sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-07-30 19:42:05 +03:00
Code Activity

2nd phase of head branch sync with SAMBA_2_0 - this delets all the files that were in the head branch but weren't in SAMBA_2_0

Browse Source 
(This used to be commit d7b2087865)
This commit is contained in:
Andrew Tridgell
1999-12-13 13:35:20 +00:00
parent 3db52feb1f
commit 32a965e09c
137 changed files with 0 additions and 47004 deletions
Download Patch File Download Diff File Expand all files Collapse all files

673
source3/passdb/mysqlpass.c
View File

@ -1,673 +0,0 @@
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
* Samba MYSQL SAM Database, by Benjamin Kuit.
* Copyright (C) Benjamin Kuit 1999,
* Copyright (C) Andrew Tridgell 1992-1999,
* Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#if defined(HAVE_MYSQL_H) && defined(WITH_MYSQLSAM)
#include "includes.h"
extern int DEBUGLEVEL;
#define UNIX_NAME(row) ((*row)[0])
#define UNIX_UID(row) ((*row)[1])
#define NT_NAME(row) ((*row)[2])
#define RID(row) ((*row)[3])
#define LM_HASH(row) ((*row)[4])
#define NT_HASH(row) ((*row)[5])
#define FLAGS(row) ((*row)[6])
#define CHANGE_TIME(row) ((*row)[7])
static fstring mysql_table = { 0 };
struct mysql_struct {
MYSQL handle;
MYSQL_RES *result;
uint current_row;
};
typedef struct mysql_struct mysql_ctrl;
static char *mysql_retrieve_password(char *passfile)
{
static fstring pass;
static time_t last_checked = (time_t)0;
static char pass_chars[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!@#$%^&*()_-+=|~`\\{}[]:;\"'?/>.<,";
fstring temppass;
FILE *filep;
int length;
DEBUG(5,("%s\n",FUNCTION_MACRO));
if ( passfile == NULL ) {
pass[0]=0;
return pass;
}
if ( time(NULL) - last_checked <= 60 ) {
return pass;
}
if ( file_modtime(passfile) < last_checked ) {
return pass;
}
filep = sys_fopen(passfile,"r");
if ( filep == NULL ) {
return pass;
}
memset(temppass,0,sizeof(temppass));
if ( fgets( temppass, sizeof(temppass)-1, filep) == NULL ) {
fclose(filep);
return pass;
}
fclose(filep);
length = strspn( temppass, pass_chars );
temppass[length<sizeof(temppass)-1?length:sizeof(temppass)-1] = '\0';
fstrcpy( pass, temppass );
last_checked = time(NULL);
return pass;
}
static int mysql_db_connect( MYSQL *handle )
{
char *password;
DEBUG(5,("%s\n",FUNCTION_MACRO));
password = mysql_retrieve_password(lp_mysql_passfile());
if ( !mysql_connect(handle, lp_mysql_host(), lp_mysql_user(), password) ) {
DEBUG(0,("mysql_connect: %s\n",mysql_error(handle)));
return -1;
}
if ( mysql_select_db( handle, lp_mysql_db()) ) {
DEBUG(0,("mysql_connect: %s\n",mysql_error(handle)));
mysql_close(handle);
return -1;
}
fstrcpy(mysql_table,lp_mysql_table());
return 0;
}
static int mysql_lock_table( MYSQL *handle, BOOL write_access )
{
fstring query;
DEBUG(5,("%s\n",FUNCTION_MACRO));
slprintf( query, sizeof(query), "lock tables %s %s", mysql_table, write_access==True?"write":"read");
if ( mysql_query( handle, query ) ) {
DEBUG(0,("Cannot get lock: %s: %s\n",query,mysql_error(handle) ));
return -1;
}
return 0;
}
int mysql_db_lock_connect( MYSQL *handle )
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
