static RET_CODE ads_dvbad_module_init(void)
{
  RET_CODE ret = ERR_FAILURE;

  module_config.channel_frequency = ad_maintp.tp_freq;
  module_config.channel_symbolrate = ad_maintp.tp_sym;
  module_config.channel_qam = ad_maintp.nim_modulate;

  module_config.flash_size = (u32)DVB_LOGO_MAX_LEN;
  module_config.flash_start_addr = (u8*)DVB_LOGO_START_ADDR;
  module_config.pic_in = ADS_PIC_IN_SDRAM;
  module_config.task_priority = PRIORITY_LEVEL_DEFAULT;
  module_config.platform_type = ADS_PLATFORM_SD;
  DVB_ADS_PRINTF("ADS:ads_module_config.flash_start_adr= 0x%x, flash_size = 0x%x \n", (unsigned int)module_config.flash_start_addr, (unsigned int)module_config.flash_size);
  //according to the different ad to get the ads_id which will be used in the other func
  ads_id = ads_adt_dvbad_attach(IN &module_config);

  ret=ads_init(ads_id,&module_config);
  if(ret != SUCCESS)
  {
    return ret;
  }
  ret = ads_open(ads_id);
  if (ret != SUCCESS)
	return ret;
  GxCore_ThreadDelay(100);
  memset(version,0,25);
  ads_io_ctrl(ads_id, ADS_IOCMD_AD_VERSION_GET, version);
  DVB_ADS_PRINTF("ad Version:%s\n",version);
  return SUCCESS;
}
int main( int argc, char **argv )
{
    _DBG( ( "Calling ads_init()\r\n" ) );
    ads_init( argc, argv );
    _DBG( ( "After ads_init()\r\n" ) );

#else

int main( void )
{

#endif

    _DBG(("Calling Initialize\n"));
    Initialize();
    _DBG(("Calling RemoteConnect\n"));
    RemoteConnect();
    _DBG(("Calling Session\n"));
    Session();
    _DBG(("Calling TrapFini\n"));
    TrapFini();
    _DBG(("Calling RemoteDisco\n"));
    RemoteDisco();
    _DBG(("Calling RemoteUnLink\n"));
    RemoteUnLinkX();
    _DBG(("After calling RemoteUnLink\n"));
#ifdef ACAD
    LetACADDie();
#endif
    return( 0 );
}
Exemple #3
0
static int net_ads_info(int argc, const char **argv)
{
	ADS_STRUCT *ads;

	ads = ads_init(NULL, opt_target_workgroup, opt_host);

	if (ads) {
		ads->auth.flags |= ADS_AUTH_NO_BIND;
	}

	ads_connect(ads);

	if (!ads || !ads->config.realm) {
		d_printf("Didn't find the ldap server!\n");
		return -1;
	}

	d_printf("LDAP server: %s\n", inet_ntoa(ads->ldap_ip));
	d_printf("LDAP server name: %s\n", ads->config.ldap_server_name);
	d_printf("Realm: %s\n", ads->config.realm);
	d_printf("Bind Path: %s\n", ads->config.bind_path);
	d_printf("LDAP port: %d\n", ads->ldap_port);
	d_printf("Server time: %s\n", http_timestring(ads->config.current_time));

	d_printf("KDC server: %s\n", ads->auth.kdc_server );
	d_printf("Server time offset: %d\n", ads->auth.time_offset );

	return 0;
}
WERROR nt_printer_guid_retrieve(TALLOC_CTX *mem_ctx, const char *printer,
				struct GUID *pguid)
{
	ADS_STRUCT *ads = NULL;
	char *old_krb5ccname = NULL;
	char *printer_dn;
	WERROR result;
	ADS_STATUS ads_status;
	TALLOC_CTX *tmp_ctx;

	tmp_ctx = talloc_new(mem_ctx);
	if (tmp_ctx == NULL) {
		return WERR_NOMEM;
	}

	ads = ads_init(lp_realm(), lp_workgroup(), NULL);
	if (ads == NULL) {
		result = WERR_SERVER_UNAVAILABLE;
		goto out;
	}

	old_krb5ccname = getenv(KRB5_ENV_CCNAME);
	setenv(KRB5_ENV_CCNAME, "MEMORY:prtpub_cache", 1);
	SAFE_FREE(ads->auth.password);
	ads->auth.password = secrets_fetch_machine_password(lp_workgroup(),
							    NULL, NULL);

	ads_status = ads_connect(ads);
	if (!ADS_ERR_OK(ads_status)) {
		DEBUG(3, ("ads_connect failed: %s\n", ads_errstr(ads_status)));
		result = WERR_ACCESS_DENIED;
		goto out;
	}

	result = nt_printer_dn_lookup(tmp_ctx, ads, printer, &printer_dn);
	if (!W_ERROR_IS_OK(result)) {
		goto out;
	}

