From ce1b4d4c309e4a60bec5a53224585bd504264672 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 26 Jan 2002 09:55:38 +0000 Subject: Change the winbind interface to use seperate 'domain' and 'username' feilds for the sid->uid and uid->sid conversions. Remove some duplicate arguments from these funcitons, and update the request/response structures for this and the 'winbind domain name' feature. As such 'winbindd_lookup_name' now takes both a domain and username. --- source/nsswitch/wb_client.c | 138 ++------------------------------------- source/nsswitch/wbinfo.c | 28 +++++++- source/nsswitch/winbindd.c | 1 + source/nsswitch/winbindd_group.c | 4 +- source/nsswitch/winbindd_nss.h | 12 +++- source/nsswitch/winbindd_proto.h | 2 +- source/nsswitch/winbindd_sid.c | 17 +++-- source/nsswitch/winbindd_user.c | 2 +- source/nsswitch/winbindd_util.c | 1 - 9 files changed, 56 insertions(+), 149 deletions(-) diff --git a/source/nsswitch/wb_client.c b/source/nsswitch/wb_client.c index 04734c7f8e5..df2a1c1f6ef 100644 --- a/source/nsswitch/wb_client.c +++ b/source/nsswitch/wb_client.c @@ -30,52 +30,9 @@ NSS_STATUS winbindd_request(int req_type, struct winbindd_request *request, struct winbindd_response *response); -/* Copy of parse_domain_user from winbindd_util.c. Parse a string of the - form DOMAIN/user into a domain and a user */ -extern fstring global_myworkgroup; - -static BOOL parse_domain_user(const char *domuser, fstring domain, fstring user) -{ - char *p = strchr(domuser,*lp_winbind_separator()); - - if (!(p || lp_winbind_use_default_domain())) - return False; - - if(!p && lp_winbind_use_default_domain()) { - fstrcpy(user, domuser); - fstrcpy(domain, global_myworkgroup); - } else { - fstrcpy(user, p+1); - fstrcpy(domain, domuser); - domain[PTR_DIFF(p, domuser)] = 0; - } - strupper(domain); - return True; -} - -/* - Fill DOMAIN\\USERNAME entry accounting 'winbind use default domain' and - 'winbind separator' options. - This means: - - omit DOMAIN when 'winbind use default domain = true' and DOMAIN is - global_myworkgroup - -*/ -static void fill_domain_username(fstring name, const char *domain, const char *user) -{ - if(lp_winbind_use_default_domain() && - !strcmp(global_myworkgroup, domain)) { - strlcpy(name, user, sizeof(fstring)); - } else { - slprintf(name, sizeof(fstring) - 1, "%s%s%s", - domain, lp_winbind_separator(), - user); - } -} - /* Call winbindd to convert a name to a sid */ -BOOL winbind_lookup_name(const char *name, DOM_SID *sid, +BOOL winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, enum SID_NAME_USE *name_type) { struct winbindd_request request; @@ -85,20 +42,13 @@ BOOL winbind_lookup_name(const char *name, DOM_SID *sid, if (!sid || !name_type) return False; - /* - * Don't do the lookup if the name has no separator _and_ we are not in - * 'winbind use default domain' mode. - */ - - if (!(strchr(name, *lp_winbind_separator()) || lp_winbind_use_default_domain())) - return False; - /* Send off request */ ZERO_STRUCT(request); ZERO_STRUCT(response); - fstrcpy(request.data.name, name); + fstrcpy(request.data.name.dom_name, dom_name); + fstrcpy(request.data.name.name, name); if ((result = winbindd_request(WINBINDD_LOOKUPNAME, &request, &response)) == NSS_STATUS_SUCCESS) { @@ -111,7 +61,8 @@ BOOL winbind_lookup_name(const char *name, DOM_SID *sid, /* Call winbindd to convert sid to name */ -BOOL winbind_lookup_sid(DOM_SID *sid, fstring dom_name, fstring name, +BOOL winbind_lookup_sid(DOM_SID *sid, + fstring dom_name, fstring name, enum SID_NAME_USE *name_type) { struct winbindd_request request; @@ -134,7 +85,8 @@ BOOL winbind_lookup_sid(DOM_SID *sid, fstring dom_name, fstring name, /* Copy out result */ if (result == NSS_STATUS_SUCCESS) { - parse_domain_user(response.data.name.name, dom_name, name); + fstrcpy(dom_name, response.data.name.dom_name); + fstrcpy(name, response.data.name.name); *name_type = (enum SID_NAME_USE)response.data.name.type; DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n", @@ -426,79 +378,3 @@ int winbind_getgroups(const char *user, int size, gid_t *list) SAFE_FREE(groups); return result; } - -/* Utility function. Convert a uid_t to a name if possible. */ - -BOOL winbind_uidtoname(fstring name, uid_t uid) -{ - DOM_SID sid; - fstring dom_name; - fstring user_name; - enum SID_NAME_USE name_type; - - if (!winbind_uid_to_sid(&sid, uid)) - return False; - if (!winbind_lookup_sid(&sid, dom_name, user_name, &name_type)) - return False; - - if (name_type != SID_NAME_USER) - return False; - - fill_domain_username(name, dom_name, user_name); - - return True; -} - -/* Utility function. Convert a gid_t to a name if possible. */ - -BOOL winbind_gidtoname(fstring name, gid_t gid) -{ - DOM_SID sid; - fstring dom_name; - fstring group_name; - enum SID_NAME_USE name_type; - - if (!winbind_gid_to_sid(&sid, gid)) - return False; - if (!winbind_lookup_sid(&sid, dom_name, group_name, &name_type)) - return False; - - if (name_type != SID_NAME_DOM_GRP) - return False; - - fill_domain_username(name, dom_name, group_name); - - return True; -} - -/* Utility function. Convert a name to a uid_t if possible. */ - -BOOL winbind_nametouid(uid_t *puid, const char *name) -{ - DOM_SID sid; - enum SID_NAME_USE name_type; - - if (!winbind_lookup_name(name, &sid, &name_type)) - return False; - - if (name_type != SID_NAME_USER) - return False; - - return winbind_sid_to_uid(puid, &sid); -} - -/* Utility function. Convert a name to a gid_t if possible. */ - -BOOL winbind_nametogid(gid_t *pgid, const char *gname) -{ - DOM_SID g_sid; - enum SID_NAME_USE name_type; - - if (!winbind_lookup_name(gname, &g_sid, &name_type)) - return False; - - if (name_type != SID_NAME_DOM_GRP) - return False; - - return winbind_sid_to_gid(pgid, &g_sid); -} diff --git a/source/nsswitch/wbinfo.c b/source/nsswitch/wbinfo.c index 35d85fe1861..d2f923b9a4c 100644 --- a/source/nsswitch/wbinfo.c +++ b/source/nsswitch/wbinfo.c @@ -58,6 +58,27 @@ static char get_winbind_separator(void) } +static char *get_winbind_domain(void) +{ + struct winbindd_response response; + static fstring winbind_domain; + + ZERO_STRUCT(response); + + /* Send off request */ + + if (winbindd_request(WINBINDD_DOMAIN_NAME, NULL, &response) != + NSS_STATUS_SUCCESS) { + printf("could not obtain winbind domain name!\n"); + exit(1); + } + + fstrcpy(winbind_domain, response.data.domain_name); + + return winbind_domain; + +} + /* Copy of parse_domain_user from winbindd_util.c. Parse a string of the form DOMAIN/user into a domain and a user */ @@ -68,7 +89,7 @@ static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, fstrin if (!p) { fstrcpy(user, domuser); - domain[0]=0; + fstrcpy(domain, get_winbind_domain()); return True; } @@ -282,7 +303,7 @@ static BOOL wbinfo_lookupsid(char *sid) /* Display response */ - printf("%s %d\n", response.data.name.name, response.data.name.type); + printf("[%s]\\[%s] %d\n", response.data.name.dom_name, response.data.name.name, response.data.name.type); return True; } @@ -299,7 +320,8 @@ static BOOL wbinfo_lookupname(char *name) ZERO_STRUCT(request); ZERO_STRUCT(response); - fstrcpy(request.data.name, name); + parse_wbinfo_domain_user(name, request.data.name.dom_name, request.data.name.name); + if (winbindd_request(WINBINDD_LOOKUPNAME, &request, &response) != NSS_STATUS_SUCCESS) { return False; diff --git a/source/nsswitch/winbindd.c b/source/nsswitch/winbindd.c index 39a95bc724d..7c87d438bd9 100644 --- a/source/nsswitch/winbindd.c +++ b/source/nsswitch/winbindd.c @@ -250,6 +250,7 @@ static struct dispatch_table dispatch_table[] = { { WINBINDD_PING, winbindd_ping, "PING" }, { WINBINDD_INFO, winbindd_info, "INFO" }, { WINBINDD_INTERFACE_VERSION, winbindd_interface_version, "INTERFACE_VERSION" }, + { WINBINDD_DOMAIN_NAME, winbindd_domain_name, "DOMAIN_NAME" }, /* End of list */ diff --git a/source/nsswitch/winbindd_group.c b/source/nsswitch/winbindd_group.c index 9ef942a95d8..2412b12d713 100644 --- a/source/nsswitch/winbindd_group.c +++ b/source/nsswitch/winbindd_group.c @@ -215,7 +215,7 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state) /* Get rid and name type from name */ - if (!winbindd_lookup_sid_by_name(domain, name_domain, name_group, &group_sid, + if (!winbindd_lookup_sid_by_name(domain, name_group, &group_sid, &name_type)) { DEBUG(1, ("group %s in domain %s does not exist\n", name_group, name_domain)); @@ -792,7 +792,7 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) /* Get rid and name type from name. The following costs 1 packet */ - if (!winbindd_lookup_sid_by_name(domain, name_domain, name_user, &user_sid, + if (!winbindd_lookup_sid_by_name(domain, name_user, &user_sid, &name_type)) { DEBUG(1, ("user '%s' does not exist\n", name_user)); goto done; diff --git a/source/nsswitch/winbindd_nss.h b/source/nsswitch/winbindd_nss.h index a88b1209abf..5ab4f4d7c54 100644 --- a/source/nsswitch/winbindd_nss.h +++ b/source/nsswitch/winbindd_nss.h @@ -37,7 +37,7 @@ /* Update this when you change the interface. */ -#define WINBIND_INTERFACE_VERSION 2 +#define WINBIND_INTERFACE_VERSION 3 /* Socket commands */ @@ -91,6 +91,7 @@ enum winbindd_cmd { WINBINDD_CHECK_MACHACC, /* Check machine account pw works */ WINBINDD_PING, /* Just tell me winbind is running */ WINBINDD_INFO, /* Various bit of info. Currently just tidbits */ + WINBINDD_DOMAIN_NAME, /* The domain this winbind server is a member of (lp_workgroup()) */ /* Placeholder for end of cmd list */ @@ -128,7 +129,10 @@ struct winbindd_request { fstring newpass; } chauthtok; /* pam_winbind passwd module */ fstring sid; /* lookupsid, sid_to_[ug]id */ - fstring name; /* lookupname */ + struct { + fstring dom_name; /* lookupname */ + fstring name; + } name; uint32 num_entries; /* getpwent, getgrent */ } data; fstring domain; /* {set,get,end}{pw,gr}ent() */ @@ -183,7 +187,8 @@ struct winbindd_response { int type; } sid; struct winbindd_name { - fstring name; /* lookupsid */ + fstring dom_name; /* lookupsid */ + fstring name; int type; } name; uid_t uid; /* sid_to_uid */ @@ -192,6 +197,7 @@ struct winbindd_response { char winbind_separator; fstring samba_version; } info; + fstring domain_name; } data; /* Variable length return data */ diff --git a/source/nsswitch/winbindd_proto.h b/source/nsswitch/winbindd_proto.h index 1823efaa9fd..4c355d11b0e 100644 --- a/source/nsswitch/winbindd_proto.h +++ b/source/nsswitch/winbindd_proto.h @@ -73,6 +73,7 @@ enum winbindd_result