14520Snw141292 /* 24520Snw141292 * CDDL HEADER START 34520Snw141292 * 44520Snw141292 * The contents of this file are subject to the terms of the 54520Snw141292 * Common Development and Distribution License (the "License"). 64520Snw141292 * You may not use this file except in compliance with the License. 74520Snw141292 * 84520Snw141292 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 94520Snw141292 * or http://www.opensolaris.org/os/licensing. 104520Snw141292 * See the License for the specific language governing permissions 114520Snw141292 * and limitations under the License. 124520Snw141292 * 134520Snw141292 * When distributing Covered Code, include this CDDL HEADER in each 144520Snw141292 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 154520Snw141292 * If applicable, add the following below this CDDL HEADER, with the 164520Snw141292 * fields enclosed by brackets "[]" replaced with your own identifying 174520Snw141292 * information: Portions Copyright [yyyy] [name of copyright owner] 184520Snw141292 * 194520Snw141292 * CDDL HEADER END 204520Snw141292 */ 214520Snw141292 /* 224520Snw141292 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 234520Snw141292 * Use is subject to license terms. 244520Snw141292 */ 254520Snw141292 264520Snw141292 #pragma ident "%Z%%M% %I% %E% SMI" 274520Snw141292 284520Snw141292 /* 294520Snw141292 * libidmap API 304520Snw141292 */ 314520Snw141292 324520Snw141292 #include <stdlib.h> 334520Snw141292 #include <inttypes.h> 344520Snw141292 #include <errno.h> 354520Snw141292 #include <strings.h> 364520Snw141292 #include <ctype.h> 374520Snw141292 #include <sys/param.h> 384520Snw141292 #include <sys/types.h> 394520Snw141292 #include <sys/stat.h> 404520Snw141292 #include <dlfcn.h> 414520Snw141292 #include <libintl.h> 424520Snw141292 #include "idmap_impl.h" 434520Snw141292 444520Snw141292 static struct timeval TIMEOUT = { 25, 0 }; 454520Snw141292 464520Snw141292 static int idmap_stat2errno(idmap_stat); 474520Snw141292 484520Snw141292 #define __ITER_CREATE(itera, argu, handl, ityp)\ 494520Snw141292 if (handl == NULL) {\ 504520Snw141292 errno = EINVAL;\ 514520Snw141292 return (IDMAP_ERR_ARG);\ 524520Snw141292 }\ 534520Snw141292 itera = calloc(1, sizeof (*itera));\ 544520Snw141292 if (itera == NULL) {\ 554520Snw141292 errno = ENOMEM;\ 564520Snw141292 return (IDMAP_ERR_MEMORY);\ 574520Snw141292 }\ 584520Snw141292 argu = calloc(1, sizeof (*argu));\ 594520Snw141292 if (argu == NULL) {\ 604520Snw141292 free(itera);\ 614520Snw141292 errno = ENOMEM;\ 624520Snw141292 return (IDMAP_ERR_MEMORY);\ 634520Snw141292 }\ 644520Snw141292 itera->ih = handl;\ 654520Snw141292 itera->type = ityp;\ 664520Snw141292 itera->retcode = IDMAP_NEXT;\ 674520Snw141292 itera->limit = 1024;\ 684520Snw141292 itera->arg = argu; 694520Snw141292 704520Snw141292 714520Snw141292 #define __ITER_ERR_RETURN(itera, argu, xdr_argu, iretcod)\ 724520Snw141292 if (argu) {\ 734520Snw141292 xdr_free(xdr_argu, (caddr_t)argu);\ 744520Snw141292 free(argu);\ 754520Snw141292 }\ 764520Snw141292 if (itera)\ 774520Snw141292 free(itera);\ 784520Snw141292 return (iretcod); 794520Snw141292 804520Snw141292 814520Snw141292 #define __ITER_CHECK(itera, ityp)\ 824520Snw141292 if (itera == NULL) {\ 834520Snw141292 errno = EINVAL;\ 844520Snw141292 return (IDMAP_ERR_ARG);\ 854520Snw141292 }\ 864520Snw141292 if (itera->type != ityp) {\ 874520Snw141292 errno = EINVAL;\ 884520Snw141292 return (IDMAP_ERR_ARG);\ 894520Snw141292 } 904520Snw141292 914520Snw141292 924520Snw141292 /* 934520Snw141292 * Free memory allocated by libidmap API 944520Snw141292 * 954520Snw141292 * Input: 964520Snw141292 * ptr - memory to be freed 974520Snw141292 */ 984520Snw141292 void 994520Snw141292 idmap_free(void *ptr) { 1004520Snw141292 free(ptr); 1014520Snw141292 } 1024520Snw141292 1034520Snw141292 1044520Snw141292 /* 1054520Snw141292 * Create and Initialize idmap client handle for rpc/doors 1064520Snw141292 * 1074520Snw141292 * Output: 1084520Snw141292 * handle - idmap handle 1094520Snw141292 */ 1104520Snw141292 idmap_stat 1114520Snw141292 idmap_init(idmap_handle_t **handle) { 1124520Snw141292 CLIENT *clnt = NULL; 1134520Snw141292 struct idmap_handle *hptr; 1144520Snw141292 1154520Snw141292 *handle = NULL; 1164520Snw141292 hptr = (struct idmap_handle *)calloc(1, sizeof (*hptr)); 1174520Snw141292 if (hptr == NULL) 1184520Snw141292 return (IDMAP_ERR_MEMORY); 1194520Snw141292 1204520Snw141292 clnt = clnt_door_create(IDMAP_PROG, IDMAP_V1, 0); 1214520Snw141292 if (clnt == NULL) { 1224520Snw141292 free(hptr); 1234520Snw141292 return (IDMAP_ERR_RPC); 1244520Snw141292 } 1254520Snw141292 hptr->type = _IDMAP_HANDLE_RPC_DOORS; 1264520Snw141292 hptr->privhandle = clnt; 1274520Snw141292 *handle = hptr; 1284520Snw141292 return (IDMAP_SUCCESS); 1294520Snw141292 } 1304520Snw141292 1314520Snw141292 1324520Snw141292 /* 1334520Snw141292 * Finalize idmap handle 1344520Snw141292 * 1354520Snw141292 * Input: 1364520Snw141292 * handle - idmap handle 1374520Snw141292 */ 1384520Snw141292 idmap_stat 1394520Snw141292 idmap_fini(idmap_handle_t *handle) { 1404520Snw141292 CLIENT *clnt; 1414520Snw141292 struct idmap_handle *hptr; 1424520Snw141292 1434520Snw141292 if (handle == NULL) 1444520Snw141292 return (IDMAP_SUCCESS); 1454520Snw141292 1464520Snw141292 hptr = (struct idmap_handle *)handle; 1474520Snw141292 1484520Snw141292 switch (hptr->type) { 1494520Snw141292 case _IDMAP_HANDLE_RPC_DOORS: 1504520Snw141292 clnt = (CLIENT *)hptr->privhandle; 1514520Snw141292 if (clnt) { 1524520Snw141292 if (clnt->cl_auth) 1534520Snw141292 auth_destroy(clnt->cl_auth); 1544520Snw141292 clnt_destroy(clnt); 1554520Snw141292 } 1564520Snw141292 break; 1574520Snw141292 default: 1584520Snw141292 break; 1594520Snw141292 } 1604520Snw141292 free(hptr); 1614520Snw141292 return (IDMAP_SUCCESS); 1624520Snw141292 } 1634520Snw141292 1644520Snw141292 1654520Snw141292 1664520Snw141292 /* 1674520Snw141292 * Create/Initialize handle for updates 1684520Snw141292 * 1694520Snw141292 * Output: 1704520Snw141292 * udthandle - update handle 1714520Snw141292 */ 1724520Snw141292 idmap_stat 1734520Snw141292 idmap_udt_create(idmap_handle_t *handle, idmap_udt_handle_t **udthandle) { 1744520Snw141292 idmap_udt_handle_t *tmp; 1754520Snw141292 1764520Snw141292 if (handle == NULL || udthandle == NULL) { 1774520Snw141292 errno = EINVAL; 1784520Snw141292 return (IDMAP_ERR_ARG); 1794520Snw141292 } 1804520Snw141292 if ((tmp = calloc(1, sizeof (*tmp))) == NULL) { 1814520Snw141292 errno = ENOMEM; 1824520Snw141292 return (IDMAP_ERR_MEMORY); 1834520Snw141292 } 1844520Snw141292 1854520Snw141292 tmp->ih = handle; 1864520Snw141292 *udthandle = tmp; 1874520Snw141292 return (IDMAP_SUCCESS); 1884520Snw141292 } 1894520Snw141292 1904520Snw141292 1914520Snw141292 /* 1924520Snw141292 * All the updates specified by the update handle are committed 1934520Snw141292 * in a single transaction. i.e either all succeed or none. 1944520Snw141292 * 1954520Snw141292 * Input: 1964520Snw141292 * udthandle - update handle with the update requests 1974520Snw141292 * 1984520Snw141292 * Return value: 1994520Snw141292 * Status of the commit 2004520Snw141292 */ 2014520Snw141292 idmap_stat 2024520Snw141292 idmap_udt_commit(idmap_udt_handle_t *udthandle) { 2034520Snw141292 CLIENT *clnt; 2044520Snw141292 enum clnt_stat clntstat; 2054520Snw141292 idmap_retcode retcode; 2064520Snw141292 2074520Snw141292 if (udthandle == NULL) { 2084520Snw141292 errno = EINVAL; 2094520Snw141292 return (IDMAP_ERR_ARG); 2104520Snw141292 } 2114520Snw141292 _IDMAP_GET_CLIENT_HANDLE(udthandle->ih, clnt); 2124520Snw141292 clntstat = clnt_call(clnt, IDMAP_UPDATE, 2134520Snw141292 (xdrproc_t)xdr_idmap_update_batch, (caddr_t)&udthandle->batch, 2144520Snw141292 (xdrproc_t)xdr_idmap_retcode, (caddr_t)&retcode, 2154520Snw141292 TIMEOUT); 2164644Sbaban 2174644Sbaban /* reset handle so that it can be used again */ 2184644Sbaban _IDMAP_RESET_UDT_HANDLE(udthandle); 2194644Sbaban 2204644Sbaban if (clntstat != RPC_SUCCESS) 2214644Sbaban return (_idmap_rpc2stat(clnt)); 2224520Snw141292 if (retcode != IDMAP_SUCCESS) 2234520Snw141292 errno = idmap_stat2errno(retcode); 2244520Snw141292 return (retcode); 2254520Snw141292 } 2264520Snw141292 2274520Snw141292 2284520Snw141292 /* 2294520Snw141292 * Destroy the update handle 2304520Snw141292 */ 2314520Snw141292 void 2324520Snw141292 idmap_udt_destroy(idmap_udt_handle_t *udthandle) { 2334520Snw141292 if (udthandle == NULL) 2344520Snw141292 return; 2354520Snw141292 (void) xdr_free(xdr_idmap_update_batch, (caddr_t)&udthandle->batch); 2364520Snw141292 free(udthandle); 2374520Snw141292 } 2384520Snw141292 2394520Snw141292 2404520Snw141292 idmap_stat 2414520Snw141292 idmap_udt_add_namerule(idmap_udt_handle_t *udthandle, const char *windomain, 2424520Snw141292 boolean_t is_user, const char *winname, const char *unixname, 2434520Snw141292 boolean_t is_nt4, int direction) { 2444520Snw141292 idmap_retcode retcode; 2454644Sbaban idmap_namerule *rule = NULL; 2464520Snw141292 idmap_utf8str *str; 2474520Snw141292 2484644Sbaban retcode = _udt_extend_batch(udthandle); 2494520Snw141292 if (retcode != IDMAP_SUCCESS) 2504520Snw141292 goto errout; 2514520Snw141292 2524520Snw141292 rule = &udthandle->batch. 