sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code

Moved winbind client functions from various odd locations to

Browse Source 
nsswitch/wb_client.c

Merge of nsswitch/common.c rename to nsswitch/wb_common.c from TNG.
(This used to be commit f866c18f6b)
This commit is contained in:
Tim Potter 2000-07-10 05:40:43 +00:00
parent 520bb0d775
commit 64299375b5
8 changed files with 240 additions and 168 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
source3/Makefile.in
View File

@ -178,7 +178,8 @@ SMBD_OBJ1 = smbd/server.o smbd/files.o smbd/chgpasswd.o smbd/connection.o \
smbd/vfs.o smbd/vfs-wrap.o smbd/statcache.o \
smbd/unix_acls.o lib/msrpc-client.o lib/msrpc_use.o \
smbd/process.o smbd/service.o smbd/error.o \
printing/printfsp.o nsswitch/common.o lib/util_seaccess.o
printing/printfsp.o nsswitch/wb_common.o lib/util_seaccess.o \
nsswitch/wb_client.o
PRINTING_OBJ = printing/pcap.o printing/print_svid.o printing/print_cups.o printing/load.o
@ -251,7 +252,7 @@ RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \
$(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
$(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_OBJ)
PAM_WINBIND_OBJ = nsswitch/pam_winbind.po nsswitch/common.po
PAM_WINBIND_OBJ = nsswitch/pam_winbind.po nsswitch/wb_common.po
SMBW_OBJ = smbwrapper/smbw.o \
smbwrapper/smbw_dir.o smbwrapper/smbw_stat.o \
@ -330,9 +331,9 @@ WINBINDD_OBJ = \
$(LIBNMB_OBJ) $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
$(NSSWINS_OBJ) $(SIDDB_OBJ) $(LIBSMB_OBJ)
WBINFO_OBJ = nsswitch/wbinfo.o nsswitch/common.o
WBINFO_OBJ = nsswitch/wbinfo.o nsswitch/wb_common.o
WINBIND_NSS_OBJ = nsswitch/winbind.o nsswitch/common.o
WINBIND_NSS_OBJ = nsswitch/winbind.o nsswitch/wb_common.o
WINBIND_NSS_PICOBJS = $(WINBIND_NSS_OBJ:.o=.po)

18
source3/include/proto.h
View File

@ -665,8 +665,6 @@ void file_lines_slashcont(char **lines);
/*The following definitions come from lib/util_seaccess.c */
BOOL winbind_uid_to_sid(uid_t uid, DOM_SID *sid);
BOOL winbind_gid_to_sid(gid_t gid, DOM_SID *sid);
BOOL se_access_check(SEC_DESC *sd, uid_t uid, gid_t gid, int ngroups,
gid_t *groups, uint32 acc_desired,
uint32 *acc_granted, uint32 *status);
@ -1263,14 +1261,23 @@ void initiate_myworkgroup_startup(struct subnet_record *subrec, struct work_reco
void dump_workgroups(BOOL force_write);
void expire_workgroups_and_servers(time_t t);
/*The following definitions come from nsswitch/common.c */
/*The following definitions come from nsswitch/wb_client.c */
BOOL winbind_lookup_name(char *name, DOM_SID *sid, uint8 *name_type);
BOOL winbind_lookup_sid(DOM_SID *sid, fstring dom_name, fstring name,
uint8 *name_type);
BOOL winbind_uid_to_sid(uid_t uid, DOM_SID *sid);
BOOL winbind_gid_to_sid(gid_t gid, DOM_SID *sid);
/*The following definitions come from nsswitch/wb_common.c */
void init_request(struct winbindd_request *req,int rq_type);
void close_sock(void);
int write_sock(void *buffer, int count);
int read_reply(struct winbindd_response *response);
void free_response(struct winbindd_response *response);
enum nss_status winbindd_request(int req_type, struct winbindd_request *request,
enum nss_status winbindd_request(int req_type,
struct winbindd_request *request,
struct winbindd_response *response);
/*The following definitions come from param/loadparm.c */
@ -1670,7 +1677,6 @@ BOOL get_specific_param(NT_PRINTER_INFO_LEVEL printer, uint32 level,
fstring value, uint8 **data, uint32 *type, uint32 *len);
uint32 nt_printing_setsec(char *printername, struct current_user *user,
SEC_DESC_BUF *secdesc_ctr);
BOOL winbind_lookup_name(char *name, DOM_SID *sid, uint8 *name_type);
BOOL nt_printing_getsec(char *printername, SEC_DESC_BUF **secdesc_ctr);
BOOL print_access_check(struct current_user *user, int snum,
uint32 required_access);
@ -2916,8 +2922,6 @@ BOOL api_netdfs_rpc(pipes_struct *p);
/*The following definitions come from rpc_server/srv_lsa.c */
#if OLD_NTDOMAIN
BOOL winbind_lookup_sid(DOM_SID *sid, fstring dom_name, fstring name,
uint8 *name_type);
BOOL api_ntlsa_rpc(pipes_struct *p);
#endif

