added two new params: "trusted domains" and "trusting domains".

these _may_ not actually ever get used, as trust relationships
really need to be established with shared secrets, and you need
to get the SID of the trusted and trusting domains, so this
may have to go in a private/xxx.mac file.
(This used to be commit 71f12138679251a9ebcada35969d9baea286a3e9)

5 files changed, 50 insertions, 8 deletions

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 9c801297dc..1d6f6d269d 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -303,6 +303,7 @@ BOOL generate_sam_sid(char *domain_name);
 BOOL map_domain_name_to_sid(DOM_SID *sid, char **nt_domain);
 BOOL map_domain_sid_to_name(DOM_SID *sid, char *nt_domain);
 BOOL split_domain_name(const char *fullname, char *domain, char *name);
+BOOL enumtrustdoms(char ***doms, uint32 *num_entries);
 BOOL enumdomains(char ***doms, uint32 *num_entries);
 
 /*The following definitions come from  lib/signal.c  */
@@ -1290,6 +1291,8 @@ char *lp_passwd_chat(void);
 char *lp_passwordserver(void);
 char *lp_name_resolve_order(void);
 char *lp_workgroup(void);
+char *lp_trusted_domains(void);
+char *lp_trusting_domains(void);
 char *lp_username_map(void);
 char *lp_aliasname_map(void);
 char *lp_groupname_map(void);
@@ -2322,7 +2325,7 @@ BOOL make_r_logon_ctrl2(NET_R_LOGON_CTRL2 *r_l, uint32 query_level,
 				uint32 tc_status, char *trusted_domain_name);
 BOOL net_io_r_logon_ctrl2(char *desc,  NET_R_LOGON_CTRL2 *r_l, prs_struct *ps, int depth);
 BOOL make_r_trust_dom(NET_R_TRUST_DOM_LIST *r_t,
-			uint32 num_doms, char *dom_name);
+			uint32 num_doms, char **dom_name);
 BOOL net_io_r_trust_dom(char *desc,  NET_R_TRUST_DOM_LIST *r_t, prs_struct *ps, int depth);
 BOOL net_io_q_trust_dom(char *desc,  NET_Q_TRUST_DOM_LIST *q_l, prs_struct *ps, int depth);
 BOOL make_q_req_chal(NET_Q_REQ_CHAL *q_c,
@@ -2330,6 +2333,12 @@ BOOL make_q_req_chal(NET_Q_REQ_CHAL *q_c,
 				DOM_CHAL *clnt_chal);
 BOOL net_io_q_req_chal(char *desc,  NET_Q_REQ_CHAL *q_c, prs_struct *ps, int depth);
 BOOL net_io_r_req_chal(char *desc,  NET_R_REQ_CHAL *r_c, prs_struct *ps, int depth);
+BOOL make_q_auth(NET_Q_AUTH *q_a,
+		const char *logon_srv, const char *acct_name,
+		uint16 sec_chan, const char *comp_name,
+		DOM_CHAL *clnt_chal);
+BOOL net_io_q_auth(char *desc,  NET_Q_AUTH *q_a, prs_struct *ps, int depth);
+BOOL net_io_r_auth(char *desc,  NET_R_AUTH *r_a, prs_struct *ps, int depth);
 BOOL make_q_auth_2(NET_Q_AUTH_2 *q_a,
 		const char *logon_srv, const char *acct_name,
 		uint16 sec_chan, const char *comp_name,
diff --git a/source3/lib/sids.c b/source3/lib/sids.c
index 4b1682afe9..4d83adc36d 100644
--- a/source3/lib/sids.c
+++ b/source3/lib/sids.c
@@ -600,6 +600,29 @@ BOOL split_domain_name(const char *fullname, char *domain, char *name)
 /**************************************************************************
  enumerates all domains for which the SAM server is responsible
 ***************************************************************************/
+BOOL enumtrustdoms(char ***doms, uint32 *num_entries)
+{
+	fstring tmp;
+	char *tok;
+
+	/* add trusted domains */
+
+	tok = lp_trusted_domains();
+	if (next_token(&tok, tmp, NULL, sizeof(tmp)))
+	{
+		do
+		{
+			add_chars_to_array(num_entries, doms, tmp);
+
+		} while (next_token(NULL, tmp, NULL, sizeof(tmp)));
+	}
+
+	return True;
+}
+
+/**************************************************************************
+ enumerates all domains for which the SAM server is responsible
+***************************************************************************/
 BOOL enumdomains(char ***doms, uint32 *num_entries)
 {
 	add_chars_to_array(num_entries, doms, global_sam_name);
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 7e736ad99d..b7aef21013 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -123,6 +123,8 @@ typedef struct
   char *szSocketOptions;
   char *szValidChars;
   char *szWorkGroup;
+  char *szTrustedDomains;
+  char *szTrustingDomains;
   char *szUsernameMap;
   char *szAliasnameMap;
   char *szGroupnameMap;
@@ -717,6 +719,8 @@ static struct parm_struct parm_table[] =
 
