The branch, master has been updated via f6f43c4 winbind: Remove unused WINBINDD_UID_TO_SID via 07b1344 nss_aix: Hack away WINBINDD_UID_TO_SID via f387124 winbind: Remove unused WINBINDD_GID_TO_SID via e8b5a97 selftest: "standard" process model for a few envs via 2b26522 libwbclient: Make source4/ use nsswitch/libwbclient via 148452b libwbclient: Use wbcCtxUnixIdsToSids in wbcCtxGidToSid via 1e4e215 libwbclient: Use wbcCtxUnixIdsToSids in wbcCtxUidToSid via ec94aa5 winbind: Remove unused WINBINDD_SID_TO_GID via 112998f winbind: Remove unused WINBINDD_SID_TO_UID via 122b1a3 libwbclient: Use wbcCtxSidsToUnixIds in wbcCtxSidToGid via fbbe017 libwbclient: Use wbcCtxSidsToUnixIds in wbcCtxSidToUid via eeb0f3b winbind: Remove unused wbint_Gid2Sid via e2dda19 winbind: Use xids2sids in getgrgid via b0f6adf winbind: Use xids2sids in gid2sid via 708df7e winbind: Remove unused wbint_Uid2Sid via 89f753c winbind: Use xids2sids in getpwuid via 05aa340 winbind: Use xids2sids in uid2sid via 182149e wbinfo: Add --unix-ids-to-sids via 171931c libwbclient: Implement wbc[Ctx]UnixIdsToSids via 5cd5ce7 winbind: Expose WINBINDD_XIDS_TO_SIDS externally via e50c1a6 winbind: Add parse_xidlist() via 5bb6600 winbind: Add wb_xids2sids via 24929ee winbind: Add wbint_UnixIDs2Sids via 4d5680e winbind: Simplify _wbint_Sids2UnixIDs via 2b1dd01 winbind: Make _wbint_Sids2UnixIDs single-domain via 9743be6 winbind: Remove a level of indirection from 6018a77 s3:rpc_server: make it possible to build mdssvc as a shared module
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit f6f43c496e535641e024afde8fa596e4cbf929b4 Author: Volker Lendecke <v...@samba.org> Date: Tue Feb 9 09:36:37 2016 +0100 winbind: Remove unused WINBINDD_UID_TO_SID Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> Autobuild-User(master): Ralph Böhme <s...@samba.org> Autobuild-Date(master): Mon Feb 22 23:39:13 CET 2016 on sn-devel-144 commit 07b134407c611f5e26be79c53b02cb97aa02002c Author: Volker Lendecke <v...@samba.org> Date: Tue Feb 9 09:42:28 2016 +0100 nss_aix: Hack away WINBINDD_UID_TO_SID To do a proper xids2sids conversion I need a build environment. Everyone who needs this and can build AIX please speak up! Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit f387124a0441a2e1dfe1a029dacc06792262a43b Author: Volker Lendecke <v...@samba.org> Date: Tue Feb 9 09:36:37 2016 +0100 winbind: Remove unused WINBINDD_GID_TO_SID Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit e8b5a979ab4b9ac2b70451092eeb7db9238be5ec Author: Volker Lendecke <v...@samba.org> Date: Wed Feb 17 11:58:43 2016 +0100 selftest: "standard" process model for a few envs This is needed as with source4/libcli/wbclient changed to nsswitch/libwbclient we don't have a nested event loop here anymore. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 2b26522e349803067bae004e4d37d2bca1a1b319 Author: Volker Lendecke <v...@samba.org> Date: Tue Feb 9 09:30:09 2016 +0100 libwbclient: Make source4/ use nsswitch/libwbclient Right now there's no async user of this, so I think it's okay to use the sync libwbclient. If we really get async libwbclient users, we need to put it there instead of calling the struct protocol directly. The code before this patch did not look at the _NO_WINBIND environment variable. So ignore it here too. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 148452b446e020537ac52e96f13a176f2e1c99d2 Author: Volker Lendecke <v...