - - DEBUG(5, ("cmd_getgrent_recv_grnam called\n")); - - state->ctx->status = wb_cmd_getgrnam_recv(ctx, state, &gr); - if (!composite_is_ok(state->ctx)) return; - - /*FIXME: Cheat for now and only get one group per call */ - state->result = gr; - - composite_done(state->ctx); -} - -NTSTATUS wb_cmd_getgrent_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, struct winbindd_gr **gr, - uint32_t *num_groups) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_cmd_getgrent_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct cmd_getgrent_state *state = - talloc_get_type(ctx->private_data, - struct cmd_getgrent_state); - *gr = talloc_steal(mem_ctx, state->result); - /*FIXME: Cheat and only get one group */ - *num_groups = 1; - } - - talloc_free(ctx); - return status; -} diff --git a/source4/winbind/wb_cmd_getgrgid.c b/source4/winbind/wb_cmd_getgrgid.c deleted file mode 100644 index 8ca93db38ee..00000000000 --- a/source4/winbind/wb_cmd_getgrgid.c +++ /dev/null @@ -1,181 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Backend for getgrgid - - Copyright (C) Kai Blin 2007 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "param/param.h" - -struct cmd_getgrgid_state { - struct composite_context *ctx; - struct wbsrv_service *service; - gid_t gid; - struct dom_sid *sid; - char *workgroup; - struct wbsrv_domain *domain; - - struct winbindd_gr *result; -}; - -static void cmd_getgrgid_recv_sid(struct composite_context *ctx); -static void cmd_getgrgid_recv_domain(struct composite_context *ctx); -static void cmd_getgrgid_recv_group_info(struct composite_context *ctx); - -/* Get the SID using the gid */ - -struct composite_context *wb_cmd_getgrgid_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - gid_t gid) -{ - struct composite_context *ctx, *result; - struct cmd_getgrgid_state *state; - - DEBUG(5, ("wb_cmd_getgrgid_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct cmd_getgrgid_state); - if (composite_nomem(state, result)) return result; - state->ctx = result; - result->private_data = state; - state->service = service; - state->gid = gid; - - ctx = wb_gid2sid_send(state, service, gid); - if (composite_nomem(ctx, state->ctx)) return result; - - composite_continue(result, ctx, cmd_getgrgid_recv_sid, state); - return result; -} - - -/* Receive the sid and get the domain structure with it */ - -static void cmd_getgrgid_recv_sid(struct composite_context *ctx) -{ - struct cmd_getgrgid_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getgrgid_state); - - DEBUG(5, ("cmd_getgrgid_recv_sid called %p\n", ctx->private_data)); - - state->ctx->status = wb_gid2sid_recv(ctx, state, &state->sid); - if (!composite_is_ok(state->ctx)) return; - - ctx = wb_sid2domain_send(state, state->service, state->sid); - - composite_continue(state->ctx, ctx, cmd_getgrgid_recv_domain, state); -} - -/* Receive the domain struct and call libnet to get the user info struct */ - -static void cmd_getgrgid_recv_domain(struct composite_context *ctx) -{ - struct cmd_getgrgid_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getgrgid_state); - struct libnet_GroupInfo *group_info; - - DEBUG(5, ("cmd_getgrgid_recv_domain called\n")); - - state->ctx->status = wb_sid2domain_recv(ctx, &state->domain); - if (!composite_is_ok(state->ctx)) return; - - group_info = talloc(state, struct libnet_GroupInfo); - if (composite_nomem(group_info, state->ctx)) return; - - group_info->in.level = GROUP_INFO_BY_SID; - group_info->in.data.group_sid = state->sid; - group_info->in.domain_name = state->domain->libnet_ctx->samr.name; - - /* We need the workgroup later, so copy it */ - state->workgroup = talloc_strdup(state, - state->domain->libnet_ctx->samr.name); - if (composite_nomem(state->workgroup, state->ctx)) return; - - ctx = libnet_GroupInfo_send(state->domain->libnet_ctx, state,group_info, - NULL); - - composite_continue(state->ctx, ctx, cmd_getgrgid_recv_group_info,state); -} - -/* Receive the group info struct */ - -static void cmd_getgrgid_recv_group_info(struct composite_context *ctx) -{ - struct cmd_getgrgid_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getgrgid_state); - struct libnet_GroupInfo *group_info; - struct winbindd_gr *gr; - char *group_name_with_domain; - - DEBUG(5, ("cmd_getgrgid_recv_group_info called\n")); - - gr = talloc_zero(state, struct winbindd_gr); - if (composite_nomem(gr, state->ctx)) return; - - group_info = talloc(state, struct libnet_GroupInfo); - if(composite_nomem(group_info, state->ctx)) return; - - state->ctx->status = libnet_GroupInfo_recv(ctx, state, group_info); - if (!composite_is_ok(state->ctx)) return; - - group_name_with_domain = talloc_asprintf(gr, "%s%s%s", - state->workgroup, - lpcfg_winbind_separator(state->service->task->lp_ctx), - group_info->out.group_name); - if (composite_nomem(group_name_with_domain, state->ctx)) { - return; - } - - WBSRV_SAMBA3_SET_STRING(gr->gr_name, group_name_with_domain); - WBSRV_SAMBA3_SET_STRING(gr->gr_passwd, "*"); - - gr->gr_gid = state->gid; - - state->result = gr; - - composite_done(state->ctx); -} - -NTSTATUS wb_cmd_getgrgid_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, struct winbindd_gr **gr) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_cmd_getgrgid_recv called\n")); - - DEBUG(5, ("status is %s\n", nt_errstr(status))); - - if (NT_STATUS_IS_OK(status)) { - struct cmd_getgrgid_state *state = - talloc_get_type(ctx->private_data, - struct cmd_getgrgid_state); - *gr = talloc_steal(mem_ctx, state->result); - } - talloc_free(ctx); - return status; - -} - diff --git a/source4/winbind/wb_cmd_getgrnam.c b/source4/winbind/wb_cmd_getgrnam.c deleted file mode 100644 index d75a460bd06..00000000000 --- a/source4/winbind/wb_cmd_getgrnam.c +++ /dev/null @@ -1,174 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo --group-info - - Copyright (C) Kai Blin 2008 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "winbind/wb_helper.h" -#include "smbd/service_task.h" -#include "param/param.h" - -struct cmd_getgrnam_state { - struct composite_context *ctx; - struct wbsrv_service *service; - char *name; - char *workgroup_name; - struct dom_sid *group_sid; - - struct winbindd_gr *result; -}; - -static void cmd_getgrnam_recv_domain(struct composite_context *ctx); -static void cmd_getgrnam_recv_group_info(struct composite_context *ctx); -static void cmd_getgrnam_recv_gid(struct composite_context *ctx); - -struct composite_context *wb_cmd_getgrnam_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const char *name) -{ - struct composite_context *result, *ctx; - struct cmd_getgrnam_state *state; - - DEBUG(5, ("wb_cmd_getgrnam_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct cmd_getgrnam_state); - if (composite_nomem(state, result)) return result; - state->ctx = result; - result->private_data = state; - state->service = service; - state->name = talloc_strdup(state, name); - if(composite_nomem(state->name, result)) return result; - - ctx = wb_name2domain_send(state, service, name); - if (composite_nomem(ctx, result)) return result; - - composite_continue(result, ctx, cmd_getgrnam_recv_domain, state); - return result; -} - -static void cmd_getgrnam_recv_domain(struct composite_context *ctx) -{ - struct cmd_getgrnam_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_getgrnam_state); - struct wbsrv_domain *domain; - struct libnet_GroupInfo *group_info; - char *group_dom, *group_name; - bool ok; - - state->ctx->status = wb_name2domain_recv(ctx, &domain); - if(!composite_is_ok(state->ctx)) return; - - group_info = talloc(state, struct libnet_GroupInfo); - if (composite_nomem(group_info, state->ctx)) return; - - ok = wb_samba3_split_username(state, state->service->task->lp_ctx, - state->name, &group_dom, &group_name); - if(!ok){ - composite_error(state->ctx, NT_STATUS_OBJECT_NAME_INVALID); - return; - } - - group_info->in.level = GROUP_INFO_BY_NAME; - group_info->in.data.group_name = group_name; - group_info->in.domain_name = group_dom; - state->workgroup_name = talloc_strdup(state, group_dom); - if(composite_nomem(state->workgroup_name, state->ctx)) return; - - ctx = libnet_GroupInfo_send(domain->libnet_ctx, state, group_info,NULL); - - composite_continue(state->ctx, ctx, cmd_getgrnam_recv_group_info,state); -} - -static void cmd_getgrnam_recv_group_info(struct composite_context *ctx) -{ - struct cmd_getgrnam_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_getgrnam_state); - struct libnet_GroupInfo *group_info; - struct winbindd_gr *gr; - char *group_name_with_domain; - - DEBUG(5, ("cmd_getgrnam_recv_group_info called\n")); - - group_info = talloc(state, struct libnet_GroupInfo); - if(composite_nomem(group_info, state->ctx)) return; - - gr = talloc(state, struct winbindd_gr); - if(composite_nomem(gr, state->ctx)) return; - - state->ctx->status = libnet_GroupInfo_recv(ctx, state, group_info); - if(!composite_is_ok(state->ctx)) return; - - group_name_with_domain = talloc_asprintf(gr, "%s%s%s", - state->workgroup_name, - lpcfg_winbind_separator(state->service->task->lp_ctx), - group_info->out.group_name); - if (composite_nomem(group_name_with_domain, state->ctx)) { - return; - } - - WBSRV_SAMBA3_SET_STRING(gr->gr_name, group_name_with_domain); - WBSRV_SAMBA3_SET_STRING(gr->gr_passwd, "*"); - gr->num_gr_mem = group_info->out.num_members; - gr->gr_mem_ofs = 0; - - state->result = gr; - - ctx = wb_sid2gid_send(state, state->service, group_info->out.group_sid); - composite_continue(state->ctx, ctx, cmd_getgrnam_recv_gid, state); -} - -static void cmd_getgrnam_recv_gid(struct composite_context *ctx) -{ - struct cmd_getgrnam_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_getgrnam_state); - gid_t gid; - - DEBUG(5, ("cmd_getgrnam_recv_gid called\n")); - - state->ctx->status = wb_sid2gid_recv(ctx, &gid); - if(!composite_is_ok(state->ctx)) return; - - state->result->gr_gid = gid; - - composite_done(state->ctx); -} - -NTSTATUS wb_cmd_getgrnam_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, struct winbindd_gr **gr) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_cmd_getgrnam_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct cmd_getgrnam_state *state = - talloc_get_type(ctx->private_data, - struct cmd_getgrnam_state); - *gr = talloc_steal(mem_ctx, state->result); - } - talloc_free(ctx); - return status; - -} - diff --git a/source4/winbind/wb_cmd_getgroups.c b/source4/winbind/wb_cmd_getgroups.c deleted file mode 100644 index 29c5205369a..00000000000 --- a/source4/winbind/wb_cmd_getgroups.c +++ /dev/null @@ -1,223 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Backend for getgroups - - Copyright (C) Matthieu Patou 2010 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "libcli/security/security.h" - -struct cmd_getgroups_state { - struct composite_context *ctx; - struct wbsrv_service *service; - char* username; - uint32_t num_groups; - uint32_t current_group; - struct dom_sid **sids; - - gid_t *gids; -}; - -/* The idea is to get the groups for a user - We receive one user from this we search for his uid - From the uid we search for his SID - From the SID we search for the list of groups - And with the list of groups we search for each group its gid -*/ -static void cmd_getgroups_recv_pwnam(struct composite_context *ctx); -static void wb_getgroups_uid2sid_recv(struct composite_context *ctx); -static void wb_getgroups_userdomsgroups_recv(struct composite_context *ctx); -static void cmd_getgroups_recv_gid(struct composite_context *ctx); - -/* - Ask for the uid from the username -*/ -struct composite_context *wb_cmd_getgroups_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const char* username) -{ - struct composite_context *ctx, *result; - struct cmd_getgroups_state *state; - - DEBUG(5, ("wb_cmd_getgroups_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(mem_ctx, struct cmd_getgroups_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - state->num_groups = 0; - - state->username = talloc_strdup(state,username); - if (composite_nomem(state->username, result)) return result; - - ctx = wb_cmd_getpwnam_send(state, service, username); - if (composite_nomem(ctx, result)) return result; - - composite_continue(result, ctx, cmd_getgroups_recv_pwnam, state); - return result; -} - -/* - Receive the uid and send request for SID -*/ -static void cmd_getgroups_recv_pwnam(struct composite_context *ctx) -{ - struct composite_context *res; - struct cmd_getgroups_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getgroups_state); - struct winbindd_pw *pw; - struct wbsrv_service *service = state->service; - - DEBUG(5, ("cmd_getgroups_recv_pwnam called\n")); - - state->ctx->status = wb_cmd_getpwnam_recv(ctx, state, &pw); - if (composite_is_ok(state->ctx)) { - res = wb_uid2sid_send(state, service, pw->pw_uid); - if (res == NULL) { - composite_error(state->ctx, NT_STATUS_NO_MEMORY); - return; - } - DEBUG(6, ("cmd_getgroups_recv_pwnam uid %d\n",pw->pw_uid)); - - composite_continue(ctx, res, wb_getgroups_uid2sid_recv, state); - } -} - -/* - Receive the SID and request groups through the userdomgroups helper -*/ -static void wb_getgroups_uid2sid_recv(struct composite_context *ctx) -{ - struct composite_context *res; - struct cmd_getgroups_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getgroups_state); - NTSTATUS status; - struct dom_sid *sid; - char *sid_str; - - DEBUG(5, ("wb_getgroups_uid2sid_recv called\n")); - - status = wb_uid2sid_recv(ctx, state, &sid); - if(NT_STATUS_IS_OK(status)) { - sid_str = dom_sid_string(state, sid); - - /* If the conversion failed, bail out with a failure. */ - if (sid_str != NULL) { - DEBUG(7, ("wb_getgroups_uid2sid_recv SID = %s\n",sid_str)); - /* Ok got the SID now get the groups */ - res = wb_cmd_userdomgroups_send(state, state->service, sid); - if (res == NULL) { - composite_error(state->ctx, - NT_STATUS_NO_MEMORY); - return; - } - - composite_continue(ctx, res, wb_getgroups_userdomsgroups_recv, state); - } else { - composite_error(state->ctx, NT_STATUS_UNSUCCESSFUL); - } - } -} - -/* - Receive groups and search for uid for the first group -*/ -static void wb_getgroups_userdomsgroups_recv(struct composite_context *ctx) { - struct cmd_getgroups_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getgroups_state); - uint32_t num_sids; - struct dom_sid **sids; - - DEBUG(5, ("wb_getgroups_userdomsgroups_recv called\n")); - state->ctx->status = wb_cmd_userdomgroups_recv(ctx,state,&num_sids,&sids); - if (!composite_is_ok(state->ctx)) return; - - DEBUG(5, ("wb_getgroups_userdomsgroups_recv %d groups\n",num_sids)); - - state->sids=sids; - state->num_groups=num_sids; - state->current_group=0; - - if(num_sids > 0) { - state->gids = talloc_array(state, gid_t, state->num_groups); - ctx = wb_sid2gid_send(state, state->service, state->sids[state->current_group]); - composite_continue(state->ctx, ctx, cmd_getgroups_recv_gid, state); - } else { - composite_done(state->ctx); - } -} - -/* - Receive and uid the previous searched group and request the uid for the next one -*/ -static void cmd_getgroups_recv_gid(struct composite_context *ctx) -{ - struct cmd_getgroups_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getgroups_state); - gid_t gid; - - DEBUG(5, ("cmd_getgroups_recv_gid called\n")); - - state->ctx->status = wb_sid2gid_recv(ctx, &gid); - if(!composite_is_ok(state->ctx)) return; - - state->gids[state->current_group] = gid; - DEBUG(5, ("cmd_getgroups_recv_gid group %d \n",state->current_group)); - - state->current_group++; - if(state->current_group < state->num_groups ) { - ctx = wb_sid2gid_send(state, state->service, state->sids[state->current_group]); - composite_continue(state->ctx, ctx, cmd_getgroups_recv_gid, state); - } else { - composite_done(state->ctx); - } -} - -/* - Return list of uids when finished -*/ -NTSTATUS wb_cmd_getgroups_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, gid_t **groups, - uint32_t *num_groups) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_cmd_getgroups_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct cmd_getgroups_state *state = - talloc_get_type(ctx->private_data, - struct cmd_getgroups_state); - *groups = talloc_steal(mem_ctx, state->gids); - *num_groups = state->num_groups; - } - talloc_free(ctx); - return status; -} diff --git a/source4/winbind/wb_cmd_getpwent.c b/source4/winbind/wb_cmd_getpwent.c deleted file mode 100644 index 45b966377ad..00000000000 --- a/source4/winbind/wb_cmd_getpwent.c +++ /dev/null @@ -1,125 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for getpwent - - Copyright (C) Kai Blin 2007 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -struct cmd_getpwent_state { - struct composite_context *ctx; - struct wbsrv_service *service; - - struct wbsrv_pwent *pwent; - uint32_t max_users; - - uint32_t num_users; - struct winbindd_pw *result; -}; - -static void cmd_getpwent_recv_pwnam(struct composite_context *ctx); -#if 0 /*FIXME: implement this*/ -static void cmd_getpwent_recv_user_list(struct composite_context *ctx); -#endif - -struct composite_context *wb_cmd_getpwent_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, struct wbsrv_pwent *pwent, - uint32_t max_users) -{ - struct composite_context *ctx, *result; - struct cmd_getpwent_state *state; - - DEBUG(5, ("wb_cmd_getpwent_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(mem_ctx, struct cmd_getpwent_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - state->pwent = pwent; - state->max_users = max_users; - state->num_users = 0; - - /* If there are users left in the libnet_UserList and we're below the - * maximum number of users to get per winbind getpwent call, use - * getpwnam to get the winbindd_pw struct */ - if (pwent->page_index < pwent->user_list->out.count) { - int idx = pwent->page_index; - char *username = talloc_strdup(state, - pwent->user_list->out.users[idx].username); - - pwent->page_index++; - ctx = wb_cmd_getpwnam_send(state, service, username); - if (composite_nomem(ctx, state->ctx)) return result; - - composite_continue(state->ctx, ctx, cmd_getpwent_recv_pwnam, - state); - } else { - /* If there is no valid user left, call libnet_UserList to get a new - * list of users. */ - composite_error(state->ctx, NT_STATUS_NO_MORE_ENTRIES); - } - return result; -} - -static void cmd_getpwent_recv_pwnam(struct composite_context *ctx) -{ - struct cmd_getpwent_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getpwent_state); - struct winbindd_pw *pw; - - DEBUG(5, ("cmd_getpwent_recv_pwnam called\n")); - - state->ctx->status = wb_cmd_getpwnam_recv(ctx, state, &pw); - if (!composite_is_ok(state->ctx)) return; - - /*FIXME: Cheat for now and only get one user per call */ - state->result = pw; - - composite_done(state->ctx); -} - -NTSTATUS wb_cmd_getpwent_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, struct winbindd_pw **pw, - uint32_t *num_users) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_cmd_getpwent_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct cmd_getpwent_state *state = - talloc_get_type(ctx->private_data, - struct cmd_getpwent_state); - *pw = talloc_steal(mem_ctx, state->result); - /*FIXME: Cheat and only get oner user */ - *num_users = 1; - } - - talloc_free(ctx); - return status; -} - diff --git a/source4/winbind/wb_cmd_getpwnam.c b/source4/winbind/wb_cmd_getpwnam.c deleted file mode 100644 index 2a25ba3d16c..00000000000 --- a/source4/winbind/wb_cmd_getpwnam.c +++ /dev/null @@ -1,208 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo -i - - Copyright (C) Kai Blin 2007 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "param/param.h" -#include "winbind/wb_helper.h" -#include "smbd/service_task.h" -#include "libcli/security/security.h" - -struct cmd_getpwnam_state { - struct composite_context *ctx; - struct wbsrv_service *service; - char *name; - char *workgroup_name; - struct dom_sid *group_sid; - - struct winbindd_pw *result; -}; - -static void cmd_getpwnam_recv_domain(struct composite_context *ctx); -static void cmd_getpwnam_recv_user_info(struct composite_context *ctx); -static void cmd_getpwnam_recv_uid(struct composite_context *ctx); -static void cmd_getpwnam_recv_gid(struct composite_context *ctx); - -struct composite_context *wb_cmd_getpwnam_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const char *name) -{ - struct composite_context *result, *ctx; - struct cmd_getpwnam_state *state; - - DEBUG(5, ("wb_cmd_getpwnam_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct cmd_getpwnam_state); - if (composite_nomem(state, result)) return result; - state->ctx = result; - result->private_data = state; - state->service = service; - state->name = talloc_strdup(state, name); - if(composite_nomem(state->name, result)) return result; - - ctx = wb_name2domain_send(state, service, name); - if (composite_nomem(ctx, result)) return result; - - composite_continue(result, ctx, cmd_getpwnam_recv_domain, state); - return result; -} - -static void cmd_getpwnam_recv_domain(struct composite_context *ctx) -{ - struct cmd_getpwnam_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_getpwnam_state); - struct wbsrv_domain *domain; - struct libnet_UserInfo *user_info; - char *user_dom, *user_name; - bool ok; - - state->ctx->status = wb_name2domain_recv(ctx, &domain); - if(!composite_is_ok(state->ctx)) return; - - user_info = talloc(state, struct libnet_UserInfo); - if (composite_nomem(user_info, state->ctx)) return; - - ok = wb_samba3_split_username(state, state->service->task->lp_ctx, - state->name, &user_dom, &user_name); - if(!ok){ - composite_error(state->ctx, NT_STATUS_OBJECT_NAME_INVALID); - return; - } - - user_info->in.level = USER_INFO_BY_NAME; - user_info->in.data.user_name = user_name; - user_info->in.domain_name = domain->libnet_ctx->samr.name; - state->workgroup_name = talloc_strdup(state, - domain->libnet_ctx->samr.name); - if(composite_nomem(state->workgroup_name, state->ctx)) return; - - ctx = libnet_UserInfo_send(domain->libnet_ctx, state, user_info, NULL); - - composite_continue(state->ctx, ctx, cmd_getpwnam_recv_user_info, state); -} - -static void cmd_getpwnam_recv_user_info(struct composite_context *ctx) -{ - struct cmd_getpwnam_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_getpwnam_state); - struct libnet_UserInfo *user_info; - struct winbindd_pw *pw; - char *username_with_domain; - char *lowercase_username; - - DEBUG(5, ("cmd_getpwnam_recv_user_info called\n")); - - user_info = talloc(state, struct libnet_UserInfo); - if(composite_nomem(user_info, state->ctx)) return; - - pw = talloc(state, struct winbindd_pw); - if(composite_nomem(pw, state->ctx)) return; - - state->ctx->status = libnet_UserInfo_recv(ctx, state, user_info); - if(!composite_is_ok(state->ctx)) return; - - lowercase_username = strlower_talloc(state, user_info->out.account_name); - if (composite_nomem(lowercase_username, state->ctx)) { - return; - } - - username_with_domain = talloc_asprintf(pw, "%s%s%s", - state->workgroup_name, - lpcfg_winbind_separator(state->service->task->lp_ctx), - lowercase_username); - if(composite_nomem(username_with_domain, state->ctx)) return; - - WBSRV_SAMBA3_SET_STRING(pw->pw_name, username_with_domain); - WBSRV_SAMBA3_SET_STRING(pw->pw_passwd, "*"); - WBSRV_SAMBA3_SET_STRING(pw->pw_gecos, user_info->out.full_name); - WBSRV_SAMBA3_SET_STRING(pw->pw_dir, - lpcfg_template_homedir(state->service->task->lp_ctx)); - all_string_sub(pw->pw_dir, "%D", state->workgroup_name, - sizeof(fstring) - 1); - all_string_sub(pw->pw_dir, "%U", lowercase_username, - sizeof(fstring) - 1); - WBSRV_SAMBA3_SET_STRING(pw->pw_shell, - lpcfg_template_shell(state->service->task->lp_ctx)); - - state->group_sid = dom_sid_dup(state, user_info->out.primary_group_sid); - if(composite_nomem(state->group_sid, state->ctx)) return; - - state->result = pw; - - ctx = wb_sid2uid_send(state, state->service, user_info->out.user_sid); - composite_continue(state->ctx, ctx, cmd_getpwnam_recv_uid, state); -} - -static void cmd_getpwnam_recv_uid(struct composite_context *ctx) -{ - struct cmd_getpwnam_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_getpwnam_state); - uid_t uid; - - DEBUG(5, ("cmd_getpwnam_recv_uid called\n")); - - state->ctx->status = wb_sid2uid_recv(ctx, &uid); - if(!composite_is_ok(state->ctx)) return; - - state->result->pw_uid = uid; - - ctx = wb_sid2gid_send(state, state->service, state->group_sid); - composite_continue(state->ctx, ctx, cmd_getpwnam_recv_gid, state); -} - -static void cmd_getpwnam_recv_gid(struct composite_context *ctx) -{ - struct cmd_getpwnam_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_getpwnam_state); - gid_t gid; - - DEBUG(5, ("cmd_getpwnam_recv_gid called\n")); - - state->ctx->status = wb_sid2gid_recv(ctx, &gid); - if(!composite_is_ok(state->ctx)) return; - - state->result->pw_gid = gid; - - composite_done(state->ctx); -} - -NTSTATUS wb_cmd_getpwnam_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, struct winbindd_pw **pw) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_cmd_getpwnam_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct cmd_getpwnam_state *state = - talloc_get_type(ctx->private_data, - struct cmd_getpwnam_state); - *pw = talloc_steal(mem_ctx, state->result); - } - talloc_free(ctx); - return status; - -} - diff --git a/source4/winbind/wb_cmd_getpwuid.c b/source4/winbind/wb_cmd_getpwuid.c deleted file mode 100644 index 6da3c088d25..00000000000 --- a/source4/winbind/wb_cmd_getpwuid.c +++ /dev/null @@ -1,213 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Backend for getpwuid - - Copyright (C) Kai Blin 2007 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "param/param.h" - -struct cmd_getpwuid_state { - struct composite_context *ctx; - struct wbsrv_service *service; - uid_t uid; - struct dom_sid *sid; - char *workgroup; - struct wbsrv_domain *domain; - - struct winbindd_pw *result; -}; - -static void cmd_getpwuid_recv_sid(struct composite_context *ctx); -static void cmd_getpwuid_recv_domain(struct composite_context *ctx); -static void cmd_getpwuid_recv_user_info(struct composite_context *ctx); -static void cmd_getpwuid_recv_gid(struct composite_context *ctx); - -/* Get the SID using the uid */ - -struct composite_context *wb_cmd_getpwuid_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - uid_t uid) -{ - struct composite_context *ctx, *result; - struct cmd_getpwuid_state *state; - - DEBUG(5, ("wb_cmd_getpwuid_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct cmd_getpwuid_state); - if (composite_nomem(state, result)) return result; - state->ctx = result; - result->private_data = state; - state->service = service; - state->uid = uid; - - ctx = wb_uid2sid_send(state, service, uid); - if (composite_nomem(ctx, state->ctx)) return result; - - composite_continue(result, ctx, cmd_getpwuid_recv_sid, state); - return result; -} - - -/* Receive the sid and get the domain structure with it */ - -static void cmd_getpwuid_recv_sid(struct composite_context *ctx) -{ - struct cmd_getpwuid_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getpwuid_state); - - DEBUG(5, ("cmd_getpwuid_recv_sid called %p\n", ctx->private_data)); - - state->ctx->status = wb_uid2sid_recv(ctx, state, &state->sid); - if (!composite_is_ok(state->ctx)) return; - - ctx = wb_sid2domain_send(state, state->service, state->sid); - - composite_continue(state->ctx, ctx, cmd_getpwuid_recv_domain, state); -} - -/* Receive the domain struct and call libnet to get the user info struct */ - -static void cmd_getpwuid_recv_domain(struct composite_context *ctx) -{ - struct cmd_getpwuid_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getpwuid_state); - struct libnet_UserInfo *user_info; - - DEBUG(5, ("cmd_getpwuid_recv_domain called\n")); - - state->ctx->status = wb_sid2domain_recv(ctx, &state->domain); - if (!composite_is_ok(state->ctx)) return; - - user_info = talloc(state, struct libnet_UserInfo); - if (composite_nomem(user_info, state->ctx)) return; - - user_info->in.level = USER_INFO_BY_SID; - user_info->in.data.user_sid = state->sid; - user_info->in.domain_name = state->domain->libnet_ctx->samr.name; - - /* We need the workgroup later, so copy it */ - state->workgroup = talloc_strdup(state, - state->domain->libnet_ctx->samr.name); - if (composite_nomem(state->workgroup, state->ctx)) return; - - ctx = libnet_UserInfo_send(state->domain->libnet_ctx, state, user_info, - NULL); - - composite_continue(state->ctx, ctx, cmd_getpwuid_recv_user_info, state); -} - -/* Receive