diff options
author | Kai Blin <kai@samba.org> | 2008-12-16 09:30:16 +0100 |
---|---|---|
committer | Kai Blin <kai@samba.org> | 2008-12-16 13:02:45 +0100 |
commit | 6821d898d7ecf10c6a9359560c5cf1c50a812b62 (patch) | |
tree | b4305a8ac51ff27bb37063a62fc34ceb4142bb90 /source3/nsswitch/libwbclient | |
parent | 46f530e42f42b860407696f4e4733ad88e69f1be (diff) | |
download | samba-6821d898d7ecf10c6a9359560c5cf1c50a812b62.tar.gz samba-6821d898d7ecf10c6a9359560c5cf1c50a812b62.tar.bz2 samba-6821d898d7ecf10c6a9359560c5cf1c50a812b62.zip |
nsswitch: Move source3 files to top level dir.
Don't move source4 files yet to not confuse git's rename tracking too much.
Diffstat (limited to 'source3/nsswitch/libwbclient')
-rw-r--r-- | source3/nsswitch/libwbclient/Doxyfile | 1297 | ||||
-rw-r--r-- | source3/nsswitch/libwbclient/libwbclient.h | 46 | ||||
-rw-r--r-- | source3/nsswitch/libwbclient/wbc_err_internal.h | 45 | ||||
-rw-r--r-- | source3/nsswitch/libwbclient/wbc_guid.c | 104 | ||||
-rw-r--r-- | source3/nsswitch/libwbclient/wbc_idmap.c | 468 | ||||
-rw-r--r-- | source3/nsswitch/libwbclient/wbc_pam.c | 1034 | ||||
-rw-r--r-- | source3/nsswitch/libwbclient/wbc_pwd.c | 571 | ||||
-rw-r--r-- | source3/nsswitch/libwbclient/wbc_sid.c | 672 | ||||
-rw-r--r-- | source3/nsswitch/libwbclient/wbc_util.c | 672 | ||||
-rw-r--r-- | source3/nsswitch/libwbclient/wbclient.c | 159 | ||||
-rw-r--r-- | source3/nsswitch/libwbclient/wbclient.h | 1187 | ||||
-rw-r--r-- | source3/nsswitch/libwbclient/wbclient_internal.h | 32 |
12 files changed, 0 insertions, 6287 deletions
diff --git a/source3/nsswitch/libwbclient/Doxyfile b/source3/nsswitch/libwbclient/Doxyfile deleted file mode 100644 index e12c2b06f0..0000000000 --- a/source3/nsswitch/libwbclient/Doxyfile +++ /dev/null @@ -1,1297 +0,0 @@ -# Doxyfile 1.5.3 - -# This file describes the settings to be used by the documentation system -# doxygen (www.doxygen.org) for a project -# -# All text after a hash (#) is considered a comment and will be ignored -# The format is: -# TAG = value [value, ...] -# For lists items can also be appended using: -# TAG += value [value, ...] -# Values that contain spaces should be placed between quotes (" ") - -#--------------------------------------------------------------------------- -# Project related configuration options -#--------------------------------------------------------------------------- - -# This tag specifies the encoding used for all characters in the config file that -# follow. The default is UTF-8 which is also the encoding used for all text before -# the first occurrence of this tag. Doxygen uses libiconv (or the iconv built into -# libc) for the transcoding. See http://www.gnu.org/software/libiconv for the list of -# possible encodings. - -DOXYFILE_ENCODING = UTF-8 - -# The PROJECT_NAME tag is a single word (or a sequence of words surrounded -# by quotes) that should identify the project. - -PROJECT_NAME = Samba - -# The PROJECT_NUMBER tag can be used to enter a project or revision number. -# This could be handy for archiving the generated documentation or -# if some version control system is used. - -PROJECT_NUMBER = HEAD - -# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) -# base path where the generated documentation will be put. -# If a relative path is entered, it will be relative to the location -# where doxygen was started. If left blank the current directory will be used. - -OUTPUT_DIRECTORY = dox - -# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create -# 4096 sub-directories (in 2 levels) under the output directory of each output -# format and will distribute the generated files over these directories. -# Enabling this option can be useful when feeding doxygen a huge amount of -# source files, where putting all generated files in the same directory would -# otherwise cause performance problems for the file system. - -CREATE_SUBDIRS = NO - -# The OUTPUT_LANGUAGE tag is used to specify the language in which all -# documentation generated by doxygen is written. Doxygen will use this -# information to generate all constant output in the proper language. -# The default language is English, other supported languages are: -# Afrikaans, Arabic, Brazilian, Catalan, Chinese, Chinese-Traditional, -# Croatian, Czech, Danish, Dutch, Finnish, French, German, Greek, Hungarian, -# Italian, Japanese, Japanese-en (Japanese with English messages), Korean, -# Korean-en, Lithuanian, Norwegian, Polish, Portuguese, Romanian, Russian, -# Serbian, Slovak, Slovene, Spanish, Swedish, and Ukrainian. - -OUTPUT_LANGUAGE = English - -# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will -# include brief member descriptions after the members that are listed in -# the file and class documentation (similar to JavaDoc). -# Set to NO to disable this. - -BRIEF_MEMBER_DESC = YES - -# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend -# the brief description of a member or function before the detailed description. -# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the -# brief descriptions will be completely suppressed. - -REPEAT_BRIEF = YES - -# This tag implements a quasi-intelligent brief description abbreviator -# that is used to form the text in various listings. Each string -# in this list, if found as the leading text of the brief description, will be -# stripped from the text and the result after processing the whole list, is -# used as the annotated text. Otherwise, the brief description is used as-is. -# If left blank, the following values are used ("$name" is automatically -# replaced with the name of the entity): "The $name class" "The $name widget" -# "The $name file" "is" "provides" "specifies" "contains" -# "represents" "a" "an" "the" - -ABBREVIATE_BRIEF = - -# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then -# Doxygen will generate a detailed section even if there is only a brief -# description. - -ALWAYS_DETAILED_SEC = NO - -# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all -# inherited members of a class in the documentation of that class as if those -# members were ordinary class members. Constructors, destructors and assignment -# operators of the base classes will not be shown. - -INLINE_INHERITED_MEMB = NO - -# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full -# path before files name in the file list and in the header files. If set -# to NO the shortest path that makes the file name unique will be used. - -FULL_PATH_NAMES = YES - -# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag -# can be used to strip a user-defined part of the path. Stripping is -# only done if one of the specified strings matches the left-hand part of -# the path. The tag can be used to show relative paths in the file list. -# If left blank the directory from which doxygen is run is used as the -# path to strip. - -STRIP_FROM_PATH = $(PWD)/ - -# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of -# the path mentioned in the documentation of a class, which tells -# the reader which header file to include in order to use a class. -# If left blank only the name of the header file containing the class -# definition is used. Otherwise one should specify the include paths that -# are normally passed to the compiler using the -I flag. - -STRIP_FROM_INC_PATH = - -# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter -# (but less readable) file names. This can be useful is your file systems -# doesn't support long names like on DOS, Mac, or CD-ROM. - -SHORT_NAMES = NO - -# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen -# will interpret the first line (until the first dot) of a JavaDoc-style -# comment as the brief description. If set to NO, the JavaDoc -# comments will behave just like regular Qt-style comments -# (thus requiring an explicit @brief command for a brief description.) - -JAVADOC_AUTOBRIEF = YES - -# If the QT_AUTOBRIEF tag is set to YES then Doxygen will -# interpret the first line (until the first dot) of a Qt-style -# comment as the brief description. If set to NO, the comments -# will behave just like regular Qt-style comments (thus requiring -# an explicit \brief command for a brief description.) - -QT_AUTOBRIEF = NO - -# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen -# treat a multi-line C++ special comment block (i.e. a block of //! or /// -# comments) as a brief description. This used to be the default behaviour. -# The new default is to treat a multi-line C++ comment block as a detailed -# description. Set this tag to YES if you prefer the old behaviour instead. - -MULTILINE_CPP_IS_BRIEF = NO - -# If the DETAILS_AT_TOP tag is set to YES then Doxygen -# will output the detailed description near the top, like JavaDoc. -# If set to NO, the detailed description appears after the member -# documentation. - -DETAILS_AT_TOP = NO - -# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented -# member inherits the documentation from any documented member that it -# re-implements. - -INHERIT_DOCS = YES - -# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce -# a new page for each member. If set to NO, the documentation of a member will -# be part of the file/class/namespace that contains it. - -SEPARATE_MEMBER_PAGES = NO - -# The TAB_SIZE tag can be used to set the number of spaces in a tab. -# Doxygen uses this value to replace tabs by spaces in code fragments. - -TAB_SIZE = 8 - -# This tag can be used to specify a number of aliases that acts -# as commands in the documentation. An alias has the form "name=value". -# For example adding "sideeffect=\par Side Effects:\n" will allow you to -# put the command \sideeffect (or @sideeffect) in the documentation, which -# will result in a user-defined paragraph with heading "Side Effects:". -# You can put \n's in the value part of an alias to insert newlines. - -ALIASES = - -# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C -# sources only. Doxygen will then generate output that is more tailored for C. -# For instance, some of the names that are used will be different. The list -# of all members will be omitted, etc. - -OPTIMIZE_OUTPUT_FOR_C = YES - -# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java -# sources only. Doxygen will then generate output that is more tailored for Java. -# For instance, namespaces will be presented as packages, qualified scopes -# will look different, etc. - -OPTIMIZE_OUTPUT_JAVA = NO - -# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want to -# include (a tag file for) the STL sources as input, then you should -# set this tag to YES in order to let doxygen match functions declarations and -# definitions whose arguments contain STL classes (e.g. func(std::string); v.s. -# func(std::string) {}). This also make the inheritance and collaboration -# diagrams that involve STL classes more complete and accurate. - -BUILTIN_STL_SUPPORT = NO - -# If you use Microsoft's C++/CLI language, you should set this option to YES to -# enable parsing support. - -CPP_CLI_SUPPORT = NO - -# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC -# tag is set to YES, then doxygen will reuse the documentation of the first -# member in the group (if any) for the other members of the group. By default -# all members of a group must be documented explicitly. - -DISTRIBUTE_GROUP_DOC = NO - -# Set the SUBGROUPING tag to YES (the default) to allow class member groups of -# the same type (for instance a group of public functions) to be put as a -# subgroup of that type (e.g. under the Public Functions section). Set it to -# NO to prevent subgrouping. Alternatively, this can be done per class using -# the \nosubgrouping command. - -SUBGROUPING = YES - -#--------------------------------------------------------------------------- -# Build related configuration options -#--------------------------------------------------------------------------- - -# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in -# documentation are documented, even if no documentation was available. -# Private class members and static file members will be hidden unless -# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES - -EXTRACT_ALL = YES - -# If the EXTRACT_PRIVATE tag is set to YES all private members of a class -# will be included in the documentation. - -EXTRACT_PRIVATE = YES - -# If the EXTRACT_STATIC tag is set to YES all static members of a file -# will be included in the documentation. - -EXTRACT_STATIC = YES - -# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs) -# defined locally in source files will be included in the documentation. -# If set to NO only classes defined in header files are included. - -EXTRACT_LOCAL_CLASSES = YES - -# This flag is only useful for Objective-C code. When set to YES local -# methods, which are defined in the implementation section but not in -# the interface are included in the documentation. -# If set to NO (the default) only methods in the interface are included. - -EXTRACT_LOCAL_METHODS = NO - -# If this flag is set to YES, the members of anonymous namespaces will be extracted -# and appear in the documentation as a namespace called 'anonymous_namespace{file}', -# where file will be replaced with the base name of the file that contains the anonymous -# namespace. By default anonymous namespace are hidden. - -EXTRACT_ANON_NSPACES = NO - -# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all -# undocumented members of documented classes, files or namespaces. -# If set to NO (the default) these members will be included in the -# various overviews, but no documentation section is generated. -# This option has no effect if EXTRACT_ALL is enabled. - -HIDE_UNDOC_MEMBERS = NO - -# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all -# undocumented classes that are normally visible in the class hierarchy. -# If set to NO (the default) these classes will be included in the various -# overviews. This option has no effect if EXTRACT_ALL is enabled. - -HIDE_UNDOC_CLASSES = NO - -# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all -# friend (class|struct|union) declarations. -# If set to NO (the default) these declarations will be included in the -# documentation. - -HIDE_FRIEND_COMPOUNDS = NO - -# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any -# documentation blocks found inside the body of a function. -# If set to NO (the default) these blocks will be appended to the -# function's detailed documentation block. - -HIDE_IN_BODY_DOCS = NO - -# The INTERNAL_DOCS tag determines if documentation -# that is typed after a \internal command is included. If the tag is set -# to NO (the default) then the documentation will be excluded. -# Set it to YES to include the internal documentation. - -INTERNAL_DOCS = YES - -# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate -# file names in lower-case letters. If set to YES upper-case letters are also -# allowed. This is useful if you have classes or files whose names only differ -# in case and if your file system supports case sensitive file names. Windows -# and Mac users are advised to set this option to NO. - -CASE_SENSE_NAMES = YES - -# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen -# will show members with their full class and namespace scopes in the -# documentation. If set to YES the scope will be hidden. - -HIDE_SCOPE_NAMES = YES - -# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen -# will put a list of the files that are included by a file in the documentation -# of that file. - -SHOW_INCLUDE_FILES = YES - -# If the INLINE_INFO tag is set to YES (the default) then a tag [inline] -# is inserted in the documentation for inline members. - -INLINE_INFO = YES - -# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen -# will sort the (detailed) documentation of file and class members -# alphabetically by member name. If set to NO the members will appear in -# declaration order. - -SORT_MEMBER_DOCS = NO - -# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the -# brief documentation of file, namespace and class members alphabetically -# by member name. If set to NO (the default) the members will appear in -# declaration order. - -SORT_BRIEF_DOCS = NO - -# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be -# sorted by fully-qualified names, including namespaces. If set to -# NO (the default), the class list will be sorted only by class name, -# not including the namespace part. -# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES. -# Note: This option applies only to the class list, not to the -# alphabetical list. - -SORT_BY_SCOPE_NAME = NO - -# The GENERATE_TODOLIST tag can be used to enable (YES) or -# disable (NO) the todo list. This list is created by putting \todo -# commands in the documentation. - -GENERATE_TODOLIST = YES - -# The GENERATE_TESTLIST tag can be used to enable (YES) or -# disable (NO) the test list. This list is created by putting \test -# commands in the documentation. - -GENERATE_TESTLIST = YES - -# The GENERATE_BUGLIST tag can be used to enable (YES) or -# disable (NO) the bug list. This list is created by putting \bug -# commands in the documentation. - -GENERATE_BUGLIST = YES - -# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or -# disable (NO) the deprecated list. This list is created by putting -# \deprecated commands in the documentation. - -GENERATE_DEPRECATEDLIST= YES - -# The ENABLED_SECTIONS tag can be used to enable conditional -# documentation sections, marked by \if sectionname ... \endif. - -ENABLED_SECTIONS = - -# The MAX_INITIALIZER_LINES tag determines the maximum number of lines -# the initial value of a variable or define consists of for it to appear in -# the documentation. If the initializer consists of more lines than specified -# here it will be hidden. Use a value of 0 to hide initializers completely. -# The appearance of the initializer of individual variables and defines in the -# documentation can be controlled using \showinitializer or \hideinitializer -# command in the documentation regardless of this setting. - -MAX_INITIALIZER_LINES = 30 - -# Set the SHOW_USED_FILES tag to NO to disable the list of files generated -# at the bottom of the documentation of classes and structs. If set to YES the -# list will mention the files that were used to generate the documentation. - -SHOW_USED_FILES = YES - -# If the sources in your project are distributed over multiple directories -# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy -# in the documentation. The default is NO. - -SHOW_DIRECTORIES = NO - -# The FILE_VERSION_FILTER tag can be used to specify a program or script that -# doxygen should invoke to get the current version for each file (typically from the -# version control system). Doxygen will invoke the program by executing (via -# popen()) the command <command> <input-file>, where <command> is the value of -# the FILE_VERSION_FILTER tag, and <input-file> is the name of an input file -# provided by doxygen. Whatever the program writes to standard output -# is used as the file version. See the manual for examples. - -FILE_VERSION_FILTER = - -#--------------------------------------------------------------------------- -# configuration options related to warning and progress messages -#--------------------------------------------------------------------------- - -# The QUIET tag can be used to turn on/off the messages that are generated -# by doxygen. Possible values are YES and NO. If left blank NO is used. - -QUIET = YES - -# The WARNINGS tag can be used to turn on/off the warning messages that are -# generated by doxygen. Possible values are YES and NO. If left blank -# NO is used. - -WARNINGS = NO - -# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings -# for undocumented members. If EXTRACT_ALL is set to YES then this flag will -# automatically be disabled. - -WARN_IF_UNDOCUMENTED = NO - -# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for -# potential errors in the documentation, such as not documenting some -# parameters in a documented function, or documenting parameters that -# don't exist or using markup commands wrongly. - -WARN_IF_DOC_ERROR = YES - -# This WARN_NO_PARAMDOC option can be abled to get warnings for -# functions that are documented, but have no documentation for their parameters -# or return value. If set to NO (the default) doxygen will only warn about -# wrong or incomplete parameter documentation, but not about the absence of -# documentation. - -WARN_NO_PARAMDOC = NO - -# The WARN_FORMAT tag determines the format of the warning messages that -# doxygen can produce. The string should contain the $file, $line, and $text -# tags, which will be replaced by the file and line number from which the -# warning originated and the warning text. Optionally the format may contain -# $version, which will be replaced by the version of the file (if it could -# be obtained via FILE_VERSION_FILTER) - -WARN_FORMAT = "$file:$line: $text " - -# The WARN_LOGFILE tag can be used to specify a file to which warning -# and error messages should be written. If left blank the output is written -# to stderr. - -WARN_LOGFILE = - -#--------------------------------------------------------------------------- -# configuration options related to the input files -#--------------------------------------------------------------------------- - -# The INPUT tag can be used to specify the files and/or directories that contain -# documented source files. You may enter file names like "myfile.cpp" or -# directories like "/usr/src/myproject". Separate the files or directories -# with spaces. - -INPUT = . - -# This tag can be used to specify the character encoding of the source files that -# doxygen parses. Internally doxygen uses the UTF-8 encoding, which is also the default -# input encoding. Doxygen uses libiconv (or the iconv built into libc) for the transcoding. -# See http://www.gnu.org/software/libiconv for the list of possible encodings. - -INPUT_ENCODING = UTF-8 - -# If the value of the INPUT tag contains directories, you can use the -# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp -# and *.h) to filter out the source-files in the directories. If left -# blank the following patterns are tested: -# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx -# *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.py - -FILE_PATTERNS = *.c \ - *.h \ - *.idl - -# The RECURSIVE tag can be used to turn specify whether or not subdirectories -# should be searched for input files as well. Possible values are YES and NO. -# If left blank NO is used. - -RECURSIVE = YES - -# The EXCLUDE tag can be used to specify files and/or directories that should -# excluded from the INPUT source files. This way you can easily exclude a -# subdirectory from a directory tree whose root is specified with the INPUT tag. - -EXCLUDE = include/includes.h \ - include/proto.h - -# The EXCLUDE_SYMLINKS tag can be used select whether or not files or -# directories that are symbolic links (a Unix filesystem feature) are excluded -# from the input. - -EXCLUDE_SYMLINKS = NO - -# If the value of the INPUT tag contains directories, you can use the -# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude -# certain files from those directories. Note that the wildcards are matched -# against the file with absolute path, so to exclude all test directories -# for example use the pattern */test/* - -EXCLUDE_PATTERNS = - -# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names -# (namespaces, classes, functions, etc.) that should be excluded from the output. -# The symbol name can be a fully qualified name, a word, or if the wildcard * is used, -# a substring. Examples: ANamespace, AClass, AClass::ANamespace, ANamespace::*Test - -EXCLUDE_SYMBOLS = - -# The EXAMPLE_PATH tag can be used to specify one or more files or -# directories that contain example code fragments that are included (see -# the \include command). - -EXAMPLE_PATH = - -# If the value of the EXAMPLE_PATH tag contains directories, you can use the -# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp -# and *.h) to filter out the source-files in the directories. If left -# blank all files are included. - -EXAMPLE_PATTERNS = - -# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be -# searched for input files to be used with the \include or \dontinclude -# commands irrespective of the value of the RECURSIVE tag. -# Possible values are YES and NO. If left blank NO is used. - -EXAMPLE_RECURSIVE = NO - -# The IMAGE_PATH tag can be used to specify one or more files or -# directories that contain image that are included in the documentation (see -# the \image command). - -IMAGE_PATH = - -# The INPUT_FILTER tag can be used to specify a program that doxygen should -# invoke to filter for each input file. Doxygen will invoke the filter program -# by executing (via popen()) the command <filter> <input-file>, where <filter> -# is the value of the INPUT_FILTER tag, and <input-file> is the name of an -# input file. Doxygen will then use the output that the filter program writes -# to standard output. If FILTER_PATTERNS is specified, this tag will be -# ignored. - -INPUT_FILTER = - -# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern -# basis. Doxygen will compare the file name with each pattern and apply the -# filter if there is a match. The filters are a list of the form: -# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further -# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER -# is applied to all files. - -FILTER_PATTERNS = - -# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using -# INPUT_FILTER) will be used to filter the input files when producing source -# files to browse (i.e. when SOURCE_BROWSER is set to YES). - -FILTER_SOURCE_FILES = NO - -#--------------------------------------------------------------------------- -# configuration options related to source browsing -#--------------------------------------------------------------------------- - -# If the SOURCE_BROWSER tag is set to YES then a list of source files will -# be generated. Documented entities will be cross-referenced with these sources. -# Note: To get rid of all source code in the generated output, make sure also -# VERBATIM_HEADERS is set to NO. If you have enabled CALL_GRAPH or CALLER_GRAPH -# then you must also enable this option. If you don't then doxygen will produce -# a warning and turn it on anyway - -SOURCE_BROWSER = YES - -# Setting the INLINE_SOURCES tag to YES will include the body -# of functions and classes directly in the documentation. - -INLINE_SOURCES = YES - -# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct -# doxygen to hide any special comment blocks from generated source code -# fragments. Normal C and C++ comments will always remain visible. - -STRIP_CODE_COMMENTS = NO - -# If the REFERENCED_BY_RELATION tag is set to YES (the default) -# then for each documented function all documented -# functions referencing it will be listed. - -REFERENCED_BY_RELATION = YES - -# If the REFERENCES_RELATION tag is set to YES (the default) -# then for each documented function all documented entities -# called/used by that function will be listed. - -REFERENCES_RELATION = YES - -# If the REFERENCES_LINK_SOURCE tag is set to YES (the default) -# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from -# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will -# link to the source code. Otherwise they will link to the documentstion. - -REFERENCES_LINK_SOURCE = YES - -# If the USE_HTAGS tag is set to YES then the references to source code -# will point to the HTML generated by the htags(1) tool instead of doxygen -# built-in source browser. The htags tool is part of GNU's global source -# tagging system (see http://www.gnu.org/software/global/global.html). You -# will need version 4.8.6 or higher. - -USE_HTAGS = NO - -# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen -# will generate a verbatim copy of the header file for each class for -# which an include is specified. Set to NO to disable this. - -VERBATIM_HEADERS = YES - -#--------------------------------------------------------------------------- -# configuration options related to the alphabetical class index -#--------------------------------------------------------------------------- - -# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index -# of all compounds will be generated. Enable this if the project -# contains a lot of classes, structs, unions or interfaces. - -ALPHABETICAL_INDEX = YES - -# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then -# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns -# in which this list will be split (can be a number in the range [1..20]) - -COLS_IN_ALPHA_INDEX = 1 - -# In case all classes in a project start with a common prefix, all -# classes will be put under the same header in the alphabetical index. -# The IGNORE_PREFIX tag can be used to specify one or more prefixes that -# should be ignored while generating the index headers. - -IGNORE_PREFIX = - -#--------------------------------------------------------------------------- -# configuration options related to the HTML output -#--------------------------------------------------------------------------- - -# If the GENERATE_HTML tag is set to YES (the default) Doxygen will -# generate HTML output. - -GENERATE_HTML = YES - -# The HTML_OUTPUT tag is used to specify where the HTML docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `html' will be used as the default path. - -HTML_OUTPUT = . - -# The HTML_FILE_EXTENSION tag can be used to specify the file extension for -# each generated HTML page (for example: .htm,.php,.asp). If it is left blank -# doxygen will generate files with .html extension. - -HTML_FILE_EXTENSION = .html - -# The HTML_HEADER tag can be used to specify a personal HTML header for -# each generated HTML page. If it is left blank doxygen will generate a -# standard header. - -HTML_HEADER = - -# The HTML_FOOTER tag can be used to specify a personal HTML footer for -# each generated HTML page. If it is left blank doxygen will generate a -# standard footer. - -HTML_FOOTER = - -# The HTML_STYLESHEET tag can be used to specify a user-defined cascading -# style sheet that is used by each HTML page. It can be used to -# fine-tune the look of the HTML output. If the tag is left blank doxygen -# will generate a default style sheet. Note that doxygen will try to copy -# the style sheet file to the HTML output directory, so don't put your own -# stylesheet in the HTML output directory as well, or it will be erased! - -HTML_STYLESHEET = - -# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes, -# files or namespaces will be aligned in HTML using tables. If set to -# NO a bullet list will be used. - -HTML_ALIGN_MEMBERS = YES - -# If the GENERATE_HTMLHELP tag is set to YES, additional index files -# will be generated that can be used as input for tools like the -# Microsoft HTML help workshop to generate a compressed HTML help file (.chm) -# of the generated HTML documentation. - -GENERATE_HTMLHELP = NO - -# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML -# documentation will contain sections that can be hidden and shown after the -# page has loaded. For this to work a browser that supports -# JavaScript and DHTML is required (for instance Mozilla 1.0+, Firefox -# Netscape 6.0+, Internet explorer 5.0+, Konqueror, or Safari). - -HTML_DYNAMIC_SECTIONS = NO - -# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can -# be used to specify the file name of the resulting .chm file. You -# can add a path in front of the file if the result should not be -# written to the html output directory. - -CHM_FILE = - -# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can -# be used to specify the location (absolute path including file name) of -# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run -# the HTML help compiler on the generated index.hhp. - -HHC_LOCATION = - -# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag -# controls if a separate .chi index file is generated (YES) or that -# it should be included in the master .chm file (NO). - -GENERATE_CHI = NO - -# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag -# controls whether a binary table of contents is generated (YES) or a -# normal table of contents (NO) in the .chm file. - -BINARY_TOC = NO - -# The TOC_EXPAND flag can be set to YES to add extra items for group members -# to the contents of the HTML help documentation and to the tree view. - -TOC_EXPAND = NO - -# The DISABLE_INDEX tag can be used to turn on/off the condensed index at -# top of each HTML page. The value NO (the default) enables the index and -# the value YES disables it. - -DISABLE_INDEX = NO - -# This tag can be used to set the number of enum values (range [1..20]) -# that doxygen will group on one line in the generated HTML documentation. - -ENUM_VALUES_PER_LINE = 3 - -# If the GENERATE_TREEVIEW tag is set to YES, a side panel will be -# generated containing a tree-like index structure (just like the one that -# is generated for HTML Help). For this to work a browser that supports -# JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+, -# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are -# probably better off using the HTML help feature. - -GENERATE_TREEVIEW = NO - -# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be -# used to set the initial width (in pixels) of the frame in which the tree -# is shown. - -TREEVIEW_WIDTH = 250 - -#--------------------------------------------------------------------------- -# configuration options related to the LaTeX output -#--------------------------------------------------------------------------- - -# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will -# generate Latex output. - -GENERATE_LATEX = NO - -# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `latex' will be used as the default path. - -LATEX_OUTPUT = latex - -# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be -# invoked. If left blank `latex' will be used as the default command name. - -LATEX_CMD_NAME = latex - -# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to -# generate index for LaTeX. If left blank `makeindex' will be used as the -# default command name. - -MAKEINDEX_CMD_NAME = makeindex - -# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact -# LaTeX documents. This may be useful for small projects and may help to -# save some trees in general. - -COMPACT_LATEX = NO - -# The PAPER_TYPE tag can be used to set the paper type that is used -# by the printer. Possible values are: a4, a4wide, letter, legal and -# executive. If left blank a4wide will be used. - -PAPER_TYPE = a4wide - -# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX -# packages that should be included in the LaTeX output. - -EXTRA_PACKAGES = - -# The LATEX_HEADER tag can be used to specify a personal LaTeX header for -# the generated latex document. The header should contain everything until -# the first chapter. If it is left blank doxygen will generate a -# standard header. Notice: only use this tag if you know what you are doing! - -LATEX_HEADER = - -# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated -# is prepared for conversion to pdf (using ps2pdf). The pdf file will -# contain links (just like the HTML output) instead of page references -# This makes the output suitable for online browsing using a pdf viewer. - -PDF_HYPERLINKS = YES - -# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of -# plain latex in the generated Makefile. Set this option to YES to get a -# higher quality PDF documentation. - -USE_PDFLATEX = YES - -# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode. -# command to the generated LaTeX files. This will instruct LaTeX to keep -# running if errors occur, instead of asking the user for help. -# This option is also used when generating formulas in HTML. - -LATEX_BATCHMODE = YES - -# If LATEX_HIDE_INDICES is set to YES then doxygen will not -# include the index chapters (such as File Index, Compound Index, etc.) -# in the output. - -LATEX_HIDE_INDICES = NO - -#--------------------------------------------------------------------------- -# configuration options related to the RTF output -#--------------------------------------------------------------------------- - -# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output -# The RTF output is optimized for Word 97 and may not look very pretty with -# other RTF readers or editors. - -GENERATE_RTF = NO - -# The RTF_OUTPUT tag is used to specify where the RTF docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `rtf' will be used as the default path. - -RTF_OUTPUT = rtf - -# If the COMPACT_RTF tag is set to YES Doxygen generates more compact -# RTF documents. This may be useful for small projects and may help to -# save some trees in general. - -COMPACT_RTF = NO - -# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated -# will contain hyperlink fields. The RTF file will -# contain links (just like the HTML output) instead of page references. -# This makes the output suitable for online browsing using WORD or other -# programs which support those fields. -# Note: wordpad (write) and others do not support links. - -RTF_HYPERLINKS = NO - -# Load stylesheet definitions from file. Syntax is similar to doxygen's -# config file, i.e. a series of assignments. You only have to provide -# replacements, missing definitions are set to their default value. - -RTF_STYLESHEET_FILE = - -# Set optional variables used in the generation of an rtf document. -# Syntax is similar to doxygen's config file. - -RTF_EXTENSIONS_FILE = - -#--------------------------------------------------------------------------- -# configuration options related to the man page output -#--------------------------------------------------------------------------- - -# If the GENERATE_MAN tag is set to YES (the default) Doxygen will -# generate man pages - -GENERATE_MAN = NO - -# The MAN_OUTPUT tag is used to specify where the man pages will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `man' will be used as the default path. - -MAN_OUTPUT = man - -# The MAN_EXTENSION tag determines the extension that is added to -# the generated man pages (default is the subroutine's section .3) - -MAN_EXTENSION = .3 - -# If the MAN_LINKS tag is set to YES and Doxygen generates man output, -# then it will generate one additional man file for each entity -# documented in the real man page(s). These additional files -# only source the real man page, but without them the man command -# would be unable to find the correct page. The default is NO. - -MAN_LINKS = NO - -#--------------------------------------------------------------------------- -# configuration options related to the XML output -#--------------------------------------------------------------------------- - -# If the GENERATE_XML tag is set to YES Doxygen will -# generate an XML file that captures the structure of -# the code including all documentation. - -GENERATE_XML = NO - -# The XML_OUTPUT tag is used to specify where the XML pages will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `xml' will be used as the default path. - -XML_OUTPUT = xml - -# The XML_SCHEMA tag can be used to specify an XML schema, -# which can be used by a validating XML parser to check the -# syntax of the XML files. - -XML_SCHEMA = - -# The XML_DTD tag can be used to specify an XML DTD, -# which can be used by a validating XML parser to check the -# syntax of the XML files. - -XML_DTD = - -# If the XML_PROGRAMLISTING tag is set to YES Doxygen will -# dump the program listings (including syntax highlighting -# and cross-referencing information) to the XML output. Note that -# enabling this will significantly increase the size of the XML output. - -XML_PROGRAMLISTING = YES - -#--------------------------------------------------------------------------- -# configuration options for the AutoGen Definitions output -#--------------------------------------------------------------------------- - -# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will -# generate an AutoGen Definitions (see autogen.sf.net) file -# that captures the structure of the code including all -# documentation. Note that this feature is still experimental -# and incomplete at the moment. - -GENERATE_AUTOGEN_DEF = NO - -#--------------------------------------------------------------------------- -# configuration options related to the Perl module output -#--------------------------------------------------------------------------- - -# If the GENERATE_PERLMOD tag is set to YES Doxygen will -# generate a Perl module file that captures the structure of -# the code including all documentation. Note that this -# feature is still experimental and incomplete at the -# moment. - -GENERATE_PERLMOD = NO - -# If the PERLMOD_LATEX tag is set to YES Doxygen will generate -# the necessary Makefile rules, Perl scripts and LaTeX code to be able -# to generate PDF and DVI output from the Perl module output. - -PERLMOD_LATEX = NO - -# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be -# nicely formatted so it can be parsed by a human reader. This is useful -# if you want to understand what is going on. On the other hand, if this -# tag is set to NO the size of the Perl module output will be much smaller -# and Perl will parse it just the same. - -PERLMOD_PRETTY = YES - -# The names of the make variables in the generated doxyrules.make file -# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX. -# This is useful so different doxyrules.make files included by the same -# Makefile don't overwrite each other's variables. - -PERLMOD_MAKEVAR_PREFIX = - -#--------------------------------------------------------------------------- -# Configuration options related to the preprocessor -#--------------------------------------------------------------------------- - -# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will -# evaluate all C-preprocessor directives found in the sources and include -# files. - -ENABLE_PREPROCESSING = NO - -# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro -# names in the source code. If set to NO (the default) only conditional -# compilation will be performed. Macro expansion can be done in a controlled -# way by setting EXPAND_ONLY_PREDEF to YES. - -MACRO_EXPANSION = NO - -# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES -# then the macro expansion is limited to the macros specified with the -# PREDEFINED and EXPAND_AS_DEFINED tags. - -EXPAND_ONLY_PREDEF = NO - -# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files -# in the INCLUDE_PATH (see below) will be search if a #include is found. - -SEARCH_INCLUDES = YES - -# The INCLUDE_PATH tag can be used to specify one or more directories that -# contain include files that are not input files but should be processed by -# the preprocessor. - -INCLUDE_PATH = - -# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard -# patterns (like *.h and *.hpp) to filter out the header-files in the -# directories. If left blank, the patterns specified with FILE_PATTERNS will -# be used. - -INCLUDE_FILE_PATTERNS = - -# The PREDEFINED tag can be used to specify one or more macro names that -# are defined before the preprocessor is started (similar to the -D option of -# gcc). The argument of the tag is a list of macros of the form: name -# or name=definition (no spaces). If the definition and the = are -# omitted =1 is assumed. To prevent a macro definition from being -# undefined via #undef or recursively expanded use the := operator -# instead of the = operator. - -PREDEFINED = - -# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then -# this tag can be used to specify a list of macro names that should be expanded. -# The macro definition that is found in the sources will be used. -# Use the PREDEFINED tag if you want to use a different macro definition. - -EXPAND_AS_DEFINED = - -# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then -# doxygen's preprocessor will remove all function-like macros that are alone -# on a line, have an all uppercase name, and do not end with a semicolon. Such -# function macros are typically used for boiler-plate code, and will confuse -# the parser if not removed. - -SKIP_FUNCTION_MACROS = YES - -#--------------------------------------------------------------------------- -# Configuration::additions related to external references -#--------------------------------------------------------------------------- - -# The TAGFILES option can be used to specify one or more tagfiles. -# Optionally an initial location of the external documentation -# can be added for each tagfile. The format of a tag file without -# this location is as follows: -# TAGFILES = file1 file2 ... -# Adding location for the tag files is done as follows: -# TAGFILES = file1=loc1 "file2 = loc2" ... -# where "loc1" and "loc2" can be relative or absolute paths or -# URLs. If a location is present for each tag, the installdox tool -# does not have to be run to correct the links. -# Note that each tag file must have a unique name -# (where the name does NOT include the path) -# If a tag file is not located in the directory in which doxygen -# is run, you must also specify the path to the tagfile here. - -TAGFILES = - -# When a file name is specified after GENERATE_TAGFILE, doxygen will create -# a tag file that is based on the input files it reads. - -GENERATE_TAGFILE = - -# If the ALLEXTERNALS tag is set to YES all external classes will be listed -# in the class index. If set to NO only the inherited external classes -# will be listed. - -ALLEXTERNALS = NO - -# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed -# in the modules index. If set to NO, only the current project's groups will -# be listed. - -EXTERNAL_GROUPS = YES - -# The PERL_PATH should be the absolute path and name of the perl script -# interpreter (i.e. the result of `which perl'). - -PERL_PATH = /usr/bin/perl - -#--------------------------------------------------------------------------- -# Configuration options related to the dot tool -#--------------------------------------------------------------------------- - -# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will -# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base -# or super classes. Setting the tag to NO turns the diagrams off. Note that -# this option is superseded by the HAVE_DOT option below. This is only a -# fallback. It is recommended to install and use dot, since it yields more -# powerful graphs. - -CLASS_DIAGRAMS = YES - -# You can define message sequence charts within doxygen comments using the \msc -# command. Doxygen will then run the mscgen tool (see http://www.mcternan.me.uk/mscgen/) to -# produce the chart and insert it in the documentation. The MSCGEN_PATH tag allows you to -# specify the directory where the mscgen tool resides. If left empty the tool is assumed to -# be found in the default search path. - -MSCGEN_PATH = - -# If set to YES, the inheritance and collaboration graphs will hide -# inheritance and usage relations if the target is undocumented -# or is not a class. - -HIDE_UNDOC_RELATIONS = YES - -# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is -# available from the path. This tool is part of Graphviz, a graph visualization -# toolkit from AT&T and Lucent Bell Labs. The other options in this section -# have no effect if this option is set to NO (the default) - -HAVE_DOT = NO - -# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen -# will generate a graph for each documented class showing the direct and -# indirect inheritance relations. Setting this tag to YES will force the -# the CLASS_DIAGRAMS tag to NO. - -CLASS_GRAPH = YES - -# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen -# will generate a graph for each documented class showing the direct and -# indirect implementation dependencies (inheritance, containment, and -# class references variables) of the class with other documented classes. - -COLLABORATION_GRAPH = YES - -# If the GROUP_GRAPHS and HAVE_DOT tags are set to YES then doxygen -# will generate a graph for groups, showing the direct groups dependencies - -GROUP_GRAPHS = YES - -# If the UML_LOOK tag is set to YES doxygen will generate inheritance and -# collaboration diagrams in a style similar to the OMG's Unified Modeling -# Language. - -UML_LOOK = NO - -# If set to YES, the inheritance and collaboration graphs will show the -# relations between templates and their instances. - -TEMPLATE_RELATIONS = YES - -# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT -# tags are set to YES then doxygen will generate a graph for each documented -# file showing the direct and indirect include dependencies of the file with -# other documented files. - -INCLUDE_GRAPH = YES - -# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and -# HAVE_DOT tags are set to YES then doxygen will generate a graph for each -# documented header file showing the documented files that directly or -# indirectly include this file. - -INCLUDED_BY_GRAPH = YES - -# If the CALL_GRAPH, SOURCE_BROWSER and HAVE_DOT tags are set to YES then doxygen will -# generate a call dependency graph for every global function or class method. -# Note that enabling this option will significantly increase the time of a run. -# So in most cases it will be better to enable call graphs for selected -# functions only using the \callgraph command. - -CALL_GRAPH = NO - -# If the CALLER_GRAPH, SOURCE_BROWSER and HAVE_DOT tags are set to YES then doxygen will -# generate a caller dependency graph for every global function or class method. -# Note that enabling this option will significantly increase the time of a run. -# So in most cases it will be better to enable caller graphs for selected -# functions only using the \callergraph command. - -CALLER_GRAPH = NO - -# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen -# will graphical hierarchy of all classes instead of a textual one. - -GRAPHICAL_HIERARCHY = YES - -# If the DIRECTORY_GRAPH, SHOW_DIRECTORIES and HAVE_DOT tags are set to YES -# then doxygen will show the dependencies a directory has on other directories -# in a graphical way. The dependency relations are determined by the #include -# relations between the files in the directories. - -DIRECTORY_GRAPH = YES - -# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images -# generated by dot. Possible values are png, jpg, or gif -# If left blank png will be used. - -DOT_IMAGE_FORMAT = png - -# The tag DOT_PATH can be used to specify the path where the dot tool can be -# found. If left blank, it is assumed the dot tool can be found in the path. - -DOT_PATH = - -# The DOTFILE_DIRS tag can be used to specify one or more directories that -# contain dot files that are included in the documentation (see the -# \dotfile command). - -DOTFILE_DIRS = - -# The MAX_DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of -# nodes that will be shown in the graph. If the number of nodes in a graph -# becomes larger than this value, doxygen will truncate the graph, which is -# visualized by representing a node as a red box. Note that doxygen if the number -# of direct children of the root node in a graph is already larger than -# MAX_DOT_GRAPH_NOTES then the graph will not be shown at all. Also note -# that the size of a graph can be further restricted by MAX_DOT_GRAPH_DEPTH. - -DOT_GRAPH_MAX_NODES = 50 - -# The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the -# graphs generated by dot. A depth value of 3 means that only nodes reachable -# from the root by following a path via at most 3 edges will be shown. Nodes -# that lay further from the root node will be omitted. Note that setting this -# option to 1 or 2 may greatly reduce the computation time needed for large -# code bases. Also note that the size of a graph can be further restricted by -# DOT_GRAPH_MAX_NODES. Using a depth of 0 means no depth restriction. - -MAX_DOT_GRAPH_DEPTH = 0 - -# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent -# background. This is disabled by default, which results in a white background. -# Warning: Depending on the platform used, enabling this option may lead to -# badly anti-aliased labels on the edges of a graph (i.e. they become hard to -# read). - -DOT_TRANSPARENT = NO - -# Set the DOT_MULTI_TARGETS tag to YES allow dot to generate multiple output -# files in one run (i.e. multiple -o and -T options on the command line). This -# makes dot run faster, but since only newer versions of dot (>1.8.10) -# support this, this feature is disabled by default. - -DOT_MULTI_TARGETS = NO - -# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will -# generate a legend page explaining the meaning of the various boxes and -# arrows in the dot generated graphs. - -GENERATE_LEGEND = YES - -# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will -# remove the intermediate dot files that are used to generate -# the various graphs. - -DOT_CLEANUP = YES - -#--------------------------------------------------------------------------- -# Configuration::additions related to the search engine -#--------------------------------------------------------------------------- - -# The SEARCHENGINE tag specifies whether or not a search engine should be -# used. If set to NO the values of all tags below this one will be ignored. - -SEARCHENGINE = NO diff --git a/source3/nsswitch/libwbclient/libwbclient.h b/source3/nsswitch/libwbclient/libwbclient.h deleted file mode 100644 index 74cba7e796..0000000000 --- a/source3/nsswitch/libwbclient/libwbclient.h +++ /dev/null @@ -1,46 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind client API - - Copyright (C) Gerald (Jerry) Carter 2007 - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 3 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#ifndef _LIBWBCLIENT_H -#define _LIBWBCLIENT_H - -/* Super header including necessary public and private header files - for building the wbclient library. __DO NOT__ define anything - in this file. Only include other headers. */ - -/* Winbind headers */ - -#include "nsswitch/winbind_nss_config.h" -#include "nsswitch/winbind_struct_protocol.h" - -#include <talloc.h> - -/* Public headers */ - -#include "wbclient.h" - -/* Private headers */ - -#include "wbc_err_internal.h" -#include "wbclient_internal.h" - - -#endif /* _LIBWBCLIENT_H */ diff --git a/source3/nsswitch/libwbclient/wbc_err_internal.h b/source3/nsswitch/libwbclient/wbc_err_internal.h deleted file mode 100644 index 83364b8cd9..0000000000 --- a/source3/nsswitch/libwbclient/wbc_err_internal.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind client API - - Copyright (C) Gerald (Jerry) Carter 2007 - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 3 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#ifndef _WBC_ERR_INTERNAL_H -#define _WBC_ERR_INTERNAL_H - -/* Private macros */ - -#define BAIL_ON_WBC_ERROR(x) \ - do { \ - if (!WBC_ERROR_IS_OK(x)) { \ - goto done; \ - } \ - } while(0); - -#define BAIL_ON_PTR_ERROR(x, status) \ - do { \ - if ((x) == NULL) { \ - status = WBC_ERR_NO_MEMORY; \ - goto done; \ - } else { \ - status = WBC_ERR_SUCCESS; \ - } \ - } while (0); - - -#endif /* _WBC_ERR_INTERNAL_H */ diff --git a/source3/nsswitch/libwbclient/wbc_guid.c b/source3/nsswitch/libwbclient/wbc_guid.c deleted file mode 100644 index c343e24351..0000000000 --- a/source3/nsswitch/libwbclient/wbc_guid.c +++ /dev/null @@ -1,104 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind client API - - Copyright (C) Gerald (Jerry) Carter 2007 - - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 3 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -/* Required Headers */ - -#include "libwbclient.h" - -/* Convert a binary GUID to a character string */ -wbcErr wbcGuidToString(const struct wbcGuid *guid, - char **guid_string) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (!guid) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - *guid_string = talloc_asprintf(NULL, - "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", - guid->time_low, guid->time_mid, - guid->time_hi_and_version, - guid->clock_seq[0], - guid->clock_seq[1], - guid->node[0], guid->node[1], - guid->node[2], guid->node[3], - guid->node[4], guid->node[5]); - BAIL_ON_PTR_ERROR((*guid_string), wbc_status); - - wbc_status = WBC_ERR_SUCCESS; - -done: - return wbc_status; -} - -/* @brief Convert a character string to a binary GUID */ -wbcErr wbcStringToGuid(const char *str, - struct wbcGuid *guid) -{ - uint32_t time_low; - uint32_t time_mid, time_hi_and_version; - uint32_t clock_seq[2]; - uint32_t node[6]; - int i; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (!guid) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (!str) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (11 == sscanf(str, "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", - &time_low, &time_mid, &time_hi_and_version, - &clock_seq[0], &clock_seq[1], - &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) { - wbc_status = WBC_ERR_SUCCESS; - } else if (11 == sscanf(str, "{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}", - &time_low, &time_mid, &time_hi_and_version, - &clock_seq[0], &clock_seq[1], - &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) { - wbc_status = WBC_ERR_SUCCESS; - } - - BAIL_ON_WBC_ERROR(wbc_status); - - guid->time_low = time_low; - guid->time_mid = time_mid; - guid->time_hi_and_version = time_hi_and_version; - guid->clock_seq[0] = clock_seq[0]; - guid->clock_seq[1] = clock_seq[1]; - - for (i=0;i<6;i++) { - guid->node[i] = node[i]; - } - - wbc_status = WBC_ERR_SUCCESS; - -done: - return wbc_status; -} diff --git a/source3/nsswitch/libwbclient/wbc_idmap.c b/source3/nsswitch/libwbclient/wbc_idmap.c deleted file mode 100644 index 5b2ab875f6..0000000000 --- a/source3/nsswitch/libwbclient/wbc_idmap.c +++ /dev/null @@ -1,468 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind client API - - Copyright (C) Gerald (Jerry) Carter 2007 - - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 3 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -/* Required Headers */ - -#include "libwbclient.h" - -/* Convert a Windows SID to a Unix uid, allocating an uid if needed */ -wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid) -{ - struct winbindd_request request; - struct winbindd_response response; - char *sid_string = NULL; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (!sid || !puid) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - wbc_status = wbcSidToString(sid, &sid_string); - BAIL_ON_WBC_ERROR(wbc_status); - - strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1); - wbcFreeMemory(sid_string); - - /* Make request */ - - wbc_status = wbcRequestResponse(WINBINDD_SID_TO_UID, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - *puid = response.data.uid; - - wbc_status = WBC_ERR_SUCCESS; - - done: - return wbc_status; -} - -/* Convert a Windows SID to a Unix uid if there already is a mapping */ -wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid, - uid_t *puid) -{ - return WBC_ERR_NOT_IMPLEMENTED; -} - -/* Convert a Unix uid to a Windows SID, allocating a SID if needed */ -wbcErr wbcUidToSid(uid_t uid, struct wbcDomainSid *sid) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_response response; - - if (!sid) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - request.data.uid = uid; - - /* Make request */ - - wbc_status = wbcRequestResponse(WINBINDD_UID_TO_SID, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - wbc_status = wbcStringToSid(response.data.sid.sid, sid); - BAIL_ON_WBC_ERROR(wbc_status); - -done: - return wbc_status; -} - -/* Convert a Unix uid to a Windows SID if there already is a mapping */ -wbcErr wbcQueryUidToSid(uid_t uid, - struct wbcDomainSid *sid) -{ - return WBC_ERR_NOT_IMPLEMENTED; -} - -/** @brief Convert a Windows SID to a Unix gid, allocating a gid if needed - * - * @param *sid Pointer to the domain SID to be resolved - * @param *pgid Pointer to the resolved gid_t value - * - * @return #wbcErr - * - **/ - -wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - char *sid_string = NULL; - - if (!sid || !pgid) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - wbc_status = wbcSidToString(sid, &sid_string); - BAIL_ON_WBC_ERROR(wbc_status); - - strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1); - wbcFreeMemory(sid_string); - - /* Make request */ - - wbc_status = wbcRequestResponse(WINBINDD_SID_TO_GID, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - *pgid = response.data.gid; - - wbc_status = WBC_ERR_SUCCESS; - - done: - return wbc_status; -} - -/* Convert a Windows SID to a Unix gid if there already is a mapping */ - -wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid, - gid_t *pgid) -{ - return WBC_ERR_NOT_IMPLEMENTED; -} - -/* Convert a Unix gid to a Windows SID, allocating a SID if needed */ -wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (!sid) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - request.data.gid = gid; - - /* Make request */ - - wbc_status = wbcRequestResponse(WINBINDD_GID_TO_SID, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - wbc_status = wbcStringToSid(response.data.sid.sid, sid); - BAIL_ON_WBC_ERROR(wbc_status); - -done: - return wbc_status; -} - -/* Convert a Unix gid to a Windows SID if there already is a mapping */ -wbcErr wbcQueryGidToSid(gid_t gid, - struct wbcDomainSid *sid) -{ - return WBC_ERR_NOT_IMPLEMENTED; -} - -/* Obtain a new uid from Winbind */ -wbcErr wbcAllocateUid(uid_t *puid) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (!puid) - return WBC_ERR_INVALID_PARAM; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Make request */ - - wbc_status = wbcRequestResponse(WINBINDD_ALLOCATE_UID, - &request, &response); - BAIL_ON_WBC_ERROR(wbc_status); - - /* Copy out result */ - *puid = response.data.uid; - - wbc_status = WBC_ERR_SUCCESS; - - done: - return wbc_status; -} - -/* Obtain a new gid from Winbind */ -wbcErr wbcAllocateGid(gid_t *pgid) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (!pgid) - return WBC_ERR_INVALID_PARAM; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Make request */ - - wbc_status = wbcRequestResponse(WINBINDD_ALLOCATE_GID, - &request, &response); - BAIL_ON_WBC_ERROR(wbc_status); - - /* Copy out result */ - *pgid = response.data.gid; - - wbc_status = WBC_ERR_SUCCESS; - - done: - return wbc_status; -} - -/* we can't include smb.h here... */ -#define _ID_TYPE_UID 1 -#define _ID_TYPE_GID 2 - -/* Set an user id mapping */ -wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - char *sid_string = NULL; - - if (!sid) { - return WBC_ERR_INVALID_PARAM; - } - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Make request */ - - request.data.dual_idmapset.id = uid; - request.data.dual_idmapset.type = _ID_TYPE_UID; - - wbc_status = wbcSidToString(sid, &sid_string); - BAIL_ON_WBC_ERROR(wbc_status); - - strncpy(request.data.dual_idmapset.sid, sid_string, - sizeof(request.data.dual_idmapset.sid)-1); - wbcFreeMemory(sid_string); - - wbc_status = wbcRequestResponse(WINBINDD_SET_MAPPING, - &request, &response); - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Set a group id mapping */ -wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - char *sid_string = NULL; - - if (!sid) { - return WBC_ERR_INVALID_PARAM; - } - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Make request */ - - request.data.dual_idmapset.id = gid; - request.data.dual_idmapset.type = _ID_TYPE_GID; - - wbc_status = wbcSidToString(sid, &sid_string); - BAIL_ON_WBC_ERROR(wbc_status); - - strncpy(request.data.dual_idmapset.sid, sid_string, - sizeof(request.data.dual_idmapset.sid)-1); - wbcFreeMemory(sid_string); - - wbc_status = wbcRequestResponse(WINBINDD_SET_MAPPING, - &request, &response); - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Remove a user id mapping */ -wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - char *sid_string = NULL; - - if (!sid) { - return WBC_ERR_INVALID_PARAM; - } - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Make request */ - - request.data.dual_idmapset.id = uid; - request.data.dual_idmapset.type = _ID_TYPE_UID; - - wbc_status = wbcSidToString(sid, &sid_string); - BAIL_ON_WBC_ERROR(wbc_status); - - strncpy(request.data.dual_idmapset.sid, sid_string, - sizeof(request.data.dual_idmapset.sid)-1); - wbcFreeMemory(sid_string); - - wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING, - &request, &response); - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Remove a group id mapping */ -wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - char *sid_string = NULL; - - if (!sid) { - return WBC_ERR_INVALID_PARAM; - } - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Make request */ - - request.data.dual_idmapset.id = gid; - request.data.dual_idmapset.type = _ID_TYPE_GID; - - wbc_status = wbcSidToString(sid, &sid_string); - BAIL_ON_WBC_ERROR(wbc_status); - - strncpy(request.data.dual_idmapset.sid, sid_string, - sizeof(request.data.dual_idmapset.sid)-1); - wbcFreeMemory(sid_string); - - wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING, - &request, &response); - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Set the highwater mark for allocated uids. */ -wbcErr wbcSetUidHwm(uid_t uid_hwm) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Make request */ - - request.data.dual_idmapset.id = uid_hwm; - request.data.dual_idmapset.type = _ID_TYPE_UID; - - wbc_status = wbcRequestResponse(WINBINDD_SET_HWM, - &request, &response); - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Set the highwater mark for allocated gids. */ -wbcErr wbcSetGidHwm(gid_t gid_hwm) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Make request */ - - request.data.dual_idmapset.id = gid_hwm; - request.data.dual_idmapset.type = _ID_TYPE_GID; - - wbc_status = wbcRequestResponse(WINBINDD_SET_HWM, - &request, &response); - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} diff --git a/source3/nsswitch/libwbclient/wbc_pam.c b/source3/nsswitch/libwbclient/wbc_pam.c deleted file mode 100644 index 92c6643631..0000000000 --- a/source3/nsswitch/libwbclient/wbc_pam.c +++ /dev/null @@ -1,1034 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind client API - - Copyright (C) Gerald (Jerry) Carter 2007 - Copyright (C) Guenther Deschner 2008 - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 3 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -/* Required Headers */ - -#include "libwbclient.h" - -/* Authenticate a username/password pair */ -wbcErr wbcAuthenticateUser(const char *username, - const char *password) -{ - wbcErr wbc_status = WBC_ERR_SUCCESS; - struct wbcAuthUserParams params; - - ZERO_STRUCT(params); - - params.account_name = username; - params.level = WBC_AUTH_USER_LEVEL_PLAIN; - params.password.plaintext = password; - - wbc_status = wbcAuthenticateUserEx(¶ms, NULL, NULL); - BAIL_ON_WBC_ERROR(wbc_status); - -done: - return wbc_status; -} - -static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx, - const struct winbindd_response *resp, - struct wbcAuthUserInfo **_i) -{ - wbcErr wbc_status = WBC_ERR_SUCCESS; - struct wbcAuthUserInfo *i; - struct wbcDomainSid domain_sid; - char *p; - uint32_t sn = 0; - uint32_t j; - - i = talloc(mem_ctx, struct wbcAuthUserInfo); - BAIL_ON_PTR_ERROR(i, wbc_status); - - i->user_flags = resp->data.auth.info3.user_flgs; - - i->account_name = talloc_strdup(i, resp->data.auth.info3.user_name); - BAIL_ON_PTR_ERROR(i->account_name, wbc_status); - i->user_principal= NULL; - i->full_name = talloc_strdup(i, resp->data.auth.info3.full_name); - BAIL_ON_PTR_ERROR(i->full_name, wbc_status); - i->domain_name = talloc_strdup(i, resp->data.auth.info3.logon_dom); - BAIL_ON_PTR_ERROR(i->domain_name, wbc_status); - i->dns_domain_name= NULL; - - i->acct_flags = resp->data.auth.info3.acct_flags; - memcpy(i->user_session_key, - resp->data.auth.user_session_key, - sizeof(i->user_session_key)); - memcpy(i->lm_session_key, - resp->data.auth.first_8_lm_hash, - sizeof(i->lm_session_key)); - - i->logon_count = resp->data.auth.info3.logon_count; - i->bad_password_count = resp->data.auth.info3.bad_pw_count; - - i->logon_time = resp->data.auth.info3.logon_time; - i->logoff_time = resp->data.auth.info3.logoff_time; - i->kickoff_time = resp->data.auth.info3.kickoff_time; - i->pass_last_set_time = resp->data.auth.info3.pass_last_set_time; - i->pass_can_change_time = resp->data.auth.info3.pass_can_change_time; - i->pass_must_change_time= resp->data.auth.info3.pass_must_change_time; - - i->logon_server = talloc_strdup(i, resp->data.auth.info3.logon_srv); - BAIL_ON_PTR_ERROR(i->logon_server, wbc_status); - i->logon_script = talloc_strdup(i, resp->data.auth.info3.logon_script); - BAIL_ON_PTR_ERROR(i->logon_script, wbc_status); - i->profile_path = talloc_strdup(i, resp->data.auth.info3.profile_path); - BAIL_ON_PTR_ERROR(i->profile_path, wbc_status); - i->home_directory= talloc_strdup(i, resp->data.auth.info3.home_dir); - BAIL_ON_PTR_ERROR(i->home_directory, wbc_status); - i->home_drive = talloc_strdup(i, resp->data.auth.info3.dir_drive); - BAIL_ON_PTR_ERROR(i->home_drive, wbc_status); - - i->num_sids = 2; - i->num_sids += resp->data.auth.info3.num_groups; - i->num_sids += resp->data.auth.info3.num_other_sids; - - i->sids = talloc_array(i, struct wbcSidWithAttr, i->num_sids); - BAIL_ON_PTR_ERROR(i->sids, wbc_status); - - wbc_status = wbcStringToSid(resp->data.auth.info3.dom_sid, - &domain_sid); - BAIL_ON_WBC_ERROR(wbc_status); - -#define _SID_COMPOSE(s, d, r, a) { \ - (s).sid = d; \ - if ((s).sid.num_auths < WBC_MAXSUBAUTHS) { \ - (s).sid.sub_auths[(s).sid.num_auths++] = r; \ - } else { \ - wbc_status = WBC_ERR_INVALID_SID; \ - BAIL_ON_WBC_ERROR(wbc_status); \ - } \ - (s).attributes = a; \ -} while (0) - - sn = 0; - _SID_COMPOSE(i->sids[sn], domain_sid, - resp->data.auth.info3.user_rid, - 0); - sn++; - _SID_COMPOSE(i->sids[sn], domain_sid, - resp->data.auth.info3.group_rid, - 0); - sn++; - - p = (char *)resp->extra_data.data; - if (!p) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - - for (j=0; j < resp->data.auth.info3.num_groups; j++) { - uint32_t rid; - uint32_t attrs; - int ret; - char *s = p; - char *e = strchr(p, '\n'); - if (!e) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - e[0] = '\0'; - p = &e[1]; - - ret = sscanf(s, "0x%08X:0x%08X", &rid, &attrs); - if (ret != 2) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - - _SID_COMPOSE(i->sids[sn], domain_sid, - rid, attrs); - sn++; - } - - for (j=0; j < resp->data.auth.info3.num_other_sids; j++) { - uint32_t attrs; - int ret; - char *s = p; - char *a; - char *e = strchr(p, '\n'); - if (!e) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - e[0] = '\0'; - p = &e[1]; - - e = strchr(s, ':'); - if (!e) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - e[0] = '\0'; - a = &e[1]; - - ret = sscanf(a, "0x%08X", - &attrs); - if (ret != 1) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - - wbc_status = wbcStringToSid(s, &i->sids[sn].sid); - BAIL_ON_WBC_ERROR(wbc_status); - - i->sids[sn].attributes = attrs; - sn++; - } - - i->num_sids = sn; - - *_i = i; - i = NULL; -done: - talloc_free(i); - return wbc_status; -} - -static wbcErr wbc_create_error_info(TALLOC_CTX *mem_ctx, - const struct winbindd_response *resp, - struct wbcAuthErrorInfo **_e) -{ - wbcErr wbc_status = WBC_ERR_SUCCESS; - struct wbcAuthErrorInfo *e; - - e = talloc(mem_ctx, struct wbcAuthErrorInfo); - BAIL_ON_PTR_ERROR(e, wbc_status); - - e->nt_status = resp->data.auth.nt_status; - e->pam_error = resp->data.auth.pam_error; - e->nt_string = talloc_strdup(e, resp->data.auth.nt_status_string); - BAIL_ON_PTR_ERROR(e->nt_string, wbc_status); - - e->display_string = talloc_strdup(e, resp->data.auth.error_string); - BAIL_ON_PTR_ERROR(e->display_string, wbc_status); - - *_e = e; - e = NULL; - -done: - talloc_free(e); - return wbc_status; -} - -static wbcErr wbc_create_password_policy_info(TALLOC_CTX *mem_ctx, - const struct winbindd_response *resp, - struct wbcUserPasswordPolicyInfo **_i) -{ - wbcErr wbc_status = WBC_ERR_SUCCESS; - struct wbcUserPasswordPolicyInfo *i; - - i = talloc(mem_ctx, struct wbcUserPasswordPolicyInfo); - BAIL_ON_PTR_ERROR(i, wbc_status); - - i->min_passwordage = resp->data.auth.policy.min_passwordage; - i->min_length_password = resp->data.auth.policy.min_length_password; - i->password_history = resp->data.auth.policy.password_history; - i->password_properties = resp->data.auth.policy.password_properties; - i->expire = resp->data.auth.policy.expire; - - *_i = i; - i = NULL; - -done: - talloc_free(i); - return wbc_status; -} - -static wbcErr wbc_create_logon_info(TALLOC_CTX *mem_ctx, - const struct winbindd_response *resp, - struct wbcLogonUserInfo **_i) -{ - wbcErr wbc_status = WBC_ERR_SUCCESS; - struct wbcLogonUserInfo *i; - - i = talloc_zero(mem_ctx, struct wbcLogonUserInfo); - BAIL_ON_PTR_ERROR(i, wbc_status); - - wbc_status = wbc_create_auth_info(i, resp, &i->info); - BAIL_ON_WBC_ERROR(wbc_status); - - if (resp->data.auth.krb5ccname) { - wbc_status = wbcAddNamedBlob(&i->num_blobs, - &i->blobs, - "krb5ccname", - 0, - (uint8_t *)resp->data.auth.krb5ccname, - strlen(resp->data.auth.krb5ccname)+1); - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (resp->data.auth.unix_username) { - wbc_status = wbcAddNamedBlob(&i->num_blobs, - &i->blobs, - "unix_username", - 0, - (uint8_t *)resp->data.auth.unix_username, - strlen(resp->data.auth.unix_username)+1); - BAIL_ON_WBC_ERROR(wbc_status); - } - - *_i = i; - i = NULL; -done: - if (!WBC_ERROR_IS_OK(wbc_status) && i) { - wbcFreeMemory(i->blobs); - } - - talloc_free(i); - return wbc_status; -} - -/* Authenticate with more detailed information */ -wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, - struct wbcAuthUserInfo **info, - struct wbcAuthErrorInfo **error) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - int cmd = 0; - struct winbindd_request request; - struct winbindd_response response; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - if (error) { - *error = NULL; - } - - if (!params) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (!params->account_name) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Initialize request */ - - switch (params->level) { - case WBC_AUTH_USER_LEVEL_PLAIN: - cmd = WINBINDD_PAM_AUTH; - request.flags = WBFLAG_PAM_INFO3_TEXT | - WBFLAG_PAM_USER_SESSION_KEY | - WBFLAG_PAM_LMKEY; - - if (!params->password.plaintext) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (params->domain_name && params->domain_name[0]) { - /* We need to get the winbind separator :-( */ - struct winbindd_response sep_response; - - ZERO_STRUCT(sep_response); - - wbc_status = wbcRequestResponse(WINBINDD_INFO, - NULL, &sep_response); - BAIL_ON_WBC_ERROR(wbc_status); - - snprintf(request.data.auth.user, - sizeof(request.data.auth.user)-1, - "%s%c%s", - params->domain_name, - sep_response.data.info.winbind_separator, - params->account_name); - } else { - strncpy(request.data.auth.user, - params->account_name, - sizeof(request.data.auth.user)-1); - } - - strncpy(request.data.auth.pass, - params->password.plaintext, - sizeof(request.data.auth.pass)-1); - break; - - case WBC_AUTH_USER_LEVEL_HASH: - wbc_status = WBC_ERR_NOT_IMPLEMENTED; - BAIL_ON_WBC_ERROR(wbc_status); - break; - - case WBC_AUTH_USER_LEVEL_RESPONSE: - cmd = WINBINDD_PAM_AUTH_CRAP; - request.flags = WBFLAG_PAM_INFO3_TEXT | - WBFLAG_PAM_USER_SESSION_KEY | - WBFLAG_PAM_LMKEY; - - if (params->password.response.lm_length && - !params->password.response.lm_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - if (params->password.response.lm_length == 0 && - params->password.response.lm_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (params->password.response.nt_length && - !params->password.response.nt_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - if (params->password.response.nt_length == 0&& - params->password.response.nt_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - strncpy(request.data.auth_crap.user, - params->account_name, - sizeof(request.data.auth_crap.user)-1); - if (params->domain_name) { - strncpy(request.data.auth_crap.domain, - params->domain_name, - sizeof(request.data.auth_crap.domain)-1); - } - if (params->workstation_name) { - strncpy(request.data.auth_crap.workstation, - params->workstation_name, - sizeof(request.data.auth_crap.workstation)-1); - } - - request.data.auth_crap.logon_parameters = - params->parameter_control; - - memcpy(request.data.auth_crap.chal, - params->password.response.challenge, - sizeof(request.data.auth_crap.chal)); - - request.data.auth_crap.lm_resp_len = - MIN(params->password.response.lm_length, - sizeof(request.data.auth_crap.lm_resp)); - request.data.auth_crap.nt_resp_len = - MIN(params->password.response.nt_length, - sizeof(request.data.auth_crap.nt_resp)); - if (params->password.response.lm_data) { - memcpy(request.data.auth_crap.lm_resp, - params->password.response.lm_data, - request.data.auth_crap.lm_resp_len); - } - if (params->password.response.nt_data) { - memcpy(request.data.auth_crap.nt_resp, - params->password.response.nt_data, - request.data.auth_crap.nt_resp_len); - } - break; - default: - break; - } - - if (cmd == 0) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (params->flags) { - request.flags |= params->flags; - } - - wbc_status = wbcRequestResponse(cmd, - &request, - &response); - if (response.data.auth.nt_status != 0) { - if (error) { - wbc_status = wbc_create_error_info(NULL, - &response, - error); - BAIL_ON_WBC_ERROR(wbc_status); - } - - wbc_status = WBC_ERR_AUTH_ERROR; - BAIL_ON_WBC_ERROR(wbc_status); - } - BAIL_ON_WBC_ERROR(wbc_status); - - if (info) { - wbc_status = wbc_create_auth_info(NULL, - &response, - info); - BAIL_ON_WBC_ERROR(wbc_status); - } - -done: - if (response.extra_data.data) - free(response.extra_data.data); - - return wbc_status; -} - -/* Trigger a verification of the trust credentials of a specific domain */ -wbcErr wbcCheckTrustCredentials(const char *domain, - struct wbcAuthErrorInfo **error) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (domain) { - /* - * the current protocol doesn't support - * specifying a domain - */ - wbc_status = WBC_ERR_NOT_IMPLEMENTED; - BAIL_ON_WBC_ERROR(wbc_status); - } - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - wbc_status = wbcRequestResponse(WINBINDD_CHECK_MACHACC, - &request, - &response); - if (response.data.auth.nt_status != 0) { - if (error) { - wbc_status = wbc_create_error_info(NULL, - &response, - error); - BAIL_ON_WBC_ERROR(wbc_status); - } - - wbc_status = WBC_ERR_AUTH_ERROR; - BAIL_ON_WBC_ERROR(wbc_status); - } - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Trigger an extended logoff notification to Winbind for a specific user */ -wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, - struct wbcAuthErrorInfo **error) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - int i; - - /* validate input */ - - if (!params || !params->username) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if ((params->num_blobs > 0) && (params->blobs == NULL)) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - if ((params->num_blobs == 0) && (params->blobs != NULL)) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - strncpy(request.data.logoff.user, params->username, - sizeof(request.data.logoff.user)-1); - - for (i=0; i<params->num_blobs; i++) { - - if (strcasecmp(params->blobs[i].name, "ccfilename") == 0) { - if (params->blobs[i].blob.data) { - strncpy(request.data.logoff.krb5ccname, - (const char *)params->blobs[i].blob.data, - sizeof(request.data.logoff.krb5ccname) - 1); - } - continue; - } - - if (strcasecmp(params->blobs[i].name, "user_uid") == 0) { - if (params->blobs[i].blob.data) { - memcpy(&request.data.logoff.uid, - params->blobs[i].blob.data, - MIN(params->blobs[i].blob.length, - sizeof(request.data.logoff.uid))); - } - continue; - } - - if (strcasecmp(params->blobs[i].name, "flags") == 0) { - if (params->blobs[i].blob.data) { - memcpy(&request.flags, - params->blobs[i].blob.data, - MIN(params->blobs[i].blob.length, - sizeof(request.flags))); - } - continue; - } - } - - /* Send request */ - - wbc_status = wbcRequestResponse(WINBINDD_PAM_LOGOFF, - &request, - &response); - - /* Take the response above and return it to the caller */ - if (response.data.auth.nt_status != 0) { - if (error) { - wbc_status = wbc_create_error_info(NULL, - &response, - error); - BAIL_ON_WBC_ERROR(wbc_status); - } - - wbc_status = WBC_ERR_AUTH_ERROR; - BAIL_ON_WBC_ERROR(wbc_status); - } - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Trigger a logoff notification to Winbind for a specific user */ -wbcErr wbcLogoffUser(const char *username, - uid_t uid, - const char *ccfilename) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - /* validate input */ - - if (!username) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - strncpy(request.data.logoff.user, username, - sizeof(request.data.logoff.user)-1); - request.data.logoff.uid = uid; - - if (ccfilename) { - strncpy(request.data.logoff.krb5ccname, ccfilename, - sizeof(request.data.logoff.krb5ccname)-1); - } - - /* Send request */ - - wbc_status = wbcRequestResponse(WINBINDD_PAM_LOGOFF, - &request, - &response); - - /* Take the response above and return it to the caller */ - - done: - return wbc_status; -} - -/* Change a password for a user with more detailed information upon failure */ -wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, - struct wbcAuthErrorInfo **error, - enum wbcPasswordChangeRejectReason *reject_reason, - struct wbcUserPasswordPolicyInfo **policy) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - int cmd = 0; - - /* validate input */ - - if (!params->account_name) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (error) { - *error = NULL; - } - - if (policy) { - *policy = NULL; - } - - if (reject_reason) { - *reject_reason = -1; - } - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - switch (params->level) { - case WBC_CHANGE_PASSWORD_LEVEL_PLAIN: - cmd = WINBINDD_PAM_CHAUTHTOK; - - if (!params->account_name) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - strncpy(request.data.chauthtok.user, params->account_name, - sizeof(request.data.chauthtok.user) - 1); - - if (params->old_password.plaintext) { - strncpy(request.data.chauthtok.oldpass, - params->old_password.plaintext, - sizeof(request.data.chauthtok.oldpass) - 