summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/Makefile.in9
-rw-r--r--source3/auth/auth_util.c61
-rw-r--r--source3/configure.in315
-rw-r--r--source3/include/includes.h5
-rw-r--r--source3/include/proto.h30
-rw-r--r--source3/include/rpc_spoolss.h15
-rw-r--r--source3/lib/time.c66
-rw-r--r--source3/lib/winbind_util.c131
-rw-r--r--source3/modules/onefs_acl.c6
-rw-r--r--source3/modules/onefs_open.c5
-rw-r--r--source3/passdb/passdb.c19
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c22
-rw-r--r--source3/winbindd/winbindd.c3
-rw-r--r--source3/winbindd/winbindd_async.c90
-rw-r--r--source3/winbindd/winbindd_domain.c4
-rw-r--r--source3/winbindd/winbindd_group.c115
-rw-r--r--source3/winbindd/winbindd_proto.h4
-rw-r--r--source3/winbindd/winbindd_user.c28
18 files changed, 409 insertions, 519 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 2d2d9a0c6d..948403248d 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -2813,7 +2813,8 @@ TOPFILES=dynconfig.o localedir.o
cleanlibs::
-rm -f ../lib/*/*.o ../lib/*/*/*.o \
- ../libcli/*.o ../libcli/*/*.o
+ ../libcli/*.o ../libcli/*/*.o \
+ ../librpc/*/*.o
clean:: cleanlibs
-rm -f include/build_env.h
@@ -2822,15 +2823,13 @@ clean:: cleanlibs
-rm -f core */*~ *~ \
*/*.o */*/*.o */*/*/*.o \
../testsuite/*/*.o \
+ ../nsswitch/*.o ../nsswitch/*/*.o ../nsswitch/*.@SHLIBEXT@ \
*/*.@SHLIBEXT@ */*/*.@SHLIBEXT@ */*/*/*.@SHLIBEXT@ \
$(TOPFILES) $(BIN_PROGS) $(SBIN_PROGS) $(ROOT_SBIN_PROGS) \
$(MODULES) $(TORTURE_PROGS) \
$(EVERYTHING_PROGS) \
bin/timelimit \
- .headers.stamp */src/*.o \
- ../lib/*/*.o \
- ../libcli/*.o ../libcli/*/*.o \
- ../librpc/*/*.o
+ .headers.stamp */src/*.o
-rm -rf t_dir
include/build_env.h: script/build_env.sh
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index e3677c41a4..f942b2e50a 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -186,13 +186,15 @@ static NTSTATUS make_user_info(auth_usersupplied_info **user_info,
Create an auth_usersupplied_data structure after appropriate mapping.
****************************************************************************/
-NTSTATUS make_user_info_map(auth_usersupplied_info **user_info,
- const char *smb_name,
- const char *client_domain,
- const char *wksta_name,
- DATA_BLOB *lm_pwd, DATA_BLOB *nt_pwd,
- DATA_BLOB *lm_interactive_pwd, DATA_BLOB *nt_interactive_pwd,
- DATA_BLOB *plaintext,
+NTSTATUS make_user_info_map(auth_usersupplied_info **user_info,
+ const char *smb_name,
+ const char *client_domain,
+ const char *wksta_name,
+ DATA_BLOB *lm_pwd,
+ DATA_BLOB *nt_pwd,
+ DATA_BLOB *lm_interactive_pwd,
+ DATA_BLOB *nt_interactive_pwd,
+ DATA_BLOB *plaintext,
bool encrypted)
{
const char *domain;
@@ -200,12 +202,12 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info,
bool was_mapped;
fstring internal_username;
fstrcpy(internal_username, smb_name);
- was_mapped = map_username(internal_username);
-
- DEBUG(5, ("make_user_info_map: Mapping user [%s]\\[%s] from workstation [%s]\n",
- client_domain, smb_name, wksta_name));
-
- /* don't allow "" as a domain, fixes a Win9X bug
+ was_mapped = map_username(internal_username);
+
+ DEBUG(5, ("Mapping user [%s]\\[%s] from workstation [%s]\n",
+ client_domain, smb_name, wksta_name));
+
+ /* don't allow "" as a domain, fixes a Win9X bug
where it doens't supply a domain for logon script
'net use' commands. */
@@ -214,16 +216,27 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info,
else
domain = lp_workgroup();
- /* do what win2k does. Always map unknown domains to our own
- and let the "passdb backend" handle unknown users. */
+ /* If you connect to a Windows domain member using a bogus domain name,
+ * the Windows box will map the BOGUS\user to SAMNAME\user. Thus, if
+ * the Windows box is a DC the name will become DOMAIN\user and be
+ * authenticated against AD, if the Windows box is a member server but
+ * not a DC the name will become WORKSTATION\user. A standalone
+ * non-domain member box will also map to WORKSTATION\user. */
- if ( !is_trusted_domain(domain) && !strequal(domain, get_global_sam_name()) )
- domain = my_sam_name();
-
- /* we know that it is a trusted domain (and we are allowing them) or it is our domain */
-
- result = make_user_info(user_info, smb_name, internal_username,
- client_domain, domain, wksta_name,
+ if (!is_trusted_domain(domain) &&
+ !strequal(domain, get_global_sam_name()) )
+ {
+ domain = get_global_sam_name();
+ DEBUG(5, ("Mapped domain from [%s] to [%s] for user [%s] on "
+ "workstation [%s]\n",
+ client_domain, domain, smb_name, wksta_name));
+ }
+
+ /* we know that it is a trusted domain (and we are allowing them) or it
+ * is our domain */
+
+ result = make_user_info(user_info, smb_name, internal_username,
+ client_domain, domain, wksta_name,
lm_pwd, nt_pwd,
lm_interactive_pwd, nt_interactive_pwd,
plaintext, encrypted);
@@ -573,8 +586,6 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info,
}
result->sam_account = sampass;
- /* Ensure that the sampass will be freed with the result */
- talloc_steal(result, sampass);
result->unix_name = pwd->pw_name;
/* Ensure that we keep pwd->pw_name, because we will free pwd below */
talloc_steal(result, pwd->pw_name);
@@ -665,6 +676,8 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info,
pdb_get_username(sampass), result->unix_name));
*server_info = result;
+ /* Ensure that the sampass will be freed with the result */
+ talloc_steal(result, sampass);
return NT_STATUS_OK;
}
diff --git a/source3/configure.in b/source3/configure.in
index 10ce6f6e5e..d11ece1b53 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -703,18 +703,6 @@ CPPFLAGS="$old_CPPFLAGS"
# subdirectory of headers.
AC_CHECK_HEADERS(valgrind.h valgrind/valgrind.h valgrind/memcheck.h)
-# check for linux on amd64 since valgrind is not quite there yet
-case "$host_os" in
- *linux*)
- case "$UNAME_P" in
- *x86_64*)
- AC_DEFINE(HAVE_64BIT_LINUX,1,[Whether we are running on 64bit linux])
- ;;
- esac
- ;;
