summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald (Jerry) Carter <jerry@samba.org>2007-12-21 11:59:56 -0600
committerGerald (Jerry) Carter <jerry@samba.org>2007-12-21 11:59:56 -0600
commit59ce7650f24eb7c35b8d3ee9f830711a4af8f8e9 (patch)
tree2e6460907f4817bf176c0a460d87dfbc55397590
parenta2481eda8c29255e8580b6070ea87f46ea7b4300 (diff)
downloadsamba-59ce7650f24eb7c35b8d3ee9f830711a4af8f8e9.tar.gz
samba-59ce7650f24eb7c35b8d3ee9f830711a4af8f8e9.tar.bz2
samba-59ce7650f24eb7c35b8d3ee9f830711a4af8f8e9.zip
De-couple smbd from staticly linking against winbindd client files.
Implements a wrapper layer in winbind_util.c which are just stubs if compiled --without-winbind. When building with winbindd, it is now required to build the libwbclient DSO first (in the Makefile) and then either set LD_LIBRARY_PATH or /etc/ld.so.conf to pick up the library PATH. (This used to be commit 42787bccff4fcffafc7aae6a678e792604ecaaa5)
-rw-r--r--source3/auth/auth_util.c6
-rw-r--r--source3/include/includes.h1
-rw-r--r--source3/lib/winbind_util.c325
-rw-r--r--source3/nsswitch/wb_client.c472
-rw-r--r--source3/nsswitch/wbinfo.c138
5 files changed, 393 insertions, 549 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 1e33869ea9..373a2a375f 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1731,17 +1731,17 @@ bool is_trusted_domain(const char* dom_name)
return True;
}
else {
- NSS_STATUS result;
+ wbcErr result;
/* If winbind is around, ask it */
result = wb_is_trusted_domain(dom_name);
- if (result == NSS_STATUS_SUCCESS) {
+ if (result == WBC_ERR_SUCCESS) {
return True;
}
- if (result == NSS_STATUS_NOTFOUND) {
+ if (result == WBC_ERR_DOMAIN_NOT_FOUND) {
/* winbind could not find the domain */
return False;
}
diff --git a/source3/include/includes.h b/source3/include/includes.h
index fdeff346e5..14ef2258e6 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -784,6 +784,7 @@ enum flush_reason_enum {
NUM_FLUSH_REASONS};
#include "nss_info.h"
+#include "nsswitch/libwbclient/wbclient.h"
/* generated rpc server implementation functions */
#include "librpc/gen_ndr/srv_echo.h"
diff --git a/source3/lib/winbind_util.c b/source3/lib/winbind_util.c
new file mode 100644
index 0000000000..4983b9ced0
--- /dev/null
+++ b/source3/lib/winbind_util.c
@@ -0,0 +1,325 @@
+/*
+ Unix SMB/CIFS implementation.
