Changeset 988 for vendor/current/nsswitch
- Timestamp:
- Nov 24, 2016, 1:14:11 PM (9 years ago)
- Location:
- vendor/current/nsswitch
- Files:
-
- 11 added
- 1 deleted
- 29 edited
-
libwbclient/ABI (added)
-
libwbclient/ABI/wbclient-0.10.sigs (added)
-
libwbclient/ABI/wbclient-0.11.sigs (added)
-
libwbclient/ABI/wbclient-0.12.sigs (added)
-
libwbclient/ABI/wbclient-0.9.sigs (added)
-
libwbclient/tests/wbclient.c (modified) (41 diffs)
-
libwbclient/wbc_err_internal.h (modified) (2 diffs)
-
libwbclient/wbc_idmap.c (modified) (21 diffs)
-
libwbclient/wbc_pam.c (modified) (30 diffs)
-
libwbclient/wbc_pwd.c (modified) (28 diffs)
-
libwbclient/wbc_sid.c (modified) (27 diffs)
-
libwbclient/wbc_util.c (modified) (27 diffs)
-
libwbclient/wbclient.c (modified) (7 diffs)
-
libwbclient/wbclient.h (modified) (82 diffs)
-
libwbclient/wbclient.pc.in (added)
-
libwbclient/wbclient_internal.h (modified) (2 diffs)
-
libwbclient/wscript (added)
-
libwbclient/wscript_build (deleted)
-
nsstest.c (modified) (5 diffs)
-
pam_winbind.c (modified) (56 diffs)
-
pam_winbind.h (modified) (4 diffs)
-
tests/test_idmap_rfc2307.sh (added)
-
tests/test_rfc2307_mapping.sh (added)
-
tests/test_wbinfo.sh (modified) (5 diffs)
-
tests/test_wbinfo_simple.sh (added)
-
wb_common.c (modified) (36 diffs)
-
wbinfo.c (modified) (35 diffs)
-
winbind_client.h (modified) (2 diffs)
-
winbind_krb5_locator.c (modified) (1 diff)
-
winbind_nss_aix.c (modified) (10 diffs)
-
winbind_nss_config.h (modified) (2 diffs)
-
winbind_nss_freebsd.c (modified) (7 diffs)
-
winbind_nss_linux.c (modified) (22 diffs)
-
winbind_nss_netbsd.c (modified) (1 diff)
-
winbind_nss_solaris.c (modified) (8 diffs)
-
winbind_nss_solaris.h (modified) (1 diff)
-
winbind_struct_protocol.h (modified) (4 diffs)
-
wins.c (modified) (14 diffs)
-
wins_freebsd.c (added)
-
wscript_build (modified) (4 diffs)
-
wscript_configure (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/nsswitch/libwbclient/tests/wbclient.c
r740 r988 23 23 #include "lib/util/data_blob.h" 24 24 #include "lib/util/time.h" 25 #include "libcli/resolve/resolve.h" 25 26 #include "nsswitch/libwbclient/wbclient.h" 26 27 #include "torture/smbtorture.h" … … 29 30 #include "lib/util/charset/charset.h" 30 31 #include "libcli/auth/libcli_auth.h" 31 #include " source4/param/param.h"32 #include "lib/util/ util.h"32 #include "lib/param/param.h" 33 #include "lib/util/samba_util.h" 33 34 #include "lib/crypto/arcfour.h" 35 #include "auth/credentials/credentials.h" 36 #include "lib/cmdline/popt_common.h" 34 37 35 38 #define WBC_ERROR_EQUAL(x,y) (x == y) 36 39 37 #define torture_assert_wbc_equal(torture_ctx, got, expected, cmt )\40 #define torture_assert_wbc_equal(torture_ctx, got, expected, cmt, cmt_arg) \ 38 41 do { wbcErr __got = got, __expected = expected; \ 39 42 if (!WBC_ERROR_EQUAL(__got, __expected)) { \ 40 torture_result(torture_ctx, TORTURE_FAIL, __location__": "#got" was %s, expected %s: %s", wbcErrorString(__got), wbcErrorString(__expected), cmt); \43 torture_result(torture_ctx, TORTURE_FAIL, __location__": "#got" was %s, expected %s: " cmt, wbcErrorString(__got), wbcErrorString(__expected), cmt_arg); \ 41 44 return false; \ 42 45 } \ 43 46 } while (0) 44 47 45 #define torture_assert_wbc_ok(torture_ctx,expr,cmt )\46 torture_assert_wbc_equal(torture_ctx,expr,WBC_ERR_SUCCESS,cmt)48 #define torture_assert_wbc_ok(torture_ctx,expr,cmt,cmt_arg) \ 49 torture_assert_wbc_equal(torture_ctx,expr,WBC_ERR_SUCCESS,cmt,cmt_arg) 47 50 48 51 static bool test_wbc_ping(struct torture_context *tctx) 49 52 { 50 53 torture_assert_wbc_ok(tctx, wbcPing(), 51 " wbcPing failed");54 "%s", "wbcPing failed"); 52 55 53 56 return true; … … 56 59 static bool test_wbc_pingdc(struct torture_context *tctx) 57 60 { 58 torture_assert_wbc_equal(tctx, wbcPingDc("random_string", NULL), WBC_ERR_NOT_IMPLEMENTED, 59 "wbcPingDc failed"); 61 struct wbcInterfaceDetails *details; 62 63 torture_assert_wbc_equal(tctx, wbcPingDc("random_string", NULL), WBC_ERR_DOMAIN_NOT_FOUND, 64 "%s", "wbcPingDc failed"); 60 65 torture_assert_wbc_ok(tctx, wbcPingDc(NULL, NULL), 61 "wbcPingDc failed"); 66 "%s", "wbcPingDc failed"); 67 68 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details), 69 "%s", "wbcInterfaceDetails failed"); 70 torture_assert(tctx, details, 71 "wbcInterfaceDetails returned NULL pointer"); 72 torture_assert(tctx, details->netbios_domain, 73 "wbcInterfaceDetails returned NULL netbios_domain"); 74 75 torture_assert_wbc_ok(tctx, wbcPingDc(details->netbios_domain, NULL), 76 "wbcPingDc(%s) failed", details->netbios_domain); 77 78 torture_assert_wbc_ok(tctx, wbcPingDc("BUILTIN", NULL), 79 "%s", "wbcPingDc(BUILTIN) failed"); 80 81 wbcFreeMemory(details); 82 return true; 83 } 84 85 static bool test_wbc_pingdc2(struct torture_context *tctx) 86 { 87 struct wbcInterfaceDetails *details; 88 char *name = NULL; 89 90 torture_assert_wbc_equal(tctx, wbcPingDc2("random_string", NULL, &name), 91 WBC_ERR_DOMAIN_NOT_FOUND, "%s", 92 "wbcPingDc2 failed"); 93 torture_assert_wbc_ok(tctx, wbcPingDc2(NULL, NULL, &name), "%s", 94 "wbcPingDc2 failed"); 95 96 wbcFreeMemory(name); 97 98 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details), 99 "%s", "wbcInterfaceDetails failed"); 100 torture_assert(tctx, details, 101 "wbcInterfaceDetails returned NULL pointer"); 102 torture_assert(tctx, details->netbios_domain, 103 "wbcInterfaceDetails returned NULL netbios_domain"); 104 105 torture_assert_wbc_ok(tctx, wbcPingDc2(details->netbios_domain, NULL, &name), 106 "wbcPingDc2(%s) failed", details->netbios_domain); 107 wbcFreeMemory(name); 108 109 torture_assert_wbc_ok(tctx, wbcPingDc2("BUILTIN", NULL, &name), 110 "%s", "wbcPingDc2(BUILTIN) failed"); 111 wbcFreeMemory(name); 112 113 wbcFreeMemory(details); 62 114 63 115 return true; … … 69 121 70 122 torture_assert_wbc_ok(tctx, wbcLibraryDetails(&details), 71 " wbcLibraryDetails failed");123 "%s", "wbcLibraryDetails failed"); 72 124 torture_assert(tctx, details, 73 125 "wbcLibraryDetails returned NULL pointer"); … … 83 135 84 136 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details), 85 " wbcInterfaceDetails failed");137 "%s", "wbcInterfaceDetails failed"); 86 138 torture_assert(tctx, details, 87 "wbcInterfaceDetails returned NULL pointer");139 "wbcInterfaceDetails returned NULL pointer"); 88 140 89 141 wbcFreeMemory(details); … … 113 165 "SID_UNKNOWN", "SID_UNKNOWN failed"); 114 166 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_COMPUTER), 115 "SID_COMPUTER", "SID_COMPUTER failed");167 "SID_COMPUTER", "SID_COMPUTER failed"); 116 168 return true; 117 169 } … … 124 176 125 177 torture_assert_wbc_ok(tctx, wbcStringToSid(sid_string, &sid), 126 "wbcStringToSid failed");178 "wbcStringToSid of %s failed", sid_string); 127 179 torture_assert_wbc_ok(tctx, wbcSidToString(&sid, &sid_string2), 128 "wbcSidToString failed");180 "wbcSidToString of %s failed", sid_string); 129 181 torture_assert_str_equal(tctx, sid_string, sid_string2, 130 182 "sid strings differ"); … … 141 193 142 194 torture_assert_wbc_ok(tctx, wbcStringToGuid(guid_string, &guid), 143 "wbcStringToGuid failed");195 "wbcStringToGuid of %s failed", guid_string); 144 196 torture_assert_wbc_ok(tctx, wbcGuidToString(&guid, &guid_string2), 145 "wbcGuidToString failed");197 "wbcGuidToString of %s failed", guid_string); 146 198 torture_assert_str_equal(tctx, guid_string, guid_string2, 147 "guid strings differ");199 "guid strings differ"); 148 200 wbcFreeMemory(guid_string2); 149 201 … … 157 209 158 210 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details), 159 " wbcInterfaceDetails failed");211 "%s", "wbcInterfaceDetails failed"); 160 212 torture_assert_wbc_ok( 161 213 tctx, wbcDomainInfo(details->netbios_domain, &info), 162 " wbcDomainInfo failed");214 "%s", "wbcDomainInfo failed"); 163 215 wbcFreeMemory(details); 164 216 … … 179 231 180 232 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details), 181 " wbcInterfaceDetails failed");233 "%s", "wbcInterfaceDetails failed"); 182 234 183 235 domain_name = talloc_strdup(tctx, details->netbios_domain); … … 185 237 186 238 torture_assert_wbc_ok(tctx, wbcListUsers(domain_name, &num_users, &users), 187 " wbcListUsers failed");239 "%s", "wbcListUsers failed"); 188 240 torture_assert(tctx, !(num_users > 0 && !users), 189 241 "wbcListUsers returned invalid results"); … … 195 247 char *domain; 196 248 char *name; 249 char *sid_string; 197 250 uint32_t num_sids; 198 251 199 252 torture_assert_wbc_ok(tctx, wbcLookupName(domain_name, users[i], &sid, &name_type), 200 "wbcLookupName failed");253 "wbcLookupName of %s failed", users[i]); 201 254 torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_USER, 202 "wbcLookupName expected WBC_SID_NAME_USER"); 255 "wbcLookupName expected WBC_SID_NAME_USER"); 256 wbcSidToString(&sid, &sid_string); 203 257 torture_assert_wbc_ok(tctx, wbcLookupSid(&sid, &domain, &name, &name_type), 204 "wbcLookupSid failed");258 "wbcLookupSid of %s failed", sid_string); 205 259 torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_USER, 206 "wbcLookupSidexpected WBC_SID_NAME_USER");260 "wbcLookupSid of expected WBC_SID_NAME_USER"); 207 261 torture_assert(tctx, name, 208 262 "wbcLookupSid returned no name"); … … 210 264 wbcFreeMemory(name); 211 265 torture_assert_wbc_ok(tctx, wbcLookupUserSids(&sid, true, &num_sids, &sids), 212 "wbcLookupUserSids failed");266 "wbcLookupUserSids of %s failed", sid_string); 213 267 torture_assert_wbc_ok( 214 268 tctx, wbcGetDisplayName(&sid, &domain, &name, 215 269 &name_type), 216 "wbcGetDisplayName failed");270 "wbcGetDisplayName of %s failed", sid_string); 217 271 wbcFreeMemory(domain); 218 272 wbcFreeMemory(name); 219 273 wbcFreeMemory(sids); 274 wbcFreeMemory(sid_string); 220 275 } 221 276 wbcFreeMemory(users); … … 233 288 234 289 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details), 235 "wbcInterfaceDetails failed");290 "%s", "wbcInterfaceDetails failed"); 236 291 237 292 domain_name = talloc_strdup(tctx, details->netbios_domain); … … 239 294 240 295 torture_assert_wbc_ok(tctx, wbcListGroups(domain_name, &num_groups, &groups), 241 "wbcListGroups failed");296 "wbcListGroups in %s failed", domain_name); 242 297 torture_assert(tctx, !(num_groups > 0 && !groups), 243 "wbcListGroups returned invalid results");298 "wbcListGroups returned invalid results"); 244 299 245 300 for (i=0; i < MIN(num_groups,100); i++) { … … 249 304 char *domain; 250 305 char *name; 306 char *sid_string; 251 307 252 308 torture_assert_wbc_ok(tctx, wbcLookupName(domain_name, groups[i], &sid, &name_type), 253 "wbcLookupName failed"); 309 "wbcLookupName for %s failed", domain_name); 310 wbcSidToString(&sid, &sid_string); 254 311 torture_assert_wbc_ok(tctx, wbcLookupSid(&sid, &domain, &name, &name_type), 255 "wbcLookupSid failed"); 312 "wbcLookupSid of %s failed", sid_string); 313 wbcFreeMemory(sid_string); 256 314 torture_assert(tctx, name, 257 315 "wbcLookupSid returned no name"); … … 269 327 270 328 torture_assert_wbc_ok(tctx, wbcListTrusts(&domains, &num_domains), 271 "wbcListTrusts failed");329 "%s", "wbcListTrusts failed"); 272 330 torture_assert(tctx, !(num_domains > 0 && !domains), 273 331 "wbcListTrusts returned invalid results"); … … 283 341 */ 284 342 torture_assert_wbc_ok(tctx, wbcCheckTrustCredentials(domains[i].short_name, &error), 285 "wbcCheckTrustCredentials failed");343 "%s", "wbcCheckTrustCredentials failed"); 286 344 /* 287 345 torture_assert_wbc_ok(tctx, wbcLookupName(domains[i].short_name, NULL, &sid, &name_type), … … 309 367 310 368 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details), 311 " wbcInterfaceDetails failed");369 "%s", "wbcInterfaceDetails failed"); 312 370 313 371 domain_name = talloc_strdup(tctx, details->netbios_domain); … … 315 373 316 374 torture_assert_wbc_ok(tctx, wbcLookupDomainController(domain_name, 0, &dc_info), 317 "wbcLookupDomainController failed");375 "wbcLookupDomainController for %s failed", domain_name); 318 376 wbcFreeMemory(dc_info); 319 377 … … 328 386 329 387 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details), 330 " wbcInterfaceDetails failed");388 "%s", "wbcInterfaceDetails failed"); 331 389 332 390 domain_name = talloc_strdup(tctx, details->netbios_domain); … … 334 392 335 393 torture_assert_wbc_ok(tctx, wbcLookupDomainControllerEx(domain_name, NULL, NULL, 0, &dc_info), 336 "wbcLookupDomainControllerEx f ailed");394 "wbcLookupDomainControllerEx for %s failed", domain_name); 337 395 wbcFreeMemory(dc_info); 338 396 … … 348 406 name = torture_setting_string(tctx, "host", NULL); 349 407 408 torture_comment(tctx, "test-WinsByName: host='%s'\n", name); 409 350 410 ret = wbcResolveWinsByName(name, &ip); 351 411 352 412 if (is_ipaddress(name)) { 353 torture_assert_wbc_equal(tctx, ret, WBC_ERR_DOMAIN_NOT_FOUND, "wbcResolveWinsByName failed");413 torture_assert_wbc_equal(tctx, ret, WBC_ERR_DOMAIN_NOT_FOUND, "wbcResolveWinsByName of %s failed", name); 354 414 } else { 355 torture_assert_wbc_ok(tctx, ret, "wbcResolveWinsByName f ailed");415 torture_assert_wbc_ok(tctx, ret, "wbcResolveWinsByName for %s failed", name); 356 416 } 357 417 … … 362 422 { 363 423 const char *ip; 424 const char *host; 425 struct nbt_name nbt_name; 364 426 char *name; 365 427 wbcErr ret; 366 367 ip = torture_setting_string(tctx, "host", NULL); 428 NTSTATUS status; 429 430 host = torture_setting_string(tctx, "host", NULL); 431 432 torture_comment(tctx, "test-WinsByIp: host='%s'\n", host); 433 434 make_nbt_name_server(&nbt_name, host); 435 436 status = resolve_name_ex(lpcfg_resolve_context(tctx->lp_ctx), 437 0, 0, &nbt_name, tctx, &ip, tctx->ev); 438 torture_assert_ntstatus_ok(tctx, status, 439 talloc_asprintf(tctx,"Failed to resolve %s: %s", 440 nbt_name.name, nt_errstr(status))); 441 442 torture_comment(tctx, "test-WinsByIp: ip='%s'\n", ip); 368 443 369 444 ret = wbcResolveWinsByIP(ip, &name); 370 445 371 torture_assert_wbc_ok(tctx, ret, "wbcResolveWinsByIP f ailed");446 torture_assert_wbc_ok(tctx, ret, "wbcResolveWinsByIP for %s failed", ip); 372 447 373 448 wbcFreeMemory(name); … … 388 463 ret = wbcLookupRids(&builtin, 2, rids, &domain_name, &names, 389 464 &types); 390 torture_assert_wbc_ok(tctx, ret, " wbcLookupRidsfailed");465 torture_assert_wbc_ok(tctx, ret, "%s", "wbcLookupRids for 544 and 545 failed"); 391 466 392 467 torture_assert_str_equal( … … 396 471 tctx, names[1], "Users", "S-1-5-32-545 not mapped to 'Users'"); 397 472 398 wbcFreeMemory( (char *)domain_name);473 wbcFreeMemory(discard_const_p(char ,domain_name)); 399 474 wbcFreeMemory(names); 400 475 wbcFreeMemory(types); … … 414 489 415 490 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details), 416 "wbcInterfaceDetails failed");491 "%s", "wbcInterfaceDetails failed"); 417 492 torture_assert_wbc_ok( 418 493 tctx, wbcDomainInfo(details->netbios_domain, &info), 419 "wbcDomainInfo failed");494 "wbcDomainInfo of %s failed", details->netbios_domain); 420 495 wbcFreeMemory(details); 421 496 … … 428 503 torture_assert_wbc_ok( 429 504 tctx, wbcStringToSid("S-1-5-32", &builtin), 430 "wbcStringToSid failed");505 "wbcStringToSid of %s failed", "S-1-5-32"); 431 506 432 507 ret = wbcGetSidAliases(&builtin, sids, 2, &rids, &num_rids); 433 torture_assert_wbc_ok(tctx, ret, " wbcGetSidAliases failed");508 torture_assert_wbc_ok(tctx, ret, "%s", "wbcGetSidAliases failed"); 434 509 435 510 wbcFreeMemory(rids); … … 446 521 wbcErr ret; 447 522 448 ret = wbcAuthenticateUser(getenv("USERNAME"), correct_password); 449 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 450 "wbcAuthenticateUser failed"); 523 ret = wbcAuthenticateUser(cli_credentials_get_username(cmdline_credentials), correct_password); 524 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 525 "wbcAuthenticateUser of %s failed", 526 cli_credentials_get_username(cmdline_credentials)); 451 527 452 528 ZERO_STRUCT(params); 453 params.account_name = getenv("USERNAME");529 params.account_name = cli_credentials_get_username(cmdline_credentials); 454 530 params.level = WBC_AUTH_USER_LEVEL_PLAIN; 455 531 params.password.plaintext = correct_password; … … 457 533 ret = wbcAuthenticateUserEx(¶ms, &info, &error); 458 534 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 459 "wbcAuthenticateUserEx failed");535 "wbcAuthenticateUserEx of %s failed", params.account_name); 460 536 wbcFreeMemory(info); 461 537 info = NULL; … … 467 543 ret = wbcAuthenticateUserEx(¶ms, &info, &error); 468 544 torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR, 469 "wbcAuthenticateUserEx succeeded where it "470 "should have failed" );545 "wbcAuthenticateUserEx for %s succeeded where it " 546 "should have failed", params.account_name); 471 547 wbcFreeMemory(info); 472 548 info = NULL; … … 480 556 static bool test_wbc_authenticate_user(struct torture_context *tctx) 481 557 { 482 return test_wbc_authenticate_user_int(tctx, getenv("PASSWORD"));558 return test_wbc_authenticate_user_int(tctx, cli_credentials_get_password(cmdline_credentials)); 483 559 } 484 560 … … 486 562 { 487 563 wbcErr ret; 488 const char *oldpass = getenv("PASSWORD");489 const char *newpass = "Koo8irei ";564 const char *oldpass = cli_credentials_get_password(cmdline_credentials); 565 const char *newpass = "Koo8irei%$"; 490 566 491 567 struct samr_CryptPassword new_nt_password; … … 551 627 552 628 params.level = WBC_CHANGE_PASSWORD_LEVEL_RESPONSE; 553 params.account_name = getenv("USERNAME");554 params.domain_name = "SAMBA-TEST";629 params.account_name = cli_credentials_get_username(cmdline_credentials); 630 params.domain_name = cli_credentials_get_domain(cmdline_credentials); 555 631 556 632 ret = wbcChangeUserPasswordEx(¶ms, NULL, NULL, NULL); 557 633 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 558 "wbcChangeUserPassword f ailed");559 560 if (!test_wbc_authenticate_user_int(tctx, "Koo8irei")) {634 "wbcChangeUserPassword for %s failed", params.account_name); 635 636 if (!test_wbc_authenticate_user_int(tctx, newpass)) { 561 637 return false; 562 638 } 563 639 564 ret = wbcChangeUserPassword( getenv("USERNAME"), "Koo8irei",565 getenv("PASSWORD"));566 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 567 "wbcChangeUserPassword f ailed");568 569 return test_wbc_authenticate_user_int(tctx, getenv("PASSWORD"));640 ret = wbcChangeUserPassword(cli_credentials_get_username(cmdline_credentials), newpass, 641 cli_credentials_get_password(cmdline_credentials)); 642 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 643 "wbcChangeUserPassword for %s failed", params.account_name); 644 645 return test_wbc_authenticate_user_int(tctx, cli_credentials_get_password(cmdline_credentials)); 570 646 } 571 647 … … 586 662 ret = wbcLogonUser(¶ms, &info, &error, &policy); 587 663 torture_assert_wbc_equal(tctx, ret, WBC_ERR_INVALID_PARAM, 588 " wbcLogonUser succeededwhere it should "664 "%s", "wbcLogonUser succeeded for NULL where it should " 589 665 "have failed"); 590 666 591 params.username = getenv("USERNAME");592 params.password = getenv("PASSWORD");667 params.username = cli_credentials_get_username(cmdline_credentials); 668 params.password = cli_credentials_get_password(cmdline_credentials); 593 669 594 670 ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs, 595 671 "foo", 0, discard_const_p(uint8_t, "bar"), 4); 596 672 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 597 " wbcAddNamedBlob failed");673 "%s", "wbcAddNamedBlob failed"); 598 674 599 675 ret = wbcLogonUser(¶ms, &info, &error, &policy); 600 676 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 601 "wbcLogonUser f ailed");677 "wbcLogonUser for %s failed", params.username); 602 678 wbcFreeMemory(info); info = NULL; 603 679 wbcFreeMemory(error); error = NULL; … … 608 684 ret = wbcLogonUser(¶ms, &info, &error, &policy); 609 685 torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR, 610 "wbcLogonUser should have failed with "611 "WBC_ERR_AUTH_ERROR" );686 "wbcLogonUser for %s should have failed with " 687 "WBC_ERR_AUTH_ERROR", params.username); 612 688 wbcFreeMemory(info); info = NULL; 613 689 wbcFreeMemory(error); error = NULL; … … 619 695 strlen("S-1-2-3-4")+1); 620 696 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 621 " wbcAddNamedBlob failed");622 params.password = getenv("PASSWORD");697 "%s", "wbcAddNamedBlob failed"); 698 params.password = cli_credentials_get_password(cmdline_credentials); 623 699 ret = wbcLogonUser(¶ms, &info, &error, &policy); 624 700 torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR, 625 "wbcLogonUser should have failed with "626 "WBC_ERR_AUTH_ERROR" );701 "wbcLogonUser for %s should have failed with " 702 "WBC_ERR_AUTH_ERROR", params.username); 627 703 wbcFreeMemory(info); info = NULL; 628 704 wbcFreeMemory(error); error = NULL; … … 633 709 ret = wbcInterfaceDetails(&iface); 634 710 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 635 " wbcInterfaceDetails failed");636 637 ret = wbcLookupName(iface->netbios_domain, getenv("USERNAME"), &sid,711 "%s", "wbcInterfaceDetails failed"); 712 713 ret = wbcLookupName(iface->netbios_domain, cli_credentials_get_username(cmdline_credentials), &sid, 638 714 &sidtype); 639 715 wbcFreeMemory(iface); 640 716 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 641 "wbcLookupName f ailed");717 "wbcLookupName for %s failed", cli_credentials_get_username(cmdline_credentials)); 642 718 643 719 ret = wbcSidToString(&sid, &sidstr); 644 720 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 645 " wbcSidToString failed");721 "%s", "wbcSidToString failed"); 646 722 647 723 ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs, … … 649 725 (uint8_t *)sidstr, strlen(sidstr)+1); 650 726 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 651 " wbcAddNamedBlob failed");727 "%s", "wbcAddNamedBlob failed"); 652 728 wbcFreeMemory(sidstr); 653 params.password = getenv("PASSWORD");729 params.password = cli_credentials_get_password(cmdline_credentials); 654 730 ret = wbcLogonUser(¶ms, &info, &error, &policy); 655 731 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 656 "wbcLogonUser f ailed");732 "wbcLogonUser for %s failed", params.username); 657 733 wbcFreeMemory(info); info = NULL; 658 734 wbcFreeMemory(error); error = NULL; … … 670 746 gid_t *groups; 671 747 672 ret = wbcGetGroups( getenv("USERNAME"), &num_groups, &groups);673 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 674 "wbcGetGroups f ailed");748 ret = wbcGetGroups(cli_credentials_get_username(cmdline_credentials), &num_groups, &groups); 749 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS, 750 "wbcGetGroups for %s failed", cli_credentials_get_username(cmdline_credentials)); 675 751 wbcFreeMemory(groups); 676 752 return true; … … 683 759 torture_suite_add_simple_test(suite, "wbcPing", test_wbc_ping); 684 760 torture_suite_add_simple_test(suite, "wbcPingDc", test_wbc_pingdc); 761 torture_suite_add_simple_test(suite, "wbcPingDc2", test_wbc_pingdc2); 685 762 torture_suite_add_simple_test(suite, "wbcLibraryDetails", test_wbc_library_details); 686 763 torture_suite_add_simple_test(suite, "wbcInterfaceDetails", test_wbc_interface_details); -
vendor/current/nsswitch/libwbclient/wbc_err_internal.h
r414 r988 30 30 goto done; \ 31 31 } \ 32 } while(0) ;32 } while(0) 33 33 34 34 #define BAIL_ON_PTR_ERROR(x, status) \ … … 40 40 status = WBC_ERR_SUCCESS; \ 41 41 } \ 42 } while (0) ;42 } while (0) 43 43 44 44 -
vendor/current/nsswitch/libwbclient/wbc_idmap.c
r740 r988 27 27 28 28 /* Convert a Windows SID to a Unix uid, allocating an uid if needed */ 29 wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid) 29 wbcErr wbcCtxSidToUid(struct wbcContext *ctx, const struct wbcDomainSid *sid, 30 uid_t *puid) 30 31 { 31 32 struct winbindd_request request; … … 47 48 /* Make request */ 48 49 49 wbc_status = wbcRequestResponse( WINBINDD_SID_TO_UID,50 wbc_status = wbcRequestResponse(ctx, WINBINDD_SID_TO_UID, 50 51 &request, 51 52 &response); … … 58 59 done: 59 60 return wbc_status; 61 } 62 63 wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid) 64 { 65 return wbcCtxSidToUid(NULL, sid, puid); 60 66 } 61 67 … … 68 74 69 75 /* Convert a Unix uid to a Windows SID, allocating a SID if needed */ 70 wbcErr wbcUidToSid(uid_t uid, struct wbcDomainSid *sid) 76 wbcErr wbcCtxUidToSid(struct wbcContext *ctx, uid_t uid, 77 struct wbcDomainSid *sid) 71 78 { 72 79 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 88 95 /* Make request */ 89 96 90 wbc_status = wbcRequestResponse( WINBINDD_UID_TO_SID,97 wbc_status = wbcRequestResponse(ctx, WINBINDD_UID_TO_SID, 91 98 &request, 92 99 &response); … … 98 105 done: 99 106 return wbc_status; 107 } 108 109 wbcErr wbcUidToSid(uid_t uid, struct wbcDomainSid *sid) 110 { 111 return wbcCtxUidToSid(NULL, uid, sid); 100 112 } 101 113 … … 116 128 **/ 117 129 118 wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid) 130 wbcErr wbcCtxSidToGid(struct wbcContext *ctx, const struct wbcDomainSid *sid, 131 gid_t *pgid) 119 132 { 120 133 struct winbindd_request request; … … 136 149 /* Make request */ 137 150 138 wbc_status = wbcRequestResponse( WINBINDD_SID_TO_GID,151 wbc_status = wbcRequestResponse(ctx, WINBINDD_SID_TO_GID, 139 152 &request, 140 153 &response); … … 149 162 } 150 163 164 wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid) 165 { 166 return wbcCtxSidToGid(NULL, sid, pgid); 167 } 151 168 152 169 /* Convert a Windows SID to a Unix gid if there already is a mapping */ … … 160 177 161 178 /* Convert a Unix gid to a Windows SID, allocating a SID if needed */ 162 wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid) 179 wbcErr wbcCtxGidToSid(struct wbcContext *ctx, gid_t gid, 180 struct wbcDomainSid *sid) 163 181 { 164 182 struct winbindd_request request; … … 180 198 /* Make request */ 181 199 182 wbc_status = wbcRequestResponse( WINBINDD_GID_TO_SID,200 wbc_status = wbcRequestResponse(ctx, WINBINDD_GID_TO_SID, 183 201 &request, 184 202 &response); … … 190 208 done: 191 209 return wbc_status; 210 } 211 212 wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid) 213 { 214 return wbcCtxGidToSid(NULL, gid, sid); 192 215 } 193 216 … … 200 223 201 224 /* Obtain a new uid from Winbind */ 202 wbcErr wbc AllocateUid(uid_t *puid)225 wbcErr wbcCtxAllocateUid(struct wbcContext *ctx, uid_t *puid) 203 226 { 204 227 struct winbindd_request request; … … 216 239 /* Make request */ 217 240 218 wbc_status = wbcRequestResponsePriv( WINBINDD_ALLOCATE_UID,241 wbc_status = wbcRequestResponsePriv(ctx, WINBINDD_ALLOCATE_UID, 219 242 &request, &response); 220 243 BAIL_ON_WBC_ERROR(wbc_status); … … 229 252 } 230 253 254 wbcErr wbcAllocateUid(uid_t *puid) 255 { 256 return wbcCtxAllocateUid(NULL, puid); 257 } 258 231 259 /* Obtain a new gid from Winbind */ 232 wbcErr wbc AllocateGid(gid_t *pgid)260 wbcErr wbcCtxAllocateGid(struct wbcContext *ctx, gid_t *pgid) 233 261 { 234 262 struct winbindd_request request; … … 246 274 /* Make request */ 247 275 248 wbc_status = wbcRequestResponsePriv( WINBINDD_ALLOCATE_GID,276 wbc_status = wbcRequestResponsePriv(ctx, WINBINDD_ALLOCATE_GID, 249 277 &request, &response); 250 278 BAIL_ON_WBC_ERROR(wbc_status); … … 257 285 done: 258 286 return wbc_status; 287 } 288 289 wbcErr wbcAllocateGid(gid_t *pgid) 290 { 291 return wbcCtxAllocateGid(NULL, pgid); 259 292 } 260 293 … … 300 333 301 334 /* Convert a list of SIDs */ 302 wbcErr wbcSidsToUnixIds(const struct wbcDomainSid *sids, uint32_t num_sids, 303 struct wbcUnixId *ids) 335 wbcErr wbcCtxSidsToUnixIds(struct wbcContext *ctx, 336 const struct wbcDomainSid *sids, 337 uint32_t num_sids, struct wbcUnixId *ids) 304 338 { 305 339 struct winbindd_request request; … … 342 376 request.extra_len = p - sidlist; 343 377 344 wbc_status = wbcRequestResponse( WINBINDD_SIDS_TO_XIDS,378 wbc_status = wbcRequestResponse(ctx, WINBINDD_SIDS_TO_XIDS, 345 379 &request, &response); 346 380 free(sidlist); … … 371 405 id->id.gid = strtoul(p+1, &q, 10); 372 406 break; 407 case 'B': 408 id->type = WBC_ID_TYPE_BOTH; 409 id->id.uid = strtoul(p+1, &q, 10); 410 break; 373 411 default: 374 412 id->type = WBC_ID_TYPE_NOT_SPECIFIED; 375 q = p;413 q = strchr(p, '\n'); 376 414 break; 377 415 }; 378 if (q [0] != '\n') {416 if (q == NULL || q[0] != '\n') { 379 417 goto wbc_err_invalid; 380 418 } … … 390 428 return wbc_status; 391 429 } 430 431 wbcErr wbcSidsToUnixIds(const struct wbcDomainSid *sids, uint32_t num_sids, 432 struct wbcUnixId *ids) 433 { 434 return wbcCtxSidsToUnixIds(NULL, sids, num_sids, ids); 435 } -