the user info struct and get the gid for the user */ - -static void cmd_getpwuid_recv_user_info(struct composite_context *ctx) -{ - struct cmd_getpwuid_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getpwuid_state); - struct libnet_UserInfo *user_info; - struct winbindd_pw *pw; - char *username_with_domain; - char *lowercase_username; - - DEBUG(5, ("cmd_getpwuid_recv_user_info called\n")); - - pw = talloc(state, struct winbindd_pw); - if (composite_nomem(pw, state->ctx)) return; - - user_info = talloc(state, struct libnet_UserInfo); - if(composite_nomem(user_info, state->ctx)) return; - - state->ctx->status = libnet_UserInfo_recv(ctx, state, user_info); - if (!composite_is_ok(state->ctx)) return; - - lowercase_username = strlower_talloc(state, user_info->out.account_name); - if (composite_nomem(lowercase_username, state->ctx)) { - return; - } - - username_with_domain = talloc_asprintf(pw, "%s%s%s", - state->workgroup, - lpcfg_winbind_separator(state->service->task->lp_ctx), - lowercase_username); - if(composite_nomem(username_with_domain, state->ctx)) return; - - WBSRV_SAMBA3_SET_STRING(pw->pw_name, username_with_domain); - WBSRV_SAMBA3_SET_STRING(pw->pw_passwd, "*"); - WBSRV_SAMBA3_SET_STRING(pw->pw_gecos, user_info->out.full_name); - WBSRV_SAMBA3_SET_STRING(pw->pw_dir, - lpcfg_template_homedir(state->service->task->lp_ctx)); - all_string_sub(pw->pw_dir, "%D", state->workgroup, - sizeof(fstring) - 1); - all_string_sub(pw->pw_dir, "%U", lowercase_username, - sizeof(fstring) - 1); - WBSRV_SAMBA3_SET_STRING(pw->pw_shell, - lpcfg_template_shell(state->service->task->lp_ctx)); - - pw->pw_uid = state->uid; - - state->result = pw; - - ctx = wb_sid2gid_send(state, state->service, - user_info->out.primary_group_sid); - - composite_continue(state->ctx, ctx, cmd_getpwuid_recv_gid, state); -} - -static void cmd_getpwuid_recv_gid(struct composite_context *ctx) -{ - struct cmd_getpwuid_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_getpwuid_state); - gid_t gid; - - DEBUG(5, ("cmd_getpwuid_recv_gid called\n")); - - state->ctx->status = wb_sid2gid_recv(ctx, &gid); - if (!composite_is_ok(state->ctx)) return; - - state->result->pw_gid = gid; - - composite_done(state->ctx); -} - -NTSTATUS wb_cmd_getpwuid_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, struct winbindd_pw **pw) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_cmd_getpwuid_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct cmd_getpwuid_state *state = - talloc_get_type(ctx->private_data, - struct cmd_getpwuid_state); - *pw = talloc_steal(mem_ctx, state->result); - } - talloc_free(ctx); - return status; - -} - diff --git a/source4/winbind/wb_cmd_list_groups.c b/source4/winbind/wb_cmd_list_groups.c deleted file mode 100644 index db256761d32..00000000000 --- a/source4/winbind/wb_cmd_list_groups.c +++ /dev/null @@ -1,206 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo -g - - Copyright (C) Kai Blin 2009 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -struct cmd_list_groups_state { - struct composite_context *ctx; - struct wbsrv_service *service; - - struct wbsrv_domain *domain; - char *domain_name; - uint32_t resume_index; - char *result; - uint32_t num_groups; -}; - -static void cmd_list_groups_recv_domain(struct composite_context *ctx); -static void cmd_list_groups_recv_group_list(struct composite_context *ctx); - -struct composite_context *wb_cmd_list_groups_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, const char *domain_name) -{ - struct composite_context *ctx, *result; - struct cmd_list_groups_state *state; - - DEBUG(5, ("wb_cmd_list_groups_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct cmd_list_groups_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - state->resume_index = 0; - state->num_groups = 0; - state->result = talloc_strdup(state, ""); - if (composite_nomem(state->result, state->ctx)) return result; - - /*FIXME: We should look up the domain in the winbind request if it is - * set, not just take the primary domain. However, I want to get the - * libnet logic to work first. */ - - if (domain_name && *domain_name != '\0') { - state->domain_name = talloc_strdup(state, domain_name); - if (composite_nomem(state->domain_name, state->ctx)) - return result; - } else { - state->domain_name = NULL; - } - - ctx = wb_sid2domain_send(state, service, service->primary_sid); - if (composite_nomem(ctx, state->ctx)) return result; - - composite_continue(state->ctx, ctx, cmd_list_groups_recv_domain, state); - return result; -} - -static void cmd_list_groups_recv_domain(struct composite_context *ctx) -{ - struct cmd_list_groups_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_list_groups_state); - struct wbsrv_domain *domain; - struct libnet_GroupList *group_list; - - DEBUG(5, ("cmd_list_groups_recv_domain called\n")); - - state->ctx->status = wb_sid2domain_recv(ctx, &domain); - if (!composite_is_ok(state->ctx)) return; - - /* we use this entry also for context purposes (libnet_GroupList) */ - state->domain = domain; - - /* If this is non-null, we've looked up the domain given in the winbind - * request, otherwise we'll just use the default name .*/ - if (state->domain_name == NULL) { - state->domain_name = talloc_strdup(state, - state->domain->libnet_ctx->samr.name); - if (composite_nomem(state->domain_name, state->ctx)) return; - } - - group_list = talloc(state, struct libnet_GroupList); - if (composite_nomem(group_list, state->ctx)) return; - - group_list->in.domain_name = state->domain_name; - - /* Rafal suggested that 128 is a good number here. I don't like magic - * numbers too much, but for now it'll have to do. - */ - group_list->in.page_size = 128; - group_list->in.resume_index = state->resume_index; - - ctx = libnet_GroupList_send(state->domain->libnet_ctx, state, - group_list, NULL); - - composite_continue(state->ctx, ctx, cmd_list_groups_recv_group_list, - state); -} - -static void cmd_list_groups_recv_group_list(struct composite_context *ctx) -{ - struct cmd_list_groups_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_list_groups_state); - struct libnet_GroupList *group_list; - NTSTATUS status; - int i; - - DEBUG(5, ("cmd_list_groups_recv_group_list called\n")); - - group_list = talloc(state, struct libnet_GroupList); - if (composite_nomem(group_list, state->ctx)) return; - - status = libnet_GroupList_recv(ctx, state, group_list); - - /* If NTSTATUS is neither OK nor MORE_ENTRIES, something broke */ - if (!NT_STATUS_IS_OK(status) && - !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES) && - !NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES)) { - composite_error(state->ctx, status); - return; - } - - for (i = 0; i < group_list->out.count; ++i) { - DEBUG(5, ("Appending group '%s'\n", - group_list->out.groups[i].groupname)); - state->result = talloc_asprintf_append_buffer(state->result, - "%s,", - group_list->out.groups[i].groupname); - state->num_groups++; - } - - /* If the status is OK, we're finished, there's no more groups. - * So we'll trim off the trailing ',' and are done.*/ - if (NT_STATUS_IS_OK(status)) { - size_t str_len = strlen(state->result); - DEBUG(5, ("list_GroupList_recv returned NT_STATUS_OK\n")); - if (str_len > 0) { - state->result[str_len - 1] = '\0'; - } - composite_done(state->ctx); - return; - } - - DEBUG(5, ("list_GroupList_recv returned NT_STATUS_MORE_ENTRIES\n")); - - /* Otherwise there's more groups to get, so call out to libnet and - * continue on this function here. */ - - group_list->in.domain_name = state->domain_name; - /* See comment above about the page size. 128 seems like a good default. - */ - group_list->in.page_size = 128; - group_list->in.resume_index = group_list->out.resume_index; - - ctx = libnet_GroupList_send(state->domain->libnet_ctx, state,group_list, - NULL); - - composite_continue(state->ctx, ctx, cmd_list_groups_recv_group_list, - state); -} - -NTSTATUS wb_cmd_list_groups_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, uint32_t *extra_data_len, - char **extra_data, uint32_t *num_groups) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_cmd_list_groups_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct cmd_list_groups_state *state = talloc_get_type( - ctx->private_data, struct cmd_list_groups_state); - - *extra_data_len = strlen(state->result); - *extra_data = talloc_steal(mem_ctx, state->result); - *num_groups = state->num_groups; - } - - talloc_free(ctx); - return status; -} - - diff --git a/source4/winbind/wb_cmd_list_trustdom.c b/source4/winbind/wb_cmd_list_trustdom.c deleted file mode 100644 index 899de61c078..00000000000 --- a/source4/winbind/wb_cmd_list_trustdom.c +++ /dev/null @@ -1,199 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo -m - - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "librpc/gen_ndr/ndr_lsa_c.h" - -/* List trusted domains. To avoid the trouble with having to wait for other - * conflicting requests waiting for the lsa pipe we're opening our own lsa - * pipe here. */ - -struct cmd_list_trustdom_state { - struct composite_context *ctx; - struct dcerpc_pipe *lsa_pipe; - struct policy_handle *lsa_policy; - uint32_t num_domains; - struct wb_dom_info **domains; - - uint32_t resume_handle; - struct lsa_DomainList domainlist; - struct lsa_EnumTrustDom r; -}; - -static void cmd_list_trustdoms_recv_domain(struct composite_context *ctx); -static void cmd_list_trustdoms_recv_lsa(struct composite_context *ctx); -static void cmd_list_trustdoms_recv_doms(struct tevent_req *subreq); - -struct composite_context *wb_cmd_list_trustdoms_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service) -{ - struct composite_context *result, *ctx; - struct cmd_list_trustdom_state *state; - - result = composite_create(mem_ctx, service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct cmd_list_trustdom_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - ctx = wb_sid2domain_send(state, service, service->primary_sid); - if (ctx == NULL) goto failed; - ctx->async.fn = cmd_list_trustdoms_recv_domain; - ctx->async.private_data = state; - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void cmd_list_trustdoms_recv_domain(struct composite_context *ctx) -{ - struct cmd_list_trustdom_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_list_trustdom_state); - struct wbsrv_domain *domain; - - state->ctx->status = wb_sid2domain_recv(ctx, &domain); - if (!composite_is_ok(state->ctx)) return; - - ctx = wb_init_lsa_send(state, domain); - composite_continue(state->ctx, ctx, cmd_list_trustdoms_recv_lsa, - state); -} - -static void cmd_list_trustdoms_recv_lsa(struct composite_context *ctx) -{ - struct cmd_list_trustdom_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_list_trustdom_state); - struct tevent_req *subreq; - - state->ctx->status = wb_init_lsa_recv(ctx, state, - &state->lsa_pipe, - &state->lsa_policy); - if (!composite_is_ok(state->ctx)) return; - - state->num_domains = 0; - state->domains = NULL; - - state->domainlist.count = 0; - state->domainlist.domains = NULL; - - state->resume_handle = 0; - state->r.in.handle = state->lsa_policy; - state->r.in.resume_handle = &state->resume_handle; - state->r.in.max_size = 1000; - state->r.out.resume_handle = &state->resume_handle; - state->r.out.domains = &state->domainlist; - - subreq = dcerpc_lsa_EnumTrustDom_r_send(state, - state->ctx->event_ctx, - state->lsa_pipe->binding_handle, - &state->r); - if (composite_nomem(subreq, state->ctx)) return; - tevent_req_set_callback(subreq, cmd_list_trustdoms_recv_doms, state); -} - -static void cmd_list_trustdoms_recv_doms(struct tevent_req *subreq) -{ - struct cmd_list_trustdom_state *state = - tevent_req_callback_data(subreq, - struct cmd_list_trustdom_state); - uint32_t i, old_num_domains; - - state->ctx->status = dcerpc_lsa_EnumTrustDom_r_recv(subreq, state); - TALLOC_FREE(subreq); - if (!composite_is_ok(state->ctx)) return; - state->ctx->status = state->r.out.result; - - if (!NT_STATUS_IS_OK(state->ctx->status) && - !NT_STATUS_EQUAL(state->ctx->status, NT_STATUS_NO_MORE_ENTRIES) && - !NT_STATUS_EQUAL(state->ctx->status, STATUS_MORE_ENTRIES)) { - composite_error(state->ctx, state->ctx->status); - return; - } - - old_num_domains = state->num_domains; - - state->num_domains += state->r.out.domains->count; - state->domains = talloc_realloc(state, state->domains, - struct wb_dom_info *, - state->num_domains); - if (state->num_domains && - composite_nomem(state->domains, state->ctx)) return; - - for (i=0; i<state->r.out.domains->count; i++) { - uint32_t j = i+old_num_domains; - state->domains[j] = talloc(state->domains, - struct wb_dom_info); - if (composite_nomem(state->domains[i], state->ctx)) return; - state->domains[j]->name = talloc_steal( - state->domains[j], - state->r.out.domains->domains[i].name.string); - state->domains[j]->sid = talloc_steal( - state->domains[j], - state->r.out.domains->domains[i].sid); - } - - if (NT_STATUS_IS_OK(state->ctx->status) || NT_STATUS_EQUAL(state->ctx->status, NT_STATUS_NO_MORE_ENTRIES)) { - state->ctx->status = NT_STATUS_OK; - composite_done(state->ctx); - return; - } - - state->domainlist.count = 0; - state->domainlist.domains = NULL; - state->r.in.handle = state->lsa_policy; - state->r.in.resume_handle = &state->resume_handle; - state->r.in.max_size = 1000; - state->r.out.resume_handle = &state->resume_handle; - state->r.out.domains = &state->domainlist; - - subreq = dcerpc_lsa_EnumTrustDom_r_send(state, - state->ctx->event_ctx, - state->lsa_pipe->binding_handle, - &state->r); - if (composite_nomem(subreq, state->ctx)) return; - tevent_req_set_callback(subreq, cmd_list_trustdoms_recv_doms, state); -} - -NTSTATUS wb_cmd_list_trustdoms_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, - uint32_t *num_domains, - struct wb_dom_info ***domains) -{ - NTSTATUS status = composite_wait(ctx); - if (NT_STATUS_IS_OK(status)) { - struct cmd_list_trustdom_state *state = - talloc_get_type(ctx->private_data, - struct cmd_list_trustdom_state); - *num_domains = state->num_domains; - *domains = talloc_steal(mem_ctx, state->domains); - } - talloc_free(ctx); - return status; -} diff --git a/source4/winbind/wb_cmd_list_users.c b/source4/winbind/wb_cmd_list_users.c deleted file mode 100644 index 03544f6585b..00000000000 --- a/source4/winbind/wb_cmd_list_users.c +++ /dev/null @@ -1,200 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo -u - - Copyright (C) Kai Blin 2007 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -struct cmd_list_users_state { - struct composite_context *ctx; - struct wbsrv_service *service; - - struct wbsrv_domain *domain; - char *domain_name; - uint32_t resume_index; - char *result; - uint32_t num_users; -}; - -static void cmd_list_users_recv_domain(struct composite_context *ctx); -static void cmd_list_users_recv_user_list(struct composite_context *ctx); - -struct composite_context *wb_cmd_list_users_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, const char *domain_name) -{ - struct composite_context *ctx, *result; - struct cmd_list_users_state *state; - - DEBUG(5, ("wb_cmd_list_users_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct cmd_list_users_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - state->resume_index = 0; - state->num_users = 0; - state->result = talloc_strdup(state, ""); - if (composite_nomem(state->result, state->ctx)) return result; - - /*FIXME: We should look up the domain in the winbind request if it is - * set, not just take the primary domain. However, I want to get the - * libnet logic to work first. */ - - if (domain_name && *domain_name != '\0') { - state->domain_name = talloc_strdup(state, domain_name); - if (composite_nomem(state->domain_name, state->ctx)) - return result; - } else { - state->domain_name = NULL; - } - - ctx = wb_sid2domain_send(state, service, service->primary_sid); - if (composite_nomem(ctx, state->ctx)) return result; - - composite_continue(state->ctx, ctx, cmd_list_users_recv_domain, state); - return result; -} - -static void cmd_list_users_recv_domain(struct composite_context *ctx) -{ - struct cmd_list_users_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_list_users_state); - struct wbsrv_domain *domain; - struct libnet_UserList *user_list; - - DEBUG(5, ("cmd_list_users_recv_domain called\n")); - - state->ctx->status = wb_sid2domain_recv(ctx, &domain); - if (!composite_is_ok(state->ctx)) return; - - state->domain = domain; - - /* If this is non-null, we've looked up the domain given in the winbind - * request, otherwise we'll just use the default name.*/ - if (state->domain_name == NULL) { - state->domain_name = talloc_strdup(state, - domain->libnet_ctx->samr.name); - if (composite_nomem(state->domain_name, state->ctx)) return; - } - - user_list = talloc(state, struct libnet_UserList); - if (composite_nomem(user_list, state->ctx)) return; - - user_list->in.domain_name = state->domain_name; - - /* Rafal suggested that 128 is a good number here. I don't like magic - * numbers too much, but for now it'll have to do. - */ - user_list->in.page_size = 128; - user_list->in.resume_index = state->resume_index; - - ctx = libnet_UserList_send(domain->libnet_ctx, state, user_list, NULL); - - composite_continue(state->ctx, ctx, cmd_list_users_recv_user_list, - state); -} - -static void cmd_list_users_recv_user_list(struct composite_context *ctx) -{ - struct cmd_list_users_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_list_users_state); - struct libnet_UserList *user_list; - NTSTATUS status; - int i; - - DEBUG(5, ("cmd_list_users_recv_user_list called\n")); - - user_list = talloc(state, struct libnet_UserList); - if (composite_nomem(user_list, state->ctx)) return; - - status = libnet_UserList_recv(ctx, state, user_list); - - /* If NTSTATUS is neither OK nor MORE_ENTRIES, something broke */ - if (!NT_STATUS_IS_OK(status) && - !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES) && - !NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES)) { - composite_error(state->ctx, status); - return; - } - - for (i = 0; i < user_list->out.count; ++i) { - DEBUG(5, ("Appending user '%s'\n", user_list->out.users[i].username)); - state->result = talloc_asprintf_append_buffer(state->result, "%s,", - user_list->out.users[i].username); - state->num_users++; - } - - /* If the status is OK, we're finished, there's no more users. - * So we'll trim off the trailing ',' and are done.*/ - if (NT_STATUS_IS_OK(status)) { - int str_len = strlen(state->result); - DEBUG(5, ("list_UserList_recv returned NT_STATUS_OK\n")); - state->result[str_len - 1] = '\0'; - composite_done(state->ctx); - return; - } - - DEBUG(5, ("list_UserList_recv returned NT_STATUS_MORE_ENTRIES\n")); - - /* Otherwise there's more users to get, so call out to libnet and - * continue on this function here. */ - - user_list->in.domain_name = state->domain_name; - /* See comment above about the page size. 128 seems like a good default. - */ - user_list->in.page_size = 128; - user_list->in.resume_index = user_list->out.resume_index; - - ctx = libnet_UserList_send(state->domain->libnet_ctx, state, user_list, - NULL); - - composite_continue(state->ctx, ctx, cmd_list_users_recv_user_list, - state); -} - -NTSTATUS wb_cmd_list_users_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, uint32_t *extra_data_len, - char **extra_data, uint32_t *num_users) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_cmd_list_users_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct cmd_list_users_state *state = talloc_get_type( - ctx->private_data, struct cmd_list_users_state); - - *extra_data_len = strlen(state->result); - *extra_data = talloc_steal(mem_ctx, state->result); - *num_users = state->num_users; - } - - talloc_free(ctx); - return status; -} - - diff --git a/source4/winbind/wb_cmd_lookupname.c b/source4/winbind/wb_cmd_lookupname.c deleted file mode 100644 index 7761dcea4f1..00000000000 --- a/source4/winbind/wb_cmd_lookupname.c +++ /dev/null @@ -1,121 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo -n - - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "winbind/wb_helper.h" -#include "smbd/service_task.h" - -struct cmd_lookupname_state { - struct composite_context *ctx; - const char *name; - struct wb_sid_object *result; -}; - -static void lookupname_recv_domain(struct composite_context *ctx); -static void lookupname_recv_sids(struct composite_context *ctx); - -struct composite_context *wb_cmd_lookupname_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const char *dom_name, - const char *name) -{ - struct composite_context *result, *ctx; - struct cmd_lookupname_state *state; - - result = composite_create(mem_ctx, service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct cmd_lookupname_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - state->name = talloc_asprintf(state, "%s\\%s", dom_name, name); - if (state->name == NULL) goto failed; - - ctx = wb_sid2domain_send(state, service, service->primary_sid); - if (ctx == NULL) goto failed; - - ctx->async.fn = lookupname_recv_domain; - ctx->async.private_data = state; - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void lookupname_recv_domain(struct composite_context *ctx) -{ - struct cmd_lookupname_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_lookupname_state); - struct wbsrv_domain *domain; - - state->ctx->status = wb_sid2domain_recv(ctx, &domain); - if (!composite_is_ok(state->ctx)) return; - - ctx = wb_lsa_lookupnames_send(state, state->ctx->event_ctx, - domain->libnet_ctx->lsa.lsa_handle, - &domain->libnet_ctx->lsa.handle, 1, &state->name); - composite_continue(state->ctx, ctx, lookupname_recv_sids, state); -} - -static void lookupname_recv_sids(struct composite_context *ctx) -{ - struct cmd_lookupname_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_lookupname_state); - struct wb_sid_object **sids; - - state->ctx->status = wb_lsa_lookupnames_recv(ctx, state, &sids); - if (!composite_is_ok(state->ctx)) return; - - state->result = sids[0]; - composite_done(state->ctx); -} - -NTSTATUS wb_cmd_lookupname_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - struct wb_sid_object **sid) -{ - struct cmd_lookupname_state *state = - talloc_get_type(c->private_data, struct cmd_lookupname_state); - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - *sid = talloc_steal(mem_ctx, state->result); - } - talloc_free(state); - return status; -} - -NTSTATUS wb_cmd_lookupname(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const char *dom_name, - const char *name, - struct wb_sid_object **sid) -{ - struct composite_context *c = - wb_cmd_lookupname_send(mem_ctx, service, dom_name, name); - return wb_cmd_lookupname_recv(c, mem_ctx, sid); -} diff --git a/source4/winbind/wb_cmd_lookupsid.c b/source4/winbind/wb_cmd_lookupsid.c deleted file mode 100644 index 4996569bad8..00000000000 --- a/source4/winbind/wb_cmd_lookupsid.c +++ /dev/null @@ -1,120 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo -s - - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "winbind/wb_helper.h" -#include "smbd/service_task.h" -#include "libcli/security/security.h" - -struct cmd_lookupsid_state { - struct composite_context *ctx; - const struct dom_sid *sid; - struct wb_sid_object *result; -}; - -static void lookupsid_recv_domain(struct composite_context *ctx); -static void lookupsid_recv_names(struct composite_context *ctx); - -struct composite_context *wb_cmd_lookupsid_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const struct dom_sid *sid) -{ - struct composite_context *result, *ctx; - struct cmd_lookupsid_state *state; - - DEBUG(5, ("wb_cmd_lookupsid_send called\n")); - result = composite_create(mem_ctx, service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct cmd_lookupsid_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - state->sid = dom_sid_dup(state, sid); - if (state->sid == NULL) goto failed; - - ctx = wb_sid2domain_send(state, service, service->primary_sid); - if (ctx == NULL) goto failed; - - ctx->async.fn = lookupsid_recv_domain; - ctx->async.private_data = state; - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void lookupsid_recv_domain(struct composite_context *ctx) -{ - struct cmd_lookupsid_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_lookupsid_state); - struct wbsrv_domain *domain; - - state->ctx->status = wb_sid2domain_recv(ctx, &domain); - if (!composite_is_ok(state->ctx)) return; - - ctx = wb_lsa_lookupsids_send(state, state->ctx->event_ctx, - domain->libnet_ctx->lsa.lsa_handle, - &domain->libnet_ctx->lsa.handle, 1, &state->sid); - composite_continue(state->ctx, ctx, lookupsid_recv_names, state); -} - -static void lookupsid_recv_names(struct composite_context *ctx) -{ - struct cmd_lookupsid_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_lookupsid_state); - struct wb_sid_object **names; - - state->ctx->status = wb_lsa_lookupsids_recv(ctx, state, &names); - if (!composite_is_ok(state->ctx)) return; - - state->result = names[0]; - composite_done(state->ctx); -} - -NTSTATUS wb_cmd_lookupsid_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - struct wb_sid_object **sid) -{ - struct cmd_lookupsid_state *state = - talloc_get_type(c->private_data, struct cmd_lookupsid_state); - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - *sid = talloc_steal(mem_ctx, state->result); - } - talloc_free(state); - return status; -} - -NTSTATUS wb_cmd_lookupsid(TALLOC_CTX *mem_ctx, struct wbsrv_service *service, - const struct dom_sid *sid, - struct wb_sid_object **name) -{ - struct composite_context *c = - wb_cmd_lookupsid_send(mem_ctx, service, sid); - return wb_cmd_lookupsid_recv(c, mem_ctx, name); -} diff --git a/source4/winbind/wb_cmd_setgrent.c b/source4/winbind/wb_cmd_setgrent.c deleted file mode 100644 index aed5c7088b5..00000000000 --- a/source4/winbind/wb_cmd_setgrent.c +++ /dev/null @@ -1,172 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for setgrent - - Copyright (C) Matthieu Patou 2010 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -struct cmd_setgrent_state { - struct composite_context *ctx; - struct wbsrv_service *service; - struct libnet_context *libnet_ctx; - - struct wbsrv_grent *result; - char *domain_name; -}; - -static void cmd_setgrent_recv_domain(struct composite_context *ctx); -static void cmd_setgrent_recv_group_list(struct composite_context *ctx); - -struct composite_context *wb_cmd_setgrent_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service) -{ - struct composite_context *ctx, *result; - struct cmd_setgrent_state *state; - - DEBUG(5, ("wb_cmd_setgrent_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(mem_ctx, struct cmd_setgrent_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - - state->result = talloc(state, struct wbsrv_grent); - if (composite_nomem(state->result, state->ctx)) return result; - - ctx = wb_sid2domain_send(state, service, service->primary_sid); - if (composite_nomem(ctx, state->ctx)) return result; - - composite_continue(state->ctx, ctx, cmd_setgrent_recv_domain, state); - return result; -} - -static void cmd_setgrent_recv_domain(struct composite_context *ctx) -{ - struct cmd_setgrent_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_setgrent_state); - struct wbsrv_domain *domain; - struct libnet_GroupList *group_list; - - DEBUG(5, ("cmd_setgrent_recv_domain called\n")); - - state->ctx->status = wb_sid2domain_recv(ctx, &domain); - if (!composite_is_ok(state->ctx)) return; - - state->libnet_ctx = domain->libnet_ctx; - - group_list = talloc(state->result, struct libnet_GroupList); - if (composite_nomem(group_list, state->ctx)) return; - - state->domain_name = talloc_strdup(state, - domain->libnet_ctx->samr.name); - group_list->in.domain_name = talloc_strdup(state, - domain->libnet_ctx->samr.name); - if (composite_nomem(group_list->in.domain_name, state->ctx)) return; - - /* Page size recommended by Rafal */ - group_list->in.page_size = 128; - - /* Always get the start of the list */ - group_list->in.resume_index = 0; - - ctx = libnet_GroupList_send(domain->libnet_ctx, state->result, group_list, - NULL); - - state->result->page_index = -1; - composite_continue(state->ctx, ctx, cmd_setgrent_recv_group_list, state); -} - -static void cmd_setgrent_recv_group_list(struct composite_context *ctx) -{ - struct