sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Code

added the beginnings of ADS support in smbd

Browse Source
This commit is contained in:
Andrew Tridgell 0001-01-01 00:00:00 +00:00
parent 1e833f3564
commit c7f6116919
7 changed files with 554 additions and 133 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
source/Makefile.in
View File

@ -131,6 +131,8 @@ UBIQX_OBJ = ubiqx/ubi_BinTree.o ubiqx/ubi_Cache.o ubiqx/ubi_SplayTree.o \
PARAM_OBJ = param/loadparm.o param/params.o dynconfig.o
LIBADS_OBJ = libads/ldap.o
LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \
libsmb/clikrb5.o libsmb/clispnego.o libsmb/asn1.o \
libsmb/clirap.o libsmb/clierror.o libsmb/climessage.o \
@ -140,7 +142,8 @@ LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \
libsmb/nterr.o libsmb/smbdes.o libsmb/smbencrypt.o \
libsmb/smberr.o libsmb/credentials.o libsmb/pwd_cache.o \
libsmb/clioplock.o libsmb/errormap.o libsmb/clirap2.o \
libsmb/passchange.o libsmb/unexpected.o $(RPC_PARSE_OBJ1)
libsmb/passchange.o libsmb/unexpected.o $(RPC_PARSE_OBJ1) \
$(LIBADS_OBJ)
LIBMSRPC_OBJ = libsmb/cli_lsarpc.o libsmb/cli_samr.o libsmb/cli_spoolss.o \
libsmb/cli_netlogon.o libsmb/cli_srvsvc.o libsmb/cli_dfs.o \

1
source/acconfig.h
View File

@ -182,3 +182,4 @@
#undef I18N_DEFAULT_PREF_LANG
#undef HAVE_KRB5
#undef BROKEN_REDHAT_7_SYSTEM_HEADERS
#undef HAVE_LDAP