+ Winbind Utility functions
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+
+#if defined(WITH_WINBIND)
+
+#include "nsswitch/libwbclient/wbclient.h"
+
+/* Call winbindd to convert a name to a sid */
+
+bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
+ enum lsa_SidType *name_type)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+ enum wbcSidType type;
+
+ result = wbcLookupName(dom_name, name, &dom_sid, &type);
+ if (result != WBC_ERR_SUCCESS)
+ return False;
+
+ memcpy(sid, &dom_sid, sizeof(DOM_SID));
+ *name_type = (enum lsa_SidType)type;
+
+ return True;
+}
+
+/* Call winbindd to convert sid to name */
+
+bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
+ const char **domain, const char **name,
+ enum lsa_SidType *name_type)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+ enum wbcSidType type;
+ char *domain_name = NULL;
+ char *account_name = NULL;
+
+ memcpy(&dom_sid, sid, sizeof(dom_sid));
+
+ result = wbcLookupSid(&dom_sid, &domain_name, &account_name, &type);
+ if (result != WBC_ERR_SUCCESS)
+ return False;
+
+ /* Copy out result */
+
+ if (domain) {
+ *domain = talloc_strdup(mem_ctx, domain_name);
+ }
+ if (name) {
+ *name = talloc_strdup(mem_ctx, account_name);
+ }
+ *name_type = (enum lsa_SidType)type;
+
+ DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n",
+ sid_string_dbg(sid), domain_name, account_name));
+
+ SAFE_FREE(domain_name);
+ SAFE_FREE(account_name);
+
+ if ((domain && !*domain) || (name && !*name)) {
+ DEBUG(0,("winbind_lookup_sid: talloc() failed!\n"));
+ return False;
+ }
+
+
+ return True;
+}
+
+/* Ping winbindd to see it is alive */
+
+bool winbind_ping(void)
+{
+ wbcErr result = wbcPing();
+
+ return (result == WBC_ERR_SUCCESS);
+}
+
+/* Call winbindd to convert SID to uid */
+
+bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+
+ memcpy(&dom_sid, sid, sizeof(dom_sid));
+
+ result = wbcSidToUid(&dom_sid, puid);
+ if (result != WBC_ERR_SUCCESS)
+ return False;
+
+ return (result == WBC_ERR_SUCCESS);
+}
+
+/* Call winbindd to convert uid to sid */
+
+bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+
+ result = wbcUidToSid(uid, &dom_sid);
+ if (result == WBC_ERR_SUCCESS) {
+ memcpy(sid, &dom_sid, sizeof(DOM_SID));
+ } else {
+ sid_copy(sid, &global_sid_NULL);
+ }
+
+ return (result == WBC_ERR_SUCCESS);
+}
+
+/* Call winbindd to convert SID to gid */
+
+bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+
+ memcpy(&dom_sid, sid, sizeof(dom_sid));
+
+ result = wbcSidToGid(&dom_sid, pgid);
+ if (result != WBC_ERR_SUCCESS)
+ return False;
+
+ return (result == WBC_ERR_SUCCESS);
+}
+
+/* Call winbindd to convert gid to sid */
+
+bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+
+ result = wbcGidToSid(gid, &dom_sid);
+ if (result == WBC_ERR_SUCCESS) {
+ memcpy(sid, &dom_sid, sizeof(DOM_SID));
+ } else {
+ sid_copy(sid, &global_sid_NULL);
+ }
+
+ return (result == WBC_ERR_SUCCESS);
+}
+
+/* Check for a trusted domain */
+
+wbcErr wb_is_trusted_domain(const char *domain)
+{
+ wbcErr result;
+ struct wbcDomainInfo info;
+
+ result = wbcDomainInfo(domain, &info);
+
+ if (result == WBC_ERR_SUCCESS) {
+ SAFE_FREE(info.short_name);
+ SAFE_FREE(info.dns_name);
+ }
+
+ return result;
+}
+
+/* Lookup a set of rids in a given domain */
+
+bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
+ const DOM_SID *domain_sid,
+ int num_rids, uint32 *rids,
+ const char **domain_name,
+ const char ***names, enum lsa_SidType **types)
+{
+ const char *dom_name = NULL;
+ const char **namelist = NULL;
+ enum wbcSidType *name_types = NULL;
+ struct wbcDomainSid dom_sid;
+ wbcErr ret;
+ int i;
+
+ memcpy(&dom_sid, domain_sid, sizeof(struct wbcDomainSid));
+
+ ret = wbcLookupRids(&dom_sid, num_rids, rids,
