diff options
Diffstat (limited to 'source3/winbindd')
73 files changed, 796 insertions, 547 deletions
diff --git a/source3/winbindd/idmap.c b/source3/winbindd/idmap.c index 2eb655f780..6ae10115b7 100644 --- a/source3/winbindd/idmap.c +++ b/source3/winbindd/idmap.c @@ -401,7 +401,7 @@ struct idmap_domain *idmap_find_domain(const char *domname) /* * talloc context for all idmap domains */ - idmap_domains = TALLOC_ARRAY(NULL, struct idmap_domain *, 1); + idmap_domains = talloc_array(NULL, struct idmap_domain *, 1); } if (idmap_domains == NULL) { diff --git a/source3/winbindd/idmap_ad.c b/source3/winbindd/idmap_ad.c index cf15f038ca..65b518074b 100644 --- a/source3/winbindd/idmap_ad.c +++ b/source3/winbindd/idmap_ad.c @@ -216,7 +216,7 @@ static NTSTATUS idmap_ad_initialize(struct idmap_domain *dom) char *config_option; const char *schema_mode = NULL; - ctx = TALLOC_ZERO_P(dom, struct idmap_ad_context); + ctx = talloc_zero(dom, struct idmap_ad_context); if (ctx == NULL) { DEBUG(0, ("Out of memory!\n")); return NT_STATUS_NO_MEMORY; @@ -736,7 +736,7 @@ static NTSTATUS nss_ad_generic_init(struct nss_domain_entry *e, if (e->state != NULL) { dom = talloc_get_type(e->state, struct idmap_domain); } else { - dom = TALLOC_ZERO_P(e, struct idmap_domain); + dom = talloc_zero(e, struct idmap_domain); if (dom == NULL) { DEBUG(0, ("Out of memory!\n")); return NT_STATUS_NO_MEMORY; @@ -756,7 +756,7 @@ static NTSTATUS nss_ad_generic_init(struct nss_domain_entry *e, ctx = talloc_get_type(dom->private_data, struct idmap_ad_context); } else { - ctx = TALLOC_ZERO_P(dom, struct idmap_ad_context); + ctx = talloc_zero(dom, struct idmap_ad_context); if (ctx == NULL) { DEBUG(0, ("Out of memory!\n")); return NT_STATUS_NO_MEMORY; diff --git a/source3/winbindd/idmap_adex/cell_util.c b/source3/winbindd/idmap_adex/cell_util.c index c82407c0f4..194544086b 100644 --- a/source3/winbindd/idmap_adex/cell_util.c +++ b/source3/winbindd/idmap_adex/cell_util.c @@ -38,7 +38,7 @@ for (i = 0; i < num_lines; i++) { /* make sure to avoid substring matches like uid and uidNumber */ - if ((StrnCaseCmp(list[i], substr, cmplen) == 0) && + if ((strncasecmp_m(list[i], substr, cmplen) == 0) && (list[i][cmplen] == '=')) { /* Don't return an empty string */ if (list[i][cmplen + 1] != '\0') @@ -110,7 +110,7 @@ static NTSTATUS cell_lookup_forest(struct likewise_cell *c) return NT_STATUS_INVALID_PARAMETER; } - if ((gc = TALLOC_ZERO_P(NULL, struct gc_info)) == NULL) { + if ((gc = talloc_zero(NULL, struct gc_info)) == NULL) { nt_status = NT_STATUS_NO_MEMORY; BAIL_ON_NTSTATUS_ERROR(nt_status); } @@ -230,7 +230,7 @@ done: while (next_token_talloc(frame, &tmp_dn, &buffer, ",")) { /* skip everything up the where DC=... begins */ - if (StrnCaseCmp(buffer, "DC=", 3) != 0) + if (strncasecmp_m(buffer, "DC=", 3) != 0) continue; if (!domain) { diff --git a/source3/winbindd/idmap_adex/domain_util.c b/source3/winbindd/idmap_adex/domain_util.c index c373106446..99dc0cca65 100644 --- a/source3/winbindd/idmap_adex/domain_util.c +++ b/source3/winbindd/idmap_adex/domain_util.c @@ -71,7 +71,7 @@ static NTSTATUS dc_add_domain(const char *domain) return NT_STATUS_OK; } - dc = TALLOC_ZERO_P(NULL, struct dc_info); + dc = talloc_zero(NULL, struct dc_info); BAIL_ON_PTR_ERROR(dc, nt_status); dc->dns_name = talloc_strdup(dc, domain); @@ -281,7 +281,7 @@ static struct dc_info *dc_find_domain(const char *dns_domain) *cell = dc->domain_cell; done: - talloc_destroy(CONST_DISCARD(char*, base)); + talloc_destroy(discard_const_p(char, base)); talloc_destroy(frame); return nt_status; diff --git a/source3/winbindd/idmap_adex/gc_util.c b/source3/winbindd/idmap_adex/gc_util.c index 77b318cb2d..461a2e679b 100644 --- a/source3/winbindd/idmap_adex/gc_util.c +++ b/source3/winbindd/idmap_adex/gc_util.c @@ -107,6 +107,7 @@ done: NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; struct NETLOGON_SAM_LOGON_RESPONSE_EX cldap_reply; TALLOC_CTX *frame = talloc_stackframe(); + struct sockaddr_storage ss; if (!gc || !domain) { return NT_STATUS_INVALID_PARAMETER; @@ -126,8 +127,17 @@ done: nt_status = ads_ntstatus(ads_status); BAIL_ON_NTSTATUS_ERROR(nt_status); + if (!resolve_name(ads->config.ldap_server_name, &ss, 0x20, true)) { + DEBUG(5,("gc_find_forest_root: unable to resolve name %s\n", + ads->config.ldap_server_name)); + nt_status = NT_STATUS_IO_TIMEOUT; + /* This matches the old code which did the resolve in + * ads_cldap_netlogon_5 */ + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + if (!ads_cldap_netlogon_5(frame, - ads->config.ldap_server_name, + &ss, ads->config.realm, &cldap_reply)) { @@ -181,7 +191,7 @@ static NTSTATUS gc_add_forest(const char *domain) return NT_STATUS_OK; } - if ((gc = TALLOC_ZERO_P(NULL, struct gc_info)) == NULL) { + if ((gc = talloc_zero(NULL, struct gc_info)) == NULL) { nt_status = NT_STATUS_NO_MEMORY; BAIL_ON_NTSTATUS_ERROR(nt_status); } @@ -771,17 +781,17 @@ done: #endif if (count == 0) { - ads_tmp = TALLOC_ARRAY(NULL, ADS_STRUCT*, 1); + ads_tmp = talloc_array(NULL, ADS_STRUCT*, 1); BAIL_ON_PTR_ERROR(ads_tmp, nt_status); - msg_tmp = TALLOC_ARRAY(NULL, LDAPMessage*, 1); + msg_tmp = talloc_array(NULL, LDAPMessage*, 1); BAIL_ON_PTR_ERROR(msg_tmp, nt_status); } else { - ads_tmp = TALLOC_REALLOC_ARRAY(*ads_list, *ads_list, ADS_STRUCT*, + ads_tmp = talloc_realloc(*ads_list, *ads_list, ADS_STRUCT*, count+1); BAIL_ON_PTR_ERROR(ads_tmp, nt_status); - msg_tmp = TALLOC_REALLOC_ARRAY(*msg_list, *msg_list, LDAPMessage*, + msg_tmp = talloc_realloc(*msg_list, *msg_list, LDAPMessage*, count+1); BAIL_ON_PTR_ERROR(msg_tmp, nt_status); } diff --git a/source3/winbindd/idmap_adex/likewise_cell.c b/source3/winbindd/idmap_adex/likewise_cell.c index 0914132b93..0e544e90f7 100644 --- a/source3/winbindd/idmap_adex/likewise_cell.c +++ b/source3/winbindd/idmap_adex/likewise_cell.c @@ -85,7 +85,7 @@ static struct likewise_cell *_lw_cell_list = NULL; /* Each cell struct is a TALLOC_CTX* */ - c = TALLOC_ZERO_P(NULL, struct likewise_cell); + c = talloc_zero(NULL, struct likewise_cell); if (!c) { DEBUG(0,("cell_new: memory allocation failure!\n")); return NULL; diff --git a/source3/winbindd/idmap_adex/provider_unified.c b/source3/winbindd/idmap_adex/provider_unified.c index b61666fa50..9e271a0db9 100644 --- a/source3/winbindd/idmap_adex/provider_unified.c +++ b/source3/winbindd/idmap_adex/provider_unified.c @@ -237,7 +237,7 @@ static NTSTATUS search_cell(struct likewise_cell *c, done: PRINT_NTSTATUS_ERROR(nt_status, "search_cell", 4); - talloc_destroy(CONST_DISCARD(char*, base)); + talloc_destroy(discard_const_p(char, base)); talloc_destroy(frame); return nt_status; @@ -310,7 +310,7 @@ static bool check_forest_scope(const char *dn) } q++; - if (StrnCaseCmp(q, "dc=", 3) != 0) { + if (strncasecmp_m(q, "dc=", 3) != 0) { nt_status = NT_STATUS_OBJECT_PATH_NOT_FOUND; BAIL_ON_NTSTATUS_ERROR(nt_status); } diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index 5e3dacf624..cddbff2d47 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -28,6 +28,7 @@ #include "dbwrap.h" #include "idmap.h" #include "../libcli/security/dom_sid.h" +#include "util_tdb.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_IDMAP @@ -376,7 +377,7 @@ static struct autorid_global_config *idmap_autorid_loadconfig(TALLOC_CTX * ctx) return NULL; } - cfg = TALLOC_ZERO_P(ctx, struct autorid_global_config); + cfg = talloc_zero(ctx, struct autorid_global_config); if (!cfg) { return NULL; } @@ -435,7 +436,14 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) NTSTATUS status; uint32_t hwm; - config = TALLOC_ZERO_P(dom, struct autorid_global_config); + if (!strequal(dom->name, "*")) { + DEBUG(0, ("idmap_autorid_initialize: Error: autorid configured " + "for domain '%s'. But autorid can only be used for " + "the default idmap configuration.\n", dom->name)); + return NT_STATUS_INVALID_PARAMETER; + } + + config = talloc_zero(dom, struct autorid_global_config); if (!config) { DEBUG(0, ("Out of memory!\n")); return NT_STATUS_NO_MEMORY; @@ -447,7 +455,7 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) } config->minvalue = dom->low_id; - config->rangesize = lp_parm_int(-1, "autorid", "rangesize", 100000); + config->rangesize = lp_parm_int(-1, "idmap config *", "rangesize", 100000); if (config->rangesize < 2000) { DEBUG(1, ("autorid rangesize must be at least 2000\n")); @@ -522,14 +530,12 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) dom->private_data = config; - if (!NT_STATUS_IS_OK(status)) { - goto error; - } + goto done; - return NT_STATUS_OK; - - error: +error: talloc_free(config); + +done: talloc_free(storedconfig); return status; diff --git a/source3/winbindd/idmap_hash/idmap_hash.c b/source3/winbindd/idmap_hash/idmap_hash.c index 474387918e..a6e883c474 100644 --- a/source3/winbindd/idmap_hash/idmap_hash.c +++ b/source3/winbindd/idmap_hash/idmap_hash.c @@ -127,7 +127,7 @@ static NTSTATUS be_init(struct idmap_domain *dom) /* Create the hash table of domain SIDs */ - hashed_domains = TALLOC_ZERO_ARRAY(dom, struct sid_hash_table, 4096); + hashed_domains = talloc_zero_array(dom, struct sid_hash_table, 4096); BAIL_ON_PTR_NT_ERROR(hashed_domains, nt_status); /* create the hash table of domain SIDs */ diff --git a/source3/winbindd/idmap_hash/mapfile.c b/source3/winbindd/idmap_hash/mapfile.c index 2828059093..075f0f25cc 100644 --- a/source3/winbindd/idmap_hash/mapfile.c +++ b/source3/winbindd/idmap_hash/mapfile.c @@ -87,8 +87,8 @@ static bool mapfile_read_line(fstring key, fstring value) *p = '\0'; p++; - fstrcpy(key, buffer); - fstrcpy(value, p); + strlcpy(key, buffer, sizeof(fstring)); + strlcpy(value, p, sizeof(fstring)); /* Eat whitespace */ diff --git a/source3/winbindd/idmap_ldap.c b/source3/winbindd/idmap_ldap.c index 7195912fc3..10d9d2e8b6 100644 --- a/source3/winbindd/idmap_ldap.c +++ b/source3/winbindd/idmap_ldap.c @@ -232,8 +232,8 @@ done: Allocate a new uid or gid ********************************/ -static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom, - struct unixid *xid) +static NTSTATUS idmap_ldap_allocate_id_internal(struct idmap_domain *dom, + struct unixid *xid) { TALLOC_CTX *mem_ctx; NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; @@ -391,21 +391,21 @@ done: * For now this is for the default idmap domain only. * Should be extended later on. */ -static NTSTATUS idmap_ldap_get_new_id(struct idmap_domain *dom, - struct unixid *id) +static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom, + struct unixid *id) { NTSTATUS ret; if (!strequal(dom->name, "*")) { - DEBUG(3, ("idmap_ldap_get_new_id: " + DEBUG(3, ("idmap_ldap_allocate_id: " "Refusing allocation of a new unixid for domain'%s'. " - "Currently only supported for the default " + "This is only supported for the default " "domain \"*\".\n", dom->name)); return NT_STATUS_NOT_IMPLEMENTED; } - ret = idmap_ldap_allocate_id(dom, id); + ret = idmap_ldap_allocate_id_internal(dom, id); return ret; } @@ -443,7 +443,7 @@ static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom) return NT_STATUS_FILE_IS_OFFLINE; } - ctx = TALLOC_ZERO_P(dom, struct idmap_ldap_context); + ctx = talloc_zero(dom, struct idmap_ldap_context); if ( ! ctx) { DEBUG(0, ("Out of memory!\n")); return NT_STATUS_NO_MEMORY; @@ -484,7 +484,7 @@ static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom) ctx->rw_ops = talloc_zero(ctx, struct idmap_rw_ops); CHECK_ALLOC_DONE(ctx->rw_ops); - ctx->rw_ops->get_new_id = idmap_ldap_get_new_id; + ctx->rw_ops->get_new_id = idmap_ldap_allocate_id_internal; ctx->rw_ops->set_mapping = idmap_ldap_set_mapping; ret = smbldap_init(ctx, winbind_event_context(), ctx->url, @@ -1144,7 +1144,7 @@ static struct idmap_methods idmap_ldap_methods = { .init = idmap_ldap_db_init, .unixids_to_sids = idmap_ldap_unixids_to_sids, .sids_to_unixids = idmap_ldap_sids_to_unixids, - .allocate_id = idmap_ldap_get_new_id, + .allocate_id = idmap_ldap_allocate_id, }; NTSTATUS idmap_ldap_init(void); diff --git a/source3/winbindd/idmap_proto.h b/source3/winbindd/idmap_proto.h index fa7f712024..4fa9ed1a26 100644 --- a/source3/winbindd/idmap_proto.h +++ b/source3/winbindd/idmap_proto.h @@ -1,3 +1,30 @@ +/* + * Unix SMB/CIFS implementation. + * ID Mapping + * + * Copyright (C) Tim Potter 2000 + * Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003 + * Copyright (C) Simo Sorce 2003-2007 + * Copyright (C) Jeremy Allison 2006 + * Copyright (C) Michael Adam 2009-2010 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef _WINBINDD_IDMAP_PROTO_H_ +#define _WINBINDD_IDMAP_PROTO_H_ + /* The following definitions come from winbindd/idmap.c */ bool idmap_is_offline(void); @@ -31,3 +58,5 @@ NTSTATUS idmap_gid_to_sid(const char *domname, struct dom_sid *sid, gid_t gid); NTSTATUS idmap_sid_to_uid(const char *dom_name, struct dom_sid *sid, uid_t *uid); NTSTATUS idmap_sid_to_gid(const char *domname, struct dom_sid *sid, gid_t *gid); bool idmap_unix_id_is_in_range(uint32_t id, struct idmap_domain *dom); + +#endif /* _WINBINDD_IDMAP_PROTO_H_ */ diff --git a/source3/winbindd/idmap_rid.c b/source3/winbindd/idmap_rid.c index 8bb63fd534..edc5e16774 100644 --- a/source3/winbindd/idmap_rid.c +++ b/source3/winbindd/idmap_rid.c @@ -41,7 +41,7 @@ static NTSTATUS idmap_rid_initialize(struct idmap_domain *dom) struct idmap_rid_context *ctx; char *config_option = NULL; - ctx = TALLOC_ZERO_P(dom, struct idmap_rid_context); + ctx = talloc_zero(dom, struct idmap_rid_context); if (ctx == NULL) { DEBUG(0, ("Out of memory!