vendor/current/nsswitch/libwbclient/wbc_pam.c
r740 r988 29 29 30 30 /* Authenticate a username/password pair */ 31 wbcErr wbc AuthenticateUser(const char *username,32 const char *password)31 wbcErr wbcCtxAuthenticateUser(struct wbcContext *ctx, 32 const char *username, const char *password) 33 33 { 34 34 wbcErr wbc_status = WBC_ERR_SUCCESS; … … 41 41 params.password.plaintext = password; 42 42 43 wbc_status = wbc AuthenticateUserEx(¶ms, NULL, NULL);43 wbc_status = wbcCtxAuthenticateUserEx(ctx, ¶ms, NULL, NULL); 44 44 BAIL_ON_WBC_ERROR(wbc_status); 45 45 46 46 done: 47 47 return wbc_status; 48 } 49 50 wbcErr wbcAuthenticateUser(const char *username, const char *password) 51 { 52 return wbcCtxAuthenticateUser(NULL, username, password); 48 53 } 49 54 … … 343 348 344 349 /* Authenticate with more detailed information */ 345 wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, 346 struct wbcAuthUserInfo **info, 347 struct wbcAuthErrorInfo **error) 350 wbcErr wbcCtxAuthenticateUserEx(struct wbcContext *ctx, 351 const struct wbcAuthUserParams *params, 352 struct wbcAuthUserInfo **info, 353 struct wbcAuthErrorInfo **error) 348 354 { 349 355 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 364 370 } 365 371 366 if ( !params->account_name) {372 if (params->level != WBC_AUTH_USER_LEVEL_PAC && !params->account_name) { 367 373 wbc_status = WBC_ERR_INVALID_PARAM; 368 374 BAIL_ON_WBC_ERROR(wbc_status); … … 389 395 ZERO_STRUCT(sep_response); 390 396 391 wbc_status = wbcRequestResponse( WINBINDD_INFO,397 wbc_status = wbcRequestResponse(ctx, WINBINDD_INFO, 392 398 NULL, &sep_response); 393 399 BAIL_ON_WBC_ERROR(wbc_status); … … 491 497 } 492 498 break; 499 500 case WBC_AUTH_USER_LEVEL_PAC: 501 cmd = WINBINDD_PAM_AUTH_CRAP; 502 request.flags = WBFLAG_PAM_AUTH_PAC | WBFLAG_PAM_INFO3_TEXT; 503 request.extra_data.data = malloc(params->password.pac.length); 504 if (request.extra_data.data == NULL) { 505 wbc_status = WBC_ERR_NO_MEMORY; 506 BAIL_ON_WBC_ERROR(wbc_status); 507 } 508 memcpy(request.extra_data.data, params->password.pac.data, 509 params->password.pac.length); 510 request.extra_len = params->password.pac.length; 511 break; 512 493 513 default: 494 514 break; … … 505 525 506 526 if (cmd == WINBINDD_PAM_AUTH_CRAP) { 507 wbc_status = wbcRequestResponsePriv(cmd, &request, &response); 527 wbc_status = wbcRequestResponsePriv(ctx, cmd, 528 &request, &response); 508 529 } else { 509 wbc_status = wbcRequestResponse(cmd, &request, &response); 530 wbc_status = wbcRequestResponse(ctx, cmd, 531 &request, &response); 510 532 } 511 533 if (response.data.auth.nt_status != 0) { … … 534 556 } 535 557 558 wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, 559 struct wbcAuthUserInfo **info, 560 struct wbcAuthErrorInfo **error) 561 { 562 return wbcCtxAuthenticateUserEx(NULL, params, info, error); 563 } 564 536 565 /* Trigger a verification of the trust credentials of a specific domain */ 537 wbcErr wbcC heckTrustCredentials(const char *domain,538 struct wbcAuthErrorInfo **error)566 wbcErr wbcCtxCheckTrustCredentials(struct wbcContext *ctx, const char *domain, 567 struct wbcAuthErrorInfo **error) 539 568 { 540 569 struct winbindd_request request; … … 552 581 /* Send request */ 553 582 554 wbc_status = wbcRequestResponsePriv( WINBINDD_CHECK_MACHACC,583 wbc_status = wbcRequestResponsePriv(ctx, WINBINDD_CHECK_MACHACC, 555 584 &request, &response); 556 585 if (response.data.auth.nt_status != 0) { … … 570 599 } 571 600 601 wbcErr wbcCheckTrustCredentials(const char *domain, 602 struct wbcAuthErrorInfo **error) 603 { 604 return wbcCtxCheckTrustCredentials(NULL, domain, error); 605 } 606 572 607 /* Trigger a change of the trust credentials for a specific domain */ 573 wbcErr wbcC hangeTrustCredentials(const char *domain,574 struct wbcAuthErrorInfo **error)608 wbcErr wbcCtxChangeTrustCredentials(struct wbcContext *ctx, const char *domain, 609 struct wbcAuthErrorInfo **error) 575 610 { 576 611 struct winbindd_request request; … … 588 623 /* Send request */ 589 624 590 wbc_status = wbcRequestResponsePriv( WINBINDD_CHANGE_MACHACC,591 &request, &response);625 wbc_status = wbcRequestResponsePriv(ctx, WINBINDD_CHANGE_MACHACC, 626 &request, &response); 592 627 if (response.data.auth.nt_status != 0) { 593 628 if (error) { … … 606 641 } 607 642 643 wbcErr wbcChangeTrustCredentials(const char *domain, 644 struct wbcAuthErrorInfo **error) 645 { 646 return wbcCtxChangeTrustCredentials(NULL, domain, error); 647 } 648 608 649 /* 609 650 * Trigger a no-op NETLOGON call. Lightweight version of 610 651 * wbcCheckTrustCredentials 611 652 */ 653 wbcErr wbcCtxPingDc(struct wbcContext *ctx, const char *domain, 654 struct wbcAuthErrorInfo **error) 655 { 656 return wbcCtxPingDc2(ctx, domain, error, NULL); 657 } 658 612 659 wbcErr wbcPingDc(const char *domain, struct wbcAuthErrorInfo **error) 660 { 661 return wbcPingDc2(domain, error, NULL); 662 } 663 664 /* 665 * Trigger a no-op NETLOGON call. Lightweight version of 666 * wbcCheckTrustCredentials, optionally return attempted DC 667 */ 668 wbcErr wbcCtxPingDc2(struct wbcContext *ctx, const char *domain, 669 struct wbcAuthErrorInfo **error, char **dcname) 613 670 { 614 671 struct winbindd_request request; … … 616 673 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 617 674 618 if (domain) {619 /*620 * the current protocol doesn't support621 * specifying a domain622 */623 wbc_status = WBC_ERR_NOT_IMPLEMENTED;624 BAIL_ON_WBC_ERROR(wbc_status);625 }626 627 675 ZERO_STRUCT(request); 628 676 ZERO_STRUCT(response); 629 677 678 if (domain) { 679 strncpy(request.domain_name, domain, 680 sizeof(request.domain_name)-1); 681 } 682 630 683 /* Send request */ 631 684 632 wbc_status = wbcRequestResponse( WINBINDD_PING_DC,685 wbc_status = wbcRequestResponse(ctx, WINBINDD_PING_DC, 633 686 &request, 634 687 &response); 688 689 if (dcname && response.extra_data.data) { 690 size_t len; 691 692 len = response.length - sizeof(struct winbindd_response); 693 *dcname = wbcAllocateMemory(1, len, NULL); 694 BAIL_ON_PTR_ERROR(*dcname, wbc_status); 695 696 strlcpy(*dcname, response.extra_data.data, len); 697 } 698 635 699 if (response.data.auth.nt_status != 0) { 636 700 if (error) { … … 649 713 } 650 714 715 wbcErr wbcPingDc2(const char *domain, struct wbcAuthErrorInfo **error, 716 char **dcname) 717 { 718 return wbcCtxPingDc2(NULL, domain, error, dcname); 719 } 720 651 721 /* Trigger an extended logoff notification to Winbind for a specific user */ 652 wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, 653 struct wbcAuthErrorInfo **error) 722 wbcErr wbcCtxLogoffUserEx(struct wbcContext *ctx, 723 const struct wbcLogoffUserParams *params, 724 struct wbcAuthErrorInfo **error) 654 725 { 655 726 struct winbindd_request request; … … 714 785 /* Send request */ 715 786 716 wbc_status = wbcRequestResponse( WINBINDD_PAM_LOGOFF,787 wbc_status = wbcRequestResponse(ctx, WINBINDD_PAM_LOGOFF, 717 788 &request, 718 789 &response); … … 735 806 } 736 807 808 wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, 809 struct wbcAuthErrorInfo **error) 810 { 811 return wbcCtxLogoffUserEx(NULL, params, error); 812 } 813 737 814 /* Trigger a logoff notification to Winbind for a specific user */ 815 wbcErr wbcCtxLogoffUser(struct wbcContext *ctx, 816 const char *username, uid_t uid, 817 const char *ccfilename) 818 { 819 struct winbindd_request request; 820 struct winbindd_response response; 821 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 822 823 /* validate input */ 824 825 if (!username) { 826 wbc_status = WBC_ERR_INVALID_PARAM; 827 BAIL_ON_WBC_ERROR(wbc_status); 828 } 829 830 ZERO_STRUCT(request); 831 ZERO_STRUCT(response); 832 833 strncpy(request.data.logoff.user, username, 834 sizeof(request.data.logoff.user)-1); 835 request.data.logoff.uid = uid; 836 837 if (ccfilename) { 838 strncpy(request.data.logoff.krb5ccname, ccfilename, 839 sizeof(request.data.logoff.krb5ccname)-1); 840 } 841 842 /* Send request */ 843 844 wbc_status = wbcRequestResponse(ctx, WINBINDD_PAM_LOGOFF, 845 &request, 846 &response); 847 848 /* Take the response above and return it to the caller */ 849 850 done: 851 return wbc_status; 852 } 853 738 854 wbcErr wbcLogoffUser(const char *username, 739 855 uid_t uid, 740 856 const char *ccfilename) 741 857 { 742 struct winbindd_request request; 743 struct winbindd_response response; 744 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 745 746 /* validate input */ 747 748 if (!username) { 749 wbc_status = WBC_ERR_INVALID_PARAM; 750 BAIL_ON_WBC_ERROR(wbc_status); 751 } 752 753 ZERO_STRUCT(request); 754 ZERO_STRUCT(response); 755 756 strncpy(request.data.logoff.user, username, 757 sizeof(request.data.logoff.user)-1); 758 request.data.logoff.uid = uid; 759 760 if (ccfilename) { 761 strncpy(request.data.logoff.krb5ccname, ccfilename, 762 sizeof(request.data.logoff.krb5ccname)-1); 763 } 764 765 /* Send request */ 766 767 wbc_status = wbcRequestResponse(WINBINDD_PAM_LOGOFF, 768 &request, 769 &response); 770 771 /* Take the response above and return it to the caller */ 772 773 done: 774 return wbc_status; 858 return wbcCtxLogoffUser(NULL, username, uid, ccfilename); 775 859 } 776 860 777 861 /* Change a password for a user with more detailed information upon failure */ 778 wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, 779 struct wbcAuthErrorInfo **error, 780 enum wbcPasswordChangeRejectReason *reject_reason, 781 struct wbcUserPasswordPolicyInfo **policy) 862 wbcErr wbcCtxChangeUserPasswordEx(struct wbcContext *ctx, 863 const struct wbcChangePasswordParams *params, 864 struct wbcAuthErrorInfo **error, 865 enum wbcPasswordChangeRejectReason *reject_reason, 866 struct wbcUserPasswordPolicyInfo **policy) 782 867 { 783 868 struct winbindd_request request; … … 938 1023 /* Send request */ 939 1024 940 wbc_status = wbcRequestResponse(c md,1025 wbc_status = wbcRequestResponse(ctx, cmd, 941 1026 &request, 942 1027 &response); … … 973 1058 } 974 1059 1060 wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, 1061 struct wbcAuthErrorInfo **error, 1062 enum wbcPasswordChangeRejectReason *reject_reason, 1063 struct wbcUserPasswordPolicyInfo **policy) 1064 { 1065 return wbcCtxChangeUserPasswordEx(NULL, params, error, 1066 reject_reason, policy); 1067 } 1068 975 1069 /* Change a password for a user */ 976 wbcErr wbcChangeUserPassword(const char *username, 977 const char *old_password, 978 const char *new_password) 1070 wbcErr wbcCtxChangeUserPassword(struct wbcContext *ctx, 1071 const char *username, 1072 const char *old_password, 1073 const char *new_password) 979 1074 { 980 1075 wbcErr wbc_status = WBC_ERR_SUCCESS; … … 988 1083 params.new_password.plaintext = new_password; 989 1084 990 wbc_status = wbcC hangeUserPasswordEx(¶ms,991 992 993 1085 wbc_status = wbcCtxChangeUserPasswordEx(ctx, ¶ms, 1086 NULL, 1087 NULL, 1088 NULL); 994 1089 BAIL_ON_WBC_ERROR(wbc_status); 995 1090 … … 998 1093 } 999 1094 1095 wbcErr wbcChangeUserPassword(const char *username, 1096 const char *old_password, 1097 const char *new_password) 1098 { 1099 return wbcCtxChangeUserPassword(NULL, username, 1100 old_password, new_password); 1101 } 1102 1000 1103 /* Logon a User */ 1001 wbcErr wbcLogonUser(const struct wbcLogonUserParams *params, 1002 struct wbcLogonUserInfo **info, 1003 struct wbcAuthErrorInfo **error, 1004 struct wbcUserPasswordPolicyInfo **policy) 1104 wbcErr wbcCtxLogonUser(struct wbcContext *ctx, 1105 const struct wbcLogonUserParams *params, 1106 struct wbcLogonUserInfo **info, 1107 struct wbcAuthErrorInfo **error, 1108 struct wbcUserPasswordPolicyInfo **policy) 1005 1109 { 1006 1110 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 1104 1208 } 1105 1209 1106 wbc_status = wbcRequestResponse( WINBINDD_PAM_AUTH,1210 wbc_status = wbcRequestResponse(ctx, WINBINDD_PAM_AUTH, 1107 1211 &request, 1108 1212 &response); … … 1138 1242 } 1139 1243 1244 wbcErr wbcLogonUser(const struct wbcLogonUserParams *params, 1245 struct wbcLogonUserInfo **info, 1246 struct wbcAuthErrorInfo **error, 1247 struct wbcUserPasswordPolicyInfo **policy) 1248 { 1249 return wbcCtxLogonUser(NULL, params, info, error, policy); 1250 } 1251 1140 1252 static void wbcCredentialCacheInfoDestructor(void *ptr) 1141 1253 { … … 1146 1258 1147 1259 /* Authenticate a user with cached credentials */ 1148 wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params, 1149 struct wbcCredentialCacheInfo **info, 1150 struct wbcAuthErrorInfo **error) 1260 wbcErr wbcCtxCredentialCache(struct wbcContext *ctx, 1261 struct wbcCredentialCacheParams *params, 1262 struct wbcCredentialCacheInfo **info, 1263 struct wbcAuthErrorInfo **error) 1151 1264 { 1152 1265 wbcErr status = WBC_ERR_UNKNOWN_FAILURE; … … 1161 1274 ZERO_STRUCT(response); 1162 1275 1163 if (info != NULL) { 1164 *info = NULL; 1165 } 1276 *info = NULL; 1277 1166 1278 if (error != NULL) { 1167 1279 *error = NULL; … … 1174 1286 } 1175 1287 1288 for (i=0; i<params->num_blobs; i++) { 1289 /* 1290 * Older callers may used to provide the NEGOTIATE request 1291 * as "initial_blob", but it was completely ignored by winbindd. 1292 * 1293 * So we keep ignoring it. 1294 * 1295 * A new callers that is capable to support "new_spnego", 1296 * will provide the NEGOTIATE request as "negotiate_blob" 1297 * instead. 1298 */ 1299 if (strcasecmp(params->blobs[i].name, "negotiate_blob") == 0) { 1300 if (initial_blob != NULL) { 1301 status = WBC_ERR_INVALID_PARAM; 1302 goto fail; 1303 } 1304 initial_blob = ¶ms->blobs[i]; 1305 continue; 1306 } 1307 if (strcasecmp(params->blobs[i].name, "challenge_blob") == 0) { 1308 if (challenge_blob != NULL) { 1309 status = WBC_ERR_INVALID_PARAM; 1310 goto fail; 1311 } 1312 challenge_blob = ¶ms->blobs[i]; 1313 continue; 1314 } 1315 } 1316 1176 1317 if (params->domain_name != NULL) { 1177 status = wbcRequestResponse(WINBINDD_INFO, NULL, &response); 1318 status = wbcRequestResponse(ctx, WINBINDD_INFO, 1319 NULL, &response); 1178 1320 if (!WBC_ERROR_IS_OK(status)) { 1179 1321 goto fail; … … 1191 1333 request.data.ccache_ntlm_auth.uid = getuid(); 1192 1334 1193 for (i=0; i<params->num_blobs; i++) {1194 if (strcasecmp(params->blobs[i].name, "initial_blob") == 0) {1195 initial_blob = ¶ms->blobs[i];1196 break;1197 }1198 if (strcasecmp(params->blobs[i].name, "challenge_blob") == 0) {1199 challenge_blob = ¶ms->blobs[i];1200 break;1201 }1202 }1203 1204 1335 request.data.ccache_ntlm_auth.initial_blob_len = 0; 1205 1336 request.data.ccache_ntlm_auth.challenge_blob_len = 0; … … 1235 1366 } 1236 1367 1237 status = wbcRequestResponse( WINBINDD_CCACHE_NTLMAUTH, &request,1238 &re sponse);1368 status = wbcRequestResponse(ctx, WINBINDD_CCACHE_NTLMAUTH, 1369 &request, &response); 1239 1370 if (!WBC_ERROR_IS_OK(status)) { 1240 1371 goto fail; … … 1264 1395 goto fail; 1265 1396 } 1397 if (response.data.ccache_ntlm_auth.new_spnego) { 1398 status = wbcAddNamedBlob( 1399 &result->num_blobs, &result->blobs, "new_spnego", 0, 1400 &response.data.ccache_ntlm_auth.new_spnego, 1401 sizeof(response.data.ccache_ntlm_auth.new_spnego)); 1402 if (!WBC_ERROR_IS_OK(status)) { 1403 goto fail; 1404 } 1405 } 1266 1406 1267 1407 *info = result; … … 1275 1415 } 1276 1416 1417 wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params, 1418 struct wbcCredentialCacheInfo **info, 1419 struct wbcAuthErrorInfo **error) 1420 { 1421 return wbcCtxCredentialCache(NULL, params, info, error); 1422 } 1423 1277 1424 /* Authenticate a user with cached credentials */ 1278 wbcErr wbcCredentialSave(const char *user, const char *password) 1425 wbcErr wbcCtxCredentialSave(struct wbcContext *ctx, 1426 const char *user, const char *password) 1279 1427 { 1280 1428 struct winbindd_request request; … … 1290 1438 request.data.ccache_save.uid = getuid(); 1291 1439 1292 return wbcRequestResponse(WINBINDD_CCACHE_SAVE, &request, &response); 1293 } 1440 return wbcRequestResponse(ctx, WINBINDD_CCACHE_SAVE, &request, &response); 1441 } 1442 1443 wbcErr wbcCredentialSave(const char *user, const char *password) 1444 { 1445 return wbcCtxCredentialSave(NULL, user, password); 1446 } -
vendor/current/nsswitch/libwbclient/wbc_pwd.c
r740 r988 5 5 6 6 Copyright (C) Gerald (Jerry) Carter 2007 7 Copyright (C) Matthew Newton 2015 7 8 8 9 … … 168 169 169 170 /* Fill in a struct passwd* for a domain user based on username */ 170 wbcErr wbcGetpwnam(const char *name, struct passwd **pwd) 171 wbcErr wbcCtxGetpwnam(struct wbcContext *ctx, 172 const char *name, struct passwd **pwd) 171 173 { 172 174 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 188 190 strncpy(request.data.username, name, sizeof(request.data.username)-1); 189 191 190 wbc_status = wbcRequestResponse( WINBINDD_GETPWNAM,192 wbc_status = wbcRequestResponse(ctx, WINBINDD_GETPWNAM, 191 193 &request, 192 194 &response); … … 200 202 } 201 203 204 wbcErr wbcGetpwnam(const char *name, struct passwd **pwd) 205 { 206 return wbcCtxGetpwnam(NULL, name, pwd); 207 } 208 202 209 /* Fill in a struct passwd* for a domain user based on uid */ 203 wbcErr wbc Getpwuid(uid_t uid, struct passwd **pwd)210 wbcErr wbcCtxGetpwuid(struct wbcContext *ctx, uid_t uid, struct passwd **pwd) 204 211 { 205 212 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 219 226 request.data.uid = uid; 220 227 221 wbc_status = wbcRequestResponse( WINBINDD_GETPWUID,228 wbc_status = wbcRequestResponse(ctx, WINBINDD_GETPWUID, 222 229 &request, 223 230 &response); … … 231 238 } 232 239 240 wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd) 241 { 242 return wbcCtxGetpwuid(NULL, uid, pwd); 243 } 244 233 245 /* Fill in a struct passwd* for a domain user based on sid */ 234 wbcErr wbcGetpwsid(struct wbcDomainSid *sid, struct passwd **pwd) 246 wbcErr wbcCtxGetpwsid(struct wbcContext *ctx, 247 struct wbcDomainSid *sid, struct passwd **pwd) 235 248 { 236 249 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 250 263 wbcSidToStringBuf(sid, request.data.sid, sizeof(request.data.sid)); 251 264 252 wbc_status = wbcRequestResponse( WINBINDD_GETPWSID,265 wbc_status = wbcRequestResponse(ctx, WINBINDD_GETPWSID, 253 266 &request, 254 267 &response); … … 262 275 } 263 276 277 wbcErr wbcGetpwsid(struct wbcDomainSid *sid, struct passwd **pwd) 278 { 279 return wbcCtxGetpwsid(NULL, sid, pwd); 280 } 281 264 282 /* Fill in a struct passwd* for a domain user based on username */ 265 wbcErr wbcGetgrnam(const char *name, struct group **grp) 283 wbcErr wbcCtxGetgrnam(struct wbcContext *ctx, 284 const char *name, struct group **grp) 266 285 { 267 286 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 283 302 strncpy(request.data.groupname, name, sizeof(request.data.groupname)-1); 284 303 285 wbc_status = wbcRequestResponse( WINBINDD_GETGRNAM,304 wbc_status = wbcRequestResponse(ctx, WINBINDD_GETGRNAM, 286 305 &request, 287 306 &response); … … 298 317 } 299 318 319 wbcErr wbcGetgrnam(const char *name, struct group **grp) 320 { 321 return wbcCtxGetgrnam(NULL, name, grp); 322 } 323 300 324 /* Fill in a struct passwd* for a domain user based on uid */ 301 wbcErr wbc Getgrgid(gid_t gid, struct group **grp)325 wbcErr wbcCtxGetgrgid(struct wbcContext *ctx, gid_t gid, struct group **grp) 302 326 { 303 327 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 317 341 request.data.gid = gid; 318 342 319 wbc_status = wbcRequestResponse( WINBINDD_GETGRGID,343 wbc_status = wbcRequestResponse(ctx, WINBINDD_GETGRGID, 320 344 &request, 321 345 &response); … … 332 356 } 333 357 334 /** @brief Number of cached passwd structs 335 * 336 */ 337 static uint32_t pw_cache_size; 338 339 /** @brief Position of the pwent context 340 * 341 */ 342 static uint32_t pw_cache_idx; 358 wbcErr wbcGetgrgid(gid_t gid, struct group **grp) 359 { 360 return wbcCtxGetgrgid(NULL, gid, grp); 361 } 343 362 344 363 /** @brief Winbindd response containing the passwd structs … … 348 367 349 368 /* Reset the passwd iterator */ 369 wbcErr wbcCtxSetpwent(struct wbcContext *ctx) 370 { 371 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 372 373 if (!ctx) { 374 ctx = wbcGetGlobalCtx(); 375 } 376 377 if (ctx->pw_cache_size > 0) { 378 ctx->pw_cache_idx = ctx->pw_cache_size = 0; 379 winbindd_free_response(&pw_response); 380 } 381 382 ZERO_STRUCT(pw_response); 383 384 wbc_status = wbcRequestResponse(ctx, WINBINDD_SETPWENT, 385 NULL, NULL); 386 BAIL_ON_WBC_ERROR(wbc_status); 387 388 done: 389 return wbc_status; 390 } 391 350 392 wbcErr wbcSetpwent(void) 351 393 { 352 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 353 354 if (pw_cache_size > 0) { 355 pw_cache_idx = pw_cache_size = 0; 394 return wbcCtxSetpwent(NULL); 395 } 396 397 /* Close the passwd iterator */ 398 wbcErr wbcCtxEndpwent(struct wbcContext *ctx) 399 { 400 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 401 402 if (!ctx) { 403 ctx = wbcGetGlobalCtx(); 404 } 405 406 if (ctx->pw_cache_size > 0) { 407 ctx->pw_cache_idx = ctx->pw_cache_size = 0; 356 408 winbindd_free_response(&pw_response); 357 409 } 358 410 359 ZERO_STRUCT(pw_response); 360 361 wbc_status = wbcRequestResponse(WINBINDD_SETPWENT, 411 wbc_status = wbcRequestResponse(ctx, WINBINDD_ENDPWENT, 362 412 NULL, NULL); 363 413 BAIL_ON_WBC_ERROR(wbc_status); … … 367 417 } 368 418 369 /* Close the passwd iterator */370 419 wbcErr wbcEndpwent(void) 371 420 { 372 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 373 374 if (pw_cache_size > 0) { 375 pw_cache_idx = pw_cache_size = 0; 376 winbindd_free_response(&pw_response); 377 } 378 379 wbc_status = wbcRequestResponse(WINBINDD_ENDPWENT, 380 NULL, NULL); 381 BAIL_ON_WBC_ERROR(wbc_status); 382 383 done: 384 return wbc_status; 421 return wbcCtxEndpwent(NULL); 385 422 } 386 423 387 424 /* Return the next struct passwd* entry from the pwent iterator */ 425 wbcErr wbcCtxGetpwent(struct wbcContext *ctx, struct passwd **pwd) 426 { 427 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 428 struct winbindd_request request; 429 struct winbindd_pw *wb_pw; 430 431 if (!ctx) { 432 ctx = wbcGetGlobalCtx(); 433 } 434 435 /* If there's a cached result, return that. */ 436 if (ctx->pw_cache_idx < ctx->pw_cache_size) { 437 goto return_result; 438 } 439 440 /* Otherwise, query winbindd for some entries. */ 441 442 ctx->pw_cache_idx = 0; 443 444 winbindd_free_response(&pw_response); 445 446 ZERO_STRUCT(request); 447 request.data.num_entries = MAX_GETPWENT_USERS; 448 449 wbc_status = wbcRequestResponse(ctx, WINBINDD_GETPWENT, &request, 450 &pw_response); 451 452 BAIL_ON_WBC_ERROR(wbc_status); 453 454 ctx->pw_cache_size = pw_response.data.num_entries; 455 456 return_result: 457 458 wb_pw = (struct winbindd_pw *) pw_response.extra_data.data; 459 460 *pwd = copy_passwd_entry(&wb_pw[ctx->pw_cache_idx]); 461 462 BAIL_ON_PTR_ERROR(*pwd, wbc_status); 463 464 ctx->pw_cache_idx++; 465 466 done: 467 return wbc_status; 468 } 469 388 470 wbcErr wbcGetpwent(struct passwd **pwd) 389 471 { 390 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 391 struct winbindd_request request; 392 struct winbindd_pw *wb_pw; 393 394 /* If there's a cached result, return that. */ 395 if (pw_cache_idx < pw_cache_size) { 396 goto return_result; 397 } 398 399 /* Otherwise, query winbindd for some entries. */ 400 401 pw_cache_idx = 0; 402 403 winbindd_free_response(&pw_response); 404 405 ZERO_STRUCT(request); 406 request.data.num_entries = MAX_GETPWENT_USERS; 407 408 wbc_status = wbcRequestResponse(WINBINDD_GETPWENT, &request, 409 &pw_response); 410 411 BAIL_ON_WBC_ERROR(wbc_status); 412 413 pw_cache_size = pw_response.data.num_entries; 414 415 return_result: 