diff options
Diffstat (limited to 'source4/nsswitch')
-rw-r--r-- | source4/nsswitch/nsstest.c | 12 | ||||
-rw-r--r-- | source4/nsswitch/wb_common.c | 242 | ||||
-rw-r--r-- | source4/nsswitch/wbinfo.c | 243 | ||||
-rw-r--r-- | source4/nsswitch/winbind_client.h | 29 | ||||
-rw-r--r-- | source4/nsswitch/winbind_nss.h | 10 | ||||
-rw-r--r-- | source4/nsswitch/winbind_nss_config.h | 47 | ||||
-rw-r--r-- | source4/nsswitch/winbind_nss_irix.h | 4 | ||||
-rw-r--r-- | source4/nsswitch/winbind_nss_linux.c | 277 | ||||
-rw-r--r-- | source4/nsswitch/winbind_nss_solaris.h | 30 | ||||
-rw-r--r-- | source4/nsswitch/winbind_struct_protocol.h (renamed from source4/nsswitch/winbindd_nss.h) | 160 |
10 files changed, 558 insertions, 496 deletions
diff --git a/source4/nsswitch/nsstest.c b/source4/nsswitch/nsstest.c index 6c21576c2d..df7f33f8e0 100644 --- a/source4/nsswitch/nsstest.c +++ b/source4/nsswitch/nsstest.c @@ -145,13 +145,13 @@ static struct group *nss_getgrent(void) static int buflen = 1024; NSS_STATUS status; - if (!buf) buf = malloc(buflen); + if (!buf) buf = malloc_array_p(char, buflen); again: status = _nss_getgrent_r(&grp, buf, buflen, &nss_errno); if (status == NSS_STATUS_TRYAGAIN) { buflen *= 2; - buf = realloc(buf, buflen); + buf = realloc_p(buf, char, buflen); goto again; } if (status == NSS_STATUS_NOTFOUND) { @@ -173,12 +173,12 @@ static struct group *nss_getgrnam(const char *name) static int buflen = 1000; NSS_STATUS status; - if (!buf) buf = malloc(buflen); + if (!buf) buf = malloc_array_p(char, buflen); again: status = _nss_getgrnam_r(name, &grp, buf, buflen, &nss_errno); if (status == NSS_STATUS_TRYAGAIN) { buflen *= 2; - buf = realloc(buf, buflen); + buf = realloc_p(buf, char, buflen); goto again; } if (status == NSS_STATUS_NOTFOUND) { @@ -200,12 +200,12 @@ static struct group *nss_getgrgid(gid_t gid) static int buflen = 1000; NSS_STATUS status; - if (!buf) buf = malloc(buflen); + if (!buf) buf = malloc_array_p(char, buflen); again: status = _nss_getgrgid_r(gid, &grp, buf, buflen, &nss_errno); if (status == NSS_STATUS_TRYAGAIN) { buflen *= 2; - buf = realloc(buf, buflen); + buf = realloc_p(buf, char, buflen); goto again; } if (status == NSS_STATUS_NOTFOUND) { diff --git a/source4/nsswitch/wb_common.c b/source4/nsswitch/wb_common.c index e8ea31db0f..2ae85dcb1e 100644 --- a/source4/nsswitch/wb_common.c +++ b/source4/nsswitch/wb_common.c @@ -22,16 +22,16 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "includes.h" -#include "nsswitch/winbind_client.h" +#include "winbind_client.h" /* Global variables. These are effectively the client state information */ int winbindd_fd = -1; /* fd for winbindd socket */ +static int is_privileged = 0; /* Free a response structure */ -void free_response(struct winbindd_response *response) +void winbindd_free_response(struct winbindd_response *response) { /* Free any allocated extra_data */ @@ -41,7 +41,7 @@ void free_response(struct winbindd_response *response) /* Initialise a request structure */ -void init_request(struct winbindd_request *request, int request_type) +void winbindd_init_request(struct winbindd_request *request, int request_type) { request->length = sizeof(struct winbindd_request); @@ -52,7 +52,7 @@ void init_request(struct winbindd_request *request, int request_type) /* Initialise a response structure */ -void init_response(struct winbindd_response *response) +static void init_response(struct winbindd_response *response) { /* Initialise return value */ @@ -61,7 +61,7 @@ void init_response(struct winbindd_response *response) /* Close established socket */ -void close_sock(void) +void winbind_close_sock(void) { if (winbindd_fd != -1) { close(winbindd_fd); @@ -70,10 +70,6 @@ void close_sock(void) } #define CONNECT_TIMEOUT 30 -#if 0 /* unused */ -#define WRITE_TIMEOUT CONNECT_TIMEOUT -#define READ_TIMEOUT CONNECT_TIMEOUT -#endif /* Make sure socket handle isn't stdin, stdout or stderr */ #define RECURSION_LIMIT 3 @@ -172,7 +168,7 @@ static int winbind_named_pipe_sock(const char *dir) { struct sockaddr_un sunaddr; struct stat st; - char *path; + pstring path; int fd; int wait_time; int slept; @@ -189,8 +185,16 @@ static int winbind_named_pipe_sock(const char *dir) } /* Connect to socket */ - - asprintf(&path, "%s%s", dir, "/" WINBINDD_SOCKET_NAME); + + strncpy(path, dir, sizeof(path) - 1); + path[sizeof(path) - 1] = '\0'; + + strncat(path, "/", sizeof(path) - 1 - strlen(path)); + path[sizeof(path) - 1] = '\0'; + + strncat(path, WINBINDD_SOCKET_NAME, sizeof(path) - 1 - strlen(path)); + path[sizeof(path) - 1] = '\0'; + ZERO_STRUCT(sunaddr); sunaddr.sun_family = AF_UNIX; strncpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path) - 1); @@ -200,11 +204,8 @@ static int winbind_named_pipe_sock(const char *dir) the winbindd daemon is not running. */ if (lstat(path, &st) == -1) { - SAFE_FREE(path); return -1; } - - SAFE_FREE(path); /* Check permissions on unix socket file */ @@ -277,72 +278,80 @@ static int winbind_named_pipe_sock(const char *dir) close(fd); return -1; +} - if (connect(fd, (struct sockaddr *)&sunaddr, - sizeof(sunaddr)) == -1) { - close(fd); - return -1; +static const char *winbindd_socket_dir(void) +{ +#ifdef SOCKET_WRAPPER + const char *env_dir; + + env_dir = getenv(WINBINDD_SOCKET_DIR_ENVVAR); + if (env_dir) { + return env_dir; } - - return fd; +#endif + + return WINBINDD_SOCKET_DIR; } /* Connect to winbindd socket */ -int winbind_open_pipe_sock(void) +static int winbind_open_pipe_sock(int recursing, int need_priv) { #ifdef HAVE_UNIXSOCKET static pid_t our_pid; struct winbindd_request request; struct winbindd_response response; - const char *winbindd_socket_dir_env; ZERO_STRUCT(request); ZERO_STRUCT(response); if (our_pid != getpid()) { - close_sock(); + winbind_close_sock(); our_pid = getpid(); } + + if ((need_priv != 0) && (is_privileged == 0)) { + winbind_close_sock(); + } if (winbindd_fd != -1) { return winbindd_fd; } -#ifdef SOCKET_WRAPPER - winbindd_socket_dir_env = getenv(WINBINDD_SOCKET_DIR_ENV); - - if (!winbindd_socket_dir_env) - { - winbindd_socket_dir_env = WINBINDD_SOCKET_DIR; + if (recursing) { + return -1; } -#else - winbindd_socket_dir_env = WINBINDD_SOCKET_DIR; -#endif - - winbindd_fd = winbind_named_pipe_sock(winbindd_socket_dir_env); - if (winbindd_fd == -1) - { + if ((winbindd_fd = winbind_named_pipe_sock(winbindd_socket_dir())) == -1) { return -1; } + is_privileged = 0; + /* version-check the socket */ - if ((winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != WINBIND_INTERFACE_VERSION)) { - close_sock(); + request.wb_flags = WBFLAG_RECURSE; + if ((winbindd_request_response(WINBINDD_INTERFACE_VERSION, &request, &response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != WINBIND_INTERFACE_VERSION)) { + winbind_close_sock(); return -1; } /* try and get priv pipe */ - if (winbindd_request(WINBINDD_PRIV_PIPE_DIR, &request, &response) == NSS_STATUS_SUCCESS) { + request.wb_flags = WBFLAG_RECURSE; + if (winbindd_request_response(WINBINDD_PRIV_PIPE_DIR, &request, &response) == NSS_STATUS_SUCCESS) { int fd; - if ((fd = winbind_named_pipe_sock(response.extra_data.data)) != -1) { + if ((fd = winbind_named_pipe_sock((char *)response.extra_data.data)) != -1) { close(winbindd_fd); winbindd_fd = fd; + is_privileged = 1; } } + if ((need_priv != 0) && (is_privileged == 0)) { + return -1; + } + SAFE_FREE(response.extra_data.data); return winbindd_fd; @@ -353,7 +362,7 @@ int winbind_open_pipe_sock(void) /* Write data to winbindd socket */ -int write_sock(void *buffer, int count) +int winbind_write_sock(void *buffer, int count, int recursing, int need_priv) { int result, nwritten; @@ -361,7 +370,7 @@ int write_sock(void *buffer, int count) restart: - if (winbind_open_pipe_sock() == -1) { + if (winbind_open_pipe_sock(recursing, need_priv) == -1) { return -1; } @@ -381,7 +390,7 @@ int write_sock(void *buffer, int count) ZERO_STRUCT(tv); if (select(winbindd_fd + 1, &r_fds, NULL, NULL, &tv) == -1) { - close_sock(); + winbind_close_sock(); return -1; /* Select error */ } @@ -399,7 +408,7 @@ int write_sock(void *buffer, int count) /* Write failed */ - close_sock(); + winbind_close_sock(); return -1; } @@ -409,7 +418,7 @@ int write_sock(void *buffer, int count) /* Pipe has closed on remote end */ - close_sock(); + winbind_close_sock(); goto restart; } } @@ -419,11 +428,15 @@ int write_sock(void *buffer, int count) /* Read data from winbindd socket */ -static int read_sock(void *buffer, int count) +int winbind_read_sock(void *buffer, int count) { int nread = 0; int total_time = 0, selret; + if (winbindd_fd == -1) { + return -1; + } + /* Read data from socket */ while(nread < count) { struct timeval tv; @@ -439,7 +452,7 @@ static int read_sock(void *buffer, int count) tv.tv_sec = 5; if ((selret = select(winbindd_fd + 1, &r_fds, NULL, NULL, &tv)) == -1) { - close_sock(); + winbind_close_sock(); return -1; /* Select error */ } @@ -447,7 +460,7 @@ static int read_sock(void *buffer, int count) /* Not ready for read yet... */ if (total_time >= 30) { /* Timeout */ - close_sock(); + winbind_close_sock(); return -1; } total_time += 5; @@ -467,7 +480,7 @@ static int read_sock(void *buffer, int count) can do here is just return -1 and fail since the transaction has failed half way through. */ - close_sock(); + winbind_close_sock(); return -1; } @@ -481,7 +494,7 @@ static int read_sock(void *buffer, int count) /* Read reply */ -int read_reply(struct winbindd_response *response) +int winbindd_read_reply(struct