\n")); return NT_STATUS_NO_MEMORY; diff --git a/source3/winbindd/idmap_tdb.c b/source3/winbindd/idmap_tdb.c index 19e7f0e1d5..d99d2f0e4e 100644 --- a/source3/winbindd/idmap_tdb.c +++ b/source3/winbindd/idmap_tdb.c @@ -30,6 +30,7 @@ #include "idmap_rw.h" #include "dbwrap.h" #include "../libcli/security/security.h" +#include "util_tdb.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_IDMAP @@ -145,9 +146,23 @@ static bool idmap_tdb_upgrade(struct idmap_domain *dom, struct db_context *db) bool bigendianheader; struct convert_fn_state s; - DEBUG(0, ("Upgrading winbindd_idmap.tdb from an old version\n")); - +#if BUILD_TDB2 + /* If we are bigendian, tdb is bigendian if NOT converted. */ + union { + uint16 large; + unsigned char small[2]; + } u; + u.large = 0x0102; + if (u.small[0] == 0x01) + bigendianheader = !(db->get_flags(db) & TDB_CONVERT); + else { + assert(u.small[0] == 0x02); + bigendianheader = (db->get_flags(db) & TDB_CONVERT); + } +#else bigendianheader = (db->get_flags(db) & TDB_BIGENDIAN) ? True : False; +#endif + DEBUG(0, ("Upgrading winbindd_idmap.tdb from an old version\n")); vers = dbwrap_fetch_int32(db, "IDMAP_VERSION"); diff --git a/source3/winbindd/idmap_tdb2.c b/source3/winbindd/idmap_tdb2.c index 1a5a51a5b4..2a15244459 100644 --- a/source3/winbindd/idmap_tdb2.c +++ b/source3/winbindd/idmap_tdb2.c @@ -38,6 +38,7 @@ #include "idmap_rw.h" #include "dbwrap.h" #include "../libcli/security/dom_sid.h" +#include "util_tdb.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_IDMAP diff --git a/source3/winbindd/nss_info.c b/source3/winbindd/nss_info.c index 77ac421d55..a3f95c6493 100644 --- a/source3/winbindd/nss_info.c +++ b/source3/winbindd/nss_info.c @@ -118,7 +118,7 @@ static NTSTATUS nss_domain_list_add_domain(const char *domain, { struct nss_domain_entry *nss_domain; - nss_domain = TALLOC_ZERO_P(nss_domain_list, struct nss_domain_entry); + nss_domain = talloc_zero(nss_domain_list, struct nss_domain_entry); if (!nss_domain) { DEBUG(0, ("nss_domain_list_add_domain: talloc() failure!\n")); return NT_STATUS_NO_MEMORY; diff --git a/source3/winbindd/wb_fill_pwent.c b/source3/winbindd/wb_fill_pwent.c index 23057384c2..a716245ce8 100644 --- a/source3/winbindd/wb_fill_pwent.c +++ b/source3/winbindd/wb_fill_pwent.c @@ -72,8 +72,7 @@ static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq) status = wb_sid2uid_recv(subreq, &state->pw->pw_uid); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -98,8 +97,7 @@ static void wb_fill_pwent_sid2gid_done(struct tevent_req *subreq) status = wb_sid2gid_recv(subreq, &state->pw->pw_gid); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -131,7 +129,9 @@ static void wb_fill_pwent_sid2gid_done(struct tevent_req *subreq) true); } - fstrcpy(state->pw->pw_name, output_username); + strlcpy(state->pw->pw_name, + output_username, + sizeof(state->pw->pw_name)); fstrcpy(state->pw->pw_gecos, state->info->full_name); /* Home directory and shell */ @@ -194,7 +194,7 @@ static bool fillup_pw_field(const char *lp_template, if (!templ) return False; - safe_strcpy(out, templ, sizeof(fstring) - 1); + strlcpy(out, templ, sizeof(fstring)); TALLOC_FREE(templ); return True; diff --git a/source3/winbindd/wb_getgrsid.c b/source3/winbindd/wb_getgrsid.c index e55c1b0021..7d7e56a5ca 100644 --- a/source3/winbindd/wb_getgrsid.c +++ b/source3/winbindd/wb_getgrsid.c @@ -83,8 +83,7 @@ static void wb_getgrsid_lookupsid_done(struct tevent_req *subreq) status = wb_lookupsid_recv(subreq, state, &state->type, &state->domname, &state->name); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -115,8 +114,7 @@ static void wb_getgrsid_sid2gid_done(struct tevent_req *subreq) status = wb_sid2gid_recv(subreq, &state->gid); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } subreq = wb_group_members_send(state, state->ev, &state->sid, @@ -137,8 +135,7 @@ static void wb_getgrsid_got_members(struct tevent_req *subreq) status = wb_group_members_recv(subreq, state, &state->members); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/wb_getpwsid.c b/source3/winbindd/wb_getpwsid.c index 24ce7dc3f4..3c942f0857 100644 --- a/source3/winbindd/wb_getpwsid.c +++ b/source3/winbindd/wb_getpwsid.c @@ -74,8 +74,7 @@ static void wb_getpwsid_queryuser_done(struct tevent_req *subreq) status = wb_queryuser_recv(subreq, state, &state->userinfo); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -118,8 +117,7 @@ static void wb_getpwsid_lookupsid_done(struct tevent_req *subreq) status = wb_lookupsid_recv(subreq, state->userinfo, &type, &domain, &state->userinfo->acct_name); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } subreq = wb_fill_pwent_send(state, state->ev, state->userinfo, @@ -137,8 +135,7 @@ static void wb_getpwsid_done(struct tevent_req *subreq) NTSTATUS status; status = wb_fill_pwent_recv(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/wb_gettoken.c b/source3/winbindd/wb_gettoken.c index 5c2af4abd6..aaaffa0bf2 100644 --- a/source3/winbindd/wb_gettoken.c +++ b/source3/winbindd/wb_gettoken.c @@ -90,8 +90,7 @@ static void wb_gettoken_gotgroups(struct tevent_req *subreq) status = wb_lookupusergroups_recv(subreq, state, &state->num_sids, &state->sids); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -135,8 +134,7 @@ static void wb_gettoken_gotlocalgroups(struct tevent_req *subreq) status = wb_lookupuseraliases_recv(subreq, state, &num_rids, &rids); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } domain = find_domain_from_sid_noinit(get_global_sam_sid()); @@ -181,8 +179,7 @@ static void wb_gettoken_gotbuiltins(struct tevent_req *subreq) status = wb_lookupuseraliases_recv(subreq, state, &num_rids, &rids); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } if (!wb_add_rids_to_sids(state, &state->num_sids, &state->sids, diff --git a/source3/winbindd/wb_group_members.c b/source3/winbindd/wb_group_members.c index c9603e73f8..e6efcabfad 100644 --- a/source3/winbindd/wb_group_members.c +++ b/source3/winbindd/wb_group_members.c @@ -155,8 +155,7 @@ static struct tevent_req *wb_groups_members_send(TALLOC_CTX *mem_ctx, state->all_members = NULL; status = wb_groups_members_next_subreq(state, state, &subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return tevent_req_post(req, ev); } if (subreq == NULL) { @@ -210,8 +209,7 @@ static void wb_groups_members_done(struct tevent_req *subreq) * and just continue if an error occured. */ - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -235,8 +233,7 @@ static void wb_groups_members_done(struct tevent_req *subreq) TALLOC_FREE(members); status = wb_groups_members_next_subreq(state, state, &subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } if (subreq == NULL) { @@ -313,8 +310,7 @@ struct tevent_req *wb_group_members_send(TALLOC_CTX *mem_ctx, state->groups->type = type; status = wb_group_members_next_subreq(state, state, &subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return tevent_req_post(req, ev); } if (subreq == NULL) { @@ -361,8 +357,7 @@ static void wb_group_members_done(struct tevent_req *subreq) status = wb_groups_members_recv(subreq, state, &num_members, &members); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -440,8 +435,7 @@ static void wb_group_members_done(struct tevent_req *subreq) } status = wb_group_members_next_subreq(state, state, &subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } if (subreq == NULL) { diff --git a/source3/winbindd/wb_lookupname.c b/source3/winbindd/wb_lookupname.c index a9b4dfa586..2ebaba03d3 100644 --- a/source3/winbindd/wb_lookupname.c +++ b/source3/winbindd/wb_lookupname.c @@ -91,8 +91,7 @@ static void wb_lookupname_done(struct tevent_req *subreq) status = dcerpc_wbint_LookupName_recv(subreq, state, &result); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } if (NT_STATUS_IS_OK(result)) { diff --git a/source3/winbindd/wb_lookupsid.c b/source3/winbindd/wb_lookupsid.c index 2e1b21a8d8..2ab3917ceb 100644 --- a/source3/winbindd/wb_lookupsid.c +++ b/source3/winbindd/wb_lookupsid.c @@ -76,8 +76,7 @@ static void wb_lookupsid_done(struct tevent_req *subreq) status = dcerpc_wbint_LookupSid_recv(subreq, state, &result); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } if (NT_STATUS_IS_OK(result)) { diff --git a/source3/winbindd/wb_lookupsids.c b/source3/winbindd/wb_lookupsids.c index 05601ad192..03b2ca9029 100644 --- a/source3/winbindd/wb_lookupsids.c +++ b/source3/winbindd/wb_lookupsids.c @@ -128,26 +128,26 @@ struct tevent_req *wb_lookupsids_send(TALLOC_CTX *mem_ctx, return tevent_req_post(req, ev); } - state->single_sids = TALLOC_ARRAY(state, uint32_t, num_sids); + state->single_sids = talloc_array(state, uint32_t, num_sids); if (tevent_req_nomem(state->single_sids, req)) { return tevent_req_post(req, ev); } - state->res_domains = TALLOC_ZERO_P(state, struct lsa_RefDomainList); + state->res_domains = talloc_zero(state, struct lsa_RefDomainList); if (tevent_req_nomem(state->res_domains, req)) { return tevent_req_post(req, ev); } - state->res_domains->domains = TALLOC_ARRAY( + state->res_domains->domains = talloc_array( state->res_domains, struct lsa_DomainInfo, num_sids); if (tevent_req_nomem(state->res_domains->domains, req)) { return tevent_req_post(req, ev); } - state->res_names = TALLOC_ZERO_P(state, struct lsa_TransNameArray); + state->res_names = talloc_zero(state, struct lsa_TransNameArray); if (tevent_req_nomem(state->res_names, req)) { return tevent_req_post(req, ev); } - state->res_names->names = TALLOC_ARRAY( + state->res_names->names = talloc_array( state->res_names, struct lsa_TranslatedName, num_sids); if (tevent_req_nomem(state->res_names->names, req)) { return tevent_req_post(req, ev); @@ -187,7 +187,7 @@ static bool wb_lookupsids_next(struct tevent_req *req, if (sid_check_is_domain(&d->sid)) { state->rids.num_rids = d->sids.num_sids; - state->rids.rids = TALLOC_ARRAY(state, uint32_t, + state->rids.rids = talloc_array(state, uint32_t, state->rids.num_rids); if (tevent_req_nomem(state->rids.rids, req)) { return false; @@ -325,7 +325,7 @@ static struct wb_lookupsids_domain *wb_lookupsids_get_domain( return NULL; } - domains = TALLOC_REALLOC_ARRAY( + domains = talloc_realloc( mem_ctx, domains, struct wb_lookupsids_domain, num_domains+1); if (domains == NULL) { return NULL; @@ -337,13 +337,13 @@ static struct wb_lookupsids_domain *wb_lookupsids_get_domain( sid_split_rid(&domain->sid, NULL); domain->domain = wb_domain; - domain->sids.sids = TALLOC_ARRAY(domains, struct lsa_SidPtr, num_sids); + domain->sids.sids = talloc_array(domains, struct lsa_SidPtr, num_sids); if (domains->sids.sids == NULL) { goto fail; } domain->sids.num_sids = 0; - domain->sid_indexes = TALLOC_ARRAY(domains, uint32_t, num_sids); + domain->sid_indexes = talloc_array(domains, uint32_t, num_sids); if (domain->sid_indexes == NULL) { TALLOC_FREE(domain->sids.sids); goto fail; @@ -354,7 +354,7 @@ fail: /* * Realloc to the state it was in before */ - *pdomains = TALLOC_REALLOC_ARRAY( + *pdomains = talloc_realloc( mem_ctx, domains, struct wb_lookupsids_domain, num_domains); return NULL; } @@ -428,6 +428,7 @@ static void wb_lookupsids_done(struct tevent_req *subreq) req, struct wb_lookupsids_state); struct wb_lookupsids_domain *d; uint32_t i; + bool fallback = false; NTSTATUS status, result; @@ -437,13 +438,31 @@ static void wb_lookupsids_done(struct tevent_req *subreq) return; } + d = &state->domains[state->domains_done]; + + if (NT_STATUS_IS_ERR(result)) { + fallback = true; + } else if (state->tmp_names.count != d->sids.num_sids) { + fallback = true; + } + + if (fallback) { + for (i=0; i < d->sids.num_sids; i++) { + uint32_t res_sid_index = d->sid_indexes[i]; + + state->single_sids[state->num_single_sids] = + res_sid_index; + state->num_single_sids += 1; + } + state->domains_done += 1; + wb_lookupsids_next(req, state); + return; + } + /* - * Ignore "result" here. We depend on the individual states in - * the translated names. + * Look at the individual states in the translated names. */ - d = &state->domains[state->domains_done]; - for (i=0; i<state->tmp_names.count; i++) { uint32_t res_sid_index = d->sid_indexes[i]; @@ -462,7 +481,7 @@ static void wb_lookupsids_done(struct tevent_req *subreq) &state->tmp_domains, &state->tmp_names.names[i], state->res_domains, state->res_names, res_sid_index)) { - tevent_req_nomem(NULL, req); + tevent_req_oom(req); return; } } @@ -525,7 +544,7 @@ static void wb_lookupsids_single_done(struct tevent_req *subreq) &src_domains, &src_name, state->res_domains, state->res_names, res_sid_index)) { - tevent_req_nomem(NULL, req); + tevent_req_oom(req); return; } state->single_sids_done += 1; @@ -544,6 +563,7 @@ static void wb_lookupsids_lookuprids_done(struct tevent_req *subreq) NTSTATUS status, result; struct wb_lookupsids_domain *d; uint32_t i; + bool fallback = false; status = dcerpc_wbint_LookupRids_recv(subreq, state, &result); TALLOC_FREE(subreq); @@ -552,6 +572,30 @@ static void wb_lookupsids_lookuprids_done(struct tevent_req *subreq) } d = &state->domains[state->domains_done]; + + if (NT_STATUS_IS_ERR(result)) { + fallback = true; + } else if (state->rid_names.num_principals != d->sids.num_sids) { + fallback = true; + } + + if (fallback) { + for (i=0; i < d->sids.num_sids; i++) { + uint32_t res_sid_index = d->sid_indexes[i]; + + state->single_sids[state->num_single_sids] = + res_sid_index; + state->num_single_sids += 1; + } + state->domains_done += 1; + wb_lookupsids_next(req, state); + return; + } + + /* + * Look at the individual states in the translated names. + */ + sid_copy(&src_domain_sid, get_global_sam_sid()); src_domain.name.string = get_global_sam_name(); src_domain.sid = &src_domain_sid; @@ -575,7 +619,7 @@ static void wb_lookupsids_lookuprids_done(struct tevent_req *subreq) &src_domains, &src_name, state->res_domains, state->res_names, res_sid_index)) { - tevent_req_nomem(NULL, req); + tevent_req_oom(req); return; } } @@ -595,6 +639,24 @@ NTSTATUS wb_lookupsids_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, if (tevent_req_is_nterror(req, &status)) { return status; } + + /* + * The returned names need to match the given sids, + * if not we have a bug in the code! + * + */ + SMB_ASSERT(state->res_names->count == state->num_sids); + + /* + * Not strictly needed, but it might make debugging in the callers + * easier in future, if the talloc_array_length() returns the + * expected result... + */ + state->res_domains->domains = talloc_realloc(state->res_domains, + state->res_domains->domains, + struct lsa_DomainInfo, + state->res_domains->count); + *domains = talloc_move(mem_ctx, &state->res_domains); *names = talloc_move(mem_ctx, &state->res_names); return NT_STATUS_OK; diff --git a/source3/winbindd/wb_lookupuseraliases.c b/source3/winbindd/wb_lookupuseraliases.c index f6fe855a85..5e7eb1c33c 100644 --- a/source3/winbindd/wb_lookupuseraliases.c +++ b/source3/winbindd/wb_lookupuseraliases.c @@ -44,7 +44,7 @@ struct tevent_req *wb_lookupuseraliases_send(TALLOC_CTX *mem_ctx, return NULL; } state->sids.num_sids = num_sids; - state->sids.sids = CONST_DISCARD(struct dom_sid *, sids); + state->sids.sids = discard_const_p(struct dom_sid, sids); subreq = dcerpc_wbint_LookupUserAliases_send( state, ev, dom_child_handle(domain), &state->sids, &state->rids); diff --git a/source3/winbindd/wb_next_grent.c b/source3/winbindd/wb_next_grent.c index c7af6416c4..2b3799ab93 100644 --- a/source3/winbindd/wb_next_grent.c +++ b/source3/winbindd/wb_next_grent.c @@ -101,12 +101,11 @@ static void wb_next_grent_fetch_done(struct tevent_req *subreq) status = dcerpc_wbint_QueryGroupList_recv(subreq, state, &result); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { + if (tevent_req_nterror(req, status)) { /* Ignore errors here, just log it */ DEBUG(10, ("query_user_list for domain %s returned %s\n", state->gstate->domain->name, nt_errstr(status))); - tevent_req_nterror(req, status); return; } if (!NT_STATUS_IS_OK(result)) { @@ -169,8 +168,7 @@ static void wb_next_grent_getgrsid_done(struct tevent_req *subreq) status = wb_getgrsid_recv(subreq, talloc_tos(), &domname, &name, &state->gr->gr_gid, &state->members); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } if (!fill_grent(talloc_tos(), state->gr, domname, name, diff --git a/source3/winbindd/wb_next_pwent.c b/source3/winbindd/wb_next_pwent.c index 4595fbc653..da4754cc9f 100644 --- a/source3/winbindd/wb_next_pwent.c +++ b/source3/winbindd/wb_next_pwent.c @@ -148,8 +148,7 @@ static void wb_next_pwent_fill_done(struct tevent_req *subreq) status = wb_fill_pwent_recv(subreq); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } state->gstate->next_user += 1; diff --git a/source3/winbindd/wb_sid2gid.c b/source3/winbindd/wb_sid2gid.c index 6c102a205c..cb95191e7e 100644 --- a/source3/winbindd/wb_sid2gid.c +++ b/source3/winbindd/wb_sid2gid.c @@ -94,8 +94,7 @@ static void wb_sid2gid_lookup_done(struct tevent_req *subreq) status = wb_lookupsid_recv(subreq, talloc_tos(), &type, &domname, &name); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } diff --git a/source3/winbindd/wb_sid2uid.c b/source3/winbindd/wb_sid2uid.c index 5dd4b82eef..a2e0f9712f 100644 --- a/source3/winbindd/wb_sid2uid.c +++ b/source3/winbindd/wb_sid2uid.c @@ -93,8 +93,7 @@ static void wb_sid2uid_lookup_done(struct tevent_req *subreq) status = wb_lookupsid_recv(subreq, talloc_tos(), &type, &domname, &name); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index c5a124a628..469d64e41d 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -27,6 +27,7 @@ #include "winbindd.h" #include "nsswitch/winbind_client.h" #include "nsswitch/wb_reqtrans.h" +#include "ntdomain.h" #include "../librpc/gen_ndr/srv_lsa.h" #include "../librpc/gen_ndr/srv_samr.h" #include "secrets.h" @@ -378,6 +379,7 @@ static void winbind_msg_validate_cache(struct messaging_context *msg_ctx, { uint8 ret; pid_t child_pid; + NTSTATUS status; DEBUG(10, ("winbindd_msg_validate_cache: got validate-cache " "message.\n")); @@ -404,7 +406,10 @@ static void winbind_msg_validate_cache(struct messaging_context *msg_ctx, /* child */ - if (!winbindd_reinit_after_fork(NULL)) { + status = winbindd_reinit_after_fork(NULL, NULL); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("winbindd_reinit_after_fork failed: %s\n", + nt_errstr(status))); _exit(0); } @@ -445,11 +450,6 @@ static struct winbindd_dispatch_table { { WINBINDD_CCACHE_NTLMAUTH, winbindd_ccache_ntlm_auth, "NTLMAUTH" }, { WINBINDD_CCACHE_SAVE, winbindd_ccache_save, "CCACHE_SAVE" }, - /* WINS functions */ - - { WINBINDD_WINS_BYNAME, winbindd_wins_byname, "WINS_BYNAME" }, - { WINBINDD_WINS_BYIP, winbindd_wins_byip, "WINS_BYIP" }, - /* End of list */ { WINBINDD_NUM_CMDS, NULL, "NONE" } @@ -540,6 +540,10 @@ static struct winbindd_async_dispatch_table async_nonpriv_table[] = { { WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP, "PAM_CHNG_PSWD_AUTH_CRAP", winbindd_pam_chng_pswd_auth_crap_send, winbindd_pam_chng_pswd_auth_crap_recv }, + { WINBINDD_WINS_BYIP, "WINS_BYIP", + winbindd_wins_byip_send, winbindd_wins_byip_recv }, + { WINBINDD_WINS_BYNAME, "WINS_BYNAME", + winbindd_wins_byname_send, winbindd_wins_byname_recv }, { 0, NULL, NULL, NULL } }; @@ -779,7 +783,7 @@ static void new_connection(int listen_sock, bool privileged) /* Create new connection structure */ - if ((state = TALLOC_ZERO_P(NULL, struct winbindd_cli_state)) == NULL) { + if ((state = talloc_zero(NULL, struct winbindd_cli_state)) == NULL) { close(sock); return; } @@ -940,12 +944,12 @@ static void winbindd_listen_fde_handler(struct tevent_context *ev, const char *get_winbind_pipe_dir(void) { - return lp_parm_const_string(-1, "winbindd", "socket dir", WINBINDD_SOCKET_DIR); + return lp_parm_const_string(-1, "winbindd", "socket dir", get_dyn_WINBINDD_SOCKET_DIR()); } char *get_winbind_priv_pipe_dir(void) { - return lock_path(WINBINDD_PRIV_SOCKET_SUBDIR); + return state_path(WINBINDD_PRIV_SOCKET_SUBDIR); } static bool winbindd_setup_listeners(void) diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h index 4f0f624d5b..3f1c7f558e 100644 --- a/source3/winbindd/winbindd.h +++ b/source3/winbindd/winbindd.h @@ -30,6 +30,8 @@ #include "talloc_dict.h" #include "smb_ldap.h" +#include "../lib/util/tevent_ntstatus.h" + #ifdef HAVE_LIBNSCD #include <libnscd.h> #endif diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index dde8e3f53d..610db7a62b 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -199,7 +199,7 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, goto done; } - (*pinfo) = TALLOC_ZERO_ARRAY(mem_ctx, struct wbint_userinfo, count); + (*pinfo) = talloc_zero_array(mem_ctx, struct wbint_userinfo, count); if (!*pinfo) { status = NT_STATUS_NO_MEMORY; goto done; @@ -351,7 +351,7 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain, goto done; } - (*info) = TALLOC_ZERO_ARRAY(mem_ctx, struct wb_acct_info, count); + (*info) = talloc_zero_array(mem_ctx, struct wb_acct_info, count); if (!*info) { status = NT_STATUS_NO_MEMORY; goto done; @@ -489,7 +489,7 @@ static NTSTATUS query_user(struct winbindd_domain *domain, /* try netsamlogon cache first */ - if ( (user = netsamlogon_cache_get( mem_ctx, sid )) != NULL ) + if (winbindd_use_cache() && (user = netsamlogon_cache_get( mem_ctx, sid )) != NULL ) { DEBUG(5,("query_user: Cache lookup succeeded for %s\n", sid_string_dbg(sid))); @@ -769,7 +769,7 @@ static NTSTATUS lookup_usergroups_memberof(struct winbindd_domain *domain, goto done; } - group_sids = TALLOC_ZERO_ARRAY(mem_ctx, struct dom_sid, num_strings + 1); + group_sids = talloc_zero_array(mem_ctx, struct dom_sid, num_strings + 1); if (!group_sids) { status = NT_STATUS_NO_MEMORY; goto done; @@ -1085,10 +1085,10 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, * cache. Only the rest is passed to the lsa_lookup_sids call. */ if (num_members) { - (*sid_mem) = TALLOC_ZERO_ARRAY(mem_ctx, struct dom_sid, num_members); - (*names) = TALLOC_ZERO_ARRAY(mem_ctx, char *, num_members); - (*name_types) = TALLOC_ZERO_ARRAY(mem_ctx, uint32, num_members); - (sid_mem_nocache) = TALLOC_ZERO_ARRAY(tmp_ctx, struct dom_sid, num_members); + (*sid_mem) = talloc_zero_array(mem_ctx, struct dom_sid, num_members); + (*names) = talloc_zero_array(mem_ctx, char *, num_members); + (*name_types) = talloc_zero_array(mem_ctx, uint32, num_members); + (sid_mem_nocache) = talloc_zero_array(tmp_ctx, struct dom_sid, num_members); if ((members == NULL) || (*sid_mem == NULL) || (*names == NULL) || (*name_types == NULL) || diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index 68a86257da..58a8e710f6 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -33,6 +33,7 @@ #include "nss_info.h" #include "../libcli/security/security.h" #include "passdb/machine_sid.h" +#include "util_tdb.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND @@ -308,7 +309,7 @@ static char *centry_string(struct cache_entry *centry, TALLOC_CTX *mem_ctx) smb_panic_fn("centry_string"); } - ret = TALLOC_ARRAY(mem_ctx, char, len+1); + ret = talloc_array(mem_ctx, char, len+1); if (!ret) { smb_panic_fn("centry_string out of memory\n"); } @@ -338,7 +339,7 @@ static char *centry_hash16(struct cache_entry *centry, TALLOC_CTX *mem_ctx) return NULL; } - ret = TALLOC_ARRAY(mem_ctx, char, 16); + ret = talloc_array(mem_ctx, char, 16); if (!ret) { smb_panic_fn("centry_hash out of memory\n"); } @@ -483,9 +484,9 @@ bool wcache_store_seqnum(const char *domain_name, uint32_t seqnum, ret = tdb_store_bystring(wcache->tdb, key_str, make_tdb_data(buf, sizeof(buf)), TDB_REPLACE); TALLOC_FREE(key_str); - if (ret == -1) { + if (ret != 0) { DEBUG(10, ("tdb_store_bystring failed: %s\n", - tdb_errorstr(wcache->tdb))); + tdb_errorstr_compat(wcache->tdb))); TALLOC_FREE(key_str); return false; } @@ -637,7 +638,7 @@ static struct cache_entry *wcache_fetch_raw(char *kstr) TDB_DATA key; key = string_tdb_data(kstr); - data = tdb_fetch(wcache->tdb, key); + data = tdb_fetch_compat(wcache->tdb, key); if (!data.dptr) { /* a cache miss */ return NULL; @@ -1270,7 +1271,7 @@ NTSTATUS wcache_cached_creds_exist(struct winbindd_domain *domain, const struct fstr_sprintf(key_str, "CRED/%s", sid_to_fstring(tmp, sid)); - data = tdb_fetch(cache->tdb, string_tdb_data(key_str)); + data = tdb_fetch_compat(cache->tdb, string_tdb_data(key_str)); if (!data.dptr) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -1295,6 +1296,10 @@ NTSTATUS wcache_get_creds(struct winbindd_domain *domain, uint32 rid; fstring tmp; + if (!winbindd_use_cache()) { + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + if (!cache->tdb) { return NT_STATUS_INTERNAL_DB_ERROR; } @@ -1431,7 +1436,7 @@ do_fetch_cache: if (*num_entries == 0) goto do_cached; - (*info) = TALLOC_ARRAY(mem_ctx, struct wbint_userinfo, *num_entries); + (*info) = talloc_array(mem_ctx, struct wbint_userinfo, *num_entries); if (! (*info)) { smb_panic_fn("query_user_list out of memory"); } @@ -1583,7 +1588,7 @@ do_fetch_cache: if (*num_entries == 0) goto do_cached; - (*info) = TALLOC_ARRAY(mem_ctx, struct wb_acct_info, *num_entries); + (*info) = talloc_array(mem_ctx, struct wb_acct_info, *num_entries); if (! (*info)) { smb_panic_fn("enum_dom_groups out of memory"); } @@ -1678,7 +1683,7 @@ do_fetch_cache: if (*num_entries == 0) goto