64
source3/lib/util_seaccess.c
View File

@ -25,70 +25,6 @@
extern int DEBUGLEVEL;
/* Call winbindd to convert uid to sid */
BOOL winbind_uid_to_sid(uid_t uid, DOM_SID *sid)
{
struct winbindd_request request;
struct winbindd_response response;
int result;
if (!sid) return False;
/* Initialise request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
request.data.uid = uid;
/* Make request */
result = winbindd_request(WINBINDD_UID_TO_SID, &request, &response);
/* Copy out result */
if (result == NSS_STATUS_SUCCESS) {
string_to_sid(sid, response.data.sid.sid);
} else {
sid_copy(sid, &global_sid_NULL);
}
return (result == NSS_STATUS_SUCCESS);
}
/* Call winbindd to convert uid to sid */
BOOL winbind_gid_to_sid(gid_t gid, DOM_SID *sid)
{
struct winbindd_request request;
struct winbindd_response response;
int result;
if (!sid) return False;
/* Initialise request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
request.data.gid = gid;
/* Make request */
result = winbindd_request(WINBINDD_GID_TO_SID, &request, &response);
/* Copy out result */
if (result == NSS_STATUS_SUCCESS) {
string_to_sid(sid, response.data.sid.sid);
} else {
sid_copy(sid, &global_sid_NULL);
}
return (result == NSS_STATUS_SUCCESS);
}
/* Process an access allowed ACE */
static BOOL ace_grant(uint32 mask, uint32 *acc_desired, uint32 *acc_granted)

174
source3/nsswitch/wb_client.c Normal file
View File

@ -0,0 +1,174 @@
/*
Unix SMB/Netbios implementation.
Version 2.0
winbind client code
Copyright (C) Tim Potter 2000
Copyright (C) Andrew Tridgell 2000
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public
License as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Library General Public License for more details.
You should have received a copy of the GNU Library General Public
License along with this library; if not, write to the
Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
#include "includes.h"
/* Call winbindd to convert a name to a sid */
BOOL winbind_lookup_name(char *name, DOM_SID *sid, uint8 *name_type)
{
struct winbindd_request request;
struct winbindd_response response;
enum nss_status result;
if (!sid || !name_type) return False;
/* Send off request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
fstrcpy(request.data.name, name);
if ((result = winbindd_request(WINBINDD_LOOKUPNAME, &request,
&response)) == NSS_STATUS_SUCCESS) {
string_to_sid(sid, response.data.sid.sid);
*name_type = response.data.sid.type;
}
return result == NSS_STATUS_SUCCESS;
}
/* Call winbindd to convert sid to name */
BOOL winbind_lookup_sid(DOM_SID *sid, fstring dom_name, fstring name,
uint8 *name_type)
{
struct winbindd_request request;
struct winbindd_response response;
enum nss_status result;
DOM_SID tmp_sid;
uint32 rid;
fstring sid_str;
if (!name_type) return False;
/* Check if this is our own sid. This should perhaps be done by
winbind? For the moment handle it here. */
if (sid->num_auths == 5) {
sid_copy(&tmp_sid, sid);
sid_split_rid(&tmp_sid, &rid);
if (sid_equal(&global_sam_sid, &tmp_sid)) {
return map_domain_sid_to_name(&tmp_sid, dom_name) &&
lookup_local_rid(rid, name, name_type);
}
}
/* Initialise request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
sid_to_string(sid_str, sid);
fstrcpy(request.data.sid, sid_str);
/* Make request */
result = winbindd_request(WINBINDD_LOOKUPSID, &request, &response);
/* Copy out result */
if (result == NSS_STATUS_SUCCESS) {
parse_domain_user(response.data.name.name, dom_name, name);
*name_type = response.data.name.type;
} else {
DEBUG(10,("winbind_lookup_sid: winbind lookup for %s failed - trying builtin.\n",
sid_str));
sid_copy(&tmp_sid, sid);
sid_split_rid(&tmp_sid, &rid);
return map_domain_sid_to_name(&tmp_sid, dom_name) &&
lookup_known_rid(&tmp_sid, rid, name, name_type);
}
return (result == NSS_STATUS_SUCCESS);
}
/* Call winbindd to convert uid to sid */
BOOL winbind_uid_to_sid(uid_t uid, DOM_SID *sid)
{
struct winbindd_request request;
struct winbindd_response response;
int result;
if (!sid) return False;
/* Initialise request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
request.data.uid = uid;
/* Make request */
result = winbindd_request(WINBINDD_UID_TO_SID, &request, &response);
/* Copy out result */
if (result == NSS_STATUS_SUCCESS) {
string_to_sid(sid, response.data.sid.sid);
} else {
sid_copy(sid, &global_sid_NULL);
}
return (result == NSS_STATUS_SUCCESS);
}
/* Call winbindd to convert uid to sid */
BOOL winbind_gid_to_sid(gid_t gid, DOM_SID *sid)
{
struct winbindd_request request;
struct winbindd_response response;
int result;
if (!sid) return False;
/* Initialise request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
request.data.gid = gid;
/* Make request */
result = winbindd_request(WINBINDD_GID_TO_SID, &request, &response);
/* Copy out result */
if (result == NSS_STATUS_SUCCESS) {
string_to_sid(sid, response.data.sid.sid);
} else {
sid_copy(sid, &global_sid_NULL);
}
return (result == NSS_STATUS_SUCCESS);
}

