[packages/squid.git] / squid-3.0.PRE3-winbind.patch

Index: squid3/helpers/basic_auth/winbind/wb_basic_auth.c
diff -c squid3/helpers/basic_auth/winbind/wb_basic_auth.c:1.6 squid3/helpers/basic_auth/winbind/wb_basic_auth.c:1.7
*** squid3/helpers/basic_auth/winbind/wb_basic_auth.c:1.6	Tue Feb 11 07:34:31 2003
--- squid3/helpers/basic_auth/winbind/wb_basic_auth.c	Fri Sep 12 04:13:22 2003
***************
*** 31,37 ****
  char debug_enabled=0;
  char *myname;
  pid_t mypid;
- int err = 0;
  
  NSS_STATUS winbindd_request(int req_type,
  			    struct winbindd_request *request,
--- 31,36 ----
***************
*** 99,129 ****
      return;
  }
  
! void manage_request(void)
  {
      char buf[BUFFER_SIZE+1];
      int length;
      char *c, *user, *pass;
    
!     if (fgets(buf, BUFFER_SIZE, stdin) == NULL) {
! 	warn("fgets() failed! dying..... errno=%d (%s)\n", errno,
! 	    strerror(errno));
! 	exit(1);    /* BIIG buffer */
!     }
! 	
      c=memchr(buf,'\n',BUFFER_SIZE);
      if (c) {
  	*c = '\0';
  	length = c-buf;
      } else {
- 	err = 1;
- 	return;
-     }
-     if (err) {
  	warn("Oversized message\n");
  	SEND("ERR");
! 	err = 0;
! 	return;
      }
    
      debug("Got '%s' from squid (length: %d).\n",buf,length);
--- 98,121 ----
      return;
  }
  
! int manage_request(void)
  {
      char buf[BUFFER_SIZE+1];
      int length;
      char *c, *user, *pass;
    
!     if (fgets(buf, BUFFER_SIZE, stdin) == NULL)
! 	return 0;
!     
      c=memchr(buf,'\n',BUFFER_SIZE);
      if (c) {
  	*c = '\0';
  	length = c-buf;
      } else {
  	warn("Oversized message\n");
+ 	fgets(buf, BUFFER_SIZE, stdin);
  	SEND("ERR");
! 	return 1;
      }
    
      debug("Got '%s' from squid (length: %d).\n",buf,length);
***************
*** 131,137 ****
      if (buf[0] == '\0') {
  	warn("Invalid Request\n");
  	SEND("ERR");
! 	return;
      }
  
      user=buf;
--- 123,129 ----
      if (buf[0] == '\0') {
  	warn("Invalid Request\n");
  	SEND("ERR");
! 	return 1;
      }
  
      user=buf;
***************
*** 140,146 ****
      if (!pass) {
  	warn("Password not found. Denying access\n");
  	SEND("ERR");
! 	return;
      }
      *pass='\0';
      pass++;
--- 132,138 ----
      if (!pass) {
  	warn("Password not found. Denying access\n");
  	SEND("ERR");
! 	return 1;
      }
      *pass='\0';
      pass++;
***************
*** 149,154 ****
--- 141,169 ----
      rfc1738_unescape(pass);
  
      do_authenticate(user,pass);
+     return 1;
+ }
+ 
+ void
+ check_winbindd()
+ {
+     NSS_STATUS r;
+     int retry=10;
+     struct winbindd_request request;
+     struct winbindd_response response;
+     do {
+ 	r = winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response);
+ 	if (r != NSS_STATUS_SUCCESS)
+ 	    retry--; 
+     } while (r != NSS_STATUS_SUCCESS && retry);
+     if (r != NSS_STATUS_SUCCESS) {
+ 	warn("Can't contact winbindd. Dying\n");
+ 	exit(1);
+     }
+     if (response.data.interface_version != WINBIND_INTERFACE_VERSION) {
+ 	warn("Winbind protocol mismatch. Align squid and samba. Dying\n");
+ 	exit(1);
+     }
  }
  
  
***************
*** 170,177 ****
      setbuf(stdout, NULL);
      setbuf(stderr, NULL);
  
!     while(1) {
! 	manage_request();
      }
      return 0;
  }
--- 185,194 ----
      setbuf(stdout, NULL);
      setbuf(stderr, NULL);
  
