s4-winbind: Add support for the WINBINDD_LIST_GROUPS command.

nsswitch/tests/test_wbinfo.sh

@@ -54,8 +54,7 @@ knownfail() {
 # List users
 testit "wbinfo -u against $TARGET" $wbinfo -u || failed=`expr $failed + 1`
 # List groups
-# Does not work yet
-knownfail "wbinfo -g against $TARGET" $wbinfo -g || failed=`expr $failed + 1`
+testit "wbinfo -g against $TARGET" $wbinfo -g || failed=`expr $failed + 1`
 # Convert netbios name to IP
 # Does not work yet
 knownfail "wbinfo -N against $TARGET" $wbinfo -N $NETBIOSNAME || failed=`expr $failed + 1`

source4/winbind/config.mk

@@ -46,6 +46,7 @@ WINBIND_OBJ_FILES = $(addprefix $(winbindsrcdir)/, \
 		wb_cmd_getpwuid.o \
 		wb_cmd_userdomgroups.o \
 		wb_cmd_usersids.o \
+		wb_cmd_list_groups.o \
 		wb_cmd_list_trustdom.o \
 		wb_cmd_list_users.o \
 		wb_cmd_setpwent.o \

source4/winbind/wb_cmd_list_groups.c

@@ -0,0 +1,200 @@
+/*
+   Unix SMB/CIFS implementation.
+
+   Command backend for wbinfo -g
+
+   Copyright (C) Kai Blin 2009
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "libcli/composite/composite.h"
+#include "winbind/wb_server.h"
+#include "winbind/wb_async_helpers.h"
+#include "winbind/wb_helper.h"
+#include "smbd/service_task.h"
+#include "libnet/libnet_proto.h"
+
+struct cmd_list_groups_state {
+	struct composite_context *ctx;
+	struct wbsrv_service *service;
+
+	struct wbsrv_domain *domain;
+	char *domain_name;
+	uint32_t resume_index;
+	char *result;
+};
+
+static void cmd_list_groups_recv_domain(struct composite_context *ctx);
+static void cmd_list_groups_recv_group_list(struct composite_context *ctx);
+
+struct composite_context *wb_cmd_list_groups_send(TALLOC_CTX *mem_ctx,
+		struct wbsrv_service *service, const char *domain_name)
+{
+	struct composite_context *ctx, *result;
+	struct cmd_list_groups_state *state;
+
+	DEBUG(5, ("wb_cmd_list_groups_send called\n"));
+
+	result = composite_create(mem_ctx, service->task->event_ctx);
+	if (!result) return NULL;
+
+	state = talloc(result, struct cmd_list_groups_state);
+	if (composite_nomem(state, result)) return result;
+
+	state->ctx = result;
+	result->private_data = state;
+	state->service = service;
+	state->resume_index = 0;
+	state->result = talloc_strdup(state, "");
+	if (composite_nomem(state->result, state->ctx)) return result;
+
+	/*FIXME: We should look up the domain in the winbind request if it is
+	 * set, not just take the primary domain. However, I want to get the
+	 * libnet logic to work first. */
+
+	if (domain_name && *domain_name != '\0') {
+		state->domain_name = talloc_strdup(state, domain_name);
+		if (composite_nomem(state->domain_name, state->ctx))
+			return result;
+	} else {
+		state->domain_name = NULL;
+	}
+
+	ctx = wb_sid2domain_send(state, service, service->primary_sid);
+	if (composite_nomem(ctx, state->ctx)) return result;
+
+	composite_continue(state->ctx, ctx, cmd_list_groups_recv_domain, state);
+	return result;
+}
+
+static void cmd_list_groups_recv_domain(struct composite_context *ctx)
+{
+	struct cmd_list_groups_state *state = talloc_get_type(
+			ctx->async.private_data, struct cmd_list_groups_state);
+	struct wbsrv_domain *domain;
+	struct libnet_GroupList *group_list;
+
+	DEBUG(5, ("cmd_list_groups_recv_domain called\n"));
+
+	state->ctx->status = wb_sid2domain_recv(ctx, &domain);
+	if (!composite_is_ok(state->ctx)) return;
+
+	state->domain = domain;
+
+	/* If this is non-null, we've looked up the domain given in the winbind
+	 * request, otherwise we'll just use the default name.*/
+	if (state->domain_name == NULL) {
+		state->domain_name = talloc_strdup(state,
+				domain->libnet_ctx->samr.name);
+		if (composite_nomem(state->domain_name, state->ctx)) return;
+	}
+
+	group_list = talloc(state, struct libnet_GroupList);
+	if (composite_nomem(group_list, state->ctx)) return;
+
+	group_list->in.domain_name = state->domain_name;
+
+	/* Rafal suggested that 128 is a good number here. I don't like magic
+	 * numbers too much, but for now it'll have to do.
+	 */
+	group_list->in.page_size = 128;
+	group_list->in.resume_index = state->resume_index;
+
+	ctx = libnet_GroupList_send(domain->libnet_ctx, state, group_list,NULL);
+
+	composite_continue(state->ctx, ctx, cmd_list_groups_recv_group_list,
+			state);
+}
+
+static void cmd_list_groups_recv_group_list(struct composite_context *ctx)
+{
+	struct cmd_list_groups_state *state = talloc_get_type(
+			ctx->async.private_data, struct cmd_list_groups_state);
+	struct libnet_GroupList *group_list;
+	NTSTATUS status;
+	int i;
+
+	DEBUG(5, ("cmd_list_groups_recv_group_list called\n"));
+
+	group_list = talloc(state, struct libnet_GroupList);
+	if (composite_nomem(group_list, state->ctx)) return;
+
+	status = libnet_GroupList_recv(ctx, state, group_list);
+
+	/* If NTSTATUS is neither OK nor MORE_ENTRIES, something broke */
+	if (!NT_STATUS_IS_OK(status) &&
+	     !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
+		composite_error(state->ctx, status);
+		return;
+	}
+
+	for (i = 0; i < group_list->out.count; ++i) {
+		DEBUG(5, ("Appending group '%s'\n",
+			  group_list->out.groups[i].groupname));
+		state->result = talloc_asprintf_append_buffer(state->result,
+					"%s,",
+					group_list->out.groups[i].groupname);
+	}
+
+	/* If the status is OK, we're finished, there's no more groups.
+	 * So we'll trim off the trailing ',' and are done.*/
+	if (NT_STATUS_IS_OK(status)) {
+		int str_len = strlen(state->result);
+		DEBUG(5, ("list_GroupList_recv returned NT_STATUS_OK\n"));
+		state->result[str_len - 1] = '\0';
+		composite_done(state->ctx);
+		return;
+	}
+
+	DEBUG(5, ("list_GroupList_recv returned NT_STATUS_MORE_ENTRIES\n"));
+
+	/* Otherwise there's more groups to get, so call out to libnet and
+	 * continue on this function here. */
+
+	group_list->in.domain_name = state->domain_name;
+	/* See comment above about the page size. 128 seems like a good default.
+	 */
+	group_list->in.page_size = 128;
+	group_list->in.resume_index = group_list->out.resume_index;
+
+	ctx = libnet_GroupList_send(state->domain->libnet_ctx, state,group_list,
+			NULL);
+
+	composite_continue(state->ctx, ctx, cmd_list_groups_recv_group_list,
+			state);
+}
+
+NTSTATUS wb_cmd_list_groups_recv(struct composite_context *ctx,
+		TALLOC_CTX *mem_ctx, uint32_t *extra_data_len,
+		char **extra_data)
+{
+	NTSTATUS status = composite_wait(ctx);
+
+	DEBUG(5, ("wb_cmd_list_groups_recv called\n"));
+
+	if (NT_STATUS_IS_OK(status)) {
+		struct cmd_list_groups_state *state = talloc_get_type(
+			ctx->private_data, struct cmd_list_groups_state);
+
+		*extra_data_len = strlen(state->result);
+		*extra_data = talloc_steal(mem_ctx, state->result);
+	}
+
+	talloc_free(ctx);
+	return status;
+}
+
+

