The branch, master has been updated via e9e2aead1e7 s3:rpcclient: Fix crash in rpcclient via 1ed9ece3ed1 s3:rpcclient: Fix trailing whitespace in cmd_dfs.c via 39d85c34d2b s3:script: Blackbox tests for the rpcclient DFS commands via 0f5d7ff1a9f s4:kdc: redirect pre-authentication failures to an RWDC via 27ee5ad713b s4:kdc: let pac functions in wdc-samba4.c take astgs_request_t via f33f73f82fb third_party/heimdal: import lorikeet-heimdal-202203031927 (commit 7abc451ddd74d0c2e57dbb32f3198bde8def73ab) via 95b1963339e examples: Update winbindd.stp and its generator script via e07f8901ec9 s3:winbind: Convert ListTrustedDomains parent/child call to NDR via d05b5366a63 s3:winbind: Remove list_all_domains condition always false via 64160686e45 s3:winbind: Move the function to list trusted domains to winbindd_dual_srv.c from 3f977cd6f83 s3:lib: Fix possible 32-bit arithmetic overflow
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit e9e2aead1e72709a2d67962440e8deecca8c536a Author: Pavel Filipenský <pfili...@redhat.com> Date: Thu Feb 17 19:20:46 2022 +0100 s3:rpcclient: Fix crash in rpcclient rpcclient SERVER -c 'dfsenum 5' dumps core Signed-off-by: Pavel Filipenský <pfili...@redhat.com> Reviewed-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Joseph Sutton <josephsut...@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Mon Mar 7 00:00:32 UTC 2022 on sn-devel-184 commit 1ed9ece3ed14b30c8971946920b2b2663d30cbe5 Author: Pavel Filipenský <pfili...@redhat.com> Date: Thu Feb 17 19:20:46 2022 +0100 s3:rpcclient: Fix trailing whitespace in cmd_dfs.c Signed-off-by: Pavel Filipenský <pfili...@redhat.com> Reviewed-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Joseph Sutton <josephsut...@catalyst.net.nz> commit 39d85c34d2b2b3b26f57980fc6955bc9f7f283a5 Author: Pavel Filipenský <pfili...@redhat.com> Date: Wed Feb 23 17:39:46 2022 +0100 s3:script: Blackbox tests for the rpcclient DFS commands Signed-off-by: Pavel Filipenský <pfili...@redhat.com> Reviewed-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Joseph Sutton <josephsut...@catalyst.net.nz> commit 0f5d7ff1a9fd14fd412b09883d413d1d660fa7be Author: Stefan Metzmacher <me...@samba.org> Date: Mon Feb 21 10:29:12 2022 +0100 s4:kdc: redirect pre-authentication failures to an RWDC The most important case is that we still have a previous password cached at the RODC and the inbound replication hasn't wiped the cache yet and we also haven't triggered a new replication yet. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14865 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 27ee5ad713b760e8226537d79c529ace1efb07bf Author: Stefan Metzmacher <me...@samba.org> Date: Thu Feb 24 21:31:52 2022 +0100 s4:kdc: let pac functions in wdc-samba4.c take astgs_request_t NOTE: This commit finally works again! This aligns us with the following Heimdal change: commit 11d8a053f50c88256b4d49c7e482c2eb8f6bde33 Author: Stefan Metzmacher <me...@samba.org> AuthorDate: Thu Feb 24 18:27:09 2022 +0100 Commit: Luke Howard <lu...@padl.com> CommitDate: Thu Mar 3 09:58:48 2022 +1100 kdc-plugin: also pass astgs_request_t to the pac related functions This is more consistent and allows the pac hooks to be more flexible. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=14865 Signed-off-by: Stefan Metzmacher <me...@samba.org> commit f33f73f82fb2d5d96928ce5910e2d0d939c2ff57 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Mar 3 19:17:06 2022 +0100 third_party/heimdal: import lorikeet-heimdal-202203031927 (commit 7abc451ddd74d0c2e57dbb32f3198bde8def73ab) NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN! BUG: https://bugzilla.samba.org/show_bug.cgi?id=14865 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 95b1963339e27667eacbe4b99e2501c1aba54b38 Author: Samuel Cabrero <scabr...