summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJames Peach <jpeach@samba.org>2007-12-22 14:01:44 -0800
committerJames Peach <jpeach@samba.org>2007-12-22 14:01:44 -0800
commitbf2269a04e5af056037c392fb7f29014b62d1bb2 (patch)
tree38a2c68c2835bb65725003dd479a3a6fdbee1a51
parent1176e04c76e28d9ee9ab355c5e9edcd1b627ac03 (diff)
parenta000fa4ee5491ae32c60881b28b3536e88e82e27 (diff)
downloadsamba-bf2269a04e5af056037c392fb7f29014b62d1bb2.tar.gz
samba-bf2269a04e5af056037c392fb7f29014b62d1bb2.tar.bz2
samba-bf2269a04e5af056037c392fb7f29014b62d1bb2.zip
Merge branch 'v3-2-test' of git://git.samba.org/samba into v3-2-test
(This used to be commit 30cb2d215f1a4a440d5ecaab3f898daa714eee2b)
-rw-r--r--.gitignore2
-rw-r--r--source3/Makefile.in234
-rw-r--r--source3/auth/auth_util.c6
-rw-r--r--source3/client/client.c139
-rw-r--r--source3/client/clitar.c60
-rw-r--r--source3/configure.in77
-rw-r--r--source3/exports/libnetapi.syms3
-rw-r--r--source3/exports/libwbclient.syms4
-rw-r--r--source3/include/includes.h1
-rw-r--r--source3/include/memcache.h13
-rw-r--r--source3/lib/access.c20
-rw-r--r--source3/lib/data_blob.c2
-rw-r--r--source3/lib/md4.c20
-rw-r--r--source3/lib/memcache.c88
-rw-r--r--source3/lib/netapi/examples/Makefile.in57
-rw-r--r--source3/lib/netapi/examples/getdc/getdc.c57
-rw-r--r--source3/lib/netapi/examples/netdomjoin-gui/logo.pngbin0 -> 9329 bytes
-rw-r--r--source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c1347
-rwxr-xr-xsource3/lib/netapi/examples/netdomjoin-gui/samba.icobin0 -> 1406 bytes
-rw-r--r--source3/lib/netapi/examples/netdomjoin/netdomjoin.c107
-rw-r--r--source3/lib/netapi/getdc.c243
-rw-r--r--source3/lib/netapi/joindomain.c432
-rw-r--r--source3/lib/netapi/netapi.c160
-rw-r--r--source3/lib/netapi/netapi.h74
-rw-r--r--source3/lib/netapi/serverinfo.c297
-rw-r--r--source3/lib/secace.c5
-rw-r--r--source3/lib/secacl.c3
-rw-r--r--source3/lib/secdesc.c12
-rw-r--r--source3/lib/sharesec.c10
-rw-r--r--source3/lib/socket_wrapper/socket_wrapper.c4
-rw-r--r--source3/lib/time.c4
-rw-r--r--source3/lib/util_pw.c68
-rw-r--r--source3/lib/util_seaccess.c4
-rw-r--r--source3/lib/util_str.c77
-rw-r--r--source3/lib/winbind_util.c324
-rw-r--r--source3/libnet/libnet.h (renamed from source3/lib/netapi/joindomain.h)19
-rw-r--r--source3/libnet/libnet_conf.c195
-rw-r--r--source3/libnet/libnet_join.c583
-rw-r--r--source3/libnet/libnet_join.h65
-rw-r--r--source3/library-versions.in4
-rw-r--r--source3/libsmb/cliconnect.c3
-rw-r--r--source3/libsmb/clientgen.c4
-rw-r--r--source3/libsmb/doserr.c52
-rw-r--r--source3/locking/posix.c4
-rw-r--r--source3/nsswitch/libwbclient/Doxyfile1297
-rw-r--r--source3/nsswitch/libwbclient/libwbclient.h46
-rw-r--r--source3/nsswitch/libwbclient/wbc_err.h51
-rw-r--r--source3/nsswitch/libwbclient/wbc_err_internal.h44
-rw-r--r--source3/nsswitch/libwbclient/wbc_idmap.c272
-rw-r--r--source3/nsswitch/libwbclient/wbc_pam.c65
-rw-r--r--source3/nsswitch/libwbclient/wbc_pwd.c374
-rw-r--r--source3/nsswitch/libwbclient/wbc_sid.c423
-rw-r--r--source3/nsswitch/libwbclient/wbc_util.c110
-rw-r--r--source3/nsswitch/libwbclient/wbclient.c105
-rw-r--r--source3/nsswitch/libwbclient/wbclient.h184
-rw-r--r--source3/nsswitch/libwbclient/wbclient_internal.h32
-rw-r--r--source3/nsswitch/wb_client.c472
-rw-r--r--source3/nsswitch/wbinfo.c138
-rw-r--r--source3/param/loadparm.c2
-rw-r--r--source3/pkgconfig/netapi.pc.in14
-rw-r--r--source3/pkgconfig/smbclient.pc.in14
-rw-r--r--source3/pkgconfig/smbsharemodes.pc.in14
-rw-r--r--source3/rpc_client/cli_netlogon.c14
-rw-r--r--source3/rpc_server/srv_dfs_nt.c2
-rw-r--r--source3/rpc_server/srv_lsa_nt.c4
-rw-r--r--source3/rpc_server/srv_samr_nt.c4
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c2
-rw-r--r--source3/rpc_server/srv_svcctl_nt.c4
-rw-r--r--source3/rpc_server/srv_winreg_nt.c6
-rw-r--r--source3/rpc_server/srv_wkssvc_nt.c71
-rw-r--r--source3/rpcclient/cmd_netlogon.c8
-rw-r--r--source3/script/mkproto.awk2
-rwxr-xr-xsource3/script/tests/selftest.sh4
-rw-r--r--source3/services/services_db.c4
-rw-r--r--source3/smbd/close.c7
-rw-r--r--source3/smbd/open.c24
-rw-r--r--source3/smbd/posix_acls.c6
-rw-r--r--source3/smbd/reply.c4
-rw-r--r--source3/smbd/server.c6
-rw-r--r--source3/smbd/vfs.c2
-rw-r--r--source3/utils/net_conf.c158
-rw-r--r--source3/utils/net_dom.c59
-rw-r--r--source3/winbindd/winbindd_cm.c4
-rw-r--r--source3/winbindd/winbindd_group.c5
-rw-r--r--source3/winbindd/winbindd_misc.c6
85 files changed, 7801 insertions, 1145 deletions
diff --git a/.gitignore b/.gitignore
index bd1cba16b0..d3266edbbe 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,7 @@
*.po
*~
source/client/client_proto.h
+source/libnet/libnet_proto.h
source/include/build_env.h
source/include/config.h
source/include/config.h.in
@@ -9,6 +10,7 @@ source/include/proto.h
source/include/stamp-h
source/include/version.h
source/Makefile
+source/lib/netapi/examples/Makefile
source/config.log
source/config.status
source/configure
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 599b0501a1..d3b990e94a 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -63,6 +63,7 @@ KRB5LIBS=@KRB5_LIBS@
LDAP_LIBS=@LDAP_LIBS@
NSCD_LIBS=@NSCD_LIBS@
UUID_LIBS=@UUID_LIBS@
+WINBIND_LIBS=@WINBIND_LIBS@
DNSSD_LIBS=@DNSSD_LIBS@
INSTALLCMD=@INSTALL@
@@ -90,6 +91,7 @@ BINDIR = @bindir@
SBINDIR = @sbindir@
ROOTSBINDIR = @rootsbindir@
LIBDIR = @libdir@
+INCLUDEDIR=@includedir@
PAMMODULESDIR = @pammodulesdir@
VFSLIBDIR = $(LIBDIR)/vfs
PDBLIBDIR = $(LIBDIR)/pdb
@@ -141,6 +143,8 @@ PIDDIR = @piddir@
LIBSMBCLIENT=bin/libsmbclient.a @LIBSMBCLIENT_SHARED@
LIBSMBSHAREMODES=bin/libsmbsharemodes.a @LIBSMBSHAREMODES_SHARED@
LIBADDNS=bin/libaddns.a @LIBADDNS_SHARED@
+LIBWBCLIENT=@LIBWBCLIENT_SHARED@
+LIBNETAPI=bin/libnetapi.a @LIBNETAPI_SHARED@
FLAGS1 = $(CFLAGS) @FLAGS1@ @SAMBA_CPPFLAGS@ $(CPPFLAGS)
FLAGS2 =
@@ -198,7 +202,7 @@ EVERYTHING_PROGS = bin/debug2html@EXEEXT@ bin/smbfilter@EXEEXT@ \
bin/log2pcap@EXEEXT@ bin/sharesec@EXEEXT@ bin/ndrdump@EXEEXT@ \
bin/vlp@EXEEXT@
-SHLIBS = @LIBSMBCLIENT@ @LIBSMBSHAREMODES@ @LIBADDNS@
+SHLIBS = @LIBSMBCLIENT@ @LIBSMBSHAREMODES@ @LIBADDNS@ @LIBNETAPI@ @LIBWBCLIENT@
PAM_MODULES = @PAM_MODULES@
@@ -280,6 +284,7 @@ NSS_WRAPPER_OBJ = @NSS_WRAPPER_OBJS@
TALLOC_OBJ = lib/talloc/talloc.o
+LIBSAMBAUTIL_OBJ = $(TALLOC_OBJ) $(LIBREPLACE_OBJ)
LIB_WITHOUT_PROTO_OBJ = $(LIBREPLACE_OBJ) $(SOCKET_WRAPPER_OBJ) $(NSS_WRAPPER_OBJ) $(TALLOC_OBJ) \
lib/messages.o librpc/gen_ndr/ndr_messaging.o lib/messages_local.o \
@@ -301,7 +306,7 @@ LIB_WITH_PROTO_OBJ = $(VERSION_OBJ) lib/charcnv.o lib/debug.o lib/fault.o \
lib/ms_fnmatch.o lib/select.o lib/errmap_unix.o \
lib/tallocmsg.o lib/dmallocmsg.o libsmb/smb_signing.o \
lib/md5.o lib/hmacmd5.o lib/arc4.o lib/iconv.o \
- nsswitch/wb_client.o $(WBCOMMON_OBJ) \
+ $(WBCOMMON_OBJ) \
lib/pam_errors.o intl/lang_tdb.o lib/conn_tdb.o \
lib/adt_tree.o lib/gencache.o $(TDB_OBJ) \
lib/module.o lib/events.o lib/ldap_escape.o @CHARSET_STATIC@ \
@@ -330,6 +335,15 @@ LIBADDNS_OBJ0 = libaddns/dnsrecord.o libaddns/dnsutils.o libaddns/dnssock.o \
libaddns/dnsgss.o libaddns/dnsmarshall.o
LIBADDNS_OBJ = $(LIBADDNS_OBJ0) $(TALLOC_OBJ)
+LIBWBCLIENT_OBJ = nsswitch/wb_common.o lib/talloc/talloc.o \
+ nsswitch/libwbclient/wbclient.o \
+ nsswitch/libwbclient/wbc_util.o \
+ nsswitch/libwbclient/wbc_pwd.o \
+ nsswitch/libwbclient/wbc_idmap.o \
+ nsswitch/libwbclient/wbc_sid.o \
+ nsswitch/libwbclient/wbc_pam.o
+
+
LIBGPO_OBJ0 = libgpo/gpo_ldap.o libgpo/gpo_ini.o libgpo/gpo_util.o \
libgpo/gpo_fetch.o libgpo/gpo_filesync.o libgpo/gpo_sec.o
LIBGPO_OBJ = $(LIBGPO_OBJ0)
@@ -452,7 +466,7 @@ PASSDB_OBJ = $(PASSDB_GET_SET_OBJ) passdb/passdb.o passdb/pdb_interface.o \
passdb/util_unixsids.o passdb/lookup_sid.o \
passdb/login_cache.o @PDB_STATIC@ \
lib/account_pol.o lib/privileges.o lib/privileges_basic.o \
- lib/util_nscd.o
+ lib/util_nscd.o lib/winbind_util.o
DEVEL_HELP_WEIRD_OBJ = modules/weird.o
CP850_OBJ = modules/CP850.o
@@ -558,7 +572,7 @@ SMBD_OBJ_BASE = $(PARAM_WITHOUT_REG_OBJ) $(SMBD_OBJ_SRV) $(LIBSMB_OBJ) \
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) \
$(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(LIBADS_SERVER_OBJ) \
$(REGISTRY_OBJ) $(POPT_LIB_OBJ) \
- $(BUILDOPT_OBJ) $(SMBLDAP_OBJ) $(LDB_OBJ)
+ $(BUILDOPT_OBJ) $(SMBLDAP_OBJ) $(LDB_OBJ) $(LIBNET_OBJ)
PRINTING_OBJ = printing/pcap.o printing/print_svid.o printing/print_aix.o \
printing/print_cups.o printing/print_generic.o \
@@ -569,6 +583,7 @@ PRINTBASE_OBJ = printing/notify.o printing/printing_db.o
PRINTBACKEND_OBJ = printing/printing.o printing/nt_printing.o $(PRINTBASE_OBJ)
SMBD_OBJ = $(SMBD_OBJ_BASE) $(SMBD_OBJ_MAIN)
+
NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
nmbd/nmbd_become_lmb.o nmbd/nmbd_browserdb.o \
nmbd/nmbd_browsesync.o nmbd/nmbd_elections.o \
@@ -622,12 +637,13 @@ PASSWD_UTIL_OBJ = utils/passwd_util.o
SMBPASSWD_OBJ = utils/smbpasswd.o $(PASSWD_UTIL_OBJ) $(PASSCHANGE_OBJ) \
$(PARAM_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) $(PASSDB_OBJ) \
$(GROUPDB_OBJ) $(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) \
- $(POPT_LIB_OBJ) $(SMBLDAP_OBJ) $(RPC_PARSE_OBJ) $(LIBMSRPC_GEN_OBJ) $(LIBMSRPC_OBJ) $(LDB_OBJ)
+ $(POPT_LIB_OBJ) $(SMBLDAP_OBJ) $(RPC_PARSE_OBJ) \
+ $(LIBMSRPC_GEN_OBJ) $(LIBMSRPC_OBJ) $(LDB_OBJ)
PDBEDIT_OBJ = utils/pdbedit.o $(PASSWD_UTIL_OBJ) $(PARAM_OBJ) $(PASSDB_OBJ) \
$(LIBSAMBA_OBJ) $(LIB_NONSMBD_OBJ) $(GROUPDB_OBJ) \
$(SECRETS_OBJ) $(POPT_LIB_OBJ) $(SMBLDAP_OBJ) libsmb/asn1.o \
- $(RPC_PARSE_OBJ1) $(DOSERR_OBJ) $(LDB_OBJ) $(ERRORMAP_OBJ)
+ $(RPC_PARSE_OBJ1) $(DOSERR_OBJ) $(LDB_OBJ) $(ERRORMAP_OBJ)
SMBGET_OBJ = utils/smbget.o $(POPT_LIB_OBJ) $(LIBSMBCLIENT_OBJ)
@@ -648,7 +664,7 @@ RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \
$(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(LIBMSRPC_GEN_OBJ) $(LIBMSRPC_OBJ) \
$(READLINE_OBJ) $(GROUPDB_OBJ) $(KRBCLIENT_OBJ) \
$(LIBADS_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) \
- $(SMBLDAP_OBJ) $(DCUTIL_OBJ) $(LDB_OBJ)
+ $(SMBLDAP_OBJ) $(DCUTIL_OBJ) $(LDB_OBJ)
PAM_WINBIND_OBJ = nsswitch/pam_winbind.o $(WBCOMMON_OBJ) \
$(LIBREPLACE_OBJ) $(SOCKET_WRAPPER_OBJ) @BUILD_INIPARSER@
@@ -681,7 +697,7 @@ CLIENT_OBJ = $(CLIENT_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
$(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) $(LIBMSRPC_GEN_OBJ) \
$(READLINE_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ) \
$(PASSDB_OBJ) $(SMBLDAP_OBJ) $(GROUPDB_OBJ) $(LDB_OBJ) \
- $(DISPLAY_SEC_OBJ)
+ $(DISPLAY_SEC_OBJ)
UTIL_REG_OBJ = lib/util_reg.o
UTIL_REG_API_OBJ = lib/util_reg_api.o
@@ -705,7 +721,21 @@ REG_API_OBJ = registry/reg_api.o \
$(UTIL_REG_API_OBJ) \
$(UTIL_REG_SMBCONF_OBJ)
-NETAPI_OBJ = lib/netapi/joindomain.o
+
+LIBNETAPI_OBJ1 = lib/netapi/netapi.o \
+ lib/netapi/joindomain.o \
+ lib/netapi/serverinfo.o \
+ lib/netapi/getdc.o
+
+LIBNETAPI_OBJ = $(LIBNETAPI_OBJ1) $(LIBNET_OBJ) \
+ $(REG_API_OBJ) \
+ $(PARAM_WITHOUT_REG_OBJ) $(LIB_NONSMBD_OBJ) \
+ $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
+ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) $(RPC_PARSE_OBJ) \
+ $(SECRETS_OBJ) $(PASSDB_OBJ) $(SMBLDAP_OBJ) $(GROUPDB_OBJ) $(LDB_OBJ) \
+ $(DCUTIL_OBJ) $(LIBADS_OBJ)
+
+LIBNET_OBJ = libnet/libnet_conf.o libnet/libnet_join.o
NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_domain.o utils/net_help.o \
utils/net_rap.o utils/net_rpc.o utils/net_rpc_samsync.o \
@@ -716,7 +746,7 @@ NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_domain.o utils/net_help.o \
utils/netlookup.o utils/net_sam.o utils/net_rpc_shell.o \
utils/net_util.o utils/net_rpc_sh_acct.o utils/net_rpc_audit.o \
$(PASSWD_UTIL_OBJ) utils/net_dns.o utils/net_ads_gpo.o \
- utils/net_conf.o auth/token_util.o utils/net_dom.o
+ utils/net_conf.o auth/token_util.o utils/net_dom.o nsswitch/wb_client.o
NET_OBJ = $(NET_OBJ1) $(PARAM_WITHOUT_REG_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \
$(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
@@ -726,7 +756,7 @@ NET_OBJ = $(NET_OBJ1) $(PARAM_WITHOUT_REG_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \
$(SMBLDAP_OBJ) $(DCUTIL_OBJ) $(SERVER_MUTEX_OBJ) \
$(AFS_OBJ) $(AFS_SETTOKEN_OBJ) $(REGFIO_OBJ) $(READLINE_OBJ) \
$(LDB_OBJ) $(LIBGPO_OBJ) @BUILD_INIPARSER@ $(DISPLAY_SEC_OBJ) \
- $(REG_API_OBJ) $(DISPLAY_DSDCINFO_OBJ) $(NETAPI_OBJ)
+ $(REG_API_OBJ) $(DISPLAY_DSDCINFO_OBJ) $(LIBNETAPI_OBJ1) $(LIBNET_OBJ)
CUPS_OBJ = client/smbspool.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
$(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ)
@@ -781,9 +811,10 @@ LOCKTEST2_OBJ = torture/locktest2.o $(PARAM_OBJ) $(LOCKING_OBJ) $(LIBSMB_OBJ) \
$(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ)
SMBCACLS_OBJ = utils/smbcacls.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
- $(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) $(RPC_PARSE_OBJ) \
- $(PASSDB_OBJ) $(GROUPDB_OBJ) $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) $(SECRETS_OBJ) \
- $(POPT_LIB_OBJ) $(DCUTIL_OBJ) $(LIBADS_OBJ) $(SMBLDAP_OBJ) $(LDB_OBJ)
+ $(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) $(RPC_PARSE_OBJ) \
+ $(PASSDB_OBJ) $(GROUPDB_OBJ) $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) \
+ $(SECRETS_OBJ) \
+ $(POPT_LIB_OBJ) $(DCUTIL_OBJ) $(LIBADS_OBJ) $(SMBLDAP_OBJ) $(LDB_OBJ)
SMBCQUOTAS_OBJ = utils/smbcquotas.o $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(PARAM_OBJ) \
@@ -887,10 +918,11 @@ WINBINDD_OBJ = \
$(SECRETS_OBJ) $(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) \
$(DCUTIL_OBJ) $(IDMAP_OBJ) $(NSS_INFO_OBJ) \
$(AFS_OBJ) $(AFS_SETTOKEN_OBJ) \
- $(LIBADS_SERVER_OBJ) $(SERVER_MUTEX_OBJ) $(LDB_OBJ)
+ $(LIBADS_SERVER_OBJ) $(SERVER_MUTEX_OBJ) $(LDB_OBJ)
WBINFO_OBJ = nsswitch/wbinfo.o $(LIBSAMBA_OBJ) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \
- $(SECRETS_OBJ) $(POPT_LIB_OBJ) $(AFS_SETTOKEN_OBJ) $(RPC_PARSE_OBJ1) $(DOSERR_OBJ)
+ $(SECRETS_OBJ) $(POPT_LIB_OBJ) $(AFS_SETTOKEN_OBJ) $(RPC_PARSE_OBJ1) \
+ $(DOSERR_OBJ) lib/winbind_util.o
WINBIND_NSS_OBJ = $(WBCOMMON_OBJ) $(LIBREPLACE_OBJ) $(SOCKET_WRAPPER_OBJ) @WINBIND_NSS_EXTRA_OBJS@
@@ -920,7 +952,7 @@ LDB_CMDLINE_OBJ = $(PARAM_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \
$(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) $(POPT_LIB_OBJ) \
$(SMBLDAP_OBJ) $(DCUTIL_OBJ) $(SERVER_MUTEX_OBJ) \
$(AFS_OBJ) $(AFS_SETTOKEN_OBJ) $(REGFIO_OBJ) $(READLINE_OBJ) \
- $(LDB_OBJ) lib/ldb/tools/cmdline.o
+ $(LDB_OBJ) lib/ldb/tools/cmdline.o
LDBEDIT_OBJ = $(LDB_CMDLINE_OBJ) lib/ldb/tools/ldbedit.o
@@ -958,7 +990,7 @@ NTLM_AUTH_OBJ = ${NTLM_AUTH_OBJ1} $(LIBSAMBA_OBJ) $(POPT_LIB_OBJ) \
libads/kerberos_verify.o $(SECRETS_OBJ) $(SERVER_MUTEX_OBJ) \
libads/authdata.o $(RPC_PARSE_OBJ1) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
$(SMBLDAP_OBJ) $(DOSERR_OBJ) rpc_parse/parse_net.o $(LIBNMB_OBJ) \
- $(LDB_OBJ) $(ERRORMAP_OBJ)
+ $(LDB_OBJ) $(ERRORMAP_OBJ)
VLP_OBJ1 = ../testsuite/printing/vlp.o $(RPC_CLIENT_OBJ1) $(RPC_PARSE_OBJ2) $(RPC_CLIENT_OBJ)
@@ -1034,7 +1066,7 @@ idl:
#####################################################################
-everything: all libsmbclient debug2html smbfilter talloctort replacetort modules torture \
+everything: all libsmbclient libnetapi debug2html smbfilter talloctort replacetort modules torture \
$(EVERYTHING_PROGS)
.SUFFIXES:
@@ -1137,37 +1169,41 @@ bin/.dummy:
dir=bin $(MAKEDIR); fi
@: >> $@ || : > $@ # what a fancy emoticon!
-bin/smbd@EXEEXT@: $(BINARY_PREREQS) $(SMBD_OBJ) @BUILD_POPT@
+bin/smbd@EXEEXT@: $(BINARY_PREREQS) $(SMBD_OBJ) @LIBWBCLIENT_SHARED@ @BUILD_POPT@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(LDFLAGS) $(LDAP_LIBS) \
$(KRB5LIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) \
$(ACL_LIBS) $(PASSDB_LIBS) $(LIBS) $(DNSSD_LIBS) \
- @POPTLIBS@ @SMBD_LIBS@
+ @POPTLIBS@ @SMBD_LIBS@ @WINBIND_LIBS@
bin/nmbd@EXEEXT@: $(BINARY_PREREQS) $(NMBD_OBJ) @BUILD_POPT@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS)
+ @$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) \
+ @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS)
-bin/swat@EXEEXT@: $(BINARY_PREREQS) $(SWAT_OBJ) @BUILD_POPT@
+bin/swat@EXEEXT@: $(BINARY_PREREQS) $(SWAT_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(SWAT_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINT_LIBS) \
- $(AUTH_LIBS) $(LIBS) $(PASSDB_LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS)
+ $(AUTH_LIBS) $(LIBS) $(PASSDB_LIBS) @POPTLIBS@ $(KRB5LIBS) \
+ $(LDAP_LIBS) @WINBIND_LIBS@
-bin/rpcclient@EXEEXT@: $(BINARY_PREREQS) $(RPCCLIENT_OBJ) @BUILD_POPT@
+bin/rpcclient@EXEEXT@: $(BINARY_PREREQS) $(RPCCLIENT_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(PASSDB_LIBS) $(RPCCLIENT_OBJ) \
$(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ \
- $(KRB5LIBS) $(LDAP_LIBS)
+ $(KRB5LIBS) $(LDAP_LIBS) @WINBIND_LIBS@
-bin/smbclient@EXEEXT@: $(BINARY_PREREQS) $(CLIENT_OBJ) @BUILD_POPT@
+bin/smbclient@EXEEXT@: $(BINARY_PREREQS) $(CLIENT_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(CLIENT_OBJ) $(LDFLAGS) $(DYNEXP) \
$(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ \
- $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(DNSSD_LIBS)
+ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(DNSSD_LIBS) @WINBIND_LIBS@
-bin/net@EXEEXT@: $(BINARY_PREREQS) $(NET_OBJ) @BUILD_POPT@
+bin/net@EXEEXT@: $(BINARY_PREREQS) $(NET_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS) @INIPARSERLIBS@
+ @$(CC) $(FLAGS) -o $@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) \
+ @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) \
+ $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS) @INIPARSERLIBS@ @WINBIND_LIBS@
bin/profiles@EXEEXT@: $(BINARY_PREREQS) $(PROFILES_OBJ) @BUILD_POPT@
@echo Linking $@
@@ -1200,7 +1236,7 @@ bin/umount.cifs@EXEEXT@: $(BINARY_PREREQS) $(CIFS_UMOUNT_OBJ) @BUILD_POPT@
bin/cifs.spnego@EXEEXT@: $(BINARY_PREREQS) $(CIFS_SPNEGO_OBJ) $(LIBSMBCLIENT_OBJ) @BUILD_POPT@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(CIFS_SPNEGO_OBJ) $(DYNEXP) $(LDFLAGS) -lkeyutils $(LIBS) \
- $(LIBSMBCLIENT_OBJ) $(KRB5LIBS) $(LDAP_LIBS) @POPTLIBS@
+ $(LIBSMBCLIENT_OBJ) $(KRB5LIBS) $(LDAP_LIBS) @POPTLIBS@ @LIBWBCLIENT_SHARED@
bin/testparm@EXEEXT@: $(BINARY_PREREQS) $(TESTPARM_OBJ) @BUILD_POPT@
@echo Linking $@
@@ -1217,22 +1253,25 @@ bin/smbcontrol@EXEEXT@: $(BINARY_PREREQS) $(SMBCONTROL_OBJ) @BUILD_POPT@
$(SMBCONTROL_OBJ) $(DYNEXP) $(LDFLAGS) \
$(LIBS) $(LDAP_LIBS) @LIBUNWIND_PTRACE@ @POPTLIBS@
-bin/smbtree@EXEEXT@: $(BINARY_PREREQS) $(SMBTREE_OBJ) @BUILD_POPT@
+bin/smbtree@EXEEXT@: $(BINARY_PREREQS) $(SMBTREE_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBTREE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS)
+ @$(CC) $(FLAGS) -o $@ $(SMBTREE_OBJ) $(LDFLAGS) $(DYNEXP) \
+ $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) @WINBIND_LIBS@
-bin/smbpasswd@EXEEXT@: $(BINARY_PREREQS) $(SMBPASSWD_OBJ) @BUILD_POPT@
+bin/smbpasswd@EXEEXT@: $(BINARY_PREREQS) $(SMBPASSWD_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(LDFLAGS) $(PASSDB_LIBS) \
- $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS)
+ $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) @WINBIND_LIBS@
-bin/pdbedit@EXEEXT@: $(BINARY_PREREQS) $(PDBEDIT_OBJ) @BUILD_POPT@
+bin/pdbedit@EXEEXT@: $(BINARY_PREREQS) $(PDBEDIT_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDB_LIBS) $(LDAP_LIBS)
+ @$(CC) $(FLAGS) -o $@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) \
+ @POPTLIBS@ $(PASSDB_LIBS) $(LDAP_LIBS) @WINBIND_LIBS@
-bin/smbget@EXEEXT@: $(BINARY_PREREQS) $(SMBGET_OBJ) @BUILD_POPT@
+bin/smbget@EXEEXT@: $(BINARY_PREREQS) $(SMBGET_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBGET_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS)
+ @$(CC) $(FLAGS) -o $@ $(SMBGET_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) \
+ @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) @WINBIND_LIBS@
bin/samtest@EXEEXT@: $(SAMTEST_OBJ) @BUILD_POPT@
@echo Linking $@
@@ -1264,15 +1303,15 @@ bin/msgtest@EXEEXT@: $(BINARY_PREREQS) $(MSGTEST_OBJ) @BUILD_POPT@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(MSGTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) @POPTLIBS@
-bin/smbcacls@EXEEXT@: $(BINARY_PREREQS) $(SMBCACLS_OBJ) @BUILD_POPT@
+bin/smbcacls@EXEEXT@: $(BINARY_PREREQS) $(SMBCACLS_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ \
- $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS)
+ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) @WINBIND_LIBS@
-bin/smbcquotas@EXEEXT@: $(BINARY_PREREQS) $(SMBCQUOTAS_OBJ) @BUILD_POPT@
+bin/smbcquotas@EXEEXT@: $(BINARY_PREREQS) $(SMBCQUOTAS_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ \
- $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS)
+ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) @WINBIND_LIBS@
bin/eventlogadm@EXEEXT@: $(BINARY_PREREQS) $(EVTLOGADM_OBJ) @BUILD_POPT@
@echo Linking $@
@@ -1292,11 +1331,11 @@ bin/nsstest@EXEEXT@: $(BINARY_PREREQS) $(NSSTEST_OBJ) @BUILD_POPT@
bin/pdbtest@EXEEXT@: $(BINARY_PREREQS) $(PDBTEST_OBJ) @BUILD_POPT@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(PDBTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(LIBS) @POPTLIBS@
+ @$(CC) $(FLAGS) -o $@ $(PDBTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(LIBS) @POPTLIBS@ @LIBWBCLIENT_SHARED@
bin/vfstest@EXEEXT@: $(BINARY_PREREQS) $(VFSTEST_OBJ) @BUILD_POPT@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) @SMBD_LIBS@ $(NSCD_LIBS)
+ @$(CC) $(FLAGS) -o $@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) @SMBD_LIBS@ $(NSCD_LIBS) @LIBWBCLIENT_SHARED@
bin/smbiconv@EXEEXT@: $(BINARY_PREREQS) $(SMBICONV_OBJ) @BUILD_POPT@
@echo Linking $@
@@ -1323,25 +1362,45 @@ bin/smbfilter@EXEEXT@: $(BINARY_PREREQS) $(SMBFILTER_OBJ) @BUILD_POPT@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(SMBFILTER_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) @POPTLIBS@
-bin/ldbedit: $(BINARY_PREREQS) $(LDBEDIT_OBJ) @BUILD_POPT@
+bin/ldbedit: $(BINARY_PREREQS) $(LDBEDIT_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(LDBEDIT_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS)
+ @$(CC) $(FLAGS) -o $@ $(LDBEDIT_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) \
+ @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) \
+ $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS) @WINBIND_LIBS@
-bin/ldbsearch: $(BINARY_PREREQS) $(LDBSEARCH_OBJ) @BUILD_POPT@
+bin/ldbsearch: $(BINARY_PREREQS) $(LDBSEARCH_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(LDBSEARCH_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS)
+ @$(CC) $(FLAGS) -o $@ $(LDBSEARCH_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) \
+ @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) \
+ $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS) @WINBIND_LIBS@
-bin/ldbadd: $(BINARY_PREREQS) $(LDBADD_OBJ) @BUILD_POPT@
+bin/ldbadd: $(BINARY_PREREQS) $(LDBADD_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(LDBADD_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS)
+ @$(CC) $(FLAGS) -o $@ $(LDBADD_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) \
+ @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) \
+ $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS) @WINBIND_LIBS@
-bin/ldbmodify: $(BINARY_PREREQS) $(LDBMODIFY_OBJ) @BUILD_POPT@
+bin/ldbmodify: $(BINARY_PREREQS) $(LDBMODIFY_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(LDBMODIFY_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS)
+ @$(CC) $(FLAGS) -o $@ $(LDBMODIFY_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) \
+ @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) \
+ $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS) @WINBIND_LIBS@
-bin/ldbdel: $(BINARY_PREREQS) $(LDBDEL_OBJ) @BUILD_POPT@
+bin/ldbdel: $(BINARY_PREREQS) $(LDBDEL_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(LDBDEL_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS)
+ @$(CC) $(FLAGS) -o $@ $(LDBDEL_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) \
+ @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) \
+ $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS) @WINBIND_LIBS@
+
+bin/libwbclient.@SHLIBEXT@: $(BINARY_PREREQS) $(LIBWBCLIENT_OBJ)
+ @echo Linking shared library $@
+ @$(SHLD_DSO) $(LIBWBCLIENT_OBJ) \
+ @SONAMEFLAG@`basename $@`.$(SONAME_VER)
+ @ln -s -f `basename $@` $@.$(SONAME_VER)
+
+bin/libwbclient.a: $(BINARY_PREREQS) $(LIBWBCLIENT_OBJ)
+ @echo Linking non-shared library $@
+ @-$(AR) -rc $@ $(LIBWBCLIENT_OBJ)
bin/libaddns.@SHLIBEXT@: $(BINARY_PREREQS) $(LIBADDNS_OBJ)
@echo Linking shared library $@
@@ -1353,6 +1412,16 @@ bin/libaddns.a: $(BINARY_PREREQS) $(LIBADDNS_OBJ)
@echo Linking non-shared library $@
@-$(AR) -rc $@ $(LIBADDNS_OBJ)
+bin/libnetapi.@SHLIBEXT@: $(BINARY_PREREQS) $(LIBNETAPI_OBJ)
+ @echo Linking shared library $@
+ @$(SHLD_DSO) $(LIBNETAPI_OBJ) $(LIBS) \
+ $(LDAP_LIBS) $(KRB5LIBS) $(NSCD_LIBS) \
+ @SONAMEFLAG@`basename $@`.$(SONAME_VER)
+
+bin/libnetapi.a: $(BINARY_PREREQS) $(LIBNETAPI_OBJ)
+ @echo Linking non-shared library $@
+ @-$(AR) -rc $@ $(LIBNETAPI_OBJ)
+
bin/libsmbclient.@SHLIBEXT@: $(BINARY_PREREQS) $(LIBSMBCLIENT_OBJ)
@echo Linking shared library $@
@$(SHLD_DSO) $(LIBSMBCLIENT_OBJ) $(LIBS) \
@@ -1389,6 +1458,8 @@ bin/libbigballofmud.@SHLIBEXT@: $(BINARY_PREREQS) $(LIBBIGBALLOFMUD_OBJ)
libsmbclient: $(LIBSMBCLIENT)
libsmbsharemodes: $(LIBSMBSHAREMODES)
libaddns: $(LIBADDNS)
+libwbclient: $(LIBWBCLIENT)
+libnetapi: $(LIBNETAPI)
# Linker command to link a RPC, VFS, AUTH, CHARSET or PASSDB module.
SHLD_MODULE = $(SHLD) $(LDSHFLAGS) $(MODULE_EXPORTS) \
@@ -1454,15 +1525,16 @@ bin/librpc_echo.@SHLIBEXT@: $(BINARY_PREREQS) $(RPC_ECHO_OBJ)
@echo "Linking $@"
@$(SHLD_MODULE) $(RPC_ECHO_OBJ)
-bin/winbindd@EXEEXT@: $(BINARY_PREREQS) $(WINBINDD_OBJ) @BUILD_POPT@
+bin/winbindd@EXEEXT@: $(BINARY_PREREQS) $(WINBINDD_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo "Linking $@"
@$(CC) $(FLAGS) -o $@ $(WINBINDD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) \
- @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS)
+ @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) \
+ @WINBIND_LIBS@
bin/vlp@EXEEXT@: $(BINARY_PREREQS) $(VLP_OBJ)
@echo "Linking $@"
@$(CC) $(FLAGS) -o $@ $(VLP_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ \
- $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS)
+ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) @LIBWBCLIENT_SHARED@
@WINBIND_NSS@: $(BINARY_PREREQS) $(WINBIND_NSS_OBJ)
@echo "Linking $@"
@@ -1678,16 +1750,17 @@ bin/fileid.@SHLIBEXT@: $(BINARY_PREREQS) $(VFS_FILEID_OBJ)
## None here right now
#########################################################
-bin/wbinfo@EXEEXT@: $(BINARY_PREREQS) $(WBINFO_OBJ) @BUILD_POPT@
+bin/wbinfo@EXEEXT@: $(BINARY_PREREQS) $(WBINFO_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(WBINFO_OBJ) $(DYNEXP) $(LIBS) $(LDAP_LIBS) @POPTLIBS@
+ @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(WBINFO_OBJ) $(DYNEXP) $(LIBS) \
+ $(LDAP_LIBS) @POPTLIBS@ @WINBIND_LIBS@
bin/ntlm_auth@EXEEXT@: $(BINARY_PREREQS) $(NTLM_AUTH_OBJ) $(PARAM_OBJ) \
- $(LIB_NONSMBD_OBJ) @BUILD_POPT@
+ $(LIB_NONSMBD_OBJ) @BUILD_POPT@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(NTLM_AUTH_OBJ) \
$(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(LIBS) \
- @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS)
+ @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) @WINBIND_LIBS@
bin/pam_smbpass.@SHLIBEXT@: $(BINARY_PREREQS) $(PAM_SMBPASS_OBJ)
@echo "Linking shared library $@"
@@ -1725,8 +1798,10 @@ bin/timelimit@EXEEXT@: script/tests/timelimit.o
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(DYNEXP) script/tests/timelimit.o
-install: installservers installbin @INSTALL_CIFSMOUNT@ @INSTALL_CIFSSPNEGO@ installman installscripts installdat installmodules @SWAT_INSTALL_TARGETS@ @INSTALL_LIBSMBCLIENT@ @INSTALL_PAM_MODULES@ @INSTALL_LIBSMBSHAREMODES@
-
+install: installservers installbin @INSTALL_CIFSMOUNT@ @INSTALL_CIFSSPNEGO@ installman \
+ installscripts installdat installmodules @SWAT_INSTALL_TARGETS@ \
+ @INSTALL_LIBSMBCLIENT@ @INSTALL_PAM_MODULES@ \
+ @INSTALL_LIBSMBSHAREMODES@ @INSTALL_LIBWBCLIENT@ @INSTALL_LIBNETAPI@
install-everything: install installmodules
@@ -1804,6 +1879,17 @@ installlibaddns: installdirs libaddns
-$(INSTALLLIBCMD_SH) bin/libaddns.@SHLIBEXT@ $(DESTDIR)$(LIBDIR)
-$(INSTALLLIBCMD_A) bin/libaddns.a $(DESTDIR)$(LIBDIR)
+installlibwbclient: installdirs libwbclient
+ @$(SHELL) $(srcdir)/script/installdirs.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(LIBDIR) $(INCLUDEDIR)/samba
+ -$(INSTALLLIBCMD_SH) bin/libwbclient.@SHLIBEXT@ $(DESTDIR)$(LIBDIR)
+ -$(INSTALLCMD) -m $(INSTALLPERMS_DATA) $(srcdir)/nsswitch/libwbclient/wbclient.h $(DESTDIR)${prefix}/include/samba
+
+installlibnetapi: installdirs libnetapi
+ @$(SHELL) $(srcdir)/script/installdirs.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(LIBDIR)
+ -$(INSTALLLIBCMD_SH) bin/libnetapi.@SHLIBEXT@ $(DESTDIR)$(LIBDIR)
+ -$(INSTALLLIBCMD_A) bin/libnetapi.a $(DESTDIR)$(LIBDIR)
+ -$(INSTALLCMD) -m $(INSTALLPERMS_DATA) $(srcdir)/lib/netapi/netapi.h $(DESTDIR)${prefix}/include
+
installpammodules: $(PAM_MODULES)
@$(SHELL) $(srcdir)/script/installdirs.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(PAMMODULESDIR)
@for module in $(PAM_MODULES); do \
@@ -1838,7 +1924,7 @@ showlayout:
@echo " swatdir: $(SWATDIR)"
-uninstall: uninstallman uninstallservers uninstallbin @UNINSTALL_CIFSMOUNT@ @UNINSTALL_CIFSSPNEGO@ uninstallscripts uninstalldat uninstallswat uninstallmodules @UNINSTALL_LIBSMBCLIENT@ @UNINSTALL_PAM_MODULES@ @UNINSTALL_LIBSMBSHAREMODES@
+uninstall: uninstallman uninstallservers uninstallbin @UNINSTALL_CIFSMOUNT@ @UNINSTALL_CIFSSPNEGO@ uninstallscripts uninstalldat uninstallswat uninstallmodules @UNINSTALL_LIBSMBCLIENT@ @UNINSTALL_PAM_MODULES@ @UNINSTALL_LIBSMBSHAREMODES@ @UNINSTALL_LIBNETAPI@
uninstallman:
@$(SHELL) $(srcdir)/script/uninstallman.sh $(DESTDIR)$(MANDIR) $(srcdir) C
@@ -1888,6 +1974,11 @@ uninstalllibaddns:
-$(UNINSTALLLIBCMD_SH) $(DESTDIR)$(LIBDIR)/libaddns.@SHLIBEXT@
-$(UNINSTALLLIBCMD_A) $(DESTDIR)$(LIBDIR)/libaddns.a
+uninstalllibnetapi:
+ -$(UNINSTALLLIBCMD_SH) $(DESTDIR)$(LIBDIR)/libnetapi.@SHLIBEXT@
+ -$(UNINSTALLLIBCMD_A) $(DESTDIR)$(LIBDIR)/libnetapi.a
+ -rm -f $(DESTDIR)${prefix}/include/netapi.h
+
uninstallpammodules:
@for module in $(PAM_MODULES); do \
echo "Removing $(DESTDIR)/$(PAMMODULESDIR)/$${module}.@SHLIBEXT@ "; \
@@ -1904,7 +1995,7 @@ clean: delheaders
*/*.@SHLIBEXT@ */*/*.@SHLIBEXT@ */*/*/*.@SHLIBEXT@ \
$(TOPFILES) $(BIN_PROGS) $(SBIN_PROGS) $(ROOT_SBIN_PROGS) \
$(MODULES) $(TORTURE_PROGS) $(LIBSMBCLIENT) $(LIBADDNS) \
- $(LIBSMBSHAREMODES) $(EVERYTHING_PROGS) \
+ $(LIBSMBSHAREMODES) $(EVERYTHING_PROGS) $(LIBNETAPI) \
.headers.stamp */src/*.o proto_exists
-rm -rf t_dir
@@ -1914,6 +2005,7 @@ clean: delheaders
# afterwards.
proto_exists: include/proto.h include/build_env.h \
winbindd/winbindd_proto.h web/swat_proto.h \
+ libnet/libnet_proto.h \
client/client_proto.h utils/net_proto.h utils/ntlm_auth_proto.h smbd/build_options.c
@touch proto_exists
@@ -1923,7 +2015,7 @@ delheaders:
winbindd/winbindd_proto.h web/swat_proto.h \
client/client_proto.h utils/net_proto.h \
smbd/build_options.c utils/ntlm_auth_proto.h \
- utils/passwd_proto.h
+ utils/passwd_proto.h libnet/libnet_proto.h
MKPROTO_SH = $(srcdir)/script/mkproto.sh
@@ -1968,6 +2060,11 @@ utils/ntlm_auth_proto.h:
-h _NTLM_AUTH_PROTO_H_ $(builddir)/utils/ntlm_auth_proto.h \
$(NTLM_AUTH_OBJ1)
+libnet/libnet_proto.h:
+ @cd $(srcdir) && $(SHELL) $(MKPROTO_SH) $(AWK) \
+ -h _LIBNET_PROTO_H_ $(builddir)/libnet/libnet_proto.h \
+ $(LIBNET_OBJ)
