return;
/* Remember who asked us. */
- state->pid = state->request.pid;
+ state->pid = state->request->pid;
/* Process command */
for (table = dispatch_table; table->fn; table++) {
- if (state->request.cmd == table->cmd) {
+ if (state->request->cmd == table->cmd) {
DEBUG(10,("process_request: request fn %s\n",
table->winbindd_cmd_name ));
table->fn(state);
if (!table->fn) {
DEBUG(10,("process_request: unknown request fn number %d\n",
- (int)state->request.cmd ));
+ (int)state->request->cmd ));
request_error(state);
}
}
return;
}
- setup_async_read(&state->fd_event, &state->request, sizeof(uint32),
+ setup_async_read(&state->fd_event, state->request, sizeof(uint32),
request_len_recv, state);
}
if (state->response.length == sizeof(state->response)) {
TALLOC_FREE(state->mem_ctx);
- setup_async_read(&state->fd_event, &state->request,
+ setup_async_read(&state->fd_event, state->request,
sizeof(uint32), request_len_recv, state);
return;
}
static void request_finished(struct winbindd_cli_state *state)
{
/* Make sure request.extra_data is freed when finish processing a request */
- SAFE_FREE(state->request.extra_data.data);
+ SAFE_FREE(state->request->extra_data.data);
setup_async_write(&state->fd_event, &state->response,
sizeof(state->response), response_main_sent, state);
}
return;
}
- if (*(uint32 *)(void *)(&state->request) != sizeof(state->request)) {
+ if (*(uint32 *)(state->request) != sizeof(*state->request)) {
DEBUG(0,("request_len_recv: Invalid request size received: %d (expected %u)\n",
- *(uint32_t *)(void *)(&state->request),
- (uint32_t)sizeof(state->request)));
+ *(uint32_t *)(state->request),
+ (uint32_t)sizeof(*state->request)));
state->finished = True;
return;
}
- setup_async_read(&state->fd_event,
- (uint32 *)(void *)(&state->request)+1,
- sizeof(state->request) - sizeof(uint32),
+ setup_async_read(&state->fd_event, (uint32 *)(state->request)+1,
+ sizeof(*state->request) - sizeof(uint32),
request_main_recv, state);
}
return;
}
- if (state->request.extra_len == 0) {
- state->request.extra_data.data = NULL;
+ if (state->request->extra_len == 0) {
+ state->request->extra_data.data = NULL;
request_recv(state, True);
return;
}
if ((!state->privileged) &&
- (state->request.extra_len > WINBINDD_MAX_EXTRA_DATA)) {
+ (state->request->extra_len > WINBINDD_MAX_EXTRA_DATA)) {
DEBUG(3, ("Got request with %d bytes extra data on "
- "unprivileged socket\n", (int)state->request.extra_len));
- state->request.extra_data.data = NULL;
+ "unprivileged socket\n",
+ (int)state->request->extra_len));
+ state->request->extra_data.data = NULL;
state->finished = True;
return;
}
- state->request.extra_data.data =
- SMB_MALLOC_ARRAY(char, state->request.extra_len + 1);
+ state->request->extra_data.data =
+ SMB_MALLOC_ARRAY(char, state->request->extra_len + 1);
- if (state->request.extra_data.data == NULL) {
+ if (state->request->extra_data.data == NULL) {
DEBUG(0, ("malloc failed\n"));
state->finished = True;
return;
}
/* Ensure null termination */
- state->request.extra_data.data[state->request.extra_len] = '\0';
+ state->request->extra_data.data[state->request->extra_len] = '\0';
- setup_async_read(&state->fd_event, state->request.extra_data.data,
- state->request.extra_len, request_recv, state);
+ setup_async_read(&state->fd_event, state->request->extra_data.data,
+ state->request->extra_len, request_recv, state);
}
static void request_recv(void *private_data, bool success)
close(sock);
return;
}
+ state->request = &state->_request;
state->sock = sock;
state->fd_event.flags = 0;
add_fd_event(&state->fd_event);
- setup_async_read(&state->fd_event, &state->request, sizeof(uint32),
+ setup_async_read(&state->fd_event, state->request, sizeof(uint32),
request_len_recv, state);
/* Add to connection list */
bool privileged; /* Is the client 'privileged' */
TALLOC_CTX *mem_ctx; /* memory per request */
- struct winbindd_request request; /* Request from client */
+ struct winbindd_request *request; /* Request from client */
+ struct winbindd_request _request;
struct winbindd_response response; /* Respose to client */
bool getpwent_initialized; /* Has getpwent_state been
* initialized? */
char *dom_name;
/* Ensure null termination */
- state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+ state->request->data.sid[sizeof(state->request->data.sid)-1]='\0';
DEBUG(3, ("[%5lu]: lookupsid %s\n", (unsigned long)state->pid,
- state->request.data.sid));
+ state->request->data.sid));
/* Lookup sid from PDC using lsa_lookup_sids() */
- if (!string_to_sid(&sid, state->request.data.sid)) {
- DEBUG(5, ("%s not a SID\n", state->request.data.sid));
+ if (!string_to_sid(&sid, state->request->data.sid)) {
+ DEBUG(5, ("%s not a SID\n", state->request->data.sid));
return WINBINDD_ERROR;
}
char *p;
/* Ensure null termination */
- state->request.data.name.dom_name[sizeof(state->request.data.name.dom_name)-1]='\0';
+ state->request->data.name.dom_name[sizeof(state->request->data.name.dom_name)-1]='\0';
/* Ensure null termination */
- state->request.data.name.name[sizeof(state->request.data.name.name)-1]='\0';
+ state->request->data.name.name[sizeof(state->request->data.name.name)-1]='\0';
/* cope with the name being a fully qualified name */
- p = strstr(state->request.data.name.name, lp_winbind_separator());
+ p = strstr(state->request->data.name.name, lp_winbind_separator());
if (p) {
*p = 0;
- name_domain = state->request.data.name.name;
+ name_domain = state->request->data.name.name;
name_user = p+1;
} else {
- name_domain = state->request.data.name.dom_name;
- name_user = state->request.data.name.name;
+ name_domain = state->request->data.name.dom_name;
+ name_user = state->request->data.name.name;
}
DEBUG(3, ("[%5lu]: lookupname %s%s%s\n", (unsigned long)state->pid,
name_domain, lp_winbind_separator(), name_user));
/* Lookup name from DC using lsa_lookup_names() */
- if (!winbindd_lookup_sid_by_name(state->mem_ctx, state->request.original_cmd, domain, name_domain,
+ if (!winbindd_lookup_sid_by_name(state->mem_ctx, state->request->original_cmd, domain, name_domain,
name_user, &sid, &type)) {
return WINBINDD_ERROR;
}
char *result;
DEBUG(10, ("Looking up RIDs for domain %s (%s)\n",
- state->request.domain_name,
- state->request.data.sid));
+ state->request->domain_name,
+ state->request->data.sid));
- if (!parse_ridlist(state->mem_ctx, state->request.extra_data.data,
+ if (!parse_ridlist(state->mem_ctx, state->request->extra_data.data,
&rids, &num_rids)) {
DEBUG(5, ("Could not parse ridlist\n"));
return WINBINDD_ERROR;
}
- if (!string_to_sid(&domain_sid, state->request.data.sid)) {
+ if (!string_to_sid(&domain_sid, state->request->data.sid)) {
DEBUG(5, ("Could not parse domain sid %s\n",
- state->request.data.sid));
+ state->request->data.sid));
return WINBINDD_ERROR;
}
fstring name_domain, name_user;
/* Ensure null termination */
- state->request.data.ccache_ntlm_auth.user[
- sizeof(state->request.data.ccache_ntlm_auth.user)-1]='\0';
+ state->request->data.ccache_ntlm_auth.user[
+ sizeof(state->request->data.ccache_ntlm_auth.user)-1]='\0';
DEBUG(3, ("[%5lu]: perform NTLM auth on behalf of user %s\n", (unsigned long)state->pid,
- state->request.data.ccache_ntlm_auth.user));
+ state->request->data.ccache_ntlm_auth.user));
/* Parse domain and username */
- if (!canonicalize_username(state->request.data.ccache_ntlm_auth.user,
+ if (!canonicalize_username(state->request->data.ccache_ntlm_auth.user,
name_domain, name_user)) {
DEBUG(5,("winbindd_ccache_ntlm_auth: cannot parse domain and user from name [%s]\n",
- state->request.data.ccache_ntlm_auth.user));
+ state->request->data.ccache_ntlm_auth.user));
request_error(state);
return;
}
return;
}
- if (!check_client_uid(state, state->request.data.ccache_ntlm_auth.uid)) {
+ if (!check_client_uid(state, state->request->data.ccache_ntlm_auth.uid)) {
request_error(state);
return;
}
uint32 initial_blob_len, challenge_blob_len, extra_len;
/* Ensure null termination */
- state->request.data.ccache_ntlm_auth.user[
- sizeof(state->request.data.ccache_ntlm_auth.user)-1]='\0';
+ state->request->data.ccache_ntlm_auth.user[
+ sizeof(state->request->data.ccache_ntlm_auth.user)-1]='\0';
DEBUG(3, ("winbindd_dual_ccache_ntlm_auth: [%5lu]: perform NTLM auth on "
"behalf of user %s (dual)\n", (unsigned long)state->pid,
- state->request.data.ccache_ntlm_auth.user));
+ state->request->data.ccache_ntlm_auth.user));
/* validate blob lengths */
- initial_blob_len = state->request.data.ccache_ntlm_auth.initial_blob_len;
- challenge_blob_len = state->request.data.ccache_ntlm_auth.challenge_blob_len;
- extra_len = state->request.extra_len;
+ initial_blob_len = state->request->data.ccache_ntlm_auth.initial_blob_len;
+ challenge_blob_len = state->request->data.ccache_ntlm_auth.challenge_blob_len;
+ extra_len = state->request->extra_len;
if (initial_blob_len > extra_len || challenge_blob_len > extra_len ||
initial_blob_len + challenge_blob_len > extra_len ||
}
/* Parse domain and username */
- if (!parse_domain_user(state->request.data.ccache_ntlm_auth.user, name_domain, name_user)) {
+ if (!parse_domain_user(state->request->data.ccache_ntlm_auth.user, name_domain, name_user)) {
DEBUG(10,("winbindd_dual_ccache_ntlm_auth: cannot parse "
"domain and user from name [%s]\n",