@samba.org> Date: Tue Feb 15 17:46:17 2022 +0100 examples: Update winbindd.stp and its generator script Signed-off-by: Samuel Cabrero <scabr...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit e07f8901ec95aab8c36965000de185d99e642644 Author: Samuel Cabrero <scabr...@samba.org> Date: Fri Jun 4 15:36:16 2021 +0200 s3:winbind: Convert ListTrustedDomains parent/child call to NDR By using NDR we avoid manual marshalling (netr_DomainTrust array to text string) and unmarshalling (parse the received text string back to a netr_DomainTrust array). Signed-off-by: Samuel Cabrero <scabr...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit d05b5366a633110c627cf1d1f9d026d1a56e0123 Author: Samuel Cabrero <scabr...@samba.org> Date: Tue Mar 1 12:24:41 2022 +0100 s3:winbind: Remove list_all_domains condition always false The 'list_all_domains' flag in a winbind request is only set by the torture_winbind_struct_list_trustdom() test, in fact to check the flag is ignored. The WINBINDD_LIST_TRUSTDOM command received by winbind parent is handled by winbindd_list_trusted_domains() which fills the response from the cached domain list and does not handle the flag. The WINBINDD_LIST_TRUSTDOM command sent from the parent to the domain childs when the rescan timer expires do not set this flag, so this commit removes the code handling it in the child. Signed-off-by: Samuel Cabrero <scabr...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 64160686e4586b749efe070b3032fa855955947e Author: Samuel Cabrero <scabr...@samba.org> Date: Tue Mar 1 11:40:31 2022 +0100 s3:winbind: Move the function to list trusted domains to winbindd_dual_srv.c This function will be converted to a local RPC call handler so move it to the file including ndr_winbindd_scompat.c. Updated debug message and use newer debug macros. Signed-off-by: Samuel Cabrero <scabr...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> ----------------------------------------------------------------------- Summary of changes: examples/systemtap/generate-winbindd.stp.sh | 2 +- examples/systemtap/winbindd.stp | 42 +++--- librpc/idl/netlogon.idl | 4 +- librpc/idl/winbind.idl | 6 + selftest/knownfail | 1 - selftest/knownfail.d/rpc-dfs | 2 + source3/rpcclient/cmd_dfs.c | 18 +-- source3/script/tests/test_rpcclient_dfs.sh | 38 +++++ source3/selftest/tests.py | 5 + source3/winbindd/winbindd_domain.c | 4 - source3/winbindd/winbindd_dual_srv.c | 81 +++++++++++ source3/winbindd/winbindd_misc.c | 75 ---------- source3/winbindd/winbindd_proto.h | 2 - source3/winbindd/winbindd_util.c | 159 ++++----------------- source4/dsdb/tests/python/rodc_rwdc.py | 3 +- source4/kdc/hdb-samba4.c | 93 +++--------- source4/kdc/wdc-samba4.c | 10 +- third_party/heimdal/kdc/fast.c | 20 ++- third_party/heimdal/kdc/kdc-accessors.h | 20 +++ third_party/heimdal/kdc/kdc-plugin.c | 28 ++-- third_party/heimdal/kdc/kdc-plugin.h | 6 +- third_party/heimdal/kdc/kdc_locl.h | 5 + third_party/heimdal/kdc/kerberos5.c | 17 ++- third_party/heimdal/kdc/krb5tgs.c | 25 +++- third_party/heimdal/kdc/libkdc-exports.def | 3 + third_party/heimdal/kdc/mssfu.c | 5 +- third_party/heimdal/kdc/version-script.map | 3 + third_party/heimdal/lib/asn1/krb5.asn1 | 54 ++++++- third_party/heimdal/lib/asn1/libasn1-exports.def | 25 ++++ third_party/heimdal/lib/krb5/krb5.h | 4 + third_party/heimdal/lib/krb5/pac.c | 2 +- third_party/heimdal/lib/krb5/principal.c | 9 +- third_party/heimdal/tests/plugin/kdc_test_plugin.c | 8 +- 33 files changed, 415 insertions(+), 364 deletions(-) create mode 100644 selftest/knownfail.d/rpc-dfs create mode 100755 source3/script/tests/test_rpcclient_dfs.sh Changeset