svn commit: samba r7244 - in trunk/source: auth nsswitch script
vlendec at samba.org
vlendec at samba.org
Fri Jun 3 15:42:12 GMT 2005
Author: vlendec
Date: 2005-06-03 15:42:11 +0000 (Fri, 03 Jun 2005)
New Revision: 7244
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=7244
Log:
Don't look at gencache.tdb for the trusted domains if winbind is around.
Volker
Modified:
trunk/source/auth/auth_util.c
trunk/source/nsswitch/wb_client.c
trunk/source/script/mkproto.awk
Changeset:
Modified: trunk/source/auth/auth_util.c
===================================================================
--- trunk/source/auth/auth_util.c 2005-06-03 15:42:03 UTC (rev 7243)
+++ trunk/source/auth/auth_util.c 2005-06-03 15:42:11 UTC (rev 7244)
@@ -1532,11 +1532,26 @@
return True;
}
else {
- /* if winbindd is not up and we are a domain member) then we need to update the
- trustdom_cache ourselves */
+ NSS_STATUS result;
- if ( !winbind_ping() )
- update_trustdom_cache();
+ /* If winbind is around, ask it */
+
+ result = wb_is_trusted_domain(dom_name);
+
+ if (result == NSS_STATUS_SUCCESS) {
+ return True;
+ }
+
+ if (result == NSS_STATUS_NOTFOUND) {
+ /* winbind could not find the domain */
+ return False;
+ }
+
+ /* The only other possible result is that winbind is not up
+ and running. We need to update the trustdom_cache
+ ourselves */
+
+ update_trustdom_cache();
}
/* now the trustdom cache should be available a DC could still
Modified: trunk/source/nsswitch/wb_client.c
===================================================================
--- trunk/source/nsswitch/wb_client.c 2005-06-03 15:42:03 UTC (rev 7243)
+++ trunk/source/nsswitch/wb_client.c 2005-06-03 15:42:11 UTC (rev 7244)
@@ -420,4 +420,35 @@
return result == NSS_STATUS_SUCCESS;
}
+/**********************************************************************
+ Is a domain trusted?
+ result == NSS_STATUS_UNAVAIL: winbind not around
+ result == NSS_STATUS_NOTFOUND: winbind around, but domain missing
+
+ Due to a bad API NSS_STATUS_NOTFOUND is returned both when winbind_off and
+ when winbind return WINBINDD_ERROR. So the semantics of this routine depends
+ on winbind_on. Grepping for winbind_off I just found 3 places where winbind
+ is turned off, and this does not conflict (as far as I have seen) with the
+ callers of is_trusted_domains.
+
+ I *hate* global variables....
+
+ Volker
+
+**********************************************************************/
+
+NSS_STATUS wb_is_trusted_domain(const char *domain)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+
+ /* Call winbindd */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ fstrcpy(request.domain_name, domain);
+
+ return winbindd_request(WINBINDD_DOMAIN_INFO, &request, &response);
+}
Modified: trunk/source/script/mkproto.awk
===================================================================
--- trunk/source/script/mkproto.awk 2005-06-03 15:42:03 UTC (rev 7243)
+++ trunk/source/script/mkproto.awk 2005-06-03 15:42:11 UTC (rev 7244)
@@ -132,7 +132,7 @@
gotstart = 1;
}
- if( $0 ~ /^WINBINDD_PW|^WINBINDD_GR|^NT_PRINTER_INFO_LEVEL_2|^LOGIN_CACHE|^krb5_error_code|^LDAP|^u32|^LUID_ATTR/ ) {
+ if( $0 ~ /^WINBINDD_PW|^WINBINDD_GR|^NT_PRINTER_INFO_LEVEL_2|^LOGIN_CACHE|^krb5_error_code|^LDAP|^u32|^LUID_ATTR|^NSS_STATUS/ ) {
gotstart = 1;
}
More information about the samba-cvs
mailing list