1) Two new functions to trust passwords interface in passdb:

   settrustpwent, gettrustpwnam

2) Implementation of another couple of these functions in tdbsam:
   settrustpwent, gettrustpwnam, gettrustpwsid

3) Testing (mostly for now) usage of the interface in pdbedit
   which is soon to be offline tool back again.

This is quite a new code, so many changes will be put in soon.


rafal
(This used to be commit 2ed23fbce846f9710747d72aa98c20d54894d61e)

2 files changed, 142 insertions, 4 deletions

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 8307919d10..5679d4a5e8 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -487,6 +487,30 @@ static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
 				       num);
 }
 	
+static NTSTATUS context_settrustpwent(struct pdb_context *context)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+	struct pdb_methods *cur_methods;
+	
+	if (!context) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+	
+	cur_methods = context->pdb_methods;
+	
+	while (cur_methods) {
+		ret = cur_methods->settrustpwent(cur_methods);
+		if (NT_STATUS_IS_OK(ret)) {
+			context->pdb_methods = cur_methods;
+			return ret;
+		}
+		cur_methods = cur_methods->next;
+	}
+	
+	return ret;
+}
+
 static NTSTATUS context_gettrustpwent(struct pdb_context *context,
                                       SAM_TRUST_PASSWD *trust)
 {
@@ -502,6 +526,34 @@ static NTSTATUS context_gettrustpwent(struct pdb_context *context,
 	
 	while (cur_methods) {
 		ret = cur_methods->gettrustpwent(cur_methods, trust);
+		if (!NT_STATUS_IS_ERR(ret)) {
+			/* prevent from segfaulting when gettrustpwent
+			   was called just to rewind enumeration */
+			if (trust) trust->methods = cur_methods;
+			return ret;
+		}
+		cur_methods = cur_methods->next;
+	}
+	
+	return ret;
+}
+
+static NTSTATUS context_gettrustpwnam(struct pdb_context *context,
+                                      SAM_TRUST_PASSWD *trust,
+                                      const char *name)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+	struct pdb_methods *cur_methods;
+	
+	if (!context) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+	
+	cur_methods = context->pdb_methods;
+	
+	while (cur_methods) {
+		ret = cur_methods->gettrustpwnam(cur_methods, trust, name);
 		if (NT_STATUS_IS_OK(ret)) {
 			trust->methods = cur_methods;
 			return ret;
@@ -786,7 +838,9 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_del_aliasmem = context_del_aliasmem;
 	(*context)->pdb_enum_aliasmem = context_enum_aliasmem;
 	(*context)->pdb_enum_alias_memberships = context_enum_alias_memberships;
+	(*context)->pdb_settrustpwent = context_settrustpwent;
 	(*context)->pdb_gettrustpwent = context_gettrustpwent;
+	(*context)->pdb_gettrustpwnam = context_gettrustpwnam;
 	(*context)->pdb_gettrustpwsid = context_gettrustpwsid;
 	(*context)->pdb_add_trust_passwd = context_add_trust_passwd;
 	(*context)->pdb_update_trust_passwd = context_update_trust_passwd;
@@ -1261,11 +1315,22 @@ static void pdb_default_endsampwent(struct pdb_methods *methods)
 	return; /* NT_STATUS_NOT_IMPLEMENTED; */
 }
 
+static NTSTATUS pdb_default_settrustpwent(struct pdb_methods *methods)
+{
+	return NT_STATUS_NOT_IMPLEMENTED;
+}
+
 static NTSTATUS pdb_default_gettrustpwent(struct pdb_methods *methods, SAM_TRUST_PASSWD* trust)
 {
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
+static NTSTATUS pdb_default_gettrustpwnam(struct pdb_methods *methods, SAM_TRUST_PASSWD* trust,
+                                          const char* name)
+{
+	return NT_STATUS_NOT_IMPLEMENTED;
+}
+
 static NTSTATUS pdb_default_gettrustpwsid(struct pdb_methods *methods, SAM_TRUST_PASSWD* trust,
                                           const DOM_SID* sid)
 {
@@ -1341,7 +1406,9 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->enum_aliasmem = pdb_default_enum_aliasmem;
 	(*methods)->enum_alias_memberships = pdb_default_alias_memberships;
 	
+	(*methods)->settrustpwent = pdb_default_settrustpwent;
 	(*methods)->gettrustpwent = pdb_default_gettrustpwent;
+	(*methods)->gettrustpwnam = pdb_default_gettrustpwnam;
 	(*methods)->gettrustpwsid = pdb_default_gettrustpwsid;
 	(*methods)->add_trust_passwd = pdb_default_add_trust_passwd;
 	(*methods)->update_trust_passwd = pdb_default_update_trust_passwd;
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index 39de791b07..aef088c124 100644
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -699,8 +699,22 @@ static void free_private_data(void **vp)
 }
 
