On (22/07/14 10:51), Sumit Bose wrote:
>Hi,
>
>this patch contains the libwbclient implementation for SSSD to allow
>Samba file-servers and utilities to use SSSD instead of winbind to map
>SIDs, names and POSIX IDs. The related ticket is
>https://fedorahosted.org/sssd/ticket/1588.
>
>The SSSD specific calls can be found in files with '_sssd' as part of
>the name, the other files are mainly taken from the original Samba
>sources because they contain API calls which are independent of the
>backend. I have made some minor modification to meet the SSSD coding
>style but tried to avoid major changes to make a diff to the original
>version more easy. If major issue are found during review I think it
>would be a good idea to try to bring the changes back to samba as well.
>
>In wbc_pwd_sssd.c instead of linking in the related sources of the NSS
>client I dlopen-ed libnss_sss.so.2 to have more flexibility about where
>and how to build the library. I you think this is too much overhead I'd
>be happy to change the code to use the NSS client call directly.
>
>The patch does not contain unit test because the Samba source code
>already contains some basic tests. I'll try to work with the samba
>package maintainer to make this code in a samba-devel or samba-test
>package available so that it can be used by SSSD as well.
>
>Basic functional test can be run manually with wbinfo, e.g.:
>
>$ /usr/bin/wbinfo -n 'AD18\Administrator'
>S-1-5-21-3090815309-2627318493-3395719201-500 SID_USER (1)
>$ /usr/bin/wbinfo -S S-1-5-21-3090815309-2627318493-3395719201-500
>1670800500
>
>bye,
>Sumit
It is quite big patch. I think some files are copied from samba.
I read just patches with header "Author: sbose ..."
>From 676cf42d5749c9a76f145968c9e0afa6438ba700 Mon Sep 17 00:00:00 2001
>From: Sumit Bose <sbose(a)redhat.com>
>Date: Tue, 15 Jul 2014 18:13:24 +0200
>Subject: [PATCH] libwbclient: SSSD implementation
>
>This patch implements the libwbclient API for Samba daemons and
>utilities. The main purpose is to map Active Directory users and groups
>identified by their SID to POSIX users and groups identified by their
>POSIX UIDs and GIDs respectively.
>
>The API is not fully implemented because SSSD does not support some AD
>features like WINS or NTLM. Additionally this implementation has its
>focus on the file-server use case and hence does not implement some
>features which might be needed for a domain controller use case.
>
>Some API calls are generic and independent of the backend like e.g.
>converting binary SIDs and GUIDs into a string representation and back
>or memory allocation and deallocation. These parts are taken from the
>original Samba sources together with copyright and authors. Files
>with'_sssd' as part of the name contain the SSSD related calls.
>
>Resolves:
https://fedorahosted.org/sssd/ticket/1588
>---
> Makefile.am | 33 +-
> configure.ac | 1 +
> contrib/sssd.spec.in | 26 +
> src/sss_client/libwbclient/libwbclient.h | 46 +
> src/sss_client/libwbclient/wbc_err_internal.h | 44 +
> src/sss_client/libwbclient/wbc_guid.c | 100 ++
> src/sss_client/libwbclient/wbc_idmap_common.c | 89 ++
> src/sss_client/libwbclient/wbc_idmap_sssd.c | 204 ++++
> src/sss_client/libwbclient/wbc_pam_sssd.c | 151 +++
> src/sss_client/libwbclient/wbc_pwd_sssd.c | 659 ++++++++++++
> src/sss_client/libwbclient/wbc_sid_common.c | 199 ++++
> src/sss_client/libwbclient/wbc_sid_sssd.c | 276 +++++
> src/sss_client/libwbclient/wbc_sssd_internal.h | 41 +
> src/sss_client/libwbclient/wbc_util_common.c | 97 ++
> src/sss_client/libwbclient/wbc_util_sssd.c | 160 +++
> src/sss_client/libwbclient/wbclient.exports | 90 ++
> src/sss_client/libwbclient/wbclient.h | 1372 ++++++++++++++++++++++++
> src/sss_client/libwbclient/wbclient.pc.in | 11 +
