[SCM] Samba Shared Repository - branch master updated
Volker Lendecke
vlendec at samba.org
Mon Apr 19 06:28:15 MDT 2010
The branch, master has been updated
via 56b4aa3... s3: Move the in-memory ccache to the parent
via c04ce96... nsswitch: Add wbinfo --pam-logon
via e0d7a84... s3: Test for wb ccache access by smbclient
via 5aa8878... libwbclient: remove async libwbclient and talloc from libwbclient.so
via 7697253... libwbclient does not need talloc_free anymore
via 7072cc0... libwbclient: Make wbcListTrusts not use talloc
via d582caa... libwbclient: Make wbc_create_error_info not use talloc
via f4c8f51... libwbclient: Make wbcCredentialCache not use talloc
via 802876a... libwbclient: Make wbcAuthenticateUserEx not use talloc
via 406e55f... libwbclient: Make wbc_create_logon_info not use talloc
via d36829c... libwbclient: Make wbc_create_auth_info not use talloc
via 1ecdff2... libwbclient: Make wbc_create_password_policy_info not use talloc
via ac8860d... libwbclient: Test wbcGetGroups
via fc2cca5... libwbclient: Make wbcGetGroups not use talloc
via f6a34cb... libwbclient: Make wbc_create_domain_controller_info_ex not use talloc
via d959fec... libwbclient: Make wbcLookupDomainController not use talloc
via df831df... libwbclient: Make wbcLookupUserSids not use talloc
via 460e2d5... s3: Change the make test password to "testPw"
via 3aaa07a... libwbclient: Test wbcChangeUserPassword
via 496c459... libwbclient: Abstract out test_wbc_authenticate_user for reuse
via 9d0629d... s3-winbind: Allow changing the password for pdb
via 45eeed2... s3: Convert WINBINDD_PAM_LOGOFF to the new async API
via 518a4f5... s3: Convert WINBINDD_PAM_CHAUTHTOK to the new async API
via d869e7a... s3: Convert WINBINDD_PAM_AUTH_CRAP to the new async API
via 61ec0f5... s3: Convert WINBINDD_PAM_AUTH to the new async API
via fddef8f... libwbclient: Test wbcLogonUser
via 8869480... libwbclient: Make wbcAddNamedBlob not use talloc
via 8ebb999... libwbclient: Make wbcResolveWinsByIP not use talloc
via 1637be5... libwbclient: Make wbcResolveWinsByName not use talloc
via f3e87ec... libwbclient: Make wbcDomainInfo not use talloc
via 7f454c3... libwbclient: Make wbcInterfaceDetails not use talloc
via b62e57c... libwbclient: Test wbcAuthenticateUser[Ex]
via 77c0b01... libwbclient: Make _SID_COMPOSE a function instead of a macro
via b828985... libwbclient: Make wbcGetDisplayName not use talloc
via ae3edf8... libwbclient: Test wbcGetDisplayName
via 8f3ab43... libwbclient: Make wbcListGroups not use talloc
via 1152cba... libwbclient: Make wbcListUsers not use talloc
via cafba3d... winbindd: Fill in num_entries where available
via e80d0ec... libwbclient: Make wbcGetSidAliases not use talloc
via fec712a... s3: Add some debug to GETSIDALIASES
via 9e353a9... libwbclient: Test wbcGetSidAliases
via 4f5100b... libwbclient: Simplify test_wbc_domain_info a bit
via 679e7ef... libwbclient: Fix some pointless macro calls
via 3d3b84b... libwbclient: Take -21 into account in length guessing
via d29a5e6... libwbclient: Fix some pointless macro calls
via 4f88b70... libwbclient: Make wbcLookupRids not use talloc
via ab89238... libwbclient: Add wbcAllocateStringArray
via 250bea0... libwbclient: Test wbcLookupRids
via 0a96698... libwbclient: Make wbcLookupSid not use talloc
via a016230... libwbclient: Add wbcStrDup
via ed1981d... libwbclient: Convert wbcSidToString to not use talloc
via b75106b... libwbclient: Make copy_group_entry not use talloc
via 041be88... libwbclient: Make copy_passwd_entry not use talloc
via 20011f4... libwbclient: Make wbcGuidToString not use talloc
via 7699977... libwbclient: Make wbcLibraryDetails not use talloc
via f2a04a0... libwbclient: Add wbcAllocateMemory()
from 456351c... s4-waf: follow the configure directories for the empty install dirs
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 56b4aa326626128c178c838977ef9e3d564b7bc7
Author: Volker Lendecke <vl at samba.org>
Date: Sun Apr 18 14:14:43 2010 +0200
s3: Move the in-memory ccache to the parent
None of this blocks, so there is no reason to keep this in
a winbind child process
commit c04ce964e970b6f08fc768e93f5df2c5cbd09746
Author: Volker Lendecke <vl at samba.org>
Date: Sun Apr 18 14:10:35 2010 +0200
nsswitch: Add wbinfo --pam-logon
This does a wbcLogonUser with credential caching
commit e0d7a8424264bb9a240409b67d4c363e154097dc
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 17 21:31:57 2010 +0200
s3: Test for wb ccache access by smbclient
commit 5aa88782ce0615a3d171682fbb13a182e586ec69
Author: Volker Lendecke <vl at samba.org>
Date: Sun Apr 4 15:15:00 2010 +0200
libwbclient: remove async libwbclient and talloc from libwbclient.so
Except for tests there is right now no active user of this. We can easily
re-add this when smbd makes more use of it.