0
source3/nsswitch/common.c → source3/nsswitch/wb_common.c
View File

59
source3/nsswitch/winbindd_util.c
View File

@ -45,10 +45,10 @@ static BOOL resolve_dc_name(char *domain_name, fstring domain_controller)
if (!resolve_name(domain_name, &ip, 0x1B)) return False;
return lookup_pdc_name(global_myname, domain_name, &ip, domain_controller);
return lookup_pdc_name(global_myname, domain_name, &ip,
domain_controller);
}
static struct winbindd_domain *add_trusted_domain(char *domain_name)
{
struct winbindd_domain *domain;
@ -90,7 +90,8 @@ static BOOL get_trusted_domains(void)
/* Add our workgroup - keep handle to look up trusted domains */
if (!add_trusted_domain(lp_workgroup())) {
DEBUG(0, ("could not add record for domain %s\n", lp_workgroup()));
DEBUG(0, ("could not add record for domain %s\n",
lp_workgroup()));
return False;
}
@ -103,7 +104,8 @@ static BOOL get_trusted_domains(void)
/* Add each domain to the trusted domain list */
for(i = 0; i < num_doms; i++) {
if (!add_trusted_domain(domains[i])) {
DEBUG(0, ("could not add record for domain %s\n", domains[i]));
DEBUG(0, ("could not add record for domain %s\n",
domains[i]));
result = False;
}
}
@ -126,7 +128,9 @@ static BOOL open_sam_handles(struct winbindd_domain *domain)
}
if ((domain->sam_handle_open && !rpc_hnd_ok(&domain->sam_handle)) ||
(domain->sam_dom_handle_open && !rpc_hnd_ok(&domain->sam_dom_handle))) {
(domain->sam_dom_handle_open &&
!rpc_hnd_ok(&domain->sam_dom_handle))) {
domain->got_domain_info = get_domain_info(domain);
if (domain->sam_dom_handle_open) {
samr_close(&domain->sam_dom_handle);
@ -139,49 +143,86 @@ static BOOL open_sam_handles(struct winbindd_domain *domain)
}
/* Open sam handle if it isn't already open */
if (!domain->sam_handle_open) {
domain->sam_handle_open =
samr_connect(domain->controller, SEC_RIGHTS_MAXIMUM_ALLOWED,
samr_connect(domain->controller,
SEC_RIGHTS_MAXIMUM_ALLOWED,
&domain->sam_handle);
if (!domain->sam_handle_open) return False;
}
/* Open sam domain handle if it isn't already open */
if (!domain->sam_dom_handle_open) {
domain->sam_dom_handle_open =
samr_open_domain(&domain->sam_handle,
SEC_RIGHTS_MAXIMUM_ALLOWED, &domain->sid,
&domain->sam_dom_handle);
SEC_RIGHTS_MAXIMUM_ALLOWED,
&domain->sid, &domain->sam_dom_handle);
if (!domain->sam_dom_handle_open) return False;
}
return True;
}
/* Close all LSA and SAM connections */
static void winbindd_kill_connections(void)
{
struct winbindd_cli_state *cli;
struct winbindd_domain *domain;
DEBUG(1,("killing winbindd connections\n"));
/* Close LSA connection */
server_state.pwdb_initialised = False;
server_state.lsa_handle_open = False;
lsa_close(&server_state.lsa_handle);
for (domain=domain_list; domain; domain=domain->next) {
/* Close SAM connections */
domain = domain_list;
while(domain) {
struct winbindd_domain *next;
/* Close SAM handles */
if (domain->sam_dom_handle_open) {
samr_close(&domain->sam_dom_handle);
domain->sam_dom_handle_open = False;
}
if (domain->sam_handle_open) {
samr_close(&domain->sam_handle);
domain->sam_handle_open = False;
}
/* Remove from list */
next = domain->next;
DLIST_REMOVE(domain_list, domain);
free(domain);
domain = next;
}
/* We also need to go through and trash any pointers to domains in
get{pw,gr}ent state records */
for (cli = client_list; cli; cli = cli->next) {
free_getent_state(cli->getpwent_state);
free_getent_state(cli->getgrent_state);
}
}
/* Try to establish connections to NT servers */
void establish_connections(void)
{
struct winbindd_domain *domain;