> src/sss_client/libwbclient/wbclient_common.c | 178 +++
> src/sss_client/libwbclient/wbclient_internal.h | 44 +
> src/sss_client/libwbclient/wbclient_sssd.c | 40 +
> 21 files changed, 3859 insertions(+), 2 deletions(-)
> create mode 100644 src/sss_client/libwbclient/libwbclient.h
> create mode 100644 src/sss_client/libwbclient/wbc_err_internal.h
> create mode 100644 src/sss_client/libwbclient/wbc_guid.c
> create mode 100644 src/sss_client/libwbclient/wbc_idmap_common.c
> create mode 100644 src/sss_client/libwbclient/wbc_idmap_sssd.c
> create mode 100644 src/sss_client/libwbclient/wbc_pam_sssd.c
> create mode 100644 src/sss_client/libwbclient/wbc_pwd_sssd.c
> create mode 100644 src/sss_client/libwbclient/wbc_sid_common.c
> create mode 100644 src/sss_client/libwbclient/wbc_sid_sssd.c
> create mode 100644 src/sss_client/libwbclient/wbc_sssd_internal.h
> create mode 100644 src/sss_client/libwbclient/wbc_util_common.c
> create mode 100644 src/sss_client/libwbclient/wbc_util_sssd.c
> create mode 100644 src/sss_client/libwbclient/wbclient.exports
> create mode 100644 src/sss_client/libwbclient/wbclient.h
> create mode 100644 src/sss_client/libwbclient/wbclient.pc.in
> create mode 100644 src/sss_client/libwbclient/wbclient_common.c
> create mode 100644 src/sss_client/libwbclient/wbclient_internal.h
> create mode 100644 src/sss_client/libwbclient/wbclient_sssd.c
>
>diff --git a/Makefile.am b/Makefile.am
>index e359286..adb981b 100644
>--- a/Makefile.am
>+++ b/Makefile.am
>@@ -574,6 +574,10 @@ dist_noinst_HEADERS = \
> src/tests/cmocka/common_mock_sysdb_objects.h \
> src/sss_client/ssh/sss_ssh_client.h \
> src/sss_client/sudo/sss_sudo.h \
>+ src/sss_client/libwbclient/libwbclient.h \
>+ src/sss_client/libwbclient/wbc_err_internal.h \
>+ src/sss_client/libwbclient/wbclient_internal.h \
>+ src/sss_client/libwbclient/wbc_sssd_internal.h \
> src/lib/idmap/sss_idmap_private.h \
> src/lib/sifp/sss_sifp_private.h
>
>@@ -713,7 +717,7 @@ libsss_config_la_LDFLAGS = \
> endif # BUILD_CONFIG_LIB
> endif # BUILD_IFP
>
>-lib_LTLIBRARIES = libipa_hbac.la libsss_idmap.la libsss_nss_idmap.la
>+lib_LTLIBRARIES = libipa_hbac.la libsss_idmap.la libsss_nss_idmap.la libwbclient.la
Could you put each library to separate line and use $(NULL) at the end.
> pkgconfig_DATA += src/providers/ipa/ipa_hbac.pc
> libipa_hbac_la_DEPENDENCIES = src/providers/ipa/ipa_hbac.exports
> libipa_hbac_la_SOURCES = \
>@@ -753,11 +757,36 @@ libsss_nss_idmap_la_LDFLAGS = \
>
> dist_noinst_DATA += src/sss_client/idmap/sss_nss_idmap.exports
>
>+pkgconfig_DATA += src/sss_client/libwbclient/wbclient.pc
>+libwbclient_la_DEPENDENCIES = src/sss_client/libwbclient/wbclient.exports
Use prefix EXTRA_, otherwise parallel build will fail.
CCLD libwbclient.la
libtool: link: cannot find the library `libsss_nss_idmap.la' or unhandled argument
`libsss_nss_idmap.la'
make[2]: *** [libwbclient.la] Error 1
>+libwbclient_la_SOURCES = \
>+ src/sss_client/libwbclient/wbc_guid.c \
>+ src/sss_client/libwbclient/wbc_idmap_common.c \
>+ src/sss_client/libwbclient/wbc_idmap_sssd.c \
>+ src/sss_client/libwbclient/wbclient_common.c \
>+ src/sss_client/libwbclient/wbclient_sssd.c \
>+ src/sss_client/libwbclient/wbc_pam_sssd.c \
>+ src/sss_client/libwbclient/wbc_pwd_sssd.c \
>+ src/sss_client/libwbclient/wbc_sid_common.c \
>+ src/sss_client/libwbclient/wbc_sid_sssd.c \
>+ src/sss_client/libwbclient/wbc_sssd_internal.h \
>+ src/sss_client/libwbclient/wbc_util_common.c \
>+ src/sss_client/libwbclient/wbc_util_sssd.c
There was expectation that libsss_nss_idmap.so is external library and header
files are installed. Compilation failed on machine without installed header
files for libsss_nss_idmap. We should use header files from source directory.
