From 59ce7650f24eb7c35b8d3ee9f830711a4af8f8e9 Mon Sep 17 00:00:00 2001
From: "Gerald (Jerry) Carter" <jerry@samba.org>
Date: Fri, 21 Dec 2007 11:59:56 -0600
Subject: [PATCH] De-couple smbd from staticly linking against winbindd client
 files.

Implements a wrapper layer in winbind_util.c which are just stubs
if compiled --without-winbind.  When building with winbindd, it
is now required to build the libwbclient DSO first (in the Makefile)
and then either set LD_LIBRARY_PATH or /etc/ld.so.conf to pick up the
library PATH.
(This used to be commit 42787bccff4fcffafc7aae6a678e792604ecaaa5)
---
 source3/auth/auth_util.c     |   6 +-
 source3/include/includes.h   |   1 +
 source3/lib/winbind_util.c   | 325 ++++++++++++++++++++++++
 source3/nsswitch/wb_client.c | 472 +----------------------------------
 source3/nsswitch/wbinfo.c    | 138 +++++-----
 5 files changed, 393 insertions(+), 549 deletions(-)
 create mode 100644 source3/lib/winbind_util.c

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 1e33869ea94..373a2a375fa 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1731,17 +1731,17 @@ bool is_trusted_domain(const char* dom_name)
 			return True;
 	}
 	else {
-		NSS_STATUS result;
+		wbcErr result;
 
 		/* If winbind is around, ask it */
 
 		result = wb_is_trusted_domain(dom_name);
 
-		if (result == NSS_STATUS_SUCCESS) {
+		if (result == WBC_ERR_SUCCESS) {
 			return True;
 		}
 
-		if (result == NSS_STATUS_NOTFOUND) {
+		if (result == WBC_ERR_DOMAIN_NOT_FOUND) {
 			/* winbind could not find the domain */
 			return False;
 		}
diff --git a/source3/include/includes.h b/source3/include/includes.h
index fdeff346e54..14ef2258e6f 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -784,6 +784,7 @@ enum flush_reason_enum {
     NUM_FLUSH_REASONS};
 
 #include "nss_info.h"
+#include "nsswitch/libwbclient/wbclient.h"
 