+ &dom_name, &namelist, &name_types);
+ if (ret != WBC_ERR_SUCCESS)
+ return False;
+
+ *domain_name = talloc_strdup(mem_ctx, dom_name);
+ *names = TALLOC_ARRAY(mem_ctx, const char*, num_rids);
+ *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids);
+
+ for(i=0; i<num_rids; i++) {
+ (*names)[i] = talloc_strdup(names, namelist[i]);
+ (*types)[i] = (enum lsa_SidType)name_types[i];
+
+ free(CONST_DISCARD(char*, namelist[i]));
+ }
+ free(namelist);
+ free(name_types);
+
+ return True;
+}
+
+/* Ask Winbind to allocate a new uid for us */
+
+bool winbind_allocate_uid(uid_t *uid)
+{
+ wbcErr ret;
+
+ ret = wbcAllocateUid(uid);
+
+ return (ret == WBC_ERR_SUCCESS);
+}
+
+/* Ask Winbind to allocate a new gid for us */
+
+bool winbind_allocate_gid(gid_t *gid)
+{
+ wbcErr ret;
+
+ ret = wbcAllocateGid(gid);
+
+ return (ret == WBC_ERR_SUCCESS);
+}
+
+#else /* WITH_WINBIND */
+
+bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
+ enum lsa_SidType *name_type)
+{
+ return False;
+}
+
+/* Call winbindd to convert sid to name */
+
+bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
+ const char **domain, const char **name,
+ enum lsa_SidType *name_type)
+{
+ return False;
+}
+
+/* Ping winbindd to see it is alive */
+
+bool winbind_ping(void)
+{
+ return False;
+}
+
+/* Call winbindd to convert SID to uid */
+
+bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
+{
+ return False;
+}
+
+/* Call winbindd to convert uid to sid */
+
+bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
+{
+ return False;
+}
+
+/* Call winbindd to convert SID to gid */
+
+bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
+{
+ return False;
+}
+
+/* Call winbindd to convert gid to sid */
+
+bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
+{
+ return False;
+}
+
+/* Check for a trusted domain */
+
+wbcErr wb_is_trusted_domain(const char *domain)
+{
+ return WBC_ERR_UNKNOWN_FAILURE;
+}
+
+/* Lookup a set of rids in a given domain */
+
+bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
+ const DOM_SID *domain_sid,
+ int num_rids, uint32 *rids,
+ const char **domain_name,
+ const char ***names, enum lsa_SidType **types)
+{
+ return False;
+}
+
+/* Ask Winbind to allocate a new uid for us */
+
+bool winbind_allocate_uid(uid_t *uid)
+{
+ return False;
+}
+
+/* Ask Winbind to allocate a new gid for us */
+
+bool winbind_allocate_gid(gid_t *gid)
+{
+ return False;
+}
+
+#endif /* WITH_WINBIND */
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c
index d24bba2fe1..5e1a5d8ad4 100644
--- a/source3/nsswitch/wb_client.c
+++ b/source3/nsswitch/wb_client.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "nsswitch/winbind_nss.h"
+#include "libwbclient/wbclient.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
@@ -30,431 +31,6 @@ NSS_STATUS winbindd_request_response(int req_type,
struct winbindd_request *request,
struct winbindd_response *response);
-/* Call winbindd to convert a name to a sid */
-
-bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
- enum lsa_SidType *name_type)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
-
- if (!sid || !name_type)
- return False;
-
- /* Send off request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- fstrcpy(request.data.name.dom_name, dom_name);
- fstrcpy(request.data.name.name, name);
-
- if ((result = winbindd_request_response(WINBINDD_LOOKUPNAME, &request,
- &response)) == NSS_STATUS_SUCCESS) {
- if (!string_to_sid(sid, response.data.sid.sid))
- return False;
- *name_type = (enum lsa_SidType)response.data.sid.type;
- }
-
- return result == NSS_STATUS_SUCCESS;
-}
-
-/* Call winbindd to convert sid to name */
-
-bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
- const char **domain, const char **name,