- state->request.data.ccache_ntlm_auth.user));
+ state->request->data.ccache_ntlm_auth.user));
goto process_result;
}
- entry = find_memory_creds_by_name(state->request.data.ccache_ntlm_auth.user);
+ entry = find_memory_creds_by_name(state->request->data.ccache_ntlm_auth.user);
if (entry == NULL || entry->nt_hash == NULL || entry->lm_hash == NULL) {
DEBUG(10,("winbindd_dual_ccache_ntlm_auth: could not find "
"credentials for user %s\n",
- state->request.data.ccache_ntlm_auth.user));
+ state->request->data.ccache_ntlm_auth.user));
goto process_result;
}
DEBUG(10,("winbindd_dual_ccache_ntlm_auth: found ccache [%s]\n", entry->username));
- if (!client_can_access_ccache_entry(state->request.data.ccache_ntlm_auth.uid, entry)) {
+ if (!client_can_access_ccache_entry(state->request->data.ccache_ntlm_auth.uid, entry)) {
goto process_result;
}
goto process_result;
}
- initial = data_blob(state->request.extra_data.data, initial_blob_len);
- challenge = data_blob(state->request.extra_data.data + initial_blob_len,
- state->request.data.ccache_ntlm_auth.challenge_blob_len);
+ initial = data_blob(state->request->extra_data.data, initial_blob_len);
+ challenge = data_blob(state->request->extra_data.data + initial_blob_len,
+ state->request->data.ccache_ntlm_auth.challenge_blob_len);
if (!initial.data || !challenge.data) {
result = NT_STATUS_NO_MEMORY;
/* Read data */
- status = read_data(state->sock, (char *)&state->request,
- sizeof(state->request));
+ status = read_data(state->sock, (char *)state->request,
+ sizeof(*state->request));
if (!NT_STATUS_IS_OK(status)) {
DEBUG(3, ("child_read_request: read_data failed: %s\n",
return;
}
- if (state->request.extra_len == 0) {
- state->request.extra_data.data = NULL;
+ if (state->request->extra_len == 0) {
+ state->request->extra_data.data = NULL;
return;
}
- DEBUG(10, ("Need to read %d extra bytes\n", (int)state->request.extra_len));
+ DEBUG(10, ("Need to read %d extra bytes\n", (int)state->request->extra_len));
- state->request.extra_data.data =
- SMB_MALLOC_ARRAY(char, state->request.extra_len + 1);
+ state->request->extra_data.data =
+ SMB_MALLOC_ARRAY(char, state->request->extra_len + 1);
- if (state->request.extra_data.data == NULL) {
+ if (state->request->extra_data.data == NULL) {
DEBUG(0, ("malloc failed\n"));
state->finished = True;
return;
}
/* Ensure null termination */
- state->request.extra_data.data[state->request.extra_len] = '\0';
+ state->request->extra_data.data[state->request->extra_len] = '\0';
- status= read_data(state->sock, state->request.extra_data.data,
- state->request.extra_len);
+ status= read_data(state->sock, state->request->extra_data.data,
+ state->request->extra_len);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Could not read extra data: %s\n",
void sendto_child(struct winbindd_cli_state *state,
struct winbindd_child *child)
{
- async_request(state->mem_ctx, child, &state->request,
+ async_request(state->mem_ctx, child, state->request,
&state->response, recvfrom_child, state);
}
struct winbindd_domain *domain)
{
async_domain_request(state->mem_ctx, domain,
- &state->request, &state->response,
+ state->request, &state->response,
recvfrom_child, state);
}
/* Process command */
for (; table->name; table++) {
- if (state->request.cmd == table->struct_cmd) {
+ if (state->request->cmd == table->struct_cmd) {
DEBUG(10,("child_process_request: request fn %s\n",
table->name));
state->response.result = table->struct_fn(domain, state);
}
DEBUG(1 ,("child_process_request: unknown request fn number %d\n",
- (int)state->request.cmd));
+ (int)state->request->cmd));
state->response.result = WINBINDD_ERROR;
}
ZERO_STRUCT(state);
state.pid = sys_getpid();
+ state.request = &state._request;
child->pid = sys_fork();
_exit(0);
}
- DEBUG(4,("child daemon request %d\n", (int)state.request.cmd));
+ DEBUG(4,("child daemon request %d\n", (int)state.request->cmd));
ZERO_STRUCT(state.response);
- state.request.null_term = '\0';
+ state.request->null_term = '\0';
child_process_request(child, &state);
- SAFE_FREE(state.request.extra_data.data);
+ SAFE_FREE(state.request->extra_data.data);
cache_store_response(sys_getpid(), &state.response);
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
/* Ensure null termination */
- state->request.data.groupname[sizeof(state->request.data.groupname)-1]='\0';
+ state->request->data.groupname[sizeof(state->request->data.groupname)-1]='\0';
DEBUG(3, ("[%5lu]: getgrnam %s\n", (unsigned long)state->pid,
- state->request.data.groupname));
+ state->request->data.groupname));
nt_status = normalize_name_unmap(state->mem_ctx,
- state->request.data.groupname,
+ state->request->data.groupname,
&tmp);
/* If we didn't map anything in the above call, just reset the
tmp pointer to the original string */
if (!NT_STATUS_IS_OK(nt_status) &&
!NT_STATUS_EQUAL(nt_status, NT_STATUS_FILE_RENAMED))
{
- tmp = state->request.data.groupname;
+ tmp = state->request->data.groupname;
}
/* Parse domain and groupname */
if (success) {
DEBUG(10,("getgrgid_recv: gid %lu has sid %s\n",
- (unsigned long)(state->request.data.gid), sid));
+ (unsigned long)(state->request->data.gid), sid));
if (!string_to_sid(&group_sid, sid)) {
DEBUG(1,("getgrgid_recv: Could not convert sid %s "
}
/* Ok, this might be "ours", i.e. an alias */
- if (pdb_gid_to_sid(state->request.data.gid, &group_sid) &&
+ if (pdb_gid_to_sid(state->request->data.gid, &group_sid) &&
lookup_sid(state->mem_ctx, &group_sid, NULL, NULL, &name_type) &&
(name_type == SID_NAME_ALIAS)) {
/* Hey, got an alias */
DEBUG(10,("getgrgid_recv: we have an alias with gid %lu and sid %s\n",
- (unsigned long)(state->request.data.gid), sid));
+ (unsigned long)(state->request->data.gid), sid));
winbindd_getgrsid(state, group_sid);
return;
}
DEBUG(1, ("could not convert gid %lu to sid\n",
- (unsigned long)state->request.data.gid));
+ (unsigned long)state->request->data.gid));
request_error(state);
}
/* Return a group structure from a gid number */
void winbindd_getgrgid(struct winbindd_cli_state *state)
{
- gid_t gid = state->request.data.gid;
+ gid_t gid = state->request->data.gid;
DEBUG(3, ("[%5lu]: getgrgid %lu\n",
(unsigned long)state->pid,
return;
}
- num_groups = MIN(MAX_GETGRENT_GROUPS, state->request.data.num_entries);
+ num_groups = MIN(MAX_GETGRENT_GROUPS, state->request->data.num_entries);
if (num_groups == 0) {
request_error(state);
gr_mem_len = 0;
/* Get group membership */
- if (state->request.cmd == WINBINDD_GETGRLST) {
+ if (state->request->cmd == WINBINDD_GETGRLST) {
result = True;
} else {
sid_copy(&member_sid, &domain->sid);
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
/* Ensure null termination */
- state->request.data.username
- [sizeof(state->request.data.username)-1]='\0';
+ state->request->data.username
+ [sizeof(state->request->data.username)-1]='\0';
DEBUG(3, ("[%5lu]: getgroups %s\n", (unsigned long)state->pid,
- state->request.data.username));
+ state->request->data.username));
/* Parse domain and username */
s->state = state;
nt_status = normalize_name_unmap(state->mem_ctx,
- state->request.data.username,
+ state->request->data.username,
&real_name);
/* Reset the real_name pointer if we didn't do anything
if (!NT_STATUS_IS_OK(nt_status) &&
!NT_STATUS_EQUAL(nt_status, NT_STATUS_FILE_RENAMED))
{
- real_name = state->request.data.username;
+ real_name = state->request->data.username;
}
if (!parse_domain_user_talloc(state->mem_ctx, real_name,
s->domname = talloc_strdup(state->mem_ctx,
get_global_sam_name());
s->username = talloc_strdup(state->mem_ctx,
- state->request.data.username);
+ state->request->data.username);
}
/* Get info for the domain (either by short domain name or
DOM_SID *user_sid;
/* Ensure null termination */
- state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+ state->request->data.sid[sizeof(state->request->data.sid)-1]='\0';
user_sid = TALLOC_P(state->mem_ctx, DOM_SID);
if (user_sid == NULL) {
return;
}
- if (!string_to_sid(user_sid, state->request.data.sid)) {
+ if (!string_to_sid(user_sid, state->request->data.sid)) {
DEBUG(1, ("Could not get convert sid %s from string\n",
- state->request.data.sid));
+ state->request->data.sid));
request_error(state);
return;
}
struct winbindd_domain *domain;
/* Ensure null termination */
- state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+ state->request->data.sid[sizeof(state->request->data.sid)-1]='\0';
- if (!string_to_sid(&user_sid, state->request.data.sid)) {
+ if (!string_to_sid(&user_sid, state->request->data.sid)) {
DEBUG(1, ("Could not get convert sid %s from string\n",
- state->request.data.sid));
+ state->request->data.sid));
request_error(state);
return;
}
uint32 num_groups;
/* Ensure null termination */
- state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+ state->request->data.sid[sizeof(state->request->data.sid)-1]='\0';
- if (!string_to_sid(&user_sid, state->request.data.sid)) {
+ if (!string_to_sid(&user_sid, state->request->data.sid)) {
DEBUG(1, ("Could not get convert sid %s from string\n",
- state->request.data.sid));
+ state->request->data.sid));
return WINBINDD_ERROR;
}
struct winbindd_domain *domain;
/* Ensure null termination */
- state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+ state->request->data.sid[sizeof(state->request->data.sid)-1]='\0';