 /* generated rpc server implementation functions */
 #include "librpc/gen_ndr/srv_echo.h"
diff --git a/source3/lib/winbind_util.c b/source3/lib/winbind_util.c
new file mode 100644
index 00000000000..4983b9ced0d
--- /dev/null
+++ b/source3/lib/winbind_util.c
@@ -0,0 +1,325 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Winbind Utility functions
+
+   Copyright (C) Gerald (Jerry) Carter   2007
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+
+#if defined(WITH_WINBIND)
+
+#include "nsswitch/libwbclient/wbclient.h"
+
+/* Call winbindd to convert a name to a sid */
+
+bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, 
+                         enum lsa_SidType *name_type)
+{
+	struct wbcDomainSid dom_sid;
+	wbcErr result;
+	enum wbcSidType type;	
+
+	result = wbcLookupName(dom_name, name, &dom_sid, &type);
+	if (result != WBC_ERR_SUCCESS)
+		return False;
+
+	memcpy(sid, &dom_sid, sizeof(DOM_SID));	
+	*name_type = (enum lsa_SidType)type;	
+
+	return True;	
+}
+
+/* Call winbindd to convert sid to name */
+
+bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, 
+			const char **domain, const char **name,
+                        enum lsa_SidType *name_type)
+{
+	struct wbcDomainSid dom_sid;
+	wbcErr result;
+	enum wbcSidType type;
+	char *domain_name = NULL;
+	char *account_name = NULL;
+
+	memcpy(&dom_sid, sid, sizeof(dom_sid));	
+
+	result = wbcLookupSid(&dom_sid, &domain_name, &account_name, &type);
+	if (result != WBC_ERR_SUCCESS)
+		return False;
+
+	/* Copy out result */
+
+	if (domain) {		
+		*domain = talloc_strdup(mem_ctx, domain_name);
+	}
+	if (name) {
+		*name = talloc_strdup(mem_ctx, account_name);
+	}
+	*name_type = (enum lsa_SidType)type;
+
+	DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n", 
+		   sid_string_dbg(sid), domain_name, account_name));
+
+	SAFE_FREE(domain_name);
+	SAFE_FREE(account_name);
+	
+	if ((domain && !*domain) || (name && !*name)) {		
+		DEBUG(0,("winbind_lookup_sid: talloc() failed!\n"));
+		return False;
+	}	
+
+
+	return True;
+}
+
+/* Ping winbindd to see it is alive */
+
+bool winbind_ping(void)
+{
+	wbcErr result = wbcPing();
+
+	return (result == WBC_ERR_SUCCESS);
+}
+
+/* Call winbindd to convert SID to uid */
+
+bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
+{
+	struct wbcDomainSid dom_sid;
+	wbcErr result;
+
+	memcpy(&dom_sid, sid, sizeof(dom_sid));	
+
+	result = wbcSidToUid(&dom_sid, puid);	
+	if (result != WBC_ERR_SUCCESS)
+		return False;
+
+	return (result == WBC_ERR_SUCCESS);	
+}
+
+/* Call winbindd to convert uid to sid */
+
+bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
+{
+	struct wbcDomainSid dom_sid;
+	wbcErr result;
+
+	result = wbcUidToSid(uid, &dom_sid);
+	if (result == WBC_ERR_SUCCESS) {
+		memcpy(sid, &dom_sid, sizeof(DOM_SID));
+	} else {
+		sid_copy(sid, &global_sid_NULL);
+	}
+
+	return (result == WBC_ERR_SUCCESS);
+}
+
+/* Call winbindd to convert SID to gid */
+
+bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
+{
+	struct wbcDomainSid dom_sid;
+	wbcErr result;
+
+	memcpy(&dom_sid, sid, sizeof(dom_sid));	
+
+	result = wbcSidToGid(&dom_sid, pgid);	
+	if (result != WBC_ERR_SUCCESS)
+		return False;
+
+	return (result == WBC_ERR_SUCCESS);	
+}
+
+/* Call winbindd to convert gid to sid */
+
+bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
+{
+	struct wbcDomainSid dom_sid;
+	wbcErr result;
+
+	result = wbcGidToSid(gid, &dom_sid);
+	if (result == WBC_ERR_SUCCESS) {
+		memcpy(sid, &dom_sid, sizeof(DOM_SID));
+	} else {
+		sid_copy(sid, &global_sid_NULL);
+	}
+
+	return (result == WBC_ERR_SUCCESS);
+}
+
+/* Check for a trusted domain */
+
+wbcErr wb_is_trusted_domain(const char *domain)
+{
+	wbcErr result;
+	struct wbcDomainInfo info;	
+	
+	result = wbcDomainInfo(domain, &info);
+
+	if (result == WBC_ERR_SUCCESS) {
+		SAFE_FREE(info.short_name);
+		SAFE_FREE(info.dns_name);
+	}
+
+	return result;	
+}
+
+/* Lookup a set of rids in a given domain */
+
+bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
+			 const DOM_SID *domain_sid,
+			 int num_rids, uint32 *rids,
+			 const char **domain_name,
+			 const char ***names, enum lsa_SidType **types)
+{
+	const char *dom_name = NULL;
+	const char **namelist = NULL;
+	enum wbcSidType *name_types = NULL;
+	struct wbcDomainSid dom_sid;
+	wbcErr ret;
+	int i;	
+	
+	memcpy(&dom_sid, domain_sid, sizeof(struct wbcDomainSid));
+	
+	ret = wbcLookupRids(&dom_sid, num_rids, rids,
+			    &dom_name, &namelist, &name_types);
+	if (ret != WBC_ERR_SUCCESS)
+		return False;
+	
+	*domain_name = talloc_strdup(mem_ctx, dom_name);
+	*names       = TALLOC_ARRAY(mem_ctx, const char*, num_rids);
+	*types       = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids);
+
+	for(i=0; i<num_rids; i++) {
+		(*names)[i] = talloc_strdup(names, namelist[i]);
+		(*types)[i] = (enum lsa_SidType)name_types[i];
+
+		free(CONST_DISCARD(char*, namelist[i]));		
+	}
+	free(namelist);
+	free(name_types);
+	
+	return True;	
+}
+
+/* Ask Winbind to allocate a new uid for us */
+
+bool winbind_allocate_uid(uid_t *uid)
+{
+	wbcErr ret;
+	
+	ret = wbcAllocateUid(uid);
+	
+	return (ret == WBC_ERR_SUCCESS);
+}
+
+/* Ask Winbind to allocate a new gid for us */
+
+bool winbind_allocate_gid(gid_t *gid)
+{
+	wbcErr ret;
+	
+	ret = wbcAllocateGid(gid);
+	
+	return (ret == WBC_ERR_SUCCESS);
+}
+
+#else      /* WITH_WINBIND */
+
+bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, 
+                         enum lsa_SidType *name_type)
+{
+	return False;
+}
+
+/* Call winbindd to convert sid to name */
+
+bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, 
+			const char **domain, const char **name,
+                        enum lsa_SidType *name_type)
+{
+	return False;
+}
+
+/* Ping winbindd to see it is alive */
+
+bool winbind_ping(void)
+{
+	return False;
+}
+
+/* Call winbindd to convert SID to uid */
+
+bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
+{
+	return False;
+}
+
+/* Call winbindd to convert uid to sid */
+
+bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
+{
+	return False;
+}
+
+/* Call winbindd to convert SID to gid */
+
+bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
+{
+	return False;	
+}
+
+/* Call winbindd to convert gid to sid */
+
+bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
+{
+	return False;
+}
+
+/* Check for a trusted domain */
+
+wbcErr wb_is_trusted_domain(const char *domain)
+{
+	return WBC_ERR_UNKNOWN_FAILURE;
+}
+
+/* Lookup a set of rids in a given domain */
+
+bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
+			 const DOM_SID *domain_sid,
+			 int num_rids, uint32 *rids,
+			 const char **domain_name,
+			 const char ***names, enum lsa_SidType **types)
+{
+	return False;
+}
+
+/* Ask Winbind to allocate a new uid for us */
+
+bool winbind_allocate_uid(uid_t *uid)
+{
+	return False;
+}
+
+/* Ask Winbind to allocate a new gid for us */
+
+bool winbind_allocate_gid(gid_t *gid)
+{
+	return False;
+}
+
+#endif     /* WITH_WINBIND */
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c
index d24bba2fe14..5e1a5d8ad46 100644
--- a/source3/nsswitch/wb_client.c
+++ b/source3/nsswitch/wb_client.c
@@ -22,6 +22,7 @@
 