+
# "make headers" or "make proto" calls a subshell because we need to
# make sure these commands are executed in sequence even for a
# parallel make.
@@ -1981,7 +2078,8 @@ headers:
$(MAKE) client/client_proto.h; \
$(MAKE) utils/ntlm_auth_proto.h; \
$(MAKE) utils/net_proto.h; \
- $(MAKE) utils/passwd_proto.h;
+ $(MAKE) utils/passwd_proto.h; \
+ $(MAKE) libnet/libnet_proto.h;
proto: headers
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 1e33869ea9..373a2a375f 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1731,17 +1731,17 @@ bool is_trusted_domain(const char* dom_name)
return True;
}
else {
- NSS_STATUS result;
+ wbcErr result;
/* If winbind is around, ask it */
result = wb_is_trusted_domain(dom_name);
- if (result == NSS_STATUS_SUCCESS) {
+ if (result == WBC_ERR_SUCCESS) {
return True;
}
- if (result == NSS_STATUS_NOTFOUND) {
+ if (result == WBC_ERR_DOMAIN_NOT_FOUND) {
/* winbind could not find the domain */
return False;
}
diff --git a/source3/client/client.c b/source3/client/client.c
index 97d7cf0e0b..f761d92bac 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -41,6 +41,7 @@ static char *desthost;
static char *calling_name;
static bool grepable = false;
static char *cmdstr = NULL;
+static const char *cmd_ptr = NULL;
static int io_bufsize = 64512;
@@ -425,7 +426,7 @@ static int cmd_cd(void)
char *buf = NULL;
int rc = 0;
- if (next_token_nr_talloc(talloc_tos(), NULL, &buf,NULL)) {
+ if (next_token_talloc(talloc_tos(), &cmd_ptr, &buf,NULL)) {
rc = do_cd(buf);
} else {
d_printf("Current directory is %s\n",client_get_cur_dir());
@@ -863,7 +864,7 @@ static int cmd_dir(void)
return 1;
}
- if (next_token_nr_talloc(ctx, NULL,&buf,NULL)) {
+ if (next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
string_replace(buf,'/','\\');
if (*buf == CLI_DIRSEP_CHAR) {
mask = talloc_strdup(ctx, buf + 1);
@@ -915,7 +916,7 @@ static int cmd_du(void)
}
}
- if (next_token_nr_talloc(ctx, NULL,&buf,NULL)) {
+ if (next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
string_replace(buf,'/','\\');
if (*buf == CLI_DIRSEP_CHAR) {
mask = talloc_strdup(ctx, buf);
@@ -941,8 +942,8 @@ static int cmd_echo(void)
char *num;
char *data;
- if (!next_token_nr_talloc(ctx, NULL, &num, NULL)
- || !next_token_nr_talloc(ctx, NULL, &data, NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr, &num, NULL)
+ || !next_token_talloc(ctx, &cmd_ptr, &data, NULL)) {
d_printf("echo <num> <data>\n");
return 1;
}
@@ -1116,7 +1117,7 @@ static int cmd_get(void)
return 1;
}
- if (!next_token_nr_talloc(ctx, NULL,&fname,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&fname,NULL)) {
d_printf("get <filename> [localname]\n");
return 1;
}
@@ -1129,7 +1130,7 @@ static int cmd_get(void)
return 1;
}
- next_token_nr_talloc(ctx, NULL,&lname,NULL);
+ next_token_talloc(ctx, &cmd_ptr,&lname,NULL);
if (!lname) {
lname = fname;
}
@@ -1277,7 +1278,7 @@ static int cmd_more(void)
}
close(fd);
- if (!next_token_nr_talloc(ctx,NULL,&fname,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&fname,NULL)) {
d_printf("more <filename>\n");
unlink(lname);
return 1;
@@ -1325,7 +1326,7 @@ static int cmd_mget(void)
abort_mget = false;
- while (next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ while (next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
mget_mask = talloc_strdup(ctx, client_get_cur_dir());
if (!mget_mask) {
return 1;
@@ -1442,7 +1443,7 @@ static int cmd_mkdir(void)
return 1;
}
- if (!next_token_nr_talloc(ctx, NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
if (!recurse) {
d_printf("mkdir <dirname>\n");
}
@@ -1511,7 +1512,7 @@ static int cmd_altname(void)
return 1;
}
- if (!next_token_nr_talloc(ctx, NULL, &buf, NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr, &buf, NULL)) {
d_printf("altname <file>\n");
return 1;
}
@@ -1677,12 +1678,12 @@ static int cmd_put(void)
return 1;
}
- if (!next_token_nr_talloc(ctx,NULL,&lname,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&lname,NULL)) {
d_printf("put <filename>\n");
return 1;
}
- if (next_token_nr_talloc(ctx, NULL,&buf,NULL)) {
+ if (next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
rname = talloc_asprintf_append(rname, buf);
} else {
rname = talloc_asprintf_append(rname, lname);
@@ -1762,7 +1763,7 @@ static int cmd_select(void)
{
TALLOC_CTX *ctx = talloc_tos();
char *new_fs = NULL;
- next_token_nr_talloc(ctx, NULL,&new_fs,NULL)
+ next_token_talloc(ctx, &cmd_ptr,&new_fs,NULL)
;
if (new_fs) {
client_set_fileselection(new_fs);
@@ -1848,7 +1849,7 @@ static int cmd_mput(void)
TALLOC_CTX *ctx = talloc_tos();
char *p = NULL;
- while (next_token_nr_talloc(ctx, NULL,&p,NULL)) {
+ while (next_token_talloc(ctx, &cmd_ptr,&p,NULL)) {
int ret;
struct file_list *temp_list;
char *quest, *lname, *rname;
@@ -1959,14 +1960,14 @@ static int cmd_cancel(void)
char *buf = NULL;
int job;
- if (!next_token_nr_talloc(ctx, NULL, &buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr, &buf,NULL)) {
d_printf("cancel <jobid> ...\n");
return 1;
}
do {
job = atoi(buf);
do_cancel(job);
- } while (next_token_nr_talloc(ctx,NULL,&buf,NULL));
+ } while (next_token_talloc(ctx, &cmd_ptr,&buf,NULL));
return 0;
}
@@ -1982,7 +1983,7 @@ static int cmd_print(void)
char *rname = NULL;
char *p = NULL;
- if (!next_token_nr_talloc(ctx, NULL, &lname,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr, &lname,NULL)) {
d_printf("print <filename>\n");
return 1;
}
@@ -2078,7 +2079,7 @@ static int cmd_del(void)
if (!mask) {
return 1;
}
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("del <filename>\n");
return 1;
}
@@ -2104,14 +2105,14 @@ static int cmd_wdel(void)
struct cli_state *targetcli;
char *targetname = NULL;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("wdel 0x<attrib> <wcard>\n");
return 1;
}
attribute = (uint16)strtol(buf, (char **)NULL, 16);
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("wdel 0x<attrib> <wcard>\n");
return 1;
}
@@ -2146,7 +2147,7 @@ static int cmd_open(void)
struct cli_state *targetcli;
int fnum;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("open <filename>\n");
return 1;
}
@@ -2190,7 +2191,7 @@ static int cmd_posix_open(void)
mode_t mode;
int fnum;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("posix_open <filename> 0<mode>\n");
return 1;
}
@@ -2202,7 +2203,7 @@ static int cmd_posix_open(void)
return 1;
}
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("posix_open <filename> 0<mode>\n");
return 1;
}
@@ -2238,7 +2239,7 @@ static int cmd_posix_mkdir(void)
mode_t mode;
int fnum;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("posix_mkdir <filename> 0<mode>\n");
return 1;
}
@@ -2250,7 +2251,7 @@ static int cmd_posix_mkdir(void)
return 1;
}
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("posix_mkdir <filename> 0<mode>\n");
return 1;
}
@@ -2278,7 +2279,7 @@ static int cmd_posix_unlink(void)
char *targetname = NULL;
struct cli_state *targetcli;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("posix_unlink <filename>\n");
return 1;
}
@@ -2312,7 +2313,7 @@ static int cmd_posix_rmdir(void)
char *targetname = NULL;
struct cli_state *targetcli;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("posix_rmdir <filename>\n");
return 1;
}
@@ -2344,7 +2345,7 @@ static int cmd_close(void)
char *buf = NULL;
int fnum;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("close <fnum>\n");
return 1;
}
@@ -2451,13 +2452,13 @@ static int cmd_lock(void)
enum brl_type lock_type;
int fnum;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("lock <fnum> [r|w] <hex-start> <hex-len>\n");
return 1;
}
fnum = atoi(buf);
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("lock <fnum> [r|w] <hex-start> <hex-len>\n");
return 1;
}
@@ -2471,14 +2472,14 @@ static int cmd_lock(void)
return 1;
}
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("lock <fnum> [r|w] <hex-start> <hex-len>\n");
return 1;
}
start = (SMB_BIG_UINT)strtol(buf, (char **)NULL, 16);
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("lock <fnum> [r|w] <hex-start> <hex-len>\n");
return 1;
}
@@ -2499,20 +2500,20 @@ static int cmd_unlock(void)
SMB_BIG_UINT start, len;
int fnum;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("unlock <fnum> <hex-start> <hex-len>\n");
return 1;
}
fnum = atoi(buf);
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("unlock <fnum> <hex-start> <hex-len>\n");
return 1;
}
start = (SMB_BIG_UINT)strtol(buf, (char **)NULL, 16);
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("unlock <fnum> <hex-start> <hex-len>\n");
return 1;
}
@@ -2539,7 +2540,7 @@ static int cmd_rmdir(void)
char *targetname = NULL;
struct cli_state *targetcli;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("rmdir <dirname>\n");
return 1;
}
@@ -2578,8 +2579,8 @@ static int cmd_link(void)
char *targetname = NULL;
struct cli_state *targetcli;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL) ||
- !next_token_nr_talloc(ctx,NULL,&buf2,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL) ||
+ !next_token_talloc(ctx, &cmd_ptr,&buf2,NULL)) {
d_printf("link <oldname> <newname>\n");
return 1;
}
@@ -2629,8 +2630,8 @@ static int cmd_symlink(void)
char *targetname = NULL;
struct cli_state *targetcli;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL) ||
- !next_token_nr_talloc(ctx,NULL,&buf2,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL) ||
+ !next_token_talloc(ctx, &cmd_ptr,&buf2,NULL)) {
d_printf("symlink <oldname> <newname>\n");
return 1;
}
@@ -2682,8 +2683,8 @@ static int cmd_chmod(void)
struct cli_state *targetcli;
mode_t mode;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL) ||
- !next_token_nr_talloc(ctx,NULL,&buf2,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL) ||
+ !next_token_talloc(ctx, &cmd_ptr,&buf2,NULL)) {
d_printf("chmod mode file\n");
return 1;
}
@@ -2838,7 +2839,7 @@ static int cmd_getfacl(void)
uint16 num_dir_acls = 0;
uint16 i;
- if (!next_token_nr_talloc(ctx,NULL,&name,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&name,NULL)) {
d_printf("getfacl filename\n");
return 1;
}
@@ -3004,7 +3005,7 @@ static int cmd_stat(void)
SMB_STRUCT_STAT sbuf;
struct tm *lt;
- if (!next_token_nr_talloc(ctx,NULL,&name,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&name,NULL)) {
d_printf("stat file\n");
return 1;
}
@@ -3100,9 +3101,9 @@ static int cmd_chown(void)
struct cli_state *targetcli;
char *targetname = NULL;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL) ||
- !next_token_nr_talloc(ctx,NULL,&buf2,NULL) ||
- !next_token_nr_talloc(ctx,NULL,&buf3,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL) ||
+ !next_token_talloc(ctx, &cmd_ptr,&buf2,NULL) ||
+ !next_token_talloc(ctx, &cmd_ptr,&buf3,NULL)) {
d_printf("chown uid gid file\n");
return 1;
}
@@ -3149,8 +3150,8 @@ static int cmd_rename(void)
char *targetsrc;
char *targetdest;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL) ||
- !next_token_nr_talloc(ctx,NULL,&buf2,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL) ||
+ !next_token_talloc(ctx, &cmd_ptr,&buf2,NULL)) {
d_printf("rename <src> <dest>\n");
return 1;
}
@@ -3224,8 +3225,8 @@ static int cmd_hardlink(void)
struct cli_state *targetcli;
char *targetname;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL) ||
- !next_token_nr_talloc(ctx,NULL,&buf2,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL) ||
+ !next_token_talloc(ctx, &cmd_ptr,&buf2,NULL)) {
d_printf("hardlink <src> <dest>\n");
return 1;
}
@@ -3281,7 +3282,7 @@ static int cmd_newer(void)
bool ok;
SMB_STRUCT_STAT sbuf;
- ok = next_token_nr_talloc(ctx,NULL,&buf,NULL);
+ ok = next_token_talloc(ctx, &cmd_ptr,&buf,NULL);
if (ok && (sys_stat(buf,&sbuf) == 0)) {
newer_than = sbuf.st_mtime;
DEBUG(1,("Getting files newer than %s",
@@ -3307,7 +3308,7 @@ static int cmd_archive(void)
TALLOC_CTX *ctx = talloc_tos();
char *buf;
- if (next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
archive_level = atoi(buf);
} else {
d_printf("Archive level is %d\n",archive_level);
@@ -3386,7 +3387,7 @@ static int cmd_lcd(void)
char *buf;
char *d;
- if (next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
chdir(buf);
}
d = TALLOC_ARRAY(ctx, char, PATH_MAX+1);
@@ -3417,7 +3418,7 @@ static int cmd_reget(void)
return 1;
}
- if (!next_token_nr_talloc(ctx, NULL, &fname, NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr, &fname, NULL)) {
d_printf("reget <filename>\n");
return 1;
}
@@ -3431,7 +3432,7 @@ static int cmd_reget(void)
}
local_name = fname;
- next_token_nr_talloc(ctx, NULL, &p, NULL);
+ next_token_talloc(ctx, &cmd_ptr, &p, NULL);
if (p) {
local_name = p;
}
@@ -3459,7 +3460,7 @@ static int cmd_reput(void)
return 1;
}
- if (!next_token_nr_talloc(ctx, NULL, &local_name, NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr, &local_name, NULL)) {
d_printf("reput <filename>\n");
return 1;
}
@@ -3469,7 +3470,7 @@ static int cmd_reput(void)
return 1;
}
- if (next_token_nr_talloc(ctx, NULL, &buf, NULL)) {
+ if (next_token_talloc(ctx, &cmd_ptr, &buf, NULL)) {
remote_name = talloc_asprintf_append(remote_name,
buf);
} else {
@@ -3643,7 +3644,7 @@ static int cmd_vuid(void)
TALLOC_CTX *ctx = talloc_tos();
char *buf;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("Current VUID is %d\n", cli->vuid);
return 0;
}
@@ -3661,12 +3662,12 @@ static int cmd_logon(void)
TALLOC_CTX *ctx = talloc_tos();
char *l_username, *l_password;
- if (!next_token_nr_talloc(ctx,NULL,&l_username,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&l_username,NULL)) {
d_printf("logon <username> [<password>]\n");
return 0;
}
- if (!next_token_nr_talloc(ctx,NULL,&l_password,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&l_password,NULL)) {
char *pass = getpass("Password: ");
if (pass) {
l_password = talloc_strdup(ctx,pass);
@@ -3729,7 +3730,7 @@ int cmd_iosize(void)
char *buf;
int iosize;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
d_printf("iosize <n> or iosize 0x<n>. "
"Minimum is 16384 (0x4000), "
"max is 16776960 (0xFFFF00)\n");
@@ -3882,7 +3883,7 @@ static int cmd_help(void)
int i=0,j;
char *buf;
- if (next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
if ((i = process_tok(buf)) >= 0)
d_printf("HELP %s:\n\t%s\n\n",
commands[i].name,commands[i].description);
@@ -3922,7 +3923,6 @@ static int process_command_string(const char *cmd_in)
while (cmd[0] != '\0') {
char *line;
- const char *ptr;
char *p;
char *tok;
int i;
@@ -3937,8 +3937,8 @@ static int process_command_string(const char *cmd_in)
}
/* and get the first part of the command */
- ptr = line;
- if (!next_token_nr_talloc(ctx,&ptr,&tok,NULL)) {
+ cmd_ptr = line;
+ if (!next_token_talloc(ctx, &cmd_ptr,&tok,NULL)) {
continue;
}
@@ -4282,7 +4282,6 @@ static void readline_callback(void)
static int process_stdin(void)
{
- const char *ptr;
int rc = 0;
while (1) {
@@ -4313,8 +4312,8 @@ static int process_stdin(void)
}
/* and get the first part of the command */
- ptr = line;
- if (!next_token_nr_talloc(frame,&ptr,&tok,NULL)) {
+ cmd_ptr = line;
+ if (!next_token_talloc(frame, &cmd_ptr,&tok,NULL)) {
TALLOC_FREE(frame);
SAFE_FREE(line);
continue;
diff --git a/source3/client/clitar.c b/source3/client/clitar.c
index 0b4a8b2943..135815c3cd 100644
--- a/source3/client/clitar.c
+++ b/source3/client/clitar.c
@@ -100,6 +100,7 @@ char tar_type='\0';
static char **cliplist=NULL;
static int clipn=0;
static bool must_free_cliplist = False;
+static const char *cmd_ptr = NULL;
extern bool lowercase;
extern uint16 cnum;
@@ -1273,7 +1274,7 @@ int cmd_block(void)
char *buf;
int block;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
DEBUG(0, ("blocksize <n>\n"));
return 1;
}
@@ -1298,7 +1299,7 @@ int cmd_tarmode(void)
TALLOC_CTX *ctx = talloc_tos();
char *buf;
- while (next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ while (next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
if (strequal(buf, "full"))
tar_inc=False;
else if (strequal(buf, "inc"))
@@ -1348,7 +1349,7 @@ int cmd_setmode(void)
attra[0] = attra[1] = 0;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
DEBUG(0, ("setmode <filename> <[+|-]rsha>\n"));
return 1;
}
@@ -1361,7 +1362,7 @@ int cmd_setmode(void)
return 1;
}
- while (next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ while (next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
q=buf;
while(*q) {
@@ -1402,6 +1403,55 @@ int cmd_setmode(void)
return 0;
}
+/**
+ Convert list of tokens to array; dependent on above routine.
+ Uses the global cmd_ptr from above - bit of a hack.
+**/
+
+static char **toktocliplist(int *ctok, const char *sep)
+{
+ char *s=(char *)cmd_ptr;
+ int ictok=0;
+ char **ret, **iret;
+
+ if (!sep)
+ sep = " \t\n\r";
+
+ while(*s && strchr_m(sep,*s))
+ s++;
+
+ /* nothing left? */
+ if (!*s)
+ return(NULL);
+
+ do {
+ ictok++;
+ while(*s && (!strchr_m(sep,*s)))
+ s++;
+ while(*s && strchr_m(sep,*s))
+ *s++=0;
+ } while(*s);
+
+ *ctok=ictok;
+ s=(char *)cmd_ptr;
+
+ if (!(ret=iret=SMB_MALLOC_ARRAY(char *,ictok+1)))
+ return NULL;
+
+ while(ictok--) {
+ *iret++=s;
+ if (ictok > 0) {
+ while(*s++)
+ ;
+ while(!*s)
+ s++;
+ }
+ }
+
+ ret[*ctok] = NULL;
+ return ret;
+}
+
/****************************************************************************
Principal command for creating / extracting
***************************************************************************/
@@ -1414,7 +1464,7 @@ int cmd_tar(void)
int argcl = 0;
int ret;
- if (!next_token_nr_talloc(ctx,NULL,&buf,NULL)) {
+ if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
DEBUG(0,("tar <c|x>[IXbgan] <filename>\n"));
return 1;
}
diff --git a/source3/configure.in b/source3/configure.in
index 6015837a2e..1906d74505 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -318,6 +318,15 @@ AC_SUBST(INSTALL_LIBADDNS)
AC_SUBST(UNINSTALL_LIBADDNS)
AC_SUBST(LIBADDNS_SHARED)
AC_SUBST(LIBADDNS)
+
+AC_SUBST(INSTALL_LIBWBCLIENT)
+AC_SUBST(UNINSTALL_LIBWBCLIENT)
+AC_SUBST(LIBWBCLIENT_SHARED)
+AC_SUBST(LIBWBCLIENT)
+AC_SUBST(WINBIND_LIBS)
+
+AC_SUBST(LIBSAMBAUTIL_SHARED)
+
AC_SUBST(INSTALL_LIBSMBCLIENT)
AC_SUBST(UNINSTALL_LIBSMBCLIENT)
AC_SUBST(LIBSMBCLIENT_SHARED)
@@ -326,6 +335,10 @@ AC_SUBST(INSTALL_LIBSMBSHAREMODES)
AC_SUBST(UNINSTALL_LIBSMBSHAREMODES)
AC_SUBST(LIBSMBSHAREMODES_SHARED)
AC_SUBST(LIBSMBSHAREMODES)
+AC_SUBST(INSTALL_LIBNETAPI)
+AC_SUBST(UNINSTALL_LIBNETAPI)
+AC_SUBST(LIBNETAPI_SHARED)
+AC_SUBST(LIBNETAPI)
AC_SUBST(PRINT_LIBS)
AC_SUBST(AUTH_LIBS)
AC_SUBST(ACL_LIBS)
@@ -5067,6 +5080,51 @@ if test $enable_static = yes; then
fi
#################################################
+# should we build libnetapi?
+INSTALL_LIBNETAPI=
+UNINSTALL_LIBNETAPI=
+LIBNETAPI_SHARED=
+LIBNETAPI=
+AC_MSG_CHECKING(whether to build the libnetapi shared library)
+AC_ARG_WITH(libnetapi,
+[ --with-libnetapi Build the libnetapi shared library (default=no undefined API)],
+[ case "$withval" in
+ *)
+ AC_MSG_RESULT(no)
+ ;;
+ yes)
+ if test $BLDSHARED = true; then
+ LIBNETAPI_SHARED=bin/libnetapi.$SHLIBEXT
+ LIBNETAPI=libnetapi
+ AC_MSG_RESULT(yes)
+ else
+ enable_static=yes
+ AC_MSG_RESULT(no shared library support -- will supply static library)
+ fi
+ if test $enable_static = yes; then
+ LIBNETAPI=libnetapi
+ fi
+ INSTALL_LIBNETAPI=installlibnetapi
+ UNINSTALL_LIBNETAPI=uninstalllibnetapi
+ ;;
+ esac ],
+[
+# if unspecified, default is to built it if possible.
+ if test $BLDSHARED = true; then
+ LIBNETAPI_SHARED=bin/libnetapi.$SHLIBEXT
+ LIBNETAPI=libnetapi
+ AC_MSG_RESULT(yes)
+ else
+ enable_static=yes
+ AC_MSG_RESULT(no shared library support -- will supply static library)
+ fi
+ if test $enable_static = yes; then
+ LIBNETAPI=libnetapi
+ fi]
+ INSTALL_LIBNETAPI=installlibnetapi
+)
+
+#################################################
# should we build libaddns?
INSTALL_LIBADDNS=
UNINSTALL_LIBADDNS=
@@ -5094,11 +5152,13 @@ AC_ARG_WITH(libaddns,
INSTALL_LIBADDNS=installlibaddns
UNINSTALL_LIBADDNS=uninstalllibaddns
;;
- esac ]
+ esac ],
+[AC_MSG_RESULT(no)]
)
#################################################
# should we build libsmbclient?
+
INSTALL_LIBSMBCLIENT=
UNINSTALL_LIBSMBCLIENT=
LIBSMBCLIENT_SHARED=
@@ -5185,6 +5245,7 @@ AC_ARG_WITH(libsmbsharemodes,
INSTALL_LIBSMBSHAREMODES=installlibsmbsharemodes
)
+
#################################################
# these tests are taken from the GNU fileutils package
AC_CHECKING(how to get filesystem space usage)
@@ -6084,6 +6145,14 @@ fi
if test $BLDSHARED = true -a x"$HAVE_WINBIND" = x"yes"; then
NSS_MODULES="${WINBIND_NSS} ${WINBIND_WINS_NSS}"
+ ## Only worry about libwbclient if we have shared library support
+ ## and winbindd
+ LIBWBCLIENT_SHARED=bin/libwbclient.$SHLIBEXT
+ LIBWBCLIENT=libwbclient
+ INSTALL_LIBWBCLIENT=installlibwbclient
+ UNINSTALL_LIBWBCLIENT=uninstalllibwbclient
+ WINBIND_LIBS="-lwbclient"
+ LDFLAGS="$LDFLAGS -L./bin"
fi
if test x"$HAVE_WINBIND" = x"yes"; then
@@ -6554,7 +6623,11 @@ AC_SUBST(builddir)
SMBD_LIBS="$samba_dmapi_libs"
AC_SUBST(SMBD_LIBS)
-AC_OUTPUT(Makefile library-versions script/findsmb smbadduser script/gen-8bit-gap.sh script/installbin.sh script/uninstallbin.sh)
+AC_OUTPUT(Makefile library-versions
+ script/findsmb smbadduser script/gen-8bit-gap.sh script/installbin.sh script/uninstallbin.sh
+ lib/netapi/examples/Makefile
+ pkgconfig/smbclient.pc pkgconfig/netapi.pc pkgconfig/smbsharemodes.pc
+ )
#################################################
# Print very concise instructions on building/use
diff --git a/source3/exports/libnetapi.syms b/source3/exports/libnetapi.syms
new file mode 100644
index 0000000000..eb34bfc012
--- /dev/null
+++ b/source3/exports/libnetapi.syms
@@ -0,0 +1,3 @@
+{
+ global: *;
+};
diff --git a/source3/exports/libwbclient.syms b/source3/exports/libwbclient.syms
new file mode 100644
index 0000000000..f1e68b42a9
--- /dev/null
+++ b/source3/exports/libwbclient.syms
@@ -0,0 +1,4 @@
+{
+ global: wbc*;
+ local: *;
+};
diff --git a/source3/include/includes.h b/source3/include/includes.h
index fdeff346e5..14ef2258e6 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -784,6 +784,7 @@ enum flush_reason_enum {
NUM_FLUSH_REASONS};
#include "nss_info.h"
+#include "nsswitch/libwbclient/wbclient.h"
/* generated rpc server implementation functions */
#include "librpc/gen_ndr/srv_echo.h"
diff --git a/source3/include/memcache.h b/source3/include/memcache.h
index f849f8ad3b..c4a2974b62 100644
--- a/source3/include/memcache.h
+++ b/source3/include/memcache.h
@@ -31,21 +31,30 @@ enum memcache_number {
GID_SID_CACHE,
SID_GID_CACHE,
GETWD_CACHE,
- GETPWNAM_CACHE,
- MANGLE_HASH2_CACHE
+ GETPWNAM_CACHE, /* talloc */
+ MANGLE_HASH2_CACHE,
+ SINGLETON_CACHE
};
struct memcache *memcache_init(TALLOC_CTX *mem_ctx, size_t max_size);
+void memcache_set_global(struct memcache *cache);
+
void memcache_add(struct memcache *cache, enum memcache_number n,
DATA_BLOB key, DATA_BLOB value);
+void memcache_add_talloc(struct memcache *cache, enum memcache_number n,
+ DATA_BLOB key, void *ptr);
+
void memcache_delete(struct memcache *cache, enum memcache_number n,
DATA_BLOB key);
bool memcache_lookup(struct memcache *cache, enum memcache_number n,
DATA_BLOB key, DATA_BLOB *value);
+void *memcache_lookup_talloc(struct memcache *cache, enum memcache_number n,
+ DATA_BLOB key);
+
void memcache_flush(struct memcache *cache, enum memcache_number n);
#endif
diff --git a/source3/lib/access.c b/source3/lib/access.c
index 1e4df83607..6a463446d1 100644
--- a/source3/lib/access.c
+++ b/source3/lib/access.c
@@ -97,13 +97,29 @@ static bool string_match(const char *tok,const char *s)
}
} else if (tok[0] == '@') { /* netgroup: look it up */
#ifdef HAVE_NETGROUP
- static char *mydomain = NULL;
+ DATA_BLOB tmp;
+ char *mydomain = NULL;
char *hostname = NULL;
bool netgroup_ok = false;
- if (!mydomain)
+ if (memcache_lookup(
+ NULL, SINGLETON_CACHE,
+ data_blob_string_const("yp_default_domain"),
+ &tmp)) {
+
+ SMB_ASSERT(tmp.length > 0);
+ mydomain = (tmp.data[0] == '\0')
+ ? NULL : (char *)tmp.data;
+ }
+ else {
yp_get_default_domain(&mydomain);
+ memcache_add(
+ NULL, SINGLETON_CACHE,
+ data_blob_string_const("yp_default_domain"),
+ data_blob_string_const(mydomain?mydomain:""));
+ }
+
if (!mydomain) {
DEBUG(0,("Unable to get default yp domain. "
"Try without it.\n"));
diff --git a/source3/lib/data_blob.c b/source3/lib/data_blob.c
index e64e6a19a1..8bbbc32d7b 100644
--- a/source3/lib/data_blob.c
+++ b/source3/lib/data_blob.c
@@ -128,7 +128,7 @@ DATA_BLOB data_blob_string_const(const char *str)
{
DATA_BLOB blob;
blob.data = CONST_DISCARD(uint8 *, str);
- blob.length = strlen(str);
+ blob.length = strlen(str) + 1;
blob.free = NULL;
return blob;
}
diff --git a/source3/lib/md4.c b/source3/lib/md4.c
index 61d5848aae..bae0091e36 100644
--- a/source3/lib/md4.c
+++ b/source3/lib/md4.c
@@ -24,7 +24,14 @@
It assumes that a int is at least 32 bits long
*/
+#if 0
static uint32 A, B, C, D;
+#else
+#define A (state[0])
+#define B (state[1])
+#define C (state[2])
+#define D (state[3])
+#endif
static uint32 F(uint32 X, uint32 Y, uint32 Z)
{
@@ -52,7 +59,7 @@ static uint32 lshift(uint32 x, int s)
#define ROUND3(a,b,c,d,k,s) a = lshift(a + H(b,c,d) + X[k] + (uint32)0x6ED9EBA1,s)
/* this applies md4 to 64 byte chunks */
-static void mdfour64(uint32 *M)
+static void mdfour64(uint32_t *state, uint32 *M)
{
int j;
uint32 AA, BB, CC, DD;
@@ -121,6 +128,7 @@ void mdfour(unsigned char *out, const unsigned char *in, int n)
{
unsigned char buf[128];
uint32 M[16];
+ uint32 state[4];
uint32 b = n * 8;
int i;
@@ -131,7 +139,7 @@ void mdfour(unsigned char *out, const unsigned char *in, int n)
while (n > 64) {
copy64(M, in);
- mdfour64(M);
+ mdfour64(state, M);
in += 64;
n -= 64;
}
@@ -144,13 +152,13 @@ void mdfour(unsigned char *out, const unsigned char *in, int n)
if (n <= 55) {
copy4(buf+56, b);
copy64(M, buf);
- mdfour64(M);
+ mdfour64(state, M);
} else {
copy4(buf+120, b);
copy64(M, buf);
- mdfour64(M);
+ mdfour64(state, M);
copy64(M, buf+64);
- mdfour64(M);
+ mdfour64(state, M);
}
for (i=0;i<128;i++)
@@ -161,8 +169,6 @@ void mdfour(unsigned char *out, const unsigned char *in, int n)
copy4(out+4, B);
copy4(out+8, C);
copy4(out+12, D);
-
- A = B = C = D = 0;
}
diff --git a/source3/lib/memcache.c b/source3/lib/memcache.c
index 17630066ae..457586bd68 100644
--- a/source3/lib/memcache.c
+++ b/source3/lib/memcache.c
@@ -20,6 +20,8 @@
#include "memcache.h"
#include "rbtree.h"
+static struct memcache *global_cache;
+
struct memcache_element {
struct rb_node rb_node;
struct memcache_element *prev, *next;
@@ -35,11 +37,38 @@ struct memcache {
size_t max_size;
};
+static void memcache_element_parse(struct memcache_element *e,
+ DATA_BLOB *key, DATA_BLOB *value);
+
+static bool memcache_is_talloc(enum memcache_number n)
+{
+ bool result;
+
+ switch (n) {
+ case GETPWNAM_CACHE:
+ result = true;
+ break;
+ default:
+ result = false;
+ break;
+ }
+
+ return result;
+}
+
static int memcache_destructor(struct memcache *cache) {
struct memcache_element *e, *next;
for (e = cache->mru; e != NULL; e = next) {
next = e->next;
+ if (memcache_is_talloc((enum memcache_number)e->n)
+ && (e->valuelength == sizeof(void *))) {
+ DATA_BLOB key, value;
+ void *ptr;
+ memcache_element_parse(e, &key, &value);
+ memcpy(&ptr, value.data, sizeof(ptr));
+ TALLOC_FREE(ptr);
+ }
SAFE_FREE(e);
}
return 0;
@@ -58,6 +87,12 @@ struct memcache *memcache_init(TALLOC_CTX *mem_ctx, size_t max_size)
return result;
}
+void memcache_set_global(struct memcache *cache)
+{
+ TALLOC_FREE(global_cache);
+ global_cache = cache;
+}
+
static struct memcache_element *memcache_node2elem(struct rb_node *node)
{
return (struct memcache_element *)
@@ -119,6 +154,13 @@ bool memcache_lookup(struct memcache *cache, enum memcache_number n,
{
struct memcache_element *e;
+ if (cache == NULL) {
+ cache = global_cache;
+ }
+ if (cache == NULL) {
+ return false;
+ }
+
e = memcache_find(cache, n, key);
if (e == NULL) {
return false;
@@ -141,6 +183,25 @@ bool memcache_lookup(struct memcache *cache, enum memcache_number n,
return true;
}
+void *memcache_lookup_talloc(struct memcache *cache, enum memcache_number n,
+ DATA_BLOB key)
+{
+ DATA_BLOB value;
+ void *result;
+
+ if (!memcache_lookup(cache, n, key, &value)) {
+ return NULL;
+ }
+
+ if (value.length != sizeof(result)) {
+ return NULL;
+ }
+
+ memcpy(&result, value.data, sizeof(result));
+
+ return result;
+}
+
static void memcache_delete_element(struct memcache *cache,
struct memcache_element *e)
{
@@ -172,6 +233,13 @@ void memcache_delete(struct memcache *cache, enum memcache_number n,
{
struct memcache_element *e;
+ if (cache == NULL) {
+ cache = global_cache;
+ }
+ if (cache == NULL) {
+ return;
+ }
+
e = memcache_find(cache, n, key);
if (e == NULL) {
return;
@@ -189,6 +257,13 @@ void memcache_add(struct memcache *cache, enum memcache_number n,
DATA_BLOB cache_key, cache_value;
size_t element_size;
+ if (cache == NULL) {
+ cache = global_cache;
+ }
+ if (cache == NULL) {
+ return;
+ }
+
if (key.length == 0) {
return;
}
@@ -254,10 +329,23 @@ void memcache_add(struct memcache *cache, enum memcache_number n,
memcache_trim(cache);
}
+void memcache_add_talloc(struct memcache *cache, enum memcache_number n,
+ DATA_BLOB key, void *ptr)
+{
+ memcache_add(cache, n, key, data_blob_const(&ptr, sizeof(ptr)));
+}
+
void memcache_flush(struct memcache *cache, enum memcache_number n)
{
struct rb_node *node;
+ if (cache == NULL) {
+ cache = global_cache;
+ }
+ if (cache == NULL) {
+ return;
+ }
+
/*
* Find the smallest element of number n
*/
diff --git a/source3/lib/netapi/examples/Makefile.in b/source3/lib/netapi/examples/Makefile.in
new file mode 100644
index 0000000000..c2f453dedc
--- /dev/null
+++ b/source3/lib/netapi/examples/Makefile.in
@@ -0,0 +1,57 @@
+GTK_FLAGS=`pkg-config gtk+-2.0 --cflags`
+GTK_LIBS=`pkg-config gtk+-2.0 --libs`
+
+KRB5LIBS=@KRB5_LIBS@
+LDAP_LIBS=@LDAP_LIBS@
+LIBS=@LIBS@ -lnetapi
+DEVELOPER_CFLAGS=@DEVELOPER_CFLAGS@
+FLAGS=@CFLAGS@ $(GTK_FLAGS)
+CC=@CC@
+LDFLAGS=@PIE_LDFLAGS@ @LDFLAGS@
+DYNEXP=@DYNEXP@
+
+# Compile a source file.
+COMPILE_CC = $(CC) -I. $(FLAGS) $(PICFLAG) -c $< -o $@
+COMPILE = $(COMPILE_CC)
+
+BINARY_PREREQS = proto_exists bin/.dummy
+
+MAKEDIR = || exec false; \
+ if test -d "$$dir"; then :; else \
+ echo mkdir "$$dir"; \
+ mkdir -p "$$dir" >/dev/null 2>&1 || \
+ test -d "$$dir" || \
+ mkdir "$$dir" || \
+ exec false; fi || exec false
+
+.c.o:
+ @if (: >> $@ || : > $@) >/dev/null 2>&1; then rm -f $@; else \
+ dir=`echo $@ | sed 's,/[^/]*$$,,;s,^$$,.,'` $(MAKEDIR); fi
+ @echo Compiling $*.c
+ @$(COMPILE) && exit 0;\
+ echo "The following command failed:" 1>&2;\
+ echo "$(COMPILE_CC)" 1>&2;\
+ $(COMPILE_CC) >/dev/null 2>&1
+
+GETDC_OBJ = getdc/getdc.o
+NETDOMJOIN_OBJ = netdomjoin/netdomjoin.o
+NETDOMJOIN_GUI_OBJ = netdomjoin-gui/netdomjoin-gui.o
+
+PROGS = bin/getdc@EXEEXT@ bin/netdomjoin@EXEEXT@ bin/netdomjoin-gui@EXEEXT@
+
+all: $(PROGS)
+
+bin/getdc@EXEEXT@: $(GETDC_OBJ)
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(GETDC_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS)
+
+bin/netdomjoin@EXEEXT@: $(NETDOMJOIN_OBJ)
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(NETDOMJOIN_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS)
+
+bin/netdomjoin-gui@EXEEXT@: $(NETDOMJOIN_GUI_OBJ)
+ @echo Linking $@
+ @$(CC) $(FLAGS) $(GTK_FLAGS) -o $@ $(NETDOMJOIN_GUI_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(GTK_LIBS)
+
+clean:
+ @rm -f $(PROGS)
diff --git a/source3/lib/netapi/examples/getdc/getdc.c b/source3/lib/netapi/examples/getdc/getdc.c
new file mode 100644
index 0000000000..4f5c5332d5
--- /dev/null
+++ b/source3/lib/netapi/examples/getdc/getdc.c
@@ -0,0 +1,57 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * GetDCName query
+ * Copyright (C) Guenther Deschner 2007
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <sys/types.h>
+#include <inttypes.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <netapi.h>
+
+int main(int argc, char **argv)
+{
+ NET_API_STATUS status;
+ struct libnetapi_ctx *ctx = NULL;
+ uint8_t *buffer;
+
+ if (argc < 3) {
+ printf("usage: getdc <hostname> <domain>\n");
+ return -1;
+ }
+
+ status = libnetapi_init(&ctx);
+ if (status != 0) {
+ return status;
+ }
+
+ libnetapi_set_username(ctx, "");
+ libnetapi_set_password(ctx, "");
+
+ status = NetGetDCName(argv[1], argv[2], &buffer);
+ if (status != 0) {
+ printf("GetDcName failed with: %s\n", libnetapi_errstr(ctx, status));
+ } else {
+ printf("%s\n", (char *)buffer);
+ }
+
+ libnetapi_free(ctx);
+
+ return status;
+}
diff --git a/source3/lib/netapi/examples/netdomjoin-gui/logo.png b/source3/lib/netapi/examples/netdomjoin-gui/logo.png
new file mode 100644
index 0000000000..6df4ace659
--- /dev/null
+++ b/source3/lib/netapi/examples/netdomjoin-gui/logo.png
Binary files differ
diff --git a/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c b/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c
new file mode 100644
index 0000000000..beb12be8b1
--- /dev/null
+++ b/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c
@@ -0,0 +1,1347 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * Join Support (gtk + netapi)
+ * Copyright (C) Guenther Deschner 2007
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <sys/types.h>
+#include <inttypes.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+
+#include <gtk/gtk.h>
+#include <glib/gprintf.h>
+
+#include <netapi.h>
+
+#define MAX_CRED_LEN 256
+#define MAX_NETBIOS_NAME_LEN 15
+
+#define SAMBA_ICON_PATH "/usr/share/pixmaps/samba/samba.ico"
+#define SAMBA_IMAGE_PATH "/usr/share/pixmaps/samba/logo.png"
+
+#define WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED ( 0x00000020 )
+#define WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE ( 0x00000004 )
+#define WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE ( 0x00000002 )
+#define WKSSVC_JOIN_FLAGS_JOIN_TYPE ( 0x00000001 )
+
+#define NetSetupWorkgroupName ( 2 )
+#define NetSetupDomainName ( 3 )
+
+#define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0)
+
+struct srvsvc_NetSrvInfo1005 {
+ const char *comment;/* [unique,charset(UTF16)] */
+};
+
+static gboolean verbose = FALSE;
+
+typedef struct join_state {
+ struct libnetapi_ctx *ctx;
+ GtkWidget *window_main;
+ GtkWidget *window_parent;
+ GtkWidget *window_do_change;
+ GtkWidget *window_creds_prompt;
+ GtkWidget *entry_account;
+ GtkWidget *entry_password;
+ GtkWidget *entry_domain;
+ GtkWidget *entry_workgroup;
+ GtkWidget *button_ok;
+ GtkWidget *button_apply;
+ GtkWidget *button_ok_creds;
+ GtkWidget *label_reboot;
+ GtkWidget *label_current_name_buffer;
+ GtkWidget *label_current_name_type;
+ GtkWidget *label_full_computer_name;
+ uint16_t name_type_initial;
+ uint16_t name_type_new;
+ char *name_buffer_initial;
+ char *name_buffer_new;
+ char *password;
+ char *account;
+ char *comment;
+ char *comment_new;
+ char *my_fqdn;
+ char *my_dnsdomain;
+ char *my_hostname;
+ uint16_t server_role;
+ gboolean settings_changed;
+ gboolean hostname_changed;
+} join_state;
+
+static void debug(const char *format, ...)