- if (!string_to_sid(&domain_sid, state->request.data.sid)) {
+ if (!string_to_sid(&domain_sid, state->request->data.sid)) {
DEBUG(1, ("Could not get convert sid %s from string\n",
- state->request.data.sid));
+ state->request->data.sid));
request_error(state);
return;
}
DEBUG(3, ("[%5lu]: getsidaliases\n", (unsigned long)state->pid));
- sidstr = state->request.extra_data.data;
+ sidstr = state->request->extra_data.data;
if (sidstr == NULL) {
sidstr = talloc_strdup(state->mem_ctx, "\n"); /* No SID */
if (!sidstr) {
DEBUG(3, ("[%5lu]: dual_idmapset\n", (unsigned long)state->pid));
- if (!string_to_sid(&sid, state->request.data.dual_idmapset.sid))
+ if (!string_to_sid(&sid, state->request->data.dual_idmapset.sid))
return WINBINDD_ERROR;
map.sid = &sid;
- map.xid.id = state->request.data.dual_idmapset.id;
- map.xid.type = state->request.data.dual_idmapset.type;
+ map.xid.id = state->request->data.dual_idmapset.id;
+ map.xid.type = state->request->data.dual_idmapset.type;
map.status = ID_MAPPED;
result = idmap_set_mapping(&map);
DEBUG(3, ("[%5lu]: dual_idmapremove\n", (unsigned long)state->pid));
- if (!string_to_sid(&sid, state->request.data.dual_idmapset.sid))
+ if (!string_to_sid(&sid, state->request->data.dual_idmapset.sid))
return WINBINDD_ERROR;
map.sid = &sid;
- map.xid.id = state->request.data.dual_idmapset.id;
- map.xid.type = state->request.data.dual_idmapset.type;
+ map.xid.id = state->request->data.dual_idmapset.id;
+ map.xid.type = state->request->data.dual_idmapset.type;
map.status = ID_MAPPED;
result = idmap_remove_mapping(&map);
DEBUG(3, ("[%5lu]: dual_set_hwm\n", (unsigned long)state->pid));
- xid.id = state->request.data.dual_idmapset.id;
- xid.type = state->request.data.dual_idmapset.type;
+ xid.id = state->request->data.dual_idmapset.id;
+ xid.type = state->request->data.dual_idmapset.type;
switch (xid.type) {
case ID_TYPE_UID:
NTSTATUS result;
DEBUG(3, ("[%5lu]: sid to uid %s\n", (unsigned long)state->pid,
- state->request.data.dual_sid2id.sid));
+ state->request->data.dual_sid2id.sid));
- if (!string_to_sid(&sid, state->request.data.dual_sid2id.sid)) {
+ if (!string_to_sid(&sid, state->request->data.dual_sid2id.sid)) {
DEBUG(1, ("Could not get convert sid %s from string\n",
- state->request.data.dual_sid2id.sid));
+ state->request->data.dual_sid2id.sid));
return WINBINDD_ERROR;
}
- result = idmap_sid_to_uid(state->request.domain_name, &sid,
+ result = idmap_sid_to_uid(state->request->domain_name, &sid,
&state->response.data.uid);
DEBUG(10, ("winbindd_dual_sid2uid: 0x%08x - %s - %u\n",
NTSTATUS result;
DEBUG(3, ("[%5lu]: sid to gid %s\n", (unsigned long)state->pid,
- state->request.data.dual_sid2id.sid));
+ state->request->data.dual_sid2id.sid));
- if (!string_to_sid(&sid, state->request.data.dual_sid2id.sid)) {
+ if (!string_to_sid(&sid, state->request->data.dual_sid2id.sid)) {
DEBUG(1, ("Could not get convert sid %s from string\n",
- state->request.data.dual_sid2id.sid));
+ state->request->data.dual_sid2id.sid));
return WINBINDD_ERROR;
}
/* Find gid for this sid and return it, possibly ask the slow remote idmap */
- result = idmap_sid_to_gid(state->request.domain_name, &sid,
+ result = idmap_sid_to_gid(state->request->domain_name, &sid,
&state->response.data.gid);
DEBUG(10, ("winbindd_dual_sid2gid: 0x%08x - %s - %u\n",
DEBUG(3,("[%5lu]: uid to sid %lu\n",
(unsigned long)state->pid,
- (unsigned long) state->request.data.uid));
+ (unsigned long) state->request->data.uid));
/* Find sid for this uid and return it, possibly ask the slow remote idmap */
- result = idmap_uid_to_sid(state->request.domain_name, &sid,
- state->request.data.uid);
+ result = idmap_uid_to_sid(state->request->domain_name, &sid,
+ state->request->data.uid);
if (NT_STATUS_IS_OK(result)) {
sid_to_fstring(state->response.data.sid.sid, &sid);
DEBUG(3,("[%5lu]: gid %lu to sid\n",
(unsigned long)state->pid,
- (unsigned long) state->request.data.gid));
+ (unsigned long) state->request->data.gid));
/* Find sid for this gid and return it, possibly ask the slow remote idmap */
- result = idmap_gid_to_sid(state->request.domain_name, &sid,
- state->request.data.gid);
+ result = idmap_gid_to_sid(state->request->domain_name, &sid,
+ state->request->data.gid);
if (NT_STATUS_IS_OK(result)) {
sid_to_fstring(state->response.data.sid.sid, &sid);
void winbindd_dsgetdcname(struct winbindd_cli_state *state)
{
- state->request.data.dsgetdcname.domain_name
- [sizeof(state->request.data.dsgetdcname.domain_name)-1] = '\0';
- state->request.data.dsgetdcname.site_name
- [sizeof(state->request.data.dsgetdcname.site_name)-1] = '\0';
- state->request.data.dsgetdcname.domain_guid
- [sizeof(state->request.data.dsgetdcname.domain_guid)-1] = '\0';
+ state->request->data.dsgetdcname.domain_name
+ [sizeof(state->request->data.dsgetdcname.domain_name)-1] = '\0';
+ state->request->data.dsgetdcname.site_name
+ [sizeof(state->request->data.dsgetdcname.site_name)-1] = '\0';
+ state->request->data.dsgetdcname.domain_guid
+ [sizeof(state->request->data.dsgetdcname.domain_guid)-1] = '\0';
DEBUG(3, ("[%5lu]: dsgetdcname for %s\n", (unsigned long)state->pid,
- state->request.data.dsgetdcname.domain_name));
+ state->request->data.dsgetdcname.domain_name));
sendto_child(state, locator_child());
}
struct GUID guid, *guid_ptr = NULL;
const char *guid_str = NULL;
- state->request.data.dsgetdcname.domain_name
- [sizeof(state->request.data.dsgetdcname.domain_name)-1] = '\0';
- state->request.data.dsgetdcname.site_name
- [sizeof(state->request.data.dsgetdcname.site_name)-1] = '\0';
- state->request.data.dsgetdcname.domain_guid
- [sizeof(state->request.data.dsgetdcname.domain_guid)-1] = '\0';
+ state->request->data.dsgetdcname.domain_name
+ [sizeof(state->request->data.dsgetdcname.domain_name)-1] = '\0';
+ state->request->data.dsgetdcname.site_name
+ [sizeof(state->request->data.dsgetdcname.site_name)-1] = '\0';
+ state->request->data.dsgetdcname.domain_guid
+ [sizeof(state->request->data.dsgetdcname.domain_guid)-1] = '\0';
DEBUG(3, ("[%5lu]: dsgetdcname for %s\n", (unsigned long)state->pid,
- state->request.data.dsgetdcname.domain_name));
+ state->request->data.dsgetdcname.domain_name));
- ds_flags = get_dsgetdc_flags(state->request.flags);
+ ds_flags = get_dsgetdc_flags(state->request->flags);
- result = GUID_from_string(state->request.data.dsgetdcname.domain_guid,
+ result = GUID_from_string(state->request->data.dsgetdcname.domain_guid,
&guid);
if (NT_STATUS_IS_OK(result) && !GUID_all_zero(&guid)) {
guid_ptr = &guid;
result = dsgetdcname(state->mem_ctx,
winbind_messaging_context(),
- state->request.data.dsgetdcname.domain_name,
+ state->request->data.dsgetdcname.domain_name,
guid_ptr,
- state->request.data.dsgetdcname.site_name,
+ state->request->data.dsgetdcname.site_name,
ds_flags,
&info);
get_ent_type_string(type)));
/* Ensure null termination */
- state->request.domain_name[sizeof(state->request.domain_name)-1]='\0';
- which_domain = state->request.domain_name;
+ state->request->domain_name[sizeof(state->request->domain_name)-1]='\0';
+ which_domain = state->request->domain_name;
/* Initialize listent_state */
ent_state = TALLOC_P(state->mem_ctx, struct listent_state);
}
}
- if (state->request.data.list_all_domains && !have_own_domain) {
+ if (state->request->data.list_all_domains && !have_own_domain) {
extra_data = talloc_asprintf(
state->mem_ctx, "%s\n%s\\%s\\%s",
extra_data, domain->name,
{
struct winbindd_domain *domain;
- state->request.domain_name
- [sizeof(state->request.domain_name)-1] = '\0';
+ state->request->domain_name
+ [sizeof(state->request->domain_name)-1] = '\0';
DEBUG(3, ("[%5lu]: Get DC name for %s\n", (unsigned long)state->pid,
- state->request.domain_name));
+ state->request->domain_name));
- domain = find_domain_from_name_noinit(state->request.domain_name);
+ domain = find_domain_from_name_noinit(state->request->domain_name);
if (domain && domain->internal) {
fstrcpy(state->response.data.dc_name, global_myname());
request_ok(state);
unsigned int orig_timeout;
struct winbindd_domain *req_domain;
- state->request.domain_name
- [sizeof(state->request.domain_name)-1] = '\0';
+ state->request->domain_name
+ [sizeof(state->request->domain_name)-1] = '\0';
DEBUG(3, ("[%5lu]: Get DC name for %s\n", (unsigned long)state->pid,
- state->request.domain_name));
+ state->request->domain_name));
result = cm_connect_netlogon(domain, &netlogon_pipe);
orig_timeout = rpccli_set_timeout(netlogon_pipe, 35000);
- req_domain = find_domain_from_name_noinit(state->request.domain_name);
+ req_domain = find_domain_from_name_noinit(state->request->domain_name);
if (req_domain == domain) {
result = rpccli_netr_GetDcName(netlogon_pipe,
state->mem_ctx,
domain->dcname,
- state->request.domain_name,
+ state->request->domain_name,
&dcname_slash,
&werr);
} else {
result = rpccli_netr_GetAnyDCName(netlogon_pipe,
state->mem_ctx,
domain->dcname,
- state->request.domain_name,
+ state->request->domain_name,
&dcname_slash,
&werr);
}
if (!NT_STATUS_IS_OK(result)) {
DEBUG(5,("Error requesting DCname for domain %s: %s\n",
- state->request.domain_name, nt_errstr(result)));
+ state->request->domain_name, nt_errstr(result)));
return WINBINDD_ERROR;
}
if (!W_ERROR_IS_OK(werr)) {
DEBUG(5, ("Error requesting DCname for domain %s: %s\n",
