diff options
| -rw-r--r-- | source3/auth/auth_util.c | 6 | ||||
| -rw-r--r-- | source3/include/includes.h | 1 | ||||
| -rw-r--r-- | source3/lib/winbind_util.c | 325 | ||||
| -rw-r--r-- | source3/nsswitch/wb_client.c | 472 | ||||
| -rw-r--r-- | source3/nsswitch/wbinfo.c | 138 |
5 files changed, 393 insertions, 549 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 1e33869ea9..373a2a375f 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1731,17 +1731,17 @@ bool is_trusted_domain(const char* dom_name) return True; } else { - NSS_STATUS result; + wbcErr result; /* If winbind is around, ask it */ result = wb_is_trusted_domain(dom_name); - if (result == NSS_STATUS_SUCCESS) { + if (result == WBC_ERR_SUCCESS) { return True; } - if (result == NSS_STATUS_NOTFOUND) { + if (result == WBC_ERR_DOMAIN_NOT_FOUND) { /* winbind could not find the domain */ return False; } diff --git a/source3/include/includes.h b/source3/include/includes.h index fdeff346e5..14ef2258e6 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -784,6 +784,7 @@ enum flush_reason_enum { NUM_FLUSH_REASONS}; #include "nss_info.h" +#include "nsswitch/libwbclient/wbclient.h" /* generated rpc server implementation functions */ #include "librpc/gen_ndr/srv_echo.h" diff --git a/source3/lib/winbind_util.c b/source3/lib/winbind_util.c new file mode 100644 index 0000000000..4983b9ced0 --- /dev/null +++ b/source3/lib/winbind_util.c @@ -0,0 +1,325 @@ +/* + Unix SMB/CIFS implementation. + Winbind Utility functions + + Copyright (C) Gerald (Jerry) Carter 2007 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" + +#if defined(WITH_WINBIND) + +#include "nsswitch/libwbclient/wbclient.h" + +/* Call winbindd to convert a name to a sid */ + +bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, + enum lsa_SidType *name_type) +{ + struct wbcDomainSid dom_sid; + wbcErr result; + enum wbcSidType type; + + result = wbcLookupName(dom_name, name, &dom_sid, &type); + if (result != WBC_ERR_SUCCESS) + return False; + + memcpy(sid, &dom_sid, sizeof(DOM_SID)); + *name_type = (enum lsa_SidType)type; + + return True; +} + +/* Call winbindd to convert sid to name */ + +bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, + const char **domain, const char **name, + enum lsa_SidType *name_type) +{ + struct wbcDomainSid dom_sid; + wbcErr result; + enum wbcSidType type; + char *domain_name = NULL; + char *account_name = NULL; + + memcpy(&dom_sid, sid, sizeof(dom_sid)); + + result = wbcLookupSid(&dom_sid, &domain_name, &account_name, &type); + if (result != WBC_ERR_SUCCESS) + return False; + + /* Copy out result */ + + if (domain) { + *domain = talloc_strdup(mem_ctx, domain_name); + } + if (name) { + *name = talloc_strdup(mem_ctx, account_name); + } + *name_type = (enum lsa_SidType)type; + + DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n", + sid_string_dbg(sid), domain_name, account_name)); + + SAFE_FREE(domain_name); + SAFE_FREE(account_name); + + if ((domain && !*domain) || (name && !*name)) { + DEBUG(0,("winbind_lookup_sid: talloc() failed!\n")); + return False; + } + + + return True; +} + +/* Ping winbindd to see it is alive */ + +bool winbind_ping(void) +{ + wbcErr result = wbcPing(); + + return (result == WBC_ERR_SUCCESS); +} + +/* Call winbindd to convert SID to uid */ + +bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid) +{ + struct wbcDomainSid dom_sid; + wbcErr result; + + memcpy(&dom_sid, sid, sizeof(dom_sid)); + + result = wbcSidToUid(&dom_sid, puid); + if (result != WBC_ERR_SUCCESS) + return False; + + return (result == WBC_ERR_SUCCESS); +} + +/* Call winbindd to convert uid to sid */ + +bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid) +{ + struct wbcDomainSid dom_sid; + wbcErr result; + + result = wbcUidToSid(uid, &dom_sid); + if (result == WBC_ERR_SUCCESS) { + memcpy(sid, &dom_sid, sizeof(DOM_SID)); + } else { + sid_copy(sid, &global_sid_NULL); + } + + return (result == WBC_ERR_SUCCESS); +} + +/* Call winbindd to convert SID to gid */ + +bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid) +{ + struct wbcDomainSid dom_sid; + wbcErr result; + + memcpy(&dom_sid, sid, sizeof(dom_sid)); + + result = wbcSidToGid(&dom_sid, pgid); + if (result != WBC_ERR_SUCCESS) + return False; + + return (result == WBC_ERR_SUCCESS); +} + +/* Call winbindd to convert gid to sid */ + +bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid) +{ + struct wbcDomainSid dom_sid; + wbcErr result; + + result = wbcGidToSid(gid, &dom_sid); + if (result == WBC_ERR_SUCCESS) { + memcpy(sid, &dom_sid, sizeof(DOM_SID)); + } else { + sid_copy(sid, &global_sid_NULL); + } + + return (result == WBC_ERR_SUCCESS); +} + +/* Check for a trusted domain */ + +wbcErr wb_is_trusted_domain(const char *domain) +{ + wbcErr result; + struct wbcDomainInfo info; + + result = wbcDomainInfo(domain, &info); + + if (result == WBC_ERR_SUCCESS) { + SAFE_FREE(info.short_name); + SAFE_FREE(info.dns_name); + } + + return result; +} + +/* Lookup a set of rids in a given domain */ + +bool winbind_lookup_rids(TALLOC_CTX *mem_ctx, + const DOM_SID *domain_sid, + int num_rids, uint32 *rids, + const char **domain_name, + const char ***names, enum lsa_SidType **types) +{ + const char *dom_name = NULL; + const char **namelist = NULL; + enum wbcSidType *name_types = NULL; + struct wbcDomainSid dom_sid; + wbcErr ret; + int i; + + memcpy(&dom_sid, domain_sid, sizeof(struct wbcDomainSid)); + + ret = wbcLookupRids(&dom_sid, num_rids, rids, + &dom_name, &namelist, &name_types); + if (ret != WBC_ERR_SUCCESS) + return False; + + *domain_name = talloc_strdup(mem_ctx, dom_name); + *names = TALLOC_ARRAY(mem_ctx, const char*, num_rids); + *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids); + + for(i=0; i<num_rids; i++) { + (*names)[i] = talloc_strdup(names, namelist[i]); + (*types)[i] = (enum lsa_SidType)name_types[i]; + + free(CONST_DISCARD(char*, namelist[i])); + } + free(namelist); + free(name_types); + + return True; +} + +/* Ask Winbind to allocate a new uid for us */ + +bool winbind_allocate_uid(uid_t *uid) +{ + wbcErr ret; + + ret = wbcAllocateUid(uid); + + return (ret == WBC_ERR_SUCCESS); +} + +/* Ask Winbind to allocate a new gid for us */ + +bool winbind_allocate_gid(gid_t *gid) +{ + wbcErr ret; + + ret = wbcAllocateGid(gid); + + return (ret == WBC_ERR_SUCCESS); +} + +#else /* WITH_WINBIND */ + +bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, + enum lsa_SidType *name_type) +{ + return False; +} + +/* Call winbindd to convert sid to name */ + +bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, + const char **domain, const char **name, + enum lsa_SidType *name_type) +{ + return False; +} + +/* Ping winbindd to see it is alive */ + +bool winbind_ping(void) +{ + return False; +} + +/* Call winbindd to convert SID to uid */ + +bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid) +{ + return False; +} + +/* Call winbindd to convert uid to sid */ + +bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid) +{ + return False; +} + +/* Call winbindd to convert SID to gid */ + +bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid) +{ + return False; +} + +/* Call winbindd to convert gid to sid */ + +bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid) +{ + return False; +} + +/* Check for a trusted domain */ + +wbcErr wb_is_trusted_domain(const char *domain) +{ + return WBC_ERR_UNKNOWN_FAILURE; +} + +/* Lookup a set of rids in a given domain */ + +bool winbind_lookup_rids(TALLOC_CTX *mem_ctx, + const DOM_SID *domain_sid, + int num_rids, uint32 *rids, + const char **domain_name, + const char ***names, enum lsa_SidType **types) +{ + return False; +} + +/* Ask Winbind to allocate a new uid for us */ + +bool winbind_allocate_uid(uid_t *uid) +{ + return False; +} + +/* Ask Winbind to allocate a new gid for us */ + +bool winbind_allocate_gid(gid_t *gid) +{ + return False; +} + +#endif /* WITH_WINBIND */ diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c index d24bba2fe1..5e1a5d8ad4 100644 --- a/source3/nsswitch/wb_client.c +++ b/source3/nsswitch/wb_client.c @@ -22,6 +22,7 @@ #include "includes.h" #include "nsswitch/winbind_nss.h" +#include "libwbclient/wbclient.