truncated at 500 lines: diff --git a/examples/systemtap/generate-winbindd.stp.sh b/examples/systemtap/generate-winbindd.stp.sh index d38bf2cab00..ec8e3af2828 100755 --- a/examples/systemtap/generate-winbindd.stp.sh +++ b/examples/systemtap/generate-winbindd.stp.sh @@ -3,13 +3,13 @@ outfile="$(dirname $0)/winbindd.stp" child_funcs="winbindd_dual_ping -winbindd_dual_list_trusted_domains winbindd_dual_init_connection winbindd_dual_pam_auth winbindd_dual_pam_auth_crap winbindd_dual_pam_logoff winbindd_dual_pam_chng_pswd_auth_crap winbindd_dual_pam_chauthtok +_wbint_ListTrustedDomains _wbint_LookupSid _wbint_LookupSids _wbint_LookupName diff --git a/examples/systemtap/winbindd.stp b/examples/systemtap/winbindd.stp index 0769312fd2b..60dd80a5c76 100644 --- a/examples/systemtap/winbindd.stp +++ b/examples/systemtap/winbindd.stp @@ -2,7 +2,7 @@ # # Systemtap script to instrument winbindd # -# Generated by examples/systemtap/generate-winbindd.stp.sh on Sat Jul 15 18:49:52 CEST 2017, do not edit +# Generated by examples/systemtap/generate-winbindd.stp.sh on mar 15 feb 2022 17:45:48 CET, do not edit # # Usage: # @@ -43,26 +43,6 @@ probe process("winbindd").function("winbindd_dual_ping").return { dc_svctime["winbindd_dual_ping"] <<< duration } -# -# winbind domain child function winbindd_dual_list_trusted_domains -# - -probe process("winbindd").function("winbindd_dual_list_trusted_domains") { - dc_running[tid(), "winbindd_dual_list_trusted_domains"] = gettimeofday_us() -} - -probe process("winbindd").function("winbindd_dual_list_trusted_domains").return { - if (!([tid(), "winbindd_dual_list_trusted_domains"] in dc_running)) - next - - end = gettimeofday_us() - begin = dc_running[tid(), "winbindd_dual_list_trusted_domains"] - delete dc_running[tid(), "winbindd_dual_list_trusted_domains"] - - duration = end - begin - dc_svctime["winbindd_dual_list_trusted_domains"] <<< duration -} - # # winbind domain child function winbindd_dual_init_connection # @@ -183,6 +163,26 @@ probe process("winbindd").function("winbindd_dual_pam_chauthtok").return { dc_svctime["winbindd_dual_pam_chauthtok"] <<< duration } +# +# winbind domain child function _wbint_ListTrustedDomains +# + +probe process("winbindd").function("_wbint_ListTrustedDomains") { + dc_running[tid(), "_wbint_ListTrustedDomains"] = gettimeofday_us() +} + +probe process("winbindd").function("_wbint_ListTrustedDomains").return { + if (!([tid(), "_wbint_ListTrustedDomains"] in dc_running)) + next + + end = gettimeofday_us() + begin = dc_running[tid(), "_wbint_ListTrustedDomains"] + delete dc_running[tid(), "_wbint_ListTrustedDomains"] + + duration = end - begin + dc_svctime["_wbint_ListTrustedDomains"] <<< duration +} + # # winbind domain child function _wbint_LookupSid # diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl index cbfc88fe078..05c592be7e5 100644 --- a/librpc/idl/netlogon.idl +++ b/librpc/idl/netlogon.idl @@ -1598,7 +1598,7 @@ interface netlogon /****************/ /* Function 0x24 */ - typedef struct { + typedef [public] struct { [string,charset(UTF16)] uint16 *netbios_name; [string,charset(UTF16)] uint16 *dns_name; netr_TrustFlags trust_flags; @@ -1609,7 +1609,7 @@ interface netlogon GUID guid; } netr_DomainTrust; - typedef struct { + typedef [public] struct { uint32 count; [size_is(count)] netr_DomainTrust *array; } netr_DomainTrustList; diff --git a/librpc/idl/winbind.idl b/librpc/idl/winbind.idl index a2bc81a9333..4acad1b091f 100644 --- a/librpc/idl/winbind.idl +++ b/librpc/idl/winbind.idl @@ -168,6 +168,12 @@ interface winbind [out,string,charset(UTF8)] char **dcname ); + NTSTATUS wbint_ListTrustedDomains( + [in,string,charset(UTF8)] char *client_name, + [in] hyper client_pid, + [out,ref] netr_DomainTrustList *domains + ); + /* Public methods available via IRPC */ typedef [switch_type(uint16)] union netr_LogonLevel netr_LogonLevel; diff --git a/selftest/knownfail b/selftest/knownfail index 2a5287cba2d..7e897dd026d 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -377,7 +377,6 @@ ^samba.tests.auth_log_pass_change.samba.tests.auth_log_pass_change.AuthLogPassChangeTests.test_rap_change_password\(ad_dc_ntvfs\) # We currently don't send referrals for LDAP modify of non-replicated attrs ^samba4.ldap.rodc.python\(rodc\).