302
source/configure vendored
View File

@ -2154,7 +2154,7 @@ else
fi
done
for ac_hdr in security/pam_modules.h security/_pam_macros.h
for ac_hdr in security/pam_modules.h security/_pam_macros.h ldap.h sasl.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
@ -5134,7 +5134,7 @@ else
fi
done
for ac_func in fstat strchr utime utimes getrlimit fsync bzero memset
for ac_func in fstat strchr utime utimes getrlimit fsync bzero memset strlcpy strlcat
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
echo "configure:5141: checking for $ac_func" >&5
@ -11280,12 +11280,95 @@ else
fi
##################################################################
# we might need the k5crypto and com_err libraries on some systems
echo $ac_n "checking for _et_list in -lcom_err""... $ac_c" 1>&6
echo "configure:11287: checking for _et_list in -lcom_err" >&5
ac_lib_var=`echo com_err'_'_et_list | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_save_LIBS="$LIBS"
LIBS="-lcom_err $LIBS"
cat > conftest.$ac_ext <<EOF
#line 11295 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char _et_list();
int main() {
_et_list()
; return 0; }
EOF
if { (eval echo configure:11306: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
echo "configure: failed program was:" >&5
cat conftest.$ac_ext >&5
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=no"
fi
rm -f conftest*
LIBS="$ac_save_LIBS"
fi
if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
echo "$ac_t""yes" 1>&6
LIBS="$LIBS -lcom_err"
else
echo "$ac_t""no" 1>&6
fi
echo $ac_n "checking for krb5_encrypt_data in -lk5crypto""... $ac_c" 1>&6
echo "configure:11327: checking for krb5_encrypt_data in -lk5crypto" >&5
ac_lib_var=`echo k5crypto'_'krb5_encrypt_data | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_save_LIBS="$LIBS"
LIBS="-lk5crypto $LIBS"
cat > conftest.$ac_ext <<EOF
#line 11335 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char krb5_encrypt_data();
int main() {
krb5_encrypt_data()
; return 0; }
EOF
if { (eval echo configure:11346: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
echo "configure: failed program was:" >&5
cat conftest.$ac_ext >&5
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=no"
fi
rm -f conftest*
LIBS="$ac_save_LIBS"
fi
if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
echo "$ac_t""yes" 1>&6
LIBS="$LIBS -lk5crypto"
else
echo "$ac_t""no" 1>&6
fi
########################################################
# now see if we can find the krb5 libs in standard paths
if test x$have_krb5 != xyes; then
echo $ac_n "checking for krb5_mk_req_extended in -lkrb5""... $ac_c" 1>&6
echo "configure:11289: checking for krb5_mk_req_extended in -lkrb5" >&5
echo "configure:11372: checking for krb5_mk_req_extended in -lkrb5" >&5
ac_lib_var=`echo krb5'_'krb5_mk_req_extended | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@ -11293,7 +11376,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lkrb5 $LIBS"
cat > conftest.$ac_ext <<EOF
#line 11297 "configure"
#line 11380 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@ -11304,7 +11387,7 @@ int main() {
krb5_mk_req_extended()
; return 0; }
EOF
if { (eval echo configure:11308: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:11391: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@ -11330,29 +11413,30 @@ fi
fi
##################################################################
# we might need the k5crypto and com_err libraries on some systems
echo $ac_n "checking for _et_list in -lcom_err""... $ac_c" 1>&6
echo "configure:11337: checking for _et_list in -lcom_err" >&5
ac_lib_var=`echo com_err'_'_et_list | sed 'y%./+-%__p_%'`
########################################################
# now see if we can find the ldap libs in standard paths
if test x$have_ldap != xyes; then
echo $ac_n "checking for ldap_open in -lldap""... $ac_c" 1>&6
echo "configure:11421: checking for ldap_open in -lldap" >&5
ac_lib_var=`echo ldap'_'ldap_open | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_save_LIBS="$LIBS"
LIBS="-lcom_err $LIBS"
LIBS="-lldap $LIBS"
cat > conftest.$ac_ext <<EOF
#line 11345 "configure"
#line 11429 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char _et_list();
char ldap_open();
int main() {
_et_list()
ldap_open()
; return 0; }
EOF
if { (eval echo configure:11356: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:11440: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@ -11367,56 +11451,22 @@ LIBS="$ac_save_LIBS"
fi
if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
echo "$ac_t""yes" 1>&6
LIBS="$LIBS -lcom_err"
else
echo "$ac_t""no" 1>&6
fi
echo $ac_n "checking for krb5_encrypt_data in -lk5crypto""... $ac_c" 1>&6
echo "configure:11377: checking for krb5_encrypt_data in -lk5crypto" >&5
ac_lib_var=`echo k5crypto'_'krb5_encrypt_data | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_save_LIBS="$LIBS"
LIBS="-lk5crypto $LIBS"
cat > conftest.$ac_ext <<EOF
#line 11385 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char krb5_encrypt_data();
int main() {
krb5_encrypt_data()
; return 0; }
LIBS="$LIBS -lldap -llber";
cat >> confdefs.h <<\EOF
#define HAVE_LDAP 1
EOF
if { (eval echo configure:11396: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
echo "configure: failed program was:" >&5
cat conftest.$ac_ext >&5
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=no"
fi
rm -f conftest*
LIBS="$ac_save_LIBS"
fi
if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
echo "$ac_t""yes" 1>&6
LIBS="$LIBS -lk5crypto"
else
echo "$ac_t""no" 1>&6
fi
fi
#################################################
# check for automount support
echo $ac_n "checking whether to use AUTOMOUNT""... $ac_c" 1>&6
echo "configure:11420: checking whether to use AUTOMOUNT" >&5
echo "configure:11470: checking whether to use AUTOMOUNT" >&5
# Check whether --with-automount or --without-automount was given.
if test "${with_automount+set}" = set; then
withval="$with_automount"
@ -11441,7 +11491,7 @@ fi
#################################################
# check for smbmount support
echo $ac_n "checking whether to use SMBMOUNT""... $ac_c" 1>&6
echo "configure:11445: checking whether to use SMBMOUNT" >&5
echo "configure:11495: checking whether to use SMBMOUNT" >&5
# Check whether --with-smbmount or --without-smbmount was given.
if test "${with_smbmount+set}" = set; then
withval="$with_smbmount"
@ -11478,7 +11528,7 @@ fi
# check for a PAM clear-text auth, accounts, password and session support
with_pam_for_crypt=no
echo $ac_n "checking whether to use PAM""... $ac_c" 1>&6
echo "configure:11482: checking whether to use PAM" >&5
echo "configure:11532: checking whether to use PAM" >&5
# Check whether --with-pam or --without-pam was given.
if test "${with_pam+set}" = set; then
withval="$with_pam"