commit 76972533da513f8b7a1bca5f6a401d1476a9dba5
Author: Volker Lendecke <vl at samba.org>
Date: Sun Apr 4 14:20:15 2010 +0200
libwbclient does not need talloc_free anymore
commit 7072cc0c9d6b64f286bdb325bdc78aa7dba62ada
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 22:11:08 2010 +0200
libwbclient: Make wbcListTrusts not use talloc
commit d582caa1755114bda9e8789c444bb28c663a7e6b
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 14:52:08 2010 +0200
libwbclient: Make wbc_create_error_info not use talloc
commit f4c8f5146c6ee06e9ca77d77cb7f19e522ca31ff
Author: Volker Lendecke <vl at samba.org>
Date: Sun Apr 4 14:01:23 2010 +0200
libwbclient: Make wbcCredentialCache not use talloc
commit 802876af3b29a628f9489f17424b83cb17b194e0
Author: Volker Lendecke <vl at samba.org>
Date: Sun Apr 4 11:58:04 2010 +0200
libwbclient: Make wbcAuthenticateUserEx not use talloc
commit 406e55fafb54059a3fe91aa0111e83dad2fac6d5
Author: Volker Lendecke <vl at samba.org>
Date: Sun Apr 4 11:57:39 2010 +0200
libwbclient: Make wbc_create_logon_info not use talloc
commit d36829c108eb161fd20894c6b03a0f0f0e73a1be
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 23:08:20 2010 +0200
libwbclient: Make wbc_create_auth_info not use talloc
commit 1ecdff2bf8fcf857c3b452f7259cbc1078954c06
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 22:22:17 2010 +0200
libwbclient: Make wbc_create_password_policy_info not use talloc
commit ac8860d83d85ee80db510fe214abbfdc2bfdbef8
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 17 20:16:14 2010 +0200
libwbclient: Test wbcGetGroups
commit fc2cca5c28a603dc656b405019f82cafbe0c1d6a
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 22:20:04 2010 +0200
libwbclient: Make wbcGetGroups not use talloc
commit f6a34cb0e0305e0b5d393e4ee7a8ae86bde1e9a7
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 19:57:48 2010 +0200
libwbclient: Make wbc_create_domain_controller_info_ex not use talloc
commit d959fec39e636b531c36e4be88d7c97a86a8a1ce
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 17 19:57:11 2010 +0200
libwbclient: Make wbcLookupDomainController not use talloc
commit df831df6668dcdf3ccc1681383d085f38f402e9c
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 13:45:36 2010 +0200
libwbclient: Make wbcLookupUserSids not use talloc
commit 460e2d5dada63786cce168b704ea1c005be6db2e
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 17 15:51:27 2010 +0200
s3: Change the make test password to "testPw"
This way we can change back to it when testing testing wbcChangeUserPassword,
"test" is too short (<5 chars)
commit 3aaa07afea4fa66e2767fd3fb8f06b0018aaefa8
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 17 15:50:31 2010 +0200
libwbclient: Test wbcChangeUserPassword
commit 496c459388f56f9c79a3ca1cc1a913946d4e62be
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 17 14:05:57 2010 +0200
libwbclient: Abstract out test_wbc_authenticate_user for reuse
commit 9d0629d1552cac93ad8b746fa60122432762e6ac
Author: Volker Lendecke <vl at samba.org>
Date: Fri Apr 16 16:28:05 2010 +0200
s3-winbind: Allow changing the password for pdb
commit 45eeed2893e569483136c3f998eacb776d52e1ce
Author: Volker Lendecke <vl at samba.org>
Date: Thu Apr 1 16:44:16 2010 +0200
s3: Convert WINBINDD_PAM_LOGOFF to the new async API
commit 518a4f5423bb360cf886aa1ce951f5323f4b12f9
Author: Volker Lendecke <vl at samba.org>
Date: Thu Apr 1 12:35:14 2010 +0200
s3: Convert WINBINDD_PAM_CHAUTHTOK to the new async API
commit d869e7a0d85a4719078437539267c4acdf97dece
Author: Volker Lendecke <vl at samba.org>
Date: Tue Mar 30 23:02:36 2010 +0200
s3: Convert WINBINDD_PAM_AUTH_CRAP to the new async API
commit 61ec0f571ad81dc101fe6de7a8e9674a7119cf2b
Author: Volker Lendecke <vl at samba.org>
Date: Mon Mar 29 17:52:38 2010 +0200
s3: Convert WINBINDD_PAM_AUTH to the new async API