do_cached; - (*info) = TALLOC_ARRAY(mem_ctx, struct wb_acct_info, *num_entries); + (*info) = talloc_array(mem_ctx, struct wb_acct_info, *num_entries); if (! (*info)) { smb_panic_fn("enum_dom_groups out of memory"); } @@ -1856,8 +1861,8 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain, /* Only save the reverse mapping if this was not a UPN */ if (!strchr(name, '@')) { - strupper_m(CONST_DISCARD(char *,domain_name)); - strlower_m(CONST_DISCARD(char *,name)); + strupper_m(discard_const_p(char, domain_name)); + strlower_m(discard_const_p(char, name)); wcache_save_sid_to_name(domain, status, sid, domain_name, name, *type); } } @@ -2001,8 +2006,8 @@ static NTSTATUS rids_to_names(struct winbindd_domain *domain, return NT_STATUS_OK; } - *names = TALLOC_ARRAY(mem_ctx, char *, num_rids); - *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids); + *names = talloc_array(mem_ctx, char *, num_rids); + *types = talloc_array(mem_ctx, enum lsa_SidType, num_rids); if ((*names == NULL) || (*types == NULL)) { result = NT_STATUS_NO_MEMORY; @@ -2769,7 +2774,7 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, } do_fetch_cache: - trusts->array = TALLOC_ZERO_ARRAY(mem_ctx, struct netr_DomainTrust, num_domains); + trusts->array = talloc_zero_array(mem_ctx, struct netr_DomainTrust, num_domains); if (!trusts->array) { TALLOC_FREE(dom_list); return NT_STATUS_NO_MEMORY; @@ -3160,7 +3165,7 @@ bool initialize_winbindd_cache(void) /* Write the version. */ if (!tdb_store_uint32(wcache->tdb, WINBINDD_CACHE_VERSION_KEYSTR, WINBINDD_CACHE_VERSION)) { DEBUG(0,("initialize_winbindd_cache: version number store failed %s\n", - tdb_errorstr(wcache->tdb) )); + tdb_errorstr_compat(wcache->tdb) )); return false; } } @@ -3378,7 +3383,7 @@ NTSTATUS wcache_remove_oldest_cached_creds(struct winbindd_domain *domain, const ret = tdb_traverse(cache->tdb, traverse_fn_get_credlist, NULL); if (ret == 0) { return NT_STATUS_OK; - } else if ((ret == -1) || (wcache_cred_list == NULL)) { + } else if ((ret < 0) || (wcache_cred_list == NULL)) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -3389,7 +3394,7 @@ NTSTATUS wcache_remove_oldest_cached_creds(struct winbindd_domain *domain, const TDB_DATA data; time_t t; - data = tdb_fetch(cache->tdb, string_tdb_data(cred->name)); + data = tdb_fetch_compat(cache->tdb, string_tdb_data(cred->name)); if (!data.dptr) { DEBUG(10,("wcache_remove_oldest_cached_creds: entry for [%s] not found\n", cred->name)); @@ -4198,10 +4203,10 @@ static bool add_wbdomain_to_tdc_array( struct winbindd_domain *new_dom, if ( !set_only ) { if ( !*domains ) { - list = TALLOC_ARRAY( NULL, struct winbindd_tdc_domain, 1 ); + list = talloc_array( NULL, struct winbindd_tdc_domain, 1 ); idx = 0; } else { - list = TALLOC_REALLOC_ARRAY( *domains, *domains, + list = talloc_realloc( *domains, *domains, struct winbindd_tdc_domain, (*num_domains)+1); idx = *num_domains; @@ -4341,7 +4346,7 @@ static size_t unpack_tdc_domains( unsigned char *buf, int buflen, return 0; } - list = TALLOC_ARRAY( NULL, struct winbindd_tdc_domain, num_domains ); + list = talloc_array( NULL, struct winbindd_tdc_domain, num_domains ); if ( !list ) { DEBUG(0,("unpack_tdc_domains: Failed to talloc() domain list!\n")); return 0; @@ -4415,7 +4420,7 @@ static bool wcache_tdc_store_list( struct winbindd_tdc_domain *domains, size_t n SAFE_FREE( data.dptr ); SAFE_FREE( key.dptr ); - return ( ret != -1 ); + return ( ret == 0 ); } /********************************************************************* @@ -4432,7 +4437,7 @@ bool wcache_tdc_fetch_list( struct winbindd_tdc_domain **domains, size_t *num_do if ( !key.dptr ) return false; - data = tdb_fetch( wcache->tdb, key ); + data = tdb_fetch_compat( wcache->tdb, key ); SAFE_FREE( key.dptr ); @@ -4522,7 +4527,7 @@ struct winbindd_tdc_domain * wcache_tdc_fetch_domain( TALLOC_CTX *ctx, const cha DEBUG(10,("wcache_tdc_fetch_domain: Found domain %s\n", name)); - d = TALLOC_P( ctx, struct winbindd_tdc_domain ); + d = talloc( ctx, struct winbindd_tdc_domain ); if ( !d ) break; @@ -4572,7 +4577,7 @@ struct winbindd_tdc_domain* dom_list[i].domain_name, sid_string_dbg(sid))); - d = TALLOC_P(ctx, struct winbindd_tdc_domain); + d = talloc(ctx, struct winbindd_tdc_domain); if (!d) break; @@ -4777,7 +4782,7 @@ bool wcache_fetch_ndr(TALLOC_CTX *mem_ctx, struct winbindd_domain *domain, if (!wcache_ndr_key(talloc_tos(), domain->name, opnum, req, &key)) { return false; } - data = tdb_fetch(wcache->tdb, key); + data = tdb_fetch_compat(wcache->tdb, key); TALLOC_FREE(key.dptr); if (data.dptr == NULL) { diff --git a/source3/winbindd/winbindd_ccache_access.c b/source3/winbindd/winbindd_ccache_access.c index 6a265ccaf0..0b52ae2eb9 100644 --- a/source3/winbindd/winbindd_ccache_access.c +++ b/source3/winbindd/winbindd_ccache_access.c @@ -55,7 +55,7 @@ static NTSTATUS do_ntlm_auth_with_hashes(const char *username, DATA_BLOB dummy_msg, reply; status = ntlmssp_client_start(NULL, - global_myname(), + lp_netbios_name(), lp_workgroup(), lp_client_ntlmv2_auth(), &ntlmssp_state); diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 1473d33721..86d6662e5a 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -69,13 +69,13 @@ #include "rpc_client/cli_lsarpc.h" #include "../librpc/gen_ndr/ndr_dssetup_c.h" #include "libads/sitename_cache.h" +#include "libsmb/libsmb.h" #include "libsmb/clidgram.h" #include "ads.h" #include "secrets.h" #include "../libcli/security/security.h" #include "passdb.h" #include "messages.h" -#include "ntdomain.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND @@ -189,6 +189,7 @@ static bool fork_child_dc_connect(struct winbindd_domain *domain) TALLOC_CTX *mem_ctx = NULL; pid_t parent_pid = sys_getpid(); char *lfile = NULL; + NTSTATUS status; if (domain->dc_probe_pid != (pid_t)-1) { /* @@ -233,7 +234,10 @@ static bool fork_child_dc_connect(struct winbindd_domain *domain) } } - if (!winbindd_reinit_after_fork(lfile)) { + status = winbindd_reinit_after_fork(NULL, lfile); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("winbindd_reinit_after_fork failed: %s\n", + nt_errstr(status))); messaging_send_buf(winbind_messaging_context(), pid_to_procid(parent_pid), MSG_WINBIND_FAILED_TO_GO_ONLINE, @@ -816,7 +820,12 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain, (*cli)->timeout = 10000; /* 10 seconds */ (*cli)->fd = sockfd; - fstrcpy((*cli)->desthost, controller); + (*cli)->desthost = talloc_strdup((*cli), controller); + if ((*cli)->desthost == NULL) { + result = NT_STATUS_NO_MEMORY; + goto done; + } + (*cli)->use_kerberos = True; peeraddr_len = sizeof(peeraddr); @@ -876,7 +885,7 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain, (*cli)->use_kerberos = True; DEBUG(5, ("connecting to %s from %s with kerberos principal " - "[%s] and realm [%s]\n", controller, global_myname(), + "[%s] and realm [%s]\n", controller, lp_netbios_name(), machine_krb5_principal, domain->alt_name)); winbindd_set_locator_kdc_envs(domain); @@ -907,7 +916,7 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain, (*cli)->use_kerberos = False; DEBUG(5, ("connecting to %s from %s with username " - "[%s]\\[%s]\n", controller, global_myname(), + "[%s]\\[%s]\n", controller, lp_netbios_name(), lp_workgroup(), machine_account)); ads_status = cli_session_setup_spnego(*cli, @@ -943,7 +952,7 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain, /* Only try authenticated if we have a username */ DEBUG(5, ("connecting to %s from %s with username " - "[%s]\\[%s]\n", controller, global_myname(), + "[%s]\\[%s]\n", controller, lp_netbios_name(), ipc_domain, ipc_username)); if (NT_STATUS_IS_OK(cli_session_setup( @@ -1073,7 +1082,7 @@ static bool add_one_dc_unique(TALLOC_CTX *mem_ctx, const char *domain_name, (struct sockaddr *)(void *)pss)) return False; - *dcs = TALLOC_REALLOC_ARRAY(mem_ctx, *dcs, struct dc_name_ip, (*num)+1); + *dcs = talloc_realloc(mem_ctx, *dcs, struct dc_name_ip, (*num)+1); if (*dcs == NULL) return False; @@ -1088,7 +1097,7 @@ static bool add_sockaddr_to_array(TALLOC_CTX *mem_ctx, struct sockaddr_storage *pss, uint16 port, struct sockaddr_storage **addrs, int *num) { - *addrs = TALLOC_REALLOC_ARRAY(mem_ctx, *addrs, struct sockaddr_storage, (*num)+1); + *addrs = talloc_realloc(mem_ctx, *addrs, struct sockaddr_storage, (*num)+1); if (*addrs == NULL) { *num = 0; @@ -1375,7 +1384,7 @@ static bool find_new_dc(TALLOC_CTX *mem_ctx, return False; status = smbsock_any_connect(addrs, dcnames, NULL, NULL, NULL, - num_addrs, 0, fd, &fd_index, NULL); + num_addrs, 0, 10, fd, &fd_index, NULL); if (!NT_STATUS_IS_OK(status)) { for (i=0; i<num_dcs; i++) { char ab[INET6_ADDRSTRLEN]; @@ -1541,7 +1550,7 @@ static NTSTATUS cm_open_connection(struct winbindd_domain *domain, return NT_STATUS_UNSUCCESSFUL; } if (dcip_to_name(mem_ctx, domain, &ss, saf_name )) { - fstrcpy( domain->dcname, saf_name ); + strlcpy(domain->dcname, saf_name, sizeof(domain->dcname)); } else { winbind_add_failed_connection_entry( domain, saf_servername, @@ -1571,7 +1580,7 @@ static NTSTATUS cm_open_connection(struct winbindd_domain *domain, status = smbsock_connect(&domain->dcaddr, 0, NULL, -1, NULL, -1, - &fd, NULL); + &fd, NULL, 10); if (!NT_STATUS_IS_OK(status)) { fd = -1; } @@ -1699,6 +1708,7 @@ void invalidate_cm_connection(struct winbindd_cm_conn *conn) void close_conns_after_fork(void) { struct winbindd_domain *domain; + struct winbindd_cli_state *cli_state; for (domain = domain_list(); domain; domain = domain->next) { struct cli_state *cli = domain->conn.cli; @@ -1715,6 +1725,15 @@ void close_conns_after_fork(void) invalidate_cm_connection(&domain->conn); } + + for (cli_state = winbindd_client_list(); + cli_state != NULL; + cli_state = cli_state->next) { + if (cli_state->sock >= 0) { + close(cli_state->sock); + cli_state->sock = -1; + } + } } static bool connection_ok(struct winbindd_domain *domain) @@ -1985,7 +2004,7 @@ static void set_dc_type_and_flags_connect( struct winbindd_domain *domain ) * no_dssetup mode here as well to get domain->initialized * set - gd */ - if (NT_STATUS_V(status) == DCERPC_FAULT_OP_RNG_ERROR) { + if (NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE)) { goto no_dssetup; } @@ -2608,7 +2627,7 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain, netlogon_pipe, domain->dcname, /* server name. */ domain->name, /* domain name */ - global_myname(), /* client name */ + lp_netbios_name(), /* client name */ account_name, /* machine account */ mach_pwd, /* machine password */ sec_chan_type, /* from get_trust_pw */ diff --git a/source3/winbindd/winbindd_cred_cache.c b/source3/winbindd/winbindd_cred_cache.c index ab8934bfd4..5e79a96ca7 100644 --- a/source3/winbindd/winbindd_cred_cache.c +++ b/source3/winbindd/winbindd_cred_cache.c @@ -596,7 +596,7 @@ NTSTATUS add_ccache_to_list(const char *princ_name, return NT_STATUS_OK; } - entry = TALLOC_P(NULL, struct WINBINDD_CCACHE_ENTRY); + entry = talloc(NULL, struct WINBINDD_CCACHE_ENTRY); if (!entry) { return NT_STATUS_NO_MEMORY; } @@ -908,7 +908,7 @@ static NTSTATUS winbindd_add_memory_creds_internal(const char *username, return winbindd_replace_memory_creds_internal(memcredp, pass); } - memcredp = TALLOC_ZERO_P(NULL, struct WINBINDD_MEMORY_CREDS); + memcredp = talloc_zero(NULL, struct WINBINDD_MEMORY_CREDS); if (!memcredp) { return NT_STATUS_NO_MEMORY; } diff --git a/source3/winbindd/winbindd_creds.c b/source3/winbindd/winbindd_creds.c index 6bbd0ffd9d..a160f7a6b5 100644 --- a/source3/winbindd/winbindd_creds.c +++ b/source3/winbindd/winbindd_creds.c @@ -38,6 +38,10 @@ NTSTATUS winbindd_get_creds(struct winbindd_domain *domain, struct netr_SamInfo3 *info; NTSTATUS status; + if (!winbindd_use_cache()) { + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + status = wcache_get_creds(domain, mem_ctx, sid, cached_nt_pass, cred_salt); if (!NT_STATUS_IS_OK(status)) { return status; diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c index 0a1534cae1..5bf90b1222 100644 --- a/source3/winbindd/winbindd_dual.c +++ b/source3/winbindd/winbindd_dual.c @@ -35,7 +35,7 @@ #include "../libcli/security/security.h" #include "system/select.h" #include "messages.h" -#include "ntdomain.h" +#include "../lib/util/tevent_unix.