@ -11504,7 +11554,7 @@ fi
# we can't build a pam module if we don't have pam.
echo $ac_n "checking for pam_get_data in -lpam""... $ac_c" 1>&6
echo "configure:11508: checking for pam_get_data in -lpam" >&5
echo "configure:11558: checking for pam_get_data in -lpam" >&5
ac_lib_var=`echo pam'_'pam_get_data | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@ -11512,7 +11562,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lpam $LIBS"
cat > conftest.$ac_ext <<EOF
#line 11516 "configure"
#line 11566 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@ -11523,7 +11573,7 @@ int main() {
pam_get_data()
; return 0; }
EOF
if { (eval echo configure:11527: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:11577: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@ -11550,7 +11600,7 @@ fi
#################################################
# check for pam_smbpass support
echo $ac_n "checking whether to use pam_smbpass""... $ac_c" 1>&6
echo "configure:11554: checking whether to use pam_smbpass" >&5
echo "configure:11604: checking whether to use pam_smbpass" >&5
# Check whether --with-pam_smbpass or --without-pam_smbpass was given.
if test "${with_pam_smbpass+set}" = set; then
withval="$with_pam_smbpass"
@ -11588,12 +11638,12 @@ if test $with_pam_for_crypt = no; then
for ac_func in crypt
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
echo "configure:11592: checking for $ac_func" >&5
echo "configure:11642: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 11597 "configure"
#line 11647 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@ -11616,7 +11666,7 @@ $ac_func();
; return 0; }
EOF
if { (eval echo configure:11620: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:11670: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@ -11642,7 +11692,7 @@ done
if test x"$ac_cv_func_crypt" = x"no"; then
echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6
echo "configure:11646: checking for crypt in -lcrypt" >&5
echo "configure:11696: checking for crypt in -lcrypt" >&5
ac_lib_var=`echo crypt'_'crypt | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@ -11650,7 +11700,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lcrypt $LIBS"
cat > conftest.$ac_ext <<EOF
#line 11654 "configure"
#line 11704 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@ -11661,7 +11711,7 @@ int main() {
crypt()
; return 0; }
EOF
if { (eval echo configure:11665: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:11715: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@ -11696,7 +11746,7 @@ fi
##
if test $with_pam_for_crypt = no; then
echo $ac_n "checking for a crypt that needs truncated salt""... $ac_c" 1>&6
echo "configure:11700: checking for a crypt that needs truncated salt" >&5
echo "configure:11750: checking for a crypt that needs truncated salt" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_TRUNCATED_SALT'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -11705,11 +11755,11 @@ if test "$cross_compiling" = yes; then
samba_cv_HAVE_TRUNCATED_SALT=cross
else
cat > conftest.$ac_ext <<EOF
#line 11709 "configure"
#line 11759 "configure"
#include "confdefs.h"
#include "${srcdir-.}/tests/crypttest.c"
EOF
if { (eval echo configure:11713: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:11763: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
samba_cv_HAVE_TRUNCATED_SALT=no
else
@ -11747,7 +11797,7 @@ with_smbpasswd_sam=yes
#################################################
# check for a TDB password database
echo $ac_n "checking whether to use TDB SAM database""... $ac_c" 1>&6
echo "configure:11751: checking whether to use TDB SAM database" >&5
echo "configure:11801: checking whether to use TDB SAM database" >&5
# Check whether --with-tdbsam or --without-tdbsam was given.
if test "${with_tdbsam+set}" = set; then
withval="$with_tdbsam"
@ -11773,7 +11823,7 @@ fi
#################################################
# check for a LDAP password database
echo $ac_n "checking whether to use LDAP SAM database""... $ac_c" 1>&6
echo "configure:11777: checking whether to use LDAP SAM database" >&5
echo "configure:11827: checking whether to use LDAP SAM database" >&5
# Check whether --with-ldapsam or --without-ldapsam was given.
if test "${with_ldapsam+set}" = set; then
withval="$with_ldapsam"
@ -11800,7 +11850,7 @@ fi
#################################################
# check for a NISPLUS password database
echo $ac_n "checking whether to use NISPLUS SAM database""... $ac_c" 1>&6
echo "configure:11804: checking whether to use NISPLUS SAM database" >&5
echo "configure:11854: checking whether to use NISPLUS SAM database" >&5
# Check whether --with-nisplussam or --without-nisplussam was given.
if test "${with_nisplussam+set}" = set; then
withval="$with_nisplussam"
@ -11828,7 +11878,7 @@ fi
# smbpasswd SAM is only used if another format
# has not been defined
echo $ac_n "checking whether to use traditional smbpasswd file""... $ac_c" 1>&6
echo "configure:11832: checking whether to use traditional smbpasswd file" >&5
echo "configure:11882: checking whether to use traditional smbpasswd file" >&5
if test $with_smbpasswd_sam = yes; then
echo "$ac_t""yes" 1>&6
cat >> confdefs.h <<\EOF
@ -11848,7 +11898,7 @@ fi
#################################################
# check for a NISPLUS_HOME support
echo $ac_n "checking whether to use NISPLUS_HOME""... $ac_c" 1>&6
echo "configure:11852: checking whether to use NISPLUS_HOME" >&5
echo "configure:11902: checking whether to use NISPLUS_HOME" >&5
# Check whether --with-nisplus-home or --without-nisplus-home was given.
if test "${with_nisplus_home+set}" = set; then
withval="$with_nisplus_home"
@ -11873,7 +11923,7 @@ fi
#################################################
# check for the secure socket layer
echo $ac_n "checking whether to use SSL""... $ac_c" 1>&6
echo "configure:11877: checking whether to use SSL" >&5
echo "configure:11927: checking whether to use SSL" >&5
# Check whether --with-ssl or --without-ssl was given.
if test "${with_ssl+set}" = set; then
withval="$with_ssl"
@ -11947,7 +11997,7 @@ fi
#################################################
# check for syslog logging
echo $ac_n "checking whether to use syslog logging""... $ac_c" 1>&6
echo "configure:11951: checking whether to use syslog logging" >&5
echo "configure:12001: checking whether to use syslog logging" >&5
# Check whether --with-syslog or --without-syslog was given.
if test "${with_syslog+set}" = set; then
withval="$with_syslog"
@ -11972,7 +12022,7 @@ fi
#################################################
# check for a shared memory profiling support
echo $ac_n "checking whether to use profiling""... $ac_c" 1>&6
echo "configure:11976: checking whether to use profiling" >&5