e.g.
libwbclient_la_CPPFLAGS = \
-I$(srcdir)/src/sss_client/idmap/ \
$(AM_CPPFLAGS)
or directly adding this directory to the AM_CPPFLAGS.
>+libwbclient_la_LIBADD = \
>+ libsss_nss_idmap.la \
>+ $(CLIENT_LIBS)
>+libwbclient_la_LDFLAGS = \
>+ -Wl,--version-script,$(srcdir)/src/sss_client/libwbclient/wbclient.exports \
>+ -version-info 11:0:11
>+
>+dist_noinst_DATA += src/sss_client/libwbclient/wbclient.exports
>+
>
> include_HEADERS = \
> src/providers/ipa/ipa_hbac.h \
> src/lib/idmap/sss_idmap.h \
>- src/sss_client/idmap/sss_nss_idmap.h
>+ src/sss_client/idmap/sss_nss_idmap.h \
>+ src/sss_client/libwbclient/wbclient.h
Could you add $(NULL) as well?
> if BUILD_IFP
> lib_LTLIBRARIES += libsss_simpleifp.la
>diff --git a/configure.ac b/configure.ac
>index 3865421..d20cb9c 100644
>--- a/configure.ac
>+++ b/configure.ac
>@@ -323,6 +323,7 @@ AC_CONFIG_FILES([Makefile contrib/sssd.spec src/examples/rwtab
src/doxy.config
> src/sss_client/sudo/sss_sudo.doxy
> src/sss_client/idmap/sss_nss_idmap.pc
> src/sss_client/idmap/sss_nss_idmap.doxy
>+ src/sss_client/libwbclient/wbclient.pc
> src/lib/sifp/sss_simpleifp.pc
> src/lib/sifp/sss_simpleifp.doxy
> src/config/setup.py
>diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
>index 82d8e89..d781936 100644
>--- a/contrib/sssd.spec.in
>+++ b/contrib/sssd.spec.in
>@@ -427,6 +427,22 @@ Requires: libsss_simpleifp = %{version}-%{release}
> %description -n libsss_simpleifp-devel
> Provides library that simplifies D-Bus API for the SSSD InfoPipe responder.
>
>+%package libwbclient
>+Summary: The SSSD libwbclient implementation
>+Group: Applications/System
>+License: GPLv3+ and LGPLv3+
>+
>+%description libwbclient
>+The SSSD libwbclient implementation.
>+
>+%package libwbclient-devel
>+Summary: Development libraries for the SSSD libwbclient implementation
>+Group: Development/Libraries
>+License: GPLv3+ and LGPLv3+
>+
>+%description libwbclient-devel
>+Development libraries for the SSSD libwbclient implementation.
>+
> %prep
> %setup -q -n %{name}-%{version}
>
>@@ -821,6 +837,16 @@ rm -rf $RPM_BUILD_ROOT
> %defattr(-,root,root,-)
> %{python_sitearch}/pyhbac.so
>
>+%files libwbclient
>+%defattr(-,root,root,-)
>+%{_libdir}/libwbclient.so.*
This library will be installed to the default libdir; the same as
libwbclient.so from libwbclient from samba.
Do we need conflicts or something different? Do we want to have different name
for package?
sh-4.2$ rpm -ql libwbclient-4.1.9-3.fc20.x86_64.rpm
/usr/lib64/libwbclient.so.0
/usr/lib64/libwbclient.so.0.11
/usr/lib64/samba/libwinbind-client.so
>+
>+%files libwbclient-devel
>+%defattr(-,root,root,-)
>+%{_includedir}/wbclient.h
>+%{_libdir}/libwbclient.so
>+%{_libdir}/pkgconfig/wbclient.pc
>+
> %if (0%{?use_systemd} == 1)
> # systemd
> %post common
>diff --git a/src/sss_client/libwbclient/libwbclient.h
b/src/sss_client/libwbclient/libwbclient.h
>new file mode 100644
>index 0000000..79d9be2
>--- /dev/null
>+++ b/src/sss_client/libwbclient/libwbclient.h
>@@ -0,0 +1,46 @@
>+/*
>+ Unix SMB/CIFS implementation.
