diff options
-rw-r--r-- | source3/nsswitch/common.c | 56 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_nss.h | 156 |
2 files changed, 157 insertions, 55 deletions
diff --git a/source3/nsswitch/common.c b/source3/nsswitch/common.c index 9719f07385..f93c0e0d11 100644 --- a/source3/nsswitch/common.c +++ b/source3/nsswitch/common.c @@ -242,7 +242,7 @@ static int read_sock(void *buffer, int count) int read_reply(struct winbindd_response *response) { - int result1, result2; + int result1, result2 = 0; if (!response) { return -1; @@ -270,7 +270,6 @@ int read_reply(struct winbindd_response *response) if ((result2 = read_sock(response->extra_data, extra_data_len)) == -1) { - return -1; } } @@ -280,3 +279,56 @@ int read_reply(struct winbindd_response *response) return result1 + result2; } +/* Free a response structure */ + +void free_response(struct winbindd_response *response) +{ + /* Free any allocated extra_data */ + + if (response && response->extra_data) { + free(response->extra_data); + } +} + +/* Handle simple types of requests */ + +enum nss_status generic_request(int req_type, + struct winbindd_request *request, + struct winbindd_response *response) +{ + struct winbindd_request lrequest; + struct winbindd_response lresponse; + + /* Check for our tricky environment variable */ + + if (getenv(WINBINDD_DONT_ENV)) { + return NSS_STATUS_NOTFOUND; + } + + if (!response) response = &lresponse; + if (!request) request = &lrequest; + + /* Fill in request and send down pipe */ + init_request(request, req_type); + + if (write_sock(request, sizeof(*request)) == -1) { + return NSS_STATUS_UNAVAIL; + } + + /* Wait for reply */ + if (read_reply(response) == -1) { + return NSS_STATUS_UNAVAIL; + } + + /* Throw away extra data if client didn't request it */ + if (response == &lresponse) { + free_response(response); + } + + /* Copy reply data from socket */ + if (response->result != WINBINDD_OK) { + return NSS_STATUS_NOTFOUND; + } + + return NSS_STATUS_SUCCESS; +} diff --git a/source3/nsswitch/winbindd_nss.h b/source3/nsswitch/winbindd_nss.h index 0cf16e9666..82f55661e9 100644 --- a/source3/nsswitch/winbindd_nss.h +++ b/source3/nsswitch/winbindd_nss.h @@ -27,22 +27,59 @@ #define WINBINDD_SOCKET_NAME "pipe" /* Name of PF_UNIX socket */ #define WINBINDD_SOCKET_DIR "/tmp/.winbindd" /* Name of PF_UNIX dir */ -#define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN" /* Environment variable */ +#define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN" /* Environment variables */ +#define WINBINDD_DONT_ENV "_NO_WINBINDD" /* Socket commands */ enum winbindd_cmd { - WINBINDD_GETPWNAM_FROM_USER, /* getpwnam stuff */ - WINBINDD_GETPWNAM_FROM_UID, - WINBINDD_GETGRNAM_FROM_GROUP, /* getgrnam stuff */ - WINBINDD_GETGRNAM_FROM_GID, - WINBINDD_SETPWENT, /* get/set/endpwent */ - WINBINDD_ENDPWENT, - WINBINDD_GETPWENT, - WINBINDD_SETGRENT, /* get/set/endgrent */ - WINBINDD_ENDGRENT, - WINBINDD_GETGRENT, - WINBINDD_PAM_AUTH + + /* Get users and groups */ + + WINBINDD_GETPWNAM_FROM_USER, + WINBINDD_GETPWNAM_FROM_UID, + WINBINDD_GETGRNAM_FROM_GROUP, + WINBINDD_GETGRNAM_FROM_GID, + + /* Enumerate users and groups */ + + WINBINDD_SETPWENT, + WINBINDD_ENDPWENT, + WINBINDD_GETPWENT, + WINBINDD_SETGRENT, + WINBINDD_ENDGRENT, + WINBINDD_GETGRENT, + + /* PAM authenticate and password change */ + + WINBINDD_PAM_AUTH, + WINBINDD_PAM_CHAUTHTOK, + + /* List various things */ + + WINBINDD_LIST_USERS, /* List w/o rid->id mapping */ + WINBINDD_LIST_GROUPS, /* Ditto */ + WINBINDD_LIST_TRUSTDOM, + + /* SID conversion */ + + WINBINDD_LOOKUPSID, + WINBINDD_LOOKUPNAME, + + /* S*RS functions */ + + WINBINDD_SID_TO_UID, + WINBINDD_SID_TO_GID, + WINBINDD_UID_TO_SID, + WINBINDD_GID_TO_SID, + + /* Miscellaneous other stuff */ + + WINBINDD_CHECK_MACHACC, /* Check machine account pw works */ + + /* Placeholder for end of cmd list */ + + WINBINDD_NUM_CMDS }; /* Winbind request structure */ @@ -52,15 +89,21 @@ struct winbindd_request { pid_t pid; /* pid of calling process */ union { - fstring username; /* getpwnam() */ - fstring groupname; /* getgrnam() */ - uid_t uid; /* getpwuid() */ - gid_t gid; /* getgrgid() */ + fstring username; /* getpwnam */ + fstring groupname; /* getgrnam */ + uid_t uid; /* getpwuid, uid_to_sid */ + gid_t gid; /* getgrgid, gid_to_sid */ struct { - /* the following is used by pam_winbind */ fstring user; fstring pass; - } auth; + } auth; /* pam_winbind auth module */ + struct { + fstring user; + fstring oldpass; + fstring newpass; + } chauthtok; /* pam_winbind passwd module */ + fstring sid; /* lookupsid, sid_to_[ug]id */ + fstring name; /* lookupname */ } data; fstring domain; /* {set,get,end}{pw,gr}ent() */ }; @@ -68,51 +111,58 @@ struct winbindd_request { /* Response values */ enum winbindd_result { - WINBINDD_ERROR, - WINBINDD_OK + WINBINDD_ERROR, + WINBINDD_OK }; /* Winbind response structure */ struct winbindd_response { - /* Header information */ - - int length; /* Length of response */ - enum winbindd_result result; /* Result code */ - - /* Fixed length return data */ + /* Header information */ - union { - - /* getpwnam, getpwuid, getpwent */ + int length; /* Length of response */ + enum winbindd_result result; /* Result code */ - struct winbindd_pw { - fstring pw_name; - fstring pw_passwd; - uid_t pw_uid; - gid_t pw_gid; - fstring pw_gecos; - fstring pw_dir; - fstring pw_shell; - int pwent_ndx; - } pw; - - /* getgrnam, getgrgid, getgrent */ - - struct winbindd_gr { - fstring gr_name; - fstring gr_passwd; - gid_t gr_gid; - int num_gr_mem; - int grent_ndx; - } gr; - - } data; + /* Fixed length return data */ + + union { + + /* getpwnam, getpwuid, getpwent */ + + struct winbindd_pw { + fstring pw_name; + fstring pw_passwd; + uid_t pw_uid; + gid_t pw_gid; + fstring pw_gecos; + fstring pw_dir; + fstring pw_shell; + int pwent_ndx; + } pw; + + /* getgrnam, getgrgid, getgrent */ + + struct winbindd_gr { + fstring gr_name; + fstring gr_passwd; + gid_t gr_gid; + int num_gr_mem; + int grent_ndx; + } gr; + + fstring sid; /* lookupname, [ug]id_to_sid */ + struct { + fstring name; /* lookupsid */ + int type; + } name; + uid_t uid; /* sid_to_uid */ + gid_t gid; /* sid_to_gid */ + } data; - /* Variable length return data */ + /* Variable length return data */ - void *extra_data; /* getgrnam, getgrgid, getgrent */ + void *extra_data; /* getgrnam, getgrgid, getgrent */ }; #endif |