<para>
The IDMAP dump file can be restored using the following command:
<screen>
-net idmap restore <full_path_and_tdb_filename> < dumpfile.txt
+net idmap restore idmap_dump.txt
</screen>
Where the Samba run-time tdb files are stored in the <filename>/var/lib/samba</filename> directory
the following command can be used to restore the data to the tdb file:
DIRNAME=$(dirname $0)
TOPDIR=${DIRNAME}/../..
-SRCDIR=${TOPDIR}/source
-VERSION_H=${SRCDIR}/include/version.h
SPECFILE="samba.spec"
DOCS="docs.tar.bz2"
##
## determine the samba version and create the SPEC file
##
-pushd ${SRCDIR}
-./script/mkversion.sh
-popd
-if [ ! -f ${VERSION_H} ] ; then
- echo "Error creating version.h"
- exit 1
+${DIRNAME}/makespec.sh
+RC=$?
+if [ $RC -ne 0 ]; then
+ exit ${RC}
fi
-VERSION=`grep SAMBA_VERSION_OFFICIAL_STRING ${VERSION_H} | awk '{print $3}'`
-vendor_version=`grep SAMBA_VERSION_VENDOR_SUFFIX ${VERSION_H} | awk '{print $3}'`
-if test "x${vendor_version}" != "x" ; then
- VERSION="${VERSION}-${vendor_version}"
-fi
-VERSION=`echo ${VERSION} | sed 's/-/_/g'`
-VERSION=`echo ${VERSION} | sed 's/\"//g'`
-echo "VERSION: ${VERSION}"
-sed -e s/PVERSION/${VERSION}/g \
- < ${DIRNAME}/${SPECFILE}.tmpl \
- > ${DIRNAME}/${SPECFILE}
+RELEASE=$(grep ^Release ${DIRNAME}/${SPECFILE} | sed -e 's/^Release:\ \+//')
+VERSION=$(grep ^Version ${DIRNAME}/${SPECFILE} | sed -e 's/^Version:\ \+//')
##
## create the tarball
--- /dev/null
+#!/bin/sh
+#
+# Copyright (C) Michael Adam 2008
+#
+# Script to determine the samba version and create the SPEC file from template
+
+DIRNAME=$(dirname $0)
+TOPDIR=${DIRNAME}/../..
+SRCDIR=${TOPDIR}/source
+VERSION_H=${SRCDIR}/include/version.h
+SPECFILE=${DIRNAME}/samba.spec
+
+##
+## determine the samba version and create the SPEC file
+##
+pushd ${SRCDIR}
+./script/mkversion.sh
+popd
+if [ ! -f ${VERSION_H} ] ; then
+ echo "Error creating version.h"
+ exit 1
+fi
+
+VERSION=`grep SAMBA_VERSION_OFFICIAL_STRING ${VERSION_H} | awk '{print $3}'`
+vendor_version=`grep SAMBA_VERSION_VENDOR_SUFFIX ${VERSION_H} | awk '{print
+$3}'`
+if test "x${vendor_version}" != "x" ; then
+ VERSION="${VERSION}-${vendor_version}"
+fi
+VERSION=`echo ${VERSION} | sed 's/-/_/g'`
+VERSION=`echo ${VERSION} | sed 's/\"//g'`
+echo "VERSION: ${VERSION}"
+sed -e s/PVERSION/${VERSION}/g \
+ < ${SPECFILE}.tmpl \
+ > ${SPECFILE}
+
# RPM_OPT_FLAGS="$RPM_OPT_FLAGS -D_FILE_OFFSET_BITS=64"
## check for ccache
-# ccache -h 2>&1 > /dev/null
-#if [ $? -eq 0 ]; then
-# CC="ccache gcc"
-#else
+if ccache -h >/dev/null 2>&1 ; then
+ CC="ccache gcc"
+else
CC="gcc"
-#fi
+fi
## always run autogen.sh
./autogen.sh
--with-configdir=%{_sysconfdir}/samba \
--libdir=%{_libarchdir} \
--with-modulesdir=%{_libarchdir}/samba \
+ --with-pammodulesdir=%{_libarch}/security \
--with-lockdir=/var/lib/samba \
--with-logfilebase=/var/log/samba \
--with-mandir=%{_mandir} \
--without-smbwrapper \
--with-pam \
--with-quotas \
- --with-shared-modules=idmap_rid,idmap_ad,idmap_tdb2 \
+ --with-shared-modules=idmap_rid,idmap_ad,idmap_tdb2,vfs_gpfs \
--with-syslog \
--with-utmp \
--with-cluster-support \
install
cd ..
-# NSS & PAM winbind support
-install -m 755 source/bin/pam_winbind.so $RPM_BUILD_ROOT/%{_libarch}/security/pam_winbind.so
+# NSS winbind support
install -m 755 source/nsswitch/libnss_winbind.so $RPM_BUILD_ROOT/%{_libarch}/libnss_winbind.so.2
( cd $RPM_BUILD_ROOT/%{_libarch};
ln -sf libnss_winbind.so.2 libnss_winbind.so )
#install -m 755 source/nsswitch/libnss_wins.so $RPM_BUILD_ROOT/%{_libarch}/libnss_wins.so
# ( cd $RPM_BUILD_ROOT/%{_libarch}; ln -sf libnss_wins.so libnss_wins.so.2 )
-# Install pam_smbpass.so
-install -m755 source/bin/pam_smbpass.so $RPM_BUILD_ROOT/%{_libarch}/security/pam_smbpass.so
## cleanup
/bin/rm -rf $RPM_BUILD_ROOT/usr/lib*/samba/security
/sbin/mount.cifs
/sbin/umount.cifs
+%{_sbindir}/cifs.upcall
+
%{_bindir}/rpcclient
%{_bindir}/smbcacls
%{_bindir}/findsmb
%{_mandir}/man8/mount.cifs.8.*
%{_mandir}/man8/umount.cifs.8.*
+%{_mandir}/man8/cifs.upcall.8*
%{_mandir}/man8/smbspool.8*
%{_mandir}/man1/smbget.1*
%{_mandir}/man5/smbgetrc.5*
%{_mandir}/man1/ldbedit.1*
%{_mandir}/man1/ldbmodify.1*
%{_mandir}/man1/ldbsearch.1*
-%{_mandir}/man8/cifs.upcall.8*
%ifarch i386 i486 i586 i686 ppc s390
%files winbind-32bit
const char *name, TALLOC_CTX *mem_ctx,
char **found_name);
-
/* The following definitions come from smbd/files.c */
NTSTATUS file_new(struct smb_request *req, connection_struct *conn,
ret = krb5_kt_start_seq_get(ctx->context, ctx->keytab, &cursor);
if (ret) {
- DEBUG(10, ("krb5_kt_start_seq_get failed: %s",
+ DEBUG(10, ("krb5_kt_start_seq_get failed: %s\n",
error_message(ret)));
return NULL;
}
fn_name, libname));
if (*libhandle_pointer == NULL) {
- *libhandle_pointer = sys_dlopen(libname, RTLD_LAZY);
+ *libhandle_pointer = dlopen(libname, RTLD_LAZY);
did_open_here = true;
}
if (*libhandle_pointer == NULL) {
return false;
}
- *fn_pointer = sys_dlsym(*libhandle_pointer, fn_name);
+ *fn_pointer = dlsym(*libhandle_pointer, fn_name);
if (*fn_pointer == NULL) {
DEBUG(10, ("Did not find symbol %s in lib %s\n",
fn_name, libname));
if (did_open_here) {
- sys_dlclose(*libhandle_pointer);
+ dlclose(*libhandle_pointer);
*libhandle_pointer = NULL;
}
return false;
return True;
}
-static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
+static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd)
{
struct gpfs_acl *acl;
NTSTATUS result = NT_STATUS_ACCESS_DENIED;
return result;
}
-static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
+static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd)
{
return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd);
}
#include "libwbclient.h"
-/** @brief Convert a binary GUID to a character string
- *
- * @param guid Binary Guid
- * @param **guid_string Resulting character string
- *
- * @return #wbcErr
- **/
-
+/* Convert a binary GUID to a character string */
wbcErr wbcGuidToString(const struct wbcGuid *guid,
char **guid_string)
{
return wbc_status;
}
-/** @brief Convert a character string to a binary GUID
- *
- * @param *str Character string
- * @param guid Resulting binary GUID
- *
- * @return #wbcErr
- **/
-
+/* @brief Convert a character string to a binary GUID */
wbcErr wbcStringToGuid(const char *str,
