Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 :
4 : Wrapper around winbindd_rpc.c to centralize retry logic.
5 :
6 : Copyright (C) Volker Lendecke 2005
7 :
8 : This program is free software; you can redistribute it and/or modify
9 : it under the terms of the GNU General Public License as published by
10 : the Free Software Foundation; either version 3 of the License, or
11 : (at your option) any later version.
12 :
13 : This program is distributed in the hope that it will be useful,
14 : but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 : GNU General Public License for more details.
17 :
18 : You should have received a copy of the GNU General Public License
19 : along with this program. If not, see <http://www.gnu.org/licenses/>.
20 : */
21 :
22 : #include "includes.h"
23 : #include "winbindd.h"
24 :
25 : #undef DBGC_CLASS
26 : #define DBGC_CLASS DBGC_WINBIND
27 :
28 : extern struct winbindd_methods msrpc_methods;
29 :
30 0 : bool reconnect_need_retry(NTSTATUS status, struct winbindd_domain *domain)
31 : {
32 0 : if (NT_STATUS_IS_OK(status)) {
33 0 : return false;
34 : }
35 :
36 0 : if (!NT_STATUS_IS_ERR(status)) {
37 0 : return false;
38 : }
39 :
40 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) {
41 0 : return false;
42 : }
43 :
44 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)) {
45 0 : return false;
46 : }
47 :
48 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_GROUP)) {
49 0 : return false;
50 : }
51 :
52 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_ALIAS)) {
53 0 : return false;
54 : }
55 :
56 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_MEMBER)) {
57 0 : return false;
58 : }
59 :
60 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_DOMAIN)) {
61 0 : return false;
62 : }
63 :
64 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_PRIVILEGE)) {
65 0 : return false;
66 : }
67 :
68 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_NO_MEMORY)) {
69 0 : return false;
70 : }
71 :
72 0 : reset_cm_connection_on_error(domain, NULL, status);
73 :
74 0 : return true;
75 : }
76 :
77 : /* List all users */
78 0 : static NTSTATUS query_user_list(struct winbindd_domain *domain,
79 : TALLOC_CTX *mem_ctx,
80 : uint32_t **rids)
81 : {
82 0 : NTSTATUS result;
83 :
84 0 : result = msrpc_methods.query_user_list(domain, mem_ctx, rids);
85 :
86 0 : if (reconnect_need_retry(result, domain))
87 0 : result = msrpc_methods.query_user_list(domain, mem_ctx, rids);
88 :
89 0 : return result;
90 : }
91 :
92 : /* list all domain groups */
93 0 : static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
94 : TALLOC_CTX *mem_ctx,
95 : uint32_t *num_entries,
96 : struct wb_acct_info **info)
97 : {
98 0 : NTSTATUS result;
99 :
100 0 : result = msrpc_methods.enum_dom_groups(domain, mem_ctx,
101 : num_entries, info);
102 :
103 0 : if (reconnect_need_retry(result, domain))
104 0 : result = msrpc_methods.enum_dom_groups(domain, mem_ctx,
105 : num_entries, info);
106 0 : return result;
107 : }
108 :
109 : /* List all domain groups */
110 :
111 0 : static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
112 : TALLOC_CTX *mem_ctx,
113 : uint32_t *num_entries,
114 : struct wb_acct_info **info)
115 : {
116 0 : NTSTATUS result;
117 :
118 0 : result = msrpc_methods.enum_local_groups(domain, mem_ctx,
