sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-04 17:47:26 +03:00
Code

r25181: sync winbind client code with samba3

Browse Source 
NOTE: wbinfo.c isn't fully merged here

metze
(This used to be commit eee5327dc2f79c052c2db0ca89f23cc9d2ce355d)
This commit is contained in:
Stefan Metzmacher 2007-09-15 20:09:29 +00:00 committed by Gerald (Jerry) Carter
parent 9a012df08e
commit 540caf7ea6
10 changed files with 459 additions and 398 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
source4/auth/auth_winbind.c
View File

@ -109,7 +109,7 @@ static NTSTATUS winbind_check_password_samba3(struct auth_method_context *ctx,
memcpy(request.data.auth_crap.nt_resp, user_info->password.response.nt.data, memcpy(request.data.auth_crap.nt_resp, user_info->password.response.nt.data,
request.data.auth_crap.nt_resp_len); request.data.auth_crap.nt_resp_len);
result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response); result = winbindd_request_response(WINBINDD_PAM_AUTH_CRAP, &request, &response);
nt_status = NT_STATUS(response.data.auth.nt_status); nt_status = NT_STATUS(response.data.auth.nt_status);
NT_STATUS_NOT_OK_RETURN(nt_status); NT_STATUS_NOT_OK_RETURN(nt_status);

240
source4/nsswitch/wb_common.c
View File

@ -22,16 +22,16 @@
along with this program. If not, see <http://www.gnu.org/licenses/>. along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "includes.h" #include "winbind_client.h"
#include "nsswitch/winbind_client.h"
/* Global variables. These are effectively the client state information */ /* Global variables. These are effectively the client state information */
int winbindd_fd = -1; /* fd for winbindd socket */ int winbindd_fd = -1; /* fd for winbindd socket */
static int is_privileged = 0;
/* Free a response structure */ /* Free a response structure */
void free_response(struct winbindd_response *response) void winbindd_free_response(struct winbindd_response *response)
{ {
/* Free any allocated extra_data */ /* Free any allocated extra_data */
@ -41,7 +41,7 @@ void free_response(struct winbindd_response *response)
/* Initialise a request structure */ /* Initialise a request structure */
void init_request(struct winbindd_request *request, int request_type) void winbindd_init_request(struct winbindd_request *request, int request_type)
{ {
request->length = sizeof(struct winbindd_request); request->length = sizeof(struct winbindd_request);
@ -52,7 +52,7 @@ void init_request(struct winbindd_request *request, int request_type)
/* Initialise a response structure */ /* Initialise a response structure */
void init_response(struct winbindd_response *response) static void init_response(struct winbindd_response *response)
{ {
/* Initialise return value */ /* Initialise return value */
@ -61,7 +61,7 @@ void init_response(struct winbindd_response *response)
/* Close established socket */ /* Close established socket */
void close_sock(void) void winbind_close_sock(void)
{ {
if (winbindd_fd != -1) { if (winbindd_fd != -1) {
close(winbindd_fd); close(winbindd_fd);
@ -70,10 +70,6 @@ void close_sock(void)
} }
#define CONNECT_TIMEOUT 30 #define CONNECT_TIMEOUT 30
#if 0 /* unused */
#define WRITE_TIMEOUT CONNECT_TIMEOUT
#define READ_TIMEOUT CONNECT_TIMEOUT
#endif
/* Make sure socket handle isn't stdin, stdout or stderr */ /* Make sure socket handle isn't stdin, stdout or stderr */
#define RECURSION_LIMIT 3 #define RECURSION_LIMIT 3
@ -172,7 +168,7 @@ static int winbind_named_pipe_sock(const char *dir)
{ {
struct sockaddr_un sunaddr; struct sockaddr_un sunaddr;
struct stat st; struct stat st;
char *path; pstring path;
int fd; int fd;
int wait_time; int wait_time;
int slept; int slept;
@ -190,7 +186,15 @@ static int winbind_named_pipe_sock(const char *dir)
/* Connect to socket */ /* Connect to socket */
asprintf(&path, "%s%s", dir, "/" WINBINDD_SOCKET_NAME); strncpy(path, dir, sizeof(path) - 1);
path[sizeof(path) - 1] = '\0';
strncat(path, "/", sizeof(path) - 1 - strlen(path));
path[sizeof(path) - 1] = '\0';
strncat(path, WINBINDD_SOCKET_NAME, sizeof(path) - 1 - strlen(path));
path[sizeof(path) - 1] = '\0';
ZERO_STRUCT(sunaddr); ZERO_STRUCT(sunaddr);
sunaddr.sun_family = AF_UNIX; sunaddr.sun_family = AF_UNIX;
strncpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path) - 1); strncpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path) - 1);
@ -200,12 +204,9 @@ static int winbind_named_pipe_sock(const char *dir)
the winbindd daemon is not running. */ the winbindd daemon is not running. */
if (lstat(path, &st) == -1) { if (lstat(path, &st) == -1) {
SAFE_FREE(path);
return -1; return -1;
} }
SAFE_FREE(path);
/* Check permissions on unix socket file */ /* Check permissions on unix socket file */
if (!S_ISSOCK(st.st_mode) || if (!S_ISSOCK(st.st_mode) ||
@ -277,72 +278,80 @@ static int winbind_named_pipe_sock(const char *dir)
close(fd); close(fd);
return -1; return -1;
}
if (connect(fd, (struct sockaddr *)&sunaddr, static const char *winbindd_socket_dir(void)
sizeof(sunaddr)) == -1) { {
close(fd); #ifdef SOCKET_WRAPPER
return -1; const char *env_dir;
env_dir = getenv(WINBINDD_SOCKET_DIR_ENVVAR);
if (env_dir) {
return env_dir;
} }
#endif
return fd; return WINBINDD_SOCKET_DIR;
} }
/* Connect to winbindd socket */ /* Connect to winbindd socket */
int winbind_open_pipe_sock(void) static int winbind_open_pipe_sock(int recursing, int need_priv)
{ {
#ifdef HAVE_UNIXSOCKET #ifdef HAVE_UNIXSOCKET
static pid_t our_pid; static pid_t our_pid;
struct winbindd_request request; struct winbindd_request request;
struct winbindd_response response; struct winbindd_response response;
const char *winbindd_socket_dir_env;
ZERO_STRUCT(request); ZERO_STRUCT(request);
ZERO_STRUCT(response); ZERO_STRUCT(response);
if (our_pid != getpid()) { if (our_pid != getpid()) {
close_sock(); winbind_close_sock();
our_pid = getpid(); our_pid = getpid();
} }
if ((need_priv != 0) && (is_privileged == 0)) {
winbind_close_sock();
}
if (winbindd_fd != -1) { if (winbindd_fd != -1) {
return winbindd_fd; return winbindd_fd;
} }
#ifdef SOCKET_WRAPPER if (recursing) {
winbindd_socket_dir_env = getenv(WINBINDD_SOCKET_DIR_ENV);
if (!winbindd_socket_dir_env)
{
winbindd_socket_dir_env = WINBINDD_SOCKET_DIR;
}
#else
winbindd_socket_dir_env = WINBINDD_SOCKET_DIR;
#endif
winbindd_fd = winbind_named_pipe_sock(winbindd_socket_dir_env);
if (winbindd_fd == -1)
{
return -1; return -1;
} }
if ((winbindd_fd = winbind_named_pipe_sock(winbindd_socket_dir())) == -1) {
return -1;
}
is_privileged = 0;
/* version-check the socket */ /* version-check the socket */
if ((winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != WINBIND_INTERFACE_VERSION)) { request.wb_flags = WBFLAG_RECURSE;
close_sock(); if ((winbindd_request_response(WINBINDD_INTERFACE_VERSION, &request, &response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != WINBIND_INTERFACE_VERSION)) {
winbind_close_sock();
return -1; return -1;
} }
/* try and get priv pipe */ /* try and get priv pipe */
if (winbindd_request(WINBINDD_PRIV_PIPE_DIR, &request, &response) == NSS_STATUS_SUCCESS) { request.wb_flags = WBFLAG_RECURSE;
if (winbindd_request_response(WINBINDD_PRIV_PIPE_DIR, &request, &response) == NSS_STATUS_SUCCESS) {
int fd; int fd;
if ((fd = winbind_named_pipe_sock(response.extra_data.data)) != -1) { if ((fd = winbind_named_pipe_sock((char *)response.extra_data.data)) != -1) {
close(winbindd_fd); close(winbindd_fd);
winbindd_fd = fd; winbindd_fd = fd;
is_privileged = 1;
} }
} }
if ((need_priv != 0) && (is_privileged == 0)) {
return -1;
}
SAFE_FREE(response.extra_data.data); SAFE_FREE(response.extra_data.data);
return winbindd_fd; return winbindd_fd;
@ -353,7 +362,7 @@ int winbind_open_pipe_sock(void)
/* Write data to winbindd socket */ /* Write data to winbindd socket */
int write_sock(void *buffer, int count) int winbind_write_sock(void *buffer, int count, int recursing, int need_priv)
{ {
int result, nwritten; int result, nwritten;
@ -361,7 +370,7 @@ int write_sock(void *buffer, int count)