source4/winbind/wb_samba3_cmd.c

@@ -5,6 +5,7 @@
    Copyright (C) Stefan Metzmacher	2005
    Copyright (C) Volker Lendecke	2005
    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
+   Copyright (C) Kai Blin		2009
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -679,6 +680,50 @@ static void list_trustdom_recv_doms(struct composite_context *ctx)
 	wbsrv_samba3_async_epilogue(status, s3call);
 }
 
+/* list groups */
+static void list_groups_recv(struct composite_context *ctx);
+
+NTSTATUS wbsrv_samba3_list_groups(struct wbsrv_samba3_call *s3call)
+{
+	struct composite_context *ctx;
+	struct wbsrv_service *service = s3call->wbconn->listen_socket->service;
+
+	DEBUG(5, ("wbsrv_samba4_list_groups called\n"));
+
+	ctx = wb_cmd_list_groups_send(s3call, service,
+				      s3call->request.domain_name);
+	NT_STATUS_HAVE_NO_MEMORY(ctx);
+
+	ctx->async.fn = list_groups_recv;
+	ctx->async.private_data = s3call;
+	s3call->flags |= WBSRV_CALL_FLAGS_REPLY_ASYNC;
+	return NT_STATUS_OK;
+}
+
+static void list_groups_recv(struct composite_context *ctx)
+{
+	struct wbsrv_samba3_call *s3call = talloc_get_type_abort(
+						ctx->async.private_data,
+						struct wbsrv_samba3_call);
+	uint32_t extra_data_len;
+	char *extra_data;
+	NTSTATUS status;
+
+	DEBUG(5, ("list_groups_recv called\n"));
+
+	status = wb_cmd_list_groups_recv(ctx, s3call, &extra_data_len,
+			&extra_data);
+
+	if (NT_STATUS_IS_OK(status)) {
+		s3call->response.extra_data.data = extra_data;
+		s3call->response.length += extra_data_len;
+		if (extra_data) {
+			s3call->response.length += 1;
+		}
+	}
+
+	wbsrv_samba3_async_epilogue(status, s3call);
+}
 
 /* List users */
 

source4/winbind/wb_samba3_protocol.c

@@ -117,6 +117,9 @@ NTSTATUS wbsrv_samba3_handle_call(struct wbsrv_samba3_call *s3call)
 	case WINBINDD_GETUSERSIDS:
 		return wbsrv_samba3_usersids(s3call);
 
+	case WINBINDD_LIST_GROUPS:
+		return wbsrv_samba3_list_groups(s3call);
+
 	case WINBINDD_LIST_TRUSTDOM:
 		return wbsrv_samba3_list_trustdom(s3call);
 
@@ -177,7 +180,6 @@ NTSTATUS wbsrv_samba3_handle_call(struct wbsrv_samba3_call *s3call)
 	case WINBINDD_PAM_CHAUTHTOK:
 	case WINBINDD_PAM_LOGOFF:
 	case WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP:
-	case WINBINDD_LIST_GROUPS:
 	case WINBINDD_LOOKUPRIDS:
 	case WINBINDD_SIDS_TO_XIDS:
 	case WINBINDD_ALLOCATE_UID: