nsswitch/wbinfo.c

説明を見る。
00001 /* 
00002    Unix SMB/CIFS implementation.
00003 
00004    Winbind status program.
00005 
00006    Copyright (C) Tim Potter      2000-2003
00007    Copyright (C) Andrew Bartlett 2002
00008    
00009    This program is free software; you can redistribute it and/or modify
00010    it under the terms of the GNU General Public License as published by
00011    the Free Software Foundation; either version 2 of the License, or
00012    (at your option) any later version.
00013    
00014    This program is distributed in the hope that it will be useful,
00015    but WITHOUT ANY WARRANTY; without even the implied warranty of
00016    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00017    GNU General Public License for more details.
00018    
00019    You should have received a copy of the GNU General Public License
00020    along with this program; if not, write to the Free Software
00021    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
00022 */
00023 
00024 #include "includes.h"
00025 #include "winbindd.h"
00026 #include "debug.h"
00027 
00028 #undef DBGC_CLASS
00029 #define DBGC_CLASS DBGC_WINBIND
00030 
00031 extern int winbindd_fd;
00032 
00033 static char winbind_separator_int(BOOL strict)
00034 {
00035         struct winbindd_response response;
00036         static BOOL got_sep;
00037         static char sep;
00038 
00039         if (got_sep)
00040                 return sep;
00041 
00042         ZERO_STRUCT(response);
00043 
00044         /* Send off request */
00045 
00046         if (winbindd_request_response(WINBINDD_INFO, NULL, &response) !=
00047             NSS_STATUS_SUCCESS) {
00048                 d_fprintf(stderr, "could not obtain winbind separator!\n");
00049                 if (strict) {
00050                         return 0;
00051                 }
00052                 /* HACK: (this module should not call lp_ funtions) */
00053                 return *lp_winbind_separator();
00054         }
00055 
00056         sep = response.data.info.winbind_separator;
00057         got_sep = True;
00058 
00059         if (!sep) {
00060                 d_fprintf(stderr, "winbind separator was NULL!\n");
00061                 if (strict) {
00062                         return 0;
00063                 }
00064                 /* HACK: (this module should not call lp_ funtions) */
00065                 sep = *lp_winbind_separator();
00066         }
00067         
00068         return sep;
00069 }
00070 
00071 static char winbind_separator(void)
00072 {
00073         return winbind_separator_int(False);
00074 }
00075 
00076 static const char *get_winbind_domain(void)
00077 {
00078         struct winbindd_response response;
00079         static fstring winbind_domain;
00080 
00081         ZERO_STRUCT(response);
00082 
00083         /* Send off request */
00084 
00085         if (winbindd_request_response(WINBINDD_DOMAIN_NAME, NULL, &response) !=
00086             NSS_STATUS_SUCCESS) {
00087                 d_fprintf(stderr, "could not obtain winbind domain name!\n");
00088                 
00089                 /* HACK: (this module should not call lp_ funtions) */
00090                 return lp_workgroup();
00091         }
00092 
00093         fstrcpy(winbind_domain, response.data.domain_name);
00094 
00095         return winbind_domain;
00096 
00097 }
00098 
00099 /* Copy of parse_domain_user from winbindd_util.c.  Parse a string of the
00100    form DOMAIN/user into a domain and a user */
00101 
00102 static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain, 
00103                                      fstring user)
00104 {
00105 
00106         char *p = strchr(domuser,winbind_separator());
00107 
00108         if (!p) {
00109                 fstrcpy(user, domuser);
00110                 fstrcpy(domain, get_winbind_domain());
00111                 return True;
00112         }
00113         
00114         fstrcpy(user, p+1);
00115         fstrcpy(domain, domuser);
00116         domain[PTR_DIFF(p, domuser)] = 0;
00117         strupper_m(domain);
00118 
00119         return True;
00120 }
00121 
00122 /* pull pwent info for a given user */
00123 
00124 static BOOL wbinfo_get_userinfo(char *user)
00125 {
00126         struct winbindd_request request;
00127         struct winbindd_response response;
00128         NSS_STATUS result;
00129         
00130         ZERO_STRUCT(request);
00131         ZERO_STRUCT(response);
00132 
00133         /* Send request */
00134         
00135         fstrcpy(request.data.username, user);
00136 
00137         result = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response);
00138         
00139         if (result != NSS_STATUS_SUCCESS)
00140                 return False;
00141         
00142         d_printf( "%s:%s:%d:%d:%s:%s:%s\n",
00143                           response.data.pw.pw_name,
00144                           response.data.pw.pw_passwd,
00145                           response.data.pw.pw_uid,
00146                           response.data.pw.pw_gid,
00147                           response.data.pw.pw_gecos,
00148                           response.data.pw.pw_dir,
00149                           response.data.pw.pw_shell );
00150         
00151         return True;
00152 }
00153 
00154 /* pull grent for a given group */
00155 static BOOL wbinfo_get_groupinfo(char *group)
00156 {
00157         struct winbindd_request request;
00158         struct winbindd_response response;
00159         NSS_STATUS result;
00160 
00161         ZERO_STRUCT(request);
00162         ZERO_STRUCT(response);
00163 
00164         /* Send request */
00165 
00166         fstrcpy(request.data.groupname, group);
00167 
00168         result = winbindd_request_response(WINBINDD_GETGRNAM, &request,
00169                                            &response);
00170 
00171         if ( result != NSS_STATUS_SUCCESS)
00172                 return False;
00173 
00174         d_printf( "%s:%s:%d\n",
00175                   response.data.gr.gr_name,
00176                   response.data.gr.gr_passwd,
00177                   response.data.gr.gr_gid );
00178         
00179         return True;
00180 }
00181 
00182 /* List groups a user is a member of */
00183 
00184 static BOOL wbinfo_get_usergroups(char *user)
00185 {
00186         struct winbindd_request request;
00187         struct winbindd_response response;
00188         NSS_STATUS result;
00189         int i;
00190         
00191         ZERO_STRUCT(request);
00192         ZERO_STRUCT(response);
00193 
00194         /* Send request */
00195 
00196         fstrcpy(request.data.username, user);
00197 
00198         result = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response);
00199 
00200         if (result != NSS_STATUS_SUCCESS)
00201                 return False;
00202 
00203         for (i = 0; i < response.data.num_entries; i++)
00204                 d_printf("%d\n", (int)((gid_t *)response.extra_data.data)[i]);
00205 
00206         SAFE_FREE(response.extra_data.data);
00207 
00208         return True;
00209 }
00210 
00211 
00212 /* List group SIDs a user SID is a member of */
00213 static BOOL wbinfo_get_usersids(char *user_sid)
00214 {
00215         struct winbindd_request request;
00216         struct winbindd_response response;
00217         NSS_STATUS result;
00218         int i;
00219         const char *s;
