The key table functions deal with storing and retrieving service keys
for use by unattended services which participate in authentication exchanges.

Keytab routines should all be atomic.  Every routine that acquires
a non-sharable resource must release it before it returns.  For
example, an implementation is not allowed to leave a file open
for writing or to have a lock on a file.

Any keytab implementations must support multiple concurrent sequential scans.

The order of values returned from \funcname{krb5_kt_next_entry} is
unspecified and may be sorted to the implementor's convenience.

Although the ``right thing'' should happen if the program aborts
abnormally, a close routine is provided for freeing resources,
etc.  People should use the close routine when they are
finished.

\subsubsection{Per-type functions}
The following entry points must be implemented for each type of
key table; however, application programs are not expected to call
\funcname{krb5_kt_resolve_internal}, \funcname{krb5_kt_remove_internal},
or \funcname{krb5_kt_add_internal} directly.

In order to reduce the size of binary programs when static linking is
used, it is common to provide two \datatype{krb5_kt_ops} structures for
each key table type, one for reading only in which the pointers to the
add and delete functions are zero, and one for reading and writing.

\begin{funcdecl}{krb5_kt_resolve_internal}{krb5_error_code}{\funcin}
\funcarg{char *}{residual}
\funcout
\funcarg{krb5_keytab *}{id}
\end{funcdecl}

Fills in \funcparam{*id} with a handle identifying the keytab with name
``residual''.  The interpretation of ``residual'' is dependent on the
type of keytab.

\begin{funcdecl}{krb5_kt_get_name}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcout
\funcarg{char *}{name}
\funcin
\funcarg{int}{namesize}
\end{funcdecl}

\funcarg{name} is filled in with the first \funcparam{namesize} bytes of
the name of the keytab identified by \funcname{id}.
If the name is shorter than \funcparam{namesize}, then \funcarg{name}
will be null-terminated.

\begin{funcdecl}{krb5_kt_close}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\end{funcdecl}

Closes the keytab identified by \funcparam{id} and invalidates
\funcparam{id}, and releases any other resources acquired during use of
the key table.

Requires that \funcparam{id} identifies a valid credentials cache.

\begin{funcdecl}{krb5_kt_get_entry}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcarg{krb5_principal}{principal}
\funcarg{krb5_kvno}{vno}
\funcout
\funcarg{krb5_keytab_entry *}{entry}
\end{funcdecl}

Searches the keytab identified by \funcparam{id} for an entry whose
principal matches \funcparam{principal} and
whose key version number matches \funcparam{vno}.  If \funcparam{vno} is
zero, the first entry whose principal matches is returned.

Returns an error code if no suitable entry is found.  If an entry is
found, the entry is returned in \funcparam{*entry}; its contents should
be deallocated by calling \funcname{krb5_kt_free_entry} when no longer
needed.

\begin{funcdecl}{krb5_kt_free_entry}{krb5_error_code}{\funcinout}
\funcarg{krb5_keytab_entry *}{entry}
\end{funcdecl}

Releases all storage allocated for \funcparam{entry}, which must point
to a structure previously filled in by \funcname{krb5_kt_get_entry} or
\funcname{krb5_kt_next_entry}.

\begin{funcdecl}{krb5_kt_start_seq_get}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcout
\funcarg{krb5_kt_cursor *}{cursor}
\end{funcdecl}

Prepares to read sequentially every key in the keytab identified by
\funcparam{id}.
\funcparam{cursor} is filled in with a cursor to be used in calls to
\funcname{krb5_kt_next_entry}.

\begin{funcdecl}{krb5_kt_next_entry}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcout
\funcarg{krb5_keytab_entry *}{entry}
\funcinout
\funcarg{krb5_kt_cursor}{cursor}
\end{funcdecl}

Fetches the ``next'' entry in the keytab, returning it in
\funcparam{*entry}, and updates \funcparam{*cursor} for the next
request.  If the keytab changes during the sequential get, an error is
guaranteed.  \funcparam{*entry} should be freed after use by calling
\funcname{krb5_kt_free_entry}.

Requires that \funcparam{id} identifies a valid credentials cache.  and
\funcparam{*cursor} be a cursor returned by
\funcname{krb5_kt_start_seq_get} or a subsequent call to
\funcname{krb5_kt_next_entry}.

Errors: error code if no more cache entries or if the keytab changes.

\begin{funcdecl}{krb5_kt_end_seq_get}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcarg{krb5_kt_cursor}{cursor}
\end{funcdecl}

Finishes sequential processing mode and invalidates \funcparam{cursor},
which must never be re-used after this call.

Requires that \funcparam{id} identifies a valid credentials cache.  and
\funcparam{*cursor} be a cursor returned by
\funcname{krb5_kt_start_seq_get} or a subsequent call to
\funcname{krb5_kt_next_entry}.

May return error code if \funcparam{cursor} is invalid.

\begin{funcdecl}{krb5_kt_remove_internal}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcarg{krb5_keytab_entry *}{entry}
\end{funcdecl}

Searches the keytab \funcparam{id} for an entry that exactly matches
\funcparam{entry}.  If one is found, it is removed from the keytab.

Returns an error code if not found.

	
\begin{funcdecl}{krb5_kt_add_internal}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcarg{krb5_keytab_entry *}{entry}
\end{funcdecl}

Stores \funcparam{entry} in the keytab \funcparam{id}.
Fails if the entry already exists.

This operation must, within the constraints of the operating system, not
return until it can verify that the write has completed succesfully.
For example, in a UNIX file-based implementation, this routine (or the part
of the underlying implementation that it calls) would be responsible for
doing an \funcname{fsync} on the file before returning.

Returns an error code if \funcparam{entry} is already present in the
keytab or if the key could not be stored (quota problem, etc).


\subsubsection{Glue functions}
The following functions are implemented in the base library and serve to
glue together the various types of key tables.

\begin{funcdecl}{krb5_kt_register}{krb5_error_code}{\funcin}
\funcarg{krb5_kt_ops *}{ops}
\end{funcdecl}


Adds a new ticket cache type to the set recognized by
\funcname{krb5_kt_resolve}.
Requires that a keytab type named \funcparam{ops{\ptsto}prefix} is not
yet known.

An error is returned if \funcparam{ops{\ptsto}prefix} is already known.

\begin{funcdecl}{krb5_kt_resolve}{krb5_error_code}{\funcin}
\funcarg{char *}{string_name}
\funcout
\funcarg{krb5_keytab *}{id}
\end{funcdecl}

Fills in \funcparam{*id} with a handle identifying the keytab with name
``string_name''.  The keytab is not opened.
Requires that \funcparam{string_name} be of the form ``type:residual'' and
``type'' is a type known to the library.

Errors: badly formatted name.
		
\begin{funcdecl}{krb5_kt_default_name}{krb5_error_code}{\funcin}
\funcarg{char *}{name}
\funcarg{int}{namesize}
\end{funcdecl}

\funcparam{name} is filled in with the first \funcparam{namesize} bytes of
the name of the default keytab.
If the name is shorter than \funcparam{namesize}, then the remainder of
\funcparam{name} will be zeroed.


\begin{funcdecl}{krb5_kt_default}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab *}{id}
\end{funcdecl}

Fills in \funcparam{id} with  a handle identifying the default keytab.

\begin{funcdecl}{krb5_kt_read_service_key}{krb5_error_code}{\funcin}
\funcarg{krb5_pointer}{keyprocarg}
\funcarg{krb5_principal}{principal}
\funcarg{krb5_kvno}{vno}
\funcout
\funcarg{krb5_keyblock **}{key}
\end{funcdecl}

This function is suitable for use as a parameter to
\funcname{krb5_rd_req}.

If \funcname{keyprocarg} is not NULL, it is taken to be a
\datatype{char *} denoting the name of a keytab.  Otherwise, the default
keytab will be used.
The keytab is opened and searched for the entry identified by
\funcparam{principal} and \funcparam{vno}, returning the resulting key
in \funcparam{*key} or returning an error code if it is not found. 

\funcname{krb5_free_keyblock} should be called on \funcparam{*key} when
the caller is finished with the key.

Returns an error code if the entry is not found.

\begin{funcdecl}{krb5_kt_add_entry}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcarg{krb5_keytab_entry *}{entry}
\end{funcdecl}

Calls the keytab-specific add routine \funcname{krb5_kt_add_internal}
with the same function arguments.  If this routine is not available,
then KRB5_KT_NOWRITE is returned.

\begin{funcdecl}{krb5_kt_remove_entry}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcarg{krb5_keytab_entry *}{entry}
\end{funcdecl}