	result = nt_printer_guid_retrieve_internal(ads, printer_dn, pguid);
out:
	TALLOC_FREE(tmp_ctx);
	ads_destroy(&ads);
	ads_kdestroy("MEMORY:prtpub_cache");
	unsetenv(KRB5_ENV_CCNAME);
	if (old_krb5ccname != NULL) {
		setenv(KRB5_ENV_CCNAME, old_krb5ccname, 0);
	}

	return result;
}
Exemple #5
0
/*
  this implements the CLDAP based netlogon lookup requests
  for finding the domain controller of a ADS domain
*/
static int net_ads_lookup(int argc, const char **argv)
{
	ADS_STRUCT *ads;

	ads = ads_init(NULL, opt_target_workgroup, opt_host);
	if (ads) {
		ads->auth.flags |= ADS_AUTH_NO_BIND;
	}

	ads_connect(ads);

	if (!ads || !ads->config.realm) {
		d_printf("Didn't find the cldap server!\n");
		return -1;
	}

	return ads_cldap_netlogon(ads);
}
Exemple #6
0
static RET_CODE ads_xsm_module_init()
{
#ifndef WIN32
  RET_CODE ret = ERR_FAILURE;

  module_config.channel_frequency = ad_maintp.tp_freq;
  module_config.channel_symbolrate = ad_maintp.tp_sym;
  module_config.channel_qam = ad_maintp.nim_modulate;

  module_config.flash_start_adr= dm_get_block_addr(class_get_handle_by_id(DM_CLASS_ID), DEC_RW_ADS_BLOCK_ID);
  //module_config.flash_start_adr= 0;

  module_config.nvram_read= nvram_read;
  module_config.nvram_write= nvram_write;
  module_config.nvram_erase= nvram_erase;
  module_config.nvram_erase2 = nvram_erase2;
  module_config.flash_size= dm_get_block_size(class_get_handle_by_id(DM_CLASS_ID), DEC_RW_ADS_BLOCK_ID);
  module_config.p_dmx_dev = dev_find_identifier(NULL, DEV_IDT_TYPE, SYS_DEV_TYPE_PTI);
  module_config.pic_in = ADS_PIC_IN_SDRAM;
  module_config.task_prio_start= AD_TASK_PRIO_START;
  module_config.task_prio_end= AD_TASK_PRIO_END;
  module_config.display_ad = ui_adv_xsm_display;
  module_config.hide_ad = ui_adv_xsm_hide;
  module_config.read_gif = ui_adv_set_pic;
  module_config.platform_type = ADS_PLATFORM_SD;

  OS_PRINTF("ADS:ads_module_config.flash_start_adr===0x%x, flash_size = 0x%x \n",   module_config.flash_start_adr, module_config.flash_size);

  ret = ads_adt_xsm_attach(&module_config, &adm_id);

  MT_ASSERT(SUCCESS == ret);

  ret=ads_init(ADS_ID_ADT_XSM, &module_config);
  if(ret != SUCCESS)
  {
    return ret;
  }

  ads_module_open(ADS_ID_ADT_XSM);
  mtos_task_delay_ms(100);

  return SUCCESS;
#endif
}
static BOOL ads_dc_name(const char *domain, const char *realm, struct in_addr *dc_ip, fstring srv_name)
{
#if 1 /* AR7 */
	return False;
#else 
	ADS_STRUCT *ads;

	if (!realm && strequal(domain, lp_workgroup()))
		realm = lp_realm();

	ads = ads_init(realm, domain, NULL);
	if (!ads)
		return False;

	DEBUG(4,("ads_dc_name: domain=%s\n", domain));

#ifdef HAVE_ADS
	/* we don't need to bind, just connect */
	ads->auth.flags |= ADS_AUTH_NO_BIND;

	ads_connect(ads);
#endif

	if (!ads->config.realm) {
		ads_destroy(&ads);
		return False;
	}

	fstrcpy(srv_name, ads->config.ldap_server_name);
	strupper_m(srv_name);
	*dc_ip = ads->ldap_ip;
	ads_destroy(&ads);
	
	DEBUG(4,("ads_dc_name: using server='%s' IP=%s\n",
		 srv_name, inet_ntoa(*dc_ip)));
	
	return True;
#endif /* AR7 */
}
Exemple #8
0
static NTSTATUS _idmap_adex_init(struct idmap_domain *dom)
{
	ADS_STRUCT *ads = NULL;
	ADS_STATUS status;
	static NTSTATUS init_status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
	struct dom_sid domain_sid;
	fstring dcname;
	struct sockaddr_storage ip;
	struct likewise_cell *lwcell;

	if (NT_STATUS_IS_OK(init_status))
		return NT_STATUS_OK;

	/* Silently fail if we are not a member server in security = ads */

	if ((lp_server_role() != ROLE_DOMAIN_MEMBER) ||
	    (lp_security() != SEC_ADS)) {
		init_status = NT_STATUS_INVALID_SERVER_STATE;
		BAIL_ON_NTSTATUS_ERROR(init_status);
	}

	/* fetch our domain SID first */

	if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) {
		init_status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
		BAIL_ON_NTSTATUS_ERROR(init_status);
	}