+{
+ va_list args;
+
+ if (!verbose) {
+ return;
+ }
+
+ va_start(args, format);
+ g_vprintf(format, args);
+ va_end(args);
+}
+
+static gboolean callback_delete_event(GtkWidget *widget,
+ GdkEvent *event,
+ gpointer data)
+{
+ gtk_main_quit();
+ return FALSE;
+}
+
+static void callback_do_close(GtkWidget *widget,
+ gpointer data)
+{
+ debug("Closing now...\n");
+ gtk_widget_destroy(data);
+}
+
+static void free_join_state(struct join_state *s)
+{
+ SAFE_FREE(s->name_buffer_initial);
+ SAFE_FREE(s->name_buffer_new);
+ SAFE_FREE(s->password);
+ SAFE_FREE(s->account);
+ SAFE_FREE(s->comment);
+ SAFE_FREE(s->comment_new);
+ SAFE_FREE(s->my_fqdn);
+ SAFE_FREE(s->my_dnsdomain);
+ SAFE_FREE(s->my_hostname);
+
+}
+
+static void do_cleanup(struct join_state *state)
+{
+ libnetapi_free(state->ctx);
+ free_join_state(state);
+}
+
+static void callback_apply_description_change(GtkWidget *widget,
+ gpointer data)
+{
+ struct join_state *state = (struct join_state *)data;
+ NET_API_STATUS status = 0;
+ uint32_t parm_err = 0;
+ struct srvsvc_NetSrvInfo1005 info1005;
+ GtkWidget *dialog;
+
+ info1005.comment = state->comment_new;
+
+ status = NetServerSetInfo(NULL, 1005, (uint8_t *)&info1005, &parm_err);
+ if (status) {
+ debug("NetServerSetInfo failed with: %s\n",
+ libnetapi_errstr(state->ctx, status));
+ dialog = gtk_message_dialog_new(GTK_WINDOW(state->window_main),
+ GTK_DIALOG_DESTROY_WITH_PARENT,
+ GTK_MESSAGE_ERROR,
+ GTK_BUTTONS_OK,
+ "Failed to change computer description: %s.",
+ libnetapi_errstr(state->ctx, status));
+ g_signal_connect_swapped(dialog, "response",
+ G_CALLBACK(gtk_widget_destroy),
+ dialog);
+
+ gtk_widget_show(dialog);
+ return;
+ }
+
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_apply), FALSE);
+}
+
+static void callback_do_exit(GtkWidget *widget,
+ gpointer data)
+{
+ GtkWidget *dialog;
+ gint result;
+ struct join_state *state = (struct join_state *)data;
+
+ if (!state->settings_changed) {
+ callback_delete_event(NULL, NULL, NULL);
+ return;
+ }
+
+ dialog = gtk_message_dialog_new(GTK_WINDOW(state->window_main),
+ GTK_DIALOG_DESTROY_WITH_PARENT,
+ GTK_MESSAGE_QUESTION,
+ GTK_BUTTONS_YES_NO,
+ "You must restart your computer before the new settings will take effect.");
+ result = gtk_dialog_run(GTK_DIALOG(dialog));
+ switch (result) {
+ case GTK_RESPONSE_YES:
+ g_print("would reboot here\n");
+ break;
+ case GTK_RESPONSE_NO:
+ default:
+ break;
+ }
+ gtk_widget_destroy(dialog);
+ gtk_widget_destroy(state->window_main);
+ do_cleanup(state);
+ exit(0);
+}
+
+
+static void callback_do_reboot(GtkWidget *widget,
+ gpointer data,
+ gpointer data2)
+{
+ GtkWidget *dialog;
+ struct join_state *state = (struct join_state *)data2;
+
+ debug("callback_do_reboot\n");
+
+ state->settings_changed = TRUE;
+ dialog = gtk_message_dialog_new(GTK_WINDOW(data),
+ GTK_DIALOG_DESTROY_WITH_PARENT,
+ GTK_MESSAGE_INFO,
+ GTK_BUTTONS_OK,
+ "You must restart this computer for the changes to take effect.");
+#if 0
+ g_signal_connect_swapped(dialog, "response",
+ G_CALLBACK(gtk_widget_destroy),
+ dialog);
+
+ debug("showing dialog\n");
+ gtk_widget_show(dialog);
+#else
+ gtk_dialog_run(GTK_DIALOG(dialog));
+ gtk_widget_destroy(dialog);
+#endif
+
+ gtk_label_set_text(GTK_LABEL(state->label_reboot), "Changes will take effect after you restart this computer");
+
+ debug("destroying do_change window\n");
+ gtk_widget_destroy(GTK_WIDGET(state->window_do_change));
+
+ {
+ uint32_t status;
+ const char *buffer;
+ uint16_t type;
+
+ status = NetGetJoinInformation(NULL, &buffer, &type);
+ if (status != 0) {
+ g_print("failed to query status\n");
+ return;
+ }
+
+ debug("got new status: %s\n", buffer);
+#if 0
+ SAFE_FREE(state->name_buffer_new);
+ state->name_buffer_new = strdup(buffer);
+ SAFE_FREE(buffer);
+ state->name_type_new = type;
+#endif
+ gtk_label_set_text(GTK_LABEL(state->label_current_name_buffer), state->name_buffer_new);
+ if (state->name_type_new == 3) {
+ gtk_label_set_text(GTK_LABEL(state->label_current_name_type), "Domain:");
+ } else {
+ gtk_label_set_text(GTK_LABEL(state->label_current_name_type), "Workgroup:");
+ }
+ }
+}
+
+static void callback_return_username(GtkWidget *widget,
+ gpointer data)
+{
+ const gchar *entry_text;
+ struct join_state *state = (struct join_state *)data;
+ if (!widget) {
+ return;
+ }
+ entry_text = gtk_entry_get_text(GTK_ENTRY(widget));
+ debug("callback_return_username: %s\n", entry_text);
+ SAFE_FREE(state->account);
+ state->account = strdup(entry_text);
+}
+
+static void callback_return_username_and_enter(GtkWidget *widget,
+ gpointer data)
+{
+ const gchar *entry_text;
+ struct join_state *state = (struct join_state *)data;
+ if (!widget) {
+ return;
+ }
+ entry_text = gtk_entry_get_text(GTK_ENTRY(widget));
+ debug("callback_return_username: %s\n", entry_text);
+ SAFE_FREE(state->account);
+ state->account = strdup(entry_text);
+ g_signal_emit_by_name(state->button_ok_creds, "clicked");
+}
+
+static void callback_return_password(GtkWidget *widget,
+ gpointer data)
+{
+ const gchar *entry_text;
+ struct join_state *state = (struct join_state *)data;
+ if (!widget) {
+ return;
+ }
+ entry_text = gtk_entry_get_text(GTK_ENTRY(widget));
+#ifdef DEBUG_PASSWORD
+ debug("callback_return_password: %s\n", entry_text);
+#else
+ debug("callback_return_password: (not printed)\n");
+#endif
+ SAFE_FREE(state->password);
+ state->password = strdup(entry_text);
+}
+
+static void callback_return_password_and_enter(GtkWidget *widget,
+ gpointer data)
+{
+ const gchar *entry_text;
+ struct join_state *state = (struct join_state *)data;
+ if (!widget) {
+ return;
+ }
+ entry_text = gtk_entry_get_text(GTK_ENTRY(widget));
+#ifdef DEBUG_PASSWORD
+ debug("callback_return_password: %s\n", entry_text);
+#else
+ debug("callback_return_password: (not printed)\n");
+#endif
+ SAFE_FREE(state->password);
+ state->password = strdup(entry_text);
+ g_signal_emit_by_name(state->button_ok_creds, "clicked");
+}
+
+static void callback_do_hostname_change(GtkWidget *widget,
+ gpointer data)
+{
+ GtkWidget *dialog;
+ const char *str = NULL;
+
+ struct join_state *state = (struct join_state *)data;
+
+ switch (state->name_type_initial) {
+ case NetSetupDomainName:
+ str = "To be implemented: call NetRenameMachineInDomain\n";
+ break;
+ case NetSetupWorkgroupName:
+ str = "To be implemented: call SetComputerNameEx\n";
+ break;
+ default:
+ break;
+ }
+
+ dialog = gtk_message_dialog_new(GTK_WINDOW(state->window_parent),
+ GTK_DIALOG_DESTROY_WITH_PARENT,
+ GTK_MESSAGE_ERROR,
+ GTK_BUTTONS_CLOSE,
+ str);
+
+ g_signal_connect_swapped(dialog, "response",
+ G_CALLBACK(gtk_widget_destroy),
+ dialog);
+ gtk_widget_show(dialog);
+}
+
+static void callback_do_join(GtkWidget *widget,
+ gpointer data)
+{
+ GtkWidget *dialog;
+
+ NET_API_STATUS status;
+ const char *err_str = NULL;
+ uint32_t join_flags = 0;
+ uint32_t unjoin_flags = 0;
+ gboolean domain_join = FALSE;
+ gboolean try_unjoin = FALSE;
+ const char *domain_or_workgroup = NULL;
+
+ struct join_state *state = (struct join_state *)data;
+
+ callback_return_username(state->entry_account, state);
+ callback_return_password(state->entry_password, state);
+
+ if (state->window_creds_prompt) {
+ gtk_widget_destroy(GTK_WIDGET(state->window_creds_prompt));
+ }
+
+ if (state->name_type_new == NetSetupDomainName) {
+ domain_join = TRUE;
+ join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
+ WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE |
+ WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED; /* for testing */
+ domain_or_workgroup = "domain";
+ } else {
+ domain_or_workgroup = "workgroup";
+ }
+
+ if ((state->name_type_initial == NetSetupDomainName) &&
+ (state->name_type_new == NetSetupWorkgroupName)) {
+ try_unjoin = TRUE;
+ unjoin_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
+ WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE;
+ }
+
+ debug("callback_do_join: Joining a %s named %s using join_flags 0x%08x ",
+ domain_or_workgroup,
+ state->name_buffer_new,
+ join_flags);
+ if (domain_join) {
+ debug("as %s ", state->account);
+#ifdef DEBUG_PASSWORD
+ debug("with %s ", state->password);
+#endif
+ }
+ debug("\n");
+ if (try_unjoin) {
+
+ debug("callback_do_join: Unjoining\n");
+
+ status = NetUnjoinDomain(NULL,
+ state->account,
+ state->password,
+ unjoin_flags);
+ if (status != 0) {
+ err_str = libnetapi_errstr(state->ctx, status);
+ g_print("callback_do_join: failed to unjoin (%s)\n",
+ err_str);
+
+ dialog = gtk_message_dialog_new(GTK_WINDOW(state->window_parent),
+ GTK_DIALOG_DESTROY_WITH_PARENT,
+ GTK_MESSAGE_ERROR,
+ GTK_BUTTONS_CLOSE,
+ "The following error occured attempting to unjoin the %s: \"%s\": %s",
+ domain_or_workgroup,
+ state->name_buffer_new,
+ err_str);
+
+ g_signal_connect_swapped(dialog, "response",
+ G_CALLBACK(gtk_widget_destroy),
+ dialog);
+
+ gtk_widget_show(dialog);
+
+ return;
+ }
+
+ }
+ status = NetJoinDomain(NULL,
+ state->name_buffer_new,
+ NULL,
+ state->account,
+ state->password,
+ join_flags);
+ if (status != 0) {
+ err_str = libnetapi_errstr(state->ctx, status);
+ g_print("callback_do_join: failed to join (%s)\n", err_str);
+
+ dialog = gtk_message_dialog_new(GTK_WINDOW(state->window_parent),
+ GTK_DIALOG_DESTROY_WITH_PARENT,
+ GTK_MESSAGE_ERROR,
+ GTK_BUTTONS_CLOSE,
+ "The following error occured attempting to join the %s: \"%s\": %s",
+ domain_or_workgroup,
+ state->name_buffer_new,
+ err_str);
+
+ g_signal_connect_swapped(dialog, "response",
+ G_CALLBACK(gtk_widget_destroy),
+ dialog);
+
+ gtk_widget_show(dialog);
+
+ return;
+ }
+
+ debug("callback_do_join: Successfully joined %s\n",
+ domain_or_workgroup);
+
+ dialog = gtk_message_dialog_new(GTK_WINDOW(state->window_parent),
+ GTK_DIALOG_DESTROY_WITH_PARENT,
+ GTK_MESSAGE_INFO,
+ GTK_BUTTONS_OK,
+ "Welcome to the %s %s.",
+ state->name_buffer_new,
+ domain_or_workgroup);
+
+ gtk_dialog_run(GTK_DIALOG(dialog));
+ gtk_widget_destroy(dialog);
+
+ callback_do_reboot(NULL, state->window_parent, state);
+}
+
+static void callback_creds_prompt(GtkWidget *widget,
+ gpointer data)
+{
+ GtkWidget *window;
+ GtkWidget *box1;
+ GtkWidget *bbox;
+ GtkWidget *button;
+ GtkWidget *label;
+
+ struct join_state *state = (struct join_state *)data;
+
+ debug("callback_creds_prompt:\n");
+
+ state->window_parent = state->window_do_change;
+
+ if (state->hostname_changed) {
+ return callback_do_hostname_change(NULL, state);
+ }
+
+ if ((state->name_type_initial != NetSetupDomainName) &&
+ (state->name_type_new != NetSetupDomainName)) {
+ return callback_do_join(NULL, state);
+ }
+
+ window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
+
+ gtk_window_set_title(GTK_WINDOW(window), "Computer Name Changes");
+ gtk_window_set_resizable(GTK_WINDOW(window), FALSE);
+ gtk_window_set_position(GTK_WINDOW(window), GTK_WIN_POS_CENTER);
+ gtk_widget_set_size_request(GTK_WIDGET(window), 380, 280);
+ gtk_window_set_icon_from_file(GTK_WINDOW(window), SAMBA_ICON_PATH, NULL);
+/* gtk_window_set_icon_name(GTK_WIDGET(window), GTK_STOCK_DIALOG_AUTHENTICATION); */
+ state->window_creds_prompt = window;
+
+ g_signal_connect(G_OBJECT(window), "delete_event",
+ G_CALLBACK(callback_do_close), window);
+
+ gtk_container_set_border_width(GTK_CONTAINER(window), 10);
+
+ box1 = gtk_vbox_new(FALSE, 0);
+
+ gtk_container_add(GTK_CONTAINER(window), box1);
+
+ if ((state->name_type_initial == NetSetupDomainName) &&
+ (state->name_type_new == NetSetupWorkgroupName)) {
+ label = gtk_label_new("Enter the name and password of an account with permission to leave the domain.\n");
+ } else {
+ label = gtk_label_new("Enter the name and password of an account with permission to join the domain.\n");
+ }
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_label_set_line_wrap(GTK_LABEL(label), TRUE);
+
+ gtk_box_pack_start(GTK_BOX(box1), label, FALSE, FALSE, 0);
+
+ gtk_widget_show(label);
+
+ /* USER NAME */
+ label = gtk_label_new("User name:");
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_box_pack_start(GTK_BOX(box1), label, FALSE, FALSE, 0);
+ gtk_widget_show(label);
+
+ state->entry_account = gtk_entry_new();
+ gtk_entry_set_max_length(GTK_ENTRY(state->entry_account), MAX_CRED_LEN);
+ g_signal_connect(G_OBJECT(state->entry_account), "activate",
+ G_CALLBACK(callback_return_username_and_enter),
+ (gpointer)state);
+ gtk_editable_select_region(GTK_EDITABLE(state->entry_account),
+ 0, GTK_ENTRY(state->entry_account)->text_length);
+ gtk_box_pack_start(GTK_BOX(box1), state->entry_account, TRUE, TRUE, 0);
+ gtk_widget_show(state->entry_account);
+
+ /* PASSWORD */
+ label = gtk_label_new("Password:");
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_box_pack_start(GTK_BOX(box1), label, FALSE, FALSE, 0);
+ gtk_widget_show(label);
+
+ state->entry_password = gtk_entry_new();
+ gtk_entry_set_max_length(GTK_ENTRY(state->entry_password), MAX_CRED_LEN);
+ gtk_entry_set_visibility(GTK_ENTRY(state->entry_password), FALSE);
+ g_signal_connect(G_OBJECT(state->entry_password), "activate",
+ G_CALLBACK(callback_return_password_and_enter),
+ (gpointer)state);
+ gtk_editable_set_editable(GTK_EDITABLE(state->entry_password), TRUE);
+ gtk_editable_select_region(GTK_EDITABLE(state->entry_password),
+ 0, GTK_ENTRY(state->entry_password)->text_length);
+ gtk_box_pack_start(GTK_BOX(box1), state->entry_password, TRUE, TRUE, 0);
+ gtk_widget_show(state->entry_password);
+
+ bbox = gtk_hbutton_box_new();
+ gtk_container_set_border_width(GTK_CONTAINER(bbox), 5);
+ gtk_container_add(GTK_CONTAINER(box1), bbox);
+ gtk_button_box_set_layout(GTK_BUTTON_BOX(bbox), GTK_BUTTONBOX_END);
+ gtk_box_set_spacing(GTK_BOX(bbox), 10);
+
+ state->button_ok_creds = gtk_button_new_from_stock(GTK_STOCK_OK);
+ gtk_widget_grab_focus(GTK_WIDGET(state->button_ok_creds));
+ gtk_container_add(GTK_CONTAINER(bbox), state->button_ok_creds);
+ g_signal_connect(G_OBJECT(state->button_ok_creds), "clicked",
+ G_CALLBACK(callback_do_join),
+ (gpointer)state);
+ gtk_widget_show(state->button_ok_creds);
+
+ button = gtk_button_new_from_stock(GTK_STOCK_CANCEL);
+ gtk_container_add(GTK_CONTAINER(bbox), button);
+ g_signal_connect(G_OBJECT(button), "clicked",
+ G_CALLBACK(callback_do_close), (gpointer) window);
+ gtk_widget_show_all(window);
+}
+
+static void callback_enter_hostname_and_unlock(GtkWidget *widget,
+ gpointer data)
+{
+ const gchar *entry_text = NULL;
+ char *str = NULL;
+ struct join_state *state = (struct join_state *)data;
+
+ entry_text = gtk_entry_get_text(GTK_ENTRY(widget));
+ debug("callback_enter_hostname_and_unlock: %s\n", entry_text);
+ if (!entry_text || entry_text[0] == 0) {
+ state->hostname_changed = FALSE;
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_ok), FALSE);
+ return;
+ }
+ if (strcasecmp(state->my_hostname, entry_text) == 0) {
+ state->hostname_changed = FALSE;
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_ok), FALSE);
+ return;
+ }
+ state->hostname_changed = TRUE;
+ if (state->name_type_initial == NetSetupDomainName) {
+ asprintf(&str, "%s.%s", entry_text, state->my_dnsdomain);
+ } else {
+ asprintf(&str, "%s.", entry_text);
+ }
+ gtk_label_set_text(GTK_LABEL(state->label_full_computer_name), str);
+ free(str);
+
+ if (state->hostname_changed && str && str[0] != 0 && str[0] != '.') {
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_ok), TRUE);
+ }
+}
+
+static void callback_enter_computer_description_and_unlock(GtkWidget *widget,
+ gpointer data)
+{
+ const gchar *entry_text = NULL;
+ struct join_state *state = (struct join_state *)data;
+ int string_unchanged = 0;
+
+ entry_text = gtk_entry_get_text(GTK_ENTRY(widget));
+ debug("callback_enter_computer_description_and_unlock: %s\n",
+ entry_text);
+#if 0
+ if (!entry_text || entry_text[0] == 0) {
+ string_unchanged = 1;
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_apply),
+ FALSE);
+ return;
+ }
+#endif
+ if (entry_text && strcasecmp(state->comment, entry_text) == 0) {
+ string_unchanged = 1;
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_apply),
+ FALSE);
+ return;
+ }
+
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_apply), TRUE);
+ SAFE_FREE(state->comment_new);
+ state->comment_new = strdup(entry_text);
+
+}
+
+
+static void callback_enter_workgroup_and_unlock(GtkWidget *widget,
+ gpointer data)
+{
+ const gchar *entry_text = NULL;
+ struct join_state *state = (struct join_state *)data;
+
+ entry_text = gtk_entry_get_text(GTK_ENTRY(widget));
+ debug("callback_enter_workgroup_and_unlock: %s\n", entry_text);
+ if (!entry_text || entry_text[0] == 0) {
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_ok), FALSE);
+ return;
+ }
+ if (strcasecmp(state->name_buffer_initial, entry_text) == 0) {
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_ok), FALSE);
+ return;
+ }
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_ok), TRUE);
+ SAFE_FREE(state->name_buffer_new);
+ state->name_buffer_new = strdup(entry_text);
+ state->name_type_new = NetSetupWorkgroupName;
+}
+
+static void callback_enter_domain_and_unlock(GtkWidget *widget,
+ gpointer data)
+{
+ const gchar *entry_text = NULL;
+ struct join_state *state = (struct join_state *)data;
+
+ entry_text = gtk_entry_get_text(GTK_ENTRY(widget));
+ debug("callback_enter_domain_and_unlock: %s\n", entry_text);
+ if (!entry_text || entry_text[0] == 0) {
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_ok), FALSE);
+ return;
+ }
+ if (strcasecmp(state->name_buffer_initial, entry_text) == 0) {
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_ok), FALSE);
+ return;
+ }
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_ok), TRUE);
+ SAFE_FREE(state->name_buffer_new);
+ state->name_buffer_new = strdup(entry_text);
+ state->name_type_new = NetSetupDomainName;
+}
+
+static void callback_continue(GtkWidget *widget,
+ gpointer data)
+{
+ struct join_state *state = (struct join_state *)data;
+
+ gtk_widget_grab_focus(GTK_WIDGET(state->button_ok));
+ g_signal_emit_by_name(state->button_ok, "clicked");
+}
+
+static void callback_apply_continue(GtkWidget *widget,
+ gpointer data)
+{
+ struct join_state *state = (struct join_state *)data;
+
+ gtk_widget_grab_focus(GTK_WIDGET(state->button_apply));
+ g_signal_emit_by_name(state->button_apply, "clicked");
+}
+
+static void callback_do_join_workgroup(GtkWidget *widget,
+ gpointer data)
+{
+ struct join_state *state = (struct join_state *)data;
+ debug("callback_do_join_workgroup choosen\n");
+ gtk_widget_set_sensitive(GTK_WIDGET(state->entry_workgroup), TRUE);
+ gtk_widget_grab_focus(GTK_WIDGET(state->entry_workgroup));
+ gtk_widget_set_sensitive(GTK_WIDGET(state->entry_domain), FALSE);
+ callback_enter_workgroup_and_unlock(state->entry_workgroup, state); /* TEST */
+}
+
+static void callback_do_join_domain(GtkWidget *widget,
+ gpointer data)
+{
+ struct join_state *state = (struct join_state *)data;
+ debug("callback_do_join_domain choosen\n");
+ gtk_widget_set_sensitive(GTK_WIDGET(state->entry_domain), TRUE);
+ gtk_widget_grab_focus(GTK_WIDGET(state->entry_domain));
+ gtk_widget_set_sensitive(GTK_WIDGET(state->entry_workgroup), FALSE);
+ callback_enter_domain_and_unlock(state->entry_domain, state); /* TEST */
+}
+
+static void callback_do_change(GtkWidget *widget,
+ gpointer data)
+{
+ GtkWidget *window;
+ GtkWidget *box1;
+ GtkWidget *bbox;
+ GtkWidget *button_workgroup;
+ GtkWidget *button_domain;
+ GtkWidget *button;
+ GtkWidget *label;
+ GtkWidget *frame_horz;
+ GtkWidget *vbox;
+ GtkWidget *entry;
+ GSList *group;
+
+ struct join_state *state = (struct join_state *)data;
+
+ debug("callback_do_change called\n");
+
+ if (state->server_role == 3) {
+ GtkWidget *dialog;
+ dialog = gtk_message_dialog_new(GTK_WINDOW(state->window_main),
+ GTK_DIALOG_DESTROY_WITH_PARENT,
+ GTK_MESSAGE_ERROR,
+ GTK_BUTTONS_OK,
+ "Domain controller cannot be moved from one domain to another, they must first be demoted. Renaming this domain controller may cause it to become temporarily unavailable to users and computers. For information on renaming domain controllers, including alternate renaming methods, see Help and Support. To continue renaming this domain controller, click OK.");
+ g_signal_connect_swapped(dialog, "response",
+ G_CALLBACK(gtk_widget_destroy),
+ dialog);
+
+ gtk_widget_show(dialog);
+ return;
+ }
+
+ state->button_ok = gtk_button_new_from_stock(GTK_STOCK_OK);
+ window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
+
+ gtk_window_set_title(GTK_WINDOW(window), "Computer Name Changes");
+ gtk_window_set_resizable(GTK_WINDOW(window), FALSE);
+ gtk_widget_set_size_request(GTK_WIDGET(window), 480, 500); /* breite * höhe */
+ gtk_window_set_icon_from_file(GTK_WINDOW(window), SAMBA_ICON_PATH, NULL);
+
+ g_signal_connect(G_OBJECT(window), "delete_event",
+ G_CALLBACK(callback_do_close), window);
+
+ gtk_container_set_border_width(GTK_CONTAINER(window), 10);
+
+ box1 = gtk_vbox_new(FALSE, 0);
+ gtk_container_add(GTK_CONTAINER(window), box1);
+
+ label = gtk_label_new("You can change the name and membership of this computer. Changes may affect access to network ressources.");
+ gtk_label_set_line_wrap(GTK_LABEL(label), TRUE);
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_box_pack_start(GTK_BOX(box1), label, TRUE, TRUE, 0);
+ gtk_widget_show(label);
+
+ /* COMPUTER NAME */
+ label = gtk_label_new("Computer name:");
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_box_pack_start(GTK_BOX(box1), label, TRUE, TRUE, 0);
+ gtk_widget_show(label);
+
+ state->label_full_computer_name = gtk_label_new(NULL);
+ {
+ entry = gtk_entry_new();
+ gtk_entry_set_max_length(GTK_ENTRY(entry), MAX_NETBIOS_NAME_LEN);
+ g_signal_connect(G_OBJECT(entry), "changed",
+ G_CALLBACK(callback_enter_hostname_and_unlock),
+ (gpointer)state);
+ gtk_entry_set_text(GTK_ENTRY(entry), state->my_hostname);
+ gtk_editable_select_region(GTK_EDITABLE(entry),
+ 0, GTK_ENTRY(entry)->text_length);
+
+ gtk_editable_set_editable(GTK_EDITABLE(entry), TRUE); /* ! */
+ gtk_box_pack_start(GTK_BOX(box1), entry, TRUE, TRUE, 0);
+ gtk_widget_show(entry);
+ }
+
+ /* FULL COMPUTER NAME */
+ label = gtk_label_new("Full computer name:");
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_box_pack_start(GTK_BOX(box1), label, TRUE, TRUE, 0);
+ gtk_widget_show(label);
+
+ {
+ const gchar *entry_text;
+ char *str = NULL;
+ entry_text = gtk_entry_get_text(GTK_ENTRY(entry));
+ if (state->name_type_initial == NetSetupDomainName) {
+ asprintf(&str, "%s.%s", entry_text, state->my_dnsdomain);
+ } else {
+ asprintf(&str, "%s.", entry_text);
+ }
+ gtk_label_set_text(GTK_LABEL(state->label_full_computer_name), str);
+ free(str);
+ gtk_misc_set_alignment(GTK_MISC(state->label_full_computer_name), 0, 0);
+ gtk_box_pack_start(GTK_BOX(box1), state->label_full_computer_name, TRUE, TRUE, 0);
+ gtk_widget_show(state->label_full_computer_name);
+ }
+
+ /* BOX */
+ frame_horz = gtk_frame_new ("Member Of");
+ gtk_box_pack_start(GTK_BOX(box1), frame_horz, TRUE, TRUE, 10);
+
+ vbox = gtk_vbox_new(FALSE, 0);
+ gtk_container_set_border_width(GTK_CONTAINER(vbox), 10);
+ gtk_container_add(GTK_CONTAINER(frame_horz), vbox);
+
+ /* TWO ENTRIES */
+ state->entry_workgroup = gtk_entry_new();
+ state->entry_domain = gtk_entry_new();
+
+ /* DOMAIN */
+ button_domain = gtk_radio_button_new_with_label(NULL, "Domain");
+ if (state->name_type_initial == NetSetupDomainName) {
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(button_domain), TRUE);
+ }
+ gtk_box_pack_start(GTK_BOX(vbox), button_domain, TRUE, TRUE, 0);
+ g_signal_connect(G_OBJECT(button_domain), "clicked",
+ G_CALLBACK(callback_do_join_domain),
+ (gpointer)state);
+
+ {
+ gtk_entry_set_max_length(GTK_ENTRY(state->entry_domain), 50);
+ g_signal_connect(G_OBJECT(state->entry_domain), "changed",
+ G_CALLBACK(callback_enter_domain_and_unlock),
+ (gpointer)state);
+ g_signal_connect(G_OBJECT(state->entry_domain), "activate",
+ G_CALLBACK(callback_continue),
+ (gpointer)state);
+ if (state->name_type_initial == NetSetupDomainName) {
+ gtk_entry_set_text(GTK_ENTRY(state->entry_domain), state->name_buffer_initial);
+ gtk_widget_set_sensitive(state->entry_workgroup, FALSE);
+ gtk_widget_set_sensitive(state->entry_domain, TRUE);
+ }
+ gtk_editable_set_editable(GTK_EDITABLE(state->entry_domain), TRUE);
+ gtk_box_pack_start(GTK_BOX(vbox), state->entry_domain, TRUE, TRUE, 0);
+ gtk_widget_show(state->entry_domain);
+ }
+ gtk_widget_show(button_domain);
+
+ /* WORKGROUP */
+ group = gtk_radio_button_get_group(GTK_RADIO_BUTTON(button_domain));
+ button_workgroup = gtk_radio_button_new_with_label(group, "Workgroup");
+ if (state->name_type_initial == NetSetupWorkgroupName) {
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(button_workgroup), TRUE);
+ }
+ gtk_box_pack_start(GTK_BOX(vbox), button_workgroup, TRUE, TRUE, 0);
+ g_signal_connect(G_OBJECT(button_workgroup), "clicked",
+ G_CALLBACK(callback_do_join_workgroup),
+ (gpointer)state);
+ {
+ gtk_entry_set_max_length(GTK_ENTRY(state->entry_workgroup), MAX_NETBIOS_NAME_LEN);
+ g_signal_connect(G_OBJECT(state->entry_workgroup), "changed",
+ G_CALLBACK(callback_enter_workgroup_and_unlock),
+ (gpointer)state);
+ g_signal_connect(G_OBJECT(state->entry_workgroup), "activate",
+ G_CALLBACK(callback_continue),
+ (gpointer)state);
+
+ if (state->name_type_initial == NetSetupWorkgroupName) {
+ gtk_entry_set_text(GTK_ENTRY(state->entry_workgroup), state->name_buffer_initial);
+ gtk_widget_set_sensitive(GTK_WIDGET(state->entry_domain), FALSE);
+ gtk_widget_set_sensitive(GTK_WIDGET(state->entry_workgroup), TRUE);
+ }
+ gtk_box_pack_start(GTK_BOX(vbox), state->entry_workgroup, TRUE, TRUE, 0);
+ gtk_widget_show(state->entry_workgroup);
+ }
+ gtk_widget_show(button_workgroup);
+
+ /* BUTTONS */
+ bbox = gtk_hbutton_box_new();
+ gtk_container_set_border_width(GTK_CONTAINER(bbox), 5);
+ gtk_container_add(GTK_CONTAINER(box1), bbox);
+ gtk_button_box_set_layout(GTK_BUTTON_BOX(bbox), GTK_BUTTONBOX_END);
+ gtk_box_set_spacing(GTK_BOX(bbox), 10);
+
+ state->window_do_change = window;
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_ok), FALSE); /* !!! */
+ gtk_container_add(GTK_CONTAINER(bbox), state->button_ok);
+ g_signal_connect(G_OBJECT(state->button_ok), "clicked",
+ G_CALLBACK(callback_creds_prompt),
+ (gpointer)state);
+
+ button = gtk_button_new_from_stock(GTK_STOCK_CANCEL);
+ gtk_container_add(GTK_CONTAINER(bbox), button);
+ g_signal_connect(G_OBJECT(button), "clicked",
+ G_CALLBACK(callback_do_close),
+ (gpointer)window);
+
+ gtk_widget_show_all(window);
+
+}
+
+static void callback_do_about(GtkWidget *widget,
+ gpointer data)
+{
+ GdkPixbuf *logo;
+ GError *error = NULL;
+
+ debug("callback_do_about called\n");
+
+ logo = gdk_pixbuf_new_from_file(SAMBA_IMAGE_PATH,
+ &error);
+ if (logo == NULL) {
+ g_print("failed to load logo from %s: %s\n",
+ SAMBA_IMAGE_PATH, error->message);
+ }
+
+ gtk_show_about_dialog(data,
+ "name", "Samba",
+ "version", "3.2.0pre2-GIT-904a90-test",
+ "copyright", "Copyright Andrew Tridgell and the Samba Team 1992-2007",
+ "website", "http://www.samba.org",
+ "license", "GPLv3",
+ "logo", logo,
+ "comments", "Samba gtk domain join utility",
+ NULL);
+}
+
+static int draw_main_window(struct join_state *state)
+{
+ GtkWidget *window;
+ GtkWidget *button;
+ GtkWidget *label;
+ GtkWidget *main_vbox;
+ GtkWidget *vbox;
+ GtkWidget *hbox;
+ GtkWidget *bbox;
+ GtkWidget *image;
+ GtkWidget *table;
+ GtkWidget *entry;
+ GdkPixbuf *icon;
+ GError *error = NULL;
+
+ icon = gdk_pixbuf_new_from_file(SAMBA_ICON_PATH,
+ &error);
+ if (icon == NULL) {
+ g_print("failed to load logo from %s : %s\n",
+ SAMBA_ICON_PATH, error->message);
+ }
+
+#if 1
+ image = gtk_image_new_from_file(SAMBA_IMAGE_PATH);
+#else
+ image = gtk_image_new_from_file("/usr/share/pixmaps/redhat-system_settings.png");
+#endif
+
+ window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
+ state->window_main = window;
+
+ gtk_window_set_title(GTK_WINDOW(window), "Samba - Join Domain dialogue");
+ gtk_widget_set_size_request(GTK_WIDGET(window), 600, 600); /* breite * höhe */
+ gtk_window_set_resizable(GTK_WINDOW(window), FALSE);
+ gtk_window_set_icon_from_file(GTK_WINDOW(window), SAMBA_ICON_PATH, NULL);
+
+ g_signal_connect(G_OBJECT(window), "delete_event",
+ G_CALLBACK(callback_delete_event), NULL);
+
+ gtk_container_set_border_width(GTK_CONTAINER(window), 10);
+
+ main_vbox = gtk_vbox_new(FALSE, 10);
+ gtk_container_add(GTK_CONTAINER(window), main_vbox);
+
+#if 0
+ gtk_box_pack_start(GTK_BOX(main_vbox), image, TRUE, TRUE, 10);
+ gtk_widget_show(image);
+#endif
+ /* Hbox */
+ hbox = gtk_hbox_new(FALSE, 10);
+ gtk_container_add(GTK_CONTAINER(main_vbox), hbox);
+
+ {
+/* gtk_box_pack_start(GTK_BOX(main_vbox), image, TRUE, TRUE, 10); */
+ gtk_misc_set_alignment(GTK_MISC(image), 0, 0);
+ gtk_box_pack_start(GTK_BOX(hbox), image, FALSE, FALSE, 10);
+ gtk_widget_show(image);
+
+ /* Label */
+ label = gtk_label_new("Samba uses the following information to identify your computer on the network.");
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_widget_set_size_request(GTK_WIDGET(label), 500, 40);
+ gtk_label_set_line_wrap(GTK_LABEL(label), TRUE);
+ gtk_box_pack_start(GTK_BOX(hbox), label, FALSE, FALSE, 0);
+ gtk_widget_show(label);
+ }
+
+ gtk_widget_show(hbox);
+
+ vbox = gtk_vbox_new(FALSE, 0);
+ gtk_container_set_border_width(GTK_CONTAINER(vbox), 10);
+ gtk_container_add(GTK_CONTAINER(main_vbox), vbox);
+
+ /* Table */
+ table = gtk_table_new(6, 3, TRUE);
+ gtk_table_set_row_spacings(GTK_TABLE(table), 5);
+ gtk_table_set_col_spacings(GTK_TABLE(table), 5);
+ gtk_container_add(GTK_CONTAINER(vbox), table);
+
+ {
+ /* Label */
+ label = gtk_label_new("Computer description:");
+/* gtk_misc_set_alignment(GTK_MISC(label), 0, 0); */
+ gtk_table_attach_defaults(GTK_TABLE(table), label, 0, 1, 0, 1);
+ gtk_widget_show(label);
+
+ state->button_apply = gtk_button_new_from_stock(GTK_STOCK_APPLY);
+
+ /* Entry */
+ entry = gtk_entry_new();
+ gtk_entry_set_max_length(GTK_ENTRY(entry), 256);
+ g_signal_connect(G_OBJECT(entry), "changed",
+ G_CALLBACK(callback_enter_computer_description_and_unlock),
+ state);
+ g_signal_connect(G_OBJECT(entry), "activate",
+ G_CALLBACK(callback_apply_continue),
+ (gpointer)state);
+
+ gtk_entry_set_text(GTK_ENTRY(entry), (char *)state->comment);
+ gtk_editable_set_editable(GTK_EDITABLE(entry), TRUE); /* ! */
+ gtk_table_attach_defaults(GTK_TABLE(table), entry, 1, 3, 0, 1);
+ gtk_widget_show(entry);
+ }
+
+ /* Label */
+ label = gtk_label_new("For example: \"Samba \%v\".");
+ gtk_label_set_line_wrap(GTK_LABEL(label), TRUE);
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_table_attach_defaults(GTK_TABLE(table), label, 1, 3, 1, 2);
+ gtk_widget_show(label);
+
+ /* Label */
+ label = gtk_label_new("Full computer name:");
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_table_attach_defaults(GTK_TABLE(table), label, 0, 1, 2, 3);
+ gtk_widget_show(label);
+
+ {
+ /* Label */
+ char *str = NULL;
+ if (state->name_type_initial == NetSetupDomainName) {
+ asprintf(&str, "%s.%s", state->my_hostname,
+ state->my_dnsdomain);
+ } else {
+ asprintf(&str, "%s.", state->my_hostname);
+ }
+
+ label = gtk_label_new(str);
+ SAFE_FREE(str);
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_table_attach_defaults(GTK_TABLE(table), label, 1, 3, 2, 3);
+ gtk_widget_show(label);
+ }
+
+ /* Label */
+ if (state->name_type_initial == NetSetupDomainName) {
+ label = gtk_label_new("Domain:");
+ } else {
+ label = gtk_label_new("Workgroup:");
+ }
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_table_attach_defaults(GTK_TABLE(table), label, 0, 1, 3, 4);
+ gtk_widget_show(label);
+ state->label_current_name_type = label;
+
+ /* Label */
+ label = gtk_label_new(state->name_buffer_initial);
+ gtk_misc_set_alignment(GTK_MISC(label), 0, 0);
+ gtk_table_attach_defaults(GTK_TABLE(table), label, 1, 3, 3, 4);
+ gtk_widget_show(label);
+ state->label_current_name_buffer = label;
+
+ {
+ hbox = gtk_hbox_new(FALSE, 0);
+ gtk_container_add(GTK_CONTAINER(vbox), hbox);
+ label = gtk_label_new("To rename this computer or join a domain, click Change.");
+ gtk_box_pack_start(GTK_BOX(hbox), label, FALSE, FALSE, 0);
+
+
+ }
+
+ /* bbox */
+ bbox = gtk_hbutton_box_new();
+ gtk_container_set_border_width(GTK_CONTAINER(bbox), 5);
+ gtk_container_add(GTK_CONTAINER(hbox), bbox);
+ gtk_button_box_set_layout(GTK_BUTTON_BOX(bbox), GTK_BUTTONBOX_END);
+ gtk_box_set_spacing(GTK_BOX(bbox), 10);
+
+ button = gtk_button_new_with_mnemonic("Ch_ange");
+ g_signal_connect(G_OBJECT(button), "clicked",
+ G_CALLBACK(callback_do_change),
+ (gpointer)state);
+ gtk_box_pack_start(GTK_BOX(bbox), button, TRUE, TRUE, 0);
+ gtk_widget_show(button);
+
+ /* Label (hidden) */
+ state->label_reboot = gtk_label_new(NULL);
+ gtk_label_set_line_wrap(GTK_LABEL(state->label_reboot), TRUE);
+ gtk_misc_set_alignment(GTK_MISC(state->label_reboot), 0, 0);
+ gtk_box_pack_start(GTK_BOX(vbox), state->label_reboot, TRUE, TRUE, 0);
+ gtk_widget_show(state->label_reboot);
+
+#if 0
+ gtk_box_pack_start(GTK_BOX(vbox),
+ create_bbox(window, TRUE, NULL, 10, 85, 20, GTK_BUTTONBOX_END),
+ TRUE, TRUE, 5);
+#endif
+ {
+
+ GtkWidget *frame;
+ GtkWidget *bbox2;
+ GtkWidget *button2;
+
+ frame = gtk_frame_new(NULL);
+ bbox2 = gtk_hbutton_box_new();
+
+ gtk_container_set_border_width(GTK_CONTAINER(bbox2), 5);
+ gtk_container_add(GTK_CONTAINER(frame), bbox2);
+
+ /* Set the appearance of the Button Box */
+ gtk_button_box_set_layout(GTK_BUTTON_BOX(bbox2), GTK_BUTTONBOX_END);
+ gtk_box_set_spacing(GTK_BOX(bbox2), 10);
+ /*gtk_button_box_set_child_size(GTK_BUTTON_BOX(bbox2), child_w, child_h);*/
+
+ button2 = gtk_button_new_from_stock(GTK_STOCK_OK);
+ gtk_container_add(GTK_CONTAINER(bbox2), button2);
+ g_signal_connect(G_OBJECT(button2), "clicked", G_CALLBACK(callback_do_exit), state);
+
+ button2 = gtk_button_new_from_stock(GTK_STOCK_CANCEL);
+ gtk_container_add(GTK_CONTAINER(bbox2), button2);
+ g_signal_connect(G_OBJECT(button2), "clicked",
+ G_CALLBACK(callback_delete_event),
+ window);
+
+ gtk_container_add(GTK_CONTAINER(bbox2), state->button_apply);
+ g_signal_connect(G_OBJECT(state->button_apply), "clicked",
+ G_CALLBACK(callback_apply_description_change),
+ state);
+ gtk_widget_set_sensitive(GTK_WIDGET(state->button_apply), FALSE);
