static bool wbinfo_get_userdomgroups(const char *user_sid_str)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
uint32_t num_sids;
uint32_t i;
struct wbcDomainSid user_sid, *sids = NULL;
/* Send request */
wbc_status = wbcStringToSid(user_sid_str, &user_sid);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return false;
}
wbc_status = wbcLookupUserSids(&user_sid, true, &num_sids, &sids);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return false;
}
for (i = 0; i < num_sids; i++) {
char *str = NULL;
wbc_status = wbcSidToString(&sids[i], &str);
if (!WBC_ERROR_IS_OK(wbc_status)) {
wbcFreeMemory(sids);
return false;
}
d_printf("%s\n", str);
wbcFreeMemory(str);
}
wbcFreeMemory(sids);
return true;
}
static bool wbinfo_gid_to_sid(gid_t gid)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
struct wbcDomainSid sid;
char *sid_str = NULL;
/* Send request */
wbc_status = wbcGidToSid(gid, &sid);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return false;
}
wbc_status = wbcSidToString(&sid, &sid_str);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return false;
}
/* Display response */
d_printf("%s\n", sid_str);
wbcFreeMemory(sid_str);
return true;
}
wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid)
{
int ret;
char *sid_str;
uint32_t id;
enum sss_id_type type;
wbcErr wbc_status;
wbc_status = wbcSidToString(sid, &sid_str);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return wbc_status;
}
ret = sss_nss_getidbysid(sid_str, &id, &type);
wbcFreeMemory(sid_str);
if (ret != 0) {
return WBC_ERR_UNKNOWN_FAILURE;
}
if (type != SSS_ID_TYPE_GID && type != SSS_ID_TYPE_BOTH) {
return WBC_ERR_UNKNOWN_GROUP;
}
*pgid = (gid_t) id;
return WBC_ERR_SUCCESS;
}
/** @brief Remove a group id mapping
*
* @param gid Gid of the mapping to remove.
* @param *sid Pointer to the sid of the mapping to remove.
*
* @return #wbcErr
**/
wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid)
{
struct winbindd_request request;
struct winbindd_response response;
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
char *sid_string = NULL;
if (!sid) {
return WBC_ERR_INVALID_PARAM;
}
/* Initialise request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
/* Make request */
request.data.dual_idmapset.id = gid;
request.data.dual_idmapset.type = _ID_TYPE_GID;
wbc_status = wbcSidToString(sid, &sid_string);
BAIL_ON_WBC_ERROR(wbc_status);
strncpy(request.data.dual_idmapset.sid, sid_string,
sizeof(request.data.dual_idmapset.sid)-1);
wbcFreeMemory(sid_string);
wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING,
&request, &response);
BAIL_ON_WBC_ERROR(wbc_status);
done:
return wbc_status;
}
static bool wbinfo_lookupname(const char *full_name)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
struct wbcDomainSid sid;
char *sid_str;
enum wbcSidType type;
fstring domain_name;
fstring account_name;
/* Send off request */
parse_wbinfo_domain_user(full_name, domain_name,
account_name);
wbc_status = wbcLookupName(domain_name, account_name,
&sid, &type);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return false;
}
wbc_status = wbcSidToString(&sid, &sid_str);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return false;
}
/* Display response */
d_printf("%s %s (%d)\n", sid_str, sid_type_lookup(type), type);
wbcFreeMemory(sid_str);
return true;
}
static bool test_wbc_users(struct torture_context *tctx)
{
const char *domain_name = NULL;
uint32_t num_users;
const char **users;
int i;
struct wbcInterfaceDetails *details;
torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
"%s", "wbcInterfaceDetails failed");
domain_name = talloc_strdup(tctx, details->netbios_domain);
wbcFreeMemory(details);
torture_assert_wbc_ok(tctx, wbcListUsers(domain_name, &num_users, &users),
