From ef2e26c91b80556af033d3335e55f5dfa6fff31d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 13 Aug 2003 01:53:07 +0000 Subject: first public release of samba4 code (This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f) --- source4/nsswitch/wbinfo.c | 891 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 891 insertions(+) create mode 100644 source4/nsswitch/wbinfo.c (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c new file mode 100644 index 0000000000..68dc178bcd --- /dev/null +++ b/source4/nsswitch/wbinfo.c @@ -0,0 +1,891 @@ +/* + Unix SMB/CIFS implementation. + + Winbind status program. + + Copyright (C) Tim Potter 2000-2002 + Copyright (C) Andrew Bartlett 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "winbindd.h" +#include "debug.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_WINBIND + +extern int winbindd_fd; + +static char winbind_separator(void) +{ + struct winbindd_response response; + static BOOL got_sep; + static char sep; + + if (got_sep) + return sep; + + ZERO_STRUCT(response); + + /* Send off request */ + + if (winbindd_request(WINBINDD_INFO, NULL, &response) != + NSS_STATUS_SUCCESS) { + d_printf("could not obtain winbind separator!\n"); + /* HACK: (this module should not call lp_ funtions) */ + return *lp_winbind_separator(); + } + + sep = response.data.info.winbind_separator; + got_sep = True; + + if (!sep) { + d_printf("winbind separator was NULL!\n"); + /* HACK: (this module should not call lp_ funtions) */ + sep = *lp_winbind_separator(); + } + + return sep; +} + +static const char *get_winbind_domain(void) +{ + struct winbindd_response response; + static fstring winbind_domain; + + ZERO_STRUCT(response); + + /* Send off request */ + + if (winbindd_request(WINBINDD_DOMAIN_NAME, NULL, &response) != + NSS_STATUS_SUCCESS) { + d_printf("could not obtain winbind domain name!\n"); + + /* HACK: (this module should not call lp_ funtions) */ + return lp_workgroup(); + } + + fstrcpy(winbind_domain, response.data.domain_name); + + return winbind_domain; + +} + +/* Copy of parse_domain_user from winbindd_util.c. Parse a string of the + form DOMAIN/user into a domain and a user */ + +static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, + fstring user) +{ + + char *p = strchr(domuser,winbind_separator()); + + if (!p) { + fstrcpy(user, domuser); + fstrcpy(domain, get_winbind_domain()); + return True; + } + + fstrcpy(user, p+1); + fstrcpy(domain, domuser); + domain[PTR_DIFF(p, domuser)] = 0; + strupper(domain); + + return True; +} + +/* List groups a user is a member of */ + +static BOOL wbinfo_get_usergroups(char *user) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + int i; + + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.username, user); + + result = winbindd_request(WINBINDD_GETGROUPS, &request, &response); + + if (result != NSS_STATUS_SUCCESS) + return False; + + for (i = 0; i < response.data.num_entries; i++) + d_printf("%d\n", (int)((gid_t *)response.extra_data)[i]); + + SAFE_FREE(response.extra_data); + + return True; +} + +/* Convert NetBIOS name to IP */ + +static BOOL wbinfo_wins_byname(char *name) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.winsreq, name); + + if (winbindd_request(WINBINDD_WINS_BYNAME, &request, &response) != + NSS_STATUS_SUCCESS) { + return False; + } + + /* Display response */ + + printf("%s\n", response.data.winsresp); + + return True; +} + +/* Convert IP to NetBIOS name */ + +static BOOL wbinfo_wins_byip(char *ip) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.winsreq, ip); + + if (winbindd_request(WINBINDD_WINS_BYIP, &request, &response) != + NSS_STATUS_SUCCESS) { + return False; + } + + /* Display response */ + + printf("%s\n", response.data.winsresp); + + return True; +} + +/* List trusted domains */ + +static BOOL wbinfo_list_domains(void) +{ + struct winbindd_response response; + fstring name; + + ZERO_STRUCT(response); + + /* Send request */ + + if (winbindd_request(WINBINDD_LIST_TRUSTDOM, NULL, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + if (response.extra_data) { + const char *extra_data = (char *)response.extra_data; + + while(next_token(&extra_data, name, ",", sizeof(fstring))) + d_printf("%s\n", name); + + SAFE_FREE(response.extra_data); + } + + return True; +} + + +/* show sequence numbers */ +static BOOL wbinfo_show_sequence(void) +{ + struct winbindd_response response; + + ZERO_STRUCT(response); + + /* Send request */ + + if (winbindd_request(WINBINDD_SHOW_SEQUENCE, NULL, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + if (response.extra_data) { + char *extra_data = (char *)response.extra_data; + d_printf("%s", extra_data); + SAFE_FREE(response.extra_data); + } + + return True; +} + +/* Check trust account password */ + +static BOOL wbinfo_check_secret(void) +{ + struct winbindd_response response; + NSS_STATUS result; + + ZERO_STRUCT(response); + + result = winbindd_request(WINBINDD_CHECK_MACHACC, NULL, &response); + + d_printf("checking the trust secret via RPC calls %s\n", + (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); + + if (result != NSS_STATUS_SUCCESS) + d_printf("error code was %s (0x%x)\n", + response.data.auth.nt_status_string, + response.data.auth.nt_status); + + return result == NSS_STATUS_SUCCESS; +} + +/* Convert uid to sid */ + +static BOOL wbinfo_uid_to_sid(uid_t uid) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + request.data.uid = uid; + + if (winbindd_request(WINBINDD_UID_TO_SID, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%s\n", response.data.sid.sid); + + return True; +} + +/* Convert gid to sid */ + +static BOOL wbinfo_gid_to_sid(gid_t gid) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + request.data.gid = gid; + + if (winbindd_request(WINBINDD_GID_TO_SID, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%s\n", response.data.sid.sid); + + return True; +} + +/* Convert sid to uid */ + +static BOOL wbinfo_sid_to_uid(char *sid) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.sid, sid); + + if (winbindd_request(WINBINDD_SID_TO_UID, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%d\n", (int)response.data.uid); + + return True; +} + +static BOOL wbinfo_sid_to_gid(char *sid) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.sid, sid); + + if (winbindd_request(WINBINDD_SID_TO_GID, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%d\n", (int)response.data.gid); + + return True; +} + +/* Convert sid to string */ + +static BOOL wbinfo_lookupsid(char *sid) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send off request */ + + fstrcpy(request.data.sid, sid); + + if (winbindd_request(WINBINDD_LOOKUPSID, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%s%c%s %d\n", response.data.name.dom_name, + winbind_separator(), response.data.name.name, + response.data.name.type); + + return True; +} + +/* Convert string to sid */ + +static BOOL wbinfo_lookupname(char *name) +{ + struct winbindd_request request; + struct winbindd_response response; + + /* Send off request */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + parse_wbinfo_domain_user(name, request.data.name.dom_name, + request.data.name.name); + + if (winbindd_request(WINBINDD_LOOKUPNAME, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%s %d\n", response.data.sid.sid, response.data.sid.type); + + return True; +} + +/* Authenticate a user with a plaintext password */ + +static BOOL wbinfo_auth(char *username) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + char *p; + + /* Send off request */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + p = strchr(username, '%'); + + if (p) { + *p = 0; + fstrcpy(request.data.auth.user, username); + fstrcpy(request.data.auth.pass, p + 1); + *p = '%'; + } else + fstrcpy(request.data.auth.user, username); + + result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response); + + /* Display response */ + + d_printf("plaintext password authentication %s\n", + (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); + + if (response.data.auth.nt_status) + d_printf("error code was %s (0x%x)\n", + response.data.auth.nt_status_string, + response.data.auth.nt_status); + + return result == NSS_STATUS_SUCCESS; +} + +/* Authenticate a user with a challenge/response */ + +static BOOL wbinfo_auth_crap(char *username) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + fstring name_user; + fstring name_domain; + fstring pass; + char *p; + + /* Send off request */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + p = strchr(username, '%'); + + if (p) { + *p = 0; + fstrcpy(pass, p + 1); + } + + parse_wbinfo_domain_user(username, name_domain, name_user); + + fstrcpy(request.data.auth_crap.user, name_user); + + fstrcpy(request.data.auth_crap.domain, name_domain); + + generate_random_buffer(request.data.auth_crap.chal, 8, False); + + SMBencrypt(pass, request.data.auth_crap.chal, + (uchar *)request.data.auth_crap.lm_resp); + SMBNTencrypt(pass, request.data.auth_crap.chal, + (uchar *)request.data.auth_crap.nt_resp); + + request.data.auth_crap.lm_resp_len = 24; + request.data.auth_crap.nt_resp_len = 24; + + result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response); + + /* Display response */ + + d_printf("challenge/response password authentication %s\n", + (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); + + if (response.data.auth.nt_status) + d_printf("error code was %s (0x%x)\n", + response.data.auth.nt_status_string, + response.data.auth.nt_status); + + return result == NSS_STATUS_SUCCESS; +} + +/* Print domain users */ + +static BOOL print_domain_users(void) +{ + struct winbindd_response response; + const char *extra_data; + fstring name; + + /* Send request to winbind daemon */ + + ZERO_STRUCT(response); + + if (winbindd_request(WINBINDD_LIST_USERS, NULL, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Look through extra data */ + + if (!response.extra_data) + return False; + + extra_data = (const char *)response.extra_data; + + while(next_token(&extra_data, name, ",", sizeof(fstring))) + d_printf("%s\n", name); + + SAFE_FREE(response.extra_data); + + return True; +} + +/* Print domain groups */ + +static BOOL print_domain_groups(void) +{ + struct winbindd_response response; + const char *extra_data; + fstring name; + + ZERO_STRUCT(response); + + if (winbindd_request(WINBINDD_LIST_GROUPS, NULL, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Look through extra data */ + + if (!response.extra_data) + return False; + + extra_data = (const char *)response.extra_data; + + while(next_token(&extra_data, name, ",", sizeof(fstring))) + d_printf("%s\n", name); + + SAFE_FREE(response.extra_data); + + return True; +} + +/* Set the authorised user for winbindd access in secrets.tdb */ + +static BOOL wbinfo_set_auth_user(char *username) +{ + char *password; + fstring user, domain; + + /* Separate into user and password */ + + parse_wbinfo_domain_user(username, domain, user); + + password = strchr(user, '%'); + + if (password) { + *password = 0; + password++; + } else + password = ""; + + /* Store or remove DOMAIN\username%password in secrets.tdb */ + + secrets_init(); + + if (user[0]) { + + if (!secrets_store(SECRETS_AUTH_USER, user, + strlen(user) + 1)) { + d_fprintf(stderr, "error storing username\n"); + return False; + } + + /* We always have a domain name added by the + parse_wbinfo_domain_user() function. */ + + if (!secrets_store(SECRETS_AUTH_DOMAIN, domain, + strlen(domain) + 1)) { + d_fprintf(stderr, "error storing domain name\n"); + return False; + } + + } else { + secrets_delete(SECRETS_AUTH_USER); + secrets_delete(SECRETS_AUTH_DOMAIN); + } + + if (password[0]) { + + if (!secrets_store(SECRETS_AUTH_PASSWORD, password, + strlen(password) + 1)) { + d_fprintf(stderr, "error storing password\n"); + return False; + } + + } else + secrets_delete(SECRETS_AUTH_PASSWORD); + + return True; +} + +static void wbinfo_get_auth_user(void) +{ + char *user, *domain, *password; + + /* Lift data from secrets file */ + + secrets_init(); + + user = secrets_fetch(SECRETS_AUTH_USER, NULL); + domain = secrets_fetch(SECRETS_AUTH_DOMAIN, NULL); + password = secrets_fetch(SECRETS_AUTH_PASSWORD, NULL); + + if (!user && !domain && !password) { + d_printf("No authorised user configured\n"); + return; + } + + /* Pretty print authorised user info */ + + d_printf("%s%s%s%s%s\n", domain ? domain : "", domain ? "\\" : "", + user, password ? "%" : "", password ? password : ""); + + SAFE_FREE(user); + SAFE_FREE(domain); + SAFE_FREE(password); +} + +static BOOL wbinfo_ping(void) +{ + NSS_STATUS result; + + result = winbindd_request(WINBINDD_PING, NULL, NULL); + + /* Display response */ + + d_printf("'ping' to winbindd %s on fd %d\n", + (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed", winbindd_fd); + + return result == NSS_STATUS_SUCCESS; +} + +/* Main program */ + +enum { + OPT_SET_AUTH_USER = 1000, + OPT_GET_AUTH_USER, + OPT_SEQUENCE +}; + +int main(int argc, char **argv) +{ + int opt; + + poptContext pc; + static char *string_arg; + static int int_arg; + BOOL got_command = False; + int result = 1; + + struct poptOption long_options[] = { + POPT_AUTOHELP + + /* longName, shortName, argInfo, argPtr, value, descrip, + argDesc */ + + { "domain-users", 'u', POPT_ARG_NONE, 0, 'u', "Lists all domain users"}, + { "domain-groups", 'g', POPT_ARG_NONE, 0, 'g', "Lists all domain groups" }, + { "WINS-by-name", 'N', POPT_ARG_STRING, &string_arg, 'N', "Converts NetBIOS name to IP (WINS)", "NETBIOS-NAME" }, + { "WINS-by-ip", 'I', POPT_ARG_STRING, &string_arg, 'I', "Converts IP address to NetBIOS name (WINS)", "IP" }, + { "name-to-sid", 'n', POPT_ARG_STRING, &string_arg, 'n', "Converts name to sid", "NAME" }, + { "sid-to-name", 's', POPT_ARG_STRING, &string_arg, 's', "Converts sid to name", "SID" }, + { "uid-to-sid", 'U', POPT_ARG_INT, &int_arg, 'U', "Converts uid to sid" , "UID" }, + { "gid-to-sid", 'G', POPT_ARG_INT, &int_arg, 'G', "Converts gid to sid", "GID" }, + { "sid-to-uid", 'S', POPT_ARG_STRING, &string_arg, 'S', "Converts sid to uid", "SID" }, + { "sid-to-gid", 'Y', POPT_ARG_STRING, &string_arg, 'Y', "Converts sid to gid", "SID" }, + { "check-secret", 't', POPT_ARG_NONE, 0, 't', "Check shared secret" }, + { "trusted-domains", 'm', POPT_ARG_NONE, 0, 'm', "List trusted domains" }, + { "sequence", 0, POPT_ARG_NONE, 0, OPT_SEQUENCE, "show sequence numbers of all domains" }, + { "user-groups", 'r', POPT_ARG_STRING, &string_arg, 'r', "Get user groups", "USER" }, + { "authenticate", 'a', POPT_ARG_STRING, &string_arg, 'a', "authenticate user", "user%password" }, + { "set-auth-user", 'A', POPT_ARG_STRING, &string_arg, OPT_SET_AUTH_USER, "Store user and password used by winbindd (root only)", "user%password" }, + { "get-auth-user", 0, POPT_ARG_NONE, NULL, OPT_GET_AUTH_USER, "Retrieve user and password used by winbindd (root only)", NULL }, + { "ping", 'p', POPT_ARG_NONE, 0, 'p', "'ping' winbindd to see if it is alive" }, + { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_version}, + { 0, 0, 0, 0 } + }; + + /* Samba client initialisation */ + + if (!lp_load(dyn_CONFIGFILE, True, False, False)) { + d_fprintf(stderr, "wbinfo: error opening config file %s. Error was %s\n", + dyn_CONFIGFILE, strerror(errno)); + exit(1); + } + + if (!init_names()) + return 1; + + load_interfaces(); + + /* Parse options */ + + pc = poptGetContext("wbinfo", argc, (const char **)argv, long_options, 0); + + /* Parse command line options */ + + if (argc == 1) { + poptPrintHelp(pc, stderr, 0); + return 1; + } + + while((opt = poptGetNextOpt(pc)) != -1) { + if (got_command) { + d_fprintf(stderr, "No more than one command may be specified at once.\n"); + exit(1); + } + got_command = True; + } + + poptFreeContext(pc); + + pc = poptGetContext(NULL, argc, (const char **)argv, long_options, + POPT_CONTEXT_KEEP_FIRST); + + while((opt = poptGetNextOpt(pc)) != -1) { + switch (opt) { + case 'u': + if (!print_domain_users()) { + d_printf("Error looking up domain users\n"); + goto done; + } + break; + case 'g': + if (!print_domain_groups()) { + d_printf("Error looking up domain groups\n"); + goto done; + } + break; + case 's': + if (!wbinfo_lookupsid(string_arg)) { + d_printf("Could not lookup sid %s\n", string_arg); + goto done; + } + break; + case 'n': + if (!wbinfo_lookupname(string_arg)) { + d_printf("Could not lookup name %s\n", string_arg); + goto done; + } + break; + case 'N': + if (!wbinfo_wins_byname(string_arg)) { + d_printf("Could not lookup WINS by name %s\n", string_arg); + goto done; + } + break; + case 'I': + if (!wbinfo_wins_byip(string_arg)) { + d_printf("Could not lookup WINS by IP %s\n", string_arg); + goto done; + } + break; + case 'U': + if (!wbinfo_uid_to_sid(int_arg)) { + d_printf("Could not convert uid %d to sid\n", int_arg); + goto done; + } + break; + case 'G': + if (!wbinfo_gid_to_sid(int_arg)) { + d_printf("Could not convert gid %d to sid\n", + int_arg); + goto done; + } + break; + case 'S': + if (!wbinfo_sid_to_uid(string_arg)) { + d_printf("Could not convert sid %s to uid\n", + string_arg); + goto done; + } + break; + case 'Y': + if (!wbinfo_sid_to_gid(string_arg)) { + d_printf("Could not convert sid %s to gid\n", + string_arg); + goto done; + } + break; + case 't': + if (!wbinfo_check_secret()) { + d_printf("Could not check secret\n"); + goto done; + } + break; + case 'm': + if (!wbinfo_list_domains()) { + d_printf("Could not list trusted domains\n"); + goto done; + } + break; + case OPT_SEQUENCE: + if (!wbinfo_show_sequence()) { + d_printf("Could not show sequence numbers\n"); + goto done; + } + break; + case 'r': + if (!wbinfo_get_usergroups(string_arg)) { + d_printf("Could not get groups for user %s\n", + string_arg); + goto done; + } + break; + case 'a': { + BOOL got_error = False; + + if (!wbinfo_auth(string_arg)) { + d_printf("Could not authenticate user %s with " + "plaintext password\n", string_arg); + got_error = True; + } + + if (!wbinfo_auth_crap(string_arg)) { + d_printf("Could not authenticate user %s with " + "challenge/response\n", string_arg); + got_error = True; + } + + if (got_error) + goto done; + break; + } + case 'p': { + if (!wbinfo_ping()) { + d_printf("could not ping winbindd!\n"); + goto done; + } + break; + } + case OPT_SET_AUTH_USER: + wbinfo_set_auth_user(string_arg); + break; + case OPT_GET_AUTH_USER: + wbinfo_get_auth_user(); + break; + default: + d_fprintf(stderr, "Invalid option\n"); + poptPrintHelp(pc, stderr, 0); + goto done; + } + } + + result = 0; + + /* Exit code */ + + done: + poptFreeContext(pc); + return result; +} -- cgit From 7fb1be73734915e027f86aca9ba62b86c56ca787 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 24 May 2004 17:41:47 +0000 Subject: r853: remove a real big bunch of unused code I really think that this is needed to get a better overview of what is currently used Also this stuff is really out of date so if we really ever need some of this stuff back, a 'svn copy' from the SAMBA_3_0 branch should be no big problem... metze (This used to be commit 972598d511c64f29bdc849fe58c9c82fbcf6a4a2) --- source4/nsswitch/wbinfo.c | 891 ---------------------------------------------- 1 file changed, 891 deletions(-) delete mode 100644 source4/nsswitch/wbinfo.c (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c deleted file mode 100644 index 68dc178bcd..0000000000 --- a/source4/nsswitch/wbinfo.c +++ /dev/null @@ -1,891 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind status program. - - Copyright (C) Tim Potter 2000-2002 - Copyright (C) Andrew Bartlett 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "winbindd.h" -#include "debug.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_WINBIND - -extern int winbindd_fd; - -static char winbind_separator(void) -{ - struct winbindd_response response; - static BOOL got_sep; - static char sep; - - if (got_sep) - return sep; - - ZERO_STRUCT(response); - - /* Send off request */ - - if (winbindd_request(WINBINDD_INFO, NULL, &response) != - NSS_STATUS_SUCCESS) { - d_printf("could not obtain winbind separator!\n"); - /* HACK: (this module should not call lp_ funtions) */ - return *lp_winbind_separator(); - } - - sep = response.data.info.winbind_separator; - got_sep = True; - - if (!sep) { - d_printf("winbind separator was NULL!\n"); - /* HACK: (this module should not call lp_ funtions) */ - sep = *lp_winbind_separator(); - } - - return sep; -} - -static const char *get_winbind_domain(void) -{ - struct winbindd_response response; - static fstring winbind_domain; - - ZERO_STRUCT(response); - - /* Send off request */ - - if (winbindd_request(WINBINDD_DOMAIN_NAME, NULL, &response) != - NSS_STATUS_SUCCESS) { - d_printf("could not obtain winbind domain name!\n"); - - /* HACK: (this module should not call lp_ funtions) */ - return lp_workgroup(); - } - - fstrcpy(winbind_domain, response.data.domain_name); - - return winbind_domain; - -} - -/* Copy of parse_domain_user from winbindd_util.c. Parse a string of the - form DOMAIN/user into a domain and a user */ - -static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, - fstring user) -{ - - char *p = strchr(domuser,winbind_separator()); - - if (!p) { - fstrcpy(user, domuser); - fstrcpy(domain, get_winbind_domain()); - return True; - } - - fstrcpy(user, p+1); - fstrcpy(domain, domuser); - domain[PTR_DIFF(p, domuser)] = 0; - strupper(domain); - - return True; -} - -/* List groups a user is a member of */ - -static BOOL wbinfo_get_usergroups(char *user) -{ - struct winbindd_request request; - struct winbindd_response response; - NSS_STATUS result; - int i; - - ZERO_STRUCT(response); - - /* Send request */ - - fstrcpy(request.data.username, user); - - result = winbindd_request(WINBINDD_GETGROUPS, &request, &response); - - if (result != NSS_STATUS_SUCCESS) - return False; - - for (i = 0; i < response.data.num_entries; i++) - d_printf("%d\n", (int)((gid_t *)response.extra_data)[i]); - - SAFE_FREE(response.extra_data); - - return True; -} - -/* Convert NetBIOS name to IP */ - -static BOOL wbinfo_wins_byname(char *name) -{ - struct winbindd_request request; - struct winbindd_response response; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - fstrcpy(request.data.winsreq, name); - - if (winbindd_request(WINBINDD_WINS_BYNAME, &request, &response) != - NSS_STATUS_SUCCESS) { - return False; - } - - /* Display response */ - - printf("%s\n", response.data.winsresp); - - return True; -} - -/* Convert IP to NetBIOS name */ - -static BOOL wbinfo_wins_byip(char *ip) -{ - struct winbindd_request request; - struct winbindd_response response; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - fstrcpy(request.data.winsreq, ip); - - if (winbindd_request(WINBINDD_WINS_BYIP, &request, &response) != - NSS_STATUS_SUCCESS) { - return False; - } - - /* Display response */ - - printf("%s\n", response.data.winsresp); - - return True; -} - -/* List trusted domains */ - -static BOOL wbinfo_list_domains(void) -{ - struct winbindd_response response; - fstring name; - - ZERO_STRUCT(response); - - /* Send request */ - - if (winbindd_request(WINBINDD_LIST_TRUSTDOM, NULL, &response) != - NSS_STATUS_SUCCESS) - return False; - - /* Display response */ - - if (response.extra_data) { - const char *extra_data = (char *)response.extra_data; - - while(next_token(&extra_data, name, ",", sizeof(fstring))) - d_printf("%s\n", name); - - SAFE_FREE(response.extra_data); - } - - return True; -} - - -/* show sequence numbers */ -static BOOL wbinfo_show_sequence(void) -{ - struct winbindd_response response; - - ZERO_STRUCT(response); - - /* Send request */ - - if (winbindd_request(WINBINDD_SHOW_SEQUENCE, NULL, &response) != - NSS_STATUS_SUCCESS) - return False; - - /* Display response */ - - if (response.extra_data) { - char *extra_data = (char *)response.extra_data; - d_printf("%s", extra_data); - SAFE_FREE(response.extra_data); - } - - return True; -} - -/* Check trust account password */ - -static BOOL wbinfo_check_secret(void) -{ - struct winbindd_response response; - NSS_STATUS result; - - ZERO_STRUCT(response); - - result = winbindd_request(WINBINDD_CHECK_MACHACC, NULL, &response); - - d_printf("checking the trust secret via RPC calls %s\n", - (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); - - if (result != NSS_STATUS_SUCCESS) - d_printf("error code was %s (0x%x)\n", - response.data.auth.nt_status_string, - response.data.auth.nt_status); - - return result == NSS_STATUS_SUCCESS; -} - -/* Convert uid to sid */ - -static BOOL wbinfo_uid_to_sid(uid_t uid) -{ - struct winbindd_request request; - struct winbindd_response response; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - request.data.uid = uid; - - if (winbindd_request(WINBINDD_UID_TO_SID, &request, &response) != - NSS_STATUS_SUCCESS) - return False; - - /* Display response */ - - d_printf("%s\n", response.data.sid.sid); - - return True; -} - -/* Convert gid to sid */ - -static BOOL wbinfo_gid_to_sid(gid_t gid) -{ - struct winbindd_request request; - struct winbindd_response response; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - request.data.gid = gid; - - if (winbindd_request(WINBINDD_GID_TO_SID, &request, &response) != - NSS_STATUS_SUCCESS) - return False; - - /* Display response */ - - d_printf("%s\n", response.data.sid.sid); - - return True; -} - -/* Convert sid to uid */ - -static BOOL wbinfo_sid_to_uid(char *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - fstrcpy(request.data.sid, sid); - - if (winbindd_request(WINBINDD_SID_TO_UID, &request, &response) != - NSS_STATUS_SUCCESS) - return False; - - /* Display response */ - - d_printf("%d\n", (int)response.data.uid); - - return True; -} - -static BOOL wbinfo_sid_to_gid(char *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - fstrcpy(request.data.sid, sid); - - if (winbindd_request(WINBINDD_SID_TO_GID, &request, &response) != - NSS_STATUS_SUCCESS) - return False; - - /* Display response */ - - d_printf("%d\n", (int)response.data.gid); - - return True; -} - -/* Convert sid to string */ - -static BOOL wbinfo_lookupsid(char *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send off request */ - - fstrcpy(request.data.sid, sid); - - if (winbindd_request(WINBINDD_LOOKUPSID, &request, &response) != - NSS_STATUS_SUCCESS) - return False; - - /* Display response */ - - d_printf("%s%c%s %d\n", response.data.name.dom_name, - winbind_separator(), response.data.name.name, - response.data.name.type); - - return True; -} - -/* Convert string to sid */ - -static BOOL wbinfo_lookupname(char *name) -{ - struct winbindd_request request; - struct winbindd_response response; - - /* Send off request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - parse_wbinfo_domain_user(name, request.data.name.dom_name, - request.data.name.name); - - if (winbindd_request(WINBINDD_LOOKUPNAME, &request, &response) != - NSS_STATUS_SUCCESS) - return False; - - /* Display response */ - - d_printf("%s %d\n", response.data.sid.sid, response.data.sid.type); - - return True; -} - -/* Authenticate a user with a plaintext password */ - -static BOOL wbinfo_auth(char *username) -{ - struct winbindd_request request; - struct winbindd_response response; - NSS_STATUS result; - char *p; - - /* Send off request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - p = strchr(username, '%'); - - if (p) { - *p = 0; - fstrcpy(request.data.auth.user, username); - fstrcpy(request.data.auth.pass, p + 1); - *p = '%'; - } else - fstrcpy(request.data.auth.user, username); - - result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response); - - /* Display response */ - - d_printf("plaintext password authentication %s\n", - (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); - - if (response.data.auth.nt_status) - d_printf("error code was %s (0x%x)\n", - response.data.auth.nt_status_string, - response.data.auth.nt_status); - - return result == NSS_STATUS_SUCCESS; -} - -/* Authenticate a user with a challenge/response */ - -static BOOL wbinfo_auth_crap(char *username) -{ - struct winbindd_request request; - struct winbindd_response response; - NSS_STATUS result; - fstring name_user; - fstring name_domain; - fstring pass; - char *p; - - /* Send off request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - p = strchr(username, '%'); - - if (p) { - *p = 0; - fstrcpy(pass, p + 1); - } - - parse_wbinfo_domain_user(username, name_domain, name_user); - - fstrcpy(request.data.auth_crap.user, name_user); - - fstrcpy(request.data.auth_crap.domain, name_domain); - - generate_random_buffer(request.data.auth_crap.chal, 8, False); - - SMBencrypt(pass, request.data.auth_crap.chal, - (uchar *)request.data.auth_crap.lm_resp); - SMBNTencrypt(pass, request.data.auth_crap.chal, - (uchar *)request.data.auth_crap.nt_resp); - - request.data.auth_crap.lm_resp_len = 24; - request.data.auth_crap.nt_resp_len = 24; - - result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response); - - /* Display response */ - - d_printf("challenge/response password authentication %s\n", - (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); - - if (response.data.auth.nt_status) - d_printf("error code was %s (0x%x)\n", - response.data.auth.nt_status_string, - response.data.auth.nt_status); - - return result == NSS_STATUS_SUCCESS; -} - -/* Print domain users */ - -static BOOL print_domain_users(void) -{ - struct winbindd_response response; - const char *extra_data; - fstring name; - - /* Send request to winbind daemon */ - - ZERO_STRUCT(response); - - if (winbindd_request(WINBINDD_LIST_USERS, NULL, &response) != - NSS_STATUS_SUCCESS) - return False; - - /* Look through extra data */ - - if (!response.extra_data) - return False; - - extra_data = (const char *)response.extra_data; - - while(next_token(&extra_data, name, ",", sizeof(fstring))) - d_printf("%s\n", name); - - SAFE_FREE(response.extra_data); - - return True; -} - -/* Print domain groups */ - -static BOOL print_domain_groups(void) -{ - struct winbindd_response response; - const char *extra_data; - fstring name; - - ZERO_STRUCT(response); - - if (winbindd_request(WINBINDD_LIST_GROUPS, NULL, &response) != - NSS_STATUS_SUCCESS) - return False; - - /* Look through extra data */ - - if (!response.extra_data) - return False; - - extra_data = (const char *)response.extra_data; - - while(next_token(&extra_data, name, ",", sizeof(fstring))) - d_printf("%s\n", name); - - SAFE_FREE(response.extra_data); - - return True; -} - -/* Set the authorised user for winbindd access in secrets.tdb */ - -static BOOL wbinfo_set_auth_user(char *username) -{ - char *password; - fstring user, domain; - - /* Separate into user and password */ - - parse_wbinfo_domain_user(username, domain, user); - - password = strchr(user, '%'); - - if (password) { - *password = 0; - password++; - } else - password = ""; - - /* Store or remove DOMAIN\username%password in secrets.tdb */ - - secrets_init(); - - if (user[0]) { - - if (!secrets_store(SECRETS_AUTH_USER, user, - strlen(user) + 1)) { - d_fprintf(stderr, "error storing username\n"); - return False; - } - - /* We always have a domain name added by the - parse_wbinfo_domain_user() function. */ - - if (!secrets_store(SECRETS_AUTH_DOMAIN, domain, - strlen(domain) + 1)) { - d_fprintf(stderr, "error storing domain name\n"); - return False; - } - - } else { - secrets_delete(SECRETS_AUTH_USER); - secrets_delete(SECRETS_AUTH_DOMAIN); - } - - if (password[0]) { - - if (!secrets_store(SECRETS_AUTH_PASSWORD, password, - strlen(password) + 1)) { - d_fprintf(stderr, "error storing password\n"); - return False; - } - - } else - secrets_delete(SECRETS_AUTH_PASSWORD); - - return True; -} - -static void wbinfo_get_auth_user(void) -{ - char *user, *domain, *password; - - /* Lift data from secrets file */ - - secrets_init(); - - user = secrets_fetch(SECRETS_AUTH_USER, NULL); - domain = secrets_fetch(SECRETS_AUTH_DOMAIN, NULL); - password = secrets_fetch(SECRETS_AUTH_PASSWORD, NULL); - - if (!user && !domain && !password) { - d_printf("No authorised user configured\n"); - return; - } - - /* Pretty print authorised user info */ - - d_printf("%s%s%s%s%s\n", domain ? domain : "", domain ? "\\" : "", - user, password ? "%" : "", password ? password : ""); - - SAFE_FREE(user); - SAFE_FREE(domain); - SAFE_FREE(password); -} - -static BOOL wbinfo_ping(void) -{ - NSS_STATUS result; - - result = winbindd_request(WINBINDD_PING, NULL, NULL); - - /* Display response */ - - d_printf("'ping' to winbindd %s on fd %d\n", - (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed", winbindd_fd); - - return result == NSS_STATUS_SUCCESS; -} - -/* Main program */ - -enum { - OPT_SET_AUTH_USER = 1000, - OPT_GET_AUTH_USER, - OPT_SEQUENCE -}; - -int main(int argc, char **argv) -{ - int opt; - - poptContext pc; - static char *string_arg; - static int int_arg; - BOOL got_command = False; - int result = 1; - - struct poptOption long_options[] = { - POPT_AUTOHELP - - /* longName, shortName, argInfo, argPtr, value, descrip, - argDesc */ - - { "domain-users", 'u', POPT_ARG_NONE, 0, 'u', "Lists all domain users"}, - { "domain-groups", 'g', POPT_ARG_NONE, 0, 'g', "Lists all domain groups" }, - { "WINS-by-name", 'N', POPT_ARG_STRING, &string_arg, 'N', "Converts NetBIOS name to IP (WINS)", "NETBIOS-NAME" }, - { "WINS-by-ip", 'I', POPT_ARG_STRING, &string_arg, 'I', "Converts IP address to NetBIOS name (WINS)", "IP" }, - { "name-to-sid", 'n', POPT_ARG_STRING, &string_arg, 'n', "Converts name to sid", "NAME" }, - { "sid-to-name", 's', POPT_ARG_STRING, &string_arg, 's', "Converts sid to name", "SID" }, - { "uid-to-sid", 'U', POPT_ARG_INT, &int_arg, 'U', "Converts uid to sid" , "UID" }, - { "gid-to-sid", 'G', POPT_ARG_INT, &int_arg, 'G', "Converts gid to sid", "GID" }, - { "sid-to-uid", 'S', POPT_ARG_STRING, &string_arg, 'S', "Converts sid to uid", "SID" }, - { "sid-to-gid", 'Y', POPT_ARG_STRING, &string_arg, 'Y', "Converts sid to gid", "SID" }, - { "check-secret", 't', POPT_ARG_NONE, 0, 't', "Check shared secret" }, - { "trusted-domains", 'm', POPT_ARG_NONE, 0, 'm', "List trusted domains" }, - { "sequence", 0, POPT_ARG_NONE, 0, OPT_SEQUENCE, "show sequence numbers of all domains" }, - { "user-groups", 'r', POPT_ARG_STRING, &string_arg, 'r', "Get user groups", "USER" }, - { "authenticate", 'a', POPT_ARG_STRING, &string_arg, 'a', "authenticate user", "user%password" }, - { "set-auth-user", 'A', POPT_ARG_STRING, &string_arg, OPT_SET_AUTH_USER, "Store user and password used by winbindd (root only)", "user%password" }, - { "get-auth-user", 0, POPT_ARG_NONE, NULL, OPT_GET_AUTH_USER, "Retrieve user and password used by winbindd (root only)", NULL }, - { "ping", 'p', POPT_ARG_NONE, 0, 'p', "'ping' winbindd to see if it is alive" }, - { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_version}, - { 0, 0, 0, 0 } - }; - - /* Samba client initialisation */ - - if (!lp_load(dyn_CONFIGFILE, True, False, False)) { - d_fprintf(stderr, "wbinfo: error opening config file %s. Error was %s\n", - dyn_CONFIGFILE, strerror(errno)); - exit(1); - } - - if (!init_names()) - return 1; - - load_interfaces(); - - /* Parse options */ - - pc = poptGetContext("wbinfo", argc, (const char **)argv, long_options, 0); - - /* Parse command line options */ - - if (argc == 1) { - poptPrintHelp(pc, stderr, 0); - return 1; - } - - while((opt = poptGetNextOpt(pc)) != -1) { - if (got_command) { - d_fprintf(stderr, "No more than one command may be specified at once.\n"); - exit(1); - } - got_command = True; - } - - poptFreeContext(pc); - - pc = poptGetContext(NULL, argc, (const char **)argv, long_options, - POPT_CONTEXT_KEEP_FIRST); - - while((opt = poptGetNextOpt(pc)) != -1) { - switch (opt) { - case 'u': - if (!print_domain_users()) { - d_printf("Error looking up domain users\n"); - goto done; - } - break; - case 'g': - if (!print_domain_groups()) { - d_printf("Error looking up domain groups\n"); - goto done; - } - break; - case 's': - if (!wbinfo_lookupsid(string_arg)) { - d_printf("Could not lookup sid %s\n", string_arg); - goto done; - } - break; - case 'n': - if (!wbinfo_lookupname(string_arg)) { - d_printf("Could not lookup name %s\n", string_arg); - goto done; - } - break; - case 'N': - if (!wbinfo_wins_byname(string_arg)) { - d_printf("Could not lookup WINS by name %s\n", string_arg); - goto done; - } - break; - case 'I': - if (!wbinfo_wins_byip(string_arg)) { - d_printf("Could not lookup WINS by IP %s\n", string_arg); - goto done; - } - break; - case 'U': - if (!wbinfo_uid_to_sid(int_arg)) { - d_printf("Could not convert uid %d to sid\n", int_arg); - goto done; - } - break; - case 'G': - if (!wbinfo_gid_to_sid(int_arg)) { - d_printf("Could not convert gid %d to sid\n", - int_arg); - goto done; - } - break; - case 'S': - if (!wbinfo_sid_to_uid(string_arg)) { - d_printf("Could not convert sid %s to uid\n", - string_arg); - goto done; - } - break; - case 'Y': - if (!wbinfo_sid_to_gid(string_arg)) { - d_printf("Could not convert sid %s to gid\n", - string_arg); - goto done; - } - break; - case 't': - if (!wbinfo_check_secret()) { - d_printf("Could not check secret\n"); - goto done; - } - break; - case 'm': - if (!wbinfo_list_domains()) { - d_printf("Could not list trusted domains\n"); - goto done; - } - break; - case OPT_SEQUENCE: - if (!wbinfo_show_sequence()) { - d_printf("Could not show sequence numbers\n"); - goto done; - } - break; - case 'r': - if (!wbinfo_get_usergroups(string_arg)) { - d_printf("Could not get groups for user %s\n", - string_arg); - goto done; - } - break; - case 'a': { - BOOL got_error = False; - - if (!wbinfo_auth(string_arg)) { - d_printf("Could not authenticate user %s with " - "plaintext password\n", string_arg); - got_error = True; - } - - if (!wbinfo_auth_crap(string_arg)) { - d_printf("Could not authenticate user %s with " - "challenge/response\n", string_arg); - got_error = True; - } - - if (got_error) - goto done; - break; - } - case 'p': { - if (!wbinfo_ping()) { - d_printf("could not ping winbindd!\n"); - goto done; - } - break; - } - case OPT_SET_AUTH_USER: - wbinfo_set_auth_user(string_arg); - break; - case OPT_GET_AUTH_USER: - wbinfo_get_auth_user(); - break; - default: - d_fprintf(stderr, "Invalid option\n"); - poptPrintHelp(pc, stderr, 0); - goto done; - } - } - - result = 0; - - /* Exit code */ - - done: - poptFreeContext(pc); - return result; -} -- cgit From 762f9efa485323728679f10b1f51632e58ca81c1 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 12 Jul 2007 10:16:59 +0000 Subject: r23852: Merge Samba 3.2's wbinfo into Samba4, so Kai can use it for testing. Andrew Bartlett (This used to be commit 0fc9b015d734463416e7acb1981eb65216d200fc) --- source4/nsswitch/wbinfo.c | 1255 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1255 insertions(+) create mode 100644 source4/nsswitch/wbinfo.c (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c new file mode 100644 index 0000000000..9cffefb49e --- /dev/null +++ b/source4/nsswitch/wbinfo.c @@ -0,0 +1,1255 @@ +/* + Unix SMB/CIFS implementation. + + Winbind status program. + + Copyright (C) Tim Potter 2000-2003 + Copyright (C) Andrew Bartlett 2002-2007 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" +#include "pstring.h" +#include "winbind_nss_config.h" +#include "winbindd_nss.h" +#include "winbind_client.h" +#include "librpc/gen_ndr/ndr_netlogon.h" +#include "libcli/auth/libcli_auth.h" +#include "libcli/security/security.h" +#include "lib/cmdline/popt_common.h" +#include "dynconfig.h" + +extern int winbindd_fd; + +static char winbind_separator_int(BOOL strict) +{ + struct winbindd_response response; + static BOOL got_sep; + static char sep; + + if (got_sep) + return sep; + + ZERO_STRUCT(response); + + /* Send off request */ + + if (winbindd_request(WINBINDD_INFO, NULL, &response) != + NSS_STATUS_SUCCESS) { + d_fprintf(stderr, "could not obtain winbind separator!