summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/auth/auth_winbind.c2
-rw-r--r--source4/nsswitch/wb_common.c242
-rw-r--r--source4/nsswitch/wbinfo.c58
-rw-r--r--source4/nsswitch/winbind_client.h29
-rw-r--r--source4/nsswitch/winbind_nss.h10
-rw-r--r--source4/nsswitch/winbind_nss_config.h47
-rw-r--r--source4/nsswitch/winbind_nss_irix.h4
-rw-r--r--source4/nsswitch/winbind_nss_linux.c277
-rw-r--r--source4/nsswitch/winbind_nss_solaris.h26
-rw-r--r--source4/nsswitch/winbind_struct_protocol.h160
10 files changed, 458 insertions, 397 deletions
diff --git a/source4/auth/auth_winbind.c b/source4/auth/auth_winbind.c
index 95636d7843..2ec0dc7a56 100644
--- a/source4/auth/auth_winbind.c
+++ b/source4/auth/auth_winbind.c
@@ -109,7 +109,7 @@ static NTSTATUS winbind_check_password_samba3(struct auth_method_context *ctx,
memcpy(request.data.auth_crap.nt_resp, user_info->password.response.nt.data,
request.data.auth_crap.nt_resp_len);
- result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response);
+ result = winbindd_request_response(WINBINDD_PAM_AUTH_CRAP, &request, &response);
nt_status = NT_STATUS(response.data.auth.nt_status);
NT_STATUS_NOT_OK_RETURN(nt_status);
diff --git a/source4/nsswitch/wb_common.c b/source4/nsswitch/wb_common.c
index 101659380c..2ae85dcb1e 100644
--- a/source4/nsswitch/wb_common.c
+++ b/source4/nsswitch/wb_common.c
@@ -22,16 +22,16 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#include "includes.h"
-#include "nsswitch/winbind_client.h"
+#include "winbind_client.h"
/* Global variables. These are effectively the client state information */
int winbindd_fd = -1; /* fd for winbindd socket */
+static int is_privileged = 0;
/* Free a response structure */
-void free_response(struct winbindd_response *response)
+void winbindd_free_response(struct winbindd_response *response)
{
/* Free any allocated extra_data */
@@ -41,7 +41,7 @@ void free_response(struct winbindd_response *response)
/* Initialise a request structure */
-void init_request(struct winbindd_request *request, int request_type)
+void winbindd_init_request(struct winbindd_request *request, int request_type)
{
request->length = sizeof(struct winbindd_request);
@@ -52,7 +52,7 @@ void init_request(struct winbindd_request *request, int request_type)
/* Initialise a response structure */
-void init_response(struct winbindd_response *response)
+static void init_response(struct winbindd_response *response)
{
/* Initialise return value */
@@ -61,7 +61,7 @@ void init_response(struct winbindd_response *response)
/* Close established socket */
-void close_sock(void)
+void winbind_close_sock(void)
{
if (winbindd_fd != -1) {
close(winbindd_fd);
@@ -70,10 +70,6 @@ void close_sock(void)
}
#define CONNECT_TIMEOUT 30
-#if 0 /* unused */
-#define WRITE_TIMEOUT CONNECT_TIMEOUT
-#define READ_TIMEOUT CONNECT_TIMEOUT
-#endif
/* Make sure socket handle isn't stdin, stdout or stderr */
#define RECURSION_LIMIT 3
@@ -172,7 +168,7 @@ static int winbind_named_pipe_sock(const char *dir)
{
struct sockaddr_un sunaddr;
struct stat st;
- char *path;
+ pstring path;
int fd;
int wait_time;
int slept;
@@ -189,8 +185,16 @@ static int winbind_named_pipe_sock(const char *dir)
}
/* Connect to socket */
-
- asprintf(&path, "%s%s", dir, "/" WINBINDD_SOCKET_NAME);
+
+ strncpy(path, dir, sizeof(path) - 1);
+ path[sizeof(path) - 1] = '\0';
+
+ strncat(path, "/", sizeof(path) - 1 - strlen(path));
+ path[sizeof(path) - 1] = '\0';
+
+ strncat(path, WINBINDD_SOCKET_NAME, sizeof(path) - 1 - strlen(path));
+ path[sizeof(path) - 1] = '\0';
+
ZERO_STRUCT(sunaddr);
sunaddr.sun_family = AF_UNIX;
strncpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path) - 1);
@@ -200,11 +204,8 @@ static int winbind_named_pipe_sock(const char *dir)
the winbindd daemon is not running. */
if (lstat(path, &st) == -1) {
- SAFE_FREE(path);
return -1;
}
-
- SAFE_FREE(path);
/* Check permissions on unix socket file */
@@ -277,72 +278,80 @@ static int winbind_named_pipe_sock(const char *dir)
close(fd);
return -1;
+}
- if (connect(fd, (struct sockaddr *)&sunaddr,
- sizeof(sunaddr)) == -1) {
- close(fd);
- return -1;
+static const char *winbindd_socket_dir(void)
+{
+#ifdef SOCKET_WRAPPER
+ const char *env_dir;
+
+ env_dir = getenv(WINBINDD_SOCKET_DIR_ENVVAR);
+ if (env_dir) {
+ return env_dir;
}
-
- return fd;
+#endif
+
+ return WINBINDD_SOCKET_DIR;
}
/* Connect to winbindd socket */
-int winbind_open_pipe_sock(void)
+static int winbind_open_pipe_sock(int recursing, int need_priv)
{
#ifdef HAVE_UNIXSOCKET
static pid_t our_pid;
struct winbindd_request request;
struct winbindd_response response;
- const char *winbindd_socket_dir_env;
ZERO_STRUCT(request);
ZERO_STRUCT(response);
if (our_pid != getpid()) {
- close_sock();
+ winbind_close_sock();
our_pid = getpid();
}
+
+ if ((need_priv != 0) && (is_privileged == 0)) {
+ winbind_close_sock();
+ }
if (winbindd_fd != -1) {
return winbindd_fd;
}
-#ifdef SOCKET_WRAPPER
- winbindd_socket_dir_env = getenv(WINBINDD_SOCKET_DIR_ENV);
-
- if (!winbindd_socket_dir_env)
- {
- winbindd_socket_dir_env = WINBINDD_SOCKET_DIR;
+ if (recursing) {
+ return -1;
}
-#else
- winbindd_socket_dir_env = WINBINDD_SOCKET_DIR;
-#endif
-
- winbindd_fd = winbind_named_pipe_sock(winbindd_socket_dir_env);
- if (winbindd_fd == -1)
- {
+ if ((winbindd_fd = winbind_named_pipe_sock(winbindd_socket_dir())) == -1) {
return -1;
}
+ is_privileged = 0;
+
/* version-check the socket */
- if ((winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != WINBIND_INTERFACE_VERSION)) {
- close_sock();
+ request.wb_flags = WBFLAG_RECURSE;
+ if ((winbindd_request_response(WINBINDD_INTERFACE_VERSION, &request, &response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != WINBIND_INTERFACE_VERSION)) {
+ winbind_close_sock();
return -1;
}
/* try and get priv pipe */
- if (winbindd_request(WINBINDD_PRIV_PIPE_DIR, &request, &response) == NSS_STATUS_SUCCESS) {
+ request.wb_flags = WBFLAG_RECURSE;
+ if (winbindd_request_response(WINBINDD_PRIV_PIPE_DIR, &request, &response) == NSS_STATUS_SUCCESS) {
int fd;
- if ((fd = winbind_named_pipe_sock(response.extra_data.data)) != -1) {
+ if ((fd = winbind_named_pipe_sock((char *)response.extra_data.data)) != -1) {
close(winbindd_fd);
winbindd_fd = fd;
+ is_privileged = 1;
}
}
+ if ((need_priv != 0) && (is_privileged == 0)) {
+ return -1;
+ }
+
SAFE_FREE(response.extra_data.data);
return winbindd_fd;
@@ -353,7 +362,7 @@ int winbind_open_pipe_sock(void)
/* Write data to winbindd socket */
-int write_sock(void *buffer, int count)
+int winbind_write_sock(void *buffer, int count, int recursing, int need_priv)
{
int result, nwritten;
@@ -361,7 +370,7 @@ int write_sock(void *buffer, int count)
restart:
- if (winbind_open_pipe_sock() == -1) {
+ if (winbind_open_pipe_sock(recursing, need_priv) == -1) {
return -1;
}
@@ -381,7 +390,7 @@ int write_sock(void *buffer, int count)
ZERO_STRUCT(tv);
if (select(winbindd_fd + 1, &r_fds, NULL, NULL, &tv) == -1) {
- close_sock();
+ winbind_close_sock();
return -1; /* Select error */
}
@@ -399,7 +408,7 @@ int write_sock(void *buffer, int count)
/* Write failed */
- close_sock();
+ winbind_close_sock();
return -1;
}
@@ -409,7 +418,7 @@ int write_sock(void *buffer, int count)
/* Pipe has closed on remote end */
- close_sock();
+ winbind_close_sock();
goto restart;
}
}
@@ -419,11 +428,15 @@ int write_sock(void *buffer, int count)
/* Read data from winbindd socket */
-static int read_sock(void *buffer, int count)
+int winbind_read_sock(void *buffer, int count)
{
int nread = 0;
int total_time = 0, selret;
+ if (winbindd_fd == -1) {
