winbind patch

Rafal Szczesniak mimir at diament.ists.pwr.wroc.pl
Sun Sep 1 05:25:01 GMT 2002 

This is proposed fix to have completed trusted domains enumeration
in winbind. This implementation checks returned code and depending
on it does another call (STATUS_MORE_ENTRIES) or exits.
As stored domain names and sids needs potential reallocation,
I expect comments on this matter.

of course, comments/feedbacks are welcome


-- 
cheers,
+------------------------------------------------------------+
|Rafal 'Mimir' Szczesniak <mimir at diament.ists.pwr.wroc.pl>   |
|*BSD, GNU/Linux and Samba                                  /
|__________________________________________________________/
-------------- next part --------------
Index: winbindd.c
===================================================================
RCS file: /cvsroot/samba/source/nsswitch/winbindd.c,v
retrieving revision 1.65
diff -u -r1.65 winbindd.c
--- winbindd.c	27 Aug 2002 19:43:19 -0000	1.65
+++ winbindd.c	1 Sep 2002 09:16:32 -0000
@@ -750,7 +750,7 @@
 	printf("\t-h                show this help message\n");
 }
 
- int main(int argc, char **argv)
+int main(int argc, char **argv)
 {
 	extern BOOL AllowDebugChange;
 	extern pstring global_myname;
Index: winbindd_cm.c
===================================================================
RCS file: /cvsroot/samba/source/nsswitch/winbindd_cm.c,v
retrieving revision 1.44
diff -u -r1.44 winbindd_cm.c
--- winbindd_cm.c	30 Aug 2002 10:46:59 -0000	1.44
+++ winbindd_cm.c	1 Sep 2002 09:16:34 -0000
@@ -433,7 +433,7 @@
 	result = cli_full_connection(&(new_conn->cli), global_myname, new_conn->controller, 
 				     &dc_ip, 0, "IPC$", 
 				     "IPC", ipc_username, ipc_domain, 
-				     ipc_password, 0);
+				     ipc_password, lp_use_spnego() ? 0 : CLI_FULL_CONNECTION_DONT_SPNEGO);
 
 	SAFE_FREE(ipc_username);
 	SAFE_FREE(ipc_domain);
Index: winbindd_rpc.c
===================================================================
RCS file: /cvsroot/samba/source/nsswitch/winbindd_rpc.c,v
retrieving revision 1.31
diff -u -r1.31 winbindd_rpc.c
--- winbindd_rpc.c	5 Aug 2002 02:47:16 -0000	1.31
+++ winbindd_rpc.c	1 Sep 2002 09:16:35 -0000
@@ -3,8 +3,9 @@
 
    Winbind rpc backend functions
 
-   Copyright (C) Tim Potter 2000-2001
-   Copyright (C) Andrew Tridgell 2001
+   Copyright (C) Tim Potter  2000-2001
+   Copyright (C) Andrew Tridgell  2001
+   Copyright (C) Rafal Szczesniak 2002
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -581,19 +582,83 @@
 	CLI_POLICY_HND *hnd;
 	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 	uint32 enum_ctx = 0;
+	
+	/* this gives us 'quantized' allocation of names/sids arrays */
+	const int chunk_size = 4;
+	int chunk_num = 1;
 
 	DEBUG(3,("rpc: trusted_domains\n"));
 
 	*num_domains = 0;
 	*alt_names = NULL;
-
+	
+	*names = talloc(mem_ctx, sizeof(char*) * chunk_size);
+	if (!*names) {
+		DEBUG(0, ("Trusted domain names array couldn't be allocated: out of memory\n"));
+		return NT_STATUS_NO_MEMORY;
+	};
+	
+	*dom_sids = talloc(mem_ctx, sizeof(DOM_SID) * chunk_size);
+	if (!*dom_sids) {
+		DEBUG(0, ("Trusted domain sids array couldn't be allocated: out of memory\n"));
+		return NT_STATUS_NO_MEMORY;
+	};
+	
 	if (!(hnd = cm_get_lsa_handle(lp_workgroup())))
-		goto done;
+		return result;
+
+	DEBUG(5, ("Starting trusted domains enumeration.\n"));
 