	/* reuse the same ticket cache as winbindd */

	setenv("KRB5CCNAME", WINBIND_CCACHE_NAME, 1);

	/* Establish a connection to a DC */

	if ((ads = ads_init(lp_realm(), lp_workgroup(), NULL)) == NULL) {
		init_status = NT_STATUS_NO_MEMORY;
		BAIL_ON_NTSTATUS_ERROR(init_status);
	}

	ads->auth.password =
	    secrets_fetch_machine_password(lp_workgroup(), NULL, NULL);
	ads->auth.realm = SMB_STRDUP(lp_realm());

	/* get the DC name here to setup the server affinity cache and
	   local krb5.conf */

	get_dc_name(lp_workgroup(), lp_realm(), dcname, &ip);

	status = ads_connect(ads);
	if (!ADS_ERR_OK(status)) {
		DEBUG(0, ("_idmap_adex_init: ads_connect() failed! (%s)\n",
			  ads_errstr(status)));
	}
	init_status = ads_ntstatus(status);
	BAIL_ON_NTSTATUS_ERROR(init_status);


	/* Find out cell membership */

	init_status = cell_locate_membership(ads);
	if (!NT_STATUS_IS_OK(init_status)) {
		DEBUG(0,("LWI: Fail to locate cell membership (%s).",
			 nt_errstr(init_status)));
		goto done;
	}

	/* Fill in the cell information */

	lwcell = cell_list_head();

	init_status = cell_lookup_settings(lwcell);
	BAIL_ON_NTSTATUS_ERROR(init_status);

	/* Miscellaneous setup.  E.g. set up the list of GC
	   servers and domain list for our forest (does not actually
	   connect). */

	init_status = gc_init_list();
	BAIL_ON_NTSTATUS_ERROR(init_status);

	init_status = domain_init_list();
	BAIL_ON_NTSTATUS_ERROR(init_status);

done:
	if (!NT_STATUS_IS_OK(init_status)) {
		DEBUG(1,("Likewise initialization failed (%s)\n",
			 nt_errstr(init_status)));
	}

	/* cleanup */

	if (!NT_STATUS_IS_OK(init_status)) {
		cell_list_destroy();

		/* init_status stores the failure reason but we need to
		   return success or else idmap_init() will drop us from the
		   backend list */
		return NT_STATUS_OK;
	}

	init_status = NT_STATUS_OK;

	return init_status;
}
Exemple #9
0
static BOOL ads_dc_name(const char *domain,
			const char *realm,
			struct in_addr *dc_ip,
			fstring srv_name)
{
#if 1 /* AVM */
	return False;
#else 
	ADS_STRUCT *ads;
	char *sitename;
	int i;

	if (!realm && strequal(domain, lp_workgroup())) {
		realm = lp_realm();
	}

	sitename = sitename_fetch(realm);

	/* Try this 3 times then give up. */
	for( i =0 ; i < 3; i++) {
		ads = ads_init(realm, domain, NULL);
		if (!ads) {
			SAFE_FREE(sitename);
			return False;
		}

		DEBUG(4,("ads_dc_name: domain=%s\n", domain));

#ifdef HAVE_ADS
		/* we don't need to bind, just connect */
		ads->auth.flags |= ADS_AUTH_NO_BIND;
		ads_connect(ads);
#endif

		if (!ads->config.realm) {
			SAFE_FREE(sitename);
			ads_destroy(&ads);
			return False;
		}

		/* Now we've found a server, see if our sitename
		   has changed. If so, we need to re-do the DNS query
		   to ensure we only find servers in our site. */

		if (stored_sitename_changed(realm, sitename)) {
			SAFE_FREE(sitename);
			sitename = sitename_fetch(realm);
			ads_destroy(&ads);
			/* Ensure we don't cache the DC we just connected to. */
			namecache_delete(realm, 0x1C);
			namecache_delete(domain, 0x1C);
			continue;
		}

#ifdef HAVE_KRB5
		if (is_our_primary_domain(domain) && (ads->config.flags & ADS_KDC)) {
			if (ads_closest_dc(ads)) {
				/* We're going to use this KDC for this realm/domain.
				   If we are using sites, then force the krb5 libs
				   to use this KDC. */

				create_local_private_krb5_conf_for_domain(realm,
									domain,
									sitename,
									ads->ldap_ip);
			} else {
				/* use an off site KDC */
				create_local_private_krb5_conf_for_domain(realm,
									domain,
									NULL,
									ads->ldap_ip);
			}
		}
#endif
		break;
	}

	if (i == 3) {
		DEBUG(1,("ads_dc_name: sitename (now \"%s\") keeps changing ???\n",
			sitename ? sitename : ""));
		SAFE_FREE(sitename);
		return False;
	}

	SAFE_FREE(sitename);

	fstrcpy(srv_name, ads->config.ldap_server_name);
	strupper_m(srv_name);
	*dc_ip = ads->ldap_ip;
	ads_destroy(&ads);
	
