search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dmake: do not set MAKEFLAGS=k
[unleashed/tickless.git] / usr / src / lib / libidmap / common / idmap_api.c
blob432814b4cb87a29db09d06fecdc7c440ddca7e37
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright Milan Jurik 2012. All rights reserved.
24 * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
25 * Copyright 2015 Joyent, Inc.
26 */
27
28
29 /*
30 * libidmap API
31 */
32
33 #include <stdlib.h>
34 #include <sys/varargs.h>
35 #include <inttypes.h>
36 #include <errno.h>
37 #include <strings.h>
38 #include <ctype.h>
39 #include <sys/param.h>
40 #include <sys/types.h>
41 #include <sys/stat.h>
42 #include <dlfcn.h>
43 #include <libintl.h>
44 #include <syslog.h>
45 #include <assert.h>
46 #include "idmap_impl.h"
47 #include "idmap_cache.h"
48
49 static struct timeval TIMEOUT = { 25, 0 };
50
51 static int idmap_stat2errno(idmap_stat);
52 static idmap_stat idmap_strdupnull(char **, const char *);
53
54 #define __ITER_CREATE(itera, argu, ityp)\
55 itera = calloc(1, sizeof (*itera));\
56 if (itera == NULL) {\
57 errno = ENOMEM;\
58 return (IDMAP_ERR_MEMORY);\
59 }\
60 argu = calloc(1, sizeof (*argu));\
61 if (argu == NULL) {\
62 free(itera);\
63 errno = ENOMEM;\
64 return (IDMAP_ERR_MEMORY);\
65 }\
66 itera->type = ityp;\
67 itera->retcode = IDMAP_NEXT;\
68 itera->limit = 1024;\
69 itera->arg = argu;
70
71 #define __ITER_CHECK(itera, ityp)\
72 if (itera == NULL) {\
73 errno = EINVAL;\
74 return (IDMAP_ERR_ARG);\
75 }\
76 if (itera->type != ityp) {\
77 errno = EINVAL;\
78 return (IDMAP_ERR_ARG);\
79 }
80
81 /*
82 * Free memory allocated by libidmap API
83 *
84 * Input:
85 * ptr - memory to be freed
86 */
87 void
88 idmap_free(void *ptr)
89 {
90 free(ptr);
91 }
92
93
94 static idmap_stat
95 idmap_get_prop(idmap_prop_type pr, idmap_prop_res *res)
96 {
97 idmap_stat retcode;
98
99 (void) memset(res, 0, sizeof (*res));
100
101 retcode = _idmap_clnt_call(IDMAP_GET_PROP,
102 (xdrproc_t)xdr_idmap_prop_type, (caddr_t)&pr,
103 (xdrproc_t)xdr_idmap_prop_res, (caddr_t)res, TIMEOUT);
104 if (retcode != IDMAP_SUCCESS)
105 return (retcode);
106
107 return (res->retcode); /* This might not be IDMAP_SUCCESS! */
108 }
109
110
111 idmap_stat
112 idmap_get_prop_ds(idmap_prop_type pr, idmap_ad_disc_ds_t *dc)
113 {
114 idmap_prop_res res;
115 idmap_stat rc = IDMAP_SUCCESS;
116
117 rc = idmap_get_prop(pr, &res);
118 if (rc < 0)
119 return (rc);
120
121 dc->port = res.value.idmap_prop_val_u.dsval.port;
122 (void) strlcpy(dc->host, res.value.idmap_prop_val_u.dsval.host,
123 AD_DISC_MAXHOSTNAME);
124
125 /* xdr doesn't guarantee 0-termination of char[]: */
126 dc->host[AD_DISC_MAXHOSTNAME - 1] = '\0';
127
128 return (rc);
129 }
130
131
132 /*
133 * Sometimes the property is not set. In that case, str is set to NULL but
134 * otherwise IDMAP_SUCCESS is returned.
135 */
136 idmap_stat
137 idmap_get_prop_str(idmap_prop_type pr, char **str)
138 {
139 idmap_prop_res res;
140 idmap_stat rc = IDMAP_SUCCESS;
141
142 rc = idmap_get_prop(pr, &res);
143 if (rc < 0)
144 return (rc);
145
146 rc = idmap_strdupnull(str, res.value.idmap_prop_val_u.utf8val);
147 return (rc);
148 }
149
150 /*
151 * Create/Initialize handle for updates
152 *
153 * Output:
154 * udthandle - update handle
155 */
156 idmap_stat
157 idmap_udt_create(idmap_udt_handle_t **udthandle)
158 {
159 idmap_udt_handle_t *tmp;
160
161 if (udthandle == NULL) {
162 errno = EINVAL;
163 return (IDMAP_ERR_ARG);
164 }
165 if ((tmp = calloc(1, sizeof (*tmp))) == NULL) {
166 errno = ENOMEM;
167 return (IDMAP_ERR_MEMORY);
168 }
169
170 *udthandle = tmp;
171 return (IDMAP_SUCCESS);
172 }
173
174
175 /*
176 * All the updates specified by the update handle are committed
177 * in a single transaction. i.e either all succeed or none.
178 *
179 * Input:
180 * udthandle - update handle with the update requests
181 *
182 * Return value:
183 * Status of the commit
184 */
185 idmap_stat
186 idmap_udt_commit(idmap_udt_handle_t *udthandle)
187 {
188 idmap_update_res res;
189 idmap_stat retcode;
190
191 if (udthandle == NULL) {
192 errno = EINVAL;
193 return (IDMAP_ERR_ARG);
194 }
195
196 (void) memset(&res, 0, sizeof (res));
197
198 retcode = _idmap_clnt_call(IDMAP_UPDATE,
199 (xdrproc_t)xdr_idmap_update_batch, (caddr_t)&udthandle->batch,
200 (xdrproc_t)xdr_idmap_update_res, (caddr_t)&res,
201 TIMEOUT);
202 if (retcode != IDMAP_SUCCESS)
203 goto out;
204
205 retcode = udthandle->commit_stat = res.retcode;
206 udthandle->error_index = res.error_index;
207
208 if (retcode != IDMAP_SUCCESS) {
209
210 if (udthandle->error_index < 0)
211 goto out;
212
213 retcode = idmap_namerule_cpy(&udthandle->error_rule,
214 &res.error_rule);
215 if (retcode != IDMAP_SUCCESS) {
216 udthandle->error_index = -2;
217 goto out;
218 }
219
220 retcode = idmap_namerule_cpy(&udthandle->conflict_rule,
221 &res.conflict_rule);
222 if (retcode != IDMAP_SUCCESS) {
223 udthandle->error_index = -2;
224 goto out;
225 }
226 }
227
228 retcode = res.retcode;
229
230
231 out:
232 /* reset handle so that it can be used again */
233 if (retcode == IDMAP_SUCCESS) {
234 _IDMAP_RESET_UDT_HANDLE(udthandle);
235 }
236
237 xdr_free(xdr_idmap_update_res, (caddr_t)&res);
238 errno = idmap_stat2errno(retcode);
239 return (retcode);
240 }
241
242
243 static void
244 idmap_namerule_parts_clear(char **windomain, char **winname,
245 char **unixname, boolean_t *is_user, boolean_t *is_wuser,
246 boolean_t *is_nt4, int *direction)
247 {
248 if (windomain)
249 *windomain = NULL;
250 if (winname)
251 *winname = NULL;
252 if (unixname)
253 *unixname = NULL;
254
255 if (is_nt4)
256 *is_nt4 = 0;
257 if (is_user)
258 *is_user = -1;
259 if (is_wuser)
260 *is_wuser = -1;
261 if (direction)
262 *direction = IDMAP_DIRECTION_UNDEF;
263 }
264
265 static idmap_stat
266 idmap_namerule2parts(idmap_namerule *rule,
267 char **windomain, char **winname,
268 char **unixname, boolean_t *is_user, boolean_t *is_wuser,
269 boolean_t *is_nt4, int *direction)
270 {
271 idmap_stat retcode;
272
273 if (EMPTY_STRING(rule->winname) && EMPTY_STRING(rule->unixname))
274 return (IDMAP_ERR_NORESULT);
275
276
277 retcode = idmap_strdupnull(windomain, rule->windomain);
278 if (retcode != IDMAP_SUCCESS)
279 goto errout;
280
281 retcode = idmap_strdupnull(winname, rule->winname);
282 if (retcode != IDMAP_SUCCESS)
283 goto errout;
284
285 retcode = idmap_strdupnull(unixname, rule->unixname);
286 if (retcode != IDMAP_SUCCESS)
287 goto errout;
288
289
290 if (is_user)
291 *is_user = rule->is_user;
292 if (is_wuser)
293 *is_wuser = rule->is_wuser;
294 if (is_nt4)
295 *is_nt4 = rule->is_nt4;
296 if (direction)
297 *direction = rule->direction;
298
299
300 return (IDMAP_SUCCESS);
301
302 errout:
303 if (windomain)
304 free(*windomain);
305 if (winname)
306 free(*winname);
307 if (unixname)
308 free(*unixname);
309
310 idmap_namerule_parts_clear(windomain, winname,
311 unixname, is_user, is_wuser, is_nt4, direction);
312
313 return (retcode);
314
315 }
316
317 /*
318 * Retrieve the index of the failed batch element. error_index == -1
319 * indicates failure at the beginning, -2 at the end.
320 *
321 * If idmap_udt_commit didn't return error, the returned value is undefined.
322 *
323 * Return value:
324 * IDMAP_SUCCESS
325 */
326
327 idmap_stat
328 idmap_udt_get_error_index(idmap_udt_handle_t *udthandle,
329 int64_t *error_index)
330 {
331 if (error_index)
332 *error_index = udthandle->error_index;
333
334 return (IDMAP_SUCCESS);
335 }
336
337
338 /*
339 * Retrieve the rule which caused the batch to fail. If
340 * idmap_udt_commit didn't return error or if error_index is < 0, the
341 * retrieved rule is undefined.
342 *
343 * Return value:
344 * IDMAP_ERR_NORESULT if there is no error rule.
345 * IDMAP_SUCCESS if the rule was obtained OK.
346 * other error code (IDMAP_ERR_NOMEMORY etc)
347 */
348
349 idmap_stat
350 idmap_udt_get_error_rule(idmap_udt_handle_t *udthandle,
351 char **windomain, char **winname,
352 char **unixname, boolean_t *is_user, boolean_t *is_wuser,
353 boolean_t *is_nt4, int *direction)
354 {
355 idmap_namerule_parts_clear(windomain, winname,
356 unixname, is_user, is_wuser, is_nt4, direction);
357
358 if (udthandle->commit_stat == IDMAP_SUCCESS ||
359 udthandle->error_index < 0)
360 return (IDMAP_ERR_NORESULT);
361
362 return (idmap_namerule2parts(
363 &udthandle->error_rule,
364 windomain,
365 winname,
366 unixname,
367 is_user,
368 is_wuser,
369 is_nt4,
370 direction));
371 }
372
373 /*
374 * Retrieve the rule with which there was a conflict. TODO: retrieve
375 * the value.