-	result = cli_lsa_enum_trust_dom(hnd->cli, mem_ctx,
-					&hnd->pol, &enum_ctx,
-					num_domains, names, dom_sids);
-done:
+	do {
+		/* data returned in a single cli_lsa_enum_trust_dom call */
+		uint32 num_dom = 0;
+		char** domain_names;
+		DOM_SID* domain_sids;
+		
+		result = cli_lsa_enum_trust_dom(hnd->cli, mem_ctx,
+		                                &hnd->pol, &enum_ctx,
+		                                &num_dom, &domain_names, &domain_sids);
+
+		DEBUG(10, ("Returned %d trusted domain entries. Current enum_ctx = %d, nt_status = %s\n",
+		          num_dom, enum_ctx, nt_errstr(result)));
+						
+		/* collect returned entries */
+		while ((enum_ctx - *num_domains <= num_dom) && (enum_ctx - *num_domains > 0)) {
+			if (!domain_names[enum_ctx - *num_domains - 1]) continue;
+			
+			(*names)[*num_domains] = domain_names[enum_ctx - *num_domains - 1];
+			sid_copy(&(*dom_sids)[*num_domains], &(domain_sids[enum_ctx - *num_domains - 1]));
+			
+			DEBUGADD(100, ("Collecting trusted domain (%d): %s %s\n", *num_domains,
+			              (*names)[*num_domains], sid_string_static(&(*dom_sids)[*num_domains])));
+			(*num_domains)++;
+			
+			/* check if arrays grows beyond their current size */
+			if (!(*num_domains < chunk_size * chunk_num)) {
+				chunk_num++;
+			
+				*names = talloc_realloc(mem_ctx, *names, sizeof(char*) * chunk_size * chunk_num);
+				if (!(*names) && sizeof (*names) != sizeof(char*) * chunk_size * chunk_num) {
+					DEBUG(0, ("Realloc of trusted domain names array failed (chunk_size = %d, chunk_num = %d)\n",
+					           chunk_size, chunk_num));
+					return NT_STATUS_NO_MEMORY;
+				}
+				
+				*dom_sids = talloc_realloc(mem_ctx, *dom_sids, sizeof(DOM_SID) * chunk_size * chunk_num);
+				if (!(*dom_sids) && sizeof(*dom_sids) * chunk_size * chunk_num) {
+					DEBUG(0, ("Realloc of trusted domain sids array failed (chunk_size = %d, chunk_num = %d)\n",
+					          chunk_size, chunk_num));
+					return NT_STATUS_NO_MEMORY;
+				}				
+				
+				DEBUG(10, ("Realloc of trusted domain arrays succeeded. Current chunk size = %d, chunk_num = %d\n",
+				          chunk_size, chunk_num));
+			};
+			
+		};
+						
+	} while NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES);
+	
 	return result;
 }
 
Index: winbindd_util.c
===================================================================
RCS file: /cvsroot/samba/source/nsswitch/winbindd_util.c,v
retrieving revision 1.79
diff -u -r1.79 winbindd_util.c
--- winbindd_util.c	18 Aug 2002 15:46:03 -0000	1.79
+++ winbindd_util.c	1 Sep 2002 09:16:36 -0000
@@ -164,7 +164,7 @@
 		int i;
 
 		result = domain->methods->trusted_domains(domain, mem_ctx, &num_domains,
-							  &names, &alt_names, &dom_sids);
+		                                          &names, &alt_names, &dom_sids);
 		if (!NT_STATUS_IS_OK(result)) {
 			continue;
 		}
@@ -173,9 +173,8 @@
 		   the access methods of its parent */
 		for(i = 0; i < num_domains; i++) {
 			DEBUG(10,("Found domain %s\n", names[i]));
-			add_trusted_domain(names[i], 
-					   alt_names?alt_names[i]:NULL, 
-					   domain->methods, &dom_sids[i]);
+			add_trusted_domain(names[i], alt_names?alt_names[i]:NULL,
+			                   domain->methods, &dom_sids[i]);
 		}
 	}
 
@@ -195,8 +194,10 @@
 	/* Add ourselves as the first entry */
 	domain = add_trusted_domain(lp_workgroup(), NULL, &cache_methods, NULL);
 
-	/* Now we *must* get the domain sid for our primary domain. Go into
-	   a holding pattern until that is available */
+	/* 
+	 * Now we *must* get the domain sid for our primary domain. Go into
+	 * a holding pattern until that is available
+	 */
 
 	result = cache_methods.domain_sid(domain, &domain->sid);
 	while (!NT_STATUS_IS_OK(result)) {

More information about the samba-technical mailing list