416 417 wb_pw = (struct winbindd_pw *) pw_response.extra_data.data; 418 419 *pwd = copy_passwd_entry(&wb_pw[pw_cache_idx]); 420 421 BAIL_ON_PTR_ERROR(*pwd, wbc_status); 422 423 pw_cache_idx++; 424 425 done: 426 return wbc_status; 427 } 428 429 /** @brief Number of cached group structs 430 * 431 */ 432 static uint32_t gr_cache_size; 433 434 /** @brief Position of the grent context 435 * 436 */ 437 static uint32_t gr_cache_idx; 472 return wbcCtxGetpwent(NULL, pwd); 473 } 438 474 439 475 /** @brief Winbindd response containing the group structs … … 443 479 444 480 /* Reset the group iterator */ 481 wbcErr wbcCtxSetgrent(struct wbcContext *ctx) 482 { 483 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 484 485 if (!ctx) { 486 ctx = wbcGetGlobalCtx(); 487 } 488 489 if (ctx->gr_cache_size > 0) { 490 ctx->gr_cache_idx = ctx->gr_cache_size = 0; 491 winbindd_free_response(&gr_response); 492 } 493 494 ZERO_STRUCT(gr_response); 495 496 wbc_status = wbcRequestResponse(ctx, WINBINDD_SETGRENT, 497 NULL, NULL); 498 BAIL_ON_WBC_ERROR(wbc_status); 499 500 done: 501 return wbc_status; 502 } 503 445 504 wbcErr wbcSetgrent(void) 446 505 { 447 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 448 449 if (gr_cache_size > 0) { 450 gr_cache_idx = gr_cache_size = 0; 506 return wbcCtxSetgrent(NULL); 507 } 508 509 /* Close the group iterator */ 510 wbcErr wbcCtxEndgrent(struct wbcContext *ctx) 511 { 512 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 513 514 if (!ctx) { 515 ctx = wbcGetGlobalCtx(); 516 } 517 518 if (ctx->gr_cache_size > 0) { 519 ctx->gr_cache_idx = ctx->gr_cache_size = 0; 451 520 winbindd_free_response(&gr_response); 452 521 } 453 522 454 ZERO_STRUCT(gr_response); 455 456 wbc_status = wbcRequestResponse(WINBINDD_SETGRENT, 523 wbc_status = wbcRequestResponse(ctx, WINBINDD_ENDGRENT, 457 524 NULL, NULL); 458 525 BAIL_ON_WBC_ERROR(wbc_status); … … 462 529 } 463 530 464 /* Close the group iterator */465 531 wbcErr wbcEndgrent(void) 466 532 { 467 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 468 469 if (gr_cache_size > 0) { 470 gr_cache_idx = gr_cache_size = 0; 471 winbindd_free_response(&gr_response); 472 } 473 474 wbc_status = wbcRequestResponse(WINBINDD_ENDGRENT, 475 NULL, NULL); 476 BAIL_ON_WBC_ERROR(wbc_status); 477 478 done: 479 return wbc_status; 533 return wbcCtxEndgrent(NULL); 480 534 } 481 535 482 536 /* Return the next struct group* entry from the pwent iterator */ 483 wbcErr wbc Getgrent(struct group **grp)537 wbcErr wbcCtxGetgrent(struct wbcContext *ctx, struct group **grp) 484 538 { 485 539 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 488 542 uint32_t mem_ofs; 489 543 544 if (!ctx) { 545 ctx = wbcGetGlobalCtx(); 546 } 547 490 548 /* If there's a cached result, return that. */ 491 if ( gr_cache_idx <gr_cache_size) {549 if (ctx->gr_cache_idx < ctx->gr_cache_size) { 492 550 goto return_result; 493 551 } … … 495 553 /* Otherwise, query winbindd for some entries. */ 496 554 497 gr_cache_idx = 0;555 ctx->gr_cache_idx = 0; 498 556 499 557 winbindd_free_response(&gr_response); … … 502 560 request.data.num_entries = MAX_GETGRENT_GROUPS; 503 561 504 wbc_status = wbcRequestResponse( WINBINDD_GETGRENT, &request,505 & gr_response);506 507 BAIL_ON_WBC_ERROR(wbc_status); 508 509 gr_cache_size = gr_response.data.num_entries;562 wbc_status = wbcRequestResponse(ctx, WINBINDD_GETGRENT, 563 &request, &gr_response); 564 565 BAIL_ON_WBC_ERROR(wbc_status); 566 567 ctx->gr_cache_size = gr_response.data.num_entries; 510 568 511 569 return_result: … … 513 571 wb_gr = (struct winbindd_gr *) gr_response.extra_data.data; 514 572 515 mem_ofs = wb_gr[ gr_cache_idx].gr_mem_ofs +516 gr_cache_size * sizeof(struct winbindd_gr);517 518 *grp = copy_group_entry(&wb_gr[ gr_cache_idx],573 mem_ofs = wb_gr[ctx->gr_cache_idx].gr_mem_ofs + 574 ctx->gr_cache_size * sizeof(struct winbindd_gr); 575 576 *grp = copy_group_entry(&wb_gr[ctx->gr_cache_idx], 519 577 ((char *)gr_response.extra_data.data)+mem_ofs); 520 578 521 579 BAIL_ON_PTR_ERROR(*grp, wbc_status); 522 580 523 gr_cache_idx++;581 ctx->gr_cache_idx++; 524 582 525 583 done: … … 527 585 } 528 586 587 wbcErr wbcGetgrent(struct group **grp) 588 { 589 return wbcCtxGetgrent(NULL, grp); 590 } 591 529 592 /* Return the next struct group* entry from the pwent iterator */ 530 wbcErr wbc Getgrlist(struct group **grp)593 wbcErr wbcCtxGetgrlist(struct wbcContext *ctx, struct group **grp) 531 594 { 532 595 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 534 597 struct winbindd_gr *wb_gr; 535 598 599 if (!ctx) { 600 ctx = wbcGetGlobalCtx(); 601 } 602 536 603 /* If there's a cached result, return that. */ 537 if ( gr_cache_idx <gr_cache_size) {604 if (ctx->gr_cache_idx < ctx->gr_cache_size) { 538 605 goto return_result; 539 606 } … … 541 608 /* Otherwise, query winbindd for some entries. */ 542 609 543 gr_cache_idx = 0;610 ctx->gr_cache_idx = 0; 544 611 545 612 winbindd_free_response(&gr_response); … … 549 616 request.data.num_entries = MAX_GETGRENT_GROUPS; 550 617 551 wbc_status = wbcRequestResponse( WINBINDD_GETGRLST, &request,552 & gr_response);553 554 BAIL_ON_WBC_ERROR(wbc_status); 555 556 gr_cache_size = gr_response.data.num_entries;618 wbc_status = wbcRequestResponse(ctx, WINBINDD_GETGRLST, 619 &request, &gr_response); 620 621 BAIL_ON_WBC_ERROR(wbc_status); 622 623 ctx->gr_cache_size = gr_response.data.num_entries; 557 624 558 625 return_result: … … 560 627 wb_gr = (struct winbindd_gr *) gr_response.extra_data.data; 561 628 562 *grp = copy_group_entry(&wb_gr[ gr_cache_idx], NULL);629 *grp = copy_group_entry(&wb_gr[ctx->gr_cache_idx], NULL); 563 630 564 631 BAIL_ON_PTR_ERROR(*grp, wbc_status); 565 632 566 gr_cache_idx++;633 ctx->gr_cache_idx++; 567 634 568 635 done: … … 570 637 } 571 638 639 wbcErr wbcGetgrlist(struct group **grp) 640 { 641 return wbcCtxGetgrlist(NULL, grp); 642 } 643 572 644 /* Return the unix group array belonging to the given user */ 573 wbcErr wbcGetGroups(const char *account, 574 uint32_t *num_groups, 575 gid_t **_groups) 645 wbcErr wbcCtxGetGroups(struct wbcContext *ctx, const char *account, 646 uint32_t *num_groups, gid_t **_groups) 576 647 { 577 648 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 595 666 strncpy(request.data.username, account, sizeof(request.data.username)-1); 596 667 597 wbc_status = wbcRequestResponse( WINBINDD_GETGROUPS,668 wbc_status = wbcRequestResponse(ctx, WINBINDD_GETGROUPS, 598 669 &request, 599 670 &response); … … 619 690 return wbc_status; 620 691 } 692 693 wbcErr wbcGetGroups(const char *account, uint32_t *num_groups, gid_t **_groups) 694 { 695 return wbcCtxGetGroups(NULL, account, num_groups, _groups); 696 } -
vendor/current/nsswitch/libwbclient/wbc_sid.c
r860 r988 33 33 int wbcSidToStringBuf(const struct wbcDomainSid *sid, char *buf, int buflen) 34 34 { 35 uint 32_t id_auth;35 uint64_t id_auth; 36 36 int i, ofs; 37 37 … … 41 41 } 42 42 43 /* 44 * BIG NOTE: this function only does SIDS where the identauth is not 45 * >= ^32 in a range of 2^48. 46 */ 47 48 id_auth = sid->id_auth[5] + 49 (sid->id_auth[4] << 8) + 50 (sid->id_auth[3] << 16) + 51 (sid->id_auth[2] << 24); 52 53 ofs = snprintf(buf, buflen, "S-%u-%lu", 54 (unsigned int)sid->sid_rev_num, (unsigned long)id_auth); 43 id_auth = (uint64_t)sid->id_auth[5] + 44 ((uint64_t)sid->id_auth[4] << 8) + 45 ((uint64_t)sid->id_auth[3] << 16) + 46 ((uint64_t)sid->id_auth[2] << 24) + 47 ((uint64_t)sid->id_auth[1] << 32) + 48 ((uint64_t)sid->id_auth[0] << 40); 49 50 ofs = snprintf(buf, buflen, "S-%hhu-", (unsigned char)sid->sid_rev_num); 51 if (id_auth >= UINT32_MAX) { 52 ofs += snprintf(buf + ofs, MAX(buflen - ofs, 0), "0x%llx", 53 (unsigned long long)id_auth); 54 } else { 55 ofs += snprintf(buf + ofs, MAX(buflen - ofs, 0), "%llu", 56 (unsigned long long)id_auth); 57 } 55 58 56 59 for (i = 0; i < sid->num_auths; i++) { 57 ofs += snprintf(buf + ofs, MAX(buflen - ofs, 0), "-% lu",58 (unsigned long)sid->sub_auths[i]);60 ofs += snprintf(buf + ofs, MAX(buflen - ofs, 0), "-%u", 61 (unsigned int)sid->sub_auths[i]); 59 62 } 60 63 return ofs; … … 89 92 } 90 93 94 #define AUTHORITY_MASK (~(0xffffffffffffULL)) 95 91 96 /* Convert a character string to a binary SID */ 92 97 wbcErr wbcStringToSid(const char *str, … … 95 100 const char *p; 96 101 char *q; 97 uint 32_t x;102 uint64_t x; 98 103 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 99 104 … … 116 121 117 122 p = str+2; 118 x = (uint 32_t)strtol(p, &q, 10);119 if (x==0 || !q || *q!='-') {123 x = (uint64_t)strtoul(p, &q, 10); 124 if (x==0 || x > UINT8_MAX || !q || *q!='-') { 120 125 wbc_status = WBC_ERR_INVALID_SID; 121 126 BAIL_ON_WBC_ERROR(wbc_status); … … 123 128 sid->sid_rev_num = (uint8_t)x; 124 129 125 /* Next the Identifier Authority. This is stored in big-endian 126 in a 6 byte array. */ 127 130 /* 131 * Next the Identifier Authority. This is stored big-endian in a 132 * 6 byte array. If the authority value is >= UINT_MAX, then it should 133 * be expressed as a hex value, according to MS-DTYP. 134 */ 128 135 p = q+1; 129 x = (uint32_t)strtol(p, &q, 10);130 if (!q || *q!='-' ) {136 x = strtoull(p, &q, 0); 137 if (!q || *q!='-' || (x & AUTHORITY_MASK)) { 131 138 wbc_status = WBC_ERR_INVALID_SID; 132 139 BAIL_ON_WBC_ERROR(wbc_status); 133 140 } 134 sid->id_auth[5] = (x & 0x000000 ff);135 sid->id_auth[4] = (x & 0x0000 ff00) >> 8;136 sid->id_auth[3] = (x & 0x00 ff0000) >> 16;137 sid->id_auth[2] = (x & 0x ff000000) >> 24;138 sid->id_auth[1] = 0;139 sid->id_auth[0] = 0;141 sid->id_auth[5] = (x & 0x0000000000ffULL); 142 sid->id_auth[4] = (x & 0x00000000ff00ULL) >> 8; 143 sid->id_auth[3] = (x & 0x000000ff0000ULL) >> 16; 144 sid->id_auth[2] = (x & 0x0000ff000000ULL) >> 24; 145 sid->id_auth[1] = (x & 0x00ff00000000ULL) >> 32; 146 sid->id_auth[0] = (x & 0xff0000000000ULL) >> 40; 140 147 141 148 /* now read the the subauthorities */ 142 143 149 p = q +1; 144 150 sid->num_auths = 0; 145 151 while (sid->num_auths < WBC_MAXSUBAUTHS) { 146 x =(uint32_t)strtoul(p, &q, 10);152 x = strtoull(p, &q, 10); 147 153 if (p == q) 148 154 break; 149 if ( q == NULL) {155 if (x > UINT32_MAX) { 150 156 wbc_status = WBC_ERR_INVALID_SID; 151 157 BAIL_ON_WBC_ERROR(wbc_status); … … 175 181 176 182 /* Convert a domain and name to SID */ 183 wbcErr wbcCtxLookupName(struct wbcContext *ctx, 184 const char *domain, 185 const char *name, 186 struct wbcDomainSid *sid, 187 enum wbcSidType *name_type) 188 { 189 struct winbindd_request request; 190 struct winbindd_response response; 191 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 192 193 if (!sid || !name_type) { 194 wbc_status = WBC_ERR_INVALID_PARAM; 195 BAIL_ON_WBC_ERROR(wbc_status); 196 } 197 198 /* Initialize request */ 199 200 ZERO_STRUCT(request); 201 ZERO_STRUCT(response); 202 203 /* dst is already null terminated from the memset above */ 204 205 strncpy(request.data.name.dom_name, domain, 206 sizeof(request.data.name.dom_name)-1); 207 strncpy(request.data.name.name, name, 208 sizeof(request.data.name.name)-1); 209 210 wbc_status = wbcRequestResponse(ctx, WINBINDD_LOOKUPNAME, 211 &request, 212 &response); 213 BAIL_ON_WBC_ERROR(wbc_status); 214 215 wbc_status = wbcStringToSid(response.data.sid.sid, sid); 216 BAIL_ON_WBC_ERROR(wbc_status); 217 218 *name_type = (enum wbcSidType)response.data.sid.type; 219 220 wbc_status = WBC_ERR_SUCCESS; 221 222 done: 223 return wbc_status; 224 } 225 177 226 wbcErr wbcLookupName(const char *domain, 178 227 const char *name, … … 180 229 enum wbcSidType *name_type) 181 230 { 182 struct winbindd_request request; 183 struct winbindd_response response; 184 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 185 186 if (!sid || !name_type) { 187 wbc_status = WBC_ERR_INVALID_PARAM; 188 BAIL_ON_WBC_ERROR(wbc_status); 189 } 190 191 /* Initialize request */ 192 193 ZERO_STRUCT(request); 194 ZERO_STRUCT(response); 195 196 /* dst is already null terminated from the memset above */ 197 198 strncpy(request.data.name.dom_name, domain, 199 sizeof(request.data.name.dom_name)-1); 200 strncpy(request.data.name.name, name, 201 sizeof(request.data.name.name)-1); 202 203 wbc_status = wbcRequestResponse(WINBINDD_LOOKUPNAME, 204 &request, 205 &response); 206 BAIL_ON_WBC_ERROR(wbc_status); 207 208 wbc_status = wbcStringToSid(response.data.sid.sid, sid); 209 BAIL_ON_WBC_ERROR(wbc_status); 210 211 *name_type = (enum wbcSidType)response.data.sid.type; 212 213 wbc_status = WBC_ERR_SUCCESS; 214 215 done: 216 return wbc_status; 231 return wbcCtxLookupName(NULL, domain, name, sid, name_type); 217 232 } 218 233 219 234 220 235 /* Convert a SID to a domain and name */ 221 wbcErr wbcLookupSid(const struct wbcDomainSid *sid, 222 char **pdomain, 223 char **pname, 224 enum wbcSidType *pname_type) 236 wbcErr wbcCtxLookupSid(struct wbcContext *ctx, 237 const struct wbcDomainSid *sid, 238 char **pdomain, 239 char **pname, 240 enum wbcSidType *pname_type) 225 241 { 226 242 struct winbindd_request request; … … 242 258 /* Make request */ 243 259 244 wbc_status = wbcRequestResponse(WINBINDD_LOOKUPSID, &request, 260 wbc_status = wbcRequestResponse(ctx, WINBINDD_LOOKUPSID, 261 &request, 245 262 &response); 246 263 if (!WBC_ERROR_IS_OK(wbc_status)) { … … 280 297 } 281 298 299 wbcErr wbcLookupSid(const struct wbcDomainSid *sid, 300 char **pdomain, 301 char **pname, 302 enum wbcSidType *pname_type) 303 { 304 return wbcCtxLookupSid(NULL, sid, pdomain, pname, pname_type); 305 } 306 282 307 static void wbcDomainInfosDestructor(void *ptr) 283 308 { … … 296 321 297 322 while (n->name != NULL) { 298 free(n->name);323 wbcFreeMemory(n->name); 299 324 n += 1; 300 325 } 301 326 } 302 327 303 wbcErr wbcLookupSids(const struct wbcDomainSid *sids, int num_sids, 304 struct wbcDomainInfo **pdomains, int *pnum_domains, 305 struct wbcTranslatedName **pnames) 328 wbcErr wbcCtxLookupSids(struct wbcContext *ctx, 329 const struct wbcDomainSid *sids, int num_sids, 330 struct wbcDomainInfo **pdomains, int *pnum_domains, 331 struct wbcTranslatedName **pnames) 306 332 { 307 333 struct winbindd_request request; … … 345 371 request.extra_len = p - sidlist; 346 372 347 wbc_status = wbcRequestResponse( WINBINDD_LOOKUPSIDS,373 wbc_status = wbcRequestResponse(ctx, WINBINDD_LOOKUPSIDS, 348 374 &request, &response); 349 375 free(sidlist); … … 470 496 } 471 497 498 wbcErr wbcLookupSids(const struct wbcDomainSid *sids, int num_sids, 499 struct wbcDomainInfo **pdomains, int *pnum_domains, 500 struct wbcTranslatedName **pnames) 501 { 502 return wbcCtxLookupSids(NULL, sids, num_sids, pdomains, 503 pnum_domains, pnames); 504 } 505 472 506 /* Translate a collection of RIDs within a domain to names */ 473 507 474 wbcErr wbc LookupRids(struct wbcDomainSid *dom_sid,508 wbcErr wbcCtxLookupRids(struct wbcContext *ctx, struct wbcDomainSid *dom_sid, 475 509 int num_rids, 476 510 uint32_t *rids, … … 522 556 request.extra_len = len; 523 557 524 wbc_status = wbcRequestResponse( WINBINDD_LOOKUPRIDS,558 wbc_status = wbcRequestResponse(ctx, WINBINDD_LOOKUPRIDS, 525 559 &request, 526 560 &response); … … 594 628 } 595 629 630 wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, 631 int num_rids, 632 uint32_t *rids, 633 const char **pp_domain_name, 634 const char ***pnames, 635 enum wbcSidType **ptypes) 636 { 637 return wbcCtxLookupRids(NULL, dom_sid, num_rids, rids, 638 pp_domain_name, pnames, ptypes); 639 } 640 596 641 /* Get the groups a user belongs to */ 597 wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, 598 bool domain_groups_only, 599 uint32_t *num_sids, 600 struct wbcDomainSid **_sids) 642 wbcErr wbcCtxLookupUserSids(struct wbcContext *ctx, 643 const struct wbcDomainSid *user_sid, 644 bool domain_groups_only, 645 uint32_t *num_sids, 646 struct wbcDomainSid **_sids) 601 647 { 602 648 uint32_t i; … … 626 672 } 627 673 628 wbc_status = wbcRequestResponse(c md,674 wbc_status = wbcRequestResponse(ctx, cmd, 629 675 &request, 630 676 &response); … … 667 713 } 668 714 715 wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, 716 bool domain_groups_only, 717 uint32_t *num_sids, 718 struct wbcDomainSid **_sids) 719 { 720 return wbcCtxLookupUserSids(NULL, user_sid, domain_groups_only, 721 num_sids, _sids); 722 } 723 669 724 static inline 670 725 wbcErr _sid_to_rid(struct wbcDomainSid *sid, uint32_t *rid) … … 679 734 680 735 /* Get alias membership for sids */ 681 wbcErr wbcGetSidAliases(const struct wbcDomainSid *dom_sid, 682 struct wbcDomainSid *sids, 683 uint32_t num_sids, 684 uint32_t **alias_rids, 685 uint32_t *num_alias_rids) 736 wbcErr wbcCtxGetSidAliases(struct wbcContext *ctx, 737 const struct wbcDomainSid *dom_sid, 738 struct wbcDomainSid *sids, 739 uint32_t num_sids, 740 uint32_t **alias_rids, 741 uint32_t *num_alias_rids) 686 742 { 687 743 uint32_t i; … … 744 800 request.extra_len = extra_data_len; 745 801 746 wbc_status = wbcRequestResponse( WINBINDD_GETSIDALIASES,802 wbc_status = wbcRequestResponse(ctx, WINBINDD_GETSIDALIASES, 747 803 &request, 748 804 &response); … … 784 840 } 785 841 842 wbcErr wbcGetSidAliases(const struct wbcDomainSid *dom_sid, 843 struct wbcDomainSid *sids, 844 uint32_t num_sids, 845 uint32_t **alias_rids, 846 uint32_t *num_alias_rids) 847 { 848 return wbcCtxGetSidAliases(NULL, dom_sid, sids, num_sids, 849 alias_rids, num_alias_rids); 850 } 851 786 852 787 853 /* Lists Users */ 788 wbcErr wbcListUsers(const char *domain_name, 789 uint32_t *_num_users, 790 const char ***_users) 854 wbcErr wbcCtxListUsers(struct wbcContext *ctx, 855 const char *domain_name, 856 uint32_t *_num_users, 857 const char ***_users) 791 858 { 792 859 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 807 874 } 808 875 809 wbc_status = wbcRequestResponse( WINBINDD_LIST_USERS,876 wbc_status = wbcRequestResponse(ctx, WINBINDD_LIST_USERS, 810 877 &request, 811 878 &response); … … 859 926 } 860 927 928 wbcErr wbcListUsers(const char *domain_name, 929 uint32_t *_num_users, 930 const char ***_users) 931 { 932 return wbcCtxListUsers(NULL, domain_name, _num_users, _users); 933 } 934 861 935 /* Lists Groups */ 862 wbcErr wbcListGroups(const char *domain_name, 863 uint32_t *_num_groups, 864 const char ***_groups) 936 wbcErr wbcCtxListGroups(struct wbcContext *ctx, 937 const char *domain_name, 938 uint32_t *_num_groups, 939 const char ***_groups) 865 940 { 866 941 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 881 956 } 882 957 883 wbc_status = wbcRequestResponse( WINBINDD_LIST_GROUPS,958 wbc_status = wbcRequestResponse(ctx, WINBINDD_LIST_GROUPS, 884 959 &request, 885 960 &response); … … 933 1008 } 934 1009 935 wbcErr wbcGetDisplayName(const struct wbcDomainSid *sid, 936 char **pdomain, 937 char **pfullname, 938 enum wbcSidType *pname_type) 1010 wbcErr wbcListGroups(const char *domain_name, 1011 uint32_t *_num_groups, 1012 const char ***_groups) 1013 { 1014 return wbcCtxListGroups(NULL, domain_name, _num_groups, _groups); 1015 } 1016 1017 wbcErr wbcCtxGetDisplayName(struct wbcContext *ctx, 1018 const struct wbcDomainSid *sid, 1019 char **pdomain, 1020 char **pfullname, 1021 enum wbcSidType *pname_type) 939 1022 { 940 1023 wbcErr wbc_status; … … 943 1026 enum wbcSidType name_type; 944 1027 945 wbc_status = wbc LookupSid(sid, &domain, &name, &name_type);1028 wbc_status = wbcCtxLookupSid(ctx, sid, &domain, &name, &name_type); 946 1029 BAIL_ON_WBC_ERROR(wbc_status); 947 1030 … … 950 1033 struct passwd *pwd; 951 1034 952 wbc_status = wbc SidToUid(sid, &uid);953 BAIL_ON_WBC_ERROR(wbc_status); 954 955 wbc_status = wbc Getpwuid(uid, &pwd);1035 wbc_status = wbcCtxSidToUid(ctx, sid, &uid); 1036 BAIL_ON_WBC_ERROR(wbc_status); 1037 1038 wbc_status = wbcCtxGetpwuid(ctx, uid, &pwd); 956 1039 BAIL_ON_WBC_ERROR(wbc_status); 957 1040 … … 976 1059 977 1060 return wbc_status; 1061 } 1062 1063 wbcErr wbcGetDisplayName(const struct wbcDomainSid *sid, 1064 char **pdomain, 1065 char **pfullname, 1066 enum wbcSidType *pname_type) 1067 { 1068 return wbcCtxGetDisplayName(NULL, sid, pdomain, pfullname, pname_type); 978 1069 } 979 1070 -
vendor/current/nsswitch/libwbclient/wbc_util.c
r740 r988 29 29 /** @brief Ping winbindd to see if the daemon is running 30 30 * 31 * @param *ctx wbclient Context 32 * 31 33 * @return #wbcErr 32 34 **/ 33 wbcErr wbc Ping(void)35 wbcErr wbcCtxPing(struct wbcContext *ctx) 34 36 { 35 37 struct winbindd_request request; … … 41 43 ZERO_STRUCT(response); 42 44 43 return wbcRequestResponse(WINBINDD_PING, &request, &response); 45 return wbcRequestResponse(ctx, WINBINDD_PING, &request, &response); 46 } 47 48 wbcErr wbcPing(void) 49 { 50 return wbcCtxPing(NULL); 44 51 } 45 52 … … 61 68 */ 62 69 63 wbcErr wbcInterfaceDetails(struct wbcInterfaceDetails **_details) 70 wbcErr wbcCtxInterfaceDetails(struct wbcContext *ctx, 71 struct wbcInterfaceDetails **_details) 64 72 { 65 73 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 80 88 81 89 /* first the interface version */ 82 wbc_status = wbcRequestResponse(WINBINDD_INTERFACE_VERSION, NULL, &response); 90 wbc_status = wbcRequestResponse(ctx, WINBINDD_INTERFACE_VERSION, 91 NULL, &response); 83 92 BAIL_ON_WBC_ERROR(wbc_status); 84 93 info->interface_version = response.data.interface_version; 85 94 86 95 /* then the samba version and the winbind separator */ 87 wbc_status = wbcRequestResponse( WINBINDD_INFO, NULL, &response);96 wbc_status = wbcRequestResponse(ctx, WINBINDD_INFO, NULL, &response); 88 97 BAIL_ON_WBC_ERROR(wbc_status); 89 98 … … 93 102 94 103 /* then the local netbios name */ 95 wbc_status = wbcRequestResponse(WINBINDD_NETBIOS_NAME, NULL, &response); 104 wbc_status = wbcRequestResponse(ctx, WINBINDD_NETBIOS_NAME, 105 NULL, &response); 96 106 BAIL_ON_WBC_ERROR(wbc_status); 97 107 … … 100 110 101 111 /* then the local workgroup name */ 102 wbc_status = wbcRequestResponse(WINBINDD_DOMAIN_NAME, NULL, &response); 112 wbc_status = wbcRequestResponse(ctx, WINBINDD_DOMAIN_NAME, 113 NULL, &response); 103 114 BAIL_ON_WBC_ERROR(wbc_status); 104 115 … … 106 117 BAIL_ON_PTR_ERROR(info->netbios_domain, wbc_status); 107 118 108 wbc_status = wbc DomainInfo(info->netbios_domain, &domain);119 wbc_status = wbcCtxDomainInfo(ctx, info->netbios_domain, &domain); 109 120 if (wbc_status == WBC_ERR_DOMAIN_NOT_FOUND) { 110 121 /* maybe it's a standalone server */ … … 131 142 wbcFreeMemory(info); 132 143 return wbc_status; 144 } 145 146 wbcErr wbcInterfaceDetails(struct wbcInterfaceDetails **_details) 147 { 148 return wbcCtxInterfaceDetails(NULL, _details); 133 149 } 134 150 … … 148 164 */ 149 165 150 wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo) 166 wbcErr wbcCtxDomainInfo(struct wbcContext *ctx, 167 const char *domain, 168 struct wbcDomainInfo **dinfo) 151 169 { 152 170 struct winbindd_request request; … … 168 186 sizeof(request.domain_name)-1); 169 187 170 wbc_status = wbcRequestResponse( WINBINDD_DOMAIN_INFO,188 wbc_status = wbcRequestResponse(ctx, WINBINDD_DOMAIN_INFO, 171 189 &request, 172 190 &response); … … 204 222 } 205 223 224 wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo) 225 { 226 return wbcCtxDomainInfo(NULL, domain, dinfo); 227 } 228 206 229 /* Get the list of current DCs */ 207 wbcErr wbcDcInfo(const char *domain, size_t *num_dcs, 208 const char ***dc_names, const char ***dc_ips) 230 wbcErr wbcCtxDcInfo(struct wbcContext *ctx, 231 const char *domain, size_t *num_dcs, 232 const char ***dc_names, const char ***dc_ips) 209 233 { 210 234 struct winbindd_request request; … … 227 251 } 228 252 229 wbc_status = wbcRequestResponse( WINBINDD_DC_INFO,253 wbc_status = wbcRequestResponse(ctx, WINBINDD_DC_INFO, 230 254 &request, &response); 231 255 BAIL_ON_WBC_ERROR(wbc_status); … … 291 315 } 292 316 317 wbcErr wbcDcInfo(const char *domain, size_t *num_dcs, 318 const char ***dc_names, const char ***dc_ips) 319 { 320 return wbcCtxDcInfo(NULL, domain, num_dcs, dc_names, dc_ips); 321 } 322 293 323 /* Resolve a NetbiosName via WINS */ 294 wbcErr wbcResolveWinsByName(const char *name, char **ip) 324 wbcErr wbcCtxResolveWinsByName(struct wbcContext *ctx, 325 const char *name, char **ip) 295 326 { 296 327 struct winbindd_request request; … … 307 338 sizeof(request.data.winsreq)-1); 308 339 309 wbc_status = wbcRequestResponse( WINBINDD_WINS_BYNAME,340 wbc_status = wbcRequestResponse(ctx, WINBINDD_WINS_BYNAME, 310 341 &request, 311 342 &response); … … 324 355 } 325 356 357 wbcErr wbcResolveWinsByName(const char *name, char **ip) 358 { 359 return wbcCtxResolveWinsByName(NULL, name, ip); 360 } 361 326 362 /* Resolve an IP address via WINS into a NetbiosName */ 327 wbcErr wbcResolveWinsByIP(const char *ip, char **name) 363 wbcErr wbcCtxResolveWinsByIP(struct wbcContext *ctx, 364 const char *ip, char **name) 328 365 { 329 366 struct winbindd_request request; … … 340 377 sizeof(request.data.winsreq)-1); 341 378 342 wbc_status = wbcRequestResponse( WINBINDD_WINS_BYIP,379 wbc_status = wbcRequestResponse(ctx, WINBINDD_WINS_BYIP, 343 380 &request, 344 381 &response); … … 355 392 done: 356 393 return wbc_status; 394 } 395 396 wbcErr wbcResolveWinsByIP(const char *ip, char **name) 397 { 398 return wbcCtxResolveWinsByIP(NULL, ip, name); 357 399 } 358 400 … … 467 509 468 510 /* Online/Offline status */ 469 470 511 r = s; 471 if (r == NULL) {472 wbc_status = WBC_ERR_INVALID_RESPONSE;473 BAIL_ON_WBC_ERROR(wbc_status);474 }475 512 if ( strcmp(r, "Offline") == 0) { 476 513 info->domain_flags |= WBC_DOMINFO_DOMAIN_OFFLINE; … … 495 532 496 533 /* Enumerate the domain trusts known by Winbind */ 497 wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains) 534 wbcErr wbcCtxListTrusts(struct wbcContext *ctx, 535 struct wbcDomainInfo **domains, size_t *num_domains) 498 536 { 499 537 struct winbindd_response response; … … 511 549 /* Send request */ 512 550 513 wbc_status = wbcRequestResponse( WINBINDD_LIST_TRUSTDOM,551 wbc_status = wbcRequestResponse(ctx, WINBINDD_LIST_TRUSTDOM, 514 552 NULL, 515 553 &response); … … 565 603 } 566 604 605 wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains) 606 { 607 return wbcCtxListTrusts(NULL, domains, num_domains); 608 } 