@samba.org> Date: Tue Feb 9 08:19:41 2016 +0100 libwbclient: Use wbcCtxUnixIdsToSids in wbcCtxGidToSid Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 1e4e215f2f2580b9e5946070f3b736e353cf5b78 Author: Volker Lendecke <v...@samba.org> Date: Tue Feb 9 08:17:40 2016 +0100 libwbclient: Use wbcCtxUnixIdsToSids in wbcCtxUidToSid Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit ec94aa543be1e11a3c3eb7260d29030218fc528f Author: Volker Lendecke <v...@samba.org> Date: Tue Feb 9 08:02:22 2016 +0100 winbind: Remove unused WINBINDD_SID_TO_GID Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 112998fffa63d17cf75b7d412e5498597744b561 Author: Volker Lendecke <v...@samba.org> Date: Tue Feb 9 08:02:22 2016 +0100 winbind: Remove unused WINBINDD_SID_TO_UID Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 122b1a3650fe9fd6d7cfd8f5497ccb09c6c99406 Author: Volker Lendecke <v...@samba.org> Date: Tue Feb 9 07:36:13 2016 +0100 libwbclient: Use wbcCtxSidsToUnixIds in wbcCtxSidToGid Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit fbbe01782096c8a3c47e1d5f4f5e01de047bf9e2 Author: Volker Lendecke <v...@samba.org> Date: Tue Feb 9 07:36:13 2016 +0100 libwbclient: Use wbcCtxSidsToUnixIds in wbcCtxSidToUid Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit eeb0f3b075bd85cd8a6f0ffdb1829e53a0ec5d20 Author: Volker Lendecke <v...@samba.org> Date: Mon Feb 8 17:43:58 2016 +0100 winbind: Remove unused wbint_Gid2Sid Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit e2dda192e7f8b65a5f02120be56cf0f07d03679f Author: Volker Lendecke <v...@samba.org> Date: Mon Feb 8 17:34:38 2016 +0100 winbind: Use xids2sids in getgrgid Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit b0f6adf35172065647f4ed62dce37114ce932397 Author: Volker Lendecke <v...@samba.org> Date: Mon Feb 8 17:34:38 2016 +0100 winbind: Use xids2sids in gid2sid Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 708df7e85c3a91b0848757e89d30e780eb07c9fc Author: Volker Lendecke <v...@samba.org> Date: Mon Feb 8 17:43:58 2016 +0100 winbind: Remove unused wbint_Uid2Sid Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 89f753c1fc824fef29aebb7d783ab7e09cd1f04e Author: Volker Lendecke <v...@samba.org> Date: Mon Feb 8 17:34:38 2016 +0100 winbind: Use xids2sids in getpwuid Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 05aa3406cb0738e094f84b25519a4122ef8d2017 Author: Volker Lendecke <v...@samba.org> Date: Mon Feb 8 17:34:38 2016 +0100 winbind: Use xids2sids in uid2sid Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 182149e9378694f66447886a309d57efcbd2d55c Author: Volker Lendecke <v...@samba.org> Date: Fri Aug 14 17:13:57 2015 +0200 wbinfo: Add --unix-ids-to-sids Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 171931cf7de4fcccf6d2e1e7b6520a44b21d21ee Author: Volker Lendecke <v...@samba.org> Date: Fri Aug 14 11:55:37 2015 +0200 libwbclient: Implement wbc[Ctx]UnixIdsToSids Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 5cd5ce70a14dc9a2c97532193f7a96aef53ba1a4 Author: Volker Lendecke <v...@samba.org> Date: Fri Aug 14 17:15:33 2015 +0200 winbind: Expose WINBINDD_XIDS_TO_SIDS externally Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit e50c1a66486a6885fe644bce351e83d7d716f57d Author: Volker Lendecke <v...@samba.org> Date: Fri Aug 14 17:14:53 2015 +0200 winbind: Add parse_xidlist() This will be part of parsing the socket protocols xids2sids request Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 5bb6600110b3eae997a1d5be2fa0089d52c829ab Author: Volker Lendecke <v...