119 : num_entries, info);
120 :
121 0 : if (reconnect_need_retry(result, domain))
122 0 : result = msrpc_methods.enum_local_groups(domain, mem_ctx,
123 : num_entries, info);
124 :
125 0 : return result;
126 : }
127 :
128 : /* convert a single name to a sid in a domain */
129 0 : static NTSTATUS name_to_sid(struct winbindd_domain *domain,
130 : TALLOC_CTX *mem_ctx,
131 : const char *domain_name,
132 : const char *name,
133 : uint32_t flags,
134 : const char **pdom_name,
135 : struct dom_sid *sid,
136 : enum lsa_SidType *type)
137 : {
138 0 : NTSTATUS result;
139 :
140 0 : result = msrpc_methods.name_to_sid(domain, mem_ctx, domain_name, name,
141 : flags, pdom_name, sid, type);
142 :
143 0 : if (reconnect_need_retry(result, domain))
144 0 : result = msrpc_methods.name_to_sid(domain, mem_ctx,
145 : domain_name, name, flags,
146 : pdom_name, sid, type);
147 :
148 0 : return result;
149 : }
150 :
151 : /*
152 : convert a domain SID to a user or group name
153 : */
154 0 : static NTSTATUS sid_to_name(struct winbindd_domain *domain,
155 : TALLOC_CTX *mem_ctx,
156 : const struct dom_sid *sid,
157 : char **domain_name,
158 : char **name,
159 : enum lsa_SidType *type)
160 : {
161 0 : NTSTATUS result;
162 :
163 0 : result = msrpc_methods.sid_to_name(domain, mem_ctx, sid,
164 : domain_name, name, type);
165 :
166 0 : if (reconnect_need_retry(result, domain))
167 0 : result = msrpc_methods.sid_to_name(domain, mem_ctx, sid,
168 : domain_name, name, type);
169 :
170 0 : return result;
171 : }
172 :
173 0 : static NTSTATUS rids_to_names(struct winbindd_domain *domain,
174 : TALLOC_CTX *mem_ctx,
175 : const struct dom_sid *sid,
176 : uint32_t *rids,
177 : size_t num_rids,
178 : char **domain_name,
179 : char ***names,
180 : enum lsa_SidType **types)
181 : {
182 0 : NTSTATUS result;
183 :
184 0 : result = msrpc_methods.rids_to_names(domain, mem_ctx, sid,
185 : rids, num_rids,
186 : domain_name, names, types);
187 0 : if (reconnect_need_retry(result, domain)) {
188 0 : result = msrpc_methods.rids_to_names(domain, mem_ctx, sid,
189 : rids, num_rids,
190 : domain_name, names,
191 : types);
192 : }
193 :
194 0 : return result;
195 : }
196 :
197 : /* Lookup groups a user is a member of. I wish Unix had a call like this! */
198 0 : static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
199 : TALLOC_CTX *mem_ctx,
200 : const struct dom_sid *user_sid,
201 : uint32_t *num_groups, struct dom_sid **user_gids)
202 : {
203 0 : NTSTATUS result;
204 :
205 0 : result = msrpc_methods.lookup_usergroups(domain, mem_ctx,
206 : user_sid, num_groups,
207 : user_gids);
208 :
209 0 : if (reconnect_need_retry(result, domain))
210 0 : result = msrpc_methods.lookup_usergroups(domain, mem_ctx,
211 : user_sid, num_groups,
212 : user_gids);
213 :
214 0 : return result;
215 : }
216 :
217 0 : static NTSTATUS lookup_useraliases(struct winbindd_domain *domain,
218 : TALLOC_CTX *mem_ctx,
219 : uint32_t num_sids, const struct dom_sid *sids,
220 : uint32_t *num_aliases, uint32_t **alias_rids)
221 : {
222 0 : NTSTATUS result;
223 :
224 0 : result = msrpc_methods.lookup_useraliases(domain, mem_ctx,
225 : num_sids, sids,
226 : num_aliases,
227 : alias_rids);
228 :
229 0 : if (reconnect_need_retry(result, domain))
230 0 : result = msrpc_methods.lookup_useraliases(domain, mem_ctx,
231 : num_sids, sids,