"%s", "wbcListUsers failed");
torture_assert(tctx, !(num_users > 0 && !users),
"wbcListUsers returned invalid results");
for (i=0; i < MIN(num_users,100); i++) {
struct wbcDomainSid sid, *sids;
enum wbcSidType name_type;
char *domain;
char *name;
char *sid_string;
uint32_t num_sids;
torture_assert_wbc_ok(tctx, wbcLookupName(domain_name, users[i], &sid, &name_type),
"wbcLookupName of %s failed", users[i]);
torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_USER,
"wbcLookupName expected WBC_SID_NAME_USER");
wbcSidToString(&sid, &sid_string);
torture_assert_wbc_ok(tctx, wbcLookupSid(&sid, &domain, &name, &name_type),
"wbcLookupSid of %s failed", sid_string);
torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_USER,
"wbcLookupSid of expected WBC_SID_NAME_USER");
torture_assert(tctx, name,
"wbcLookupSid returned no name");
wbcFreeMemory(domain);
wbcFreeMemory(name);
torture_assert_wbc_ok(tctx, wbcLookupUserSids(&sid, true, &num_sids, &sids),
"wbcLookupUserSids of %s failed", sid_string);
torture_assert_wbc_ok(
tctx, wbcGetDisplayName(&sid, &domain, &name,
&name_type),
"wbcGetDisplayName of %s failed", sid_string);
wbcFreeMemory(domain);
wbcFreeMemory(name);
wbcFreeMemory(sids);
wbcFreeMemory(sid_string);
}
wbcFreeMemory(users);
return true;
}
static bool wbinfo_get_sidaliases(const char *domain,
const char *user_sid_str)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
struct wbcDomainInfo *dinfo = NULL;
uint32_t i;
struct wbcDomainSid user_sid;
uint32_t *alias_rids = NULL;
uint32_t num_alias_rids;
char *domain_sid_str = NULL;
/* Send request */
if ((domain == NULL) || (strequal(domain, ".")) ||
(domain[0] == '\0')) {
domain = get_winbind_domain();
}
/* Send request */
wbc_status = wbcDomainInfo(domain, &dinfo);
if (!WBC_ERROR_IS_OK(wbc_status)) {
d_printf("wbcDomainInfo(%s) failed: %s\n", domain,
wbcErrorString(wbc_status));
goto done;
}
wbc_status = wbcStringToSid(user_sid_str, &user_sid);
if (!WBC_ERROR_IS_OK(wbc_status)) {
goto done;
}
wbc_status = wbcGetSidAliases(&dinfo->sid, &user_sid, 1,
&alias_rids, &num_alias_rids);
if (!WBC_ERROR_IS_OK(wbc_status)) {
goto done;
}
wbc_status = wbcSidToString(&dinfo->sid, &domain_sid_str);
if (!WBC_ERROR_IS_OK(wbc_status)) {
goto done;
}
for (i = 0; i < num_alias_rids; i++) {
d_printf("%s-%d\n", domain_sid_str, alias_rids[i]);
}
wbcFreeMemory(alias_rids);
done:
if (domain_sid_str) {
wbcFreeMemory(domain_sid_str);
}
if (dinfo) {
wbcFreeMemory(dinfo);
}
return (WBC_ERR_SUCCESS == wbc_status);
}
static bool test_wbc_sidtostring(struct torture_context *tctx)
{
struct wbcDomainSid sid;
const char *sid_string = "S-1-5-32";
char *sid_string2;
torture_assert_wbc_ok(tctx, wbcStringToSid(sid_string, &sid),
"wbcStringToSid failed");
torture_assert_wbc_ok(tctx, wbcSidToString(&sid, &sid_string2),
"wbcSidToString failed");
torture_assert_str_equal(tctx, sid_string, sid_string2,
"sid strings differ");
wbcFreeMemory(sid_string2);
return true;
}
static bool wbinfo_domain_info(const char *domain)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
struct wbcDomainInfo *dinfo = NULL;
char *sid_str = NULL;
if ((domain == NULL) || (strequal(domain, ".")) || (domain[0] == '\0')) {
domain = get_winbind_domain();
}
/* Send request */
wbc_status = wbcDomainInfo(domain, &dinfo);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return false;
}
wbc_status = wbcSidToString(&dinfo->sid, &sid_str);
if (!WBC_ERROR_IS_OK(wbc_status)) {
wbcFreeMemory(dinfo);
return false;
}
/* Display response */
d_printf("Name : %s\n", dinfo->short_name);
d_printf("Alt_Name : %s\n", dinfo->dns_name);
d_printf("SID : %s\n", sid_str);
d_printf("Active Directory : %s\n",
(dinfo->domain_flags & WBC_DOMINFO_DOMAIN_AD) ? "Yes" : "No");
