winbindd_async.c

来自「samba-3.0.22.tar.gz 编译smb服务器的源码」· C语言 代码 · 共 1,441 行 · 第 1/3 页

			     void *private_data)
{
	struct winbindd_domain *domain;
	struct winbindd_request request;
	struct gettoken_state *state;

	state = TALLOC_P(mem_ctx, struct gettoken_state);
	if (state == NULL) {
		DEBUG(0, ("talloc failed\n"));
		cont(private_data, False, NULL, 0);
		return;
	}

	state->mem_ctx = mem_ctx;
	sid_copy(&state->user_sid, user_sid);
	state->alias_domain = find_our_domain();
	state->builtin_domain = find_builtin_domain();
	state->cont = cont;
	state->private_data = private_data;

	domain = find_domain_from_sid_noinit(user_sid);
	if (domain == NULL) {
		DEBUG(5, ("Could not find domain from SID %s\n",
			  sid_string_static(user_sid)));
		cont(private_data, False, NULL, 0);
		return;
	}

	ZERO_STRUCT(request);
	request.cmd = WINBINDD_GETUSERDOMGROUPS;
	fstrcpy(request.data.sid, sid_string_static(user_sid));

	do_async_domain(mem_ctx, domain, &request, gettoken_recvdomgroups,
			NULL, state);
}

static void gettoken_recvdomgroups(TALLOC_CTX *mem_ctx, BOOL success,
				   struct winbindd_response *response,
				   void *c, void *private_data)
{
	struct gettoken_state *state =
		talloc_get_type_abort(private_data, struct gettoken_state);
	char *sids_str;
	
	if (!success) {
		DEBUG(10, ("Could not get domain groups\n"));
		state->cont(state->private_data, False, NULL, 0);
		return;
	}

	sids_str = response->extra_data;

	if (sids_str == NULL) {
		DEBUG(10, ("Received no domain groups\n"));
		state->cont(state->private_data, True, NULL, 0);
		return;
	}

	state->sids = NULL;
	state->num_sids = 0;

	add_sid_to_array(mem_ctx, &state->user_sid, &state->sids,
			 &state->num_sids);

	if (!parse_sidlist(mem_ctx, sids_str, &state->sids,
			   &state->num_sids)) {
		DEBUG(0, ("Could not parse sids\n"));
		state->cont(state->private_data, False, NULL, 0);
		return;
	}

	SAFE_FREE(response->extra_data);

	if (state->alias_domain == NULL) {
		DEBUG(10, ("Don't expand domain local groups\n"));
		state->cont(state->private_data, True, state->sids,
			    state->num_sids);
		return;
	}

	winbindd_getsidaliases_async(state->alias_domain, mem_ctx,
				     state->sids, state->num_sids,
				     gettoken_recvaliases, state);
}

static void gettoken_recvaliases(void *private_data, BOOL success,
				 const DOM_SID *aliases,
				 size_t num_aliases)
{
	struct gettoken_state *state = private_data;
	size_t i;

	if (!success) {
		DEBUG(10, ("Could not receive domain local groups\n"));
		state->cont(state->private_data, False, NULL, 0);
		return;
	}

	for (i=0; i<num_aliases; i++)
		add_sid_to_array(state->mem_ctx, &aliases[i],
				 &state->sids, &state->num_sids);

	if (state->builtin_domain != NULL) {
		struct winbindd_domain *builtin_domain = state->builtin_domain;
		DEBUG(10, ("Expanding our own local groups\n"));
		state->builtin_domain = NULL;
		winbindd_getsidaliases_async(builtin_domain, state->mem_ctx,
					     state->sids, state->num_sids,
					     gettoken_recvaliases, state);
		return;
	}

	state->cont(state->private_data, True, state->sids, state->num_sids);
}

struct sid2uid_state {
	TALLOC_CTX *mem_ctx;
	DOM_SID sid;
	char *username;
	uid_t uid;
	void (*cont)(void *private_data, BOOL success, uid_t uid);
	void *private_data;
};