restart: restart:
if (winbind_open_pipe_sock() == -1) { if (winbind_open_pipe_sock(recursing, need_priv) == -1) {
return -1; return -1;
} }
@ -381,7 +390,7 @@ int write_sock(void *buffer, int count)
ZERO_STRUCT(tv); ZERO_STRUCT(tv);
if (select(winbindd_fd + 1, &r_fds, NULL, NULL, &tv) == -1) { if (select(winbindd_fd + 1, &r_fds, NULL, NULL, &tv) == -1) {
close_sock(); winbind_close_sock();
return -1; /* Select error */ return -1; /* Select error */
} }
@ -399,7 +408,7 @@ int write_sock(void *buffer, int count)
/* Write failed */ /* Write failed */
close_sock(); winbind_close_sock();
return -1; return -1;
} }
@ -409,7 +418,7 @@ int write_sock(void *buffer, int count)
/* Pipe has closed on remote end */ /* Pipe has closed on remote end */
close_sock(); winbind_close_sock();
goto restart; goto restart;
} }
} }
@ -419,11 +428,15 @@ int write_sock(void *buffer, int count)
/* Read data from winbindd socket */ /* Read data from winbindd socket */
static int read_sock(void *buffer, int count) int winbind_read_sock(void *buffer, int count)
{ {
int nread = 0; int nread = 0;
int total_time = 0, selret; int total_time = 0, selret;
if (winbindd_fd == -1) {
return -1;
}
/* Read data from socket */ /* Read data from socket */
while(nread < count) { while(nread < count) {
struct timeval tv; struct timeval tv;
@ -439,7 +452,7 @@ static int read_sock(void *buffer, int count)
tv.tv_sec = 5; tv.tv_sec = 5;
if ((selret = select(winbindd_fd + 1, &r_fds, NULL, NULL, &tv)) == -1) { if ((selret = select(winbindd_fd + 1, &r_fds, NULL, NULL, &tv)) == -1) {
close_sock(); winbind_close_sock();
return -1; /* Select error */ return -1; /* Select error */
} }
@ -447,7 +460,7 @@ static int read_sock(void *buffer, int count)
/* Not ready for read yet... */ /* Not ready for read yet... */
if (total_time >= 30) { if (total_time >= 30) {
/* Timeout */ /* Timeout */
close_sock(); winbind_close_sock();
return -1; return -1;
} }
total_time += 5; total_time += 5;
@ -467,7 +480,7 @@ static int read_sock(void *buffer, int count)
can do here is just return -1 and fail since the can do here is just return -1 and fail since the
transaction has failed half way through. */ transaction has failed half way through. */
close_sock(); winbind_close_sock();
return -1; return -1;
} }
@ -481,7 +494,7 @@ static int read_sock(void *buffer, int count)
/* Read reply */ /* Read reply */
int read_reply(struct winbindd_response *response) int winbindd_read_reply(struct winbindd_response *response)
{ {
int result1, result2 = 0; int result1, result2 = 0;
@ -491,9 +504,9 @@ int read_reply(struct winbindd_response *response)
/* Read fixed length response */ /* Read fixed length response */
if ((result1 = read_sock(response, sizeof(struct winbindd_response))) result1 = winbind_read_sock(response,
== -1) { sizeof(struct winbindd_response));
if (result1 == -1) {
return -1; return -1;
} }
@ -515,9 +528,10 @@ int read_reply(struct winbindd_response *response)
return -1; return -1;
} }
if ((result2 = read_sock(response->extra_data.data, extra_data_len)) result2 = winbind_read_sock(response->extra_data.data,
== -1) { extra_data_len);
free_response(response); if (result2 == -1) {
winbindd_free_response(response);
return -1; return -1;
} }
} }
@ -527,22 +541,31 @@ int read_reply(struct winbindd_response *response)
return result1 + result2; return result1 + result2;
} }
bool winbind_env_set(void)
{
char *env;
if ((env=getenv(WINBINDD_DONT_ENV)) != NULL) {
if(strcmp(env, "1") == 0) {
return true;
}
}
return false;
}
/* /*
* send simple types of requests * send simple types of requests
*/ */
NSS_STATUS winbindd_send_request(int req_type, struct winbindd_request *request) NSS_STATUS winbindd_send_request(int req_type, int need_priv,
struct winbindd_request *request)
{ {
struct winbindd_request lrequest; struct winbindd_request lrequest;
char *env;
int value;
/* Check for our tricky environment variable */ /* Check for our tricky environment variable */
if ( (env = getenv(WINBINDD_DONT_ENV)) != NULL ) { if (winbind_env_set()) {
value = atoi(env); return NSS_STATUS_NOTFOUND;
if ( value == 1 )
return NSS_STATUS_NOTFOUND;
} }
if (!request) { if (!request) {
@ -552,9 +575,19 @@ NSS_STATUS winbindd_send_request(int req_type, struct winbindd_request *request)
/* Fill in request and send down pipe */ /* Fill in request and send down pipe */
init_request(request, req_type); winbindd_init_request(request, req_type);
if (write_sock(request, sizeof(*request)) == -1) { if (winbind_write_sock(request, sizeof(*request),
request->wb_flags & WBFLAG_RECURSE,
need_priv) == -1) {
return NSS_STATUS_UNAVAIL;
}
if ((request->extra_len != 0) &&
(winbind_write_sock(request->extra_data.data,
request->extra_len,
request->wb_flags & WBFLAG_RECURSE,
need_priv) == -1)) {
return NSS_STATUS_UNAVAIL; return NSS_STATUS_UNAVAIL;
} }
@ -577,13 +610,13 @@ NSS_STATUS winbindd_get_response(struct winbindd_response *response)
init_response(response); init_response(response);
/* Wait for reply */ /* Wait for reply */
if (read_reply(response) == -1) { if (winbindd_read_reply(response) == -1) {
return NSS_STATUS_UNAVAIL; return NSS_STATUS_UNAVAIL;
} }
/* Throw away extra data if client didn't request it */ /* Throw away extra data if client didn't request it */
if (response == &lresponse) { if (response == &lresponse) {
free_response(response); winbindd_free_response(response);
} }
/* Copy reply data from socket */ /* Copy reply data from socket */
@ -596,16 +629,40 @@ NSS_STATUS winbindd_get_response(struct winbindd_response *response)
/* Handle simple types of requests */ /* Handle simple types of requests */
NSS_STATUS winbindd_request(int req_type, NSS_STATUS winbindd_request_response(int req_type,
struct winbindd_request *request, struct winbindd_request *request,
struct winbindd_response *response) struct winbindd_response *response)
{ {
NSS_STATUS status; NSS_STATUS status = NSS_STATUS_UNAVAIL;
int count = 0;
status = winbindd_send_request(req_type, request); while ((status == NSS_STATUS_UNAVAIL) && (count < 10)) {
if (status != NSS_STATUS_SUCCESS) status = winbindd_send_request(req_type, 0, request);
return(status); if (status != NSS_STATUS_SUCCESS)
return winbindd_get_response(response); return(status);
status = winbindd_get_response(response);
count += 1;
}
return status;
}
NSS_STATUS winbindd_priv_request_response(int req_type,
struct winbindd_request *request,
struct winbindd_response *response)
{
NSS_STATUS status = NSS_STATUS_UNAVAIL;
int count = 0;
while ((status == NSS_STATUS_UNAVAIL) && (count < 10)) {
status = winbindd_send_request(req_type, 1, request);
if (status != NSS_STATUS_SUCCESS)
return(status);
status = winbindd_get_response(response);
count += 1;
}
return status;
} }
/************************************************************************* /*************************************************************************
@ -613,14 +670,35 @@ NSS_STATUS winbindd_request(int req_type,
enable them enable them
************************************************************************/ ************************************************************************/
bool winbind_off( void ) bool winbind_off(void)
{ {
setenv(WINBINDD_DONT_ENV, "1", 1); return setenv(WINBINDD_DONT_ENV, "1", 1) != -1;
return True;
} }
bool winbind_on( void ) bool winbind_on(void)
{ {
setenv(WINBINDD_DONT_ENV, "0", 1); return setenv(WINBINDD_DONT_ENV, "0", 1) != -1;
return True; }
/*************************************************************************
************************************************************************/
const char *nss_err_str(NSS_STATUS ret)
{
switch (ret) {
case NSS_STATUS_TRYAGAIN:
return "NSS_STATUS_TRYAGAIN";
case NSS_STATUS_SUCCESS:
return "NSS_STATUS_SUCCESS";
case NSS_STATUS_NOTFOUND:
return "NSS_STATUS_NOTFOUND";
case NSS_STATUS_UNAVAIL:
return "NSS_STATUS_UNAVAIL";
#ifdef NSS_STATUS_RETURN
case NSS_STATUS_RETURN:
return "NSS_STATUS_RETURN";
#endif
default:
return "UNKNOWN RETURN CODE!!!!!!!";
}
} }

