merge IRIX winbind support from Samba 2.2 branch
[tprouty/samba.git] / source / nsswitch / winbind_nss.c
1 /* 
2    Unix SMB/Netbios implementation.
3    Version 2.0
4
5    Windows NT Domain nsswitch module
6
7    Copyright (C) Tim Potter 2000
8    
9    This library is free software; you can redistribute it and/or
10    modify it under the terms of the GNU Library General Public
11    License as published by the Free Software Foundation; either
12    version 2 of the License, or (at your option) any later version.
13    
14    This library is distributed in the hope that it will be useful,
15    but WITHOUT ANY WARRANTY; without even the implied warranty of
16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17    Library General Public License for more details.
18    
19    You should have received a copy of the GNU Library General Public
20    License along with this library; if not, write to the
21    Free Software Foundation, Inc., 59 Temple Place - Suite 330,
22    Boston, MA  02111-1307, USA.   
23 */
24
25 #include "winbind_nss_config.h"
26 #include "winbindd_nss.h"
27
28 #ifdef HAVE_NS_API_H
29 #undef VOLATILE
30
31 #include <ns_daemon.h>
32 #endif
33
34 #define MAX_GETPWENT_USERS 250
35 #define MAX_GETGRENT_USERS 250
36
37 /* Prototypes from wb_common.c */
38
39 extern int winbindd_fd;
40
41 void init_request(struct winbindd_request *req,int rq_type);
42 NSS_STATUS winbindd_send_request(int req_type,
43                                  struct winbindd_request *request);
44 NSS_STATUS winbindd_get_response(struct winbindd_response *response);
45 NSS_STATUS winbindd_request(int req_type, 
46                                  struct winbindd_request *request,
47                                  struct winbindd_response *response);
48 int winbind_open_pipe_sock(void);
49 int write_sock(void *buffer, int count);
50 int read_reply(struct winbindd_response *response);
51 void free_response(struct winbindd_response *response);
52
53 #ifdef HAVE_NS_API_H
54 /* IRIX version */
55
56 static int send_next_request(nsd_file_t *, struct winbindd_request *);
57 static int do_list(int state, nsd_file_t *rq);
58
59 static nsd_file_t *current_rq = NULL;
60 static int current_winbind_xid = 0;
61 static int next_winbind_xid = 0;
62
63 typedef struct winbind_xid {
64         int                     xid;
65         nsd_file_t              *rq;
66         struct winbindd_request *request;
67         struct winbind_xid      *next;
68 } winbind_xid_t;
69
70 static winbind_xid_t *winbind_xids = (winbind_xid_t *)0;
71
72 static int
73 winbind_xid_new(int xid, nsd_file_t *rq, struct winbindd_request *request)
74 {
75         winbind_xid_t *new;
76
77         nsd_logprintf(NSD_LOG_LOW,
78                 "entering winbind_xid_new xid = %d rq = 0x%x, request = 0x%x\n",
79                 xid, rq, request);
80         new = (winbind_xid_t *)nsd_calloc(1,sizeof(winbind_xid_t));
81         if (!new) {
82                 nsd_logprintf(NSD_LOG_RESOURCE,"winbind_xid_new: failed malloc\n");
83                 return NSD_ERROR;
84         }
85
86         new->xid = xid;
87         new->rq = rq;
88         new->request = request;
89         new->next = winbind_xids;
90         winbind_xids = new;
91
92         return NSD_CONTINUE;
93 }
94
95 /*
96 ** This routine will look down the xid list and return the request
97 ** associated with an xid.  We remove the record if it is found.
98 */
99 nsd_file_t *
100 winbind_xid_lookup(int xid, struct winbindd_request **requestp)
101 {
102         winbind_xid_t **last, *dx;
103         nsd_file_t *result=0;
104
105         for (last = &winbind_xids, dx = winbind_xids; dx && (dx->xid != xid);
106             last = &dx->next, dx = dx->next);
107         if (dx) {
108                 *last = dx->next;
109                 result = dx->rq;
110                 *requestp = dx->request;
111                 free(dx);
112         }
113         nsd_logprintf(NSD_LOG_LOW,
114                 "entering winbind_xid_lookup xid = %d rq = 0x%x, request = 0x%x\n",
115                 xid, result, dx->request);
116
117         return result;
118 }
119
120 static int
121 winbind_startnext_timeout(nsd_file_t **rqp, nsd_times_t *to)
122 {
123         nsd_file_t *rq;
124         struct winbindd_request *request;
125
126         nsd_logprintf(NSD_LOG_MIN, "timeout (winbind startnext)\n");
127         rq = to->t_file;
128         *rqp = rq;
129         nsd_timeout_remove(rq);
130         request = to->t_clientdata;
131         return(send_next_request(rq, request));
132 }
133
134 static void
135 dequeue_request()
136 {
137         nsd_file_t *rq;
138         struct winbindd_request *request;
139
140         /*
141          * Check for queued requests
142          */
143         if (winbind_xids) {
144             nsd_logprintf(NSD_LOG_MIN, "timeout (winbind) unqueue xid %d\n",
145                         current_winbind_xid);
146             rq = winbind_xid_lookup(current_winbind_xid++, &request);
147             /* cause a timeout on the queued request so we can send it */
148             nsd_timeout_new(rq,1,winbind_startnext_timeout,request);
149         }
150 }
151
152 static int
153 do_request(nsd_file_t *rq, struct winbindd_request *request)
154 {
155         if (winbind_xids == NULL) {
156                 /*
157                  * No outstanding requests.