struct wbcGuid *guid)
{
#include "libwbclient.h"
-/** @brief Convert a Windows SID to a Unix uid, allocating an uid if needed
- *
- * @param *sid Pointer to the domain SID to be resolved
- * @param *puid Pointer to the resolved uid_t value
- *
- * @return #wbcErr
- *
- **/
-
+/* Convert a Windows SID to a Unix uid, allocating an uid if needed */
wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid)
{
struct winbindd_request request;
return wbc_status;
}
-/** @brief Convert a Windows SID to a Unix uid if there already is a mapping
- *
- * @param *sid Pointer to the domain SID to be resolved
- * @param *puid Pointer to the resolved uid_t value
- *
- * @return #wbcErr
- *
- **/
-
+/* Convert a Windows SID to a Unix uid if there already is a mapping */
wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid,
uid_t *puid)
{
return WBC_ERR_NOT_IMPLEMENTED;
}
-/** @brief Convert a Unix uid to a Windows SID, allocating a SID if needed
- *
- * @param uid Unix uid to be resolved
- * @param *sid Pointer to the resolved domain SID
- *
- * @return #wbcErr
- *
- **/
-
+/* Convert a Unix uid to a Windows SID, allocating a SID if needed */
wbcErr wbcUidToSid(uid_t uid, struct wbcDomainSid *sid)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
return wbc_status;
}
-/** @brief Convert a Unix uid to a Windows SID if there already is a mapping
- *
- * @param uid Unix uid to be resolved
- * @param *sid Pointer to the resolved domain SID
- *
- * @return #wbcErr
- *
- **/
-
+/* Convert a Unix uid to a Windows SID if there already is a mapping */
wbcErr wbcQueryUidToSid(uid_t uid,
struct wbcDomainSid *sid)
{
return wbc_status;
}
-/** @brief Convert a Windows SID to a Unix gid if there already is a mapping
- *
- * @param *sid Pointer to the domain SID to be resolved
- * @param *pgid Pointer to the resolved gid_t value
- *
- * @return #wbcErr
- *
- **/
+/* Convert a Windows SID to a Unix gid if there already is a mapping */
wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid,
gid_t *pgid)
return WBC_ERR_NOT_IMPLEMENTED;
}
-/** @brief Convert a Unix gid to a Windows SID, allocating a SID if needed
- *
- * @param gid Unix gid to be resolved
- * @param *sid Pointer to the resolved domain SID
- *
- * @return #wbcErr
- *
- **/
-
+/* Convert a Unix gid to a Windows SID, allocating a SID if needed */
wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid)
{
struct winbindd_request request;
return wbc_status;
}
-/** @brief Convert a Unix gid to a Windows SID if there already is a mapping
- *
- * @param gid Unix gid to be resolved
- * @param *sid Pointer to the resolved domain SID
- *
- * @return #wbcErr
- *
- **/
-
+/* Convert a Unix gid to a Windows SID if there already is a mapping */
wbcErr wbcQueryGidToSid(gid_t gid,
struct wbcDomainSid *sid)
{
return WBC_ERR_NOT_IMPLEMENTED;
}
-/** @brief Obtain a new uid from Winbind
- *
- * @param *puid *pointer to the allocated uid
- *
- * @return #wbcErr
- **/
-
+/* Obtain a new uid from Winbind */
wbcErr wbcAllocateUid(uid_t *puid)
{
struct winbindd_request request;
return wbc_status;
}
-/** @brief Obtain a new gid from Winbind
- *
- * @param *pgid Pointer to the allocated gid
- *
- * @return #wbcErr
- **/
-
+/* Obtain a new gid from Winbind */
wbcErr wbcAllocateGid(gid_t *pgid)
{
struct winbindd_request request;
#define _ID_TYPE_UID 1
#define _ID_TYPE_GID 2
-/** @brief Set an user id mapping
- *
- * @param uid Uid of the desired mapping.
- * @param *sid Pointer to the sid of the diresired mapping.
- *
- * @return #wbcErr
- **/
+/* Set an user id mapping */
wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid)
{
struct winbindd_request request;
return wbc_status;
}
-/** @brief Set a group id mapping
- *
- * @param gid Gid of the desired mapping.
- * @param *sid Pointer to the sid of the diresired mapping.
- *
- * @return #wbcErr
- **/
+/* Set a group id mapping */
wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid)
{
struct winbindd_request request;
return wbc_status;
}
-/** @brief Remove a user id mapping
- *
- * @param uid Uid of the mapping to remove.
- * @param *sid Pointer to the sid of the mapping to remove.
- *
- * @return #wbcErr
- **/
+/* Remove a user id mapping */
wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid)
{
struct winbindd_request request;
return wbc_status;
}
-/** @brief Remove a group id mapping
- *
- * @param gid Gid of the mapping to remove.
- * @param *sid Pointer to the sid of the mapping to remove.
- *
- * @return #wbcErr
- **/
+/* Remove a group id mapping */
wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid)
{
struct winbindd_request request;
return wbc_status;
}
-/** @brief Set the highwater mark for allocated uids.
- *
- * @param uid_hwm The new uid highwater mark value
- *
- * @return #wbcErr
- **/
+/* Set the highwater mark for allocated uids. */
wbcErr wbcSetUidHwm(uid_t uid_hwm)
{
struct winbindd_request request;
return wbc_status;
}
-/** @brief Set the highwater mark for allocated gids.
- *
- * @param gid_hwm The new gid highwater mark value
- *
- * @return #wbcErr
- **/
+/* Set the highwater mark for allocated gids. */
wbcErr wbcSetGidHwm(gid_t gid_hwm)
{
struct winbindd_request request;
#include "libwbclient.h"
-/** @brief Authenticate a username/password pair
- *
- * @param username Name of user to authenticate
- * @param password Clear text password os user
- *
- * @return #wbcErr
- **/
-
+/* Authenticate a username/password pair */
wbcErr wbcAuthenticateUser(const char *username,
const char *password)
{
return wbc_status;
}
-/** @brief Authenticate with more detailed information
- *
- * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH
- * is not supported yet
- * @param info Output details on WBC_ERR_SUCCESS
- * @param error Output details on WBC_ERR_AUTH_ERROR
- *
- * @return #wbcErr
- **/
-
+/* Authenticate with more detailed information */
wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params,
struct wbcAuthUserInfo **info,
struct wbcAuthErrorInfo **error)
return wbc_status;
}
-/** @brief Trigger a verification of the trust credentials of a specific domain
- *
- * @param *domain The name of the domain, only NULL for the default domain is
- * supported yet. Other values than NULL will result in
- * WBC_ERR_NOT_IMPLEMENTED.
