a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/*
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose SSSD
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose ID-mapping library
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose Authors:
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose Sumit Bose <sbose@redhat.com>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose Copyright (C) 2012 Red Hat
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose This program is free software; you can redistribute it and/or modify
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose it under the terms of the GNU General Public License as published by
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose the Free Software Foundation; either version 3 of the License, or
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose (at your option) any later version.
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose This program is distributed in the hope that it will be useful,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose but WITHOUT ANY WARRANTY; without even the implied warranty of
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose GNU General Public License for more details.
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose You should have received a copy of the GNU General Public License
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose along with this program. If not, see <http://www.gnu.org/licenses/>.
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose*/
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#ifndef SSS_IDMAP_H_
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#define SSS_IDMAP_H_
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#include <stdlib.h>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#include <stdint.h>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#include <stdbool.h>
546f1e38fa7ec1d86dd44117dda45f456fb00d39Lukas Slebodnik#include <sys/types.h>
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
45f75fc8e98092fa48faa3d180fd42f7efd51486Stephen Gallagher#define DOM_SID_PREFIX "S-1-5-21-"
45f75fc8e98092fa48faa3d180fd42f7efd51486Stephen Gallagher#define DOM_SID_PREFIX_LEN (sizeof(DOM_SID_PREFIX) - 1)
45f75fc8e98092fa48faa3d180fd42f7efd51486Stephen Gallagher
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @defgroup sss_idmap Map Unix UIDs and GIDs to SIDs and back
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * Libsss_idmap provides a mechanism to translate a SID to a UNIX UID or GID
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * or the other way round.
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @{
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * Error codes used by libsss_idmap
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseenum idmap_error_code {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose /** Success */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose IDMAP_SUCCESS = 0,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose /** Function is not yet implemented */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose IDMAP_NOT_IMPLEMENTED,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose /** General error */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose IDMAP_ERROR,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose /** Ran out of memory during processing */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose IDMAP_OUT_OF_MEMORY,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose /** No domain added */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose IDMAP_NO_DOMAIN,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose /** The provided idmap context is invalid */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose IDMAP_CONTEXT_INVALID,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose /** The provided SID is invalid */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose IDMAP_SID_INVALID,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose /** The provided SID was not found */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose IDMAP_SID_UNKNOWN,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose /** The provided UID or GID could not be mapped */
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek IDMAP_NO_RANGE,
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek /** The provided SID is a built-in one */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek IDMAP_BUILTIN_SID,
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
504902d12a1ea1d3774bacd9a35efd9cecd5f9c2Sumit Bose /** No more free slices */
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose IDMAP_OUT_OF_SLICES,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose /** New domain collides with existing one */
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose IDMAP_COLLISION,
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose /** External source should be consulted for idmapping */
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose IDMAP_EXTERNAL,
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose /** The provided name was not found */
c377d4d604f1e7b35c484711f1084b7a761772b6Sumit Bose IDMAP_NAME_UNKNOWN,
c377d4d604f1e7b35c484711f1084b7a761772b6Sumit Bose
c377d4d604f1e7b35c484711f1084b7a761772b6Sumit Bose /** Sentinel to indicate the end of the error code list, not returned by
c377d4d604f1e7b35c484711f1084b7a761772b6Sumit Bose * any call */
c377d4d604f1e7b35c484711f1084b7a761772b6Sumit Bose IDMAP_ERR_LAST
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose};
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * Typedef for memory allocation functions
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosetypedef void *(idmap_alloc_func)(size_t size, void *pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosetypedef void (idmap_free_func)(void *ptr, void *pvt);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl/**
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * Typedef for storing mappings of dynamically created domains
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl */
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichltypedef enum idmap_error_code (*idmap_store_cb)(const char *dom_name,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl const char *dom_sid,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl const char *range_id,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl uint32_t min_id,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl uint32_t max_id,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl uint32_t first_rid,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl void *pvt);
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * Structure for id ranges
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * FIXME: this struct might change when it is clear how ranges are handled on
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * the server side
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosestruct sss_idmap_range {
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose uint32_t min;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose uint32_t max;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose};
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose/**
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * Opaque type for SIDs
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose */
c51a204a40b8f85f7f525edb3e24520916d8b9c7Sumit Bosestruct sss_dom_sid;
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * Opaque type for the idmap context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosestruct sss_idmap_ctx;
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose/**
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * Placeholder for Samba's struct dom_sid. Consumers of libsss_idmap should
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * include an appropriate Samba header file to define struct dom_sid. We use
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * it here to avoid a hard dependency on Samba devel packages.
