1998-05-15 14:49:48 +00:00
/*
* Unix SMB / Netbios implementation . Version 1.9 . SMB parameters and setup
* Copyright ( C ) Andrew Tridgell 1992 - 1998 Modified by Jeremy Allison 1995.
* Copyright ( C ) Benny Holmgren 1998 < bigfoot @ astrakan . hgs . se >
* Copyright ( C ) Luke Kenneth Casson Leighton 1996 - 1998.
*
* This program is free software ; you can redistribute it and / or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation ; either version 2 of the License , or ( at your option )
* any later version .
*
* This program is distributed in the hope that it will be useful , but WITHOUT
* ANY WARRANTY ; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE . See the GNU General Public License for
* more details .
*
* You should have received a copy of the GNU General Public License along with
* this program ; if not , write to the Free Software Foundation , Inc . , 675
* Mass Ave , Cambridge , MA 0213 9 , USA .
*/
1998-05-18 11:54:00 +00:00
# ifdef USE_NISPLUS_DB
1998-05-15 14:49:48 +00:00
# include "includes.h"
# include <rpcsvc/nis.h>
1998-05-18 11:54:00 +00:00
extern int DEBUGLEVEL ;
1998-05-15 14:49:48 +00:00
static int gotalarm ;
/***************************************************************
1998-05-18 11:59:19 +00:00
the fields for the NIS + table , generated from mknissmbpwtbl . sh , are :
name = S , nogw = r
uid = S , nogw = r
user_rid = S , nogw = r
smb_grpid = , nw + r
group_rid = , nw + r
acb = , nw + r
lmpwd = C , nw = , g = r , o = rm
ntpwd = C , nw = , g = r , o = rm
logon_t = , nw + r
logoff_t = , nw + r
kick_t = , nw + r
pwdlset_t = , nw + r
pwdlchg_t = , nw + r
pwdmchg_t = , nw + r
full_name = , nw + r
home_dir = , nw + r
dir_drive = , nw + r
logon_script = , nw + r
profile_path = , nw + r
acct_desc = , nw + r
workstations = , nw + r
hours = , nw + r
1998-05-15 14:49:48 +00:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-18 11:59:19 +00:00
# define NPF_NAME 0
# define NPF_UID 1
# define NPF_USER_RID 2
# define NPF_SMB_GRPID 3
# define NPF_GROUP_RID 4
# define NPF_ACB 5
# define NPF_LMPWD 6
# define NPF_NTPWD 7
# define NPF_LOGON_T 8
# define NPF_LOGOFF_T 9
1998-05-22 11:28:32 +00:00
# define NPF_KICK_T 10
# define NPF_PWDLSET_T 11
# define NPF_PWDLCHG_T 12
# define NPF_PWDMCHG_T 13
# define NPF_FULL_NAME 14
# define NPF_HOME_DIR 15
# define NPF_DIR_DRIVE 16
# define NPF_LOGON_SCRIPT 17
# define NPF_PROFILE_PATH 18
# define NPF_ACCT_DESC 19
# define NPF_WORKSTATIONS 20
# define NPF_HOURS 21
1998-05-18 11:59:19 +00:00
/***************************************************************
Signal function to tell us we timed out .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-15 14:49:48 +00:00
static void gotalarm_sig ( void )
{
gotalarm = 1 ;
}
1998-05-18 11:59:19 +00:00
/***************************************************************
make_nisname_from_user_rid
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
static char * make_nisname_from_user_rid ( uint32 rid , char * pfile )
1998-05-18 11:59:19 +00:00
{
static pstring nisname ;
1998-05-18 21:30:57 +00:00
safe_strcpy ( nisname , " [user_rid= " , sizeof ( nisname ) - 1 ) ;
slprintf ( nisname , sizeof ( nisname ) - 1 , " %s%d " , nisname , rid ) ;
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
safe_strcat ( nisname , " ], " , sizeof ( nisname ) - strlen ( nisname ) - 1 ) ;
safe_strcat ( nisname , pfile , sizeof ( nisname ) - strlen ( nisname ) - 1 ) ;
1998-05-18 11:59:19 +00:00
return nisname ;
}
/***************************************************************
make_nisname_from_uid
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
static char * make_nisname_from_uid ( int uid , char * pfile )
1998-05-18 11:59:19 +00:00
{
static pstring nisname ;
1998-05-18 21:30:57 +00:00
safe_strcpy ( nisname , " [uid= " , sizeof ( nisname ) - 1 ) ;