58
source4/nsswitch/wbinfo.c
View File

@ -45,7 +45,7 @@ static char winbind_separator_int(BOOL strict)
/* Send off request */ /* Send off request */
if (winbindd_request(WINBINDD_INFO, NULL, &response) != if (winbindd_request_response(WINBINDD_INFO, NULL, &response) !=
NSS_STATUS_SUCCESS) { NSS_STATUS_SUCCESS) {
d_fprintf(stderr, "could not obtain winbind separator!\n"); d_fprintf(stderr, "could not obtain winbind separator!\n");
if (strict) { if (strict) {
@ -84,7 +84,7 @@ static const char *get_winbind_domain(void)
/* Send off request */ /* Send off request */
if (winbindd_request(WINBINDD_DOMAIN_NAME, NULL, &response) != if (winbindd_request_response(WINBINDD_DOMAIN_NAME, NULL, &response) !=
NSS_STATUS_SUCCESS) { NSS_STATUS_SUCCESS) {
d_fprintf(stderr, "could not obtain winbind domain name!\n"); d_fprintf(stderr, "could not obtain winbind domain name!\n");
@ -136,7 +136,7 @@ static BOOL wbinfo_get_userinfo(char *user)
fstrcpy(request.data.username, user); fstrcpy(request.data.username, user);
result = winbindd_request(WINBINDD_GETPWNAM, &request, &response); result = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response);
if (result != NSS_STATUS_SUCCESS) if (result != NSS_STATUS_SUCCESS)
return False; return False;
@ -165,7 +165,7 @@ static BOOL wbinfo_get_uidinfo(int uid)
request.data.uid = uid; request.data.uid = uid;
result = winbindd_request(WINBINDD_GETPWUID, &request, &response); result = winbindd_request_response(WINBINDD_GETPWUID, &request, &response);
if (result != NSS_STATUS_SUCCESS) if (result != NSS_STATUS_SUCCESS)
return False; return False;
@ -196,7 +196,7 @@ static BOOL wbinfo_get_groupinfo(char *group)
fstrcpy(request.data.groupname, group); fstrcpy(request.data.groupname, group);
result = winbindd_request(WINBINDD_GETGRNAM, &request, result = winbindd_request_response(WINBINDD_GETGRNAM, &request,
&response); &response);
if ( result != NSS_STATUS_SUCCESS) if ( result != NSS_STATUS_SUCCESS)
@ -226,7 +226,7 @@ static BOOL wbinfo_get_usergroups(char *user)
fstrcpy(request.data.username, user); fstrcpy(request.data.username, user);
result = winbindd_request(WINBINDD_GETGROUPS, &request, &response); result = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response);
if (result != NSS_STATUS_SUCCESS) if (result != NSS_STATUS_SUCCESS)
return False; return False;
@ -255,7 +255,7 @@ static BOOL wbinfo_get_usersids(char *user_sid)
/* Send request */ /* Send request */
fstrcpy(request.data.sid, user_sid); fstrcpy(request.data.sid, user_sid);
result = winbindd_request(WINBINDD_GETUSERSIDS, &request, &response); result = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response);
if (result != NSS_STATUS_SUCCESS) if (result != NSS_STATUS_SUCCESS)
return False; return False;
@ -283,7 +283,7 @@ static BOOL wbinfo_get_userdomgroups(const char *user_sid)
/* Send request */ /* Send request */
fstrcpy(request.data.sid, user_sid); fstrcpy(request.data.sid, user_sid);
result = winbindd_request(WINBINDD_GETUSERDOMGROUPS, &request, result = winbindd_request_response(WINBINDD_GETUSERDOMGROUPS, &request,
&response); &response);
if (result != NSS_STATUS_SUCCESS) if (result != NSS_STATUS_SUCCESS)
@ -311,7 +311,7 @@ static BOOL wbinfo_wins_byname(char *name)
fstrcpy(request.data.winsreq, name); fstrcpy(request.data.winsreq, name);
if (winbindd_request(WINBINDD_WINS_BYNAME, &request, &response) != if (winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response) !=
NSS_STATUS_SUCCESS) { NSS_STATUS_SUCCESS) {
return False; return False;
} }
@ -337,7 +337,7 @@ static BOOL wbinfo_wins_byip(char *ip)
fstrcpy(request.data.winsreq, ip); fstrcpy(request.data.winsreq, ip);
if (winbindd_request(WINBINDD_WINS_BYIP, &request, &response) != if (winbindd_request_response(WINBINDD_WINS_BYIP, &request, &response) !=
NSS_STATUS_SUCCESS) { NSS_STATUS_SUCCESS) {
return False; return False;
} }
@ -363,7 +363,7 @@ static BOOL wbinfo_list_domains(BOOL list_all_domains)
request.data.list_all_domains = list_all_domains; request.data.list_all_domains = list_all_domains;
if (winbindd_request(WINBINDD_LIST_TRUSTDOM, &request, &response) != if (winbindd_request_response(WINBINDD_LIST_TRUSTDOM, &request, &response) !=
NSS_STATUS_SUCCESS) NSS_STATUS_SUCCESS)
return False; return False;
@ -414,7 +414,7 @@ static BOOL wbinfo_show_sequence(const char *domain)
/* Send request */ /* Send request */
if (winbindd_request(WINBINDD_SHOW_SEQUENCE, &request, &response) != if (winbindd_request_response(WINBINDD_SHOW_SEQUENCE, &request, &response) !=
NSS_STATUS_SUCCESS) NSS_STATUS_SUCCESS)
return False; return False;
@ -446,7 +446,7 @@ static BOOL wbinfo_domain_info(const char *domain_name)
/* Send request */ /* Send request */
if (winbindd_request(WINBINDD_DOMAIN_INFO, &request, &response) != if (winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response) !=
NSS_STATUS_SUCCESS) NSS_STATUS_SUCCESS)
return False; return False;
@ -483,7 +483,7 @@ static BOOL wbinfo_getdcname(const char *domain_name)
/* Send request */ /* Send request */
if (winbindd_request(WINBINDD_GETDCNAME, &request, &response) != if (winbindd_request_response(WINBINDD_GETDCNAME, &request, &response) !=
NSS_STATUS_SUCCESS) { NSS_STATUS_SUCCESS) {
d_fprintf(stderr, "Could not get dc name for %s\n", domain_name); d_fprintf(stderr, "Could not get dc name for %s\n", domain_name);
return False; return False;
@ -505,7 +505,7 @@ static BOOL wbinfo_check_secret(void)
ZERO_STRUCT(response); ZERO_STRUCT(response);
result = winbindd_request(WINBINDD_CHECK_MACHACC, NULL, &response); result = winbindd_request_response(WINBINDD_CHECK_MACHACC, NULL, &response);
d_printf("checking the trust secret via RPC calls %s\n", d_printf("checking the trust secret via RPC calls %s\n",
(result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
@ -532,7 +532,7 @@ static BOOL wbinfo_uid_to_sid(uid_t uid)
request.data.uid = uid; request.data.uid = uid;
if (winbindd_request(WINBINDD_UID_TO_SID, &request, &response) != if (winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response) !=
NSS_STATUS_SUCCESS) NSS_STATUS_SUCCESS)
return False; return False;
@ -557,7 +557,7 @@ static BOOL wbinfo_gid_to_sid(gid_t gid)
request.data.gid = gid; request.data.gid = gid;
if (winbindd_request(WINBINDD_GID_TO_SID, &request, &response) != if (winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response) !=
NSS_STATUS_SUCCESS) NSS_STATUS_SUCCESS)
return False; return False;
@ -582,7 +582,7 @@ static BOOL wbinfo_sid_to_uid(char *sid)
fstrcpy(request.data.sid, sid); fstrcpy(request.data.sid, sid);
if (winbindd_request(WINBINDD_SID_TO_UID, &request, &response) != if (winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response) !=
NSS_STATUS_SUCCESS) NSS_STATUS_SUCCESS)
return False; return False;
@ -605,7 +605,7 @@ static BOOL wbinfo_sid_to_gid(char *sid)
fstrcpy(request.data.sid, sid); fstrcpy(request.data.sid, sid);
if (winbindd_request(WINBINDD_SID_TO_GID, &request, &response) != if (winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response) !=
NSS_STATUS_SUCCESS) NSS_STATUS_SUCCESS)
return False; return False;
@ -630,7 +630,7 @@ static BOOL wbinfo_lookupsid(char *sid)
fstrcpy(request.data.sid, sid); fstrcpy(request.data.sid, sid);
if (winbindd_request(WINBINDD_LOOKUPSID, &request, &response) != if (winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response) !=
NSS_STATUS_SUCCESS) NSS_STATUS_SUCCESS)
return False; return False;
@ -674,7 +674,7 @@ static BOOL wbinfo_lookupname(char *name)
parse_wbinfo_domain_user(name, request.data.name.dom_name, parse_wbinfo_domain_user(name, request.data.name.dom_name,
request.data.name.name); request.data.name.name);
if (winbindd_request(WINBINDD_LOOKUPNAME, &request, &response) != if (winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response) !=
NSS_STATUS_SUCCESS) NSS_STATUS_SUCCESS)
return False; return False;
@ -687,7 +687,7 @@ static BOOL wbinfo_lookupname(char *name)
/* Authenticate a user with a plaintext password */ /* Authenticate a user with a plaintext password */
static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags) static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32_t flags)
{ {
struct winbindd_request request; struct winbindd_request request;
struct winbindd_response response; struct winbindd_response response;
@ -715,7 +715,7 @@ static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags)
request.data.auth.uid = geteuid(); request.data.auth.uid = geteuid();
result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response); result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response);
/* Display response */ /* Display response */
@ -770,7 +770,7 @@ static BOOL wbinfo_auth(char *username)
} else } else
fstrcpy(request.data.auth.user, username); fstrcpy(request.data.auth.user, username);
result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response); result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response);
/* Display response */ /* Display response */
@ -877,7 +877,7 @@ static BOOL wbinfo_auth_crap(char *username)
request.data.auth_crap.nt_resp_len = 24; request.data.auth_crap.nt_resp_len = 24;
} }
result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response); result = winbindd_request_response(WINBINDD_PAM_AUTH_CRAP, &request, &response);
/* Display response */ /* Display response */
@ -915,7 +915,7 @@ static BOOL print_domain_users(const char *domain)
fstrcpy( request.domain_name, domain ); fstrcpy( request.domain_name, domain );
} }
if (winbindd_request(WINBINDD_LIST_USERS, &request, &response) != if (winbindd_request_response(WINBINDD_LIST_USERS, &request, &response) !=
NSS_STATUS_SUCCESS) NSS_STATUS_SUCCESS)
return False; return False;
@ -953,7 +953,7 @@ static BOOL print_domain_groups(const char *domain)
fstrcpy( request.domain_name, domain ); fstrcpy( request.domain_name, domain );
} }
if (winbindd_request(WINBINDD_LIST_GROUPS, &request, &response) != if (winbindd_request_response(WINBINDD_LIST_GROUPS, &request, &response) !=
NSS_STATUS_SUCCESS) NSS_STATUS_SUCCESS)
return False; return False;
@ -976,7 +976,7 @@ static BOOL wbinfo_ping(void)
{ {
NSS_STATUS result; NSS_STATUS result;
result = winbindd_request(WINBINDD_PING, NULL, NULL); result = winbindd_request_response(WINBINDD_PING, NULL, NULL);
/* Display response */ /* Display response */
@ -1231,7 +1231,7 @@ int main(int argc, char **argv, char **envp)
break; break;
} }
case 'K': { case 'K': {
uint32 flags = WBFLAG_PAM_KRB5 | uint32_t flags = WBFLAG_PAM_KRB5 |
WBFLAG_PAM_CACHED_LOGIN | WBFLAG_PAM_CACHED_LOGIN |
WBFLAG_PAM_FALLBACK_AFTER_KRB5 | WBFLAG_PAM_FALLBACK_AFTER_KRB5 |
WBFLAG_PAM_INFO3_TEXT; WBFLAG_PAM_INFO3_TEXT;

29
source4/nsswitch/winbind_client.h
View File

@ -1,16 +1,25 @@
#include "nsswitch/winbind_nss_config.h" #include "winbind_nss_config.h"
#include "nsswitch/winbind_struct_protocol.h" #include "winbind_struct_protocol.h"
void init_request(struct winbindd_request *req,int rq_type); void winbindd_init_request(struct winbindd_request *req,int rq_type);
NSS_STATUS winbindd_send_request(int req_type, void winbindd_free_response(struct winbindd_response *response);
NSS_STATUS winbindd_send_request(int req_type, int need_priv,
struct winbindd_request *request); struct winbindd_request *request);
NSS_STATUS winbindd_get_response(struct winbindd_response *response); NSS_STATUS winbindd_get_response(struct winbindd_response *response);
NSS_STATUS winbindd_request(int req_type, NSS_STATUS winbindd_request_response(int req_type,
struct winbindd_request *request, struct winbindd_request *request,
struct winbindd_response *response); struct winbindd_response *response);
int winbind_open_pipe_sock(void); NSS_STATUS winbindd_priv_request_response(int req_type,
int write_sock(void *buffer, int count); struct winbindd_request *request,
int read_reply(struct winbindd_response *response); struct winbindd_response *response);
void close_sock(void); int winbindd_read_reply(struct winbindd_response *response);
void free_response(struct winbindd_response *response);
bool winbind_env_set(void);
bool winbind_off(void);
bool winbind_on(void);
int winbind_write_sock(void *buffer, int count, int recursing, int need_priv);
int winbind_read_sock(void *buffer, int count);
void winbind_close_sock(void);
const char *nss_err_str(NSS_STATUS ret);

