From 3458b708d280685bd8d66a8cc86661af0b707381 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 14 Apr 2008 09:31:46 +0200
Subject: libwbclient: add wbcResolveWinsByName() and wbcResolveWinsByIP()

metze
(This used to be commit 57ba71140fbf6b4a5a917fa3248fa76536be883b)
---
 source3/nsswitch/libwbclient/wbc_util.c | 81 +++++++++++++++++++++++++++++++++
 source3/nsswitch/libwbclient/wbclient.h |  6 +++
 2 files changed, 87 insertions(+)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/libwbclient/wbc_util.c b/source3/nsswitch/libwbclient/wbc_util.c
index 7bdae91544..edcad28221 100644
--- a/source3/nsswitch/libwbclient/wbc_util.c
+++ b/source3/nsswitch/libwbclient/wbc_util.c
@@ -187,3 +187,84 @@ wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo)
 
 	return wbc_status;
 }
+
+
+/** @brief Resolve a NetbiosName via WINS
+ *
+ * @param name         Name to resolve
+ * @param *ip          Pointer to the ip address string
+ *
+ * @return #wbcErr
+ *
+ **/
+wbcErr wbcResolveWinsByName(const char *name, const char **ip)
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	const char *ipaddr;
+
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+
+	/* Send request */
+
+	strncpy(request.data.winsreq, name,
+		sizeof(request.data.winsreq)-1);
+
+	wbc_status = wbcRequestResponse(WINBINDD_WINS_BYNAME,
+					&request,
+					&response);
+	BAIL_ON_WBC_ERROR(wbc_status);
+
+	/* Display response */
+
+	ipaddr = talloc_strdup(NULL, response.data.winsresp);
+	BAIL_ON_PTR_ERROR(ipaddr, wbc_status);
+
+	*ip = ipaddr;
+	wbc_status = WBC_ERR_SUCCESS;
+
+ done:
+	return wbc_status;
+}
+
+/** @brief Resolve an IP address via WINS into a NetbiosName
+ *
+ * @param ip          The ip address string
+ * @param *name       Pointer to the name
+ *
+ * @return #wbcErr
+ *
+ **/
+wbcErr wbcResolveWinsByIP(const char *ip, const char **name)
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	const char *name_str;
+
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+
+	/* Send request */
+
+	strncpy(request.data.winsreq, ip,
+		sizeof(request.data.winsreq)-1);
+
+	wbc_status = wbcRequestResponse(WINBINDD_WINS_BYIP,
+					&request,
+					&response);
+	BAIL_ON_WBC_ERROR(wbc_status);
+
+	/* Display response */
+
+	name_str = talloc_strdup(NULL, response.data.winsresp);
+	BAIL_ON_PTR_ERROR(name_str, wbc_status);
+
+	*name = name_str;
+	wbc_status = WBC_ERR_SUCCESS;
+
+ done:
+	return wbc_status;
+}
diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h
index 4e7e5aff25..1303057b84 100644
--- a/source3/nsswitch/libwbclient/wbclient.h
+++ b/source3/nsswitch/libwbclient/wbclient.h
@@ -401,4 +401,10 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params,
 			     struct wbcAuthUserInfo **info,
 			     struct wbcAuthErrorInfo **error);
 
+/*
+ * Resolve functions
+ */
+wbcErr wbcResolveWinsByName(const char *name, const char **ip);
+wbcErr wbcResolveWinsByIP(const char *ip, const char **name);
+
 #endif      /* _WBCLIENT_H */
-- 
cgit 


From 31b3a1fc3ff884bf311db3ffe5a85c1ef9dac344 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 14 Apr 2008 09:35:15 +0200
Subject: wbinfo: use wbcResolveWinsByName() and wbcResolveWinsByIP()

metze
(This used to be commit a4f628d6c9e2a5761c048e268a29e1f5daae4180)
---
 source3/nsswitch/wbinfo.c | 42 ++++++++++++++++--------------------------
 1 file changed, 16 insertions(+), 26 deletions(-)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index ba358bd1dd..186ab98717 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -297,52 +297,42 @@ static bool wbinfo_get_userdomgroups(const char *user_sid_str)
 
 /* Convert NetBIOS name to IP */
 
-static bool wbinfo_wins_byname(char *name)
+static bool wbinfo_wins_byname(const char *name)
 {
-	struct winbindd_request request;
-	struct winbindd_response response;
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	/* Send request */
-
-	fstrcpy(request.data.winsreq, name);
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	const char *ip = NULL;
 
-	if (winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response) !=
-	    NSS_STATUS_SUCCESS) {
+	wbc_status = wbcResolveWinsByName(name, &ip);
+	if (!WBC_ERROR_IS_OK(wbc_status)) {
 		return false;
 	}
 
 	/* Display response */
 
-	d_printf("%s\n", response.data.winsresp);
+	d_printf("%s\n", ip);
+
+	wbcFreeMemory(ip);
 
 	return true;
 }
 
 /* Convert IP to NetBIOS name */
 
-static bool wbinfo_wins_byip(char *ip)
+static bool wbinfo_wins_byip(const char *ip)
 {
-	struct winbindd_request request;
-	struct winbindd_response response;
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	/* Send request */
-
-	fstrcpy(request.data.winsreq, ip);
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	const char *name = NULL;
 
