2 Unix SMB/CIFS implementation.
4 Winbind daemon - miscellaneous other functions
6 Copyright (C) Tim Potter 2000
7 Copyright (C) Andrew Bartlett 2002
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "../librpc/gen_ndr/cli_netlogon.h"
28 #define DBGC_CLASS DBGC_WINBIND
30 /* Constants and helper functions for determining domain trust types */
39 const char *trust_type_strings[] = {"External",
44 static enum trust_type get_trust_type(struct winbindd_tdc_domain *domain)
46 if (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN)
48 else if (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)
50 else if (((domain->trust_flags & NETR_TRUST_FLAG_IN_FOREST) == NETR_TRUST_FLAG_IN_FOREST) &&
51 ((domain->trust_flags & NETR_TRUST_FLAG_PRIMARY) == 0x0))
56 static const char *get_trust_type_string(struct winbindd_tdc_domain *domain)
58 return trust_type_strings[get_trust_type(domain)];
61 static bool trust_is_inbound(struct winbindd_tdc_domain *domain)
63 return (domain->trust_flags == 0x0) ||
64 ((domain->trust_flags & NETR_TRUST_FLAG_IN_FOREST) ==
65 NETR_TRUST_FLAG_IN_FOREST) ||
66 ((domain->trust_flags & NETR_TRUST_FLAG_INBOUND) ==
67 NETR_TRUST_FLAG_INBOUND);
70 static bool trust_is_outbound(struct winbindd_tdc_domain *domain)
72 return (domain->trust_flags == 0x0) ||
73 ((domain->trust_flags & NETR_TRUST_FLAG_IN_FOREST) ==
74 NETR_TRUST_FLAG_IN_FOREST) ||
75 ((domain->trust_flags & NETR_TRUST_FLAG_OUTBOUND) ==
76 NETR_TRUST_FLAG_OUTBOUND);
79 static bool trust_is_transitive(struct winbindd_tdc_domain *domain)
81 if ((domain->trust_attribs == NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE) ||
82 (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) ||
83 (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL))
88 void winbindd_list_trusted_domains(struct winbindd_cli_state *state)
90 struct winbindd_tdc_domain *dom_list = NULL;
91 struct winbindd_tdc_domain *d = NULL;
92 size_t num_domains = 0;
93 int extra_data_len = 0;
94 char *extra_data = NULL;
97 DEBUG(3, ("[%5lu]: list trusted domains\n",
98 (unsigned long)state->pid));
100 if( !wcache_tdc_fetch_list( &dom_list, &num_domains )) {
101 request_error(state);
105 for ( i = 0; i < num_domains; i++ ) {
106 struct winbindd_domain *domain;
107 bool is_online = true;
110 domain = find_domain_from_name_noinit(d->domain_name);
112 is_online = domain->online;
116 extra_data = talloc_asprintf(state->mem_ctx,
117 "%s\\%s\\%s\\%s\\%s\\%s\\%s\\%s",
119 d->dns_name ? d->dns_name : d->domain_name,
120 sid_string_talloc(state->mem_ctx, &d->sid),
121 get_trust_type_string(d),
122 trust_is_transitive(d) ? "Yes" : "No",
123 trust_is_inbound(d) ? "Yes" : "No",
124 trust_is_outbound(d) ? "Yes" : "No",
125 is_online ? "Online" : "Offline" );
127 extra_data = talloc_asprintf(state->mem_ctx,
128 "%s\n%s\\%s\\%s\\%s\\%s\\%s\\%s\\%s",
131 d->dns_name ? d->dns_name : d->domain_name,
132 sid_string_talloc(state->mem_ctx, &d->sid),
133 get_trust_type_string(d),
134 trust_is_transitive(d) ? "Yes" : "No",
135 trust_is_inbound(d) ? "Yes" : "No",
136 trust_is_outbound(d) ? "Yes" : "No",
137 is_online ? "Online" : "Offline" );
142 if (extra_data != NULL) {
143 extra_data_len = strlen(extra_data);
146 if (extra_data_len > 0) {
147 state->response->extra_data.data = extra_data;
148 state->response->length += extra_data_len+1;
153 TALLOC_FREE( dom_list );
156 enum winbindd_result winbindd_dual_list_trusted_domains(struct winbindd_domain *domain,
157 struct winbindd_cli_state *state)
159 uint32 i, num_domains;
160 char **names, **alt_names;
162 int extra_data_len = 0;
165 bool have_own_domain = False;
167 DEBUG(3, ("[%5lu]: list trusted domains\n",
168 (unsigned long)state->pid));
170 result = domain->methods->trusted_domains(domain, state->mem_ctx,
171 &num_domains, &names,
174 if (!NT_STATUS_IS_OK(result)) {
175 DEBUG(3, ("winbindd_dual_list_trusted_domains: trusted_domains returned %s\n",
176 nt_errstr(result) ));
177 return WINBINDD_ERROR;
180 extra_data = talloc_strdup(state->mem_ctx, "");
183 extra_data = talloc_asprintf(
184 state->mem_ctx, "%s\\%s\\%s",
185 names[0], alt_names[0] ? alt_names[0] : names[0],
186 sid_string_talloc(state->mem_ctx, &sids[0]));
188 for (i=1; i<num_domains; i++)
189 extra_data = talloc_asprintf(