- * @param error Output details on WBC_ERR_AUTH_ERROR
- *
- * @return #wbcErr
- *
- **/
+/* Trigger a verification of the trust credentials of a specific domain */
wbcErr wbcCheckTrustCredentials(const char *domain,
struct wbcAuthErrorInfo **error)
{
return wbc_status;
}
-/** @brief Trigger an extended logoff notification to Winbind for a specific user
- *
- * @param params A wbcLogoffUserParams structure
- * @param error User output details on error
- *
- * @return #wbcErr
- *
- **/
-
+/* Trigger an extended logoff notification to Winbind for a specific user */
wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params,
struct wbcAuthErrorInfo **error)
{
return wbc_status;
}
-/** @brief Trigger a logoff notification to Winbind for a specific user
- *
- * @param username Name of user to remove from Winbind's list of
- * logged on users.
- * @param uid Uid assigned to the username
- * @param ccfilename Absolute path to the Krb5 credentials cache to
- * be removed
- *
- * @return #wbcErr
- *
- **/
-
+/* Trigger a logoff notification to Winbind for a specific user */
wbcErr wbcLogoffUser(const char *username,
uid_t uid,
const char *ccfilename)
return wbc_status;
}
-/** @brief Change a password for a user with more detailed information upon
- * failure
- * @param params Input parameters
- * @param error User output details on WBC_ERR_PWD_CHANGE_FAILED
- * @param reject_reason New password reject reason on WBC_ERR_PWD_CHANGE_FAILED
- * @param policy Password policy output details on WBC_ERR_PWD_CHANGE_FAILED
- *
- * @return #wbcErr
- **/
-
+/* Change a password for a user with more detailed information upon failure */
wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params,
struct wbcAuthErrorInfo **error,
enum wbcPasswordChangeRejectReason *reject_reason,
return wbc_status;
}
-/** @brief Change a password for a user
- *
- * @param username Name of user to authenticate
- * @param old_password Old clear text password of user
- * @param new_password New clear text password of user
- *
- * @return #wbcErr
- **/
-
+/* Change a password for a user */
wbcErr wbcChangeUserPassword(const char *username,
const char *old_password,
const char *new_password)
return wbc_status;
}
-/** @brief Logon a User
- *
- * @param[in] params Pointer to a wbcLogonUserParams structure
- * @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure
- * @param[out] error Pointer to a pointer to a wbcAuthErrorInfo structure
- * @param[out] policy Pointer to a pointer to a wbcUserPasswordPolicyInfo structure
- *
- * @return #wbcErr
- *
- **/
-
+/* Logon a User */
wbcErr wbcLogonUser(const struct wbcLogonUserParams *params,
struct wbcLogonUserInfo **info,
struct wbcAuthErrorInfo **error,
return wbc_status;
}
-/** @brief Authenticate a user with cached credentials
- *
- * @param *params Pointer to a wbcCredentialCacheParams structure
- * @param **info Pointer to a pointer to a wbcCredentialCacheInfo structure
- * @param **error Pointer to a pointer to a wbcAuthErrorInfo structure
- *
- * @return #wbcErr
- **/
+/* Authenticate a user with cached credentials */
wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params,
struct wbcCredentialCacheInfo **info,
struct wbcAuthErrorInfo **error)
return grp;
}
-/** @brief Fill in a struct passwd* for a domain user based
- * on username
- *
- * @param *name Username to lookup
- * @param **pwd Pointer to resulting struct passwd* from the query.
- *
- * @return #wbcErr
- **/
-
+/* Fill in a struct passwd* for a domain user based on username */
wbcErr wbcGetpwnam(const char *name, struct passwd **pwd)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
return wbc_status;
}
-/** @brief Fill in a struct passwd* for a domain user based
- * on uid
- *
- * @param uid Uid to lookup
- * @param **pwd Pointer to resulting struct passwd* from the query.
- *
- * @return #wbcErr
- **/
-
+/* Fill in a struct passwd* for a domain user based on uid */
wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
return wbc_status;
}
-/** @brief Fill in a struct passwd* for a domain user based
- * on username
- *
- * @param *name Username to lookup
- * @param **grp Pointer to resulting struct group* from the query.
- *
- * @return #wbcErr
- **/
-
+/* Fill in a struct passwd* for a domain user based on username */
wbcErr wbcGetgrnam(const char *name, struct group **grp)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
return wbc_status;
}
-/** @brief Fill in a struct passwd* for a domain user based
- * on uid
- *
- * @param gid Uid to lookup
- * @param **grp Pointer to resulting struct group* from the query.
- *
- * @return #wbcErr
- **/
-
+/* Fill in a struct passwd* for a domain user based on uid */
wbcErr wbcGetgrgid(gid_t gid, struct group **grp)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
*/
static struct winbindd_response pw_response;
-/** @brief Reset the passwd iterator
- *
- * @return #wbcErr
- **/
-
+/* Reset the passwd iterator */
wbcErr wbcSetpwent(void)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
return wbc_status;
}
-/** @brief Close the passwd iterator
- *
- * @return #wbcErr
- **/
-
+/* Close the passwd iterator */
wbcErr wbcEndpwent(void)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
return wbc_status;
}
-/** @brief Return the next struct passwd* entry from the pwent iterator
- *
- * @param **pwd Pointer to resulting struct passwd* from the query.
- *
- * @return #wbcErr
- **/
-
+/* Return the next struct passwd* entry from the pwent iterator */
wbcErr wbcGetpwent(struct passwd **pwd)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
*/
static struct winbindd_response gr_response;
-/** @brief Reset the group iterator
- *
- * @return #wbcErr
- **/
-
+/* Reset the group iterator */
wbcErr wbcSetgrent(void)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
return wbc_status;
}
-/** @brief Close the group iterator
- *
- * @return #wbcErr
- **/
-
+/* Close the group iterator */
wbcErr wbcEndgrent(void)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
return wbc_status;
}
-/** @brief Return the next struct group* entry from the pwent iterator
- *
- * @param **grp Pointer to resulting struct group* from the query.
- *
- * @return #wbcErr
- **/
-
+/* Return the next struct group* entry from the pwent iterator */
wbcErr wbcGetgrent(struct group **grp)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
return wbc_status;
}
-/** @brief Return the next struct group* entry from the pwent iterator
- *
- * This is similar to #wbcGetgrent, just that the member list is empty
- *
- * @param **grp Pointer to resulting struct group* from the query.
- *
- * @return #wbcErr
- **/
-
+/* Return the next struct group* entry from the pwent iterator */
wbcErr wbcGetgrlist(struct group **grp)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
return wbc_status;
}
-/** @brief Return the unix group array belonging to the given user
- *
- * @param *account The given user name
- * @param *num_groups Number of elements returned in the groups array
- * @param **_groups Pointer to resulting gid_t array.
- *
- * @return #wbcErr
- **/
+/* Return the unix group array belonging to the given user */
wbcErr wbcGetGroups(const char *account,
uint32_t *num_groups,
gid_t **_groups)
#include "libwbclient.h"
-/** @brief Convert a binary SID to a character string
- *
- * @param sid Binary Security Identifier
- * @param **sid_string Resulting character string
- *
- * @return #wbcErr
- **/
-
+/* Convert a binary SID to a character string */
wbcErr wbcSidToString(const struct wbcDomainSid *sid,
char **sid_string)
{
return wbc_status;
}
-/** @brief Convert a character string to a binary SID
- *
- * @param *str Character string in the form of S-...