\n"); + if (strict) { + return 0; + } + /* HACK: (this module should not call lp_ funtions) */ + return *lp_winbind_separator(); + } + + sep = response.data.info.winbind_separator; + got_sep = True; + + if (!sep) { + d_fprintf(stderr, "winbind separator was NULL!\n"); + if (strict) { + return 0; + } + /* HACK: (this module should not call lp_ funtions) */ + sep = *lp_winbind_separator(); + } + + return sep; +} + +static char winbind_separator(void) +{ + return winbind_separator_int(False); +} + +static const char *get_winbind_domain(void) +{ + struct winbindd_response response; + static fstring winbind_domain; + + ZERO_STRUCT(response); + + /* Send off request */ + + if (winbindd_request(WINBINDD_DOMAIN_NAME, NULL, &response) != + NSS_STATUS_SUCCESS) { + d_fprintf(stderr, "could not obtain winbind domain name!\n"); + + /* HACK: (this module should not call lp_ funtions) */ + return lp_workgroup(); + } + + fstrcpy(winbind_domain, response.data.domain_name); + + return winbind_domain; + +} + +/* Copy of parse_domain_user from winbindd_util.c. Parse a string of the + form DOMAIN/user into a domain and a user */ + +static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, + fstring user) +{ + + char *p = strchr(domuser,winbind_separator()); + + if (!p) { + fstrcpy(user, domuser); + fstrcpy(domain, get_winbind_domain()); + return True; + } + + fstrcpy(user, p+1); + fstrcpy(domain, domuser); + domain[PTR_DIFF(p, domuser)] = 0; + strupper_m(domain); + + return True; +} + +/* pull pwent info for a given user */ + +static BOOL wbinfo_get_userinfo(char *user) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.username, user); + + result = winbindd_request(WINBINDD_GETPWNAM, &request, &response); + + if (result != NSS_STATUS_SUCCESS) + return False; + + d_printf( "%s:%s:%d:%d:%s:%s:%s\n", + response.data.pw.pw_name, + response.data.pw.pw_passwd, + response.data.pw.pw_uid, + response.data.pw.pw_gid, + response.data.pw.pw_gecos, + response.data.pw.pw_dir, + response.data.pw.pw_shell ); + + return True; +} + +/* pull grent for a given group */ +static BOOL wbinfo_get_groupinfo(char *group) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.groupname, group); + + result = winbindd_request(WINBINDD_GETGRNAM, &request, + &response); + + if ( result != NSS_STATUS_SUCCESS) + return False; + + d_printf( "%s:%s:%d\n", + response.data.gr.gr_name, + response.data.gr.gr_passwd, + response.data.gr.gr_gid ); + + return True; +} + +/* List groups a user is a member of */ + +static BOOL wbinfo_get_usergroups(char *user) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + int i; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.username, user); + + result = winbindd_request(WINBINDD_GETGROUPS, &request, &response); + + if (result != NSS_STATUS_SUCCESS) + return False; + + for (i = 0; i < response.data.num_entries; i++) + d_printf("%d\n", (int)((gid_t *)response.extra_data.data)[i]); + + SAFE_FREE(response.extra_data.data); + + return True; +} + + +/* List group SIDs a user SID is a member of */ +static BOOL wbinfo_get_usersids(char *user_sid) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + int i; + const char *s; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + fstrcpy(request.data.sid, user_sid); + + result = winbindd_request(WINBINDD_GETUSERSIDS, &request, &response); + + if (result != NSS_STATUS_SUCCESS) + return False; + + s = (const char *)response.extra_data.data; + for (i = 0; i < response.data.num_entries; i++) { + d_printf("%s\n", s); + s += strlen(s) + 1; + } + + SAFE_FREE(response.extra_data.data); + + return True; +} + +static BOOL wbinfo_get_userdomgroups(const char *user_sid) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + fstrcpy(request.data.sid, user_sid); + + result = winbindd_request(WINBINDD_GETUSERDOMGROUPS, &request, + &response); + + if (result != NSS_STATUS_SUCCESS) + return False; + + if (response.data.num_entries != 0) + printf("%s", (char *)response.extra_data.data); + + SAFE_FREE(response.extra_data.data); + + return True; +} + +/* Convert NetBIOS name to IP */ + +static BOOL wbinfo_wins_byname(char *name) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.winsreq, name); + + if (winbindd_request(WINBINDD_WINS_BYNAME, &request, &response) != + NSS_STATUS_SUCCESS) { + return False; + } + + /* Display response */ + + d_printf("%s\n", response.data.winsresp); + + return True; +} + +/* Convert IP to NetBIOS name */ + +static BOOL wbinfo_wins_byip(char *ip) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.winsreq, ip); + + if (winbindd_request(WINBINDD_WINS_BYIP, &request, &response) != + NSS_STATUS_SUCCESS) { + return False; + } + + /* Display response */ + + d_printf("%s\n", response.data.winsresp); + + return True; +} + +/* List trusted domains */ + +static BOOL wbinfo_list_domains(BOOL list_all_domains) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + request.data.list_all_domains = list_all_domains; + + if (winbindd_request(WINBINDD_LIST_TRUSTDOM, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + if (response.extra_data.data) { + const char *extra_data = (char *)response.extra_data.data; + fstring name; + char *p; + + while(next_token(&extra_data, name, "\n", sizeof(fstring))) { + p = strchr(name, '\\'); + if (p == 0) { + d_fprintf(stderr, "Got invalid response: %s\n", + extra_data); + return False; + } + *p = 0; + d_printf("%s\n", name); + } + + SAFE_FREE(response.extra_data.data); + } + + return True; +} + +/* List own domain */ + +static BOOL wbinfo_list_own_domain(void) +{ + d_printf("%s\n", get_winbind_domain()); + + return True; +} + +/* show sequence numbers */ +static BOOL wbinfo_show_sequence(const char *domain) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(response); + ZERO_STRUCT(request); + + if ( domain ) + fstrcpy( request.domain_name, domain ); + + /* Send request */ + + if (winbindd_request(WINBINDD_SHOW_SEQUENCE, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + if (response.extra_data.data) { + char *extra_data = (char *)response.extra_data.data; + d_printf("%s", extra_data); + SAFE_FREE(response.extra_data.data); + } + + return True; +} + +/* Show domain info */ + +static BOOL wbinfo_domain_info(const char *domain_name) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + if ((strequal(domain_name, ".")) || (domain_name[0] == '\0')) + fstrcpy(request.domain_name, get_winbind_domain()); + else + fstrcpy(request.domain_name, domain_name); + + /* Send request */ + + if (winbindd_request(WINBINDD_DOMAIN_INFO, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("Name : %s\n", response.data.domain_info.name); + d_printf("Alt_Name : %s\n", response.data.domain_info.alt_name); + + d_printf("SID : %s\n", response.data.domain_info.sid); + + d_printf("Active Directory : %s\n", + response.data.domain_info.active_directory ? "Yes" : "No"); + d_printf("Native : %s\n", + response.data.domain_info.native_mode ? "Yes" : "No"); + + d_printf("Primary : %s\n", + response.data.domain_info.primary ? "Yes" : "No"); + + d_printf("Sequence : %d\n", response.data.domain_info.sequence_number); + + return True; +} + +/* Get a foreign DC's name */ +static BOOL wbinfo_getdcname(const char *domain_name) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + fstrcpy(request.domain_name, domain_name); + + /* Send request */ + + if (winbindd_request(WINBINDD_GETDCNAME, &request, &response) != + NSS_STATUS_SUCCESS) { + d_fprintf(stderr, "Could not get dc name for %s\n", domain_name); + return False; + } + + /* Display response */ + + d_printf("%s\n", response.data.dc_name); + + return True; +} + +/* Check trust account password */ + +static BOOL wbinfo_check_secret(void) +{ + struct winbindd_response response; + NSS_STATUS result; + + ZERO_STRUCT(response); + + result = winbindd_request(WINBINDD_CHECK_MACHACC, NULL, &response); + + d_printf("checking the trust secret via RPC calls %s\n", + (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); + + if (result != NSS_STATUS_SUCCESS) + d_fprintf(stderr, "error code was %s (0x%x)\n", + response.data.auth.nt_status_string, + response.data.auth.nt_status); + + return result == NSS_STATUS_SUCCESS; +} + +/* Convert uid to sid */ + +static BOOL wbinfo_uid_to_sid(uid_t uid) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + request.data.uid = uid; + + if (winbindd_request(WINBINDD_UID_TO_SID, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%s\n", response.data.sid.sid); + + return True; +} + +/* Convert gid to sid */ + +static BOOL wbinfo_gid_to_sid(gid_t gid) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + request.data.gid = gid; + + if (winbindd_request(WINBINDD_GID_TO_SID, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%s\n", response.data.sid.sid); + + return True; +} + +/* Convert sid to uid */ + +static BOOL wbinfo_sid_to_uid(char *sid) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.sid, sid); + + if (winbindd_request(WINBINDD_SID_TO_UID, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%d\n", (int)response.data.uid); + + return True; +} + +static BOOL wbinfo_sid_to_gid(char *sid) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + fstrcpy(request.data.sid, sid); + + if (winbindd_request(WINBINDD_SID_TO_GID, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%d\n", (int)response.data.gid); + + return True; +} + +/* Convert sid to string */ + +static BOOL wbinfo_lookupsid(char *sid) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send off request */ + + fstrcpy(request.data.sid, sid); + + if (winbindd_request(WINBINDD_LOOKUPSID, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%s%c%s %d\n", response.data.name.dom_name, + winbind_separator(), response.data.name.name, + response.data.name.type); + + return True; +} + +static const char *sid_type_lookup(enum lsa_SidType r) +{ + switch (r) { + case SID_NAME_USE_NONE: return "SID_NAME_USE_NONE"; break; + case SID_NAME_USER: return "SID_NAME_USER"; break; + case SID_NAME_DOM_GRP: return "SID_NAME_DOM_GRP"; break; + case SID_NAME_DOMAIN: return "SID_NAME_DOMAIN"; break; + case SID_NAME_ALIAS: return "SID_NAME_ALIAS"; break; + case SID_NAME_WKN_GRP: return "SID_NAME_WKN_GRP"; break; + case SID_NAME_DELETED: return "SID_NAME_DELETED"; break; + case SID_NAME_INVALID: return "SID_NAME_INVALID"; break; + case SID_NAME_UNKNOWN: return "SID_NAME_UNKNOWN"; break; + } + return "Invalid sid type\n"; +} + +/* Convert string to sid */ + +static BOOL wbinfo_lookupname(char *name) +{ + struct winbindd_request request; + struct winbindd_response response; + + /* Send off request */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + parse_wbinfo_domain_user(name, request.data.name.dom_name, + request.data.name.name); + + if (winbindd_request(WINBINDD_LOOKUPNAME, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("%s %s (%d)\n", response.data.sid.sid, sid_type_lookup(response.data.sid.type), response.data.sid.type); + + return True; +} + +/* Authenticate a user with a plaintext password */ + +static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + char *p; + + /* Send off request */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + p = strchr(username, '%'); + + if (p) { + *p = 0; + fstrcpy(request.data.auth.user, username); + fstrcpy(request.data.auth.pass, p + 1); + *p = '%'; + } else + fstrcpy(request.data.auth.user, username); + + request.flags = flags; + + fstrcpy(request.data.auth.krb5_cc_type, cctype); + + request.data.auth.uid = geteuid(); + + result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response); + + /* Display response */ + + d_printf("plaintext kerberos password authentication for [%s] %s (requesting cctype: %s)\n", + username, (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed", cctype); + + if (response.data.auth.nt_status) + d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", + response.data.auth.nt_status_string, + response.data.auth.nt_status, + response.data.auth.error_string); + + if (result == NSS_STATUS_SUCCESS) { + + if (request.flags & WBFLAG_PAM_INFO3_TEXT) { + if (response.data.auth.info3.user_flgs & NETLOGON_CACHED_ACCOUNT) { + d_printf("user_flgs: NETLOGON_CACHED_ACCOUNT\n"); + } + } + + if (response.data.auth.krb5ccname[0] != '\0') { + d_printf("credentials were put in: %s\n", response.data.auth.krb5ccname); + } else { + d_printf("no credentials cached\n"); + } + } + + return result == NSS_STATUS_SUCCESS; +} + +/* Authenticate a user with a plaintext password */ + +static BOOL wbinfo_auth(char *username) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + char *p; + + /* Send off request */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + p = strchr(username, '%'); + + if (p) { + *p = 0; + fstrcpy(request.data.auth.user, username); + fstrcpy(request.data.auth.pass, p + 1); + *p = '%'; + } else + fstrcpy(request.data.auth.user, username); + + result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response); + + /* Display