1); - } - - if (params->new_password.plaintext) { - strncpy(request.data.chauthtok.newpass, - params->new_password.plaintext, - sizeof(request.data.chauthtok.newpass) - 1); - } - break; - - case WBC_CHANGE_PASSWORD_LEVEL_RESPONSE: - cmd = WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP; - - if (!params->account_name || !params->domain_name) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (params->old_password.response.old_lm_hash_enc_length && - !params->old_password.response.old_lm_hash_enc_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (params->old_password.response.old_lm_hash_enc_length == 0 && - params->old_password.response.old_lm_hash_enc_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (params->old_password.response.old_nt_hash_enc_length && - !params->old_password.response.old_nt_hash_enc_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (params->old_password.response.old_nt_hash_enc_length == 0 && - params->old_password.response.old_nt_hash_enc_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (params->new_password.response.lm_length && - !params->new_password.response.lm_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (params->new_password.response.lm_length == 0 && - params->new_password.response.lm_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (params->new_password.response.nt_length && - !params->new_password.response.nt_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (params->new_password.response.nt_length == 0 && - params->new_password.response.nt_data) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - strncpy(request.data.chng_pswd_auth_crap.user, - params->account_name, - sizeof(request.data.chng_pswd_auth_crap.user) - 1); - - strncpy(request.data.chng_pswd_auth_crap.domain, - params->domain_name, - sizeof(request.data.chng_pswd_auth_crap.domain) - 1); - - if (params->new_password.response.nt_data) { - memcpy(request.data.chng_pswd_auth_crap.new_nt_pswd, - params->new_password.response.nt_data, - request.data.chng_pswd_auth_crap.new_nt_pswd_len); - request.data.chng_pswd_auth_crap.new_nt_pswd_len = - params->new_password.response.nt_length; - } - - if (params->new_password.response.lm_data) { - memcpy(request.data.chng_pswd_auth_crap.new_lm_pswd, - params->new_password.response.lm_data, - request.data.chng_pswd_auth_crap.new_lm_pswd_len); - request.data.chng_pswd_auth_crap.new_lm_pswd_len = - params->new_password.response.lm_length; - } - - if (params->old_password.response.old_nt_hash_enc_data) { - memcpy(request.data.chng_pswd_auth_crap.old_nt_hash_enc, - params->old_password.response.old_nt_hash_enc_data, - request.data.chng_pswd_auth_crap.old_nt_hash_enc_len); - request.data.chng_pswd_auth_crap.old_nt_hash_enc_len = - params->old_password.response.old_nt_hash_enc_length; - } - - if (params->old_password.response.old_lm_hash_enc_data) { - memcpy(request.data.chng_pswd_auth_crap.old_lm_hash_enc, - params->old_password.response.old_lm_hash_enc_data, - request.data.chng_pswd_auth_crap.old_lm_hash_enc_len); - request.data.chng_pswd_auth_crap.old_lm_hash_enc_len = - params->old_password.response.old_lm_hash_enc_length; - } - - break; - default: - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - break; - } - - if (cmd == 0) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Send request */ - - wbc_status = wbcRequestResponse(cmd, - &request, - &response); - if (WBC_ERROR_IS_OK(wbc_status)) { - goto done; - } - - /* Take the response above and return it to the caller */ - - if (response.data.auth.nt_status != 0) { - if (error) { - wbc_status = wbc_create_error_info(NULL, - &response, - error); - BAIL_ON_WBC_ERROR(wbc_status); - } - - } - - if (policy) { - wbc_status = wbc_create_password_policy_info(NULL, - &response, - policy); - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (reject_reason) { - *reject_reason = response.data.auth.reject_reason; - } - - wbc_status = WBC_ERR_PWD_CHANGE_FAILED; - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Change a password for a user */ -wbcErr wbcChangeUserPassword(const char *username, - const char *old_password, - const char *new_password) -{ - wbcErr wbc_status = WBC_ERR_SUCCESS; - struct wbcChangePasswordParams params; - - ZERO_STRUCT(params); - - params.account_name = username; - params.level = WBC_CHANGE_PASSWORD_LEVEL_PLAIN; - params.old_password.plaintext = old_password; - params.new_password.plaintext = new_password; - - wbc_status = wbcChangeUserPasswordEx(¶ms, - NULL, - NULL, - NULL); - BAIL_ON_WBC_ERROR(wbc_status); - -done: - return wbc_status; -} - -/* Logon a User */ -wbcErr wbcLogonUser(const struct wbcLogonUserParams *params, - struct wbcLogonUserInfo **info, - struct wbcAuthErrorInfo **error, - struct wbcUserPasswordPolicyInfo **policy) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - int cmd = 0; - struct winbindd_request request; - struct winbindd_response response; - uint32_t i; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - if (info) { - *info = NULL; - } - if (error) { - *error = NULL; - } - if (policy) { - *policy = NULL; - } - - if (!params) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (!params->username) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - if ((params->num_blobs > 0) && (params->blobs == NULL)) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - if ((params->num_blobs == 0) && (params->blobs != NULL)) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Initialize request */ - - cmd = WINBINDD_PAM_AUTH; - request.flags = WBFLAG_PAM_INFO3_TEXT | - WBFLAG_PAM_USER_SESSION_KEY | - WBFLAG_PAM_LMKEY; - - if (!params->password) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - strncpy(request.data.auth.user, - params->username, - sizeof(request.data.auth.user)-1); - - strncpy(request.data.auth.pass, - params->password, - sizeof(request.data.auth.pass)-1); - - for (i=0; i<params->num_blobs; i++) { - - if (strcasecmp(params->blobs[i].name, "krb5_cc_type") == 0) { - if (params->blobs[i].blob.data) { - strncpy(request.data.auth.krb5_cc_type, - (const char *)params->blobs[i].blob.data, - sizeof(request.data.auth.krb5_cc_type) - 1); - } - continue; - } - - if (strcasecmp(params->blobs[i].name, "user_uid") == 0) { - if (params->blobs[i].blob.data) { - memcpy(&request.data.auth.uid, - params->blobs[i].blob.data, - MIN(sizeof(request.data.auth.uid), - params->blobs[i].blob.length)); - } - continue; - } - - if (strcasecmp(params->blobs[i].name, "flags") == 0) { - if (params->blobs[i].blob.data) { - uint32_t flags; - memcpy(&flags, - params->blobs[i].blob.data, - MIN(sizeof(flags), - params->blobs[i].blob.length)); - request.flags |= flags; - } - continue; - } - - if (strcasecmp(params->blobs[i].name, "membership_of") == 0) { - if (params->blobs[i].blob.data && - params->blobs[i].blob.data[0] > 0) { - strncpy(request.data.auth.require_membership_of_sid, - (const char *)params->blobs[i].blob.data, - sizeof(request.data.auth.require_membership_of_sid) - 1); - } - continue; - } - } - - wbc_status = wbcRequestResponse(cmd, - &request, - &response); - - if (response.data.auth.nt_status != 0) { - if (error) { - wbc_status = wbc_create_error_info(NULL, - &response, - error); - BAIL_ON_WBC_ERROR(wbc_status); - } - - wbc_status = WBC_ERR_AUTH_ERROR; - BAIL_ON_WBC_ERROR(wbc_status); - } - BAIL_ON_WBC_ERROR(wbc_status); - - if (info) { - wbc_status = wbc_create_logon_info(NULL, - &response, - info); - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (policy) { - wbc_status = wbc_create_password_policy_info(NULL, - &response, - policy); - BAIL_ON_WBC_ERROR(wbc_status); - } - -done: - if (response.extra_data.data) - free(response.extra_data.data); - - return wbc_status; -} - -/* Authenticate a user with cached credentials */ -wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params, - struct wbcCredentialCacheInfo **info, - struct wbcAuthErrorInfo **error) -{ - return WBC_ERR_NOT_IMPLEMENTED; -} diff --git a/source3/nsswitch/libwbclient/wbc_pwd.c b/source3/nsswitch/libwbclient/wbc_pwd.c deleted file mode 100644 index cd945996c8..0000000000 --- a/source3/nsswitch/libwbclient/wbc_pwd.c +++ /dev/null @@ -1,571 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind client API - - Copyright (C) Gerald (Jerry) Carter 2007 - - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 3 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -/* Required Headers */ - -#include "libwbclient.h" - -/** @brief The maximum number of pwent structs to get from winbindd - * - */ -#define MAX_GETPWENT_USERS 500 - -/** @brief The maximum number of grent structs to get from winbindd - * - */ -#define MAX_GETGRENT_GROUPS 500 - -/** - * - **/ - -static struct passwd *copy_passwd_entry(struct winbindd_pw *p) -{ - struct passwd *pwd = NULL; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - pwd = talloc(NULL, struct passwd); - BAIL_ON_PTR_ERROR(pwd, wbc_status); - - pwd->pw_name = talloc_strdup(pwd,p->pw_name); - BAIL_ON_PTR_ERROR(pwd->pw_name, wbc_status); - - pwd->pw_passwd = talloc_strdup(pwd, p->pw_passwd); - BAIL_ON_PTR_ERROR(pwd->pw_passwd, wbc_status); - - pwd->pw_gecos = talloc_strdup(pwd, p->pw_gecos); - BAIL_ON_PTR_ERROR(pwd->pw_gecos, wbc_status); - - pwd->pw_shell = talloc_strdup(pwd, p->pw_shell); - BAIL_ON_PTR_ERROR(pwd->pw_shell, wbc_status); - - pwd->pw_dir = talloc_strdup(pwd, p->pw_dir); - BAIL_ON_PTR_ERROR(pwd->pw_dir, wbc_status); - - pwd->pw_uid = p->pw_uid; - pwd->pw_gid = p->pw_gid; - -done: - if (!WBC_ERROR_IS_OK(wbc_status)) { - talloc_free(pwd); - pwd = NULL; - } - - return pwd; -} - -/** - * - **/ - -static struct group *copy_group_entry(struct winbindd_gr *g, - char *mem_buf) -{ - struct group *grp = NULL; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - int i; - char *mem_p, *mem_q; - - grp = talloc(NULL, struct group); - BAIL_ON_PTR_ERROR(grp, wbc_status); - - grp->gr_name = talloc_strdup(grp, g->gr_name); - BAIL_ON_PTR_ERROR(grp->gr_name, wbc_status); - - grp->gr_passwd = talloc_strdup(grp, g->gr_passwd); - BAIL_ON_PTR_ERROR(grp->gr_passwd, wbc_status); - - grp->gr_gid = g->gr_gid; - - grp->gr_mem = talloc_array(grp, char*, g->num_gr_mem+1); - - mem_p = mem_q = mem_buf; - for (i=0; i<g->num_gr_mem && mem_p; i++) { - if ((mem_q = strchr(mem_p, ',')) != NULL) { - *mem_q = '\0'; - } - - grp->gr_mem[i] = talloc_strdup(grp, mem_p); - BAIL_ON_PTR_ERROR(grp->gr_mem[i], wbc_status); - - if (mem_q == NULL) { - i += 1; - break; - } - mem_p = mem_q + 1; - } - grp->gr_mem[i] = NULL; - - wbc_status = WBC_ERR_SUCCESS; - -done: - if (!WBC_ERROR_IS_OK(wbc_status)) { - talloc_free(grp); - grp = NULL; - } - - return grp; -} - -/* Fill in a struct passwd* for a domain user based on username */ -wbcErr wbcGetpwnam(const char *name, struct passwd **pwd) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_response response; - - if (!name || !pwd) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* dst is already null terminated from the memset above */ - - strncpy(request.data.username, name, sizeof(request.data.username)-1); - - wbc_status = wbcRequestResponse(WINBINDD_GETPWNAM, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - *pwd = copy_passwd_entry(&response.data.pw); - BAIL_ON_PTR_ERROR(*pwd, wbc_status); - - done: - return wbc_status; -} - -/* Fill in a struct passwd* for a domain user based on uid */ -wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_response response; - - if (!pwd) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - request.data.uid = uid; - - wbc_status = wbcRequestResponse(WINBINDD_GETPWUID, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - *pwd = copy_passwd_entry(&response.data.pw); - BAIL_ON_PTR_ERROR(*pwd, wbc_status); - - done: - return wbc_status; -} - -/* Fill in a struct passwd* for a domain user based on username */ -wbcErr wbcGetgrnam(const char *name, struct group **grp) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_response response; - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - if (!name || !grp) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* dst is already null terminated from the memset above */ - - strncpy(request.data.groupname, name, sizeof(request.data.groupname)-1); - - wbc_status = wbcRequestResponse(WINBINDD_GETGRNAM, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - *grp = copy_group_entry(&response.data.gr, - (char*)response.extra_data.data); - BAIL_ON_PTR_ERROR(*grp, wbc_status); - - done: - if (response.extra_data.data) - free(response.extra_data.data); - - return wbc_status; -} - -/* Fill in a struct passwd* for a domain user based on uid */ -wbcErr wbcGetgrgid(gid_t gid, struct group **grp) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_response response; - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - if (!grp) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - request.data.gid = gid; - - wbc_status = wbcRequestResponse(WINBINDD_GETGRGID, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - *grp = copy_group_entry(&response.data.gr, - (char*)response.extra_data.data); - BAIL_ON_PTR_ERROR(*grp, wbc_status); - - done: - if (response.extra_data.data) - free(response.extra_data.data); - - return wbc_status; -} - -/** @brief Number of cached passwd structs - * - */ -static uint32_t pw_cache_size; - -/** @brief Position of the pwent context - * - */ -static uint32_t pw_cache_idx; - -/** @brief Winbindd response containing the passwd structs - * - */ -static struct winbindd_response pw_response; - -/* Reset the passwd iterator */ -wbcErr wbcSetpwent(void) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (pw_cache_size > 0) { - pw_cache_idx = pw_cache_size = 0; - if (pw_response.extra_data.data) { - free(pw_response.extra_data.data); - } - } - - ZERO_STRUCT(pw_response); - - wbc_status = wbcRequestResponse(WINBINDD_SETPWENT, - NULL, NULL); - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Close the passwd iterator */ -wbcErr wbcEndpwent(void) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (pw_cache_size > 0) { - pw_cache_idx = pw_cache_size = 0; - if (pw_response.extra_data.data) { - free(pw_response.extra_data.data); - } - } - - wbc_status = wbcRequestResponse(WINBINDD_ENDPWENT, - NULL, NULL); - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Return the next struct passwd* entry from the pwent iterator */ -wbcErr wbcGetpwent(struct passwd **pwd) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_pw *wb_pw; - - /* If there's a cached result, return that. */ - if (pw_cache_idx < pw_cache_size) { - goto return_result; - } - - /* Otherwise, query winbindd for some entries. */ - - pw_cache_idx = 0; - - if (pw_response.extra_data.data) { - free(pw_response.extra_data.data); - ZERO_STRUCT(pw_response); - } - - ZERO_STRUCT(request); - request.data.num_entries = MAX_GETPWENT_USERS; - - wbc_status = wbcRequestResponse(WINBINDD_GETPWENT, &request, - &pw_response); - - BAIL_ON_WBC_ERROR(wbc_status); - - pw_cache_size = pw_response.data.num_entries; - -return_result: - - wb_pw = (struct winbindd_pw *) pw_response.extra_data.data; - - *pwd = copy_passwd_entry(&wb_pw[pw_cache_idx]); - - BAIL_ON_PTR_ERROR(*pwd, wbc_status); - - pw_cache_idx++; - -done: - return wbc_status; -} - -/** @brief Number of cached group structs - * - */ -static uint32_t gr_cache_size; - -/** @brief Position of the grent context - * - */ -static uint32_t gr_cache_idx; - -/** @brief Winbindd response containing the group structs - * - */ -static struct winbindd_response gr_response; - -/* Reset the group iterator */ -wbcErr wbcSetgrent(void) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (gr_cache_size > 0) { - gr_cache_idx = gr_cache_size = 0; - if (gr_response.extra_data.data) { - free(gr_response.extra_data.data); - } - } - - ZERO_STRUCT(gr_response); - - wbc_status = wbcRequestResponse(WINBINDD_SETGRENT, - NULL, NULL); - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Close the group iterator */ -wbcErr wbcEndgrent(void) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (gr_cache_size > 0) { - gr_cache_idx = gr_cache_size = 0; - if (gr_response.extra_data.data) { - free(gr_response.extra_data.data); - } - } - - wbc_status = wbcRequestResponse(WINBINDD_ENDGRENT, - NULL, NULL); - BAIL_ON_WBC_ERROR(wbc_status); - - done: - return wbc_status; -} - -/* Return the next struct group* entry from the pwent iterator */ -wbcErr wbcGetgrent(struct group **grp) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_gr *wb_gr; - uint32_t mem_ofs; - - /* If there's a cached result, return that. */ - if (gr_cache_idx < gr_cache_size) { - goto return_result; - } - - /* Otherwise, query winbindd for some entries. */ - - gr_cache_idx = 0; - - if (gr_response.extra_data.data) { - free(gr_response.extra_data.data); - ZERO_STRUCT(gr_response); - } - - ZERO_STRUCT(request); - request.data.num_entries = MAX_GETGRENT_GROUPS; - - wbc_status = wbcRequestResponse(WINBINDD_GETGRENT, &request, - &gr_response); - - BAIL_ON_WBC_ERROR(wbc_status); - - gr_cache_size = gr_response.data.num_entries; - -return_result: - - wb_gr = (struct winbindd_gr *) gr_response.extra_data.data; - - mem_ofs = wb_gr[gr_cache_idx].gr_mem_ofs + - gr_cache_size * sizeof(struct winbindd_gr); - - *grp = copy_group_entry(&wb_gr[gr_cache_idx], - ((char *)gr_response.extra_data.data)+mem_ofs); - - BAIL_ON_PTR_ERROR(*grp, wbc_status); - - gr_cache_idx++; - -done: - return wbc_status; -} - -/* Return the next struct group* entry from the pwent iterator */ -wbcErr wbcGetgrlist(struct group **grp) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_gr *wb_gr; - - /* If there's a cached result, return that. */ - if (gr_cache_idx < gr_cache_size) { - goto return_result; - } - - /* Otherwise, query winbindd for some entries. */ - - gr_cache_idx = 0; - - if (gr_response.extra_data.data) { - free(gr_response.extra_data.data); - ZERO_STRUCT(gr_response); - } - - ZERO_STRUCT(request); - request.data.num_entries = MAX_GETGRENT_GROUPS; - - wbc_status = wbcRequestResponse(WINBINDD_GETGRLST, &request, - &gr_response); - - BAIL_ON_WBC_ERROR(wbc_status); - - gr_cache_size = gr_response.data.num_entries; - -return_result: - - wb_gr = (struct winbindd_gr *) gr_response.extra_data.data; - - *grp = copy_group_entry(&wb_gr[gr_cache_idx], NULL); - - BAIL_ON_PTR_ERROR(*grp, wbc_status); - - gr_cache_idx++; - -done: - return wbc_status; -} - -/* Return the unix group array belonging to the given user */ -wbcErr wbcGetGroups(const char *account, - uint32_t *num_groups, - gid_t **_groups) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_response response; - uint32_t i; - gid_t *groups = NULL; - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - if (!account) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Send request */ - - strncpy(request.data.username, account, sizeof(request.data.username)-1); - - wbc_status = wbcRequestResponse(WINBINDD_GETGROUPS, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - groups = talloc_array(NULL, gid_t, response.data.num_entries); - BAIL_ON_PTR_ERROR(groups, wbc_status); - - for (i = 0; i < response.data.num_entries; i++) { - groups[i] = ((gid_t *)response.extra_data.data)[i]; - } - - *num_groups = response.data.num_entries; - *_groups = groups; - groups = NULL; - - wbc_status = WBC_ERR_SUCCESS; - - done: - if (response.extra_data.data) { - free(response.extra_data.data); - } - if (groups) { - talloc_free(groups); - } - - return wbc_status; -} diff --git a/source3/nsswitch/libwbclient/wbc_sid.c b/source3/nsswitch/libwbclient/wbc_sid.c deleted file mode 100644 index e2157b9609..0000000000 --- a/source3/nsswitch/libwbclient/wbc_sid.c +++ /dev/null @@ -1,672 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind client API - - Copyright (C) Gerald (Jerry) Carter 2007 - - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 3 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -/* Required Headers */ - -#include "libwbclient.h" - - -/* Convert a binary SID to a character string */ -wbcErr wbcSidToString(const struct wbcDomainSid *sid, - char **sid_string) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - uint32_t id_auth; - int i; - char *tmp = NULL; - - if (!sid) { - wbc_status = WBC_ERR_INVALID_SID; - BAIL_ON_WBC_ERROR(wbc_status); - } - - id_auth = sid->id_auth[5] + - (sid->id_auth[4] << 8) + - (sid->id_auth[3] << 16) + - (sid->id_auth[2] << 24); - - tmp = talloc_asprintf(NULL, "S-%d-%d", sid->sid_rev_num, id_auth); - BAIL_ON_PTR_ERROR(tmp, wbc_status); - - for (i=0; i<sid->num_auths; i++) { - char *tmp2; - tmp2 = talloc_asprintf_append(tmp, "-%u", sid->sub_auths[i]); - BAIL_ON_PTR_ERROR(tmp2, wbc_status); - - tmp = tmp2; - } - - *sid_string = tmp; - tmp = NULL; - - wbc_status = WBC_ERR_SUCCESS; - -done: - talloc_free(tmp); - - return wbc_status; -} - -/* Convert a character string to a binary SID */ -wbcErr wbcStringToSid(const char *str, - struct wbcDomainSid *sid) -{ - const char *p; - char *q; - uint32_t x; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (!sid) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Sanity check for either "S-" or "s-" */ - - if (!str - || (str[0]!