- enum lsa_SidType *name_type)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- sid_to_fstring(request.data.sid, sid);
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_LOOKUPSID, &request,
- &response);
-
- if (result != NSS_STATUS_SUCCESS) {
- return False;
- }
-
- /* Copy out result */
-
- if (domain != NULL) {
- *domain = talloc_strdup(mem_ctx, response.data.name.dom_name);
- if (*domain == NULL) {
- DEBUG(0, ("talloc failed\n"));
- return False;
- }
- }
- if (name != NULL) {
- *name = talloc_strdup(mem_ctx, response.data.name.name);
- if (*name == NULL) {
- DEBUG(0, ("talloc failed\n"));
- return False;
- }
- }
-
- *name_type = (enum lsa_SidType)response.data.name.type;
-
- DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n",
- sid_string_dbg(sid), response.data.name.dom_name,
- response.data.name.name));
- return True;
-}
-
-bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
- const DOM_SID *domain_sid,
- int num_rids, uint32 *rids,
- const char **domain_name,
- const char ***names, enum lsa_SidType **types)
-{
- size_t i, buflen;
- ssize_t len;
- char *ridlist;
- char *p;
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
-
- if (num_rids == 0) {
- return False;
- }
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- sid_to_fstring(request.data.sid, domain_sid);
-
- len = 0;
- buflen = 0;
- ridlist = NULL;
-
- for (i=0; i<num_rids; i++) {
- sprintf_append(mem_ctx, &ridlist, &len, &buflen,
- "%ld\n", rids[i]);
- }
-
- if (ridlist == NULL) {
- return False;
- }
-
- request.extra_data.data = ridlist;
- request.extra_len = strlen(ridlist)+1;
-
- result = winbindd_request_response(WINBINDD_LOOKUPRIDS,
- &request, &response);
-
- TALLOC_FREE(ridlist);
-
- if (result != NSS_STATUS_SUCCESS) {
- return False;
- }
-
- *domain_name = talloc_strdup(mem_ctx, response.data.domain_name);
-
- *names = TALLOC_ARRAY(mem_ctx, const char *, num_rids);
- *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids);
-
- if ((*names == NULL) || (*types == NULL)) {
- goto fail;
- }
-
- p = (char *)response.extra_data.data;
-
- for (i=0; i<num_rids; i++) {
- char *q;
-
- if (*p == '\0') {
- DEBUG(10, ("Got invalid reply: %s\n",
- (char *)response.extra_data.data));
- goto fail;
- }
-
- (*types)[i] = (enum lsa_SidType)strtoul(p, &q, 10);
-
- if (*q != ' ') {
- DEBUG(10, ("Got invalid reply: %s\n",
- (char *)response.extra_data.data));
- goto fail;
- }
-
- p = q+1;
-
- q = strchr(p, '\n');
- if (q == NULL) {
- DEBUG(10, ("Got invalid reply: %s\n",
- (char *)response.extra_data.data));
- goto fail;
- }
-
- *q = '\0';
-
- (*names)[i] = talloc_strdup(*names, p);
-
- p = q+1;
- }
-
- if (*p != '\0') {
- DEBUG(10, ("Got invalid reply: %s\n",
- (char *)response.extra_data.data));
- goto fail;
- }
-
- SAFE_FREE(response.extra_data.data);
-
- return True;
-
- fail:
- TALLOC_FREE(*names);
- TALLOC_FREE(*types);
- return False;
-}
-
-/* Call winbindd to convert SID to uid */
-
-bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
- fstring sid_str;
-
- if (!puid)
- return False;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- sid_to_fstring(sid_str, sid);
- fstrcpy(request.data.sid, sid_str);
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response);
-
- /* Copy out result */
-
- if (result == NSS_STATUS_SUCCESS) {
- *puid = response.data.uid;
- }
-
- return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert uid to sid */
-
-bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
-
- if (!sid)
- return False;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.uid = uid;
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response);
-
- /* Copy out result */
-
- if (result == NSS_STATUS_SUCCESS) {
- if (!string_to_sid(sid, response.data.sid.sid))