commit fddef8fd0ae169ebd2f20d9cc2458d2df44110a0
Author: Volker Lendecke <vl at samba.org>
Date: Tue Apr 13 22:52:17 2010 +0200
libwbclient: Test wbcLogonUser
commit 8869480f015215a8c9bf77cc6c646a4a02979f1d
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 19:50:25 2010 +0200
libwbclient: Make wbcAddNamedBlob not use talloc
commit 8ebb999b4ad7e01f1174f0943ea4240f4afbe5fd
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 15:03:49 2010 +0200
libwbclient: Make wbcResolveWinsByIP not use talloc
commit 1637be5c557e2e902568338c69967da6b0e7da27
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 15:03:20 2010 +0200
libwbclient: Make wbcResolveWinsByName not use talloc
commit f3e87ecd2c18c5ed56fa018925685d10f9804af0
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 15:02:40 2010 +0200
libwbclient: Make wbcDomainInfo not use talloc
commit 7f454c3078d27d14395fbb9b38a08b869e49d6a6
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 14:59:07 2010 +0200
libwbclient: Make wbcInterfaceDetails not use talloc
commit b62e57cec21fd8428ceb66e13a1e9856f8c6d40e
Author: Volker Lendecke <vl at samba.org>
Date: Sun Apr 4 21:38:38 2010 +0200
libwbclient: Test wbcAuthenticateUser[Ex]
commit 77c0b015c7719d3f0e3a97c4d339899857f019ab
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 14:46:11 2010 +0200
libwbclient: Make _SID_COMPOSE a function instead of a macro
commit b828985aa19f9d03823377cf64b7fb915ce0ba42
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 14:33:17 2010 +0200
libwbclient: Make wbcGetDisplayName not use talloc
commit ae3edf85d46f234eada5a7e36d97026e44005ea2
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 10 16:36:22 2010 +0200
libwbclient: Test wbcGetDisplayName
commit 8f3ab439f329234a47d8c32435a2e9606e8037da
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 14:31:57 2010 +0200
libwbclient: Make wbcListGroups not use talloc
commit 1152cba5d2bb241a87511b7289c4714ea3990e53
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 14:26:22 2010 +0200
libwbclient: Make wbcListUsers not use talloc
commit cafba3d7a772385da36f7571690ba2ce2262cef5
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 14:16:19 2010 +0200
winbindd: Fill in num_entries where available
The server implementation of WINBINDD_LIST_USERS, WINBINDD_LIST_GROUPS and
WINBINDD_LIST_TRUSTDOM knows the number of entries returned.
Bump up the version number so that a newer lib does not rely on something an
older winbind does not do.
commit e80d0ecf8b716ddb1d5bdeeb641bfee10e35c345
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 10 12:58:14 2010 +0200
libwbclient: Make wbcGetSidAliases not use talloc
commit fec712aca5d05a20f6f169fc821727737cd251c0
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 10 15:59:22 2010 +0200
s3: Add some debug to GETSIDALIASES
commit 9e353a917bd2aca572ac8c249dd4690ab2de94fd
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 10 15:53:07 2010 +0200
libwbclient: Test wbcGetSidAliases
commit 4f5100bcb2d720351d7ba1cc721e234236e69ea3
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 10 15:36:01 2010 +0200
libwbclient: Simplify test_wbc_domain_info a bit
commit 679e7ef6e68c9d355cc5f1764600ee8999b3e021
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 10 15:28:42 2010 +0200
libwbclient: Fix some pointless macro calls
commit 3d3b84bdec1406ef888b15d1fcd181b316fa7a86
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 10 12:57:13 2010 +0200
libwbclient: Take -21 into account in length guessing
commit d29a5e69f4343f0876c374968dc00198243afef2
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 13:45:20 2010 +0200
libwbclient: Fix some pointless macro calls
commit 4f88b7015de4a802ca98e6b9935b4d79115e48e0
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 13:44:49 2010 +0200
libwbclient: Make wbcLookupRids not use talloc
commit ab892389db3d7e42e617d38f24c1dff73d608bec