	DEBUG(4,("ads_dc_name: using server='%s' IP=%s\n",
		 srv_name, inet_ntoa(*dc_ip)));
	
	return True;
#endif /* AVM */
}
Exemple #10
0
/*
  return our ads connections structure for a domain. We keep the connection
  open to make things faster
*/
static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
{
	ADS_STRUCT *ads;
	ADS_STATUS status;
	fstring dc_name;
	struct sockaddr_storage dc_ss;

	DEBUG(10,("ads_cached_connection\n"));

	if (domain->private_data) {

		time_t expire;
		time_t now = time(NULL);

		/* check for a valid structure */
		ads = (ADS_STRUCT *)domain->private_data;

		expire = MIN(ads->auth.tgt_expire, ads->auth.tgs_expire);

		DEBUG(7, ("Current tickets expire in %d seconds (at %d, time is now %d)\n",
			  (uint32)expire-(uint32)now, (uint32) expire, (uint32) now));

		if ( ads->config.realm && (expire > now)) {
			return ads;
		} else {
			/* we own this ADS_STRUCT so make sure it goes away */
			DEBUG(7,("Deleting expired krb5 credential cache\n"));
			ads->is_mine = True;
			ads_destroy( &ads );
			ads_kdestroy("MEMORY:winbind_ccache");
			domain->private_data = NULL;
		}
	}

	/* we don't want this to affect the users ccache */
	setenv("KRB5CCNAME", "MEMORY:winbind_ccache", 1);

	ads = ads_init(domain->alt_name, domain->name, NULL);
	if (!ads) {
		DEBUG(1,("ads_init for domain %s failed\n", domain->name));
		return NULL;
	}

	/* the machine acct password might have change - fetch it every time */

	SAFE_FREE(ads->auth.password);
	SAFE_FREE(ads->auth.realm);

	if ( IS_DC ) {

		if ( !pdb_get_trusteddom_pw( domain->name, &ads->auth.password, NULL, NULL ) ) {
			ads_destroy( &ads );
			return NULL;
		}
		ads->auth.realm = SMB_STRDUP( ads->server.realm );
		strupper_m( ads->auth.realm );
	}
	else {
		struct winbindd_domain *our_domain = domain;

		ads->auth.password = secrets_fetch_machine_password(lp_workgroup(), NULL, NULL);

		/* always give preference to the alt_name in our
		   primary domain if possible */

		if ( !domain->primary )
			our_domain = find_our_domain();

		if ( our_domain->alt_name[0] != '\0' ) {
			ads->auth.realm = SMB_STRDUP( our_domain->alt_name );
			strupper_m( ads->auth.realm );
		}
		else
			ads->auth.realm = SMB_STRDUP( lp_realm() );
	}

	ads->auth.renewable = WINBINDD_PAM_AUTH_KRB5_RENEW_TIME;

	/* Setup the server affinity cache.  We don't reaally care
	   about the name.  Just setup affinity and the KRB5_CONFIG
	   file. */

	get_dc_name( ads->server.workgroup, ads->server.realm, dc_name, &dc_ss );

	status = ads_connect(ads);
	if (!ADS_ERR_OK(status) || !ads->config.realm) {
		DEBUG(1,("ads_connect for domain %s failed: %s\n",
			 domain->name, ads_errstr(status)));
		ads_destroy(&ads);

		/* if we get ECONNREFUSED then it might be a NT4
                   server, fall back to MSRPC */
		if (status.error_type == ENUM_ADS_ERROR_SYSTEM &&
		    status.err.rc == ECONNREFUSED) {
			/* 'reconnect_methods' is the MS-RPC backend. */
			DEBUG(1,("Trying MSRPC methods\n"));
			domain->backend = &reconnect_methods;
		}
		return NULL;
	}

	/* set the flag that says we don't own the memory even
	   though we do so that ads_destroy() won't destroy the
	   structure we pass back by reference */

	ads->is_mine = False;

	domain->private_data = (void *)ads;
	return ads;
}
Exemple #11
0
 NTSTATUS cell_connect(struct likewise_cell *c)
{
	ADS_STRUCT *ads = NULL;
	ADS_STATUS ads_status;
	fstring dc_name;
	struct sockaddr_storage dcip;
	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;

	/* have to at least have the AD domain name */

	if (!c->dns_domain) {
		nt_status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
		BAIL_ON_NTSTATUS_ERROR(nt_status);
	}

	/* clear out any old information */

	if (c->conn) {
		ads_destroy(&c->conn);
		c->conn = NULL;
	}

	/* now setup the new connection */

	ads = ads_init(c->dns_domain, NULL, NULL);
	BAIL_ON_PTR_ERROR(ads, nt_status);

	ads->auth.password =
	    secrets_fetch_machine_password(lp_workgroup(), NULL, NULL);
	ads->auth.realm = SMB_STRDUP(lp_realm());

