#undef DBGC_CLASS
#define DBGC_CLASS DBGC_IDMAP
-/*****************************************************************
- Returns the SID mapped to the given UID.
- If mapping is not possible returns an error.
-*****************************************************************/
-
-NTSTATUS idmap_uid_to_sid(struct dom_sid *sid, uid_t uid)
-{
- NTSTATUS ret;
- struct id_map map;
- bool expired;
-
- DEBUG(10, ("idmap_uid_to_sid: uid = [%lu]\n", (unsigned long)uid));
-
- if (winbindd_use_idmap_cache()
- && idmap_cache_find_uid2sid(uid, sid, &expired)) {
- DEBUG(10, ("idmap_cache_find_uid2sid found %u%s\n",
- (unsigned int)uid,
- expired ? " (expired)": ""));
- if (expired && idmap_is_online()) {
- DEBUG(10, ("revalidating expired entry\n"));
- goto backend;
- }
- if (is_null_sid(sid)) {
- DEBUG(10, ("Returning negative cache entry\n"));
- return NT_STATUS_NONE_MAPPED;
- }
- DEBUG(10, ("Returning positive cache entry\n"));
- return NT_STATUS_OK;
- }
-
-backend:
- ZERO_STRUCT(map);
- map.sid = sid;
- map.xid.type = ID_TYPE_UID;
- map.xid.id = uid;
-
- ret = idmap_backends_unixid_to_sid(&map);
- if ( ! NT_STATUS_IS_OK(ret)) {
- DEBUG(10, ("error mapping uid [%lu]: %s\n", (unsigned long)uid,
- nt_errstr(ret)));
- map.status = ID_UNMAPPED;
- }
-
- if (map.status != ID_MAPPED) {
- if (winbindd_use_idmap_cache()) {
- struct dom_sid null_sid;
- struct unixid id;
- id.type = ID_TYPE_UID;
- id.id = uid;
- ZERO_STRUCT(null_sid);
- idmap_cache_set_sid2unixid(&null_sid, &id);
- }
- DEBUG(10, ("uid [%lu] not mapped\n", (unsigned long)uid));
- return NT_STATUS_NONE_MAPPED;
- }
-
- if (winbindd_use_idmap_cache()) {
- idmap_cache_set_sid2unixid(sid, &map.xid);
- }
-
- return NT_STATUS_OK;
-}
-
-/*****************************************************************
- Returns SID mapped to the given GID.
- If mapping is not possible returns an error.
-*****************************************************************/
-
-NTSTATUS idmap_gid_to_sid(struct dom_sid *sid, gid_t gid)
-{
- NTSTATUS ret;
- struct id_map map;
- bool expired;
-
- DEBUG(10, ("idmap_gid_to_sid: gid = [%lu]\n", (unsigned long)gid));
-
- if (winbindd_use_idmap_cache()
- && idmap_cache_find_gid2sid(gid, sid, &expired)) {
- DEBUG(10, ("idmap_cache_find_gid2sid found %u%s\n",
- (unsigned int)gid,
- expired ? " (expired)": ""));
- if (expired && idmap_is_online()) {
- DEBUG(10, ("revalidating expired entry\n"));
- goto backend;
- }
- if (is_null_sid(sid)) {
- DEBUG(10, ("Returning negative cache entry\n"));
- return NT_STATUS_NONE_MAPPED;
- }
- DEBUG(10, ("Returning positive cache entry\n"));
- return NT_STATUS_OK;
- }
-
-backend:
- ZERO_STRUCT(map);
- map.sid = sid;
- map.xid.type = ID_TYPE_GID;
- map.xid.id = gid;
-
- ret = idmap_backends_unixid_to_sid(&map);
- if ( ! NT_STATUS_IS_OK(ret)) {
- DEBUG(10, ("error mapping gid [%lu]: %s\n", (unsigned long)gid,
- nt_errstr(ret)));
- map.status = ID_UNMAPPED;
- }
-
- if (map.status != ID_MAPPED) {
- if (winbindd_use_idmap_cache()) {
- struct dom_sid null_sid;
- struct unixid id;
- id.type = ID_TYPE_GID;
- id.id = gid;
- ZERO_STRUCT(null_sid);
- idmap_cache_set_sid2unixid(&null_sid, &id);
- }
- DEBUG(10, ("gid [%lu] not mapped\n", (unsigned long)gid));
- return NT_STATUS_NONE_MAPPED;
- }
-
- if (winbindd_use_idmap_cache()) {
- idmap_cache_set_sid2unixid(sid, &map.xid);
- }
-
- return NT_STATUS_OK;
-}
-
/**
* check whether a given unix id is inside the filter range of an idmap domain
*/
projects / thirdparty / samba.git / commitdiff