>+
>+ Winbind client API
>+
>+ Copyright (C) Gerald (Jerry) Carter 2007
>+
>+ This library is free software; you can redistribute it and/or
>+ modify it under the terms of the GNU Lesser General Public
>+ License as published by the Free Software Foundation; either
>+ version 3 of the License, or (at your option) any later version.
>+:set number
>+ This library is distributed in the hope that it will be useful,
>+ but WITHOUT ANY WARRANTY; without even the implied warranty of
>+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
>+ Library General Public License for more details.
>+
>+ You should have received a copy of the GNU Lesser General Public License
>+ along with this program. If not, see <
http://www.gnu.org/licenses/>.
>+*/
>+
>+#ifndef _LIBWBCLIENT_H
>+#define _LIBWBCLIENT_H
>+
>+#include <stdint.h>
>+#include <stdbool.h>
>+#include <stdio.h>
>+#include <stdlib.h>
>+#include <string.h>
>+
>+
>+/* Super header including necessary public and private header files
>+ for building the wbclient library. __DO NOT__ define anything
>+ in this file. Only include other headers. */
>+
>+/* Public headers */
>+
>+#include "wbclient.h"
>+
>+/* Private headers */
>+
>+#include "wbc_err_internal.h"
>+#include "wbclient_internal.h"
>+
>+
>+#endif /* _LIBWBCLIENT_H */
>diff --git a/src/sss_client/libwbclient/wbc_idmap_sssd.c
b/src/sss_client/libwbclient/wbc_idmap_sssd.c
>new file mode 100644
>index 0000000..430de0c
>--- /dev/null
>+++ b/src/sss_client/libwbclient/wbc_idmap_sssd.c
>@@ -0,0 +1,204 @@
>+/*
>+ Unix SMB/CIFS implementation.
>+
>+ Winbind client API - SSSD version
>+
>+ Copyright (C) Sumit Bose <sbose(a)redhat.com> 2014
>+
>+ This library is free software; you can redistribute it and/or
>+ modify it under the terms of the GNU Lesser General Public
>+ License as published by the Free Software Foundation; either
>+ version 3 of the License, or (at your option) any later version.
>+
>+ This library is distributed in the hope that it will be useful,
>+ but WITHOUT ANY WARRANTY; without even the implied warranty of
>+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
>+ Library General Public License for more details.
>+
>+ You should have received a copy of the GNU Lesser General Public License
>+ along with this program. If not, see <
http://www.gnu.org/licenses/>.
>+*/
>+
>+/* Required Headers */
>+#include <sss_nss_idmap.h>
We will not include external header file. it would work, but it can be
confusing.
>+
>+#include "libwbclient.h"
>+#include "wbc_sssd_internal.h"
>+
>diff --git a/src/sss_client/libwbclient/wbc_pam_sssd.c
b/src/sss_client/libwbclient/wbc_pam_sssd.c
>new file mode 100644
>index 0000000..0bd27ce
>--- /dev/null
>+++ b/src/sss_client/libwbclient/wbc_pam_sssd.c
>@@ -0,0 +1,151 @@
>+/*
>+ Unix SMB/CIFS implementation.
>+
>+ Winbind client API - SSSD version
>+
>+ Copyright (C) Sumit Bose <sbose(a)redhat.com> 2014
>+
>+ This library is free software; you can redistribute it and/or
>+ modify it under the terms of the GNU Lesser General Public
>+ License as published by the Free Software Foundation; either
>+ version 3 of the License, or (at your option) any later version.
>+
>+ This library is distributed in the hope that it will be useful,
>+ but WITHOUT ANY WARRANTY; without even the implied warranty of
>+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
>+ Library General Public License for more details.
>+
>+ You should have received a copy of the GNU Lesser General Public License
>+ along with this program. If not, see <
http://www.gnu.org/licenses/>.