!     check_winbindd();
! 
!     while(manage_request()) {
! 	/* everything is done within manage_request */
      }
      return 0;
  }
Index: squid3/helpers/external_acl/winbind_group/wb_check_group.c
diff -c squid3/helpers/external_acl/winbind_group/wb_check_group.c:1.11 squid3/helpers/external_acl/winbind_group/wb_check_group.c:1.12
*** squid3/helpers/external_acl/winbind_group/wb_check_group.c:1.11	Sun May 11 07:01:34 2003
--- squid3/helpers/external_acl/winbind_group/wb_check_group.c	Fri Sep 12 04:13:23 2003
***************
*** 292,297 ****
--- 292,319 ----
      return;
  }
  
+ void
+ check_winbindd()
+ {
+     NSS_STATUS r;
+     int retry=10;
+     struct winbindd_request request;
+     struct winbindd_response response;
+     do {
+ 	r = winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response);
+ 	if (r != NSS_STATUS_SUCCESS)
+ 	    retry--; 
+     } while (r != NSS_STATUS_SUCCESS && retry);
+     if (r != NSS_STATUS_SUCCESS) {
+ 	warn("Can't contact winbindd. Dying\n");
+ 	exit(1);
+     }
+     if (response.data.interface_version != WINBIND_INTERFACE_VERSION) {
+ 	warn("Winbind protocol mismatch. Align squid and samba. Dying\n");
+ 	exit(1);
+     }
+ }
+ 
  int
  main (int argc, char *argv[])
  {
***************
*** 323,328 ****
--- 345,352 ----
      if (use_case_insensitive_compare)
          debug("Warning: running in case insensitive mode !!!\n");
   
+     check_winbindd();
+ 
      /* Main Loop */
      while (fgets (buf, BUFSIZE, stdin))
      {
Index: squid3/helpers/ntlm_auth/winbind/wb_ntlm_auth.c
diff -c squid3/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.8 squid3/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.9
*** squid3/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.8	Tue Aug  5 15:40:02 2003
--- squid3/helpers/ntlm_auth/winbind/wb_ntlm_auth.c	Fri Sep 12 04:13:25 2003
***************
*** 261,267 ****
      return;			/* useless */
  }
  
! void
  manage_request(char *target_domain)
  {
      char buf[BUFFER_SIZE + 1];
--- 261,267 ----
      return;			/* useless */
  }
  
! int
  manage_request(char *target_domain)
  {
      char buf[BUFFER_SIZE + 1];
***************
*** 271,288 ****
  
  
  try_again:
!     if (fgets(buf, BUFFER_SIZE, stdin) == NULL) {
! 	warn("fgets() failed! dying..... errno=%d (%s)\n", errno,
! 	    strerror(errno));
! 	exit(1);		/* BIIG buffer */
!     }
  
      c = memchr(buf, '\n', BUFFER_SIZE);
      if (c) {
  	if (oversized) {
  	    helperfail("illegal request received");
  	    warn("Illegal request received: '%s'\n", buf);
! 	    return;
  	}
  	*c = '\0';
      }
--- 271,285 ----
  
  
  try_again:
!     if (fgets(buf, BUFFER_SIZE, stdin) == NULL)
! 	return 0;
  
      c = memchr(buf, '\n', BUFFER_SIZE);
      if (c) {
  	if (oversized) {
  	    helperfail("illegal request received");
  	    warn("Illegal request received: '%s'\n", buf);
! 	    return 1;
  	}
  	*c = '\0';
      }
***************
*** 296,339 ****
      if (memcmp(buf, "YR", 2) == 0) {	/* refresh-request */
  	sendchallenge(ntlm_make_challenge(target_domain, NULL,
  		build_challenge(), CHALLENGE_LEN));
! 	return;
      }
      if (strncmp(buf, "KK ", 3) != 0) {	/* not an auth-request */
  	helperfail("illegal request received");
  	warn("Illegal request received: '%s'\n", buf);
! 	return;
      }
      /* At this point I'm sure it's a KK */
      decoded = base64_decode(buf + 3);
      if (!decoded) {		/* decoding failure, return error */
  	authfail("-", "-", "Auth-format error, base64-decoding error");
! 	return;
      }
      fast_header = (struct _ntlmhdr *) decoded;
  