376 *
377 * Return value:
378 * IDMAP_ERR_NORESULT if there is no error rule.
379 * IDMAP_SUCCESS if the rule was obtained OK.
380 * other error code (IDMAP_ERR_NOMEMORY etc)
381 */
382
383 idmap_stat
384 idmap_udt_get_conflict_rule(idmap_udt_handle_t *udthandle,
385 char **windomain, char **winname,
386 char **unixname, boolean_t *is_user, boolean_t *is_wuser,
387 boolean_t *is_nt4, int *direction)
388 {
389 idmap_namerule_parts_clear(windomain, winname,
390 unixname, is_user, is_wuser, is_nt4, direction);
391
392 if (udthandle->commit_stat != IDMAP_ERR_W2U_NAMERULE_CONFLICT &&
393 udthandle->commit_stat != IDMAP_ERR_U2W_NAMERULE_CONFLICT) {
394 return (IDMAP_ERR_NORESULT);
395 }
396
397 return (idmap_namerule2parts(
398 &udthandle->conflict_rule,
399 windomain,
400 winname,
401 unixname,
402 is_user,
403 is_wuser,
404 is_nt4,
405 direction));
406 }
407
408
409 /*
410 * Destroy the update handle
411 */
412 void
413 idmap_udt_destroy(idmap_udt_handle_t *udthandle)
414 {
415 if (udthandle == NULL)
416 return;
417 xdr_free(xdr_idmap_update_batch, (caddr_t)&udthandle->batch);
418 xdr_free(xdr_idmap_namerule, (caddr_t)&udthandle->error_rule);
419 xdr_free(xdr_idmap_namerule, (caddr_t)&udthandle->conflict_rule);
420 free(udthandle);
421 }
422
423
424 idmap_stat
425 idmap_udt_add_namerule(idmap_udt_handle_t *udthandle, const char *windomain,
426 boolean_t is_user, boolean_t is_wuser, const char *winname,
427 const char *unixname, boolean_t is_nt4, int direction)
428 {
429 idmap_retcode retcode;
430 idmap_namerule *rule = NULL;
431
432 retcode = _udt_extend_batch(udthandle);
433 if (retcode != IDMAP_SUCCESS)
434 goto errout;
435
436 rule = &udthandle->batch.
437 idmap_update_batch_val[udthandle->next].
438 idmap_update_op_u.rule;
439 rule->is_user = is_user;
440 rule->is_wuser = is_wuser;
441 rule->direction = direction;
442 rule->is_nt4 = is_nt4;
443
444 retcode = idmap_strdupnull(&rule->windomain, windomain);
445 if (retcode != IDMAP_SUCCESS)
446 goto errout;
447
448 retcode = idmap_strdupnull(&rule->winname, winname);
449 if (retcode != IDMAP_SUCCESS)
450 goto errout;
451
452 retcode = idmap_strdupnull(&rule->unixname, unixname);
453 if (retcode != IDMAP_SUCCESS)
454 goto errout;
455
456 udthandle->batch.idmap_update_batch_val[udthandle->next].opnum =
457 OP_ADD_NAMERULE;
458 udthandle->next++;
459 return (IDMAP_SUCCESS);
460
461 errout:
462 /* The batch should still be usable */
463 if (rule)
464 xdr_free(xdr_idmap_namerule, (caddr_t)rule);
465 errno = idmap_stat2errno(retcode);
466 return (retcode);
467 }
468
469
470 /* ARGSUSED */
471 idmap_stat
472 idmap_udt_rm_namerule(idmap_udt_handle_t *udthandle, boolean_t is_user,
473 boolean_t is_wuser, const char *windomain, const char *winname,
474 const char *unixname, int direction)
475 {
476 idmap_retcode retcode;
477 idmap_namerule *rule = NULL;
478
479 retcode = _udt_extend_batch(udthandle);
480 if (retcode != IDMAP_SUCCESS)
481 goto errout;
482
483 rule = &udthandle->batch.
484 idmap_update_batch_val[udthandle->next].
485 idmap_update_op_u.rule;
486 rule->is_user = is_user;
487 rule->is_wuser = is_wuser;
488 rule->direction = direction;
489
490 retcode = idmap_strdupnull(&rule->windomain, windomain);
491 if (retcode != IDMAP_SUCCESS)
492 goto errout;
493
494 retcode = idmap_strdupnull(&rule->winname, winname);
495 if (retcode != IDMAP_SUCCESS)
496 goto errout;
497
498 retcode = idmap_strdupnull(&rule->unixname, unixname);
499 if (retcode != IDMAP_SUCCESS)
500 goto errout;
501
502 udthandle->batch.idmap_update_batch_val[udthandle->next].opnum =
503 OP_RM_NAMERULE;
504 udthandle->next++;
505 return (IDMAP_SUCCESS);
506
507 errout:
508 if (rule)
509 xdr_free(xdr_idmap_namerule, (caddr_t)rule);
510 errno = idmap_stat2errno(retcode);
511 return (retcode);
512 }
513
514
515 /* ARGSUSED */
516 idmap_stat
517 idmap_udt_flush_namerules(idmap_udt_handle_t *udthandle)
518 {
519 idmap_retcode retcode;
520
521 retcode = _udt_extend_batch(udthandle);
522 if (retcode != IDMAP_SUCCESS)
523 goto errout;
524
525 udthandle->batch.idmap_update_batch_val[udthandle->next].opnum =
526 OP_FLUSH_NAMERULES;
527 udthandle->next++;
528 return (IDMAP_SUCCESS);
529
530 errout:
531 errno = idmap_stat2errno(retcode);
532 return (retcode);
533 }
534
535
536 /*
537 * Set the number of entries requested per batch by the iterator
538 *
539 * Input:
540 * iter - iterator
541 * limit - number of entries requested per batch
542 */
543 idmap_stat
544 idmap_iter_set_limit(idmap_iter_t *iter, uint64_t limit)
545 {
546 if (iter == NULL) {
547 errno = EINVAL;
548 return (IDMAP_ERR_ARG);
549 }
550 iter->limit = limit;
551 return (IDMAP_SUCCESS);
552 }
553
554
555 /*
556 * Create iterator to get name-based mapping rules
557 *
558 * Input:
559 * windomain - Windows domain
560 * is_user - user or group rules
561 * winname - Windows user or group name
562 * unixname - Unix user or group name
563 *
564 * Output:
565 * iter - iterator
566 */
567 idmap_stat
568 idmap_iter_namerules(const char *windomain, boolean_t is_user,
569 boolean_t is_wuser, const char *winname, const char *unixname,
570 idmap_iter_t **iter)
571 {
572
573 idmap_iter_t *tmpiter;
574 idmap_list_namerules_1_argument *arg = NULL;
575 idmap_namerule *rule;
576 idmap_retcode retcode;
577
578 __ITER_CREATE(tmpiter, arg, IDMAP_LIST_NAMERULES);
579
580 rule = &arg->rule;
581 rule->is_user = is_user;
582 rule->is_wuser = is_wuser;
583 rule->direction = IDMAP_DIRECTION_UNDEF;
584
585 retcode = idmap_strdupnull(&rule->windomain, windomain);
586 if (retcode != IDMAP_SUCCESS)
587 goto errout;
588
589 retcode = idmap_strdupnull(&rule->winname, winname);
590 if (retcode != IDMAP_SUCCESS)
591 goto errout;
592
593 retcode = idmap_strdupnull(&rule->unixname, unixname);
594 if (retcode != IDMAP_SUCCESS)
595 goto errout;
596
597 *iter = tmpiter;
598 return (IDMAP_SUCCESS);
599
600 errout:
601 if (arg) {
602 xdr_free(xdr_idmap_list_namerules_1_argument, (char *)arg);
603 free(arg);
604 }
605 free(tmpiter);
606
607 return (retcode);
608 }
609
610
611 /*
612 * Iterate through the name-based mapping rules
613 *
614 * Input:
615 * iter - iterator
616 *
617 * Output:
618 * windomain - Windows domain
619 * winname - Windows user or group name
620 * unixname - Unix user or group name
621 * is_nt4 - NT4 or AD
622 * direction - bi(0), win2unix(1), unix2win(2)
623 *
624 * Return value:
625 * 0 - done
626 * 1 - more results available
627 * < 0 - error
628 */
629 idmap_stat
630 idmap_iter_next_namerule(idmap_iter_t *iter, char **windomain,
631 char **winname, char **unixname, boolean_t *is_user,
632 boolean_t *is_wuser, boolean_t *is_nt4, int *direction)
633 {
634 idmap_namerules_res *namerules;
635 idmap_list_namerules_1_argument *arg;
636 idmap_retcode retcode;
637
638 idmap_namerule_parts_clear(windomain, winname,
639 unixname, is_user, is_wuser, is_nt4, direction);
640
641
642 __ITER_CHECK(iter, IDMAP_LIST_NAMERULES);
643
644 namerules = (idmap_namerules_res *)iter->retlist;
645 if (iter->retcode == IDMAP_NEXT && (namerules == NULL ||
646 iter->next >= namerules->rules.rules_len)) {
647
648 if ((arg = iter->arg) == NULL) {
649 errno = EINVAL;
650 return (IDMAP_ERR_ARG);
651 }
652 arg->limit = iter->limit;
653
654 retcode = _iter_get_next_list(IDMAP_LIST_NAMERULES,
655 iter, arg,
656 (uchar_t **)&namerules, sizeof (*namerules),
657 (xdrproc_t)xdr_idmap_list_namerules_1_argument,
658 (xdrproc_t)xdr_idmap_namerules_res);
659 if (retcode != IDMAP_SUCCESS)
660 return (retcode);
661
662 if (IDMAP_ERROR(namerules->retcode)) {
663 retcode = namerules->retcode;
664 xdr_free(xdr_idmap_namerules_res, (caddr_t)namerules);
665 free(namerules);
666 iter->retlist = NULL;