>+*/
>+
>+/* Required Headers */
>+#include "libwbclient.h"
>+#include "wbc_sssd_internal.h"
>+
>+/* Authenticate a username/password pair */
>+wbcErr wbcAuthenticateUser(const char *username,
>+ const char *password)
>+{
>+ wbcErr wbc_status = WBC_ERR_SUCCESS;
>+ struct wbcAuthUserParams params;
>+
>+ memset(¶ms, 0, sizeof(params));
Could you use "= {0,}" for initialisation.
I saw it on another place in libwbclient code.
>+
>+ params.account_name = username;
>+ params.level = WBC_AUTH_USER_LEVEL_PLAIN;
>+ params.password.plaintext = password;
>+
>+ wbc_status = wbcAuthenticateUserEx(¶ms, NULL, NULL);
>+
>+ return wbc_status;
>+}
>+
>+
//snip
>+/* Change a password for a user */
>+wbcErr wbcChangeUserPassword(const char *username,
>+ const char *old_password,
>+ const char *new_password)
>+{
>+ wbcErr wbc_status = WBC_ERR_SUCCESS;
>+ struct wbcChangePasswordParams params;
>+
>+ memset(¶ms, 0, sizeof(params));
the same here
>+
>+ params.account_name = username;
>+ params.level = WBC_CHANGE_PASSWORD_LEVEL_PLAIN;
>+ params.old_password.plaintext = old_password;
>+ params.new_password.plaintext = new_password;
>+
>+ wbc_status = wbcChangeUserPasswordEx(¶ms, NULL, NULL, NULL);
>+
>+ return wbc_status;
>+}
>+
>+/* Logon a User */
>+wbcErr wbcLogonUser(const struct wbcLogonUserParams *params,
>+ struct wbcLogonUserInfo **info,
>+ struct wbcAuthErrorInfo **error,
>+ struct wbcUserPasswordPolicyInfo **policy)
>+{
>+ WBC_SSSD_NOT_IMPLEMENTED;
>+}
>diff --git a/src/sss_client/libwbclient/wbc_pwd_sssd.c
b/src/sss_client/libwbclient/wbc_pwd_sssd.c
>new file mode 100644
>index 0000000..8f4f375
>--- /dev/null
>+++ b/src/sss_client/libwbclient/wbc_pwd_sssd.c
>@@ -0,0 +1,659 @@
>+/*
>+ Unix SMB/CIFS implementation.
>+
>+ Winbind client API - SSSD version
>+
>+ Copyright (C) Sumit Bose <sbose(a)redhat.com> 2014
>+
>+ This library is free software; you can redistribute it and/or
>+ modify it under the terms of the GNU Lesser General Public
>+ License as published by the Free Software Foundation; either
>+ version 3 of the License, or (at your option) any later version.
>+
>+ This library is distributed in the hope that it will be useful,
>+ but WITHOUT ANY WARRANTY; without even the implied warranty of
>+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
>+ Library General Public License for more details.
>+
>+ You should have received a copy of the GNU Lesser General Public License
>+ along with this program. If not, see <
http://www.gnu.org/licenses/>.
>+*/
>+/* Required Headers */
>+
//snip
>+/* Fill in a struct passwd* for a domain user based on username */
>+wbcErr wbcGetgrnam(const char *name, struct group **grp)
>+{
>+ struct group lgrp;
>+ enum nss_status status;
>+ char *newbuffer = NULL;
>+ char *buffer = NULL;
>+ size_t buflen = 0;
>+ wbcErr wbc_status;
>+ int nss_errno;
>+
>+ if (ctx == NULL && !open_libnss_sss()) {
>+ return WBC_ERR_NSS_ERROR;
>+ }
>+
>+ if (name == NULL || grp == NULL) {
>+ return WBC_ERR_INVALID_PARAM;
>+ }
>+
>+ do {
>+ if (buflen == 0) {
>+ buflen = DEFAULT_BUFSIZE;
