search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix bogus uninitialized variable warnings
[Samba/gbeck.git] / source3 / winbindd / winbindd_misc.c
blob76f2554122b476482e8c80a4d49af7b9a0db0fbb
1 /*
2 Unix SMB/CIFS implementation.
3
4 Winbind daemon - miscellaneous other functions
5
6 Copyright (C) Tim Potter 2000
7 Copyright (C) Andrew Bartlett 2002
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "winbindd.h"
25
26 #undef DBGC_CLASS
27 #define DBGC_CLASS DBGC_WINBIND
28
29 /* Check the machine account password is valid */
30
31 void winbindd_check_machine_acct(struct winbindd_cli_state *state)
32 {
33 DEBUG(3, ("[%5lu]: check machine account\n",
34 (unsigned long)state->pid));
35
36 sendto_domain(state, find_our_domain());
37 }
38
39 enum winbindd_result winbindd_dual_check_machine_acct(struct winbindd_domain *domain,
40 struct winbindd_cli_state *state)
41 {
42 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
43 int num_retries = 0;
44 struct winbindd_domain *contact_domain;
45
46 DEBUG(3, ("[%5lu]: check machine account\n", (unsigned long)state->pid));
47
48 /* Get trust account password */
49
50 again:
51
52 contact_domain = find_our_domain();
53
54 /* This call does a cli_nt_setup_creds() which implicitly checks
55 the trust account password. */
56
57 invalidate_cm_connection(&contact_domain->conn);
58
59 {
60 struct rpc_pipe_client *netlogon_pipe;
61 result = cm_connect_netlogon(contact_domain, &netlogon_pipe);
62 }
63
64 if (!NT_STATUS_IS_OK(result)) {
65 DEBUG(3, ("could not open handle to NETLOGON pipe\n"));
66 goto done;
67 }
68
69 /* There is a race condition between fetching the trust account
70 password and the periodic machine password change. So it's
71 possible that the trust account password has been changed on us.
72 We are returned NT_STATUS_ACCESS_DENIED if this happens. */
73
74 #define MAX_RETRIES 8
75
76 if ((num_retries < MAX_RETRIES) &&
77 NT_STATUS_V(result) == NT_STATUS_V(NT_STATUS_ACCESS_DENIED)) {
78 num_retries++;
79 goto again;
80 }
81
82 /* Pass back result code - zero for success, other values for
83 specific failures. */
84
85 DEBUG(3, ("secret is %s\n", NT_STATUS_IS_OK(result) ?
86 "good" : "bad"));
87
88 done:
89 state->response.data.auth.nt_status = NT_STATUS_V(result);
90 fstrcpy(state->response.data.auth.nt_status_string, nt_errstr(result));
91 fstrcpy(state->response.data.auth.error_string, nt_errstr(result));
92 state->response.data.auth.pam_error = nt_status_to_pam(result);
93
94 DEBUG(NT_STATUS_IS_OK(result) ? 5 : 2, ("Checking the trust account password returned %s\n",
95 state->response.data.auth.nt_status_string));
96
97 return NT_STATUS_IS_OK(result) ? WINBINDD_OK : WINBINDD_ERROR;
98 }
99
100 void winbindd_list_trusted_domains(struct winbindd_cli_state *state)
101 {
102 struct winbindd_domain *d = NULL;
103 int extra_data_len = 0;
104 char *extra_data = NULL;
105
106 DEBUG(3, ("[%5lu]: list trusted domains\n",
107 (unsigned long)state->pid));
108
109 for ( d=domain_list(); d; d=d->next ) {
110 if ( !extra_data ) {
111 extra_data = talloc_asprintf(
112 state->mem_ctx, "%s\\%s\\%s",
113 d->name, d->alt_name ? d->alt_name : d->name,
114 sid_string_talloc(state->mem_ctx, &d->sid));
115 } else {
116 extra_data = talloc_asprintf(
117 state->mem_ctx, "%s\n%s\\%s\\%s",
118 extra_data, d->name,
119 d->alt_name ? d->alt_name : d->name,
120 sid_string_talloc(state->mem_ctx, &d->sid));
121 }
122 }
123
124 extra_data_len = 0;
125 if (extra_data != NULL) {
126 extra_data_len = strlen(extra_data);
127 }
128
129 if (extra_data_len > 0) {
130 state->response.extra_data.data = SMB_STRDUP(extra_data);
131 state->response.length += extra_data_len+1;
132 }
133
134 TALLOC_FREE( extra_data );
135
136 request_ok(state);
137 }
138
139 enum winbindd_result winbindd_dual_list_trusted_domains(struct winbindd_domain *domain,
140 struct winbindd_cli_state *state)
141 {
142 uint32 i, num_domains;
143 char **names, **alt_names;
144 DOM_SID *sids;
145 int extra_data_len = 0;
146 char *extra_data;
147 NTSTATUS result;
148 bool have_own_domain = False;
149
150 DEBUG(3, ("[%5lu]: list trusted domains\n",
151 (unsigned long)state->pid));
152
153 result = domain->methods->trusted_domains(domain, state->mem_ctx,
154 &num_domains, &names,
155 &alt_names, &sids);
156
157 if (!NT_STATUS_IS_OK(result)) {
158 DEBUG(3, ("winbindd_dual_list_trusted_domains: trusted_domains returned %s\n",
159 nt_errstr(result) ));
160 return WINBINDD_ERROR;
161 }
162
163 extra_data = talloc_strdup(state->mem_ctx, "");
164
165 if (num_domains > 0)
166 extra_data = talloc_asprintf(
167 state->mem_ctx, "%s\\%s\\%s",
168 names[0], alt_names[0] ? alt_names[0] : names[0],
169 sid_string_talloc(state->mem_ctx, &sids[0]));
170
171 for (i=1; i<num_domains; i++)
172 extra_data = talloc_asprintf(
173 state->mem_ctx, "%s\n%s\\%s\\%s",
174 extra_data, names[i],
175 alt_names[i] ? alt_names[i] : names[i],
176 sid_string_talloc(state->mem_ctx, &sids[i]));
177
178 /* add our primary domain */
179
180 for (i=0; i<num_domains; i++) {
181 if (strequal(names[i], domain->name)) {
182 have_own_domain = True;
183 break;
184 }
185 }
186
187 if (state->request.data.list_all_domains && !have_own_domain) {
188 extra_data = talloc_asprintf(
189 state->mem_ctx, "%s\n%s\\%s\\%s",
190 extra_data, domain->name,
191 domain->alt_name ? domain->alt_name : domain->name,
192 sid_string_talloc(state->mem_ctx, &domain->sid));
193 }
194
195 /* This is a bit excessive, but the extra data sooner or later will be
196 talloc'ed */
197
198 extra_data_len = 0;
199 if (extra_data != NULL) {
200 extra_data_len = strlen(extra_data);
201 }
202
203 if (extra_data_len > 0) {
204 state->response.extra_data.data = SMB_STRDUP(extra_data);
205 state->response.length += extra_data_len+1;
206 }
207
208 return WINBINDD_OK;
209 }
210
211 void winbindd_getdcname(struct winbindd_cli_state *state)
212 {
213 struct winbindd_domain *domain;
214
215 state->request.domain_name
216 [sizeof(state->request.domain_name)-1] = '\0';
217
218 DEBUG(3, ("[%5lu]: Get DC name for %s\n", (unsigned long)state->pid,
219 state->request.domain_name));
220
221 domain = find_domain_from_name_noinit(state->request.domain_name);
222 if (domain && domain->internal) {
223 fstrcpy(state->response.data.dc_name, global_myname());
224 request_ok(state);
225 return;
226 }
227
228 sendto_domain(state, find_our_domain());
229 }
230
231 enum winbindd_result winbindd_dual_getdcname(struct winbindd_domain *domain,
232 struct winbindd_cli_state *state)
233 {
234 char *dcname_slash = NULL;
235 char *p;
236 struct rpc_pipe_client *netlogon_pipe;
237 NTSTATUS result;
238 WERROR werr;
239 unsigned int orig_timeout;
240 struct winbindd_domain *req_domain;
241
242 state->request.domain_name
243 [sizeof(state->request.domain_name)-1] = '\0';
244
245 DEBUG(3, ("[%5lu]: Get DC name for %s\n", (unsigned long)state->pid,
246 state->request.domain_name));
247
248 result = cm_connect_netlogon(domain, &netlogon_pipe);
249
250 if (!NT_STATUS_IS_OK(result)) {
251 DEBUG(1, ("Can't contact the NETLOGON pipe\n"));
252 return WINBINDD_ERROR;
253 }
254
255 /* This call can take a long time - allow the server to time out.