00220 
00221         ZERO_STRUCT(request);
00222         ZERO_STRUCT(response);
00223 
00224         /* Send request */
00225         fstrcpy(request.data.sid, user_sid);
00226 
00227         result = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response);
00228 
00229         if (result != NSS_STATUS_SUCCESS)
00230                 return False;
00231 
00232         s = (const char *)response.extra_data.data;
00233         for (i = 0; i < response.data.num_entries; i++) {
00234                 d_printf("%s\n", s);
00235                 s += strlen(s) + 1;
00236         }
00237 
00238         SAFE_FREE(response.extra_data.data);
00239 
00240         return True;
00241 }
00242 
00243 static BOOL wbinfo_get_userdomgroups(const char *user_sid)
00244 {
00245         struct winbindd_request request;
00246         struct winbindd_response response;
00247         NSS_STATUS result;
00248 
00249         ZERO_STRUCT(request);
00250         ZERO_STRUCT(response);
00251 
00252         /* Send request */
00253         fstrcpy(request.data.sid, user_sid);
00254 
00255         result = winbindd_request_response(WINBINDD_GETUSERDOMGROUPS, &request,
00256                                   &response);
00257 
00258         if (result != NSS_STATUS_SUCCESS)
00259                 return False;
00260 
00261         if (response.data.num_entries != 0)
00262                 printf("%s", (char *)response.extra_data.data);
00263         
00264         SAFE_FREE(response.extra_data.data);
00265 
00266         return True;
00267 }
00268 
00269 /* Convert NetBIOS name to IP */
00270 
00271 static BOOL wbinfo_wins_byname(char *name)
00272 {
00273         struct winbindd_request request;
00274         struct winbindd_response response;
00275 
00276         ZERO_STRUCT(request);
00277         ZERO_STRUCT(response);
00278 
00279         /* Send request */
00280 
00281         fstrcpy(request.data.winsreq, name);
00282 
00283         if (winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response) !=
00284             NSS_STATUS_SUCCESS) {
00285                 return False;
00286         }
00287 
00288         /* Display response */
00289 
00290         d_printf("%s\n", response.data.winsresp);
00291 
00292         return True;
00293 }
00294 
00295 /* Convert IP to NetBIOS name */
00296 
00297 static BOOL wbinfo_wins_byip(char *ip)
00298 {
00299         struct winbindd_request request;
00300         struct winbindd_response response;
00301 
00302         ZERO_STRUCT(request);
00303         ZERO_STRUCT(response);
00304 
00305         /* Send request */
00306 
00307         fstrcpy(request.data.winsreq, ip);
00308 
00309         if (winbindd_request_response(WINBINDD_WINS_BYIP, &request, &response) !=
00310             NSS_STATUS_SUCCESS) {
00311                 return False;
00312         }
00313 
00314         /* Display response */
00315 
00316         d_printf("%s\n", response.data.winsresp);
00317 
00318         return True;
00319 }
00320 
00321 /* List trusted domains */
00322 
00323 static BOOL wbinfo_list_domains(BOOL list_all_domains)
00324 {
00325         struct winbindd_request request;
00326         struct winbindd_response response;
00327 
00328         ZERO_STRUCT(request);
00329         ZERO_STRUCT(response);
00330 
00331         /* Send request */
00332 
00333         request.data.list_all_domains = list_all_domains;
00334 
00335         if (winbindd_request_response(WINBINDD_LIST_TRUSTDOM, &request, &response) !=
00336             NSS_STATUS_SUCCESS)
00337                 return False;
00338 
00339         /* Display response */
00340 
00341         if (response.extra_data.data) {
00342                 const char *extra_data = (char *)response.extra_data.data;
00343                 fstring name;
00344                 char *p;
00345 
00346                 while(next_token(&extra_data, name, "\n", sizeof(fstring))) {
00347                         p = strchr(name, '\\');
00348                         if (p == 0) {
00349                                 d_fprintf(stderr, "Got invalid response: %s\n",
00350                                          extra_data);
00351                                 return False;
00352                         }
00353                         *p = 0;
00354                         d_printf("%s\n", name);
00355                 }
00356 
00357                 SAFE_FREE(response.extra_data.data);
00358         }
00359 
00360         return True;
00361 }
00362 
00363 /* List own domain */
00364 
00365 static BOOL wbinfo_list_own_domain(void)
00366 {
00367         d_printf("%s\n", get_winbind_domain());
00368 
00369         return True;
00370 }
00371 
00372 /* show sequence numbers */
00373 static BOOL wbinfo_show_sequence(const char *domain)
00374 {
00375         struct winbindd_request  request;
00376         struct winbindd_response response;
00377 
00378         ZERO_STRUCT(response);
00379         ZERO_STRUCT(request);
00380 
00381         if ( domain )
00382                 fstrcpy( request.domain_name, domain );
00383 
00384         /* Send request */
00385 
00386         if (winbindd_request_response(WINBINDD_SHOW_SEQUENCE, &request, &response) !=
00387             NSS_STATUS_SUCCESS)
00388                 return False;
00389 
00390         /* Display response */
00391 
00392         if (response.extra_data.data) {
00393                 char *extra_data = (char *)response.extra_data.data;
00394                 d_printf("%s", extra_data);
00395                 SAFE_FREE(response.extra_data.data);
00396         }
00397 
00398         return True;
00399 }
00400 
00401 /* Show domain info */
00402 
00403 static BOOL wbinfo_domain_info(const char *domain_name)
00404 {
00405         struct winbindd_request request;
00406         struct winbindd_response response;
00407 
00408         ZERO_STRUCT(request);
00409         ZERO_STRUCT(response);
00410 
00411         if ((strequal(domain_name, ".")) || (domain_name[0] == '\0'))
00412                 fstrcpy(request.domain_name, get_winbind_domain());
00413         else
00414                 fstrcpy(request.domain_name, domain_name);
00415 
00416         /* Send request */
00417 
00418         if (winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response) !=
00419             NSS_STATUS_SUCCESS)
00420                 return False;
00421 
00422         /* Display response */
00423 
00424         d_printf("Name              : %s\n", response.data.domain_info.name);
00425         d_printf("Alt_Name          : %s\n", response.data.domain_info.alt_name);
00426 
00427         d_printf("SID               : %s\n", response.data.domain_info.sid);
00428 
00429         d_printf("Active Directory  : %s\n",
00430                  response.data.domain_info.active_directory ? "Yes" : "No");
00431         d_printf("Native            : %s\n",
00432                  response.data.domain_info.native_mode ? "Yes" : "No");
00433 
00434         d_printf("Primary           : %s\n",
00435                  response.data.domain_info.primary ? "Yes" : "No");
00436 
00437         d_printf("Sequence          : %d\n", response.data.domain_info.sequence_number);
00438 
00439         return True;
00440 }
00441 
00442 /* Get a foreign DC's name */
00443 static BOOL wbinfo_getdcname(const char *domain_name)
00444 {
00445         struct winbindd_request request;
00446         struct winbindd_response response;
