TALLOC_FREE( extra_data );
}
-enum winbindd_result winbindd_dual_list_trusted_domains(struct winbindd_domain *domain,
- struct winbindd_cli_state *state)
-{
- uint32 i, num_domains;
- char **names, **alt_names;
- DOM_SID *sids;
- int extra_data_len = 0;
- char *extra_data;
- NTSTATUS result;
- bool have_own_domain = False;
-
- DEBUG(3, ("[%5lu]: list trusted domains\n",
- (unsigned long)state->pid));
-
- result = domain->methods->trusted_domains(domain, state->mem_ctx,
- &num_domains, &names,
- &alt_names, &sids);
-
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(3, ("winbindd_dual_list_trusted_domains: trusted_domains returned %s\n",
- nt_errstr(result) ));
- return WINBINDD_ERROR;
- }
-
- extra_data = talloc_strdup(state->mem_ctx, "");
-
- if (num_domains > 0)
- extra_data = talloc_asprintf(
- state->mem_ctx, "%s\\%s\\%s",
- names[0], alt_names[0] ? alt_names[0] : names[0],
- sid_string_talloc(state->mem_ctx, &sids[0]));
-
- for (i=1; i<num_domains; i++)
- extra_data = talloc_asprintf(
- state->mem_ctx, "%s\n%s\\%s\\%s",
- extra_data, names[i],
- alt_names[i] ? alt_names[i] : names[i],
- sid_string_talloc(state->mem_ctx, &sids[i]));
-
- /* add our primary domain */
-
- for (i=0; i<num_domains; i++) {
- if (strequal(names[i], domain->name)) {
- have_own_domain = True;
- break;
- }
- }
-
- if (state->request.data.list_all_domains && !have_own_domain) {
- extra_data = talloc_asprintf(
- state->mem_ctx, "%s\n%s\\%s\\%s",
- extra_data, domain->name,
- domain->alt_name ? domain->alt_name : domain->name,
- sid_string_talloc(state->mem_ctx, &domain->sid));
- }
-
- /* This is a bit excessive, but the extra data sooner or later will be
- talloc'ed */
-
- extra_data_len = 0;
- if (extra_data != NULL) {
- extra_data_len = strlen(extra_data);
- }
-
- if (extra_data_len > 0) {
- state->response.extra_data.data = SMB_STRDUP(extra_data);
- state->response.length += extra_data_len+1;
- }
-
- return WINBINDD_OK;
-}
-
static void ndr_child_trust_compat_list(struct winbindd_domain *domain,
struct winbindd_cli_state *state,
struct winbind_trust *r)
TALLOC_CTX *mem_ctx;
bool primary;
bool forest_root;
- struct winbindd_response *response;
};
-static void trustdom_recv(void *private_data, bool success);
+static void trustdom_recv(TALLOC_CTX *mem_ctx, bool success,
+ struct winbindd_ndr_call *c,
+ void *_r,
+ void *_unused1,
+ void *private_data);
static void rescan_forest_root_trusts( void );
static void rescan_forest_trusts( void );
static void add_trusted_domains( struct winbindd_domain *domain )
{
TALLOC_CTX *mem_ctx;
- struct winbindd_request *request;
- struct winbindd_response *response;
uint32 fr_flags = (NETR_TRUST_FLAG_TREEROOT|NETR_TRUST_FLAG_IN_FOREST);
-
struct trustdom_state *state;
+ struct winbind_trust *r;
mem_ctx = talloc_init("add_trusted_domains");
if (mem_ctx == NULL) {
return;
}
- request = TALLOC_ZERO_P(mem_ctx, struct winbindd_request);
- response = TALLOC_P(mem_ctx, struct winbindd_response);
state = TALLOC_P(mem_ctx, struct trustdom_state);
-
- if ((request == NULL) || (response == NULL) || (state == NULL)) {
- DEBUG(0, ("talloc failed\n"));
- talloc_destroy(mem_ctx);
- return;
- }
+ if (!state) goto nomem;
state->mem_ctx = mem_ctx;
- state->response = response;
/* Flags used to know how to continue the forest trust search */
state->primary = domain->primary;
