#include "../libcli/security/security.h"
#include "passdb/machine_sid.h"
#include "util_tdb.h"
+#include "libsmb/samlogon_cache.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
extern struct winbindd_methods builtin_passdb_methods;
extern struct winbindd_methods sam_passdb_methods;
+static void wcache_flush_cache(void);
+
/*
* JRA. KEEP THIS LIST UP TO DATE IF YOU ADD CACHE ENTRIES.
* Here are the list of entry types that are *not* stored
void (*smb_panic_fn)(const char *const why) = smb_panic;
-#define WINBINDD_MAX_CACHE_SIZE (50*1024*1024)
-
static struct winbind_cache *wcache;
static char *wcache_path(void)
}
if (strequal(domain->name, get_global_sam_name()) &&
- sid_check_is_our_sam(&domain->sid)) {
+ sid_check_is_our_sam(&domain->sid))
+ {
domain->backend = &sam_passdb_methods;
}
- if ( !domain->initialized ) {
+ if (!domain->initialized) {
/* We do not need a connection to an RW DC for cache operation */
init_dc_connection(domain, false);
}
- /*
- OK. Listen up because I'm only going to say this once.
- We have the following scenarios to consider
- (a) trusted AD domains on a Samba DC,
- (b) trusted AD domains and we are joined to a non-kerberos domain
- (c) trusted AD domains and we are joined to a kerberos (AD) domain
-
- For (a) we can always contact the trusted domain using krb5
- since we have the domain trust account password
-
- For (b) we can only use RPC since we have no way of
- getting a krb5 ticket in our own domain
-
- For (c) we can always use krb5 since we have a kerberos trust
-
- --jerry
- */
-
- if (!domain->backend) {
#ifdef HAVE_ADS
+ if (domain->backend == NULL) {
struct winbindd_domain *our_domain = domain;
- /* find our domain first so we can figure out if we
+ /* find our domain first so we can figure out if we
are joined to a kerberized domain */
- if ( !domain->primary )
+ if (!domain->primary) {
our_domain = find_our_domain();
+ }
if ((our_domain->active_directory || IS_DC)
&& domain->active_directory
- && !lp_winbind_rpc_only()) {
- DEBUG(5,("get_cache: Setting ADS methods for domain %s\n", domain->name));
+ && !lp_winbind_rpc_only())
+ {
+ DBG_INFO("Setting ADS methods for domain %s\n",
+ domain->name);
domain->backend = &reconnect_ads_methods;
- } else {
-#endif /* HAVE_ADS */
- DEBUG(5,("get_cache: Setting MS-RPC methods for domain %s\n", domain->name));
- domain->backend = &reconnect_methods;
-#ifdef HAVE_ADS
}
+ }
#endif /* HAVE_ADS */
+
+ if (domain->backend == NULL) {
+ DBG_INFO("Setting MS-RPC methods for domain %s\n", domain->name);
+ domain->backend = &reconnect_methods;
}
- if (ret)
+ if (ret != NULL) {
return ret;
+ }
ret = SMB_XMALLOC_P(struct winbind_cache);
ZERO_STRUCTP(ret);
centry_free(centry);
}
-
-static void wcache_save_user(struct winbindd_domain *domain, NTSTATUS status,
- struct wbint_userinfo *info)
-{
- struct cache_entry *centry;
- fstring sid_string;
-
- if (is_null_sid(&info->user_sid)) {
- return;
- }
-
- centry = centry_start(domain, status);
- if (!centry)
- return;
- centry_put_string(centry, info->acct_name);
- centry_put_string(centry, info->full_name);
- centry_put_string(centry, info->homedir);
- centry_put_string(centry, info->shell);
- centry_put_uint32(centry, info->primary_gid);
- centry_put_sid(centry, &info->user_sid);
- centry_put_sid(centry, &info->group_sid);