256 35 seconds should do it. */
257
258 orig_timeout = cli_set_timeout(netlogon_pipe->cli, 35000);
259
260 req_domain = find_domain_from_name_noinit(state->request.domain_name);
261 if (req_domain == domain) {
262 werr = rpccli_netlogon_getdcname(netlogon_pipe, state->mem_ctx,
263 domain->dcname,
264 state->request.domain_name,
265 &dcname_slash);
266 } else {
267 werr = rpccli_netlogon_getanydcname(netlogon_pipe, state->mem_ctx,
268 domain->dcname,
269 state->request.domain_name,
270 &dcname_slash);
271 }
272 /* And restore our original timeout. */
273 cli_set_timeout(netlogon_pipe->cli, orig_timeout);
274
275 if (!W_ERROR_IS_OK(werr)) {
276 DEBUG(5, ("Error requesting DCname for domain %s: %s\n",
277 state->request.domain_name, dos_errstr(werr)));
278 return WINBINDD_ERROR;
279 }
280
281 p = dcname_slash;
282 if (*p == '\\') {
283 p+=1;
284 }
285 if (*p == '\\') {
286 p+=1;
287 }
288
289 fstrcpy(state->response.data.dc_name, p);
290 return WINBINDD_OK;
291 }
292
293 struct sequence_state {
294 TALLOC_CTX *mem_ctx;
295 struct winbindd_cli_state *cli_state;
296 struct winbindd_domain *domain;
297 struct winbindd_request *request;
298 struct winbindd_response *response;
299 char *extra_data;
300 };
301
302 static void sequence_recv(void *private_data, bool success);
303
304 void winbindd_show_sequence(struct winbindd_cli_state *state)
305 {
306 struct sequence_state *seq;
307
308 /* Ensure null termination */
309 state->request.domain_name[sizeof(state->request.domain_name)-1]='\0';
310
311 if (strlen(state->request.domain_name) > 0) {
312 struct winbindd_domain *domain;
313 domain = find_domain_from_name_noinit(
314 state->request.domain_name);
315 if (domain == NULL) {
316 request_error(state);
317 return;
318 }
319 sendto_domain(state, domain);
320 return;
321 }
322
323 /* Ask all domains in sequence, collect the results in sequence_recv */
324
325 seq = TALLOC_P(state->mem_ctx, struct sequence_state);
326 if (seq == NULL) {
327 DEBUG(0, ("talloc failed\n"));
328 request_error(state);
329 return;
330 }
331
332 seq->mem_ctx = state->mem_ctx;
333 seq->cli_state = state;
334 seq->domain = domain_list();
335 if (seq->domain == NULL) {
336 DEBUG(0, ("domain list empty\n"));
337 request_error(state);
338 return;
339 }
340 seq->request = TALLOC_ZERO_P(state->mem_ctx,
341 struct winbindd_request);
342 seq->response = TALLOC_ZERO_P(state->mem_ctx,
343 struct winbindd_response);
344 seq->extra_data = talloc_strdup(state->mem_ctx, "");
345
346 if ((seq->request == NULL) || (seq->response == NULL) ||
347 (seq->extra_data == NULL)) {
348 DEBUG(0, ("talloc failed\n"));
349 request_error(state);
350 return;
351 }
352
353 seq->request->length = sizeof(*seq->request);
354 seq->request->cmd = WINBINDD_SHOW_SEQUENCE;
355 fstrcpy(seq->request->domain_name, seq->domain->name);
356
357 async_domain_request(state->mem_ctx, seq->domain,
358 seq->request, seq->response,
359 sequence_recv, seq);
360 }
361
362 static void sequence_recv(void *private_data, bool success)
363 {
364 struct sequence_state *state =
365 (struct sequence_state *)private_data;
366 uint32 seq = DOM_SEQUENCE_NONE;
367