slprintf ( nisname , sizeof ( nisname ) - 1 , " %s%d " , nisname , uid ) ;
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
safe_strcat ( nisname , " ], " , sizeof ( nisname ) - strlen ( nisname ) - 1 ) ;
safe_strcat ( nisname , pfile , sizeof ( nisname ) - strlen ( nisname ) - 1 ) ;
1998-05-18 11:59:19 +00:00
return nisname ;
}
/***************************************************************
make_nisname_from_name
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
static char * make_nisname_from_name ( char * user_name , char * pfile )
1998-05-18 11:59:19 +00:00
{
static pstring nisname ;
1998-05-18 21:30:57 +00:00
safe_strcpy ( nisname , " [name= " , sizeof ( nisname ) - 1 ) ;
1998-05-18 11:59:19 +00:00
safe_strcat ( nisname , user_name , sizeof ( nisname ) - strlen ( nisname ) - 1 ) ;
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
safe_strcat ( nisname , " ], " , sizeof ( nisname ) - strlen ( nisname ) - 1 ) ;
safe_strcat ( nisname , pfile , sizeof ( nisname ) - strlen ( nisname ) - 1 ) ;
1998-05-18 11:59:19 +00:00
return nisname ;
}
1998-05-28 16:55:12 +00:00
/*************************************************************************
gets a NIS + attribute
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static void get_single_attribute ( nis_object * new_obj , int col ,
char * val , int len )
{
int entry_len ;
if ( new_obj = = NULL | | val = = NULL ) return ;
entry_len = ENTRY_LEN ( new_obj , col ) ;
if ( len > entry_len )
{
DEBUG ( 10 , ( " get_single_attribute: entry length truncated \n " ) ) ;
len = entry_len ;
}
safe_strcpy ( val , len , ENTRY_VAL ( new_obj , col ) ) ;
}
/***************************************************************
calls nis_list , returns results .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static nis_result * nisp_get_nis_list ( char * nis_name )
{
nis_result * result ;
result = nis_list ( nis_name , FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP , NULL , NULL ) ;
alarm ( 0 ) ;
signal ( SIGALRM , SIGNAL_CAST SIG_DFL ) ;
if ( gotalarm )
{
DEBUG ( 0 , ( " nisp_get_nis_list: NIS+ lookup time out \n " ) ) ;
nis_freeresult ( result ) ;
return NULL ;
}
return result ;
}
struct nisp_enum_info
{
nis_result * result ;
int enum_entry ;
} ;
1998-05-15 14:49:48 +00:00
/***************************************************************
Start to enumerate the nisplus passwd list . Returns a void pointer
to ensure no modification outside this module .
do not call this function directly . use passdb . c instead .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-18 23:57:28 +00:00
static void * startnisppwent ( BOOL update )
1998-05-15 14:49:48 +00:00
{
1998-05-28 16:55:12 +00:00
static struct nisp_enum_info res ;
res . result = nisp_get_nis_list ( lp_smb_pass_file ( ) ) ;
res . enum_entry = 0 ;
return res . result ! = NULL ? & res : NULL ;
1998-05-15 14:49:48 +00:00
}
/***************************************************************
End enumeration of the nisplus passwd list .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-18 23:57:28 +00:00
static void endnisppwent ( void * vp )
1998-05-15 14:49:48 +00:00
{
}
/*************************************************************************
Routine to return the next entry in the nisplus passwd list .
this function is a nice , messy combination of reading :
- the nisplus passwd file
- the unix password database
- nisp . conf options ( not done at present ) .
do not call this function directly . use passdb . c instead .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-18 23:57:28 +00:00
static struct sam_passwd * getnisp21pwent ( void * vp )
1998-05-15 14:49:48 +00:00
{
1998-05-18 11:54:00 +00:00
return NULL ;
1998-05-15 14:49:48 +00:00
}
/*************************************************************************
Return the current position in the nisplus passwd list as an unsigned long .