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose */
2998435fcc95857b73049b3955af9889ab595f24Sumit Bosestruct dom_sid;
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @brief Initialize idmap context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] alloc_func Function to allocate memory for the context, if
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * NULL malloc() id used
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] alloc_pvt Private data for allocation routine
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] free_func Function to free the memory the context, if
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * NULL free() id used
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[out] ctx idmap context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @return
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - #IDMAP_OUT_OF_MEMORY: Insufficient memory to create the context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseenum idmap_error_code sss_idmap_init(idmap_alloc_func *alloc_func,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose void *alloc_pvt,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose idmap_free_func *free_func,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct sss_idmap_ctx **ctx);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek/**
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @brief Set/unset autorid compatibility mode
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] ctx idmap context
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] use_autorid If true, autorid compatibility mode will be used
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_set_autorid(struct sss_idmap_ctx *ctx, bool use_autorid);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek/**
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @brief Set the lower bound of the range of POSIX IDs
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] ctx idmap context
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] lower lower bound of the range
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_set_lower(struct sss_idmap_ctx *ctx, id_t lower);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek/**
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @brief Set the upper bound of the range of POSIX IDs
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] ctx idmap context
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] upper upper bound of the range
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_set_upper(struct sss_idmap_ctx *ctx, id_t upper);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek/**
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @brief Set the range size of POSIX IDs available for single domain
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] ctx idmap context
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] rangesize range size of IDs
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_set_rangesize(struct sss_idmap_ctx *ctx, id_t rangesize);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl/**
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @brief Set the number of secondary slices available for domain
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl *
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @param[in] ctx idmap context
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @param[in] extra_slice_init number of secondary slices to be generated
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * at startup
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl */
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichlenum idmap_error_code
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichlsss_idmap_ctx_set_extra_slice_init(struct sss_idmap_ctx *ctx,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl int extra_slice_init);
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek/**
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @brief Check if autorid compatibility mode is set
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] ctx idmap context
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[out] _autorid true if autorid is used
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_get_autorid(struct sss_idmap_ctx *ctx, bool *_autorid);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek/**
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @brief Get the lower bound of the range of POSIX IDs
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] ctx idmap context
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[out] _lower returned lower bound
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_get_lower(struct sss_idmap_ctx *ctx, id_t *_lower);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek/**
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @brief Get the upper bound of the range of POSIX IDs
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] ctx idmap context
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[out] _upper returned upper bound
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_get_upper(struct sss_idmap_ctx *ctx, id_t *_upper);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek/**
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @brief Get the range size of POSIX IDs available for single domain
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] ctx idmap context
504902d12a1ea1d3774bacd9a35efd9cecd5f9c2Sumit Bose * @param[out] rangesize returned range size
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code
46222e5191473f9a46aec581273eb2eef22e23beMichal Zideksss_idmap_ctx_get_rangesize(struct sss_idmap_ctx *ctx, id_t *rangesize);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek/**
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @brief Calculate new range of available POSIX IDs
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] ctx Idmap context
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[in] dom_sid Zero-terminated string representation of the domain
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * SID (S-1-15-.....)
504902d12a1ea1d3774bacd9a35efd9cecd5f9c2Sumit Bose * @param[in,out] slice_num Slice number to be used. Set this pointer to NULL or
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * the addressed value to -1 to calculate slice number
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * automatically. The calculated value will be
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * returned in this parameter.
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @param[out] range Structure containing upper and lower bound of the
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * range of POSIX IDs
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek *
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * @return
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * - #IDMAP_OUT_OF_SLICES: Cannot calculate new range because all slices are
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek * used.