__main__.RodcTests.test_modify_nonreplicated.* -^samba4.ldap.rodc_rwdc.python.*.__main__.RodcRwdcTests.test_change_password_reveal_on_demand_kerberos # NETLOGON is disabled in any non-DC environments ^samba.tests.netlogonsvc.python\(ad_member\) ^samba.tests.netlogonsvc.python\(simpleserver\) diff --git a/selftest/knownfail.d/rpc-dfs b/selftest/knownfail.d/rpc-dfs new file mode 100644 index 00000000000..8ab72ff7b38 --- /dev/null +++ b/selftest/knownfail.d/rpc-dfs @@ -0,0 +1,2 @@ +#_dfs_EnumEx() is not implemented on RPC server side +^samba3.blackbox.rpcclient_dfs.dfsenumex diff --git a/source3/rpcclient/cmd_dfs.c b/source3/rpcclient/cmd_dfs.c index 1bc4d5c93c0..8177871dc17 100644 --- a/source3/rpcclient/cmd_dfs.c +++ b/source3/rpcclient/cmd_dfs.c @@ -1,4 +1,4 @@ -/* +/* Unix SMB/CIFS implementation. RPC pipe client @@ -9,12 +9,12 @@ it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -62,7 +62,7 @@ static WERROR cmd_dfs_add(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct dcerpc_binding_handle *b = cli->binding_handle; if (argc != 5) { - printf("Usage: %s path servername sharename comment\n", + printf("Usage: %s path servername sharename comment\n", argv[0]); return WERR_OK; } @@ -162,7 +162,7 @@ static void display_dfs_info(uint32_t level, union dfs_Info *ctr) display_dfs_info_3(ctr->info3); break; default: - printf("unsupported info level %d\n", + printf("unsupported info level %d\n", level); break; } @@ -171,7 +171,7 @@ static void display_dfs_info(uint32_t level, union dfs_Info *ctr) static void display_dfs_enumstruct(struct dfs_EnumStruct *ctr) { int i; - + /* count is always the first element, so we can just use info1 here */ for (i = 0; i < ctr->e.info1->count; i++) { switch (ctr->level) { @@ -179,7 +179,7 @@ static void display_dfs_enumstruct(struct dfs_EnumStruct *ctr) case 2: display_dfs_info_2(&ctr->e.info2->s[i]); break; case 3: display_dfs_info_3(&ctr->e.info3->s[i]); break; default: - printf("unsupported info level %d\n", + printf("unsupported info level %d\n", ctr->level); return; } @@ -222,7 +222,7 @@ static WERROR cmd_dfs_enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, case 300: str.e.info300 = &info300; ZERO_STRUCT(info300); break; default: printf("Unknown info level %d\n", str.level); - break; + return WERR_OK; } result = dcerpc_dfs_Enum(b, mem_ctx, str.level, 0xFFFFFFFF, &str, @@ -274,7 +274,7 @@ static WERROR cmd_dfs_enumex(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, case 300: str.e.info300 = &info300; ZERO_STRUCT(info300); break; default: printf("Unknown info level %d\n", str.level); - break; + return WERR_OK; } result = dcerpc_dfs_EnumEx(b, mem_ctx, argv[1], str.level, diff --git a/source3/script/tests/test_rpcclient_dfs.sh b/source3/script/tests/test_rpcclient_dfs.sh new file mode 100755 index 00000000000..334de1b6ffb --- /dev/null +++ b/source3/script/tests/test_rpcclient_dfs.sh @@ -0,0 +1,38 @@ +#!/bin/sh +# +# Copyright (c) 2022 Pavel Filipenský <pfili...