      /* sanity-check: it IS a NTLMSSP packet, isn't it? */
      if (memcmp(fast_header->signature, "NTLMSSP", 8) != 0) {
  	authfail("-", "-", "Broken NTLM packet, missing NTLMSSP signature");
! 	return;
      }
      /* Understand what we got */
      switch le32toh(fast_header->type) {
      case NTLM_NEGOTIATE:
  	authfail("-", "-", "Received neg-request while expecting auth packet");
! 	return;
      case NTLM_CHALLENGE:
  	authfail("-", "-", "Received challenge. Refusing to abide");
! 	return;
      case NTLM_AUTHENTICATE:
  	do_authenticate((ntlm_authenticate *) decoded,
  	    (strlen(buf) - 3) * 3 / 4);
! 	return;
      default:
  	helperfail("Unknown authentication packet type");
! 	return;
      }
      /* notreached */
!     return;
  }
  
  static char *
--- 293,336 ----
      if (memcmp(buf, "YR", 2) == 0) {	/* refresh-request */
  	sendchallenge(ntlm_make_challenge(target_domain, NULL,
  		build_challenge(), CHALLENGE_LEN));
! 	return 1;
      }
      if (strncmp(buf, "KK ", 3) != 0) {	/* not an auth-request */
  	helperfail("illegal request received");
  	warn("Illegal request received: '%s'\n", buf);
! 	return 1;
      }
      /* At this point I'm sure it's a KK */
      decoded = base64_decode(buf + 3);
      if (!decoded) {		/* decoding failure, return error */
  	authfail("-", "-", "Auth-format error, base64-decoding error");
! 	return 1;
      }
      fast_header = (struct _ntlmhdr *) decoded;
  
      /* sanity-check: it IS a NTLMSSP packet, isn't it? */
      if (memcmp(fast_header->signature, "NTLMSSP", 8) != 0) {
  	authfail("-", "-", "Broken NTLM packet, missing NTLMSSP signature");
! 	return 1;
      }
      /* Understand what we got */
      switch le32toh(fast_header->type) {
      case NTLM_NEGOTIATE:
  	authfail("-", "-", "Received neg-request while expecting auth packet");
! 	return 1;
      case NTLM_CHALLENGE:
  	authfail("-", "-", "Received challenge. Refusing to abide");
! 	return 1;
      case NTLM_AUTHENTICATE:
  	do_authenticate((ntlm_authenticate *) decoded,
  	    (strlen(buf) - 3) * 3 / 4);
! 	return 1;
      default:
  	helperfail("Unknown authentication packet type");
! 	return 1;
      }
      /* notreached */
!     return 1;
  }
  
