summaryrefslogtreecommitdiff
path: root/source3/nsswitch/libwbclient
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2008-12-17 07:17:54 +1100
committerAndrew Tridgell <tridge@samba.org>2008-12-17 07:17:54 +1100
commit1b3a084d60cc0004f84bc56dedbe1d87cda2a8b3 (patch)
treecee337a9c93890605fb12490faec2a7f0b2188d8 /source3/nsswitch/libwbclient
parente294c4799bf6ad8da043aadf8341391644147056 (diff)
parent54dc421f5820099531a77879f52a904c2fefcf49 (diff)
downloadsamba-1b3a084d60cc0004f84bc56dedbe1d87cda2a8b3.tar.gz
samba-1b3a084d60cc0004f84bc56dedbe1d87cda2a8b3.tar.bz2
samba-1b3a084d60cc0004f84bc56dedbe1d87cda2a8b3.zip
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Diffstat (limited to 'source3/nsswitch/libwbclient')
-rw-r--r--source3/nsswitch/libwbclient/Doxyfile1297
-rw-r--r--source3/nsswitch/libwbclient/libwbclient.h46
-rw-r--r--source3/nsswitch/libwbclient/wbc_err_internal.h45
-rw-r--r--source3/nsswitch/libwbclient/wbc_guid.c104
-rw-r--r--source3/nsswitch/libwbclient/wbc_idmap.c468
-rw-r--r--source3/nsswitch/libwbclient/wbc_pam.c1034
-rw-r--r--source3/nsswitch/libwbclient/wbc_pwd.c571
-rw-r--r--source3/nsswitch/libwbclient/wbc_sid.c672
-rw-r--r--source3/nsswitch/libwbclient/wbc_util.c672
-rw-r--r--source3/nsswitch/libwbclient/wbclient.c159
-rw-r--r--source3/nsswitch/libwbclient/wbclient.h1187
-rw-r--r--source3/nsswitch/libwbclient/wbclient_internal.h32
12 files changed, 0 insertions, 6287 deletions
diff --git a/source3/nsswitch/libwbclient/Doxyfile b/source3/nsswitch/libwbclient/Doxyfile
deleted file mode 100644
index e12c2b06f0..0000000000
--- a/source3/nsswitch/libwbclient/Doxyfile
+++ /dev/null
@@ -1,1297 +0,0 @@
-# Doxyfile 1.5.3
-
-# This file describes the settings to be used by the documentation system
-# doxygen (www.doxygen.org) for a project
-#
-# All text after a hash (#) is considered a comment and will be ignored
-# The format is:
-# TAG = value [value, ...]
-# For lists items can also be appended using:
-# TAG += value [value, ...]
-# Values that contain spaces should be placed between quotes (" ")
-
-#---------------------------------------------------------------------------
-# Project related configuration options
-#---------------------------------------------------------------------------
-
-# This tag specifies the encoding used for all characters in the config file that
-# follow. The default is UTF-8 which is also the encoding used for all text before
-# the first occurrence of this tag. Doxygen uses libiconv (or the iconv built into
-# libc) for the transcoding. See http://www.gnu.org/software/libiconv for the list of
-# possible encodings.
-
-DOXYFILE_ENCODING = UTF-8
-
-# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
-# by quotes) that should identify the project.
-
-PROJECT_NAME = Samba
-
-# The PROJECT_NUMBER tag can be used to enter a project or revision number.
-# This could be handy for archiving the generated documentation or
-# if some version control system is used.
-
-PROJECT_NUMBER = HEAD
-
-# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
-# base path where the generated documentation will be put.
-# If a relative path is entered, it will be relative to the location
-# where doxygen was started. If left blank the current directory will be used.
-
-OUTPUT_DIRECTORY = dox
-
-# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create
-# 4096 sub-directories (in 2 levels) under the output directory of each output
-# format and will distribute the generated files over these directories.
-# Enabling this option can be useful when feeding doxygen a huge amount of
-# source files, where putting all generated files in the same directory would
-# otherwise cause performance problems for the file system.
-
-CREATE_SUBDIRS = NO
-
-# The OUTPUT_LANGUAGE tag is used to specify the language in which all
-# documentation generated by doxygen is written. Doxygen will use this
-# information to generate all constant output in the proper language.
-# The default language is English, other supported languages are:
-# Afrikaans, Arabic, Brazilian, Catalan, Chinese, Chinese-Traditional,
-# Croatian, Czech, Danish, Dutch, Finnish, French, German, Greek, Hungarian,
-# Italian, Japanese, Japanese-en (Japanese with English messages), Korean,
-# Korean-en, Lithuanian, Norwegian, Polish, Portuguese, Romanian, Russian,
-# Serbian, Slovak, Slovene, Spanish, Swedish, and Ukrainian.
-
-OUTPUT_LANGUAGE = English
-
-# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will
-# include brief member descriptions after the members that are listed in
-# the file and class documentation (similar to JavaDoc).
-# Set to NO to disable this.
-
-BRIEF_MEMBER_DESC = YES
-
-# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend
-# the brief description of a member or function before the detailed description.
-# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the
-# brief descriptions will be completely suppressed.
-
-REPEAT_BRIEF = YES
-
-# This tag implements a quasi-intelligent brief description abbreviator
-# that is used to form the text in various listings. Each string
-# in this list, if found as the leading text of the brief description, will be
-# stripped from the text and the result after processing the whole list, is
-# used as the annotated text. Otherwise, the brief description is used as-is.
-# If left blank, the following values are used ("$name" is automatically
-# replaced with the name of the entity): "The $name class" "The $name widget"
-# "The $name file" "is" "provides" "specifies" "contains"
-# "represents" "a" "an" "the"
-
-ABBREVIATE_BRIEF =
-
-# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then
-# Doxygen will generate a detailed section even if there is only a brief
-# description.
-
-ALWAYS_DETAILED_SEC = NO
-
-# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all
-# inherited members of a class in the documentation of that class as if those
-# members were ordinary class members. Constructors, destructors and assignment
-# operators of the base classes will not be shown.
-
-INLINE_INHERITED_MEMB = NO
-
-# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full
-# path before files name in the file list and in the header files. If set
-# to NO the shortest path that makes the file name unique will be used.
-
-FULL_PATH_NAMES = YES
-
-# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag
-# can be used to strip a user-defined part of the path. Stripping is
-# only done if one of the specified strings matches the left-hand part of
-# the path. The tag can be used to show relative paths in the file list.
-# If left blank the directory from which doxygen is run is used as the
-# path to strip.
-
-STRIP_FROM_PATH = $(PWD)/
-
-# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of
-# the path mentioned in the documentation of a class, which tells
-# the reader which header file to include in order to use a class.
-# If left blank only the name of the header file containing the class
-# definition is used. Otherwise one should specify the include paths that
-# are normally passed to the compiler using the -I flag.
-
-STRIP_FROM_INC_PATH =
-
-# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter
-# (but less readable) file names. This can be useful is your file systems
-# doesn't support long names like on DOS, Mac, or CD-ROM.
-
-SHORT_NAMES = NO
-
-# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen
-# will interpret the first line (until the first dot) of a JavaDoc-style
-# comment as the brief description. If set to NO, the JavaDoc
-# comments will behave just like regular Qt-style comments
-# (thus requiring an explicit @brief command for a brief description.)
-
-JAVADOC_AUTOBRIEF = YES
-
-# If the QT_AUTOBRIEF tag is set to YES then Doxygen will
-# interpret the first line (until the first dot) of a Qt-style
-# comment as the brief description. If set to NO, the comments
-# will behave just like regular Qt-style comments (thus requiring
-# an explicit \brief command for a brief description.)
-
-QT_AUTOBRIEF = NO
-
-# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen
-# treat a multi-line C++ special comment block (i.e. a block of //! or ///
-# comments) as a brief description. This used to be the default behaviour.
-# The new default is to treat a multi-line C++ comment block as a detailed
-# description. Set this tag to YES if you prefer the old behaviour instead.
-
-MULTILINE_CPP_IS_BRIEF = NO
-
-# If the DETAILS_AT_TOP tag is set to YES then Doxygen
-# will output the detailed description near the top, like JavaDoc.
-# If set to NO, the detailed description appears after the member
-# documentation.
-
-DETAILS_AT_TOP = NO
-
-# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented
-# member inherits the documentation from any documented member that it
-# re-implements.
-
-INHERIT_DOCS = YES
-
-# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce
-# a new page for each member. If set to NO, the documentation of a member will
-# be part of the file/class/namespace that contains it.
-
-SEPARATE_MEMBER_PAGES = NO
-
-# The TAB_SIZE tag can be used to set the number of spaces in a tab.
-# Doxygen uses this value to replace tabs by spaces in code fragments.
-
-TAB_SIZE = 8
-
-# This tag can be used to specify a number of aliases that acts
-# as commands in the documentation. An alias has the form "name=value".
-# For example adding "sideeffect=\par Side Effects:\n" will allow you to
-# put the command \sideeffect (or @sideeffect) in the documentation, which
-# will result in a user-defined paragraph with heading "Side Effects:".
-# You can put \n's in the value part of an alias to insert newlines.
-
-ALIASES =
-
-# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C
-# sources only. Doxygen will then generate output that is more tailored for C.
-# For instance, some of the names that are used will be different. The list
-# of all members will be omitted, etc.
-
-OPTIMIZE_OUTPUT_FOR_C = YES
-
-# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java
-# sources only. Doxygen will then generate output that is more tailored for Java.
-# For instance, namespaces will be presented as packages, qualified scopes
-# will look different, etc.
-
-OPTIMIZE_OUTPUT_JAVA = NO
-
-# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want to
-# include (a tag file for) the STL sources as input, then you should
-# set this tag to YES in order to let doxygen match functions declarations and
-# definitions whose arguments contain STL classes (e.g. func(std::string); v.s.
-# func(std::string) {}). This also make the inheritance and collaboration
-# diagrams that involve STL classes more complete and accurate.
-
-BUILTIN_STL_SUPPORT = NO
-
-# If you use Microsoft's C++/CLI language, you should set this option to YES to
-# enable parsing support.
-
-CPP_CLI_SUPPORT = NO
-
-# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC
-# tag is set to YES, then doxygen will reuse the documentation of the first
-# member in the group (if any) for the other members of the group. By default
-# all members of a group must be documented explicitly.
-
-DISTRIBUTE_GROUP_DOC = NO
-
-# Set the SUBGROUPING tag to YES (the default) to allow class member groups of
-# the same type (for instance a group of public functions) to be put as a
-# subgroup of that type (e.g. under the Public Functions section). Set it to
-# NO to prevent subgrouping. Alternatively, this can be done per class using
-# the \nosubgrouping command.
-
-SUBGROUPING = YES
-
-#---------------------------------------------------------------------------
-# Build related configuration options
-#---------------------------------------------------------------------------
-
-# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in
-# documentation are documented, even if no documentation was available.
-# Private class members and static file members will be hidden unless
-# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES
-
-EXTRACT_ALL = YES
-
-# If the EXTRACT_PRIVATE tag is set to YES all private members of a class
-# will be included in the documentation.
-
-EXTRACT_PRIVATE = YES
-
-# If the EXTRACT_STATIC tag is set to YES all static members of a file
-# will be included in the documentation.
-
-EXTRACT_STATIC = YES
-
-# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs)
-# defined locally in source files will be included in the documentation.
-# If set to NO only classes defined in header files are included.
-
-EXTRACT_LOCAL_CLASSES = YES
-
-# This flag is only useful for Objective-C code. When set to YES local
-# methods, which are defined in the implementation section but not in
-# the interface are included in the documentation.
-# If set to NO (the default) only methods in the interface are included.
-
-EXTRACT_LOCAL_METHODS = NO
-
-# If this flag is set to YES, the members of anonymous namespaces will be extracted
-# and appear in the documentation as a namespace called 'anonymous_namespace{file}',
-# where file will be replaced with the base name of the file that contains the anonymous
-# namespace. By default anonymous namespace are hidden.
-
-EXTRACT_ANON_NSPACES = NO
-
-# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all
-# undocumented members of documented classes, files or namespaces.
-# If set to NO (the default) these members will be included in the
-# various overviews, but no documentation section is generated.
-# This option has no effect if EXTRACT_ALL is enabled.
-
-HIDE_UNDOC_MEMBERS = NO
-
-# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all
-# undocumented classes that are normally visible in the class hierarchy.
-# If set to NO (the default) these classes will be included in the various
-# overviews. This option has no effect if EXTRACT_ALL is enabled.
-
-HIDE_UNDOC_CLASSES = NO
-
-# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all
-# friend (class|struct|union) declarations.
-# If set to NO (the default) these declarations will be included in the
-# documentation.
-
-HIDE_FRIEND_COMPOUNDS = NO
-
-# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any
-# documentation blocks found inside the body of a function.
-# If set to NO (the default) these blocks will be appended to the
-# function's detailed documentation block.
-
-HIDE_IN_BODY_DOCS = NO
-
-# The INTERNAL_DOCS tag determines if documentation
-# that is typed after a \internal command is included. If the tag is set
-# to NO (the default) then the documentation will be excluded.
-# Set it to YES to include the internal documentation.
-
-INTERNAL_DOCS = YES
-
-# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate
-# file names in lower-case letters. If set to YES upper-case letters are also
-# allowed. This is useful if you have classes or files whose names only differ
-# in case and if your file system supports case sensitive file names. Windows
-# and Mac users are advised to set this option to NO.
-
-CASE_SENSE_NAMES = YES
-
-# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen
-# will show members with their full class and namespace scopes in the
-# documentation. If set to YES the scope will be hidden.
-
-HIDE_SCOPE_NAMES = YES
-
-# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen
-# will put a list of the files that are included by a file in the documentation
-# of that file.
-
-SHOW_INCLUDE_FILES = YES
-
-# If the INLINE_INFO tag is set to YES (the default) then a tag [inline]
-# is inserted in the documentation for inline members.
-
-INLINE_INFO = YES
-
-# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen
-# will sort the (detailed) documentation of file and class members
-# alphabetically by member name. If set to NO the members will appear in
-# declaration order.
-
-SORT_MEMBER_DOCS = NO
-
-# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the
-# brief documentation of file, namespace and class members alphabetically
-# by member name. If set to NO (the default) the members will appear in
-# declaration order.
-
-SORT_BRIEF_DOCS = NO
-
-# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be
-# sorted by fully-qualified names, including namespaces. If set to
-# NO (the default), the class list will be sorted only by class name,
-# not including the namespace part.
-# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.
-# Note: This option applies only to the class list, not to the
-# alphabetical list.
-
-SORT_BY_SCOPE_NAME = NO
-
-# The GENERATE_TODOLIST tag can be used to enable (YES) or
-# disable (NO) the todo list. This list is created by putting \todo
-# commands in the documentation.
-
-GENERATE_TODOLIST = YES
-
-# The GENERATE_TESTLIST tag can be used to enable (YES) or
-# disable (NO) the test list. This list is created by putting \test
-# commands in the documentation.
-
-GENERATE_TESTLIST = YES
-
-# The GENERATE_BUGLIST tag can be used to enable (YES) or
-# disable (NO) the bug list. This list is created by putting \bug
-# commands in the documentation.
-
-GENERATE_BUGLIST = YES
-
-# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or
-# disable (NO) the deprecated list. This list is created by putting
-# \deprecated commands in the documentation.
-
-GENERATE_DEPRECATEDLIST= YES
-
-# The ENABLED_SECTIONS tag can be used to enable conditional
-# documentation sections, marked by \if sectionname ... \endif.
-
-ENABLED_SECTIONS =
-
-# The MAX_INITIALIZER_LINES tag determines the maximum number of lines
-# the initial value of a variable or define consists of for it to appear in
-# the documentation. If the initializer consists of more lines than specified
-# here it will be hidden. Use a value of 0 to hide initializers completely.
-# The appearance of the initializer of individual variables and defines in the
-# documentation can be controlled using \showinitializer or \hideinitializer
-# command in the documentation regardless of this setting.
-
-MAX_INITIALIZER_LINES = 30
-
-# Set the SHOW_USED_FILES tag to NO to disable the list of files generated
-# at the bottom of the documentation of classes and structs. If set to YES the
-# list will mention the files that were used to generate the documentation.
-
-SHOW_USED_FILES = YES
-
-# If the sources in your project are distributed over multiple directories
-# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy
-# in the documentation. The default is NO.
-
-SHOW_DIRECTORIES = NO
-
-# The FILE_VERSION_FILTER tag can be used to specify a program or script that
-# doxygen should invoke to get the current version for each file (typically from the
-# version control system). Doxygen will invoke the program by executing (via
-# popen()) the command <command> <input-file>, where <command> is the value of
-# the FILE_VERSION_FILTER tag, and <input-file> is the name of an input file
-# provided by doxygen. Whatever the program writes to standard output
-# is used as the file version. See the manual for examples.
-
-FILE_VERSION_FILTER =
-
-#---------------------------------------------------------------------------
-# configuration options related to warning and progress messages
-#---------------------------------------------------------------------------
-
-# The QUIET tag can be used to turn on/off the messages that are generated
-# by doxygen. Possible values are YES and NO. If left blank NO is used.
-
-QUIET = YES
-
-# The WARNINGS tag can be used to turn on/off the warning messages that are
-# generated by doxygen. Possible values are YES and NO. If left blank
-# NO is used.
-
-WARNINGS = NO
-
-# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings
-# for undocumented members. If EXTRACT_ALL is set to YES then this flag will
-# automatically be disabled.
-
-WARN_IF_UNDOCUMENTED = NO
-
-# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for
-# potential errors in the documentation, such as not documenting some
-# parameters in a documented function, or documenting parameters that
-# don't exist or using markup commands wrongly.
-
-WARN_IF_DOC_ERROR = YES
-
-# This WARN_NO_PARAMDOC option can be abled to get warnings for
-# functions that are documented, but have no documentation for their parameters
-# or return value. If set to NO (the default) doxygen will only warn about
-# wrong or incomplete parameter documentation, but not about the absence of
-# documentation.
-
-WARN_NO_PARAMDOC = NO
-
-# The WARN_FORMAT tag determines the format of the warning messages that
-# doxygen can produce. The string should contain the $file, $line, and $text
-# tags, which will be replaced by the file and line number from which the
-# warning originated and the warning text. Optionally the format may contain
-# $version, which will be replaced by the version of the file (if it could
-# be obtained via FILE_VERSION_FILTER)
-
-WARN_FORMAT = "$file:$line: $text "
-
-# The WARN_LOGFILE tag can be used to specify a file to which warning
-# and error messages should be written. If left blank the output is written
-# to stderr.
-
-WARN_LOGFILE =
-
-#---------------------------------------------------------------------------
-# configuration options related to the input files
-#---------------------------------------------------------------------------
-
-# The INPUT tag can be used to specify the files and/or directories that contain
-# documented source files. You may enter file names like "myfile.cpp" or
-# directories like "/usr/src/myproject". Separate the files or directories
-# with spaces.
-
-INPUT = .
-
-# This tag can be used to specify the character encoding of the source files that
-# doxygen parses. Internally doxygen uses the UTF-8 encoding, which is also the default
-# input encoding. Doxygen uses libiconv (or the iconv built into libc) for the transcoding.
-# See http://www.gnu.org/software/libiconv for the list of possible encodings.
-
-INPUT_ENCODING = UTF-8
-
-# If the value of the INPUT tag contains directories, you can use the
-# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank the following patterns are tested:
-# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx
-# *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.py
-
-FILE_PATTERNS = *.c \
- *.h \
- *.idl
-
-# The RECURSIVE tag can be used to turn specify whether or not subdirectories
-# should be searched for input files as well. Possible values are YES and NO.
-# If left blank NO is used.
-
-RECURSIVE = YES
-
-# The EXCLUDE tag can be used to specify files and/or directories that should
-# excluded from the INPUT source files. This way you can easily exclude a
-# subdirectory from a directory tree whose root is specified with the INPUT tag.
-
-EXCLUDE = include/includes.h \
- include/proto.h
-
-# The EXCLUDE_SYMLINKS tag can be used select whether or not files or
-# directories that are symbolic links (a Unix filesystem feature) are excluded
-# from the input.
-
-EXCLUDE_SYMLINKS = NO
-
-# If the value of the INPUT tag contains directories, you can use the
-# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
-# certain files from those directories. Note that the wildcards are matched
-# against the file with absolute path, so to exclude all test directories
-# for example use the pattern */test/*
-
-EXCLUDE_PATTERNS =
-
-# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names
-# (namespaces, classes, functions, etc.) that should be excluded from the output.
-# The symbol name can be a fully qualified name, a word, or if the wildcard * is used,
-# a substring. Examples: ANamespace, AClass, AClass::ANamespace, ANamespace::*Test
-
-EXCLUDE_SYMBOLS =
-
-# The EXAMPLE_PATH tag can be used to specify one or more files or
-# directories that contain example code fragments that are included (see
-# the \include command).