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND @@ -127,7 +127,7 @@ struct tevent_req *wb_child_request_send(TALLOC_CTX *mem_ctx, if (!tevent_queue_add(child->queue, ev, req, wb_child_request_trigger, NULL)) { - tevent_req_nomem(NULL, req); + tevent_req_oom(req); return tevent_req_post(req, ev); } return req; @@ -510,6 +510,11 @@ void winbind_child_died(pid_t pid) DLIST_REMOVE(winbindd_children, child); child->pid = 0; + + if (child->sock != -1) { + close(child->sock); + child->sock = -1; + } } /* Ensure any negative cache entries with the netbios or realm names are removed. */ @@ -741,7 +746,7 @@ void winbind_msg_onlinestatus(struct messaging_context *msg_ctx, } messaging_send_buf(msg_ctx, *sender, MSG_WINBIND_ONLINESTATUS, - (uint8 *)message, strlen(message) + 1); + (const uint8 *)message, strlen(message) + 1); talloc_destroy(mem_ctx); } @@ -818,7 +823,7 @@ void winbind_msg_dump_domain_list(struct messaging_context *msg_ctx, messaging_send_buf(msg_ctx, *sender, MSG_WINBIND_DUMP_DOMAIN_LIST, - (uint8_t *)message, strlen(message) + 1); + (const uint8_t *)message, strlen(message) + 1); talloc_destroy(mem_ctx); @@ -1166,7 +1171,8 @@ static void child_msg_dump_event_list(struct messaging_context *msg, dump_event_list(winbind_event_context()); } -bool winbindd_reinit_after_fork(const char *logfilename) +NTSTATUS winbindd_reinit_after_fork(const struct winbindd_child *myself, + const char *logfilename) { struct winbindd_domain *domain; struct winbindd_child *cl; @@ -1179,7 +1185,7 @@ bool winbindd_reinit_after_fork(const char *logfilename) true); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("reinit_after_fork() failed\n")); - return false; + return status; } close_conns_after_fork(); @@ -1190,10 +1196,10 @@ bool winbindd_reinit_after_fork(const char *logfilename) } if (!winbindd_setup_sig_term_handler(false)) - return false; + return NT_STATUS_NO_MEMORY; if (!winbindd_setup_sig_hup_handler(override_logfile ? NULL : logfilename)) - return false; + return NT_STATUS_NO_MEMORY; /* Stop zombies in children */ CatchChild(); @@ -1241,6 +1247,14 @@ bool winbindd_reinit_after_fork(const char *logfilename) * go through the parent. */ cl->pid = (pid_t)0; + + /* + * Close service sockets to all other children + */ + if ((cl != myself) && (cl->sock != -1)) { + close(cl->sock); + cl->sock = -1; + } } /* * This is a little tricky, children must not @@ -1261,7 +1275,7 @@ bool winbindd_reinit_after_fork(const char *logfilename) cl = idmap_child(); cl->pid = (pid_t)0; - return true; + return NT_STATUS_OK; } /* @@ -1281,6 +1295,8 @@ static bool fork_domain_child(struct winbindd_child *child) struct winbindd_request request; struct winbindd_response response; struct winbindd_domain *primary_domain = NULL; + NTSTATUS status; + ssize_t nwritten; if (child->domain) { DEBUG(10, ("fork_domain_child called for domain '%s'\n", @@ -1309,7 +1325,25 @@ static bool fork_domain_child(struct winbindd_child *child) if (child->pid != 0) { /* Parent */ + ssize_t nread; + close(fdpair[0]); + + nread = read(fdpair[1], &status, sizeof(status)); + if (nread != sizeof(status)) { + DEBUG(1, ("fork_domain_child: Could not read child status: " + "nread=%d, error=%s\n", (int)nread, + strerror(errno))); + close(fdpair[1]); + return false; + } + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("fork_domain_child: Child status is %s\n", + nt_errstr(status))); + close(fdpair[1]); + return false; + } + child->next = child->prev = NULL; DLIST_ADD(winbindd_children, child); child->sock = fdpair[1]; @@ -1324,7 +1358,18 @@ static bool fork_domain_child(struct winbindd_child *child) state.sock = fdpair[0]; close(fdpair[1]); - if (!winbindd_reinit_after_fork(child->logfilename)) { + status = winbindd_reinit_after_fork(child, child->logfilename); + + nwritten = write(state.sock, &status, sizeof(status)); + if (nwritten != sizeof(status)) { + DEBUG(1, ("fork_domain_child: Could not write status: " + "nwritten=%d, error=%s\n", (int)nwritten, + strerror(errno))); + _exit(0); + } + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("winbindd_reinit_after_fork failed: %s\n", + nt_errstr(status))); _exit(0); } @@ -1424,7 +1469,6 @@ static bool fork_domain_child(struct winbindd_child *child) TALLOC_CTX *frame = talloc_stackframe(); struct iovec iov[2]; int iov_count; - NTSTATUS status; if (run_events_poll(winbind_event_context(), 0, NULL, 0)) { TALLOC_FREE(frame); @@ -1439,7 +1483,7 @@ static bool fork_domain_child(struct winbindd_child *child) child->domain->startup = False; } - pfds = TALLOC_ZERO_P(talloc_tos(), struct pollfd); + pfds = talloc_zero(talloc_tos(), struct pollfd); if (pfds == NULL) { DEBUG(1, ("talloc failed\n")); _exit(1); diff --git a/source3/winbindd/winbindd_dual_ndr.c b/source3/winbindd/winbindd_dual_ndr.c index 003d3cded7..f5f143f612 100644 --- a/source3/winbindd/winbindd_dual_ndr.c +++ b/source3/winbindd/winbindd_dual_ndr.c @@ -29,8 +29,8 @@ #include "includes.h" #include "winbindd/winbindd.h" #include "winbindd/winbindd_proto.h" -#include "librpc/gen_ndr/srv_wbint.h" #include "ntdomain.h" +#include "librpc/gen_ndr/srv_wbint.h" struct wbint_bh_state { struct winbindd_domain *domain; @@ -144,7 +144,7 @@ static void wbint_bh_raw_call_done(struct tevent_req *subreq) state->response->extra_data.data, state->response->length - sizeof(struct winbindd_response)); if (state->response->extra_data.data && !state->out_data.data) { - tevent_req_nomem(NULL, req); + tevent_req_oom(req); return; } diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index 230edae908..c2510bc84d 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -24,11 +24,11 @@ #include "winbindd/winbindd.h" #include "winbindd/winbindd_proto.h" #include "rpc_client/cli_pipe.h" +#include "ntdomain.h" #include "librpc/gen_ndr/srv_wbint.h" #include "../librpc/gen_ndr/ndr_netlogon_c.h" #include "idmap.h" #include "../libcli/security/security.h" -#include "ntdomain.h" void _wbint_Ping(struct pipes_struct *p, struct wbint_Ping *r) { @@ -148,22 +148,22 @@ NTSTATUS _wbint_Sids2UnixIDs(struct pipes_struct *p, } } - ids = TALLOC_REALLOC_ARRAY(talloc_tos(), ids, + ids = talloc_realloc(talloc_tos(), ids, struct id_map, num_ids); if (ids == NULL) { goto nomem; } - id_ptrs = TALLOC_REALLOC_ARRAY(talloc_tos(), id_ptrs, + id_ptrs = talloc_realloc(talloc_tos(), id_ptrs, struct id_map *, num_ids+1); if (id_ptrs == NULL) { goto nomem; } - id_idx = TALLOC_REALLOC_ARRAY(talloc_tos(), id_idx, + id_idx = talloc_realloc(talloc_tos(), id_idx, uint32_t, num_ids); if (id_idx == NULL) { goto nomem; } - sids = TALLOC_REALLOC_ARRAY(talloc_tos(), sids, + sids = talloc_realloc(talloc_tos(), sids, struct dom_sid, num_ids); if (sids == NULL) { goto nomem; diff --git a/source3/winbindd/winbindd_getdcname.c b/source3/winbindd/winbindd_getdcname.c index 1c5f69e50d..cbf7f22eb8 100644 --- a/source3/winbindd/winbindd_getdcname.c +++ b/source3/winbindd/winbindd_getdcname.c @@ -65,8 +65,7 @@ static void winbindd_getdcname_done(struct tevent_req *subreq) status = wb_dsgetdcname_recv(subreq, state, &state->dcinfo); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_getgrgid.c b/source3/winbindd/winbindd_getgrgid.c index 80db309060..5edecffcb2 100644 --- a/source3/winbindd/winbindd_getgrgid.c +++ b/source3/winbindd/winbindd_getgrgid.c @@ -68,8 +68,7 @@ static void winbindd_getgrgid_gid2sid_done(struct tevent_req *subreq) status = wb_gid2sid_recv(subreq, &state->sid); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -92,8 +91,7 @@ static void winbindd_getgrgid_done(struct tevent_req *subreq) status = wb_getgrsid_recv(subreq, state, &state->domname, &state->name, &state->gid, &state->members); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_getgrnam.c b/source3/winbindd/winbindd_getgrnam.c index 3ca1aa6111..9460ff44ad 100644 --- a/source3/winbindd/winbindd_getgrnam.c +++ b/source3/winbindd/winbindd_getgrnam.c @@ -97,8 +97,7 @@ static void winbindd_getgrnam_lookupsid_done(struct tevent_req *subreq) status = wb_lookupname_recv(subreq, &state->sid, &type); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -127,8 +126,7 @@ static void winbindd_getgrnam_done(struct tevent_req *subreq) status = wb_getgrsid_recv(subreq, state, &state->domname, &state->name, &state->gid, &state->members); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_getgroups.c b/source3/winbindd/winbindd_getgroups.c index c9b0f195ce..a42986f15f 100644 --- a/source3/winbindd/winbindd_getgroups.c +++ b/source3/winbindd/winbindd_getgroups.c @@ -96,8 +96,7 @@ static void winbindd_getgroups_lookupname_done(struct tevent_req *subreq) status = wb_lookupname_recv(subreq, &state->sid, &state->type); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -119,8 +118,7 @@ static void winbindd_getgroups_gettoken_done(struct tevent_req *subreq) status = wb_gettoken_recv(subreq, state, &state->num_sids, &state->sids); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } diff --git a/source3/winbindd/winbindd_getpwent.c b/source3/winbindd/winbindd_getpwent.c index ef905b48bb..3c035eac8a 100644 --- a/source3/winbindd/winbindd_getpwent.c +++ b/source3/winbindd/winbindd_getpwent.c @@ -97,8 +97,7 @@ static void winbindd_getpwent_done(struct tevent_req *subreq) tevent_req_done(req); return; } - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } state->num_users += 1; diff --git a/source3/winbindd/winbindd_getpwnam.c b/source3/winbindd/winbindd_getpwnam.c index bc771b2e41..f2c93362ca 100644 --- a/source3/winbindd/winbindd_getpwnam.c +++ b/source3/winbindd/winbindd_getpwnam.c @@ -100,8 +100,7 @@ static void winbindd_getpwnam_lookupname_done(struct tevent_req *subreq) status = wb_lookupname_recv(subreq, &state->sid, &state->type); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -120,8 +119,7 @@ static void winbindd_getpwnam_done(struct tevent_req *subreq) status = wb_getpwsid_recv(subreq); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_getpwsid.c b/source3/winbindd/winbindd_getpwsid.c index efea3fd2b3..5248170075 100644 --- a/source3/winbindd/winbindd_getpwsid.c +++ b/source3/winbindd/winbindd_getpwsid.c @@ -70,8 +70,7 @@ static void winbindd_getpwsid_done(struct tevent_req *subreq) status = wb_getpwsid_recv(subreq); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_getpwuid.c b/source3/winbindd/winbindd_getpwuid.c index d47c085214..30f3a04efd 100644 --- a/source3/winbindd/winbindd_getpwuid.c +++ b/source3/winbindd/winbindd_getpwuid.c @@ -65,8 +65,7 @@ static void winbindd_getpwuid_uid2sid_done(struct tevent_req *subreq) status = wb_uid2sid_recv(subreq, &state->sid); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } @@ -85,8 +84,7 @@ static void winbindd_getpwuid_done(struct tevent_req *subreq) status = wb_getpwsid_recv(subreq); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_getsidaliases.c b/source3/winbindd/winbindd_getsidaliases.c index f01dac9c4c..e40a51dbd6 100644 --- a/source3/winbindd/winbindd_getsidaliases.c +++ b/source3/winbindd/winbindd_getsidaliases.c @@ -112,8 +112,7 @@ static void winbindd_getsidaliases_done(struct tevent_req *subreq) status = wb_lookupuseraliases_recv(subreq, state, &state->num_aliases, &state->aliases); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_getuserdomgroups.c b/source3/winbindd/winbindd_getuserdomgroups.c index 9fdff4fc66..55094bb99a 100644 --- a/source3/winbindd/winbindd_getuserdomgroups.c +++ b/source3/winbindd/winbindd_getuserdomgroups.c @@ -83,8 +83,7 @@ static void winbindd_getuserdomgroups_done(struct tevent_req *subreq) status = wb_lookupusergroups_recv(subreq, state, &state->num_sids, &state->sids); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_getusersids.c b/source3/winbindd/winbindd_getusersids.c index 157c2ab644..6b5510ad5a 100644 --- a/source3/winbindd/winbindd_getusersids.c +++ b/source3/winbindd/winbindd_getusersids.c @@ -74,8 +74,7 @@ static void winbindd_getusersids_done(struct tevent_req *subreq) status = wb_gettoken_recv(subreq, state, &state->num_sids, &state->sids); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_gid_to_sid.c b/source3/winbindd/winbindd_gid_to_sid.c index f8494d2df2..4a378d3d26 100644 --- a/source3/winbindd/winbindd_gid_to_sid.c +++ b/source3/winbindd/winbindd_gid_to_sid.c @@ -63,8 +63,7 @@ static void winbindd_gid_to_sid_done(struct tevent_req *subreq) status = wb_gid2sid_recv(subreq, &state->sid); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c index a985fa254f..1e4ad5fa8a 100644 --- a/source3/winbindd/winbindd_group.c +++ b/source3/winbindd/winbindd_group.c @@ -60,8 +60,8 @@ bool fill_grent(TALLOC_CTX *mem_ctx, struct winbindd_gr *gr, /* Group name and password */ - safe_strcpy(gr->gr_name, full_group_name, sizeof(gr->gr_name) - 1); - safe_strcpy(gr->gr_passwd, "x", sizeof(gr->gr_passwd) - 1); + strlcpy(gr->gr_name, full_group_name, sizeof(gr->gr_name)); + strlcpy(gr->gr_passwd, "x", sizeof(gr->gr_passwd)); return True; } diff --git a/source3/winbindd/winbindd_lookupname.c b/source3/winbindd/winbindd_lookupname.c index c1d0bf04c1..1be29fd85c 100644 --- a/source3/winbindd/winbindd_lookupname.c +++ b/source3/winbindd/winbindd_lookupname.c @@ -86,8 +86,7 @@ static void winbindd_lookupname_done(struct tevent_req *subreq) status = wb_lookupname_recv(subreq, &state->sid, &state->type); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_lookupsids.c b/source3/winbindd/winbindd_lookupsids.c index aeaf21dfb5..4a1b83fd34 100644 --- a/source3/winbindd/winbindd_lookupsids.c +++ b/source3/winbindd/winbindd_lookupsids.c @@ -80,8 +80,7 @@ static void winbindd_lookupsids_done(struct tevent_req *subreq) status = wb_lookupsids_recv(subreq, state, &state->domains, &state->names); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_misc.c b/source3/winbindd/winbindd_misc.c index 7d2516770b..3fb1436820 100644 --- a/source3/winbindd/winbindd_misc.c +++ b/source3/winbindd/winbindd_misc.c @@ -404,7 +404,7 @@ void winbindd_netbios_name(struct winbindd_cli_state *state) DEBUG(3, ("[%5lu]: request netbios name\n", (unsigned long)state->pid)); - fstrcpy(state->response->data.netbios_name, global_myname()); + fstrcpy(state->response->data.netbios_name, lp_netbios_name()); request_ok(state); } diff --git a/source3/winbindd/winbindd_msrpc.c b/source3/winbindd/winbindd_msrpc.c index 8986598daa..9ef0d87f5a 100644 --- a/source3/winbindd/winbindd_msrpc.c +++ b/source3/winbindd/winbindd_msrpc.c @@ -342,7 +342,7 @@ static NTSTATUS msrpc_rids_to_names(struct winbindd_domain *domain, DEBUG(3, ("msrpc_rids_to_names: domain %s\n", domain->name )); if (num_rids) { - sids = TALLOC_ARRAY(mem_ctx, struct dom_sid, num_rids); + sids = talloc_array(mem_ctx, struct dom_sid, num_rids); if (sids == NULL) { return NT_STATUS_NO_MEMORY; } @@ -400,7 +400,7 @@ static NTSTATUS msrpc_query_user(struct winbindd_domain *domain, { struct rpc_pipe_client *samr_pipe; struct policy_handle dom_pol; - struct netr_SamInfo3 *user; + struct netr_SamInfo3 *user = NULL; TALLOC_CTX *tmp_ctx; NTSTATUS status; @@ -418,7 +418,9 @@ static NTSTATUS msrpc_query_user(struct winbindd_domain *domain, } /* try netsamlogon cache first */ - user = netsamlogon_cache_get(tmp_ctx, user_sid); + if (winbindd_use_cache()) { + user = netsamlogon_cache_get(tmp_ctx, user_sid); + } if (user != NULL) { DEBUG(5,("msrpc_query_user: Cache lookup succeeded for %s\n", sid_string_dbg(user_sid))); @@ -699,9 +701,9 @@ static NTSTATUS msrpc_lookup_groupmem(struct winbindd_domain *domain, #define MAX_LOOKUP_RIDS 900 - *names = TALLOC_ZERO_ARRAY(mem_ctx, char *, *num_names); - *name_types = TALLOC_ZERO_ARRAY(mem_ctx, uint32, *num_names); - *sid_mem = TALLOC_ZERO_ARRAY(mem_ctx, struct dom_sid, *num_names); + *names = talloc_zero_array(mem_ctx, char *, *num_names); + *name_types = talloc_zero_array(mem_ctx, uint32, *num_names); + *sid_mem = talloc_zero_array(mem_ctx, struct dom_sid, *num_names); for (j=0;j<(*num_names);j++) sid_compose(&(*sid_mem)[j], &domain->sid, rid_mem[j]); @@ -762,7 +764,7 @@ static NTSTATUS msrpc_lookup_groupmem(struct winbindd_domain *domain, #include <ldap.h> -static int get_ldap_seq(const char *server, int port, uint32 *seq) +static int get_ldap_seq(const char *server, struct sockaddr_storage *ss, int port, uint32 *seq) { int ret = -1; struct timeval to; @@ -778,7 +780,7 @@ static int get_ldap_seq(const char *server, int port, uint32 *seq) * search timeout doesn't seem to apply to doing an open as well. JRA. */ - ldp = ldap_open_with_timeout(server, port, lp_ldap_timeout()); + ldp = ldap_open_with_timeout(server, ss, port, lp_ldap_timeout()); if (ldp == NULL) return -1; @@ -787,7 +789,7 @@ static int get_ldap_seq(const char *server, int port, uint32 *seq) to.tv_usec = 0; if (ldap_search_st(ldp, "", LDAP_SCOPE_BASE, "(objectclass=*)", - CONST_DISCARD(char **, attrs), 0, &to, &res)) + discard_const_p(char *, attrs), 0, &to, &res)) goto done; if (ldap_count_entries(ldp, res) != 1) @@ -822,7 +824,7 @@ static int get_ldap_sequence_number(struct winbindd_domain *domain, uint32 *seq) char addr[INET6_ADDRSTRLEN]; print_sockaddr(addr, sizeof(addr), &domain->dcaddr); - if ((ret = get_ldap_seq(addr, LDAP_PORT, seq)) == 0) { + if ((ret = get_ldap_seq(addr, &domain->dcaddr, LDAP_PORT, seq)) == 0) { DEBUG(3, ("get_ldap_sequence_number: Retrieved sequence " "number for Domain (%s) from DC (%s)\n", domain->name, addr)); @@ -1057,14 +1059,15 @@ static NTSTATUS msrpc_password_policy(struct winbindd_domain *domain, return status; } -typedef NTSTATUS (*lookup_sids_fn_t)(struct rpc_pipe_client *cli, +typedef NTSTATUS (*lookup_sids_fn_t)(struct dcerpc_binding_handle *h, TALLOC_CTX *mem_ctx, struct policy_handle *pol, int num_sids, const struct dom_sid *sids, char ***pdomains, char ***pnames, - enum lsa_SidType **ptypes); + enum lsa_SidType **ptypes, + NTSTATUS *result); NTSTATUS winbindd_lookup_sids(TALLOC_CTX *mem_ctx, struct winbindd_domain *domain, @@ -1075,15 +1078,17 @@ NTSTATUS winbindd_lookup_sids(TALLOC_CTX *mem_ctx, enum lsa_SidType **types) { NTSTATUS status; + NTSTATUS result; struct rpc_pipe_client *cli = NULL; + struct dcerpc_binding_handle *b = NULL; struct policy_handle lsa_policy; unsigned int orig_timeout; - lookup_sids_fn_t lookup_sids_fn = rpccli_lsa_lookup_sids; + lookup_sids_fn_t lookup_sids_fn = dcerpc_lsa_lookup_sids; if (domain->can_do_ncacn_ip_tcp) { status = cm_connect_lsa_tcp(domain, mem_ctx, &cli); if (NT_STATUS_IS_OK(status)) { - lookup_sids_fn = rpccli_lsa_lookup_sids3; + lookup_sids_fn = dcerpc_lsa_lookup_sids3; goto lookup; } domain->can_do_ncacn_ip_tcp = false; @@ -1095,27 +1100,30 @@ NTSTATUS winbindd_lookup_sids(TALLOC_CTX *mem_ctx, } lookup: + b = cli->binding_handle; + /* * This call can take a long time * allow the server to time out. * 35 seconds should do it. */ - orig_timeout = rpccli_set_timeout(cli, 35000); + orig_timeout = dcerpc_binding_handle_set_timeout(b, 35000); - status = lookup_sids_fn(cli, + status = lookup_sids_fn(b, mem_ctx, &lsa_policy, num_sids, sids, domains, names, - types); + types, + &result); /* And restore our original timeout. */ - rpccli_set_timeout(cli, orig_timeout); + dcerpc_binding_handle_set_timeout(b, orig_timeout); - if (NT_STATUS_V(status) == DCERPC_FAULT_ACCESS_DENIED || - NT_STATUS_V(status) == DCERPC_FAULT_SEC_PKG_ERROR) { + if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) || + NT_STATUS_EQUAL(status, NT_STATUS_RPC_SEC_PKG_ERROR)) { /* * This can happen if the schannel key is not * valid anymore, we need to invalidate the @@ -1130,18 +1138,23 @@ NTSTATUS winbindd_lookup_sids(TALLOC_CTX *mem_ctx, return status; } - return status; + if (!NT_STATUS_IS_OK(result)) { + return result; + } + + return NT_STATUS_OK; } -typedef NTSTATUS (*lookup_names_fn_t)(struct rpc_pipe_client *cli, +typedef NTSTATUS (*lookup_names_fn_t)(struct dcerpc_binding_handle *h, TALLOC_CTX *mem_ctx, struct policy_handle *pol, - int num_names, + uint32_t num_names, const char **names, const char ***dom_names, - int level, + enum lsa_LookupNamesLevel level, struct dom_sid **sids, - enum lsa_SidType **types); + enum lsa_SidType **types, + NTSTATUS *result); NTSTATUS winbindd_lookup_names(TALLOC_CTX *mem_ctx, struct winbindd_domain *domain, @@ -1152,15 +1165,17 @@ NTSTATUS winbindd_lookup_names(TALLOC_CTX *mem_ctx, enum lsa_SidType **types) { NTSTATUS status; + NTSTATUS result; struct rpc_pipe_client *cli = NULL; + struct dcerpc_binding_handle *b = NULL; struct policy_handle lsa_policy; unsigned int orig_timeout = 0; - lookup_names_fn_t lookup_names_fn = rpccli_lsa_lookup_names; + lookup_names_fn_t lookup_names_fn = dcerpc_lsa_lookup_names; if (domain->can_do_ncacn_ip_tcp) { status = cm_connect_lsa_tcp(domain, mem_ctx, &cli); if (NT_STATUS_IS_OK(status)) { - lookup_names_fn = rpccli_lsa_lookup_names4; + lookup_names_fn = dcerpc_lsa_lookup_names4; goto lookup; } domain->can_do_ncacn_ip_tcp = false; @@ -1172,15 +1187,16 @@ NTSTATUS winbindd_lookup_names(TALLOC_CTX *mem_ctx, } lookup: + b = cli->binding_handle; /* * This call can take a long time * allow the server to time out. * 35 seconds should do it. */ - orig_timeout = rpccli_set_timeout(cli, 35000); + orig_timeout = dcerpc_binding_handle_set_timeout(b, 35000); - status = lookup_names_fn(cli, + status = lookup_names_fn(b, mem_ctx, &lsa_policy, num_names, @@ -1188,13 +1204,14 @@ NTSTATUS winbindd_lookup_names(TALLOC_CTX *mem_ctx, domains, 1, sids, - types); + types, + &result); /* And restore our original timeout. */ - rpccli_set_timeout(cli, orig_timeout); + dcerpc_binding_handle_set_timeout(b, orig_timeout); - if (NT_STATUS_V(status) == DCERPC_FAULT_ACCESS_DENIED || - NT_STATUS_V(status) == DCERPC_FAULT_SEC_PKG_ERROR) { + if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) || + NT_STATUS_EQUAL(status, NT_STATUS_RPC_SEC_PKG_ERROR)) { /* * This can happen if the schannel key is not * valid anymore, we need to invalidate the @@ -1209,7 +1226,11 @@ NTSTATUS winbindd_lookup_names(TALLOC_CTX *mem_ctx, return status; } - return status; + if (!NT_STATUS_IS_OK(result)) { + return result; + } + + return NT_STATUS_OK; } /* the rpc backend methods are exposed via this structure */ diff --git a/source3/winbindd/winbindd_ndr.c b/source3/winbindd/winbindd_ndr.c index 2f26d8d981..b1fd6d715f 100644 --- a/source3/winbindd/winbindd_ndr.c +++ b/source3/winbindd/winbindd_ndr.c @@ -21,7 +21,7 @@ #include "winbindd.h" #include "../librpc/gen_ndr/ndr_netlogon.h" #include "../librpc/gen_ndr/ndr_security.h" -#include "librpc/ndr/util.h" +#include "../librpc/ndr/libndr.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 76e06d3735..910e42971a 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -37,7 +37,6 @@ #include "../librpc/gen_ndr/krb5pac.h" #include "passdb/machine_sid.h" #include "auth.h" -#include "ntdomain.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND @@ -386,9 +385,9 @@ static void fill_in_password_policy(struct winbindd_response *r, r->data.auth.policy.password_properties = p->password_properties; r->data.auth.policy.expire = - nt_time_to_unix_abs((NTTIME *)&(p->max_password_age)); + nt_time_to_unix_abs((const NTTIME *)&(p->max_password_age)); r->data.auth.policy.min_passwordage = - nt_time_to_unix_abs((NTTIME *)&(p->min_password_age)); + nt_time_to_unix_abs((const NTTIME *)&(p->min_password_age)); } static NTSTATUS fillup_password_policy(struct winbindd_domain *domain, @@ -994,7 +993,10 @@ static NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain, } - /* User does *NOT* know the correct password, modify info3 accordingly */ + /* User does *NOT* know the correct password, modify info3 accordingly, but only if online */ + if (domain->online == false) { + goto failed; + } /* failure of this is not critical */ result = get_max_bad_attempts_from_lockout_policy(domain, state->mem_ctx, &max_allowed_bad_attempts); @@ -1116,7 +1118,7 @@ static NTSTATUS winbindd_dual_auth_passdb(TALLOC_CTX *mem_ctx, NTSTATUS status; status = make_user_info(&user_info, user, user, domain, domain, - global_myname(), lm_resp, nt_resp, NULL, NULL, + lp_netbios_name(), lm_resp, nt_resp, NULL, NULL, NULL, AUTH_PASSWORD_RESPONSE); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("make_user_info failed: %s\n", nt_errstr(status))); @@ -1248,7 +1250,7 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, info3); } - if ((NT_STATUS_V(result) == DCERPC_FAULT_OP_RNG_ERROR) + if (NT_STATUS_EQUAL(result, NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE) && domain->can_do_samlogon_ex) { DEBUG(3, ("Got a DC that can not do NetSamLogonEx, " "retrying with NetSamLogon\n")); @@ -1346,7 +1348,7 @@ static NTSTATUS winbindd_dual_pam_auth_samlogon(TALLOC_CTX *mem_ctx, 'workstation' passed to the actual SamLogon call. */ names_blob = NTLMv2_generate_names_blob( - mem_ctx, global_myname(), lp_workgroup()); + mem_ctx, lp_netbios_name(), lp_workgroup()); if (!SMBNTLMv2encrypt(mem_ctx, name_user, name_domain, pass, @@ -1384,7 +1386,7 @@ static NTSTATUS winbindd_dual_pam_auth_samlogon(TALLOC_CTX *mem_ctx, domain->dcname, name_user, name_domain, - global_myname(), + lp_netbios_name(), chal, lm_resp, nt_resp, @@ -1515,8 +1517,8 @@ enum winbindd_result winbindd_dual_pam_auth(struct winbindd_domain *domain, fstr_sprintf( domain_user, "%s%c%s", name_domain, *lp_winbind_separator(), name_user ); - safe_strcpy( state->request->data.auth.user, domain_user, - sizeof(state->request->data.auth.user)-1 ); + strlcpy( state->request->data.auth.user, domain_user, + sizeof(state->request->data.auth.user)); } if (!domain->online) { @@ -1938,10 +1940,10 @@ enum winbindd_result winbindd_dual_pam_chauthtok(struct winbindd_domain *contact * short to comply with the samr_ChangePasswordUser3 idl - gd */ /* only fallback when the chgpasswd_user3 call is not supported */ - if ((NT_STATUS_EQUAL(result, NT_STATUS(DCERPC_FAULT_OP_RNG_ERROR))) || - (NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED)) || - (NT_STATUS_EQUAL(result, NT_STATUS_BUFFER_TOO_SMALL)) || - (NT_STATUS_EQUAL(result, NT_STATUS_NOT_IMPLEMENTED))) { + if (NT_STATUS_EQUAL(result, NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE) || + NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED) || + NT_STATUS_EQUAL(result, NT_STATUS_BUFFER_TOO_SMALL) || + NT_STATUS_EQUAL(result, NT_STATUS_NOT_IMPLEMENTED)) { DEBUG(10,("Password change with chgpasswd_user3 failed with: %s, retrying chgpasswd_user2\n", nt_errstr(result))); @@ -2136,7 +2138,7 @@ enum winbindd_result winbindd_dual_pam_chng_pswd_auth_crap(struct winbindd_domai } if (!