='S' && str[0]!='s') - || (str[1]!='-')) - { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Get the SID revision number */ - - p = str+2; - x = (uint32_t)strtol(p, &q, 10); - if (x==0 || !q || *q!='-') { - wbc_status = WBC_ERR_INVALID_SID; - BAIL_ON_WBC_ERROR(wbc_status); - } - sid->sid_rev_num = (uint8_t)x; - - /* Next the Identifier Authority. This is stored in big-endian - in a 6 byte array. */ - - p = q+1; - x = (uint32_t)strtol(p, &q, 10); - if (!q || *q!='-') { - wbc_status = WBC_ERR_INVALID_SID; - BAIL_ON_WBC_ERROR(wbc_status); - } - sid->id_auth[5] = (x & 0x000000ff); - sid->id_auth[4] = (x & 0x0000ff00) >> 8; - sid->id_auth[3] = (x & 0x00ff0000) >> 16; - sid->id_auth[2] = (x & 0xff000000) >> 24; - sid->id_auth[1] = 0; - sid->id_auth[0] = 0; - - /* now read the the subauthorities */ - - p = q +1; - sid->num_auths = 0; - while (sid->num_auths < WBC_MAXSUBAUTHS) { - x=(uint32_t)strtoul(p, &q, 10); - if (p == q) - break; - if (q == NULL) { - wbc_status = WBC_ERR_INVALID_SID; - BAIL_ON_WBC_ERROR(wbc_status); - } - sid->sub_auths[sid->num_auths++] = x; - - if ((*q!='-') || (*q=='\0')) - break; - p = q + 1; - } - - /* IF we ended early, then the SID could not be converted */ - - if (q && *q!='\0') { - wbc_status = WBC_ERR_INVALID_SID; - BAIL_ON_WBC_ERROR(wbc_status); - } - - wbc_status = WBC_ERR_SUCCESS; - -done: - return wbc_status; - -} - -/* Convert a domain and name to SID */ -wbcErr wbcLookupName(const char *domain, - const char *name, - struct wbcDomainSid *sid, - enum wbcSidType *name_type) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - if (!sid || !name_type) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* dst is already null terminated from the memset above */ - - strncpy(request.data.name.dom_name, domain, - sizeof(request.data.name.dom_name)-1); - strncpy(request.data.name.name, name, - sizeof(request.data.name.name)-1); - - wbc_status = wbcRequestResponse(WINBINDD_LOOKUPNAME, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - wbc_status = wbcStringToSid(response.data.sid.sid, sid); - BAIL_ON_WBC_ERROR(wbc_status); - - *name_type = (enum wbcSidType)response.data.sid.type; - - wbc_status = WBC_ERR_SUCCESS; - - done: - return wbc_status; -} - -/* Convert a SID to a domain and name */ -wbcErr wbcLookupSid(const struct wbcDomainSid *sid, - char **pdomain, - char **pname, - enum wbcSidType *pname_type) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - char *sid_string = NULL; - char *domain = NULL; - char *name = NULL; - enum wbcSidType name_type = WBC_SID_NAME_USE_NONE; - - if (!sid) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* dst is already null terminated from the memset above */ - - wbc_status = wbcSidToString(sid, &sid_string); - BAIL_ON_WBC_ERROR(wbc_status); - - strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1); - wbcFreeMemory(sid_string); - - /* Make request */ - - wbc_status = wbcRequestResponse(WINBINDD_LOOKUPSID, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - /* Copy out result */ - - domain = talloc_strdup(NULL, response.data.name.dom_name); - BAIL_ON_PTR_ERROR(domain, wbc_status); - - name = talloc_strdup(NULL, response.data.name.name); - BAIL_ON_PTR_ERROR(name, wbc_status); - - name_type = (enum wbcSidType)response.data.name.type; - - wbc_status = WBC_ERR_SUCCESS; - - done: - if (WBC_ERROR_IS_OK(wbc_status)) { - if (pdomain != NULL) { - *pdomain = domain; - } - if (pname != NULL) { - *pname = name; - } - if (pname_type != NULL) { - *pname_type = name_type; - } - } - else { -#if 0 - /* - * Found by Coverity: In this particular routine we can't end - * up here with a non-NULL name. Further up there are just two - * exit paths that lead here, neither of which leave an - * allocated name. If you add more paths up there, re-activate - * this. - */ - if (name != NULL) { - talloc_free(name); - } -#endif - if (domain != NULL) { - talloc_free(domain); - } - } - - return wbc_status; -} - -/* Translate a collection of RIDs within a domain to names */ - -wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, - int num_rids, - uint32_t *rids, - const char **pp_domain_name, - const char ***pnames, - enum wbcSidType **ptypes) -{ - size_t i, len, ridbuf_size; - char *ridlist; - char *p; - struct winbindd_request request; - struct winbindd_response response; - char *sid_string = NULL; - char *domain_name = NULL; - const char **names = NULL; - enum wbcSidType *types = NULL; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - if (!dom_sid || (num_rids == 0)) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - wbc_status = wbcSidToString(dom_sid, &sid_string); - BAIL_ON_WBC_ERROR(wbc_status); - - strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1); - wbcFreeMemory(sid_string); - - /* Even if all the Rids were of maximum 32bit values, - we would only have 11 bytes per rid in the final array - ("4294967296" + \n). Add one more byte for the - terminating '\0' */ - - ridbuf_size = (sizeof(char)*11) * num_rids + 1; - - ridlist = talloc_zero_array(NULL, char, ridbuf_size); - BAIL_ON_PTR_ERROR(ridlist, wbc_status); - - len = 0; - for (i=0; i<num_rids && (len-1)>0; i++) { - char ridstr[12]; - - len = strlen(ridlist); - p = ridlist + len; - - snprintf( ridstr, sizeof(ridstr)-1, "%u\n", rids[i]); - strncat(p, ridstr, ridbuf_size-len-1); - } - - request.extra_data.data = ridlist; - request.extra_len = strlen(ridlist)+1; - - wbc_status = wbcRequestResponse(WINBINDD_LOOKUPRIDS, - &request, - &response); - talloc_free(ridlist); - BAIL_ON_WBC_ERROR(wbc_status); - - domain_name = talloc_strdup(NULL, response.data.domain_name); - BAIL_ON_PTR_ERROR(domain_name, wbc_status); - - names = talloc_array(NULL, const char*, num_rids); - BAIL_ON_PTR_ERROR(names, wbc_status); - - types = talloc_array(NULL, enum wbcSidType, num_rids); - BAIL_ON_PTR_ERROR(types, wbc_status); - - p = (char *)response.extra_data.data; - - for (i=0; i<num_rids; i++) { - char *q; - - if (*p == '\0') { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - - types[i] = (enum wbcSidType)strtoul(p, &q, 10); - - if (*q != ' ') { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - - p = q+1; - - if ((q = strchr(p, '\n')) == NULL) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - - *q = '\0'; - - names[i] = talloc_strdup(names, p); - BAIL_ON_PTR_ERROR(names[i], wbc_status); - - p = q+1; - } - - if (*p != '\0') { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - - wbc_status = WBC_ERR_SUCCESS; - - done: - if (response.extra_data.data) { - free(response.extra_data.data); - } - - if (WBC_ERROR_IS_OK(wbc_status)) { - *pp_domain_name = domain_name; - *pnames = names; - *ptypes = types; - } - else { - if (domain_name) - talloc_free(domain_name); - if (names) - talloc_free(names); - if (types) - talloc_free(types); - } - - return wbc_status; -} - -/* Get the groups a user belongs to */ -wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, - bool domain_groups_only, - uint32_t *num_sids, - struct wbcDomainSid **_sids) -{ - uint32_t i; - const char *s; - struct winbindd_request request; - struct winbindd_response response; - char *sid_string = NULL; - struct wbcDomainSid *sids = NULL; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - int cmd; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - if (!user_sid) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - wbc_status = wbcSidToString(user_sid, &sid_string); - BAIL_ON_WBC_ERROR(wbc_status); - - strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1); - wbcFreeMemory(sid_string); - - if (domain_groups_only) { - cmd = WINBINDD_GETUSERDOMGROUPS; - } else { - cmd = WINBINDD_GETUSERSIDS; - } - - wbc_status = wbcRequestResponse(cmd, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - if (response.data.num_entries && - !response.extra_data.data) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - - sids = talloc_array(NULL, struct wbcDomainSid, - response.data.num_entries); - BAIL_ON_PTR_ERROR(sids, wbc_status); - - s = (const char *)response.extra_data.data; - for (i = 0; i < response.data.num_entries; i++) { - char *n = strchr(s, '\n'); - if (n) { - *n = '\0'; - } - wbc_status = wbcStringToSid(s, &sids[i]); - BAIL_ON_WBC_ERROR(wbc_status); - s += strlen(s) + 1; - } - - *num_sids = response.data.num_entries; - *_sids = sids; - sids = NULL; - wbc_status = WBC_ERR_SUCCESS; - - done: - if (response.extra_data.data) { - free(response.extra_data.data); - } - if (sids) { - talloc_free(sids); - } - - return wbc_status; -} - -/* Lists Users */ -wbcErr wbcListUsers(const char *domain_name, - uint32_t *_num_users, - const char ***_users) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_response response; - uint32_t num_users = 0; - const char **users = NULL; - const char *next; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - if (domain_name) { - strncpy(request.domain_name, domain_name, - sizeof(request.domain_name)-1); - } - - wbc_status = wbcRequestResponse(WINBINDD_LIST_USERS, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - /* Look through extra data */ - - next = (const char *)response.extra_data.data; - while (next) { - const char **tmp; - const char *current = next; - char *k = strchr(next, ','); - if (k) { - k[0] = '\0'; - next = k+1; - } else { - next = NULL; - } - - tmp = talloc_realloc(NULL, users, - const char *, - num_users+1); - BAIL_ON_PTR_ERROR(tmp, wbc_status); - users = tmp; - - users[num_users] = talloc_strdup(users, current); - BAIL_ON_PTR_ERROR(users[num_users], wbc_status); - - num_users++; - } - - *_num_users = num_users; - *_users = users; - users = NULL; - wbc_status = WBC_ERR_SUCCESS; - - done: - if (response.extra_data.data) { - free(response.extra_data.data); - } - if (users) { - talloc_free(users); - } - return wbc_status; -} - -/* Lists Groups */ -wbcErr wbcListGroups(const char *domain_name, - uint32_t *_num_groups, - const char ***_groups) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_response response; - uint32_t num_groups = 0; - const char **groups = NULL; - const char *next; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - if (domain_name) { - strncpy(request.domain_name, domain_name, - sizeof(request.domain_name)-1); - } - - wbc_status = wbcRequestResponse(WINBINDD_LIST_GROUPS, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - /* Look through extra data */ - - next = (const char *)response.extra_data.data; - while (next) { - const char **tmp; - const char *current = next; - char *k = strchr(next, ','); - if (k) { - k[0] = '\0'; - next = k+1; - } else { - next = NULL; - } - - tmp = talloc_realloc(NULL, groups, - const char *, - num_groups+1); - BAIL_ON_PTR_ERROR(tmp, wbc_status); - groups = tmp; - - groups[num_groups] = talloc_strdup(groups, current); - BAIL_ON_PTR_ERROR(groups[num_groups], wbc_status); - - num_groups++; - } - - *_num_groups = num_groups; - *_groups = groups; - groups = NULL; - wbc_status = WBC_ERR_SUCCESS; - - done: - if (response.extra_data.data) { - free(response.extra_data.data); - } - if (groups) { - talloc_free(groups); - } - return wbc_status; -} - -wbcErr wbcGetDisplayName(const struct wbcDomainSid *sid, - char **pdomain, - char **pfullname, - enum wbcSidType *pname_type) -{ - wbcErr wbc_status; - char *domain = NULL; - char *name = NULL; - enum wbcSidType name_type; - - wbc_status = wbcLookupSid(sid, &domain, &name, &name_type); - BAIL_ON_WBC_ERROR(wbc_status); - - if (name_type == WBC_SID_NAME_USER) { - uid_t uid; - struct passwd *pwd; - - wbc_status = wbcSidToUid(sid, &uid); - BAIL_ON_WBC_ERROR(wbc_status); - - wbc_status = wbcGetpwuid(uid, &pwd); - BAIL_ON_WBC_ERROR(wbc_status); - - wbcFreeMemory(name); - - name = talloc_strdup(NULL, pwd->pw_gecos); - BAIL_ON_PTR_ERROR(name, wbc_status); - } - - wbc_status = WBC_ERR_SUCCESS; - - done: - if (WBC_ERROR_IS_OK(wbc_status)) { - *pdomain = domain; - *pfullname = name; - *pname_type = name_type; - } else { - wbcFreeMemory(domain); - wbcFreeMemory(name); - } - - return wbc_status; -} diff --git a/source3/nsswitch/libwbclient/wbc_util.c b/source3/nsswitch/libwbclient/wbc_util.c deleted file mode 100644 index 7cfb64b87e..0000000000 --- a/source3/nsswitch/libwbclient/wbc_util.c +++ /dev/null @@ -1,672 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind client API - - Copyright (C) Gerald (Jerry) Carter 2007-2008 - - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 3 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -/* Required Headers */ - -#include "libwbclient.h" - - - -/** @brief Ping winbindd to see if the daemon is running - * - * @return #wbcErr - **/ - -wbcErr wbcPing(void) -{ - struct winbindd_request request; - struct winbindd_response response; - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - return wbcRequestResponse(WINBINDD_PING, &request, &response); -} - -wbcErr wbcInterfaceDetails(struct wbcInterfaceDetails **_details) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct wbcInterfaceDetails *info; - struct wbcDomainInfo *domain = NULL; - struct winbindd_request request; - struct winbindd_response response; - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - info = talloc(NULL, struct wbcInterfaceDetails); - BAIL_ON_PTR_ERROR(info, wbc_status); - - /* first the interface version */ - wbc_status = wbcRequestResponse(WINBINDD_INTERFACE_VERSION, NULL, &response); - BAIL_ON_WBC_ERROR(wbc_status); - info->interface_version = response.data.interface_version; - - /* then the samba version and the winbind separator */ - wbc_status = wbcRequestResponse(WINBINDD_INFO, NULL, &response); - BAIL_ON_WBC_ERROR(wbc_status); - - info->winbind_version = talloc_strdup(info, - response.data.info.samba_version); - BAIL_ON_PTR_ERROR(info->winbind_version, wbc_status); - info->winbind_separator = response.data.info.winbind_separator; - - /* then the local netbios name */ - wbc_status = wbcRequestResponse(WINBINDD_NETBIOS_NAME, NULL, &response); - BAIL_ON_WBC_ERROR(wbc_status); - - info->netbios_name = talloc_strdup(info, - response.data.netbios_name); - BAIL_ON_PTR_ERROR(info->netbios_name, wbc_status); - - /* then the local workgroup name */ - wbc_status = wbcRequestResponse(WINBINDD_DOMAIN_NAME, NULL, &response); - BAIL_ON_WBC_ERROR(wbc_status); - - info->netbios_domain = talloc_strdup(info, - response.data.domain_name); - BAIL_ON_PTR_ERROR(info->netbios_domain, wbc_status); - - wbc_status = wbcDomainInfo(info->netbios_domain, &domain); - if (wbc_status == WBC_ERR_DOMAIN_NOT_FOUND) { - /* maybe it's a standalone server */ - domain = NULL; - wbc_status = WBC_ERR_SUCCESS; - } else { - BAIL_ON_WBC_ERROR(wbc_status); - } - - if (domain) { - info->dns_domain = talloc_strdup(info, - domain->dns_name); - wbcFreeMemory(domain); - BAIL_ON_PTR_ERROR(info->dns_domain, wbc_status); - } else { - info->dns_domain = NULL; - } - - *_details = info; - info = NULL; - - wbc_status = WBC_ERR_SUCCESS; - -done: - talloc_free(info); - return wbc_status; -} - - -/* Lookup the current status of a trusted domain */ -wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct wbcDomainInfo *info = NULL; - - if (!domain || !dinfo) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Initialize request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - strncpy(request.domain_name, domain, - sizeof(request.domain_name)-1); - - wbc_status = wbcRequestResponse(WINBINDD_DOMAIN_INFO, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - info = talloc(NULL, struct wbcDomainInfo); - BAIL_ON_PTR_ERROR(info, wbc_status); - - info->short_name = talloc_strdup(info, - response.data.domain_info.name); - BAIL_ON_PTR_ERROR(info->short_name, wbc_status); - - info->dns_name = talloc_strdup(info, - response.data.domain_info.alt_name); - BAIL_ON_PTR_ERROR(info->dns_name, wbc_status); - - wbc_status = wbcStringToSid(response.data.domain_info.sid, - &info->sid); - BAIL_ON_WBC_ERROR(wbc_status); - - if (response.data.domain_info.native_mode) - info->domain_flags |= WBC_DOMINFO_DOMAIN_NATIVE; - if (response.data.domain_info.active_directory) - info->domain_flags |= WBC_DOMINFO_DOMAIN_AD; - if (response.data.domain_info.primary) - info->domain_flags |= WBC_DOMINFO_DOMAIN_PRIMARY; - - *dinfo = info; - - wbc_status = WBC_ERR_SUCCESS; - - done: - if (!WBC_ERROR_IS_OK(wbc_status)) { - talloc_free(info); - } - - return wbc_status; -} - - -/* Resolve a NetbiosName via WINS */ -wbcErr wbcResolveWinsByName(const char *name, char **ip) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - char *ipaddr; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - strncpy(request.data.winsreq, name, - sizeof(request.data.winsreq)-1); - - wbc_status = wbcRequestResponse(WINBINDD_WINS_BYNAME, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - /* Display response */ - - ipaddr = talloc_strdup(NULL, response.data.winsresp); - BAIL_ON_PTR_ERROR(ipaddr, wbc_status); - - *ip = ipaddr; - wbc_status = WBC_ERR_SUCCESS; - - done: - return wbc_status; -} - -/* Resolve an IP address via WINS into a NetbiosName */ -wbcErr wbcResolveWinsByIP(const char *ip, char **name) -{ - struct winbindd_request request; - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - char *name_str; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - strncpy(request.data.winsreq, ip, - sizeof(request.data.winsreq)-1); - - wbc_status = wbcRequestResponse(WINBINDD_WINS_BYIP, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - /* Display response */ - - name_str = talloc_strdup(NULL, response.data.winsresp); - BAIL_ON_PTR_ERROR(name_str, wbc_status); - - *name = name_str; - wbc_status = WBC_ERR_SUCCESS; - - done: - return wbc_status; -} - -/** - */ - -static wbcErr process_domain_info_string(TALLOC_CTX *ctx, - struct wbcDomainInfo *info, - char *info_string) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - char *r = NULL; - char *s = NULL; - - if (!info || !info_string) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - r = info_string; - - /* Short Name */ - if ((s = strchr(r, '\\')) == NULL) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - *s = '\0'; - s++; - - info->short_name = talloc_strdup(ctx, r); - BAIL_ON_PTR_ERROR(info->short_name, wbc_status); - - - /* DNS Name */ - r = s; - if ((s = strchr(r, '\\')) == NULL) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - *s = '\0'; - s++; - - info->dns_name = talloc_strdup(ctx, r); - BAIL_ON_PTR_ERROR(info->dns_name, wbc_status); - - /* SID */ - r = s; - if ((s = strchr(r, '\\')) == NULL) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - *s = '\0'; - s++; - - wbc_status = wbcStringToSid(r, &info->sid); - BAIL_ON_WBC_ERROR(wbc_status); - - /* Trust type */ - r = s; - if ((s = strchr(r, '\\')) == NULL) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - *s = '\0'; - s++; - - if (strcmp(r, "None") == 0) { - info->trust_type = WBC_DOMINFO_TRUSTTYPE_NONE; - } else if (strcmp(r, "External") == 0) { - info->trust_type = WBC_DOMINFO_TRUSTTYPE_EXTERNAL; - } else if (strcmp(r, "Forest") == 0) { - info->trust_type = WBC_DOMINFO_TRUSTTYPE_FOREST; - } else if (strcmp(r, "In Forest") == 0) { - info->trust_type = WBC_DOMINFO_TRUSTTYPE_IN_FOREST; - } else { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Transitive */ - r = s; - if ((s = strchr(r, '\\')) == NULL) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - *s = '\0'; - s++; - - if (strcmp(r, "Yes") == 0) { - info->trust_flags |= WBC_DOMINFO_TRUST_TRANSITIVE; - } - - /* Incoming */ - r = s; - if ((s = strchr(r, '\\')) == NULL) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - *s = '\0'; - s++; - - if (strcmp(r, "Yes") == 0) { - info->trust_flags |= WBC_DOMINFO_TRUST_INCOMING; - } - - /* Outgoing */ - r = s; - if ((s = strchr(r, '\\')) == NULL) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - *s = '\0'; - s++; - - if (strcmp(r, "Yes") == 0) { - info->trust_flags |= WBC_DOMINFO_TRUST_OUTGOING; - } - - /* Online/Offline status */ - - r = s; - if (r == NULL) { - wbc_status = WBC_ERR_INVALID_RESPONSE; - BAIL_ON_WBC_ERROR(wbc_status); - } - if ( strcmp(r, "Offline") == 0) { - info->domain_flags |= WBC_DOMINFO_DOMAIN_OFFLINE; - } - - wbc_status = WBC_ERR_SUCCESS; - - done: - return wbc_status; -} - -/* Enumerate the domain trusts known by Winbind */ -wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains) -{ - struct winbindd_response response; - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - char *p = NULL; - char *q = NULL; - char *extra_data = NULL; - int count = 0; - struct wbcDomainInfo *d_list = NULL; - int i = 0; - - *domains = NULL; - *num_domains = 0; - - ZERO_STRUCT(response); - - /* Send request */ - - wbc_status = wbcRequestResponse(WINBINDD_LIST_TRUSTDOM, - NULL, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - /* Decode the response */ - - p = (char *)response.extra_data.data; - - if (strlen(p) == 0) { - /* We should always at least get back our - own SAM domain */ - - wbc_status = WBC_ERR_DOMAIN_NOT_FOUND; - BAIL_ON_WBC_ERROR(wbc_status); - } - - /* Count number of domains */ - - count = 0; - while (p) { - count++; - - if ((q = strchr(p, '\n')) != NULL) - q++; - p = q; - } - - d_list = talloc_array(NULL, struct wbcDomainInfo, count); - BAIL_ON_PTR_ERROR(d_list, wbc_status); - - extra_data = strdup((char*)response.extra_data.data); - BAIL_ON_PTR_ERROR(extra_data, wbc_status); - - p = extra_data; - - /* Outer loop processes the list of domain information */ - - for (i=0; i<count && p; i++) { - char *next = strchr(p, '\n'); - - if (next) { - *next = '\0'; - next++; - } - - wbc_status = process_domain_info_string(d_list, &d_list[i], p); - BAIL_ON_WBC_ERROR(wbc_status); - - p = next; - } - - *domains = d_list; - *num_domains = i; - - done: - if (!WBC_ERROR_IS_OK(wbc_status)) { - if (d_list) - talloc_free(d_list); - if (extra_data) - free(extra_data); - } - - return wbc_status; -} - -/* Enumerate the domain trusts known by Winbind */ -wbcErr wbcLookupDomainController(const char *domain, - uint32_t flags, - struct wbcDomainControllerInfo **dc_info) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_response response; - struct wbcDomainControllerInfo *dc = NULL; - - /* validate input params */ - - if (!domain || !dc_info) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - strncpy(request.domain_name, domain, sizeof(request.domain_name)-1); - - request.flags = flags; - - dc = talloc(NULL, struct wbcDomainControllerInfo); - BAIL_ON_PTR_ERROR(dc, wbc_status); - - /* Send request */ - - wbc_status = wbcRequestResponse(WINBINDD_DSGETDCNAME, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - dc->dc_name = talloc_strdup(dc, response.data.dc_name); - BAIL_ON_PTR_ERROR(dc->dc_name, wbc_status); - - *dc_info = dc; - -done: - if (!WBC_ERROR_IS_OK(wbc_status)) { - talloc_free(dc); - } - - return wbc_status; -} - -static wbcErr wbc_create_domain_controller_info_ex(TALLOC_CTX *mem_ctx, - const struct winbindd_response *resp, - struct wbcDomainControllerInfoEx **_i) -{ - wbcErr wbc_status = WBC_ERR_SUCCESS; - struct wbcDomainControllerInfoEx *i; - struct wbcGuid guid; - - i = talloc(mem_ctx, struct wbcDomainControllerInfoEx); - BAIL_ON_PTR_ERROR(i, wbc_status); - - i->dc_unc = talloc_strdup(i, resp->data.dsgetdcname.dc_unc); - BAIL_ON_PTR_ERROR(i->dc_unc, wbc_status); - - i->dc_address = talloc_strdup(i, resp->data.dsgetdcname.dc_address); - BAIL_ON_PTR_ERROR(i->dc_address, wbc_status); - - i->dc_address_type = resp->data.dsgetdcname.dc_address_type; - - wbc_status = wbcStringToGuid(resp->data.dsgetdcname.domain_guid, &guid); - if (WBC_ERROR_IS_OK(wbc_status)) { - i->domain_guid = talloc(i, struct wbcGuid); - BAIL_ON_PTR_ERROR(i->domain_guid, wbc_status); - - *i->domain_guid = guid; - } else { - i->domain_guid = NULL; - } - - i->domain_name = talloc_strdup(i, resp->data.dsgetdcname.domain_name); - BAIL_ON_PTR_ERROR(i->domain_name, wbc_status); - - if (resp->data.dsgetdcname.forest_name[0] != '\0') { - i->forest_name = talloc_strdup(i, - resp->data.dsgetdcname.forest_name); - BAIL_ON_PTR_ERROR(i->forest_name, wbc_status); - } else { - i->forest_name = NULL; - } - - i->dc_flags = resp->data.dsgetdcname.dc_flags; - - if (resp->data.dsgetdcname.dc_site_name[0] != '\0') { - i->dc_site_name = talloc_strdup(i, - resp->data.dsgetdcname.dc_site_name); - BAIL_ON_PTR_ERROR(i->dc_site_name, wbc_status); - } else { - i->dc_site_name = NULL; - } - - if (resp->data.dsgetdcname.client_site_name[0] != '\0') { - i->client_site_name = talloc_strdup(i, - resp->data.dsgetdcname.client_site_name); - BAIL_ON_PTR_ERROR(i->client_site_name, wbc_status); - } else { - i->client_site_name = NULL; - } - - *_i = i; - i = NULL; - -done: - talloc_free(i); - return wbc_status; -} - -/* Get extended domain controller information */ -wbcErr wbcLookupDomainControllerEx(const char *domain, - struct wbcGuid *guid, - const char *site, - uint32_t flags, - struct wbcDomainControllerInfoEx **dc_info) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct winbindd_request request; - struct winbindd_response response; - - /* validate input params */ - - if (!domain || !dc_info) { - wbc_status = WBC_ERR_INVALID_PARAM; - BAIL_ON_WBC_ERROR(wbc_status); - } - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - request.data.dsgetdcname.flags = flags; - - strncpy(request.data.dsgetdcname.domain_name, domain, - sizeof(request.data.dsgetdcname.domain_name)-1); - - if (site) { - strncpy(request.data.dsgetdcname.site_name, site, - sizeof(request.data.dsgetdcname.site_name)-1); - } - - if (guid) { - char *str = NULL; - - wbc_status = wbcGuidToString(guid, &str); - BAIL_ON_WBC_ERROR(wbc_status); - - strncpy(request.data.dsgetdcname.domain_guid, str, - sizeof(request.data.dsgetdcname.domain_guid)-1); - - wbcFreeMemory(str); - } - - /* Send request */ - - wbc_status = wbcRequestResponse(WINBINDD_DSGETDCNAME, - &request, - &response); - BAIL_ON_WBC_ERROR(wbc_status); - - if (dc_info) { - wbc_status = wbc_create_domain_controller_info_ex(NULL, - &response, - dc_info); - BAIL_ON_WBC_ERROR(wbc_status); - } - - wbc_status = WBC_ERR_SUCCESS; -done: - return wbc_status; -} - -/* Initialize a named blob and add to list of blobs */ -wbcErr wbcAddNamedBlob(size_t *num_blobs, - struct wbcNamedBlob **blobs, - const char *name, - uint32_t flags, - uint8_t *data, - size_t length) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct wbcNamedBlob blob; - - *blobs = talloc_realloc(NULL, *blobs, struct wbcNamedBlob, - *(num_blobs)+1); - BAIL_ON_PTR_ERROR(*blobs, wbc_status); - - blob.name = talloc_strdup(*blobs, name); - BAIL_ON_PTR_ERROR(blob.name, wbc_status); - blob.flags = flags; - blob.blob.length = length; - blob.blob.data = (uint8_t *)talloc_memdup(*blobs, data, length); - BAIL_ON_PTR_ERROR(blob.blob.data, wbc_status); - - (*(blobs))[*num_blobs] = blob; - *(num_blobs) += 1; - - wbc_status = WBC_ERR_SUCCESS; -done: - if (!WBC_ERROR_IS_OK(wbc_status) && blobs) { - wbcFreeMemory(*blobs); - } - return wbc_status; -} diff --git a/source3/nsswitch/libwbclient/wbclient.c b/source3/nsswitch/libwbclient/wbclient.c deleted file mode 100644 index 3a9afad15d..0000000000 --- a/source3/nsswitch/libwbclient/wbclient.c +++ /dev/null @@ -1,159 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind client API - - Copyright (C) Gerald (Jerry) Carter 2007 - - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 3 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -/* Required Headers */ - -#include "libwbclient.h" - -/* From wb_common.c */ - -NSS_STATUS winbindd_request_response(int req_type, - struct winbindd_request *request, - struct winbindd_response *response); - -/** @brief Wrapper around Winbind's send/receive API call - * - * @param cmd Winbind command operation to perform - * @param request Send structure - * @param response Receive structure - * - * @return #wbcErr - **/ - -/********************************************************************** - result == NSS_STATUS_UNAVAIL: winbind not around - result == NSS_STATUS_NOTFOUND: winbind around, but domain missing - - Due to a bad API NSS_STATUS_NOTFOUND is returned both when winbind_off - and when winbind return WINBINDD_ERROR. So the semantics of this - routine depends on winbind_on. Grepping for winbind_off I just - found 3 places where winbind is turned off, and this does not conflict - (as far as I have seen) with the callers of is_trusted_domains. - - --Volker -**********************************************************************/ - -wbcErr wbcRequestResponse(int cmd, - struct winbindd_request *request, - struct winbindd_response *response) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - NSS_STATUS nss_status; - - /* for some calls the request and/or response can be NULL */ - - nss_status = winbindd_request_response(cmd, request, response); - - switch (nss_status) { - case NSS_STATUS_SUCCESS: - wbc_status = WBC_ERR_SUCCESS; - break; - case NSS_STATUS_UNAVAIL: - wbc_status = WBC_ERR_WINBIND_NOT_AVAILABLE; - break; - case NSS_STATUS_NOTFOUND: - wbc_status = WBC_ERR_DOMAIN_NOT_FOUND; - break; - default: - wbc_status = WBC_ERR_NSS_ERROR; - break; - } - - return wbc_status; -} - -/** @brief Translate an error value into a string - * - * @param error - * - * @return a pointer to a static string - **/ -const char *wbcErrorString(wbcErr error) -{ - switch (error) { - case WBC_ERR_SUCCESS: - return "WBC_ERR_SUCCESS"; - case WBC_ERR_NOT_IMPLEMENTED: - return "WBC_ERR_NOT_IMPLEMENTED"; - case WBC_ERR_UNKNOWN_FAILURE: - return "WBC_ERR_UNKNOWN_FAILURE"; - case WBC_ERR_NO_MEMORY: - return "WBC_ERR_NO_MEMORY"; - case WBC_ERR_INVALID_SID: - return "WBC_ERR_INVALID_SID"; - case WBC_ERR_INVALID_PARAM: - return "WBC_ERR_INVALID_PARAM"; - case WBC_ERR_WINBIND_NOT_AVAILABLE: - return "WBC_ERR_WINBIND_NOT_AVAILABLE"; - case WBC_ERR_DOMAIN_NOT_FOUND: - return "WBC_ERR_DOMAIN_NOT_FOUND"; - case WBC_ERR_INVALID_RESPONSE: - return "WBC_ERR_INVALID_RESPONSE"; - case WBC_ERR_NSS_ERROR: - return "WBC_ERR_NSS_ERROR"; - case WBC_ERR_UNKNOWN_USER: - return "WBC_ERR_UNKNOWN_USER"; - case WBC_ERR_UNKNOWN_GROUP: - return "WBC_ERR_UNKNOWN_GROUP"; - case WBC_ERR_AUTH_ERROR: - return "WBC_ERR_AUTH_ERROR"; - case WBC_ERR_PWD_CHANGE_FAILED: - return "WBC_ERR_PWD_CHANGE_FAILED"; - } - - return "unknown wbcErr value"; -} - -/* Free library allocated memory */ -void wbcFreeMemory(void *p) -{ - if (p) - talloc_free(p); - - return; -} - -wbcErr wbcLibraryDetails(struct wbcLibraryDetails **_details) -{ - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct wbcLibraryDetails *info; - - info = talloc(NULL, struct wbcLibraryDetails); - BAIL_ON_PTR_ERROR(info, wbc_status); - - info->major_version = WBCLIENT_MAJOR_VERSION; - info->minor_version = WBCLIENT_MINOR_VERSION; - info->vendor_version = talloc_strdup(info, - WBCLIENT_VENDOR_VERSION); - BAIL_ON_PTR_ERROR(info->vendor_version, wbc_status); - - *_details = info; - info = NULL; - - wbc_status = WBC_ERR_SUCCESS; - -done: - talloc_free(info); - return wbc_status; -} - - diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h deleted file mode 100644 index fcad3ff69b..0000000000 --- a/source3/nsswitch/libwbclient/wbclient.h +++ /dev/null @@ -1,1187 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind client API - - Copyright (C) Gerald (Jerry) Carter 2007 - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 3 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#ifndef _WBCLIENT_H -#define _WBCLIENT_H - -#include <pwd.h> -#include <grp.h> - -/* Define error types */ - -/** - * @brief Status codes returned from wbc functions - **/ - -enum _wbcErrType { - WBC_ERR_SUCCESS = 0, /**< Successful completion **/ - WBC_ERR_NOT_IMPLEMENTED,/**< Function not implemented **/ - WBC_ERR_UNKNOWN_FAILURE,/**< General failure **/ - WBC_ERR_NO_MEMORY, /**< Memory allocation error **/ - WBC_ERR_INVALID_SID, /**< Invalid SID format **/ - WBC_ERR_INVALID_PARAM, /**< An Invalid parameter was supplied **/ - WBC_ERR_WINBIND_NOT_AVAILABLE, /**< Winbind daemon is not available **/ - WBC_ERR_DOMAIN_NOT_FOUND, /**< Domain is not trusted or cannot be found **/ - WBC_ERR_INVALID_RESPONSE, /**< Winbind returned an invalid response **/ - WBC_ERR_NSS_ERROR, /**< NSS_STATUS error **/ - WBC_ERR_AUTH_ERROR, /**< Authentication failed **/ - WBC_ERR_UNKNOWN_USER, /**< User account cannot be found */ - WBC_ERR_UNKNOWN_GROUP, /**< Group account cannot be found */ - WBC_ERR_PWD_CHANGE_FAILED /**< Password Change has failed */ -}; - -typedef enum _wbcErrType wbcErr; - -#define WBC_ERROR_IS_OK(x) ((x) == WBC_ERR_SUCCESS) - -const char *wbcErrorString(wbcErr error); - -/** - * @brief Some useful details about the wbclient library - * - * 0.1: Initial version - * 0.2: Added wbcRemoveUidMapping() - * Added wbcRemoveGidMapping() - **/ -#define WBCLIENT_MAJOR_VERSION 0 -#define WBCLIENT_MINOR_VERSION 2 -#define WBCLIENT_VENDOR_VERSION "Samba libwbclient" -struct wbcLibraryDetails { - uint16_t major_version; - uint16_t minor_version; - const char *vendor_version; -}; - -/** - * @brief Some useful details about the running winbindd - * - **/ -struct wbcInterfaceDetails { - uint32_t interface_version; - const char *winbind_version; - char winbind_separator; - const char *netbios_name; - const char *netbios_domain; - const char *dns_domain; -}; - -/* - * Data types used by the Winbind Client API - */ - -#ifndef WBC_MAXSUBAUTHS -#define WBC_MAXSUBAUTHS 15 /* max sub authorities in a SID */ -#endif - -/** - * @brief Windows Security Identifier - * - **/ - -struct wbcDomainSid { - uint8_t sid_rev_num; - uint8_t num_auths; - uint8_t id_auth[6]; - uint32_t sub_auths[WBC_MAXSUBAUTHS]; -}; - -/** - * @brief Security Identifier type - **/ - -enum wbcSidType { - WBC_SID_NAME_USE_NONE=0, - WBC_SID_NAME_USER=1, - WBC_SID_NAME_DOM_GRP=2, - WBC_SID_NAME_DOMAIN=3, - WBC_SID_NAME_ALIAS=4, - WBC_SID_NAME_WKN_GRP=5, - WBC_SID_NAME_DELETED=6, - WBC_SID_NAME_INVALID=7, - WBC_SID_NAME_UNKNOWN=8, - WBC_SID_NAME_COMPUTER=9 -}; - -/** - * @brief Security Identifier with attributes - **/ - -struct wbcSidWithAttr { - struct wbcDomainSid sid; - uint32_t attributes; -}; - -/* wbcSidWithAttr->attributes */ - -#define WBC_SID_ATTR_GROUP_MANDATORY 0x00000001 -#define WBC_SID_ATTR_GROUP_ENABLED_BY_DEFAULT 0x00000002 -#define WBC_SID_ATTR_GROUP_ENABLED 0x00000004 -#define WBC_SID_ATTR_GROUP_OWNER 0x00000008 -#define WBC_SID_ATTR_GROUP_USEFOR_DENY_ONLY 0x00000010 -#define WBC_SID_ATTR_GROUP_RESOURCE 0x20000000 -#define WBC_SID_ATTR_GROUP_LOGON_ID 0xC0000000 - -/** - * @brief Windows GUID - * - **/ - -struct wbcGuid { - uint32_t time_low; - uint16_t time_mid; - uint16_t time_hi_and_version; - uint8_t clock_seq[2]; - uint8_t node[6]; -}; - -/** - * @brief Domain Information - **/ - -struct wbcDomainInfo { - char *short_name; - char *dns_name; - struct wbcDomainSid sid; - uint32_t domain_flags; - uint32_t trust_flags; - uint32_t trust_type; -}; - -/* wbcDomainInfo->domain_flags */ - -#define WBC_DOMINFO_DOMAIN_UNKNOWN 0x00000000 -#define WBC_DOMINFO_DOMAIN_NATIVE 0x00000001 -#define WBC_DOMINFO_DOMAIN_AD 0x00000002 -#define WBC_DOMINFO_DOMAIN_PRIMARY 0x00000004 -#define WBC_DOMINFO_DOMAIN_OFFLINE 0x00000008 - -/* wbcDomainInfo->trust_flags */ - -#define WBC_DOMINFO_TRUST_TRANSITIVE 0x00000001 -#define WBC_DOMINFO_TRUST_INCOMING 0x00000002 -#define WBC_DOMINFO_TRUST_OUTGOING 0x00000004 - -/* wbcDomainInfo->trust_type */ - -#define WBC_DOMINFO_TRUSTTYPE_NONE 0x00000000 -#define WBC_DOMINFO_TRUSTTYPE_FOREST 0x00000001 -#define WBC_DOMINFO_TRUSTTYPE_IN_FOREST 0x00000002 -#define WBC_DOMINFO_TRUSTTYPE_EXTERNAL 0x00000003 - - -/** - * @brief Auth User Parameters - **/ - -struct wbcAuthUserParams { - const char *account_name; - const char *domain_name; - const char *workstation_name; - - uint32_t flags; - - uint32_t parameter_control; - - enum wbcAuthUserLevel { - WBC_AUTH_USER_LEVEL_PLAIN = 1, - WBC_AUTH_USER_LEVEL_HASH = 2, - WBC_AUTH_USER_LEVEL_RESPONSE = 3 - } level; - union { - const char *plaintext; - struct { - uint8_t nt_hash[16]; - uint8_t lm_hash[16]; - } hash; - struct { - uint8_t challenge[8]; - uint32_t nt_length; - uint8_t *nt_data; - uint32_t lm_length; - uint8_t *lm_data; - } response; - } password; -}; - -/** - * @brief Generic Blob - **/ - -struct wbcBlob { - uint8_t *data; - size_t length; -}; - -/** - * @brief Named Blob - **/ - -struct wbcNamedBlob { - const char *name; - uint32_t flags; - struct wbcBlob blob; -}; - -/** - * @brief Logon User Parameters - **/ - -struct wbcLogonUserParams { - const char *username; - const char *password; - size_t num_blobs; - struct wbcNamedBlob *blobs; -}; - -/** - * @brief ChangePassword Parameters - **/ - -struct wbcChangePasswordParams { - const char *account_name; - const char *domain_name; - - uint32_t flags; - - enum wbcChangePasswordLevel { - WBC_CHANGE_PASSWORD_LEVEL_PLAIN = 1, - WBC_CHANGE_PASSWORD_LEVEL_RESPONSE = 2 - } level; - - union { - const char *plaintext; - struct { - uint32_t old_nt_hash_enc_length; - uint8_t *old_nt_hash_enc_data; - uint32_t old_lm_hash_enc_length; - uint8_t *old_lm_hash_enc_data; - } response; - } old_password; - union { - const char *plaintext; - struct { - uint32_t nt_length; - uint8_t *nt_data; - uint32_t lm_length; - uint8_t *lm_data; - } response; - } new_password; -}; - -/* wbcAuthUserParams->parameter_control */ - -#define WBC_MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x00000002 -#define WBC_MSV1_0_UPDATE_LOGON_STATISTICS 0x00000004 -#define WBC_MSV1_0_RETURN_USER_PARAMETERS 0x00000008 -#define WBC_MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x00000020 -#define WBC_MSV1_0_RETURN_PROFILE_PATH 0x00000200 -#define WBC_MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x00000800 - -/* wbcAuthUserParams->flags */ - -#define WBC_AUTH_PARAM_FLAGS_INTERACTIVE_LOGON 0x00000001 - -/** - * @brief Auth User Information - * - * Some of the strings are maybe NULL - **/ - -struct wbcAuthUserInfo { - uint32_t user_flags; - - char *account_name; - char *user_principal; - char *full_name; - char *domain_name; - char *dns_domain_name; - - uint32_t acct_flags; - uint8_t user_session_key[16]; - uint8_t lm_session_key[8]; - - uint16_t logon_count; - uint16_t bad_password_count; - - uint64_t logon_time; - uint64_t logoff_time; - uint64_t kickoff_time; - uint64_t pass_last_set_time; - uint64_t pass_can_change_time; - uint64_t pass_must_change_time; - - char *logon_server; - char *logon_script; - char *profile_path; - char *home_directory; - char *home_drive; - - /* - * the 1st one is the account sid - * the 2nd one is the primary_group sid - * followed by the rest of the groups - */ - uint32_t num_sids; - struct wbcSidWithAttr *sids; -}; - -/** - * @brief Logon User Information - * - * Some of the strings are maybe NULL - **/ - -struct wbcLogonUserInfo { - struct wbcAuthUserInfo *info; - size_t num_blobs; - struct wbcNamedBlob *blobs; -}; - -/* wbcAuthUserInfo->user_flags */ - -#define WBC_AUTH_USER_INFO_GUEST 0x00000001 -#define WBC_AUTH_USER_INFO_NOENCRYPTION 0x00000002 -#define WBC_AUTH_USER_INFO_CACHED_ACCOUNT 0x00000004 -#define WBC_AUTH_USER_INFO_USED_LM_PASSWORD 0x00000008 -#define WBC_AUTH_USER_INFO_EXTRA_SIDS 0x00000020 -#define WBC_AUTH_USER_INFO_SUBAUTH_SESSION_KEY 0x00000040 -#define WBC_AUTH_USER_INFO_SERVER_TRUST_ACCOUNT 0x00000080 -#define WBC_AUTH_USER_INFO_NTLMV2_ENABLED 0x00000100 -#define WBC_AUTH_USER_INFO_RESOURCE_GROUPS 0x00000200 -#define WBC_AUTH_USER_INFO_PROFILE_PATH_RETURNED 0x00000400 -#define WBC_AUTH_USER_INFO_GRACE_LOGON 0x01000000 - -/* wbcAuthUserInfo->acct_flags */ - -#define WBC_ACB_DISABLED 0x00000001 /* 1 User account disabled */ -#define WBC_ACB_HOMDIRREQ 0x00000002 /* 1 Home directory required */ -#define WBC_ACB_PWNOTREQ 0x00000004 /* 1 User password not required */ -#define WBC_ACB_TEMPDUP 0x00000008 /* 1 Temporary duplicate account */ -#define WBC_ACB_NORMAL 0x00000010 /* 1 Normal user account */ -#define WBC_ACB_MNS 0x00000020 /* 1 MNS logon user account */ -#define WBC_ACB_DOMTRUST 0x00000040 /* 1 Interdomain trust account */ -#define WBC_ACB_WSTRUST 0x00000080 /* 1 Workstation trust account */ -#define WBC_ACB_SVRTRUST 0x00000100 /* 1 Server trust account */ -#define WBC_ACB_PWNOEXP 0x00000200 /* 1 User password does not expire */ -#define WBC_ACB_AUTOLOCK 0x00000400 /* 1 Account auto locked */ -#define WBC_ACB_ENC_TXT_PWD_ALLOWED 0x00000800 /* 1 Encryped text password is allowed */ -#define WBC_ACB_SMARTCARD_REQUIRED 0x00001000 /* 1 Smart Card required */ -#define WBC_ACB_TRUSTED_FOR_DELEGATION 0x00002000 /* 1 Trusted for Delegation */ -#define WBC_ACB_NOT_DELEGATED 0x00004000 /* 1 Not delegated */ -#define WBC_ACB_USE_DES_KEY_ONLY 0x00008000 /* 1 Use DES key only */ -#define WBC_ACB_DONT_REQUIRE_PREAUTH 0x00010000 /* 1 Preauth not required */ -#define WBC_ACB_PW_EXPIRED 0x00020000 /* 1 Password Expired */ -#define WBC_ACB_NO_AUTH_DATA_REQD 0x00080000 /* 1 = No authorization data required */ - -struct wbcAuthErrorInfo { - uint32_t nt_status; - char *nt_string; - int32_t pam_error; - char *display_string; -}; - -/** - * @brief User Password