158                  * Send off the request to winbindd
159                  */
160                 nsd_logprintf(NSD_LOG_MIN, "lookup (winbind) sending request\n");
161                 return(send_next_request(rq, request));
162         } else {
163                 /*
164                  * Just queue it up for now - previous callout or timout
165                  * will start it up
166                  */
167                 nsd_logprintf(NSD_LOG_MIN,
168                         "lookup (winbind): queue request xid = %d\n",
169                         next_winbind_xid);
170                 return(winbind_xid_new(next_winbind_xid++, rq, request));
171         }
172 }
173
174 static int 
175 winbind_callback(nsd_file_t **rqp, int fd)
176 {
177         struct winbindd_response response;
178         struct winbindd_pw *pw = &response.data.pw;
179         struct winbindd_gr *gr = &response.data.gr;
180         nsd_file_t *rq;
181         NSS_STATUS status;
182         char result[1024];
183         char *members;
184         int i;
185
186         dequeue_request();
187
188         nsd_logprintf(NSD_LOG_MIN, "entering callback (winbind)\n");
189
190         rq = current_rq;
191         *rqp = rq;
192
193         nsd_timeout_remove(rq);
194         nsd_callback_remove(fd);
195
196         ZERO_STRUCT(response);
197         status = winbindd_get_response(&response);
198
199         if (status != NSS_STATUS_SUCCESS) {
200                 /* free any extra data area in response structure */
201                 free_response(&response);
202                 nsd_logprintf(NSD_LOG_MIN, 
203                         "callback (winbind) returning not found, status = %d\n",
204                         status);
205                 rq->f_status = NS_NOTFOUND;
206                 return NSD_NEXT;
207         }
208         switch ((int)rq->f_cmd_data) {
209             case WINBINDD_GETPWNAM_FROM_UID:
210             case WINBINDD_GETPWNAM_FROM_USER:
211                 snprintf(result,1023,"%s:%s:%d:%d:%s:%s:%s\n",
212                         pw->pw_name,
213                         pw->pw_passwd,
214                         pw->pw_uid,
215                         pw->pw_gid,
216                         pw->pw_gecos,
217                         pw->pw_dir,
218                         pw->pw_shell);
219                 break;
220             case WINBINDD_GETGRNAM_FROM_GROUP:
221             case WINBINDD_GETGRNAM_FROM_GID:
222                 if (gr->num_gr_mem && response.extra_data)
223                         members = response.extra_data;
224                 else
225                         members = "";
226                 snprintf(result,1023,"%s:%s:%d:%s\n",
227                         gr->gr_name, gr->gr_passwd, gr->gr_gid, members);
228                 break;
229             case WINBINDD_SETGRENT:
230             case WINBINDD_SETPWENT:
231                 nsd_logprintf(NSD_LOG_MIN, "callback (winbind) - SETPWENT/SETGRENT\n");
232                 free_response(&response);
233                 return(do_list(1,rq));
234             case WINBINDD_GETGRENT:
235                 nsd_logprintf(NSD_LOG_MIN, 
236                         "callback (winbind) - %d GETGRENT responses\n",
237                         response.data.num_entries);
238                 if (response.data.num_entries) {
239                     gr = (struct winbindd_gr *)response.extra_data;
240                     if (! gr ) {
241                         nsd_logprintf(NSD_LOG_MIN, "     no extra_data\n");
242                         free_response(&response);
243                         return NSD_ERROR;
244                     }
245                     members = (char *)response.extra_data + 
246                                 (response.data.num_entries * sizeof(struct winbindd_gr));
247                     for (i = 0; i < response.data.num_entries; i++) {
248                         snprintf(result,1023,"%s:%s:%d:%s\n",
249                                 gr->gr_name, gr->gr_passwd, gr->gr_gid, 
250                                 &members[gr->gr_mem_ofs]);
251                         nsd_logprintf(NSD_LOG_MIN, "     GETGRENT %s\n",result);
252                         nsd_append_element(rq,NS_SUCCESS,result,strlen(result));
253                         gr++;
254                     }
255                 }
256                 i = response.data.num_entries;
257                 free_response(&response);
258                 if (i < MAX_GETPWENT_USERS)
259                     return(do_list(2,rq));
260                 else
261                     return(do_list(1,rq));
262             case WINBINDD_GETPWENT:
263                 nsd_logprintf(NSD_LOG_MIN, 
264                         "callback (winbind) - %d GETPWENT responses\n",
265                         response.data.num_entries);
266                 if (response.data.num_entries) {
267                     pw = (struct winbindd_pw *)response.extra_data;
268                     if (! pw ) {
269                         nsd_logprintf(NSD_LOG_MIN, "     no extra_data\n");
270                         free_response(&response);
271                         return NSD_ERROR;
272                     }
273                     for (i = 0; i < response.data.num_entries; i++) {
274                         snprintf(result,1023,"%s:%s:%d:%d:%s:%s:%s",
275                                 pw->pw_name,
276                                 pw->pw_passwd,
277                                 pw->pw_uid,