Calls the keytab-specific remove routine
\funcname{krb5_kt_remove_internal} with the same function arguments.
If this routine is not available, then KRB5_KT_NOWRITE is returned.
#n164'>164</a>
<a id='n165' href='#n165'>165</a>
<a id='n166' href='#n166'>166</a>
<a id='n167' href='#n167'>167</a>
<a id='n168' href='#n168'>168</a>
<a id='n169' href='#n169'>169</a>
<a id='n170' href='#n170'>170</a>
<a id='n171' href='#n171'>171</a>
<a id='n172' href='#n172'>172</a>
<a id='n173' href='#n173'>173</a>
<a id='n174' href='#n174'>174</a>
<a id='n175' href='#n175'>175</a>
<a id='n176' href='#n176'>176</a>
<a id='n177' href='#n177'>177</a>
<a id='n178' href='#n178'>178</a>
<a id='n179' href='#n179'>179</a>
<a id='n180' href='#n180'>180</a>
<a id='n181' href='#n181'>181</a>
<a id='n182' href='#n182'>182</a>
<a id='n183' href='#n183'>183</a>
<a id='n184' href='#n184'>184</a>
<a id='n185' href='#n185'>185</a>
<a id='n186' href='#n186'>186</a>
<a id='n187' href='#n187'>187</a>
<a id='n188' href='#n188'>188</a>
<a id='n189' href='#n189'>189</a>
<a id='n190' href='#n190'>190</a>
<a id='n191' href='#n191'>191</a>
<a id='n192' href='#n192'>192</a>
<a id='n193' href='#n193'>193</a>
<a id='n194' href='#n194'>194</a>
<a id='n195' href='#n195'>195</a>
<a id='n196' href='#n196'>196</a>
<a id='n197' href='#n197'>197</a>
<a id='n198' href='#n198'>198</a>
<a id='n199' href='#n199'>199</a>
<a id='n200' href='#n200'>200</a>
<a id='n201' href='#n201'>201</a>
<a id='n202' href='#n202'>202</a>
<a id='n203' href='#n203'>203</a>
<a id='n204' href='#n204'>204</a>
<a id='n205' href='#n205'>205</a>
<a id='n206' href='#n206'>206</a>
<a id='n207' href='#n207'>207</a>
<a id='n208' href='#n208'>208</a>
<a id='n209' href='#n209'>209</a>
<a id='n210' href='#n210'>210</a>
<a id='n211' href='#n211'>211</a>
<a id='n212' href='#n212'>212</a>
<a id='n213' href='#n213'>213</a>
<a id='n214' href='#n214'>214</a>
<a id='n215' href='#n215'>215</a>
<a id='n216' href='#n216'>216</a>
<a id='n217' href='#n217'>217</a>
<a id='n218' href='#n218'>218</a>
<a id='n219' href='#n219'>219</a>
<a id='n220' href='#n220'>220</a>
<a id='n221' href='#n221'>221</a>
<a id='n222' href='#n222'>222</a>
<a id='n223' href='#n223'>223</a>
<a id='n224' href='#n224'>224</a>
<a id='n225' href='#n225'>225</a>
<a id='n226' href='#n226'>226</a>
<a id='n227' href='#n227'>227</a>
<a id='n228' href='#n228'>228</a>
<a id='n229' href='#n229'>229</a>
<a id='n230' href='#n230'>230</a>
<a id='n231' href='#n231'>231</a>
<a id='n232' href='#n232'>232</a>
<a id='n233' href='#n233'>233</a>
<a id='n234' href='#n234'>234</a>
<a id='n235' href='#n235'>235</a>
<a id='n236' href='#n236'>236</a>
<a id='n237' href='#n237'>237</a>
<a id='n238' href='#n238'>238</a>
<a id='n239' href='#n239'>239</a>
<a id='n240' href='#n240'>240</a>
<a id='n241' href='#n241'>241</a>
<a id='n242' href='#n242'>242</a>
<a id='n243' href='#n243'>243</a>
<a id='n244' href='#n244'>244</a>
<a id='n245' href='#n245'>245</a>
<a id='n246' href='#n246'>246</a>
<a id='n247' href='#n247'>247</a>
<a id='n248' href='#n248'>248</a>
<a id='n249' href='#n249'>249</a>
<a id='n250' href='#n250'>250</a>
<a id='n251' href='#n251'>251</a>
<a id='n252' href='#n252'>252</a>
<a id='n253' href='#n253'>253</a>
<a id='n254' href='#n254'>254</a>
<a id='n255' href='#n255'>255</a>
<a id='n256' href='#n256'>256</a>
<a id='n257' href='#n257'>257</a>
<a id='n258' href='#n258'>258</a>
<a id='n259' href='#n259'>259</a>
<a id='n260' href='#n260'>260</a>
<a id='n261' href='#n261'>261</a>
<a id='n262' href='#n262'>262</a>
<a id='n263' href='#n263'>263</a>
<a id='n264' href='#n264'>264</a>
<a id='n265' href='#n265'>265</a>
<a id='n266' href='#n266'>266</a>
<a id='n267' href='#n267'>267</a>
<a id='n268' href='#n268'>268</a>
<a id='n269' href='#n269'>269</a>
<a id='n270' href='#n270'>270</a>
<a id='n271' href='#n271'>271</a>
<a id='n272' href='#n272'>272</a>
<a id='n273' href='#n273'>273</a>
<a id='n274' href='#n274'>274</a>
<a id='n275' href='#n275'>275</a>
<a id='n276' href='#n276'>276</a>
<a id='n277' href='#n277'>277</a>
<a id='n278' href='#n278'>278</a>
<a id='n279' href='#n279'>279</a>
<a id='n280' href='#n280'>280</a>
<a id='n281' href='#n281'>281</a>
<a id='n282' href='#n282'>282</a>
<a id='n283' href='#n283'>283</a>
<a id='n284' href='#n284'>284</a>
<a id='n285' href='#n285'>285</a>
<a id='n286' href='#n286'>286</a>
<a id='n287' href='#n287'>287</a>
<a id='n288' href='#n288'>288</a>
<a id='n289' href='#n289'>289</a>
<a id='n290' href='#n290'>290</a>
<a id='n291' href='#n291'>291</a>
<a id='n292' href='#n292'>292</a>
<a id='n293' href='#n293'>293</a>
<a id='n294' href='#n294'>294</a>
<a id='n295' href='#n295'>295</a>
<a id='n296' href='#n296'>296</a>
<a id='n297' href='#n297'>297</a>
<a id='n298' href='#n298'>298</a>
<a id='n299' href='#n299'>299</a>
<a id='n300' href='#n300'>300</a>
<a id='n301' href='#n301'>301</a>
<a id='n302' href='#n302'>302</a>
<a id='n303' href='#n303'>303</a>
<a id='n304' href='#n304'>304</a>
<a id='n305' href='#n305'>305</a>
<a id='n306' href='#n306'>306</a>
<a id='n307' href='#n307'>307</a>
<a id='n308' href='#n308'>308</a>
<a id='n309' href='#n309'>309</a>
<a id='n310' href='#n310'>310</a>
<a id='n311' href='#n311'>311</a>
<a id='n312' href='#n312'>312</a>
<a id='n313' href='#n313'>313</a>
<a id='n314' href='#n314'>314</a>
<a id='n315' href='#n315'>315</a>
<a id='n316' href='#n316'>316</a>
<a id='n317' href='#n317'>317</a>
<a id='n318' href='#n318'>318</a>
<a id='n319' href='#n319'>319</a>
<a id='n320' href='#n320'>320</a>
<a id='n321' href='#n321'>321</a>
<a id='n322' href='#n322'>322</a>
<a id='n323' href='#n323'>323</a>
<a id='n324' href='#n324'>324</a>
<a id='n325' href='#n325'>325</a>
<a id='n326' href='#n326'>326</a>
<a id='n327' href='#n327'>327</a>
<a id='n328' href='#n328'>328</a>
<a id='n329' href='#n329'>329</a>
<a id='n330' href='#n330'>330</a>
<a id='n331' href='#n331'>331</a>
<a id='n332' href='#n332'>332</a>
<a id='n333' href='#n333'>333</a>
<a id='n334' href='#n334'>334</a>
<a id='n335' href='#n335'>335</a>
<a id='n336' href='#n336'>336</a>
<a id='n337' href='#n337'>337</a>
<a id='n338' href='#n338'>338</a>
<a id='n339' href='#n339'>339</a>
<a id='n340' href='#n340'>340</a>
<a id='n341' href='#n341'>341</a>
<a id='n342' href='#n342'>342</a>
<a id='n343' href='#n343'>343</a>
<a id='n344' href='#n344'>344</a>
<a id='n345' href='#n345'>345</a>
<a id='n346' href='#n346'>346</a>
<a id='n347' href='#n347'>347</a>
<a id='n348' href='#n348'>348</a>
<a id='n349' href='#n349'>349</a>
<a id='n350' href='#n350'>350</a>
<a id='n351' href='#n351'>351</a>
<a id='n352' href='#n352'>352</a>
<a id='n353' href='#n353'>353</a>
<a id='n354' href='#n354'>354</a>
<a id='n355' href='#n355'>355</a>
<a id='n356' href='#n356'>356</a>
<a id='n357' href='#n357'>357</a>
<a id='n358' href='#n358'>358</a>
<a id='n359' href='#n359'>359</a>
<a id='n360' href='#n360'>360</a>
<a id='n361' href='#n361'>361</a>
<a id='n362' href='#n362'>362</a>
<a id='n363' href='#n363'>363</a>
<a id='n364' href='#n364'>364</a>
<a id='n365' href='#n365'>365</a>
<a id='n366' href='#n366'>366</a>
<a id='n367' href='#n367'>367</a>
<a id='n368' href='#n368'>368</a>
<a id='n369' href='#n369'>369</a>
<a id='n370' href='#n370'>370</a>
<a id='n371' href='#n371'>371</a>
<a id='n372' href='#n372'>372</a>
<a id='n373' href='#n373'>373</a>
<a id='n374' href='#n374'>374</a>
<a id='n375' href='#n375'>375</a>
<a id='n376' href='#n376'>376</a>
<a id='n377' href='#n377'>377</a>
<a id='n378' href='#n378'>378</a>
<a id='n379' href='#n379'>379</a>
<a id='n380' href='#n380'>380</a>
<a id='n381' href='#n381'>381</a>
<a id='n382' href='#n382'>382</a>
<a id='n383' href='#n383'>383</a>
<a id='n384' href='#n384'>384</a>
<a id='n385' href='#n385'>385</a>
<a id='n386' href='#n386'>386</a>
<a id='n387' href='#n387'>387</a>
<a id='n388' href='#n388'>388</a>
<a id='n389' href='#n389'>389</a>
<a id='n390' href='#n390'>390</a>
<a id='n391' href='#n391'>391</a>
<a id='n392' href='#n392'>392</a>
<a id='n393' href='#n393'>393</a>
<a id='n394' href='#n394'>394</a>
<a id='n395' href='#n395'>395</a>
<a id='n396' href='#n396'>396</a>
<a id='n397' href='#n397'>397</a>
<a id='n398' href='#n398'>398</a>
<a id='n399' href='#n399'>399</a>
<a id='n400' href='#n400'>400</a>
<a id='n401' href='#n401'>401</a>
<a id='n402' href='#n402'>402</a>
<a id='n403' href='#n403'>403</a>
<a id='n404' href='#n404'>404</a>
<a id='n405' href='#n405'>405</a>
<a id='n406' href='#n406'>406</a>
<a id='n407' href='#n407'>407</a>
<a id='n408' href='#n408'>408</a>
<a id='n409' href='#n409'>409</a>
<a id='n410' href='#n410'>410</a>
<a id='n411' href='#n411'>411</a>
<a id='n412' href='#n412'>412</a>
<a id='n413' href='#n413'>413</a>
<a id='n414' href='#n414'>414</a>
<a id='n415' href='#n415'>415</a>
<a id='n416' href='#n416'>416</a>
<a id='n417' href='#n417'>417</a>
<a id='n418' href='#n418'>418</a>
<a id='n419' href='#n419'>419</a>
<a id='n420' href='#n420'>420</a>
<a id='n421' href='#n421'>421</a>
<a id='n422' href='#n422'>422</a>
<a id='n423' href='#n423'>423</a>
<a id='n424' href='#n424'>424</a>
<a id='n425' href='#n425'>425</a>
<a id='n426' href='#n426'>426</a>
<a id='n427' href='#n427'>427</a>
<a id='n428' href='#n428'>428</a>
<a id='n429' href='#n429'>429</a>
<a id='n430' href='#n430'>430</a>
<a id='n431' href='#n431'>431</a>
<a id='n432' href='#n432'>432</a>
<a id='n433' href='#n433'>433</a>
<a id='n434' href='#n434'>434</a>
<a id='n435' href='#n435'>435</a>
<a id='n436' href='#n436'>436</a>
<a id='n437' href='#n437'>437</a>
<a id='n438' href='#n438'>438</a>
<a id='n439' href='#n439'>439</a>
<a id='n440' href='#n440'>440</a>
<a id='n441' href='#n441'>441</a>
<a id='n442' href='#n442'>442</a>
<a id='n443' href='#n443'>443</a>
<a id='n444' href='#n444'>444</a>
<a id='n445' href='#n445'>445</a>
<a id='n446' href='#n446'>446</a>
<a id='n447' href='#n447'>447</a>
<a id='n448' href='#n448'>448</a>
<a id='n449' href='#n449'>449</a>
<a id='n450' href='#n450'>450</a>
<a id='n451' href='#n451'>451</a>
<a id='n452' href='#n452'>452</a>
<a id='n453' href='#n453'>453</a>
<a id='n454' href='#n454'>454</a>
<a id='n455' href='#n455'>455</a>
<a id='n456' href='#n456'>456</a>
<a id='n457' href='#n457'>457</a>
<a id='n458' href='#n458'>458</a>
<a id='n459' href='#n459'>459</a>
<a id='n460' href='#n460'>460</a>
<a id='n461' href='#n461'>461</a>
<a id='n462' href='#n462'>462</a>
<a id='n463' href='#n463'>463</a>
<a id='n464' href='#n464'>464</a>
<a id='n465' href='#n465'>465</a>
<a id='n466' href='#n466'>466</a>
<a id='n467' href='#n467'>467</a>
<a id='n468' href='#n468'>468</a>
<a id='n469' href='#n469'>469</a>
<a id='n470' href='#n470'>470</a>
<a id='n471' href='#n471'>471</a>
<a id='n472' href='#n472'>472</a>
<a id='n473' href='#n473'>473</a>
<a id='n474' href='#n474'>474</a>
<a id='n475' href='#n475'>475</a>
<a id='n476' href='#n476'>476</a>
<a id='n477' href='#n477'>477</a>
<a id='n478' href='#n478'>478</a>
<a id='n479' href='#n479'>479</a>
<a id='n480' href='#n480'>480</a>
<a id='n481' href='#n481'>481</a>
<a id='n482' href='#n482'>482</a>
<a id='n483' href='#n483'>483</a>
<a id='n484' href='#n484'>484</a>
<a id='n485' href='#n485'>485</a>
<a id='n486' href='#n486'>486</a>
<a id='n487' href='#n487'>487</a>
<a id='n488' href='#n488'>488</a>
<a id='n489' href='#n489'>489</a>
<a id='n490' href='#n490'>490</a>
<a id='n491' href='#n491'>491</a>
<a id='n492' href='#n492'>492</a>
<a id='n493' href='#n493'>493</a>
<a id='n494' href='#n494'>494</a>
<a id='n495' href='#n495'>495</a>
<a id='n496' href='#n496'>496</a>
<a id='n497' href='#n497'>497</a>
<a id='n498' href='#n498'>498</a>
<a id='n499' href='#n499'>499</a>
<a id='n500' href='#n500'>500</a>
<a id='n501' href='#n501'>501</a>