d_printf("Native : %s\n",
(dinfo->domain_flags & WBC_DOMINFO_DOMAIN_NATIVE) ? "Yes" : "No");
d_printf("Primary : %s\n",
(dinfo->domain_flags & WBC_DOMINFO_DOMAIN_PRIMARY) ? "Yes" : "No");
wbcFreeMemory(sid_str);
wbcFreeMemory(dinfo);
return true;
}
/* Convert a list of SIDs */
wbcErr wbcSidsToUnixIds(const struct wbcDomainSid *sids, uint32_t num_sids,
struct wbcUnixId *ids)
{
int ret;
char *sid_str;
uint32_t id;
enum sss_id_type type;
size_t c;
wbcErr wbc_status;
for (c = 0; c < num_sids; c++) {
wbc_status = wbcSidToString(&sids[c], &sid_str);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return wbc_status;
}
ret = sss_nss_getidbysid(sid_str, &id, &type);
wbcFreeMemory(sid_str);
if (ret != 0) {
return WBC_ERR_UNKNOWN_FAILURE;
}
switch (type) {
case SSS_ID_TYPE_UID:
ids[c].type = WBC_ID_TYPE_UID;
ids[c].id.uid = (uid_t) id;
break;
case SSS_ID_TYPE_GID:
ids[c].type = WBC_ID_TYPE_GID;
ids[c].id.gid = (gid_t) id;
break;
case SSS_ID_TYPE_BOTH:
ids[c].type = WBC_ID_TYPE_BOTH;
ids[c].id.uid = (uid_t) id;
break;
default:
ids[c].type = WBC_ID_TYPE_NOT_SPECIFIED;
}
}
return WBC_ERR_SUCCESS;
}
static bool test_wbc_groups(struct torture_context *tctx)
{
const char *domain_name = NULL;
uint32_t num_groups;
const char **groups;
int i;
struct wbcInterfaceDetails *details;
torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
"%s", "wbcInterfaceDetails failed");
domain_name = talloc_strdup(tctx, details->netbios_domain);
wbcFreeMemory(details);
torture_assert_wbc_ok(tctx, wbcListGroups(domain_name, &num_groups, &groups),
"wbcListGroups in %s failed", domain_name);
torture_assert(tctx, !(num_groups > 0 && !groups),
"wbcListGroups returned invalid results");
for (i=0; i < MIN(num_groups,100); i++) {
struct wbcDomainSid sid;
enum wbcSidType name_type;
char *domain;
char *name;
char *sid_string;
torture_assert_wbc_ok(tctx, wbcLookupName(domain_name, groups[i], &sid, &name_type),
"wbcLookupName for %s failed", domain_name);
wbcSidToString(&sid, &sid_string);
torture_assert_wbc_ok(tctx, wbcLookupSid(&sid, &domain, &name, &name_type),
"wbcLookupSid of %s failed", sid_string);
wbcFreeMemory(sid_string);
torture_assert(tctx, name,
"wbcLookupSid returned no name");
}
wbcFreeMemory(groups);
return true;
}
wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid)
{
struct winbindd_request request;
struct winbindd_response response;
char *sid_string = NULL;
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
if (!sid || !puid) {
wbc_status = WBC_ERR_INVALID_PARAM;
BAIL_ON_WBC_ERROR(wbc_status);
}
/* Initialize request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
wbc_status = wbcSidToString(sid, &sid_string);
BAIL_ON_WBC_ERROR(wbc_status);
strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
wbcFreeMemory(sid_string);
/* Make request */
wbc_status = wbcRequestResponse(WINBINDD_SID_TO_UID,
&request,
&response);
BAIL_ON_WBC_ERROR(wbc_status);
*puid = response.data.uid;
wbc_status = WBC_ERR_SUCCESS;
done:
return wbc_status;
}
/* Get alias membership for sids */
wbcErr wbcGetSidAliases(const struct wbcDomainSid *dom_sid,
struct wbcDomainSid *sids,
uint32_t num_sids,
uint32_t **alias_rids,
uint32_t *num_alias_rids)
{
uint32_t i;
const char *s;
struct winbindd_request request;
struct winbindd_response response;
char *sid_string = NULL;
ssize_t sid_len;
ssize_t extra_data_len = 0;
char * extra_data = NULL;
ssize_t buflen = 0;
struct wbcDomainSid sid;
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
uint32_t * rids = NULL;
/* Initialise request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
if (!dom_sid) {
wbc_status = WBC_ERR_INVALID_PARAM;
BAIL_ON_WBC_ERROR(wbc_status);
}
wbc_status = wbcSidToString(dom_sid, &sid_string);
BAIL_ON_WBC_ERROR(wbc_status);
strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
wbcFreeMemory(sid_string);
sid_string = NULL;
/* Lets assume each sid is around 54 characters
* S-1-5-AAAAAAAAAAA-BBBBBBBBBBB-CCCCCCCCCCC-DDDDDDDDDDD\n */
buflen = 54 * num_sids;
extra_data = talloc_array(NULL, char, buflen);
if (!extra_data) {
wbc_status = WBC_ERR_NO_MEMORY;
BAIL_ON_WBC_ERROR(wbc_status);
}
/* Build the sid list */
for (i=0; i<num_sids; i++) {
if (sid_string) {
wbcFreeMemory(sid_string);
sid_string = NULL;
}
wbc_status = wbcSidToString(&sids[i], &sid_string);
BAIL_ON_WBC_ERROR(wbc_status);
sid_len = strlen(sid_string);
if (buflen < extra_data_len + sid_len + 2) {
buflen *= 2;
extra_data = talloc_realloc(NULL, extra_data,
char, buflen);
if (!extra_data) {
wbc_status = WBC_ERR_NO_MEMORY;
BAIL_ON_WBC_ERROR(wbc_status);
}
}
strncpy(&extra_data[extra_data_len], sid_string,
buflen - extra_data_len);
extra_data_len += sid_len;
extra_data[extra_data_len++] = '\n';
extra_data[extra_data_len] = '\0';
}
wbcErr wbcLookupSid(const struct wbcDomainSid *sid,
char **pdomain,
char **pname,
enum wbcSidType *pname_type)
{
struct winbindd_request request;
struct winbindd_response response;
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
char *sid_string = NULL;
char *domain = NULL;
char *name = NULL;
enum wbcSidType name_type = WBC_SID_NAME_USE_NONE;
if (!sid) {
wbc_status = WBC_ERR_INVALID_PARAM;
BAIL_ON_WBC_ERROR(wbc_status);
}
/* Initialize request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
/* dst is already null terminated from the memset above */
wbc_status = wbcSidToString(sid, &sid_string);
BAIL_ON_WBC_ERROR(wbc_status);
strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
wbcFreeMemory(sid_string);
/* Make request */
wbc_status = wbcRequestResponse(WINBINDD_LOOKUPSID,
&request,
&response);
BAIL_ON_WBC_ERROR(wbc_status);
/* Copy out result */
domain = talloc_strdup(NULL, response.data.name.dom_name);
BAIL_ON_PTR_ERROR(domain, wbc_status);
name = talloc_strdup(NULL, response.data.name.name);
BAIL_ON_PTR_ERROR(name, wbc_status);
name_type = (enum wbcSidType)response.data.name.type;
wbc_status = WBC_ERR_SUCCESS;
done:
if (WBC_ERROR_IS_OK(wbc_status)) {
if (pdomain != NULL) {
*pdomain = domain;
} else {
talloc_free(domain);
}
if (pname != NULL) {
*pname = name;
} else {
talloc_free(name);
}
if (pname_type != NULL) {
*pname_type = name_type;
}
}
else {
#if 0
/*
* Found by Coverity: In this particular routine we can't end
* up here with a non-NULL name. Further up there are just two
* exit paths that lead here, neither of which leave an
* allocated name. If you add more paths up there, re-activate
* this.
*/
if (name != NULL) {
talloc_free(name);
}
#endif
if (domain != NULL) {
talloc_free(domain);
}
}
return wbc_status;
}
wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid,
int num_rids,
uint32_t *rids,
const char **pp_domain_name,
const char ***pnames,
enum wbcSidType **ptypes)
{
size_t i, len, ridbuf_size;
char *ridlist;
char *p;
struct winbindd_request request;
struct winbindd_response response;
char *sid_string = NULL;
char *domain_name = NULL;
const char **names = NULL;
enum wbcSidType *types = NULL;
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
/* Initialise request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
if (!dom_sid || (num_rids == 0)) {
wbc_status = WBC_ERR_INVALID_PARAM;
BAIL_ON_WBC_ERROR(wbc_status);
}
wbc_status = wbcSidToString(dom_sid, &sid_string);
BAIL_ON_WBC_ERROR(wbc_status);
strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
wbcFreeMemory(sid_string);
/* Even if all the Rids were of maximum 32bit values,
we would only have 11 bytes per rid in the final array
("4294967296" + \n). Add one more byte for the
terminating '\0' */
