2 * Samba Unix/Linux SMB client library
4 * Copyright (C) Gregor Beck 2011
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 * @brief Notify smbd about idmap changes
23 * @author Gregor Beck <gb@sernet.de>
29 #include "smbd/smbd.h"
32 #include "../libcli/security/dom_sid.h"
33 #include "../librpc/gen_ndr/messaging.h"
34 #include "../librpc/gen_ndr/ndr_security.h"
35 #include "idmap_cache.h"
36 #include "passdb/lookup_sid.h"
44 enum {UID, GID, SID} type;
47 static bool parse_id(const char* str, struct id* id)
53 if (sscanf(str, "%cID %lu%c", &c, &ul, &trash) == 2) {
66 } else if (string_to_sid(&sid, str)) {
74 static bool uid_in_use(const struct user_struct* user, uid_t uid)
77 if (user->session_info && (user->session_info->utok.uid == uid)) {
85 static bool gid_in_use(const struct user_struct* user, gid_t gid)
88 if (user->session_info != NULL) {
90 struct security_unix_token utok = user->session_info->utok;
91 if (utok.gid == gid) {
94 for(i=0; i<utok.ngroups; i++) {
95 if (utok.groups[i] == gid) {
105 static bool sid_in_use(const struct user_struct* user, const struct dom_sid* psid)
109 if (sid_to_gid(psid, &gid)) {
110 return gid_in_use(user, gid);
111 } else if (sid_to_uid(psid, &uid)) {
112 return uid_in_use(user, uid);
118 static bool id_in_use(const struct user_struct* user, const struct id* id)
122 return uid_in_use(user, id->id.uid);
124 return gid_in_use(user, id->id.gid);
126 return sid_in_use(user, &id->id.sid);
133 static void delete_from_cache(const struct id* id)
137 delete_uid_cache(id->id.uid);
138 idmap_cache_del_uid(id->id.uid);
141 delete_gid_cache(id->id.gid);
142 idmap_cache_del_gid(id->id.gid);
145 delete_sid_cache(&id->id.sid);
146 idmap_cache_del_sid(&id->id.sid);
154 static void message_idmap_flush(struct messaging_context *msg_ctx,
157 struct server_id server_id,
160 const char* msg = data ? (const char*)data->data : NULL;
162 if ((msg == NULL) || (msg[0] == '\0')) {
165 } else if (strncmp(msg, "GID", 3)) {
167 } else if (strncmp(msg, "UID", 3)) {
170 DEBUG(0, ("Invalid argument: %s\n", msg));
175 static void message_idmap_delete(struct messaging_context *msg_ctx,
178 struct server_id server_id,
181 const char* msg = (data && data->data) ? (const char*)data->data : "<NULL>";
182 bool do_kill = (msg_type == MSG_IDMAP_KILL);
183 struct user_struct* validated_users = smbd_server_conn->smb1.sessions.validated_users;
186 if (!parse_id(msg, &id)) {
187 DEBUG(0, ("Invalid ?ID: %s\n", msg));
191 if( do_kill && id_in_use(validated_users, &id) ) {
192 exit_server_cleanly(msg);
194 delete_from_cache(&id);
198 void msg_idmap_register_msgs(struct messaging_context *ctx)
200 messaging_register(ctx, NULL, MSG_IDMAP_FLUSH, message_idmap_flush);
201 messaging_register(ctx, NULL, MSG_IDMAP_DELETE, message_idmap_delete);
202 messaging_register(ctx, NULL, MSG_IDMAP_KILL, message_idmap_delete);