10
source4/nsswitch/winbind_nss.h
View File

@ -53,7 +53,15 @@
#include "nsswitch/winbind_nss_hpux.h" #include "nsswitch/winbind_nss_hpux.h"
#else /* Nothing's defined. Neither gnu nor sun nor hp */ #elif defined(__NetBSD__) && defined(HAVE_GETPWENT_R)
/*
* NetBSD 3 and newer
*/
#include "nsswitch/winbind_nss_netbsd.h"
#else /* Nothing's defined. Neither gnu nor netbsd nor sun nor hp */
typedef enum typedef enum
{ {

47
source4/nsswitch/winbind_nss_config.h
View File

@ -51,48 +51,6 @@ typedef char pstring[PSTRING_LEN];
typedef char fstring[FSTRING_LEN]; typedef char fstring[FSTRING_LEN];
#endif #endif
#if !defined(uint32)
#if (SIZEOF_INT == 4)
#define uint32 unsigned int
#elif (SIZEOF_LONG == 4)
#define uint32 unsigned long
#elif (SIZEOF_SHORT == 4)
#define uint32 unsigned short
#endif
#endif
#if !defined(uint16)
#if (SIZEOF_SHORT == 4)
#define uint16 __ERROR___CANNOT_DETERMINE_TYPE_FOR_INT16;
#else /* SIZEOF_SHORT != 4 */
#define uint16 unsigned short
#endif /* SIZEOF_SHORT != 4 */
#endif
#ifndef uint8
#define uint8 unsigned char
#endif
/*
* check for 8 byte long long
*/
#if !defined(uint64)
#if (SIZEOF_LONG == 8)
#define uint64 unsigned long
#elif (SIZEOF_LONG_LONG == 8)
#define uint64 unsigned long long
#endif /* don't lie. If we don't have it, then don't use it */
#endif
#if !defined(int64)
#if (SIZEOF_LONG == 8)
#define int64 long
#elif (SIZEOF_LONG_LONG == 8)
#define int64 long long
#endif /* don't lie. If we don't have it, then don't use it */
#endif
/* Some systems (SCO) treat UNIX domain sockets as FIFOs */ /* Some systems (SCO) treat UNIX domain sockets as FIFOs */
#ifndef S_IFSOCK #ifndef S_IFSOCK
@ -103,9 +61,4 @@ typedef char fstring[FSTRING_LEN];
#define S_ISSOCK(mode) ((mode & S_IFSOCK) == S_IFSOCK) #define S_ISSOCK(mode) ((mode & S_IFSOCK) == S_IFSOCK)
#endif #endif
#ifndef HAVE_SOCKLEN_T
#define HAVE_SOCKLEN_T
typedef int socklen_t;
#endif
#endif #endif

4
source4/nsswitch/winbind_nss_irix.h
View File

@ -39,8 +39,4 @@ typedef enum
NSS_STATUS_TRYAGAIN=NS_TRYAGAIN NSS_STATUS_TRYAGAIN=NS_TRYAGAIN
} NSS_STATUS; } NSS_STATUS;
#define NSD_MEM_STATIC 0
#define NSD_MEM_VOLATILE 1
#define NSD_MEM_DYNAMIC 2
#endif /* _WINBIND_NSS_IRIX_H */ #endif /* _WINBIND_NSS_IRIX_H */