 #include "includes.h"
 #include "nsswitch/winbind_nss.h"
+#include "libwbclient/wbclient.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_WINBIND
@@ -30,431 +31,6 @@ NSS_STATUS winbindd_request_response(int req_type,
                                  struct winbindd_request *request,
                                  struct winbindd_response *response);
 
-/* Call winbindd to convert a name to a sid */
-
-bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, 
-                         enum lsa_SidType *name_type)
-{
-	struct winbindd_request request;
-	struct winbindd_response response;
-	NSS_STATUS result;
-	
-	if (!sid || !name_type)
-		return False;
-
-	/* Send off request */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	fstrcpy(request.data.name.dom_name, dom_name);
-	fstrcpy(request.data.name.name, name);
-
-	if ((result = winbindd_request_response(WINBINDD_LOOKUPNAME, &request, 
-				       &response)) == NSS_STATUS_SUCCESS) {
-		if (!string_to_sid(sid, response.data.sid.sid))
-			return False;
-		*name_type = (enum lsa_SidType)response.data.sid.type;
-	}
-
-	return result == NSS_STATUS_SUCCESS;
-}
-
-/* Call winbindd to convert sid to name */
-
-bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, 
-			const char **domain, const char **name,
-                        enum lsa_SidType *name_type)
-{
-	struct winbindd_request request;
-	struct winbindd_response response;
-	NSS_STATUS result;
-	
-	/* Initialise request */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	sid_to_fstring(request.data.sid, sid);
-	
-	/* Make request */
-
-	result = winbindd_request_response(WINBINDD_LOOKUPSID, &request,
-					   &response);
-
-	if (result != NSS_STATUS_SUCCESS) {
-		return False;
-	}
-
-	/* Copy out result */
-
-	if (domain != NULL) {
-		*domain = talloc_strdup(mem_ctx, response.data.name.dom_name);
-		if (*domain == NULL) {
-			DEBUG(0, ("talloc failed\n"));
-			return False;
-		}
-	}
-	if (name != NULL) {
-		*name = talloc_strdup(mem_ctx, response.data.name.name);
-		if (*name == NULL) {
-			DEBUG(0, ("talloc failed\n"));
-			return False;
-		}
-	}
-
-	*name_type = (enum lsa_SidType)response.data.name.type;
-
-	DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n", 
-		   sid_string_dbg(sid), response.data.name.dom_name,
-		   response.data.name.name));
-	return True;
-}
-
-bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
-			 const DOM_SID *domain_sid,
-			 int num_rids, uint32 *rids,
-			 const char **domain_name,
-			 const char ***names, enum lsa_SidType **types)
-{
-	size_t i, buflen;
-	ssize_t len;
-	char *ridlist;
-	char *p;
-	struct winbindd_request request;
-	struct winbindd_response response;
-	NSS_STATUS result;
-
-	if (num_rids == 0) {
-		return False;
-	}
-
-	/* Initialise request */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	sid_to_fstring(request.data.sid, domain_sid);
-	
-	len = 0;
-	buflen = 0;
-	ridlist = NULL;
-
-	for (i=0; i<num_rids; i++) {
-		sprintf_append(mem_ctx, &ridlist, &len, &buflen,
-			       "%ld\n", rids[i]);
-	}
-
-	if (ridlist == NULL) {
-		return False;
-	}
-
-	request.extra_data.data = ridlist;
-	request.extra_len = strlen(ridlist)+1;
-
-	result = winbindd_request_response(WINBINDD_LOOKUPRIDS,
-					   &request, &response);
-
-	TALLOC_FREE(ridlist);
-
-	if (result != NSS_STATUS_SUCCESS) {
-		return False;
-	}
-
-	*domain_name = talloc_strdup(mem_ctx, response.data.domain_name);
-
-	*names = TALLOC_ARRAY(mem_ctx, const char *, num_rids);
-	*types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids);
-
-	if ((*names == NULL) || (*types == NULL)) {
-		goto fail;
-	}
-
-	p = (char *)response.extra_data.data;
-
-	for (i=0; i<num_rids; i++) {
-		char *q;
-
-		if (*p == '\0') {
-			DEBUG(10, ("Got invalid reply: %s\n",
-				   (char *)response.extra_data.data));
-			goto fail;
-		}
-			
-		(*types)[i] = (enum lsa_SidType)strtoul(p, &q, 10);
-
-		if (*q != ' ') {
-			DEBUG(10, ("Got invalid reply: %s\n",
-				   (char *)response.extra_data.data));
-			goto fail;
-		}
-
-		p = q+1;
-
-		q = strchr(p, '\n');
-		if (q == NULL) {
-			DEBUG(10, ("Got invalid reply: %s\n",
-				   (char *)response.extra_data.data));
-			goto fail;
-		}
-
-		*q = '\0';
-
-		(*names)[i] = talloc_strdup(*names, p);
-
-		p = q+1;
-	}
-
-	if (*p != '\0') {
-		DEBUG(10, ("Got invalid reply: %s\n",
-			   (char *)response.extra_data.data));
-		goto fail;
-	}
-
-	SAFE_FREE(response.extra_data.data);
-
-	return True;
-
- fail:
-	TALLOC_FREE(*names);
-	TALLOC_FREE(*types);
-	return False;
-}
-
-/* Call winbindd to convert SID to uid */
-
-bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
-{