- centry_end(centry, "U/%s", sid_to_fstring(sid_string,
- &info->user_sid));
- DEBUG(10,("wcache_save_user: %s (acct_name %s)\n", sid_string, info->acct_name));
- centry_free(centry);
-}
-
static void wcache_save_lockout_policy(struct winbindd_domain *domain,
NTSTATUS status,
struct samr_DomInfo12 *lockout_policy)
if (!cache->tdb)
goto do_query;
- upper_name = talloc_strdup(mem_ctx, name);
+ upper_name = talloc_strdup_upper(mem_ctx, name);
if (upper_name == NULL) {
return NT_STATUS_NO_MEMORY;
}
- if (!strupper_m(upper_name)) {
- talloc_free(upper_name);
- return NT_STATUS_INVALID_PARAMETER;
- }
centry = wcache_fetch(cache, domain, "NSS/NA/%s", upper_name);
NTSTATUS wcache_cached_creds_exist(struct winbindd_domain *domain, const struct dom_sid *sid)
{
struct winbind_cache *cache = get_cache(domain);
- TDB_DATA data;
+ int ret;
fstring key_str, tmp;
uint32_t rid;
fstr_sprintf(key_str, "CRED/%s", sid_to_fstring(tmp, sid));
- data = tdb_fetch(cache->tdb, string_tdb_data(key_str));
- if (!data.dptr) {
+ ret = tdb_exists(cache->tdb, string_tdb_data(key_str));
+ if (ret != 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
- SAFE_FREE(data.dptr);
return NT_STATUS_OK;
}
/* Query display info. This is the basic user list fn */
-static NTSTATUS query_user_list(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- uint32_t *num_entries,
- struct wbint_userinfo **info)
+NTSTATUS wb_cache_query_user_list(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ uint32_t **prids)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
+ uint32_t num_rids = 0;
+ uint32_t *rids = NULL;
NTSTATUS status;
unsigned int i, retry;
bool old_status = domain->online;
+ *prids = NULL;
+
if (!cache->tdb)
goto do_query;
goto do_query;
do_fetch_cache:
- *num_entries = centry_uint32(centry);
+ num_rids = centry_uint32(centry);
- if (*num_entries == 0)
+ if (num_rids == 0) {
goto do_cached;
+ }
- (*info) = talloc_array(mem_ctx, struct wbint_userinfo, *num_entries);
- if (! (*info)) {
- smb_panic_fn("query_user_list out of memory");
+ rids = talloc_array(mem_ctx, uint32_t, num_rids);
+ if (rids == NULL) {
+ centry_free(centry);
+ return NT_STATUS_NO_MEMORY;
}
- for (i=0; i<(*num_entries); i++) {
- (*info)[i].acct_name = centry_string(centry, mem_ctx);
- (*info)[i].full_name = centry_string(centry, mem_ctx);
- (*info)[i].homedir = centry_string(centry, mem_ctx);
- (*info)[i].shell = centry_string(centry, mem_ctx);
- centry_sid(centry, &(*info)[i].user_sid);
- centry_sid(centry, &(*info)[i].group_sid);
+
+ for (i=0; i<num_rids; i++) {
+ rids[i] = centry_uint32(centry);
}
do_cached:
return status;
do_query:
- *num_entries = 0;
- *info = NULL;
/* Return status value returned by seq number check */
DEBUG(10,("query_user_list: [Cached] - doing backend query for list for domain %s\n",
domain->name ));
- status = domain->backend->query_user_list(domain, mem_ctx, num_entries, info);
+ rids = NULL;
+ status = domain->backend->query_user_list(domain, mem_ctx,
+ &rids);
+ num_rids = talloc_array_length(rids);
+
if (!NT_STATUS_IS_OK(status)) {
DEBUG(3, ("query_user_list: returned 0x%08x, "
"retrying\n", NT_STATUS_V(status)));
set_domain_offline(domain);
}
/* store partial response. */
- if (*num_entries > 0) {
+ if (num_rids > 0) {
/*
* humm, what about the status used for cache?
* Should it be NT_STATUS_OK?