cmd_setgrent_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_setgrent_state); - struct libnet_GroupList *group_list; - struct libnet_GroupList *group_list_send; - DEBUG(5, ("cmd_setgrent_recv_group_list called\n")); - - group_list = talloc(state->result, struct libnet_GroupList); - if (composite_nomem(group_list, state->ctx)) return; - - state->ctx->status = libnet_GroupList_recv(ctx, state->result, - group_list); - if (NT_STATUS_IS_OK(state->ctx->status) || - NT_STATUS_EQUAL(state->ctx->status, STATUS_MORE_ENTRIES)) { - uint32_t resume_index = group_list->out.resume_index; - if( state->result->page_index == -1) { /* First run*/ - state->result->group_list = group_list; - state->result->page_index = 0; - state->result->libnet_ctx = state->libnet_ctx; - } else { - int i; - struct grouplist *tmp; - tmp = state->result->group_list->out.groups; - state->result->group_list->out.groups = talloc_realloc(state->result,tmp,struct grouplist, - state->result->group_list->out.count+group_list->out.count); - tmp = state->result->group_list->out.groups; - for(i=0;i<group_list->out.count;i++ ) { - tmp[i+state->result->group_list->out.count].groupname = talloc_steal(state->result,group_list->out.groups[i].groupname); - } - state->result->group_list->out.count += group_list->out.count; - TALLOC_FREE(group_list); - } - - - if (NT_STATUS_IS_OK(state->ctx->status) ) { - composite_done(state->ctx); - } else { - group_list_send = talloc(state->result, struct libnet_GroupList); - if (composite_nomem(group_list_send, state->ctx)) return; - group_list_send->in.domain_name = talloc_strdup(state, state->domain_name); - group_list_send->in.resume_index = resume_index; - group_list_send->in.page_size = 128; - ctx = libnet_GroupList_send(state->libnet_ctx, state->result, group_list_send, NULL); - composite_continue(state->ctx, ctx, cmd_setgrent_recv_group_list, state); - } - } else { - composite_error(state->ctx, state->ctx->status); - } - return; -} - -NTSTATUS wb_cmd_setgrent_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, struct wbsrv_grent **grent) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_cmd_setgrent_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct cmd_setgrent_state *state = - talloc_get_type(ctx->private_data, - struct cmd_setgrent_state); - - *grent = talloc_steal(mem_ctx, state->result); - } - - talloc_free(ctx); - return status; -} diff --git a/source4/winbind/wb_cmd_setpwent.c b/source4/winbind/wb_cmd_setpwent.c deleted file mode 100644 index ab9fd2ef949..00000000000 --- a/source4/winbind/wb_cmd_setpwent.c +++ /dev/null @@ -1,177 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for setpwent - - Copyright (C) Kai Blin 2007 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -struct cmd_setpwent_state { - struct composite_context *ctx; - struct wbsrv_service *service; - struct libnet_context *libnet_ctx; - - struct wbsrv_pwent *result; - char *domain_name; -}; - -static void cmd_setpwent_recv_domain(struct composite_context *ctx); -static void cmd_setpwent_recv_user_list(struct composite_context *ctx); - -struct composite_context *wb_cmd_setpwent_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service) -{ - struct composite_context *ctx, *result; - struct cmd_setpwent_state *state; - - DEBUG(5, ("wb_cmd_setpwent_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(mem_ctx, struct cmd_setpwent_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - - state->result = talloc(state, struct wbsrv_pwent); - if (composite_nomem(state->result, state->ctx)) return result; - - ctx = wb_sid2domain_send(state, service, service->primary_sid); - if (composite_nomem(ctx, state->ctx)) return result; - - composite_continue(state->ctx, ctx, cmd_setpwent_recv_domain, state); - return result; -} - -static void cmd_setpwent_recv_domain(struct composite_context *ctx) -{ - struct cmd_setpwent_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_setpwent_state); - struct wbsrv_domain *domain; - struct libnet_UserList *user_list; - - DEBUG(5, ("cmd_setpwent_recv_domain called\n")); - - state->ctx->status = wb_sid2domain_recv(ctx, &domain); - if (!composite_is_ok(state->ctx)) return; - - state->libnet_ctx = domain->libnet_ctx; - - user_list = talloc(state->result, struct libnet_UserList); - if (composite_nomem(user_list, state->ctx)) return; - - state->domain_name = talloc_strdup(state, - domain->libnet_ctx->samr.name); - user_list->in.domain_name = talloc_strdup(state, - domain->libnet_ctx->samr.name); - if (composite_nomem(user_list->in.domain_name, state->ctx)) return; - - /* Page size recommended by Rafal */ - user_list->in.page_size = 128; - - /* Always get the start of the list */ - user_list->in.resume_index = 0; - - ctx = libnet_UserList_send(domain->libnet_ctx, state->result, user_list, - NULL); - - state->result->page_index = -1; - composite_continue(state->ctx, ctx, cmd_setpwent_recv_user_list, state); -} - -static void cmd_setpwent_recv_user_list(struct composite_context *ctx) -{ - struct cmd_setpwent_state *state = talloc_get_type( - ctx->async.private_data, struct cmd_setpwent_state); - struct libnet_UserList *user_list; - struct libnet_UserList *user_list_send; - DEBUG(5, ("cmd_setpwent_recv_user_list called\n")); - - user_list = talloc(state->result, struct libnet_UserList); - if (composite_nomem(user_list, state->ctx)) return; - - state->ctx->status = libnet_UserList_recv(ctx, state->result, - user_list); - if (NT_STATUS_IS_OK(state->ctx->status) || - NT_STATUS_EQUAL(state->ctx->status, STATUS_MORE_ENTRIES)) { - - uint32_t resume_index = user_list->out.resume_index; - - if (state->result->page_index == -1) { /* First run*/ - state->result->user_list = user_list; - state->result->page_index = 0; - state->result->libnet_ctx = state->libnet_ctx; - } else { - int i, cnt = state->result->user_list->out.count - + user_list->out.count; - struct userlist *tmp; - tmp = state->result->user_list->out.users; - state->result->user_list->out.users = talloc_realloc(state->result, - tmp, struct userlist, - cnt); - tmp = state->result->user_list->out.users; - for(i=0;i<user_list->out.count;i++ ) { - tmp[state->result->user_list->out.count + i].username - = talloc_strdup(state->result, user_list->out.users[i].username); - } - state->result->user_list->out.count = cnt; - TALLOC_FREE(user_list); - } - - if (NT_STATUS_IS_OK(state->ctx->status) ) { - composite_done(state->ctx); - } else { - user_list_send = talloc(state->result, struct libnet_UserList); - if (composite_nomem(user_list_send, state->ctx)) return; - user_list_send->in.domain_name = talloc_strdup(state, state->domain_name); - user_list_send->in.resume_index = resume_index; - user_list_send->in.page_size = 128; - ctx = libnet_UserList_send(state->libnet_ctx, state->result, user_list_send, NULL); - composite_continue(state->ctx, ctx, cmd_setpwent_recv_user_list, state); - } - } else { - composite_error(state->ctx, state->ctx->status); - } - return; -} - -NTSTATUS wb_cmd_setpwent_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, struct wbsrv_pwent **pwent) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_cmd_setpwent_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct cmd_setpwent_state *state = - talloc_get_type(ctx->private_data, - struct cmd_setpwent_state); - - *pwent = talloc_steal(mem_ctx, state->result); - } - - talloc_free(ctx); - return status; -} - diff --git a/source4/winbind/wb_cmd_userdomgroups.c b/source4/winbind/wb_cmd_userdomgroups.c deleted file mode 100644 index ee53a44bf6e..00000000000 --- a/source4/winbind/wb_cmd_userdomgroups.c +++ /dev/null @@ -1,148 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo --user-domgroups - - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "libcli/security/security.h" -#include "winbind/wb_server.h" -#include "winbind/wb_helper.h" -#include "smbd/service_task.h" - -struct cmd_userdomgroups_state { - struct composite_context *ctx; - struct dom_sid *dom_sid; - uint32_t user_rid; - uint32_t num_rids; - uint32_t *rids; -}; - -static void userdomgroups_recv_domain(struct composite_context *ctx); -static void userdomgroups_recv_rids(struct composite_context *ctx); - -struct composite_context *wb_cmd_userdomgroups_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const struct dom_sid *sid) -{ - struct composite_context *result, *ctx; - struct cmd_userdomgroups_state *state; - - result = composite_create(mem_ctx, service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct cmd_userdomgroups_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - state->dom_sid = dom_sid_dup(state, sid); - if (state->dom_sid == NULL) goto failed; - state->dom_sid->num_auths -= 1; - - state->user_rid = sid->sub_auths[sid->num_auths-1]; - - ctx = wb_sid2domain_send(state, service, sid); - - composite_continue(state->ctx, ctx, userdomgroups_recv_domain, state); - - if (ctx) { - return result; - } - - failed: - talloc_free(result); - return NULL; -} - -static void userdomgroups_recv_domain(struct composite_context *ctx) -{ - struct cmd_userdomgroups_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_userdomgroups_state); - struct wbsrv_domain *domain; - - state->ctx->status = wb_sid2domain_recv(ctx, &domain); - if (!composite_is_ok(state->ctx)) return; - - ctx = wb_samr_userdomgroups_send(state, state->ctx->event_ctx, - domain->libnet_ctx->samr.samr_handle, - &domain->libnet_ctx->samr.handle, - state->user_rid); - composite_continue(state->ctx, ctx, userdomgroups_recv_rids, state); - -} - -static void userdomgroups_recv_rids(struct composite_context *ctx) -{ - struct cmd_userdomgroups_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_userdomgroups_state); - - state->ctx->status = wb_samr_userdomgroups_recv(ctx, state, - &state->num_rids, - &state->rids); - if (!composite_is_ok(state->ctx)) return; - - composite_done(state->ctx); -} - -NTSTATUS wb_cmd_userdomgroups_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - uint32_t *num_sids, struct dom_sid ***sids) -{ - struct cmd_userdomgroups_state *state = - talloc_get_type(c->private_data, - struct cmd_userdomgroups_state); - uint32_t i; - NTSTATUS status; - - status = composite_wait(c); - if (!NT_STATUS_IS_OK(status)) goto done; - - *num_sids = state->num_rids; - *sids = talloc_array(mem_ctx, struct dom_sid *, state->num_rids); - if (*sids == NULL) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - for (i=0; i<state->num_rids; i++) { - (*sids)[i] = dom_sid_add_rid((*sids), state->dom_sid, - state->rids[i]); - if ((*sids)[i] == NULL) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - } - -done: - talloc_free(c); - return status; -} - -NTSTATUS wb_cmd_userdomgroups(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const struct dom_sid *sid, - uint32_t *num_sids, struct dom_sid ***sids) -{ - struct composite_context *c = - wb_cmd_userdomgroups_send(mem_ctx, service, sid); - return wb_cmd_userdomgroups_recv(c, mem_ctx, num_sids, sids); -} diff --git a/source4/winbind/wb_cmd_usersids.c b/source4/winbind/wb_cmd_usersids.c deleted file mode 100644 index da4cb80c7bb..00000000000 --- a/source4/winbind/wb_cmd_usersids.c +++ /dev/null @@ -1,197 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo --user-sids - - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "librpc/gen_ndr/ndr_samr_c.h" -#include "libcli/security/security.h" - -/* Calculate the token in two steps: Go the user's originating domain, ask for - * the user's domain groups. Then with the resulting list of sids go to our - * own domain to expand the aliases aka domain local groups. */ - -struct cmd_usersids_state { - struct composite_context *ctx; - struct wbsrv_service *service; - struct dom_sid *user_sid; - uint32_t num_domgroups; - struct dom_sid **domgroups; - - struct lsa_SidArray lsa_sids; - struct samr_Ids rids; - struct samr_GetAliasMembership r; - - uint32_t num_sids; - struct dom_sid **sids; -}; - -static void usersids_recv_domgroups(struct composite_context *ctx); -static void usersids_recv_domain(struct composite_context *ctx); -static void usersids_recv_aliases(struct tevent_req *subreq); - -struct composite_context *wb_cmd_usersids_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const struct dom_sid *sid) -{ - struct composite_context *result, *ctx; - struct cmd_usersids_state *state; - - - result = composite_create(mem_ctx, service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct cmd_usersids_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - state->service = service; - state->user_sid = dom_sid_dup(state, sid); - if (state->user_sid == NULL) goto failed; - - ctx = wb_cmd_userdomgroups_send(state, service, sid); - if (ctx == NULL) goto failed; - - ctx->async.fn = usersids_recv_domgroups; - ctx->async.private_data = state; - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void usersids_recv_domgroups(struct composite_context *ctx) -{ - struct cmd_usersids_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_usersids_state); - - state->ctx->status = wb_cmd_userdomgroups_recv(ctx, state, - &state->num_domgroups, - &state->domgroups); - if (!composite_is_ok(state->ctx)) return; - - ctx = wb_sid2domain_send(state, state->service, - state->service->primary_sid); - composite_continue(state->ctx, ctx, usersids_recv_domain, state); -} - -static void usersids_recv_domain(struct composite_context *ctx) -{ - struct cmd_usersids_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_usersids_state); - struct tevent_req *subreq; - struct wbsrv_domain *domain; - uint32_t i; - - state->ctx->status = wb_sid2domain_recv(ctx, &domain); - if (!composite_is_ok(state->ctx)) return; - - state->lsa_sids.num_sids = state->num_domgroups+1; - state->lsa_sids.sids = talloc_array(state, struct lsa_SidPtr, - state->lsa_sids.num_sids); - if (composite_nomem(state->lsa_sids.sids, state->ctx)) return; - - state->lsa_sids.sids[0].sid = state->user_sid; - for (i=0; i<state->num_domgroups; i++) { - state->lsa_sids.sids[i+1].sid = state->domgroups[i]; - } - - state->rids.count = 0; - state->rids.ids = NULL; - - state->r.in.domain_handle = &domain->libnet_ctx->samr.handle; - state->r.in.sids = &state->lsa_sids; - state->r.out.rids = &state->rids; - - subreq = dcerpc_samr_GetAliasMembership_r_send(state, - state->ctx->event_ctx, - domain->libnet_ctx->samr.pipe->binding_handle, - &state->r); - if (composite_nomem(subreq, state->ctx)) return; - tevent_req_set_callback(subreq, usersids_recv_aliases, state); -} - -static void usersids_recv_aliases(struct tevent_req *subreq) -{ - struct cmd_usersids_state *state = - tevent_req_callback_data(subreq, - struct cmd_usersids_state); - uint32_t i; - - state->ctx->status = dcerpc_samr_GetAliasMembership_r_recv(subreq, state); - TALLOC_FREE(subreq); - if (!composite_is_ok(state->ctx)) return; - state->ctx->status = state->r.out.result; - if (!composite_is_ok(state->ctx)) return; - - state->num_sids = 1 + state->num_domgroups + state->r.out.rids->count; - state->sids = talloc_array(state, struct dom_sid *, state->num_sids); - if (composite_nomem(state->sids, state->ctx)) return; - - state->sids[0] = talloc_steal(state->sids, state->user_sid); - - for (i=0; i<state->num_domgroups; i++) { - state->sids[1+i] = - talloc_steal(state->sids, state->domgroups[i]); - } - - for (i=0; i<state->r.out.rids->count; i++) { - state->sids[1+state->num_domgroups+i] = dom_sid_add_rid( - state->sids, state->service->primary_sid, - state->r.out.rids->ids[i]); - - if (composite_nomem(state->sids[1+state->num_domgroups+i], - state->ctx)) return; - } - - composite_done(state->ctx); -} - -NTSTATUS wb_cmd_usersids_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, - uint32_t *num_sids, struct dom_sid ***sids) -{ - NTSTATUS status = composite_wait(ctx); - if (NT_STATUS_IS_OK(status)) { - struct cmd_usersids_state *state = - talloc_get_type(ctx->private_data, - struct cmd_usersids_state); - *num_sids = state->num_sids; - *sids = talloc_steal(mem_ctx, state->sids); - } - talloc_free(ctx); - return status; -} - -NTSTATUS wb_cmd_usersids(TALLOC_CTX *mem_ctx, struct wbsrv_service *service, - const struct dom_sid *sid, - uint32_t *num_sids, struct dom_sid ***sids) -{ - struct composite_context *c = - wb_cmd_usersids_send(mem_ctx, service, sid); - return wb_cmd_usersids_recv(c, mem_ctx, num_sids, sids); -} - diff --git a/source4/winbind/wb_connect_lsa.c b/source4/winbind/wb_connect_lsa.c deleted file mode 100644 index 3bf02a0ed09..00000000000 --- a/source4/winbind/wb_connect_lsa.c +++ /dev/null @@ -1,139 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Connect to the LSA pipe, given an smbcli_tree and possibly some - credentials. Try ntlmssp, schannel and anon in that order. - - Copyright (C) Volker Lendecke 2005 - Copyright (C) Andrew Bartlett <abartlet@samba.org> 2007 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" - -#include "librpc/gen_ndr/ndr_lsa_c.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -/* Helper to initialize LSA with a specific auth methods. Verify by opening - * the LSA policy. */ - -struct init_lsa_state { - struct composite_context *ctx; - struct dcerpc_pipe *lsa_pipe; - - uint8_t auth_type; - struct cli_credentials *creds; - - struct lsa_ObjectAttribute objectattr; - struct lsa_OpenPolicy2 openpolicy; - struct policy_handle *handle; -}; - -static void init_lsa_recv_pipe(struct composite_context *ctx); -static void init_lsa_recv_openpol(struct tevent_req *subreq); - -struct composite_context *wb_init_lsa_send(TALLOC_CTX *mem_ctx, - struct wbsrv_domain *domain) -{ - struct composite_context *result, *ctx; - struct init_lsa_state *state; - - result = composite_create(mem_ctx, domain->service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct init_lsa_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - /* this will make the secondary connection on the same IPC$ share, - secured with SPNEGO or NTLMSSP */ - ctx = dcerpc_secondary_auth_connection_send(domain->netlogon_pipe, - domain->lsa_binding, - &ndr_table_lsarpc, - domain->libnet_ctx->cred, - domain->libnet_ctx->lp_ctx); - composite_continue(state->ctx, ctx, init_lsa_recv_pipe, state); - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void init_lsa_recv_pipe(struct composite_context *ctx) -{ - struct init_lsa_state *state = - talloc_get_type(ctx->async.private_data, - struct init_lsa_state); - struct tevent_req *subreq; - - state->ctx->status = dcerpc_secondary_auth_connection_recv(ctx, state, - &state->lsa_pipe); - if (!composite_is_ok(state->ctx)) return; - - state->handle = talloc(state, struct policy_handle); - if (composite_nomem(state->handle, state->ctx)) return; - - state->openpolicy.in.system_name = - talloc_asprintf(state, "\\\\%s", - dcerpc_server_name(state->lsa_pipe)); - ZERO_STRUCT(state->objectattr); - state->openpolicy.in.attr = &state->objectattr; - state->openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - state->openpolicy.out.handle = state->handle; - - subreq = dcerpc_lsa_OpenPolicy2_r_send(state, - state->ctx->event_ctx, - state->lsa_pipe->binding_handle, - &state->openpolicy); - if (composite_nomem(subreq, state->ctx)) return; - tevent_req_set_callback(subreq, init_lsa_recv_openpol, state); -} - -static void init_lsa_recv_openpol(struct tevent_req *subreq) -{ - struct init_lsa_state *state = - tevent_req_callback_data(subreq, - struct init_lsa_state); - - state->ctx->status = dcerpc_lsa_OpenPolicy2_r_recv(subreq, state); - TALLOC_FREE(subreq); - if (!composite_is_ok(state->ctx)) return; - state->ctx->status = state->openpolicy.out.result; - if (!composite_is_ok(state->ctx)) return; - - composite_done(state->ctx); -} - -NTSTATUS wb_init_lsa_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - struct dcerpc_pipe **lsa_pipe, - struct policy_handle **lsa_policy) -{ - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - struct init_lsa_state *state = - talloc_get_type(c->private_data, - struct init_lsa_state); - *lsa_pipe = talloc_steal(mem_ctx, state->lsa_pipe); - *lsa_policy = talloc_steal(mem_ctx, state->handle); - } - talloc_free(c); - return status; -} - diff --git a/source4/winbind/wb_connect_sam.c b/source4/winbind/wb_connect_sam.c deleted file mode 100644 index 67d4983754e..00000000000 --- a/source4/winbind/wb_connect_sam.c +++ /dev/null @@ -1,172 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Connect to the SAMR pipe, and return connection and domain handles. - - Copyright (C) Volker Lendecke 2005 - Copyright (C) Andrew Bartlett <abartlet@samba.org> 2007 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" - -#include "libcli/security/security.h" -#include "librpc/gen_ndr/ndr_samr_c.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - - -/* Helper to initialize SAMR with a specific auth methods. Verify by opening - * the SAM handle */ - -struct connect_samr_state { - struct composite_context *ctx; - struct dom_sid *sid; - - struct dcerpc_pipe *samr_pipe; - struct policy_handle *connect_handle; - struct policy_handle *domain_handle; - - struct samr_Connect2 c; - struct samr_OpenDomain o; -}; - -static void connect_samr_recv_pipe(struct composite_context *ctx); -static void connect_samr_recv_conn(struct tevent_req *subreq); -static void connect_samr_recv_open(struct tevent_req *subreq); - -struct composite_context *wb_connect_samr_send(TALLOC_CTX *mem_ctx, - struct wbsrv_domain *domain) -{ - struct composite_context *result, *ctx; - struct connect_samr_state *state; - - result = composite_create(mem_ctx, domain->service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct connect_samr_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - state->sid = dom_sid_dup(state, domain->info->sid); - if (state->sid == NULL) goto failed; - - /* this will make the secondary connection on the same IPC$ share, - secured with SPNEGO, NTLMSSP or SCHANNEL */ - ctx = dcerpc_secondary_auth_connection_send(domain->netlogon_pipe, - domain->samr_binding, - &ndr_table_samr, - domain->libnet_ctx->cred, - domain->libnet_ctx->lp_ctx); - composite_continue(state->ctx, ctx, connect_samr_recv_pipe, state); - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void connect_samr_recv_pipe(struct composite_context *ctx) -{ - struct connect_samr_state *state = - talloc_get_type(ctx->async.private_data, - struct connect_samr_state); - struct tevent_req *subreq; - - state->ctx->status = dcerpc_secondary_auth_connection_recv(ctx, state, - &state->samr_pipe); - if (!composite_is_ok(state->ctx)) return; - - state->connect_handle = talloc(state, struct policy_handle); - if (composite_nomem(state->connect_handle, state->ctx)) return; - - state->c.in.system_name = - talloc_asprintf(state, "\\\\%s", - dcerpc_server_name(state->samr_pipe)); - state->c.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - state->c.out.connect_handle = state->connect_handle; - - subreq = dcerpc_samr_Connect2_r_send(state, - state->ctx->event_ctx, - state->samr_pipe->binding_handle, - &state->c); - if (composite_nomem(subreq, state->ctx)) return; - tevent_req_set_callback(subreq, connect_samr_recv_conn, state); -} - -static void connect_samr_recv_conn(struct tevent_req *subreq) -{ - struct connect_samr_state *state = - tevent_req_callback_data(subreq, - struct connect_samr_state); - - state->ctx->status = dcerpc_samr_Connect2_r_recv(subreq, state); - TALLOC_FREE(subreq); - if (!composite_is_ok(state->ctx)) return; - state->ctx->status = state->c.out.result; - if (!composite_is_ok(state->ctx)) return; - - state->domain_handle = talloc(state, struct policy_handle); - if (composite_nomem(state->domain_handle, state->ctx)) return; - - state->o.in.connect_handle = state->connect_handle; - state->o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - state->o.in.sid = state->sid; - state->o.out.domain_handle = state->domain_handle; - - subreq = dcerpc_samr_OpenDomain_r_send(state, - state->ctx->event_ctx, - state->samr_pipe->binding_handle, - &state->o); - if (composite_nomem(subreq, state->ctx)) return; - tevent_req_set_callback(subreq, connect_samr_recv_open, state); -} - -static void connect_samr_recv_open(struct tevent_req *subreq) -{ - struct connect_samr_state *state = - tevent_req_callback_data(subreq, - struct connect_samr_state); - - state->ctx->status = dcerpc_samr_OpenDomain_r_recv(subreq, state); - TALLOC_FREE(subreq); - if (!composite_is_ok(state->ctx)) return; - state->ctx->status = state->o.out.result; - if (!composite_is_ok(state->ctx)) return; - - composite_done(state->ctx); -} - -NTSTATUS wb_connect_samr_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - struct dcerpc_pipe **samr_pipe, - struct policy_handle *connect_handle, - struct policy_handle *domain_handle) -{ - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - struct connect_samr_state *state = - talloc_get_type(c->private_data, - struct connect_samr_state); - *samr_pipe = talloc_steal(mem_ctx, state->samr_pipe); - *connect_handle = *state->connect_handle; - *domain_handle = *state->domain_handle; - } - talloc_free(c); - return status; -} - diff --git a/source4/winbind/wb_dom_info.c b/source4/winbind/wb_dom_info.c deleted file mode 100644 index 8c08c73a8f2..00000000000 --- a/source4/winbind/wb_dom_info.c +++ /dev/null @@ -1,164 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Get a struct wb_dom_info for a domain using DNS, netbios, possibly cldap - etc. - - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "libcli/resolve/resolve.h" -#include "libcli/security/security.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "libcli/finddc.h" -#include "lib/socket/netif.h" -#include "param/param.h" - -struct get_dom_info_state { - struct composite_context *ctx; - struct wb_dom_info *info; -}; - -static void get_dom_info_recv_addrs(struct tevent_req *req); - -struct composite_context *wb_get_dom_info_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const char *domain_name, - const char *dns_domain_name, - const struct dom_sid *sid) -{ - struct composite_context *result; - struct tevent_req *req; - struct get_dom_info_state *state; - struct dom_sid *dom_sid; - struct finddcs finddcs_io; - - DEBUG(5, ("wb_get_dom_info_send called\n")); - result = composite_create(mem_ctx, service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct get_dom_info_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - state->info = talloc_zero(state, struct wb_dom_info); - if (state->info == NULL) goto failed; - - state->info->name = talloc_strdup(state->info, domain_name); - if (state->info->name == NULL) goto failed; - - state->info->sid = dom_sid_dup(state->info, sid); - if (state->info->sid == NULL) goto failed; - - if (dom_sid_equal(sid, &global_sid_Builtin) || - ((lpcfg_server_role(service->task->lp_ctx) != ROLE_DOMAIN_MEMBER) && - dom_sid_equal(sid, service->primary_sid) && - service->sec_channel_type != SEC_CHAN_RODC)) { - struct interface *ifaces = NULL; - - load_interface_list(state, service->task->lp_ctx, &ifaces); - - state->info->dc = talloc(state->info, struct nbt_dc_name); - - state->info->dc->address = talloc_strdup(state->info->dc, - iface_list_n_ip(ifaces, 0)); - state->info->dc->name = talloc_strdup(state->info->dc, - lpcfg_netbios_name(service->task->lp_ctx)); - - composite_done(state->ctx); - return result; - } - - dom_sid = dom_sid_dup(mem_ctx, sid); - if (dom_sid == NULL) goto failed; - - ZERO_STRUCT(finddcs_io); - finddcs_io.in.domain_name = dns_domain_name; - finddcs_io.in.domain_sid = dom_sid; - finddcs_io.in.minimum_dc_flags = NBT_SERVER_LDAP | NBT_SERVER_DS; - if (service->sec_channel_type == SEC_CHAN_RODC) { - finddcs_io.in.minimum_dc_flags |= NBT_SERVER_WRITABLE; - } - - req = finddcs_cldap_send(mem_ctx, &finddcs_io, - lpcfg_resolve_context(service->task->lp_ctx), - service->task->event_ctx); - if (req == NULL) goto failed; - - tevent_req_set_callback(req, get_dom_info_recv_addrs, state); - - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void get_dom_info_recv_addrs(struct tevent_req *req) -{ - struct get_dom_info_state *state = tevent_req_callback_data(req, struct get_dom_info_state); - struct finddcs finddcs_io; - - state->info->dc = talloc(state->info, struct nbt_dc_name); - - state->ctx->status = finddcs_cldap_recv(req, state->info, &finddcs_io); - if (!composite_is_ok(state->ctx)) return; - - if (finddcs_io.out.netlogon.ntver != NETLOGON_NT_VERSION_5EX) { - /* the finddcs code should have mapped the response to - the type we want */ - DEBUG(0,(__location__ ": unexpected ntver 0x%08x in finddcs response\n", - finddcs_io.out.netlogon.ntver)); - state->ctx->status = NT_STATUS_UNEXPECTED_NETWORK_ERROR; - if (!composite_is_ok(state->ctx)) return; - } - - state->info->dc->address = finddcs_io.out.address; - state->info->dc->name = finddcs_io.out.netlogon.data.nt5_ex.pdc_dns_name; - - composite_done(state->ctx); -} - -NTSTATUS wb_get_dom_info_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, - struct wb_dom_info **result) -{ - NTSTATUS status = composite_wait(ctx); - if (NT_STATUS_IS_OK(status)) { - struct get_dom_info_state *state = - talloc_get_type(ctx->private_data, - struct get_dom_info_state); - *result = talloc_steal(mem_ctx, state->info); - } - talloc_free(ctx); - return status; -} - -NTSTATUS wb_get_dom_info(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const char *domain_name, - const char *dns_domain_name, - const struct dom_sid *sid, - struct wb_dom_info **result) -{ - struct composite_context *ctx = - wb_get_dom_info_send(mem_ctx, service, domain_name, dns_domain_name, sid); - return wb_get_dom_info_recv(ctx, mem_ctx, result); -} diff --git a/source4/winbind/wb_dom_info_trusted.c b/source4/winbind/wb_dom_info_trusted.c deleted file mode 100644 index af887c854c7..00000000000 --- a/source4/winbind/wb_dom_info_trusted.c +++ /dev/null @@ -1,244 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Get a struct wb_dom_info for a trusted domain, relying on "our" DC. - - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "libcli/resolve/resolve.h" -#include "libcli/security/security.