667 return (retcode);
668 }
669 iter->retcode = namerules->retcode;
670 arg->lastrowid = namerules->lastrowid;
671 }
672
673 if (namerules == NULL || namerules->rules.rules_len == 0)
674 return (IDMAP_SUCCESS);
675
676 if (iter->next >= namerules->rules.rules_len) {
677 return (IDMAP_ERR_ARG);
678 }
679
680 retcode = idmap_strdupnull(windomain,
681 namerules->rules.rules_val[iter->next].windomain);
682 if (retcode != IDMAP_SUCCESS)
683 goto errout;
684
685 retcode = idmap_strdupnull(winname,
686 namerules->rules.rules_val[iter->next].winname);
687 if (retcode != IDMAP_SUCCESS)
688 goto errout;
689
690 retcode = idmap_strdupnull(unixname,
691 namerules->rules.rules_val[iter->next].unixname);
692 if (retcode != IDMAP_SUCCESS)
693 goto errout;
694
695 if (is_nt4)
696 *is_nt4 = namerules->rules.rules_val[iter->next].is_nt4;
697 if (is_user)
698 *is_user = namerules->rules.rules_val[iter->next].is_user;
699 if (is_wuser)
700 *is_wuser = namerules->rules.rules_val[iter->next].is_wuser;
701 if (direction)
702 *direction = namerules->rules.rules_val[iter->next].direction;
703 iter->next++;
704
705 if (iter->next == namerules->rules.rules_len)
706 return (iter->retcode);
707 else
708 return (IDMAP_NEXT);
709
710 errout:
711 if (windomain)
712 free(*windomain);
713 if (winname)
714 free(*winname);
715 if (unixname)
716 free(*unixname);
717 return (retcode);
718 }
719
720
721 /*
722 * Create iterator to get SID to UID/GID mappings
723 *
724 * Output:
725 * iter - iterator
726 */
727 idmap_stat
728 idmap_iter_mappings(idmap_iter_t **iter, int flag)
729 {
730 idmap_iter_t *tmpiter;
731 idmap_list_mappings_1_argument *arg = NULL;
732
733 __ITER_CREATE(tmpiter, arg, IDMAP_LIST_MAPPINGS);
734
735 arg->flag = flag;
736 *iter = tmpiter;
737 return (IDMAP_SUCCESS);
738 }
739
740
741 /*
742 * Iterate through the SID to UID/GID mappings
743 *
744 * Input:
745 * iter - iterator
746 *
747 * Output:
748 * sid - SID in canonical form
749 * pid - UID or GID
750 *
751 * Return value:
752 * 0 - done
753 * 1 - more results available
754 * < 0 - error
755 */
756 idmap_stat
757 idmap_iter_next_mapping(idmap_iter_t *iter, char **sidprefix,
758 idmap_rid_t *rid, uid_t *pid, char **winname,
759 char **windomain, char **unixname, boolean_t *is_user,
760 boolean_t *is_wuser, int *direction, idmap_info *info)
761 {
762 idmap_mappings_res *mappings;
763 idmap_list_mappings_1_argument *arg;
764 idmap_retcode retcode;
765 char *str;
766
767 if (sidprefix)
768 *sidprefix = NULL;
769 if (rid)
770 *rid = UINT32_MAX;
771 if (winname)
772 *winname = NULL;
773 if (windomain)
774 *windomain = NULL;
775 if (unixname)
776 *unixname = NULL;
777 if (pid)
778 *pid = UINT32_MAX;
779 if (is_user)
780 *is_user = -1;
781 if (is_wuser)
782 *is_wuser = -1;
783 if (direction)
784 *direction = IDMAP_DIRECTION_UNDEF;
785
786 __ITER_CHECK(iter, IDMAP_LIST_MAPPINGS);
787
788 mappings = (idmap_mappings_res *)iter->retlist;
789 if (iter->retcode == IDMAP_NEXT && (mappings == NULL ||
790 iter->next >= mappings->mappings.mappings_len)) {
791
792 if ((arg = iter->arg) == NULL) {
793 errno = EINVAL;
794 return (IDMAP_ERR_ARG);
795 }
796 arg->limit = iter->limit;
797
798 retcode = _iter_get_next_list(IDMAP_LIST_MAPPINGS,
799 iter, arg,
800 (uchar_t **)&mappings, sizeof (*mappings),
801 (xdrproc_t)xdr_idmap_list_mappings_1_argument,
802 (xdrproc_t)xdr_idmap_mappings_res);
803 if (retcode != IDMAP_SUCCESS)
804 return (retcode);
805
806 if (IDMAP_ERROR(mappings->retcode)) {
807 retcode = mappings->retcode;
808 xdr_free(xdr_idmap_mappings_res, (caddr_t)mappings);
809 free(mappings);
810 iter->retlist = NULL;
811 return (retcode);
812 }
813 iter->retcode = mappings->retcode;
814 arg->lastrowid = mappings->lastrowid;
815 }
816
817 if (mappings == NULL || mappings->mappings.mappings_len == 0)
818 return (IDMAP_SUCCESS);
819
820 if (iter->next >= mappings->mappings.mappings_len) {
821 return (IDMAP_ERR_ARG);
822 }
823
824 if (sidprefix) {
825 str = mappings->mappings.mappings_val[iter->next].id1.
826 idmap_id_u.sid.prefix;
827 if (str && *str != '\0') {
828 *sidprefix = strdup(str);
829 if (*sidprefix == NULL) {
830 retcode = IDMAP_ERR_MEMORY;
831 goto errout;
832 }
833 }
834 }
835 if (rid)
836 *rid = mappings->mappings.mappings_val[iter->next].id1.
837 idmap_id_u.sid.rid;
838
839 retcode = idmap_strdupnull(windomain,
840 mappings->mappings.mappings_val[iter->next].id1domain);
841 if (retcode != IDMAP_SUCCESS)
842 goto errout;
843
844 retcode = idmap_strdupnull(winname,
845 mappings->mappings.mappings_val[iter->next].id1name);
846 if (retcode != IDMAP_SUCCESS)
847 goto errout;
848
849 retcode = idmap_strdupnull(unixname,
850 mappings->mappings.mappings_val[iter->next].id2name);
851 if (retcode != IDMAP_SUCCESS)
852 goto errout;
853
854
855 if (pid)
856 *pid = mappings->mappings.mappings_val[iter->next].id2.
857 idmap_id_u.uid;
858 if (direction)
859 *direction = mappings->mappings.mappings_val[iter->next].
860 direction;
861 if (is_user)
862 *is_user = (mappings->mappings.mappings_val[iter->next].id2
863 .idtype == IDMAP_UID)?1:0;
864 if (is_wuser)
865 *is_wuser = (mappings->mappings.mappings_val[iter->next].id1
866 .idtype == IDMAP_USID)?1:0;
867
868 if (info) {
869 idmap_info_mov(info,
870 &mappings->mappings.mappings_val[iter->next].info);
871 }
872 iter->next++;
873
874 if (iter->next == mappings->mappings.mappings_len)
875 return (iter->retcode);
876 else
877 return (IDMAP_NEXT);
878
879 errout:
880 if (sidprefix)
881 free(*sidprefix);
882 if (winname)
883 free(*winname);
884 if (windomain)
885 free(*windomain);
886 if (unixname)
887 free(*unixname);
888 return (retcode);
889 }
890
891
892 /*
893 * Destroy the iterator
894 */
895 void
896 idmap_iter_destroy(idmap_iter_t *iter)
897 {
898 xdrproc_t _xdr_argument, _xdr_result;
899
900 if (iter == NULL)
901 return;
902
903 switch (iter->type) {
904 case IDMAP_LIST_NAMERULES:
905 _xdr_argument = (xdrproc_t)xdr_idmap_list_namerules_1_argument;
906 _xdr_result = (xdrproc_t)xdr_idmap_namerules_res;
907 break;
908 case IDMAP_LIST_MAPPINGS:
909 _xdr_argument = (xdrproc_t)xdr_idmap_list_mappings_1_argument;
910 _xdr_result = (xdrproc_t)xdr_idmap_mappings_res;
911 break;
912 default:
913 free(iter);
914 return;
915 };
916
917 if (iter->arg) {
918 xdr_free(_xdr_argument, (caddr_t)iter->arg);
919 free(iter->arg);
920 }
921 if (iter->retlist) {
922 xdr_free(_xdr_result, (caddr_t)iter->retlist);
923 free(iter->retlist);
924 }
925 free(iter);
926 }
927
928
929 /*
930 * Create handle to get SID to UID/GID mapping entries
931 *
932 * Input:
933 * gh - "get mapping" handle
934 */
935 idmap_stat
936 idmap_get_create(idmap_get_handle_t **gh)
937 {
938 idmap_get_handle_t *tmp;
939
940 /* allocate the handle */
941 if ((tmp = calloc(1, sizeof (*tmp))) == NULL) {
942 errno = ENOMEM;
943 return (IDMAP_ERR_MEMORY);
944 }
945
946 *gh = tmp;
947 return (IDMAP_SUCCESS);
948 }
949
950
951 /*
952 * Given SID, get UID
953 *
954 * Input:
955 * sidprefix - SID prefix
956 * rid - RID
957 * flag - flag
958 *
959 * Output:
960 * stat - status of the get request
961 * uid - POSIX UID if stat = 0
962 *
963 * Note: The output parameters will be set by idmap_get_mappings()
964 */
965 idmap_stat
966 idmap_get_uidbysid(idmap_get_handle_t *gh, char *sidprefix, idmap_rid_t rid,
967 int flag, uid_t *uid, idmap_stat *stat)
968 {
969 return (idmap_getext_uidbysid(gh, sidprefix, rid, flag, uid,
970 NULL, stat));
971 }
972
973 /*
974 * Given SID, get UID
975 *
976 * Input:
977 * sidprefix - SID prefix
978 * rid - RID
979 * flag - flag
980 *
981 * Output:
982 * stat - status of the get request
983 * uid - POSIX UID if stat = 0
984 * how - mapping type if stat = 0
985 *
986 * Note: The output parameters will be set by idmap_get_mappings()
987 */
988
989 idmap_stat
990 idmap_getext_uidbysid(idmap_get_handle_t *gh, char *sidprefix, idmap_rid_t rid,
991 int flag, uid_t *uid, idmap_info *info, idmap_stat *stat)
992 {
993 idmap_retcode retcode;
994 idmap_mapping *mapping = NULL;
995
996 /* sanity checks */
997 if (gh == NULL)
998 return (IDMAP_ERR_ARG);
999 if (uid == NULL || sidprefix == NULL)
1000 return (IDMAP_ERR_ARG);
1001
1002 if ((flag & IDMAP_REQ_FLG_USE_CACHE) &&
1003 !(flag & IDMAP_REQ_FLG_MAPPING_INFO)) {
1004 retcode = idmap_cache_lookup_uidbysid(sidprefix, rid, uid);
1005 if (retcode == IDMAP_SUCCESS || retcode == IDMAP_ERR_MEMORY) {
1006 *stat = retcode;
1007 return (retcode);
1008 }
1009 }
1010
1011 /* Extend the request array and the return list */
1012 if ((retcode = _get_ids_extend_batch(gh)) != IDMAP_SUCCESS)
1013 goto errout;
1014
1015 /* Setup the request */
1016 mapping = &gh->batch.idmap_mapping_batch_val[gh->next];
1017 mapping->flag = flag;
1018 mapping->id1.idtype = IDMAP_SID;
1019 mapping->id1.idmap_id_u.sid.rid = rid;
1020 if ((mapping->id1.idmap_id_u.sid.prefix = strdup(sidprefix)) == NULL) {
1021 retcode = IDMAP_ERR_MEMORY;
1022 goto errout;
1023 }
1024 mapping->id2.idtype = IDMAP_UID;
1025
1026 /* Setup pointers for the result */
1027 gh->retlist[gh->next].idtype = IDMAP_UID;
1028 gh->retlist[gh->next].uid = uid;
1029 gh->retlist[gh->next].stat = stat;
1030 gh->retlist[gh->next].info = info;
1031 gh->retlist[gh->next].cache_res = flag & IDMAP_REQ_FLG_USE_CACHE;
1032
1033 gh->next++;
1034 return (IDMAP_SUCCESS);
1035
1036 errout:
1037 /* Batch created so far should still be usable */
1038 if (mapping)
1039 (void) memset(mapping, 0, sizeof (*mapping));
1040 errno = idmap_stat2errno(retcode);
1041 return (retcode);
1042 }
1043
1044
1045 /*
1046 * Given SID, get GID
1047 *
1048 * Input:
1049 * sidprefix - SID prefix
1050 * rid - rid
1051 * flag - flag
1052 *
1053 * Output:
1054 * stat - status of the get request
1055 * gid - POSIX GID if stat = 0
1056 *
1057 * Note: The output parameters will be set by idmap_get_mappings()
1058 */
1059 idmap_stat
1060 idmap_get_gidbysid(idmap_get_handle_t *gh, char *sidprefix, idmap_rid_t rid,
1061 int flag, gid_t *gid, idmap_stat *stat)
1062 {
1063 return (idmap_getext_gidbysid(gh, sidprefix, rid, flag, gid,
1064 NULL, stat));
1065 }
1066
1067
1068 /*
1069 * Given SID, get GID
1070 *
1071 * Input:
1072 * sidprefix - SID prefix
1073 * rid - rid
1074 * flag - flag
1075 *
1076 * Output:
1077 * stat - status of the get request
1078 * gid - POSIX GID if stat = 0
1079 * how - mapping type if stat = 0
1080 *
1081 * Note: The output parameters will be set by idmap_get_mappings()
1082 */
1083 idmap_stat
1084 idmap_getext_gidbysid(idmap_get_handle_t *gh, char *sidprefix, idmap_rid_t rid,
1085 int flag, gid_t *gid, idmap_info *info, idmap_stat *stat)
1086 {
1087
1088 idmap_retcode retcode;
1089 idmap_mapping *mapping = NULL;
1090
1091 /* sanity checks */
1092 if (gh == NULL)
1093 return (IDMAP_ERR_ARG);
1094 if (gid == NULL || sidprefix == NULL)
1095 return (IDMAP_ERR_ARG);
1096
1097 if ((flag & IDMAP_REQ_FLG_USE_CACHE) &&
1098 !(flag & IDMAP_REQ_FLG_MAPPING_INFO)) {
1099 retcode = idmap_cache_lookup_gidbysid(sidprefix, rid, gid);
1100 if (retcode == IDMAP_SUCCESS || retcode == IDMAP_ERR_MEMORY) {
1101 *stat = retcode;
1102 return (retcode);
1103 }
1104 }
1105
1106 /* Extend the request array and the return list */
1107 if ((retcode = _get_ids_extend_batch(gh)) != IDMAP_SUCCESS)
1108 goto errout;
1109
1110 /* Setup the request */
1111 mapping = &gh->batch.idmap_mapping_batch_val[gh->next];
1112 mapping->flag = flag;
1113 mapping->id1.idtype = IDMAP_SID;
1114 mapping->id1.idmap_id_u.sid.rid = rid;
1115 if ((mapping->id1.idmap_id_u.sid.prefix = strdup(sidprefix)) == NULL) {
1116 retcode = IDMAP_ERR_MEMORY;
1117 goto errout;
1118 }
1119 mapping->id2.idtype = IDMAP_GID;
1120
1121 /* Setup pointers for the result */
1122 gh->retlist[gh->next].idtype = IDMAP_GID;
1123 gh->retlist[gh->next].gid = gid;
1124 gh->retlist[gh->next].stat = stat;
1125 gh->retlist[gh->next].info = info;
1126 gh->retlist[gh->next].cache_res = flag & IDMAP_REQ_FLG_USE_CACHE;
1127
1128 gh->next++;
1129 return (IDMAP_SUCCESS);
1130
1131 errout:
1132 if (mapping)
1133 (void) memset(mapping, 0, sizeof (*mapping));
1134 errno = idmap_stat2errno(retcode);
1135 return (retcode);
1136 }
1137
1138
1139
1140 /*
1141 * Given SID, get POSIX ID i.e. UID/GID
1142 *
1143 * Input:
1144 * sidprefix - SID prefix
1145 * rid - rid
1146 * flag - flag
1147 *
1148 * Output:
1149 * stat - status of the get request
1150 * is_user - user or group
1151 * pid - POSIX UID if stat = 0 and is_user = 1
1152 * POSIX GID if stat = 0 and is_user = 0
1153 *
1154 * Note: The output parameters will be set by idmap_get_mappings()
1155 */
1156 idmap_stat
1157 idmap_get_pidbysid(idmap_get_handle_t *gh, char *sidprefix, idmap_rid_t rid,
1158 int flag, uid_t *pid, int *is_user, idmap_stat *stat)
1159 {
1160 return (idmap_getext_pidbysid(gh, sidprefix, rid, flag, pid, is_user,
1161 NULL, stat));
1162 }
1163
1164
1165
1166 /*
1167 * Given SID, get POSIX ID i.e. UID/GID
1168 *
1169 * Input:
1170 * sidprefix - SID prefix
1171 * rid - rid
1172 * flag - flag
1173 *
1174 * Output:
1175 * stat - status of the get request
1176 * is_user - user or group
1177 * pid - POSIX UID if stat = 0 and is_user = 1
1178 * POSIX GID if stat = 0 and is_user = 0
1179 * how - mapping type if stat = 0
1180 *
1181 * Note: The output parameters will be set by idmap_get_mappings()
1182 */
1183 idmap_stat
1184 idmap_getext_pidbysid(idmap_get_handle_t *gh, char *sidprefix, idmap_rid_t rid,
1185 int flag, uid_t *pid, int *is_user, idmap_info *info, idmap_stat *stat)
1186 {
1187 idmap_retcode retcode;
1188 idmap_mapping *mapping = NULL;
1189
1190 /* sanity checks */
1191 if (gh == NULL)
1192 return (IDMAP_ERR_ARG);
1193 if (pid == NULL || sidprefix == NULL || is_user == NULL)
1194 return (IDMAP_ERR_ARG);
1195
1196 if ((flag & IDMAP_REQ_FLG_USE_CACHE) &&
1197 !(flag & IDMAP_REQ_FLG_MAPPING_INFO)) {
1198 retcode = idmap_cache_lookup_pidbysid(sidprefix, rid, pid,
1199 is_user);
1200 if (retcode == IDMAP_SUCCESS || retcode == IDMAP_ERR_MEMORY) {
1201 *stat = retcode;
1202 return (retcode);
1203 }
1204 }
1205
1206 /* Extend the request array and the return list */
1207 if ((retcode = _get_ids_extend_batch(gh)) != IDMAP_SUCCESS)
1208 goto errout;
1209
1210 /* Setup the request */
1211 mapping = &gh->batch.idmap_mapping_batch_val[gh->next];
1212 mapping->flag = flag;
1213 mapping->id1.idtype = IDMAP_SID;
1214 mapping->id1.idmap_id_u.sid.rid = rid;
1215 if ((mapping->id1.idmap_id_u.sid.prefix = strdup(sidprefix)) == NULL) {
1216 retcode = IDMAP_ERR_MEMORY;
1217 goto errout;
1218 }
1219 mapping->id2.idtype = IDMAP_POSIXID;
1220
1221 /* Setup pointers for the result */
1222 gh->retlist[gh->next].idtype = IDMAP_POSIXID;
1223 gh->retlist[gh->next].uid = pid;
1224 gh->retlist[gh->next].gid = pid;
1225 gh->retlist[gh->next].is_user = is_user;
1226 gh->retlist[gh->next].stat = stat;
1227 gh->retlist[gh->next].info = info;
1228 gh->retlist[gh->next].cache_res = flag & IDMAP_REQ_FLG_USE_CACHE;
1229
1230 gh->next++;
1231 return (IDMAP_SUCCESS);
1232
1233 errout:
1234 if (mapping)
1235 (void) memset(mapping, 0, sizeof (*mapping));
1236 errno = idmap_stat2errno(retcode);
1237 return (retcode);
1238 }
1239
1240
1241 /*
1242 * Given UID, get SID
1243 *
1244 * Input:
1245 * uid - POSIX UID
1246 * flag - flag
1247 *
1248 * Output:
1249 * stat - status of the get request
1250 * sid - SID prefix (if stat == 0)
1251 * rid - rid
1252 *