- return False;
- } else {
- sid_copy(sid, &global_sid_NULL);
- }
-
- return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert SID to gid */
-
-bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
- fstring sid_str;
-
- if (!pgid)
- return False;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- sid_to_fstring(sid_str, sid);
- fstrcpy(request.data.sid, sid_str);
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response);
-
- /* Copy out result */
-
- if (result == NSS_STATUS_SUCCESS) {
- *pgid = response.data.gid;
- }
-
- return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert gid to sid */
-
-bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
-
- if (!sid)
- return False;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.gid = gid;
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response);
-
- /* Copy out result */
-
- if (result == NSS_STATUS_SUCCESS) {
- if (!string_to_sid(sid, response.data.sid.sid))
- return False;
- } else {
- sid_copy(sid, &global_sid_NULL);
- }
-
- return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert SID to uid */
-
-bool winbind_sids_to_unixids(struct id_map *ids, int num_ids)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
- DOM_SID *sids;
- int i;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.extra_len = num_ids * sizeof(DOM_SID);
-
- sids = (DOM_SID *)SMB_MALLOC(request.extra_len);
- for (i = 0; i < num_ids; i++) {
- sid_copy(&sids[i], ids[i].sid);
- }
-
- request.extra_data.data = (char *)sids;
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_SIDS_TO_XIDS, &request, &response);
-
- /* Copy out result */
-
- if (result == NSS_STATUS_SUCCESS) {
- struct unixid *wid = (struct unixid *)response.extra_data.data;
-
- for (i = 0; i < num_ids; i++) {
- if (wid[i].type == -1) {
- ids[i].status = ID_UNMAPPED;
- } else {
- ids[i].status = ID_MAPPED;
- ids[i].xid.type = wid[i].type;
- ids[i].xid.id = wid[i].id;
- }
- }
- }
-
- SAFE_FREE(request.extra_data.data);
- SAFE_FREE(response.extra_data.data);
-
- return (result == NSS_STATUS_SUCCESS);
-}
-
-bool winbind_allocate_uid(uid_t *uid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_ALLOCATE_UID,
- &request, &response);
-
- if (result != NSS_STATUS_SUCCESS)
- return False;
-
- /* Copy out result */
- *uid = response.data.uid;
-
- return True;
-}
-
-bool winbind_allocate_gid(gid_t *gid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_ALLOCATE_GID,
- &request, &response);
-
- if (result != NSS_STATUS_SUCCESS)
- return False;
-
- /* Copy out result */
- *gid = response.data.gid;
-
- return True;
-}
-
bool winbind_set_mapping(const struct id_map *map)
{
struct winbindd_request request;
@@ -518,49 +94,3 @@ bool winbind_set_gid_hwm(unsigned long id)
return (result == NSS_STATUS_SUCCESS);
}
-
-/**********************************************************************
- simple wrapper function to see if winbindd is alive
-**********************************************************************/
-
-bool winbind_ping( void )
-{
- NSS_STATUS result;
-
- result = winbindd_request_response(WINBINDD_PING, NULL, NULL);
-
- return result == NSS_STATUS_SUCCESS;
-}
-
-/**********************************************************************
- Is a domain trusted?
-
- result == NSS_STATUS_UNAVAIL: winbind not around
- result == NSS_STATUS_NOTFOUND: winbind around, but domain missing
-
- Due to a bad API NSS_STATUS_NOTFOUND is returned both when winbind_off and
- when winbind return WINBINDD_ERROR. So the semantics of this routine depends
- on winbind_on. Grepping for winbind_off I just found 3 places where winbind
- is turned off, and this does not conflict (as far as I have seen) with the
- callers of is_trusted_domains.
-
- I *hate* global variables....