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 13:37:01 2010 +0200
libwbclient: Add wbcAllocateStringArray
commit 250bea02b586219275efc87d65fbae32b867ba86
Author: Volker Lendecke <vl at samba.org>
Date: Sun Apr 4 22:52:53 2010 +0200
libwbclient: Test wbcLookupRids
commit 0a966980f445a9fd9c39ca35dcaaec55c33ac749
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 12:01:43 2010 +0200
libwbclient: Make wbcLookupSid not use talloc
commit a0162303c6e23c8f1d72a0e788d2665a97d16b4b
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 11:59:29 2010 +0200
libwbclient: Add wbcStrDup
commit ed1981db05af87a48b17866b7e886d1e25fa8f77
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 3 11:14:23 2010 +0200
libwbclient: Convert wbcSidToString to not use talloc
commit b75106b2ed378b544fada49f1b80a5e6d9921e21
Author: Volker Lendecke <vl at samba.org>
Date: Tue Apr 6 22:16:32 2010 +0200
libwbclient: Make copy_group_entry not use talloc
commit 041be88bd04a8a054b8fcb254225889b6069de55
Author: Volker Lendecke <vl at samba.org>
Date: Tue Apr 6 22:16:07 2010 +0200
libwbclient: Make copy_passwd_entry not use talloc
commit 20011f4681754160c59725c066357d902e00102c
Author: Volker Lendecke <vl at samba.org>
Date: Tue Apr 6 22:14:39 2010 +0200
libwbclient: Make wbcGuidToString not use talloc
commit 769997786c62770873315363c5dc20661657fcbd
Author: Volker Lendecke <vl at samba.org>
Date: Tue Apr 6 22:14:03 2010 +0200
libwbclient: Make wbcLibraryDetails not use talloc
commit f2a04a0ccb7276dcd23efeade59368540c6570b2
Author: Volker Lendecke <vl at samba.org>
Date: Tue Apr 6 22:10:22 2010 +0200
libwbclient: Add wbcAllocateMemory()
This prepares for removing libwbclient's talloc dependency. It is a
non-hierarchical "talloc-lite" that has destructors. It is necessary because we
have the catch-call wbcFreeMemory call. Individual wbcFreeXXX calls for the
different structures wbclient returns would have made this easier, but
wbcFreeMemory is the API we have to live with.
-----------------------------------------------------------------------
Summary of changes:
nsswitch/libwbclient/tests/wbclient.c | 261 +++++++++++++++++++++-
nsswitch/libwbclient/wbc_guid.c | 34 ++--
nsswitch/libwbclient/wbc_pam.c | 165 +++++++++-----
nsswitch/libwbclient/wbc_pwd.c | 145 +++++++-----
nsswitch/libwbclient/wbc_sid.c | 273 +++++++++++------------
nsswitch/libwbclient/wbc_util.c | 235 ++++++++++++--------
nsswitch/libwbclient/wbclient.c | 86 +++++++-
nsswitch/libwbclient/wbclient_internal.h | 6 +
nsswitch/wbinfo.c | 78 +++++++
nsswitch/winbind_struct_protocol.h | 3 +-
source3/Makefile.in | 33 ++--
source3/script/tests/selftest.sh | 2 +-
source3/script/tests/test_smbclient_s3.sh | 33 +++
source3/winbindd/winbindd.c | 12 +-
source3/winbindd/winbindd_ccache_access.c | 65 ++----
source3/winbindd/winbindd_domain.c | 8 -
source3/winbindd/winbindd_getsidaliases.c | 9 +
source3/winbindd/winbindd_list_groups.c | 2 +
source3/winbindd/winbindd_list_users.c | 2 +
source3/winbindd/winbindd_misc.c | 2 +
source3/winbindd/winbindd_pam.c | 353 +++++------------------------
source3/winbindd/winbindd_pam_auth.c | 145 ++++++++++++
source3/winbindd/winbindd_pam_auth_crap.c | 122 ++++++++++
source3/winbindd/winbindd_pam_chauthtok.c | 150 ++++++++++++
source3/winbindd/winbindd_pam_logoff.c | 147 ++++++++++++
source3/winbindd/winbindd_proto.h | 35 +++-
26 files changed, 1647 insertions(+), 759 deletions(-)
create mode 100644 source3/winbindd/winbindd_pam_auth.c
create mode 100644 source3/winbindd/winbindd_pam_auth_crap.c
create mode 100644 source3/winbindd/winbindd_pam_chauthtok.c
create mode 100644 source3/winbindd/winbindd_pam_logoff.c
Changeset truncated at 500 lines:
diff --git a/nsswitch/libwbclient/tests/wbclient.c b/nsswitch/libwbclient/tests/wbclient.c
index 261163c..5be1fad 100644
--- a/nsswitch/libwbclient/tests/wbclient.c