-	if (winbindd_request_response(WINBINDD_WINS_BYIP, &request, &response) !=
-	    NSS_STATUS_SUCCESS) {
+	wbc_status = wbcResolveWinsByIP(ip, &name);
+	if (!WBC_ERROR_IS_OK(wbc_status)) {
 		return false;
 	}
 
 	/* Display response */
 
-	d_printf("%s\n", response.data.winsresp);
+	d_printf("%s\n", name);
+
+	wbcFreeMemory(name);
 
 	return true;
 }
-- 
cgit 


From 2d0a36f0a5f45760927f05e514a9e63ea5d43785 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 16 Apr 2008 23:35:12 +0200
Subject: libwbclient: add wbcCheckTrustCredentials()

This only accepts NULL as domain for now,
because winbindd doesn't support checking
trust passwords as a domain controller.

metze
(This used to be commit c084ccd70f42ce29ce24565969a9f440dde254e1)
---
 source3/nsswitch/libwbclient/wbc_pam.c  | 52 +++++++++++++++++++++++++++++++++
 source3/nsswitch/libwbclient/wbclient.h |  6 ++++
 2 files changed, 58 insertions(+)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/libwbclient/wbc_pam.c b/source3/nsswitch/libwbclient/wbc_pam.c
index 2b33f55990..f6a355a413 100644
--- a/source3/nsswitch/libwbclient/wbc_pam.c
+++ b/source3/nsswitch/libwbclient/wbc_pam.c
@@ -419,3 +419,55 @@ done:
 
 	return wbc_status;
 }
+
+/** @brief Trigger a verification of the trust credentials of a specific domain
+ *
+ * @param *domain      The name of the domain, only NULL for the default domain is
+ *                     supported yet. Other values than NULL will result in
+ *                     WBC_ERR_NOT_IMPLEMENTED.
+ * @param error        Output details on WBC_ERR_AUTH_ERROR
+ *
+ * @return #wbcErr
+ *
+ **/
+wbcErr wbcCheckTrustCredentials(const char *domain,
+				struct wbcAuthErrorInfo **error)
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	const char *name_str;
+
+	if (domain) {
+		/*
+		 * the current protocol doesn't support
+		 * specifying a domain
+		 */
+		wbc_status = WBC_ERR_NOT_IMPLEMENTED;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+
+	/* Send request */
+
+	wbc_status = wbcRequestResponse(WINBINDD_CHECK_MACHACC,
+					&request,
+					&response);
+	if (response.data.auth.nt_status != 0) {
+		if (error) {
+			wbc_status = wbc_create_error_info(NULL,
+							   &response,
+							   error);
+			BAIL_ON_WBC_ERROR(wbc_status);
+		}
+
+		wbc_status = WBC_ERR_AUTH_ERROR;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+	BAIL_ON_WBC_ERROR(wbc_status);
+
+ done:
+	return wbc_status;
+}
diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h
index 1303057b84..b36b5bbe88 100644
--- a/source3/nsswitch/libwbclient/wbclient.h
+++ b/source3/nsswitch/libwbclient/wbclient.h
@@ -407,4 +407,10 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params,
 wbcErr wbcResolveWinsByName(const char *name, const char **ip);
 wbcErr wbcResolveWinsByIP(const char *ip, const char **name);
 
+/*
+ * Trusted domain functions
+ */
+wbcErr wbcCheckTrustCredentials(const char *domain,
+				struct wbcAuthErrorInfo **error);
+
 #endif      /* _WBCLIENT_H */
-- 
cgit 


From b666ead6e4131e07d83aa17c2feed5b828984b3c Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 17 Apr 2008 00:17:06 +0200
Subject: wbinfo: use wbcCheckTrustCredentials()

metze
(This used to be commit 2cbe5a006a6df79c38f4aaa68d498cd6d5a34dba)
---
 source3/nsswitch/wbinfo.c | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index 186ab98717..1e943a5eee 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -591,22 +591,24 @@ static bool wbinfo_dsgetdcname(const char *domain_name, uint32_t flags)
 
 static bool wbinfo_check_secret(void)
 {
-	struct winbindd_response response;
-	NSS_STATUS result;
-
-	ZERO_STRUCT(response);
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	struct wbcAuthErrorInfo *error = NULL;
 
-	result = winbindd_request_response(WINBINDD_CHECK_MACHACC, NULL, &response);
+	wbc_status = wbcCheckTrustCredentials(NULL, &error);
 
 	d_printf("checking the trust secret via RPC calls %s\n",
-		 (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
+		 WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed");
 
