X-Git-Url: http://git.samba.org/?a=blobdiff_plain;f=source3%2Fwinbindd%2Fwinbindd.h;h=081722f6a901bb9317f6a837af2b55e7ce710096;hb=7f2d45a6c2a88dd8833fc66d314ec21507dd52c3;hp=5a8aed193075a7db17e2ece763a5a4aa77a5aae1;hpb=3ae2ed4504c81e197fab5804e9cde7ebeb34d5c2;p=samba.git

diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h
index 5a8aed19307..081722f6a90 100644
--- a/source3/winbindd/winbindd.h
+++ b/source3/winbindd/winbindd.h
@@ -25,9 +25,8 @@
 
 #include "nsswitch/winbind_struct_protocol.h"
 #include "nsswitch/libwbclient/wbclient.h"
-#include "librpc/gen_ndr/wbint.h"
-
-#include "talloc_dict.h"
+#include "librpc/gen_ndr/dcerpc.h"
+#include "librpc/gen_ndr/winbind.h"
 
 #include "../lib/util/tevent_ntstatus.h"
 
@@ -66,10 +65,7 @@ struct winbindd_cli_state {
 	struct winbindd_request *request;         /* Request from client */
 	struct tevent_queue *out_queue;
 	struct winbindd_response *response;        /* Respose to client */
-	bool getpwent_initialized;                /* Has getpwent_state been
-						   * initialized? */
-	bool getgrent_initialized;                /* Has getgrent_state been
-						   * initialized? */
+	struct tevent_req *io_req; /* wb_req_read_* or wb_resp_write_* */
 
 	struct getpwent_state *pwent_state; /* State for getpwent() */
 	struct getgrent_state *grent_state; /* State for getgrent() */
@@ -77,9 +73,8 @@ struct winbindd_cli_state {
 
 struct getpwent_state {
 	struct winbindd_domain *domain;
-	int next_user;
-	int num_users;
-	struct wbint_userinfo *users;
+	uint32_t next_user;
+	struct wbint_RidArray rids;
 };
 
 struct getgrent_state {
@@ -89,22 +84,13 @@ struct getgrent_state {
 	struct wbint_Principal *groups;
 };
 
-/* Storage for cached getpwent() user entries */
-
-struct getpwent_user {
-	fstring name;                        /* Account name */
-	fstring gecos;                       /* User information */
-	fstring homedir;                     /* User Home Directory */
-	fstring shell;                       /* User Login Shell */
-	struct dom_sid user_sid;                    /* NT user and primary group SIDs */
-	struct dom_sid group_sid;
-};
-
 /* Our connection to the DC */
 
 struct winbindd_cm_conn {
 	struct cli_state *cli;
 
+	enum dcerpc_AuthLevel auth_level;
+
 	struct rpc_pipe_client *samr_pipe;
 	struct policy_handle sam_connect_handle, sam_domain_handle;
 
@@ -113,6 +99,8 @@ struct winbindd_cm_conn {
 	struct policy_handle lsa_policy;
 
 	struct rpc_pipe_client *netlogon_pipe;
+	struct netlogon_creds_cli_context *netlogon_creds_ctx;
+	bool netlogon_force_reauth;
 };
 
 /* Async child */
@@ -146,60 +134,46 @@ struct winbindd_child {
 /* Structures to hold per domain information */
 
