static bool wbinfo_get_userdomgroups(const char *user_sid_str) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; uint32_t num_sids; uint32_t i; struct wbcDomainSid user_sid, *sids = NULL; /* Send request */ wbc_status = wbcStringToSid(user_sid_str, &user_sid); if (!WBC_ERROR_IS_OK(wbc_status)) { return false; } wbc_status = wbcLookupUserSids(&user_sid, true, &num_sids, &sids); if (!WBC_ERROR_IS_OK(wbc_status)) { return false; } for (i = 0; i < num_sids; i++) { char *str = NULL; wbc_status = wbcSidToString(&sids[i], &str); if (!WBC_ERROR_IS_OK(wbc_status)) { wbcFreeMemory(sids); return false; } d_printf("%s\n", str); wbcFreeMemory(str); } wbcFreeMemory(sids); return true; }
static bool wbinfo_gid_to_sid(gid_t gid) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; struct wbcDomainSid sid; char *sid_str = NULL; /* Send request */ wbc_status = wbcGidToSid(gid, &sid); if (!WBC_ERROR_IS_OK(wbc_status)) { return false; } wbc_status = wbcSidToString(&sid, &sid_str); if (!WBC_ERROR_IS_OK(wbc_status)) { return false; } /* Display response */ d_printf("%s\n", sid_str); wbcFreeMemory(sid_str); return true; }
wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid) { int ret; char *sid_str; uint32_t id; enum sss_id_type type; wbcErr wbc_status; wbc_status = wbcSidToString(sid, &sid_str); if (!WBC_ERROR_IS_OK(wbc_status)) { return wbc_status; } ret = sss_nss_getidbysid(sid_str, &id, &type); wbcFreeMemory(sid_str); if (ret != 0) { return WBC_ERR_UNKNOWN_FAILURE; } if (type != SSS_ID_TYPE_GID && type != SSS_ID_TYPE_BOTH) { return WBC_ERR_UNKNOWN_GROUP; } *pgid = (gid_t) id; return WBC_ERR_SUCCESS; }
/** @brief Remove a group id mapping * * @param gid Gid of the mapping to remove. * @param *sid Pointer to the sid of the mapping to remove. * * @return #wbcErr **/ wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid) { struct winbindd_request request; struct winbindd_response response; wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; char *sid_string = NULL; if (!sid) { return WBC_ERR_INVALID_PARAM; } /* Initialise request */ ZERO_STRUCT(request); ZERO_STRUCT(response); /* Make request */ request.data.dual_idmapset.id = gid; request.data.dual_idmapset.type = _ID_TYPE_GID; wbc_status = wbcSidToString(sid, &sid_string); BAIL_ON_WBC_ERROR(wbc_status); strncpy(request.data.dual_idmapset.sid, sid_string, sizeof(request.data.dual_idmapset.sid)-1); wbcFreeMemory(sid_string); wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING, &request, &response); BAIL_ON_WBC_ERROR(wbc_status); done: return wbc_status; }
static bool wbinfo_lookupname(const char *full_name) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; struct wbcDomainSid sid; char *sid_str; enum wbcSidType type; fstring domain_name; fstring account_name; /* Send off request */ parse_wbinfo_domain_user(full_name, domain_name, account_name); wbc_status = wbcLookupName(domain_name, account_name, &sid, &type); if (!WBC_ERROR_IS_OK(wbc_status)) { return false; } wbc_status = wbcSidToString(&sid, &sid_str); if (!WBC_ERROR_IS_OK(wbc_status)) { return false; } /* Display response */ d_printf("%s %s (%d)\n", sid_str, sid_type_lookup(type), type); wbcFreeMemory(sid_str); return true; }