-	if (result != NSS_STATUS_SUCCESS)
+	if (wbc_status == WBC_ERR_AUTH_ERROR) {
 		d_fprintf(stderr, "error code was %s (0x%x)\n",
-		 	 response.data.auth.nt_status_string,
-		 	 response.data.auth.nt_status);
+			  error->nt_string, error->nt_status);
+		wbcFreeMemory(error);
+	}
+	if (!WBC_ERROR_IS_OK(wbc_status)) {
+		return false;
+	}
 
-	return result == NSS_STATUS_SUCCESS;	
+	return true;
 }
 
 /* Convert uid to sid */
-- 
cgit 


From 43c4c8eed16292e146f3d4d455868aba673a720c Mon Sep 17 00:00:00 2001
From: "Gerald W. Carter" <jerry@samba.org>
Date: Thu, 17 Apr 2008 17:49:53 +0200
Subject: Follow error code name convention in libwbclient.
 s/WBC_INVALID_RESPONSE/WBC_ERR_INVALID_RESPONSE/ (This used to be commit
 d91ce012b0afb30cd22b373412d17de27c55ca86)

---
 source3/nsswitch/libwbclient/wbc_pam.c  | 12 ++++++------
 source3/nsswitch/libwbclient/wbc_sid.c  | 10 +++++-----
 source3/nsswitch/libwbclient/wbclient.c |  4 ++--
 source3/nsswitch/libwbclient/wbclient.h |  2 +-
 4 files changed, 14 insertions(+), 14 deletions(-)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/libwbclient/wbc_pam.c b/source3/nsswitch/libwbclient/wbc_pam.c
index f6a355a413..00e1f46fd9 100644
--- a/source3/nsswitch/libwbclient/wbc_pam.c
+++ b/source3/nsswitch/libwbclient/wbc_pam.c
@@ -138,7 +138,7 @@ static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
 
 	p = (char *)resp->extra_data.data;
 	if (!p) {
-		wbc_status = WBC_INVALID_RESPONSE;
+		wbc_status = WBC_ERR_INVALID_RESPONSE;
 		BAIL_ON_WBC_ERROR(wbc_status);
 	}
 
@@ -149,7 +149,7 @@ static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
 		char *s = p;
 		char *e = strchr(p, '\n');
 		if (!e) {
-			wbc_status = WBC_INVALID_RESPONSE;
+			wbc_status = WBC_ERR_INVALID_RESPONSE;
 			BAIL_ON_WBC_ERROR(wbc_status);
 		}
 		e[0] = '\0';
@@ -157,7 +157,7 @@ static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
 
 		ret = sscanf(s, "0x%08X:0x%08X", &rid, &attrs);
 		if (ret != 2) {
-			wbc_status = WBC_INVALID_RESPONSE;
+			wbc_status = WBC_ERR_INVALID_RESPONSE;
 			BAIL_ON_WBC_ERROR(wbc_status);
 		}
 
@@ -173,7 +173,7 @@ static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
 		char *a;
 		char *e = strchr(p, '\n');
 		if (!e) {
-			wbc_status = WBC_INVALID_RESPONSE;
+			wbc_status = WBC_ERR_INVALID_RESPONSE;
 			BAIL_ON_WBC_ERROR(wbc_status);
 		}
 		e[0] = '\0';
@@ -181,7 +181,7 @@ static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
 
 		e = strchr(s, ':');
 		if (!e) {
-			wbc_status = WBC_INVALID_RESPONSE;
+			wbc_status = WBC_ERR_INVALID_RESPONSE;
 			BAIL_ON_WBC_ERROR(wbc_status);
 		}
 		e[0] = '\0';
@@ -190,7 +190,7 @@ static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
 		ret = sscanf(a, "0x%08X",
 			     &attrs);
 		if (ret != 1) {
-			wbc_status = WBC_INVALID_RESPONSE;
+			wbc_status = WBC_ERR_INVALID_RESPONSE;
 			BAIL_ON_WBC_ERROR(wbc_status);
 		}
 
diff --git a/source3/nsswitch/libwbclient/wbc_sid.c b/source3/nsswitch/libwbclient/wbc_sid.c
index 6ef9f44c3b..de9b02822f 100644
--- a/source3/nsswitch/libwbclient/wbc_sid.c
+++ b/source3/nsswitch/libwbclient/wbc_sid.c
@@ -372,21 +372,21 @@ wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid,
 		char *q;
 
 		if (*p == '\0') {
-			wbc_status = WBC_INVALID_RESPONSE;
+			wbc_status = WBC_ERR_INVALID_RESPONSE;
 			BAIL_ON_WBC_ERROR(wbc_status);
 		}
 
 		(*types)[i] = (enum wbcSidType)strtoul(p, &q, 10);
 
 		if (*q != ' ') {
-			wbc_status = WBC_INVALID_RESPONSE;
+			wbc_status = WBC_ERR_INVALID_RESPONSE;
 			BAIL_ON_WBC_ERROR(wbc_status);
 		}
 
 		p = q+1;
 
 		if ((q = strchr(p, '\n')) == NULL) {
-			wbc_status = WBC_INVALID_RESPONSE;
+			wbc_status = WBC_ERR_INVALID_RESPONSE;
 			BAIL_ON_WBC_ERROR(wbc_status);
 		}
 
@@ -399,7 +399,7 @@ wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid,
 	}
 
 	if (*p != '\0') {
-		wbc_status = WBC_INVALID_RESPONSE;
+		wbc_status = WBC_ERR_INVALID_RESPONSE;
 		BAIL_ON_WBC_ERROR(wbc_status);
 	}
 
@@ -471,7 +471,7 @@ wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid,
 
 	if (response.data.num_entries &&
 	    !response.extra_data.data) {
-		wbc_status = WBC_INVALID_RESPONSE;
+		wbc_status = WBC_ERR_INVALID_RESPONSE;
 		BAIL_ON_WBC_ERROR(wbc_status);
 	}
 
diff --git a/source3/nsswitch/libwbclient/wbclient.c b/source3/nsswitch/libwbclient/wbclient.c
index b52c6b01e4..9383fd5406 100644
--- a/source3/nsswitch/libwbclient/wbclient.c
+++ b/source3/nsswitch/libwbclient/wbclient.c
@@ -106,8 +106,8 @@ const char *wbcErrorString(wbcErr error)
 		return "WBC_ERR_WINBIND_NOT_AVAILABLE";
 	case WBC_ERR_DOMAIN_NOT_FOUND:
 		return "WBC_ERR_DOMAIN_NOT_FOUND";
-	case WBC_INVALID_RESPONSE:
-		return "WBC_INVALID_RESPONSE";
+	case WBC_ERR_INVALID_RESPONSE:
+		return "WBC_ERR_INVALID_RESPONSE";
 	case WBC_ERR_NSS_ERROR:
 		return "WBC_ERR_NSS_ERROR";
 	case WBC_ERR_AUTH_ERROR:
diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h
index b36b5bbe88..812751d9b5 100644
--- a/source3/nsswitch/libwbclient/wbclient.h
+++ b/source3/nsswitch/libwbclient/wbclient.h
@@ -40,7 +40,7 @@ enum _wbcErrType {
 	WBC_ERR_INVALID_PARAM,  /**< An Invalid parameter was supplied **/
 	WBC_ERR_WINBIND_NOT_AVAILABLE,   /**< Winbind daemon is not available **/
 	WBC_ERR_DOMAIN_NOT_FOUND,        /**< Domain is not trusted or cannot be found **/
-	WBC_INVALID_RESPONSE,        /**< Winbind returned an invalid response **/
+	WBC_ERR_INVALID_RESPONSE,        /**< Winbind returned an invalid response **/
 	WBC_ERR_NSS_ERROR,            /**< NSS_STATUS error **/
 	WBC_ERR_AUTH_ERROR        /**< Authentication failed **/
 };
-- 
cgit 


From 643bed203c26153aae96f82221277fcfa4ba41df Mon Sep 17 00:00:00 2001
From: "Gerald W. Carter" <jerry@samba.org>
Date: Thu, 17 Apr 2008 18:06:10 +0200
Subject: Add wbcListTrusts() API call to libwbclient.so (This used to be
 commit 5c454e77cf664fee65fcb03e5811764c92e73696)

---
 source3/nsswitch/libwbclient/wbc_util.c | 219 +++++++++++++++++++++++++++++++-
 source3/nsswitch/libwbclient/wbclient.h |  25 +++-
 2 files changed, 238 insertions(+), 6 deletions(-)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/libwbclient/wbc_util.c b/source3/nsswitch/libwbclient/wbc_util.c
index edcad28221..d7af4d1bf2 100644
--- a/source3/nsswitch/libwbclient/wbc_util.c
+++ b/source3/nsswitch/libwbclient/wbc_util.c
@@ -3,7 +3,7 @@
 
    Winbind client API
 
-   Copyright (C) Gerald (Jerry) Carter 2007
+   Copyright (C) Gerald (Jerry) Carter 2007-2008
 
 
    This library is free software; you can redistribute it and/or
@@ -170,11 +170,11 @@ wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo)
 	BAIL_ON_WBC_ERROR(wbc_status);
 
 	if (response.data.domain_info.native_mode)
-		info->flags |= WBC_DOMINFO_NATIVE;
+		info->domain_flags |= WBC_DOMINFO_NATIVE;
 	if (response.data.domain_info.active_directory)
-		info->flags |= WBC_DOMINFO_AD;
+		info->domain_flags |= WBC_DOMINFO_AD;
 	if (response.data.domain_info.primary)
-		info->flags |= WBC_DOMINFO_PRIMARY;
+		info->domain_flags |= WBC_DOMINFO_PRIMARY;
 
 	*dinfo = info;
 
