static bool test_lookupsids(struct torture_context *tctx,
struct dcerpc_binding_handle *b,
struct policy_handle *handle,
struct dom_sid **sids, uint32_t num_sids,
int level, NTSTATUS expected_result,
enum lsa_SidType *types)
{
struct lsa_TransNameArray names;
NTSTATUS status;
uint32_t i;
bool ret = true;
status = lookup_sids(tctx, level, b, handle, sids, num_sids,
&names);
if (!NT_STATUS_EQUAL(status, expected_result)) {
printf("For level %d expected %s, got %s\n",
level, nt_errstr(expected_result),
nt_errstr(status));
return false;
}
if (!NT_STATUS_EQUAL(status, NT_STATUS_OK) &&
!NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
return true;
}
for (i=0; i<num_sids; i++) {
if (names.names[i].sid_type != types[i]) {
printf("In level %d, for sid %s expected %s, "
"got %s\n", level,
dom_sid_string(tctx, sids[i]),
sid_type_lookup(types[i]),
sid_type_lookup(names.names[i].sid_type));
ret = false;
}
}
return ret;
}
static BOOL test_lookupsids(TALLOC_CTX *mem_ctx, struct dcerpc_pipe *p,
struct policy_handle *handle,
struct dom_sid **sids, uint32_t num_sids,
int level, NTSTATUS expected_result,
enum lsa_SidType *types)
{
struct lsa_TransNameArray names;
NTSTATUS status;
uint32_t i;
BOOL ret = True;
status = lookup_sids(mem_ctx, level, p, handle, sids, num_sids,
&names);
if (!NT_STATUS_EQUAL(status, expected_result)) {
printf("For level %d expected %s, got %s\n",
level, nt_errstr(expected_result),
nt_errstr(status));
return False;
}
if (!NT_STATUS_EQUAL(status, NT_STATUS_OK) &&
!NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
return True;
}
for (i=0; i<num_sids; i++) {
if (names.names[i].sid_type != types[i]) {
printf("In level %d, for sid %s expected %s, "
"got %s\n", level,
dom_sid_string(mem_ctx, sids[i]),
sid_type_lookup(types[i]),
sid_type_lookup(names.names[i].sid_type));
ret = False;
}
}
return ret;
}
/* Lookup group membership given a rid. */
static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
const DOM_SID *group_sid, uint32 *num_names,
DOM_SID **sid_mem, char ***names,
uint32 **name_types)
{
size_t i, num_members, num_mapped;
uint32 *rids;
NTSTATUS result;
const DOM_SID **sids;
struct lsa_dom_info *lsa_domains;
struct lsa_name_info *lsa_names;
TALLOC_CTX *tmp_ctx;
if (!sid_check_is_in_our_domain(group_sid)) {
/* There's no groups, only aliases in BUILTIN */
return NT_STATUS_NO_SUCH_GROUP;
}
if (!(tmp_ctx = talloc_init("lookup_groupmem"))) {
return NT_STATUS_NO_MEMORY;
}
result = pdb_enum_group_members(tmp_ctx, group_sid, &rids,
&num_members);
if (!NT_STATUS_IS_OK(result)) {
TALLOC_FREE(tmp_ctx);
return result;
}
if (num_members == 0) {
*num_names = 0;
*sid_mem = NULL;
*names = NULL;
*name_types = NULL;
TALLOC_FREE(tmp_ctx);
return NT_STATUS_OK;
}
*sid_mem = TALLOC_ARRAY(mem_ctx, DOM_SID, num_members);
*names = TALLOC_ARRAY(mem_ctx, char *, num_members);
*name_types = TALLOC_ARRAY(mem_ctx, uint32, num_members);
sids = TALLOC_ARRAY(tmp_ctx, const DOM_SID *, num_members);
if (((*sid_mem) == NULL) || ((*names) == NULL) ||
((*name_types) == NULL) || (sids == NULL)) {
TALLOC_FREE(tmp_ctx);
return NT_STATUS_NO_MEMORY;
}
/*
* Prepare an array of sid pointers for the lookup_sids calling
* convention.
*/
for (i=0; i<num_members; i++) {
DOM_SID *sid = &((*sid_mem)[i]);
if (!sid_compose(sid, &domain->sid, rids[i])) {
TALLOC_FREE(tmp_ctx);
return NT_STATUS_INTERNAL_ERROR;
}
sids[i] = sid;
}
result = lookup_sids(tmp_ctx, num_members, sids, 1,
&lsa_domains, &lsa_names);
if (!NT_STATUS_IS_OK(result)) {
TALLOC_FREE(tmp_ctx);
return result;
}
num_mapped = 0;
for (i=0; i<num_members; i++) {
if (lsa_names[i].type != SID_NAME_USER) {
DEBUG(2, ("Got %s as group member -- ignoring\n",
sid_type_lookup(lsa_names[i].type)));
continue;
}
if (!((*names)[i] = talloc_strdup((*names),
lsa_names[i].name))) {
TALLOC_FREE(tmp_ctx);
return NT_STATUS_NO_MEMORY;
}
(*name_types)[i] = lsa_names[i].type;
num_mapped += 1;
}
*num_names = num_mapped;
TALLOC_FREE(tmp_ctx);
return NT_STATUS_OK;
}