*domain && lp_winbind_use_default_domain()) { - fstrcpy(domain,(char *)lp_workgroup()); + fstrcpy(domain,lp_workgroup()); } if(!*user) { diff --git a/source3/winbindd/winbindd_pam_auth_crap.c b/source3/winbindd/winbindd_pam_auth_crap.c index 186e510aa3..2fb5111510 100644 --- a/source3/winbindd/winbindd_pam_auth_crap.c +++ b/source3/winbindd/winbindd_pam_auth_crap.c @@ -74,7 +74,7 @@ struct tevent_req *winbindd_pam_auth_crap_send( } if (request->data.auth_crap.workstation[0] == '\0') { - fstrcpy(request->data.auth_crap.workstation, global_myname()); + fstrcpy(request->data.auth_crap.workstation, lp_netbios_name()); } subreq = wb_domain_request_send(state, winbind_event_context(), domain, diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index 5b48a99a8f..ce66964ace 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -291,7 +291,8 @@ void winbind_msg_ip_dropped_parent(struct messaging_context *msg_ctx, uint32_t msg_type, struct server_id server_id, DATA_BLOB *data); -bool winbindd_reinit_after_fork(const char *logfilename); +NTSTATUS winbindd_reinit_after_fork(const struct winbindd_child *myself, + const char *logfilename); struct winbindd_domain *wb_child_domain(void); /* The following definitions come from winbindd/winbindd_group.c */ @@ -391,7 +392,6 @@ struct winbindd_domain *find_lookup_domain_from_name(const char *domain_name); bool parse_domain_user(const char *domuser, fstring domain, fstring user); bool parse_domain_user_talloc(TALLOC_CTX *mem_ctx, const char *domuser, char **domain, char **user); -void parse_add_domuser(void *buf, char *domuser, int *len); bool canonicalize_username(fstring username_inout, fstring domain, fstring user); void fill_domain_username(fstring name, const char *domain, const char *user, bool can_assume); char *fill_domain_username_talloc(TALLOC_CTX *ctx, @@ -436,7 +436,6 @@ bool parse_sidlist(TALLOC_CTX *mem_ctx, const char *sidstr, /* The following definitions come from winbindd/winbindd_wins.c */ -void winbindd_wins_byip(struct winbindd_cli_state *state); void winbindd_wins_byname(struct winbindd_cli_state *state); struct tevent_req *wb_ping_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, @@ -861,6 +860,18 @@ struct tevent_req *winbindd_sids_to_xids_send(TALLOC_CTX *mem_ctx, struct winbindd_request *request); NTSTATUS winbindd_sids_to_xids_recv(struct tevent_req *req, struct winbindd_response *response); +struct tevent_req *winbindd_wins_byip_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct winbindd_cli_state *cli, + struct winbindd_request *request); +NTSTATUS winbindd_wins_byip_recv(struct tevent_req *req, + struct winbindd_response *presp); +struct tevent_req *winbindd_wins_byname_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct winbindd_cli_state *cli, + struct winbindd_request *request); +NTSTATUS winbindd_wins_byname_recv(struct tevent_req *req, + struct winbindd_response *presp); /* The following definitions come from winbindd/winbindd_samr.c */ diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c index 82599e7878..e911487324 100644 --- a/source3/winbindd/winbindd_rpc.c +++ b/source3/winbindd/winbindd_rpc.c @@ -26,12 +26,9 @@ #include "includes.h" #include "winbindd.h" #include "winbindd_rpc.h" - #include "rpc_client/rpc_client.h" #include "librpc/gen_ndr/ndr_samr_c.h" -#include "librpc/gen_ndr/srv_samr.h" #include "librpc/gen_ndr/ndr_lsa_c.h" -#include "librpc/gen_ndr/srv_lsa.h" #include "rpc_client/cli_samr.h" #include "rpc_client/cli_lsarpc.h" #include "../libcli/security/security.h" @@ -92,7 +89,7 @@ NTSTATUS rpc_query_user_list(TALLOC_CTX *mem_ctx, num_info += num_dom_users; - info = TALLOC_REALLOC_ARRAY(mem_ctx, + info = talloc_realloc(mem_ctx, info, struct wbint_userinfo, num_info); @@ -184,7 +181,7 @@ NTSTATUS rpc_enum_dom_groups(TALLOC_CTX *mem_ctx, } } - info = TALLOC_REALLOC_ARRAY(mem_ctx, + info = talloc_realloc(mem_ctx, info, struct wb_acct_info, num_info + count); @@ -244,7 +241,7 @@ NTSTATUS rpc_enum_local_groups(TALLOC_CTX *mem_ctx, } } - info = TALLOC_REALLOC_ARRAY(mem_ctx, + info = talloc_realloc(mem_ctx, info, struct wb_acct_info, num_info + count); @@ -407,7 +404,7 @@ NTSTATUS rpc_rids_to_names(TALLOC_CTX *mem_ctx, NTSTATUS status; if (num_rids > 0) { - sids = TALLOC_ARRAY(mem_ctx, struct dom_sid, num_rids); + sids = talloc_array(mem_ctx, struct dom_sid, num_rids); if (sids == NULL) { return NT_STATUS_NO_MEMORY; } @@ -597,7 +594,7 @@ NTSTATUS rpc_lookup_usergroups(TALLOC_CTX *mem_ctx, return result; } - user_grpsids = TALLOC_ARRAY(mem_ctx, struct dom_sid, num_groups); + user_grpsids = talloc_array(mem_ctx, struct dom_sid, num_groups); if (user_grpsids == NULL) { status = NT_STATUS_NO_MEMORY; return status; @@ -647,7 +644,7 @@ NTSTATUS rpc_lookup_useraliases(TALLOC_CTX *mem_ctx, num_queries, num_query_sids)); if (num_query_sids) { - sid_array.sids = TALLOC_ZERO_ARRAY(mem_ctx, struct lsa_SidPtr, num_query_sids); + sid_array.sids = talloc_zero_array(mem_ctx, struct lsa_SidPtr, num_query_sids); if (sid_array.sids == NULL) { return NT_STATUS_NO_MEMORY; } @@ -842,9 +839,9 @@ NTSTATUS rpc_lookup_groupmem(TALLOC_CTX *mem_ctx, * Step #2: Convert list of rids into list of usernames. */ if (num_names > 0) { - names = TALLOC_ZERO_ARRAY(mem_ctx, char *, num_names); - name_types = TALLOC_ZERO_ARRAY(mem_ctx, uint32_t, num_names); - sid_mem = TALLOC_ZERO_ARRAY(mem_ctx, struct dom_sid, num_names); + names = talloc_zero_array(mem_ctx, char *, num_names); + name_types = talloc_zero_array(mem_ctx, uint32_t, num_names); + sid_mem = talloc_zero_array(mem_ctx, struct dom_sid, num_names); if (names == NULL || name_types == NULL || sid_mem == NULL) { return NT_STATUS_NO_MEMORY; } @@ -1069,7 +1066,7 @@ static NTSTATUS rpc_try_lookup_sids3(TALLOC_CTX *mem_ctx, if (NT_STATUS_IS_ERR(result)) { return result; } - names = TALLOC_ZERO_P(mem_ctx, struct lsa_TransNameArray); + names = talloc_zero(mem_ctx, struct lsa_TransNameArray); if (names == NULL) { return NT_STATUS_NO_MEMORY; } @@ -1114,7 +1111,7 @@ NTSTATUS rpc_lookup_sids(TALLOC_CTX *mem_ctx, return status; } - names = TALLOC_ZERO_P(mem_ctx, struct lsa_TransNameArray); + names = talloc_zero(mem_ctx, struct lsa_TransNameArray); if (names == NULL) { return NT_STATUS_NO_MEMORY; } diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c index f24a14391b..3b9377f729 100644 --- a/source3/winbindd/winbindd_samr.c +++ b/source3/winbindd/winbindd_samr.c @@ -26,14 +26,11 @@ #include "includes.h" #include "winbindd.h" #include "winbindd_rpc.h" - #include "rpc_client/rpc_client.h" #include "../librpc/gen_ndr/ndr_samr_c.h" #include "rpc_client/cli_samr.h" -#include "../librpc/gen_ndr/srv_samr.h" #include "../librpc/gen_ndr/ndr_lsa_c.h" #include "rpc_client/cli_lsarpc.h" -#include "../librpc/gen_ndr/srv_lsa.h" #include "rpc_server/rpc_ncacn_np.h" #include "../libcli/security/security.h" #include "passdb/machine_sid.h" diff --git a/source3/winbindd/winbindd_show_sequence.c b/source3/winbindd/winbindd_show_sequence.c index 447706685e..8e53781e5a 100644 --- a/source3/winbindd/winbindd_show_sequence.c +++ b/source3/winbindd/winbindd_show_sequence.c @@ -97,8 +97,7 @@ static void winbindd_show_sequence_done_one(struct tevent_req *subreq) status = wb_seqnum_recv(subreq, &state->seqnum); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); @@ -116,8 +115,7 @@ static void winbindd_show_sequence_done_all(struct tevent_req *subreq) &state->domains, &state->stati, &state->seqnums); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_sid_to_gid.c b/source3/winbindd/winbindd_sid_to_gid.c index b0b0e6e211..df44ed8d6b 100644 --- a/source3/winbindd/winbindd_sid_to_gid.c +++ b/source3/winbindd/winbindd_sid_to_gid.c @@ -72,8 +72,7 @@ static void winbindd_sid_to_gid_done(struct tevent_req *subreq) status = wb_sid2gid_recv(subreq, &state->gid); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_sid_to_uid.c b/source3/winbindd/winbindd_sid_to_uid.c index bf2824f9d8..9ce564f02e 100644 --- a/source3/winbindd/winbindd_sid_to_uid.c +++ b/source3/winbindd/winbindd_sid_to_uid.c @@ -72,8 +72,7 @@ static void winbindd_sid_to_uid_done(struct tevent_req *subreq) status = wb_sid2uid_recv(subreq, &state->uid); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_sids_to_xids.c b/source3/winbindd/winbindd_sids_to_xids.c index 52d473b58f..d08064fbf3 100644 --- a/source3/winbindd/winbindd_sids_to_xids.c +++ b/source3/winbindd/winbindd_sids_to_xids.c @@ -80,12 +80,12 @@ struct tevent_req *winbindd_sids_to_xids_send(TALLOC_CTX *mem_ctx, DEBUG(10, ("num_sids: %d\n", (int)state->num_sids)); - state->cached = TALLOC_ZERO_ARRAY(state, struct id_map, + state->cached = talloc_zero_array(state, struct id_map, state->num_sids); if (tevent_req_nomem(state->cached, req)) { return tevent_req_post(req, ev); } - state->non_cached = TALLOC_ARRAY(state, struct dom_sid, + state->non_cached = talloc_array(state, struct dom_sid, state->num_sids); if (tevent_req_nomem(state->non_cached, req)) { return tevent_req_post(req, ev); @@ -171,13 +171,12 @@ static void winbindd_sids_to_xids_lookupsids_done(struct tevent_req *subreq) status = wb_lookupsids_recv(subreq, state, &state->domains, &state->names); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } state->ids.num_ids = state->num_non_cached; - state->ids.ids = TALLOC_ARRAY(state, struct wbint_TransID, + state->ids.ids = talloc_array(state, struct wbint_TransID, state->num_non_cached); if (tevent_req_nomem(state->ids.ids, req)) { return; @@ -202,7 +201,7 @@ static void winbindd_sids_to_xids_lookupsids_done(struct tevent_req *subreq) break; }; t->domain_index = n->sid_index; - sid_peek_rid(&state->sids[i], &t->rid); + sid_peek_rid(&state->non_cached[i], &t->rid); t->unix_id = (uint64_t)-1; } @@ -269,6 +268,9 @@ NTSTATUS winbindd_sids_to_xids_recv(struct tevent_req *req, } } else { unix_id = state->ids.ids[num_non_cached].unix_id; + if (unix_id == -1) { + found = false; + } switch(state->ids.ids[num_non_cached].type) { case WBC_ID_TYPE_UID: type = 'U'; diff --git a/source3/winbindd/winbindd_uid_to_sid.c b/source3/winbindd/winbindd_uid_to_sid.c index 467a1af96a..653a96f72a 100644 --- a/source3/winbindd/winbindd_uid_to_sid.c +++ b/source3/winbindd/winbindd_uid_to_sid.c @@ -63,8 +63,7 @@ static void winbindd_uid_to_sid_done(struct tevent_req *subreq) status = wb_uid2sid_recv(subreq, &state->sid); TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); + if (tevent_req_nterror(req, status)) { return; } tevent_req_done(req); diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c index 9fbc778e04..7dff138fc1 100644 --- a/source3/winbindd/winbindd_util.c +++ b/source3/winbindd/winbindd_util.c @@ -261,7 +261,7 @@ static void add_trusted_domains( struct winbindd_domain *domain ) struct trustdom_state *state; struct tevent_req *req; - state = TALLOC_ZERO_P(NULL, struct trustdom_state); + state = talloc_zero(NULL, struct trustdom_state); if (state == NULL) { DEBUG(0, ("talloc failed\n")); return; @@ -894,31 +894,6 @@ bool parse_domain_user_talloc(TALLOC_CTX *mem_ctx, const char *domuser, return ((*domain != NULL) && (*user != NULL)); } -/* add a domain user name to a buffer */ -void parse_add_domuser(void *buf, char *domuser, int *len) -{ - fstring domain; - char *p, *user; - - user = domuser; - p = strchr(domuser, *lp_winbind_separator()); - - if (p) { - - fstrcpy(domain, domuser); - domain[PTR_DIFF(p, domuser)] = 0; - p++; - - if (assume_domain(domain)) { - - user = p; - *len -= (PTR_DIFF(p, domuser)); - } - } - - safe_strcpy((char *)buf, user, *len); -} - /* Ensure an incoming username from NSS is fully qualified. Replace the incoming fstring with DOMAIN <separator> user. Returns the same values as parse_domain_user() but also replaces the incoming username. diff --git a/source3/winbindd/winbindd_wins.c b/source3/winbindd/winbindd_wins.c deleted file mode 100644 index e1beb1d80b..0000000000 --- a/source3/winbindd/winbindd_wins.c +++ /dev/null @@ -1,204 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind daemon - WINS related functions - - Copyright (C) Andrew Tridgell 1999 - Copyright (C) Herb Lewis 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "winbindd.h" -#include "libsmb/nmblib.