summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/nsswitch/common.c56
-rw-r--r--source3/nsswitch/winbindd_nss.h156
2 files changed, 157 insertions, 55 deletions
diff --git a/source3/nsswitch/common.c b/source3/nsswitch/common.c
index 9719f07385..f93c0e0d11 100644
--- a/source3/nsswitch/common.c
+++ b/source3/nsswitch/common.c
@@ -242,7 +242,7 @@ static int read_sock(void *buffer, int count)
int read_reply(struct winbindd_response *response)
{
- int result1, result2;
+ int result1, result2 = 0;
if (!response) {
return -1;
@@ -270,7 +270,6 @@ int read_reply(struct winbindd_response *response)
if ((result2 = read_sock(response->extra_data, extra_data_len))
== -1) {
-
return -1;
}
}
@@ -280,3 +279,56 @@ int read_reply(struct winbindd_response *response)
return result1 + result2;
}
+/* Free a response structure */
+
+void free_response(struct winbindd_response *response)
+{
+ /* Free any allocated extra_data */
+
+ if (response && response->extra_data) {
+ free(response->extra_data);
+ }
+}
+
+/* Handle simple types of requests */
+
+enum nss_status generic_request(int req_type,
+ struct winbindd_request *request,
+ struct winbindd_response *response)
+{
+ struct winbindd_request lrequest;
+ struct winbindd_response lresponse;
+
+ /* Check for our tricky environment variable */
+
+ if (getenv(WINBINDD_DONT_ENV)) {
+ return NSS_STATUS_NOTFOUND;
+ }
+
+ if (!response) response = &lresponse;
+ if (!request) request = &lrequest;
+
+ /* Fill in request and send down pipe */
+ init_request(request, req_type);
+
+ if (write_sock(request, sizeof(*request)) == -1) {
+ return NSS_STATUS_UNAVAIL;
+ }
+
+ /* Wait for reply */
+ if (read_reply(response) == -1) {
+ return NSS_STATUS_UNAVAIL;
+ }
+
+ /* Throw away extra data if client didn't request it */
+ if (response == &lresponse) {
+ free_response(response);
+ }
+
+ /* Copy reply data from socket */
+ if (response->result != WINBINDD_OK) {
+ return NSS_STATUS_NOTFOUND;
+ }
+
+ return NSS_STATUS_SUCCESS;
+}
diff --git a/source3/nsswitch/winbindd_nss.h b/source3/nsswitch/winbindd_nss.h
index 0cf16e9666..82f55661e9 100644
--- a/source3/nsswitch/winbindd_nss.h
+++ b/source3/nsswitch/winbindd_nss.h
@@ -27,22 +27,59 @@
#define WINBINDD_SOCKET_NAME "pipe" /* Name of PF_UNIX socket */
#define WINBINDD_SOCKET_DIR "/tmp/.winbindd" /* Name of PF_UNIX dir */
-#define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN" /* Environment variable */
+#define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN" /* Environment variables */
+#define WINBINDD_DONT_ENV "_NO_WINBINDD"
/* Socket commands */
enum winbindd_cmd {
- WINBINDD_GETPWNAM_FROM_USER, /* getpwnam stuff */
- WINBINDD_GETPWNAM_FROM_UID,
- WINBINDD_GETGRNAM_FROM_GROUP, /* getgrnam stuff */
- WINBINDD_GETGRNAM_FROM_GID,
- WINBINDD_SETPWENT, /* get/set/endpwent */
- WINBINDD_ENDPWENT,
- WINBINDD_GETPWENT,
- WINBINDD_SETGRENT, /* get/set/endgrent */
- WINBINDD_ENDGRENT,
- WINBINDD_GETGRENT,
- WINBINDD_PAM_AUTH
+
+ /* Get users and groups */
+
+ WINBINDD_GETPWNAM_FROM_USER,
+ WINBINDD_GETPWNAM_FROM_UID,
+ WINBINDD_GETGRNAM_FROM_GROUP,
+ WINBINDD_GETGRNAM_FROM_GID,
+
+ /* Enumerate users and groups */
+
+ WINBINDD_SETPWENT,