+
+ button2 = gtk_button_new_from_stock(GTK_STOCK_ABOUT);
+ gtk_container_add(GTK_CONTAINER(bbox2), button2);
+ g_signal_connect(G_OBJECT(button2), "clicked",
+ G_CALLBACK(callback_do_about),
+ window);
+
+ gtk_box_pack_start(GTK_BOX(vbox), frame, TRUE, TRUE, 5);
+ }
+
+ gtk_widget_show_all(window);
+
+ return 0;
+}
+
+static int init_join_state(struct join_state **state)
+{
+ struct join_state *s;
+
+ s = malloc(sizeof(struct join_state));
+ if (!s) {
+ return -1;
+ }
+
+ memset(s, '\0', sizeof(struct join_state));
+
+ *state = s;
+
+ return 0;
+}
+
+static int initialize_join_state(struct join_state *state,
+ const char *debug_level)
+{
+ struct libnetapi_ctx *ctx = NULL;
+ NET_API_STATUS status = 0;
+
+ status = libnetapi_init(&ctx);
+ if (status) {
+ return status;
+ }
+
+ if (debug_level) {
+ libnetapi_set_debuglevel(ctx, debug_level);
+ }
+
+ {
+ char my_hostname[HOST_NAME_MAX];
+ const char *p = NULL;
+ if (gethostname(my_hostname, sizeof(my_hostname)) == -1) {
+ return -1;
+ }
+
+ state->my_fqdn = strdup(my_hostname);
+ if (!state->my_fqdn) {
+ return -1;
+ }
+
+ p = strchr(my_hostname, '.');
+ if (p) {
+ my_hostname[strlen(my_hostname) - strlen(p)] = '\0';
+ state->my_hostname = strdup(my_hostname);
+ if (!state->my_hostname) {
+ return -1;
+ }
+ p++;
+ state->my_dnsdomain = strdup(p);
+ if (!state->my_dnsdomain) {
+ return -1;
+ }
+ }
+ }
+
+ {
+ const char *buffer = NULL;
+ uint16_t type = 0;
+ status = NetGetJoinInformation(NULL, &buffer, &type);
+ if (status) {
+ return status;
+ }
+ state->name_buffer_initial = (char *)buffer;
+ state->name_type_initial = type;
+ }
+
+ {
+ struct srvsvc_NetSrvInfo1005 *info1005 = NULL;
+ uint8_t *buffer = NULL;
+
+ status = NetServerGetInfo(NULL, 1005, &buffer);
+ if (status) {
+ return status;
+ }
+
+ info1005 = (struct srvsvc_NetSrvInfo1005 *)buffer;
+
+ state->comment = strdup(info1005->comment);
+ if (!state->comment) {
+ return -1;
+ }
+ }
+#if 0
+ {
+ struct srvsvc_NetSrvInfo100 *info100 = NULL;
+ uint8_t *buffer = NULL;
+
+ status = NetServerGetInfo(NULL, 100, &buffer);
+ if (status) {
+ return status;
+ }
+
+ info100 = (struct srvsvc_NetSrvInfo100 *)buffer;
+
+ state->comment = strdup(info100->comment);
+ if (!state->comment) {
+ return -1;
+ }
+ }
+#endif
+
+ state->ctx = ctx;
+
+ return 0;
+}
+
+int main(int argc, char **argv)
+{
+ GOptionContext *context = NULL;
+ static const char *debug_level = NULL;
+ struct join_state *state = NULL;
+ GError *error = NULL;
+ int ret = 0;
+
+ static GOptionEntry entries[] = {
+ { "debug", 'd', 0, G_OPTION_ARG_STRING, &debug_level, "Debug level (for samba)", "N" },
+ { "verbose", 'v', 0, G_OPTION_ARG_NONE, &verbose, "Verbose output", 0 },
+ { NULL }
+ };
+
+ context = g_option_context_new("- Samba domain join utility");
+ g_option_context_add_main_entries(context, entries, NULL);
+/* g_option_context_add_main_entries(context, entries, GETTEXT_PACKAGE); */
+ g_option_context_add_group(context, gtk_get_option_group(TRUE));
+ g_option_context_parse(context, &argc, &argv, &error);
+
+ gtk_init(&argc, &argv);
+ g_set_application_name("Samba");
+
+ ret = init_join_state(&state);
+ if (ret) {
+ return ret;
+ }
+
+ ret = initialize_join_state(state, debug_level);
+ if (ret) {
+ return ret;
+ }
+
+ draw_main_window(state);
+
+ gtk_main();
+
+ do_cleanup(state);
+
+ return 0;
+}
diff --git a/source3/lib/netapi/examples/netdomjoin-gui/samba.ico b/source3/lib/netapi/examples/netdomjoin-gui/samba.ico
new file mode 100755
index 0000000000..b70c9590de
--- /dev/null
+++ b/source3/lib/netapi/examples/netdomjoin-gui/samba.ico
Binary files differ
diff --git a/source3/lib/netapi/examples/netdomjoin/netdomjoin.c b/source3/lib/netapi/examples/netdomjoin/netdomjoin.c
new file mode 100644
index 0000000000..e8b529927f
--- /dev/null
+++ b/source3/lib/netapi/examples/netdomjoin/netdomjoin.c
@@ -0,0 +1,107 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * Join Support (cmdline + netapi)
+ * Copyright (C) Guenther Deschner 2007
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <sys/types.h>
+#include <inttypes.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <netapi.h>
+
+char *get_string_param(const char *param)
+{
+ char *p;
+
+ p = strchr(param, '=');
+ if (!p) {
+ return NULL;
+ }
+
+ return (p+1);
+}
+
+int main(int argc, char **argv)
+{
+ NET_API_STATUS status;
+ const char *server_name = NULL;
+ const char *domain_name = NULL;
+ const char *account_ou = NULL;
+ const char *Account = NULL;
+ const char *password = NULL;
+ uint32_t join_flags = 3;
+ struct libnetapi_ctx *ctx = NULL;
+ int i;
+
+ status = libnetapi_init(&ctx);
+ if (status != 0) {
+ return status;
+ }
+
+ if (argc < 2) {
+ printf("usage: netdomjoin\n");
+ printf("\t[hostname=HOSTNAME] [domain=DOMAIN] <ou=OU> <usero=USERO> <passwordo=PASSWORDO> <userd=USERD> <passwordd=PASSWORDD>\n");
+ return 0;
+ }
+
+ if (argc > 2) {
+ server_name = argv[1];
+ }
+
+ for (i=0; i<argc; i++) {
+ if (strncasecmp(argv[i], "ou", strlen("ou")) == 0) {
+ account_ou = get_string_param(argv[i]);
+ }
+ if (strncasecmp(argv[i], "domain", strlen("domain"))== 0) {
+ domain_name = get_string_param(argv[i]);
+ }
+ if (strncasecmp(argv[i], "userd", strlen("userd"))== 0) {
+ Account = get_string_param(argv[i]);
+ }
+ if (strncasecmp(argv[i], "passwordd", strlen("passwordd"))== 0) {
+ password = get_string_param(argv[i]);
+ }
+ if (strncasecmp(argv[i], "usero", strlen("usero"))== 0) {
+ const char *str = NULL;
+ str = get_string_param(argv[i]);
+ libnetapi_set_username(ctx, str);
+ }
+ if (strncasecmp(argv[i], "passwordo", strlen("passwordo"))== 0) {
+ const char *str = NULL;
+ str = get_string_param(argv[i]);
+ libnetapi_set_password(ctx, str);
+ }
+ }
+
+ status = NetJoinDomain(server_name,
+ domain_name,
+ account_ou,
+ Account,
+ password,
+ join_flags);
+ if (status != 0) {
+ printf("Join failed with: %s\n", libnetapi_errstr(ctx, status));
+ } else {
+ printf("Successfully joined\n");
+ }
+
+ libnetapi_free(ctx);
+
+ return status;
+}
diff --git a/source3/lib/netapi/getdc.c b/source3/lib/netapi/getdc.c
new file mode 100644
index 0000000000..85a0ae52ef
--- /dev/null
+++ b/source3/lib/netapi/getdc.c
@@ -0,0 +1,243 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * NetApi GetDC Support
+ * Copyright (C) Guenther Deschner 2007
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+#include "lib/netapi/netapi.h"
+#include "libnet/libnet.h"
+
+#if 0
+#include "librpc/gen_ndr/cli_netlogon.h"
+#endif
+
+NTSTATUS rpccli_netr_GetDcName(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ const char *logon_server,
+ const char *domainname,
+ const char **dcname);
+NTSTATUS rpccli_netr_GetAnyDCName(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ const char *logon_server,
+ const char *domainname,
+ const char **dcname,
+ WERROR *werror);
+
+static WERROR NetGetDCNameLocal(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char *domain_name,
+ uint8_t **buffer)
+{
+ return WERR_NOT_SUPPORTED;
+}
+
+static WERROR NetGetDCNameRemote(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char *domain_name,
+ uint8_t **buffer)
+{
+ struct cli_state *cli = NULL;
+ struct rpc_pipe_client *pipe_cli = NULL;
+ NTSTATUS status;
+ WERROR werr;
+
+ status = cli_full_connection(&cli, NULL, server_name,
+ NULL, 0,
+ "IPC$", "IPC",
+ ctx->username,
+ ctx->workgroup,
+ ctx->password,
+ 0, Undefined, NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_NETLOGON,
+ &status);
+ if (!pipe_cli) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ };
+
+#if 0
+ werr = rpccli_netr_GetDcName(pipe_cli, ctx,
+ server_name,
+ domain_name,
+ (const char **)&buffer);
+#else
+ werr = rpccli_netlogon_getdcname(pipe_cli, ctx,
+ server_name,
+ domain_name,
+ (char **)buffer);
+#endif
+ done:
+ if (cli) {
+ cli_shutdown(cli);
+ }
+
+ return werr;
+}
+
+static WERROR libnetapi_NetGetDCName(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char *domain_name,
+ uint8_t **buffer)
+{
+ if (!server_name || is_myname_or_ipaddr(server_name)) {
+ return NetGetDCNameLocal(ctx,
+ server_name,
+ domain_name,
+ buffer);
+ }
+
+ return NetGetDCNameRemote(ctx,
+ server_name,
+ domain_name,
+ buffer);
+}
+
+NET_API_STATUS NetGetDCName(const char *server_name,
+ const char *domain_name,
+ uint8_t **buffer)
+{
+ struct libnetapi_ctx *ctx = NULL;
+ NET_API_STATUS status;
+ WERROR werr;
+
+ status = libnetapi_getctx(&ctx);
+ if (status != 0) {
+ return status;
+ }
+
+ werr = libnetapi_NetGetDCName(ctx,
+ server_name,
+ domain_name,
+ buffer);
+ if (!W_ERROR_IS_OK(werr)) {
+ return W_ERROR_V(werr);
+ }
+
+ return 0;
+}
+
+static WERROR NetGetAnyDCNameLocal(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char *domain_name,
+ uint8_t **buffer)
+{
+ return WERR_NOT_SUPPORTED;
+}
+
+static WERROR NetGetAnyDCNameRemote(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char *domain_name,
+ uint8_t **buffer)
+{
+ struct cli_state *cli = NULL;
+ struct rpc_pipe_client *pipe_cli = NULL;
+ NTSTATUS status;
+ WERROR werr;
+
+ status = cli_full_connection(&cli, NULL, server_name,
+ NULL, 0,
+ "IPC$", "IPC",
+ ctx->username,
+ ctx->workgroup,
+ ctx->password,
+ 0, Undefined, NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_NETLOGON,
+ &status);
+ if (!pipe_cli) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ };
+
+#if 0
+ status = rpccli_netr_GetAnyDCName(pipe_cli, ctx,
+ server_name,
+ domain_name,
+ (const char **)&buffer,
+ &werr);
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+#else
+ werr = rpccli_netlogon_getanydcname(pipe_cli, ctx,
+ server_name,
+ domain_name,
+ (char **)buffer);
+#endif
+ done:
+ if (cli) {
+ cli_shutdown(cli);
+ }
+
+ return werr;
+
+}
+
+static WERROR libnetapi_NetGetAnyDCName(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char *domain_name,
+ uint8_t **buffer)
+{
+ if (!server_name || is_myname_or_ipaddr(server_name)) {
+ return NetGetAnyDCNameLocal(ctx,
+ server_name,
+ domain_name,
+ buffer);
+ }
+
+ return NetGetAnyDCNameRemote(ctx,
+ server_name,
+ domain_name,
+ buffer);
+}
+
+NET_API_STATUS NetGetAnyDCName(const char *server_name,
+ const char *domain_name,
+ uint8_t **buffer)
+{
+ struct libnetapi_ctx *ctx = NULL;
+ NET_API_STATUS status;
+ WERROR werr;
+
+ status = libnetapi_getctx(&ctx);
+ if (status != 0) {
+ return status;
+ }
+
+ werr = libnetapi_NetGetAnyDCName(ctx,
+ server_name,
+ domain_name,
+ buffer);
+ if (!W_ERROR_IS_OK(werr)) {
+ return W_ERROR_V(werr);
+ }
+
+ return 0;
+}
diff --git a/source3/lib/netapi/joindomain.c b/source3/lib/netapi/joindomain.c
index 210763174e..e3d5eada02 100644
--- a/source3/lib/netapi/joindomain.c
+++ b/source3/lib/netapi/joindomain.c
@@ -19,56 +19,96 @@
#include "includes.h"
-extern const char *opt_user_name;
-extern const char *opt_workgroup;
-extern const char *opt_password;
-
-WERROR NetJoinDomain(const char *server_name,
- const char *domain_name,
- const char *account_ou,
- const char *Account,
- const char *password,
- uint32_t join_flags)
+#include "lib/netapi/netapi.h"
+#include "libnet/libnet.h"
+
+static WERROR NetJoinDomainLocal(struct libnetapi_ctx *mem_ctx,
+ const char *server_name,
+ const char *domain_name,
+ const char *account_ou,
+ const char *Account,
+ const char *password,
+ uint32_t join_flags)
{
- TALLOC_CTX *mem_ctx = NULL;
- struct cli_state *cli = NULL;
- struct rpc_pipe_client *pipe_cli = NULL;
- struct wkssvc_PasswordBuffer encrypted_password;
- NTSTATUS status;
+ struct libnet_JoinCtx *r = NULL;
WERROR werr;
- unsigned int old_timeout = 0;
- ZERO_STRUCT(encrypted_password);
+ werr = libnet_init_JoinCtx(mem_ctx, &r);
+ W_ERROR_NOT_OK_RETURN(werr);
- mem_ctx = talloc_init("NetJoinDomain");
- if (!mem_ctx) {
- werr = WERR_NOMEM;
- goto done;
+ if (!domain_name) {
+ return WERR_INVALID_PARAM;
}
- if (!server_name || is_myname_or_ipaddr(server_name)) {
- werr = WERR_NOT_SUPPORTED;
- goto done;
+ r->in.domain_name = talloc_strdup(mem_ctx, domain_name);
+ W_ERROR_HAVE_NO_MEMORY(r->in.domain_name);
+
+ if (join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) {
+ NTSTATUS status;
+ struct DS_DOMAIN_CONTROLLER_INFO *info = NULL;
+ uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED |
+ DS_WRITABLE_REQUIRED |
+ DS_RETURN_DNS_NAME;
+ status = DsGetDcName(mem_ctx, NULL, domain_name,
+ NULL, NULL, flags, &info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return ntstatus_to_werror(status);
+ }
+ r->in.server_name = talloc_strdup(mem_ctx, info->domain_controller_name);
+ W_ERROR_HAVE_NO_MEMORY(r->in.server_name);
}
- if (!domain_name) {
- werr = WERR_INVALID_PARAM;
- goto done;
+ if (account_ou) {
+ r->in.account_ou = talloc_strdup(mem_ctx, account_ou);
+ W_ERROR_HAVE_NO_MEMORY(r->in.account_ou);
+ }
+
+ if (Account) {
+ r->in.admin_account = talloc_strdup(mem_ctx, Account);
+ W_ERROR_HAVE_NO_MEMORY(r->in.admin_account);
}
+ if (password) {
+ r->in.password = talloc_strdup(mem_ctx, password);
+ W_ERROR_HAVE_NO_MEMORY(r->in.password);
+ }
+
+ r->in.join_flags = join_flags;
+ r->in.modify_config = true;
+
+ return libnet_Join(mem_ctx, r);
+}
+
+static WERROR NetJoinDomainRemote(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char *domain_name,
+ const char *account_ou,
+ const char *Account,
+ const char *password,
+ uint32_t join_flags)
+{
+ struct cli_state *cli = NULL;
+ struct rpc_pipe_client *pipe_cli = NULL;
+ struct wkssvc_PasswordBuffer encrypted_password;
+ NTSTATUS status;
+ WERROR werr;
+ unsigned int old_timeout = 0;
+
+ ZERO_STRUCT(encrypted_password);
+
status = cli_full_connection(&cli, NULL, server_name,
NULL, 0,
"IPC$", "IPC",
- opt_user_name, opt_workgroup,
- opt_password, 0, Undefined, NULL);
+ ctx->username,
+ ctx->workgroup,
+ ctx->password,
+ 0, Undefined, NULL);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
goto done;
}
- old_timeout = cli_set_timeout(cli, 60000);
-
pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_WKSSVC,
&status);
if (!pipe_cli) {
@@ -77,7 +117,7 @@ WERROR NetJoinDomain(const char *server_name,
};
if (password) {
- encode_wkssvc_join_password_buffer(mem_ctx,
+ encode_wkssvc_join_password_buffer(ctx,
password,
&cli->user_session_key,
&encrypted_password);
@@ -85,7 +125,7 @@ WERROR NetJoinDomain(const char *server_name,
old_timeout = cli_set_timeout(cli, 60000);
- status = rpccli_wkssvc_NetrJoinDomain2(pipe_cli, mem_ctx,
+ status = rpccli_wkssvc_NetrJoinDomain2(pipe_cli, ctx,
server_name, domain_name,
account_ou, Account,
&encrypted_password,
@@ -100,17 +140,140 @@ WERROR NetJoinDomain(const char *server_name,
cli_set_timeout(cli, old_timeout);
cli_shutdown(cli);
}
- TALLOC_FREE(mem_ctx);
return werr;
}
-WERROR NetUnjoinDomain(const char *server_name,
- const char *account,
- const char *password,
- uint32_t unjoin_flags)
+static WERROR libnetapi_NetJoinDomain(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char *domain_name,
+ const char *account_ou,
+ const char *Account,
+ const char *password,
+ uint32_t join_flags)
+{
+ if (!domain_name) {
+ return WERR_INVALID_PARAM;
+ }
+
+ if (!server_name || is_myname_or_ipaddr(server_name)) {
+
+ return NetJoinDomainLocal(ctx,
+ server_name,
+ domain_name,
+ account_ou,
+ Account,
+ password,
+ join_flags);
+ }
+
+ return NetJoinDomainRemote(ctx,
+ server_name,
+ domain_name,
+ account_ou,
+ Account,
+ password,
+ join_flags);
+}
+
+NET_API_STATUS NetJoinDomain(const char *server_name,
+ const char *domain_name,
+ const char *account_ou,
+ const char *Account,
+ const char *password,
+ uint32_t join_flags)
+{
+ struct libnetapi_ctx *ctx = NULL;
+ NET_API_STATUS status;
+ WERROR werr;
+
+ status = libnetapi_getctx(&ctx);
+ if (status != 0) {
+ return status;
+ }
+
+ werr = libnetapi_NetJoinDomain(ctx,
+ server_name,
+ domain_name,
+ account_ou,
+ Account,
+ password,
+ join_flags);
+ if (!W_ERROR_IS_OK(werr)) {
+ return W_ERROR_V(werr);
+ }
+
+ return 0;
+}
+
+static WERROR NetUnjoinDomainLocal(struct libnetapi_ctx *mem_ctx,
+ const char *server_name,
+ const char *account,
+ const char *password,
+ uint32_t unjoin_flags)
+{
+ struct libnet_UnjoinCtx *r = NULL;
+ struct dom_sid domain_sid;
+ WERROR werr;
+
+ if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) {
+ return WERR_SETUP_NOT_JOINED;
+ }
+
+ werr = libnet_init_UnjoinCtx(mem_ctx, &r);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ if (server_name) {
+ r->in.server_name = talloc_strdup(mem_ctx, server_name);
+ W_ERROR_HAVE_NO_MEMORY(r->in.server_name);
+ } else {
+
+ NTSTATUS status;
+ const char *domain = NULL;
+ struct DS_DOMAIN_CONTROLLER_INFO *info = NULL;
+ uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED |
+ DS_WRITABLE_REQUIRED |
+ DS_IS_FLAT_NAME |
+ DS_RETURN_DNS_NAME;
+ if (lp_realm()) {
+ domain = lp_realm();
+ } else {
+ domain = lp_workgroup();
+ }
+ status = DsGetDcName(mem_ctx, NULL, domain,
+ NULL, NULL, flags, &info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return ntstatus_to_werror(status);
+ }
+ r->in.server_name = talloc_strdup(mem_ctx, info->domain_controller_name);
+ W_ERROR_HAVE_NO_MEMORY(r->in.server_name);
+ }
+
+ if (account) {
+ r->in.admin_account = talloc_strdup(mem_ctx, account);
+ W_ERROR_HAVE_NO_MEMORY(r->in.admin_account);
+ }
+
+ if (password) {
+ r->in.password = talloc_strdup(mem_ctx, password);
+ W_ERROR_HAVE_NO_MEMORY(r->in.password);
+ }
+
+ r->in.unjoin_flags = unjoin_flags;
+ r->in.modify_config = true;
+
+ r->in.domain_sid = &domain_sid;
+
+ return libnet_Unjoin(mem_ctx, r);
+
+}
+
+static WERROR NetUnjoinDomainRemote(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char *account,
+ const char *password,
+ uint32_t unjoin_flags)
{
- TALLOC_CTX *mem_ctx = NULL;
struct cli_state *cli = NULL;
struct rpc_pipe_client *pipe_cli = NULL;
struct wkssvc_PasswordBuffer encrypted_password;
@@ -120,30 +283,19 @@ WERROR NetUnjoinDomain(const char *server_name,
ZERO_STRUCT(encrypted_password);
- mem_ctx = talloc_init("NetUnjoinDomain");
- if (!mem_ctx) {
- werr = WERR_NOMEM;
- goto done;
- }
-
- if (!server_name || is_myname_or_ipaddr(server_name)) {
- werr = WERR_NOT_SUPPORTED;
- goto done;
- }
-
status = cli_full_connection(&cli, NULL, server_name,
NULL, 0,
"IPC$", "IPC",
- opt_user_name, opt_workgroup,
- opt_password, 0, Undefined, NULL);
+ ctx->username,
+ ctx->workgroup,
+ ctx->password,
+ 0, Undefined, NULL);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
goto done;
}
- old_timeout = cli_set_timeout(cli, 60000);
-
pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_WKSSVC,
&status);
if (!pipe_cli) {
@@ -152,7 +304,7 @@ WERROR NetUnjoinDomain(const char *server_name,
};
if (password) {
- encode_wkssvc_join_password_buffer(mem_ctx,
+ encode_wkssvc_join_password_buffer(ctx,
password,
&cli->user_session_key,
&encrypted_password);
@@ -160,7 +312,7 @@ WERROR NetUnjoinDomain(const char *server_name,
old_timeout = cli_set_timeout(cli, 60000);
- status = rpccli_wkssvc_NetrUnjoinDomain2(pipe_cli, mem_ctx,
+ status = rpccli_wkssvc_NetrUnjoinDomain2(pipe_cli, ctx,
server_name,
account,
&encrypted_password,
@@ -176,7 +328,173 @@ WERROR NetUnjoinDomain(const char *server_name,
cli_set_timeout(cli, old_timeout);
cli_shutdown(cli);
}
- TALLOC_FREE(mem_ctx);
return werr;
}
+
+static WERROR libnetapi_NetUnjoinDomain(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char *account,
+ const char *password,
+ uint32_t unjoin_flags)
+{
+ if (!server_name || is_myname_or_ipaddr(server_name)) {
+
+ return NetUnjoinDomainLocal(ctx,
+ server_name,
+ account,
+ password,
+ unjoin_flags);
+ }
+
+ return NetUnjoinDomainRemote(ctx,
+ server_name,
+ account,
+ password,
+ unjoin_flags);
+}
+
+NET_API_STATUS NetUnjoinDomain(const char *server_name,
+ const char *account,
+ const char *password,
+ uint32_t unjoin_flags)
+{
+ struct libnetapi_ctx *ctx = NULL;
+ NET_API_STATUS status;
+ WERROR werr;
+
+ status = libnetapi_getctx(&ctx);
+ if (status != 0) {
+ return status;
+ }
+
+ werr = libnetapi_NetUnjoinDomain(ctx,
+ server_name,
+ account,
+ password,
+ unjoin_flags);
+ if (!W_ERROR_IS_OK(werr)) {
+ return W_ERROR_V(werr);
+ }
+
+ return 0;
+}
+
+static WERROR NetGetJoinInformationRemote(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char **name_buffer,
+ uint16_t *name_type)
+{
+ struct cli_state *cli = NULL;
+ struct rpc_pipe_client *pipe_cli = NULL;
+ NTSTATUS status;
+ WERROR werr;
+
+ status = cli_full_connection(&cli, NULL, server_name,
+ NULL, 0,
+ "IPC$", "IPC",
+ ctx->username,
+ ctx->workgroup,
+ ctx->password,
+ 0, Undefined, NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_WKSSVC,
+ &status);
+ if (!pipe_cli) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ };
+
+ status = rpccli_wkssvc_NetrGetJoinInformation(pipe_cli, ctx,
+ server_name,
+ name_buffer,
+ (enum wkssvc_NetJoinStatus *)name_type,
+ &werr);
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ done:
+ if (cli) {
+ cli_shutdown(cli);
+ }
+
+ return werr;
+}
+
+static WERROR NetGetJoinInformationLocal(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char **name_buffer,
+ uint16_t *name_type)
+{
+ if ((lp_security() == SEC_ADS) && lp_realm()) {
+ *name_buffer = SMB_STRDUP(lp_realm());
+ } else {
+ *name_buffer = SMB_STRDUP(lp_workgroup());
+ }
+ if (!*name_buffer) {
+ return WERR_NOMEM;
+ }
+
+ switch (lp_server_role()) {
+ case ROLE_DOMAIN_MEMBER:
+ case ROLE_DOMAIN_PDC:
+ case ROLE_DOMAIN_BDC:
+ *name_type = NetSetupDomainName;
+ break;
+ case ROLE_STANDALONE:
+ default:
+ *name_type = NetSetupWorkgroupName;
+ break;
+ }
+
+ return WERR_OK;
+}
+
+static WERROR libnetapi_NetGetJoinInformation(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ const char **name_buffer,
+ uint16_t *name_type)
+{
+ if (!server_name || is_myname_or_ipaddr(server_name)) {
+ return NetGetJoinInformationLocal(ctx,
+ server_name,
+ name_buffer,
+ name_type);
+ }
+
+ return NetGetJoinInformationRemote(ctx,
+ server_name,
+ name_buffer,
+ name_type);
+}
+
+NET_API_STATUS NetGetJoinInformation(const char *server_name,
+ const char **name_buffer,
+ uint16_t *name_type)
+{
+ struct libnetapi_ctx *ctx = NULL;
+ NET_API_STATUS status;
+ WERROR werr;
+
+ status = libnetapi_getctx(&ctx);
+ if (status != 0) {
+ return status;
+ }
+
+ werr = libnetapi_NetGetJoinInformation(ctx,
+ server_name,
+ name_buffer,
+ name_type);
+ if (!W_ERROR_IS_OK(werr)) {
+ return W_ERROR_V(werr);
+ }
+
+ return 0;
+}
diff --git a/source3/lib/netapi/netapi.c b/source3/lib/netapi/netapi.c
new file mode 100644
index 0000000000..032798d0f9
--- /dev/null
+++ b/source3/lib/netapi/netapi.c
@@ -0,0 +1,160 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * NetApi Support
+ * Copyright (C) Guenther Deschner 2007
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+#include "lib/netapi/netapi.h"
+
+extern bool AllowDebugChange;
+
+struct libnetapi_ctx *stat_ctx = NULL;
+TALLOC_CTX *frame = NULL;
+static bool libnetapi_initialized = false;
+
+NET_API_STATUS libnetapi_init(struct libnetapi_ctx **context)
+{
+ struct libnetapi_ctx *ctx = NULL;
+
+ if (stat_ctx && libnetapi_initialized) {
+ *context = stat_ctx;
+ return W_ERROR_V(WERR_OK);
+ }
+
+ frame = talloc_stackframe();
+
+ ctx = talloc_zero(frame, struct libnetapi_ctx);
+ if (!ctx) {
+ TALLOC_FREE(frame);
+ return W_ERROR_V(WERR_NOMEM);
+ }
+
+ DEBUGLEVEL = 0;
+ setup_logging("libnetapi", true);
+
+ dbf = x_stderr;
+ x_setbuf(x_stderr, NULL);
+ AllowDebugChange = false;
+
+ load_case_tables();
+
+ if (!lp_load(get_dyn_CONFIGFILE(), true, false, false, false)) {
+ TALLOC_FREE(frame);
+ return W_ERROR_V(WERR_GENERAL_FAILURE);
+ }
+
+ AllowDebugChange = true;
+
+ init_names();
+ load_interfaces();
+ reopen_logs();
+
+ BlockSignals(True, SIGPIPE);
+
+ libnetapi_initialized = true;
+
+ *context = stat_ctx = ctx;
+
+ return W_ERROR_V(WERR_OK);
+}
+
+NET_API_STATUS libnetapi_getctx(struct libnetapi_ctx **ctx)
+{
+ if (stat_ctx) {
+ *ctx = stat_ctx;
+ return W_ERROR_V(WERR_OK);
+ }
+
+ return libnetapi_init(ctx);
+}
+
+NET_API_STATUS libnetapi_free(struct libnetapi_ctx *ctx)
+{
+ gfree_names();
+ gfree_loadparm();
+ gfree_case_tables();
+ gfree_charcnv();
+ gfree_interfaces();
+
+ TALLOC_FREE(ctx);
+ TALLOC_FREE(frame);
+
+ gfree_debugsyms();
+
+ return W_ERROR_V(WERR_OK);
+}
+
+NET_API_STATUS libnetapi_set_debuglevel(struct libnetapi_ctx *ctx,
+ const char *debuglevel)
+{
+ AllowDebugChange = true;
+ ctx->debuglevel = debuglevel;
+ if (!debug_parse_levels(debuglevel)) {
+ return W_ERROR_V(WERR_GENERAL_FAILURE);
+ }
+ return W_ERROR_V(WERR_OK);
+}
+
+NET_API_STATUS libnetapi_get_debuglevel(struct libnetapi_ctx *ctx,
+ const char **debuglevel)
+{
+ *debuglevel = ctx->debuglevel;
+ return W_ERROR_V(WERR_OK);
+}
+
+NET_API_STATUS libnetapi_set_username(struct libnetapi_ctx *ctx,
+ const char *username)
+{
+ TALLOC_FREE(ctx->username);
+ ctx->username = talloc_strdup(ctx, username);
+ if (!ctx->username) {
+ return W_ERROR_V(WERR_NOMEM);
+ }
+ return W_ERROR_V(WERR_OK);
+}
+
+NET_API_STATUS libnetapi_set_password(struct libnetapi_ctx *ctx,
+ const char *password)
+{
+ TALLOC_FREE(ctx->password);
+ ctx->password = talloc_strdup(ctx, password);
+ if (!ctx->password) {
+ return W_ERROR_V(WERR_NOMEM);
+ }
+ return W_ERROR_V(WERR_OK);
+}
+
+NET_API_STATUS libnetapi_set_workgroup(struct libnetapi_ctx *ctx,
+ const char *workgroup)
+{
+ TALLOC_FREE(ctx->workgroup);
+ ctx->workgroup = talloc_strdup(ctx, workgroup);
+ if (!ctx->workgroup) {
+ return W_ERROR_V(WERR_NOMEM);
+ }
+ return W_ERROR_V(WERR_OK);
+}
+
+const char *libnetapi_errstr(struct libnetapi_ctx *ctx,
+ NET_API_STATUS status)
+{
+ if (status & 0xc0000000) {
+ return get_friendly_nt_error_msg(NT_STATUS(status));
+ }
+
+ return get_friendly_werror_msg(W_ERROR(status));
+}
diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h
new file mode 100644
index 0000000000..0dd6d95ceb
--- /dev/null
+++ b/source3/lib/netapi/netapi.h
@@ -0,0 +1,74 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * NetApi Support
+ * Copyright (C) Guenther Deschner 2007
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef __LIB_NETAPI_H__
+#define __LIB_NETAPI_H__
+
+#define NET_API_STATUS uint32_t
+
+struct libnetapi_ctx {
+ const char *debuglevel;
+ char *username;
+ char *workgroup;
+ char *password;
+};
+
+NET_API_STATUS libnetapi_init(struct libnetapi_ctx **ctx);
+NET_API_STATUS libnetapi_getctx(struct libnetapi_ctx **ctx);
+NET_API_STATUS libnetapi_free(struct libnetapi_ctx *ctx);
+NET_API_STATUS libnetapi_set_debuglevel(struct libnetapi_ctx *ctx, const char *debuglevel);
+NET_API_STATUS libnetapi_get_debuglevel(struct libnetapi_ctx *ctx, const char **debuglevel);
+NET_API_STATUS libnetapi_set_username(struct libnetapi_ctx *ctx, const char *username);
+NET_API_STATUS libnetapi_set_password(struct libnetapi_ctx *ctx, const char *password);
+NET_API_STATUS libnetapi_set_workgroup(struct libnetapi_ctx *ctx, const char *workgroup);
+const char *libnetapi_errstr(struct libnetapi_ctx *ctx, NET_API_STATUS status);
+
+/* wkssvc */
+NET_API_STATUS NetJoinDomain(const char *server,
+ const char *domain,
+ const char *account_ou,
+ const char *account,
+ const char *password,
+ uint32_t join_options);
+NET_API_STATUS NetUnjoinDomain(const char *server_name,
+ const char *account,
+ const char *password,
+ uint32_t unjoin_flags);
+NET_API_STATUS NetGetJoinInformation(const char *server_name,
+ const char **name_buffer,
+ uint16_t *name_type);
+
+/* srvsvc */
+NET_API_STATUS NetServerGetInfo(const char *server_name,
+ uint32_t level,
+ uint8_t **buffer);
+NET_API_STATUS NetServerSetInfo(const char *server_name,
+ uint32_t level,
+ uint8_t *buffer,
+ uint32_t *parm_error);
+
+/* netlogon */
+NET_API_STATUS NetGetDCName(const char *server_name,
+ const char *domain_name,
+ uint8_t **buffer);
+NET_API_STATUS NetGetAnyDCName(const char *server_name,
+ const char *domain_name,
+ uint8_t **buffer);
+
+#endif
diff --git a/source3/lib/netapi/serverinfo.c b/source3/lib/netapi/serverinfo.c
new file mode 100644
index 0000000000..276a98c15e
--- /dev/null
+++ b/source3/lib/netapi/serverinfo.c
@@ -0,0 +1,297 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * NetApi Server Support
+ * Copyright (C) Guenther Deschner 2007
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+#include "lib/netapi/netapi.h"
+#include "libnet/libnet.h"
+
+static WERROR NetServerGetInfoLocal_1005(struct libnetapi_ctx *ctx,
+ uint8_t **buffer)
+{
+ struct srvsvc_NetSrvInfo1005 info1005;
+
+ info1005.comment = lp_serverstring();
+ *buffer = (uint8_t *)talloc_memdup(ctx, &info1005, sizeof(info1005));
+ if (!*buffer) {
+ return WERR_NOMEM;
+ }
+
+ return WERR_OK;
+}
+
+static WERROR NetServerGetInfoLocal(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ uint32_t level,
+ uint8_t **buffer)
+{
+ switch (level) {
+ case 1005:
+ return NetServerGetInfoLocal_1005(ctx, buffer);
+ default:
+ return WERR_UNKNOWN_LEVEL;
+ }
+
+ return WERR_UNKNOWN_LEVEL;
+}
+
+static WERROR NetServerGetInfoRemote(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ uint32_t level,
+ uint8_t **buffer)
+{
+ struct cli_state *cli = NULL;
+ struct rpc_pipe_client *pipe_cli = NULL;
+ NTSTATUS status;
+ WERROR werr;
+ union srvsvc_NetSrvInfo info;
+
+ status = cli_full_connection(&cli, NULL, server_name,
+ NULL, 0,
+ "IPC$", "IPC",
+ ctx->username,
+ ctx->workgroup,
+ ctx->password,
+ 0, Undefined, NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_SRVSVC,
+ &status);
+ if (!pipe_cli) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ };
+
+ status = rpccli_srvsvc_NetSrvGetInfo(pipe_cli, ctx,
+ server_name,
+ level,
+ &info,
+ &werr);
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ *buffer = (uint8_t *)&info;
+
+ done:
+ if (cli) {
+ cli_shutdown(cli);
+ }
+
+ return werr;
+}
+
+static WERROR libnetapi_NetServerGetInfo(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ uint32_t level,
+ uint8_t **buffer)
+{
+ if (!server_name || is_myname_or_ipaddr(server_name)) {
+ return NetServerGetInfoLocal(ctx,
+ server_name,
+ level,
+ buffer);
+ }
+
+ return NetServerGetInfoRemote(ctx,
+ server_name,
+ level,
+ buffer);
+
+}
+
+NET_API_STATUS NetServerGetInfo(const char *server_name,
+ uint32_t level,
+ uint8_t **buffer)
+{
+ struct libnetapi_ctx *ctx = NULL;
+ NET_API_STATUS status;
+ WERROR werr;
+
+ status = libnetapi_getctx(&ctx);
+ if (status != 0) {
+ return status;
+ }
+
+ werr = libnetapi_NetServerGetInfo(ctx,
+ server_name,
+ level,
+ buffer);
+ if (!W_ERROR_IS_OK(werr)) {
+ return W_ERROR_V(werr);
+ }
+
+ return 0;
+}
+
+static WERROR NetServerSetInfoLocal_1005(struct libnetapi_ctx *ctx,
+ uint8_t *buffer,
+ uint32_t *parm_error)
+{
+ struct srvsvc_NetSrvInfo1005 *info1005;
+
+ if (!buffer) {
+ *parm_error = 1005; /* sure here ? */
+ return WERR_INVALID_PARAM;
+ }
+
+ info1005 = (struct srvsvc_NetSrvInfo1005 *)buffer;
+
+ if (!info1005->comment) {
+ *parm_error = 1005;
+ return WERR_INVALID_PARAM;
+ }
+
+ if (!lp_include_registry_globals()) {
+ return WERR_NOT_SUPPORTED;
+ }
+
+ return libnet_smbconf_set_global_param(ctx,
+ "server string",
+ info1005->comment);
+}
+
+static WERROR NetServerSetInfoLocal(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ uint32_t level,
+ uint8_t *buffer,
+ uint32_t *parm_error)
+{
+ switch (level) {
+ case 1005:
+ return NetServerSetInfoLocal_1005(ctx, buffer, parm_error);
+ default:
+ return WERR_UNKNOWN_LEVEL;
+ }
+
+ return WERR_UNKNOWN_LEVEL;
+}
+
+static WERROR NetServerSetInfoRemote(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ uint32_t level,
+ uint8_t *buffer,
+ uint32_t *parm_error)
+{
+ struct cli_state *cli = NULL;
+ struct rpc_pipe_client *pipe_cli = NULL;
+ NTSTATUS status;
+ WERROR werr;
+ union srvsvc_NetSrvInfo info;
+
+ status = cli_full_connection(&cli, NULL, server_name,
+ NULL, 0,
+ "IPC$", "IPC",
+ ctx->username,
+ ctx->workgroup,
+ ctx->password,
+ 0, Undefined, NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_SRVSVC,
+ &status);
+ if (!pipe_cli) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ };
+
+ switch (level) {
+ case 1005:
+ info.info1005 = (struct srvsvc_NetSrvInfo1005 *)buffer;
+ break;
+ default:
+ werr = WERR_NOT_SUPPORTED;
+ goto done;
+ }
+
+ status = rpccli_srvsvc_NetSrvSetInfo(pipe_cli, ctx,
+ server_name,
+ level,
+ info,
+ parm_error,
+ &werr);
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ done:
+ if (cli) {
+ cli_shutdown(cli);
+ }
+
+ return werr;
+}
+
+static WERROR libnetapi_NetServerSetInfo(struct libnetapi_ctx *ctx,
+ const char *server_name,
+ uint32_t level,
+ uint8_t *buffer,
+ uint32_t *parm_error)
+{
+ if (!server_name || is_myname_or_ipaddr(server_name)) {
+ return NetServerSetInfoLocal(ctx,
+ server_name,
+ level,
+ buffer,
+ parm_error);
+ }
+
+ return NetServerSetInfoRemote(ctx,
+ server_name,
+ level,
+ buffer,
+ parm_error);
+}
+
+
+NET_API_STATUS NetServerSetInfo(const char *server_name,
+ uint32_t level,
+ uint8_t *buffer,
+ uint32_t *parm_error)
+{
+ struct libnetapi_ctx *ctx = NULL;
+ NET_API_STATUS status;
+ WERROR werr;
+
+ status = libnetapi_getctx(&ctx);
+ if (status != 0) {
+ return status;
+ }
+
+ werr = libnetapi_NetServerSetInfo(ctx,
+ server_name,
+ level,
+ buffer,
+ parm_error);
+ if (!W_ERROR_IS_OK(werr)) {
+ return W_ERROR_V(werr);
+ }
+
+ return 0;
+}
diff --git a/source3/lib/secace.c b/source3/lib/secace.c
index 9e533a5a28..90ecc342cd 100644
--- a/source3/lib/secace.c
+++ b/source3/lib/secace.c
@@ -54,7 +54,8 @@ void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src)
Sets up a SEC_ACE structure.
********************************************************************/
-void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, uint8 type, uint32 mask, uint8 flag)
+void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, enum security_ace_type type,
+ uint32 mask, uint8 flag)
{
t->type = type;
t->flags = flag;
@@ -83,7 +84,7 @@ NTSTATUS sec_ace_add_sid(TALLOC_CTX *ctx, SEC_ACE **pp_new, SEC_ACE *old, unsign
for (i = 0; i < *num - 1; i ++)
sec_ace_copy(&(*pp_new)[i], &old[i]);
- (*pp_new)[i].type = 0;
+ (*pp_new)[i].type = SEC_ACE_TYPE_ACCESS_ALLOWED;
(*pp_new)[i].flags = 0;
(*pp_new)[i].size = SEC_ACE_HEADER_SIZE + sid_size(sid);
(*pp_new)[i].access_mask = mask;
diff --git a/source3/lib/secacl.c b/source3/lib/secacl.c
index 328bc1b4b4..5e82242e1b 100644
--- a/source3/lib/secacl.c
+++ b/source3/lib/secacl.c
@@ -26,7 +26,8 @@
Create a SEC_ACL structure.