2534520Snw141292 idmap_update_batch_val[udthandle->next]. 2544520Snw141292 idmap_update_op_u.rule; 2554520Snw141292 rule->is_user = is_user; 2564520Snw141292 rule->direction = direction; 2574520Snw141292 rule->is_nt4 = is_nt4; 2584520Snw141292 if (windomain) { 2594520Snw141292 str = &rule->windomain; 2604520Snw141292 retcode = idmap_str2utf8(&str, windomain, 0); 2614520Snw141292 if (retcode != IDMAP_SUCCESS) 2624520Snw141292 goto errout; 2634520Snw141292 } 2644520Snw141292 if (winname) { 2654520Snw141292 str = &rule->winname; 2664520Snw141292 retcode = idmap_str2utf8(&str, winname, 0); 2674520Snw141292 if (retcode != IDMAP_SUCCESS) 2684520Snw141292 goto errout; 2694520Snw141292 } 2704520Snw141292 if (unixname) { 2714520Snw141292 str = &rule->unixname; 2724520Snw141292 retcode = idmap_str2utf8(&str, unixname, 0); 2734520Snw141292 if (retcode != IDMAP_SUCCESS) 2744520Snw141292 goto errout; 2754520Snw141292 } 2764644Sbaban 2774644Sbaban udthandle->batch.idmap_update_batch_val[udthandle->next].opnum = 2784644Sbaban OP_ADD_NAMERULE; 2794520Snw141292 udthandle->next++; 2804520Snw141292 return (IDMAP_SUCCESS); 2814520Snw141292 2824520Snw141292 errout: 2834644Sbaban /* The batch should still be usable */ 2844644Sbaban if (rule) 2854644Sbaban (void) xdr_free(xdr_idmap_namerule, (caddr_t)rule); 2864520Snw141292 errno = idmap_stat2errno(retcode); 2874520Snw141292 return (retcode); 2884520Snw141292 } 2894520Snw141292 2904520Snw141292 2914520Snw141292 /* ARGSUSED */ 2924520Snw141292 idmap_stat 2934520Snw141292 idmap_udt_rm_namerule(idmap_udt_handle_t *udthandle, boolean_t is_user, 2944520Snw141292 const char *windomain, const char *winname, 2954520Snw141292 const char *unixname, int direction) { 2964520Snw141292 idmap_retcode retcode; 2974644Sbaban idmap_namerule *rule = NULL; 2984520Snw141292 idmap_utf8str *str; 2994520Snw141292 3004644Sbaban retcode = _udt_extend_batch(udthandle); 3014520Snw141292 if (retcode != IDMAP_SUCCESS) 3024520Snw141292 goto errout; 3034520Snw141292 3044520Snw141292 rule = &udthandle->batch. 3054520Snw141292 idmap_update_batch_val[udthandle->next]. 3064520Snw141292 idmap_update_op_u.rule; 3074520Snw141292 rule->is_user = is_user; 3084520Snw141292 rule->direction = direction; 3094520Snw141292 if (windomain) { 3104520Snw141292 str = &rule->windomain; 3114520Snw141292 retcode = idmap_str2utf8(&str, windomain, 0); 3124520Snw141292 if (retcode != IDMAP_SUCCESS) 3134520Snw141292 goto errout; 3144520Snw141292 } 3154520Snw141292 if (winname) { 3164520Snw141292 str = &rule->winname; 3174520Snw141292 retcode = idmap_str2utf8(&str, winname, 0); 3184520Snw141292 if (retcode != IDMAP_SUCCESS) 3194520Snw141292 goto errout; 3204520Snw141292 } 3214520Snw141292 if (unixname) { 3224520Snw141292 str = &rule->unixname; 3234520Snw141292 retcode = idmap_str2utf8(&str, unixname, 0); 3244520Snw141292 if (retcode != IDMAP_SUCCESS) 3254520Snw141292 goto errout; 3264520Snw141292 } 3274644Sbaban udthandle->batch.idmap_update_batch_val[udthandle->next].opnum = 3284644Sbaban OP_RM_NAMERULE; 3294520Snw141292 udthandle->next++; 3304520Snw141292 return (IDMAP_SUCCESS); 3314520Snw141292 3324520Snw141292 errout: 3334644Sbaban if (rule) 3344644Sbaban (void) xdr_free(xdr_idmap_namerule, (caddr_t)rule); 3354520Snw141292 errno = idmap_stat2errno(retcode); 3364520Snw141292 return (retcode); 3374520Snw141292 } 3384520Snw141292 3394520Snw141292 3404520Snw141292 /* ARGSUSED */ 3414520Snw141292 idmap_stat 3424520Snw141292 idmap_udt_flush_namerules(idmap_udt_handle_t *udthandle, boolean_t is_user) { 3434520Snw141292 idmap_retcode retcode; 3444520Snw141292 3454644Sbaban retcode = _udt_extend_batch(udthandle); 3464520Snw141292 if (retcode != IDMAP_SUCCESS) 3474520Snw141292 goto errout; 3484520Snw141292 3494520Snw141292 udthandle->batch.idmap_update_batch_val[udthandle->next]. 3504520Snw141292 idmap_update_op_u.is_user = is_user; 3514520Snw141292 3524644Sbaban udthandle->batch.idmap_update_batch_val[udthandle->next].opnum = 3534644Sbaban OP_FLUSH_NAMERULES; 3544520Snw141292 udthandle->next++; 3554520Snw141292 return (IDMAP_SUCCESS); 3564520Snw141292 3574520Snw141292 errout: 3584520Snw141292 errno = idmap_stat2errno(retcode); 3594520Snw141292 return (retcode); 3604520Snw141292 } 3614520Snw141292 3624520Snw141292 3634520Snw141292 /* 3644520Snw141292 * Set the number of entries requested per batch by the iterator 3654520Snw141292 * 3664520Snw141292 * Input: 3674520Snw141292 * iter - iterator 3684520Snw141292 * limit - number of entries requested per batch 3694520Snw141292 */ 3704520Snw141292 idmap_stat 3714520Snw141292 idmap_iter_set_limit(idmap_iter_t *iter, uint64_t limit) { 3724520Snw141292 if (iter == NULL) { 3734520Snw141292 errno = EINVAL; 3744520Snw141292 return (IDMAP_ERR_ARG); 3754520Snw141292 } 3764520Snw141292 iter->limit = limit; 3774520Snw141292 return (IDMAP_SUCCESS); 3784520Snw141292 } 3794520Snw141292 3804520Snw141292 3814520Snw141292 /* 3824520Snw141292 * Create iterator to get name-based mapping rules 3834520Snw141292 * 3844520Snw141292 * Input: 3854520Snw141292 * windomain - Windows domain 3864520Snw141292 * is_user - user or group rules 3874520Snw141292 * winname - Windows user or group name 3884520Snw141292 * unixname - Unix user or group name 3894520Snw141292 * 3904520Snw141292 * Output: 3914520Snw141292 * iter - iterator 3924520Snw141292 */ 3934520Snw141292 idmap_stat 3944520Snw141292 idmap_iter_namerules(idmap_handle_t *handle, const char *windomain, 3954520Snw141292 boolean_t is_user, const char *winname, 3964520Snw141292 const char *unixname, idmap_iter_t **iter) { 3974520Snw141292 3984520Snw141292 idmap_iter_t *tmpiter; 3994520Snw141292 idmap_list_namerules_1_argument *arg = NULL; 4004520Snw141292 idmap_namerule *rule; 4014520Snw141292 idmap_utf8str *str; 4024520Snw141292 idmap_retcode retcode; 4034520Snw141292 4044520Snw141292 __ITER_CREATE(tmpiter, arg, handle, IDMAP_LIST_NAMERULES); 4054520Snw141292 4064520Snw141292 rule = &arg->rule; 4074520Snw141292 rule->is_user = is_user; 4084644Sbaban rule->direction = IDMAP_DIRECTION_UNDEF; 4094520Snw141292 if (windomain) { 4104520Snw141292 str = &rule->windomain; 4114520Snw141292 retcode = idmap_str2utf8(&str, windomain, 0); 4124520Snw141292 if (retcode != IDMAP_SUCCESS) { 4134520Snw141292 errno = ENOMEM; 4144520Snw141292 goto errout; 4154520Snw141292 } 4164520Snw141292 } 4174520Snw141292 if (winname) { 4184520Snw141292 str = &rule->winname; 4194520Snw141292 retcode = idmap_str2utf8(&str, winname, 0); 4204520Snw141292 if (retcode != IDMAP_SUCCESS) { 4214520Snw141292 errno = ENOMEM; 4224520Snw141292 goto errout; 4234520Snw141292 } 4244520Snw141292 } 4254520Snw141292 if (unixname) { 4264520Snw141292 str = &rule->unixname; 4274520Snw141292 retcode = idmap_str2utf8(&str, unixname, 0); 4284520Snw141292 if (retcode != IDMAP_SUCCESS) { 4294520Snw141292 errno = ENOMEM; 4304520Snw141292 goto errout; 4314520Snw141292 } 4324520Snw141292 } 4334520Snw141292 4344520Snw141292 *iter = tmpiter; 4354520Snw141292 return (IDMAP_SUCCESS); 4364520Snw141292 4374520Snw141292 errout: 4384520Snw141292 __ITER_ERR_RETURN(tmpiter, arg, 4394520Snw141292 xdr_idmap_list_namerules_1_argument, retcode); 4404520Snw141292 } 4414520Snw141292 4424520Snw141292 4434520Snw141292 /* 4444520Snw141292 * Iterate through the name-based mapping rules 4454520Snw141292 * 4464520Snw141292 * Input: 4474520Snw141292 * iter - iterator 4484520Snw141292 * 4494520Snw141292 * Output: 4504520Snw141292 * windomain - Windows domain 4514520Snw141292 * winname - Windows user or group name 4524520Snw141292 * unixname - Unix user or group name 4534520Snw141292 * is_nt4 - NT4 or AD 4544520Snw141292 * direction - bi(0), win2unix(1), unix2win(2) 4554520Snw141292 * 4564520Snw141292 * Return value: 4574520Snw141292 * 0 - done 4584520Snw141292 * 1 - more results available 4594520Snw141292 * < 0 - error 4604520Snw141292 */ 4614520Snw141292 idmap_stat 4624520Snw141292 idmap_iter_next_namerule(idmap_iter_t *iter, char **windomain, 