This must be treated as an opaque token .
do not call this function directly . use passdb . c instead .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-18 23:57:28 +00:00
static unsigned long getnisppwpos ( void * vp )
1998-05-15 14:49:48 +00:00
{
return 0 ;
}
/*************************************************************************
Set the current position in the nisplus passwd list from unsigned long .
This must be treated as an opaque token .
do not call this function directly . use passdb . c instead .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-18 23:57:28 +00:00
static BOOL setnisppwpos ( void * vp , unsigned long tok )
1998-05-15 14:49:48 +00:00
{
return False ;
}
1998-05-22 11:28:32 +00:00
/*************************************************************************
sets a NIS + attribute
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-22 12:12:16 +00:00
static void set_single_attribute ( nis_object * new_obj , int col ,
1998-05-22 11:28:32 +00:00
char * val , int len , int flags )
{
1998-05-22 12:12:16 +00:00
if ( new_obj = = NULL ) return ;
1998-05-22 11:28:32 +00:00
1998-05-22 12:12:16 +00:00
ENTRY_VAL ( new_obj , col ) = val ;
ENTRY_LEN ( new_obj , col ) = len ;
1998-05-22 11:28:32 +00:00
if ( flags ! = 0 )
{
1998-05-22 12:12:16 +00:00
new_obj - > EN_data . en_cols . en_cols_val [ col ] . ec_flags = flags ;
1998-05-22 11:28:32 +00:00
}
}
1998-05-18 11:54:00 +00:00
/************************************************************************
Routine to add an entry to the nisplus passwd file .
do not call this function directly . use passdb . c instead .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-18 23:57:28 +00:00
static BOOL add_nisp21pwd_entry ( struct sam_passwd * newpwd )
1998-05-15 14:49:48 +00:00
{
1998-05-18 11:54:00 +00:00
char * pfile ;
1998-05-18 11:59:19 +00:00
char * nisname ;
1998-05-18 11:54:00 +00:00
nis_result * nis_user ;
nis_result * result = NULL ,
* tblresult = NULL ,
* addresult = NULL ;
1998-05-22 12:12:16 +00:00
nis_object new_obj , * obj ;
1998-05-22 11:28:32 +00:00
fstring uid ;
fstring user_rid ;
fstring smb_grpid ;
fstring group_rid ;
fstring acb ;
1998-05-24 13:36:43 +00:00
fstring smb_passwd ;
fstring smb_nt_passwd ;
1998-05-22 11:28:32 +00:00
fstring logon_t ;
fstring logoff_t ;
1998-05-25 13:39:08 +00:00
fstring kickoff_t ;
1998-05-22 11:28:32 +00:00
fstring pwdlset_t ;
fstring pwdlchg_t ;
fstring pwdmchg_t ;
1998-05-22 12:12:16 +00:00
bzero ( logon_t , sizeof ( logon_t ) ) ;
bzero ( logoff_t , sizeof ( logoff_t ) ) ;
1998-05-25 13:39:08 +00:00
bzero ( kickoff_t , sizeof ( kickoff_t ) ) ;
1998-05-22 12:12:16 +00:00
bzero ( pwdlset_t , sizeof ( pwdlset_t ) ) ;
bzero ( pwdlchg_t , sizeof ( pwdlchg_t ) ) ;
bzero ( pwdmchg_t , sizeof ( pwdmchg_t ) ) ;
1998-05-18 11:54:00 +00:00
pfile = lp_smb_passwd_file ( ) ;
1998-05-22 11:28:32 +00:00
nisname = make_nisname_from_name ( newpwd - > smb_name , pfile ) ;
1998-05-28 16:55:12 +00:00
result = nisp_get_nis_list ( nisname ) ;
1998-05-18 11:54:00 +00:00
if ( result - > status ! = NIS_SUCCESS & & result - > status ! = NIS_NOTFOUND )
{
DEBUG ( 3 , ( " add_nisppwd_entry: nis_list failure: %s: %s \n " ,
nisname , nis_sperrno ( result - > status ) ) ) ;
nis_freeresult ( nis_user ) ;
nis_freeresult ( result ) ;
return False ;
}
if ( result - > status = = NIS_SUCCESS & & NIS_RES_NUMOBJ ( result ) > 0 )
{
DEBUG ( 3 , ( " add_nisppwd_entry: User already exists in NIS+ password db: %s \n " ,
pfile ) ) ;