static void sid2uid_lookup_sid_recv(void *private_data, BOOL success,
				    const char *dom_name, const char *name,
				    enum SID_NAME_USE type);
static void sid2uid_noalloc_recv(void *private_data, BOOL success, uid_t uid);
static void sid2uid_alloc_recv(void *private_data, BOOL success, uid_t uid);
static void sid2uid_name2uid_recv(void *private_data, BOOL success, uid_t uid);
static void sid2uid_set_mapping_recv(void *private_data, BOOL success);

void winbindd_sid2uid_async(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
			    void (*cont)(void *private_data, BOOL success,
					 uid_t uid),
			    void *private_data)
{
	struct sid2uid_state *state;
	NTSTATUS result;
	uid_t uid;

	if (idmap_proxyonly()) {
		DEBUG(10, ("idmap proxy only\n"));
		cont(private_data, False, 0);
		return;
	}

	/* Query only the local tdb, everything else might possibly block */

	result = idmap_sid_to_uid(sid, &uid, ID_QUERY_ONLY|ID_CACHE_ONLY);

	if (NT_STATUS_IS_OK(result)) {
		cont(private_data, True, uid);
		return;
	}

	state = TALLOC_P(mem_ctx, struct sid2uid_state);
	if (state == NULL) {
		DEBUG(0, ("talloc failed\n"));
		cont(private_data, False, 0);
		return;
	}

	state->mem_ctx = mem_ctx;
	state->sid = *sid;
	state->cont = cont;
	state->private_data = private_data;

	/* Let's see if it's really a user before allocating a uid */

	winbindd_lookupsid_async(mem_ctx, sid, sid2uid_lookup_sid_recv, state);
}

static void sid2uid_lookup_sid_recv(void *private_data, BOOL success,
				    const char *dom_name, const char *name,
				    enum SID_NAME_USE type)
{
	struct sid2uid_state *state =
		talloc_get_type_abort(private_data, struct sid2uid_state);

	if (!success) {
		DEBUG(5, ("Could not trigger lookup_sid\n"));
		state->cont(state->private_data, False, 0);
		return;
	}

	if ((type != SID_NAME_USER) && (type != SID_NAME_COMPUTER)) {
		DEBUG(5, ("SID is not a user\n"));
		state->cont(state->private_data, False, 0);
		return;
	}

	state->username = talloc_strdup(state->mem_ctx, name);

	/* Ask the possibly blocking remote IDMAP */

	idmap_sid2uid_async(state->mem_ctx, &state->sid, False,
			    sid2uid_noalloc_recv, state);
}

static void sid2uid_noalloc_recv(void *private_data, BOOL success, uid_t uid)
{
	struct sid2uid_state *state =
		talloc_get_type_abort(private_data, struct sid2uid_state);

	if (success) {
		DEBUG(10, ("found uid for sid %s in remote backend\n",
			   sid_string_static(&state->sid)));
		state->cont(state->private_data, True, uid);
		return;
	}

	if (lp_winbind_trusted_domains_only() && 
	    (sid_compare_domain(&state->sid, &find_our_domain()->sid) == 0)) {
		DEBUG(10, ("Trying to go via nss\n"));
		winbindd_name2uid_async(state->mem_ctx, state->username,
					sid2uid_name2uid_recv, state);
		return;
	}