-
-EXAMPLE_PATH =
-
-# If the value of the EXAMPLE_PATH tag contains directories, you can use the
-# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank all files are included.
-
-EXAMPLE_PATTERNS =
-
-# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
-# searched for input files to be used with the \include or \dontinclude
-# commands irrespective of the value of the RECURSIVE tag.
-# Possible values are YES and NO. If left blank NO is used.
-
-EXAMPLE_RECURSIVE = NO
-
-# The IMAGE_PATH tag can be used to specify one or more files or
-# directories that contain image that are included in the documentation (see
-# the \image command).
-
-IMAGE_PATH =
-
-# The INPUT_FILTER tag can be used to specify a program that doxygen should
-# invoke to filter for each input file. Doxygen will invoke the filter program
-# by executing (via popen()) the command <filter> <input-file>, where <filter>
-# is the value of the INPUT_FILTER tag, and <input-file> is the name of an
-# input file. Doxygen will then use the output that the filter program writes
-# to standard output. If FILTER_PATTERNS is specified, this tag will be
-# ignored.
-
-INPUT_FILTER =
-
-# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern
-# basis. Doxygen will compare the file name with each pattern and apply the
-# filter if there is a match. The filters are a list of the form:
-# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further
-# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER
-# is applied to all files.
-
-FILTER_PATTERNS =
-
-# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
-# INPUT_FILTER) will be used to filter the input files when producing source
-# files to browse (i.e. when SOURCE_BROWSER is set to YES).
-
-FILTER_SOURCE_FILES = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to source browsing
-#---------------------------------------------------------------------------
-
-# If the SOURCE_BROWSER tag is set to YES then a list of source files will
-# be generated. Documented entities will be cross-referenced with these sources.
-# Note: To get rid of all source code in the generated output, make sure also
-# VERBATIM_HEADERS is set to NO. If you have enabled CALL_GRAPH or CALLER_GRAPH
-# then you must also enable this option. If you don't then doxygen will produce
-# a warning and turn it on anyway
-
-SOURCE_BROWSER = YES
-
-# Setting the INLINE_SOURCES tag to YES will include the body
-# of functions and classes directly in the documentation.
-
-INLINE_SOURCES = YES
-
-# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct
-# doxygen to hide any special comment blocks from generated source code
-# fragments. Normal C and C++ comments will always remain visible.
-
-STRIP_CODE_COMMENTS = NO
-
-# If the REFERENCED_BY_RELATION tag is set to YES (the default)
-# then for each documented function all documented
-# functions referencing it will be listed.
-
-REFERENCED_BY_RELATION = YES
-
-# If the REFERENCES_RELATION tag is set to YES (the default)
-# then for each documented function all documented entities
-# called/used by that function will be listed.
-
-REFERENCES_RELATION = YES
-
-# If the REFERENCES_LINK_SOURCE tag is set to YES (the default)
-# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from
-# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will
-# link to the source code. Otherwise they will link to the documentstion.
-
-REFERENCES_LINK_SOURCE = YES
-
-# If the USE_HTAGS tag is set to YES then the references to source code
-# will point to the HTML generated by the htags(1) tool instead of doxygen
-# built-in source browser. The htags tool is part of GNU's global source
-# tagging system (see http://www.gnu.org/software/global/global.html). You
-# will need version 4.8.6 or higher.
-
-USE_HTAGS = NO
-
-# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen
-# will generate a verbatim copy of the header file for each class for
-# which an include is specified. Set to NO to disable this.
-
-VERBATIM_HEADERS = YES
-
-#---------------------------------------------------------------------------
-# configuration options related to the alphabetical class index
-#---------------------------------------------------------------------------
-
-# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index
-# of all compounds will be generated. Enable this if the project
-# contains a lot of classes, structs, unions or interfaces.
-
-ALPHABETICAL_INDEX = YES
-
-# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then
-# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns
-# in which this list will be split (can be a number in the range [1..20])
-
-COLS_IN_ALPHA_INDEX = 1
-
-# In case all classes in a project start with a common prefix, all
-# classes will be put under the same header in the alphabetical index.
-# The IGNORE_PREFIX tag can be used to specify one or more prefixes that
-# should be ignored while generating the index headers.
-
-IGNORE_PREFIX =
-
-#---------------------------------------------------------------------------
-# configuration options related to the HTML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_HTML tag is set to YES (the default) Doxygen will
-# generate HTML output.
-
-GENERATE_HTML = YES
-
-# The HTML_OUTPUT tag is used to specify where the HTML docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `html' will be used as the default path.
-
-HTML_OUTPUT = .
-
-# The HTML_FILE_EXTENSION tag can be used to specify the file extension for
-# each generated HTML page (for example: .htm,.php,.asp). If it is left blank
-# doxygen will generate files with .html extension.
-
-HTML_FILE_EXTENSION = .html
-
-# The HTML_HEADER tag can be used to specify a personal HTML header for
-# each generated HTML page. If it is left blank doxygen will generate a
-# standard header.
-
-HTML_HEADER =
-
-# The HTML_FOOTER tag can be used to specify a personal HTML footer for
-# each generated HTML page. If it is left blank doxygen will generate a
-# standard footer.
-
-HTML_FOOTER =
-
-# The HTML_STYLESHEET tag can be used to specify a user-defined cascading
-# style sheet that is used by each HTML page. It can be used to
-# fine-tune the look of the HTML output. If the tag is left blank doxygen
-# will generate a default style sheet. Note that doxygen will try to copy
-# the style sheet file to the HTML output directory, so don't put your own
-# stylesheet in the HTML output directory as well, or it will be erased!
-
-HTML_STYLESHEET =
-
-# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
-# files or namespaces will be aligned in HTML using tables. If set to
-# NO a bullet list will be used.
-
-HTML_ALIGN_MEMBERS = YES
-
-# If the GENERATE_HTMLHELP tag is set to YES, additional index files
-# will be generated that can be used as input for tools like the
-# Microsoft HTML help workshop to generate a compressed HTML help file (.chm)
-# of the generated HTML documentation.
-
-GENERATE_HTMLHELP = NO
-
-# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML
-# documentation will contain sections that can be hidden and shown after the
-# page has loaded. For this to work a browser that supports
-# JavaScript and DHTML is required (for instance Mozilla 1.0+, Firefox
-# Netscape 6.0+, Internet explorer 5.0+, Konqueror, or Safari).
-
-HTML_DYNAMIC_SECTIONS = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can
-# be used to specify the file name of the resulting .chm file. You
-# can add a path in front of the file if the result should not be
-# written to the html output directory.
-
-CHM_FILE =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can
-# be used to specify the location (absolute path including file name) of
-# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run
-# the HTML help compiler on the generated index.hhp.
-
-HHC_LOCATION =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag
-# controls if a separate .chi index file is generated (YES) or that
-# it should be included in the master .chm file (NO).
-
-GENERATE_CHI = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag
-# controls whether a binary table of contents is generated (YES) or a
-# normal table of contents (NO) in the .chm file.
-
-BINARY_TOC = NO
-
-# The TOC_EXPAND flag can be set to YES to add extra items for group members
-# to the contents of the HTML help documentation and to the tree view.
-
-TOC_EXPAND = NO
-
-# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
-# top of each HTML page. The value NO (the default) enables the index and
-# the value YES disables it.
-
-DISABLE_INDEX = NO
-
-# This tag can be used to set the number of enum values (range [1..20])
-# that doxygen will group on one line in the generated HTML documentation.
-
-ENUM_VALUES_PER_LINE = 3
-
-# If the GENERATE_TREEVIEW tag is set to YES, a side panel will be
-# generated containing a tree-like index structure (just like the one that
-# is generated for HTML Help). For this to work a browser that supports
-# JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+,
-# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are
-# probably better off using the HTML help feature.
-
-GENERATE_TREEVIEW = NO
-
-# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
-# used to set the initial width (in pixels) of the frame in which the tree
-# is shown.
-
-TREEVIEW_WIDTH = 250
-
-#---------------------------------------------------------------------------
-# configuration options related to the LaTeX output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
-# generate Latex output.
-
-GENERATE_LATEX = NO
-
-# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `latex' will be used as the default path.
-
-LATEX_OUTPUT = latex
-
-# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
-# invoked. If left blank `latex' will be used as the default command name.
-
-LATEX_CMD_NAME = latex
-
-# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to
-# generate index for LaTeX. If left blank `makeindex' will be used as the
-# default command name.
-
-MAKEINDEX_CMD_NAME = makeindex
-
-# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact
-# LaTeX documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_LATEX = NO
-
-# The PAPER_TYPE tag can be used to set the paper type that is used
-# by the printer. Possible values are: a4, a4wide, letter, legal and
-# executive. If left blank a4wide will be used.
-
-PAPER_TYPE = a4wide
-
-# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX
-# packages that should be included in the LaTeX output.
-
-EXTRA_PACKAGES =
-
-# The LATEX_HEADER tag can be used to specify a personal LaTeX header for
-# the generated latex document. The header should contain everything until
-# the first chapter. If it is left blank doxygen will generate a
-# standard header. Notice: only use this tag if you know what you are doing!
-
-LATEX_HEADER =
-
-# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
-# is prepared for conversion to pdf (using ps2pdf). The pdf file will
-# contain links (just like the HTML output) instead of page references
-# This makes the output suitable for online browsing using a pdf viewer.
-
-PDF_HYPERLINKS = YES
-
-# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of
-# plain latex in the generated Makefile. Set this option to YES to get a
-# higher quality PDF documentation.
-
-USE_PDFLATEX = YES
-
-# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode.
-# command to the generated LaTeX files. This will instruct LaTeX to keep
-# running if errors occur, instead of asking the user for help.
-# This option is also used when generating formulas in HTML.
-
-LATEX_BATCHMODE = YES
-
-# If LATEX_HIDE_INDICES is set to YES then doxygen will not
-# include the index chapters (such as File Index, Compound Index, etc.)
-# in the output.
-
-LATEX_HIDE_INDICES = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the RTF output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output
-# The RTF output is optimized for Word 97 and may not look very pretty with
-# other RTF readers or editors.
-
-GENERATE_RTF = NO
-
-# The RTF_OUTPUT tag is used to specify where the RTF docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `rtf' will be used as the default path.
-
-RTF_OUTPUT = rtf
-
-# If the COMPACT_RTF tag is set to YES Doxygen generates more compact
-# RTF documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_RTF = NO
-
-# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated
-# will contain hyperlink fields. The RTF file will
-# contain links (just like the HTML output) instead of page references.
-# This makes the output suitable for online browsing using WORD or other
-# programs which support those fields.
-# Note: wordpad (write) and others do not support links.
-
-RTF_HYPERLINKS = NO
-
-# Load stylesheet definitions from file. Syntax is similar to doxygen's
-# config file, i.e. a series of assignments. You only have to provide
-# replacements, missing definitions are set to their default value.
-
-RTF_STYLESHEET_FILE =
-
-# Set optional variables used in the generation of an rtf document.
-# Syntax is similar to doxygen's config file.
-
-RTF_EXTENSIONS_FILE =
-
-#---------------------------------------------------------------------------
-# configuration options related to the man page output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_MAN tag is set to YES (the default) Doxygen will
-# generate man pages
-
-GENERATE_MAN = NO
-
-# The MAN_OUTPUT tag is used to specify where the man pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `man' will be used as the default path.
-
-MAN_OUTPUT = man
-
-# The MAN_EXTENSION tag determines the extension that is added to
-# the generated man pages (default is the subroutine's section .3)
-
-MAN_EXTENSION = .3
-
-# If the MAN_LINKS tag is set to YES and Doxygen generates man output,
-# then it will generate one additional man file for each entity
-# documented in the real man page(s). These additional files
-# only source the real man page, but without them the man command
-# would be unable to find the correct page. The default is NO.
-
-MAN_LINKS = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the XML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_XML tag is set to YES Doxygen will
-# generate an XML file that captures the structure of
-# the code including all documentation.
-
-GENERATE_XML = NO
-
-# The XML_OUTPUT tag is used to specify where the XML pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `xml' will be used as the default path.
-
-XML_OUTPUT = xml
-
-# The XML_SCHEMA tag can be used to specify an XML schema,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-XML_SCHEMA =
-
-# The XML_DTD tag can be used to specify an XML DTD,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-XML_DTD =
-
-# If the XML_PROGRAMLISTING tag is set to YES Doxygen will
-# dump the program listings (including syntax highlighting
-# and cross-referencing information) to the XML output. Note that
-# enabling this will significantly increase the size of the XML output.
-
-XML_PROGRAMLISTING = YES
-
-#---------------------------------------------------------------------------
-# configuration options for the AutoGen Definitions output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will
-# generate an AutoGen Definitions (see autogen.sf.net) file
-# that captures the structure of the code including all
-# documentation. Note that this feature is still experimental
-# and incomplete at the moment.
-
-GENERATE_AUTOGEN_DEF = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the Perl module output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_PERLMOD tag is set to YES Doxygen will
-# generate a Perl module file that captures the structure of
-# the code including all documentation. Note that this
-# feature is still experimental and incomplete at the
-# moment.
-
-GENERATE_PERLMOD = NO
-
-# If the PERLMOD_LATEX tag is set to YES Doxygen will generate
-# the necessary Makefile rules, Perl scripts and LaTeX code to be able
-# to generate PDF and DVI output from the Perl module output.
-
-PERLMOD_LATEX = NO
-
-# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be
-# nicely formatted so it can be parsed by a human reader. This is useful
-# if you want to understand what is going on. On the other hand, if this
-# tag is set to NO the size of the Perl module output will be much smaller
-# and Perl will parse it just the same.
-
-PERLMOD_PRETTY = YES
-
-# The names of the make variables in the generated doxyrules.make file
-# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX.
-# This is useful so different doxyrules.make files included by the same
-# Makefile don't overwrite each other's variables.
-
-PERLMOD_MAKEVAR_PREFIX =
-
-#---------------------------------------------------------------------------
-# Configuration options related to the preprocessor
-#---------------------------------------------------------------------------
-
-# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will
-# evaluate all C-preprocessor directives found in the sources and include
-# files.
-
-ENABLE_PREPROCESSING = NO
-
-# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro
-# names in the source code. If set to NO (the default) only conditional
-# compilation will be performed. Macro expansion can be done in a controlled
-# way by setting EXPAND_ONLY_PREDEF to YES.
-
-MACRO_EXPANSION = NO
-
-# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
-# then the macro expansion is limited to the macros specified with the
-# PREDEFINED and EXPAND_AS_DEFINED tags.
-
-EXPAND_ONLY_PREDEF = NO
-
-# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
-# in the INCLUDE_PATH (see below) will be search if a #include is found.
-
-SEARCH_INCLUDES = YES
-
-# The INCLUDE_PATH tag can be used to specify one or more directories that
-# contain include files that are not input files but should be processed by
-# the preprocessor.
-
-INCLUDE_PATH =
-
-# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
-# patterns (like *.h and *.hpp) to filter out the header-files in the
-# directories. If left blank, the patterns specified with FILE_PATTERNS will
-# be used.
-
-INCLUDE_FILE_PATTERNS =
-
-# The PREDEFINED tag can be used to specify one or more macro names that
-# are defined before the preprocessor is started (similar to the -D option of
-# gcc). The argument of the tag is a list of macros of the form: name
-# or name=definition (no spaces). If the definition and the = are
-# omitted =1 is assumed. To prevent a macro definition from being
-# undefined via #undef or recursively expanded use the := operator
-# instead of the = operator.
-
-PREDEFINED =
-
-# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
-# this tag can be used to specify a list of macro names that should be expanded.
-# The macro definition that is found in the sources will be used.
-# Use the PREDEFINED tag if you want to use a different macro definition.
-
-EXPAND_AS_DEFINED =
-
-# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then
-# doxygen's preprocessor will remove all function-like macros that are alone
-# on a line, have an all uppercase name, and do not end with a semicolon. Such
-# function macros are typically used for boiler-plate code, and will confuse
-# the parser if not removed.
-
-SKIP_FUNCTION_MACROS = YES
-
-#---------------------------------------------------------------------------
-# Configuration::additions related to external references
-#---------------------------------------------------------------------------
-
-# The TAGFILES option can be used to specify one or more tagfiles.
-# Optionally an initial location of the external documentation
-# can be added for each tagfile. The format of a tag file without
-# this location is as follows:
-# TAGFILES = file1 file2 ...
-# Adding location for the tag files is done as follows:
-# TAGFILES = file1=loc1 "file2 = loc2" ...
-# where "loc1" and "loc2" can be relative or absolute paths or
-# URLs. If a location is present for each tag, the installdox tool
-# does not have to be run to correct the links.
-# Note that each tag file must have a unique name
-# (where the name does NOT include the path)
-# If a tag file is not located in the directory in which doxygen
-# is run, you must also specify the path to the tagfile here.
-
-TAGFILES =
-
-# When a file name is specified after GENERATE_TAGFILE, doxygen will create
-# a tag file that is based on the input files it reads.
-
-GENERATE_TAGFILE =
-
-# If the ALLEXTERNALS tag is set to YES all external classes will be listed
-# in the class index. If set to NO only the inherited external classes
-# will be listed.
-
-ALLEXTERNALS = NO
-
-# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed
-# in the modules index. If set to NO, only the current project's groups will
-# be listed.
-
-EXTERNAL_GROUPS = YES
-
-# The PERL_PATH should be the absolute path and name of the perl script
-# interpreter (i.e. the result of `which perl').
-
-PERL_PATH = /usr/bin/perl
-
-#---------------------------------------------------------------------------
-# Configuration options related to the dot tool
-#---------------------------------------------------------------------------
-
-# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
-# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base
-# or super classes. Setting the tag to NO turns the diagrams off. Note that
-# this option is superseded by the HAVE_DOT option below. This is only a
-# fallback. It is recommended to install and use dot, since it yields more
-# powerful graphs.
-
-CLASS_DIAGRAMS = YES
-
-# You can define message sequence charts within doxygen comments using the \msc
-# command. Doxygen will then run the mscgen tool (see http://www.mcternan.me.uk/mscgen/) to
-# produce the chart and insert it in the documentation. The MSCGEN_PATH tag allows you to
-# specify the directory where the mscgen tool resides. If left empty the tool is assumed to
-# be found in the default search path.
-
-MSCGEN_PATH =
-
-# If set to YES, the inheritance and collaboration graphs will hide
-# inheritance and usage relations if the target is undocumented
-# or is not a class.
-
-HIDE_UNDOC_RELATIONS = YES
-
-# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
-# available from the path. This tool is part of Graphviz, a graph visualization
-# toolkit from AT&T and Lucent Bell Labs. The other options in this section
-# have no effect if this option is set to NO (the default)
-
-HAVE_DOT = NO
-
-# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect inheritance relations. Setting this tag to YES will force the
-# the CLASS_DIAGRAMS tag to NO.
-
-CLASS_GRAPH = YES
-
-# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect implementation dependencies (inheritance, containment, and
-# class references variables) of the class with other documented classes.
-
-COLLABORATION_GRAPH = YES
-
-# If the GROUP_GRAPHS and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for groups, showing the direct groups dependencies
-
-GROUP_GRAPHS = YES
-
-# If the UML_LOOK tag is set to YES doxygen will generate inheritance and
-# collaboration diagrams in a style similar to the OMG's Unified Modeling
-# Language.
-
-UML_LOOK = NO
-
-# If set to YES, the inheritance and collaboration graphs will show the
-# relations between templates and their instances.
-
-TEMPLATE_RELATIONS = YES
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT
-# tags are set to YES then doxygen will generate a graph for each documented
-# file showing the direct and indirect include dependencies of the file with
-# other documented files.
-
-INCLUDE_GRAPH = YES
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and
-# HAVE_DOT tags are set to YES then doxygen will generate a graph for each
-# documented header file showing the documented files that directly or
-# indirectly include this file.
-
-INCLUDED_BY_GRAPH = YES
-
-# If the CALL_GRAPH, SOURCE_BROWSER and HAVE_DOT tags are set to YES then doxygen will
-# generate a call dependency graph for every global function or class method.
-# Note that enabling this option will significantly increase the time of a run.
-# So in most cases it will be better to enable call graphs for selected
-# functions only using the \callgraph command.
-
-CALL_GRAPH = NO
-
-# If the CALLER_GRAPH, SOURCE_BROWSER and HAVE_DOT tags are set to YES then doxygen will
-# generate a caller dependency graph for every global function or class method.
-# Note that enabling this option will significantly increase the time of a run.
-# So in most cases it will be better to enable caller graphs for selected
-# functions only using the \callergraph command.