@samba.org> Date: Thu Aug 20 17:07:47 2015 +0200 winbind: Add wb_xids2sids Async wrapper around wbint_UnixIDs2Sids Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 24929ee08151da2c437e2949fd079141c45fe827 Author: Volker Lendecke <v...@samba.org> Date: Thu Aug 20 17:07:19 2015 +0200 winbind: Add wbint_UnixIDs2Sids The idmap backend function is doing multiple conversions in one run, but this is not used so far. First step in exposing plural xid2sid. This is a fake routine in that it does the one-element calls, but you have to start somewhere. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 4d5680e9ae531c6dc4d0a6687abe6293b5d4f4f2 Author: Volker Lendecke <v...@samba.org> Date: Tue Dec 29 21:33:20 2015 +0000 winbind: Simplify _wbint_Sids2UnixIDs Same number of lines, but from my point of view quite a bit simpler now that we only have to handle one domain. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 2b1dd01934b657afc4bdc3542ad887a3917ccbfd Author: Volker Lendecke <v...@samba.org> Date: Tue Dec 29 15:19:34 2015 +0000 winbind: Make _wbint_Sids2UnixIDs single-domain This is required to handle domain-specific error messages properly in the parent. Currently unused, but I want to handle DOMAIN_CONTROLLER_NOT_FOUND for the idmap_ad backend soon by doing a getdcname (RPC or ourselves or so) from the parent context. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 9743be68d7ffe255f207fa897ce22b839b6d4d81 Author: Volker Lendecke <v...@samba.org> Date: Tue Dec 29 11:59:54 2015 +0100 winbind: Remove a level of indirection idmap_doms does not need a talloc of its own Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> ----------------------------------------------------------------------- Summary of changes: librpc/idl/winbind.idl | 12 +- .../ABI/{wbclient-0.12.sigs => wbclient-0.13.sigs} | 2 + nsswitch/libwbclient/wbc_idmap.c | 217 +++++++---- nsswitch/libwbclient/wbclient.h | 9 +- nsswitch/libwbclient/wscript | 2 +- nsswitch/wbinfo.c | 77 ++++ nsswitch/winbind_nss_aix.c | 11 + nsswitch/winbind_struct_protocol.h | 12 +- selftest/target/Samba4.pm | 12 +- source3/winbindd/wb_gid2sid.c | 105 ----- source3/winbindd/wb_sids2xids.c | 118 +++++- source3/winbindd/wb_uid2sid.c | 105 ----- source3/winbindd/wb_xids2sids.c | 94 +++++ source3/winbindd/winbindd.c | 10 +- source3/winbindd/winbindd_dual_srv.c | 185 +++++---- source3/winbindd/winbindd_getgrgid.c | 15 +- source3/winbindd/winbindd_getpwuid.c | 19 +- source3/winbindd/winbindd_gid_to_sid.c | 87 ----- source3/winbindd/winbindd_proto.h | 24 +- source3/winbindd/winbindd_sid_to_gid.c | 109 ------ source3/winbindd/winbindd_sid_to_uid.c | 109 ------ source3/winbindd/winbindd_uid_to_sid.c | 87 ----- source3/winbindd/winbindd_util.c | 64 ++++ ...indd_sids_to_xids.c => winbindd_xids_to_sids.c} | 89 ++--- source3/wscript_build | 8 +- source4/libcli/wbclient/wbclient.c | 424 +++++---------------- source4/libcli/wbclient/wscript_build | 2 +- 27 files changed, 804 insertions(+), 1204 deletions(-) copy nsswitch/libwbclient/ABI/{wbclient-0.12.sigs => wbclient-0.13.sigs} (98%) delete mode 100644 source3/winbindd/wb_gid2sid.c delete mode 100644 source3/winbindd/wb_uid2sid.c create mode 100644 source3/winbindd/wb_xids2sids.c delete mode 100644 source3/winbindd/winbindd_gid_to_sid.c delete mode 100644 source3/winbindd/winbindd_sid_to_gid.c delete mode 100644 