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek */
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidekenum idmap_error_code sss_idmap_calculate_range(struct sss_idmap_ctx *ctx,
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek const char *dom_sid,
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek id_t *slice_num,
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek struct sss_idmap_range *range);
46222e5191473f9a46aec581273eb2eef22e23beMichal Zidek
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @brief Add a domain to the idmap context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] ctx Idmap context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] domain_name Zero-terminated string with the domain name
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] domain_sid Zero-terminated string representation of the domain
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * SID (S-1-15-.....)
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] range TBD Some information about the id ranges of this
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * domain
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @return
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - #IDMAP_OUT_OF_MEMORY: Insufficient memory to store the data in the idmap
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - #IDMAP_SID_INVALID: Invalid SID provided
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - #IDMAP_NO_DOMAIN: No domain domain name given
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * - #IDMAP_COLLISION: New domain collides with existing one
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseenum idmap_error_code sss_idmap_add_domain(struct sss_idmap_ctx *ctx,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose const char *domain_name,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose const char *domain_sid,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose struct sss_idmap_range *range);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose/**
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * @brief Add a domain with the first mappable RID to the idmap context
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose *
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * @param[in] ctx Idmap context
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * @param[in] domain_name Zero-terminated string with the domain name
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * @param[in] domain_sid Zero-terminated string representation of the domain
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * SID (S-1-15-.....)
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * @param[in] range TBD Some information about the id ranges of this
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * domain
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose * @param[in] range_id optional unique identifier of a range, it is needed
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose * to allow updates at runtime
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * @param[in] rid The RID that should be mapped to the first ID of the
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * given range.
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * @param[in] external_mapping If set to true the ID will not be mapped
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * algorithmically, but the *_to_unix and *_unix_to_*
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * calls will return IDMAP_EXTERNAL to instruct the
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * caller to check external sources. For a single
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * domain all ranges must be of the same type. It is
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * not possible to mix algorithmic and external
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * mapping.
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose *
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * @return
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * - #IDMAP_OUT_OF_MEMORY: Insufficient memory to store the data in the idmap
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * context
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * - #IDMAP_SID_INVALID: Invalid SID provided
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * - #IDMAP_NO_DOMAIN: No domain domain name given
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose * - #IDMAP_COLLISION: New domain collides with existing one
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose */
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Boseenum idmap_error_code sss_idmap_add_domain_ex(struct sss_idmap_ctx *ctx,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose const char *domain_name,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose const char *domain_sid,
95a08a0c02281b28bd1914e0727b40ae25b4e16aSumit Bose struct sss_idmap_range *range,
9ef0d43b961c05f1aae2ec21eed4142ae3221bc3Sumit Bose const char *range_id,
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose uint32_t rid,
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose bool external_mapping);
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl/**
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @brief Add a domain with the first mappable RID to the idmap context and
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * generate automatically secondary slices
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl *
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @param[in] ctx Idmap context
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @param[in] domain_name Zero-terminated string with the domain name
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @param[in] domain_sid Zero-terminated string representation of the domain
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * SID (S-1-15-.....)
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @param[in] range TBD Some information about the id ranges of this
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * domain
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @param[in] range_id optional unique identifier of a range, it is needed
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * to allow updates at runtime
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @param[in] rid The RID that should be mapped to the first ID of the
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * given range.
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @param[in] external_mapping If set to true the ID will not be mapped
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * algorithmically, but the *_to_unix and *_unix_to_*
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * calls will return IDMAP_EXTERNAL to instruct the
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * caller to check external sources. For a single
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * domain all ranges must be of the same type. It is
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * not possible to mix algorithmic and external
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * mapping.
c744f9df3b6b169c8c70fcfd063ab6402229218eLukas Slebodnik * @param[in] cb The callback for storing mapping of dynamically
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * created domains.
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @param[in] pvt Private data for callback cb.