-	struct winbindd_request request;
-	struct winbindd_response response;
-	int result;
-	fstring sid_str;
-
-	if (!puid)
-		return False;
-
-	/* Initialise request */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	sid_to_fstring(sid_str, sid);
-	fstrcpy(request.data.sid, sid_str);
-	
-	/* Make request */
-
-	result = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response);
-
-	/* Copy out result */
-
-	if (result == NSS_STATUS_SUCCESS) {
-		*puid = response.data.uid;
-	}
-
-	return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert uid to sid */
-
-bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
-{
-	struct winbindd_request request;
-	struct winbindd_response response;
-	int result;
-
-	if (!sid)
-		return False;
-
-	/* Initialise request */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	request.data.uid = uid;
-
-	/* Make request */
-
-	result = winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response);
-
-	/* Copy out result */
-
-	if (result == NSS_STATUS_SUCCESS) {
-		if (!string_to_sid(sid, response.data.sid.sid))
-			return False;
-	} else {
-		sid_copy(sid, &global_sid_NULL);
-	}
-
-	return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert SID to gid */
-
-bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
-{
-	struct winbindd_request request;
-	struct winbindd_response response;
-	int result;
-	fstring sid_str;
-
-	if (!pgid)
-		return False;
-
-	/* Initialise request */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	sid_to_fstring(sid_str, sid);
-	fstrcpy(request.data.sid, sid_str);
-	
-	/* Make request */
-
-	result = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response);
-
-	/* Copy out result */
-
-	if (result == NSS_STATUS_SUCCESS) {
-		*pgid = response.data.gid;
-	}
-
-	return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert gid to sid */
-
-bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
-{
-	struct winbindd_request request;
-	struct winbindd_response response;
-	int result;
-
-	if (!sid)
-		return False;
-
-	/* Initialise request */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	request.data.gid = gid;
-
-	/* Make request */
-
-	result = winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response);
-
-	/* Copy out result */
-
-	if (result == NSS_STATUS_SUCCESS) {
-		if (!string_to_sid(sid, response.data.sid.sid))
-			return False;
-	} else {
-		sid_copy(sid, &global_sid_NULL);
-	}
-
-	return (result == NSS_STATUS_SUCCESS);
-}
-
-/* Call winbindd to convert SID to uid */
-
-bool winbind_sids_to_unixids(struct id_map *ids, int num_ids)
-{
-	struct winbindd_request request;
-	struct winbindd_response response;
-	int result;
-	DOM_SID *sids;
-	int i;
-
-	/* Initialise request */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	request.extra_len = num_ids * sizeof(DOM_SID);
-
-	sids = (DOM_SID *)SMB_MALLOC(request.extra_len);
-	for (i = 0; i < num_ids; i++) {
-		sid_copy(&sids[i], ids[i].sid);
-	}
-
-	request.extra_data.data = (char *)sids;
-	
-	/* Make request */
-
-	result = winbindd_request_response(WINBINDD_SIDS_TO_XIDS, &request, &response);
-
-	/* Copy out result */
-
-	if (result == NSS_STATUS_SUCCESS) {
-		struct unixid *wid = (struct unixid *)response.extra_data.data;
-		
-		for (i = 0; i < num_ids; i++) {
-			if (wid[i].type == -1) {
-				ids[i].status = ID_UNMAPPED;
-			} else {
-				ids[i].status = ID_MAPPED;
-				ids[i].xid.type = wid[i].type;
-				ids[i].xid.id = wid[i].id;
-			}
-		}
-	}
-
-	SAFE_FREE(request.extra_data.data);
-	SAFE_FREE(response.extra_data.data);
-
-	return (result == NSS_STATUS_SUCCESS);
-}
-
-bool winbind_allocate_uid(uid_t *uid)
-{
-	struct winbindd_request request;
-	struct winbindd_response response;
-	int result;
-
-	/* Initialise request */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	/* Make request */
-
-	result = winbindd_request_response(WINBINDD_ALLOCATE_UID,
-					   &request, &response);
-
-	if (result != NSS_STATUS_SUCCESS)
-		return False;
-
-	/* Copy out result */
-	*uid = response.data.uid;
-
-	return True;
-}
-
-bool winbind_allocate_gid(gid_t *gid)
-{
-	struct winbindd_request request;
-	struct winbindd_response response;
-	int result;
-
-	/* Initialise request */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	/* Make request */
-
-	result = winbindd_request_response(WINBINDD_ALLOCATE_GID,
-					   &request, &response);
-
-	if (result != NSS_STATUS_SUCCESS)
-		return False;
-
-	/* Copy out result */
-	*gid = response.data.gid;
-
-	return True;
-}
-
 bool winbind_set_mapping(const struct id_map *map)
 {
 	struct winbindd_request request;
@@ -518,49 +94,3 @@ bool winbind_set_gid_hwm(unsigned long id)
 