	/* Make the connection.  We should already have an initial
	   TGT using the machine creds */

	if (cell_flags(c) & LWCELL_FLAG_GC_CELL) {
		ads_status = ads_connect_gc(ads);
	} else {
	  /* Set up server affinity for normal cells and the client
	     site name cache */

	  if (!get_dc_name("", c->dns_domain, dc_name, &dcip)) {
	    nt_status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
	    BAIL_ON_NTSTATUS_ERROR(nt_status);
	  }

	  ads_status = ads_connect(ads);
	}


	c->conn = ads;

	nt_status = ads_ntstatus(ads_status);

done:
	if (!NT_STATUS_IS_OK(nt_status)) {
		ads_destroy(&ads);
		c->conn = NULL;
	}

	return nt_status;
}
Exemple #12
0
WERROR NetGetJoinableOUs_l(struct libnetapi_ctx *ctx,
			   struct NetGetJoinableOUs *r)
{
#ifdef WITH_ADS
	NTSTATUS status;
	ADS_STATUS ads_status;
	ADS_STRUCT *ads = NULL;
	struct netr_DsRGetDCNameInfo *info = NULL;
	const char *dc = NULL;
	uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED |
			 DS_RETURN_DNS_NAME;

	status = dsgetdcname(ctx, NULL, r->in.domain,
			     NULL, NULL, flags, &info);
	if (!NT_STATUS_IS_OK(status)) {
		libnetapi_set_error_string(ctx, "%s",
			get_friendly_nt_error_msg(status));
		return ntstatus_to_werror(status);
	}

	dc = strip_hostname(info->dc_unc);

	ads = ads_init(info->domain_name, info->domain_name, dc);
	if (!ads) {
		return WERR_GENERAL_FAILURE;
	}

	SAFE_FREE(ads->auth.user_name);
	if (r->in.account) {
		ads->auth.user_name = SMB_STRDUP(r->in.account);
	} else if (ctx->username) {
		ads->auth.user_name = SMB_STRDUP(ctx->username);
	}

	SAFE_FREE(ads->auth.password);
	if (r->in.password) {
		ads->auth.password = SMB_STRDUP(r->in.password);
	} else if (ctx->password) {
		ads->auth.password = SMB_STRDUP(ctx->password);
	}

	ads_status = ads_connect_user_creds(ads);
	if (!ADS_ERR_OK(ads_status)) {
		ads_destroy(&ads);
		return WERR_DEFAULT_JOIN_REQUIRED;
	}

	ads_status = ads_get_joinable_ous(ads, ctx,
					  (char ***)r->out.ous,
					  (size_t *)r->out.ou_count);
	if (!ADS_ERR_OK(ads_status)) {
		ads_destroy(&ads);
		return WERR_DEFAULT_JOIN_REQUIRED;
	}

	ads_destroy(&ads);
	return WERR_OK;
#else
	return WERR_NOT_SUPPORTED;
#endif
}
Exemple #13
0
//extern void ads_show_logo(void);
RET_CODE ads_module_init(void)
{
#ifndef WIN32
  RET_CODE ret = ERR_FAILURE;

  OS_PRINTF("ADS: ise==init enter\n" );

  //customize ads
  ads_event_info_t event_info;
  ads_event_id_t  ads_event = ADS_EVT_NONE;
  u32 bticks=0;
  u32 adm_id;

  module_config.channel_frequency = ad_maintp.tp_freq;
  module_config.channel_symbolrate = ad_maintp.tp_sym;
  module_config.channel_qam = ad_maintp.nim_modulate;

  module_config.flash_start_adr= dm_get_block_addr(class_get_handle_by_id(DM_CLASS_ID), LOGO_BLOCK_ID_M3);
  //module_config.p_dmx_dev = dev_find_identifier(NULL, DEV_IDT_TYPE, SYS_DEV_TYPE_PTI);
  module_config.nvram_read= nvram_read;
  module_config.nvram_write= nvram_write;
  module_config.nvram_erase= nvram_erase;
  module_config.flash_size= dm_get_block_size(class_get_handle_by_id(DM_CLASS_ID), LOGO_BLOCK_ID_M3);
  module_config.pic_in = ADS_PIC_IN_SDRAM;
  module_config.task_prio_start= AD_TASK_PRIO_START;
  module_config.task_prio_end= AD_TASK_PRIO_END;
  module_config.read_gif = ui_adv_set_pic;
  module_config.read_float= ui_adv_set_float;

  OS_PRINTF("ADS: task_prio_start\n" );
  OS_PRINTF("ADS:module_config.flash_start_adr===0x%x\n",   module_config.flash_start_adr);

  ret = ads_adt_qz_attach(&module_config, &adm_id);
  MT_ASSERT(SUCCESS == ret);

  ret=ads_init(adm_id,&module_config);
  if(ret != SUCCESS && ret != ERR_TIMEOUT)
  {
    return ret;
  }
  //ads_show_logo();
  //MT_ASSERT(SUCCESS == ret);

  bticks = mtos_ticks_get();
  ret = ads_io_ctrl(adm_id, ADS_IOCMD_AD_SEARCH_SET, &module_config);
  OS_PRINTF("ADS: ioctrl ret===%d\n", ret);

  while(1)
  {
    ads_event_polling(&event_info);
    ads_event = ads_event_parse(event_info.events[adm_id]);