winbindd_ping(struct winbindd_cli_state *state); enum winbindd_result winbindd_info(struct winbindd_cli_state *state); enum winbindd_result winbindd_interface_version(struct winbindd_cli_state *state); +enum winbindd_result winbindd_domain_name(struct winbindd_cli_state *state); /* The following definitions come from nsswitch/winbindd_pam.c */ @@ -109,7 +110,6 @@ BOOL init_domain_list(void); struct winbindd_domain *find_domain_from_name(char *domain_name); struct winbindd_domain *find_domain_from_sid(DOM_SID *sid); BOOL winbindd_lookup_sid_by_name(struct winbindd_domain *domain, - const char *dom_name, const char *name, DOM_SID *sid, enum SID_NAME_USE *type); BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, diff --git a/source/nsswitch/winbindd_sid.c b/source/nsswitch/winbindd_sid.c index 34318a633d2..5c225703bac 100644 --- a/source/nsswitch/winbindd_sid.c +++ b/source/nsswitch/winbindd_sid.c @@ -57,7 +57,9 @@ enum winbindd_result winbindd_lookupsid(struct winbindd_cli_state *state) return WINBINDD_ERROR; } - fill_domain_username(state->response.data.name.name, dom_name, name); + fstrcpy(state->response.data.name.dom_name, dom_name); + fstrcpy(state->response.data.name.name, name); + state->response.data.name.type = type; return WINBINDD_OK; @@ -68,14 +70,15 @@ enum winbindd_result winbindd_lookupsid(struct winbindd_cli_state *state) enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state) { enum SID_NAME_USE type; - fstring sid_str, name_domain, name_user; + fstring sid_str; + char *name_domain, *name_user; DOM_SID sid; struct winbindd_domain *domain; - DEBUG(3, ("[%5d]: lookupname %s\n", state->pid, - state->request.data.name)); + DEBUG(3, ("[%5d]: lookupname [%s]\\[%s]\n", state->pid, + state->request.data.name.dom_name, state->request.data.name.name)); - if (!parse_domain_user(state->request.data.name, name_domain, name_user)) - return WINBINDD_ERROR; + name_domain = state->request.data.name.dom_name; + name_user = state->request.data.name.name; if ((domain = find_domain_from_name(name_domain)) == NULL) { DEBUG(0, ("could not find domain entry for domain %s\n", @@ -84,7 +87,7 @@ enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state) } /* Lookup name from PDC using lsa_lookup_names() */ - if (!winbindd_lookup_sid_by_name(domain, name_domain, name_user, &sid, &type)) { + if (!winbindd_lookup_sid_by_name(domain, name_user, &sid, &type)) { return WINBINDD_ERROR; } diff --git a/source/nsswitch/winbindd_user.c b/source/nsswitch/winbindd_user.c index f2fe50034a2..222c844024a 100644 --- a/source/nsswitch/winbindd_user.c +++ b/source/nsswitch/winbindd_user.c @@ -117,7 +117,7 @@ enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state) /* Get rid and name type from name */ - if (!winbindd_lookup_sid_by_name(domain, name_domain, name_user, &user_sid, &name_type)) { + if (!winbindd_lookup_sid_by_name(domain, name_user, &user_sid, &name_type)) { DEBUG(1, ("user '%s' does not exist\n", name_user)); return WINBINDD_ERROR; } diff --git a/source/nsswitch/winbindd_util.c b/source/nsswitch/winbindd_util.c index ad362ff8a6e..a06091d6a29 100644 --- a/source/nsswitch/winbindd_util.c +++ b/source/nsswitch/winbindd_util.c @@ -216,7 +216,6 @@ struct winbindd_domain *find_domain_from_sid(DOM_SID *sid) /* Lookup a sid in a domain from a name */ BOOL winbindd_lookup_sid_by_name(struct winbindd_domain *domain, - const char *dom_name, const char *name, DOM_SID *sid, enum SID_NAME_USE *type) { -- cgit