* 27: added WINBINDD_LOOKUPSIDS
* 28: added WINBINDD_XIDS_TO_SIDS
* removed WINBINDD_SID_TO_UID
+ * removed WINBINDD_SID_TO_GID
+ * removed WINBINDD_GID_TO_SID
+ * removed WINBINDD_UID_TO_SID
+ * 29: added "authoritative" to response.data.auth
+ * 30: added "validation_level" and "info6" to response.data.auth
+ * 31: added "client_name" to the request
*/
-#define WINBIND_INTERFACE_VERSION 28
+#define WINBIND_INTERFACE_VERSION 31
/* Have to deal with time_t being 4 or 8 bytes due to structure alignment.
On a 64bit Linux box, we have to support a constant structure size
/* Lookup functions */
- WINBINDD_SID_TO_GID,
WINBINDD_SIDS_TO_XIDS,
WINBINDD_XIDS_TO_SIDS,
- WINBINDD_UID_TO_SID,
- WINBINDD_GID_TO_SID,
WINBINDD_ALLOCATE_UID,
WINBINDD_ALLOCATE_GID,
/* Flag to tell winbind the NTLMv2 blob is too big for the struct and is in the
* extra_data field */
#define WBFLAG_BIG_NTLMV2_BLOB 0x00010000
+#define WBFLAG_FROM_NSS 0x00020000
#define WINBINDD_MAX_EXTRA_DATA (128*1024)
uint32_t wb_flags; /* generic flags */
uint32_t flags; /* flags relevant *only* to a given request */
fstring domain_name; /* name of domain for which the request applies */
+ char client_name[32]; /* The client process sending the request */
union {
fstring winsreq; /* WINS request */
gid_t gid; /* getgrgid, gid_to_sid */
uint32_t ndrcmd;
struct {
- /* We deliberatedly don't split into domain/user to
+ /* We deliberately don't split into domain/user to
avoid having the client know what the separator
character is. */
fstring user;
char first_8_lm_hash[8];
fstring krb5ccname;
uint32_t reject_reason;
- uint32_t padding;
+ uint8_t authoritative;
+ uint8_t padding[1];
+ uint16_t validation_level;
struct policy_settings {
uint32_t min_length_password;
uint32_t password_history;
fstring logon_srv;
fstring logon_dom;
} info3;
+ struct info6_text {
+ fstring dns_domainname;
+ fstring principal_name;
+ } info6;
fstring unix_username;
} auth;
struct {
struct {
uint8_t session_key[16];
uint32_t auth_blob_len; /* blob in extra_data */
+ uint8_t new_spnego;
} ccache_ntlm_auth;
struct {
fstring dc_unc;