 	return (result == NSS_STATUS_SUCCESS);
 }
-
-/**********************************************************************
- simple wrapper function to see if winbindd is alive
-**********************************************************************/
-
-bool winbind_ping( void )
-{
-	NSS_STATUS result;
-
-	result = winbindd_request_response(WINBINDD_PING, NULL, NULL);
-
-	return result == NSS_STATUS_SUCCESS;
-}
-
-/**********************************************************************
- Is a domain trusted?
-
- result == NSS_STATUS_UNAVAIL: winbind not around
- result == NSS_STATUS_NOTFOUND: winbind around, but domain missing
-
- Due to a bad API NSS_STATUS_NOTFOUND is returned both when winbind_off and
- when winbind return WINBINDD_ERROR. So the semantics of this routine depends
- on winbind_on. Grepping for winbind_off I just found 3 places where winbind
- is turned off, and this does not conflict (as far as I have seen) with the
- callers of is_trusted_domains.
-
- I *hate* global variables....
-
- Volker
-
-**********************************************************************/
-
-NSS_STATUS wb_is_trusted_domain(const char *domain)
-{
-	struct winbindd_request request;
-	struct winbindd_response response;
-
-	/* Call winbindd */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	fstrcpy(request.domain_name, domain);
-
-	return winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response);
-}
diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index 37ff8a78c72..c8f8398c6fc 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -22,6 +22,7 @@
 