-esac
-
-
#
# HPUX has a bug in that including shadow.h causes a re-definition of MAXINT.
# This causes configure to fail to detect it. Check for shadow separately on HPUX.
@@ -1041,8 +1029,7 @@ AC_CHECK_FUNCS(getdents64)
AC_CHECK_FUNCS(setenv strcasecmp fcvt fcvtl)
AC_CHECK_FUNCS(syslog vsyslog timegm)
AC_CHECK_FUNCS(setlocale nl_langinfo)
-AC_CHECK_FUNCS(nanosleep)
-AC_CHECK_LIB_EXT(rt, LIBS, nanosleep)
+AC_CHECK_FUNCS(nanosleep,,[AC_CHECK_LIB_EXT(rt, LIBS, nanosleep)])
AC_CHECK_FUNCS(mlock munlock mlockall munlockall)
AC_CHECK_FUNCS(memalign posix_memalign hstrerror)
AC_CHECK_HEADERS(sys/mman.h)
@@ -1311,301 +1298,29 @@ fi
#################################################
# Check whether struct stat has timestamps with sub-second resolution.
-# At least IRIX and Solaris have these. FREEBSD does as well,
-# but with different members
-#
-# We check that
-# all of st_mtim, st_atim and st_ctim exist
-# all of the members are in fact of type struct timespec
#
-# There is some conflicting standards weirdness about whether we should use
-# "struct timespec" or "timespec_t". Linux doesn't have timespec_t, so we
-# prefer struct timespec.
-AC_CACHE_CHECK([whether struct stat has timespec timestamps],
- samba_cv_stat_timespec_hires,
- [
- AC_TRY_COMPILE(
- [
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
- ],
- [
- struct timespec t;
- struct stat s = {0};
- t = s.st_mtimespec;
- t = s.st_ctimespec;
- t = s.st_atimespec;
- ],
- samba_cv_stat_timespec_hires=yes, samba_cv_stat_timespec_hires=no)
- ])
-
-if test x"$samba_cv_stat_timespec_hires" = x"yes" ; then
- AC_DEFINE(HAVE_STAT_ST_MTIMESPEC, 1, [whether struct stat contains st_mtimepec])
- AC_DEFINE(HAVE_STAT_ST_ATIMESPEC, 1, [whether struct stat contains st_atimespec])
- AC_DEFINE(HAVE_STAT_ST_CTIMESPEC, 1, [whether struct stat contains st_ctimespec])
- AC_DEFINE(HAVE_STAT_HIRES_TIMESTAMPS, 1, [whether struct stat has sub-second timestamps])
-fi
-
-
-AC_CACHE_CHECK([whether struct stat has sub-second timestamps], samba_cv_stat_hires,
- [
- AC_TRY_COMPILE(
- [
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
- ],
- [
- struct timespec t;
- struct stat s = {0};
- t.tv_sec = s.st_mtim.tv_sec;
- t.tv_nsec = s.st_mtim.tv_nsec;
- t.tv_sec = s.st_ctim.tv_sec;
- t.tv_nsec = s.st_ctim.tv_nsec;
- t.tv_sec = s.st_atim.tv_sec;
- t.tv_nsec = s.st_atim.tv_nsec;
- ],
- samba_cv_stat_hires=yes, samba_cv_stat_hires=no)
- ])
+samba_cv_stat_hires=no
+AC_CHECK_MEMBERS([struct stat.st_mtim.tv_nsec], # Linux, Solaris
+ [samba_cv_stat_hires=yes])
+AC_CHECK_MEMBERS([struct stat.st_mtimensec], # BSD, if defined _POSIX_SOURCE
+ [samba_cv_stat_hires=yes])
+AC_CHECK_MEMBERS([struct stat.st_mtimespec.tv_nsec], # BSD, if not defined _POSIX_SOURCE
+ [samba_cv_stat_hires=yes])
+AC_CHECK_MEMBERS([struct stat.st_mtime_n], # AIX
+ [samba_cv_stat_hires=yes])
+AC_CHECK_MEMBERS([struct stat.st_umtime], # Tru64
+ [samba_cv_stat_hires=yes])
if test x"$samba_cv_stat_hires" = x"yes" ; then
- AC_DEFINE(HAVE_STAT_ST_MTIM, 1, [whether struct stat contains st_mtim])
- AC_DEFINE(HAVE_STAT_ST_ATIM, 1, [whether struct stat contains st_atim])
- AC_DEFINE(HAVE_STAT_ST_CTIM, 1, [whether struct stat contains st_ctim])
AC_DEFINE(HAVE_STAT_HIRES_TIMESTAMPS, 1,
[whether struct stat has sub-second timestamps])
fi
-AC_CACHE_CHECK([whether struct stat has sub-second timestamps without struct timespec suffixed nsec], samba_cv_stat_hires_notimespec,
- [
- AC_TRY_COMPILE(
- [
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
- ],
- [
- struct timespec t;
- struct stat s = {0};
- t.tv_sec = s.st_mtime;
- t.tv_nsec = s.st_mtimensec;
- t.tv_sec = s.st_ctime;
- t.tv_nsec = s.st_ctimensec;
- t.tv_sec = s.st_atime;
- t.tv_nsec = s.st_atimensec;
- ],
- samba_cv_stat_hires_notimespec=yes, samba_cv_stat_hires_notimespec=no)
- ])
-
-if test x"$samba_cv_stat_hires_notimespec" = x"yes" ; then
- AC_DEFINE(HAVE_STAT_ST_MTIMENSEC, 1, [whether struct stat contains st_mtimensec])
- AC_DEFINE(HAVE_STAT_ST_ATIMENSEC, 1, [whether struct stat contains st_atimensec])
- AC_DEFINE(HAVE_STAT_ST_CTIMENSEC, 1, [whether struct stat contains st_ctimensec])
- AC_DEFINE(HAVE_STAT_HIRES_TIMESTAMPS, 1,
- [whether struct stat has sub-second timestamps without struct timespec suffixed nsec])
-fi
-
-dnl AIX stype sub-second timestamps:
-AC_CACHE_CHECK([whether struct stat has sub-second timestamps without struct timespec suffixed _n], samba_cv_stat_hires_notimespec_n,
- [
- AC_TRY_COMPILE(
- [
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
- ],
- [
- struct timespec t;
- struct stat s = {0};
- t.tv_sec = s.st_mtime;
- t.tv_nsec = s.st_mtime_n;
- t.tv_sec = s.st_ctime;
- t.tv_nsec = s.st_ctime_n;
- t.tv_sec = s.st_atime;
- t.tv_nsec = s.st_atime_n;
- ],
- samba_cv_stat_hires_notimespec_n=yes, samba_cv_stat_hires_notimespec_n=no)
- ])
-
-if test x"$samba_cv_stat_hires_notimespec_n" = x"yes" ; then
- AC_DEFINE(HAVE_STAT_ST_MTIME_N, 1, [whether struct stat contains st_mtime_n])
- AC_DEFINE(HAVE_STAT_ST_ATIME_N, 1, [whether struct stat contains st_atime_n])
- AC_DEFINE(HAVE_STAT_ST_CTIME_N, 1, [whether struct stat contains st_ctime_n])
- AC_DEFINE(HAVE_STAT_HIRES_TIMESTAMPS, 1,
- [whether struct stat has sub-second timestamps without struct timespec suffixed _n])
-fi
-
-dnl Tru64 has _micro_second_ resolution:
-AC_CACHE_CHECK([whether struct stat has sub-second timestamps in st_uXtime], samba_cv_stat_hires_uxtime,
- [
- AC_TRY_COMPILE(
- [
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
- ],
- [
- struct timespec t;
- struct stat s = {0};
- t.tv_sec = s.st_mtime;
- t.tv_nsec = s.st_umtime * 1000;
- t.tv_sec = s.st_ctime;
- t.tv_nsec = s.st_uctime * 1000;
- t.tv_sec = s.st_atime;
- t.tv_nsec = s.st_uatime * 1000;
- ],
- samba_cv_stat_hires_uxtime=yes, samba_cv_stat_hires_uxtime=no)
- ])
-
-if test x"$samba_cv_stat_hires_uxtime" = x"yes" ; then
- AC_DEFINE(HAVE_STAT_ST_UMTIME, 1, [whether struct stat contains st_umtime])
- AC_DEFINE(HAVE_STAT_ST_UATIME, 1, [whether struct stat contains st_uatime])
- AC_DEFINE(HAVE_STAT_ST_UCTIME, 1, [whether struct stat contains st_uctime])
- AC_DEFINE(HAVE_STAT_HIRES_TIMESTAMPS, 1,
- [whether struct stat has sub-second timestamps in st_uXtime])
-fi
-
-AC_CACHE_CHECK([whether struct stat has st_birthtimespec], samba_cv_stat_st_birthtimespec,
- [
- AC_TRY_COMPILE(
- [
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
- ],
- [
- struct timespec t;
- struct stat s = {0};
- t = s.st_birthtimespec;
- ],
- samba_cv_stat_st_birthtimespec=yes, samba_cv_stat_st_birthtimespec=no)
- ])
-
-if test x"$samba_cv_stat_st_birthtimespec" = x"yes" ; then
- AC_DEFINE(HAVE_STAT_ST_BIRTHTIMESPEC, 1, [whether struct stat contains st_birthtimespec])
-fi
-
-AC_CACHE_CHECK([whether struct stat has st_birthtimensec], samba_cv_stat_st_birthtimensec,
- [
- AC_TRY_COMPILE(
- [
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
- ],
- [
- struct timespec t;
- struct stat s = {0};
- t.tv_nsec = s.st_birthtimensec;
- ],
- samba_cv_stat_st_birthtimensec=yes, samba_cv_stat_st_birthtimensec=no)
- ])
+# recent FreeBSD, NetBSD have creation timestamps called birthtime:
+AC_CHECK_MEMBERS([struct stat.st_birthtimespec.tv_nsec])
+AC_CHECK_MEMBERS([struct stat.st_birthtime], AC_CHECK_MEMBERS([struct stat.st_birthtimensec]))
-if test x"$samba_cv_stat_st_birthtimensec" = x"yes" ; then
- AC_DEFINE(HAVE_STAT_ST_BIRTHTIMENSEC, 1, [whether struct stat contains st_birthtimensec])
-fi
-
-AC_CACHE_CHECK([whether struct stat has st_birthtime], samba_cv_stat_st_birthtime,
- [
- AC_TRY_COMPILE(
- [
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
- ],
- [
- struct time_t t;
- struct stat s = {0};
- t = s.st_birthtime;
- ],
- samba_cv_stat_st_birthtime=yes, samba_cv_stat_st_birthtime=no)
- ])
-
-if test x"$samba_cv_stat_st_birthtime" = x"yes" ; then
- AC_DEFINE(HAVE_STAT_ST_BIRTHTIME, 1, [whether struct stat contains st_birthtime])
-fi
AC_CACHE_CHECK([whether there is DOS flags support in the stat struct], samba_cv_stat_dos_flags,
[
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 095fcaa3da..fc77534402 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -241,8 +241,6 @@ typedef int ber_int_t;
#include <aio.h>
#endif
-/* skip valgrind headers on 64bit AMD boxes */
-#ifndef HAVE_64BIT_LINUX
/* Special macros that are no-ops except when run under Valgrind on
* x86. They've moved a little bit from valgrind 1.0.4 to 1.9.4 */
#if HAVE_VALGRIND_MEMCHECK_H
@@ -251,12 +249,11 @@ typedef int ber_int_t;
#elif HAVE_VALGRIND_H
#include <valgrind.h>
#endif
-#endif
/* If we have --enable-developer and the valgrind header is present,
* then we're OK to use it. Set a macro so this logic can be done only
* once. */
-#if defined(DEVELOPER) && !defined(HAVE_64BIT_LINUX)
+#if defined(DEVELOPER)
#if (HAVE_VALGRIND_H || HAVE_VALGRIND_VALGRIND_H)
#define VALGRIND
#endif
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 8f05c9473d..3478ea4f85 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1660,6 +1660,8 @@ bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid);
bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid);
bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid);
bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid);
+struct passwd * winbind_getpwnam(const char * sname);
+struct passwd * winbind_getpwsid(const DOM_SID *sid);
wbcErr wb_is_trusted_domain(const char *domain);
bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
const DOM_SID *domain_sid,
@@ -1668,22 +1670,17 @@ bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
const char ***names, enum lsa_SidType **types);
bool winbind_allocate_uid(uid_t *uid);
bool winbind_allocate_gid(gid_t *gid);
-bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
- enum lsa_SidType *name_type);
-bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
- const char **domain, const char **name,
- enum lsa_SidType *name_type);
-bool winbind_ping(void);
-bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid);
-bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid);
-bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid);
-bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid);
-wbcErr wb_is_trusted_domain(const char *domain);
-bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
- const DOM_SID *domain_sid,
- int num_rids, uint32 *rids,
- const char **domain_name,
- const char ***names, enum lsa_SidType **types);
+bool winbind_get_groups(TALLOC_CTX *mem_ctx,
+ const char *account,
+ uint32_t *num_groups,
+ gid_t ** _groups);
+bool winbind_get_sid_aliases(TALLOC_CTX *mem_ctx,
+ const DOM_SID *dom_sid,