278                                 pw->pw_gid,
279                                 pw->pw_gecos,
280                                 pw->pw_dir,
281                                 pw->pw_shell);
282                         nsd_logprintf(NSD_LOG_MIN, "     GETPWENT %s\n",result);
283                         nsd_append_element(rq,NS_SUCCESS,result,strlen(result));
284                         pw++;
285                     }
286                 }
287                 i = response.data.num_entries;
288                 free_response(&response);
289                 if (i < MAX_GETPWENT_USERS)
290                     return(do_list(2,rq));
291                 else
292                     return(do_list(1,rq));
293             case WINBINDD_ENDGRENT:
294             case WINBINDD_ENDPWENT:
295                 nsd_logprintf(NSD_LOG_MIN, "callback (winbind) - ENDPWENT/ENDGRENT\n");
296                 nsd_append_element(rq,NS_SUCCESS,"\n",1);
297                 free_response(&response);
298                 return NSD_NEXT;
299             default:
300                 free_response(&response);
301                 nsd_logprintf(NSD_LOG_MIN, "callback (winbind) - no valid command\n");
302                 return NSD_NEXT;
303         }
304         nsd_logprintf(NSD_LOG_MIN, "callback (winbind) %s\n", result);
305         /* free any extra data area in response structure */
306         free_response(&response);
307         nsd_set_result(rq,NS_SUCCESS,result,strlen(result),VOLATILE);
308         return NSD_OK;
309 }
310
311 static int 
312 winbind_timeout(nsd_file_t **rqp, nsd_times_t *to)
313 {
314         nsd_file_t *rq;
315
316         dequeue_request();
317
318         nsd_logprintf(NSD_LOG_MIN, "timeout (winbind)\n");
319
320         rq = to->t_file;
321         *rqp = rq;
322
323         /* Remove the callback and timeout */
324         nsd_callback_remove(winbindd_fd);
325         nsd_timeout_remove(rq);
326
327         rq->f_status = NS_NOTFOUND;
328         return NSD_NEXT;
329 }
330
331 static int
332 send_next_request(nsd_file_t *rq, struct winbindd_request *request)
333 {
334         NSS_STATUS status;
335         long timeout;
336
337         timeout = 1000;
338
339         nsd_logprintf(NSD_LOG_MIN, "send_next_request (winbind) %d to = %d\n",
340                         rq->f_cmd_data, timeout);
341         status = winbindd_send_request((int)rq->f_cmd_data,request);
342         free(request);
343
344         if (status != NSS_STATUS_SUCCESS) {
345                 nsd_logprintf(NSD_LOG_MIN, 
346                         "send_next_request (winbind) error status = %d\n",status);
347                 rq->f_status = status;
348                 return NSD_NEXT;
349         }
350
351         current_rq = rq;
352
353         /*
354          * Set up callback and timeouts
355          */
356         nsd_logprintf(NSD_LOG_MIN, "send_next_request (winbind) fd = %d\n",winbindd_fd);
357         nsd_callback_new(winbindd_fd,winbind_callback,NSD_READ);
358         nsd_timeout_new(rq,timeout,winbind_timeout,(void *)0);
359         return NSD_CONTINUE;
360 }
361
362 int init(void)
363 {
364         nsd_logprintf(NSD_LOG_MIN, "entering init (winbind)\n");
365         return(NSD_OK);
366 }
367
368 int lookup(nsd_file_t *rq)
369 {
370         char *map;
371         char *key;
372         struct winbindd_request *request;
373
374         nsd_logprintf(NSD_LOG_MIN, "entering lookup (winbind)\n");
375         if (! rq)
376                 return NSD_ERROR;
377
378         map = nsd_attr_fetch_string(rq->f_attrs, "table", (char*)0);
379         key = nsd_attr_fetch_string(rq->f_attrs, "key", (char*)0);
380         if (! map || ! key) {
381                 nsd_logprintf(NSD_LOG_MIN, "lookup (winbind) table or key not defined\n");
382                 rq->f_status = NS_BADREQ;
383                 return NSD_ERROR;
384         }
385
386         nsd_logprintf(NSD_LOG_MIN, "lookup (winbind %s)\n",map);
387
388         request = (struct winbindd_request *)nsd_calloc(1,sizeof(struct winbindd_request));
389         if (! request) {
390                 nsd_logprintf(NSD_LOG_RESOURCE,
391                         "lookup (winbind): failed malloc\n");
392                 return NSD_ERROR;
393         }
394
395         if (strcasecmp(map,"passwd.byuid") == 0) {
396             request->data.uid = atoi(key);
397             rq->f_cmd_data = (void *)WINBINDD_GETPWNAM_FROM_UID;
398         } else if (strcasecmp(map,"passwd.byname") == 0) {
399             strncpy(request->data.username, key, 
400                 sizeof(request->data.username) - 1);
401             request->data.username[sizeof(request->data.username) - 1] = '\0';
402             rq->f_cmd_data = (void *)WINBINDD_GETPWNAM_FROM_USER; 
403         } else if (strcasecmp(map,"group.byname") == 0) {
404             strncpy(request->data.groupname, key, 
405                 sizeof(request->data.groupname) - 1);
406             request->data.groupname[sizeof(request->data.groupname) - 1] = '\0';
407             rq->f_cmd_data = (void *)WINBINDD_GETGRNAM_FROM_GROUP; 
408         } else if (strcasecmp(map,"group.bygid") == 0) {
409             request->data.gid = atoi(key);
410             rq->f_cmd_data = (void *)WINBINDD_GETGRNAM_FROM_GID;
411         } else {
412                 /*
413                  * Don't understand this map - just return not found
414                  */
415                 nsd_logprintf(NSD_LOG_MIN, "lookup (winbind) unknown table\n");
416                 free(request);
417                 rq->f_status = NS_NOTFOUND;
418                 return NSD_NEXT;
419         }
420
421         return(do_request(rq, request));
422 }
423
424 int list(nsd_file_t *rq)
425 {
426         char *map;
427
428         nsd_logprintf(NSD_LOG_MIN, "entering list (winbind)\n");
429         if (! rq)
430                 return NSD_ERROR;
431
432         map = nsd_attr_fetch_string(rq->f_attrs, "table", (char*)0);
433         if (! map ) {
434                 nsd_logprintf(NSD_LOG_MIN, "list (winbind) table not defined\n");
435                 rq->f_status = NS_BADREQ;
436                 return NSD_ERROR;
437         }
438
439         nsd_logprintf(NSD_LOG_MIN, "list (winbind %s)\n",map);
440
441         return (do_list(0,rq));
442 }
443
444 static int
445 do_list(int state, nsd_file_t *rq)
446 {
447         char *map;
448         struct winbindd_request *request;
449
450         nsd_logprintf(NSD_LOG_MIN, "entering do_list (winbind) state = %d\n",state);
451
452         map = nsd_attr_fetch_string(rq->f_attrs, "table", (char*)0);
453         request = (struct winbindd_request *)nsd_calloc(1,sizeof(struct winbindd_request));
454         if (! request) {
455                 nsd_logprintf(NSD_LOG_RESOURCE,
456                         "do_list (winbind): failed malloc\n");
457                 return NSD_ERROR;
458         }
459
460         if (strcasecmp(map,"passwd.byname") == 0) {
461             switch (state) {
462                 case 0:
463                     rq->f_cmd_data = (void *)WINBINDD_SETPWENT;
464                     break;
465                 case 1:
466                     request->data.num_entries = MAX_GETPWENT_USERS;
467                     rq->f_cmd_data = (void *)WINBINDD_GETPWENT;
468                     break;
469                 case 2:
470                     rq->f_cmd_data = (void *)WINBINDD_ENDPWENT;
471                     break;
472                 default:
473                     nsd_logprintf(NSD_LOG_MIN, "do_list (winbind) unknown state\n");
474                     free(request);
475                     rq->f_status = NS_NOTFOUND;
476                     return NSD_NEXT;
477             }
478         } else if (strcasecmp(map,"group.byname") == 0) {
479             switch (state) {
480                 case 0:
481                     rq->f_cmd_data = (void *)WINBINDD_SETGRENT;
482                     break;
483                 case 1:
484                     request->data.num_entries = MAX_GETGRENT_USERS;
485                     rq->f_cmd_data = (void *)WINBINDD_GETGRENT;
486                     break;
487                 case 2:
488                     rq->f_cmd_data = (void *)WINBINDD_ENDGRENT;
489                     break;
490                 default:
491                     nsd_logprintf(NSD_LOG_MIN, "do_list (winbind) unknown state\n");
492                     free(request);
493                     rq->f_status = NS_NOTFOUND;
494                     return NSD_NEXT;
495             }
496         } else {
497                 /*
498                  * Don't understand this map - just return not found
499                  */
500                 nsd_logprintf(NSD_LOG_MIN, "do_list (winbind) unknown table\n");
501                 free(request);
502                 rq->f_status = NS_NOTFOUND;
503                 return NSD_NEXT;
504         }
505
506         return(do_request(rq, request));
507 }
508
509 #else
510
511 /* Allocate some space from the nss static buffer.  The buffer and buflen
512    are the pointers passed in by the C library to the _nss_ntdom_*
513    functions. */
514
515 static char *get_static(char **buffer, int *buflen, int len)
516 {
517         char *result;
518
519         /* Error check.  We return false if things aren't set up right, or
520            there isn't enough buffer space left. */
521         
522         if ((buffer == NULL) || (buflen == NULL) || (*buflen < len)) {
523                 return NULL;
524         }
525
526         /* Return an index into the static buffer */
527
528         result = *buffer;
529         *buffer += len;
530         *buflen -= len;
531
532         return result;
533 }
534
535 /* I've copied the strtok() replacement function next_token() from
536    lib/util_str.c as I really don't want to have to link in any other
537    objects if I can possibly avoid it. */
538
539 BOOL next_token(char **ptr,char *buff,char *sep, size_t bufsize)
540 {
541         char *s;
542         BOOL quoted;
543         size_t len=1;
544
545         if (!ptr) return(False);
546
547         s = *ptr;
548
549         /* default to simple separators */
550         if (!sep) sep = " \t\n\r";
551
552         /* find the first non sep char */
553         while (*s && strchr(sep,*s)) s++;
554         
555         /* nothing left? */
556         if (! *s) return(False);
557         
558         /* copy over the token */
559         for (quoted = False; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) {
560                 if (*s == '\"') {
561                         quoted = !quoted;
562                 } else {
563                         len++;
564                         *buff++ = *s;
565                 }
566         }
567         
568         *ptr = (*s) ? s+1 : s;  
569         *buff = 0;
570         
571         return(True);
572 }
573
574
575 /* Fill a pwent structure from a winbindd_response structure.  We use
576    the static data passed to us by libc to put strings and stuff in.
577    Return NSS_STATUS_TRYAGAIN if we run out of memory. */
578
579 static NSS_STATUS fill_pwent(struct passwd *result,
580                                   struct winbindd_pw *pw,
581                                   char **buffer, int *buflen)
582 {
583         /* User name */
584
585         if ((result->pw_name = 
586              get_static(buffer, buflen, strlen(pw->pw_name) + 1)) == NULL) {
587
588                 /* Out of memory */
589
590                 return NSS_STATUS_TRYAGAIN;
591         }
592
593         strcpy(result->pw_name, pw->pw_name);
594
595         /* Password */
596
597         if ((result->pw_passwd = 
598              get_static(buffer, buflen, strlen(pw->pw_passwd) + 1)) == NULL) {
599
600                 /* Out of memory */
601
602                 return NSS_STATUS_TRYAGAIN;
603         }
604
605         strcpy(result->pw_passwd, pw->pw_passwd);
606         
607         /* [ug]id */
608
609         result->pw_uid = pw->pw_uid;
610         result->pw_gid = pw->pw_gid;
611
612         /* GECOS */
613
614         if ((result->pw_gecos = 
615              get_static(buffer, buflen, strlen(pw->pw_gecos) + 1)) == NULL) {
616
617                 /* Out of memory */
618
619                 return NSS_STATUS_TRYAGAIN;
620         }
621
622         strcpy(result->pw_gecos, pw->pw_gecos);
623         
624         /* Home directory */
625         
626         if ((result->pw_dir = 
627              get_static(buffer, buflen, strlen(pw->pw_dir) + 1)) == NULL) {
628
629                 /* Out of memory */
630
631                 return NSS_STATUS_TRYAGAIN;
632         }
633
634         strcpy(result->pw_dir, pw->pw_dir);
635
636         /* Logon shell */
637         
638         if ((result->pw_shell = 
639              get_static(buffer, buflen, strlen(pw->pw_shell) + 1)) == NULL) {
640                 
641                 /* Out of memory */
642
643                 return NSS_STATUS_TRYAGAIN;
644         }
645
646         strcpy(result->pw_shell, pw->pw_shell);
647
648         return NSS_STATUS_SUCCESS;
649 }
650
651 /* Fill a grent structure from a winbindd_response structure.  We use
652    the static data passed to us by libc to put strings and stuff in.
653    Return NSS_STATUS_TRYAGAIN if we run out of memory. */
654
655 static int fill_grent(struct group *result, struct winbindd_gr *gr,
656                       char *gr_mem, char **buffer, int *buflen)
657 {
658         fstring name;
659         int i;
660         char *tst;
661
662         /* Group name */
663
664         if ((result->gr_name =
665              get_static(buffer, buflen, strlen(gr->gr_name) + 1)) == NULL) {
666
667                 /* Out of memory */
668
669                 return NSS_STATUS_TRYAGAIN;
670         }
671
672         strcpy(result->gr_name, gr->gr_name);
673
674         /* Password */
675
676         if ((result->gr_passwd =
677              get_static(buffer, buflen, strlen(gr->gr_passwd) + 1)) == NULL) {
678
679                 /* Out of memory */
680                 
681                 return NSS_STATUS_TRYAGAIN;
682         }
683
684         strcpy(result->gr_passwd, gr->gr_passwd);
685
686         /* gid */
687
688         result->gr_gid = gr->gr_gid;
689
690         /* Group membership */
691
692         if ((gr->num_gr_mem < 0) || !gr_mem) {
693                 gr->num_gr_mem = 0;
694         }
695
696         /* this next value is a pointer to a pointer so let's align it */
697
698         /* Calculate number of extra bytes needed to align on pointer size boundry */
699         if (i = (int)*buffer % sizeof(char*))
700                 i = sizeof(char*) - i;
701         
702         if ((tst = get_static(buffer, buflen, ((gr->num_gr_mem + 1) * 
703                                  sizeof(char *)+i))) == NULL) {
704
705                 /* Out of memory */
706
707                 return NSS_STATUS_TRYAGAIN;
708         }
709         result->gr_mem = (char **)(tst + i);
710
711         if (gr->num_gr_mem == 0) {
712
713                 /* Group is empty */
714
715                 *(result->gr_mem) = NULL;
716                 return NSS_STATUS_SUCCESS;
717         }
718
719         /* Start looking at extra data */
720
721         i = 0;
722
723         while(next_token((char **)&gr_mem, name, ",", sizeof(fstring))) {
724         
725                 /* Allocate space for member */
726         
727                 if (((result->gr_mem)[i] = 
728                      get_static(buffer, buflen, strlen(name) + 1)) == NULL) {
729             
730                         /* Out of memory */
731             
732                         return NSS_STATUS_TRYAGAIN;
733                 }        
734         
735                 strcpy((result->gr_mem)[i], name);
736                 i++;
737         }
738
739         /* Terminate list */
740
741         (result->gr_mem)[i] = NULL;
742
743         return NSS_STATUS_SUCCESS;
744 }
745
746 /*
747  * NSS user functions
748  */
749
750 static struct winbindd_response getpwent_response;
751
752 static int ndx_pw_cache;                 /* Current index into pwd cache */
753 static int num_pw_cache;                 /* Current size of pwd cache */
754
755 /* Rewind "file pointer" to start of ntdom password database */
756
757 NSS_STATUS
758 _nss_winbind_setpwent(void)
759 {
760 #ifdef DEBUG_NSS
761         fprintf(stderr, "[%5d]: setpwent\n", getpid());
762 #endif
763
764         if (num_pw_cache > 0) {
765                 ndx_pw_cache = num_pw_cache = 0;
766                 free_response(&getpwent_response);
767         }
768
769         return winbindd_request(WINBINDD_SETPWENT, NULL, NULL);
770 }
771
772 /* Close ntdom password database "file pointer" */
773
774 NSS_STATUS
775 _nss_winbind_endpwent(void)
776 {
777 #ifdef DEBUG_NSS
778         fprintf(stderr, "[%5d]: endpwent\n", getpid());
779 #endif
780
781         if (num_pw_cache > 0) {
782                 ndx_pw_cache = num_pw_cache = 0;
783                 free_response(&getpwent_response);
784         }
785
786         return winbindd_request(WINBINDD_ENDPWENT, NULL, NULL);
787 }
788
789 /* Fetch the next password entry from ntdom password database */
790
791 NSS_STATUS
792 _nss_winbind_getpwent_r(struct passwd *result, char *buffer, 
793                         size_t buflen, int *errnop)
794 {
795         NSS_STATUS ret;
796         struct winbindd_request request;
797         static int called_again;
798
799 #ifdef DEBUG_NSS
800         fprintf(stderr, "[%5d]: getpwent\n", getpid());
801 #endif
802
803         /* Return an entry from the cache if we have one, or if we are
804            called again because we exceeded our static buffer.  */
805
806         if ((ndx_pw_cache < num_pw_cache) || called_again) {
807                 goto return_result;
808         }
809
810         /* Else call winbindd to get a bunch of entries */
811         
812         if (num_pw_cache > 0) {
813                 free_response(&getpwent_response);
814         }
815
816         ZERO_STRUCT(request);
817         ZERO_STRUCT(getpwent_response);
818
819         request.data.num_entries = MAX_GETPWENT_USERS;
820
821         ret = winbindd_request(WINBINDD_GETPWENT, &request, 
822                                &getpwent_response);
823
824         if (ret == NSS_STATUS_SUCCESS) {
825                 struct winbindd_pw *pw_cache;
826
827                 /* Fill cache */
828
829                 ndx_pw_cache = 0;
830                 num_pw_cache = getpwent_response.data.num_entries;
831
832                 /* Return a result */
833
834         return_result:
835
836                 pw_cache = getpwent_response.extra_data;
837
838                 /* Check data is valid */
839
840                 if (pw_cache == NULL) {
841                         return NSS_STATUS_NOTFOUND;
842                 }
843
844                 ret = fill_pwent(result, &pw_cache[ndx_pw_cache],
845                                  &buffer, &buflen);
846                 
847                 /* Out of memory - try again */
848
849                 if (ret == NSS_STATUS_TRYAGAIN) {
850                         called_again = True;
851                         *errnop = errno = ERANGE;
852                         return ret;
853                 }
854
855                 *errnop = errno = 0;
856                 called_again = False;
857                 ndx_pw_cache++;
858
859                 /* If we've finished with this lot of results free cache */
860
861                 if (ndx_pw_cache == num_pw_cache) {
862                         ndx_pw_cache = num_pw_cache = 0;
863                         free_response(&getpwent_response);
864                 }
865         }
866
867         return ret;
868 }
869
870 /* Return passwd struct from uid */
871
872 NSS_STATUS
873 _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer,
874                         size_t buflen, int *errnop)
875 {
876         NSS_STATUS ret;
877         static struct winbindd_response response;
878         struct winbindd_request request;
879         static int keep_response=0;
880
881         /* If our static buffer needs to be expanded we are called again */
882         if (!keep_response) {
883
884                 /* Call for the first time */
885
886                 ZERO_STRUCT(response);
887                 ZERO_STRUCT(request);
888
889                 request.data.uid = uid;
890
891                 ret = winbindd_request(WINBINDD_GETPWNAM_FROM_UID, &request, 
892                                        &response);
893
894                 if (ret == NSS_STATUS_SUCCESS) {
895                         ret = fill_pwent(result, &response.data.pw, 
896                                          &buffer, &buflen);
897
898                         if (ret == NSS_STATUS_TRYAGAIN) {
899                                 keep_response = True;
900                                 *errnop = errno = ERANGE;
901                                 return ret;
902                         }
903                 }
904
905         } else {
906
907                 /* We've been called again */
908
909                 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
910
911                 if (ret == NSS_STATUS_TRYAGAIN) {
912                         keep_response = True;
913                         *errnop = errno = ERANGE;
914                         return ret;
915                 }
916
917                 keep_response = False;
918                 *errnop = errno = 0;
919         }
920
921         free_response(&response);
922         return ret;
923 }
924
925 /* Return passwd struct from username */
926
927 NSS_STATUS
928 _nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer,
929                         size_t buflen, int *errnop)
930 {
931         NSS_STATUS ret;
932         static struct winbindd_response response;
933         struct winbindd_request request;
934         static int keep_response;
935
936 #ifdef DEBUG_NSS
937         fprintf(stderr, "[%5d]: getpwnam %s\n", getpid(), name);
938 #endif
939
940         /* If our static buffer needs to be expanded we are called again */
941
942         if (!keep_response) {
943
944                 /* Call for the first time */
945
946                 ZERO_STRUCT(response);
947                 ZERO_STRUCT(request);
948
949                 strncpy(request.data.username, name, 
950                         sizeof(request.data.username) - 1);
951                 request.data.username
952                         [sizeof(request.data.username) - 1] = '\0';
953
954                 ret = winbindd_request(WINBINDD_GETPWNAM_FROM_USER, &request, 
955                                        &response);
956
957                 if (ret == NSS_STATUS_SUCCESS) {
958                         ret = fill_pwent(result, &response.data.pw, &buffer,
959                                          &buflen);
960
961                         if (ret == NSS_STATUS_TRYAGAIN) {