277
source4/nsswitch/winbind_nss_linux.c
View File

@ -19,7 +19,6 @@
along with this program. If not, see <http://www.gnu.org/licenses/>. along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "includes.h"
#include "winbind_client.h" #include "winbind_client.h"
/* Maximum number of users to pass back over the unix domain socket /* Maximum number of users to pass back over the unix domain socket
@ -29,64 +28,45 @@
#define MAX_GETPWENT_USERS 250 #define MAX_GETPWENT_USERS 250
#define MAX_GETGRENT_USERS 250 #define MAX_GETGRENT_USERS 250
_PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void); NSS_STATUS _nss_winbind_setpwent(void);
_PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void); NSS_STATUS _nss_winbind_endpwent(void);
_PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, char *buffer, NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
size_t buflen, int *errnop); size_t buflen, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
char *buffer, size_t buflen, int *errnop); char *buffer, size_t buflen, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name, struct passwd *result, NSS_STATUS _nss_winbind_getpwnam_r(const char *name, struct passwd *result,
char *buffer, size_t buflen, int *errnop); char *buffer, size_t buflen, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void); NSS_STATUS _nss_winbind_setgrent(void);
_PUBLIC_ NSS_STATUS _nss_winbind_endgrent(void); NSS_STATUS _nss_winbind_endgrent(void);
_PUBLIC_ NSS_STATUS _nss_winbind_getgrent_r(struct group *result, char *buffer, NSS_STATUS _nss_winbind_getgrent_r(struct group *result, char *buffer,
size_t buflen, int *errnop); size_t buflen, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, char *buffer, NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, char *buffer,
size_t buflen, int *errnop); size_t buflen, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name, struct group *result, NSS_STATUS _nss_winbind_getgrnam_r(const char *name, struct group *result,
char *buffer, size_t buflen, int *errnop); char *buffer, size_t buflen, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, struct group *result, char *buffer, NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, struct group *result, char *buffer,
size_t buflen, int *errnop); size_t buflen, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start, NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start,
long int *size, gid_t **groups, long int *size, gid_t **groups,
long int limit, int *errnop); long int limit, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid, char **group_sids, NSS_STATUS _nss_winbind_getusersids(const char *user_sid, char **group_sids,
int *num_groups, char *buffer, size_t buf_size, int *num_groups, char *buffer, size_t buf_size,
int *errnop); int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid, char *buffer, NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid, char *buffer,
size_t buflen, int *errnop); size_t buflen, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, char *buffer, NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, char *buffer,
size_t buflen, int *errnop); size_t buflen, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop); NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop); NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer, NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
size_t buflen, int *errnop); size_t buflen, int *errnop);
_PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer, NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
size_t buflen, int *errnop); size_t buflen, int *errnop);
/* Prototypes from wb_common.c */ /* Prototypes from wb_common.c */
extern int winbindd_fd; extern int winbindd_fd;
#ifdef DEBUG_NSS
static const char *nss_err_str(NSS_STATUS ret) {
switch (ret) {
case NSS_STATUS_TRYAGAIN:
return "NSS_STATUS_TRYAGAIN";
case NSS_STATUS_SUCCESS:
return "NSS_STATUS_SUCCESS";
case NSS_STATUS_NOTFOUND:
return "NSS_STATUS_NOTFOUND";
case NSS_STATUS_UNAVAIL:
return "NSS_STATUS_UNAVAIL";
case NSS_STATUS_RETURN:
return "NSS_STATUS_RETURN";
default:
return "UNKNOWN RETURN CODE!!!!!!!";
}
}
#endif
/* Allocate some space from the nss static buffer. The buffer and buflen /* Allocate some space from the nss static buffer. The buffer and buflen
are the pointers passed in by the C library to the _nss_ntdom_* are the pointers passed in by the C library to the _nss_ntdom_*
functions. */ functions. */
@ -115,13 +95,13 @@ static char *get_static(char **buffer, size_t *buflen, size_t len)
lib/util_str.c as I really don't want to have to link in any other lib/util_str.c as I really don't want to have to link in any other
objects if I can possibly avoid it. */ objects if I can possibly avoid it. */
static BOOL next_tok(char **ptr,char *buff,const char *sep, size_t bufsize) static bool next_token(char **ptr,char *buff,const char *sep, size_t bufsize)
{ {
char *s; char *s;
BOOL quoted; bool quoted;
size_t len=1; size_t len=1;
if (!ptr) return(False); if (!ptr) return false;
s = *ptr; s = *ptr;
@ -132,10 +112,10 @@ static BOOL next_tok(char **ptr,char *buff,const char *sep, size_t bufsize)
while (*s && strchr(sep,*s)) s++; while (*s && strchr(sep,*s)) s++;
/* nothing left? */ /* nothing left? */
if (! *s) return(False); if (! *s) return false;
/* copy over the token */ /* copy over the token */
for (quoted = False; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) { for (quoted = false; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) {
if (*s == '\"') { if (*s == '\"') {
quoted = !quoted; quoted = !quoted;
} else { } else {
@ -147,7 +127,7 @@ static BOOL next_tok(char **ptr,char *buff,const char *sep, size_t bufsize)
*ptr = (*s) ? s+1 : s; *ptr = (*s) ? s+1 : s;
*buff = 0; *buff = 0;
return(True); return true;
} }
@ -169,7 +149,7 @@ static NSS_STATUS fill_pwent(struct passwd *result,
return NSS_STATUS_TRYAGAIN; return NSS_STATUS_TRYAGAIN;
} }
strlcpy(result->pw_name, pw->pw_name, strlen(pw->pw_name) + 1); strcpy(result->pw_name, pw->pw_name);
/* Password */ /* Password */
@ -181,7 +161,7 @@ static NSS_STATUS fill_pwent(struct passwd *result,
return NSS_STATUS_TRYAGAIN; return NSS_STATUS_TRYAGAIN;
} }
strlcpy(result->pw_passwd, pw->pw_passwd, strlen(pw->pw_passwd) + 1); strcpy(result->pw_passwd, pw->pw_passwd);
/* [ug]id */ /* [ug]id */
@ -198,7 +178,7 @@ static NSS_STATUS fill_pwent(struct passwd *result,
return NSS_STATUS_TRYAGAIN; return NSS_STATUS_TRYAGAIN;
} }
strlcpy(result->pw_gecos, pw->pw_gecos, strlen(pw->pw_gecos) + 1); strcpy(result->pw_gecos, pw->pw_gecos);
/* Home directory */ /* Home directory */
@ -210,7 +190,7 @@ static NSS_STATUS fill_pwent(struct passwd *result,
return NSS_STATUS_TRYAGAIN; return NSS_STATUS_TRYAGAIN;
} }
strlcpy(result->pw_dir, pw->pw_dir, strlen(pw->pw_dir) + 1); strcpy(result->pw_dir, pw->pw_dir);
/* Logon shell */ /* Logon shell */
@ -222,7 +202,7 @@ static NSS_STATUS fill_pwent(struct passwd *result,
return NSS_STATUS_TRYAGAIN; return NSS_STATUS_TRYAGAIN;
} }
strlcpy(result->pw_shell, pw->pw_shell, strlen(pw->pw_shell) + 1); strcpy(result->pw_shell, pw->pw_shell);
/* The struct passwd for Solaris has some extra fields which must /* The struct passwd for Solaris has some extra fields which must
be initialised or nscd crashes. */ be initialised or nscd crashes. */
@ -259,7 +239,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
return NSS_STATUS_TRYAGAIN; return NSS_STATUS_TRYAGAIN;
} }
strlcpy(result->gr_name, gr->gr_name, strlen(gr->gr_name) + 1); strcpy(result->gr_name, gr->gr_name);
/* Password */ /* Password */
@ -271,7 +251,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
return NSS_STATUS_TRYAGAIN; return NSS_STATUS_TRYAGAIN;
} }
strlcpy(result->gr_passwd, gr->gr_passwd, strlen(gr->gr_passwd) + 1); strcpy(result->gr_passwd, gr->gr_passwd);
/* gid */ /* gid */
@ -310,7 +290,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
i = 0; i = 0;
while(next_tok((char **)&gr_mem, name, ",", sizeof(fstring))) { while(next_token((char **)&gr_mem, name, ",", sizeof(fstring))) {
/* Allocate space for member */ /* Allocate space for member */
@ -322,7 +302,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
return NSS_STATUS_TRYAGAIN; return NSS_STATUS_TRYAGAIN;
} }
strlcpy((result->gr_mem)[i], name, strlen(name) + 1); strcpy((result->gr_mem)[i], name);
i++; i++;
} }
@ -344,7 +324,8 @@ static int num_pw_cache; /* Current size of pwd cache */
/* Rewind "file pointer" to start of ntdom password database */ /* Rewind "file pointer" to start of ntdom password database */
_PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void) NSS_STATUS
_nss_winbind_setpwent(void)
{ {
NSS_STATUS ret; NSS_STATUS ret;
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
@ -353,10 +334,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void)
if (num_pw_cache > 0) { if (num_pw_cache > 0) {
ndx_pw_cache = num_pw_cache = 0; ndx_pw_cache = num_pw_cache = 0;
free_response(&getpwent_response); winbindd_free_response(&getpwent_response);
} }
ret = winbindd_request(WINBINDD_SETPWENT, NULL, NULL); ret = winbindd_request_response(WINBINDD_SETPWENT, NULL, NULL);
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: setpwent returns %s (%d)\n", getpid(), fprintf(stderr, "[%5d]: setpwent returns %s (%d)\n", getpid(),
nss_err_str(ret), ret); nss_err_str(ret), ret);
@ -366,7 +347,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void)
/* Close ntdom password database "file pointer" */ /* Close ntdom password database "file pointer" */
_PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void) NSS_STATUS
_nss_winbind_endpwent(void)
{ {
NSS_STATUS ret; NSS_STATUS ret;
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
@ -375,10 +357,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void)
if (num_pw_cache > 0) { if (num_pw_cache > 0) {
ndx_pw_cache = num_pw_cache = 0; ndx_pw_cache = num_pw_cache = 0;
free_response(&getpwent_response); winbindd_free_response(&getpwent_response);
} }
ret = winbindd_request(WINBINDD_ENDPWENT, NULL, NULL); ret = winbindd_request_response(WINBINDD_ENDPWENT, NULL, NULL);
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: endpwent returns %s (%d)\n", getpid(), fprintf(stderr, "[%5d]: endpwent returns %s (%d)\n", getpid(),
nss_err_str(ret), ret); nss_err_str(ret), ret);
@ -388,8 +370,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void)
/* Fetch the next password entry from ntdom password database */ /* Fetch the next password entry from ntdom password database */
_PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, NSS_STATUS
char *buffer, size_t buflen, int *errnop) _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
size_t buflen, int *errnop)
{ {
NSS_STATUS ret; NSS_STATUS ret;
struct winbindd_request request; struct winbindd_request request;
@ -409,7 +392,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result,
/* Else call winbindd to get a bunch of entries */ /* Else call winbindd to get a bunch of entries */
if (num_pw_cache > 0) { if (num_pw_cache > 0) {