+++ b/nsswitch/libwbclient/tests/wbclient.c
@@ -173,18 +173,16 @@ static bool test_wbc_guidtostring(struct torture_context *tctx)
static bool test_wbc_domain_info(struct torture_context *tctx)
{
- const char *domain_name = NULL;
struct wbcDomainInfo *info;
struct wbcInterfaceDetails *details;
torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
"wbcInterfaceDetails failed");
-
- domain_name = talloc_strdup(tctx, details->netbios_domain);
+ torture_assert_wbc_ok(
+ tctx, wbcDomainInfo(details->netbios_domain, &info),
+ "wbcDomainInfo failed");
wbcFreeMemory(details);
- torture_assert_wbc_ok(tctx, wbcDomainInfo(domain_name, &info),
- "wbcDomainInfo failed");
torture_assert(tctx, info,
"wbcDomainInfo returned NULL pointer");
wbcFreeMemory(info);
@@ -233,6 +231,12 @@ static bool test_wbc_users(struct torture_context *tctx)
wbcFreeMemory(name);
torture_assert_wbc_ok(tctx, wbcLookupUserSids(&sid, true, &num_sids, &sids),
"wbcLookupUserSids failed");
+ torture_assert_wbc_ok(
+ tctx, wbcGetDisplayName(&sid, &domain, &name,
+ &name_type),
+ "wbcGetDisplayName failed");
+ wbcFreeMemory(domain);
+ wbcFreeMemory(name);
wbcFreeMemory(sids);
}
wbcFreeMemory(users);
@@ -463,6 +467,241 @@ static bool test_wbc_resolve_winsbyip(struct torture_context *tctx)
return true;
}
+static bool test_wbc_lookup_rids(struct torture_context *tctx)
+{
+ struct wbcDomainSid builtin;
+ uint32_t rids[2] = { 544, 545 };
+ const char *domain_name, **names;
+ enum wbcSidType *types;
+ wbcErr ret;
+
+ wbcStringToSid("S-1-5-32", &builtin);
+
+ ret = wbcLookupRids(&builtin, 2, rids, &domain_name, &names,
+ &types);
+ torture_assert_wbc_ok(tctx, ret, "wbcLookupRids failed");
+
+ torture_assert_str_equal(
+ tctx, names[0], "Administrators",
+ "S-1-5-32-544 not mapped to 'Administrators'");
+ torture_assert_str_equal(
+ tctx, names[1], "Users", "S-1-5-32-545 not mapped to 'Users'");
+
+ wbcFreeMemory((char *)domain_name);
+ wbcFreeMemory(names);
+ wbcFreeMemory(types);
+
+ return true;
+}
+
+static bool test_wbc_get_sidaliases(struct torture_context *tctx)
+{
+ struct wbcDomainSid builtin;
+ struct wbcDomainInfo *info;
+ struct wbcInterfaceDetails *details;
+ struct wbcDomainSid sids[2];
+ uint32_t *rids;
+ uint32_t num_rids;
+ wbcErr ret;
+
+ torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
+ "wbcInterfaceDetails failed");
+ torture_assert_wbc_ok(
+ tctx, wbcDomainInfo(details->netbios_domain, &info),
+ "wbcDomainInfo failed");
+ wbcFreeMemory(details);
+
+ sids[0] = info->sid;
+ sids[0].sub_auths[sids[0].num_auths++] = 500;
+ sids[1] = info->sid;
+ sids[1].sub_auths[sids[1].num_auths++] = 512;
+ wbcFreeMemory(info);
+
+ torture_assert_wbc_ok(
+ tctx, wbcStringToSid("S-1-5-32", &builtin),
+ "wbcStringToSid failed");
+
+ ret = wbcGetSidAliases(&builtin, sids, 2, &rids, &num_rids);
+ torture_assert_wbc_ok(tctx, ret, "wbcGetSidAliases failed");
+
+ wbcFreeMemory(rids);
+
+ return true;
+}
+
+static bool test_wbc_authenticate_user_int(struct torture_context *tctx,
+ const char *correct_password)
+{
+ struct wbcAuthUserParams params;
+ struct wbcAuthUserInfo *info = NULL;
+ struct wbcAuthErrorInfo *error = NULL;
+ wbcErr ret;
+
+ ret = wbcAuthenticateUser(getenv("USERNAME"), correct_password);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcAuthenticateUser failed");
+
+ ZERO_STRUCT(params);
+ params.account_name = getenv("USERNAME");
+ params.level = WBC_AUTH_USER_LEVEL_PLAIN;
+ params.password.plaintext = correct_password;
+
+ ret = wbcAuthenticateUserEx(¶ms, &info, &error);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcAuthenticateUserEx failed");
+ wbcFreeMemory(info);
+ info = NULL;
+
+ wbcFreeMemory(error);
+ error = NULL;
+
+ params.password.plaintext = "wrong";
+ ret = wbcAuthenticateUserEx(¶ms, &info, &error);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
+ "wbcAuthenticateUserEx succeeded where it "
+ "should have failed");
+ wbcFreeMemory(info);
+ info = NULL;
+
+ wbcFreeMemory(error);
+ error = NULL;
+
+ return true;
+}
+
+static bool test_wbc_authenticate_user(struct torture_context *tctx)
+{
+ return test_wbc_authenticate_user_int(tctx, getenv("PASSWORD"));
+}
+
+static bool test_wbc_change_password(struct torture_context *tctx)
+{
+ wbcErr ret;
+
+ ret = wbcChangeUserPassword(getenv("USERNAME"), getenv("PASSWORD"),
+ "passW0rd");
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcChangeUserPassword failed");
+
+ if (!test_wbc_authenticate_user_int(tctx, "passW0rd")) {
+ return false;
+ }
+
+ ret = wbcChangeUserPassword(getenv("USERNAME"), "passW0rd",
+ getenv("PASSWORD"));
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcChangeUserPassword failed");
+
+ return test_wbc_authenticate_user_int(tctx, getenv("PASSWORD"));
+}
+
+static bool test_wbc_logon_user(struct torture_context *tctx)
+{
+ struct wbcLogonUserParams params;
+ struct wbcLogonUserInfo *info = NULL;
+ struct wbcAuthErrorInfo *error = NULL;
+ struct wbcUserPasswordPolicyInfo *policy = NULL;
+ struct wbcInterfaceDetails *iface;
+ struct wbcDomainSid sid;
+ enum wbcSidType sidtype;
+ char *sidstr;
+ wbcErr ret;
+
+ ZERO_STRUCT(params);
+
+ ret = wbcLogonUser(¶ms, &info, &error, &policy);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_INVALID_PARAM,
+ "wbcLogonUser succeeded where it should "
+ "have failed");
+
+ params.username = getenv("USERNAME");
+ params.password = getenv("PASSWORD");
+
+ ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs,
+ "foo", 0, discard_const_p(uint8_t, "bar"), 4);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcAddNamedBlob failed");
+
+ ret = wbcLogonUser(¶ms, &info, &error, &policy);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcLogonUser failed");
+ wbcFreeMemory(info); info = NULL;
+ wbcFreeMemory(error); error = NULL;
+ wbcFreeMemory(policy); policy = NULL;
+
+ params.password = "wrong";
+
+ ret = wbcLogonUser(¶ms, &info, &error, &policy);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
+ "wbcLogonUser should have failed with "
+ "WBC_ERR_AUTH_ERROR");
+ wbcFreeMemory(info); info = NULL;
+ wbcFreeMemory(error); error = NULL;
+ wbcFreeMemory(policy); policy = NULL;
+
+ ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs,
+ "membership_of", 0,
+ discard_const_p(uint8_t, "S-1-2-3-4"),
+ strlen("S-1-2-3-4")+1);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcAddNamedBlob failed");
+ params.password = getenv("PASSWORD");
+ ret = wbcLogonUser(¶ms, &info, &error, &policy);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
+ "wbcLogonUser should have failed with "
+ "WBC_ERR_AUTH_ERROR");
+ wbcFreeMemory(info); info = NULL;
+ wbcFreeMemory(error); error = NULL;
+ wbcFreeMemory(policy); policy = NULL;
+ wbcFreeMemory(params.blobs);
+ params.blobs = NULL; params.num_blobs = 0;
+
+ ret = wbcInterfaceDetails(&iface);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcInterfaceDetails failed");
+
+ ret = wbcLookupName(iface->netbios_domain, getenv("USERNAME"), &sid,
+ &sidtype);
+ wbcFreeMemory(iface);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcLookupName failed");
+
+ ret = wbcSidToString(&sid, &sidstr);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcSidToString failed");
+
+ ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs,
+ "membership_of", 0,
+ (uint8_t *)sidstr, strlen(sidstr)+1);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcAddNamedBlob failed");
+ wbcFreeMemory(sidstr);
+ params.password = getenv("PASSWORD");
+ ret = wbcLogonUser(¶ms, &info, &error, &policy);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcLogonUser failed");
+ wbcFreeMemory(info); info = NULL;
+ wbcFreeMemory(error); error = NULL;
+ wbcFreeMemory(policy); policy = NULL;
+ wbcFreeMemory(params.blobs);
+ params.blobs = NULL; params.num_blobs = 0;
+
+ return true;
+}
+
+static bool test_wbc_getgroups(struct torture_context *tctx)
+{
+ wbcErr ret;
+ uint32_t num_groups;
+ gid_t *groups;
+
+ ret = wbcGetGroups(getenv("USERNAME"), &num_groups, &groups);
+ torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
+ "wbcGetGroups failed");
+ wbcFreeMemory(groups);
+ return true;
+}
+
struct torture_suite *torture_wbclient(void)
{
struct torture_suite *suite = torture_suite_create(talloc_autofree_context(), "WBCLIENT");
@@ -484,6 +723,18 @@ struct torture_suite *torture_wbclient(void)
torture_suite_add_simple_test(suite, "wbcLookupDomainControllerEx", test_wbc_lookupdcex);
torture_suite_add_simple_test(suite, "wbcResolveWinsByName", test_wbc_resolve_winsbyname);
torture_suite_add_simple_test(suite, "wbcResolveWinsByIP", test_wbc_resolve_winsbyip);
+ torture_suite_add_simple_test(suite, "wbcLookupRids",
+ test_wbc_lookup_rids);
+ torture_suite_add_simple_test(suite, "wbcGetSidAliases",
+ test_wbc_get_sidaliases);
+ torture_suite_add_simple_test(suite, "wbcAuthenticateUser",
+ test_wbc_authenticate_user);
+ torture_suite_add_simple_test(suite, "wbcLogonUser",
+ test_wbc_logon_user);
+ torture_suite_add_simple_test(suite, "wbcChangeUserPassword",
+ test_wbc_change_password);
+ torture_suite_add_simple_test(suite, "wbcGetGroups",
+ test_wbc_getgroups);
return suite;
}
diff --git a/nsswitch/libwbclient/wbc_guid.c b/nsswitch/libwbclient/wbc_guid.c
index d55a197..52a64ca 100644
--- a/nsswitch/libwbclient/wbc_guid.c
+++ b/nsswitch/libwbclient/wbc_guid.c
@@ -29,28 +29,24 @@
wbcErr wbcGuidToString(const struct wbcGuid *guid,
char **guid_string)
{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ char *result;
- if (!guid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
+ result = (char *)wbcAllocateMemory(37, 1, NULL);
+ if (result == NULL) {
+ return WBC_ERR_NO_MEMORY;
}
-
- *guid_string = talloc_asprintf(NULL,
- "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
- guid->time_low, guid->time_mid,
- guid->time_hi_and_version,
- guid->clock_seq[0],
- guid->clock_seq[1],
- guid->node[0], guid->node[1],
- guid->node[2], guid->node[3],
- guid->node[4], guid->node[5]);
- BAIL_ON_PTR_ERROR((*guid_string), wbc_status);
-
- wbc_status = WBC_ERR_SUCCESS;
-
-done:
- return wbc_status;
+ snprintf(result, 37,
+ "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
+ guid->time_low, guid->time_mid,
+ guid->time_hi_and_version,
+ guid->clock_seq[0],
+ guid->clock_seq[1],
+ guid->node[0], guid->node[1],
+ guid->node[2], guid->node[3],
+ guid->node[4], guid->node[5]);
+ *guid_string = result;
+
+ return WBC_ERR_SUCCESS;
}
/* @brief Convert a character string to a binary GUID */
diff --git a/nsswitch/libwbclient/wbc_pam.c b/nsswitch/libwbclient/wbc_pam.c
index 0417af4..f9e1e38 100644
--- a/nsswitch/libwbclient/wbc_pam.c
+++ b/nsswitch/libwbclient/wbc_pam.c
@@ -47,8 +47,36 @@ done:
return wbc_status;
}
-static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
- const struct winbindd_response *resp,
+static bool sid_attr_compose(struct wbcSidWithAttr *s,
+ const struct wbcDomainSid *d,
+ uint32_t rid, uint32_t attr)
+{
+ if (d->num_auths >= WBC_MAXSUBAUTHS) {
+ return false;
+ }
+ s->sid = *d;
+ s->sid.sub_auths[s->sid.num_auths++] = rid;
+ s->attributes = attr;
+ return true;
+}
+
+static void wbcAuthUserInfoDestructor(void *ptr)
+{
+ struct wbcAuthUserInfo *i = (struct wbcAuthUserInfo *)ptr;
+ free(i->account_name);
+ free(i->user_principal);
+ free(i->full_name);
+ free(i->domain_name);
+ free(i->dns_domain_name);
+ free(i->logon_server);
+ free(i->logon_script);
+ free(i->profile_path);
+ free(i->home_directory);
+ free(i->home_drive);
+ free(i->sids);
+}
+
+static wbcErr wbc_create_auth_info(const struct winbindd_response *resp,