 #include "includes.h"
 #include "winbind_client.h"
+#include "libwbclient/wbclient.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_WINBIND
@@ -73,25 +74,26 @@ static char winbind_separator(void)
 
 static const char *get_winbind_domain(void)
 {
-	struct winbindd_response response;
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;	
+	struct wbcDomainInfo *dinfo = NULL;
 	static fstring winbind_domain;
 
-	ZERO_STRUCT(response);
-
-	/* Send off request */
+	ZERO_STRUCT(dinfo);
+	
+	wbc_status = wbcDomainInfo(".", &dinfo);
 
-	if (winbindd_request_response(WINBINDD_DOMAIN_NAME, NULL, &response) !=
-	    NSS_STATUS_SUCCESS) {
+	if (!WBC_ERROR_IS_OK(wbc_status)) {
 		d_fprintf(stderr, "could not obtain winbind domain name!\n");
 		
 		/* HACK: (this module should not call lp_ funtions) */
 		return lp_workgroup();
 	}
 
-	fstrcpy(winbind_domain, response.data.domain_name);
+	fstrcpy(winbind_domain, dinfo->short_name);	
 
-	return winbind_domain;
+	wbcFreeMemory(dinfo);
 
+	return winbind_domain;
 }
 
 /* Copy of parse_domain_user from winbindd_util.c.  Parse a string of the
@@ -128,61 +130,47 @@ static bool parse_wbinfo_domain_user(const char *domuser, fstring domain,
 
 static bool wbinfo_get_userinfo(char *user)
 {
-	struct winbindd_request request;
-	struct winbindd_response response;
-	NSS_STATUS result;
-	
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	/* Send request */
-	
-	fstrcpy(request.data.username, user);
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	struct passwd *pwd = NULL;	
 