free_response(&getpwent_response); winbindd_free_response(&getpwent_response);
} }
ZERO_STRUCT(request); ZERO_STRUCT(request);
@ -417,7 +400,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result,
request.data.num_entries = MAX_GETPWENT_USERS; request.data.num_entries = MAX_GETPWENT_USERS;
ret = winbindd_request(WINBINDD_GETPWENT, &request, ret = winbindd_request_response(WINBINDD_GETPWENT, &request,
&getpwent_response); &getpwent_response);
if (ret == NSS_STATUS_SUCCESS) { if (ret == NSS_STATUS_SUCCESS) {
@ -448,20 +431,20 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result,
/* Out of memory - try again */ /* Out of memory - try again */
if (ret == NSS_STATUS_TRYAGAIN) { if (ret == NSS_STATUS_TRYAGAIN) {
called_again = True; called_again = true;
*errnop = errno = ERANGE; *errnop = errno = ERANGE;
goto done; goto done;
} }
*errnop = errno = 0; *errnop = errno = 0;
called_again = False; called_again = false;
ndx_pw_cache++; ndx_pw_cache++;
/* If we've finished with this lot of results free cache */ /* If we've finished with this lot of results free cache */
if (ndx_pw_cache == num_pw_cache) { if (ndx_pw_cache == num_pw_cache) {
ndx_pw_cache = num_pw_cache = 0; ndx_pw_cache = num_pw_cache = 0;
free_response(&getpwent_response); winbindd_free_response(&getpwent_response);
} }
} }
done: done:
@ -474,8 +457,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result,
/* Return passwd struct from uid */ /* Return passwd struct from uid */
_PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, NSS_STATUS
char *buffer, size_t buflen, int *errnop) _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer,
size_t buflen, int *errnop)
{ {
NSS_STATUS ret; NSS_STATUS ret;
static struct winbindd_response response; static struct winbindd_response response;
@ -496,14 +480,14 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
request.data.uid = uid; request.data.uid = uid;
ret = winbindd_request(WINBINDD_GETPWUID, &request, &response); ret = winbindd_request_response(WINBINDD_GETPWUID, &request, &response);
if (ret == NSS_STATUS_SUCCESS) { if (ret == NSS_STATUS_SUCCESS) {
ret = fill_pwent(result, &response.data.pw, ret = fill_pwent(result, &response.data.pw,
&buffer, &buflen); &buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) { if (ret == NSS_STATUS_TRYAGAIN) {
keep_response = True; keep_response = true;
*errnop = errno = ERANGE; *errnop = errno = ERANGE;
goto done; goto done;
} }
@ -516,16 +500,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
ret = fill_pwent(result, &response.data.pw, &buffer, &buflen); ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) { if (ret == NSS_STATUS_TRYAGAIN) {
keep_response = True; keep_response = true;
*errnop = errno = ERANGE; *errnop = errno = ERANGE;
goto done; goto done;
} }
keep_response = False; keep_response = false;
*errnop = errno = 0; *errnop = errno = 0;
} }
free_response(&response); winbindd_free_response(&response);
done: done:
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
@ -536,8 +520,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
} }
/* Return passwd struct from username */ /* Return passwd struct from username */
_PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name, NSS_STATUS
struct passwd *result, char *buffer, size_t buflen, int *errnop) _nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer,
size_t buflen, int *errnop)
{ {
NSS_STATUS ret; NSS_STATUS ret;
static struct winbindd_response response; static struct winbindd_response response;
@ -562,14 +547,14 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name,
request.data.username request.data.username
[sizeof(request.data.username) - 1] = '\0'; [sizeof(request.data.username) - 1] = '\0';
ret = winbindd_request(WINBINDD_GETPWNAM, &request, &response); ret = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response);
if (ret == NSS_STATUS_SUCCESS) { if (ret == NSS_STATUS_SUCCESS) {
ret = fill_pwent(result, &response.data.pw, &buffer, ret = fill_pwent(result, &response.data.pw, &buffer,
&buflen); &buflen);
if (ret == NSS_STATUS_TRYAGAIN) { if (ret == NSS_STATUS_TRYAGAIN) {
keep_response = True; keep_response = true;
*errnop = errno = ERANGE; *errnop = errno = ERANGE;
goto done; goto done;
} }
@ -582,16 +567,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name,
ret = fill_pwent(result, &response.data.pw, &buffer, &buflen); ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) { if (ret == NSS_STATUS_TRYAGAIN) {
keep_response = True; keep_response = true;
*errnop = errno = ERANGE; *errnop = errno = ERANGE;
goto done; goto done;
} }
keep_response = False; keep_response = false;
*errnop = errno = 0; *errnop = errno = 0;
} }
free_response(&response); winbindd_free_response(&response);
done: done:
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: getpwnam %s returns %s (%d)\n", getpid(), fprintf(stderr, "[%5d]: getpwnam %s returns %s (%d)\n", getpid(),
@ -611,7 +596,8 @@ static int num_gr_cache; /* Current size of grp cache */
/* Rewind "file pointer" to start of ntdom group database */ /* Rewind "file pointer" to start of ntdom group database */
_PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void) NSS_STATUS
_nss_winbind_setgrent(void)
{ {
NSS_STATUS ret; NSS_STATUS ret;
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
@ -620,10 +606,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void)
if (num_gr_cache > 0) { if (num_gr_cache > 0) {
ndx_gr_cache = num_gr_cache = 0; ndx_gr_cache = num_gr_cache = 0;
free_response(&getgrent_response); winbindd_free_response(&getgrent_response);
} }
ret = winbindd_request(WINBINDD_SETGRENT, NULL, NULL); ret = winbindd_request_response(WINBINDD_SETGRENT, NULL, NULL);
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: setgrent returns %s (%d)\n", getpid(), fprintf(stderr, "[%5d]: setgrent returns %s (%d)\n", getpid(),
nss_err_str(ret), ret); nss_err_str(ret), ret);
@ -633,7 +619,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void)
/* Close "file pointer" for ntdom group database */ /* Close "file pointer" for ntdom group database */
_PUBLIC_ NSS_STATUS _nss_winbind_endgrent(void) NSS_STATUS
_nss_winbind_endgrent(void)
{ {
NSS_STATUS ret; NSS_STATUS ret;
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
@ -642,10 +629,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_endgrent(void)
if (num_gr_cache > 0) { if (num_gr_cache > 0) {
ndx_gr_cache = num_gr_cache = 0; ndx_gr_cache = num_gr_cache = 0;
free_response(&getgrent_response); winbindd_free_response(&getgrent_response);
} }
ret = winbindd_request(WINBINDD_ENDGRENT, NULL, NULL); ret = winbindd_request_response(WINBINDD_ENDGRENT, NULL, NULL);
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: endgrent returns %s (%d)\n", getpid(), fprintf(stderr, "[%5d]: endgrent returns %s (%d)\n", getpid(),
nss_err_str(ret), ret); nss_err_str(ret), ret);
@ -679,7 +666,7 @@ winbind_getgrent(enum winbindd_cmd cmd,
/* Else call winbindd to get a bunch of entries */ /* Else call winbindd to get a bunch of entries */
if (num_gr_cache > 0) { if (num_gr_cache > 0) {
free_response(&getgrent_response); winbindd_free_response(&getgrent_response);
} }
ZERO_STRUCT(request); ZERO_STRUCT(request);
@ -687,7 +674,7 @@ winbind_getgrent(enum winbindd_cmd cmd,
request.data.num_entries = MAX_GETGRENT_USERS; request.data.num_entries = MAX_GETGRENT_USERS;
ret = winbindd_request(cmd, &request, ret = winbindd_request_response(cmd, &request,
&getgrent_response); &getgrent_response);
if (ret == NSS_STATUS_SUCCESS) { if (ret == NSS_STATUS_SUCCESS) {
@ -727,20 +714,20 @@ winbind_getgrent(enum winbindd_cmd cmd,
/* Out of memory - try again */ /* Out of memory - try again */
if (ret == NSS_STATUS_TRYAGAIN) { if (ret == NSS_STATUS_TRYAGAIN) {
called_again = True; called_again = true;
*errnop = errno = ERANGE; *errnop = errno = ERANGE;
goto done; goto done;
} }
*errnop = 0; *errnop = 0;
called_again = False; called_again = false;
ndx_gr_cache++; ndx_gr_cache++;
/* If we've finished with this lot of results free cache */ /* If we've finished with this lot of results free cache */
if (ndx_gr_cache == num_gr_cache) { if (ndx_gr_cache == num_gr_cache) {
ndx_gr_cache = num_gr_cache = 0; ndx_gr_cache = num_gr_cache = 0;
free_response(&getgrent_response); winbindd_free_response(&getgrent_response);
} }
} }
done: done:
@ -752,13 +739,15 @@ winbind_getgrent(enum winbindd_cmd cmd,
} }
_PUBLIC_ NSS_STATUS _nss_winbind_getgrent_r(struct group *result, NSS_STATUS
_nss_winbind_getgrent_r(struct group *result,
char *buffer, size_t buflen, int *errnop) char *buffer, size_t buflen, int *errnop)
{ {
return winbind_getgrent(WINBINDD_GETGRENT, result, buffer, buflen, errnop); return winbind_getgrent(WINBINDD_GETGRENT, result, buffer, buflen, errnop);
} }
_PUBLIC_ NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, NSS_STATUS
_nss_winbind_getgrlst_r(struct group *result,
char *buffer, size_t buflen, int *errnop) char *buffer, size_t buflen, int *errnop)
{ {
return winbind_getgrent(WINBINDD_GETGRLST, result, buffer, buflen, errnop); return winbind_getgrent(WINBINDD_GETGRLST, result, buffer, buflen, errnop);
@ -766,7 +755,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrlst_r(struct group *result,
/* Return group struct from group name */ /* Return group struct from group name */
_PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name, NSS_STATUS
_nss_winbind_getgrnam_r(const char *name,
struct group *result, char *buffer, struct group *result, char *buffer,
size_t buflen, int *errnop) size_t buflen, int *errnop)
{ {
@ -793,7 +783,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name,
request.data.groupname request.data.groupname
[sizeof(request.data.groupname) - 1] = '\0'; [sizeof(request.data.groupname) - 1] = '\0';
ret = winbindd_request(WINBINDD_GETGRNAM, &request, &response); ret = winbindd_request_response(WINBINDD_GETGRNAM, &request, &response);
if (ret == NSS_STATUS_SUCCESS) { if (ret == NSS_STATUS_SUCCESS) {
ret = fill_grent(result, &response.data.gr, ret = fill_grent(result, &response.data.gr,
@ -801,7 +791,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name,
&buffer, &buflen); &buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) { if (ret == NSS_STATUS_TRYAGAIN) {
keep_response = True; keep_response = true;
*errnop = errno = ERANGE; *errnop = errno = ERANGE;
goto done; goto done;
} }
@ -816,16 +806,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name,
&buflen); &buflen);
if (ret == NSS_STATUS_TRYAGAIN) { if (ret == NSS_STATUS_TRYAGAIN) {
keep_response = True; keep_response = true;
*errnop = errno = ERANGE; *errnop = errno = ERANGE;
goto done; goto done;
} }
keep_response = False; keep_response = false;
*errnop = 0; *errnop = 0;
} }
free_response(&response); winbindd_free_response(&response);
done: done:
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: getgrnam %s returns %s (%d)\n", getpid(), fprintf(stderr, "[%5d]: getgrnam %s returns %s (%d)\n", getpid(),
@ -836,7 +826,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name,