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "librpc/gen_ndr/ndr_netlogon_c.h" -#include "libcli/libcli.h" - -struct trusted_dom_info_state { - struct composite_context *ctx; - struct wbsrv_service *service; - struct wbsrv_domain *my_domain; - - struct netr_DsRGetDCName d; - struct netr_GetAnyDCName g; - - struct wb_dom_info *info; -}; - -static void trusted_dom_info_recv_domain(struct composite_context *ctx); -static void trusted_dom_info_recv_dsr(struct tevent_req *subreq); -static void trusted_dom_info_recv_dcname(struct tevent_req *subreq); -static void trusted_dom_info_recv_dcaddr(struct composite_context *ctx); - -struct composite_context *wb_trusted_dom_info_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const char *domain_name, - const struct dom_sid *sid) -{ - struct composite_context *result, *ctx; - struct trusted_dom_info_state *state; - - result = composite_create(mem_ctx, service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct trusted_dom_info_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - state->info = talloc_zero(state, struct wb_dom_info); - if (state->info == NULL) goto failed; - - state->service = service; - - state->info->sid = dom_sid_dup(state->info, sid); - if (state->info->sid == NULL) goto failed; - - state->info->name = talloc_strdup(state->info, domain_name); - if (state->info->name == NULL) goto failed; - - ctx = wb_sid2domain_send(state, service, service->primary_sid); - if (ctx == NULL) goto failed; - - ctx->async.fn = trusted_dom_info_recv_domain; - ctx->async.private_data = state; - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void trusted_dom_info_recv_domain(struct composite_context *ctx) -{ - struct trusted_dom_info_state *state = - talloc_get_type(ctx->async.private_data, - struct trusted_dom_info_state); - struct tevent_req *subreq; - - state->ctx->status = wb_sid2domain_recv(ctx, &state->my_domain); - if (!composite_is_ok(state->ctx)) return; - - state->d.in.server_unc = - talloc_asprintf(state, "\\\\%s", - dcerpc_server_name(state->my_domain->netlogon_pipe)); - if (composite_nomem(state->d.in.server_unc, - state->ctx)) return; - - state->d.in.domain_name = state->info->name; - state->d.in.domain_guid = NULL; - state->d.in.site_guid = NULL; - state->d.in.flags = DS_RETURN_DNS_NAME; - state->d.out.info = talloc(state, struct netr_DsRGetDCNameInfo *); - if (composite_nomem(state->d.out.info, state->ctx)) return; - - subreq = dcerpc_netr_DsRGetDCName_r_send(state, - state->ctx->event_ctx, - state->my_domain->netlogon_pipe->binding_handle, - &state->d); - if (composite_nomem(subreq, state->ctx)) return; - tevent_req_set_callback(subreq, trusted_dom_info_recv_dsr, state); -} - -/* - * dcerpc_netr_DsRGetDCName has replied - */ - -static void trusted_dom_info_recv_dsr(struct tevent_req *subreq) -{ - struct trusted_dom_info_state *state = - tevent_req_callback_data(subreq, - struct trusted_dom_info_state); - - state->ctx->status = dcerpc_netr_DsRGetDCName_r_recv(subreq, state); - TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(state->ctx->status)) { - DEBUG(9, ("dcerpc_netr_DsRGetDCName_recv returned %s\n", - nt_errstr(state->ctx->status))); - goto fallback; - } - - state->ctx->status = - werror_to_ntstatus(state->d.out.result); - if (!NT_STATUS_IS_OK(state->ctx->status)) { - DEBUG(9, ("dsrgetdcname returned %s\n", - nt_errstr(state->ctx->status))); - goto fallback; - } - - /* Hey, that was easy! */ - state->info->dc = talloc(state->info, struct nbt_dc_name); - state->info->dc->name = talloc_steal(state->info, - (*state->d.out.info)->dc_unc); - if (*state->info->dc->name == '\\') state->info->dc->name++; - if (*state->info->dc->name == '\\') state->info->dc->name++; - - state->info->dc->address = talloc_steal(state->info, - (*state->d.out.info)->dc_address); - if (*state->info->dc->address == '\\') state->info->dc->address++; - if (*state->info->dc->address == '\\') state->info->dc->address++; - - state->info->dns_name = talloc_steal(state->info, - (*state->d.out.info)->domain_name); - - composite_done(state->ctx); - return; - - fallback: - - state->g.in.logon_server = talloc_asprintf( - state, "\\\\%s", - dcerpc_server_name(state->my_domain->netlogon_pipe)); - state->g.in.domainname = state->info->name; - state->g.out.dcname = talloc(state, const char *); - - subreq = dcerpc_netr_GetAnyDCName_r_send(state, - state->ctx->event_ctx, - state->my_domain->netlogon_pipe->binding_handle, - &state->g); - if (composite_nomem(subreq, state->ctx)) return; - - tevent_req_set_callback(subreq, trusted_dom_info_recv_dcname, state); -} - -static void trusted_dom_info_recv_dcname(struct tevent_req *subreq) -{ - struct trusted_dom_info_state *state = - tevent_req_callback_data(subreq, - struct trusted_dom_info_state); - struct composite_context *ctx; - struct nbt_name name; - - state->ctx->status = dcerpc_netr_GetAnyDCName_r_recv(subreq, state); - TALLOC_FREE(subreq); - if (!composite_is_ok(state->ctx)) return; - state->ctx->status = werror_to_ntstatus(state->g.out.result); - if (!composite_is_ok(state->ctx)) return; - - /* Hey, that was easy! */ - state->info->dc = talloc(state->info, struct nbt_dc_name); - state->info->dc->name = talloc_steal(state->info, - *(state->g.out.dcname)); - if (*state->info->dc->name == '\\') state->info->dc->name++; - if (*state->info->dc->name == '\\') state->info->dc->name++; - - make_nbt_name(&name, state->info->dc->name, 0x20); - ctx = resolve_name_send(lpcfg_resolve_context(state->service->task->lp_ctx), state, - &name, state->service->task->event_ctx); - - composite_continue(state->ctx, ctx, trusted_dom_info_recv_dcaddr, - state); -} - -static void trusted_dom_info_recv_dcaddr(struct composite_context *ctx) -{ - struct trusted_dom_info_state *state = - talloc_get_type(ctx->async.private_data, - struct trusted_dom_info_state); - - state->ctx->status = resolve_name_recv(ctx, state->info, - &state->info->dc->address); - if (!composite_is_ok(state->ctx)) return; - - composite_done(state->ctx); -} - -NTSTATUS wb_trusted_dom_info_recv(struct composite_context *ctx, - TALLOC_CTX *mem_ctx, - struct wb_dom_info **result) -{ - NTSTATUS status = composite_wait(ctx); - if (NT_STATUS_IS_OK(status)) { - struct trusted_dom_info_state *state = - talloc_get_type(ctx->private_data, - struct trusted_dom_info_state); - *result = talloc_steal(mem_ctx, state->info); - } - talloc_free(ctx); - return status; -} - -NTSTATUS wb_trusted_dom_info(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const char *domain_name, - const struct dom_sid *sid, - struct wb_dom_info **result) -{ - struct composite_context *ctx = - wb_trusted_dom_info_send(mem_ctx, service, domain_name, sid); - return wb_trusted_dom_info_recv(ctx, mem_ctx, result); -} diff --git a/source4/winbind/wb_gid2sid.c b/source4/winbind/wb_gid2sid.c deleted file mode 100644 index 67a145e909d..00000000000 --- a/source4/winbind/wb_gid2sid.c +++ /dev/null @@ -1,100 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo -G - - Copyright (C) 2007-2008 Kai Blin - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -struct gid2sid_state { - struct composite_context *ctx; - struct wbsrv_service *service; - struct dom_sid *sid; -}; - -static void gid2sid_recv_sid(struct composite_context *ctx); - -struct composite_context *wb_gid2sid_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, gid_t gid) -{ - struct composite_context *result, *ctx; - struct gid2sid_state *state; - struct id_map *ids; - - DEBUG(5, ("wb_gid2sid_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct gid2sid_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - - ids = talloc(result, struct id_map); - if (composite_nomem(ids, result)) return result; - ids->xid.id = gid; - ids->xid.type = ID_TYPE_GID; - ids->sid = NULL; - - ctx = wb_xids2sids_send(result, service, 1, ids); - if (composite_nomem(ctx, result)) return result; - - composite_continue(result, ctx, gid2sid_recv_sid, state); - return result; -} - -static void gid2sid_recv_sid(struct composite_context *ctx) -{ - struct gid2sid_state *state = talloc_get_type(ctx->async.private_data, - struct gid2sid_state); - struct id_map *ids = NULL; - state->ctx->status = wb_xids2sids_recv(ctx, &ids); - if (!composite_is_ok(state->ctx)) return; - - if (ids->status != ID_MAPPED) { - composite_error(state->ctx, NT_STATUS_UNSUCCESSFUL); - return; - } - - state->sid = ids->sid; - composite_done(state->ctx); -} - -NTSTATUS wb_gid2sid_recv(struct composite_context *ctx, TALLOC_CTX *mem_ctx, - struct dom_sid **sid) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_gid2sid_recv called.\n")); - - if (NT_STATUS_IS_OK(status)) { - struct gid2sid_state *state = - talloc_get_type(ctx->private_data, - struct gid2sid_state); - *sid = talloc_steal(mem_ctx, state->sid); - } - talloc_free(ctx); - return status; -} - diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c deleted file mode 100644 index e768c48c1ec..00000000000 --- a/source4/winbind/wb_init_domain.c +++ /dev/null @@ -1,485 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - A composite API for initializing a domain - - Copyright (C) Volker Lendecke 2005 - Copyright (C) Andrew Bartlett <abartlet@samba.org> 2007 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "librpc/gen_ndr/ndr_netlogon.h" -#include "librpc/gen_ndr/ndr_lsa_c.h" -#include "librpc/gen_ndr/ndr_samr_c.h" -#include "libcli/libcli.h" - -#include "libcli/security/security.h" - - -#include "auth/credentials/credentials.h" -#include "param/param.h" - -/* - * Initialize a domain: - * - * - With schannel credentials, try to open the SMB connection and - * NETLOGON pipe with the machine creds. This works against W2k3SP1 - * with an NTLMSSP session setup. Fall back to anonymous (for the CIFS level). - * - * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon - * pipe. - * - * - Open LSA. If we have machine creds, try to open with SPNEGO or NTLMSSP. Fall back - * to schannel. - * - * - With queryinfopolicy, verify that we're talking to the right domain - * - * A bit complex, but with all the combinations I think it's the best we can - * get. NT4, W2k3 and W2k all have different combinations, but in the end we - * have a signed&sealed lsa connection on all of them. - * - * Not sure if it is overkill, but it seems to work. - */ - -struct init_domain_state { - struct composite_context *ctx; - struct wbsrv_domain *domain; - struct wbsrv_service *service; - - struct lsa_ObjectAttribute objectattr; - struct lsa_OpenPolicy2 lsa_openpolicy; - struct lsa_QueryInfoPolicy queryinfo; - union lsa_PolicyInformation *info; -}; - -static void init_domain_recv_netlogonpipe(struct composite_context *ctx); -static void init_domain_recv_lsa_pipe(struct composite_context *ctx); -static void init_domain_recv_lsa_policy(struct tevent_req *subreq); -static void init_domain_recv_queryinfo(struct tevent_req *subreq); -static void init_domain_recv_samr(struct composite_context *ctx); - -static struct dcerpc_binding *init_domain_binding(struct init_domain_state *state, - const struct ndr_interface_table *table) -{ - struct dcerpc_binding *binding; - enum dcerpc_transport_t transport; - char *s; - NTSTATUS status; - - /* Make a binding string */ - if ((lpcfg_server_role(state->service->task->lp_ctx) != ROLE_DOMAIN_MEMBER) && - dom_sid_equal(state->domain->info->sid, state->service->primary_sid) && - state->service->sec_channel_type != SEC_CHAN_RODC) { - s = talloc_asprintf(state, "ncalrpc:%s[target_hostname=%s]", - state->domain->dc_address, - state->domain->dc_name); - if (s == NULL) return NULL; - } else { - s = talloc_asprintf(state, "ncacn_np:%s[target_hostname=%s]", - state->domain->dc_address, - state->domain->dc_name); - if (s == NULL) return NULL; - - } - status = dcerpc_parse_binding(state, s, &binding); - talloc_free(s); - if (!NT_STATUS_IS_OK(status)) { - return NULL; - } - - transport = dcerpc_binding_get_transport(binding); - if (transport == NCALRPC) { - return binding; - } - - /* This shouldn't make a network call, as the mappings for named pipes are well known */ - status = dcerpc_epm_map_binding(binding, binding, table, state->service->task->event_ctx, - state->service->task->lp_ctx); - if (!NT_STATUS_IS_OK(status)) { - return NULL; - } - - return binding; -} - -struct composite_context *wb_init_domain_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - struct wb_dom_info *dom_info) -{ - struct composite_context *result, *ctx; - struct init_domain_state *state; - - result = composite_create(mem_ctx, service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc_zero(result, struct init_domain_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - state->service = service; - - state->domain = talloc(state, struct wbsrv_domain); - if (state->domain == NULL) goto failed; - - state->domain->service = service; - - state->domain->info = talloc_reference(state->domain, dom_info); - if (state->domain->info == NULL) goto failed; - - state->domain->dc_name = dom_info->dc->name; - state->domain->dc_address = dom_info->dc->address; - - state->domain->libnet_ctx = libnet_context_init(service->task->event_ctx, - service->task->lp_ctx); - if (state->domain->libnet_ctx == NULL) goto failed; - talloc_steal(state->domain, state->domain->libnet_ctx); - - /* Create a credentials structure */ - state->domain->libnet_ctx->cred = cli_credentials_init(state->domain); - if (state->domain->libnet_ctx->cred == NULL) goto failed; - - cli_credentials_set_conf(state->domain->libnet_ctx->cred, service->task->lp_ctx); - - /* Connect the machine account to the credentials */ - state->ctx->status = - cli_credentials_set_machine_account(state->domain->libnet_ctx->cred, state->domain->libnet_ctx->lp_ctx); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed; - - state->domain->netlogon_binding = init_domain_binding(state, &ndr_table_netlogon); - - state->domain->netlogon_pipe = NULL; - - state->domain->netlogon_queue = tevent_queue_create(state->domain, - "netlogon_queue"); - if (state->domain->netlogon_queue == NULL) goto failed; - - /* We start the queue when the connection is usable */ - tevent_queue_stop(state->domain->netlogon_queue); - - if ((!cli_credentials_is_anonymous(state->domain->libnet_ctx->cred)) && - ((lpcfg_server_role(service->task->lp_ctx) == ROLE_DOMAIN_MEMBER) || - (lpcfg_server_role(service->task->lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC)) && - (dom_sid_equal(state->domain->info->sid, - state->service->primary_sid))) { - uint32_t flags = DCERPC_SCHANNEL | DCERPC_SCHANNEL_AUTO; - - /* For debugging, it can be a real pain if all the traffic is encrypted */ - if (lpcfg_winbind_sealed_pipes(service->task->lp_ctx)) { - flags |= DCERPC_SIGN | DCERPC_SEAL; - } else { - flags |= DCERPC_SIGN; - } - state->ctx->status = dcerpc_binding_set_flags(state->domain->netlogon_binding, - flags, 0); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed; - } - - /* No encryption on anonymous pipes */ - - ctx = dcerpc_pipe_connect_b_send(state, state->domain->netlogon_binding, - &ndr_table_netlogon, - state->domain->libnet_ctx->cred, - service->task->event_ctx, - service->task->lp_ctx); - - if (composite_nomem(ctx, state->ctx)) { - goto failed; - } - - composite_continue(state->ctx, ctx, init_domain_recv_netlogonpipe, - state); - return result; - failed: - talloc_free(result); - return NULL; -} - -/* Having make a netlogon connection (possibly secured with schannel), - * make an LSA connection to the same DC, on the same IPC$ share */ -static void init_domain_recv_netlogonpipe(struct composite_context *ctx) -{ - struct init_domain_state *state = - talloc_get_type(ctx->async.private_data, - struct init_domain_state); - uint32_t flags; - - state->ctx->status = dcerpc_pipe_connect_b_recv(ctx, state->domain, - &state->domain->netlogon_pipe); - - if (!composite_is_ok(state->ctx)) { - return; - } - talloc_reparent(state, state->domain->netlogon_pipe, state->domain->netlogon_binding); - - /* the netlogon connection is ready */ - tevent_queue_start(state->domain->netlogon_queue); - - state->domain->lsa_binding = init_domain_binding(state, &ndr_table_lsarpc); - - /* For debugging, it can be a real pain if all the traffic is encrypted */ - if (lpcfg_winbind_sealed_pipes(state->service->task->lp_ctx)) { - flags = DCERPC_SIGN | DCERPC_SEAL; - } else { - flags = DCERPC_SIGN; - } - state->ctx->status = dcerpc_binding_set_flags(state->domain->lsa_binding, - flags, 0); - if (!composite_is_ok(state->ctx)) { - return; - } - - state->domain->libnet_ctx->lsa.pipe = NULL; - state->domain->libnet_ctx->lsa.lsa_handle = NULL; - - /* this will make the secondary connection on the same IPC$ share, - secured with SPNEGO or NTLMSSP */ - ctx = dcerpc_secondary_auth_connection_send(state->domain->netlogon_pipe, - state->domain->lsa_binding, - &ndr_table_lsarpc, - state->domain->libnet_ctx->cred, - state->domain->libnet_ctx->lp_ctx - ); - composite_continue(state->ctx, ctx, init_domain_recv_lsa_pipe, state); -} - -static bool retry_with_schannel(struct init_domain_state *state, - struct dcerpc_binding *binding, - const struct ndr_interface_table *table, - void (*continuation)(struct composite_context *)) -{ - struct composite_context *ctx; - uint32_t nflags; - uint32_t bflags; - - state->ctx->status = NT_STATUS_OK; - - nflags = dcerpc_binding_get_flags(state->domain->netlogon_binding); - bflags = dcerpc_binding_get_flags(binding); - - if ((nflags & DCERPC_SCHANNEL) && !(bflags & DCERPC_SCHANNEL)) { - /* Opening a policy handle failed, perhaps it was - * because we don't get a 'wrong password' error on - * NTLMSSP binds */ - - /* Try again with schannel */ - bflags |= DCERPC_SCHANNEL | DCERPC_SCHANNEL_AUTO; - - state->ctx->status = dcerpc_binding_set_flags(binding, bflags, 0); - if (!composite_is_ok(state->ctx)) return true; - - /* Try again, likewise on the same IPC$ share, - secured with SCHANNEL */ - ctx = dcerpc_secondary_auth_connection_send(state->domain->netlogon_pipe, - binding, - table, - state->domain->libnet_ctx->cred, - state->domain->libnet_ctx->lp_ctx); - composite_continue(state->ctx, ctx, continuation, state); - return true; - } else { - return false; - } -} -/* We should now have either an authenticated LSA pipe, or an error. - * On success, open a policy handle - */ -static void init_domain_recv_lsa_pipe(struct composite_context *ctx) -{ - struct init_domain_state *state = - talloc_get_type(ctx->async.private_data, - struct init_domain_state); - struct tevent_req *subreq; - - state->ctx->status = dcerpc_secondary_auth_connection_recv(ctx, state->domain, - &state->domain->libnet_ctx->lsa.pipe); - if (NT_STATUS_EQUAL(state->ctx->status, NT_STATUS_LOGON_FAILURE)) { - if (retry_with_schannel(state, state->domain->lsa_binding, - &ndr_table_lsarpc, - init_domain_recv_lsa_pipe)) { - return; - } - } - if (!composite_is_ok(state->ctx)) return; - - talloc_steal(state->domain->libnet_ctx, state->domain->libnet_ctx->lsa.pipe); - talloc_reparent(state, state->domain->libnet_ctx->lsa.pipe, state->domain->lsa_binding); - state->domain->libnet_ctx->lsa.lsa_handle = - state->domain->libnet_ctx->lsa.pipe->binding_handle; - state->domain->libnet_ctx->lsa.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - state->domain->libnet_ctx->lsa.name = state->domain->info->name; - - ZERO_STRUCT(state->domain->libnet_ctx->lsa.handle); - state->lsa_openpolicy.in.system_name = - talloc_asprintf(state, "\\\\%s", - dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe)); - ZERO_STRUCT(state->objectattr); - state->lsa_openpolicy.in.attr = &state->objectattr; - state->lsa_openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - state->lsa_openpolicy.out.handle = &state->domain->libnet_ctx->lsa.handle; - - subreq = dcerpc_lsa_OpenPolicy2_r_send(state, - state->ctx->event_ctx, - state->domain->libnet_ctx->lsa.pipe->binding_handle, - &state->lsa_openpolicy); - if (composite_nomem(subreq, state->ctx)) return; - tevent_req_set_callback(subreq, init_domain_recv_lsa_policy, state); -} - -/* Receive a policy handle (or not, and retry the authentication) and - * obtain some basic information about the domain */ - -static void init_domain_recv_lsa_policy(struct tevent_req *subreq) -{ - struct init_domain_state *state = - tevent_req_callback_data(subreq, - struct init_domain_state); - - state->ctx->status = dcerpc_lsa_OpenPolicy2_r_recv(subreq, state); - TALLOC_FREE(subreq); - if ((!NT_STATUS_IS_OK(state->ctx->status) - || !NT_STATUS_IS_OK(state->lsa_openpolicy.out.result))) { - if (retry_with_schannel(state, state->domain->lsa_binding, - &ndr_table_lsarpc, - init_domain_recv_lsa_pipe)) { - return; - } - } - if (!composite_is_ok(state->ctx)) return; - state->ctx->status = state->lsa_openpolicy.out.result; - if (!composite_is_ok(state->ctx)) return; - - state->info = talloc_zero(state->ctx, union lsa_PolicyInformation); - if (composite_nomem(state->info, state->ctx)) return; - - state->queryinfo.in.handle = &state->domain->libnet_ctx->lsa.handle; - state->queryinfo.in.level = LSA_POLICY_INFO_ACCOUNT_DOMAIN; - state->queryinfo.out.info = &state->info; - - subreq = dcerpc_lsa_QueryInfoPolicy_r_send(state, - state->ctx->event_ctx, - state->domain->libnet_ctx->lsa.pipe->binding_handle, - &state->queryinfo); - if (composite_nomem(subreq, state->ctx)) return; - tevent_req_set_callback(subreq, init_domain_recv_queryinfo, state); -} - -static void init_domain_recv_queryinfo(struct tevent_req *subreq) -{ - struct init_domain_state *state = - tevent_req_callback_data(subreq, - struct init_domain_state); - struct lsa_DomainInfo *dominfo; - struct composite_context *ctx; - uint32_t lflags; - - state->ctx->status = dcerpc_lsa_QueryInfoPolicy_r_recv(subreq, state); - TALLOC_FREE(subreq); - if (!composite_is_ok(state->ctx)) return; - state->ctx->status = state->queryinfo.out.result; - if (!composite_is_ok(state->ctx)) return; - - if (!dom_sid_equal(state->domain->info->sid, &global_sid_Builtin)) { - dominfo = &(*state->queryinfo.out.info)->account_domain; - - if (strcasecmp(state->domain->info->name, dominfo->name.string) != 0) { - DEBUG(2, ("Expected domain name %s, DC %s said %s\n", - state->domain->info->name, - dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe), - dominfo->name.string)); - composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE); - return; - } - - if (!dom_sid_equal(state->domain->info->sid, dominfo->sid)) { - DEBUG(2, ("Expected domain sid %s, DC %s said %s\n", - dom_sid_string(state, state->domain->info->sid), - dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe), - dom_sid_string(state, dominfo->sid))); - composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE); - return; - } - } - - state->domain->samr_binding = init_domain_binding(state, &ndr_table_samr); - - /* We want to use the same flags as the LSA pipe did (so, if - * it needed schannel, then we need that here too) */ - lflags = dcerpc_binding_get_flags(state->domain->lsa_binding); - state->ctx->status = dcerpc_binding_set_flags(state->domain->samr_binding, - lflags, 0); - if (!composite_is_ok(state->ctx)) return; - - state->domain->libnet_ctx->samr.pipe = NULL; - state->domain->libnet_ctx->samr.samr_handle = NULL; - - ctx = wb_connect_samr_send(state, state->domain); - composite_continue(state->ctx, ctx, init_domain_recv_samr, state); -} - -/* Recv the SAMR details (SamrConnect and SamrOpenDomain handle) and - * open an LDAP connection */ -static void init_domain_recv_samr(struct composite_context *ctx) -{ - struct init_domain_state *state = - talloc_get_type(ctx->async.private_data, - struct init_domain_state); - - state->ctx->status = wb_connect_samr_recv( - ctx, state->domain, - &state->domain->libnet_ctx->samr.pipe, - &state->domain->libnet_ctx->samr.connect_handle, - &state->domain->libnet_ctx->samr.handle); - if (!composite_is_ok(state->ctx)) return; - - talloc_reparent(state, state->domain->libnet_ctx->samr.pipe, state->domain->samr_binding); - state->domain->libnet_ctx->samr.samr_handle = - state->domain->libnet_ctx->samr.pipe->binding_handle; - state->domain->libnet_ctx->samr.