nis_freeresult ( result ) ;
nis_freeresult ( nis_user ) ;
return False ;
}
1998-05-22 11:28:32 +00:00
#if 0
1998-05-18 11:54:00 +00:00
/* User not found. */
if ( ! add_user )
{
DEBUG ( 3 , ( " add_nisppwd_entry: User not found in NIS+ password db: %s \n " ,
pfile ) ) ;
nis_freeresult ( result ) ;
nis_freeresult ( nis_user ) ;
return False ;
}
1998-05-22 11:28:32 +00:00
# endif
1998-05-18 11:54:00 +00:00
tblresult = nis_lookup ( pfile , FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP ) ;
if ( tblresult - > status ! = NIS_SUCCESS )
{
nis_freeresult ( result ) ;
nis_freeresult ( nis_user ) ;
nis_freeresult ( tblresult ) ;
DEBUG ( 3 , ( " add_nisppwd_entry: nis_lookup failure: %s \n " ,
nis_sperrno ( tblresult - > status ) ) ) ;
return False ;
}
1998-05-22 12:12:16 +00:00
new_obj . zo_name = NIS_RES_OBJECT ( tblresult ) - > zo_name ;
new_obj . zo_domain = NIS_RES_OBJECT ( tblresult ) - > zo_domain ;
1998-05-28 16:55:12 +00:00
new_obj . zo_owner = NIS_RES_OBJECT ( tblresult ) - > zo_owner ;
1998-05-22 12:12:16 +00:00
new_obj . zo_group = NIS_RES_OBJECT ( tblresult ) - > zo_group ;
new_obj . zo_access = NIS_RES_OBJECT ( tblresult ) - > zo_access ;
new_obj . zo_ttl = NIS_RES_OBJECT ( tblresult ) - > zo_ttl ;
1998-05-18 11:54:00 +00:00
1998-05-22 12:12:16 +00:00
new_obj . zo_data . zo_type = ENTRY_OBJ ;
1998-05-18 11:54:00 +00:00
1998-05-22 12:12:16 +00:00
new_obj . zo_data . objdata_u . en_data . en_type = NIS_RES_OBJECT ( tblresult ) - > zo_data . objdata_u . ta_data . ta_type ;
new_obj . zo_data . objdata_u . en_data . en_cols . en_cols_len = NIS_RES_OBJECT ( tblresult ) - > zo_data . objdata_u . ta_data . ta_maxcol ;
new_obj . zo_data . objdata_u . en_data . en_cols . en_cols_val = calloc ( new_obj . zo_data . objdata_u . en_data . en_cols . en_cols_len , sizeof ( entry_col ) ) ;
1998-05-18 11:54:00 +00:00
1998-05-24 13:36:43 +00:00
pdb_sethexpwd ( smb_passwd , newpwd - > smb_passwd , newpwd - > acct_ctrl ) ;
pdb_sethexpwd ( smb_nt_passwd , newpwd - > smb_nt_passwd , newpwd - > acct_ctrl ) ;
1998-05-22 12:12:16 +00:00
pdb_set_logon_time ( logon_t , sizeof ( logon_t ) , newpwd - > logon_time ) ;
pdb_set_logoff_time ( logoff_t , sizeof ( logoff_t ) , newpwd - > logoff_time ) ;
pdb_set_kickoff_time ( kickoff_t , sizeof ( kickoff_t ) , newpwd - > kickoff_time ) ;
pdb_set_last_set_time ( pwdlset_t , sizeof ( pwdlset_t ) , newpwd - > pass_last_set_time ) ;
pdb_set_can_change_time ( pwdlchg_t , sizeof ( pwdlchg_t ) , newpwd - > pass_can_change_time ) ;
pdb_set_must_change_time ( pwdmchg_t , sizeof ( pwdmchg_t ) , newpwd - > pass_must_change_time ) ;
1998-05-22 11:28:32 +00:00
slprintf ( uid , sizeof ( uid ) , " %u " , newpwd - > smb_userid ) ;
slprintf ( user_rid , sizeof ( user_rid ) , " 0x%x " , newpwd - > user_rid ) ;
slprintf ( smb_grpid , sizeof ( smb_grpid ) , " %u " , newpwd - > smb_grpid ) ;
slprintf ( group_rid , sizeof ( group_rid ) , " 0x%x " , newpwd - > group_rid ) ;
1998-05-22 12:12:16 +00:00
safe_strcpy ( acb , pdb_encode_acct_ctrl ( newpwd - > acct_ctrl ) , sizeof ( acb ) ) ;
1998-05-24 13:36:43 +00:00
set_single_attribute ( & new_obj , NPF_NAME , newpwd - > smb_name , strlen ( newpwd - > smb_name ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_UID , uid , strlen ( uid ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_USER_RID , user_rid , strlen ( user_rid ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_SMB_GRPID , smb_grpid , strlen ( smb_grpid ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_GROUP_RID , group_rid , strlen ( group_rid ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_ACB , acb , strlen ( acb ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_LMPWD , smb_passwd , strlen ( smb_passwd ) , EN_CRYPT ) ;