- state->request.domain_name, win_errstr(werr)));
+ state->request->domain_name, win_errstr(werr)));
return WINBINDD_ERROR;
}
struct sequence_state *seq;
/* Ensure null termination */
- state->request.domain_name[sizeof(state->request.domain_name)-1]='\0';
+ state->request->domain_name[sizeof(state->request->domain_name)-1]='\0';
- if (strlen(state->request.domain_name) > 0) {
+ if (strlen(state->request->domain_name) > 0) {
struct winbindd_domain *domain;
domain = find_domain_from_name_noinit(
- state->request.domain_name);
+ state->request->domain_name);
if (domain == NULL) {
request_error(state);
return;
DEBUG(3, ("[%5lu]: show sequence\n", (unsigned long)state->pid));
/* Ensure null termination */
- state->request.domain_name[sizeof(state->request.domain_name)-1]='\0';
+ state->request->domain_name[sizeof(state->request->domain_name)-1]='\0';
domain->methods->sequence_number(domain, &domain->sequence_number);
struct winbindd_domain *domain;
DEBUG(3, ("[%5lu]: domain_info [%s]\n", (unsigned long)state->pid,
- state->request.domain_name));
+ state->request->domain_name));
- domain = find_domain_from_name_noinit(state->request.domain_name);
+ domain = find_domain_from_name_noinit(state->request->domain_name);
if (domain == NULL) {
DEBUG(3, ("Did not find domain [%s]\n",
- state->request.domain_name));
+ state->request->domain_name));
request_error(state);
return;
}
}
/* we can auth against trusted domains */
- if (state->request.flags & WBFLAG_PAM_CONTACT_TRUSTDOM) {
+ if (state->request->flags & WBFLAG_PAM_CONTACT_TRUSTDOM) {
domain = find_domain_from_name_noinit(domain_name);
if (domain == NULL) {
DEBUG(3, ("Authentication for domain [%s] skipped "
static void setup_return_cc_name(struct winbindd_cli_state *state, const char *cc)
{
- const char *type = state->request.data.auth.krb5_cc_type;
+ const char *type = state->request->data.auth.krb5_cc_type;
state->response.data.auth.krb5ccname[0] = '\0';
{
uid_t uid = -1;
- uid = state->request.data.auth.uid;
+ uid = state->request->data.auth.uid;
if (uid < 0) {
DEBUG(1,("invalid uid: '%u'\n", (unsigned int)uid));
}
cc = generate_krb5_ccache(state->mem_ctx,
- state->request.data.auth.krb5_cc_type,
- state->request.data.auth.uid,
+ state->request->data.auth.krb5_cc_type,
+ state->request->data.auth.uid,
&internal_ccache);
if (cc == NULL) {
return NT_STATUS_NO_MEMORY;
/* 3rd step:
* do kerberos auth and setup ccache as the user */
- parse_domain_user(state->request.data.auth.user, name_domain, name_user);
+ parse_domain_user(state->request->data.auth.user, name_domain, name_user);
realm = domain->alt_name;
strupper_m(realm);
result = kerberos_return_info3_from_pac(state->mem_ctx,
principal_s,
- state->request.data.auth.pass,
+ state->request->data.auth.pass,
time_offset,
&ticket_lifetime,
&renewal_until,
result = add_ccache_to_list(principal_s,
cc,
service,
- state->request.data.auth.user,
+ state->request->data.auth.user,
realm,
uid,
time(NULL),
"%s\n", error_message(krb5_ret)));
}
- if (!NT_STATUS_IS_OK(remove_ccache(state->request.data.auth.user))) {
+ if (!NT_STATUS_IS_OK(remove_ccache(state->request->data.auth.user))) {
DEBUG(3,("winbindd_raw_kerberos_login: "
"could not remove ccache for user %s\n",
- state->request.data.auth.user));
+ state->request->data.auth.user));
}
return result;
const char *name_user)
{
NTSTATUS result;
- uint32_t flags = state->request.flags;
+ uint32_t flags = state->request->flags;
if (flags & WBFLAG_PAM_USER_SESSION_KEY) {
memcpy(state->response.data.auth.user_session_key,
NTSTATUS name_map_status = NT_STATUS_UNSUCCESSFUL;
/* Ensure null termination */
- state->request.data.auth.user
- [sizeof(state->request.data.auth.user)-1]='\0';
+ state->request->data.auth.user
+ [sizeof(state->request->data.auth.user)-1]='\0';
/* Ensure null termination */
- state->request.data.auth.pass
- [sizeof(state->request.data.auth.pass)-1]='\0';
+ state->request->data.auth.pass
+ [sizeof(state->request->data.auth.pass)-1]='\0';
DEBUG(3, ("[%5lu]: pam auth %s\n", (unsigned long)state->pid,
- state->request.data.auth.user));
+ state->request->data.auth.user));
- if (!check_request_flags(state->request.flags)) {
+ if (!check_request_flags(state->request->flags)) {
result = NT_STATUS_INVALID_PARAMETER_MIX;
goto done;
}
/* Parse domain and username */
name_map_status = normalize_name_unmap(state->mem_ctx,
- state->request.data.auth.user,
+ state->request->data.auth.user,
&mapped_user);
/* If the name normalization didnt' actually do anything,
if (!NT_STATUS_IS_OK(name_map_status) &&
!NT_STATUS_EQUAL(name_map_status, NT_STATUS_FILE_RENAMED))
{
- mapped_user = state->request.data.auth.user;
+ mapped_user = state->request->data.auth.user;
}
if (!canonicalize_username(mapped_user, name_domain, name_user)) {
set_auth_errors(&state->response, result);
DEBUG(5, ("Plain text authentication for %s returned %s "
"(PAM: %d)\n",
- state->request.data.auth.user,
+ state->request->data.auth.user,
state->response.data.auth.nt_status_string,
state->response.data.auth.pam_error));
request_error(state);
/* Parse domain and username */
- parse_domain_user(state->request.data.auth.user, name_domain, name_user);
+ parse_domain_user(state->request->data.auth.user, name_domain, name_user);
if (!lookup_cached_name(state->mem_ctx,
*info3 = my_info3;
- E_md4hash(state->request.data.auth.pass, new_nt_pass);
+ E_md4hash(state->request->data.auth.pass, new_nt_pass);
dump_data_pw("new_nt_pass", new_nt_pass, NT_HASH_LEN);
dump_data_pw("cached_nt_pass", cached_nt_pass, NT_HASH_LEN);
}
#ifdef HAVE_KRB5
- if ((state->request.flags & WBFLAG_PAM_KRB5) &&
+ if ((state->request->flags & WBFLAG_PAM_KRB5) &&
((tdc_domain = wcache_tdc_fetch_domain(state->mem_ctx, name_domain)) != NULL) &&
(tdc_domain->trust_type & NETR_TRUST_TYPE_UPLEVEL)) {
}
cc = generate_krb5_ccache(state->mem_ctx,
- state->request.data.auth.krb5_cc_type,
- state->request.data.auth.uid,
+ state->request->data.auth.krb5_cc_type,
+ state->request->data.auth.uid,
&internal_ccache);
if (cc == NULL) {
return NT_STATUS_NO_MEMORY;
result = add_ccache_to_list(principal_s,
cc,
service,
- state->request.data.auth.user,
+ state->request->data.auth.user,
domain->alt_name,
uid,
time(NULL),
result = winbindd_update_creds_by_info3(domain,
state->mem_ctx,
- state->request.data.auth.user,
- state->request.data.auth.pass,
+ state->request->data.auth.user,
+ state->request->data.auth.pass,
my_info3);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(1,("winbindd_dual_pam_auth_cached: failed to update creds: %s\n",
failed:
result = winbindd_update_creds_by_info3(domain,
state->mem_ctx,
- state->request.data.auth.user,
+ state->request->data.auth.user,
NULL,
my_info3);
/* Parse domain and username */
- parse_domain_user(state->request.data.auth.user, name_domain, name_user);
+ parse_domain_user(state->request->data.auth.user, name_domain, name_user);
/* what domain should we contact? */
if ( IS_DC ) {
if (!(contact_domain = find_domain_from_name(name_domain))) {
DEBUG(3, ("Authentication for domain for [%s] -> [%s]\\[%s] failed as %s is not a trusted domain\n",
- state->request.data.auth.user, name_domain, name_user, name_domain));
+ state->request->data.auth.user, name_domain, name_user, name_domain));
result = NT_STATUS_NO_SUCH_USER;
goto done;
}
contact_domain = find_domain_from_name(name_domain);
if (contact_domain == NULL) {
DEBUG(3, ("Authentication for domain for [%s] -> [%s]\\[%s] failed as %s is not a trusted domain\n",
- state->request.data.auth.user, name_domain, name_user, name_domain));
+ state->request->data.auth.user, name_domain, name_user, name_domain));
contact_domain = find_our_domain();
}
/* Parse domain and username */
- parse_domain_user(state->request.data.auth.user, name_domain, name_user);
+ parse_domain_user(state->request->data.auth.user, name_domain, name_user);
/* do password magic */
names_blob = NTLMv2_generate_names_blob(state->mem_ctx, global_myname(), lp_workgroup());
if (!SMBNTLMv2encrypt(NULL, name_user, name_domain,
- state->request.data.auth.pass,
+ state->request->data.auth.pass,
&server_chal,
&names_blob,
&lm_response, &nt_response, NULL, NULL)) {
} else {
if (lp_client_lanman_auth()
- && SMBencrypt(state->request.data.auth.pass,
+ && SMBencrypt(state->request->data.auth.pass,
chal,
local_lm_response)) {
lm_resp = data_blob_talloc(state->mem_ctx,
} else {
lm_resp = data_blob_null;
}
- SMBNTencrypt(state->request.data.auth.pass,
+ SMBNTencrypt(state->request->data.auth.pass,
chal,
local_nt_response);
if ( IS_DC ) {
if (!(contact_domain = find_domain_from_name(name_domain))) {
DEBUG(3, ("Authentication for domain for [%s] -> [%s]\\[%s] failed as %s is not a trusted domain\n",
- state->request.data.auth.user, name_domain, name_user, name_domain));
+ state->request->data.auth.user, name_domain, name_user, name_domain));
result = NT_STATUS_NO_SUCH_USER;
goto done;
}
* the samlogon reply info3. When accurate info3 is required by the
* caller, we look up the account flags ourselve - gd */
- if ((state->request.flags & WBFLAG_PAM_INFO3_TEXT) &&
+ if ((state->request->flags & WBFLAG_PAM_INFO3_TEXT) &&
NT_STATUS_IS_OK(result) && (my_info3->base.acct_flags == 0)) {
struct rpc_pipe_client *samr_pipe;
NTSTATUS name_map_status = NT_STATUS_UNSUCCESSFUL;