source3/winbindd/winbindd_sid_to_uid.c delete mode 100644 source3/winbindd/winbindd_uid_to_sid.c copy source3/winbindd/{winbindd_sids_to_xids.c => winbindd_xids_to_sids.c} (59%) Changeset truncated at 500 lines: diff --git a/librpc/idl/winbind.idl b/librpc/idl/winbind.idl index 07deb80..b1aed30 100644 --- a/librpc/idl/winbind.idl +++ b/librpc/idl/winbind.idl @@ -56,14 +56,10 @@ interface winbind [in,out] wbint_TransIDArray *ids ); - NTSTATUS wbint_Uid2Sid( - [in] hyper uid, - [out] dom_sid *sid - ); - - NTSTATUS wbint_Gid2Sid( - [in] hyper gid, - [out] dom_sid *sid + NTSTATUS wbint_UnixIDs2Sids( + [in] uint32 num_ids, + [in] unixid xids[num_ids], + [out] dom_sid sids[num_ids] ); NTSTATUS wbint_AllocateUid( diff --git a/nsswitch/libwbclient/ABI/wbclient-0.12.sigs b/nsswitch/libwbclient/ABI/wbclient-0.13.sigs similarity index 98% copy from nsswitch/libwbclient/ABI/wbclient-0.12.sigs copy to nsswitch/libwbclient/ABI/wbclient-0.13.sigs index 3b71917..b07a6a8 100644 --- a/nsswitch/libwbclient/ABI/wbclient-0.12.sigs +++ b/nsswitch/libwbclient/ABI/wbclient-0.13.sigs @@ -64,6 +64,7 @@ wbcCtxSidToGid: wbcErr (struct wbcContext *, const struct wbcDomainSid *, gid_t wbcCtxSidToUid: wbcErr (struct wbcContext *, const struct wbcDomainSid *, uid_t *) wbcCtxSidsToUnixIds: wbcErr (struct wbcContext *, const struct wbcDomainSid *, uint32_t, struct wbcUnixId *) wbcCtxUidToSid: wbcErr (struct wbcContext *, uid_t, struct wbcDomainSid *) +wbcCtxUnixIdsToSids: wbcErr (struct wbcContext *, const struct wbcUnixId *, uint32_t, struct wbcDomainSid *) wbcDcInfo: wbcErr (const char *, size_t *, const char ***, const char ***) wbcDomainInfo: wbcErr (const char *, struct wbcDomainInfo **) wbcEndgrent: wbcErr (void) @@ -128,3 +129,4 @@ wbcStrDup: char *(const char *) wbcStringToGuid: wbcErr (const char *, struct wbcGuid *) wbcStringToSid: wbcErr (const char *, struct wbcDomainSid *) wbcUidToSid: wbcErr (uid_t, struct wbcDomainSid *) +wbcUnixIdsToSids: wbcErr (const struct wbcUnixId *, uint32_t, struct wbcDomainSid *) diff --git a/nsswitch/libwbclient/wbc_idmap.c b/nsswitch/libwbclient/wbc_idmap.c index 3e8366a..f61efb9 100644 --- a/nsswitch/libwbclient/wbc_idmap.c +++ b/nsswitch/libwbclient/wbc_idmap.c @@ -29,32 +29,25 @@ wbcErr wbcCtxSidToUid(struct wbcContext *ctx, const struct wbcDomainSid *sid, uid_t *puid) { - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct wbcUnixId xid; + wbcErr wbc_status; if (!sid || !puid) { wbc_status = WBC_ERR_INVALID_PARAM; BAIL_ON_WBC_ERROR(wbc_status); } - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - wbcSidToStringBuf(sid, request.data.sid, sizeof(request.data.sid)); - - /* Make request */ - - wbc_status = wbcRequestResponse(ctx, WINBINDD_SID_TO_UID, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - *puid = response.data.uid; + wbc_status = wbcCtxSidsToUnixIds(ctx, sid, 1, &xid); + if (!WBC_ERROR_IS_OK(wbc_status)) { + goto done; + } - wbc_status = WBC_ERR_SUCCESS; + if ((xid.type == WBC_ID_TYPE_UID) || (xid.type == WBC_ID_TYPE_BOTH)) { + *puid = xid.id.uid; + wbc_status = WBC_ERR_SUCCESS; + } else { + wbc_status = WBC_ERR_DOMAIN_NOT_FOUND; + } done: return wbc_status; @@ -74,33 +67,30 @@ wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid, /* Convert a Unix uid to a Windows SID, allocating a SID if needed */ wbcErr wbcCtxUidToSid(struct wbcContext *ctx, uid_t uid, - struct wbcDomainSid *sid) + struct wbcDomainSid *psid) { - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_response response; + struct wbcUnixId xid; + struct wbcDomainSid sid; + struct wbcDomainSid null_sid = { 0 }; + wbcErr wbc_status; - if (!sid) { + if (!psid) { wbc_status = WBC_ERR_INVALID_PARAM; BAIL_ON_WBC_ERROR(wbc_status); } - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - request.data.uid = uid; - - /* Make request */ + xid = (struct wbcUnixId) { .type = WBC_ID_TYPE_UID, .id.uid = uid }; - wbc_status = wbcRequestResponse(ctx, WINBINDD_UID_TO_SID, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); + wbc_status = wbcCtxUnixIdsToSids(ctx, &xid, 1, &sid); + if (!WBC_ERROR_IS_OK(wbc_status)) { + goto done; + } - wbc_status = wbcStringToSid(response.data.sid.sid, sid); - BAIL_ON_WBC_ERROR(wbc_status); + if (memcmp(&sid, &null_sid, sizeof(sid)) != 0) { + *psid = sid; + } else { + wbc_status = WBC_ERR_DOMAIN_NOT_FOUND; + } done: return wbc_status; @@ -130,32 +120,25 @@ wbcErr wbcQueryUidToSid(uid_t uid, wbcErr wbcCtxSidToGid(struct wbcContext *ctx, const struct wbcDomainSid *sid, gid_t *pgid) { - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct wbcUnixId xid; + wbcErr wbc_status; if (!sid || !pgid) { wbc_status = WBC_ERR_INVALID_PARAM; BAIL_ON_WBC_ERROR(wbc_status); } - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - wbcSidToStringBuf(sid, request.data.sid, sizeof(request.data.sid)); - - /* Make request */ - - wbc_status = wbcRequestResponse(ctx, WINBINDD_SID_TO_GID, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - *pgid = response.data.gid; + wbc_status = wbcCtxSidsToUnixIds(ctx, sid, 1, &xid); + if (!WBC_ERROR_IS_OK(wbc_status)) { + goto done; + } - wbc_status = WBC_ERR_SUCCESS; + if ((xid.type == WBC_ID_TYPE_GID) || (xid.type == WBC_ID_TYPE_BOTH)) { + *pgid = xid.id.gid; + wbc_status = WBC_ERR_SUCCESS; + } else { + wbc_status = WBC_ERR_DOMAIN_NOT_FOUND; + } done: return wbc_status; @@ -177,33 +160,30 @@ wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid, /* Convert a Unix gid to a Windows SID, allocating a SID if needed */ wbcErr wbcCtxGidToSid(struct wbcContext *ctx, gid_t gid, - struct wbcDomainSid *sid) + struct wbcDomainSid *psid) { - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct wbcUnixId xid; + struct wbcDomainSid sid; + struct wbcDomainSid null_sid = { 0 }; + wbcErr wbc_status; - if (!sid) { + if (!psid) { wbc_status = WBC_ERR_INVALID_PARAM; BAIL_ON_WBC_ERROR(wbc_status); } - /* Initialize request */ + xid = (struct wbcUnixId) { .type = WBC_ID_TYPE_GID, .id.gid = gid }; - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - request.data.gid = gid; - - /* Make request */ - - wbc_status = wbcRequestResponse(ctx, WINBINDD_GID_TO_SID, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); + wbc_status = wbcCtxUnixIdsToSids(ctx, &xid, 1, &sid); + if (!WBC_ERROR_IS_OK(wbc_status)) { + goto done; + } - wbc_status = wbcStringToSid(response.data.sid.sid, sid); - BAIL_ON_WBC_ERROR(wbc_status); + if (memcmp(&sid, &null_sid, sizeof(sid)) != 0) { + *psid = sid; + } else { + wbc_status = WBC_ERR_DOMAIN_NOT_FOUND; + } done: return wbc_status; @@ -433,3 +413,88 @@ wbcErr wbcSidsToUnixIds(const struct wbcDomainSid *sids, uint32_t num_sids, { return wbcCtxSidsToUnixIds(NULL, sids, num_sids, ids); } + +wbcErr wbcCtxUnixIdsToSids(struct wbcContext *ctx, + const struct wbcUnixId *ids, uint32_t num_ids, + struct wbcDomainSid *sids) +{ + struct winbindd_request request; + struct