>+ } else {
>+ buflen *= 2;
>+ }
I think next linkes look better:
buflen = DEFAULT_BUFSIZE / 2;
do {
buflen *= 2;
The same in function wbcGetgrgid and wbcGetgrent
>+ newbuffer = realloc(buffer, buflen);
>+ if (newbuffer == NULL) {
>+ free(buffer);
>+ return WBC_ERR_NO_MEMORY;
>+ }
>+ buffer = newbuffer;
>+
>+ memset(grp, 0, sizeof(struct group));
>+ status = ctx->getgrnam_r(name, &lgrp, buffer, buflen,
&nss_errno);
>+ wbc_status = nss_to_wbc(status);
>+ if (WBC_ERROR_IS_OK(wbc_status)) {
>+ wbc_status = copy_grp(&lgrp, grp);
>+ }
>+ } while (status == NSS_STATUS_TRYAGAIN && nss_errno == ERANGE \
>+ && buflen < MAX_BUFSIZE);
>+
>+ free(buffer);
>+
>+ return wbc_status;
>+}
>+
//snip
>+/* Return the unix group array belonging to the given user */
>+wbcErr wbcGetGroups(const char *account,
>+ uint32_t *num_groups,
>+ gid_t **_groups)
>+{
>+ wbcErr wbc_status;
>+ enum nss_status status;
>+ struct passwd *pwd;
>+ long int gr_size = 0;
>+ long int start = 0;
>+ gid_t *gids = NULL;
>+ int nss_errno;
>+
>+ wbc_status = wbcGetpwnam(account, &pwd);
>+ if (!WBC_ERROR_IS_OK(wbc_status)) {
>+ return wbc_status;
>+ }
>+
>+ gr_size = DEFAULT_BUFSIZE;
>+ gids = calloc(gr_size, sizeof(gid_t));
>+ if (gids == NULL) {
>+ wbc_status = WBC_ERR_NO_MEMORY;
>+ goto done;
>+ }
>+
>+ /* nss modules may skip the primary group when we pass it in so always
>+ * add it in advance */
>+ gids[0] = pwd->pw_gid;
>+ start++;
>+
>+ status = ctx->initgroups_dyn(pwd->pw_name, pwd->pw_gid, &start,
>+ &gr_size, &gids, -1, &nss_errno);
>+ wbc_status = nss_to_wbc(status);
>+ if (!WBC_ERROR_IS_OK(wbc_status)) {
>+ goto done;
//alocated memory in gids will be lost in done section
>+ }
>+
>+ *_groups = gids;
>+ *num_groups = start;
>+
>+ wbc_status = WBC_ERR_SUCCESS;
>+
>+done:
>+ wbcFreeMemory(pwd);
>+
>+ return wbc_status;
>+}
>diff --git a/src/sss_client/libwbclient/wbc_sid_sssd.c
b/src/sss_client/libwbclient/wbc_sid_sssd.c
>new file mode 100644
>index 0000000..699e1d3
>--- /dev/null
>+++ b/src/sss_client/libwbclient/wbc_sid_sssd.c
>@@ -0,0 +1,276 @@
>+/*
>+ Unix SMB/CIFS implementation.
>+
>+ Winbind client API - SSSD version
>+
>+ Copyright (C) Sumit Bose <sbose(a)redhat.com> 2014
>+
>+ This library is free software; you can redistribute it and/or
>+ modify it under the terms of the GNU Lesser General Public
>+ License as published by the Free Software Foundation; either
>+ version 3 of the License, or (at your option) any later version.
>+
>+ This library is distributed in the hope that it will be useful,
>+ but WITHOUT ANY WARRANTY; without even the implied warranty of
>+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
>+ Library General Public License for more details.
>+
>+ You should have received a copy of the GNU Lesser General Public License
>+ along with this program. If not, see <
http://www.gnu.org/licenses/>.
>+*/
>+
>+/* Required Headers */
>+#define _GNU_SOURCE /* for asprintf */
Could you include "config.h" instaead of using _GNU_SOURCE?
All necessary macros for extensions should be detected in config.h.
