NTSTATUS idmap_gid_to_sid(struct dom_sid *sid, gid_t gid) { NTSTATUS ret; struct id_map map; bool expired; DEBUG(10, ("idmap_gid_to_sid: gid = [%lu]\n", (unsigned long)gid)); if (winbindd_use_idmap_cache() && idmap_cache_find_gid2sid(gid, sid, &expired)) { DEBUG(10, ("idmap_cache_find_gid2sid found %u%s\n", (unsigned int)gid, expired ? " (expired)": "")); if (expired && idmap_is_online()) { DEBUG(10, ("revalidating expired entry\n")); goto backend; } if (is_null_sid(sid)) { DEBUG(10, ("Returning negative cache entry\n")); return NT_STATUS_NONE_MAPPED; } DEBUG(10, ("Returning positive cache entry\n")); return NT_STATUS_OK; } backend: ZERO_STRUCT(map); map.sid = sid; map.xid.type = ID_TYPE_GID; map.xid.id = gid; ret = idmap_backends_unixid_to_sid(&map); if ( ! NT_STATUS_IS_OK(ret)) { DEBUG(10, ("error mapping gid [%lu]: %s\n", (unsigned long)gid, nt_errstr(ret))); map.status = ID_UNMAPPED; } if (map.status != ID_MAPPED) { if (winbindd_use_idmap_cache()) { struct dom_sid null_sid; struct unixid id; id.type = ID_TYPE_GID; id.id = gid; ZERO_STRUCT(null_sid); idmap_cache_set_sid2unixid(&null_sid, &id); } DEBUG(10, ("gid [%lu] not mapped\n", (unsigned long)gid)); return NT_STATUS_NONE_MAPPED; } if (winbindd_use_idmap_cache()) { idmap_cache_set_sid2unixid(sid, &map.xid); } return NT_STATUS_OK; }
NTSTATUS idmap_gid_to_sid(const char *domname, DOM_SID *sid, gid_t gid) { NTSTATUS ret; struct id_map map; bool expired; DEBUG(10,("idmap_gid_to_si: gid = [%lu], domain = '%s'\n", (unsigned long)gid, domname?domname:"NULL")); if (winbindd_use_idmap_cache() && idmap_cache_find_gid2sid(gid, sid, &expired)) { DEBUG(10, ("idmap_cache_find_gid2sid found %d%s\n", gid, expired ? " (expired)": "")); if (expired && idmap_is_online()) { DEBUG(10, ("revalidating expired entry\n")); goto backend; } if (is_null_sid(sid)) { DEBUG(10, ("Returning negative cache entry\n")); return NT_STATUS_NONE_MAPPED; } DEBUG(10, ("Returning positive cache entry\n")); return NT_STATUS_OK; } backend: map.sid = sid; map.xid.type = ID_TYPE_GID; map.xid.id = gid; ret = idmap_backends_unixid_to_sid(domname, &map); if ( ! NT_STATUS_IS_OK(ret)) { DEBUG(10, ("error mapping gid [%lu]\n", (unsigned long)gid)); return ret; } if (map.status != ID_MAPPED) { if (winbindd_use_idmap_cache()) { struct dom_sid null_sid; ZERO_STRUCT(null_sid); idmap_cache_set_sid2uid(&null_sid, gid); } DEBUG(10, ("gid [%lu] not mapped\n", (unsigned long)gid)); return NT_STATUS_NONE_MAPPED; } if (winbindd_use_idmap_cache()) { idmap_cache_set_sid2gid(sid, gid); } return NT_STATUS_OK; }
NTSTATUS idmap_sid_to_gid(const char *domname, DOM_SID *sid, gid_t *gid) { NTSTATUS ret; struct id_map map; bool expired; DEBUG(10,("idmap_sid_to_gid: sid = [%s], domain = '%s'\n", sid_string_dbg(sid), domname)); if (winbindd_use_idmap_cache() && idmap_cache_find_sid2gid(sid, gid, &expired)) { DEBUG(10, ("idmap_cache_find_sid2gid found %d%s\n", (int)(*gid), expired ? " (expired)": "")); if (expired && idmap_is_online()) { DEBUG(10, ("revalidating expired entry\n")); goto backend; } if ((*gid) == -1) { DEBUG(10, ("Returning negative cache entry\n")); return NT_STATUS_NONE_MAPPED; } DEBUG(10, ("Returning positive cache entry\n")); return NT_STATUS_OK; } backend: map.sid = sid; map.xid.type = ID_TYPE_GID; ret = idmap_backends_sid_to_unixid(domname, &map); if (NT_STATUS_IS_OK(ret) && (map.status == ID_MAPPED)) { if (map.xid.type != ID_TYPE_GID) { DEBUG(10, ("sid [%s] not mapped to a gid " "[%u,%u,%u]\n", sid_string_dbg(sid), map.status, map.xid.type, map.xid.id)); if (winbindd_use_idmap_cache()) { idmap_cache_set_sid2gid(sid, -1); } return NT_STATUS_NONE_MAPPED; } goto done; } if (domname[0] != '\0') { /* * We had the task to go to a specific domain which * could not answer our request. Fail. */ if (winbindd_use_idmap_cache()) { idmap_cache_set_sid2uid(sid, -1); } return NT_STATUS_NONE_MAPPED; } ret = idmap_new_mapping(sid, ID_TYPE_GID, &map.xid); if (!NT_STATUS_IS_OK(ret)) { DEBUG(10, ("idmap_new_mapping failed: %s\n", nt_errstr(ret))); if (winbindd_use_idmap_cache()) { idmap_cache_set_sid2gid(sid, -1); } return ret; } done: *gid = map.xid.id; if (winbindd_use_idmap_cache()) { idmap_cache_set_sid2gid(sid, *gid); } return NT_STATUS_OK; }