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND @@ -30,431 +31,6 @@ NSS_STATUS winbindd_request_response(int req_type, struct winbindd_request *request, struct winbindd_response *response); -/* Call winbindd to convert a name to a sid */ - -bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, - enum lsa_SidType *name_type) -{ - struct winbindd_request request; - struct winbindd_response response; - NSS_STATUS result; - - if (!sid || !name_type) - return False; - - /* Send off request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - fstrcpy(request.data.name.dom_name, dom_name); - fstrcpy(request.data.name.name, name); - - if ((result = winbindd_request_response(WINBINDD_LOOKUPNAME, &request, - &response)) == NSS_STATUS_SUCCESS) { - if (!string_to_sid(sid, response.data.sid.sid)) - return False; - *name_type = (enum lsa_SidType)response.data.sid.type; - } - - return result == NSS_STATUS_SUCCESS; -} - -/* Call winbindd to convert sid to name */ - -bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, - const char **domain, const char **name, - enum lsa_SidType *name_type) -{ - struct winbindd_request request; - struct winbindd_response response; - NSS_STATUS result; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - sid_to_fstring(request.data.sid, sid); - - /* Make request */ - - result = winbindd_request_response(WINBINDD_LOOKUPSID, &request, - &response); - - if (result != NSS_STATUS_SUCCESS) { - return False; - } - - /* Copy out result */ - - if (domain != NULL) { - *domain = talloc_strdup(mem_ctx, response.data.name.dom_name); - if (*domain == NULL) { - DEBUG(0, ("talloc failed\n")); - return False; - } - } - if (name != NULL) { - *name = talloc_strdup(mem_ctx, response.data.name.name); - if (*name == NULL) { - DEBUG(0, ("talloc failed\n")); - return False; - } - } - - *name_type = (enum lsa_SidType)response.data.name.type; - - DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n", - sid_string_dbg(sid), response.data.name.dom_name, - response.data.name.name)); - return True; -} - -bool winbind_lookup_rids(TALLOC_CTX *mem_ctx, - const DOM_SID *domain_sid, - int num_rids, uint32 *rids, - const char **domain_name, - const char ***names, enum lsa_SidType **types) -{ - size_t i, buflen; - ssize_t len; - char *ridlist; - char *p; - struct winbindd_request request; - struct winbindd_response response; - NSS_STATUS result; - - if (num_rids == 0) { - return False; - } - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - sid_to_fstring(request.data.sid, domain_sid); - - len = 0; - buflen = 0; - ridlist = NULL; - - for (i=0; i<num_rids; i++) { - sprintf_append(mem_ctx, &ridlist, &len, &buflen, - "%ld\n", rids[i]); - } - - if (ridlist == NULL) { - return False; - } - - request.extra_data.data = ridlist; - request.extra_len = strlen(ridlist)+1; - - result = winbindd_request_response(WINBINDD_LOOKUPRIDS, - &request, &response); - - TALLOC_FREE(ridlist); - - if (result != NSS_STATUS_SUCCESS) { - return False; - } - - *domain_name = talloc_strdup(mem_ctx, response.data.domain_name); - - *names = TALLOC_ARRAY(mem_ctx, const char *, num_rids); - *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids); - - if ((*names == NULL) || (*types == NULL)) { - goto fail; - } - - p = (char *)response.extra_data.data; - - for (i=0; i<num_rids; i++) { - char *q; - - if (*p == '\0') { - DEBUG(10, ("Got invalid reply: %s\n", - (char *)response.extra_data.data)); - goto fail; - } - - (*types)[i] = (enum lsa_SidType)strtoul(p, &q, 10); - - if (*q != ' ') { - DEBUG(10, ("Got invalid reply: %s\n", - (char *)response.extra_data.data)); - goto fail; - } - - p = q+1; - - q = strchr(p, '\n'); - if (q == NULL) { - DEBUG(10, ("Got invalid reply: %s\n", - (char *)response.extra_data.data)); - goto fail; - } - - *q = '\0'; - - (*names)[i] = talloc_strdup(*names, p); - - p = q+1; - } - - if (*p != '\0') { - DEBUG(10, ("Got invalid reply: %s\n", - (char *)response.extra_data.data)); - goto fail; - } - - SAFE_FREE(response.extra_data.data); - - return True; - - fail: - TALLOC_FREE(*names); - TALLOC_FREE(*types); - return False; -} - -/* Call winbindd to convert SID to uid */ - -bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - int result; - fstring sid_str; - - if (!puid) - return False; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - sid_to_fstring(sid_str, sid); - fstrcpy(request.data.sid, sid_str); - - /* Make request */ - - result = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response); - - /* Copy out result */ - - if (result == NSS_STATUS_SUCCESS) { - *puid = response.data.uid; - } - - return (result == NSS_STATUS_SUCCESS); -} - -/* Call winbindd to convert uid to sid */ - -bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid) -{ - struct winbindd_request request; - struct winbindd_response response; - int result; - - if (!sid) - return False; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - request.data.uid = uid; - - /* Make request */ - - result = winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response); - - /* Copy out result */ - - if (result == NSS_STATUS_SUCCESS) { - if (!string_to_sid(sid, response.data.sid.sid)) - return False; - } else { - sid_copy(sid, &global_sid_NULL); - } - - return (result == NSS_STATUS_SUCCESS); -} - -/* Call winbindd to convert SID to gid */ - -bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - int result; - fstring sid_str; - - if (!pgid) - return False; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - sid_to_fstring(sid_str, sid); - fstrcpy(request.data.sid, sid_str); - - /* Make request */ - - result = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response); - - /* Copy out result */ - - if (result == NSS_STATUS_SUCCESS) { - *pgid = response.data.gid; - } - - return (result == NSS_STATUS_SUCCESS); -} - -/* Call winbindd to convert gid to sid */ - -bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid) -{ - struct winbindd_request request; - struct winbindd_response response; - int result; - - if (!sid) - return False; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - request.data.gid = gid; - - /* Make request */ - - result = winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response); - - /* Copy out result */ - - if (result == NSS_STATUS_SUCCESS) { - if (!string_to_sid(sid, response.data.sid.sid)) - return False; - } else { - sid_copy(sid, &global_sid_NULL); - } - - return (result == NSS_STATUS_SUCCESS); -} - -/* Call winbindd to convert SID to uid */ - -bool winbind_sids_to_unixids(struct id_map *ids, int num_ids) -{ - struct winbindd_request request; - struct winbindd_response response; - int result; - DOM_SID *sids; - int i; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - request.extra_len = num_ids * sizeof(DOM_SID); - - sids = (DOM_SID *)SMB_MALLOC(request.extra_len); - for (i = 0; i < num_ids; i++) { - sid_copy(&sids[i], ids[i].sid); - } - - request.extra_data.data = (char *)sids; - - /* Make request */ - - result = winbindd_request_response(WINBINDD_SIDS_TO_XIDS, &request, &response); - - /* Copy out result */ - - if (result == NSS_STATUS_SUCCESS) { - struct unixid *wid = (struct unixid *)response.extra_data.data; - - for (i = 0; i < num_ids; i++) { - if (wid[i].type == -1) { - ids[i].status = ID_UNMAPPED; - } else { - ids[i].status = ID_MAPPED; - ids[i].xid.type = wid[i].type; - ids[i].xid.id = wid[i].id; - } - } - } - - SAFE_FREE(request.extra_data.data); - SAFE_FREE(response.extra_data.data); - - return (result == NSS_STATUS_SUCCESS); -} - -bool winbind_allocate_uid(uid_t *uid) -{ - struct winbindd_request request; - struct winbindd_response response; - int result; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Make request */ - - result = winbindd_request_response(WINBINDD_ALLOCATE_UID, - &request, &response); - - if (result != NSS_STATUS_SUCCESS) - return False; - - /* Copy out result */ - *uid = response.data.uid; - - return True; -} - -bool winbind_allocate_gid(gid_t *gid) -{ - struct winbindd_request request; - struct winbindd_response response; - int result; - - /* Initialise request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Make request */ - - result = winbindd_request_response(WINBINDD_ALLOCATE_GID, - &request, &response); - - if (result != NSS_STATUS_SUCCESS) - return False; - - /* Copy out result */ - *gid = response.data.gid; - - return True; -} - bool winbind_set_mapping(const struct id_map *map) { struct winbindd_request request; @@ -518,49 +94,3 @@ bool winbind_set_gid_hwm(unsigned long id) return (result == NSS_STATUS_SUCCESS); } - -/********************************************************************** - simple wrapper function to see if winbindd is alive -**********************************************************************/ - -bool winbind_ping( void ) -{ - NSS_STATUS result; - - result = winbindd_request_response(WINBINDD_PING, NULL, NULL); - - return result == NSS_STATUS_SUCCESS; -} - -/********************************************************************** - Is a domain trusted? - - result == NSS_STATUS_UNAVAIL: winbind not around - result == NSS_STATUS_NOTFOUND: winbind around, but domain missing - - Due to a bad API NSS_STATUS_NOTFOUND is returned both when winbind_off and - when winbind return WINBINDD_ERROR. So the semantics of this routine depends - on winbind_on. Grepping for winbind_off I just found 3 places where winbind - is turned off, and this does not conflict (as far as I have seen) with the - callers of is_trusted_domains. - - I *hate* global variables.... - - Volker - -**********************************************************************/ - -NSS_STATUS wb_is_trusted_domain(const char *domain) -{ - struct winbindd_request request; - struct winbindd_response response; - - /* Call winbindd */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - fstrcpy(request.domain_name, domain); - - return winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response); -} diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index 37ff8a78c7..c8f8398c6f 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -22,6 +22,7 @@ #include "includes.h" #include "winbind_client.h" +#include "libwbclient/wbclient.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND @@ -73,25 +74,26 @@ static char winbind_separator(void) static const char *get_winbind_domain(void) { - struct winbindd_response response; + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct wbcDomainInfo *dinfo = NULL; static fstring winbind_domain; - ZERO_STRUCT(response); - - /* Send off request */ + ZERO_STRUCT(dinfo); + + wbc_status = wbcDomainInfo(".", &dinfo); - if (winbindd_request_response(WINBINDD_DOMAIN_NAME, NULL, &response) != - NSS_STATUS_SUCCESS) { + if (!WBC_ERROR_IS_OK(wbc_status)) { d_fprintf(stderr, "could not obtain winbind domain name!