<a id='n502' href='#n502'>502</a>
<a id='n503' href='#n503'>503</a>
<a id='n504' href='#n504'>504</a>
<a id='n505' href='#n505'>505</a>
<a id='n506' href='#n506'>506</a>
<a id='n507' href='#n507'>507</a>
<a id='n508' href='#n508'>508</a>
<a id='n509' href='#n509'>509</a>
<a id='n510' href='#n510'>510</a>
<a id='n511' href='#n511'>511</a>
<a id='n512' href='#n512'>512</a>
<a id='n513' href='#n513'>513</a>
<a id='n514' href='#n514'>514</a>
<a id='n515' href='#n515'>515</a>
<a id='n516' href='#n516'>516</a>
<a id='n517' href='#n517'>517</a>
<a id='n518' href='#n518'>518</a>
<a id='n519' href='#n519'>519</a>
<a id='n520' href='#n520'>520</a>
<a id='n521' href='#n521'>521</a>
<a id='n522' href='#n522'>522</a>
<a id='n523' href='#n523'>523</a>
<a id='n524' href='#n524'>524</a>
<a id='n525' href='#n525'>525</a>
<a id='n526' href='#n526'>526</a>
<a id='n527' href='#n527'>527</a>
<a id='n528' href='#n528'>528</a>
<a id='n529' href='#n529'>529</a>
<a id='n530' href='#n530'>530</a>
<a id='n531' href='#n531'>531</a>
<a id='n532' href='#n532'>532</a>
<a id='n533' href='#n533'>533</a>
<a id='n534' href='#n534'>534</a>
<a id='n535' href='#n535'>535</a>
<a id='n536' href='#n536'>536</a>
<a id='n537' href='#n537'>537</a>
<a id='n538' href='#n538'>538</a>
<a id='n539' href='#n539'>539</a>
<a id='n540' href='#n540'>540</a>
<a id='n541' href='#n541'>541</a>
<a id='n542' href='#n542'>542</a>
<a id='n543' href='#n543'>543</a>
<a id='n544' href='#n544'>544</a>
<a id='n545' href='#n545'>545</a>
<a id='n546' href='#n546'>546</a>
<a id='n547' href='#n547'>547</a>
<a id='n548' href='#n548'>548</a>
<a id='n549' href='#n549'>549</a>
<a id='n550' href='#n550'>550</a>
<a id='n551' href='#n551'>551</a>
<a id='n552' href='#n552'>552</a>
<a id='n553' href='#n553'>553</a>
<a id='n554' href='#n554'>554</a>
<a id='n555' href='#n555'>555</a>
<a id='n556' href='#n556'>556</a>
<a id='n557' href='#n557'>557</a>
<a id='n558' href='#n558'>558</a>
<a id='n559' href='#n559'>559</a>
<a id='n560' href='#n560'>560</a>
<a id='n561' href='#n561'>561</a>
<a id='n562' href='#n562'>562</a>
<a id='n563' href='#n563'>563</a>
<a id='n564' href='#n564'>564</a>
<a id='n565' href='#n565'>565</a>
<a id='n566' href='#n566'>566</a>
<a id='n567' href='#n567'>567</a>
<a id='n568' href='#n568'>568</a>
<a id='n569' href='#n569'>569</a>
<a id='n570' href='#n570'>570</a>
<a id='n571' href='#n571'>571</a>
<a id='n572' href='#n572'>572</a>
<a id='n573' href='#n573'>573</a>
<a id='n574' href='#n574'>574</a>
<a id='n575' href='#n575'>575</a>
<a id='n576' href='#n576'>576</a>
<a id='n577' href='#n577'>577</a>
<a id='n578' href='#n578'>578</a>
<a id='n579' href='#n579'>579</a>
<a id='n580' href='#n580'>580</a>
<a id='n581' href='#n581'>581</a>
<a id='n582' href='#n582'>582</a>
<a id='n583' href='#n583'>583</a>
<a id='n584' href='#n584'>584</a>
<a id='n585' href='#n585'>585</a>
<a id='n586' href='#n586'>586</a>
<a id='n587' href='#n587'>587</a>
<a id='n588' href='#n588'>588</a>
<a id='n589' href='#n589'>589</a>
<a id='n590' href='#n590'>590</a>
<a id='n591' href='#n591'>591</a>
<a id='n592' href='#n592'>592</a>
<a id='n593' href='#n593'>593</a>
<a id='n594' href='#n594'>594</a>
<a id='n595' href='#n595'>595</a>
<a id='n596' href='#n596'>596</a>
<a id='n597' href='#n597'>597</a>
<a id='n598' href='#n598'>598</a>
<a id='n599' href='#n599'>599</a>
<a id='n600' href='#n600'>600</a>
<a id='n601' href='#n601'>601</a>
<a id='n602' href='#n602'>602</a>
<a id='n603' href='#n603'>603</a>
<a id='n604' href='#n604'>604</a>
<a id='n605' href='#n605'>605</a>
<a id='n606' href='#n606'>606</a>
<a id='n607' href='#n607'>607</a>
<a id='n608' href='#n608'>608</a>
<a id='n609' href='#n609'>609</a>
<a id='n610' href='#n610'>610</a>
<a id='n611' href='#n611'>611</a>
<a id='n612' href='#n612'>612</a>
<a id='n613' href='#n613'>613</a>
<a id='n614' href='#n614'>614</a>
<a id='n615' href='#n615'>615</a>
<a id='n616' href='#n616'>616</a>
<a id='n617' href='#n617'>617</a>
<a id='n618' href='#n618'>618</a>
<a id='n619' href='#n619'>619</a>
<a id='n620' href='#n620'>620</a>
<a id='n621' href='#n621'>621</a>
<a id='n622' href='#n622'>622</a>
<a id='n623' href='#n623'>623</a>
<a id='n624' href='#n624'>624</a>
<a id='n625' href='#n625'>625</a>
<a id='n626' href='#n626'>626</a>
<a id='n627' href='#n627'>627</a>
<a id='n628' href='#n628'>628</a>
<a id='n629' href='#n629'>629</a>
<a id='n630' href='#n630'>630</a>
<a id='n631' href='#n631'>631</a>
<a id='n632' href='#n632'>632</a>
<a id='n633' href='#n633'>633</a>
<a id='n634' href='#n634'>634</a>
<a id='n635' href='#n635'>635</a>
<a id='n636' href='#n636'>636</a>
<a id='n637' href='#n637'>637</a>
<a id='n638' href='#n638'>638</a>
<a id='n639' href='#n639'>639</a>
<a id='n640' href='#n640'>640</a>
<a id='n641' href='#n641'>641</a>
<a id='n642' href='#n642'>642</a>
<a id='n643' href='#n643'>643</a>
<a id='n644' href='#n644'>644</a>
<a id='n645' href='#n645'>645</a>
<a id='n646' href='#n646'>646</a>
<a id='n647' href='#n647'>647</a>
<a id='n648' href='#n648'>648</a>
<a id='n649' href='#n649'>649</a>
<a id='n650' href='#n650'>650</a>
<a id='n651' href='#n651'>651</a>
<a id='n652' href='#n652'>652</a>
<a id='n653' href='#n653'>653</a>
<a id='n654' href='#n654'>654</a>
<a id='n655' href='#n655'>655</a>
<a id='n656' href='#n656'>656</a>
<a id='n657' href='#n657'>657</a>
<a id='n658' href='#n658'>658</a>
<a id='n659' href='#n659'>659</a>
<a id='n660' href='#n660'>660</a>
<a id='n661' href='#n661'>661</a>
<a id='n662' href='#n662'>662</a>
<a id='n663' href='#n663'>663</a>
<a id='n664' href='#n664'>664</a>
<a id='n665' href='#n665'>665</a>
<a id='n666' href='#n666'>666</a>
<a id='n667' href='#n667'>667</a>
<a id='n668' href='#n668'>668</a>
<a id='n669' href='#n669'>669</a>
<a id='n670' href='#n670'>670</a>
<a id='n671' href='#n671'>671</a>
<a id='n672' href='#n672'>672</a>
<a id='n673' href='#n673'>673</a>
<a id='n674' href='#n674'>674</a>
<a id='n675' href='#n675'>675</a>
<a id='n676' href='#n676'>676</a>
<a id='n677' href='#n677'>677</a>
<a id='n678' href='#n678'>678</a>
<a id='n679' href='#n679'>679</a>
<a id='n680' href='#n680'>680</a>
<a id='n681' href='#n681'>681</a>
<a id='n682' href='#n682'>682</a>
<a id='n683' href='#n683'>683</a>
<a id='n684' href='#n684'>684</a>
<a id='n685' href='#n685'>685</a>
<a id='n686' href='#n686'>686</a>
<a id='n687' href='#n687'>687</a>
<a id='n688' href='#n688'>688</a>
<a id='n689' href='#n689'>689</a>
<a id='n690' href='#n690'>690</a>
<a id='n691' href='#n691'>691</a>
<a id='n692' href='#n692'>692</a>
<a id='n693' href='#n693'>693</a>
<a id='n694' href='#n694'>694</a>
<a id='n695' href='#n695'>695</a>
<a id='n696' href='#n696'>696</a>
<a id='n697' href='#n697'>697</a>
<a id='n698' href='#n698'>698</a>
<a id='n699' href='#n699'>699</a>
<a id='n700' href='#n700'>700</a>
<a id='n701' href='#n701'>701</a>
<a id='n702' href='#n702'>702</a>
<a id='n703' href='#n703'>703</a>
<a id='n704' href='#n704'>704</a>
<a id='n705' href='#n705'>705</a>
<a id='n706' href='#n706'>706</a>
<a id='n707' href='#n707'>707</a>
<a id='n708' href='#n708'>708</a>
<a id='n709' href='#n709'>709</a>
<a id='n710' href='#n710'>710</a>
<a id='n711' href='#n711'>711</a>
<a id='n712' href='#n712'>712</a>
<a id='n713' href='#n713'>713</a>
<a id='n714' href='#n714'>714</a>
<a id='n715' href='#n715'>715</a>
<a id='n716' href='#n716'>716</a>
<a id='n717' href='#n717'>717</a>
<a id='n718' href='#n718'>718</a>
<a id='n719' href='#n719'>719</a>
<a id='n720' href='#n720'>720</a>
<a id='n721' href='#n721'>721</a>
<a id='n722' href='#n722'>722</a>
<a id='n723' href='#n723'>723</a>
<a id='n724' href='#n724'>724</a>
<a id='n725' href='#n725'>725</a>
<a id='n726' href='#n726'>726</a>
<a id='n727' href='#n727'>727</a>
<a id='n728' href='#n728'>728</a>
<a id='n729' href='#n729'>729</a>
<a id='n730' href='#n730'>730</a>
<a id='n731' href='#n731'>731</a>
<a id='n732' href='#n732'>732</a>
<a id='n733' href='#n733'>733</a>
<a id='n734' href='#n734'>734</a>
<a id='n735' href='#n735'>735</a>
<a id='n736' href='#n736'>736</a>
<a id='n737' href='#n737'>737</a>
<a id='n738' href='#n738'>738</a>
<a id='n739' href='#n739'>739</a>
<a id='n740' href='#n740'>740</a>
<a id='n741' href='#n741'>741</a>
<a id='n742' href='#n742'>742</a>
<a id='n743' href='#n743'>743</a>
<a id='n744' href='#n744'>744</a>
<a id='n745' href='#n745'>745</a>
<a id='n746' href='#n746'>746</a>
<a id='n747' href='#n747'>747</a>
<a id='n748' href='#n748'>748</a>
<a id='n749' href='#n749'>749</a>
<a id='n750' href='#n750'>750</a>
<a id='n751' href='#n751'>751</a>
<a id='n752' href='#n752'>752</a>
<a id='n753' href='#n753'>753</a>
<a id='n754' href='#n754'>754</a>
<a id='n755' href='#n755'>755</a>
<a id='n756' href='#n756'>756</a>
<a id='n757' href='#n757'>757</a>
<a id='n758' href='#n758'>758</a>
<a id='n759' href='#n759'>759</a>
<a id='n760' href='#n760'>760</a>
<a id='n761' href='#n761'>761</a>
<a id='n762' href='#n762'>762</a>
<a id='n763' href='#n763'>763</a>
<a id='n764' href='#n764'>764</a>
<a id='n765' href='#n765'>765</a>
<a id='n766' href='#n766'>766</a>
<a id='n767' href='#n767'>767</a>
<a id='n768' href='#n768'>768</a>
<a id='n769' href='#n769'>769</a>
<a id='n770' href='#n770'>770</a>
<a id='n771' href='#n771'>771</a>
<a id='n772' href='#n772'>772</a>
<a id='n773' href='#n773'>773</a>
<a id='n774' href='#n774'>774</a>
<a id='n775' href='#n775'>775</a>
<a id='n776' href='#n776'>776</a>
<a id='n777' href='#n777'>777</a>
<a id='n778' href='#n778'>778</a>
<a id='n779' href='#n779'>779</a>
<a id='n780' href='#n780'>780</a>
<a id='n781' href='#n781'>781</a>
<a id='n782' href='#n782'>782</a>
<a id='n783' href='#n783'>783</a>
<a id='n784' href='#n784'>784</a>
<a id='n785' href='#n785'>785</a>
<a id='n786' href='#n786'>786</a>
<a id='n787' href='#n787'>787</a>
<a id='n788' href='#n788'>788</a>
<a id='n789' href='#n789'>789</a>
<a id='n790' href='#n790'>790</a>
<a id='n791' href='#n791'>791</a>
<a id='n792' href='#n792'>792</a>
<a id='n793' href='#n793'>793</a>
<a id='n794' href='#n794'>794</a>
<a id='n795' href='#n795'>795</a>
<a id='n796' href='#n796'>796</a>
<a id='n797' href='#n797'>797</a>
<a id='n798' href='#n798'>798</a>
<a id='n799' href='#n799'>799</a>
<a id='n800' href='#n800'>800</a>
</pre></td>
<td class='lines'><pre><code><span class="hl com">/* </span>
<span class="hl com">   Unix SMB/CIFS implementation.</span>
<span class="hl com"></span>
<span class="hl com">   Python wrapper for winbind client functions.</span>
<span class="hl com"></span>
<span class="hl com">   Copyright (C) Tim Potter      2002-2003</span>
<span class="hl com">   </span>
<span class="hl com">   This program is free software; you can redistribute it and/or modify</span>
<span class="hl com">   it under the terms of the GNU General Public License as published by</span>
<span class="hl com">   the Free Software Foundation; either version 2 of the License, or</span>
<span class="hl com">   (at your option) any later version.</span>
<span class="hl com">   </span>
<span class="hl com">   This program is distributed in the hope that it will be useful,</span>
<span class="hl com">   but WITHOUT ANY WARRANTY; without even the implied warranty of</span>
<span class="hl com">   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the</span>
<span class="hl com">   GNU General Public License for more details.</span>
<span class="hl com">   </span>
<span class="hl com">   You should have received a copy of the GNU General Public License</span>
<span class="hl com">   along with this program; if not, write to the Free Software</span>
<span class="hl com">   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.</span>
<span class="hl com">*/</span>