winbindd_response response; + wbcErr wbc_status; + char *buf; + char *s; + size_t ofs, buflen; + uint32_t i; + + buflen = num_ids * (1 /* U/G */ + 10 /* 2^32 */ + 1 /* \n */) + 1; + buf = malloc(buflen); + if (buf == NULL) { + return WBC_ERR_NO_MEMORY; + } + + ofs = 0; + + for (i=0; i<num_ids; i++) { + const struct wbcUnixId *id = &ids[i]; + int len; + + switch (id->type) { + case WBC_ID_TYPE_UID: + len = snprintf(buf+ofs, buflen-ofs, "U%"PRIu32"\n", + (uint32_t)id->id.uid); + break; + case WBC_ID_TYPE_GID: + len = snprintf(buf+ofs, buflen-ofs, "G%"PRIu32"\n", + (uint32_t)id->id.gid); + break; + default: + free(buf); + return WBC_ERR_INVALID_PARAM; + } + + if (len + ofs >= buflen) { /* >= for the terminating '\0' */ + free(buf); + return WBC_ERR_UNKNOWN_FAILURE; + } + ofs += len; + } + + request = (struct winbindd_request) { + .extra_data.data = buf, .extra_len = ofs+1 + }; + response = (struct winbindd_response) {0}; + + wbc_status = wbcRequestResponse(ctx, WINBINDD_XIDS_TO_SIDS, + &request, &response); + free(buf); + if (!WBC_ERROR_IS_OK(wbc_status)) { + return wbc_status; + } + + s = response.extra_data.data; + for (i=0; i<num_ids; i++) { + char *n = strchr(s, '\n'); + + if (n == NULL) { + goto fail; + } + *n = '\0'; + + wbc_status = wbcStringToSid(s, &sids[i]); + if (!WBC_ERROR_IS_OK(wbc_status)) { + sids[i] = (struct wbcDomainSid) {0}; + } + s = n+1; + } + + wbc_status = WBC_ERR_SUCCESS; +fail: + winbindd_free_response(&response); + return wbc_status; +} + +wbcErr wbcUnixIdsToSids(const struct wbcUnixId *ids, uint32_t num_ids, + struct wbcDomainSid *sids) +{ + return wbcCtxUnixIdsToSids(NULL, ids, num_ids, sids); +} diff --git a/nsswitch/libwbclient/wbclient.h b/nsswitch/libwbclient/wbclient.h index adf8fe3..6ec8377 100644 --- a/nsswitch/libwbclient/wbclient.h +++ b/nsswitch/libwbclient/wbclient.h @@ -73,9 +73,10 @@ const char *wbcErrorString(wbcErr error); * 0.10: Added wbcPingDc2() * 0.11: Extended wbcAuthenticateUserEx to provide PAC parsing * 0.12: Added wbcCtxCreate and friends + * 0.13: Added wbcCtxUnixIdsToSids and wbcUnixIdsToSids **/ #define WBCLIENT_MAJOR_VERSION 0 -#define WBCLIENT_MINOR_VERSION 12 +#define WBCLIENT_MINOR_VERSION 13 #define WBCLIENT_VENDOR_VERSION "Samba libwbclient" struct wbcLibraryDetails { uint16_t major_version; @@ -1030,6 +1031,12 @@ wbcErr wbcCtxSidsToUnixIds(struct wbcContext *ctx, wbcErr wbcSidsToUnixIds(const struct wbcDomainSid *sids, uint32_t num_sids, struct wbcUnixId *ids); +wbcErr wbcCtxUnixIdsToSids(struct wbcContext *ctx, + const struct wbcUnixId *ids, uint32_t num_ids, + struct wbcDomainSid *sids); +wbcErr wbcUnixIdsToSids(const struct wbcUnixId *ids, uint32_t num_ids, + struct wbcDomainSid *sids); + /** * @brief Obtain a new uid from Winbind * diff --git a/nsswitch/libwbclient/wscript b/nsswitch/libwbclient/wscript index 8602c1c..5c5002a 100644 --- a/nsswitch/libwbclient/wscript +++ b/nsswitch/libwbclient/wscript @@ -3,7 +3,7 @@ import Options, Logs # Remember to also update wbclient.h -VERSION="0.12" +VERSION="0.13" # It may be useful at some point to allow Samba to build against a # system libwbclient, such as the one provided by Likewise. To to diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c index 330fa91..f7b5ace 100644 --- a/nsswitch/wbinfo.c +++ b/nsswitch/wbinfo.c @@ -1046,6 +1046,72 @@ static bool wbinfo_sids_to_unix_ids(const char *arg) return true; } +static bool wbinfo_xids_to_sids(const char *arg) +{ + fstring idstr; + struct wbcUnixId *xids = NULL; + struct wbcDomainSid *sids; + wbcErr wbc_status; + int num_xids = 0; + const char *p; + int i; + + p = arg; + + while (next_token(&p, idstr, LIST_SEP, sizeof(idstr))) { + xids = talloc_realloc(talloc_tos(), xids, struct wbcUnixId, + num_xids+1); + if (xids == NULL) { + d_fprintf(stderr, "talloc failed\n"); + return false; + } + + switch (idstr[0]) { + case 'u': + xids[num_xids] = (struct wbcUnixId) { + .type = WBC_ID_TYPE_UID, + .id.uid = atoi(&idstr[1]) + }; + break; + case 'g': + xids[num_xids] = (struct wbcUnixId) { + .type = WBC_ID_TYPE_GID, + .id.gid = atoi(&idstr[1]) + }; + break; + default: + d_fprintf(stderr, "%s is an invalid id\n", idstr); + TALLOC_FREE(xids); + return false; + } + num_xids += 1; + } + + sids = talloc_array(talloc_tos(), struct wbcDomainSid, num_xids); + if (sids == NULL) { + d_fprintf(stderr, "talloc failed\n"); + TALLOC_FREE(xids); + return false; + } + + wbc_status = wbcUnixIdsToSids(xids, num_xids, sids); + if (!WBC_ERROR_IS_OK(wbc_status)) { + d_fprintf(stderr, "wbcUnixIdsToSids failed: %s\n", + wbcErrorString(wbc_status)); + TALLOC_FREE(sids); + TALLOC_FREE(xids); + return false; + } + + for (i=0; i<num_xids; i++) { + char str[WBC_SID_STRING_BUFLEN]; + wbcSidToStringBuf(&sids[i], str, sizeof(str)); + d_printf("%s\n", str); + } + + return true; +} + static bool wbinfo_allocate_uid(void) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -2149,6 +2215,7 @@ enum { OPT_REMOVE_UID_MAPPING, OPT_REMOVE_GID_MAPPING, OPT_SIDS_TO_XIDS, + OPT_XIDS_TO_SIDS, OPT_SEPARATOR, OPT_LIST_ALL_DOMAINS, OPT_LIST_OWN_DOMAIN, @@ -2220,6 +2287,9 @@ int main(int argc, const char **argv, char **envp) { "remove-gid-mapping", 0, POPT_ARG_STRING, &string_arg, OPT_REMOVE_GID_MAPPING, "Remove gid to sid mapping in idmap", "GID,SID" }, { "sids-to-unix-ids", 0, POPT_ARG_STRING, &string_arg, OPT_SIDS_TO_XIDS, "Translate SIDs to Unix IDs", "Sid-List" }, + { "unix-ids-to-sids", 0, POPT_ARG_STRING, &string_arg, + OPT_XIDS_TO_SIDS, "Translate Unix IDs to SIDs", + "ID-List (u<num> g<num>)" }, { "check-secret", 't', POPT_ARG_NONE, 0, 't', "Check shared secret" }, { "change-secret", 'c', POPT_ARG_NONE, 0, 'c', "Change shared secret" }, { "ping-dc", 'P', POPT_ARG_NONE, 0, 'P', @@ -2476,6 +2546,13 @@ int main(int argc, const char **argv, char **envp) goto done; } break; + case OPT_XIDS_TO_SIDS: + if (!wbinfo_xids_to_sids(string_arg)) { + d_fprintf(stderr, "wbinfo_xids_to_sids " + "failed\n"); + goto done; + } + break; case 't': if (!wbinfo_check_secret(opt_domain_name)) { d_fprintf(stderr, "Could not check secret\n"); diff --git a/nsswitch/winbind_nss_aix.c b/nsswitch/winbind_nss_aix.c index 7a847b2..c5c223f 100644 --- a/nsswitch/winbind_nss_aix.c +++ b/nsswitch/winbind_nss_aix.c @@ -609,6 +609,14 @@ static attrval_t pwd_to_sid(struct passwd *pwd) request.data.uid = pwd->pw_uid; +#if 0 + /* + * Removed because WINBINDD_UID_TO_SID is replaced by + * WINBINDD_XIDS_TO_SIDS. I don't have an AIX build + * environment around, so I did not convert this call. If + * someone stumbles over this, please contact me: + * v...@samba.org, I'll convert this. + */ if (winbindd_request_response(NULL, WINBINDD_UID_TO_SID, &request, &response) != NSS_STATUS_SUCCESS) { @@ -617,6 +625,9 @@ static attrval_t pwd_to_sid(struct passwd *pwd) r.attr_flag = 0; r.attr_un.au_char = strdup(response.data.sid.sid); } -- Samba Shared Repository