+ const DOM_SID *members,
+ size_t num_members,
+ uint32_t **pp_alias_rids,
+ size_t *p_num_alias_rids);
+
/* The following definitions come from lib/wins_srv.c */
@@ -4423,7 +4420,6 @@ bool sid_check_is_in_our_domain(const DOM_SID *sid);
/* The following definitions come from passdb/passdb.c */
-const char *my_sam_name(void);
struct samu *samu_new( TALLOC_CTX *ctx );
NTSTATUS samu_set_unix(struct samu *user, const struct passwd *pwd);
NTSTATUS samu_alloc_rid_unix(struct samu *user, const struct passwd *pwd);
diff --git a/source3/include/rpc_spoolss.h b/source3/include/rpc_spoolss.h
index ac306e69e3..472ce45758 100644
--- a/source3/include/rpc_spoolss.h
+++ b/source3/include/rpc_spoolss.h
@@ -122,12 +122,6 @@
#define SPL_XCV_MONITOR_TCPMON ",XcvMonitor Standard TCP/IP Port"
-#define PRINTER_CONTROL_UNPAUSE 0x00000000
-#define PRINTER_CONTROL_PAUSE 0x00000001
-#define PRINTER_CONTROL_RESUME 0x00000002
-#define PRINTER_CONTROL_PURGE 0x00000003
-#define PRINTER_CONTROL_SET_STATUS 0x00000004
-
#define PRINTER_STATUS_OK 0x00000000
#define JOB_ACCESS_READ 0x00000020
@@ -217,8 +211,6 @@
#define PRINTER_NOTIFY_OPTIONS_REFRESH 0x01
-#define PRINTER_NOTIFY_INFO_DISCARDED 0x1
-
/*
* Set of macros for flagging what changed in the PRINTER_INFO_2 struct
* when sending messages to other smbd's
@@ -270,13 +262,6 @@ PRINTER_MESSAGE_INFO;
#define DRIVER_ANY_VERSION 0xffffffff
#define DRIVER_MAX_VERSION 4
-/* FLAGS for SPOOLSS_ADDPRINTERDRIVEREX */
-
-#define APD_STRICT_UPGRADE 0x00000001
-#define APD_STRICT_DOWNGRADE 0x00000002
-#define APD_COPY_ALL_FILES 0x00000004
-#define APD_COPY_NEW_FILES 0x00000008
-
/* this struct is undocumented */
/* thanks to the ddk ... */
diff --git a/source3/lib/time.c b/source3/lib/time.c
index e2cfe687b2..865456b23b 100644
--- a/source3/lib/time.c
+++ b/source3/lib/time.c
@@ -360,12 +360,12 @@ struct timespec get_create_timespec(const SMB_STRUCT_STAT *pst,bool fake_dirs)
return ret;
}
-#if defined(HAVE_STAT_ST_BIRTHTIMESPEC)
+#if defined(HAVE_STRUCT_STAT_ST_BIRTHTIMESPEC_TV_NSEC)
ret = pst->st_birthtimespec;
-#elif defined(HAVE_STAT_ST_BIRTHTIMENSEC)
+#elif defined(HAVE_STRUCT_STAT_ST_BIRTHTIMENSEC)
ret.tv_sec = pst->st_birthtime;
ret.tv_nsec = pst->st_birthtimenspec;
-#elif defined(HAVE_STAT_ST_BIRTHTIME)
+#elif defined(HAVE_STRUCT_STAT_ST_BIRTHTIME)
ret.tv_sec = pst->st_birthtime;
ret.tv_nsec = 0;
#else
@@ -397,24 +397,24 @@ struct timespec get_atimespec(const SMB_STRUCT_STAT *pst)
ret.tv_nsec = 0;
return ret;
#else
-#if defined(HAVE_STAT_ST_ATIM)
+#if defined(HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC)
return pst->st_atim;
-#elif defined(HAVE_STAT_ST_ATIMENSEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMENSEC)
struct timespec ret;
ret.tv_sec = pst->st_atime;
ret.tv_nsec = pst->st_atimensec;
return ret;
-#elif defined(HAVE_STAT_ST_ATIME_N)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIME_N)
struct timespec ret;
ret.tv_sec = pst->st_atime;
ret.tv_nsec = pst->st_atime_n;
return ret;
-#elif defined(HAVE_STAT_ST_UATIME)
+#elif defined(HAVE_STRUCT_STAT_ST_UMTIME)
struct timespec ret;
ret.tv_sec = pst->st_atime;
ret.tv_nsec = pst->st_uatime * 1000;
return ret;
-#elif defined(HAVE_STAT_ST_ATIMESPEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC)
return pst->st_atimespec;
#else
#error CONFIGURE_ERROR_IN_DETECTING_TIMESPEC_IN_STAT
@@ -428,18 +428,18 @@ void set_atimespec(SMB_STRUCT_STAT *pst, struct timespec ts)
/* Old system - no ns timestamp. */
pst->st_atime = ts.tv_sec;
#else
-#if defined(HAVE_STAT_ST_ATIM)
+#if defined(HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC)
pst->st_atim = ts;
-#elif defined(HAVE_STAT_ST_ATIMENSEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMENSEC)
pst->st_atime = ts.tv_sec;
pst->st_atimensec = ts.tv_nsec;
-#elif defined(HAVE_STAT_ST_ATIME_N)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIME_N)
pst->st_atime = ts.tv_sec;
pst->st_atime_n = ts.tv_nsec;
-#elif defined(HAVE_STAT_ST_UATIME)
+#elif defined(HAVE_STRUCT_STAT_ST_UMTIME)
pst->st_atime = ts.tv_sec;
pst->st_uatime = ts.tv_nsec / 1000;
-#elif defined(HAVE_STAT_ST_ATIMESPEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC)
pst->st_atimespec = ts;
#else
#error CONFIGURE_ERROR_IN_DETECTING_TIMESPEC_IN_STAT
@@ -457,24 +457,24 @@ struct timespec get_mtimespec(const SMB_STRUCT_STAT *pst)
ret.tv_nsec = 0;
return ret;
#else
-#if defined(HAVE_STAT_ST_MTIM)
+#if defined(HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC)
return pst->st_mtim;
-#elif defined(HAVE_STAT_ST_MTIMENSEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMENSEC)
struct timespec ret;
ret.tv_sec = pst->st_mtime;
ret.tv_nsec = pst->st_mtimensec;
return ret;
-#elif defined(HAVE_STAT_ST_MTIME_N)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIME_N)
struct timespec ret;
ret.tv_sec = pst->st_mtime;
ret.tv_nsec = pst->st_mtime_n;
return ret;
-#elif defined(HAVE_STAT_ST_UMTIME)
+#elif defined(HAVE_STRUCT_STAT_ST_UMTIME)
struct timespec ret;
ret.tv_sec = pst->st_mtime;
ret.tv_nsec = pst->st_umtime * 1000;
return ret;
-#elif defined(HAVE_STAT_ST_MTIMESPEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC)
return pst->st_mtimespec;
#else
#error CONFIGURE_ERROR_IN_DETECTING_TIMESPEC_IN_STAT
@@ -488,18 +488,18 @@ void set_mtimespec(SMB_STRUCT_STAT *pst, struct timespec ts)