@redhat.com> +# +# Blackbox tests for the rpcclient DFS commands + +if [ $# -lt 4 ]; then +cat <<EOF +Usage: test_rpcclient_dfs.sh USERNAME PASSWORD SERVER RPCCLIENT +EOF +exit 1; +fi + +USERNAME="$1" +PASSWORD="$2" +SERVER="$3" +RPCCLIENT="$4" + +RPCCLIENTCMD="${VALGRIND} ${RPCCLIENT} ${SERVER} -U${USERNAME}%${PASSWORD}" + +incdir=$(dirname "$0")/../../../testprogs/blackbox +. "${incdir}"/subunit.sh + +failed=0 + +${RPCCLIENTCMD} -c "dfsversion" +RC=$? +testit "dfsversion" test ${RC} -eq 0 || failed=$((failed + 1)) + +${RPCCLIENTCMD} -c "dfsenum 5" +RC=$? +testit "dfsenum" test ${RC} -eq 0 || failed=$((failed + 1)) + +${RPCCLIENTCMD} -c "dfsenumex 5" +RC=$? +testit "dfsenumex" test ${RC} -eq 0 || failed=$((failed + 1)) + +testok "$0" "${failed}" diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 16303ab559d..9561e49d7e1 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -1247,6 +1247,11 @@ plantestsuite("samba3.blackbox.rpcclient_lookup", "simpleserver", "$USERNAME", "$PASSWORD", "$SERVER", os.path.join(bindir(), "rpcclient")]) +plantestsuite("samba3.blackbox.rpcclient_dfs", "fileserver:local", + [os.path.join(samba3srcdir, "script/tests/test_rpcclient_dfs.sh"), + "$USERNAME", "$PASSWORD", "$SERVER", + os.path.join(bindir(), "rpcclient")]) + plantestsuite("samba3.blackbox.rpcclient.pw-nt-hash", "simpleserver", [os.path.join(samba3srcdir, "script/tests/test_rpcclient_pw_nt_hash.sh"), "$USERNAME", "$PASSWORD", "$SERVER", diff --git a/source3/winbindd/winbindd_domain.c b/source3/winbindd/winbindd_domain.c index e998275c8e2..fdf5768c526 100644 --- a/source3/winbindd/winbindd_domain.c +++ b/source3/winbindd/winbindd_domain.c @@ -30,10 +30,6 @@ static const struct winbindd_child_dispatch_table domain_dispatch_table[] = { .name = "PING", .struct_cmd = WINBINDD_PING, .struct_fn = winbindd_dual_ping, - },{ - .name = "LIST_TRUSTDOM", - .struct_cmd = WINBINDD_LIST_TRUSTDOM, - .struct_fn = winbindd_dual_list_trusted_domains, },{ .name = "INIT_CONNECTION", .struct_cmd = WINBINDD_INIT_CONNECTION, diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index cefd134f2c6..3daa8468ddc 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -1927,4 +1927,85 @@ reconnect: return status; } +NTSTATUS _wbint_ListTrustedDomains(struct pipes_struct *p, + struct wbint_ListTrustedDomains *r) +{ + struct winbindd_domain *domain = wb_child_domain(); + uint32_t i, n; + NTSTATUS result; + struct netr_DomainTrustList trusts; + struct netr_DomainTrustList *out = NULL; + pid_t client_pid; + + if (domain == NULL) { + return NT_STATUS_REQUEST_NOT_ACCEPTED; + } + + /* Cut client_pid to 32bit */ + client_pid = r->in.client_pid; + if ((uint64_t)client_pid != r->in.client_pid) { + DBG_DEBUG("pid out of range\n"); + return NT_STATUS_INVALID_PARAMETER; + } + + DBG_NOTICE("[%s %"PRIu32"]: list trusted domains\n", + r->in.client_name, client_pid); + + result = wb_cache_trusted_domains(domain, p->mem_ctx, &trusts); + if (!NT_STATUS_IS_OK(result)) { + DBG_NOTICE("wb_cache_trusted_domains returned %s\n", + nt_errstr(result)); + return result; + } + + out = talloc_zero(p->mem_ctx, struct netr_DomainTrustList); + if (out == NULL) { + return NT_STATUS_NO_MEMORY; + } + + r->out.domains = out; + + for (i=0; i<trusts.count; i++) { + if (trusts.array[i].sid == NULL) { + continue; + } + if (dom_sid_equal(trusts.array[i].sid, &global_sid_NULL)) { + continue; + } + + n = out->count; + out->array = talloc_realloc(out, out->array, + struct netr_DomainTrust, + n + 1); + if (out->array == NULL) { + return NT_STATUS_NO_MEMORY; + } + out->count = n + 1; + + out->array[n].netbios_name = talloc_steal( + out->array, trusts.array[i].netbios_name); + if (out->array[n].netbios_name == NULL) { + return NT_STATUS_NO_MEMORY; + } + + out->array[n].dns_name = talloc_steal( + out->array, trusts.array[i].dns_name); + if (out->array[n].dns_name == NULL) { + return NT_STATUS_NO_MEMORY; + } + + out->array[n].sid = dom_sid_dup(out->array, + trusts.array[i].sid); + if (out->array[n].sid == NULL) { + return NT_STATUS_NO_MEMORY; + } + + out->array[n].trust_flags = trusts.array[i].trust_flags; + out->array[n].trust_type = trusts.array[i].trust_type; + out->array[n].trust_attributes = trusts.array[i].trust_attributes; + } + + return NT_STATUS_OK; +} + #include "librpc/gen_ndr/ndr_winbind_scompat.c" diff --git a/source3/winbindd/winbindd_misc.c b/source3/winbindd/winbindd_misc.c index db7e1c87dee..e7e2021bec3 100644 --- a/source3/winbindd/winbindd_misc.c +++ b/source3/winbindd/winbindd_misc.c @@ -277,81 +277,6 @@ done: return ret; } -enum winbindd_result winbindd_dual_list_trusted_domains(struct winbindd_domain *domain, - struct winbindd_cli_state *state) -{ - uint32_t i; - int extra_data_len = 0; - char *extra_data; - NTSTATUS result; - bool have_own_domain = False; - struct netr_DomainTrustList trusts; - - DBG_NOTICE("[%s %u]: list trusted domains\n", - state->client_name, - (unsigned int)state->pid); - - result = wb_cache_trusted_domains(domain, state->mem_ctx, &trusts); - - if (!NT_STATUS_IS_OK(result)) { - DEBUG(3, ("winbindd_dual_list_trusted_domains: trusted_domains returned %s\n", - nt_errstr(result) )); - return WINBINDD_ERROR; - } - - extra_data = talloc_strdup(state->mem_ctx, ""); - - for (i=0; i<trusts.count; i++) { - struct dom_sid_buf buf; - - if (trusts.array[i].sid == NULL) { - continue; - } - if (dom_sid_equal(trusts.array[i].sid, &global_sid_NULL)) { - continue; - } - - extra_data = talloc_asprintf_append_buffer( - extra_data, "%s\\%s\\%s\\%u\\%u\\%u\n", - trusts.array[i].netbios_name, trusts.array[i].dns_name, - dom_sid_str_buf(trusts.array[i].sid, &buf), - trusts.array[i].trust_flags, - (uint32_t)trusts.array[i].trust_type, - trusts.array[i].trust_attributes); - } - - /* add our primary domain */ - - for (i=0; i<trusts.count; i++) { - if (strequal(trusts.array[i].netbios_name, domain->name)) { - have_own_domain = True; - break; - } - } - - if (state->request->data.list_all_domains && !have_own_domain) { - struct dom_sid_buf buf; - extra_data = talloc_asprintf_append_buffer( - extra_data, "%s\\%s\\%s\n", domain->name, - domain->alt_name != NULL ? - domain->alt_name : - domain->name, - dom_sid_str_buf(&domain->sid, &buf)); - } - - extra_data_len = strlen(extra_data); - if (extra_data_len > 0) { - - /* Strip the last \n */ - extra_data[extra_data_len-1] = '\0'; - - state->response->extra_data.data = extra_data; - state->response->length += extra_data_len; - } - - return WINBINDD_OK; -} - bool winbindd_dc_info(struct winbindd_cli_state *cli) { struct winbindd_domain *domain; diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index 16c23f3de40..b9b7be40245 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -396,8 +396,6 @@ struct dcerpc_binding_handle *locator_child_handle(void); /* The following definitions come from winbindd/winbindd_misc.c */ bool winbindd_list_trusted_domains(struct winbindd_cli_state *state); -enum winbindd_result winbindd_dual_list_trusted_domains(struct winbindd_domain *domain, - struct winbindd_cli_state *state); bool winbindd_dc_info(struct winbindd_cli_state *state); bool winbindd_ping(struct winbindd_cli_state *state); bool winbindd_info(struct winbindd_cli_state *state); diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c index bd9d36bb248..53e7f32b5b9 100644 --- a/source3/winbindd/winbindd_util.c +++ b/source3/winbindd/winbindd_util.c @@ -376,7 +376,7 @@ bool domain_is_forest_root(const struct winbindd_domain *domain) struct trustdom_state { struct winbindd_domain *domain; - struct winbindd_request request; + struct netr_DomainTrustList trusts; }; -- Samba Shared Repository