4634520Snw141292 char **winname, char **unixname, boolean_t *is_nt4, 4644520Snw141292 int *direction) { 4654520Snw141292 idmap_namerules_res *namerules; 4664520Snw141292 idmap_list_namerules_1_argument *arg; 4674520Snw141292 idmap_retcode retcode; 4684520Snw141292 4694520Snw141292 if (windomain) 4704520Snw141292 *windomain = NULL; 4714520Snw141292 if (winname) 4724520Snw141292 *winname = NULL; 4734520Snw141292 if (unixname) 4744520Snw141292 *unixname = NULL; 4754520Snw141292 if (is_nt4) 4764520Snw141292 *is_nt4 = 0; 4774520Snw141292 if (direction) 4784644Sbaban *direction = IDMAP_DIRECTION_UNDEF; 4794520Snw141292 4804520Snw141292 __ITER_CHECK(iter, IDMAP_LIST_NAMERULES); 4814520Snw141292 4824520Snw141292 namerules = (idmap_namerules_res *)iter->retlist; 4834520Snw141292 if (iter->retcode == IDMAP_NEXT && (namerules == NULL || 4844520Snw141292 iter->next >= namerules->rules.rules_len)) { 4854520Snw141292 4864520Snw141292 if ((arg = iter->arg) == NULL) { 4874520Snw141292 errno = EINVAL; 4884520Snw141292 return (IDMAP_ERR_ARG); 4894520Snw141292 } 4904520Snw141292 arg->limit = iter->limit; 4914520Snw141292 4924520Snw141292 retcode = _iter_get_next_list(IDMAP_LIST_NAMERULES, 4934520Snw141292 iter, arg, 4944520Snw141292 (uchar_t **)&namerules, sizeof (*namerules), 4954520Snw141292 (xdrproc_t)xdr_idmap_list_namerules_1_argument, 4964520Snw141292 (xdrproc_t)xdr_idmap_namerules_res); 4974520Snw141292 if (retcode != IDMAP_SUCCESS) 4984520Snw141292 return (retcode); 4994520Snw141292 5004520Snw141292 if (IDMAP_ERROR(namerules->retcode)) { 5014520Snw141292 retcode = namerules->retcode; 5024520Snw141292 xdr_free(xdr_idmap_namerules_res, (caddr_t)namerules); 5034520Snw141292 free(namerules); 5044520Snw141292 iter->retlist = NULL; 5054520Snw141292 return (retcode); 5064520Snw141292 } 5074520Snw141292 iter->retcode = namerules->retcode; 5084520Snw141292 arg->lastrowid = namerules->lastrowid; 5094520Snw141292 } 5104520Snw141292 5114520Snw141292 if (namerules == NULL || namerules->rules.rules_len == 0) 5124520Snw141292 return (IDMAP_SUCCESS); 5134520Snw141292 5144520Snw141292 if (iter->next >= namerules->rules.rules_len) { 5154520Snw141292 return (IDMAP_ERR_ARG); 5164520Snw141292 } 5174520Snw141292 5184520Snw141292 if (windomain) { 5194520Snw141292 retcode = idmap_utf82str(windomain, 0, 5204520Snw141292 &namerules->rules.rules_val[iter->next].windomain); 5214520Snw141292 if (retcode != IDMAP_SUCCESS) 5224520Snw141292 goto errout; 5234520Snw141292 } 5244520Snw141292 if (winname) { 5254520Snw141292 retcode = idmap_utf82str(winname, 0, 5264520Snw141292 &namerules->rules.rules_val[iter->next].winname); 5274520Snw141292 if (retcode != IDMAP_SUCCESS) 5284520Snw141292 goto errout; 5294520Snw141292 } 5304520Snw141292 if (unixname) { 5314520Snw141292 retcode = idmap_utf82str(unixname, 0, 5324520Snw141292 &namerules->rules.rules_val[iter->next].unixname); 5334520Snw141292 if (retcode != IDMAP_SUCCESS) 5344520Snw141292 goto errout; 5354520Snw141292 } 5364520Snw141292 if (is_nt4) 5374520Snw141292 *is_nt4 = namerules->rules.rules_val[iter->next].is_nt4; 5384520Snw141292 if (direction) 5394520Snw141292 *direction = namerules->rules.rules_val[iter->next].direction; 5404520Snw141292 iter->next++; 5414520Snw141292 5424520Snw141292 if (iter->next == namerules->rules.rules_len) 5434520Snw141292 return (iter->retcode); 5444520Snw141292 else 5454520Snw141292 return (IDMAP_NEXT); 5464520Snw141292 5474520Snw141292 errout: 5484520Snw141292 if (windomain && *windomain) 5494520Snw141292 free(*windomain); 5504520Snw141292 if (winname && *winname) 5514520Snw141292 free(*winname); 5524520Snw141292 if (unixname && *unixname) 5534520Snw141292 free(*unixname); 5544520Snw141292 return (retcode); 5554520Snw141292 } 5564520Snw141292 5574520Snw141292 5584520Snw141292 /* 5594520Snw141292 * Create iterator to get SID to UID/GID mappings 5604520Snw141292 * 5614520Snw141292 * Input: 5624520Snw141292 * is_user - user or group 5634520Snw141292 * 5644520Snw141292 * Output: 5654520Snw141292 * iter - iterator 5664520Snw141292 */ 5674520Snw141292 idmap_stat 5684520Snw141292 idmap_iter_mappings(idmap_handle_t *handle, boolean_t is_user, 5694520Snw141292 idmap_iter_t **iter) { 5704520Snw141292 idmap_iter_t *tmpiter; 5714520Snw141292 idmap_list_mappings_1_argument *arg = NULL; 5724520Snw141292 5734520Snw141292 __ITER_CREATE(tmpiter, arg, handle, IDMAP_LIST_MAPPINGS); 5744520Snw141292 5754520Snw141292 arg->is_user = is_user; 5764520Snw141292 *iter = tmpiter; 5774520Snw141292 return (IDMAP_SUCCESS); 5784520Snw141292 } 5794520Snw141292 5804520Snw141292 5814520Snw141292 /* 5824520Snw141292 * Iterate through the SID to UID/GID mappings 5834520Snw141292 * 5844520Snw141292 * Input: 5854520Snw141292 * iter - iterator 5864520Snw141292 * 5874520Snw141292 * Output: 5884520Snw141292 * sid - SID in canonical form 5894520Snw141292 * pid - UID or GID 5904520Snw141292 * 5914520Snw141292 * Return value: 5924520Snw141292 * 0 - done 5934520Snw141292 * 1 - more results available 5944520Snw141292 * < 0 - error 5954520Snw141292 */ 5964520Snw141292 idmap_stat 5974520Snw141292 idmap_iter_next_mapping(idmap_iter_t *iter, char **sidprefix, 5984520Snw141292 idmap_rid_t *rid, uid_t *pid, char **winname, 5994520Snw141292 char **windomain, char **unixname, int *direction) { 6004520Snw141292 idmap_mappings_res *mappings; 6014520Snw141292 idmap_list_mappings_1_argument *arg; 6024520Snw141292 idmap_retcode retcode; 6034520Snw141292 char *str; 6044520Snw141292 6054520Snw141292 if (sidprefix) 6064520Snw141292 *sidprefix = NULL; 6074520Snw141292 if (rid) 6084520Snw141292 *rid = UINT32_MAX; 6094520Snw141292 if (winname) 6104520Snw141292 *winname = NULL; 6114520Snw141292 if (windomain) 6124520Snw141292 *windomain = NULL; 6134520Snw141292 if (unixname) 6144520Snw141292 *unixname = NULL; 6154520Snw141292 if (pid) 6164520Snw141292 *pid = UINT32_MAX; 6174520Snw141292 if (direction) 6184644Sbaban *direction = IDMAP_DIRECTION_UNDEF; 6194520Snw141292 6204520Snw141292 __ITER_CHECK(iter, IDMAP_LIST_MAPPINGS); 6214520Snw141292 6224520Snw141292 mappings = (idmap_mappings_res *)iter->retlist; 6234520Snw141292 if (iter->retcode == IDMAP_NEXT && (mappings == NULL || 6244520Snw141292 iter->next >= mappings->mappings.mappings_len)) { 6254520Snw141292 6264520Snw141292 if ((arg = iter->arg) == NULL) { 6274520Snw141292 errno = EINVAL; 6284520Snw141292 return (IDMAP_ERR_ARG); 6294520Snw141292 } 6304520Snw141292 arg->limit = iter->limit; 6314520Snw141292 6324520Snw141292 retcode = _iter_get_next_list(IDMAP_LIST_MAPPINGS, 6334520Snw141292 iter, arg, 6344520Snw141292 (uchar_t **)&mappings, sizeof (*mappings), 6354520Snw141292 (xdrproc_t)xdr_idmap_list_mappings_1_argument, 6364520Snw141292 (xdrproc_t)xdr_idmap_mappings_res); 6374520Snw141292 if (retcode != IDMAP_SUCCESS) 6384520Snw141292 return (retcode); 6394520Snw141292 6404520Snw141292 if (IDMAP_ERROR(mappings->retcode)) { 6414520Snw141292 retcode = mappings->retcode; 6424520Snw141292 xdr_free(xdr_idmap_mappings_res, (caddr_t)mappings); 6434520Snw141292 free(mappings); 6444520Snw141292 iter->retlist = NULL; 6454520Snw141292 return (retcode); 6464520Snw141292 } 6474520Snw141292 iter->retcode = mappings->retcode; 6484520Snw141292 arg->lastrowid = mappings->lastrowid; 6494520Snw141292 } 6504520Snw141292 6514520Snw141292 if (mappings == NULL || mappings->mappings.mappings_len == 0) 6524520Snw141292 return (IDMAP_SUCCESS); 6534520Snw141292 6544520Snw141292 if (iter->next >= mappings->mappings.mappings_len) { 6554520Snw141292 return (IDMAP_ERR_ARG); 6564520Snw141292 } 6574520Snw141292 6584520Snw141292 if (sidprefix) { 6594520Snw141292 str = mappings->mappings.mappings_val[iter->next].id1. 6604520Snw141292 idmap_id_u.sid.prefix; 6614695Sbaban if (str && *str != '\0') { 6624520Snw141292 *sidprefix = strdup(str); 6634526Sbaban if (*sidprefix == NULL) { 6644526Sbaban retcode = IDMAP_ERR_MEMORY; 6654526Sbaban goto errout; 6664526Sbaban } 6674520Snw141292 } 6684520Snw141292 } 6694520Snw141292 if (rid) 6704520Snw141292 *rid = mappings->mappings.mappings_val[iter->next].id1. 6714520Snw141292 idmap_id_u.sid.rid; 6724520Snw141292 if (winname) { 6734520Snw141292 retcode = idmap_utf82str(winname, 0, 6744520Snw141292 &mappings->mappings.mappings_val[iter->next].id1name); 6754520Snw141292 if (retcode != IDMAP_SUCCESS) 6764520Snw141292 goto errout; 6774520Snw141292 } 6784520Snw141292 if (windomain) { 6794520Snw141292 retcode = idmap_utf82str(windomain, 0, 6804520Snw141292 &mappings->mappings.mappings_val[iter->next].id1domain); 6814520Snw141292 if (retcode != IDMAP_SUCCESS) 6824520Snw141292 goto errout; 6834520Snw141292 } 6844520Snw141292 if (unixname) { 6854520Snw141292 retcode = idmap_utf82str(unixname, 0, 6864520Snw141292 &mappings->mappings.mappings_val[iter->next].id2name); 6874520Snw141292 if (retcode != IDMAP_SUCCESS) 6884520Snw141292 goto errout; 6894520Snw141292 } 6904520Snw141292 if (pid) 6914520Snw141292 *pid = mappings->mappings.mappings_val[iter->next].id2. 