winbindd_response *response) { int result1, result2 = 0; @@ -491,9 +504,9 @@ int read_reply(struct winbindd_response *response) /* Read fixed length response */ - if ((result1 = read_sock(response, sizeof(struct winbindd_response))) - == -1) { - + result1 = winbind_read_sock(response, + sizeof(struct winbindd_response)); + if (result1 == -1) { return -1; } @@ -515,9 +528,10 @@ int read_reply(struct winbindd_response *response) return -1; } - if ((result2 = read_sock(response->extra_data.data, extra_data_len)) - == -1) { - free_response(response); + result2 = winbind_read_sock(response->extra_data.data, + extra_data_len); + if (result2 == -1) { + winbindd_free_response(response); return -1; } } @@ -527,22 +541,31 @@ int read_reply(struct winbindd_response *response) return result1 + result2; } +bool winbind_env_set(void) +{ + char *env; + + if ((env=getenv(WINBINDD_DONT_ENV)) != NULL) { + if(strcmp(env, "1") == 0) { + return true; + } + } + return false; +} + /* * send simple types of requests */ -NSS_STATUS winbindd_send_request(int req_type, struct winbindd_request *request) +NSS_STATUS winbindd_send_request(int req_type, int need_priv, + struct winbindd_request *request) { struct winbindd_request lrequest; - char *env; - int value; - + /* Check for our tricky environment variable */ - if ( (env = getenv(WINBINDD_DONT_ENV)) != NULL ) { - value = atoi(env); - if ( value == 1 ) - return NSS_STATUS_NOTFOUND; + if (winbind_env_set()) { + return NSS_STATUS_NOTFOUND; } if (!request) { @@ -552,9 +575,19 @@ NSS_STATUS winbindd_send_request(int req_type, struct winbindd_request *request) /* Fill in request and send down pipe */ - init_request(request, req_type); + winbindd_init_request(request, req_type); - if (write_sock(request, sizeof(*request)) == -1) { + if (winbind_write_sock(request, sizeof(*request), + request->wb_flags & WBFLAG_RECURSE, + need_priv) == -1) { + return NSS_STATUS_UNAVAIL; + } + + if ((request->extra_len != 0) && + (winbind_write_sock(request->extra_data.data, + request->extra_len, + request->wb_flags & WBFLAG_RECURSE, + need_priv) == -1)) { return NSS_STATUS_UNAVAIL; } @@ -577,13 +610,13 @@ NSS_STATUS winbindd_get_response(struct winbindd_response *response) init_response(response); /* Wait for reply */ - if (read_reply(response) == -1) { + if (winbindd_read_reply(response) == -1) { return NSS_STATUS_UNAVAIL; } /* Throw away extra data if client didn't request it */ if (response == &lresponse) { - free_response(response); + winbindd_free_response(response); } /* Copy reply data from socket */ @@ -596,16 +629,40 @@ NSS_STATUS winbindd_get_response(struct winbindd_response *response) /* Handle simple types of requests */ -NSS_STATUS winbindd_request(int req_type, +NSS_STATUS winbindd_request_response(int req_type, struct winbindd_request *request, struct winbindd_response *response) { - NSS_STATUS status; + NSS_STATUS status = NSS_STATUS_UNAVAIL; + int count = 0; - status = winbindd_send_request(req_type, request); - if (status != NSS_STATUS_SUCCESS) - return(status); - return winbindd_get_response(response); + while ((status == NSS_STATUS_UNAVAIL) && (count < 10)) { + status = winbindd_send_request(req_type, 0, request); + if (status != NSS_STATUS_SUCCESS) + return(status); + status = winbindd_get_response(response); + count += 1; + } + + return status; +} + +NSS_STATUS winbindd_priv_request_response(int req_type, + struct winbindd_request *request, + struct winbindd_response *response) +{ + NSS_STATUS status = NSS_STATUS_UNAVAIL; + int count = 0; + + while ((status == NSS_STATUS_UNAVAIL) && (count < 10)) { + status = winbindd_send_request(req_type, 1, request); + if (status != NSS_STATUS_SUCCESS) + return(status); + status = winbindd_get_response(response); + count += 1; + } + + return status; } /************************************************************************* @@ -613,14 +670,35 @@ NSS_STATUS winbindd_request(int req_type, enable them ************************************************************************/ -BOOL winbind_off( void ) +bool winbind_off(void) { - setenv(WINBINDD_DONT_ENV, "1", 1); - return True; + return setenv(WINBINDD_DONT_ENV, "1", 1) != -1; } -BOOL winbind_on( void ) +bool winbind_on(void) { - setenv(WINBINDD_DONT_ENV, "0", 1); - return True; + return setenv(WINBINDD_DONT_ENV, "0", 1) != -1; +} + +/************************************************************************* + ************************************************************************/ + +const char *nss_err_str(NSS_STATUS ret) +{ + switch (ret) { + case NSS_STATUS_TRYAGAIN: + return "NSS_STATUS_TRYAGAIN"; + case NSS_STATUS_SUCCESS: + return "NSS_STATUS_SUCCESS"; + case NSS_STATUS_NOTFOUND: + return "NSS_STATUS_NOTFOUND"; + case NSS_STATUS_UNAVAIL: + return "NSS_STATUS_UNAVAIL"; +#ifdef NSS_STATUS_RETURN + case NSS_STATUS_RETURN: + return "NSS_STATUS_RETURN"; +#endif + default: + return "UNKNOWN RETURN CODE!!!!!!!"; + } } diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index 7e674fde1f..4538911f97 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -22,21 +22,20 @@ #include "includes.h" #include "pstring.h" -#include "winbind_nss_config.h" -#include "winbindd_nss.h" #include "winbind_client.h" #include "librpc/gen_ndr/ndr_netlogon.h" #include "libcli/auth/libcli_auth.h" #include "libcli/security/security.h" #include "lib/cmdline/popt_common.h" #include "dynconfig.h" +#include "param/param.h" extern int winbindd_fd; -static char winbind_separator_int(BOOL strict) +static char winbind_separator_int(bool strict) { struct winbindd_response response; - static BOOL got_sep; + static bool got_sep; static char sep; if (got_sep) @@ -46,18 +45,18 @@ static char winbind_separator_int(BOOL strict) /* Send off request */ - if (winbindd_request(WINBINDD_INFO, NULL, &response) != + if (winbindd_request_response(WINBINDD_INFO, NULL, &response) != NSS_STATUS_SUCCESS) { d_fprintf(stderr, "could not obtain winbind separator!\n"); if (strict) { return 0; } /* HACK: (this module should not call lp_ funtions) */ - return *lp_winbind_separator(); + return *lp_winbind_separator(global_loadparm); } sep = response.data.info.winbind_separator; - got_sep = True; + got_sep = true; if (!sep) { d_fprintf(stderr, "winbind separator was NULL!\n"); @@ -65,7 +64,7 @@ static char winbind_separator_int(BOOL strict) return 0; } /* HACK: (this module should not call lp_ funtions) */ - sep = *lp_winbind_separator(); + sep = *lp_winbind_separator(global_loadparm); } return sep; @@ -73,7 +72,7 @@ static char winbind_separator_int(BOOL strict) static char winbind_separator(void) { - return winbind_separator_int(False); + return winbind_separator_int(false); } static const char *get_winbind_domain(void) @@ -85,12 +84,12 @@ static const char *get_winbind_domain(void) /* Send off request */ - if (winbindd_request(WINBINDD_DOMAIN_NAME, NULL, &response) != + if (winbindd_request_response(WINBINDD_DOMAIN_NAME, NULL, &response) != NSS_STATUS_SUCCESS) { d_fprintf(stderr, "could not obtain winbind domain name!\n"); /* HACK: (this module should not call lp_ funtions) */ - return lp_workgroup(); + return lp_workgroup(global_loadparm); } fstrcpy(winbind_domain, response.data.domain_name); @@ -102,7 +101,7 @@ static const char *get_winbind_domain(void) /* Copy of parse_domain_user from winbindd_util.c. Parse a string of the form DOMAIN/user into a domain and a user */ -static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, +static bool parse_wbinfo_domain_user(const char *domuser, fstring domain, fstring user) { @@ -111,7 +110,7 @@ static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, if (!p) { fstrcpy(user, domuser); fstrcpy(domain, get_winbind_domain()); - return True; + return true; } fstrcpy(user, p+1); @@ -119,12 +118,12 @@ static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, domain[PTR_DIFF(p, domuser)] = 0; strupper_m(domain); - return True; + return true; } /* pull pwent info for a given user */ -static BOOL wbinfo_get_userinfo(char *user) +static bool wbinfo_get_userinfo(char *user) { struct winbindd_request request; struct winbindd_response response; @@ -137,10 +136,10 @@ static BOOL wbinfo_get_userinfo(char *user) fstrcpy(request.data.username, user); - result = winbindd_request(WINBINDD_GETPWNAM, &request, &response); + result = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; d_printf( "%s:%s:%d:%d:%s:%s:%s\n", response.data.pw.pw_name, @@ -151,11 +150,11 @@ static BOOL wbinfo_get_userinfo(char *user) response.data.pw.pw_dir, response.data.pw.pw_shell ); - return True; + return true; } /* pull pwent info for a given uid */ -static BOOL wbinfo_get_uidinfo(int uid) +static bool wbinfo_get_uidinfo(int uid) { struct winbindd_request request; struct winbindd_response response; @@ -166,10 +165,10 @@ static BOOL wbinfo_get_uidinfo(int uid) request.data.uid = uid; - result = winbindd_request(WINBINDD_GETPWUID, &request, &response); + result = winbindd_request_response(WINBINDD_GETPWUID, &request, &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; d_printf( "%s:%s:%d:%d:%s:%s:%s\n", response.data.pw.pw_name, @@ -180,11 +179,11 @@ static BOOL wbinfo_get_uidinfo(int uid) response.data.pw.pw_dir, response.data.pw.pw_shell ); - return True; + return true; } /* pull grent for a given group */ -static BOOL wbinfo_get_groupinfo(char *group) +static bool wbinfo_get_groupinfo(char *group) { struct winbindd_request request; struct winbindd_response response; @@ -197,23 +196,23 @@ static BOOL wbinfo_get_groupinfo(char *group) fstrcpy(request.data.groupname, group); - result = winbindd_request(WINBINDD_GETGRNAM, &request, + result = winbindd_request_response(WINBINDD_GETGRNAM, &request, &response); if ( result != NSS_STATUS_SUCCESS) - return False; + return false; d_printf( "%s:%s:%d\n", response.data.gr.gr_name, response.data.gr.gr_passwd, response.data.gr.gr_gid ); - return True; + return true; } /* List groups a user is a member of */ -static BOOL wbinfo_get_usergroups(char *user) +static bool wbinfo_get_usergroups(char *user) { struct winbindd_request request; struct winbindd_response response; @@ -227,22 +226,22 @@ static BOOL wbinfo_get_usergroups(char *user) fstrcpy(request.data.username, user); - result = winbindd_request(WINBINDD_GETGROUPS, &request, &response); + result = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; for (i = 0; i < response.data.num_entries; i++) d_printf("%d\n", (int)((gid_t *)response.extra_data.data)[i]); SAFE_FREE(response.extra_data.data); - return True; + return true; } /* List group SIDs a user SID is a member of */ -static BOOL wbinfo_get_usersids(char *user_sid) +static bool wbinfo_get_usersids(char *user_sid) { struct winbindd_request request; struct winbindd_response response; @@ -256,10 +255,10 @@ static BOOL wbinfo_get_usersids(char *user_sid) /* Send request */ fstrcpy(request.data.sid, user_sid); - result = winbindd_request(WINBINDD_GETUSERSIDS, &request, &response); + result = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; s = (const char *)response.extra_data.data; for (i = 0; i < response.data.num_entries; i++) { @@ -269,10 +268,10 @@ static BOOL wbinfo_get_usersids(char *user_sid) SAFE_FREE(response.extra_data.data); - return True; + return true; } -static BOOL wbinfo_get_userdomgroups(const char *user_sid) +static bool wbinfo_get_userdomgroups(const char *user_sid) { struct winbindd_request request; struct winbindd_response response; @@ -284,23 +283,23 @@ static BOOL wbinfo_get_userdomgroups(const char *user_sid) /* Send request */ fstrcpy(request.data.sid, user_sid); - result = winbindd_request(WINBINDD_GETUSERDOMGROUPS, &request, + result = winbindd_request_response(WINBINDD_GETUSERDOMGROUPS, &request, &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; if (response.data.num_entries != 0) printf("%s", (char *)response.extra_data.data); SAFE_FREE(response.extra_data.data); - return True; + return true; } /* Convert NetBIOS name to IP */ -static BOOL wbinfo_wins_byname(char *name) +static bool wbinfo_wins_byname(char *name) { struct winbindd_request request; struct winbindd_response response; @@ -312,21 +311,21 @@ static BOOL wbinfo_wins_byname(char *name) fstrcpy(request.data.winsreq, name); - if (winbindd_request(WINBINDD_WINS_BYNAME, &request, &response) != + if (winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response) != NSS_STATUS_SUCCESS) { - return False; + return false; } /* Display response */ d_printf("%s\n", response.data.winsresp); - return True; + return true; } /* Convert IP to NetBIOS name */ -static BOOL wbinfo_wins_byip(char *ip) +static bool wbinfo_wins_byip(char *ip) { struct winbindd_request request; struct winbindd_response response; @@ -338,21 +337,21 @@ static BOOL wbinfo_wins_byip(char *ip) fstrcpy(request.data.winsreq, ip); - if (winbindd_request(WINBINDD_WINS_BYIP, &request, &response) != + if (winbindd_request_response(WINBINDD_WINS_BYIP, &request, &response) != NSS_STATUS_SUCCESS) { - return False; + return false; } /* Display response */ d_printf("%s\n", response.data.winsresp); - return True; + return true; } /* List trusted domains */ -static BOOL wbinfo_list_domains(BOOL list_all_domains) +static bool wbinfo_list_domains(bool list_all_domains) { struct winbindd_request request; struct winbindd_response response; @@ -364,9 +363,9 @@ static BOOL wbinfo_list_domains(BOOL list_all_domains) request.data.list_all_domains = list_all_domains; - if (winbindd_request(WINBINDD_LIST_TRUSTDOM, &request, &response) != + if (winbindd_request_response(WINBINDD_LIST_TRUSTDOM, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ @@ -380,7 +379,7 @@ static BOOL wbinfo_list_domains(BOOL list_all_domains) if (p == 0) { d_fprintf(stderr, "Got invalid response: %s\n", extra_data); - return False; + return false; } *p = 0; d_printf("%s\n", name); @@ -389,20 +388,20 @@ static BOOL wbinfo_list_domains(BOOL list_all_domains) SAFE_FREE(response.extra_data.data); } - return True; + return true; } /* List own domain */ -static BOOL wbinfo_list_own_domain(void) +static bool wbinfo_list_own_domain(void) { d_printf("%s\n", get_winbind_domain()); - return True; + return true; } /* show sequence numbers */ -static BOOL wbinfo_show_sequence(const char *domain) +static bool wbinfo_show_sequence(const char *domain) { struct winbindd_request request; struct winbindd_response response; @@ -415,9 +414,9 @@ static BOOL wbinfo_show_sequence(const char *domain) /* Send request */ - if (winbindd_request(WINBINDD_SHOW_SEQUENCE, &request, &response) != + if (winbindd_request_response(WINBINDD_SHOW_SEQUENCE, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ @@ -427,12 +426,12 @@ static BOOL wbinfo_show_sequence(const char *domain) SAFE_FREE(response.extra_data.data); } - return True; + return true; } /* Show domain info */ -static BOOL wbinfo_domain_info(const char *domain_name) +static bool wbinfo_domain_info(const char *domain_name) { struct winbindd_request request; struct winbindd_response response; @@ -447,9 +446,9 @@ static BOOL wbinfo_domain_info(const char *domain_name) /* Send request */ - if (winbindd_request(WINBINDD_DOMAIN_INFO, &request, &response) != + if (winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ @@ -466,13 +465,11 @@ static BOOL wbinfo_domain_info(const char *domain_name) d_printf("Primary : %s\n", response.data.domain_info.primary ? "Yes" : "No"); - d_printf("Sequence : %d\n", response.data.domain_info.sequence_number); - - return True; + return true; } /* Get a foreign DC's name */ -static BOOL wbinfo_getdcname(const char *domain_name) +static bool wbinfo_getdcname(const char *domain_name) { struct winbindd_request request; struct winbindd_response response; @@ -484,29 +481,29 @@ static BOOL wbinfo_getdcname(const char *domain_name) /* Send request */ - if (winbindd_request(WINBINDD_GETDCNAME, &request, &response) != + if (winbindd_request_response(WINBINDD_GETDCNAME, &request, &response) != NSS_STATUS_SUCCESS) { d_fprintf(stderr, "Could not get dc name for %s\n", domain_name); - return False; + return false; } /* Display response */ d_printf("%s\n", response.data.dc_name); - return True; + return true; } /* Check trust account password */ -static BOOL wbinfo_check_secret(void) +static bool wbinfo_check_secret(void) { struct winbindd_response response; NSS_STATUS result; ZERO_STRUCT(response); - result = winbindd_request(WINBINDD_CHECK_MACHACC, NULL, &response); + result = winbindd_request_response(WINBINDD_CHECK_MACHACC, NULL, &response); d_printf("checking the trust secret via RPC calls %s\n", (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); @@ -521,7 +518,7 @@ static BOOL wbinfo_check_secret(void) /* Convert uid to sid */ -static BOOL wbinfo_uid_to_sid(uid_t uid) +static bool wbinfo_uid_to_sid(uid_t uid) { struct winbindd_request request; struct winbindd_response response; @@ -533,20 +530,20 @@ static BOOL wbinfo_uid_to_sid(uid_t uid) request.data.uid = uid; - if (winbindd_request(WINBINDD_UID_TO_SID, &request, &response) != + if (winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%s\n", response.data.sid.sid); - return True; + return true; } /* Convert gid to sid */ -static BOOL wbinfo_gid_to_sid(gid_t gid) +static bool wbinfo_gid_to_sid(gid_t gid) { struct winbindd_request request; struct winbindd_response response; @@ -558,20 +555,20 @@ static BOOL wbinfo_gid_to_sid(gid_t gid) request.data.gid = gid; - if (winbindd_request(WINBINDD_GID_TO_SID, &request, &response) != + if (winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%s\n", response.data.sid.sid); - return True; + return true; } /* Convert sid to uid */ -static BOOL wbinfo_sid_to_uid(char *sid) +static bool wbinfo_sid_to_uid(char *sid) { struct winbindd_request request; struct winbindd_response response; @@ -583,18 +580,18 @@ static BOOL wbinfo_sid_to_uid(char *sid) fstrcpy(request.data.sid, sid); - if (winbindd_request(WINBINDD_SID_TO_UID, &request, &response) != + if (winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%d\n", (int)response.data.uid); - return True; + return true; } -static BOOL wbinfo_sid_to_gid(char *sid) +static bool wbinfo_sid_to_gid(char *sid) { struct winbindd_request request; struct winbindd_response response; @@ -606,20 +603,20 @@ static BOOL wbinfo_sid_to_gid(char *sid) fstrcpy(request.data.sid, sid); - if (winbindd_request(WINBINDD_SID_TO_GID, &request, &response) != + if (winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%d\n", (int)response.data.gid); - return True; + return true; } /* Convert sid to string */ -static BOOL wbinfo_lookupsid(char *sid) +static bool wbinfo_lookupsid(char *sid) { struct winbindd_request request; struct winbindd_response response; @@ -631,9 +628,9 @@ static BOOL wbinfo_lookupsid(char *sid) fstrcpy(request.data.sid, sid); - if (winbindd_request(WINBINDD_LOOKUPSID, &request, &response) != + if (winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ @@ -641,7 +638,7 @@ static BOOL wbinfo_lookupsid(char *sid) winbind_separator(), response.data.name.name, response.data.name.type); - return True; + return true; } static const char *sid_type_lookup(enum lsa_SidType r) @@ -662,7 +659,7 @@ static const char *sid_type_lookup(enum lsa_SidType r) /* Convert string to sid */ -static BOOL wbinfo_lookupname(char *name) +static bool wbinfo_lookupname(char *name) { struct winbindd_request request; struct winbindd_response response; @@ -675,20 +672,20 @@ static BOOL wbinfo_lookupname(char *name) parse_wbinfo_domain_user(name, request.data.name.dom_name, request.data.name.name); - if (winbindd_request(WINBINDD_LOOKUPNAME, &request, &response) != + if (winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%s %s (%d)\n", response.data.sid.sid, sid_type_lookup(response.data.sid.type), response.data.sid.type); - return True; + return true; } /* Authenticate a user with a plaintext password */ -static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags) +static bool wbinfo_auth_krb5(char *username, const char *cctype, uint32_t flags) { struct winbindd_request request; struct winbindd_response response; @@ -716,7 +713,7 @@ static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags) request.data.auth.uid = geteuid(); - result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response); + result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response); /* Display response */ @@ -749,7 +746,7 @@ static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags) /* Authenticate a user with a plaintext password */ -static BOOL wbinfo_auth(char *username) +static bool wbinfo_auth(char *username) { struct winbindd_request request; struct winbindd_response response; @@ -771,7 +768,7 @@ static BOOL wbinfo_auth(char *username) } else fstrcpy(request.data.auth.user, username); - result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response); + result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response); /* Display response */ @@ -789,7 +786,7 @@ static BOOL wbinfo_auth(char *username) /* Authenticate a user with a challenge/response */ -static BOOL wbinfo_auth_crap(char *username) +static bool wbinfo_auth_crap(char *username) { struct winbindd_request request; struct winbindd_response response; @@ -822,7 +819,7 @@ static BOOL wbinfo_auth_crap(char *username) generate_random_buffer(request.data.auth_crap.chal, 8); - if (lp_client_ntlmv2_auth()) { + if (lp_client_ntlmv2_auth(global_loadparm)) { DATA_BLOB server_chal; DATA_BLOB names_blob; @@ -833,20 +830,20 @@ static BOOL wbinfo_auth_crap(char *username) mem_ctx = talloc_new(NULL); if (mem_ctx == NULL) { d_printf("talloc_new failed\n"); - return False; + return false; } server_chal = data_blob(request.data.auth_crap.chal, 8); /* Pretend this is a login to 'us', for blob purposes */ - names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(), lp_workgroup()); + names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(global_loadparm), lp_workgroup(global_loadparm)); if (!SMBNTLMv2encrypt(mem_ctx, name_user, name_domain, pass, &server_chal, &names_blob, &lm_response, &nt_response, NULL, NULL)) { data_blob_free(&names_blob); data_blob_free(&server_chal); - return False; + return false; } data_blob_free(&names_blob); data_blob_free(&server_chal); @@ -865,7 +862,7 @@ static BOOL wbinfo_auth_crap(char *username) data_blob_free(&lm_response); } else { - if (lp_client_lanman_auth() + if (lp_client_lanman_auth(global_loadparm) && SMBencrypt(pass, request.data.auth_crap.chal, (unsigned char *)request.data.auth_crap.lm_resp)) { request.data.auth_crap.lm_resp_len = 24; @@ -878,7 +875,7 @@ static BOOL wbinfo_auth_crap(char *username) request.data.auth_crap.nt_resp_len = 24; } - result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response); + result = winbindd_request_response(WINBINDD_PAM_AUTH_CRAP, &request, &response); /* Display response */ @@ -896,7 +893,7 @@ static BOOL wbinfo_auth_crap(char *username) /* Print domain users */ -static BOOL print_domain_users(const char *domain) +static bool print_domain_users(const char *domain) { struct winbindd_request request; struct winbindd_response response; @@ -916,14 +913,14 @@ static BOOL print_domain_users(const char *domain) fstrcpy( request.domain_name, domain ); } - if (winbindd_request(WINBINDD_LIST_USERS, &request, &response) != + if (winbindd_request_response(WINBINDD_LIST_USERS, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Look through extra data */ if (!response.extra_data.data) - return False; + return false; extra_data = (const char *)response.extra_data.data; @@ -932,12 +929,12 @@ static BOOL print_domain_users(const char *domain) SAFE_FREE(response.extra_data.data); - return True; + return true; } /* Print domain groups */ -static BOOL print_domain_groups(const char *domain) +static bool print_domain_groups(const char *domain) { struct winbindd_request request; struct winbindd_response response; @@ -954,14 +951,14 @@ static BOOL print_domain_groups(const char *domain) fstrcpy( request.domain_name, domain ); } - if (winbindd_request(WINBINDD_LIST_GROUPS, &request, &response) != + if (winbindd_request_response(WINBINDD_LIST_GROUPS, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Look through extra data */ if (!response.extra_data.data) - return False; + return false; extra_data = (const char *)response.extra_data.data; @@ -970,14 +967,14 @@ static BOOL print_domain_groups(const char *domain) SAFE_FREE(response.extra_data.data); - return True; + return true; } -static BOOL wbinfo_ping(void) +static bool wbinfo_ping(void) { NSS_STATUS result; - result = winbindd_request(WINBINDD_PING, NULL, NULL); + result = winbindd_request_response(WINBINDD_PING, NULL, NULL); /* Display response */ @@ -1153,7 +1150,7 @@ int main(int argc, char **argv, char **envp) } break; case 'm': - if (!wbinfo_list_domains(False)) { + if (!wbinfo_list_domains(false)) { d_fprintf(stderr, "Could not list trusted domains\n"); goto done; } @@ -1213,18 +1210,18 @@ int main(int argc, char **argv, char **envp) } break; case 'a': { - BOOL got_error = False; + bool got_error = false; if (!wbinfo_auth(string_arg)) { d_fprintf(stderr, "Could not authenticate user %s with " "plaintext password\n", string_arg); - got_error = True; + got_error = true; } if (!wbinfo_auth_crap(string_arg)) { d_fprintf(stderr, "Could not authenticate user %s with " "challenge/response\n", string_arg); - got_error = True; + got_error = true; } if (got_error) @@ -1232,7 +1229,7 @@ int main(int argc, char **argv, char **envp) break; } case 'K': { - uint32 flags = WBFLAG_PAM_KRB5 | + uint32_t flags = WBFLAG_PAM_KRB5 | WBFLAG_PAM_CACHED_LOGIN | WBFLAG_PAM_FALLBACK_AFTER_KRB5 | WBFLAG_PAM_INFO3_TEXT; @@ -1256,7 +1253,7 @@ int main(int argc, char **argv, char **envp) } break; case OPT_SEPARATOR: { - const char sep = winbind_separator_int(True); + const char sep = winbind_separator_int(true); if ( !sep ) { goto done; } @@ -1264,7 +1261,7 @@ int main(int argc, char **argv, char **envp) break; } case OPT_LIST_ALL_DOMAINS: - if (!wbinfo_list_domains(True)) { + if (!wbinfo_list_domains(true)) { goto done; } break; diff --git a/source4/nsswitch/winbind_client.h b/source4/nsswitch/winbind_client.h index 373d56804a..2a3956e1fd 100644 --- a/source4/nsswitch/winbind_client.h +++ b/source4/nsswitch/winbind_client.h @@ -1,16 +1,25 @@ -#include "nsswitch/winbind_nss_config.h" -#include "nsswitch/winbindd_nss.h" +#include "winbind_nss_config.h" +#include "winbind_struct_protocol.h" -void init_request(struct winbindd_request *req,int rq_type); -NSS_STATUS winbindd_send_request(int req_type, +void winbindd_init_request(struct winbindd_request *req,int rq_type); +void winbindd_free_response(struct winbindd_response *response); +NSS_STATUS winbindd_send_request(int req_type, int need_priv, struct winbindd_request *request); NSS_STATUS winbindd_get_response(struct winbindd_response *response); -NSS_STATUS winbindd_request(int req_type, +NSS_STATUS winbindd_request_response(int req_type, struct winbindd_request *request, struct winbindd_response *response); -int winbind_open_pipe_sock(void); -int write_sock(void *buffer, int count); -int read_reply(struct winbindd_response *response); -void close_sock(void); -void free_response(struct winbindd_response *response); +NSS_STATUS winbindd_priv_request_response(int req_type, + struct winbindd_request *request, + struct winbindd_response *response); +int winbindd_read_reply(struct winbindd_response *response); +bool winbind_env_set(void); +bool winbind_off(void); +bool winbind_on(void); + +int winbind_write_sock(void *buffer, int count, int recursing, int need_priv); +int winbind_read_sock(void *buffer, int count); +void winbind_close_sock(void); + +const char *nss_err_str(NSS_STATUS ret); diff --git a/source4/nsswitch/winbind_nss.h b/source4/nsswitch/winbind_nss.h index c4b2951643..0a3bc7cefa 100644 --- a/source4/nsswitch/winbind_nss.h +++ b/source4/nsswitch/winbind_nss.h @@ -53,7 +53,15 @@ #include "nsswitch/winbind_nss_hpux.h" -#else /* Nothing's defined. Neither gnu nor sun nor hp */ +#elif defined(__NetBSD__) && defined(HAVE_GETPWENT_R) + +/* + * NetBSD 3 and newer + */ + +#include "nsswitch/winbind_nss_netbsd.h" + +#else /* Nothing's defined. Neither gnu nor netbsd nor sun nor hp */ typedef enum { diff --git a/source4/nsswitch/winbind_nss_config.h b/source4/nsswitch/winbind_nss_config.h index 9ab3f8ab0c..e0828dc905 100644 --- a/source4/nsswitch/winbind_nss_config.h +++ b/source4/nsswitch/winbind_nss_config.h @@ -51,48 +51,6 @@ typedef char pstring[PSTRING_LEN]; typedef char fstring[FSTRING_LEN]; #endif -#if !defined(uint32) -#if (SIZEOF_INT == 4) -#define uint32 unsigned int -#elif (SIZEOF_LONG == 4) -#define uint32 unsigned long -#elif (SIZEOF_SHORT == 4) -#define uint32 unsigned short -#endif -#endif - -#if !defined(uint16) -#if (SIZEOF_SHORT == 4) -#define uint16 __ERROR___CANNOT_DETERMINE_TYPE_FOR_INT16; -#else /* SIZEOF_SHORT != 4 */ -#define uint16 unsigned short -#endif /* SIZEOF_SHORT != 4 */ -#endif - -#ifndef uint8 -#define uint8 unsigned char -#endif - -/* - * check for 8 byte long long - */ - -#if !defined(uint64) -#if (SIZEOF_LONG == 8) -#define uint64 unsigned long -#elif (SIZEOF_LONG_LONG == 8) -#define uint64 unsigned long long -#endif /* don't lie. If we don't have it, then don't use it */ -#endif - -#if !defined(int64) -#if (SIZEOF_LONG == 8) -#define int64 long -#elif (SIZEOF_LONG_LONG == 8) -#define int64 long long -#endif /* don't lie. If we don't have it, then don't use it */ -#endif - /* Some systems (SCO) treat UNIX domain sockets as FIFOs */ #ifndef S_IFSOCK @@ -103,9 +61,4 @@ typedef char fstring[FSTRING_LEN]; #define S_ISSOCK(mode) ((mode & S_IFSOCK) == S_IFSOCK) #endif -#ifndef HAVE_SOCKLEN_T -#define HAVE_SOCKLEN_T -typedef int socklen_t; -#endif - #endif diff --git a/source4/nsswitch/winbind_nss_irix.h b/source4/nsswitch/winbind_nss_irix.h index 9752267c0e..b40b14b0b0 100644 --- a/source4/nsswitch/winbind_nss_irix.h +++ b/source4/nsswitch/winbind_nss_irix.h @@ -39,8 +39,4 @@ typedef enum NSS_STATUS_TRYAGAIN=NS_TRYAGAIN } NSS_STATUS; -#define NSD_MEM_STATIC 0 -#define NSD_MEM_VOLATILE 1 -#define NSD_MEM_DYNAMIC 2 - #endif /* _WINBIND_NSS_IRIX_H */ diff --git a/source4/nsswitch/winbind_nss_linux.c b/source4/nsswitch/winbind_nss_linux.c index 52254b984d..ac53979ced 100644 --- a/source4/nsswitch/winbind_nss_linux.c +++ b/source4/nsswitch/winbind_nss_linux.c @@ -19,7 +19,6 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "includes.h" #include "winbind_client.h" /* Maximum number of users to pass back over the unix domain socket @@ -29,64 +28,45 @@ #define MAX_GETPWENT_USERS 250 #define MAX_GETGRENT_USERS 250 -_PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void); -_PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void); -_PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, char *buffer, +NSS_STATUS _nss_winbind_setpwent(void); +NSS_STATUS _nss_winbind_endpwent(void); +NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, char *buffer, size_t buflen, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, +NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer, size_t buflen, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name, struct passwd *result, +NSS_STATUS _nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer, size_t buflen, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void); -_PUBLIC_ NSS_STATUS _nss_winbind_endgrent(void); -_PUBLIC_ NSS_STATUS _nss_winbind_getgrent_r(struct group *result, char *buffer, +NSS_STATUS _nss_winbind_setgrent(void); +NSS_STATUS _nss_winbind_endgrent(void); +NSS_STATUS _nss_winbind_getgrent_r(struct group *result, char *buffer, size_t buflen, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, char *buffer, +NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, char *buffer, size_t buflen, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name, struct group *result, +NSS_STATUS _nss_winbind_getgrnam_r(const char *name, struct group *result, char *buffer, size_t buflen, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, struct group *result, char *buffer, +NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, struct group *result, char *buffer, size_t buflen, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start, +NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start, long int *size, gid_t **groups, long int limit, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid, char **group_sids, +NSS_STATUS _nss_winbind_getusersids(const char *user_sid, char **group_sids, int *num_groups, char *buffer, size_t buf_size, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid, char *buffer, +NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid, char *buffer, size_t buflen, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, char *buffer, +NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, char *buffer, size_t buflen, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer, +NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop); +NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop); +NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer, size_t buflen, int *errnop); -_PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer, +NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer, size_t buflen, int *errnop); /* Prototypes from wb_common.c */ extern int winbindd_fd; -#ifdef DEBUG_NSS -static const char *nss_err_str(NSS_STATUS ret) { - switch (ret) { - case NSS_STATUS_TRYAGAIN: - return "NSS_STATUS_TRYAGAIN"; - case NSS_STATUS_SUCCESS: - return "NSS_STATUS_SUCCESS"; - case NSS_STATUS_NOTFOUND: - return "NSS_STATUS_NOTFOUND"; - case NSS_STATUS_UNAVAIL: - return "NSS_STATUS_UNAVAIL"; - case NSS_STATUS_RETURN: - return "NSS_STATUS_RETURN"; - default: - return "UNKNOWN RETURN CODE!!!!!!!"; - } -} -#endif - /* Allocate some space from the nss static buffer. The buffer and buflen are the pointers passed in by the C library to the _nss_ntdom_* functions. */ @@ -115,13 +95,13 @@ static char *get_static(char **buffer, size_t *buflen, size_t len) lib/util_str.c as I really don't want to have to link in any other objects if I can possibly avoid it. */ -static BOOL next_tok(char **ptr,char *buff,const char *sep, size_t bufsize) +static bool next_token(char **ptr,char *buff,const char *sep, size_t bufsize) { char *s; - BOOL quoted; + bool quoted; size_t len=1; - if (!ptr) return(False); + if (!ptr) return false; s = *ptr; @@ -132,10 +112,10 @@ static BOOL next_tok(char **ptr,char *buff,const char *sep, size_t bufsize) while (*s && strchr(sep,*s)) s++; /* nothing left? */ - if (! *s) return(False); + if (! *s) return false; /* copy over the token */ - for (quoted = False; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) { + for (quoted = false; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) { if (*s == '\"') { quoted = !quoted; } else { @@ -147,7 +127,7 @@ static BOOL next_tok(char **ptr,char *buff,const char *sep, size_t bufsize) *ptr = (*s) ? s+1 : s; *buff = 0; - return(True); + return true; } @@ -169,7 +149,7 @@ static NSS_STATUS fill_pwent(struct passwd *result, return NSS_STATUS_TRYAGAIN; } - strlcpy(result->pw_name, pw->pw_name, strlen(pw->pw_name) + 1); + strcpy(result->pw_name, pw->pw_name); /* Password */ @@ -181,7 +161,7 @@ static NSS_STATUS fill_pwent(struct passwd *result, return NSS_STATUS_TRYAGAIN; } - strlcpy(result->pw_passwd, pw->pw_passwd, strlen(pw->pw_passwd) + 1); + strcpy(result->pw_passwd, pw->pw_passwd); /* [ug]id */ @@ -198,7 +178,7 @@ static NSS_STATUS fill_pwent(struct passwd *result, return NSS_STATUS_TRYAGAIN; } - strlcpy(result->pw_gecos, pw->pw_gecos, strlen(pw->pw_gecos) + 1); + strcpy(result->pw_gecos, pw->pw_gecos); /* Home directory */ @@ -210,7 +190,7 @@ static NSS_STATUS fill_pwent(struct passwd *result, return NSS_STATUS_TRYAGAIN; } - strlcpy(result->pw_dir, pw->pw_dir, strlen(pw->pw_dir) + 1); + strcpy(result->pw_dir, pw->pw_dir); /* Logon shell */ @@ -222,7 +202,7 @@ static NSS_STATUS fill_pwent(struct passwd *result, return NSS_STATUS_TRYAGAIN; } - strlcpy(result->pw_shell, pw->pw_shell, strlen(pw->pw_shell) + 1); + strcpy(result->pw_shell, pw->pw_shell); /* The struct passwd for Solaris has some extra fields which must be initialised or nscd crashes. */ @@ -259,7 +239,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr, return NSS_STATUS_TRYAGAIN; } - strlcpy(result->gr_name, gr->gr_name, strlen(gr->gr_name) + 1); + strcpy(result->gr_name, gr->gr_name); /* Password */ @@ -271,7 +251,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr, return NSS_STATUS_TRYAGAIN; } - strlcpy(result->gr_passwd, gr->gr_passwd, strlen(gr->gr_passwd) + 1); + strcpy(result->gr_passwd, gr->gr_passwd); /* gid */ @@ -310,7 +290,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr, i = 0; - while(next_tok((char **)&gr_mem, name, ",", sizeof(fstring))) { + while(next_token((char **)&gr_mem, name, ",", sizeof(fstring))) { /* Allocate space for member */ @@ -322,7 +302,7 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr, return NSS_STATUS_TRYAGAIN; } - strlcpy((result->gr_mem)[i], name, strlen(name) + 1); + strcpy((result->gr_mem)[i], name); i++; } @@ -344,7 +324,8 @@ static int num_pw_cache; /* Current size of pwd cache */ /* Rewind "file pointer" to start of ntdom password database */ -_PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void) +NSS_STATUS +_nss_winbind_setpwent(void) { NSS_STATUS ret; #ifdef DEBUG_NSS @@ -353,10 +334,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void) if (num_pw_cache > 0) { ndx_pw_cache = num_pw_cache = 0; - free_response(&getpwent_response); + winbindd_free_response(&getpwent_response); } - ret = winbindd_request(WINBINDD_SETPWENT, NULL, NULL); + ret = winbindd_request_response(WINBINDD_SETPWENT, NULL, NULL); #ifdef DEBUG_NSS fprintf(stderr, "[%5d]: setpwent returns %s (%d)\n", getpid(), nss_err_str(ret), ret); @@ -366,7 +347,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setpwent(void) /* Close ntdom password database "file pointer" */ -_PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void) +NSS_STATUS +_nss_winbind_endpwent(void) { NSS_STATUS ret; #ifdef DEBUG_NSS @@ -375,10 +357,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void) if (num_pw_cache > 0) { ndx_pw_cache = num_pw_cache = 0; - free_response(&getpwent_response); + winbindd_free_response(&getpwent_response); } - ret = winbindd_request(WINBINDD_ENDPWENT, NULL, NULL); + ret = winbindd_request_response(WINBINDD_ENDPWENT, NULL, NULL); #ifdef DEBUG_NSS fprintf(stderr, "[%5d]: endpwent returns %s (%d)\n", getpid(), nss_err_str(ret), ret); @@ -388,8 +370,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_endpwent(void) /* Fetch the next password entry from ntdom password database */ -_PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, - char *buffer, size_t buflen, int *errnop) +NSS_STATUS +_nss_winbind_getpwent_r(struct passwd *result, char *buffer, + size_t buflen, int *errnop) { NSS_STATUS ret; struct winbindd_request request; @@ -409,7 +392,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, /* Else call winbindd to get a bunch of entries */ if (num_pw_cache > 0) { - free_response(&getpwent_response); + winbindd_free_response(&getpwent_response); } ZERO_STRUCT(request); @@ -417,7 +400,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, request.data.num_entries = MAX_GETPWENT_USERS; - ret = winbindd_request(WINBINDD_GETPWENT, &request, + ret = winbindd_request_response(WINBINDD_GETPWENT, &request, &getpwent_response); if (ret == NSS_STATUS_SUCCESS) { @@ -448,20 +431,20 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, /* Out of memory - try again */ if (ret == NSS_STATUS_TRYAGAIN) { - called_again = True; + called_again = true; *errnop = errno = ERANGE; goto done; } *errnop = errno = 0; - called_again = False; + called_again = false; ndx_pw_cache++; /* If we've finished with this lot of results free cache */ if (ndx_pw_cache == num_pw_cache) { ndx_pw_cache = num_pw_cache = 0; - free_response(&getpwent_response); + winbindd_free_response(&getpwent_response); } } done: @@ -474,8 +457,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, /* Return passwd struct from uid */ -_PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, - char *buffer, size_t buflen, int *errnop) +NSS_STATUS +_nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer, + size_t buflen, int *errnop) { NSS_STATUS ret; static struct winbindd_response response; @@ -496,14 +480,14 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, request.data.uid = uid; - ret = winbindd_request(WINBINDD_GETPWUID, &request, &response); + ret = winbindd_request_response(WINBINDD_GETPWUID, &request, &response); if (ret == NSS_STATUS_SUCCESS) { ret = fill_pwent(result, &response.data.pw, &buffer, &buflen); if (ret == NSS_STATUS_TRYAGAIN) { - keep_response = True; + keep_response = true; *errnop = errno = ERANGE; goto done; } @@ -516,16 +500,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, ret = fill_pwent(result, &response.data.pw, &buffer, &buflen); if (ret == NSS_STATUS_TRYAGAIN) { - keep_response = True; + keep_response = true; *errnop = errno = ERANGE; goto done; } - keep_response = False; + keep_response = false; *errnop = errno = 0; } - free_response(&response); + winbindd_free_response(&response); done: #ifdef DEBUG_NSS @@ -536,8 +520,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, } /* Return passwd struct from username */ -_PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name, - struct passwd *result, char *buffer, size_t buflen, int *errnop) +NSS_STATUS +_nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer, + size_t buflen, int *errnop) { NSS_STATUS ret; static struct winbindd_response response; @@ -562,14 +547,14 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name, request.data.username [sizeof(request.data.username) - 1] = '\0'; - ret = winbindd_request(WINBINDD_GETPWNAM, &request, &response); + ret = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response); if (ret == NSS_STATUS_SUCCESS) { ret = fill_pwent(result, &response.data.pw, &buffer, &buflen); if (ret == NSS_STATUS_TRYAGAIN) { - keep_response = True; + keep_response = true; *errnop = errno = ERANGE; goto done; } @@ -582,16 +567,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getpwnam_r(const char *name, ret = fill_pwent(result, &response.data.pw, &buffer, &buflen); if (ret == NSS_STATUS_TRYAGAIN) { - keep_response = True; + keep_response = true; *errnop = errno = ERANGE; goto done; } - keep_response = False; + keep_response = false; *errnop = errno = 0; } - free_response(&response); + winbindd_free_response(&response); done: #ifdef DEBUG_NSS fprintf(stderr, "[%5d]: getpwnam %s returns %s (%d)\n", getpid(), @@ -611,7 +596,8 @@ static int num_gr_cache; /* Current size of grp cache */ /* Rewind "file pointer" to start of ntdom group database */ -_PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void) +NSS_STATUS +_nss_winbind_setgrent(void) { NSS_STATUS ret; #ifdef DEBUG_NSS @@ -620,10 +606,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void) if (num_gr_cache > 0) { ndx_gr_cache = num_gr_cache = 0; - free_response(&getgrent_response); + winbindd_free_response(&getgrent_response); } - ret = winbindd_request(WINBINDD_SETGRENT, NULL, NULL); + ret = winbindd_request_response(WINBINDD_SETGRENT, NULL, NULL); #ifdef DEBUG_NSS fprintf(stderr, "[%5d]: setgrent returns %s (%d)\n", getpid(), nss_err_str(ret), ret); @@ -633,7 +619,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_setgrent(void) /* Close "file pointer" for ntdom group database */ -_PUBLIC_ NSS_STATUS _nss_winbind_endgrent(void) +NSS_STATUS +_nss_winbind_endgrent(void) { NSS_STATUS ret; #ifdef DEBUG_NSS @@ -642,10 +629,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_endgrent(void) if (num_gr_cache > 0) { ndx_gr_cache = num_gr_cache = 0; - free_response(&getgrent_response); + winbindd_free_response(&getgrent_response); } - ret = winbindd_request(WINBINDD_ENDGRENT, NULL, NULL); + ret = winbindd_request_response(WINBINDD_ENDGRENT, NULL, NULL); #ifdef DEBUG_NSS fprintf(stderr, "[%5d]: endgrent returns %s (%d)\n", getpid(), nss_err_str(ret), ret); @@ -679,7 +666,7 @@ winbind_getgrent(enum winbindd_cmd cmd, /* Else call winbindd to get a bunch of entries */ if (num_gr_cache > 0) { - free_response(&getgrent_response); + winbindd_free_response(&getgrent_response); } ZERO_STRUCT(request); @@ -687,7 +674,7 @@ winbind_getgrent(enum winbindd_cmd cmd, request.data.num_entries = MAX_GETGRENT_USERS; - ret = winbindd_request(cmd, &request, + ret = winbindd_request_response(cmd, &request, &getgrent_response); if (ret == NSS_STATUS_SUCCESS) { @@ -727,20 +714,20 @@ winbind_getgrent(enum winbindd_cmd cmd, /* Out of memory - try again */ if (ret == NSS_STATUS_TRYAGAIN) { - called_again = True; + called_again = true; *errnop = errno = ERANGE; goto done; } *errnop = 0; - called_again = False; + called_again = false; ndx_gr_cache++; /* If we've finished with this lot of results free cache */ if (ndx_gr_cache == num_gr_cache) { ndx_gr_cache = num_gr_cache = 0; - free_response(&getgrent_response); + winbindd_free_response(&getgrent_response); } } done: @@ -752,13 +739,15 @@ winbind_getgrent(enum winbindd_cmd cmd, } -_PUBLIC_ NSS_STATUS _nss_winbind_getgrent_r(struct group *result, +NSS_STATUS +_nss_winbind_getgrent_r(struct group *result, char *buffer, size_t buflen, int *errnop) { return winbind_getgrent(WINBINDD_GETGRENT, result, buffer, buflen, errnop); } -_PUBLIC_ NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, +NSS_STATUS +_nss_winbind_getgrlst_r(struct group *result, char *buffer, size_t buflen, int *errnop) { return winbind_getgrent(WINBINDD_GETGRLST, result, buffer, buflen, errnop); @@ -766,7 +755,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, /* Return group struct from group name */ -_PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name, +NSS_STATUS +_nss_winbind_getgrnam_r(const char *name, struct group *result, char *buffer, size_t buflen, int *errnop) { @@ -793,7 +783,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name, request.data.groupname [sizeof(request.data.groupname) - 1] = '\0'; - ret = winbindd_request(WINBINDD_GETGRNAM, &request, &response); + ret = winbindd_request_response(WINBINDD_GETGRNAM, &request, &response); if (ret == NSS_STATUS_SUCCESS) { ret = fill_grent(result, &response.data.gr, @@ -801,7 +791,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name, &buffer, &buflen); if (ret == NSS_STATUS_TRYAGAIN) { - keep_response = True; + keep_response = true; *errnop = errno = ERANGE; goto done; } @@ -816,16 +806,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name, &buflen); if (ret == NSS_STATUS_TRYAGAIN) { - keep_response = True; + keep_response = true; *errnop = errno = ERANGE; goto done; } - keep_response = False; + keep_response = false; *errnop = 0; } - free_response(&response); + winbindd_free_response(&response); done: #ifdef DEBUG_NSS fprintf(stderr, "[%5d]: getgrnam %s returns %s (%d)\n", getpid(), @@ -836,7 +826,8 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrnam_r(const char *name, /* Return group struct from gid */ -_PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, +NSS_STATUS +_nss_winbind_getgrgid_r(gid_t gid, struct group *result, char *buffer, size_t buflen, int *errnop) { @@ -860,7 +851,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, request.data.gid = gid; - ret = winbindd_request(WINBINDD_GETGRGID, &request, &response); + ret = winbindd_request_response(WINBINDD_GETGRGID, &request, &response); if (ret == NSS_STATUS_SUCCESS) { @@ -869,7 +860,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, &buffer, &buflen); if (ret == NSS_STATUS_TRYAGAIN) { - keep_response = True; + keep_response = true; *errnop = errno = ERANGE; goto done; } @@ -884,16 +875,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, &buflen); if (ret == NSS_STATUS_TRYAGAIN) { - keep_response = True; + keep_response = true; *errnop = errno = ERANGE; goto done; } - keep_response = False; + keep_response = false; *errnop = 0; } - free_response(&response); + winbindd_free_response(&response); done: #ifdef DEBUG_NSS fprintf(stderr, "[%5d]: getgrgid %d returns %s (%d)\n", getpid(), @@ -904,9 +895,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, /* Initialise supplementary groups */ -_PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, - long int *start, long int *size, gid_t **groups, - long int limit, int *errnop) +NSS_STATUS +_nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start, + long int *size, gid_t **groups, long int limit, + int *errnop) { NSS_STATUS ret; struct winbindd_request request; @@ -924,7 +916,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, strncpy(request.data.username, user, sizeof(request.data.username) - 1); - ret = winbindd_request(WINBINDD_GETGROUPS, &request, &response); + ret = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response); if (ret == NSS_STATUS_SUCCESS) { int num_gids = response.data.num_entries; @@ -1003,9 +995,10 @@ _PUBLIC_ NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, /* return a list of group SIDs for a user SID */ -_PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid, - char **group_sids, int *num_groups, - char *buffer, size_t buf_size, int *errnop) +NSS_STATUS +_nss_winbind_getusersids(const char *user_sid, char **group_sids, + int *num_groups, + char *buffer, size_t buf_size, int *errnop) { NSS_STATUS ret; struct winbindd_request request; @@ -1021,7 +1014,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid, strncpy(request.data.sid, user_sid,sizeof(request.data.sid) - 1); request.data.sid[sizeof(request.data.sid) - 1] = '\0'; - ret = winbindd_request(WINBINDD_GETUSERSIDS, &request, &response); + ret = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response); if (ret != NSS_STATUS_SUCCESS) { goto done; @@ -1039,14 +1032,15 @@ _PUBLIC_ NSS_STATUS _nss_winbind_getusersids(const char *user_sid, errno = *errnop = 0; done: - free_response(&response); + winbindd_free_response(&response); return ret; } /* map a user or group name to a SID string */ -_PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid, - char *buffer, size_t buflen, int *errnop) +NSS_STATUS +_nss_winbind_nametosid(const char *name, char **sid, char *buffer, + size_t buflen, int *errnop) { NSS_STATUS ret; struct winbindd_response response; @@ -1063,7 +1057,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid, sizeof(request.data.name.name) - 1); request.data.name.name[sizeof(request.data.name.name) - 1] = '\0'; - ret = winbindd_request(WINBINDD_LOOKUPNAME, &request, &response); + ret = winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response); if (ret != NSS_STATUS_SUCCESS) { *errnop = errno = EINVAL; goto failed; @@ -1077,16 +1071,17 @@ _PUBLIC_ NSS_STATUS _nss_winbind_nametosid(const char *name, char **sid, *errnop = errno = 0; *sid = buffer; - strlcpy(*sid, response.data.sid.sid, strlen(response.data.sid.sid) + 1); + strcpy(*sid, response.data.sid.sid); failed: - free_response(&response); + winbindd_free_response(&response); return ret; } /* map a sid string to a user or group name */ -_PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, - char *buffer, size_t buflen, int *errnop) +NSS_STATUS +_nss_winbind_sidtoname(const char *sid, char **name, char *buffer, + size_t buflen, int *errnop) { NSS_STATUS ret; struct winbindd_response response; @@ -1103,14 +1098,14 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, /* we need to fetch the separator first time through */ if (!sep_char) { - ret = winbindd_request(WINBINDD_INFO, &request, &response); + ret = winbindd_request_response(WINBINDD_INFO, &request, &response); if (ret != NSS_STATUS_SUCCESS) { *errnop = errno = EINVAL; goto failed; } sep_char = response.data.info.winbind_separator; - free_response(&response); + winbindd_free_response(&response); } @@ -1118,7 +1113,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, sizeof(request.data.sid) - 1); request.data.sid[sizeof(request.data.sid) - 1] = '\0'; - ret = winbindd_request(WINBINDD_LOOKUPSID, &request, &response); + ret = winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response); if (ret != NSS_STATUS_SUCCESS) { *errnop = errno = EINVAL; goto failed; @@ -1143,13 +1138,13 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtoname(const char *sid, char **name, *errnop = errno = 0; failed: - free_response(&response); + winbindd_free_response(&response); return ret; } /* map a sid to a uid */ -_PUBLIC_ NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid, - int *errnop) +NSS_STATUS +_nss_winbind_sidtouid(const char *sid, uid_t *uid, int *errnop) { NSS_STATUS ret; struct winbindd_response response; @@ -1165,7 +1160,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtouid(const char *sid, uid_t *uid, strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1); request.data.sid[sizeof(request.data.sid) - 1] = '\0'; - ret = winbindd_request(WINBINDD_SID_TO_UID, &request, &response); + ret = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response); if (ret != NSS_STATUS_SUCCESS) { *errnop = errno = EINVAL; goto failed; @@ -1178,8 +1173,8 @@ failed: } /* map a sid to a gid */ -_PUBLIC_ NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid, - int *errnop) +NSS_STATUS +_nss_winbind_sidtogid(const char *sid, gid_t *gid, int *errnop) { NSS_STATUS ret; struct winbindd_response response; @@ -1195,7 +1190,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_sidtogid(const char *sid, gid_t *gid, strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1); request.data.sid[sizeof(request.data.sid) - 1] = '\0'; - ret = winbindd_request(WINBINDD_SID_TO_GID, &request, &response); + ret = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response); if (ret != NSS_STATUS_SUCCESS) { *errnop = errno = EINVAL; goto failed; @@ -1208,7 +1203,8 @@ failed: } /* map a uid to a SID string */ -_PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer, +NSS_STATUS +_nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer, size_t buflen, int *errnop) { NSS_STATUS ret; @@ -1224,7 +1220,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer, request.data.uid = uid; - ret = winbindd_request(WINBINDD_UID_TO_SID, &request, &response); + ret = winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response); if (ret != NSS_STATUS_SUCCESS) { *errnop = errno = EINVAL; goto failed; @@ -1238,15 +1234,16 @@ _PUBLIC_ NSS_STATUS _nss_winbind_uidtosid(uid_t uid, char **sid, char *buffer, *errnop = errno = 0; *sid = buffer; - strlcpy(*sid, response.data.sid.sid, strlen(response.data.sid.sid) + 1); + strcpy(*sid, response.data.sid.sid); failed: - free_response(&response); + winbindd_free_response(&response); return ret; } /* map a gid to a SID string */ -_PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer, +NSS_STATUS +_nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer, size_t buflen, int *errnop) { NSS_STATUS ret; @@ -1262,7 +1259,7 @@ _PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer, request.data.gid = gid; - ret = winbindd_request(WINBINDD_GID_TO_SID, &request, &response); + ret = winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response); if (ret != NSS_STATUS_SUCCESS) { *errnop = errno = EINVAL; goto failed; @@ -1276,9 +1273,9 @@ _PUBLIC_ NSS_STATUS _nss_winbind_gidtosid(gid_t gid, char **sid, char *buffer, *errnop = errno = 0; *sid = buffer; - strlcpy(*sid, response.data.sid.sid, strlen(response.data.sid.sid) + 1); + strcpy(*sid, response.data.sid.sid); failed: - free_response(&response); + winbindd_free_response(&response); return ret; } diff --git a/source4/nsswitch/winbind_nss_solaris.h b/source4/nsswitch/winbind_nss_solaris.h index 1c694394d3..941b3e66df 100644 --- a/source4/nsswitch/winbind_nss_solaris.h +++ b/source4/nsswitch/winbind_nss_solaris.h @@ -22,7 +22,37 @@ #ifndef _WINBIND_NSS_SOLARIS_H #define _WINBIND_NSS_SOLARIS_H +/* Solaris has a broken nss_common header file containing C++ reserved names. */ +#ifndef __cplusplus +#undef class +#undef private +#undef public +#undef protected +#undef template +#undef this +#undef new +#undef delete +#undef friend +#endif + #include <nss_common.h> + +/* +TODO: we need to cleanup samba4's headers.. + +#ifndef __cplusplus +#define class #error DONT_USE_CPLUSPLUS_RESERVED_NAMES +#define private #error DONT_USE_CPLUSPLUS_RESERVED_NAMES +#define public #error DONT_USE_CPLUSPLUS_RESERVED_NAMES +#define protected #error DONT_USE_CPLUSPLUS_RESERVED_NAMES +#define template #error DONT_USE_CPLUSPLUS_RESERVED_NAMES +#define this #error DONT_USE_CPLUSPLUS_RESERVED_NAMES +#define new #error DONT_USE_CPLUSPLUS_RESERVED_NAMES +#define delete #error DONT_USE_CPLUSPLUS_RESERVED_NAMES +#define friend #error DONT_USE_CPLUSPLUS_RESERVED_NAMES +#endif +*/ + #include <nss_dbdefs.h> #include <nsswitch.h> diff --git a/source4/nsswitch/winbindd_nss.h b/source4/nsswitch/winbind_struct_protocol.h index 724b830604..d8e5c2f3b8 100644 --- a/source4/nsswitch/winbindd_nss.h +++ b/source4/nsswitch/winbind_struct_protocol.h @@ -11,15 +11,6 @@ products. You do not need to give any attribution. */ - -#ifndef CONST_DISCARD -#define CONST_DISCARD(type, ptr) ((type) ((void *) (ptr))) -#endif - -#ifndef CONST_ADD -#define CONST_ADD(type, ptr) ((type) ((const void *) (ptr))) -#endif - #ifndef SAFE_FREE #define SAFE_FREE(x) do { if(x) {free(x); x=NULL;} } while(0) #endif @@ -36,28 +27,28 @@ #define WINBINDD_SOCKET_DIR "/tmp/.winbindd" /* Name of PF_UNIX dir */ #endif +/* + * when compiled with socket_wrapper support + * the location of the WINBINDD_SOCKET_DIR + * can be overwritten via an environment variable + */ +#define WINBINDD_SOCKET_DIR_ENVVAR "WINBINDD_SOCKET_DIR" + #define WINBINDD_PRIV_SOCKET_SUBDIR "winbindd_privileged" /* name of subdirectory of lp_lockdir() to hold the 'privileged' pipe */ #define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN" /* Environment variables */ #define WINBINDD_DONT_ENV "_NO_WINBINDD" - -#ifdef SOCKET_WRAPPER -#define WINBINDD_SOCKET_DIR_ENV "WINBINDD_SOCKET_DIR" -#endif +#define WINBINDD_LOCATOR_KDC_ADDRESS "WINBINDD_LOCATOR_KDC_ADDRESS" /* Update this when you change the interface. */ -#define WINBIND_INTERFACE_VERSION 18 +#define WINBIND_INTERFACE_VERSION 19 /* Have to deal with time_t being 4 or 8 bytes due to structure alignment. On a 64bit Linux box, we have to support a constant structure size between /lib/libnss_winbind.so.2 and /li64/libnss_winbind.so.2. The easiest way to do this is to always use 8byte values for time_t. */ -#if defined(int64) -# define SMB_TIME_T int64 -#else -# define SMB_TIME_T time_t -#endif +#define SMB_TIME_T int64_t /* Socket commands */ @@ -104,7 +95,7 @@ enum winbindd_cmd { /* Lookup functions */ - WINBINDD_SID_TO_UID, + WINBINDD_SID_TO_UID, WINBINDD_SID_TO_GID, WINBINDD_SIDS_TO_XIDS, WINBINDD_UID_TO_SID, @@ -127,6 +118,7 @@ enum winbindd_cmd { WINBINDD_DOMAIN_INFO, /* Most of what we know from struct winbindd_domain */ WINBINDD_GETDCNAME, /* Issue a GetDCName Request */ + WINBINDD_DSGETDCNAME, /* Issue a DsGetDCName Request */ WINBINDD_SHOW_SEQUENCE, /* display sequence numbers of domains */ @@ -194,30 +186,31 @@ typedef struct winbindd_gr { fstring gr_name; fstring gr_passwd; gid_t gr_gid; - uint32 num_gr_mem; - uint32 gr_mem_ofs; /* offset to group membership */ + uint32_t num_gr_mem; + uint32_t gr_mem_ofs; /* offset to group membership */ } WINBINDD_GR; - -#define WBFLAG_PAM_INFO3_NDR 0x0001 -#define WBFLAG_PAM_INFO3_TEXT 0x0002 -#define WBFLAG_PAM_USER_SESSION_KEY 0x0004 -#define WBFLAG_PAM_LMKEY 0x0008 -#define WBFLAG_PAM_CONTACT_TRUSTDOM 0x0010 -#define WBFLAG_QUERY_ONLY 0x0020 -#define WBFLAG_PAM_UNIX_NAME 0x0080 -#define WBFLAG_PAM_AFS_TOKEN 0x0100 -#define WBFLAG_PAM_NT_STATUS_SQUASH 0x0200 - +/* PAM specific request flags */ +#define WBFLAG_PAM_INFO3_NDR 0x00000001 +#define WBFLAG_PAM_INFO3_TEXT 0x00000002 +#define WBFLAG_PAM_USER_SESSION_KEY 0x00000004 +#define WBFLAG_PAM_LMKEY 0x00000008 +#define WBFLAG_PAM_CONTACT_TRUSTDOM 0x00000010 +#define WBFLAG_PAM_UNIX_NAME 0x00000080 +#define WBFLAG_PAM_AFS_TOKEN 0x00000100 +#define WBFLAG_PAM_NT_STATUS_SQUASH 0x00000200 +#define WBFLAG_PAM_KRB5 0x00001000 +#define WBFLAG_PAM_FALLBACK_AFTER_KRB5 0x00002000 +#define WBFLAG_PAM_CACHED_LOGIN 0x00004000 +#define WBFLAG_PAM_GET_PWD_POLICY 0x00008000 /* not used */ + +/* generic request flags */ +#define WBFLAG_QUERY_ONLY 0x00000020 /* not used */ /* This is a flag that can only be sent from parent to child */ -#define WBFLAG_IS_PRIVILEGED 0x0400 +#define WBFLAG_IS_PRIVILEGED 0x00000400 /* not used */ /* Flag to say this is a winbindd internal send - don't recurse. */ -#define WBFLAG_RECURSE 0x0800 +#define WBFLAG_RECURSE 0x00000800 -#define WBFLAG_PAM_KRB5 0x1000 -#define WBFLAG_PAM_FALLBACK_AFTER_KRB5 0x2000 -#define WBFLAG_PAM_CACHED_LOGIN 0x4000 -#define WBFLAG_PAM_GET_PWD_POLICY 0x8000 /* not used */ #define WINBINDD_MAX_EXTRA_DATA (128*1024) @@ -232,12 +225,13 @@ typedef struct winbindd_gr { ******************************************************************************/ struct winbindd_request { - uint32 length; + uint32_t length; enum winbindd_cmd cmd; /* Winbindd command to execute */ enum winbindd_cmd original_cmd; /* Original Winbindd command issued to parent process */ pid_t pid; /* pid of calling process */ - uint32 flags; /* flags relavant to a given request */ + uint32_t wb_flags; /* generic flags */ + uint32_t flags; /* flags relevant *only* to a given request */ fstring domain_name; /* name of domain for which the request applies */ union { @@ -257,14 +251,14 @@ struct winbindd_request { uid_t uid; } auth; /* pam_winbind auth module */ struct { - unsigned char chal[8]; - uint32 logon_parameters; + uint8_t chal[8]; + uint32_t logon_parameters; fstring user; fstring domain; fstring lm_resp; - uint32 lm_resp_len; + uint32_t lm_resp_len; fstring nt_resp; - uint32 nt_resp_len; + uint32_t nt_resp_len; fstring workstation; fstring require_membership_of_sid; } auth_crap; @@ -276,14 +270,14 @@ struct winbindd_request { struct { fstring user; fstring domain; - unsigned char new_nt_pswd[516]; - uint16 new_nt_pswd_len; - unsigned char old_nt_hash_enc[16]; - uint16 old_nt_hash_enc_len; - unsigned char new_lm_pswd[516]; - uint16 new_lm_pswd_len; - unsigned char old_lm_hash_enc[16]; - uint16 old_lm_hash_enc_len; + uint8_t new_nt_pswd[516]; + uint16_t new_nt_pswd_len; + uint8_t old_nt_hash_enc[16]; + uint16_t old_nt_hash_enc_len; + uint8_t new_lm_pswd[516]; + uint16_t new_lm_pswd_len; + uint8_t old_lm_hash_enc[16]; + uint16_t old_lm_hash_enc_len; } chng_pswd_auth_crap;/* pam_winbind passwd module */ struct { fstring user; @@ -295,7 +289,7 @@ struct winbindd_request { fstring dom_name; /* lookupname */ fstring name; } name; - uint32 num_entries; /* getpwent, getgrent */ + uint32_t num_entries; /* getpwent, getgrent */ struct { fstring username; fstring groupname; @@ -310,8 +304,8 @@ struct winbindd_request { } dual_sid2id; struct { fstring sid; - uint32 type; - uint32 id; + uint32_t type; + uint32_t id; } dual_idmapset; bool list_all_domains; @@ -324,8 +318,8 @@ struct winbindd_request { produce an actual challenge response. It merely succeeds if there are cached credentials available that could be used. */ - uint32 initial_blob_len; /* blobs in extra_data */ - uint32 challenge_blob_len; + uint32_t initial_blob_len; /* blobs in extra_data */ + uint32_t challenge_blob_len; } ccache_ntlm_auth; /* padding -- needed to fix alignment between 32bit and 64bit libs. @@ -338,7 +332,7 @@ struct winbindd_request { SMB_TIME_T padding; char *data; } extra_data; - uint32 extra_len; + uint32_t extra_len; char null_term; }; @@ -364,7 +358,7 @@ struct winbindd_response { /* Header information */ - uint32 length; /* Length of response */ + uint32_t length; /* Length of response */ enum winbindd_result result; /* Result code */ /* Fixed length return data */ @@ -382,14 +376,14 @@ struct winbindd_response { struct winbindd_gr gr; - uint32 num_entries; /* getpwent, getgrent */ + uint32_t num_entries; /* getpwent, getgrent */ struct winbindd_sid { fstring sid; /* lookupname, [ug]id_to_sid */ int type; } sid; struct winbindd_name { fstring dom_name; /* lookupsid */ - fstring name; + fstring name; int type; } name; uid_t uid; /* sid_to_uid */ @@ -403,20 +397,20 @@ struct winbindd_response { fstring dc_name; struct auth_reply { - uint32 nt_status; + uint32_t nt_status; fstring nt_status_string; fstring error_string; int pam_error; char user_session_key[16]; char first_8_lm_hash[8]; fstring krb5ccname; - uint32 reject_reason; - uint32 padding; + uint32_t reject_reason; + uint32_t padding; struct policy_settings { - uint32 min_length_password; - uint32 password_history; - uint32 password_properties; - uint32 padding; + uint32_t min_length_password; + uint32_t password_history; + uint32_t password_properties; + uint32_t padding; SMB_TIME_T expire; SMB_TIME_T min_passwordage; } policy; @@ -427,14 +421,14 @@ struct winbindd_response { SMB_TIME_T pass_last_set_time; SMB_TIME_T pass_can_change_time; SMB_TIME_T pass_must_change_time; - uint32 logon_count; - uint32 bad_pw_count; - uint32 user_rid; - uint32 group_rid; - uint32 num_groups; - uint32 user_flgs; - uint32 acct_flags; - uint32 num_other_sids; + uint32_t logon_count; + uint32_t bad_pw_count; + uint32_t user_rid; + uint32_t group_rid; + uint32_t num_groups; + uint32_t user_flgs; + uint32_t acct_flags; + uint32_t num_other_sids; fstring dom_sid; fstring user_name; fstring full_name; @@ -453,18 +447,18 @@ struct winbindd_response { bool native_mode; bool active_directory; bool primary; - uint32 sequence_number; } domain_info; + uint32_t sequence_number; struct { fstring acct_name; fstring full_name; fstring homedir; fstring shell; - uint32 primary_gid; - uint32 group_rid; + uint32_t primary_gid; + uint32_t group_rid; } user_info; struct { - uint32 auth_blob_len; /* blob in extra_data */ + uint32_t auth_blob_len; /* blob in extra_data */ } ccache_ntlm_auth; } data; @@ -482,8 +476,8 @@ struct WINBINDD_MEMORY_CREDS { uid_t uid; int ref_count; size_t len; - unsigned char *nt_hash; /* Base pointer for the following 2 */ - unsigned char *lm_hash; + uint8_t *nt_hash; /* Base pointer for the following 2 */ + uint8_t *lm_hash; char *pass; }; |