+ return -1;
+ }
+
/* Read data from socket */
while(nread < count) {
struct timeval tv;
@@ -439,7 +452,7 @@ static int read_sock(void *buffer, int count)
tv.tv_sec = 5;
if ((selret = select(winbindd_fd + 1, &r_fds, NULL, NULL, &tv)) == -1) {
- close_sock();
+ winbind_close_sock();
return -1; /* Select error */
}
@@ -447,7 +460,7 @@ static int read_sock(void *buffer, int count)
/* Not ready for read yet... */
if (total_time >= 30) {
/* Timeout */
- close_sock();
+ winbind_close_sock();
return -1;
}
total_time += 5;
@@ -467,7 +480,7 @@ static int read_sock(void *buffer, int count)
can do here is just return -1 and fail since the
transaction has failed half way through. */
- close_sock();
+ winbind_close_sock();
return -1;
}
@@ -481,7 +494,7 @@ static int read_sock(void *buffer, int count)
/* Read reply */
-int read_reply(struct winbindd_response *response)
+int winbindd_read_reply(struct winbindd_response *response)
{
int result1, result2 = 0;
@@ -491,9 +504,9 @@ int read_reply(struct winbindd_response *response)
/* Read fixed length response */
- if ((result1 = read_sock(response, sizeof(struct winbindd_response)))
- == -1) {
-
+ result1 = winbind_read_sock(response,
+ sizeof(struct winbindd_response));
+ if (result1 == -1) {
return -1;
}
@@ -515,9 +528,10 @@ int read_reply(struct winbindd_response *response)
return -1;
}
- if ((result2 = read_sock(response->extra_data.data, extra_data_len))
- == -1) {
- free_response(response);
+ result2 = winbind_read_sock(response->extra_data.data,
+ extra_data_len);
+ if (result2 == -1) {
+ winbindd_free_response(response);
return -1;
}
}
@@ -527,22 +541,31 @@ int read_reply(struct winbindd_response *response)
return result1 + result2;
}
+bool winbind_env_set(void)
+{
+ char *env;
+
+ if ((env=getenv(WINBINDD_DONT_ENV)) != NULL) {
+ if(strcmp(env, "1") == 0) {
+ return true;
+ }
+ }
+ return false;
+}
+
/*
* send simple types of requests
*/
-NSS_STATUS winbindd_send_request(int req_type, struct winbindd_request *request)
+NSS_STATUS winbindd_send_request(int req_type, int need_priv,
+ struct winbindd_request *request)
{
struct winbindd_request lrequest;
- char *env;
- int value;
-
+
/* Check for our tricky environment variable */
- if ( (env = getenv(WINBINDD_DONT_ENV)) != NULL ) {
- value = atoi(env);
- if ( value == 1 )
- return NSS_STATUS_NOTFOUND;
+ if (winbind_env_set()) {
+ return NSS_STATUS_NOTFOUND;
}
if (!request) {
@@ -552,9 +575,19 @@ NSS_STATUS winbindd_send_request(int req_type, struct winbindd_request *request)
/* Fill in request and send down pipe */
- init_request(request, req_type);
+ winbindd_init_request(request, req_type);
- if (write_sock(request, sizeof(*request)) == -1) {
+ if (winbind_write_sock(request, sizeof(*request),
+ request->wb_flags & WBFLAG_RECURSE,
+ need_priv) == -1) {
+ return NSS_STATUS_UNAVAIL;
+ }
+
+ if ((request->extra_len != 0) &&
+ (winbind_write_sock(request->extra_data.data,
+ request->extra_len,
+ request->wb_flags & WBFLAG_RECURSE,
+ need_priv) == -1)) {
return NSS_STATUS_UNAVAIL;
}
@@ -577,13 +610,13 @@ NSS_STATUS winbindd_get_response(struct winbindd_response *response)
init_response(response);
/* Wait for reply */
- if (read_reply(response) == -1) {
+ if (winbindd_read_reply(response) == -1) {
return NSS_STATUS_UNAVAIL;
}
/* Throw away extra data if client didn't request it */
if (response == &lresponse) {
- free_response(response);
+ winbindd_free_response(response);
}
/* Copy reply data from socket */
@@ -596,16 +629,40 @@ NSS_STATUS winbindd_get_response(struct winbindd_response *response)
/* Handle simple types of requests */
-NSS_STATUS winbindd_request(int req_type,
+NSS_STATUS winbindd_request_response(int req_type,
struct winbindd_request *request,
struct winbindd_response *response)
{
- NSS_STATUS status;
+ NSS_STATUS status = NSS_STATUS_UNAVAIL;
+ int count = 0;
- status = winbindd_send_request(req_type, request);
- if (status != NSS_STATUS_SUCCESS)
- return(status);
- return winbindd_get_response(response);
+ while ((status == NSS_STATUS_UNAVAIL) && (count < 10)) {
+ status = winbindd_send_request(req_type, 0, request);
+ if (status != NSS_STATUS_SUCCESS)
+ return(status);
+ status = winbindd_get_response(response);
+ count += 1;
+ }
+
+ return status;
+}
+
+NSS_STATUS winbindd_priv_request_response(int req_type,
+ struct winbindd_request *request,
+ struct winbindd_response *response)
+{
+ NSS_STATUS status = NSS_STATUS_UNAVAIL;
+ int count = 0;
+
+ while ((status == NSS_STATUS_UNAVAIL) && (count < 10)) {
+ status = winbindd_send_request(req_type, 1, request);
+ if (status != NSS_STATUS_SUCCESS)
+ return(status);
+ status = winbindd_get_response(response);
+ count += 1;
+ }
+
+ return status;
}
/*************************************************************************
@@ -613,14 +670,35 @@ NSS_STATUS winbindd_request(int req_type,
enable them
************************************************************************/
-bool winbind_off( void )
+bool winbind_off(void)
{
- setenv(WINBINDD_DONT_ENV, "1", 1);
- return True;
+ return setenv(WINBINDD_DONT_ENV, "1", 1) != -1;
}
-bool winbind_on( void )
+bool winbind_on(void)
{
- setenv(WINBINDD_DONT_ENV, "0", 1);
- return True;
+ return setenv(WINBINDD_DONT_ENV, "0", 1) != -1;
+}
+
+/*************************************************************************
+ ************************************************************************/
+
+const char *nss_err_str(NSS_STATUS ret)
+{
+ switch (ret) {
+ case NSS_STATUS_TRYAGAIN:
+ return "NSS_STATUS_TRYAGAIN";
+ case NSS_STATUS_SUCCESS:
+ return "NSS_STATUS_SUCCESS";
+ case NSS_STATUS_NOTFOUND:
+ return "NSS_STATUS_NOTFOUND";
+ case NSS_STATUS_UNAVAIL:
+ return "NSS_STATUS_UNAVAIL";
+#ifdef NSS_STATUS_RETURN
+ case NSS_STATUS_RETURN:
+ return "NSS_STATUS_RETURN";
+#endif
+ default:
+ return "UNKNOWN RETURN CODE!!!!!!!";
+ }
}
diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c
index a67b0512a2..46e4668dbe 100644
--- a/source4/nsswitch/wbinfo.c
+++ b/source4/nsswitch/wbinfo.c
@@ -45,7 +45,7 @@ static char winbind_separator_int(BOOL strict)
/* Send off request */
- if (winbindd_request(WINBINDD_INFO, NULL, &response) !=
+ if (winbindd_request_response(WINBINDD_INFO, NULL, &response) !=
NSS_STATUS_SUCCESS) {
d_fprintf(stderr, "could not obtain winbind separator!\n");
if (strict) {
@@ -84,7 +84,7 @@ static const char *get_winbind_domain(void)
/* Send off request */
- if (winbindd_request(WINBINDD_DOMAIN_NAME, NULL, &response) !=
+ if (winbindd_request_response(WINBINDD_DOMAIN_NAME, NULL, &response) !=
NSS_STATUS_SUCCESS) {
d_fprintf(stderr, "could not obtain winbind domain name!\n");
@@ -136,7 +136,7 @@ static BOOL wbinfo_get_userinfo(char *user)
fstrcpy(request.data.username, user);
- result = winbindd_request(WINBINDD_GETPWNAM, &request, &response);
+ result = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response);
if (result != NSS_STATUS_SUCCESS)
return False;
@@ -165,7 +165,7 @@ static BOOL wbinfo_get_uidinfo(int uid)
request.data.uid = uid;
- result = winbindd_request(WINBINDD_GETPWUID, &request, &response);
+ result = winbindd_request_response(WINBINDD_GETPWUID, &request, &response);
if (result != NSS_STATUS_SUCCESS)
return False;
@@ -196,7 +196,7 @@ static BOOL wbinfo_get_groupinfo(char *group)
fstrcpy(request.data.groupname, group);
- result = winbindd_request(WINBINDD_GETGRNAM, &request,
+ result = winbindd_request_response(WINBINDD_GETGRNAM, &request,
&response);
if ( result != NSS_STATUS_SUCCESS)
@@ -226,7 +226,7 @@ static BOOL wbinfo_get_usergroups(char *user)
