pdb_interface.c

samba-3.0.22.tar.gz 编译smb服务器的源码

	/* We only look at our own sam, so don't care about imported stuff */

	winbind_off();

	if ((grp = getgrgid(gid)) == NULL) {
		winbind_on();
		return False;
	}

	/* Primary group members */

	userlist = getpwent_list();

	for (user = userlist; user != NULL; user = user->next) {
		if (user->pw_gid != gid)
			continue;
		add_uid_to_array_unique(mem_ctx, user->pw_uid, pp_uids, p_num);
	}

	pwent_free(userlist);

	/* Secondary group members */

	for (gr = grp->gr_mem; (*gr != NULL) && ((*gr)[0] != '\0'); gr += 1) {
		struct passwd *pw = getpwnam(*gr);

		if (pw == NULL)
			continue;
		add_uid_to_array_unique(mem_ctx, pw->pw_uid, pp_uids, p_num);
	}

	winbind_on();

	return True;
}

NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
					TALLOC_CTX *mem_ctx,
					const DOM_SID *group,
					uint32 **pp_member_rids,
					size_t *p_num_members)
{
	gid_t gid;
	uid_t *uids;
	size_t i, num_uids;

	*pp_member_rids = NULL;
	*p_num_members = 0;

	if (!NT_STATUS_IS_OK(sid_to_gid(group, &gid)))
		return NT_STATUS_NO_SUCH_GROUP;

	if(!get_memberuids(mem_ctx, gid, &uids, &num_uids))
		return NT_STATUS_NO_SUCH_GROUP;

	if (num_uids == 0)
		return NT_STATUS_OK;

	*pp_member_rids = TALLOC_ZERO_ARRAY(mem_ctx, uint32, num_uids);

	for (i=0; i<num_uids; i++) {
		DOM_SID sid;

		if (!NT_STATUS_IS_OK(uid_to_sid(&sid, uids[i]))) {
			DEBUG(1, ("Could not map member uid to SID\n"));
			continue;
		}

		if (!sid_check_is_in_our_domain(&sid)) {
			DEBUG(1, ("Inconsistent SAM -- group member uid not "
				  "in our domain\n"));
			continue;
		}

		sid_peek_rid(&sid, &(*pp_member_rids)[*p_num_members]);
		*p_num_members += 1;
	}

	return NT_STATUS_OK;
}

NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
				 const DOM_SID *domain_sid,
				 int num_rids,
				 uint32 *rids,
				 const char **names,
				 uint32 *attrs)
{
	int i;
	NTSTATUS result;
	BOOL have_mapped = False;
	BOOL have_unmapped = False;

	if (sid_check_is_builtin(domain_sid)) {

		for (i=0; i<num_rids; i++) {
			fstring name;

			if (lookup_builtin_rid(rids[i], name)) {
				attrs[i] = SID_NAME_ALIAS;
				names[i] = talloc_strdup(names, name);
				if (names[i] == NULL) {
					return NT_STATUS_NO_MEMORY;
				}
				DEBUG(5,("lookup_rids: %s:%d\n",
					 names[i], attrs[i]));
				have_mapped = True;
			} else {
				have_unmapped = True;
				attrs[i] = SID_NAME_UNKNOWN;
			}
		}
		goto done;
	}

	/* Should not happen, but better check once too many */
	if (!sid_check_is_domain(domain_sid)) {
		return NT_STATUS_INVALID_HANDLE;
	}

	for (i = 0; i < num_rids; i++) {
		fstring tmpname;
   		enum SID_NAME_USE type;

		if (lookup_global_sam_rid(rids[i], tmpname, &type)) {
			attrs[i] = (uint32)type;
			names[i] = talloc_strdup(names, tmpname);
			if (names[i] == NULL)
				return NT_STATUS_NO_MEMORY;
			DEBUG(5,("lookup_rids: %s:%d\n", names[i], attrs[i]));
			have_mapped = True;
		} else {
			have_unmapped = True;
			attrs[i] = SID_NAME_UNKNOWN;
		}
	}