@@ -268,3 +268,214 @@ wbcErr wbcResolveWinsByIP(const char *ip, const char **name)
  done:
 	return wbc_status;
 }
+
+/**
+ */
+
+static wbcErr process_domain_info_string(TALLOC_CTX *ctx, 
+					 struct wbcDomainInfo *info,
+					 char *info_string)
+{
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	char *r = NULL;
+	char *s = NULL;
+
+	if (!info || !info_string) {
+		wbc_status = WBC_ERR_INVALID_PARAM;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+
+	r = info_string;
+
+	/* Short Name */
+	if ((s = strchr(r, '\\')) == NULL) {
+		wbc_status = WBC_ERR_INVALID_RESPONSE;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+	*s = '\0';
+	s++;
+
+	info->short_name = talloc_strdup(ctx, r);
+	BAIL_ON_PTR_ERROR(info->short_name, wbc_status);
+
+
+	/* DNS Name */
+	r = s;
+	if ((s = strchr(r, '\\')) == NULL) {
+		wbc_status = WBC_ERR_INVALID_RESPONSE;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+	*s = '\0';
+	s++;
+
+	info->dns_name = talloc_strdup(ctx, r);
+	BAIL_ON_PTR_ERROR(info->dns_name, wbc_status);
+
+	/* SID */
+	r = s;
+	if ((s = strchr(r, '\\')) == NULL) {
+		wbc_status = WBC_ERR_INVALID_RESPONSE;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+	*s = '\0';
+	s++;
+
+	wbc_status = wbcStringToSid(r, &info->sid);
+	BAIL_ON_WBC_ERROR(wbc_status);
+	
+	/* Trust type */
+	r = s;
+	if ((s = strchr(r, '\\')) == NULL) {
+		wbc_status = WBC_ERR_INVALID_RESPONSE;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+	*s = '\0';
+	s++;
+
+	if (strcmp(r, "None") == 0) {
+		info->trust_type = WBC_DOMINFO_TRUSTTYPE_NONE;
+	} else if (strcmp(r, "External") == 0) {
+		info->trust_type = WBC_DOMINFO_TRUSTTYPE_EXTERNAL;
+	} else if (strcmp(r, "Forest") == 0) {
+		info->trust_type = WBC_DOMINFO_TRUSTTYPE_FOREST;
+	} else if (strcmp(r, "In Forest") == 0) {
+		info->trust_type = WBC_DOMINFO_TRUSTTYPE_IN_FOREST;
+	} else {
+		wbc_status = WBC_ERR_INVALID_RESPONSE;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+
+	/* Transitive */
+	r = s;
+	if ((s = strchr(r, '\\')) == NULL) {
+		wbc_status = WBC_ERR_INVALID_RESPONSE;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+	*s = '\0';
+	s++;
+
+	if (strcmp(r, "Yes") == 0) {
+		info->trust_flags |= WBC_DOMINFO_TRUST_TRANSITIVE;		
+	}
+	
+	/* Incoming */
+	r = s;
+	if ((s = strchr(r, '\\')) == NULL) {
+		wbc_status = WBC_ERR_INVALID_RESPONSE;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+	*s = '\0';
+	s++;
+
+	if (strcmp(r, "Yes") == 0) {
+		info->trust_flags |= WBC_DOMINFO_TRUST_INCOMING;		
+	}
+
+	/* Outgoing */
+	r = s;
+	if (r == NULL) {
+		wbc_status = WBC_ERR_INVALID_RESPONSE;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+
+	if (strcmp(r, "Yes") == 0) {
+		info->trust_flags |= WBC_DOMINFO_TRUST_OUTGOING;		
+	}
+
+	wbc_status = WBC_ERR_SUCCESS;
+
+ done:
+	return wbc_status;
+}
+
+/** @brief Enumerate the domain trusts known by Winbind
+ *
+ * @param **domains     Pointer to the allocated domain list array
+ * @param *num_domains  Pointer to number of domains returned
+ *
+ * @return #wbcErr
+ *
+ **/
+wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains)
+{
+	struct winbindd_response response;
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	char *p = NULL;
+	char *q = NULL;
+	char *extra_data = NULL;	
+	int count = 0;	
+	struct wbcDomainInfo *d_list = NULL;
+	int i = 0;
+	
+	*domains = NULL;
+	*num_domains = 0;
+	
+	ZERO_STRUCT(response);
+
+	/* Send request */
+
+	wbc_status = wbcRequestResponse(WINBINDD_LIST_TRUSTDOM,
+					NULL,
+					&response);
+	BAIL_ON_WBC_ERROR(wbc_status);
+
+	/* Decode the response */
+
+	p = (char *)response.extra_data.data;
+
+	if (strlen(p) == 0) {
+		/* We should always at least get back our 
+		   own SAM domain */
+		
+		wbc_status = WBC_ERR_DOMAIN_NOT_FOUND;
+		BAIL_ON_WBC_ERROR(wbc_status);
+	}
+
+	/* Count number of domains */
+
+	count = 0;	
+	while (p) {
+		count++;
+
+		if ((q = strchr(p, '\n')) != NULL)
+			q++;
+		p = q;		
+	}
+
+	d_list = talloc_array(NULL, struct wbcDomainInfo, count);
+	BAIL_ON_PTR_ERROR(d_list, wbc_status);
+
+	extra_data = strdup((char*)response.extra_data.data);
+	BAIL_ON_PTR_ERROR(extra_data, wbc_status);
+
+	p = extra_data;	
+
+	/* Outer loop processes the list of domain information */
+
+	for (i=0; i<count && p; i++) {
+		char *next = strchr(p, '\n');
+		
+		if (next) {
+			*next = '\0';
+			next++;
+		}
+
+		wbc_status = process_domain_info_string(d_list, &d_list[i], p);
+		BAIL_ON_WBC_ERROR(wbc_status);
+
+		p = next;
+	}
+
+	*domains = d_list;	
+	*num_domains = i;	
+	
+ done:
+	if (!WBC_ERROR_IS_OK(wbc_status)) {
+		if (d_list)
+			talloc_free(d_list);
+		if (extra_data)
+			free(extra_data);
+	}
+
+	return wbc_status;
+}
diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h
index 812751d9b5..05cee9ab2b 100644
--- a/source3/nsswitch/libwbclient/wbclient.h
+++ b/source3/nsswitch/libwbclient/wbclient.h
@@ -128,15 +128,32 @@ struct wbcDomainInfo {
 	char *short_name;
 	char *dns_name;
 	struct wbcDomainSid sid;
-	uint32_t flags;
+	uint32_t domain_flags;
+	uint32_t trust_flags;
+	uint32_t trust_type;
 };
 