  static char *
***************
*** 410,418 ****
  check_winbindd()
  {
      NSS_STATUS r;
      struct winbindd_request request;
      struct winbindd_response response;
!     r = winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response);
      if (r != NSS_STATUS_SUCCESS) {
  	warn("Can't contact winbindd. Dying\n");
  	exit(1);
--- 407,420 ----
  check_winbindd()
  {
      NSS_STATUS r;
+     int retry=10;
      struct winbindd_request request;
      struct winbindd_response response;
!     do {
! 	r = winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response);
! 	if (r != NSS_STATUS_SUCCESS)
! 	    retry--; 
!     } while (r != NSS_STATUS_SUCCESS && retry);
      if (r != NSS_STATUS_SUCCESS) {
  	warn("Can't contact winbindd. Dying\n");
  	exit(1);
***************
*** 451,458 ****
      setbuf(stdout, NULL);
      setbuf(stderr, NULL);
      init_random();
!     while (1) {
! 	manage_request(target_domain);
      }
      return 0;
  }
--- 453,460 ----
      setbuf(stdout, NULL);
      setbuf(stderr, NULL);
      init_random();
!     while (manage_request(target_domain)) {
! 	/* everything is done within manage_request */
      }
      return 0;
  }
Commit	Line	Data
36aa8c36 JR	1	Index: squid3/helpers/basic_auth/winbind/wb_basic_auth.c
	2	diff -c squid3/helpers/basic_auth/winbind/wb_basic_auth.c:1.6 squid3/helpers/basic_auth/winbind/wb_basic_auth.c:1.7
	3	*** squid3/helpers/basic_auth/winbind/wb_basic_auth.c:1.6 Tue Feb 11 07:34:31 2003
	4	--- squid3/helpers/basic_auth/winbind/wb_basic_auth.c Fri Sep 12 04:13:22 2003
	5	***************
	6	* 31,37 **
	7	char debug_enabled=0;
	8	char *myname;
	9	pid_t mypid;
	10	- int err = 0;
	11
	12	NSS_STATUS winbindd_request(int req_type,
	13	struct winbindd_request *request,
	14	--- 31,36 ----
	15	***************
	16	* 99,129 **
	17	return;
	18	}
	19
	20	! void manage_request(void)
	21	{
	22	char buf[BUFFER_SIZE+1];
	23	int length;
	24	char c, user, *pass;
	25
	26	! if (fgets(buf, BUFFER_SIZE, stdin) == NULL) {
	27	! warn("fgets() failed! dying..... errno=%d (%s)\n", errno,
	28	! strerror(errno));
	29	! exit(1); /* BIIG buffer */
	30	! }
	31	!
	32	c=memchr(buf,'\n',BUFFER_SIZE);
	33	if (c) {
	34	*c = '\0';
	35	length = c-buf;
	36	} else {
	37	- err = 1;
	38	- return;
	39	- }
	40	- if (err) {
	41	warn("Oversized message\n");
	42	SEND("ERR");
	43	! err = 0;
	44	! return;
	45	}
	46
	47	debug("Got '%s' from squid (length: %d).\n",buf,length);
	48	--- 98,121 ----
	49	return;
	50	}
	51
	52	! int manage_request(void)
	53	{
	54	char buf[BUFFER_SIZE+1];
	55	int length;
	56	char c, user, *pass;
	57
	58	! if (fgets(buf, BUFFER_SIZE, stdin) == NULL)
	59	! return 0;
	60	!
	61	c=memchr(buf,'\n',BUFFER_SIZE);
	62	if (c) {
	63	*c = '\0';
	64	length = c-buf;
65	} else {
66	warn("Oversized message\n");
67	+ fgets(buf, BUFFER_SIZE, stdin);
68	SEND("ERR");
69	! return 1;
70	}
71
72	debug("Got '%s' from squid (length: %d).\n",buf,length);
73	***************
74	* 131,137 **
75	if (buf[0] == '\0') {
76	warn("Invalid Request\n");
77	SEND("ERR");
78	! return;
79	}
80
81	user=buf;
82	--- 123,129 ----
83	if (buf[0] == '\0') {
84	warn("Invalid Request\n");
85	SEND("ERR");
86	! return 1;
87	}
88
89	user=buf;
90	***************
91	* 140,146 **
92	if (!pass) {
93	warn("Password not found. Denying access\n");
94	SEND("ERR");
95	! return;
96	}
97	*pass='\0';
98	pass++;
99	--- 132,138 ----
100	if (!pass) {
101	warn("Password not found. Denying access\n");
102	SEND("ERR");
103	! return 1;
104	}
105	*pass='\0';
106	pass++;
107	***************
108	* 149,154 **
109	--- 141,169 ----
110	rfc1738_unescape(pass);
111
112	do_authenticate(user,pass);
113	+ return 1;
114	+ }
115	+
116	+ void
117	+ check_winbindd()
118	+ {
119	+ NSS_STATUS r;
120	+ int retry=10;
121	+ struct winbindd_request request;
122	+ struct winbindd_response response;
123	+ do {
124	+ r = winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response);