/* Old system - no ns timestamp. */
pst->st_mtime = ts.tv_sec;
#else
-#if defined(HAVE_STAT_ST_MTIM)
+#if defined(HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC)
pst->st_mtim = ts;
-#elif defined(HAVE_STAT_ST_MTIMENSEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMENSEC)
pst->st_mtime = ts.tv_sec;
pst->st_mtimensec = ts.tv_nsec;
-#elif defined(HAVE_STAT_ST_MTIME_N)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIME_N)
pst->st_mtime = ts.tv_sec;
pst->st_mtime_n = ts.tv_nsec;
-#elif defined(HAVE_STAT_ST_UMTIME)
+#elif defined(HAVE_STRUCT_STAT_ST_UMTIME)
pst->st_mtime = ts.tv_sec;
pst->st_umtime = ts.tv_nsec / 1000;
-#elif defined(HAVE_STAT_ST_MTIMESPEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC)
pst->st_mtimespec = ts;
#else
#error CONFIGURE_ERROR_IN_DETECTING_TIMESPEC_IN_STAT
@@ -517,24 +517,24 @@ struct timespec get_ctimespec(const SMB_STRUCT_STAT *pst)
ret.tv_nsec = 0;
return ret;
#else
-#if defined(HAVE_STAT_ST_CTIM)
+#if defined(HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC)
return pst->st_ctim;
-#elif defined(HAVE_STAT_ST_CTIMENSEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMENSEC)
struct timespec ret;
ret.tv_sec = pst->st_ctime;
ret.tv_nsec = pst->st_ctimensec;
return ret;
-#elif defined(HAVE_STAT_ST_CTIME_N)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIME_N)
struct timespec ret;
ret.tv_sec = pst->st_ctime;
ret.tv_nsec = pst->st_ctime_n;
return ret;
-#elif defined(HAVE_STAT_ST_UCTIME)
+#elif defined(HAVE_STRUCT_STAT_ST_UMTIME)
struct timespec ret;
ret.tv_sec = pst->st_ctime;
ret.tv_nsec = pst->st_uctime * 1000;
return ret;
-#elif defined(HAVE_STAT_ST_CTIMESPEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC)
return pst->st_ctimespec;
#else
#error CONFIGURE_ERROR_IN_DETECTING_TIMESPEC_IN_STAT
@@ -548,18 +548,18 @@ void set_ctimespec(SMB_STRUCT_STAT *pst, struct timespec ts)
/* Old system - no ns timestamp. */
pst->st_ctime = ts.tv_sec;
#else
-#if defined(HAVE_STAT_ST_CTIM)
+#if defined(HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC)
pst->st_ctim = ts;
-#elif defined(HAVE_STAT_ST_CTIMENSEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMENSEC)
pst->st_ctime = ts.tv_sec;
pst->st_ctimensec = ts.tv_nsec;
-#elif defined(HAVE_STAT_ST_CTIME_N)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIME_N)
pst->st_ctime = ts.tv_sec;
pst->st_ctime_n = ts.tv_nsec;
-#elif defined(HAVE_STAT_ST_UCTIME)
+#elif defined(HAVE_STRUCT_STAT_ST_UMTIME)
pst->st_ctime = ts.tv_sec;
pst->st_uctime = ts.tv_nsec / 1000;
-#elif defined(HAVE_STAT_ST_CTIMESPEC)
+#elif defined(HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC)
pst->st_ctimespec = ts;
#else
#error CONFIGURE_ERROR_IN_DETECTING_TIMESPEC_IN_STAT
diff --git a/source3/lib/winbind_util.c b/source3/lib/winbind_util.c
index 14356b09cf..f64a4d3b45 100644
--- a/source3/lib/winbind_util.c
+++ b/source3/lib/winbind_util.c
@@ -24,6 +24,43 @@
#include "nsswitch/libwbclient/wbclient.h"
+struct passwd * winbind_getpwnam(const char * name)
+{
+ wbcErr result;
+ struct passwd * tmp_pwd = NULL;
+ struct passwd * pwd = NULL;
+
+ result = wbcGetpwnam(name, &tmp_pwd);
+ if (result != WBC_ERR_SUCCESS)
+ return pwd;
+
+ pwd = tcopy_passwd(talloc_tos(), tmp_pwd);
+
+ wbcFreeMemory(tmp_pwd);
+
+ return pwd;
+}
+
+struct passwd * winbind_getpwsid(const DOM_SID *sid)
+{
+ wbcErr result;
+ struct passwd * tmp_pwd = NULL;
+ struct passwd * pwd = NULL;
+ struct wbcDomainSid dom_sid;
+
+ memcpy(&dom_sid, sid, sizeof(dom_sid));
+
+ result = wbcGetpwsid(&dom_sid, &tmp_pwd);
+ if (result != WBC_ERR_SUCCESS)
+ return pwd;
+
+ pwd = tcopy_passwd(talloc_tos(), tmp_pwd);
+
+ wbcFreeMemory(tmp_pwd);
+
+ return pwd;
+}
+
/* Call winbindd to convert a name to a sid */
bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
@@ -234,8 +271,87 @@ bool winbind_allocate_gid(gid_t *gid)
return (ret == WBC_ERR_SUCCESS);
}
+bool winbind_get_groups(TALLOC_CTX * mem_ctx, const char *account, uint32_t *num_groups, gid_t **_groups)
+{
+ wbcErr ret;
+ uint32_t ngroups;
+ gid_t *group_list = NULL;
+
+ ret = wbcGetGroups(account, &ngroups, &group_list);
+ if (ret != WBC_ERR_SUCCESS)
+ return false;
+
+ *_groups = TALLOC_ARRAY(mem_ctx, gid_t, ngroups);
+ if (*_groups == NULL) {
+ wbcFreeMemory(group_list);
+ return false;
+ }
+
+ memcpy(*_groups, group_list, ngroups* sizeof(gid_t));
+ *num_groups = ngroups;
+
+ wbcFreeMemory(group_list);
+ return true;
+}
+
+bool winbind_get_sid_aliases(TALLOC_CTX *mem_ctx,
+ const DOM_SID *dom_sid,
+ const DOM_SID *members,
+ size_t num_members,
+ uint32_t **pp_alias_rids,
+ size_t *p_num_alias_rids)
+{
+ wbcErr ret;
+ struct wbcDomainSid domain_sid;
+ struct wbcDomainSid *sid_list = NULL;
+ size_t i;
+ uint32_t * rids;
+ size_t num_rids;
+
+ memcpy(&domain_sid, dom_sid, sizeof(*dom_sid));
+
+ sid_list = TALLOC_ARRAY(mem_ctx, struct wbcDomainSid, num_members);
+
+ for (i=0; i < num_members; i++) {
+ memcpy(&sid_list[i], &members[i], sizeof(sid_list[i]));
+ }
+
+ ret = wbcGetSidAliases(&domain_sid,
+ sid_list,
+ num_members,
+ &rids,
+ &num_rids);
+ if (ret != WBC_ERR_SUCCESS) {
+ wbcFreeMemory(rids);
+ return false;
+ }
+
+ *pp_alias_rids = TALLOC_ARRAY(mem_ctx, uint32_t, num_rids);
+ if (*pp_alias_rids == NULL) {
+ wbcFreeMemory(rids);
+ return false;
+ }
+