<span class="hl ppc">#include</span> <span class="hl pps">&quot;py_winbind.h&quot;</span><span class="hl ppc"></span>

<span class="hl com">/* </span>
<span class="hl com"> * Exceptions raised by this module </span>
<span class="hl com"> */</span>

PyObject <span class="hl opt">*</span>winbind_error<span class="hl opt">;</span>	<span class="hl com">/* A winbind call returned WINBINDD_ERROR */</span>

<span class="hl com">/* Prototypes from common.h */</span>

NSS_STATUS <span class="hl kwd">winbindd_request</span><span class="hl opt">(</span><span class="hl kwb">int</span> req_type<span class="hl opt">,</span> 
			    <span class="hl kwb">struct</span> winbindd_request <span class="hl opt">*</span>request<span class="hl opt">,</span>
			    <span class="hl kwb">struct</span> winbindd_response <span class="hl opt">*</span>response<span class="hl opt">);</span>

<span class="hl com">/*</span>
<span class="hl com"> * Name &lt;-&gt; SID conversion</span>
<span class="hl com"> */</span>

<span class="hl com">/* Convert a name to a sid */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_name_to_sid</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>

<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_request request<span class="hl opt">;</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	PyObject <span class="hl opt">*</span>result<span class="hl opt">;</span>
	<span class="hl kwb">char</span> <span class="hl opt">*</span>name<span class="hl opt">, *</span>p<span class="hl opt">;</span>
	<span class="hl kwb">const char</span> <span class="hl opt">*</span>sep<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;s&quot;</span><span class="hl opt">, &amp;</span>name<span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>request<span class="hl opt">);</span>
	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	sep <span class="hl opt">=</span> <span class="hl kwd">lp_winbind_separator</span><span class="hl opt">();</span>

