svn commit: samba r7244 - in trunk/source: auth nsswitch script

vlendec at samba.org vlendec at samba.org
Fri Jun 3 15:42:12 GMT 2005 

Author: vlendec
Date: 2005-06-03 15:42:11 +0000 (Fri, 03 Jun 2005)
New Revision: 7244

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=7244

Log:
Don't look at gencache.tdb for the trusted domains if winbind is around. 

Volker

Modified:
   trunk/source/auth/auth_util.c
   trunk/source/nsswitch/wb_client.c
   trunk/source/script/mkproto.awk


Changeset:
Modified: trunk/source/auth/auth_util.c
===================================================================
--- trunk/source/auth/auth_util.c	2005-06-03 15:42:03 UTC (rev 7243)
+++ trunk/source/auth/auth_util.c	2005-06-03 15:42:11 UTC (rev 7244)
@@ -1532,11 +1532,26 @@
 			return True;
 	}
 	else {
-		/* if winbindd is not up and we are a domain member) then we need to update the
-		   trustdom_cache ourselves */
+		NSS_STATUS result;
 
-		if ( !winbind_ping() )
-			update_trustdom_cache();
+		/* If winbind is around, ask it */
+
+		result = wb_is_trusted_domain(dom_name);
+
+		if (result == NSS_STATUS_SUCCESS) {
+			return True;
+		}
+
+		if (result == NSS_STATUS_NOTFOUND) {
+			/* winbind could not find the domain */
+			return False;
+		}
+
+		/* The only other possible result is that winbind is not up
+		   and running. We need to update the trustdom_cache
+		   ourselves */
+		
+		update_trustdom_cache();
 	}
 
 	/* now the trustdom cache should be available a DC could still

Modified: trunk/source/nsswitch/wb_client.c
===================================================================
--- trunk/source/nsswitch/wb_client.c	2005-06-03 15:42:03 UTC (rev 7243)
+++ trunk/source/nsswitch/wb_client.c	2005-06-03 15:42:11 UTC (rev 7244)
@@ -420,4 +420,35 @@
 	return result == NSS_STATUS_SUCCESS;
 }
 
+/**********************************************************************
+ Is a domain trusted?
 
+ result == NSS_STATUS_UNAVAIL: winbind not around
+ result == NSS_STATUS_NOTFOUND: winbind around, but domain missing
+
+ Due to a bad API NSS_STATUS_NOTFOUND is returned both when winbind_off and
+ when winbind return WINBINDD_ERROR. So the semantics of this routine depends
+ on winbind_on. Grepping for winbind_off I just found 3 places where winbind
+ is turned off, and this does not conflict (as far as I have seen) with the
+ callers of is_trusted_domains.
+
+ I *hate* global variables....
+
+ Volker
+
+**********************************************************************/
+
+NSS_STATUS wb_is_trusted_domain(const char *domain)
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+
+	/* Call winbindd */
+
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+
+	fstrcpy(request.domain_name, domain);
+
+	return winbindd_request(WINBINDD_DOMAIN_INFO, &request, &response);
+}

Modified: trunk/source/script/mkproto.awk
===================================================================
--- trunk/source/script/mkproto.awk	2005-06-03 15:42:03 UTC (rev 7243)
+++ trunk/source/script/mkproto.awk	2005-06-03 15:42:11 UTC (rev 7244)
@@ -132,7 +132,7 @@
     gotstart = 1;
   }
 
-  if( $0 ~ /^WINBINDD_PW|^WINBINDD_GR|^NT_PRINTER_INFO_LEVEL_2|^LOGIN_CACHE|^krb5_error_code|^LDAP|^u32|^LUID_ATTR/ ) {
+  if( $0 ~ /^WINBINDD_PW|^WINBINDD_GR|^NT_PRINTER_INFO_LEVEL_2|^LOGIN_CACHE|^krb5_error_code|^LDAP|^u32|^LUID_ATTR|^NSS_STATUS/ ) {
     gotstart = 1;
   }

More information about the samba-cvs mailing list