+ memcpy(*pp_alias_rids, rids, sizeof(uint32_t) * num_rids);
+
+ *p_num_alias_rids = num_rids;
+ wbcFreeMemory(rids);
+
+ return true;
+}
+
#else /* WITH_WINBIND */
+struct passwd * winbind_getpwnam(const char * name)
+{
+ return NULL;
+}
+
+struct passwd * winbind_getpwsid(const DOM_SID *sid)
+{
+ return NULL;
+}
+
bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
enum lsa_SidType *name_type)
{
@@ -318,4 +434,19 @@ bool winbind_allocate_gid(gid_t *gid)
return false;
}
+bool winbind_get_groups(TALLOC_CTX *mem_ctx, const char *account, uint32_t *num_groups, gid_t **_groups)
+{
+ return false;
+}
+
+bool winbind_get_sid_aliases(TALLOC_CTX *mem_ctx,
+ const DOM_SID *dom_sid,
+ const DOM_SID *members,
+ size_t num_members,
+ uint32_t **pp_alias_rids,
+ size_t *p_num_alias_rids)
+{
+ return false;
+}
+
#endif /* WITH_WINBIND */
diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c
index 0ef7e0be51..02394794c2 100644
--- a/source3/modules/onefs_acl.c
+++ b/source3/modules/onefs_acl.c
@@ -619,6 +619,12 @@ onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
DEBUG(5, ("Getting sd for file %s. security_info=%u\n",
fsp->fsp_name, security_info));
+ if (lp_parm_bool(SNUM(fsp->conn), PARM_ONEFS_TYPE,
+ PARM_IGNORE_SACL, PARM_IGNORE_SACL_DEFAULT)) {
+ DEBUG(5, ("Ignoring SACL on %s.\n", fsp->fsp_name));
+ security_info &= ~SACL_SECURITY_INFORMATION;
+ }
+
if (fsp->fh->fd == -1) {
if ((fsp->fh->fd = onefs_sys_create_file(handle->conn,
-1,
diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c
index b2b11ebaac..e335dc7e28 100644
--- a/source3/modules/onefs_open.c
+++ b/source3/modules/onefs_open.c
@@ -744,6 +744,11 @@ NTSTATUS onefs_open_file_ntcreate(connection_struct *conn,
open_access_mask |= FILE_WRITE_DATA;
}
+ if (lp_parm_bool(SNUM(fsp->conn), PARM_ONEFS_TYPE,
+ PARM_IGNORE_SACL, PARM_IGNORE_SACL_DEFAULT)) {
+ access_mask &= ~SYSTEM_SECURITY_ACCESS;
+ }
+
DEBUG(10, ("onefs_open_file_ntcreate: fname=%s, after mapping "
"open_access_mask=%#x, access_mask=0x%x\n",
fname, open_access_mask, access_mask));
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index d26a667f44..c526a175f2 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -27,25 +27,6 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_PASSDB
-/******************************************************************
- get the default domain/netbios name to be used when
- testing authentication. For example, if you connect
- to a Windows member server using a bogus domain name, the
- Windows box will map the BOGUS\user to DOMAIN\user. A
- standalone box will map to WKS\user.
-******************************************************************/
-
-const char *my_sam_name(void)
-{
- /* standalone servers can only use the local netbios name */
- if ( lp_server_role() == ROLE_STANDALONE )
- return global_myname();
-
- /* Windows domain members default to the DOMAIN
- name when not specified */
- return lp_workgroup();
-}
-
/**********************************************************************
***********************************************************************/
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 36984fc209..5c4ff61b17 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -5925,18 +5925,18 @@ static WERROR control_printer(POLICY_HND *handle, uint32 command,
return WERR_BADFID;
switch (command) {
- case PRINTER_CONTROL_PAUSE:
+ case SPOOLSS_PRINTER_CONTROL_PAUSE:
if (print_queue_pause(p->server_info, snum, &errcode)) {
errcode = WERR_OK;
}
break;
- case PRINTER_CONTROL_RESUME:
- case PRINTER_CONTROL_UNPAUSE:
+ case SPOOLSS_PRINTER_CONTROL_RESUME:
+ case SPOOLSS_PRINTER_CONTROL_UNPAUSE:
if (print_queue_resume(p->server_info, snum, &errcode)) {
errcode = WERR_OK;
}
break;
- case PRINTER_CONTROL_PURGE:
+ case SPOOLSS_PRINTER_CONTROL_PURGE:
if (print_queue_purge(p->server_info, snum, &errcode)) {
errcode = WERR_OK;
}
@@ -7381,6 +7381,8 @@ WERROR _spoolss_GetForm(pipes_struct *p,
return WERR_BADFID;
}
+ ZERO_STRUCT(form_1);
+
switch (level) {
case 1:
if (foundBuiltin) {
@@ -10473,22 +10475,22 @@ WERROR _spoolss_RemoteFindFirstPrinterChangeNotifyEx(pipes_struct *p,
}
/****************************************************************
- _spoolss_RouterRefreshPrinterChangeNotification
+ _spoolss_RouterReplyPrinterEx
****************************************************************/
-WERROR _spoolss_RouterRefreshPrinterChangeNotification(pipes_struct *p,
- struct spoolss_RouterRefreshPrinterChangeNotification *r)
+WERROR _spoolss_RouterReplyPrinterEx(pipes_struct *p,
+ struct spoolss_RouterReplyPrinterEx *r)
{
p->rng_fault_state = true;
return WERR_NOT_SUPPORTED;
}
/****************************************************************
- _spoolss_RemoteFindNextPrinterChangeNotifyEx
+ _dcesrv_spoolss_RouterRefreshPrinterChangeNotify
****************************************************************/
-WERROR _spoolss_RemoteFindNextPrinterChangeNotifyEx(pipes_struct *p,
- struct spoolss_RemoteFindNextPrinterChangeNotifyEx *r)
+WERROR _spoolss_RouterRefreshPrinterChangeNotify(pipes_struct *p,
+ struct spoolss_RouterRefreshPrinterChangeNotify *r)
{
p->rng_fault_state = true;
return WERR_NOT_SUPPORTED;
diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c
index 5720bfc517..be91611bfb 100644
--- a/source3/winbindd/winbindd.c