********************************************************************/
-SEC_ACL *make_sec_acl(TALLOC_CTX *ctx, uint16 revision, int num_aces, SEC_ACE *ace_list)
+SEC_ACL *make_sec_acl(TALLOC_CTX *ctx, enum security_acl_revision revision,
+ int num_aces, SEC_ACE *ace_list)
{
SEC_ACL *dst;
int i;
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index 4a9785009b..123c3bcc9b 100644
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -182,7 +182,9 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU
Creates a SEC_DESC structure
********************************************************************/
-SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision, uint16 type,
+SEC_DESC *make_sec_desc(TALLOC_CTX *ctx,
+ enum security_descriptor_revision revision,
+ uint16 type,
const DOM_SID *owner_sid, const DOM_SID *grp_sid,
SEC_ACL *sacl, SEC_ACL *dacl, size_t *sd_size)
{
@@ -329,8 +331,9 @@ NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len,
SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
SEC_ACL *dacl, size_t *sd_size)
{
- return make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE,
- owner_sid, grp_sid, NULL, dacl, sd_size);
+ return make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE, owner_sid, grp_sid, NULL,
+ dacl, sd_size);
}
/*******************************************************************
@@ -557,7 +560,8 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr,
correct. Perhaps the user and group should be passed in as
parameters by the caller? */
- sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE,
+ sd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE,
parent_ctr->owner_sid,
parent_ctr->group_sid,
parent_ctr->sacl,
diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c
index b3b000579f..0027a8813a 100644
--- a/source3/lib/sharesec.c
+++ b/source3/lib/sharesec.c
@@ -92,7 +92,9 @@ SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def
init_sec_ace(&ace, &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0);
if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 1, &ace)) != NULL) {
- psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, psa, psize);
+ psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
+ psa, psize);
}
if (!psd) {
@@ -291,7 +293,7 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd)
uint32 s_access;
DOM_SID sid;
char *sidstr;
- uint8 type = SEC_ACE_TYPE_ACCESS_ALLOWED;
+ enum security_ace_type type = SEC_ACE_TYPE_ACCESS_ALLOWED;
if (!next_token_talloc(ctx, &pacl, &sidstr, ":")) {
DEBUG(0,("parse_usershare_acl: malformed usershare acl looking "
@@ -339,7 +341,9 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd)
}
if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, num_aces, ace_list)) != NULL) {
- psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, psa, &sd_size);
+ psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
+ psa, &sd_size);
}
if (!psd) {
diff --git a/source3/lib/socket_wrapper/socket_wrapper.c b/source3/lib/socket_wrapper/socket_wrapper.c
index 3a72c5a74a..5b8052e5ed 100644
--- a/source3/lib/socket_wrapper/socket_wrapper.c
+++ b/source3/lib/socket_wrapper/socket_wrapper.c
@@ -571,8 +571,8 @@ static const char *socket_wrapper_pcap_file(void)
{
static int initialized = 0;
static const char *s = NULL;
- static const struct swrap_file_hdr h;
- static const struct swrap_packet p;
+ static const struct swrap_file_hdr h = { 0, };
+ static const struct swrap_packet p = { { 0, }, { { 0, }, { { 0, } } } };
if (initialized == 1) {
return s;
diff --git a/source3/lib/time.c b/source3/lib/time.c
index 5301e3a55a..f98e03197f 100644
--- a/source3/lib/time.c
+++ b/source3/lib/time.c
@@ -1382,7 +1382,7 @@ void unix_to_nt_time_abs(NTTIME *nt, time_t t)
d = (double)(t);
d *= 1.0e7;
- *nt = d;
+ *nt = (NTTIME)d;
/* convert to a negative value */
*nt=~*nt;
@@ -1443,7 +1443,7 @@ const char *display_time(NTTIME nttime)
low = ~(nttime & 0xFFFFFFFF);
low = low/(1000*1000*10);
- sec=high+low;
+ sec=(int)(high+low);
days=sec/(60*60*24);
hours=(sec - (days*60*60*24)) / (60*60);
diff --git a/source3/lib/util_pw.c b/source3/lib/util_pw.c
index 1973626d84..428378505f 100644
--- a/source3/lib/util_pw.c
+++ b/source3/lib/util_pw.c
@@ -37,74 +37,36 @@ struct passwd *tcopy_passwd(TALLOC_CTX *mem_ctx, const struct passwd *from)
return ret;
}
-#define PWNAMCACHE_SIZE 4
-static struct passwd **pwnam_cache = NULL;
-
-static void init_pwnam_cache(void)
-{
- if (pwnam_cache != NULL)
- return;
-
- pwnam_cache = TALLOC_ZERO_ARRAY(NULL, struct passwd *,
- PWNAMCACHE_SIZE);
- if (pwnam_cache == NULL) {
- smb_panic("Could not init pwnam_cache");
- }
-
- return;
-}
-
void flush_pwnam_cache(void)
{
- TALLOC_FREE(pwnam_cache);
- pwnam_cache = NULL;
- init_pwnam_cache();
+ memcache_flush(NULL, GETPWNAM_CACHE);
}
struct passwd *getpwnam_alloc(TALLOC_CTX *mem_ctx, const char *name)
{
- int i;
-
- struct passwd *temp;
+ struct passwd *temp, *cached;
- init_pwnam_cache();
-
- for (i=0; i<PWNAMCACHE_SIZE; i++) {
- if ((pwnam_cache[i] != NULL) &&
- (strcmp(name, pwnam_cache[i]->pw_name) == 0)) {
- DEBUG(10, ("Got %s from pwnam_cache\n", name));
- return tcopy_passwd(mem_ctx, pwnam_cache[i]);
- }
+ temp = (struct passwd *)memcache_lookup_talloc(
+ NULL, GETPWNAM_CACHE, data_blob_string_const(name));
+ if (temp != NULL) {
+ return tcopy_passwd(mem_ctx, temp);
}
temp = sys_getpwnam(name);
-
- if (!temp) {
-#if 0
- if (errno == ENOMEM) {
- /* what now? */
- }
-#endif
+ if (temp == NULL) {
return NULL;
}
- for (i=0; i<PWNAMCACHE_SIZE; i++) {
- if (pwnam_cache[i] == NULL)
- break;
+ cached = tcopy_passwd(NULL, temp);
+ if (cached == NULL) {
+ /*
+ * Just don't add this into the cache, ignore the failure
+ */
+ return temp;
}
- if (i == PWNAMCACHE_SIZE)
- i = rand() % PWNAMCACHE_SIZE;
-
- if (pwnam_cache[i] != NULL) {
- /* Remove this old cache entry, from the cache. We
- * use talloc_unlink here because we want to be very
- * clear which referece we are removing */
- talloc_unlink(pwnam_cache, pwnam_cache[i]);
- }
-
- pwnam_cache[i] = tcopy_passwd(pwnam_cache, temp);
-
+ memcache_add_talloc(NULL, GETPWNAM_CACHE, data_blob_string_const(name),
+ cached);
return tcopy_passwd(mem_ctx, temp);
}
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c
index 0481eea5f0..87e70bb95b 100644
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -350,7 +350,9 @@ NTSTATUS samr_make_sam_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size)
if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 3, ace)) == NULL)
return NT_STATUS_NO_MEMORY;
- if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, psa, sd_size)) == NULL)
+ if ((*psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
+ psa, sd_size)) == NULL)
return NT_STATUS_NO_MEMORY;
return NT_STATUS_OK;
diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c
index ee76e33de8..7e21fe1195 100644
--- a/source3/lib/util_str.c
+++ b/source3/lib/util_str.c
@@ -137,83 +137,6 @@ bool next_token_no_ltrim_talloc(TALLOC_CTX *ctx,
}
/**
-This is like next_token but is not re-entrant and "remembers" the first
-parameter so you can pass NULL. This is useful for user interface code
-but beware the fact that it is not re-entrant!
-**/
-
-static const char *last_ptr=NULL;
-
-bool next_token_nr_talloc(TALLOC_CTX *ctx,
- const char **ptr,
- char **pp_buff,
- const char *sep)
-{
- bool ret;
- if (!ptr) {
- ptr = &last_ptr;
- }
-
- ret = next_token_talloc(ctx, ptr, pp_buff, sep);
- last_ptr = *ptr;
- return ret;
-}
-
-void set_first_token(char *ptr)
-{
- last_ptr = ptr;
-}
-
-/**
- Convert list of tokens to array; dependent on above routine.
- Uses last_ptr from above - bit of a hack.
-**/
-
-char **toktocliplist(int *ctok, const char *sep)
-{
- char *s=(char *)last_ptr;
- int ictok=0;
- char **ret, **iret;
-
- if (!sep)
- sep = " \t\n\r";
-
- while(*s && strchr_m(sep,*s))
- s++;
-
- /* nothing left? */
- if (!*s)
- return(NULL);
-
- do {
- ictok++;
- while(*s && (!strchr_m(sep,*s)))
- s++;
- while(*s && strchr_m(sep,*s))
- *s++=0;
- } while(*s);
-
- *ctok=ictok;
- s=(char *)last_ptr;
-
- if (!(ret=iret=SMB_MALLOC_ARRAY(char *,ictok+1)))
- return NULL;
-
- while(ictok--) {
- *iret++=s;
- if (ictok > 0) {
- while(*s++)
- ;
- while(!*s)
- s++;
- }
- }
-
- ret[*ctok] = NULL;
- return ret;
-}
-
-/**
* Case insensitive string compararison.
*
* iconv does not directly give us a way to compare strings in
diff --git a/source3/lib/winbind_util.c b/source3/lib/winbind_util.c
new file mode 100644
index 0000000000..f4e7ab19e8
--- /dev/null
+++ b/source3/lib/winbind_util.c
@@ -0,0 +1,324 @@
+/*
+ Unix SMB/CIFS implementation.
+ Winbind Utility functions
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+
+#if defined(WITH_WINBIND)
+
+#include "nsswitch/libwbclient/wbclient.h"
+
+/* Call winbindd to convert a name to a sid */
+
+bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
+ enum lsa_SidType *name_type)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+ enum wbcSidType type;
+
+ result = wbcLookupName(dom_name, name, &dom_sid, &type);
+ if (result != WBC_ERR_SUCCESS)
+ return False;
+
+ memcpy(sid, &dom_sid, sizeof(DOM_SID));
+ *name_type = (enum lsa_SidType)type;
+
+ return True;
+}
+
+/* Call winbindd to convert sid to name */
+
+bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
+ const char **domain, const char **name,
+ enum lsa_SidType *name_type)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+ enum wbcSidType type;
+ char *domain_name = NULL;
+ char *account_name = NULL;
+
+ memcpy(&dom_sid, sid, sizeof(dom_sid));
+
+ result = wbcLookupSid(&dom_sid, &domain_name, &account_name, &type);
+ if (result != WBC_ERR_SUCCESS)
+ return False;
+
+ /* Copy out result */
+
+ if (domain) {
+ *domain = talloc_strdup(mem_ctx, domain_name);
+ }
+ if (name) {
+ *name = talloc_strdup(mem_ctx, account_name);
+ }
+ *name_type = (enum lsa_SidType)type;
+
+ DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n",
+ sid_string_dbg(sid), domain_name, account_name));
+
+ SAFE_FREE(domain_name);
+ SAFE_FREE(account_name);
+
+ if ((domain && !*domain) || (name && !*name)) {
+ DEBUG(0,("winbind_lookup_sid: talloc() failed!\n"));
+ return False;
+ }
+
+
+ return True;
+}
+
+/* Ping winbindd to see it is alive */
+
+bool winbind_ping(void)
+{
+ wbcErr result = wbcPing();
+
+ return (result == WBC_ERR_SUCCESS);
+}
+
+/* Call winbindd to convert SID to uid */
+
+bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+
+ memcpy(&dom_sid, sid, sizeof(dom_sid));
+
+ result = wbcSidToUid(&dom_sid, puid);
+ if (result != WBC_ERR_SUCCESS)
+ return False;
+
+ return (result == WBC_ERR_SUCCESS);
+}
+
+/* Call winbindd to convert uid to sid */
+
+bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+
+ result = wbcUidToSid(uid, &dom_sid);
+ if (result == WBC_ERR_SUCCESS) {
+ memcpy(sid, &dom_sid, sizeof(DOM_SID));
+ } else {
+ sid_copy(sid, &global_sid_NULL);
+ }
+
+ return (result == WBC_ERR_SUCCESS);
+}
+
+/* Call winbindd to convert SID to gid */
+
+bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+
+ memcpy(&dom_sid, sid, sizeof(dom_sid));
+
+ result = wbcSidToGid(&dom_sid, pgid);
+ if (result != WBC_ERR_SUCCESS)
+ return False;
+
+ return (result == WBC_ERR_SUCCESS);
+}
+
+/* Call winbindd to convert gid to sid */
+
+bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
+{
+ struct wbcDomainSid dom_sid;
+ wbcErr result;
+
+ result = wbcGidToSid(gid, &dom_sid);
+ if (result == WBC_ERR_SUCCESS) {
+ memcpy(sid, &dom_sid, sizeof(DOM_SID));
+ } else {
+ sid_copy(sid, &global_sid_NULL);
+ }
+
+ return (result == WBC_ERR_SUCCESS);
+}
+
+/* Check for a trusted domain */
+
+wbcErr wb_is_trusted_domain(const char *domain)
+{
+ wbcErr result;
+ struct wbcDomainInfo *info = NULL;
+
+ result = wbcDomainInfo(domain, &info);
+
+ if (WBC_ERROR_IS_OK(result)) {
+ wbcFreeMemory(info);
+ }
+
+ return result;
+}
+
+/* Lookup a set of rids in a given domain */
+
+bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
+ const DOM_SID *domain_sid,
+ int num_rids, uint32 *rids,
+ const char **domain_name,
+ const char ***names, enum lsa_SidType **types)
+{
+ const char *dom_name = NULL;
+ const char **namelist = NULL;
+ enum wbcSidType *name_types = NULL;
+ struct wbcDomainSid dom_sid;
+ wbcErr ret;
+ int i;
+
+ memcpy(&dom_sid, domain_sid, sizeof(struct wbcDomainSid));
+
+ ret = wbcLookupRids(&dom_sid, num_rids, rids,
+ &dom_name, &namelist, &name_types);
+ if (ret != WBC_ERR_SUCCESS)
+ return False;
+
+ *domain_name = talloc_strdup(mem_ctx, dom_name);
+ *names = TALLOC_ARRAY(mem_ctx, const char*, num_rids);
+ *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids);
+
+ for(i=0; i<num_rids; i++) {
+ (*names)[i] = talloc_strdup(names, namelist[i]);
+ (*types)[i] = (enum lsa_SidType)name_types[i];
+
+ free(CONST_DISCARD(char*, namelist[i]));
+ }
+ free(namelist);
+ free(name_types);
+
+ return True;
+}
+
+/* Ask Winbind to allocate a new uid for us */
+
+bool winbind_allocate_uid(uid_t *uid)
+{
+ wbcErr ret;
+
+ ret = wbcAllocateUid(uid);
+
+ return (ret == WBC_ERR_SUCCESS);
+}
+
+/* Ask Winbind to allocate a new gid for us */
+
+bool winbind_allocate_gid(gid_t *gid)
+{
+ wbcErr ret;
+
+ ret = wbcAllocateGid(gid);
+
+ return (ret == WBC_ERR_SUCCESS);
+}
+
+#else /* WITH_WINBIND */
+
+bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
+ enum lsa_SidType *name_type)
+{
+ return False;
+}
+
+/* Call winbindd to convert sid to name */
+
+bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
+ const char **domain, const char **name,
+ enum lsa_SidType *name_type)
+{
+ return False;
+}
+
+/* Ping winbindd to see it is alive */
+
+bool winbind_ping(void)
+{
+ return False;
+}
+
+/* Call winbindd to convert SID to uid */
+
+bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
+{
+ return False;
+}
+
+/* Call winbindd to convert uid to sid */
+
+bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
+{
+ return False;
+}
+
+/* Call winbindd to convert SID to gid */
+
+bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
+{
+ return False;
+}
+
+/* Call winbindd to convert gid to sid */
+
+bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
+{
+ return False;
+}
+
+/* Check for a trusted domain */
+
+wbcErr wb_is_trusted_domain(const char *domain)
+{
+ return WBC_ERR_UNKNOWN_FAILURE;
+}
+
+/* Lookup a set of rids in a given domain */
+
+bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
+ const DOM_SID *domain_sid,
+ int num_rids, uint32 *rids,
+ const char **domain_name,
+ const char ***names, enum lsa_SidType **types)
+{
+ return False;
+}
+
+/* Ask Winbind to allocate a new uid for us */
+
+bool winbind_allocate_uid(uid_t *uid)
+{
+ return False;
+}
+
+/* Ask Winbind to allocate a new gid for us */
+
+bool winbind_allocate_gid(gid_t *gid)
+{
+ return False;
+}
+
+#endif /* WITH_WINBIND */
diff --git a/source3/lib/netapi/joindomain.h b/source3/libnet/libnet.h
index 2c71702db7..fa24c3b40a 100644
--- a/source3/lib/netapi/joindomain.h
+++ b/source3/libnet/libnet.h
@@ -1,6 +1,6 @@
/*
* Unix SMB/CIFS implementation.
- * NetApi Support
+ * libnet Support
* Copyright (C) Guenther Deschner 2007
*
* This program is free software; you can redistribute it and/or modify
@@ -17,13 +17,10 @@
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
-WERROR NetJoinDomain(const char *server,
- const char *domain,
- const char *account_ou,
- const char *account,
- const char *password,
- uint32_t join_options);
-WERROR NetUnjoinDomain(const char *server_name,
- const char *account,
- const char *password,
- uint32_t unjoin_flags);
+#ifndef __LIBNET_H__
+#define __LIBNET_H__
+
+#include "libnet/libnet_join.h"
+#include "libnet/libnet_proto.h"
+
+#endif
diff --git a/source3/libnet/libnet_conf.c b/source3/libnet/libnet_conf.c
new file mode 100644
index 0000000000..8bc5161268
--- /dev/null
+++ b/source3/libnet/libnet_conf.c
@@ -0,0 +1,195 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * libnet smbconf registry Support
+ * Copyright (C) Michael Adam 2007
+ * Copyright (C) Guenther Deschner 2007
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+/*
+ * Open a subkey of KEY_SMBCONF (i.e a service)
+ * - variant without error output (q = quiet)-
+ */
+WERROR libnet_smbconf_open_path_q(TALLOC_CTX *ctx, const char *subkeyname,
+ uint32 desired_access,
+ struct registry_key **key)
+{
+ WERROR werr = WERR_OK;
+ char *path = NULL;
+ NT_USER_TOKEN *token;
+
+ if (!(token = registry_create_admin_token(ctx))) {
+ DEBUG(1, ("Error creating admin token\n"));
+ goto done;
+ }
+
+ if (subkeyname == NULL) {
+ path = talloc_strdup(ctx, KEY_SMBCONF);
+ } else {
+ path = talloc_asprintf(ctx, "%s\\%s", KEY_SMBCONF, subkeyname);
+ }
+
+ werr = reg_open_path(ctx, path, desired_access,
+ token, key);
+
+done:
+ TALLOC_FREE(path);
+ return werr;
+}
+
+/*
+ * check if a subkey of KEY_SMBCONF of a given name exists
+ */
+bool libnet_smbconf_key_exists(TALLOC_CTX *ctx, const char *subkeyname)
+{
+ bool ret = False;
+ WERROR werr = WERR_OK;
+ TALLOC_CTX *mem_ctx;
+ struct registry_key *key;
+
+ if (!(mem_ctx = talloc_new(ctx))) {
+ d_fprintf(stderr, "ERROR: Out of memory...!\n");
+ goto done;
+ }
+
+ werr = libnet_smbconf_open_path_q(mem_ctx, subkeyname, REG_KEY_READ, &key);
+ if (W_ERROR_IS_OK(werr)) {
+ ret = True;
+ }
+
+done:
+ TALLOC_FREE(mem_ctx);
+ return ret;
+}
+
+/*
+ * Open a subkey of KEY_SMBCONF (i.e a service)
+ * - variant with error output -
+ */
+WERROR libnet_smbconf_open_path(TALLOC_CTX *ctx, const char *subkeyname,
+ uint32 desired_access,
+ struct registry_key **key)
+{
+ WERROR werr = WERR_OK;
+
+ werr = libnet_smbconf_open_path_q(ctx, subkeyname, desired_access, key);
+ if (!W_ERROR_IS_OK(werr)) {
+ d_fprintf(stderr, "Error opening registry path '%s\\%s': %s\n",
+ KEY_SMBCONF,
+ (subkeyname == NULL) ? "" : subkeyname,
+ dos_errstr(werr));
+ }
+
+ return werr;
+}
+
+/*
+ * open the base key KEY_SMBCONF
+ */
+WERROR libnet_smbconf_open_basepath(TALLOC_CTX *ctx, uint32 desired_access,
+ struct registry_key **key)
+{
+ return libnet_smbconf_open_path(ctx, NULL, desired_access, key);
+}
+
+/*
+ * create a subkey of KEY_SMBCONF
+ */
+WERROR libnet_reg_createkey_internal(TALLOC_CTX *ctx,
+ const char * subkeyname,
+ struct registry_key **newkey)
+{
+ WERROR werr = WERR_OK;
+ struct registry_key *create_parent = NULL;
+ TALLOC_CTX *create_ctx;
+ enum winreg_CreateAction action = REG_ACTION_NONE;
+
+ /* create a new talloc ctx for creation. it will hold
+ * the intermediate parent key (SMBCONF) for creation
+ * and will be destroyed when leaving this function... */
+ if (!(create_ctx = talloc_new(ctx))) {
+ werr = WERR_NOMEM;
+ goto done;
+ }
+
+ werr = libnet_smbconf_open_basepath(create_ctx, REG_KEY_WRITE, &create_parent);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ werr = reg_createkey(ctx, create_parent, subkeyname,
+ REG_KEY_WRITE, newkey, &action);
+ if (W_ERROR_IS_OK(werr) && (action != REG_CREATED_NEW_KEY)) {
+ d_fprintf(stderr, "Key '%s' already exists.\n", subkeyname);
+ werr = WERR_ALREADY_EXISTS;
+ }
+ if (!W_ERROR_IS_OK(werr)) {
+ d_fprintf(stderr, "Error creating key %s: %s\n",
+ subkeyname, dos_errstr(werr));
+ }
+
+done:
+ TALLOC_FREE(create_ctx);
+ return werr;
+}
+
+static WERROR do_modify_val_config(struct registry_key *key,
+ const char *val_name,
+ const char *val_data)
+{
+ struct registry_value val;
+
+ ZERO_STRUCT(val);
+
+ val.type = REG_SZ;
+ val.v.sz.str = CONST_DISCARD(char *, val_data);
+ val.v.sz.len = strlen(val_data) + 1;
+
+ return reg_setvalue(key, val_name, &val);
+}
+
+WERROR libnet_smbconf_set_global_param(TALLOC_CTX *mem_ctx,
+ const char *param,
+ const char *val)
+{
+ WERROR werr;
+ struct registry_key *key = NULL;
+
+ if (!lp_include_registry_globals()) {
+ return WERR_NOT_SUPPORTED;
+ }
+
+ if (!registry_init_regdb()) {
+ return WERR_REG_IO_FAILURE;
+ }
+
+ if (!libnet_smbconf_key_exists(mem_ctx, GLOBAL_NAME)) {
+ werr = libnet_reg_createkey_internal(mem_ctx,
+ GLOBAL_NAME, &key);
+ } else {
+ werr = libnet_smbconf_open_path(mem_ctx,
+ GLOBAL_NAME,
+ REG_KEY_WRITE, &key);
+ }
+
+ if (!W_ERROR_IS_OK(werr)) {
+ return werr;
+ }
+
+ return do_modify_val_config(key, param, val);
+}
+
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
new file mode 100644
index 0000000000..2994c3f59d
--- /dev/null
+++ b/source3/libnet/libnet_join.c
@@ -0,0 +1,583 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * libnet Join Support
+ * Copyright (C) Gerald (Jerry) Carter 2006
+ * Copyright (C) Guenther Deschner 2007
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+#include "libnet/libnet_join.h"
+#include "libnet/libnet_proto.h"
+
+static NTSTATUS do_DomainJoin(TALLOC_CTX *mem_ctx,
+ struct libnet_JoinCtx *r)
+{
+ struct cli_state *cli = NULL;
+ struct rpc_pipe_client *pipe_hnd = NULL;
+ const char *password = NULL;
+ POLICY_HND sam_pol, domain_pol, user_pol, lsa_pol;
+ NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+ char *acct_name;
+ const char *const_acct_name;
+ uint32 user_rid;
+ uint32 num_rids, *name_types, *user_rids;
+ uint32 flags = 0x3e8;
+ uint32 acb_info = ACB_WSTRUST;
+ uint32 fields_present;
+ uchar pwbuf[532];
+ SAM_USERINFO_CTR ctr;
+ SAM_USER_INFO_25 p25;
+ const int infolevel = 25;
+ struct MD5Context md5ctx;
+ uchar md5buffer[16];
+ DATA_BLOB digested_session_key;
+ uchar md4_trust_password[16];
+
+ password = talloc_strdup(mem_ctx,
+ generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH));
+ NT_STATUS_HAVE_NO_MEMORY(password);
+
+ status = cli_full_connection(&cli, NULL, r->in.server_name,
+ NULL, 0,
+ "IPC$", "IPC",
+ r->in.admin_account,
+ NULL, //r->in.domain_name,
+ r->in.password,
+ 0, Undefined, NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &status);
+ if (!pipe_hnd) {
+ goto done;
+ }
+
+ status = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True,
+ SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ status = rpccli_lsa_query_info_policy2(pipe_hnd, mem_ctx, &lsa_pol,
+ 12,
+ &r->out.netbios_domain_name,
+ &r->out.dns_domain_name,
+ NULL,
+ NULL,
+ &r->out.domain_sid);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ status = rpccli_lsa_query_info_policy(pipe_hnd, mem_ctx, &lsa_pol,
+ 5,
+ &r->out.netbios_domain_name,
+ &r->out.domain_sid);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ }
+
+ rpccli_lsa_Close(pipe_hnd, mem_ctx, &lsa_pol);
+ cli_rpc_pipe_close(pipe_hnd);
+
+ pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &status);
+ if (!pipe_hnd) {
+ goto done;
+ }
+
+ status = rpccli_samr_connect(pipe_hnd, mem_ctx,
+ SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ status = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &sam_pol,
+ SEC_RIGHTS_MAXIMUM_ALLOWED,
+ r->out.domain_sid,
+ &domain_pol);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ acct_name = talloc_asprintf(mem_ctx, "%s$", global_myname());
+ strlower_m(acct_name);
+ const_acct_name = acct_name;
+
+ status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
+ acct_name, ACB_WSTRUST,
+ 0xe005000b, &user_pol, &user_rid);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
+ if (!(r->in.join_flags & WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED)) {
+ goto done;
+ }
+ }
+
+ if (NT_STATUS_IS_OK(status)) {
+ rpccli_samr_close(pipe_hnd, mem_ctx, &user_pol);
+ }
+
+ status = rpccli_samr_lookup_names(pipe_hnd, mem_ctx,
+ &domain_pol, flags, 1,
+ &const_acct_name,
+ &num_rids, &user_rids, &name_types);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ if (name_types[0] != SID_NAME_USER) {
+ status = NT_STATUS_INVALID_WORKSTATION;
+ goto done;
+ }
+
+ user_rid = user_rids[0];
+
+ status = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol,
+ SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid,
+ &user_pol);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ E_md4hash(r->in.password, md4_trust_password);
+ encode_pw_buffer(pwbuf, r->in.password, STR_UNICODE);
+
+ generate_random_buffer((uint8*)md5buffer, sizeof(md5buffer));
+ digested_session_key = data_blob_talloc(mem_ctx, 0, 16);
+
+ MD5Init(&md5ctx);
+ MD5Update(&md5ctx, md5buffer, sizeof(md5buffer));
+ MD5Update(&md5ctx, cli->user_session_key.data, cli->user_session_key.length);
+ MD5Final(digested_session_key.data, &md5ctx);
+
+ SamOEMhashBlob(pwbuf, sizeof(pwbuf), &digested_session_key);
+ memcpy(&pwbuf[516], md5buffer, sizeof(md5buffer));
+
+ acb_info |= ACB_PWNOEXP;
+#if 0
+ if ( dom_type == ND_TYPE_AD ) {
+#if !defined(ENCTYPE_ARCFOUR_HMAC)
+ acb_info |= ACB_USE_DES_KEY_ONLY;
+#endif
+ ;;
+ }
+#endif
+ ZERO_STRUCT(ctr);
+ ZERO_STRUCT(p25);
+
+ fields_present = ACCT_NT_PWD_SET | ACCT_LM_PWD_SET | ACCT_FLAGS;
+ init_sam_user_info25P(&p25, fields_present, acb_info, (char *)pwbuf);
+
+ ctr.switch_value = infolevel;
+ ctr.info.id25 = &p25;
+
+ status = rpccli_samr_set_userinfo2(pipe_hnd, mem_ctx, &user_pol,
+ infolevel, &cli->user_session_key,
+ &ctr);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ rpccli_samr_close(pipe_hnd, mem_ctx, &user_pol);
+ cli_rpc_pipe_close(pipe_hnd);
+
+ if (!secrets_store_domain_sid(r->out.netbios_domain_name,
+ r->out.domain_sid))
+ {
+ status = NT_STATUS_INTERNAL_DB_ERROR;
+ goto done;
+ }
+
+ if (!secrets_store_machine_password(password,
+ r->out.netbios_domain_name,
+ SEC_CHAN_WKSTA))
+ {
+ status = NT_STATUS_INTERNAL_DB_ERROR;
+ goto done;
+ }
+
+ status = NT_STATUS_OK;
+ done:
+ if (cli) {
+ cli_shutdown(cli);
+ }
+
+ return status;
+}
+
+static NTSTATUS do_DomainUnjoin(TALLOC_CTX *mem_ctx,
+ struct libnet_UnjoinCtx *r)
+{
+ struct cli_state *cli = NULL;
+ struct rpc_pipe_client *pipe_hnd = NULL;
+ POLICY_HND sam_pol, domain_pol, user_pol;
+ NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+ char *acct_name;
+ uint32 flags = 0x3e8;
+ const char *const_acct_name;
+ uint32 user_rid;
+ uint32 num_rids, *name_types, *user_rids;
+ SAM_USERINFO_CTR ctr, *qctr = NULL;
+ SAM_USER_INFO_16 p16;
+
+ status = cli_full_connection(&cli, NULL, r->in.server_name,
+ NULL, 0,
+ "IPC$", "IPC",
+ r->in.admin_account,
+ NULL, //r->in.domain_name,
+ r->in.password,
+ 0, Undefined, NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &status);
+ if (!pipe_hnd) {
+ goto done;
+ }
+
+ status = rpccli_samr_connect(pipe_hnd, mem_ctx,
+ SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ status = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &sam_pol,
+ SEC_RIGHTS_MAXIMUM_ALLOWED,
+ r->in.domain_sid,
+ &domain_pol);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ acct_name = talloc_asprintf(mem_ctx, "%s$", global_myname());
+ strlower_m(acct_name);
+ const_acct_name = acct_name;
+
+ status = rpccli_samr_lookup_names(pipe_hnd, mem_ctx,
+ &domain_pol, flags, 1,
+ &const_acct_name,
+ &num_rids, &user_rids, &name_types);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ if (name_types[0] != SID_NAME_USER) {
+ status = NT_STATUS_INVALID_WORKSTATION;
+ goto done;
+ }
+
+ user_rid = user_rids[0];
+
+ status = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol,
+ SEC_RIGHTS_MAXIMUM_ALLOWED,
+ user_rid, &user_pol);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ status = rpccli_samr_query_userinfo(pipe_hnd, mem_ctx,
+ &user_pol, 16, &qctr);
+ if (!NT_STATUS_IS_OK(status)) {
+ rpccli_samr_close(pipe_hnd, mem_ctx, &user_pol);
+ goto done;
+ }
+
+ ZERO_STRUCT(ctr);
+ ctr.switch_value = 16;
+ ctr.info.id16 = &p16;
+
+ p16.acb_info = qctr->info.id16->acb_info | ACB_DISABLED;
+
+ status = rpccli_samr_set_userinfo2(pipe_hnd, mem_ctx, &user_pol, 16,
+ &cli->user_session_key, &ctr);
+
+ rpccli_samr_close(pipe_hnd, mem_ctx, &user_pol);
+
+ if (!secrets_delete_machine_password_ex(lp_workgroup())) {
+ status = NT_STATUS_INTERNAL_DB_ERROR;
+ goto done;
+ }
+
+ if (!secrets_delete_domain_sid(lp_workgroup())) {
+ status = NT_STATUS_INTERNAL_DB_ERROR;
+ goto done;
+ }
+
+done:
+ rpccli_samr_close(pipe_hnd, mem_ctx, &domain_pol);
+ rpccli_samr_close(pipe_hnd, mem_ctx, &sam_pol);
+
+ cli_rpc_pipe_close(pipe_hnd);
+
+ if (cli) {
+ cli_shutdown(cli);
+ }
+
+ return status;
+}
+
+static WERROR do_modify_val_config(struct registry_key *key,
+ const char *val_name,
+ const char *val_data)
+{
+ struct registry_value val;
+
+ ZERO_STRUCT(val);
+
+ val.type = REG_SZ;
+ val.v.sz.str = CONST_DISCARD(char *, val_data);
+ val.v.sz.len = strlen(val_data) + 1;
+
+ return reg_setvalue(key, val_name, &val);
+}
+
+static WERROR do_join_modify_vals_config(TALLOC_CTX *mem_ctx,
+ struct libnet_JoinCtx *r,
+ struct registry_key *key)
+{
+ WERROR werr;
+ bool is_ad = false;
+
+ if (!(r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE)) {
+
+ werr = do_modify_val_config(key, "security", "user");
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = do_modify_val_config(key, "workgroup",
+ r->in.domain_name);
+ return werr;
+ }
+
+ if (r->out.dns_domain_name) {
+ is_ad = true;
+ }
+
+ werr = do_modify_val_config(key, "security", "domain");
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = do_modify_val_config(key, "workgroup",
+ r->out.netbios_domain_name);
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ if (is_ad) {
+ werr = do_modify_val_config(key, "security", "ads");
+ W_ERROR_NOT_OK_RETURN(werr);
+
+ werr = do_modify_val_config(key, "realm",
+ r->out.dns_domain_name);
+ W_ERROR_NOT_OK_RETURN(werr);
+ }
+
+ return werr;
+}
+
+static WERROR do_unjoin_modify_vals_config(TALLOC_CTX *mem_ctx,
+ struct libnet_UnjoinCtx *r,
+ struct registry_key *key)
+{
+ WERROR werr = WERR_OK;
+
+ if (r->in.unjoin_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) {
+
+ werr = do_modify_val_config(key, "security", "user");
+ W_ERROR_NOT_OK_RETURN(werr);
+ }
+
+ reg_deletevalue(key, "realm");
+
+ return werr;
+}
+
+
+static WERROR do_JoinConfig(TALLOC_CTX *mem_ctx,
+ struct libnet_JoinCtx *r)
+{
+ WERROR werr;
+ struct registry_key *key = NULL;
+
+ if (!W_ERROR_IS_OK(r->out.result)) {
+ return r->out.result;
+ }
+
+ if (!r->in.modify_config) {
+ return WERR_OK;
+ }
+
+ if (!registry_init_regdb()) {
+ return WERR_REG_IO_FAILURE;
+ }
+
+ if (!libnet_smbconf_key_exists(mem_ctx, GLOBAL_NAME)) {
+ werr = libnet_reg_createkey_internal(mem_ctx,
+ GLOBAL_NAME, &key);
+ } else {
+ werr = libnet_smbconf_open_path(mem_ctx,
+ GLOBAL_NAME,
+ REG_KEY_WRITE, &key);
+ }
+ if (!W_ERROR_IS_OK(werr)) {
+ return werr;
+ }
+
+ werr = do_join_modify_vals_config(mem_ctx, r, key);
+ if (!W_ERROR_IS_OK(werr)) {
+ return werr;
+ }
+
+ r->out.modified_config = true;
+ r->out.result = werr;
+
+ return werr;
+}
+
+static WERROR do_UnjoinConfig(TALLOC_CTX *mem_ctx,
+ struct libnet_UnjoinCtx *r)
+{
+ WERROR werr;
+ struct registry_key *key = NULL;
+
+ if (!W_ERROR_IS_OK(r->out.result)) {
+ return r->out.result;
+ }
+
+ if (!r->in.modify_config) {
+ return WERR_OK;
+ }
+
+ if (!registry_init_regdb()) {
+ return WERR_REG_IO_FAILURE;
+ }
+
+ if (!libnet_smbconf_key_exists(mem_ctx, GLOBAL_NAME)) {
+ werr = libnet_reg_createkey_internal(mem_ctx,
+ GLOBAL_NAME, &key);
+ } else {
+ werr = libnet_smbconf_open_path(mem_ctx,
+ GLOBAL_NAME,
+ REG_KEY_WRITE, &key);
+ }
+ if (!W_ERROR_IS_OK(werr)) {
+ return werr;
+ }
+
+ werr = do_unjoin_modify_vals_config(mem_ctx, r, key);
+ if (!W_ERROR_IS_OK(werr)) {
+ return werr;
+ }
+
+ r->out.modified_config = true;
+ r->out.result = werr;
+
+ return werr;
+}
+
+WERROR libnet_init_JoinCtx(TALLOC_CTX *mem_ctx,
+ struct libnet_JoinCtx **r)
+{
+ struct libnet_JoinCtx *ctx;
+
+ ctx = talloc_zero(mem_ctx, struct libnet_JoinCtx);
+ if (!ctx) {
+ return WERR_NOMEM;
+ }
+
+ *r = ctx;
+
+ return WERR_OK;
+}
+
+WERROR libnet_init_UnjoinCtx(TALLOC_CTX *mem_ctx,
+ struct libnet_UnjoinCtx **r)
+{
+ struct libnet_UnjoinCtx *ctx;
+
+ ctx = talloc_zero(mem_ctx, struct libnet_UnjoinCtx);
+ if (!ctx) {
+ return WERR_NOMEM;
+ }
+
+ *r = ctx;
+
+ return WERR_OK;
+}
+
+WERROR libnet_Join(TALLOC_CTX *mem_ctx,
+ struct libnet_JoinCtx *r)
+{
+ WERROR werr;
+ NTSTATUS status;
+
+ if (!r->in.domain_name) {
+ return WERR_INVALID_PARAM;
+ }
+
+ if (r->in.modify_config && !lp_include_registry_globals()) {
+ return WERR_NOT_SUPPORTED;
+ }
+
+ if (IS_DC) {
+ return WERR_SETUP_DOMAIN_CONTROLLER;
+ }
+
+ if (r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) {
+
+ status = do_DomainJoin(mem_ctx, r);
+ if (!NT_STATUS_IS_OK(status)) {
+ if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
+ return WERR_SETUP_ALREADY_JOINED;
+ }
+ return ntstatus_to_werror(status);
+ }
+ }
+
+ werr = do_JoinConfig(mem_ctx, r);
+ if (!W_ERROR_IS_OK(werr)) {
+ return werr;
+ }
+
+ return werr;
+}
+
+WERROR libnet_Unjoin(TALLOC_CTX *mem_ctx,
+ struct libnet_UnjoinCtx *r)
+{
+ WERROR werr;
+ NTSTATUS status;
+
+ if (r->in.modify_config && !lp_include_registry_globals()) {
+ return WERR_NOT_SUPPORTED;
+ }
+
+ if (r->in.unjoin_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) {
+
+ status = do_DomainUnjoin(mem_ctx, r);
+ if (!NT_STATUS_IS_OK(status)) {
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)) {
+ return WERR_SETUP_NOT_JOINED;
+ }
+ return ntstatus_to_werror(status);
+ }
+ }
+
+ werr = do_UnjoinConfig(mem_ctx, r);
+ if (!W_ERROR_IS_OK(werr)) {
+ return werr;
+ }
+
+ return werr;
+}
diff --git a/source3/libnet/libnet_join.h b/source3/libnet/libnet_join.h
new file mode 100644
index 0000000000..46ab27e8b0
--- /dev/null
+++ b/source3/libnet/libnet_join.h
@@ -0,0 +1,65 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * libnet Join Support
+ * Copyright (C) Guenther Deschner 2007
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef __LIBNET_JOIN_H__
+#define __LIBNET_JOIN_H__
+
+struct libnet_JoinCtx {
+ struct {
+ const char *server_name;
+ const char *domain_name;
+ const char *account_ou;
+ const char *admin_account;
+ const char *password;
+ uint32_t join_flags;
+ const char *os_version;
+ const char *os_string;
+ const char *upn;
+ bool modify_config;
+ } in;
+
+ struct {
+ char *account_name;
+ char *netbios_domain_name;
+ char *dns_domain_name;
+ char *dn;
+ struct dom_sid *domain_sid;
+ bool modified_config;
+ WERROR result;
+ } out;
+};
+
+struct libnet_UnjoinCtx {
+ struct {
+ const char *server_name;
+ const char *domain_name;
+ const char *admin_account;
+ const char *password;
+ uint32_t unjoin_flags;
+ bool modify_config;
+ struct dom_sid *domain_sid;
+ } in;
+
+ struct {
+ bool modified_config;
+ WERROR result;
+ } out;
+};
+
+#endif
diff --git a/source3/library-versions.in b/source3/library-versions.in
index cd4d621dd5..cdd1807e23 100644
--- a/source3/library-versions.in
+++ b/source3/library-versions.in
@@ -5,5 +5,5 @@
bin/libsmbclient.@SHLIBEXT@:0:1
bin/libsmbsharemodes.@SHLIBEXT@:0:2
bin/libaddns.@SHLIBEXT@:0:1
-bin/libmsrpc.@SHLIBEXT@:0:1
-
+bin/libwbclient.@SHLIBEXT@:0:1
+bin/libnetapi.@SHLIBEXT@:0:1
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index d370808bba..33110c803f 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -863,8 +863,7 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
/* If we get a bad principal, try to guess it if
we have a valid host NetBIOS name.
*/
- if (strequal(principal,
- "not_defined_in_RFC4178@please_ignore")) {
+ if (strequal(principal, ADS_IGNORE_PRINCIPAL)) {
SAFE_FREE(principal);
}
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 1a6fb8f93f..0544b3d879 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -471,7 +471,7 @@ struct cli_state *cli_initialise(void)
cli->inbuf = (char *)SMB_MALLOC(cli->bufsize+SAFETY_MARGIN);
cli->oplock_handler = cli_oplock_ack;
cli->case_sensitive = False;
- cli->smb_rw_error = 0;
+ cli->smb_rw_error = SMB_READ_OK;
cli->use_spnego = lp_client_use_spnego();
@@ -606,7 +606,7 @@ void cli_shutdown(struct cli_state *cli)
close(cli->fd);
}
cli->fd = -1;
- cli->smb_rw_error = 0;
+ cli->smb_rw_error = SMB_READ_OK;
SAFE_FREE(cli);
}
diff --git a/source3/libsmb/doserr.c b/source3/libsmb/doserr.c
index 5bdd85da1b..dd556bba5a 100644
--- a/source3/libsmb/doserr.c
+++ b/source3/libsmb/doserr.c
@@ -1,18 +1,18 @@
-/*
+/*
* Unix SMB/CIFS implementation.
* DOS error routines
* Copyright (C) Tim Potter 2002.
- *
+ *
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
@@ -21,12 +21,16 @@
#include "includes.h"
-typedef const struct
-{
+typedef const struct {
const char *dos_errstr;
WERROR werror;
} werror_code_struct;
+typedef const struct {
+ WERROR werror;
+ const char *friendly_errstr;
+} werror_str_struct;
+
werror_code_struct dos_errs[] =
{
{ "WERR_OK", WERR_OK },
@@ -92,6 +96,22 @@ werror_code_struct dos_errs[] =
{ NULL, W_ERROR(0) }
};
+werror_str_struct dos_err_strs[] = {
+ { WERR_OK, "Success" },
+ { WERR_ACCESS_DENIED, "Access is denied" },
+ { WERR_INVALID_PARAM, "Invalid parameter" },
+ { WERR_NOT_SUPPORTED, "Not supported" },
+ { WERR_BAD_PASSWORD, "A bad password was supplied" },
+ { WERR_NOMEM, "Out of memory" },
+ { WERR_NO_LOGON_SERVERS, "No logon servers found" },
+ { WERR_NO_SUCH_LOGON_SESSION, "No such logon session" },
+ { WERR_DOMAIN_CONTROLLER_NOT_FOUND, "A domain controller could not be found" },
+ { WERR_SETUP_NOT_JOINED, "Join failed" },
+ { WERR_SETUP_ALREADY_JOINED, "Machine is already joined" },
+ { WERR_SETUP_DOMAIN_CONTROLLER, "Machine is a Domain Controller" },
+ { WERR_LOGON_FAILURE, "Invalid logon credentials" },
+};
+
/*****************************************************************************
Returns a DOS error message. not amazingly helpful, but better than a number.
*****************************************************************************/
@@ -102,7 +122,7 @@ const char *dos_errstr(WERROR werror)
int idx = 0;
while (dos_errs[idx].dos_errstr != NULL) {
- if (W_ERROR_V(dos_errs[idx].werror) ==
+ if (W_ERROR_V(dos_errs[idx].werror) ==
W_ERROR_V(werror))
return dos_errs[idx].dos_errstr;
idx++;
@@ -114,6 +134,24 @@ const char *dos_errstr(WERROR werror)
return result;
}
+/*****************************************************************************
+ Get friendly error string for WERRORs
+ *****************************************************************************/
+
+const char *get_friendly_werror_msg(WERROR werror)
+{
+ int i = 0;
+
+ for (i = 0; i < ARRAY_SIZE(dos_err_strs); i++) {
+ if (W_ERROR_V(dos_err_strs[i].werror) ==
+ W_ERROR_V(werror)) {
+ return dos_err_strs[i].friendly_errstr;
+ }
+ }
+
+ return dos_errstr(werror);
+}
+
/* compat function for samba4 */
const char *win_errstr(WERROR werror)
{
diff --git a/source3/locking/posix.c b/source3/locking/posix.c
index aef5c1784f..207ee57ce1 100644
--- a/source3/locking/posix.c
+++ b/source3/locking/posix.c
@@ -607,14 +607,14 @@ static size_t get_posix_pending_close_entries(TALLOC_CTX *mem_ctx,
to delete all locks on this fsp before this function is called.