set_single_attribute ( & new_obj , NPF_NTPWD , smb_nt_passwd , strlen ( smb_nt_passwd ) , EN_CRYPT ) ;
set_single_attribute ( & new_obj , NPF_LOGON_T , logon_t , strlen ( logon_t ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_LOGOFF_T , logoff_t , strlen ( logoff_t ) , 0 ) ;
1998-05-25 13:39:08 +00:00
set_single_attribute ( & new_obj , NPF_KICK_T , kickoff_t , strlen ( kickoff_t ) , 0 ) ;
1998-05-24 13:36:43 +00:00
set_single_attribute ( & new_obj , NPF_PWDLSET_T , pwdlset_t , strlen ( pwdlset_t ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_PWDLCHG_T , pwdlchg_t , strlen ( pwdlchg_t ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_PWDMCHG_T , pwdmchg_t , strlen ( pwdmchg_t ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_FULL_NAME , newpwd - > full_name , strlen ( newpwd - > full_name ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_HOME_DIR , newpwd - > home_dir , strlen ( newpwd - > home_dir ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_DIR_DRIVE , newpwd - > dir_drive , strlen ( newpwd - > dir_drive ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_LOGON_SCRIPT , newpwd - > logon_script , strlen ( newpwd - > logon_script ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_PROFILE_PATH , newpwd - > profile_path , strlen ( newpwd - > profile_path ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_ACCT_DESC , newpwd - > acct_desc , strlen ( newpwd - > acct_desc ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_WORKSTATIONS , newpwd - > workstations , strlen ( newpwd - > workstations ) , 0 ) ;
set_single_attribute ( & new_obj , NPF_HOURS , newpwd - > hours , newpwd - > hours_len , 0 ) ;
1998-05-22 12:12:16 +00:00
obj = & new_obj ;
1998-05-18 11:54:00 +00:00
addresult = nis_add_entry ( pfile , obj , ADD_OVERWRITE | FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP ) ;
nis_freeresult ( nis_user ) ;
if ( tblresult )
{
nis_freeresult ( tblresult ) ;
}
if ( addresult - > status ! = NIS_SUCCESS )
{
DEBUG ( 3 , ( " add_nisppwd_entry: NIS+ table update failed: %s \n " ,
nisname , nis_sperrno ( addresult - > status ) ) ) ;
nis_freeresult ( addresult ) ;
nis_freeresult ( result ) ;
return False ;
}
nis_freeresult ( addresult ) ;
nis_freeresult ( result ) ;
return True ;
1998-05-15 14:49:48 +00:00
}
1998-05-18 11:54:00 +00:00
/************************************************************************
Routine to search the nisplus passwd file for an entry matching the username .
and then modify its password entry . We can ' t use the startnisppwent ( ) /
getnisppwent ( ) / endnisppwent ( ) interfaces here as we depend on looking
in the actual file to decide how much room we have to write data .
override = False , normal
override = True , override XXXXXXXX ' d out password or NO PASS
do not call this function directly . use passdb . c instead .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-18 23:57:28 +00:00
static BOOL mod_nisp21pwd_entry ( struct sam_passwd * pwd , BOOL override )
1998-05-18 11:54:00 +00:00
{
return False ;
}
1998-05-15 14:49:48 +00:00
/************************************************************************
1998-05-18 15:50:56 +00:00
makes a struct sam_passwd from a NIS + result .