struct wbcAuthUserInfo **_i)
{
wbcErr wbc_status = WBC_ERR_SUCCESS;
@@ -58,17 +86,19 @@ static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
uint32_t sn = 0;
uint32_t j;
- i = talloc(mem_ctx, struct wbcAuthUserInfo);
+ i = (struct wbcAuthUserInfo *)wbcAllocateMemory(
+ sizeof(struct wbcAuthUserInfo), 1,
+ wbcAuthUserInfoDestructor);
BAIL_ON_PTR_ERROR(i, wbc_status);
i->user_flags = resp->data.auth.info3.user_flgs;
- i->account_name = talloc_strdup(i, resp->data.auth.info3.user_name);
+ i->account_name = strdup(resp->data.auth.info3.user_name);
BAIL_ON_PTR_ERROR(i->account_name, wbc_status);
i->user_principal= NULL;
- i->full_name = talloc_strdup(i, resp->data.auth.info3.full_name);
+ i->full_name = strdup(resp->data.auth.info3.full_name);
BAIL_ON_PTR_ERROR(i->full_name, wbc_status);
- i->domain_name = talloc_strdup(i, resp->data.auth.info3.logon_dom);
+ i->domain_name = strdup(resp->data.auth.info3.logon_dom);
BAIL_ON_PTR_ERROR(i->domain_name, wbc_status);
i->dns_domain_name= NULL;
@@ -90,47 +120,41 @@ static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
i->pass_can_change_time = resp->data.auth.info3.pass_can_change_time;
i->pass_must_change_time= resp->data.auth.info3.pass_must_change_time;
- i->logon_server = talloc_strdup(i, resp->data.auth.info3.logon_srv);
+ i->logon_server = strdup(resp->data.auth.info3.logon_srv);
BAIL_ON_PTR_ERROR(i->logon_server, wbc_status);
- i->logon_script = talloc_strdup(i, resp->data.auth.info3.logon_script);
+ i->logon_script = strdup(resp->data.auth.info3.logon_script);
BAIL_ON_PTR_ERROR(i->logon_script, wbc_status);
- i->profile_path = talloc_strdup(i, resp->data.auth.info3.profile_path);
+ i->profile_path = strdup(resp->data.auth.info3.profile_path);
BAIL_ON_PTR_ERROR(i->profile_path, wbc_status);
- i->home_directory= talloc_strdup(i, resp->data.auth.info3.home_dir);
+ i->home_directory= strdup(resp->data.auth.info3.home_dir);
BAIL_ON_PTR_ERROR(i->home_directory, wbc_status);
- i->home_drive = talloc_strdup(i, resp->data.auth.info3.dir_drive);
+ i->home_drive = strdup(resp->data.auth.info3.dir_drive);
BAIL_ON_PTR_ERROR(i->home_drive, wbc_status);
i->num_sids = 2;
i->num_sids += resp->data.auth.info3.num_groups;
i->num_sids += resp->data.auth.info3.num_other_sids;
- i->sids = talloc_array(i, struct wbcSidWithAttr, i->num_sids);
+ i->sids = (struct wbcSidWithAttr *)calloc(
+ sizeof(struct wbcSidWithAttr), i->num_sids);
BAIL_ON_PTR_ERROR(i->sids, wbc_status);
wbc_status = wbcStringToSid(resp->data.auth.info3.dom_sid,
&domain_sid);
BAIL_ON_WBC_ERROR(wbc_status);
-#define _SID_COMPOSE(s, d, r, a) { \
- (s).sid = d; \
- if ((s).sid.num_auths < WBC_MAXSUBAUTHS) { \
- (s).sid.sub_auths[(s).sid.num_auths++] = r; \
- } else { \
- wbc_status = WBC_ERR_INVALID_SID; \
- BAIL_ON_WBC_ERROR(wbc_status); \
- } \
- (s).attributes = a; \
-} while (0)
-
sn = 0;
- _SID_COMPOSE(i->sids[sn], domain_sid,
- resp->data.auth.info3.user_rid,
- 0);
+ if (!sid_attr_compose(&i->sids[sn], &domain_sid,
+ resp->data.auth.info3.user_rid, 0)) {
+ wbc_status = WBC_ERR_INVALID_SID;
+ goto done;
+ }
sn++;
- _SID_COMPOSE(i->sids[sn], domain_sid,
- resp->data.auth.info3.group_rid,
- 0);
+ if (!sid_attr_compose(&i->sids[sn], &domain_sid,
+ resp->data.auth.info3.group_rid, 0)) {
+ wbc_status = WBC_ERR_INVALID_SID;
+ goto done;
+ }
sn++;
p = (char *)resp->extra_data.data;
@@ -158,8 +182,11 @@ static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
BAIL_ON_WBC_ERROR(wbc_status);
}
- _SID_COMPOSE(i->sids[sn], domain_sid,
- rid, attrs);
+ if (!sid_attr_compose(&i->sids[sn], &domain_sid,
+ rid, attrs)) {
+ wbc_status = WBC_ERR_INVALID_SID;
+ goto done;
+ }
sn++;
}
@@ -203,32 +230,41 @@ static wbcErr wbc_create_auth_info(TALLOC_CTX *mem_ctx,
*_i = i;
i = NULL;
done:
- talloc_free(i);
--
Samba Shared Repository
More information about the samba-cvs
mailing list