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl *
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * @return
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * - #IDMAP_OUT_OF_MEMORY: Insufficient memory to store the data in the idmap
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * context
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * - #IDMAP_SID_INVALID: Invalid SID provided
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * - #IDMAP_NO_DOMAIN: No domain domain name given
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl * - #IDMAP_COLLISION: New domain collides with existing one
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl */
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichlenum idmap_error_code
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichlsss_idmap_add_auto_domain_ex(struct sss_idmap_ctx *ctx,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl const char *domain_name,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl const char *domain_sid,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl struct sss_idmap_range *range,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl const char *range_id,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl uint32_t rid,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl bool external_mapping,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl idmap_store_cb cb,
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl void *pvt);
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose/**
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @brief Check if a new range would collide with any existing one
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose *
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] ctx Idmap context
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_name Zero-terminated string with the domain name the new
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * range should belong to
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_sid Zero-terminated string representation of the domain
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * SID (S-1-15-.....) the new range sould belong to
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_range The new id range
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_range_id unique identifier of the new range, it is needed
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * to allow updates at runtime, may be NULL
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_first_rid The RID that should be mapped to the first ID of the
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * new range.
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_external_mapping Mapping type of the new range
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose *
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @return
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * - #IDMAP_COLLISION: New range collides with existing one
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose */
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Boseenum idmap_error_code sss_idmap_check_collision(struct sss_idmap_ctx *ctx,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose char *n_name, char *n_sid,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose struct sss_idmap_range *n_range,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose uint32_t n_first_rid,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose char *n_range_id,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose bool n_external_mapping);
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose/**
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @brief Check if two ranges would collide
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose *
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] o_name Zero-terminated string with the domain name the
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * first range should belong to
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] o_sid Zero-terminated string representation of the domain
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * SID (S-1-15-.....) the first range sould belong to
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] o_range The first id range
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] o_range_id unique identifier of the first range, it is needed
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * to allow updates at runtime, may be NULL
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] o_first_rid The RID that should be mapped to the first ID of the
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * first range.
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] o_external_mapping Mapping type of the first range
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_name Zero-terminated string with the domain name the
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * second range should belong to
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_sid Zero-terminated string representation of the domain
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * SID (S-1-15-.....) the second range sould belong to
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_range The second id range
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_range_id unique identifier of the second range, it is needed
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * to allow updates at runtime, may be NULL
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_first_rid The RID that should be mapped to the first ID of the
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * second range.
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @param[in] n_external_mapping Mapping type of the second range
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose *
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * @return
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose * - #IDMAP_COLLISION: New range collides with existing one
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose */
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Boseenum idmap_error_code sss_idmap_check_collision_ex(const char *o_name,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose const char *o_sid,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose struct sss_idmap_range *o_range,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose uint32_t o_first_rid,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose const char *o_range_id,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose bool o_external_mapping,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose const char *n_name,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose const char *n_sid,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose struct sss_idmap_range *n_range,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose uint32_t n_first_rid,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose const char *n_range_id,
ff6e24f4474cca6226cd44c47ba2ec6ba6cf9a16Sumit Bose bool n_external_mapping);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @brief Translate SID to a unix UID or GID
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] ctx Idmap context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] sid Zero-terminated string representation of the SID
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[out] id Returned unix UID or GID
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @return
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - #IDMAP_SID_INVALID: Invalid SID provided
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * idmap context
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * - #IDMAP_EXTERNAL: external source is authoritative for mapping
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseenum idmap_error_code sss_idmap_sid_to_unix(struct sss_idmap_ctx *ctx,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose const char *sid,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose uint32_t *id);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose/**
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @brief Translate a SID stucture to a unix UID or GID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] ctx Idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] dom_sid SID structure
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] id Returned unix UID or GID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @return
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_SID_INVALID: Invalid SID provided
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * idmap context
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * - #IDMAP_EXTERNAL: external source is authoritative for mapping
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose */
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_dom_sid_to_unix(struct sss_idmap_ctx *ctx,
c51a204a40b8f85f7f525edb3e24520916d8b9c7Sumit Bose struct sss_dom_sid *dom_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint32_t *id);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose/**
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @brief Translate a binary SID to a unix UID or GID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] ctx Idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] bin_sid Array with the binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] length Size of the array containing the binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] id Returned unix UID or GID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @return
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_SID_INVALID: Invalid SID provided
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * idmap context
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * - #IDMAP_EXTERNAL: external source is authoritative for mapping
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose */
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_bin_sid_to_unix(struct sss_idmap_ctx *ctx,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint8_t *bin_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose size_t length,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint32_t *id);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose/**