6924520Snw141292 idmap_id_u.uid; 6934520Snw141292 if (direction) 6944520Snw141292 *direction = mappings->mappings.mappings_val[iter->next]. 6954520Snw141292 direction; 6964520Snw141292 iter->next++; 6974520Snw141292 6984520Snw141292 if (iter->next == mappings->mappings.mappings_len) 6994520Snw141292 return (iter->retcode); 7004520Snw141292 else 7014520Snw141292 return (IDMAP_NEXT); 7024520Snw141292 7034520Snw141292 errout: 7044520Snw141292 if (sidprefix && *sidprefix) 7054520Snw141292 free(*sidprefix); 7064520Snw141292 if (winname && *winname) 7074520Snw141292 free(*winname); 7084520Snw141292 if (windomain && *windomain) 7094520Snw141292 free(*windomain); 7104520Snw141292 if (unixname && *unixname) 7114520Snw141292 free(*unixname); 7124520Snw141292 return (retcode); 7134520Snw141292 } 7144520Snw141292 7154520Snw141292 7164520Snw141292 /* 7174520Snw141292 * Destroy the iterator 7184520Snw141292 */ 7194520Snw141292 void 7204520Snw141292 idmap_iter_destroy(idmap_iter_t *iter) { 7214520Snw141292 xdrproc_t _xdr_argument, _xdr_result; 7224520Snw141292 7234520Snw141292 if (iter == NULL) 7244520Snw141292 return; 7254520Snw141292 7264520Snw141292 switch (iter->type) { 7274520Snw141292 case IDMAP_LIST_NAMERULES: 7284520Snw141292 _xdr_argument = (xdrproc_t)xdr_idmap_list_namerules_1_argument; 7294520Snw141292 _xdr_result = (xdrproc_t)xdr_idmap_namerules_res; 7304520Snw141292 break; 7314520Snw141292 case IDMAP_LIST_MAPPINGS: 7324520Snw141292 _xdr_argument = (xdrproc_t)xdr_idmap_list_mappings_1_argument; 7334520Snw141292 _xdr_result = (xdrproc_t)xdr_idmap_mappings_res; 7344520Snw141292 break; 7354520Snw141292 default: 7364520Snw141292 free(iter); 7374520Snw141292 return; 7384520Snw141292 }; 7394520Snw141292 7404520Snw141292 if (iter->arg) { 7414520Snw141292 xdr_free(_xdr_argument, (caddr_t)iter->arg); 7424520Snw141292 free(iter->arg); 7434520Snw141292 } 7444520Snw141292 if (iter->retlist) { 7454520Snw141292 xdr_free(_xdr_result, (caddr_t)iter->retlist); 7464520Snw141292 free(iter->retlist); 7474520Snw141292 } 7484520Snw141292 free(iter); 7494520Snw141292 } 7504520Snw141292 7514520Snw141292 7524520Snw141292 /* 7534520Snw141292 * Create handle to get SID to UID/GID mapping entries 7544520Snw141292 * 7554520Snw141292 * Input: 7564520Snw141292 * gh - "get mapping" handle 7574520Snw141292 */ 7584520Snw141292 idmap_stat 7594520Snw141292 idmap_get_create(idmap_handle_t *handle, idmap_get_handle_t **gh) { 7604520Snw141292 idmap_get_handle_t *tmp; 7614520Snw141292 7624520Snw141292 /* sanity checks */ 7634520Snw141292 if (handle == NULL || gh == NULL) { 7644520Snw141292 errno = EINVAL; 7654520Snw141292 return (IDMAP_ERR_ARG); 7664520Snw141292 } 7674520Snw141292 7684520Snw141292 /* allocate the handle */ 7694520Snw141292 if ((tmp = calloc(1, sizeof (*tmp))) == NULL) { 7704520Snw141292 errno = ENOMEM; 7714520Snw141292 return (IDMAP_ERR_MEMORY); 7724520Snw141292 } 7734520Snw141292 7744520Snw141292 tmp->ih = handle; 7754520Snw141292 *gh = tmp; 7764520Snw141292 return (IDMAP_SUCCESS); 7774520Snw141292 } 7784520Snw141292 7794520Snw141292 7804520Snw141292 /* 7814520Snw141292 * Given SID, get UID 7824520Snw141292 * 7834520Snw141292 * Input: 7844520Snw141292 * sidprefix - SID prefix 7854520Snw141292 * rid - RID 7864520Snw141292 * flag - flag 7874520Snw141292 * 7884520Snw141292 * Output: 7894520Snw141292 * stat - status of the get request 7904520Snw141292 * uid - POSIX UID if stat = 0 7914520Snw141292 * 7924520Snw141292 * Note: The output parameters will be set by idmap_get_mappings() 7934520Snw141292 */ 7944520Snw141292 idmap_stat 7954520Snw141292 idmap_get_uidbysid(idmap_get_handle_t *gh, char *sidprefix, idmap_rid_t rid, 7964520Snw141292 int flag, uid_t *uid, idmap_stat *stat) { 7974520Snw141292 7984520Snw141292 idmap_retcode retcode; 7994644Sbaban idmap_mapping *mapping = NULL; 8004520Snw141292 8014520Snw141292 /* sanity checks */ 8024520Snw141292 if (gh == NULL) 8034520Snw141292 return (IDMAP_ERR_ARG); 8044520Snw141292 if (uid == NULL || sidprefix == NULL) 8054520Snw141292 return (IDMAP_ERR_ARG); 8064520Snw141292 8074520Snw141292 /* Extend the request array and the return list */ 8084520Snw141292 if ((retcode = _get_ids_extend_batch(gh)) != IDMAP_SUCCESS) 8094520Snw141292 goto errout; 8104520Snw141292 8114520Snw141292 /* Setup the request */ 8124520Snw141292 mapping = &gh->batch.idmap_mapping_batch_val[gh->next]; 8134520Snw141292 mapping->flag = flag; 8144520Snw141292 mapping->id1.idtype = IDMAP_SID; 8154520Snw141292 mapping->id1.idmap_id_u.sid.rid = rid; 8164520Snw141292 if ((mapping->id1.idmap_id_u.sid.prefix = strdup(sidprefix)) == NULL) { 8174520Snw141292 retcode = IDMAP_ERR_MEMORY; 8184520Snw141292 goto errout; 8194520Snw141292 } 8204520Snw141292 mapping->id2.idtype = IDMAP_UID; 8214520Snw141292 8224520Snw141292 /* Setup pointers for the result */ 8234520Snw141292 gh->retlist[gh->next].idtype = IDMAP_UID; 8244520Snw141292 gh->retlist[gh->next].uid = uid; 8254520Snw141292 gh->retlist[gh->next].stat = stat; 8264520Snw141292 8274520Snw141292 gh->next++; 8284520Snw141292 return (IDMAP_SUCCESS); 8294520Snw141292 8304520Snw141292 errout: 8314644Sbaban /* Batch created so far should still be usable */ 8324644Sbaban if (mapping) 8334644Sbaban (void) memset(mapping, 0, sizeof (*mapping)); 8344520Snw141292 errno = idmap_stat2errno(retcode); 8354520Snw141292 return (retcode); 8364520Snw141292 } 8374520Snw141292 8384520Snw141292 8394520Snw141292 /* 8404520Snw141292 * Given SID, get GID 8414520Snw141292 * 8424520Snw141292 * Input: 8434520Snw141292 * sidprefix - SID prefix 8444520Snw141292 * rid - rid 8454520Snw141292 * flag - flag 8464520Snw141292 * 8474520Snw141292 * Output: 8484520Snw141292 * stat - status of the get request 8494520Snw141292 * gid - POSIX GID if stat = 0 8504520Snw141292 * 8514520Snw141292 * Note: The output parameters will be set by idmap_get_mappings() 8524520Snw141292 */ 8534520Snw141292 idmap_stat 8544520Snw141292 idmap_get_gidbysid(idmap_get_handle_t *gh, char *sidprefix, idmap_rid_t rid, 8554520Snw141292 int flag, gid_t *gid, idmap_stat *stat) { 8564520Snw141292 8574520Snw141292 idmap_retcode retcode; 8584644Sbaban idmap_mapping *mapping = NULL; 8594520Snw141292 8604520Snw141292 /* sanity checks */ 8614520Snw141292 if (gh == NULL) 8624520Snw141292 return (IDMAP_ERR_ARG); 8634520Snw141292 if (gid == NULL || sidprefix == NULL) 8644520Snw141292 return (IDMAP_ERR_ARG); 8654520Snw141292 8664520Snw141292 /* Extend the request array and the return list */ 8674520Snw141292 if ((retcode = _get_ids_extend_batch(gh)) != IDMAP_SUCCESS) 8684520Snw141292 goto errout; 8694520Snw141292 8704520Snw141292 /* Setup the request */ 8714520Snw141292 mapping = &gh->batch.idmap_mapping_batch_val[gh->next]; 8724520Snw141292 mapping->flag = flag; 8734520Snw141292 mapping->id1.idtype = IDMAP_SID; 8744520Snw141292 mapping->id1.idmap_id_u.sid.rid = rid; 8754520Snw141292 if ((mapping->id1.idmap_id_u.sid.prefix = strdup(sidprefix)) == NULL) { 8764520Snw141292 retcode = IDMAP_ERR_MEMORY; 8774520Snw141292 goto errout; 8784520Snw141292 } 8794520Snw141292 mapping->id2.idtype = IDMAP_GID; 8804520Snw141292 8814520Snw141292 /* Setup pointers for the result */ 8824520Snw141292 gh->retlist[gh->next].idtype = IDMAP_GID; 8834520Snw141292 gh->retlist[gh->next].gid = gid; 8844520Snw141292 gh->retlist[gh->next].stat = stat; 8854520Snw141292 8864520Snw141292 gh->next++; 8874520Snw141292 return (IDMAP_SUCCESS); 8884520Snw141292 8894520Snw141292 errout: 8904644Sbaban if (mapping) 8914644Sbaban (void) memset(mapping, 0, sizeof (*mapping)); 8924520Snw141292 errno = idmap_stat2errno(retcode); 8934520Snw141292 return (retcode); 8944520Snw141292 } 8954520Snw141292 8964520Snw141292 8974520Snw141292 /* 8984520Snw141292 * Given SID, get POSIX ID i.e. UID/GID 8994520Snw141292 * 9004520Snw141292 * Input: 9014520Snw141292 * sidprefix - SID prefix 9024520Snw141292 * rid - rid 9034520Snw141292 * flag - flag 9044520Snw141292 * 9054520Snw141292 * Output: 9064520Snw141292 * stat - status of the get request 9074520Snw141292 * is_user - user or group 9084520Snw141292 * pid - POSIX UID if stat = 0 and is_user = 1 9094520Snw141292 * POSIX GID if stat = 0 and is_user = 0 9104520Snw141292 * 