diff options
author | Simo Sorce <idra@samba.org> | 2003-08-02 20:06:57 +0000 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2003-08-02 20:06:57 +0000 |
commit | 04bf12b176d5abe06b7f1401810369bcafe0b611 (patch) | |
tree | 8bb6627c3ffa4cab902787b874206f8012a33e3a /source3/nsswitch | |
parent | 7efce478976e2ac71bcaf4e4d1049bb263634711 (diff) | |
download | samba-04bf12b176d5abe06b7f1401810369bcafe0b611.tar.gz samba-04bf12b176d5abe06b7f1401810369bcafe0b611.tar.bz2 samba-04bf12b176d5abe06b7f1401810369bcafe0b611.zip |
port latest changes from SAMBA_3_0 tree
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
Diffstat (limited to 'source3/nsswitch')
-rw-r--r-- | source3/nsswitch/wb_common.c | 2 | ||||
-rw-r--r-- | source3/nsswitch/wbinfo.c | 2 | ||||
-rw-r--r-- | source3/nsswitch/winbindd.c | 34 | ||||
-rw-r--r-- | source3/nsswitch/winbindd.h | 2 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_acct.c | 63 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_ads.c | 85 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_cache.c | 8 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_cm.c | 39 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_group.c | 26 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_misc.c | 18 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_pam.c | 55 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_sid.c | 24 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_user.c | 24 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_util.c | 85 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_wins.c | 4 | ||||
-rw-r--r-- | source3/nsswitch/wins.c | 48 |
16 files changed, 313 insertions, 206 deletions
diff --git a/source3/nsswitch/wb_common.c b/source3/nsswitch/wb_common.c index acaf0ed17c..79553e9e4f 100644 --- a/source3/nsswitch/wb_common.c +++ b/source3/nsswitch/wb_common.c @@ -239,6 +239,8 @@ int winbind_open_pipe_sock(void) } } + SAFE_FREE(response.extra_data); + return winbindd_fd; #else return -1; diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index f533799370..fcd7d2d508 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -1074,7 +1074,7 @@ int main(int argc, char **argv) goto done; } break; - case 'P': + case 'p': if (!wbinfo_ping()) { d_printf("could not ping winbindd!\n"); goto done; diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c index 0860d701d8..8345fa11d0 100644 --- a/source3/nsswitch/winbindd.c +++ b/source3/nsswitch/winbindd.c @@ -27,20 +27,6 @@ BOOL opt_nocache = False; BOOL opt_dual_daemon = True; -/***************************************************************************** - stubb functions -****************************************************************************/ - -void become_root( void ) -{ - return; -} - -void unbecome_root( void ) -{ - return; -} - /* Reload configuration */ static BOOL reload_services_file(BOOL test) @@ -131,8 +117,8 @@ static void winbindd_status(void) if (DEBUGLEVEL >= 2 && winbindd_num_clients()) { DEBUG(2, ("\tclient list:\n")); for(tmp = winbindd_client_list(); tmp; tmp = tmp->next) { - DEBUG(2, ("\t\tpid %d, sock %d, rbl %d, wbl %d\n", - tmp->pid, tmp->sock, tmp->read_buf_len, + DEBUG(2, ("\t\tpid %lu, sock %d, rbl %d, wbl %d\n", + (unsigned long)tmp->pid, tmp->sock, tmp->read_buf_len, tmp->write_buf_len)); } } @@ -172,7 +158,7 @@ static void terminate(void) idmap_close(); /* Remove socket file */ - snprintf(path, sizeof(path), "%s/%s", + pstr_sprintf(path, "%s/%s", WINBINDD_SOCKET_DIR, WINBINDD_SOCKET_NAME); unlink(path); exit(0); @@ -471,8 +457,8 @@ void winbind_client_read(struct winbindd_cli_state *state) /* Read failed, kill client */ if (n == -1 || n == 0) { - DEBUG(5,("read failed on sock %d, pid %d: %s\n", - state->sock, state->pid, + DEBUG(5,("read failed on sock %d, pid %lu: %s\n", + state->sock, (unsigned long)state->pid, (n == -1) ? strerror(errno) : "EOF")); state->finished = True; @@ -519,8 +505,8 @@ static void client_write(struct winbindd_cli_state *state) if (num_written == -1 || num_written == 0) { - DEBUG(3,("write failed on sock %d, pid %d: %s\n", - state->sock, state->pid, + DEBUG(3,("write failed on sock %d, pid %lu: %s\n", + state->sock, (unsigned long)state->pid, (num_written == -1) ? strerror(errno) : "EOF")); state->finished = True; @@ -726,8 +712,8 @@ static void process_loop(void) if (state->read_buf_len >= sizeof(uint32) && *(uint32 *) &state->request != sizeof(state->request)) { - DEBUG(0,("process_loop: Invalid request size from pid %d: %d bytes sent, should be %d\n", - state->request.pid, *(uint32 *) &state->request, sizeof(state->request))); + DEBUG(0,("process_loop: Invalid request size from pid %lu: %d bytes sent, should be %d\n", + (unsigned long)state->request.pid, *(uint32 *) &state->request, sizeof(state->request))); remove_client(state); break; @@ -838,7 +824,7 @@ int main(int argc, char **argv) exit(1); } - snprintf(logfile, sizeof(logfile), "%s/log.winbindd", dyn_LOGFILEBASE); + pstr_sprintf(logfile, "%s/log.winbindd", dyn_LOGFILEBASE); lp_set_logfile(logfile); setup_logging("winbindd", log_stdout); reopen_logs(); diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h index 2acb89b24b..677afa1849 100644 --- a/source3/nsswitch/winbindd.h +++ b/source3/nsswitch/winbindd.h @@ -4,7 +4,7 @@ Winbind daemon for ntdom nss module Copyright (C) Tim