+++ b/source3/winbindd/winbindd.c
@@ -420,6 +420,7 @@ static struct winbindd_dispatch_table {
{ WINBINDD_GETPWNAM, winbindd_getpwnam, "GETPWNAM" },
{ WINBINDD_GETPWUID, winbindd_getpwuid, "GETPWUID" },
+ { WINBINDD_GETPWSID, winbindd_getpwsid, "GETPWSID" },
{ WINBINDD_SETPWENT, winbindd_setpwent, "SETPWENT" },
{ WINBINDD_ENDPWENT, winbindd_endpwent, "ENDPWENT" },
@@ -429,6 +430,8 @@ static struct winbindd_dispatch_table {
{ WINBINDD_GETUSERSIDS, winbindd_getusersids, "GETUSERSIDS" },
{ WINBINDD_GETUSERDOMGROUPS, winbindd_getuserdomgroups,
"GETUSERDOMGROUPS" },
+ { WINBINDD_GETSIDALIASES, winbindd_getsidaliases,
+ "LOOKUPUSERALIASES" },
/* Group functions */
diff --git a/source3/winbindd/winbindd_async.c b/source3/winbindd/winbindd_async.c
index 7b93f963b4..0271abbd2b 100644
--- a/source3/winbindd/winbindd_async.c
+++ b/source3/winbindd/winbindd_async.c
@@ -632,8 +632,8 @@ bool print_sidlist(TALLOC_CTX *mem_ctx, const DOM_SID *sids,
return True;
}
-static bool parse_sidlist(TALLOC_CTX *mem_ctx, char *sidstr,
- DOM_SID **sids, size_t *num_sids)
+bool parse_sidlist(TALLOC_CTX *mem_ctx, char *sidstr,
+ DOM_SID **sids, size_t *num_sids)
{
char *p, *q;
@@ -822,92 +822,6 @@ void winbindd_getsidaliases_async(struct winbindd_domain *domain,
(void *)cont, private_data);
}
-enum winbindd_result winbindd_dual_getsidaliases(struct winbindd_domain *domain,
- struct winbindd_cli_state *state)
-{
- DOM_SID *sids = NULL;
- size_t num_sids = 0;
- char *sidstr = NULL;
- ssize_t len;
- size_t i;
- uint32 num_aliases;
- uint32 *alias_rids;
- NTSTATUS result;
-
- DEBUG(3, ("[%5lu]: getsidaliases\n", (unsigned long)state->pid));
-
- sidstr = state->request.extra_data.data;
- if (sidstr == NULL) {
- sidstr = talloc_strdup(state->mem_ctx, "\n"); /* No SID */
- if (!sidstr) {
- DEBUG(0, ("Out of memory\n"));
- return WINBINDD_ERROR;
- }
- }
-
- DEBUG(10, ("Sidlist: %s\n", sidstr));
-
- if (!parse_sidlist(state->mem_ctx, sidstr, &sids, &num_sids)) {
- DEBUG(0, ("Could not parse SID list: %s\n", sidstr));
- return WINBINDD_ERROR;
- }
-
- num_aliases = 0;
- alias_rids = NULL;
-
- result = domain->methods->lookup_useraliases(domain,
- state->mem_ctx,
- num_sids, sids,
- &num_aliases,
- &alias_rids);
-
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(3, ("Could not lookup_useraliases: %s\n",
- nt_errstr(result)));
- return WINBINDD_ERROR;
- }
-
- num_sids = 0;
- sids = NULL;
- sidstr = NULL;
-
- DEBUG(10, ("Got %d aliases\n", num_aliases));
-
- for (i=0; i<num_aliases; i++) {
- DOM_SID sid;
- DEBUGADD(10, (" rid %d\n", alias_rids[i]));
- sid_copy(&sid, &domain->sid);
- sid_append_rid(&sid, alias_rids[i]);
- result = add_sid_to_array(state->mem_ctx, &sid, &sids,
- &num_sids);
- if (!NT_STATUS_IS_OK(result)) {
- return WINBINDD_ERROR;
- }
- }
-
-
- if (!print_sidlist(state->mem_ctx, sids, num_sids, &sidstr, &len)) {
- DEBUG(0, ("Could not print_sidlist\n"));
- state->response.extra_data.data = NULL;
- return WINBINDD_ERROR;
- }
-
- state->response.extra_data.data = NULL;
-
- if (sidstr) {
- state->response.extra_data.data = SMB_STRDUP(sidstr);
- if (!state->response.extra_data.data) {
- DEBUG(0, ("Out of memory\n"));
- return WINBINDD_ERROR;
- }
- DEBUG(10, ("aliases_list: %s\n",
- (char *)state->response.extra_data.data));
- state->response.length += len+1;
- }
-
- return WINBINDD_OK;
-}
-
struct gettoken_state {
TALLOC_CTX *mem_ctx;
DOM_SID user_sid;
diff --git a/source3/winbindd/winbindd_domain.c b/source3/winbindd/winbindd_domain.c
index 2e8c6175ca..1fc3ce7304 100644
--- a/source3/winbindd/winbindd_domain.c
+++ b/source3/winbindd/winbindd_domain.c
@@ -110,6 +110,10 @@ static const struct winbindd_child_dispatch_table domain_dispatch_table[] = {
.struct_cmd = WINBINDD_DUAL_GETSIDALIASES,
.struct_fn = winbindd_dual_getsidaliases,
},{
+ .name = "GETSIDALIASES",
+ .struct_cmd = WINBINDD_GETSIDALIASES,
+ .struct_fn = winbindd_dual_getsidaliases,
+ },{
.name = "CCACHE_NTLM_AUTH",
.struct_cmd = WINBINDD_CCACHE_NTLMAUTH,
.struct_fn = winbindd_dual_ccache_ntlm_auth,
diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c
index 9d9b264124..043f26e578 100644
--- a/source3/winbindd/winbindd_group.c
+++ b/source3/winbindd/winbindd_group.c
@@ -1867,3 +1867,118 @@ enum winbindd_result winbindd_dual_getuserdomgroups(struct winbindd_domain *doma
return WINBINDD_OK;
}
+
+void winbindd_getsidaliases(struct winbindd_cli_state *state)
+{
+ DOM_SID domain_sid;
+ struct winbindd_domain *domain;
+
+ /* Ensure null termination */
+ state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+
+ if (!string_to_sid(&domain_sid, state->request.data.sid)) {
+ DEBUG(1, ("Could not get convert sid %s from string\n",
+ state->request.data.sid));
+ request_error(state);
+ return;
+ }
+
+ /* Get info for the domain */
+ if ((domain = find_domain_from_sid_noinit(&domain_sid)) == NULL) {
+ DEBUG(0,("could not find domain entry for sid %s\n",
+ sid_string_dbg(&domain_sid)));
+ request_error(state);
+ return;
+ }
+
+ sendto_domain(state, domain);
+}
+
+enum winbindd_result winbindd_dual_getsidaliases(struct winbindd_domain *domain,
+ struct winbindd_cli_state *state)
+{
+ DOM_SID *sids = NULL;
+ size_t num_sids = 0;
+ char *sidstr = NULL;
+ ssize_t len;
+ size_t i;
+ uint32 num_aliases;
+ uint32 *alias_rids;
+ NTSTATUS result;
+