if ( mysql_db_connect( handle ) ) {
return -1;
}
if ( mysql_lock_table( handle, True ) ) {
mysql_close( handle );
return -1;
}
return 0;
}
static MYSQL_RES *mysql_select_results( MYSQL *handle, char *selection )
{
MYSQL_RES *result;
pstring query;
int query_length;
char select[] = "select ";
char where[] = " where ";
char from[] = " from ";
char mysql_query_string[] = "unix_name, unix_uid, nt_name, user_rid, smb_passwd, smb_nt_passwd, acct_ctrl, pass_last_set_time";
DEBUG(5,("%s\n",FUNCTION_MACRO));
query_length = sizeof( select ) + sizeof( mysql_query_string ) + sizeof(from ) + strlen( mysql_table );
if ( selection != NULL && *selection != '\0' ) {
query_length += sizeof( where ) + strlen( selection );
}
if ( query_length >= sizeof( query ) ) {
DEBUG(0,("Query string too long\n"));
return NULL;
}
pstrcpy( query, select);
pstrcat( query, mysql_query_string );
pstrcat( query, from );
pstrcat( query, mysql_table );
if ( selection != NULL && *selection != '\0' ) {
pstrcat( query, where );
pstrcat( query, selection );
}
DEBUG(5,("mysql> %s\n",query));
if ( mysql_query( handle, query ) ) {
DEBUG(0,("%s: %s\n", query, mysql_error(handle) ));
return NULL;
}
result = mysql_store_result( handle );
if ( mysql_num_fields( result ) != 8 ) {
DEBUG(0,("mysql_num_result = %d (!=8)\n",mysql_num_fields( result )));
return NULL;
}
if ( result == NULL ) {
DEBUG(0,("mysql_store_result: %s\n",mysql_error(handle)));
return NULL;
}
return result;
}
void *mysql_startpwent( BOOL update )
{
mysql_ctrl *mysql;
DEBUG(5,("%s\n",FUNCTION_MACRO));
mysql = (mysql_ctrl *)malloc( sizeof(mysql_ctrl) );
if ( mysql == NULL ) {
DEBUG(0,("malloc: Out of memory\n"));
return NULL;
}
memset( mysql, 0, sizeof(mysql_ctrl) );
if ( mysql_db_connect( &mysql->handle ) ) {
return NULL;
}
if ( mysql_lock_table( &mysql->handle, update ) ) {
mysql_close( &mysql->handle );
return NULL;
}
mysql->result = mysql_select_results( &mysql->handle, NULL );
if ( mysql->result == NULL ) {
mysql_close( &mysql->handle );
return NULL;
}
mysql->current_row = 0;
return (void*)mysql;
}
void mysql_endpwent( void *ptr )
{
mysql_ctrl *handle;
DEBUG(5,("%s\n",FUNCTION_MACRO));
handle = (mysql_ctrl *)ptr;
mysql_free_result( handle->result );
mysql_close( &handle->handle );
free( handle );
}
SMB_BIG_UINT mysql_getpwpos(void *vp)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
return ((mysql_ctrl *)vp)->current_row;
}
BOOL mysql_setpwpos(void *vp, SMB_BIG_UINT pos)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
mysql_data_seek( ((mysql_ctrl*)vp)->result, (uint)pos );
((mysql_ctrl *)vp)->current_row=(uint)pos;
return True;
}
static void quote_hash( char *target, unsigned char *passwd )
{
char hex[] = "0123456789ABCDEF";
int i;
DEBUG(5,("%s\n",FUNCTION_MACRO));
if ( passwd == NULL ) {
fstrcpy(target,"NULL");
}
else {
target[0]='\'';
for (i=0;i<32;i++) {
target[i+1] = hex[(passwd[i>>1]>>(((~i)&1)<<2))&15];
}
target[33] = '\'';
target[34] = '\0';
}
}
static unsigned char *decode_hash( char *hash, unsigned char *buffer )
{
char hex[] = "0123456789ABCDEF";
int pos, v1, v2;
DEBUG(5,("%s\n",FUNCTION_MACRO));
