The branch, v3-2-test has been updated via 2cbe5a006a6df79c38f4aaa68d498cd6d5a34dba (commit) via c084ccd70f42ce29ce24565969a9f440dde254e1 (commit) via a4f628d6c9e2a5761c048e268a29e1f5daae4180 (commit) via 57ba71140fbf6b4a5a917fa3248fa76536be883b (commit) from 70b7b331d9e2d915e6209fca5900f41fae4866fd (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log ----------------------------------------------------------------- commit 2cbe5a006a6df79c38f4aaa68d498cd6d5a34dba Author: Stefan Metzmacher <[EMAIL PROTECTED]> Date: Thu Apr 17 00:17:06 2008 +0200 wbinfo: use wbcCheckTrustCredentials() metze commit c084ccd70f42ce29ce24565969a9f440dde254e1 Author: Stefan Metzmacher <[EMAIL PROTECTED]> Date: Wed Apr 16 23:35:12 2008 +0200 libwbclient: add wbcCheckTrustCredentials() This only accepts NULL as domain for now, because winbindd doesn't support checking trust passwords as a domain controller. metze commit a4f628d6c9e2a5761c048e268a29e1f5daae4180 Author: Stefan Metzmacher <[EMAIL PROTECTED]> Date: Mon Apr 14 09:35:15 2008 +0200 wbinfo: use wbcResolveWinsByName() and wbcResolveWinsByIP() metze commit 57ba71140fbf6b4a5a917fa3248fa76536be883b Author: Stefan Metzmacher <[EMAIL PROTECTED]> Date: Mon Apr 14 09:31:46 2008 +0200 libwbclient: add wbcResolveWinsByName() and wbcResolveWinsByIP() metze ----------------------------------------------------------------------- Summary of changes: source/nsswitch/libwbclient/wbc_pam.c | 52 ++++++++++++++++++++ source/nsswitch/libwbclient/wbc_util.c | 81 ++++++++++++++++++++++++++++++++ source/nsswitch/libwbclient/wbclient.h | 12 +++++ source/nsswitch/wbinfo.c | 64 +++++++++++-------------- 4 files changed, 173 insertions(+), 36 deletions(-) Changeset truncated at 500 lines: diff --git a/source/nsswitch/libwbclient/wbc_pam.c b/source/nsswitch/libwbclient/wbc_pam.c index 2b33f55..f6a355a 100644 --- a/source/nsswitch/libwbclient/wbc_pam.c +++ b/source/nsswitch/libwbclient/wbc_pam.c @@ -419,3 +419,55 @@ done: return wbc_status; } + +/** @brief Trigger a verification of the trust credentials of a specific domain + * + * @param *domain The name of the domain, only NULL for the default domain is + * supported yet. Other values than NULL will result in + * WBC_ERR_NOT_IMPLEMENTED. + * @param error Output details on WBC_ERR_AUTH_ERROR + * + * @return #wbcErr + * + **/ +wbcErr wbcCheckTrustCredentials(const char *domain, + struct wbcAuthErrorInfo **error) +{ + struct winbindd_request request; + struct winbindd_response response; + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + const char *name_str; + + if (domain) { + /* + * the current protocol doesn't support + * specifying a domain + */ + wbc_status = WBC_ERR_NOT_IMPLEMENTED; + BAIL_ON_WBC_ERROR(wbc_status); + } + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + wbc_status = wbcRequestResponse(WINBINDD_CHECK_MACHACC, + &request, + &response); + if (response.data.auth.nt_status != 0) { + if (error) { + wbc_status = wbc_create_error_info(NULL, + &response, + error); + BAIL_ON_WBC_ERROR(wbc_status); + } + + wbc_status = WBC_ERR_AUTH_ERROR; + BAIL_ON_WBC_ERROR(wbc_status); + } + BAIL_ON_WBC_ERROR(wbc_status); + + done: + return wbc_status; +} diff --git a/source/nsswitch/libwbclient/wbc_util.c b/source/nsswitch/libwbclient/wbc_util.c index 7bdae91..edcad28 100644 --- a/source/nsswitch/libwbclient/wbc_util.c +++ b/source/nsswitch/libwbclient/wbc_util.c @@ -187,3 +187,84 @@ wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo) return wbc_status; } + + +/** @brief Resolve a NetbiosName via WINS + * + * @param name Name to resolve + * @param *ip Pointer to the ip address string + * + * @return #wbcErr + * + **/ +wbcErr wbcResolveWinsByName(const char *name, const char **ip) +{ + struct winbindd_request request; + struct winbindd_response response; + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + const char *ipaddr; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + strncpy(request.data.winsreq, name, + sizeof(request.data.winsreq)-1); + + wbc_status = wbcRequestResponse(WINBINDD_WINS_BYNAME, + &request, + &response); + BAIL_ON_WBC_ERROR(wbc_status); + + /* Display response */ + + ipaddr = talloc_strdup(NULL, response.data.winsresp); + BAIL_ON_PTR_ERROR(ipaddr, wbc_status); + + *ip = ipaddr; + wbc_status = WBC_ERR_SUCCESS; + + done: + return wbc_status; +} + +/** @brief Resolve an IP address via WINS into a NetbiosName + * + * @param ip The ip address string + * @param *name Pointer to the name + * + * @return #wbcErr + * + **/ +wbcErr wbcResolveWinsByIP(const char *ip, const char **name) +{ + struct winbindd_request request; + struct winbindd_response response; + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + const char *name_str; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + /* Send request */ + + strncpy(request.data.winsreq, ip, + sizeof(request.data.winsreq)-1); + + wbc_status = wbcRequestResponse(WINBINDD_WINS_BYIP, + &request, + &response); + BAIL_ON_WBC_ERROR(wbc_status); + + /* Display response */ + + name_str = talloc_strdup(NULL, response.data.winsresp); + BAIL_ON_PTR_ERROR(name_str, wbc_status); + + *name = name_str; + wbc_status = WBC_ERR_SUCCESS; + + done: + return wbc_status; +} diff --git a/source/nsswitch/libwbclient/wbclient.h b/source/nsswitch/libwbclient/wbclient.h index 4e7e5af..b36b5bb 100644 --- a/source/nsswitch/libwbclient/wbclient.h +++ b/source/nsswitch/libwbclient/wbclient.h @@ -401,4 +401,16 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, struct wbcAuthUserInfo **info, struct wbcAuthErrorInfo **error); +/* + * Resolve functions + */ +wbcErr wbcResolveWinsByName(const char *name, const char **ip); +wbcErr wbcResolveWinsByIP(const char *ip, const char **name); + +/* + * Trusted domain functions + */ +wbcErr wbcCheckTrustCredentials(const char *domain, + struct wbcAuthErrorInfo **error); + #endif /* _WBCLIENT_H */ diff --git a/source/nsswitch/wbinfo.c b/source/nsswitch/wbinfo.c index ba358bd..1e943a5 100644 --- a/source/nsswitch/wbinfo.c +++ b/source/nsswitch/wbinfo.c @@ -297,52 +297,42 @@ static bool wbinfo_get_userdomgroups(const char *user_sid_str) /* Convert NetBIOS name to IP */ -static bool wbinfo_wins_byname(char *name) +static bool wbinfo_wins_byname(const char *name) { - struct winbindd_request request; - struct winbindd_response response; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - fstrcpy(request.data.winsreq, name); + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + const char *ip = NULL; - if (winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response) != - NSS_STATUS_SUCCESS) { + wbc_status = wbcResolveWinsByName(name, &ip); + if (!WBC_ERROR_IS_OK(wbc_status)) { return false; } /* Display response */ - d_printf("%s\n", response.data.winsresp); + d_printf("%s\n", ip); + + wbcFreeMemory(ip); return true; } /* Convert IP to NetBIOS name */ -static bool wbinfo_wins_byip(char *ip) +static bool wbinfo_wins_byip(const char *ip) { - struct winbindd_request request; - struct winbindd_response response; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - /* Send request */ - - fstrcpy(request.data.winsreq, ip); + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + const char *name = NULL; - if (winbindd_request_response(WINBINDD_WINS_BYIP, &request, &response) != - NSS_STATUS_SUCCESS) { + wbc_status = wbcResolveWinsByIP(ip, &name); + if (!WBC_ERROR_IS_OK(wbc_status)) { return false; } /* Display response */ - d_printf("%s\n", response.data.winsresp); + d_printf("%s\n", name); + + wbcFreeMemory(name); return true; } @@ -601,22 +591,24 @@ static bool wbinfo_dsgetdcname(const char *domain_name, uint32_t flags) static bool wbinfo_check_secret(void) { - struct winbindd_response response; - NSS_STATUS result; - - ZERO_STRUCT(response); + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct wbcAuthErrorInfo *error = NULL; - result = winbindd_request_response(WINBINDD_CHECK_MACHACC, NULL, &response); + wbc_status = wbcCheckTrustCredentials(NULL, &error); d_printf("checking the trust secret via RPC calls %s\n", - (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); + WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed"); - if (result != NSS_STATUS_SUCCESS) + if (wbc_status == WBC_ERR_AUTH_ERROR) { d_fprintf(stderr, "error code was %s (0x%x)\n", - response.data.auth.nt_status_string, - response.data.auth.nt_status); + error->nt_string, error->nt_status); + wbcFreeMemory(error); + } + if (!WBC_ERROR_IS_OK(wbc_status)) { + return false; + } - return result == NSS_STATUS_SUCCESS; + return true; } /* Convert uid to sid */ -- Samba Shared Repository