1998-05-15 14:49:48 +00:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-18 15:50:56 +00:00
static BOOL make_sam_from_nisp ( struct sam_passwd * pw_buf , nis_result * result )
1998-05-15 14:49:48 +00:00
{
int uidval ;
static pstring user_name ;
static unsigned char smbpwd [ 16 ] ;
static unsigned char smbntpwd [ 16 ] ;
1998-05-18 11:54:00 +00:00
nis_object * obj ;
uchar * p ;
1998-05-15 14:49:48 +00:00
if ( pw_buf = = NULL | | result = = NULL ) return False ;
1998-05-18 15:50:56 +00:00
pdb_init_sam ( pw_buf ) ;
1998-05-15 14:49:48 +00:00
if ( result - > status ! = NIS_SUCCESS )
{
1998-05-18 11:54:00 +00:00
DEBUG ( 0 , ( " make_smb_from_nisp: NIS+ lookup failure: %s \n " ,
nis_sperrno ( result - > status ) ) ) ;
1998-05-15 14:49:48 +00:00
return False ;
}
/* User not found. */
if ( NIS_RES_NUMOBJ ( result ) < = 0 )
{
1998-05-18 11:54:00 +00:00
DEBUG ( 10 , ( " make_smb_from_nisp: user not found in NIS+ \n " ) ) ;
1998-05-15 14:49:48 +00:00
return False ;
}
if ( NIS_RES_NUMOBJ ( result ) > 1 )
{
1998-05-18 11:54:00 +00:00
DEBUG ( 10 , ( " make_smb_from_nisp: WARNING: Multiple entries for user in NIS+ table! \n " ) ) ;
1998-05-15 14:49:48 +00:00
}
/* Grab the first hit. */
obj = & NIS_RES_OBJECT ( result ) [ 0 ] ;
/* Check the lanman password column. */
1998-05-18 11:59:19 +00:00
p = ( uchar * ) ENTRY_VAL ( obj , NPF_LMPWD ) ;
1998-05-18 17:15:21 +00:00
if ( strlen ( ( char * ) p ) ! = 32 | | ! pdb_gethexpwd ( ( char * ) p , ( char * ) smbpwd ) )
1998-05-15 14:49:48 +00:00
{
DEBUG ( 0 , ( " make_smb_from_nisp: malformed LM pwd entry. \n " ) ) ;
return False ;
}
/* Check the NT password column. */
1998-05-18 11:59:19 +00:00
p = ( uchar * ) ENTRY_VAL ( obj , NPF_NTPWD ) ;
1998-05-18 17:15:21 +00:00
if ( strlen ( ( char * ) p ) ! = 32 | | ! pdb_gethexpwd ( ( char * ) p , ( char * ) smbntpwd ) )
1998-05-15 14:49:48 +00:00
{
DEBUG ( 0 , ( " make_smb_from_nisp: malformed NT pwd entry \n " ) ) ;
return False ;
}
1998-05-18 11:59:19 +00:00
strncpy ( user_name , ENTRY_VAL ( obj , NPF_NAME ) , sizeof ( user_name ) ) ;
uidval = atoi ( ENTRY_VAL ( obj , NPF_UID ) ) ;
1998-05-15 14:49:48 +00:00
pw_buf - > smb_name = user_name ;
pw_buf - > smb_userid = uidval ;
pw_buf - > smb_passwd = smbpwd ;
pw_buf - > smb_nt_passwd = smbntpwd ;
return True ;
}
/*************************************************************************
Routine to search the nisplus passwd file for an entry matching the username
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1998-05-18 23:57:28 +00:00
static struct sam_passwd * getnisp21pwnam ( char * name )
1998-05-15 14:49:48 +00:00
{
/* Static buffers we will return. */
1998-05-18 15:50:56 +00:00
static struct sam_passwd pw_buf ;
1998-05-15 14:49:48 +00:00
nis_result * result ;
1998-05-18 11:54:00 +00:00
pstring nisname ;
1998-05-15 14:49:48 +00:00
BOOL ret ;
1998-05-18 11:54:00 +00:00
if ( ! * lp_smb_passwd_file ( ) )
