as discussed on irc, this is a small patch that allows a few more
[tprouty/samba.git] / source / nsswitch / wbinfo.c
1 /* 
2    Unix SMB/CIFS implementation.
3
4    Winbind status program.
5
6    Copyright (C) Tim Potter      2000-2003
7    Copyright (C) Andrew Bartlett 2002
8    
9    This program is free software; you can redistribute it and/or modify
10    it under the terms of the GNU General Public License as published by
11    the Free Software Foundation; either version 2 of the License, or
12    (at your option) any later version.
13    
14    This program is distributed in the hope that it will be useful,
15    but WITHOUT ANY WARRANTY; without even the implied warranty of
16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17    GNU General Public License for more details.
18    
19    You should have received a copy of the GNU General Public License
20    along with this program; if not, write to the Free Software
21    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24 #include "includes.h"
25 #include "winbindd.h"
26 #include "debug.h"
27
28 #undef DBGC_CLASS
29 #define DBGC_CLASS DBGC_WINBIND
30
31 extern int winbindd_fd;
32
33 static char winbind_separator(void)
34 {
35         struct winbindd_response response;
36         static BOOL got_sep;
37         static char sep;
38
39         if (got_sep)
40                 return sep;
41
42         ZERO_STRUCT(response);
43
44         /* Send off request */
45
46         if (winbindd_request(WINBINDD_INFO, NULL, &response) !=
47             NSS_STATUS_SUCCESS) {
48                 d_printf("could not obtain winbind separator!\n");
49                 /* HACK: (this module should not call lp_ funtions) */
50                 return *lp_winbind_separator();
51         }
52
53         sep = response.data.info.winbind_separator;
54         got_sep = True;
55
56         if (!sep) {
57                 d_printf("winbind separator was NULL!\n");
58                 /* HACK: (this module should not call lp_ funtions) */
59                 sep = *lp_winbind_separator();
60         }
61         
62         return sep;
63 }
64
65 static const char *get_winbind_domain(void)
66 {
67         struct winbindd_response response;
68         static fstring winbind_domain;
69
70         ZERO_STRUCT(response);
71
72         /* Send off request */
73
74         if (winbindd_request(WINBINDD_DOMAIN_NAME, NULL, &response) !=
75             NSS_STATUS_SUCCESS) {
76                 d_printf("could not obtain winbind domain name!\n");
77                 
78                 /* HACK: (this module should not call lp_ funtions) */
79                 return lp_workgroup();
80         }
81
82         fstrcpy(winbind_domain, response.data.domain_name);
83
84         return winbind_domain;
85
86 }
87
88 /* Copy of parse_domain_user from winbindd_util.c.  Parse a string of the
89    form DOMAIN/user into a domain and a user */
90
91 static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, 
92                                      fstring user)
93 {
94
95         char *p = strchr(domuser,winbind_separator());
96
97         if (!p) {
98                 fstrcpy(user, domuser);
99                 fstrcpy(domain, get_winbind_domain());
100                 return True;
101         }
102         
103         fstrcpy(user, p+1);
104         fstrcpy(domain, domuser);
105         domain[PTR_DIFF(p, domuser)] = 0;
106         strupper_m(domain);
107
108         return True;
109 }
110
111 /* List groups a user is a member of */
112
113 static BOOL wbinfo_get_usergroups(char *user)
114 {
115         struct winbindd_request request;
116         struct winbindd_response response;
117         NSS_STATUS result;
118         int i;
119         
120         ZERO_STRUCT(response);
121
122         /* Send request */
123
124         fstrcpy(request.data.username, user);
125
126         result = winbindd_request(WINBINDD_GETGROUPS, &request, &response);
127
128         if (result != NSS_STATUS_SUCCESS)
129                 return False;
130
131         for (i = 0; i < response.data.num_entries; i++)
132                 d_printf("%d\n", (int)((gid_t *)response.extra_data)[i]);
133
134         SAFE_FREE(response.extra_data);
135
136         return True;
137 }
138
139
140 /* List group SIDs a user SID is a member of */
141 static BOOL wbinfo_get_usersids(char *user_sid)
142 {
143         struct winbindd_request request;
144         struct winbindd_response response;
145         NSS_STATUS result;
146         int i;
147         const char *s;
148
149         ZERO_STRUCT(response);
150
151         /* Send request */
152         fstrcpy(request.data.sid, user_sid);
153
154         result = winbindd_request(WINBINDD_GETUSERSIDS, &request, &response);
155
156         if (result != NSS_STATUS_SUCCESS)
157                 return False;
158
159         s = response.extra_data;
160         for (i = 0; i < response.data.num_entries; i++) {
161                 d_printf("%s\n", s);
162                 s += strlen(s) + 1;
163         }
164
165         SAFE_FREE(response.extra_data);
166
167         return True;
168 }
169
170 /* Convert NetBIOS name to IP */
171