centry = centry_start(domain, status);
if (!centry)
goto skip_save;
- centry_put_uint32(centry, *num_entries);
- for (i=0; i<(*num_entries); i++) {
- centry_put_string(centry, (*info)[i].acct_name);
- centry_put_string(centry, (*info)[i].full_name);
- centry_put_string(centry, (*info)[i].homedir);
- centry_put_string(centry, (*info)[i].shell);
- centry_put_sid(centry, &(*info)[i].user_sid);
- centry_put_sid(centry, &(*info)[i].group_sid);
- if (domain->backend && domain->backend->consistent) {
- /* when the backend is consistent we can pre-prime some mappings */
- wcache_save_name_to_sid(domain, NT_STATUS_OK,
- domain->name,
- (*info)[i].acct_name,
- &(*info)[i].user_sid,
- SID_NAME_USER);
- wcache_save_sid_to_name(domain, NT_STATUS_OK,
- &(*info)[i].user_sid,
- domain->name,
- (*info)[i].acct_name,
- SID_NAME_USER);
- wcache_save_user(domain, NT_STATUS_OK, &(*info)[i]);
- }
+ centry_put_uint32(centry, num_rids);
+ for (i=0; i<num_rids; i++) {
+ centry_put_uint32(centry, rids[i]);
}
centry_end(centry, "UL/%s", domain->name);
centry_free(centry);
+ *prids = rids;
+
skip_save:
return status;
}
/* list all domain groups */
-static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- uint32_t *num_entries,
- struct wb_acct_info **info)
+NTSTATUS wb_cache_enum_dom_groups(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ uint32_t *num_entries,
+ struct wb_acct_info **info)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
}
/* list all domain groups */
-static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- uint32_t *num_entries,
- struct wb_acct_info **info)
+NTSTATUS wb_cache_enum_local_groups(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ uint32_t *num_entries,
+ struct wb_acct_info **info)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
return status;
}
-NTSTATUS wcache_name_to_sid(struct winbindd_domain *domain,
- const char *domain_name,
- const char *name,
- struct dom_sid *sid,
- enum lsa_SidType *type)
+static NTSTATUS wcache_name_to_sid(struct winbindd_domain *domain,
+ const char *domain_name,
+ const char *name,
+ struct dom_sid *sid,
+ enum lsa_SidType *type)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry;
}
/* convert a single name to a sid in a domain */
-static NTSTATUS name_to_sid(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- const char *domain_name,
- const char *name,
- uint32_t flags,
- struct dom_sid *sid,
- enum lsa_SidType *type)
+NTSTATUS wb_cache_name_to_sid(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ const char *domain_name,
+ const char *name,
+ uint32_t flags,
+ struct dom_sid *sid,
+ enum lsa_SidType *type)
{
NTSTATUS status;
bool old_status;
/* convert a sid to a user or group name. The sid is guaranteed to be in the domain
given */
-static NTSTATUS sid_to_name(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *sid,
- char **domain_name,
- char **name,
- enum lsa_SidType *type)
+NTSTATUS wb_cache_sid_to_name(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ const struct dom_sid *sid,
+ char **domain_name,
+ char **name,
+ enum lsa_SidType *type)
{
NTSTATUS status;
bool old_status;
return status;
}
-static NTSTATUS rids_to_names(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *domain_sid,
- uint32_t *rids,
- size_t num_rids,
- char **domain_name,
- char ***names,
- enum lsa_SidType **types)
+NTSTATUS wb_cache_rids_to_names(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ const struct dom_sid *domain_sid,
+ uint32_t *rids,
+ size_t num_rids,
+ char **domain_name,
+ char ***names,
+ enum lsa_SidType **types)
{
struct winbind_cache *cache = get_cache(domain);
size_t i;
names, types);
if (NT_STATUS_EQUAL(result, NT_STATUS_IO_TIMEOUT) ||
- NT_STATUS_EQUAL(result, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)) {
+ NT_STATUS_EQUAL(result, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)) {
if (!domain->internal && old_status) {
set_domain_offline(domain);
}
return result;
}
-NTSTATUS wcache_query_user(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *user_sid,
- struct wbint_userinfo *info)
+static NTSTATUS wcache_query_user(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ const struct dom_sid *user_sid,
+ struct wbint_userinfo *info)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
and the rest of the data doesn't matter */
status = centry->status;
if (NT_STATUS_IS_OK(status)) {
+ info->domain_name = centry_string(centry, mem_ctx);
info->acct_name = centry_string(centry, mem_ctx);
info->full_name = centry_string(centry, mem_ctx);
info->homedir = centry_string(centry, mem_ctx);
info->shell = centry_string(centry, mem_ctx);
+ info->uid = centry_uint32(centry);
info->primary_gid = centry_uint32(centry);
+ info->primary_group_name = centry_string(centry, mem_ctx);
centry_sid(centry, &info->user_sid);
centry_sid(centry, &info->group_sid);
}
return NT_STATUS_OK;
}
-/* Lookup user information from a rid */
-static NTSTATUS query_user(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *user_sid,
- struct wbint_userinfo *info)
-{
- NTSTATUS status;
- bool old_status;
-
- old_status = domain->online;
- status = wcache_query_user(domain, mem_ctx, user_sid, info);
- if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
- return status;
- }
-
- ZERO_STRUCTP(info);
-
- /* Return status value returned by seq number check */
-
- if (!NT_STATUS_IS_OK(domain->last_status))