static bool test_wbc_users(struct torture_context *tctx) { const char *domain_name = NULL; uint32_t num_users; const char **users; int i; struct wbcInterfaceDetails *details; torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details), "%s", "wbcInterfaceDetails failed"); domain_name = talloc_strdup(tctx, details->netbios_domain); wbcFreeMemory(details); torture_assert_wbc_ok(tctx, wbcListUsers(domain_name, &num_users, &users), "%s", "wbcListUsers failed"); torture_assert(tctx, !(num_users > 0 && !users), "wbcListUsers returned invalid results"); for (i=0; i < MIN(num_users,100); i++) { struct wbcDomainSid sid, *sids; enum wbcSidType name_type; char *domain; char *name; char *sid_string; uint32_t num_sids; torture_assert_wbc_ok(tctx, wbcLookupName(domain_name, users[i], &sid, &name_type), "wbcLookupName of %s failed", users[i]); torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_USER, "wbcLookupName expected WBC_SID_NAME_USER"); wbcSidToString(&sid, &sid_string); torture_assert_wbc_ok(tctx, wbcLookupSid(&sid, &domain, &name, &name_type), "wbcLookupSid of %s failed", sid_string); torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_USER, "wbcLookupSid of expected WBC_SID_NAME_USER"); torture_assert(tctx, name, "wbcLookupSid returned no name"); wbcFreeMemory(domain); wbcFreeMemory(name); torture_assert_wbc_ok(tctx, wbcLookupUserSids(&sid, true, &num_sids, &sids), "wbcLookupUserSids of %s failed", sid_string); torture_assert_wbc_ok( tctx, wbcGetDisplayName(&sid, &domain, &name, &name_type), "wbcGetDisplayName of %s failed", sid_string); wbcFreeMemory(domain); wbcFreeMemory(name); wbcFreeMemory(sids); wbcFreeMemory(sid_string); } wbcFreeMemory(users); return true; }
static bool wbinfo_get_sidaliases(const char *domain, const char *user_sid_str) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; struct wbcDomainInfo *dinfo = NULL; uint32_t i; struct wbcDomainSid user_sid; uint32_t *alias_rids = NULL; uint32_t num_alias_rids; char *domain_sid_str = NULL; /* Send request */ if ((domain == NULL) || (strequal(domain, ".")) || (domain[0] == '\0')) { domain = get_winbind_domain(); } /* Send request */ wbc_status = wbcDomainInfo(domain, &dinfo); if (!WBC_ERROR_IS_OK(wbc_status)) { d_printf("wbcDomainInfo(%s) failed: %s\n", domain, wbcErrorString(wbc_status)); goto done; } wbc_status = wbcStringToSid(user_sid_str, &user_sid); if (!WBC_ERROR_IS_OK(wbc_status)) { goto done; } wbc_status = wbcGetSidAliases(&dinfo->sid, &user_sid, 1, &alias_rids, &num_alias_rids); if (!WBC_ERROR_IS_OK(wbc_status)) { goto done; } wbc_status = wbcSidToString(&dinfo->sid, &domain_sid_str); if (!WBC_ERROR_IS_OK(wbc_status)) { goto done; } for (i = 0; i < num_alias_rids; i++) { d_printf("%s-%d\n", domain_sid_str, alias_rids[i]); } wbcFreeMemory(alias_rids); done: if (domain_sid_str) { wbcFreeMemory(domain_sid_str); } if (dinfo) { wbcFreeMemory(dinfo); } return (WBC_ERR_SUCCESS == wbc_status); }
static bool test_wbc_sidtostring(struct torture_context *tctx) { struct wbcDomainSid sid; const char *sid_string = "S-1-5-32"; char *sid_string2; torture_assert_wbc_ok(tctx, wbcStringToSid(sid_string, &sid), "wbcStringToSid failed"); torture_assert_wbc_ok(tctx, wbcSidToString(&sid, &sid_string2), "wbcSidToString failed"); torture_assert_str_equal(tctx, sid_string, sid_string2, "sid strings differ"); wbcFreeMemory(sid_string2); return true; }
static bool wbinfo_domain_info(const char *domain) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; struct wbcDomainInfo *dinfo = NULL; char *sid_str = NULL; if ((domain == NULL) || (strequal(domain, ".")) || (domain[0] == '\0')) { domain = get_winbind_domain(); } /* Send request */ wbc_status = wbcDomainInfo(domain, &dinfo); if (!WBC_ERROR_IS_OK(wbc_status)) { return false; } wbc_status = wbcSidToString(&dinfo->sid, &sid_str); if (!WBC_ERROR_IS_OK(wbc_status)) { wbcFreeMemory(dinfo); return false; } /* Display response */ d_printf("Name : %s\n", dinfo->short_name); d_printf("Alt_Name : %s\n", dinfo->dns_name); d_printf("SID : %s\n", sid_str); d_printf("Active Directory : %s\n", (dinfo->domain_flags & WBC_DOMINFO_DOMAIN_AD) ? "Yes" : "No"); d_printf("Native : %s\n", (dinfo->domain_flags & WBC_DOMINFO_DOMAIN_NATIVE) ? "Yes" : "No"); d_printf("Primary : %s\n", (dinfo->domain_flags & WBC_DOMINFO_DOMAIN_PRIMARY) ? "Yes" : "No"); wbcFreeMemory(sid_str); wbcFreeMemory(dinfo); return true; }