 struct winbindd_domain {
-	fstring name;                          /* Domain name (NetBIOS) */
-	fstring alt_name;                      /* alt Domain name, if any (FQDN for ADS) */
-	fstring forest_name;                   /* Name of the AD forest we're in */
+	char *name;                            /* Domain name (NetBIOS) */
+	char *alt_name;                        /* alt Domain name, if any (FQDN for ADS) */
+	char *forest_name;                     /* Name of the AD forest we're in */
 	struct dom_sid sid;                           /* SID for this domain */
-	uint32 domain_flags;                   /* Domain flags from netlogon.h */
-	uint32 domain_type;                    /* Domain type from netlogon.h */
-	uint32 domain_trust_attribs;           /* Trust attribs from netlogon.h */
+	enum netr_SchannelType secure_channel_type;
+	uint32_t domain_flags;                   /* Domain flags from netlogon.h */
+	uint32_t domain_type;                    /* Domain type from netlogon.h */
+	uint32_t domain_trust_attribs;           /* Trust attribs from netlogon.h */
+	struct winbindd_domain *routing_domain;
 	bool initialized;		       /* Did we already ask for the domain mode? */
 	bool native_mode;                      /* is this a win2k domain in native mode ? */
 	bool active_directory;                 /* is this a win2k active directory ? */
 	bool primary;                          /* is this our primary domain ? */
 	bool internal;                         /* BUILTIN and member SAM */
+	bool rodc;                             /* Are we an RODC for this AD domain? (do some operations locally) */
 	bool online;			       /* is this domain available ? */
 	time_t startup_time;		       /* When we set "startup" true. monotonic clock */
 	bool startup;                          /* are we in the first 30 seconds after startup_time ? */
 
-	bool can_do_samlogon_ex; /* Due to the lack of finer control what type
-				  * of DC we have, let us try to do a
-				  * credential-chain less samlogon_ex call
-				  * with AD and schannel. If this fails with
-				  * DCERPC_FAULT_OP_RNG_ERROR, then set this
-				  * to False. This variable is around so that
-				  * we don't have to try _ex every time. */
-
 	bool can_do_ncacn_ip_tcp;
-	bool can_do_validation6;
-
-	/* Lookup methods for this domain (LDAP or RPC) */
-	struct winbindd_methods *methods;
 
-	/* the backend methods are used by the cache layer to find the right
-	   backend */
+	/*
+	 * Lookup methods for this domain (LDAP or RPC). The backend
+	 * methods are used by the cache layer.
+	 */
 	struct winbindd_methods *backend;
 
         /* Private data for the backends (used for connection cache) */
 
 	void *private_data;
 
-	/*
-	 * idmap config settings, used to tell the idmap child which
-	 * special domain config to use for a mapping
-	 */
-	bool have_idmap_config;
-	uint32_t id_range_low, id_range_high;
-
 	/* A working DC */
 	pid_t dc_probe_pid; /* Child we're using to detect the DC. */
-	fstring dcname;
+	char *dcname;
 	struct sockaddr_storage dcaddr;
 
 	/* Sequence number stuff */
 
 	time_t last_seq_check;
-	uint32 sequence_number;
+	uint32_t sequence_number;
 	NTSTATUS last_status;
 
 	/* The smb connection */
@@ -210,9 +184,12 @@ struct winbindd_domain {
 
 	struct winbindd_child *children;
 
+	struct tevent_queue *queue;
+	struct dcerpc_binding_handle *binding_handle;
+
 	/* Callback we use to try put us back online. */
 
-	uint32 check_online_timeout;
+	uint32_t check_online_timeout;
 	struct tevent_timer *check_online_event;
 
 	/* Linked list info */
@@ -236,19 +213,18 @@ struct winbindd_methods {
 	/* get a list of users, returning a wbint_userinfo for each one */
 	NTSTATUS (*query_user_list)(struct winbindd_domain *domain,
 				   TALLOC_CTX *mem_ctx,
-				   uint32 *num_entries, 
-				   struct wbint_userinfo **info);
+				   uint32_t **rids);
 
 	/* get a list of domain groups */
 	NTSTATUS (*enum_dom_groups)(struct winbindd_domain *domain,
 				    TALLOC_CTX *mem_ctx,
-				    uint32 *num_entries, 
+				    uint32_t *num_entries,
 				    struct wb_acct_info **info);
 