response */ + + d_printf("plaintext password authentication %s\n", + (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); + + if (response.data.auth.nt_status) + d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", + response.data.auth.nt_status_string, + response.data.auth.nt_status, + response.data.auth.error_string); + + return result == NSS_STATUS_SUCCESS; +} + +/* Authenticate a user with a challenge/response */ + +static BOOL wbinfo_auth_crap(char *username) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + fstring name_user; + fstring name_domain; + fstring pass; + char *p; + + /* Send off request */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + p = strchr(username, '%'); + + if (p) { + *p = 0; + fstrcpy(pass, p + 1); + } + + parse_wbinfo_domain_user(username, name_domain, name_user); + + request.data.auth_crap.logon_parameters = MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT | MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT; + + fstrcpy(request.data.auth_crap.user, name_user); + + fstrcpy(request.data.auth_crap.domain, + name_domain); + + generate_random_buffer(request.data.auth_crap.chal, 8); + + if (lp_client_ntlmv2_auth()) { + DATA_BLOB server_chal; + DATA_BLOB names_blob; + + DATA_BLOB lm_response; + DATA_BLOB nt_response; + + TALLOC_CTX *mem_ctx; + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + d_printf("talloc_new failed\n"); + return False; + } + + server_chal = data_blob(request.data.auth_crap.chal, 8); + + /* Pretend this is a login to 'us', for blob purposes */ + names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(), lp_workgroup()); + + if (!SMBNTLMv2encrypt(mem_ctx, name_user, name_domain, pass, &server_chal, + &names_blob, + &lm_response, &nt_response, NULL, NULL)) { + data_blob_free(&names_blob); + data_blob_free(&server_chal); + return False; + } + data_blob_free(&names_blob); + data_blob_free(&server_chal); + + memcpy(request.data.auth_crap.nt_resp, nt_response.data, + MIN(nt_response.length, + sizeof(request.data.auth_crap.nt_resp))); + request.data.auth_crap.nt_resp_len = nt_response.length; + + memcpy(request.data.auth_crap.lm_resp, lm_response.data, + MIN(lm_response.length, + sizeof(request.data.auth_crap.lm_resp))); + request.data.auth_crap.lm_resp_len = lm_response.length; + + data_blob_free(&nt_response); + data_blob_free(&lm_response); + + } else { + if (lp_client_lanman_auth() + && SMBencrypt(pass, request.data.auth_crap.chal, + (unsigned char *)request.data.auth_crap.lm_resp)) { + request.data.auth_crap.lm_resp_len = 24; + } else { + request.data.auth_crap.lm_resp_len = 0; + } + SMBNTencrypt(pass, request.data.auth_crap.chal, + (unsigned char *)request.data.auth_crap.nt_resp); + + request.data.auth_crap.nt_resp_len = 24; + } + + result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response); + + /* Display response */ + + d_printf("challenge/response password authentication %s\n", + (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); + + if (response.data.auth.nt_status) + d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", + response.data.auth.nt_status_string, + response.data.auth.nt_status, + response.data.auth.error_string); + + return result == NSS_STATUS_SUCCESS; +} + +/* Print domain users */ + +static BOOL print_domain_users(const char *domain) +{ + struct winbindd_request request; + struct winbindd_response response; + const char *extra_data; + fstring name; + + /* Send request to winbind daemon */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + if (domain) { + /* '.' is the special sign for our own domain */ + if ( strequal(domain, ".") ) + fstrcpy( request.domain_name, get_winbind_domain() ); + else + fstrcpy( request.domain_name, domain ); + } + + if (winbindd_request(WINBINDD_LIST_USERS, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Look through extra data */ + + if (!response.extra_data.data) + return False; + + extra_data = (const char *)response.extra_data.data; + + while(next_token(&extra_data, name, ",", sizeof(fstring))) + d_printf("%s\n", name); + + SAFE_FREE(response.extra_data.data); + + return True; +} + +/* Print domain groups */ + +static BOOL print_domain_groups(const char *domain) +{ + struct winbindd_request request; + struct winbindd_response response; + const char *extra_data; + fstring name; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + if (domain) { + if ( strequal(domain, ".") ) + fstrcpy( request.domain_name, get_winbind_domain() ); + else + fstrcpy( request.domain_name, domain ); + } + + if (winbindd_request(WINBINDD_LIST_GROUPS, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Look through extra data */ + + if (!response.extra_data.data) + return False; + + extra_data = (const char *)response.extra_data.data; + + while(next_token(&extra_data, name, ",", sizeof(fstring))) + d_printf("%s\n", name); + + SAFE_FREE(response.extra_data.data); + + return True; +} + +static BOOL wbinfo_ping(void) +{ + NSS_STATUS result; + + result = winbindd_request(WINBINDD_PING, NULL, NULL); + + /* Display response */ + + d_printf("Ping to winbindd %s on fd %d\n", + (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed", winbindd_fd); + + return result == NSS_STATUS_SUCCESS; +} + +/* Main program */ + +enum { + OPT_SET_AUTH_USER = 1000, + OPT_GET_AUTH_USER, + OPT_DOMAIN_NAME, + OPT_SEQUENCE, + OPT_GETDCNAME, + OPT_USERDOMGROUPS, + OPT_USERSIDS, + OPT_ALLOCATE_UID, + OPT_ALLOCATE_GID, + OPT_SEPARATOR, + OPT_LIST_ALL_DOMAINS, + OPT_LIST_OWN_DOMAIN, + OPT_GROUP_INFO, +}; + +int main(int argc, char **argv, char **envp) +{ + int opt; + + poptContext pc; + static char *string_arg; + static char *opt_domain_name; + static int int_arg; + int result = 1; + + struct poptOption long_options[] = { + POPT_AUTOHELP + + /* longName, shortName, argInfo, argPtr, value, descrip, + argDesc */ + + { "domain-users", 'u', POPT_ARG_NONE, 0, 'u', "Lists all domain users", "domain"}, + { "domain-groups", 'g', POPT_ARG_NONE, 0, 'g', "Lists all domain groups", "domain" }, + { "WINS-by-name", 'N', POPT_ARG_STRING, &string_arg, 'N', "Converts NetBIOS name to IP", "NETBIOS-NAME" }, + { "WINS-by-ip", 'I', POPT_ARG_STRING, &string_arg, 'I', "Converts IP address to NetBIOS name", "IP" }, + { "name-to-sid", 'n', POPT_ARG_STRING, &string_arg, 'n', "Converts name to sid", "NAME" }, + { "sid-to-name", 's', POPT_ARG_STRING, &string_arg, 's', "Converts sid to name", "SID" }, + { "uid-to-sid", 'U', POPT_ARG_INT, &int_arg, 'U', "Converts uid to sid" , "UID" }, + { "gid-to-sid", 'G', POPT_ARG_INT, &int_arg, 'G', "Converts gid to sid", "GID" }, + { "sid-to-uid", 'S', POPT_ARG_STRING, &string_arg, 'S', "Converts sid to uid", "SID" }, + { "sid-to-gid", 'Y', POPT_ARG_STRING, &string_arg, 'Y', "Converts sid to gid", "SID" }, + { "check-secret", 't', POPT_ARG_NONE, 0, 't', "Check shared secret" }, + { "trusted-domains", 'm', POPT_ARG_NONE, 0, 'm', "List trusted domains" }, + { "all-domains", 0, POPT_ARG_NONE, 0, OPT_LIST_ALL_DOMAINS, "List all domains (trusted and own domain)" }, + { "own-domain", 0, POPT_ARG_NONE, 0, OPT_LIST_OWN_DOMAIN, "List own domain" }, + { "sequence", 0, POPT_ARG_NONE, 0, OPT_SEQUENCE, "Show sequence numbers of all domains" }, + { "domain-info", 'D', POPT_ARG_STRING, &string_arg, 'D', "Show most of the info we have about the domain" }, + { "user-info", 'i', POPT_ARG_STRING, &string_arg, 'i', "Get user info", "USER" }, + { "group-info", 0, POPT_ARG_STRING, &string_arg, OPT_GROUP_INFO, "Get group info", "GROUP" }, + { "user-groups", 'r', POPT_ARG_STRING, &string_arg, 'r', "Get user groups", "USER" }, + { "user-domgroups", 0, POPT_ARG_STRING, &string_arg, + OPT_USERDOMGROUPS, "Get user domain groups", "SID" }, + { "user-sids", 0, POPT_ARG_STRING, &string_arg, OPT_USERSIDS, "Get user group sids for user SID", "SID" }, + { "authenticate", 'a', POPT_ARG_STRING, &string_arg, 'a', "authenticate user", "user%password" }, + { "getdcname", 0, POPT_ARG_STRING, &string_arg, OPT_GETDCNAME, + "Get a DC name for a foreign domain", "domainname" }, + { "ping", 'p', POPT_ARG_NONE, 0, 'p', "Ping winbindd to see if it is alive" }, + { "domain", 0, POPT_ARG_STRING, &opt_domain_name, OPT_DOMAIN_NAME, "Define to the domain to restrict operation", "domain" }, +#ifdef HAVE_KRB5 + { "krb5auth", 'K', POPT_ARG_STRING, &string_arg, 'K', "authenticate user using Kerberos", "user%password" }, + /* destroys wbinfo --help output */ + /* "user%password,DOM\\user%password,user@EXAMPLE.COM,EXAMPLE.COM\\user%password" }, */ +#endif + { "separator", 0, POPT_ARG_NONE, 0, OPT_SEPARATOR, "Get the active winbind separator", NULL }, + POPT_COMMON_VERSION + POPT_COMMON_SAMBA + POPT_TABLEEND + }; + + /* Parse options */ + + pc = poptGetContext("wbinfo", argc, (const char **)argv, long_options, 0); + + /* Parse command line options */ + + if (argc == 1) { + poptPrintHelp(pc, stderr, 0); + return 1; + } + + while((opt = poptGetNextOpt(pc)) != -1) { + /* get the generic configuration parameters like --domain */ + } + + poptFreeContext(pc); + + pc = poptGetContext(NULL, argc, (const char **)argv, long_options, + POPT_CONTEXT_KEEP_FIRST); + + while((opt = poptGetNextOpt(pc)) != -1) { + switch (opt) { + case 'u': + if (!print_domain_users(opt_domain_name)) { + d_fprintf(stderr, "Error looking up domain users\n"); + goto done; + } + break; + case 'g': + if (!print_domain_groups(opt_domain_name)) { + d_fprintf(stderr, "Error looking up domain groups\n"); + goto done; + } + break; + case 's': + if (!wbinfo_lookupsid(string_arg)) { + d_fprintf(stderr, "Could not lookup sid %s\n", string_arg); + goto done; + } + break; + case 'n': + if (!wbinfo_lookupname(string_arg)) { + d_fprintf(stderr, "Could not lookup name %s\n", string_arg); + goto done; + } + break; + case 'N': + if (!wbinfo_wins_byname(string_arg)) { + d_fprintf(stderr, "Could not lookup WINS by name %s\n", string_arg); + goto done; + } + break; + case 'I': + if (!wbinfo_wins_byip(string_arg)) { + d_fprintf(stderr, "Could not lookup WINS by IP %s\n", string_arg); + goto done; + } + break; + case 'U': + if (!wbinfo_uid_to_sid(int_arg)) { + d_fprintf(stderr, "Could not convert uid %d to sid\n", int_arg); + goto done; + } + break; + case 'G': + if (!wbinfo_gid_to_sid(int_arg)) { + d_fprintf(stderr, "Could not convert gid %d to sid\n", + int_arg); + goto done; + } + break; + case 'S': + if (!wbinfo_sid_to_uid(string_arg)) { + d_fprintf(stderr, "Could not convert sid %s to uid\n", + string_arg); + goto done; + } + break; + case 'Y': + if (!wbinfo_sid_to_gid(string_arg)) { + d_fprintf(stderr, "Could not convert sid %s to gid\n", + string_arg); + goto done; + } + break; + case 't': + if (!wbinfo_check_secret()) { + d_fprintf(stderr, "Could not check secret\n"); + goto done; + } + break; + case 'm': + if (!wbinfo_list_domains(False)) { + d_fprintf(stderr, "Could not list trusted domains\n"); + goto done; + } + break; + case OPT_SEQUENCE: + if (!wbinfo_show_sequence(opt_domain_name)) { + d_fprintf(stderr, "Could not show sequence numbers\n"); + goto done; + } + break; + case 'D': + if (!wbinfo_domain_info(string_arg)) { + d_fprintf(stderr, "Could not get domain info\n"); + goto done; + } + break; + case 'i': + if (!wbinfo_get_userinfo(string_arg)) { + d_fprintf(stderr, "Could not get info for user %s\n", + string_arg); + goto done; + } + break; + case OPT_GROUP_INFO: + if ( !wbinfo_get_groupinfo(string_arg)) { + d_fprintf(stderr, "Could not get info for " + "group %s\n", string_arg); + goto done; + } + break; + case 'r': + if (!wbinfo_get_usergroups(string_arg)) { + d_fprintf(stderr, "Could not get groups for user %s\n", + string_arg); + goto done; + } + break; + case OPT_USERSIDS: + if (!wbinfo_get_usersids(string_arg)) { + d_fprintf(stderr, "Could not get group SIDs for user SID %s\n", + string_arg); + goto done; + } + break; + case OPT_USERDOMGROUPS: + if (!wbinfo_get_userdomgroups(string_arg)) { + d_fprintf(stderr, "Could not get user's domain groups " + "for user SID %s\n", string_arg); + goto done; + } + break; + case 'a': { + BOOL got_error = False; + + if (!wbinfo_auth(string_arg)) { + d_fprintf(stderr, "Could not authenticate user %s with " + "plaintext password\n", string_arg); + got_error = True; + } + + if (!wbinfo_auth_crap(string_arg)) { + d_fprintf(stderr, "Could not authenticate user %s with " + "challenge/response\n", string_arg); + got_error = True; + } + + if (got_error) + goto done; + break; + } + case 'K': { + uint32 flags = WBFLAG_PAM_KRB5 | + WBFLAG_PAM_CACHED_LOGIN | + WBFLAG_PAM_FALLBACK_AFTER_KRB5 | + WBFLAG_PAM_INFO3_TEXT; + + if (!wbinfo_auth_krb5(string_arg, "FILE", flags)) { + d_fprintf(stderr, "Could not authenticate user [%s] with " + "Kerberos (ccache: %s)\n", string_arg, "FILE"); + goto done; + } + break; + } + case 'p': + if (!wbinfo_ping()) { + d_fprintf(stderr, "could not ping winbindd!\n"); + goto done; + } + break; + case OPT_GETDCNAME: + if (!wbinfo_getdcname(string_arg)) { + goto done; + } + break; + case OPT_SEPARATOR: { + const char sep = winbind_separator_int(True); + if ( !sep ) { + goto done; + } + d_printf("%c\n", sep); + break; + } + case OPT_LIST_ALL_DOMAINS: + if (!wbinfo_list_domains(True)) { + goto done; + } + break; + case OPT_LIST_OWN_DOMAIN: + if (!wbinfo_list_own_domain()) { + goto done; + } + break; + /* generic configuration options */ + case OPT_DOMAIN_NAME: + break; + default: + d_fprintf(stderr, "Invalid option\n"); + poptPrintHelp(pc, stderr, 0); + goto done; + } + } + + result = 0; + + /* Exit code */ + + done: + poptFreeContext(pc); + return result; +} -- cgit From c24511fe25833a4b7fdab9584e22cbbf5decca4c Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Mon, 13 Aug 2007 16:26:39 +0000 Subject: r24374: Add a getpwuid lookup to wbinfo (This used to be commit f1672fb553e39f30c8dbb76f36c7132b2fd6e0c4) --- source4/nsswitch/wbinfo.c | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index 9cffefb49e..7e674fde1f 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -154,6 +154,35 @@ static BOOL wbinfo_get_userinfo(char *user) return True; } +/* pull pwent info for a given uid */ +static BOOL wbinfo_get_uidinfo(int uid) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + request.data.uid = uid; + + result = winbindd_request(WINBINDD_GETPWUID, &request, &response); + + if (result != NSS_STATUS_SUCCESS) + return False; + + d_printf( "%s:%s:%d:%d:%s:%s:%s\n", + response.data.pw.pw_name, + response.data.pw.pw_passwd, + response.data.pw.pw_uid, + response.data.pw.pw_gid, + response.data.pw.pw_gecos, + response.data.pw.pw_dir, + response.data.pw.pw_shell ); + + return True; +} + /* pull grent for a given group */ static BOOL wbinfo_get_groupinfo(char *group) { @@ -973,6 +1002,7 @@ enum { OPT_SEPARATOR, OPT_LIST_ALL_DOMAINS, OPT_LIST_OWN_DOMAIN, + OPT_UID_INFO, OPT_GROUP_INFO, }; @@ -1009,6 +1039,7 @@ int main(int argc, char **argv, char **envp) { "sequence", 0, POPT_ARG_NONE, 0, OPT_SEQUENCE, "Show sequence numbers of all domains" }, { "domain-info", 'D', POPT_ARG_STRING, &string_arg, 'D', "Show most of the info we have about the domain" }, { "user-info", 'i', POPT_ARG_STRING, &string_arg, 'i', "Get user info", "USER" }, + { "uid-info", 0, POPT_ARG_INT, &int_arg, OPT_UID_INFO, "Get user info from uid", "UID" }, { "group-info", 0, POPT_ARG_STRING, &string_arg, OPT_GROUP_INFO, "Get group info", "GROUP" }, { "user-groups", 'r', POPT_ARG_STRING, &string_arg, 'r', "Get user groups", "USER" }, { "user-domgroups", 0, POPT_ARG_STRING, &string_arg, @@ -1146,6 +1177,13 @@ int main(int argc, char **argv, char **envp) goto done; } break; + case OPT_UID_INFO: + if ( !wbinfo_get_uidinfo(int_arg)) { + d_fprintf(stderr, "Could not get info for uid " + "%d\n", int_arg); + goto done; + } + break; case OPT_GROUP_INFO: if ( !wbinfo_get_groupinfo(string_arg)) { d_fprintf(stderr, "Could not get info for " -- cgit From ffeee68e4b72dd94fee57366bd8d38b8c284c3d4 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 8 Sep 2007 12:42:09 +0000 Subject: r25026: Move param/param.h out of includes.h (This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31) --- source4/nsswitch/wbinfo.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index 7e674fde1f..120a475bc1 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -30,6 +30,7 @@ #include "libcli/security/security.h" #include "lib/cmdline/popt_common.h" #include "dynconfig.h" +#include "param/param.h" extern int winbindd_fd; -- cgit From 7d554e4104f432c7475f6a1019deb55619976a33 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 14 Sep 2007 13:14:59 +0000 Subject: r25158: rename nsswitch/winbindd_nss.h => nsswitch/winbind_struct_protocol.h metze (This used to be commit 1fc3a37902005a4f127191b9183747ddfb1f59a3) --- source4/nsswitch/wbinfo.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index 120a475bc1..a67b0512a2 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -22,8 +22,6 @@ #include "includes.h" #include "pstring.h" -#include "winbind_nss_config.h" -#include "winbindd_nss.h" #include "winbind_client.h" #include "librpc/gen_ndr/ndr_netlogon.h" #include "libcli/auth/libcli_auth.h" -- cgit From 540caf7ea691874436ddfaf440f4b0714e592dce Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 15 Sep 2007 20:09:29 +0000 Subject: r25181: sync winbind client code with samba3 NOTE: wbinfo.c isn't fully merged here metze (This used to be commit eee5327dc2f79c052c2db0ca89f23cc9d2ce355d) --- source4/nsswitch/wbinfo.c | 58 +++++++++++++++++++++++------------------------ 1 file changed, 29 insertions(+), 29 deletions(-) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index a67b0512a2..46e4668dbe 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -45,7 +45,7 @@ static char winbind_separator_int(BOOL strict) /* Send off request */ - if (winbindd_request(WINBINDD_INFO, NULL, &response) != + if (winbindd_request_response(WINBINDD_INFO, NULL, &response) != NSS_STATUS_SUCCESS) { d_fprintf(stderr, "could not obtain winbind separator!\n"); if (strict) { @@ -84,7 +84,7 @@ static const char *get_winbind_domain(void) /* Send off request */ - if (winbindd_request(WINBINDD_DOMAIN_NAME, NULL, &response) != + if (winbindd_request_response(WINBINDD_DOMAIN_NAME, NULL, &response) != NSS_STATUS_SUCCESS) { d_fprintf(stderr, "could not obtain winbind domain name!\n"); @@ -136,7 +136,7 @@ static BOOL wbinfo_get_userinfo(char *user) fstrcpy(request.data.username, user); - result = winbindd_request(WINBINDD_GETPWNAM, &request, &response); + result = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response); if (result != NSS_STATUS_SUCCESS) return False; @@ -165,7 +165,7 @@ static BOOL wbinfo_get_uidinfo(int uid) request.data.uid = uid; - result = winbindd_request(WINBINDD_GETPWUID, &request, &response); + result = winbindd_request_response(WINBINDD_GETPWUID, &request, &response); if (result != NSS_STATUS_SUCCESS) return False; @@ -196,7 +196,7 @@ static BOOL wbinfo_get_groupinfo(char *group) fstrcpy(request.data.groupname, group); - result = winbindd_request(WINBINDD_GETGRNAM, &request, + result = winbindd_request_response(WINBINDD_GETGRNAM, &request, &response); if ( result != NSS_STATUS_SUCCESS) @@ -226,7 +226,7 @@ static BOOL wbinfo_get_usergroups(char *user) fstrcpy(request.data.username, user); - result = winbindd_request(WINBINDD_GETGROUPS, &request, &response); + result = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response); if (result != NSS_STATUS_SUCCESS) return False; @@ -255,7 +255,7 @@ static BOOL wbinfo_get_usersids(char *user_sid) /* Send request */ fstrcpy(request.data.sid, user_sid); - result = winbindd_request(WINBINDD_GETUSERSIDS, &request, &response); + result = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response); if (result != NSS_STATUS_SUCCESS) return False; @@ -283,7 +283,7 @@ static BOOL wbinfo_get_userdomgroups(const char *user_sid) /* Send request */ fstrcpy(request.data.sid, user_sid); - result = winbindd_request(WINBINDD_GETUSERDOMGROUPS, &request, + result = winbindd_request_response(WINBINDD_GETUSERDOMGROUPS, &request, &response); if (result != NSS_STATUS_SUCCESS) @@ -311,7 +311,7 @@ static BOOL wbinfo_wins_byname(char *name) fstrcpy(request.data.winsreq, name); - if (winbindd_request(WINBINDD_WINS_BYNAME, &request, &response) != + if (winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response) != NSS_STATUS_SUCCESS) { return False; } @@ -337,7 +337,7 @@ static BOOL wbinfo_wins_byip(char *ip) fstrcpy(request.data.winsreq, ip); - if (winbindd_request(WINBINDD_WINS_BYIP, &request, &response) != + if (winbindd_request_response(WINBINDD_WINS_BYIP, &request, &response) != NSS_STATUS_SUCCESS) { return False; } @@ -363,7 +363,7 @@ static BOOL wbinfo_list_domains(BOOL list_all_domains) request.data.list_all_domains = list_all_domains; - if (winbindd_request(WINBINDD_LIST_TRUSTDOM, &request, &response) != + if (winbindd_request_response(WINBINDD_LIST_TRUSTDOM, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -414,7 +414,7 @@ static BOOL wbinfo_show_sequence(const char *domain) /* Send request */ - if (winbindd_request(WINBINDD_SHOW_SEQUENCE, &request, &response) != + if (winbindd_request_response(WINBINDD_SHOW_SEQUENCE, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -446,7 +446,7 @@ static BOOL wbinfo_domain_info(const char *domain_name) /* Send request */ - if (winbindd_request(WINBINDD_DOMAIN_INFO, &request, &response) != + if (winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -483,7 +483,7 @@ static BOOL wbinfo_getdcname(const char *domain_name) /* Send request */ - if (winbindd_request(WINBINDD_GETDCNAME, &request, &response) != + if (winbindd_request_response(WINBINDD_GETDCNAME, &request, &response) != NSS_STATUS_SUCCESS) { d_fprintf(stderr, "Could not get dc name for %s\n", domain_name); return False; @@ -505,7 +505,7 @@ static BOOL wbinfo_check_secret(void) ZERO_STRUCT(response); - result = winbindd_request(WINBINDD_CHECK_MACHACC, NULL, &response); + result = winbindd_request_response(WINBINDD_CHECK_MACHACC, NULL, &response); d_printf("checking the trust secret via RPC calls %s\n", (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); @@ -532,7 +532,7 @@ static BOOL wbinfo_uid_to_sid(uid_t uid) request.data.uid = uid; - if (winbindd_request(WINBINDD_UID_TO_SID, &request, &response) != + if (winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -557,7 +557,7 @@ static BOOL wbinfo_gid_to_sid(gid_t gid) request.data.gid = gid; - if (winbindd_request(WINBINDD_GID_TO_SID, &request, &response) != + if (winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -582,7 +582,7 @@ static BOOL wbinfo_sid_to_uid(char *sid) fstrcpy(request.data.sid, sid); - if (winbindd_request(WINBINDD_SID_TO_UID, &request, &response) != + if (winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -605,7 +605,7 @@ static BOOL wbinfo_sid_to_gid(char *sid) fstrcpy(request.data.sid, sid); - if (winbindd_request(WINBINDD_SID_TO_GID, &request, &response) != + if (winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -630,7 +630,7 @@ static BOOL wbinfo_lookupsid(char *sid) fstrcpy(request.data.sid, sid); - if (winbindd_request(WINBINDD_LOOKUPSID, &request, &response) != + if (winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -674,7 +674,7 @@ static BOOL wbinfo_lookupname(char *name) parse_wbinfo_domain_user(name, request.data.name.dom_name, request.data.name.name); - if (winbindd_request(WINBINDD_LOOKUPNAME, &request, &response) != + if (winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -687,7 +687,7 @@ static BOOL wbinfo_lookupname(char *name) /* Authenticate a user with a plaintext password */ -static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags) +static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32_t flags) { struct winbindd_request request; struct winbindd_response response; @@ -715,7 +715,7 @@ static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags) request.data.auth.uid = geteuid(); - result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response); + result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response); /* Display response */ @@ -770,7 +770,7 @@ static BOOL wbinfo_auth(char *username) } else fstrcpy(request.data.auth.user, username); - result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response); + result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response); /* Display response */ @@ -877,7 +877,7 @@ static BOOL wbinfo_auth_crap(char *username) request.data.auth_crap.nt_resp_len = 24; } - result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response); + result = winbindd_request_response(WINBINDD_PAM_AUTH_CRAP, &request, &response); /* Display response */ @@ -915,7 +915,7 @@ static BOOL print_domain_users(const char *domain) fstrcpy( request.domain_name, domain ); } - if (winbindd_request(WINBINDD_LIST_USERS, &request, &response) != + if (winbindd_request_response(WINBINDD_LIST_USERS, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -953,7 +953,7 @@ static BOOL print_domain_groups(const char *domain) fstrcpy( request.domain_name, domain ); } - if (winbindd_request(WINBINDD_LIST_GROUPS, &request, &response) != + if (winbindd_request_response(WINBINDD_LIST_GROUPS, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -976,7 +976,7 @@ static BOOL wbinfo_ping(void) { NSS_STATUS result; - result = winbindd_request(WINBINDD_PING, NULL, NULL); + result = winbindd_request_response(WINBINDD_PING, NULL, NULL); /* Display response */ @@ -1231,7 +1231,7 @@ int main(int argc, char **argv, char **envp) break; } case 'K': { - uint32 flags = WBFLAG_PAM_KRB5 | + uint32_t flags = WBFLAG_PAM_KRB5 | WBFLAG_PAM_CACHED_LOGIN | WBFLAG_PAM_FALLBACK_AFTER_KRB5 | WBFLAG_PAM_INFO3_TEXT; -- cgit From e0ea2c9b9fcb681b60df8baf047bc99724f9426a Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 19 Sep 2007 19:09:02 +0000 Subject: r25242: remove sequence_number out of WINBINDD_DOMAIN_INFO call as this is always answered by the winbindd parent and will most times return old sequence number values. metze (This used to be commit af259f35f22ea24c1b2f2e007998bfa0bb58f6f6) --- source4/nsswitch/wbinfo.