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - state->domain->libnet_ctx->samr.name = state->domain->info->name; - state->domain->libnet_ctx->samr.sid = dom_sid_dup( - state->domain->libnet_ctx, - state->domain->info->sid); - - composite_done(state->ctx); -} - -NTSTATUS wb_init_domain_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - struct wbsrv_domain **result) -{ - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - struct init_domain_state *state = - talloc_get_type(c->private_data, - struct init_domain_state); - *result = talloc_steal(mem_ctx, state->domain); - } - talloc_free(c); - return status; -} - -NTSTATUS wb_init_domain(TALLOC_CTX *mem_ctx, struct wbsrv_service *service, - struct wb_dom_info *dom_info, - struct wbsrv_domain **result) -{ - struct composite_context *c = - wb_init_domain_send(mem_ctx, service, dom_info); - return wb_init_domain_recv(c, mem_ctx, result); -} diff --git a/source4/winbind/wb_irpc.c b/source4/winbind/wb_irpc.c deleted file mode 100644 index 7a4ca69baa8..00000000000 --- a/source4/winbind/wb_irpc.c +++ /dev/null @@ -1,143 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Main winbindd irpc handlers - - Copyright (C) Stefan Metzmacher 2006 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "winbind/wb_server.h" -#include "lib/messaging/irpc.h" -#include "libcli/composite/composite.h" -#include "librpc/gen_ndr/ndr_winbind.h" -#include "smbd/service_task.h" - -struct wb_irpc_SamLogon_state { - struct irpc_message *msg; - struct winbind_SamLogon *req; -}; - -static void wb_irpc_SamLogon_callback(struct tevent_req *subreq); - -static NTSTATUS wb_irpc_SamLogon(struct irpc_message *msg, - struct winbind_SamLogon *req) -{ - struct wbsrv_service *service = talloc_get_type(msg->private_data, - struct wbsrv_service); - struct wb_irpc_SamLogon_state *s; - struct tevent_req *subreq; - - DEBUG(5, ("wb_irpc_SamLogon called\n")); - - s = talloc(msg, struct wb_irpc_SamLogon_state); - NT_STATUS_HAVE_NO_MEMORY(s); - - s->msg = msg; - s->req = req; - - subreq = wb_sam_logon_send(s, - service->task->event_ctx, - service, req); - NT_STATUS_HAVE_NO_MEMORY(subreq); - - tevent_req_set_callback(subreq, wb_irpc_SamLogon_callback, s); - - msg->defer_reply = true; - return NT_STATUS_OK; -} - -static void wb_irpc_SamLogon_callback(struct tevent_req *subreq) -{ - struct wb_irpc_SamLogon_state *s = - tevent_req_callback_data(subreq, - struct wb_irpc_SamLogon_state); - NTSTATUS status; - - DEBUG(5, ("wb_irpc_SamLogon_callback called\n")); - - status = wb_sam_logon_recv(subreq, s, s->req); - TALLOC_FREE(subreq); - - irpc_send_reply(s->msg, status); -} - -struct wb_irpc_DsrUpdateReadOnlyServerDnsRecords_state { - struct irpc_message *msg; - struct winbind_DsrUpdateReadOnlyServerDnsRecords *req; -}; - -static void wb_irpc_DsrUpdateReadOnlyServerDnsRecords_callback(struct tevent_req *subreq); - -static NTSTATUS wb_irpc_DsrUpdateReadOnlyServerDnsRecords(struct irpc_message *msg, - struct winbind_DsrUpdateReadOnlyServerDnsRecords *req) -{ - struct wbsrv_service *service = talloc_get_type(msg->private_data, - struct wbsrv_service); - struct wb_irpc_DsrUpdateReadOnlyServerDnsRecords_state *s; - struct tevent_req *subreq; - - DEBUG(5, ("wb_irpc_DsrUpdateReadOnlyServerDnsRecords called\n")); - - s = talloc(msg, struct wb_irpc_DsrUpdateReadOnlyServerDnsRecords_state); - NT_STATUS_HAVE_NO_MEMORY(s); - - s->msg = msg; - s->req = req; - - subreq = wb_update_rodc_dns_send(s, - service->task->event_ctx, - service, req); - NT_STATUS_HAVE_NO_MEMORY(subreq); - - tevent_req_set_callback(subreq, - wb_irpc_DsrUpdateReadOnlyServerDnsRecords_callback, - s); - - msg->defer_reply = true; - return NT_STATUS_OK; -} - -static void wb_irpc_DsrUpdateReadOnlyServerDnsRecords_callback(struct tevent_req *subreq) -{ - struct wb_irpc_DsrUpdateReadOnlyServerDnsRecords_state *s = - tevent_req_callback_data(subreq, - struct wb_irpc_DsrUpdateReadOnlyServerDnsRecords_state); - NTSTATUS status; - - DEBUG(5, ("wb_irpc_DsrUpdateReadOnlyServerDnsRecords_callback called\n")); - - status = wb_update_rodc_dns_recv(subreq, s, s->req); - TALLOC_FREE(subreq); - - irpc_send_reply(s->msg, status); -} - -NTSTATUS wbsrv_init_irpc(struct wbsrv_service *service) -{ - NTSTATUS status; - - irpc_add_name(service->task->msg_ctx, "winbind_server"); - - status = IRPC_REGISTER(service->task->msg_ctx, winbind, WINBIND_SAMLOGON, - wb_irpc_SamLogon, service); - NT_STATUS_NOT_OK_RETURN(status); - - status = IRPC_REGISTER(service->task->msg_ctx, winbind, WINBIND_DSRUPDATEREADONLYSERVERDNSRECORDS, - wb_irpc_DsrUpdateReadOnlyServerDnsRecords, service); - NT_STATUS_NOT_OK_RETURN(status); - - return NT_STATUS_OK; -} diff --git a/source4/winbind/wb_name2domain.c b/source4/winbind/wb_name2domain.c deleted file mode 100644 index 9da3d43ebcf..00000000000 --- a/source4/winbind/wb_name2domain.c +++ /dev/null @@ -1,120 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Find and init a domain struct for a name - - Copyright (C) Kai Blin 2007 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "winbind/wb_helper.h" - -struct name2domain_state { - struct composite_context *ctx; - struct wbsrv_service *service; - - struct wbsrv_domain *domain; -}; - -static void name2domain_recv_sid(struct composite_context *ctx); -static void name2domain_recv_domain(struct composite_context *ctx); - -struct composite_context *wb_name2domain_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, const char* name) -{ - struct composite_context *result, *ctx; - struct name2domain_state *state; - char *user_dom, *user_name; - bool ok; - - DEBUG(5, ("wb_name2domain_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct name2domain_state); - if (composite_nomem(state, result)) return result; - state->ctx = result; - result->private_data = state; - state->service = service; - - ok = wb_samba3_split_username(state, service->task->lp_ctx, name, &user_dom, &user_name); - if(!ok) { - composite_error(state->ctx, NT_STATUS_OBJECT_NAME_INVALID); - return result; - } - - ctx = wb_cmd_lookupname_send(state, service, user_dom, user_name); - if (composite_nomem(ctx, state->ctx)) return result; - - composite_continue(result, ctx, name2domain_recv_sid, state); - return result; -} - -static void name2domain_recv_sid(struct composite_context *ctx) -{ - struct name2domain_state *state = - talloc_get_type(ctx->async.private_data, - struct name2domain_state); - struct wb_sid_object *sid; - - DEBUG(5, ("name2domain_recv_sid called\n")); - - state->ctx->status = wb_cmd_lookupname_recv(ctx, state, &sid); - if(!composite_is_ok(state->ctx)) return; - - ctx = wb_sid2domain_send(state, state->service, sid->sid); - - composite_continue(state->ctx, ctx, name2domain_recv_domain, state); -} - -static void name2domain_recv_domain(struct composite_context *ctx) -{ - struct name2domain_state *state = - talloc_get_type(ctx->async.private_data, - struct name2domain_state); - struct wbsrv_domain *domain; - - DEBUG(5, ("name2domain_recv_domain called\n")); - - state->ctx->status = wb_sid2domain_recv(ctx, &domain); - if(!composite_is_ok(state->ctx)) return; - - state->domain = domain; - - composite_done(state->ctx); -} - -NTSTATUS wb_name2domain_recv(struct composite_context *ctx, - struct wbsrv_domain **result) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_name2domain_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct name2domain_state *state = - talloc_get_type(ctx->private_data, - struct name2domain_state); - *result = state->domain; - } - talloc_free(ctx); - return status; -} - diff --git a/source4/winbind/wb_pam_auth.c b/source4/winbind/wb_pam_auth.c deleted file mode 100644 index c84b51f4fe9..00000000000 --- a/source4/winbind/wb_pam_auth.c +++ /dev/null @@ -1,291 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Authenticate a user - - Copyright (C) Volker Lendecke 2005 - Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "auth/credentials/credentials.h" -#include "libcli/auth/libcli_auth.h" -#include "librpc/gen_ndr/ndr_netlogon.h" -#include "librpc/gen_ndr/winbind.h" -#include "param/param.h" - -/* Oh, there is so much to keep an eye on when authenticating a user. Oh my! */ -struct pam_auth_crap_state { - struct composite_context *ctx; - struct tevent_context *event_ctx; - struct loadparm_context *lp_ctx; - - struct winbind_SamLogon *req; - char *unix_username; - - struct netr_NetworkInfo ninfo; - struct netr_LogonSamLogon r; - - const char *user_name; - const char *domain_name; - - struct netr_UserSessionKey user_session_key; - struct netr_LMSessionKey lm_key; - DATA_BLOB info3; -}; - -/* - * NTLM authentication. -*/ - -static void pam_auth_crap_recv_logon(struct tevent_req *subreq); - -struct composite_context *wb_cmd_pam_auth_crap_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - uint32_t logon_parameters, - const char *domain, - const char *user, - const char *workstation, - DATA_BLOB chal, - DATA_BLOB nt_resp, - DATA_BLOB lm_resp) -{ - struct composite_context *result; - struct pam_auth_crap_state *state; - struct netr_NetworkInfo *ninfo; - DATA_BLOB tmp_nt_resp, tmp_lm_resp; - struct tevent_req *subreq; - - result = composite_create(mem_ctx, service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct pam_auth_crap_state); - if (state == NULL) goto failed; - state->ctx = result; - state->lp_ctx = service->task->lp_ctx; - result->private_data = state; - - state->req = talloc(state, struct winbind_SamLogon); - - state->req->in.logon_level = 2; - state->req->in.validation_level = 3; - ninfo = state->req->in.logon.network = talloc(state, struct netr_NetworkInfo); - if (ninfo == NULL) goto failed; - - ninfo->identity_info.account_name.string = talloc_strdup(state, user); - ninfo->identity_info.domain_name.string = talloc_strdup(state, domain); - ninfo->identity_info.parameter_control = logon_parameters; - ninfo->identity_info.logon_id_low = 0; - ninfo->identity_info.logon_id_high = 0; - ninfo->identity_info.workstation.string = talloc_strdup(state, workstation); - - SMB_ASSERT(chal.length == sizeof(ninfo->challenge)); - memcpy(ninfo->challenge, chal.data, - sizeof(ninfo->challenge)); - - tmp_nt_resp = data_blob_talloc(ninfo, nt_resp.data, nt_resp.length); - if ((nt_resp.data != NULL) && - (tmp_nt_resp.data == NULL)) goto failed; - - tmp_lm_resp = data_blob_talloc(ninfo, lm_resp.data, lm_resp.length); - if ((lm_resp.data != NULL) && - (tmp_lm_resp.data == NULL)) goto failed; - - ninfo->nt.length = tmp_nt_resp.length; - ninfo->nt.data = tmp_nt_resp.data; - ninfo->lm.length = tmp_lm_resp.length; - ninfo->lm.data = tmp_lm_resp.data; - - state->unix_username = NULL; - - subreq = wb_sam_logon_send(state, - service->task->event_ctx, - service, state->req); - if (subreq == NULL) goto failed; - tevent_req_set_callback(subreq, pam_auth_crap_recv_logon, state); - return result; - - failed: - talloc_free(result); - return NULL; -} - -/* - NTLM Authentication - - Send of a SamLogon request to authenticate a user. -*/ -static void pam_auth_crap_recv_logon(struct tevent_req *subreq) -{ - DATA_BLOB tmp_blob; - enum ndr_err_code ndr_err; - struct netr_SamBaseInfo *base; - struct pam_auth_crap_state *state = - tevent_req_callback_data(subreq, - struct pam_auth_crap_state); - - state->ctx->status = wb_sam_logon_recv(subreq, state, state->req); - TALLOC_FREE(subreq); - if (!composite_is_ok(state->ctx)) return; - - ndr_err = ndr_push_struct_blob( - &tmp_blob, state, state->req->out.validation.sam3, - (ndr_push_flags_fn_t)ndr_push_netr_SamInfo3); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - state->ctx->status = ndr_map_error2ntstatus(ndr_err); - if (!composite_is_ok(state->ctx)) return; - } - - /* The Samba3 protocol is a bit broken (due to non-IDL - * heritage, so for compatability we must add a non-zero 4 - * bytes to the info3 */ - state->info3 = data_blob_talloc(state, NULL, tmp_blob.length+4); - if (composite_nomem(state->info3.data, state->ctx)) return; - - SIVAL(state->info3.data, 0, 1); - memcpy(state->info3.data+4, tmp_blob.data, tmp_blob.length); - - base = &state->req->out.validation.sam3->base; - - state->user_session_key = base->key; - state->lm_key = base->LMSessKey; - - /* Give the caller the most accurate username possible. - * Assists where case sensitive comparisons may be done by our - * ntlm_auth callers */ - if (base->account_name.string) { - state->user_name = base->account_name.string; - talloc_steal(state, base->account_name.string); - } - if (base->logon_domain.string) { - state->domain_name = base->logon_domain.string; - talloc_steal(state, base->logon_domain.string); - } - - state->unix_username = talloc_asprintf(state, "%s%s%s", - state->domain_name, - lpcfg_winbind_separator(state->lp_ctx), - state->user_name); - if (composite_nomem(state->unix_username, state->ctx)) return; - - composite_done(state->ctx); -} - -/* Having received a NTLM authentication reply, parse out the useful - * reply data for the caller */ -NTSTATUS wb_cmd_pam_auth_crap_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - DATA_BLOB *info3, - struct netr_UserSessionKey *user_session_key, - struct netr_LMSessionKey *lm_key, - char **unix_username) -{ - struct pam_auth_crap_state *state = - talloc_get_type(c->private_data, struct pam_auth_crap_state); - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - info3->length = state->info3.length; - info3->data = talloc_steal(mem_ctx, state->info3.data); - *user_session_key = state->user_session_key; - *lm_key = state->lm_key; - *unix_username = talloc_steal(mem_ctx, state->unix_username); - } - talloc_free(state); - return status; -} - -/* Handle plaintext authentication, by encrypting the password and - * then sending via the NTLM calls */ - -struct composite_context *wb_cmd_pam_auth_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - struct cli_credentials *credentials) -{ - const char *workstation; - NTSTATUS status; - const char *user, *domain; - DATA_BLOB chal, nt_resp, lm_resp, names_blob; - int flags = CLI_CRED_NTLM_AUTH; - if (lpcfg_client_lanman_auth(service->task->lp_ctx)) { - flags |= CLI_CRED_LANMAN_AUTH; - } - - if (lpcfg_client_ntlmv2_auth(service->task->lp_ctx)) { - flags |= CLI_CRED_NTLMv2_AUTH; - } - - DEBUG(5, ("wbsrv_samba3_pam_auth called\n")); - - chal = data_blob_talloc(mem_ctx, NULL, 8); - if (!chal.data) { - return NULL; - } - generate_random_buffer(chal.data, chal.length); - cli_credentials_get_ntlm_username_domain(credentials, mem_ctx, - &user, &domain); - /* for best compatability with multiple vitual netbios names - * on the host, this should be generated from the - * cli_credentials associated with the machine account */ - workstation = cli_credentials_get_workstation(credentials); - - names_blob = NTLMv2_generate_names_blob( - mem_ctx, - cli_credentials_get_workstation(credentials), - cli_credentials_get_domain(credentials)); - - status = cli_credentials_get_ntlm_response( - credentials, mem_ctx, &flags, chal, names_blob, - &lm_resp, &nt_resp, NULL, NULL); - if (!NT_STATUS_IS_OK(status)) { - return NULL; - } - return wb_cmd_pam_auth_crap_send(mem_ctx, service, - MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT|MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT /* logon parameters */, - domain, user, workstation, - chal, nt_resp, lm_resp); -} - -NTSTATUS wb_cmd_pam_auth_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - DATA_BLOB *info3, - struct netr_UserSessionKey *user_session_key, - struct netr_LMSessionKey *lm_key, - char **unix_username) -{ - struct pam_auth_crap_state *state = - talloc_get_type(c->private_data, struct pam_auth_crap_state); - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - if (info3) { - info3->length = state->info3.length; - info3->data = talloc_steal(mem_ctx, state->info3.data); - } - if (user_session_key) { - *user_session_key = state->user_session_key; - } - if (lm_key) { - *lm_key = state->lm_key; - } - if (unix_username) { - *unix_username = talloc_steal(mem_ctx, state->unix_username); - } - } - talloc_free(state); - return status; -} diff --git a/source4/winbind/wb_sam_logon.c b/source4/winbind/wb_sam_logon.c deleted file mode 100644 index e940082791e..00000000000 --- a/source4/winbind/wb_sam_logon.c +++ /dev/null @@ -1,243 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Do a netr_LogonSamLogon to a remote DC - - Copyright (C) Volker Lendecke 2005 - Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005 - Copyright (C) Stefan Metzmacher 2006 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include <tevent.h> -#include "../lib/util/tevent_ntstatus.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "auth/credentials/credentials.h" -#include "libcli/auth/libcli_auth.h" -#include "librpc/gen_ndr/ndr_netlogon_c.h" -#include "librpc/gen_ndr/winbind.h" - -struct wb_sam_logon_state { - struct tevent_context *ev; - - struct winbind_SamLogon *req; - - struct wbsrv_domain *domain; - struct tevent_queue_entry *queue_entry; - struct netlogon_creds_CredentialState *creds_state; - struct netr_Authenticator auth1, auth2; - - TALLOC_CTX *r_mem_ctx; - struct netr_LogonSamLogon r; -}; - -static void wb_sam_logon_recv_domain(struct composite_context *ctx); -static void wb_sam_logon_queue_trigger(struct tevent_req *req, void *priv); -static void wb_sam_logon_recv_samlogon(struct tevent_req *subreq); - -/* - Find the connection to the DC (or find an existing connection) -*/ -struct tevent_req *wb_sam_logon_send(TALLOC_CTX *mem_ctx, - struct tevent_context *ev, - struct wbsrv_service *service, - struct winbind_SamLogon *_req) -{ - struct tevent_req *req; - struct wb_sam_logon_state *state; - struct composite_context *csubreq; - - req = tevent_req_create(mem_ctx, &state, - struct wb_sam_logon_state); - if (req == NULL) { - return NULL; - } - state->ev = ev; - state->req = _req; - - csubreq = wb_sid2domain_send(state, service, service->primary_sid); - if (tevent_req_nomem(csubreq, req)) { - return tevent_req_post(req, ev); - } - csubreq->async.fn = wb_sam_logon_recv_domain; - csubreq->async.private_data = req; - - return req; -} - -/* - Having finished making the connection to the DC - Send of a SamLogon request to authenticate a user. -*/ -static void wb_sam_logon_recv_domain(struct composite_context *csubreq) -{ - struct tevent_req *req = - talloc_get_type_abort(csubreq->async.private_data, - struct tevent_req); - struct wb_sam_logon_state *state = - tevent_req_data(req, - struct wb_sam_logon_state); - NTSTATUS status; - struct tevent_queue_entry *e; - - status = wb_sid2domain_recv(csubreq, &state->domain); - if (tevent_req_nterror(req, status)) { - return; - } - - /* - * Because of the netlogon_creds behavior we have to - * queue the netr_LogonSamLogon() calls - */ - e = tevent_queue_add_entry(state->domain->netlogon_queue, - state->ev, - req, - wb_sam_logon_queue_trigger, - NULL); - state->queue_entry = e; -} - -static void wb_sam_logon_queue_trigger(struct tevent_req *req, void *priv) -{ - struct wb_sam_logon_state *state = - tevent_req_data(req, - struct wb_sam_logon_state); - struct wbsrv_domain *domain = state->domain; - struct tevent_req *subreq; - - state->creds_state = cli_credentials_get_netlogon_creds(domain->libnet_ctx->cred); - netlogon_creds_client_authenticator(state->creds_state, &state->auth1); - - state->r.in.server_name = talloc_asprintf(state, "\\\\%s", - dcerpc_server_name(domain->netlogon_pipe)); - if (tevent_req_nomem(state->r.in.server_name, req)) { - return; - } - - state->r.in.computer_name = cli_credentials_get_workstation(domain->libnet_ctx->cred); - state->r.in.credential = &state->auth1; - state->r.in.return_authenticator = &state->auth2; - state->r.in.logon_level = state->req->in.logon_level; - state->r.in.logon = &state->req->in.logon; - state->r.in.validation_level = state->req->in.validation_level; - state->r.out.return_authenticator = NULL; - state->r.out.validation = talloc(state, union netr_Validation); - if (tevent_req_nomem(state->r.out.validation, req)) { - return; - } - state->r.out.authoritative = talloc(state, uint8_t); - if (tevent_req_nomem(state->r.out.authoritative, req)) { - return; - } - - /* - * use a new talloc context for the LogonSamLogon call - * because then we can just to a talloc_steal on this context - * in the final _recv() function to give the caller all the content of - * the state->r.out.validation - */ - state->r_mem_ctx = talloc_new(state); - if (tevent_req_nomem(state->r_mem_ctx, req)) { - return; - } - - subreq = dcerpc_netr_LogonSamLogon_r_send(state, - state->ev, - domain->netlogon_pipe->binding_handle, - &state->r); - if (tevent_req_nomem(subreq, req)) { - return; - } - tevent_req_set_callback(subreq, wb_sam_logon_recv_samlogon, req); -} - -/* - NTLM Authentication - - Check the SamLogon reply and decrypt the session keys -*/ -static void wb_sam_logon_recv_samlogon(struct tevent_req *subreq) -{ - struct tevent_req *req = - tevent_req_callback_data(subreq, - struct tevent_req); - struct wb_sam_logon_state *state = - tevent_req_data(req, - struct wb_sam_logon_state); - NTSTATUS status; - bool ok; - - status = dcerpc_netr_LogonSamLogon_r_recv(subreq, state->r_mem_ctx); - TALLOC_FREE(subreq); - if (tevent_req_nterror(req, status)) { - return; - } - - if (tevent_req_nterror(req, state->r.out.result)) { - return; - } - - if (state->r.out.return_authenticator == NULL) { - tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED); - return; - } - - ok = netlogon_creds_client_check(state->creds_state, - &state->r.out.return_authenticator->cred); - if (!ok) { - DEBUG(0, ("Credentials check failed!\n")); - tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED); - return; - } - - /* Decrypt the session keys before we reform the info3, so the - * person on the other end of winbindd pipe doesn't have to. - * They won't have the encryption key anyway */ - netlogon_creds_decrypt_samlogon_validation(state->creds_state, - state->r.in.validation_level, - state->r.out.validation); - - /* - * we do not need the netlogon_creds lock anymore - */ - TALLOC_FREE(state->queue_entry); - - tevent_req_done(req); -} - -NTSTATUS wb_sam_logon_recv(struct tevent_req *req, - TALLOC_CTX *mem_ctx, - struct winbind_SamLogon *_req) -{ - struct wb_sam_logon_state *state = - tevent_req_data(req, - struct wb_sam_logon_state); - NTSTATUS status; - - if (tevent_req_is_nterror(req, &status)) { - tevent_req_received(req); - return status; - } - - talloc_steal(mem_ctx, state->r_mem_ctx); - _req->out.validation = *state->r.out.validation; - _req->out.authoritative = 1; - - tevent_req_received(req); - return NT_STATUS_OK; -} diff --git a/source4/winbind/wb_samba3_cmd.c b/source4/winbind/wb_samba3_cmd.c deleted file mode 100644 index 4c4033df574..00000000000 --- a/source4/winbind/wb_samba3_cmd.c +++ /dev/null @@ -1,1619 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Main winbindd samba3 server routines - - Copyright (C) Stefan Metzmacher 2005 - Copyright (C) Volker Lendecke 2005 - Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005 - Copyright (C) Kai Blin 2009 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "winbind/wb_server.h" -#include "param/param.h" -#include "winbind/wb_helper.h" -#include "libcli/composite/composite.h" -#include "version.h" -#include "librpc/gen_ndr/ndr_netlogon.h" -#include "libcli/security/security.h" -#include "../libcli/auth/pam_errors.h" -#include "auth/credentials/credentials.h" -#include "smbd/service_task.h" - -/* - support the old Samba3 TXT form of the info3 - */ -static NTSTATUS wb_samba3_append_info3_as_txt(TALLOC_CTX *mem_ctx, - struct wbsrv_samba3_call *s3call, - DATA_BLOB info3b) -{ - struct netr_SamInfo3 *info3; - char *ex; - uint32_t i; - enum ndr_err_code ndr_err; - - info3 = talloc(mem_ctx, struct netr_SamInfo3); - NT_STATUS_HAVE_NO_MEMORY(info3); - - /* The Samba3 protocol has a redundant 4 bytes at the start */ - info3b.data += 4; - info3b.length -= 4; - - ndr_err = ndr_pull_struct_blob(&info3b, - mem_ctx, - info3, - (ndr_pull_flags_fn_t)ndr_pull_netr_SamInfo3); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return ndr_map_error2ntstatus(ndr_err); - } - - s3call->response->data.auth.info3.logon_time = - nt_time_to_unix(info3->base.logon_time); - s3call->response->data.auth.info3.logoff_time = - nt_time_to_unix(info3->base.logoff_time); - s3call->response->data.auth.info3.kickoff_time = - nt_time_to_unix(info3->base.kickoff_time); - s3call->response->data.auth.info3.pass_last_set_time = - nt_time_to_unix(info3->base.last_password_change); - s3call->response->data.auth.info3.pass_can_change_time = - nt_time_to_unix(info3->base.allow_password_change); - s3call->response->data.auth.info3.pass_must_change_time = - nt_time_to_unix(info3->base.force_password_change); - - s3call->response->data.auth.info3.logon_count = info3->base.logon_count; - s3call->response->data.auth.info3.bad_pw_count = info3->base.bad_password_count; - - s3call->response->data.auth.info3.user_rid = info3->base.rid; - s3call->response->data.auth.info3.group_rid = info3->base.primary_gid; - fstrcpy(s3call->response->data.auth.info3.dom_sid, dom_sid_string(mem_ctx, info3->base.domain_sid)); - - s3call->response->data.auth.info3.num_groups = info3->base.groups.count; - s3call->response->data.auth.info3.user_flgs = info3->base.user_flags; - - s3call->response->data.auth.info3.acct_flags = info3->base.acct_flags; - s3call->response->data.auth.info3.num_other_sids = info3->sidcount; - - fstrcpy(s3call->response->data.auth.info3.user_name, - info3->base.account_name.string); - fstrcpy(s3call->response->data.auth.info3.full_name, - info3->base.full_name.string); - fstrcpy(s3call->response->data.auth.info3.logon_script, - info3->base.logon_script.string); - fstrcpy(s3call->response->data.auth.info3.profile_path, - info3->base.profile_path.string); - fstrcpy(s3call->response->data.auth.info3.home_dir, - info3->base.home_directory.string); - fstrcpy(s3call->response->data.auth.info3.dir_drive, - info3->base.home_drive.string); - - fstrcpy(s3call->response->data.auth.info3.logon_srv, - info3->base.logon_server.string); - fstrcpy(s3call->response->data.auth.info3.logon_dom, - info3->base.logon_domain.string); - - ex = talloc_strdup(mem_ctx, ""); - NT_STATUS_HAVE_NO_MEMORY(ex); - - for (i=0; i < info3->base.groups.count; i++) { - ex = talloc_asprintf_append_buffer(ex, "0x%08X:0x%08X\n", - info3->base.groups.rids[i].rid, - info3->base.groups.rids[i].attributes); - NT_STATUS_HAVE_NO_MEMORY(ex); - } - - for (i=0; i < info3->sidcount; i++) { - char *sid; - - sid = dom_sid_string(mem_ctx, info3->sids[i].sid); - NT_STATUS_HAVE_NO_MEMORY(sid); - - ex = talloc_asprintf_append_buffer(ex, "%s:0x%08X\n", - sid, - info3->sids[i].attributes); - NT_STATUS_HAVE_NO_MEMORY(ex); - - talloc_free(sid); - } - - s3call->response->extra_data.data = ex; - s3call->response->length += talloc_get_size(ex); - - return NT_STATUS_OK; -} - -/* - Send off the reply to an async Samba3 query, handling filling in the PAM, NTSTATUS and string errors. -*/ - -static void wbsrv_samba3_async_auth_epilogue(NTSTATUS status, - struct wbsrv_samba3_call *s3call) -{ - struct winbindd_response *resp = s3call->response; - if (!NT_STATUS_IS_OK(status)) { - resp->result = WINBINDD_ERROR; - } else { - resp->result = WINBINDD_OK; - } - - WBSRV_SAMBA3_SET_STRING(resp->data.auth.nt_status_string, - nt_errstr(status)); - WBSRV_SAMBA3_SET_STRING(resp->data.auth.error_string, - get_friendly_nt_error_msg(status)); - - resp->data.auth.pam_error = nt_status_to_pam(status); - resp->data.auth.nt_status = NT_STATUS_V(status); - - wbsrv_samba3_send_reply(s3call); -} - -/* - Send of a generic reply to a Samba3 query -*/ - -static void wbsrv_samba3_async_epilogue(NTSTATUS status, - struct wbsrv_samba3_call *s3call) -{ - struct winbindd_response *resp = s3call->response; - if (NT_STATUS_IS_OK(status)) { - resp->result = WINBINDD_OK; - } else { - resp->result = WINBINDD_ERROR; - } - - wbsrv_samba3_send_reply(s3call); -} - -/* - Boilerplate commands, simple queries without network traffic -*/ - -NTSTATUS wbsrv_samba3_interface_version(struct wbsrv_samba3_call *s3call) -{ - DEBUG(3, ("request interface version (version = %d)\n", WINBIND_INTERFACE_VERSION)); - - s3call->response->result = WINBINDD_OK; - s3call->response->data.interface_version = WINBIND_INTERFACE_VERSION; - return NT_STATUS_OK; -} - -NTSTATUS wbsrv_samba3_info(struct wbsrv_samba3_call *s3call) -{ - s3call->response->result = WINBINDD_OK; - s3call->response->data.info.winbind_separator = *lpcfg_winbind_separator(s3call->wbconn->lp_ctx); - WBSRV_SAMBA3_SET_STRING(s3call->response->data.info.samba_version, - SAMBA_VERSION_STRING); - return NT_STATUS_OK; -} - -NTSTATUS wbsrv_samba3_domain_name(struct wbsrv_samba3_call *s3call) -{ - s3call->response->result = WINBINDD_OK; - WBSRV_SAMBA3_SET_STRING(s3call->response->data.domain_name, - lpcfg_workgroup(s3call->wbconn->lp_ctx)); - return NT_STATUS_OK; -} - -NTSTATUS wbsrv_samba3_netbios_name(struct wbsrv_samba3_call *s3call) -{ - s3call->response->result = WINBINDD_OK; - WBSRV_SAMBA3_SET_STRING(s3call->response->data.netbios_name, - lpcfg_netbios_name(s3call->wbconn->lp_ctx)); - return NT_STATUS_OK; -} - -NTSTATUS wbsrv_samba3_priv_pipe_dir(struct wbsrv_samba3_call *s3call) -{ - struct loadparm_context *lp_ctx = s3call->wbconn->listen_socket->service->task->lp_ctx; - const char *priv_socket_dir = lpcfg_winbindd_privileged_socket_directory(lp_ctx); - - s3call->response->result = WINBINDD_OK; - s3call->response->extra_data.data = discard_const(priv_socket_dir); - - s3call->response->length += strlen(priv_socket_dir) + 1; - return NT_STATUS_OK; -} - -NTSTATUS wbsrv_samba3_ping(struct wbsrv_samba3_call *s3call) -{ - s3call->response->result = WINBINDD_OK; - return NT_STATUS_OK; -} - -NTSTATUS wbsrv_samba3_domain_info(struct wbsrv_samba3_call *s3call) -{ - DEBUG(5, ("wbsrv_samba3_domain_info called, stub\n")); - s3call->response->result = WINBINDD_OK; - fstrcpy(s3call->response->data.domain_info.name, - s3call->request->domain_name); - fstrcpy(s3call->response->data.domain_info.alt_name, - s3call->request->domain_name); - fstrcpy(s3call->response->data.domain_info.sid, "S-1-2-3-4"); - s3call->response->data.domain_info.native_mode = false; - s3call->response->data.domain_info.active_directory = false; - s3call->response->data.domain_info.primary = false; - - return NT_STATUS_OK; -} - -/* Plaintext authentication - - This interface is used by ntlm_auth in it's 'basic' authentication - mode, as well as by pam_winbind to authenticate users where we are - given a plaintext password. -*/ - -static void check_machacc_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_check_machacc(struct wbsrv_samba3_call *s3call) -{ - NTSTATUS status; - struct cli_credentials *creds; - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - - /* Create a credentials structure */ - creds = cli_credentials_init(s3call); - if (creds == NULL) { - return NT_STATUS_NO_MEMORY; - } - - cli_credentials_set_conf(creds, service->task->lp_ctx); - - /* Connect the machine account to the credentials */ - status = cli_credentials_set_machine_account(creds, service->task->lp_ctx); - if (!NT_STATUS_IS_OK(status)) { - talloc_free(creds); - return status; - } - - ctx = wb_cmd_pam_auth_send(s3call, service, creds); - - if (!ctx) { - talloc_free(creds); - return NT_STATUS_NO_MEMORY; - } - - ctx->async.fn = check_machacc_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void check_machacc_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - - status = wb_cmd_pam_auth_recv(ctx, s3call, NULL, NULL, NULL, NULL); - - if (!NT_STATUS_IS_OK(status)) goto done; - - done: - wbsrv_samba3_async_auth_epilogue(status, s3call); -} - -/* - Find the name of a suitable domain controller, by query on the - netlogon pipe to the DC. -*/ - -static void getdcname_recv_dc(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_getdcname(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_getdcname called\n")); - - ctx = wb_cmd_getdcname_send(s3call, service, - s3call->request->domain_name); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = getdcname_recv_dc; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void getdcname_recv_dc(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - const char *dcname; - NTSTATUS status; - - status = wb_cmd_getdcname_recv(ctx, s3call, &dcname); - if (!NT_STATUS_IS_OK(status)) goto done; - - s3call->response->result = WINBINDD_OK; - WBSRV_SAMBA3_SET_STRING(s3call->response->data.dc_name, dcname); - - done: - wbsrv_samba3_async_epilogue(status, s3call); -} - -/* - Lookup a user's domain groups -*/ - -static void userdomgroups_recv_groups(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_userdomgroups(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct dom_sid *sid; - - DEBUG(5, ("wbsrv_samba3_userdomgroups called\n")); - - sid = dom_sid_parse_talloc(s3call, s3call->request->data.sid); - if (sid == NULL) { - DEBUG(5, ("Could not parse sid %s\n", - s3call->request->data.sid)); - return NT_STATUS_NO_MEMORY; - } - - ctx = wb_cmd_userdomgroups_send( - s3call, s3call->wbconn->listen_socket->service, sid); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = userdomgroups_recv_groups; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void userdomgroups_recv_groups(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - uint32_t i, num_sids; - struct dom_sid **sids; - char *sids_string; - NTSTATUS status; - - status = wb_cmd_userdomgroups_recv(ctx, s3call, &num_sids, &sids); - if (!NT_STATUS_IS_OK(status)) goto done; - - sids_string = talloc_strdup(s3call, ""); - if (sids_string == NULL) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - for (i=0; i<num_sids; i++) { - sids_string = talloc_asprintf_append_buffer( - sids_string, "%s\n", dom_sid_string(s3call, sids[i])); - } - - if (sids_string == NULL) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - s3call->response->result = WINBINDD_OK; - s3call->response->extra_data.data = sids_string; - s3call->response->length += strlen(sids_string)+1; - s3call->response->data.num_entries = num_sids; - - done: - wbsrv_samba3_async_epilogue(status, s3call); -} - -/* - Lookup the list of SIDs for a user -*/ -static void usersids_recv_sids(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_usersids(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct dom_sid *sid; - - DEBUG(5, ("wbsrv_samba3_usersids called\n")); - - sid = dom_sid_parse_talloc(s3call, s3call->request->data.sid); - if (sid == NULL) { - DEBUG(5, ("Could not parse sid %s\n", - s3call->request->data.sid)); - return NT_STATUS_NO_MEMORY; - } - - ctx = wb_cmd_usersids_send( - s3call, s3call->wbconn->listen_socket->service, sid); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = usersids_recv_sids; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void usersids_recv_sids(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - uint32_t i, num_sids; - struct dom_sid **sids; - char *sids_string; - NTSTATUS status; - - status = wb_cmd_usersids_recv(ctx, s3call, &num_sids, &sids); - if (!NT_STATUS_IS_OK(status)) goto done; - - sids_string = talloc_strdup(s3call, ""); - if (sids_string == NULL) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - for (i=0; i<num_sids; i++) { - sids_string = talloc_asprintf_append_buffer( - sids_string, "%s\n", dom_sid_string(s3call, sids[i])); - if (sids_string == NULL) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - } - - s3call->response->result = WINBINDD_OK; - s3call->response->extra_data.data = sids_string; - s3call->response->length += strlen(sids_string); - s3call->response->data.num_entries = num_sids; - - /* Hmmmm. Nasty protocol -- who invented the zeros between the - * SIDs? Hmmm. Could have been me -- vl */ - - while (*sids_string != '\0') { - if ((*sids_string) == '\n') { - *sids_string = '\0'; - } - sids_string += 1; - } - - done: - wbsrv_samba3_async_epilogue(status, s3call); -} - -/* - Lookup a DOMAIN\\user style name, and return a SID -*/ - -static void lookupname_recv_sid(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_lookupname(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_lookupname called\n")); - - ctx = wb_cmd_lookupname_send(s3call, service, - s3call->request->data.name.dom_name, - s3call->request->data.name.name); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - /* setup the callbacks */ - ctx->async.fn = lookupname_recv_sid; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void lookupname_recv_sid(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - struct wb_sid_object *sid; - NTSTATUS status; - - status = wb_cmd_lookupname_recv(ctx, s3call, &sid); - if (!NT_STATUS_IS_OK(status)) goto done; - - s3call->response->result = WINBINDD_OK; - s3call->response->data.sid.type = sid->type; - WBSRV_SAMBA3_SET_STRING(s3call->response->data.sid.sid, - dom_sid_string(s3call, sid->sid)); - - done: - wbsrv_samba3_async_epilogue(status, s3call); -} - -/* - Lookup a SID, and return a DOMAIN\\user style name -*/ - -static void lookupsid_recv_name(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_lookupsid(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - struct dom_sid *sid; - - DEBUG(5, ("wbsrv_samba3_lookupsid called\n")); - - sid = dom_sid_parse_talloc(s3call, s3call->request->data.sid); - if (sid == NULL) { - DEBUG(5, ("Could not parse sid %s\n", - s3call->request->data.sid)); - return NT_STATUS_NO_MEMORY; - } - - ctx = wb_cmd_lookupsid_send(s3call, service, sid); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - /* setup the callbacks */ - ctx->async.fn = lookupsid_recv_name; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void lookupsid_recv_name(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - struct wb_sid_object *sid; - NTSTATUS status; - - status = wb_cmd_lookupsid_recv(ctx, s3call, &sid); - if (!NT_STATUS_IS_OK(status)) goto done; - - s3call->response->result = WINBINDD_OK; - s3call->response->data.name.type = sid->type; - WBSRV_SAMBA3_SET_STRING(s3call->response->data.name.dom_name, - sid->domain); - WBSRV_SAMBA3_SET_STRING(s3call->response->data.name.name, sid->name); - - done: - wbsrv_samba3_async_epilogue(status, s3call); -} - -/* - This is a stub function in order to limit error message in the pam_winbind module -*/ -NTSTATUS wbsrv_samba3_pam_logoff(struct wbsrv_samba3_call *s3call) -{ - NTSTATUS status; - struct winbindd_response *resp = s3call->response; - - status = NT_STATUS_OK; - - DEBUG(5, ("wbsrv_samba3_pam_logoff called\n")); - DEBUG(10, ("Winbind logoff not implemented\n")); - resp->result = WINBINDD_OK; - - WBSRV_SAMBA3_SET_STRING(resp->data.auth.nt_status_string, - nt_errstr(status)); - WBSRV_SAMBA3_SET_STRING(resp->data.auth.error_string, - get_friendly_nt_error_msg(status)); - - resp->data.auth.pam_error = nt_status_to_pam(status); - resp->data.auth.nt_status = NT_STATUS_V(status); - DEBUG(5, ("wbsrv_samba3_pam_logoff called\n")); - - return NT_STATUS_OK; -} - -/* - Challenge-response authentication. This interface is used by - ntlm_auth and the smbd auth subsystem to pass NTLM authentication - requests along a common pipe to the domain controller. - - The return value (in the async reply) may include the 'info3' - (effectivly most things you would want to know about the user), or - the NT and LM session keys separated. -*/ - -static void pam_auth_crap_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_pam_auth_crap(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - DATA_BLOB chal, nt_resp, lm_resp; - - DEBUG(5, ("wbsrv_samba3_pam_auth_crap called\n")); - if (s3call->request->flags & WBFLAG_PAM_AUTH_PAC) { - DEBUG(3, ("PAC validation not supported in this winbind implementation\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - chal.data = s3call->request->data.auth_crap.chal; - chal.length = sizeof(s3call->request->data.auth_crap.chal); - nt_resp.data = (uint8_t *)s3call->request->data.auth_crap.nt_resp; - nt_resp.length = s3call->request->data.auth_crap.nt_resp_len; - lm_resp.data = (uint8_t *)s3call->request->data.auth_crap.lm_resp; - lm_resp.length = s3call->request->data.auth_crap.lm_resp_len; - - ctx = wb_cmd_pam_auth_crap_send( - s3call, service, - s3call->request->data.auth_crap.logon_parameters, - s3call->request->data.auth_crap.domain, - s3call->request->data.auth_crap.user, - s3call->request->data.auth_crap.workstation, - chal, nt_resp, lm_resp); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = pam_auth_crap_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void pam_auth_crap_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - DATA_BLOB info3; - struct netr_UserSessionKey user_session_key; - struct netr_LMSessionKey lm_key; - char *unix_username; - - status = wb_cmd_pam_auth_crap_recv(ctx, s3call, &info3, - &user_session_key, &lm_key, &unix_username); - if (!NT_STATUS_IS_OK(status)) goto done; - - if (s3call->request->flags & WBFLAG_PAM_USER_SESSION_KEY) { - memcpy(s3call->response->data.auth.user_session_key, - &user_session_key.key, - sizeof(s3call->response->data.auth.user_session_key)); - } - - if (s3call->request->flags & WBFLAG_PAM_INFO3_TEXT) { - status = wb_samba3_append_info3_as_txt(ctx, s3call, info3); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10,("Failed to append INFO3 (TXT): %s\n", - nt_errstr(status))); - goto done; - } - } - - if (s3call->request->flags & WBFLAG_PAM_INFO3_NDR) { - s3call->response->extra_data.data = info3.data; - s3call->response->length += info3.length; - } - - if (s3call->request->flags & WBFLAG_PAM_LMKEY) { - memcpy(s3call->response->data.auth.first_8_lm_hash, - lm_key.key, - sizeof(s3call->response->data.auth.first_8_lm_hash)); - } - - if (s3call->request->flags & WBFLAG_PAM_UNIX_NAME) { - WBSRV_SAMBA3_SET_STRING(s3call->response->data.auth.unix_username,unix_username); - } - - done: - wbsrv_samba3_async_auth_epilogue(status, s3call); -} - -/* Plaintext authentication - - This interface is used by ntlm_auth in it's 'basic' authentication - mode, as well as by pam_winbind to authenticate users where we are - given a plaintext password. -*/ - -static void pam_auth_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_pam_auth(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - struct cli_credentials *credentials; - char *user, *domain; - - if (!wb_samba3_split_username(s3call, s3call->wbconn->lp_ctx, - s3call->request->data.auth.user, - &domain, &user)) { - return NT_STATUS_NO_SUCH_USER; - } - - credentials = cli_credentials_init(s3call); - if (!credentials) { - return NT_STATUS_NO_MEMORY; - } - cli_credentials_set_conf(credentials, service->task->lp_ctx); - cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED); - cli_credentials_set_username(credentials, user, CRED_SPECIFIED); - - cli_credentials_set_password(credentials, s3call->request->data.auth.pass, CRED_SPECIFIED); - - ctx = wb_cmd_pam_auth_send(s3call, service, credentials); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = pam_auth_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void pam_auth_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - DATA_BLOB info3; - struct netr_UserSessionKey user_session_key; - struct netr_LMSessionKey lm_key; - char *unix_username; - - status = wb_cmd_pam_auth_recv(ctx, s3call, &info3, - &user_session_key, &lm_key, &unix_username); - - if (!NT_STATUS_IS_OK(status)) goto done; - - if (s3call->request->flags & WBFLAG_PAM_USER_SESSION_KEY) { - memcpy(s3call->response->data.auth.user_session_key, - &user_session_key.key, - sizeof(s3call->response->data.auth.user_session_key)); - } - - if (s3call->request->flags & WBFLAG_PAM_INFO3_TEXT) { - status = wb_samba3_append_info3_as_txt(ctx, s3call, info3); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10,("Failed to append INFO3 (TXT): %s\n", - nt_errstr(status))); - goto done; - } - } - - if (s3call->request->flags & WBFLAG_PAM_INFO3_NDR) { - s3call->response->extra_data.data = info3.data; - s3call->response->length += info3.length; - } - - if (s3call->request->flags & WBFLAG_PAM_LMKEY) { - memcpy(s3call->response->data.auth.first_8_lm_hash, - lm_key.key, - sizeof(s3call->response->data.auth.first_8_lm_hash)); - } - - if (s3call->request->flags & WBFLAG_PAM_UNIX_NAME) { - WBSRV_SAMBA3_SET_STRING(s3call->response->data.auth.unix_username,unix_username); - } - - - done: - wbsrv_samba3_async_auth_epilogue(status, s3call); -} - -/* - List trusted domains -*/ - -static void list_trustdom_recv_doms(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_list_trustdom(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_list_trustdom called\n")); - - ctx = wb_cmd_list_trustdoms_send(s3call, service); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = list_trustdom_recv_doms; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void list_trustdom_recv_doms(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - uint32_t i, num_domains; - struct wb_dom_info **domains; - NTSTATUS status; - char *result; - - status = wb_cmd_list_trustdoms_recv(ctx, s3call, &num_domains, - &domains); - if (!NT_STATUS_IS_OK(status)) goto done; - - result = talloc_strdup(s3call, ""); - if (result == NULL) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - for (i=0; i<num_domains; i++) { - result = talloc_asprintf_append_buffer( - result, "%s\\%s\\%s", - domains[i]->name, domains[i]->name, - dom_sid_string(s3call, domains[i]->sid)); - } - - if (result == NULL) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - s3call->response->result = WINBINDD_OK; - if (num_domains > 0) { - s3call->response->extra_data.data = result; - s3call->response->length += strlen(result)+1; - s3call->response->data.num_entries = num_domains; - } - - done: - wbsrv_samba3_async_epilogue(status, s3call); -} - -/* list groups */ -static void list_groups_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_list_groups(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba4_list_groups called\n")); - - ctx = wb_cmd_list_groups_send(s3call, service, - s3call->request->domain_name); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = list_groups_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void list_groups_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = talloc_get_type_abort( - ctx->async.private_data, - struct wbsrv_samba3_call); - uint32_t extra_data_len; - char *extra_data; - uint32_t num_groups; - NTSTATUS status; - - DEBUG(5, ("list_groups_recv called\n")); - - status = wb_cmd_list_groups_recv(ctx, s3call, &extra_data_len, - &extra_data, &num_groups); - - if (NT_STATUS_IS_OK(status)) { - s3call->response->extra_data.data = extra_data; - s3call->response->length += extra_data_len; - if (extra_data) { - s3call->response->length += 1; - s3call->response->data.num_entries = num_groups; - } - } - - wbsrv_samba3_async_epilogue(status, s3call); -} - -/* List users */ - -static void list_users_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_list_users(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_list_users called\n")); - - ctx = wb_cmd_list_users_send(s3call, service, - s3call->request->domain_name); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = list_users_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void list_users_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - uint32_t extra_data_len; - char *extra_data; - uint32_t num_users; - NTSTATUS status; - - DEBUG(5, ("list_users_recv called\n")); - - status = wb_cmd_list_users_recv(ctx, s3call, &extra_data_len, - &extra_data, &num_users); - - if (NT_STATUS_IS_OK(status)) { - s3call->response->extra_data.data = extra_data; - s3call->response->length += extra_data_len; - if (extra_data) { - s3call->response->length += 1; - s3call->response->data.num_entries = num_users; - } - } - - wbsrv_samba3_async_epilogue(status, s3call); -} - -/* NSS calls */ - -static void getpwnam_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_getpwnam(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_getpwnam called\n")); - - ctx = wb_cmd_getpwnam_send(s3call, service, - s3call->request->data.username); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = getpwnam_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void getpwnam_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - struct winbindd_pw *pw; - - DEBUG(5, ("getpwnam_recv called\n")); - - status = wb_cmd_getpwnam_recv(ctx, s3call, &pw); - if(NT_STATUS_IS_OK(status)) - s3call->response->data.pw = *pw; - - wbsrv_samba3_async_epilogue(status, s3call); -} - -static void getpwuid_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_getpwuid(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_getpwuid called\n")); - - ctx = wb_cmd_getpwuid_send(s3call, service, - s3call->request->data.uid); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = getpwuid_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void getpwuid_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - struct winbindd_pw *pw; - - DEBUG(5, ("getpwuid_recv called\n")); - - status = wb_cmd_getpwuid_recv(ctx, s3call, &pw); - if (NT_STATUS_IS_OK(status)) - s3call->response->data.pw = *pw; - - wbsrv_samba3_async_epilogue(status, s3call); -} - -static void setpwent_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_setpwent(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_setpwent called\n")); - - ctx = wb_cmd_setpwent_send(s3call, service); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = setpwent_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void setpwent_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - struct wbsrv_pwent *pwent; - - DEBUG(5, ("setpwent_recv called\n")); - - status = wb_cmd_setpwent_recv(ctx, s3call->wbconn, &pwent); - if (NT_STATUS_IS_OK(status)) { - s3call->wbconn->protocol_private_data = pwent; - } - - wbsrv_samba3_async_epilogue(status, s3call); -} - -static void getpwent_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_getpwent(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = s3call->wbconn->listen_socket->service; - struct wbsrv_pwent *pwent; - - DEBUG(5, ("wbsrv_samba3_getpwent called\n")); - - NT_STATUS_HAVE_NO_MEMORY(s3call->wbconn->protocol_private_data); - - pwent = talloc_get_type(s3call->wbconn->protocol_private_data, - struct wbsrv_pwent); - NT_STATUS_HAVE_NO_MEMORY(pwent); - - ctx = wb_cmd_getpwent_send(s3call, service, pwent, - s3call->request->data.num_entries); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = getpwent_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void getpwent_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - struct winbindd_pw *pw; - uint32_t num_users; - - DEBUG(5, ("getpwent_recv called\n")); - - status = wb_cmd_getpwent_recv(ctx, s3call, &pw, &num_users); - if (NT_STATUS_IS_OK(status)) { - uint32_t extra_len = sizeof(struct winbindd_pw) * num_users; - - s3call->response->data.num_entries = num_users; - s3call->response->extra_data.data = pw; - s3call->response->length += extra_len; - } - - wbsrv_samba3_async_epilogue(status, s3call); -} - -NTSTATUS wbsrv_samba3_endpwent(struct wbsrv_samba3_call *s3call) -{ - struct wbsrv_pwent *pwent = - talloc_get_type(s3call->wbconn->protocol_private_data, - struct wbsrv_pwent); - DEBUG(5, ("wbsrv_samba3_endpwent called\n")); - - talloc_free(pwent); - - s3call->wbconn->protocol_private_data = NULL; - s3call->response->result = WINBINDD_OK; - return NT_STATUS_OK; -} - - -static void getgrnam_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_getgrnam(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_getgrnam called\n")); - - ctx = wb_cmd_getgrnam_send(s3call, service, - s3call->request->data.groupname); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = getgrnam_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void getgrnam_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - struct winbindd_gr *gr; - - DEBUG(5, ("getgrnam_recv called\n")); - - status = wb_cmd_getgrnam_recv(ctx, s3call, &gr); - if(NT_STATUS_IS_OK(status)) - s3call->response->data.gr = *gr; - - wbsrv_samba3_async_epilogue(status, s3call); -} - -static void getgrgid_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_getgrgid(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_getgrgid called\n")); - - ctx = wb_cmd_getgrgid_send(s3call, service, - s3call->request->data.gid); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = getgrgid_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void getgrgid_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - struct winbindd_gr *gr; - - DEBUG(5, ("getgrgid_recv called\n")); - - status = wb_cmd_getgrgid_recv(ctx, s3call, &gr); - if (NT_STATUS_IS_OK(status)) - s3call->response->data.gr = *gr; - - wbsrv_samba3_async_epilogue(status, s3call); -} - -static void getgroups_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_getgroups(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_getgroups called\n")); - /* S3 code do the same so why not ... */ - s3call->request->data.username[sizeof(s3call->request->data.username)-1]='\0'; - ctx = wb_cmd_getgroups_send(s3call, service, s3call->request->data.username); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = getgroups_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void getgroups_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - gid_t *gids; - uint32_t num_groups; - NTSTATUS status; - DEBUG(5, ("getgroups_recv called\n")); - - status = wb_cmd_getgroups_recv(ctx, s3call, &gids, &num_groups); - if (NT_STATUS_IS_OK(status)) { - uint32_t extra_len = sizeof(gid_t) * num_groups; - - s3call->response->data.num_entries = num_groups; - s3call->response->extra_data.data = gids; - s3call->response->length += extra_len; - } else { - s3call->response->result = WINBINDD_ERROR; - } - - wbsrv_samba3_async_epilogue(status, s3call); -} - -static void setgrent_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_setgrent(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_setgrent called\n")); - - ctx = wb_cmd_setgrent_send(s3call, service); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = setgrent_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void setgrent_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - struct wbsrv_grent *grent; - - DEBUG(5, ("setpwent_recv called\n")); - - status = wb_cmd_setgrent_recv(ctx, s3call->wbconn, &grent); - if (NT_STATUS_IS_OK(status)) { - s3call->wbconn->protocol_private_data = grent; - } - - wbsrv_samba3_async_epilogue(status, s3call); -} - -static void getgrent_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_getgrent(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = s3call->wbconn->listen_socket->service; - struct wbsrv_grent *grent; - - DEBUG(5, ("wbsrv_samba3_getgrent called\n")); - - NT_STATUS_HAVE_NO_MEMORY(s3call->wbconn->protocol_private_data); - - grent = talloc_get_type(s3call->wbconn->protocol_private_data, - struct wbsrv_grent); - NT_STATUS_HAVE_NO_MEMORY(grent); - - ctx = wb_cmd_getgrent_send(s3call, service, grent, - s3call->request->data.num_entries); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = getgrent_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} - -static void getgrent_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - struct winbindd_gr *gr; - uint32_t num_groups; - - DEBUG(5, ("getgrent_recv called\n")); - - status = wb_cmd_getgrent_recv(ctx, s3call, &gr, &num_groups); - if (NT_STATUS_IS_OK(status)) { - uint32_t extra_len = sizeof(struct winbindd_gr) * num_groups; - - s3call->response->data.num_entries = num_groups; - s3call->response->extra_data.data = gr; - s3call->response->length += extra_len; - } - - wbsrv_samba3_async_epilogue(status, s3call); -} - -NTSTATUS wbsrv_samba3_endgrent(struct wbsrv_samba3_call *s3call) -{ - DEBUG(5, ("wbsrv_samba3_endgrent called\n")); - s3call->response->result = WINBINDD_OK; - return NT_STATUS_OK; -} - -static void sid2uid_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_sid2uid(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - struct dom_sid *sid; - - DEBUG(5, ("wbsrv_samba3_sid2uid called\n")); - - sid = dom_sid_parse_talloc(s3call, s3call->request->data.sid); - NT_STATUS_HAVE_NO_MEMORY(sid); - - ctx = wb_sid2uid_send(s3call, service, sid); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = sid2uid_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; - -} - -static void sid2uid_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - - DEBUG(5, ("sid2uid_recv called\n")); - - status = wb_sid2uid_recv(ctx, &s3call->response->data.uid); - - wbsrv_samba3_async_epilogue(status, s3call); -} - -static void sid2gid_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_sid2gid(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - struct dom_sid *sid; - - DEBUG(5, ("wbsrv_samba3_sid2gid called\n")); - - sid = dom_sid_parse_talloc(s3call, s3call->request->data.sid); - NT_STATUS_HAVE_NO_MEMORY(sid); - - ctx = wb_sid2gid_send(s3call, service, sid); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = sid2gid_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; - -} - -static void sid2gid_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - - DEBUG(5, ("sid2gid_recv called\n")); - - status = wb_sid2gid_recv(ctx, &s3call->response->data.gid); - - wbsrv_samba3_async_epilogue(status, s3call); -} - -static void uid2sid_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_uid2sid(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_uid2sid called\n")); - - ctx = wb_uid2sid_send(s3call, service, s3call->request->data.uid); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = uid2sid_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; - -} - -static void uid2sid_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - struct dom_sid *sid; - char *sid_str; - - DEBUG(5, ("uid2sid_recv called\n")); - - status = wb_uid2sid_recv(ctx, s3call, &sid); - if(NT_STATUS_IS_OK(status)) { - sid_str = dom_sid_string(s3call, sid); - - /* If the conversion failed, bail out with a failure. */ - if (sid_str == NULL) - wbsrv_samba3_async_epilogue(NT_STATUS_NO_MEMORY,s3call); - - /* But we assume this worked, so we'll set the string. Work - * done. */ - WBSRV_SAMBA3_SET_STRING(s3call->response->data.sid.sid, sid_str); - s3call->response->data.sid.type = SID_NAME_USER; - } - - wbsrv_samba3_async_epilogue(status, s3call); -} - -static void gid2sid_recv(struct composite_context *ctx); - -NTSTATUS wbsrv_samba3_gid2sid(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - - DEBUG(5, ("wbsrv_samba3_gid2sid called\n")); - - ctx = wb_gid2sid_send(s3call, service, s3call->request->data.gid); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = gid2sid_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; - -} - -static void gid2sid_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - struct dom_sid *sid; - char *sid_str; - - DEBUG(5, ("gid2sid_recv called\n")); - - status = wb_gid2sid_recv(ctx, s3call, &sid); - if(NT_STATUS_IS_OK(status)) { - sid_str = dom_sid_string(s3call, sid); - - if (sid_str == NULL) - wbsrv_samba3_async_epilogue(NT_STATUS_NO_MEMORY,s3call); - - WBSRV_SAMBA3_SET_STRING(s3call->response->data.sid.sid, sid_str); - s3call->response->data.sid.type = SID_NAME_DOMAIN; - } - - wbsrv_samba3_async_epilogue(status, s3call); -} - -static void sids2xids_recv(struct composite_context *ctx) -{ - struct wbsrv_samba3_call *s3call = - talloc_get_type(ctx->async.private_data, - struct wbsrv_samba3_call); - NTSTATUS status; - struct id_map *ids; - unsigned i, count; - struct winbindd_response *resp = s3call->response; - - DEBUG(5, ("sids2xids_recv called\n")); - - status = wb_sids2xids_recv(ctx, &ids, &count); - if (!NT_STATUS_IS_OK(status)) { - goto done; - } - - /* fill in extra_data with the list of IDs. Each is prefixed - * by 'U' or 'G' for user and group, and followed by a - * newline */ - resp->extra_data.data = talloc_strdup(resp, ""); - if (resp->extra_data.data == NULL) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - for (i=0; i<count; i++) { - char type_char = '*'; - if (ids[i].status != ID_MAPPED) { - resp->extra_data.data = talloc_asprintf_append_buffer(resp->extra_data.data, "\n"); - if (resp->extra_data.data == NULL) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - continue; - } - switch (ids[i].xid.type) { - case ID_TYPE_UID: - type_char = 'U'; - break; - case ID_TYPE_GID: - type_char = 'G'; - break; - case ID_TYPE_BOTH: - type_char = 'B'; - break; - case ID_TYPE_NOT_SPECIFIED: - type_char = 'N'; - break; - } - resp->extra_data.data = talloc_asprintf_append_buffer(resp->extra_data.data, "%c%u\n", - type_char, (unsigned)ids[i].xid.id); - if (resp->extra_data.data == NULL) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - } - resp->length += strlen(resp->extra_data.data) + 1; - -done: - wbsrv_samba3_async_epilogue(status, s3call); -} - - -NTSTATUS wbsrv_samba3_sids2xids(struct wbsrv_samba3_call *s3call) -{ - struct composite_context *ctx; - struct wbsrv_service *service = - s3call->wbconn->listen_socket->service; - struct id_map *ids = NULL; - unsigned count = 0; - char *saveptr = NULL; - char *sidstr; - - DEBUG(5, ("wbsrv_samba3_sids2xids called\n")); - - for (sidstr = strtok_r(s3call->request->extra_data.data, "\n", &saveptr); - sidstr; - sidstr = strtok_r(NULL, "\n", &saveptr)) { - count += 1; - ids = talloc_realloc(s3call, ids, struct id_map, count); - NT_STATUS_HAVE_NO_MEMORY(ids); - ids[count-1].sid = dom_sid_parse_talloc(ids, sidstr); - NT_STATUS_HAVE_NO_MEMORY(ids->sid); - } - - ctx = wb_sids2xids_send(s3call, service, count, ids); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->async.fn = sids2xids_recv; - ctx->async.private_data = s3call; - s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC; - return NT_STATUS_OK; -} diff --git a/source4/winbind/wb_samba3_protocol.c b/source4/winbind/wb_samba3_protocol.c deleted file mode 100644 index 1b78c99c1f9..00000000000 --- a/source4/winbind/wb_samba3_protocol.c +++ /dev/null @@ -1,377 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Main winbindd samba3 server routines - - Copyright (C) Stefan Metzmacher 2005 - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "winbind/wb_server.h" -#include "smbd/service_stream.h" -#include "lib/stream/packet.h" -#include "lib/tsocket/tsocket.h" - -/* - work out if a packet is complete for protocols that use a 32 bit host byte - order length -*/ -NTSTATUS wbsrv_samba3_packet_full_request(void *private_data, DATA_BLOB blob, size_t *size) -{ - uint32_t *len; - struct winbindd_request *req; - - if (blob.length < 4) { - return STATUS_MORE_ENTRIES; - } - len = (uint32_t *)blob.data; - *size = (*len); - if (*size > blob.length) { - return STATUS_MORE_ENTRIES; - } - if (*size < sizeof(req)) { - /* its not a valid winbind packet. We need to accept - it here, and wbsrv_samba3_pull_request() will throw - it away */ - return NT_STATUS_OK; - } - - /* now we need to cope with possible extra_data, which is - stuck on the end with no length prefix! This is a very very - stupid protocol */ - req = (struct winbindd_request *)blob.data; - *size = (*len) + req->extra_len; - if (*size > blob.length) { - return STATUS_MORE_ENTRIES; - } - return NT_STATUS_OK; -} - - -NTSTATUS wbsrv_samba3_pull_request(struct wbsrv_samba3_call *call) -{ - if (call->in.length < sizeof(*call->request)) { - DEBUG(0,("wbsrv_samba3_pull_request: invalid blob length %lu should be %lu\n" - " make sure you use the correct winbind client tools!