-
-CALLER_GRAPH = NO
-
-# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen
-# will graphical hierarchy of all classes instead of a textual one.
-
-GRAPHICAL_HIERARCHY = YES
-
-# If the DIRECTORY_GRAPH, SHOW_DIRECTORIES and HAVE_DOT tags are set to YES
-# then doxygen will show the dependencies a directory has on other directories
-# in a graphical way. The dependency relations are determined by the #include
-# relations between the files in the directories.
-
-DIRECTORY_GRAPH = YES
-
-# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
-# generated by dot. Possible values are png, jpg, or gif
-# If left blank png will be used.
-
-DOT_IMAGE_FORMAT = png
-
-# The tag DOT_PATH can be used to specify the path where the dot tool can be
-# found. If left blank, it is assumed the dot tool can be found in the path.
-
-DOT_PATH =
-
-# The DOTFILE_DIRS tag can be used to specify one or more directories that
-# contain dot files that are included in the documentation (see the
-# \dotfile command).
-
-DOTFILE_DIRS =
-
-# The MAX_DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of
-# nodes that will be shown in the graph. If the number of nodes in a graph
-# becomes larger than this value, doxygen will truncate the graph, which is
-# visualized by representing a node as a red box. Note that doxygen if the number
-# of direct children of the root node in a graph is already larger than
-# MAX_DOT_GRAPH_NOTES then the graph will not be shown at all. Also note
-# that the size of a graph can be further restricted by MAX_DOT_GRAPH_DEPTH.
-
-DOT_GRAPH_MAX_NODES = 50
-
-# The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the
-# graphs generated by dot. A depth value of 3 means that only nodes reachable
-# from the root by following a path via at most 3 edges will be shown. Nodes
-# that lay further from the root node will be omitted. Note that setting this
-# option to 1 or 2 may greatly reduce the computation time needed for large
-# code bases. Also note that the size of a graph can be further restricted by
-# DOT_GRAPH_MAX_NODES. Using a depth of 0 means no depth restriction.
-
-MAX_DOT_GRAPH_DEPTH = 0
-
-# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent
-# background. This is disabled by default, which results in a white background.
-# Warning: Depending on the platform used, enabling this option may lead to
-# badly anti-aliased labels on the edges of a graph (i.e. they become hard to
-# read).
-
-DOT_TRANSPARENT = NO
-
-# Set the DOT_MULTI_TARGETS tag to YES allow dot to generate multiple output
-# files in one run (i.e. multiple -o and -T options on the command line). This
-# makes dot run faster, but since only newer versions of dot (>1.8.10)
-# support this, this feature is disabled by default.
-
-DOT_MULTI_TARGETS = NO
-
-# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will
-# generate a legend page explaining the meaning of the various boxes and
-# arrows in the dot generated graphs.
-
-GENERATE_LEGEND = YES
-
-# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will
-# remove the intermediate dot files that are used to generate
-# the various graphs.
-
-DOT_CLEANUP = YES
-
-#---------------------------------------------------------------------------
-# Configuration::additions related to the search engine
-#---------------------------------------------------------------------------
-
-# The SEARCHENGINE tag specifies whether or not a search engine should be
-# used. If set to NO the values of all tags below this one will be ignored.
-
-SEARCHENGINE = NO
diff --git a/source3/nsswitch/libwbclient/libwbclient.h b/source3/nsswitch/libwbclient/libwbclient.h
deleted file mode 100644
index 74cba7e796..0000000000
--- a/source3/nsswitch/libwbclient/libwbclient.h
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind client API
-
- Copyright (C) Gerald (Jerry) Carter 2007
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#ifndef _LIBWBCLIENT_H
-#define _LIBWBCLIENT_H
-
-/* Super header including necessary public and private header files
- for building the wbclient library. __DO NOT__ define anything
- in this file. Only include other headers. */
-
-/* Winbind headers */
-
-#include "nsswitch/winbind_nss_config.h"
-#include "nsswitch/winbind_struct_protocol.h"
-
-#include <talloc.h>
-
-/* Public headers */
-
-#include "wbclient.h"
-
-/* Private headers */
-
-#include "wbc_err_internal.h"
-#include "wbclient_internal.h"
-
-
-#endif /* _LIBWBCLIENT_H */
diff --git a/source3/nsswitch/libwbclient/wbc_err_internal.h b/source3/nsswitch/libwbclient/wbc_err_internal.h
deleted file mode 100644
index 83364b8cd9..0000000000
--- a/source3/nsswitch/libwbclient/wbc_err_internal.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind client API
-
- Copyright (C) Gerald (Jerry) Carter 2007
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#ifndef _WBC_ERR_INTERNAL_H
-#define _WBC_ERR_INTERNAL_H
-
-/* Private macros */
-
-#define BAIL_ON_WBC_ERROR(x) \
- do { \
- if (!WBC_ERROR_IS_OK(x)) { \
- goto done; \
- } \
- } while(0);
-
-#define BAIL_ON_PTR_ERROR(x, status) \
- do { \
- if ((x) == NULL) { \
- status = WBC_ERR_NO_MEMORY; \
- goto done; \
- } else { \
- status = WBC_ERR_SUCCESS; \
- } \
- } while (0);
-
-
-#endif /* _WBC_ERR_INTERNAL_H */
diff --git a/source3/nsswitch/libwbclient/wbc_guid.c b/source3/nsswitch/libwbclient/wbc_guid.c
deleted file mode 100644
index c343e24351..0000000000
--- a/source3/nsswitch/libwbclient/wbc_guid.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind client API
-
- Copyright (C) Gerald (Jerry) Carter 2007
-
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-/* Required Headers */
-
-#include "libwbclient.h"
-
-/* Convert a binary GUID to a character string */
-wbcErr wbcGuidToString(const struct wbcGuid *guid,
- char **guid_string)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (!guid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- *guid_string = talloc_asprintf(NULL,
- "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
- guid->time_low, guid->time_mid,
- guid->time_hi_and_version,
- guid->clock_seq[0],
- guid->clock_seq[1],
- guid->node[0], guid->node[1],
- guid->node[2], guid->node[3],
- guid->node[4], guid->node[5]);
- BAIL_ON_PTR_ERROR((*guid_string), wbc_status);
-
- wbc_status = WBC_ERR_SUCCESS;
-
-done:
- return wbc_status;
-}
-
-/* @brief Convert a character string to a binary GUID */
-wbcErr wbcStringToGuid(const char *str,
- struct wbcGuid *guid)
-{
- uint32_t time_low;
- uint32_t time_mid, time_hi_and_version;
- uint32_t clock_seq[2];
- uint32_t node[6];
- int i;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (!guid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (!str) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (11 == sscanf(str, "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
- &time_low, &time_mid, &time_hi_and_version,
- &clock_seq[0], &clock_seq[1],
- &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) {
- wbc_status = WBC_ERR_SUCCESS;
- } else if (11 == sscanf(str, "{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}",
- &time_low, &time_mid, &time_hi_and_version,
- &clock_seq[0], &clock_seq[1],
- &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) {
- wbc_status = WBC_ERR_SUCCESS;
- }
-
- BAIL_ON_WBC_ERROR(wbc_status);
-
- guid->time_low = time_low;
- guid->time_mid = time_mid;
- guid->time_hi_and_version = time_hi_and_version;
- guid->clock_seq[0] = clock_seq[0];
- guid->clock_seq[1] = clock_seq[1];
-
- for (i=0;i<6;i++) {
- guid->node[i] = node[i];
- }
-
- wbc_status = WBC_ERR_SUCCESS;
-
-done:
- return wbc_status;
-}
diff --git a/source3/nsswitch/libwbclient/wbc_idmap.c b/source3/nsswitch/libwbclient/wbc_idmap.c
deleted file mode 100644
index 5b2ab875f6..0000000000
--- a/source3/nsswitch/libwbclient/wbc_idmap.c
+++ /dev/null
@@ -1,468 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind client API
-
- Copyright (C) Gerald (Jerry) Carter 2007
-
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-/* Required Headers */
-
-#include "libwbclient.h"
-
-/* Convert a Windows SID to a Unix uid, allocating an uid if needed */
-wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- char *sid_string = NULL;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (!sid || !puid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
- wbcFreeMemory(sid_string);
-
- /* Make request */
-
- wbc_status = wbcRequestResponse(WINBINDD_SID_TO_UID,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- *puid = response.data.uid;
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- return wbc_status;
-}
-
-/* Convert a Windows SID to a Unix uid if there already is a mapping */
-wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid,
- uid_t *puid)
-{
- return WBC_ERR_NOT_IMPLEMENTED;
-}
-
-/* Convert a Unix uid to a Windows SID, allocating a SID if needed */
-wbcErr wbcUidToSid(uid_t uid, struct wbcDomainSid *sid)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_response response;
-
- if (!sid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.uid = uid;
-
- /* Make request */
-
- wbc_status = wbcRequestResponse(WINBINDD_UID_TO_SID,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- wbc_status = wbcStringToSid(response.data.sid.sid, sid);
- BAIL_ON_WBC_ERROR(wbc_status);
-
-done:
- return wbc_status;
-}
-
-/* Convert a Unix uid to a Windows SID if there already is a mapping */
-wbcErr wbcQueryUidToSid(uid_t uid,
- struct wbcDomainSid *sid)
-{
- return WBC_ERR_NOT_IMPLEMENTED;
-}
-
-/** @brief Convert a Windows SID to a Unix gid, allocating a gid if needed
- *
- * @param *sid Pointer to the domain SID to be resolved
- * @param *pgid Pointer to the resolved gid_t value
- *
- * @return #wbcErr
- *
- **/
-
-wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *sid_string = NULL;
-
- if (!sid || !pgid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
- wbcFreeMemory(sid_string);
-
- /* Make request */
-
- wbc_status = wbcRequestResponse(WINBINDD_SID_TO_GID,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- *pgid = response.data.gid;
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- return wbc_status;
-}
-
-/* Convert a Windows SID to a Unix gid if there already is a mapping */
-
-wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid,
- gid_t *pgid)
-{
- return WBC_ERR_NOT_IMPLEMENTED;
-}
-
-/* Convert a Unix gid to a Windows SID, allocating a SID if needed */
-wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (!sid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.gid = gid;
-
- /* Make request */
-
- wbc_status = wbcRequestResponse(WINBINDD_GID_TO_SID,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- wbc_status = wbcStringToSid(response.data.sid.sid, sid);
- BAIL_ON_WBC_ERROR(wbc_status);
-
-done:
- return wbc_status;
-}
-
-/* Convert a Unix gid to a Windows SID if there already is a mapping */
-wbcErr wbcQueryGidToSid(gid_t gid,
- struct wbcDomainSid *sid)
-{
- return WBC_ERR_NOT_IMPLEMENTED;
-}
-
-/* Obtain a new uid from Winbind */
-wbcErr wbcAllocateUid(uid_t *puid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (!puid)
- return WBC_ERR_INVALID_PARAM;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- wbc_status = wbcRequestResponse(WINBINDD_ALLOCATE_UID,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- /* Copy out result */
- *puid = response.data.uid;
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- return wbc_status;
-}
-
-/* Obtain a new gid from Winbind */
-wbcErr wbcAllocateGid(gid_t *pgid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (!pgid)
- return WBC_ERR_INVALID_PARAM;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- wbc_status = wbcRequestResponse(WINBINDD_ALLOCATE_GID,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- /* Copy out result */
- *pgid = response.data.gid;
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- return wbc_status;
-}
-
-/* we can't include smb.h here... */
-#define _ID_TYPE_UID 1
-#define _ID_TYPE_GID 2
-
-/* Set an user id mapping */
-wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *sid_string = NULL;
-
- if (!sid) {
- return WBC_ERR_INVALID_PARAM;
- }
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- request.data.dual_idmapset.id = uid;
- request.data.dual_idmapset.type = _ID_TYPE_UID;
-
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.dual_idmapset.sid, sid_string,
- sizeof(request.data.dual_idmapset.sid)-1);
- wbcFreeMemory(sid_string);
-
- wbc_status = wbcRequestResponse(WINBINDD_SET_MAPPING,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Set a group id mapping */
-wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *sid_string = NULL;
-
- if (!sid) {
- return WBC_ERR_INVALID_PARAM;
- }
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- request.data.dual_idmapset.id = gid;
- request.data.dual_idmapset.type = _ID_TYPE_GID;
-
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.dual_idmapset.sid, sid_string,
- sizeof(request.data.dual_idmapset.sid)-1);
- wbcFreeMemory(sid_string);
-
- wbc_status = wbcRequestResponse(WINBINDD_SET_MAPPING,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Remove a user id mapping */
-wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *sid_string = NULL;
-
- if (!sid) {
- return WBC_ERR_INVALID_PARAM;
- }
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- request.data.dual_idmapset.id = uid;
- request.data.dual_idmapset.type = _ID_TYPE_UID;
-
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.dual_idmapset.sid, sid_string,
- sizeof(request.data.dual_idmapset.sid)-1);
- wbcFreeMemory(sid_string);
-
- wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Remove a group id mapping */
-wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *sid_string = NULL;
-
- if (!sid) {
- return WBC_ERR_INVALID_PARAM;
- }
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- request.data.dual_idmapset.id = gid;
- request.data.dual_idmapset.type = _ID_TYPE_GID;
-
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.dual_idmapset.sid, sid_string,
- sizeof(request.data.dual_idmapset.sid)-1);
- wbcFreeMemory(sid_string);
-
- wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Set the highwater mark for allocated uids. */
-wbcErr wbcSetUidHwm(uid_t uid_hwm)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- request.data.dual_idmapset.id = uid_hwm;
- request.data.dual_idmapset.type = _ID_TYPE_UID;
-
- wbc_status = wbcRequestResponse(WINBINDD_SET_HWM,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Set the highwater mark for allocated gids. */
-wbcErr wbcSetGidHwm(gid_t gid_hwm)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- request.data.dual_idmapset.id = gid_hwm;
- request.data.dual_idmapset.type = _ID_TYPE_GID;
-
- wbc_status = wbcRequestResponse(WINBINDD_SET_HWM,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
diff --git a/source3/nsswitch/libwbclient/wbc_pam.c b/source3/nsswitch/libwbclient/wbc_pam.c
deleted file mode 100644
index 92c6643631..0000000000
--- a/source3/nsswitch/libwbclient/wbc_pam.c
+++ /dev/null
@@ -1,1034 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind client API
-
- Copyright (C) Gerald (Jerry) Carter 2007
- Copyright (C) Guenther Deschner 2008
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-/* Required Headers */
-
-#include "libwbclient.h"
-
-/* Authenticate a username/password pair */
-wbcErr wbcAuthenticateUser(const char *username,
- const char *password)
-{
- wbcErr wbc_status = WBC_ERR_SUCCESS;
- struct wbcAuthUserParams params;
-
- ZERO_STRUCT(params);
-
- params.account_name = username;
- params.level = WBC_AUTH_USER_LEVEL_PLAIN;
- params.password.plaintext = password;
-
- wbc_status = wbcAuthenticateUserEx(&params, NULL, NULL);
- BAIL_ON_WBC_ERROR(wbc_status);
-
-done:
- return wbc_status;
-}
-
-static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
- const struct winbindd_response *resp,
- struct wbcAuthUserInfo **_i)
-{
- wbcErr wbc_status = WBC_ERR_SUCCESS;
- struct wbcAuthUserInfo *i;
- struct wbcDomainSid domain_sid;
- char *p;
- uint32_t sn = 0;
- uint32_t j;
-
- i = talloc(mem_ctx, struct wbcAuthUserInfo);
- BAIL_ON_PTR_ERROR(i, wbc_status);
-
- i->user_flags = resp->data.auth.info3.user_flgs;
-
- i->account_name = talloc_strdup(i, resp->data.auth.info3.user_name);
- BAIL_ON_PTR_ERROR(i->account_name, wbc_status);
- i->user_principal= NULL;
- i->full_name = talloc_strdup(i, resp->data.auth.info3.full_name);
- BAIL_ON_PTR_ERROR(i->full_name, wbc_status);
- i->domain_name = talloc_strdup(i, resp->data.auth.info3.logon_dom);
- BAIL_ON_PTR_ERROR(i->domain_name, wbc_status);
- i->dns_domain_name= NULL;
-
- i->acct_flags = resp->data.auth.info3.acct_flags;
- memcpy(i->user_session_key,
- resp->data.auth.user_session_key,
- sizeof(i->user_session_key));
- memcpy(i->lm_session_key,
- resp->data.auth.first_8_lm_hash,
- sizeof(i->lm_session_key));
-
- i->logon_count = resp->data.auth.info3.logon_count;
- i->bad_password_count = resp->data.auth.info3.bad_pw_count;
-
- i->logon_time = resp->data.auth.info3.logon_time;
- i->logoff_time = resp->data.auth.info3.logoff_time;
- i->kickoff_time = resp->data.auth.info3.kickoff_time;
- i->pass_last_set_time = resp->data.auth.info3.pass_last_set_time;
- i->pass_can_change_time = resp->data.auth.info3.pass_can_change_time;
- i->pass_must_change_time= resp->data.auth.info3.pass_must_change_time;
-
- i->logon_server = talloc_strdup(i, resp->data.auth.info3.logon_srv);
- BAIL_ON_PTR_ERROR(i->logon_server, wbc_status);
- i->logon_script = talloc_strdup(i, resp->data.auth.info3.logon_script);
- BAIL_ON_PTR_ERROR(i->logon_script, wbc_status);
- i->profile_path = talloc_strdup(i, resp->data.auth.info3.profile_path);
- BAIL_ON_PTR_ERROR(i->profile_path, wbc_status);
- i->home_directory= talloc_strdup(i, resp->data.auth.info3.home_dir);
- BAIL_ON_PTR_ERROR(i->home_directory, wbc_status);
- i->home_drive = talloc_strdup(i, resp->data.auth.info3.dir_drive);
- BAIL_ON_PTR_ERROR(i->home_drive, wbc_status);
-
- i->num_sids = 2;
- i->num_sids += resp->data.auth.info3.num_groups;
- i->num_sids += resp->data.auth.info3.num_other_sids;
-
- i->sids = talloc_array(i, struct wbcSidWithAttr, i->num_sids);
- BAIL_ON_PTR_ERROR(i->sids, wbc_status);
-
- wbc_status = wbcStringToSid(resp->data.auth.info3.dom_sid,
- &domain_sid);
- BAIL_ON_WBC_ERROR(wbc_status);
-
-#define _SID_COMPOSE(s, d, r, a) { \
- (s).sid = d; \
- if ((s).sid.num_auths < WBC_MAXSUBAUTHS) { \
- (s).sid.sub_auths[(s).sid.num_auths++] = r; \
- } else { \
- wbc_status = WBC_ERR_INVALID_SID; \
- BAIL_ON_WBC_ERROR(wbc_status); \
- } \
- (s).attributes = a; \
-} while (0)
-
- sn = 0;
- _SID_COMPOSE(i->sids[sn], domain_sid,
- resp->data.auth.info3.user_rid,