 	/* get a list of domain local groups */
 	NTSTATUS (*enum_local_groups)(struct winbindd_domain *domain,
 				    TALLOC_CTX *mem_ctx,
-				    uint32 *num_entries, 
+				    uint32_t *num_entries,
 				    struct wb_acct_info **info);
 
 	/* convert one user or group name to a sid */
@@ -271,46 +247,40 @@ struct winbindd_methods {
 	NTSTATUS (*rids_to_names)(struct winbindd_domain *domain,
 				  TALLOC_CTX *mem_ctx,
 				  const struct dom_sid *domain_sid,
-				  uint32 *rids,
+				  uint32_t *rids,
 				  size_t num_rids,
 				  char **domain_name,
 				  char ***names,
 				  enum lsa_SidType **types);
 
-	/* lookup user info for a given SID */
-	NTSTATUS (*query_user)(struct winbindd_domain *domain, 
-			       TALLOC_CTX *mem_ctx, 
-			       const struct dom_sid *user_sid,
-			       struct wbint_userinfo *user_info);
-
 	/* lookup all groups that a user is a member of. The backend
 	   can also choose to lookup by username or rid for this
 	   function */
 	NTSTATUS (*lookup_usergroups)(struct winbindd_domain *domain,
 				      TALLOC_CTX *mem_ctx,
 				      const struct dom_sid *user_sid,
-				      uint32 *num_groups, struct dom_sid **user_gids);
+				      uint32_t *num_groups, struct dom_sid **user_gids);
 
 	/* Lookup all aliases that the sids delivered are member of. This is
 	 * to implement 'domain local groups' correctly */
 	NTSTATUS (*lookup_useraliases)(struct winbindd_domain *domain,
 				       TALLOC_CTX *mem_ctx,
-				       uint32 num_sids,
+				       uint32_t num_sids,
 				       const struct dom_sid *sids,
-				       uint32 *num_aliases,
-				       uint32 **alias_rids);
+				       uint32_t *num_aliases,
+				       uint32_t **alias_rids);
 
 	/* find all members of the group with the specified group_rid */
 	NTSTATUS (*lookup_groupmem)(struct winbindd_domain *domain,
 				    TALLOC_CTX *mem_ctx,
 				    const struct dom_sid *group_sid,
 				    enum lsa_SidType type,
-				    uint32 *num_names, 
+				    uint32_t *num_names,
 				    struct dom_sid **sid_mem, char ***names,
-				    uint32 **name_types);
+				    uint32_t **name_types);
 
 	/* return the current global sequence number */
-	NTSTATUS (*sequence_number)(struct winbindd_domain *domain, uint32 *seq);
+	NTSTATUS (*sequence_number)(struct winbindd_domain *domain, uint32_t *seq);
 
 	/* return the lockout policy */
 	NTSTATUS (*lockout_policy)(struct winbindd_domain *domain,
@@ -351,15 +321,9 @@ struct winbindd_tdc_domain {
 	const char *domain_name;
 	const char *dns_name;
         struct dom_sid sid;
-	uint32 trust_flags;
-	uint32 trust_attribs;
-	uint32 trust_type;
-};
-
-/* Switch for listing users or groups */
-enum ent_type {
-	LIST_USERS = 0,
-	LIST_GROUPS,
+	uint32_t trust_flags;
+	uint32_t trust_attribs;
+	uint32_t trust_type;
 };
 
 struct WINBINDD_MEMORY_CREDS {
@@ -394,6 +358,6 @@ struct WINBINDD_CCACHE_ENTRY {
 #define WINBINDD_ESTABLISH_LOOP 30
 #define WINBINDD_RESCAN_FREQ lp_winbind_cache_time()
 #define WINBINDD_PAM_AUTH_KRB5_RENEW_TIME 2592000 /* one month */
-#define DOM_SEQUENCE_NONE ((uint32)-1)
+#define DOM_SEQUENCE_NONE ((uint32_t)-1)
 
 #endif /* _WINBINDD_H */