190 state->mem_ctx, "%s\n%s\\%s\\%s",
191 extra_data, names[i],
192 alt_names[i] ? alt_names[i] : names[i],
193 sid_string_talloc(state->mem_ctx, &sids[i]));
195 /* add our primary domain */
197 for (i=0; i<num_domains; i++) {
198 if (strequal(names[i], domain->name)) {
199 have_own_domain = True;
204 if (state->request->data.list_all_domains && !have_own_domain) {
205 extra_data = talloc_asprintf(
206 state->mem_ctx, "%s\n%s\\%s\\%s",
207 extra_data, domain->name,
208 domain->alt_name ? domain->alt_name : domain->name,
209 sid_string_talloc(state->mem_ctx, &domain->sid));
212 /* This is a bit excessive, but the extra data sooner or later will be
216 if (extra_data != NULL) {
217 extra_data_len = strlen(extra_data);
220 if (extra_data_len > 0) {
221 state->response->extra_data.data = extra_data;
222 state->response->length += extra_data_len+1;
228 enum winbindd_result winbindd_dual_getdcname(struct winbindd_domain *domain,
229 struct winbindd_cli_state *state)
231 const char *dcname_slash = NULL;
233 struct rpc_pipe_client *netlogon_pipe;
236 unsigned int orig_timeout;
237 struct winbindd_domain *req_domain;
239 state->request->domain_name
240 [sizeof(state->request->domain_name)-1] = '\0';
242 DEBUG(3, ("[%5lu]: Get DC name for %s\n", (unsigned long)state->pid,
243 state->request->domain_name));
245 result = cm_connect_netlogon(domain, &netlogon_pipe);
247 if (!NT_STATUS_IS_OK(result)) {
248 DEBUG(1, ("Can't contact the NETLOGON pipe\n"));
249 return WINBINDD_ERROR;
252 /* This call can take a long time - allow the server to time out.
253 35 seconds should do it. */
255 orig_timeout = rpccli_set_timeout(netlogon_pipe, 35000);
257 req_domain = find_domain_from_name_noinit(state->request->domain_name);
258 if (req_domain == domain) {
259 result = rpccli_netr_GetDcName(netlogon_pipe,
262 state->request->domain_name,
266 result = rpccli_netr_GetAnyDCName(netlogon_pipe,
269 state->request->domain_name,
273 /* And restore our original timeout. */
274 rpccli_set_timeout(netlogon_pipe, orig_timeout);
276 if (!NT_STATUS_IS_OK(result)) {
277 DEBUG(5,("Error requesting DCname for domain %s: %s\n",
278 state->request->domain_name, nt_errstr(result)));
279 return WINBINDD_ERROR;
282 if (!W_ERROR_IS_OK(werr)) {
283 DEBUG(5, ("Error requesting DCname for domain %s: %s\n",
284 state->request->domain_name, win_errstr(werr)));
285 return WINBINDD_ERROR;
296 fstrcpy(state->response->data.dc_name, p);
300 /* This is the child-only version of --sequence. It only allows for a single
301 * domain (ie "our" one) to be displayed. */
303 enum winbindd_result winbindd_dual_show_sequence(struct winbindd_domain *domain,
304 struct winbindd_cli_state *state)
306 DEBUG(3, ("[%5lu]: show sequence\n", (unsigned long)state->pid));
308 /* Ensure null termination */
309 state->request->domain_name[sizeof(state->request->domain_name)-1]='\0';
311 domain->methods->sequence_number(domain, &domain->sequence_number);
313 state->response->data.sequence_number =
314 domain->sequence_number;
319 struct domain_info_state {
320 struct winbindd_domain *domain;
321 struct winbindd_cli_state *cli;
322 struct winbindd_request ping_request;
325 static void domain_info_done(struct tevent_req *req);
327 void winbindd_domain_info(struct winbindd_cli_state *cli)
329 struct domain_info_state *state;
330 struct winbindd_domain *domain;
331 struct tevent_req *req;
333 DEBUG(3, ("[%5lu]: domain_info [%s]\n", (unsigned long)cli->pid,
334 cli->request->domain_name));
336 domain = find_domain_from_name_noinit(cli->request->domain_name);
338 if (domain == NULL) {
339 DEBUG(3, ("Did not find domain [%s]\n",
340 cli->request->domain_name));
345 if (domain->initialized) {
346 fstrcpy(cli->response->data.domain_info.name,
348 fstrcpy(cli->response->data.domain_info.alt_name,
350 sid_to_fstring(cli->response->data.domain_info.sid,
352 cli->response->data.domain_info.native_mode =
354 cli->response->data.domain_info.active_directory =
355 domain->active_directory;
356 cli->response->data.domain_info.primary =
362 state = talloc_zero(cli->mem_ctx, struct domain_info_state);
364 DEBUG(0, ("talloc failed\n"));
370 state->domain = domain;
371 state->ping_request.cmd = WINBINDD_PING;
374 * Send a ping down. This implicitly initializes the domain.