Policy Information - **/ - -/* wbcUserPasswordPolicyInfo->password_properties */ - -#define WBC_DOMAIN_PASSWORD_COMPLEX 0x00000001 -#define WBC_DOMAIN_PASSWORD_NO_ANON_CHANGE 0x00000002 -#define WBC_DOMAIN_PASSWORD_NO_CLEAR_CHANGE 0x00000004 -#define WBC_DOMAIN_PASSWORD_LOCKOUT_ADMINS 0x00000008 -#define WBC_DOMAIN_PASSWORD_STORE_CLEARTEXT 0x00000010 -#define WBC_DOMAIN_REFUSE_PASSWORD_CHANGE 0x00000020 - -struct wbcUserPasswordPolicyInfo { - uint32_t min_length_password; - uint32_t password_history; - uint32_t password_properties; - uint64_t expire; - uint64_t min_passwordage; -}; - -/** - * @brief Change Password Reject Reason - **/ - -enum wbcPasswordChangeRejectReason { - WBC_PWD_CHANGE_REJECT_OTHER=0, - WBC_PWD_CHANGE_REJECT_TOO_SHORT=1, - WBC_PWD_CHANGE_REJECT_IN_HISTORY=2, - WBC_PWD_CHANGE_REJECT_COMPLEXITY=5 -}; - -/** - * @brief Logoff User Parameters - **/ - -struct wbcLogoffUserParams { - const char *username; - size_t num_blobs; - struct wbcNamedBlob *blobs; -}; - -/** @brief Credential cache log-on parameters - * - */ - -struct wbcCredentialCacheParams { - const char *account_name; - const char *domain_name; - enum wbcCredentialCacheLevel { - WBC_CREDENTIAL_CACHE_LEVEL_NTLMSSP = 1 - } level; - size_t num_blobs; - struct wbcNamedBlob *blobs; -}; - - -/** @brief Info returned by credential cache auth - * - */ - -struct wbcCredentialCacheInfo { - size_t num_blobs; - struct wbcNamedBlob *blobs; -}; - -/* - * DomainControllerInfo struct - */ -struct wbcDomainControllerInfo { - char *dc_name; -}; - -/* - * DomainControllerInfoEx struct - */ -struct wbcDomainControllerInfoEx { - const char *dc_unc; - const char *dc_address; - uint16_t dc_address_type; - struct wbcGuid *domain_guid; - const char *domain_name; - const char *forest_name; - uint32_t dc_flags; - const char *dc_site_name; - const char *client_site_name; -}; - -/********************************************************** - * Memory Management - **********************************************************/ - -/** - * @brief Free library allocated memory - * - * @param *p Pointer to free - * - * @return void - **/ -void wbcFreeMemory(void*); - - -/* - * Utility functions for dealing with SIDs - */ - -/** - * @brief Convert a binary SID to a character string - * - * @param sid Binary Security Identifier - * @param **sid_string Resulting character string - * - * @return #wbcErr - **/ -wbcErr wbcSidToString(const struct wbcDomainSid *sid, - char **sid_string); - -/** - * @brief Convert a character string to a binary SID - * - * @param *str Character string in the form of S-... - * @param sid Resulting binary SID - * - * @return #wbcErr - **/ -wbcErr wbcStringToSid(const char *sid_string, - struct wbcDomainSid *sid); - -/* - * Utility functions for dealing with GUIDs - */ - -/** - * @brief Convert a binary GUID to a character string - * - * @param guid Binary Guid - * @param **guid_string Resulting character string - * - * @return #wbcErr - **/ -wbcErr wbcGuidToString(const struct wbcGuid *guid, - char **guid_string); - -/** - * @brief Convert a character string to a binary GUID - * - * @param *str Character string - * @param guid Resulting binary GUID - * - * @return #wbcErr - **/ -wbcErr wbcStringToGuid(const char *guid_string, - struct wbcGuid *guid); - -/** - * @brief Ping winbindd to see if the daemon is running - * - * @return #wbcErr - **/ -wbcErr wbcPing(void); - -wbcErr wbcLibraryDetails(struct wbcLibraryDetails **details); - -wbcErr wbcInterfaceDetails(struct wbcInterfaceDetails **details); - -/********************************************************** - * Name/SID conversion - **********************************************************/ - -/** - * @brief Convert a domain and name to SID - * - * @param domain Domain name (possibly "") - * @param name User or group name - * @param *sid Pointer to the resolved domain SID - * @param *name_type Pointer to the SID type - * - * @return #wbcErr - **/ -wbcErr wbcLookupName(const char *dom_name, - const char *name, - struct wbcDomainSid *sid, - enum wbcSidType *name_type); - -/** - * @brief Convert a SID to a domain and name - * - * @param *sid Pointer to the domain SID to be resolved - * @param pdomain Resolved Domain name (possibly "") - * @param pname Resolved User or group name - * @param *pname_type Pointer to the resolved SID type - * - * @return #wbcErr - **/ -wbcErr wbcLookupSid(const struct wbcDomainSid *sid, - char **domain, - char **name, - enum wbcSidType *name_type); - -/** - * @brief Translate a collection of RIDs within a domain to names - */ -wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, - int num_rids, - uint32_t *rids, - const char **domain_name, - const char ***names, - enum wbcSidType **types); - -/* - * @brief Get the groups a user belongs to - **/ -wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, - bool domain_groups_only, - uint32_t *num_sids, - struct wbcDomainSid **sids); - -/** - * @brief Lists Users - **/ -wbcErr wbcListUsers(const char *domain_name, - uint32_t *num_users, - const char ***users); - -/** - * @brief Lists Groups - **/ -wbcErr wbcListGroups(const char *domain_name, - uint32_t *num_groups, - const char ***groups); - -wbcErr wbcGetDisplayName(const struct wbcDomainSid *sid, - char **pdomain, - char **pfullname, - enum wbcSidType *pname_type); - -/********************************************************** - * SID/uid/gid Mappings - **********************************************************/ - -/** - * @brief Convert a Windows SID to a Unix uid, allocating an uid if needed - * - * @param *sid Pointer to the domain SID to be resolved - * @param *puid Pointer to the resolved uid_t value - * - * @return #wbcErr - * - **/ -wbcErr wbcSidToUid(const struct wbcDomainSid *sid, - uid_t *puid); - -/** - * @brief Convert a Windows SID to a Unix uid if there already is a mapping - * - * @param *sid Pointer to the domain SID to be resolved - * @param *puid Pointer to the resolved uid_t value - * - * @return #wbcErr - * - **/ -wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid, - uid_t *puid); - -/** - * @brief Convert a Unix uid to a Windows SID, allocating a SID if needed - * - * @param uid Unix uid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ -wbcErr wbcUidToSid(uid_t uid, - struct wbcDomainSid *sid); - -/** - * @brief Convert a Unix uid to a Windows SID if there already is a mapping - * - * @param uid Unix uid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ -wbcErr wbcQueryUidToSid(uid_t uid, - struct wbcDomainSid *sid); - -/** - * @brief Convert a Windows SID to a Unix gid, allocating a gid if needed - * - * @param *sid Pointer to the domain SID to be resolved - * @param *pgid Pointer to the resolved gid_t value - * - * @return #wbcErr - * - **/ -wbcErr wbcSidToGid(const struct wbcDomainSid *sid, - gid_t *pgid); - -/** - * @brief Convert a Windows SID to a Unix gid if there already is a mapping - * - * @param *sid Pointer to the domain SID to be resolved - * @param *pgid Pointer to the resolved gid_t value - * - * @return #wbcErr - * - **/ -wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid, - gid_t *pgid); - -/** - * @brief Convert a Unix gid to a Windows SID, allocating a SID if needed - * - * @param gid Unix gid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ -wbcErr wbcGidToSid(gid_t gid, - struct wbcDomainSid *sid); - -/** - * @brief Convert a Unix gid to a Windows SID if there already is a mapping - * - * @param gid Unix gid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ -wbcErr wbcQueryGidToSid(gid_t gid, - struct wbcDomainSid *sid); - -/** - * @brief Obtain a new uid from Winbind - * - * @param *puid *pointer to the allocated uid - * - * @return #wbcErr - **/ -wbcErr wbcAllocateUid(uid_t *puid); - -/** - * @brief Obtain a new gid from Winbind - * - * @param *pgid Pointer to the allocated gid - * - * @return #wbcErr - **/ -wbcErr wbcAllocateGid(gid_t *pgid); - -/** - * @brief Set an user id mapping - * - * @param uid Uid of the desired mapping. - * @param *sid Pointer to the sid of the diresired mapping. - * - * @return #wbcErr - **/ -wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid); - -/** - * @brief Set a group id mapping - * - * @param gid Gid of the desired mapping. - * @param *sid Pointer to the sid of the diresired mapping. - * - * @return #wbcErr - **/ -wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid); - -/** - * @brief Remove a user id mapping - * - * @param uid Uid of the mapping to remove. - * @param *sid Pointer to the sid of the mapping to remove. - * - * @return #wbcErr - **/ -wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid); - -/** - * @brief Remove a group id mapping - * - * @param gid Gid of the mapping to remove. - * @param *sid Pointer to the sid of the mapping to remove. - * - * @return #wbcErr - **/ -wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid); - -/** - * @brief Set the highwater mark for allocated uids. - * - * @param uid_hwm The new uid highwater mark value - * - * @return #wbcErr - **/ -wbcErr wbcSetUidHwm(uid_t uid_hwm); - -/** - * @brief Set the highwater mark for allocated gids. - * - * @param gid_hwm The new gid highwater mark value - * - * @return #wbcErr - **/ -wbcErr wbcSetGidHwm(gid_t gid_hwm); - -/********************************************************** - * NSS Lookup User/Group details - **********************************************************/ - -/** - * @brief Fill in a struct passwd* for a domain user based - * on username - * - * @param *name Username to lookup - * @param **pwd Pointer to resulting struct passwd* from the query. - * - * @return #wbcErr - **/ -wbcErr wbcGetpwnam(const char *name, struct passwd **pwd); - -/** - * @brief Fill in a struct passwd* for a domain user based - * on uid - * - * @param uid Uid to lookup - * @param **pwd Pointer to resulting struct passwd* from the query. - * - * @return #wbcErr - **/ -wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd); - -/** - * @brief Fill in a struct passwd* for a domain user based - * on username - * - * @param *name Username to lookup - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ -wbcErr wbcGetgrnam(const char *name, struct group **grp); - -/** - * @brief Fill in a struct passwd* for a domain user based - * on uid - * - * @param gid Uid to lookup - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ -wbcErr wbcGetgrgid(gid_t gid, struct group **grp); - -/** - * @brief Reset the passwd iterator - * - * @return #wbcErr - **/ -wbcErr wbcSetpwent(void); - -/** - * @brief Close the passwd iterator - * - * @return #wbcErr - **/ -wbcErr wbcEndpwent(void); - -/** - * @brief Return the next struct passwd* entry from the pwent iterator - * - * @param **pwd Pointer to resulting struct passwd* from the query. - * - * @return #wbcErr - **/ -wbcErr wbcGetpwent(struct passwd **pwd); - -/** - * @brief Reset the group iterator - * - * @return #wbcErr - **/ -wbcErr wbcSetgrent(void); - -/** - * @brief Close the group iterator - * - * @return #wbcErr - **/ -wbcErr wbcEndgrent(void); - -/** - * @brief Return the next struct group* entry from the pwent iterator - * - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ -wbcErr wbcGetgrent(struct group **grp); - -/** - * @brief Return the next struct group* entry from the pwent iterator - * - * This is similar to #wbcGetgrent, just that the member list is empty - * - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ -wbcErr wbcGetgrlist(struct group **grp); - -/** - * @brief Return the unix group array belonging to the given user - * - * @param *account The given user name - * @param *num_groups Number of elements returned in the groups array - * @param **_groups Pointer to resulting gid_t array. - * - * @return #wbcErr - **/ -wbcErr wbcGetGroups(const char *account, - uint32_t *num_groups, - gid_t **_groups); - - -/********************************************************** - * Lookup Domain information - **********************************************************/ - -/** - * @brief Lookup the current status of a trusted domain - * - * @param domain Domain to query - * @param *dinfo Pointer to returned domain_info struct - * - * @return #wbcErr - **/ -wbcErr wbcDomainInfo(const char *domain, - struct wbcDomainInfo **info); - -/** - * @brief Enumerate the domain trusts known by Winbind - * - * @param **domains Pointer to the allocated domain list array - * @param *num_domains Pointer to number of domains returned - * - * @return #wbcErr - **/ -wbcErr wbcListTrusts(struct wbcDomainInfo **domains, - size_t *num_domains); - -/* Flags for wbcLookupDomainController */ - -#define WBC_LOOKUP_DC_FORCE_REDISCOVERY 0x00000001 -#define WBC_LOOKUP_DC_DS_REQUIRED 0x00000010 -#define WBC_LOOKUP_DC_DS_PREFERRED 0x00000020 -#define WBC_LOOKUP_DC_GC_SERVER_REQUIRED 0x00000040 -#define WBC_LOOKUP_DC_PDC_REQUIRED 0x00000080 -#define WBC_LOOKUP_DC_BACKGROUND_ONLY 0x00000100 -#define WBC_LOOKUP_DC_IP_REQUIRED 0x00000200 -#define WBC_LOOKUP_DC_KDC_REQUIRED 0x00000400 -#define WBC_LOOKUP_DC_TIMESERV_REQUIRED 0x00000800 -#define WBC_LOOKUP_DC_WRITABLE_REQUIRED 0x00001000 -#define WBC_LOOKUP_DC_GOOD_TIMESERV_PREFERRED 0x00002000 -#define WBC_LOOKUP_DC_AVOID_SELF 0x00004000 -#define WBC_LOOKUP_DC_ONLY_LDAP_NEEDED 0x00008000 -#define WBC_LOOKUP_DC_IS_FLAT_NAME 0x00010000 -#define WBC_LOOKUP_DC_IS_DNS_NAME 0x00020000 -#define WBC_LOOKUP_DC_TRY_NEXTCLOSEST_SITE 0x00040000 -#define WBC_LOOKUP_DC_DS_6_REQUIRED 0x00080000 -#define WBC_LOOKUP_DC_RETURN_DNS_NAME 0x40000000 -#define WBC_LOOKUP_DC_RETURN_FLAT_NAME 0x80000000 - -/** - * @brief Enumerate the domain trusts known by Winbind - * - * @param domain Name of the domain to query for a DC - * @param flags Bit flags used to control the domain location query - * @param *dc_info Pointer to the returned domain controller information - * - * @return #wbcErr - **/ -wbcErr wbcLookupDomainController(const char *domain, - uint32_t flags, - struct wbcDomainControllerInfo **dc_info); - -/** - * @brief Get extended domain controller information - * - * @param domain Name of the domain to query for a DC - * @param guid Guid of the domain to query for a DC - * @param site Site of the domain to query for a DC - * @param flags Bit flags used to control the domain location query - * @param *dc_info Pointer to the returned extended domain controller information - * - * @return #wbcErr - **/ -wbcErr wbcLookupDomainControllerEx(const char *domain, - struct wbcGuid *guid, - const char *site, - uint32_t flags, - struct wbcDomainControllerInfoEx **dc_info); - -/********************************************************** - * Athenticate functions - **********************************************************/ - -/** - * @brief Authenticate a username/password pair - * - * @param username Name of user to authenticate - * @param password Clear text password os user - * - * @return #wbcErr - **/ -wbcErr wbcAuthenticateUser(const char *username, - const char *password); - -/** - * @brief Authenticate with more detailed information - * - * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH - * is not supported yet - * @param info Output details on WBC_ERR_SUCCESS - * @param error Output details on WBC_ERR_AUTH_ERROR - * - * @return #wbcErr - **/ -wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, - struct wbcAuthUserInfo **info, - struct wbcAuthErrorInfo **error); - -/** - * @brief Logon a User - * - * @param[in] params Pointer to a wbcLogonUserParams structure - * @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure - * @param[out] error Pointer to a pointer to a wbcAuthErrorInfo structure - * @param[out] policy Pointer to a pointer to a wbcUserPasswordPolicyInfo structure - * - * @return #wbcErr - **/ -wbcErr wbcLogonUser(const struct wbcLogonUserParams *params, - struct wbcLogonUserInfo **info, - struct wbcAuthErrorInfo **error, - struct wbcUserPasswordPolicyInfo **policy); - -/** - * @brief Trigger a logoff notification to Winbind for a specific user - * - * @param username Name of user to remove from Winbind's list of - * logged on users. - * @param uid Uid assigned to the username - * @param ccfilename Absolute path to the Krb5 credentials cache to - * be removed - * - * @return #wbcErr - **/ -wbcErr wbcLogoffUser(const char *username, - uid_t uid, - const char *ccfilename); - -/** - * @brief Trigger an extended logoff notification to Winbind for a specific user - * - * @param params A wbcLogoffUserParams structure - * @param error User output details on error - * - * @return #wbcErr - **/ -wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, - struct wbcAuthErrorInfo **error); - -/** - * @brief Change a password for a user - * - * @param username Name of user to authenticate - * @param old_password Old clear text password of user - * @param new_password New clear text password of user - * - * @return #wbcErr - **/ -wbcErr wbcChangeUserPassword(const char *username, - const char *old_password, - const char *new_password); - -/** - * @brief Change a password for a user with more detailed information upon - * failure - * - * @param params Input parameters - * @param error User output details on WBC_ERR_PWD_CHANGE_FAILED - * @param reject_reason New password reject reason on WBC_ERR_PWD_CHANGE_FAILED - * @param policy Password policy output details on WBC_ERR_PWD_CHANGE_FAILED - * - * @return #wbcErr - **/ -wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, - struct wbcAuthErrorInfo **error, - enum wbcPasswordChangeRejectReason *reject_reason, - struct wbcUserPasswordPolicyInfo **policy); - -/** - * @brief Authenticate a user with cached credentials - * - * @param *params Pointer to a wbcCredentialCacheParams structure - * @param **info Pointer to a pointer to a wbcCredentialCacheInfo structure - * @param **error Pointer to a pointer to a wbcAuthErrorInfo structure - * - * @return #wbcErr - **/ -wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params, - struct wbcCredentialCacheInfo **info, - struct wbcAuthErrorInfo **error); - -/********************************************************** - * Resolve functions - **********************************************************/ - -/** - * @brief Resolve a NetbiosName via WINS - * - * @param name Name to resolve - * @param *ip Pointer to the ip address string - * - * @return #wbcErr - **/ -wbcErr wbcResolveWinsByName(const char *name, char **ip); - -/** - * @brief Resolve an IP address via WINS into a NetbiosName - * - * @param ip The ip address string - * @param *name Pointer to the name - * - * @return #wbcErr - * - **/ -wbcErr wbcResolveWinsByIP(const char *ip, char **name); - -/********************************************************** - * Trusted domain functions - **********************************************************/ - -/** - * @brief Trigger a verification of the trust credentials of a specific domain - * - * @param *domain The name of the domain, only NULL for the default domain is - * supported yet. Other values than NULL will result in - * WBC_ERR_NOT_IMPLEMENTED. - * @param error Output details on WBC_ERR_AUTH_ERROR - * - * @return #wbcErr - **/ -wbcErr wbcCheckTrustCredentials(const char *domain, - struct wbcAuthErrorInfo **error); - -/********************************************************** - * Helper functions - **********************************************************/ - -/** - * @brief Initialize a named blob and add to list of blobs - * - * @param[in,out] num_blobs Pointer to the number of blobs - * @param[in,out] blobs Pointer to an array of blobs - * @param[in] name Name of the new named blob - * @param[in] flags Flags of the new named blob - * @param[in] data Blob data of new blob - * @param[in] length Blob data length of new blob - * - * @return #wbcErr - **/ -wbcErr wbcAddNamedBlob(size_t *num_blobs, - struct wbcNamedBlob **blobs, - const char *name, - uint32_t flags, - uint8_t *data, - size_t length); - -#endif /* _WBCLIENT_H */ diff --git a/source3/nsswitch/libwbclient/wbclient_internal.h b/source3/nsswitch/libwbclient/wbclient_internal.h deleted file mode 100644 index fc03c5409b..0000000000 --- a/source3/nsswitch/libwbclient/wbclient_internal.h +++ /dev/null @@ -1,32 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind client API - - Copyright (C) Gerald (Jerry) Carter 2007 - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 3 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#ifndef _WBCLIENT_INTERNAL_H -#define _WBCLIENT_INTERNAL_H - -/* Private functions */ - -wbcErr wbcRequestResponse(int cmd, - struct winbindd_request *request, - struct winbindd_response *response); - - -#endif /* _WBCLIENT_INTERNAL_H */ |