609 567 610 static void wbcDomainControllerInfoDestructor(void *ptr) 568 611 { … … 573 616 574 617 /* Enumerate the domain trusts known by Winbind */ 575 wbcErr wbc LookupDomainController(const char *domain,576 uint32_t flags,577 struct wbcDomainControllerInfo **dc_info)618 wbcErr wbcCtxLookupDomainController(struct wbcContext *ctx, 619 const char *domain, uint32_t flags, 620 struct wbcDomainControllerInfo **dc_info) 578 621 { 579 622 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; … … 604 647 /* Send request */ 605 648 606 wbc_status = wbcRequestResponse( WINBINDD_DSGETDCNAME,649 wbc_status = wbcRequestResponse(ctx, WINBINDD_DSGETDCNAME, 607 650 &request, 608 651 &response); … … 620 663 } 621 664 665 wbcErr wbcLookupDomainController(const char *domain, uint32_t flags, 666 struct wbcDomainControllerInfo **dc_info) 667 { 668 return wbcCtxLookupDomainController(NULL, domain, flags, dc_info); 669 } 670 622 671 static void wbcDomainControllerInfoExDestructor(void *ptr) 623 672 { 624 673 struct wbcDomainControllerInfoEx *i = 625 674 (struct wbcDomainControllerInfoEx *)ptr; 626 free( (char *)(i->dc_unc));627 free( (char *)(i->dc_address));628 free( (char *)(i->domain_guid));629 free( (char *)(i->domain_name));630 free( (char *)(i->forest_name));631 free( (char *)(i->dc_site_name));632 free( (char *)(i->client_site_name));675 free(discard_const_p(char, i->dc_unc)); 676 free(discard_const_p(char, i->dc_address)); 677 free(discard_const_p(char, i->domain_guid)); 678 free(discard_const_p(char, i->domain_name)); 679 free(discard_const_p(char, i->forest_name)); 680 free(discard_const_p(char, i->dc_site_name)); 681 free(discard_const_p(char, i->client_site_name)); 633 682 } 634 683 … … 694 743 695 744 /* Get extended domain controller information */ 745 wbcErr wbcCtxLookupDomainControllerEx(struct wbcContext *ctx, 746 const char *domain, 747 struct wbcGuid *guid, 748 const char *site, 749 uint32_t flags, 750 struct wbcDomainControllerInfoEx **dc_info) 751 { 752 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 753 struct winbindd_request request; 754 struct winbindd_response response; 755 756 /* validate input params */ 757 758 if (!domain || !dc_info) { 759 wbc_status = WBC_ERR_INVALID_PARAM; 760 BAIL_ON_WBC_ERROR(wbc_status); 761 } 762 763 ZERO_STRUCT(request); 764 ZERO_STRUCT(response); 765 766 request.data.dsgetdcname.flags = flags; 767 768 strncpy(request.data.dsgetdcname.domain_name, domain, 769 sizeof(request.data.dsgetdcname.domain_name)-1); 770 771 if (site) { 772 strncpy(request.data.dsgetdcname.site_name, site, 773 sizeof(request.data.dsgetdcname.site_name)-1); 774 } 775 776 if (guid) { 777 char *str = NULL; 778 779 wbc_status = wbcGuidToString(guid, &str); 780 BAIL_ON_WBC_ERROR(wbc_status); 781 782 strncpy(request.data.dsgetdcname.domain_guid, str, 783 sizeof(request.data.dsgetdcname.domain_guid)-1); 784 785 wbcFreeMemory(str); 786 } 787 788 /* Send request */ 789 790 wbc_status = wbcRequestResponse(ctx, WINBINDD_DSGETDCNAME, 791 &request, 792 &response); 793 BAIL_ON_WBC_ERROR(wbc_status); 794 795 if (dc_info) { 796 wbc_status = wbc_create_domain_controller_info_ex(&response, 797 dc_info); 798 BAIL_ON_WBC_ERROR(wbc_status); 799 } 800 801 wbc_status = WBC_ERR_SUCCESS; 802 done: 803 return wbc_status; 804 } 805 696 806 wbcErr wbcLookupDomainControllerEx(const char *domain, 697 807 struct wbcGuid *guid, … … 700 810 struct wbcDomainControllerInfoEx **dc_info) 701 811 { 702 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 703 struct winbindd_request request; 704 struct winbindd_response response; 705 706 /* validate input params */ 707 708 if (!domain || !dc_info) { 709 wbc_status = WBC_ERR_INVALID_PARAM; 710 BAIL_ON_WBC_ERROR(wbc_status); 711 } 712 713 ZERO_STRUCT(request); 714 ZERO_STRUCT(response); 715 716 request.data.dsgetdcname.flags = flags; 717 718 strncpy(request.data.dsgetdcname.domain_name, domain, 719 sizeof(request.data.dsgetdcname.domain_name)-1); 720 721 if (site) { 722 strncpy(request.data.dsgetdcname.site_name, site, 723 sizeof(request.data.dsgetdcname.site_name)-1); 724 } 725 726 if (guid) { 727 char *str = NULL; 728 729 wbc_status = wbcGuidToString(guid, &str); 730 BAIL_ON_WBC_ERROR(wbc_status); 731 732 strncpy(request.data.dsgetdcname.domain_guid, str, 733 sizeof(request.data.dsgetdcname.domain_guid)-1); 734 735 wbcFreeMemory(str); 736 } 737 738 /* Send request */ 739 740 wbc_status = wbcRequestResponse(WINBINDD_DSGETDCNAME, 741 &request, 742 &response); 743 BAIL_ON_WBC_ERROR(wbc_status); 744 745 if (dc_info) { 746 wbc_status = wbc_create_domain_controller_info_ex(&response, 747 dc_info); 748 BAIL_ON_WBC_ERROR(wbc_status); 749 } 750 751 wbc_status = WBC_ERR_SUCCESS; 752 done: 753 return wbc_status; 812 return wbcCtxLookupDomainControllerEx(NULL, domain, guid, site, 813 flags, dc_info); 754 814 } 755 815 … … 759 819 760 820 while (b->name != NULL) { 761 free( (char *)(b->name));821 free(discard_const_p(char, b->name)); 762 822 free(b->blob.data); 763 823 b += 1; -
vendor/current/nsswitch/libwbclient/wbclient.c
r740 r988 5 5 6 6 Copyright (C) Gerald (Jerry) Carter 2007 7 Copyright (C) Matthew Newton 2015 7 8 8 9 … … 28 29 /* From wb_common.c */ 29 30 30 NSS_STATUS winbindd_request_response(int req_type, 31 struct winbindd_context; 32 33 NSS_STATUS winbindd_request_response(struct winbindd_context *wbctx, 34 int req_type, 31 35 struct winbindd_request *request, 32 36 struct winbindd_response *response); 33 NSS_STATUS winbindd_priv_request_response(int req_type, 37 NSS_STATUS winbindd_priv_request_response(struct winbindd_context *wbctx, 38 int req_type, 34 39 struct winbindd_request *request, 35 40 struct winbindd_response *response); 41 struct winbindd_context *winbindd_ctx_create(void); 42 void winbindd_ctx_free(struct winbindd_context *ctx); 43 44 /* Global context used for non-Ctx functions */ 45 46 static struct wbcContext wbcGlobalCtx = { 47 .winbindd_ctx = NULL, 48 .pw_cache_size = 0, 49 .pw_cache_idx = 0, 50 .gr_cache_size = 0, 51 .gr_cache_idx = 0 52 }; 36 53 37 54 /* … … 49 66 50 67 static wbcErr wbcRequestResponseInt( 68 struct winbindd_context *wbctx, 51 69 int cmd, 52 70 struct winbindd_request *request, 53 71 struct winbindd_response *response, 54 NSS_STATUS (*fn)( int req_type,72 NSS_STATUS (*fn)(struct winbindd_context *wbctx, int req_type, 55 73 struct winbindd_request *request, 56 74 struct winbindd_response *response)) … … 61 79 /* for some calls the request and/or response can be NULL */ 62 80 63 nss_status = fn( cmd, request, response);81 nss_status = fn(wbctx, cmd, request, response); 64 82 65 83 switch (nss_status) { … … 84 102 * @brief Wrapper around Winbind's send/receive API call 85 103 * 104 * @param ctx Context 86 105 * @param cmd Winbind command operation to perform 87 106 * @param request Send structure … … 90 109 * @return #wbcErr 91 110 */ 92 wbcErr wbcRequestResponse( int cmd,111 wbcErr wbcRequestResponse(struct wbcContext *ctx, int cmd, 93 112 struct winbindd_request *request, 94 113 struct winbindd_response *response) 95 114 { 96 return wbcRequestResponseInt(cmd, request, response, 115 struct winbindd_context *wbctx = NULL; 116 117 if (ctx) { 118 wbctx = ctx->winbindd_ctx; 119 } 120 121 return wbcRequestResponseInt(wbctx, cmd, request, response, 97 122 winbindd_request_response); 98 123 } 99 124 100 wbcErr wbcRequestResponsePriv( int cmd,125 wbcErr wbcRequestResponsePriv(struct wbcContext *ctx, int cmd, 101 126 struct winbindd_request *request, 102 127 struct winbindd_response *response) 103 128 { 104 return wbcRequestResponseInt(cmd, request, response, 129 struct winbindd_context *wbctx = NULL; 130 131 if (ctx) { 132 wbctx = ctx->winbindd_ctx; 133 } 134 135 return wbcRequestResponseInt(wbctx, cmd, request, response, 105 136 winbindd_priv_request_response); 106 137 } … … 258 289 return WBC_ERR_SUCCESS; 259 290 } 291 292 /* Context handling functions */ 293 294 static void wbcContextDestructor(void *ptr) 295 { 296 struct wbcContext *ctx = (struct wbcContext *)ptr; 297 298 winbindd_ctx_free(ctx->winbindd_ctx); 299 } 300 301 struct wbcContext *wbcCtxCreate(void) 302 { 303 struct wbcContext *ctx; 304 struct winbindd_context *wbctx; 305 306 ctx = (struct wbcContext *)wbcAllocateMemory( 307 1, sizeof(struct wbcContext), wbcContextDestructor); 308 309 if (!ctx) { 310 return NULL; 311 } 312 313 wbctx = winbindd_ctx_create(); 314 315 if (!wbctx) { 316 wbcFreeMemory(ctx); 317 return NULL; 318 } 319 320 ctx->winbindd_ctx = wbctx; 321 322 return ctx; 323 } 324 325 void wbcCtxFree(struct wbcContext *ctx) 326 { 327 wbcFreeMemory(ctx); 328 } 329 330 struct wbcContext *wbcGetGlobalCtx(void) 331 { 332 return &wbcGlobalCtx; 333 } -
vendor/current/nsswitch/libwbclient/wbclient.h
r740 r988 6 6 Copyright (C) Gerald (Jerry) Carter 2007 7 7 Copyright (C) Volker Lendecke 2009 8 Copyright (C) Matthew Newton 2015 8 9 9 10 This library is free software; you can redistribute it and/or … … 69 70 * 0.7: Added wbcSidToStringBuf() 70 71 * 0.8: Added wbcSidsToUnixIds() and wbcLookupSids() 72 * 0.9: Added support for WBC_ID_TYPE_BOTH 73 * 0.10: Added wbcPingDc2() 74 * 0.11: Extended wbcAuthenticateUserEx to provide PAC parsing 75 * 0.12: Added wbcCtxCreate and friends 71 76 **/ 72 77 #define WBCLIENT_MAJOR_VERSION 0 73 #define WBCLIENT_MINOR_VERSION 878 #define WBCLIENT_MINOR_VERSION 12 74 79 #define WBCLIENT_VENDOR_VERSION "Samba libwbclient" 75 80 struct wbcLibraryDetails { … … 91 96 char *dns_domain; 92 97 }; 98 99 /** 100 * @brief Library context data 101 * 102 **/ 103 104 struct wbcContext; 93 105 94 106 /* … … 196 208 197 209 /** 210 * @brief Generic Blob 211 **/ 212 213 struct wbcBlob { 214 uint8_t *data; 215 size_t length; 216 }; 217 218 /** 219 * @brief Named Blob 220 **/ 221 222 struct wbcNamedBlob { 223 const char *name; 224 uint32_t flags; 225 struct wbcBlob blob; 226 }; 227 228 /** 198 229 * @brief Auth User Parameters 199 230 **/ … … 211 242 WBC_AUTH_USER_LEVEL_PLAIN = 1, 212 243 WBC_AUTH_USER_LEVEL_HASH = 2, 213 WBC_AUTH_USER_LEVEL_RESPONSE = 3 244 WBC_AUTH_USER_LEVEL_RESPONSE = 3, 245 WBC_AUTH_USER_LEVEL_PAC = 4 214 246 } level; 215 247 union { … … 226 258 uint8_t *lm_data; 227 259 } response; 260 struct wbcBlob pac; 228 261 } password; 229 };230 231 /**232 * @brief Generic Blob233 **/234 235 struct wbcBlob {236 uint8_t *data;237 size_t length;238 };239 240 /**241 * @brief Named Blob242 **/243 244 struct wbcNamedBlob {245 const char *name;246 uint32_t flags;247 struct wbcBlob blob;248 262 }; 249 263 … … 519 533 520 534 535 /********************************************************** 536 * Context Management 537 **********************************************************/ 538 539 /** 540 * @brief Create a new wbcContext context 541 * 542 * @return wbcContext 543 **/ 544 struct wbcContext *wbcCtxCreate(void); 545 546 /** 547 * @brief Free a library context 548 * 549 * @param ctx wbcContext to free 550 * 551 * @return void 552 **/ 553 void wbcCtxFree(struct wbcContext *ctx); 554 555 556 521 557 /* 522 558 * Utility functions for dealing with SIDs … … 596 632 * @brief Ping winbindd to see if the daemon is running 597 633 * 634 * @param *ctx wbclient Context 635 * 636 * @return #wbcErr 637 **/ 638 wbcErr wbcCtxPing(struct wbcContext *ctx); 639 640 /** 641 * @brief Ping winbindd to see if the daemon is running 642 * 598 643 * @return #wbcErr 599 644 **/ … … 602 647 wbcErr wbcLibraryDetails(struct wbcLibraryDetails **details); 603 648 649 wbcErr wbcCtxInterfaceDetails(struct wbcContext *ctx, 650 struct wbcInterfaceDetails **details); 604 651 wbcErr wbcInterfaceDetails(struct wbcInterfaceDetails **details); 605 652 … … 611 658 * @brief Convert a domain and name to SID 612 659 * 660 * @param *ctx wbclient Context 613 661 * @param dom_name Domain name (possibly "") 614 662 * @param name User or group name … … 618 666 * @return #wbcErr 619 667 **/ 668 wbcErr wbcCtxLookupName(struct wbcContext *ctx, 669 const char *dom_name, 670 const char *name, 671 struct wbcDomainSid *sid, 672 enum wbcSidType *name_type); 673 674 /** 675 * @brief Convert a domain and name to SID 676 * 677 * @param dom_name Domain name (possibly "") 678 * @param name User or group name 679 * @param *sid Pointer to the resolved domain SID 680 * @param *name_type Pointer to the SID type 681 * 682 * @return #wbcErr 683 **/ 620 684 wbcErr wbcLookupName(const char *dom_name, 621 685 const char *name, … … 626 690 * @brief Convert a SID to a domain and name 627 691 * 628 * @param *sid Pointer to the domain SID to be resolved 692 * @param *ctx wbclient Context 693 * @param *sid Pointer to the domain SID to be resolved 694 * @param domain Resolved Domain name (possibly "") 695 * @param name Resolved User or group name 696 * @param *name_type Pointer to the resolved SID type 697 * 698 * @return #wbcErr 699 **/ 700 wbcErr wbcCtxLookupSid(struct wbcContext *ctx, 701 const struct wbcDomainSid *sid, 702 char **domain, 703 char **name, 704 enum wbcSidType *name_type); 705 706 /** 707 * @brief Convert a SID to a domain and name 708 * 709 * @param *sid Pointer to the domain SID to be resolved 629 710 * @param domain Resolved Domain name (possibly "") 630 711 * @param name Resolved User or group name … … 644 725 }; 645 726 727 wbcErr wbcCtxLookupSids(struct wbcContext *ctx, 728 const struct wbcDomainSid *sids, int num_sids, 729 struct wbcDomainInfo **domains, int *num_domains, 730 struct wbcTranslatedName **names); 731 646 732 wbcErr wbcLookupSids(const struct wbcDomainSid *sids, int num_sids, 647 733 struct wbcDomainInfo **domains, int *num_domains, 648 734 struct wbcTranslatedName **names); 735 736 /** 737 * @brief Translate a collection of RIDs within a domain to names 738 */ 739 wbcErr wbcCtxLookupRids(struct wbcContext *ctx, 740 struct wbcDomainSid *dom_sid, 741 int num_rids, 742 uint32_t *rids, 743 const char **domain_name, 744 const char ***names, 745 enum wbcSidType **types); 649 746 650 747 /** … … 661 758 * @brief Get the groups a user belongs to 662 759 **/ 760 wbcErr wbcCtxLookupUserSids(struct wbcContext *ctx, 761 const struct wbcDomainSid *user_sid, 762 bool domain_groups_only, 763 uint32_t *num_sids, 764 struct wbcDomainSid **sids); 765 766 /* 767 * @brief Get the groups a user belongs to 768 **/ 663 769 wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, 664 770 bool domain_groups_only, 665 771 uint32_t *num_sids, 666 772 struct wbcDomainSid **sids); 773 774 /* 775 * @brief Get alias membership for sids 776 **/ 777 wbcErr wbcCtxGetSidAliases(struct wbcContext *ctx, 778 const struct wbcDomainSid *dom_sid, 779 struct wbcDomainSid *sids, 780 uint32_t num_sids, 781 uint32_t **alias_rids, 782 uint32_t *num_alias_rids); 667 783 668 784 /* … … 678 794 * @brief Lists Users 679 795 **/ 796 wbcErr wbcCtxListUsers(struct wbcContext *ctx, 797 const char *domain_name, 798 uint32_t *num_users, 799 const char ***users); 800 801 /** 802 * @brief Lists Users 803 **/ 680 804 wbcErr wbcListUsers(const char *domain_name, 681 805 uint32_t *num_users, … … 685 809 * @brief Lists Groups 686 810 **/ 811 wbcErr wbcCtxListGroups(struct wbcContext *ctx, 812 const char *domain_name, 813 uint32_t *num_groups, 814 const char ***groups); 815 816 /** 817 * @brief Lists Groups 818 **/ 687 819 wbcErr wbcListGroups(const char *domain_name, 688 820 uint32_t *num_groups, 689 821 const char ***groups); 822 823 wbcErr wbcCtxGetDisplayName(struct wbcContext *ctx, 824 const struct wbcDomainSid *sid, 825 char **pdomain, 826 char **pfullname, 827 enum wbcSidType *pname_type); 690 828 691 829 wbcErr wbcGetDisplayName(const struct wbcDomainSid *sid, … … 701 839 * @brief Convert a Windows SID to a Unix uid, allocating an uid if needed 702 840 * 841 * @param *ctx wbclient Context 703 842 * @param *sid Pointer to the domain SID to be resolved 704 843 * @param *puid Pointer to the resolved uid_t value … … 707 846 * 708 847 **/ 848 wbcErr wbcCtxSidToUid(struct wbcContext *ctx, 849 const struct wbcDomainSid *sid, 850 uid_t *puid); 851 852 /** 853 * @brief Convert a Windows SID to a Unix uid, allocating an uid if needed 854 * 855 * @param *sid Pointer to the domain SID to be resolved 856 * @param *puid Pointer to the resolved uid_t value 857 * 858 * @return #wbcErr 859 * 860 **/ 709 861 wbcErr wbcSidToUid(const struct wbcDomainSid *sid, 710 862 uid_t *puid); … … 725 877 * @brief Convert a Unix uid to a Windows SID, allocating a SID if needed 726 878 * 879 * @param *ctx wbclient Context 727 880 * @param uid Unix uid to be resolved 728 881 * @param *sid Pointer to the resolved domain SID … … 731 884 * 732 885 **/ 886 wbcErr wbcCtxUidToSid(struct wbcContext *ctx, uid_t uid, 887 struct wbcDomainSid *sid); 888 889 /** 890 * @brief Convert a Unix uid to a Windows SID, allocating a SID if needed 891 * 892 * @param uid Unix uid to be resolved 893 * @param *sid Pointer to the resolved domain SID 894 * 895 * @return #wbcErr 896 * 897 **/ 733 898 wbcErr wbcUidToSid(uid_t uid, 734 899 struct wbcDomainSid *sid); … … 749 914 * @brief Convert a Windows SID to a Unix gid, allocating a gid if needed 750 915 * 916 * @param *ctx wbclient Context 751 917 * @param *sid Pointer to the domain SID to be resolved 752 918 * @param *pgid Pointer to the resolved gid_t value … … 755 921 * 756 922 **/ 923 wbcErr wbcCtxSidToGid(struct wbcContext *ctx, 924 const struct wbcDomainSid *sid, 925 gid_t *pgid); 926 927 /** 928 * @brief Convert a Windows SID to a Unix gid, allocating a gid if needed 929 * 930 * @param *sid Pointer to the domain SID to be resolved 931 * @param *pgid Pointer to the resolved gid_t value 932 * 933 * @return #wbcErr 934 * 935 **/ 757 936 wbcErr wbcSidToGid(const struct wbcDomainSid *sid, 758 937 gid_t *pgid); … … 769 948 wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid, 770 949 gid_t *pgid); 950 951 /** 952 * @brief Convert a Unix gid to a Windows SID, allocating a SID if needed 953 * 954 * @param *ctx wbclient Context 955 * @param gid Unix gid to be resolved 956 * @param *sid Pointer to the resolved domain SID 957 * 958 * @return #wbcErr 959 * 960 **/ 961 wbcErr wbcCtxGidToSid(struct wbcContext *ctx, gid_t gid, 962 struct wbcDomainSid *sid); 771 963 772 964 /** … … 797 989 WBC_ID_TYPE_NOT_SPECIFIED, 798 990 WBC_ID_TYPE_UID, 799 WBC_ID_TYPE_GID 991 WBC_ID_TYPE_GID, 992 WBC_ID_TYPE_BOTH 800 993 }; 801 994 … … 813 1006 * @brief Convert a list of sids to unix ids 814 1007 * 1008 * @param *ctx wbclient Context 815 1009 * @param sids Pointer to an array of SIDs to convert 816 1010 * @param num_sids Number of SIDs … … 820 1014 * 821 1015 **/ 1016 wbcErr wbcCtxSidsToUnixIds(struct wbcContext *ctx, 1017 const struct wbcDomainSid *sids, uint32_t num_sids, 1018 struct wbcUnixId *ids); 1019 1020 /** 1021 * @brief Convert a list of sids to unix ids 1022 * 1023 * @param sids Pointer to an array of SIDs to convert 1024 * @param num_sids Number of SIDs 1025 * @param ids Preallocated output array for translated IDs 1026 * 1027 * @return #wbcErr 1028 * 1029 **/ 822 1030 wbcErr wbcSidsToUnixIds(const struct wbcDomainSid *sids, uint32_t num_sids, 823 1031 struct wbcUnixId *ids); … … 826 1034 * @brief Obtain a new uid from Winbind 827 1035 * 828 * @param *puid *pointer to the allocated uid 1036 * @param *ctx wbclient Context 1037 * @param *puid Pointer to the allocated uid 1038 * 1039 * @return #wbcErr 1040 **/ 1041 wbcErr wbcCtxAllocateUid(struct wbcContext *ctx, uid_t *puid); 1042 1043 /** 1044 * @brief Obtain a new uid from Winbind 1045 * 1046 * @param *puid Pointer to the allocated uid 829 1047 * 830 1048 * @return #wbcErr … … 835 1053 * @brief Obtain a new gid from Winbind 836 1054 * 837 * @param *pgid Pointer to the allocated gid 1055 * @param *ctx wbclient Context 1056 * @param *pgid Pointer to the allocated gid 1057 * 1058 * @return #wbcErr 1059 **/ 1060 wbcErr wbcCtxAllocateGid(struct wbcContext *ctx, gid_t *pgid); 1061 1062 /** 1063 * @brief Obtain a new gid from Winbind 1064 * 1065 * @param *pgid Pointer to the allocated gid 838 1066 * 839 1067 * @return #wbcErr … … 845 1073 * 846 1074 * @param uid Uid of the desired mapping. 847 * @param *sid Pointer to the sid of the d iresired mapping.1075 * @param *sid Pointer to the sid of the desired mapping. 848 1076 * 849 1077 * @return #wbcErr … … 858 1086 * 859 1087 * @param gid Gid of the desired mapping. 860 * @param *sid Pointer to the sid of the d iresired mapping.1088 * @param *sid Pointer to the sid of the desired mapping. 861 1089 * 862 1090 * @return #wbcErr … … 925 1153 * on username 926 1154 * 1155 * @param *ctx wbclient Context 927 1156 * @param *name Username to lookup 928 1157 * @param **pwd Pointer to resulting struct passwd* from the query. … … 930 1159 * @return #wbcErr 931 1160 **/ 1161 wbcErr wbcCtxGetpwnam(struct wbcContext *ctx, 1162 const char *name, struct passwd **pwd); 1163 1164 /** 1165 * @brief Fill in a struct passwd* for a domain user based 1166 * on username 1167 * 1168 * @param *name Username to lookup 1169 * @param **pwd Pointer to resulting struct passwd* from the query. 1170 * 1171 * @return #wbcErr 1172 **/ 932 1173 wbcErr wbcGetpwnam(const char *name, struct passwd **pwd); 933 1174 … … 936 1177 * on uid 937 1178 * 1179 * @param *ctx wbclient Context 938 1180 * @param uid Uid to lookup 939 1181 * @param **pwd Pointer to resulting struct passwd* from the query. … … 941 1183 * @return #wbcErr 942 1184 **/ 1185 wbcErr wbcCtxGetpwuid(struct wbcContext *ctx, 1186 uid_t uid, struct passwd **pwd); 1187 1188 /** 1189 * @brief Fill in a struct passwd* for a domain user based 1190 * on uid 1191 * 1192 * @param uid Uid to lookup 1193 * @param **pwd Pointer to resulting struct passwd* from the query. 1194 * 1195 * @return #wbcErr 1196 **/ 943 1197 wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd); 944 1198 … … 947 1201 * on sid 948 1202 * 1203 * @param *ctx wbclient Context 949 1204 * @param sid Sid to lookup 950 1205 * @param **pwd Pointer to resulting struct passwd* from the query. … … 952 1207 * @return #wbcErr 953 1208 **/ 1209 wbcErr wbcCtxGetpwsid(struct wbcContext *ctx, 1210 struct wbcDomainSid * sid, struct passwd **pwd); 1211 1212 /** 1213 * @brief Fill in a struct passwd* for a domain user based 1214 * on sid 1215 * 1216 * @param sid Sid to lookup 1217 * @param **pwd Pointer to resulting struct passwd* from the query. 1218 * 1219 * @return #wbcErr 1220 **/ 954 1221 wbcErr wbcGetpwsid(struct wbcDomainSid * sid, struct passwd **pwd); 955 1222 … … 958 1225 * on username 959 1226 * 1227 * @param *ctx wbclient Context 960 1228 * @param *name Username to lookup 961 1229 * @param **grp Pointer to resulting struct group* from the query. … … 963 1231 * @return #wbcErr 964 1232 **/ 1233 wbcErr wbcCtxGetgrnam(struct wbcContext *ctx, 1234 const char *name, struct group **grp); 1235 1236 /** 1237 * @brief Fill in a struct passwd* for a domain user based 1238 * on username 1239 * 1240 * @param *name Username to lookup 1241 * @param **grp Pointer to resulting struct group* from the query. 1242 * 1243 * @return #wbcErr 1244 **/ 965 1245 wbcErr wbcGetgrnam(const char *name, struct group **grp); 966 1246 … … 969 1249 * on uid 970 1250 * 1251 * @param *ctx wbclient Context 971 1252 * @param gid Uid to lookup 972 1253 * @param **grp Pointer to resulting struct group* from the query. … … 974 1255 * @return #wbcErr 975 1256 **/ 1257 wbcErr wbcCtxGetgrgid(struct wbcContext *ctx, 1258 gid_t gid, struct group **grp); 1259 1260 /** 1261 * @brief Fill in a struct passwd* for a domain user based 1262 * on uid 1263 * 1264 * @param gid Uid to lookup 1265 * @param **grp Pointer to resulting struct group* from the query. 1266 * 1267 * @return #wbcErr 1268 **/ 976 1269 wbcErr wbcGetgrgid(gid_t gid, struct group **grp); 977 1270 … … 979 1272 * @brief Reset the passwd iterator 980 1273 * 1274 * @param *ctx wbclient Context 1275 * 1276 * @return #wbcErr 1277 **/ 1278 wbcErr wbcCtxSetpwent(struct wbcContext *ctx); 1279 1280 /** 1281 * @brief Reset the passwd iterator 1282 * 981 1283 * @return #wbcErr 982 1284 **/ … … 986 1288 * @brief Close the passwd iterator 987 1289 * 1290 * @param *ctx wbclient Context 1291 * 1292 * @return #wbcErr 1293 **/ 1294 wbcErr wbcCtxEndpwent(struct wbcContext *ctx); 1295 1296 /** 1297 * @brief Close the passwd iterator 1298 * 988 1299 * @return #wbcErr 989 1300 **/ … … 993 1304 * @brief Return the next struct passwd* entry from the pwent iterator 994 1305 * 995 * @param **pwd Pointer to resulting struct passwd* from the query. 1306 * @param *ctx wbclient Context 1307 * @param **pwd Pointer to resulting struct passwd* from the query. 1308 * 1309 * @return #wbcErr 1310 **/ 1311 wbcErr wbcCtxGetpwent(struct wbcContext *ctx, struct passwd **pwd); 1312 1313 /** 1314 * @brief Return the next struct passwd* entry from the pwent iterator 1315 * 1316 * @param **pwd Pointer to resulting struct passwd* from the query. 996 1317 * 997 1318 * @return #wbcErr … … 1002 1323 * @brief Reset the group iterator 1003 1324 * 1325 * @param *ctx wbclient Context 1326 * 1327 * @return #wbcErr 1328 **/ 1329 wbcErr wbcCtxSetgrent(struct wbcContext *ctx); 1330 1331 /** 1332 * @brief Reset the group iterator 1333 * 1004 1334 * @return #wbcErr 1005 1335 **/ … … 1009 1339 * @brief Close the group iterator 1010 1340 * 1341 * @param *ctx wbclient Context 1342 * 1343 * @return #wbcErr 1344 **/ 1345 wbcErr wbcCtxEndgrent(struct wbcContext *ctx); 1346 1347 /** 1348 * @brief Close the group iterator 1349 * 1011 1350 * @return #wbcErr 1012 1351 **/ … … 1016 1355 * @brief Return the next struct group* entry from the pwent iterator 1017 1356 * 1018 * @param **grp Pointer to resulting struct group* from the query. 1357 * @param *ctx wbclient Context 1358 * @param **grp Pointer to resulting struct group* from the query. 1359 * 1360 * @return #wbcErr 1361 **/ 1362 wbcErr wbcCtxGetgrent(struct wbcContext *ctx, struct group **grp); 1363 1364 /** 1365 * @brief Return the next struct group* entry from the pwent iterator 1366 * 1367 * @param **grp Pointer to resulting struct group* from the query. 