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_WINBIND - -static struct node_status *lookup_byaddr_backend(TALLOC_CTX *mem_ctx, - const char *addr, int *count) -{ - struct sockaddr_storage ss; - struct nmb_name nname; - struct node_status *result; - NTSTATUS status; - - make_nmb_name(&nname, "*", 0); - if (!interpret_string_addr(&ss, addr, AI_NUMERICHOST)) { - return NULL; - } - status = node_status_query(mem_ctx, &nname, &ss, - &result, count, NULL); - if (!NT_STATUS_IS_OK(status)) { - return NULL; - } - return result; -} - -static struct sockaddr_storage *lookup_byname_backend(TALLOC_CTX *mem_ctx, - const char *name, - int *count) -{ - struct ip_service *ret = NULL; - struct sockaddr_storage *return_ss = NULL; - int j, i; - NTSTATUS status; - - *count = 0; - - /* always try with wins first */ - if (NT_STATUS_IS_OK(resolve_wins(name,0x20,&ret,count))) { - if ( *count == 0 ) - return NULL; - return_ss = TALLOC_ARRAY(mem_ctx, struct sockaddr_storage, - *count); - if (return_ss == NULL ) { - free( ret ); - return NULL; - } - - /* copy the IP addresses */ - for ( i=0; i<(*count); i++ ) - return_ss[i] = ret[i].ss; - - free( ret ); - return return_ss; - } - - /* uggh, we have to broadcast to each interface in turn */ - for (j=iface_count() - 1; - j >= 0; - j--) { - const struct sockaddr_storage *bcast_ss = iface_n_bcast(j); - if (!bcast_ss) { - continue; - } - status = name_query(name, 0x20, True, True,bcast_ss, - mem_ctx, &return_ss, count, NULL); - if (NT_STATUS_IS_OK(status)) { - break; - } - } - - return return_ss; -} - -/* Get hostname from IP */ - -void winbindd_wins_byip(struct winbindd_cli_state *state) -{ - fstring response; - int i, count, maxlen, size; - struct node_status *status; - - /* Ensure null termination */ - state->request->data.winsreq[sizeof(state->request->data.winsreq)-1]='\0'; - - DEBUG(3, ("[%5lu]: wins_byip %s\n", (unsigned long)state->pid, - state->request->data.winsreq)); - - *response = '\0'; - maxlen = sizeof(response) - 1; - - if ((status = lookup_byaddr_backend( - state->mem_ctx, state->request->data.winsreq, &count))) { - size = strlen(state->request->data.winsreq); - if (size > maxlen) { - TALLOC_FREE(status); - request_error(state); - return; - } - fstrcat(response,state->request->data.winsreq); - fstrcat(response,"\t"); - for (i = 0; i < count; i++) { - /* ignore group names */ - if (status[i].flags & 0x80) continue; - if (status[i].type == 0x20) { - size = sizeof(status[i].name) + strlen(response); - if (size > maxlen) { - TALLOC_FREE(status); - request_error(state); - return; - } - fstrcat(response, status[i].name); - fstrcat(response, " "); - } - } - /* make last character a newline */ - response[strlen(response)-1] = '\n'; - TALLOC_FREE(status); - } - fstrcpy(state->response->data.winsresp,response); - request_ok(state); -} - -/* Get IP from hostname */ - -void winbindd_wins_byname(struct winbindd_cli_state *state) -{ - struct sockaddr_storage *ip_list = NULL; - int i, count, maxlen, size; - fstring response; - char addr[INET6_ADDRSTRLEN]; - - /* Ensure null termination */ - state->request->data.winsreq[sizeof(state->request->data.winsreq)-1]='\0'; - - DEBUG(3, ("[%5lu]: wins_byname %s\n", (unsigned long)state->pid, - state->request->data.winsreq)); - - *response = '\0'; - maxlen = sizeof(response) - 1; - - ip_list = lookup_byname_backend( - state->mem_ctx, state->request->data.winsreq, &count); - if (ip_list != NULL){ - for (i = count; i ; i--) { - print_sockaddr(addr, sizeof(addr), &ip_list[i-1]); - size = strlen(addr); - if (size > maxlen) { - TALLOC_FREE(ip_list); - request_error(state); - return; - } - if (i != 0) { - /* Clear out the newline character */ - /* But only if there is something in there, - otherwise we clobber something in the stack */ - if (strlen(response)) { - response[strlen(response)-1] = ' '; - } - } - fstrcat(response,addr); - fstrcat(response,"\t"); - } - size = strlen(state->request->data.winsreq) + strlen(response); - if (size > maxlen) { - TALLOC_FREE(ip_list); - request_error(state); - return; - } - fstrcat(response,state->request->data.winsreq); - fstrcat(response,"\n"); - TALLOC_FREE(ip_list); - } else { - request_error(state); - return; - } - - fstrcpy(state->response->data.winsresp,response); - - request_ok(state); -} diff --git a/source3/winbindd/winbindd_wins_byip.c b/source3/winbindd/winbindd_wins_byip.c new file mode 100644 index 0000000000..4ae1b82ac2 --- /dev/null +++ b/source3/winbindd/winbindd_wins_byip.c @@ -0,0 +1,135 @@ +/* + Unix SMB/CIFS implementation. + async implementation of WINBINDD_WINS_BYIP + Copyright (C) Volker Lendecke 2011 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "winbindd.h" +#include "librpc/gen_ndr/ndr_wbint_c.h" +#include "libsmb/nmblib.h" + +struct winbindd_wins_byip_state { + struct nmb_name star; + struct sockaddr_storage addr; + fstring response; +}; + +static void winbindd_wins_byip_done(struct tevent_req *subreq); + +struct tevent_req *winbindd_wins_byip_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct winbindd_cli_state *cli, + struct winbindd_request *request) +{ + struct tevent_req *req, *subreq; + struct winbindd_wins_byip_state *state; + + req = tevent_req_create(mem_ctx, &state, + struct winbindd_wins_byip_state); + if (req == NULL) { + return NULL; + } + + /* Ensure null termination */ + request->data.winsreq[sizeof(request->data.winsreq)-1]='\0'; + + fstr_sprintf(state->response, "%s\t", request->data.winsreq); + + DEBUG(3, ("[%5lu]: wins_byip %s\n", (unsigned long)cli->pid, + request->data.winsreq)); + + make_nmb_name(&state->star, "*", 0); + + if (!interpret_string_addr(&state->addr, request->data.winsreq, + AI_NUMERICHOST)) { + tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER); + return tevent_req_post(req, ev); + } + + subreq = node_status_query_send(state, ev, &state->star, + &state->addr); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, winbindd_wins_byip_done, req); + return req; +} + +static void winbindd_wins_byip_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct winbindd_wins_byip_state *state = tevent_req_data( + req, struct winbindd_wins_byip_state); + struct node_status *names; + int i, num_names; + NTSTATUS status; + + status = node_status_query_recv(subreq, talloc_tos(), &names, + &num_names, NULL); + TALLOC_FREE(subreq); + if (tevent_req_nterror(req, status)) { + return; + } + + for (i=0; i<num_names; i++) { + size_t size; + /* + * ignore group names + */ + if (names[i].flags & 0x80) { + continue; + } + /* + * Only report 0x20 + */ + if (names[i].type != 0x20) { + continue; + } + + DEBUG(10, ("got name %s\n", names[i].name)); + + size = strlen(names[i].name + strlen(state->response)); + if (size > sizeof(state->response) - 1) { + DEBUG(10, ("To much data\n")); + tevent_req_nterror(req, STATUS_BUFFER_OVERFLOW); + return; + } + fstrcat(state->response, names[i].name); + fstrcat(state->response, " "); + } + state->response[strlen(state->response)-1] = '\n'; + + DEBUG(10, ("response: %s", state->response)); + + TALLOC_FREE(names); + tevent_req_done(req); +} + +NTSTATUS winbindd_wins_byip_recv(struct tevent_req *req, + struct winbindd_response *presp) +{ + struct winbindd_wins_byip_state *state = tevent_req_data( + req, struct winbindd_wins_byip_state); + NTSTATUS status; + + if (tevent_req_is_nterror(req, &status)) { + return status; + } + fstrcpy(presp->data.winsresp, state->response); + return NT_STATUS_OK; +} diff --git a/source3/winbindd/winbindd_wins_byname.c b/source3/winbindd/winbindd_wins_byname.c new file mode 100644 index 0000000000..ad642d479d --- /dev/null +++ b/source3/winbindd/winbindd_wins_byname.c @@ -0,0 +1,149 @@ +/* + Unix SMB/CIFS implementation. + async implementation of WINBINDD_WINS_BYNAME + Copyright (C) Volker Lendecke 2011 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "winbindd.h" +#include "librpc/gen_ndr/ndr_wbint_c.h" +#include "libsmb/nmblib.h" +#include "lib/util/string_wrappers.h" + +struct winbindd_wins_byname_state { + struct tevent_context *ev; + struct winbindd_request *request; + struct sockaddr_storage *addrs; + int num_addrs; +}; + +static void winbindd_wins_byname_wins_done(struct tevent_req *subreq); +static void winbindd_wins_byname_bcast_done(struct tevent_req *subreq); + +struct tevent_req *winbindd_wins_byname_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct winbindd_cli_state *cli, + struct winbindd_request *request) +{ + struct tevent_req *req, *subreq; + struct winbindd_wins_byname_state *state; + + req = tevent_req_create(mem_ctx, &state, + struct winbindd_wins_byname_state); + if (req == NULL) { + return NULL; + } + state->ev = ev; + state->request = request; + + /* Ensure null termination */ + request->data.winsreq[sizeof(request->data.winsreq)-1]='\0'; + + DEBUG(3, ("[%5lu]: wins_byname %s\n", (unsigned long)cli->pid, + request->data.winsreq)); + + subreq = resolve_wins_send(state, ev, state->request->data.winsreq, + 0x20); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, winbindd_wins_byname_wins_done, req); + return req; +} + +static void winbindd_wins_byname_wins_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct winbindd_wins_byname_state *state = tevent_req_data( + req, struct winbindd_wins_byname_state); + NTSTATUS status; + + status = resolve_wins_recv(subreq, talloc_tos(), &state->addrs, + &state->num_addrs, NULL); + TALLOC_FREE(subreq); + if (NT_STATUS_IS_OK(status)) { + tevent_req_done(req); + return; + } + subreq = name_resolve_bcast_send(state, state->ev, + state->request->data.winsreq, 0x20); + if (tevent_req_nomem(subreq, req)) { + return; + } + tevent_req_set_callback(subreq, winbindd_wins_byname_bcast_done, req); +} + +static void winbindd_wins_byname_bcast_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct winbindd_wins_byname_state *state = tevent_req_data( + req, struct winbindd_wins_byname_state); + NTSTATUS status; + + status = name_resolve_bcast_recv(subreq, talloc_tos(), &state->addrs, + &state->num_addrs); + TALLOC_FREE(subreq); + if (tevent_req_nterror(req, status)) { + return; + } + tevent_req_done(req); +} + +NTSTATUS winbindd_wins_byname_recv(struct tevent_req *req, + struct winbindd_response *presp) +{ + struct winbindd_wins_byname_state *state = tevent_req_data( + req, struct winbindd_wins_byname_state); + char *response; + NTSTATUS status; + int i; + + if (tevent_req_is_nterror(req, &status)) { + return status; + } + + response = talloc_strdup(talloc_tos(), ""); + if (response == NULL) { + return NT_STATUS_NO_MEMORY; + } + + for (i=0; i<state->num_addrs; i++) { + char addr[INET6_ADDRSTRLEN]; + print_sockaddr(addr, sizeof(addr), &state->addrs[i]); + + response = talloc_asprintf_append_buffer( + response, "%s\t", addr); + if (response == NULL) { + return NT_STATUS_NO_MEMORY; + } + } + + response = talloc_asprintf_append_buffer( + response, "%s\n", state->request->data.winsreq); + if (response == NULL) { + return NT_STATUS_NO_MEMORY; + } + + if (talloc_get_size(response) > sizeof(presp->data.winsresp)) { + TALLOC_FREE(response); + return NT_STATUS_MARSHALL_OVERFLOW; + } + fstrcpy(presp->data.winsresp, response); + TALLOC_FREE(response); + return NT_STATUS_OK; +} diff --git a/source3/winbindd/wscript_build b/source3/winbindd/wscript_build index dbae11697e..6754f35410 100644 --- a/source3/winbindd/wscript_build +++ b/source3/winbindd/wscript_build @@ -24,6 +24,7 @@ IDMAP_SRC = 'idmap.c idmap_util.c ${IDMAP_RW_SRC}' bld.SAMBA3_SUBSYSTEM('idmap', source=IDMAP_SRC, + deps='samba-util', vars=locals()) bld.SAMBA3_SUBSYSTEM('IDMAP_ADEX', @@ -33,6 +34,7 @@ bld.SAMBA3_SUBSYSTEM('IDMAP_ADEX', bld.SAMBA3_SUBSYSTEM('IDMAP_HASH', source=IDMAP_HASH_SRC, + deps='samba-util', vars=locals()) bld.SAMBA3_SUBSYSTEM('IDMAP_AD', @@ -58,6 +60,7 @@ bld.SAMBA3_MODULE('idmap_rid', bld.SAMBA3_MODULE('idmap_passdb', subsystem='idmap', source=IDMAP_PASSDB_SRC, + deps='samba-util', init_function='', internal_module=bld.SAMBA3_IS_STATIC_MODULE('idmap_passdb'), enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_passdb')) @@ -72,6 +75,7 @@ bld.SAMBA3_MODULE('idmap_ldap', bld.SAMBA3_MODULE('idmap_nss', subsystem='idmap', source=IDMAP_NSS_SRC, + deps='samba-util', init_function='', internal_module=bld.SAMBA3_IS_STATIC_MODULE('idmap_nss'), enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_nss')) @@ -79,6 +83,7 @@ bld.SAMBA3_MODULE('idmap_nss', bld.SAMBA3_MODULE('idmap_tdb', subsystem='idmap', source=IDMAP_TDB_SRC, + deps='samba-util', init_function='', internal_module=bld.SAMBA3_IS_STATIC_MODULE('idmap_tdb'), enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_tdb')) @@ -86,6 +91,7 @@ bld.SAMBA3_MODULE('idmap_tdb', bld.SAMBA3_MODULE('idmap_tdb2', subsystem='idmap', source=IDMAP_TDB2_SRC, + deps='samba-util', init_function='', internal_module=bld.SAMBA3_IS_STATIC_MODULE('idmap_tdb2'), enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_tdb2')) @@ -109,6 +115,7 @@ bld.SAMBA3_MODULE('idmap_adex', bld.SAMBA3_MODULE('idmap_autorid', subsystem='idmap', source=IDMAP_AUTORID_SRC, + deps='samba-util', init_function='', internal_module=bld.SAMBA3_IS_STATIC_MODULE('idmap_autorid'), enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_autorid')) @@ -119,11 +126,13 @@ NSS_INFO_SRC = 'nss_info.c' bld.SAMBA3_SUBSYSTEM('nss_info', source=NSS_INFO_SRC, + deps='samba-util', vars=locals()) bld.SAMBA3_MODULE('nss_info_template', subsystem='nss_info', source=NSS_INFO_TEMPLATE_SRC, + deps='samba-util', init_function='', internal_module=bld.SAMBA3_IS_STATIC_MODULE('nss_info_template'), enabled=bld.SAMBA3_IS_ENABLED_MODULE('nss_info_template')) |