>+#include <stdio.h>
>+
>+#include <errno.h>
>+
>+#include <sss_nss_idmap.h>
s/<sss_nss_idmap.h>/"sss_nss_idmap.h"/
This is the same situation as in wbc_idmap_sssd.c
>+
>+#include "libwbclient.h"
>+#include "wbc_sssd_internal.h"
>+
>+static int sss_id_type_to_wbcSidType(enum sss_id_type sss_type,
>+ enum wbcSidType *name_type)
>+{
>+ switch (sss_type) {
>+ case SSS_ID_TYPE_NOT_SPECIFIED:
>+ *name_type = WBC_SID_NAME_USE_NONE;
>+ break;
//snip
>+/* Convert a SID to a domain and name */
>+wbcErr wbcLookupSid(const struct wbcDomainSid *sid,
>+ char **pdomain,
>+ char **pname,
>+ enum wbcSidType *pname_type)
>+{
>+ char *str_sid;
>+ char *fq_name = NULL;
>+ enum sss_id_type type;
>+ int ret;
>+ char *p;
>+ wbcErr wbc_status;
>+
>+ wbc_status = wbcSidToString(sid, &str_sid);
>+ if (!WBC_ERROR_IS_OK(wbc_status)) {
>+ return wbc_status;
>+ }
>+
>+ ret = sss_nss_getnamebysid(str_sid, &fq_name, &type);
>+ wbcFreeMemory(str_sid);
>+ if (ret != 0) {
>+ return WBC_ERR_UNKNOWN_FAILURE;
>+ }
>+
>+ ret = sss_id_type_to_wbcSidType(type, pname_type);
>+ if (ret != 0) {
>+ wbc_status = WBC_ERR_UNKNOWN_FAILURE;
>+ goto done;
>+ }
>+
>+ /* TODO: it would be nice to have a sss_nss_getnamebysid() call which
>+ * return name and domain separately. */
>+ p = strchr(fq_name, '@');
>+ if (p == NULL) {
>+ wbc_status = WBC_ERR_UNKNOWN_FAILURE;
>+ goto done;
>+ }
>+
>+ *p = '\0';
>+ *pname = wbcStrDup(fq_name);
>+ if (*pname == NULL) {
>+ wbc_status = WBC_ERR_NO_MEMORY;
>+ goto done;
>+ }
>+
>+ *pdomain = wbcStrDup(p + 1);
>+ if (*pdomain == NULL) {
>+ wbc_status = WBC_ERR_NO_MEMORY;
>+ goto done;
there would be memory leak, because *pname is not freed.
>+ }
>+
>+ wbc_status = WBC_ERR_SUCCESS;
>+done:
>+ free(fq_name);
>+ return wbc_status;
>+}
>+
>diff --git a/src/sss_client/libwbclient/wbc_sssd_internal.h
b/src/sss_client/libwbclient/wbc_sssd_internal.h
>new file mode 100644
>index 0000000..e20de48
>--- /dev/null
>+++ b/src/sss_client/libwbclient/wbc_sssd_internal.h
>@@ -0,0 +1,41 @@
>+/*
>+ Unix SMB/CIFS implementation.
>+
>+ Winbind client API - SSSD version
>+
>+ Copyright (C) Sumit Bose <sbose(a)redhat.com> 2014
>+
>+ This library is free software; you can redistribute it and/or
>+ modify it under the terms of the GNU Lesser General Public
>+ License as published by the Free Software Foundation; either
>+ version 3 of the License, or (at your option) any later version.
>+
>+ This library is distributed in the hope that it will be useful,
>+ but WITHOUT ANY WARRANTY; without even the implied warranty of
>+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
>+ Library General Public License for more details.
>+
>+ You should have received a copy of the GNU Lesser General Public License
>+ along with this program. If not, see <
http://www.gnu.org/licenses/>.
>+*/
>+
>+#ifndef _WBC_SSSD_INTERNAL_H
>+#define _WBC_SSSD_INTERNAL_H
>+
>+#include <syslog.h>
>+
>+#include "libwbclient.h"
>+
>+#if defined(DEVELOPER)
>+#define WBC_SSSD_DEV_LOG syslog(LOG_DEBUG, "libwbclient_sssd: %s",
__FUNCTION__);
Would _FILE__, __LINE__ be useful here?