 done:

	result = NT_STATUS_NONE_MAPPED;

	if (have_mapped)
		result = have_unmapped ? STATUS_SOME_UNMAPPED : NT_STATUS_OK;

	return result;
}

static struct pdb_search *pdb_search_init(enum pdb_search_type type)
{
	TALLOC_CTX *mem_ctx;
	struct pdb_search *result;

	mem_ctx = talloc_init("pdb_search");
	if (mem_ctx == NULL) {
		DEBUG(0, ("talloc_init failed\n"));
		return NULL;
	}

	result = TALLOC_P(mem_ctx, struct pdb_search);
	if (result == NULL) {
		DEBUG(0, ("talloc failed\n"));
		return NULL;
	}

	result->mem_ctx = mem_ctx;
	result->type = type;
	result->cache = NULL;
	result->num_entries = 0;
	result->cache_size = 0;
	result->search_ended = False;

	/* Segfault appropriately if not initialized */
	result->next_entry = NULL;
	result->search_end = NULL;

	return result;
}

static void fill_displayentry(TALLOC_CTX *mem_ctx, uint32 rid,
			      uint16 acct_flags,
			      const char *account_name,
			      const char *fullname,
			      const char *description,
			      struct samr_displayentry *entry)
{
	entry->rid = rid;
	entry->acct_flags = acct_flags;

	if (account_name != NULL)
		entry->account_name = talloc_strdup(mem_ctx, account_name);
	else
		entry->account_name = "";

	if (fullname != NULL)
		entry->fullname = talloc_strdup(mem_ctx, fullname);
	else
		entry->fullname = "";

	if (description != NULL)
		entry->description = talloc_strdup(mem_ctx, description);
	else
		entry->description = "";
}

static BOOL user_search_in_progress = False;
struct user_search {
	uint16 acct_flags;
};

static BOOL next_entry_users(struct pdb_search *s,
			     struct samr_displayentry *entry)
{
	struct user_search *state = s->private_data;
	SAM_ACCOUNT *user = NULL;
	NTSTATUS status;

 next:
	status = pdb_init_sam(&user);
	if (!NT_STATUS_IS_OK(status)) {
		DEBUG(0, ("Could not pdb_init_sam\n"));
		return False;
	}

	if (!pdb_getsampwent(user)) {
		pdb_free_sam(&user);
		return False;
	}

 	if ((state->acct_flags != 0) &&
	    ((pdb_get_acct_ctrl(user) & state->acct_flags) == 0)) {
		pdb_free_sam(&user);
		goto next;
	}

	fill_displayentry(s->mem_ctx, pdb_get_user_rid(user),
			  pdb_get_acct_ctrl(user), pdb_get_username(user),
			  pdb_get_fullname(user), pdb_get_acct_desc(user),
			  entry);

	pdb_free_sam(&user);
	return True;
}

static void search_end_users(struct pdb_search *search)
{
	pdb_endsampwent();
	user_search_in_progress = False;
}

static BOOL pdb_default_search_users(struct pdb_methods *methods,
				     struct pdb_search *search,
				     uint16 acct_flags)
{
	struct user_search *state;

	if (user_search_in_progress) {
		DEBUG(1, ("user search in progress\n"));
		return False;
	}

	if (!pdb_setsampwent(False, acct_flags)) {
		DEBUG(5, ("Could not start search\n"));
		return False;
	}

	user_search_in_progress = True;

	state = TALLOC_P(search->mem_ctx, struct user_search);
	if (state == NULL) {
		DEBUG(0, ("talloc failed\n"));
		return False;
	}

	state->acct_flags = acct_flags;

	search->private_data = state;
	search->next_entry = next_entry_users;
	search->search_end = search_end_users;
	return True;
}

struct group_search {
	GROUP_MAP *groups;
	size_t num_groups, current_group;
};