- * @param sid Resulting binary SID
- *
- * @return #wbcErr
- **/
-
+/* Convert a character string to a binary SID */
wbcErr wbcStringToSid(const char *str,
struct wbcDomainSid *sid)
{
}
-/** @brief Convert a domain and name to SID
- *
- * @param domain Domain name (possibly "")
- * @param name User or group name
- * @param *sid Pointer to the resolved domain SID
- * @param *name_type Pointer to the SID type
- *
- * @return #wbcErr
- *
- **/
-
+/* Convert a domain and name to SID */
wbcErr wbcLookupName(const char *domain,
const char *name,
struct wbcDomainSid *sid,
return wbc_status;
}
-/** @brief Convert a SID to a domain and name
- *
- * @param *sid Pointer to the domain SID to be resolved
- * @param pdomain Resolved Domain name (possibly "")
- * @param pname Resolved User or group name
- * @param *pname_type Pointer to the resolved SID type
- *
- * @return #wbcErr
- *
- **/
-
+/* Convert a SID to a domain and name */
wbcErr wbcLookupSid(const struct wbcDomainSid *sid,
char **pdomain,
char **pname,
return wbc_status;
}
-/** @brief Translate a collection of RIDs within a domain to names
- *
- **/
+/* Translate a collection of RIDs within a domain to names */
wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid,
int num_rids,
return wbc_status;
}
-/** @brief Get the groups a user belongs to
- *
- **/
-
+/* Get the groups a user belongs to */
wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid,
bool domain_groups_only,
uint32_t *num_sids,
return wbc_status;
}
-/** @brief Lists Users
- *
- **/
-
+/* Lists Users */
wbcErr wbcListUsers(const char *domain_name,
uint32_t *_num_users,
const char ***_users)
return wbc_status;
}
-/** @brief Lists Groups
- *
- **/
-
+/* Lists Groups */
wbcErr wbcListGroups(const char *domain_name,
uint32_t *_num_groups,
const char ***_groups)
}
-/** @brief Lookup the current status of a trusted domain
- *
- * @param domain Domain to query
- * @param *dinfo Pointer to returned domain_info struct
- *
- * @return #wbcErr
- *
- **/
-
-
+/* Lookup the current status of a trusted domain */
wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo)
{
struct winbindd_request request;
}
-/** @brief Resolve a NetbiosName via WINS
- *
- * @param name Name to resolve
- * @param *ip Pointer to the ip address string
- *
- * @return #wbcErr
- *
- **/
+/* Resolve a NetbiosName via WINS */
wbcErr wbcResolveWinsByName(const char *name, char **ip)
{
struct winbindd_request request;
return wbc_status;
}
-/** @brief Resolve an IP address via WINS into a NetbiosName
- *
- * @param ip The ip address string
- * @param *name Pointer to the name
- *
- * @return #wbcErr
- *
- **/
+/* Resolve an IP address via WINS into a NetbiosName */
wbcErr wbcResolveWinsByIP(const char *ip, char **name)
{
struct winbindd_request request;
return wbc_status;
}
-/** @brief Enumerate the domain trusts known by Winbind
- *
- * @param **domains Pointer to the allocated domain list array
- * @param *num_domains Pointer to number of domains returned
- *
- * @return #wbcErr
- *
- **/
+/* Enumerate the domain trusts known by Winbind */
wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains)
{
struct winbindd_response response;
return wbc_status;
}
-/** @brief Enumerate the domain trusts known by Winbind
- *
- * @param domain Name of the domain to query for a DC
- * @param flags Bit flags used to control the domain location query
- * @param *dc_info Pointer to the returned domain controller information
- *
- * @return #wbcErr
- *
- **/
-
-
-
+/* Enumerate the domain trusts known by Winbind */
wbcErr wbcLookupDomainController(const char *domain,
uint32_t flags,
struct wbcDomainControllerInfo **dc_info)
return wbc_status;
}
-/** @brief Get extended domain controller information
- *
- * @param domain Name of the domain to query for a DC
- * @param guid Guid of the domain to query for a DC
- * @param site Site of the domain to query for a DC
- * @param flags Bit flags used to control the domain location query
- * @param *dc_info Pointer to the returned extended domain controller information
- *
- * @return #wbcErr
- *
- **/
-
+/* Get extended domain controller information */
wbcErr wbcLookupDomainControllerEx(const char *domain,
struct wbcGuid *guid,
const char *site,
return wbc_status;
}
-/** @brief Initialize a named blob and add to list of blobs
- *
- * @param[in,out] num_blobs Pointer to the number of blobs
- * @param[in,out] blobs Pointer to an array of blobs
- * @param[in] name Name of the new named blob
- * @param[in] flags Flags of the new named blob
- * @param[in] data Blob data of new blob
- * @param[in] length Blob data length of new blob
- *
- * @return #wbcErr
- *
- **/
-
+/* Initialize a named blob and add to list of blobs */
wbcErr wbcAddNamedBlob(size_t *num_blobs,
struct wbcNamedBlob **blobs,
const char *name,
return "unknown wbcErr value";
}
-/** @brief Free library allocated memory
- *
- * @param *p Pointer to free
- *
- * @return void
- **/
-
+/* Free library allocated memory */
void wbcFreeMemory(void *p)
{
if (p)
const char *client_site_name;
};
-/*
+/**********************************************************
* Memory Management
- */
+ **********************************************************/
+/**
+ * @brief Free library allocated memory
+ *
+ * @param *p Pointer to free
+ *
+ * @return void
+ **/
void wbcFreeMemory(void*);
* Utility functions for dealing with SIDs
*/
+/**
+ * @brief Convert a binary SID to a character string
+ *
+ * @param sid Binary Security Identifier
+ * @param **sid_string Resulting character string
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcSidToString(const struct wbcDomainSid *sid,
char **sid_string);
+/**
+ * @brief Convert a character string to a binary SID
+ *
+ * @param *str Character string in the form of S-...