-	result = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response);
-	
-	if (result != NSS_STATUS_SUCCESS)
-		return False;
+	wbc_status = wbcGetpwnam(user, &pwd);
+	if (!WBC_ERROR_IS_OK(wbc_status)) {
+		return false;
+	}
 	
-	d_printf( "%s:%s:%d:%d:%s:%s:%s\n",
-			  response.data.pw.pw_name,
-			  response.data.pw.pw_passwd,
-			  response.data.pw.pw_uid,
-			  response.data.pw.pw_gid,
-			  response.data.pw.pw_gecos,
-			  response.data.pw.pw_dir,
-			  response.data.pw.pw_shell );
+	d_printf("%s:%s:%d:%d:%s:%s:%s\n",
+		 pwd->pw_name,
+		 pwd->pw_passwd,
+		 pwd->pw_uid,
+		 pwd->pw_gid,
+		 pwd->pw_gecos,
+		 pwd->pw_dir,
+		 pwd->pw_shell);
 	
-	return True;
+	return true;
 }
 
 /* pull pwent info for a given uid */
 static bool wbinfo_get_uidinfo(int uid)
 {
-	struct winbindd_request request;
-	struct winbindd_response response;
-	NSS_STATUS result;
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-	request.data.uid = uid;
-
-	result = winbindd_request_response(WINBINDD_GETPWUID, &request, &response);
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	struct passwd *pwd = NULL;	
 
-	if (result != NSS_STATUS_SUCCESS)
-		return False;
-
-	d_printf( "%s:%s:%d:%d:%s:%s:%s\n",
-		response.data.pw.pw_name,
-		response.data.pw.pw_passwd,
-		response.data.pw.pw_uid,
-		response.data.pw.pw_gid,
-		response.data.pw.pw_gecos,
-		response.data.pw.pw_dir,
-		response.data.pw.pw_shell );
-
-	return True;
+	wbc_status = wbcGetpwuid(uid, &pwd);
+	if (!WBC_ERROR_IS_OK(wbc_status)) {
+		return false;
+	}
+	
+	d_printf("%s:%s:%d:%d:%s:%s:%s\n",
+		 pwd->pw_name,
+		 pwd->pw_passwd,
+		 pwd->pw_uid,
+		 pwd->pw_gid,
+		 pwd->pw_gecos,
+		 pwd->pw_dir,
+		 pwd->pw_shell);
+	
+	return true;
 }
 
 /* pull grent for a given group */
@@ -874,40 +862,40 @@ static bool wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags)
 
 static bool wbinfo_auth(char *username)
 {
-	struct winbindd_request request;
-	struct winbindd_response response;
-        NSS_STATUS result;
-        char *p;
-
-	/* Send off request */
-
-	ZERO_STRUCT(request);
-	ZERO_STRUCT(response);
-
-        p = strchr(username, '%');
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	char *s = NULL;	
+        char *p = NULL;	
+	char *password = NULL;
+	char *name = NULL;	
+
+	if ((s = SMB_STRDUP(username)) == NULL) {
+		return false;
+	}
 
-        if (p) {
+	if ((p = strchr(s, '%')) != NULL) {
                 *p = 0;
-                fstrcpy(request.data.auth.user, username);
-                fstrcpy(request.data.auth.pass, p + 1);
-                *p = '%';
-        } else
-                fstrcpy(request.data.auth.user, username);
+		p++;
+	}
 
-	result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response);
+	name = s;
+	password = p;	
 
-	/* Display response */
+	wbc_status = wbcAuthenticateUser(name, password);
 
         d_printf("plaintext password authentication %s\n", 
-               (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
+		 WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed");
 
+#if 0
 	if (response.data.auth.nt_status)
 		d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", 
 			 response.data.auth.nt_status_string, 
 			 response.data.auth.nt_status,
 			 response.data.auth.error_string);
+#endif
 
-        return result == NSS_STATUS_SUCCESS;
+	SAFE_FREE(s);
+
+        return WBC_ERROR_IS_OK(wbc_status);
 }
 
 /* Authenticate a user with a challenge/response */
-- 
2.34.1