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index 46e4668dbe..b4d7b95b6d 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -465,8 +465,6 @@ static BOOL wbinfo_domain_info(const char *domain_name) d_printf("Primary : %s\n", response.data.domain_info.primary ? "Yes" : "No"); - d_printf("Sequence : %d\n", response.data.domain_info.sequence_number); - return True; } -- cgit From 37d53832a4623653f706e77985a79d84bd7c6694 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 28 Sep 2007 01:17:46 +0000 Subject: r25398: Parse loadparm context to all lp_*() functions. (This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238) --- source4/nsswitch/wbinfo.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index b4d7b95b6d..cf4dceec6d 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -52,7 +52,7 @@ static char winbind_separator_int(BOOL strict) return 0; } /* HACK: (this module should not call lp_ funtions) */ - return *lp_winbind_separator(); + return *lp_winbind_separator(global_loadparm); } sep = response.data.info.winbind_separator; @@ -64,7 +64,7 @@ static char winbind_separator_int(BOOL strict) return 0; } /* HACK: (this module should not call lp_ funtions) */ - sep = *lp_winbind_separator(); + sep = *lp_winbind_separator(global_loadparm); } return sep; @@ -89,7 +89,7 @@ static const char *get_winbind_domain(void) d_fprintf(stderr, "could not obtain winbind domain name!\n"); /* HACK: (this module should not call lp_ funtions) */ - return lp_workgroup(); + return lp_workgroup(global_loadparm); } fstrcpy(winbind_domain, response.data.domain_name); @@ -819,7 +819,7 @@ static BOOL wbinfo_auth_crap(char *username) generate_random_buffer(request.data.auth_crap.chal, 8); - if (lp_client_ntlmv2_auth()) { + if (lp_client_ntlmv2_auth(global_loadparm)) { DATA_BLOB server_chal; DATA_BLOB names_blob; @@ -836,7 +836,7 @@ static BOOL wbinfo_auth_crap(char *username) server_chal = data_blob(request.data.auth_crap.chal, 8); /* Pretend this is a login to 'us', for blob purposes */ - names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(), lp_workgroup()); + names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(global_loadparm), lp_workgroup(global_loadparm)); if (!SMBNTLMv2encrypt(mem_ctx, name_user, name_domain, pass, &server_chal, &names_blob, @@ -862,7 +862,7 @@ static BOOL wbinfo_auth_crap(char *username) data_blob_free(&lm_response); } else { - if (lp_client_lanman_auth() + if (lp_client_lanman_auth(global_loadparm) && SMBencrypt(pass, request.data.auth_crap.chal, (unsigned char *)request.data.auth_crap.lm_resp)) { request.data.auth_crap.lm_resp_len = 24; -- cgit From 2151cde58014ea2e822c13d2f8a369b45dc19ca8 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 6 Oct 2007 22:28:14 +0000 Subject: r25554: Convert last instances of BOOL, True and False to the standard types. (This used to be commit 566aa14139510788548a874e9213d91317f83ca9) --- source4/nsswitch/wbinfo.c | 170 +++++++++++++++++++++++----------------------- 1 file changed, 85 insertions(+), 85 deletions(-) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index cf4dceec6d..4538911f97 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -32,10 +32,10 @@ extern int winbindd_fd; -static char winbind_separator_int(BOOL strict) +static char winbind_separator_int(bool strict) { struct winbindd_response response; - static BOOL got_sep; + static bool got_sep; static char sep; if (got_sep) @@ -56,7 +56,7 @@ static char winbind_separator_int(BOOL strict) } sep = response.data.info.winbind_separator; - got_sep = True; + got_sep = true; if (!sep) { d_fprintf(stderr, "winbind separator was NULL!\n"); @@ -72,7 +72,7 @@ static char winbind_separator_int(BOOL strict) static char winbind_separator(void) { - return winbind_separator_int(False); + return winbind_separator_int(false); } static const char *get_winbind_domain(void) @@ -101,7 +101,7 @@ static const char *get_winbind_domain(void) /* Copy of parse_domain_user from winbindd_util.c. Parse a string of the form DOMAIN/user into a domain and a user */ -static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, +static bool parse_wbinfo_domain_user(const char *domuser, fstring domain, fstring user) { @@ -110,7 +110,7 @@ static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, if (!p) { fstrcpy(user, domuser); fstrcpy(domain, get_winbind_domain()); - return True; + return true; } fstrcpy(user, p+1); @@ -118,12 +118,12 @@ static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, domain[PTR_DIFF(p, domuser)] = 0; strupper_m(domain); - return True; + return true; } /* pull pwent info for a given user */ -static BOOL wbinfo_get_userinfo(char *user) +static bool wbinfo_get_userinfo(char *user) { struct winbindd_request request; struct winbindd_response response; @@ -139,7 +139,7 @@ static BOOL wbinfo_get_userinfo(char *user) result = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; d_printf( "%s:%s:%d:%d:%s:%s:%s\n", response.data.pw.pw_name, @@ -150,11 +150,11 @@ static BOOL wbinfo_get_userinfo(char *user) response.data.pw.pw_dir, response.data.pw.pw_shell ); - return True; + return true; } /* pull pwent info for a given uid */ -static BOOL wbinfo_get_uidinfo(int uid) +static bool wbinfo_get_uidinfo(int uid) { struct winbindd_request request; struct winbindd_response response; @@ -168,7 +168,7 @@ static BOOL wbinfo_get_uidinfo(int uid) result = winbindd_request_response(WINBINDD_GETPWUID, &request, &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; d_printf( "%s:%s:%d:%d:%s:%s:%s\n", response.data.pw.pw_name, @@ -179,11 +179,11 @@ static BOOL wbinfo_get_uidinfo(int uid) response.data.pw.pw_dir, response.data.pw.pw_shell ); - return True; + return true; } /* pull grent for a given group */ -static BOOL wbinfo_get_groupinfo(char *group) +static bool wbinfo_get_groupinfo(char *group) { struct winbindd_request request; struct winbindd_response response; @@ -200,19 +200,19 @@ static BOOL wbinfo_get_groupinfo(char *group) &response); if ( result != NSS_STATUS_SUCCESS) - return False; + return false; d_printf( "%s:%s:%d\n", response.data.gr.gr_name, response.data.gr.gr_passwd, response.data.gr.gr_gid ); - return True; + return true; } /* List groups a user is a member of */ -static BOOL wbinfo_get_usergroups(char *user) +static bool wbinfo_get_usergroups(char *user) { struct winbindd_request request; struct winbindd_response response; @@ -229,19 +229,19 @@ static BOOL wbinfo_get_usergroups(char *user) result = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; for (i = 0; i < response.data.num_entries; i++) d_printf("%d\n", (int)((gid_t *)response.extra_data.data)[i]); SAFE_FREE(response.extra_data.data); - return True; + return true; } /* List group SIDs a user SID is a member of */ -static BOOL wbinfo_get_usersids(char *user_sid) +static bool wbinfo_get_usersids(char *user_sid) { struct winbindd_request request; struct winbindd_response response; @@ -258,7 +258,7 @@ static BOOL wbinfo_get_usersids(char *user_sid) result = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; s = (const char *)response.extra_data.data; for (i = 0; i < response.data.num_entries; i++) { @@ -268,10 +268,10 @@ static BOOL wbinfo_get_usersids(char *user_sid) SAFE_FREE(response.extra_data.data); - return True; + return true; } -static BOOL wbinfo_get_userdomgroups(const char *user_sid) +static bool wbinfo_get_userdomgroups(const char *user_sid) { struct winbindd_request request; struct winbindd_response response; @@ -287,19 +287,19 @@ static BOOL wbinfo_get_userdomgroups(const char *user_sid) &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; if (response.data.num_entries != 0) printf("%s", (char *)response.extra_data.data); SAFE_FREE(response.extra_data.data); - return True; + return true; } /* Convert NetBIOS name to IP */ -static BOOL wbinfo_wins_byname(char *name) +static bool wbinfo_wins_byname(char *name) { struct winbindd_request request; struct winbindd_response response; @@ -313,19 +313,19 @@ static BOOL wbinfo_wins_byname(char *name) if (winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response) != NSS_STATUS_SUCCESS) { - return False; + return false; } /* Display response */ d_printf("%s\n", response.data.winsresp); - return True; + return true; } /* Convert IP to NetBIOS name */ -static BOOL wbinfo_wins_byip(char *ip) +static bool wbinfo_wins_byip(char *ip) { struct winbindd_request request; struct winbindd_response response; @@ -339,19 +339,19 @@ static BOOL wbinfo_wins_byip(char *ip) if (winbindd_request_response(WINBINDD_WINS_BYIP, &request, &response) != NSS_STATUS_SUCCESS) { - return False; + return false; } /* Display response */ d_printf("%s\n", response.data.winsresp); - return True; + return true; } /* List trusted domains */ -static BOOL wbinfo_list_domains(BOOL list_all_domains) +static bool wbinfo_list_domains(bool list_all_domains) { struct winbindd_request request; struct winbindd_response response; @@ -365,7 +365,7 @@ static BOOL wbinfo_list_domains(BOOL list_all_domains) if (winbindd_request_response(WINBINDD_LIST_TRUSTDOM, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ @@ -379,7 +379,7 @@ static BOOL wbinfo_list_domains(BOOL list_all_domains) if (p == 0) { d_fprintf(stderr, "Got invalid response: %s\n", extra_data); - return False; + return false; } *p = 0; d_printf("%s\n", name); @@ -388,20 +388,20 @@ static BOOL wbinfo_list_domains(BOOL list_all_domains) SAFE_FREE(response.extra_data.data); } - return True; + return true; } /* List own domain */ -static BOOL wbinfo_list_own_domain(void) +static bool wbinfo_list_own_domain(void) { d_printf("%s\n", get_winbind_domain()); - return True; + return true; } /* show sequence numbers */ -static BOOL wbinfo_show_sequence(const char *domain) +static bool wbinfo_show_sequence(const char *domain) { struct winbindd_request request; struct winbindd_response response; @@ -416,7 +416,7 @@ static BOOL wbinfo_show_sequence(const char *domain) if (winbindd_request_response(WINBINDD_SHOW_SEQUENCE, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ @@ -426,12 +426,12 @@ static BOOL wbinfo_show_sequence(const char *domain) SAFE_FREE(response.extra_data.data); } - return True; + return true; } /* Show domain info */ -static BOOL wbinfo_domain_info(const char *domain_name) +static bool wbinfo_domain_info(const char *domain_name) { struct winbindd_request request; struct winbindd_response response; @@ -448,7 +448,7 @@ static BOOL wbinfo_domain_info(const char *domain_name) if (winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ @@ -465,11 +465,11 @@ static BOOL wbinfo_domain_info(const char *domain_name) d_printf("Primary : %s\n", response.data.domain_info.primary ? "Yes" : "No"); - return True; + return true; } /* Get a foreign DC's name */ -static BOOL wbinfo_getdcname(const char *domain_name) +static bool wbinfo_getdcname(const char *domain_name) { struct winbindd_request request; struct winbindd_response response; @@ -484,19 +484,19 @@ static BOOL wbinfo_getdcname(const char *domain_name) if (winbindd_request_response(WINBINDD_GETDCNAME, &request, &response) != NSS_STATUS_SUCCESS) { d_fprintf(stderr, "Could not get dc name for %s\n", domain_name); - return False; + return false; } /* Display response */ d_printf("%s\n", response.data.dc_name); - return True; + return true; } /* Check trust account password */ -static BOOL wbinfo_check_secret(void) +static bool wbinfo_check_secret(void) { struct winbindd_response response; NSS_STATUS result; @@ -518,7 +518,7 @@ static BOOL wbinfo_check_secret(void) /* Convert uid to sid */ -static BOOL wbinfo_uid_to_sid(uid_t uid) +static bool wbinfo_uid_to_sid(uid_t uid) { struct winbindd_request request; struct winbindd_response response; @@ -532,18 +532,18 @@ static BOOL wbinfo_uid_to_sid(uid_t uid) if (winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%s\n", response.data.sid.sid); - return True; + return true; } /* Convert gid to sid */ -static BOOL wbinfo_gid_to_sid(gid_t gid) +static bool wbinfo_gid_to_sid(gid_t gid) { struct winbindd_request request; struct winbindd_response response; @@ -557,18 +557,18 @@ static BOOL wbinfo_gid_to_sid(gid_t gid) if (winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%s\n", response.data.sid.sid); - return True; + return true; } /* Convert sid to uid */ -static BOOL wbinfo_sid_to_uid(char *sid) +static bool wbinfo_sid_to_uid(char *sid) { struct winbindd_request request; struct winbindd_response response; @@ -582,16 +582,16 @@ static BOOL wbinfo_sid_to_uid(char *sid) if (winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%d\n", (int)response.data.uid); - return True; + return true; } -static BOOL wbinfo_sid_to_gid(char *sid) +static bool wbinfo_sid_to_gid(char *sid) { struct winbindd_request request; struct winbindd_response response; @@ -605,18 +605,18 @@ static BOOL wbinfo_sid_to_gid(char *sid) if (winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%d\n", (int)response.data.gid); - return True; + return true; } /* Convert sid to string */ -static BOOL wbinfo_lookupsid(char *sid) +static bool wbinfo_lookupsid(char *sid) { struct winbindd_request request; struct winbindd_response response; @@ -630,7 +630,7 @@ static BOOL wbinfo_lookupsid(char *sid) if (winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ @@ -638,7 +638,7 @@ static BOOL wbinfo_lookupsid(char *sid) winbind_separator(), response.data.name.name, response.data.name.type); - return