- return domain->last_status;
-
- DEBUG(10,("query_user: [Cached] - doing backend query for info for domain %s\n",
- domain->name ));
-
- status = domain->backend->query_user(domain, mem_ctx, user_sid, info);
-
- if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT) ||
- NT_STATUS_EQUAL(status, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)) {
- if (!domain->internal && old_status) {
- set_domain_offline(domain);
- }
- if (!domain->internal &&
- !domain->online &&
- old_status) {
- NTSTATUS cache_status;
- cache_status = wcache_query_user(domain, mem_ctx, user_sid, info);
- return cache_status;
- }
- }
- /* and save it */
- refresh_sequence_number(domain);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
- wcache_save_user(domain, status, info);
-
- return status;
-}
-
-NTSTATUS wcache_lookup_usergroups(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *user_sid,
- uint32_t *pnum_sids,
- struct dom_sid **psids)
+static NTSTATUS wcache_lookup_usergroups(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ const struct dom_sid *user_sid,
+ uint32_t *pnum_sids,
+ struct dom_sid **psids)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
}
/* Lookup groups a user is a member of. */
-static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *user_sid,
- uint32_t *num_groups, struct dom_sid **user_gids)
+NTSTATUS wb_cache_lookup_usergroups(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ const struct dom_sid *user_sid,
+ uint32_t *num_groups,
+ struct dom_sid **user_gids)
{
struct cache_entry *centry = NULL;
NTSTATUS status;
return sidlist;
}
-NTSTATUS wcache_lookup_useraliases(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx, uint32_t num_sids,
- const struct dom_sid *sids,
- uint32_t *pnum_aliases, uint32_t **paliases)
+static NTSTATUS wcache_lookup_useraliases(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ uint32_t num_sids,
+ const struct dom_sid *sids,
+ uint32_t *pnum_aliases,
+ uint32_t **paliases)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
- uint32_t num_aliases;
+ uint32_t i, num_aliases;
uint32_t *aliases;
NTSTATUS status;
char *sidlist;
- int i;
if (cache->tdb == NULL) {
return NT_STATUS_NOT_FOUND;
return status;
}
-static NTSTATUS lookup_useraliases(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- uint32_t num_sids, const struct dom_sid *sids,
- uint32_t *num_aliases, uint32_t **alias_rids)
+NTSTATUS wb_cache_lookup_useraliases(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ uint32_t num_sids,
+ const struct dom_sid *sids,
+ uint32_t *num_aliases,
+ uint32_t **alias_rids)
{
struct cache_entry *centry = NULL;
NTSTATUS status;
char *sidlist;
- int i;
+ uint32_t i;
bool old_status;
old_status = domain->online;
return status;
}
-NTSTATUS wcache_lookup_groupmem(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *group_sid,
- uint32_t *num_names,
- struct dom_sid **sid_mem, char ***names,
- uint32_t **name_types)
+static NTSTATUS wcache_lookup_groupmem(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ const struct dom_sid *group_sid,
+ uint32_t *num_names,
+ struct dom_sid **sid_mem, char ***names,
+ uint32_t **name_types)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
return status;
}
-static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *group_sid,
- enum lsa_SidType type,
- uint32_t *num_names,
- struct dom_sid **sid_mem, char ***names,
- uint32_t **name_types)
+NTSTATUS wb_cache_lookup_groupmem(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ const struct dom_sid *group_sid,
+ enum lsa_SidType type,
+ uint32_t *num_names,
+ struct dom_sid **sid_mem,
+ char ***names,
+ uint32_t **name_types)
{
struct cache_entry *centry = NULL;
NTSTATUS status;
}
/* find the sequence number for a domain */
-static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32_t *seq)
+NTSTATUS wb_cache_sequence_number(struct winbindd_domain *domain,
+ uint32_t *seq)
{
refresh_sequence_number(domain);
/* enumerate trusted domains
* (we need to have the list of trustdoms in the cache when we go offline) -
* Guenther */
-static NTSTATUS trusted_domains(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- struct netr_DomainTrustList *trusts)
+NTSTATUS wb_cache_trusted_domains(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ struct netr_DomainTrustList *trusts)
{
NTSTATUS status;
struct winbind_cache *cache;
struct winbindd_tdc_domain *dom_list = NULL;
size_t num_domains = 0;
bool retval = false;
- int i;
+ size_t i;
bool old_status;
old_status = domain->online;
}
/* get lockout policy */
-static NTSTATUS lockout_policy(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- struct samr_DomInfo12 *policy)
+NTSTATUS wb_cache_lockout_policy(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ struct samr_DomInfo12 *policy)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
}
/* get password policy */
-static NTSTATUS password_policy(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- struct samr_DomInfo1 *policy)
+NTSTATUS wb_cache_password_policy(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ struct samr_DomInfo1 *policy)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
return true;
}
-bool init_wcache(void)
+static bool init_wcache(void)
{
char *db_path;
enum lsa_SidType type,
const struct dom_sid *sid)
{
+ /*
+ * Ensure we store the mapping with the
+ * existing sequence number from the cache.
+ */
+ get_cache(domain);
+ (void)fetch_cache_seqnum(domain, time(NULL));
wcache_save_name_to_sid(domain,
NT_STATUS_OK,
domain_name,
}
/* flush the cache */
-void wcache_flush_cache(void)
+static void wcache_flush_cache(void)
{
char *db_path;
(void)centry_string(centry, mem_ctx);
(void)centry_string(centry, mem_ctx);
(void)centry_string(centry, mem_ctx);
+ (void)centry_string(centry, mem_ctx);
+ (void)centry_uint32(centry);
(void)centry_uint32(centry);
+ (void)centry_string(centry, mem_ctx);
(void)centry_sid(centry, &sid);
(void)centry_sid(centry, &sid);
num_entries = (int32_t)centry_uint32(centry);
for (i=0; i< num_entries; i++) {
- struct dom_sid sid;
- (void)centry_string(centry, mem_ctx);
- (void)centry_string(centry, mem_ctx);
- (void)centry_string(centry, mem_ctx);
- (void)centry_string(centry, mem_ctx);
- (void)centry_sid(centry, &sid);
- (void)centry_sid(centry, &sid);
+ (void)centry_uint32(centry);
}
centry_free(centry);
return 0;
}
-static int validate_pwinfo(TALLOC_CTX *mem_ctx, const char *keystr,
- TDB_DATA dbuf, struct tdb_validation_status *state)
-{
- struct cache_entry *centry = create_centry_validate(keystr, dbuf, state);
-
- if (!centry) {
- return 1;
- }
-
- (void)centry_string(centry, mem_ctx);
- (void)centry_string(centry, mem_ctx);
- (void)centry_string(centry, mem_ctx);
- (void)centry_uint32(centry);
-
- centry_free(centry);
-
- if (!(state->success)) {
- return 1;
- }
- DEBUG(10,("validate_pwinfo: %s ok\n", keystr));
- return 0;
-}
-
static int validate_nss_an(TALLOC_CTX *mem_ctx, const char *keystr,
TDB_DATA dbuf,
struct tdb_validation_status *state)
if (!(state->success)) {
return 1;
}
- DEBUG(10,("validate_pwinfo: %s ok\n", keystr));
+ DBG_DEBUG("%s ok\n", keystr);
return 0;
}
{"GM/", validate_gm},
{"DR/", validate_dr},
{"DE/", validate_de},
- {"NSS/PWINFO/", validate_pwinfo},
{"TRUSTDOMCACHE/", validate_trustdomcache},
{"NSS/NA/", validate_nss_na},
{"NSS/AN/", validate_nss_an},
size_t *num_domains )
{
struct winbindd_tdc_domain *list = NULL;
- size_t idx;
- int i;
+ size_t i, idx;
bool set_only = false;
/* don't allow duplicates */
unsigned char *buffer = NULL;
int len = 0;
int buflen = 0;
- int i = 0;
+ size_t i = 0;
DEBUG(10,("pack_tdc_domains: Packing %d trusted domains\n",
(int)num_domains));
{
struct winbindd_tdc_domain *dom_list = NULL;
size_t num_domains = 0;
- int i;
+ size_t i;
struct winbindd_tdc_domain *d = NULL;
DEBUG(10,("wcache_tdc_fetch_domain: Searching for domain %s\n", name));
return d;
}
-/*********************************************************************
- ********************************************************************/
-
-struct winbindd_tdc_domain*
- wcache_tdc_fetch_domainbysid(TALLOC_CTX *ctx,
- const struct dom_sid *sid)
-{
- struct winbindd_tdc_domain *dom_list = NULL;
- size_t num_domains = 0;
- int i;
- struct winbindd_tdc_domain *d = NULL;
-
- DEBUG(10,("wcache_tdc_fetch_domainbysid: Searching for domain %s\n",
- sid_string_dbg(sid)));
-
- if (!init_wcache()) {
- return NULL;
- }
-
- /* fetch the list */
-
- wcache_tdc_fetch_list(&dom_list, &num_domains);
-
- for (i = 0; i<num_domains; i++) {
- if (dom_sid_equal(sid, &(dom_list[i].sid))) {
- DEBUG(10, ("wcache_tdc_fetch_domainbysid: "
- "Found domain %s for SID %s\n",
- dom_list[i].domain_name,
- sid_string_dbg(sid)));
-