+ * @param sid Resulting binary SID
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcStringToSid(const char *sid_string,
struct wbcDomainSid *sid);
* Utility functions for dealing with GUIDs
*/
+/**
+ * @brief Convert a binary GUID to a character string
+ *
+ * @param guid Binary Guid
+ * @param **guid_string Resulting character string
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcGuidToString(const struct wbcGuid *guid,
char **guid_string);
+/**
+ * @brief Convert a character string to a binary GUID
+ *
+ * @param *str Character string
+ * @param guid Resulting binary GUID
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcStringToGuid(const char *guid_string,
struct wbcGuid *guid);
+/**
+ * @brief Ping winbindd to see if the daemon is running
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcPing(void);
wbcErr wbcLibraryDetails(struct wbcLibraryDetails **details);
wbcErr wbcInterfaceDetails(struct wbcInterfaceDetails **details);
-/*
+/**********************************************************
* Name/SID conversion
- */
+ **********************************************************/
+/**
+ * @brief Convert a domain and name to SID
+ *
+ * @param domain Domain name (possibly "")
+ * @param name User or group name
+ * @param *sid Pointer to the resolved domain SID
+ * @param *name_type Pointer to the SID type
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcLookupName(const char *dom_name,
const char *name,
struct wbcDomainSid *sid,
enum wbcSidType *name_type);
+/**
+ * @brief Convert a SID to a domain and name
+ *
+ * @param *sid Pointer to the domain SID to be resolved
+ * @param pdomain Resolved Domain name (possibly "")
+ * @param pname Resolved User or group name
+ * @param *pname_type Pointer to the resolved SID type
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcLookupSid(const struct wbcDomainSid *sid,
char **domain,
char **name,
enum wbcSidType *name_type);
+/**
+ * @brief Translate a collection of RIDs within a domain to names
+ */
wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid,
int num_rids,
uint32_t *rids,
const char ***names,
enum wbcSidType **types);
+/*
+ * @brief Get the groups a user belongs to
+ **/
wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid,
bool domain_groups_only,
uint32_t *num_sids,
struct wbcDomainSid **sids);
+/**
+ * @brief Lists Users
+ **/
wbcErr wbcListUsers(const char *domain_name,
uint32_t *num_users,
const char ***users);
+/**
+ * @brief Lists Groups
+ **/
wbcErr wbcListGroups(const char *domain_name,
uint32_t *num_groups,
const char ***groups);
char **pfullname,
enum wbcSidType *pname_type);
-/*
+/**********************************************************
* SID/uid/gid Mappings
- */
+ **********************************************************/
+/**
+ * @brief Convert a Windows SID to a Unix uid, allocating an uid if needed
+ *
+ * @param *sid Pointer to the domain SID to be resolved
+ * @param *puid Pointer to the resolved uid_t value
+ *
+ * @return #wbcErr
+ *
+ **/
wbcErr wbcSidToUid(const struct wbcDomainSid *sid,
uid_t *puid);
+/**
+ * @brief Convert a Windows SID to a Unix uid if there already is a mapping
+ *
+ * @param *sid Pointer to the domain SID to be resolved
+ * @param *puid Pointer to the resolved uid_t value
+ *
+ * @return #wbcErr
+ *
+ **/
wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid,
uid_t *puid);
+/**
+ * @brief Convert a Unix uid to a Windows SID, allocating a SID if needed
+ *
+ * @param uid Unix uid to be resolved
+ * @param *sid Pointer to the resolved domain SID
+ *
+ * @return #wbcErr
+ *
+ **/
wbcErr wbcUidToSid(uid_t uid,
struct wbcDomainSid *sid);
+/**
+ * @brief Convert a Unix uid to a Windows SID if there already is a mapping
+ *
+ * @param uid Unix uid to be resolved
+ * @param *sid Pointer to the resolved domain SID
+ *
+ * @return #wbcErr
+ *
+ **/
wbcErr wbcQueryUidToSid(uid_t uid,
struct wbcDomainSid *sid);
+/**
+ * @brief Convert a Windows SID to a Unix gid, allocating a gid if needed
+ *
+ * @param *sid Pointer to the domain SID to be resolved
+ * @param *pgid Pointer to the resolved gid_t value
+ *
+ * @return #wbcErr
+ *
+ **/
wbcErr wbcSidToGid(const struct wbcDomainSid *sid,
gid_t *pgid);
+/**
+ * @brief Convert a Windows SID to a Unix gid if there already is a mapping
+ *
+ * @param *sid Pointer to the domain SID to be resolved
+ * @param *pgid Pointer to the resolved gid_t value
+ *
+ * @return #wbcErr
+ *
+ **/
wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid,
gid_t *pgid);
+/**
+ * @brief Convert a Unix gid to a Windows SID, allocating a SID if needed
+ *
+ * @param gid Unix gid to be resolved
+ * @param *sid Pointer to the resolved domain SID
+ *
+ * @return #wbcErr
+ *
+ **/
wbcErr wbcGidToSid(gid_t gid,
struct wbcDomainSid *sid);
+/**
+ * @brief Convert a Unix gid to a Windows SID if there already is a mapping
+ *
+ * @param gid Unix gid to be resolved
+ * @param *sid Pointer to the resolved domain SID
+ *
+ * @return #wbcErr
+ *
+ **/
wbcErr wbcQueryGidToSid(gid_t gid,
struct wbcDomainSid *sid);
+/**
+ * @brief Obtain a new uid from Winbind
+ *
+ * @param *puid *pointer to the allocated uid
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcAllocateUid(uid_t *puid);
+/**
+ * @brief Obtain a new gid from Winbind
+ *
+ * @param *pgid Pointer to the allocated gid
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcAllocateGid(gid_t *pgid);
+/**
+ * @brief Set an user id mapping
+ *
+ * @param uid Uid of the desired mapping.
+ * @param *sid Pointer to the sid of the diresired mapping.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid);
+/**
+ * @brief Set a group id mapping
+ *
+ * @param gid Gid of the desired mapping.
+ * @param *sid Pointer to the sid of the diresired mapping.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid);
+/**
+ * @brief Remove a user id mapping
+ *
+ * @param uid Uid of the mapping to remove.
+ * @param *sid Pointer to the sid of the mapping to remove.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid);
+/**
+ * @brief Remove a group id mapping
+ *
+ * @param gid Gid of the mapping to remove.
+ * @param *sid Pointer to the sid of the mapping to remove.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid);
+/**
+ * @brief Set the highwater mark for allocated uids.
+ *
+ * @param uid_hwm The new uid highwater mark value
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcSetUidHwm(uid_t uid_hwm);
+/**
+ * @brief Set the highwater mark for allocated gids.
+ *
+ * @param gid_hwm The new gid highwater mark value
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcSetGidHwm(gid_t gid_hwm);
-/*
+/**********************************************************
* NSS Lookup User/Group details
- */
+ **********************************************************/
+/**
+ * @brief Fill in a struct passwd* for a domain user based
+ * on username
+ *
+ * @param *name Username to lookup
+ * @param **pwd Pointer to resulting struct passwd* from the query.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcGetpwnam(const char *name, struct passwd **pwd);
+/**
+ * @brief Fill in a struct passwd* for a domain user based
+ * on uid
+ *
+ * @param uid Uid to lookup
+ * @param **pwd Pointer to resulting struct passwd* from the query.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd);
+/**
+ * @brief Fill in a struct passwd* for a domain user based
+ * on username
+ *
+ * @param *name Username to lookup
+ * @param **grp Pointer to resulting struct group* from the query.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcGetgrnam(const char *name, struct group **grp);
+/**
+ * @brief Fill in a struct passwd* for a domain user based
+ * on uid
+ *
+ * @param gid Uid to lookup
+ * @param **grp Pointer to resulting struct group* from the query.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcGetgrgid(gid_t gid, struct group **grp);
+/**
+ * @brief Reset the passwd iterator
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcSetpwent(void);
+/**
+ * @brief Close the passwd iterator
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcEndpwent(void);
+/**
+ * @brief Return the next struct passwd* entry from the pwent iterator
+ *
+ * @param **pwd Pointer to resulting struct passwd* from the query.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcGetpwent(struct passwd **pwd);
+/**
+ * @brief Reset the group iterator
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcSetgrent(void);
+/**
+ * @brief Close the group iterator
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcEndgrent(void);
+/**
+ * @brief Return the next struct group* entry from the pwent iterator
+ *
+ * @param **grp Pointer to resulting struct group* from the query.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcGetgrent(struct group **grp);
+/**
+ * @brief Return the next struct group* entry from the pwent iterator
+ *
+ * This is similar to #wbcGetgrent, just that the member list is empty
+ *
+ * @param **grp Pointer to resulting struct group* from the query.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcGetgrlist(struct group **grp);
+/**
+ * @brief Return the unix group array belonging to the given user
+ *
+ * @param *account The given user name
+ * @param *num_groups Number of elements returned in the groups array
+ * @param **_groups Pointer to resulting gid_t array.