368 if ((success) && (state->response->result == WINBINDD_OK))
369 seq = state->response->data.sequence_number;
370
371 if (seq == DOM_SEQUENCE_NONE) {
372 state->extra_data = talloc_asprintf(state->mem_ctx,
373 "%s%s : DISCONNECTED\n",
374 state->extra_data,
375 state->domain->name);
376 } else {
377 state->extra_data = talloc_asprintf(state->mem_ctx,
378 "%s%s : %d\n",
379 state->extra_data,
380 state->domain->name, seq);
381 }
382
383 state->domain->sequence_number = seq;
384
385 state->domain = state->domain->next;
386
387 if (state->domain == NULL) {
388 struct winbindd_cli_state *cli_state = state->cli_state;
389 cli_state->response.length =
390 sizeof(cli_state->response) +
391 strlen(state->extra_data) + 1;
392 cli_state->response.extra_data.data =
393 SMB_STRDUP(state->extra_data);
394 request_ok(cli_state);
395 return;
396 }
397
398 /* Ask the next domain */
399 fstrcpy(state->request->domain_name, state->domain->name);
400 async_domain_request(state->mem_ctx, state->domain,
401 state->request, state->response,
402 sequence_recv, state);
403 }
404
405 /* This is the child-only version of --sequence. It only allows for a single
406 * domain (ie "our" one) to be displayed. */
407
408 enum winbindd_result winbindd_dual_show_sequence(struct winbindd_domain *domain,
409 struct winbindd_cli_state *state)
410 {
411 DEBUG(3, ("[%5lu]: show sequence\n", (unsigned long)state->pid));
412
413 /* Ensure null termination */
414 state->request.domain_name[sizeof(state->request.domain_name)-1]='\0';
415
416 domain->methods->sequence_number(domain, &domain->sequence_number);
417
418 state->response.data.sequence_number =
419 domain->sequence_number;
420
421 return WINBINDD_OK;
422 }
423
424 struct domain_info_state {
425 struct winbindd_domain *domain;
426 struct winbindd_cli_state *cli_state;
427 };
428
429 static void domain_info_init_recv(void *private_data, bool success);
430
431 void winbindd_domain_info(struct winbindd_cli_state *state)
432 {
433 struct winbindd_domain *domain;
434
435 DEBUG(3, ("[%5lu]: domain_info [%s]\n", (unsigned long)state->pid,
436 state->request.domain_name));
437
438 domain = find_domain_from_name_noinit(state->request.domain_name);
439
440 if (domain == NULL) {
441 DEBUG(3, ("Did not find domain [%s]\n",
442 state->request.domain_name));
443 request_error(state);
444 return;
445 }
446
447 if (!domain->initialized) {
448 struct domain_info_state *istate;
449
450 istate = TALLOC_P(state->mem_ctx, struct domain_info_state);
451 if (istate == NULL) {
452 DEBUG(0, ("talloc failed\n"));
453 request_error(state);
454 return;
455 }
456
457 istate->cli_state = state;
458 istate->domain = domain;
459
460 init_child_connection(domain, domain_info_init_recv, istate);
461
462 return;
463 }
464
465 fstrcpy(state->response.data.domain_info.name,
466 domain->name);
467 fstrcpy(state->response.data.domain_info.alt_name,
468 domain->alt_name);
469 sid_to_fstring(state->response.data.domain_info.sid, &domain->sid);
470
471 state->response.data.domain_info.native_mode =
472 domain->native_mode;
473 state->response.data.domain_info.active_directory =
474 domain->active_directory;
475 state->response.data.domain_info.primary =