/* Ensure null termination */
- state->request.data.auth.user[sizeof(state->request.data.auth.user)-1]='\0';
+ state->request->data.auth.user[sizeof(state->request->data.auth.user)-1]='\0';
/* Ensure null termination */
- state->request.data.auth.pass[sizeof(state->request.data.auth.pass)-1]='\0';
+ state->request->data.auth.pass[sizeof(state->request->data.auth.pass)-1]='\0';
DEBUG(3, ("[%5lu]: dual pam auth %s\n", (unsigned long)state->pid,
- state->request.data.auth.user));
+ state->request->data.auth.user));
- if (!check_request_flags(state->request.flags)) {
+ if (!check_request_flags(state->request->flags)) {
result = NT_STATUS_INVALID_PARAMETER_MIX;
goto done;
}
/* Parse domain and username */
name_map_status = normalize_name_unmap(state->mem_ctx,
- state->request.data.auth.user,
+ state->request->data.auth.user,
&mapped_user);
/* If the name normalization didnt' actually do anything,
if (!NT_STATUS_IS_OK(name_map_status) &&
!NT_STATUS_EQUAL(name_map_status, NT_STATUS_FILE_RENAMED))
{
- mapped_user = state->request.data.auth.user;
+ mapped_user = state->request->data.auth.user;
}
parse_domain_user(mapped_user, name_domain, name_user);
- if ( mapped_user != state->request.data.auth.user ) {
+ if ( mapped_user != state->request->data.auth.user ) {
fstr_sprintf( domain_user, "%s\\%s", name_domain, name_user );
- safe_strcpy( state->request.data.auth.user, domain_user,
- sizeof(state->request.data.auth.user)-1 );
+ safe_strcpy( state->request->data.auth.user, domain_user,
+ sizeof(state->request->data.auth.user)-1 );
}
if (domain->online == false) {
DEBUG(10,("winbindd_dual_pam_auth: domain: %s last was %s\n", domain->name, domain->online ? "online":"offline"));
/* Check for Kerberos authentication */
- if (domain->online && (state->request.flags & WBFLAG_PAM_KRB5)) {
+ if (domain->online && (state->request->flags & WBFLAG_PAM_KRB5)) {
result = winbindd_dual_pam_auth_kerberos(domain, state, &info3);
/* save for later */
goto process_result;
}
- if (state->request.flags & WBFLAG_PAM_FALLBACK_AFTER_KRB5) {
+ if (state->request->flags & WBFLAG_PAM_FALLBACK_AFTER_KRB5) {
DEBUG(3,("falling back to samlogon\n"));
goto sam_logon;
} else {
cached_logon:
/* Check for Cached logons */
- if (!domain->online && (state->request.flags & WBFLAG_PAM_CACHED_LOGIN) &&
+ if (!domain->online && (state->request->flags & WBFLAG_PAM_CACHED_LOGIN) &&
lp_winbind_offline_logon()) {
result = winbindd_dual_pam_auth_cached(domain, state, &info3);
/* Check if the user is in the right group */
if (!NT_STATUS_IS_OK(result = check_info3_in_group(state->mem_ctx, info3,
- state->request.data.auth.require_membership_of_sid))) {
+ state->request->data.auth.require_membership_of_sid))) {
DEBUG(3, ("User %s is not in the required group (%s), so plaintext authentication is rejected\n",
- state->request.data.auth.user,
- state->request.data.auth.require_membership_of_sid));
+ state->request->data.auth.user,
+ state->request->data.auth.require_membership_of_sid));
goto done;
}
goto done;
}
- if ((state->request.flags & WBFLAG_PAM_CACHED_LOGIN)) {
+ if ((state->request->flags & WBFLAG_PAM_CACHED_LOGIN)) {
/* Store in-memory creds for single-signon using ntlm_auth. */
- result = winbindd_add_memory_creds(state->request.data.auth.user,
+ result = winbindd_add_memory_creds(state->request->data.auth.user,
get_uid_from_state(state),
- state->request.data.auth.pass);
+ state->request->data.auth.pass);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(10,("Failed to store memory creds: %s\n", nt_errstr(result)));
if (lp_winbind_offline_logon()) {
result = winbindd_store_creds(domain,
state->mem_ctx,
- state->request.data.auth.user,
- state->request.data.auth.pass,
+ state->request->data.auth.user,
+ state->request->data.auth.pass,
info3, NULL);
if (!NT_STATUS_IS_OK(result)) {
/* Release refcount. */
- winbindd_delete_memory_creds(state->request.data.auth.user);
+ winbindd_delete_memory_creds(state->request->data.auth.user);
DEBUG(10,("Failed to store creds: %s\n", nt_errstr(result)));
goto done;
}
- if (state->request.flags & WBFLAG_PAM_GET_PWD_POLICY) {
+ if (state->request->flags & WBFLAG_PAM_GET_PWD_POLICY) {
struct winbindd_domain *our_domain = find_our_domain();
/* This is not entirely correct I believe, but it is
set_auth_errors(&state->response, result);
DEBUG(NT_STATUS_IS_OK(result) ? 5 : 2, ("Plain-text authentication for user %s returned %s (PAM: %d)\n",
- state->request.data.auth.user,
+ state->request->data.auth.user,
state->response.data.auth.nt_status_string,
state->response.data.auth.pam_error));
const char *domain_name = NULL;
NTSTATUS result;
- if (!check_request_flags(state->request.flags)) {
+ if (!check_request_flags(state->request->flags)) {
result = NT_STATUS_INVALID_PARAMETER_MIX;
goto done;
}
}
/* Ensure null termination */
- state->request.data.auth_crap.user
- [sizeof(state->request.data.auth_crap.user)-1]=0;
- state->request.data.auth_crap.domain
- [sizeof(state->request.data.auth_crap.domain)-1]=0;
+ state->request->data.auth_crap.user
+ [sizeof(state->request->data.auth_crap.user)-1]=0;
+ state->request->data.auth_crap.domain
+ [sizeof(state->request->data.auth_crap.domain)-1]=0;
DEBUG(3, ("[%5lu]: pam auth crap domain: [%s] user: %s\n",
(unsigned long)state->pid,
- state->request.data.auth_crap.domain,
- state->request.data.auth_crap.user));
+ state->request->data.auth_crap.domain,
+ state->request->data.auth_crap.user));
- if (*state->request.data.auth_crap.domain != '\0') {
- domain_name = state->request.data.auth_crap.domain;
+ if (*state->request->data.auth_crap.domain != '\0') {
+ domain_name = state->request->data.auth_crap.domain;
} else if (lp_winbind_use_default_domain()) {
domain_name = lp_workgroup();
}
done:
set_auth_errors(&state->response, result);
DEBUG(5, ("CRAP authentication for %s\\%s returned %s (PAM: %d)\n",
- state->request.data.auth_crap.domain,
- state->request.data.auth_crap.user,
+ state->request->data.auth_crap.domain,
+ state->request->data.auth_crap.user,
state->response.data.auth.nt_status_string,
state->response.data.auth.pam_error));
request_error(state);
anymore */
/* Ensure null termination */
- state->request.data.auth_crap.user[sizeof(state->request.data.auth_crap.user)-1]=0;
- state->request.data.auth_crap.domain[sizeof(state->request.data.auth_crap.domain)-1]=0;
+ state->request->data.auth_crap.user[sizeof(state->request->data.auth_crap.user)-1]=0;
+ state->request->data.auth_crap.domain[sizeof(state->request->data.auth_crap.domain)-1]=0;
- if (!check_request_flags(state->request.flags)) {
+ if (!check_request_flags(state->request->flags)) {
result = NT_STATUS_INVALID_PARAMETER_MIX;
goto done;
}
- name_user = state->request.data.auth_crap.user;
+ name_user = state->request->data.auth_crap.user;
- if (*state->request.data.auth_crap.domain) {
- name_domain = state->request.data.auth_crap.domain;
+ if (*state->request->data.auth_crap.domain) {
+ name_domain = state->request->data.auth_crap.domain;
} else if (lp_winbind_use_default_domain()) {
name_domain = lp_workgroup();
} else {
DEBUG(3, ("[%5lu]: pam auth crap domain: %s user: %s\n", (unsigned long)state->pid,
name_domain, name_user));
- if (*state->request.data.auth_crap.workstation) {
- workstation = state->request.data.auth_crap.workstation;
+ if (*state->request->data.auth_crap.workstation) {
+ workstation = state->request->data.auth_crap.workstation;
} else {
workstation = global_myname();
}
- if (state->request.data.auth_crap.lm_resp_len > sizeof(state->request.data.auth_crap.lm_resp)
- || state->request.data.auth_crap.nt_resp_len > sizeof(state->request.data.auth_crap.nt_resp)) {
- if (!(state->request.flags & WBFLAG_BIG_NTLMV2_BLOB) ||
- state->request.extra_len != state->request.data.auth_crap.nt_resp_len) {
+ if (state->request->data.auth_crap.lm_resp_len > sizeof(state->request->data.auth_crap.lm_resp)
+ || state->request->data.auth_crap.nt_resp_len > sizeof(state->request->data.auth_crap.nt_resp)) {
+ if (!(state->request->flags & WBFLAG_BIG_NTLMV2_BLOB) ||
+ state->request->extra_len != state->request->data.auth_crap.nt_resp_len) {
DEBUG(0, ("winbindd_pam_auth_crap: invalid password length %u/%u\n",
- state->request.data.auth_crap.lm_resp_len,
- state->request.data.auth_crap.nt_resp_len));
+ state->request->data.auth_crap.lm_resp_len,
+ state->request->data.auth_crap.nt_resp_len));
result = NT_STATUS_INVALID_PARAMETER;
goto done;
}
}
- lm_resp = data_blob_talloc(state->mem_ctx, state->request.data.auth_crap.lm_resp,
- state->request.data.auth_crap.lm_resp_len);
+ lm_resp = data_blob_talloc(state->mem_ctx, state->request->data.auth_crap.lm_resp,
+ state->request->data.auth_crap.lm_resp_len);
- if (state->request.flags & WBFLAG_BIG_NTLMV2_BLOB) {
+ if (state->request->flags & WBFLAG_BIG_NTLMV2_BLOB) {
nt_resp = data_blob_talloc(state->mem_ctx,
- state->request.extra_data.data,
- state->request.data.auth_crap.nt_resp_len);
+ state->request->extra_data.data,
+ state->request->data.auth_crap.nt_resp_len);
} else {
nt_resp = data_blob_talloc(state->mem_ctx,
- state->request.data.auth_crap.nt_resp,
- state->request.data.auth_crap.nt_resp_len);
+ state->request->data.auth_crap.nt_resp,
+ state->request->data.auth_crap.nt_resp_len);
}
/* what domain should we contact? */