	<span class="hl kwa">if</span> <span class="hl opt">((</span>p <span class="hl opt">=</span> <span class="hl kwd">strchr</span><span class="hl opt">(</span>name<span class="hl opt">,</span> sep<span class="hl opt">[</span><span class="hl num">0</span><span class="hl opt">]))) {</span>
		<span class="hl opt">*</span>p <span class="hl opt">=</span> <span class="hl num">0</span><span class="hl opt">;</span>
		<span class="hl kwd">fstrcpy</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>name<span class="hl opt">.</span>dom_name<span class="hl opt">,</span> name<span class="hl opt">);</span>
		<span class="hl kwd">fstrcpy</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>name<span class="hl opt">.</span>name<span class="hl opt">,</span> p <span class="hl opt">+</span> <span class="hl num">1</span><span class="hl opt">);</span>
	<span class="hl opt">}</span> <span class="hl kwa">else</span> <span class="hl opt">{</span>
		<span class="hl kwd">fstrcpy</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>name<span class="hl opt">.</span>dom_name<span class="hl opt">,</span> <span class="hl kwd">lp_workgroup</span><span class="hl opt">());</span>
		<span class="hl kwd">fstrcpy</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>name<span class="hl opt">.</span>name<span class="hl opt">,</span> name<span class="hl opt">);</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_LOOKUPNAME<span class="hl opt">, &amp;</span>request<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span>  
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>
	<span class="hl opt">}</span>

	result <span class="hl opt">=</span> <span class="hl kwd">PyString_FromString</span><span class="hl opt">(</span>response<span class="hl opt">.</span>data<span class="hl opt">.</span>sid<span class="hl opt">.</span>sid<span class="hl opt">);</span>

	<span class="hl kwa">return</span> result<span class="hl opt">;</span>
<span class="hl opt">}</span>

<span class="hl com">/* Convert a sid to a name */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_sid_to_name</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_request request<span class="hl opt">;</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	PyObject <span class="hl opt">*</span>result<span class="hl opt">;</span>
	<span class="hl kwb">char</span> <span class="hl opt">*</span>sid<span class="hl opt">, *</span>name<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;s&quot;</span><span class="hl opt">, &amp;</span>sid<span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>request<span class="hl opt">);</span>
	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	<span class="hl kwd">fstrcpy</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>sid<span class="hl opt">,</span> sid<span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_LOOKUPSID<span class="hl opt">, &amp;</span>request<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span>  
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>
	<span class="hl opt">}</span>

	<span class="hl kwd">asprintf</span><span class="hl opt">(&amp;</span>name<span class="hl opt">,</span> <span class="hl str">&quot;</span><span class="hl ipl">%s%s%s</span><span class="hl str">&quot;</span><span class="hl opt">,</span> response<span class="hl opt">.</span>data<span class="hl opt">.</span>name<span class="hl opt">.</span>dom_name<span class="hl opt">,</span>
		 <span class="hl kwd">lp_winbind_separator</span><span class="hl opt">(),</span> response<span class="hl opt">.</span>data<span class="hl opt">.</span>name<span class="hl opt">.</span>name<span class="hl opt">);</span>

	result <span class="hl opt">=</span> <span class="hl kwd">PyString_FromString</span><span class="hl opt">(</span>name<span class="hl opt">);</span>

	<span class="hl kwd">free</span><span class="hl opt">(</span>name<span class="hl opt">);</span>

	<span class="hl kwa">return</span> result<span class="hl opt">;</span>
<span class="hl opt">}</span>

<span class="hl com">/*</span>
<span class="hl com"> * Enumerate users/groups</span>
<span class="hl com"> */</span>

<span class="hl com">/* Enumerate domain users */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_enum_domain_users</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	PyObject <span class="hl opt">*</span>result<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;&quot;</span><span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_LIST_USERS<span class="hl opt">,</span> NULL<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>

	result <span class="hl opt">=</span> <span class="hl kwd">PyList_New</span><span class="hl opt">(</span><span class="hl num">0</span><span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span>response<span class="hl opt">.</span>extra_data<span class="hl opt">) {</span>
		<span class="hl kwb">const char</span> <span class="hl opt">*</span>extra_data <span class="hl opt">=</span> response<span class="hl opt">.</span>extra_data<span class="hl opt">;</span>
		fstring name<span class="hl opt">;</span>

		<span class="hl kwa">while</span> <span class="hl opt">(</span><span class="hl kwd">next_token</span><span class="hl opt">(&amp;</span>extra_data<span class="hl opt">,</span> name<span class="hl opt">,</span> <span class="hl str">&quot;,&quot;</span><span class="hl opt">,</span> <span class="hl kwa">sizeof</span><span class="hl opt">(</span>fstring<span class="hl opt">)))</span>
			<span class="hl kwd">PyList_Append</span><span class="hl opt">(</span>result<span class="hl opt">,</span> <span class="hl kwd">PyString_FromString</span><span class="hl opt">(</span>name<span class="hl opt">));</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">return</span> result<span class="hl opt">;</span>
<span class="hl opt">}</span>

<span class="hl com">/* Enumerate domain groups */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_enum_domain_groups</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	PyObject <span class="hl opt">*</span>result <span class="hl opt">=</span> NULL<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;&quot;</span><span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_LIST_GROUPS<span class="hl opt">,</span> NULL<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>

	result <span class="hl opt">=</span> <span class="hl kwd">PyList_New</span><span class="hl opt">(</span><span class="hl num">0</span><span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span>response<span class="hl opt">.</span>extra_data<span class="hl opt">) {</span>
		<span class="hl kwb">const char</span> <span class="hl opt">*</span>extra_data <span class="hl opt">=</span> response<span class="hl opt">.</span>extra_data<span class="hl opt">;</span>
		fstring name<span class="hl opt">;</span>

		<span class="hl kwa">while</span> <span class="hl opt">(</span><span class="hl kwd">next_token</span><span class="hl opt">(&amp;</span>extra_data<span class="hl opt">,</span> name<span class="hl opt">,</span> <span class="hl str">&quot;,&quot;</span><span class="hl opt">,</span> <span class="hl kwa">sizeof</span><span class="hl opt">(</span>fstring<span class="hl opt">)))</span>
			<span class="hl kwd">PyList_Append</span><span class="hl opt">(</span>result<span class="hl opt">,</span> <span class="hl kwd">PyString_FromString</span><span class="hl opt">(</span>name<span class="hl opt">));</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">return</span> result<span class="hl opt">;</span>
<span class="hl opt">}</span>

<span class="hl com">/*</span>
<span class="hl com"> * Miscellaneous domain related</span>
<span class="hl com"> */</span>

<span class="hl com">/* Enumerate domain groups */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_enum_trust_dom</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	PyObject <span class="hl opt">*</span>result <span class="hl opt">=</span> NULL<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;&quot;</span><span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_LIST_TRUSTDOM<span class="hl opt">,</span> NULL<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>

	result <span class="hl opt">=</span> <span class="hl kwd">PyList_New</span><span class="hl opt">(</span><span class="hl num">0</span><span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span>response<span class="hl opt">.</span>extra_data<span class="hl opt">) {</span>
		<span class="hl kwb">const char</span> <span class="hl opt">*</span>extra_data <span class="hl opt">=</span> response<span class="hl opt">.</span>extra_data<span class="hl opt">;</span>
		fstring name<span class="hl opt">;</span>

		<span class="hl kwa">while</span> <span class="hl opt">(</span><span class="hl kwd">next_token</span><span class="hl opt">(&amp;</span>extra_data<span class="hl opt">,</span> name<span class="hl opt">,</span> <span class="hl str">&quot;,&quot;</span><span class="hl opt">,</span> <span class="hl kwa">sizeof</span><span class="hl opt">(</span>fstring<span class="hl opt">)))</span>
			<span class="hl kwd">PyList_Append</span><span class="hl opt">(</span>result<span class="hl opt">,</span> <span class="hl kwd">PyString_FromString</span><span class="hl opt">(</span>name<span class="hl opt">));</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">return</span> result<span class="hl opt">;</span>
<span class="hl opt">}</span>

<span class="hl com">/* Check machine account password */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_check_secret</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;&quot;</span><span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_CHECK_MACHACC<span class="hl opt">,</span> NULL<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>

	<span class="hl kwa">return</span> <span class="hl kwd">PyInt_FromLong</span><span class="hl opt">(</span>response<span class="hl opt">.</span>data<span class="hl opt">.</span>num_entries<span class="hl opt">);</span>
<span class="hl opt">}</span>

<span class="hl com">/*</span>
<span class="hl com"> * Return a dictionary consisting of all the winbind related smb.conf</span>
<span class="hl com"> * parameters.  This is stored in the module object.</span>
<span class="hl com"> */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_config_dict</span><span class="hl opt">(</span><span class="hl kwb">void</span><span class="hl opt">)</span>
<span class="hl opt">{</span>
	PyObject <span class="hl opt">*</span>result<span class="hl opt">;</span>
	uid_t ulow<span class="hl opt">,</span> uhi<span class="hl opt">;</span>
	gid_t glow<span class="hl opt">,</span> ghi<span class="hl opt">;</span>
	
	<span class="hl kwa">if</span> <span class="hl opt">(!(</span>result <span class="hl opt">=</span> <span class="hl kwd">PyDict_New</span><span class="hl opt">()))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl com">/* Various string parameters */</span>

	<span class="hl kwd">PyDict_SetItemString</span><span class="hl opt">(</span>result<span class="hl opt">,</span> <span class="hl str">&quot;workgroup&quot;</span><span class="hl opt">,</span> 
			     <span class="hl kwd">PyString_FromString</span><span class="hl opt">(</span><span class="hl kwd">lp_workgroup</span><span class="hl opt">()));</span>

	<span class="hl kwd">PyDict_SetItemString</span><span class="hl opt">(</span>result<span class="hl opt">,</span> <span class="hl str">&quot;separator&quot;</span><span class="hl opt">,</span> 
			     <span class="hl kwd">PyString_FromString</span><span class="hl opt">(</span><span class="hl kwd">lp_winbind_separator</span><span class="hl opt">()));</span>

	<span class="hl kwd">PyDict_SetItemString</span><span class="hl opt">(</span>result<span class="hl opt">,</span> <span class="hl str">&quot;template_homedir&quot;</span><span class="hl opt">,</span> 
			     <span class="hl kwd">PyString_FromString</span><span class="hl opt">(</span><span class="hl kwd">lp_template_homedir</span><span class="hl opt">()));</span>

	<span class="hl kwd">PyDict_SetItemString</span><span class="hl opt">(</span>result<span class="hl opt">,</span> <span class="hl str">&quot;template_shell&quot;</span><span class="hl opt">,</span> 
			     <span class="hl kwd">PyString_FromString</span><span class="hl opt">(</span><span class="hl kwd">lp_template_shell</span><span class="hl opt">()));</span>