1998-05-15 14:49:48 +00:00
{
DEBUG ( 0 , ( " No SMB password file set \n " ) ) ;
1998-05-18 11:54:00 +00:00
return NULL ;
1998-05-15 14:49:48 +00:00
}
DEBUG ( 10 , ( " getnisppwnam: search by name: %s \n " , name ) ) ;
1998-05-18 11:54:00 +00:00
DEBUG ( 10 , ( " getnisppwnam: using NIS+ table %s \n " , lp_smb_passwd_file ( ) ) ) ;
1998-05-15 14:49:48 +00:00
1998-05-18 21:30:57 +00:00
slprintf ( nisname , sizeof ( nisname ) - 1 , " [name=%s],%s " , name , lp_smb_passwd_file ( ) ) ;
1998-05-15 14:49:48 +00:00
/* Search the table. */
gotalarm = 0 ;
signal ( SIGALRM , SIGNAL_CAST gotalarm_sig ) ;
alarm ( 5 ) ;
result = nis_list ( nisname , FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP , NULL , NULL ) ;
alarm ( 0 ) ;
signal ( SIGALRM , SIGNAL_CAST SIG_DFL ) ;
if ( gotalarm )
{
DEBUG ( 0 , ( " getnisppwnam: NIS+ lookup time out \n " ) ) ;
nis_freeresult ( result ) ;
return NULL ;
}
1998-05-18 15:50:56 +00:00
ret = make_sam_from_nisp ( & pw_buf , result ) ;
1998-05-15 14:49:48 +00:00
nis_freeresult ( result ) ;
return ret ? & pw_buf : NULL ;
}
/*************************************************************************
Routine to search the nisplus passwd file for an entry matching the username
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
static struct sam_passwd * getnisp21pwrid ( uint32 rid )
1998-05-15 14:49:48 +00:00
{
/* Static buffers we will return. */
1998-05-18 15:50:56 +00:00
static struct sam_passwd pw_buf ;
1998-05-15 14:49:48 +00:00
nis_result * result ;
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
char * nisname ;
1998-05-18 11:54:00 +00:00
BOOL ret ;
1998-05-15 14:49:48 +00:00
1998-05-18 11:54:00 +00:00
if ( ! * lp_smb_passwd_file ( ) )
1998-05-15 14:49:48 +00:00
{
DEBUG ( 0 , ( " No SMB password file set \n " ) ) ;
return NULL ;
}
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
DEBUG ( 10 , ( " getnisp21pwrid: search by rid: %x \n " , rid ) ) ;
DEBUG ( 10 , ( " getnisp21pwrid: using NIS+ table %s \n " , lp_smb_passwd_file ( ) ) ) ;
1998-05-15 14:49:48 +00:00
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
nisname = make_nisname_from_user_rid ( rid , lp_smb_passwd_file ( ) ) ;
1998-05-15 14:49:48 +00:00
/* Search the table. */
gotalarm = 0 ;
signal ( SIGALRM , SIGNAL_CAST gotalarm_sig ) ;
alarm ( 5 ) ;
result = nis_list ( nisname , FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP , NULL , NULL ) ;
alarm ( 0 ) ;
signal ( SIGALRM , SIGNAL_CAST SIG_DFL ) ;
if ( gotalarm )
{
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
DEBUG ( 0 , ( " getnisp21pwrid: NIS+ lookup time out \n " ) ) ;
1998-05-15 14:49:48 +00:00
nis_freeresult ( result ) ;
return NULL ;
}
1998-05-18 15:50:56 +00:00
ret = make_sam_from_nisp ( & pw_buf , result ) ;
1998-05-15 14:49:48 +00:00
nis_freeresult ( result ) ;
return ret ? & pw_buf : NULL ;
}
1998-05-18 23:57:28 +00:00
/*
* Derived functions for NIS + .