   {"Domain Options", P_SEP, P_SEPARATOR},
 
+  {"trusted domains",   P_STRING, P_GLOBAL, &Globals.szTrustedDomains,  NULL,   NULL,  0},
+  {"trusting domains",  P_STRING, P_GLOBAL, &Globals.szTrustingDomains, NULL,   NULL,  0},
   {"local group map",   P_STRING, P_GLOBAL, &Globals.szAliasnameMap,     NULL,   NULL,  0},
   {"domain group map",  P_STRING, P_GLOBAL, &Globals.szGroupnameMap,     NULL,   NULL,  0},
   {"builtin group map", P_STRING, P_GLOBAL, &Globals.szBuiltinnameMap,   NULL,   NULL,  0},
@@ -1203,6 +1207,8 @@ FN_GLOBAL_STRING(lp_passwd_chat,&Globals.szPasswdChat)
 FN_GLOBAL_STRING(lp_passwordserver,&Globals.szPasswordServer)
 FN_GLOBAL_STRING(lp_name_resolve_order,&Globals.szNameResolveOrder)
 FN_GLOBAL_STRING(lp_workgroup,&Globals.szWorkGroup)
+FN_GLOBAL_STRING(lp_trusted_domains,&Globals.szTrustedDomains)
+FN_GLOBAL_STRING(lp_trusting_domains,&Globals.szTrustingDomains)
 FN_GLOBAL_STRING(lp_username_map,&Globals.szUsernameMap)
 FN_GLOBAL_STRING(lp_aliasname_map,&Globals.szAliasnameMap)
 FN_GLOBAL_STRING(lp_groupname_map,&Globals.szGroupnameMap)
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index 4864308d70..b21f612c8a 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -294,7 +294,7 @@ BOOL net_io_r_logon_ctrl2(char *desc,  NET_R_LOGON_CTRL2 *r_l, prs_struct *ps, i
 makes an NET_R_TRUST_DOM_LIST structure.
 ********************************************************************/
 BOOL make_r_trust_dom(NET_R_TRUST_DOM_LIST *r_t,
-			uint32 num_doms, char *dom_name)
+			uint32 num_doms, char **dom_name)
 {
 	uint32 i = 0;
 
@@ -312,7 +312,7 @@ BOOL make_r_trust_dom(NET_R_TRUST_DOM_LIST *r_t,
 	for (i = 0; i < num_doms; i++)
 	{
 		fstring domain_name;
-		fstrcpy(domain_name, dom_name);
+		fstrcpy(domain_name, dom_name[i]);
 		strupper(domain_name);
 		make_unistr2(&(r_t->uni_trust_dom_name[i]), domain_name, strlen(domain_name)+1);
 		/* the use of UNISTR2 here is non-standard. */
@@ -357,8 +357,8 @@ BOOL net_io_q_trust_dom(char *desc,  NET_Q_TRUST_DOM_LIST *q_l, prs_struct *ps,
 	prs_debug(ps, depth, desc, "net_io_q_trust_dom");
 	depth++;
 
-	prs_uint32("ptr          ", ps, depth, &(q_l->ptr          ));
-	smb_io_unistr2 ("", &(q_l->uni_server_name), q_l->ptr, ps, depth);
+	prs_uint32("ptr", ps, depth, &(q_l->ptr));
+	smb_io_unistr2 ("name", &(q_l->uni_server_name), q_l->ptr, ps, depth);
 
 	prs_align(ps);
 
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 440ac87c86..09678e3eaf 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -90,7 +90,7 @@ static void net_reply_logon_ctrl2(NET_Q_LOGON_CTRL2 *q_l, prs_struct *rdata,
  net_reply_trust_dom_list:
  *************************************************************************/
 static void net_reply_trust_dom_list(NET_Q_TRUST_DOM_LIST *q_t, prs_struct *rdata,
-			uint32 num_trust_domains, char *trust_domain_name)
+			uint32 num_trust_domains, char **trust_domain_name)
 {
 	NET_R_TRUST_DOM_LIST r_t;
 
@@ -948,8 +948,10 @@ static void api_net_trust_dom_list( pipes_struct *p,
                                     prs_struct *rdata)
 {
 	NET_Q_TRUST_DOM_LIST q_t;
+	char **doms = NULL;
+	uint32 num_doms = 0;
 
-	char *trusted_domain = "test_domain";
+	enumtrustdoms(&doms, &num_doms);
 
 	DEBUG(6,("api_net_trust_dom_list: %d\n", __LINE__));
 
@@ -958,7 +960,9 @@ static void api_net_trust_dom_list( pipes_struct *p,
 
 	/* construct reply. */
 	net_reply_trust_dom_list(&q_t, rdata,
-				1, trusted_domain);
+				num_doms, doms);
+
+	free_char_array(num_doms, doms);
 
 	DEBUG(6,("api_net_trust_dom_list: %d\n", __LINE__));
 }