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose * @brief Translate a Samba dom_sid stucture to a unix UID or GID
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose *
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose * @param[in] ctx Idmap context
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose * @param[in] smb_sid Samba dom_sid structure
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose * @param[out] id Returned unix UID or GID
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose *
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose * @return
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose * - #IDMAP_SID_INVALID: Invalid SID provided
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose * - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose * idmap context
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * - #IDMAP_EXTERNAL: external source is authoritative for mapping
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose */
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Boseenum idmap_error_code sss_idmap_smb_sid_to_unix(struct sss_idmap_ctx *ctx,
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose struct dom_sid *smb_sid,
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose uint32_t *id);
6f504738cad1ee9daa1bd6eec721caceef65f21dSumit Bose
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose/**
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @brief Check if a SID and a unix UID or GID belong to the same range
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose *
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] ctx Idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] sid Zero-terminated string representation of the SID
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] id Unix UID or GID
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose *
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @return
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_SID_INVALID: Invalid SID provided
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_NO_RANGE No matching ID range found
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose */
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Boseenum idmap_error_code sss_idmap_check_sid_unix(struct sss_idmap_ctx *ctx,
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose const char *sid,
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose uint32_t id);
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose/**
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @brief Check if a SID structure and a unix UID or GID belong to the same range
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose *
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] ctx Idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] dom_sid SID structure
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] id Unix UID or GID
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose *
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @return
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_SID_INVALID: Invalid SID provided
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_NO_RANGE No matching ID range found
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose */
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Boseenum idmap_error_code sss_idmap_check_dom_sid_unix(struct sss_idmap_ctx *ctx,
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose struct sss_dom_sid *dom_sid,
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose uint32_t id);
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose/**
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @brief Check if a binary SID and a unix UID or GID belong to the same range
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose *
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] ctx Idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] bin_sid Array with the binary SID
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] length Size of the array containing the binary SID
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] id Unix UID or GID
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose *
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @return
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_SID_INVALID: Invalid SID provided
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_NO_RANGE No matching ID range found
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose */
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Boseenum idmap_error_code sss_idmap_check_bin_sid_unix(struct sss_idmap_ctx *ctx,
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose uint8_t *bin_sid,
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose size_t length,
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose uint32_t id);
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose/**
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @brief Check if a Samba dom_sid structure and a unix UID or GID belong to
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * the same range
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose *
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] ctx Idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] smb_sid Samba dom_sid structure
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @param[in] id Unix UID or GID
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose *
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * @return
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_SID_INVALID: Invalid SID provided
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * idmap context
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose * - #IDMAP_NO_RANGE No matching ID range found
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose */
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Boseenum idmap_error_code sss_idmap_check_smb_sid_unix(struct sss_idmap_ctx *ctx,
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose struct dom_sid *smb_sid,
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose uint32_t id);
9869c20a4db6ce7e285a9d7ae7007718a6de207eSumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @brief Translate unix UID or GID to a SID
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] ctx Idmap context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] id unix UID or GID
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[out] sid Zero-terminated string representation of the SID, must be
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * freed if not needed anymore
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @return
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - #IDMAP_NO_RANGE: The provided ID cannot be found in the domains added
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * to the idmap context
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * - #IDMAP_EXTERNAL: external source is authoritative for mapping
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseenum idmap_error_code sss_idmap_unix_to_sid(struct sss_idmap_ctx *ctx,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose uint32_t id,
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose char **sid);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose/**
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @brief Translate unix UID or GID to a SID structure
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] ctx Idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] id unix UID or GID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] dom_sid SID structure, must be freed if not needed anymore
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @return
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_NO_RANGE: The provided ID cannot be found in the domains added
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * to the idmap context
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * - #IDMAP_EXTERNAL: external source is authoritative for mapping
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose */
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_unix_to_dom_sid(struct sss_idmap_ctx *ctx,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint32_t id,
c51a204a40b8f85f7f525edb3e24520916d8b9c7Sumit Bose struct sss_dom_sid **dom_sid);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose/**
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @brief Translate unix UID or GID to a binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] ctx Idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] id unix UID or GID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] bin_sid Array with the binary SID,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * must be freed if not needed anymore
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] length size of the array containing the binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @return
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_NO_RANGE: The provided ID cannot be found in the domains added
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * to the idmap context
c63c8a63ab062a9c4397278a29b12bd32c4f3895Sumit Bose * - #IDMAP_EXTERNAL: external source is authoritative for mapping
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose */
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_unix_to_bin_sid(struct sss_idmap_ctx *ctx,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint32_t id,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint8_t **bin_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose size_t *length);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @brief Free all the allocated memory of the idmap context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] ctx Idmap context
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @return
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - #IDMAP_CONTEXT_INVALID: Provided context is invalid
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseenum idmap_error_code sss_idmap_free(struct sss_idmap_ctx *ctx);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina/**
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @brief Free mapped SID.