static BOOL next_entry_groups(struct pdb_search *s,
			      struct samr_displayentry *entry)
{
	struct group_search *state = s->private_data;
	uint32 rid;
	GROUP_MAP *map = &state->groups[state->current_group];

	if (state->current_group == state->num_groups)
		return False;

	sid_peek_rid(&map->sid, &rid);

	fill_displayentry(s->mem_ctx, rid, 0, map->nt_name, NULL, map->comment,
			  entry);

	state->current_group += 1;
	return True;
}

static void search_end_groups(struct pdb_search *search)
{
	struct group_search *state = search->private_data;
	SAFE_FREE(state->groups);
}

static BOOL pdb_search_grouptype(struct pdb_search *search,
				 enum SID_NAME_USE type)
{
	struct group_search *state;

	state = TALLOC_P(search->mem_ctx, struct group_search);
	if (state == NULL) {
		DEBUG(0, ("talloc failed\n"));
		return False;
	}

	if (!pdb_enum_group_mapping(type, &state->groups, &state->num_groups,
				    True)) {
		DEBUG(0, ("Could not enum groups\n"));
		return False;
	}

	state->current_group = 0;
	search->private_data = state;
	search->next_entry = next_entry_groups;
	search->search_end = search_end_groups;
	return True;
}

static BOOL pdb_default_search_groups(struct pdb_methods *methods,
				      struct pdb_search *search)
{
	return pdb_search_grouptype(search, SID_NAME_DOM_GRP);
}

static BOOL pdb_default_search_aliases(struct pdb_methods *methods,
				       struct pdb_search *search,
				       const DOM_SID *sid)
{

	if (sid_equal(sid, get_global_sam_sid()))
		return pdb_search_grouptype(search, SID_NAME_ALIAS);

	if (sid_equal(sid, &global_sid_Builtin))
		return pdb_search_grouptype(search, SID_NAME_WKN_GRP);

	DEBUG(3, ("unknown domain sid: %s\n", sid_string_static(sid)));
	return False;
}

static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
						     uint32 idx)
{
	if (idx < search->num_entries)
		return &search->cache[idx];

	if (search->search_ended)
		return NULL;

	while (idx >= search->num_entries) {
		struct samr_displayentry entry;

		if (!search->next_entry(search, &entry)) {
			search->search_end(search);
			search->search_ended = True;
			break;
		}

		ADD_TO_LARGE_ARRAY(search->mem_ctx, struct samr_displayentry,
				   entry, &search->cache, &search->num_entries,
				   &search->cache_size);
	}

	return (search->num_entries > idx) ? &search->cache[idx] : NULL;
}

struct pdb_search *pdb_search_users(uint16 acct_flags)
{
	struct pdb_context *pdb_context = pdb_get_static_context(False);
	struct pdb_search *result;

	if (pdb_context == NULL) return NULL;

	result = pdb_search_init(PDB_USER_SEARCH);
	if (result == NULL) return NULL;

	if (!pdb_context->pdb_search_users(pdb_context, result, acct_flags)) {
		talloc_destroy(result->mem_ctx);
		return NULL;
	}
	return result;
}

struct pdb_search *pdb_search_groups(void)
{
	struct pdb_context *pdb_context = pdb_get_static_context(False);
	struct pdb_search *result;

	if (pdb_context == NULL) return NULL;

	result = pdb_search_init(PDB_GROUP_SEARCH);
	if (result == NULL) return NULL;

	if (!pdb_context->pdb_search_groups(pdb_context, result)) {
		talloc_destroy(result->mem_ctx);
		return NULL;
	}
	return result;
}

struct pdb_search *pdb_search_aliases(const DOM_SID *sid)
{
	struct pdb_context *pdb_context = pdb_get_static_context(False);
	struct pdb_search *result;

	if (pdb_context == NULL) return NULL;

	result = pdb_search_init(PDB_ALIAS_SEARCH);
	if (result == NULL) return NULL;

	if (!pdb_context->pdb_search_aliases(pdb_context, result, sid)) {
		talloc_destroy(result->mem_ctx);
		return NULL;
	}
	return result;
}

uint32 pdb_search_entries(struct pdb_search *search,
			  uint32 start_idx, uint32 max_entries,
			  struct samr_displayentry **result)
{
	struct samr_displayentry *end_entry;
	uint32 end_idx = start_idx+max_entries-1;