fstrcpy(request.data.username, user);
- result = winbindd_request(WINBINDD_GETGROUPS, &request, &response);
+ result = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response);
if (result != NSS_STATUS_SUCCESS)
return False;
@@ -255,7 +255,7 @@ static BOOL wbinfo_get_usersids(char *user_sid)
/* Send request */
fstrcpy(request.data.sid, user_sid);
- result = winbindd_request(WINBINDD_GETUSERSIDS, &request, &response);
+ result = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response);
if (result != NSS_STATUS_SUCCESS)
return False;
@@ -283,7 +283,7 @@ static BOOL wbinfo_get_userdomgroups(const char *user_sid)
/* Send request */
fstrcpy(request.data.sid, user_sid);
- result = winbindd_request(WINBINDD_GETUSERDOMGROUPS, &request,
+ result = winbindd_request_response(WINBINDD_GETUSERDOMGROUPS, &request,
&response);
if (result != NSS_STATUS_SUCCESS)
@@ -311,7 +311,7 @@ static BOOL wbinfo_wins_byname(char *name)
fstrcpy(request.data.winsreq, name);
- if (winbindd_request(WINBINDD_WINS_BYNAME, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response) !=
NSS_STATUS_SUCCESS) {
return False;
}
@@ -337,7 +337,7 @@ static BOOL wbinfo_wins_byip(char *ip)
fstrcpy(request.data.winsreq, ip);
- if (winbindd_request(WINBINDD_WINS_BYIP, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_WINS_BYIP, &request, &response) !=
NSS_STATUS_SUCCESS) {
return False;
}
@@ -363,7 +363,7 @@ static BOOL wbinfo_list_domains(BOOL list_all_domains)
request.data.list_all_domains = list_all_domains;
- if (winbindd_request(WINBINDD_LIST_TRUSTDOM, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_LIST_TRUSTDOM, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -414,7 +414,7 @@ static BOOL wbinfo_show_sequence(const char *domain)
/* Send request */
- if (winbindd_request(WINBINDD_SHOW_SEQUENCE, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_SHOW_SEQUENCE, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -446,7 +446,7 @@ static BOOL wbinfo_domain_info(const char *domain_name)
/* Send request */
- if (winbindd_request(WINBINDD_DOMAIN_INFO, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -483,7 +483,7 @@ static BOOL wbinfo_getdcname(const char *domain_name)
/* Send request */
- if (winbindd_request(WINBINDD_GETDCNAME, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_GETDCNAME, &request, &response) !=
NSS_STATUS_SUCCESS) {
d_fprintf(stderr, "Could not get dc name for %s\n", domain_name);
return False;
@@ -505,7 +505,7 @@ static BOOL wbinfo_check_secret(void)
ZERO_STRUCT(response);
- result = winbindd_request(WINBINDD_CHECK_MACHACC, NULL, &response);
+ result = winbindd_request_response(WINBINDD_CHECK_MACHACC, NULL, &response);
d_printf("checking the trust secret via RPC calls %s\n",
(result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
@@ -532,7 +532,7 @@ static BOOL wbinfo_uid_to_sid(uid_t uid)
request.data.uid = uid;
- if (winbindd_request(WINBINDD_UID_TO_SID, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -557,7 +557,7 @@ static BOOL wbinfo_gid_to_sid(gid_t gid)
request.data.gid = gid;
- if (winbindd_request(WINBINDD_GID_TO_SID, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -582,7 +582,7 @@ static BOOL wbinfo_sid_to_uid(char *sid)
fstrcpy(request.data.sid, sid);
- if (winbindd_request(WINBINDD_SID_TO_UID, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -605,7 +605,7 @@ static BOOL wbinfo_sid_to_gid(char *sid)
fstrcpy(request.data.sid, sid);
- if (winbindd_request(WINBINDD_SID_TO_GID, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -630,7 +630,7 @@ static BOOL wbinfo_lookupsid(char *sid)
fstrcpy(request.data.sid, sid);
- if (winbindd_request(WINBINDD_LOOKUPSID, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -674,7 +674,7 @@ static BOOL wbinfo_lookupname(char *name)
parse_wbinfo_domain_user(name, request.data.name.dom_name,
request.data.name.name);
- if (winbindd_request(WINBINDD_LOOKUPNAME, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -687,7 +687,7 @@ static BOOL wbinfo_lookupname(char *name)
/* Authenticate a user with a plaintext password */
-static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags)
+static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32_t flags)
{
struct winbindd_request request;
struct winbindd_response response;
@@ -715,7 +715,7 @@ static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags)
request.data.auth.uid = geteuid();
- result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response);
+ result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response);
/* Display response */
@@ -770,7 +770,7 @@ static BOOL wbinfo_auth(char *username)
} else
fstrcpy(request.data.auth.user, username);
- result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response);
+ result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response);
/* Display response */
@@ -877,7 +877,7 @@ static BOOL wbinfo_auth_crap(char *username)
request.data.auth_crap.nt_resp_len = 24;
}
- result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response);
+ result = winbindd_request_response(WINBINDD_PAM_AUTH_CRAP, &request, &response);
/* Display response */
@@ -915,7 +915,7 @@ static BOOL print_domain_users(const char *domain)
fstrcpy( request.domain_name, domain );
}
- if (winbindd_request(WINBINDD_LIST_USERS, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_LIST_USERS, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -953,7 +953,7 @@ static BOOL print_domain_groups(const char *domain)
fstrcpy( request.domain_name, domain );
}
- if (winbindd_request(WINBINDD_LIST_GROUPS, &request, &response) !=
+ if (winbindd_request_response(WINBINDD_LIST_GROUPS, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -976,7 +976,7 @@ static BOOL wbinfo_ping(void)
{
NSS_STATUS result;
- result = winbindd_request(WINBINDD_PING, NULL, NULL);
+ result = winbindd_request_response(WINBINDD_PING, NULL, NULL);
/* Display response */
@@ -1231,7 +1231,7 @@ int main(int argc, char **argv, char **envp)
break;
}
case 'K': {
- uint32 flags = WBFLAG_PAM_KRB5 |
+ uint32_t flags = WBFLAG_PAM_KRB5 |
WBFLAG_PAM_CACHED_LOGIN |
WBFLAG_PAM_FALLBACK_AFTER_KRB5 |
WBFLAG_PAM_INFO3_TEXT;
diff --git a/source4/nsswitch/winbind_client.h b/source4/nsswitch/winbind_client.h
index 6fafe6a7e3..2a3956e1fd 100644
--- a/source4/nsswitch/winbind_client.h
+++ b/source4/nsswitch/winbind_client.h
@@ -1,16 +1,25 @@
-#include "nsswitch/winbind_nss_config.h"
-#include "nsswitch/winbind_struct_protocol.h"
+#include "winbind_nss_config.h"
+#include "winbind_struct_protocol.h"
-void init_request(struct winbindd_request *req,int rq_type);
-NSS_STATUS winbindd_send_request(int req_type,
+void winbindd_init_request(struct winbindd_request *req,int rq_type);
+void winbindd_free_response(struct winbindd_response *response);
+NSS_STATUS winbindd_send_request(int req_type, int need_priv,
struct winbindd_request *request);
NSS_STATUS winbindd_get_response(struct winbindd_response *response);
-NSS_STATUS winbindd_request(int req_type,
+NSS_STATUS winbindd_request_response(int req_type,
struct winbindd_request *request,
struct winbindd_response *response);
-int winbind_open_pipe_sock(void);
-int write_sock(void *buffer, int count);
-int read_reply(struct winbindd_response *response);
-void close_sock(void);
-void free_response(struct winbindd_response *response);
+NSS_STATUS winbindd_priv_request_response(int req_type,
+ struct winbindd_request *request,
+ struct winbindd_response *response);
+int winbindd_read_reply(struct winbindd_response *response);
+bool winbind_env_set(void);
+bool winbind_off(void);
+bool winbind_on(void);
+
+int winbind_write_sock(void *buffer, int count, int recursing, int need_priv);
+int winbind_read_sock(void *buffer, int count);
+void winbind_close_sock(void);
+
+const char *nss_err_str(NSS_STATUS ret);
diff --git a/source4/nsswitch/winbind_nss.h b/source4/nsswitch/winbind_nss.h
index c4b2951643..0a3bc7cefa 100644
--- a/source4/nsswitch/winbind_nss.h
+++ b/source4/nsswitch/winbind_nss.h
@@ -53,7 +53,15 @@
#include "nsswitch/winbind_nss_hpux.h"
-#else /* Nothing's defined. Neither gnu nor sun nor hp */
+#elif defined(__NetBSD__) && defined(HAVE_GETPWENT_R)
+
+/*
+ * NetBSD 3 and newer
+ */
+
+#include "nsswitch/winbind_nss_netbsd.h"
+
+#else /* Nothing's defined. Neither gnu nor netbsd nor sun nor hp */
typedef enum
{
diff --git a/source4/nsswitch/winbind_nss_config.h b/source4/nsswitch/winbind_nss_config.h
index 9ab3f8ab0c..e0828dc905 100644
--- a/source4/nsswitch/winbind_nss_config.h
+++ b/source4/nsswitch/winbind_nss_config.h
@@ -51,48 +51,6 @@ typedef char pstring[PSTRING_LEN];
typedef char fstring[FSTRING_LEN];
#endif
-#if !defined(uint32)
-#if (SIZEOF_INT == 4)
-#define uint32 unsigned int
-#elif (SIZEOF_LONG == 4)
-#define uint32 unsigned long
-#elif (SIZEOF_SHORT == 4)
-#define uint32 unsigned short
-#endif
-#endif
-
-#if !defined(uint16)
-#if (SIZEOF_SHORT == 4)
-#define uint16 __ERROR___CANNOT_DETERMINE_TYPE_FOR_INT16;
-#else /* SIZEOF_SHORT != 4 */
-#define uint16 unsigned short
-#endif /* SIZEOF_SHORT != 4 */
-#endif
-
-#ifndef uint8
-#define uint8 unsigned char
-#endif
-
-/*
- * check for 8 byte long long
- */
-
-#if !defined(uint64)
-#if (SIZEOF_LONG == 8)
-#define uint64 unsigned long
-#elif (SIZEOF_LONG_LONG == 8)
-#define uint64 unsigned long long
-#endif /* don't lie. If we don't have it, then don't use it */
-#endif
-
-#if !defined(int64)
-#if (SIZEOF_LONG == 8)
-#define int64 long
-#elif (SIZEOF_LONG_LONG == 8)
-#define int64 long long
-#endif /* don't lie. If we don't have it, then don't use it */
-#endif
-
/* Some systems (SCO) treat UNIX domain sockets as FIFOs */
#ifndef S_IFSOCK
@@ -103,9 +61,4 @@ typedef char fstring[FSTRING_LEN];
#define S_ISSOCK(mode) ((mode & S_IFSOCK) == S_IFSOCK)
#endif
-#ifndef HAVE_SOCKLEN_T
-#define HAVE_SOCKLEN_T
-typedef int socklen_t;
-#endif
-
#endif
diff --git a/source4/nsswitch/winbind_nss_irix.h b/source4/nsswitch/winbind_nss_irix.h
index 9752267c0e..b40b14b0b0 100644
--- a/source4/nsswitch/winbind_nss_irix.h
+++ b/source4/nsswitch/winbind_nss_irix.h
@@ -39,8 +39,4 @@ typedef enum
NSS_STATUS_TRYAGAIN=NS_TRYAGAIN
} NSS_STATUS;
-#define NSD_MEM_STATIC 0
-#define NSD_MEM_VOLATILE 1
-#define NSD_MEM_DYNAMIC 2
-
#endif /* _WINBIND_NSS_IRIX_H */
diff --git a/source4/nsswitch/winbind_nss_linux.c b/source4/nsswitch/winbind_nss_linux.c
index 52254b984d..ac53979ced 100644
--- a/source4/nsswitch/winbind_nss_linux.c
+++ b/source4/nsswitch/winbind_nss_linux.c
@@ -19,7 +19,6 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#include "includes.h"
#include "winbind_client.h"
/* Maximum number of users to pass back over the unix domain socket
@@ -29,64 +28,45 @@
#define MAX_GETPWENT_USERS 250
#define MAX_GETGRENT_USERS 250
-_PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void);
-_PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void);
-_PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
+NSS_STATUS _nss_winbind_setpwent(void);
+NSS_STATUS _nss_winbind_endpwent(void);
+NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
size_t buflen, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
+NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
char *buffer, size_t buflen, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name, struct passwd *result,
+NSS_STATUS _nss_winbind_getpwnam_r(const char *name, struct passwd *result,
char *buffer, size_t buflen, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void);
-_PUBLIC_ NSS_STATUS _nss_winbind_endgrent(void);
-_PUBLIC_ NSS_STATUS _nss_winbind_getgrent_r(struct group *result, char *buffer,
+NSS_STATUS _nss_winbind_setgrent(void);
+NSS_STATUS _nss_winbind_endgrent(void);
+NSS_STATUS _nss_winbind_getgrent_r(struct group *result, char *buffer,
size_t buflen, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, char *buffer,
+NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, char *buffer,
size_t buflen, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name, struct group *result,
+NSS_STATUS _nss_winbind_getgrnam_r(const char *name, struct group *result,
char *buffer, size_t buflen, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, struct group *result, char *buffer,
+NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, struct group *result, char *buffer,
size_t buflen, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start,
+NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start,
long int *size, gid_t **groups,
long int limit, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid, char **group_sids,
+NSS_STATUS _nss_winbind_getusersids(const char *user_sid, char **group_sids,
int *num_groups, char *buffer, size_t buf_size,
int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid, char *buffer,
+NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid, char *buffer,
size_t buflen, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, char *buffer,
+NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, char *buffer,
size_t buflen, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
+NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop);
+NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop);
+NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
size_t buflen, int *errnop);
-_PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
+NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
size_t buflen, int *errnop);
/* Prototypes from wb_common.c */
extern int winbindd_fd;
-#ifdef DEBUG_NSS
-static const char *nss_err_str(NSS_STATUS ret) {
- switch (ret) {
- case NSS_STATUS_TRYAGAIN:
- return "NSS_STATUS_TRYAGAIN";
- case NSS_STATUS_SUCCESS:
- return "NSS_STATUS_SUCCESS";
- case NSS_STATUS_NOTFOUND:
- return "NSS_STATUS_NOTFOUND";
- case NSS_STATUS_UNAVAIL:
- return "NSS_STATUS_UNAVAIL";
- case NSS_STATUS_RETURN:
- return "NSS_STATUS_RETURN";
- default:
- return "UNKNOWN RETURN CODE!!!!!!!";
- }
-}
-#endif
-
/* Allocate some space from the nss static buffer. The buffer and buflen
are the pointers passed in by the C library to the _nss_ntdom_*
functions. */
@@ -115,13 +95,13 @@ static char *get_static(char **buffer, size_t *buflen, size_t len)
lib/util_str.c as I really don't want to have to link in any other
objects if I can possibly avoid it. */
-static BOOL next_tok(char **ptr,char *buff,const char *sep, size_t bufsize)
+static bool next_token(char **ptr,char *buff,const char *sep, size_t bufsize)
{
char *s;
- BOOL quoted;
+ bool quoted;
size_t len=1;
- if (!ptr) return(False);
+ if (!ptr) return false;
s = *ptr;
@@ -132,10 +112,10 @@ static BOOL next_tok(char **ptr,char *buff,const char *sep, size_t bufsize)
while (*s && strchr(sep,*s)) s++;
/* nothing left? */
- if (! *s) return(False);
+ if (! *s) return false;
/* copy over the token */
- for (quoted = False; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) {
+ for (quoted = false; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) {
if (*s == '\"') {
quoted = !quoted;
} else {
@@ -147,7 +127,7 @@ static BOOL next_tok(char **ptr,char *buff,const char *sep, size_t bufsize)
*ptr = (*s) ? s+1 : s;
*buff = 0;
- return(True);
+ return true;
}
@@ -169,7 +149,7 @@ static NSS_STATUS fill_pwent(struct passwd *result,
return NSS_STATUS_TRYAGAIN;
}
- strlcpy(result->pw_name, pw->pw_name, strlen(pw->pw_name) + 1);
+ strcpy(result->pw_name, pw->pw_name);
/* Password */
@@ -181,7 +161,7 @@ static NSS_STATUS fill_pwent(struct passwd *result,
return NSS_STATUS_TRYAGAIN;
}
- strlcpy(result->pw_passwd, pw->pw_passwd, strlen(pw->pw_passwd) + 1);
+ strcpy(result->pw_passwd, pw->pw_passwd);
/* [ug]id */
@@ -198,7 +178,7 @@ static NSS_STATUS fill_pwent(struct passwd *result,
return NSS_STATUS_TRYAGAIN;
}
- strlcpy(result->pw_gecos, pw->pw_gecos, strlen(pw->pw_gecos) + 1);
+ strcpy(result->pw_gecos, pw->pw_gecos);
/* Home directory */
@@ -210,7 +190,7 @@ static NSS_STATUS fill_pwent(struct passwd *result,
return NSS_STATUS_TRYAGAIN;
}
- strlcpy(result->pw_dir, pw->pw_dir, strlen(pw->pw_dir) + 1);
+ strcpy(result->pw_dir, pw->pw_dir);
/* Logon shell */
@@ -222,7 +202,7 @@ static NSS_STATUS fill_pwent(struct passwd *result,
return NSS_STATUS_TRYAGAIN;
}
- strlcpy(result->pw_shell, pw->pw_shell, strlen(pw->pw_shell) + 1);
+ strcpy(result->pw_shell, pw->pw_shell);
/* The struct passwd for Solaris has some extra fields which must
be initialised or nscd crashes. */
@@ -259,7 +239,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
return NSS_STATUS_TRYAGAIN;
}
- strlcpy(result->gr_name, gr->gr_name, strlen(gr->gr_name) + 1);
+ strcpy(result->gr_name, gr->gr_name);
/* Password */
@@ -271,7 +251,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
return NSS_STATUS_TRYAGAIN;
}
- strlcpy(result->gr_passwd, gr->gr_passwd, strlen(gr->gr_passwd) + 1);
+ strcpy(result->gr_passwd, gr->gr_passwd);
/* gid */
@@ -310,7 +290,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
i = 0;
- while(next_tok((char **)&gr_mem, name, ",", sizeof(fstring))) {
+ while(next_token((char **)&gr_mem, name, ",", sizeof(fstring))) {
/* Allocate space for member */
@@ -322,7 +302,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
return NSS_STATUS_TRYAGAIN;
}
- strlcpy((result->gr_mem)[i], name, strlen(name) + 1);
+ strcpy((result->gr_mem)[i], name);
i++;
}
@@ -344,7 +324,8 @@ static int num_pw_cache; /* Current size of pwd cache */
/* Rewind "file pointer" to start of ntdom password database */
-_PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void)
+NSS_STATUS
+_nss_winbind_setpwent(void)
{
NSS_STATUS ret;
#ifdef DEBUG_NSS
@@ -353,10 +334,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void)
if (num_pw_cache > 0) {
ndx_pw_cache = num_pw_cache = 0;
- free_response(&getpwent_response);
+ winbindd_free_response(&getpwent_response);
}
- ret = winbindd_request(WINBINDD_SETPWENT, NULL, NULL);
+ ret = winbindd_request_response(WINBINDD_SETPWENT, NULL, NULL);
#ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: setpwent returns %s (%d)\n", getpid(),
nss_err_str(ret), ret);
@@ -366,7 +347,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void)
/* Close ntdom password database "file pointer" */
-_PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void)
+NSS_STATUS
+_nss_winbind_endpwent(void)
{
NSS_STATUS ret;
#ifdef DEBUG_NSS
@@ -375,10 +357,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void)
if (num_pw_cache > 0) {
ndx_pw_cache = num_pw_cache = 0;
- free_response(&getpwent_response);
+ winbindd_free_response(&getpwent_response);
}
- ret = winbindd_request(WINBINDD_ENDPWENT, NULL, NULL);
+ ret = winbindd_request_response(WINBINDD_ENDPWENT, NULL, NULL);
#ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: endpwent returns %s (%d)\n", getpid(),
nss_err_str(ret), ret);
@@ -388,8 +370,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void)
/* Fetch the next password entry from ntdom password database */
-_PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result,
- char *buffer, size_t buflen, int *errnop)
+NSS_STATUS
+_nss_winbind_getpwent_r(struct passwd *result, char *buffer,
+ size_t buflen, int *errnop)
{
NSS_STATUS ret;
struct winbindd_request request;
@@ -409,7 +392,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result,
/* Else call winbindd to get a bunch of entries */
if (num_pw_cache > 0) {
- free_response(&getpwent_response);
+ winbindd_free_response(&getpwent_response);
}
ZERO_STRUCT(request);
@@ -417,7 +400,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result,
request.data.num_entries = MAX_GETPWENT_USERS;
- ret = winbindd_request(WINBINDD_GETPWENT, &request,
+ ret = winbindd_request_response(WINBINDD_GETPWENT, &request,
&getpwent_response);
if (ret == NSS_STATUS_SUCCESS) {
@@ -448,20 +431,20 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result,
/* Out of memory - try again */
if (ret == NSS_STATUS_TRYAGAIN) {
- called_again = True;
+ called_again = true;
*errnop = errno = ERANGE;
goto done;
}
*errnop = errno = 0;
- called_again = False;
+ called_again = false;
ndx_pw_cache++;
/* If we've finished with this lot of results free cache */
if (ndx_pw_cache == num_pw_cache) {
ndx_pw_cache = num_pw_cache = 0;
- free_response(&getpwent_response);
+ winbindd_free_response(&getpwent_response);
}
}
done:
@@ -474,8 +457,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result,
/* Return passwd struct from uid */
-_PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
- char *buffer, size_t buflen, int *errnop)
+NSS_STATUS
+_nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer,
+ size_t buflen, int *errnop)
{
NSS_STATUS ret;
static struct winbindd_response response;
@@ -496,14 +480,14 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
request.data.uid = uid;
- ret = winbindd_request(WINBINDD_GETPWUID, &request, &response);
+ ret = winbindd_request_response(WINBINDD_GETPWUID, &request, &response);
if (ret == NSS_STATUS_SUCCESS) {
ret = fill_pwent(result, &response.data.pw,
&buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
@@ -516,16 +500,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
- keep_response = False;
+ keep_response = false;
*errnop = errno = 0;
}
- free_response(&response);
+ winbindd_free_response(&response);
done:
#ifdef DEBUG_NSS
@@ -536,8 +520,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
}
/* Return passwd struct from username */
-_PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name,
- struct passwd *result, char *buffer, size_t buflen, int *errnop)
+NSS_STATUS
+_nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer,
+ size_t buflen, int *errnop)
{
NSS_STATUS ret;
static struct winbindd_response response;
@@ -562,14 +547,14 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name,
request.data.username
[sizeof(request.data.username) - 1] = '\0';
- ret = winbindd_request(WINBINDD_GETPWNAM, &request, &response);
+ ret = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response);
if (ret == NSS_STATUS_SUCCESS) {
ret = fill_pwent(result, &response.data.pw, &buffer,
&buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
@@ -582,16 +567,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name,
ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
- keep_response = False;
+ keep_response = false;
*errnop = errno = 0;
}
- free_response(&response);
+ winbindd_free_response(&response);
done:
#ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: getpwnam %s returns %s (%d)\n", getpid(),
@@ -611,7 +596,8 @@ static int num_gr_cache; /* Current size of grp cache */
/* Rewind "file pointer" to start of ntdom group database */
-_PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void)
+NSS_STATUS
+_nss_winbind_setgrent(void)
{
NSS_STATUS ret;
#ifdef DEBUG_NSS
@@ -620,10 +606,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void)
if (num_gr_cache > 0) {
ndx_gr_cache = num_gr_cache = 0;
- free_response(&getgrent_response);
+ winbindd_free_response(&getgrent_response);
}
- ret = winbindd_request(WINBINDD_SETGRENT, NULL, NULL);
+ ret = winbindd_request_response(WINBINDD_SETGRENT, NULL, NULL);
#ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: setgrent returns %s (%d)\n", getpid(),
nss_err_str(ret), ret);
@@ -633,7 +619,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void)
/* Close "file pointer" for ntdom group database */
-_PUBLIC_ NSS_STATUS _nss_winbind_endgrent(void)
+NSS_STATUS
+_nss_winbind_endgrent(void)
{
NSS_STATUS ret;
#ifdef DEBUG_NSS
@@ -642,10 +629,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_endgrent(void)
if (num_gr_cache > 0) {
ndx_gr_cache = num_gr_cache = 0;
- free_response(&getgrent_response);
+ winbindd_free_response(&getgrent_response);
}
- ret = winbindd_request(WINBINDD_ENDGRENT, NULL, NULL);
+ ret = winbindd_request_response(WINBINDD_ENDGRENT, NULL, NULL);
#ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: endgrent returns %s (%d)\n", getpid(),
nss_err_str(ret), ret);
@@ -679,7 +666,7 @@ winbind_getgrent(enum winbindd_cmd cmd,
/* Else call winbindd to get a bunch of entries */
if (num_gr_cache > 0) {
- free_response(&getgrent_response);
+ winbindd_free_response(&getgrent_response);
}
ZERO_STRUCT(request);
@@ -687,7 +674,7 @@ winbind_getgrent(enum winbindd_cmd cmd,
request.data.num_entries = MAX_GETGRENT_USERS;
- ret = winbindd_request(cmd, &request,
+ ret = winbindd_request_response(cmd, &request,
&getgrent_response);
if (ret == NSS_STATUS_SUCCESS) {
@@ -727,20 +714,20 @@ winbind_getgrent(enum winbindd_cmd cmd,
/* Out of memory - try again */
if (ret == NSS_STATUS_TRYAGAIN) {
- called_again = True;
+ called_again = true;
*errnop = errno = ERANGE;
goto done;
}
*errnop = 0;
- called_again = False;
+ called_again = false;
ndx_gr_cache++;
/* If we've finished with this lot of results free cache */
if (ndx_gr_cache == num_gr_cache) {
ndx_gr_cache = num_gr_cache = 0;
- free_response(&getgrent_response);
+ winbindd_free_response(&getgrent_response);
}
}
done:
@@ -752,13 +739,15 @@ winbind_getgrent(enum winbindd_cmd cmd,
}
-_PUBLIC_ NSS_STATUS _nss_winbind_getgrent_r(struct group *result,
+NSS_STATUS
+_nss_winbind_getgrent_r(struct group *result,
char *buffer, size_t buflen, int *errnop)
{
return winbind_getgrent(WINBINDD_GETGRENT, result, buffer, buflen, errnop);
}
-_PUBLIC_ NSS_STATUS _nss_winbind_getgrlst_r(struct group *result,
+NSS_STATUS
+_nss_winbind_getgrlst_r(struct group *result,
char *buffer, size_t buflen, int *errnop)
{
return winbind_getgrent(WINBINDD_GETGRLST, result, buffer, buflen, errnop);
@@ -766,7 +755,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrlst_r(struct group *result,
/* Return group struct from group name */
-_PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name,
+NSS_STATUS
+_nss_winbind_getgrnam_r(const char *name,
struct group *result, char *buffer,
size_t buflen, int *errnop)
{
@@ -793,7 +783,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name,
request.data.groupname
[sizeof(request.data.groupname) - 1] = '\0';
- ret = winbindd_request(WINBINDD_GETGRNAM, &request, &response);
+ ret = winbindd_request_response(WINBINDD_GETGRNAM, &request, &response);
if (ret == NSS_STATUS_SUCCESS) {
ret = fill_grent(result, &response.data.gr,
@@ -801,7 +791,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name,
&buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
@@ -816,16 +806,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name,
&buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
- keep_response = False;
+ keep_response = false;
*errnop = 0;
}
- free_response(&response);
+ winbindd_free_response(&response);
done:
#ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: getgrnam %s returns %s (%d)\n", getpid(),
@@ -836,7 +826,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name,
/* Return group struct from gid */
-_PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid,
+NSS_STATUS
+_nss_winbind_getgrgid_r(gid_t gid,
struct group *result, char *buffer,
size_t buflen, int *errnop)
{
@@ -860,7 +851,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid,
request.data.gid = gid;
- ret = winbindd_request(WINBINDD_GETGRGID, &request, &response);
+ ret = winbindd_request_response(WINBINDD_GETGRGID, &request, &response);
if (ret == NSS_STATUS_SUCCESS) {
@@ -869,7 +860,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid,
&buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
@@ -884,16 +875,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid,
&buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
- keep_response = False;
+ keep_response = false;
*errnop = 0;
}
- free_response(&response);
+ winbindd_free_response(&response);
done:
#ifdef DEBUG_NSS
fprintf(stderr, "[%5d]: getgrgid %d returns %s (%d)\n", getpid(),
@@ -904,9 +895,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid,
/* Initialise supplementary groups */
-_PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group,
- long int *start, long int *size, gid_t **groups,
- long int limit, int *errnop)
+NSS_STATUS
+_nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start,
+ long int *size, gid_t **groups, long int limit,
+ int *errnop)
{
NSS_STATUS ret;
struct winbindd_request request;
@@ -924,7 +916,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group,
strncpy(request.data.username, user,
sizeof(request.data.username) - 1);
- ret = winbindd_request(WINBINDD_GETGROUPS, &request, &response);
+ ret = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response);
if (ret == NSS_STATUS_SUCCESS) {
int num_gids = response.data.num_entries;
@@ -1003,9 +995,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group,
/* return a list of group SIDs for a user SID */
-_PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid,
- char **group_sids, int *num_groups,
- char *buffer, size_t buf_size, int *errnop)
+NSS_STATUS
+_nss_winbind_getusersids(const char *user_sid, char **group_sids,
+ int *num_groups,
+ char *buffer, size_t buf_size, int *errnop)
{
NSS_STATUS ret;
struct winbindd_request request;
@@ -1021,7 +1014,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid,
strncpy(request.data.sid, user_sid,sizeof(request.data.sid) - 1);
request.data.sid[sizeof(request.data.sid) - 1] = '\0';
- ret = winbindd_request(WINBINDD_GETUSERSIDS, &request, &response);
+ ret = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response);
if (ret != NSS_STATUS_SUCCESS) {
goto done;
@@ -1039,14 +1032,15 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid,
errno = *errnop = 0;
done:
- free_response(&response);
+ winbindd_free_response(&response);
return ret;
}
/* map a user or group name to a SID string */
-_PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid,
- char *buffer, size_t buflen, int *errnop)
+NSS_STATUS
+_nss_winbind_nametosid(const char *name, char **sid, char *buffer,
+ size_t buflen, int *errnop)
{
NSS_STATUS ret;
struct winbindd_response response;
@@ -1063,7 +1057,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid,
sizeof(request.data.name.name) - 1);
request.data.name.name[sizeof(request.data.name.name) - 1] = '\0';
- ret = winbindd_request(WINBINDD_LOOKUPNAME, &request, &response);
+ ret = winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response);
if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL;
goto failed;
@@ -1077,16 +1071,17 @@ _PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid,