/* Return group struct from gid */ /* Return group struct from gid */
_PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, NSS_STATUS
_nss_winbind_getgrgid_r(gid_t gid,
struct group *result, char *buffer, struct group *result, char *buffer,
size_t buflen, int *errnop) size_t buflen, int *errnop)
{ {
@ -860,7 +851,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid,
request.data.gid = gid; request.data.gid = gid;
ret = winbindd_request(WINBINDD_GETGRGID, &request, &response); ret = winbindd_request_response(WINBINDD_GETGRGID, &request, &response);
if (ret == NSS_STATUS_SUCCESS) { if (ret == NSS_STATUS_SUCCESS) {
@ -869,7 +860,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid,
&buffer, &buflen); &buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) { if (ret == NSS_STATUS_TRYAGAIN) {
keep_response = True; keep_response = true;
*errnop = errno = ERANGE; *errnop = errno = ERANGE;
goto done; goto done;
} }
@ -884,16 +875,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid,
&buflen); &buflen);
if (ret == NSS_STATUS_TRYAGAIN) { if (ret == NSS_STATUS_TRYAGAIN) {
keep_response = True; keep_response = true;
*errnop = errno = ERANGE; *errnop = errno = ERANGE;
goto done; goto done;
} }
keep_response = False; keep_response = false;
*errnop = 0; *errnop = 0;
} }
free_response(&response); winbindd_free_response(&response);
done: done:
#ifdef DEBUG_NSS #ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: getgrgid %d returns %s (%d)\n", getpid(), fprintf(stderr, "[%5d]: getgrgid %d returns %s (%d)\n", getpid(),
@ -904,9 +895,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid,
/* Initialise supplementary groups */ /* Initialise supplementary groups */
_PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, NSS_STATUS
long int *start, long int *size, gid_t **groups, _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start,
long int limit, int *errnop) long int *size, gid_t **groups, long int limit,
int *errnop)
{ {
NSS_STATUS ret; NSS_STATUS ret;
struct winbindd_request request; struct winbindd_request request;
@ -924,7 +916,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group,
strncpy(request.data.username, user, strncpy(request.data.username, user,
sizeof(request.data.username) - 1); sizeof(request.data.username) - 1);
ret = winbindd_request(WINBINDD_GETGROUPS, &request, &response); ret = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response);
if (ret == NSS_STATUS_SUCCESS) { if (ret == NSS_STATUS_SUCCESS) {
int num_gids = response.data.num_entries; int num_gids = response.data.num_entries;
@ -1003,9 +995,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group,
/* return a list of group SIDs for a user SID */ /* return a list of group SIDs for a user SID */
_PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid, NSS_STATUS
char **group_sids, int *num_groups, _nss_winbind_getusersids(const char *user_sid, char **group_sids,
char *buffer, size_t buf_size, int *errnop) int *num_groups,
char *buffer, size_t buf_size, int *errnop)
{ {
NSS_STATUS ret; NSS_STATUS ret;
struct winbindd_request request; struct winbindd_request request;
@ -1021,7 +1014,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid,
strncpy(request.data.sid, user_sid,sizeof(request.data.sid) - 1); strncpy(request.data.sid, user_sid,sizeof(request.data.sid) - 1);
request.data.sid[sizeof(request.data.sid) - 1] = '\0'; request.data.sid[sizeof(request.data.sid) - 1] = '\0';
ret = winbindd_request(WINBINDD_GETUSERSIDS, &request, &response); ret = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response);
if (ret != NSS_STATUS_SUCCESS) { if (ret != NSS_STATUS_SUCCESS) {
goto done; goto done;
@ -1039,14 +1032,15 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid,
errno = *errnop = 0; errno = *errnop = 0;
done: done:
free_response(&response); winbindd_free_response(&response);
return ret; return ret;
} }
/* map a user or group name to a SID string */ /* map a user or group name to a SID string */
_PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid, NSS_STATUS
char *buffer, size_t buflen, int *errnop) _nss_winbind_nametosid(const char *name, char **sid, char *buffer,
size_t buflen, int *errnop)
{ {
NSS_STATUS ret; NSS_STATUS ret;
struct winbindd_response response; struct winbindd_response response;
@ -1063,7 +1057,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid,
sizeof(request.data.name.name) - 1); sizeof(request.data.name.name) - 1);
request.data.name.name[sizeof(request.data.name.name) - 1] = '\0'; request.data.name.name[sizeof(request.data.name.name) - 1] = '\0';
ret = winbindd_request(WINBINDD_LOOKUPNAME, &request, &response); ret = winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response);
if (ret != NSS_STATUS_SUCCESS) { if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL; *errnop = errno = EINVAL;
goto failed; goto failed;
@ -1077,16 +1071,17 @@ _PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid,
*errnop = errno = 0; *errnop = errno = 0;
*sid = buffer; *sid = buffer;
strlcpy(*sid, response.data.sid.sid, strlen(response.data.sid.sid) + 1); strcpy(*sid, response.data.sid.sid);
failed: failed:
free_response(&response); winbindd_free_response(&response);
return ret; return ret;
} }
/* map a sid string to a user or group name */ /* map a sid string to a user or group name */
_PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, NSS_STATUS
char *buffer, size_t buflen, int *errnop) _nss_winbind_sidtoname(const char *sid, char **name, char *buffer,
size_t buflen, int *errnop)
{ {
NSS_STATUS ret; NSS_STATUS ret;
struct winbindd_response response; struct winbindd_response response;
@ -1103,14 +1098,14 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name,
/* we need to fetch the separator first time through */ /* we need to fetch the separator first time through */
if (!sep_char) { if (!sep_char) {
ret = winbindd_request(WINBINDD_INFO, &request, &response); ret = winbindd_request_response(WINBINDD_INFO, &request, &response);
if (ret != NSS_STATUS_SUCCESS) { if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL; *errnop = errno = EINVAL;
goto failed; goto failed;
} }
sep_char = response.data.info.winbind_separator; sep_char = response.data.info.winbind_separator;
free_response(&response); winbindd_free_response(&response);
} }
@ -1118,7 +1113,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name,
sizeof(request.data.sid) - 1); sizeof(request.data.sid) - 1);
request.data.sid[sizeof(request.data.sid) - 1] = '\0'; request.data.sid[sizeof(request.data.sid) - 1] = '\0';
ret = winbindd_request(WINBINDD_LOOKUPSID, &request, &response); ret = winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response);
if (ret != NSS_STATUS_SUCCESS) { if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL; *errnop = errno = EINVAL;
goto failed; goto failed;
@ -1143,13 +1138,13 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name,
*errnop = errno = 0; *errnop = errno = 0;
failed: failed:
free_response(&response); winbindd_free_response(&response);
return ret; return ret;
} }
/* map a sid to a uid */ /* map a sid to a uid */
_PUBLIC_ NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid, NSS_STATUS
int *errnop) _nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop)
{ {
NSS_STATUS ret; NSS_STATUS ret;
struct winbindd_response response; struct winbindd_response response;
@ -1165,7 +1160,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid,
strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1); strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1);
request.data.sid[sizeof(request.data.sid) - 1] = '\0'; request.data.sid[sizeof(request.data.sid) - 1] = '\0';
ret = winbindd_request(WINBINDD_SID_TO_UID, &request, &response); ret = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response);
if (ret != NSS_STATUS_SUCCESS) { if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL; *errnop = errno = EINVAL;
goto failed; goto failed;
@ -1178,8 +1173,8 @@ failed:
} }
/* map a sid to a gid */ /* map a sid to a gid */
_PUBLIC_ NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid, NSS_STATUS
int *errnop) _nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop)
{ {
NSS_STATUS ret; NSS_STATUS ret;
struct winbindd_response response; struct winbindd_response response;
@ -1195,7 +1190,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid,
strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1); strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1);
request.data.sid[sizeof(request.data.sid) - 1] = '\0'; request.data.sid[sizeof(request.data.sid) - 1] = '\0';
ret = winbindd_request(WINBINDD_SID_TO_GID, &request, &response); ret = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response);
if (ret != NSS_STATUS_SUCCESS) { if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL; *errnop = errno = EINVAL;
goto failed; goto failed;
@ -1208,7 +1203,8 @@ failed:
} }
/* map a uid to a SID string */ /* map a uid to a SID string */
_PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer, NSS_STATUS
_nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
size_t buflen, int *errnop) size_t buflen, int *errnop)
{ {
NSS_STATUS ret; NSS_STATUS ret;
@ -1224,7 +1220,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
request.data.uid = uid; request.data.uid = uid;
ret = winbindd_request(WINBINDD_UID_TO_SID, &request, &response); ret = winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response);
if (ret != NSS_STATUS_SUCCESS) { if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL; *errnop = errno = EINVAL;
goto failed; goto failed;
@ -1238,15 +1234,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
*errnop = errno = 0; *errnop = errno = 0;
*sid = buffer; *sid = buffer;
strlcpy(*sid, response.data.sid.sid, strlen(response.data.sid.sid) + 1); strcpy(*sid, response.data.sid.sid);
failed: failed:
free_response(&response); winbindd_free_response(&response);
return ret; return ret;
} }
/* map a gid to a SID string */ /* map a gid to a SID string */
_PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer, NSS_STATUS
_nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
size_t buflen, int *errnop) size_t buflen, int *errnop)
{ {
NSS_STATUS ret; NSS_STATUS ret;
@ -1262,7 +1259,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
request.data.gid = gid; request.data.gid = gid;
ret = winbindd_request(WINBINDD_GID_TO_SID, &request, &response); ret = winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response);
if (ret != NSS_STATUS_SUCCESS) { if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL; *errnop = errno = EINVAL;
goto failed; goto failed;
@ -1276,9 +1273,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
*errnop = errno = 0; *errnop = errno = 0;
*sid = buffer; *sid = buffer;
strlcpy(*sid, response.data.sid.sid, strlen(response.data.sid.sid) + 1); strcpy(*sid, response.data.sid.sid);
failed: failed:
free_response(&response); winbindd_free_response(&response);
return ret; return ret;
} }