- 0);
- sn++;
- _SID_COMPOSE(i->sids[sn], domain_sid,
- resp->data.auth.info3.group_rid,
- 0);
- sn++;
-
- p = (char *)resp->extra_data.data;
- if (!p) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- for (j=0; j < resp->data.auth.info3.num_groups; j++) {
- uint32_t rid;
- uint32_t attrs;
- int ret;
- char *s = p;
- char *e = strchr(p, '\n');
- if (!e) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- e[0] = '\0';
- p = &e[1];
-
- ret = sscanf(s, "0x%08X:0x%08X", &rid, &attrs);
- if (ret != 2) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- _SID_COMPOSE(i->sids[sn], domain_sid,
- rid, attrs);
- sn++;
- }
-
- for (j=0; j < resp->data.auth.info3.num_other_sids; j++) {
- uint32_t attrs;
- int ret;
- char *s = p;
- char *a;
- char *e = strchr(p, '\n');
- if (!e) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- e[0] = '\0';
- p = &e[1];
-
- e = strchr(s, ':');
- if (!e) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- e[0] = '\0';
- a = &e[1];
-
- ret = sscanf(a, "0x%08X",
- &attrs);
- if (ret != 1) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- wbc_status = wbcStringToSid(s, &i->sids[sn].sid);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- i->sids[sn].attributes = attrs;
- sn++;
- }
-
- i->num_sids = sn;
-
- *_i = i;
- i = NULL;
-done:
- talloc_free(i);
- return wbc_status;
-}
-
-static wbcErr wbc_create_error_info(TALLOC_CTX *mem_ctx,
- const struct winbindd_response *resp,
- struct wbcAuthErrorInfo **_e)
-{
- wbcErr wbc_status = WBC_ERR_SUCCESS;
- struct wbcAuthErrorInfo *e;
-
- e = talloc(mem_ctx, struct wbcAuthErrorInfo);
- BAIL_ON_PTR_ERROR(e, wbc_status);
-
- e->nt_status = resp->data.auth.nt_status;
- e->pam_error = resp->data.auth.pam_error;
- e->nt_string = talloc_strdup(e, resp->data.auth.nt_status_string);
- BAIL_ON_PTR_ERROR(e->nt_string, wbc_status);
-
- e->display_string = talloc_strdup(e, resp->data.auth.error_string);
- BAIL_ON_PTR_ERROR(e->display_string, wbc_status);
-
- *_e = e;
- e = NULL;
-
-done:
- talloc_free(e);
- return wbc_status;
-}
-
-static wbcErr wbc_create_password_policy_info(TALLOC_CTX *mem_ctx,
- const struct winbindd_response *resp,
- struct wbcUserPasswordPolicyInfo **_i)
-{
- wbcErr wbc_status = WBC_ERR_SUCCESS;
- struct wbcUserPasswordPolicyInfo *i;
-
- i = talloc(mem_ctx, struct wbcUserPasswordPolicyInfo);
- BAIL_ON_PTR_ERROR(i, wbc_status);
-
- i->min_passwordage = resp->data.auth.policy.min_passwordage;
- i->min_length_password = resp->data.auth.policy.min_length_password;
- i->password_history = resp->data.auth.policy.password_history;
- i->password_properties = resp->data.auth.policy.password_properties;
- i->expire = resp->data.auth.policy.expire;
-
- *_i = i;
- i = NULL;
-
-done:
- talloc_free(i);
- return wbc_status;
-}
-
-static wbcErr wbc_create_logon_info(TALLOC_CTX *mem_ctx,
- const struct winbindd_response *resp,
- struct wbcLogonUserInfo **_i)
-{
- wbcErr wbc_status = WBC_ERR_SUCCESS;
- struct wbcLogonUserInfo *i;
-
- i = talloc_zero(mem_ctx, struct wbcLogonUserInfo);
- BAIL_ON_PTR_ERROR(i, wbc_status);
-
- wbc_status = wbc_create_auth_info(i, resp, &i->info);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- if (resp->data.auth.krb5ccname) {
- wbc_status = wbcAddNamedBlob(&i->num_blobs,
- &i->blobs,
- "krb5ccname",
- 0,
- (uint8_t *)resp->data.auth.krb5ccname,
- strlen(resp->data.auth.krb5ccname)+1);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (resp->data.auth.unix_username) {
- wbc_status = wbcAddNamedBlob(&i->num_blobs,
- &i->blobs,
- "unix_username",
- 0,
- (uint8_t *)resp->data.auth.unix_username,
- strlen(resp->data.auth.unix_username)+1);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- *_i = i;
- i = NULL;
-done:
- if (!WBC_ERROR_IS_OK(wbc_status) && i) {
- wbcFreeMemory(i->blobs);
- }
-
- talloc_free(i);
- return wbc_status;
-}
-
-/* Authenticate with more detailed information */
-wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params,
- struct wbcAuthUserInfo **info,
- struct wbcAuthErrorInfo **error)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- int cmd = 0;
- struct winbindd_request request;
- struct winbindd_response response;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- if (error) {
- *error = NULL;
- }
-
- if (!params) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (!params->account_name) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- switch (params->level) {
- case WBC_AUTH_USER_LEVEL_PLAIN:
- cmd = WINBINDD_PAM_AUTH;
- request.flags = WBFLAG_PAM_INFO3_TEXT |
- WBFLAG_PAM_USER_SESSION_KEY |
- WBFLAG_PAM_LMKEY;
-
- if (!params->password.plaintext) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (params->domain_name && params->domain_name[0]) {
- /* We need to get the winbind separator :-( */
- struct winbindd_response sep_response;
-
- ZERO_STRUCT(sep_response);
-
- wbc_status = wbcRequestResponse(WINBINDD_INFO,
- NULL, &sep_response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- snprintf(request.data.auth.user,
- sizeof(request.data.auth.user)-1,
- "%s%c%s",
- params->domain_name,
- sep_response.data.info.winbind_separator,
- params->account_name);
- } else {
- strncpy(request.data.auth.user,
- params->account_name,
- sizeof(request.data.auth.user)-1);
- }
-
- strncpy(request.data.auth.pass,
- params->password.plaintext,
- sizeof(request.data.auth.pass)-1);
- break;
-
- case WBC_AUTH_USER_LEVEL_HASH:
- wbc_status = WBC_ERR_NOT_IMPLEMENTED;
- BAIL_ON_WBC_ERROR(wbc_status);
- break;
-
- case WBC_AUTH_USER_LEVEL_RESPONSE:
- cmd = WINBINDD_PAM_AUTH_CRAP;
- request.flags = WBFLAG_PAM_INFO3_TEXT |
- WBFLAG_PAM_USER_SESSION_KEY |
- WBFLAG_PAM_LMKEY;
-
- if (params->password.response.lm_length &&
- !params->password.response.lm_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- if (params->password.response.lm_length == 0 &&
- params->password.response.lm_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (params->password.response.nt_length &&
- !params->password.response.nt_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- if (params->password.response.nt_length == 0&&
- params->password.response.nt_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- strncpy(request.data.auth_crap.user,
- params->account_name,
- sizeof(request.data.auth_crap.user)-1);
- if (params->domain_name) {
- strncpy(request.data.auth_crap.domain,
- params->domain_name,
- sizeof(request.data.auth_crap.domain)-1);
- }
- if (params->workstation_name) {
- strncpy(request.data.auth_crap.workstation,
- params->workstation_name,
- sizeof(request.data.auth_crap.workstation)-1);
- }
-
- request.data.auth_crap.logon_parameters =
- params->parameter_control;
-
- memcpy(request.data.auth_crap.chal,
- params->password.response.challenge,
- sizeof(request.data.auth_crap.chal));
-
- request.data.auth_crap.lm_resp_len =
- MIN(params->password.response.lm_length,
- sizeof(request.data.auth_crap.lm_resp));
- request.data.auth_crap.nt_resp_len =
- MIN(params->password.response.nt_length,
- sizeof(request.data.auth_crap.nt_resp));
- if (params->password.response.lm_data) {
- memcpy(request.data.auth_crap.lm_resp,
- params->password.response.lm_data,
- request.data.auth_crap.lm_resp_len);
- }
- if (params->password.response.nt_data) {
- memcpy(request.data.auth_crap.nt_resp,
- params->password.response.nt_data,
- request.data.auth_crap.nt_resp_len);
- }
- break;
- default:
- break;
- }
-
- if (cmd == 0) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (params->flags) {
- request.flags |= params->flags;
- }
-
- wbc_status = wbcRequestResponse(cmd,
- &request,
- &response);
- if (response.data.auth.nt_status != 0) {
- if (error) {
- wbc_status = wbc_create_error_info(NULL,
- &response,
- error);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- wbc_status = WBC_ERR_AUTH_ERROR;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- BAIL_ON_WBC_ERROR(wbc_status);
-
- if (info) {
- wbc_status = wbc_create_auth_info(NULL,
- &response,
- info);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
-done:
- if (response.extra_data.data)
- free(response.extra_data.data);
-
- return wbc_status;
-}
-
-/* Trigger a verification of the trust credentials of a specific domain */
-wbcErr wbcCheckTrustCredentials(const char *domain,
- struct wbcAuthErrorInfo **error)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (domain) {
- /*
- * the current protocol doesn't support
- * specifying a domain
- */
- wbc_status = WBC_ERR_NOT_IMPLEMENTED;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Send request */
-
- wbc_status = wbcRequestResponse(WINBINDD_CHECK_MACHACC,
- &request,
- &response);
- if (response.data.auth.nt_status != 0) {
- if (error) {
- wbc_status = wbc_create_error_info(NULL,
- &response,
- error);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- wbc_status = WBC_ERR_AUTH_ERROR;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Trigger an extended logoff notification to Winbind for a specific user */
-wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params,
- struct wbcAuthErrorInfo **error)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- int i;
-
- /* validate input */
-
- if (!params || !params->username) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if ((params->num_blobs > 0) && (params->blobs == NULL)) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- if ((params->num_blobs == 0) && (params->blobs != NULL)) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- strncpy(request.data.logoff.user, params->username,
- sizeof(request.data.logoff.user)-1);
-
- for (i=0; i<params->num_blobs; i++) {
-
- if (strcasecmp(params->blobs[i].name, "ccfilename") == 0) {
- if (params->blobs[i].blob.data) {
- strncpy(request.data.logoff.krb5ccname,
- (const char *)params->blobs[i].blob.data,
- sizeof(request.data.logoff.krb5ccname) - 1);
- }
- continue;
- }
-
- if (strcasecmp(params->blobs[i].name, "user_uid") == 0) {
- if (params->blobs[i].blob.data) {
- memcpy(&request.data.logoff.uid,
- params->blobs[i].blob.data,
- MIN(params->blobs[i].blob.length,
- sizeof(request.data.logoff.uid)));
- }
- continue;
- }
-
- if (strcasecmp(params->blobs[i].name, "flags") == 0) {
- if (params->blobs[i].blob.data) {
- memcpy(&request.flags,
- params->blobs[i].blob.data,
- MIN(params->blobs[i].blob.length,
- sizeof(request.flags)));
- }
- continue;
- }
- }
-
- /* Send request */
-
- wbc_status = wbcRequestResponse(WINBINDD_PAM_LOGOFF,
- &request,
- &response);
-
- /* Take the response above and return it to the caller */
- if (response.data.auth.nt_status != 0) {
- if (error) {
- wbc_status = wbc_create_error_info(NULL,
- &response,
- error);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- wbc_status = WBC_ERR_AUTH_ERROR;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Trigger a logoff notification to Winbind for a specific user */
-wbcErr wbcLogoffUser(const char *username,
- uid_t uid,
- const char *ccfilename)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- /* validate input */
-
- if (!username) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- strncpy(request.data.logoff.user, username,
- sizeof(request.data.logoff.user)-1);
- request.data.logoff.uid = uid;
-
- if (ccfilename) {
- strncpy(request.data.logoff.krb5ccname, ccfilename,
- sizeof(request.data.logoff.krb5ccname)-1);
- }
-
- /* Send request */
-
- wbc_status = wbcRequestResponse(WINBINDD_PAM_LOGOFF,
- &request,
- &response);
-
- /* Take the response above and return it to the caller */
-
- done:
- return wbc_status;
-}
-
-/* Change a password for a user with more detailed information upon failure */
-wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params,
- struct wbcAuthErrorInfo **error,
- enum wbcPasswordChangeRejectReason *reject_reason,
- struct wbcUserPasswordPolicyInfo **policy)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- int cmd = 0;
-
- /* validate input */
-
- if (!params->account_name) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (error) {
- *error = NULL;
- }
-
- if (policy) {
- *policy = NULL;
- }
-
- if (reject_reason) {
- *reject_reason = -1;
- }
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- switch (params->level) {
- case WBC_CHANGE_PASSWORD_LEVEL_PLAIN:
- cmd = WINBINDD_PAM_CHAUTHTOK;
-
- if (!params->account_name) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- strncpy(request.data.chauthtok.user, params->account_name,
- sizeof(request.data.chauthtok.user) - 1);
-
- if (params->old_password.plaintext) {
- strncpy(request.data.chauthtok.oldpass,
- params->old_password.plaintext,
- sizeof(request.data.chauthtok.oldpass) - 1);
- }
-
- if (params->new_password.plaintext) {
- strncpy(request.data.chauthtok.newpass,
- params->new_password.plaintext,
- sizeof(request.data.chauthtok.newpass) - 1);
- }
- break;
-
- case WBC_CHANGE_PASSWORD_LEVEL_RESPONSE:
- cmd = WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP;
-
- if (!params->account_name || !params->domain_name) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (params->old_password.response.old_lm_hash_enc_length &&
- !params->old_password.response.old_lm_hash_enc_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (params->old_password.response.old_lm_hash_enc_length == 0 &&
- params->old_password.response.old_lm_hash_enc_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (params->old_password.response.old_nt_hash_enc_length &&
- !params->old_password.response.old_nt_hash_enc_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (params->old_password.response.old_nt_hash_enc_length == 0 &&
- params->old_password.response.old_nt_hash_enc_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (params->new_password.response.lm_length &&
- !params->new_password.response.lm_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (params->new_password.response.lm_length == 0 &&
- params->new_password.response.lm_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (params->new_password.response.nt_length &&
- !params->new_password.response.nt_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (params->new_password.response.nt_length == 0 &&
- params->new_password.response.nt_data) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- strncpy(request.data.chng_pswd_auth_crap.user,
- params->account_name,
- sizeof(request.data.chng_pswd_auth_crap.user) - 1);
-
- strncpy(request.data.chng_pswd_auth_crap.domain,
- params->domain_name,
- sizeof(request.data.chng_pswd_auth_crap.domain) - 1);
-
- if (params->new_password.response.nt_data) {
- memcpy(request.data.chng_pswd_auth_crap.new_nt_pswd,
- params->new_password.response.nt_data,
- request.data.chng_pswd_auth_crap.new_nt_pswd_len);
- request.data.chng_pswd_auth_crap.new_nt_pswd_len =
- params->new_password.response.nt_length;
- }
-
- if (params->new_password.response.lm_data) {
- memcpy(request.data.chng_pswd_auth_crap.new_lm_pswd,
- params->new_password.response.lm_data,
- request.data.chng_pswd_auth_crap.new_lm_pswd_len);
- request.data.chng_pswd_auth_crap.new_lm_pswd_len =
- params->new_password.response.lm_length;
- }
-
- if (params->old_password.response.old_nt_hash_enc_data) {
- memcpy(request.data.chng_pswd_auth_crap.old_nt_hash_enc,
- params->old_password.response.old_nt_hash_enc_data,
- request.data.chng_pswd_auth_crap.old_nt_hash_enc_len);
- request.data.chng_pswd_auth_crap.old_nt_hash_enc_len =
- params->old_password.response.old_nt_hash_enc_length;
- }
-
- if (params->old_password.response.old_lm_hash_enc_data) {
- memcpy(request.data.chng_pswd_auth_crap.old_lm_hash_enc,
- params->old_password.response.old_lm_hash_enc_data,
- request.data.chng_pswd_auth_crap.old_lm_hash_enc_len);
- request.data.chng_pswd_auth_crap.old_lm_hash_enc_len =
- params->old_password.response.old_lm_hash_enc_length;
- }
-
- break;
- default:
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- break;
- }
-
- if (cmd == 0) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Send request */
-
- wbc_status = wbcRequestResponse(cmd,
- &request,
- &response);
- if (WBC_ERROR_IS_OK(wbc_status)) {
- goto done;
- }
-
- /* Take the response above and return it to the caller */
-
- if (response.data.auth.nt_status != 0) {
- if (error) {
- wbc_status = wbc_create_error_info(NULL,
- &response,
- error);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- }
-
- if (policy) {
- wbc_status = wbc_create_password_policy_info(NULL,
- &response,
- policy);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (reject_reason) {
- *reject_reason = response.data.auth.reject_reason;
- }
-
- wbc_status = WBC_ERR_PWD_CHANGE_FAILED;
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Change a password for a user */
-wbcErr wbcChangeUserPassword(const char *username,
- const char *old_password,
- const char *new_password)
-{
- wbcErr wbc_status = WBC_ERR_SUCCESS;
- struct wbcChangePasswordParams params;
-
- ZERO_STRUCT(params);
-
- params.account_name = username;
- params.level = WBC_CHANGE_PASSWORD_LEVEL_PLAIN;
- params.old_password.plaintext = old_password;
- params.new_password.plaintext = new_password;
-
- wbc_status = wbcChangeUserPasswordEx(&params,
- NULL,
- NULL,
- NULL);
- BAIL_ON_WBC_ERROR(wbc_status);
-
-done:
- return wbc_status;
-}
-
-/* Logon a User */
-wbcErr wbcLogonUser(const struct wbcLogonUserParams *params,
- struct wbcLogonUserInfo **info,
- struct wbcAuthErrorInfo **error,
- struct wbcUserPasswordPolicyInfo **policy)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- int cmd = 0;
- struct winbindd_request request;
- struct winbindd_response response;
- uint32_t i;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- if (info) {
- *info = NULL;
- }
- if (error) {
- *error = NULL;
- }
- if (policy) {
- *policy = NULL;
- }
-
- if (!params) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (!params->username) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if ((params->num_blobs > 0) && (params->blobs == NULL)) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- if ((params->num_blobs == 0) && (params->blobs != NULL)) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- cmd = WINBINDD_PAM_AUTH;
- request.flags = WBFLAG_PAM_INFO3_TEXT |
- WBFLAG_PAM_USER_SESSION_KEY |
- WBFLAG_PAM_LMKEY;
-
- if (!params->password) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- strncpy(request.data.auth.user,
- params->username,
- sizeof(request.data.auth.user)-1);
-
- strncpy(request.data.auth.pass,
- params->password,
- sizeof(request.data.auth.pass)-1);
-
- for (i=0; i<params->num_blobs; i++) {
-
- if (strcasecmp(params->blobs[i].name, "krb5_cc_type") == 0) {
- if (params->blobs[i].blob.data) {
- strncpy(request.data.auth.krb5_cc_type,
- (const char *)params->blobs[i].blob.data,