*/
1998-05-19 19:17:35 +00:00
static struct smb_passwd * getnisppwent ( void * vp )
{
return pdb_sam_to_smb ( getnisp21pwent ( vp ) ) ;
}
static BOOL add_nisppwd_entry ( struct smb_passwd * newpwd )
{
return add_nisp21pwd_entry ( pdb_smb_to_sam ( newpwd ) ) ;
}
static BOOL mod_nisppwd_entry ( struct smb_passwd * pwd , BOOL override )
{
return mod_nisp21pwd_entry ( pdb_smb_to_sam ( pwd ) , override ) ;
}
static struct smb_passwd * getnisppwnam ( char * name )
{
return pdb_sam_to_smb ( getnisp21pwnam ( name ) ) ;
}
static struct sam_passwd * getnisp21pwuid ( uid_t smb_userid )
{
return getnisp21pwrid ( pdb_uid_to_user_rid ( smb_userid ) ) ;
}
static struct smb_passwd * getnisppwuid ( uid_t smb_userid )
{
return pdb_sam_to_smb ( getnisp21pwuid ( smb_userid ) ) ;
}
static struct sam_disp_info * getnispdispnam ( char * name )
{
return pdb_sam_to_dispinfo ( getnisp21pwnam ( name ) ) ;
}
static struct sam_disp_info * getnispdisprid ( uint32 rid )
{
return pdb_sam_to_dispinfo ( getnisp21pwrid ( rid ) ) ;
}
static struct sam_disp_info * getnispdispent ( void * vp )
{
return pdb_sam_to_dispinfo ( getnisp21pwent ( vp ) ) ;
}
1998-05-18 23:57:28 +00:00
static struct passdb_ops nispasswd_ops = {
startnisppwent ,
endnisppwent ,
getnisppwpos ,
setnisppwpos ,
1998-05-19 19:17:35 +00:00
getnisppwnam ,
getnisppwuid ,
getnisppwent ,
add_nisppwd_entry ,
mod_nisppwd_entry ,
1998-05-18 23:57:28 +00:00
getnisp21pwent ,
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
getnisp21pwnam ,
1998-05-19 19:17:35 +00:00
getnisp21pwuid ,
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
getnisp21pwrid ,
1998-05-18 23:57:28 +00:00
add_nisp21pwd_entry ,
ldap.c :
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-19 17:48:40 +00:00
mod_nisp21pwd_entry ,
1998-05-19 19:17:35 +00:00
getnispdispnam ,
getnispdisprid ,
getnispdispent
1998-05-18 23:57:28 +00:00
} ;
struct passdb_ops * nisplus_initialize_password_db ( void )
{
return & nispasswd_ops ;
}
1998-05-15 14:49:48 +00:00
# else
1998-05-18 21:30:57 +00:00
void nisplus_dummy_function ( void ) { } /* stop some compilers complaining */
1998-05-18 11:54:00 +00:00
# endif /* USE_NISPLUS_DB */
1998-05-22 12:12:16 +00:00
/* useful code i can't bring myself to delete */
#if 0
/* checks user in unix password database. don't want to do that, here. */
nisname = make_nisname_from_name ( newpwd - > smb_name , " passwd.org_dir " ) ;
nis_user = nis_list ( nisname , FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP , NULL , NULL ) ;
if ( nis_user - > status ! = NIS_SUCCESS | | NIS_RES_NUMOBJ ( nis_user ) < = 0 )
{
DEBUG ( 3 , ( " add_nisppwd_entry: Unable to get NIS+ passwd entry for user: %s. \n " ,
nis_sperrno ( nis_user - > status ) ) ) ;
return False ;
}
user_obj = NIS_RES_OBJECT ( nis_user ) ;
make_nisname_from_name ( ENTRY_VAL ( user_obj , 0 ) , pfile ) ;
# endif