echo "configure:12026: checking whether to use profiling" >&5
# Check whether --with-profiling-data or --without-profiling-data was given.
if test "${with_profiling_data+set}" = set; then
withval="$with_profiling_data"
@ -12000,7 +12050,7 @@ fi
QUOTAOBJS=smbd/noquotas.o
echo $ac_n "checking whether to support disk-quotas""... $ac_c" 1>&6
echo "configure:12004: checking whether to support disk-quotas" >&5
echo "configure:12054: checking whether to support disk-quotas" >&5
# Check whether --with-quotas or --without-quotas was given.
if test "${with_quotas+set}" = set; then
withval="$with_quotas"
@ -12011,13 +12061,13 @@ if test "${with_quotas+set}" = set; then
*linux*)
# Check for kernel 2.4.x quota braindamage...
echo $ac_n "checking for linux 2.4.x quota braindamage..""... $ac_c" 1>&6
echo "configure:12015: checking for linux 2.4.x quota braindamage.." >&5
echo "configure:12065: checking for linux 2.4.x quota braindamage.." >&5
if eval "test \"`echo '$''{'samba_cv_linux_2_4_quota_braindamage'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 12021 "configure"
#line 12071 "configure"
#include "confdefs.h"
#include <stdio.h>
#include <sys/types.h>
@ -12029,7 +12079,7 @@ int main() {
struct mem_dqblk D;
; return 0; }
EOF
if { (eval echo configure:12033: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
if { (eval echo configure:12083: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
samba_cv_linux_2_4_quota_braindamage=yes
else
@ -12078,7 +12128,7 @@ fi
# check for experimental utmp accounting
echo $ac_n "checking whether to support utmp accounting""... $ac_c" 1>&6
echo "configure:12082: checking whether to support utmp accounting" >&5
echo "configure:12132: checking whether to support utmp accounting" >&5
# Check whether --with-utmp or --without-utmp was given.
if test "${with_utmp+set}" = set; then
withval="$with_utmp"
@ -12178,7 +12228,7 @@ fi
#################################################
# choose native language(s) of man pages
echo $ac_n "checking chosen man pages' language(s)""... $ac_c" 1>&6
echo "configure:12182: checking chosen man pages' language(s)" >&5
echo "configure:12232: checking chosen man pages' language(s)" >&5
# Check whether --with-manpages-langs or --without-manpages-langs was given.
if test "${with_manpages_langs+set}" = set; then
withval="$with_manpages_langs"
@ -12206,14 +12256,14 @@ fi
#################################################
# these tests are taken from the GNU fileutils package
echo "checking how to get filesystem space usage" 1>&6
echo "configure:12210: checking how to get filesystem space usage" >&5
echo "configure:12260: checking how to get filesystem space usage" >&5
space=no
# Test for statvfs64.
if test $space = no; then
# SVR4
echo $ac_n "checking statvfs64 function (SVR4)""... $ac_c" 1>&6
echo "configure:12217: checking statvfs64 function (SVR4)" >&5
echo "configure:12267: checking statvfs64 function (SVR4)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statvfs64'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -12221,7 +12271,7 @@ else
fu_cv_sys_stat_statvfs64=cross
else
cat > conftest.$ac_ext <<EOF
#line 12225 "configure"
#line 12275 "configure"
#include "confdefs.h"
#if defined(HAVE_UNISTD_H)
@ -12235,7 +12285,7 @@ else
exit (statvfs64 (".", &fsd));
}
EOF
if { (eval echo configure:12239: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:12289: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statvfs64=yes
else
@ -12268,12 +12318,12 @@ fi
if test $space = no; then
# SVR4
echo $ac_n "checking statvfs function (SVR4)""... $ac_c" 1>&6
echo "configure:12272: checking statvfs function (SVR4)" >&5
echo "configure:12322: checking statvfs function (SVR4)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statvfs'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 12277 "configure"
#line 12327 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/statvfs.h>
@ -12281,7 +12331,7 @@ int main() {
struct statvfs fsd; statvfs (0, &fsd);
; return 0; }
EOF
if { (eval echo configure:12285: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:12335: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
fu_cv_sys_stat_statvfs=yes
else
@ -12306,7 +12356,7 @@ fi
if test $space = no; then
# DEC Alpha running OSF/1
echo $ac_n "checking for 3-argument statfs function (DEC OSF/1)""... $ac_c" 1>&6
echo "configure:12310: checking for 3-argument statfs function (DEC OSF/1)" >&5
echo "configure:12360: checking for 3-argument statfs function (DEC OSF/1)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs3_osf1'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -12314,7 +12364,7 @@ else
fu_cv_sys_stat_statfs3_osf1=no
else
cat > conftest.$ac_ext <<EOF
#line 12318 "configure"
#line 12368 "configure"
#include "confdefs.h"
#include <sys/param.h>
@ -12327,7 +12377,7 @@ else
exit (statfs (".", &fsd, sizeof (struct statfs)));
}
EOF
if { (eval echo configure:12331: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:12381: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs3_osf1=yes
else
@ -12354,7 +12404,7 @@ fi
if test $space = no; then
# AIX
echo $ac_n "checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)""... $ac_c" 1>&6
echo "configure:12358: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5
echo "configure:12408: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_bsize'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -12362,7 +12412,7 @@ else
fu_cv_sys_stat_statfs2_bsize=no
else
cat > conftest.$ac_ext <<EOF
#line 12366 "configure"
#line 12416 "configure"
#include "confdefs.h"
#ifdef HAVE_SYS_PARAM_H
@ -12381,7 +12431,7 @@ else
exit (statfs (".", &fsd));
}
EOF
if { (eval echo configure:12385: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:12435: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs2_bsize=yes
else
@ -12408,7 +12458,7 @@ fi
if test $space = no; then
# SVR3
echo $ac_n "checking for four-argument statfs (AIX-3.2.5, SVR3)""... $ac_c" 1>&6
echo "configure:12412: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5
echo "configure:12462: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs4'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -12416,7 +12466,7 @@ else
fu_cv_sys_stat_statfs4=no
else
cat > conftest.$ac_ext <<EOF
#line 12420 "configure"
#line 12470 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/statfs.h>
@ -12426,7 +12476,7 @@ else
exit (statfs (".", &fsd, sizeof fsd, 0));
}
EOF
if { (eval echo configure:12430: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:12480: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs4=yes
else
@ -12453,7 +12503,7 @@ fi
if test $space = no; then
# 4.4BSD and NetBSD
echo $ac_n "checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)""... $ac_c" 1>&6