if ( IS_DC ) {
if (!(contact_domain = find_domain_from_name(name_domain))) {
DEBUG(3, ("Authentication for domain for [%s] -> [%s]\\[%s] failed as %s is not a trusted domain\n",
- state->request.data.auth_crap.user, name_domain, name_user, name_domain));
+ state->request->data.auth_crap.user, name_domain, name_user, name_domain));
result = NT_STATUS_NO_SUCH_USER;
goto done;
}
result = logon_fn(netlogon_pipe,
state->mem_ctx,
- state->request.data.auth_crap.logon_parameters,
+ state->request->data.auth_crap.logon_parameters,
contact_domain->dcname,
name_user,
name_domain,
/* Bug #3248 - found by Stefan Burkei. */
workstation, /* We carefully set this above so use it... */
- state->request.data.auth_crap.chal,
+ state->request->data.auth_crap.chal,
lm_resp,
nt_resp,
&info3);
/* Check if the user is in the right group */
if (!NT_STATUS_IS_OK(result = check_info3_in_group(state->mem_ctx, info3,
- state->request.data.auth_crap.require_membership_of_sid))) {
+ state->request->data.auth_crap.require_membership_of_sid))) {
DEBUG(3, ("User %s is not in the required group (%s), so "
"crap authentication is rejected\n",
- state->request.data.auth_crap.user,
- state->request.data.auth_crap.require_membership_of_sid));
+ state->request->data.auth_crap.user,
+ state->request->data.auth_crap.require_membership_of_sid));
goto done;
}
result = NT_STATUS_NO_LOGON_SERVERS;
}
- if (state->request.flags & WBFLAG_PAM_NT_STATUS_SQUASH) {
+ if (state->request->flags & WBFLAG_PAM_NT_STATUS_SQUASH) {
result = nt_status_squash(result);
}
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
DEBUG(3, ("[%5lu]: pam chauthtok %s\n", (unsigned long)state->pid,
- state->request.data.chauthtok.user));
+ state->request->data.chauthtok.user));
/* Setup crap */
nt_status = normalize_name_unmap(state->mem_ctx,
- state->request.data.chauthtok.user,
+ state->request->data.chauthtok.user,
&mapped_user);
/* Update the chauthtok name if we did any mapping */
if (NT_STATUS_IS_OK(nt_status) ||
NT_STATUS_EQUAL(nt_status, NT_STATUS_FILE_RENAMED))
{
- fstrcpy(state->request.data.chauthtok.user, mapped_user);
+ fstrcpy(state->request->data.chauthtok.user, mapped_user);
}
/* Must pass in state->...chauthtok.user because
canonicalize_username() assumes an fstring(). Since
we have already copied it (if necessary), this is ok. */
- if (!canonicalize_username(state->request.data.chauthtok.user, domain, user)) {
+ if (!canonicalize_username(state->request->data.chauthtok.user, domain, user)) {
set_auth_errors(&state->response, NT_STATUS_NO_SUCH_USER);
DEBUG(5, ("winbindd_pam_chauthtok: canonicalize_username %s failed with %s"
"(PAM: %d)\n",
- state->request.data.auth.user,
+ state->request->data.auth.user,
state->response.data.auth.nt_status_string,
state->response.data.auth.pam_error));
request_error(state);
if (!contact_domain) {
set_auth_errors(&state->response, NT_STATUS_NO_SUCH_USER);
DEBUG(3, ("Cannot change password for [%s] -> [%s]\\[%s] as %s is not a trusted domain\n",
- state->request.data.chauthtok.user, domain, user, domain));
+ state->request->data.chauthtok.user, domain, user, domain));
request_error(state);
return;
}
fstring domain, user;
DEBUG(3, ("[%5lu]: dual pam chauthtok %s\n", (unsigned long)state->pid,
- state->request.data.auth.user));
+ state->request->data.auth.user));
- if (!parse_domain_user(state->request.data.chauthtok.user, domain, user)) {
+ if (!parse_domain_user(state->request->data.chauthtok.user, domain, user)) {
goto done;
}
/* Change password */
- oldpass = state->request.data.chauthtok.oldpass;
- newpass = state->request.data.chauthtok.newpass;
+ oldpass = state->request->data.chauthtok.oldpass;
+ newpass = state->request->data.chauthtok.newpass;
/* Initialize reject reason */
state->response.data.auth.reject_reason = Undefined;
done:
- if (NT_STATUS_IS_OK(result) && (state->request.flags & WBFLAG_PAM_CACHED_LOGIN)) {
+ if (NT_STATUS_IS_OK(result) && (state->request->flags & WBFLAG_PAM_CACHED_LOGIN)) {
/* Update the single sign-on memory creds. */
- result = winbindd_replace_memory_creds(state->request.data.chauthtok.user,
+ result = winbindd_replace_memory_creds(state->request->data.chauthtok.user,
newpass);
/* When we login from gdm or xdm and password expires,
struct winbindd_domain *domain;
fstring name_domain, user;
uid_t caller_uid = (uid_t)-1;
- uid_t request_uid = state->request.data.logoff.uid;
+ uid_t request_uid = state->request->data.logoff.uid;
DEBUG(3, ("[%5lu]: pam logoff %s\n", (unsigned long)state->pid,
- state->request.data.logoff.user));
+ state->request->data.logoff.user));
/* Ensure null termination */
- state->request.data.logoff.user
- [sizeof(state->request.data.logoff.user)-1]='\0';
+ state->request->data.logoff.user
+ [sizeof(state->request->data.logoff.user)-1]='\0';
- state->request.data.logoff.krb5ccname
- [sizeof(state->request.data.logoff.krb5ccname)-1]='\0';
+ state->request->data.logoff.krb5ccname
+ [sizeof(state->request->data.logoff.krb5ccname)-1]='\0';
if (request_uid == (gid_t)-1) {
goto failed;
}
- if (!canonicalize_username(state->request.data.logoff.user, name_domain, user)) {
+ if (!canonicalize_username(state->request->data.logoff.user, name_domain, user)) {
goto failed;
}
goto failed;
case 0:
/* root must be able to logoff any user - gd */
- state->request.data.logoff.uid = request_uid;
+ state->request->data.logoff.uid = request_uid;
break;
default:
if (caller_uid != request_uid) {
DEBUG(1,("winbindd_pam_logoff: caller requested invalid uid\n"));
goto failed;
}
- state->request.data.logoff.uid = caller_uid;
+ state->request->data.logoff.uid = caller_uid;
break;
}
set_auth_errors(&state->response, NT_STATUS_NO_SUCH_USER);
DEBUG(5, ("Pam Logoff for %s returned %s "
"(PAM: %d)\n",
- state->request.data.logoff.user,
+ state->request->data.logoff.user,
state->response.data.auth.nt_status_string,
state->response.data.auth.pam_error));
request_error(state);
NTSTATUS result = NT_STATUS_NOT_SUPPORTED;
DEBUG(3, ("[%5lu]: pam dual logoff %s\n", (unsigned long)state->pid,
- state->request.data.logoff.user));
+ state->request->data.logoff.user));
- if (!(state->request.flags & WBFLAG_PAM_KRB5)) {
+ if (!(state->request->flags & WBFLAG_PAM_KRB5)) {
result = NT_STATUS_OK;
goto process_result;
}
- if (state->request.data.logoff.krb5ccname[0] == '\0') {
+ if (state->request->data.logoff.krb5ccname[0] == '\0') {
result = NT_STATUS_OK;
goto process_result;
}
#ifdef HAVE_KRB5
- if (state->request.data.logoff.uid < 0) {
+ if (state->request->data.logoff.uid < 0) {
DEBUG(0,("winbindd_pam_logoff: invalid uid\n"));
goto process_result;
}
/* what we need here is to find the corresponding krb5 ccache name *we*
* created for a given username and destroy it */
- if (!ccache_entry_exists(state->request.data.logoff.user)) {
+ if (!ccache_entry_exists(state->request->data.logoff.user)) {
result = NT_STATUS_OK;
DEBUG(10,("winbindd_pam_logoff: no entry found.\n"));
goto process_result;
}
- if (!ccache_entry_identical(state->request.data.logoff.user,
- state->request.data.logoff.uid,
- state->request.data.logoff.krb5ccname)) {
+ if (!ccache_entry_identical(state->request->data.logoff.user,
+ state->request->data.logoff.uid,
+ state->request->data.logoff.krb5ccname)) {
DEBUG(0,("winbindd_pam_logoff: cached entry differs.\n"));
goto process_result;
}
- result = remove_ccache(state->request.data.logoff.user);
+ result = remove_ccache(state->request->data.logoff.user);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0,("winbindd_pam_logoff: failed to remove ccache: %s\n",
nt_errstr(result)));
process_result:
- winbindd_delete_memory_creds(state->request.data.logoff.user);
+ winbindd_delete_memory_creds(state->request->data.logoff.user);
set_auth_errors(&state->response, result);
const char *domain_name = NULL;
/* Ensure null termination */
- state->request.data.chng_pswd_auth_crap.user[
- sizeof(state->request.data.chng_pswd_auth_crap.user)-1]=0;
- state->request.data.chng_pswd_auth_crap.domain[
- sizeof(state->request.data.chng_pswd_auth_crap.domain)-1]=0;
+ state->request->data.chng_pswd_auth_crap.user[
+ sizeof(state->request->data.chng_pswd_auth_crap.user)-1]=0;
+ state->request->data.chng_pswd_auth_crap.domain[
+ sizeof(state->request->data.chng_pswd_auth_crap.domain)-1]=0;
DEBUG(3, ("[%5lu]: pam change pswd auth crap domain: %s user: %s\n",
(unsigned long)state->pid,
- state->request.data.chng_pswd_auth_crap.domain,
- state->request.data.chng_pswd_auth_crap.user));
+ state->request->data.chng_pswd_auth_crap.domain,
+ state->request->data.chng_pswd_auth_crap.user));
- if (*state->request.data.chng_pswd_auth_crap.domain != '\0') {
- domain_name = state->request.data.chng_pswd_auth_crap.domain;
+ if (*state->request->data.chng_pswd_auth_crap.domain != '\0') {
+ domain_name = state->request->data.chng_pswd_auth_crap.domain;
} else if (lp_winbind_use_default_domain()) {
domain_name = lp_workgroup();
}
set_auth_errors(&state->response, NT_STATUS_NO_SUCH_USER);
DEBUG(5, ("CRAP change password for %s\\%s returned %s (PAM: %d)\n",
- state->request.data.chng_pswd_auth_crap.domain,
- state->request.data.chng_pswd_auth_crap.user,
+ state->request->data.chng_pswd_auth_crap.domain,
+ state->request->data.chng_pswd_auth_crap.user,
state->response.data.auth.nt_status_string,