26
source4/nsswitch/winbind_nss_solaris.h
View File

@ -22,7 +22,33 @@
#ifndef _WINBIND_NSS_SOLARIS_H #ifndef _WINBIND_NSS_SOLARIS_H
#define _WINBIND_NSS_SOLARIS_H #define _WINBIND_NSS_SOLARIS_H
/* Solaris has a broken nss_common header file containing C++ reserved names. */
#ifndef __cplusplus
#undef class
#undef private
#undef public
#undef protected
#undef template
#undef this
#undef new
#undef delete
#undef friend
#endif
#include <nss_common.h> #include <nss_common.h>
#ifndef __cplusplus
#define class #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define private #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define public #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define protected #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define template #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define this #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define new #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define delete #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define friend #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#endif
#include <nss_dbdefs.h> #include <nss_dbdefs.h>
#include <nsswitch.h> #include <nsswitch.h>

154
source4/nsswitch/winbind_struct_protocol.h
View File

@ -11,15 +11,6 @@
products. You do not need to give any attribution. products. You do not need to give any attribution.
*/ */
#ifndef CONST_DISCARD
#define CONST_DISCARD(type, ptr) ((type) ((void *) (ptr)))
#endif
#ifndef CONST_ADD
#define CONST_ADD(type, ptr) ((type) ((const void *) (ptr)))
#endif
#ifndef SAFE_FREE #ifndef SAFE_FREE
#define SAFE_FREE(x) do { if(x) {free(x); x=NULL;} } while(0) #define SAFE_FREE(x) do { if(x) {free(x); x=NULL;} } while(0)
#endif #endif
@ -36,28 +27,28 @@
#define WINBINDD_SOCKET_DIR "/tmp/.winbindd" /* Name of PF_UNIX dir */ #define WINBINDD_SOCKET_DIR "/tmp/.winbindd" /* Name of PF_UNIX dir */
#endif #endif
/*
* when compiled with socket_wrapper support
* the location of the WINBINDD_SOCKET_DIR
* can be overwritten via an environment variable
*/
#define WINBINDD_SOCKET_DIR_ENVVAR "WINBINDD_SOCKET_DIR"
#define WINBINDD_PRIV_SOCKET_SUBDIR "winbindd_privileged" /* name of subdirectory of lp_lockdir() to hold the 'privileged' pipe */ #define WINBINDD_PRIV_SOCKET_SUBDIR "winbindd_privileged" /* name of subdirectory of lp_lockdir() to hold the 'privileged' pipe */
#define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN" /* Environment variables */ #define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN" /* Environment variables */
#define WINBINDD_DONT_ENV "_NO_WINBINDD" #define WINBINDD_DONT_ENV "_NO_WINBINDD"
#define WINBINDD_LOCATOR_KDC_ADDRESS "WINBINDD_LOCATOR_KDC_ADDRESS"
#ifdef SOCKET_WRAPPER
#define WINBINDD_SOCKET_DIR_ENV "WINBINDD_SOCKET_DIR"
#endif
/* Update this when you change the interface. */ /* Update this when you change the interface. */
#define WINBIND_INTERFACE_VERSION 18 #define WINBIND_INTERFACE_VERSION 19
/* Have to deal with time_t being 4 or 8 bytes due to structure alignment. /* Have to deal with time_t being 4 or 8 bytes due to structure alignment.
On a 64bit Linux box, we have to support a constant structure size On a 64bit Linux box, we have to support a constant structure size
between /lib/libnss_winbind.so.2 and /li64/libnss_winbind.so.2. between /lib/libnss_winbind.so.2 and /li64/libnss_winbind.so.2.
The easiest way to do this is to always use 8byte values for time_t. */ The easiest way to do this is to always use 8byte values for time_t. */
#if defined(int64) #define SMB_TIME_T int64_t
# define SMB_TIME_T int64
#else
# define SMB_TIME_T time_t
#endif
/* Socket commands */ /* Socket commands */
@ -127,6 +118,7 @@ enum winbindd_cmd {
WINBINDD_DOMAIN_INFO, /* Most of what we know from WINBINDD_DOMAIN_INFO, /* Most of what we know from
struct winbindd_domain */ struct winbindd_domain */
WINBINDD_GETDCNAME, /* Issue a GetDCName Request */ WINBINDD_GETDCNAME, /* Issue a GetDCName Request */
WINBINDD_DSGETDCNAME, /* Issue a DsGetDCName Request */
WINBINDD_SHOW_SEQUENCE, /* display sequence numbers of domains */ WINBINDD_SHOW_SEQUENCE, /* display sequence numbers of domains */
@ -194,30 +186,31 @@ typedef struct winbindd_gr {
fstring gr_name; fstring gr_name;
fstring gr_passwd; fstring gr_passwd;
gid_t gr_gid; gid_t gr_gid;
uint32 num_gr_mem; uint32_t num_gr_mem;
uint32 gr_mem_ofs; /* offset to group membership */ uint32_t gr_mem_ofs; /* offset to group membership */
} WINBINDD_GR; } WINBINDD_GR;
/* PAM specific request flags */
#define WBFLAG_PAM_INFO3_NDR 0x00000001
#define WBFLAG_PAM_INFO3_TEXT 0x00000002
#define WBFLAG_PAM_USER_SESSION_KEY 0x00000004
#define WBFLAG_PAM_LMKEY 0x00000008
#define WBFLAG_PAM_CONTACT_TRUSTDOM 0x00000010
#define WBFLAG_PAM_UNIX_NAME 0x00000080
#define WBFLAG_PAM_AFS_TOKEN 0x00000100
#define WBFLAG_PAM_NT_STATUS_SQUASH 0x00000200
#define WBFLAG_PAM_KRB5 0x00001000
#define WBFLAG_PAM_FALLBACK_AFTER_KRB5 0x00002000
#define WBFLAG_PAM_CACHED_LOGIN 0x00004000
#define WBFLAG_PAM_GET_PWD_POLICY 0x00008000 /* not used */
#define WBFLAG_PAM_INFO3_NDR 0x0001 /* generic request flags */
#define WBFLAG_PAM_INFO3_TEXT 0x0002 #define WBFLAG_QUERY_ONLY 0x00000020 /* not used */
#define WBFLAG_PAM_USER_SESSION_KEY 0x0004
#define WBFLAG_PAM_LMKEY 0x0008
#define WBFLAG_PAM_CONTACT_TRUSTDOM 0x0010
#define WBFLAG_QUERY_ONLY 0x0020
#define WBFLAG_PAM_UNIX_NAME 0x0080
#define WBFLAG_PAM_AFS_TOKEN 0x0100
#define WBFLAG_PAM_NT_STATUS_SQUASH 0x0200
/* This is a flag that can only be sent from parent to child */ /* This is a flag that can only be sent from parent to child */
#define WBFLAG_IS_PRIVILEGED 0x0400 #define WBFLAG_IS_PRIVILEGED 0x00000400 /* not used */
/* Flag to say this is a winbindd internal send - don't recurse. */ /* Flag to say this is a winbindd internal send - don't recurse. */
#define WBFLAG_RECURSE 0x0800 #define WBFLAG_RECURSE 0x00000800
#define WBFLAG_PAM_KRB5 0x1000
#define WBFLAG_PAM_FALLBACK_AFTER_KRB5 0x2000
#define WBFLAG_PAM_CACHED_LOGIN 0x4000
#define WBFLAG_PAM_GET_PWD_POLICY 0x8000 /* not used */
#define WINBINDD_MAX_EXTRA_DATA (128*1024) #define WINBINDD_MAX_EXTRA_DATA (128*1024)
@ -232,12 +225,13 @@ typedef struct winbindd_gr {
******************************************************************************/ ******************************************************************************/
struct winbindd_request { struct winbindd_request {
uint32 length; uint32_t length;
enum winbindd_cmd cmd; /* Winbindd command to execute */ enum winbindd_cmd cmd; /* Winbindd command to execute */
enum winbindd_cmd original_cmd; /* Original Winbindd command enum winbindd_cmd original_cmd; /* Original Winbindd command
issued to parent process */ issued to parent process */
pid_t pid; /* pid of calling process */ pid_t pid; /* pid of calling process */
uint32 flags; /* flags relavant to a given request */ uint32_t wb_flags; /* generic flags */
uint32_t flags; /* flags relevant *only* to a given request */
fstring domain_name; /* name of domain for which the request applies */ fstring domain_name; /* name of domain for which the request applies */
union { union {
@ -257,14 +251,14 @@ struct winbindd_request {
uid_t uid; uid_t uid;
} auth; /* pam_winbind auth module */ } auth; /* pam_winbind auth module */
struct { struct {
unsigned char chal[8]; uint8_t chal[8];
uint32 logon_parameters; uint32_t logon_parameters;
fstring user; fstring user;
fstring domain; fstring domain;
fstring lm_resp; fstring lm_resp;
uint32 lm_resp_len; uint32_t lm_resp_len;
fstring nt_resp; fstring nt_resp;
uint32 nt_resp_len; uint32_t nt_resp_len;
fstring workstation; fstring workstation;
fstring require_membership_of_sid; fstring require_membership_of_sid;
} auth_crap; } auth_crap;
@ -276,14 +270,14 @@ struct winbindd_request {
struct { struct {
fstring user; fstring user;
fstring domain; fstring domain;
unsigned char new_nt_pswd[516]; uint8_t new_nt_pswd[516];
uint16 new_nt_pswd_len; uint16_t new_nt_pswd_len;
unsigned char old_nt_hash_enc[16]; uint8_t old_nt_hash_enc[16];
uint16 old_nt_hash_enc_len; uint16_t old_nt_hash_enc_len;
unsigned char new_lm_pswd[516]; uint8_t new_lm_pswd[516];
uint16 new_lm_pswd_len; uint16_t new_lm_pswd_len;
unsigned char old_lm_hash_enc[16]; uint8_t old_lm_hash_enc[16];
uint16 old_lm_hash_enc_len; uint16_t old_lm_hash_enc_len;
} chng_pswd_auth_crap;/* pam_winbind passwd module */ } chng_pswd_auth_crap;/* pam_winbind passwd module */
struct { struct {
fstring user; fstring user;
@ -295,7 +289,7 @@ struct winbindd_request {
fstring dom_name; /* lookupname */ fstring dom_name; /* lookupname */
fstring name; fstring name;
} name; } name;
uint32 num_entries; /* getpwent, getgrent */ uint32_t num_entries; /* getpwent, getgrent */
struct { struct {
fstring username; fstring username;
fstring groupname; fstring groupname;
@ -310,8 +304,8 @@ struct winbindd_request {
} dual_sid2id; } dual_sid2id;
struct { struct {
fstring sid; fstring sid;
uint32 type; uint32_t type;
uint32 id; uint32_t id;
} dual_idmapset; } dual_idmapset;
bool list_all_domains; bool list_all_domains;
@ -324,8 +318,8 @@ struct winbindd_request {
produce an actual challenge response. It merely produce an actual challenge response. It merely
succeeds if there are cached credentials available succeeds if there are cached credentials available
that could be used. */ that could be used. */
uint32 initial_blob_len; /* blobs in extra_data */ uint32_t initial_blob_len; /* blobs in extra_data */
uint32 challenge_blob_len; uint32_t challenge_blob_len;
} ccache_ntlm_auth; } ccache_ntlm_auth;
/* padding -- needed to fix alignment between 32bit and 64bit libs. /* padding -- needed to fix alignment between 32bit and 64bit libs.
@ -338,7 +332,7 @@ struct winbindd_request {
SMB_TIME_T padding; SMB_TIME_T padding;
char *data; char *data;
} extra_data; } extra_data;
uint32 extra_len; uint32_t extra_len;
char null_term; char null_term;
}; };
@ -364,7 +358,7 @@ struct winbindd_response {
/* Header information */ /* Header information */
uint32 length; /* Length of response */ uint32_t length; /* Length of response */
enum winbindd_result result; /* Result code */ enum winbindd_result result; /* Result code */
/* Fixed length return data */ /* Fixed length return data */
@ -382,7 +376,7 @@ struct winbindd_response {
struct winbindd_gr gr; struct winbindd_gr gr;
uint32 num_entries; /* getpwent, getgrent */ uint32_t num_entries; /* getpwent, getgrent */
struct winbindd_sid { struct winbindd_sid {
fstring sid; /* lookupname, [ug]id_to_sid */ fstring sid; /* lookupname, [ug]id_to_sid */
int type; int type;
@ -403,20 +397,20 @@ struct winbindd_response {
fstring dc_name; fstring dc_name;
struct auth_reply { struct auth_reply {
uint32 nt_status; uint32_t nt_status;
fstring nt_status_string; fstring nt_status_string;
fstring error_string; fstring error_string;
int pam_error; int pam_error;
char user_session_key[16]; char user_session_key[16];
char first_8_lm_hash[8]; char first_8_lm_hash[8];
fstring krb5ccname; fstring krb5ccname;
uint32 reject_reason; uint32_t reject_reason;
uint32 padding; uint32_t padding;
struct policy_settings { struct policy_settings {
uint32 min_length_password; uint32_t min_length_password;
uint32 password_history; uint32_t password_history;
uint32 password_properties; uint32_t password_properties;
uint32 padding; uint32_t padding;
SMB_TIME_T expire; SMB_TIME_T expire;
SMB_TIME_T min_passwordage; SMB_TIME_T min_passwordage;
} policy; } policy;
@ -427,14 +421,14 @@ struct winbindd_response {
SMB_TIME_T pass_last_set_time; SMB_TIME_T pass_last_set_time;
SMB_TIME_T pass_can_change_time; SMB_TIME_T pass_can_change_time;
SMB_TIME_T pass_must_change_time; SMB_TIME_T pass_must_change_time;
uint32 logon_count; uint32_t logon_count;
uint32 bad_pw_count; uint32_t bad_pw_count;
uint32 user_rid; uint32_t user_rid;
uint32 group_rid; uint32_t group_rid;
uint32 num_groups; uint32_t num_groups;
uint32 user_flgs; uint32_t user_flgs;
uint32 acct_flags; uint32_t acct_flags;
uint32 num_other_sids; uint32_t num_other_sids;
fstring dom_sid; fstring dom_sid;
fstring user_name; fstring user_name;
fstring full_name; fstring full_name;
@ -453,18 +447,18 @@ struct winbindd_response {
bool native_mode; bool native_mode;
bool active_directory; bool active_directory;
bool primary; bool primary;
uint32 sequence_number; uint32_t sequence_number;
} domain_info; } domain_info;
struct { struct {
fstring acct_name; fstring acct_name;
fstring full_name; fstring full_name;
fstring homedir; fstring homedir;
fstring shell; fstring shell;
uint32 primary_gid; uint32_t primary_gid;
uint32 group_rid; uint32_t group_rid;
} user_info; } user_info;
struct { struct {
uint32 auth_blob_len; /* blob in extra_data */ uint32_t auth_blob_len; /* blob in extra_data */
} ccache_ntlm_auth; } ccache_ntlm_auth;
} data; } data;
@ -482,8 +476,8 @@ struct WINBINDD_MEMORY_CREDS {
uid_t uid; uid_t uid;
int ref_count; int ref_count;
size_t len; size_t len;
unsigned char *nt_hash; /* Base pointer for the following 2 */ uint8_t *nt_hash; /* Base pointer for the following 2 */
unsigned char *lm_hash; uint8_t *lm_hash;
char *pass; char *pass;
}; };