    //OS_PRINTF("ads_module_init while 1\n");

    if(ads_event == ADS_S_ADSERACH_FINISHED)
    {
      break;
    }
    if ((mtos_ticks_get() - bticks) > 2000)
    {
      ret = ads_io_ctrl(ADS_ID_ADT_QZ, ADS_IOCMD_AD_EXIT_TIMEOUT, NULL);
      OS_PRINTF("ADS: search time out");
    }

    mtos_task_sleep(500);
  }
  OS_PRINTF("ads_module_init while 4\n");
  ads_module_open(adm_id);
  mtos_task_delay_ms(100);
  ret = SUCCESS;
  return ret; 
#endif
}
Exemple #14
0
/**
 * @brief Establish a connection to a DC
 *
 * @param[out]   adsp             ADS_STRUCT that will be created
 * @param[in]    target_realm     Realm of domain to connect to
 * @param[in]    target_dom_name  'workgroup' name of domain to connect to
 * @param[in]    ldap_server      DNS name of server to connect to
 * @param[in]    password         Our machine acount secret
 * @param[in]    auth_realm       Realm of local domain for creating krb token
 * @param[in]    renewable        Renewable ticket time
 *
 * @return ADS_STATUS
 */
static ADS_STATUS ads_cached_connection_connect(ADS_STRUCT **adsp,
						const char *target_realm,
						const char *target_dom_name,
						const char *ldap_server,
						char *password,
						char *auth_realm,
						time_t renewable)
{
	ADS_STRUCT *ads;
	ADS_STATUS status;
	struct sockaddr_storage dc_ss;
	fstring dc_name;

	if (auth_realm == NULL) {
		return ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
	}

	/* we don't want this to affect the users ccache */
	setenv("KRB5CCNAME", WINBIND_CCACHE_NAME, 1);

	ads = ads_init(target_realm, target_dom_name, ldap_server);
	if (!ads) {
		DEBUG(1,("ads_init for domain %s failed\n", target_dom_name));
		return ADS_ERROR(LDAP_NO_MEMORY);
	}

	SAFE_FREE(ads->auth.password);
	SAFE_FREE(ads->auth.realm);

	ads->auth.renewable = renewable;
	ads->auth.password = password;

	ads->auth.flags |= ADS_AUTH_ALLOW_NTLMSSP;

	ads->auth.realm = SMB_STRDUP(auth_realm);
	if (!strupper_m(ads->auth.realm)) {
		ads_destroy(&ads);
		return ADS_ERROR_NT(NT_STATUS_INTERNAL_ERROR);
	}

	/* Setup the server affinity cache.  We don't reaally care
	   about the name.  Just setup affinity and the KRB5_CONFIG
	   file. */
	get_dc_name(ads->server.workgroup, ads->server.realm, dc_name, &dc_ss);

	status = ads_connect(ads);
	if (!ADS_ERR_OK(status)) {
		DEBUG(1,("ads_connect for domain %s failed: %s\n",
			 target_dom_name, ads_errstr(status)));
		ads_destroy(&ads);
		return status;
	}

	/* set the flag that says we don't own the memory even
	   though we do so that ads_destroy() won't destroy the
	   structure we pass back by reference */

	ads->is_mine = False;

	*adsp = ads;

	return status;
}
Exemple #15
0
static int net_ads_password(int argc, const char **argv)
{
	ADS_STRUCT *ads;
	const char *auth_principal = opt_user_name;
	const char *auth_password = opt_password;
	char *realm = NULL;
	char *new_password = NULL;
	char *c, *prompt;
	const char *user;
	ADS_STATUS ret;

	if (opt_user_name == NULL || opt_password == NULL) {
		d_printf("You must supply an administrator username/password\n");
		return -1;
	}

	if (argc < 1) {
		d_printf("ERROR: You must say which username to change password for\n");
		return -1;
	}

	user = argv[0];
	if (!strchr_m(user, '@')) {
		asprintf(&c, "%s@%s", argv[0], lp_realm());
		user = c;
	}

	use_in_memory_ccache();    
	c = strchr(auth_principal, '@');
	if (c) {
		realm = ++c;
	} else {
		realm = lp_realm();
	}

	/* use the realm so we can eventually change passwords for users 
	in realms other than default */
	if (!(ads = ads_init(realm, NULL, NULL))) {
		return -1;
	}

	/* we don't actually need a full connect, but it's the easy way to
		fill in the KDC's addresss */
	ads_connect(ads);
    
	if (!ads || !ads->config.realm) {
		d_printf("Didn't find the kerberos server!\n");
		return -1;
	}

	if (argv[1]) {
		new_password = (char *)argv[1];
	} else {
		asprintf(&prompt, "Enter new password for %s:", user);
		new_password = getpass(prompt);
		free(prompt);
	}

	ret = kerberos_set_password(ads->auth.kdc_server, auth_principal, 
				auth_password, user, new_password, ads->auth.time_offset);
	if (!ADS_ERR_OK(ret)) {
		d_printf("Password change failed :-( ...\n");
		ads_destroy(&ads);
		return -1;
	}

	d_printf("Password change for %s completed.\n", user);
	ads_destroy(&ads);

	return 0;
}
Exemple #16
0
static ADS_STRUCT *ads_startup(void)
{
	ADS_STRUCT *ads;
	ADS_STATUS status;
	BOOL need_password = False;
	BOOL second_time = False;
	char *cp;
	