00447 
00448         ZERO_STRUCT(request);
00449         ZERO_STRUCT(response);
00450 
00451         fstrcpy(request.domain_name, domain_name);
00452 
00453         /* Send request */
00454 
00455         if (winbindd_request_response(WINBINDD_GETDCNAME, &request, &response) !=
00456             NSS_STATUS_SUCCESS) {
00457                 d_fprintf(stderr, "Could not get dc name for %s\n", domain_name);
00458                 return False;
00459         }
00460 
00461         /* Display response */
00462 
00463         d_printf("%s\n", response.data.dc_name);
00464 
00465         return True;
00466 }
00467 
00468 /* Check trust account password */
00469 
00470 static BOOL wbinfo_check_secret(void)
00471 {
00472         struct winbindd_response response;
00473         NSS_STATUS result;
00474 
00475         ZERO_STRUCT(response);
00476 
00477         result = winbindd_request_response(WINBINDD_CHECK_MACHACC, NULL, &response);
00478                 
00479         d_printf("checking the trust secret via RPC calls %s\n", 
00480                  (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
00481 
00482         if (result != NSS_STATUS_SUCCESS)       
00483                 d_fprintf(stderr, "error code was %s (0x%x)\n", 
00484                          response.data.auth.nt_status_string, 
00485                          response.data.auth.nt_status);
00486         
00487         return result == NSS_STATUS_SUCCESS;    
00488 }
00489 
00490 /* Convert uid to sid */
00491 
00492 static BOOL wbinfo_uid_to_sid(uid_t uid)
00493 {
00494         struct winbindd_request request;
00495         struct winbindd_response response;
00496 
00497         ZERO_STRUCT(request);
00498         ZERO_STRUCT(response);
00499 
00500         /* Send request */
00501 
00502         request.data.uid = uid;
00503 
00504         if (winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response) !=
00505             NSS_STATUS_SUCCESS)
00506                 return False;
00507 
00508         /* Display response */
00509 
00510         d_printf("%s\n", response.data.sid.sid);
00511 
00512         return True;
00513 }
00514 
00515 /* Convert gid to sid */
00516 
00517 static BOOL wbinfo_gid_to_sid(gid_t gid)
00518 {
00519         struct winbindd_request request;
00520         struct winbindd_response response;
00521 
00522         ZERO_STRUCT(request);
00523         ZERO_STRUCT(response);
00524 
00525         /* Send request */
00526 
00527         request.data.gid = gid;
00528 
00529         if (winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response) !=
00530             NSS_STATUS_SUCCESS)
00531                 return False;
00532 
00533         /* Display response */
00534 
00535         d_printf("%s\n", response.data.sid.sid);
00536 
00537         return True;
00538 }
00539 
00540 /* Convert sid to uid */
00541 
00542 static BOOL wbinfo_sid_to_uid(char *sid)
00543 {
00544         struct winbindd_request request;
00545         struct winbindd_response response;
00546 
00547         ZERO_STRUCT(request);
00548         ZERO_STRUCT(response);
00549 
00550         /* Send request */
00551 
00552         fstrcpy(request.data.sid, sid);
00553 
00554         if (winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response) !=
00555             NSS_STATUS_SUCCESS)
00556                 return False;
00557 
00558         /* Display response */
00559 
00560         d_printf("%d\n", (int)response.data.uid);
00561 
00562         return True;
00563 }
00564 
00565 static BOOL wbinfo_sid_to_gid(char *sid)
00566 {
00567         struct winbindd_request request;
00568         struct winbindd_response response;
00569 
00570         ZERO_STRUCT(request);
00571         ZERO_STRUCT(response);
00572 
00573         /* Send request */
00574 
00575         fstrcpy(request.data.sid, sid);
00576 
00577         if (winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response) !=
00578             NSS_STATUS_SUCCESS)
00579                 return False;
00580 
00581         /* Display response */
00582 
00583         d_printf("%d\n", (int)response.data.gid);
00584 
00585         return True;
00586 }
00587 
00588 static BOOL wbinfo_allocate_uid(void)
00589 {
00590         uid_t uid;
00591 
00592         if (!winbind_allocate_uid(&uid))
00593                 return False;
00594 
00595         d_printf("New uid: %d\n", uid);
00596 
00597         return True;
00598 }
00599 
00600 static BOOL wbinfo_allocate_gid(void)
00601 {
00602         gid_t gid;
00603 
00604         if (!winbind_allocate_gid(&gid))
00605                 return False;
00606 
00607         d_printf("New gid: %d\n", gid);
00608 
00609         return True;
00610 }
00611 
00612 /* Convert sid to string */
00613 
00614 static BOOL wbinfo_lookupsid(char *sid)
00615 {
00616         struct winbindd_request request;
00617         struct winbindd_response response;
00618 
00619         ZERO_STRUCT(request);
00620         ZERO_STRUCT(response);
00621 
00622         /* Send off request */
00623 
00624         fstrcpy(request.data.sid, sid);
00625 
00626         if (winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response) !=
00627             NSS_STATUS_SUCCESS)
00628                 return False;
00629 
00630         /* Display response */
00631 
00632         d_printf("%s%c%s %d\n", response.data.name.dom_name, 
00633                  winbind_separator(), response.data.name.name, 
00634                  response.data.name.type);
00635 
00636         return True;
00637 }
00638 
00639 /* Lookup a list of RIDs */
00640 
00641 static BOOL wbinfo_lookuprids(char *domain, char *arg)
00642 {
00643         size_t i;
00644         DOM_SID sid;
00645         int num_rids;
00646         uint32 *rids;
00647         const char *p;
00648         char ridstr[32];
00649         const char **names;
00650         enum lsa_SidType *types;
00651         const char *domain_name;
00652         TALLOC_CTX *mem_ctx;
00653         struct winbindd_request request;
00654         struct winbindd_response response;
00655 
00656         ZERO_STRUCT(request);
00657         ZERO_STRUCT(response);
00658 
00659         if ((domain == NULL) || (strequal(domain, ".")) || (domain[0] == '\0'))
00660                 fstrcpy(request.domain_name, get_winbind_domain());
00661         else
00662                 fstrcpy(request.domain_name, domain);
00663 
00664         /* Send request */
00665 
00666         if (winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response) !=
00667             NSS_STATUS_SUCCESS) {
00668                 d_printf("Could not get domain sid for %s\n", request.domain_name);
00669                 return False;
00670         }
00671 
00672         if (!string_to_sid(&sid, response.data.domain_info.sid)) {
00673                 d_printf("Could not convert %s to sid\n", response.data.domain_info.sid);
00674                 return False;
00675         }
00676 
00677         mem_ctx = talloc_new(NULL);
00678         if (mem_ctx == NULL) {
00679                 d_printf("talloc_new failed\n");
00680                 return False;
00681         }
00682 
00683         num_rids = 0;
00684         rids = NULL;
00685         p = arg;
00686 
00687         while (next_token(&p, ridstr, " ,\n", sizeof(ridstr))) {
00688                 uint32 rid = strtoul(ridstr, NULL, 10);
00689                 ADD_TO_ARRAY(mem_ctx, uint32, rid, &rids, &num_rids);