if ( hash == NULL ) {
return NULL;
}
for (pos=0;pos<16;pos++) {
for( v1 = 0; v1 < sizeof(hex) && hash[0] != hex[v1]; v1++ );
for( v2 = 0; v2 < sizeof(hex) && hash[1] != hex[v2]; v2++ );
if ( v1 == sizeof(hex) || v2 == sizeof(hex) ) {
return NULL;
}
buffer[pos] = (v1<<4)|v2;
hash += 2;
}
return buffer;
}
void *mysql_fill_smb_passwd( MYSQL_ROW *row )
{
static struct smb_passwd pw_buf;
static fstring unix_name;
static fstring nt_name;
static unsigned char smbpwd[16];
static unsigned char smbntpwd[16];
DEBUG(5,("%s\n",FUNCTION_MACRO));
pwdb_init_smb(&pw_buf);
fstrcpy( unix_name, UNIX_NAME(row) );
pw_buf.unix_name = unix_name;
pw_buf.unix_uid = get_number( UNIX_UID(row) );
if ( NT_NAME(row) != NULL ) {
fstrcpy( nt_name, NT_NAME(row) );
pw_buf.nt_name = nt_name;
}
if ( RID(row) != NULL ) {
pw_buf.user_rid = get_number( RID(row) );
}
pw_buf.smb_passwd = decode_hash( LM_HASH(row), smbpwd );
if ( !pw_buf.smb_passwd ) {
DEBUG(4, ("entry invalidated for unix user %s\n", unix_name ));
return NULL;
}
pw_buf.smb_nt_passwd = decode_hash( NT_HASH(row), smbntpwd );
if ( FLAGS(row) != NULL ) {
pw_buf.acct_ctrl = get_number( FLAGS(row) );
}
if ( pw_buf.acct_ctrl == 0 ) {
pw_buf.acct_ctrl = ACB_NORMAL;
}
pw_buf.pass_last_set_time = get_number( CHANGE_TIME(row) );
return (void*)&pw_buf;
}
MYSQL_ROW *mysql_getpwent(void *vp)
{
mysql_ctrl *mysql;
static MYSQL_ROW row;
DEBUG(5,("%s\n",FUNCTION_MACRO));
mysql = (mysql_ctrl*)vp;
row = mysql_fetch_row( mysql->result );
if ( row == NULL ) {
return NULL;
}
mysql->current_row++;
return &row;
}
struct smb_passwd *mysql_getsmbpwent(void *vp)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
return (struct smb_passwd*)mysql_fill_smb_passwd( mysql_getpwent(vp) );
}
void *mysql_fetch_passwd( void *(*filler)(MYSQL_ROW*), char *where )
{
void *retval;
MYSQL handle;
MYSQL_RES *result;
MYSQL_ROW row;
DEBUG(5,("%s\n",FUNCTION_MACRO));
if ( filler == NULL ) {
return NULL;
}
if ( where == NULL || *where == '\0' ) {
DEBUG(0,("Null or empty query\n"));
return NULL;
}
if ( mysql_db_connect( &handle ) ) {
return NULL;
}
result = mysql_select_results( &handle, where );
if ( result == NULL ) {
mysql_close( &handle );
return NULL;
}
row = mysql_fetch_row ( result );
if ( row == NULL ) {
mysql_free_result( result );
mysql_close( &handle );
return NULL;
}
if ( DEBUGLEVEL >= 7 ) {
int field;
for (field=0; field< mysql_num_fields( result ); field++ ) {
DEBUG(7,(" row[%d] = \"%s\"\n",field,row[field]?row[field]:"NULL"));
}
}
retval = (*filler)( &row );
mysql_free_result( result );
mysql_close( &handle );
return retval;
}
void *mysql_getpwuid(void *(*filler)(MYSQL_ROW *), uid_t uid)
{
fstring where;
DEBUG(5,("%s\n",FUNCTION_MACRO));
slprintf( where, sizeof(where), "unix_uid=%lu", uid);
return mysql_fetch_passwd(filler,where);
}
struct smb_passwd *mysql_getsmbpwuid(uid_t uid)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
return (struct smb_passwd *)mysql_getpwuid( mysql_fill_smb_passwd, uid );
}
void *mysql_getpwnam(void *(*filler)(MYSQL_ROW *), char *field, const char *name)
{
fstring where;
char format[] = "%s='%s'";
