summaryrefslogtreecommitdiffstats
path: root/source3/nsswitch/winbindd_sid.c
diff options
context:
space:
mode:
authorTim Potter <tpot@samba.org>2001-05-07 05:03:40 +0000
committerTim Potter <tpot@samba.org>2001-05-07 05:03:40 +0000
commitebb900cf3ed9cf7627f1bbe724fb1e9c1e35e057 (patch)
treea21102514f5877e1fca9986db809eb957356a79a /source3/nsswitch/winbindd_sid.c
parenta36f9250e7c9446f3eece6d8db29fcbde99256fb (diff)
downloadsamba-ebb900cf3ed9cf7627f1bbe724fb1e9c1e35e057.tar.gz
samba-ebb900cf3ed9cf7627f1bbe724fb1e9c1e35e057.tar.xz
samba-ebb900cf3ed9cf7627f1bbe724fb1e9c1e35e057.zip
iAdditional files for winbind merge.
(This used to be commit 38ab3b31b5dc39fb59f224b399bb9c2269f1c933)
Diffstat (limited to 'source3/nsswitch/winbindd_sid.c')
-rw-r--r--source3/nsswitch/winbindd_sid.c244
1 files changed, 244 insertions, 0 deletions
diff --git a/source3/nsswitch/winbindd_sid.c b/source3/nsswitch/winbindd_sid.c
new file mode 100644
index 0000000000..bc014f2691
--- /dev/null
+++ b/source3/nsswitch/winbindd_sid.c
@@ -0,0 +1,244 @@
+/*
+ Unix SMB/Netbios implementation.
+ Version 2.0
+
+ Winbind daemon - sid related functions
+
+ Copyright (C) Tim Potter 2000
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "winbindd.h"
+#include "sids.h"
+
+/* Convert a string */
+
+enum winbindd_result winbindd_lookupsid(struct winbindd_cli_state *state)
+{
+ extern DOM_SID global_sid_Builtin;
+ enum SID_NAME_USE type;
+ DOM_SID sid, tmp_sid;
+ uint32 rid;
+ fstring name;
+
+ DEBUG(3, ("[%5d]: lookupsid %s\n", state->pid,
+ state->request.data.sid));
+
+ /* Lookup sid from PDC using lsa_lookup_sids() */
+
+ string_to_sid(&sid, state->request.data.sid);
+
+ /* Don't look up BUILTIN sids */
+
+ sid_copy(&tmp_sid, &sid);
+ sid_split_rid(&tmp_sid, &rid);
+
+ if (sid_equal(&tmp_sid, &global_sid_Builtin)) {
+ return WINBINDD_ERROR;
+ }
+
+ /* Lookup the sid */
+
+ if (!winbindd_lookup_name_by_sid(&sid, name, &type)) {
+ return WINBINDD_ERROR;
+ }
+
+ string_sub(name, "\\", lp_winbind_separator(), sizeof(fstring));
+ fstrcpy(state->response.data.name.name, name);
+ state->response.data.name.type = type;
+
+ return WINBINDD_OK;
+}
+
+/* Convert a sid to a string */
+
+enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state)
+{
+ enum SID_NAME_USE type;
+ fstring sid_str, name_domain, name_user, name;
+ DOM_SID sid;
+
+ DEBUG(3, ("[%5d]: lookupname %s\n", state->pid,
+ state->request.data.name));
+
+ parse_domain_user(state->request.data.name, name_domain, name_user);
+
+ snprintf(name, sizeof(name), "%s\\%s", name_domain, name_user);
+
+ /* Lookup name from PDC using lsa_lookup_names() */
+
+ if (!winbindd_lookup_sid_by_name(name, &sid, &type)) {
+ return WINBINDD_ERROR;
+ }
+
+ sid_to_string(sid_str, &sid);
+ fstrcpy(state->response.data.sid.sid, sid_str);
+ state->response.data.sid.type = type;
+
+ return WINBINDD_OK;
+}
+
+/* Convert a sid to a uid. We assume we only have one rid attached to the
+ sid. */
+
+enum winbindd_result winbindd_sid_to_uid(struct winbindd_cli_state *state)
+{
+ DOM_SID sid;
+ uint32 user_rid;
+ struct winbindd_domain *domain;
+
+ DEBUG(3, ("[%5d]: sid to uid %s\n", state->pid,
+ state->request.data.sid));
+
+ /* Split sid into domain sid and user rid */
+
+ string_to_sid(&sid, state->request.data.sid);
+ sid_split_rid(&sid, &user_rid);
+