00690         }
00691 
00692         if (rids == NULL) {
00693                 TALLOC_FREE(mem_ctx);
00694                 return False;
00695         }
00696 
00697         if (!winbind_lookup_rids(mem_ctx, &sid, num_rids, rids,
00698                                  &domain_name, &names, &types)) {
00699                 d_printf("winbind_lookup_rids failed\n");
00700                 TALLOC_FREE(mem_ctx);
00701                 return False;
00702         }
00703 
00704         d_printf("Domain: %s\n", domain_name);
00705 
00706         for (i=0; i<num_rids; i++) {
00707                 d_printf("%8d: %s (%s)\n", rids[i], names[i],
00708                          sid_type_lookup(types[i]));
00709         }
00710 
00711         TALLOC_FREE(mem_ctx);
00712         return True;
00713 }
00714 
00715 /* Convert string to sid */
00716 
00717 static BOOL wbinfo_lookupname(char *name)
00718 {
00719         struct winbindd_request request;
00720         struct winbindd_response response;
00721 
00722         /* Send off request */
00723 
00724         ZERO_STRUCT(request);
00725         ZERO_STRUCT(response);
00726 
00727         parse_wbinfo_domain_user(name, request.data.name.dom_name, 
00728                                  request.data.name.name);
00729 
00730         if (winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response) !=
00731             NSS_STATUS_SUCCESS)
00732                 return False;
00733 
00734         /* Display response */
00735 
00736         d_printf("%s %s (%d)\n", response.data.sid.sid, sid_type_lookup(response.data.sid.type), response.data.sid.type);
00737 
00738         return True;
00739 }
00740 
00741 /* Authenticate a user with a plaintext password */
00742 
00743 static BOOL wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags)
00744 {
00745         struct winbindd_request request;
00746         struct winbindd_response response;
00747         NSS_STATUS result;
00748         char *p;
00749 
00750         /* Send off request */
00751 
00752         ZERO_STRUCT(request);
00753         ZERO_STRUCT(response);
00754 
00755         p = strchr(username, '%');
00756 
00757         if (p) {
00758                 *p = 0;
00759                 fstrcpy(request.data.auth.user, username);
00760                 fstrcpy(request.data.auth.pass, p + 1);
00761                 *p = '%';
00762         } else
00763                 fstrcpy(request.data.auth.user, username);
00764 
00765         request.flags = flags;
00766 
00767         fstrcpy(request.data.auth.krb5_cc_type, cctype);
00768 
00769         request.data.auth.uid = geteuid();
00770 
00771         result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response);
00772 
00773         /* Display response */
00774 
00775         d_printf("plaintext kerberos password authentication for [%s] %s (requesting cctype: %s)\n", 
00776                 username, (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed", cctype);
00777 
00778         if (response.data.auth.nt_status)
00779                 d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", 
00780                          response.data.auth.nt_status_string, 
00781                          response.data.auth.nt_status,
00782                          response.data.auth.error_string);
00783 
00784         if (result == NSS_STATUS_SUCCESS) {
00785 
00786                 if (request.flags & WBFLAG_PAM_INFO3_TEXT) {
00787                         if (response.data.auth.info3.user_flgs & LOGON_CACHED_ACCOUNT) {
00788                                 d_printf("user_flgs: LOGON_CACHED_ACCOUNT\n");
00789                         }
00790                 }
00791 
00792                 if (response.data.auth.krb5ccname[0] != '\0') {
00793                         d_printf("credentials were put in: %s\n", response.data.auth.krb5ccname);
00794                 } else {
00795                         d_printf("no credentials cached\n");
00796                 }
00797         }
00798 
00799         return result == NSS_STATUS_SUCCESS;
00800 }
00801 
00802 /* Authenticate a user with a plaintext password */
00803 
00804 static BOOL wbinfo_auth(char *username)
00805 {
00806         struct winbindd_request request;
00807         struct winbindd_response response;
00808         NSS_STATUS result;
00809         char *p;
00810 
00811         /* Send off request */
00812 
00813         ZERO_STRUCT(request);
00814         ZERO_STRUCT(response);
00815 
00816         p = strchr(username, '%');
00817 
00818         if (p) {
00819                 *p = 0;
00820                 fstrcpy(request.data.auth.user, username);
00821                 fstrcpy(request.data.auth.pass, p + 1);
00822                 *p = '%';
00823         } else
00824                 fstrcpy(request.data.auth.user, username);
00825 
00826         result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response);
00827 
00828         /* Display response */
00829 
00830         d_printf("plaintext password authentication %s\n", 
00831                (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
00832 
00833         if (response.data.auth.nt_status)
00834                 d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", 
00835                          response.data.auth.nt_status_string, 
00836                          response.data.auth.nt_status,
00837                          response.data.auth.error_string);
00838 
00839         return result == NSS_STATUS_SUCCESS;
00840 }
00841 
00842 /* Authenticate a user with a challenge/response */
00843 
00844 static BOOL wbinfo_auth_crap(char *username)
00845 {
00846         struct winbindd_request request;
00847         struct winbindd_response response;
00848         NSS_STATUS result;
00849         fstring name_user;
00850         fstring name_domain;
00851         fstring pass;
00852         char *p;
00853 
00854         /* Send off request */
00855 
00856         ZERO_STRUCT(request);
00857         ZERO_STRUCT(response);
00858 
00859         p = strchr(username, '%');
00860 
00861         if (p) {
00862                 *p = 0;
00863                 fstrcpy(pass, p + 1);
00864         }
00865                 
00866         parse_wbinfo_domain_user(username, name_domain, name_user);
00867 
00868         request.data.auth_crap.logon_parameters = MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT | MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT;
00869 
00870         fstrcpy(request.data.auth_crap.user, name_user);
00871 
00872         fstrcpy(request.data.auth_crap.domain, 
00873                               name_domain);
00874 
00875         generate_random_buffer(request.data.auth_crap.chal, 8);
00876         
00877         if (lp_client_ntlmv2_auth()) {
00878                 DATA_BLOB server_chal;
00879                 DATA_BLOB names_blob;   
00880 
00881                 DATA_BLOB lm_response;
00882                 DATA_BLOB nt_response;
00883 
00884                 server_chal = data_blob(request.data.auth_crap.chal, 8); 
00885                 
00886                 /* Pretend this is a login to 'us', for blob purposes */
00887                 names_blob = NTLMv2_generate_names_blob(global_myname(), lp_workgroup());
00888                 
00889                 if (!SMBNTLMv2encrypt(name_user, name_domain, pass, &server_chal, 