echo "configure:12457: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5
echo "configure:12507: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_fsize'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -12461,7 +12511,7 @@ else
fu_cv_sys_stat_statfs2_fsize=no
else
cat > conftest.$ac_ext <<EOF
#line 12465 "configure"
#line 12515 "configure"
#include "confdefs.h"
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
@ -12477,7 +12527,7 @@ else
exit (statfs (".", &fsd));
}
EOF
if { (eval echo configure:12481: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:12531: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs2_fsize=yes
else
@ -12504,7 +12554,7 @@ fi
if test $space = no; then
# Ultrix
echo $ac_n "checking for two-argument statfs with struct fs_data (Ultrix)""... $ac_c" 1>&6
echo "configure:12508: checking for two-argument statfs with struct fs_data (Ultrix)" >&5
echo "configure:12558: checking for two-argument statfs with struct fs_data (Ultrix)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_fs_data'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -12512,7 +12562,7 @@ else
fu_cv_sys_stat_fs_data=no
else
cat > conftest.$ac_ext <<EOF
#line 12516 "configure"
#line 12566 "configure"
#include "confdefs.h"
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
@ -12532,7 +12582,7 @@ else
exit (statfs (".", &fsd) != 1);
}
EOF
if { (eval echo configure:12536: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:12586: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_fs_data=yes
else
@ -12565,9 +12615,9 @@ fi
# file support.
#
echo $ac_n "checking if large file support can be enabled""... $ac_c" 1>&6
echo "configure:12569: checking if large file support can be enabled" >&5
echo "configure:12619: checking if large file support can be enabled" >&5
cat > conftest.$ac_ext <<EOF
#line 12571 "configure"
#line 12621 "configure"
#include "confdefs.h"
#if defined(HAVE_LONGLONG) && (defined(HAVE_OFF64_T) || (defined(SIZEOF_OFF_T) && (SIZEOF_OFF_T == 8)))
@ -12580,7 +12630,7 @@ int main() {
int i
; return 0; }
EOF
if { (eval echo configure:12584: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
if { (eval echo configure:12634: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
samba_cv_HAVE_EXPLICIT_LARGEFILE_SUPPORT=yes
else
@ -12645,7 +12695,7 @@ fi
# check for ACL support
echo $ac_n "checking whether to support ACLs""... $ac_c" 1>&6
echo "configure:12649: checking whether to support ACLs" >&5
echo "configure:12699: checking whether to support ACLs" >&5
# Check whether --with-acl-support or --without-acl-support was given.
if test "${with_acl_support+set}" = set; then
withval="$with_acl_support"
@ -12691,7 +12741,7 @@ EOF
;;
*)
echo $ac_n "checking for acl_get_file in -lacl""... $ac_c" 1>&6
echo "configure:12695: checking for acl_get_file in -lacl" >&5
echo "configure:12745: checking for acl_get_file in -lacl" >&5
ac_lib_var=`echo acl'_'acl_get_file | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@ -12699,7 +12749,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lacl $LIBS"
cat > conftest.$ac_ext <<EOF
#line 12703 "configure"
#line 12753 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@ -12710,7 +12760,7 @@ int main() {
acl_get_file()
; return 0; }
EOF
if { (eval echo configure:12714: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:12764: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@ -12738,13 +12788,13 @@ else
fi
echo $ac_n "checking for ACL support""... $ac_c" 1>&6
echo "configure:12742: checking for ACL support" >&5
echo "configure:12792: checking for ACL support" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_POSIX_ACLS'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 12748 "configure"
#line 12798 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/acl.h>
@ -12752,7 +12802,7 @@ int main() {
acl_t acl; int entry_id; acl_entry_t *entry_p; return acl_get_entry( acl, entry_id, entry_p);
; return 0; }
EOF
if { (eval echo configure:12756: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:12806: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
samba_cv_HAVE_POSIX_ACLS=yes
else
@ -12772,13 +12822,13 @@ echo "$ac_t""$samba_cv_HAVE_POSIX_ACLS" 1>&6
EOF
echo $ac_n "checking for acl_get_perm_np""... $ac_c" 1>&6
echo "configure:12776: checking for acl_get_perm_np" >&5
echo "configure:12826: checking for acl_get_perm_np" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_ACL_GET_PERM_NP'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 12782 "configure"
#line 12832 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/acl.h>
@ -12786,7 +12836,7 @@ int main() {
acl_permset_t permset_d; acl_perm_t perm; return acl_get_perm_np( permset_d, perm);
; return 0; }
EOF
if { (eval echo configure:12790: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:12840: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
samba_cv_HAVE_ACL_GET_PERM_NP=yes
else
@ -12833,7 +12883,7 @@ fi
# (WINBIND_STARGETS) and shared libraries (WINBIND_LTARGETS).
echo $ac_n "checking whether to build winbind""... $ac_c" 1>&6
echo "configure:12837: checking whether to build winbind" >&5
echo "configure:12887: checking whether to build winbind" >&5
# Initially, the value of $host_os decides whether winbind is supported
@ -12923,7 +12973,7 @@ fi
if test x"$INCLUDED_POPT" != x"yes"; then
echo $ac_n "checking for poptGetContext in -lpopt""... $ac_c" 1>&6
echo "configure:12927: checking for poptGetContext in -lpopt" >&5
echo "configure:12977: checking for poptGetContext in -lpopt" >&5
ac_lib_var=`echo popt'_'poptGetContext | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@ -12931,7 +12981,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lpopt $LIBS"
cat > conftest.$ac_ext <<EOF
#line 12935 "configure"
#line 12985 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@ -12942,7 +12992,7 @@ int main() {
poptGetContext()
; return 0; }
EOF
if { (eval echo configure:12946: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:12996: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@ -12966,7 +13016,7 @@ fi
fi
echo $ac_n "checking whether to use included popt""... $ac_c" 1>&6
echo "configure:12970: checking whether to use included popt" >&5
echo "configure:13020: checking whether to use included popt" >&5
if test x"$INCLUDED_POPT" = x"yes"; then
echo "$ac_t""$srcdir/popt" 1>&6
BUILD_POPT='$(POPT_OBJS)'
@ -12985,11 +13035,11 @@ if test "$cross_compiling" = yes; then
:
else
cat > conftest.$ac_ext <<EOF
#line 12989 "configure"
#line 13039 "configure"
#include "confdefs.h"
#include "${srcdir-.}/tests/summary.c"
EOF
if { (eval echo configure:12993: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:13043: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
echo "configure OK";
else