- d = wcache_tdc_dup_domain(ctx, &dom_list[i]);
- break;
- }
- }
-
- TALLOC_FREE(dom_list);
-
- return d;
-}
-
-
/*********************************************************************
********************************************************************/
return;
}
-
-/*********************************************************************
- ********************************************************************/
-
-static void wcache_save_user_pwinfo(struct winbindd_domain *domain,
- NTSTATUS status,
- const struct dom_sid *user_sid,
- const char *homedir,
- const char *shell,
- const char *gecos,
- uint32_t gid)
-{
- struct cache_entry *centry;
- fstring tmp;
-
- if ( (centry = centry_start(domain, status)) == NULL )
- return;
-
- centry_put_string( centry, homedir );
- centry_put_string( centry, shell );
- centry_put_string( centry, gecos );
- centry_put_uint32( centry, gid );
-
- centry_end(centry, "NSS/PWINFO/%s", sid_to_fstring(tmp, user_sid) );
-
- DEBUG(10,("wcache_save_user_pwinfo: %s\n", sid_string_dbg(user_sid) ));
-
- centry_free(centry);
-}
-
-#ifdef HAVE_ADS
-
-NTSTATUS nss_get_info_cached( struct winbindd_domain *domain,
- const struct dom_sid *user_sid,
- TALLOC_CTX *ctx,
- const char **homedir, const char **shell,
- const char **gecos, gid_t *p_gid)
-{
- struct winbind_cache *cache = get_cache(domain);
- struct cache_entry *centry = NULL;
- NTSTATUS nt_status;
- fstring tmp;
-
- if (!cache->tdb)
- goto do_query;
-
- centry = wcache_fetch(cache, domain, "NSS/PWINFO/%s",
- sid_to_fstring(tmp, user_sid));
-
- if (!centry)
- goto do_query;
-
- *homedir = centry_string( centry, ctx );
- *shell = centry_string( centry, ctx );
- *gecos = centry_string( centry, ctx );
- *p_gid = centry_uint32( centry );
-
- centry_free(centry);
-
- DEBUG(10,("nss_get_info_cached: [Cached] - user_sid %s\n",
- sid_string_dbg(user_sid)));
-
- return NT_STATUS_OK;
-
-do_query:
-
- nt_status = nss_get_info( domain->name, user_sid, ctx,
- homedir, shell, gecos, p_gid );
-
- DEBUG(10, ("nss_get_info returned %s\n", nt_errstr(nt_status)));
-
- if ( NT_STATUS_IS_OK(nt_status) ) {
- DEBUG(10, ("result:\n\thomedir = '%s'\n", *homedir));
- DEBUGADD(10, ("\tshell = '%s'\n", *shell));
- DEBUGADD(10, ("\tgecos = '%s'\n", *gecos));
- DEBUGADD(10, ("\tgid = '%u'\n", (unsigned int)*p_gid));
-
- wcache_save_user_pwinfo( domain, nt_status, user_sid,
- *homedir, *shell, *gecos, *p_gid );
- }
-
- if ( NT_STATUS_EQUAL( nt_status, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND ) ) {
- DEBUG(5,("nss_get_info_cached: Setting domain %s offline\n",
- domain->name ));
- set_domain_offline( domain );
- }
-
- return nt_status;
-}
-
-#endif
-
-/* the cache backend methods are exposed via this structure */
-struct winbindd_methods cache_methods = {
- true,
- query_user_list,
- enum_dom_groups,
- enum_local_groups,
- name_to_sid,
- sid_to_name,
- rids_to_names,
- query_user,
- lookup_usergroups,
- lookup_useraliases,
- lookup_groupmem,
- sequence_number,
- lockout_policy,
- password_policy,
- trusted_domains
-};
-
static bool wcache_ndr_key(TALLOC_CTX *mem_ctx, const char *domain_name,
uint32_t opnum, const DATA_BLOB *req,
TDB_DATA *pkey)
goto fail;
}
- if (!is_domain_offline(domain)) {
+ if (is_domain_online(domain)) {
uint32_t entry_seqnum, dom_seqnum, last_check;
uint64_t entry_timeout;