00890                                       &names_blob,
00891                                       &lm_response, &nt_response, NULL)) {
00892                         data_blob_free(&names_blob);
00893                         data_blob_free(&server_chal);
00894                         return False;
00895                 }
00896                 data_blob_free(&names_blob);
00897                 data_blob_free(&server_chal);
00898 
00899                 memcpy(request.data.auth_crap.nt_resp, nt_response.data, 
00900                        MIN(nt_response.length, 
00901                            sizeof(request.data.auth_crap.nt_resp)));
00902                 request.data.auth_crap.nt_resp_len = nt_response.length;
00903 
00904                 memcpy(request.data.auth_crap.lm_resp, lm_response.data, 
00905                        MIN(lm_response.length, 
00906                            sizeof(request.data.auth_crap.lm_resp)));
00907                 request.data.auth_crap.lm_resp_len = lm_response.length;
00908                        
00909                 data_blob_free(&nt_response);
00910                 data_blob_free(&lm_response);
00911 
00912         } else {
00913                 if (lp_client_lanman_auth() 
00914                     && SMBencrypt(pass, request.data.auth_crap.chal, 
00915                                (uchar *)request.data.auth_crap.lm_resp)) {
00916                         request.data.auth_crap.lm_resp_len = 24;
00917                 } else {
00918                         request.data.auth_crap.lm_resp_len = 0;
00919                 }
00920                 SMBNTencrypt(pass, request.data.auth_crap.chal,
00921                              (uchar *)request.data.auth_crap.nt_resp);
00922 
00923                 request.data.auth_crap.nt_resp_len = 24;
00924         }
00925 
00926         result = winbindd_request_response(WINBINDD_PAM_AUTH_CRAP, &request, &response);
00927 
00928         /* Display response */
00929 
00930         d_printf("challenge/response password authentication %s\n", 
00931                (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
00932 
00933         if (response.data.auth.nt_status)
00934                 d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", 
00935                          response.data.auth.nt_status_string, 
00936                          response.data.auth.nt_status,
00937                          response.data.auth.error_string);
00938 
00939         return result == NSS_STATUS_SUCCESS;
00940 }
00941 
00942 /* Authenticate a user with a plaintext password and set a token */
00943 
00944 static BOOL wbinfo_klog(char *username)
00945 {
00946         struct winbindd_request request;
00947         struct winbindd_response response;
00948         NSS_STATUS result;
00949         char *p;
00950 
00951         /* Send off request */
00952 
00953         ZERO_STRUCT(request);
00954         ZERO_STRUCT(response);
00955 
00956         p = strchr(username, '%');
00957 
00958         if (p) {
00959                 *p = 0;
00960                 fstrcpy(request.data.auth.user, username);
00961                 fstrcpy(request.data.auth.pass, p + 1);
00962                 *p = '%';
00963         } else {
00964                 fstrcpy(request.data.auth.user, username);
00965                 fstrcpy(request.data.auth.pass, getpass("Password: "));
00966         }
00967 
00968         request.flags |= WBFLAG_PAM_AFS_TOKEN;
00969 
00970         result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response);
00971 
00972         /* Display response */
00973 
00974         d_printf("plaintext password authentication %s\n", 
00975                (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed");
00976 
00977         if (response.data.auth.nt_status)
00978                 d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", 
00979                          response.data.auth.nt_status_string, 
00980                          response.data.auth.nt_status,
00981                          response.data.auth.error_string);
00982 
00983         if (result != NSS_STATUS_SUCCESS)
00984                 return False;
00985 
00986         if (response.extra_data.data == NULL) {
00987                 d_fprintf(stderr, "Did not get token data\n");
00988                 return False;
00989         }
00990 
00991         if (!afs_settoken_str((char *)response.extra_data.data)) {
00992                 d_fprintf(stderr, "Could not set token\n");
00993                 return False;
00994         }
00995 
00996         d_printf("Successfully created AFS token\n");
00997         return True;
00998 }
00999 
01000 /* Print domain users */
01001 
01002 static BOOL print_domain_users(const char *domain)
01003 {
01004         struct winbindd_request request;
01005         struct winbindd_response response;
01006         const char *extra_data;
01007         fstring name;
01008 
01009         /* Send request to winbind daemon */
01010 
01011         ZERO_STRUCT(request);
01012         ZERO_STRUCT(response);
01013         
01014         if (domain) {
01015                 /* '.' is the special sign for our own domain */
01016                 if ( strequal(domain, ".") )
01017                         fstrcpy( request.domain_name, get_winbind_domain() );
01018                 else
01019                         fstrcpy( request.domain_name, domain );
01020         }
01021 
01022         if (winbindd_request_response(WINBINDD_LIST_USERS, &request, &response) !=
01023             NSS_STATUS_SUCCESS)
01024                 return False;
01025 
01026         /* Look through extra data */
01027 
01028         if (!response.extra_data.data)
01029                 return False;
01030 
01031         extra_data = (const char *)response.extra_data.data;
01032 
01033         while(next_token(&extra_data, name, ",", sizeof(fstring)))
01034                 d_printf("%s\n", name);
01035         
01036         SAFE_FREE(response.extra_data.data);
01037 
01038         return True;
01039 }
01040 
01041 /* Print domain groups */
01042 
01043 static BOOL print_domain_groups(const char *domain)
01044 {
01045         struct winbindd_request  request;
01046         struct winbindd_response response;
01047         const char *extra_data;
01048         fstring name;
01049 
01050         ZERO_STRUCT(request);
01051         ZERO_STRUCT(response);
01052 
01053         if (domain) {
01054                 if ( strequal(domain, ".") )
01055                         fstrcpy( request.domain_name, get_winbind_domain() );
01056                 else
01057                         fstrcpy( request.domain_name, domain );
01058         }
01059 
01060         if (winbindd_request_response(WINBINDD_LIST_GROUPS, &request, &response) !=
01061             NSS_STATUS_SUCCESS)
01062                 return False;
01063 
01064         /* Look through extra data */
01065 
01066         if (!response.extra_data.data)
01067                 return False;
01068 
01069         extra_data = (const char *)response.extra_data.data;
01070 
01071         while(next_token(&extra_data, name, ",", sizeof(fstring)))
01072                 d_printf("%s\n", name);
01073 
01074         SAFE_FREE(response.extra_data.data);
01075         
01076         return True;
01077 }
01078 
01079 /* Set the authorised user for winbindd access in secrets.tdb */
01080 