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina *
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @param[in] ctx Idmap context
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @param[in] sid SID to be freed.
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina *
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @return
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * - #IDMAP_CONTEXT_INVALID: Provided context is invalid
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina */
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březinaenum idmap_error_code sss_idmap_free_sid(struct sss_idmap_ctx *ctx,
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina char *sid);
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina/**
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @brief Free mapped domain SID.
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina *
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @param[in] ctx Idmap context
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @param[in] dom_sid Domain SID to be freed.
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina *
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @return
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * - #IDMAP_CONTEXT_INVALID: Provided context is invalid
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina */
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březinaenum idmap_error_code sss_idmap_free_dom_sid(struct sss_idmap_ctx *ctx,
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina struct sss_dom_sid *dom_sid);
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina/**
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @brief Free mapped Samba SID.
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina *
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @param[in] ctx Idmap context
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @param[in] smb_sid Samba SID to be freed.
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina *
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @return
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * - #IDMAP_CONTEXT_INVALID: Provided context is invalid
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina */
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březinaenum idmap_error_code sss_idmap_free_smb_sid(struct sss_idmap_ctx *ctx,
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina struct dom_sid *smb_sid);
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina/**
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @brief Free mapped binary SID.
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina *
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @param[in] ctx Idmap context
3b35ff47651e4893ce537a273466766b962362daLukas Slebodnik * @param[in] bin_sid Binary SID to be freed.
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina *
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * @return
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina * - #IDMAP_CONTEXT_INVALID: Provided context is invalid
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina */
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březinaenum idmap_error_code sss_idmap_free_bin_sid(struct sss_idmap_ctx *ctx,
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina uint8_t *bin_sid);
5c94d34d890c75ec179a32d2cda4fa060d2b5f0cPavel Březina
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @brief Translate error code to a string
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] err Idmap error code
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @return
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - Error description as a zero-terminated string
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Boseconst char *idmap_error_string(enum idmap_error_code err);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @brief Check if given string can be used as domain SID
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @param[in] str String to check
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @return
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - true: String can be used as domain SID
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * - false: String can not be used as domain SID
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bosebool is_domain_sid(const char *str);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose
7f02ba09b9481f59c309fd09a88089857e7fe79fSumit Bose/**
7f02ba09b9481f59c309fd09a88089857e7fe79fSumit Bose * @brief Check if a domain is configured with algorithmic mapping
7f02ba09b9481f59c309fd09a88089857e7fe79fSumit Bose *
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * @param[in] ctx Idmap context
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * @param[in] dom_sid SID string, can be either a domain SID
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * or an object SID
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * @param[out] has_algorithmic_mapping Boolean value indicating if the given
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * domain is configured for algorithmic
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * mapping or not.