*errnop = errno = 0;
*sid = buffer;
- strlcpy(*sid, response.data.sid.sid, strlen(response.data.sid.sid) + 1);
+ strcpy(*sid, response.data.sid.sid);
failed:
- free_response(&response);
+ winbindd_free_response(&response);
return ret;
}
/* map a sid string to a user or group name */
-_PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name,
- char *buffer, size_t buflen, int *errnop)
+NSS_STATUS
+_nss_winbind_sidtoname(const char *sid, char **name, char *buffer,
+ size_t buflen, int *errnop)
{
NSS_STATUS ret;
struct winbindd_response response;
@@ -1103,14 +1098,14 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name,
/* we need to fetch the separator first time through */
if (!sep_char) {
- ret = winbindd_request(WINBINDD_INFO, &request, &response);
+ ret = winbindd_request_response(WINBINDD_INFO, &request, &response);
if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL;
goto failed;
}
sep_char = response.data.info.winbind_separator;
- free_response(&response);
+ winbindd_free_response(&response);
}
@@ -1118,7 +1113,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name,
sizeof(request.data.sid) - 1);
request.data.sid[sizeof(request.data.sid) - 1] = '\0';
- ret = winbindd_request(WINBINDD_LOOKUPSID, &request, &response);
+ ret = winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response);
if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL;
goto failed;
@@ -1143,13 +1138,13 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name,
*errnop = errno = 0;
failed:
- free_response(&response);
+ winbindd_free_response(&response);
return ret;
}
/* map a sid to a uid */
-_PUBLIC_ NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid,
- int *errnop)
+NSS_STATUS
+_nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop)
{
NSS_STATUS ret;
struct winbindd_response response;
@@ -1165,7 +1160,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid,
strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1);
request.data.sid[sizeof(request.data.sid) - 1] = '\0';
- ret = winbindd_request(WINBINDD_SID_TO_UID, &request, &response);
+ ret = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response);
if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL;
goto failed;
@@ -1178,8 +1173,8 @@ failed:
}
/* map a sid to a gid */
-_PUBLIC_ NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid,
- int *errnop)
+NSS_STATUS
+_nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop)
{
NSS_STATUS ret;
struct winbindd_response response;
@@ -1195,7 +1190,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid,
strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1);
request.data.sid[sizeof(request.data.sid) - 1] = '\0';
- ret = winbindd_request(WINBINDD_SID_TO_GID, &request, &response);
+ ret = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response);
if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL;
goto failed;
@@ -1208,7 +1203,8 @@ failed:
}
/* map a uid to a SID string */
-_PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
+NSS_STATUS
+_nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
size_t buflen, int *errnop)
{
NSS_STATUS ret;
@@ -1224,7 +1220,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
request.data.uid = uid;
- ret = winbindd_request(WINBINDD_UID_TO_SID, &request, &response);
+ ret = winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response);
if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL;
goto failed;
@@ -1238,15 +1234,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer,
*errnop = errno = 0;
*sid = buffer;
- strlcpy(*sid, response.data.sid.sid, strlen(response.data.sid.sid) + 1);
+ strcpy(*sid, response.data.sid.sid);
failed:
- free_response(&response);
+ winbindd_free_response(&response);
return ret;
}
/* map a gid to a SID string */
-_PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
+NSS_STATUS
+_nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
size_t buflen, int *errnop)
{
NSS_STATUS ret;
@@ -1262,7 +1259,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
request.data.gid = gid;
- ret = winbindd_request(WINBINDD_GID_TO_SID, &request, &response);
+ ret = winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response);
if (ret != NSS_STATUS_SUCCESS) {
*errnop = errno = EINVAL;
goto failed;
@@ -1276,9 +1273,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer,
*errnop = errno = 0;
*sid = buffer;
- strlcpy(*sid, response.data.sid.sid, strlen(response.data.sid.sid) + 1);
+ strcpy(*sid, response.data.sid.sid);
failed:
- free_response(&response);
+ winbindd_free_response(&response);
return ret;
}
diff --git a/source4/nsswitch/winbind_nss_solaris.h b/source4/nsswitch/winbind_nss_solaris.h
index 1c694394d3..84062dbab4 100644
--- a/source4/nsswitch/winbind_nss_solaris.h
+++ b/source4/nsswitch/winbind_nss_solaris.h
@@ -22,7 +22,33 @@
#ifndef _WINBIND_NSS_SOLARIS_H
#define _WINBIND_NSS_SOLARIS_H
+/* Solaris has a broken nss_common header file containing C++ reserved names. */
+#ifndef __cplusplus
+#undef class
+#undef private
+#undef public
+#undef protected
+#undef template
+#undef this
+#undef new
+#undef delete
+#undef friend
+#endif
+
#include <nss_common.h>
+
+#ifndef __cplusplus
+#define class #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
+#define private #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
+#define public #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
+#define protected #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
+#define template #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
+#define this #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
+#define new #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
+#define delete #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
+#define friend #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
+#endif
+
#include <nss_dbdefs.h>
#include <nsswitch.h>
diff --git a/source4/nsswitch/winbind_struct_protocol.h b/source4/nsswitch/winbind_struct_protocol.h
index 724b830604..645534b836 100644
--- a/source4/nsswitch/winbind_struct_protocol.h
+++ b/source4/nsswitch/winbind_struct_protocol.h
@@ -11,15 +11,6 @@
products. You do not need to give any attribution.
*/
-
-#ifndef CONST_DISCARD
-#define CONST_DISCARD(type, ptr) ((type) ((void *) (ptr)))
-#endif
-
-#ifndef CONST_ADD
-#define CONST_ADD(type, ptr) ((type) ((const void *) (ptr)))
-#endif
-
#ifndef SAFE_FREE
#define SAFE_FREE(x) do { if(x) {free(x); x=NULL;} } while(0)
#endif
@@ -36,28 +27,28 @@
#define WINBINDD_SOCKET_DIR "/tmp/.winbindd" /* Name of PF_UNIX dir */
#endif
+/*
+ * when compiled with socket_wrapper support
+ * the location of the WINBINDD_SOCKET_DIR
+ * can be overwritten via an environment variable
+ */
+#define WINBINDD_SOCKET_DIR_ENVVAR "WINBINDD_SOCKET_DIR"
+
#define WINBINDD_PRIV_SOCKET_SUBDIR "winbindd_privileged" /* name of subdirectory of lp_lockdir() to hold the 'privileged' pipe */
#define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN" /* Environment variables */
#define WINBINDD_DONT_ENV "_NO_WINBINDD"
-
-#ifdef SOCKET_WRAPPER
-#define WINBINDD_SOCKET_DIR_ENV "WINBINDD_SOCKET_DIR"
-#endif
+#define WINBINDD_LOCATOR_KDC_ADDRESS "WINBINDD_LOCATOR_KDC_ADDRESS"
/* Update this when you change the interface. */
-#define WINBIND_INTERFACE_VERSION 18
+#define WINBIND_INTERFACE_VERSION 19
/* Have to deal with time_t being 4 or 8 bytes due to structure alignment.
On a 64bit Linux box, we have to support a constant structure size
between /lib/libnss_winbind.so.2 and /li64/libnss_winbind.so.2.