9114520Snw141292 * Note: The output parameters will be set by idmap_get_mappings() 9124520Snw141292 */ 9134520Snw141292 idmap_stat 9144520Snw141292 idmap_get_pidbysid(idmap_get_handle_t *gh, char *sidprefix, idmap_rid_t rid, 9154520Snw141292 int flag, uid_t *pid, int *is_user, idmap_stat *stat) { 9164520Snw141292 idmap_retcode retcode; 9174644Sbaban idmap_mapping *mapping = NULL; 9184520Snw141292 9194520Snw141292 /* sanity checks */ 9204520Snw141292 if (gh == NULL) 9214520Snw141292 return (IDMAP_ERR_ARG); 9224520Snw141292 if (pid == NULL || sidprefix == NULL || is_user == NULL) 9234520Snw141292 return (IDMAP_ERR_ARG); 9244520Snw141292 9254520Snw141292 /* Extend the request array and the return list */ 9264520Snw141292 if ((retcode = _get_ids_extend_batch(gh)) != IDMAP_SUCCESS) 9274520Snw141292 goto errout; 9284520Snw141292 9294520Snw141292 /* Setup the request */ 9304520Snw141292 mapping = &gh->batch.idmap_mapping_batch_val[gh->next]; 9314520Snw141292 mapping->flag = flag; 9324520Snw141292 mapping->id1.idtype = IDMAP_SID; 9334520Snw141292 mapping->id1.idmap_id_u.sid.rid = rid; 9344520Snw141292 if ((mapping->id1.idmap_id_u.sid.prefix = strdup(sidprefix)) == NULL) { 9354520Snw141292 retcode = IDMAP_ERR_MEMORY; 9364520Snw141292 goto errout; 9374520Snw141292 } 9384520Snw141292 mapping->id2.idtype = IDMAP_POSIXID; 9394520Snw141292 9404520Snw141292 /* Setup pointers for the result */ 9414520Snw141292 gh->retlist[gh->next].idtype = IDMAP_POSIXID; 9424520Snw141292 gh->retlist[gh->next].uid = pid; 9434520Snw141292 gh->retlist[gh->next].gid = pid; 9444520Snw141292 gh->retlist[gh->next].is_user = is_user; 9454520Snw141292 gh->retlist[gh->next].stat = stat; 9464520Snw141292 9474520Snw141292 gh->next++; 9484520Snw141292 return (IDMAP_SUCCESS); 9494520Snw141292 9504520Snw141292 errout: 9514644Sbaban if (mapping) 9524644Sbaban (void) memset(mapping, 0, sizeof (*mapping)); 9534520Snw141292 errno = idmap_stat2errno(retcode); 9544520Snw141292 return (retcode); 9554520Snw141292 } 9564520Snw141292 9574520Snw141292 9584520Snw141292 /* 9594520Snw141292 * Given UID, get SID 9604520Snw141292 * 9614520Snw141292 * Input: 9624520Snw141292 * uid - POSIX UID 9634520Snw141292 * flag - flag 9644520Snw141292 * 9654520Snw141292 * Output: 9664520Snw141292 * stat - status of the get request 9674520Snw141292 * sid - SID prefix (if stat == 0) 9684520Snw141292 * rid - rid 9694520Snw141292 * 9704520Snw141292 * Note: The output parameters will be set by idmap_get_mappings() 9714520Snw141292 */ 9724520Snw141292 idmap_stat 9734520Snw141292 idmap_get_sidbyuid(idmap_get_handle_t *gh, uid_t uid, int flag, 9744520Snw141292 char **sidprefix, idmap_rid_t *rid, idmap_stat *stat) { 9754520Snw141292 9764520Snw141292 idmap_retcode retcode; 9774644Sbaban idmap_mapping *mapping = NULL; 9784520Snw141292 9794520Snw141292 /* sanity checks */ 9804520Snw141292 if (gh == NULL) 9814520Snw141292 return (IDMAP_ERR_ARG); 9824520Snw141292 if (sidprefix == NULL) 9834520Snw141292 return (IDMAP_ERR_ARG); 9844520Snw141292 9854520Snw141292 /* Extend the request array and the return list */ 9864520Snw141292 if ((retcode = _get_ids_extend_batch(gh)) != IDMAP_SUCCESS) 9874520Snw141292 goto errout; 9884520Snw141292 9894520Snw141292 /* Setup the request */ 9904520Snw141292 mapping = &gh->batch.idmap_mapping_batch_val[gh->next]; 9914520Snw141292 mapping->flag = flag; 9924520Snw141292 mapping->id1.idtype = IDMAP_UID; 9934520Snw141292 mapping->id1.idmap_id_u.uid = uid; 9944520Snw141292 mapping->id2.idtype = IDMAP_SID; 9954520Snw141292 9964520Snw141292 /* Setup pointers for the result */ 9974520Snw141292 gh->retlist[gh->next].idtype = IDMAP_SID; 9984520Snw141292 gh->retlist[gh->next].sidprefix = sidprefix; 9994520Snw141292 gh->retlist[gh->next].rid = rid; 10004520Snw141292 gh->retlist[gh->next].stat = stat; 10014520Snw141292 10024520Snw141292 gh->next++; 10034520Snw141292 return (IDMAP_SUCCESS); 10044520Snw141292 10054520Snw141292 errout: 10064644Sbaban if (mapping) 10074644Sbaban (void) memset(mapping, 0, sizeof (*mapping)); 10084520Snw141292 errno = idmap_stat2errno(retcode); 10094520Snw141292 return (retcode); 10104520Snw141292 } 10114520Snw141292 10124520Snw141292 10134520Snw141292 /* 10144520Snw141292 * Given GID, get SID 10154520Snw141292 * 10164520Snw141292 * Input: 10174520Snw141292 * gid - POSIX GID 10184520Snw141292 * flag - flag 10194520Snw141292 * 10204520Snw141292 * Output: 10214520Snw141292 * stat - status of the get request 10224520Snw141292 * sidprefix - SID prefix (if stat == 0) 10234520Snw141292 * rid - rid 10244520Snw141292 * 10254520Snw141292 * Note: The output parameters will be set by idmap_get_mappings() 10264520Snw141292 */ 10274520Snw141292 idmap_stat 10284520Snw141292 idmap_get_sidbygid(idmap_get_handle_t *gh, gid_t gid, int flag, 10294520Snw141292 char **sidprefix, idmap_rid_t *rid, idmap_stat *stat) { 10304520Snw141292 10314520Snw141292 idmap_retcode retcode; 10324644Sbaban idmap_mapping *mapping = NULL; 10334520Snw141292 10344520Snw141292 /* sanity checks */ 10354520Snw141292 if (gh == NULL) 10364520Snw141292 return (IDMAP_ERR_ARG); 10374520Snw141292 if (sidprefix == NULL) 10384520Snw141292 return (IDMAP_ERR_ARG); 10394520Snw141292 10404520Snw141292 /* Extend the request array and the return list */ 10414520Snw141292 if ((retcode = _get_ids_extend_batch(gh)) != IDMAP_SUCCESS) 10424520Snw141292 goto errout; 10434520Snw141292 10444520Snw141292 /* Setup the request */ 10454520Snw141292 mapping = &gh->batch.idmap_mapping_batch_val[gh->next]; 10464520Snw141292 mapping->flag = flag; 10474520Snw141292 mapping->id1.idtype = IDMAP_GID; 10484520Snw141292 mapping->id1.idmap_id_u.gid = gid; 10494520Snw141292 mapping->id2.idtype = IDMAP_SID; 10504520Snw141292 10514520Snw141292 /* Setup pointers for the result */ 10524520Snw141292 gh->retlist[gh->next].idtype = IDMAP_SID; 10534520Snw141292 gh->retlist[gh->next].sidprefix = sidprefix; 10544520Snw141292 gh->retlist[gh->next].rid = rid; 10554520Snw141292 gh->retlist[gh->next].stat = stat; 10564520Snw141292 10574520Snw141292 gh->next++; 10584520Snw141292 return (IDMAP_SUCCESS); 10594520Snw141292 10604520Snw141292 errout: 10614644Sbaban if (mapping) 10624644Sbaban (void) memset(mapping, 0, sizeof (*mapping)); 10634520Snw141292 errno = idmap_stat2errno(retcode); 10644520Snw141292 return (retcode); 10654520Snw141292 } 10664520Snw141292 10674520Snw141292 10684520Snw141292 /* 10694520Snw141292 * Process the batched "get mapping" requests. The results (i.e. 10704520Snw141292 * status and identity) will be available in the data areas 10714520Snw141292 * provided by individual requests. 10724520Snw141292 */ 10734520Snw141292 idmap_stat 10744520Snw141292 idmap_get_mappings(idmap_get_handle_t *gh) { 10754520Snw141292 CLIENT *clnt; 10764520Snw141292 enum clnt_stat clntstat; 10774520Snw141292 idmap_retcode retcode; 10784520Snw141292 idmap_ids_res res; 10794520Snw141292 idmap_id *id; 10804520Snw141292 int i; 10814520Snw141292 10824520Snw141292 if (gh == NULL) { 10834520Snw141292 errno = EINVAL; 10844520Snw141292 return (IDMAP_ERR_ARG); 10854520Snw141292 } 10864520Snw141292 _IDMAP_GET_CLIENT_HANDLE(gh->ih, clnt); 10874520Snw141292 10884520Snw141292 (void) memset(&res, 0, sizeof (idmap_ids_res)); 10894520Snw141292 clntstat = clnt_call(clnt, IDMAP_GET_MAPPED_IDS, 10904520Snw141292 (xdrproc_t)xdr_idmap_mapping_batch, 10914520Snw141292 (caddr_t)&gh->batch, 10924520Snw141292 (xdrproc_t)xdr_idmap_ids_res, 10934520Snw141292 (caddr_t)&res, 10944520Snw141292 TIMEOUT); 10954520Snw141292 if (clntstat != RPC_SUCCESS) { 10964644Sbaban retcode = _idmap_rpc2stat(clnt); 10974520Snw141292 goto out; 10984520Snw141292 } 10994520Snw141292 if (res.retcode != IDMAP_SUCCESS) { 11004520Snw141292 retcode = res.retcode; 11014520Snw141292 goto out; 11024520Snw141292 } 11034520Snw141292 for (i = 0; i < gh->next; i++) { 11044520Snw141292 if (i >= res.ids.ids_len) { 11054520Snw141292 *gh->retlist[i].stat = IDMAP_ERR_NORESULT; 11064520Snw141292 continue; 11074520Snw141292 } 11084520Snw141292 *gh->retlist[i].stat = res.ids.ids_val[i].retcode; 11094520Snw141292 id = &res.ids.ids_val[i].id; 11104520Snw141292 switch (id->idtype) { 11114520Snw141292 case IDMAP_UID: 11124520Snw141292 if (gh->retlist[i].uid) 11134520Snw141292 *gh->retlist[i].uid = id->idmap_id_u.uid; 11144520Snw141292 if (gh->retlist[i].is_user) 11154520Snw141292 *gh->retlist[i].is_user = 1; 11164520Snw141292 break; 11174520Snw141292 case IDMAP_GID: 11184520Snw141292 if (gh->retlist[i].gid) 11194520Snw141292 *gh->retlist[i].gid = id->idmap_id_u.gid; 11204520Snw141292 if (gh->retlist[i].is_user) 