172 static BOOL wbinfo_wins_byname(char *name)
173 {
174         struct winbindd_request request;
175         struct winbindd_response response;
176
177         ZERO_STRUCT(request);
178         ZERO_STRUCT(response);
179
180         /* Send request */
181
182         fstrcpy(request.data.winsreq, name);
183
184         if (winbindd_request(WINBINDD_WINS_BYNAME, &request, &response) !=
185             NSS_STATUS_SUCCESS) {
186                 return False;
187         }
188
189         /* Display response */
190
191         printf("%s\n", response.data.winsresp);
192
193         return True;
194 }
195
196 /* Convert IP to NetBIOS name */
197
198 static BOOL wbinfo_wins_byip(char *ip)
199 {
200         struct winbindd_request request;
201         struct winbindd_response response;
202
203         ZERO_STRUCT(request);
204         ZERO_STRUCT(response);
205
206         /* Send request */
207
208         fstrcpy(request.data.winsreq, ip);
209
210         if (winbindd_request(WINBINDD_WINS_BYIP, &request, &response) !=
211             NSS_STATUS_SUCCESS) {
212                 return False;
213         }
214
215         /* Display response */
216
217         printf("%s\n", response.data.winsresp);
218
219         return True;
220 }
221
222 /* List trusted domains */
223
224 static BOOL wbinfo_list_domains(void)
225 {
226         struct winbindd_response response;
227         fstring name;
228
229         ZERO_STRUCT(response);
230
231         /* Send request */
232
233         if (winbindd_request(WINBINDD_LIST_TRUSTDOM, NULL, &response) !=
234             NSS_STATUS_SUCCESS)
235                 return False;
236
237         /* Display response */
238
239         if (response.extra_data) {
240                 const char *extra_data = (char *)response.extra_data;
241
242                 while(next_token(&extra_data, name, ",", sizeof(fstring)))
243                         d_printf("%s\n", name);
244
245                 SAFE_FREE(response.extra_data);
246         }
247
248         return True;
249 }
250
251
252 /* show sequence numbers */
253 static BOOL wbinfo_show_sequence(const char *domain)
254 {
255         struct winbindd_request  request;
256         struct winbindd_response response;
257
258         ZERO_STRUCT(response);
259         ZERO_STRUCT(request);
260
261         if ( domain )
262                 fstrcpy( request.domain_name, domain );
263
264         /* Send request */
265
266         if (winbindd_request(WINBINDD_SHOW_SEQUENCE, &request, &response) !=
267             NSS_STATUS_SUCCESS)
268                 return False;
269
270         /* Display response */
271
272         if (response.extra_data) {
273                 char *extra_data = (char *)response.extra_data;
274                 d_printf("%s", extra_data);
275                 SAFE_FREE(response.extra_data);
276         }
277
278         return True;
279 }
280
281 /* Check trust account password */
282
283 static BOOL wbinfo_check_secret(void)
284 {
285         struct winbindd_response response;
286         NSS_STATUS result;
287
288         ZERO_STRUCT(response);
289
290         result = winbindd_request(WINBINDD_CHECK_MACHACC, NULL, &response);
291                 
292         d_printf("checking the trust secret via RPC calls %s\n", 
293                  (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
294
295         if (result != NSS_STATUS_SUCCESS)       
296                 d_printf("error code was %s (0x%x)\n", 
297                          response.data.auth.nt_status_string, 
298                          response.data.auth.nt_status);
299         
300         return result == NSS_STATUS_SUCCESS;    
301 }
302
303 /* Convert uid to sid */
304
305 static BOOL wbinfo_uid_to_sid(uid_t uid)
306 {
307         struct winbindd_request request;
308         struct winbindd_response response;
309
310         ZERO_STRUCT(request);
311         ZERO_STRUCT(response);
312
313         /* Send request */
314
315         request.data.uid = uid;
316
317         if (winbindd_request(WINBINDD_UID_TO_SID, &request, &response) !=
318             NSS_STATUS_SUCCESS)
319                 return False;
320
321         /* Display response */
322
323         d_printf("%s\n", response.data.sid.sid);
324
325         return True;
326 }
327
328 /* Convert gid to sid */
329
330 static BOOL wbinfo_gid_to_sid(gid_t gid)
331 {
332         struct winbindd_request request;
333         struct winbindd_response response;
334
335         ZERO_STRUCT(request);
336         ZERO_STRUCT(response);
337
338         /* Send request */
339
340         request.data.gid = gid;
341
342         if (winbindd_request(WINBINDD_GID_TO_SID, &request, &response) !=
343             NSS_STATUS_SUCCESS)
344                 return False;
345
346         /* Display response */
347
348         d_printf("%s\n", response.data.sid.sid);
349
350         return True;
351 }
352
353 /* Convert sid to uid */
354
355 static BOOL wbinfo_sid_to_uid(char *sid)
356 {
357         struct winbindd_request request;
358         struct winbindd_response response;
359
360         ZERO_STRUCT(request);
361         ZERO_STRUCT(response);
362
363         /* Send request */