	/* lp_realm() should be handled by a command line param, 
	   However, the join requires that realm be set in smb.conf
	   and compares our realm with the remote server's so this is
	   ok until someone needs more flexibility */
	   
	ads = ads_init(lp_realm(), opt_target_workgroup, opt_host);

	if (!opt_user_name) {
		opt_user_name = "administrator";
	}

	if (opt_user_specified) {
		need_password = True;
	}

retry:
	if (!opt_password && need_password && !opt_machine_pass) {
		char *prompt;
		asprintf(&prompt,"%s's password: "******"name@realm", 
        * extract the realm and convert to upper case.
        * This is only used to establish the connection.
        */
       if ((cp = strchr(ads->auth.user_name, '@'))!=0) {
               *cp++ = '\0';
               ads->auth.realm = smb_xstrdup(cp);
               strupper_m(ads->auth.realm);
       }

	status = ads_connect(ads);

	if (!ADS_ERR_OK(status)) {
		if (!need_password && !second_time) {
			need_password = True;
			second_time = True;
			goto retry;
		} else {
			DEBUG(0,("ads_connect: %s\n", ads_errstr(status)));
			return NULL;
		}
	}
	return ads;
}
Exemple #17
0
WERROR nt_printer_publish(TALLOC_CTX *mem_ctx,
			  const struct auth_serversupplied_info *session_info,
			  struct messaging_context *msg_ctx,
			  struct spoolss_PrinterInfo2 *pinfo2,
			  int action)
{
	uint32_t info2_mask = SPOOLSS_PRINTER_INFO_ATTRIBUTES;
	struct spoolss_SetPrinterInfo2 *sinfo2;
	ADS_STATUS ads_rc;
	ADS_STRUCT *ads = NULL;
	WERROR win_rc;

	sinfo2 = talloc_zero(mem_ctx, struct spoolss_SetPrinterInfo2);
	if (!sinfo2) {
		return WERR_NOMEM;
	}

	switch (action) {
	case DSPRINT_PUBLISH:
	case DSPRINT_UPDATE:
		pinfo2->attributes |= PRINTER_ATTRIBUTE_PUBLISHED;
		break;
	case DSPRINT_UNPUBLISH:
		pinfo2->attributes ^= PRINTER_ATTRIBUTE_PUBLISHED;
		break;
	default:
		win_rc = WERR_NOT_SUPPORTED;
		goto done;
	}

	sinfo2->attributes = pinfo2->attributes;

	win_rc = winreg_update_printer(mem_ctx, session_info, msg_ctx,
					pinfo2->sharename, info2_mask,
					sinfo2, NULL, NULL);
	if (!W_ERROR_IS_OK(win_rc)) {
		DEBUG(3, ("err %d saving data\n", W_ERROR_V(win_rc)));
		goto done;
	}

	TALLOC_FREE(sinfo2);

	ads = ads_init(lp_realm(), lp_workgroup(), NULL);
	if (!ads) {
		DEBUG(3, ("ads_init() failed\n"));
		win_rc = WERR_SERVER_UNAVAILABLE;
		goto done;
	}
	setenv(KRB5_ENV_CCNAME, "MEMORY:prtpub_cache", 1);
	SAFE_FREE(ads->auth.password);
	ads->auth.password = secrets_fetch_machine_password(lp_workgroup(),
		NULL, NULL);

	/* ads_connect() will find the DC for us */
	ads_rc = ads_connect(ads);
	if (!ADS_ERR_OK(ads_rc)) {
		DEBUG(3, ("ads_connect failed: %s\n", ads_errstr(ads_rc)));
		win_rc = WERR_ACCESS_DENIED;
		goto done;
	}

	switch (action) {
	case DSPRINT_PUBLISH:
	case DSPRINT_UPDATE:
		win_rc = nt_printer_publish_ads(msg_ctx, ads, pinfo2);
		break;
	case DSPRINT_UNPUBLISH:
		win_rc = nt_printer_unpublish_ads(ads, pinfo2->sharename);
		break;
	}

done:
	ads_destroy(&ads);
	return win_rc;
}
Exemple #18
0
WERROR check_published_printers(struct messaging_context *msg_ctx)
{
	ADS_STATUS ads_rc;
	ADS_STRUCT *ads = NULL;
	int snum;
	int n_services = lp_numservices();
	TALLOC_CTX *tmp_ctx = NULL;
	struct auth_serversupplied_info *session_info = NULL;
	struct spoolss_PrinterInfo2 *pinfo2;
	NTSTATUS status;
	WERROR result;

	tmp_ctx = talloc_new(NULL);
	if (!tmp_ctx) return WERR_NOMEM;

	ads = ads_init(lp_realm(), lp_workgroup(), NULL);
	if (!ads) {
		DEBUG(3, ("ads_init() failed\n"));
		return WERR_SERVER_UNAVAILABLE;
	}
	setenv(KRB5_ENV_CCNAME, "MEMORY:prtpub_cache", 1);
	SAFE_FREE(ads->auth.password);
	ads->auth.password = secrets_fetch_machine_password(lp_workgroup(),
		NULL, NULL);