+ DEBUG(3, ("[%5lu]: getsidaliases\n", (unsigned long)state->pid));
+
+ sidstr = state->request.extra_data.data;
+ if (sidstr == NULL) {
+ sidstr = talloc_strdup(state->mem_ctx, "\n"); /* No SID */
+ if (!sidstr) {
+ DEBUG(0, ("Out of memory\n"));
+ return WINBINDD_ERROR;
+ }
+ }
+
+ DEBUG(10, ("Sidlist: %s\n", sidstr));
+
+ if (!parse_sidlist(state->mem_ctx, sidstr, &sids, &num_sids)) {
+ DEBUG(0, ("Could not parse SID list: %s\n", sidstr));
+ return WINBINDD_ERROR;
+ }
+
+ num_aliases = 0;
+ alias_rids = NULL;
+
+ result = domain->methods->lookup_useraliases(domain,
+ state->mem_ctx,
+ num_sids, sids,
+ &num_aliases,
+ &alias_rids);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(3, ("Could not lookup_useraliases: %s\n",
+ nt_errstr(result)));
+ return WINBINDD_ERROR;
+ }
+
+ num_sids = 0;
+ sids = NULL;
+ sidstr = NULL;
+
+ DEBUG(10, ("Got %d aliases\n", num_aliases));
+
+ for (i=0; i<num_aliases; i++) {
+ DOM_SID sid;
+ DEBUGADD(10, (" rid %d\n", alias_rids[i]));
+ sid_copy(&sid, &domain->sid);
+ sid_append_rid(&sid, alias_rids[i]);
+ result = add_sid_to_array(state->mem_ctx, &sid, &sids,
+ &num_sids);
+ if (!NT_STATUS_IS_OK(result)) {
+ return WINBINDD_ERROR;
+ }
+ }
+
+
+ if (!print_sidlist(state->mem_ctx, sids, num_sids, &sidstr, &len)) {
+ DEBUG(0, ("Could not print_sidlist\n"));
+ state->response.extra_data.data = NULL;
+ return WINBINDD_ERROR;
+ }
+
+ state->response.extra_data.data = NULL;
+
+ if (sidstr) {
+ state->response.extra_data.data = SMB_STRDUP(sidstr);
+ if (!state->response.extra_data.data) {
+ DEBUG(0, ("Out of memory\n"));
+ return WINBINDD_ERROR;
+ }
+ DEBUG(10, ("aliases_list: %s\n",
+ (char *)state->response.extra_data.data));
+ state->response.length += len+1;
+ state->response.data.num_entries = num_sids;
+ }
+
+ return WINBINDD_OK;
+}
+
+
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index c302dd1d62..5120402e3d 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -112,6 +112,8 @@ enum winbindd_result winbindd_dual_list_groups(struct winbindd_domain *domain,
struct winbindd_cli_state *state);
bool print_sidlist(TALLOC_CTX *mem_ctx, const DOM_SID *sids,
size_t num_sids, char **result, ssize_t *len);
+bool parse_sidlist(TALLOC_CTX *mem_ctx, char *sidstr,
+ DOM_SID **sids, size_t *num_sids);
enum winbindd_result winbindd_dual_lookuprids(struct winbindd_domain *domain,
struct winbindd_cli_state *state);
void winbindd_getsidaliases_async(struct winbindd_domain *domain,
@@ -342,6 +344,7 @@ void winbindd_list_groups(struct winbindd_cli_state *state);
void winbindd_getgroups(struct winbindd_cli_state *state);
void winbindd_getusersids(struct winbindd_cli_state *state);
void winbindd_getuserdomgroups(struct winbindd_cli_state *state);
+void winbindd_getsidaliases(struct winbindd_cli_state *state);
enum winbindd_result winbindd_dual_getuserdomgroups(struct winbindd_domain *domain,
struct winbindd_cli_state *state);
bool get_sam_group_entries(struct getent_state *ent);
@@ -495,6 +498,7 @@ enum winbindd_result winbindd_dual_userinfo(struct winbindd_domain *domain,
struct winbindd_cli_state *state);
void winbindd_getpwnam(struct winbindd_cli_state *state);
void winbindd_getpwuid(struct winbindd_cli_state *state);
+void winbindd_getpwsid(struct winbindd_cli_state *state);
void winbindd_setpwent(struct winbindd_cli_state *state);
void winbindd_endpwent(struct winbindd_cli_state *state);
void winbindd_getpwent(struct winbindd_cli_state *state);
diff --git a/source3/winbindd/winbindd_user.c b/source3/winbindd/winbindd_user.c
index a6740b1fb8..50aea4e0cb 100644
--- a/source3/winbindd/winbindd_user.c
+++ b/source3/winbindd/winbindd_user.c
@@ -217,8 +217,8 @@ static void getpwsid_queryuser_recv(void *private_data, bool success,
static void getpwsid_sid2uid_recv(void *private_data, bool success, uid_t uid);
static void getpwsid_sid2gid_recv(void *private_data, bool success, gid_t gid);
-static void winbindd_getpwsid(struct winbindd_cli_state *state,
- const DOM_SID *sid)
+static void getpwsid_queryuser(struct winbindd_cli_state *state,
+ const DOM_SID *sid)
{
struct getpwsid_state *s;
@@ -509,7 +509,7 @@ static void getpwnam_name2sid_recv(void *private_data, bool success,
check_domain_trusted(domname, sid);
}
- winbindd_getpwsid(state, sid);
+ getpwsid_queryuser(state, sid);
}
static void getpwuid_recv(void *private_data, bool success, const char *sid)
@@ -535,7 +535,7 @@ static void getpwuid_recv(void *private_data, bool success, const char *sid)
return;
}
- winbindd_getpwsid(state, &user_sid);
+ getpwsid_queryuser(state, &user_sid);
}
/* Return a password structure given a uid number */
@@ -553,6 +553,26 @@ void winbindd_getpwuid(struct winbindd_cli_state *state)
winbindd_uid2sid_async(state->mem_ctx, uid, getpwuid_recv, state);
}
+/* Return a password structure given a sid */
+void winbindd_getpwsid(struct winbindd_cli_state *state)
+{
+ DOM_SID sid;
+
+ /* Ensure null termination */
+ state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+
+ DEBUG(3, ("[%5lu]: getpwsid %s\n", (unsigned long)state->pid,
+ state->request.data.sid));
+
+ if (!string_to_sid(&sid, state->request.data.sid)) {
+ DEBUG(5, ("%s not a SID\n", state->request.data.sid));
+ request_error(state);
+ return;
+ }
+
+ getpwsid_queryuser(state, &sid);
+}
+
/*
* set/get/endpwent functions
*/