	/* To be done: Here we're going to try the unixinfo pipe */

	/* Now allocate a uid */

	idmap_sid2uid_async(state->mem_ctx, &state->sid, True,
			    sid2uid_alloc_recv, state);
}

static void sid2uid_alloc_recv(void *private_data, BOOL success, uid_t uid)
{
	struct sid2uid_state *state =
		talloc_get_type_abort(private_data, struct sid2uid_state);

	if (!success) {
		DEBUG(5, ("Could not allocate uid\n"));
		state->cont(state->private_data, False, 0);
		return;
	}

	state->cont(state->private_data, True, uid);
}

static void sid2uid_name2uid_recv(void *private_data, BOOL success, uid_t uid)
{
	struct sid2uid_state *state =
		talloc_get_type_abort(private_data, struct sid2uid_state);
	unid_t id;

	if (!success) {
		DEBUG(5, ("Could not find uid for name %s\n",
			  state->username));
		state->cont(state->private_data, False, 0);
		return;
	}

	state->uid = uid;

	id.uid = uid;
	idmap_set_mapping_async(state->mem_ctx, &state->sid, id, ID_USERID,
				sid2uid_set_mapping_recv, state);
}

static void sid2uid_set_mapping_recv(void *private_data, BOOL success)
{
	struct sid2uid_state *state =
		talloc_get_type_abort(private_data, struct sid2uid_state);

	if (!success) {
		DEBUG(5, ("Could not set ID mapping for sid %s\n",
			  sid_string_static(&state->sid)));
		state->cont(state->private_data, False, 0);
		return;
	}

	state->cont(state->private_data, True, state->uid);
}

struct sid2gid_state {
	TALLOC_CTX *mem_ctx;
	DOM_SID sid;
	char *groupname;
	gid_t gid;
	void (*cont)(void *private_data, BOOL success, gid_t gid);
	void *private_data;
};

static void sid2gid_lookup_sid_recv(void *private_data, BOOL success,
				    const char *dom_name, const char *name,
				    enum SID_NAME_USE type);
static void sid2gid_noalloc_recv(void *private_data, BOOL success, gid_t gid);
static void sid2gid_alloc_recv(void *private_data, BOOL success, gid_t gid);
static void sid2gid_name2gid_recv(void *private_data, BOOL success, gid_t gid);
static void sid2gid_set_mapping_recv(void *private_data, BOOL success);

void winbindd_sid2gid_async(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
			    void (*cont)(void *private_data, BOOL success,
					 gid_t gid),
			    void *private_data)
{
	struct sid2gid_state *state;
	NTSTATUS result;
	gid_t gid;

	if (idmap_proxyonly()) {
		DEBUG(10, ("idmap proxy only\n"));
		cont(private_data, False, 0);
		return;
	}

	/* Query only the local tdb, everything else might possibly block */

	result = idmap_sid_to_gid(sid, &gid, ID_QUERY_ONLY|ID_CACHE_ONLY);

	if (NT_STATUS_IS_OK(result)) {
		cont(private_data, True, gid);
		return;
	}

	state = TALLOC_P(mem_ctx, struct sid2gid_state);
	if (state == NULL) {
		DEBUG(0, ("talloc failed\n"));
		cont(private_data, False, 0);
		return;
	}

	state->mem_ctx = mem_ctx;
	state->sid = *sid;
	state->cont = cont;
	state->private_data = private_data;

	/* Let's see if it's really a user before allocating a gid */

	winbindd_lookupsid_async(mem_ctx, sid, sid2gid_lookup_sid_recv, state);
}

static void sid2gid_lookup_sid_recv(void *private_data, BOOL success,
				    const char *dom_name, const char *name,
				    enum SID_NAME_USE type)
{
	struct sid2gid_state *state =
		talloc_get_type_abort(private_data, struct sid2gid_state);

	if (!success) {
		DEBUG(5, ("Could not trigger lookup_sid\n"));
		state->cont(state->private_data, False, 0);
		return;
	}

	if (((type != SID_NAME_DOM_GRP) && (type != SID_NAME_ALIAS) &&
	     (type != SID_NAME_WKN_GRP))) {
		DEBUG(5, ("SID is not a group\n"));
		state->cont(state->private_data, False, 0);
		return;
	}

	state->groupname = talloc_strdup(state->mem_ctx, name);