DEBUG(5,("%s\n",FUNCTION_MACRO));
if ( filler == NULL ) {
DEBUG(0,("Empty fill opteration\n"));
return NULL;
}
if ( field == NULL || *field == '\0' ) {
DEBUG(0,("Empty or NULL field name\n"));
return NULL;
}
if ( name == NULL || *name == '\0' ) {
DEBUG(0,("Empty or NULL query\n"));
return NULL;
}
if ( sizeof(format) + strlen(name) + strlen(field) > sizeof(where) ) {
DEBUG(0,("Query string too long\n"));
return NULL;
}
slprintf(where, sizeof( where ), format, field, name );
return mysql_fetch_passwd( filler, where );
}
struct smb_passwd *mysql_getsmbpwnam(const char *unix_name)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
return mysql_getpwnam( mysql_fill_smb_passwd, "unix_name", unix_name );
}
static void quote_string(char *target, char *string)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
if ( string == NULL ) {
fstrcpy( target, "NULL" );
}
else {
target[0] = '\'';
safe_strcpy(&target[1],string,sizeof(fstring)-2);
safe_strcpy(&target[strlen(target)],"'",2);
}
}
BOOL mysql_del_smb( MYSQL *handle, char *unix_name )
{
pstring query;
char format[] = "delete from %s where unix_name='%s'";
DEBUG(5,("%s\n",FUNCTION_MACRO));
if (strlen( format ) + strlen(mysql_table) + strlen(unix_name)) {
return False;
}
slprintf( query, sizeof(query), format, mysql_table, unix_name);
if ( mysql_query( handle, query ) ) {
DEBUG(0,("%s: %s\n", query, mysql_error(handle) ));
return False;
}
return True;
}
BOOL mysql_add_smb( MYSQL *handle, struct smb_passwd *smb )
{
pstring query;
char format[] = "insert into %s (unix_name, unix_uid) values ( '%s', %lu )";
DEBUG(5,("%s\n",FUNCTION_MACRO));
if ( strlen(format) + strlen(mysql_table) + strlen(smb->unix_name) + 10 > sizeof(query) ) {
DEBUG(0,("Query too long\n"));
return False;
}
slprintf( query, sizeof(query), "insert into %s (unix_name,unix_uid) values ('%s', %lu)", mysql_table, smb->unix_name, smb->unix_uid);
if ( mysql_query( handle, query ) ) {
DEBUG(0,("%s: %s\n",query,mysql_error(handle) ));
return False;
}
return True;
}
BOOL mysql_mod_smb( MYSQL *handle, struct smb_passwd *smb, BOOL override )
{
pstring query;
fstring smb_passwd;
fstring smb_nt_passwd;
fstring nt_name;
char format[] = "update %s set nt_name=%s, user_rid=%lu, smb_passwd=%s, smb_nt_passwd=%s, acct_ctrl=%u, pass_last_set_time=unix_timestamp() where unix_name='%s'";
char extra[] = " and not ISNULL(smb_passwd)";
DEBUG(5,("%s\n",FUNCTION_MACRO));
if ( strlen(format) + 2*20 + 3*10 + 2*32 + strlen(mysql_table) >= sizeof( query ) + strlen( extra ) ) {
DEBUG(0,("Query string too long\n"));
return False;
}
quote_hash(smb_passwd, smb->smb_passwd);
quote_hash(smb_nt_passwd, smb->smb_nt_passwd);
quote_string(nt_name, smb->nt_name);
slprintf( query, sizeof(query), format, mysql_table, nt_name, (long unsigned)smb->user_rid, smb_passwd, smb_nt_passwd, smb->acct_ctrl, smb->unix_name);
if ( override != True ) {
pstrcat( query, extra );
}
if ( mysql_query( handle, query ) ) {
DEBUG(0,("%s: %s\n",query,mysql_error(handle) ));
return False;
}
if ( mysql_affected_rows( handle ) < 1 ) {
DEBUG(3,("No entries changed\n"));
return False;
}
return True;
}