ridbuf_size = (sizeof(char)*11) * num_rids + 1;
ridlist = talloc_zero_array(NULL, char, ridbuf_size);
BAIL_ON_PTR_ERROR(ridlist, wbc_status);
len = 0;
for (i=0; i<num_rids && (len-1)>0; i++) {
char ridstr[12];
len = strlen(ridlist);
p = ridlist + len;
snprintf( ridstr, sizeof(ridstr)-1, "%u\n", rids[i]);
strncat(p, ridstr, ridbuf_size-len-1);
}
request.extra_data.data = ridlist;
request.extra_len = strlen(ridlist)+1;
wbc_status = wbcRequestResponse(WINBINDD_LOOKUPRIDS,
&request,
&response);
talloc_free(ridlist);
BAIL_ON_WBC_ERROR(wbc_status);
domain_name = talloc_strdup(NULL, response.data.domain_name);
BAIL_ON_PTR_ERROR(domain_name, wbc_status);
names = talloc_array(NULL, const char*, num_rids);
BAIL_ON_PTR_ERROR(names, wbc_status);
types = talloc_array(NULL, enum wbcSidType, num_rids);
BAIL_ON_PTR_ERROR(types, wbc_status);
p = (char *)response.extra_data.data;
for (i=0; i<num_rids; i++) {
char *q;
if (*p == '\0') {
wbc_status = WBC_ERR_INVALID_RESPONSE;
BAIL_ON_WBC_ERROR(wbc_status);
}
types[i] = (enum wbcSidType)strtoul(p, &q, 10);
if (*q != ' ') {
wbc_status = WBC_ERR_INVALID_RESPONSE;
BAIL_ON_WBC_ERROR(wbc_status);
}
p = q+1;
if ((q = strchr(p, '\n')) == NULL) {
wbc_status = WBC_ERR_INVALID_RESPONSE;
BAIL_ON_WBC_ERROR(wbc_status);
}
*q = '\0';
names[i] = talloc_strdup(names, p);
BAIL_ON_PTR_ERROR(names[i], wbc_status);
p = q+1;
}
if (*p != '\0') {
wbc_status = WBC_ERR_INVALID_RESPONSE;
BAIL_ON_WBC_ERROR(wbc_status);
}
wbc_status = WBC_ERR_SUCCESS;
done:
if (response.extra_data.data) {
free(response.extra_data.data);
}
if (WBC_ERROR_IS_OK(wbc_status)) {
*pp_domain_name = domain_name;
*pnames = names;
*ptypes = types;
}
else {
if (domain_name)
talloc_free(domain_name);
if (names)
talloc_free(names);
if (types)
talloc_free(types);
}
return wbc_status;
}
static bool test_wbc_logon_user(struct torture_context *tctx)
{
struct wbcLogonUserParams params;
struct wbcLogonUserInfo *info = NULL;
struct wbcAuthErrorInfo *error = NULL;
struct wbcUserPasswordPolicyInfo *policy = NULL;
struct wbcInterfaceDetails *iface;
struct wbcDomainSid sid;
enum wbcSidType sidtype;
char *sidstr;
wbcErr ret;
ZERO_STRUCT(params);
ret = wbcLogonUser(¶ms, &info, &error, &policy);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_INVALID_PARAM,
"wbcLogonUser succeeded where it should "
"have failed");
params.username = getenv("USERNAME");
params.password = getenv("PASSWORD");
ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs,
"foo", 0, discard_const_p(uint8_t, "bar"), 4);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"wbcAddNamedBlob failed");
ret = wbcLogonUser(¶ms, &info, &error, &policy);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"wbcLogonUser failed");
wbcFreeMemory(info); info = NULL;
wbcFreeMemory(error); error = NULL;
wbcFreeMemory(policy); policy = NULL;
params.password = "******";
ret = wbcLogonUser(¶ms, &info, &error, &policy);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
"wbcLogonUser should have failed with "
"WBC_ERR_AUTH_ERROR");
wbcFreeMemory(info); info = NULL;
wbcFreeMemory(error); error = NULL;
wbcFreeMemory(policy); policy = NULL;
ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs,
"membership_of", 0,
discard_const_p(uint8_t, "S-1-2-3-4"),
strlen("S-1-2-3-4")+1);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"wbcAddNamedBlob failed");
params.password = getenv("PASSWORD");
ret = wbcLogonUser(¶ms, &info, &error, &policy);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
"wbcLogonUser should have failed with "
"WBC_ERR_AUTH_ERROR");
wbcFreeMemory(info); info = NULL;
wbcFreeMemory(error); error = NULL;
wbcFreeMemory(policy); policy = NULL;
wbcFreeMemory(params.blobs);
params.blobs = NULL; params.num_blobs = 0;