	/* Ask the possibly blocking remote IDMAP and allocate  */

	idmap_sid2gid_async(state->mem_ctx, &state->sid, False,
			    sid2gid_noalloc_recv, state);
}

static void sid2gid_noalloc_recv(void *private_data, BOOL success, gid_t gid)
{
	struct sid2gid_state *state =
		talloc_get_type_abort(private_data, struct sid2gid_state);

	if (success) {
		DEBUG(10, ("found gid for sid %s in remote backend\n",
			   sid_string_static(&state->sid)));
		state->cont(state->private_data, True, gid);
		return;
	}

	if (lp_winbind_trusted_domains_only() && 
	    (sid_compare_domain(&state->sid, &find_our_domain()->sid) == 0)) {
		DEBUG(10, ("Trying to go via nss\n"));
		winbindd_name2gid_async(state->mem_ctx, state->groupname,
					sid2gid_name2gid_recv, state);
		return;
	}

	/* To be done: Here we're going to try the unixinfo pipe */

	/* Now allocate a gid */

	idmap_sid2gid_async(state->mem_ctx, &state->sid, True,
			    sid2gid_alloc_recv, state);
}

static void sid2gid_alloc_recv(void *private_data, BOOL success, gid_t gid)
{
	struct sid2gid_state *state =
		talloc_get_type_abort(private_data, struct sid2gid_state);

	if (!success) {
		DEBUG(5, ("Could not allocate gid\n"));
		state->cont(state->private_data, False, 0);
		return;
	}

	state->cont(state->private_data, True, gid);
}

static void sid2gid_name2gid_recv(void *private_data, BOOL success, gid_t gid)
{
	struct sid2gid_state *state =
		talloc_get_type_abort(private_data, struct sid2gid_state);
	unid_t id;

	if (!success) {
		DEBUG(5, ("Could not find gid for name %s\n",
			  state->groupname));
		state->cont(state->private_data, False, 0);
		return;
	}

	state->gid = gid;

	id.gid = gid;
	idmap_set_mapping_async(state->mem_ctx, &state->sid, id, ID_GROUPID,
				sid2gid_set_mapping_recv, state);
}

static void sid2gid_set_mapping_recv(void *private_data, BOOL success)
{
	struct sid2gid_state *state =
		talloc_get_type_abort(private_data, struct sid2gid_state);

	if (!success) {
		DEBUG(5, ("Could not set ID mapping for sid %s\n",
			  sid_string_static(&state->sid)));
		state->cont(state->private_data, False, 0);
		return;
	}

	state->cont(state->private_data, True, state->gid);
}

static void query_user_recv(TALLOC_CTX *mem_ctx, BOOL success,
			    struct winbindd_response *response,
			    void *c, void *private_data)
{
	void (*cont)(void *priv, BOOL succ, const char *acct_name,
		     const char *full_name, const char *homedir, 
		     const char *shell, uint32 group_rid) = c;

	if (!success) {
		DEBUG(5, ("Could not trigger query_user\n"));
		cont(private_data, False, NULL, NULL, NULL, NULL, -1);
		return;
	}

	cont(private_data, True, response->data.user_info.acct_name,
	     response->data.user_info.full_name,
	     response->data.user_info.homedir,
	     response->data.user_info.shell,
	     response->data.user_info.group_rid);
}

void query_user_async(TALLOC_CTX *mem_ctx, struct winbindd_domain *domain,
		      const DOM_SID *sid,
		      void (*cont)(void *private_data, BOOL success,
				   const char *acct_name,
				   const char *full_name,
				   const char *homedir,
				   const char *shell,
				   uint32 group_rid),
		      void *private_data)
{
	struct winbindd_request request;
	ZERO_STRUCT(request);
	request.cmd = WINBINDD_DUAL_USERINFO;
	sid_to_string(request.data.sid, sid);
	do_async_domain(mem_ctx, domain, &request, query_user_recv,
			cont, private_data);
}