+ /* Find domain this sid belongs to */
+
+ if ((domain = find_domain_from_sid(&sid)) == NULL) {
+ fstring sid_str;
+
+ sid_to_string(sid_str, &sid);
+ DEBUG(1, ("Could not find domain for sid %s\n", sid_str));
+ return WINBINDD_ERROR;
+ }
+
+ /* Find uid for this sid and return it */
+
+ if (!winbindd_idmap_get_uid_from_rid(domain->name, user_rid,
+ &state->response.data.uid)) {
+ DEBUG(1, ("Could not get uid for sid %s\n",
+ state->request.data.sid));
+ return WINBINDD_ERROR;
+ }
+
+ return WINBINDD_OK;
+}
+
+/* Convert a sid to a gid. We assume we only have one rid attached to the
+ sid.*/
+
+enum winbindd_result winbindd_sid_to_gid(struct winbindd_cli_state *state)
+{
+ DOM_SID sid;
+ uint32 group_rid;
+ struct winbindd_domain *domain;
+
+ DEBUG(3, ("[%5d]: sid to gid %s\n", state->pid,
+ state->request.data.sid));
+
+ /* Split sid into domain sid and user rid */
+
+ string_to_sid(&sid, state->request.data.sid);
+ sid_split_rid(&sid, &group_rid);
+
+ /* Find domain this sid belongs to */
+
+ if ((domain = find_domain_from_sid(&sid)) == NULL) {
+ fstring sid_str;
+
+ sid_to_string(sid_str, &sid);
+ DEBUG(1, ("Could not find domain for sid %s\n", sid_str));
+ return WINBINDD_ERROR;
+ }
+
+ /* Find uid for this sid and return it */
+
+ if (!winbindd_idmap_get_gid_from_rid(domain->name, group_rid,
+ &state->response.data.gid)) {
+ DEBUG(1, ("Could not get gid for sid %s\n",
+ state->request.data.sid));
+ return WINBINDD_ERROR;
+ }
+
+ return WINBINDD_OK;
+}
+
+/* Convert a uid to a sid */
+
+enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state)
+{
+ struct winbindd_domain *domain;
+ uint32 user_rid;
+ DOM_SID sid;
+
+ /* Bug out if the uid isn't in the winbind range */
+
+ if ((state->request.data.uid < server_state.uid_low ) ||
+ (state->request.data.uid > server_state.uid_high)) {
+ return WINBINDD_ERROR;
+ }
+
+ DEBUG(3, ("[%5d]: uid to sid %d\n", state->pid,
+ state->request.data.uid));
+
+ /* Lookup rid for this uid */
+
+ if (!winbindd_idmap_get_rid_from_uid(state->request.data.uid,
+ &user_rid, &domain)) {
+ DEBUG(1, ("Could not convert uid %d to rid\n",
+ state->request.data.uid));
+ return WINBINDD_ERROR;
+ }
+
+ /* Construct sid and return it */
+
+ sid_copy(&sid, &domain->sid);
+ sid_append_rid(&sid, user_rid);
+ sid_to_string(state->response.data.sid.sid, &sid);
+ state->response.data.sid.type = SID_NAME_USER;
+
+ return WINBINDD_OK;
+}
+
+/* Convert a gid to a sid */
+
+enum winbindd_result winbindd_gid_to_sid(struct winbindd_cli_state *state)
+{
+ struct winbindd_domain *domain;
+ uint32 group_rid;
+ DOM_SID sid;
+
+ /* Bug out if the gid isn't in the winbind range */
+
+ if ((state->request.data.gid < server_state.gid_low) ||
+ (state->request.data.gid > server_state.gid_high)) {
+ return WINBINDD_ERROR;
+ }
+
+ DEBUG(3, ("[%5d]: gid to sid %d\n", state->pid,
+ state->request.data.gid));
+
+ /* Lookup rid for this uid */
+
+ if (!winbindd_idmap_get_rid_from_gid(state->request.data.gid,
+ &group_rid, &domain)) {
+ DEBUG(1, ("Could not convert gid %d to rid\n",
+ state->request.data.gid));
+ return WINBINDD_ERROR;
+ }
+
+ /* Construct sid and return it */
+
+ sid_copy(&sid, &domain->sid);
+ sid_append_rid(&sid, group_rid);
+ sid_to_string(state->response.data.sid.sid, &sid);
+ state->response.data.sid.type = SID_NAME_DOM_GRP;
+
+ return WINBINDD_OK;
+}