BOOL mysql_add_smbpwd_entry(struct smb_passwd *smb)
{
MYSQL handle;
DEBUG(5,("%s\n",FUNCTION_MACRO));
if ( smb == NULL ) {
return False;
}
if ( mysql_db_lock_connect( &handle ) ) {
return False;
}
if ( !mysql_add_smb( &handle, smb ) ) {
mysql_close( &handle );
return False;
}
if ( !mysql_mod_smb( &handle, smb, True ) ) {
mysql_del_smb( &handle, smb->unix_name );
mysql_close( &handle );
return False;
}
mysql_close(&handle);
return True;
}
BOOL mysql_mod_smbpwd_entry(struct smb_passwd *smb, BOOL override)
{
MYSQL handle;
DEBUG(5,("%s\n",FUNCTION_MACRO));
if ( smb == NULL ) {
return False;
}
if ( mysql_db_lock_connect( &handle ) ) {
return False;
}
if ( !mysql_mod_smb( &handle, smb, override ) ) {
mysql_close(&handle);
return False;
}
mysql_close(&handle);
return True;
}
static struct smb_passdb_ops mysql_ops = {
mysql_startpwent,
mysql_endpwent,
mysql_getpwpos,
mysql_setpwpos,
mysql_getsmbpwnam,
mysql_getsmbpwuid,
mysql_getsmbpwent,
mysql_add_smbpwd_entry,
mysql_mod_smbpwd_entry
};
struct smb_passdb_ops *mysql_initialise_password_db(void)
{
(void*)mysql_retrieve_password(NULL);
return &mysql_ops;
}
#else
void mysql_dummy_smb_function(void) { }
#endif

260
source3/passdb/mysqlsampass.c
View File

@ -1,260 +0,0 @@
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
* Samba MYSQL SAM Database, by Benjamin Kuit.
* Copyright (C) Benjamin Kuit 1999,
* Copyright (C) Andrew Tridgell 1992-1999,
* Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#if defined(HAVE_MYSQL_H) && defined(WITH_MYSQLSAM)
#include "includes.h"
MYSQL_ROW *mysql_getpwent(void *vp);
extern int DEBUGLEVEL;
extern pstring samlogon_user;
extern BOOL sam_logon_in_ssb;
void *mysql_fill_sam_passwd( MYSQL_ROW *row )
{
static struct sam_passwd *user;
static pstring full_name;
static pstring home_dir;
static pstring home_drive;
static pstring logon_script;
static pstring profile_path;
static pstring acct_desc;
static pstring workstations;
DEBUG(5,("%s\n",FUNCTION_MACRO));
user = pwdb_smb_to_sam((struct smb_passwd *)mysql_fill_smb_passwd(row));
if ( user == NULL ) {
return NULL;
}
/* 'Researched' from sampass.c =) */
pstrcpy(samlogon_user, user->unix_name);
if (samlogon_user[strlen(samlogon_user)-1] == '$' &&
user->group_rid != DOMAIN_GROUP_RID_USERS)
{
DEBUG(0,("trust account %s should be in DOMAIN_GROUP_RID_USERS\n", samlogon_user));
}
/* XXXX hack to get standard_sub_basic() to use sam logon username */
/* possibly a better way would be to do a become_user() call */
sam_logon_in_ssb = True;
pstrcpy(full_name , "");
pstrcpy(logon_script , lp_logon_script ());
pstrcpy(profile_path , lp_logon_path ());
pstrcpy(home_drive , lp_logon_drive ());
pstrcpy(home_dir , lp_logon_home ());
pstrcpy(acct_desc , "");
pstrcpy(workstations , "");
sam_logon_in_ssb = False;
user->full_name = full_name;
user->home_dir = home_dir;
user->dir_drive = home_drive;
user->logon_script = logon_script;
user->profile_path = profile_path;
user->acct_desc = acct_desc;
user->workstations = workstations;
user->unknown_str = NULL; /* don't know, yet! */
user->munged_dial = NULL; /* "munged" dial-back telephone number */