>+#else
>+#define WBC_SSSD_DEV_LOG
>+#endif
>+
>+#define WBC_SSSD_NOT_IMPLEMENTED \
>+ do { \
>+ WBC_SSSD_DEV_LOG; \
>+ return WBC_ERR_NOT_IMPLEMENTED; \
>+ } while(0)
>+
>+#endif /* _WBC_SSSD_INTERNAL_H */
>src/sss_client/libwbclient/wbclient.exports
>WBCLIENT_0.9 {
> global:
> wbcGetpwuid;
> wbcLogoffUser;
> wbcSidToStringBuf;
> wbcLogonUser;
> wbcGetgrgid;
> wbcSetGidMapping;
> wbcQueryGidToSid;
> wbcListTrusts;
> wbcGetGroups;
> wbcDomainInfo;
> wbcSidToGid;
> wbcLookupRids;
> wbcCredentialCache;
> wbcDcInfo;
> wbcAuthenticateUserEx;
> wbcGetpwent;
> wbcGetSidAliases;
> wbcGetDisplayName;
> wbcAllocateUid;
> wbcSidToUid;
> wbcChangeTrustCredentials;
> wbcGetpwsid;
> wbcPingDc;
> wbcAllocateStringArray;
> wbcErrorString;
> wbcStringToGuid;
> wbcStrDup;
> wbcGetgrnam;
> wbcGetgrlist;
> wbcListUsers;
> wbcRemoveUidMapping;
> wbcLookupDomainController;
> wbcRemoveGidMapping;
> wbcSidTypeString;
> wbcAllocateMemory;
> wbcInterfaceDetails;
> wbcCheckTrustCredentials;
> wbcListGroups;
> wbcLookupUserSids;
> wbcResolveWinsByName;
> wbcSetpwent;
> wbcSetUidHwm;
> wbcSidsToUnixIds;
> wbcQuerySidToGid;
> wbcChangeUserPasswordEx;
> wbcPing;
> wbcQueryUidToSid;
> wbcEndpwent;
> wbcLibraryDetails;
> wbcSetgrent;
> wbcLookupName;
> wbcChangeUserPassword;
> wbcSetGidHwm;
> wbcAddNamedBlob;
> wbcGuidToString;
> wbcLookupSids;
> wbcRequestResponsePriv;
> wbcAllocateGid;
> wbcFreeMemory;
> wbcResolveWinsByIP;
> wbcRequestResponse;
> wbcStringToSid;
> wbcLookupSid;
> wbcCredentialSave;
> wbcGidToSid;
> wbcQuerySidToUid;
> wbcEndgrent;
> wbcGetgrent;
> wbcAuthenticateUser;
> wbcGetpwnam;
> wbcLookupDomainControllerEx;
> wbcLogoffUserEx;
> wbcSetUidMapping;
> wbcSidToString;
> wbcUidToSid;
>};
>
>WBCLIENT_0.10 {
> global:
> wbcPingDc2;
>} WBCLIENT_0.9;
>
>WBCLIENT_0.11 {
> global:
> wbc*;
> local:
> *;
^^^^^^
In most libraries, local: is in 1st version. (@see libraries in systemd:-)
>};
I checked original libwbclient library and the last version does not have any
functions. It can be empty e.g. "WBCLIENT_0.11 {};"
sh-4.2$ readelf --dyn-syms /usr/lib64/libwbclient.so.0 | grep WBCLIENT_0.1
30: 0000000000003890 272 FUNC GLOBAL DEFAULT 12 wbcPingDc2@(a)WBCLIENT_0.10
61: 0000000000000000 0 OBJECT GLOBAL DEFAULT ABS WBCLIENT_0.10
68: 0000000000000000 0 OBJECT GLOBAL DEFAULT ABS WBCLIENT_0.11
There is cast-align warning
../sssd/src/sss_client/libwbclient/wbclient_common.c:85:12: error: cast from 'char
*' to
'struct wbcMemPrefix *' increases required alignment from 1 to 8
[-Werror,-Wcast-align]
return (struct wbcMemPrefix *)(((char *)ptr) - wbcPrefixLen());
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
Next diff should fix problem. We needn't include util_safealign if you don't
want, because this file is from samba.
--- a/src/sss_client/libwbclient/wbclient_common.c
+++ b/src/sss_client/libwbclient/wbclient_common.c
@@ -23,6 +23,7 @@
/* Required Headers */
#include "libwbclient.h"
+#include "util/util_safealign.h"
/** @brief Translate an error value into a string
*
@@ -82,7 +83,7 @@ static size_t wbcPrefixLen(void)
static struct wbcMemPrefix *wbcMemToPrefix(void *ptr)
{
- return (struct wbcMemPrefix *)(((char *)ptr) - wbcPrefixLen());
+ return DISCARD_ALIGN(((char *)ptr) - wbcPrefixLen(), struct wbcMemPrefix*);
}
void *wbcAllocateMemory(size_t nelem, size_t elsize,