True; + return true; } static const char *sid_type_lookup(enum lsa_SidType r) @@ -659,7 +659,7 @@ static const char *sid_type_lookup(enum lsa_SidType r) /* Convert string to sid */ -static BOOL wbinfo_lookupname(char *name) +static bool wbinfo_lookupname(char *name) { struct winbindd_request request; struct winbindd_response response; @@ -674,18 +674,18 @@ static BOOL wbinfo_lookupname(char *name) if (winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%s %s (%d)\n", response.data.sid.sid, sid_type_lookup(response.data.sid.type), response.data.sid.type); - return True; + return true; } /* Authenticate a user with a plaintext password */ -static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32_t flags) +static bool wbinfo_auth_krb5(char *username, const char *cctype, uint32_t flags) { struct winbindd_request request; struct winbindd_response response; @@ -746,7 +746,7 @@ static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32_t flags) /* Authenticate a user with a plaintext password */ -static BOOL wbinfo_auth(char *username) +static bool wbinfo_auth(char *username) { struct winbindd_request request; struct winbindd_response response; @@ -786,7 +786,7 @@ static BOOL wbinfo_auth(char *username) /* Authenticate a user with a challenge/response */ -static BOOL wbinfo_auth_crap(char *username) +static bool wbinfo_auth_crap(char *username) { struct winbindd_request request; struct winbindd_response response; @@ -830,7 +830,7 @@ static BOOL wbinfo_auth_crap(char *username) mem_ctx = talloc_new(NULL); if (mem_ctx == NULL) { d_printf("talloc_new failed\n"); - return False; + return false; } server_chal = data_blob(request.data.auth_crap.chal, 8); @@ -843,7 +843,7 @@ static BOOL wbinfo_auth_crap(char *username) &lm_response, &nt_response, NULL, NULL)) { data_blob_free(&names_blob); data_blob_free(&server_chal); - return False; + return false; } data_blob_free(&names_blob); data_blob_free(&server_chal); @@ -893,7 +893,7 @@ static BOOL wbinfo_auth_crap(char *username) /* Print domain users */ -static BOOL print_domain_users(const char *domain) +static bool print_domain_users(const char *domain) { struct winbindd_request request; struct winbindd_response response; @@ -915,12 +915,12 @@ static BOOL print_domain_users(const char *domain) if (winbindd_request_response(WINBINDD_LIST_USERS, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Look through extra data */ if (!response.extra_data.data) - return False; + return false; extra_data = (const char *)response.extra_data.data; @@ -929,12 +929,12 @@ static BOOL print_domain_users(const char *domain) SAFE_FREE(response.extra_data.data); - return True; + return true; } /* Print domain groups */ -static BOOL print_domain_groups(const char *domain) +static bool print_domain_groups(const char *domain) { struct winbindd_request request; struct winbindd_response response; @@ -953,12 +953,12 @@ static BOOL print_domain_groups(const char *domain) if (winbindd_request_response(WINBINDD_LIST_GROUPS, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Look through extra data */ if (!response.extra_data.data) - return False; + return false; extra_data = (const char *)response.extra_data.data; @@ -967,10 +967,10 @@ static BOOL print_domain_groups(const char *domain) SAFE_FREE(response.extra_data.data); - return True; + return true; } -static BOOL wbinfo_ping(void) +static bool wbinfo_ping(void) { NSS_STATUS result; @@ -1150,7 +1150,7 @@ int main(int argc, char **argv, char **envp) } break; case 'm': - if (!wbinfo_list_domains(False)) { + if (!wbinfo_list_domains(false)) { d_fprintf(stderr, "Could not list trusted domains\n"); goto done; } @@ -1210,18 +1210,18 @@ int main(int argc, char **argv, char **envp) } break; case 'a': { - BOOL got_error = False; + bool got_error = false; if (!wbinfo_auth(string_arg)) { d_fprintf(stderr, "Could not authenticate user %s with " "plaintext password\n", string_arg); - got_error = True; + got_error = true; } if (!wbinfo_auth_crap(string_arg)) { d_fprintf(stderr, "Could not authenticate user %s with " "challenge/response\n", string_arg); - got_error = True; + got_error = true; } if (got_error) @@ -1253,7 +1253,7 @@ int main(int argc, char **argv, char **envp) } break; case OPT_SEPARATOR: { - const char sep = winbind_separator_int(True); + const char sep = winbind_separator_int(true); if ( !sep ) { goto done; } @@ -1261,7 +1261,7 @@ int main(int argc, char **argv, char **envp) break; } case OPT_LIST_ALL_DOMAINS: - if (!wbinfo_list_domains(True)) { + if (!wbinfo_list_domains(true)) { goto done; } break; -- cgit From b83a7a135f3247f553cb04173646b2d871b97235 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 3 Dec 2007 21:25:17 +0100 Subject: r26268: Avoid more use of global_loadparm - put lp_ctx in smb_server and wbsrv_connection. (This used to be commit 7c008664238ed966cb82adf5b25b22157bb50730) --- source4/nsswitch/wbinfo.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index 4538911f97..4303f36e4a 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -786,7 +786,7 @@ static bool wbinfo_auth(char *username) /* Authenticate a user with a challenge/response */ -static bool wbinfo_auth_crap(char *username) +static bool wbinfo_auth_crap(struct loadparm_context *lp_ctx, char *username) { struct winbindd_request request; struct winbindd_response response; @@ -819,7 +819,7 @@ static bool wbinfo_auth_crap(char *username) generate_random_buffer(request.data.auth_crap.chal, 8); - if (lp_client_ntlmv2_auth(global_loadparm)) { + if (lp_client_ntlmv2_auth(lp_ctx)) { DATA_BLOB server_chal; DATA_BLOB names_blob; @@ -836,7 +836,7 @@ static bool wbinfo_auth_crap(char *username) server_chal = data_blob(request.data.auth_crap.chal, 8); /* Pretend this is a login to 'us', for blob purposes */ - names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(global_loadparm), lp_workgroup(global_loadparm)); + names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(lp_ctx), lp_workgroup(lp_ctx)); if (!SMBNTLMv2encrypt(mem_ctx, name_user, name_domain, pass, &server_chal, &names_blob, @@ -862,7 +862,7 @@ static bool wbinfo_auth_crap(char *username) data_blob_free(&lm_response); } else { - if (lp_client_lanman_auth(global_loadparm) + if (lp_client_lanman_auth(lp_ctx) && SMBencrypt(pass, request.data.auth_crap.chal, (unsigned char *)request.data.auth_crap.lm_resp)) { request.data.auth_crap.lm_resp_len = 24; @@ -1218,7 +1218,7 @@ int main(int argc, char **argv, char **envp) got_error = true; } - if (!wbinfo_auth_crap(string_arg)) { + if (!wbinfo_auth_crap(global_loadparm, string_arg)) { d_fprintf(stderr, "Could not authenticate user %s with " "challenge/response\n", string_arg); got_error = true; -- cgit From b65dba2245bf382c47d65c95ac9b1efa43918fc0 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 10 Dec 2007 04:33:16 +0100 Subject: r26355: Eliminate global_loadparm in more places. (This used to be commit 5d589a0d94bd76a9b4c9fc748854e8098ea43c4d) --- source4/nsswitch/wbinfo.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index 4303f36e4a..144c279279 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -52,7 +52,7 @@ static char winbind_separator_int(bool strict) return 0; } /* HACK: (this module should not call lp_ funtions) */ - return *lp_winbind_separator(global_loadparm); + return *lp_winbind_separator(cmdline_lp_ctx); } sep = response.data.info.winbind_separator; @@ -64,7 +64,7 @@ static char winbind_separator_int(bool strict) return 0; } /* HACK: (this module should not call lp_ funtions) */ - sep = *lp_winbind_separator(global_loadparm); + sep = *lp_winbind_separator(cmdline_lp_ctx); } return sep; @@ -89,7 +89,7 @@ static const char *get_winbind_domain(void) d_fprintf(stderr, "could not obtain winbind domain name!\n"); /* HACK: (this module should not call lp_ funtions) */ - return lp_workgroup(global_loadparm); + return lp_workgroup(cmdline_lp_ctx); } fstrcpy(winbind_domain, response.data.domain_name); @@ -1218,7 +1218,7 @@ int main(int argc, char **argv, char **envp) got_error = true; } - if (!wbinfo_auth_crap(global_loadparm, string_arg)) { + if (!wbinfo_auth_crap(cmdline_lp_ctx, string_arg)) { d_fprintf(stderr, "Could not authenticate user %s with " "challenge/response\n", string_arg); got_error = true; -- cgit From 35c597161b8af4b39e2c99b35b6782010b3dcb78 Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Wed, 26 Dec 2007 10:56:24 +0100 Subject: wbinfo: Handle SID_NAME_COMPUTER in sid_type_lookup (This used to be commit 1abb2b471a11305ae7e0da403eca3cfe1fe1b016) --- source4/nsswitch/wbinfo.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index 144c279279..b2748833e6 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -653,6 +653,7 @@ static const char *sid_type_lookup(enum lsa_SidType r) case SID_NAME_DELETED: return "SID_NAME_DELETED"; break; case SID_NAME_INVALID: return "SID_NAME_INVALID"; break; case SID_NAME_UNKNOWN: return "SID_NAME_UNKNOWN"; break; + case SID_NAME_COMPUTER: return "SID_NAME_COMPUTER"; break; } return "Invalid sid type\n"; } -- cgit From 263a77c5618daddb0c1e4f0ad0a922bca55faf0d Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 21 Feb 2008 15:45:32 +0100 Subject: Remove more uses of global_loadparm. (This used to be commit a1715b1f48ba44bd94844418cc9299649aaf1a5e) --- source4/nsswitch/wbinfo.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index b2748833e6..7ead27939e 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -837,7 +837,7 @@ static bool wbinfo_auth_crap(struct loadparm_context *lp_ctx, char *username) server_chal = data_blob(request.data.auth_crap.chal, 8); /* Pretend this is a login to 'us', for blob purposes */ - names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(lp_ctx), lp_workgroup(lp_ctx)); + names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_iconv_convenience(lp_ctx), lp_netbios_name(lp_ctx), lp_workgroup(lp_ctx)); if (!SMBNTLMv2encrypt(mem_ctx, name_user, name_domain, pass, &server_chal, &names_blob, -- cgit From 936b973acbc756cc3b6cb0d9df85ebc28ba76ae7 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 27 May 2008 14:36:28 +0200 Subject: Use new dynconfig.h location. (This used to be commit c3f556915f09d078253e4c5539910a1cf420eeca) --- source4/nsswitch/wbinfo.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index 7ead27939e..21c178cc7b 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -27,7 +27,7 @@ #include "libcli/auth/libcli_auth.h" #include "libcli/security/security.h" #include "lib/cmdline/popt_common.h" -#include "dynconfig.h" +#include "dynconfig/dynconfig.h" #include "param/param.h" extern int winbindd_fd; -- cgit From 1dca64e26a1d79ec0311d340df1f07d9158fbbae Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Wed, 30 Apr 2008 08:15:34 +0200 Subject: wbinfo: Output string for sid type in lookupsid. (This used to be commit 8b4c7fb200598b7f747fc681f76d464760f693ee) --- source4/nsswitch/wbinfo.c | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) (limited to 'source4/nsswitch/wbinfo.c') diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index 21c178cc7b..150d9a68ee 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -614,6 +614,23 @@ static bool wbinfo_sid_to_gid(char *sid) return true; } +static const char *sid_type_lookup(enum lsa_SidType r) +{ + switch (r) { + case SID_NAME_USE_NONE: return "SID_NAME_USE_NONE"; break; + case SID_NAME_USER: return "SID_NAME_USER"; break; + case SID_NAME_DOM_GRP: return "SID_NAME_DOM_GRP"; break; + case SID_NAME_DOMAIN: return "SID_NAME_DOMAIN"; break; + case SID_NAME_ALIAS: return "SID_NAME_ALIAS"; break; + case SID_NAME_WKN_GRP: return "SID_NAME_WKN_GRP"; break; + case SID_NAME_DELETED: return "SID_NAME_DELETED"; break; + case SID_NAME_INVALID: return "SID_NAME_INVALID"; break; + case SID_NAME_UNKNOWN: return "SID_NAME_UNKNOWN"; break; + case SID_NAME_COMPUTER: return "SID_NAME_COMPUTER"; break; + } + return "Invalid sid type\n"; +} + /* Convert sid to string */ static bool wbinfo_lookupsid(char *sid) @@ -634,30 +651,13 @@ static bool wbinfo_lookupsid(char *sid) /* Display response */ - d_printf("%s%c%s %d\n", response.data.name.dom_name, - winbind_separator(), response.data.name.name, - response.data.name.type); + d_printf("%s%c%s %s\n", response.data.name.dom_name, + winbind_separator(), response.data.name.name, + sid_type_lookup(response.data.name.type)); return true; } -static const char *sid_type_lookup(enum lsa_SidType r) -{ - switch (r) { - case SID_NAME_USE_NONE: return "SID_NAME_USE_NONE"; break; - case SID_NAME_USER: return "SID_NAME_USER"; break; - case SID_NAME_DOM_GRP: return "SID_NAME_DOM_GRP"; break; - case SID_NAME_DOMAIN: return "SID_NAME_DOMAIN"; break; - case SID_NAME_ALIAS: return "SID_NAME_ALIAS"; break; - case SID_NAME_WKN_GRP: return "SID_NAME_WKN_GRP"; break; - case SID_NAME_DELETED: return "SID_NAME_DELETED"; break; - case SID_NAME_INVALID: return "SID_NAME_INVALID"; break; - case SID_NAME_UNKNOWN: return "SID_NAME_UNKNOWN"; break; - case SID_NAME_COMPUTER: return "SID_NAME_COMPUTER"; break; - } - return "Invalid sid type\n"; -} - /* Convert string to sid */ static bool wbinfo_lookupname(char *name) -- cgit