- sizeof(request.data.auth.krb5_cc_type) - 1);
- }
- continue;
- }
-
- if (strcasecmp(params->blobs[i].name, "user_uid") == 0) {
- if (params->blobs[i].blob.data) {
- memcpy(&request.data.auth.uid,
- params->blobs[i].blob.data,
- MIN(sizeof(request.data.auth.uid),
- params->blobs[i].blob.length));
- }
- continue;
- }
-
- if (strcasecmp(params->blobs[i].name, "flags") == 0) {
- if (params->blobs[i].blob.data) {
- uint32_t flags;
- memcpy(&flags,
- params->blobs[i].blob.data,
- MIN(sizeof(flags),
- params->blobs[i].blob.length));
- request.flags |= flags;
- }
- continue;
- }
-
- if (strcasecmp(params->blobs[i].name, "membership_of") == 0) {
- if (params->blobs[i].blob.data &&
- params->blobs[i].blob.data[0] > 0) {
- strncpy(request.data.auth.require_membership_of_sid,
- (const char *)params->blobs[i].blob.data,
- sizeof(request.data.auth.require_membership_of_sid) - 1);
- }
- continue;
- }
- }
-
- wbc_status = wbcRequestResponse(cmd,
- &request,
- &response);
-
- if (response.data.auth.nt_status != 0) {
- if (error) {
- wbc_status = wbc_create_error_info(NULL,
- &response,
- error);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- wbc_status = WBC_ERR_AUTH_ERROR;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- BAIL_ON_WBC_ERROR(wbc_status);
-
- if (info) {
- wbc_status = wbc_create_logon_info(NULL,
- &response,
- info);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (policy) {
- wbc_status = wbc_create_password_policy_info(NULL,
- &response,
- policy);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
-done:
- if (response.extra_data.data)
- free(response.extra_data.data);
-
- return wbc_status;
-}
-
-/* Authenticate a user with cached credentials */
-wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params,
- struct wbcCredentialCacheInfo **info,
- struct wbcAuthErrorInfo **error)
-{
- return WBC_ERR_NOT_IMPLEMENTED;
-}
diff --git a/source3/nsswitch/libwbclient/wbc_pwd.c b/source3/nsswitch/libwbclient/wbc_pwd.c
deleted file mode 100644
index cd945996c8..0000000000
--- a/source3/nsswitch/libwbclient/wbc_pwd.c
+++ /dev/null
@@ -1,571 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind client API
-
- Copyright (C) Gerald (Jerry) Carter 2007
-
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-/* Required Headers */
-
-#include "libwbclient.h"
-
-/** @brief The maximum number of pwent structs to get from winbindd
- *
- */
-#define MAX_GETPWENT_USERS 500
-
-/** @brief The maximum number of grent structs to get from winbindd
- *
- */
-#define MAX_GETGRENT_GROUPS 500
-
-/**
- *
- **/
-
-static struct passwd *copy_passwd_entry(struct winbindd_pw *p)
-{
- struct passwd *pwd = NULL;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- pwd = talloc(NULL, struct passwd);
- BAIL_ON_PTR_ERROR(pwd, wbc_status);
-
- pwd->pw_name = talloc_strdup(pwd,p->pw_name);
- BAIL_ON_PTR_ERROR(pwd->pw_name, wbc_status);
-
- pwd->pw_passwd = talloc_strdup(pwd, p->pw_passwd);
- BAIL_ON_PTR_ERROR(pwd->pw_passwd, wbc_status);
-
- pwd->pw_gecos = talloc_strdup(pwd, p->pw_gecos);
- BAIL_ON_PTR_ERROR(pwd->pw_gecos, wbc_status);
-
- pwd->pw_shell = talloc_strdup(pwd, p->pw_shell);
- BAIL_ON_PTR_ERROR(pwd->pw_shell, wbc_status);
-
- pwd->pw_dir = talloc_strdup(pwd, p->pw_dir);
- BAIL_ON_PTR_ERROR(pwd->pw_dir, wbc_status);
-
- pwd->pw_uid = p->pw_uid;
- pwd->pw_gid = p->pw_gid;
-
-done:
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- talloc_free(pwd);
- pwd = NULL;
- }
-
- return pwd;
-}
-
-/**
- *
- **/
-
-static struct group *copy_group_entry(struct winbindd_gr *g,
- char *mem_buf)
-{
- struct group *grp = NULL;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- int i;
- char *mem_p, *mem_q;
-
- grp = talloc(NULL, struct group);
- BAIL_ON_PTR_ERROR(grp, wbc_status);
-
- grp->gr_name = talloc_strdup(grp, g->gr_name);
- BAIL_ON_PTR_ERROR(grp->gr_name, wbc_status);
-
- grp->gr_passwd = talloc_strdup(grp, g->gr_passwd);
- BAIL_ON_PTR_ERROR(grp->gr_passwd, wbc_status);
-
- grp->gr_gid = g->gr_gid;
-
- grp->gr_mem = talloc_array(grp, char*, g->num_gr_mem+1);
-
- mem_p = mem_q = mem_buf;
- for (i=0; i<g->num_gr_mem && mem_p; i++) {
- if ((mem_q = strchr(mem_p, ',')) != NULL) {
- *mem_q = '\0';
- }
-
- grp->gr_mem[i] = talloc_strdup(grp, mem_p);
- BAIL_ON_PTR_ERROR(grp->gr_mem[i], wbc_status);
-
- if (mem_q == NULL) {
- i += 1;
- break;
- }
- mem_p = mem_q + 1;
- }
- grp->gr_mem[i] = NULL;
-
- wbc_status = WBC_ERR_SUCCESS;
-
-done:
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- talloc_free(grp);
- grp = NULL;
- }
-
- return grp;
-}
-
-/* Fill in a struct passwd* for a domain user based on username */
-wbcErr wbcGetpwnam(const char *name, struct passwd **pwd)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_response response;
-
- if (!name || !pwd) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* dst is already null terminated from the memset above */
-
- strncpy(request.data.username, name, sizeof(request.data.username)-1);
-
- wbc_status = wbcRequestResponse(WINBINDD_GETPWNAM,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- *pwd = copy_passwd_entry(&response.data.pw);
- BAIL_ON_PTR_ERROR(*pwd, wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Fill in a struct passwd* for a domain user based on uid */
-wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_response response;
-
- if (!pwd) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.uid = uid;
-
- wbc_status = wbcRequestResponse(WINBINDD_GETPWUID,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- *pwd = copy_passwd_entry(&response.data.pw);
- BAIL_ON_PTR_ERROR(*pwd, wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Fill in a struct passwd* for a domain user based on username */
-wbcErr wbcGetgrnam(const char *name, struct group **grp)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_response response;
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- if (!name || !grp) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* dst is already null terminated from the memset above */
-
- strncpy(request.data.groupname, name, sizeof(request.data.groupname)-1);
-
- wbc_status = wbcRequestResponse(WINBINDD_GETGRNAM,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- *grp = copy_group_entry(&response.data.gr,
- (char*)response.extra_data.data);
- BAIL_ON_PTR_ERROR(*grp, wbc_status);
-
- done:
- if (response.extra_data.data)
- free(response.extra_data.data);
-
- return wbc_status;
-}
-
-/* Fill in a struct passwd* for a domain user based on uid */
-wbcErr wbcGetgrgid(gid_t gid, struct group **grp)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_response response;
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- if (!grp) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- request.data.gid = gid;
-
- wbc_status = wbcRequestResponse(WINBINDD_GETGRGID,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- *grp = copy_group_entry(&response.data.gr,
- (char*)response.extra_data.data);
- BAIL_ON_PTR_ERROR(*grp, wbc_status);
-
- done:
- if (response.extra_data.data)
- free(response.extra_data.data);
-
- return wbc_status;
-}
-
-/** @brief Number of cached passwd structs
- *
- */
-static uint32_t pw_cache_size;
-
-/** @brief Position of the pwent context
- *
- */
-static uint32_t pw_cache_idx;
-
-/** @brief Winbindd response containing the passwd structs
- *
- */
-static struct winbindd_response pw_response;
-
-/* Reset the passwd iterator */
-wbcErr wbcSetpwent(void)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (pw_cache_size > 0) {
- pw_cache_idx = pw_cache_size = 0;
- if (pw_response.extra_data.data) {
- free(pw_response.extra_data.data);
- }
- }
-
- ZERO_STRUCT(pw_response);
-
- wbc_status = wbcRequestResponse(WINBINDD_SETPWENT,
- NULL, NULL);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Close the passwd iterator */
-wbcErr wbcEndpwent(void)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (pw_cache_size > 0) {
- pw_cache_idx = pw_cache_size = 0;
- if (pw_response.extra_data.data) {
- free(pw_response.extra_data.data);
- }
- }
-
- wbc_status = wbcRequestResponse(WINBINDD_ENDPWENT,
- NULL, NULL);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Return the next struct passwd* entry from the pwent iterator */
-wbcErr wbcGetpwent(struct passwd **pwd)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_pw *wb_pw;
-
- /* If there's a cached result, return that. */
- if (pw_cache_idx < pw_cache_size) {
- goto return_result;
- }
-
- /* Otherwise, query winbindd for some entries. */
-
- pw_cache_idx = 0;
-
- if (pw_response.extra_data.data) {
- free(pw_response.extra_data.data);
- ZERO_STRUCT(pw_response);
- }
-
- ZERO_STRUCT(request);
- request.data.num_entries = MAX_GETPWENT_USERS;
-
- wbc_status = wbcRequestResponse(WINBINDD_GETPWENT, &request,
- &pw_response);
-
- BAIL_ON_WBC_ERROR(wbc_status);
-
- pw_cache_size = pw_response.data.num_entries;
-
-return_result:
-
- wb_pw = (struct winbindd_pw *) pw_response.extra_data.data;
-
- *pwd = copy_passwd_entry(&wb_pw[pw_cache_idx]);
-
- BAIL_ON_PTR_ERROR(*pwd, wbc_status);
-
- pw_cache_idx++;
-
-done:
- return wbc_status;
-}
-
-/** @brief Number of cached group structs
- *
- */
-static uint32_t gr_cache_size;
-
-/** @brief Position of the grent context
- *
- */
-static uint32_t gr_cache_idx;
-
-/** @brief Winbindd response containing the group structs
- *
- */
-static struct winbindd_response gr_response;
-
-/* Reset the group iterator */
-wbcErr wbcSetgrent(void)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (gr_cache_size > 0) {
- gr_cache_idx = gr_cache_size = 0;
- if (gr_response.extra_data.data) {
- free(gr_response.extra_data.data);
- }
- }
-
- ZERO_STRUCT(gr_response);
-
- wbc_status = wbcRequestResponse(WINBINDD_SETGRENT,
- NULL, NULL);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Close the group iterator */
-wbcErr wbcEndgrent(void)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (gr_cache_size > 0) {
- gr_cache_idx = gr_cache_size = 0;
- if (gr_response.extra_data.data) {
- free(gr_response.extra_data.data);
- }
- }
-
- wbc_status = wbcRequestResponse(WINBINDD_ENDGRENT,
- NULL, NULL);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Return the next struct group* entry from the pwent iterator */
-wbcErr wbcGetgrent(struct group **grp)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_gr *wb_gr;
- uint32_t mem_ofs;
-
- /* If there's a cached result, return that. */
- if (gr_cache_idx < gr_cache_size) {
- goto return_result;
- }
-
- /* Otherwise, query winbindd for some entries. */
-
- gr_cache_idx = 0;
-
- if (gr_response.extra_data.data) {
- free(gr_response.extra_data.data);
- ZERO_STRUCT(gr_response);
- }
-
- ZERO_STRUCT(request);
- request.data.num_entries = MAX_GETGRENT_GROUPS;
-
- wbc_status = wbcRequestResponse(WINBINDD_GETGRENT, &request,
- &gr_response);
-
- BAIL_ON_WBC_ERROR(wbc_status);
-
- gr_cache_size = gr_response.data.num_entries;
-
-return_result:
-
- wb_gr = (struct winbindd_gr *) gr_response.extra_data.data;
-
- mem_ofs = wb_gr[gr_cache_idx].gr_mem_ofs +
- gr_cache_size * sizeof(struct winbindd_gr);
-
- *grp = copy_group_entry(&wb_gr[gr_cache_idx],
- ((char *)gr_response.extra_data.data)+mem_ofs);
-
- BAIL_ON_PTR_ERROR(*grp, wbc_status);
-
- gr_cache_idx++;
-
-done:
- return wbc_status;
-}
-
-/* Return the next struct group* entry from the pwent iterator */
-wbcErr wbcGetgrlist(struct group **grp)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_gr *wb_gr;
-
- /* If there's a cached result, return that. */
- if (gr_cache_idx < gr_cache_size) {
- goto return_result;
- }
-
- /* Otherwise, query winbindd for some entries. */
-
- gr_cache_idx = 0;
-
- if (gr_response.extra_data.data) {
- free(gr_response.extra_data.data);
- ZERO_STRUCT(gr_response);
- }
-
- ZERO_STRUCT(request);
- request.data.num_entries = MAX_GETGRENT_GROUPS;
-
- wbc_status = wbcRequestResponse(WINBINDD_GETGRLST, &request,
- &gr_response);
-
- BAIL_ON_WBC_ERROR(wbc_status);
-
- gr_cache_size = gr_response.data.num_entries;
-
-return_result:
-
- wb_gr = (struct winbindd_gr *) gr_response.extra_data.data;
-
- *grp = copy_group_entry(&wb_gr[gr_cache_idx], NULL);
-
- BAIL_ON_PTR_ERROR(*grp, wbc_status);
-
- gr_cache_idx++;
-
-done:
- return wbc_status;
-}
-
-/* Return the unix group array belonging to the given user */
-wbcErr wbcGetGroups(const char *account,
- uint32_t *num_groups,
- gid_t **_groups)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_response response;
- uint32_t i;
- gid_t *groups = NULL;
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- if (!account) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Send request */
-
- strncpy(request.data.username, account, sizeof(request.data.username)-1);
-
- wbc_status = wbcRequestResponse(WINBINDD_GETGROUPS,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- groups = talloc_array(NULL, gid_t, response.data.num_entries);
- BAIL_ON_PTR_ERROR(groups, wbc_status);
-
- for (i = 0; i < response.data.num_entries; i++) {
- groups[i] = ((gid_t *)response.extra_data.data)[i];
- }
-
- *num_groups = response.data.num_entries;
- *_groups = groups;
- groups = NULL;
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- if (response.extra_data.data) {
- free(response.extra_data.data);
- }
- if (groups) {
- talloc_free(groups);
- }
-
- return wbc_status;
-}
diff --git a/source3/nsswitch/libwbclient/wbc_sid.c b/source3/nsswitch/libwbclient/wbc_sid.c
deleted file mode 100644
index e2157b9609..0000000000
--- a/source3/nsswitch/libwbclient/wbc_sid.c
+++ /dev/null
@@ -1,672 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind client API
-
- Copyright (C) Gerald (Jerry) Carter 2007
-
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-/* Required Headers */
-
-#include "libwbclient.h"
-
-
-/* Convert a binary SID to a character string */
-wbcErr wbcSidToString(const struct wbcDomainSid *sid,
- char **sid_string)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- uint32_t id_auth;
- int i;
- char *tmp = NULL;
-
- if (!sid) {
- wbc_status = WBC_ERR_INVALID_SID;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- id_auth = sid->id_auth[5] +
- (sid->id_auth[4] << 8) +
- (sid->id_auth[3] << 16) +
- (sid->id_auth[2] << 24);
-
- tmp = talloc_asprintf(NULL, "S-%d-%d", sid->sid_rev_num, id_auth);
- BAIL_ON_PTR_ERROR(tmp, wbc_status);
-
- for (i=0; i<sid->num_auths; i++) {
- char *tmp2;
- tmp2 = talloc_asprintf_append(tmp, "-%u", sid->sub_auths[i]);
- BAIL_ON_PTR_ERROR(tmp2, wbc_status);
-
- tmp = tmp2;
- }
-
- *sid_string = tmp;
- tmp = NULL;
-
- wbc_status = WBC_ERR_SUCCESS;
-
-done:
- talloc_free(tmp);
-
- return wbc_status;
-}
-
-/* Convert a character string to a binary SID */
-wbcErr wbcStringToSid(const char *str,
- struct wbcDomainSid *sid)
-{
- const char *p;
- char *q;
- uint32_t x;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (!sid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Sanity check for either "S-" or "s-" */
-
- if (!str
- || (str[0]!='S' && str[0]!='s')
- || (str[1]!='-'))
- {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Get the SID revision number */
-
- p = str+2;
- x = (uint32_t)strtol(p, &q, 10);
- if (x==0 || !q || *q!='-') {
- wbc_status = WBC_ERR_INVALID_SID;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- sid->sid_rev_num = (uint8_t)x;
-
- /* Next the Identifier Authority. This is stored in big-endian
- in a 6 byte array. */
-
- p = q+1;
- x = (uint32_t)strtol(p, &q, 10);
- if (!q || *q!='-') {
- wbc_status = WBC_ERR_INVALID_SID;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- sid->id_auth[5] = (x & 0x000000ff);
- sid->id_auth[4] = (x & 0x0000ff00) >> 8;
- sid->id_auth[3] = (x & 0x00ff0000) >> 16;
- sid->id_auth[2] = (x & 0xff000000) >> 24;
- sid->id_auth[1] = 0;
- sid->id_auth[0] = 0;
-
- /* now read the the subauthorities */
-
- p = q +1;
- sid->num_auths = 0;
- while (sid->num_auths < WBC_MAXSUBAUTHS) {
- x=(uint32_t)strtoul(p, &q, 10);
- if (p == q)
- break;
- if (q == NULL) {
- wbc_status = WBC_ERR_INVALID_SID;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- sid->sub_auths[sid->num_auths++] = x;
-
- if ((*q!='-') || (*q=='\0'))
- break;
- p = q + 1;
- }
-
- /* IF we ended early, then the SID could not be converted */
-
- if (q && *q!='\0') {
- wbc_status = WBC_ERR_INVALID_SID;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- wbc_status = WBC_ERR_SUCCESS;
-
-done:
- return wbc_status;
-
-}
-
-/* Convert a domain and name to SID */
-wbcErr wbcLookupName(const char *domain,
- const char *name,
- struct wbcDomainSid *sid,
- enum wbcSidType *name_type)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (!sid || !name_type) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* dst is already null terminated from the memset above */
-
- strncpy(request.data.name.dom_name, domain,
- sizeof(request.data.name.dom_name)-1);
- strncpy(request.data.name.name, name,
- sizeof(request.data.name.name)-1);
-
- wbc_status = wbcRequestResponse(WINBINDD_LOOKUPNAME,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- wbc_status = wbcStringToSid(response.data.sid.sid, sid);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- *name_type = (enum wbcSidType)response.data.sid.type;
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- return wbc_status;
-}
-
-/* Convert a SID to a domain and name */
-wbcErr wbcLookupSid(const struct wbcDomainSid *sid,
- char **pdomain,
- char **pname,
- enum wbcSidType *pname_type)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *sid_string = NULL;
- char *domain = NULL;
- char *name = NULL;
- enum wbcSidType name_type = WBC_SID_NAME_USE_NONE;
-
- if (!sid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* dst is already null terminated from the memset above */
-
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
- wbcFreeMemory(sid_string);
-
- /* Make request */
-
- wbc_status = wbcRequestResponse(WINBINDD_LOOKUPSID,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- /* Copy out result */
-
- domain = talloc_strdup(NULL, response.data.name.dom_name);
- BAIL_ON_PTR_ERROR(domain, wbc_status);
-
- name = talloc_strdup(NULL, response.data.name.name);
- BAIL_ON_PTR_ERROR(name, wbc_status);
-
- name_type = (enum wbcSidType)response.data.name.type;
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- if (WBC_ERROR_IS_OK(wbc_status)) {
- if (pdomain != NULL) {
- *pdomain = domain;
- }
- if (pname != NULL) {
- *pname = name;
- }
- if (pname_type != NULL) {
- *pname_type = name_type;
- }
- }
- else {
-#if 0
- /*
- * Found by Coverity: In this particular routine we can't end
- * up here with a non-NULL name. Further up there are just two
- * exit paths that lead here, neither of which leave an
- * allocated name. If you add more paths up there, re-activate
- * this.