+ WINBINDD_ENDPWENT,
+ WINBINDD_GETPWENT,
+ WINBINDD_SETGRENT,
+ WINBINDD_ENDGRENT,
+ WINBINDD_GETGRENT,
+
+ /* PAM authenticate and password change */
+
+ WINBINDD_PAM_AUTH,
+ WINBINDD_PAM_CHAUTHTOK,
+
+ /* List various things */
+
+ WINBINDD_LIST_USERS, /* List w/o rid->id mapping */
+ WINBINDD_LIST_GROUPS, /* Ditto */
+ WINBINDD_LIST_TRUSTDOM,
+
+ /* SID conversion */
+
+ WINBINDD_LOOKUPSID,
+ WINBINDD_LOOKUPNAME,
+
+ /* S*RS functions */
+
+ WINBINDD_SID_TO_UID,
+ WINBINDD_SID_TO_GID,
+ WINBINDD_UID_TO_SID,
+ WINBINDD_GID_TO_SID,
+
+ /* Miscellaneous other stuff */
+
+ WINBINDD_CHECK_MACHACC, /* Check machine account pw works */
+
+ /* Placeholder for end of cmd list */
+
+ WINBINDD_NUM_CMDS
};
/* Winbind request structure */
@@ -52,15 +89,21 @@ struct winbindd_request {
pid_t pid; /* pid of calling process */
union {
- fstring username; /* getpwnam() */
- fstring groupname; /* getgrnam() */
- uid_t uid; /* getpwuid() */
- gid_t gid; /* getgrgid() */
+ fstring username; /* getpwnam */
+ fstring groupname; /* getgrnam */
+ uid_t uid; /* getpwuid, uid_to_sid */
+ gid_t gid; /* getgrgid, gid_to_sid */
struct {
- /* the following is used by pam_winbind */
fstring user;
fstring pass;
- } auth;
+ } auth; /* pam_winbind auth module */
+ struct {
+ fstring user;
+ fstring oldpass;
+ fstring newpass;
+ } chauthtok; /* pam_winbind passwd module */
+ fstring sid; /* lookupsid, sid_to_[ug]id */
+ fstring name; /* lookupname */
} data;
fstring domain; /* {set,get,end}{pw,gr}ent() */
};
@@ -68,51 +111,58 @@ struct winbindd_request {
/* Response values */
enum winbindd_result {
- WINBINDD_ERROR,
- WINBINDD_OK
+ WINBINDD_ERROR,
+ WINBINDD_OK
};
/* Winbind response structure */
struct winbindd_response {
- /* Header information */
-
- int length; /* Length of response */
- enum winbindd_result result; /* Result code */
-
- /* Fixed length return data */
+ /* Header information */
- union {
-
- /* getpwnam, getpwuid, getpwent */
+ int length; /* Length of response */
+ enum winbindd_result result; /* Result code */
- struct winbindd_pw {
- fstring pw_name;
- fstring pw_passwd;
- uid_t pw_uid;
- gid_t pw_gid;
- fstring pw_gecos;
- fstring pw_dir;
- fstring pw_shell;
- int pwent_ndx;
- } pw;
-
- /* getgrnam, getgrgid, getgrent */
-
- struct winbindd_gr {
- fstring gr_name;
- fstring gr_passwd;
- gid_t gr_gid;
- int num_gr_mem;
- int grent_ndx;
- } gr;
-
- } data;
+ /* Fixed length return data */
+
+ union {
+
+ /* getpwnam, getpwuid, getpwent */
+
+ struct winbindd_pw {
+ fstring pw_name;
+ fstring pw_passwd;
+ uid_t pw_uid;
+ gid_t pw_gid;
+ fstring pw_gecos;
+ fstring pw_dir;
+ fstring pw_shell;
+ int pwent_ndx;
+ } pw;
+
+ /* getgrnam, getgrgid, getgrent */
+
+ struct winbindd_gr {
+ fstring gr_name;
+ fstring gr_passwd;
+ gid_t gr_gid;
+ int num_gr_mem;
+ int grent_ndx;
+ } gr;
+
+ fstring sid; /* lookupname, [ug]id_to_sid */
+ struct {
+ fstring name; /* lookupsid */
+ int type;
+ } name;
+ uid_t uid; /* sid_to_uid */
+ gid_t gid; /* sid_to_gid */
+ } data;
- /* Variable length return data */
+ /* Variable length return data */
- void *extra_data; /* getgrnam, getgrgid, getgrent */
+ void *extra_data; /* getgrnam, getgrgid, getgrent */
};
#endif