01081 static BOOL wbinfo_set_auth_user(char *username)
01082 {
01083         const char *password;
01084         char *p;
01085         fstring user, domain;
01086 
01087         /* Separate into user and password */
01088 
01089         parse_wbinfo_domain_user(username, domain, user);
01090 
01091         p = strchr(user, '%');
01092 
01093         if (p != NULL) {
01094                 *p = 0;
01095                 password = p+1;
01096         } else {
01097                 char *thepass = getpass("Password: ");
01098                 if (thepass) {
01099                         password = thepass;     
01100                 } else
01101                         password = "";
01102         }
01103 
01104         /* Store or remove DOMAIN\username%password in secrets.tdb */
01105 
01106         secrets_init();
01107 
01108         if (user[0]) {
01109 
01110                 if (!secrets_store(SECRETS_AUTH_USER, user,
01111                                    strlen(user) + 1)) {
01112                         d_fprintf(stderr, "error storing username\n");
01113                         return False;
01114                 }
01115 
01116                 /* We always have a domain name added by the
01117                    parse_wbinfo_domain_user() function. */
01118 
01119                 if (!secrets_store(SECRETS_AUTH_DOMAIN, domain,
01120                                    strlen(domain) + 1)) {
01121                         d_fprintf(stderr, "error storing domain name\n");
01122                         return False;
01123                 }
01124 
01125         } else {
01126                 secrets_delete(SECRETS_AUTH_USER);
01127                 secrets_delete(SECRETS_AUTH_DOMAIN);
01128         }
01129 
01130         if (password[0]) {
01131 
01132                 if (!secrets_store(SECRETS_AUTH_PASSWORD, password,
01133                                    strlen(password) + 1)) {
01134                         d_fprintf(stderr, "error storing password\n");
01135                         return False;
01136                 }
01137 
01138         } else
01139                 secrets_delete(SECRETS_AUTH_PASSWORD);
01140 
01141         return True;
01142 }
01143 
01144 static void wbinfo_get_auth_user(void)
01145 {
01146         char *user, *domain, *password;
01147 
01148         /* Lift data from secrets file */
01149         
01150         secrets_fetch_ipc_userpass(&user, &domain, &password);
01151 
01152         if ((!user || !*user) && (!domain || !*domain ) && (!password || !*password)){
01153 
01154                 SAFE_FREE(user);
01155                 SAFE_FREE(domain);
01156                 SAFE_FREE(password);
01157                 d_printf("No authorised user configured\n");
01158                 return;
01159         }
01160 
01161         /* Pretty print authorised user info */
01162 
01163         d_printf("%s%s%s%s%s\n", domain ? domain : "", domain ? lp_winbind_separator(): "",
01164                  user, password ? "%" : "", password ? password : "");
01165 
01166         SAFE_FREE(user);
01167         SAFE_FREE(domain);
01168         SAFE_FREE(password);
01169 }
01170 
01171 static BOOL wbinfo_ping(void)
01172 {
01173         NSS_STATUS result;
01174 
01175         result = winbindd_request_response(WINBINDD_PING, NULL, NULL);
01176 
01177         /* Display response */
01178 
01179         d_printf("Ping to winbindd %s on fd %d\n", 
01180                (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed", winbindd_fd);
01181 
01182         return result == NSS_STATUS_SUCCESS;
01183 }
01184 
01185 /* Main program */
01186 
01187 enum {
01188         OPT_SET_AUTH_USER = 1000,
01189         OPT_GET_AUTH_USER,
01190         OPT_DOMAIN_NAME,
01191         OPT_SEQUENCE,
01192         OPT_GETDCNAME,
01193         OPT_USERDOMGROUPS,
01194         OPT_USERSIDS,
01195         OPT_ALLOCATE_UID,
01196         OPT_ALLOCATE_GID,
01197         OPT_SEPARATOR,
01198         OPT_LIST_ALL_DOMAINS,
01199         OPT_LIST_OWN_DOMAIN,
01200         OPT_GROUP_INFO,
01201 };
01202 
01203 int main(int argc, char **argv, char **envp)
01204 {
01205         int opt;
01206 
01207         poptContext pc;
01208         static char *string_arg;
01209         static char *opt_domain_name;
01210         static int int_arg;
01211         int result = 1;
01212 
01213         struct poptOption long_options[] = {
01214                 POPT_AUTOHELP
01215 
01216                 /* longName, shortName, argInfo, argPtr, value, descrip, 
01217                    argDesc */
01218 
01219                 { "domain-users", 'u', POPT_ARG_NONE, 0, 'u', "Lists all domain users", "domain"},
01220                 { "domain-groups", 'g', POPT_ARG_NONE, 0, 'g', "Lists all domain groups", "domain" },
01221                 { "WINS-by-name", 'N', POPT_ARG_STRING, &string_arg, 'N', "Converts NetBIOS name to IP", "NETBIOS-NAME" },
01222                 { "WINS-by-ip", 'I', POPT_ARG_STRING, &string_arg, 'I', "Converts IP address to NetBIOS name", "IP" },
01223                 { "name-to-sid", 'n', POPT_ARG_STRING, &string_arg, 'n', "Converts name to sid", "NAME" },
01224                 { "sid-to-name", 's', POPT_ARG_STRING, &string_arg, 's', "Converts sid to name", "SID" },
01225                 { "lookup-rids", 'R', POPT_ARG_STRING, &string_arg, 'R', "Converts RIDs to names", "RIDs" },
01226                 { "uid-to-sid", 'U', POPT_ARG_INT, &int_arg, 'U', "Converts uid to sid" , "UID" },
01227                 { "gid-to-sid", 'G', POPT_ARG_INT, &int_arg, 'G', "Converts gid to sid", "GID" },
01228                 { "sid-to-uid", 'S', POPT_ARG_STRING, &string_arg, 'S', "Converts sid to uid", "SID" },
01229                 { "sid-to-gid", 'Y', POPT_ARG_STRING, &string_arg, 'Y', "Converts sid to gid", "SID" },
01230                 { "allocate-uid", 0, POPT_ARG_NONE, 0, OPT_ALLOCATE_UID,
01231                   "Get a new UID out of idmap" },
01232                 { "allocate-gid", 0, POPT_ARG_NONE, 0, OPT_ALLOCATE_GID,
01233                   "Get a new GID out of idmap" },
01234                 { "check-secret", 't', POPT_ARG_NONE, 0, 't', "Check shared secret" },
01235                 { "trusted-domains", 'm', POPT_ARG_NONE, 0, 'm', "List trusted domains" },
01236                 { "all-domains", 0, POPT_ARG_NONE, 0, OPT_LIST_ALL_DOMAINS, "List all domains (trusted and own domain)" },
01237                 { "own-domain", 0, POPT_ARG_NONE, 0, OPT_LIST_OWN_DOMAIN, "List own domain" },
01238                 { "sequence", 0, POPT_ARG_NONE, 0, OPT_SEQUENCE, "Show sequence numbers of all domains" },
01239                 { "domain-info", 'D', POPT_ARG_STRING, &string_arg, 'D', "Show most of the info we have about the domain" },
01240                 { "user-info", 'i', POPT_ARG_STRING, &string_arg, 'i', "Get user info", "USER" },
01241                 { "group-info", 0, POPT_ARG_STRING, &string_arg, OPT_GROUP_INFO, "Get group info", "GROUP" },
01242                 { "user-groups", 'r', POPT_ARG_STRING, &string_arg, 'r', "Get user groups", "USER" },
01243                 { "user-domgroups", 0, POPT_ARG_STRING, &string_arg,
01244                   OPT_USERDOMGROUPS, "Get user domain groups", "SID" },
01245                 { "user-sids", 0, POPT_ARG_STRING, &string_arg, OPT_USERSIDS, "Get user group sids for user SID", "SID" },