	/* ads_connect() will find the DC for us */
	ads_rc = ads_connect(ads);
	if (!ADS_ERR_OK(ads_rc)) {
		DEBUG(3, ("ads_connect failed: %s\n", ads_errstr(ads_rc)));
		result = WERR_ACCESS_DENIED;
		goto done;
	}

	status = make_session_info_system(tmp_ctx, &session_info);
	if (!NT_STATUS_IS_OK(status)) {
		DEBUG(0, ("check_published_printers: "
			  "Could not create system session_info\n"));
		result = WERR_ACCESS_DENIED;
		goto done;
	}

	for (snum = 0; snum < n_services; snum++) {
		if (!lp_snum_ok(snum) || !lp_print_ok(snum)) {
			continue;
		}

		result = winreg_get_printer(tmp_ctx, session_info, msg_ctx,
					    lp_servicename(snum),
					    &pinfo2);
		if (!W_ERROR_IS_OK(result)) {
			continue;
		}

		if (pinfo2->attributes & PRINTER_ATTRIBUTE_PUBLISHED) {
			nt_printer_publish_ads(msg_ctx, ads, pinfo2);
		}

		TALLOC_FREE(pinfo2);
	}

	result = WERR_OK;
done:
	ads_destroy(&ads);
	ads_kdestroy("MEMORY:prtpub_cache");
	talloc_free(tmp_ctx);
	return result;
}
int ads_has_subscription(Env E, char *sub, char *id)
{
   LDAP *ld = E->ldap;
   LDAPMessage    *result, *e;
   char  *regid = NULL;
   int i;
   int nv = 0;
   char filter[2048];
   char *dn = NULL;
   int rc;
   int try;
   int ret = 0;

   /* Look for the account record */

   snprintf(filter, 2048, "(&(uwNetID=%s)(uwActiveSubscription=%s))", id, sub);

   // syslog(LOG_DEBUG, "search: \"%s\"\n", filter);
   // long delays can disconnect us
   for (try=0; try<2; try++) {
      if (!(ld||(ld=ads_init(E)))) {
          syslog(LOG_ERR, "no ldap, cannot verify!");
          return (-1);
      }
      if ((rc=ldap_search_s(ld, E->ads_base, LDAP_SCOPE_SUBTREE,
          filter, ads_attributes, 0, &result )) != LDAP_SUCCESS ) {
               if (try>0) report_error(rc, "ldap_search_s" );
               ldap_msgfree( result );
               ld = NULL; 
               continue;
      }
      break;  // success
   }
   if (try==2) {
      syslog(LOG_ERR, "no ldap, cannot verify!");
      return (-1);
   }

   if (ldap_count_entries(ld, result)>0) {
      // this is not necessary
      e = ldap_first_entry( ld, result );
      char *nid = get_attr_value(ld, e, "uwNetID");
      syslog(LOG_DEBUG, "found: \"%s\"\n", nid);
      free(nid);
      ret = 1;
   } else { 
      syslog(LOG_DEBUG, "not found");
   }
   ldap_msgfree( result );
   return (ret);
}




/* ----- connect and disconnect -------------------------- */



#ifdef LDAP_DEBUG
static void set_ldap_debug()
{
    if( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &tegea_debug )
          != LBER_OPT_SUCCESS ) {
      fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", tegea_debug );
    }
    if( ldap_set_option( NULL, LDAP_OPT_DEBUG_LEVEL, &tegea_debug )
         != LDAP_OPT_SUCCESS ) {
      fprintf( stderr, "Could not set LDAP_OPT_DEBUG_LEVEL %d\n", tegea_debug );
    }
}
#endif



/* Callback from the sasl bind */

static int tsasl_interact(LDAP *ld, unsigned flags, void *defaults, void *in)
{
    sasl_interact_t *interact = in;
    /* Should loop through, ++interact, for full SASL stuff. */
    if (interact->id != SASL_CB_LIST_END) {
        interact->result = (char *) interact->defresult;
        if (interact->defresult)
            interact->len = strlen(interact->defresult);
        else
            interact->len = 0;
    }
    return LDAP_SUCCESS;
}


static int set_int_option(LDAP *ld, int option, int iv)
{  
   int rc;
   
   if ( (rc=ldap_set_option( NULL, option, &iv )) != LDAP_SUCCESS ) {
        report_error(rc, "set int opt");
        return (0);
   }
   return (1);
}