7f02ba09b9481f59c309fd09a88089857e7fe79fSumit Bose *
7f02ba09b9481f59c309fd09a88089857e7fe79fSumit Bose * @return
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * - #IDMAP_SUCCESS: Domain for the given SID was found and
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * has_algorithmic_mapping is set accordingly
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * - #IDMAP_SID_INVALID: Provided SID is invalid
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * - #IDMAP_CONTEXT_INVALID: Provided idmap context is invalid
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * - #IDMAP_NO_DOMAIN: No domains are available in the idmap context
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * - #IDMAP_SID_UNKNOWN: No domain with the given SID was found in the
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * idmap context
7f02ba09b9481f59c309fd09a88089857e7fe79fSumit Bose */
7f02ba09b9481f59c309fd09a88089857e7fe79fSumit Boseenum idmap_error_code
7f02ba09b9481f59c309fd09a88089857e7fe79fSumit Bosesss_idmap_domain_has_algorithmic_mapping(struct sss_idmap_ctx *ctx,
7f02ba09b9481f59c309fd09a88089857e7fe79fSumit Bose const char *dom_sid,
7f02ba09b9481f59c309fd09a88089857e7fe79fSumit Bose bool *has_algorithmic_mapping);
7f02ba09b9481f59c309fd09a88089857e7fe79fSumit Bose
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose/**
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * @brief Check if a domain is configured with algorithmic mapping
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose *
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * @param[in] ctx Idmap context
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * @param[in] dom_name Name of the domain
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * @param[out] has_algorithmic_mapping Boolean value indicating if the given
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * domain is configured for algorithmic
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * mapping or not.
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose *
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * @return
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * - #IDMAP_SUCCESS: Domain for the given name was found and
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * has_algorithmic_mapping is set accordingly
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * - #IDMAP_ERROR: Provided name is invalid
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * - #IDMAP_CONTEXT_INVALID: Provided idmap context is invalid
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * - #IDMAP_NO_DOMAIN: No domains are available in the idmap context
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * - #IDMAP_NAME_UNKNOWN: No domain with the given name was found in the
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose * idmap context
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose */
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Boseenum idmap_error_code
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bosesss_idmap_domain_by_name_has_algorithmic_mapping(struct sss_idmap_ctx *ctx,
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose const char *dom_name,
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose bool *has_algorithmic_mapping);
3cbbfb4b05d0eb0a0809704e83589d0075e117a0Sumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose/**
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @brief Convert binary SID to SID structure
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] ctx Idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] bin_sid Array with the binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] length Size of the array containing the binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] dom_sid SID structure,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * must be freed if not needed anymore
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @return
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose */
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_bin_sid_to_dom_sid(struct sss_idmap_ctx *ctx,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose const uint8_t *bin_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose size_t length,
c51a204a40b8f85f7f525edb3e24520916d8b9c7Sumit Bose struct sss_dom_sid **dom_sid);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose/**
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @brief Convert binary SID to SID string
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] ctx Idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] bin_sid Array with the binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] length Size of the array containing the binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] sid Zero-terminated string representation of the SID,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * must be freed if not needed anymore
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @return
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose */
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_bin_sid_to_sid(struct sss_idmap_ctx *ctx,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose const uint8_t *bin_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose size_t length,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose char **sid);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose/**
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @brief Convert SID structure to binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] ctx Idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] dom_sid SID structure
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] bin_sid Array with the binary SID,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * must be freed if not needed anymore
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] length Size of the array containing the binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @return
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose */
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_dom_sid_to_bin_sid(struct sss_idmap_ctx *ctx,
c51a204a40b8f85f7f525edb3e24520916d8b9c7Sumit Bose struct sss_dom_sid *dom_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint8_t **bin_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose size_t *length);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose/**
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @brief Convert SID string to binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] ctx Idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] sid Zero-terminated string representation of the SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] bin_sid Array with the binary SID,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * must be freed if not needed anymore
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] length Size of the array containing the binary SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @return
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose */
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_sid_to_bin_sid(struct sss_idmap_ctx *ctx,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose const char *sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose uint8_t **bin_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose size_t *length);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose/**
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @brief Convert SID structure to SID string
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] ctx Idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] dom_sid SID structure
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] sid Zero-terminated string representation of the SID,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * must be freed if not needed anymore