1253 * Note: The output parameters will be set by idmap_get_mappings()
1254 */
1255 idmap_stat
1256 idmap_get_sidbyuid(idmap_get_handle_t *gh, uid_t uid, int flag,
1257 char **sidprefix, idmap_rid_t *rid, idmap_stat *stat)
1258 {
1259 return (idmap_getext_sidbyuid(gh, uid, flag, sidprefix, rid,
1260 NULL, stat));
1261 }
1262
1263
1264 /*
1265 * Given UID, get SID
1266 *
1267 * Input:
1268 * uid - POSIX UID
1269 * flag - flag
1270 *
1271 * Output:
1272 * stat - status of the get request
1273 * sid - SID prefix (if stat == 0)
1274 * rid - rid
1275 * how - mapping type if stat = 0
1276 *
1277 * Note: The output parameters will be set by idmap_get_mappings()
1278 */
1279 idmap_stat
1280 idmap_getext_sidbyuid(idmap_get_handle_t *gh, uid_t uid, int flag,
1281 char **sidprefix, idmap_rid_t *rid, idmap_info *info, idmap_stat *stat)
1282 {
1283
1284 idmap_retcode retcode;
1285 idmap_mapping *mapping = NULL;
1286
1287 /* sanity checks */
1288 if (gh == NULL)
1289 return (IDMAP_ERR_ARG);
1290 if (sidprefix == NULL)
1291 return (IDMAP_ERR_ARG);
1292
1293 if ((flag & IDMAP_REQ_FLG_USE_CACHE) &&
1294 !(flag & IDMAP_REQ_FLG_MAPPING_INFO)) {
1295 retcode = idmap_cache_lookup_sidbyuid(sidprefix, rid, uid);
1296 if (retcode == IDMAP_SUCCESS || retcode == IDMAP_ERR_MEMORY) {
1297 *stat = retcode;
1298 return (retcode);
1299 }
1300 }
1301
1302 /* Extend the request array and the return list */
1303 if ((retcode = _get_ids_extend_batch(gh)) != IDMAP_SUCCESS)
1304 goto errout;
1305
1306 /* Setup the request */
1307 mapping = &gh->batch.idmap_mapping_batch_val[gh->next];
1308 mapping->flag = flag;
1309 mapping->id1.idtype = IDMAP_UID;
1310 mapping->id1.idmap_id_u.uid = uid;
1311 mapping->id2.idtype = IDMAP_SID;
1312
1313 /* Setup pointers for the result */
1314 gh->retlist[gh->next].idtype = IDMAP_SID;
1315 gh->retlist[gh->next].sidprefix = sidprefix;
1316 gh->retlist[gh->next].rid = rid;
1317 gh->retlist[gh->next].stat = stat;
1318 gh->retlist[gh->next].info = info;
1319 gh->retlist[gh->next].cache_res = flag & IDMAP_REQ_FLG_USE_CACHE;
1320
1321 gh->next++;
1322 return (IDMAP_SUCCESS);
1323
1324 errout:
1325 if (mapping)
1326 (void) memset(mapping, 0, sizeof (*mapping));
1327 errno = idmap_stat2errno(retcode);
1328 return (retcode);
1329 }
1330
1331
1332 /*
1333 * Given GID, get SID
1334 *
1335 * Input:
1336 * gid - POSIX GID
1337 * flag - flag
1338 *
1339 * Output:
1340 * stat - status of the get request
1341 * sidprefix - SID prefix (if stat == 0)
1342 * rid - rid
1343 *
1344 * Note: The output parameters will be set by idmap_get_mappings()
1345 */
1346 idmap_stat
1347 idmap_get_sidbygid(idmap_get_handle_t *gh, gid_t gid, int flag,
1348 char **sidprefix, idmap_rid_t *rid, idmap_stat *stat)
1349 {
1350 return (idmap_getext_sidbygid(gh, gid, flag, sidprefix, rid,
1351 NULL, stat));
1352 }
1353
1354
1355 /*
1356 * Given GID, get SID
1357 *
1358 * Input:
1359 * gid - POSIX GID
1360 * flag - flag
1361 *
1362 * Output:
1363 * stat - status of the get request
1364 * sidprefix - SID prefix (if stat == 0)
1365 * rid - rid
1366 * how - mapping type if stat = 0
1367 *
1368 * Note: The output parameters will be set by idmap_get_mappings()
1369 */
1370 idmap_stat
1371 idmap_getext_sidbygid(idmap_get_handle_t *gh, gid_t gid, int flag,
1372 char **sidprefix, idmap_rid_t *rid, idmap_info *info, idmap_stat *stat)
1373 {
1374
1375 idmap_retcode retcode;
1376 idmap_mapping *mapping = NULL;
1377
1378 /* sanity checks */
1379 if (gh == NULL)
1380 return (IDMAP_ERR_ARG);
1381 if (sidprefix == NULL)
1382 return (IDMAP_ERR_ARG);
1383
1384 if ((flag & IDMAP_REQ_FLG_USE_CACHE) &&
1385 !(flag & IDMAP_REQ_FLG_MAPPING_INFO)) {
1386 retcode = idmap_cache_lookup_sidbygid(sidprefix, rid, gid);
1387 if (retcode == IDMAP_SUCCESS || retcode == IDMAP_ERR_MEMORY) {
1388 *stat = retcode;
1389 return (retcode);
1390 }
1391 }
1392
1393 /* Extend the request array and the return list */
1394 if ((retcode = _get_ids_extend_batch(gh)) != IDMAP_SUCCESS)
1395 goto errout;
1396
1397 /* Setup the request */
1398 mapping = &gh->batch.idmap_mapping_batch_val[gh->next];
1399 mapping->flag = flag;
1400 mapping->id1.idtype = IDMAP_GID;
1401 mapping->id1.idmap_id_u.gid = gid;
1402 mapping->id2.idtype = IDMAP_SID;
1403
1404 /* Setup pointers for the result */
1405 gh->retlist[gh->next].idtype = IDMAP_SID;
1406 gh->retlist[gh->next].sidprefix = sidprefix;
1407 gh->retlist[gh->next].rid = rid;
1408 gh->retlist[gh->next].stat = stat;
1409 gh->retlist[gh->next].info = info;
1410 gh->retlist[gh->next].cache_res = flag & IDMAP_REQ_FLG_USE_CACHE;
1411
1412 gh->next++;
1413 return (IDMAP_SUCCESS);
1414
1415 errout:
1416 if (mapping)
1417 (void) memset(mapping, 0, sizeof (*mapping));
1418 errno = idmap_stat2errno(retcode);
1419 return (retcode);
1420 }
1421
1422
1423 /*
1424 * Process the batched "get mapping" requests. The results (i.e.
1425 * status and identity) will be available in the data areas
1426 * provided by individual requests.
1427 */
1428 idmap_stat
1429 idmap_get_mappings(idmap_get_handle_t *gh)
1430 {
1431 idmap_retcode retcode;
1432 idmap_ids_res res;
1433 idmap_id *res_id;
1434 int i;
1435 idmap_id *req_id;
1436 int direction;
1437
1438 if (gh == NULL) {
1439 errno = EINVAL;
1440 return (IDMAP_ERR_ARG);
1441 }
1442
1443 (void) memset(&res, 0, sizeof (idmap_ids_res));
1444 retcode = _idmap_clnt_call(IDMAP_GET_MAPPED_IDS,
1445 (xdrproc_t)xdr_idmap_mapping_batch,
1446 (caddr_t)&gh->batch,
1447 (xdrproc_t)xdr_idmap_ids_res,
1448 (caddr_t)&res,
1449 TIMEOUT);
1450 if (retcode != IDMAP_SUCCESS) {
1451 goto out;
1452 }
1453 if (res.retcode != IDMAP_SUCCESS) {
1454 retcode = res.retcode;
1455 goto out;
1456 }
1457 for (i = 0; i < gh->next; i++) {
1458 if (i >= res.ids.ids_len) {
1459 *gh->retlist[i].stat = IDMAP_ERR_NORESULT;
1460 continue;
1461 }
1462 *gh->retlist[i].stat = res.ids.ids_val[i].retcode;
1463 res_id = &res.ids.ids_val[i].id;
1464 direction = res.ids.ids_val[i].direction;
1465 req_id = &gh->batch.idmap_mapping_batch_val[i].id1;
1466 switch (res_id->idtype) {
1467 case IDMAP_UID:
1468 if (gh->retlist[i].uid)
1469 *gh->retlist[i].uid = res_id->idmap_id_u.uid;
1470 if (gh->retlist[i].is_user)
1471 *gh->retlist[i].is_user = 1;
1472
1473 if (res.ids.ids_val[i].retcode == IDMAP_SUCCESS &&
1474 gh->retlist[i].cache_res) {
1475 if (gh->retlist[i].is_user != NULL)
1476 idmap_cache_add_sid2pid(
1477 req_id->idmap_id_u.sid.prefix,
1478 req_id->idmap_id_u.sid.rid,
1479 res_id->idmap_id_u.uid, 1,
1480 direction);
1481 else
1482 idmap_cache_add_sid2uid(
1483 req_id->idmap_id_u.sid.prefix,
1484 req_id->idmap_id_u.sid.rid,
1485 res_id->idmap_id_u.uid,
1486 direction);
1487 }
1488 break;
1489
1490 case IDMAP_GID:
1491 if (gh->retlist[i].gid)
1492 *gh->retlist[i].gid = res_id->idmap_id_u.gid;
1493 if (gh->retlist[i].is_user)
1494 *gh->retlist[i].is_user = 0;
1495
1496 if (res.ids.ids_val[i].retcode == IDMAP_SUCCESS &&
1497 gh->retlist[i].cache_res) {
1498 if (gh->retlist[i].is_user != NULL)
1499 idmap_cache_add_sid2pid(
1500 req_id->idmap_id_u.sid.prefix,
1501 req_id->idmap_id_u.sid.rid,
1502 res_id->idmap_id_u.gid, 0,
1503 direction);
1504 else
1505 idmap_cache_add_sid2gid(
1506 req_id->idmap_id_u.sid.prefix,
1507 req_id->idmap_id_u.sid.rid,
1508 res_id->idmap_id_u.gid,
1509 direction);
1510 }
1511 break;
1512
1513 case IDMAP_POSIXID:
1514 if (gh->retlist[i].uid)
1515 *gh->retlist[i].uid = 60001;
1516 if (gh->retlist[i].is_user)
1517 *gh->retlist[i].is_user = -1;
1518 break;
1519
1520 case IDMAP_SID:
1521 case IDMAP_USID:
1522 case IDMAP_GSID:
1523 if (gh->retlist[i].rid)
1524 *gh->retlist[i].rid =
1525 res_id->idmap_id_u.sid.rid;
1526 if (gh->retlist[i].sidprefix) {
1527 if (res_id->idmap_id_u.sid.prefix == NULL ||
1528 *res_id->idmap_id_u.sid.prefix == '\0') {
1529 *gh->retlist[i].sidprefix = NULL;
1530 break;
1531 }
1532 *gh->retlist[i].sidprefix =
1533 strdup(res_id->idmap_id_u.sid.prefix);
1534 if (*gh->retlist[i].sidprefix == NULL)
1535 *gh->retlist[i].stat =
1536 IDMAP_ERR_MEMORY;
1537 }
1538 if (res.ids.ids_val[i].retcode == IDMAP_SUCCESS &&
1539 gh->retlist[i].cache_res) {
1540 if (req_id->idtype == IDMAP_UID)
1541 idmap_cache_add_sid2uid(
1542 res_id->idmap_id_u.sid.prefix,
1543 res_id->idmap_id_u.sid.rid,
1544 req_id->idmap_id_u.uid,
1545 direction);
1546 else /* req_id->idtype == IDMAP_GID */
1547 idmap_cache_add_sid2gid(
1548 res_id->idmap_id_u.sid.prefix,
1549 res_id->idmap_id_u.sid.rid,
1550 req_id->idmap_id_u.gid,
1551 direction);
1552 }
1553 break;
1554
1555 case IDMAP_NONE:
1556 break;
1557
1558 default:
1559 *gh->retlist[i].stat = IDMAP_ERR_NORESULT;
1560 break;
1561 }
1562 if (gh->retlist[i].info != NULL) {
1563 idmap_info_mov(gh->retlist[i].info,
1564 &res.ids.ids_val[i].info);
1565 }
1566 }
1567 retcode = IDMAP_SUCCESS;
1568
1569 out:
1570 _IDMAP_RESET_GET_HANDLE(gh);
1571 xdr_free(xdr_idmap_ids_res, (caddr_t)&res);
1572 errno = idmap_stat2errno(retcode);
1573 return (retcode);
1574 }
1575
1576
1577 /*
1578 * Destroy the "get mapping" handle
1579 */
1580 void
1581 idmap_get_destroy(idmap_get_handle_t *gh)
1582 {
1583 if (gh == NULL)
1584 return;
1585 xdr_free(xdr_idmap_mapping_batch, (caddr_t)&gh->batch);
1586 free(gh->retlist);
1587 free(gh);
1588 }
1589
1590
1591 /*
1592 * Get windows to unix mapping
1593 */
1594 idmap_stat
1595 idmap_get_w2u_mapping(
1596 const char *sidprefix, idmap_rid_t *rid,
1597 const char *winname, const char *windomain,
1598 int flag, int *is_user, int *is_wuser,
1599 uid_t *pid, char **unixname, int *direction, idmap_info *info)
1600 {
1601 idmap_mapping request, *mapping;
1602 idmap_mappings_res result;
1603 idmap_retcode retcode, rc;
1604
1605 (void) memset(&request, 0, sizeof (request));
1606 (void) memset(&result, 0, sizeof (result));
1607
1608 if (pid)
1609 *pid = UINT32_MAX;
1610 if (unixname)
1611 *unixname = NULL;
1612 if (direction)
1613 *direction = IDMAP_DIRECTION_UNDEF;
1614
1615 request.flag = flag;
1616 request.id1.idtype = IDMAP_SID;
1617 if (sidprefix && rid) {
1618 request.id1.idmap_id_u.sid.prefix = (char *)sidprefix;
1619 request.id1.idmap_id_u.sid.rid = *rid;
1620 } else if (winname) {
1621 retcode = idmap_strdupnull(&request.id1name, winname);
1622 if (retcode != IDMAP_SUCCESS)
1623 goto out;
1624
1625 retcode = idmap_strdupnull(&request.id1domain, windomain);
1626 if (retcode != IDMAP_SUCCESS)
1627 goto out;
1628
1629 request.id1.idmap_id_u.sid.prefix = NULL;
1630 } else {
1631 errno = EINVAL;
1632 return (IDMAP_ERR_ARG);
1633 }
1634
1635 if (*is_user == 1)
1636 request.id2.idtype = IDMAP_UID;
1637 else if (*is_user == 0)
1638 request.id2.idtype = IDMAP_GID;
1639 else
1640 request.id2.idtype = IDMAP_POSIXID;
1641
1642 if (*is_wuser == 1)
1643 request.id1.idtype = IDMAP_USID;
1644 else if (*is_wuser == 0)
1645 request.id1.idtype = IDMAP_GSID;
1646 else
1647 request.id1.idtype = IDMAP_SID;
1648
1649 retcode = _idmap_clnt_call(IDMAP_GET_MAPPED_ID_BY_NAME,
1650 (xdrproc_t)xdr_idmap_mapping, (caddr_t)&request,
1651 (xdrproc_t)xdr_idmap_mappings_res, (caddr_t)&result,
1652 TIMEOUT);
1653
1654 if (retcode != IDMAP_SUCCESS)
1655 goto out;
1656
1657 retcode = result.retcode;
1658
1659 if ((mapping = result.mappings.mappings_val) == NULL) {
1660 if (retcode == IDMAP_SUCCESS)
1661 retcode = IDMAP_ERR_NORESULT;
1662 goto out;
1663 }
1664
1665 if (info != NULL)
1666 idmap_info_mov(info, &mapping->info);
1667
1668 if (mapping->id2.idtype == IDMAP_UID) {
1669 *is_user = 1;
1670 } else if (mapping->id2.idtype == IDMAP_GID) {
1671 *is_user = 0;
1672 } else {
1673 goto out;
1674 }
1675
1676 if (mapping->id1.idtype == IDMAP_USID) {
1677 *is_wuser = 1;
1678 } else if (mapping->id1.idtype == IDMAP_GSID) {
1679 *is_wuser = 0;
1680 } else {
1681 goto out;
1682 }
1683
1684 if (direction)
1685 *direction = mapping->direction;
1686 if (pid)
1687 *pid = mapping->id2.idmap_id_u.uid;
1688
1689 rc = idmap_strdupnull(unixname, mapping->id2name);
1690 if (rc != IDMAP_SUCCESS)
1691 retcode = rc;
1692
1693 out:
1694 free(request.id1name);
1695 free(request.id1domain);
1696 xdr_free(xdr_idmap_mappings_res, (caddr_t)&result);
1697 if (retcode != IDMAP_SUCCESS)
1698 errno = idmap_stat2errno(retcode);
1699 return (retcode);
1700 }
1701
1702
1703 /*
1704 * Get unix to windows mapping
1705 */
1706 idmap_stat
1707 idmap_get_u2w_mapping(
1708 uid_t *pid, const char *unixname,
1709 int flag, int is_user, int *is_wuser,
1710 char **sidprefix, idmap_rid_t *rid,
1711 char **winname, char **windomain,
1712 int *direction, idmap_info *info)
1713 {
1714 idmap_mapping request, *mapping;
1715 idmap_mappings_res result;
1716 idmap_retcode retcode, rc;
1717
1718 if (sidprefix)
1719 *sidprefix = NULL;
1720 if (winname)
1721 *winname = NULL;
1722 if (windomain)
1723 *windomain = NULL;
1724 if (rid)
1725 *rid = UINT32_MAX;
1726 if (direction)
1727 *direction = IDMAP_DIRECTION_UNDEF;
1728
1729 (void) memset(&request, 0, sizeof (request));
1730 (void) memset(&result, 0, sizeof (result));
1731
1732 request.flag = flag;
1733 request.id1.idtype = is_user?IDMAP_UID:IDMAP_GID;
1734
1735 if (pid && *pid != UINT32_MAX) {
1736 request.id1.idmap_id_u.uid = *pid;
1737 } else if (unixname) {
1738 request.id1name = (char *)unixname;
1739 request.id1.idmap_id_u.uid = UINT32_MAX;
1740 } else {
1741 errno = EINVAL;
1742 return (IDMAP_ERR_ARG);
1743 }
1744
1745 if (is_wuser == NULL)
1746 request.id2.idtype = IDMAP_SID;
1747 else if (*is_wuser == -1)
1748 request.id2.idtype = IDMAP_SID;
1749 else if (*is_wuser == 0)
1750 request.id2.idtype = IDMAP_GSID;
1751 else if (*is_wuser == 1)
1752 request.id2.idtype = IDMAP_USID;
1753
1754 retcode = _idmap_clnt_call(IDMAP_GET_MAPPED_ID_BY_NAME,
1755 (xdrproc_t)xdr_idmap_mapping, (caddr_t)&request,
1756 (xdrproc_t)xdr_idmap_mappings_res, (caddr_t)&result,
1757 TIMEOUT);
1758
1759 if (retcode != IDMAP_SUCCESS)
1760 goto out;
1761
1762 retcode = result.retcode;
1763
1764 if ((mapping = result.mappings.mappings_val) == NULL) {
1765 if (retcode == IDMAP_SUCCESS)
1766 retcode = IDMAP_ERR_NORESULT;
1767 goto out;
1768 }
1769
1770 if (info != NULL)
1771 idmap_info_mov(info, &mapping->info);
1772
1773 if (direction != NULL)
1774 *direction = mapping->direction;
1775
1776 if (is_wuser != NULL) {
1777 if (mapping->id2.idtype == IDMAP_USID)
1778 *is_wuser = 1;
1779 else if (mapping->id2.idtype == IDMAP_GSID)
1780 *is_wuser = 0;
1781 else
1782 *is_wuser = -1;
1783 }
1784
1785 if (sidprefix && mapping->id2.idmap_id_u.sid.prefix &&
1786 *mapping->id2.idmap_id_u.sid.prefix != '\0') {
1787 *sidprefix = strdup(mapping->id2.idmap_id_u.sid.prefix);
1788 if (*sidprefix == NULL) {
1789 retcode = IDMAP_ERR_MEMORY;
1790 goto errout;
1791 }
1792 }
1793 if (rid)
1794 *rid = mapping->id2.idmap_id_u.sid.rid;
1795
1796 rc = idmap_strdupnull(winname, mapping->id2name);
1797 if (rc != IDMAP_SUCCESS)
1798 retcode = rc;
1799
1800 rc = idmap_strdupnull(windomain, mapping->id2domain);
1801 if (rc != IDMAP_SUCCESS)
1802 retcode = rc;
1803
1804 goto out;
1805
1806 errout:
1807 if (sidprefix && *sidprefix) {
1808 free(*sidprefix);
1809 *sidprefix = NULL;
1810 }
1811 if (winname && *winname) {
1812 free(*winname);
1813 *winname = NULL;
1814 }
1815 if (windomain && *windomain) {
1816 free(*windomain);
1817 *windomain = NULL;
1818 }
1819
1820 out:
1821 xdr_free(xdr_idmap_mappings_res, (caddr_t)&result);
1822 if (retcode != IDMAP_SUCCESS)
1823 errno = idmap_stat2errno(retcode);
1824 return (retcode);
1825 }
1826
1827
1828
1829 #define gettext(s) s
1830 static stat_table_t stattable[] = {
1831 {IDMAP_SUCCESS, gettext("Success"), 0},
1832 {IDMAP_NEXT, gettext("More results available"), 0},
1833 {IDMAP_ERR_OTHER, gettext("Undefined error"), EINVAL},
1834 {IDMAP_ERR_INTERNAL, gettext("Internal error"), EINVAL},
1835 {IDMAP_ERR_MEMORY, gettext("Out of memory"), ENOMEM},
1836 {IDMAP_ERR_NORESULT, gettext("No results available"), EINVAL},
1837 {IDMAP_ERR_NOTUSER, gettext("Not a user"), EINVAL},
1838 {IDMAP_ERR_NOTGROUP, gettext("Not a group"), EINVAL},
1839 {IDMAP_ERR_NOTSUPPORTED, gettext("Operation not supported"), ENOTSUP},
1840 {IDMAP_ERR_W2U_NAMERULE,
1841 gettext("Invalid Windows to UNIX name-based rule"), EINVAL},
1842 {IDMAP_ERR_U2W_NAMERULE,
1843 gettext("Invalid UNIX to Windows name-based rule"), EINVAL},
1844 {IDMAP_ERR_CACHE, gettext("Invalid cache"), EINVAL},
1845 {IDMAP_ERR_DB, gettext("Invalid database"), EINVAL},
1846 {IDMAP_ERR_ARG, gettext("Invalid argument"), EINVAL},
1847 {IDMAP_ERR_SID, gettext("Invalid SID"), EINVAL},
1848 {IDMAP_ERR_IDTYPE, gettext("Invalid identity type"), EINVAL},
1849 {IDMAP_ERR_RPC_HANDLE, gettext("Bad RPC handle"), EBADF},
1850 {IDMAP_ERR_RPC, gettext("RPC error"), EINVAL},
1851 {IDMAP_ERR_CLIENT_HANDLE, gettext("Bad client handle"), EINVAL},
1852 {IDMAP_ERR_BUSY, gettext("Server is busy"), EBUSY},
1853 {IDMAP_ERR_PERMISSION_DENIED, gettext("Permission denied"), EACCES},
1854 {IDMAP_ERR_NOMAPPING,
1855 gettext("Mapping not found or inhibited"), EINVAL},
1856 {IDMAP_ERR_NEW_ID_ALLOC_REQD,
1857 gettext("New mapping needs to be created"), EINVAL},
1858 {IDMAP_ERR_DOMAIN, gettext("Invalid domain"), EINVAL},
1859 {IDMAP_ERR_SECURITY, gettext("Security issue"), EINVAL},
1860 {IDMAP_ERR_NOTFOUND, gettext("Not found"), EINVAL},
1861 {IDMAP_ERR_DOMAIN_NOTFOUND, gettext("Domain not found"), EINVAL},
1862 {IDMAP_ERR_UPDATE_NOTALLOWED, gettext("Update not allowed"), EINVAL},
1863 {IDMAP_ERR_CFG, gettext("Configuration error"), EINVAL},
1864 {IDMAP_ERR_CFG_CHANGE, gettext("Invalid configuration change"), EINVAL},
1865 {IDMAP_ERR_NOTMAPPED_WELLKNOWN,
1866 gettext("No mapping for well-known SID"), EINVAL},
1867 {IDMAP_ERR_RETRIABLE_NET_ERR,
1868 gettext("Windows lookup failed"), EINVAL},
1869 {IDMAP_ERR_W2U_NAMERULE_CONFLICT,
1870 gettext("Duplicate rule or conflicts with an existing "
1871 "Windows to UNIX name-based rule"), EINVAL},
1872 {IDMAP_ERR_U2W_NAMERULE_CONFLICT,
1873 gettext("Duplicate rule or conflicts with an existing "
1874 "Unix to Windows name-based rule"), EINVAL},
1875 {IDMAP_ERR_BAD_UTF8,
1876 gettext("Invalid or illegal UTF-8 sequence found in "
1877 "a given Windows entity name or domain name"), EINVAL},
1878 {IDMAP_ERR_NONE_GENERATED,
1879 gettext("Mapping not found and none created (see -c option)"),
1880 EINVAL},
1881 {IDMAP_ERR_PROP_UNKNOWN,
1882 gettext("Undefined property"),
1883 EINVAL},
1884 {IDMAP_ERR_NS_LDAP_CFG,
1885 gettext("Native LDAP configuration error"), EINVAL},
1886 {IDMAP_ERR_NS_LDAP_PARTIAL,
1887 gettext("Partial result from Native LDAP"), EINVAL},
1888 {IDMAP_ERR_NS_LDAP_OP_FAILED,
1889 gettext("Native LDAP operation failed"), EINVAL},
1890 {IDMAP_ERR_NS_LDAP_BAD_WINNAME,
1891 gettext("Improper winname form found in Native LDAP"), EINVAL},
1892 {IDMAP_ERR_NO_ACTIVEDIRECTORY,
1893 gettext("No AD servers"),
1894 EINVAL},
1895 {-1, NULL, 0}
1896 };
1897 #undef gettext
1898
1899
1900 /*
1901 * Get description of status code
1902 *
1903 * Input:
1904 * status - Status code returned by libidmap API call
1905 *
1906 * Return Value:
1907 * human-readable localized description of idmap_stat
1908 */
1909 const char *
1910 idmap_stat2string(idmap_stat status)
1911 {
1912 int i;
1913
1914 for (i = 0; stattable[i].msg; i++) {
1915 if (stattable[i].retcode == status)
1916 return (dgettext(TEXT_DOMAIN, stattable[i].msg));
1917 }
1918 return (dgettext(TEXT_DOMAIN, "Unknown error"));
1919 }
1920
1921
1922 static int
1923 idmap_stat2errno(idmap_stat stat)
1924 {
1925 int i;
1926 for (i = 0; stattable[i].msg; i++) {
1927 if (stattable[i].retcode == stat)
1928 return (stattable[i].errnum);
1929 }
1930 return (EINVAL);
1931 }
1932
1933
1934 /*
1935 * Get status code from string
1936 */
1937 idmap_stat
1938 idmap_string2stat(const char *str)
1939 {
1940 if (str == NULL)
1941 return (IDMAP_ERR_INTERNAL);
1942
1943 #define return_cmp(a) \
1944 if (0 == strcmp(str, "IDMAP_ERR_" #a)) \
1945 return (IDMAP_ERR_ ## a);
1946
1947 return_cmp(OTHER);
1948 return_cmp(INTERNAL);
1949 return_cmp(MEMORY);
1950 return_cmp(NORESULT);
1951 return_cmp(NOTUSER);
1952 return_cmp(NOTGROUP);
1953 return_cmp(NOTSUPPORTED);
1954 return_cmp(W2U_NAMERULE);
1955 return_cmp(U2W_NAMERULE);
1956 return_cmp(CACHE);
1957 return_cmp(DB);
1958 return_cmp(ARG);
1959 return_cmp(SID);
1960 return_cmp(IDTYPE);
1961 return_cmp(RPC_HANDLE);
1962 return_cmp(RPC);
1963 return_cmp(CLIENT_HANDLE);
1964 return_cmp(BUSY);
1965 return_cmp(PERMISSION_DENIED);
1966 return_cmp(NOMAPPING);
1967 return_cmp(NEW_ID_ALLOC_REQD);
1968 return_cmp(DOMAIN);
1969 return_cmp(SECURITY);
1970 return_cmp(NOTFOUND);
1971 return_cmp(DOMAIN_NOTFOUND);
1972 return_cmp(MEMORY);
1973 return_cmp(UPDATE_NOTALLOWED);
1974 return_cmp(CFG);
1975 return_cmp(CFG_CHANGE);
1976 return_cmp(NOTMAPPED_WELLKNOWN);
1977 return_cmp(RETRIABLE_NET_ERR);
1978 return_cmp(W2U_NAMERULE_CONFLICT);
1979 return_cmp(U2W_NAMERULE_CONFLICT);
1980 return_cmp(BAD_UTF8);
1981 return_cmp(NONE_GENERATED);
1982 return_cmp(PROP_UNKNOWN);
1983 return_cmp(NS_LDAP_CFG);
1984 return_cmp(NS_LDAP_PARTIAL);
1985 return_cmp(NS_LDAP_OP_FAILED);
1986 return_cmp(NS_LDAP_BAD_WINNAME);
1987 return_cmp(NO_ACTIVEDIRECTORY);
1988 #undef return_cmp
1989
1990 return (IDMAP_ERR_OTHER);
1991 }
1992
1993
1994 /*
1995 * Map the given status to one that can be returned by the protocol
1996 */
1997 idmap_stat
1998 idmap_stat4prot(idmap_stat status)
1999 {
2000 switch (status) {
2001 case IDMAP_ERR_MEMORY:
2002 case IDMAP_ERR_CACHE:
2003 return (IDMAP_ERR_INTERNAL);
2004 }
2005 return (status);
2006 }
2007
2008
2009 /*
2010 * This is a convenience routine which duplicates a string after
2011 * checking for NULL pointers. This function will return success if
2012 * either the 'to' OR 'from' pointers are NULL.
2013 */
2014 static idmap_stat
2015 idmap_strdupnull(char **to, const char *from)
2016 {
2017 if (to == NULL)
2018 return (IDMAP_SUCCESS);
2019
2020 if (from == NULL || *from == '\0') {
2021 *to = NULL;
2022 return (IDMAP_SUCCESS);
2023 }
2024
2025 *to = strdup(from);
2026 if (*to == NULL)
2027 return (IDMAP_ERR_MEMORY);
2028 return (IDMAP_SUCCESS);
2029 }
2030
2031
2032 idmap_stat
2033 idmap_namerule_cpy(idmap_namerule *to, idmap_namerule *from)
2034 {
2035 idmap_stat retval;
2036
2037 if (to == NULL)
2038 return (IDMAP_SUCCESS);
2039
2040 (void) memcpy(to, from, sizeof (idmap_namerule));
2041 to->windomain = NULL;
2042 to->winname = NULL;
2043 to->unixname = NULL;
2044
2045 retval = idmap_strdupnull(&to->windomain, from->windomain);
2046 if (retval != IDMAP_SUCCESS)
2047 return (retval);
2048
2049 retval = idmap_strdupnull(&to->winname, from->winname);
2050 if (retval != IDMAP_SUCCESS) {
2051 free(to->windomain);
2052 to->windomain = NULL;
2053 return (retval);
2054 }
2055
2056 retval = idmap_strdupnull(&to->unixname, from->unixname);
2057 if (retval != IDMAP_SUCCESS) {
2058 free(to->windomain);
2059 to->windomain = NULL;
2060 free(to->winname);
2061 to->winname = NULL;
2062 return (retval);
2063 }
2064
2065 return (retval);
2066 }
2067
2068
2069 /*
2070 * Move the contents of the "info" structure from "from" to "to".