476 domain->primary;
477
478 request_ok(state);
479 }
480
481 static void domain_info_init_recv(void *private_data, bool success)
482 {
483 struct domain_info_state *istate =
484 (struct domain_info_state *)private_data;
485 struct winbindd_cli_state *state = istate->cli_state;
486 struct winbindd_domain *domain = istate->domain;
487
488 DEBUG(10, ("Got back from child init: %d\n", success));
489
490 if ((!success) || (!domain->initialized)) {
491 DEBUG(5, ("Could not init child for domain %s\n",
492 domain->name));
493 request_error(state);
494 return;
495 }
496
497 fstrcpy(state->response.data.domain_info.name,
498 domain->name);
499 fstrcpy(state->response.data.domain_info.alt_name,
500 domain->alt_name);
501 sid_to_fstring(state->response.data.domain_info.sid, &domain->sid);
502
503 state->response.data.domain_info.native_mode =
504 domain->native_mode;
505 state->response.data.domain_info.active_directory =
506 domain->active_directory;
507 state->response.data.domain_info.primary =
508 domain->primary;
509
510 request_ok(state);
511 }
512
513 void winbindd_ping(struct winbindd_cli_state *state)
514 {
515 DEBUG(3, ("[%5lu]: ping\n", (unsigned long)state->pid));
516 request_ok(state);
517 }
518
519 /* List various tidbits of information */
520
521 void winbindd_info(struct winbindd_cli_state *state)
522 {
523
524 DEBUG(3, ("[%5lu]: request misc info\n", (unsigned long)state->pid));
525
526 state->response.data.info.winbind_separator = *lp_winbind_separator();
527 fstrcpy(state->response.data.info.samba_version, SAMBA_VERSION_STRING);
528 request_ok(state);
529 }
530
531 /* Tell the client the current interface version */
532
533 void winbindd_interface_version(struct winbindd_cli_state *state)
534 {
535 DEBUG(3, ("[%5lu]: request interface version\n",
536 (unsigned long)state->pid));
537
538 state->response.data.interface_version = WINBIND_INTERFACE_VERSION;
539 request_ok(state);
540 }
541
542 /* What domain are we a member of? */
543
544 void winbindd_domain_name(struct winbindd_cli_state *state)
545 {
546 DEBUG(3, ("[%5lu]: request domain name\n", (unsigned long)state->pid));
547
548 fstrcpy(state->response.data.domain_name, lp_workgroup());
549 request_ok(state);
550 }
551
552 /* What's my name again? */
553
554 void winbindd_netbios_name(struct winbindd_cli_state *state)
555 {
556 DEBUG(3, ("[%5lu]: request netbios name\n",
557 (unsigned long)state->pid));
558
559 fstrcpy(state->response.data.netbios_name, global_myname());
560 request_ok(state);
561 }
562
563 /* Where can I find the privilaged pipe? */
564
565 void winbindd_priv_pipe_dir(struct winbindd_cli_state *state)
566 {
567
568 DEBUG(3, ("[%5lu]: request location of privileged pipe\n",
569 (unsigned long)state->pid));
570
571 state->response.extra_data.data = SMB_STRDUP(get_winbind_priv_pipe_dir());
572 if (!state->response.extra_data.data) {
573 DEBUG(0, ("malloc failed\n"));
574 request_error(state);
575 return;
576 }
577
578 /* must add one to length to copy the 0 for string termination */
579 state->response.length +=
580 strlen((char *)state->response.extra_data.data) + 1;
581
582 request_ok(state);
583 }
584
WIP