	<span class="hl com">/* idmap uid/gid range */</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">lp_idmap_uid</span><span class="hl opt">(&amp;</span>ulow<span class="hl opt">, &amp;</span>uhi<span class="hl opt">)) {</span>
		<span class="hl kwd">PyDict_SetItemString</span><span class="hl opt">(</span>result<span class="hl opt">,</span> <span class="hl str">&quot;uid_low&quot;</span><span class="hl opt">,</span> <span class="hl kwd">PyInt_FromLong</span><span class="hl opt">(</span>ulow<span class="hl opt">));</span>
		<span class="hl kwd">PyDict_SetItemString</span><span class="hl opt">(</span>result<span class="hl opt">,</span> <span class="hl str">&quot;uid_high&quot;</span><span class="hl opt">,</span> <span class="hl kwd">PyInt_FromLong</span><span class="hl opt">(</span>uhi<span class="hl opt">));</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">lp_idmap_gid</span><span class="hl opt">(&amp;</span>glow<span class="hl opt">, &amp;</span>ghi<span class="hl opt">)) {</span>
		<span class="hl kwd">PyDict_SetItemString</span><span class="hl opt">(</span>result<span class="hl opt">,</span> <span class="hl str">&quot;gid_low&quot;</span><span class="hl opt">,</span> <span class="hl kwd">PyInt_FromLong</span><span class="hl opt">(</span>glow<span class="hl opt">));</span>
		<span class="hl kwd">PyDict_SetItemString</span><span class="hl opt">(</span>result<span class="hl opt">,</span> <span class="hl str">&quot;gid_high&quot;</span><span class="hl opt">,</span> <span class="hl kwd">PyInt_FromLong</span><span class="hl opt">(</span>ghi<span class="hl opt">));</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">return</span> result<span class="hl opt">;</span>
<span class="hl opt">}</span>

<span class="hl com">/*</span>
<span class="hl com"> * ID mapping</span>
<span class="hl com"> */</span>

<span class="hl com">/* Convert a uid to a SID */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_uid_to_sid</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_request request<span class="hl opt">;</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	<span class="hl kwb">int</span> id<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;i&quot;</span><span class="hl opt">, &amp;</span>id<span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>request<span class="hl opt">);</span>
	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	request<span class="hl opt">.</span>data<span class="hl opt">.</span>uid <span class="hl opt">=</span> id<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_UID_TO_SID<span class="hl opt">, &amp;</span>request<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>

	<span class="hl kwa">return</span> <span class="hl kwd">PyString_FromString</span><span class="hl opt">(</span>response<span class="hl opt">.</span>data<span class="hl opt">.</span>sid<span class="hl opt">.</span>sid<span class="hl opt">);</span>
<span class="hl opt">}</span>

<span class="hl com">/* Convert a gid to a SID */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_gid_to_sid</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_request request<span class="hl opt">;</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	<span class="hl kwb">int</span> id<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;i&quot;</span><span class="hl opt">, &amp;</span>id<span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>request<span class="hl opt">);</span>
	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	request<span class="hl opt">.</span>data<span class="hl opt">.</span>gid <span class="hl opt">=</span> id<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_GID_TO_SID<span class="hl opt">, &amp;</span>request<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>

	<span class="hl kwa">return</span> <span class="hl kwd">PyString_FromString</span><span class="hl opt">(</span>response<span class="hl opt">.</span>data<span class="hl opt">.</span>sid<span class="hl opt">.</span>sid<span class="hl opt">);</span>
<span class="hl opt">}</span>

<span class="hl com">/* Convert a sid to a uid */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_sid_to_uid</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_request request<span class="hl opt">;</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	<span class="hl kwb">char</span> <span class="hl opt">*</span>sid<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;s&quot;</span><span class="hl opt">, &amp;</span>sid<span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>request<span class="hl opt">);</span>
	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	<span class="hl kwd">fstrcpy</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>sid<span class="hl opt">,</span> sid<span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_SID_TO_UID<span class="hl opt">, &amp;</span>request<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>

	<span class="hl kwa">return</span> <span class="hl kwd">PyInt_FromLong</span><span class="hl opt">(</span>response<span class="hl opt">.</span>data<span class="hl opt">.</span>uid<span class="hl opt">);</span>
<span class="hl opt">}</span>

<span class="hl com">/* Convert a sid to a gid */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_sid_to_gid</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_request request<span class="hl opt">;</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	<span class="hl kwb">char</span> <span class="hl opt">*</span>sid<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;s&quot;</span><span class="hl opt">, &amp;</span>sid<span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>request<span class="hl opt">);</span>
	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	<span class="hl kwd">fstrcpy</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>sid<span class="hl opt">,</span> sid<span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_SID_TO_GID<span class="hl opt">, &amp;</span>request<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>
	
	<span class="hl kwa">return</span> <span class="hl kwd">PyInt_FromLong</span><span class="hl opt">(</span>response<span class="hl opt">.</span>data<span class="hl opt">.</span>gid<span class="hl opt">);</span>
<span class="hl opt">}</span>

<span class="hl com">/*</span>
<span class="hl com"> * PAM authentication functions</span>
<span class="hl com"> */</span>

<span class="hl com">/* Plaintext authentication */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_auth_plaintext</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_request request<span class="hl opt">;</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	<span class="hl kwb">char</span> <span class="hl opt">*</span>username<span class="hl opt">, *</span>password<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;ss&quot;</span><span class="hl opt">, &amp;</span>username<span class="hl opt">, &amp;</span>password<span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>request<span class="hl opt">);</span>
	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	<span class="hl kwd">fstrcpy</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>auth<span class="hl opt">.</span>user<span class="hl opt">,</span> username<span class="hl opt">);</span>
	<span class="hl kwd">fstrcpy</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>auth<span class="hl opt">.</span>pass<span class="hl opt">,</span> password<span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_PAM_AUTH<span class="hl opt">, &amp;</span>request<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>
	
	<span class="hl kwa">return</span> <span class="hl kwd">PyInt_FromLong</span><span class="hl opt">(</span>response<span class="hl opt">.</span>data<span class="hl opt">.</span>auth<span class="hl opt">.</span>nt_status<span class="hl opt">);</span>
<span class="hl opt">}</span>

<span class="hl com">/* Challenge/response authentication */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_auth_crap</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>kw<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">static char</span> <span class="hl opt">*</span>kwlist<span class="hl opt">[] =</span> 
		<span class="hl opt">{</span><span class="hl str">&quot;username&quot;</span><span class="hl opt">,</span> <span class="hl str">&quot;password&quot;</span><span class="hl opt">,</span> <span class="hl str">&quot;use_lm_hash&quot;</span><span class="hl opt">,</span> <span class="hl str">&quot;use_nt_hash&quot;</span><span class="hl opt">,</span> NULL <span class="hl opt">};</span>
	<span class="hl kwb">struct</span> winbindd_request request<span class="hl opt">;</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	<span class="hl kwb">char</span> <span class="hl opt">*</span>username<span class="hl opt">, *</span>password<span class="hl opt">;</span>
	<span class="hl kwb">int</span> use_lm_hash <span class="hl opt">=</span> <span class="hl num">1</span><span class="hl opt">,</span> use_nt_hash <span class="hl opt">=</span> <span class="hl num">1</span><span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTupleAndKeywords</span><span class="hl opt">(</span>
		    args<span class="hl opt">,</span> kw<span class="hl opt">,</span> <span class="hl str">&quot;ss|ii&quot;</span><span class="hl opt">,</span> kwlist<span class="hl opt">, &amp;</span>username<span class="hl opt">, &amp;</span>password<span class="hl opt">,</span> 
		    <span class="hl opt">&amp;</span>use_lm_hash<span class="hl opt">, &amp;</span>use_nt_hash<span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>request<span class="hl opt">);</span>
	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">push_utf8_fstring</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>auth_crap<span class="hl opt">.</span>user<span class="hl opt">,</span> username<span class="hl opt">) == -</span><span class="hl num">1</span><span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;unable to create utf8 string&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>
	<span class="hl opt">}</span>

	<span class="hl kwd">generate_random_buffer</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>auth_crap<span class="hl opt">.</span>chal<span class="hl opt">,</span> <span class="hl num">8</span><span class="hl opt">,</span> False<span class="hl opt">);</span>
        
	<span class="hl kwa">if</span> <span class="hl opt">(</span>use_lm_hash<span class="hl opt">) {</span>
		<span class="hl kwd">SMBencrypt</span><span class="hl opt">((</span>uchar <span class="hl opt">*)</span>password<span class="hl opt">,</span> request<span class="hl opt">.</span>data<span class="hl opt">.</span>auth_crap<span class="hl opt">.</span>chal<span class="hl opt">,</span> 
			   <span class="hl opt">(</span>uchar <span class="hl opt">*)</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>auth_crap<span class="hl opt">.</span>lm_resp<span class="hl opt">);</span>
		request<span class="hl opt">.</span>data<span class="hl opt">.</span>auth_crap<span class="hl opt">.</span>lm_resp_len <span class="hl opt">=</span> <span class="hl num">24</span><span class="hl opt">;</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span>use_nt_hash<span class="hl opt">) {</span>
		<span class="hl kwd">SMBNTencrypt</span><span class="hl opt">((</span>uchar <span class="hl opt">*)</span>password<span class="hl opt">,</span> request<span class="hl opt">.</span>data<span class="hl opt">.</span>auth_crap<span class="hl opt">.</span>chal<span class="hl opt">,</span>
			     <span class="hl opt">(</span>uchar <span class="hl opt">*)</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>auth_crap<span class="hl opt">.</span>nt_resp<span class="hl opt">);</span>
		request<span class="hl opt">.</span>data<span class="hl opt">.</span>auth_crap<span class="hl opt">.</span>nt_resp_len <span class="hl opt">=</span> <span class="hl num">24</span><span class="hl opt">;</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_PAM_AUTH_CRAP<span class="hl opt">, &amp;</span>request<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>
	
	<span class="hl kwa">return</span> <span class="hl kwd">PyInt_FromLong</span><span class="hl opt">(</span>response<span class="hl opt">.</span>data<span class="hl opt">.</span>auth<span class="hl opt">.</span>nt_status<span class="hl opt">);</span>
<span class="hl opt">}</span>