Potter 2000 - Copyright (C) Anthony Liguori 2003 + Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003 This library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public diff --git a/source3/nsswitch/winbindd_acct.c b/source3/nsswitch/winbindd_acct.c index a1cd1d5f19..8abfd17110 100644 --- a/source3/nsswitch/winbindd_acct.c +++ b/source3/nsswitch/winbindd_acct.c @@ -136,8 +136,8 @@ static WINBINDD_PW* string2passwd( char *string ) /* last minute sanity checks */ if ( pw.pw_uid==0 || pw.pw_gid==0 ) { - DEBUG(0,("string2passwd: Failure! uid==%d, gid==%d\n", - pw.pw_uid, pw.pw_gid)); + DEBUG(0,("string2passwd: Failure! uid==%lu, gid==%lu\n", + (unsigned long)pw.pw_uid, (unsigned long)pw.pw_gid)); return NULL; } @@ -161,17 +161,17 @@ static char* passwd2string( const WINBINDD_PW *pw ) DEBUG(10,("passwd2string: converting passwd struct for %s\n", pw->pw_name)); - ret = snprintf( string, sizeof(string), "%s:%s:%d:%d:%s:%s:%s", + ret = pstr_sprintf( string, "%s:%s:%lu:%lu:%s:%s:%s", pw->pw_name, pw->pw_passwd ? pw->pw_passwd : "x", - pw->pw_uid, - pw->pw_gid, + (unsigned long)pw->pw_uid, + (unsigned long)pw->pw_gid, pw->pw_gecos, pw->pw_dir, pw->pw_shell ); if ( ret < 0 ) { - DEBUG(0,("passwd2string: snprintf() failed!\n")); + DEBUG(0,("passwd2string: pstr_sprintf() failed!\n")); return NULL; } @@ -247,7 +247,7 @@ static WINBINDD_GR* string2group( char *string ) /* last minute sanity checks */ if ( grp.gr_gid == 0 ) { - DEBUG(0,("string2group: Failure! gid==%d\n", grp.gr_gid)); + DEBUG(0,("string2group: Failure! gid==%lu\n", (unsigned long)grp.gr_gid)); SAFE_FREE( gr_members ); return NULL; } @@ -303,16 +303,16 @@ static char* group2string( const WINBINDD_GR *grp ) fstrcpy( gr_mem_str, "" ); } - ret = snprintf( string, sizeof(string)-1, "%s:%s:%d:%s", + ret = pstr_sprintf( string, "%s:%s:%lu:%s", grp->gr_name, grp->gr_passwd ? grp->gr_passwd : "*", - grp->gr_gid, + (unsigned long)grp->gr_gid, gr_mem_str ); SAFE_FREE( gr_mem_str ); if ( ret < 0 ) { - DEBUG(0,("group2string: snprintf() failed!\n")); + DEBUG(0,("group2string: pstr_sprintf() failed!\n")); return NULL; } @@ -326,7 +326,7 @@ static char* acct_userkey_byname( const char *name ) { static fstring key; - snprintf( key, sizeof(key), "%s/NAME/%s", WBKEY_PASSWD, name ); + fstr_sprintf( key, "%s/NAME/%s", WBKEY_PASSWD, name ); return key; } @@ -338,7 +338,7 @@ static char* acct_userkey_byuid( uid_t uid ) { static fstring key; - snprintf( key, sizeof(key), "%s/UID/%d", WBKEY_PASSWD, uid ); + fstr_sprintf( key, "%s/UID/%lu", WBKEY_PASSWD, (unsigned long)uid ); return key; } @@ -350,7 +350,7 @@ static char* acct_groupkey_byname( const char *name ) { static fstring key; - snprintf( key, sizeof(key), "%s/NAME/%s", WBKEY_GROUP, name ); + fstr_sprintf( key, "%s/NAME/%s", WBKEY_GROUP, name ); return key; } @@ -362,7 +362,7 @@ static char* acct_groupkey_bygid( gid_t gid ) { static fstring key; - snprintf( key, sizeof(key), "%s/GID/%d", WBKEY_GROUP, gid ); + fstr_sprintf( key, "%s/GID/%lu", WBKEY_GROUP, (unsigned long)gid ); return key; } @@ -415,7 +415,7 @@ WINBINDD_PW* wb_getpwuid( const uid_t uid ) data = tdb_fetch_bystring( account_tdb, acct_userkey_byuid(uid) ); if ( !data.dptr ) { - DEBUG(4,("wb_getpwuid: failed to locate uid == %d\n", uid)); + DEBUG(4,("wb_getpwuid: failed to locate uid == %lu\n", (unsigned long)uid)); return NULL; } keystr = acct_userkey_byname( data.dptr ); @@ -431,8 +431,8 @@ WINBINDD_PW* wb_getpwuid( const uid_t uid ) SAFE_FREE( data.dptr ); } - DEBUG(5,("wb_getpwuid: %s user (uid == %d)\n", - (pw ? "Found" : "Did not find"), uid )); + DEBUG(5,("wb_getpwuid: %s user (uid == %lu)\n", + (pw ? "Found" : "Did not find"), (unsigned long)uid )); return pw; } @@ -544,7 +544,8 @@ WINBINDD_GR* wb_getgrgid( gid_t gid ) data = tdb_fetch_bystring( account_tdb, acct_groupkey_bygid(gid) ); if ( !data.dptr ) { - DEBUG(4,("wb_getgrgid: failed to locate gid == %d\n", gid)); + DEBUG(4,("wb_getgrgid: failed to locate gid == %lu\n", + (unsigned long)gid)); return NULL; } keystr = acct_groupkey_byname( data.dptr ); @@ -560,8 +561,8 @@ WINBINDD_GR* wb_getgrgid( gid_t gid ) SAFE_FREE( data.dptr ); } - DEBUG(5,("wb_getgrgid: %s group (gid == %d)\n", - (grp ? "Found" : "Did not find"), gid )); + DEBUG(5,("wb_getgrgid: %s group (gid == %lu)\n", + (grp ? "Found" : "Did not find"), (unsigned long)gid )); return grp; } @@ -697,7 +698,7 @@ static int cleangroups_traverse_fn(TDB_CONTEXT *the_tdb, TDB_DATA kbuf, TDB_DATA fstring key; char *name = (char*)state; - snprintf( key, sizeof(key), "%s/NAME", WBKEY_GROUP ); + fstr_sprintf( key, "%s/NAME", WBKEY_GROUP ); len = strlen(key); /* if this is a group entry then, check the members */ @@ -776,7 +777,7 @@ static int isprimarygroup_traverse_fn(TDB_CONTEXT *the_tdb, TDB_DATA kbuf, fstring key; struct _check_primary_grp *check = (struct _check_primary_grp*)params; - snprintf( key, sizeof(key), "%s/NAME", WBKEY_PASSWD ); + fstr_sprintf( key, "%s/NAME", WBKEY_PASSWD ); len = strlen(key); /* if this is a group entry then, check the members */ @@ -875,8 +876,8 @@ enum winbindd_result winbindd_create_user(struct winbindd_cli_state *state) user = state->request.data.acct_mgt.username; group = state->request.data.acct_mgt.groupname; - DEBUG(3, ("[%5d]: create_user: user=>(%s), group=>(%s)\n", - state->pid, user, group)); + DEBUG(3, ("[%5lu]: create_user: user=>(%s), group=>(%s)\n", + (unsigned long)state->pid, user, group)); if ( !