Winbind client API
Copyright (C) Gerald (Jerry) Carter 2007
+ Copyright (C) Volker Lendecke 2009
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
* Added wbcGetSidAliases()
* 0.4: Added wbcSidTypeString()
* 0.5: Added wbcChangeTrustCredentials()
+ * 0.6: Made struct wbcInterfaceDetails char* members non-const
+ * 0.7: Added wbcSidToStringBuf()
+ * 0.8: Added wbcSidsToUnixIds() and wbcLookupSids()
+ * 0.9: Added support for WBC_ID_TYPE_BOTH
+ * 0.10: Added wbcPingDc2()
+ * 0.11: Extended wbcAuthenticateUserEx to provide PAC parsing
**/
#define WBCLIENT_MAJOR_VERSION 0
-#define WBCLIENT_MINOR_VERSION 5
+#define WBCLIENT_MINOR_VERSION 11
#define WBCLIENT_VENDOR_VERSION "Samba libwbclient"
struct wbcLibraryDetails {
uint16_t major_version;
**/
struct wbcInterfaceDetails {
uint32_t interface_version;
- const char *winbind_version;
+ char *winbind_version;
char winbind_separator;
- const char *netbios_name;
- const char *netbios_domain;
- const char *dns_domain;
+ char *netbios_name;
+ char *netbios_domain;
+ char *dns_domain;
};
/*
#define WBC_DOMINFO_TRUSTTYPE_IN_FOREST 0x00000002
#define WBC_DOMINFO_TRUSTTYPE_EXTERNAL 0x00000003
+/**
+ * @brief Generic Blob
+ **/
+
+struct wbcBlob {
+ uint8_t *data;
+ size_t length;
+};
+
+/**
+ * @brief Named Blob
+ **/
+
+struct wbcNamedBlob {
+ const char *name;
+ uint32_t flags;
+ struct wbcBlob blob;
+};
/**
* @brief Auth User Parameters
enum wbcAuthUserLevel {
WBC_AUTH_USER_LEVEL_PLAIN = 1,
WBC_AUTH_USER_LEVEL_HASH = 2,
- WBC_AUTH_USER_LEVEL_RESPONSE = 3
+ WBC_AUTH_USER_LEVEL_RESPONSE = 3,
+ WBC_AUTH_USER_LEVEL_PAC = 4
} level;
union {
const char *plaintext;
uint32_t lm_length;
uint8_t *lm_data;
} response;
+ struct wbcBlob pac;
} password;
};
-/**
- * @brief Generic Blob
- **/
-
-struct wbcBlob {
- uint8_t *data;
- size_t length;
-};
-
-/**
- * @brief Named Blob
- **/
-
-struct wbcNamedBlob {
- const char *name;
- uint32_t flags;
- struct wbcBlob blob;
-};
-
/**
* @brief Logon User Parameters
**/
*/
const char* wbcSidTypeString(enum wbcSidType type);
+#define WBC_SID_STRING_BUFLEN (15*11+25)
+
+/*
+ * @brief Print a sid into a buffer
+ *
+ * @param sid Binary Security Identifier
+ * @param buf Target buffer
+ * @param buflen Target buffer length
+ *
+ * @return Resulting string length.
+ */
+int wbcSidToStringBuf(const struct wbcDomainSid *sid, char *buf, int buflen);
+
/**
* @brief Convert a binary SID to a character string
*
char **name,
enum wbcSidType *name_type);
+struct wbcTranslatedName {
+ enum wbcSidType type;
+ char *name;
+ int domain_index;
+};
+
+wbcErr wbcLookupSids(const struct wbcDomainSid *sids, int num_sids,
+ struct wbcDomainInfo **domains, int *num_domains,
+ struct wbcTranslatedName **names);
+
/**
* @brief Translate a collection of RIDs within a domain to names
*/
wbcErr wbcQueryGidToSid(gid_t gid,
struct wbcDomainSid *sid);
+enum wbcIdType {
+ WBC_ID_TYPE_NOT_SPECIFIED,
+ WBC_ID_TYPE_UID,
+ WBC_ID_TYPE_GID,
+ WBC_ID_TYPE_BOTH
+};
+
+union wbcUnixIdContainer {
+ uid_t uid;
+ gid_t gid;
+};
+
+struct wbcUnixId {
+ enum wbcIdType type;
+ union wbcUnixIdContainer id;
+};
+
+/**
+ * @brief Convert a list of sids to unix ids
+ *
+ * @param sids Pointer to an array of SIDs to convert
+ * @param num_sids Number of SIDs
+ * @param ids Preallocated output array for translated IDs
+ *
+ * @return #wbcErr
+ *
+ **/
+wbcErr wbcSidsToUnixIds(const struct wbcDomainSid *sids, uint32_t num_sids,
+ struct wbcUnixId *ids);
+
/**
* @brief Obtain a new uid from Winbind
*
* @brief Set an user id mapping
*
* @param uid Uid of the desired mapping.