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcGetGroups(const char *account,
uint32_t *num_groups,
gid_t **_groups);
-/*
+/**********************************************************
* Lookup Domain information
- */
+ **********************************************************/
+/**
+ * @brief Lookup the current status of a trusted domain
+ *
+ * @param domain Domain to query
+ * @param *dinfo Pointer to returned domain_info struct
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcDomainInfo(const char *domain,
struct wbcDomainInfo **info);
+/**
+ * @brief Enumerate the domain trusts known by Winbind
+ *
+ * @param **domains Pointer to the allocated domain list array
+ * @param *num_domains Pointer to number of domains returned
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcListTrusts(struct wbcDomainInfo **domains,
size_t *num_domains);
#define WBC_LOOKUP_DC_RETURN_DNS_NAME 0x40000000
#define WBC_LOOKUP_DC_RETURN_FLAT_NAME 0x80000000
+/**
+ * @brief Enumerate the domain trusts known by Winbind
+ *
+ * @param domain Name of the domain to query for a DC
+ * @param flags Bit flags used to control the domain location query
+ * @param *dc_info Pointer to the returned domain controller information
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcLookupDomainController(const char *domain,
uint32_t flags,
struct wbcDomainControllerInfo **dc_info);
+/**
+ * @brief Get extended domain controller information
+ *
+ * @param domain Name of the domain to query for a DC
+ * @param guid Guid of the domain to query for a DC
+ * @param site Site of the domain to query for a DC
+ * @param flags Bit flags used to control the domain location query
+ * @param *dc_info Pointer to the returned extended domain controller information
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcLookupDomainControllerEx(const char *domain,
struct wbcGuid *guid,
const char *site,
uint32_t flags,
struct wbcDomainControllerInfoEx **dc_info);
-/*
+/**********************************************************
* Athenticate functions
- */
+ **********************************************************/
+/**
+ * @brief Authenticate a username/password pair
+ *
+ * @param username Name of user to authenticate
+ * @param password Clear text password os user
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcAuthenticateUser(const char *username,
const char *password);
+/**
+ * @brief Authenticate with more detailed information
+ *
+ * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH
+ * is not supported yet
+ * @param info Output details on WBC_ERR_SUCCESS
+ * @param error Output details on WBC_ERR_AUTH_ERROR
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params,
struct wbcAuthUserInfo **info,
struct wbcAuthErrorInfo **error);
+/**
+ * @brief Logon a User
+ *
+ * @param[in] params Pointer to a wbcLogonUserParams structure
+ * @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure
+ * @param[out] error Pointer to a pointer to a wbcAuthErrorInfo structure
+ * @param[out] policy Pointer to a pointer to a wbcUserPasswordPolicyInfo structure
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcLogonUser(const struct wbcLogonUserParams *params,
struct wbcLogonUserInfo **info,
struct wbcAuthErrorInfo **error,
struct wbcUserPasswordPolicyInfo **policy);
+/**
+ * @brief Trigger a logoff notification to Winbind for a specific user
+ *
+ * @param username Name of user to remove from Winbind's list of
+ * logged on users.
+ * @param uid Uid assigned to the username
+ * @param ccfilename Absolute path to the Krb5 credentials cache to
+ * be removed
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcLogoffUser(const char *username,
uid_t uid,
const char *ccfilename);
+/**
+ * @brief Trigger an extended logoff notification to Winbind for a specific user
+ *
+ * @param params A wbcLogoffUserParams structure
+ * @param error User output details on error
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params,
struct wbcAuthErrorInfo **error);
+/**
+ * @brief Change a password for a user
+ *
+ * @param username Name of user to authenticate
+ * @param old_password Old clear text password of user
+ * @param new_password New clear text password of user
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcChangeUserPassword(const char *username,
const char *old_password,
const char *new_password);
+/**
+ * @brief Change a password for a user with more detailed information upon
+ * failure
+ *
+ * @param params Input parameters
+ * @param error User output details on WBC_ERR_PWD_CHANGE_FAILED
+ * @param reject_reason New password reject reason on WBC_ERR_PWD_CHANGE_FAILED
+ * @param policy Password policy output details on WBC_ERR_PWD_CHANGE_FAILED
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params,
struct wbcAuthErrorInfo **error,
enum wbcPasswordChangeRejectReason *reject_reason,
struct wbcUserPasswordPolicyInfo **policy);
+/**
+ * @brief Authenticate a user with cached credentials
+ *
+ * @param *params Pointer to a wbcCredentialCacheParams structure
+ * @param **info Pointer to a pointer to a wbcCredentialCacheInfo structure
+ * @param **error Pointer to a pointer to a wbcAuthErrorInfo structure
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params,
struct wbcCredentialCacheInfo **info,
struct wbcAuthErrorInfo **error);
-/*
+/**********************************************************
* Resolve functions
- */
+ **********************************************************/
+
+/**
+ * @brief Resolve a NetbiosName via WINS
+ *
+ * @param name Name to resolve
+ * @param *ip Pointer to the ip address string
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcResolveWinsByName(const char *name, char **ip);
+
+/**
+ * @brief Resolve an IP address via WINS into a NetbiosName
+ *
+ * @param ip The ip address string
+ * @param *name Pointer to the name
+ *
+ * @return #wbcErr
+ *
+ **/
wbcErr wbcResolveWinsByIP(const char *ip, char **name);
-/*
+/**********************************************************
* Trusted domain functions
- */
+ **********************************************************/
+
+/**
+ * @brief Trigger a verification of the trust credentials of a specific domain
+ *
+ * @param *domain The name of the domain, only NULL for the default domain is
+ * supported yet. Other values than NULL will result in
+ * WBC_ERR_NOT_IMPLEMENTED.
+ * @param error Output details on WBC_ERR_AUTH_ERROR
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcCheckTrustCredentials(const char *domain,
struct wbcAuthErrorInfo **error);
-/*
+
+/**********************************************************
* Helper functions
- */
+ **********************************************************/
+
+/**
+ * @brief Initialize a named blob and add to list of blobs
+ *
+ * @param[in,out] num_blobs Pointer to the number of blobs
+ * @param[in,out] blobs Pointer to an array of blobs
+ * @param[in] name Name of the new named blob
+ * @param[in] flags Flags of the new named blob
+ * @param[in] data Blob data of new blob
+ * @param[in] length Blob data length of new blob
+ *