232 : num_aliases,
233 : alias_rids);
234 :
235 0 : return result;
236 : }
237 :
238 : /* Lookup alias membership given */
239 0 : static NTSTATUS lookup_aliasmem(struct winbindd_domain *domain,
240 : TALLOC_CTX *mem_ctx,
241 : const struct dom_sid *sid,
242 : enum lsa_SidType type,
243 : uint32_t *num_sids,
244 : struct dom_sid **sids)
245 : {
246 0 : NTSTATUS result;
247 :
248 0 : result = msrpc_methods.lookup_aliasmem(domain,
249 : mem_ctx,
250 : sid,
251 : type,
252 : num_sids,
253 : sids);
254 :
255 0 : if (reconnect_need_retry(result, domain))
256 0 : result = msrpc_methods.lookup_aliasmem(domain,
257 : mem_ctx,
258 : sid,
259 : type,
260 : num_sids,
261 : sids);
262 :
263 0 : return result;
264 : }
265 :
266 : /* Lookup group membership given a rid. */
267 0 : static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
268 : TALLOC_CTX *mem_ctx,
269 : const struct dom_sid *group_sid,
270 : enum lsa_SidType type,
271 : uint32_t *num_names,
272 : struct dom_sid **sid_mem, char ***names,
273 : uint32_t **name_types)
274 : {
275 0 : NTSTATUS result;
276 :
277 0 : result = msrpc_methods.lookup_groupmem(domain, mem_ctx,
278 : group_sid, type, num_names,
279 : sid_mem, names,
280 : name_types);
281 :
282 0 : if (reconnect_need_retry(result, domain))
283 0 : result = msrpc_methods.lookup_groupmem(domain, mem_ctx,
284 : group_sid, type,
285 : num_names,
286 : sid_mem, names,
287 : name_types);
288 :
289 0 : return result;
290 : }
291 :
292 : /* find the lockout policy of a domain */
293 0 : static NTSTATUS lockout_policy(struct winbindd_domain *domain,
294 : TALLOC_CTX *mem_ctx,
295 : struct samr_DomInfo12 *policy)
296 : {
297 0 : NTSTATUS result;
298 :
299 0 : result = msrpc_methods.lockout_policy(domain, mem_ctx, policy);
300 :
301 0 : if (reconnect_need_retry(result, domain))
302 0 : result = msrpc_methods.lockout_policy(domain, mem_ctx, policy);
303 :
304 0 : return result;
305 : }
306 :
307 : /* find the password policy of a domain */
308 0 : static NTSTATUS password_policy(struct winbindd_domain *domain,
309 : TALLOC_CTX *mem_ctx,
310 : struct samr_DomInfo1 *policy)
311 : {
312 0 : NTSTATUS result;
313 :
314 0 : result = msrpc_methods.password_policy(domain, mem_ctx, policy);
315 :
316 0 : if (reconnect_need_retry(result, domain))
317 0 : result = msrpc_methods.password_policy(domain, mem_ctx, policy);
318 :
319 0 : return result;
320 : }
321 :
322 : /* get a list of trusted domains */
323 0 : static NTSTATUS trusted_domains(struct winbindd_domain *domain,
324 : TALLOC_CTX *mem_ctx,
325 : struct netr_DomainTrustList *trusts)
326 : {
327 0 : NTSTATUS result;
328 :
329 0 : result = msrpc_methods.trusted_domains(domain, mem_ctx, trusts);
330 :
331 0 : if (reconnect_need_retry(result, domain))
332 0 : result = msrpc_methods.trusted_domains(domain, mem_ctx,
333 : trusts);
334 :
335 0 : return result;
336 : }
337 :
338 : /* the rpc backend methods are exposed via this structure */
339 : struct winbindd_methods reconnect_methods = {
340 : False,
341 : query_user_list,
342 : enum_dom_groups,
343 : enum_local_groups,
344 : name_to_sid,
345 : sid_to_name,
346 : rids_to_names,
347 : lookup_usergroups,
348 : lookup_useraliases,
349 : lookup_groupmem,
350 : lookup_aliasmem,
351 : lockout_policy,
352 : password_policy,
353 : trusted_domains,
354 : };
|