- * @param *sid Pointer to the sid of the diresired mapping.
+ * @param *sid Pointer to the sid of the desired mapping.
*
* @return #wbcErr
+ *
+ * @deprecated This method is not impemented any more and should
+ * be removed in the next major version change.
**/
wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid);
* @brief Set a group id mapping
*
* @param gid Gid of the desired mapping.
- * @param *sid Pointer to the sid of the diresired mapping.
+ * @param *sid Pointer to the sid of the desired mapping.
*
* @return #wbcErr
+ *
+ * @deprecated This method is not impemented any more and should
+ * be removed in the next major version change.
**/
wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid);
* @param *sid Pointer to the sid of the mapping to remove.
*
* @return #wbcErr
+ *
+ * @deprecated This method is not impemented any more and should
+ * be removed in the next major version change.
**/
wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid);
* @param *sid Pointer to the sid of the mapping to remove.
*
* @return #wbcErr
+ *
+ * @deprecated This method is not impemented any more and should
+ * be removed in the next major version change.
**/
wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid);
* @param uid_hwm The new uid highwater mark value
*
* @return #wbcErr
+ *
+ * @deprecated This method is not impemented any more and should
+ * be removed in the next major version change.
**/
wbcErr wbcSetUidHwm(uid_t uid_hwm);
* @param gid_hwm The new gid highwater mark value
*
* @return #wbcErr
+ *
+ * @deprecated This method is not impemented any more and should
+ * be removed in the next major version change.
**/
wbcErr wbcSetGidHwm(gid_t gid_hwm);
/**
* @brief Lookup the current status of a trusted domain
*
- * @param domain Domain to query
- * @param *info Pointer to returned domain_info struct
+ * @param domain The domain to query
+ *
+ * @param dinfo A pointer to store the returned domain_info struct.
*
* @return #wbcErr
**/
wbcErr wbcDomainInfo(const char *domain,
- struct wbcDomainInfo **info);
+ struct wbcDomainInfo **dinfo);
+
+/**
+ * @brief Lookup the currently contacted DCs
+ *
+ * @param domain The domain to query
+ *
+ * @param num_dcs Number of DCs currently known
+ * @param dc_names Names of the currently known DCs
+ * @param dc_ips IP addresses of the currently known DCs
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcDcInfo(const char *domain, size_t *num_dcs,
+ const char ***dc_names, const char ***dc_ips);
/**
* @brief Enumerate the domain trusts known by Winbind
struct wbcCredentialCacheInfo **info,
struct wbcAuthErrorInfo **error);
+/**
+ * @brief Save a password with winbind for doing wbcCredentialCache() later
+ *
+ * @param *user Username
+ * @param *password Password
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcCredentialSave(const char *user, const char *password);
+
/**********************************************************
* Resolve functions
**********************************************************/
wbcErr wbcChangeTrustCredentials(const char *domain,
struct wbcAuthErrorInfo **error);
+/**
+ * @brief Trigger a no-op call through the NETLOGON pipe. Low-cost
+ * version of wbcCheckTrustCredentials
+ *
+ * @param *domain The name of the domain, only NULL for the default domain is
+ * supported yet. Other values than NULL will result in
+ * WBC_ERR_NOT_IMPLEMENTED.
+ * @param error Output details on WBC_ERR_AUTH_ERROR
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcPingDc(const char *domain, struct wbcAuthErrorInfo **error);
+
+/**
+ * @brief Trigger a no-op call through the NETLOGON pipe. Low-cost
+ * version of wbcCheckTrustCredentials
+ *
+ * @param *domain The name of the domain, only NULL for the default domain is
+ * supported yet. Other values than NULL will result in
+ * WBC_ERR_NOT_IMPLEMENTED.
+ * @param error Output details on WBC_ERR_AUTH_ERROR
+ * @param dcname DC that was attempted to ping
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcPingDc2(const char *domain, struct wbcAuthErrorInfo **error,
+ char **dcname);
+
/**********************************************************
* Helper functions
**********************************************************/