\n"); /* HACK: (this module should not call lp_ funtions) */ return lp_workgroup(); } - fstrcpy(winbind_domain, response.data.domain_name); + fstrcpy(winbind_domain, dinfo->short_name); - return winbind_domain; + wbcFreeMemory(dinfo); + return winbind_domain; } /* Copy of parse_domain_user from winbindd_util.c. Parse a string of the @@ -128,61 +130,47 @@ static bool parse_wbinfo_domain_user(const char *domuser, fstring domain, static bool wbinfo_get_userinfo(char *user) { - struct winbindd_request request; - struct winbindd_response response; - NSS_STATUS result; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - fstrcpy(request.data.username, user); + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct passwd *pwd = NULL; - result = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response); - - if (result != NSS_STATUS_SUCCESS) - return False; + wbc_status = wbcGetpwnam(user, &pwd); + if (!WBC_ERROR_IS_OK(wbc_status)) { + return false; + } - d_printf( "%s:%s:%d:%d:%s:%s:%s\n", - response.data.pw.pw_name, - response.data.pw.pw_passwd, - response.data.pw.pw_uid, - response.data.pw.pw_gid, - response.data.pw.pw_gecos, - response.data.pw.pw_dir, - response.data.pw.pw_shell ); + d_printf("%s:%s:%d:%d:%s:%s:%s\n", + pwd->pw_name, + pwd->pw_passwd, + pwd->pw_uid, + pwd->pw_gid, + pwd->pw_gecos, + pwd->pw_dir, + pwd->pw_shell); - return True; + return true; } /* pull pwent info for a given uid */ static bool wbinfo_get_uidinfo(int uid) { - struct winbindd_request request; - struct winbindd_response response; - NSS_STATUS result; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - request.data.uid = uid; - - result = winbindd_request_response(WINBINDD_GETPWUID, &request, &response); + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct passwd *pwd = NULL; - if (result != NSS_STATUS_SUCCESS) - return False; - - d_printf( "%s:%s:%d:%d:%s:%s:%s\n", - response.data.pw.pw_name, - response.data.pw.pw_passwd, - response.data.pw.pw_uid, - response.data.pw.pw_gid, - response.data.pw.pw_gecos, - response.data.pw.pw_dir, - response.data.pw.pw_shell ); - - return True; + wbc_status = wbcGetpwuid(uid, &pwd); + if (!WBC_ERROR_IS_OK(wbc_status)) { + return false; + } + + d_printf("%s:%s:%d:%d:%s:%s:%s\n", + pwd->pw_name, + pwd->pw_passwd, + pwd->pw_uid, + pwd->pw_gid, + pwd->pw_gecos, + pwd->pw_dir, + pwd->pw_shell); + + return true; } /* pull grent for a given group */ @@ -874,40 +862,40 @@ static bool wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags) static bool wbinfo_auth(char *username) { - struct winbindd_request request; - struct winbindd_response response; - NSS_STATUS result; - char *p; - - /* Send off request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - p = strchr(username, '%'); + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + char *s = NULL; + char *p = NULL; + char *password = NULL; + char *name = NULL; + + if ((s = SMB_STRDUP(username)) == NULL) { + return false; + } - if (p) { + if ((p = strchr(s, '%')) != NULL) { *p = 0; - fstrcpy(request.data.auth.user, username); - fstrcpy(request.data.auth.pass, p + 1); - *p = '%'; - } else - fstrcpy(request.data.auth.user, username); + p++; + } - result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response); + name = s; + password = p; - /* Display response */ + wbc_status = wbcAuthenticateUser(name, password); d_printf("plaintext password authentication %s\n", - (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); + WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed"); +#if 0 if (response.data.auth.nt_status) d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", response.data.auth.nt_status_string, response.data.auth.nt_status, response.data.auth.error_string); +#endif - return result == NSS_STATUS_SUCCESS; + SAFE_FREE(s); + + return WBC_ERROR_IS_OK(wbc_status); } /* Authenticate a user with a challenge/response */ |