*group ) group = lp_template_primary_group(); @@ -965,7 +966,7 @@ enum winbindd_result winbindd_create_group(struct winbindd_cli_state *state) state->request.data.acct_mgt.groupname[sizeof(state->request.data.acct_mgt.groupname)-1]='\0'; group = state->request.data.acct_mgt.groupname; - DEBUG(3, ("[%5d]: create_group: (%s)\n", state->pid, group)); + DEBUG(3, ("[%5lu]: create_group: (%s)\n", (unsigned long)state->pid, group)); /* get a new uid */ @@ -1025,7 +1026,7 @@ enum winbindd_result winbindd_add_user_to_group(struct winbindd_cli_state *state group = state->request.data.acct_mgt.groupname; user = state->request.data.acct_mgt.username; - DEBUG(3, ("[%5d]: add_user_to_group: add %s to %s\n", state->pid, + DEBUG(3, ("[%5lu]: add_user_to_group: add %s to %s\n", (unsigned long)state->pid, user, group)); /* make sure it is a valid user */ @@ -1073,7 +1074,7 @@ enum winbindd_result winbindd_remove_user_from_group(struct winbindd_cli_state * group = state->request.data.acct_mgt.groupname; user = state->request.data.acct_mgt.username; - DEBUG(3, ("[%5d]: remove_user_to_group: delete %s from %s\n", state->pid, + DEBUG(3, ("[%5lu]: remove_user_to_group: delete %s from %s\n", (unsigned long)state->pid, user, group)); /* don't worry about checking the username since we're removing it anyways */ @@ -1116,8 +1117,8 @@ enum winbindd_result winbindd_set_user_primary_group(struct winbindd_cli_state * group = state->request.data.acct_mgt.groupname; user = state->request.data.acct_mgt.username; - DEBUG(3, ("[%5d]: set_user_primary_grou:p group %s for user %s\n", state->pid, - group, user)); + DEBUG(3, ("[%5lu]: set_user_primary_group: group %s for user %s\n", + (unsigned long)state->pid, group, user)); /* make sure it is a valid user */ @@ -1158,7 +1159,7 @@ enum winbindd_result winbindd_delete_user(struct winbindd_cli_state *state) state->request.data.acct_mgt.username[sizeof(state->request.data.acct_mgt.username)-1]='\0'; user = state->request.data.acct_mgt.username; - DEBUG(3, ("[%5d]: delete_user: %s\n", state->pid, user)); + DEBUG(3, ("[%5lu]: delete_user: %s\n", (unsigned long)state->pid, user)); /* make sure it is a valid user */ @@ -1189,7 +1190,7 @@ enum winbindd_result winbindd_delete_group(struct winbindd_cli_state *state) state->request.data.acct_mgt.username[sizeof(state->request.data.acct_mgt.groupname)-1]='\0'; group = state->request.data.acct_mgt.groupname; - DEBUG(3, ("[%5d]: delete_group: %s\n", state->pid, group)); + DEBUG(3, ("[%5lu]: delete_group: %s\n", (unsigned long)state->pid, group)); /* make sure it is a valid group */ diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c index 462dd21531..7140dc35a0 100644 --- a/source3/nsswitch/winbindd_ads.c +++ b/source3/nsswitch/winbindd_ads.c @@ -801,24 +801,91 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, char ***alt_names, DOM_SID **dom_sids) { - ADS_STRUCT *ads; - ADS_STATUS rc; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + DS_DOMAIN_TRUSTS *domains = NULL; + int count = 0; + int i; + struct cli_state *cli = NULL; + /* i think we only need our forest and downlevel trusted domains */ + uint32 flags = DS_DOMAIN_IN_FOREST | DS_DOMAIN_DIRECT_OUTBOUND; DEBUG(3,("ads: trusted_domains\n")); *num_domains = 0; - *names = NULL; + *alt_names = NULL; + *names = NULL; + *dom_sids = NULL; + + if ( !NT_STATUS_IS_OK(result = cm_fresh_connection(domain->name, PI_NETLOGON, &cli)) ) { + DEBUG(5, ("trusted_domains: Could not open a connection to %s for PIPE_NETLOGON (%s)\n", + domain->name, nt_errstr(result))); + return NT_STATUS_UNSUCCESSFUL; + } + + if ( NT_STATUS_IS_OK(result) ) + result = cli_ds_enum_domain_trusts( cli, mem_ctx, cli->desthost, flags, &domains, &count ); + + if ( NT_STATUS_IS_OK(result) && count) { + + /* Allocate memory for trusted domain names and sids */ - ads = ads_cached_connection(domain); + if ( !(*names = (char **)talloc(mem_ctx, sizeof(char *) * count)) ) { + DEBUG(0, ("trusted_domains: out of memory\n")); + result = NT_STATUS_NO_MEMORY; + goto done; + } - if (!ads) { - domain->last_status = NT_STATUS_SERVER_DISABLED; - return NT_STATUS_UNSUCCESSFUL; + if ( !(*alt_names = (char **)talloc(mem_ctx, sizeof(char *) * count)) ) { + DEBUG(0, ("trusted_domains: out of memory\n")); + result = NT_STATUS_NO_MEMORY; + goto done; + } + + if ( !(*dom_sids = (DOM_SID *)talloc(mem_ctx, sizeof(DOM_SID) * count)) ) { + DEBUG(0, ("trusted_domains: out of memory\n")); + result = NT_STATUS_NO_MEMORY; + goto done; + } + + /* Copy across names and sids */ + + for (i = 0; i < count; i++) { + fstring tmp; + fstring tmp2; + + (*names)[i] = NULL; + (*alt_names)[i] = NULL; + ZERO_STRUCT( (*dom_sids)[i] ); + + if ( domains[i].netbios_ptr ) { + unistr2_to_ascii(tmp, &domains[i].netbios_domain, sizeof(tmp) - 1); + (*names)[i] = talloc_strdup(mem_ctx, tmp); + } + + if ( domains[i].dns_ptr ) { + unistr2_to_ascii(tmp2, &domains[i].dns_domain, sizeof(tmp2) - 1); + (*alt_names)[i] = talloc_strdup(mem_ctx, tmp2); + } + + /* sometimes we will get back a NULL SID from this call */ + + if ( domains[i].sid_ptr ) + sid_copy(&(*dom_sids)[i], &domains[i].sid.sid); + } + + *num_domains = count; } - rc = ads_trusted_domains(ads, mem_ctx, num_domains, names, alt_names, dom_sids); +done: + + SAFE_FREE( domains ); + + /* remove connection; This is a special case to the \NETLOGON pipe */ + + if ( cli ) + cli_shutdown( cli ); - return ads_ntstatus(rc); + return result; } /* find the domain sid for a domain */ diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c index 2da2a9e641..2891a4fa68 100644 --- a/source3/nsswitch/winbindd_cache.c +++ b/source3/nsswitch/winbindd_cache.c @@ -106,7 +106,7 @@ static struct winbind_cache *get_cache(struct winbindd_domain *domain) case SEC_ADS: { extern struct winbindd_methods ads_methods; /* always obey the lp_security parameter for our domain */ - if ( strequal(lp_realm(), domain->alt_name) ) { + if ( strequal(lp_realm(), domain->alt_name) || strequal(lp_workgroup(), domain->name) ) { domain->backend = &ads_methods; break; } @@ -256,7 +256,7 @@ static NTSTATUS fetch_cache_seqnum( struct winbindd_domain *domain, time_t now ) return NT_STATUS_UNSUCCESSFUL; } - snprintf( key, sizeof(key), "SEQNUM/%s", domain->name ); + fstr_sprintf( key, "SEQNUM/%s", domain->name ); data = tdb_fetch_bystring( wcache->tdb, key ); if ( !data.dptr || data.dsize!=8 ) { @@ -295,7 +295,7 @@ static NTSTATUS store_cache_seqnum( struct winbindd_domain *domain ) return NT_STATUS_UNSUCCESSFUL; } - snprintf( key_str, sizeof(key_str), "SEQNUM/%s", domain->name ); + fstr_sprintf( key_str, "SEQNUM/%s", domain->name ); key.dptr = key_str; key.dsize = strlen(key_str)+1; @@ -328,6 +328,8 @@ static void refresh_sequence_number(struct winbindd_domain *domain, BOOL force) time_t t = time(NULL); unsigned cache_time = lp_winbind_cache_time(); + get_cache( domain ); + /* trying to reconnect is expensive, don't do it too often */ if (domain->sequence_number == DOM_SEQUENCE_NONE) { cache_time *= 8; diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c index 7f35167778..f07117b5ab 100644 --- a/source3/nsswitch/winbindd_cm.c +++ b/source3/nsswitch/winbindd_cm.c @@ -152,7 +152,8 @@ static NTSTATUS cm_open_connection(const char *domain, const int pipe_index, result = cli_full_connection(&new_conn->cli, global_myname(), new_conn->controller, &dc_ip, 0, "IPC$", "IPC", ipc_username, ipc_domain, - ipc_password, CLI_FULL_CONNECTION_ANNONYMOUS_FALLBACK, &retry); + ipc_password, CLI_FULL_CONNECTION_ANNONYMOUS_FALLBACK, + Undefined, &retry); secrets_named_mutex_release(new_conn->controller); @@ -169,6 +170,11 @@ static NTSTATUS cm_open_connection(const char *domain, const int pipe_index, return result; } + /* set the domain if empty; needed for schannel connections */ + if ( !*new_conn->cli->domain ) + fstrcpy( new_conn->cli->domain, domain ); + + if ( !cli_nt_session_open (new_conn->cli, pipe_index) ) { result = NT_STATUS_PIPE_NOT_AVAILABLE; /* @@ -188,6 +194,25 @@ static NTSTATUS cm_open_connection(const char *domain, const int pipe_index, return NT_STATUS_OK; } +/************************************************************************ + Wrapper around statuc cm_open_connection to retreive a freshly + setup cli_state struct +************************************************************************/ + +NTSTATUS cm_fresh_connection(const char *domain, const int pipe_index, + struct cli_state **cli) +{ + NTSTATUS result; + struct winbindd_cm_conn conn; + + result = cm_open_connection( domain, pipe_index, &conn ); + + if ( NT_STATUS_IS_OK(result) ) + *cli = conn.cli; + + return result; +} + /* Return true if a connection is still alive */ static BOOL connection_ok(struct winbindd_cm_conn *conn) @@ -320,13 +345,11 @@ BOOL cm_check_for_native_mode_win2k( const char *domain ) done: -#if 0 - /* - * I don't think we need to shutdown here ? JRA. - */ + /* close the connection; no other cals use this pipe and it is called only + on reestablishing the domain list --jerry */ + if ( conn.cli ) cli_shutdown( conn.cli ); -#endif return ret; } @@ -488,14 +511,14 @@ NTSTATUS cm_get_netlogon_cli(const char *domain, if (!NT_STATUS_IS_OK(result)) return result; - snprintf(lock_name, sizeof(lock_name), "NETLOGON\\%s", conn->controller); + fstr_sprintf(lock_name, "NETLOGON\\%s", conn->controller); if (!(got_mutex = secrets_named_mutex(lock_name, WINBIND_SERVER_MUTEX_WAIT_TIME))) { DEBUG(0,("cm_get_netlogon_cli: mutex grab failed for %s\n", conn->controller)); } if ( sec_channel_type == SEC_CHAN_DOMAIN ) - snprintf(conn->cli->mach_acct, sizeof(conn->cli->mach_acct) - 1, "%s$", lp_workgroup()); + fstr_sprintf(conn->cli->mach_acct, "%s$", lp_workgroup()); result = cli_nt_establish_netlogon(conn->cli, sec_channel_type, trust_passwd); diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c index d67d48d506..96c121685a 100644 --- a/source3/nsswitch/winbindd_group.c +++ b/source3/nsswitch/winbindd_group.c @@ -232,7 +232,7 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state) /* Ensure null termination */ state->request.data.groupname[sizeof(state->request.data.groupname)-1]='\0'; - DEBUG(3, ("[%5d]: getgrnam %s\n", state->pid, + DEBUG(3, ("[%5lu]: getgrnam %s\n", (unsigned long)state->pid, state->request.data.groupname)); /* Parse domain and groupname */ @@ -334,8 +334,8 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state) int gr_mem_len; char *gr_mem; - DEBUG(3, ("[%5d]: getgrgid %d\n", state->pid, - state->request.data.gid)); + DEBUG(3, ("[%5lu]: getgrgid %lu\n", (unsigned long)state->pid, + (unsigned