ret = wbcInterfaceDetails(&iface);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"wbcInterfaceDetails failed");
ret = wbcLookupName(iface->netbios_domain, getenv("USERNAME"), &sid,
&sidtype);
wbcFreeMemory(iface);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"wbcLookupName failed");
ret = wbcSidToString(&sid, &sidstr);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"wbcSidToString failed");
ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs,
"membership_of", 0,
(uint8_t *)sidstr, strlen(sidstr)+1);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"wbcAddNamedBlob failed");
wbcFreeMemory(sidstr);
params.password = getenv("PASSWORD");
ret = wbcLogonUser(¶ms, &info, &error, &policy);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"wbcLogonUser failed");
wbcFreeMemory(info); info = NULL;
wbcFreeMemory(error); error = NULL;
wbcFreeMemory(policy); policy = NULL;
wbcFreeMemory(params.blobs);
params.blobs = NULL; params.num_blobs = 0;
return true;
}
wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid,
bool domain_groups_only,
uint32_t *num_sids,
struct wbcDomainSid **_sids)
{
uint32_t i;
const char *s;
struct winbindd_request request;
struct winbindd_response response;
char *sid_string = NULL;
struct wbcDomainSid *sids = NULL;
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
int cmd;
/* Initialise request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
if (!user_sid) {
wbc_status = WBC_ERR_INVALID_PARAM;
BAIL_ON_WBC_ERROR(wbc_status);
}
wbc_status = wbcSidToString(user_sid, &sid_string);
BAIL_ON_WBC_ERROR(wbc_status);
strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
wbcFreeMemory(sid_string);
if (domain_groups_only) {
cmd = WINBINDD_GETUSERDOMGROUPS;
} else {
cmd = WINBINDD_GETUSERSIDS;
}
wbc_status = wbcRequestResponse(cmd,
&request,
&response);
BAIL_ON_WBC_ERROR(wbc_status);
if (response.data.num_entries &&
!response.extra_data.data) {
wbc_status = WBC_ERR_INVALID_RESPONSE;
BAIL_ON_WBC_ERROR(wbc_status);
}
sids = talloc_array(NULL, struct wbcDomainSid,
response.data.num_entries);
BAIL_ON_PTR_ERROR(sids, wbc_status);
s = (const char *)response.extra_data.data;
for (i = 0; i < response.data.num_entries; i++) {
char *n = strchr(s, '\n');
if (n) {
*n = '\0';
}
wbc_status = wbcStringToSid(s, &sids[i]);
BAIL_ON_WBC_ERROR(wbc_status);
s += strlen(s) + 1;
}
*num_sids = response.data.num_entries;
*_sids = sids;
sids = NULL;
wbc_status = WBC_ERR_SUCCESS;
done:
if (response.extra_data.data) {
free(response.extra_data.data);
}
if (sids) {
talloc_free(sids);
}
return wbc_status;
}
/* Convert a SID to a domain and name */
wbcErr wbcLookupSid(const struct wbcDomainSid *sid,
char **pdomain,
char **pname,
enum wbcSidType *pname_type)
{
char *str_sid;
char *fq_name = NULL;
enum sss_id_type type;
int ret;
char *p;
wbcErr wbc_status;
wbc_status = wbcSidToString(sid, &str_sid);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return wbc_status;
}
ret = sss_nss_getnamebysid(str_sid, &fq_name, &type);
wbcFreeMemory(str_sid);
if (ret != 0) {
return WBC_ERR_UNKNOWN_FAILURE;
}
if (pname_type != NULL) {
ret = sss_id_type_to_wbcSidType(type, pname_type);
if (ret != 0) {
wbc_status = WBC_ERR_UNKNOWN_FAILURE;
goto done;
}
}
/* TODO: it would be nice to have an sss_nss_getnamebysid() call which
* returns name and domain separately. */
p = strchr(fq_name, '@');
if (p == NULL) {
wbc_status = WBC_ERR_UNKNOWN_FAILURE;
goto done;
}
*p = '\0';
if (pname != NULL) {
*pname = wbcStrDup(fq_name);
if (*pname == NULL) {
wbc_status = WBC_ERR_NO_MEMORY;
goto done;
}
}
if (pdomain != NULL) {
*pdomain = wbcStrDup(p + 1);
if (*pdomain == NULL) {
wbcFreeMemory(*pname);
wbc_status = WBC_ERR_NO_MEMORY;
goto done;
}
}
wbc_status = WBC_ERR_SUCCESS;
done:
free(fq_name);
return wbc_status;
}