1019 1368 * 1020 1369 * @return #wbcErr … … 1027 1376 * This is similar to #wbcGetgrent, just that the member list is empty 1028 1377 * 1029 * @param **grp Pointer to resulting struct group* from the query. 1378 * @param *ctx wbclient Context 1379 * @param **grp Pointer to resulting struct group* from the query. 1380 * 1381 * @return #wbcErr 1382 **/ 1383 wbcErr wbcCtxGetgrlist(struct wbcContext *ctx, struct group **grp); 1384 1385 /** 1386 * @brief Return the next struct group* entry from the pwent iterator 1387 * 1388 * This is similar to #wbcGetgrent, just that the member list is empty 1389 * 1390 * @param **grp Pointer to resulting struct group* from the query. 1030 1391 * 1031 1392 * @return #wbcErr … … 1036 1397 * @brief Return the unix group array belonging to the given user 1037 1398 * 1399 * @param *ctx wbclient Context 1038 1400 * @param *account The given user name 1039 1401 * @param *num_groups Number of elements returned in the groups array … … 1042 1404 * @return #wbcErr 1043 1405 **/ 1406 wbcErr wbcCtxGetGroups(struct wbcContext *ctx, 1407 const char *account, 1408 uint32_t *num_groups, 1409 gid_t **_groups); 1410 1411 /** 1412 * @brief Return the unix group array belonging to the given user 1413 * 1414 * @param *account The given user name 1415 * @param *num_groups Number of elements returned in the groups array 1416 * @param **_groups Pointer to resulting gid_t array. 1417 * 1418 * @return #wbcErr 1419 **/ 1044 1420 wbcErr wbcGetGroups(const char *account, 1045 1421 uint32_t *num_groups, … … 1054 1430 * @brief Lookup the current status of a trusted domain 1055 1431 * 1056 * @param domain The domain to query 1432 * @param *ctx wbclient Context 1433 * @param domain The domain to query 1434 * 1435 * @param dinfo A pointer to store the returned domain_info struct. 1436 * 1437 * @return #wbcErr 1438 **/ 1439 wbcErr wbcCtxDomainInfo(struct wbcContext *ctx, 1440 const char *domain, 1441 struct wbcDomainInfo **dinfo); 1442 1443 /** 1444 * @brief Lookup the current status of a trusted domain 1445 * 1446 * @param domain The domain to query 1057 1447 * 1058 1448 * @param dinfo A pointer to store the returned domain_info struct. … … 1066 1456 * @brief Lookup the currently contacted DCs 1067 1457 * 1458 * @param *ctx wbclient Context 1068 1459 * @param domain The domain to query 1069 1460 * … … 1074 1465 * @return #wbcErr 1075 1466 **/ 1467 wbcErr wbcCtxDcInfo(struct wbcContext *ctx, 1468 const char *domain, size_t *num_dcs, 1469 const char ***dc_names, const char ***dc_ips); 1470 1471 /** 1472 * @brief Lookup the currently contacted DCs 1473 * 1474 * @param domain The domain to query 1475 * 1476 * @param num_dcs Number of DCs currently known 1477 * @param dc_names Names of the currently known DCs 1478 * @param dc_ips IP addresses of the currently known DCs 1479 * 1480 * @return #wbcErr 1481 **/ 1076 1482 wbcErr wbcDcInfo(const char *domain, size_t *num_dcs, 1077 1483 const char ***dc_names, const char ***dc_ips); 1484 1485 /** 1486 * @brief Enumerate the domain trusts known by Winbind 1487 * 1488 * @param *ctx wbclient Context 1489 * @param **domains Pointer to the allocated domain list array 1490 * @param *num_domains Pointer to number of domains returned 1491 * 1492 * @return #wbcErr 1493 **/ 1494 wbcErr wbcCtxListTrusts(struct wbcContext *ctx, 1495 struct wbcDomainInfo **domains, 1496 size_t *num_domains); 1078 1497 1079 1498 /** … … 1113 1532 * @brief Enumerate the domain trusts known by Winbind 1114 1533 * 1534 * @param *ctx wbclient Context 1115 1535 * @param domain Name of the domain to query for a DC 1116 1536 * @param flags Bit flags used to control the domain location query … … 1119 1539 * @return #wbcErr 1120 1540 **/ 1541 wbcErr wbcCtxLookupDomainController(struct wbcContext *ctx, 1542 const char *domain, 1543 uint32_t flags, 1544 struct wbcDomainControllerInfo **dc_info); 1545 1546 /** 1547 * @brief Enumerate the domain trusts known by Winbind 1548 * 1549 * @param domain Name of the domain to query for a DC 1550 * @param flags Bit flags used to control the domain location query 1551 * @param *dc_info Pointer to the returned domain controller information 1552 * 1553 * @return #wbcErr 1554 **/ 1121 1555 wbcErr wbcLookupDomainController(const char *domain, 1122 1556 uint32_t flags, … … 1126 1560 * @brief Get extended domain controller information 1127 1561 * 1562 * @param *ctx wbclient Context 1128 1563 * @param domain Name of the domain to query for a DC 1129 1564 * @param guid Guid of the domain to query for a DC … … 1134 1569 * @return #wbcErr 1135 1570 **/ 1571 wbcErr wbcCtxLookupDomainControllerEx(struct wbcContext *ctx, 1572 const char *domain, 1573 struct wbcGuid *guid, 1574 const char *site, 1575 uint32_t flags, 1576 struct wbcDomainControllerInfoEx **dc_info); 1577 1578 /** 1579 * @brief Get extended domain controller information 1580 * 1581 * @param domain Name of the domain to query for a DC 1582 * @param guid Guid of the domain to query for a DC 1583 * @param site Site of the domain to query for a DC 1584 * @param flags Bit flags used to control the domain location query 1585 * @param *dc_info Pointer to the returned extended domain controller information 1586 * 1587 * @return #wbcErr 1588 **/ 1136 1589 wbcErr wbcLookupDomainControllerEx(const char *domain, 1137 1590 struct wbcGuid *guid, … … 1147 1600 * @brief Authenticate a username/password pair 1148 1601 * 1602 * @param *ctx wbclient Context 1149 1603 * @param username Name of user to authenticate 1150 1604 * @param password Clear text password os user … … 1152 1606 * @return #wbcErr 1153 1607 **/ 1608 wbcErr wbcCtxAuthenticateUser(struct wbcContext *ctx, 1609 const char *username, 1610 const char *password); 1611 1612 /** 1613 * @brief Authenticate a username/password pair 1614 * 1615 * @param username Name of user to authenticate 1616 * @param password Clear text password os user 1617 * 1618 * @return #wbcErr 1619 **/ 1154 1620 wbcErr wbcAuthenticateUser(const char *username, 1155 1621 const char *password); … … 1158 1624 * @brief Authenticate with more detailed information 1159 1625 * 1626 * @param *ctx wbclient Context 1160 1627 * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH 1161 1628 * is not supported yet … … 1165 1632 * @return #wbcErr 1166 1633 **/ 1634 wbcErr wbcCtxAuthenticateUserEx(struct wbcContext *ctx, 1635 const struct wbcAuthUserParams *params, 1636 struct wbcAuthUserInfo **info, 1637 struct wbcAuthErrorInfo **error); 1638 1639 /** 1640 * @brief Authenticate with more detailed information 1641 * 1642 * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH 1643 * is not supported yet 1644 * @param info Output details on WBC_ERR_SUCCESS 1645 * @param error Output details on WBC_ERR_AUTH_ERROR 1646 * 1647 * @return #wbcErr 1648 **/ 1167 1649 wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, 1168 1650 struct wbcAuthUserInfo **info, … … 1172 1654 * @brief Logon a User 1173 1655 * 1656 * @param[in] *ctx wbclient Context 1174 1657 * @param[in] params Pointer to a wbcLogonUserParams structure 1175 1658 * @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure … … 1179 1662 * @return #wbcErr 1180 1663 **/ 1664 wbcErr wbcCtxLogonUser(struct wbcContext *ctx, 1665 const struct wbcLogonUserParams *params, 1666 struct wbcLogonUserInfo **info, 1667 struct wbcAuthErrorInfo **error, 1668 struct wbcUserPasswordPolicyInfo **policy); 1669 1670 /** 1671 * @brief Logon a User 1672 * 1673 * @param[in] params Pointer to a wbcLogonUserParams structure 1674 * @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure 1675 * @param[out] error Pointer to a pointer to a wbcAuthErrorInfo structure 1676 * @param[out] policy Pointer to a pointer to a wbcUserPasswordPolicyInfo structure 1677 * 1678 * @return #wbcErr 1679 **/ 1181 1680 wbcErr wbcLogonUser(const struct wbcLogonUserParams *params, 1182 1681 struct wbcLogonUserInfo **info, … … 1187 1686 * @brief Trigger a logoff notification to Winbind for a specific user 1188 1687 * 1688 * @param *ctx wbclient Context 1189 1689 * @param username Name of user to remove from Winbind's list of 1190 1690 * logged on users. … … 1195 1695 * @return #wbcErr 1196 1696 **/ 1697 wbcErr wbcCtxLogoffUser(struct wbcContext *ctx, 1698 const char *username, uid_t uid, 1699 const char *ccfilename); 1700 1701 /** 1702 * @brief Trigger a logoff notification to Winbind for a specific user 1703 * 1704 * @param username Name of user to remove from Winbind's list of 1705 * logged on users. 1706 * @param uid Uid assigned to the username 1707 * @param ccfilename Absolute path to the Krb5 credentials cache to 1708 * be removed 1709 * 1710 * @return #wbcErr 1711 **/ 1197 1712 wbcErr wbcLogoffUser(const char *username, 1198 1713 uid_t uid, … … 1202 1717 * @brief Trigger an extended logoff notification to Winbind for a specific user 1203 1718 * 1719 * @param *ctx wbclient Context 1204 1720 * @param params A wbcLogoffUserParams structure 1205 1721 * @param error User output details on error … … 1207 1723 * @return #wbcErr 1208 1724 **/ 1725 wbcErr wbcCtxLogoffUserEx(struct wbcContext *ctx, 1726 const struct wbcLogoffUserParams *params, 1727 struct wbcAuthErrorInfo **error); 1728 1729 /** 1730 * @brief Trigger an extended logoff notification to Winbind for a specific user 1731 * 1732 * @param params A wbcLogoffUserParams structure 1733 * @param error User output details on error 1734 * 1735 * @return #wbcErr 1736 **/ 1209 1737 wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, 1210 1738 struct wbcAuthErrorInfo **error); … … 1213 1741 * @brief Change a password for a user 1214 1742 * 1743 * @param *ctx wbclient Context 1215 1744 * @param username Name of user to authenticate 1216 1745 * @param old_password Old clear text password of user … … 1219 1748 * @return #wbcErr 1220 1749 **/ 1750 wbcErr wbcCtxChangeUserPassword(struct wbcContext *ctx, 1751 const char *username, 1752 const char *old_password, 1753 const char *new_password); 1754 1755 /** 1756 * @brief Change a password for a user 1757 * 1758 * @param username Name of user to authenticate 1759 * @param old_password Old clear text password of user 1760 * @param new_password New clear text password of user 1761 * 1762 * @return #wbcErr 1763 **/ 1221 1764 wbcErr wbcChangeUserPassword(const char *username, 1222 1765 const char *old_password, … … 1227 1770 * failure 1228 1771 * 1772 * @param *ctx wbclient Context 1229 1773 * @param params Input parameters 1230 1774 * @param error User output details on WBC_ERR_PWD_CHANGE_FAILED … … 1234 1778 * @return #wbcErr 1235 1779 **/ 1780 wbcErr wbcCtxChangeUserPasswordEx(struct wbcContext *ctx, 1781 const struct wbcChangePasswordParams *params, 1782 struct wbcAuthErrorInfo **error, 1783 enum wbcPasswordChangeRejectReason *reject_reason, 1784 struct wbcUserPasswordPolicyInfo **policy); 1785 1786 /** 1787 * @brief Change a password for a user with more detailed information upon 1788 * failure 1789 * 1790 * @param params Input parameters 1791 * @param error User output details on WBC_ERR_PWD_CHANGE_FAILED 1792 * @param reject_reason New password reject reason on WBC_ERR_PWD_CHANGE_FAILED 1793 * @param policy Password policy output details on WBC_ERR_PWD_CHANGE_FAILED 1794 * 1795 * @return #wbcErr 1796 **/ 1236 1797 wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, 1237 1798 struct wbcAuthErrorInfo **error, … … 1242 1803 * @brief Authenticate a user with cached credentials 1243 1804 * 1805 * @param *ctx wbclient Context 1244 1806 * @param *params Pointer to a wbcCredentialCacheParams structure 1245 1807 * @param **info Pointer to a pointer to a wbcCredentialCacheInfo structure … … 1248 1810 * @return #wbcErr 1249 1811 **/ 1812 wbcErr wbcCtxCredentialCache(struct wbcContext *ctx, 1813 struct wbcCredentialCacheParams *params, 1814 struct wbcCredentialCacheInfo **info, 1815 struct wbcAuthErrorInfo **error); 1816 1817 /** 1818 * @brief Authenticate a user with cached credentials 1819 * 1820 * @param *params Pointer to a wbcCredentialCacheParams structure 1821 * @param **info Pointer to a pointer to a wbcCredentialCacheInfo structure 1822 * @param **error Pointer to a pointer to a wbcAuthErrorInfo structure 1823 * 1824 * @return #wbcErr 1825 **/ 1250 1826 wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params, 1251 1827 struct wbcCredentialCacheInfo **info, … … 1255 1831 * @brief Save a password with winbind for doing wbcCredentialCache() later 1256 1832 * 1833 * @param *ctx wbclient Context 1834 * @param *user Username 1835 * @param *password Password 1836 * 1837 * @return #wbcErr 1838 **/ 1839 wbcErr wbcCtxCredentialSave(struct wbcContext *ctx, 1840 const char *user, const char *password); 1841 1842 /** 1843 * @brief Save a password with winbind for doing wbcCredentialCache() later 1844 * 1257 1845 * @param *user Username 1258 1846 * @param *password Password … … 1269 1857 * @brief Resolve a NetbiosName via WINS 1270 1858 * 1859 * @param *ctx wbclient Context 1271 1860 * @param name Name to resolve 1272 1861 * @param *ip Pointer to the ip address string … … 1274 1863 * @return #wbcErr 1275 1864 **/ 1865 wbcErr wbcCtxResolveWinsByName(struct wbcContext *ctx, 1866 const char *name, char **ip); 1867 1868 /** 1869 * @brief Resolve a NetbiosName via WINS 1870 * 1871 * @param name Name to resolve 1872 * @param *ip Pointer to the ip address string 1873 * 1874 * @return #wbcErr 1875 **/ 1276 1876 wbcErr wbcResolveWinsByName(const char *name, char **ip); 1277 1877 … … 1279 1879 * @brief Resolve an IP address via WINS into a NetbiosName 1280 1880 * 1281 * @param ip The ip address string 1282 * @param *name Pointer to the name 1881 * @param *ctx wbclient Context 1882 * @param ip The ip address string 1883 * @param *name Pointer to the name 1884 * 1885 * @return #wbcErr 1886 * 1887 **/ 1888 wbcErr wbcCtxResolveWinsByIP(struct wbcContext *ctx, 1889 const char *ip, char **name); 1890 1891 /** 1892 * @brief Resolve an IP address via WINS into a NetbiosName 1893 * 1894 * @param ip The ip address string 1895 * @param *name Pointer to the name 1283 1896 * 1284 1897 * @return #wbcErr … … 1294 1907 * @brief Trigger a verification of the trust credentials of a specific domain 1295 1908 * 1909 * @param *ctx wbclient Context 1296 1910 * @param *domain The name of the domain. 1297 1911 * @param error Output details on WBC_ERR_AUTH_ERROR … … 1299 1913 * @return #wbcErr 1300 1914 **/ 1915 wbcErr wbcCtxCheckTrustCredentials(struct wbcContext *ctx, const char *domain, 1916 struct wbcAuthErrorInfo **error); 1917 1918 /** 1919 * @brief Trigger a verification of the trust credentials of a specific domain 1920 * 1921 * @param *domain The name of the domain. 1922 * @param error Output details on WBC_ERR_AUTH_ERROR 1923 * 1924 * @return #wbcErr 1925 **/ 1301 1926 wbcErr wbcCheckTrustCredentials(const char *domain, 1302 1927 struct wbcAuthErrorInfo **error); … … 1305 1930 * @brief Trigger a change of the trust credentials for a specific domain 1306 1931 * 1932 * @param *ctx wbclient Context 1307 1933 * @param *domain The name of the domain. 1308 1934 * @param error Output details on WBC_ERR_AUTH_ERROR … … 1310 1936 * @return #wbcErr 1311 1937 **/ 1938 wbcErr wbcCtxChangeTrustCredentials(struct wbcContext *ctx, const char *domain, 1939 struct wbcAuthErrorInfo **error); 1940 1941 /** 1942 * @brief Trigger a change of the trust credentials for a specific domain 1943 * 1944 * @param *domain The name of the domain. 1945 * @param error Output details on WBC_ERR_AUTH_ERROR 1946 * 1947 * @return #wbcErr 1948 **/ 1312 1949 wbcErr wbcChangeTrustCredentials(const char *domain, 1313 1950 struct wbcAuthErrorInfo **error); … … 1317 1954 * version of wbcCheckTrustCredentials 1318 1955 * 1956 * @param *ctx wbclient Context 1319 1957 * @param *domain The name of the domain, only NULL for the default domain is 1320 1958 * supported yet. Other values than NULL will result in … … 1324 1962 * @return #wbcErr 1325 1963 **/ 1964 wbcErr wbcCtxPingDc(struct wbcContext *ctx, const char *domain, 1965 struct wbcAuthErrorInfo **error); 1966 1967 /** 1968 * @brief Trigger a no-op call through the NETLOGON pipe. Low-cost 1969 * version of wbcCheckTrustCredentials 1970 * 1971 * @param *domain The name of the domain, only NULL for the default domain is 1972 * supported yet. Other values than NULL will result in 1973 * WBC_ERR_NOT_IMPLEMENTED. 1974 * @param error Output details on WBC_ERR_AUTH_ERROR 1975 * 1976 * @return #wbcErr 1977 **/ 1326 1978 wbcErr wbcPingDc(const char *domain, struct wbcAuthErrorInfo **error); 1979 1980 /** 1981 * @brief Trigger a no-op call through the NETLOGON pipe. Low-cost 1982 * version of wbcCheckTrustCredentials 1983 * 1984 * @param *ctx wbclient Context 1985 * @param *domain The name of the domain, only NULL for the default domain is 1986 * supported yet. Other values than NULL will result in 1987 * WBC_ERR_NOT_IMPLEMENTED. 1988 * @param error Output details on WBC_ERR_AUTH_ERROR 1989 * @param dcname DC that was attempted to ping 1990 * 1991 * @return #wbcErr 1992 **/ 1993 wbcErr wbcCtxPingDc2(struct wbcContext *ctx, const char *domain, 1994 struct wbcAuthErrorInfo **error, 1995 char **dcname); 1996 1997 /** 1998 * @brief Trigger a no-op call through the NETLOGON pipe. Low-cost 1999 * version of wbcCheckTrustCredentials 2000 * 2001 * @param *domain The name of the domain, only NULL for the default domain is 2002 * supported yet. Other values than NULL will result in 2003 * WBC_ERR_NOT_IMPLEMENTED. 2004 * @param error Output details on WBC_ERR_AUTH_ERROR 2005 * @param dcname DC that was attempted to ping 2006 * 2007 * @return #wbcErr 2008 **/ 2009 wbcErr wbcPingDc2(const char *domain, struct wbcAuthErrorInfo **error, 2010 char **dcname); 1327 2011 1328 2012 /********************************************************** -
vendor/current/nsswitch/libwbclient/wbclient_internal.h
r740 r988 23 23 #define _WBCLIENT_INTERNAL_H 24 24 25 struct wbcContext { 26 struct winbindd_context *winbindd_ctx; 27 uint32_t pw_cache_size; /* Number of cached passwd structs */ 28 uint32_t pw_cache_idx; /* Position of the pwent context */ 29 uint32_t gr_cache_size; /* Number of cached group structs */ 30 uint32_t gr_cache_idx; /* Position of the grent context */ 31 }; 32 25 33 /* Private functions */ 26 34 27 wbcErr wbcRequestResponse( int cmd,35 wbcErr wbcRequestResponse(struct wbcContext *ctx, int cmd, 28 36 struct winbindd_request *request, 29 37 struct winbindd_response *response); 30 38 31 wbcErr wbcRequestResponsePriv( int cmd,39 wbcErr wbcRequestResponsePriv(struct wbcContext *ctx, int cmd, 32 40 struct winbindd_request *request, 33 41 struct winbindd_response *response); … … 38 46 char *wbcStrDup(const char *str); 39 47 const char **wbcAllocateStringArray(int num_strings); 48 struct wbcContext *wbcGetGlobalCtx(void); 40 49 41 50 #endif /* _WBCLIENT_INTERNAL_H */ -
vendor/current/nsswitch/nsstest.c
r740 r988 371 371 NSS_STATUS status; 372 372 373 groups = (gid_t *)malloc(size); 373 groups = (gid_t *)malloc(sizeof(gid_t) * size); 374 if (groups == NULL) { 375 printf("Unable to allocate memory for groups\n"); 376 return; 377 } 374 378 groups[0] = gid; 375 379 … … 452 456 if (pwd || last_error != NSS_STATUS_NOTFOUND) { 453 457 total_errors++; 454 printf("ERROR Non exist ant user gave error %d\n", last_error);458 printf("ERROR Non existent user gave error %d\n", last_error); 455 459 } 456 460 … … 458 462 if (pwd || last_error != NSS_STATUS_NOTFOUND) { 459 463 total_errors++; 460 printf("ERROR Non exist ant uid gave error %d\n", last_error);464 printf("ERROR Non existent uid gave error %d\n", last_error); 461 465 } 462 466 … … 464 468 if (grp || last_error != NSS_STATUS_NOTFOUND) { 465 469 total_errors++; 466 printf("ERROR Non exist ant group gave error %d\n", last_error);470 printf("ERROR Non existent group gave error %d\n", last_error); 467 471 } 468 472 … … 470 474 if (grp || last_error != NSS_STATUS_NOTFOUND) { 471 475 total_errors++; 472 printf("ERROR Non exist ant gid gave error %d\n", last_error);476 printf("ERROR Non existent gid gave error %d\n", last_error); 473 477 } 474 478 } -
vendor/current/nsswitch/pam_winbind.c
r860 r988 12 12 13 13 #include "pam_winbind.h" 14 #define CONST_DISCARD(type,ptr) ((type)(void *)ptr) 15 14 15 enum pam_winbind_request_type 16 { 17 PAM_WINBIND_AUTHENTICATE, 18 PAM_WINBIND_SETCRED, 19 PAM_WINBIND_ACCT_MGMT, 20 PAM_WINBIND_OPEN_SESSION, 21 PAM_WINBIND_CLOSE_SESSION, 22 PAM_WINBIND_CHAUTHTOK, 23 PAM_WINBIND_CLEANUP 24 }; 16 25 17 26 static int wbc_error_to_pam_error(wbcErr status) … … 141 150 do { \ 142 151 _pam_log_debug(ctx, LOG_DEBUG, "[pamh: %p] LEAVE: " \ 143 function " returning %d (%s)", ctx ->pamh, retval, \152 function " returning %d (%s)", ctx ? ctx->pamh : NULL, retval, \ 144 153 _pam_error_code_str(retval)); \ 145 154 _pam_log_state(ctx); \ … … 164 173 #endif 165 174 166 167 /*168 * Work around the pam API that has functions with void ** as parameters169 * These lead to strict aliasing warnings with gcc.170 */171 static int _pam_get_item(const pam_handle_t *pamh,172 int item_type,173 const void *_item)174 {175 const void **item = (const void **)_item;176 return pam_get_item(pamh, item_type, item);177 }178 static int _pam_get_data(const pam_handle_t *pamh,179 const char *module_data_name,180 const void *_data)181 {182 const void **data = (const void **)_data;183 return pam_get_data(pamh, module_data_name, data);184 }185 175 186 176 /* some syslogging */ … … 203 193 const char *service; 204 194 205 _pam_get_item(pamh, PAM_SERVICE,&service);195 pam_get_item(pamh, PAM_SERVICE, (const void **) &service); 206 196 207 197 format2 = (char *)malloc(strlen(MODULE_NAME)+strlen(format)+strlen(service)+5); … … 281 271 va_list args; 282 272 283 if (! _pam_log_is_debug_enabled(r->ctrl)) {273 if (!r || !_pam_log_is_debug_enabled(r->ctrl)) { 284 274 return; 285 275 } … … 350 340 _pam_log_state_datum(ctx, item_type, #item_type, \ 351 341 _LOG_PASSWORD_AS_STRING) 342 /* 343 * wrapper to preserve old behaviour of iniparser which ignored 344 * key values that had no value assigned like 345 * key = 346 * for a key like above newer iniparser will return a zero-length 347 * string, previously iniparser would return NULL 348 * 349 * JRA: For compatibility, tiniparser behaves like iniparser. 350 */ 351 static const char *tiniparser_getstring_nonempty(struct tiniparser_dictionary *d, 352 const char *key, 353 const char *def) 354 { 355 const char *ret = tiniparser_getstring(d, key, def); 356 if (ret && strlen(ret) == 0) { 357 ret = NULL; 358 } 359 return ret; 360 } 352 361 353 362 static void _pam_log_state(struct pwb_context *ctx) 354 363 { 355 if (! _pam_log_is_debug_state_enabled(ctx->ctrl)) {364 if (!ctx || !