01246                 { "authenticate", 'a', POPT_ARG_STRING, &string_arg, 'a', "authenticate user", "user%password" },
01247                 { "set-auth-user", 0, POPT_ARG_STRING, &string_arg, OPT_SET_AUTH_USER, "Store user and password used by winbindd (root only)", "user%password" },
01248                 { "getdcname", 0, POPT_ARG_STRING, &string_arg, OPT_GETDCNAME,
01249                   "Get a DC name for a foreign domain", "domainname" },
01250                 { "get-auth-user", 0, POPT_ARG_NONE, NULL, OPT_GET_AUTH_USER, "Retrieve user and password used by winbindd (root only)", NULL },
01251                 { "ping", 'p', POPT_ARG_NONE, 0, 'p', "Ping winbindd to see if it is alive" },
01252                 { "domain", 0, POPT_ARG_STRING, &opt_domain_name, OPT_DOMAIN_NAME, "Define to the domain to restrict operation", "domain" },
01253 #ifdef WITH_FAKE_KASERVER
01254                 { "klog", 'k', POPT_ARG_STRING, &string_arg, 'k', "set an AFS token from winbind", "user%password" },
01255 #endif
01256 #ifdef HAVE_KRB5
01257                 { "krb5auth", 'K', POPT_ARG_STRING, &string_arg, 'K', "authenticate user using Kerberos", "user%password" },
01258                         /* destroys wbinfo --help output */
01259                         /* "user%password,DOM\\user%password,user@EXAMPLE.COM,EXAMPLE.COM\\user%password" }, */
01260 #endif
01261                 { "separator", 0, POPT_ARG_NONE, 0, OPT_SEPARATOR, "Get the active winbind separator", NULL },
01262                 POPT_COMMON_VERSION
01263                 POPT_TABLEEND
01264         };
01265 
01266         /* Samba client initialisation */
01267         load_case_tables();
01268 
01269         if (!lp_load(dyn_CONFIGFILE, True, False, False, True)) {
01270                 d_fprintf(stderr, "wbinfo: error opening config file %s. Error was %s\n",
01271                         dyn_CONFIGFILE, strerror(errno));
01272                 exit(1);
01273         }
01274 
01275         if (!init_names())
01276                 return 1;
01277 
01278         load_interfaces();
01279 
01280         /* Parse options */
01281 
01282         pc = poptGetContext("wbinfo", argc, (const char **)argv, long_options, 0);
01283 
01284         /* Parse command line options */
01285 
01286         if (argc == 1) {
01287                 poptPrintHelp(pc, stderr, 0);
01288                 return 1;
01289         }
01290 
01291         while((opt = poptGetNextOpt(pc)) != -1) {
01292                 /* get the generic configuration parameters like --domain */
01293         }
01294 
01295         poptFreeContext(pc);
01296 
01297         pc = poptGetContext(NULL, argc, (const char **)argv, long_options, 
01298                             POPT_CONTEXT_KEEP_FIRST);
01299 
01300         while((opt = poptGetNextOpt(pc)) != -1) {
01301                 switch (opt) {
01302                 case 'u':
01303                         if (!print_domain_users(opt_domain_name)) {
01304                                 d_fprintf(stderr, "Error looking up domain users\n");
01305                                 goto done;
01306                         }
01307                         break;
01308                 case 'g':
01309                         if (!print_domain_groups(opt_domain_name)) {
01310                                 d_fprintf(stderr, "Error looking up domain groups\n");
01311                                 goto done;
01312                         }
01313                         break;
01314                 case 's':
01315                         if (!wbinfo_lookupsid(string_arg)) {
01316                                 d_fprintf(stderr, "Could not lookup sid %s\n", string_arg);
01317                                 goto done;
01318                         }
01319                         break;
01320                 case 'R':
01321                         if (!wbinfo_lookuprids(opt_domain_name, string_arg)) {
01322                                 d_fprintf(stderr, "Could not lookup RIDs %s\n", string_arg);
01323                                 goto done;
01324                         }
01325                         break;
01326                 case 'n':
01327                         if (!wbinfo_lookupname(string_arg)) {
01328                                 d_fprintf(stderr, "Could not lookup name %s\n", string_arg);
01329                                 goto done;
01330                         }
01331                         break;
01332                 case 'N':
01333                         if (!wbinfo_wins_byname(string_arg)) {
01334                                 d_fprintf(stderr, "Could not lookup WINS by name %s\n", string_arg);
01335                                 goto done;
01336                         }
01337                         break;
01338                 case 'I':
01339                         if (!wbinfo_wins_byip(string_arg)) {
01340                                 d_fprintf(stderr, "Could not lookup WINS by IP %s\n", string_arg);
01341                                 goto done;
01342                         }
01343                         break;
01344                 case 'U':
01345                         if (!wbinfo_uid_to_sid(int_arg)) {
01346                                 d_fprintf(stderr, "Could not convert uid %d to sid\n", int_arg);
01347                                 goto done;
01348                         }
01349                         break;
01350                 case 'G':
01351                         if (!wbinfo_gid_to_sid(int_arg)) {
01352                                 d_fprintf(stderr, "Could not convert gid %d to sid\n",
01353                                        int_arg);
01354                                 goto done;
01355                         }
01356                         break;
01357                 case 'S':
01358                         if (!wbinfo_sid_to_uid(string_arg)) {
01359                                 d_fprintf(stderr, "Could not convert sid %s to uid\n",
01360                                        string_arg);
01361                                 goto done;
01362                         }
01363                         break;
01364                 case 'Y':
01365                         if (!wbinfo_sid_to_gid(string_arg)) {
01366                                 d_fprintf(stderr, "Could not convert sid %s to gid\n",
01367                                        string_arg);
01368                                 goto done;
01369                         }
01370                         break;
01371                 case OPT_ALLOCATE_UID:
01372                         if (!wbinfo_allocate_uid()) {
01373                                 d_fprintf(stderr, "Could not allocate a uid\n");
01374                                 goto done;
01375                         }
01376                         break;
01377                 case OPT_ALLOCATE_GID:
01378                         if (!wbinfo_allocate_gid()) {
01379                                 d_fprintf(stderr, "Could not allocate a gid\n");
01380                                 goto done;
01381                         }
01382                         break;
01383                 case 't':
01384                         if (!wbinfo_check_secret()) {
01385                                 d_fprintf(stderr, "Could not check secret\n");
01386                                 goto done;
01387                         }
01388                         break;
