diff options
| author | Volker Lendecke <vlendec@samba.org> | 2005-06-03 15:42:03 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:57:05 -0500 |
| commit | 5084d49052f47626b61e53add818fefaacc101b0 (patch) | |
| tree | debccf837c8d847ad2cd2749b4e3da3ae340dfe8 /source3 | |
| parent | a01de91394f1723100bcd49870422e03f69afb7e (diff) | |
| download | samba-5084d49052f47626b61e53add818fefaacc101b0.tar.gz samba-5084d49052f47626b61e53add818fefaacc101b0.tar.bz2 samba-5084d49052f47626b61e53add818fefaacc101b0.zip | |
r7243: Don't look at gencache.tdb for the trusted domains if winbind is around.
Volker
(This used to be commit 94acb93f57b963bf137c6ddd644a147f4d0b5175)
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/auth/auth_util.c | 23 | ||||
| -rw-r--r-- | source3/nsswitch/wb_client.c | 31 | ||||
| -rw-r--r-- | source3/script/mkproto.awk | 2 |
3 files changed, 51 insertions, 5 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 79205f1206..31bfa2fe01 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1532,11 +1532,26 @@ BOOL is_trusted_domain(const char* dom_name) return True; } else { - /* if winbindd is not up and we are a domain member) then we need to update the - trustdom_cache ourselves */ + NSS_STATUS result; - if ( !winbind_ping() ) - update_trustdom_cache(); + /* If winbind is around, ask it */ + + result = wb_is_trusted_domain(dom_name); + + if (result == NSS_STATUS_SUCCESS) { + return True; + } + + if (result == NSS_STATUS_NOTFOUND) { + /* winbind could not find the domain */ + return False; + } + + /* The only other possible result is that winbind is not up + and running. We need to update the trustdom_cache + ourselves */ + + update_trustdom_cache(); } /* now the trustdom cache should be available a DC could still diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c index 6b184b568b..5005f72457 100644 --- a/source3/nsswitch/wb_client.c +++ b/source3/nsswitch/wb_client.c @@ -394,4 +394,35 @@ BOOL winbind_ping( void ) return result == NSS_STATUS_SUCCESS; } +/********************************************************************** + Is a domain trusted? + + result == NSS_STATUS_UNAVAIL: winbind not around + result == NSS_STATUS_NOTFOUND: winbind around, but domain missing + + Due to a bad API NSS_STATUS_NOTFOUND is returned both when winbind_off and + when winbind return WINBINDD_ERROR. So the semantics of this routine depends + on winbind_on. Grepping for winbind_off I just found 3 places where winbind + is turned off, and this does not conflict (as far as I have seen) with the + callers of is_trusted_domains. + + I *hate* global variables.... + + Volker + +**********************************************************************/ + +NSS_STATUS wb_is_trusted_domain(const char *domain) +{ + struct winbindd_request request; + struct winbindd_response response; + /* Call winbindd */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + fstrcpy(request.domain_name, domain); + + return winbindd_request(WINBINDD_DOMAIN_INFO, &request, &response); +} diff --git a/source3/script/mkproto.awk b/source3/script/mkproto.awk index 45cc0821aa..d9223a1973 100644 --- a/source3/script/mkproto.awk +++ b/source3/script/mkproto.awk @@ -132,7 +132,7 @@ END { gotstart = 1; } - if( $0 ~ /^WINBINDD_PW|^WINBINDD_GR|^NT_PRINTER_INFO_LEVEL_2|^LOGIN_CACHE|^krb5_error_code|^LDAP|^u32|^LUID_ATTR/ ) { + if( $0 ~ /^WINBINDD_PW|^WINBINDD_GR|^NT_PRINTER_INFO_LEVEL_2|^LOGIN_CACHE|^krb5_error_code|^LDAP|^u32|^LUID_ATTR|^NSS_STATUS/ ) { gotstart = 1; } |