_pam_log_is_debug_state_enabled(ctx->ctrl)) { 356 365 return; 357 366 } … … 389 398 int argc, 390 399 const char **argv, 391 dictionary **result_d) 400 enum pam_winbind_request_type type, 401 struct tiniparser_dictionary **result_d) 392 402 { 393 403 int ctrl = 0; … … 395 405 int i; 396 406 const char **v; 397 dictionary *d = NULL;407 struct tiniparser_dictionary *d = NULL; 398 408 399 409 if (flags & PAM_SILENT) { … … 413 423 } 414 424 415 d = iniparser_load(CONST_DISCARD(char *, config_file));425 d = tiniparser_load(config_file); 416 426 if (d == NULL) { 417 427 goto config_from_pam; 418 428 } 419 429 420 if ( iniparser_getboolean(d, CONST_DISCARD(char *, "global:debug"), false)) {430 if (tiniparser_getboolean(d, "global:debug", false)) { 421 431 ctrl |= WINBIND_DEBUG_ARG; 422 432 } 423 433 424 if ( iniparser_getboolean(d, CONST_DISCARD(char *, "global:debug_state"), false)) {434 if (tiniparser_getboolean(d, "global:debug_state", false)) { 425 435 ctrl |= WINBIND_DEBUG_STATE; 426 436 } 427 437 428 if ( iniparser_getboolean(d, CONST_DISCARD(char *, "global:cached_login"), false)) {438 if (tiniparser_getboolean(d, "global:cached_login", false)) { 429 439 ctrl |= WINBIND_CACHED_LOGIN; 430 440 } 431 441 432 if ( iniparser_getboolean(d, CONST_DISCARD(char *, "global:krb5_auth"), false)) {442 if (tiniparser_getboolean(d, "global:krb5_auth", false)) { 433 443 ctrl |= WINBIND_KRB5_AUTH; 434 444 } 435 445 436 if ( iniparser_getboolean(d, CONST_DISCARD(char *, "global:silent"), false)) {446 if (tiniparser_getboolean(d, "global:silent", false)) { 437 447 ctrl |= WINBIND_SILENT; 438 448 } 439 449 440 if ( iniparser_getstring(d, CONST_DISCARD(char *, "global:krb5_ccache_type"), NULL) != NULL) {450 if (tiniparser_getstring_nonempty(d, "global:krb5_ccache_type", NULL) != NULL) { 441 451 ctrl |= WINBIND_KRB5_CCACHE_TYPE; 442 452 } 443 453 444 if (( iniparser_getstring(d, CONST_DISCARD(char *, "global:require-membership-of"), NULL)454 if ((tiniparser_getstring_nonempty(d, "global:require-membership-of", NULL) 445 455 != NULL) || 446 ( iniparser_getstring(d, CONST_DISCARD(char *, "global:require_membership_of"), NULL)456 (tiniparser_getstring_nonempty(d, "global:require_membership_of", NULL) 447 457 != NULL)) { 448 458 ctrl |= WINBIND_REQUIRED_MEMBERSHIP; 449 459 } 450 460 451 if ( iniparser_getboolean(d, CONST_DISCARD(char *, "global:try_first_pass"), false)) {461 if (tiniparser_getboolean(d, "global:try_first_pass", false)) { 452 462 ctrl |= WINBIND_TRY_FIRST_PASS_ARG; 453 463 } 454 464 455 if ( iniparser_getint(d, CONST_DISCARD(char *, "global:warn_pwd_expire"), 0)) {465 if (tiniparser_getint(d, "global:warn_pwd_expire", 0)) { 456 466 ctrl |= WINBIND_WARN_PWD_EXPIRE; 457 467 } 458 468 459 if ( iniparser_getboolean(d, CONST_DISCARD(char *, "global:mkhomedir"), false)) {469 if (tiniparser_getboolean(d, "global:mkhomedir", false)) { 460 470 ctrl |= WINBIND_MKHOMEDIR; 461 471 } … … 480 490 else if (!strcasecmp(*v, "unknown_ok")) 481 491 ctrl |= WINBIND_UNKNOWN_OK_ARG; 482 else if (!strncasecmp(*v, "require_membership_of", 483 strlen("require_membership_of"))) 492 else if ((type == PAM_WINBIND_AUTHENTICATE 493 || type == PAM_WINBIND_SETCRED) 494 && !strncasecmp(*v, "require_membership_of", 495 strlen("require_membership_of"))) 484 496 ctrl |= WINBIND_REQUIRED_MEMBERSHIP; 485 else if (!strncasecmp(*v, "require-membership-of", 486 strlen("require-membership-of"))) 497 else if ((type == PAM_WINBIND_AUTHENTICATE 498 || type == PAM_WINBIND_SETCRED) 499 && !strncasecmp(*v, "require-membership-of", 500 strlen("require-membership-of"))) 487 501 ctrl |= WINBIND_REQUIRED_MEMBERSHIP; 488 502 else if (!strcasecmp(*v, "krb5_auth")) … … 495 509 else if (!strcasecmp(*v, "mkhomedir")) 496 510 ctrl |= WINBIND_MKHOMEDIR; 497 else { 511 else if (!strncasecmp(*v, "warn_pwd_expire", 512 strlen("warn_pwd_expire"))) 513 ctrl |= WINBIND_WARN_PWD_EXPIRE; 514 else if (type != PAM_WINBIND_CLEANUP) { 498 515 __pam_log(pamh, ctrl, LOG_ERR, 499 516 "pam_parse: unknown option: %s", *v); … … 507 524 } else { 508 525 if (d) { 509 iniparser_freedict(d);526 tiniparser_freedict(d); 510 527 } 511 528 } … … 521 538 522 539 if (ctx->dict) { 523 iniparser_freedict(ctx->dict);540 tiniparser_freedict(ctx->dict); 524 541 } 525 542 … … 531 548 int argc, 532 549 const char **argv, 550 enum pam_winbind_request_type type, 533 551 struct pwb_context **ctx_p) 534 552 { … … 539 557 #endif 540 558 541 r = TALLOC_ZERO_P(NULL, struct pwb_context);559 r = talloc_zero(NULL, struct pwb_context); 542 560 if (!r) { 543 561 return PAM_BUF_ERR; … … 550 568 r->argc = argc; 551 569 r->argv = argv; 552 r->ctrl = _pam_parse(pamh, flags, argc, argv, &r->dict);570 r->ctrl = _pam_parse(pamh, flags, argc, argv, type, &r->dict); 553 571 if (r->ctrl == -1) { 554 572 TALLOC_FREE(r); … … 565 583 int error_status) 566 584 { 567 int ctrl = _pam_parse(pamh, 0, 0, NULL, NULL);585 int ctrl = _pam_parse(pamh, 0, 0, NULL, PAM_WINBIND_CLEANUP, NULL); 568 586 if (_pam_log_is_debug_state_enabled(ctrl)) { 569 587 __pam_log_debug(pamh, ctrl, LOG_DEBUG, … … 646 664 struct pam_conv *conv; 647 665 648 retval = _pam_get_item(pamh, PAM_CONV,&conv);666 retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv); 649 667 if (retval == PAM_SUCCESS) { 650 668 retval = conv->conv(nargs, 651 (const struct pam_message **)message,669 discard_const_p(const struct pam_message *, message), 652 670 response, conv->appdata_ptr); 653 671 } … … 813 831 struct pam_message msg, *pmsg; 814 832 struct pam_response *resp = NULL; 815 const char *prompt;816 833 int ret; 817 834 bool retval = false; 818 prompt = _("Do you want to change your password now?");819 835 pmsg = &msg; 820 836 msg.msg_style = PAM_RADIO_TYPE; 821 msg.msg = prompt;837 msg.msg = _("Do you want to change your password now?"); 822 838 ret = converse(ctx->pamh, 1, &pmsg, &resp); 823 839 if (resp == NULL) { … … 1050 1066 int dest_buffer_size) 1051 1067 { 1052 int dest_length = strlen(dest); 1053 int src_length = strlen(src); 1054 1055 if (dest_length + src_length + 1 > dest_buffer_size) { 1056 return false; 1057 } 1058 1059 memcpy(dest + dest_length, src, src_length + 1); 1060 return true; 1068 size_t len; 1069 len = strlcat(dest, src, dest_buffer_size); 1070 return (len < dest_buffer_size); 1061 1071 } 1062 1072 … … 1221 1231 struct wbcLogonUserInfo *info) 1222 1232 { 1223 char var[PATH_MAX];1233 char *var = NULL; 1224 1234 int ret; 1225 1235 uint32_t i; … … 1248 1258 "request returned KRB5CCNAME: %s", krb5ccname); 1249 1259 1250 if ( snprintf(var, sizeof(var), "KRB5CCNAME=%s", krb5ccname) == -1) {1260 if (asprintf(&var, "KRB5CCNAME=%s", krb5ccname) == -1) { 1251 1261 return; 1252 1262 } 1253 1263 1254 1264 ret = pam_putenv(ctx->pamh, var); 1255 if (ret ) {1265 if (ret != PAM_SUCCESS) { 1256 1266 _pam_log(ctx, LOG_ERR, 1257 1267 "failed to set KRB5CCNAME to %s: %s", 1258 1268 var, pam_strerror(ctx->pamh, ret)); 1259 1269 } 1270 free(var); 1260 1271 } 1261 1272 … … 1318 1329 ret = pam_set_data(ctx->pamh, data_name, talloc_strdup(NULL, value), 1319 1330 _pam_winbind_cleanup_func); 1320 if (ret ) {1331 if (ret != PAM_SUCCESS) { 1321 1332 _pam_log_debug(ctx, LOG_DEBUG, 1322 1333 "Could not set data %s: %s\n", … … 1646 1657 1647 1658 ret = _pam_create_homedir(ctx, create_dir, mode); 1648 if (ret ) {1659 if (ret != PAM_SUCCESS) { 1649 1660 return ret; 1650 1661 } … … 1771 1782 "krb5_cc_type", 1772 1783 0, 1773 (uint8_t *)cctype,1784 discard_const_p(uint8_t, cctype), 1774 1785 strlen(cctype)+1); 1775 1786 if (!WBC_ERROR_IS_OK(wbc_status)) { … … 1952 1963 1953 1964 params.account_name = user; 1954 params.level = WBC_ AUTH_USER_LEVEL_PLAIN;1965 params.level = WBC_CHANGE_PASSWORD_LEVEL_PLAIN; 1955 1966 params.old_password.plaintext = oldpass; 1956 1967 params.new_password.plaintext = newpass; … … 1991 2002 1992 2003 /* FIXME: avoid to send multiple PAM messages after another */ 1993 switch ( reject_reason) {2004 switch ((int)reject_reason) { 1994 2005 case -1: 1995 2006 break; … … 2129 2140 if (on(WINBIND_TRY_FIRST_PASS_ARG, ctrl) || 2130 2141 on(WINBIND_USE_FIRST_PASS_ARG, ctrl)) { 2131 retval = _pam_get_item(ctx->pamh, authtok_flag, &item); 2142 retval = pam_get_item(ctx->pamh, 2143 authtok_flag, 2144 (const void **) &item); 2132 2145 if (retval != PAM_SUCCESS) { 2133 2146 /* very strange. */ … … 2237 2250 _pam_delete(token); /* clean it up */ 2238 2251 if (retval != PAM_SUCCESS || 2239 (retval = _pam_get_item(ctx->pamh, authtok_flag,&item)) != PAM_SUCCESS) {2252 (retval = pam_get_item(ctx->pamh, authtok_flag, (const void **) &item)) != PAM_SUCCESS) { 2240 2253 2241 2254 _pam_log(ctx, LOG_CRIT, "error manipulating password"); … … 2287 2300 } 2288 2301 2289 parm_opt = iniparser_getstring(ctx->dict, key, NULL);2302 parm_opt = tiniparser_getstring_nonempty(ctx->dict, key, NULL); 2290 2303 TALLOC_FREE(key); 2291 2304 … … 2335 2348 } 2336 2349 2337 parm_opt = iniparser_getint(ctx->dict, key, -1);2350 parm_opt = tiniparser_getint(ctx->dict, key, -1); 2338 2351 TALLOC_FREE(key); 2339 2352 … … 2357 2370 ret = get_conf_item_string(ctx, "require_membership_of", 2358 2371 WINBIND_REQUIRED_MEMBERSHIP); 2359 if (ret ) {2372 if (ret != NULL) { 2360 2373 return ret; 2361 2374 } … … 2370 2383 WINBIND_WARN_PWD_EXPIRE); 2371 2384 /* no or broken setting */ 2372 if (ret < =0) {2385 if (ret < 0) { 2373 2386 return DEFAULT_DAYS_TO_WARN_BEFORE_PWD_EXPIRES; 2374 2387 } … … 2409 2422 * 2410 2423 * @param ctx PAM winbind context. 2411 * @param upn U Ser UPN to be trabslated.2424 * @param upn User UPN to be translated. 2412 2425 * 2413 2426 * @return converted name. NULL pointer on failure. Caller needs to free. … … 2424 2437 char *name; 2425 2438 char *p; 2439 char *result; 2426 2440 2427 2441 /* This cannot work when the winbind separator = @ */ … … 2455 2469 } 2456 2470 2457 return talloc_asprintf(ctx, "%s%c%s", domain, sep, name); 2471 result = talloc_asprintf(ctx, "%s%c%s", domain, sep, name); 2472 wbcFreeMemory(domain); 2473 wbcFreeMemory(name); 2474 return result; 2458 2475 } 2459 2476 2460 2477 static int _pam_delete_cred(pam_handle_t *pamh, int flags, 2461 int argc, const char **argv) 2478 int argc, enum pam_winbind_request_type type, 2479 const char **argv) 2462 2480 { 2463 2481 int retval = PAM_SUCCESS; … … 2470 2488 ZERO_STRUCT(logoff); 2471 2489 2472 retval = _pam_winbind_init_context(pamh, flags, argc, argv, &ctx);2473 if (retval ) {2474 goto out;2490 retval = _pam_winbind_init_context(pamh, flags, argc, argv, type, &ctx); 2491 if (retval != PAM_SUCCESS) { 2492 return retval; 2475 2493 } 2476 2494 … … 2486 2504 2487 2505 retval = pam_get_user(pamh, &user, _("Username: ")); 2488 if (retval ) {2506 if (retval != PAM_SUCCESS) { 2489 2507 _pam_log(ctx, LOG_ERR, 2490 2508 "could not identify user"); … … 2524 2542 "ccfilename", 2525 2543 0, 2526 (uint8_t *)ccname,2544 discard_const_p(uint8_t, ccname), 2527 2545 strlen(ccname)+1); 2528 2546 if (!WBC_ERROR_IS_OK(wbc_status)) { … … 2605 2623 struct pwb_context *ctx = NULL; 2606 2624 2607 retval = _pam_winbind_init_context(pamh, flags, argc, argv, &ctx); 2608 if (retval) { 2609 goto out; 2625 retval = _pam_winbind_init_context(pamh, flags, argc, argv, 2626 PAM_WINBIND_AUTHENTICATE, &ctx); 2627 if (retval != PAM_SUCCESS) { 2628 return retval; 2610 2629 } 2611 2630 … … 2742 2761 } 2743 2762 2744 if (ctx != NULL) { 2745 _PAM_LOG_FUNCTION_LEAVE("pam_sm_authenticate", ctx, retval); 2746 TALLOC_FREE(ctx); 2747 } 2763 _PAM_LOG_FUNCTION_LEAVE("pam_sm_authenticate", ctx, retval); 2764 2765 TALLOC_FREE(ctx); 2748 2766 2749 2767 return retval; … … 2757 2775 struct pwb_context *ctx = NULL; 2758 2776 2759 ret = _pam_winbind_init_context(pamh, flags, argc, argv, &ctx); 2760 if (ret) { 2761 goto out; 2777 ret = _pam_winbind_init_context(pamh, flags, argc, argv, 2778 PAM_WINBIND_SETCRED, &ctx); 2779 if (ret != PAM_SUCCESS) { 2780 return ret; 2762 2781 } 2763 2782 … … 2767 2786 2768 2787 case PAM_DELETE_CRED: 2769 ret = _pam_delete_cred(pamh, flags, argc, argv); 2788 ret = _pam_delete_cred(pamh, flags, argc, 2789 PAM_WINBIND_SETCRED, argv); 2770 2790 break; 2771 2791 case PAM_REFRESH_CRED: … … 2789 2809 } 2790 2810 2791 out:2792 2793 2811 _PAM_LOG_FUNCTION_LEAVE("pam_sm_setcred", ctx, ret); 2794 2812 … … 2808 2826 const char *username; 2809 2827 int ret = PAM_USER_UNKNOWN; 2810 void*tmp = NULL;2828 const char *tmp = NULL; 2811 2829 struct pwb_context *ctx = NULL; 2812 2830 2813 ret = _pam_winbind_init_context(pamh, flags, argc, argv, &ctx); 2814 if (ret) { 2815 goto out; 2831 ret = _pam_winbind_init_context(pamh, flags, argc, argv, 2832 PAM_WINBIND_ACCT_MGMT, &ctx); 2833 if (ret != PAM_SUCCESS) { 2834 return ret; 2816 2835 } 2817 2836 … … 2849 2868 (const void **)&tmp); 2850 2869 if (tmp != NULL) { 2851 ret = atoi( (const char *)tmp);2870 ret = atoi(tmp); 2852 2871 switch (ret) { 2853 2872 case PAM_AUTHTOK_EXPIRED: … … 2906 2925 struct pwb_context *ctx = NULL; 2907 2926 2908 ret = _pam_winbind_init_context(pamh, flags, argc, argv, &ctx); 2909 if (ret) { 2910 goto out; 2927 ret = _pam_winbind_init_context(pamh, flags, argc, argv, 2928 PAM_WINBIND_OPEN_SESSION, &ctx); 2929 if (ret != PAM_SUCCESS) { 2930 return ret; 2911 2931 } 2912 2932 … … 2917 2937 ret = _pam_mkhomedir(ctx); 2918 2938 } 2919 out: 2939 2920 2940 _PAM_LOG_FUNCTION_LEAVE("pam_sm_open_session", ctx, ret); 2921 2941 … … 2932 2952 struct pwb_context *ctx = NULL; 2933 2953 2934 ret = _pam_winbind_init_context(pamh, flags, argc, argv, &ctx); 2935 if (ret) { 2936 goto out; 2954 ret = _pam_winbind_init_context(pamh, flags, argc, argv, 2955 PAM_WINBIND_CLOSE_SESSION, &ctx); 2956 if (ret != PAM_SUCCESS) { 2957 return ret; 2937 2958 } 2938 2959 2939 2960 _PAM_LOG_FUNCTION_ENTER("pam_sm_close_session", ctx); 2940 2961 2941 out:2942 2962 _PAM_LOG_FUNCTION_LEAVE("pam_sm_close_session", ctx, ret); 2943 2963 … … 2975 2995 struct passwd *pwd = NULL; 2976 2996 2977 _pam_get_data(ctx->pamh, PAM_WINBIND_NEW_AUTHTOK_REQD_DURING_AUTH,2978 &new_authtok_reqd_during_auth);2997 pam_get_data(ctx->pamh, PAM_WINBIND_NEW_AUTHTOK_REQD_DURING_AUTH, 2998 (const void **) &new_authtok_reqd_during_auth); 2979 2999 pam_set_data(ctx->pamh, PAM_WINBIND_NEW_AUTHTOK_REQD_DURING_AUTH, 2980 3000 NULL, NULL); … … 3007 3027 /* <DO NOT free() THESE> */ 3008 3028 const char *user; 3009 char *pass_old, *pass_new; 3029 const char *pass_old; 3030 const char *pass_new; 3010 3031 /* </DO NOT free() THESE> */ 3011 3032 … … 3017 3038 struct pwb_context *ctx = NULL; 3018 3039 3019 ret = _pam_winbind_init_context(pamh, flags, argc, argv, &ctx); 3020 if (ret) { 3021 goto out; 3040 ret = _pam_winbind_init_context(pamh, flags, argc, argv, 3041 PAM_WINBIND_CHAUTHTOK, &ctx); 3042 if (ret != PAM_SUCCESS) { 3043 return ret; 3022 3044 } 3023 3045 … … 3033 3055 */ 3034 3056 ret = pam_get_user(pamh, &user, _("Username: ")); 3035 if (ret ) {3057 if (ret != PAM_SUCCESS) { 3036 3058 _pam_log(ctx, LOG_ERR, 3037 3059 "password - could not identify user"); … … 3130 3152 */ 3131 3153 3132 ret = _pam_get_item(pamh, PAM_OLDAUTHTOK,&pass_old);3154 ret = pam_get_item(pamh, PAM_OLDAUTHTOK, (const void **) &pass_old); 3133 3155 3134 3156 if (ret != PAM_SUCCESS) { … … 3180 3202 * rebuild the password database file. 3181 3203 */ 3182 _pam_get_data(pamh, PAM_WINBIND_PWD_LAST_SET,3183 &pwdlastset_update);3204 pam_get_data(pamh, PAM_WINBIND_PWD_LAST_SET, 3205 (const void **) &pwdlastset_update); 3184 3206 3185 3207 /* … … 3194 3216 ret = winbind_chauthtok_request(ctx, user, pass_old, 3195 3217 pass_new, pwdlastset_update); 3196 if (ret ) {3218 if (ret != PAM_SUCCESS) { 3197 3219 pass_old = pass_new = NULL; 3198 3220 goto out; -
vendor/current/nsswitch/pam_winbind.h
r740 r988 56 56 #include <talloc.h> 57 57 #include "libwbclient/wbclient.h" 58 #include "lib/util/tiniparser.h" 58 59 59 60 #define MODULE_NAME "pam_winbind" … … 66 67 #define PAM_WINBIND_CONFIG_FILE "/etc/security/pam_winbind.conf" 67 68 #endif 68 69 #include <iniparser.h>70 69 71 70 #ifdef HAVE_LIBINTL_H … … 94 93 #endif 95 94 96 #endif /* defined(SUNOS5) || defined(SUNOS4) || defined(HPUX) || defined(FREEBSD) || defined(AIX)*/95 #endif /* (!)LINUX */ 97 96 98 97 #if defined(HAVE_SECURITY_PAM_MODULES_H) … … 213 212 int argc; 214 213 const char **argv; 215 dictionary *dict;214 struct tiniparser_dictionary *dict; 216 215 uint32_t ctrl; 217 216 }; -
vendor/current/nsswitch/tests/test_wbinfo.sh
r740 r988 15 15 16 16 failed=0 17 samba4bindir="$B UILDDIR/bin"18 wbinfo="$VALGRIND $samba4bindir/wbinfo $EXEEXT"17 samba4bindir="$BINDIR" 18 wbinfo="$VALGRIND $samba4bindir/wbinfo" 19 19 20 20 . `dirname $0`/../../testprogs/blackbox/subunit.sh … … 58 58 # Convert netbios name to IP 59 59 # Does not work yet 60 knownfail"wbinfo -N against $TARGET" $wbinfo -N $NETBIOSNAME || failed=`expr $failed + 1`60 testit "wbinfo -N against $TARGET" $wbinfo -N $NETBIOSNAME || failed=`expr $failed + 1` 61 61 # Convert IP to netbios name 62 62 # Does not work yet 63 knownfail"wbinfo -I against $TARGET" $wbinfo -I $SERVER_IP || failed=`expr $failed + 1`63 testit "wbinfo -I against $TARGET" $wbinfo -I $SERVER_IP || failed=`expr $failed + 1` 64 64 65 65 # Convert name to SID … … 152 152 153 153 #didn't really work anyway 154 knownfail"wbinfo --trusted-domains against $TARGET" $wbinfo --trusted-domains || failed=`expr $failed + 1`155 knownfail"wbinfo --all-domains against $TARGET" $wbinfo --all-domains || failed=`expr $failed + 1`154 testit "wbinfo --trusted-domains against $TARGET" $wbinfo --trusted-domains || failed=`expr $failed + 1` 155 testit "wbinfo --all-domains against $TARGET" $wbinfo --all-domains || failed=`expr $failed + 1` 156 156 157 157 testit "wbinfo --own-domain against $TARGET" $wbinfo --own-domain || failed=`expr $failed + 1` … … 175 175 testit "wbinfo -i against $TARGET" $wbinfo -i "$DOMAIN/$USERNAME" || failed=`expr $failed + 1` 176 176 177 testit "wbinfo --uid-info against $TARGET" $wbinfo --uid-info $admin_uid || failed=`expr $failed + 1`178 179 177 echo "test: wbinfo --group-info against $TARGET" 180 rawgid=`$wbinfo --group-info "Domain admins" | sed 's/.*:\([0-9][0-9]*\):/\1/'`178 gid=`$wbinfo --group-info "$DOMAIN/Domain users" | cut -d: -f3` 181 179 if test x$? = x0; then 182 180 echo "success: wbinfo --group-info against $TARGET" … … 186 184 fi 187 185 188 gid=`echo $rawgid | sed 's/.*:\([0-9][0-9]*\):/\1/'` 186 test_name="wbinfo -i against $TARGET" 187 subunit_start_test "$test_name" 188 passwd_line=`$wbinfo -i "$DOMAIN/$USERNAME"` 189 if test x$? = x0; then 190 subunit_pass_test "$test_name" 191 else 192 subunit_fail_test "$test_name" 193 failed=`expr $failed + 1` 194 fi 195 196 test_name="confirm output of wbinfo -i against $TARGET" 197 subunit_start_test "$test_name" 198 199 # The full name (GECOS) is based on name (the RDN, in this case CN) 200 # and displayName in winbindd_ads, and is based only on displayName in 201 # winbindd_msrpc and winbindd_rpc. Allow both versions. 202 expected_line="$DOMAIN/administrator:*:$admin_uid:$gid:Administrator:/home/$DOMAIN/administrator:/bin/false" 203 expected2_line="$DOMAIN/administrator:*:$admin_uid:$gid::/home/$DOMAIN/administrator:/bin/false" 204 205 if test x$passwd_line = x"$expected_line" -o x$passwd_line = x"$expected2_line"; then 206 subunit_pass_test "$test_name" 207 else 208 echo "expected '$expected_line' or '$expected2_line' got '$passwd_line'" | subunit_fail_test "$test_name" 209 failed=`expr $failed + 1` 210 fi 211 212 test_name="wbinfo --uid-info against $TARGET" 213 subunit_start_test "$test_name" 214 passwd_line=`$wbinfo --uid-info=$admin_uid` 215 if test x$? = x0; then 216 subunit_pass_test "$test_name" 217 else 218 subunit_fail_test "$test_name" 219 failed=`expr $failed + 1` 220 fi 221 222 test_name="confirm output of wbinfo --uid-info against $TARGET" 223 subunit_start_test "$test_name" 224 if test x$passwd_line = x"$expected_line" -o x$passwd_line = x"$expected2_line"; then 225 subunit_pass_test "$test_name" 226 else 227 echo "expected '$expected_line' or '$expected2_line' got '$passwd_line'" | subunit_fail_test "$test_name" 228 failed=`expr $failed + 1` 229 fi 230 231 testfail "wbinfo --group-info against $TARGET with $USERNAME" $wbinfo --group-info $USERNAME && failed=`expr $failed + 1` 232 189 233 testit "wbinfo --gid-info against $TARGET" $wbinfo --gid-info $gid || failed=`expr $failed + 1` 190 234 -
vendor/current/nsswitch/wb_common.c
r860 r988 7 7 Copyright (C) Andrew Tridgell 2000 8 8 Copyright (C) Andrew Bartlett 2002 9 Copyright (C) Matthew Newton 2015 9 10 10 11 … … 27 28 #include "winbind_client.h" 28 29 29 /* Global variables. These are effectively the client state information */ 30 31 int winbindd_fd = -1; /* fd for winbindd socket */ 32 static int is_privileged = 0; 30 /* Global context */ 31 32 struct winbindd_context { 33 int winbindd_fd; /* winbind file descriptor */ 34 bool is_privileged; /* using the privileged socket? */ 35 pid_t our_pid; /* calling process pid */ 36 }; 37 38 static struct winbindd_context wb_global_ctx = { 39 .winbindd_fd = -1, 40 .is_privileged = 0, 41 .our_pid = 0 42 }; 33 43 34 44 /* Free a response structure */ … … 65 75 /* Close established socket */ 66 76 67 #if HAVE_FUNCTION_ATTRIBUTE_DESTRUCTOR 77 static void winbind_close_sock(struct winbindd_context *ctx) 78 { 79 if (!ctx) { 80 return; 81 } 82 83 if (ctx->winbindd_fd != -1) { 84 close(ctx->winbindd_fd); 85 ctx->winbindd_fd = -1; 86 } 87 } 88 89 /* Destructor for global context to ensure fd is closed */ 90 91 #if HAVE_DESTRUCTOR_ATTRIBUTE 68 92 __attribute__((destructor)) 69 93 #endif 70 static void winbind_close_sock(void) 71 { 72 if (winbindd_fd != -1) { 73 close(winbindd_fd); 74 winbindd_fd = -1; 75 } 94 static void winbind_destructor(void) 95 { 96 winbind_close_sock(&wb_global_ctx); 76 97 } 77 98 … … 169 190 } 170 191 192 /** 193 * @internal 194 * 195 * @brief Check if we talk to the priviliged pipe which should be owned by root. 196 * 197 * This checks if we have uid_wrapper running and if this is the case it will 198 * allow one to connect to the winbind privileged pipe even it is not owned by root. 199 * 200 * @param[in] uid The uid to check if we can safely talk to the pipe. 201 * 202 * @return If we have access it returns true, else false. 203 */ 204 static bool winbind_privileged_pipe_is_root(uid_t uid) 205 { 206 if (uid == 0) { 207 return true; 208 } 209 210 if (uid_wrapper_enabled()) { 211 return true; 212 } 213 214 return false; 215 } 216 171 217 /* Connect to winbindd socket */ 172 218 … … 175 221 struct sockaddr_un sunaddr; 176 222 struct stat st; 177 char *path = NULL;178 223 int fd; 179 224 int wait_time; 180 225 int slept; 226 int ret; 181 227 182 228 /* Check permissions on unix socket directory */ … … 187 233 } 188 234 235 /* 236 * This tells us that the pipe is owned by a privileged 237 * process, as we will be sending passwords to it. 238 */ 189 239 if (!S_ISDIR(st.st_mode) || 190 (st.st_uid != 0 && st.st_uid != geteuid())) {240 !winbind_privileged_pipe_is_root(st.st_uid)) { 191 241 errno = ENOENT; 192 242 return -1; … … 195 245 /* Connect to socket */ 196 246 197 if (asprintf(&path, "%s/%s", dir, WINBINDD_SOCKET_NAME) < 0) { 198 return -1; 199 } 200 201 ZERO_STRUCT(sunaddr); 202 sunaddr.sun_family = AF_UNIX; 203 strncpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path) - 1); 247 sunaddr = (struct sockaddr_un) { .sun_family = AF_UNIX }; 248 249 ret = snprintf(sunaddr.sun_path, sizeof(sunaddr.sun_path), 250 "%s/%s", dir, WINBINDD_SOCKET_NAME); 251 if ((ret == -1) || (ret >= sizeof(sunaddr.sun_path))) { 252 errno = ENAMETOOLONG; 253 return -1; 254 } 204 255 205 256 /* If socket file doesn't exist, don't bother trying to connect … … 207 258 the winbindd daemon is not running. */ 208 259 209 if (lstat( path, &st) == -1) {260 if (lstat(sunaddr.sun_path, &st) == -1) { 210 261 errno = ENOENT; 211 SAFE_FREE(path); 212 return -1; 213 } 214 215 SAFE_FREE(path); 262 return -1; 263 } 264 216 265 /* Check permissions on unix socket file */ 217 266 267 /* 268 * This tells us that the pipe is owned by a privileged 269 * process, as we will be sending passwords to it. 270 */ 218 271 if (!S_ISSOCK(st.st_mode) || 219 (st.st_uid != 0 && st.st_uid != geteuid())) {272 !winbind_privileged_pipe_is_root(st.st_uid)) { 220 273 errno = ENOENT; 221 274 return -1; … … 237 290 wait_time += slept) { 238 291 struct pollfd pfd; 239 int ret;240 292 int connect_errno = 0; 241 293 socklen_t errnosize; … … 287 339 static const char *winbindd_socket_dir(void) 288 340 { 289 #ifdef SOCKET_WRAPPER 290 const char *env_dir;291 292 env_dir = getenv(WINBINDD_SOCKET_DIR_ENVVAR);293 if (env_dir) {294 return env_dir;295 }296 #endif 341 if (nss_wrapper_enabled()) { 342 const char *env_dir; 343 344 env_dir = getenv("SELFTEST_WINBINDD_SOCKET_DIR"); 345 if (env_dir != NULL) { 346 return env_dir; 347 } 348 } 297 349 298 350 return WINBINDD_SOCKET_DIR; … … 301 353 /* Connect to winbindd socket */ 302 354 303 static int winbind_open_pipe_sock(int recursing, int need_priv) 355 static int winbind_open_pipe_sock(struct winbindd_context *ctx, 356 int recursing, int need_priv) 304 357 { 305 358 #ifdef HAVE_UNIXSOCKET 306 static pid_t our_pid;307 359 struct winbindd_request request; 308 360 struct winbindd_response response; 361 309 362 ZERO_STRUCT(request); 310 363 ZERO_STRUCT(response); 311 364 312 if (our_pid != getpid()) { 313 winbind_close_sock(); 314 our_pid = getpid(); 315 } 316 317 if ((need_priv != 0) && (is_privileged == 0)) { 318 winbind_close_sock(); 319 } 320 321 if (winbindd_fd != -1) { 322 return winbindd_fd; 365 if (!ctx) { 366 return -1; 367 } 368 369 if (ctx->our_pid != getpid()) { 370 winbind_close_sock(ctx); 371 ctx->our_pid = getpid(); 372 } 373 374 if ((need_priv != 0) && (ctx->is_privileged == 0)) { 375 winbind_close_sock(ctx); 376 } 377 378 if (ctx->winbindd_fd != -1) { 379 return ctx->winbindd_fd; 323 380 } 324 381 … … 327 384 } 328 385 329 if ((winbindd_fd = winbind_named_pipe_sock(winbindd_socket_dir())) == -1) { 330 return -1; 331 } 332 333 is_privileged = 0; 386 ctx->winbindd_fd = winbind_named_pipe_sock(winbindd_socket_dir()); 387 388 if (ctx->winbindd_fd == -1) { 389 return -1; 390 } 391 392 ctx->is_privileged = 0; 334 393 335 394 /* version-check the socket */ 336 395 337 396 request.wb_flags = WBFLAG_RECURSE; 338 if ((winbindd_request_response(WINBINDD_INTERFACE_VERSION, &request, &response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != WINBIND_INTERFACE_VERSION)) { 339 winbind_close_sock(); 397 if ((winbindd_request_response(ctx, WINBINDD_INTERFACE_VERSION, &request, 398 &response) != NSS_STATUS_SUCCESS) || 399 (response.data.interface_version != WINBIND_INTERFACE_VERSION)) { 400 winbind_close_sock(ctx); 340 401 return -1; 341 402 } … … 344 405 345 406 request.wb_flags = WBFLAG_RECURSE; 346 if (winbindd_request_response(WINBINDD_PRIV_PIPE_DIR, &request, &response) == NSS_STATUS_SUCCESS) { 407 408 /* Note that response needs to be initialized to avoid 409 * crashing on clean up after WINBINDD_PRIV_PIPE_DIR call failed 410 * as interface version (from the first request) returned as a fstring, 411 * thus response.extra_data.data will not be NULL even though 412 * winbindd response did not write over it due to a failure */ 413 ZERO_STRUCT(response); 414 if (winbindd_request_response(ctx, WINBINDD_PRIV_PIPE_DIR, &request, 415 &response) == NSS_STATUS_SUCCESS) { 347 416 int fd; 348 if ((fd = winbind_named_pipe_sock((char *)response.extra_data.data)) != -1) { 349 close(winbindd_fd); 350 winbindd_fd = fd; 351 is_privileged = 1; 352 } 353 } 354 355 if ((need_priv != 0) && (is_privileged == 0)) { 417 fd = winbind_named_pipe_sock((char *)response.extra_data.data); 418 if (fd != -1) { 419 close(ctx->winbindd_fd); 420 ctx->winbindd_fd = fd; 421 ctx->is_privileged = 1; 422 } 423 } 424 425 if ((need_priv != 0) && (ctx->is_privileged == 0)) { 356 426 return -1; 357 427 } … … 359 429 SAFE_FREE(response.extra_data.data); 360 430 361 return winbindd_fd;431 return ctx->winbindd_fd; 362 432 #else 363 433 return -1; … … 367 437 /* Write data to winbindd socket */ 368 438 369 static int winbind_write_sock( void *buffer, int count, int recursing,370 int need_priv)371 { 372 int result, nwritten;439 static int winbind_write_sock(struct winbindd_context *ctx, void *buffer, 440 int count, int recursing, int need_priv) 441 { 442 int fd, result, nwritten; 373 443 374 444 /* Open connection to winbind daemon */ … … 376 446 restart: 377 447 378 if (winbind_open_pipe_sock(recursing, need_priv) == -1) { 448 fd = winbind_open_pipe_sock(ctx, recursing, need_priv); 449 if (fd == -1) { 379 450 errno = ENOENT; 380 451 return -1; … … 392 463 call would not block by calling poll(). */ 393 464 394 pfd.fd = winbindd_fd;465 pfd.fd = fd; 395 466 pfd.events = POLLIN|POLLOUT|POLLHUP; 396 467 397 468 ret = poll(&pfd, 1, -1); 398 469 if (ret == -1) { 399 winbind_close_sock( );470 winbind_close_sock(ctx); 400 471 return -1; /* poll error */ 401 472 } … … 407 478 /* Pipe has closed on remote end */ 408 479 409 winbind_close_sock( );480 winbind_close_sock(ctx); 410 481 goto restart; 411 482 } … … 413 484 /* Do the write */ 414 485 415 result = write(winbindd_fd, 416 (char *)buffer + nwritten, 486 result = write(fd, (char *)buffer + nwritten, 417 487 count - nwritten); 418 488 … … 421 491 /* Write failed */ 422 492 423 winbind_close_sock( );493 winbind_close_sock(ctx); 424 494 return -1; 425 495 } … … 433 503 /* Read data from winbindd socket */ 434 504 435 static int winbind_read_sock(void *buffer, int count) 436 { 505 static int winbind_read_sock(struct winbindd_context *ctx, 506 void *buffer, int count) 507 { 508 int fd; 437 509 int nread = 0; 438 510 int total_time = 0; 439 511 440 if (winbindd_fd == -1) { 512 fd = winbind_open_pipe_sock(ctx, false, false); 513 if (fd == -1) { 441 514 return -1; 442 515 } … … 450 523 call would not block by calling poll(). */ 451 524 452 pfd.fd = winbindd_fd;525 pfd.fd = fd; 453 526 pfd.events = POLLIN|POLLHUP; 454 527 … … 457 530 ret = poll(&pfd, 1, 5000); 458 531 if (ret == -1) { 459 winbind_close_sock( );532 winbind_close_sock(ctx); 460 533 return -1; /* poll error */ 461 534 } … … 463 536 if (ret == 0) { 464 537 /* Not ready for read yet... */ 465 if (total_time >= 30 ) {538 if (total_time >= 300) { 466 539 /* Timeout */ 467 winbind_close_sock( );540 winbind_close_sock(ctx); 468 541 return -1; 469 542 } … … 476 549 /* Do the Read */ 477 550 478 int result = read( winbindd_fd, (char *)buffer + nread,551 int result = read(fd, (char *)buffer + nread, 479 552 count - nread); 480 553 … … 485 558 transaction has failed half way through. */ 486 559 487 winbind_close_sock( );560 winbind_close_sock(ctx); 488 561 return -1; 489 562 } … … 499 572 /* Read reply */ 500 573 501 static int winbindd_read_reply(struct winbindd_response *response) 574 static int winbindd_read_reply(struct winbindd_context *ctx, 575 struct winbindd_response *response) 502 576 { 503 577 int result1, result2 = 0; … … 509 583 /* Read fixed length response */ 510 584 511 result1 = winbind_read_sock( response,585 result1 = winbind_read_sock(ctx, response, 512 586 sizeof(struct winbindd_response)); 513 if (result1 == -1) {514 return -1;515 }516 517 if (response->length < sizeof(struct winbindd_response)) {518 return -1;519 }520 587 521 588 /* We actually send the pointer value of the extra_data field from … … 525 592 response->extra_data.data = NULL; 526 593 594 if (result1 == -1) { 595 return -1; 596 } 597 598 if (response->length < sizeof(struct winbindd_response)) { 599 return -1; 600 } 601 527 602 /* Read variable length response */ 528 603 … … 537 612 } 538 613 539 result2 = winbind_read_sock( response->extra_data.data,614 result2 = winbind_read_sock(ctx, response->extra_data.data, 540 615 extra_data_len); 541 616 if (result2 == -1) { … … 554 629 */ 555 630 556 NSS_STATUS winbindd_send_request(int req_type, int need_priv, 631 NSS_STATUS winbindd_send_request(struct winbindd_context *ctx, 632 int req_type, int need_priv, 557 633 struct winbindd_request *request) 558 634 { … … 574 650 winbindd_init_request(request, req_type); 575 651 576 if (winbind_write_sock( request, sizeof(*request),652 if (winbind_write_sock(ctx, request, sizeof(*request), 577 653 request->wb_flags & WBFLAG_RECURSE, 578 654 need_priv) == -1) … … 585 661 586 662 if ((request->extra_len != 0) && 587 (winbind_write_sock( request->extra_data.data,663 (winbind_write_sock(ctx, request->extra_data.data, 588 664 request->extra_len, 589 665 request->wb_flags & WBFLAG_RECURSE, … … 603 679 */ 604 680 605 NSS_STATUS winbindd_get_response(struct winbindd_response *response) 681 NSS_STATUS winbindd_get_response(struct winbindd_context *ctx, 682 struct winbindd_response *response) 606 683 { 607 684 struct winbindd_response lresponse; … … 615 692 616 693 /* Wait for reply */ 617 if (winbindd_read_reply( response) == -1) {694 if (winbindd_read_reply(ctx, response) == -1) { 618 695 /* Set ENOENT for consistency. Required by some apps */ 619 696 errno = ENOENT; … … 637 714 /* Handle simple types of requests */ 638 715 639 NSS_STATUS winbindd_request_response(int req_type, 640 struct winbindd_request *request, 641 struct winbindd_response *response) 716 NSS_STATUS winbindd_request_response(struct winbindd_context *ctx, 717 int req_type, 718 struct winbindd_request *request, 719 struct winbindd_response *response) 642 720 { 643 721 NSS_STATUS status = NSS_STATUS_UNAVAIL; 644 int count = 0; 645 646 while ((status == NSS_STATUS_UNAVAIL) && (count < 10)) { 647 status = winbindd_send_request(req_type, 0, request); 648 if (status != NSS_STATUS_SUCCESS) 649 return(status); 650 status = winbindd_get_response(response); 651 count += 1; 652 } 722 struct winbindd_context *wb_ctx = ctx; 723 724 if (ctx == NULL) { 725 wb_ctx = &wb_global_ctx; 726 } 727 728 status = winbindd_send_request(wb_ctx, req_type, 0, request); 729 if (status != NSS_STATUS_SUCCESS) 730 return (status); 731 status = winbindd_get_response(wb_ctx, response); 653 732 654 733 return status; 655 734 } 656 735 657 NSS_STATUS winbindd_priv_request_response(int req_type, 736 NSS_STATUS winbindd_priv_request_response(struct winbindd_context *ctx, 737 int req_type, 658 738 struct winbindd_request *request, 659 739 struct winbindd_response *response) 660 740 { 661 741 NSS_STATUS status = NSS_STATUS_UNAVAIL; 662 int count = 0; 663 664 while ((status == NSS_STATUS_UNAVAIL) && (count < 10)) { 665 status = winbindd_send_request(req_type, 1, request); 666 if (status != NSS_STATUS_SUCCESS) 667 return(status); 668 status = winbindd_get_response(response); 669 count += 1; 670 } 742 struct winbindd_context *wb_ctx = ctx; 743 744 if (ctx == NULL) { 745 wb_ctx = &wb_global_ctx; 746 } 747 748 status = winbindd_send_request(wb_ctx, req_type, 1, request); 749 if (status != NSS_STATUS_SUCCESS) 750 return (status); 751 status = winbindd_get_response(wb_ctx, response); 671 752 672 753 return status; 673 754 } 755 756 /* Create and free winbindd context */ 757 758 struct winbindd_context *winbindd_ctx_create(void) 759 { 760 struct winbindd_context *ctx; 761 762 ctx = calloc(1, sizeof(struct winbindd_context)); 763 764 if (!ctx) { 765 return NULL; 766 } 767 768 ctx->winbindd_fd = -1; 769 770 return ctx; 771 } 772 773 void winbindd_ctx_free(struct winbindd_context *ctx) 774 { 775 winbind_close_sock(ctx); 776 free(ctx); 777 } -
vendor/current/nsswitch/wbinfo.c
r860 r988 23 23 24 24 #include "includes.h" 25 #include "popt_common.h"26 25 #include "winbind_client.h" 27 26 #include "libwbclient/wbclient.h" 28 #include "lib/popt/popt.h"29 27 #include "../libcli/auth/libcli_auth.h" 30 #if (_SAMBA_BUILD_) >= 431 28 #include "lib/cmdline/popt_common.h" 32 # endif29 #include "lib/afs/afs_settoken.h" 33 30 34 31 #ifdef DBGC_CLASS … … 121 118 if (!p) { 122 119 /* Maybe it was a UPN? */ 123 if ((p = strchr(domuser, '@')) != NULL) { 120 p = strchr(domuser, '@'); 121 if (p != NULL) { 124 122 fstrcpy(domain, ""); 125 123 fstrcpy(user, domuser); … … 135 133 fstrcpy(domain, domuser); 136 134 domain[PTR_DIFF(p, domuser)] = 0; 137 strupper_m(domain);138 135 139 136 return true; … … 243 240 pwd->pw_shell); 244 241 242 wbcFreeMemory(pwd); 243 245 244 return true; 246 245 } … … 520 519 521 520 if (print_all) { 522 d_printf("%-16s%- 24s%-12s%-12s%-5s%-5s\n",521 d_printf("%-16s%-65s%-12s%-12s%-5s%-5s\n", 523 522 "Domain Name", "DNS Domain", "Trust Type", 524 523 "Transitive", "In", "Out"); … … 534 533 } 535 534 536 d_printf("%- 24s", domain_list[i].dns_name);535 d_printf("%-65s", domain_list[i].dns_name); 537 536 538 537 switch(domain_list[i].trust_type) { … … 690 689 /* Send request */ 691 690 692 if (winbindd_request_response( WINBINDD_GETDCNAME, &request,691 if (winbindd_request_response(NULL, WINBINDD_GETDCNAME, &request, 693 692 &response) != NSS_STATUS_SUCCESS) { 694 693 d_fprintf(stderr, "Could not get dc name for %s\n",domain_name); … … 754 753 755 754 if (wbc_status == WBC_ERR_AUTH_ERROR) { 756 d_fprintf(stderr, " error code was %s (0x%x)\n",757 error->nt_string, error->nt_status);755 d_fprintf(stderr, "wbcCheckTrustCredentials(%s): error code was %s (0x%x)\n", 756 domain_name, error->nt_string, error->nt_status); 758 757 wbcFreeMemory(error); 759 758 } … … 813 812 814 813 if (wbc_status == WBC_ERR_AUTH_ERROR) { 815 d_fprintf(stderr, " error code was %s (0x%x)\n",816 error->nt_string, error->nt_status);814 d_fprintf(stderr, "wbcChangeTrustCredentials(%s): error code was %s (0x%x)\n", 815 domain_name, error->nt_string, error->nt_status); 817 816 wbcFreeMemory(error); 818 817 } … … 828 827 /* Check DC connection */ 829 828 830 static bool wbinfo_ping_dc( void)829 static bool wbinfo_ping_dc(const char *domain) 831 830 { 832 831 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 833 832 struct wbcAuthErrorInfo *error = NULL; 834 835 wbc_status = wbcPingDc(NULL, &error); 836 837 d_printf("checking the NETLOGON dc connection %s\n", 833 char *dcname = NULL; 834 835 const char *domain_name; 836 837 if (domain) { 838 domain_name = domain; 839 } else { 840 domain_name = get_winbind_domain(); 841 } 842 843 wbc_status = wbcPingDc2(domain_name, &error, &dcname); 844 845 d_printf("checking the NETLOGON for domain[%s] dc connection to \"%s\" %s\n", 846 domain_name ? domain_name : "", 847 dcname ? dcname : "", 838 848 WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed"); 839 849 850 wbcFreeMemory(dcname); 840 851 if (wbc_status == WBC_ERR_AUTH_ERROR) { 841 d_fprintf(stderr, " error code was %s (0x%x)\n",842 error->nt_string, error->nt_status);852 d_fprintf(stderr, "wbcPingDc2(%s): error code was %s (0x%x)\n", 853 domain_name, error->nt_string, error->nt_status); 843 854 wbcFreeMemory(error); 855 return false; 844 856 } 845 857 if (!WBC_ERROR_IS_OK(wbc_status)) { … … 1020 1032 d_printf("%s -> gid %d\n", sidstr, unix_ids[i].id.gid); 1021 1033 break; 1034 case WBC_ID_TYPE_BOTH: 1035 d_printf("%s -> uid/gid %d\n", sidstr, unix_ids[i].id.uid); 1036 break; 1022 1037 default: 1023 1038 d_printf("%s -> unmapped\n", sidstr); … … 1218 1233 /* Display response */ 1219 1234 1220 d_printf("%s%c%s %d\n", 1221 domain, winbind_separator(), name, type); 1235 if (type == WBC_SID_NAME_DOMAIN) { 1236 d_printf("%s %d\n", domain, type); 1237 } else { 1238 d_printf("%s%c%s %d\n", 1239 domain, winbind_separator(), name, type); 1240 } 1241 1242 wbcFreeMemory(domain); 1243 wbcFreeMemory(name); 1222 1244 1223 1245 return true; … … 1254 1276 d_printf("%s%c%s %d\n", 1255 1277 domain, winbind_separator(), name, type); 1278 1279 wbcFreeMemory(domain); 1280 wbcFreeMemory(name); 1256 1281 1257 1282 return true; … … 1314 1339 1315 1340 wbc_status = wbcLookupRids(&dinfo->sid, num_rids, rids, 1316 (const char **)&domain_name, &names, &types);1341 &p, &names, &types); 1317 1342 if (!WBC_ERROR_IS_OK(wbc_status)) { 1318 1343 d_printf("winbind_lookup_rids failed: %s\n", … … 1321 1346 } 1322 1347 1348 domain_name = discard_const_p(char, p); 1323 1349 d_printf("Domain: %s\n", domain_name); 1324 1350 … … 1395 1421 if (names[i].type == WBC_SID_NAME_DOMAIN) { 1396 1422 d_printf("%s -> %s %d\n", sidstr, 1397 domain,1398 names[i].type);1423 domain, 1424 names[i].type); 1399 1425 } else { 1400 1426 d_printf("%s -> %s%c%s %d\n", sidstr, 1401 domain, 1402 winbind_separator(), 1403 names[i].name, names[i].type); 1404 } 1405 } 1427 domain, 1428 winbind_separator(), 1429 names[i].name, names[i].type); 1430 } 1431 } 1432 wbcFreeMemory(names); 1433 wbcFreeMemory(domains); 1406 1434 return true; 1407 1435 } … … 1445 1473 { 1446 1474 char *prompt; 1447 const char *ret = NULL; 1475 char buf[1024] = {0}; 1476 int rc; 1448 1477 1449 1478 prompt = talloc_asprintf(mem_ctx, "Enter %s's ", username); … … 1462 1491 } 1463 1492 1464 r et = getpass(prompt);1493 rc = samba_getpass(prompt, buf, sizeof(buf), false, false); 1465 1494 TALLOC_FREE(prompt); 1466 1467 return talloc_strdup(mem_ctx, ret); 1495 if (rc < 0) { 1496 return NULL; 1497 } 1498 1499 return talloc_strdup(mem_ctx, buf); 1468 1500 } 1469 1501 … … 1553 1585 if (error) { 1554 1586 d_fprintf(stderr, 1555 "error code was %s (0x%x)\nerror message was: %s\n", 1556 error->nt_string, 1587 "wbcLogonUser(%s): error code was %s (0x%x)\n" 1588 "error message was: %s\n", 1589 params.username, error->nt_string, 1557 1590 error->nt_status, 1558 1591 error->display_string); … … 1725 1758 if (wbc_status == WBC_ERR_AUTH_ERROR) { 1726 1759 d_fprintf(stderr, 1727 "error code was %s (0x%x)\nerror message was: %s\n", 1760 "wbcAuthenticateUserEx(%s%c%s): error code was %s (0x%x)\n" 1761 "error message was: %s\n", 1762 name_domain, 1763 winbind_separator(), 1764 name_user, 1728 1765 err->nt_string, 1729 1766 err->nt_status, … … 1742 1779 /* Authenticate a user with a plaintext password */ 1743 1780 1744 static bool wbinfo_pam_logon(char *username )1781 static bool wbinfo_pam_logon(char *username, bool verbose) 1745 1782 { 1746 1783 wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; 1747 1784 struct wbcLogonUserParams params; 1785 struct wbcLogonUserInfo *info = NULL; 1748 1786 struct wbcAuthErrorInfo *error = NULL; 1749 1787 char *s = NULL; … … 1790 1828 } 1791 1829 1792 wbc_status = wbcLogonUser(¶ms, NULL, &error, NULL); 1830 wbc_status = wbcLogonUser(¶ms, &info, &error, NULL); 1831 1832 if (verbose && (info != NULL)) { 1833 struct wbcAuthUserInfo *i = info->info; 1834 uint32_t j; 1835 1836 if (i->account_name != NULL) { 1837 d_printf("account_name: %s\n", i->account_name); 1838 } 1839 if (i->user_principal != NULL) { 1840 d_printf("user_principal: %s\n", i->user_principal); 1841 } 1842 if (i->full_name != NULL) { 1843 d_printf("full_name: %s\n", i->full_name); 1844 } 1845 if (i->domain_name != NULL) { 1846 d_printf("domain_name: %s\n", i->domain_name); 1847 } 1848 if (i->dns_domain_name != NULL) { 1849 d_printf("dns_domain_name: %s\n", i->dns_domain_name); 1850 } 1851 if (i->logon_server != NULL) { 1852 d_printf("logon_server: %s\n", i->logon_server); 1853 } 1854 if (i->logon_script != NULL) { 1855 d_printf("logon_script: %s\n", i->logon_script); 1856 } 1857 if (i->profile_path != NULL) { 1858 d_printf("profile_path: %s\n", i->profile_path); 1859 } 1860 if (i->home_directory != NULL) { 1861 d_printf("home_directory: %s\n", i->home_directory); 1862 } 1863 if (i->home_drive != NULL) { 1864 d_printf("home_drive: %s\n", i->home_drive); 1865 } 1866 1867 d_printf("sids:"); 1868 1869 for (j=0; j<i->num_sids; j++) { 1870 char buf[WBC_SID_STRING_BUFLEN]; 1871 wbcSidToStringBuf(&i->sids[j].sid, buf, sizeof(buf)); 1872 d_printf(" %s", buf); 1873 } 1874 d_printf("\n"); 1875 1876 wbcFreeMemory(info); 1877 info = NULL; 1878 } 1793 1879 1794 1880 wbcFreeMemory(params.blobs); … … 1799 1885 if (!WBC_ERROR_IS_OK(wbc_status) && (error != NULL)) { 1800 1886 d_fprintf(stderr, 1801 "error code was %s (0x%x)\nerror message was: %s\n", 1887 "wbcLogonUser(%s): error code was %s (0x%x)\n" 1888 "error message was: %s\n", 1889 params.username, 1802 1890 error->nt_string, 1803 1891 (int)error->nt_status, … … 1869 1957 } else { 1870 1958 fstrcpy(request.data.auth.user, username); 1871 fstrcpy(request.data.auth.pass, getpass("Password: ")); 1959 (void) samba_getpass("Password: ", 1960 request.data.auth.pass, 1961 sizeof(request.data.auth.pass), 1962 false, false); 1872 1963 } 1873 1964 1874 1965 request.flags |= WBFLAG_PAM_AFS_TOKEN; 1875 1966 1876 result = winbindd_request_response( WINBINDD_PAM_AUTH, &request,1967 result = winbindd_request_response(NULL, WINBINDD_PAM_AUTH, &request, 1877 1968 &response); 1878 1969 … … 1924 2015 /* Send request to winbind daemon */ 1925 2016 1926 /* '.' is the special sign for our own domain */ 1927 if (domain && strcmp(domain, ".") == 0) { 2017 if (domain == NULL) { 1928 2018 domain = get_winbind_domain(); 2019 } else { 2020 /* '.' is the special sign for our own domain */ 2021 if ((domain[0] == '\0') || strcmp(domain, ".") == 0) { 2022 domain = get_winbind_domain(); 2023 /* '*' is the special sign for all domains */ 2024 } else if (strcmp(domain, "*") == 0) { 2025 domain = NULL; 2026 } 1929 2027 } 1930 2028 … … 1954 2052 /* Send request to winbind daemon */ 1955 2053 1956 /* '.' is the special sign for our own domain */ 1957 if (domain && strcmp(domain, ".") == 0) { 2054 if (domain == NULL) { 1958 2055 domain = get_winbind_domain(); 2056 } else { 2057 /* '.' is the special sign for our own domain */ 2058 if ((domain[0] == '\0') || strcmp(domain, ".") == 0) { 2059 domain = get_winbind_domain(); 2060 /* '*' is the special sign for all domains */ 2061 } else if (strcmp(domain, "*") == 0) { 2062 domain = NULL; 2063 } 1959 2064 } 1960 2065 … … 2062 2167 OPT_LOGOFF_USER, 2063 2168 OPT_LOGOFF_UID, 2064 OPT_LANMAN 2169 OPT_LANMAN, 2170 OPT_KRB5CCNAME 2065 2171 }; 2066 2172 2067 int main(int argc, c har **argv, char **envp)2173 int main(int argc, const char **argv, char **envp) 2068 2174 { 2069 2175 int opt; … … 2081 2187 char *logoff_user = getenv("USER"); 2082 2188 int logoff_uid = geteuid(); 2189 const char *opt_krb5ccname = "FILE"; 2083 2190 2084 2191 struct poptOption long_options[] = { … … 2162 2269 /* destroys wbinfo --help output */ 2163 2270 /* "user%password,DOM\\user%password,user@EXAMPLE.COM,EXAMPLE.COM\\user%password" }, */ 2271 { "krb5ccname", 0, POPT_ARG_STRING, &opt_krb5ccname, OPT_KRB5CCNAME, "authenticate user using Kerberos and specific credential cache type", "krb5ccname" }, 2164 2272 #endif 2165 2273 { "separator", 0, POPT_ARG_NONE, 0, OPT_SEPARATOR, "Get the active winbind separator", NULL }, … … 2173 2281 2174 2282 /* Samba client initialisation */ 2175 load_case_tables();2283 smb_init_locale(); 2176 2284 2177 2285 2178 2286 /* Parse options */ 2179 2287 2180 pc = poptGetContext("wbinfo", argc, (const char **)argv,2288 pc = poptGetContext("wbinfo", argc, argv, 2181 2289 long_options, 0); 2182 2290 … … 2382 2490 break; 2383 2491 case 'P': 2384 if (!wbinfo_ping_dc()) { 2385 d_fprintf(stderr, "Could not ping our DC\n"); 2492 if (!wbinfo_ping_dc(opt_domain_name)) { 2386 2493 goto done; 2387 2494 } … … 2509 2616 } 2510 2617 case OPT_PAM_LOGON: 2511 if (!wbinfo_pam_logon(string_arg )) {2618 if (!wbinfo_pam_logon(string_arg, verbose)) { 2512 2619 d_fprintf(stderr, "pam_logon failed for %s\n", 2513 2620 string_arg); … … 2532 2639 WBFLAG_PAM_CONTACT_TRUSTDOM; 2533 2640 2534 if (!wbinfo_auth_krb5(string_arg, "FILE",2641 if (!wbinfo_auth_krb5(string_arg, opt_krb5ccname, 2535 2642 flags)) { 2536 2643 d_fprintf(stderr, … … 2538 2645 "[%s] with Kerberos " 2539 2646 "(ccache: %s)\n", string_arg, 2540 "FILE");2647 opt_krb5ccname); 2541 2648 goto done; 2542 2649 } … … 2618 2725 case OPT_LOGOFF_USER: 2619 2726 case OPT_LOGOFF_UID: 2727 case OPT_KRB5CCNAME: 2620 2728 break; 2621 2729 default: -
vendor/current/nsswitch/winbind_client.h
r740 r988 7 7 Copyright (C) Andrew Tridgell 2000 8 8 Copyright (C) Andrew Bartlett 2002 9 Copyright (C) Matthew Newton 2015 9 10 10 11 … … 29 30 #include "winbind_struct_protocol.h" 30 31 32 struct winbindd_context; 33 34 struct winbindd_context *winbindd_ctx_create(void); 35 void winbindd_ctx_free(struct winbindd_context *ctx); 36 31 37 void winbindd_free_response(struct winbindd_response *response); 32 NSS_STATUS winbindd_send_request(int req_type, int need_priv, 38 NSS_STATUS winbindd_send_request(struct winbindd_context *ctx, 39 int req_type, int need_priv, 33 40 struct winbindd_request *request); 34 NSS_STATUS winbindd_get_response(struct winbindd_response *response); 35 NSS_STATUS winbindd_request_response(int req_type, 36 struct winbindd_request *request, 37 struct winbindd_response *response); 38 NSS_STATUS winbindd_priv_request_response(int req_type, 41 NSS_STATUS winbindd_get_response(struct winbindd_context *ctx, 42 struct winbindd_response *response); 43 NSS_STATUS winbindd_request_response(struct winbindd_context *ctx, 44 int req_type, 45 struct winbindd_request *request, 46 struct winbindd_response *response); 47 NSS_STATUS winbindd_priv_request_response(struct winbindd_context *ctx, 48 int req_type, 39 49 struct winbindd_request *request, 40 50 struct winbindd_response *response); 51 41 52 #define winbind_env_set() \ 42 53 (strcmp(getenv(WINBINDD_DONT_ENV)?getenv(WINBINDD_DONT_ENV):"0","1") == 0) -
vendor/current/nsswitch/winbind_krb5_locator.c
r746 r988 143 143 case AF_UNSPEC: 144 144 case AF_INET: 145 break;146 145 #if defined(HAVE_IPV6) 147 146 case AF_INET6: 148 break; 149 #endif 147 #endif 148 break; 150 149 default: 151 150 return EINVAL; -
vendor/current/nsswitch/winbind_nss_aix.c
r414 r988 280 280 request.data.gid = gid; 281 281 282 ret = winbindd_request_response(WINBINDD_GETGRGID, &request, &response); 282 ret = winbindd_request_response(NULL, WINBINDD_GETGRGID, 283 &request, &response); 283 284 284 285 logit("getgrgid ret=%d\n", ret); … … 312 313 STRCPY_RETNULL(request.data.groupname, name); 313 314 314 ret = winbindd_request_response(WINBINDD_GETGRNAM, &request, &response); 315 ret = winbindd_request_response(NULL, WINBINDD_GETGRNAM, 316 &request, &response); 315 317 316 318 HANDLE_ERRORS(ret); … … 371 373 } 372 374 373 ret = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response); 375 ret = winbindd_request_response(NULL, WINBINDD_GETGROUPS, 376 &request, &response); 374 377 375 378 HANDLE_ERRORS(ret); … … 410 413 request.data.uid = uid; 411 414 412 ret = winbindd_request_response(WINBINDD_GETPWUID, &request, &response); 415 ret = winbindd_request_response(NULL, WINBINDD_GETPWUID, 416 &request, &response); 413 417 414 418 HANDLE_ERRORS(ret); … … 443 447 STRCPY_RETNULL(request.data.username, name); 444 448 445 ret = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response); 449 ret = winbindd_request_response(NULL, WINBINDD_GETPWNAM, 450 &request, &response); 446 451 447 452 HANDLE_ERRORS(ret); … … 476 481 ZERO_STRUCT(response); 477 482 478 ret = winbindd_request_response(WINBINDD_LIST_USERS, &request, &response); 483 ret = winbindd_request_response(NULL, WINBINDD_LIST_USERS, 484 &request, &response); 479 485 if (ret != 0) { 480 486 errno = EINVAL; … … 524 530 ZERO_STRUCT(response); 525 531 526 ret = winbindd_request_response(WINBINDD_LIST_GROUPS, &request, &response); 532 ret = winbindd_request_response(NULL, WINBINDD_LIST_GROUPS, 533 &request, &response); 527 534 if (ret != 0) { 528 535 errno = EINVAL; … … 603 610 request.data.uid = pwd->pw_uid; 604 611 605 if (winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response) != 612 if (winbindd_request_response(NULL, WINBINDD_UID_TO_SID, 613 &request, &response) != 606 614 NSS_STATUS_SUCCESS) { 607 615 r.attr_flag = ENOENT; … … 889 897 } 890 898 891 result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response); 899 result = winbindd_request_response(NULL, WINBINDD_PAM_AUTH, 900 &request, &response); 892 901 893 902 winbindd_free_response(&response); … … 938 947 } 939 948 940 result = winbindd_request_response(WINBINDD_PAM_CHAUTHTOK, &request, &response); 949 result = winbindd_request_response(NULL, WINBINDD_PAM_CHAUTHTOK, 950 &request, &response); 941 951 942 952 winbindd_free_response(&response); -
vendor/current/nsswitch/winbind_nss_config.h
r414 r988 28 28 #endif 29 29 30 /*31 * we don't need socket wrapper32 * nor nss wrapper here and we don't33 * want to depend on swrap_close()34 * so we better disable both35 */36 #define SOCKET_WRAPPER_NOT_REPLACE37 #define NSS_WRAPPER_NOT_REPLACE38 39 30 /* Include header files from data in config.h file */ 40 31 … … 55 46 #define FSTRING_LEN 256 56 47 typedef char fstring[FSTRING_LEN]; 57 #define fstrcpy(d,s) safe_strcpy((d),(s),sizeof(fstring)-1) 48 #ifndef fstrcpy 49 #define fstrcpy(d,s) \ 50 do { \ 51 const char *_fstrcpy_src = (const char *)(s); \ 52 strlcpy((d),_fstrcpy_src ? _fstrcpy_src : "",sizeof(fstring)); \ 53 } while (0) 54 #endif 58 55 #endif 59 56 -
vendor/current/nsswitch/winbind_nss_freebsd.c
r597 r988 6 6 7 7 Copyright (C) Aaron Collins 2003 8 Copyright (C) Timur I. Bakeyev 2013 8 9 9 10 This library is free software; you can redistribute it and/or … … 24 25 25 26 /* Make sure that the module gets registered needed by freebsd 5.1 */ 26 27 27 extern enum nss_status _nss_winbind_getgrent_r(struct group *, char *, size_t, 28 28 int *); … … 33 33 extern enum nss_status _nss_winbind_setgrent(void); 34 34 extern enum nss_status _nss_winbind_endgrent(void); 35 extern enum nss_status _nss_winbind_initgroups_dyn(char *, gid_t, long int *, 36 long int *, gid_t **, long int , int *); 35 37 36 38 extern enum nss_status _nss_winbind_getpwent_r(struct passwd *, char *, size_t, … … 42 44 extern enum nss_status _nss_winbind_setpwent(void); 43 45 extern enum nss_status _nss_winbind_endpwent(void); 46 ns_mtab *nss_module_register(const char *, unsigned int *, nss_module_unregister_fn *); 44 47 45 48 NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r); … … 54 57 NSS_METHOD_PROTOTYPE(__nss_compat_setpwent); 55 58 NSS_METHOD_PROTOTYPE(__nss_compat_endpwent); 59 NSS_METHOD_PROTOTYPE(__nss_compat_endpwent); 60 61 NSS_METHOD_PROTOTYPE(__freebsd_getgroupmembership); 56 62 57 63 static ns_mtab methods[] = { … … 61 67 { NSDB_GROUP, "setgrent", __nss_compat_setgrent, _nss_winbind_setgrent }, 62 68 { NSDB_GROUP, "endgrent", __nss_compat_endgrent, _nss_winbind_endgrent }, 69 { NSDB_GROUP, "getgroupmembership", __freebsd_getgroupmembership, NULL }, 63 70 64 71 { NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, _nss_winbind_getpwnam_r }, … … 70 77 }; 71 78 79 /* Taken from libc */ 80 static int 81 gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *grpcnt) 82 { 83 int ret, dupc; 84 85 /* skip duplicates */ 86 for (dupc = 0; dupc < MIN(maxgrp, *grpcnt); dupc++) { 87 if (groups[dupc] == gid) 88 return 1; 89 } 90 91 ret = 1; 92 if (*grpcnt < maxgrp) /* add this gid */ 93 groups[*grpcnt] = gid; 94 else 95 ret = 0; 96 97 (*grpcnt)++; 98 99 return ret; 100 } 101 102 /* 103 rv = _nsdispatch(NULL, dtab, NSDB_GROUP, "getgroupmembership", 104 defaultsrc, uname, agroup, groups, maxgrp, grpcnt); 105 */ 106 107 int 108 __freebsd_getgroupmembership(void *retval, void *mdata, va_list ap) 109 { 110 const char *uname = va_arg(ap, const char *); 111 gid_t group = va_arg(ap, gid_t); 112 gid_t *groups = va_arg(ap, gid_t *); 113 int maxgrp = va_arg(ap, int); 114 int *groupc = va_arg(ap, int *); 115 116 NSS_STATUS ret; 117 long int lcount, lsize; 118 int i, errnop; 119 gid_t *tmpgroups; 120 121 /* Can be realloc() inside _nss_winbind_initgroups_dyn() */ 122 if ((tmpgroups=calloc(maxgrp, sizeof(gid_t))) == NULL) { 123 errno = ENOMEM; 124 return NS_TRYAGAIN; 125 } 126 127 lcount = 0; 128 lsize = maxgrp; 129 /* insert primary membership(possibly already there) */ 130 gr_addgid(group, groups, maxgrp, groupc); 131 /* Don't limit number of groups, we want to know total size */ 132 ret = _nss_winbind_initgroups_dyn(uname, group, &lcount, &lsize, 133 &tmpgroups, 0, &errnop); 134 if (ret == NSS_STATUS_SUCCESS) { 135 /* lcount potentially can be bigger than maxgrp, so would groupc */ 136 for (i = 0; i < lcount; i++) 137 gr_addgid(tmpgroups[i], groups, maxgrp, groupc); 138 } 139 free(tmpgroups); 140 /* Let following nsswitch backend(s) add more groups(?) */ 141 return NSS_STATUS_NOTFOUND; 142 } 143 72 144 ns_mtab * 73 145 nss_module_register(const char *source, unsigned int *mtabsize, -