- */
- if (name != NULL) {
- talloc_free(name);
- }
-#endif
- if (domain != NULL) {
- talloc_free(domain);
- }
- }
-
- return wbc_status;
-}
-
-/* Translate a collection of RIDs within a domain to names */
-
-wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid,
- int num_rids,
- uint32_t *rids,
- const char **pp_domain_name,
- const char ***pnames,
- enum wbcSidType **ptypes)
-{
- size_t i, len, ridbuf_size;
- char *ridlist;
- char *p;
- struct winbindd_request request;
- struct winbindd_response response;
- char *sid_string = NULL;
- char *domain_name = NULL;
- const char **names = NULL;
- enum wbcSidType *types = NULL;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- if (!dom_sid || (num_rids == 0)) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- wbc_status = wbcSidToString(dom_sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
- wbcFreeMemory(sid_string);
-
- /* Even if all the Rids were of maximum 32bit values,
- we would only have 11 bytes per rid in the final array
- ("4294967296" + \n). Add one more byte for the
- terminating '\0' */
-
- ridbuf_size = (sizeof(char)*11) * num_rids + 1;
-
- ridlist = talloc_zero_array(NULL, char, ridbuf_size);
- BAIL_ON_PTR_ERROR(ridlist, wbc_status);
-
- len = 0;
- for (i=0; i<num_rids && (len-1)>0; i++) {
- char ridstr[12];
-
- len = strlen(ridlist);
- p = ridlist + len;
-
- snprintf( ridstr, sizeof(ridstr)-1, "%u\n", rids[i]);
- strncat(p, ridstr, ridbuf_size-len-1);
- }
-
- request.extra_data.data = ridlist;
- request.extra_len = strlen(ridlist)+1;
-
- wbc_status = wbcRequestResponse(WINBINDD_LOOKUPRIDS,
- &request,
- &response);
- talloc_free(ridlist);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- domain_name = talloc_strdup(NULL, response.data.domain_name);
- BAIL_ON_PTR_ERROR(domain_name, wbc_status);
-
- names = talloc_array(NULL, const char*, num_rids);
- BAIL_ON_PTR_ERROR(names, wbc_status);
-
- types = talloc_array(NULL, enum wbcSidType, num_rids);
- BAIL_ON_PTR_ERROR(types, wbc_status);
-
- p = (char *)response.extra_data.data;
-
- for (i=0; i<num_rids; i++) {
- char *q;
-
- if (*p == '\0') {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- types[i] = (enum wbcSidType)strtoul(p, &q, 10);
-
- if (*q != ' ') {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- p = q+1;
-
- if ((q = strchr(p, '\n')) == NULL) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- *q = '\0';
-
- names[i] = talloc_strdup(names, p);
- BAIL_ON_PTR_ERROR(names[i], wbc_status);
-
- p = q+1;
- }
-
- if (*p != '\0') {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- if (response.extra_data.data) {
- free(response.extra_data.data);
- }
-
- if (WBC_ERROR_IS_OK(wbc_status)) {
- *pp_domain_name = domain_name;
- *pnames = names;
- *ptypes = types;
- }
- else {
- if (domain_name)
- talloc_free(domain_name);
- if (names)
- talloc_free(names);
- if (types)
- talloc_free(types);
- }
-
- return wbc_status;
-}
-
-/* Get the groups a user belongs to */
-wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid,
- bool domain_groups_only,
- uint32_t *num_sids,
- struct wbcDomainSid **_sids)
-{
- uint32_t i;
- const char *s;
- struct winbindd_request request;
- struct winbindd_response response;
- char *sid_string = NULL;
- struct wbcDomainSid *sids = NULL;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- int cmd;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- if (!user_sid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- wbc_status = wbcSidToString(user_sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
- wbcFreeMemory(sid_string);
-
- if (domain_groups_only) {
- cmd = WINBINDD_GETUSERDOMGROUPS;
- } else {
- cmd = WINBINDD_GETUSERSIDS;
- }
-
- wbc_status = wbcRequestResponse(cmd,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- if (response.data.num_entries &&
- !response.extra_data.data) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- sids = talloc_array(NULL, struct wbcDomainSid,
- response.data.num_entries);
- BAIL_ON_PTR_ERROR(sids, wbc_status);
-
- s = (const char *)response.extra_data.data;
- for (i = 0; i < response.data.num_entries; i++) {
- char *n = strchr(s, '\n');
- if (n) {
- *n = '\0';
- }
- wbc_status = wbcStringToSid(s, &sids[i]);
- BAIL_ON_WBC_ERROR(wbc_status);
- s += strlen(s) + 1;
- }
-
- *num_sids = response.data.num_entries;
- *_sids = sids;
- sids = NULL;
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- if (response.extra_data.data) {
- free(response.extra_data.data);
- }
- if (sids) {
- talloc_free(sids);
- }
-
- return wbc_status;
-}
-
-/* Lists Users */
-wbcErr wbcListUsers(const char *domain_name,
- uint32_t *_num_users,
- const char ***_users)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_response response;
- uint32_t num_users = 0;
- const char **users = NULL;
- const char *next;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- if (domain_name) {
- strncpy(request.domain_name, domain_name,
- sizeof(request.domain_name)-1);
- }
-
- wbc_status = wbcRequestResponse(WINBINDD_LIST_USERS,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- /* Look through extra data */
-
- next = (const char *)response.extra_data.data;
- while (next) {
- const char **tmp;
- const char *current = next;
- char *k = strchr(next, ',');
- if (k) {
- k[0] = '\0';
- next = k+1;
- } else {
- next = NULL;
- }
-
- tmp = talloc_realloc(NULL, users,
- const char *,
- num_users+1);
- BAIL_ON_PTR_ERROR(tmp, wbc_status);
- users = tmp;
-
- users[num_users] = talloc_strdup(users, current);
- BAIL_ON_PTR_ERROR(users[num_users], wbc_status);
-
- num_users++;
- }
-
- *_num_users = num_users;
- *_users = users;
- users = NULL;
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- if (response.extra_data.data) {
- free(response.extra_data.data);
- }
- if (users) {
- talloc_free(users);
- }
- return wbc_status;
-}
-
-/* Lists Groups */
-wbcErr wbcListGroups(const char *domain_name,
- uint32_t *_num_groups,
- const char ***_groups)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_response response;
- uint32_t num_groups = 0;
- const char **groups = NULL;
- const char *next;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- if (domain_name) {
- strncpy(request.domain_name, domain_name,
- sizeof(request.domain_name)-1);
- }
-
- wbc_status = wbcRequestResponse(WINBINDD_LIST_GROUPS,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- /* Look through extra data */
-
- next = (const char *)response.extra_data.data;
- while (next) {
- const char **tmp;
- const char *current = next;
- char *k = strchr(next, ',');
- if (k) {
- k[0] = '\0';
- next = k+1;
- } else {
- next = NULL;
- }
-
- tmp = talloc_realloc(NULL, groups,
- const char *,
- num_groups+1);
- BAIL_ON_PTR_ERROR(tmp, wbc_status);
- groups = tmp;
-
- groups[num_groups] = talloc_strdup(groups, current);
- BAIL_ON_PTR_ERROR(groups[num_groups], wbc_status);
-
- num_groups++;
- }
-
- *_num_groups = num_groups;
- *_groups = groups;
- groups = NULL;
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- if (response.extra_data.data) {
- free(response.extra_data.data);
- }
- if (groups) {
- talloc_free(groups);
- }
- return wbc_status;
-}
-
-wbcErr wbcGetDisplayName(const struct wbcDomainSid *sid,
- char **pdomain,
- char **pfullname,
- enum wbcSidType *pname_type)
-{
- wbcErr wbc_status;
- char *domain = NULL;
- char *name = NULL;
- enum wbcSidType name_type;
-
- wbc_status = wbcLookupSid(sid, &domain, &name, &name_type);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- if (name_type == WBC_SID_NAME_USER) {
- uid_t uid;
- struct passwd *pwd;
-
- wbc_status = wbcSidToUid(sid, &uid);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- wbc_status = wbcGetpwuid(uid, &pwd);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- wbcFreeMemory(name);
-
- name = talloc_strdup(NULL, pwd->pw_gecos);
- BAIL_ON_PTR_ERROR(name, wbc_status);
- }
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- if (WBC_ERROR_IS_OK(wbc_status)) {
- *pdomain = domain;
- *pfullname = name;
- *pname_type = name_type;
- } else {
- wbcFreeMemory(domain);
- wbcFreeMemory(name);
- }
-
- return wbc_status;
-}
diff --git a/source3/nsswitch/libwbclient/wbc_util.c b/source3/nsswitch/libwbclient/wbc_util.c
deleted file mode 100644
index 7cfb64b87e..0000000000
--- a/source3/nsswitch/libwbclient/wbc_util.c
+++ /dev/null
@@ -1,672 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind client API
-
- Copyright (C) Gerald (Jerry) Carter 2007-2008
-
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-/* Required Headers */
-
-#include "libwbclient.h"
-
-
-
-/** @brief Ping winbindd to see if the daemon is running
- *
- * @return #wbcErr
- **/
-
-wbcErr wbcPing(void)
-{
- struct winbindd_request request;
- struct winbindd_response response;
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- return wbcRequestResponse(WINBINDD_PING, &request, &response);
-}
-
-wbcErr wbcInterfaceDetails(struct wbcInterfaceDetails **_details)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct wbcInterfaceDetails *info;
- struct wbcDomainInfo *domain = NULL;
- struct winbindd_request request;
- struct winbindd_response response;
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- info = talloc(NULL, struct wbcInterfaceDetails);
- BAIL_ON_PTR_ERROR(info, wbc_status);
-
- /* first the interface version */
- wbc_status = wbcRequestResponse(WINBINDD_INTERFACE_VERSION, NULL, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
- info->interface_version = response.data.interface_version;
-
- /* then the samba version and the winbind separator */
- wbc_status = wbcRequestResponse(WINBINDD_INFO, NULL, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- info->winbind_version = talloc_strdup(info,
- response.data.info.samba_version);
- BAIL_ON_PTR_ERROR(info->winbind_version, wbc_status);
- info->winbind_separator = response.data.info.winbind_separator;
-
- /* then the local netbios name */
- wbc_status = wbcRequestResponse(WINBINDD_NETBIOS_NAME, NULL, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- info->netbios_name = talloc_strdup(info,
- response.data.netbios_name);
- BAIL_ON_PTR_ERROR(info->netbios_name, wbc_status);
-
- /* then the local workgroup name */
- wbc_status = wbcRequestResponse(WINBINDD_DOMAIN_NAME, NULL, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- info->netbios_domain = talloc_strdup(info,
- response.data.domain_name);
- BAIL_ON_PTR_ERROR(info->netbios_domain, wbc_status);
-
- wbc_status = wbcDomainInfo(info->netbios_domain, &domain);
- if (wbc_status == WBC_ERR_DOMAIN_NOT_FOUND) {
- /* maybe it's a standalone server */
- domain = NULL;
- wbc_status = WBC_ERR_SUCCESS;
- } else {
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- if (domain) {
- info->dns_domain = talloc_strdup(info,
- domain->dns_name);
- wbcFreeMemory(domain);
- BAIL_ON_PTR_ERROR(info->dns_domain, wbc_status);
- } else {
- info->dns_domain = NULL;
- }
-
- *_details = info;
- info = NULL;
-
- wbc_status = WBC_ERR_SUCCESS;
-
-done:
- talloc_free(info);
- return wbc_status;
-}
-
-
-/* Lookup the current status of a trusted domain */
-wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct wbcDomainInfo *info = NULL;
-
- if (!domain || !dinfo) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- strncpy(request.domain_name, domain,
- sizeof(request.domain_name)-1);
-
- wbc_status = wbcRequestResponse(WINBINDD_DOMAIN_INFO,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- info = talloc(NULL, struct wbcDomainInfo);
- BAIL_ON_PTR_ERROR(info, wbc_status);
-
- info->short_name = talloc_strdup(info,
- response.data.domain_info.name);
- BAIL_ON_PTR_ERROR(info->short_name, wbc_status);
-
- info->dns_name = talloc_strdup(info,
- response.data.domain_info.alt_name);
- BAIL_ON_PTR_ERROR(info->dns_name, wbc_status);
-
- wbc_status = wbcStringToSid(response.data.domain_info.sid,
- &info->sid);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- if (response.data.domain_info.native_mode)
- info->domain_flags |= WBC_DOMINFO_DOMAIN_NATIVE;
- if (response.data.domain_info.active_directory)
- info->domain_flags |= WBC_DOMINFO_DOMAIN_AD;
- if (response.data.domain_info.primary)
- info->domain_flags |= WBC_DOMINFO_DOMAIN_PRIMARY;
-
- *dinfo = info;
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- talloc_free(info);
- }
-
- return wbc_status;
-}
-
-
-/* Resolve a NetbiosName via WINS */
-wbcErr wbcResolveWinsByName(const char *name, char **ip)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *ipaddr;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Send request */
-
- strncpy(request.data.winsreq, name,
- sizeof(request.data.winsreq)-1);
-
- wbc_status = wbcRequestResponse(WINBINDD_WINS_BYNAME,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- /* Display response */
-
- ipaddr = talloc_strdup(NULL, response.data.winsresp);
- BAIL_ON_PTR_ERROR(ipaddr, wbc_status);
-
- *ip = ipaddr;
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- return wbc_status;
-}
-
-/* Resolve an IP address via WINS into a NetbiosName */
-wbcErr wbcResolveWinsByIP(const char *ip, char **name)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *name_str;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Send request */
-
- strncpy(request.data.winsreq, ip,
- sizeof(request.data.winsreq)-1);
-
- wbc_status = wbcRequestResponse(WINBINDD_WINS_BYIP,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- /* Display response */
-
- name_str = talloc_strdup(NULL, response.data.winsresp);
- BAIL_ON_PTR_ERROR(name_str, wbc_status);
-
- *name = name_str;
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- return wbc_status;
-}
-
-/**
- */
-
-static wbcErr process_domain_info_string(TALLOC_CTX *ctx,
- struct wbcDomainInfo *info,
- char *info_string)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *r = NULL;
- char *s = NULL;
-
- if (!info || !info_string) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- r = info_string;
-
- /* Short Name */
- if ((s = strchr(r, '\\')) == NULL) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- *s = '\0';
- s++;
-
- info->short_name = talloc_strdup(ctx, r);
- BAIL_ON_PTR_ERROR(info->short_name, wbc_status);
-
-
- /* DNS Name */
- r = s;
- if ((s = strchr(r, '\\')) == NULL) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- *s = '\0';
- s++;
-
- info->dns_name = talloc_strdup(ctx, r);
- BAIL_ON_PTR_ERROR(info->dns_name, wbc_status);
-
- /* SID */
- r = s;
- if ((s = strchr(r, '\\')) == NULL) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- *s = '\0';
- s++;
-
- wbc_status = wbcStringToSid(r, &info->sid);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- /* Trust type */
- r = s;
- if ((s = strchr(r, '\\')) == NULL) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- *s = '\0';
- s++;
-
- if (strcmp(r, "None") == 0) {
- info->trust_type = WBC_DOMINFO_TRUSTTYPE_NONE;
- } else if (strcmp(r, "External") == 0) {
- info->trust_type = WBC_DOMINFO_TRUSTTYPE_EXTERNAL;
- } else if (strcmp(r, "Forest") == 0) {
- info->trust_type = WBC_DOMINFO_TRUSTTYPE_FOREST;
- } else if (strcmp(r, "In Forest") == 0) {
- info->trust_type = WBC_DOMINFO_TRUSTTYPE_IN_FOREST;
- } else {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Transitive */
- r = s;
- if ((s = strchr(r, '\\')) == NULL) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- *s = '\0';
- s++;
-
- if (strcmp(r, "Yes") == 0) {
- info->trust_flags |= WBC_DOMINFO_TRUST_TRANSITIVE;
- }
-
- /* Incoming */
- r = s;
- if ((s = strchr(r, '\\')) == NULL) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- *s = '\0';
- s++;
-
- if (strcmp(r, "Yes") == 0) {
- info->trust_flags |= WBC_DOMINFO_TRUST_INCOMING;
- }
-
- /* Outgoing */
- r = s;
- if ((s = strchr(r, '\\')) == NULL) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- *s = '\0';
- s++;
-
- if (strcmp(r, "Yes") == 0) {
- info->trust_flags |= WBC_DOMINFO_TRUST_OUTGOING;
- }
-
- /* Online/Offline status */
-
- r = s;
- if (r == NULL) {
- wbc_status = WBC_ERR_INVALID_RESPONSE;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
- if ( strcmp(r, "Offline") == 0) {
- info->domain_flags |= WBC_DOMINFO_DOMAIN_OFFLINE;
- }
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- return wbc_status;
-}
-
-/* Enumerate the domain trusts known by Winbind */
-wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains)
-{
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *p = NULL;
- char *q = NULL;
- char *extra_data = NULL;
- int count = 0;
- struct wbcDomainInfo *d_list = NULL;
- int i = 0;
-
- *domains = NULL;
- *num_domains = 0;
-
- ZERO_STRUCT(response);
-
- /* Send request */
-
- wbc_status = wbcRequestResponse(WINBINDD_LIST_TRUSTDOM,
- NULL,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- /* Decode the response */
-
- p = (char *)response.extra_data.data;
-
- if (strlen(p) == 0) {
- /* We should always at least get back our
- own SAM domain */
-
- wbc_status = WBC_ERR_DOMAIN_NOT_FOUND;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Count number of domains */
-
- count = 0;
- while (p) {
- count++;
-
- if ((q = strchr(p, '\n')) != NULL)
- q++;
- p = q;
- }
-
- d_list = talloc_array(NULL, struct wbcDomainInfo, count);
- BAIL_ON_PTR_ERROR(d_list, wbc_status);
-
- extra_data = strdup((char*)response.extra_data.data);
- BAIL_ON_PTR_ERROR(extra_data, wbc_status);
-
- p = extra_data;
-
- /* Outer loop processes the list of domain information */
-
- for (i=0; i<count && p; i++) {
- char *next = strchr(p, '\n');
-
- if (next) {
- *next = '\0';
- next++;
- }
-
- wbc_status = process_domain_info_string(d_list, &d_list[i], p);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- p = next;
- }
-
- *domains = d_list;
- *num_domains = i;
-
- done:
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- if (d_list)
- talloc_free(d_list);
- if (extra_data)
- free(extra_data);
- }
-
- return wbc_status;
-}
-
-/* Enumerate the domain trusts known by Winbind */
-wbcErr wbcLookupDomainController(const char *domain,
- uint32_t flags,
- struct wbcDomainControllerInfo **dc_info)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_response response;
- struct wbcDomainControllerInfo *dc = NULL;
-
- /* validate input params */
-
- if (!domain || !dc_info) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- strncpy(request.domain_name, domain, sizeof(request.domain_name)-1);
-
- request.flags = flags;
-
- dc = talloc(NULL, struct wbcDomainControllerInfo);
- BAIL_ON_PTR_ERROR(dc, wbc_status);
-
- /* Send request */
-
- wbc_status = wbcRequestResponse(WINBINDD_DSGETDCNAME,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- dc->dc_name = talloc_strdup(dc, response.data.dc_name);
- BAIL_ON_PTR_ERROR(dc->dc_name, wbc_status);
-
- *dc_info = dc;
-
-done:
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- talloc_free(dc);
- }
-
- return wbc_status;
-}
-
-static wbcErr wbc_create_domain_controller_info_ex(TALLOC_CTX *mem_ctx,
- const struct winbindd_response *resp,
- struct wbcDomainControllerInfoEx **_i)
-{
- wbcErr wbc_status = WBC_ERR_SUCCESS;
- struct wbcDomainControllerInfoEx *i;
- struct wbcGuid guid;
-
- i = talloc(mem_ctx, struct wbcDomainControllerInfoEx);
- BAIL_ON_PTR_ERROR(i, wbc_status);
-
- i->dc_unc = talloc_strdup(i, resp->data.dsgetdcname.dc_unc);
- BAIL_ON_PTR_ERROR(i->dc_unc, wbc_status);
-
- i->dc_address = talloc_strdup(i, resp->data.dsgetdcname.dc_address);
- BAIL_ON_PTR_ERROR(i->dc_address, wbc_status);
-
- i->dc_address_type = resp->data.dsgetdcname.dc_address_type;
-
- wbc_status = wbcStringToGuid(resp->data.dsgetdcname.domain_guid, &guid);
- if (WBC_ERROR_IS_OK(wbc_status)) {
- i->domain_guid = talloc(i, struct wbcGuid);
- BAIL_ON_PTR_ERROR(i->domain_guid, wbc_status);
-
- *i->domain_guid = guid;
- } else {
- i->domain_guid = NULL;
- }
-
- i->domain_name = talloc_strdup(i, resp->data.dsgetdcname.domain_name);
- BAIL_ON_PTR_ERROR(i->domain_name, wbc_status);
-
- if (resp->data.dsgetdcname.forest_name[0] != '\0') {
- i->forest_name = talloc_strdup(i,
- resp->data.dsgetdcname.forest_name);
- BAIL_ON_PTR_ERROR(i->forest_name, wbc_status);
- } else {
- i->forest_name = NULL;
- }
-
- i->dc_flags = resp->data.dsgetdcname.dc_flags;
-
- if (resp->data.dsgetdcname.dc_site_name[0] != '\0') {
- i->dc_site_name = talloc_strdup(i,
- resp->data.dsgetdcname.dc_site_name);
- BAIL_ON_PTR_ERROR(i->dc_site_name, wbc_status);
- } else {
- i->dc_site_name = NULL;
- }
-
- if (resp->data.dsgetdcname.client_site_name[0] != '\0') {
- i->client_site_name = talloc_strdup(i,
- resp->data.dsgetdcname.client_site_name);
- BAIL_ON_PTR_ERROR(i->client_site_name, wbc_status);
- } else {
- i->client_site_name = NULL;
- }
-
- *_i = i;
- i = NULL;
-
-done:
- talloc_free(i);
- return wbc_status;
-}
-
-/* Get extended domain controller information */
-wbcErr wbcLookupDomainControllerEx(const char *domain,
- struct wbcGuid *guid,
- const char *site,
- uint32_t flags,
- struct wbcDomainControllerInfoEx **dc_info)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_response response;
-
- /* validate input params */
-
- if (!domain || !dc_info) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.dsgetdcname.flags = flags;
-
- strncpy(request.data.dsgetdcname.domain_name, domain,
- sizeof(request.data.dsgetdcname.domain_name)-1);
-
- if (site) {
- strncpy(request.data.dsgetdcname.site_name, site,
- sizeof(request.data.dsgetdcname.site_name)-1);
- }
-
- if (guid) {
- char *str = NULL;
-
- wbc_status = wbcGuidToString(guid, &str);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.dsgetdcname.domain_guid, str,
- sizeof(request.data.dsgetdcname.domain_guid)-1);
-
- wbcFreeMemory(str);
- }
-
- /* Send request */
-
- wbc_status = wbcRequestResponse(WINBINDD_DSGETDCNAME,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- if (dc_info) {
- wbc_status = wbc_create_domain_controller_info_ex(NULL,
- &response,
- dc_info);
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- wbc_status = WBC_ERR_SUCCESS;
-done:
- return wbc_status;
-}
-
-/* Initialize a named blob and add to list of blobs */
-wbcErr wbcAddNamedBlob(size_t *num_blobs,
- struct wbcNamedBlob **blobs,
- const char *name,
- uint32_t flags,
- uint8_t *data,
- size_t length)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct wbcNamedBlob blob;
-
- *blobs = talloc_realloc(NULL, *blobs, struct wbcNamedBlob,
- *(num_blobs)+1);
- BAIL_ON_PTR_ERROR(*blobs, wbc_status);
-
- blob.name = talloc_strdup(*blobs, name);
- BAIL_ON_PTR_ERROR(blob.name, wbc_status);
- blob.flags = flags;
- blob.blob.length = length;
- blob.blob.data = (uint8_t *)talloc_memdup(*blobs, data, length);
- BAIL_ON_PTR_ERROR(blob.blob.data, wbc_status);
-
- (*(blobs))[*num_blobs] = blob;
- *(num_blobs) += 1;
-
- wbc_status = WBC_ERR_SUCCESS;
-done:
- if (!WBC_ERROR_IS_OK(wbc_status) && blobs) {
- wbcFreeMemory(*blobs);
- }
- return wbc_status;
-}
diff --git a/source3/nsswitch/libwbclient/wbclient.c b/source3/nsswitch/libwbclient/wbclient.c
deleted file mode 100644
index 3a9afad15d..0000000000
--- a/source3/nsswitch/libwbclient/wbclient.c
+++ /dev/null
@@ -1,159 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind client API
-
- Copyright (C) Gerald (Jerry) Carter 2007
-
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-/* Required Headers */
-
-#include "libwbclient.h"
-
-/* From wb_common.c */
-
-NSS_STATUS winbindd_request_response(int req_type,
- struct winbindd_request *request,
- struct winbindd_response *response);
-
-/** @brief Wrapper around Winbind's send/receive API call
- *
- * @param cmd Winbind command operation to perform
- * @param request Send structure
- * @param response Receive structure
- *
- * @return #wbcErr
- **/
-
-/**********************************************************************
- result == NSS_STATUS_UNAVAIL: winbind not around
- result == NSS_STATUS_NOTFOUND: winbind around, but domain missing
-
- Due to a bad API NSS_STATUS_NOTFOUND is returned both when winbind_off
- and when winbind return WINBINDD_ERROR. So the semantics of this
- routine depends on winbind_on. Grepping for winbind_off I just
- found 3 places where winbind is turned off, and this does not conflict
- (as far as I have seen) with the callers of is_trusted_domains.