state->response.data.auth.pam_error));
request_error(state);
struct rpc_pipe_client *cli;
/* Ensure null termination */
- state->request.data.chng_pswd_auth_crap.user[
- sizeof(state->request.data.chng_pswd_auth_crap.user)-1]=0;
- state->request.data.chng_pswd_auth_crap.domain[
- sizeof(state->request.data.chng_pswd_auth_crap.domain)-1]=0;
+ state->request->data.chng_pswd_auth_crap.user[
+ sizeof(state->request->data.chng_pswd_auth_crap.user)-1]=0;
+ state->request->data.chng_pswd_auth_crap.domain[
+ sizeof(state->request->data.chng_pswd_auth_crap.domain)-1]=0;
*domain = 0;
*user = 0;
DEBUG(3, ("[%5lu]: pam change pswd auth crap domain: %s user: %s\n",
(unsigned long)state->pid,
- state->request.data.chng_pswd_auth_crap.domain,
- state->request.data.chng_pswd_auth_crap.user));
+ state->request->data.chng_pswd_auth_crap.domain,
+ state->request->data.chng_pswd_auth_crap.user));
if (lp_winbind_offline_logon()) {
DEBUG(0,("Refusing password change as winbind offline logons are enabled. "));
goto done;
}
- if (*state->request.data.chng_pswd_auth_crap.domain) {
- fstrcpy(domain,state->request.data.chng_pswd_auth_crap.domain);
+ if (*state->request->data.chng_pswd_auth_crap.domain) {
+ fstrcpy(domain,state->request->data.chng_pswd_auth_crap.domain);
} else {
- parse_domain_user(state->request.data.chng_pswd_auth_crap.user,
+ parse_domain_user(state->request->data.chng_pswd_auth_crap.user,
domain, user);
if(!*domain) {
DEBUG(3,("no domain specified with username (%s) - "
"failing auth\n",
- state->request.data.chng_pswd_auth_crap.user));
+ state->request->data.chng_pswd_auth_crap.user));
result = NT_STATUS_NO_SUCH_USER;
goto done;
}
}
if(!*user) {
- fstrcpy(user, state->request.data.chng_pswd_auth_crap.user);
+ fstrcpy(user, state->request->data.chng_pswd_auth_crap.user);
}
DEBUG(3, ("[%5lu]: pam auth crap domain: %s user: %s\n",
/* Change password */
new_nt_password = data_blob_talloc(
state->mem_ctx,
- state->request.data.chng_pswd_auth_crap.new_nt_pswd,
- state->request.data.chng_pswd_auth_crap.new_nt_pswd_len);
+ state->request->data.chng_pswd_auth_crap.new_nt_pswd,
+ state->request->data.chng_pswd_auth_crap.new_nt_pswd_len);
old_nt_hash_enc = data_blob_talloc(
state->mem_ctx,
- state->request.data.chng_pswd_auth_crap.old_nt_hash_enc,
- state->request.data.chng_pswd_auth_crap.old_nt_hash_enc_len);
+ state->request->data.chng_pswd_auth_crap.old_nt_hash_enc,
+ state->request->data.chng_pswd_auth_crap.old_nt_hash_enc_len);
- if(state->request.data.chng_pswd_auth_crap.new_lm_pswd_len > 0) {
+ if(state->request->data.chng_pswd_auth_crap.new_lm_pswd_len > 0) {
new_lm_password = data_blob_talloc(
state->mem_ctx,
- state->request.data.chng_pswd_auth_crap.new_lm_pswd,
- state->request.data.chng_pswd_auth_crap.new_lm_pswd_len);
+ state->request->data.chng_pswd_auth_crap.new_lm_pswd,
+ state->request->data.chng_pswd_auth_crap.new_lm_pswd_len);
old_lm_hash_enc = data_blob_talloc(
state->mem_ctx,
- state->request.data.chng_pswd_auth_crap.old_lm_hash_enc,
- state->request.data.chng_pswd_auth_crap.old_lm_hash_enc_len);
+ state->request->data.chng_pswd_auth_crap.old_lm_hash_enc,
+ state->request->data.chng_pswd_auth_crap.old_lm_hash_enc_len);
} else {
new_lm_password.length = 0;
old_lm_hash_enc.length = 0;
DOM_SID sid;
/* Ensure null termination */
- state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+ state->request->data.sid[sizeof(state->request->data.sid)-1]='\0';
DEBUG(3, ("[%5lu]: lookupsid %s\n", (unsigned long)state->pid,
- state->request.data.sid));
+ state->request->data.sid));
- if (!string_to_sid(&sid, state->request.data.sid)) {
- DEBUG(5, ("%s not a SID\n", state->request.data.sid));
+ if (!string_to_sid(&sid, state->request->data.sid)) {
+ DEBUG(5, ("%s not a SID\n", state->request->data.sid));
request_error(state);
return;
}
char *p;
/* Ensure null termination */
- state->request.data.name.dom_name[sizeof(state->request.data.name.dom_name)-1]='\0';
+ state->request->data.name.dom_name[sizeof(state->request->data.name.dom_name)-1]='\0';
/* Ensure null termination */
- state->request.data.name.name[sizeof(state->request.data.name.name)-1]='\0';
+ state->request->data.name.name[sizeof(state->request->data.name.name)-1]='\0';
/* cope with the name being a fully qualified name */
- p = strstr(state->request.data.name.name, lp_winbind_separator());
+ p = strstr(state->request->data.name.name, lp_winbind_separator());
if (p) {
*p = 0;
- name_domain = state->request.data.name.name;
+ name_domain = state->request->data.name.name;
name_user = p+1;
} else {
- name_domain = state->request.data.name.dom_name;
- name_user = state->request.data.name.name;
+ name_domain = state->request->data.name.dom_name;
+ name_user = state->request->data.name.name;
}
DEBUG(3, ("[%5lu]: lookupname %s%s%s\n", (unsigned long)state->pid,
DOM_SID domain_sid;
/* Ensure null termination */
- state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+ state->request->data.sid[sizeof(state->request->data.sid)-1]='\0';
- DEBUG(10, ("lookup_rids: %s\n", state->request.data.sid));
+ DEBUG(10, ("lookup_rids: %s\n", state->request->data.sid));
- if (!string_to_sid(&domain_sid, state->request.data.sid)) {
+ if (!string_to_sid(&domain_sid, state->request->data.sid)) {
DEBUG(5, ("Could not convert %s to SID\n",
- state->request.data.sid));
+ state->request->data.sid));
request_error(state);
return;
}
domain = find_lookup_domain_from_sid(&domain_sid);
if (domain == NULL) {
DEBUG(10, ("Could not find domain for name %s\n",
- state->request.domain_name));
+ state->request->domain_name));
request_error(state);
return;
}
talloc_get_type_abort(private_data, struct winbindd_cli_state);
struct dom_sid sid;
- string_to_sid(&sid, state->request.data.sid);
+ string_to_sid(&sid, state->request->data.sid);
if (!success) {
DEBUG(5, ("Could not convert sid %s\n",
- state->request.data.sid));
+ state->request->data.sid));
request_error(state);
return;
}
talloc_get_type_abort(private_data, struct winbindd_cli_state);
DOM_SID sid;
- if (!string_to_sid(&sid, state->request.data.sid)) {
+ if (!string_to_sid(&sid, state->request->data.sid)) {
DEBUG(1, ("sid2uid_lookupsid_recv: Could not get convert sid "
- "%s from string\n", state->request.data.sid));
+ "%s from string\n", state->request->data.sid));
request_error(state);
return;
}
if (!success) {
DEBUG(5, ("sid2uid_lookupsid_recv Could not convert get sid type for %s\n",
- state->request.data.sid));
+ state->request->data.sid));
goto fail;
}
if ( (type!=SID_NAME_USER) && (type!=SID_NAME_COMPUTER) ) {
DEBUG(5,("sid2uid_lookupsid_recv: Sid %s is not a user or a computer.\n",
- state->request.data.sid));
+ state->request->data.sid));
goto fail;
}
bool expired;
/* Ensure null termination */
- state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+ state->request->data.sid[sizeof(state->request->data.sid)-1]='\0';
DEBUG(3, ("[%5lu]: sid to uid %s\n", (unsigned long)state->pid,
- state->request.data.sid));
+ state->request->data.sid));
- if (!string_to_sid(&sid, state->request.data.sid)) {
+ if (!string_to_sid(&sid, state->request->data.sid)) {
DEBUG(1, ("Could not get convert sid %s from string\n",
- state->request.data.sid));
+ state->request->data.sid));
request_error(state);
return;
}
talloc_get_type_abort(private_data, struct winbindd_cli_state);
struct dom_sid sid;
- string_to_sid(&sid, state->request.data.sid);
+ string_to_sid(&sid, state->request->data.sid);
if (!success) {
DEBUG(5, ("Could not convert sid %s\n",
- state->request.data.sid));
+ state->request->data.sid));
request_error(state);
return;
}
talloc_get_type_abort(private_data, struct winbindd_cli_state);
DOM_SID sid;
- if (!string_to_sid(&sid, state->request.data.sid)) {
+ if (!string_to_sid(&sid, state->request->data.sid)) {
DEBUG(1, ("sid2gid_lookupsid_recv: Could not get convert sid "
- "%s from string\n", state->request.data.sid));
+ "%s from string\n", state->request->data.sid));
request_error(state);
return;
}
if (!success) {
DEBUG(5, ("sid2gid_lookupsid_recv: Could not get sid type for %s\n",
- state->request.data.sid));
+ state->request->data.sid));
goto fail;
}
(type!=SID_NAME_WKN_GRP) )
{
DEBUG(5,("sid2gid_lookupsid_recv: Sid %s is not a group.\n",
- state->request.data.sid));
+ state->request->data.sid));
goto fail;
}
bool expired;
/* Ensure null termination */
- state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+ state->request->data.sid[sizeof(state->request->data.sid)-1]='\0';
DEBUG(3, ("[%5lu]: sid to gid %s\n", (unsigned long)state->pid,
- state->request.data.sid));
+ state->request->data.sid));
- if (!string_to_sid(&sid, state->request.data.sid)) {
+ if (!string_to_sid(&sid, state->request->data.sid)) {
DEBUG(1, ("Could not get convert sid %s from string\n",
- state->request.data.sid));
+ state->request->data.sid));
request_error(state);
return;
}
return;
}
- if (!string_to_sid(&sid, state->request.data.dual_idmapset.sid)) {
+ if (!string_to_sid(&sid, state->request->data.dual_idmapset.sid)) {
DEBUG(1, ("Could not get convert sid %s from string\n",
- state->request.data.sid));
+ state->request->data.sid));
request_error(state);
return;
}
map.sid = &sid;
- map.xid.id = state->request.data.dual_idmapset.id;
- map.xid.type = state->request.data.dual_idmapset.type;