\n", - (long)call->in.length, (long)sizeof(*call->request))); - return NT_STATUS_INVALID_PARAMETER; - } - - call->request = talloc_zero(call, struct winbindd_request); - NT_STATUS_HAVE_NO_MEMORY(call->request); - - /* the packet layout is the same as the in memory layout of the request, so just copy it */ - memcpy(call->request, call->in.data, sizeof(*call->request)); - - if (call->in.length != sizeof(*call->request) + call->request->extra_len) { - DEBUG(0,(__location__ " : invalid extra_len %u should be %u\n", - call->request->extra_len, (unsigned)(call->in.length - sizeof(*call->request)))); - return NT_STATUS_INVALID_PARAMETER; - } - - /* there may be extra data */ - if (call->request->extra_len != 0) { - call->request->extra_data.data = talloc_size(call->request, call->request->extra_len+1); - NT_STATUS_HAVE_NO_MEMORY(call->request->extra_data.data); - /* guarantee a nul termination, as many of the uses of - this field is for strings */ - memcpy(call->request->extra_data.data, call->in.data + sizeof(*call->request), - call->request->extra_len); - call->request->extra_data.data[call->request->extra_len] = 0; - } else { - call->request->extra_data.data = NULL; - } - - return NT_STATUS_OK; -} - -NTSTATUS wbsrv_samba3_handle_call(struct wbsrv_samba3_call *s3call) -{ - DEBUG(10, ("Got winbind samba3 request %d\n", s3call->request->cmd)); - - s3call->response = talloc_zero(s3call, struct winbindd_response); - NT_STATUS_HAVE_NO_MEMORY(s3call->request); - - s3call->response->length = sizeof(*s3call->response); - - switch(s3call->request->cmd) { - case WINBINDD_INTERFACE_VERSION: - return wbsrv_samba3_interface_version(s3call); - - case WINBINDD_CHECK_MACHACC: - return wbsrv_samba3_check_machacc(s3call); - - case WINBINDD_PING: - return wbsrv_samba3_ping(s3call); - - case WINBINDD_INFO: - return wbsrv_samba3_info(s3call); - - case WINBINDD_DOMAIN_NAME: - return wbsrv_samba3_domain_name(s3call); - - case WINBINDD_NETBIOS_NAME: - return wbsrv_samba3_netbios_name(s3call); - - case WINBINDD_PRIV_PIPE_DIR: - return wbsrv_samba3_priv_pipe_dir(s3call); - - case WINBINDD_LOOKUPNAME: - return wbsrv_samba3_lookupname(s3call); - - case WINBINDD_LOOKUPSID: - return wbsrv_samba3_lookupsid(s3call); - - case WINBINDD_PAM_AUTH: - return wbsrv_samba3_pam_auth(s3call); - - case WINBINDD_PAM_AUTH_CRAP: - return wbsrv_samba3_pam_auth_crap(s3call); - - case WINBINDD_GETDCNAME: - return wbsrv_samba3_getdcname(s3call); - - case WINBINDD_GETUSERDOMGROUPS: - return wbsrv_samba3_userdomgroups(s3call); - - case WINBINDD_GETUSERSIDS: - return wbsrv_samba3_usersids(s3call); - - case WINBINDD_LIST_GROUPS: - return wbsrv_samba3_list_groups(s3call); - - case WINBINDD_LIST_TRUSTDOM: - return wbsrv_samba3_list_trustdom(s3call); - - case WINBINDD_LIST_USERS: - return wbsrv_samba3_list_users(s3call); - - case WINBINDD_GETPWNAM: - return wbsrv_samba3_getpwnam(s3call); - - case WINBINDD_GETPWUID: - return wbsrv_samba3_getpwuid(s3call); - - case WINBINDD_SETPWENT: - return wbsrv_samba3_setpwent(s3call); - - case WINBINDD_GETPWENT: - return wbsrv_samba3_getpwent(s3call); - - case WINBINDD_ENDPWENT: - return wbsrv_samba3_endpwent(s3call); - - case WINBINDD_GETGRNAM: - return wbsrv_samba3_getgrnam(s3call); - - case WINBINDD_GETGRGID: - return wbsrv_samba3_getgrgid(s3call); - - case WINBINDD_GETGROUPS: - return wbsrv_samba3_getgroups(s3call); - - case WINBINDD_SETGRENT: - return wbsrv_samba3_setgrent(s3call); - - case WINBINDD_GETGRENT: - return wbsrv_samba3_getgrent(s3call); - - case WINBINDD_ENDGRENT: - return wbsrv_samba3_endgrent(s3call); - - case WINBINDD_SID_TO_UID: - case WINBINDD_DUAL_SID2UID: - return wbsrv_samba3_sid2uid(s3call); - - case WINBINDD_SID_TO_GID: - case WINBINDD_DUAL_SID2GID: - return wbsrv_samba3_sid2gid(s3call); - - case WINBINDD_UID_TO_SID: - case WINBINDD_DUAL_UID2SID: - return wbsrv_samba3_uid2sid(s3call); - - case WINBINDD_GID_TO_SID: - case WINBINDD_DUAL_GID2SID: - return wbsrv_samba3_gid2sid(s3call); - - case WINBINDD_DOMAIN_INFO: - return wbsrv_samba3_domain_info(s3call); - - case WINBINDD_PAM_LOGOFF: - return wbsrv_samba3_pam_logoff(s3call); - - case WINBINDD_SIDS_TO_XIDS: - return wbsrv_samba3_sids2xids(s3call); - - /* Unimplemented commands */ - case WINBINDD_GETPWSID: - case WINBINDD_PAM_CHAUTHTOK: - case WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP: - case WINBINDD_LOOKUPRIDS: - case WINBINDD_LOOKUPSIDS: - case WINBINDD_ALLOCATE_UID: - case WINBINDD_ALLOCATE_GID: - case WINBINDD_SHOW_SEQUENCE: - case WINBINDD_WINS_BYIP: - case WINBINDD_WINS_BYNAME: - case WINBINDD_GETGRLST: - case WINBINDD_GETSIDALIASES: - case WINBINDD_DSGETDCNAME: - case WINBINDD_INIT_CONNECTION: - case WINBINDD_DUAL_SIDS2XIDS: - case WINBINDD_DUAL_USERINFO: - case WINBINDD_DUAL_GETSIDALIASES: - case WINBINDD_DUAL_NDRCMD: - case WINBINDD_CCACHE_NTLMAUTH: - case WINBINDD_NUM_CMDS: - case WINBINDD_CHANGE_MACHACC: - case WINBINDD_PING_DC: - case WINBINDD_DC_INFO: - case WINBINDD_CCACHE_SAVE: - DEBUG(10, ("Unimplemented winbind samba3 request %d\n", - s3call->request->cmd)); - break; - } - - s3call->response->result = WINBINDD_ERROR; - return NT_STATUS_OK; -} - -static NTSTATUS wbsrv_samba3_push_reply(struct wbsrv_samba3_call *call) -{ - uint8_t *extra_data; - size_t extra_data_len = 0; - - extra_data = (uint8_t *)call->response->extra_data.data; - if (extra_data != NULL) { - extra_data_len = call->response->length - - sizeof(*call->response); - } - - call->out = data_blob_talloc(call, NULL, call->response->length); - NT_STATUS_HAVE_NO_MEMORY(call->out.data); - - /* don't push real pointer values into sockets */ - if (extra_data) { - call->response->extra_data.data = (void *)0xFFFFFFFF; - } - - memcpy(call->out.data, call->response, sizeof(*call->response)); - /* set back the pointer */ - call->response->extra_data.data = extra_data; - - if (extra_data) { - memcpy(call->out.data + sizeof(*call->response), - extra_data, - extra_data_len); - } - - return NT_STATUS_OK; -} - -static void wbsrv_samba3_send_reply_done(struct tevent_req *subreq); - -/* - * queue a wbsrv_call reply on a wbsrv_connection - * NOTE: that this implies talloc_free(call), - * use talloc_reference(call) if you need it after - * calling wbsrv_queue_reply - */ -NTSTATUS wbsrv_samba3_send_reply(struct wbsrv_samba3_call *call) -{ - struct wbsrv_connection *wbsrv_conn = call->wbconn; - struct tevent_req *subreq; - NTSTATUS status; - - call->wbconn->pending_calls--; - - status = wbsrv_samba3_push_reply(call); - NT_STATUS_NOT_OK_RETURN(status); - - call->out_iov[0].iov_base = (char *) call->out.data; - call->out_iov[0].iov_len = call->out.length; - - subreq = tstream_writev_queue_send(call, - wbsrv_conn->conn->event.ctx, - wbsrv_conn->tstream, - wbsrv_conn->send_queue, - call->out_iov, 1); - if (subreq == NULL) { - wbsrv_terminate_connection(wbsrv_conn, "wbsrv_call_loop: " - "no memory for tstream_writev_queue_send"); - return NT_STATUS_NO_MEMORY; - } - tevent_req_set_callback(subreq, wbsrv_samba3_send_reply_done, call); - - return status; -} - -static void wbsrv_samba3_send_reply_done(struct tevent_req *subreq) -{ - struct wbsrv_samba3_call *call = tevent_req_callback_data(subreq, - struct wbsrv_samba3_call); - int sys_errno; - int rc; - - rc = tstream_writev_queue_recv(subreq, &sys_errno); - TALLOC_FREE(subreq); - if (rc == -1) { - const char *reason; - - reason = talloc_asprintf(call, "wbsrv_samba3_send_reply_done: " - "tstream_writev_queue_recv() - %d:%s", - sys_errno, strerror(sys_errno)); - if (reason == NULL) { - reason = "wbsrv_samba3_send_reply_done: " - "tstream_writev_queue_recv() failed"; - } - - wbsrv_terminate_connection(call->wbconn, reason); - return; - } - - talloc_free(call); -} - -NTSTATUS wbsrv_samba3_process(struct wbsrv_samba3_call *call) -{ - NTSTATUS status; - - status = wbsrv_samba3_pull_request(call); - - if (!NT_STATUS_IS_OK(status)) { - return status; - } - - call->wbconn->pending_calls++; - - status = wbsrv_samba3_handle_call(call); - - if (!NT_STATUS_IS_OK(status)) { - call->wbconn->pending_calls--; - talloc_free(call); - return status; - } - - if (call->flags & WBSRV_CALL_FLAGS_REPLY_ASYNC) { - return NT_STATUS_OK; - } - - status = wbsrv_samba3_send_reply(call); - return status; -} - diff --git a/source4/winbind/wb_server.c b/source4/winbind/wb_server.c deleted file mode 100644 index 2801968cbec..00000000000 --- a/source4/winbind/wb_server.c +++ /dev/null @@ -1,410 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Main winbindd server routines - - Copyright (C) Stefan Metzmacher 2005-2008 - Copyright (C) Andrew Tridgell 2005 - Copyright (C) Andrew Bartlett <abartlet@samba.org> 2010 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "smbd/process_model.h" -#include "winbind/wb_server.h" -#include "lib/stream/packet.h" -#include "lib/tsocket/tsocket.h" -#include "libcli/util/tstream.h" -#include "param/param.h" -#include "param/secrets.h" -#include "lib/util/dlinklist.h" - -void wbsrv_terminate_connection(struct wbsrv_connection *wbconn, const char *reason) -{ - struct wbsrv_service *service = wbconn->listen_socket->service; - - if (wbconn->pending_calls == 0) { - char *full_reason = talloc_asprintf(wbconn, "wbsrv: %s", reason); - - DLIST_REMOVE(service->broken_connections, wbconn); - stream_terminate_connection(wbconn->conn, full_reason ? full_reason : reason); - return; - } - - if (wbconn->terminate != NULL) { - return; - } - - DEBUG(3,("wbsrv: terminating connection due to '%s' defered due to %d pending calls\n", - reason, wbconn->pending_calls)); - wbconn->terminate = talloc_strdup(wbconn, reason); - if (wbconn->terminate == NULL) { - wbconn->terminate = "wbsrv: defered terminating connection - no memory"; - } - DLIST_ADD_END(service->broken_connections, wbconn, NULL); -} - -static void wbsrv_cleanup_broken_connections(struct wbsrv_service *s) -{ - struct wbsrv_connection *cur, *next; - - next = s->broken_connections; - while (next != NULL) { - cur = next; - next = cur->next; - - wbsrv_terminate_connection(cur, cur->terminate); - } -} - -static void wbsrv_call_loop(struct tevent_req *subreq) -{ - struct wbsrv_connection *wbsrv_conn = tevent_req_callback_data(subreq, - struct wbsrv_connection); - struct wbsrv_service *service = wbsrv_conn->listen_socket->service; - struct wbsrv_samba3_call *call; - NTSTATUS status; - - if (wbsrv_conn->terminate) { - /* - * if the current connection is broken - * we need to clean it up before any other connection - */ - wbsrv_terminate_connection(wbsrv_conn, wbsrv_conn->terminate); - wbsrv_cleanup_broken_connections(service); - return; - } - - wbsrv_cleanup_broken_connections(service); - - call = talloc_zero(wbsrv_conn, struct wbsrv_samba3_call); - if (call == NULL) { - wbsrv_terminate_connection(wbsrv_conn, "wbsrv_call_loop: " - "no memory for wbsrv_samba3_call"); - return; - } - call->wbconn = wbsrv_conn; - - status = tstream_read_pdu_blob_recv(subreq, - call, - &call->in); - TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - const char *reason; - - reason = talloc_asprintf(wbsrv_conn, "wbsrv_call_loop: " - "tstream_read_pdu_blob_recv() - %s", - nt_errstr(status)); - if (!reason) { - reason = nt_errstr(status); - } - - wbsrv_terminate_connection(wbsrv_conn, reason); - return; - } - - DEBUG(10,("Received winbind TCP packet of length %lu from %s\n", - (long) call->in.length, - tsocket_address_string(wbsrv_conn->conn->remote_address, call))); - - status = wbsrv_samba3_process(call); - if (!NT_STATUS_IS_OK(status)) { - const char *reason; - - reason = talloc_asprintf(wbsrv_conn, "wbsrv_call_loop: " - "tstream_read_pdu_blob_recv() - %s", - nt_errstr(status)); - if (!reason) { - reason = nt_errstr(status); - } - - wbsrv_terminate_connection(wbsrv_conn, reason); - return; - } - - /* - * The winbind pdu's has the length as 4 byte (initial_read_size), - * wbsrv_samba3_packet_full_request provides the pdu length then. - */ - subreq = tstream_read_pdu_blob_send(wbsrv_conn, - wbsrv_conn->conn->event.ctx, - wbsrv_conn->tstream, - 4, /* initial_read_size */ - wbsrv_samba3_packet_full_request, - wbsrv_conn); - if (subreq == NULL) { - wbsrv_terminate_connection(wbsrv_conn, "wbsrv_call_loop: " - "no memory for tstream_read_pdu_blob_send"); - return; - } - tevent_req_set_callback(subreq, wbsrv_call_loop, wbsrv_conn); -} - -static void wbsrv_accept(struct stream_connection *conn) -{ - struct wbsrv_listen_socket *wbsrv_socket = talloc_get_type(conn->private_data, - struct wbsrv_listen_socket); - struct wbsrv_connection *wbsrv_conn; - struct tevent_req *subreq; - int rc; - - wbsrv_cleanup_broken_connections(wbsrv_socket->service); - - wbsrv_conn = talloc_zero(conn, struct wbsrv_connection); - if (wbsrv_conn == NULL) { - stream_terminate_connection(conn, "wbsrv_accept: out of memory"); - return; - } - - wbsrv_conn->send_queue = tevent_queue_create(conn, "wbsrv_accept"); - if (wbsrv_conn->send_queue == NULL) { - stream_terminate_connection(conn, - "wbsrv_accept: out of memory"); - return; - } - - TALLOC_FREE(conn->event.fde); - - rc = tstream_bsd_existing_socket(wbsrv_conn, - socket_get_fd(conn->socket), - &wbsrv_conn->tstream); - if (rc < 0) { - stream_terminate_connection(conn, - "wbsrv_accept: out of memory"); - return; - } - - wbsrv_conn->conn = conn; - wbsrv_conn->listen_socket = wbsrv_socket; - wbsrv_conn->lp_ctx = wbsrv_socket->service->task->lp_ctx; - conn->private_data = wbsrv_conn; - - /* - * The winbind pdu's has the length as 4 byte (initial_read_size), - * wbsrv_samba3_packet_full_request provides the pdu length then. - */ - subreq = tstream_read_pdu_blob_send(wbsrv_conn, - wbsrv_conn->conn->event.ctx, - wbsrv_conn->tstream, - 4, /* initial_read_size */ - wbsrv_samba3_packet_full_request, - wbsrv_conn); - if (subreq == NULL) { - wbsrv_terminate_connection(wbsrv_conn, "wbsrv_accept: " - "no memory for tstream_read_pdu_blob_send"); - return; - } - tevent_req_set_callback(subreq, wbsrv_call_loop, wbsrv_conn); -} - -/* - called on a tcp recv -*/ -static void wbsrv_recv(struct stream_connection *conn, uint16_t flags) -{ - struct wbsrv_connection *wbsrv_conn = talloc_get_type(conn->private_data, - struct wbsrv_connection); - wbsrv_terminate_connection(wbsrv_conn, "wbsrv_recv: called"); -} - -/* - called when we can write to a connection -*/ -static void wbsrv_send(struct stream_connection *conn, uint16_t flags) -{ - struct wbsrv_connection *wbsrv_conn = talloc_get_type(conn->private_data, - struct wbsrv_connection); - /* this should never be triggered! */ - wbsrv_terminate_connection(wbsrv_conn, "wbsrv_send: called"); -} - -static const struct stream_server_ops wbsrv_ops = { - .name = "winbind samba3 protocol", - .accept_connection = wbsrv_accept, - .recv_handler = wbsrv_recv, - .send_handler = wbsrv_send -}; - -/* - startup the winbind task -*/ -static void winbind_task_init(struct task_server *task) -{ - uint16_t port = 1; - const struct model_ops *model_ops; - NTSTATUS status; - struct wbsrv_service *service; - struct wbsrv_listen_socket *listen_socket; - char *errstring; - struct dom_sid *primary_sid = NULL; - bool ok; - - task_server_set_title(task, "task[winbind]"); - - /* within the winbind task we want to be a single process, so - ask for the single process model ops and pass these to the - stream_setup_socket() call. */ - model_ops = process_model_startup("single"); - if (!model_ops) { - task_server_terminate(task, - "Can't find 'single' process model_ops", true); - return; - } - - /* Make sure the directory for the Samba3 socket exists, and is of the correct permissions */ - ok = directory_create_or_exist_strict(lpcfg_winbindd_socket_directory(task->lp_ctx), - geteuid(), 0755); - if (!ok) { - task_server_terminate(task, - "Cannot create winbindd pipe directory", true); - return; - } - - /* Make sure the directory for the Samba3 socket exists, and is of the correct permissions */ - ok = directory_create_or_exist_strict(lpcfg_winbindd_privileged_socket_directory(task->lp_ctx), - geteuid(), 0750); - if (!ok) { - task_server_terminate(task, - "Cannot create winbindd privileged pipe directory", true); - return; - } - - service = talloc_zero(task, struct wbsrv_service); - if (!service) goto nomem; - service->task = task; - - - /* Find the primary SID, depending if we are a standalone - * server (what good is winbind in this case, but anyway...), - * or are in a domain as a member or a DC */ - switch (lpcfg_server_role(service->task->lp_ctx)) { - case ROLE_STANDALONE: - primary_sid = secrets_get_domain_sid(service, - service->task->lp_ctx, - lpcfg_netbios_name(service->task->lp_ctx), - &service->sec_channel_type, - &errstring); - if (!primary_sid) { - char *message = talloc_asprintf(task, - "Cannot start Winbind (standalone configuration): %s: " - "Have you provisioned this server (%s) or changed it's name?", - errstring, lpcfg_netbios_name(service->task->lp_ctx)); - task_server_terminate(task, message, true); - return; - } - break; - case ROLE_DOMAIN_MEMBER: - primary_sid = secrets_get_domain_sid(service, - service->task->lp_ctx, - lpcfg_workgroup(service->task->lp_ctx), - &service->sec_channel_type, - &errstring); - if (!primary_sid) { - char *message = talloc_asprintf(task, "Cannot start Winbind (domain member): %s: " - "Have you joined the %s domain?", - errstring, lpcfg_workgroup(service->task->lp_ctx)); - task_server_terminate(task, message, true); - return; - } - break; - case ROLE_ACTIVE_DIRECTORY_DC: - primary_sid = secrets_get_domain_sid(service, - service->task->lp_ctx, - lpcfg_workgroup(service->task->lp_ctx), - &service->sec_channel_type, - &errstring); - if (!primary_sid) { - char *message = talloc_asprintf(task, "Cannot start Winbind (domain controller): %s: " - "Have you provisioned the %s domain?", - errstring, lpcfg_workgroup(service->task->lp_ctx)); - task_server_terminate(task, message, true); - return; - } - break; - case ROLE_DOMAIN_PDC: - case ROLE_DOMAIN_BDC: - task_server_terminate(task, "Cannot start 'samba' winbindd as a 'classic samba' DC: use winbindd instead", true); - return; - } - service->primary_sid = primary_sid; - - service->idmap_ctx = idmap_init(service, task->event_ctx, task->lp_ctx); - if (service->idmap_ctx == NULL) { - task_server_terminate(task, "Failed to load idmap database", true); - return; - } - - service->priv_pipe_dir = lpcfg_winbindd_privileged_socket_directory(task->lp_ctx); - service->pipe_dir = lpcfg_winbindd_socket_directory(task->lp_ctx); - - /* setup the unprivileged samba3 socket */ - listen_socket = talloc(service, struct wbsrv_listen_socket); - if (!listen_socket) goto nomem; - listen_socket->socket_path = talloc_asprintf(listen_socket, "%s/%s", - service->pipe_dir, - WINBINDD_SOCKET_NAME); - if (!listen_socket->socket_path) goto nomem; - listen_socket->service = service; - listen_socket->privileged = false; - status = stream_setup_socket(task, task->event_ctx, task->lp_ctx, model_ops, - &wbsrv_ops, "unix", - listen_socket->socket_path, &port, - lpcfg_socket_options(task->lp_ctx), - listen_socket); - if (!NT_STATUS_IS_OK(status)) goto listen_failed; - - /* setup the privileged samba3 socket */ - listen_socket = talloc(service, struct wbsrv_listen_socket); - if (!listen_socket) goto nomem; - listen_socket->socket_path - = talloc_asprintf(listen_socket, "%s/%s", - service->priv_pipe_dir, - WINBINDD_SOCKET_NAME); - if (!listen_socket->socket_path) goto nomem; - listen_socket->service = service; - listen_socket->privileged = true; - status = stream_setup_socket(task, task->event_ctx, task->lp_ctx, model_ops, - &wbsrv_ops, "unix", - listen_socket->socket_path, &port, - lpcfg_socket_options(task->lp_ctx), - listen_socket); - if (!NT_STATUS_IS_OK(status)) goto listen_failed; - - status = wbsrv_init_irpc(service); - if (!NT_STATUS_IS_OK(status)) goto irpc_failed; - - return; - -listen_failed: - DEBUG(0,("stream_setup_socket(path=%s) failed - %s\n", - listen_socket->socket_path, nt_errstr(status))); - task_server_terminate(task, nt_errstr(status), true); - return; -irpc_failed: - DEBUG(0,("wbsrv_init_irpc() failed - %s\n", - nt_errstr(status))); - task_server_terminate(task, nt_errstr(status), true); - return; -nomem: - task_server_terminate(task, nt_errstr(NT_STATUS_NO_MEMORY), true); - return; -} - -/* - register ourselves as a available server -*/ -NTSTATUS server_service_winbind_init(void) -{ - return register_server_service("winbind", winbind_task_init); -} diff --git a/source4/winbind/wb_server.h b/source4/winbind/wb_server.h deleted file mode 100644 index ea93de60c83..00000000000 --- a/source4/winbind/wb_server.h +++ /dev/null @@ -1,194 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Main winbindd server routines - - Copyright (C) Stefan Metzmacher 2005 - Copyright (C) Andrew Tridgell 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "nsswitch/winbind_nss_config.h" -#include "nsswitch/winbind_struct_protocol.h" -#include "winbind/idmap.h" -#include "libnet/libnet.h" - -/* this struct stores global data for the winbind task */ -struct wbsrv_service { - struct task_server *task; - - const struct dom_sid *primary_sid; - enum netr_SchannelType sec_channel_type; - struct wbsrv_domain *domains; - struct idmap_context *idmap_ctx; - const char *priv_pipe_dir; - const char *pipe_dir; - - struct wbsrv_connection *broken_connections; -}; - -struct wbsrv_samconn { - struct wbsrv_domain *domain; - void *private_data; - - struct composite_context (*seqnum_send)(struct wbsrv_samconn *); - NTSTATUS (*seqnum_recv)(struct composite_context *, uint64_t *); -}; - -struct wb_dom_info { - const char *name; - const char *dns_name; - const struct dom_sid *sid; - struct nbt_dc_name *dc; -}; - -struct wbsrv_domain { - struct wbsrv_domain *next, *prev; - - struct wbsrv_service *service; - - struct wb_dom_info *info; - - /* Details for the server we are currently talking to */ - const char *dc_address; - const char *dc_name; - - struct libnet_context *libnet_ctx; - - struct dcerpc_binding *lsa_binding; - - struct dcerpc_binding *samr_binding; - - struct dcerpc_pipe *netlogon_pipe; - struct dcerpc_binding *netlogon_binding; - /* netlogon_creds usage needs to be queued */ - struct tevent_queue *netlogon_queue; -}; - -/* - state of a listen socket and it's protocol information -*/ -struct wbsrv_listen_socket { - const char *socket_path; - struct wbsrv_service *service; - bool privileged; -}; - -/* - state of an open winbind connection -*/ -struct wbsrv_connection { - /* for the broken_connections DLIST */ - struct wbsrv_connection *prev, *next; - - /* stream connection we belong to */ - struct stream_connection *conn; - - /* the listening socket we belong to, it holds protocol hooks */ - struct wbsrv_listen_socket *listen_socket; - - /* storage for protocol specific data */ - void *protocol_private_data; - - /* how many calls are pending (do not terminate the connection with calls pending a reply) */ - uint32_t pending_calls; - - /* is this connection pending termination? If so, why? */ - const char *terminate; - - struct tstream_context *tstream; - - struct tevent_queue *send_queue; - - struct loadparm_context *lp_ctx; -}; - -#define WBSRV_SAMBA3_SET_STRING(dest, src) do { \ - memset(dest, 0, sizeof(dest));\ - strlcpy((dest), (src) ? (src) : "", sizeof(dest));\ -} while(0) - -/* - state of a pwent query -*/ -struct wbsrv_pwent { - /* Current UserList structure, contains 1+ user structs */ - struct libnet_UserList *user_list; - - /* Index of the next user struct in the current UserList struct */ - uint32_t page_index; - - /* The libnet_ctx to use for the libnet_UserList call */ - struct libnet_context *libnet_ctx; -}; -/* - state of a grent query -*/ -struct wbsrv_grent { - /* Current UserList structure, contains 1+ user structs */ - struct libnet_GroupList *group_list; - - /* Index of the next user struct in the current UserList struct */ - uint32_t page_index; - - /* The libnet_ctx to use for the libnet_UserList call */ - struct libnet_context *libnet_ctx; -}; - -/* - state of one request - - NOTE about async replies: - if the backend wants to reply later: - - - it should set the WBSRV_CALL_FLAGS_REPLY_ASYNC flag, and may set a - talloc_destructor on the this structure or on the private_data (if it's a - talloc child of this structure), so that wbsrv_terminate_connection - called by another call clean up the whole connection correct. - - When the backend is ready to reply it should call wbsrv_send_reply(call), - wbsrv_send_reply implies talloc_free(call), so the backend should use - talloc_reference(call), if it needs it later. - - If wbsrv_send_reply doesn't return NT_STATUS_OK, the backend function - should call, wbsrv_terminate_connection(call->wbconn, nt_errstr(status)); - return; - -*/ -struct wbsrv_samba3_call { -#define WBSRV_CALL_FLAGS_REPLY_ASYNC 0x00000001 - uint32_t flags; - - /* the connection the call belongs to */ - struct wbsrv_connection *wbconn; - - /* here the backend can store stuff like composite_context's ... */ - void *private_data; - - /* the request structure of the samba3 protocol */ - struct winbindd_request *request; - - /* the response structure of the samba3 protocol*/ - struct winbindd_response *response; - - DATA_BLOB in; - DATA_BLOB out; - struct iovec out_iov[1]; -}; - -struct netr_LMSessionKey; -struct netr_UserSessionKey; -struct winbind_SamLogon; -struct winbind_DsrUpdateReadOnlyServerDnsRecords; - -#include "winbind/wb_async_helpers.h" -#include "winbind/wb_proto.h" diff --git a/source4/winbind/wb_sid2domain.c b/source4/winbind/wb_sid2domain.c deleted file mode 100644 index 172a6d0a09a..00000000000 --- a/source4/winbind/wb_sid2domain.c +++ /dev/null @@ -1,327 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Find and init a domain struct for a SID - - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include <tevent.h> -#include "../lib/util/tevent_ntstatus.