-/* wbcDomainInfo->flags */
+/* wbcDomainInfo->domain_flags */
 
+#define WBC_DOMINFO_UNKNOWN           0x00000000
 #define WBC_DOMINFO_NATIVE            0x00000001
 #define WBC_DOMINFO_AD                0x00000002
 #define WBC_DOMINFO_PRIMARY           0x00000004
 
+/* wbcDomainInfo->trust_flags */
+
+#define WBC_DOMINFO_TRUST_TRANSITIVE  0x00000001
+#define WBC_DOMINFO_TRUST_INCOMING    0x00000002
+#define WBC_DOMINFO_TRUST_OUTGOING    0x00000004
+
+/* wbcDomainInfo->trust_type */
+
+#define WBC_DOMINFO_TRUSTTYPE_NONE       0x00000000
+#define WBC_DOMINFO_TRUSTTYPE_FOREST     0x00000001
+#define WBC_DOMINFO_TRUSTTYPE_IN_FOREST  0x00000002
+#define WBC_DOMINFO_TRUSTTYPE_EXTERNAL   0x00000003
+
+
 /**
  * @brief Auth User Parameters
  **/
@@ -390,6 +407,10 @@ wbcErr wbcGetGroups(const char *account,
 wbcErr wbcDomainInfo(const char *domain,
 		     struct wbcDomainInfo **info);
 
+wbcErr wbcListTrusts(struct wbcDomainInfo **domains, 
+		     size_t *num_domains);
+
+
 /*
  * Athenticate functions
  */
-- 
cgit 


From 22c6a14ae4f3e9545e14f542e14111106cc74daf Mon Sep 17 00:00:00 2001
From: "Gerald W. Carter" <jerry@samba.org>
Date: Thu, 17 Apr 2008 18:07:18 +0200
Subject: Convert "wbinfo -m" to use wbcListTrusts() API call. (This used to be
 commit 2fbe8437efe232b6f53af6fafed5995fe7e26820)

---
 source3/nsswitch/wbinfo.c | 134 +++++++++++++++++-----------------------------
 1 file changed, 50 insertions(+), 84 deletions(-)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index 1e943a5eee..ed49be7431 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -341,101 +341,67 @@ static bool wbinfo_wins_byip(const char *ip)
 
 static bool wbinfo_list_domains(bool list_all_domains, bool verbose)
 {
-	struct winbindd_request request;
-	struct winbindd_response response;
-
+	struct wbcDomainInfo *domain_list = NULL;
+	size_t num_domains;
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
 	bool print_all = !list_all_domains && verbose;
+	int i;
 
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	/* Send request */
-
-	request.data.list_all_domains = list_all_domains;
-
-	if (winbindd_request_response(WINBINDD_LIST_TRUSTDOM, &request, &response) !=
-	    NSS_STATUS_SUCCESS)
+	wbc_status = wbcListTrusts(&domain_list, &num_domains);
+	if (!WBC_ERROR_IS_OK(wbc_status)) {
 		return false;
+	}
 
-	/* Display response */
+	if (print_all) {
+		d_printf("%-16s%-24s%-12s%-12s%-5s%-5s\n", 
+			 "Domain Name", "DNS Domain", "Trust Type", 
+			 "Transitive", "In", "Out");
+	}
 
-	if (response.extra_data.data) {
-		const char *extra_data = (char *)response.extra_data.data;
-		char *name;
-		char *beg, *end;
-		TALLOC_CTX *frame = talloc_stackframe();
+	for (i=0; i<num_domains; i++) {
+		d_printf("%-16s", domain_list[i].short_name);
 
-		if (print_all) {
-			d_printf("%-16s%-24s%-12s%-12s%-5s%-5s\n", 
-				 "Domain Name", "DNS Domain", "Trust Type", 
-				 "Transitive", "In", "Out");
+		if (!print_all) {
+			d_printf("\n");	
+			continue;
 		}
 