364
365         fstrcpy(request.data.sid, sid);
366
367         if (winbindd_request(WINBINDD_SID_TO_UID, &request, &response) !=
368             NSS_STATUS_SUCCESS)
369                 return False;
370
371         /* Display response */
372
373         d_printf("%d\n", (int)response.data.uid);
374
375         return True;
376 }
377
378 static BOOL wbinfo_sid_to_gid(char *sid)
379 {
380         struct winbindd_request request;
381         struct winbindd_response response;
382
383         ZERO_STRUCT(request);
384         ZERO_STRUCT(response);
385
386         /* Send request */
387
388         fstrcpy(request.data.sid, sid);
389
390         if (winbindd_request(WINBINDD_SID_TO_GID, &request, &response) !=
391             NSS_STATUS_SUCCESS)
392                 return False;
393
394         /* Display response */
395
396         d_printf("%d\n", (int)response.data.gid);
397
398         return True;
399 }
400
401 /* Convert sid to string */
402
403 static BOOL wbinfo_lookupsid(char *sid)
404 {
405         struct winbindd_request request;
406         struct winbindd_response response;
407
408         ZERO_STRUCT(request);
409         ZERO_STRUCT(response);
410
411         /* Send off request */
412
413         fstrcpy(request.data.sid, sid);
414
415         if (winbindd_request(WINBINDD_LOOKUPSID, &request, &response) !=
416             NSS_STATUS_SUCCESS)
417                 return False;
418
419         /* Display response */
420
421         d_printf("%s%c%s %d\n", response.data.name.dom_name, 
422                  winbind_separator(), response.data.name.name, 
423                  response.data.name.type);
424
425         return True;
426 }
427
428 /* Convert string to sid */
429
430 static BOOL wbinfo_lookupname(char *name)
431 {
432         struct winbindd_request request;
433         struct winbindd_response response;
434
435         /* Send off request */
436
437         ZERO_STRUCT(request);
438         ZERO_STRUCT(response);
439
440         parse_wbinfo_domain_user(name, request.data.name.dom_name, 
441                                  request.data.name.name);
442
443         if (winbindd_request(WINBINDD_LOOKUPNAME, &request, &response) !=
444             NSS_STATUS_SUCCESS)
445                 return False;
446
447         /* Display response */
448
449         d_printf("%s %d\n", response.data.sid.sid, response.data.sid.type);
450
451         return True;
452 }
453
454 /* Authenticate a user with a plaintext password */
455
456 static BOOL wbinfo_auth(char *username)
457 {
458         struct winbindd_request request;
459         struct winbindd_response response;
460         NSS_STATUS result;
461         char *p;
462
463         /* Send off request */
464
465         ZERO_STRUCT(request);
466         ZERO_STRUCT(response);
467
468         p = strchr(username, '%');
469
470         if (p) {
471                 *p = 0;
472                 fstrcpy(request.data.auth.user, username);
473                 fstrcpy(request.data.auth.pass, p + 1);
474                 *p = '%';
475         } else
476                 fstrcpy(request.data.auth.user, username);
477
478         result = winbindd_request(WINBINDD_PAM_AUTH, &request, &response);
479
480         /* Display response */
481
482         d_printf("plaintext password authentication %s\n", 
483                (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
484
485         if (response.data.auth.nt_status)
486                 d_printf("error code was %s (0x%x)\nerror messsage was: %s\n", 
487                          response.data.auth.nt_status_string, 
488                          response.data.auth.nt_status,
489                          response.data.auth.error_string);
490
491         return result == NSS_STATUS_SUCCESS;
492 }
493
494 /* Authenticate a user with a challenge/response */
495
496 static BOOL wbinfo_auth_crap(char *username)
497 {
498         struct winbindd_request request;
499         struct winbindd_response response;
500         NSS_STATUS result;
501         fstring name_user;
502         fstring name_domain;
503         fstring pass;
504         char *p;
505
506         /* Send off request */
507
508         ZERO_STRUCT(request);
509         ZERO_STRUCT(response);
510
511         p = strchr(username, '%');
512
513         if (p) {
514                 *p = 0;
515                 fstrcpy(pass, p + 1);
516         }
517                 
518         parse_wbinfo_domain_user(username, name_domain, name_user);
519
520         if (push_utf8_fstring(request.data.auth_crap.user, name_user) == -1) {
521                 d_printf("unable to create utf8 string for '%s'\n",
522                          name_user);
523                 return False;
524         }
525
526         if (push_utf8_fstring(request.data.auth_crap.domain, 
527                               name_domain) == -1) {
528                 d_printf("unable to create utf8 string for '%s'\n",
529                          name_domain);
530                 return False;
531         }
532
533         generate_random_buffer(request.data.auth_crap.chal, 8, False);
534         
535         SMBencrypt(pass, request.data.auth_crap.chal, 
536                    (uchar *)request.data.auth_crap.lm_resp);
537         SMBNTencrypt(pass, request.data.auth_crap.chal,
538                      (uchar *)request.data.auth_crap.nt_resp);
539
540         request.data.auth_crap.lm_resp_len = 24;
541         request.data.auth_crap.nt_resp_len = 24;
542
543         result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response);
544
545         /* Display response */
546
547         d_printf("challenge/response password authentication %s\n", 
548                (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
549
550         if (response.data.auth.nt_status)
551                 d_printf("error code was %s (0x%x)\nerror messsage was: %s\n", 
552                          response.data.auth.nt_status_string, 
553                          response.data.auth.nt_status,
554                          response.data.auth.error_string);
555
556         return result == NSS_STATUS_SUCCESS;
557 }
558
559 /******************************************************************
560  create a winbindd user
561 ******************************************************************/
562
563 static BOOL wbinfo_create_user(char *username)
564 {
565         struct winbindd_request request;
566         struct winbindd_response response;
567         NSS_STATUS result;
568
569         /* Send off request */
570
571         ZERO_STRUCT(request);
572         ZERO_STRUCT(response);
573
574         request.flags = WBFLAG_ALLOCATE_RID;
575         fstrcpy(request.data.acct_mgt.username, username);
576
577         result = winbindd_request(WINBINDD_CREATE_USER, &request, &response);
578         
579         if ( result == NSS_STATUS_SUCCESS )
580                 d_printf("New RID is %d\n", response.data.rid);
581         
582         return result == NSS_STATUS_SUCCESS;
583 }
584
585 /******************************************************************
586  remove a winbindd user
587 ******************************************************************/
588
589 static BOOL wbinfo_delete_user(char *username)
590 {
591         struct winbindd_request request;
592         struct winbindd_response response;
593         NSS_STATUS result;
594
595         /* Send off request */
596
597         ZERO_STRUCT(request);
598         ZERO_STRUCT(response);
599
600         fstrcpy(request.data.acct_mgt.username, username);
601
602         result = winbindd_request(WINBINDD_DELETE_USER, &request, &response);
603         
604         return result == NSS_STATUS_SUCCESS;
605 }
606
607 /******************************************************************
608  create a winbindd group
609 ******************************************************************/
610
611 static BOOL wbinfo_create_group(char *groupname)
612 {
613         struct winbindd_request request;
614         struct winbindd_response response;
615         NSS_STATUS result;
616
617         /* Send off request */
618
619         ZERO_STRUCT(request);
620         ZERO_STRUCT(response);
621
622         fstrcpy(request.data.acct_mgt.groupname, groupname);
623
624         result = winbindd_request(WINBINDD_CREATE_GROUP, &request, &response);
625         
626         return result == NSS_STATUS_SUCCESS;
627 }
628
629 /******************************************************************
630  remove a winbindd group
631 ******************************************************************/
632
633 static BOOL wbinfo_delete_group(char *groupname)
634 {
635         struct winbindd_request request;
636         struct winbindd_response response;
637         NSS_STATUS result;
638
639         /* Send off request */
640
641         ZERO_STRUCT(request);
642         ZERO_STRUCT(response);
643
644         fstrcpy(request.data.acct_mgt.groupname, groupname);
645
646         result = winbindd_request(WINBINDD_DELETE_GROUP, &request, &response);
647         
648         return result == NSS_STATUS_SUCCESS;
649 }
650
651 /******************************************************************
652  parse a string in the form user:group
653 ******************************************************************/
654
655 static BOOL parse_user_group( const char *string, fstring user, fstring group )
656 {
657         char *p;
658         
659         if ( !string )
660                 return False;
661         
662         if ( !(p = strchr( string, ':' )) )
663                 return False;
664                 
665         *p = '\0';
666         p++;
667         
668         fstrcpy( user, string );
669         fstrcpy( group, p );
670         
671         return True;
672 }
673
674 /******************************************************************
675  add a user to a winbindd group
676 ******************************************************************/
677
678 static BOOL wbinfo_add_user_to_group(char *string)
679 {
680         struct winbindd_request request;
681         struct winbindd_response response;
682         NSS_STATUS result;
683
684         /* Send off request */
685
686         ZERO_STRUCT(request);
687         ZERO_STRUCT(response);
688
689         if ( !parse_user_group( string, request.data.acct_mgt.username,
690                 request.data.acct_mgt.groupname))
691         {
692                 d_printf("Can't parse user:group from %s\n", string);
693                 return False;
694         }
695
696         result = winbindd_request(WINBINDD_ADD_USER_TO_GROUP, &request, &response);
697         
698         return result == NSS_STATUS_SUCCESS;
699 }
700
701 /******************************************************************
702  remove a user from a winbindd group
703 ******************************************************************/
704
705 static BOOL wbinfo_remove_user_from_group(char *string)
706 {
707         struct winbindd_request request;
708         struct winbindd_response response;
709         NSS_STATUS result;
710
711         /* Send off request */
712
713         ZERO_STRUCT(request);
714         ZERO_STRUCT(response);
715
716         if ( !parse_user_group( string, request.data.acct_mgt.username,
717                 request.data.acct_mgt.groupname))
718         {
719                 d_printf("Can't parse user:group from %s\n", string);
720                 return False;
721         }
722
723         result = winbindd_request(WINBINDD_REMOVE_USER_FROM_GROUP, &request, &response);
724         
725         return result == NSS_STATUS_SUCCESS;
726 }
727
728 /* Print domain users */
729
730 static BOOL print_domain_users(const char *domain)
731 {
732         struct winbindd_request request;
733         struct winbindd_response response;
734         const char *extra_data;
735         fstring name;
736
737         /* Send request to winbind daemon */
738
739         ZERO_STRUCT(request);
740         ZERO_STRUCT(response);
741         
742         if (domain) {
743                 /* '.' is the special sign for our own domwin */
744                 if ( strequal(domain, ".") )
745                         fstrcpy( request.domain_name, lp_workgroup() );
746                 else
747                         fstrcpy( request.domain_name, domain );
748         }
749
750         if (winbindd_request(WINBINDD_LIST_USERS, &request, &response) !=
751             NSS_STATUS_SUCCESS)
752                 return False;
753
754         /* Look through extra data */
755
756         if (!response.extra_data)
757                 return False;
758
759         extra_data = (const char *)response.extra_data;
760
761         while(next_token(&extra_data, name, ",", sizeof(fstring)))
762                 d_printf("%s\n", name);
763         
764         SAFE_FREE(response.extra_data);
765
766         return True;
767 }
768
769 /* Print domain groups */
770
771 static BOOL print_domain_groups(const char *domain)
772 {
773         struct winbindd_request  request;
774         struct winbindd_response response;
775         const char *extra_data;
776         fstring name;
777
778         ZERO_STRUCT(request);
779         ZERO_STRUCT(response);
780
781         if (domain) {
782                 if ( strequal(domain, ".") )
783                         fstrcpy( request.domain_name, lp_workgroup() );
784                 else
785                         fstrcpy( request.domain_name, domain );
786         }
787
788         if (winbindd_request(WINBINDD_LIST_GROUPS, &request, &response) !=
789             NSS_STATUS_SUCCESS)
790                 return False;
791
792         /* Look through extra data */
793
794         if (!response.extra_data)
795                 return False;
796
797         extra_data = (const char *)response.extra_data;
798
799         while(next_token(&extra_data, name, ",", sizeof(fstring)))
800                 d_printf("%s\n", name);
801
802         SAFE_FREE(response.extra_data);
803         
804         return True;
805 }
806
807 /* Set the authorised user for winbindd access in secrets.tdb */
808
809 static BOOL wbinfo_set_auth_user(char *username)
810 {
811         char *password;
812         fstring user, domain;
813
814         /* Separate into user and password */
815
816         parse_wbinfo_domain_user(username, domain, user);
817
818         password = strchr(user, '%');
819
820         if (password) {
821                 *password = 0;
822                 password++;
823         } else {
824                 char *thepass = getpass("Password: ");
825                 if (thepass) {
826                         password = thepass;     
827                 } else
828                         password = "";
829         }
830
831         /* Store or remove DOMAIN\username%password in secrets.tdb */
832
833         secrets_init();
834
835         if (user[0]) {
836
837                 if (!secrets_store(SECRETS_AUTH_USER, user,
838                                    strlen(user) + 1)) {
839                         d_fprintf(stderr, "error storing username\n");
840                         return False;
841                 }
842
843                 /* We always have a domain name added by the
844                    parse_wbinfo_domain_user() function. */
845
846                 if (!secrets_store(SECRETS_AUTH_DOMAIN, domain,
847                                    strlen(domain) + 1)) {
848                         d_fprintf(stderr, "error storing domain name\n");
849                         return False;
850                 }
851
852         } else {
853                 secrets_delete(SECRETS_AUTH_USER);
854                 secrets_delete(SECRETS_AUTH_DOMAIN);
855         }
856
857         if (password[0]) {
858
859                 if (!secrets_store(SECRETS_AUTH_PASSWORD, password,
860                                    strlen(password) + 1)) {
861                         d_fprintf(stderr, "error storing password\n");
862                         return False;
863                 }
864
865         } else
866                 secrets_delete(SECRETS_AUTH_PASSWORD);
867
868         return True;
869 }
870
871 static void wbinfo_get_auth_user(void)
872 {
873         char *user, *domain, *password;
874
875         /* Lift data from secrets file */
876
877         secrets_init();
878
879         user = secrets_fetch(SECRETS_AUTH_USER, NULL);
880         domain = secrets_fetch(SECRETS_AUTH_DOMAIN, NULL);
881         password = secrets_fetch(SECRETS_AUTH_PASSWORD, NULL);
882
883         if (!user && !domain && !password) {
884                 d_printf("No authorised user configured\n");
885                 return;
886         }
887
888         /* Pretty print authorised user info */
889
890         d_printf("%s%s%s%s%s\n", domain ? domain : "", domain ? "\\" : "",
891                  user, password ? "%" : "", password ? password : "");
892
893         SAFE_FREE(user);
894         SAFE_FREE(domain);
895         SAFE_FREE(password);
896 }
897
898 static BOOL wbinfo_ping(void)
899 {
900         NSS_STATUS result;
901
902         result = winbindd_request(WINBINDD_PING, NULL, NULL);
903
904         /* Display response */
905
906         d_printf("Ping to winbindd %s on fd %d\n", 
907                (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed", winbindd_fd);
908
909         return result == NSS_STATUS_SUCCESS;
910 }
911
912 /* Main program */
913
914 enum {
915         OPT_SET_AUTH_USER = 1000,
916         OPT_GET_AUTH_USER,
917         OPT_DOMAIN_NAME,
918         OPT_SEQUENCE,
919         OPT_USERSIDS
920 };
921
922 int main(int argc, char **argv)
923 {
924         int opt;
925
926         poptContext pc;
927         static char *string_arg;
928         static char *opt_domain_name;
929         static int int_arg;
930         int result = 1;
931
932         struct poptOption long_options[] = {
933                 POPT_AUTOHELP
934
935                 /* longName, shortName, argInfo, argPtr, value, descrip, 
936                    argDesc */
937
938                 { "domain-users", 'u', POPT_ARG_NONE, 0, 'u', "Lists all domain users", "domain"},
939                 { "domain-groups", 'g', POPT_ARG_NONE, 0, 'g', "Lists all domain groups", "domain" },
940                 { "WINS-by-name", 'N', POPT_ARG_STRING, &string_arg, 'N', "Converts NetBIOS name to IP", "NETBIOS-NAME" },
941                 { "WINS-by-ip", 'I', POPT_ARG_STRING, &string_arg, 'I', "Converts IP address to NetBIOS name", "IP" },
942                 { "name-to-sid", 'n', POPT_ARG_STRING, &string_arg, 'n', "Converts name to sid", "NAME" },
943                 { "sid-to-name", 's', POPT_ARG_STRING, &string_arg, 's', "Converts sid to name", "SID" },
944                 { "uid-to-sid", 'U', POPT_ARG_INT, &int_arg, 'U', "Converts uid to sid" , "UID" },
945                 { "gid-to-sid", 'G', POPT_ARG_INT, &int_arg, 'G', "Converts gid to sid", "GID" },
946                 { "sid-to-uid", 'S', POPT_ARG_STRING, &string_arg, 'S', "Converts sid to uid", "SID" },
947                 { "sid-to-gid", 'Y', POPT_ARG_STRING, &string_arg, 'Y', "Converts sid to gid", "SID" },
948                 { "create-user", 'c', POPT_ARG_STRING, &string_arg, 'c', "Create a local user account", "name" },
949                 { "delete-user", 'x', POPT_ARG_STRING, &string_arg, 'x', "Delete a local user account", "name" },
950                 { "create-group", 'C', POPT_ARG_STRING, &string_arg, 'C', "Create a local group", "name" },
951                 { "delete-group", 'X', POPT_ARG_STRING, &string_arg, 'X', "Delete a local group", "name" },
952                 { "add-to-group", 'o', POPT_ARG_STRING, &string_arg, 'o', "Add user to group", "user:group" },
953                 { "del-from-group", 'O', POPT_ARG_STRING, &string_arg, 'O', "Remove user from group", "user:group" },
954                 { "check-secret", 't', POPT_ARG_NONE, 0, 't', "Check shared secret" },
955                 { "trusted-domains", 'm', POPT_ARG_NONE, 0, 'm', "List trusted domains" },
956                 { "sequence", 0, POPT_ARG_NONE, 0, OPT_SEQUENCE, "Show sequence numbers of all domains" },
957                 { "user-groups", 'r', POPT_ARG_STRING, &string_arg, 'r', "Get user groups", "USER" },
958                 { "user-sids", 0, POPT_ARG_STRING, &string_arg, OPT_USERSIDS, "Get user group sids for user SID", "SID" },
959                 { "authenticate", 'a', POPT_ARG_STRING, &string_arg, 'a', "authenticate user", "user%password" },
960                 { "set-auth-user", 0, POPT_ARG_STRING, &string_arg, OPT_SET_AUTH_USER, "Store user and password used by winbindd (root only)", "user%password" },