20
source/configure.in
View File

@ -249,7 +249,7 @@ AC_CHECK_HEADERS(sys/param.h ctype.h sys/wait.h sys/resource.h sys/ioctl.h sys/i
AC_CHECK_HEADERS(sys/mman.h sys/filio.h sys/priv.h sys/shm.h string.h strings.h stdlib.h sys/socket.h)
AC_CHECK_HEADERS(sys/mount.h sys/vfs.h sys/fs/s5param.h sys/filsys.h termios.h termio.h)
AC_CHECK_HEADERS(sys/termio.h sys/statfs.h sys/dustat.h sys/statvfs.h stdarg.h sys/sockio.h)
AC_CHECK_HEADERS(security/pam_modules.h security/_pam_macros.h)
AC_CHECK_HEADERS(security/pam_modules.h security/_pam_macros.h ldap.h sasl.h)
#
# HPUX has a bug in that including shadow.h causes a re-definition of MAXINT.
@ -543,7 +543,7 @@ else
fi
AC_CHECK_FUNCS(waitpid getcwd strdup strtoul strerror chown fchown chmod fchmod chroot)
AC_CHECK_FUNCS(fstat strchr utime utimes getrlimit fsync bzero memset)
AC_CHECK_FUNCS(fstat strchr utime utimes getrlimit fsync bzero memset strlcpy strlcat)
AC_CHECK_FUNCS(memmove vsnprintf snprintf asprintf vasprintf setsid glob strpbrk pipe crypt16 getauthuid)
AC_CHECK_FUNCS(strftime sigprocmask sigblock sigaction sigset innetgr setnetgrent getnetgrent endnetgrent)
AC_CHECK_FUNCS(initgroups select poll rdchk getgrnam getgrent pathconf)
@ -1626,6 +1626,11 @@ AC_ARG_WITH(krb5,
AC_MSG_RESULT(no)
)
##################################################################
# we might need the k5crypto and com_err libraries on some systems
AC_CHECK_LIB(com_err, _et_list, [LIBS="$LIBS -lcom_err"])
AC_CHECK_LIB(k5crypto, krb5_encrypt_data, [LIBS="$LIBS -lk5crypto"])
########################################################
# now see if we can find the krb5 libs in standard paths
@ -1634,10 +1639,13 @@ AC_CHECK_LIB(krb5, krb5_mk_req_extended, [LIBS="$LIBS -lkrb5";
AC_DEFINE(HAVE_KRB5)])
fi
##################################################################
# we might need the k5crypto and com_err libraries on some systems
AC_CHECK_LIB(com_err, _et_list, [LIBS="$LIBS -lcom_err"])
AC_CHECK_LIB(k5crypto, krb5_encrypt_data, [LIBS="$LIBS -lk5crypto"])
########################################################
# now see if we can find the ldap libs in standard paths
if test x$have_ldap != xyes; then
AC_CHECK_LIB(ldap, ldap_open, [LIBS="$LIBS -lldap -llber";
AC_DEFINE(HAVE_LDAP)])
fi
#################################################
# check for automount support