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "libcli/security/security.h" -#include "../lib/util/dlinklist.h" -#include "param/param.h" - -static struct wbsrv_domain *find_domain_from_sid(struct wbsrv_service *service, - const struct dom_sid *sid) -{ - struct wbsrv_domain *domain; - - for (domain = service->domains; domain!=NULL; domain = domain->next) { - if (dom_sid_equal(domain->info->sid, sid)) { - break; - } - if (dom_sid_in_domain(domain->info->sid, sid)) { - break; - } - } - return domain; -} - -struct wb_sid2domain_state { - struct wbsrv_service *service; - struct dom_sid sid; - - struct wbsrv_domain *domain; -}; - -static void wb_sid2domain_recv_dom_info(struct composite_context *ctx); -static void wb_sid2domain_recv_name(struct composite_context *ctx); -static void wb_sid2domain_recv_trusted_dom_info(struct composite_context *ctx); -static void wb_sid2domain_recv_init(struct composite_context *ctx); - -static struct tevent_req *_wb_sid2domain_send(TALLOC_CTX *mem_ctx, - struct tevent_context *ev, - struct wbsrv_service *service, - const struct dom_sid *sid) -{ - struct tevent_req *req; - struct wb_sid2domain_state *state; - struct composite_context *ctx; - - DEBUG(5, ("wb_sid2domain_send called\n")); - - req = tevent_req_create(mem_ctx, &state, - struct wb_sid2domain_state); - if (req == NULL) { - return NULL; - } - - state->service = service; - state->sid = *sid; - - state->domain = find_domain_from_sid(service, sid); - if (state->domain != NULL) { - tevent_req_done(req); - return tevent_req_post(req, ev); - } - - if (dom_sid_equal(service->primary_sid, sid) || - dom_sid_in_domain(service->primary_sid, sid)) { - ctx = wb_get_dom_info_send(state, service, - lpcfg_workgroup(service->task->lp_ctx), - lpcfg_realm(service->task->lp_ctx), - service->primary_sid); - if (tevent_req_nomem(ctx, req)) { - return tevent_req_post(req, ev); - } - ctx->async.fn = wb_sid2domain_recv_dom_info; - ctx->async.private_data = req; - - return req; - } - - if (dom_sid_equal(&global_sid_Builtin, sid) || - dom_sid_in_domain(&global_sid_Builtin, sid)) { - ctx = wb_get_dom_info_send(state, service, - "BUILTIN", NULL, - &global_sid_Builtin); - if (tevent_req_nomem(ctx, req)) { - return tevent_req_post(req, ev); - } - ctx->async.fn = wb_sid2domain_recv_dom_info; - ctx->async.private_data = req; - - return req; - } - - ctx = wb_cmd_lookupsid_send(state, service, &state->sid); - if (tevent_req_nomem(ctx, req)) { - return tevent_req_post(req, ev); - } - ctx->async.fn = wb_sid2domain_recv_name; - ctx->async.private_data = req; - - return req; -} - -static void wb_sid2domain_recv_dom_info(struct composite_context *ctx) -{ - struct tevent_req *req = - talloc_get_type_abort(ctx->async.private_data, - struct tevent_req); - struct wb_sid2domain_state *state = - tevent_req_data(req, - struct wb_sid2domain_state); - struct wb_dom_info *info; - NTSTATUS status; - - status = wb_get_dom_info_recv(ctx, state, &info); - if (tevent_req_nterror(req, status)) { - return; - } - - ctx = wb_init_domain_send(state, state->service, info); - if (tevent_req_nomem(ctx, req)) { - return; - } - ctx->async.fn = wb_sid2domain_recv_init; - ctx->async.private_data = req; -} - -static void wb_sid2domain_recv_name(struct composite_context *ctx) -{ - struct tevent_req *req = - talloc_get_type_abort(ctx->async.private_data, - struct tevent_req); - struct wb_sid2domain_state *state = - tevent_req_data(req, - struct wb_sid2domain_state); - struct wb_sid_object *name; - NTSTATUS status; - - status = wb_cmd_lookupsid_recv(ctx, state, &name); - if (tevent_req_nterror(req, status)) { - return; - } - - if (name->type == SID_NAME_UNKNOWN) { - tevent_req_nterror(req, NT_STATUS_NO_SUCH_DOMAIN); - return; - } - - if (name->type != SID_NAME_DOMAIN) { - state->sid.num_auths -= 1; - } - - ctx = wb_trusted_dom_info_send(state, state->service, name->domain, - &state->sid); - if (tevent_req_nomem(ctx, req)) { - return; - } - ctx->async.fn = wb_sid2domain_recv_trusted_dom_info; - ctx->async.private_data = req; -} - -static void wb_sid2domain_recv_trusted_dom_info(struct composite_context *ctx) -{ - struct tevent_req *req = - talloc_get_type_abort(ctx->async.private_data, - struct tevent_req); - struct wb_sid2domain_state *state = - tevent_req_data(req, - struct wb_sid2domain_state); - struct wb_dom_info *info; - NTSTATUS status; - - status = wb_trusted_dom_info_recv(ctx, state, &info); - if (tevent_req_nterror(req, status)) { - return; - } - - ctx = wb_init_domain_send(state, state->service, info); - if (tevent_req_nomem(ctx, req)) { - return; - } - ctx->async.fn = wb_sid2domain_recv_init; - ctx->async.private_data = req; -} - -static void wb_sid2domain_recv_init(struct composite_context *ctx) -{ - struct tevent_req *req = - talloc_get_type_abort(ctx->async.private_data, - struct tevent_req); - struct wb_sid2domain_state *state = - tevent_req_data(req, - struct wb_sid2domain_state); - struct wbsrv_domain *existing; - NTSTATUS status; - - status = wb_init_domain_recv(ctx, state, &state->domain); - if (tevent_req_nterror(req, status)) { - DEBUG(10, ("Could not init domain\n")); - return; - } - - existing = find_domain_from_sid(state->service, &state->sid); - if (existing != NULL) { - DEBUG(5, ("Initialized domain twice, dropping second one\n")); - talloc_free(state->domain); - state->domain = existing; - } else { - talloc_steal(state->service, state->domain); - DLIST_ADD(state->service->domains, state->domain); - } - - tevent_req_done(req); -} - -static NTSTATUS _wb_sid2domain_recv(struct tevent_req *req, - struct wbsrv_domain **result) -{ - struct wb_sid2domain_state *state = - tevent_req_data(req, - struct wb_sid2domain_state); - NTSTATUS status; - - if (tevent_req_is_nterror(req, &status)) { - tevent_req_received(req); - return status; - } - - *result = state->domain; - tevent_req_received(req); - return NT_STATUS_OK; -} - -struct sid2domain_state { - struct composite_context *ctx; - struct wbsrv_domain *domain; -}; - -static void sid2domain_recv_domain(struct tevent_req *subreq); - -struct composite_context *wb_sid2domain_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - const struct dom_sid *sid) -{ - struct composite_context *result; - struct sid2domain_state *state; - struct tevent_req *subreq; - - DEBUG(5, ("wb_sid2domain_send called\n")); - result = composite_create(mem_ctx, service->task->event_ctx); - if (result == NULL) goto failed; - - state = talloc(result, struct sid2domain_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - subreq = _wb_sid2domain_send(state, - result->event_ctx, - service, sid); - if (subreq == NULL) goto failed; - tevent_req_set_callback(subreq, sid2domain_recv_domain, state); - - return result; - - failed: - talloc_free(result); - return NULL; - -} - -static void sid2domain_recv_domain(struct tevent_req *subreq) -{ - struct sid2domain_state *state = - tevent_req_callback_data(subreq, - struct sid2domain_state); - - state->ctx->status = _wb_sid2domain_recv(subreq, &state->domain); - TALLOC_FREE(subreq); - if (!composite_is_ok(state->ctx)) return; - - composite_done(state->ctx); -} - -NTSTATUS wb_sid2domain_recv(struct composite_context *ctx, - struct wbsrv_domain **result) -{ - NTSTATUS status = composite_wait(ctx); - if (NT_STATUS_IS_OK(status)) { - struct sid2domain_state *state = - talloc_get_type(ctx->private_data, - struct sid2domain_state); - *result = state->domain; - } - talloc_free(ctx); - return status; -} - -NTSTATUS wb_sid2domain(TALLOC_CTX *mem_ctx, struct wbsrv_service *service, - const struct dom_sid *sid, - struct wbsrv_domain **result) -{ - struct composite_context *c = wb_sid2domain_send(mem_ctx, service, - sid); - return wb_sid2domain_recv(c, result); -} diff --git a/source4/winbind/wb_sid2gid.c b/source4/winbind/wb_sid2gid.c deleted file mode 100644 index e1061544d24..00000000000 --- a/source4/winbind/wb_sid2gid.c +++ /dev/null @@ -1,109 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Map a SID to a gid - - Copyright (C) 2007-2008 Kai Blin - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "libcli/security/security.h" - -struct sid2gid_state { - struct composite_context *ctx; - struct wbsrv_service *service; - gid_t gid; -}; - -static void sid2gid_recv_gid(struct composite_context *ctx); - -struct composite_context *wb_sid2gid_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, const struct dom_sid *sid) -{ - struct composite_context *result, *ctx; - struct sid2gid_state *state; - struct id_map *ids; - - DEBUG(5, ("wb_sid2gid_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct sid2gid_state); - if(composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - - ids = talloc(result, struct id_map); - if (composite_nomem(ids, result)) return result; - - ids->sid = dom_sid_dup(result, sid); - if (composite_nomem(ids->sid, result)) return result; - - ctx = wb_sids2xids_send(result, service, 1, ids); - if (composite_nomem(ctx, result)) return result; - - composite_continue(result, ctx, sid2gid_recv_gid, state); - return result; -} - -static void sid2gid_recv_gid(struct composite_context *ctx) -{ - struct sid2gid_state *state = talloc_get_type(ctx->async.private_data, - struct sid2gid_state); - - struct id_map *ids = NULL; - - state->ctx->status = wb_sids2xids_recv(ctx, &ids, NULL); - if (!composite_is_ok(state->ctx)) return; - - if (ids->status != ID_MAPPED) { - composite_error(state->ctx, NT_STATUS_UNSUCCESSFUL); - return; - } - - if (ids->xid.type == ID_TYPE_BOTH || - ids->xid.type == ID_TYPE_GID) { - state->gid = ids->xid.id; - composite_done(state->ctx); - return; - } else { - composite_error(state->ctx, NT_STATUS_INVALID_SID); - return; - } -} - -NTSTATUS wb_sid2gid_recv(struct composite_context *ctx, gid_t *gid) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_sid2gid_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct sid2gid_state *state = - talloc_get_type(ctx->private_data, - struct sid2gid_state); - *gid = state->gid; - } - talloc_free(ctx); - return status; -} - diff --git a/source4/winbind/wb_sid2uid.c b/source4/winbind/wb_sid2uid.c deleted file mode 100644 index 2b5fec53810..00000000000 --- a/source4/winbind/wb_sid2uid.c +++ /dev/null @@ -1,109 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Map a SID to a uid - - Copyright (C) 2007-2008 Kai Blin - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "libcli/security/security.h" - -struct sid2uid_state { - struct composite_context *ctx; - struct wbsrv_service *service; - uid_t uid; -}; - -static void sid2uid_recv_uid(struct composite_context *ctx); - -struct composite_context *wb_sid2uid_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, const struct dom_sid *sid) -{ - struct composite_context *result, *ctx; - struct sid2uid_state *state; - struct id_map *ids; - - DEBUG(5, ("wb_sid2uid_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct sid2uid_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - - ids = talloc(result, struct id_map); - if (composite_nomem(ids, result)) return result; - - ids->sid = dom_sid_dup(result, sid); - if (composite_nomem(ids->sid, result)) return result; - - ctx = wb_sids2xids_send(result, service, 1, ids); - if (composite_nomem(ctx, result)) return result; - - composite_continue(result, ctx, sid2uid_recv_uid, state); - return result; -} - -static void sid2uid_recv_uid(struct composite_context *ctx) -{ - struct sid2uid_state *state = talloc_get_type(ctx->async.private_data, - struct sid2uid_state); - - struct id_map *ids = NULL; - - state->ctx->status = wb_sids2xids_recv(ctx, &ids, NULL); - if (!composite_is_ok(state->ctx)) return; - - if (ids->status != ID_MAPPED) { - composite_error(state->ctx, NT_STATUS_UNSUCCESSFUL); - return; - } - - if (ids->xid.type == ID_TYPE_BOTH || - ids->xid.type == ID_TYPE_UID) { - state->uid = ids->xid.id; - composite_done(state->ctx); - return; - } else { - composite_error(state->ctx, NT_STATUS_INVALID_SID); - return; - } -} - -NTSTATUS wb_sid2uid_recv(struct composite_context *ctx, uid_t *uid) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_sid2uid_recv called\n")); - - if (NT_STATUS_IS_OK(status)) { - struct sid2uid_state *state = - talloc_get_type(ctx->private_data, - struct sid2uid_state); - *uid = state->uid; - } - talloc_free(ctx); - return status; -} - diff --git a/source4/winbind/wb_sids2xids.c b/source4/winbind/wb_sids2xids.c deleted file mode 100644 index 01ad64580b6..00000000000 --- a/source4/winbind/wb_sids2xids.c +++ /dev/null @@ -1,96 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Map SIDs to unixids. - - Copyright (C) 2008 Kai Blin - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -struct sids2xids_state { - struct composite_context *ctx; - struct wbsrv_service *service; - struct id_map *ids; - int count; -}; - -struct composite_context *wb_sids2xids_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - unsigned int count, struct id_map *ids) -{ - struct composite_context *result; - struct sids2xids_state *state; - struct id_map **pointer_array; - unsigned int i; - - DEBUG(5, ("wb_sids2xids_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct sids2xids_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - state->count = count; - state->ids = ids; - - /* We need to convert between calling conventions here - the - * values are filled in by reference, so we just need to - * provide pointers to them */ - pointer_array = talloc_array(state, struct id_map *, count+1); - if (composite_nomem(pointer_array, result)) return result; - - for (i=0; i < count; i++) { - pointer_array[i] = &ids[i]; - } - pointer_array[i] = NULL; - - state->ctx->status = idmap_sids_to_xids(service->idmap_ctx, mem_ctx, - pointer_array); - if (!composite_is_ok(state->ctx)) return result; - - composite_done(state->ctx); - return result; -} - -NTSTATUS wb_sids2xids_recv(struct composite_context *ctx, - struct id_map **ids, unsigned *count) -{ - NTSTATUS status = composite_wait(ctx); - struct sids2xids_state *state = talloc_get_type(ctx->private_data, - struct sids2xids_state); - - DEBUG(5, ("wb_sids2xids_recv called\n")); - - /* We don't have to mess with pointer_array on the way out, as - * the results are filled into the pointers the caller - * supplied */ - *ids = state->ids; - if (count != NULL) { - *count = state->count; - } - - talloc_free(ctx); - return status; -} - diff --git a/source4/winbind/wb_uid2sid.c b/source4/winbind/wb_uid2sid.c deleted file mode 100644 index 61b7704167e..00000000000 --- a/source4/winbind/wb_uid2sid.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Command backend for wbinfo -U - - Copyright (C) 2007-2008 Kai Blin - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -struct uid2sid_state { - struct composite_context *ctx; - struct wbsrv_service *service; - struct dom_sid *sid; -}; - -static void uid2sid_recv_sid(struct composite_context *ctx); - -struct composite_context *wb_uid2sid_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, uid_t uid) -{ - struct composite_context *result, *ctx; - struct uid2sid_state *state; - struct id_map *ids; - - DEBUG(5, ("wb_uid2sid_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(result, struct uid2sid_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - - ids = talloc(result, struct id_map); - if (composite_nomem(ids, result)) return result; - ids->sid = NULL; - ids->xid.id = uid; - ids->xid.type = ID_TYPE_UID; - - ctx = wb_xids2sids_send(result, service, 1, ids); - if (composite_nomem(ctx, result)) return result; - - composite_continue(result, ctx, uid2sid_recv_sid, state); - return result; -} - -static void uid2sid_recv_sid(struct composite_context *ctx) -{ - struct uid2sid_state *state = talloc_get_type(ctx->async.private_data, - struct uid2sid_state); - struct id_map *ids = NULL; - - state->ctx->status = wb_xids2sids_recv(ctx, &ids); - if (!composite_is_ok(state->ctx)) return; - - if (ids->status != ID_MAPPED) { - composite_error(state->ctx, NT_STATUS_UNSUCCESSFUL); - return; - } - - state->sid = ids->sid; - - composite_done(state->ctx); -} - -NTSTATUS wb_uid2sid_recv(struct composite_context *ctx, TALLOC_CTX *mem_ctx, - struct dom_sid **sid) -{ - NTSTATUS status = composite_wait(ctx); - - DEBUG(5, ("wb_uid2sid_recv called.\n")); - - if (NT_STATUS_IS_OK(status)) { - struct uid2sid_state *state = - talloc_get_type(ctx->private_data, - struct uid2sid_state); - *sid = talloc_steal(mem_ctx, state->sid); - } - talloc_free(ctx); - return status; -} - diff --git a/source4/winbind/wb_update_rodc_dns.c b/source4/winbind/wb_update_rodc_dns.c deleted file mode 100644 index bd29d7865c1..00000000000 --- a/source4/winbind/wb_update_rodc_dns.c +++ /dev/null @@ -1,233 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Do a netr_DsrUpdateReadOnlyServerDnsRecords to a remote DC - - Copyright (C) Andrew Bartlett 2010 - Copyright (C) Andrew Tridgell 2010 - - based heavily on wb_sam_logon.c which is copyright: - - Copyright (C) Volker Lendecke 2005 - Copyright (C) Andrew Bartlett 2005 - Copyright (C) Stefan Metzmacher 2006 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include <tevent.h> -#include "../lib/util/tevent_ntstatus.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" -#include "auth/credentials/credentials.h" -#include "libcli/auth/libcli_auth.h" -#include "librpc/gen_ndr/ndr_netlogon_c.h" -#include "librpc/gen_ndr/winbind.h" - -struct wb_update_rodc_dns_state { - struct tevent_context *ev; - - struct winbind_DsrUpdateReadOnlyServerDnsRecords *req; - - struct wbsrv_domain *domain; - struct tevent_queue_entry *queue_entry; - struct netlogon_creds_CredentialState *creds_state; - struct netr_Authenticator auth1, auth2; - - TALLOC_CTX *r_mem_ctx; - struct netr_DsrUpdateReadOnlyServerDnsRecords r; -}; - -static void wb_update_rodc_dns_recv_domain(struct composite_context *csubreq); -static void wb_sam_logon_queue_trigger(struct tevent_req *req, void *priv); -static void wb_update_rodc_dns_recv_response(struct tevent_req *subreq); - -/* - Find the connection to the DC (or find an existing connection) -*/ -struct tevent_req *wb_update_rodc_dns_send(TALLOC_CTX *mem_ctx, - struct tevent_context *ev, - struct wbsrv_service *service, - struct winbind_DsrUpdateReadOnlyServerDnsRecords *_req) -{ - struct tevent_req *req; - struct wb_update_rodc_dns_state *state; - struct composite_context *csubreq; - - req = tevent_req_create(mem_ctx, &state, - struct wb_update_rodc_dns_state); - if (req == NULL) { - return NULL; - } - state->ev = ev; - state->req = _req; - - csubreq = wb_sid2domain_send(state, service, service->primary_sid); - if (tevent_req_nomem(csubreq, req)) { - return tevent_req_post(req, ev); - } - csubreq->async.fn = wb_update_rodc_dns_recv_domain; - csubreq->async.private_data = req; - - return req; -} - -/* - Having finished making the connection to the DC - Send of a DsrUpdateReadOnlyServerDnsRecords request to authenticate a user. -*/ -static void wb_update_rodc_dns_recv_domain(struct composite_context *csubreq) -{ - struct tevent_req *req = - talloc_get_type_abort(csubreq->async.private_data, - struct tevent_req); - struct wb_update_rodc_dns_state *state = - tevent_req_data(req, - struct wb_update_rodc_dns_state); - NTSTATUS status; - struct tevent_queue_entry *e; - - status = wb_sid2domain_recv(csubreq, &state->domain); - if (tevent_req_nterror(req, status)) { - return; - } - - /* - * Because of the netlogon_creds behavior we have to - * queue the netr_LogonSamLogon() calls - */ - e = tevent_queue_add_entry(state->domain->netlogon_queue, - state->ev, - req, - wb_sam_logon_queue_trigger, - NULL); - state->queue_entry = e; -} - -static void wb_sam_logon_queue_trigger(struct tevent_req *req, void *priv) -{ - struct wb_update_rodc_dns_state *state = - tevent_req_data(req, - struct wb_update_rodc_dns_state); - struct wbsrv_domain *domain = state->domain; - struct tevent_req *subreq; - - state->creds_state = cli_credentials_get_netlogon_creds(domain->libnet_ctx->cred); - netlogon_creds_client_authenticator(state->creds_state, &state->auth1); - - state->r.in.server_name = talloc_asprintf(state, "\\\\%s", - dcerpc_server_name(domain->netlogon_pipe)); - if (tevent_req_nomem(state->r.in.server_name, req)) { - return; - } - - state->r.in.computer_name = cli_credentials_get_workstation(domain->libnet_ctx->cred); - state->r.in.credential = &state->auth1; - state->r.out.return_authenticator = &state->auth2; - state->r.in.site_name = state->req->in.site_name; - state->r.in.dns_ttl = state->req->in.dns_ttl; - state->r.in.dns_names = state->req->in.dns_names; - state->r.out.dns_names = state->req->in.dns_names; - - /* - * use a new talloc context for the DsrUpdateReadOnlyServerDnsRecords call - * because then we can just to a talloc_steal on this context - * in the final _recv() function to give the caller all the content of - * the s->r.out.dns_names - */ - state->r_mem_ctx = talloc_new(state); - if (tevent_req_nomem(state->r_mem_ctx, req)) { - return; - } - - subreq = dcerpc_netr_DsrUpdateReadOnlyServerDnsRecords_r_send(state, - state->ev, - domain->netlogon_pipe->binding_handle, - &state->r); - if (tevent_req_nomem(subreq, req)) { - return; - } - tevent_req_set_callback(subreq, wb_update_rodc_dns_recv_response, req); -} - -/* - NTLM Authentication - - Check the DsrUpdateReadOnlyServerDnsRecords reply and decrypt the session keys -*/ -static void wb_update_rodc_dns_recv_response(struct tevent_req *subreq) -{ - struct tevent_req *req = - tevent_req_callback_data(subreq, - struct tevent_req); - struct wb_update_rodc_dns_state *state = - tevent_req_data(req, - struct wb_update_rodc_dns_state); - NTSTATUS status; - bool ok; - - status = dcerpc_netr_DsrUpdateReadOnlyServerDnsRecords_r_recv(subreq, - state->r_mem_ctx); - TALLOC_FREE(subreq); - if (tevent_req_nterror(req, status)) { - return; - } - - if (tevent_req_nterror(req, state->r.out.result)) { - return; - } - - if (state->r.out.return_authenticator == NULL) { - tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED); - return; - } - - ok = netlogon_creds_client_check(state->creds_state, - &state->r.out.return_authenticator->cred); - if (!ok) { - DEBUG(0, ("Credentials check failed!\n")); - tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED); - return; - } - - /* - * we do not need the netlogon_creds lock anymore - */ - TALLOC_FREE(state->queue_entry); - - tevent_req_done(req); -} - -NTSTATUS wb_update_rodc_dns_recv(struct tevent_req *req, - TALLOC_CTX *mem_ctx, - struct winbind_DsrUpdateReadOnlyServerDnsRecords *_req) -{ - struct wb_update_rodc_dns_state *state = - tevent_req_data(req, - struct wb_update_rodc_dns_state); - NTSTATUS status; - - if (tevent_req_is_nterror(req, &status)) { - tevent_req_received(req); - return status; - } - - talloc_steal(mem_ctx, state->r_mem_ctx); - _req->out.dns_names = state->r.out.dns_names; - - tevent_req_received(req); - return NT_STATUS_OK; -} diff --git a/source4/winbind/wb_xids2sids.c b/source4/winbind/wb_xids2sids.c deleted file mode 100644 index aeec2ee5be6..00000000000 --- a/source4/winbind/wb_xids2sids.c +++ /dev/null @@ -1,93 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Convet an unixid struct to a SID - - Copyright (C) 2008 Kai Blin - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "libcli/composite/composite.h" -#include "winbind/wb_server.h" -#include "smbd/service_task.h" - -struct xids2sids_state { - struct composite_context *ctx; - struct wbsrv_service *service; - struct id_map *ids; - int count; -}; - -struct composite_context *wb_xids2sids_send(TALLOC_CTX *mem_ctx, - struct wbsrv_service *service, - unsigned int count, struct id_map *ids) -{ - struct composite_context *result; - struct xids2sids_state *state; - struct id_map **pointer_array; - unsigned int i; - - DEBUG(5, ("wb_xids2sids_send called\n")); - - result = composite_create(mem_ctx, service->task->event_ctx); - if (!result) return NULL; - - state = talloc(mem_ctx, struct xids2sids_state); - if (composite_nomem(state, result)) return result; - - state->ctx = result; - result->private_data = state; - state->service = service; - state->count = count; - state->ids = ids; - - /* We need to convert between calling conventions here - the - * values are filled in by reference, so we just need to - * provide pointers to them */ - pointer_array = talloc_array(state, struct id_map *, count+1); - if (composite_nomem(pointer_array, result)) return result; - - for (i=0; i < count; i++) { - pointer_array[i] = &ids[i]; - } - pointer_array[i] = NULL; - - state->ctx->status = idmap_xids_to_sids(service->idmap_ctx, mem_ctx, - pointer_array); - if (!composite_is_ok(state->ctx)) return result; - - composite_done(state->ctx); - return result; -} - -NTSTATUS wb_xids2sids_recv(struct composite_context *ctx, - struct id_map **ids) -{ - NTSTATUS status = composite_wait(ctx); - struct xids2sids_state *state = talloc_get_type(ctx->private_data, - struct xids2sids_state); - - DEBUG(5, ("wb_xids2sids_recv called.\n")); - - /* We don't have to mess with pointer_array on the way out, as - * the results are filled into the pointers the caller - * supplied */ - *ids = state->ids; - - talloc_free(ctx); - return status; -} - diff --git a/source4/winbind/winbindd.c b/source4/winbind/winbindd.c index d8b79eeb73a..80abd7a3105 100644 --- a/source4/winbind/winbindd.c +++ b/source4/winbind/winbindd.c @@ -90,5 +90,9 @@ NTSTATUS server_service_winbindd_init(void); NTSTATUS server_service_winbindd_init(void) { - return register_server_service("winbindd", winbindd_task_init); + NTSTATUS status = register_server_service("winbindd", winbindd_task_init); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + return register_server_service("winbind", winbindd_task_init); } diff --git a/source4/winbind/wscript_build b/source4/winbind/wscript_build index e6710ceb2e3..e242a6abcb7 100644 --- a/source4/winbind/wscript_build +++ b/source4/winbind/wscript_build @@ -1,15 +1,6 @@ #!/usr/bin/env python -bld.SAMBA_MODULE('service_winbind', - source='wb_server.c wb_irpc.c wb_samba3_protocol.c wb_samba3_cmd.c wb_init_domain.c wb_dom_info.c wb_dom_info_trusted.c wb_sid2domain.c wb_name2domain.c wb_sids2xids.c wb_xids2sids.c wb_gid2sid.c wb_sid2uid.c wb_sid2gid.c wb_uid2sid.c wb_connect_lsa.c wb_connect_sam.c wb_cmd_lookupname.c wb_cmd_lookupsid.c wb_cmd_getdcname.c wb_cmd_getgrnam.c wb_cmd_getgrgid.c wb_cmd_getpwnam.c wb_cmd_getpwuid.c wb_cmd_userdomgroups.c wb_cmd_usersids.c wb_cmd_list_groups.c wb_cmd_list_trustdom.c wb_cmd_list_users.c wb_cmd_setpwent.c wb_cmd_getpwent.c wb_cmd_getgrent.c wb_cmd_setgrent.c wb_cmd_getgroups.c wb_pam_auth.c wb_sam_logon.c wb_update_rodc_dns.c', - autoproto='wb_proto.h', - subsystem='service', - init_function='server_service_winbind_init', - deps='WB_HELPER IDMAP NDR_WINBIND process_model RPC_NDR_LSA dcerpc-samr PAM_ERRORS cli-ldap samba-net LIBSAMBA_TSOCKET', - internal_module=False, - ) - bld.SAMBA_MODULE('service_winbindd', source='winbindd.c', subsystem='service', |