/* Convert a list of SIDs */ wbcErr wbcSidsToUnixIds(const struct wbcDomainSid *sids, uint32_t num_sids, struct wbcUnixId *ids) { int ret; char *sid_str; uint32_t id; enum sss_id_type type; size_t c; wbcErr wbc_status; for (c = 0; c < num_sids; c++) { wbc_status = wbcSidToString(&sids[c], &sid_str); if (!WBC_ERROR_IS_OK(wbc_status)) { return wbc_status; } ret = sss_nss_getidbysid(sid_str, &id, &type); wbcFreeMemory(sid_str); if (ret != 0) { return WBC_ERR_UNKNOWN_FAILURE; } switch (type) { case SSS_ID_TYPE_UID: ids[c].type = WBC_ID_TYPE_UID; ids[c].id.uid = (uid_t) id; break; case SSS_ID_TYPE_GID: ids[c].type = WBC_ID_TYPE_GID; ids[c].id.gid = (gid_t) id; break; case SSS_ID_TYPE_BOTH: ids[c].type = WBC_ID_TYPE_BOTH; ids[c].id.uid = (uid_t) id; break; default: ids[c].type = WBC_ID_TYPE_NOT_SPECIFIED; } } return WBC_ERR_SUCCESS; }
static bool test_wbc_groups(struct torture_context *tctx) { const char *domain_name = NULL; uint32_t num_groups; const char **groups; int i; struct wbcInterfaceDetails *details; torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details), "%s", "wbcInterfaceDetails failed"); domain_name = talloc_strdup(tctx, details->netbios_domain); wbcFreeMemory(details); torture_assert_wbc_ok(tctx, wbcListGroups(domain_name, &num_groups, &groups), "wbcListGroups in %s failed", domain_name); torture_assert(tctx, !(num_groups > 0 && !groups), "wbcListGroups returned invalid results"); for (i=0; i < MIN(num_groups,100); i++) { struct wbcDomainSid sid; enum wbcSidType name_type; char *domain; char *name; char *sid_string; torture_assert_wbc_ok(tctx, wbcLookupName(domain_name, groups[i], &sid, &name_type), "wbcLookupName for %s failed", domain_name); wbcSidToString(&sid, &sid_string); torture_assert_wbc_ok(tctx, wbcLookupSid(&sid, &domain, &name, &name_type), "wbcLookupSid of %s failed", sid_string); wbcFreeMemory(sid_string); torture_assert(tctx, name, "wbcLookupSid returned no name"); } wbcFreeMemory(groups); return true; }
wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid) { struct winbindd_request request; struct winbindd_response response; char *sid_string = NULL; wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; if (!sid || !puid) { wbc_status = WBC_ERR_INVALID_PARAM; BAIL_ON_WBC_ERROR(wbc_status); } /* Initialize request */ ZERO_STRUCT(request); ZERO_STRUCT(response); wbc_status = wbcSidToString(sid, &sid_string); BAIL_ON_WBC_ERROR(wbc_status); strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1); wbcFreeMemory(sid_string); /* Make request */ wbc_status = wbcRequestResponse(WINBINDD_SID_TO_UID, &request, &response); BAIL_ON_WBC_ERROR(wbc_status); *puid = response.data.uid; wbc_status = WBC_ERR_SUCCESS; done: return wbc_status; }
/* Get alias membership for sids */ wbcErr wbcGetSidAliases(const struct wbcDomainSid *dom_sid, struct wbcDomainSid *sids, uint32_t num_sids, uint32_t **alias_rids, uint32_t *num_alias_rids) { uint32_t i; const char *s; struct winbindd_request request; struct winbindd_response response; char *sid_string = NULL; ssize_t sid_len; ssize_t extra_data_len = 0; char * extra_data = NULL; ssize_t buflen = 0; struct wbcDomainSid sid; wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; uint32_t * rids = NULL; /* Initialise request */ ZERO_STRUCT(request); ZERO_STRUCT(response); if (!dom_sid) { wbc_status = WBC_ERR_INVALID_PARAM; BAIL_ON_WBC_ERROR(wbc_status); } wbc_status = wbcSidToString(dom_sid, &sid_string); BAIL_ON_WBC_ERROR(wbc_status); strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1); wbcFreeMemory(sid_string); sid_string = NULL; /* Lets assume each sid is around 54 characters * S-1-5-AAAAAAAAAAA-BBBBBBBBBBB-CCCCCCCCCCC-DDDDDDDDDDD\n */ buflen = 54 * num_sids; extra_data = talloc_array(NULL, char, buflen); if (!extra_data) { wbc_status = WBC_ERR_NO_MEMORY; BAIL_ON_WBC_ERROR(wbc_status); } /* Build the sid list */ for (i=0; i<num_sids; i++) { if (sid_string) { wbcFreeMemory(sid_string); sid_string = NULL; } wbc_status = wbcSidToString(&sids[i], &sid_string); BAIL_ON_WBC_ERROR(wbc_status); sid_len = strlen(sid_string); if (buflen < extra_data_len + sid_len + 2) { buflen *= 2; extra_data = talloc_realloc(NULL, extra_data, char, buflen); if (!extra_data) { wbc_status = WBC_ERR_NO_MEMORY; BAIL_ON_WBC_ERROR(wbc_status); } } strncpy(&extra_data[extra_data_len], sid_string, buflen - extra_data_len); extra_data_len += sid_len; extra_data[extra_data_len++] = '\n'; extra_data[extra_data_len] = '\0'; }
wbcErr wbcLookupSid(const struct wbcDomainSid *sid, char **pdomain, char **pname, enum wbcSidType *pname_type) { struct winbindd_request request; struct winbindd_response response; wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; char *sid_string = NULL; char *domain = NULL; char *name = NULL; enum wbcSidType name_type = WBC_SID_NAME_USE_NONE; if (!sid) { wbc_status = WBC_ERR_INVALID_PARAM; BAIL_ON_WBC_ERROR(wbc_status); } /* Initialize request */ ZERO_STRUCT(request); ZERO_STRUCT(response); /* dst is already null terminated from the memset above */ wbc_status = wbcSidToString(sid, &sid_string); BAIL_ON_WBC_ERROR(wbc_status); strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1); wbcFreeMemory(sid_string); /* Make request */ wbc_status = wbcRequestResponse(WINBINDD_LOOKUPSID, &request, &response); BAIL_ON_WBC_ERROR(wbc_status); /* Copy out result */ domain = talloc_strdup(NULL, response.data.name.dom_name); BAIL_ON_PTR_ERROR(domain, wbc_status); name = talloc_strdup(NULL, response.data.name.name); BAIL_ON_PTR_ERROR(name, wbc_status); name_type = (enum wbcSidType)response.data.name.type; wbc_status = WBC_ERR_SUCCESS; done: if (WBC_ERROR_IS_OK(wbc_status)) { if (pdomain != NULL) { *pdomain = domain; } else { talloc_free(domain); } if (pname != NULL) { *pname = name; } else { talloc_free(name); } if (pname_type != NULL) { *pname_type = name_type; } } else { #if 0 /* * Found by Coverity: In this particular routine we can't end * up here with a non-NULL name. Further up there are just two * exit paths that lead here, neither of which leave an * allocated name. If you add more paths up there, re-activate * this. */ if (name != NULL) { talloc_free(name); } #endif if (domain != NULL) { talloc_free(domain); } } return wbc_status; }
wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, int num_rids, uint32_t *rids, const char **pp_domain_name, const char ***pnames, enum wbcSidType **ptypes) { size_t i, len, ridbuf_size; char *ridlist; char *p; struct winbindd_request request; struct winbindd_response response; char *sid_string = NULL; char *domain_name = NULL; const char **names = NULL; enum wbcSidType *types = NULL; wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; /* Initialise request */ ZERO_STRUCT(request); ZERO_STRUCT(response); if (!dom_sid || (num_rids == 0)) { wbc_status = WBC_ERR_INVALID_PARAM; BAIL_ON_WBC_ERROR(wbc_status); } wbc_status = wbcSidToString(dom_sid, &sid_string); BAIL_ON_WBC_ERROR(wbc_status); strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1); wbcFreeMemory(sid_string); /* Even if all the Rids were of maximum 32bit values, we would only have 11 bytes per rid in the final array ("4294967296" + \n). Add one more byte for the terminating '\0' */ ridbuf_size = (sizeof(char)*11) * num_rids + 1; ridlist = talloc_zero_array(NULL, char, ridbuf_size); BAIL_ON_PTR_ERROR(ridlist, wbc_status); len = 0; for (i=0; i<num_rids && (len-1)>0; i++) { char ridstr[12]; len = strlen(ridlist); p = ridlist + len; snprintf( ridstr, sizeof(ridstr)-1, "%u\n", rids[i]); strncat(p, ridstr, ridbuf_size-len-1); } request.extra_data.data = ridlist; request.extra_len = strlen(ridlist)+1; wbc_status = wbcRequestResponse(WINBINDD_LOOKUPRIDS, &request, &response); talloc_free(ridlist); BAIL_ON_WBC_ERROR(wbc_status); domain_name = talloc_strdup(NULL, response.data.domain_name); BAIL_ON_PTR_ERROR(domain_name, wbc_status); names = talloc_array(NULL, const char*, num_rids); BAIL_ON_PTR_ERROR(names, wbc_status); types = talloc_array(NULL, enum wbcSidType, num_rids); BAIL_ON_PTR_ERROR(types, wbc_status); p = (char *)response.extra_data.data; for (i=0; i<num_rids; i++) { char *q; if (*p == '\0') { wbc_status = WBC_ERR_INVALID_RESPONSE; BAIL_ON_WBC_ERROR(wbc_status); } types[i] = (enum wbcSidType)strtoul(p, &q, 10); if (*q != ' ') { wbc_status = WBC_ERR_INVALID_RESPONSE; BAIL_ON_WBC_ERROR(wbc_status); } p = q+1; if ((q = strchr(p, '\n')) == NULL) { wbc_status = WBC_ERR_INVALID_RESPONSE; BAIL_ON_WBC_ERROR(wbc_status); } *q = '\0'; names[i] = talloc_strdup(names, p); BAIL_ON_PTR_ERROR(names[i], wbc_status); p = q+1; } if (*p != '\0') { wbc_status = WBC_ERR_INVALID_RESPONSE; BAIL_ON_WBC_ERROR(wbc_status); } wbc_status = WBC_ERR_SUCCESS; done: if (response.extra_data.data) { free(response.extra_data.data); } if (WBC_ERROR_IS_OK(wbc_status)) { *pp_domain_name = domain_name; *pnames = names; *ptypes = types; } else { if (domain_name) talloc_free(domain_name); if (names) talloc_free(names); if (types) talloc_free(types); } return wbc_status; }
static bool test_wbc_logon_user(struct torture_context *tctx) { struct wbcLogonUserParams params; struct wbcLogonUserInfo *info = NULL; struct wbcAuthErrorInfo *error = NULL; struct wbcUserPasswordPolicyInfo *policy = NULL; struct wbcInterfaceDetails *iface; struct wbcDomainSid sid; enum wbcSidType sidtype; char *sidstr; wbcErr ret; ZERO_STRUCT(params); ret = wbcLogonUser(¶ms, &info, &error, &policy); torture_assert_wbc_equal(tctx, ret, WBC_ERR_INVALID_PARAM, "wbcLogonUser succeeded where it should " "have failed"); params.username = getenv("USERNAME"); params.password = getenv("PASSWORD"); ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs, "foo", 0, discard_const_p(uint8_t, "bar"), 4); torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, "wbcAddNamedBlob failed"); ret = wbcLogonUser(¶ms, &info, &error, &policy); torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, "wbcLogonUser failed"); wbcFreeMemory(info); info = NULL; wbcFreeMemory(error); error = NULL; wbcFreeMemory(policy); policy = NULL; params.password = "******"; ret = wbcLogonUser(¶ms, &info, &error, &policy); torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR, "wbcLogonUser should have failed with " "WBC_ERR_AUTH_ERROR"); wbcFreeMemory(info); info = NULL; wbcFreeMemory(error); error = NULL; wbcFreeMemory(policy); policy = NULL; ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs, "membership_of", 0, discard_const_p(uint8_t, "S-1-2-3-4"), strlen("S-1-2-3-4")+1); torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, "wbcAddNamedBlob failed"); params.password = getenv("PASSWORD"); ret = wbcLogonUser(¶ms, &info, &error, &policy); torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR, "wbcLogonUser should have failed with " "WBC_ERR_AUTH_ERROR"); wbcFreeMemory(info); info = NULL; wbcFreeMemory(error); error = NULL; wbcFreeMemory(policy); policy = NULL; wbcFreeMemory(params.blobs); params.blobs = NULL; params.num_blobs = 0; ret = wbcInterfaceDetails(&iface); torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, "wbcInterfaceDetails