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @return
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose */
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_dom_sid_to_sid(struct sss_idmap_ctx *ctx,
c51a204a40b8f85f7f525edb3e24520916d8b9c7Sumit Bose struct sss_dom_sid *dom_sid,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose char **sid);
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose/**
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @brief Convert SID string to SID structure
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] ctx Idmap context
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[in] sid Zero-terminated string representation of the SID
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @param[out] dom_sid SID structure,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * must be freed if not needed anymore
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose *
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * @return
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose */
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Boseenum idmap_error_code sss_idmap_sid_to_dom_sid(struct sss_idmap_ctx *ctx,
b6dfbf81c61d4431aaa81687ec53e892f8b71edbSumit Bose const char *sid,
c51a204a40b8f85f7f525edb3e24520916d8b9c7Sumit Bose struct sss_dom_sid **dom_sid);
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose/**
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @brief Convert SID string to Samba dom_sid structure
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] ctx Idmap context
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] sid Zero-terminated string representation of the SID
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[out] smb_sid Samba dom_sid structure,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * must be freed if not needed anymore
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @return
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose */
2998435fcc95857b73049b3955af9889ab595f24Sumit Boseenum idmap_error_code sss_idmap_sid_to_smb_sid(struct sss_idmap_ctx *ctx,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose const char *sid,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose struct dom_sid **smb_sid);
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose/**
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @brief Convert Samba dom_sid structure to SID string
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] ctx Idmap context
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] smb_sid Samba dom_sid structure
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[out] sid Zero-terminated string representation of the SID,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * must be freed if not needed anymore
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @return
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose */
2998435fcc95857b73049b3955af9889ab595f24Sumit Boseenum idmap_error_code sss_idmap_smb_sid_to_sid(struct sss_idmap_ctx *ctx,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose struct dom_sid *smb_sid,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose char **sid);
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose/**
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @brief Convert SID stucture to Samba dom_sid structure
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] ctx Idmap context
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] dom_sid SID structure
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[out] smb_sid Samba dom_sid structure,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * must be freed if not needed anymore
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @return
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose */
2998435fcc95857b73049b3955af9889ab595f24Sumit Boseenum idmap_error_code sss_idmap_dom_sid_to_smb_sid(struct sss_idmap_ctx *ctx,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose struct sss_dom_sid *dom_sid,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose struct dom_sid **smb_sid);
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose/**
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @brief Convert Samba dom_sid structure to SID structure
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] ctx Idmap context
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] smb_sid Samba dom_sid structure
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[out] dom_sid SID structure,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * must be freed if not needed anymore
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @return
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose */
2998435fcc95857b73049b3955af9889ab595f24Sumit Boseenum idmap_error_code sss_idmap_smb_sid_to_dom_sid(struct sss_idmap_ctx *ctx,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose struct dom_sid *smb_sid,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose struct sss_dom_sid **dom_sid);
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose/**
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @brief Convert binary SID to Samba dom_sid structure
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] ctx Idmap context
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] bin_sid Array with the binary SID
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] length Size of the array containing the binary SID
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[out] smb_sid Samba dom_sid structure,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * must be freed if not needed anymore
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @return
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose */
2998435fcc95857b73049b3955af9889ab595f24Sumit Boseenum idmap_error_code sss_idmap_bin_sid_to_smb_sid(struct sss_idmap_ctx *ctx,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose const uint8_t *bin_sid,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose size_t length,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose struct dom_sid **smb_sid);
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose/**
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @brief Convert Samba dom_sid structure to binary SID
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] ctx Idmap context
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[in] smb_sid Samba dom_sid structure
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[out] bin_sid Array with the binary SID,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * must be freed if not needed anymore
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @param[out] length Size of the array containing the binary SID
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose *
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * @return
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_SID_INVALID: Given SID is invalid
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose * - #IDMAP_OUT_OF_MEMORY: Failed to allocate memory for the result
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose */
2998435fcc95857b73049b3955af9889ab595f24Sumit Boseenum idmap_error_code sss_idmap_smb_sid_to_bin_sid(struct sss_idmap_ctx *ctx,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose struct dom_sid *smb_sid,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose uint8_t **bin_sid,
2998435fcc95857b73049b3955af9889ab595f24Sumit Bose size_t *length);
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose/**
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose * @}
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose */
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose#endif /* SSS_IDMAP_H_ */