state->forest_root = ((domain->domain_flags & fr_flags) == fr_flags );
- request->length = sizeof(*request);
- request->cmd = WINBINDD_LIST_TRUSTDOM;
+ r = TALLOC_P(state, struct winbind_trust);
+ if (!r) goto nomem;
+ r->in.level = TALLOC_P(r, enum winbind_trust_level);
+ if (!r->in.level) goto nomem;
+
+ *r->in.level = WINBIND_TRUST_LEVEL_COMPAT_LIST;
- async_domain_request(mem_ctx, domain, request, response,
- trustdom_recv, state);
+ do_async_ndr_domain(mem_ctx, domain,
+ NDR_WINBIND_TRUST, r,
+ trustdom_recv, r,
+ NULL, state);
+ return;
+nomem:
+ DEBUG(0, ("talloc failed\n"));
+ talloc_destroy(mem_ctx);
}
-static void trustdom_recv(void *private_data, bool success)
+static void trustdom_recv(TALLOC_CTX *mem_ctx, bool success,
+ struct winbindd_ndr_call *c,
+ void *_r,
+ void *_unused1,
+ void *private_data)
{
+ struct winbind_trust *r =
+ talloc_get_type_abort(_r, struct winbind_trust);
struct trustdom_state *state =
talloc_get_type_abort(private_data, struct trustdom_state);
- struct winbindd_response *response = state->response;
- char *p;
+ uint32_t i;
- if ((!success) || (response->result != WINBINDD_OK)) {
+ if (!success) {
DEBUG(1, ("Could not receive trustdoms\n"));
+ TALLOC_FREE(r);
talloc_destroy(state->mem_ctx);
return;
}
- p = (char *)response->extra_data.data;
+ if (r->out.result != WINBIND_STATUS_OK) {
+ DEBUG(5, ("list(compat_trusts) returned an error:0x%08X\n",
+ r->out.result));
+ TALLOC_FREE(r);
+ talloc_destroy(state->mem_ctx);
+ return;
+ }
- while ((p != NULL) && (*p != '\0')) {
- char *q, *sidstr, *alt_name;
- DOM_SID sid;
+ for (i=0; i < r->out.rep->compat_trusts.num_domains; i++) {
struct winbindd_domain *domain;
- char *alternate_name = NULL;
-
- alt_name = strchr(p, '\\');
- if (alt_name == NULL) {
- DEBUG(0, ("Got invalid trustdom response\n"));
- break;
- }
-
- *alt_name = '\0';
- alt_name += 1;
-
- sidstr = strchr(alt_name, '\\');
- if (sidstr == NULL) {
- DEBUG(0, ("Got invalid trustdom response\n"));
- break;
- }
-
- *sidstr = '\0';
- sidstr += 1;
-
- q = strchr(sidstr, '\n');
- if (q != NULL)
- *q = '\0';
-
- if (!string_to_sid(&sid, sidstr)) {
- /* Allow NULL sid for sibling domains */
- if ( strcmp(sidstr,"S-0-0") == 0) {
- sid_copy( &sid, &global_sid_NULL);
- } else {
- DEBUG(0, ("Got invalid trustdom response\n"));
- break;
- }
- }
+ struct winbind_domain_info_compat *t;
- /* use the real alt_name if we have one, else pass in NULL */
-
- if ( !strequal( alt_name, "(null)" ) )
- alternate_name = alt_name;
+ t = &r->out.rep->compat_trusts.domains[i];
/* If we have an existing domain structure, calling
add_trusted_domain() will update the SID if
necessary. This is important because we need the
SID for sibling domains */
- if ( find_domain_from_name_noinit(p) != NULL ) {
- domain = add_trusted_domain(p, alternate_name,
+ if ( find_domain_from_name_noinit(t->netbios_name) != NULL ) {
+ domain = add_trusted_domain(t->netbios_name,
+ t->dns_name,
&cache_methods,
- &sid);
+ t->sid);
} else {
- domain = add_trusted_domain(p, alternate_name,
+ domain = add_trusted_domain(t->netbios_name,
+ t->dns_name,
&cache_methods,
- &sid);
+ t->sid);
if (domain) {
setup_domain_child(domain,
&domain->child);
}
}
- p=q;
- if (p != NULL)
- p += 1;
}
- SAFE_FREE(response->extra_data.data);
-
/*
Cases to consider when scanning trusts:
(a) we are calling from a child domain (primary && !forest_root)