11214520Snw141292 *gh->retlist[i].is_user = 0; 11224520Snw141292 break; 11234864Sbaban case IDMAP_POSIXID: 11244864Sbaban if (gh->retlist[i].uid) 11254864Sbaban *gh->retlist[i].uid = 60001; 11264864Sbaban if (gh->retlist[i].is_user) 11274864Sbaban *gh->retlist[i].is_user = -1; 11284864Sbaban break; 11294520Snw141292 case IDMAP_SID: 11304520Snw141292 if (gh->retlist[i].rid) 11314520Snw141292 *gh->retlist[i].rid = id->idmap_id_u.sid.rid; 11324520Snw141292 if (gh->retlist[i].sidprefix) { 11334695Sbaban if (id->idmap_id_u.sid.prefix == NULL || 11344695Sbaban *id->idmap_id_u.sid.prefix == '\0') { 11354520Snw141292 *gh->retlist[i].sidprefix = NULL; 11364520Snw141292 break; 11374520Snw141292 } 11384520Snw141292 *gh->retlist[i].sidprefix = 11394520Snw141292 strdup(id->idmap_id_u.sid.prefix); 11404520Snw141292 if (*gh->retlist[i].sidprefix == NULL) 11414520Snw141292 *gh->retlist[i].stat = 11424520Snw141292 IDMAP_ERR_MEMORY; 11434520Snw141292 } 11444520Snw141292 break; 11454520Snw141292 case IDMAP_NONE: 11464520Snw141292 break; 11474520Snw141292 default: 11484520Snw141292 *gh->retlist[i].stat = IDMAP_ERR_NORESULT; 11494520Snw141292 break; 11504520Snw141292 } 11514520Snw141292 } 11524520Snw141292 retcode = IDMAP_SUCCESS; 11534520Snw141292 11544520Snw141292 out: 11554644Sbaban _IDMAP_RESET_GET_HANDLE(gh); 11564520Snw141292 (void) xdr_free(xdr_idmap_ids_res, (caddr_t)&res); 11574520Snw141292 errno = idmap_stat2errno(retcode); 11584520Snw141292 return (retcode); 11594520Snw141292 } 11604520Snw141292 11614520Snw141292 11624520Snw141292 /* 11634520Snw141292 * Destroy the "get mapping" handle 11644520Snw141292 */ 11654520Snw141292 void 11664520Snw141292 idmap_get_destroy(idmap_get_handle_t *gh) { 11674520Snw141292 if (gh == NULL) 11684520Snw141292 return; 11694520Snw141292 (void) xdr_free(xdr_idmap_mapping_batch, (caddr_t)&gh->batch); 11704520Snw141292 if (gh->retlist) 11714520Snw141292 free(gh->retlist); 11724520Snw141292 free(gh); 11734520Snw141292 } 11744520Snw141292 11754520Snw141292 11764520Snw141292 /* 11774520Snw141292 * Get windows to unix mapping 11784520Snw141292 */ 11794520Snw141292 idmap_stat 11804520Snw141292 idmap_get_w2u_mapping(idmap_handle_t *handle, 11814520Snw141292 const char *sidprefix, idmap_rid_t *rid, 11824520Snw141292 const char *winname, const char *windomain, 11834520Snw141292 int flag, int *is_user, 11844520Snw141292 uid_t *pid, char **unixname, int *direction) { 11854520Snw141292 CLIENT *clnt; 11864520Snw141292 enum clnt_stat clntstat; 11874520Snw141292 idmap_mapping request, *mapping; 11884520Snw141292 idmap_mappings_res result; 11894520Snw141292 idmap_retcode retcode, rc; 11904520Snw141292 idmap_utf8str *str; 11914520Snw141292 11924520Snw141292 if (handle == NULL) { 11934520Snw141292 errno = EINVAL; 11944520Snw141292 return (IDMAP_ERR_ARG); 11954520Snw141292 } 11964520Snw141292 11974520Snw141292 _IDMAP_GET_CLIENT_HANDLE(handle, clnt); 11984520Snw141292 11994520Snw141292 (void) memset(&request, 0, sizeof (request)); 12004520Snw141292 (void) memset(&result, 0, sizeof (result)); 12014520Snw141292 12024864Sbaban if (is_user) 12034864Sbaban *is_user = -1; 12044520Snw141292 if (pid) 12054520Snw141292 *pid = UINT32_MAX; 12064520Snw141292 if (unixname) 12074520Snw141292 *unixname = NULL; 12084520Snw141292 if (direction) 12094644Sbaban *direction = IDMAP_DIRECTION_UNDEF; 12104520Snw141292 12114520Snw141292 request.flag = flag; 12124520Snw141292 request.id1.idtype = IDMAP_SID; 12134520Snw141292 if (sidprefix && rid) { 12144520Snw141292 request.id1.idmap_id_u.sid.prefix = (char *)sidprefix; 12154520Snw141292 request.id1.idmap_id_u.sid.rid = *rid; 12164520Snw141292 } else if (winname) { 12174520Snw141292 str = &request.id1name; 12184520Snw141292 retcode = idmap_str2utf8(&str, winname, 1); 12194520Snw141292 if (retcode != IDMAP_SUCCESS) 12204520Snw141292 goto out; 12214520Snw141292 if (windomain) { 12224520Snw141292 str = &request.id1domain; 12234520Snw141292 retcode = idmap_str2utf8(&str, windomain, 1); 12244520Snw141292 if (retcode != IDMAP_SUCCESS) 12254520Snw141292 return (retcode); 12264520Snw141292 } 12274520Snw141292 request.id1.idmap_id_u.sid.prefix = NULL; 12284520Snw141292 } else { 12294520Snw141292 errno = EINVAL; 12304520Snw141292 return (IDMAP_ERR_ARG); 12314520Snw141292 } 12324520Snw141292 12334520Snw141292 if (is_user == NULL) 12344520Snw141292 request.id2.idtype = IDMAP_POSIXID; 12354520Snw141292 else if (*is_user == 1) 12364520Snw141292 request.id2.idtype = IDMAP_UID; 12374520Snw141292 else if (*is_user == 0) 12384520Snw141292 request.id2.idtype = IDMAP_GID; 12394520Snw141292 else 12404520Snw141292 request.id2.idtype = IDMAP_POSIXID; 12414520Snw141292 12424520Snw141292 clntstat = clnt_call(clnt, IDMAP_GET_MAPPED_ID_BY_NAME, 12434520Snw141292 (xdrproc_t)xdr_idmap_mapping, (caddr_t)&request, 12444520Snw141292 (xdrproc_t)xdr_idmap_mappings_res, (caddr_t)&result, 12454520Snw141292 TIMEOUT); 12464520Snw141292 12474644Sbaban if (clntstat != RPC_SUCCESS) 12484644Sbaban return (_idmap_rpc2stat(clnt)); 12494520Snw141292 12504520Snw141292 retcode = result.retcode; 12514520Snw141292 12524520Snw141292 if ((mapping = result.mappings.mappings_val) == NULL) { 12534520Snw141292 if (retcode == IDMAP_SUCCESS) 12544520Snw141292 retcode = IDMAP_ERR_NORESULT; 12554520Snw141292 goto out; 12564520Snw141292 } 12574520Snw141292 12584864Sbaban if (mapping->id2.idtype == IDMAP_UID) { 12594864Sbaban if (is_user) *is_user = 1; 12604864Sbaban } else if (mapping->id2.idtype == IDMAP_GID) { 12614864Sbaban if (is_user) *is_user = 0; 12624864Sbaban } else { 12634864Sbaban goto out; 12644864Sbaban } 12654520Snw141292 if (direction) 12664520Snw141292 *direction = mapping->direction; 12674520Snw141292 if (pid) 12684520Snw141292 *pid = mapping->id2.idmap_id_u.uid; 12694520Snw141292 if (unixname) { 12704520Snw141292 rc = idmap_utf82str(unixname, 0, &mapping->id2name); 12714520Snw141292 if (rc != IDMAP_SUCCESS) 12724520Snw141292 retcode = rc; 12734520Snw141292 } 12744520Snw141292 12754520Snw141292 out: 12764520Snw141292 xdr_free(xdr_idmap_mappings_res, (caddr_t)&result); 12774520Snw141292 if (retcode != IDMAP_SUCCESS) 12784520Snw141292 errno = idmap_stat2errno(retcode); 12794520Snw141292 return (retcode); 12804520Snw141292 } 12814520Snw141292 12824520Snw141292 12834520Snw141292 /* 12844520Snw141292 * Get unix to windows mapping 12854520Snw141292 */ 12864520Snw141292 idmap_stat 12874520Snw141292 idmap_get_u2w_mapping(idmap_handle_t *handle, 12884520Snw141292 uid_t *pid, const char *unixname, 12894520Snw141292 int flag, int is_user, 12904520Snw141292 char **sidprefix, idmap_rid_t *rid, 12914520Snw141292 char **winname, char **windomain, 12924520Snw141292 int *direction) { 12934520Snw141292 CLIENT *clnt; 12944520Snw141292 enum clnt_stat clntstat; 12954520Snw141292 idmap_mapping request, *mapping; 12964520Snw141292 idmap_mappings_res result; 12974520Snw141292 idmap_retcode retcode, rc; 12984520Snw141292 idmap_utf8str *str; 12994520Snw141292 13004520Snw141292 if (handle == NULL) { 13014520Snw141292 errno = EINVAL; 13024520Snw141292 return (IDMAP_ERR_ARG); 13034520Snw141292 } 13044520Snw141292 13054520Snw141292 _IDMAP_GET_CLIENT_HANDLE(handle, clnt); 13064520Snw141292 13074520Snw141292 if (sidprefix) 13084520Snw141292 *sidprefix = NULL; 13094520Snw141292 if (winname) 13104520Snw141292 *winname = NULL; 13114520Snw141292 if (windomain) 13124520Snw141292 *windomain = NULL; 13134520Snw141292 if (rid) 13144520Snw141292 *rid = UINT32_MAX; 13154520Snw141292 if (direction) 13164644Sbaban *direction = IDMAP_DIRECTION_UNDEF; 13174520Snw141292 13184520Snw141292 (void) memset(&request, 0, sizeof (request)); 13194520Snw141292 (void) memset(&result, 0, sizeof (result)); 13204520Snw141292 13214520Snw141292 request.flag = flag; 13224520Snw141292 request.id1.idtype = is_user?IDMAP_UID:IDMAP_GID; 13234520Snw141292 13244520Snw141292 if (pid && *pid != UINT32_MAX) { 13254520Snw141292 request.id1.idmap_id_u.uid = *pid; 13264520Snw141292 } else if (unixname) { 13274520Snw141292 str = &request.id1name; 13284520Snw141292 retcode = idmap_str2utf8(&str, unixname, 1); 13294520Snw141292 if (retcode != IDMAP_SUCCESS) 13304520Snw141292 goto out; 13314520Snw141292 request.id1.idmap_id_u.uid = UINT32_MAX; 13324520Snw141292 } else { 13334520Snw141292 errno = EINVAL; 13344520Snw141292 return (IDMAP_ERR_ARG); 13354520Snw141292 } 13364520Snw141292 13374520Snw141292 request.id2.idtype = IDMAP_SID; 13384520Snw141292 13394520Snw141292 clntstat = clnt_call(clnt, IDMAP_GET_MAPPED_ID_BY_NAME, 13404520Snw141292 (xdrproc_t)xdr_idmap_mapping, (caddr_t)&request, 13414520Snw141292 (xdrproc_t)xdr_idmap_mappings_res, (caddr_t)&result, 13424520Snw141292 TIMEOUT); 13434520Snw141292 13444644Sbaban if (clntstat != RPC_SUCCESS) 13454644Sbaban return (_idmap_rpc2stat(clnt)); 13464520Snw141292 13474520Snw141292 retcode = result.retcode; 13484520Snw141292 13494520Snw141292 if ((mapping = result.mappings.mappings_val) == NULL) { 13504520Snw141292 if (retcode == IDMAP_SUCCESS) 13514520Snw141292 retcode = IDMAP_ERR_NORESULT; 13524520Snw141292 goto out; 13534520Snw141292 } 13544520Snw141292 13554520Snw141292 if (direction) 13564520Snw141292 *direction = mapping->direction; 13574695Sbaban if (sidprefix && mapping->id2.idmap_id_u.sid.prefix && 13584695Sbaban *mapping->id2.idmap_id_u.sid.prefix != '\0') { 13594520Snw141292 *sidprefix = strdup(mapping->id2.idmap_id_u.sid.prefix); 13604520Snw141292 if (*sidprefix == NULL) { 13614520Snw141292 retcode = IDMAP_ERR_MEMORY; 13624520Snw141292 goto errout; 13634520Snw141292 } 13644520Snw141292 } 13654520Snw141292 if (rid) 13664520Snw141292 *rid = mapping->id2.idmap_id_u.sid.rid; 13674520Snw141292 if (winname) { 13684520Snw141292 rc = idmap_utf82str(winname, 0, &mapping->id2name); 13694520Snw141292 if (rc != IDMAP_SUCCESS) { 13704520Snw141292 retcode = rc; 13714520Snw141292 goto errout; 13724520Snw141292 } 13734520Snw141292 } 13744520Snw141292 if (windomain) { 13754520Snw141292 rc = idmap_utf82str(windomain, 0, &mapping->id2domain); 13764520Snw141292 if (rc != IDMAP_SUCCESS) { 13774520Snw141292 retcode = rc; 13784520Snw141292 goto errout; 13794520Snw141292 } 13804520Snw141292 } 13814520Snw141292 13824520Snw141292 goto out; 13834520Snw141292 13844520Snw141292 errout: 13854520Snw141292 if (sidprefix && *sidprefix) { 13864520Snw141292 free(*sidprefix); 13874520Snw141292 *sidprefix = NULL; 13884520Snw141292 } 13894520Snw141292 if (winname && *winname) { 13904520Snw141292 free(*winname); 13914520Snw141292 *winname = NULL; 13924520Snw141292 } 13934520Snw141292 if (windomain && *windomain) { 13944520Snw141292 free(*windomain); 13954520Snw141292 *windomain = NULL; 13964520Snw141292 } 13974520Snw141292 13984520Snw141292 out: 13994520Snw141292 xdr_free(xdr_idmap_mappings_res, (caddr_t)&result); 14004520Snw141292 if (retcode != IDMAP_SUCCESS) 14014520Snw141292 errno = idmap_stat2errno(retcode); 14024520Snw141292 return (retcode); 14034520Snw141292 } 14044520Snw141292 14054520Snw141292 14064520Snw141292 /* 14074520Snw141292 * utf8str to string 14084520Snw141292 */ 14094520Snw141292 idmap_stat 14104520Snw141292 idmap_utf82str(char **out, size_t outsize, idmap_utf8str *in) { 14114520Snw141292 int len; 14124520Snw141292 14134520Snw141292 if (in == NULL || out == NULL) 14144520Snw141292 return (IDMAP_ERR_ARG); 14154520Snw141292 14164520Snw141292 if (outsize == 0) { 14174520Snw141292 *out = NULL; 14184520Snw141292 if ((len = in->idmap_utf8str_len) == 0) 14194520Snw141292 return (IDMAP_SUCCESS); 14204520Snw141292 if (in->idmap_utf8str_val == NULL) 14214520Snw141292 return (IDMAP_ERR_ARG); 14224695Sbaban if (in->idmap_utf8str_val[len - 1] != '\0') 14234520Snw141292 len++; 14244520Snw141292 *out = calloc(1, len); 14254520Snw141292 if (*out == NULL) 14264520Snw141292 return (IDMAP_ERR_MEMORY); 14274520Snw141292 } else { 14284520Snw141292 if (*out == NULL) 14294520Snw141292 return (IDMAP_ERR_ARG); 14304520Snw141292 (void) memset(*out, 0, outsize); 14314520Snw141292 if ((len = in->idmap_utf8str_len) == 0) 14324520Snw141292 return (IDMAP_SUCCESS); 14334520Snw141292 if (in->idmap_utf8str_val == NULL) 14344520Snw141292 return (IDMAP_ERR_ARG); 14354695Sbaban if (in->idmap_utf8str_val[len - 1] != '\0') 14364520Snw141292 len++; 14374520Snw141292 if (outsize < len) 14384520Snw141292 return (IDMAP_ERR_ARG); 14394520Snw141292 } 14404520Snw141292 (void) memcpy(*out, in->idmap_utf8str_val, in->idmap_utf8str_len); 14414520Snw141292 return (IDMAP_SUCCESS); 14424520Snw141292 } 14434520Snw141292 14444520Snw141292 14454520Snw141292 /* 14464520Snw141292 * string to utf8str 14474520Snw141292 */ 14484520Snw141292 idmap_stat 14494520Snw141292 idmap_str2utf8(idmap_utf8str **out, const char *in, int flag) { 14504520Snw141292 idmap_utf8str *tmp; 14514520Snw141292 14524520Snw141292 if (out == NULL) 14534520Snw141292 return (IDMAP_ERR_ARG); 14544520Snw141292 else if (*out == NULL) { 14554520Snw141292 tmp = malloc(sizeof (idmap_utf8str)); 14564520Snw141292 if (tmp == NULL) 14574520Snw141292 return (IDMAP_ERR_MEMORY); 14584520Snw141292 } else { 14594520Snw141292 tmp = *out; 14604520Snw141292 } 14614520Snw141292 14624520Snw141292 if (in == NULL) { 14634520Snw141292 tmp->idmap_utf8str_len = 0; 14644520Snw141292 tmp->idmap_utf8str_val = NULL; 14654520Snw141292 if (*out == NULL) 14664520Snw141292 *out = tmp; 14674520Snw141292 return (IDMAP_SUCCESS); 14684520Snw141292 } 14694520Snw141292 14704520Snw141292 /* include the null terminator */ 14714520Snw141292 tmp->idmap_utf8str_len = strlen(in) + 1; 14724520Snw141292 14734520Snw141292 if (flag == 1) { 14744520Snw141292 /* Don't malloc, simply assign */ 14754520Snw141292 tmp->idmap_utf8str_val = (char *)in; 14764520Snw141292 if (*out == NULL) 14774520Snw141292 *out = tmp; 14784520Snw141292 return (IDMAP_SUCCESS); 14794520Snw141292 } 14804520Snw141292 14814520Snw141292 tmp->idmap_utf8str_val = malloc(tmp->idmap_utf8str_len); 14824520Snw141292 if (tmp->idmap_utf8str_val == NULL) { 14834520Snw141292 tmp->idmap_utf8str_len = 0; 14844520Snw141292 if (*out == NULL) 14854520Snw141292 free(tmp); 14864520Snw141292 return (IDMAP_ERR_MEMORY); 14874520Snw141292 } 14884520Snw141292 (void) memcpy(tmp->idmap_utf8str_val, in, tmp->idmap_utf8str_len); 14894520Snw141292 if (*out == NULL) 14904520Snw141292 *out = tmp; 14914520Snw141292 return (IDMAP_SUCCESS); 14924520Snw141292 } 14934520Snw141292 14944520Snw141292 14954520Snw141292 #define gettext(s) s 14964520Snw141292 static stat_table_t stattable[] = { 14974520Snw141292 {IDMAP_SUCCESS, gettext("Success"), 0}, 14984520Snw141292 {IDMAP_NEXT, gettext("More results available"), 0}, 14994520Snw141292 {IDMAP_ERR_OTHER, gettext("Undefined error"), EINVAL}, 15004520Snw141292 {IDMAP_ERR_INTERNAL, gettext("Internal error"), EINVAL}, 15014520Snw141292 {IDMAP_ERR_MEMORY, gettext("Out of memory"), ENOMEM}, 15024520Snw141292 {IDMAP_ERR_NORESULT, gettext("No results available"), EINVAL}, 15034520Snw141292 {IDMAP_ERR_NOTUSER, gettext("Not a user"), EINVAL}, 15044520Snw141292 {IDMAP_ERR_NOTGROUP, gettext("Not a group"), EINVAL}, 15054644Sbaban {IDMAP_ERR_NOTSUPPORTED, gettext("Operation not supported"), ENOTSUP}, 15064520Snw141292 {IDMAP_ERR_W2U_NAMERULE, 15074520Snw141292 gettext("Invalid Windows to UNIX name-based rule"), EINVAL}, 15084520Snw141292 {IDMAP_ERR_U2W_NAMERULE, 15094520Snw141292 gettext("Invalid UNIX to Windows name-based rule"), EINVAL}, 15104520Snw141292 {IDMAP_ERR_CACHE, gettext("Invalid cache"), EINVAL}, 15114520Snw141292 {IDMAP_ERR_DB, gettext("Invalid database"), EINVAL}, 15124520Snw141292 {IDMAP_ERR_ARG, gettext("Invalid argument"), EINVAL}, 15134520Snw141292 {IDMAP_ERR_SID, gettext("Invalid SID"), EINVAL}, 15144520Snw141292 {IDMAP_ERR_IDTYPE, gettext("Invalid identity type"), EINVAL}, 15154644Sbaban {IDMAP_ERR_RPC_HANDLE, gettext("Bad RPC handle"), EBADF}, 15164520Snw141292 {IDMAP_ERR_RPC, gettext("RPC error"), EINVAL}, 15174520Snw141292 {IDMAP_ERR_CLIENT_HANDLE, gettext("Bad client handle"), EINVAL}, 15184644Sbaban {IDMAP_ERR_BUSY, gettext("Server is busy"), EBUSY}, 15194695Sbaban {IDMAP_ERR_PERMISSION_DENIED, gettext("Permission denied"), EACCES}, 15204520Snw141292 {IDMAP_ERR_NOMAPPING, 15214520Snw141292 gettext("Mapping not found or inhibited"), EINVAL}, 15224520Snw141292 {IDMAP_ERR_NEW_ID_ALLOC_REQD, 15234520Snw141292 gettext("New mapping needs to be created"), EINVAL}, 15244520Snw141292 {IDMAP_ERR_DOMAIN, gettext("Invalid domain"), EINVAL}, 15254520Snw141292 {IDMAP_ERR_SECURITY, gettext("Security issue"), EINVAL}, 15264520Snw141292 {IDMAP_ERR_NOTFOUND, gettext("Not found"), EINVAL}, 15274520Snw141292 {IDMAP_ERR_DOMAIN_NOTFOUND, gettext("Domain not found"), EINVAL}, 15284520Snw141292 {IDMAP_ERR_UPDATE_NOTALLOWED, gettext("Update not allowed"), EINVAL}, 15294520Snw141292 {IDMAP_ERR_CFG, gettext("Configuration error"), EINVAL}, 15304520Snw141292 {IDMAP_ERR_CFG_CHANGE, gettext("Invalid configuration change"), EINVAL}, 15314520Snw141292 {IDMAP_ERR_NOTMAPPED_WELLKNOWN, 15324520Snw141292 gettext("No mapping for well-known SID"), EINVAL}, 15334520Snw141292 {IDMAP_ERR_RETRIABLE_NET_ERR, 15344864Sbaban gettext("Windows lookup failed"), EINVAL}, 15354864Sbaban {IDMAP_ERR_W2U_NAMERULE_CONFLICT, 15364864Sbaban gettext("Duplicate