<span class="hl ppc">#if 0</span>				<span class="hl com">/* Include when auth_smbd merged to HEAD */</span><span class="hl ppc"></span>

<span class="hl com">/* Challenge/response authentication, with secret */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_auth_smbd</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>kw<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">static char</span> <span class="hl opt">*</span>kwlist<span class="hl opt">[] =</span> 
		<span class="hl opt">{</span><span class="hl str">&quot;username&quot;</span><span class="hl opt">,</span> <span class="hl str">&quot;password&quot;</span><span class="hl opt">,</span> <span class="hl str">&quot;use_lm_hash&quot;</span><span class="hl opt">,</span> <span class="hl str">&quot;use_nt_hash&quot;</span><span class="hl opt">,</span> NULL <span class="hl opt">};</span>
	<span class="hl kwb">struct</span> winbindd_request request<span class="hl opt">;</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	<span class="hl kwb">char</span> <span class="hl opt">*</span>username<span class="hl opt">, *</span>password<span class="hl opt">;</span>
	<span class="hl kwb">int</span> use_lm_hash <span class="hl opt">=</span> <span class="hl num">1</span><span class="hl opt">,</span> use_nt_hash <span class="hl opt">=</span> <span class="hl num">1</span><span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTupleAndKeywords</span><span class="hl opt">(</span>
		    args<span class="hl opt">,</span> kw<span class="hl opt">,</span> <span class="hl str">&quot;ss|ii&quot;</span><span class="hl opt">,</span> kwlist<span class="hl opt">, &amp;</span>username<span class="hl opt">, &amp;</span>password<span class="hl opt">,</span> 
		    <span class="hl opt">&amp;</span>use_lm_hash<span class="hl opt">, &amp;</span>use_nt_hash<span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>request<span class="hl opt">);</span>
	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">push_utf8_fstring</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>auth_crap<span class="hl opt">.</span>user<span class="hl opt">,</span> username<span class="hl opt">) == -</span><span class="hl num">1</span><span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span><span class="hl str">&quot;unable to create utf8 string&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>
	<span class="hl opt">}</span>

	<span class="hl kwd">generate_random_buffer</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>smbd_auth_crap<span class="hl opt">.</span>chal<span class="hl opt">,</span> <span class="hl num">8</span><span class="hl opt">,</span> False<span class="hl opt">);</span>
        
	<span class="hl kwa">if</span> <span class="hl opt">(</span>use_lm_hash<span class="hl opt">) {</span>
		<span class="hl kwd">SMBencrypt</span><span class="hl opt">((</span>uchar <span class="hl opt">*)</span>password<span class="hl opt">,</span> 
			   request<span class="hl opt">.</span>data<span class="hl opt">.</span>smbd_auth_crap<span class="hl opt">.</span>chal<span class="hl opt">,</span> 
			   <span class="hl opt">(</span>uchar <span class="hl opt">*)</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>smbd_auth_crap<span class="hl opt">.</span>lm_resp<span class="hl opt">);</span>
		request<span class="hl opt">.</span>data<span class="hl opt">.</span>smbd_auth_crap<span class="hl opt">.</span>lm_resp_len <span class="hl opt">=</span> <span class="hl num">24</span><span class="hl opt">;</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span>use_nt_hash<span class="hl opt">) {</span>
		<span class="hl kwd">SMBNTencrypt</span><span class="hl opt">((</span>uchar <span class="hl opt">*)</span>password<span class="hl opt">,</span> 
			     request<span class="hl opt">.</span>data<span class="hl opt">.</span>smbd_auth_crap<span class="hl opt">.</span>chal<span class="hl opt">,</span>
			     <span class="hl opt">(</span>uchar <span class="hl opt">*)</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>smbd_auth_crap<span class="hl opt">.</span>nt_resp<span class="hl opt">);</span>
		request<span class="hl opt">.</span>data<span class="hl opt">.</span>smbd_auth_crap<span class="hl opt">.</span>nt_resp_len <span class="hl opt">=</span> <span class="hl num">24</span><span class="hl opt">;</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">secrets_fetch_trust_account_password</span><span class="hl opt">(</span>
		    <span class="hl kwd">lp_workgroup</span><span class="hl opt">(),</span> request<span class="hl opt">.</span>data<span class="hl opt">.</span>smbd_auth_crap<span class="hl opt">.</span>proof<span class="hl opt">,</span> NULL<span class="hl opt">)) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>
			winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;unable to fetch domain secret&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>
	<span class="hl opt">}</span>



	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_SMBD_AUTH_CRAP<span class="hl opt">, &amp;</span>request<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>
	
	<span class="hl kwa">return</span> <span class="hl kwd">PyInt_FromLong</span><span class="hl opt">(</span>response<span class="hl opt">.</span>data<span class="hl opt">.</span>auth<span class="hl opt">.</span>nt_status<span class="hl opt">);</span>
<span class="hl opt">}</span>

<span class="hl ppc">#endif</span> <span class="hl com">/* 0 */</span><span class="hl ppc"></span>

<span class="hl com">/* Get user info from name */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_getpwnam</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_request request<span class="hl opt">;</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	<span class="hl kwb">char</span> <span class="hl opt">*</span>username<span class="hl opt">;</span>
	PyObject <span class="hl opt">*</span>result<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;s&quot;</span><span class="hl opt">, &amp;</span>username<span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>request<span class="hl opt">);</span>
	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	<span class="hl kwd">fstrcpy</span><span class="hl opt">(</span>request<span class="hl opt">.</span>data<span class="hl opt">.</span>username<span class="hl opt">,</span> username<span class="hl opt">);</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_GETPWNAM<span class="hl opt">, &amp;</span>request<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>
	
	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">py_from_winbind_passwd</span><span class="hl opt">(&amp;</span>result<span class="hl opt">, &amp;</span>response<span class="hl opt">)) {</span>
		result <span class="hl opt">=</span> Py_None<span class="hl opt">;</span>
		<span class="hl kwd">Py_INCREF</span><span class="hl opt">(</span>result<span class="hl opt">);</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">return</span> result<span class="hl opt">;</span>
<span class="hl opt">}</span>

<span class="hl com">/* Get user info from uid */</span>

<span class="hl kwb">static</span> PyObject <span class="hl opt">*</span><span class="hl kwd">py_getpwuid</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>self<span class="hl opt">,</span> PyObject <span class="hl opt">*</span>args<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> winbindd_request request<span class="hl opt">;</span>
	<span class="hl kwb">struct</span> winbindd_response response<span class="hl opt">;</span>
	uid_t uid<span class="hl opt">;</span>
	PyObject <span class="hl opt">*</span>result<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">PyArg_ParseTuple</span><span class="hl opt">(</span>args<span class="hl opt">,</span> <span class="hl str">&quot;i&quot;</span><span class="hl opt">, &amp;</span>uid<span class="hl opt">))</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>

	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>request<span class="hl opt">);</span>
	<span class="hl kwd">ZERO_STRUCT</span><span class="hl opt">(</span>response<span class="hl opt">);</span>

	request<span class="hl opt">.</span>data<span class="hl opt">.</span>uid <span class="hl opt">=</span> uid<span class="hl opt">;</span>

	<span class="hl kwa">if</span> <span class="hl opt">(</span><span class="hl kwd">winbindd_request</span><span class="hl opt">(</span>WINBINDD_GETPWUID<span class="hl opt">, &amp;</span>request<span class="hl opt">, &amp;</span>response<span class="hl opt">)</span> 
	    <span class="hl opt">!=</span> NSS_STATUS_SUCCESS<span class="hl opt">) {</span>
		<span class="hl kwd">PyErr_SetString</span><span class="hl opt">(</span>winbind_error<span class="hl opt">,</span> <span class="hl str">&quot;lookup failed&quot;</span><span class="hl opt">);</span>
		<span class="hl kwa">return</span> NULL<span class="hl opt">;</span>		
	<span class="hl opt">}</span>
	
	<span class="hl kwa">if</span> <span class="hl opt">(!</span><span class="hl kwd">py_from_winbind_passwd</span><span class="hl opt">(&amp;</span>result<span class="hl opt">, &amp;</span>response<span class="hl opt">)) {</span>
		result <span class="hl opt">=</span> Py_None<span class="hl opt">;</span>
		<span class="hl kwd">Py_INCREF</span><span class="hl opt">(</span>result<span class="hl opt">);</span>
	<span class="hl opt">}</span>

	<span class="hl kwa">return</span> result<span class="hl opt">;</span>
<span class="hl opt">}</span>

<span class="hl com">/*</span>
<span class="hl com"> * Method dispatch table</span>
<span class="hl com"> */</span>

<span class="hl kwb">static</span> PyMethodDef winbind_methods<span class="hl opt">[] = {</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;getpwnam&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_getpwnam<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span> <span class="hl str">&quot;getpwnam(3)&quot;</span> <span class="hl opt">},</span>
	<span class="hl opt">{</span> <span class="hl str">&quot;getpwuid&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_getpwuid<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span> <span class="hl str">&quot;getpwuid(3)&quot;</span> <span class="hl opt">},</span>

	<span class="hl com">/* Name &lt;-&gt; SID conversion */</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;name_to_sid&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_name_to_sid<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;name_to_sid(s) -&gt; string</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Return the SID for a name.</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Example:</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&gt;&gt;&gt; winbind.name_to_sid(&#39;FOO/Administrator&#39;)</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&#39;S-1-5-21-406022937-1377575209-526660263-500&#39; &quot;</span> <span class="hl opt">},</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;sid_to_name&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_sid_to_name<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;sid_to_name(s) -&gt; string</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Return the name for a SID.</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Example:</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&gt;&gt;&gt; import winbind</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&gt;&gt;&gt; winbind.sid_to_name(&#39;S-1-5-21-406022937-1377575209-526660263-500&#39;)</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&#39;FOO/Administrator&#39; &quot;</span> <span class="hl opt">},</span>

	<span class="hl com">/* Enumerate users/groups */</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;enum_domain_users&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_enum_domain_users<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;enum_domain_users() -&gt; list of strings</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Return a list of domain users.</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Example:</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&gt;&gt;&gt; winbind.enum_domain_users()</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;[&#39;FOO/Administrator&#39;, &#39;FOO/anna&#39;, &#39;FOO/Anne Elk&#39;, &#39;FOO/build&#39;,</span> <span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&#39;FOO/foo&#39;, &#39;FOO/foo2&#39;, &#39;FOO/foo3&#39;, &#39;FOO/Guest&#39;, &#39;FOO/user1&#39;,</span> <span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&#39;FOO/whoops-ptang&#39;] &quot;</span> <span class="hl opt">},</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;enum_domain_groups&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_enum_domain_groups<span class="hl opt">,</span> 
	  METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;enum_domain_groups() -&gt; list of strings</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Return a list of domain groups.</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Example:</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&gt;&gt;&gt; winbind.enum_domain_groups()</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;[&#39;FOO/cows&#39;, &#39;FOO/Domain Admins&#39;, &#39;FOO/Domain Guests&#39;,</span> <span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&#39;FOO/Domain Users&#39;] &quot;</span> <span class="hl opt">},</span>