377 req = wb_domain_request_send(state, winbind_event_context(),
378 domain, &state->ping_request);
380 DEBUG(3, ("wb_domain_request_send failed\n"));
384 tevent_req_set_callback(req, domain_info_done, state);
387 static void domain_info_done(struct tevent_req *req)
389 struct domain_info_state *state = tevent_req_callback_data(
390 req, struct domain_info_state);
391 struct winbindd_response *response;
394 ret = wb_domain_request_recv(req, req, &response, &err);
397 DEBUG(10, ("wb_domain_request failed: %s\n", strerror(errno)));
398 request_error(state->cli);
401 if (!state->domain->initialized) {
402 DEBUG(5, ("wb_domain_request did not initialize domain %s\n",
403 state->domain->name));
404 request_error(state->cli);
408 fstrcpy(state->cli->response->data.domain_info.name,
409 state->domain->name);
410 fstrcpy(state->cli->response->data.domain_info.alt_name,
411 state->domain->alt_name);
412 sid_to_fstring(state->cli->response->data.domain_info.sid,
413 &state->domain->sid);
415 state->cli->response->data.domain_info.native_mode =
416 state->domain->native_mode;
417 state->cli->response->data.domain_info.active_directory =
418 state->domain->active_directory;
419 state->cli->response->data.domain_info.primary =
420 state->domain->primary;
422 request_ok(state->cli);
425 /* List various tidbits of information */
427 void winbindd_info(struct winbindd_cli_state *state)
430 DEBUG(3, ("[%5lu]: request misc info\n", (unsigned long)state->pid));
432 state->response->data.info.winbind_separator = *lp_winbind_separator();
433 fstrcpy(state->response->data.info.samba_version, samba_version_string());
437 /* Tell the client the current interface version */
439 void winbindd_interface_version(struct winbindd_cli_state *state)
441 DEBUG(3, ("[%5lu]: request interface version\n",
442 (unsigned long)state->pid));
444 state->response->data.interface_version = WINBIND_INTERFACE_VERSION;
448 /* What domain are we a member of? */
450 void winbindd_domain_name(struct winbindd_cli_state *state)
452 DEBUG(3, ("[%5lu]: request domain name\n", (unsigned long)state->pid));
454 fstrcpy(state->response->data.domain_name, lp_workgroup());
458 /* What's my name again? */
460 void winbindd_netbios_name(struct winbindd_cli_state *state)
462 DEBUG(3, ("[%5lu]: request netbios name\n",
463 (unsigned long)state->pid));
465 fstrcpy(state->response->data.netbios_name, global_myname());
469 /* Where can I find the privileged pipe? */
471 void winbindd_priv_pipe_dir(struct winbindd_cli_state *state)
474 DEBUG(3, ("[%5lu]: request location of privileged pipe\n",
475 (unsigned long)state->pid));
477 priv_dir = get_winbind_priv_pipe_dir();
478 state->response->extra_data.data = talloc_move(state->mem_ctx,
481 /* must add one to length to copy the 0 for string termination */
482 state->response->length +=
483 strlen((char *)state->response->extra_data.data) + 1;
git.samba.org / nivanova / samba-autobuild / .git / blob