961                 { "get-auth-user", 0, POPT_ARG_NONE, NULL, OPT_GET_AUTH_USER, "Retrieve user and password used by winbindd (root only)", NULL },
962                 { "ping", 'p', POPT_ARG_NONE, 0, 'p', "Ping winbindd to see if it is alive" },
963                 { "domain", 0, POPT_ARG_STRING, &opt_domain_name, OPT_DOMAIN_NAME, "Define to the domain to restrict operatio", "domain" },
964                 POPT_COMMON_VERSION
965                 POPT_TABLEEND
966         };
967
968         /* Samba client initialisation */
969
970         if (!lp_load(dyn_CONFIGFILE, True, False, False)) {
971                 d_fprintf(stderr, "wbinfo: error opening config file %s. Error was %s\n",
972                         dyn_CONFIGFILE, strerror(errno));
973                 exit(1);
974         }
975
976         if (!init_names())
977                 return 1;
978
979         load_interfaces();
980
981         /* Parse options */
982
983         pc = poptGetContext("wbinfo", argc, (const char **)argv, long_options, 0);
984
985         /* Parse command line options */
986
987         if (argc == 1) {
988                 poptPrintHelp(pc, stderr, 0);
989                 return 1;
990         }
991
992         while((opt = poptGetNextOpt(pc)) != -1) {
993                 /* get the generic configuration parameters like --domain */
994         }
995
996         poptFreeContext(pc);
997
998         pc = poptGetContext(NULL, argc, (const char **)argv, long_options, 
999                             POPT_CONTEXT_KEEP_FIRST);
1000
1001         while((opt = poptGetNextOpt(pc)) != -1) {
1002                 switch (opt) {
1003                 case 'u':
1004                         if (!print_domain_users(opt_domain_name)) {
1005                                 d_printf("Error looking up domain users\n");
1006                                 goto done;
1007                         }
1008                         break;
1009                 case 'g':
1010                         if (!print_domain_groups(opt_domain_name)) {
1011                                 d_printf("Error looking up domain groups\n");
1012                                 goto done;
1013                         }
1014                         break;
1015                 case 's':
1016                         if (!wbinfo_lookupsid(string_arg)) {
1017                                 d_printf("Could not lookup sid %s\n", string_arg);
1018                                 goto done;
1019                         }
1020                         break;
1021                 case 'n':
1022                         if (!wbinfo_lookupname(string_arg)) {
1023                                 d_printf("Could not lookup name %s\n", string_arg);
1024                                 goto done;
1025                         }
1026                         break;
1027                 case 'N':
1028                         if (!wbinfo_wins_byname(string_arg)) {
1029                                 d_printf("Could not lookup WINS by name %s\n", string_arg);
1030                                 goto done;
1031                         }
1032                         break;
1033                 case 'I':
1034                         if (!wbinfo_wins_byip(string_arg)) {
1035                                 d_printf("Could not lookup WINS by IP %s\n", string_arg);
1036                                 goto done;
1037                         }
1038                         break;
1039                 case 'U':
1040                         if (!wbinfo_uid_to_sid(int_arg)) {
1041                                 d_printf("Could not convert uid %d to sid\n", int_arg);
1042                                 goto done;
1043                         }
1044                         break;
1045                 case 'G':
1046                         if (!wbinfo_gid_to_sid(int_arg)) {
1047                                 d_printf("Could not convert gid %d to sid\n",
1048                                        int_arg);
1049                                 goto done;
1050                         }
1051                         break;
1052                 case 'S':
1053                         if (!wbinfo_sid_to_uid(string_arg)) {
1054                                 d_printf("Could not convert sid %s to uid\n",
1055                                        string_arg);
1056                                 goto done;
1057                         }
1058                         break;
1059                 case 'Y':
1060                         if (!wbinfo_sid_to_gid(string_arg)) {
1061                                 d_printf("Could not convert sid %s to gid\n",
1062                                        string_arg);
1063                                 goto done;
1064                         }
1065                         break;
1066                 case 't':
1067                         if (!wbinfo_check_secret()) {
1068                                 d_printf("Could not check secret\n");
1069                                 goto done;
1070                         }
1071                         break;
1072                 case 'm':
1073                         if (!wbinfo_list_domains()) {
1074                                 d_printf("Could not list trusted domains\n");
1075                                 goto done;
1076                         }
1077                         break;
1078                 case OPT_SEQUENCE:
1079                         if (!wbinfo_show_sequence(opt_domain_name)) {
1080                                 d_printf("Could not show sequence numbers\n");
1081                                 goto done;
1082                         }
1083                         break;
1084                 case 'r':
1085                         if (!wbinfo_get_usergroups(string_arg)) {
1086                                 d_printf("Could not get groups for user %s\n", 
1087                                        string_arg);
1088                                 goto done;
1089                         }
1090                         break;
1091                 case OPT_USERSIDS:
1092                         if (!wbinfo_get_usersids(string_arg)) {
1093                                 d_printf("Could not get group SIDs for user SID %s\n", 
1094                                        string_arg);
1095                                 goto done;
1096                         }
1097                         break;
1098                 case 'a': {
1099                                 BOOL got_error = False;
1100
1101                                 if (!wbinfo_auth(string_arg)) {
1102                                         d_printf("Could not authenticate user %s with "
1103                                                 "plaintext password\n", string_arg);
1104                                         got_error = True;
1105                                 }
1106
1107                                 if (!wbinfo_auth_crap(string_arg)) {
1108                                         d_printf("Could not authenticate user %s with "
1109                                                 "challenge/response\n", string_arg);
1110                                         got_error = True;
1111                                 }
1112
1113                                 if (got_error)
1114                                         goto done;
1115                                 break;
1116                         }
1117                 case 'c':
1118                         if ( !wbinfo_create_user(string_arg) ) {
1119                                 d_printf("Could not create user account\n");
1120                                 goto done;
1121                         }
1122                         break;
1123                 case 'C':
1124                         if ( !wbinfo_create_group(string_arg) ) {
1125                                 d_printf("Could not create group\n");
1126                                 goto done;
1127                         }
1128                         break;
1129                 case 'o':
1130                         if ( !wbinfo_add_user_to_group(string_arg) ) {
1131                                 d_printf("Could not add user to group\n");
1132                                 goto done;
1133                         }
1134                         break;
1135                 case 'O':
1136                         if ( !wbinfo_remove_user_from_group(string_arg) ) {
1137                                 d_printf("Could not remove user kfrom group\n");
1138                                 goto done;
1139                         }
1140                         break;
1141                 case 'x':
1142                         if ( !wbinfo_delete_user(string_arg) ) {
1143                                 d_printf("Could not delete user account\n");
1144                                 goto done;
1145                         }
1146                         break;
1147                 case 'X':
1148                         if ( !wbinfo_delete_group(string_arg) ) {
1149                                 d_printf("Could not delete group\n");
1150                                 goto done;
1151                         }
1152                         break;
1153                 case 'p':
1154                         if (!wbinfo_ping()) {
1155                                 d_printf("could not ping winbindd!\n");
1156                                 goto done;
1157                         }
1158                         break;
1159                 case OPT_SET_AUTH_USER:
1160                         wbinfo_set_auth_user(string_arg);
1161                         break;
1162                 case OPT_GET_AUTH_USER:
1163                         wbinfo_get_auth_user();
1164                         break;
1165                 /* generic configuration options */
1166                 case OPT_DOMAIN_NAME:
1167                         break;
1168                 default:
1169                         d_fprintf(stderr, "Invalid option\n");
1170                         poptPrintHelp(pc, stderr, 0);
1171                         goto done;
1172                 }
1173         }
1174
1175         result = 0;
1176
1177         /* Exit code */
1178
1179  done:
1180         poptFreeContext(pc);
1181         return result;
1182 }