+ map.xid.id = state->request->data.dual_idmapset.id;
+ map.xid.type = state->request->data.dual_idmapset.type;
winbindd_set_mapping_async(state->mem_ctx, &map,
set_mapping_recv, state);
return;
}
- if (!string_to_sid(&sid, state->request.data.dual_idmapset.sid)) {
+ if (!string_to_sid(&sid, state->request->data.dual_idmapset.sid)) {
DEBUG(1, ("Could not get convert sid %s from string\n",
- state->request.data.sid));
+ state->request->data.sid));
request_error(state);
return;
}
map.sid = &sid;
- map.xid.id = state->request.data.dual_idmapset.id;
- map.xid.type = state->request.data.dual_idmapset.type;
+ map.xid.id = state->request->data.dual_idmapset.id;
+ map.xid.type = state->request->data.dual_idmapset.type;
winbindd_remove_mapping_async(state->mem_ctx, &map,
remove_mapping_recv, state);
return;
}
- xid.id = state->request.data.dual_idmapset.id;
- xid.type = state->request.data.dual_idmapset.type;
+ xid.id = state->request->data.dual_idmapset.id;
+ xid.type = state->request->data.dual_idmapset.type;
winbindd_set_hwm_async(state->mem_ctx, &xid, set_hwm_recv, state);
}
if (!success || !string_to_sid(&sid, sidstr)) {
ZERO_STRUCT(sid);
- idmap_cache_set_sid2uid(&sid, state->request.data.uid);
+ idmap_cache_set_sid2uid(&sid, state->request->data.uid);
request_error(state);
return;
}
DEBUG(10,("uid2sid: uid %lu has sid %s\n",
- (unsigned long)(state->request.data.uid), sidstr));
+ (unsigned long)(state->request->data.uid), sidstr));
- idmap_cache_set_sid2uid(&sid, state->request.data.uid);
+ idmap_cache_set_sid2uid(&sid, state->request->data.uid);
fstrcpy(state->response.data.sid.sid, sidstr);
state->response.data.sid.type = SID_NAME_USER;
request_ok(state);
bool expired;
DEBUG(3, ("[%5lu]: uid to sid %lu\n", (unsigned long)state->pid,
- (unsigned long)state->request.data.uid));
+ (unsigned long)state->request->data.uid));
- if (idmap_cache_find_uid2sid(state->request.data.uid, &sid,
+ if (idmap_cache_find_uid2sid(state->request->data.uid, &sid,
&expired)) {
DEBUG(10, ("idmap_cache_find_uid2sid found %d%s\n",
- (int)state->request.data.uid,
+ (int)state->request->data.uid,
expired ? " (expired)": ""));
if (expired && IS_DOMAIN_ONLINE(find_our_domain())) {
DEBUG(10, ("revalidating expired entry\n"));
/* always go via the async interface (may block) */
backend:
- winbindd_uid2sid_async(state->mem_ctx, state->request.data.uid, uid2sid_recv, state);
+ winbindd_uid2sid_async(state->mem_ctx, state->request->data.uid, uid2sid_recv, state);
}
/* Convert a gid to a sid */
if (!success || !string_to_sid(&sid, sidstr)) {
ZERO_STRUCT(sid);
- idmap_cache_set_sid2gid(&sid, state->request.data.gid);
+ idmap_cache_set_sid2gid(&sid, state->request->data.gid);
request_error(state);
return;
}
DEBUG(10,("gid2sid: gid %lu has sid %s\n",
- (unsigned long)(state->request.data.gid), sidstr));
+ (unsigned long)(state->request->data.gid), sidstr));
- idmap_cache_set_sid2gid(&sid, state->request.data.gid);
+ idmap_cache_set_sid2gid(&sid, state->request->data.gid);
fstrcpy(state->response.data.sid.sid, sidstr);
state->response.data.sid.type = SID_NAME_DOM_GRP;
request_ok(state);
bool expired;
DEBUG(3, ("[%5lu]: gid to sid %lu\n", (unsigned long)state->pid,
- (unsigned long)state->request.data.gid));
+ (unsigned long)state->request->data.gid));
- if (idmap_cache_find_gid2sid(state->request.data.gid, &sid,
+ if (idmap_cache_find_gid2sid(state->request->data.gid, &sid,
&expired)) {
DEBUG(10, ("idmap_cache_find_gid2sid found %d%s\n",
- (int)state->request.data.gid,
+ (int)state->request->data.gid,
expired ? " (expired)": ""));
if (expired && IS_DOMAIN_ONLINE(find_our_domain())) {
DEBUG(10, ("revalidating expired entry\n"));
/* always use async calls (may block) */
backend:
- winbindd_gid2sid_async(state->mem_ctx, state->request.data.gid, gid2sid_recv, state);
+ winbindd_gid2sid_async(state->mem_ctx, state->request->data.gid, gid2sid_recv, state);
}
void winbindd_allocate_uid(struct winbindd_cli_state *state)
NTSTATUS status;
/* Ensure null termination */
- state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+ state->request->data.sid[sizeof(state->request->data.sid)-1]='\0';
DEBUG(3, ("[%5lu]: lookupsid %s\n", (unsigned long)state->pid,
- state->request.data.sid));
+ state->request->data.sid));
- if (!string_to_sid(&sid, state->request.data.sid)) {
- DEBUG(5, ("%s not a SID\n", state->request.data.sid));
+ if (!string_to_sid(&sid, state->request->data.sid)) {
+ DEBUG(5, ("%s not a SID\n", state->request->data.sid));
return WINBINDD_ERROR;
}
size_t dusize;
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
- domuser = state->request.data.username;
- dusize = sizeof(state->request.data.username);
+ domuser = state->request->data.username;
+ dusize = sizeof(state->request->data.username);
/* Ensure null termination (it's an fstring) */
domuser[dusize-1] = '\0';
struct winbindd_cli_state *state =
(struct winbindd_cli_state *)private_data;
fstring domname, username;
- char *domuser = state->request.data.username;
+ char *domuser = state->request->data.username;
if (!success) {
DEBUG(5, ("Could not lookup name for user %s\n", domuser));
if (!success) {
DEBUG(10,("uid2sid_recv: uid [%lu] to sid mapping failed\n.",
- (unsigned long)(state->request.data.uid)));
+ (unsigned long)(state->request->data.uid)));
request_error(state);
return;
}
DEBUG(10,("uid2sid_recv: uid %lu has sid %s\n",
- (unsigned long)(state->request.data.uid), sid));
+ (unsigned long)(state->request->data.uid), sid));
if (!string_to_sid(&user_sid, sid)) {
DEBUG(1,("uid2sid_recv: Could not convert sid %s "
/* Return a password structure given a uid number */
void winbindd_getpwuid(struct winbindd_cli_state *state)
{
- uid_t uid = state->request.data.uid;
+ uid_t uid = state->request->data.uid;
DEBUG(3, ("[%5lu]: getpwuid %lu\n",
(unsigned long)state->pid,
DOM_SID sid;
/* Ensure null termination */
- state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+ state->request->data.sid[sizeof(state->request->data.sid)-1]='\0';
DEBUG(3, ("[%5lu]: getpwsid %s\n", (unsigned long)state->pid,
- state->request.data.sid));
+ state->request->data.sid));
- if (!string_to_sid(&sid, state->request.data.sid)) {
- DEBUG(5, ("%s not a SID\n", state->request.data.sid));
+ if (!string_to_sid(&sid, state->request->data.sid)) {
+ DEBUG(5, ("%s not a SID\n", state->request->data.sid));
request_error(state);
return;
}
/* Allocate space for returning a chunk of users */
- num_users = MIN(MAX_GETPWENT_USERS, state->request.data.num_entries);
+ num_users = MIN(MAX_GETPWENT_USERS, state->request->data.num_entries);
if (num_users == 0) {
request_error(state);
struct winbindd_cli_state *state)
{
/* Ensure null termination */
- state->request.domain_name
- [sizeof(state->request.domain_name)-1]='\0';
- state->request.data.init_conn.dcname
- [sizeof(state->request.data.init_conn.dcname)-1]='\0';
+ state->request->domain_name
+ [sizeof(state->request->domain_name)-1]='\0';
+ state->request->data.init_conn.dcname
+ [sizeof(state->request->data.init_conn.dcname)-1]='\0';
- if (strlen(state->request.data.init_conn.dcname) > 0) {
- fstrcpy(domain->dcname, state->request.data.init_conn.dcname);
+ if (strlen(state->request->data.init_conn.dcname) > 0) {
+ fstrcpy(domain->dcname, state->request->data.init_conn.dcname);
}
init_dc_connection(domain);
NODE_STATUS_STRUCT *status;
/* Ensure null termination */
- state->request.data.winsreq[sizeof(state->request.data.winsreq)-1]='\0';
+ state->request->data.winsreq[sizeof(state->request->data.winsreq)-1]='\0';
DEBUG(3, ("[%5lu]: wins_byip %s\n", (unsigned long)state->pid,
- state->request.data.winsreq));
+ state->request->data.winsreq));
*response = '\0';
maxlen = sizeof(response) - 1;
- if ((status = lookup_byaddr_backend(state->request.data.winsreq, &count))){
- size = strlen(state->request.data.winsreq);
+ if ((status = lookup_byaddr_backend(state->request->data.winsreq, &count))){
+ size = strlen(state->request->data.winsreq);
if (size > maxlen) {
SAFE_FREE(status);
request_error(state);
return;
}
- fstrcat(response,state->request.data.winsreq);
+ fstrcat(response,state->request->data.winsreq);
fstrcat(response,"\t");
for (i = 0; i < count; i++) {
/* ignore group names */
char addr[INET6_ADDRSTRLEN];
/* Ensure null termination */
- state->request.data.winsreq[sizeof(state->request.data.winsreq)-1]='\0';
+ state->request->data.winsreq[sizeof(state->request->data.winsreq)-1]='\0';
DEBUG(3, ("[%5lu]: wins_byname %s\n", (unsigned long)state->pid,
- state->request.data.winsreq));
+ state->request->data.winsreq));
*response = '\0';
maxlen = sizeof(response) - 1;
- if ((ip_list = lookup_byname_backend(state->request.data.winsreq,&count))){
+ if ((ip_list = lookup_byname_backend(state->request->data.winsreq,&count))){
for (i = count; i ; i--) {
print_sockaddr(addr, sizeof(addr), &ip_list[i-1]);
size = strlen(addr);
fstrcat(response,addr);
fstrcat(response,"\t");
}
- size = strlen(state->request.data.winsreq) + strlen(response);
+ size = strlen(state->request->data.winsreq) + strlen(response);
if (size > maxlen) {
SAFE_FREE(ip_list);
request_error(state);
return;
}
- fstrcat(response,state->request.data.winsreq);
+ fstrcat(response,state->request->data.winsreq);
fstrcat(response,"\n");
SAFE_FREE(ip_list);
} else {