01389                 case 'm':
01390                         if (!wbinfo_list_domains(False)) {
01391                                 d_fprintf(stderr, "Could not list trusted domains\n");
01392                                 goto done;
01393                         }
01394                         break;
01395                 case OPT_SEQUENCE:
01396                         if (!wbinfo_show_sequence(opt_domain_name)) {
01397                                 d_fprintf(stderr, "Could not show sequence numbers\n");
01398                                 goto done;
01399                         }
01400                         break;
01401                 case 'D':
01402                         if (!wbinfo_domain_info(string_arg)) {
01403                                 d_fprintf(stderr, "Could not get domain info\n");
01404                                 goto done;
01405                         }
01406                         break;
01407                 case 'i':
01408                         if (!wbinfo_get_userinfo(string_arg)) {
01409                                 d_fprintf(stderr, "Could not get info for user %s\n",
01410                                                   string_arg);
01411                                 goto done;
01412                         }
01413                         break;
01414                 case OPT_GROUP_INFO:
01415                         if ( !wbinfo_get_groupinfo(string_arg)) {
01416                                 d_fprintf(stderr, "Could not get info for "
01417                                           "group %s\n", string_arg);
01418                                 goto done;
01419                         }
01420                         break;
01421                 case 'r':
01422                         if (!wbinfo_get_usergroups(string_arg)) {
01423                                 d_fprintf(stderr, "Could not get groups for user %s\n", 
01424                                        string_arg);
01425                                 goto done;
01426                         }
01427                         break;
01428                 case OPT_USERSIDS:
01429                         if (!wbinfo_get_usersids(string_arg)) {
01430                                 d_fprintf(stderr, "Could not get group SIDs for user SID %s\n", 
01431                                        string_arg);
01432                                 goto done;
01433                         }
01434                         break;
01435                 case OPT_USERDOMGROUPS:
01436                         if (!wbinfo_get_userdomgroups(string_arg)) {
01437                                 d_fprintf(stderr, "Could not get user's domain groups "
01438                                          "for user SID %s\n", string_arg);
01439                                 goto done;
01440                         }
01441                         break;
01442                 case 'a': {
01443                                 BOOL got_error = False;
01444 
01445                                 if (!wbinfo_auth(string_arg)) {
01446                                         d_fprintf(stderr, "Could not authenticate user %s with "
01447                                                 "plaintext password\n", string_arg);
01448                                         got_error = True;
01449                                 }
01450 
01451                                 if (!wbinfo_auth_crap(string_arg)) {
01452                                         d_fprintf(stderr, "Could not authenticate user %s with "
01453                                                 "challenge/response\n", string_arg);
01454                                         got_error = True;
01455                                 }
01456 
01457                                 if (got_error)
01458                                         goto done;
01459                                 break;
01460                         }
01461                 case 'K': {
01462                                 uint32 flags =  WBFLAG_PAM_KRB5 |
01463                                                 WBFLAG_PAM_CACHED_LOGIN |
01464                                                 WBFLAG_PAM_FALLBACK_AFTER_KRB5 |
01465                                                 WBFLAG_PAM_INFO3_TEXT;
01466 
01467                                 if (!wbinfo_auth_krb5(string_arg, "FILE", flags)) {
01468                                         d_fprintf(stderr, "Could not authenticate user [%s] with "
01469                                                 "Kerberos (ccache: %s)\n", string_arg, "FILE");
01470                                         goto done;
01471                                 }
01472                                 break;
01473                         }
01474                 case 'k':
01475                         if (!wbinfo_klog(string_arg)) {
01476                                 d_fprintf(stderr, "Could not klog user\n");
01477                                 goto done;
01478                         }
01479                         break;
01480                 case 'p':
01481                         if (!wbinfo_ping()) {
01482                                 d_fprintf(stderr, "could not ping winbindd!\n");
01483                                 goto done;
01484                         }
01485                         break;
01486                 case OPT_SET_AUTH_USER:
01487                         if (!wbinfo_set_auth_user(string_arg)) {
01488                                 goto done;
01489                         }
01490                         break;
01491                 case OPT_GET_AUTH_USER:
01492                         wbinfo_get_auth_user();
01493                         break;
01494                 case OPT_GETDCNAME:
01495                         if (!wbinfo_getdcname(string_arg)) {
01496                                 goto done;
01497                         }
01498                         break;
01499                 case OPT_SEPARATOR: {
01500                         const char sep = winbind_separator_int(True);
01501                         if ( !sep ) {
01502                                 goto done;
01503                         }
01504                         d_printf("%c\n", sep);
01505                         break;
01506                 }
01507                 case OPT_LIST_ALL_DOMAINS:
01508                         if (!wbinfo_list_domains(True)) {
01509                                 goto done;
01510                         }
01511                         break;
01512                 case OPT_LIST_OWN_DOMAIN:
01513                         if (!wbinfo_list_own_domain()) {
01514                                 goto done;
01515                         }
01516                         break;
01517                 /* generic configuration options */
01518                 case OPT_DOMAIN_NAME:
01519                         break;
01520                 default:
01521                         d_fprintf(stderr, "Invalid option\n");
01522                         poptPrintHelp(pc, stderr, 0);
01523                         goto done;
01524                 }
01525         }
01526 
01527         result = 0;
01528 
01529         /* Exit code */
01530 
01531  done:
01532         poptFreeContext(pc);
01533         return result;
01534 }

Sambaに対してSat Aug 29 21:23:09 2009に生成されました。  doxygen 1.4.7