125	+ if (r != NSS_STATUS_SUCCESS)
126	+ retry--;
127	+ } while (r != NSS_STATUS_SUCCESS && retry);
128	+ if (r != NSS_STATUS_SUCCESS) {
129	+ warn("Can't contact winbindd. Dying\n");
130	+ exit(1);
131	+ }
132	+ if (response.data.interface_version != WINBIND_INTERFACE_VERSION) {
133	+ warn("Winbind protocol mismatch. Align squid and samba. Dying\n");
134	+ exit(1);
135	+ }
136	}
137
138
139	***************
140	* 170,177 **
141	setbuf(stdout, NULL);
142	setbuf(stderr, NULL);
143
144	! while(1) {
145	! manage_request();
146	}
147	return 0;
148	}
149	--- 185,194 ----
150	setbuf(stdout, NULL);
151	setbuf(stderr, NULL);
152
153	! check_winbindd();
154	!
155	! while(manage_request()) {
156	! /* everything is done within manage_request */
157	}
158	return 0;
159	}
160	Index: squid3/helpers/external_acl/winbind_group/wb_check_group.c
161	diff -c squid3/helpers/external_acl/winbind_group/wb_check_group.c:1.11 squid3/helpers/external_acl/winbind_group/wb_check_group.c:1.12
162	*** squid3/helpers/external_acl/winbind_group/wb_check_group.c:1.11 Sun May 11 07:01:34 2003
163	--- squid3/helpers/external_acl/winbind_group/wb_check_group.c Fri Sep 12 04:13:23 2003
164	***************
165	* 292,297 **
166	--- 292,319 ----
167	return;
168	}
169
170	+ void
171	+ check_winbindd()
172	+ {
173	+ NSS_STATUS r;
174	+ int retry=10;
175	+ struct winbindd_request request;
176	+ struct winbindd_response response;
177	+ do {
178	+ r = winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response);
179	+ if (r != NSS_STATUS_SUCCESS)
180	+ retry--;
181	+ } while (r != NSS_STATUS_SUCCESS && retry);
182	+ if (r != NSS_STATUS_SUCCESS) {
183	+ warn("Can't contact winbindd. Dying\n");
184	+ exit(1);
185	+ }
186	+ if (response.data.interface_version != WINBIND_INTERFACE_VERSION) {
187	+ warn("Winbind protocol mismatch. Align squid and samba. Dying\n");
188	+ exit(1);
189	+ }
190	+ }
191	+
192	int
193	main (int argc, char *argv[])
194	{
195	***************
196	* 323,328 **
197	--- 345,352 ----
198	if (use_case_insensitive_compare)
199	debug("Warning: running in case insensitive mode !!!\n");
200
201	+ check_winbindd();
202	+
203	/* Main Loop */
204	while (fgets (buf, BUFSIZE, stdin))
205	{
206	Index: squid3/helpers/ntlm_auth/winbind/wb_ntlm_auth.c
207	diff -c squid3/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.8 squid3/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.9
208	*** squid3/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.8 Tue Aug 5 15:40:02 2003
209	--- squid3/helpers/ntlm_auth/winbind/wb_ntlm_auth.c Fri Sep 12 04:13:25 2003
210	***************
211	* 261,267 **
212	return; /* useless */
213	}
214
215	! void
216	manage_request(char *target_domain)
217	{
218	char buf[BUFFER_SIZE + 1];
219	--- 261,267 ----
220	return; /* useless */
221	}
222
223	! int
224	manage_request(char *target_domain)
225	{
226	char buf[BUFFER_SIZE + 1];
227	***************
228	* 271,288 **
229
230
231	try_again:
232	! if (fgets(buf, BUFFER_SIZE, stdin) == NULL) {
233	! warn("fgets() failed! dying..... errno=%d (%s)\n", errno,
234	! strerror(errno));
235	! exit(1); /* BIIG buffer */
236	! }
237
238	c = memchr(buf, '\n', BUFFER_SIZE);
239	if (c) {
240	if (oversized) {
241	helperfail("illegal request received");
242	warn("Illegal request received: '%s'\n", buf);
243	! return;
244	}
245	*c = '\0';
246	}
247	--- 271,285 ----
248
249
250	try_again:
251	! if (fgets(buf, BUFFER_SIZE, stdin) == NULL)
252	! return 0;
253
254	c = memchr(buf, '\n', BUFFER_SIZE);
255	if (c) {
256	if (oversized) {
257	helperfail("illegal request received");
258	warn("Illegal request received: '%s'\n", buf);
259	! return 1;
260	}
261	*c = '\0';
262	}
263	***************
264	* 296,339 **
265	if (memcmp(buf, "YR", 2) == 0) { /* refresh-request */
266	sendchallenge(ntlm_make_challenge(target_domain, NULL,
267	build_challenge(), CHALLENGE_LEN));