13
source/include/config.h.in
View File

@ -248,6 +248,7 @@
#undef I18N_DEFAULT_PREF_LANG
#undef HAVE_KRB5
#undef BROKEN_REDHAT_7_SYSTEM_HEADERS
#undef HAVE_LDAP
/* The number of bytes in a int. */
#undef SIZEOF_INT
@ -741,6 +742,12 @@
/* Define if you have the strftime function. */
#undef HAVE_STRFTIME
/* Define if you have the strlcat function. */
#undef HAVE_STRLCAT
/* Define if you have the strlcpy function. */
#undef HAVE_STRLCPY
/* Define if you have the strpbrk function. */
#undef HAVE_STRPBRK
@ -816,6 +823,9 @@
/* Define if you have the <lastlog.h> header file. */
#undef HAVE_LASTLOG_H
/* Define if you have the <ldap.h> header file. */
#undef HAVE_LDAP_H
/* Define if you have the <limits.h> header file. */
#undef HAVE_LIMITS_H
@ -870,6 +880,9 @@
/* Define if you have the <rpcsvc/ypclnt.h> header file. */
#undef HAVE_RPCSVC_YPCLNT_H
/* Define if you have the <sasl.h> header file. */
#undef HAVE_SASL_H
/* Define if you have the <security/_pam_macros.h> header file. */
#undef HAVE_SECURITY__PAM_MACROS_H

22
source/include/includes.h
View File

@ -381,6 +381,19 @@
#include <krb5.h>
#endif
#if HAVE_LDAP
#include <ldap.h>
#endif
#if HAVE_SASL_H
#include <sasl.h>
#endif
/* we support ADS if we have krb5 and ldap libs */
#if defined(HAVE_KRB5) && defined(HAVE_LDAP) && defined(HAVE_SASL_H)
#define HAVE_ADS
#endif
/*
* Define VOLATILE if needed.
*/
@ -650,6 +663,7 @@ extern int errno;
#include "../tdb/tdb.h"
#include "../tdb/spinlock.h"
#include "talloc.h"
#include "ads.h"
#include "interfaces.h"
#include "hash.h"
#include "trans2.h"
@ -871,6 +885,14 @@ int rename(const char *zfrom, const char *zto);
time_t mktime(struct tm *t);
#endif
#ifndef HAVE_STRLCPY
size_t strlcpy(char *d, const char *s, size_t bufsize);
#endif
#ifndef HAVE_STRLCAT
size_t strlcat(char *d, const char *s, size_t bufsize);
#endif
#ifndef HAVE_FTRUNCATE
int ftruncate(int f,long l);
#endif