The easiest way to do this is to always use 8byte values for time_t. */
-#if defined(int64)
-# define SMB_TIME_T int64
-#else
-# define SMB_TIME_T time_t
-#endif
+#define SMB_TIME_T int64_t
/* Socket commands */
@@ -104,7 +95,7 @@ enum winbindd_cmd {
/* Lookup functions */
- WINBINDD_SID_TO_UID,
+ WINBINDD_SID_TO_UID,
WINBINDD_SID_TO_GID,
WINBINDD_SIDS_TO_XIDS,
WINBINDD_UID_TO_SID,
@@ -127,6 +118,7 @@ enum winbindd_cmd {
WINBINDD_DOMAIN_INFO, /* Most of what we know from
struct winbindd_domain */
WINBINDD_GETDCNAME, /* Issue a GetDCName Request */
+ WINBINDD_DSGETDCNAME, /* Issue a DsGetDCName Request */
WINBINDD_SHOW_SEQUENCE, /* display sequence numbers of domains */
@@ -194,30 +186,31 @@ typedef struct winbindd_gr {
fstring gr_name;
fstring gr_passwd;
gid_t gr_gid;
- uint32 num_gr_mem;
- uint32 gr_mem_ofs; /* offset to group membership */
+ uint32_t num_gr_mem;
+ uint32_t gr_mem_ofs; /* offset to group membership */
} WINBINDD_GR;
-
-#define WBFLAG_PAM_INFO3_NDR 0x0001
-#define WBFLAG_PAM_INFO3_TEXT 0x0002
-#define WBFLAG_PAM_USER_SESSION_KEY 0x0004
-#define WBFLAG_PAM_LMKEY 0x0008
-#define WBFLAG_PAM_CONTACT_TRUSTDOM 0x0010
-#define WBFLAG_QUERY_ONLY 0x0020
-#define WBFLAG_PAM_UNIX_NAME 0x0080
-#define WBFLAG_PAM_AFS_TOKEN 0x0100
-#define WBFLAG_PAM_NT_STATUS_SQUASH 0x0200
-
+/* PAM specific request flags */
+#define WBFLAG_PAM_INFO3_NDR 0x00000001
+#define WBFLAG_PAM_INFO3_TEXT 0x00000002
+#define WBFLAG_PAM_USER_SESSION_KEY 0x00000004
+#define WBFLAG_PAM_LMKEY 0x00000008
+#define WBFLAG_PAM_CONTACT_TRUSTDOM 0x00000010
+#define WBFLAG_PAM_UNIX_NAME 0x00000080
+#define WBFLAG_PAM_AFS_TOKEN 0x00000100
+#define WBFLAG_PAM_NT_STATUS_SQUASH 0x00000200
+#define WBFLAG_PAM_KRB5 0x00001000
+#define WBFLAG_PAM_FALLBACK_AFTER_KRB5 0x00002000
+#define WBFLAG_PAM_CACHED_LOGIN 0x00004000
+#define WBFLAG_PAM_GET_PWD_POLICY 0x00008000 /* not used */
+
+/* generic request flags */
+#define WBFLAG_QUERY_ONLY 0x00000020 /* not used */
/* This is a flag that can only be sent from parent to child */
-#define WBFLAG_IS_PRIVILEGED 0x0400
+#define WBFLAG_IS_PRIVILEGED 0x00000400 /* not used */
/* Flag to say this is a winbindd internal send - don't recurse. */
-#define WBFLAG_RECURSE 0x0800
+#define WBFLAG_RECURSE 0x00000800
-#define WBFLAG_PAM_KRB5 0x1000
-#define WBFLAG_PAM_FALLBACK_AFTER_KRB5 0x2000
-#define WBFLAG_PAM_CACHED_LOGIN 0x4000
-#define WBFLAG_PAM_GET_PWD_POLICY 0x8000 /* not used */
#define WINBINDD_MAX_EXTRA_DATA (128*1024)
@@ -232,12 +225,13 @@ typedef struct winbindd_gr {
******************************************************************************/
struct winbindd_request {
- uint32 length;
+ uint32_t length;
enum winbindd_cmd cmd; /* Winbindd command to execute */
enum winbindd_cmd original_cmd; /* Original Winbindd command
issued to parent process */
pid_t pid; /* pid of calling process */
- uint32 flags; /* flags relavant to a given request */
+ uint32_t wb_flags; /* generic flags */
+ uint32_t flags; /* flags relevant *only* to a given request */
fstring domain_name; /* name of domain for which the request applies */
union {
@@ -257,14 +251,14 @@ struct winbindd_request {
uid_t uid;
} auth; /* pam_winbind auth module */
struct {
- unsigned char chal[8];
- uint32 logon_parameters;
+ uint8_t chal[8];
+ uint32_t logon_parameters;
fstring user;
fstring domain;
fstring lm_resp;
- uint32 lm_resp_len;
+ uint32_t lm_resp_len;
fstring nt_resp;
- uint32 nt_resp_len;
+ uint32_t nt_resp_len;
fstring workstation;
fstring require_membership_of_sid;
} auth_crap;
@@ -276,14 +270,14 @@ struct winbindd_request {
struct {
fstring user;
fstring domain;
- unsigned char new_nt_pswd[516];
- uint16 new_nt_pswd_len;
- unsigned char old_nt_hash_enc[16];
- uint16 old_nt_hash_enc_len;
- unsigned char new_lm_pswd[516];
- uint16 new_lm_pswd_len;
- unsigned char old_lm_hash_enc[16];
- uint16 old_lm_hash_enc_len;
+ uint8_t new_nt_pswd[516];
+ uint16_t new_nt_pswd_len;
+ uint8_t old_nt_hash_enc[16];
+ uint16_t old_nt_hash_enc_len;
+ uint8_t new_lm_pswd[516];
+ uint16_t new_lm_pswd_len;
+ uint8_t old_lm_hash_enc[16];
+ uint16_t old_lm_hash_enc_len;
} chng_pswd_auth_crap;/* pam_winbind passwd module */
struct {
fstring user;
@@ -295,7 +289,7 @@ struct winbindd_request {
fstring dom_name; /* lookupname */
fstring name;
} name;
- uint32 num_entries; /* getpwent, getgrent */
+ uint32_t num_entries; /* getpwent, getgrent */
struct {
fstring username;
fstring groupname;
@@ -310,8 +304,8 @@ struct winbindd_request {
} dual_sid2id;
struct {
fstring sid;
- uint32 type;
- uint32 id;
+ uint32_t type;
+ uint32_t id;
} dual_idmapset;
bool list_all_domains;
@@ -324,8 +318,8 @@ struct winbindd_request {
produce an actual challenge response. It merely
succeeds if there are cached credentials available
that could be used. */
- uint32 initial_blob_len; /* blobs in extra_data */
- uint32 challenge_blob_len;
+ uint32_t initial_blob_len; /* blobs in extra_data */
+ uint32_t challenge_blob_len;
} ccache_ntlm_auth;
/* padding -- needed to fix alignment between 32bit and 64bit libs.
@@ -338,7 +332,7 @@ struct winbindd_request {
SMB_TIME_T padding;
char *data;
} extra_data;
- uint32 extra_len;
+ uint32_t extra_len;
char null_term;
};
@@ -364,7 +358,7 @@ struct winbindd_response {
/* Header information */
- uint32 length; /* Length of response */
+ uint32_t length; /* Length of response */
enum winbindd_result result; /* Result code */
/* Fixed length return data */
@@ -382,14 +376,14 @@ struct winbindd_response {
struct winbindd_gr gr;
- uint32 num_entries; /* getpwent, getgrent */
+ uint32_t num_entries; /* getpwent, getgrent */
struct winbindd_sid {
fstring sid; /* lookupname, [ug]id_to_sid */
int type;
} sid;
struct winbindd_name {
fstring dom_name; /* lookupsid */
- fstring name;
+ fstring name;
int type;
} name;
uid_t uid; /* sid_to_uid */
@@ -403,20 +397,20 @@ struct winbindd_response {
fstring dc_name;
struct auth_reply {
- uint32 nt_status;
+ uint32_t nt_status;
fstring nt_status_string;
fstring error_string;
int pam_error;
char user_session_key[16];
char first_8_lm_hash[8];
fstring krb5ccname;
- uint32 reject_reason;
- uint32 padding;
+ uint32_t reject_reason;
+ uint32_t padding;
struct policy_settings {
- uint32 min_length_password;
- uint32 password_history;
- uint32 password_properties;
- uint32 padding;
+ uint32_t min_length_password;
+ uint32_t password_history;
+ uint32_t password_properties;
+ uint32_t padding;
SMB_TIME_T expire;
SMB_TIME_T min_passwordage;
} policy;
@@ -427,14 +421,14 @@ struct winbindd_response {
SMB_TIME_T pass_last_set_time;
SMB_TIME_T pass_can_change_time;
SMB_TIME_T pass_must_change_time;
- uint32 logon_count;
- uint32 bad_pw_count;
- uint32 user_rid;
- uint32 group_rid;
- uint32 num_groups;
- uint32 user_flgs;
- uint32 acct_flags;
- uint32 num_other_sids;
+ uint32_t logon_count;
+ uint32_t bad_pw_count;
+ uint32_t user_rid;
+ uint32_t group_rid;
+ uint32_t num_groups;
+ uint32_t user_flgs;
+ uint32_t acct_flags;
+ uint32_t num_other_sids;
fstring dom_sid;
fstring user_name;
fstring full_name;
@@ -453,18 +447,18 @@ struct winbindd_response {
bool native_mode;
bool active_directory;
bool primary;
- uint32 sequence_number;
+ uint32_t sequence_number;
} domain_info;
struct {
fstring acct_name;
fstring full_name;
fstring homedir;
fstring shell;
- uint32 primary_gid;
- uint32 group_rid;
+ uint32_t primary_gid;
+ uint32_t group_rid;
} user_info;
struct {
- uint32 auth_blob_len; /* blob in extra_data */
+ uint32_t auth_blob_len; /* blob in extra_data */
} ccache_ntlm_auth;
} data;
@@ -482,8 +476,8 @@ struct WINBINDD_MEMORY_CREDS {
uid_t uid;
int ref_count;
size_t len;
- unsigned char *nt_hash; /* Base pointer for the following 2 */
- unsigned char *lm_hash;
+ uint8_t *nt_hash; /* Base pointer for the following 2 */
+ uint8_t *lm_hash;
char *pass;
};