2071 */
2072 void
2073 idmap_info_mov(idmap_info *to, idmap_info *from)
2074 {
2075 (void) memcpy(to, from, sizeof (idmap_info));
2076 (void) memset(from, 0, sizeof (idmap_info));
2077 }
2078
2079
2080 void
2081 idmap_info_free(idmap_info *info)
2082 {
2083 if (info == NULL)
2084 return;
2085
2086 xdr_free(xdr_idmap_info, (caddr_t)info);
2087 (void) memset(info, 0, sizeof (idmap_info));
2088 }
2089
2090
2091 void
2092 idmap_how_clear(idmap_how *how)
2093 {
2094 xdr_free(xdr_idmap_how, (caddr_t)how);
2095 (void) memset(how, 0, sizeof (*how));
2096 }
2097
2098
2099 /*
2100 * Get uid given Windows name
2101 */
2102 idmap_stat
2103 idmap_getuidbywinname(const char *name, const char *domain, int flag,
2104 uid_t *uid)
2105 {
2106 idmap_retcode rc;
2107 int is_user = 1;
2108 int is_wuser = -1;
2109 int direction;
2110
2111 if (uid == NULL)
2112 return (IDMAP_ERR_ARG);
2113
2114 if (flag & IDMAP_REQ_FLG_USE_CACHE) {
2115 rc = idmap_cache_lookup_uidbywinname(name, domain, uid);
2116 if (rc == IDMAP_SUCCESS || rc == IDMAP_ERR_MEMORY)
2117 return (rc);
2118 }
2119 /* Get mapping */
2120 rc = idmap_get_w2u_mapping(NULL, NULL, name, domain, flag,
2121 &is_user, &is_wuser, uid, NULL, &direction, NULL);
2122
2123 if (rc == IDMAP_SUCCESS && (flag & IDMAP_REQ_FLG_USE_CACHE)) {
2124 /* If we have not got the domain don't store UID to winname */
2125 if (domain == NULL)
2126 direction = IDMAP_DIRECTION_W2U;
2127 idmap_cache_add_winname2uid(name, domain, *uid, direction);
2128 }
2129
2130 return (rc);
2131 }
2132
2133
2134 /*
2135 * Get gid given Windows name
2136 */
2137 idmap_stat
2138 idmap_getgidbywinname(const char *name, const char *domain, int flag,
2139 gid_t *gid)
2140 {
2141 idmap_retcode rc;
2142 int is_user = 0;
2143 int is_wuser = -1;
2144 int direction;
2145
2146 if (gid == NULL)
2147 return (IDMAP_ERR_ARG);
2148
2149 if (flag & IDMAP_REQ_FLG_USE_CACHE) {
2150 rc = idmap_cache_lookup_gidbywinname(name, domain, gid);
2151 if (rc == IDMAP_SUCCESS || rc == IDMAP_ERR_MEMORY)
2152 return (rc);
2153 }
2154
2155 /* Get mapping */
2156 rc = idmap_get_w2u_mapping(NULL, NULL, name, domain, flag,
2157 &is_user, &is_wuser, gid, NULL, &direction, NULL);
2158
2159 if (rc == IDMAP_SUCCESS && (flag & IDMAP_REQ_FLG_USE_CACHE)) {
2160 /* If we have not got the domain don't store GID to winname */
2161 if (domain == NULL)
2162 direction = IDMAP_DIRECTION_W2U;
2163 idmap_cache_add_winname2gid(name, domain, *gid, direction);
2164 }
2165
2166 return (rc);
2167 }
2168
2169
2170 /*
2171 * Get winname given pid
2172 */
2173 idmap_stat
2174 idmap_getwinnamebypid(uid_t pid, int is_user, int flag, char **name,
2175 char **domain)
2176 {
2177 idmap_retcode rc;
2178 int len;
2179 char *winname, *windomain;
2180 int direction;
2181
2182 if (name == NULL)
2183 return (IDMAP_ERR_ARG);
2184
2185 if (flag & IDMAP_REQ_FLG_USE_CACHE) {
2186 if (is_user)
2187 rc = idmap_cache_lookup_winnamebyuid(&winname,
2188 &windomain, pid);
2189 else
2190 rc = idmap_cache_lookup_winnamebygid(&winname,
2191 &windomain, pid);
2192 if (rc == IDMAP_SUCCESS)
2193 goto out;
2194 if (rc == IDMAP_ERR_MEMORY)
2195 return (rc);
2196 }
2197
2198 /* Get mapping */
2199 rc = idmap_get_u2w_mapping(&pid, NULL, flag, is_user, NULL,
2200 NULL, NULL, &winname, &windomain, &direction, NULL);
2201
2202 /* Return on error */
2203 if (rc != IDMAP_SUCCESS)
2204 return (rc);
2205
2206 /*
2207 * The given PID may have been mapped to a locally
2208 * generated SID in which case there isn't any
2209 * Windows name
2210 */
2211 if (winname == NULL) {
2212 idmap_free(windomain);
2213 return (IDMAP_ERR_NORESULT);
2214 }
2215
2216 if (flag & IDMAP_REQ_FLG_USE_CACHE) {
2217 if (is_user)
2218 idmap_cache_add_winname2uid(winname, windomain,
2219 pid, direction);
2220 else
2221 idmap_cache_add_winname2gid(winname, windomain,
2222 pid, direction);
2223 }
2224
2225 out:
2226 if (domain != NULL) {
2227 *name = winname;
2228 *domain = windomain;
2229 } else {
2230 char *wd = windomain != NULL ? windomain : "";
2231 len = snprintf(NULL, 0, "%s@%s", winname, wd) + 1;
2232 if ((*name = malloc(len)) != NULL)
2233 (void) snprintf(*name, len, "%s@%s", winname, wd);
2234 else
2235 rc = IDMAP_ERR_MEMORY;
2236 idmap_free(winname);
2237 idmap_free(windomain);
2238 }
2239
2240 return (rc);
2241 }
2242
2243
2244 /*
2245 * Get winname given uid
2246 */
2247 idmap_stat
2248 idmap_getwinnamebyuid(uid_t uid, int flag, char **name, char **domain)
2249 {
2250 return (idmap_getwinnamebypid(uid, 1, flag, name, domain));
2251 }
2252
2253
2254 /*
2255 * Get winname given gid
2256 */
2257 idmap_stat
2258 idmap_getwinnamebygid(gid_t gid, int flag, char **name, char **domain)
2259 {
2260 return (idmap_getwinnamebypid(gid, 0, flag, name, domain));
2261 }
2262
2263 idmap_stat
2264 idmap_flush(idmap_flush_op op)
2265 {
2266 idmap_retcode rc1, rc2;
2267
2268 rc1 = _idmap_clnt_call(IDMAP_FLUSH,
2269 (xdrproc_t)xdr_idmap_flush_op, (caddr_t)&op,
2270 (xdrproc_t)xdr_idmap_retcode, (caddr_t)&rc2, TIMEOUT);
2271
2272 if (rc1 != IDMAP_SUCCESS)
2273 return (rc1);
2274 return (rc2);
2275 }
2276
2277
2278 /*
2279 * syslog is the default logger.
2280 * It can be overwritten by supplying a logger
2281 * with idmap_set_logger()
2282 */
2283 idmap_logger_t logger = syslog;
2284
2285
2286 void
2287 idmap_set_logger(idmap_logger_t funct)
2288 {
2289 logger = funct;
2290 }
2291
2292 /*
2293 * Helper functions that concatenate two parts of a name and then
2294 * look up a value, so that the same set of functions can be used to
2295 * process both "in" and "out" parameters.
2296 */
2297 static
2298 boolean_t
2299 idmap_trace_get_str(nvlist_t *entry, char *n1, char *n2, char **ret)
2300 {
2301 char name[IDMAP_TRACE_NAME_MAX+1]; /* Max used is about 11 */
2302 int err;
2303
2304 (void) strlcpy(name, n1, sizeof (name));
2305 if (n2 != NULL)
2306 (void) strlcat(name, n2, sizeof (name));
2307
2308 err = nvlist_lookup_string(entry, name, ret);
2309 return (err == 0);
2310 }
2311
2312 static
2313 boolean_t
2314 idmap_trace_get_int(nvlist_t *entry, char *n1, char *n2, int64_t *ret)
2315 {
2316 char name[IDMAP_TRACE_NAME_MAX+1]; /* Max used is about 11 */
2317 int err;
2318
2319 (void) strlcpy(name, n1, sizeof (name));
2320 if (n2 != NULL)
2321 (void) strlcat(name, n2, sizeof (name));
2322
2323 err = nvlist_lookup_int64(entry, name, ret);
2324 return (err == 0);
2325 }
2326
2327 static
2328 void
2329 idmap_trace_print_id(FILE *out, nvlist_t *entry, char *fromto)
2330 {
2331 char *s;
2332 int64_t i64;
2333
2334 if (idmap_trace_get_int(entry, fromto, IDMAP_TRACE_TYPE, &i64)) {
2335 switch (i64) {
2336 case IDMAP_POSIXID:
2337 (void) fprintf(out, "unixname ");
2338 break;
2339 case IDMAP_UID:
2340 (void) fprintf(out, "unixuser ");
2341 break;
2342 case IDMAP_GID:
2343 (void) fprintf(out, "unixgroup ");
2344 break;
2345 case IDMAP_SID:
2346 (void) fprintf(out, "winname ");
2347 break;
2348 case IDMAP_USID:
2349 (void) fprintf(out, "winuser ");
2350 break;
2351 case IDMAP_GSID:
2352 (void) fprintf(out, "wingroup ");
2353 break;
2354 case IDMAP_NONE:
2355 (void) fprintf(out, gettext("unknown "));
2356 break;
2357 default:
2358 (void) fprintf(out, gettext("bad %d "), (int)i64);
2359 break;
2360 }
2361 }
2362
2363 if (idmap_trace_get_str(entry, fromto, IDMAP_TRACE_NAME, &s))
2364 (void) fprintf(out, "%s ", s);
2365
2366 if (idmap_trace_get_str(entry, fromto, IDMAP_TRACE_SID, &s))
2367 (void) fprintf(out, "%s ", s);
2368
2369 if (idmap_trace_get_int(entry, fromto, IDMAP_TRACE_UNIXID, &i64))
2370 (void) fprintf(out, "%u ", (uid_t)i64);
2371 }
2372
2373 void
2374 idmap_trace_print_1(FILE *out, char *prefix, nvlist_t *entry)
2375 {
2376 char *s;
2377 int64_t i64;
2378
2379 (void) fprintf(out, "%s", prefix);
2380 idmap_trace_print_id(out, entry, "from");
2381 (void) fprintf(out, "-> ");
2382 idmap_trace_print_id(out, entry, "to");
2383 if (idmap_trace_get_int(entry, IDMAP_TRACE_ERROR, NULL, &i64))
2384 (void) fprintf(out, gettext("Error %d "), (int)i64);
2385 (void) fprintf(out, "-");
2386 if (idmap_trace_get_str(entry, IDMAP_TRACE_MESSAGE, NULL, &s))
2387 (void) fprintf(out, " %s", s);
2388 (void) fprintf(out, "\n");
2389 }
2390
2391 void
2392 idmap_trace_print(FILE *out, char *prefix, nvlist_t *trace)
2393 {
2394 nvpair_t *nvp;
2395
2396 for (nvp = nvlist_next_nvpair(trace, NULL);
2397 nvp != NULL;
2398 nvp = nvlist_next_nvpair(trace, nvp)) {
2399 nvlist_t *entry;
2400 int err;
2401
2402 err = nvpair_value_nvlist(nvp, &entry);
2403 assert(err == 0);
2404
2405 idmap_trace_print_1(out, prefix, entry);
2406 }
2407 }
unleashed repo fork