summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2008-04-16 23:35:12 +0200
committerStefan Metzmacher <metze@samba.org>2008-04-17 00:31:59 +0200
commit2d0a36f0a5f45760927f05e514a9e63ea5d43785 (patch)
tree4a5f8d45700f2037de65296d656e7e5a427bcde5
parent31b3a1fc3ff884bf311db3ffe5a85c1ef9dac344 (diff)
downloadsamba-2d0a36f0a5f45760927f05e514a9e63ea5d43785.tar.gz
samba-2d0a36f0a5f45760927f05e514a9e63ea5d43785.tar.bz2
samba-2d0a36f0a5f45760927f05e514a9e63ea5d43785.zip
libwbclient: add wbcCheckTrustCredentials()
This only accepts NULL as domain for now, because winbindd doesn't support checking trust passwords as a domain controller. metze (This used to be commit c084ccd70f42ce29ce24565969a9f440dde254e1)
-rw-r--r--source3/nsswitch/libwbclient/wbc_pam.c52
-rw-r--r--source3/nsswitch/libwbclient/wbclient.h6
2 files changed, 58 insertions, 0 deletions
diff --git a/source3/nsswitch/libwbclient/wbc_pam.c b/source3/nsswitch/libwbclient/wbc_pam.c
index 2b33f55990..f6a355a413 100644
--- a/source3/nsswitch/libwbclient/wbc_pam.c
+++ b/source3/nsswitch/libwbclient/wbc_pam.c
@@ -419,3 +419,55 @@ done:
return wbc_status;
}
+
+/** @brief Trigger a verification of the trust credentials of a specific domain
+ *
+ * @param *domain The name of the domain, only NULL for the default domain is
+ * supported yet. Other values than NULL will result in
+ * WBC_ERR_NOT_IMPLEMENTED.
+ * @param error Output details on WBC_ERR_AUTH_ERROR
+ *
+ * @return #wbcErr
+ *
+ **/
+wbcErr wbcCheckTrustCredentials(const char *domain,
+ struct wbcAuthErrorInfo **error)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ const char *name_str;
+
+ if (domain) {
+ /*
+ * the current protocol doesn't support
+ * specifying a domain
+ */
+ wbc_status = WBC_ERR_NOT_IMPLEMENTED;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ /* Send request */
+
+ wbc_status = wbcRequestResponse(WINBINDD_CHECK_MACHACC,
+ &request,
+ &response);
+ if (response.data.auth.nt_status != 0) {
+ if (error) {
+ wbc_status = wbc_create_error_info(NULL,
+ &response,
+ error);
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ wbc_status = WBC_ERR_AUTH_ERROR;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ done:
+ return wbc_status;
+}
diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h
index 1303057b84..b36b5bbe88 100644
--- a/source3/nsswitch/libwbclient/wbclient.h
+++ b/source3/nsswitch/libwbclient/wbclient.h
@@ -407,4 +407,10 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params,
wbcErr wbcResolveWinsByName(const char *name, const char **ip);
wbcErr wbcResolveWinsByIP(const char *ip, const char **name);
+/*
+ * Trusted domain functions
+ */
+wbcErr wbcCheckTrustCredentials(const char *domain,
+ struct wbcAuthErrorInfo **error);
+
#endif /* _WBCLIENT_H */