-
- Volker
-
-**********************************************************************/
-
-NSS_STATUS wb_is_trusted_domain(const char *domain)
-{
- struct winbindd_request request;
- struct winbindd_response response;
-
- /* Call winbindd */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- fstrcpy(request.domain_name, domain);
-
- return winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response);
-}
diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index 37ff8a78c7..c8f8398c6f 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "winbind_client.h"
+#include "libwbclient/wbclient.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
@@ -73,25 +74,26 @@ static char winbind_separator(void)
static const char *get_winbind_domain(void)
{
- struct winbindd_response response;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct wbcDomainInfo *dinfo = NULL;
static fstring winbind_domain;
- ZERO_STRUCT(response);
-
- /* Send off request */
+ ZERO_STRUCT(dinfo);
+
+ wbc_status = wbcDomainInfo(".", &dinfo);
- if (winbindd_request_response(WINBINDD_DOMAIN_NAME, NULL, &response) !=
- NSS_STATUS_SUCCESS) {
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
d_fprintf(stderr, "could not obtain winbind domain name!\n");
/* HACK: (this module should not call lp_ funtions) */
return lp_workgroup();
}
- fstrcpy(winbind_domain, response.data.domain_name);
+ fstrcpy(winbind_domain, dinfo->short_name);
- return winbind_domain;
+ wbcFreeMemory(dinfo);
+ return winbind_domain;
}
/* Copy of parse_domain_user from winbindd_util.c. Parse a string of the
@@ -128,61 +130,47 @@ static bool parse_wbinfo_domain_user(const char *domuser, fstring domain,
static bool wbinfo_get_userinfo(char *user)
{
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Send request */
-
- fstrcpy(request.data.username, user);
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct passwd *pwd = NULL;
- result = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response);
-
- if (result != NSS_STATUS_SUCCESS)
- return False;
+ wbc_status = wbcGetpwnam(user, &pwd);
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ return false;
+ }
- d_printf( "%s:%s:%d:%d:%s:%s:%s\n",
- response.data.pw.pw_name,
- response.data.pw.pw_passwd,
- response.data.pw.pw_uid,
- response.data.pw.pw_gid,
- response.data.pw.pw_gecos,
- response.data.pw.pw_dir,
- response.data.pw.pw_shell );
+ d_printf("%s:%s:%d:%d:%s:%s:%s\n",
+ pwd->pw_name,
+ pwd->pw_passwd,
+ pwd->pw_uid,
+ pwd->pw_gid,
+ pwd->pw_gecos,
+ pwd->pw_dir,
+ pwd->pw_shell);
- return True;
+ return true;
}
/* pull pwent info for a given uid */
static bool wbinfo_get_uidinfo(int uid)
{
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.uid = uid;
-
- result = winbindd_request_response(WINBINDD_GETPWUID, &request, &response);
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct passwd *pwd = NULL;
- if (result != NSS_STATUS_SUCCESS)
- return False;
-
- d_printf( "%s:%s:%d:%d:%s:%s:%s\n",
- response.data.pw.pw_name,
- response.data.pw.pw_passwd,
- response.data.pw.pw_uid,
- response.data.pw.pw_gid,
- response.data.pw.pw_gecos,
- response.data.pw.pw_dir,
- response.data.pw.pw_shell );
-
- return True;
+ wbc_status = wbcGetpwuid(uid, &pwd);
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ return false;
+ }
+
+ d_printf("%s:%s:%d:%d:%s:%s:%s\n",
+ pwd->pw_name,
+ pwd->pw_passwd,
+ pwd->pw_uid,
+ pwd->pw_gid,
+ pwd->pw_gecos,
+ pwd->pw_dir,
+ pwd->pw_shell);
+
+ return true;
}
/* pull grent for a given group */
@@ -874,40 +862,40 @@ static bool wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags)
static bool wbinfo_auth(char *username)
{
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
- char *p;
-
- /* Send off request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- p = strchr(username, '%');
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ char *s = NULL;
+ char *p = NULL;
+ char *password = NULL;
+ char *name = NULL;
+
+ if ((s = SMB_STRDUP(username)) == NULL) {
+ return false;
+ }
- if (p) {
+ if ((p = strchr(s, '%')) != NULL) {
*p = 0;
- fstrcpy(request.data.auth.user, username);
- fstrcpy(request.data.auth.pass, p + 1);
- *p = '%';
- } else
- fstrcpy(request.data.auth.user, username);
+ p++;
+ }
- result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response);
+ name = s;
+ password = p;
- /* Display response */
+ wbc_status = wbcAuthenticateUser(name, password);
d_printf("plaintext password authentication %s\n",
- (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
+ WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed");
+#if 0
if (response.data.auth.nt_status)
d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n",
response.data.auth.nt_status_string,
response.data.auth.nt_status,
response.data.auth.error_string);
+#endif
- return result == NSS_STATUS_SUCCESS;
+ SAFE_FREE(s);
+
+ return WBC_ERROR_IS_OK(wbc_status);
}
/* Authenticate a user with a challenge/response */