rule or conflicts with an existing " 15374864Sbaban "Windows to UNIX name-based rule"), EINVAL}, 15384864Sbaban {IDMAP_ERR_U2W_NAMERULE_CONFLICT, 15394864Sbaban gettext("Duplicate rule or conflicts with an existing " 15404864Sbaban "Unix to Windows name-based rule"), EINVAL}, 15414520Snw141292 {-1, NULL, 0} 15424520Snw141292 }; 15434520Snw141292 #undef gettext 15444520Snw141292 15454520Snw141292 15464520Snw141292 /* 15474520Snw141292 * Get description of status code 15484520Snw141292 * 15494520Snw141292 * Input: 15504520Snw141292 * status - Status code returned by libidmap API call 15514520Snw141292 * 15524520Snw141292 * Return Value: 15534520Snw141292 * human-readable localized description of idmap_stat 15544520Snw141292 */ 15554520Snw141292 /* ARGSUSED */ 15564520Snw141292 const char * 15574520Snw141292 idmap_stat2string(idmap_handle_t *handle, idmap_stat status) { 15584520Snw141292 int i; 15594520Snw141292 15604520Snw141292 for (i = 0; stattable[i].msg; i++) { 15614520Snw141292 if (stattable[i].retcode == status) 15624526Sbaban return (gettext(stattable[i].msg)); 15634520Snw141292 } 15644520Snw141292 return (gettext("Unknown error")); 15654520Snw141292 } 15664520Snw141292 15674520Snw141292 15684520Snw141292 static int 15694520Snw141292 idmap_stat2errno(idmap_stat stat) { 15704520Snw141292 int i; 15714520Snw141292 for (i = 0; stattable[i].msg; i++) { 15724520Snw141292 if (stattable[i].retcode == stat) 15734520Snw141292 return (stattable[i].errnum); 15744520Snw141292 } 15754520Snw141292 return (EINVAL); 15764520Snw141292 } 15774520Snw141292 15784520Snw141292 15794520Snw141292 /* 15804520Snw141292 * Get status code from string 15814520Snw141292 */ 15824520Snw141292 idmap_stat 15834520Snw141292 idmap_string2stat(const char *str) { 15844520Snw141292 if (str == NULL) 15854520Snw141292 return (IDMAP_ERR_INTERNAL); 15864520Snw141292 15874520Snw141292 #define return_cmp(a) \ 15884520Snw141292 if (0 == strcmp(str, "IDMAP_ERR_" #a)) \ 15894520Snw141292 return (IDMAP_ERR_ ## a); 15904520Snw141292 15914520Snw141292 return_cmp(OTHER); 15924520Snw141292 return_cmp(INTERNAL); 15934520Snw141292 return_cmp(MEMORY); 15944520Snw141292 return_cmp(NORESULT); 15954520Snw141292 return_cmp(NOTUSER); 15964520Snw141292 return_cmp(NOTGROUP); 15974520Snw141292 return_cmp(NOTSUPPORTED); 15984520Snw141292 return_cmp(W2U_NAMERULE); 15994520Snw141292 return_cmp(U2W_NAMERULE); 16004520Snw141292 return_cmp(CACHE); 16014520Snw141292 return_cmp(DB); 16024520Snw141292 return_cmp(ARG); 16034520Snw141292 return_cmp(SID); 16044520Snw141292 return_cmp(IDTYPE); 16054520Snw141292 return_cmp(RPC_HANDLE); 16064520Snw141292 return_cmp(RPC); 16074520Snw141292 return_cmp(CLIENT_HANDLE); 16084520Snw141292 return_cmp(BUSY); 16094520Snw141292 return_cmp(PERMISSION_DENIED); 16104520Snw141292 return_cmp(NOMAPPING); 16114520Snw141292 return_cmp(NEW_ID_ALLOC_REQD); 16124520Snw141292 return_cmp(DOMAIN); 16134520Snw141292 return_cmp(SECURITY); 16144520Snw141292 return_cmp(NOTFOUND); 16154520Snw141292 return_cmp(DOMAIN_NOTFOUND); 16164520Snw141292 return_cmp(MEMORY); 16174520Snw141292 return_cmp(UPDATE_NOTALLOWED); 16184520Snw141292 return_cmp(CFG); 16194520Snw141292 return_cmp(CFG_CHANGE); 16204520Snw141292 return_cmp(NOTMAPPED_WELLKNOWN); 16214520Snw141292 return_cmp(RETRIABLE_NET_ERR); 16224864Sbaban return_cmp(W2U_NAMERULE_CONFLICT); 16234864Sbaban return_cmp(U2W_NAMERULE_CONFLICT); 16244520Snw141292 #undef return_cmp 16254520Snw141292 16264520Snw141292 return (IDMAP_ERR_OTHER); 16274520Snw141292 } 16284520Snw141292 16294520Snw141292 16304520Snw141292 /* 16314520Snw141292 * Map the given status to one that can be returned by the protocol 16324520Snw141292 */ 16334520Snw141292 idmap_stat 16344520Snw141292 idmap_stat4prot(idmap_stat status) { 16354520Snw141292 switch (status) { 16364520Snw141292 case IDMAP_ERR_MEMORY: 16374520Snw141292 case IDMAP_ERR_CACHE: 16384520Snw141292 return (IDMAP_ERR_INTERNAL); 16394520Snw141292 } 16404520Snw141292 return (status); 16414520Snw141292 } 1642*5043Sbaban 1643*5043Sbaban 1644*5043Sbaban /* 1645*5043Sbaban * Get uid given Windows name 1646*5043Sbaban */ 1647*5043Sbaban idmap_stat 1648*5043Sbaban idmap_getuidbywinname(const char *name, const char *domain, uid_t *uid) { 1649*5043Sbaban idmap_handle_t *ih; 1650*5043Sbaban idmap_retcode rc; 1651*5043Sbaban int is_user; 1652*5043Sbaban 1653*5043Sbaban if (uid == NULL) 1654*5043Sbaban return (IDMAP_ERR_ARG); 1655*5043Sbaban 1656*5043Sbaban /* Get mapping */ 1657*5043Sbaban if ((rc = idmap_init(&ih)) != IDMAP_SUCCESS) 1658*5043Sbaban return (rc); 1659*5043Sbaban rc = idmap_get_w2u_mapping(ih, NULL, NULL, name, domain, 0, 1660*5043Sbaban &is_user, uid, NULL, NULL); 1661*5043Sbaban (void) idmap_fini(ih); 1662*5043Sbaban 1663*5043Sbaban /* 1664*5043Sbaban * XXX Until we have diagonal mapping support, check if 1665*5043Sbaban * the given name belongs to a user 1666*5043Sbaban */ 1667*5043Sbaban if (rc == IDMAP_SUCCESS && !is_user) 1668*5043Sbaban return (IDMAP_ERR_NOTUSER); 1669*5043Sbaban return (rc); 1670*5043Sbaban } 1671*5043Sbaban 1672*5043Sbaban 1673*5043Sbaban /* 1674*5043Sbaban * Get gid given Windows name 1675*5043Sbaban */ 1676*5043Sbaban idmap_stat 1677*5043Sbaban idmap_getgidbywinname(const char *name, const char *domain, gid_t *gid) { 1678*5043Sbaban idmap_handle_t *ih; 1679*5043Sbaban idmap_retcode rc; 1680*5043Sbaban int is_user; 1681*5043Sbaban 1682*5043Sbaban if (gid == NULL) 1683*5043Sbaban return (IDMAP_ERR_ARG); 1684*5043Sbaban 1685*5043Sbaban /* Get mapping */ 1686*5043Sbaban if ((rc = idmap_init(&ih)) != IDMAP_SUCCESS) 1687*5043Sbaban return (rc); 1688*5043Sbaban rc = idmap_get_w2u_mapping(ih, NULL, NULL, name, domain, 0, 1689*5043Sbaban &is_user, gid, NULL, NULL); 1690*5043Sbaban (void) idmap_fini(ih); 1691*5043Sbaban 1692*5043Sbaban /* 1693*5043Sbaban * XXX Until we have diagonal mapping support, check if 1694*5043Sbaban * the given name belongs to a group 1695*5043Sbaban */ 1696*5043Sbaban if (rc == IDMAP_SUCCESS && is_user) 1697*5043Sbaban return (IDMAP_ERR_NOTGROUP); 1698*5043Sbaban return (rc); 1699*5043Sbaban } 1700*5043Sbaban 1701*5043Sbaban 1702*5043Sbaban /* 1703*5043Sbaban * Get winname given pid 1704*5043Sbaban */ 1705*5043Sbaban static idmap_retcode 1706*5043Sbaban idmap_getwinnamebypid(uid_t pid, int is_user, char **name, char **domain) { 1707*5043Sbaban idmap_handle_t *ih; 1708*5043Sbaban idmap_retcode rc; 1709*5043Sbaban int len; 1710*5043Sbaban char *winname, *windomain; 1711*5043Sbaban 1712*5043Sbaban if (name == NULL) 1713*5043Sbaban return (IDMAP_ERR_ARG); 1714*5043Sbaban 1715*5043Sbaban /* Get mapping */ 1716*5043Sbaban if ((rc = idmap_init(&ih)) != IDMAP_SUCCESS) 1717*5043Sbaban return (rc); 1718*5043Sbaban rc = idmap_get_u2w_mapping(ih, &pid, NULL, 0, is_user, NULL, 1719*5043Sbaban NULL, &winname, &windomain, NULL); 1720*5043Sbaban (void) idmap_fini(ih); 1721*5043Sbaban 1722*5043Sbaban /* Return on error */ 1723*5043Sbaban if (rc != IDMAP_SUCCESS) 1724*5043Sbaban return (rc); 1725*5043Sbaban 1726*5043Sbaban /* 1727*5043Sbaban * The given PID may have been mapped to a locally 1728*5043Sbaban * generated SID in which case there isn't any 1729*5043Sbaban * Windows name 1730*5043Sbaban */ 1731*5043Sbaban if (winname == NULL || windomain == NULL) { 1732*5043Sbaban idmap_free(winname); 1733*5043Sbaban idmap_free(windomain); 1734*5043Sbaban return (IDMAP_ERR_NORESULT); 1735*5043Sbaban } 1736*5043Sbaban 1737*5043Sbaban if (domain != NULL) { 1738*5043Sbaban *name = winname; 1739*5043Sbaban *domain = windomain; 1740*5043Sbaban } else { 1741*5043Sbaban len = strlen(winname) + strlen(windomain) + 2; 1742*5043Sbaban if ((*name = malloc(len)) != NULL) 1743*5043Sbaban (void) snprintf(*name, len, "%s@%s", winname, 1744*5043Sbaban windomain); 1745*5043Sbaban else 1746*5043Sbaban rc = IDMAP_ERR_MEMORY; 1747*5043Sbaban idmap_free(winname); 1748*5043Sbaban idmap_free(windomain); 1749*5043Sbaban } 1750*5043Sbaban return (rc); 1751*5043Sbaban } 1752*5043Sbaban 1753*5043Sbaban 1754*5043Sbaban /* 1755*5043Sbaban * Get winname given uid 1756*5043Sbaban */ 1757*5043Sbaban idmap_stat 1758*5043Sbaban idmap_getwinnamebyuid(uid_t uid, char **name, char **domain) { 1759*5043Sbaban return (idmap_getwinnamebypid(uid, 1, name, domain)); 1760*5043Sbaban } 1761*5043Sbaban 1762*5043Sbaban 1763*5043Sbaban /* 1764*5043Sbaban * Get winname given gid 1765*5043Sbaban */ 1766*5043Sbaban idmap_stat 1767*5043Sbaban idmap_getwinnamebygid(gid_t gid, char **name, char **domain) { 1768*5043Sbaban return (idmap_getwinnamebypid(gid, 0, name, domain)); 1769*5043Sbaban } 1770