-
- --Volker
-**********************************************************************/
-
-wbcErr wbcRequestResponse(int cmd,
- struct winbindd_request *request,
- struct winbindd_response *response)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- NSS_STATUS nss_status;
-
- /* for some calls the request and/or response can be NULL */
-
- nss_status = winbindd_request_response(cmd, request, response);
-
- switch (nss_status) {
- case NSS_STATUS_SUCCESS:
- wbc_status = WBC_ERR_SUCCESS;
- break;
- case NSS_STATUS_UNAVAIL:
- wbc_status = WBC_ERR_WINBIND_NOT_AVAILABLE;
- break;
- case NSS_STATUS_NOTFOUND:
- wbc_status = WBC_ERR_DOMAIN_NOT_FOUND;
- break;
- default:
- wbc_status = WBC_ERR_NSS_ERROR;
- break;
- }
-
- return wbc_status;
-}
-
-/** @brief Translate an error value into a string
- *
- * @param error
- *
- * @return a pointer to a static string
- **/
-const char *wbcErrorString(wbcErr error)
-{
- switch (error) {
- case WBC_ERR_SUCCESS:
- return "WBC_ERR_SUCCESS";
- case WBC_ERR_NOT_IMPLEMENTED:
- return "WBC_ERR_NOT_IMPLEMENTED";
- case WBC_ERR_UNKNOWN_FAILURE:
- return "WBC_ERR_UNKNOWN_FAILURE";
- case WBC_ERR_NO_MEMORY:
- return "WBC_ERR_NO_MEMORY";
- case WBC_ERR_INVALID_SID:
- return "WBC_ERR_INVALID_SID";
- case WBC_ERR_INVALID_PARAM:
- return "WBC_ERR_INVALID_PARAM";
- case WBC_ERR_WINBIND_NOT_AVAILABLE:
- return "WBC_ERR_WINBIND_NOT_AVAILABLE";
- case WBC_ERR_DOMAIN_NOT_FOUND:
- return "WBC_ERR_DOMAIN_NOT_FOUND";
- case WBC_ERR_INVALID_RESPONSE:
- return "WBC_ERR_INVALID_RESPONSE";
- case WBC_ERR_NSS_ERROR:
- return "WBC_ERR_NSS_ERROR";
- case WBC_ERR_UNKNOWN_USER:
- return "WBC_ERR_UNKNOWN_USER";
- case WBC_ERR_UNKNOWN_GROUP:
- return "WBC_ERR_UNKNOWN_GROUP";
- case WBC_ERR_AUTH_ERROR:
- return "WBC_ERR_AUTH_ERROR";
- case WBC_ERR_PWD_CHANGE_FAILED:
- return "WBC_ERR_PWD_CHANGE_FAILED";
- }
-
- return "unknown wbcErr value";
-}
-
-/* Free library allocated memory */
-void wbcFreeMemory(void *p)
-{
- if (p)
- talloc_free(p);
-
- return;
-}
-
-wbcErr wbcLibraryDetails(struct wbcLibraryDetails **_details)
-{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct wbcLibraryDetails *info;
-
- info = talloc(NULL, struct wbcLibraryDetails);
- BAIL_ON_PTR_ERROR(info, wbc_status);
-
- info->major_version = WBCLIENT_MAJOR_VERSION;
- info->minor_version = WBCLIENT_MINOR_VERSION;
- info->vendor_version = talloc_strdup(info,
- WBCLIENT_VENDOR_VERSION);
- BAIL_ON_PTR_ERROR(info->vendor_version, wbc_status);
-
- *_details = info;
- info = NULL;
-
- wbc_status = WBC_ERR_SUCCESS;
-
-done:
- talloc_free(info);
- return wbc_status;
-}
-
-
diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h
deleted file mode 100644
index fcad3ff69b..0000000000
--- a/source3/nsswitch/libwbclient/wbclient.h
+++ /dev/null
@@ -1,1187 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind client API
-
- Copyright (C) Gerald (Jerry) Carter 2007
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#ifndef _WBCLIENT_H
-#define _WBCLIENT_H
-
-#include <pwd.h>
-#include <grp.h>
-
-/* Define error types */
-
-/**
- * @brief Status codes returned from wbc functions
- **/
-
-enum _wbcErrType {
- WBC_ERR_SUCCESS = 0, /**< Successful completion **/
- WBC_ERR_NOT_IMPLEMENTED,/**< Function not implemented **/
- WBC_ERR_UNKNOWN_FAILURE,/**< General failure **/
- WBC_ERR_NO_MEMORY, /**< Memory allocation error **/
- WBC_ERR_INVALID_SID, /**< Invalid SID format **/
- WBC_ERR_INVALID_PARAM, /**< An Invalid parameter was supplied **/
- WBC_ERR_WINBIND_NOT_AVAILABLE, /**< Winbind daemon is not available **/
- WBC_ERR_DOMAIN_NOT_FOUND, /**< Domain is not trusted or cannot be found **/
- WBC_ERR_INVALID_RESPONSE, /**< Winbind returned an invalid response **/
- WBC_ERR_NSS_ERROR, /**< NSS_STATUS error **/
- WBC_ERR_AUTH_ERROR, /**< Authentication failed **/
- WBC_ERR_UNKNOWN_USER, /**< User account cannot be found */
- WBC_ERR_UNKNOWN_GROUP, /**< Group account cannot be found */
- WBC_ERR_PWD_CHANGE_FAILED /**< Password Change has failed */
-};
-
-typedef enum _wbcErrType wbcErr;
-
-#define WBC_ERROR_IS_OK(x) ((x) == WBC_ERR_SUCCESS)
-
-const char *wbcErrorString(wbcErr error);
-
-/**
- * @brief Some useful details about the wbclient library
- *
- * 0.1: Initial version
- * 0.2: Added wbcRemoveUidMapping()
- * Added wbcRemoveGidMapping()
- **/
-#define WBCLIENT_MAJOR_VERSION 0
-#define WBCLIENT_MINOR_VERSION 2
-#define WBCLIENT_VENDOR_VERSION "Samba libwbclient"
-struct wbcLibraryDetails {
- uint16_t major_version;
- uint16_t minor_version;
- const char *vendor_version;
-};
-
-/**
- * @brief Some useful details about the running winbindd
- *
- **/
-struct wbcInterfaceDetails {
- uint32_t interface_version;
- const char *winbind_version;
- char winbind_separator;
- const char *netbios_name;
- const char *netbios_domain;
- const char *dns_domain;
-};
-
-/*
- * Data types used by the Winbind Client API
- */
-
-#ifndef WBC_MAXSUBAUTHS
-#define WBC_MAXSUBAUTHS 15 /* max sub authorities in a SID */
-#endif
-
-/**
- * @brief Windows Security Identifier
- *
- **/
-
-struct wbcDomainSid {
- uint8_t sid_rev_num;
- uint8_t num_auths;
- uint8_t id_auth[6];
- uint32_t sub_auths[WBC_MAXSUBAUTHS];
-};
-
-/**
- * @brief Security Identifier type
- **/
-
-enum wbcSidType {
- WBC_SID_NAME_USE_NONE=0,
- WBC_SID_NAME_USER=1,
- WBC_SID_NAME_DOM_GRP=2,
- WBC_SID_NAME_DOMAIN=3,
- WBC_SID_NAME_ALIAS=4,
- WBC_SID_NAME_WKN_GRP=5,
- WBC_SID_NAME_DELETED=6,
- WBC_SID_NAME_INVALID=7,
- WBC_SID_NAME_UNKNOWN=8,
- WBC_SID_NAME_COMPUTER=9
-};
-
-/**
- * @brief Security Identifier with attributes
- **/
-
-struct wbcSidWithAttr {
- struct wbcDomainSid sid;
- uint32_t attributes;
-};
-
-/* wbcSidWithAttr->attributes */
-
-#define WBC_SID_ATTR_GROUP_MANDATORY 0x00000001
-#define WBC_SID_ATTR_GROUP_ENABLED_BY_DEFAULT 0x00000002
-#define WBC_SID_ATTR_GROUP_ENABLED 0x00000004
-#define WBC_SID_ATTR_GROUP_OWNER 0x00000008
-#define WBC_SID_ATTR_GROUP_USEFOR_DENY_ONLY 0x00000010
-#define WBC_SID_ATTR_GROUP_RESOURCE 0x20000000
-#define WBC_SID_ATTR_GROUP_LOGON_ID 0xC0000000
-
-/**
- * @brief Windows GUID
- *
- **/
-
-struct wbcGuid {
- uint32_t time_low;
- uint16_t time_mid;
- uint16_t time_hi_and_version;
- uint8_t clock_seq[2];
- uint8_t node[6];
-};
-
-/**
- * @brief Domain Information
- **/
-
-struct wbcDomainInfo {
- char *short_name;
- char *dns_name;
- struct wbcDomainSid sid;
- uint32_t domain_flags;
- uint32_t trust_flags;
- uint32_t trust_type;
-};
-
-/* wbcDomainInfo->domain_flags */
-
-#define WBC_DOMINFO_DOMAIN_UNKNOWN 0x00000000
-#define WBC_DOMINFO_DOMAIN_NATIVE 0x00000001
-#define WBC_DOMINFO_DOMAIN_AD 0x00000002
-#define WBC_DOMINFO_DOMAIN_PRIMARY 0x00000004
-#define WBC_DOMINFO_DOMAIN_OFFLINE 0x00000008
-
-/* wbcDomainInfo->trust_flags */
-
-#define WBC_DOMINFO_TRUST_TRANSITIVE 0x00000001
-#define WBC_DOMINFO_TRUST_INCOMING 0x00000002
-#define WBC_DOMINFO_TRUST_OUTGOING 0x00000004
-
-/* wbcDomainInfo->trust_type */
-
-#define WBC_DOMINFO_TRUSTTYPE_NONE 0x00000000
-#define WBC_DOMINFO_TRUSTTYPE_FOREST 0x00000001
-#define WBC_DOMINFO_TRUSTTYPE_IN_FOREST 0x00000002
-#define WBC_DOMINFO_TRUSTTYPE_EXTERNAL 0x00000003
-
-
-/**
- * @brief Auth User Parameters
- **/
-
-struct wbcAuthUserParams {
- const char *account_name;
- const char *domain_name;
- const char *workstation_name;
-
- uint32_t flags;
-
- uint32_t parameter_control;
-
- enum wbcAuthUserLevel {
- WBC_AUTH_USER_LEVEL_PLAIN = 1,
- WBC_AUTH_USER_LEVEL_HASH = 2,
- WBC_AUTH_USER_LEVEL_RESPONSE = 3
- } level;
- union {
- const char *plaintext;
- struct {
- uint8_t nt_hash[16];
- uint8_t lm_hash[16];
- } hash;
- struct {
- uint8_t challenge[8];
- uint32_t nt_length;
- uint8_t *nt_data;
- uint32_t lm_length;
- uint8_t *lm_data;
- } response;
- } password;
-};
-
-/**
- * @brief Generic Blob
- **/
-
-struct wbcBlob {
- uint8_t *data;
- size_t length;
-};
-
-/**
- * @brief Named Blob
- **/
-
-struct wbcNamedBlob {
- const char *name;
- uint32_t flags;
- struct wbcBlob blob;
-};
-
-/**
- * @brief Logon User Parameters
- **/
-
-struct wbcLogonUserParams {
- const char *username;
- const char *password;
- size_t num_blobs;
- struct wbcNamedBlob *blobs;
-};
-
-/**
- * @brief ChangePassword Parameters
- **/
-
-struct wbcChangePasswordParams {
- const char *account_name;
- const char *domain_name;
-
- uint32_t flags;
-
- enum wbcChangePasswordLevel {
- WBC_CHANGE_PASSWORD_LEVEL_PLAIN = 1,
- WBC_CHANGE_PASSWORD_LEVEL_RESPONSE = 2
- } level;
-
- union {
- const char *plaintext;
- struct {
- uint32_t old_nt_hash_enc_length;
- uint8_t *old_nt_hash_enc_data;
- uint32_t old_lm_hash_enc_length;
- uint8_t *old_lm_hash_enc_data;
- } response;
- } old_password;
- union {
- const char *plaintext;
- struct {
- uint32_t nt_length;
- uint8_t *nt_data;
- uint32_t lm_length;
- uint8_t *lm_data;
- } response;
- } new_password;
-};
-
-/* wbcAuthUserParams->parameter_control */
-
-#define WBC_MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x00000002
-#define WBC_MSV1_0_UPDATE_LOGON_STATISTICS 0x00000004
-#define WBC_MSV1_0_RETURN_USER_PARAMETERS 0x00000008
-#define WBC_MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x00000020
-#define WBC_MSV1_0_RETURN_PROFILE_PATH 0x00000200
-#define WBC_MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x00000800
-
-/* wbcAuthUserParams->flags */
-
-#define WBC_AUTH_PARAM_FLAGS_INTERACTIVE_LOGON 0x00000001
-
-/**
- * @brief Auth User Information
- *
- * Some of the strings are maybe NULL
- **/
-
-struct wbcAuthUserInfo {
- uint32_t user_flags;
-
- char *account_name;
- char *user_principal;
- char *full_name;
- char *domain_name;
- char *dns_domain_name;
-
- uint32_t acct_flags;
- uint8_t user_session_key[16];
- uint8_t lm_session_key[8];
-
- uint16_t logon_count;
- uint16_t bad_password_count;
-
- uint64_t logon_time;
- uint64_t logoff_time;
- uint64_t kickoff_time;
- uint64_t pass_last_set_time;
- uint64_t pass_can_change_time;
- uint64_t pass_must_change_time;
-
- char *logon_server;
- char *logon_script;
- char *profile_path;
- char *home_directory;
- char *home_drive;
-
- /*
- * the 1st one is the account sid
- * the 2nd one is the primary_group sid
- * followed by the rest of the groups
- */
- uint32_t num_sids;
- struct wbcSidWithAttr *sids;
-};
-
-/**
- * @brief Logon User Information
- *
- * Some of the strings are maybe NULL
- **/
-
-struct wbcLogonUserInfo {
- struct wbcAuthUserInfo *info;
- size_t num_blobs;
- struct wbcNamedBlob *blobs;
-};
-
-/* wbcAuthUserInfo->user_flags */
-
-#define WBC_AUTH_USER_INFO_GUEST 0x00000001
-#define WBC_AUTH_USER_INFO_NOENCRYPTION 0x00000002
-#define WBC_AUTH_USER_INFO_CACHED_ACCOUNT 0x00000004
-#define WBC_AUTH_USER_INFO_USED_LM_PASSWORD 0x00000008
-#define WBC_AUTH_USER_INFO_EXTRA_SIDS 0x00000020
-#define WBC_AUTH_USER_INFO_SUBAUTH_SESSION_KEY 0x00000040
-#define WBC_AUTH_USER_INFO_SERVER_TRUST_ACCOUNT 0x00000080
-#define WBC_AUTH_USER_INFO_NTLMV2_ENABLED 0x00000100
-#define WBC_AUTH_USER_INFO_RESOURCE_GROUPS 0x00000200
-#define WBC_AUTH_USER_INFO_PROFILE_PATH_RETURNED 0x00000400
-#define WBC_AUTH_USER_INFO_GRACE_LOGON 0x01000000
-
-/* wbcAuthUserInfo->acct_flags */
-
-#define WBC_ACB_DISABLED 0x00000001 /* 1 User account disabled */
-#define WBC_ACB_HOMDIRREQ 0x00000002 /* 1 Home directory required */
-#define WBC_ACB_PWNOTREQ 0x00000004 /* 1 User password not required */
-#define WBC_ACB_TEMPDUP 0x00000008 /* 1 Temporary duplicate account */
-#define WBC_ACB_NORMAL 0x00000010 /* 1 Normal user account */
-#define WBC_ACB_MNS 0x00000020 /* 1 MNS logon user account */
-#define WBC_ACB_DOMTRUST 0x00000040 /* 1 Interdomain trust account */
-#define WBC_ACB_WSTRUST 0x00000080 /* 1 Workstation trust account */
-#define WBC_ACB_SVRTRUST 0x00000100 /* 1 Server trust account */
-#define WBC_ACB_PWNOEXP 0x00000200 /* 1 User password does not expire */
-#define WBC_ACB_AUTOLOCK 0x00000400 /* 1 Account auto locked */
-#define WBC_ACB_ENC_TXT_PWD_ALLOWED 0x00000800 /* 1 Encryped text password is allowed */
-#define WBC_ACB_SMARTCARD_REQUIRED 0x00001000 /* 1 Smart Card required */
-#define WBC_ACB_TRUSTED_FOR_DELEGATION 0x00002000 /* 1 Trusted for Delegation */
-#define WBC_ACB_NOT_DELEGATED 0x00004000 /* 1 Not delegated */
-#define WBC_ACB_USE_DES_KEY_ONLY 0x00008000 /* 1 Use DES key only */
-#define WBC_ACB_DONT_REQUIRE_PREAUTH 0x00010000 /* 1 Preauth not required */
-#define WBC_ACB_PW_EXPIRED 0x00020000 /* 1 Password Expired */
-#define WBC_ACB_NO_AUTH_DATA_REQD 0x00080000 /* 1 = No authorization data required */
-
-struct wbcAuthErrorInfo {
- uint32_t nt_status;
- char *nt_string;
- int32_t pam_error;
- char *display_string;
-};
-
-/**
- * @brief User Password Policy Information
- **/
-
-/* wbcUserPasswordPolicyInfo->password_properties */
-
-#define WBC_DOMAIN_PASSWORD_COMPLEX 0x00000001
-#define WBC_DOMAIN_PASSWORD_NO_ANON_CHANGE 0x00000002
-#define WBC_DOMAIN_PASSWORD_NO_CLEAR_CHANGE 0x00000004
-#define WBC_DOMAIN_PASSWORD_LOCKOUT_ADMINS 0x00000008
-#define WBC_DOMAIN_PASSWORD_STORE_CLEARTEXT 0x00000010
-#define WBC_DOMAIN_REFUSE_PASSWORD_CHANGE 0x00000020
-
-struct wbcUserPasswordPolicyInfo {
- uint32_t min_length_password;
- uint32_t password_history;
- uint32_t password_properties;
- uint64_t expire;
- uint64_t min_passwordage;
-};
-
-/**
- * @brief Change Password Reject Reason
- **/
-
-enum wbcPasswordChangeRejectReason {
- WBC_PWD_CHANGE_REJECT_OTHER=0,
- WBC_PWD_CHANGE_REJECT_TOO_SHORT=1,
- WBC_PWD_CHANGE_REJECT_IN_HISTORY=2,
- WBC_PWD_CHANGE_REJECT_COMPLEXITY=5
-};
-
-/**
- * @brief Logoff User Parameters
- **/
-
-struct wbcLogoffUserParams {
- const char *username;
- size_t num_blobs;
- struct wbcNamedBlob *blobs;
-};
-
-/** @brief Credential cache log-on parameters
- *
- */
-
-struct wbcCredentialCacheParams {
- const char *account_name;
- const char *domain_name;
- enum wbcCredentialCacheLevel {
- WBC_CREDENTIAL_CACHE_LEVEL_NTLMSSP = 1
- } level;
- size_t num_blobs;
- struct wbcNamedBlob *blobs;
-};
-
-
-/** @brief Info returned by credential cache auth
- *
- */
-
-struct wbcCredentialCacheInfo {
- size_t num_blobs;
- struct wbcNamedBlob *blobs;
-};
-
-/*
- * DomainControllerInfo struct
- */
-struct wbcDomainControllerInfo {
- char *dc_name;
-};
-
-/*
- * DomainControllerInfoEx struct
- */
-struct wbcDomainControllerInfoEx {
- const char *dc_unc;
- const char *dc_address;
- uint16_t dc_address_type;
- struct wbcGuid *domain_guid;
- const char *domain_name;
- const char *forest_name;
- uint32_t dc_flags;
- const char *dc_site_name;
- const char *client_site_name;
-};
-
-/**********************************************************
- * Memory Management
- **********************************************************/
-
-/**
- * @brief Free library allocated memory
- *
- * @param *p Pointer to free
- *
- * @return void
- **/
-void wbcFreeMemory(void*);
-
-
-/*
- * Utility functions for dealing with SIDs
- */
-
-/**
- * @brief Convert a binary SID to a character string
- *
- * @param sid Binary Security Identifier
- * @param **sid_string Resulting character string
- *
- * @return #wbcErr
- **/
-wbcErr wbcSidToString(const struct wbcDomainSid *sid,
- char **sid_string);
-
-/**
- * @brief Convert a character string to a binary SID
- *
- * @param *str Character string in the form of S-...