 /**
- * Start enumerating through trust passwords (machine and
- * interdomain nt/ads)
+ * Start trust passwords enumeration. This function is a simple
+ * wrapper for calling gettrustpwent with null pointer passed.
+ *
+ * @param methods methods belonging in pdb context (module)
+ * @return nt status of performed operation
+ **/
+
+static NTSTATUS tdbsam_settrustpwent(struct pdb_methods *methods)
+{
+	/* rewind enumeration from beginning */
+	return methods->gettrustpwent(methods, NULL);
+}
+
+
+/**
+ * Enumerate across trust passwords (machine and interdomain nt/ads)
  *
  * @param methods methods belonging in pdb context (module)
  * @param trust trust password structure
@@ -782,7 +796,7 @@ static NTSTATUS tdbsam_gettrustpwent(struct pdb_methods *methods, SAM_TRUST_PASS
 			
 			talloc_destroy(mem_ctx);
 			trust->private = t;
-			return NT_STATUS_OK;
+			return NT_STATUS_NO_MORE_ENTRIES;
 		}
 		secrets_lock_trust_account_password(lp_workgroup(), False);
 	} else {
@@ -793,11 +807,55 @@ static NTSTATUS tdbsam_gettrustpwent(struct pdb_methods *methods, SAM_TRUST_PASS
 	/*
 	 * ADS machine trust password (TODO)
 	 */
+	 
+
+	/*
+	 * if nothing is to be returned then reset domain name
+	 * and return "no more entries"
+	 */
+	nt_status = NT_STATUS_NO_MORE_ENTRIES;
+	trust->private.uni_name_len = 0;
+	trust->private.uni_name[t.uni_name_len] = 0;
 
 	talloc_destroy(mem_ctx);
 	return nt_status;
 }
 
+
+/**
+ * Get trust password by trusted party name
+ *
+ * @param methods methods belonging to pdb context (module)
+ * @param trust trust password structure
+ * @param sid trusted party name
+ *
+ * @return nt status of performed operation
+ **/
+
+static NTSTATUS tdbsam_gettrustpwnam(struct pdb_methods *methods, SAM_TRUST_PASSWD *trust,
+                                     const char *name)
+{
+	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+	char domain_name[32];
+	
+	if (!methods || !trust || !name) return nt_status;
+	
+	do {
+		/* get trust password (next in turn) */
+		nt_status = tdbsam_gettrustpwent(methods, trust);
+		
+		/* convert unicode name and do case insensitive compare */
+		pull_ucs2(NULL, domain_name, trust->private.uni_name, sizeof(domain_name),
+		          trust->private.uni_name_len, STR_TERMINATE);
+		if (!StrnCaseCmp(domain_name, name, sizeof(domain_name)))
+			return NT_STATUS_OK;
+
+	} while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
+	
+	return nt_status;
+}
+
+
 /**
  * Get trust password by trusted party sid
  *
@@ -811,7 +869,18 @@ static NTSTATUS tdbsam_gettrustpwent(struct pdb_methods *methods, SAM_TRUST_PASS
 static NTSTATUS tdbsam_gettrustpwsid(struct pdb_methods *methods, SAM_TRUST_PASSWD *trust,
                                      const DOM_SID *sid)
 {
-	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;	
+	
+	if (!methods || !trust || !sid) return nt_status;
+	
+	do {
+		nt_status = tdbsam_gettrustpwent(methods, trust);
+
+		if (sid_equal(&trust->private.domain_sid, sid))
+			return NT_STATUS_OK;
+	
+	} while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
+	
 	return nt_status;
 }
 
@@ -1263,7 +1332,9 @@ static NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_meth
 	(*pdb_method)->add_sam_account = tdbsam_add_sam_account;
 	(*pdb_method)->update_sam_account = tdbsam_update_sam_account;
 	(*pdb_method)->delete_sam_account = tdbsam_delete_sam_account;
+	(*pdb_method)->settrustpwent = tdbsam_settrustpwent;
 	(*pdb_method)->gettrustpwent = tdbsam_gettrustpwent;
+	(*pdb_method)->gettrustpwnam = tdbsam_gettrustpwnam;
 	(*pdb_method)->gettrustpwsid = tdbsam_gettrustpwsid;
 	(*pdb_method)->add_trust_passwd = tdbsam_add_trust_passwd;
 	(*pdb_method)->update_trust_passwd = tdbsam_update_trust_passwd;