324
source/libads/ldap.c Normal file
View File

@ -0,0 +1,324 @@
/*
Unix SMB/Netbios implementation.
Version 3.0
ads (active directory) utility library
Copyright (C) Andrew Tridgell 2001
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#ifdef HAVE_ADS
/* return a dn of the form "dc=AA,dc=BB,dc=CC" from a
realm of the form AA.BB.CC
caller must free
*/
static char *ads_build_dn(const char *realm)
{
char *p, *r;
int numdots = 0;
char *ret;
int len;
r = strdup(realm);
if (!r || !*r) return r;
for (p=r; *p; p++) {
if (*p == '.') numdots++;
}
len = (numdots+1)*4 + strlen(r) + 1;
ret = malloc(len);
strlcpy(ret,"dc=", len);
p=strtok(r,".");
strlcat(ret, p, len);
while ((p=strtok(NULL,"."))) {
strlcat(ret,",dc=", len);
strlcat(ret, p, len);
}
free(r);
return ret;
}
/*
return a string for an error from a ads routine
*/
char *ads_errstr(int rc)
{
return ldap_err2string(rc);
}
/*
initialise a ADS_STRUCT, ready for some ads_ ops
*/
ADS_STRUCT *ads_init(const char *realm,
const char *ldap_server,
const char *bind_path)
{
ADS_STRUCT *ads;
ads = (ADS_STRUCT *)xmalloc(sizeof(*ads));
memset(ads, 0, sizeof(*ads));
ads->realm = realm? strdup(realm) : NULL;
ads->ldap_server = ldap_server? strdup(ldap_server) : NULL;
ads->bind_path = bind_path? strdup(bind_path) : NULL;
ads->ldap_port = LDAP_PORT;
if (!ads->bind_path) {
ads->bind_path = ads_build_dn(ads->realm);
}
return ads;
}
/*
this is a minimal interact function, just enough for SASL to talk
GSSAPI/kerberos to W2K
*/
static int sasl_interact(LDAP *ld,unsigned flags,void *defaults,void *in)
{
sasl_interact_t *interact = in;
while (interact->id != SASL_CB_LIST_END) {
interact->result = strdup("");
interact->len = 0;
interact++;
}
return LDAP_SUCCESS;
}
/*
connect to the LDAP server
*/
int ads_connect(ADS_STRUCT *ads)
{
int version = LDAP_VERSION3;
int rc;
ads->ld = ldap_open(ads->ldap_server, ads->ldap_port);
if (!ads->ld) {
return errno;
}
ldap_set_option(ads->ld, LDAP_OPT_PROTOCOL_VERSION, &version);
rc = ldap_sasl_interactive_bind_s(ads->ld, NULL, NULL, NULL, NULL, 0,
sasl_interact, NULL);
return rc;
}
/*
find a machine account given a hostname
*/
int ads_find_machine_acct(ADS_STRUCT *ads, void **res, const char *host)
{
int ret;
char *exp;
/* the easiest way to find a machine account anywhere in the tree
is to look for hostname$ */
asprintf(&exp, "(samAccountName=%s$)", host);
*res = NULL;
ret = ldap_search_s(ads->ld, ads->bind_path,
LDAP_SCOPE_SUBTREE, exp, NULL, 0, (LDAPMessage **)res);
free(exp);
return ret;
}
/*
a convenient routine for adding a generic LDAP record
*/
int ads_gen_add(ADS_STRUCT *ads, const char *new_dn, ...)
{
int i;
va_list ap;
LDAPMod **mods;
char *name, *value;
int ret;
#define MAX_MOD_VALUES 10
/* count the number of attributes */
va_start(ap, new_dn);
for (i=0; va_arg(ap, char *); i++) {
/* skip the values */
while (va_arg(ap, char *)) ;
}
va_end(ap);
mods = malloc(sizeof(LDAPMod *) * (i+1));
va_start(ap, new_dn);
for (i=0; (name=va_arg(ap, char *)); i++) {
char **values;
int j;
values = (char **)malloc(sizeof(char *) * (MAX_MOD_VALUES+1));
for (j=0; (value=va_arg(ap, char *)) && j < MAX_MOD_VALUES; j++) {
values[j] = value;
}
values[j] = NULL;
mods[i] = malloc(sizeof(LDAPMod));
mods[i]->mod_type = name;
mods[i]->mod_op = LDAP_MOD_ADD;
mods[i]->mod_values = values;
}
mods[i] = NULL;
va_end(ap);
ret = ldap_add_s(ads->ld, new_dn, mods);
for (i=0; mods[i]; i++) {
free(mods[i]->mod_values);
free(mods[i]);
}
free(mods);
return ret;
}
/*
add a machine account to the ADS server
*/
static int ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname)
{
int ret;
char *host_spn, *host_upn, *new_dn, *samAccountName, *controlstr;
asprintf(&host_spn, "HOST/%s", hostname);
asprintf(&host_upn, "%s@%s", host_spn, ads->realm);
asprintf(&new_dn, "cn=%s,cn=Computers,%s", hostname, ads->bind_path);
asprintf(&samAccountName, "%s$", hostname);
asprintf(&controlstr, "%u",
UF_DONT_EXPIRE_PASSWD | UF_WORKSTATION_TRUST_ACCOUNT |
UF_TRUSTED_FOR_DELEGATION | UF_USE_DES_KEY_ONLY);
ret = ads_gen_add(ads, new_dn,
"cn", hostname, NULL,
"sAMAccountName", samAccountName, NULL,
"objectClass",
"top", "person", "organizationalPerson",
"user", "computer", NULL,
"userPrincipalName", host_upn, NULL,
"servicePrincipalName", host_spn, NULL,
"dNSHostName", hostname, NULL,
"userAccountControl", controlstr, NULL,
"operatingSystem", "Samba", NULL,
"operatingSystemVersion", VERSION, NULL,
NULL);
free(host_spn);
free(host_upn);
free(new_dn);
free(samAccountName);
free(controlstr);
return ret;
}
/*
dump a record from LDAP on stdout
used for debugging
*/
void ads_dump(ADS_STRUCT *ads, void *res)
{
char *field;
LDAPMessage *msg;
BerElement *b;
char *this_dn;
for (msg = ldap_first_entry(ads->ld, (LDAPMessage *)res);
msg; msg = ldap_next_entry(ads->ld, msg)) {
this_dn = ldap_get_dn(ads->ld, (LDAPMessage *)res);
if (this_dn) {
printf("Dumping: %s\n", this_dn);
}
ldap_memfree(this_dn);
for (field = ldap_first_attribute(ads->ld, msg, &b);
field;
field = ldap_next_attribute(ads->ld, msg, b)) {
char **values, **p;
values = ldap_get_values(ads->ld, msg, field);
for (p = values; *p; p++) {
printf("%s: %s\n", field, *p);
}
ldap_value_free(values);
ldap_memfree(field);
}
ber_free(b, 1);
printf("\n");
}
}
/*
count how many replies are in a LDAPMessage
*/
int ads_count_replies(ADS_STRUCT *ads, void *res)
{
return ldap_count_entries(ads->ld, (LDAPMessage *)res);
}
/*
join a machine to a realm, creating the machine account
and setting the machine password
*/
int ads_join_realm(ADS_STRUCT *ads, const char *hostname)
{
int rc;
LDAPMessage *res;
char *principal;
rc = ads_find_machine_acct(ads, (void **)&res, hostname);
if (rc == LDAP_SUCCESS && ads_count_replies(ads, res) == 1) {
DEBUG(0, ("Host account for %s already exists\n", hostname));
goto set_password;
}
rc = ads_add_machine_acct(ads, hostname);
if (rc != LDAP_SUCCESS) {
DEBUG(0, ("ads_add_machine_acct: %s\n", ads_errstr(rc)));
return rc;
}
rc = ads_find_machine_acct(ads, (void **)&res, hostname);
if (rc != LDAP_SUCCESS || ads_count_replies(ads, res) != 1) {
DEBUG(0, ("Host account test failed\n"));
/* hmmm, we need NTSTATUS */
return -1;
}
set_password:
asprintf(&principal, "HOST/%s@%s", hostname, ads->realm);
#if 0
krb5_set_principal_password(principal, ads->ldap_server, hostname, ads->realm);
#endif
free(principal);
return LDAP_SUCCESS;
}
#endif