sss_idmap.c revision 47b326af8e662b215139d55e6d52f2b6066fc6df
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/*
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose SSSD
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ID-mapping library
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose Authors:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose Sumit Bose <sbose@redhat.com>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose Copyright (C) 2012 Red Hat
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose This program is free software; you can redistribute it and/or modify
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose it under the terms of the GNU General Public License as published by
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose the Free Software Foundation; either version 3 of the License, or
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose (at your option) any later version.
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose This program is distributed in the hope that it will be useful,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose but WITHOUT ANY WARRANTY; without even the implied warranty of
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose GNU General Public License for more details.
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose You should have received a copy of the GNU General Public License
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose along with this program. If not, see <http://www.gnu.org/licenses/>.
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose*/
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#include <string.h>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#include <stdio.h>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#include <errno.h>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#include "lib/idmap/sss_idmap.h"
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose#include "lib/idmap/sss_idmap_private.h"
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek#include "util/murmurhash3.h"
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#define SID_FMT "%s-%d"
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#define SID_STR_MAX_LEN 1024
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosestruct idmap_domain_info {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose char *name;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose char *sid;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct sss_idmap_range *range;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct idmap_domain_info *next;
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose uint32_t first_rid;
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose char *range_id;
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose bool external_mapping;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose};
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosestatic void *default_alloc(size_t size, void *pvt)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return malloc(size);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosestatic void default_free(void *ptr, void *pvt)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose free(ptr);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosestatic char *idmap_strdup(struct sss_idmap_ctx *ctx, const char *str)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose char *new = NULL;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose size_t len;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose CHECK_IDMAP_CTX(ctx, NULL);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose len = strlen(str) + 1;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose new = ctx->alloc_func(len, ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (new == NULL) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return NULL;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose memcpy(new, str, len);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return new;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosestatic struct sss_idmap_range *idmap_range_dup(struct sss_idmap_ctx *ctx,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct sss_idmap_range *range)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct sss_idmap_range *new = NULL;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose CHECK_IDMAP_CTX(ctx, NULL);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose new = ctx->alloc_func(sizeof(struct sss_idmap_range), ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (new == NULL) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return NULL;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose memset(new, 0, sizeof(struct sss_idmap_range));
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose new->min = range->min;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose new->max = range->max;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return new;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bosestatic bool id_is_in_range(uint32_t id, struct idmap_domain_info *dom,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose uint32_t *rid)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose if (id == 0 || dom == NULL || dom->range == NULL) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return false;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose if (id >= dom->range->min && id <= dom->range->max) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (rid != NULL) {
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose *rid = dom->first_rid + (id - dom->range->min);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return true;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return false;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseconst char *idmap_error_string(enum idmap_error_code err)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose switch (err) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose case IDMAP_SUCCESS:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return "IDMAP operation successful";
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose break;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose case IDMAP_NOT_IMPLEMENTED:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return "IDMAP Function is not yet implemented";
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose break;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose case IDMAP_ERROR:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return "IDMAP general error";
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose break;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose case IDMAP_OUT_OF_MEMORY:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return "IDMAP operation ran out of memory";
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose break;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose case IDMAP_NO_DOMAIN:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return "IDMAP domain not found";
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose break;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose case IDMAP_CONTEXT_INVALID:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return "IDMAP context is invalid";
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose break;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose case IDMAP_SID_INVALID:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return "IDMAP SID is invalid";
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose break;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose case IDMAP_SID_UNKNOWN:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return "IDMAP SID not found";
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose break;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose case IDMAP_NO_RANGE:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return "IDMAP range not found";
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose default:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return "IDMAP unknown error code";
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosebool is_domain_sid(const char *sid)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose const char *p;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose long long a;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose char *endptr;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose size_t c;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (sid == NULL || strncmp(sid, DOM_SID_PREFIX, DOM_SID_PREFIX_LEN) != 0) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return false;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose p = sid + DOM_SID_PREFIX_LEN;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose c = 0;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose do {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose errno = 0;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose a = strtoull(p, &endptr, 10);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (errno != 0 || a > UINT32_MAX) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return false;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (*endptr == '-') {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose p = endptr + 1;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose } else if (*endptr != '\0') {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return false;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose c++;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose } while(c < 3 && *endptr != '\0');
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (c != 3 || *endptr != '\0') {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return false;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return true;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseenum idmap_error_code sss_idmap_init(idmap_alloc_func *alloc_func,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose void *alloc_pvt,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose idmap_free_func *free_func,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct sss_idmap_ctx **_ctx)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct sss_idmap_ctx *ctx;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (alloc_func == NULL) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose alloc_func = default_alloc;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx = alloc_func(sizeof(struct sss_idmap_ctx), alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (ctx == NULL) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_OUT_OF_MEMORY;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose memset(ctx, 0, sizeof(struct sss_idmap_ctx));
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->alloc_func = alloc_func;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->alloc_pvt = alloc_pvt;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->free_func = (free_func == NULL) ? default_free : free_func;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek /* Set default values. */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek ctx->idmap_opts.autorid_mode = SSS_IDMAP_DEFAULT_AUTORID;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek ctx->idmap_opts.idmap_lower = SSS_IDMAP_DEFAULT_LOWER;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek ctx->idmap_opts.idmap_upper = SSS_IDMAP_DEFAULT_UPPER;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek ctx->idmap_opts.rangesize = SSS_IDMAP_DEFAULT_RANGESIZE;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *_ctx = ctx;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_SUCCESS;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseenum idmap_error_code sss_idmap_free(struct sss_idmap_ctx *ctx)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct idmap_domain_info *dom;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct idmap_domain_info *next;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose next = ctx->idmap_domain_info;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose while (next) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose dom = next;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose next = dom->next;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->free_func(dom->range, ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->free_func(dom->name, ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->free_func(dom->sid, ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->free_func(dom, ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->free_func(ctx, ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_SUCCESS;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code sss_idmap_calculate_range(struct sss_idmap_ctx *ctx,
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek const char *dom_sid,
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek id_t *slice_num,
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek struct sss_idmap_range *_range)
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek{
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek id_t max_slices;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek id_t orig_slice;
11fd679eb2edabd139c9016e2b7d2085ca3aac5dOndrej Kos id_t new_slice = 0;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek id_t min;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek id_t max;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek id_t idmap_lower;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek id_t idmap_upper;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek id_t rangesize;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek bool autorid_mode;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek uint32_t hash_val;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek struct idmap_domain_info *dom;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek idmap_lower = ctx->idmap_opts.idmap_lower;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek idmap_upper = ctx->idmap_opts.idmap_upper;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek rangesize = ctx->idmap_opts.rangesize;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek autorid_mode = ctx->idmap_opts.autorid_mode;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek max_slices = (idmap_upper - idmap_lower) / rangesize;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek if (slice_num && *slice_num != -1) {
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek /* The slice is being set explicitly.
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * This may happen at system startup when we're loading
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * previously-determined slices. In the future, we may also
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * permit configuration to select the slice for a domain
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * explicitly.
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek new_slice = *slice_num;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek } else {
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek /* If slice is -1, we're being asked to pick a new slice */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek if (autorid_mode) {
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek /* In autorid compatibility mode, always start at 0 and find the
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * first free value.
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek orig_slice = 0;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek } else {
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek /* Hash the domain sid string */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek hash_val = murmurhash3(dom_sid, strlen(dom_sid), 0xdeadbeef);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek /* Now get take the modulus of the hash val and the max_slices
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * to determine its optimal position in the range.
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek new_slice = hash_val % max_slices;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek orig_slice = new_slice;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek }
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek min = (rangesize * new_slice) + idmap_lower;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek max = min + rangesize;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek /* Verify that this slice is not already in use */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek do {
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek for (dom = ctx->idmap_domain_info; dom != NULL; dom = dom->next) {
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek if ((dom->range->min <= min && dom->range->max >= max) ||
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek (dom->range->min >= min && dom->range->min <= max) ||
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek (dom->range->max >= min && dom->range->max <= max)) {
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek /* This range overlaps one already registered
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * We'll try the next available slot
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek new_slice++;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek if (new_slice >= max_slices) {
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek /* loop around to the beginning if necessary */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek new_slice = 0;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek }
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek min = (rangesize * new_slice) + idmap_lower;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek max = min + rangesize;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek break;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek }
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek }
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek /* Keep trying until dom is NULL (meaning we got to the end
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * without matching) or we have run out of slices and gotten
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * back to the first one we tried.
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek } while (dom && new_slice != orig_slice);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek if (dom) {
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek /* We looped all the way through and found no empty slots */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek return IDMAP_OUT_OF_SLICES;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek }
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek }
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek _range->min = (rangesize * new_slice) + idmap_lower;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek _range->max = _range->min + rangesize;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek if (slice_num) {
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *slice_num = new_slice;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek }
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek return IDMAP_SUCCESS;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek}
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bosestatic enum idmap_error_code dom_check_collision(
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose struct idmap_domain_info *dom_list,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose struct idmap_domain_info *new_dom)
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose{
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose struct idmap_domain_info *dom;
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose bool names_equal;
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose bool sids_equal;
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose for (dom = dom_list; dom != NULL; dom = dom->next) {
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose /* TODO: if both ranges have the same ID check if an update is
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose * needed. */
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose /* check if ID ranges overlap */
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose if ((new_dom->range->min >= dom->range->min
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose && new_dom->range->min <= dom->range->max)
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose || (new_dom->range->max >= dom->range->min
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose && new_dom->range->max <= dom->range->max)) {
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose return IDMAP_COLLISION;
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose }
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose names_equal = (strcasecmp(new_dom->name, dom->name) == 0);
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose sids_equal = ((new_dom->sid == NULL && dom->sid == NULL)
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose || (new_dom->sid != NULL && dom->sid != NULL
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose && strcasecmp(new_dom->sid, dom->sid) == 0));
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose /* check if domain name and SID are consistent */
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if ((names_equal && !sids_equal) || (!names_equal && sids_equal)) {
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose return IDMAP_COLLISION;
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose }
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose /* check if external_mapping is consistent */
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if (names_equal && sids_equal
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose && new_dom->external_mapping != dom->external_mapping) {
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose return IDMAP_COLLISION;
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose }
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose /* check if RID ranges overlap */
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if (names_equal && sids_equal
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose && new_dom->external_mapping == false
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose && new_dom->first_rid >= dom->first_rid
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose && new_dom->first_rid <=
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose dom->first_rid + (dom->range->max - dom->range->min)) {
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose return IDMAP_COLLISION;
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose }
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose }
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose return IDMAP_SUCCESS;
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose}
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Boseenum idmap_error_code sss_idmap_add_domain_ex(struct sss_idmap_ctx *ctx,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose const char *domain_name,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose const char *domain_sid,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose struct sss_idmap_range *range,
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose const char *range_id,
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose uint32_t rid,
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose bool external_mapping)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct idmap_domain_info *dom = NULL;
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose enum idmap_error_code err;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (domain_name == NULL) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_NO_DOMAIN;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (range == NULL) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_NO_RANGE;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose /* For algorithmic mapping a valid domain SID is required, for external
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose * mapping it may be NULL, but if set it should be valid. */
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if ((!external_mapping && !is_domain_sid(domain_sid))
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose || (external_mapping
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose && domain_sid != NULL
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose && !is_domain_sid(domain_sid))) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_SID_INVALID;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose dom = ctx->alloc_func(sizeof(struct idmap_domain_info), ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (dom == NULL) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_OUT_OF_MEMORY;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose memset(dom, 0, sizeof(struct idmap_domain_info));
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose dom->name = idmap_strdup(ctx, domain_name);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (dom->name == NULL) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose goto fail;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if (domain_sid != NULL) {
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose dom->sid = idmap_strdup(ctx, domain_sid);
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if (dom->sid == NULL) {
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose goto fail;
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose dom->range = idmap_range_dup(ctx, range);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (dom->range == NULL) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose goto fail;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose if (range_id != NULL) {
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose dom->range_id = idmap_strdup(ctx, range_id);
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose if (dom->range_id == NULL) {
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose goto fail;
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose }
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose }
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose dom->first_rid = rid;
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose dom->external_mapping = external_mapping;
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose err = dom_check_collision(ctx->idmap_domain_info, dom);
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose if (err != IDMAP_SUCCESS) {
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose ctx->free_func(dom, ctx->alloc_pvt);
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose return err;
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose }
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose dom->next = ctx->idmap_domain_info;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->idmap_domain_info = dom;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_SUCCESS;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosefail:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->free_func(dom->sid, ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->free_func(dom->name, ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->free_func(dom, ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_OUT_OF_MEMORY;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Boseenum idmap_error_code sss_idmap_add_domain(struct sss_idmap_ctx *ctx,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose const char *domain_name,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose const char *domain_sid,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose struct sss_idmap_range *range)
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose{
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose return sss_idmap_add_domain_ex(ctx, domain_name, domain_sid, range, NULL,
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose 0, false);
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose}
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidekstatic bool sss_idmap_sid_is_builtin(const char *sid)
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek{
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek if (strncmp(sid, "S-1-5-32-", 9) == 0) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek return true;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek }
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek return false;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek}
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseenum idmap_error_code sss_idmap_sid_to_unix(struct sss_idmap_ctx *ctx,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose const char *sid,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose uint32_t *_id)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct idmap_domain_info *idmap_domain_info;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose size_t dom_len;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose long long rid;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose char *endptr;
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose uint32_t id;
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose bool no_range = false;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose if (sid == NULL || _id == NULL) {
bd0baea783295bd22aeabdd7f4ce3aa31eb6144dMichal Zidek return IDMAP_ERROR;
bd0baea783295bd22aeabdd7f4ce3aa31eb6144dMichal Zidek }
bd0baea783295bd22aeabdd7f4ce3aa31eb6144dMichal Zidek
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose idmap_domain_info = ctx->idmap_domain_info;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
bd0baea783295bd22aeabdd7f4ce3aa31eb6144dMichal Zidek if (sss_idmap_sid_is_builtin(sid)) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek return IDMAP_BUILTIN_SID;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek }
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose while (idmap_domain_info != NULL) {
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if (idmap_domain_info->sid != NULL) {
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose dom_len = strlen(idmap_domain_info->sid);
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if (strlen(sid) > dom_len && sid[dom_len] == '-'
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose && strncmp(sid, idmap_domain_info->sid, dom_len) == 0) {
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if (idmap_domain_info->external_mapping == true) {
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose return IDMAP_EXTERNAL;
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose }
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose errno = 0;
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose rid = strtoull(sid + dom_len + 1, &endptr, 10);
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if (errno != 0 || rid > UINT32_MAX || *endptr != '\0') {
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose return IDMAP_SID_INVALID;
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if (rid >= idmap_domain_info->first_rid) {
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose id = idmap_domain_info->range->min
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose + (rid - idmap_domain_info->first_rid);
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if (id <= idmap_domain_info->range->max) {
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose *_id = id;
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose return IDMAP_SUCCESS;
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose }
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose no_range = true;
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose idmap_domain_info = idmap_domain_info->next;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose return no_range ? IDMAP_NO_RANGE : IDMAP_NO_DOMAIN;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseenum idmap_error_code sss_idmap_unix_to_sid(struct sss_idmap_ctx *ctx,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose uint32_t id,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose char **_sid)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct idmap_domain_info *idmap_domain_info;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose int len;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose int ret;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose uint32_t rid;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose char *sid = NULL;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose idmap_domain_info = ctx->idmap_domain_info;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose while (idmap_domain_info != NULL) {
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose if (id_is_in_range(id, idmap_domain_info, &rid)) {
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose if (idmap_domain_info->external_mapping == true
47b326af8e662b215139d55e6d52f2b6066fc6dfSumit Bose || idmap_domain_info->sid == NULL) {
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose return IDMAP_EXTERNAL;
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose }
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose len = snprintf(NULL, 0, SID_FMT, idmap_domain_info->sid, rid);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (len <= 0 || len > SID_STR_MAX_LEN) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_ERROR;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose sid = ctx->alloc_func(len + 1, ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (sid == NULL) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_OUT_OF_MEMORY;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ret = snprintf(sid, len + 1, SID_FMT, idmap_domain_info->sid, rid);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose if (ret != len) {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ctx->free_func(sid, ctx->alloc_pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_ERROR;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *_sid = sid;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_SUCCESS;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose idmap_domain_info = idmap_domain_info->next;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose }
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose return IDMAP_NO_DOMAIN;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose}
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_dom_sid_to_unix(struct sss_idmap_ctx *ctx,
c51a204a40b8f85f7f525edb3e24520916d8b9c7Sumit Bose struct sss_dom_sid *dom_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint32_t *id)
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose{
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose enum idmap_error_code err;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose char *sid;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose err = sss_idmap_dom_sid_to_sid(ctx, dom_sid, &sid);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose if (err != IDMAP_SUCCESS) {
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose goto done;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose }
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose err = sss_idmap_sid_to_unix(ctx, sid, id);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bosedone:
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose ctx->free_func(sid, ctx->alloc_pvt);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose return err;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose}
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_bin_sid_to_unix(struct sss_idmap_ctx *ctx,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint8_t *bin_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose size_t length,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint32_t *id)
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose{
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose enum idmap_error_code err;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose char *sid;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose err = sss_idmap_bin_sid_to_sid(ctx, bin_sid, length, &sid);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose if (err != IDMAP_SUCCESS) {
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose goto done;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose }
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose err = sss_idmap_sid_to_unix(ctx, sid, id);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bosedone:
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose ctx->free_func(sid, ctx->alloc_pvt);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose return err;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose}
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Boseenum idmap_error_code sss_idmap_smb_sid_to_unix(struct sss_idmap_ctx *ctx,
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose struct dom_sid *smb_sid,
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose uint32_t *id)
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose{
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose enum idmap_error_code err;
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose char *sid;
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose err = sss_idmap_smb_sid_to_sid(ctx, smb_sid, &sid);
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose if (err != IDMAP_SUCCESS) {
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose goto done;
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose }
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose err = sss_idmap_sid_to_unix(ctx, sid, id);
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bosedone:
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose ctx->free_func(sid, ctx->alloc_pvt);
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose return err;
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose}
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_unix_to_dom_sid(struct sss_idmap_ctx *ctx,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint32_t id,
c51a204a40b8f85f7f525edb3e24520916d8b9c7Sumit Bose struct sss_dom_sid **_dom_sid)
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose{
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose enum idmap_error_code err;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose char *sid = NULL;
c51a204a40b8f85f7f525edb3e24520916d8b9c7Sumit Bose struct sss_dom_sid *dom_sid = NULL;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose err = sss_idmap_unix_to_sid(ctx, id, &sid);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose if (err != IDMAP_SUCCESS) {
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose goto done;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose }
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose err = sss_idmap_sid_to_dom_sid(ctx, sid, &dom_sid);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose if (err != IDMAP_SUCCESS) {
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose goto done;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose }
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *_dom_sid = dom_sid;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose err = IDMAP_SUCCESS;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bosedone:
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose ctx->free_func(sid, ctx->alloc_pvt);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose if (err != IDMAP_SUCCESS) {
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose ctx->free_func(dom_sid, ctx->alloc_pvt);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose }
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose return err;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose}
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_unix_to_bin_sid(struct sss_idmap_ctx *ctx,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint32_t id,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint8_t **_bin_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose size_t *_length)
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose{
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose enum idmap_error_code err;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose char *sid = NULL;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint8_t *bin_sid = NULL;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose size_t length;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose err = sss_idmap_unix_to_sid(ctx, id, &sid);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose if (err != IDMAP_SUCCESS) {
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose goto done;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose }
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose err = sss_idmap_sid_to_bin_sid(ctx, sid, &bin_sid, &length);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose if (err != IDMAP_SUCCESS) {
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose goto done;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose }
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *_bin_sid = bin_sid;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *_length = length;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose err = IDMAP_SUCCESS;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bosedone:
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose ctx->free_func(sid, ctx->alloc_pvt);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose if (err != IDMAP_SUCCESS) {
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose ctx->free_func(bin_sid, ctx->alloc_pvt);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose }
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose return err;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose}
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_set_autorid(struct sss_idmap_ctx *ctx, bool use_autorid)
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek{
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek ctx->idmap_opts.autorid_mode = use_autorid;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek return IDMAP_SUCCESS;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek}
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_set_lower(struct sss_idmap_ctx *ctx, id_t lower)
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek{
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek ctx->idmap_opts.idmap_lower = lower;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek return IDMAP_SUCCESS;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek}
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_set_upper(struct sss_idmap_ctx *ctx, id_t upper)
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek{
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek ctx->idmap_opts.idmap_upper = upper;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek return IDMAP_SUCCESS;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek}
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_set_rangesize(struct sss_idmap_ctx *ctx, id_t rangesize)
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek{
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek ctx->idmap_opts.rangesize = rangesize;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek return IDMAP_SUCCESS;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek}
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_get_autorid(struct sss_idmap_ctx *ctx, bool *_autorid)
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek{
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *_autorid = ctx->idmap_opts.autorid_mode;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek return IDMAP_SUCCESS;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek}
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_get_lower(struct sss_idmap_ctx *ctx, id_t *_lower)
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek{
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *_lower = ctx->idmap_opts.idmap_lower;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek return IDMAP_SUCCESS;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek}
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_get_upper(struct sss_idmap_ctx *ctx, id_t *_upper)
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek{
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *_upper = ctx->idmap_opts.idmap_upper;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek return IDMAP_SUCCESS;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek}
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_get_rangesize(struct sss_idmap_ctx *ctx, id_t *_rangesize)
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek{
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *_rangesize = ctx->idmap_opts.rangesize;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek return IDMAP_SUCCESS;
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek}