1996-05-04 11:50:46 +04:00
# ifndef _INCLUDES_H
# define _INCLUDES_H
/*
2002-01-30 09:08:46 +03:00
Unix SMB / CIFS implementation .
1996-05-04 11:50:46 +04:00
Machine customisation and include handling
1998-01-22 16:27:43 +03:00
Copyright ( C ) Andrew Tridgell 1994 - 1998
2002-01-09 08:27:59 +03:00
Copyright ( C ) 2002 by Martin Pool < mbp @ samba . org >
1996-05-04 11:50:46 +04:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 675 Mass Ave , Cambridge , MA 0213 9 , USA .
*/
2006-04-13 16:03:12 +04:00
/* work around broken krb5.h on sles9 */
# ifdef SIZEOF_LONG
# undef SIZEOF_LONG
# endif
1998-09-21 15:34:44 +04:00
# ifndef NO_CONFIG_H /* for some tests */
1998-07-29 07:08:05 +04:00
# include "config.h"
1998-09-21 15:34:44 +04:00
# endif
1998-10-07 11:55:14 +04:00
2006-05-24 18:38:11 +04:00
/* only do the C++ reserved word check when we compile
to include - - with - developer since too many systems
still have comflicts with their header files ( e . g . IRIX 6.4 ) */
# if !defined(__cplusplus) && defined(DEVELOPER)
2005-06-25 00:25:18 +04:00
# define class #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
2006-02-22 14:47:41 +03:00
# define private #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
2005-06-25 00:25:18 +04:00
# define public #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
2005-06-25 01:18:20 +04:00
# define protected #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
2005-06-25 00:25:18 +04:00
# define template #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
# define this #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
# define new #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
# define delete #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
# define friend #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
# endif
1998-07-29 07:08:05 +04:00
# include "local.h"
1996-05-04 11:50:46 +04:00
1998-07-29 07:08:05 +04:00
# ifdef AIX
# define DEFAULT_PRINTING PRINT_AIX
1998-11-17 03:31:39 +03:00
# define PRINTCAP_NAME " / etc / qconfig"
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HPUX
# define DEFAULT_PRINTING PRINT_HPUX
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef QNX
# define DEFAULT_PRINTING PRINT_QNX
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef SUNOS4
/* on SUNOS4 termios.h conflicts with sys/ioctl.h */
# undef HAVE_TERMIOS_H
1996-05-04 11:50:46 +04:00
# endif
2004-11-16 00:21:50 +03:00
# if (__GNUC__ >= 3 ) && (__GNUC_MINOR__ >= 1 )
2001-12-19 07:55:58 +03:00
/** Use gcc attribute to check printf fns. a1 is the 1-based index of
* the parameter containing the format , and a2 the index of the first
2004-09-08 06:48:27 +04:00
* argument . Note that some gcc 2. x versions don ' t handle this
* properly * */
2001-04-28 18:01:02 +04:00
# define PRINTF_ATTRIBUTE(a1, a2) __attribute__ ((format (__printf__, a1, a2)))
# else
# define PRINTF_ATTRIBUTE(a1, a2)
# endif
2005-06-25 00:25:18 +04:00
# if defined(__GNUC__) && !defined(__cplusplus)
2002-01-09 08:27:59 +03:00
/** gcc attribute used on function parameters so that it does not emit
* warnings about them being unused . * */
# define UNUSED(param) param __attribute__ ((unused))
# else
# define UNUSED(param) param
/** Feel free to add definitions for other compilers here. */
# endif
1999-12-13 16:27:58 +03:00
# ifdef RELIANTUNIX
/*
* < unistd . h > has to be included before any other to get
2001-04-04 21:20:57 +04:00
* large file support on Reliant UNIX . Yes , it ' s broken : - ) .
1999-12-13 16:27:58 +03:00
*/
# ifdef HAVE_UNISTD_H
# include <unistd.h>
# endif
# endif /* RELIANTUNIX */
1998-07-29 07:08:05 +04:00
# include <sys/types.h>
1996-05-04 11:50:46 +04:00
2006-05-16 21:02:26 +04:00
# ifdef HAVE_STDINT_H
# include <stdint.h>
# endif
2006-07-11 22:01:26 +04:00
# if HAVE_INTTYPES_H
# include <inttypes.h>
# endif
1998-08-24 22:53:37 +04:00
# ifdef TIME_WITH_SYS_TIME
# include <sys/time.h>
# include <time.h>
# else
# ifdef HAVE_SYS_TIME_H
# include <sys/time.h>
# else
# include <time.h>
# endif
# endif
1998-08-16 09:22:01 +04:00
# ifdef HAVE_SYS_RESOURCE_H
# include <sys/resource.h>
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_UNISTD_H
# include <unistd.h>
1996-05-04 11:50:46 +04:00
# endif
1998-08-16 09:22:01 +04:00
1998-07-29 07:08:05 +04:00
# include <stdio.h>
# include <stddef.h>
1996-05-04 11:50:46 +04:00
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_PARAM_H
# include <sys/param.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_STDLIB_H
# include <stdlib.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
1996-05-04 11:50:46 +04:00
# endif
2001-07-25 07:28:45 +04:00
# ifdef HAVE_UNIXSOCKET
2000-01-06 02:46:47 +03:00
# include <sys/un.h>
# endif
1998-10-07 11:55:14 +04:00
# ifdef HAVE_SYS_SYSCALL_H
# include <sys/syscall.h>
# elif HAVE_SYSCALL_H
# include <syscall.h>
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_STRING_H
# include <string.h>
1996-05-04 11:50:46 +04:00
# endif
1998-08-15 05:19:26 +04:00
# ifdef HAVE_STRINGS_H
# include <strings.h>
# endif
# ifdef HAVE_MEMORY_H
# include <memory.h>
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_MALLOC_H
# include <malloc.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_FCNTL_H
# include <fcntl.h>
1996-05-04 11:50:46 +04:00
# else
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_FCNTL_H
# include <sys/fcntl.h>
1996-05-04 11:50:46 +04:00
# endif
# endif
1998-07-29 07:08:05 +04:00
# include <sys/stat.h>
1996-05-04 11:50:46 +04:00
1998-07-29 07:08:05 +04:00
# ifdef HAVE_LIMITS_H
# include <limits.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_IOCTL_H
# include <sys/ioctl.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_FILIO_H
# include <sys/filio.h>
1998-05-08 17:51:17 +04:00
# endif
1996-05-04 11:50:46 +04:00
1998-07-29 07:08:05 +04:00
# include <signal.h>
1996-05-04 11:50:46 +04:00
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_WAIT_H
1996-05-04 11:50:46 +04:00
# include <sys/wait.h>
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_CTYPE_H
# include <ctype.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_GRP_H
# include <grp.h>
1997-01-09 21:02:17 +03:00
# endif
1999-12-13 16:27:58 +03:00
# ifdef HAVE_SYS_PRIV_H
# include <sys/priv.h>
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_ID_H
# include <sys/id.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# include <errno.h>
1996-05-04 11:50:46 +04:00
1998-07-29 07:08:05 +04:00
# ifdef HAVE_UTIME_H
# include <utime.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_SELECT_H
# include <sys/select.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_MODE_H
/* apparently AIX needs this for S_ISLNK */
# ifndef S_ISLNK
# include <sys/mode.h>
1996-05-04 11:50:46 +04:00
# endif
# endif
1998-11-16 04:12:36 +03:00
# ifdef HAVE_GLOB_H
1998-07-29 07:08:05 +04:00
# include <glob.h>
1996-05-04 11:50:46 +04:00
# endif
# include <pwd.h>
1998-07-29 07:08:05 +04:00
# ifdef HAVE_STDARG_H
# include <stdarg.h>
1998-01-07 09:21:56 +03:00
# else
1998-07-29 07:08:05 +04:00
# include <varargs.h>
# endif
1996-05-04 11:50:46 +04:00
1999-12-13 16:27:58 +03:00
# include <netinet/in.h>
1998-02-07 15:15:20 +03:00
# include <arpa/inet.h>
1998-07-29 07:08:05 +04:00
# include <netdb.h>
2002-09-25 19:19:00 +04:00
# ifdef HAVE_SYSLOG_H
1998-07-29 07:08:05 +04:00
# include <syslog.h>
2002-09-25 19:19:00 +04:00
# else
# ifdef HAVE_SYS_SYSLOG_H
# include <sys/syslog.h>
# endif
# endif
1998-07-29 07:08:05 +04:00
# include <sys/file.h>
1996-05-04 11:50:46 +04:00
1998-07-29 07:08:05 +04:00
# ifdef HAVE_NETINET_TCP_H
1996-05-04 14:32:30 +04:00
# include <netinet/tcp.h>
# endif
1999-12-13 16:27:58 +03:00
/*
* The next three defines are needed to access the IPTOS_ * options
* on some systems .
*/
# ifdef HAVE_NETINET_IN_SYSTM_H
# include <netinet/in_systm.h>
# endif
# ifdef HAVE_NETINET_IN_IP_H
# include <netinet/in_ip.h>
# endif
# ifdef HAVE_NETINET_IP_H
# include <netinet/ip.h>
# endif
# if defined(HAVE_TERMIOS_H)
/* POSIX terminal handling. */
1997-10-21 22:27:55 +04:00
# include <termios.h>
1999-12-13 16:27:58 +03:00
# elif defined(HAVE_TERMIO_H)
/* Older SYSV terminal handling - don't use if we can avoid it. */
# include <termio.h>
# elif defined(HAVE_SYS_TERMIO_H)
/* Older SYSV terminal handling - don't use if we can avoid it. */
# include <sys/termio.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# if HAVE_DIRENT_H
# include <dirent.h>
# define NAMLEN(dirent) strlen((dirent)->d_name)
# else
# define dirent direct
# define NAMLEN(dirent) (dirent)->d_namlen
# if HAVE_SYS_NDIR_H
# include <sys / ndir.h>
# endif
# if HAVE_SYS_DIR_H
# include <sys / dir.h>
# endif
# if HAVE_NDIR_H
# include <ndir.h>
# endif
# endif
1998-12-17 04:04:38 +03:00
# ifdef HAVE_SYS_MMAN_H
1998-07-29 07:08:05 +04:00
# include <sys/mman.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_NET_IF_H
# include <net/if.h>
1996-05-04 11:50:46 +04:00
# endif
2005-09-30 21:13:37 +04:00
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_MOUNT_H
# include <sys/mount.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_VFS_H
1996-05-04 11:50:46 +04:00
# include <sys/vfs.h>
1996-08-17 18:27:12 +04:00
# endif
1998-10-07 14:37:09 +04:00
# ifdef HAVE_SYS_ACL_H
# include <sys/acl.h>
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_FS_S5PARAM_H
# include <sys/fs/s5param.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# if defined (HAVE_SYS_FILSYS_H) && !defined (_CRAY)
# include <sys/filsys.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_STATFS_H
# include <sys / statfs.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_DUSTAT_H
# include <sys/dustat.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_STATVFS_H
# include <sys/statvfs.h>
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SHADOW_H
2004-09-08 03:30:27 +04:00
/*
* HP - UX 11. X has TCP_NODELAY and TCP_MAXSEG defined in < netinet / tcp . h > which
* was included above . However < rpc / rpc . h > includes < sys / xti . h > which defines
* them again without checking if they already exsist . This generates
* two " Redefinition of macro " warnings for every single . c file that is
* compiled .
*/
# if defined(HPUX) && defined(TCP_NODELAY)
# undef TCP_NODELAY
# endif
# if defined(HPUX) && defined(TCP_MAXSEG)
# undef TCP_MAXSEG
# endif
1998-07-29 07:08:05 +04:00
# include <shadow.h>
1996-05-04 11:50:46 +04:00
# endif
1998-08-26 06:36:27 +04:00
# ifdef HAVE_GETPWANAM
# include <sys/label.h>
# include <sys/audit.h>
# include <pwdadj.h>
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SYS_SECURITY_H
# include <sys/security.h>
# include <prot.h>
# define PASSWORD_LENGTH 16
# endif /* HAVE_SYS_SECURITY_H */
1996-05-04 11:50:46 +04:00
1998-09-01 00:20:54 +04:00
# ifdef HAVE_STROPTS_H
# include <stropts.h>
# endif
# ifdef HAVE_POLL_H
# include <poll.h>
# endif
1998-11-24 02:07:38 +03:00
# if defined(HAVE_RPC_RPC_H)
1999-12-13 16:27:58 +03:00
/*
* Check for AUTH_ERROR define conflict with rpc / rpc . h in prot . h .
*/
# if defined(HAVE_SYS_SECURITY_H) && defined(HAVE_RPC_AUTH_ERROR_CONFLICT)
# undef AUTH_ERROR
# endif
2004-09-08 03:30:27 +04:00
/*
* HP - UX 11. X has TCP_NODELAY and TCP_MAXSEG defined in < netinet / tcp . h > which
* was included above . However < rpc / rpc . h > includes < sys / xti . h > which defines
* them again without checking if they already exsist . This generates
* two " Redefinition of macro " warnings for every single . c file that is
* compiled .
*/
# if defined(HPUX) && defined(TCP_NODELAY)
# undef TCP_NODELAY
# endif
# if defined(HPUX) && defined(TCP_MAXSEG)
# undef TCP_MAXSEG
# endif
1998-11-24 02:07:38 +03:00
# include <rpc/rpc.h>
# endif
1998-11-19 07:15:23 +03:00
# if defined(HAVE_YP_GET_DEFAULT_DOMAIN) && defined(HAVE_SETNETGRENT) && defined(HAVE_ENDNETGRENT) && defined(HAVE_GETNETGRENT)
# define HAVE_NETGROUP 1
# endif
1998-11-24 02:07:38 +03:00
# if defined (HAVE_NETGROUP)
2004-08-31 19:11:41 +04:00
# if defined(HAVE_RPCSVC_YP_PROT_H)
2004-09-08 03:30:27 +04:00
/*
* HP - UX 11. X has TCP_NODELAY and TCP_MAXSEG defined in < netinet / tcp . h > which
* was included above . However < rpc / rpc . h > includes < sys / xti . h > which defines
* them again without checking if they already exsist . This generates
* two " Redefinition of macro " warnings for every single . c file that is
* compiled .
*/
# if defined(HPUX) && defined(TCP_NODELAY)
# undef TCP_NODELAY
# endif
# if defined(HPUX) && defined(TCP_MAXSEG)
# undef TCP_MAXSEG
# endif
2004-08-31 19:11:41 +04:00
# include <rpcsvc/yp_prot.h>
# endif
2004-09-16 06:49:01 +04:00
# if defined(HAVE_RPCSVC_YPCLNT_H)
# include <rpcsvc/ypclnt.h>
# endif
1998-11-24 02:07:38 +03:00
# endif /* HAVE_NETGROUP */
2001-05-03 23:47:30 +04:00
# if defined(HAVE_SYS_IPC_H)
# include <sys/ipc.h>
# endif /* HAVE_SYS_IPC_H */
# if defined(HAVE_SYS_SHM_H)
# include <sys/shm.h>
# endif /* HAVE_SYS_SHM_H */
2001-07-04 11:15:53 +04:00
# ifdef HAVE_NATIVE_ICONV
2003-02-24 06:27:29 +03:00
# ifdef HAVE_ICONV
2001-07-04 11:15:53 +04:00
# include <iconv.h>
# endif
2003-02-24 06:27:29 +03:00
# ifdef HAVE_GICONV
# include <giconv.h>
# endif
2004-03-11 18:12:59 +03:00
# ifdef HAVE_BICONV
# include <biconv.h>
# endif
2003-02-24 06:27:29 +03:00
# endif
2001-07-04 11:15:53 +04:00
2001-11-27 10:09:06 +03:00
# if HAVE_KRB5_H
2001-10-18 14:26:06 +04:00
# include <krb5.h>
2001-11-28 01:37:25 +03:00
# else
# undef HAVE_KRB5
2001-10-18 14:26:06 +04:00
# endif
2001-12-30 08:59:43 +03:00
# if HAVE_LBER_H
# include <lber.h>
2005-11-22 20:15:28 +03:00
# ifndef LBER_USE_DER
# define LBER_USE_DER 0x01
# endif
2001-12-30 08:59:43 +03:00
# endif
2001-11-25 15:40:23 +03:00
# if HAVE_LDAP_H
2001-11-20 11:54:15 +03:00
# include <ldap.h>
2005-11-22 20:15:28 +03:00
# ifndef LDAP_CONST
# define LDAP_CONST const
# endif
# ifndef LDAP_OPT_SUCCESS
# define LDAP_OPT_SUCCESS 0
# endif
2006-02-26 04:41:02 +03:00
/* Solaris 8 and maybe other LDAP implementations spell this "..._INPROGRESS": */
# if defined(LDAP_SASL_BIND_INPROGRESS) && !defined(LDAP_SASL_BIND_IN_PROGRESS)
# define LDAP_SASL_BIND_IN_PROGRESS LDAP_SASL_BIND_INPROGRESS
# endif
2006-02-26 15:25:34 +03:00
/* Solaris 8 defines SSL_LDAP_PORT, not LDAPS_PORT and it only does so if
LDAP_SSL is defined - but SSL is not working . We just want the
port number ! Let ' s just define LDAPS_PORT correct . */
# if !defined(LDAPS_PORT)
# define LDAPS_PORT 636
# endif
2001-11-28 01:37:25 +03:00
# else
# undef HAVE_LDAP
2001-11-20 11:54:15 +03:00
# endif
2003-01-16 05:39:49 +03:00
# if HAVE_GSSAPI_H
# include <gssapi.h>
2004-11-05 03:57:29 +03:00
# elif HAVE_GSSAPI_GSSAPI_H
2001-12-08 14:18:56 +03:00
# include <gssapi/gssapi.h>
2004-11-05 03:57:29 +03:00
# elif HAVE_GSSAPI_GSSAPI_GENERIC_H
2001-12-08 14:18:56 +03:00
# include <gssapi/gssapi_generic.h>
2001-11-20 11:54:15 +03:00
# endif
2003-01-16 05:58:14 +03:00
# if HAVE_COM_ERR_H
# include <com_err.h>
# endif
2003-08-15 05:29:08 +04:00
# if HAVE_SYS_ATTRIBUTES_H
# include <sys/attributes.h>
# endif
2004-02-20 18:52:14 +03:00
/* mutually exclusive (SuSE 8.2) */
2003-06-06 00:29:55 +04:00
# if HAVE_ATTR_XATTR_H
# include <attr/xattr.h>
2004-02-20 18:50:18 +03:00
# elif HAVE_SYS_XATTR_H
2004-02-20 01:17:54 +03:00
# include <sys/xattr.h>
# endif
2006-02-20 14:57:47 +03:00
# ifdef HAVE_SYS_EA_H
# include <sys/ea.h>
# endif
2005-04-10 08:27:14 +04:00
# ifdef HAVE_SYS_EXTATTR_H
# include <sys/extattr.h>
# endif
# ifdef HAVE_SYS_UIO_H
# include <sys/uio.h>
# endif
2003-06-30 06:11:13 +04:00
# if HAVE_LOCALE_H
# include <locale.h>
# endif
# if HAVE_LANGINFO_H
# include <langinfo.h>
# endif
2006-01-09 18:54:16 +03:00
# if defined(HAVE_AIO_H) && defined(WITH_AIO)
2005-06-28 02:08:58 +04:00
# include <aio.h>
# endif
2005-07-16 01:36:00 +04:00
/* skip valgrind headers on 64bit AMD boxes */
# ifndef HAVE_64BIT_LINUX
2003-04-16 17:19:51 +04:00
/* Special macros that are no-ops except when run under Valgrind on
* x86 . They ' ve moved a little bit from valgrind 1.0 .4 to 1.9 .4 */
# if HAVE_VALGRIND_MEMCHECK_H
/* memcheck.h includes valgrind.h */
# include <valgrind/memcheck.h>
# elif HAVE_VALGRIND_H
# include <valgrind.h>
# endif
2005-07-16 01:36:00 +04:00
# endif
2003-04-16 17:19:51 +04:00
/* If we have --enable-developer and the valgrind header is present,
* then we ' re OK to use it . Set a macro so this logic can be done only
* once . */
2006-02-06 09:22:20 +03:00
# if defined(DEVELOPER) && !defined(HAVE_64BIT_LINUX)
# if (HAVE_VALGRIND_H || HAVE_VALGRIND_VALGRIND_H)
2003-04-16 17:19:51 +04:00
# define VALGRIND
# endif
2006-02-06 09:22:20 +03:00
# endif
2003-04-16 17:19:51 +04:00
2002-09-25 19:19:00 +04:00
/* we support ADS if we want it and have krb5 and ldap libs */
# if defined(WITH_ADS) && defined(HAVE_KRB5) && defined(HAVE_LDAP)
2001-11-20 11:54:15 +03:00
# define HAVE_ADS
# endif
1999-12-13 16:27:58 +03:00
/*
* Define VOLATILE if needed .
*/
# if defined(HAVE_VOLATILE)
# define VOLATILE volatile
1999-03-08 21:41:58 +03:00
# else
1999-12-13 16:27:58 +03:00
# define VOLATILE
# endif
/*
2001-06-25 06:53:13 +04:00
* Define additional missing types
1999-12-13 16:27:58 +03:00
*/
2002-07-15 14:35:28 +04:00
# if defined(HAVE_SIG_ATOMIC_T_TYPE) && defined(AIX)
typedef sig_atomic_t SIG_ATOMIC_T ;
# elif defined(HAVE_SIG_ATOMIC_T_TYPE) && !defined(AIX)
typedef sig_atomic_t VOLATILE SIG_ATOMIC_T ;
# else
typedef int VOLATILE SIG_ATOMIC_T ;
2001-06-25 06:53:13 +04:00
# endif
1999-12-13 16:27:58 +03:00
2001-06-25 06:53:13 +04:00
# ifndef HAVE_SOCKLEN_T_TYPE
2006-01-08 18:31:25 +03:00
# define HAVE_SOCKLEN_T_TYPE
2001-06-25 06:53:13 +04:00
typedef int socklen_t ;
1999-03-02 19:43:27 +03:00
# endif
2001-06-25 06:53:13 +04:00
1998-07-29 07:08:05 +04:00
# ifndef uchar
# define uchar unsigned char
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifdef HAVE_UNSIGNED_CHAR
# define schar signed char
1996-05-04 11:50:46 +04:00
# else
1998-07-29 07:08:05 +04:00
# define schar char
1996-05-04 11:50:46 +04:00
# endif
1998-09-01 00:20:54 +04:00
/*
Samba needs type definitions for int16 , int32 , uint16 and uint32 .
Normally these are signed and unsigned 16 and 32 bit integers , but
they actually only need to be at least 16 and 32 bits
respectively . Thus if your word size is 8 bytes just defining them
as signed and unsigned int will work .
*/
# ifndef uint8
# define uint8 unsigned char
# endif
1998-11-19 07:15:23 +03:00
# if !defined(int16) && !defined(HAVE_INT16_FROM_RPC_RPC_H)
2006-05-24 18:26:34 +04:00
# if (SIZEOF_SHORT == 4)
# define int16 __ERROR___CANNOT_DETERMINE_TYPE_FOR_INT16;
# else /* SIZEOF_SHORT != 4 */
# define int16 short
# endif /* SIZEOF_SHORT != 4 */
/* needed to work around compile issue on HP-UX 11.x */
# define _INT16 1
1998-09-01 00:20:54 +04:00
# endif
1998-11-19 07:15:23 +03:00
/*
* Note we duplicate the size tests in the unsigned
* case as int16 may be a typedef from rpc / rpc . h
*/
# if !defined(uint16) && !defined(HAVE_UINT16_FROM_RPC_RPC_H)
# if (SIZEOF_SHORT == 4)
# define uint16 __ERROR___CANNOT_DETERMINE_TYPE_FOR_INT16;
# else /* SIZEOF_SHORT != 4 */
# define uint16 unsigned short
# endif /* SIZEOF_SHORT != 4 */
1998-09-01 00:20:54 +04:00
# endif
1998-11-19 07:15:23 +03:00
# if !defined(int32) && !defined(HAVE_INT32_FROM_RPC_RPC_H)
2006-05-24 18:26:34 +04:00
# if (SIZEOF_INT == 4)
# define int32 int
# elif (SIZEOF_LONG == 4)
# define int32 long
# elif (SIZEOF_SHORT == 4)
# define int32 short
# else
/* uggh - no 32 bit type?? probably a CRAY. just hope this works ... */
# define int32 int
# endif
/* needed to work around compile issue on HP-UX 11.x */
# define _INT32 1
1997-12-03 08:22:24 +03:00
# endif
1998-11-19 07:15:23 +03:00
/*
* Note we duplicate the size tests in the unsigned
* case as int32 may be a typedef from rpc / rpc . h
*/
# if !defined(uint32) && !defined(HAVE_UINT32_FROM_RPC_RPC_H)
# if (SIZEOF_INT == 4)
# define uint32 unsigned int
# elif (SIZEOF_LONG == 4)
# define uint32 unsigned long
# elif (SIZEOF_SHORT == 4)
# define uint32 unsigned short
2001-06-26 09:21:49 +04:00
# else
/* uggh - no 32 bit type?? probably a CRAY. just hope this works ... */
# define uint32 unsigned
1996-05-04 11:50:46 +04:00
# endif
2001-06-26 09:38:24 +04:00
# endif
1996-05-04 11:50:46 +04:00
2006-04-12 18:10:39 +04:00
/*
* check for 8 byte long long
*/
# if !defined(uint64)
# if (SIZEOF_LONG == 8)
# define uint64 unsigned long
# elif (SIZEOF_LONG_LONG == 8)
# define uint64 unsigned long long
# endif /* don't lie. If we don't have it, then don't use it */
# endif
2006-08-23 02:53:08 +04:00
# if !defined(int64)
# if (SIZEOF_LONG == 8)
# define int64 long
# elif (SIZEOF_LONG_LONG == 8)
# define int64 long long
# endif /* don't lie. If we don't have it, then don't use it */
# endif
2006-04-12 18:10:39 +04:00
1998-09-01 00:20:54 +04:00
/*
1998-09-03 22:40:31 +04:00
* Types for devices , inodes and offsets .
1998-09-01 00:20:54 +04:00
*/
# ifndef SMB_DEV_T
2002-01-10 03:28:09 +03:00
# if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_DEV64_T)
# define SMB_DEV_T dev64_t
# else
# define SMB_DEV_T dev_t
# endif
1998-09-01 00:20:54 +04:00
# endif
2006-01-13 01:17:54 +03:00
# ifndef LARGE_SMB_DEV_T
# if (defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_DEV64_T)) || (defined(SIZEOF_DEV_T) && (SIZEOF_DEV_T == 8))
# define LARGE_SMB_DEV_T 1
# endif
# endif
# ifdef LARGE_SMB_DEV_T
# define SDEV_T_VAL(p, ofs, v) (SIVAL((p),(ofs),(v)&0xFFFFFFFF), SIVAL((p),(ofs)+4,(v)>>32))
# define DEV_T_VAL(p, ofs) ((SMB_DEV_T)(((SMB_BIG_UINT)(IVAL((p),(ofs))))| (((SMB_BIG_UINT)(IVAL((p),(ofs)+4))) << 32)))
# else
# define SDEV_T_VAL(p, ofs, v) (SIVAL((p),(ofs),v),SIVAL((p),(ofs)+4,0))
# define DEV_T_VAL(p, ofs) ((SMB_DEV_T)(IVAL((p),(ofs))))
# endif
1998-09-05 00:53:58 +04:00
/*
* Setup the correctly sized inode type .
*/
1998-09-01 00:20:54 +04:00
# ifndef SMB_INO_T
1999-12-13 16:27:58 +03:00
# if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_INO64_T)
1998-09-05 00:53:58 +04:00
# define SMB_INO_T ino64_t
# else
# define SMB_INO_T ino_t
# endif
# endif
# ifndef LARGE_SMB_INO_T
1999-12-13 16:27:58 +03:00
# if (defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_INO64_T)) || (defined(SIZEOF_INO_T) && (SIZEOF_INO_T == 8))
1998-09-05 00:53:58 +04:00
# define LARGE_SMB_INO_T 1
# endif
1998-09-01 00:20:54 +04:00
# endif
1998-10-24 12:08:05 +04:00
# ifdef LARGE_SMB_INO_T
2006-01-13 01:17:54 +03:00
# define SINO_T_VAL(p, ofs, v) (SIVAL((p),(ofs),(v)&0xFFFFFFFF), SIVAL((p),(ofs)+4,(v)>>32))
# define INO_T_VAL(p, ofs) ((SMB_INO_T)(((SMB_BIG_UINT)(IVAL(p,ofs)))| (((SMB_BIG_UINT)(IVAL(p,(ofs)+4))) << 32)))
1998-10-24 12:08:05 +04:00
# else
2006-01-13 01:17:54 +03:00
# define SINO_T_VAL(p, ofs, v) (SIVAL(p,ofs,v),SIVAL(p,(ofs)+4,0))
# define INO_T_VAL(p, ofs) ((SMB_INO_T)(IVAL((p),(ofs))))
1998-10-24 12:08:05 +04:00
# endif
1998-09-03 22:40:31 +04:00
# ifndef SMB_OFF_T
1999-12-13 16:27:58 +03:00
# if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_OFF64_T)
1998-09-04 04:23:28 +04:00
# define SMB_OFF_T off64_t
# else
# define SMB_OFF_T off_t
# endif
1998-09-03 22:40:31 +04:00
# endif
2004-03-04 21:17:01 +03:00
# if defined(HAVE_LONGLONG)
# define SMB_BIG_UINT unsigned long long
# define SMB_BIG_INT long long
# define SBIG_UINT(p, ofs, v) (SIVAL(p,ofs,(v)&0xFFFFFFFF), SIVAL(p,(ofs)+4,(v)>>32))
# else
# define SMB_BIG_UINT unsigned long
# define SMB_BIG_INT long
# define SBIG_UINT(p, ofs, v) (SIVAL(p,ofs,v),SIVAL(p,(ofs)+4,0))
# endif
# define SMB_BIG_UINT_BITS (sizeof(SMB_BIG_UINT)*8)
2000-01-13 15:05:40 +03:00
/* this should really be a 64 bit type if possible */
2000-01-16 14:06:00 +03:00
# define br_off SMB_BIG_UINT
2000-01-13 15:05:40 +03:00
1998-09-18 06:30:03 +04:00
# define SMB_OFF_T_BITS (sizeof(SMB_OFF_T)*8)
1998-09-03 22:40:31 +04:00
/*
* Set the define that tells us if we can do 64 bit
* NT SMB calls .
*/
# ifndef LARGE_SMB_OFF_T
1999-12-13 16:27:58 +03:00
# if (defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_OFF64_T)) || (defined(SIZEOF_OFF_T) && (SIZEOF_OFF_T == 8))
1998-09-04 04:23:28 +04:00
# define LARGE_SMB_OFF_T 1
# endif
1998-09-03 22:40:31 +04:00
# endif
1998-09-18 22:30:42 +04:00
# ifdef LARGE_SMB_OFF_T
# define SOFF_T(p, ofs, v) (SIVAL(p,ofs,(v)&0xFFFFFFFF), SIVAL(p,(ofs)+4,(v)>>32))
2001-04-18 08:33:24 +04:00
# define SOFF_T_R(p, ofs, v) (SIVAL(p,(ofs)+4,(v)&0xFFFFFFFF), SIVAL(p,ofs,(v)>>32))
2002-12-03 11:02:41 +03:00
# define IVAL_TO_SMB_OFF_T(buf,off) ((SMB_OFF_T)(( ((SMB_BIG_UINT)(IVAL((buf),(off)))) & ((SMB_BIG_UINT)0xFFFFFFFF) )))
2002-12-11 02:44:33 +03:00
# define IVAL2_TO_SMB_BIG_UINT(buf,off) ( (((SMB_BIG_UINT)(IVAL((buf),(off)))) & ((SMB_BIG_UINT)0xFFFFFFFF)) | \
( ( ( ( SMB_BIG_UINT ) ( IVAL ( ( buf ) , ( off + 4 ) ) ) ) & ( ( SMB_BIG_UINT ) 0xFFFFFFFF ) ) < < 32 ) )
1998-09-18 22:30:42 +04:00
# else
# define SOFF_T(p, ofs, v) (SIVAL(p,ofs,v),SIVAL(p,(ofs)+4,0))
2001-04-18 08:33:24 +04:00
# define SOFF_T_R(p, ofs, v) (SIVAL(p,(ofs)+4,v),SIVAL(p,ofs,0))
2002-12-03 11:02:41 +03:00
# define IVAL_TO_SMB_OFF_T(buf,off) ((SMB_OFF_T)(( ((uint32)(IVAL((buf),(off)))) & 0xFFFFFFFF )))
2002-12-11 02:44:33 +03:00
# define IVAL2_TO_SMB_BIG_UINT(buf,off) ( (((SMB_BIG_UINT)(IVAL((buf),(off)))) & ((SMB_BIG_UINT)0xFFFFFFFF)) | \
( ( ( ( SMB_BIG_UINT ) ( IVAL ( ( buf ) , ( off + 4 ) ) ) ) & ( ( SMB_BIG_UINT ) 0xFFFFFFFF ) ) < < 32 ) )
1998-09-18 22:30:42 +04:00
# endif
1998-09-02 00:11:54 +04:00
/*
1998-09-03 22:40:31 +04:00
* Type for stat structure .
1998-09-02 00:11:54 +04:00
*/
# ifndef SMB_STRUCT_STAT
1999-12-13 16:27:58 +03:00
# if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_STAT64) && defined(HAVE_OFF64_T)
1998-09-04 04:23:28 +04:00
# define SMB_STRUCT_STAT struct stat64
# else
# define SMB_STRUCT_STAT struct stat
# endif
# endif
1999-12-13 16:27:58 +03:00
/*
* Type for dirent structure .
*/
# ifndef SMB_STRUCT_DIRENT
# if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_STRUCT_DIRENT64)
# define SMB_STRUCT_DIRENT struct dirent64
# else
# define SMB_STRUCT_DIRENT struct dirent
# endif
# endif
2005-08-22 22:03:08 +04:00
/*
* Type for DIR structure .
*/
# ifndef SMB_STRUCT_DIR
# if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_STRUCT_DIR64)
# define SMB_STRUCT_DIR DIR64
# else
# define SMB_STRUCT_DIR DIR
# endif
# endif
1998-09-04 04:23:28 +04:00
/*
* Defines for 64 bit fcntl locks .
*/
# ifndef SMB_STRUCT_FLOCK
1999-12-13 16:27:58 +03:00
# if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_STRUCT_FLOCK64) && defined(HAVE_OFF64_T)
1998-09-04 04:23:28 +04:00
# define SMB_STRUCT_FLOCK struct flock64
# else
# define SMB_STRUCT_FLOCK struct flock
# endif
# endif
# ifndef SMB_F_SETLKW
1999-12-13 16:27:58 +03:00
# if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_STRUCT_FLOCK64) && defined(HAVE_OFF64_T)
1998-09-04 04:23:28 +04:00
# define SMB_F_SETLKW F_SETLKW64
# else
# define SMB_F_SETLKW F_SETLKW
# endif
1998-09-02 00:11:54 +04:00
# endif
1998-09-04 04:23:28 +04:00
# ifndef SMB_F_SETLK
1999-12-13 16:27:58 +03:00
# if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_STRUCT_FLOCK64) && defined(HAVE_OFF64_T)
1998-09-04 04:23:28 +04:00
# define SMB_F_SETLK F_SETLK64
# else
# define SMB_F_SETLK F_SETLK
# endif
# endif
# ifndef SMB_F_GETLK
1999-12-13 16:27:58 +03:00
# if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_STRUCT_FLOCK64) && defined(HAVE_OFF64_T)
1998-09-04 04:23:28 +04:00
# define SMB_F_GETLK F_GETLK64
# else
# define SMB_F_GETLK F_GETLK
# endif
1998-09-03 22:40:31 +04:00
# endif
1998-09-02 00:11:54 +04:00
2005-06-28 02:08:58 +04:00
/*
* Type for aiocb structure .
*/
# ifndef SMB_STRUCT_AIOCB
# if defined(WITH_AIO)
# if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_AIOCB64)
# define SMB_STRUCT_AIOCB struct aiocb64
# else
# define SMB_STRUCT_AIOCB struct aiocb
# endif
# else
# define SMB_STRUCT_AIOCB int /* AIO not being used but we still need the define.... */
# endif
# endif
# ifndef HAVE_STRUCT_TIMESPEC
struct timespec {
time_t tv_sec ; /* Seconds. */
long tv_nsec ; /* Nanoseconds. */
} ;
# endif
1998-07-29 07:08:05 +04:00
# ifndef MIN
# define MIN(a,b) ((a)<(b)?(a):(b))
1997-07-18 00:11:58 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifndef MAX
# define MAX(a,b) ((a)>(b)?(a):(b))
1998-02-27 01:58:21 +03:00
# endif
2006-07-11 22:01:26 +04:00
# ifndef _BOOL
typedef int BOOL ;
# define _BOOL /* So we don't typedef BOOL again in vfs.h */
# endif
1998-07-29 07:08:05 +04:00
# ifndef HAVE_STRERROR
1996-05-04 11:50:46 +04:00
extern char * sys_errlist [ ] ;
# define strerror(i) sys_errlist[i]
# endif
1998-07-29 07:08:05 +04:00
# ifndef HAVE_ERRNO_DECL
extern int errno ;
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 09:05:36 +04:00
# ifdef HAVE_BROKEN_GETGROUPS
# define GID_T int
# else
# define GID_T gid_t
# endif
2000-02-15 22:36:47 +03:00
# ifndef NGROUPS_MAX
# define NGROUPS_MAX 32 /* Guess... */
# endif
1998-07-29 07:08:05 +04:00
2005-05-02 14:12:36 +04:00
# ifdef SOCKET_WRAPPER
# define SOCKET_WRAPPER_REPLACE
# include "include/socket_wrapper.h"
# endif
2002-03-02 08:35:10 +03:00
/* Our own pstrings and fstrings */
# include "pstring.h"
2000-05-09 17:28:19 +04:00
/* Lists, trees, caching, database... */
2001-09-10 16:14:18 +04:00
# include "xfile.h"
2001-10-14 16:10:29 +04:00
# include "intl.h"
1998-08-17 10:47:53 +04:00
# include "dlinklist.h"
2006-08-18 20:25:09 +04:00
# include "tdb.h"
# include "tdbutil.h"
# include "tdbback.h"
2005-06-09 02:10:34 +04:00
2000-01-05 09:36:36 +03:00
# include "talloc.h"
2005-06-09 02:10:34 +04:00
/* And a little extension. Abort on type mismatch */
# define talloc_get_type_abort(ptr, type) \
( type * ) talloc_check_name_abort ( ptr , # type )
2002-09-25 19:19:00 +04:00
# include "nt_status.h"
2001-11-20 11:54:15 +03:00
# include "ads.h"
2006-05-05 23:24:48 +04:00
# include "ads_dns.h"
1999-12-13 16:27:58 +03:00
# include "interfaces.h"
2000-04-25 18:06:57 +04:00
# include "trans2.h"
# include "nterr.h"
2002-08-17 21:00:51 +04:00
# include "ntioctl.h"
2000-09-11 11:02:43 +04:00
# include "messages.h"
2001-09-07 18:14:57 +04:00
# include "charset.h"
2001-11-19 05:49:53 +03:00
# include "dynconfig.h"
2001-05-29 11:34:01 +04:00
# include "util_getent.h"
1999-12-13 16:27:58 +03:00
# include "debugparse.h"
1996-05-04 11:50:46 +04:00
# include "version.h"
2005-01-13 21:20:37 +03:00
# include "privileges.h"
2006-07-18 01:09:02 +04:00
# include "locking.h"
1996-05-04 11:50:46 +04:00
# include "smb.h"
2006-05-12 19:17:35 +04:00
# include "ads_cldap.h"
1996-06-04 10:42:03 +04:00
# include "nameserv.h"
2002-03-01 05:56:35 +03:00
# include "secrets.h"
1996-05-04 11:50:46 +04:00
# include "byteorder.h"
2003-05-12 22:12:31 +04:00
# include "privileges.h"
2005-09-30 21:13:37 +04:00
# include "rpc_misc.h"
# include "rpc_dce.h"
2003-05-12 22:12:31 +04:00
# include "mapping.h"
# include "passdb.h"
# include "rpc_secdes.h"
2005-09-30 21:13:37 +04:00
# include "authdata.h"
2000-03-10 00:45:16 +03:00
# include "msdfs.h"
2001-10-19 20:46:34 +04:00
# include "rap.h"
2001-07-07 11:00:15 +04:00
# include "md5.h"
# include "hmacmd5.h"
2003-01-15 21:57:41 +03:00
# include "ntlmssp.h"
This is my 'Authentication Rewrite' version 1.01, mostly as submitted to
samba-technical a few weeks ago.
The idea here is to standardize the checking of user names and passwords,
thereby ensuring that all authtentications pass the same standards. The
interface currently implemented in as
nt_status = check_password(user_info, server_info)
where user_info contains (mostly) the authentication data, and server_info
contains things like the user-id they got, and their resolved user name.
The current ugliness with the way the structures are created will be killed
the next revision, when they will be created and malloced by creator functions.
This patch also includes the first implementation of NTLMv2 in HEAD, but which
needs some more testing. We also add a hack to allow plaintext passwords to be
compared with smbpasswd, not the system password database.
Finally, this patch probably reintroduces the PAM accounts bug we had in
2.2.0, I'll fix that once this hits the tree. (I've just finished testing
it on a wide variety of platforms, so I want to get this patch in).
(This used to be commit b30b6202f31d339b48d51c0d38174cafd1cfcd42)
2001-08-03 17:09:23 +04:00
# include "auth.h"
2005-09-30 21:13:37 +04:00
# include "ntdomain.h"
# include "rpc_svcctl.h"
# include "rpc_ntsvcs.h"
# include "rpc_lsa.h"
# include "rpc_netlogon.h"
# include "reg_objects.h"
# include "rpc_reg.h"
# include "rpc_samr.h"
# include "rpc_srvsvc.h"
# include "rpc_wkssvc.h"
# include "rpc_spoolss.h"
# include "rpc_eventlog.h"
# include "rpc_dfs.h"
# include "rpc_ds.h"
# include "rpc_echo.h"
# include "rpc_shutdown.h"
2006-07-11 22:01:26 +04:00
# include "rpc_unixinfo.h"
2005-09-30 21:13:37 +04:00
# include "rpc_perfcount.h"
# include "rpc_perfcount_defs.h"
# include "nt_printing.h"
2003-05-12 22:12:31 +04:00
# include "idmap.h"
# include "client.h"
2005-04-12 22:59:49 +04:00
# ifdef WITH_SMBWRAPPER
2003-05-12 22:12:31 +04:00
# include "smbw.h"
2005-04-12 22:59:49 +04:00
# endif
This is another *BIG* change...
Samba now features a pluggable passdb interface, along the same lines as the
one in use in the auth subsystem. In this case, only one backend may be active
at a time by the 'normal' interface, and only one backend per passdb_context is
permitted outside that.
This pluggable interface is designed to allow any number of passdb backends to
be compiled in, with the selection at runtime. The 'passdb backend' paramater
has been created (and documented!) to support this.
As such, configure has been modfied to allow (for example) --with-ldap and the
old smbpasswd to be selected at the same time.
This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua.
These two backends accept 'non unix accounts', where the user does *not* exist
in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to
avoid conflicts in the algroitmic mapping of RIDs, they use the values
specified in the 'non unix account range' paramter - in the same way as the
winbind ranges are specifed.
While I was at it, I cleaned up some of the code in pdb_tdb (code copied
directly from smbpasswd and not really considered properly). Most of this was
to do with % macro expansion on stored data. It isn't easy to get the macros
into the tdb, and the first password change will 'expand' them. tdbsam needs
to use a similar system to pdb_ldap in this regard.
This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I
don't have the test facilities for these. I plan to incoroprate at least
pdb_ldap into this scheme after consultation with Jerry.
Each (converted) passdb module now no longer has any 'static' variables, and
only exports 1 init function outside its .c file.
The non-unix-account support in this patch has been proven! It is now possible
to join a win2k machine to a Samba PDC without an account in /etc/passwd!
Other changes:
Minor interface adjustments:
pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*.
pdb_update_sam_account() no longer takes the 'override' argument that was being
ignored so often (every other passdb backend). Extra checks have been added in
some places.
Minor code changes:
smbpasswd no longer attempts to initialise the passdb at startup, this is
now done on first use.
pdbedit has lost some of its 'machine account' logic, as this behaviour is now
controlled by the passdb subsystem directly.
The samr subsystem no longer calls 'local password change', but does the pdb
interactions directly. This allow the ACB_ flags specifed to be transferred
direct to the backend, without interference.
Doco:
I've updated the doco to reflect some of the changes, and removed some paramters
no longer applicable to HEAD.
(This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
2002-01-20 17:30:58 +03:00
2001-08-22 23:11:55 +04:00
# include "session.h"
2002-01-01 07:05:10 +03:00
# include "asn_1.h"
2001-10-23 18:16:22 +04:00
# include "popt.h"
2002-04-11 06:20:56 +04:00
# include "mangle.h"
2003-05-06 06:34:59 +04:00
# include "module.h"
2002-09-25 19:19:00 +04:00
# include "nsswitch/winbind_client.h"
2003-07-29 19:00:38 +04:00
# include "spnego.h"
2005-09-30 21:13:37 +04:00
# include "rpc_client.h"
2006-02-04 01:19:41 +03:00
# include "event.h"
2006-09-07 02:08:06 +04:00
# include "librpc/ndr/libndr.h"
# include "librpc/gen_ndr/unixinfo.h"
2006-07-11 22:01:26 +04:00
1999-12-22 04:29:22 +03:00
/*
* Type for wide character dirent structure .
1999-12-22 21:46:05 +03:00
* Only d_name is defined by POSIX .
1999-12-22 04:29:22 +03:00
*/
typedef struct smb_wdirent {
wpstring d_name ;
} SMB_STRUCT_WDIRENT ;
/*
* Type for wide character passwd structure .
*/
typedef struct smb_wpasswd {
wfstring pw_name ;
char * pw_passwd ;
uid_t pw_uid ;
gid_t pw_gid ;
wpstring pw_gecos ;
wpstring pw_dir ;
wpstring pw_shell ;
} SMB_STRUCT_WPASSWD ;
2001-11-24 17:16:41 +03:00
/* used in net.c */
struct functable {
2003-01-03 11:28:12 +03:00
const char * funcname ;
2001-11-26 02:33:15 +03:00
int ( * fn ) ( int argc , const char * * argv ) ;
2001-11-24 17:16:41 +03:00
} ;
2006-02-04 01:19:41 +03:00
struct functable2 {
const char * funcname ;
int ( * fn ) ( int argc , const char * * argv ) ;
const char * helptext ;
} ;
2001-11-24 17:16:41 +03:00
1999-12-23 04:57:43 +03:00
/* Defines for wisXXX functions. */
# define UNI_UPPER 0x1
# define UNI_LOWER 0x2
# define UNI_DIGIT 0x4
# define UNI_XDIGIT 0x8
# define UNI_SPACE 0x10
2003-04-02 10:16:15 +04:00
# include "nsswitch/winbind_nss.h"
2000-07-10 10:41:04 +04:00
2002-09-25 19:19:00 +04:00
/* forward declaration from printing.h to get around
header file dependencies */
struct printjob ;
2003-05-12 22:12:31 +04:00
struct smb_ldap_privates ;
2003-06-05 06:34:30 +04:00
/* forward declarations from smbldap.c */
# include "smbldap.h"
2005-09-30 21:13:37 +04:00
# include "smb_ldap.h"
2006-05-05 11:15:45 +04:00
/*
* Reasons for cache flush .
*/
enum flush_reason_enum {
SEEK_FLUSH ,
READ_FLUSH ,
WRITE_FLUSH ,
READRAW_FLUSH ,
OPLOCK_RELEASE_FLUSH ,
CLOSE_FLUSH ,
SYNC_FLUSH ,
SIZECHANGE_FLUSH ,
/* NUM_FLUSH_REASONS must remain the last value in the enumeration. */
NUM_FLUSH_REASONS } ;
2006-07-11 22:01:26 +04:00
# ifndef HAVE_COMPARISON_FN_T
typedef int ( * comparison_fn_t ) ( const void * , const void * ) ;
# endif
1997-10-30 18:42:40 +03:00
/***** automatically generated prototypes *****/
2003-03-28 05:03:31 +03:00
# ifndef NO_PROTO_H
1997-10-30 18:42:40 +03:00
# include "proto.h"
2003-03-28 05:03:31 +03:00
# endif
1997-10-30 18:42:40 +03:00
2006-09-04 01:31:51 +04:00
# ifdef HAVE_LDAP
2006-09-04 01:07:16 +04:00
# include "ads_protos.h"
# endif
2006-05-05 11:15:45 +04:00
/* We need this after proto.h to reference GetTimeOfDay(). */
# include "smbprofile.h"
2000-02-03 07:47:50 +03:00
/* String routines */
2003-03-18 14:22:52 +03:00
# include "srvstr.h"
2000-02-03 07:47:50 +03:00
# include "safe_string.h"
1999-12-23 04:57:43 +03:00
1998-07-29 07:08:05 +04:00
# ifdef __COMPAR_FN_T
# define QSORT_CAST (__compar_fn_t)
1996-05-04 11:50:46 +04:00
# endif
1997-08-14 00:16:32 +04:00
1998-07-29 07:08:05 +04:00
# ifndef QSORT_CAST
# define QSORT_CAST (int (*)(const void *, const void *))
1997-08-14 00:16:32 +04:00
# endif
1996-05-04 11:50:46 +04:00
1998-07-29 07:08:05 +04:00
# ifndef DEFAULT_PRINTING
2001-08-23 23:06:20 +04:00
# ifdef HAVE_CUPS
1999-12-13 16:27:58 +03:00
# define DEFAULT_PRINTING PRINT_CUPS
# define PRINTCAP_NAME "cups"
# elif defined(SYSV)
1998-07-29 07:08:05 +04:00
# define DEFAULT_PRINTING PRINT_SYSV
1998-11-17 03:31:39 +03:00
# define PRINTCAP_NAME "lpstat"
1998-07-29 07:08:05 +04:00
# else
# define DEFAULT_PRINTING PRINT_BSD
1998-11-17 03:31:39 +03:00
# define PRINTCAP_NAME " / etc / printcap"
1996-05-04 11:50:46 +04:00
# endif
# endif
1998-11-26 00:17:20 +03:00
# ifndef PRINTCAP_NAME
# define PRINTCAP_NAME " / etc / printcap"
# endif
1998-07-29 07:08:05 +04:00
# ifndef SIGCLD
# define SIGCLD SIGCHLD
1996-05-04 11:50:46 +04:00
# endif
2003-03-28 04:07:05 +03:00
# ifndef SIGRTMIN
# define SIGRTMIN 32
# endif
1998-07-29 07:08:05 +04:00
# ifndef MAP_FILE
# define MAP_FILE 0
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# if defined(HAVE_PUTPRPWNAM) && defined(AUTH_CLEARTEXT_SEG_CHARS)
# define OSF1_ENH_SEC 1
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifndef ALLOW_CHANGE_PASSWORD
# if (defined(HAVE_TERMIOS_H) && defined(HAVE_DUP2) && defined(HAVE_SETSID))
# define ALLOW_CHANGE_PASSWORD 1
# endif
1996-10-05 06:54:37 +04:00
# endif
1998-07-29 07:08:05 +04:00
/* what is the longest significant password available on your system?
Knowing this speeds up password searches a lot */
# ifndef PASSWORD_LENGTH
# define PASSWORD_LENGTH 8
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 11:02:06 +04:00
# ifdef REPLACE_INET_NTOA
# define inet_ntoa rep_inet_ntoa
# endif
1998-07-29 07:08:05 +04:00
# ifndef HAVE_PIPE
# define SYNC_DNS 1
1996-05-04 11:50:46 +04:00
# endif
1998-07-29 07:08:05 +04:00
# ifndef SEEK_SET
# define SEEK_SET 0
1996-05-04 11:50:46 +04:00
# endif
1997-09-25 04:25:44 +04:00
# ifndef INADDR_LOOPBACK
# define INADDR_LOOPBACK 0x7f000001
1996-05-04 11:50:46 +04:00
# endif
1998-08-14 10:25:26 +04:00
# ifndef INADDR_NONE
# define INADDR_NONE 0xffffffff
# endif
1998-07-29 07:08:05 +04:00
# ifndef HAVE_CRYPT
# define crypt ufc_crypt
1996-05-04 11:50:46 +04:00
# endif
1998-10-03 15:51:30 +04:00
# ifndef O_ACCMODE
# define O_ACCMODE (O_RDONLY | O_WRONLY | O_RDWR)
# endif
1998-07-29 07:08:05 +04:00
# if defined(HAVE_CRYPT16) && defined(HAVE_GETAUTHUID)
# define ULTRIX_AUTH 1
# endif
1996-05-04 11:50:46 +04:00
1998-07-29 07:08:05 +04:00
# ifndef HAVE_STRDUP
char * strdup ( const char * s ) ;
1996-05-04 11:50:46 +04:00
# endif
2004-01-25 04:02:39 +03:00
# ifndef HAVE_STRNDUP
char * strndup ( const char * s , size_t size ) ;
# endif
1998-07-29 07:08:05 +04:00
# ifndef HAVE_MEMMOVE
void * memmove ( void * dest , const void * src , int size ) ;
# endif
1998-05-12 04:55:32 +04:00
1998-07-29 07:08:05 +04:00
# ifndef HAVE_INITGROUPS
int initgroups ( char * name , gid_t id ) ;
# endif
1998-05-12 04:55:32 +04:00
1998-07-29 07:08:05 +04:00
# ifndef HAVE_RENAME
int rename ( const char * zfrom , const char * zto ) ;
# endif
1998-05-12 04:55:32 +04:00
1998-07-29 07:08:05 +04:00
# ifndef HAVE_MKTIME
time_t mktime ( struct tm * t ) ;
# endif
1996-05-04 11:50:46 +04:00
2001-11-20 11:54:15 +03:00
# ifndef HAVE_STRLCPY
size_t strlcpy ( char * d , const char * s , size_t bufsize ) ;
# endif
# ifndef HAVE_STRLCAT
size_t strlcat ( char * d , const char * s , size_t bufsize ) ;
# endif
1998-07-29 07:08:05 +04:00
# ifndef HAVE_FTRUNCATE
int ftruncate ( int f , long l ) ;
# endif
1998-05-12 04:55:32 +04:00
2002-07-15 14:35:28 +04:00
# ifndef HAVE_STRNDUP
char * strndup ( const char * s , size_t n ) ;
# endif
# ifndef HAVE_STRNLEN
size_t strnlen ( const char * s , size_t n ) ;
# endif
1999-12-13 16:27:58 +03:00
# ifndef HAVE_STRTOUL
unsigned long strtoul ( const char * nptr , char * * endptr , int base ) ;
1998-08-14 21:38:29 +04:00
# endif
2003-02-19 15:31:16 +03:00
# ifndef HAVE_SETENV
int setenv ( const char * name , const char * value , int overwrite ) ;
# endif
1999-12-13 16:27:58 +03:00
# if (defined(USE_SETRESUID) && !defined(HAVE_SETRESUID_DECL))
1998-10-15 04:55:17 +04:00
/* stupid glibc */
1999-12-13 16:27:58 +03:00
int setresuid ( uid_t ruid , uid_t euid , uid_t suid ) ;
# endif
# if (defined(USE_SETRESUID) && !defined(HAVE_SETRESGID_DECL))
int setresgid ( gid_t rgid , gid_t egid , gid_t sgid ) ;
1998-10-15 04:55:17 +04:00
# endif
2001-05-30 16:28:13 +04:00
# ifndef HAVE_VASPRINTF_DECL
int vasprintf ( char * * ptr , const char * format , va_list ap ) ;
# endif
1998-10-15 04:55:17 +04:00
1998-09-21 15:34:44 +04:00
# ifdef REPLACE_GETPASS
# define getpass(prompt) getsmbpass((prompt))
# endif
1999-12-13 16:27:58 +03:00
/*
* Some older systems seem not to have MAXHOSTNAMELEN
* defined .
*/
# ifndef MAXHOSTNAMELEN
# define MAXHOSTNAMELEN 254
# endif
1998-10-07 11:55:14 +04:00
/* yuck, I'd like a better way of doing this */
# define DIRP_SIZE (256 + 32)
1999-12-13 16:27:58 +03:00
/*
* glibc on linux doesn ' t seem to have MSG_WAITALL
* defined . I think the kernel has it though . .
*/
# ifndef MSG_WAITALL
# define MSG_WAITALL 0
# endif
/* default socket options. Dave Miller thinks we should default to TCP_NODELAY
given the socket IO pattern that Samba uses */
# ifdef TCP_NODELAY
# define DEFAULT_SOCKET_OPTIONS "TCP_NODELAY"
# else
# define DEFAULT_SOCKET_OPTIONS ""
# endif
2002-07-15 14:35:28 +04:00
/* Load header file for dynamic linking stuff */
2000-02-03 07:47:50 +03:00
2002-07-15 14:35:28 +04:00
# ifdef HAVE_DLFCN_H
2000-02-03 07:47:50 +03:00
# include <dlfcn.h>
# endif
2001-12-20 07:01:44 +03:00
/* dmalloc -- free heap debugger (dmalloc.org). This should be near
* the * bottom * of include files so as not to conflict . */
2002-01-09 08:10:47 +03:00
# ifdef ENABLE_DMALLOC
2001-12-20 07:01:44 +03:00
# include <dmalloc.h>
# endif
2000-06-21 10:26:21 +04:00
/* Some POSIX definitions for those without */
# ifndef S_IFDIR
# define S_IFDIR 0x4000
# endif
# ifndef S_ISDIR
# define S_ISDIR(mode) ((mode & 0xF000) == S_IFDIR)
# endif
# ifndef S_IRWXU
# define S_IRWXU 00700 /* read, write, execute: owner */
# endif
# ifndef S_IRUSR
# define S_IRUSR 00400 /* read permission: owner */
# endif
# ifndef S_IWUSR
# define S_IWUSR 00200 /* write permission: owner */
# endif
# ifndef S_IXUSR
# define S_IXUSR 00100 /* execute permission: owner */
# endif
# ifndef S_IRWXG
# define S_IRWXG 00070 /* read, write, execute: group */
# endif
# ifndef S_IRGRP
# define S_IRGRP 00040 /* read permission: group */
# endif
# ifndef S_IWGRP
# define S_IWGRP 00020 /* write permission: group */
# endif
# ifndef S_IXGRP
# define S_IXGRP 00010 /* execute permission: group */
# endif
# ifndef S_IRWXO
# define S_IRWXO 00007 /* read, write, execute: other */
# endif
# ifndef S_IROTH
# define S_IROTH 00004 /* read permission: other */
# endif
# ifndef S_IWOTH
# define S_IWOTH 00002 /* write permission: other */
# endif
# ifndef S_IXOTH
# define S_IXOTH 00001 /* execute permission: other */
# endif
2002-03-28 02:17:50 +03:00
/* For sys_adminlog(). */
# ifndef LOG_EMERG
# define LOG_EMERG 0 /* system is unusable */
# endif
# ifndef LOG_ALERT
# define LOG_ALERT 1 /* action must be taken immediately */
# endif
# ifndef LOG_CRIT
# define LOG_CRIT 2 /* critical conditions */
# endif
# ifndef LOG_ERR
# define LOG_ERR 3 /* error conditions */
# endif
# ifndef LOG_WARNING
# define LOG_WARNING 4 /* warning conditions */
# endif
# ifndef LOG_NOTICE
# define LOG_NOTICE 5 /* normal but significant condition */
# endif
# ifndef LOG_INFO
# define LOG_INFO 6 /* informational */
# endif
# ifndef LOG_DEBUG
# define LOG_DEBUG 7 /* debug-level messages */
# endif
2000-06-15 13:35:37 +04:00
# if HAVE_KERNEL_SHARE_MODES
# ifndef LOCK_MAND
# define LOCK_MAND 32 /* This is a mandatory flock */
# define LOCK_READ 64 /* ... Which allows concurrent read operations */
# define LOCK_WRITE 128 /* ... Which allows concurrent write operations */
# define LOCK_RW 192 /* ... Which allows concurrent read & write ops */
# endif
# endif
2000-04-25 18:06:57 +04:00
extern int DEBUGLEVEL ;
2000-06-23 10:19:26 +04:00
# define MAX_SEC_CTX_DEPTH 8 /* Maximum number of security contexts */
2000-09-29 08:45:00 +04:00
# ifdef GLIBC_HACK_FCNTL64
/* this is a gross hack. 64 bit locking is completely screwed up on
i386 Linux in glibc 2.1 .95 ( which ships with RedHat 7.0 ) . This hack
" fixes " the problem with the current 2.4 .0 test kernels
*/
# define fcntl fcntl64
# undef F_SETLKW
# undef F_SETLK
# define F_SETLK 13
# define F_SETLKW 14
# endif
2001-07-04 11:15:53 +04:00
2001-03-19 10:08:02 +03:00
/* Needed for sys_dlopen/sys_dlsym/sys_dlclose */
# ifndef RTLD_GLOBAL
# define RTLD_GLOBAL 0
# endif
# ifndef RTLD_LAZY
# define RTLD_LAZY 0
# endif
# ifndef RTLD_NOW
# define RTLD_NOW 0
# endif
2001-07-22 14:50:21 +04:00
/* needed for some systems without iconv. Doesn't really matter
what error code we use */
2001-07-22 11:38:32 +04:00
# ifndef EILSEQ
2001-07-22 14:50:21 +04:00
# define EILSEQ EIO
2001-07-22 11:38:32 +04:00
# endif
2001-04-28 17:49:34 +04:00
/* add varargs prototypes with printf checking */
2005-08-26 07:23:48 +04:00
/*PRINTFLIKE2 */
2001-09-09 06:37:10 +04:00
int fdprintf ( int , const char * , . . . ) PRINTF_ATTRIBUTE ( 2 , 3 ) ;
2005-08-26 07:23:48 +04:00
/*PRINTFLIKE1 */
2001-09-09 06:37:10 +04:00
int d_printf ( const char * , . . . ) PRINTF_ATTRIBUTE ( 1 , 2 ) ;
2005-08-26 07:23:48 +04:00
/*PRINTFLIKE2 */
2001-09-09 06:37:10 +04:00
int d_fprintf ( FILE * f , const char * , . . . ) PRINTF_ATTRIBUTE ( 2 , 3 ) ;
2001-05-30 17:53:20 +04:00
# ifndef HAVE_SNPRINTF_DECL
2005-08-26 07:23:48 +04:00
/*PRINTFLIKE3 */
2001-04-28 17:49:34 +04:00
int snprintf ( char * , size_t , const char * , . . . ) PRINTF_ATTRIBUTE ( 3 , 4 ) ;
# endif
2001-05-30 17:53:20 +04:00
# ifndef HAVE_ASPRINTF_DECL
2005-08-26 07:23:48 +04:00
/*PRINTFLIKE2 */
2001-05-30 17:53:20 +04:00
int asprintf ( char * * , const char * , . . . ) PRINTF_ATTRIBUTE ( 2 , 3 ) ;
2001-04-28 17:49:34 +04:00
# endif
2003-07-23 07:59:57 +04:00
/* Fix prototype problem with non-C99 compliant snprintf implementations, esp
HPUX 11. Don ' t change the sense of this # if statement . Read the comments
in lib / snprint . c if you think you need to . See also bugzilla bug 174. */
# if !defined(HAVE_SNPRINTF) || !defined(HAVE_C99_VSNPRINTF)
# define snprintf smb_snprintf
2004-06-10 22:45:45 +04:00
# define vsnprintf smb_vsnprintf
2005-08-26 07:23:48 +04:00
/* PRINTFLIKE3 */
int smb_snprintf ( char * str , size_t count , const char * fmt , . . . ) ;
int smb_vsnprintf ( char * str , size_t count , const char * fmt , va_list args ) ;
2003-07-23 07:59:57 +04:00
# endif
2005-08-26 07:23:48 +04:00
/* PRINTFLIKE2 */
2003-01-03 06:24:23 +03:00
void sys_adminlog ( int priority , const char * format_str , . . . ) PRINTF_ATTRIBUTE ( 2 , 3 ) ;
2005-08-26 07:23:48 +04:00
/* PRINTFLIKE2 */
2003-01-03 06:24:23 +03:00
int pstr_sprintf ( pstring s , const char * fmt , . . . ) PRINTF_ATTRIBUTE ( 2 , 3 ) ;
2005-08-26 07:23:48 +04:00
/* PRINTFLIKE2 */
2003-01-03 06:24:23 +03:00
int fstr_sprintf ( fstring s , const char * fmt , . . . ) PRINTF_ATTRIBUTE ( 2 , 3 ) ;
int d_vfprintf ( FILE * f , const char * format , va_list ap ) PRINTF_ATTRIBUTE ( 2 , 0 ) ;
int smb_xvasprintf ( char * * ptr , const char * format , va_list ap ) PRINTF_ATTRIBUTE ( 2 , 0 ) ;
2001-04-28 18:01:02 +04:00
/* we used to use these fns, but now we have good replacements
for snprintf and vsnprintf */
# define slprintf snprintf
# define vslprintf vsnprintf
2002-07-15 14:35:28 +04:00
/* we need to use __va_copy() on some platforms */
# ifdef HAVE_VA_COPY
2003-10-24 21:58:30 +04:00
# define VA_COPY(dest, src) va_copy(dest, src)
# else
# ifdef HAVE___VA_COPY
2002-07-15 14:35:28 +04:00
# define VA_COPY(dest, src) __va_copy(dest, src)
# else
# define VA_COPY(dest, src) (dest) = (src)
# endif
2003-10-24 21:58:30 +04:00
# endif
2002-07-15 14:35:28 +04:00
2002-11-09 19:57:45 +03:00
# ifndef HAVE_TIMEGM
time_t timegm ( struct tm * tm ) ;
# endif
2002-12-31 02:55:53 +03:00
/*
* Veritas File System . Often in addition to native .
* Quotas different .
*/
# if defined(HAVE_SYS_FS_VX_QUOTA_H)
# define VXFS_QUOTA
# endif
2003-01-20 01:27:32 +03:00
# if defined(HAVE_KRB5)
2006-04-24 20:29:55 +04:00
krb5_error_code smb_krb5_parse_name ( krb5_context context ,
const char * name , /* in unix charset */
krb5_principal * principal ) ;
krb5_error_code smb_krb5_unparse_name ( krb5_context context ,
krb5_const_principal principal ,
char * * unix_name ) ;
2003-08-15 23:29:08 +04:00
# ifndef HAVE_KRB5_SET_REAL_TIME
2003-01-20 01:27:32 +03:00
krb5_error_code krb5_set_real_time ( krb5_context context , int32_t seconds , int32_t microseconds ) ;
# endif
# ifndef HAVE_KRB5_SET_DEFAULT_TGS_KTYPES
krb5_error_code krb5_set_default_tgs_ktypes ( krb5_context ctx , const krb5_enctype * enc ) ;
# endif
2003-01-30 23:36:44 +03:00
# if defined(HAVE_KRB5_AUTH_CON_SETKEY) && !defined(HAVE_KRB5_AUTH_CON_SETUSERUSERKEY)
krb5_error_code krb5_auth_con_setuseruserkey ( krb5_context context , krb5_auth_context auth_context , krb5_keyblock * keyblock ) ;
# endif
2004-06-19 04:56:50 +04:00
# ifndef HAVE_KRB5_FREE_UNPARSED_NAME
void krb5_free_unparsed_name ( krb5_context ctx , char * val ) ;
2004-06-19 04:54:54 +04:00
# endif
2003-01-30 07:40:12 +03:00
/* Samba wrapper function for krb5 functionality. */
2003-01-21 16:33:31 +03:00
void setup_kaddr ( krb5_address * pkaddr , struct sockaddr * paddr ) ;
2003-02-19 18:48:12 +03:00
int create_kerberos_key_from_string ( krb5_context context , krb5_principal host_princ , krb5_data * password , krb5_keyblock * key , krb5_enctype enctype ) ;
2004-11-01 21:44:15 +03:00
int create_kerberos_key_from_string_direct ( krb5_context context , krb5_principal host_princ , krb5_data * password , krb5_keyblock * key , krb5_enctype enctype ) ;
2005-09-30 21:13:37 +04:00
BOOL get_auth_data_from_tkt ( TALLOC_CTX * mem_ctx , DATA_BLOB * auth_data , krb5_ticket * tkt ) ;
2003-01-30 23:36:44 +03:00
krb5_const_principal get_principal_from_tkt ( krb5_ticket * tkt ) ;
krb5_error_code krb5_locate_kdc ( krb5_context ctx , const krb5_data * realm , struct sockaddr * * addr_pp , int * naddrs , int get_masters ) ;
2003-02-19 18:48:12 +03:00
krb5_error_code get_kerberos_allowed_etypes ( krb5_context context , krb5_enctype * * enctypes ) ;
void free_kerberos_etypes ( krb5_context context , krb5_enctype * enctypes ) ;
Changes all over the shop, but all towards:
- NTLM2 support in the server
- KEY_EXCH support in the server
- variable length session keys.
In detail:
- NTLM2 is an extension of NTLMv1, that is compatible with existing
domain controllers (unlike NTLMv2, which requires a DC upgrade).
* This is known as 'NTLMv2 session security' *
(This is not yet implemented on the RPC pipes however, so there may
well still be issues for PDC setups, particuarly around password
changes. We do not fully understand the sign/seal implications of
NTLM2 on RPC pipes.)
This requires modifications to our authentication subsystem, as we
must handle the 'challege' input into the challenge-response algorithm
being changed. This also needs to be turned off for
'security=server', which does not support this.
- KEY_EXCH is another 'security' mechanism, whereby the session key
actually used by the server is sent by the client, rather than being
the shared-secret directly or indirectly.
- As both these methods change the session key, the auth subsystem
needed to be changed, to 'override' session keys provided by the
backend.
- There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation.
- The 'names blob' in NTLMSSP is always in unicode - never in ascii.
Don't make an ascii version ever.
- The other big change is to allow variable length session keys. We
have always assumed that session keys are 16 bytes long - and padded
to this length if shorter. However, Kerberos session keys are 8 bytes
long, when the krb5 login uses DES.
* This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. *
- Add better DEBUG() messages to ntlm_auth, warning administrators of
misconfigurations that prevent access to the privileged pipe. This
should help reduce some of the 'it just doesn't work' issues.
- Fix data_blob_talloc() to behave the same way data_blob() does when
passed a NULL data pointer. (just allocate)
REMEMBER to make clean after this commit - I have changed plenty of data structures...
(This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)
2003-11-22 16:19:38 +03:00
BOOL get_krb5_smb_session_key ( krb5_context context , krb5_auth_context auth_context , DATA_BLOB * session_key , BOOL remote ) ;
2004-08-11 13:34:30 +04:00
krb5_error_code smb_krb5_kt_free_entry ( krb5_context context , krb5_keytab_entry * kt_entry ) ;
2004-11-01 21:44:15 +03:00
krb5_principal kerberos_fetch_salt_princ_for_host_princ ( krb5_context context , krb5_principal host_princ , int enctype ) ;
2004-11-03 03:29:09 +03:00
void kerberos_set_creds_enctype ( krb5_creds * pcreds , int enctype ) ;
BOOL kerberos_compatible_enctypes ( krb5_context context , krb5_enctype enctype1 , krb5_enctype enctype2 ) ;
void kerberos_free_data_contents ( krb5_context context , krb5_data * pdata ) ;
2005-10-01 13:43:53 +04:00
NTSTATUS decode_pac_data ( TALLOC_CTX * mem_ctx ,
DATA_BLOB * pac_data_blob ,
krb5_context context ,
krb5_keyblock * service_keyblock ,
krb5_const_principal client_principal ,
time_t tgs_authtime ,
PAC_DATA * * pac_data ) ;
void smb_krb5_checksum_from_pac_sig ( krb5_checksum * cksum ,
PAC_SIGNATURE_DATA * sig ) ;
krb5_error_code smb_krb5_verify_checksum ( krb5_context context ,
krb5_keyblock * keyblock ,
krb5_keyusage usage ,
krb5_checksum * cksum ,
uint8 * data ,
size_t length ) ;
time_t get_authtime_from_tkt ( krb5_ticket * tkt ) ;
void smb_krb5_free_ap_req ( krb5_context context ,
krb5_ap_req * ap_req ) ;
krb5_error_code smb_krb5_get_keyinfo_from_ap_req ( krb5_context context ,
const krb5_data * inbuf ,
krb5_kvno * kvno ,
krb5_enctype * enctype ) ;
krb5_error_code krb5_rd_req_return_keyblock_from_keytab ( krb5_context context ,
krb5_auth_context * auth_context ,
const krb5_data * inbuf ,
krb5_const_principal server ,
krb5_keytab keytab ,
krb5_flags * ap_req_options ,
krb5_ticket * * ticket ,
krb5_keyblock * * keyblock ) ;
krb5_error_code smb_krb5_parse_name_norealm ( krb5_context context ,
const char * name ,
krb5_principal * principal ) ;
BOOL smb_krb5_principal_compare_any_realm ( krb5_context context ,
krb5_const_principal princ1 ,
krb5_const_principal princ2 ) ;
int cli_krb5_get_ticket ( const char * principal , time_t time_offset ,
2006-02-04 01:19:41 +03:00
DATA_BLOB * ticket , DATA_BLOB * session_key_krb5 , uint32 extra_ap_opts , const char * ccname ) ;
2005-10-20 12:13:00 +04:00
PAC_LOGON_INFO * get_logon_info_from_pac ( PAC_DATA * pac_data ) ;
2006-02-04 01:19:41 +03:00
krb5_error_code smb_krb5_renew_ticket ( const char * ccache_string , const char * client_string , const char * service_string , time_t * new_start_time ) ;
krb5_error_code kpasswd_err_to_krb5_err ( krb5_error_code res_code ) ;
2006-04-25 16:24:25 +04:00
krb5_error_code smb_krb5_gen_netbios_krb5_address ( smb_krb5_addresses * * kerb_addr ) ;
krb5_error_code smb_krb5_free_addresses ( krb5_context context , smb_krb5_addresses * addr ) ;
2006-03-09 17:51:40 +03:00
NTSTATUS krb5_to_nt_status ( krb5_error_code kerberos_error ) ;
krb5_error_code nt_status_to_krb5 ( NTSTATUS nt_status ) ;
2006-06-16 01:45:10 +04:00
void smb_krb5_free_error ( krb5_context context , krb5_error * krberror ) ;
krb5_error_code handle_krberror_packet ( krb5_context context ,
krb5_data * packet ) ;
2003-01-20 01:27:32 +03:00
# endif /* HAVE_KRB5 */
2004-07-14 17:32:30 +04:00
# ifdef HAVE_LDAP
/* function declarations not included in proto.h */
LDAP * ldap_open_with_timeout ( const char * server , int port , unsigned int to ) ;
# endif /* HAVE_LDAP */
2003-04-14 05:19:58 +04:00
/* TRUE and FALSE are part of the C99 standard and gcc, but
unfortunately many vendor compilers don ' t support them . Use True
and False instead . */
# ifdef TRUE
# undef TRUE
# endif
# define TRUE __ERROR__XX__DONT_USE_TRUE
2000-07-06 10:59:27 +04:00
2003-04-14 05:19:58 +04:00
# ifdef FALSE
# undef FALSE
# endif
# define FALSE __ERROR__XX__DONT_USE_FALSE
2003-10-21 08:08:32 +04:00
/* If we have blacklisted mmap() try to avoid using it accidentally by
undefining the HAVE_MMAP symbol . */
# ifdef MMAP_BLACKLIST
# undef HAVE_MMAP
# endif
2005-03-31 09:06:04 +04:00
# define CONST_DISCARD(type, ptr) ((type) ((void *) (ptr)))
# define CONST_ADD(type, ptr) ((type) ((const void *) (ptr)))
2006-03-28 19:50:13 +04:00
# ifndef NORETURN_ATTRIBUTE
# if (__GNUC__ >= 3)
# define NORETURN_ATTRIBUTE __attribute__ ((noreturn))
# else
# define NORETURN_ATTRIBUTE
# endif
# endif
void smb_panic ( const char * why ) NORETURN_ATTRIBUTE ;
2006-04-04 04:27:50 +04:00
void dump_core ( void ) NORETURN_ATTRIBUTE ;
void exit_server ( const char * const reason ) NORETURN_ATTRIBUTE ;
2006-04-11 02:47:09 +04:00
void exit_server_cleanly ( const char * const reason ) NORETURN_ATTRIBUTE ;
2006-04-04 04:27:50 +04:00
void exit_server_fault ( void ) NORETURN_ATTRIBUTE ;
2003-04-14 05:19:58 +04:00
# endif /* _INCLUDES_H */