-		while(next_token_talloc(frame,&extra_data,&name,"\n")) {
-			/* Print Domain Name */
-			if ((beg = strchr(name, '\\')) == NULL)
-				goto error;
-			*beg = 0;
-			beg++;
-			if ((end = strchr(beg, '\\')) == NULL)
-				goto error;
-			*end = 0;
-
-			/* Print short name */
+		d_printf("%-24s", domain_list[i].dns_name);
 
-			d_printf("%-16s", name);
-
-			if (!print_all) {
-				d_printf("\n");	
-				continue;
-			}
+		switch(domain_list[i].trust_type) {
+		case WBC_DOMINFO_TRUSTTYPE_NONE:
+			d_printf("None        ");
+			break;
+		case WBC_DOMINFO_TRUSTTYPE_FOREST:		
+			d_printf("Forest      ");
+			break;
+		case WBC_DOMINFO_TRUSTTYPE_EXTERNAL:		
+			d_printf("External    ");
+			break;
+		case WBC_DOMINFO_TRUSTTYPE_IN_FOREST:
+			d_printf("In-Forest   ");
+			break;
+		}
 
-			/* Print DNS domain */
+		if (domain_list[i].trust_flags & WBC_DOMINFO_TRUST_TRANSITIVE) {
+			d_printf("Yes         ");
+		} else {
+			d_printf("No          ");
+		}
 
-			if (beg) {
-				d_printf("%-24s", beg);
-			}
+		if (domain_list[i].trust_flags & WBC_DOMINFO_TRUST_INCOMING) {
+			d_printf("Yes  ");
+		} else {
+			d_printf("No   ");
+		}
 
-			/* Skip SID */
-			beg = ++end;
-			if ((end = strchr(beg, '\\')) == NULL)
-				goto error;
-
-			/* Print Trust Type */
-			beg = ++end;
-			if ((end = strchr(beg, '\\')) == NULL)
-				goto error;
-			*end = 0;
-			d_printf("%-12s", beg);
-
-			/* Print Transitive */
-			beg = ++end;
-			if ((end = strchr(beg, '\\')) == NULL)
-				goto error;
-			*end = 0;
-			d_printf("%-12s", beg);
-
-			/* Print Incoming */
-			beg = ++end;
-			if ((end = strchr(beg, '\\')) == NULL)
-				goto error;
-			*end = 0;
-			d_printf("%-5s", beg);
-
-			/* Print Outgoing */
-			beg = ++end;
-			d_printf("%-5s\n", beg);
+		if (domain_list[i].trust_flags & WBC_DOMINFO_TRUST_OUTGOING) {
+			d_printf("Yes  ");
+		} else {
+			d_printf("No   ");
 		}
-		goto out;
 
-error:
-		d_fprintf(stderr, "Got invalid response: %s\n", extra_data);
-		TALLOC_FREE(frame);
-		SAFE_FREE(response.extra_data.data);
-		return false;
-out:
-		TALLOC_FREE(frame);
-		SAFE_FREE(response.extra_data.data);
+		d_printf("\n");
 	}
 
 	return true;
@@ -519,12 +485,12 @@ static bool wbinfo_domain_info(const char *domain)
 	d_printf("SID               : %s\n", sid_str);
 
 	d_printf("Active Directory  : %s\n",
-		 (dinfo->flags & WBC_DOMINFO_AD) ? "Yes" : "No");
+		 (dinfo->domain_flags & WBC_DOMINFO_AD) ? "Yes" : "No");
 	d_printf("Native            : %s\n",
-		 (dinfo->flags & WBC_DOMINFO_NATIVE) ? "Yes" : "No");
+		 (dinfo->domain_flags & WBC_DOMINFO_NATIVE) ? "Yes" : "No");
 
 	d_printf("Primary           : %s\n",
-		 (dinfo->flags & WBC_DOMINFO_PRIMARY) ? "Yes" : "No");
+		 (dinfo->domain_flags & WBC_DOMINFO_PRIMARY) ? "Yes" : "No");
 
 	wbcFreeMemory(sid_str);
 	wbcFreeMemory(dinfo);
-- 
cgit 


From 20104eef70ea1e2a64acb762ade2b4d64af0ee57 Mon Sep 17 00:00:00 2001
From: "Gerald W. Carter" <jerry@samba.org>
Date: Thu, 17 Apr 2008 18:09:08 +0200
Subject: Remove unused variable from wbcCheckTrustCredentials(). (This used to
 be commit fea52dc46048ff869299267f7596b93a8c5c8b3d)

---
 source3/nsswitch/libwbclient/wbc_pam.c | 1 -
 1 file changed, 1 deletion(-)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/libwbclient/wbc_pam.c b/source3/nsswitch/libwbclient/wbc_pam.c
index 00e1f46fd9..a0e91faaf3 100644
--- a/source3/nsswitch/libwbclient/wbc_pam.c
+++ b/source3/nsswitch/libwbclient/wbc_pam.c
@@ -436,7 +436,6 @@ wbcErr wbcCheckTrustCredentials(const char *domain,
 	struct winbindd_request request;
 	struct winbindd_response response;
 	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-	const char *name_str;
 
 	if (domain) {
 		/*
-- 
cgit 


From d7da0f57fa4564647637e025fd2f4c7ebd2e7293 Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Sun, 20 Apr 2008 22:13:40 +0200
Subject: libwbclient: fix wbcResolveWinsByName() to take char * instead of
 const char **

This fixes a compile warning and seems the correct thing to me as
the returned data is talloc_strdup't, so not const anyways.