failed"); ret = wbcLookupName(iface->netbios_domain, getenv("USERNAME"), &sid, &sidtype); wbcFreeMemory(iface); torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, "wbcLookupName failed"); ret = wbcSidToString(&sid, &sidstr); torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, "wbcSidToString failed"); ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs, "membership_of", 0, (uint8_t *)sidstr, strlen(sidstr)+1); torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, "wbcAddNamedBlob failed"); wbcFreeMemory(sidstr); params.password = getenv("PASSWORD"); ret = wbcLogonUser(¶ms, &info, &error, &policy); torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, "wbcLogonUser failed"); wbcFreeMemory(info); info = NULL; wbcFreeMemory(error); error = NULL; wbcFreeMemory(policy); policy = NULL; wbcFreeMemory(params.blobs); params.blobs = NULL; params.num_blobs = 0; return true; }
wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, bool domain_groups_only, uint32_t *num_sids, struct wbcDomainSid **_sids) { uint32_t i; const char *s; struct winbindd_request request; struct winbindd_response response; char *sid_string = NULL; struct wbcDomainSid *sids = NULL; wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; int cmd; /* Initialise request */ ZERO_STRUCT(request); ZERO_STRUCT(response); if (!user_sid) { wbc_status = WBC_ERR_INVALID_PARAM; BAIL_ON_WBC_ERROR(wbc_status); } wbc_status = wbcSidToString(user_sid, &sid_string); BAIL_ON_WBC_ERROR(wbc_status); strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1); wbcFreeMemory(sid_string); if (domain_groups_only) { cmd = WINBINDD_GETUSERDOMGROUPS; } else { cmd = WINBINDD_GETUSERSIDS; } wbc_status = wbcRequestResponse(cmd, &request, &response); BAIL_ON_WBC_ERROR(wbc_status); if (response.data.num_entries && !response.extra_data.data) { wbc_status = WBC_ERR_INVALID_RESPONSE; BAIL_ON_WBC_ERROR(wbc_status); } sids = talloc_array(NULL, struct wbcDomainSid, response.data.num_entries); BAIL_ON_PTR_ERROR(sids, wbc_status); s = (const char *)response.extra_data.data; for (i = 0; i < response.data.num_entries; i++) { char *n = strchr(s, '\n'); if (n) { *n = '\0'; } wbc_status = wbcStringToSid(s, &sids[i]); BAIL_ON_WBC_ERROR(wbc_status); s += strlen(s) + 1; } *num_sids = response.data.num_entries; *_sids = sids; sids = NULL; wbc_status = WBC_ERR_SUCCESS; done: if (response.extra_data.data) { free(response.extra_data.data); } if (sids) { talloc_free(sids); } return wbc_status; }
/* Convert a SID to a domain and name */ wbcErr wbcLookupSid(const struct wbcDomainSid *sid, char **pdomain, char **pname, enum wbcSidType *pname_type) { char *str_sid; char *fq_name = NULL; enum sss_id_type type; int ret; char *p; wbcErr wbc_status; wbc_status = wbcSidToString(sid, &str_sid); if (!WBC_ERROR_IS_OK(wbc_status)) { return wbc_status; } ret = sss_nss_getnamebysid(str_sid, &fq_name, &type); wbcFreeMemory(str_sid); if (ret != 0) { return WBC_ERR_UNKNOWN_FAILURE; } if (pname_type != NULL) { ret = sss_id_type_to_wbcSidType(type, pname_type); if (ret != 0) { wbc_status = WBC_ERR_UNKNOWN_FAILURE; goto done; } } /* TODO: it would be nice to have an sss_nss_getnamebysid() call which * returns name and domain separately. */ p = strchr(fq_name, '@'); if (p == NULL) { wbc_status = WBC_ERR_UNKNOWN_FAILURE; goto done; } *p = '\0'; if (pname != NULL) { *pname = wbcStrDup(fq_name); if (*pname == NULL) { wbc_status = WBC_ERR_NO_MEMORY; goto done; } } if (pdomain != NULL) { *pdomain = wbcStrDup(p + 1); if (*pdomain == NULL) { wbcFreeMemory(*pname); wbc_status = WBC_ERR_NO_MEMORY; goto done; } } wbc_status = WBC_ERR_SUCCESS; done: free(fq_name); return wbc_status; }