pam_winbind: use libwbclient for WINBINDD_LOOKUPNAME/LOOKUPSID.

Guenther

diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c
index 14eea9f0d6c47b0073fa6acf731282a3327630e0..9448890d2876c311565b371e19e35d447c278267 100644 (file)
--- a/source3/nsswitch/pam_winbind.c
+++ b/source3/nsswitch/pam_winbind.c
@@ -715,22 +715,6 @@ static int pam_winbind_request(struct pwb_context *ctx,
                return PAM_SUCCESS;
        }
 
-       /* no need to check for pam_error codes for getpwnam() */
-       switch (req_type) {
-
-               case WINBINDD_LOOKUPNAME:
-                       if (strlen(response->data.auth.nt_status_string) > 0) {
-                               _pam_log(ctx, LOG_ERR,
-                                        "request failed, NT error was %s",
-                                        response->data.auth.nt_status_string);
-                       } else {
-                               _pam_log(ctx, LOG_ERR, "request failed");
-                       }
-                       return PAM_USER_UNKNOWN;
-               default:
-                       break;
-       }
-
        if (response->data.auth.pam_error != PAM_SUCCESS) {
                _pam_log(ctx, LOG_ERR,
                         "request failed: %s, "
@@ -1018,33 +1002,33 @@ static bool winbind_name_to_sid_string(struct pwb_context *ctx,
                                       int sid_list_buffer_size)
 {
        const char* sid_string;
-       struct winbindd_response sid_response;
 
        /* lookup name? */
        if (IS_SID_STRING(name)) {
                sid_string = name;
        } else {
-               struct winbindd_request sid_request;
-
-               ZERO_STRUCT(sid_request);
-               ZERO_STRUCT(sid_response);
+               wbcErr wbc_status;
+               struct wbcDomainSid sid;
+               enum wbcSidType type;
+               char *sid_str;
 
                _pam_log_debug(ctx, LOG_DEBUG,
                               "no sid given, looking up: %s\n", name);
 
-               /* fortunatly winbindd can handle non-separated names */
-               strncpy(sid_request.data.name.name, name,
-                       sizeof(sid_request.data.name.name) - 1);
-
-               if (pam_winbind_request_log(ctx, WINBINDD_LOOKUPNAME,
-                                           &sid_request, &sid_response,
-                                           user)) {
+               wbc_status = wbcLookupName("", name, &sid, &type);
+               if (!WBC_ERROR_IS_OK(wbc_status)) {
                        _pam_log(ctx, LOG_INFO,
                                 "could not lookup name: %s\n", name);
                        return false;
                }
 
-               sid_string = sid_response.data.sid.sid;
+               wbc_status = wbcSidToString(&sid, &sid_str);
+               if (!WBC_ERROR_IS_OK(wbc_status)) {
+                       return false;
+               }
+
+               wbcFreeMemory(sid_str);
+               sid_string = sid_str;
        }
 
        if (!safe_append_string(sid_list_buffer, sid_string,
@@ -2082,10 +2066,12 @@ static char winbind_get_separator(struct pwb_context *ctx)
 static char* winbind_upn_to_username(struct pwb_context *ctx,
                                     const char *upn)
 {
-       struct winbindd_request req;
-       struct winbindd_response resp;
-       int retval;
        char sep;
+       wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+       struct wbcDomainSid sid;
+       enum wbcSidType type;
+       char *domain;
+       char *name;
 
        /* This cannot work when the winbind separator = @ */
 
@@ -2096,33 +2082,19 @@ static char* winbind_upn_to_username(struct pwb_context *ctx,
 
        /* Convert the UPN to a SID */
 
-       ZERO_STRUCT(req);
-       ZERO_STRUCT(resp);
-
-       strncpy(req.data.name.dom_name, "",
-               sizeof(req.data.name.dom_name) - 1);
-       strncpy(req.data.name.name, upn,
-               sizeof(req.data.name.name) - 1);
-       retval = pam_winbind_request_log(ctx, WINBINDD_LOOKUPNAME,
-                                        &req, &resp, upn);
-       if (retval != PAM_SUCCESS) {
+       wbc_status = wbcLookupName("", upn, &sid, &type);
+       if (!WBC_ERROR_IS_OK(wbc_status)) {
                return NULL;
        }
 
        /* Convert the the SID back to the sAMAccountName */
 
-       ZERO_STRUCT(req);
-       strncpy(req.data.sid, resp.data.sid.sid, sizeof(req.data.sid)-1);
-       ZERO_STRUCT(resp);
-       retval =  pam_winbind_request_log(ctx, WINBINDD_LOOKUPSID,
-                                         &req, &resp, upn);
-       if (retval != PAM_SUCCESS) {
+       wbc_status = wbcLookupSid(&sid, &domain, &name, &type);
+       if (!WBC_ERROR_IS_OK(wbc_status)) {
                return NULL;
        }
 
-       return talloc_asprintf(ctx, "%s\\%s",
-                              resp.data.name.dom_name,
-                              resp.data.name.name);
+       return talloc_asprintf(ctx, "%s\\%s", domain, name);
 }
 
 PAM_EXTERN