vendor/current/nsswitch/winbind_nss_linux.c
r740 r988 288 288 289 289 static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr, 290 c har *gr_mem, char **buffer, size_t *buflen)290 const char *gr_mem, char **buffer, size_t *buflen) 291 291 { 292 292 char *name; … … 323 323 /* Group membership */ 324 324 325 if ( (gr->num_gr_mem < 0) ||!gr_mem) {325 if (!gr_mem) { 326 326 gr->num_gr_mem = 0; 327 327 } … … 402 402 } 403 403 404 ret = winbindd_request_response( WINBINDD_SETPWENT, NULL, NULL);404 ret = winbindd_request_response(NULL, WINBINDD_SETPWENT, NULL, NULL); 405 405 #ifdef DEBUG_NSS 406 406 fprintf(stderr, "[%5d]: setpwent returns %s (%d)\n", getpid(), … … 433 433 } 434 434 435 ret = winbindd_request_response( WINBINDD_ENDPWENT, NULL, NULL);435 ret = winbindd_request_response(NULL, WINBINDD_ENDPWENT, NULL, NULL); 436 436 #ifdef DEBUG_NSS 437 437 fprintf(stderr, "[%5d]: endpwent returns %s (%d)\n", getpid(), … … 482 482 request.data.num_entries = MAX_GETPWENT_USERS; 483 483 484 ret = winbindd_request_response( WINBINDD_GETPWENT, &request,484 ret = winbindd_request_response(NULL, WINBINDD_GETPWENT, &request, 485 485 &getpwent_response); 486 486 … … 570 570 request.data.uid = uid; 571 571 572 ret = winbindd_request_response( WINBINDD_GETPWUID, &request, &response);572 ret = winbindd_request_response(NULL, WINBINDD_GETPWUID, &request, &response); 573 573 574 574 if (ret == NSS_STATUS_SUCCESS) { … … 646 646 [sizeof(request.data.username) - 1] = '\0'; 647 647 648 ret = winbindd_request_response( WINBINDD_GETPWNAM, &request, &response);648 ret = winbindd_request_response(NULL, WINBINDD_GETPWNAM, &request, &response); 649 649 650 650 if (ret == NSS_STATUS_SUCCESS) { … … 717 717 } 718 718 719 ret = winbindd_request_response( WINBINDD_SETGRENT, NULL, NULL);719 ret = winbindd_request_response(NULL, WINBINDD_SETGRENT, NULL, NULL); 720 720 #ifdef DEBUG_NSS 721 721 fprintf(stderr, "[%5d]: setgrent returns %s (%d)\n", getpid(), … … 749 749 } 750 750 751 ret = winbindd_request_response( WINBINDD_ENDGRENT, NULL, NULL);751 ret = winbindd_request_response(NULL, WINBINDD_ENDGRENT, NULL, NULL); 752 752 #ifdef DEBUG_NSS 753 753 fprintf(stderr, "[%5d]: endgrent returns %s (%d)\n", getpid(), … … 800 800 request.data.num_entries = MAX_GETGRENT_USERS; 801 801 802 ret = winbindd_request_response( cmd, &request,802 ret = winbindd_request_response(NULL, cmd, &request, 803 803 &getgrent_response); 804 804 … … 919 919 [sizeof(request.data.groupname) - 1] = '\0'; 920 920 921 ret = winbindd_request_response(WINBINDD_GETGRNAM, &request, &response); 921 ret = winbindd_request_response(NULL, WINBINDD_GETGRNAM, 922 &request, &response); 922 923 923 924 if (ret == NSS_STATUS_SUCCESS) { … … 997 998 request.data.gid = gid; 998 999 999 ret = winbindd_request_response(WINBINDD_GETGRGID, &request, &response); 1000 ret = winbindd_request_response(NULL, WINBINDD_GETGRGID, 1001 &request, &response); 1000 1002 1001 1003 if (ret == NSS_STATUS_SUCCESS) { … … 1070 1072 sizeof(request.data.username) - 1); 1071 1073 1072 ret = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response); 1074 ret = winbindd_request_response(NULL, WINBINDD_GETGROUPS, 1075 &request, &response); 1073 1076 1074 1077 if (ret == NSS_STATUS_SUCCESS) { … … 1099 1102 1100 1103 if (gid_list[i] == group) { 1104 continue; 1105 } 1106 1107 /* Skip groups without a mapping */ 1108 if (gid_list[i] == (uid_t)-1) { 1101 1109 continue; 1102 1110 } … … 1177 1185 request.data.sid[sizeof(request.data.sid) - 1] = '\0'; 1178 1186 1179 ret = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response); 1187 ret = winbindd_request_response(NULL, WINBINDD_GETUSERSIDS, 1188 &request, &response); 1180 1189 1181 1190 if (ret != NSS_STATUS_SUCCESS) { … … 1229 1238 request.data.name.name[sizeof(request.data.name.name) - 1] = '\0'; 1230 1239 1231 ret = winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response); 1240 ret = winbindd_request_response(NULL, WINBINDD_LOOKUPNAME, 1241 &request, &response); 1232 1242 if (ret != NSS_STATUS_SUCCESS) { 1233 1243 *errnop = errno = EINVAL; … … 1279 1289 /* we need to fetch the separator first time through */ 1280 1290 if (!sep_char) { 1281 ret = winbindd_request_response(WINBINDD_INFO, &request, &response); 1291 ret = winbindd_request_response(NULL, WINBINDD_INFO, 1292 &request, &response); 1282 1293 if (ret != NSS_STATUS_SUCCESS) { 1283 1294 *errnop = errno = EINVAL; … … 1294 1305 request.data.sid[sizeof(request.data.sid) - 1] = '\0'; 1295 1306 1296 ret = winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response); 1307 ret = winbindd_request_response(NULL, WINBINDD_LOOKUPSID, 1308 &request, &response); 1297 1309 if (ret != NSS_STATUS_SUCCESS) { 1298 1310 *errnop = errno = EINVAL; … … 1350 1362 request.data.sid[sizeof(request.data.sid) - 1] = '\0'; 1351 1363 1352 ret = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response); 1364 ret = winbindd_request_response(NULL, WINBINDD_SID_TO_UID, 1365 &request, &response); 1353 1366 if (ret != NSS_STATUS_SUCCESS) { 1354 1367 *errnop = errno = EINVAL; … … 1389 1402 request.data.sid[sizeof(request.data.sid) - 1] = '\0'; 1390 1403 1391 ret = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response); 1404 ret = winbindd_request_response(NULL, WINBINDD_SID_TO_GID, 1405 &request, &response); 1392 1406 if (ret != NSS_STATUS_SUCCESS) { 1393 1407 *errnop = errno = EINVAL; … … 1428 1442 request.data.uid = uid; 1429 1443 1430 ret = winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response); 1444 ret = winbindd_request_response(NULL, WINBINDD_UID_TO_SID, 1445 &request, &response); 1431 1446 if (ret != NSS_STATUS_SUCCESS) { 1432 1447 *errnop = errno = EINVAL; … … 1476 1491 request.data.gid = gid; 1477 1492 1478 ret = winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response); 1493 ret = winbindd_request_response(NULL, WINBINDD_GID_TO_SID, 1494 &request, &response); 1479 1495 if (ret != NSS_STATUS_SUCCESS) { 1480 1496 *errnop = errno = EINVAL; -
vendor/current/nsswitch/winbind_nss_netbsd.c
r414 r988 229 229 strncpy(request.data.username, uname, 230 230 sizeof(request.data.username) - 1); 231 i = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response); 231 i = winbindd_request_response(NULL, WINBINDD_GETGROUPS, 232 &request, &response); 232 233 if (i != NSS_STATUS_SUCCESS) 233 234 return NS_NOTFOUND; -
vendor/current/nsswitch/winbind_nss_solaris.c
r414 r988 26 26 27 27 #undef DEVELOPER 28 28 29 29 30 #include "winbind_client.h" … … 33 34 #include <string.h> 34 35 #include <pwd.h> 35 #include "includes.h"36 36 #include <syslog.h> 37 37 38 #if !defined(HPUX) 38 39 #include <sys/syslog.h> … … 47 48 #else 48 49 #define NSS_DEBUG(str) ; 50 #endif 51 52 #if !defined(SMB_MALLOC_P) 53 #define SMB_MALLOC_P(type) (type *)malloc(sizeof(type)) 49 54 #endif 50 55 … … 255 260 NSS_ARGS(args)->returnval = (void*) result; 256 261 262 if (NSS_ARGS(args)->erange == ERANGE && ret == NSS_STATUS_TRYAGAIN) 263 return NSS_STATUS_UNAVAIL; 264 257 265 return ret; 258 266 } … … 273 281 if(ret == NSS_STATUS_SUCCESS) 274 282 NSS_ARGS(args)->returnval = (void*) result; 283 284 if (NSS_ARGS(args)->erange == ERANGE && ret == NSS_STATUS_TRYAGAIN) 285 return NSS_STATUS_UNAVAIL; 275 286 276 287 return ret; … … 511 522 request.data.winsreq[sizeof(request.data.winsreq) - 1] = '\0'; 512 523 513 if( (ret = winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response)) 524 if( (ret = winbindd_request_response(NULL, WINBINDD_WINS_BYNAME, 525 &request, &response)) 514 526 == NSS_STATUS_SUCCESS ) { 515 527 ret = parse_response(af, argp, &response); … … 534 546 request.data.winsreq[sizeof(request.data.winsreq) - 1] = '\0'; 535 547 536 if( (ret = winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response)) 548 if( (ret = winbindd_request_response(NULL, WINBINDD_WINS_BYNAME, 549 &request, &response)) 537 550 == NSS_STATUS_SUCCESS ) { 538 551 ret = parse_response(AF_INET, argp, &response); … … 573 586 #endif 574 587 575 ret = winbindd_request_response(WINBINDD_WINS_BYIP, &request, &response); 588 ret = winbindd_request_response(NULL, WINBINDD_WINS_BYIP, 589 &request, &response); 576 590 577 591 if( ret == NSS_STATUS_SUCCESS) { -
vendor/current/nsswitch/winbind_nss_solaris.h
r740 r988 26 26 #include <nss_dbdefs.h> 27 27 #include <nsswitch.h> 28 #include "system/passwd.h" 28 29 29 30 typedef nss_status_t NSS_STATUS; -
vendor/current/nsswitch/winbind_struct_protocol.h
r740 r988 26 26 #define WINBINDD_SOCKET_NAME "pipe" /* Name of PF_UNIX socket */ 27 27 28 /* Let the build environment override the public winbindd socket location. This 29 * is needed for launchd support -- jpeach. 28 /* We let the build environment set the public winbindd socket 29 * location. Therefore we no longer set 30 * 31 * #define WINBINDD_SOCKET_DIR "/tmp/.winbindd" 32 * 33 * A number of different distributions set different paths, and so it 34 * needs to come from configure in Samba. External users of this header will 35 * need to know where the path is on their system by some other 36 * mechanism. 30 37 */ 31 #ifndef WINBINDD_SOCKET_DIR 32 #define WINBINDD_SOCKET_DIR "/tmp/.winbindd" /* Name of PF_UNIX dir */ 33 #endif 34 35 /* 36 * when compiled with socket_wrapper support 37 * the location of the WINBINDD_SOCKET_DIR 38 * can be overwritten via an environment variable 39 */ 40 #define WINBINDD_SOCKET_DIR_ENVVAR "WINBINDD_SOCKET_DIR" 41 42 #define WINBINDD_PRIV_SOCKET_SUBDIR "winbindd_privileged" /* name of subdirectory of lp_lockdir() to hold the 'privileged' pipe */ 38 39 #define WINBINDD_PRIV_SOCKET_SUBDIR "winbindd_privileged" /* name of subdirectory of lp_lock_directory() to hold the 'privileged' pipe */ 43 40 #define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN" /* Environment variables */ 44 41 #define WINBINDD_DONT_ENV "_NO_WINBINDD" … … 206 203 } WINBINDD_GR; 207 204 208 /* PAM specific request flags */205 /* Request flags */ 209 206 #define WBFLAG_PAM_INFO3_NDR 0x00000001 210 207 #define WBFLAG_PAM_INFO3_TEXT 0x00000002 … … 212 209 #define WBFLAG_PAM_LMKEY 0x00000008 213 210 #define WBFLAG_PAM_CONTACT_TRUSTDOM 0x00000010 211 #define WBFLAG_QUERY_ONLY 0x00000020 /* not used */ 212 #define WBFLAG_PAM_AUTH_PAC 0x00000040 214 213 #define WBFLAG_PAM_UNIX_NAME 0x00000080 215 214 #define WBFLAG_PAM_AFS_TOKEN 0x00000100 216 215 #define WBFLAG_PAM_NT_STATUS_SQUASH 0x00000200 216 /* This is a flag that can only be sent from parent to child */ 217 #define WBFLAG_IS_PRIVILEGED 0x00000400 /* not used */ 218 /* Flag to say this is a winbindd internal send - don't recurse. */ 219 #define WBFLAG_RECURSE 0x00000800 217 220 #define WBFLAG_PAM_KRB5 0x00001000 218 221 #define WBFLAG_PAM_FALLBACK_AFTER_KRB5 0x00002000 219 222 #define WBFLAG_PAM_CACHED_LOGIN 0x00004000 220 223 #define WBFLAG_PAM_GET_PWD_POLICY 0x00008000 221 222 /* generic request flags */223 #define WBFLAG_QUERY_ONLY 0x00000020 /* not used */224 /* This is a flag that can only be sent from parent to child */225 #define WBFLAG_IS_PRIVILEGED 0x00000400 /* not used */226 /* Flag to say this is a winbindd internal send - don't recurse. */227 #define WBFLAG_RECURSE 0x00000800228 224 /* Flag to tell winbind the NTLMv2 blob is too big for the struct and is in the 229 225 * extra_data field */ … … 491 487 uint8_t session_key[16]; 492 488 uint32_t auth_blob_len; /* blob in extra_data */ 489 uint8_t new_spnego; 493 490 } ccache_ntlm_auth; 494 491 struct { -
vendor/current/nsswitch/wins.c
r740 r988 21 21 #include "includes.h" 22 22 #include "nsswitch/winbind_nss.h" 23 #include "nsswitch/libwbclient/wbclient.h" 23 24 24 25 #ifdef HAVE_NS_API_H … … 38 39 #define INADDRSZ 4 39 40 #endif 40 41 static int initialised;42 41 43 42 NSS_STATUS _nss_wins_gethostbyname_r(const char *hostname, struct hostent *he, … … 46 45 char *buffer, size_t buflen, int *h_errnop); 47 46 48 static void nss_wins_init(void) 49 { 50 initialised = 1; 51 load_case_tables_library(); 52 lp_set_cmdline("log level", "0"); 53 54 TimeInit(); 55 setup_logging("nss_wins",False); 56 lp_load(get_dyn_CONFIGFILE(),True,False,False,True); 57 load_interfaces(); 58 } 59 60 static struct in_addr *lookup_byname_backend(const char *name, int *count) 61 { 62 struct ip_service *address = NULL; 63 struct in_addr *ret = NULL; 64 int j; 65 66 if (!initialised) { 67 nss_wins_init(); 68 } 69 70 *count = 0; 71 72 /* always try with wins first */ 73 if (NT_STATUS_IS_OK(resolve_wins(name,0x00,&address,count))) { 74 if ( (ret = SMB_MALLOC_P(struct in_addr)) == NULL ) { 75 free( address ); 76 return NULL; 77 } 78 if (address[0].ss.ss_family != AF_INET) { 79 free(address); 80 free(ret); 81 return NULL; 82 } 83 *ret = ((struct sockaddr_in *)(void *)&address[0].ss) 84 ->sin_addr; 85 free( address ); 86 return ret; 87 } 88 89 /* uggh, we have to broadcast to each interface in turn */ 90 for (j=iface_count() - 1;j >= 0;j--) { 91 const struct in_addr *bcast = iface_n_bcast_v4(j); 92 struct sockaddr_storage ss; 93 struct sockaddr_storage *pss; 94 NTSTATUS status; 95 96 if (!bcast) { 97 continue; 98 } 99 in_addr_to_sockaddr_storage(&ss, *bcast); 100 status = name_query(name, 0x00, True, True, &ss, 101 NULL, &pss, count, NULL); 102 if (NT_STATUS_IS_OK(status) && (*count > 0)) { 103 if ((ret = SMB_MALLOC_P(struct in_addr)) == NULL) { 104 return NULL; 105 } 106 *ret = ((struct sockaddr_in *)pss)->sin_addr; 107 TALLOC_FREE(pss); 108 break; 109 } 110 } 111 112 return ret; 47 static char *lookup_byname_backend(const char *name) 48 { 49 const char *p; 50 char *ip, *ipp; 51 size_t nbt_len; 52 wbcErr result; 53 54 nbt_len = strlen(name); 55 if (nbt_len > MAX_NETBIOSNAME_LEN - 1) { 56 return NULL; 57 } 58 p = strchr(name, '.'); 59 if (p != NULL) { 60 return NULL; 61 } 62 63 result = wbcResolveWinsByName(name, &ip); 64 if (result != WBC_ERR_SUCCESS) { 65 return NULL; 66 } 67 68 ipp = strchr(ip, '\t'); 69 if (ipp != NULL) { 70 *ipp = '\0'; 71 } 72 73 return ip; 113 74 } 114 75 115 76 #ifdef HAVE_NS_API_H 116 77 117 static struct node_status *lookup_byaddr_backend(char *addr, int *count) 118 { 119 struct sockaddr_storage ss; 120 struct nmb_name nname; 121 struct node_status *result; 122 NTSTATUS status; 123 124 if (!initialised) { 125 nss_wins_init(); 126 } 127 128 make_nmb_name(&nname, "*", 0); 129 if (!interpret_string_addr(&ss, addr, AI_NUMERICHOST)) { 130 return NULL; 131 } 132 status = node_status_query(NULL, &nname, &ss, &result, count, NULL); 133 if (!NT_STATUS_IS_OK(status)) { 134 return NULL; 135 } 136 137 return result; 78 static char *lookup_byaddr_backend(const char *ip) 79 { 80 wbcErr result; 81 char *name = NULL; 82 83 result = wbcResolveWinsByIP(ip, &name); 84 if (result != WBC_ERR_SUCCESS) { 85 return NULL; 86 } 87 88 return name; 138 89 } 139 90 … … 142 93 int init(void) 143 94 { 95 bool ok; 96 144 97 nsd_logprintf(NSD_LOG_MIN, "entering init (wins)\n"); 145 nss_wins_init(); 98 99 ok = nss_wins_init(); 100 if (!ok) { 101 return NSD_ERROR; 102 } 103 146 104 return NSD_OK; 147 105 } … … 152 110 char *key; 153 111 char *addr; 154 struct in_addr *ip_list;155 struct node_status *status;156 112 int i, count, len, size; 157 113 char response[1024]; … … 181 137 * ip_address[ ip_address]*\tname[ alias]* 182 138 */ 183 if (StrCaseCmp(map,"hosts.byaddr") == 0) { 184 if ( status = lookup_byaddr_backend(key, &count)) { 185 size = strlen(key) + 1; 186 if (size > len) { 187 talloc_free(status); 188 return NSD_ERROR; 189 } 190 len -= size; 191 strncat(response,key,size); 192 strncat(response,"\t",1); 193 for (i = 0; i < count; i++) { 194 /* ignore group names */ 195 if (status[i].flags & 0x80) continue; 196 if (status[i].type == 0x20) { 197 size = sizeof(status[i].name) + 1; 198 if (size > len) { 199 talloc_free(status); 200 return NSD_ERROR; 201 } 202 len -= size; 203 strncat(response, status[i].name, size); 204 strncat(response, " ", 1); 205 found = True; 139 if (strcasecmp_m(map,"hosts.byaddr") == 0) { 140 char *name; 141 142 name = lookup_byaddr_backend(key); 143 if (name != NULL) { 144 size = strlen(key) + 1; 145 if (size > len) { 146 return NSD_ERROR; 206 147 } 207 } 208 response[strlen(response)-1] = '\n'; 209 talloc_free(status); 148 len -= size; 149 strncat(response,key,size); 150 strncat(response,"\t",1); 151 152 size = strlen(name) + 1; 153 if (size > len) { 154 return NSD_ERROR; 155 } 156 len -= size; 157 strncat(response, name, size); 158 strncat(response, " ", 1); 159 found = True; 210 160 } 211 } else if (StrCaseCmp(map,"hosts.byname") == 0) { 212 if (ip_list = lookup_byname_backend(key, &count)) { 213 for (i = count; i ; i--) { 214 addr = inet_ntoa(ip_list[i-1]); 215 size = strlen(addr) + 1; 216 if (size > len) { 217 free(ip_list); 218 return NSD_ERROR; 219 } 220 len -= size; 221 if (i != 0) 222 response[strlen(response)-1] = ' '; 223 strncat(response,addr,size); 224 strncat(response,"\t",1); 161 response[strlen(response)-1] = '\n'; 162 } else if (strcasecmp_m(map,"hosts.byname") == 0) { 163 char *ip; 164 165 ip = lookup_byname_backend(key); 166 if (ip != NULL) { 167 size = strlen(ip) + 1; 168 if (size > len) { 169 wbcFreeMemory(ip); 170 return NSD_ERROR; 171 } 172 len -= size; 173 strncat(response,ip,size); 174 strncat(response,"\t",1); 175 size = strlen(key) + 1; 176 wbcFreeMemory(ip); 177 if (size > len) { 178 return NSD_ERROR; 179 } 180 strncat(response,key,size); 181 strncat(response,"\n",1); 182 183 found = True; 225 184 } 226 size = strlen(key) + 1;227 if (size > len) {228 free(ip_list);229 return NSD_ERROR;230 }231 strncat(response,key,size);232 strncat(response,"\n",1);233 found = True;234 free(ip_list);235 }236 185 } 237 186 … … 252 201 functions. */ 253 202 254 static char *get_static(char **buffer, size_t *buflen, int len)203 static char *get_static(char **buffer, size_t *buflen, size_t len) 255 204 { 256 205 char *result; … … 281 230 { 282 231 NSS_STATUS nss_status = NSS_STATUS_SUCCESS; 283 struct in_addr *ip_list; 284 int i, count; 232 char *ip; 233 struct in_addr in; 234 int i; 285 235 fstring name; 286 236 size_t namelen; 287 TALLOC_CTX *frame;237 int rc; 288 238 289 239 #if HAVE_PTHREAD … … 291 241 #endif 292 242 293 frame = talloc_stackframe();294 295 243 memset(he, '\0', sizeof(*he)); 296 244 fstrcpy(name, hostname); … … 298 246 /* Do lookup */ 299 247 300 ip_list = lookup_byname_backend(name, &count); 301 302 if (!ip_list) { 248 ip = lookup_byname_backend(name); 249 if (ip == NULL) { 303 250 nss_status = NSS_STATUS_NOTFOUND; 304 251 goto out; 305 252 } 306 253 254 rc = inet_pton(AF_INET, ip, &in); 255 wbcFreeMemory(ip); 256 if (rc == 0) { 257 nss_status = NSS_STATUS_TRYAGAIN; 258 goto out; 259 } 260 307 261 /* Copy h_name */ 308 262 … … 310 264 311 265 if ((he->h_name = get_static(&buffer, &buflen, namelen)) == NULL) { 312 free(ip_list);313 266 nss_status = NSS_STATUS_TRYAGAIN; 314 267 goto out; … … 323 276 324 277 if (get_static(&buffer, &buflen, i) == NULL) { 325 free(ip_list);326 278 nss_status = NSS_STATUS_TRYAGAIN; 327 279 goto out; … … 329 281 330 282 if ((he->h_addr_list = (char **)get_static( 331 &buffer, &buflen, (count + 1) * sizeof(char *))) == NULL) { 332 free(ip_list); 333 nss_status = NSS_STATUS_TRYAGAIN; 334 goto out; 335 } 336 337 for (i = 0; i < count; i++) { 338 if ((he->h_addr_list[i] = get_static(&buffer, &buflen, 339 INADDRSZ)) == NULL) { 340 free(ip_list); 341 nss_status = NSS_STATUS_TRYAGAIN; 342 goto out; 343 } 344 memcpy(he->h_addr_list[i], &ip_list[i], INADDRSZ); 345 } 346 347 he->h_addr_list[count] = NULL; 348 349 free(ip_list); 283 &buffer, &buflen, 2 * sizeof(char *))) == NULL) { 284 nss_status = NSS_STATUS_TRYAGAIN; 285 goto out; 286 } 287 288 if ((he->h_addr_list[0] = get_static(&buffer, &buflen, 289 INADDRSZ)) == NULL) { 290 nss_status = NSS_STATUS_TRYAGAIN; 291 goto out; 292 } 293 294 memcpy(he->h_addr_list[0], &in, INADDRSZ); 295 296 he->h_addr_list[1] = NULL; 350 297 351 298 /* Set h_addr_type and h_length */ … … 375 322 376 323 out: 377 378 TALLOC_FREE(frame);379 324 380 325 #if HAVE_PTHREAD -
vendor/current/nsswitch/wscript_build
r740 r988 1 1 #!/usr/bin/env python 2 import Utils 3 import sys 4 host_os = sys.platform 2 5 3 6 bld.SAMBA_LIBRARY('winbind-client', 4 7 source='wb_common.c', 5 8 deps='replace', 6 cflags='-D SOCKET_WRAPPER_DISABLE=1 -DWINBINDD_SOCKET_DIR=\"%s\"' % bld.env.WINBINDD_SOCKET_DIR,9 cflags='-DWINBINDD_SOCKET_DIR=\"%s\"' % bld.env.WINBINDD_SOCKET_DIR, 7 10 private_library=True 8 11 ) … … 10 13 11 14 bld.SAMBA_BINARY('nsstest', 12 source='nsstest.c', 13 deps='replace dl' 14 ) 15 source='nsstest.c', 16 deps='replace dl', 17 install=False 18 ) 15 19 20 # The nss_wrapper code relies strictly on the linux implementation and 21 # name, so compile but do not install a copy under this name. 22 bld.SAMBA_LIBRARY('nss_wrapper_winbind', 23 source='winbind_nss_linux.c', 24 deps='winbind-client', 25 realname='libnss_wrapper_winbind.so.2', 26 install=False, 27 vnum='2') 16 28 17 bld.SAMBA_LIBRARY('nss_winbind', 18 source='winbind_nss_linux.c', 19 deps='winbind-client', 20 realname='libnss_winbind.so.2', 21 vnum='2') 29 # FIXME: original was *linux* | gnu* | k*bsd*-gnu | kopensolaris*-gnu) 30 # the search for .rfind('gnu') covers gnu* and *-gnu is that too broad? 22 31 32 if (Utils.unversioned_sys_platform() == 'linux' or (host_os.rfind('gnu') > -1)): 33 bld.SAMBA_LIBRARY('nss_winbind', 34 keep_underscore=True, 35 source='winbind_nss_linux.c', 36 deps='winbind-client', 37 public_headers=[], 38 public_headers_install=False, 39 pc_files=[], 40 vnum='2') 23 41 24 if bld.CONFIG_SET('WITH_PAM_MODULES') or bld.CONFIG_SET('HAVE_PAM_START'): 42 bld.SAMBA3_LIBRARY('nss_wins', 43 keep_underscore=True, 44 source='wins.c', 45 deps='''wbclient''', 46 public_headers=[], 47 public_headers_install=False, 48 pc_files=[], 49 vnum='2') 50 elif (host_os.rfind('freebsd') > -1): 51 # FreeBSD winbind client is implemented as a wrapper around 52 # the Linux version. 53 bld.SAMBA_LIBRARY('nss_winbind', 54 source='winbind_nss_linux.c winbind_nss_freebsd.c', 55 deps='winbind-client', 56 realname='nss_winbind.so.1', 57 vnum='1') 58 59 bld.SAMBA3_LIBRARY('nss_wins', 60 source='wins.c wins_freebsd.c', 61 deps='''wbclient''', 62 realname='nss_wins.so.1', 63 vnum='1') 64 65 elif (host_os.rfind('netbsd') > -1): 66 # NetBSD winbind client is implemented as a wrapper 67 # around the Linux version. It needs getpwent_r() to 68 # indicate libc's use of the correct nsdispatch API. 69 70 if bld.CONFIG_SET("HAVE_GETPWENT_R"): 71 bld.SAMBA_LIBRARY('nss_winbind', 72 source='winbind_nss_linux.c winbind_nss_netbsd.c', 73 deps='winbind-client', 74 realname='libnss_winbind.so') 75 elif (host_os.rfind('irix') > -1): 76 bld.SAMBA_LIBRARY('ns_winbind', 77 source='winbind_nss_irix.c', 78 deps='winbind-client', 79 realname='libns_winbind.so') 80 81 elif Utils.unversioned_sys_platform() == 'sunos': 82 bld.SAMBA_LIBRARY('nss_winbind', 83 source='winbind_nss_solaris.c winbind_nss_linux.c', 84 deps='winbind-client', 85 realname='nss_winbind.so.1', 86 vnum='1') 87 elif (host_os.rfind('hpux') > -1): 88 bld.SAMBA_LIBRARY('nss_winbind', 89 source='winbind_nss_linux.c', 90 deps='winbind-client', 91 realname='libnss_winbind.so') 92 elif (host_os.rfind('aix') > -1): 93 bld.SAMBA_LIBRARY('nss_winbind', 94 source='winbind_nss_aix.c', 95 deps='winbind-client', 96 realname='WINBIND') 97 98 if bld.CONFIG_SET('WITH_PAM_MODULES') and bld.CONFIG_SET('HAVE_PAM_START'): 25 99 bld.SAMBA_LIBRARY('pamwinbind', 26 100 source='pam_winbind.c', 27 deps=' intl talloc wbclient winbind-client LIBINIPARSER pam',101 deps='talloc wbclient winbind-client tiniparser pam samba_intl', 28 102 cflags='-DLOCALEDIR=\"%s/locale\"' % bld.env.DATADIR, 29 103 realname='pam_winbind.so', 104 install_path='${PAMMODULESDIR}' 30 105 ) 31 106 … … 33 108 bld.SAMBA_LIBRARY('winbind_krb5_locator', 34 109 source='winbind_krb5_locator.c', 35 deps='wbclient krb5 ',110 deps='wbclient krb5 com_err', 36 111 realname='winbind_krb5_locator.so') 37 112 … … 40 115 deps='talloc tevent LIBASYNC_REQ' 41 116 ) 117 118 bld.SAMBA_BINARY('wbinfo', 119 source='wbinfo.c', 120 deps='samba-util LIBCLI_AUTH popt POPT_SAMBA wbclient LIBAFS_SETTOKEN' 121 ) -
vendor/current/nsswitch/wscript_configure
r740 r988 5 5 conf.CHECK_HEADERS('security/pam_appl.h security/pam_modules.h pam/pam_modules.h', together=True) 6 6 conf.CHECK_FUNCS_IN('pam_start', 'pam', checklibc=True, headers='security/pam_appl.h') 7 8 # Solaris 10 does have new member in nss_XbyY_key 9 conf.CHECK_STRUCTURE_MEMBER('union nss_XbyY_key', 'ipnode.af_family', 10 define='HAVE_NSS_XBYY_KEY_IPNODE', 11 headers='nss_dbdefs.h') 12 13 # Solaris has some extra fields in struct passwd that need to be 14 # initialised otherwise nscd crashes. 15 16 conf.CHECK_STRUCTURE_MEMBER('struct passwd', 'pw_comment', 17 define='HAVE_PASSWD_PW_COMMENT', 18 headers='pwd.h') 19 20 conf.CHECK_STRUCTURE_MEMBER('struct passwd', 'pw_age', 21 define='HAVE_PASSWD_PW_AGE', 22 headers='pwd.h')
Note:
See TracChangeset
for help on using the changeset viewer.