Michael
(This used to be commit 13cfa7f48a541a934a129fab0544cbf66029c4c7)
---
 source3/nsswitch/libwbclient/wbc_util.c | 4 ++--
 source3/nsswitch/libwbclient/wbclient.h | 2 +-
 source3/nsswitch/wbinfo.c               | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/libwbclient/wbc_util.c b/source3/nsswitch/libwbclient/wbc_util.c
index d7af4d1bf2..69cad380da 100644
--- a/source3/nsswitch/libwbclient/wbc_util.c
+++ b/source3/nsswitch/libwbclient/wbc_util.c
@@ -197,12 +197,12 @@ wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo)
  * @return #wbcErr
  *
  **/
-wbcErr wbcResolveWinsByName(const char *name, const char **ip)
+wbcErr wbcResolveWinsByName(const char *name, char **ip)
 {
 	struct winbindd_request request;
 	struct winbindd_response response;
 	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-	const char *ipaddr;
+	char *ipaddr;
 
 	ZERO_STRUCT(request);
 	ZERO_STRUCT(response);
diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h
index 05cee9ab2b..a444c91da4 100644
--- a/source3/nsswitch/libwbclient/wbclient.h
+++ b/source3/nsswitch/libwbclient/wbclient.h
@@ -425,7 +425,7 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params,
 /*
  * Resolve functions
  */
-wbcErr wbcResolveWinsByName(const char *name, const char **ip);
+wbcErr wbcResolveWinsByName(const char *name, char **ip);
 wbcErr wbcResolveWinsByIP(const char *ip, const char **name);
 
 /*
diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index ed49be7431..00d772a74c 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -300,7 +300,7 @@ static bool wbinfo_get_userdomgroups(const char *user_sid_str)
 static bool wbinfo_wins_byname(const char *name)
 {
 	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-	const char *ip = NULL;
+	char *ip = NULL;
 
 	wbc_status = wbcResolveWinsByName(name, &ip);
 	if (!WBC_ERROR_IS_OK(wbc_status)) {
-- 
cgit 


From 8caaf0dc4331370793d7f79839ed75bb149c9e93 Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Sun, 20 Apr 2008 22:17:39 +0200
Subject: libwbclient: change wbcResolveWinsByIP() to take char ** instead of
 const char **

Fix a compile warning. This seems the right thing since the data is created
by talloc_strdup...

Michael
(This used to be commit f81da8e8ed8e2d75c77bd8b5e7fdd7c53bab7e49)
---
 source3/nsswitch/libwbclient/wbc_util.c | 4 ++--
 source3/nsswitch/libwbclient/wbclient.h | 2 +-
 source3/nsswitch/wbinfo.c               | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/libwbclient/wbc_util.c b/source3/nsswitch/libwbclient/wbc_util.c
index 69cad380da..a1b6626bd3 100644
--- a/source3/nsswitch/libwbclient/wbc_util.c
+++ b/source3/nsswitch/libwbclient/wbc_util.c
@@ -237,12 +237,12 @@ wbcErr wbcResolveWinsByName(const char *name, char **ip)
  * @return #wbcErr
  *
  **/
-wbcErr wbcResolveWinsByIP(const char *ip, const char **name)
+wbcErr wbcResolveWinsByIP(const char *ip, char **name)
 {
 	struct winbindd_request request;
 	struct winbindd_response response;
 	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-	const char *name_str;
+	char *name_str;
 
 	ZERO_STRUCT(request);
 	ZERO_STRUCT(response);
diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h
index a444c91da4..d73ea297a3 100644
--- a/source3/nsswitch/libwbclient/wbclient.h
+++ b/source3/nsswitch/libwbclient/wbclient.h
@@ -426,7 +426,7 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params,
  * Resolve functions
  */
 wbcErr wbcResolveWinsByName(const char *name, char **ip);
-wbcErr wbcResolveWinsByIP(const char *ip, const char **name);
+wbcErr wbcResolveWinsByIP(const char *ip, char **name);
 
 /*
  * Trusted domain functions
diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index 00d772a74c..8aa4e5f15f 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -321,7 +321,7 @@ static bool wbinfo_wins_byname(const char *name)
 static bool wbinfo_wins_byip(const char *ip)
 {
 	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-	const char *name = NULL;
+	char *name = NULL;
 
 	wbc_status = wbcResolveWinsByIP(ip, &name);
 	if (!WBC_ERROR_IS_OK(wbc_status)) {
-- 
cgit