	/* The first entry needs to be searched after the last. Otherwise the
	 * first entry might have moved due to a realloc during the search for
	 * the last entry. */

	end_entry = pdb_search_getentry(search, end_idx);
	*result = pdb_search_getentry(search, start_idx);

	if (end_entry != NULL)
		return max_entries;

	if (start_idx >= search->num_entries)
		return 0;

	return search->num_entries - start_idx;
}

void pdb_search_destroy(struct pdb_search *search)
{
	if (search == NULL)
		return;

	if (!search->search_ended)
		search->search_end(search);

	talloc_destroy(search->mem_ctx);
}

NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) 
{
	*methods = TALLOC_P(mem_ctx, struct pdb_methods);

	if (!*methods) {
		return NT_STATUS_NO_MEMORY;
	}

	ZERO_STRUCTP(*methods);

	(*methods)->setsampwent = pdb_default_setsampwent;
	(*methods)->endsampwent = pdb_default_endsampwent;
	(*methods)->getsampwent = pdb_default_getsampwent;
	(*methods)->getsampwnam = pdb_default_getsampwnam;
	(*methods)->getsampwsid = pdb_default_getsampwsid;
	(*methods)->add_sam_account = pdb_default_add_sam_account;
	(*methods)->update_sam_account = pdb_default_update_sam_account;
	(*methods)->delete_sam_account = pdb_default_delete_sam_account;
	(*methods)->rename_sam_account = pdb_default_rename_sam_account;
	(*methods)->update_login_attempts = pdb_default_update_login_attempts;

	(*methods)->getgrsid = pdb_default_getgrsid;
	(*methods)->getgrgid = pdb_default_getgrgid;
	(*methods)->getgrnam = pdb_default_getgrnam;
	(*methods)->add_group_mapping_entry = pdb_default_add_group_mapping_entry;
	(*methods)->update_group_mapping_entry = pdb_default_update_group_mapping_entry;
	(*methods)->delete_group_mapping_entry = pdb_default_delete_group_mapping_entry;
	(*methods)->enum_group_mapping = pdb_default_enum_group_mapping;
	(*methods)->enum_group_members = pdb_default_enum_group_members;
	(*methods)->enum_group_memberships = pdb_default_enum_group_memberships;
	(*methods)->find_alias = pdb_default_find_alias;
	(*methods)->create_alias = pdb_default_create_alias;
	(*methods)->delete_alias = pdb_default_delete_alias;
	(*methods)->get_aliasinfo = pdb_default_get_aliasinfo;
	(*methods)->set_aliasinfo = pdb_default_set_aliasinfo;
	(*methods)->add_aliasmem = pdb_default_add_aliasmem;
	(*methods)->del_aliasmem = pdb_default_del_aliasmem;
	(*methods)->enum_aliasmem = pdb_default_enum_aliasmem;
	(*methods)->enum_alias_memberships = pdb_default_alias_memberships;
	(*methods)->lookup_rids = pdb_default_lookup_rids;
	(*methods)->get_account_policy = pdb_default_get_account_policy;
	(*methods)->set_account_policy = pdb_default_set_account_policy;
	(*methods)->get_seq_num = pdb_default_get_seq_num;

	(*methods)->search_users = pdb_default_search_users;
	(*methods)->search_groups = pdb_default_search_groups;
	(*methods)->search_aliases = pdb_default_search_aliases;

	return NT_STATUS_OK;
}