25
source3/printing/nt_printing.c
View File

@ -1583,31 +1583,6 @@ uint32 nt_printing_setsec(char *printername, struct current_user *user,
return status;
}
/* Call winbindd to convert a name to a sid */
BOOL winbind_lookup_name(char *name, DOM_SID *sid, uint8 *name_type)
{
struct winbindd_request request;
struct winbindd_response response;
enum nss_status result;
if (!sid || !name_type) return False;
/* Send off request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
fstrcpy(request.data.name, name);
if ((result = winbindd_request(WINBINDD_LOOKUPNAME, &request,
&response)) == NSS_STATUS_SUCCESS) {
string_to_sid(sid, response.data.sid.sid);
*name_type = response.data.sid.type;
}
return result == NSS_STATUS_SUCCESS;
}
/****************************************************************************
Construct a default security descriptor buffer for a printer.
****************************************************************************/

59
source3/rpc_server/srv_lsa.c
View File

@ -279,65 +279,6 @@ static void init_reply_lookup_names(LSA_R_LOOKUP_NAMES *r_l,
r_l->status = 0x0;
}
/* Call winbindd to convert sid to name */
BOOL winbind_lookup_sid(DOM_SID *sid, fstring dom_name, fstring name,
uint8 *name_type)
{
struct winbindd_request request;
struct winbindd_response response;
enum nss_status result;
DOM_SID tmp_sid;
uint32 rid;
fstring sid_str;
if (!name_type) return False;
/* Check if this is our own sid. This should perhaps be done by
winbind? For the moment handle it here. */
if (sid->num_auths == 5) {
sid_copy(&tmp_sid, sid);
sid_split_rid(&tmp_sid, &rid);
if (sid_equal(&global_sam_sid, &tmp_sid)) {
return map_domain_sid_to_name(&tmp_sid, dom_name) &&
lookup_local_rid(rid, name, name_type);
}
}
/* Initialise request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
sid_to_string(sid_str, sid);
fstrcpy(request.data.sid, sid_str);
/* Make request */
result = winbindd_request(WINBINDD_LOOKUPSID, &request, &response);
/* Copy out result */
if (result == NSS_STATUS_SUCCESS) {
parse_domain_user(response.data.name.name, dom_name, name);
*name_type = response.data.name.type;
} else {
DEBUG(10,("winbind_lookup_sid: winbind lookup for %s failed - trying builtin.\n",
sid_str));
sid_copy(&tmp_sid, sid);
sid_split_rid(&tmp_sid, &rid);
return map_domain_sid_to_name(&tmp_sid, dom_name) &&
lookup_known_rid(&tmp_sid, rid, name, name_type);
}
return (result == NSS_STATUS_SUCCESS);
}
/***************************************************************************
Init lsa_trans_names.
***************************************************************************/