long)state->request.data.gid)); /* Bug out if the gid isn't in the winbind range */ @@ -360,8 +360,8 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state) /* Get rid from gid */ if (!NT_STATUS_IS_OK(idmap_gid_to_sid(&group_sid, state->request.data.gid))) { - DEBUG(1, ("could not convert gid %d to rid\n", - state->request.data.gid)); + DEBUG(1, ("could not convert gid %lu to rid\n", + (unsigned long)state->request.data.gid)); return WINBINDD_ERROR; } @@ -416,7 +416,7 @@ enum winbindd_result winbindd_setgrent(struct winbindd_cli_state *state) { struct winbindd_domain *domain; - DEBUG(3, ("[%5d]: setgrent\n", state->pid)); + DEBUG(3, ("[%5lu]: setgrent\n", (unsigned long)state->pid)); /* Check user has enabled this */ @@ -469,7 +469,7 @@ enum winbindd_result winbindd_setgrent(struct winbindd_cli_state *state) enum winbindd_result winbindd_endgrent(struct winbindd_cli_state *state) { - DEBUG(3, ("[%5d]: endgrent\n", state->pid)); + DEBUG(3, ("[%5lu]: endgrent\n", (unsigned long)state->pid)); free_getent_state(state->getgrent_state); state->getgrent_state = NULL; @@ -605,7 +605,7 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state) int num_groups, group_list_ndx = 0, i, gr_mem_list_len = 0; char *new_extra_data, *gr_mem_list = NULL; - DEBUG(3, ("[%5d]: getgrent\n", state->pid)); + DEBUG(3, ("[%5lu]: getgrent\n", (unsigned long)state->pid)); /* Check user has enabled this */ @@ -691,7 +691,7 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state) goto tryagain; } - DEBUG(10, ("got gid %d for group %x\n", group_gid, + DEBUG(10, ("got gid %lu for group %x\n", (unsigned long)group_gid, name_list[ent->sam_entry_index].rid)); /* Fill in group entry */ @@ -825,7 +825,7 @@ enum winbindd_result winbindd_list_groups(struct winbindd_cli_state *state) char *ted = NULL; unsigned int extra_data_len = 0, i; - DEBUG(3, ("[%5d]: list groups\n", state->pid)); + DEBUG(3, ("[%5lu]: list groups\n", (unsigned long)state->pid)); /* Enumerate over trusted domains */ @@ -915,7 +915,7 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) /* Ensure null termination */ state->request.data.username[sizeof(state->request.data.username)-1]='\0'; - DEBUG(3, ("[%5d]: getgroups %s\n", state->pid, + DEBUG(3, ("[%5lu]: getgroups %s\n", (unsigned long)state->pid, state->request.data.username)); if (!(mem_ctx = talloc_init("winbindd_getgroups(%s)", @@ -1009,9 +1009,9 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) /* We've jumped through a lot of hoops to get here */ DEBUG(10, ("winbindd_getgroups: mapped other sid %s to " - "gid %d\n", sid_string_static( + "gid %lu\n", sid_string_static( &info3->other_sids[i].sid), - gid_list[num_gids])); + (unsigned long)gid_list[num_gids])); num_gids++; } diff --git a/source3/nsswitch/winbindd_misc.c b/source3/nsswitch/winbindd_misc.c index 8d7cdc4731..740b760b93 100644 --- a/source3/nsswitch/winbindd_misc.c +++ b/source3/nsswitch/winbindd_misc.c @@ -35,7 +35,7 @@ enum winbindd_result winbindd_check_machine_acct(struct winbindd_cli_state *stat int num_retries = 0; struct cli_state *cli; uint32 sec_channel_type; - DEBUG(3, ("[%5d]: check machine account\n", state->pid)); + DEBUG(3, ("[%5lu]: check machine account\n", (unsigned long)state->pid)); /* Get trust account password */ @@ -95,7 +95,7 @@ enum winbindd_result winbindd_list_trusted_domains(struct winbindd_cli_state int total_entries = 0, extra_data_len = 0; char *ted, *extra_data = NULL; - DEBUG(3, ("[%5d]: list trusted domains\n", state->pid)); + DEBUG(3, ("[%5lu]: list trusted domains\n", (unsigned long)state->pid)); /* We need to refresh the trusted domain list as the domains may have changed since we last looked. There may be a sequence @@ -149,7 +149,7 @@ enum winbindd_result winbindd_show_sequence(struct winbindd_cli_state *state) struct winbindd_domain *domain; char *extra_data = NULL; - DEBUG(3, ("[%5d]: show sequence\n", state->pid)); + DEBUG(3, ("[%5lu]: show sequence\n", (unsigned long)state->pid)); extra_data = strdup(""); @@ -181,7 +181,7 @@ enum winbindd_result winbindd_show_sequence(struct winbindd_cli_state *state) enum winbindd_result winbindd_ping(struct winbindd_cli_state *state) { - DEBUG(3, ("[%5d]: ping\n", state->pid)); + DEBUG(3, ("[%5lu]: ping\n", (unsigned long)state->pid)); return WINBINDD_OK; } @@ -191,7 +191,7 @@ enum winbindd_result winbindd_ping(struct winbindd_cli_state enum winbindd_result winbindd_info(struct winbindd_cli_state *state) { - DEBUG(3, ("[%5d]: request misc info\n", state->pid)); + DEBUG(3, ("[%5lu]: request misc info\n", (unsigned long)state->pid)); state->response.data.info.winbind_separator = *lp_winbind_separator(); fstrcpy(state->response.data.info.samba_version, VERSION); @@ -204,7 +204,7 @@ enum winbindd_result winbindd_info(struct winbindd_cli_state *state) enum winbindd_result winbindd_interface_version(struct winbindd_cli_state *state) { - DEBUG(3, ("[%5d]: request interface version\n", state->pid)); + DEBUG(3, ("[%5lu]: request interface version\n", (unsigned long)state->pid)); state->response.data.interface_version = WINBIND_INTERFACE_VERSION; @@ -216,7 +216,7 @@ enum winbindd_result winbindd_interface_version(struct winbindd_cli_state *state enum winbindd_result winbindd_domain_name(struct winbindd_cli_state *state) { - DEBUG(3, ("[%5d]: request domain name\n", state->pid)); + DEBUG(3, ("[%5lu]: request domain name\n", (unsigned long)state->pid)); fstrcpy(state->response.data.domain_name, lp_workgroup()); @@ -228,7 +228,7 @@ enum winbindd_result winbindd_domain_name(struct winbindd_cli_state *state) enum winbindd_result winbindd_netbios_name(struct winbindd_cli_state *state) { - DEBUG(3, ("[%5d]: request netbios name\n", state->pid)); + DEBUG(3, ("[%5lu]: request netbios name\n", (unsigned long)state->pid)); fstrcpy(state->response.data.netbios_name, global_myname()); @@ -240,7 +240,7 @@ enum winbindd_result winbindd_netbios_name(struct winbindd_cli_state *state) enum winbindd_result winbindd_priv_pipe_dir(struct winbindd_cli_state *state) { - DEBUG(3, ("[%5d]: request location of privileged pipe\n", state->pid)); + DEBUG(3, ("[%5lu]: request location of privileged pipe\n", (unsigned long)state->pid)); state->response.extra_data = strdup(get_winbind_priv_pipe_dir()); if (!state->response.extra_data) diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c index 8df0f621c0..a8908487c1 100644 --- a/source3/nsswitch/winbindd_pam.c +++ b/source3/nsswitch/winbindd_pam.c @@ -53,55 +53,6 @@ static NTSTATUS append_info3_as_ndr(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } -/******************************************************************* - wrapper around retreiving the trsut account password -*******************************************************************/ - -static BOOL get_trust_pw(const char *domain, uint8 ret_pwd[16], - time_t *pass_last_set_time, uint32 *channel) -{ - DOM_SID sid; - char *pwd; - - /* if we are a DC and this is not our domain, then lookup an account - for the domain trust */ - - if ( IS_DC && !strequal(domain, lp_workgroup()) && lp_allow_trusted_domains() ) - { - if ( !secrets_fetch_trusted_domain_password(domain, &pwd, &sid, - pass_last_set_time) ) - { - DEBUG(0, ("get_trust_pw: could not fetch trust account " - "password for trusted domain %s\n", domain)); - return False; - } - - *channel = SEC_CHAN_DOMAIN; - E_md4hash(pwd, ret_pwd); - SAFE_FREE(pwd); - - return True; - } - else /* just get the account for our domain (covers - ROLE_DOMAIN_MEMBER as well */ - { - /* get the machine trust account for our domain */ - - if ( !secrets_fetch_trust_account_password (lp_workgroup(), ret_pwd, - pass_last_set_time, channel) ) - { - DEBUG(0, ("get_trust_pw: could not fetch trust account " - "password for my domain %s\n", domain)); - return False; - } - - return True; - } - - /* Failure */ - return False; -} - /********************************************************************** Authenticate a user with a clear test password **********************************************************************/ @@ -131,7 +82,7 @@ enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) /* Ensure null termination */ state->request.data.auth.pass[sizeof(state->request.data.auth.pass)-1]='\0'; - DEBUG(3, ("[%5d]: pam auth %s\n", state->pid, + DEBUG(3, ("[%5lu]: pam auth %s\n", (unsigned long)state->pid, state->request.data.auth.user)); if (!(mem_ctx = talloc_init("winbind pam auth for %s", state->request.data.auth.user))) { @@ -305,7 +256,7 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) goto done; } - DEBUG(3, ("[%5d]: pam auth crap domain: %s user: %s\n", state->pid, + DEBUG(3, ("[%5lu]: pam auth crap domain: %s user: %s\n", (unsigned long)state->pid, domain, user)); if ( !get_trust_pw(domain, trust_passwd, &last_change_time, &sec_channel_type) ) { @@ -436,7 +387,7 @@ enum winbindd_result winbindd_pam_chauthtok(struct winbindd_cli_state *state) fstring domain, user; CLI_POLICY_HND *hnd; - DEBUG(3, ("[%5d]: pam chauthtok %s\n", state->pid, + DEBUG(3, ("[%5lu]: pam chauthtok %s\n", (unsigned long)state->pid, state->request.data.chauthtok.user)); /* Setup crap */ diff --git a/source3/nsswitch/winbindd_sid.c b/source3/nsswitch/winbindd_sid.c index 676beae3aa..98a6fce24b 100644 --- a/source3/nsswitch/winbindd_sid.c +++ b/source3/nsswitch/winbindd_sid.c @@ -39,7 +39,7 @@ enum winbindd_result winbindd_lookupsid(struct winbindd_cli_state *state) /* Ensure null termination */ state->request.data.sid[sizeof(state->request.data.sid)-1]='\0'; - DEBUG(3, ("[%5d]: lookupsid %s\n", state->pid, + DEBUG(3, ("[%5lu]: lookupsid %s\n", (unsigned long)state->pid, state->request.data.sid)); /* Lookup sid from PDC using lsa_lookup_sids() */ @@ -90,7 +90,7 @@ enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state) /* Ensure null termination */ state->request.data.sid[sizeof(state->request.data.name.name)-1]='\0'; - DEBUG(3, ("[%5d]: lookupname %s%s%s\n", state->pid, + DEBUG(3, ("[%5lu]: lookupname %s%s%s\n", (unsigned long)state->pid, state->request.data.name.dom_name, lp_winbind_separator(), state->request.data.name.name)); @@ -127,7 +127,7 @@ enum winbindd_result winbindd_sid_to_uid(struct winbindd_cli_state *state) /* Ensure null termination */ state->request.data.sid[sizeof(state->request.data.sid)-1]='\0'; - DEBUG(3, ("[%5d]: sid to uid %s\n", state->pid, + DEBUG(3, ("[%5lu]: sid to uid %s\n", (unsigned long)state->pid, state->request.data.sid)); /* Split sid into domain sid and user rid */ @@ -159,7 +159,7 @@ enum winbindd_result winbindd_sid_to_gid(struct winbindd_cli_state *state) /* Ensure null termination */ state->request.data.sid[sizeof(state->request.data.sid)-1]='\0'; - DEBUG(3, ("[%5d]: sid to gid %s\n", state->pid, + DEBUG(3, ("[%5lu]: sid to gid %s\n", (unsigned long)state->pid, state->request.data.sid)); if (!string_to_sid(&sid, state->request.data.sid)) { @@ -192,13 +192,13 @@ enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state) return WINBINDD_ERROR; } - DEBUG(3, ("[%5d]: uid to sid %d\n", state->pid, - state->request.data.uid)); + DEBUG(3, ("[%5lu]: uid to sid %lu\n", (unsigned long)state->pid, + (unsigned long)state->request.data.uid)); /* Lookup rid for this uid */ if (!NT_STATUS_IS_OK(idmap_uid_to_sid(&sid, state->request.data.uid))) { - DEBUG(1, ("Could not convert uid %d to rid\n", - state->request.data.uid)); + DEBUG(1, ("Could not convert uid %lu to rid\n", + (unsigned long)state->request.data.uid)); return WINBINDD_ERROR; } @@ -221,13 +221,13 @@ enum winbindd_result winbindd_gid_to_sid(struct winbindd_cli_state *state) return WINBINDD_ERROR; } - DEBUG(3, ("[%5d]: gid to sid %d\n", state->pid, - state->request.data.gid)); + DEBUG(3, ("[%5lu]: gid to sid %lu\n", (unsigned long)state->pid, + (unsigned long)state->request.data.gid)); /* Lookup sid for this uid */ if (!NT_STATUS_IS_OK(idmap_gid_to_sid(&sid, state->request.data.gid))) { - DEBUG(1, ("Could not convert gid %d to sid\n", - state->request.data.gid)); + DEBUG(1, ("Could not convert gid %lu to sid\n", + (unsigned long)state->request.data.gid)); return WINBINDD_ERROR; } diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c index c49c41687b..c0b0d94167 100644 --- a/source3/nsswitch/winbindd_user.c +++ b/source3/nsswitch/winbindd_user.c @@ -108,7 +108,7 @@ enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state) /* Ensure null termination */ state->request.data.username[sizeof(state->request.data.username)-1]='\0'; - DEBUG(3, ("[%5d]: getpwnam %s\n", state->pid, + DEBUG(3, ("[%5lu]: getpwnam %s\n", (unsigned long)state->pid, state->request.data.username)); /* Parse domain and username */ @@ -131,7 +131,7 @@ enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state) /* should we deal with users for our domain? */ if ( lp_winbind_trusted_domains_only() && strequal(name_domain, lp_workgroup())) { - DEBUG(7,("winbindd_getpenam: My domain -- rejecting getpwnam() for %s\\%s.\n", + DEBUG(7,("winbindd_getpwnam: My domain -- rejecting getpwnam() for %s\\%s.\n", name_domain, name_user)); return WINBINDD_ERROR; } @@ -209,8 +209,8 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) (state->request.data.uid > server_state.uid_high)) return WINBINDD_ERROR; - DEBUG(3, ("[%5d]: getpwuid %d\n", state->pid, - state->request.data.uid)); + DEBUG(3, ("[%5lu]: getpwuid %lu\n", (unsigned long)state->pid, + (unsigned long)state->request.data.uid)); /* always try local tdb first */ @@ -222,8 +222,8 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) /* Get rid from uid */ if (!NT_STATUS_IS_OK(idmap_uid_to_sid(&user_sid, state->request.data.uid))) { - DEBUG(1, ("could not convert uid %d to SID\n", - state->request.data.uid)); + DEBUG(1, ("could not convert uid %lu to SID\n", + (unsigned long)state->request.data.uid)); return WINBINDD_ERROR; } @@ -246,8 +246,8 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) /* Get some user info */ - if (!(mem_ctx = talloc_init("winbind_getpwuid(%d)", - state->request.data.uid))) { + if (!(mem_ctx = talloc_init("winbind_getpwuid(%lu)", + (unsigned long)state->request.data.uid))) { DEBUG(1, ("out of memory\n")); return WINBINDD_ERROR; @@ -295,7 +295,7 @@ enum winbindd_result winbindd_setpwent(struct winbindd_cli_state *state) { struct winbindd_domain *domain; - DEBUG(3, ("[%5d]: setpwent\n", state->pid)); + DEBUG(3, ("[%5lu]: setpwent\n", (unsigned long)state->pid)); /* Check user has enabled this */ @@ -359,7 +359,7 @@ enum winbindd_result winbindd_setpwent(struct winbindd_cli_state *state) enum winbindd_result winbindd_endpwent(struct winbindd_cli_state *state) { - DEBUG(3, ("[%5d]: endpwent\n", state->pid)); + DEBUG(3, ("[%5lu]: endpwent\n", (unsigned long)state->pid)); free_getent_state(state->getpwent_state); state->getpwent_state = NULL; @@ -474,7 +474,7 @@ enum winbindd_result winbindd_getpwent(struct winbindd_cli_state *state) struct winbindd_pw *user_list; int num_users, user_list_ndx = 0, i; - DEBUG(3, ("[%5d]: getpwent\n", state->pid)); + DEBUG(3, ("[%5lu]: getpwent\n", (unsigned long)state->pid)); /* Check user has enabled this */ @@ -581,7 +581,7 @@ enum winbindd_result winbindd_list_users(struct winbindd_cli_state *state) TALLOC_CTX *mem_ctx; enum winbindd_result rv = WINBINDD_ERROR; - DEBUG(3, ("[%5d]: list users\n", state->pid)); + DEBUG(3, ("[%5lu]: list users\n", (unsigned long)state->pid)); if (!