962                                 keep_response = True;
963                                 *errnop = errno = ERANGE;
964                                 return ret;
965                         }
966                 }
967
968         } else {
969
970                 /* We've been called again */
971
972                 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
973
974                 if (ret == NSS_STATUS_TRYAGAIN) {
975                         keep_response = True;
976                         *errnop = errno = ERANGE;
977                         return ret;
978                 }
979
980                 keep_response = False;
981                 *errnop = errno = 0;
982         }
983
984         free_response(&response);
985         return ret;
986 }
987
988 /*
989  * NSS group functions
990  */
991
992 static struct winbindd_response getgrent_response;
993
994 static int ndx_gr_cache;                 /* Current index into grp cache */
995 static int num_gr_cache;                 /* Current size of grp cache */
996
997 /* Rewind "file pointer" to start of ntdom group database */
998
999 NSS_STATUS
1000 _nss_winbind_setgrent(void)
1001 {
1002 #ifdef DEBUG_NSS
1003         fprintf(stderr, "[%5d]: setgrent\n", getpid());
1004 #endif
1005
1006         if (num_gr_cache > 0) {
1007                 ndx_gr_cache = num_gr_cache = 0;
1008                 free_response(&getgrent_response);
1009         }
1010
1011         return winbindd_request(WINBINDD_SETGRENT, NULL, NULL);
1012 }
1013
1014 /* Close "file pointer" for ntdom group database */
1015
1016 NSS_STATUS
1017 _nss_winbind_endgrent(void)
1018 {
1019 #ifdef DEBUG_NSS
1020         fprintf(stderr, "[%5d]: endgrent\n", getpid());
1021 #endif
1022
1023         if (num_gr_cache > 0) {
1024                 ndx_gr_cache = num_gr_cache = 0;
1025                 free_response(&getgrent_response);
1026         }
1027
1028         return winbindd_request(WINBINDD_ENDGRENT, NULL, NULL);
1029 }
1030
1031 /* Get next entry from ntdom group database */
1032
1033 NSS_STATUS
1034 _nss_winbind_getgrent_r(struct group *result,
1035                         char *buffer, size_t buflen, int *errnop)
1036 {
1037         NSS_STATUS ret;
1038         static struct winbindd_request request;
1039         static int called_again;
1040
1041 #ifdef DEBUG_NSS
1042         fprintf(stderr, "[%5d]: getgrent\n", getpid());
1043 #endif
1044
1045         /* Return an entry from the cache if we have one, or if we are
1046            called again because we exceeded our static buffer.  */
1047
1048         if ((ndx_gr_cache < num_gr_cache) || called_again) {
1049                 goto return_result;
1050         }
1051
1052         /* Else call winbindd to get a bunch of entries */
1053         
1054         if (num_gr_cache > 0) {
1055                 free_response(&getgrent_response);
1056         }
1057
1058         ZERO_STRUCT(request);
1059         ZERO_STRUCT(getgrent_response);
1060
1061         request.data.num_entries = MAX_GETGRENT_USERS;
1062
1063         ret = winbindd_request(WINBINDD_GETGRENT, &request, 
1064                                &getgrent_response);
1065
1066         if (ret == NSS_STATUS_SUCCESS) {
1067                 struct winbindd_gr *gr_cache;
1068                 int mem_ofs;
1069
1070                 /* Fill cache */
1071
1072                 ndx_gr_cache = 0;
1073                 num_gr_cache = getgrent_response.data.num_entries;
1074
1075                 /* Return a result */
1076
1077         return_result:
1078
1079                 gr_cache = getgrent_response.extra_data;
1080
1081                 /* Check data is valid */
1082
1083                 if (gr_cache == NULL) {
1084                         return NSS_STATUS_NOTFOUND;
1085                 }
1086
1087                 /* Fill group membership.  The offset into the extra data
1088                    for the group membership is the reported offset plus the
1089                    size of all the winbindd_gr records returned. */
1090
1091                 mem_ofs = gr_cache[ndx_gr_cache].gr_mem_ofs +
1092                         num_gr_cache * sizeof(struct winbindd_gr);
1093
1094                 ret = fill_grent(result, &gr_cache[ndx_gr_cache],
1095                                  ((char *)getgrent_response.extra_data)+mem_ofs,
1096                                  &buffer, &buflen);
1097                 
1098                 /* Out of memory - try again */
1099
1100                 if (ret == NSS_STATUS_TRYAGAIN) {
1101                         called_again = True;
1102                         *errnop = errno = ERANGE;
1103                         return ret;
1104                 }
1105
1106                 *errnop = 0;
1107                 called_again = False;
1108                 ndx_gr_cache++;
1109
1110                 /* If we've finished with this lot of results free cache */
1111
1112                 if (ndx_gr_cache == num_gr_cache) {
1113                         ndx_gr_cache = num_gr_cache = 0;
1114                         free_response(&getgrent_response);
1115                 }
1116         }
1117
1118         return ret;
1119 }
1120
1121 /* Return group struct from group name */
1122
1123 NSS_STATUS
1124 _nss_winbind_getgrnam_r(const char *name,
1125                         struct group *result, char *buffer,
1126                         size_t buflen, int *errnop)
1127 {
1128         NSS_STATUS ret;
1129         static struct winbindd_response response;
1130         struct winbindd_request request;
1131         static int keep_response;
1132         
1133 #ifdef DEBUG_NSS
1134         fprintf(stderr, "[%5d]: getgrnam %s\n", getpid(), name);
1135 #endif
1136
1137         /* If our static buffer needs to be expanded we are called again */
1138         
1139         if (!keep_response) {
1140
1141                 /* Call for the first time */
1142
1143                 ZERO_STRUCT(request);
1144                 ZERO_STRUCT(response);
1145
1146                 strncpy(request.data.groupname, name, 
1147                         sizeof(request.data.groupname));
1148                 request.data.groupname
1149                         [sizeof(request.data.groupname) - 1] = '\0';
1150
1151                 ret = winbindd_request(WINBINDD_GETGRNAM_FROM_GROUP, 
1152                                        &request, &response);
1153
1154                 if (ret == NSS_STATUS_SUCCESS) {
1155                         ret = fill_grent(result, &response.data.gr, 
1156                                          response.extra_data,
1157                                          &buffer, &buflen);
1158
1159                         if (ret == NSS_STATUS_TRYAGAIN) {
1160                                 keep_response = True;
1161                                 *errnop = errno = ERANGE;
1162                                 return ret;
1163                         }
1164                 }
1165
1166         } else {
1167                 
1168                 /* We've been called again */
1169                 
1170                 ret = fill_grent(result, &response.data.gr, 
1171                                  response.extra_data, &buffer, &buflen);
1172                 
1173                 if (ret == NSS_STATUS_TRYAGAIN) {
1174                         keep_response = True;
1175                         *errnop = errno = ERANGE;
1176                         return ret;
1177                 }
1178
1179                 keep_response = False;
1180                 *errnop = 0;
1181         }
1182
1183         free_response(&response);
1184         return ret;
1185 }
1186
1187 /* Return group struct from gid */
1188
1189 NSS_STATUS
1190 _nss_winbind_getgrgid_r(gid_t gid,
1191                         struct group *result, char *buffer,
1192                         size_t buflen, int *errnop)
1193 {
1194         NSS_STATUS ret;
1195         static struct winbindd_response response;
1196         struct winbindd_request request;
1197         static int keep_response;
1198
1199 #ifdef DEBUG_NSS
1200         fprintf(stderr, "[%5d]: getgrgid %d\n", getpid(), gid);
1201 #endif
1202
1203         /* If our static buffer needs to be expanded we are called again */
1204
1205         if (!keep_response) {
1206
1207                 /* Call for the first time */
1208
1209                 ZERO_STRUCT(request);
1210                 ZERO_STRUCT(response);
1211
1212                 request.data.gid = gid;
1213
1214                 ret = winbindd_request(WINBINDD_GETGRNAM_FROM_GID, &request, 
1215                                        &response);
1216
1217                 if (ret == NSS_STATUS_SUCCESS) {
1218
1219                         ret = fill_grent(result, &response.data.gr, 
1220                                          response.extra_data, 
1221                                          &buffer, &buflen);
1222
1223                         if (ret == NSS_STATUS_TRYAGAIN) {
1224                                 keep_response = True;
1225                                 *errnop = errno = ERANGE;
1226                                 return ret;
1227                         }
1228                 }
1229
1230         } else {
1231
1232                 /* We've been called again */
1233
1234                 ret = fill_grent(result, &response.data.gr, 
1235                                  response.extra_data, &buffer, &buflen);
1236
1237                 if (ret == NSS_STATUS_TRYAGAIN) {
1238                         keep_response = True;
1239                         *errnop = errno = ERANGE;
1240                         return ret;
1241                 }
1242
1243                 keep_response = False;
1244                 *errnop = 0;
1245         }
1246
1247         free_response(&response);
1248         return ret;
1249 }
1250
1251 /* Initialise supplementary groups */
1252
1253 NSS_STATUS
1254 _nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start,
1255                             long int *size, gid_t **groups, long int limit,
1256                             int *errnop)
1257 {
1258         NSS_STATUS ret;
1259         struct winbindd_request request;
1260         struct winbindd_response response;
1261         int i;
1262
1263 #ifdef DEBUG_NSS
1264         fprintf(stderr, "[%5d]: initgroups %s (%d)\n", getpid(),
1265                 user, group);
1266 #endif
1267
1268         ZERO_STRUCT(request);
1269         ZERO_STRUCT(response);
1270
1271         strncpy(request.data.username, user,
1272                 sizeof(request.data.username) - 1);
1273
1274         ret = winbindd_request(WINBINDD_GETGROUPS, &request, &response);
1275
1276         if (ret == NSS_STATUS_SUCCESS) {
1277                 int num_gids = response.data.num_entries;
1278                 gid_t *gid_list = (gid_t *)response.extra_data;
1279
1280                 /* Copy group list to client */
1281
1282                 for (i = 0; i < num_gids; i++) {
1283
1284                         /* Skip primary group */
1285
1286                         if (gid_list[i] == group) continue;
1287
1288                         /* Add to buffer */
1289
1290                         if (*start == *size && limit <= 0) {
1291                                 (*groups) = realloc(
1292                                         (*groups), (2 * (*size) + 1) * sizeof(**groups));
1293                                 if (! *groups) goto done;
1294                                 *size = 2 * (*size) + 1;
1295                         }
1296
1297                         if (*start == *size) goto done;
1298
1299                         (*groups)[*start] = gid_list[i];
1300                         *start += 1;
1301
1302                         /* Filled buffer? */
1303
1304                         if (*start == limit) goto done;
1305                 }
1306         }
1307         
1308         /* Back to your regularly scheduled programming */
1309
1310  done:
1311         return ret;
1312 }
1313
1314 #endif