****************************************************************************/
-NTSTATUS fd_close_posix(struct connection_struct *conn, files_struct *fsp)
+NTSTATUS fd_close_posix(struct files_struct *fsp)
{
int saved_errno = 0;
int ret;
int *fd_array = NULL;
size_t count, i;
- if (!lp_locking(fsp->conn->params) || !lp_posix_locking(conn->params)) {
+ if (!lp_locking(fsp->conn->params) || !lp_posix_locking(fsp->conn->params)) {
/*
* No locking or POSIX to worry about or we want POSIX semantics
* which will lose all locks on all fd's open on this dev/inode,
diff --git a/source3/nsswitch/libwbclient/Doxyfile b/source3/nsswitch/libwbclient/Doxyfile
new file mode 100644
index 0000000000..e12c2b06f0
--- /dev/null
+++ b/source3/nsswitch/libwbclient/Doxyfile
@@ -0,0 +1,1297 @@
+# Doxyfile 1.5.3
+
+# This file describes the settings to be used by the documentation system
+# doxygen (www.doxygen.org) for a project
+#
+# All text after a hash (#) is considered a comment and will be ignored
+# The format is:
+# TAG = value [value, ...]
+# For lists items can also be appended using:
+# TAG += value [value, ...]
+# Values that contain spaces should be placed between quotes (" ")
+
+#---------------------------------------------------------------------------
+# Project related configuration options
+#---------------------------------------------------------------------------
+
+# This tag specifies the encoding used for all characters in the config file that
+# follow. The default is UTF-8 which is also the encoding used for all text before
+# the first occurrence of this tag. Doxygen uses libiconv (or the iconv built into
+# libc) for the transcoding. See http://www.gnu.org/software/libiconv for the list of
+# possible encodings.
+
+DOXYFILE_ENCODING = UTF-8
+
+# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
+# by quotes) that should identify the project.
+
+PROJECT_NAME = Samba
+
+# The PROJECT_NUMBER tag can be used to enter a project or revision number.
+# This could be handy for archiving the generated documentation or
+# if some version control system is used.
+
+PROJECT_NUMBER = HEAD
+
+# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
+# base path where the generated documentation will be put.
+# If a relative path is entered, it will be relative to the location
+# where doxygen was started. If left blank the current directory will be used.
+
+OUTPUT_DIRECTORY = dox
+
+# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create
+# 4096 sub-directories (in 2 levels) under the output directory of each output
+# format and will distribute the generated files over these directories.
+# Enabling this option can be useful when feeding doxygen a huge amount of
+# source files, where putting all generated files in the same directory would
+# otherwise cause performance problems for the file system.
+
+CREATE_SUBDIRS = NO
+
+# The OUTPUT_LANGUAGE tag is used to specify the language in which all
+# documentation generated by doxygen is written. Doxygen will use this
+# information to generate all constant output in the proper language.
+# The default language is English, other supported languages are:
+# Afrikaans, Arabic, Brazilian, Catalan, Chinese, Chinese-Traditional,
+# Croatian, Czech, Danish, Dutch, Finnish, French, German, Greek, Hungarian,
+# Italian, Japanese, Japanese-en (Japanese with English messages), Korean,
+# Korean-en, Lithuanian, Norwegian, Polish, Portuguese, Romanian, Russian,
+# Serbian, Slovak, Slovene, Spanish, Swedish, and Ukrainian.
+
+OUTPUT_LANGUAGE = English
+
+# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will
+# include brief member descriptions after the members that are listed in
+# the file and class documentation (similar to JavaDoc).
+# Set to NO to disable this.
+
+BRIEF_MEMBER_DESC = YES
+
+# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend
+# the brief description of a member or function before the detailed description.
+# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the
+# brief descriptions will be completely suppressed.
+
+REPEAT_BRIEF = YES
+
+# This tag implements a quasi-intelligent brief description abbreviator
+# that is used to form the text in various listings. Each string
+# in this list, if found as the leading text of the brief description, will be
+# stripped from the text and the result after processing the whole list, is
+# used as the annotated text. Otherwise, the brief description is used as-is.
+# If left blank, the following values are used ("$name" is automatically
+# replaced with the name of the entity): "The $name class" "The $name widget"
+# "The $name file" "is" "provides" "specifies" "contains"
+# "represents" "a" "an" "the"
+
+ABBREVIATE_BRIEF =
+
+# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then
+# Doxygen will generate a detailed section even if there is only a brief
+# description.
+
+ALWAYS_DETAILED_SEC = NO
+
+# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all
+# inherited members of a class in the documentation of that class as if those
+# members were ordinary class members. Constructors, destructors and assignment
+# operators of the base classes will not be shown.
+
+INLINE_INHERITED_MEMB = NO
+
+# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full
+# path before files name in the file list and in the header files. If set
+# to NO the shortest path that makes the file name unique will be used.
+
+FULL_PATH_NAMES = YES
+
+# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag
+# can be used to strip a user-defined part of the path. Stripping is
+# only done if one of the specified strings matches the left-hand part of
+# the path. The tag can be used to show relative paths in the file list.
+# If left blank the directory from which doxygen is run is used as the
+# path to strip.
+
+STRIP_FROM_PATH = $(PWD)/
+
+# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of
+# the path mentioned in the documentation of a class, which tells
+# the reader which header file to include in order to use a class.
+# If left blank only the name of the header file containing the class
+# definition is used. Otherwise one should specify the include paths that
+# are normally passed to the compiler using the -I flag.
+
+STRIP_FROM_INC_PATH =
+
+# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter
+# (but less readable) file names. This can be useful is your file systems
+# doesn't support long names like on DOS, Mac, or CD-ROM.
+
+SHORT_NAMES = NO
+
+# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen
+# will interpret the first line (until the first dot) of a JavaDoc-style
+# comment as the brief description. If set to NO, the JavaDoc
+# comments will behave just like regular Qt-style comments
+# (thus requiring an explicit @brief command for a brief description.)
+
+JAVADOC_AUTOBRIEF = YES
+
+# If the QT_AUTOBRIEF tag is set to YES then Doxygen will
+# interpret the first line (until the first dot) of a Qt-style
+# comment as the brief description. If set to NO, the comments
+# will behave just like regular Qt-style comments (thus requiring
+# an explicit \brief command for a brief description.)
+
+QT_AUTOBRIEF = NO
+
+# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen
+# treat a multi-line C++ special comment block (i.e. a block of //! or ///
+# comments) as a brief description. This used to be the default behaviour.
+# The new default is to treat a multi-line C++ comment block as a detailed
+# description. Set this tag to YES if you prefer the old behaviour instead.
+
+MULTILINE_CPP_IS_BRIEF = NO
+
+# If the DETAILS_AT_TOP tag is set to YES then Doxygen
+# will output the detailed description near the top, like JavaDoc.
+# If set to NO, the detailed description appears after the member
+# documentation.
+
+DETAILS_AT_TOP = NO
+
+# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented
+# member inherits the documentation from any documented member that it
+# re-implements.
+
+INHERIT_DOCS = YES
+
+# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce
+# a new page for each member. If set to NO, the documentation of a member will
+# be part of the file/class/namespace that contains it.
+
+SEPARATE_MEMBER_PAGES = NO
+
+# The TAB_SIZE tag can be used to set the number of spaces in a tab.
+# Doxygen uses this value to replace tabs by spaces in code fragments.
+
+TAB_SIZE = 8
+
+# This tag can be used to specify a number of aliases that acts
+# as commands in the documentation. An alias has the form "name=value".
+# For example adding "sideeffect=\par Side Effects:\n" will allow you to
+# put the command \sideeffect (or @sideeffect) in the documentation, which
+# will result in a user-defined paragraph with heading "Side Effects:".
+# You can put \n's in the value part of an alias to insert newlines.
+
+ALIASES =
+
+# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C
+# sources only. Doxygen will then generate output that is more tailored for C.
+# For instance, some of the names that are used will be different. The list
+# of all members will be omitted, etc.
+
+OPTIMIZE_OUTPUT_FOR_C = YES
+
+# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java
+# sources only. Doxygen will then generate output that is more tailored for Java.
+# For instance, namespaces will be presented as packages, qualified scopes
+# will look different, etc.
+
+OPTIMIZE_OUTPUT_JAVA = NO
+
+# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want to
+# include (a tag file for) the STL sources as input, then you should
+# set this tag to YES in order to let doxygen match functions declarations and
+# definitions whose arguments contain STL classes (e.g. func(std::string); v.s.
+# func(std::string) {}). This also make the inheritance and collaboration
+# diagrams that involve STL classes more complete and accurate.
+
+BUILTIN_STL_SUPPORT = NO
+
+# If you use Microsoft's C++/CLI language, you should set this option to YES to
+# enable parsing support.
+
+CPP_CLI_SUPPORT = NO
+
+# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC
+# tag is set to YES, then doxygen will reuse the documentation of the first
+# member in the group (if any) for the other members of the group. By default
+# all members of a group must be documented explicitly.
+
+DISTRIBUTE_GROUP_DOC = NO
+
+# Set the SUBGROUPING tag to YES (the default) to allow class member groups of
+# the same type (for instance a group of public functions) to be put as a
+# subgroup of that type (e.g. under the Public Functions section). Set it to
+# NO to prevent subgrouping. Alternatively, this can be done per class using
+# the \nosubgrouping command.
+
+SUBGROUPING = YES
+
+#---------------------------------------------------------------------------
+# Build related configuration options
+#---------------------------------------------------------------------------
+
+# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in
+# documentation are documented, even if no documentation was available.
+# Private class members and static file members will be hidden unless
+# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES
+
+EXTRACT_ALL = YES
+
+# If the EXTRACT_PRIVATE tag is set to YES all private members of a class
+# will be included in the documentation.
+
+EXTRACT_PRIVATE = YES
+
+# If the EXTRACT_STATIC tag is set to YES all static members of a file
+# will be included in the documentation.
+
+EXTRACT_STATIC = YES
+
+# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs)
+# defined locally in source files will be included in the documentation.
+# If set to NO only classes defined in header files are included.
+
+EXTRACT_LOCAL_CLASSES = YES
+
+# This flag is only useful for Objective-C code. When set to YES local
+# methods, which are defined in the implementation section but not in
+# the interface are included in the documentation.
+# If set to NO (the default) only methods in the interface are included.
+
+EXTRACT_LOCAL_METHODS = NO
+
+# If this flag is set to YES, the members of anonymous namespaces will be extracted
+# and appear in the documentation as a namespace called 'anonymous_namespace{file}',
+# where file will be replaced with the base name of the file that contains the anonymous
+# namespace. By default anonymous namespace are hidden.
+
+EXTRACT_ANON_NSPACES = NO
+
+# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all
+# undocumented members of documented classes, files or namespaces.
+# If set to NO (the default) these members will be included in the
+# various overviews, but no documentation section is generated.
+# This option has no effect if EXTRACT_ALL is enabled.
+
+HIDE_UNDOC_MEMBERS = NO
+
+# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all
+# undocumented classes that are normally visible in the class hierarchy.
+# If set to NO (the default) these classes will be included in the various
+# overviews. This option has no effect if EXTRACT_ALL is enabled.
+
+HIDE_UNDOC_CLASSES = NO
+
+# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all
+# friend (class|struct|union) declarations.
+# If set to NO (the default) these declarations will be included in the
+# documentation.
+
+HIDE_FRIEND_COMPOUNDS = NO
+
+# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any
+# documentation blocks found inside the body of a function.
+# If set to NO (the default) these blocks will be appended to the
+# function's detailed documentation block.
+
+HIDE_IN_BODY_DOCS = NO
+
+# The INTERNAL_DOCS tag determines if documentation
+# that is typed after a \internal command is included. If the tag is set
+# to NO (the default) then the documentation will be excluded.
+# Set it to YES to include the internal documentation.
+
+INTERNAL_DOCS = YES
+
+# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate
+# file names in lower-case letters. If set to YES upper-case letters are also
+# allowed. This is useful if you have classes or files whose names only differ
+# in case and if your file system supports case sensitive file names. Windows
+# and Mac users are advised to set this option to NO.
+
+CASE_SENSE_NAMES = YES
+
+# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen
+# will show members with their full class and namespace scopes in the
+# documentation. If set to YES the scope will be hidden.
+
+HIDE_SCOPE_NAMES = YES
+
+# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen
+# will put a list of the files that are included by a file in the documentation
+# of that file.
+
+SHOW_INCLUDE_FILES = YES
+
+# If the INLINE_INFO tag is set to YES (the default) then a tag [inline]
+# is inserted in the documentation for inline members.
+
+INLINE_INFO = YES
+
+# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen
+# will sort the (detailed) documentation of file and class members
+# alphabetically by member name. If set to NO the members will appear in
+# declaration order.
+
+SORT_MEMBER_DOCS = NO
+
+# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the
+# brief documentation of file, namespace and class members alphabetically
+# by member name. If set to NO (the default) the members will appear in
+# declaration order.
+
+SORT_BRIEF_DOCS = NO
+
+# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be
+# sorted by fully-qualified names, including namespaces. If set to
+# NO (the default), the class list will be sorted only by class name,
+# not including the namespace part.
+# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.
+# Note: This option applies only to the class list, not to the
+# alphabetical list.
+
+SORT_BY_SCOPE_NAME = NO
+
+# The GENERATE_TODOLIST tag can be used to enable (YES) or
+# disable (NO) the todo list. This list is created by putting \todo
+# commands in the documentation.
+
+GENERATE_TODOLIST = YES
+
+# The GENERATE_TESTLIST tag can be used to enable (YES) or
+# disable (NO) the test list. This list is created by putting \test
+# commands in the documentation.
+
+GENERATE_TESTLIST = YES
+
+# The GENERATE_BUGLIST tag can be used to enable (YES) or
+# disable (NO) the bug list. This list is created by putting \bug
+# commands in the documentation.
+
+GENERATE_BUGLIST = YES
+
+# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or
+# disable (NO) the deprecated list. This list is created by putting
+# \deprecated commands in the documentation.
+
+GENERATE_DEPRECATEDLIST= YES
+
+# The ENABLED_SECTIONS tag can be used to enable conditional
+# documentation sections, marked by \if sectionname ... \endif.
+
+ENABLED_SECTIONS =
+
+# The MAX_INITIALIZER_LINES tag determines the maximum number of lines
+# the initial value of a variable or define consists of for it to appear in
+# the documentation. If the initializer consists of more lines than specified
+# here it will be hidden. Use a value of 0 to hide initializers completely.
+# The appearance of the initializer of individual variables and defines in the
+# documentation can be controlled using \showinitializer or \hideinitializer
+# command in the documentation regardless of this setting.
+
+MAX_INITIALIZER_LINES = 30
+
+# Set the SHOW_USED_FILES tag to NO to disable the list of files generated
+# at the bottom of the documentation of classes and structs. If set to YES the
+# list will mention the files that were used to generate the documentation.
+
+SHOW_USED_FILES = YES
+
+# If the sources in your project are distributed over multiple directories
+# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy
+# in the documentation. The default is NO.
+
+SHOW_DIRECTORIES = NO
+
+# The FILE_VERSION_FILTER tag can be used to specify a program or script that
+# doxygen should invoke to get the current version for each file (typically from the
+# version control system). Doxygen will invoke the program by executing (via
+# popen()) the command <command> <input-file>, where <command> is the value of
+# the FILE_VERSION_FILTER tag, and <input-file> is the name of an input file
+# provided by doxygen. Whatever the program writes to standard output
+# is used as the file version. See the manual for examples.
+
+FILE_VERSION_FILTER =
+
+#---------------------------------------------------------------------------
+# configuration options related to warning and progress messages
+#---------------------------------------------------------------------------
+
+# The QUIET tag can be used to turn on/off the messages that are generated
+# by doxygen. Possible values are YES and NO. If left blank NO is used.
+
+QUIET = YES
+
+# The WARNINGS tag can be used to turn on/off the warning messages that are
+# generated by doxygen. Possible values are YES and NO. If left blank
+# NO is used.
+
+WARNINGS = NO
+
+# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings
+# for undocumented members. If EXTRACT_ALL is set to YES then this flag will
+# automatically be disabled.
+
+WARN_IF_UNDOCUMENTED = NO
+
+# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for
+# potential errors in the documentation, such as not documenting some
+# parameters in a documented function, or documenting parameters that
+# don't exist or using markup commands wrongly.
+
+WARN_IF_DOC_ERROR = YES
+
+# This WARN_NO_PARAMDOC option can be abled to get warnings for
+# functions that are documented, but have no documentation for their parameters
+# or return value. If set to NO (the default) doxygen will only warn about
+# wrong or incomplete parameter documentation, but not about the absence of
+# documentation.
+
+WARN_NO_PARAMDOC = NO
+
+# The WARN_FORMAT tag determines the format of the warning messages that
+# doxygen can produce. The string should contain the $file, $line, and $text
+# tags, which will be replaced by the file and line number from which the
+# warning originated and the warning text. Optionally the format may contain
+# $version, which will be replaced by the version of the file (if it could
+# be obtained via FILE_VERSION_FILTER)
+
+WARN_FORMAT = "$file:$line: $text "
+
+# The WARN_LOGFILE tag can be used to specify a file to which warning
+# and error messages should be written. If left blank the output is written
+# to stderr.
+
+WARN_LOGFILE =
+
+#---------------------------------------------------------------------------
+# configuration options related to the input files
+#---------------------------------------------------------------------------
+
+# The INPUT tag can be used to specify the files and/or directories that contain
+# documented source files. You may enter file names like "myfile.cpp" or
+# directories like "/usr/src/myproject". Separate the files or directories
+# with spaces.
+
+INPUT = .
+
+# This tag can be used to specify the character encoding of the source files that
+# doxygen parses. Internally doxygen uses the UTF-8 encoding, which is also the default
+# input encoding. Doxygen uses libiconv (or the iconv built into libc) for the transcoding.
+# See http://www.gnu.org/software/libiconv for the list of possible encodings.
+
+INPUT_ENCODING = UTF-8
+
+# If the value of the INPUT tag contains directories, you can use the
+# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
+# and *.h) to filter out the source-files in the directories. If left
+# blank the following patterns are tested:
+# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx
+# *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.py
+
+FILE_PATTERNS = *.c \
+ *.h \
+ *.idl
+
+# The RECURSIVE tag can be used to turn specify whether or not subdirectories
+# should be searched for input files as well. Possible values are YES and NO.
+# If left blank NO is used.
+
+RECURSIVE = YES
+
+# The EXCLUDE tag can be used to specify files and/or directories that should
+# excluded from the INPUT source files. This way you can easily exclude a
+# subdirectory from a directory tree whose root is specified with the INPUT tag.
+
+EXCLUDE = include/includes.h \
+ include/proto.h
+
+# The EXCLUDE_SYMLINKS tag can be used select whether or not files or
+# directories that are symbolic links (a Unix filesystem feature) are excluded
+# from the input.
+
+EXCLUDE_SYMLINKS = NO
+
+# If the value of the INPUT tag contains directories, you can use the
+# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
+# certain files from those directories. Note that the wildcards are matched
+# against the file with absolute path, so to exclude all test directories
+# for example use the pattern */test/*
+
+EXCLUDE_PATTERNS =
+
+# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names
+# (namespaces, classes, functions, etc.) that should be excluded from the output.
+# The symbol name can be a fully qualified name, a word, or if the wildcard * is used,
+# a substring. Examples: ANamespace, AClass, AClass::ANamespace, ANamespace::*Test
+
+EXCLUDE_SYMBOLS =
+
+# The EXAMPLE_PATH tag can be used to specify one or more files or
+# directories that contain example code fragments that are included (see
+# the \include command).
+
+EXAMPLE_PATH =
+
+# If the value of the EXAMPLE_PATH tag contains directories, you can use the
+# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
+# and *.h) to filter out the source-files in the directories. If left
+# blank all files are included.
+
+EXAMPLE_PATTERNS =
+
+# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
+# searched for input files to be used with the \include or \dontinclude
+# commands irrespective of the value of the RECURSIVE tag.
+# Possible values are YES and NO. If left blank NO is used.
+
+EXAMPLE_RECURSIVE = NO
+
+# The IMAGE_PATH tag can be used to specify one or more files or
+# directories that contain image that are included in the documentation (see
+# the \image command).
+
+IMAGE_PATH =
+
+# The INPUT_FILTER tag can be used to specify a program that doxygen should
+# invoke to filter for each input file. Doxygen will invoke the filter program
+# by executing (via popen()) the command <filter> <input-file>, where <filter>
+# is the value of the INPUT_FILTER tag, and <input-file> is the name of an
+# input file. Doxygen will then use the output that the filter program writes
+# to standard output. If FILTER_PATTERNS is specified, this tag will be
+# ignored.
+
+INPUT_FILTER =
+
+# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern
+# basis. Doxygen will compare the file name with each pattern and apply the
+# filter if there is a match. The filters are a list of the form:
+# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further
+# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER
+# is applied to all files.
+
+FILTER_PATTERNS =
+
+# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
+# INPUT_FILTER) will be used to filter the input files when producing source
+# files to browse (i.e. when SOURCE_BROWSER is set to YES).
+
+FILTER_SOURCE_FILES = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to source browsing
+#---------------------------------------------------------------------------
+
+# If the SOURCE_BROWSER tag is set to YES then a list of source files will
+# be generated. Documented entities will be cross-referenced with these sources.
+# Note: To get rid of all source code in the generated output, make sure also
+# VERBATIM_HEADERS is set to NO. If you have enabled CALL_GRAPH or CALLER_GRAPH
+# then you must also enable this option. If you don't then doxygen will produce
+# a warning and turn it on anyway
+
+SOURCE_BROWSER = YES
+
+# Setting the INLINE_SOURCES tag to YES will include the body
+# of functions and classes directly in the documentation.
+
+INLINE_SOURCES = YES
+
+# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct
+# doxygen to hide any special comment blocks from generated source code
+# fragments. Normal C and C++ comments will always remain visible.
+
+STRIP_CODE_COMMENTS = NO
+
+# If the REFERENCED_BY_RELATION tag is set to YES (the default)
+# then for each documented function all documented
+# functions referencing it will be listed.
+
+REFERENCED_BY_RELATION = YES
+
+# If the REFERENCES_RELATION tag is set to YES (the default)
+# then for each documented function all documented entities
+# called/used by that function will be listed.
+
+REFERENCES_RELATION = YES
+
+# If the REFERENCES_LINK_SOURCE tag is set to YES (the default)
+# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from
+# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will
+# link to the source code. Otherwise they will link to the documentstion.
+
+REFERENCES_LINK_SOURCE = YES
+
+# If the USE_HTAGS tag is set to YES then the references to source code
+# will point to the HTML generated by the htags(1) tool instead of doxygen
+# built-in source browser. The htags tool is part of GNU's global source
+# tagging system (see http://www.gnu.org/software/global/global.html). You
+# will need version 4.8.6 or higher.
+
+USE_HTAGS = NO
+
+# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen
+# will generate a verbatim copy of the header file for each class for
+# which an include is specified. Set to NO to disable this.
+
+VERBATIM_HEADERS = YES
+
+#---------------------------------------------------------------------------
+# configuration options related to the alphabetical class index
+#---------------------------------------------------------------------------
+
+# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index
+# of all compounds will be generated. Enable this if the project
+# contains a lot of classes, structs, unions or interfaces.
+
+ALPHABETICAL_INDEX = YES
+
+# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then
+# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns
+# in which this list will be split (can be a number in the range [1..20])
+
+COLS_IN_ALPHA_INDEX = 1
+
+# In case all classes in a project start with a common prefix, all
+# classes will be put under the same header in the alphabetical index.
+# The IGNORE_PREFIX tag can be used to specify one or more prefixes that
+# should be ignored while generating the index headers.
+
+IGNORE_PREFIX =
+
+#---------------------------------------------------------------------------
+# configuration options related to the HTML output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_HTML tag is set to YES (the default) Doxygen will
+# generate HTML output.
+
+GENERATE_HTML = YES
+
+# The HTML_OUTPUT tag is used to specify where the HTML docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `html' will be used as the default path.
+
+HTML_OUTPUT = .
+
+# The HTML_FILE_EXTENSION tag can be used to specify the file extension for
+# each generated HTML page (for example: .htm,.php,.asp). If it is left blank
+# doxygen will generate files with .html extension.
+
+HTML_FILE_EXTENSION = .html
+
+# The HTML_HEADER tag can be used to specify a personal HTML header for
+# each generated HTML page. If it is left blank doxygen will generate a
+# standard header.
+
+HTML_HEADER =
+
+# The HTML_FOOTER tag can be used to specify a personal HTML footer for
+# each generated HTML page. If it is left blank doxygen will generate a
+# standard footer.
+
+HTML_FOOTER =
+
+# The HTML_STYLESHEET tag can be used to specify a user-defined cascading
+# style sheet that is used by each HTML page. It can be used to
+# fine-tune the look of the HTML output. If the tag is left blank doxygen
+# will generate a default style sheet. Note that doxygen will try to copy
+# the style sheet file to the HTML output directory, so don't put your own
+# stylesheet in the HTML output directory as well, or it will be erased!
+
+HTML_STYLESHEET =
+
+# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
+# files or namespaces will be aligned in HTML using tables. If set to
+# NO a bullet list will be used.
+
+HTML_ALIGN_MEMBERS = YES
+
+# If the GENERATE_HTMLHELP tag is set to YES, additional index files
+# will be generated that can be used as input for tools like the
+# Microsoft HTML help workshop to generate a compressed HTML help file (.chm)
+# of the generated HTML documentation.
+
+GENERATE_HTMLHELP = NO
+
+# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML
+# documentation will contain sections that can be hidden and shown after the
+# page has loaded. For this to work a browser that supports
+# JavaScript and DHTML is required (for instance Mozilla 1.0+, Firefox
+# Netscape 6.0+, Internet explorer 5.0+, Konqueror, or Safari).
+
+HTML_DYNAMIC_SECTIONS = NO
+
+# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can
+# be used to specify the file name of the resulting .chm file. You
+# can add a path in front of the file if the result should not be
+# written to the html output directory.
+
+CHM_FILE =
+
+# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can
+# be used to specify the location (absolute path including file name) of
+# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run
+# the HTML help compiler on the generated index.hhp.
+
+HHC_LOCATION =
+
+# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag
+# controls if a separate .chi index file is generated (YES) or that
+# it should be included in the master .chm file (NO).
+
+GENERATE_CHI = NO
+
+# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag
+# controls whether a binary table of contents is generated (YES) or a
+# normal table of contents (NO) in the .chm file.
+
+BINARY_TOC = NO
+
+# The TOC_EXPAND flag can be set to YES to add extra items for group members
+# to the contents of the HTML help documentation and to the tree view.
+
+TOC_EXPAND = NO
+
+# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
+# top of each HTML page. The value NO (the default) enables the index and
+# the value YES disables it.
+
+DISABLE_INDEX = NO
+
+# This tag can be used to set the number of enum values (range [1..20])
+# that doxygen will group on one line in the generated HTML documentation.
+
+ENUM_VALUES_PER_LINE = 3
+
+# If the GENERATE_TREEVIEW tag is set to YES, a side panel will be
+# generated containing a tree-like index structure (just like the one that
+# is generated for HTML Help). For this to work a browser that supports
+# JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+,
+# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are
+# probably better off using the HTML help feature.
+
+GENERATE_TREEVIEW = NO
+
+# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
+# used to set the initial width (in pixels) of the frame in which the tree
+# is shown.
+
+TREEVIEW_WIDTH = 250
+
+#---------------------------------------------------------------------------
+# configuration options related to the LaTeX output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
+# generate Latex output.
+
+GENERATE_LATEX = NO
+
+# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `latex' will be used as the default path.
+
+LATEX_OUTPUT = latex
+
+# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
+# invoked. If left blank `latex' will be used as the default command name.
+
+LATEX_CMD_NAME = latex
+
+# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to
+# generate index for LaTeX. If left blank `makeindex' will be used as the
+# default command name.
+
+MAKEINDEX_CMD_NAME = makeindex
+
+# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact
+# LaTeX documents. This may be useful for small projects and may help to
+# save some trees in general.
+
+COMPACT_LATEX = NO
+
+# The PAPER_TYPE tag can be used to set the paper type that is used
+# by the printer. Possible values are: a4, a4wide, letter, legal and
+# executive. If left blank a4wide will be used.
+
+PAPER_TYPE = a4wide
+
+# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX
+# packages that should be included in the LaTeX output.
+
+EXTRA_PACKAGES =
+
+# The LATEX_HEADER tag can be used to specify a personal LaTeX header for
+# the generated latex document. The header should contain everything until
+# the first chapter. If it is left blank doxygen will generate a
+# standard header. Notice: only use this tag if you know what you are doing!
+
+LATEX_HEADER =
+
+# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
+# is prepared for conversion to pdf (using ps2pdf). The pdf file will
+# contain links (just like the HTML output) instead of page references
+# This makes the output suitable for online browsing using a pdf viewer.
+
+PDF_HYPERLINKS = YES
+
+# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of
+# plain latex in the generated Makefile. Set this option to YES to get a
+# higher quality PDF documentation.
+
+USE_PDFLATEX = YES
+
+# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode.
+# command to the generated LaTeX files. This will instruct LaTeX to keep
+# running if errors occur, instead of asking the user for help.
+# This option is also used when generating formulas in HTML.
+
+LATEX_BATCHMODE = YES
+
+# If LATEX_HIDE_INDICES is set to YES then doxygen will not
+# include the index chapters (such as File Index, Compound Index, etc.)
+# in the output.
+
+LATEX_HIDE_INDICES = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the RTF output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output
+# The RTF output is optimized for Word 97 and may not look very pretty with
+# other RTF readers or editors.
+
+GENERATE_RTF = NO
+
+# The RTF_OUTPUT tag is used to specify where the RTF docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `rtf' will be used as the default path.
+
+RTF_OUTPUT = rtf
+
+# If the COMPACT_RTF tag is set to YES Doxygen generates more compact
+# RTF documents. This may be useful for small projects and may help to
+# save some trees in general.
+
+COMPACT_RTF = NO
+
+# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated
+# will contain hyperlink fields. The RTF file will
+# contain links (just like the HTML output) instead of page references.
+# This makes the output suitable for online browsing using WORD or other
+# programs which support those fields.
+# Note: wordpad (write) and others do not support links.
+
+RTF_HYPERLINKS = NO
+
+# Load stylesheet definitions from file. Syntax is similar to doxygen's
+# config file, i.e. a series of assignments. You only have to provide
+# replacements, missing definitions are set to their default value.
+
+RTF_STYLESHEET_FILE =
+
+# Set optional variables used in the generation of an rtf document.
+# Syntax is similar to doxygen's config file.
+
+RTF_EXTENSIONS_FILE =
+
+#---------------------------------------------------------------------------
+# configuration options related to the man page output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_MAN tag is set to YES (the default) Doxygen will
+# generate man pages
+
+GENERATE_MAN = NO
+
+# The MAN_OUTPUT tag is used to specify where the man pages will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `man' will be used as the default path.
+
+MAN_OUTPUT = man
+
+# The MAN_EXTENSION tag determines the extension that is added to
+# the generated man pages (default is the subroutine's section .3)
+
+MAN_EXTENSION = .3
+
+# If the MAN_LINKS tag is set to YES and Doxygen generates man output,
+# then it will generate one additional man file for each entity
+# documented in the real man page(s). These additional files
+# only source the real man page, but without them the man command
+# would be unable to find the correct page. The default is NO.
+
+MAN_LINKS = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the XML output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_XML tag is set to YES Doxygen will
+# generate an XML file that captures the structure of
+# the code including all documentation.
+
+GENERATE_XML = NO
+
+# The XML_OUTPUT tag is used to specify where the XML pages will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `xml' will be used as the default path.
+
+XML_OUTPUT = xml
+
+# The XML_SCHEMA tag can be used to specify an XML schema,
+# which can be used by a validating XML parser to check the
+# syntax of the XML files.
+
+XML_SCHEMA =
+
+# The XML_DTD tag can be used to specify an XML DTD,
+# which can be used by a validating XML parser to check the
+# syntax of the XML files.
+
+XML_DTD =
+
+# If the XML_PROGRAMLISTING tag is set to YES Doxygen will
+# dump the program listings (including syntax highlighting
+# and cross-referencing information) to the XML output. Note that
+# enabling this will significantly increase the size of the XML output.
+
+XML_PROGRAMLISTING = YES
+
+#---------------------------------------------------------------------------
+# configuration options for the AutoGen Definitions output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will
+# generate an AutoGen Definitions (see autogen.sf.net) file
+# that captures the structure of the code including all
+# documentation. Note that this feature is still experimental
+# and incomplete at the moment.
+
+GENERATE_AUTOGEN_DEF = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the Perl module output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_PERLMOD tag is set to YES Doxygen will
+# generate a Perl module file that captures the structure of
+# the code including all documentation. Note that this
+# feature is still experimental and incomplete at the
+# moment.
+
+GENERATE_PERLMOD = NO
+
+# If the PERLMOD_LATEX tag is set to YES Doxygen will generate
+# the necessary Makefile rules, Perl scripts and LaTeX code to be able
+# to generate PDF and DVI output from the Perl module output.
+
+PERLMOD_LATEX = NO
+
+# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be
+# nicely formatted so it can be parsed by a human reader. This is useful
+# if you want to understand what is going on. On the other hand, if this
+# tag is set to NO the size of the Perl module output will be much smaller
+# and Perl will parse it just the same.
+
+PERLMOD_PRETTY = YES
+
+# The names of the make variables in the generated doxyrules.make file
+# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX.
+# This is useful so different doxyrules.make files included by the same
+# Makefile don't overwrite each other's variables.
+
+PERLMOD_MAKEVAR_PREFIX =
+
+#---------------------------------------------------------------------------
+# Configuration options related to the preprocessor
+#---------------------------------------------------------------------------
+
+# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will
+# evaluate all C-preprocessor directives found in the sources and include
+# files.
+
+ENABLE_PREPROCESSING = NO
+
+# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro
+# names in the source code. If set to NO (the default) only conditional
+# compilation will be performed. Macro expansion can be done in a controlled
+# way by setting EXPAND_ONLY_PREDEF to YES.
+
+MACRO_EXPANSION = NO
+
+# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
+# then the macro expansion is limited to the macros specified with the
+# PREDEFINED and EXPAND_AS_DEFINED tags.
+
+EXPAND_ONLY_PREDEF = NO
+
+# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
+# in the INCLUDE_PATH (see below) will be search if a #include is found.
+
+SEARCH_INCLUDES = YES
+
+# The INCLUDE_PATH tag can be used to specify one or more directories that
+# contain include files that are not input files but should be processed by
+# the preprocessor.
+
+INCLUDE_PATH =
+
+# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
+# patterns (like *.h and *.hpp) to filter out the header-files in the
+# directories. If left blank, the patterns specified with FILE_PATTERNS will
+# be used.
+
+INCLUDE_FILE_PATTERNS =
+
+# The PREDEFINED tag can be used to specify one or more macro names that
+# are defined before the preprocessor is started (similar to the -D option of
+# gcc). The argument of the tag is a list of macros of the form: name
+# or name=definition (no spaces). If the definition and the = are
+# omitted =1 is assumed. To prevent a macro definition from being
+# undefined via #undef or recursively expanded use the := operator
+# instead of the = operator.
+
+PREDEFINED =
+
+# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
+# this tag can be used to specify a list of macro names that should be expanded.
+# The macro definition that is found in the sources will be used.
+# Use the PREDEFINED tag if you want to use a different macro definition.
+
+EXPAND_AS_DEFINED =
+
+# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then
+# doxygen's preprocessor will remove all function-like macros that are alone
+# on a line, have an all uppercase name, and do not end with a semicolon. Such
+# function macros are typically used for boiler-plate code, and will confuse
+# the parser if not removed.
+
+SKIP_FUNCTION_MACROS = YES
+
+#---------------------------------------------------------------------------
+# Configuration::additions related to external references
+#---------------------------------------------------------------------------
+
+# The TAGFILES option can be used to specify one or more tagfiles.
+# Optionally an initial location of the external documentation
+# can be added for each tagfile. The format of a tag file without
+# this location is as follows:
+# TAGFILES = file1 file2 ...
+# Adding location for the tag files is done as follows:
+# TAGFILES = file1=loc1 "file2 = loc2" ...
+# where "loc1" and "loc2" can be relative or absolute paths or
+# URLs. If a location is present for each tag, the installdox tool
+# does not have to be run to correct the links.
+# Note that each tag file must have a unique name
+# (where the name does NOT include the path)
+# If a tag file is not located in the directory in which doxygen
+# is run, you must also specify the path to the tagfile here.
+
+TAGFILES =
+
+# When a file name is specified after GENERATE_TAGFILE, doxygen will create
+# a tag file that is based on the input files it reads.
+
+GENERATE_TAGFILE =
+
+# If the ALLEXTERNALS tag is set to YES all external classes will be listed
+# in the class index. If set to NO only the inherited external classes
+# will be listed.
+
+ALLEXTERNALS = NO
+
+# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed
+# in the modules index. If set to NO, only the current project's groups will
+# be listed.
+
+EXTERNAL_GROUPS = YES
+
+# The PERL_PATH should be the absolute path and name of the perl script
+# interpreter (i.e. the result of `which perl').
+
+PERL_PATH = /usr/bin/perl
+
+#---------------------------------------------------------------------------
+# Configuration options related to the dot tool
+#---------------------------------------------------------------------------
+
+# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
+# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base
+# or super classes. Setting the tag to NO turns the diagrams off. Note that
+# this option is superseded by the HAVE_DOT option below. This is only a
+# fallback. It is recommended to install and use dot, since it yields more
+# powerful graphs.
+
+CLASS_DIAGRAMS = YES
+
+# You can define message sequence charts within doxygen comments using the \msc
+# command. Doxygen will then run the mscgen tool (see http://www.mcternan.me.uk/mscgen/) to
+# produce the chart and insert it in the documentation. The MSCGEN_PATH tag allows you to
+# specify the directory where the mscgen tool resides. If left empty the tool is assumed to
+# be found in the default search path.
+
+MSCGEN_PATH =
+
+# If set to YES, the inheritance and collaboration graphs will hide
+# inheritance and usage relations if the target is undocumented
+# or is not a class.
+
+HIDE_UNDOC_RELATIONS = YES
+
+# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
+# available from the path. This tool is part of Graphviz, a graph visualization
+# toolkit from AT&T and Lucent Bell Labs. The other options in this section
+# have no effect if this option is set to NO (the default)
+
+HAVE_DOT = NO
+
+# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
+# will generate a graph for each documented class showing the direct and
+# indirect inheritance relations. Setting this tag to YES will force the
+# the CLASS_DIAGRAMS tag to NO.
+
+CLASS_GRAPH = YES
+
+# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen
+# will generate a graph for each documented class showing the direct and
+# indirect implementation dependencies (inheritance, containment, and
+# class references variables) of the class with other documented classes.
+
+COLLABORATION_GRAPH = YES
+
+# If the GROUP_GRAPHS and HAVE_DOT tags are set to YES then doxygen
+# will generate a graph for groups, showing the direct groups dependencies
+
+GROUP_GRAPHS = YES
+
+# If the UML_LOOK tag is set to YES doxygen will generate inheritance and
+# collaboration diagrams in a style similar to the OMG's Unified Modeling
+# Language.
+
+UML_LOOK = NO
+
+# If set to YES, the inheritance and collaboration graphs will show the
+# relations between templates and their instances.
+
+TEMPLATE_RELATIONS = YES
+
+# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT
+# tags are set to YES then doxygen will generate a graph for each documented
+# file showing the direct and indirect include dependencies of the file with
+# other documented files.
+
+INCLUDE_GRAPH = YES
+
+# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and
+# HAVE_DOT tags are set to YES then doxygen will generate a graph for each
+# documented header file showing the documented files that directly or
+# indirectly include this file.
+
+INCLUDED_BY_GRAPH = YES
+
+# If the CALL_GRAPH, SOURCE_BROWSER and HAVE_DOT tags are set to YES then doxygen will
+# generate a call dependency graph for every global function or class method.
+# Note that enabling this option will significantly increase the time of a run.
+# So in most cases it will be better to enable call graphs for selected
+# functions only using the \callgraph command.
+
+CALL_GRAPH = NO
+
+# If the CALLER_GRAPH, SOURCE_BROWSER and HAVE_DOT tags are set to YES then doxygen will
+# generate a caller dependency graph for every global function or class method.
+# Note that enabling this option will significantly increase the time of a run.
+# So in most cases it will be better to enable caller graphs for selected
+# functions only using the \callergraph command.
+
+CALLER_GRAPH = NO
+
+# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen
+# will graphical hierarchy of all classes instead of a textual one.
+
+GRAPHICAL_HIERARCHY = YES
+
+# If the DIRECTORY_GRAPH, SHOW_DIRECTORIES and HAVE_DOT tags are set to YES
+# then doxygen will show the dependencies a directory has on other directories
+# in a graphical way. The dependency relations are determined by the #include
+# relations between the files in the directories.
+
+DIRECTORY_GRAPH = YES
+
+# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
+# generated by dot. Possible values are png, jpg, or gif
+# If left blank png will be used.
+
+DOT_IMAGE_FORMAT = png
+
+# The tag DOT_PATH can be used to specify the path where the dot tool can be
+# found. If left blank, it is assumed the dot tool can be found in the path.
+
+DOT_PATH =
+
+# The DOTFILE_DIRS tag can be used to specify one or more directories that
+# contain dot files that are included in the documentation (see the
+# \dotfile command).
+
+DOTFILE_DIRS =
+
+# The MAX_DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of
+# nodes that will be shown in the graph. If the number of nodes in a graph
+# becomes larger than this value, doxygen will truncate the graph, which is
+# visualized by representing a node as a red box. Note that doxygen if the number
+# of direct children of the root node in a graph is already larger than
+# MAX_DOT_GRAPH_NOTES then the graph will not be shown at all. Also note
+# that the size of a graph can be further restricted by MAX_DOT_GRAPH_DEPTH.
+
+DOT_GRAPH_MAX_NODES = 50
+
+# The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the
+# graphs generated by dot. A depth value of 3 means that only nodes reachable
+# from the root by following a path via at most 3 edges will be shown. Nodes
+# that lay further from the root node will be omitted. Note that setting this
+# option to 1 or 2 may greatly reduce the computation time needed for large
+# code bases. Also note that the size of a graph can be further restricted by
+# DOT_GRAPH_MAX_NODES. Using a depth of 0 means no depth restriction.
+
+MAX_DOT_GRAPH_DEPTH = 0
+
+# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent
+# background. This is disabled by default, which results in a white background.
+# Warning: Depending on the platform used, enabling this option may lead to
+# badly anti-aliased labels on the edges of a graph (i.e. they become hard to
+# read).
+
+DOT_TRANSPARENT = NO
+
+# Set the DOT_MULTI_TARGETS tag to YES allow dot to generate multiple output
+# files in one run (i.e. multiple -o and -T options on the command line). This
+# makes dot run faster, but since only newer versions of dot (>1.8.10)
+# support this, this feature is disabled by default.
+
+DOT_MULTI_TARGETS = NO
+
+# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will
+# generate a legend page explaining the meaning of the various boxes and
+# arrows in the dot generated graphs.
+
+GENERATE_LEGEND = YES
+
+# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will
+# remove the intermediate dot files that are used to generate
+# the various graphs.
+
+DOT_CLEANUP = YES
+
+#---------------------------------------------------------------------------
+# Configuration::additions related to the search engine
+#---------------------------------------------------------------------------
+
+# The SEARCHENGINE tag specifies whether or not a search engine should be
+# used. If set to NO the values of all tags below this one will be ignored.