+ * @return #wbcErr
+ **/
wbcErr wbcAddNamedBlob(size_t *num_blobs,
struct wbcNamedBlob **blobs,
const char *name,
return false;
/* Because atoi() can return 0 on invalid input, which would be a valid
- * UID/GID we must use strtol() and do error checking */
- *id = strtol(tmp, &endptr, 10);
+ * UID/GID we must use strtoul() and do error checking */
+ *id = strtoul(tmp, &endptr, 10);
if (endptr[0] != '\0')
return false;
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
+ 0, /* Don't know the acc_bits yet */
"_samr_LookupRids");
if (!NT_STATUS_IS_OK(status)) {
return status;
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(info->acc_granted,
- SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
+ SAMR_USER_ACCESS_GET_ATTRIBUTES,
"_samr_QueryUserInfo");
if (!NT_STATUS_IS_OK(status)) {
return status;
pythonmods:: $(PYTHON_PYS) $(PYTHON_SO)
-all:: bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4
+all:: bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4 pythonmods setup
torture:: bin/smbtorture4
everything:: $(patsubst %,%4,$(BINARIES))
+setup:
+ @ln -sf ../source4/setup setup
SELFTEST4 = $(LD_LIBPATH_OVERRIDE) $(PERL) $(selftestdir)/selftest.pl --prefix=st4 \
--builddir=$(builddir) --srcdir=$(samba4srcdir) \
broadcast name resolution method - recv side
*/
NTSTATUS resolve_name_bcast_recv(struct composite_context *c,
- TALLOC_CTX *mem_ctx, const char **reply_addr)
+ TALLOC_CTX *mem_ctx,
+ struct socket_address ***addrs)
{
- NTSTATUS status = resolve_name_nbtlist_recv(c, mem_ctx, reply_addr);
+ NTSTATUS status = resolve_name_nbtlist_recv(c, mem_ctx, addrs);
if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
/* this makes much more sense for a bcast name resolution
timeout */
struct interface *ifaces,
uint16_t nbt_port,
int nbt_timeout,
- const char **reply_addr)
+ struct socket_address ***addrs)
{
struct resolve_bcast_data *data = talloc(mem_ctx, struct resolve_bcast_data);
struct composite_context *c;
data->nbt_timeout = nbt_timeout;
c = resolve_name_bcast_send(mem_ctx, NULL, data, name);
- return resolve_name_bcast_recv(c, mem_ctx, reply_addr);
+ return resolve_name_bcast_recv(c, mem_ctx, addrs);
}
bool resolve_context_add_bcast_method(struct resolve_context *ctx, struct interface *ifaces, uint16_t nbt_port, int nbt_timeout)
#include "lib/events/events.h"
#include "system/network.h"
#include "system/filesys.h"
+#include "lib/socket/socket.h"
#include "libcli/composite/composite.h"
#include "librpc/gen_ndr/ndr_nbt.h"
#include "libcli/resolve/resolve.h"
struct host_state {
struct nbt_name name;
- const char *reply_addr;
+ struct socket_address **addrs;
pid_t child;
int child_fd;
struct fd_event *fde;
struct host_state *state = talloc_get_type(c->private_data, struct host_state);
char address[128];
int ret;
- pid_t child = state->child;
int status;
/* if we get any event from the child then we know that we
return;
}
- state->reply_addr = talloc_strdup(state, address);
- if (composite_nomem(state->reply_addr, c)) return;
+ state->addrs = talloc_array(state, struct socket_address *, 2);
+ if (composite_nomem(state->addrs, c)) return;
+
+ state->addrs[0] = socket_address_from_strings(state->addrs,
+ "ipv4",
+ address,
+ 0);
+ if (composite_nomem(state->addrs[0], c)) return;
+ state->addrs[1] = NULL;
composite_done(c);
}
gethostbyname name resolution method - recv side
*/
NTSTATUS resolve_name_host_recv(struct composite_context *c,
- TALLOC_CTX *mem_ctx, const char **reply_addr)
+ TALLOC_CTX *mem_ctx,
+ struct socket_address ***addrs)
{
NTSTATUS status;
if (NT_STATUS_IS_OK(status)) {
struct host_state *state = talloc_get_type(c->private_data, struct host_state);
- *reply_addr = talloc_steal(mem_ctx, state->reply_addr);
+ *addrs = talloc_steal(mem_ctx, state->addrs);
}
talloc_free(c);
*/
NTSTATUS resolve_name_host(struct nbt_name *name,
TALLOC_CTX *mem_ctx,
- const char **reply_addr)
+ struct socket_address ***addrs)
{
struct composite_context *c = resolve_name_host_send(mem_ctx, NULL, NULL, name);
- return resolve_name_host_recv(c, mem_ctx, reply_addr);
+ return resolve_name_host_recv(c, mem_ctx, addrs);
}
bool resolve_context_add_host_method(struct resolve_context *ctx)
#include "includes.h"
#include "libcli/composite/composite.h"
#include "system/network.h"
+#include "lib/socket/socket.h"
#include "lib/socket/netif.h"
#include "librpc/gen_ndr/ndr_nbt.h"
#include "../libcli/nbt/libnbt.h"
int num_queries;
struct nbt_name_request **queries;
struct nbt_name_query *io_queries;
- const char *reply_addr;
+ struct socket_address **addrs;
struct interface *ifaces;
};
talloc_free(state->nbtsock);
if (!composite_is_ok(c)) return;
- if (state->io_queries[i].out.num_addrs < 1) {
+ if (q->out.num_addrs < 1) {
composite_error(c, NT_STATUS_UNEXPECTED_NETWORK_ERROR);
return;
}
- /* favor a local address if possible */
- state->reply_addr = NULL;
- for (i=0;i<q->out.num_addrs;i++) {
- if (iface_is_local(state->ifaces, q->out.reply_addrs[i])) {
- state->reply_addr = talloc_steal(state,
- q->out.reply_addrs[i]);
- break;
- }
- }
+ state->addrs = talloc_array(state, struct socket_address *,
+ q->out.num_addrs + 1);
+ if (composite_nomem(state->addrs, c)) return;
- if (state->reply_addr == NULL) {
- state->reply_addr = talloc_steal(state,
- q->out.reply_addrs[0]);
+ for (i=0;i<q->out.num_addrs;i++) {
+ state->addrs[i] = socket_address_from_strings(state->addrs,
+ "ipv4",
+ q->out.reply_addrs[i],
+ 0);
+ if (composite_nomem(state->addrs[i], c)) return;
}
+ state->addrs[i] = NULL;
composite_done(c);
}
nbt list of addresses name resolution method - recv side
*/
NTSTATUS resolve_name_nbtlist_recv(struct composite_context *c,
- TALLOC_CTX *mem_ctx, const char **reply_addr)
+ TALLOC_CTX *mem_ctx,
+ struct socket_address ***addrs)
{
NTSTATUS status;
if (NT_STATUS_IS_OK(status)) {
struct nbtlist_state *state = talloc_get_type(c->private_data, struct nbtlist_state);
- *reply_addr = talloc_steal(mem_ctx, state->reply_addr);
+ *addrs = talloc_steal(mem_ctx, state->addrs);
}
talloc_free(c);
uint16_t nbt_port,
int nbt_timeout,
bool broadcast, bool wins_lookup,
- const char **reply_addr)
+ struct socket_address ***addrs)
{
struct composite_context *c = resolve_name_nbtlist_send(mem_ctx, NULL,
name, address_list,
ifaces, nbt_port,
nbt_timeout,
broadcast, wins_lookup);
- return resolve_name_nbtlist_recv(c, mem_ctx, reply_addr);
+ return resolve_name_nbtlist_recv(c, mem_ctx, addrs);
}
#include "libcli/resolve/resolve.h"
#include "librpc/gen_ndr/ndr_nbt.h"
#include "system/network.h"
+#include "lib/socket/socket.h"
#include "../lib/util/dlinklist.h"
struct resolve_state {
struct resolve_method *method;
struct nbt_name name;
struct composite_context *creq;
- const char *reply_addr;
+ struct socket_address **addrs;
};
static struct composite_context *setup_next_method(struct composite_context *c);
struct resolve_state *state = talloc_get_type(c->private_data, struct resolve_state);
const struct resolve_method *method = state->method;
- c->status = method->recv_fn(creq, state, &state->reply_addr);
+ c->status = method->recv_fn(creq, state, &state->addrs);