(mem_ctx = talloc_init("winbindd_list_users"))) return WINBINDD_ERROR; diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index 6177c46aef..a810e503a0 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -111,7 +111,7 @@ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const fstrcpy(domain->name, alt_name); fstrcpy(domain->alt_name, domain_name); } else { - fstrcpy(domain->name, domain_name); + fstrcpy(domain->name, domain_name); if (alt_name) { fstrcpy(domain->alt_name, alt_name); } @@ -174,8 +174,11 @@ void rescan_trusted_domains(BOOL force) char **names; char **alt_names; int num_domains = 0; - DOM_SID *dom_sids; + DOM_SID *dom_sids, null_sid; int i; + struct winbindd_domain *new_domain; + + ZERO_STRUCTP(&null_sid); result = domain->methods->trusted_domains(domain, mem_ctx, &num_domains, &names, &alt_names, &dom_sids); @@ -183,12 +186,34 @@ void rescan_trusted_domains(BOOL force) continue; } - /* Add each domain to the trusted domain list. Each domain inherits - the access methods of its parent */ + /* Add each domain to the trusted domain list */ + for(i = 0; i < num_domains; i++) { DEBUG(10,("Found domain %s\n", names[i])); add_trusted_domain(names[i], alt_names?alt_names[i]:NULL, domain->methods, &dom_sids[i]); + + /* if the SID was empty, we better set it now */ + + if ( sid_equal(&dom_sids[i], &null_sid) ) { + + new_domain = find_domain_from_name(names[i]); + + /* this should never happen */ + if ( !new_domain ) { + DEBUG(0,("rescan_trust_domains: can't find the domain I just added! [%s]\n", + names[i])); + break; + } + + /* call the cache method; which will operate on the winbindd_domain \ + passed in and choose either rpc or ads as appropriate */ + + result = domain->methods->domain_sid( new_domain, &new_domain->sid ); + + if ( NT_STATUS_IS_OK(result) ) + sid_copy( &dom_sids[i], &domain->sid ); + } /* store trusted domain in the cache */ trustdom_cache_store(names[i], alt_names ? alt_names[i] : NULL, @@ -209,7 +234,7 @@ BOOL init_domain_list(void) free_domain_list(); /* Add ourselves as the first entry */ - domain = add_trusted_domain(lp_workgroup(), NULL, &cache_methods, NULL); + domain = add_trusted_domain( lp_workgroup(), NULL, &cache_methods, NULL); if (!secrets_fetch_domain_sid(domain->name, &domain->sid)) { DEBUG(1, ("Could not fetch sid for our domain %s\n", domain->name)); @@ -782,3 +807,53 @@ BOOL winbindd_upgrade_idmap(void) return idmap_convert(idmap_name); } + +/******************************************************************* + wrapper around retrieving the trust account password +*******************************************************************/ + +BOOL get_trust_pw(const char *domain, uint8 ret_pwd[16], + time_t *pass_last_set_time, uint32 *channel) +{ + DOM_SID sid; + char *pwd; + + /* if we are a DC and this is not our domain, then lookup an account + for the domain trust */ + + if ( IS_DC && !strequal(domain, lp_workgroup()) && lp_allow_trusted_domains() ) + { + if ( !secrets_fetch_trusted_domain_password(domain, &pwd, &sid, + pass_last_set_time) ) + { + DEBUG(0, ("get_trust_pw: could not fetch trust account " + "password for trusted domain %s\n", domain)); + return False; + } + + *channel = SEC_CHAN_DOMAIN; + E_md4hash(pwd, ret_pwd); + SAFE_FREE(pwd); + + return True; + } + else /* just get the account for our domain (covers + ROLE_DOMAIN_MEMBER as well */ + { + /* get the machine trust account for our domain */ + + if ( !secrets_fetch_trust_account_password (lp_workgroup(), ret_pwd, + pass_last_set_time, channel) ) + { + DEBUG(0, ("get_trust_pw: could not fetch trust account " + "password for my domain %s\n", domain)); + return False; + } + + return True; + } + + /* Failure */ + return False; +} + diff --git a/source3/nsswitch/winbindd_wins.c b/source3/nsswitch/winbindd_wins.c index 66903e250d..49bee2dc9f 100644 --- a/source3/nsswitch/winbindd_wins.c +++ b/source3/nsswitch/winbindd_wins.c @@ -137,7 +137,7 @@ enum winbindd_result winbindd_wins_byip(struct winbindd_cli_state *state) /* Ensure null termination */ state->request.data.winsreq[sizeof(state->request.data.winsreq)-1]='\0'; - DEBUG(3, ("[%5d]: wins_byip %s\n", state->pid, + DEBUG(3, ("[%5lu]: wins_byip %s\n", (unsigned long)state->pid, state->request.data.winsreq)); *response = '\0'; @@ -184,7 +184,7 @@ enum winbindd_result winbindd_wins_byname(struct winbindd_cli_state *state) /* Ensure null termination */ state->request.data.winsreq[sizeof(state->request.data.winsreq)-1]='\0'; - DEBUG(3, ("[%5d]: wins_byname %s\n", state->pid, + DEBUG(3, ("[%5lu]: wins_byname %s\n", (unsigned long)state->pid, state->request.data.winsreq)); *response = '\0'; diff --git a/source3/nsswitch/wins.c b/source3/nsswitch/wins.c index 62493ef0a9..87dac60192 100644 --- a/source3/nsswitch/wins.c +++ b/source3/nsswitch/wins.c @@ -86,29 +86,6 @@ static void nss_wins_init(void) load_interfaces(); } -static struct node_status *lookup_byaddr_backend(char *addr, int *count) -{ - int fd; - struct in_addr ip; - struct nmb_name nname; - struct node_status *status; - - if (!initialised) { - nss_wins_init(); - } - - fd = wins_lookup_open_socket_in(); - if (fd == -1) - return NULL; - - make_nmb_name(&nname, "*", 0); - ip = *interpret_addr2(addr); - status = node_status_query(fd,&nname,ip, count); - - close(fd); - return status; -} - static struct in_addr *lookup_byname_backend(const char *name, int *count) { int fd = -1; @@ -149,8 +126,31 @@ static struct in_addr *lookup_byname_backend(const char *name, int *count) return ret; } - #ifdef HAVE_NS_API_H + +static struct node_status *lookup_byaddr_backend(char *addr, int *count) +{ + int fd; + struct in_addr ip; + struct nmb_name nname; + struct node_status *status; + + if (!initialised) { + nss_wins_init(); + } + + fd = wins_lookup_open_socket_in(); + if (fd == -1) + return NULL; + + make_nmb_name(&nname, "*", 0); + ip = *interpret_addr2(addr); + status = node_status_query(fd,&nname,ip, count); + + close(fd); + return status; +} + /* IRIX version */ int init(void) |