+
+SEARCHENGINE = NO
diff --git a/source3/nsswitch/libwbclient/libwbclient.h b/source3/nsswitch/libwbclient/libwbclient.h
new file mode 100644
index 0000000000..74cba7e796
--- /dev/null
+++ b/source3/nsswitch/libwbclient/libwbclient.h
@@ -0,0 +1,46 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind client API
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _LIBWBCLIENT_H
+#define _LIBWBCLIENT_H
+
+/* Super header including necessary public and private header files
+ for building the wbclient library. __DO NOT__ define anything
+ in this file. Only include other headers. */
+
+/* Winbind headers */
+
+#include "nsswitch/winbind_nss_config.h"
+#include "nsswitch/winbind_struct_protocol.h"
+
+#include <talloc.h>
+
+/* Public headers */
+
+#include "wbclient.h"
+
+/* Private headers */
+
+#include "wbc_err_internal.h"
+#include "wbclient_internal.h"
+
+
+#endif /* _LIBWBCLIENT_H */
diff --git a/source3/nsswitch/libwbclient/wbc_err.h b/source3/nsswitch/libwbclient/wbc_err.h
new file mode 100644
index 0000000000..069f68f189
--- /dev/null
+++ b/source3/nsswitch/libwbclient/wbc_err.h
@@ -0,0 +1,51 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind client API
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _WBC_ERR_H
+#define _WBC_ERR_H
+
+
+/* Define error types */
+
+/**
+ * @brief Status codes returned from wbc functions
+ **/
+
+enum _wbcErrType {
+ WBC_ERR_SUCCESS = 0, /**< Successful completion **/
+ WBC_ERR_NOT_IMPLEMENTED,/**< Function not implemented **/
+ WBC_ERR_UNKNOWN_FAILURE,/**< General failure **/
+ WBC_ERR_NO_MEMORY, /**< Memory allocation error **/
+ WBC_ERR_INVALID_SID, /**< Invalid SID format **/
+ WBC_ERR_INVALID_PARAM, /**< An Invalid parameter was supplied **/
+ WBC_ERR_WINBIND_NOT_AVAILABLE, /**< Winbind daemon is not available **/
+ WBC_ERR_DOMAIN_NOT_FOUND, /**< Domain is not trusted or cannot be found **/
+ WBC_INVALID_RESPONSE, /**< Winbind returned an invalid response **/
+ WBC_ERR_NSS_ERROR /**< NSS_STATUS error **/
+};
+
+typedef enum _wbcErrType wbcErr;
+
+#define WBC_ERROR_IS_OK(x) ((x) == WBC_ERR_SUCCESS)
+
+char *wbcErrorString(wbcErr error);
+
+#endif /* _WBC_ERR_H */
diff --git a/source3/nsswitch/libwbclient/wbc_err_internal.h b/source3/nsswitch/libwbclient/wbc_err_internal.h
new file mode 100644
index 0000000000..ea501cba31
--- /dev/null
+++ b/source3/nsswitch/libwbclient/wbc_err_internal.h
@@ -0,0 +1,44 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind client API
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _WBC_ERR_INTERNAL_H
+#define _WBC_ERR_INTERNAL_H
+
+/* Private macros */
+
+#define BAIL_ON_WBC_ERROR(x) \
+ do { \
+ if ((x) != WBC_ERR_SUCCESS) \
+ goto done; \
+ } while(0);
+
+#define BAIL_ON_PTR_ERROR(x, status) \
+ do { \
+ if ((x) == NULL) { \
+ status = WBC_ERR_NO_MEMORY; \
+ goto done; \
+ } else { \
+ status = WBC_ERR_SUCCESS; \
+ } \
+ } while (0);
+
+
+#endif /* _WBC_ERR_INTERNAL_H */
diff --git a/source3/nsswitch/libwbclient/wbc_idmap.c b/source3/nsswitch/libwbclient/wbc_idmap.c
new file mode 100644
index 0000000000..651c270a57
--- /dev/null
+++ b/source3/nsswitch/libwbclient/wbc_idmap.c
@@ -0,0 +1,272 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind client API
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/* Required Headers */
+
+#include "libwbclient.h"
+
+/** @brief Convert a Windows SID to a Unix uid
+ *
+ * @param *sid Pointer to the domain SID to be resolved
+ * @param *puid Pointer to the resolved uid_t value
+ *
+ * @return #wbcErr
+ *
+ **/
+
+wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ char *sid_string = NULL;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+
+ if (!sid || !puid) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ wbc_status = wbcSidToString(sid, &sid_string);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
+ wbcFreeMemory(sid_string);
+
+ /* Make request */
+
+ wbc_status = wbcRequestResponse(WINBINDD_SID_TO_UID,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ *puid = response.data.uid;
+
+ wbc_status = WBC_ERR_SUCCESS;
+
+ done:
+ return wbc_status;
+}
+
+/** @brief Convert a Unix uid to a Windows SID
+ *
+ * @param uid Unix uid to be resolved
+ * @param *sid Pointer to the resolved domain SID
+ *
+ * @return #wbcErr
+ *
+ **/
+
+wbcErr wbcUidToSid(uid_t uid, struct wbcDomainSid *sid)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct winbindd_request request;
+ struct winbindd_response response;
+
+ if (!sid) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ request.data.uid = uid;
+
+ /* Make request */
+
+ wbc_status = wbcRequestResponse(WINBINDD_UID_TO_SID,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ wbc_status = wbcStringToSid(response.data.sid.sid, sid);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+done:
+ return wbc_status;
+}
+
+/** @brief Convert a Windows SID to a Unix gid
+ *
+ * @param *sid Pointer to the domain SID to be resolved
+ * @param *pgid Pointer to the resolved gid_t value
+ *
+ * @return #wbcErr
+ *
+ **/
+
+wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ char *sid_string = NULL;
+
+ if (!sid || !pgid) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ wbc_status = wbcSidToString(sid, &sid_string);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
+ wbcFreeMemory(sid_string);
+
+ /* Make request */
+
+ wbc_status = wbcRequestResponse(WINBINDD_SID_TO_GID,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ *pgid = response.data.gid;
+
+ wbc_status = WBC_ERR_SUCCESS;
+
+ done:
+ return wbc_status;
+}
+
+/** @brief Convert a Unix uid to a Windows SID
+ *
+ * @param gid Unix gid to be resolved
+ * @param *sid Pointer to the resolved domain SID
+ *
+ * @return #wbcErr
+ *
+ **/
+
+wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+
+ if (!sid) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ request.data.gid = gid;
+
+ /* Make request */
+
+ wbc_status = wbcRequestResponse(WINBINDD_GID_TO_SID,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ wbc_status = wbcStringToSid(response.data.sid.sid, sid);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+done:
+ return wbc_status;
+}
+
+/** @brief Obtain a new uid from Winbind
+ *
+ * @param *puid *pointer to the allocated uid
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcAllocateUid(uid_t *puid)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ NSS_STATUS result;
+
+ if (!puid)
+ return WBC_ERR_INVALID_PARAM;
+
+ /* Initialise request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ /* Make request */
+
+ result = wbcRequestResponse(WINBINDD_ALLOCATE_UID,
+ &request, &response);
+
+ if (result != NSS_STATUS_SUCCESS)
+ return WBC_ERR_UNKNOWN_FAILURE;
+
+ /* Copy out result */
+ *puid = response.data.uid;
+
+ return WBC_ERR_SUCCESS;
+}
+
+/** @brief Obtain a new gid from Winbind
+ *
+ * @param *pgid Pointer to the allocated gid
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcAllocateGid(uid_t *pgid)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ NSS_STATUS result;
+
+ if (!pgid)
+ return WBC_ERR_INVALID_PARAM;
+
+ /* Initialise request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ /* Make request */
+
+ result = wbcRequestResponse(WINBINDD_ALLOCATE_GID,
+ &request, &response);
+
+ if (result != NSS_STATUS_SUCCESS)
+ return WBC_ERR_UNKNOWN_FAILURE;
+
+ /* Copy out result */
+ *pgid = response.data.gid;
+
+ return WBC_ERR_SUCCESS;
+}
+
diff --git a/source3/nsswitch/libwbclient/wbc_pam.c b/source3/nsswitch/libwbclient/wbc_pam.c
new file mode 100644
index 0000000000..1548c3344a
--- /dev/null
+++ b/source3/nsswitch/libwbclient/wbc_pam.c
@@ -0,0 +1,65 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind client API
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/* Required Headers */
+
+#include "libwbclient.h"
+
+/** @brief Authenticate a username/password pair
+ *
+ * @param username Name of user to authenticate
+ * @param password Clear text password os user
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcAuthenticateUser(const char *username,
+ const char *password)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct winbindd_request request;
+ struct winbindd_response response;
+
+ if (!username) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ /* dst is already null terminated from the memset above */
+
+ strncpy(request.data.auth.user, username,
+ sizeof(request.data.auth.user)-1);
+ strncpy(request.data.auth.pass, password,
+ sizeof(request.data.auth.user)-1);
+
+ wbc_status = wbcRequestResponse(WINBINDD_PAM_AUTH,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+done:
+ return wbc_status;
+}
diff --git a/source3/nsswitch/libwbclient/wbc_pwd.c b/source3/nsswitch/libwbclient/wbc_pwd.c
new file mode 100644
index 0000000000..4e3b0d3967
--- /dev/null
+++ b/source3/nsswitch/libwbclient/wbc_pwd.c
@@ -0,0 +1,374 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind client API
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/* Required Headers */
+
+#include "libwbclient.h"
+
+/**
+ *
+ **/
+
+static struct passwd *copy_passwd_entry(struct winbindd_pw *p)
+{
+ struct passwd *pwd = NULL;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+
+ pwd = talloc(NULL, struct passwd);
+ BAIL_ON_PTR_ERROR(pwd, wbc_status);
+
+ pwd->pw_name = talloc_strdup(pwd,p->pw_name);
+ BAIL_ON_PTR_ERROR(pwd->pw_name, wbc_status);
+
+ pwd->pw_passwd = talloc_strdup(pwd, p->pw_passwd);
+ BAIL_ON_PTR_ERROR(pwd->pw_passwd, wbc_status);
+
+ pwd->pw_gecos = talloc_strdup(pwd, p->pw_gecos);
+ BAIL_ON_PTR_ERROR(pwd->pw_gecos, wbc_status);
+
+ pwd->pw_shell = talloc_strdup(pwd, p->pw_shell);
+ BAIL_ON_PTR_ERROR(pwd->pw_shell, wbc_status);
+
+ pwd->pw_dir = talloc_strdup(pwd, p->pw_dir);
+ BAIL_ON_PTR_ERROR(pwd->pw_dir, wbc_status);
+
+ pwd->pw_uid = p->pw_uid;
+ pwd->pw_gid = p->pw_gid;
+
+done:
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ talloc_free(pwd);
+ pwd = NULL;
+ }
+
+ return pwd;
+}
+
+/**
+ *
+ **/
+
+static struct group *copy_group_entry(struct winbindd_gr *g,
+ char *mem_buf)
+{
+ struct group *grp = NULL;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ int i;
+ char *mem_p, *mem_q;
+
+ grp = talloc(NULL, struct group);
+ BAIL_ON_PTR_ERROR(grp, wbc_status);
+
+ grp->gr_name = talloc_strdup(grp, g->gr_name);
+ BAIL_ON_PTR_ERROR(grp->gr_name, wbc_status);
+
+ grp->gr_passwd = talloc_strdup(grp, g->gr_passwd);
+ BAIL_ON_PTR_ERROR(grp->gr_passwd, wbc_status);
+
+ grp->gr_gid = g->gr_gid;
+
+ grp->gr_mem = talloc_array(grp, char*, g->num_gr_mem+1);
+
+ mem_p = mem_q = mem_buf;
+ for (i=0; i<g->num_gr_mem && mem_p; i++) {
+ if ((mem_q = strchr(mem_p, ',')) != NULL) {
+ *mem_q = '\0';
+ }
+
+ grp->gr_mem[i] = talloc_strdup(grp, mem_p);
+ BAIL_ON_PTR_ERROR(grp->gr_mem[i], wbc_status);
+
+ *mem_q = ',';
+ mem_p++;
+ mem_p = mem_q;
+ }
+ grp->gr_mem[g->num_gr_mem] = NULL;
+
+ wbc_status = WBC_ERR_SUCCESS;
+
+done:
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ talloc_free(grp);
+ grp = NULL;
+ }
+
+ return grp;
+}
+
+/** @brief Fill in a struct passwd* for a domain user based
+ * on username
+ *
+ * @param *name Username to lookup
+ * @param **pwd Pointer to resulting struct passwd* from the query.
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcGetpwnam(const char *name, struct passwd **pwd)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct winbindd_request request;
+ struct winbindd_response response;
+
+ if (!name || !pwd) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ /* dst is already null terminated from the memset above */
+
+ strncpy(request.data.username, name, sizeof(request.data.username)-1);
+
+ wbc_status = wbcRequestResponse(WINBINDD_GETPWNAM,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ *pwd = copy_passwd_entry(&response.data.pw);
+ BAIL_ON_PTR_ERROR(*pwd, wbc_status);
+
+ done:
+ return wbc_status;
+}
+
+/** @brief Fill in a struct passwd* for a domain user based
+ * on uid
+ *
+ * @param uid Uid to lookup
+ * @param **pwd Pointer to resulting struct passwd* from the query.
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct winbindd_request request;
+ struct winbindd_response response;
+
+ if (!pwd) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ request.data.uid = uid;
+
+ wbc_status = wbcRequestResponse(WINBINDD_GETPWUID,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ *pwd = copy_passwd_entry(&response.data.pw);
+ BAIL_ON_PTR_ERROR(*pwd, wbc_status);
+
+ done:
+ return wbc_status;
+}
+
+/** @brief Fill in a struct passwd* for a domain user based
+ * on username
+ *
+ * @param *name Username to lookup
+ * @param **grp Pointer to resulting struct group* from the query.
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcGetgrnam(const char *name, struct group **grp)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct winbindd_request request;
+ struct winbindd_response response;
+
+ if (!name || !grp) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ /* dst is already null terminated from the memset above */
+
+ strncpy(request.data.groupname, name, sizeof(request.data.groupname)-1);
+
+ wbc_status = wbcRequestResponse(WINBINDD_GETGRNAM,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ *grp = copy_group_entry(&response.data.gr, response.extra_data.data);
+ BAIL_ON_PTR_ERROR(*grp, wbc_status);
+
+ done:
+ if (response.extra_data.data)
+ free(response.extra_data.data);
+
+ return wbc_status;
+}
+
+/** @brief Fill in a struct passwd* for a domain user based
+ * on uid
+ *
+ * @param gid Uid to lookup
+ * @param **grp Pointer to resulting struct group* from the query.
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcGetgrgid(gid_t gid, struct group **grp)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct winbindd_request request;
+ struct winbindd_response response;
+
+ if (!grp) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ request.data.gid = gid;
+
+ wbc_status = wbcRequestResponse(WINBINDD_GETGRGID,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ *grp = copy_group_entry(&response.data.gr, response.extra_data.data);
+ BAIL_ON_PTR_ERROR(*grp, wbc_status);
+
+ done:
+ if (response.extra_data.data)
+ free(response.extra_data.data);
+
+ return wbc_status;
+}
+
+/** @brief Reset the passwd iterator
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcSetpwent(void)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+
+ wbc_status = wbcRequestResponse(WINBINDD_SETPWENT,
+ NULL, NULL);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ done:
+ return wbc_status;
+}
+
+/** @brief Close the passwd iterator
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcEndpwent(void)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+
+ wbc_status = wbcRequestResponse(WINBINDD_ENDPWENT,
+ NULL, NULL);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ done:
+ return wbc_status;
+}
+
+/** @brief Return the next struct passwd* entry from the pwent iterator
+ *
+ * @param **pwd Pointer to resulting struct group* from the query.
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcGetpwent(struct passwd **pwd)
+{
+ return WBC_ERR_NOT_IMPLEMENTED;
+}
+
+/** @brief Reset the group iterator
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcSetgrent(void)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+
+ wbc_status = wbcRequestResponse(WINBINDD_SETGRENT,
+ NULL, NULL);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ done:
+ return wbc_status;
+}
+
+/** @brief Close the group iterator
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcEndgrent(void)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+
+ wbc_status = wbcRequestResponse(WINBINDD_ENDGRENT,
+ NULL, NULL);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ done:
+ return wbc_status;
+}
+
+/** @brief Return the next struct passwd* entry from the pwent iterator
+ *
+ * @param **grp Pointer to resulting struct group* from the query.
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcGetgrent(struct group **grp)
+{
+ return WBC_ERR_NOT_IMPLEMENTED;
+}
+
diff --git a/source3/nsswitch/libwbclient/wbc_sid.c b/source3/nsswitch/libwbclient/wbc_sid.c
new file mode 100644
index 0000000000..c877e1d9d4
--- /dev/null
+++ b/source3/nsswitch/libwbclient/wbc_sid.c
@@ -0,0 +1,423 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind client API
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/* Required Headers */
+
+#include "libwbclient.h"
+
+
+/** @brief Convert a binary SID to a character string
+ *
+ * @param sid Binary Security Identifier
+ * @param **sid_string Resulting character string
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcSidToString(const struct wbcDomainSid *sid,
+ char **sid_string)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ uint32_t id_auth;
+ int i;
+ char *tmp = NULL;
+ TALLOC_CTX *ctx = NULL;
+
+ if (!sid) {
+ wbc_status = WBC_ERR_INVALID_SID;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ ctx = talloc_init("wbcSidToString");
+ BAIL_ON_PTR_ERROR(ctx, wbc_status);
+
+ id_auth = sid->id_auth[5] +
+ (sid->id_auth[4] << 8) +
+ (sid->id_auth[3] << 16) +
+ (sid->id_auth[2] << 24);
+
+ tmp = talloc_asprintf(ctx, "S-%d-%d", sid->sid_rev_num, id_auth);
+ BAIL_ON_PTR_ERROR(tmp, wbc_status);
+
+ for (i=0; i<sid->num_auths; i++) {
+ char *tmp2 =
+ tmp2 = talloc_asprintf_append(tmp, "-%u", sid->sub_auths[i]);
+ BAIL_ON_PTR_ERROR(tmp2, wbc_status);
+
+ tmp = tmp2;
+ }
+
+ *sid_string=talloc_strdup(NULL, tmp);
+ BAIL_ON_PTR_ERROR((*sid_string), wbc_status);
+
+ wbc_status = WBC_ERR_SUCCESS;
+
+done:
+ talloc_free(ctx);
+
+ return wbc_status;
+}
+
+/** @brief Convert a character string to a binary SID
+ *
+ * @param *str Character string in the form of S-...
+ * @param sid Resulting binary SID
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcStringToSid(const char *str,
+ struct wbcDomainSid *sid)
+{
+ const char *p;
+ char *q;
+ uint32_t x;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+
+ if (!sid) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Sanity check for either "S-" or "s-" */
+
+ if (!str
+ || (str[0]!='S' && str[0]!='s')
+ || (str[1]!='-')
+ || (strlen(str)<2))
+ {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Get the SID revision number */
+
+ p = str+2;
+ x = (uint32_t)strtol(p, &q, 10);
+ if (x==0 || !q || *q!='-') {
+ wbc_status = WBC_ERR_INVALID_SID;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+ sid->sid_rev_num = (uint8_t)x;
+
+ /* Next the Identifier Authority. This is stored in big-endian
+ in a 6 byte array. */
+
+ p = q+1;
+ x = (uint32_t)strtol(p, &q, 10);
+ if (x==0 || !q || *q!='-') {
+ wbc_status = WBC_ERR_INVALID_SID;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+ sid->id_auth[5] = (x & 0x000000ff);
+ sid->id_auth[4] = (x & 0x0000ff00) >> 8;
+ sid->id_auth[3] = (x & 0x00ff0000) >> 16;
+ sid->id_auth[2] = (x & 0xff000000) >> 24;
+ sid->id_auth[1] = 0;
+ sid->id_auth[0] = 0;
+
+ /* now read the the subauthorities */
+
+ p = q +1;
+ sid->num_auths = 0;
+ while (sid->num_auths < MAXSUBAUTHS) {
+ if ((x=(uint32_t)strtoul(p, &q, 10)) == 0)
+ break;
+ sid->sub_auths[sid->num_auths++] = x;
+
+ if (q && ((*q!='-') || (*q=='\0')))
+ break;
+ p = q + 1;
+ }
+
+ /* IF we ended early, then the SID could not be converted */
+
+ if (q && *q!='\0') {
+ wbc_status = WBC_ERR_INVALID_SID;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ wbc_status = WBC_ERR_SUCCESS;
+
+done:
+ return wbc_status;
+
+}
+
+/** @brief Convert a domain and name to SID
+ *
+ * @param domain Domain name (possibly "")
+ * @param name User or group name
+ * @param *sid Pointer to the resolved domain SID
+ * @param *name_type Pointet to the SID type
+ *
+ * @return #wbcErr
+ *
+ **/
+
+wbcErr wbcLookupName(const char *domain,
+ const char *name,
+ struct wbcDomainSid *sid,
+ enum wbcSidType *name_type)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+
+ if (!sid || !name_type) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ /* dst is already null terminated from the memset above */
+
+ strncpy(request.data.name.dom_name, domain,
+ sizeof(request.data.name.dom_name)-1);
+ strncpy(request.data.name.name, name,
+ sizeof(request.data.name.name)-1);
+
+ wbc_status = wbcRequestResponse(WINBINDD_LOOKUPNAME,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ wbc_status = wbcStringToSid(response.data.sid.sid, sid);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ *name_type = (enum wbcSidType)response.data.sid.type;
+
+ wbc_status = WBC_ERR_SUCCESS;
+
+ done:
+ return wbc_status;
+}
+
+/** @brief Convert a SID to a domain and name
+ *
+ * @param *sid Pointer to the domain SID to be resolved
+ * @param domain Resolved Domain name (possibly "")
+ * @param name Resolved User or group name
+ * @param *name_type Pointet to the resolved SID type
+ *
+ * @return #wbcErr
+ *
+ **/
+
+wbcErr wbcLookupSid(const struct wbcDomainSid *sid,
+ char **domain,
+ char **name,
+ enum wbcSidType *name_type)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ char *sid_string = NULL;
+
+ if (!sid) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ /* dst is already null terminated from the memset above */
+
+ wbc_status = wbcSidToString(sid, &sid_string);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
+ wbcFreeMemory(sid_string);
+
+ /* Make request */
+
+ wbc_status = wbcRequestResponse(WINBINDD_LOOKUPSID,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ /* Copy out result */
+
+ if (domain != NULL) {
+ *domain = strdup(response.data.name.dom_name);
+ BAIL_ON_PTR_ERROR((*domain), wbc_status);
+ }
+
+ if (name != NULL) {
+ *name = strdup(response.data.name.name);
+ BAIL_ON_PTR_ERROR((*name), wbc_status);
+ }
+
+ if (name_type) {
+ *name_type = (enum wbcSidType)response.data.name.type;
+ }
+
+ wbc_status = WBC_ERR_SUCCESS;
+
+ done:
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ if (*domain)
+ free(*domain);
+ if (*name)
+ free(*name);
+ }
+
+ return wbc_status;
+}
+
+/** @brief Translate a collection of RIDs within a domain to names
+ *
+ **/
+
+wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid,
+ int num_rids,
+ uint32_t *rids,
+ const char **pp_domain_name,
+ const char ***names,
+ enum wbcSidType **types)
+{
+ size_t i, len, ridbuf_size;
+ char *ridlist;
+ char *p;
+ struct winbindd_request request;
+ struct winbindd_response response;
+ char *sid_string = NULL;
+ char *domain_name = NULL;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+
+ if (!dom_sid || (num_rids == 0)) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialise request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ wbc_status = wbcSidToString(dom_sid, &sid_string);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
+ wbcFreeMemory(sid_string);
+
+ /* Even if all the Rids were of maximum 32bit values,
+ we would only have 11 bytes per rid in the final array
+ ("4294967296" + \n). Add one more byte for the
+ terminating '\0' */
+
+ ridbuf_size = (sizeof(char)*11) * num_rids + 1;
+
+ ridlist = malloc(ridbuf_size);
+ BAIL_ON_PTR_ERROR(ridlist, wbc_status);
+
+ memset(ridlist, 0x0, ridbuf_size);
+
+ len = 0;
+ for (i=0; i<num_rids && (len-1)>0; i++) {
+ char ridstr[12];
+
+ len = strlen(ridlist);
+ p = ridlist + len;
+
+ snprintf( ridstr, sizeof(ridstr)-1, "%u\n", rids[i]);
+ strncat(p, ridstr, ridbuf_size-len-1);
+ }
+
+ request.extra_data.data = ridlist;
+ request.extra_len = strlen(ridlist)+1;
+
+ wbc_status = wbcRequestResponse(WINBINDD_LOOKUPRIDS,
+ &request,
+ &response);
+ free(ridlist);
+
+ domain_name = strdup(response.data.domain_name);
+ BAIL_ON_PTR_ERROR(domain_name, wbc_status);
+
+ *names = (const char**)malloc(sizeof(char*) * num_rids);
+ BAIL_ON_PTR_ERROR((*names), wbc_status);
+
+ *types = (enum wbcSidType*)malloc(sizeof(enum wbcSidType) * num_rids);
+ BAIL_ON_PTR_ERROR((*types), wbc_status);
+
+ p = (char *)response.extra_data.data;
+
+ for (i=0; i<num_rids; i++) {
+ char *q;
+
+ if (*p == '\0') {
+ wbc_status = WBC_INVALID_RESPONSE;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ (*types)[i] = (enum wbcSidType)strtoul(p, &q, 10);
+
+ if (*q != ' ') {
+ wbc_status = WBC_INVALID_RESPONSE;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ p = q+1;
+
+ if ((q = strchr(p, '\n')) == NULL) {
+ wbc_status = WBC_INVALID_RESPONSE;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ *q = '\0';
+
+ (*names)[i] = strdup(p);
+
+ p = q+1;
+ }
+
+ if (*p != '\0') {
+ wbc_status = WBC_INVALID_RESPONSE;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ free(response.extra_data.data);
+
+ wbc_status = WBC_ERR_SUCCESS;
+
+ done:
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ if (domain_name)
+ free(domain_name);
+ if (*names)
+ free(*names);
+ if (*types)
+ free(*types);
+ } else {
+ *pp_domain_name = domain_name;
+ }
+
+ return wbc_status;
+}
diff --git a/source3/nsswitch/libwbclient/wbc_util.c b/source3/nsswitch/libwbclient/wbc_util.c
new file mode 100644
index 0000000000..b0adaad318
--- /dev/null
+++ b/source3/nsswitch/libwbclient/wbc_util.c
@@ -0,0 +1,110 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind client API
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/* Required Headers */
+
+#include "libwbclient.h"
+
+
+
+/** @brief Ping winbindd to see if the daemon is running
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcPing(void)
+{
+ return wbcRequestResponse(WINBINDD_PING, NULL, NULL);
+}
+
+/** @brief Lookup the current status of a trusted domain
+ *
+ * @param domain Domain to query
+ * @param *dinfo Pointer to returned domain_info struct
+ *
+ * @return #wbcErr
+ *
+ * The char* members of the struct wbcDomainInfo* are malloc()'d
+ * and it the the responsibility of the caller to free the members
+ * before discarding the struct.
+ *
+ **/
+
+
+wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct wbcDomainInfo *info = NULL;
+
+ if (!domain || !dinfo) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ strncpy(request.domain_name, domain,
+ sizeof(request.domain_name)-1);
+
+ wbc_status = wbcRequestResponse(WINBINDD_DOMAIN_INFO,
+ &request,
+ &response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ info = talloc(NULL, struct wbcDomainInfo);
+ BAIL_ON_PTR_ERROR(info, wbc_status);
+
+ info->short_name = talloc_strdup(info,
+ response.data.domain_info.name);
+ BAIL_ON_PTR_ERROR(info->short_name, wbc_status);
+
+ info->dns_name = talloc_strdup(info,
+ response.data.domain_info.alt_name);
+ BAIL_ON_PTR_ERROR(info->dns_name, wbc_status);
+
+ wbc_status = wbcStringToSid(response.data.domain_info.sid,
+ &info->sid);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ if (response.data.domain_info.native_mode)
+ info->flags |= WBC_DOMINFO_NATIVE;
+ if (response.data.domain_info.active_directory)
+ info->flags |= WBC_DOMINFO_AD;
+ if (response.data.domain_info.primary)
+ info->flags |= WBC_DOMINFO_PRIMARY;
+
+ *dinfo = info;
+
+ wbc_status = WBC_ERR_SUCCESS;
+
+ done:
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ talloc_free(info);
+ }
+
+ return wbc_status;
+}
diff --git a/source3/nsswitch/libwbclient/wbclient.c b/source3/nsswitch/libwbclient/wbclient.c
new file mode 100644
index 0000000000..321a7db669
--- /dev/null
+++ b/source3/nsswitch/libwbclient/wbclient.c
@@ -0,0 +1,105 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind client API
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/* Required Headers */
+
+#include "libwbclient.h"
+
+/* From wb_common.c */
+
+NSS_STATUS winbindd_request_response(int req_type,
+ struct winbindd_request *request,
+ struct winbindd_response *response);
+
+/** @brief Wrapper around Winbind's send/receive API call
+ *
+ * @param cmd Winbind command operation to perform
+ * @param request Send structure
+ * @param response Receive structure
+ *
+ * @return #wbcErr
+ **/
+
+/**********************************************************************
+ result == NSS_STATUS_UNAVAIL: winbind not around
+ result == NSS_STATUS_NOTFOUND: winbind around, but domain missing
+
+ Due to a bad API NSS_STATUS_NOTFOUND is returned both when winbind_off
+ and when winbind return WINBINDD_ERROR. So the semantics of this
+ routine depends on winbind_on. Grepping for winbind_off I just
+ found 3 places where winbind is turned off, and this does not conflict
+ (as far as I have seen) with the callers of is_trusted_domains.
+
+ --Volker
+**********************************************************************/
+
+wbcErr wbcRequestResponse(int cmd,
+ struct winbindd_request *request,
+ struct winbindd_response *response)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ NSS_STATUS nss_status;
+
+ if (!request || !response) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+
+ nss_status = winbindd_request_response(cmd, request, response);
+
+ switch (nss_status) {
+ case NSS_STATUS_SUCCESS:
+ wbc_status = WBC_ERR_SUCCESS;
+ break;
+ case NSS_STATUS_UNAVAIL:
+ return WBC_ERR_WINBIND_NOT_AVAILABLE;
+ break;
+ case NSS_STATUS_NOTFOUND:
+ return WBC_ERR_DOMAIN_NOT_FOUND;
+ break;
+ default:
+ wbc_status = WBC_ERR_NSS_ERROR;
+ break;
+ }
+
+done:
+ return wbc_status;
+}
+
+/** @brief Free library allocated memory
+ *
+ * @param *p Pointer to free
+ *
+ * @return void
+ **/
+
+void wbcFreeMemory(void *p)
+{
+ if (p)
+ talloc_free(p);
+
+ return;
+}
+
+
+
diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h
new file mode 100644
index 0000000000..2867aad69e
--- /dev/null
+++ b/source3/nsswitch/libwbclient/wbclient.h
@@ -0,0 +1,184 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind client API
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _WBCLIENT_H
+#define _WBCLIENT_H
+
+#include <pwd.h>
+#include <nsswitch/libwbclient/wbc_err.h>
+
+/*
+ * Data types used by the Winbind Client API
+ */
+
+#ifndef MAXSUBAUTHS
+#define MAXSUBAUTHS 15 /* max sub authorities in a SID */
+#endif
+
+/**
+ * @brief Windows Security Identifier
+ *
+ **/
+
+struct wbcDomainSid {
+ uint8_t sid_rev_num;
+ uint8_t num_auths;
+ uint8_t id_auth[6];
+ uint32_t sub_auths[MAXSUBAUTHS];
+};
+
+/**
+ * @brief Security Identifier type
+ **/
+
+enum wbcSidType {
+ WBC_SID_NAME_USE_NONE=0,
+ WBC_SID_NAME_USER=1,
+ WBC_SID_NAME_DOM_GRP=2,
+ WBC_SID_NAME_DOMAIN=3,
+ WBC_SID_NAME_ALIAS=4,
+ WBC_SID_NAME_WKN_GRP=5,
+ WBC_SID_NAME_DELETED=6,
+ WBC_SID_NAME_INVALID=7,
+ WBC_SID_NAME_UNKNOWN=8,
+ WBC_SID_NAME_COMPUTER=9
+};
+
+/**
+ * @brief Domain Information
+ **/
+
+struct wbcDomainInfo {
+ char *short_name;
+ char *dns_name;
+ struct wbcDomainSid sid;
+ uint32_t flags;
+};
+
+/* wbcDomainInfo->flags */
+
+#define WBC_DOMINFO_NATIVE 0x00000001
+#define WBC_DOMINFO_AD 0x00000002
+#define WBC_DOMINFO_PRIMARY 0x00000004
+
+/*
+ * Memory Management
+ */
+
+void wbcFreeMemory(void*);
+
+
+/*
+ * Utility functions for dealing with SIDs
+ */
+
+wbcErr wbcSidToString(const struct wbcDomainSid *sid,
+ char **sid_string);
+
+wbcErr wbcStringToSid(const char *sid_string,
+ struct wbcDomainSid *sid);
+
+wbcErr wbcPing(void);
+
+/*
+ * Name/SID conversion
+ */
+
+wbcErr wbcLookupName(const char *dom_name,
+ const char *name,
+ struct wbcDomainSid *sid,
+ enum wbcSidType *name_type);
+
+wbcErr wbcLookupSid(const struct wbcDomainSid *sid,
+ char **domain,
+ char **name,
+ enum wbcSidType *name_type);
+
+wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid,
+ int num_rids,
+ uint32_t *rids,
+ const char **domain_name,
+ const char ***names,
+ enum wbcSidType **types);
+
+/*
+ * SID/uid/gid Mappings
+ */
+
+wbcErr wbcSidToUid(const struct wbcDomainSid *sid,
+ uid_t *puid);
+
+wbcErr wbcUidToSid(uid_t uid,
+ struct wbcDomainSid *sid);
+
+wbcErr wbcSidToGid(const struct wbcDomainSid *sid,
+ gid_t *pgid);
+
+wbcErr wbcGidToSid(gid_t gid,
+ struct wbcDomainSid *sid);
+
+wbcErr wbcAllocateUid(uid_t *puid);
+
+wbcErr wbcAllocateGid(uid_t *pgid);
+
+/*
+ * NSS Lookup User/Group details
+ */
+
+wbcErr wbcGetpwnam(const char *name, struct passwd **pwd);
+
+wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd);
+
+wbcErr wbcGetgrnam(const char *name, struct group **grp);
+
+wbcErr wbcGetgrgid(gid_t gid, struct group **grp);
+
+wbcErr wbcSetpwent(void);
+
+wbcErr wbcEndpwent(void);
+
+wbcErr wbcGetpwent(struct passwd **pwd);
+
+wbcErr wbcSetgrent(void);
+
+wbcErr wbcEndgrent(void);
+
+wbcErr wbcGetgrent(struct group **grp);
+
+
+/*
+ * Lookup Domain information
+ */
+
+wbcErr wbcDomainInfo(const char *domain,
+ struct wbcDomainInfo **info);
+
+wbcErr wbcDomainSequenceNumbers(void);
+
+/*
+ * Athenticate functions
+ */
+
+wbcErr wbcAuthenticateUser(const char *username,
+ const char *password);
+
+
+#endif /* _WBCLIENT_H */
diff --git a/source3/nsswitch/libwbclient/wbclient_internal.h b/source3/nsswitch/libwbclient/wbclient_internal.h
new file mode 100644
index 0000000000..fc03c5409b
--- /dev/null
+++ b/source3/nsswitch/libwbclient/wbclient_internal.h
@@ -0,0 +1,32 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind client API
+
+ Copyright (C) Gerald (Jerry) Carter 2007
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _WBCLIENT_INTERNAL_H
+#define _WBCLIENT_INTERNAL_H
+
+/* Private functions */
+
+wbcErr wbcRequestResponse(int cmd,
+ struct winbindd_request *request,
+ struct winbindd_response *response);
+
+
+#endif /* _WBCLIENT_INTERNAL_H */
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c
index d24bba2fe1..5e1a5d8ad4 100644
--- a/source3/nsswitch/wb_client.c
+++ b/source3/nsswitch/wb_client.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "nsswitch/winbind_nss.h"
+#include "libwbclient/wbclient.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
@@ -30,431 +31,6 @@ NSS_STATUS winbindd_request_response(int req_type,
struct winbindd_request *request,
struct winbindd_response *response);
-/* Call winbindd to convert a name to a sid */
-
-bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
- enum lsa_SidType *name_type)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
-
- if (!sid || !name_type)
- return False;
-
- /* Send off request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- fstrcpy(request.data.name.dom_name, dom_name);
- fstrcpy(request.data.name.name, name);
-
- if ((result = winbindd_request_response(WINBINDD_LOOKUPNAME, &request,
- &response)) == NSS_STATUS_SUCCESS) {
- if (!string_to_sid(sid, response.data.sid.sid))
- return False;
- *name_type = (enum lsa_SidType)response.data.sid.type;
- }
-
- return result == NSS_STATUS_SUCCESS;
-}
-
-/* Call winbindd to convert sid to name */
-
-bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
- const char **domain, const char **name,
- enum lsa_SidType *name_type)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- sid_to_fstring(request.data.sid, sid);
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_LOOKUPSID, &request,
- &response);
-
- if (result != NSS_STATUS_SUCCESS) {
- return False;
- }
-
- /* Copy out result */
-
- if (domain != NULL) {
- *domain = talloc_strdup(mem_ctx, response.data.name.dom_name);
- if (*domain == NULL) {
- DEBUG(0, ("talloc failed\n"));
- return False;
- }
- }
- if (name != NULL) {
- *name = talloc_strdup(mem_ctx, response.data.name.name);
- if (*name == NULL) {
- DEBUG(0, ("talloc failed\n"));
- return False;
- }
- }
-
- *name_type = (enum lsa_SidType)response.data.name.type;
-
- DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n",
- sid_string_dbg(sid), response.data.name.dom_name,
- response.data.name.name));
- return True;
-}
-
-bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
- const DOM_SID *domain_sid,
- int num_rids, uint32 *rids,
- const char **domain_name,
- const char ***names, enum lsa_SidType **types)
-{
- size_t i, buflen;
- ssize_t len;
- char *ridlist;
- char *p;
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
-
- if (num_rids == 0) {
- return False;
- }
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- sid_to_fstring(request.data.sid, domain_sid);
-
- len = 0;
- buflen = 0;
- ridlist = NULL;
-
- for (i=0; i<num_rids; i++) {
- sprintf_append(mem_ctx, &ridlist, &len, &buflen,
- "%ld\n", rids[i]);
- }
-
- if (ridlist == NULL) {
- return False;
- }
-
- request.extra_data.data = ridlist;
- request.extra_len = strlen(ridlist)+1;
-
- result = winbindd_request_response(WINBINDD_LOOKUPRIDS,
- &request, &response);
-
- TALLOC_FREE(ridlist);
-
- if (result != NSS_STATUS_SUCCESS) {
- return False;
- }
-
- *domain_name = talloc_strdup(mem_ctx, response.data.domain_name);
-
- *names = TALLOC_ARRAY(mem_ctx, const char *, num_rids);
- *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids);
-
- if ((*names == NULL) || (*types == NULL)) {
- goto fail;
- }
-
- p = (char *)response.extra_data.data;
-
- for (i=0; i<num_rids; i++) {
- char *q;
-
- if (*p == '\0') {
- DEBUG(10, ("Got invalid reply: %s\n",
- (char *)response.extra_data.data));
- goto fail;
- }
-
- (*types)[i] = (enum lsa_SidType)strtoul(p, &q, 10);
-
- if (*q != ' ') {
- DEBUG(10, ("Got invalid reply: %s\n",
- (char *)response.extra_data.data));
- goto fail;
- }
-
- p = q+1;
-
- q = strchr(p, '\n');
- if (q == NULL) {
- DEBUG(10, ("Got invalid reply: %s\n",
- (char *)response.extra_data.data));
- goto fail;
- }
-
- *q = '\0';
-
- (*names)[i] = talloc_strdup(*names, p);
-
- p = q+1;
- }
-
- if (*p != '\0') {
- DEBUG(10, ("Got invalid reply: %s\n",
- (char *)response.extra_data.data));
- goto fail;
- }
-
- SAFE_FREE(response.extra_data.data);
-
- return True;
-
- fail:
- TALLOC_FREE(*names);
- TALLOC_FREE(*types);
- return False;
-}
-
-/* Call winbindd to convert SID to uid */
-
-bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
- fstring sid_str;
-
- if (!puid)
- return False;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- sid_to_fstring(sid_str, sid);
- fstrcpy(request.data.sid, sid_str);
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response);
-
- /* Copy out result */
-
- if (result == NSS_STATUS_SUCCESS) {
- *puid = response.data.uid;
- }
-
- return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert uid to sid */
-
-bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
-
- if (!sid)
- return False;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.uid = uid;
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response);
-
- /* Copy out result */
-
- if (result == NSS_STATUS_SUCCESS) {
- if (!string_to_sid(sid, response.data.sid.sid))
- return False;
- } else {
- sid_copy(sid, &global_sid_NULL);
- }
-
- return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert SID to gid */
-
-bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
- fstring sid_str;
-
- if (!pgid)
- return False;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- sid_to_fstring(sid_str, sid);
- fstrcpy(request.data.sid, sid_str);
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response);
-
- /* Copy out result */
-
- if (result == NSS_STATUS_SUCCESS) {
- *pgid = response.data.gid;
- }
-
- return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert gid to sid */
-
-bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
-
- if (!sid)
- return False;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.gid = gid;
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response);
-
- /* Copy out result */
-
- if (result == NSS_STATUS_SUCCESS) {
- if (!string_to_sid(sid, response.data.sid.sid))
- return False;
- } else {
- sid_copy(sid, &global_sid_NULL);
- }
-
- return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert SID to uid */
-
-bool winbind_sids_to_unixids(struct id_map *ids, int num_ids)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
- DOM_SID *sids;
- int i;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.extra_len = num_ids * sizeof(DOM_SID);
-
- sids = (DOM_SID *)SMB_MALLOC(request.extra_len);
- for (i = 0; i < num_ids; i++) {
- sid_copy(&sids[i], ids[i].sid);
- }
-
- request.extra_data.data = (char *)sids;
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_SIDS_TO_XIDS, &request, &response);
-
- /* Copy out result */
-
- if (result == NSS_STATUS_SUCCESS) {
- struct unixid *wid = (struct unixid *)response.extra_data.data;
-
- for (i = 0; i < num_ids; i++) {
- if (wid[i].type == -1) {
- ids[i].status = ID_UNMAPPED;
- } else {
- ids[i].status = ID_MAPPED;
- ids[i].xid.type = wid[i].type;
- ids[i].xid.id = wid[i].id;
- }
- }
- }
-
- SAFE_FREE(request.extra_data.data);
- SAFE_FREE(response.extra_data.data);
-
- return (result == NSS_STATUS_SUCCESS);
-}
-
-bool winbind_allocate_uid(uid_t *uid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_ALLOCATE_UID,
- &request, &response);
-
- if (result != NSS_STATUS_SUCCESS)
- return False;
-
- /* Copy out result */
- *uid = response.data.uid;
-
- return True;
-}
-
-bool winbind_allocate_gid(gid_t *gid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- result = winbindd_request_response(WINBINDD_ALLOCATE_GID,
- &request, &response);
-
- if (result != NSS_STATUS_SUCCESS)
- return False;
-
- /* Copy out result */
- *gid = response.data.gid;
-
- return True;
-}
-
bool winbind_set_mapping(const struct id_map *map)
{
struct winbindd_request request;
@@ -518,49 +94,3 @@ bool winbind_set_gid_hwm(unsigned long id)
return (result == NSS_STATUS_SUCCESS);
}
-
-/**********************************************************************
- simple wrapper function to see if winbindd is alive
-**********************************************************************/
-
-bool winbind_ping( void )
-{
- NSS_STATUS result;
-
- result = winbindd_request_response(WINBINDD_PING, NULL, NULL);
-
- return result == NSS_STATUS_SUCCESS;
-}
-
-/**********************************************************************
- Is a domain trusted?