- * @param sid Resulting binary SID
- *
- * @return #wbcErr
- **/
-wbcErr wbcStringToSid(const char *sid_string,
- struct wbcDomainSid *sid);
-
-/*
- * Utility functions for dealing with GUIDs
- */
-
-/**
- * @brief Convert a binary GUID to a character string
- *
- * @param guid Binary Guid
- * @param **guid_string Resulting character string
- *
- * @return #wbcErr
- **/
-wbcErr wbcGuidToString(const struct wbcGuid *guid,
- char **guid_string);
-
-/**
- * @brief Convert a character string to a binary GUID
- *
- * @param *str Character string
- * @param guid Resulting binary GUID
- *
- * @return #wbcErr
- **/
-wbcErr wbcStringToGuid(const char *guid_string,
- struct wbcGuid *guid);
-
-/**
- * @brief Ping winbindd to see if the daemon is running
- *
- * @return #wbcErr
- **/
-wbcErr wbcPing(void);
-
-wbcErr wbcLibraryDetails(struct wbcLibraryDetails **details);
-
-wbcErr wbcInterfaceDetails(struct wbcInterfaceDetails **details);
-
-/**********************************************************
- * Name/SID conversion
- **********************************************************/
-
-/**
- * @brief Convert a domain and name to SID
- *
- * @param domain Domain name (possibly "")
- * @param name User or group name
- * @param *sid Pointer to the resolved domain SID
- * @param *name_type Pointer to the SID type
- *
- * @return #wbcErr
- **/
-wbcErr wbcLookupName(const char *dom_name,
- const char *name,
- struct wbcDomainSid *sid,
- enum wbcSidType *name_type);
-
-/**
- * @brief Convert a SID to a domain and name
- *
- * @param *sid Pointer to the domain SID to be resolved
- * @param pdomain Resolved Domain name (possibly "")
- * @param pname Resolved User or group name
- * @param *pname_type Pointer to the resolved SID type
- *
- * @return #wbcErr
- **/
-wbcErr wbcLookupSid(const struct wbcDomainSid *sid,
- char **domain,
- char **name,
- enum wbcSidType *name_type);
-
-/**
- * @brief Translate a collection of RIDs within a domain to names
- */
-wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid,
- int num_rids,
- uint32_t *rids,
- const char **domain_name,
- const char ***names,
- enum wbcSidType **types);
-
-/*
- * @brief Get the groups a user belongs to
- **/
-wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid,
- bool domain_groups_only,
- uint32_t *num_sids,
- struct wbcDomainSid **sids);
-
-/**
- * @brief Lists Users
- **/
-wbcErr wbcListUsers(const char *domain_name,
- uint32_t *num_users,
- const char ***users);
-
-/**
- * @brief Lists Groups
- **/
-wbcErr wbcListGroups(const char *domain_name,
- uint32_t *num_groups,
- const char ***groups);
-
-wbcErr wbcGetDisplayName(const struct wbcDomainSid *sid,
- char **pdomain,
- char **pfullname,
- enum wbcSidType *pname_type);
-
-/**********************************************************
- * SID/uid/gid Mappings
- **********************************************************/
-
-/**
- * @brief Convert a Windows SID to a Unix uid, allocating an uid if needed
- *
- * @param *sid Pointer to the domain SID to be resolved
- * @param *puid Pointer to the resolved uid_t value
- *
- * @return #wbcErr
- *
- **/
-wbcErr wbcSidToUid(const struct wbcDomainSid *sid,
- uid_t *puid);
-
-/**
- * @brief Convert a Windows SID to a Unix uid if there already is a mapping
- *
- * @param *sid Pointer to the domain SID to be resolved
- * @param *puid Pointer to the resolved uid_t value
- *
- * @return #wbcErr
- *
- **/
-wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid,
- uid_t *puid);
-
-/**
- * @brief Convert a Unix uid to a Windows SID, allocating a SID if needed
- *
- * @param uid Unix uid to be resolved
- * @param *sid Pointer to the resolved domain SID
- *
- * @return #wbcErr
- *
- **/
-wbcErr wbcUidToSid(uid_t uid,
- struct wbcDomainSid *sid);
-
-/**
- * @brief Convert a Unix uid to a Windows SID if there already is a mapping
- *
- * @param uid Unix uid to be resolved
- * @param *sid Pointer to the resolved domain SID
- *
- * @return #wbcErr
- *
- **/
-wbcErr wbcQueryUidToSid(uid_t uid,
- struct wbcDomainSid *sid);
-
-/**
- * @brief Convert a Windows SID to a Unix gid, allocating a gid if needed
- *
- * @param *sid Pointer to the domain SID to be resolved
- * @param *pgid Pointer to the resolved gid_t value
- *
- * @return #wbcErr
- *
- **/
-wbcErr wbcSidToGid(const struct wbcDomainSid *sid,
- gid_t *pgid);
-
-/**
- * @brief Convert a Windows SID to a Unix gid if there already is a mapping
- *
- * @param *sid Pointer to the domain SID to be resolved
- * @param *pgid Pointer to the resolved gid_t value
- *
- * @return #wbcErr
- *
- **/
-wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid,
- gid_t *pgid);
-
-/**
- * @brief Convert a Unix gid to a Windows SID, allocating a SID if needed
- *
- * @param gid Unix gid to be resolved
- * @param *sid Pointer to the resolved domain SID
- *
- * @return #wbcErr
- *
- **/
-wbcErr wbcGidToSid(gid_t gid,
- struct wbcDomainSid *sid);
-
-/**
- * @brief Convert a Unix gid to a Windows SID if there already is a mapping
- *
- * @param gid Unix gid to be resolved
- * @param *sid Pointer to the resolved domain SID
- *
- * @return #wbcErr
- *
- **/
-wbcErr wbcQueryGidToSid(gid_t gid,
- struct wbcDomainSid *sid);
-
-/**
- * @brief Obtain a new uid from Winbind
- *
- * @param *puid *pointer to the allocated uid
- *
- * @return #wbcErr
- **/
-wbcErr wbcAllocateUid(uid_t *puid);
-
-/**
- * @brief Obtain a new gid from Winbind
- *
- * @param *pgid Pointer to the allocated gid
- *
- * @return #wbcErr
- **/
-wbcErr wbcAllocateGid(gid_t *pgid);
-
-/**
- * @brief Set an user id mapping
- *
- * @param uid Uid of the desired mapping.
- * @param *sid Pointer to the sid of the diresired mapping.
- *
- * @return #wbcErr
- **/
-wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid);
-
-/**
- * @brief Set a group id mapping
- *
- * @param gid Gid of the desired mapping.
- * @param *sid Pointer to the sid of the diresired mapping.
- *
- * @return #wbcErr
- **/
-wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid);
-
-/**
- * @brief Remove a user id mapping
- *
- * @param uid Uid of the mapping to remove.
- * @param *sid Pointer to the sid of the mapping to remove.
- *
- * @return #wbcErr
- **/
-wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid);
-
-/**
- * @brief Remove a group id mapping
- *
- * @param gid Gid of the mapping to remove.
- * @param *sid Pointer to the sid of the mapping to remove.
- *
- * @return #wbcErr
- **/
-wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid);
-
-/**
- * @brief Set the highwater mark for allocated uids.
- *
- * @param uid_hwm The new uid highwater mark value
- *
- * @return #wbcErr
- **/
-wbcErr wbcSetUidHwm(uid_t uid_hwm);
-
-/**
- * @brief Set the highwater mark for allocated gids.
- *
- * @param gid_hwm The new gid highwater mark value
- *
- * @return #wbcErr
- **/
-wbcErr wbcSetGidHwm(gid_t gid_hwm);
-
-/**********************************************************
- * NSS Lookup User/Group details
- **********************************************************/
-
-/**
- * @brief Fill in a struct passwd* for a domain user based
- * on username
- *
- * @param *name Username to lookup
- * @param **pwd Pointer to resulting struct passwd* from the query.
- *
- * @return #wbcErr
- **/
-wbcErr wbcGetpwnam(const char *name, struct passwd **pwd);
-
-/**
- * @brief Fill in a struct passwd* for a domain user based
- * on uid
- *
- * @param uid Uid to lookup
- * @param **pwd Pointer to resulting struct passwd* from the query.
- *
- * @return #wbcErr
- **/
-wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd);
-
-/**
- * @brief Fill in a struct passwd* for a domain user based
- * on username
- *
- * @param *name Username to lookup
- * @param **grp Pointer to resulting struct group* from the query.
- *
- * @return #wbcErr
- **/
-wbcErr wbcGetgrnam(const char *name, struct group **grp);
-
-/**
- * @brief Fill in a struct passwd* for a domain user based
- * on uid
- *
- * @param gid Uid to lookup
- * @param **grp Pointer to resulting struct group* from the query.
- *
- * @return #wbcErr
- **/
-wbcErr wbcGetgrgid(gid_t gid, struct group **grp);
-
-/**
- * @brief Reset the passwd iterator
- *
- * @return #wbcErr
- **/
-wbcErr wbcSetpwent(void);
-
-/**
- * @brief Close the passwd iterator
- *
- * @return #wbcErr
- **/
-wbcErr wbcEndpwent(void);
-
-/**
- * @brief Return the next struct passwd* entry from the pwent iterator
- *
- * @param **pwd Pointer to resulting struct passwd* from the query.
- *
- * @return #wbcErr
- **/
-wbcErr wbcGetpwent(struct passwd **pwd);
-
-/**
- * @brief Reset the group iterator
- *
- * @return #wbcErr
- **/
-wbcErr wbcSetgrent(void);
-
-/**
- * @brief Close the group iterator
- *
- * @return #wbcErr
- **/
-wbcErr wbcEndgrent(void);
-
-/**
- * @brief Return the next struct group* entry from the pwent iterator
- *
- * @param **grp Pointer to resulting struct group* from the query.
- *
- * @return #wbcErr
- **/
-wbcErr wbcGetgrent(struct group **grp);
-
-/**
- * @brief Return the next struct group* entry from the pwent iterator
- *
- * This is similar to #wbcGetgrent, just that the member list is empty
- *
- * @param **grp Pointer to resulting struct group* from the query.
- *
- * @return #wbcErr
- **/
-wbcErr wbcGetgrlist(struct group **grp);
-
-/**
- * @brief Return the unix group array belonging to the given user
- *
- * @param *account The given user name
- * @param *num_groups Number of elements returned in the groups array
- * @param **_groups Pointer to resulting gid_t array.
- *
- * @return #wbcErr
- **/
-wbcErr wbcGetGroups(const char *account,
- uint32_t *num_groups,
- gid_t **_groups);
-
-
-/**********************************************************
- * Lookup Domain information
- **********************************************************/
-
-/**
- * @brief Lookup the current status of a trusted domain
- *
- * @param domain Domain to query
- * @param *dinfo Pointer to returned domain_info struct
- *
- * @return #wbcErr
- **/
-wbcErr wbcDomainInfo(const char *domain,
- struct wbcDomainInfo **info);
-
-/**
- * @brief Enumerate the domain trusts known by Winbind
- *
- * @param **domains Pointer to the allocated domain list array
- * @param *num_domains Pointer to number of domains returned
- *
- * @return #wbcErr
- **/
-wbcErr wbcListTrusts(struct wbcDomainInfo **domains,
- size_t *num_domains);
-
-/* Flags for wbcLookupDomainController */
-
-#define WBC_LOOKUP_DC_FORCE_REDISCOVERY 0x00000001
-#define WBC_LOOKUP_DC_DS_REQUIRED 0x00000010
-#define WBC_LOOKUP_DC_DS_PREFERRED 0x00000020
-#define WBC_LOOKUP_DC_GC_SERVER_REQUIRED 0x00000040
-#define WBC_LOOKUP_DC_PDC_REQUIRED 0x00000080
-#define WBC_LOOKUP_DC_BACKGROUND_ONLY 0x00000100
-#define WBC_LOOKUP_DC_IP_REQUIRED 0x00000200
-#define WBC_LOOKUP_DC_KDC_REQUIRED 0x00000400
-#define WBC_LOOKUP_DC_TIMESERV_REQUIRED 0x00000800
-#define WBC_LOOKUP_DC_WRITABLE_REQUIRED 0x00001000
-#define WBC_LOOKUP_DC_GOOD_TIMESERV_PREFERRED 0x00002000
-#define WBC_LOOKUP_DC_AVOID_SELF 0x00004000
-#define WBC_LOOKUP_DC_ONLY_LDAP_NEEDED 0x00008000
-#define WBC_LOOKUP_DC_IS_FLAT_NAME 0x00010000
-#define WBC_LOOKUP_DC_IS_DNS_NAME 0x00020000
-#define WBC_LOOKUP_DC_TRY_NEXTCLOSEST_SITE 0x00040000
-#define WBC_LOOKUP_DC_DS_6_REQUIRED 0x00080000
-#define WBC_LOOKUP_DC_RETURN_DNS_NAME 0x40000000
-#define WBC_LOOKUP_DC_RETURN_FLAT_NAME 0x80000000
-
-/**
- * @brief Enumerate the domain trusts known by Winbind
- *
- * @param domain Name of the domain to query for a DC
- * @param flags Bit flags used to control the domain location query
- * @param *dc_info Pointer to the returned domain controller information
- *
- * @return #wbcErr
- **/
-wbcErr wbcLookupDomainController(const char *domain,
- uint32_t flags,
- struct wbcDomainControllerInfo **dc_info);
-
-/**
- * @brief Get extended domain controller information
- *
- * @param domain Name of the domain to query for a DC
- * @param guid Guid of the domain to query for a DC
- * @param site Site of the domain to query for a DC
- * @param flags Bit flags used to control the domain location query
- * @param *dc_info Pointer to the returned extended domain controller information
- *
- * @return #wbcErr
- **/
-wbcErr wbcLookupDomainControllerEx(const char *domain,
- struct wbcGuid *guid,
- const char *site,
- uint32_t flags,
- struct wbcDomainControllerInfoEx **dc_info);
-
-/**********************************************************
- * Athenticate functions
- **********************************************************/
-
-/**
- * @brief Authenticate a username/password pair
- *
- * @param username Name of user to authenticate
- * @param password Clear text password os user
- *
- * @return #wbcErr
- **/
-wbcErr wbcAuthenticateUser(const char *username,
- const char *password);
-
-/**
- * @brief Authenticate with more detailed information
- *
- * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH
- * is not supported yet
- * @param info Output details on WBC_ERR_SUCCESS
- * @param error Output details on WBC_ERR_AUTH_ERROR
- *
- * @return #wbcErr
- **/
-wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params,
- struct wbcAuthUserInfo **info,
- struct wbcAuthErrorInfo **error);
-
-/**
- * @brief Logon a User
- *
- * @param[in] params Pointer to a wbcLogonUserParams structure
- * @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure
- * @param[out] error Pointer to a pointer to a wbcAuthErrorInfo structure
- * @param[out] policy Pointer to a pointer to a wbcUserPasswordPolicyInfo structure
- *
- * @return #wbcErr
- **/
-wbcErr wbcLogonUser(const struct wbcLogonUserParams *params,
- struct wbcLogonUserInfo **info,
- struct wbcAuthErrorInfo **error,
- struct wbcUserPasswordPolicyInfo **policy);
-
-/**
- * @brief Trigger a logoff notification to Winbind for a specific user
- *
- * @param username Name of user to remove from Winbind's list of
- * logged on users.
- * @param uid Uid assigned to the username
- * @param ccfilename Absolute path to the Krb5 credentials cache to
- * be removed
- *
- * @return #wbcErr
- **/
-wbcErr wbcLogoffUser(const char *username,
- uid_t uid,
- const char *ccfilename);
-
-/**
- * @brief Trigger an extended logoff notification to Winbind for a specific user
- *
- * @param params A wbcLogoffUserParams structure
- * @param error User output details on error
- *
- * @return #wbcErr
- **/
-wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params,
- struct wbcAuthErrorInfo **error);
-
-/**
- * @brief Change a password for a user
- *
- * @param username Name of user to authenticate
- * @param old_password Old clear text password of user
- * @param new_password New clear text password of user
- *
- * @return #wbcErr
- **/
-wbcErr wbcChangeUserPassword(const char *username,
- const char *old_password,
- const char *new_password);
-
-/**
- * @brief Change a password for a user with more detailed information upon
- * failure
- *
- * @param params Input parameters
- * @param error User output details on WBC_ERR_PWD_CHANGE_FAILED
- * @param reject_reason New password reject reason on WBC_ERR_PWD_CHANGE_FAILED
- * @param policy Password policy output details on WBC_ERR_PWD_CHANGE_FAILED
- *
- * @return #wbcErr
- **/
-wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params,
- struct wbcAuthErrorInfo **error,
- enum wbcPasswordChangeRejectReason *reject_reason,
- struct wbcUserPasswordPolicyInfo **policy);
-
-/**
- * @brief Authenticate a user with cached credentials
- *
- * @param *params Pointer to a wbcCredentialCacheParams structure
- * @param **info Pointer to a pointer to a wbcCredentialCacheInfo structure
- * @param **error Pointer to a pointer to a wbcAuthErrorInfo structure
- *
- * @return #wbcErr
- **/
-wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params,
- struct wbcCredentialCacheInfo **info,
- struct wbcAuthErrorInfo **error);
-
-/**********************************************************
- * Resolve functions
- **********************************************************/
-
-/**
- * @brief Resolve a NetbiosName via WINS
- *
- * @param name Name to resolve
- * @param *ip Pointer to the ip address string
- *
- * @return #wbcErr
- **/
-wbcErr wbcResolveWinsByName(const char *name, char **ip);
-
-/**
- * @brief Resolve an IP address via WINS into a NetbiosName
- *
- * @param ip The ip address string
- * @param *name Pointer to the name
- *
- * @return #wbcErr
- *
- **/
-wbcErr wbcResolveWinsByIP(const char *ip, char **name);
-
-/**********************************************************
- * Trusted domain functions
- **********************************************************/
-
-/**
- * @brief Trigger a verification of the trust credentials of a specific domain
- *
- * @param *domain The name of the domain, only NULL for the default domain is
- * supported yet. Other values than NULL will result in
- * WBC_ERR_NOT_IMPLEMENTED.
- * @param error Output details on WBC_ERR_AUTH_ERROR
- *
- * @return #wbcErr
- **/
-wbcErr wbcCheckTrustCredentials(const char *domain,
- struct wbcAuthErrorInfo **error);
-
-/**********************************************************
- * Helper functions
- **********************************************************/
-
-/**
- * @brief Initialize a named blob and add to list of blobs
- *
- * @param[in,out] num_blobs Pointer to the number of blobs
- * @param[in,out] blobs Pointer to an array of blobs
- * @param[in] name Name of the new named blob
- * @param[in] flags Flags of the new named blob
- * @param[in] data Blob data of new blob
- * @param[in] length Blob data length of new blob
- *
- * @return #wbcErr
- **/
-wbcErr wbcAddNamedBlob(size_t *num_blobs,
- struct wbcNamedBlob **blobs,
- const char *name,
- uint32_t flags,
- uint8_t *data,
- size_t length);
-
-#endif /* _WBCLIENT_H */
diff --git a/source3/nsswitch/libwbclient/wbclient_internal.h b/source3/nsswitch/libwbclient/wbclient_internal.h
deleted file mode 100644
index fc03c5409b..0000000000
--- a/source3/nsswitch/libwbclient/wbclient_internal.h
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind client API
-
- Copyright (C) Gerald (Jerry) Carter 2007
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#ifndef _WBCLIENT_INTERNAL_H
-#define _WBCLIENT_INTERNAL_H
-
-/* Private functions */
-
-wbcErr wbcRequestResponse(int cmd,
- struct winbindd_request *request,
- struct winbindd_response *response);
-
-
-#endif /* _WBCLIENT_INTERNAL_H */
generated by cgit (git 2.34.1) at 2024-07-07 11:32:03 +0000