if (!NT_STATUS_IS_OK(c->status)) {
state->method = state->method->next;
/*
general name resolution - async send
*/
-struct composite_context *resolve_name_send(struct resolve_context *ctx,
- struct nbt_name *name,
- struct event_context *event_ctx)
+struct composite_context *resolve_name_all_send(struct resolve_context *ctx,
+ struct nbt_name *name,
+ struct event_context *event_ctx)
{
struct composite_context *c;
struct resolve_state *state;
if (is_ipaddress(state->name.name) ||
strcasecmp(state->name.name, "localhost") == 0) {
struct in_addr ip = interpret_addr2(state->name.name);
- state->reply_addr = talloc_strdup(state, inet_ntoa(ip));
- if (composite_nomem(state->reply_addr, c)) return c;
+
+ state->addrs = talloc_array(state, struct socket_address *, 2);
+ if (composite_nomem(state->addrs, c)) return c;
+ state->addrs[0] = socket_address_from_strings(state->addrs, "ipv4",
+ inet_ntoa(ip), 0);
+ if (composite_nomem(state->addrs[0], c)) return c;
+ state->addrs[1] = NULL;
composite_done(c);
return c;
}
/*
general name resolution method - recv side
*/
-NTSTATUS resolve_name_recv(struct composite_context *c,
- TALLOC_CTX *mem_ctx, const char **reply_addr)
+NTSTATUS resolve_name_all_recv(struct composite_context *c,
+ TALLOC_CTX *mem_ctx,
+ struct socket_address ***addrs)
{
NTSTATUS status;
if (NT_STATUS_IS_OK(status)) {
struct resolve_state *state = talloc_get_type(c->private_data, struct resolve_state);
- *reply_addr = talloc_steal(mem_ctx, state->reply_addr);
+ *addrs = talloc_steal(mem_ctx, state->addrs);
}
talloc_free(c);
/*
general name resolution - sync call
*/
-NTSTATUS resolve_name(struct resolve_context *ctx, struct nbt_name *name, TALLOC_CTX *mem_ctx, const char **reply_addr, struct event_context *ev)
+NTSTATUS resolve_all_name(struct resolve_context *ctx,
+ struct nbt_name *name,
+ TALLOC_CTX *mem_ctx,
+ struct socket_address ***addrs,
+ struct event_context *ev)
+{
+ struct composite_context *c = resolve_name_all_send(ctx, name, ev);
+ return resolve_name_all_recv(c, mem_ctx, addrs);
+}
+
+struct composite_context *resolve_name_send(struct resolve_context *ctx,
+ struct nbt_name *name,
+ struct event_context *event_ctx)
+{
+ return resolve_name_all_send(ctx, name, event_ctx);
+}
+
+NTSTATUS resolve_name_recv(struct composite_context *c,
+ TALLOC_CTX *mem_ctx,
+ const char **reply_addr)
+{
+ NTSTATUS status;
+ struct socket_address **addrs = NULL;
+
+ status = resolve_name_all_recv(c, mem_ctx, &addrs);
+
+ if (NT_STATUS_IS_OK(status)) {
+ *reply_addr = talloc_steal(mem_ctx, addrs[0]->addr);
+ talloc_free(addrs);
+ }
+
+ return status;
+}
+
+/*
+ general name resolution - sync call
+ */
+NTSTATUS resolve_name(struct resolve_context *ctx,
+ struct nbt_name *name,
+ TALLOC_CTX *mem_ctx,
+ const char **reply_addr,
+ struct event_context *ev)
{
- struct composite_context *c = resolve_name_send(ctx, name, ev);
+ struct composite_context *c = resolve_name_send(ctx, name, ev);
return resolve_name_recv(c, mem_ctx, reply_addr);
}
#ifndef __RESOLVE_H__
#define __RESOLVE_H__
+struct socket_address;
+
#include "../libcli/nbt/libnbt.h"
-typedef struct composite_context *(*resolve_name_send_fn)(TALLOC_CTX *mem_ctx, struct event_context *, void *privdata, struct nbt_name *);
-typedef NTSTATUS (*resolve_name_recv_fn)(struct composite_context *, TALLOC_CTX *, const char **);
+typedef struct composite_context *(*resolve_name_send_fn)(TALLOC_CTX *mem_ctx,
+ struct event_context *,
+ void *privdata,
+ struct nbt_name *);
+typedef NTSTATUS (*resolve_name_recv_fn)(struct composite_context *creq,
+ TALLOC_CTX *mem_ctx,
+ struct socket_address ***addrs);
#include "libcli/resolve/proto.h"
struct interface;
#include "libcli/resolve/lp_proto.h"
torture_comment(tctx, "Testing async resolve of '%s' for %d seconds\n",
host, timelimit);
while (timeval_elapsed(&tv) < timelimit) {
- const char *s;
+ struct socket_address **s;
struct composite_context *c = resolve_name_host_send(mem_ctx, ev, NULL, &n);
torture_assert(tctx, c != NULL, "resolve_name_host_send");
torture_assert_ntstatus_ok(tctx, resolve_name_host_recv(c, mem_ctx, &s),
#include "../libcli/nbt/libnbt.h"
#include "libcli/resolve/resolve.h"
#include "param/param.h"
+#include "lib/socket/socket.h"
#include "lib/socket/netif.h"
struct resolve_wins_data {
wins name resolution method - recv side
*/
NTSTATUS resolve_name_wins_recv(struct composite_context *c,
- TALLOC_CTX *mem_ctx, const char **reply_addr)
+ TALLOC_CTX *mem_ctx,
+ struct socket_address ***addrs)
{
- return resolve_name_nbtlist_recv(c, mem_ctx, reply_addr);
+ return resolve_name_nbtlist_recv(c, mem_ctx, addrs);
}
/*
struct interface *ifaces,
uint16_t nbt_port,
int nbt_timeout,
- const char **reply_addr)
+ struct socket_address ***addrs)
{
struct composite_context *c;
struct resolve_wins_data *wins_data = talloc(mem_ctx, struct resolve_wins_data);
wins_data->nbt_port = nbt_port;
wins_data->nbt_timeout = nbt_timeout;
c = resolve_name_wins_send(mem_ctx, NULL, wins_data, name);
- return resolve_name_wins_recv(c, mem_ctx, reply_addr);
+ return resolve_name_wins_recv(c, mem_ctx, addrs);
}
bool resolve_context_add_wins_method(struct resolve_context *ctx, const char **address_list, struct interface *ifaces, uint16_t nbt_port, int nbt_timeout)
# a successful run for any of these tests an error.
local.resolve.*.async
local.iconv.*.next_codepoint()
+base.delete.*.deltest17
base.delete.*.deltest20a
base.delete.*.deltest20b
+base.delete.*.deltest21
rpc.winreg.*security
samba4.local.registry.(dir|ldb).check hive security
samba4.local.registry.local.security
import getopt
import optparse
-import os, sys
+import os
+import sys
# Find right directory when running from source tree
sys.path.insert(0, "bin/python")
parser.add_option_group(options.VersionOptions(parser))
credopts = options.CredentialsOptions(parser)
parser.add_option_group(credopts)
+parser.add_option("--interactive", help="Ask for names")
parser.add_option("--setupdir", type="string", metavar="DIR",
help="directory with setup files")
parser.add_option("--realm", type="string", metavar="REALM", help="set realm")
if not opts.quiet:
print text
-if opts.realm is None or opts.domain is None:
+if len(sys.argv) == 1:
+ opts.interactive = True
+
+if not opts.interactive and (opts.realm is None or opts.domain is None):
if opts.realm is None:
print >>sys.stderr, "No realm set"
if opts.domain is None:
parser.print_usage()
sys.exit(1)
+if opts.interactive:
+ from getpass import getpass
+ import readline
+ import socket
+ def ask(prompt, default=None):
+ if default is not None:
+ print "%s [%s]: " % (prompt,default),
+ else:
+ print "%s: " % (prompt,),
+ return sys.stdin.readline().rstrip("\n") or default
+ opts.realm = ask("Realm", socket.gethostname().split(".", 1)[1])
+ opts.domain = ask("Domain", opts.realm)
+ opts.server_role = ask("Server Role (dc, member, standalone)", "dc")
+ for i in range(3):
+ opts.adminpass = getpass("Administrator password: ")
+ if not opts.adminpass:
+ print >>sys.stderr, "Invalid administrator password."
+ else:
+ break
+
lp = sambaopts.get_loadparm()
smbconf = lp.configfile()