-
- result == NSS_STATUS_UNAVAIL: winbind not around
- result == NSS_STATUS_NOTFOUND: winbind around, but domain missing
-
- Due to a bad API NSS_STATUS_NOTFOUND is returned both when winbind_off and
- when winbind return WINBINDD_ERROR. So the semantics of this routine depends
- on winbind_on. Grepping for winbind_off I just found 3 places where winbind
- is turned off, and this does not conflict (as far as I have seen) with the
- callers of is_trusted_domains.
-
- I *hate* global variables....
-
- Volker
-
-**********************************************************************/
-
-NSS_STATUS wb_is_trusted_domain(const char *domain)
-{
- struct winbindd_request request;
- struct winbindd_response response;
-
- /* Call winbindd */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- fstrcpy(request.domain_name, domain);
-
- return winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response);
-}
diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index 37ff8a78c7..c8f8398c6f 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "winbind_client.h"
+#include "libwbclient/wbclient.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
@@ -73,25 +74,26 @@ static char winbind_separator(void)
static const char *get_winbind_domain(void)
{
- struct winbindd_response response;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct wbcDomainInfo *dinfo = NULL;
static fstring winbind_domain;
- ZERO_STRUCT(response);
-
- /* Send off request */
+ ZERO_STRUCT(dinfo);
+
+ wbc_status = wbcDomainInfo(".", &dinfo);
- if (winbindd_request_response(WINBINDD_DOMAIN_NAME, NULL, &response) !=
- NSS_STATUS_SUCCESS) {
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
d_fprintf(stderr, "could not obtain winbind domain name!\n");
/* HACK: (this module should not call lp_ funtions) */
return lp_workgroup();
}
- fstrcpy(winbind_domain, response.data.domain_name);
+ fstrcpy(winbind_domain, dinfo->short_name);
- return winbind_domain;
+ wbcFreeMemory(dinfo);
+ return winbind_domain;
}
/* Copy of parse_domain_user from winbindd_util.c. Parse a string of the
@@ -128,61 +130,47 @@ static bool parse_wbinfo_domain_user(const char *domuser, fstring domain,
static bool wbinfo_get_userinfo(char *user)
{
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Send request */
-
- fstrcpy(request.data.username, user);
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct passwd *pwd = NULL;
- result = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response);
-
- if (result != NSS_STATUS_SUCCESS)
- return False;
+ wbc_status = wbcGetpwnam(user, &pwd);
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ return false;
+ }
- d_printf( "%s:%s:%d:%d:%s:%s:%s\n",
- response.data.pw.pw_name,
- response.data.pw.pw_passwd,
- response.data.pw.pw_uid,
- response.data.pw.pw_gid,
- response.data.pw.pw_gecos,
- response.data.pw.pw_dir,
- response.data.pw.pw_shell );
+ d_printf("%s:%s:%d:%d:%s:%s:%s\n",
+ pwd->pw_name,
+ pwd->pw_passwd,
+ pwd->pw_uid,
+ pwd->pw_gid,
+ pwd->pw_gecos,
+ pwd->pw_dir,
+ pwd->pw_shell);
- return True;
+ return true;
}
/* pull pwent info for a given uid */
static bool wbinfo_get_uidinfo(int uid)
{
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.uid = uid;
-
- result = winbindd_request_response(WINBINDD_GETPWUID, &request, &response);
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct passwd *pwd = NULL;
- if (result != NSS_STATUS_SUCCESS)
- return False;
-
- d_printf( "%s:%s:%d:%d:%s:%s:%s\n",
- response.data.pw.pw_name,
- response.data.pw.pw_passwd,
- response.data.pw.pw_uid,
- response.data.pw.pw_gid,
- response.data.pw.pw_gecos,
- response.data.pw.pw_dir,
- response.data.pw.pw_shell );
-
- return True;
+ wbc_status = wbcGetpwuid(uid, &pwd);
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ return false;
+ }
+
+ d_printf("%s:%s:%d:%d:%s:%s:%s\n",
+ pwd->pw_name,
+ pwd->pw_passwd,
+ pwd->pw_uid,
+ pwd->pw_gid,
+ pwd->pw_gecos,
+ pwd->pw_dir,
+ pwd->pw_shell);
+
+ return true;
}
/* pull grent for a given group */
@@ -874,40 +862,40 @@ static bool wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags)
static bool wbinfo_auth(char *username)
{
- struct winbindd_request request;
- struct winbindd_response response;
- NSS_STATUS result;
- char *p;
-
- /* Send off request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- p = strchr(username, '%');
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ char *s = NULL;
+ char *p = NULL;
+ char *password = NULL;
+ char *name = NULL;
+
+ if ((s = SMB_STRDUP(username)) == NULL) {
+ return false;
+ }
- if (p) {
+ if ((p = strchr(s, '%')) != NULL) {
*p = 0;
- fstrcpy(request.data.auth.user, username);
- fstrcpy(request.data.auth.pass, p + 1);
- *p = '%';
- } else
- fstrcpy(request.data.auth.user, username);
+ p++;
+ }
- result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response);
+ name = s;
+ password = p;
- /* Display response */
+ wbc_status = wbcAuthenticateUser(name, password);
d_printf("plaintext password authentication %s\n",
- (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
+ WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed");
+#if 0
if (response.data.auth.nt_status)
d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n",
response.data.auth.nt_status_string,
response.data.auth.nt_status,
response.data.auth.error_string);
+#endif
- return result == NSS_STATUS_SUCCESS;
+ SAFE_FREE(s);
+
+ return WBC_ERROR_IS_OK(wbc_status);
}
/* Authenticate a user with a challenge/response */
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 4eb8a1ce65..5b009fc964 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -3473,7 +3473,7 @@ static bool process_registry_globals(bool (*pfunc)(const char *, const char *))
if (size && data_p) {
err = registry_pull_value(reg_tdb,
&value,
- type,
+ (enum winreg_Type)type,
data_p,
size,
size);
diff --git a/source3/pkgconfig/netapi.pc.in b/source3/pkgconfig/netapi.pc.in
new file mode 100644
index 0000000000..b1f60b240e
--- /dev/null
+++ b/source3/pkgconfig/netapi.pc.in
@@ -0,0 +1,14 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: Samba libnetapi
+Description: A library to control CIFS servers
+Version: 0
+URL: http://www.samba.org/
+#Libs: -L@libdir@ -lnetapi
+Libs: -lnetapi
+Libs.private: -lnetapi @KRB5_LIBS@ @LDAP_LIBS@ @LIBS@
+Cflags: -I@includedir@
+
diff --git a/source3/pkgconfig/smbclient.pc.in b/source3/pkgconfig/smbclient.pc.in
new file mode 100644
index 0000000000..969abbe1ff
--- /dev/null
+++ b/source3/pkgconfig/smbclient.pc.in
@@ -0,0 +1,14 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: Samba libsmbclient
+Description: A library to access CIFS servers
+Version: 0
+URL: http://www.samba.org/
+#Libs: -L@libdir@ -lsmbclient
+Libs: -lsmbclient
+Libs.private: -lsmbclient @KRB5_LIBS@ @LDAP_LIBS@ @LIBS@
+Cflags: -I@includedir@
+
diff --git a/source3/pkgconfig/smbsharemodes.pc.in b/source3/pkgconfig/smbsharemodes.pc.in
new file mode 100644
index 0000000000..dcb0d2eeda
--- /dev/null
+++ b/source3/pkgconfig/smbsharemodes.pc.in
@@ -0,0 +1,14 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: Samba libsmbsharemodes
+Description: A library
+Version: 0
+URL: http://www.samba.org/
+#Libs: -L@libdir@ -lsmbsharemodes
+Libs: -lsmbsharemodes
+Libs.private: -lsmbsharemodes @KRB5_LIBS@ @LDAP_LIBS@ @LIBS@
+Cflags: -I@includedir@
+
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index 3cb5827e73..26d2124da0 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -383,7 +383,7 @@ NTSTATUS rpccli_netlogon_logon_ctrl2(struct rpc_pipe_client *cli, TALLOC_CTX *me
WERROR rpccli_netlogon_getanydcname(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, const char *mydcname,
- const char *domainname, fstring newdcname)
+ const char *domainname, char **newdcname)
{
prs_struct qbuf, rbuf;
NET_Q_GETANYDCNAME q;
@@ -410,8 +410,9 @@ WERROR rpccli_netlogon_getanydcname(struct rpc_pipe_client *cli,
result = r.status;
- if (W_ERROR_IS_OK(result)) {
- rpcstr_pull_unistr2_fstring(newdcname, &r.uni_dcname);
+ if (W_ERROR_IS_OK(result) && newdcname) {
+ *newdcname = rpcstr_pull_unistr2_talloc(mem_ctx, &r.uni_dcname);
+ W_ERROR_HAVE_NO_MEMORY(*newdcname);
}
return result;
@@ -421,7 +422,7 @@ WERROR rpccli_netlogon_getanydcname(struct rpc_pipe_client *cli,
WERROR rpccli_netlogon_getdcname(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, const char *mydcname,
- const char *domainname, fstring newdcname)
+ const char *domainname, char **newdcname)
{
prs_struct qbuf, rbuf;
NET_Q_GETDCNAME q;
@@ -448,8 +449,9 @@ WERROR rpccli_netlogon_getdcname(struct rpc_pipe_client *cli,
result = r.status;
- if (W_ERROR_IS_OK(result)) {
- rpcstr_pull_unistr2_fstring(newdcname, &r.uni_dcname);
+ if (W_ERROR_IS_OK(result) && newdcname) {
+ *newdcname = rpcstr_pull_unistr2_talloc(mem_ctx, &r.uni_dcname);
+ W_ERROR_HAVE_NO_MEMORY(*newdcname);
}
return result;
diff --git a/source3/rpc_server/srv_dfs_nt.c b/source3/rpc_server/srv_dfs_nt.c
index 8a1cdedb4f..690ddd60d6 100644
--- a/source3/rpc_server/srv_dfs_nt.c
+++ b/source3/rpc_server/srv_dfs_nt.c
@@ -34,7 +34,7 @@ void _dfs_GetManagerVersion(pipes_struct *p, struct dfs_GetManagerVersion *r)
if (lp_host_msdfs()) {
*r->out.version = DFS_MANAGER_VERSION_NT4;
} else {
- *r->out.version = 0;
+ *r->out.version = (enum dfs_ManagerVersion)0;
}
}
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index a289196f5f..1b78772a79 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -463,7 +463,9 @@ static NTSTATUS lsa_get_generic_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s
if((psa = make_sec_acl(mem_ctx, NT4_ACL_REVISION, 3, ace)) == NULL)
return NT_STATUS_NO_MEMORY;
- if((*sd = make_sec_desc(mem_ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, &adm_sid, NULL, NULL, psa, sd_size)) == NULL)
+ if((*sd = make_sec_desc(mem_ctx, SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE, &adm_sid, NULL, NULL,
+ psa, sd_size)) == NULL)
return NT_STATUS_NO_MEMORY;
return NT_STATUS_OK;
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 1d69cb320e..01ce932afa 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -149,7 +149,9 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd
if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) == NULL)
return NT_STATUS_NO_MEMORY;
- if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, psa, sd_size)) == NULL)
+ if ((*psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
+ psa, sd_size)) == NULL)
return NT_STATUS_NO_MEMORY;
return NT_STATUS_OK;
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 43f57a0109..3cc2472116 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -2167,7 +2167,7 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
r_u->size_secdesc = sd_size;
r_u->sec_desc = psd;
- psd->dacl->revision = (uint16) NT4_ACL_REVISION;
+ psd->dacl->revision = NT4_ACL_REVISION;
unbecome_user();
close_cnum(conn, user.vuid);
diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c
index 5316d399b9..3f5cf03abb 100644
--- a/source3/rpc_server/srv_svcctl_nt.c
+++ b/source3/rpc_server/srv_svcctl_nt.c
@@ -162,7 +162,9 @@ static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx )
if ( !(acl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
return NULL;
- if ( !(sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, acl, &sd_size)) )
+ if ( !(sd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
+ acl, &sd_size)) )
return NULL;
return sd;
diff --git a/source3/rpc_server/srv_winreg_nt.c b/source3/rpc_server/srv_winreg_nt.c
index 873224085c..74ee94cf75 100644
--- a/source3/rpc_server/srv_winreg_nt.c
+++ b/source3/rpc_server/srv_winreg_nt.c
@@ -234,7 +234,7 @@ WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r)
if ( !regkey )
return WERR_BADFID;
- *r->out.value_length = *r->out.type = 0;
+ *r->out.value_length = *r->out.type = REG_NONE;
DEBUG(7,("_reg_info: policy key name = [%s]\n", regkey->key->name));
DEBUG(7,("_reg_info: policy key type = [%08x]\n", regkey->key->type));
@@ -934,7 +934,9 @@ static WERROR make_default_reg_sd( TALLOC_CTX *ctx, SEC_DESC **psd )
if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 2, ace)) == NULL)
return WERR_NOMEM;
- if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, &owner_sid, NULL, NULL, psa, &sd_size)) == NULL)
+ if ((*psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE, &owner_sid, NULL,
+ NULL, psa, &sd_size)) == NULL)
return WERR_NOMEM;
return WERR_OK;
diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c
index 1e43b5ae99..b30a7f8792 100644
--- a/source3/rpc_server/srv_wkssvc_nt.c
+++ b/source3/rpc_server/srv_wkssvc_nt.c
@@ -22,6 +22,8 @@
/* This is the implementation of the wks interface. */
#include "includes.h"
+#include "libnet/libnet_join.h"
+#include "libnet/libnet_proto.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_RPC_SRV
@@ -32,7 +34,7 @@
static void create_wks_info_100(struct wkssvc_NetWkstaInfo100 *info100)
{
- info100->platform_id = 0x000001f4; /* unknown */
+ info100->platform_id = PLATFORM_ID_NT; /* unknown */
info100->version_major = lp_major_announce_version();
info100->version_minor = lp_minor_announce_version();
@@ -284,7 +286,72 @@ WERROR _wkssvc_NetrGetJoinableOus(pipes_struct *p, struct wkssvc_NetrGetJoinable
WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p, struct wkssvc_NetrJoinDomain2 *r)
{
- /* FIXME: Add implementation code here */
+#if 0
+ struct libnet_JoinCtx *j = NULL;
+ char *pwd = NULL;
+ char *admin_domain = NULL;
+ char *admin_account = NULL;
+ WERROR werr;
+ NTSTATUS status;
+ struct nt_user_token *token = p->pipe_user.nt_user_token;
+ struct DS_DOMAIN_CONTROLLER_INFO *info = NULL;
+
+ if (!r->in.domain_name) {
+ return WERR_INVALID_PARAM;
+ }
+
+ if (!user_has_privileges(token, &se_machine_account) &&
+ !nt_token_check_domain_rid(token, DOMAIN_GROUP_RID_ADMINS) &&
+ !nt_token_check_domain_rid(token, BUILTIN_ALIAS_RID_ADMINS)) {
+ return WERR_ACCESS_DENIED;
+ }
+
+ werr = decode_wkssvc_join_password_buffer(p->mem_ctx,
+ r->in.encrypted_password,
+ &p->session_key,
+ &pwd);
+ if (!W_ERROR_IS_OK(werr)) {
+ return werr;
+ }
+
+ werr = libnet_init_JoinCtx(p->mem_ctx, &j);
+ if (!W_ERROR_IS_OK(werr)) {
+ return werr;
+ }
+
+ split_domain_user(p->mem_ctx,
+ r->in.admin_account,
+ &admin_domain,
+ &admin_account);
+
+ status = DsGetDcName(p->mem_ctx,
+ NULL,
+ r->in.domain_name,
+ NULL,
+ NULL,
+ DS_DIRECTORY_SERVICE_REQUIRED |
+ DS_WRITABLE_REQUIRED |
+ DS_RETURN_DNS_NAME,
+ &info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return ntstatus_to_werror(status);
+ }
+
+ j->in.server_name = info->domain_controller_name;
+ j->in.domain_name = r->in.domain_name;
+ j->in.account_ou = r->in.account_ou;
+ j->in.join_flags = r->in.join_flags;
+
+ j->in.admin_account = admin_account;
+ j->in.password = pwd;
+ j->in.modify_config = true;
+
+ become_root();
+ werr = libnet_Join(p->mem_ctx, j);
+ unbecome_root();
+
+ return werr;
+#endif
p->rng_fault_state = True;
return WERR_NOT_SUPPORTED;
}
diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c
index e997bb5090..2c1f7e0f11 100644
--- a/source3/rpcclient/cmd_netlogon.c
+++ b/source3/rpcclient/cmd_netlogon.c
@@ -48,7 +48,7 @@ static WERROR cmd_netlogon_getanydcname(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
- fstring dcname;
+ char *dcname = NULL;
WERROR result = WERR_GENERAL_FAILURE;
int old_timeout;
@@ -60,7 +60,7 @@ static WERROR cmd_netlogon_getanydcname(struct rpc_pipe_client *cli,
/* Make sure to wait for our DC's reply */
old_timeout = cli_set_timeout(cli->cli, MAX(cli->cli->timeout,30000)); /* 30 seconds. */
- result = rpccli_netlogon_getanydcname(cli, mem_ctx, cli->cli->desthost, argv[1], dcname);
+ result = rpccli_netlogon_getanydcname(cli, mem_ctx, cli->cli->desthost, argv[1], &dcname);
cli_set_timeout(cli->cli, old_timeout);
@@ -79,7 +79,7 @@ static WERROR cmd_netlogon_getdcname(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
- fstring dcname;
+ char *dcname = NULL;
WERROR result = WERR_GENERAL_FAILURE;
int old_timeout;
@@ -91,7 +91,7 @@ static WERROR cmd_netlogon_getdcname(struct rpc_pipe_client *cli,
/* Make sure to wait for our DC's reply */
old_timeout = cli_set_timeout(cli->cli, MAX(cli->cli->timeout,30000)); /* 30 seconds. */
- result = rpccli_netlogon_getdcname(cli, mem_ctx, cli->cli->desthost, argv[1], dcname);
+ result = rpccli_netlogon_getdcname(cli, mem_ctx, cli->cli->desthost, argv[1], &dcname);
cli_set_timeout(cli->cli, old_timeout);
diff --git a/source3/script/mkproto.awk b/source3/script/mkproto.awk
index ff266321ff..e9839fe498 100644
--- a/source3/script/mkproto.awk
+++ b/source3/script/mkproto.awk
@@ -151,7 +151,7 @@ END {
gotstart = 1;
}
- if( $0 ~ /^NODE_STATUS_STRUCT|^SMB_STRUCT_DIR|^ELOG_TDB|^codepoint_t|^_PUBLIC_/ ) {
+ if( $0 ~ /^NODE_STATUS_STRUCT|^SMB_STRUCT_DIR|^ELOG_TDB|^codepoint_t|^_PUBLIC_|^wbcErr/ ) {
gotstart = 1;
}
diff --git a/source3/script/tests/selftest.sh b/source3/script/tests/selftest.sh
index 2250a81245..0ad0639cb9 100755
--- a/source3/script/tests/selftest.sh
+++ b/source3/script/tests/selftest.sh
@@ -70,6 +70,10 @@ export WINBINDD_SOCKET_DIR WINBINDD_PRIV_PIPE_DIR
PATH=bin:$PATH
export PATH
+LD_LIBRARY_PATH=$BINDIR
+echo "LD_LIBRRARY_PATH=$LD_LIBRARY_PATH"
+export LD_LIBRARY_PATH
+
##
## verify that we were built with --enable-socket-wrapper
##
diff --git a/source3/services/services_db.c b/source3/services/services_db.c
index c57b29cc80..b1daae4df8 100644
--- a/source3/services/services_db.c
+++ b/source3/services/services_db.c
@@ -112,7 +112,9 @@ static SEC_DESC* construct_service_sd( TALLOC_CTX *ctx )
if ( !(acl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
return NULL;
- if ( !(sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, acl, &sd_size)) )
+ if ( !(sd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
+ acl, &sd_size)) )
return NULL;
return sd;
diff --git a/source3/smbd/close.c b/source3/smbd/close.c
index eb610f7d1a..5d30e467d0 100644
--- a/source3/smbd/close.c
+++ b/source3/smbd/close.c
@@ -27,7 +27,7 @@ extern struct current_user current_user;
Run a file if it is a magic script.
****************************************************************************/
-static void check_magic(files_struct *fsp,connection_struct *conn)
+static void check_magic(struct files_struct *fsp)
{
int ret;
const char *magic_output = NULL;
@@ -35,6 +35,7 @@ static void check_magic(files_struct *fsp,connection_struct *conn)
int tmp_fd, outfd;
TALLOC_CTX *ctx = NULL;
const char *p;
+ struct connection_struct *conn = fsp->conn;
if (!*lp_magicscript(SNUM(conn))) {
return;
@@ -389,11 +390,11 @@ static NTSTATUS close_normal_file(files_struct *fsp, enum file_close_type close_
locking_close_file(smbd_messaging_context(), fsp);
- status = fd_close(conn, fsp);
+ status = fd_close(fsp);
/* check for magic scripts */
if (close_type == NORMAL_CLOSE) {
- check_magic(fsp,conn);
+ check_magic(fsp);
}
/*
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index b83d6844d6..9428b47b6a 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -70,7 +70,7 @@ static NTSTATUS fd_open(struct connection_struct *conn,
Close the file associated with a fsp.
****************************************************************************/
-NTSTATUS fd_close(struct connection_struct *conn, files_struct *fsp)
+NTSTATUS fd_close(files_struct *fsp)
{
if (fsp->fh->fd == -1) {
return NT_STATUS_OK; /* What we used to call a stat open. */
@@ -78,7 +78,7 @@ NTSTATUS fd_close(struct connection_struct *conn, files_struct *fsp)
if (fsp->fh->ref_count > 1) {
return NT_STATUS_OK; /* Shared handle. Only close last reference. */
}
- return fd_close_posix(conn, fsp);
+ return fd_close_posix(fsp);
}
/****************************************************************************
@@ -353,7 +353,7 @@ static NTSTATUS open_file(files_struct *fsp,
/* For a non-io open, this stat failing means file not found. JRA */
if (ret == -1) {
status = map_nt_error_from_unix(errno);
- fd_close(conn, fsp);
+ fd_close(fsp);
return status;
}
}
@@ -365,7 +365,7 @@ static NTSTATUS open_file(files_struct *fsp,
*/
if(S_ISDIR(psbuf->st_mode)) {
- fd_close(conn, fsp);
+ fd_close(fsp);
errno = EISDIR;
return NT_STATUS_FILE_IS_A_DIRECTORY;
}
@@ -1688,7 +1688,7 @@ NTSTATUS open_file_ntcreate(connection_struct *conn,
if (lck == NULL) {
DEBUG(0, ("open_file_ntcreate: Could not get share "
"mode lock for %s\n", fname));
- fd_close(conn, fsp);
+ fd_close(fsp);
file_free(fsp);
return NT_STATUS_SHARING_VIOLATION;
}
@@ -1699,7 +1699,7 @@ NTSTATUS open_file_ntcreate(connection_struct *conn,
oplock_request)) {
schedule_defer_open(lck, request_time, req);
TALLOC_FREE(lck);
- fd_close(conn, fsp);
+ fd_close(fsp);
file_free(fsp);
return NT_STATUS_SHARING_VIOLATION;
}
@@ -1718,7 +1718,7 @@ NTSTATUS open_file_ntcreate(connection_struct *conn,
oplock_request)) {
schedule_defer_open(lck, request_time, req);
TALLOC_FREE(lck);
- fd_close(conn, fsp);
+ fd_close(fsp);
file_free(fsp);
return NT_STATUS_SHARING_VIOLATION;
}
@@ -1727,7 +1727,7 @@ NTSTATUS open_file_ntcreate(connection_struct *conn,
if (!NT_STATUS_IS_OK(status)) {
struct deferred_open_record state;
- fd_close(conn, fsp);
+ fd_close(fsp);
file_free(fsp);
state.delayed_for_oplocks = False;
@@ -1768,7 +1768,7 @@ NTSTATUS open_file_ntcreate(connection_struct *conn,
if(ret_flock == -1 ){
TALLOC_FREE(lck);
- fd_close(conn, fsp);
+ fd_close(fsp);
file_free(fsp);
return NT_STATUS_SHARING_VIOLATION;
@@ -1793,7 +1793,7 @@ NTSTATUS open_file_ntcreate(connection_struct *conn,
(SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
status = map_nt_error_from_unix(errno);
TALLOC_FREE(lck);
- fd_close(conn,fsp);
+ fd_close(fsp);
file_free(fsp);
return status;
}
@@ -1850,7 +1850,7 @@ NTSTATUS open_file_ntcreate(connection_struct *conn,
/* Remember to delete the mode we just added. */
del_share_mode(lck, fsp);
TALLOC_FREE(lck);
- fd_close(conn,fsp);
+ fd_close(fsp);
file_free(fsp);
return status;
}
@@ -1974,7 +1974,7 @@ NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
NTSTATUS close_file_fchmod(files_struct *fsp)
{
- NTSTATUS status = fd_close(fsp->conn, fsp);
+ NTSTATUS status = fd_close(fsp);
file_free(fsp);
return status;
}
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index d8794e2114..2810b5e587 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -891,7 +891,7 @@ static bool nt4_compatible_acls(void)
****************************************************************************/
static SEC_ACCESS map_canon_ace_perms(int snum,
- int *pacl_type,
+ enum security_ace_type *pacl_type,
mode_t perms,
bool directory_ace)
{
@@ -2869,7 +2869,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
{
canon_ace *ace;
- int nt_acl_type;
+ enum security_ace_type nt_acl_type;
int i;
if (nt4_compatible_acls() && dir_ace) {
@@ -3210,7 +3210,7 @@ static NTSTATUS append_ugw_ace(files_struct *fsp,
{
mode_t perms;
SEC_ACCESS acc;
- int nt_acl_type;
+ enum security_ace_type nt_acl_type;
DOM_SID trustee;
switch (ugw) {
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 45081808e1..575ca13ff6 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -1163,8 +1163,8 @@ void reply_dskattr(connection_struct *conn, struct smb_request *req)
total_space = dsize * (double)bsize;
free_space = dfree * (double)bsize;
- dsize = (total_space+63*512) / (64*512);
- dfree = (free_space+63*512) / (64*512);
+ dsize = (SMB_BIG_UINT)((total_space+63*512) / (64*512));
+ dfree = (SMB_BIG_UINT)((free_space+63*512) / (64*512));
if (dsize > 0xFFFF) dsize = 0xFFFF;
if (dfree > 0xFFFF) dfree = 0xFFFF;
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 40037074f6..43a6d62a28 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1191,6 +1191,12 @@ extern void build_options(bool screen);
if (smbd_messaging_context() == NULL)
exit(1);
+ if (smbd_memcache() == NULL) {
+ exit(1);
+ }
+
+ memcache_set_global(smbd_memcache());
+
/* Initialise the password backed before the global_sam_sid
to ensure that we fetch from ldap before we make a domain sid up */
diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c
index 96d71da8d9..fefae38932 100644
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -280,7 +280,7 @@ void *vfs_fetch_fsp_extension(vfs_handle_struct *handle, files_struct *fsp)
{
struct vfs_fsp_data *head;
- head = vfs_memctx_fsp_extension(handle, fsp);
+ head = (struct vfs_fsp_data *)vfs_memctx_fsp_extension(handle, fsp);
if (head != NULL) {
return EXT_DATA_AREA(head);
}
diff --git a/source3/utils/net_conf.c b/source3/utils/net_conf.c
index 16b372ca72..808ba8d885 100644
--- a/source3/utils/net_conf.c
+++ b/source3/utils/net_conf.c
@@ -26,6 +26,7 @@
#include "includes.h"
#include "utils/net.h"
+#include "libnet/libnet.h"
/*
* usage functions
@@ -214,67 +215,6 @@ done:
}
/*
- * Open a subkey of KEY_SMBCONF (i.e a service)
- * - variant without error output (q = quiet)-
- */
-static WERROR smbconf_open_path_q(TALLOC_CTX *ctx, const char *subkeyname,
- uint32 desired_access,
- struct registry_key **key)
-{
- WERROR werr = WERR_OK;
- char *path = NULL;
- NT_USER_TOKEN *token;
-
- if (!(token = registry_create_admin_token(ctx))) {
- DEBUG(1, ("Error creating admin token\n"));
- goto done;
- }
-
- if (subkeyname == NULL) {
- path = talloc_strdup(ctx, KEY_SMBCONF);
- } else {
- path = talloc_asprintf(ctx, "%s\\%s", KEY_SMBCONF, subkeyname);
- }
-
- werr = reg_open_path(ctx, path, desired_access,
- token, key);
-
-done:
- TALLOC_FREE(path);
- return werr;
-}
-
-/*
- * Open a subkey of KEY_SMBCONF (i.e a service)
- * - variant with error output -
- */
-static WERROR smbconf_open_path(TALLOC_CTX *ctx, const char *subkeyname,
- uint32 desired_access,
- struct registry_key **key)
-{
- WERROR werr = WERR_OK;
-
- werr = smbconf_open_path_q(ctx, subkeyname, desired_access, key);
- if (!W_ERROR_IS_OK(werr)) {
- d_fprintf(stderr, "Error opening registry path '%s\\%s': %s\n",
- KEY_SMBCONF,
- (subkeyname == NULL) ? "" : subkeyname,
- dos_errstr(werr));
- }
-
- return werr;
-}
-
-/*
- * open the base key KEY_SMBCONF
- */
-static WERROR smbconf_open_basepath(TALLOC_CTX *ctx, uint32 desired_access,
- struct registry_key **key)
-{
- return smbconf_open_path(ctx, NULL, desired_access, key);
-}
-
-/*
* delete a subkey of KEY_SMBCONF
*/
static WERROR reg_delkey_internal(TALLOC_CTX *ctx, const char *keyname)
@@ -282,7 +222,7 @@ static WERROR reg_delkey_internal(TALLOC_CTX *ctx, const char *keyname)
WERROR werr = WERR_OK;
struct registry_key *key = NULL;
- werr = smbconf_open_basepath(ctx, REG_KEY_WRITE, &key);
+ werr = libnet_smbconf_open_basepath(ctx, REG_KEY_WRITE, &key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
@@ -298,72 +238,6 @@ done:
return werr;
}
-/*
- * create a subkey of KEY_SMBCONF
- */
-static WERROR reg_createkey_internal(TALLOC_CTX *ctx,
- const char * subkeyname,
- struct registry_key **newkey)
-{
- WERROR werr = WERR_OK;
- struct registry_key *create_parent = NULL;
- TALLOC_CTX *create_ctx;
- enum winreg_CreateAction action = REG_ACTION_NONE;
-
- /* create a new talloc ctx for creation. it will hold
- * the intermediate parent key (SMBCONF) for creation
- * and will be destroyed when leaving this function... */
- if (!(create_ctx = talloc_new(ctx))) {
- werr = WERR_NOMEM;
- goto done;
- }
-
- werr = smbconf_open_basepath(create_ctx, REG_KEY_WRITE, &create_parent);
- if (!W_ERROR_IS_OK(werr)) {
- goto done;
- }
-
- werr = reg_createkey(ctx, create_parent, subkeyname,
- REG_KEY_WRITE, newkey, &action);
- if (W_ERROR_IS_OK(werr) && (action != REG_CREATED_NEW_KEY)) {
- d_fprintf(stderr, "Key '%s' already exists.\n", subkeyname);
- werr = WERR_ALREADY_EXISTS;
- }
- if (!W_ERROR_IS_OK(werr)) {
- d_fprintf(stderr, "Error creating key %s: %s\n",
- subkeyname, dos_errstr(werr));
- }
-
-done:
- TALLOC_FREE(create_ctx);
- return werr;
-}
-
-/*
- * check if a subkey of KEY_SMBCONF of a given name exists
- */
-static bool smbconf_key_exists(TALLOC_CTX *ctx, const char *subkeyname)
-{
- bool ret = False;
- WERROR werr = WERR_OK;
- TALLOC_CTX *mem_ctx;
- struct registry_key *key;
-
- if (!(mem_ctx = talloc_new(ctx))) {
- d_fprintf(stderr, "ERROR: Out of memory...!\n");
- goto done;
- }
-
- werr = smbconf_open_path_q(mem_ctx, subkeyname, REG_KEY_READ, &key);
- if (W_ERROR_IS_OK(werr)) {
- ret = True;
- }
-
-done:
- TALLOC_FREE(mem_ctx);
- return ret;
-}
-
static bool smbconf_value_exists(TALLOC_CTX *ctx, struct registry_key *key,
const char *param)
{
@@ -553,13 +427,13 @@ static int import_process_service(TALLOC_CTX *ctx,
if (opt_testmode) {
d_printf("[%s]\n", servicename);
} else {
- if (smbconf_key_exists(tmp_ctx, servicename)) {
+ if (libnet_smbconf_key_exists(tmp_ctx, servicename)) {
werr = reg_delkey_internal(tmp_ctx, servicename);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
}
- werr = reg_createkey_internal(tmp_ctx, servicename, &key);
+ werr = libnet_reg_createkey_internal(tmp_ctx, servicename, &key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
@@ -632,12 +506,12 @@ int net_conf_list(int argc, const char **argv)
goto done;
}
- werr = smbconf_open_basepath(ctx, REG_KEY_READ, &base_key);
+ werr = libnet_smbconf_open_basepath(ctx, REG_KEY_READ, &base_key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
- if (smbconf_key_exists(ctx, GLOBAL_NAME)) {
+ if (libnet_smbconf_key_exists(ctx, GLOBAL_NAME)) {
werr = reg_openkey(ctx, base_key, GLOBAL_NAME,
REG_KEY_READ, &sub_key);
if (!W_ERROR_IS_OK(werr)) {
@@ -790,7 +664,7 @@ int net_conf_listshares(int argc, const char **argv)
goto done;
}
- werr = smbconf_open_basepath(ctx, SEC_RIGHTS_ENUM_SUBKEYS, &key);
+ werr = libnet_smbconf_open_basepath(ctx, SEC_RIGHTS_ENUM_SUBKEYS, &key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
@@ -852,7 +726,7 @@ int net_conf_showshare(int argc, const char **argv)
goto done;
}
- werr = smbconf_open_path(ctx, argv[0], REG_KEY_READ, &key);
+ werr = libnet_smbconf_open_path(ctx, argv[0], REG_KEY_READ, &key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
@@ -989,7 +863,7 @@ int net_conf_addshare(int argc, const char **argv)
* create the share
*/
- werr = reg_createkey_internal(NULL, argv[0], &newkey);
+ werr = libnet_reg_createkey_internal(NULL, argv[0], &newkey);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
@@ -1060,10 +934,10 @@ static int net_conf_setparm(int argc, const char **argv)
param = strdup_lower(argv[1]);
value_str = argv[2];
- if (!smbconf_key_exists(ctx, service)) {
- werr = reg_createkey_internal(ctx, service, &key);
+ if (!libnet_smbconf_key_exists(ctx, service)) {
+ werr = libnet_reg_createkey_internal(ctx, service, &key);
} else {
- werr = smbconf_open_path(ctx, service, REG_KEY_READ, &key);
+ werr = libnet_smbconf_open_path(ctx, service, REG_KEY_WRITE, &key);
}
if (!W_ERROR_IS_OK(werr)) {
goto done;
@@ -1104,14 +978,14 @@ static int net_conf_getparm(int argc, const char **argv)
service = strdup_lower(argv[0]);
param = strdup_lower(argv[1]);
- if (!smbconf_key_exists(ctx, service)) {
+ if (!libnet_smbconf_key_exists(ctx, service)) {
d_fprintf(stderr,
"ERROR: given service '%s' does not exist.\n",
service);
goto done;
}
- werr = smbconf_open_path(ctx, service, REG_KEY_READ, &key);
+ werr = libnet_smbconf_open_path(ctx, service, REG_KEY_READ, &key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
@@ -1151,14 +1025,14 @@ static int net_conf_delparm(int argc, const char **argv)
service = strdup_lower(argv[0]);
param = strdup_lower(argv[1]);
- if (!smbconf_key_exists(ctx, service)) {
+ if (!libnet_smbconf_key_exists(ctx, service)) {
d_fprintf(stderr,
"Error: given service '%s' does not exist.\n",
service);
goto done;
}
- werr = smbconf_open_path(ctx, service, REG_KEY_READ, &key);
+ werr = libnet_smbconf_open_path(ctx, service, REG_KEY_READ, &key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
diff --git a/source3/utils/net_dom.c b/source3/utils/net_dom.c
index fd386c95a8..3a8338ec70 100644
--- a/source3/utils/net_dom.c
+++ b/source3/utils/net_dom.c
@@ -19,7 +19,7 @@
#include "includes.h"
#include "utils/net.h"
-#include "lib/netapi/joindomain.h"
+#include "lib/netapi/netapi.h"
static int net_dom_usage(int argc, const char **argv)
{
@@ -43,6 +43,7 @@ int net_help_dom(int argc, const char **argv)
static int net_dom_unjoin(int argc, const char **argv)
{
+ struct libnetapi_ctx *ctx = NULL;
const char *server_name = NULL;
const char *account = NULL;
const char *password = NULL;
@@ -50,8 +51,8 @@ static int net_dom_unjoin(int argc, const char **argv)
WKSSVC_JOIN_FLAGS_JOIN_TYPE;
struct cli_state *cli = NULL;
bool reboot = false;
- NTSTATUS status;
- WERROR werr;
+ NTSTATUS ntstatus;
+ NET_API_STATUS status;
int ret = -1;
int i;
@@ -82,17 +83,25 @@ static int net_dom_unjoin(int argc, const char **argv)
}
if (reboot) {
- status = net_make_ipc_connection_ex(opt_workgroup, server_name,
- NULL, 0, &cli);
- if (!NT_STATUS_IS_OK(status)) {
+ ntstatus = net_make_ipc_connection_ex(opt_workgroup, server_name,
+ NULL, 0, &cli);
+ if (!NT_STATUS_IS_OK(ntstatus)) {
return -1;
}
}
- werr = NetUnjoinDomain(server_name, account, password, unjoin_flags);
- if (!W_ERROR_IS_OK(werr)) {
+ status = libnetapi_init(&ctx);
+ if (status != 0) {
+ return -1;
+ }
+
+ libnetapi_set_username(ctx, opt_user_name);
+ libnetapi_set_password(ctx, opt_password);
+
+ status = NetUnjoinDomain(server_name, account, password, unjoin_flags);
+ if (status != 0) {
printf("Failed to unjoin domain: %s\n",
- get_friendly_nt_error_msg(werror_to_ntstatus(werr)));
+ libnetapi_errstr(ctx, status));
goto done;
}
@@ -121,11 +130,13 @@ static int net_dom_unjoin(int argc, const char **argv)
cli_shutdown(cli);
}
+ /* libnetapi_free(ctx); */
return ret;
}
static int net_dom_join(int argc, const char **argv)
{
+ struct libnetapi_ctx *ctx = NULL;
const char *server_name = NULL;
const char *domain_name = NULL;
const char *account_ou = NULL;
@@ -135,8 +146,8 @@ static int net_dom_join(int argc, const char **argv)
WKSSVC_JOIN_FLAGS_JOIN_TYPE;
struct cli_state *cli = NULL;
bool reboot = false;
- NTSTATUS status;
- WERROR werr;
+ NTSTATUS ntstatus;
+ NET_API_STATUS status;
int ret = -1;
int i;
@@ -183,21 +194,28 @@ static int net_dom_join(int argc, const char **argv)
}
if (reboot) {
- status = net_make_ipc_connection_ex(opt_workgroup, server_name,
- NULL, 0, &cli);
- if (!NT_STATUS_IS_OK(status)) {
+ ntstatus = net_make_ipc_connection_ex(opt_workgroup, server_name,
+ NULL, 0, &cli);
+ if (!NT_STATUS_IS_OK(ntstatus)) {
return -1;
}
}
/* check if domain is a domain or a workgroup */
- werr = NetJoinDomain(server_name, domain_name, account_ou,
- Account, password, join_flags);
- if (!W_ERROR_IS_OK(werr)) {
- printf("Failed to join domain: %s (WERROR: %s)\n",
- get_friendly_nt_error_msg(werror_to_ntstatus(werr)),
- dos_errstr(werr));
+ status = libnetapi_init(&ctx);
+ if (status != 0) {
+ return -1;
+ }
+
+ libnetapi_set_username(ctx, opt_user_name);
+ libnetapi_set_password(ctx, opt_password);
+
+ status = NetJoinDomain(server_name, domain_name, account_ou,
+ Account, password, join_flags);
+ if (status != 0) {
+ printf("Failed to join domain: %s\n",
+ libnetapi_errstr(ctx, status));
goto done;
}
@@ -226,6 +244,7 @@ static int net_dom_join(int argc, const char **argv)
cli_shutdown(cli);
}
+ /* libnetapi_free(ctx); */
return ret;
}
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 8ea815535f..7fb42a6dca 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -570,7 +570,7 @@ static bool get_dc_name_via_netlogon(const struct winbindd_domain *domain,
WERROR werr;
TALLOC_CTX *mem_ctx;
unsigned int orig_timeout;
- fstring tmp;
+ char *tmp = NULL;
char *p;
/* Hmmmm. We can only open one connection to the NETLOGON pipe at the
@@ -602,7 +602,7 @@ static bool get_dc_name_via_netlogon(const struct winbindd_domain *domain,
orig_timeout = cli_set_timeout(netlogon_pipe->cli, 35000);
werr = rpccli_netlogon_getanydcname(netlogon_pipe, mem_ctx, our_domain->dcname,
- domain->name, tmp);
+ domain->name, &tmp);
/* And restore our original timeout. */
cli_set_timeout(netlogon_pipe->cli, orig_timeout);
diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c
index 140943cc2c..fbd2fee692 100644
--- a/source3/winbindd/winbindd_group.c
+++ b/source3/winbindd/winbindd_group.c
@@ -1045,7 +1045,10 @@ static bool get_sam_group_entries(struct getent_state *ent)
status = domain->methods->enum_local_groups(domain, mem_ctx, &num_entries, &sam_grp_entries);
if ( !NT_STATUS_IS_OK(status) ) {
- DEBUG(3,("get_sam_group_entries: Failed to enumerate domain local groups!\n"));
+ DEBUG(3,("get_sam_group_entries: "
+ "Failed to enumerate "
+ "domain local groups with error %s!\n",
+ nt_errstr(status)));
num_entries = 0;
}
else
diff --git a/source3/winbindd/winbindd_misc.c b/source3/winbindd/winbindd_misc.c
index 8c3ef5bb6f..76f2554122 100644
--- a/source3/winbindd/winbindd_misc.c
+++ b/source3/winbindd/winbindd_misc.c
@@ -231,7 +231,7 @@ void winbindd_getdcname(struct winbindd_cli_state *state)
enum winbindd_result winbindd_dual_getdcname(struct winbindd_domain *domain,
struct winbindd_cli_state *state)
{
- fstring dcname_slash;
+ char *dcname_slash = NULL;
char *p;
struct rpc_pipe_client *netlogon_pipe;
NTSTATUS result;
@@ -262,12 +262,12 @@ enum winbindd_result winbindd_dual_getdcname(struct winbindd_domain *domain,
werr = rpccli_netlogon_getdcname(netlogon_pipe, state->mem_ctx,
domain->dcname,
state->request.domain_name,
- dcname_slash);
+ &dcname_slash);
} else {
werr = rpccli_netlogon_getanydcname(netlogon_pipe, state->mem_ctx,
domain->dcname,
state->request.domain_name,
- dcname_slash);
+ &dcname_slash);
}
/* And restore our original timeout. */
cli_set_timeout(netlogon_pipe->cli, orig_timeout);