	<span class="hl com">/* ID mapping */</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;uid_to_sid&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_uid_to_sid<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;uid_to_sid(int) -&gt; string</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Return the SID for a UNIX uid.</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Example:</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&gt;&gt;&gt; winbind.uid_to_sid(10000)</span>   <span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&#39;S-1-5-21-406022937-1377575209-526660263-500&#39; &quot;</span> <span class="hl opt">},</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;gid_to_sid&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_gid_to_sid<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;gid_to_sid(int) -&gt; string</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Return the UNIX gid for a SID.</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Example:</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&gt;&gt;&gt; winbind.gid_to_sid(10001)</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&#39;S-1-5-21-406022937-1377575209-526660263-512&#39; &quot;</span> <span class="hl opt">},</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;sid_to_uid&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_sid_to_uid<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;sid_to_uid(string) -&gt; int</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Return the UNIX uid for a SID.</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Example:</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&gt;&gt;&gt; winbind.sid_to_uid(&#39;S-1-5-21-406022937-1377575209-526660263-500&#39;)</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;10000 &quot;</span> <span class="hl opt">},</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;sid_to_gid&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_sid_to_gid<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;sid_to_gid(string) -&gt; int</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Return the UNIX gid corresponding to a SID.</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Example:</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&gt;&gt;&gt; winbind.sid_to_gid(&#39;S-1-5-21-406022937-1377575209-526660263-512&#39;)</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;10001 &quot;</span> <span class="hl opt">},</span>

	<span class="hl com">/* Miscellaneous */</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;check_secret&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_check_secret<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;check_secret() -&gt; int</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Check the machine trust account password.  The NT status is returned</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;with zero indicating success. &quot;</span> <span class="hl opt">},</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;enum_trust_dom&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_enum_trust_dom<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;enum_trust_dom() -&gt; list of strings</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Return a list of trusted domains.  The domain the server is a member</span> <span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;of is not included.</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Example:</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;&gt;&gt;&gt; winbind.enum_trust_dom()</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;[&#39;NPSD-TEST2&#39;, &#39;SP2NDOM&#39;] &quot;</span> <span class="hl opt">},</span>

	<span class="hl com">/* PAM authorisation functions */</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;auth_plaintext&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_auth_plaintext<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;auth_plaintext(s, s) -&gt; int</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Authenticate a username and password using plaintext authentication.</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;The NT status code is returned with zero indicating success.&quot;</span> <span class="hl opt">},</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;auth_crap&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_auth_crap<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;auth_crap(s, s) -&gt; int</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Authenticate a username and password using the challenge/response</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;protocol.  The NT status code is returned with zero indicating</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;success.&quot;</span> <span class="hl opt">},</span>

<span class="hl ppc">#if 0</span>				<span class="hl com">/* Include when smbd_auth merged to HEAD */</span><span class="hl ppc"></span>

	<span class="hl opt">{</span> <span class="hl str">&quot;auth_smbd&quot;</span><span class="hl opt">, (</span>PyCFunction<span class="hl opt">)</span>py_auth_crap<span class="hl opt">,</span> METH_VARARGS<span class="hl opt">,</span>
	  <span class="hl str">&quot;auth_smbd(s, s) -&gt; int</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;Authenticate a username and password using the challenge/response</span><span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;protocol but using the domain secret to prove we are root.  The NT</span> <span class="hl esc">\n</span><span class="hl str">&quot;</span>
<span class="hl str">&quot;status code is returned with zero indicating success.&quot;</span> <span class="hl opt">},</span>

<span class="hl ppc">#endif</span>

	<span class="hl opt">{</span> NULL <span class="hl opt">}</span>
<span class="hl opt">};</span>

<span class="hl kwb">static struct</span> const_vals <span class="hl opt">{</span>
	<span class="hl kwb">char</span> <span class="hl opt">*</span>name<span class="hl opt">;</span>
	uint32 value<span class="hl opt">;</span>
	<span class="hl kwb">char</span> <span class="hl opt">*</span>docstring<span class="hl opt">;</span>
<span class="hl opt">}</span> module_const_vals<span class="hl opt">[] = {</span>

	<span class="hl com">/* Well known RIDs */</span>
	
	<span class="hl opt">{</span> <span class="hl str">&quot;DOMAIN_USER_RID_ADMIN&quot;</span><span class="hl opt">,</span> DOMAIN_USER_RID_ADMIN<span class="hl opt">,</span> 
	  <span class="hl str">&quot;Well-known RID for Administrator user&quot;</span> <span class="hl opt">},</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;DOMAIN_USER_RID_GUEST&quot;</span><span class="hl opt">,</span> DOMAIN_USER_RID_GUEST<span class="hl opt">,</span>
	  <span class="hl str">&quot;Well-known RID for Guest user&quot;</span> <span class="hl opt">},</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;DOMAIN_GROUP_RID_ADMINS&quot;</span><span class="hl opt">,</span> DOMAIN_GROUP_RID_ADMINS<span class="hl opt">,</span>
	  <span class="hl str">&quot;Well-known RID for Domain Admins group&quot;</span> <span class="hl opt">},</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;DOMAIN_GROUP_RID_USERS&quot;</span><span class="hl opt">,</span> DOMAIN_GROUP_RID_USERS<span class="hl opt">,</span>
	  <span class="hl str">&quot;Well-known RID for Domain Users group&quot;</span> <span class="hl opt">},</span>

	<span class="hl opt">{</span> <span class="hl str">&quot;DOMAIN_GROUP_RID_GUESTS&quot;</span><span class="hl opt">,</span> DOMAIN_GROUP_RID_GUESTS<span class="hl opt">,</span>
	  <span class="hl str">&quot;Well-known RID for Domain Guests group&quot;</span> <span class="hl opt">},</span> 
	
	<span class="hl opt">{</span> NULL <span class="hl opt">}</span>
<span class="hl opt">};</span>

<span class="hl kwb">static void</span> <span class="hl kwd">const_init</span><span class="hl opt">(</span>PyObject <span class="hl opt">*</span>dict<span class="hl opt">)</span>
<span class="hl opt">{</span>
	<span class="hl kwb">struct</span> const_vals <span class="hl opt">*</span>tmp<span class="hl opt">;</span>
	PyObject <span class="hl opt">*</span>obj<span class="hl opt">;</span>

	<span class="hl kwa">for</span> <span class="hl opt">(</span>tmp <span class="hl opt">=</span> module_const_vals<span class="hl opt">;</span> tmp<span class="hl opt">-&gt;</span>name<span class="hl opt">;</span> tmp<span class="hl opt">++) {</span>
		obj <span class="hl opt">=</span> <span class="hl kwd">PyInt_FromLong</span><span class="hl opt">(</span>tmp<span class="hl opt">-&gt;</span>value<span class="hl opt">);</span>
		<span class="hl kwd">PyDict_SetItemString</span><span class="hl opt">(</span>dict<span class="hl opt">,</span> tmp<span class="hl opt">-&gt;</span>name<span class="hl opt">,</span> obj<span class="hl opt">);</span>
		<span class="hl kwd">Py_DECREF</span><span class="hl opt">(</span>obj<span class="hl opt">);</span>
	<span class="hl opt">}</span>
<span class="hl opt">}</span>

<span class="hl com">/*</span>
<span class="hl com"> * Module initialisation </span>
<span class="hl com"> */</span>

<span class="hl kwb">static char</span> winbind_module__doc__<span class="hl opt">[] =</span>
<span class="hl str">&quot;A python extension to winbind client functions.&quot;</span><span class="hl opt">;</span>

<span class="hl kwb">void</span> <span class="hl kwd">initwinbind</span><span class="hl opt">(</span><span class="hl kwb">void</span><span class="hl opt">)</span>
<span class="hl opt">{</span>
	PyObject <span class="hl opt">*</span>module<span class="hl opt">, *</span>dict<span class="hl opt">;</span>

	<span class="hl com">/* Initialise module */</span>

        module <span class="hl opt">=</span> <span class="hl kwd">Py_InitModule3</span><span class="hl opt">(</span><span class="hl str">&quot;winbind&quot;</span><span class="hl opt">,</span> winbind_methods<span class="hl opt">,</span>
				winbind_module__doc__<span class="hl opt">);</span>

	dict <span class="hl opt">=</span> <span class="hl kwd">PyModule_GetDict</span><span class="hl opt">(</span>module<span class="hl opt">);</span>

	winbind_error <span class="hl opt">=</span> <span class="hl kwd">PyErr_NewException</span><span class="hl opt">(</span><span class="hl str">&quot;winbind.error&quot;</span><span class="hl opt">,</span> NULL<span class="hl opt">,</span> NULL<span class="hl opt">);</span>
	<span class="hl kwd">PyDict_SetItemString</span><span class="hl opt">(</span>dict<span class="hl opt">,</span> <span class="hl str">&quot;error&quot;</span><span class="hl opt">,</span> winbind_error<span class="hl opt">);</span>

	<span class="hl com">/* Do samba initialisation */</span>

	<span class="hl kwd">py_samba_init</span><span class="hl opt">();</span>

	<span class="hl com">/* Initialise constants */</span>

	<span class="hl kwd">const_init</span><span class="hl opt">(</span>dict<span class="hl opt">);</span>

	<span class="hl com">/* Insert configuration dictionary */</span>

	<span class="hl kwd">PyDict_SetItemString</span><span class="hl opt">(</span>dict<span class="hl opt">,</span> <span class="hl str">&quot;config&quot;</span><span class="hl opt">,</span> <span class="hl kwd">py_config_dict</span><span class="hl opt">());</span>
<span class="hl opt">}</span>
</code></pre></td></tr></table>
</div> <!-- class=content -->
<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit </a> (<a href='https://git-scm.com/'>git 2.34.1</a>) at 2026-03-25 22:38:25 +0000</div>
</div> <!-- id=cgit -->
</body>
</html>