268	! return;
269	}
270	if (strncmp(buf, "KK ", 3) != 0) { /* not an auth-request */
271	helperfail("illegal request received");
272	warn("Illegal request received: '%s'\n", buf);
273	! return;
274	}
275	/* At this point I'm sure it's a KK */
276	decoded = base64_decode(buf + 3);
277	if (!decoded) { /* decoding failure, return error */
278	authfail("-", "-", "Auth-format error, base64-decoding error");
279	! return;
280	}
281	fast_header = (struct _ntlmhdr *) decoded;
282
283	/* sanity-check: it IS a NTLMSSP packet, isn't it? */
284	if (memcmp(fast_header->signature, "NTLMSSP", 8) != 0) {
285	authfail("-", "-", "Broken NTLM packet, missing NTLMSSP signature");
286	! return;
287	}
288	/* Understand what we got */
289	switch le32toh(fast_header->type) {
290	case NTLM_NEGOTIATE:
291	authfail("-", "-", "Received neg-request while expecting auth packet");
292	! return;
293	case NTLM_CHALLENGE:
294	authfail("-", "-", "Received challenge. Refusing to abide");
295	! return;
296	case NTLM_AUTHENTICATE:
297	do_authenticate((ntlm_authenticate *) decoded,
298	(strlen(buf) - 3) * 3 / 4);
299	! return;
300	default:
301	helperfail("Unknown authentication packet type");
302	! return;
303	}
304	/* notreached */
305	! return;
306	}
307
308	static char *
309	--- 293,336 ----
310	if (memcmp(buf, "YR", 2) == 0) { /* refresh-request */
311	sendchallenge(ntlm_make_challenge(target_domain, NULL,
312	build_challenge(), CHALLENGE_LEN));
313	! return 1;
314	}
315	if (strncmp(buf, "KK ", 3) != 0) { /* not an auth-request */
316	helperfail("illegal request received");
317	warn("Illegal request received: '%s'\n", buf);
318	! return 1;
319	}
320	/* At this point I'm sure it's a KK */
321	decoded = base64_decode(buf + 3);
322	if (!decoded) { /* decoding failure, return error */
323	authfail("-", "-", "Auth-format error, base64-decoding error");
324	! return 1;
325	}
326	fast_header = (struct _ntlmhdr *) decoded;
327
328	/* sanity-check: it IS a NTLMSSP packet, isn't it? */
329	if (memcmp(fast_header->signature, "NTLMSSP", 8) != 0) {
330	authfail("-", "-", "Broken NTLM packet, missing NTLMSSP signature");
331	! return 1;
332	}
333	/* Understand what we got */
334	switch le32toh(fast_header->type) {
335	case NTLM_NEGOTIATE:
336	authfail("-", "-", "Received neg-request while expecting auth packet");
337	! return 1;
338	case NTLM_CHALLENGE:
339	authfail("-", "-", "Received challenge. Refusing to abide");
340	! return 1;
341	case NTLM_AUTHENTICATE:
342	do_authenticate((ntlm_authenticate *) decoded,
343	(strlen(buf) - 3) * 3 / 4);
344	! return 1;
345	default:
346	helperfail("Unknown authentication packet type");
347	! return 1;
348	}
349	/* notreached */
350	! return 1;
351	}
352
353	static char *
354	***************
355	* 410,418 **
356	check_winbindd()
357	{
358	NSS_STATUS r;
359	struct winbindd_request request;
360	struct winbindd_response response;
361	! r = winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response);
362	if (r != NSS_STATUS_SUCCESS) {
363	warn("Can't contact winbindd. Dying\n");
364	exit(1);
365	--- 407,420 ----
366	check_winbindd()
367	{
368	NSS_STATUS r;
369	+ int retry=10;
370	struct winbindd_request request;
371	struct winbindd_response response;
372	! do {
373	! r = winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response);
374	! if (r != NSS_STATUS_SUCCESS)
375	! retry--;
376	! } while (r != NSS_STATUS_SUCCESS && retry);
377	if (r != NSS_STATUS_SUCCESS) {
378	warn("Can't contact winbindd. Dying\n");
379	exit(1);
380	***************
381	* 451,458 **
382	setbuf(stdout, NULL);
383	setbuf(stderr, NULL);
384	init_random();
385	! while (1) {
386	! manage_request(target_domain);
387	}
388	return 0;
389	}
390	--- 453,460 ----
391	setbuf(stdout, NULL);
392	setbuf(stderr, NULL);
393	init_random();
394	! while (manage_request(target_domain)) {
395	! /* everything is done within manage_request */
396	}
397	return 0;
398	}