user->unknown_3 = 0xffffff; /* don't know */
user->logon_divs = 168; /* hours per week */
user->hours_len = 21; /* 21 times 8 bits = 168 */
memset(user->hours, 0xff, user->hours_len); /* available at all hours */
user->unknown_5 = 0x00020000; /* don't know */
user->unknown_6 = 0x000004ec; /* don't know */
return (void*)user;
}
struct sam_passwd *mysql_getsampwent(void *vp)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
return (struct sam_passwd*)mysql_fill_sam_passwd( mysql_getpwent(vp) );
}
struct sam_passwd *mysql_getsampwrid(uint32 rid)
{
fstring where;
DEBUG(5,("%s\n",FUNCTION_MACRO));
slprintf( where, sizeof(where), "user_rid=%lu", (long unsigned)rid);
return (struct sam_passwd *)mysql_fetch_passwd( mysql_fill_sam_passwd, where );
}
struct sam_passwd *mysql_getsampwuid(uid_t uid)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
return (struct sam_passwd *)mysql_getpwuid( mysql_fill_sam_passwd, uid );
}
struct sam_passwd *mysql_getsampwntnam(const char *nt_name)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
return (struct sam_passwd *)mysql_getpwnam( mysql_fill_sam_passwd, "nt_name", nt_name);
}
struct sam_disp_info *mysql_getsamdispntnam(const char *nt_name)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
return pwdb_sam_to_dispinfo(mysql_getsampwntnam(nt_name));
}
struct sam_disp_info *mysql_getsamdisprid(uint32 rid)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
return pwdb_sam_to_dispinfo(mysql_getsampwrid(rid));
}
struct sam_disp_info *mysql_getsamdispent(void *vp)
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
return pwdb_sam_to_dispinfo(mysql_getsampwent(vp));
}
static BOOL mysql_mod_sam( MYSQL *handle, struct sam_passwd *sam, BOOL override )
{
DEBUG(5,("%s\n",FUNCTION_MACRO));
return True;
}
BOOL mysql_add_sampwd_entry(struct sam_passwd *sam)
{
MYSQL handle;
struct smb_passwd *smb;
DEBUG(5,("%s\n",FUNCTION_MACRO));
smb = pwdb_sam_to_smb( sam );
if ( smb == NULL ) {
return False;
}
if ( mysql_db_lock_connect( &handle ) ) {
return False;
}
if ( !mysql_add_smb( &handle, smb ) ) {
mysql_close(&handle);
return False;
}
if ( !mysql_mod_smb( &handle, smb, True ) ) {
mysql_del_smb( &handle, smb->unix_name );
mysql_close(&handle);
return False;
}
if ( !mysql_mod_sam( &handle, sam, True ) ) {
mysql_del_smb( &handle, smb->unix_name );
mysql_close(&handle);
return False;
}
mysql_close(&handle);
return True;
}
BOOL mysql_mod_sampwd_entry(struct sam_passwd *sam, BOOL override)
{
MYSQL handle;
struct smb_passwd *smb;
DEBUG(5,("%s\n",FUNCTION_MACRO));
smb = pwdb_sam_to_smb(sam);
if ( smb == NULL ) {
return False;
}
if ( mysql_db_lock_connect( &handle ) ) {
return False;
}
if ( !mysql_mod_smb( &handle, smb, override ) ) {
mysql_close(&handle);
return False;
}
if ( !mysql_mod_sam( &handle, sam, override ) ) {
mysql_close(&handle);
return False;
}
mysql_close(&handle);
return True;
}
static struct sam_passdb_ops sam_mysql_ops =
{
mysql_startpwent,
mysql_endpwent,
mysql_getpwpos,
mysql_setpwpos,
mysql_getsampwntnam,
mysql_getsampwuid,
mysql_getsampwrid,
mysql_getsampwent,
mysql_add_sampwd_entry,
mysql_mod_sampwd_entry,
mysql_getsamdispntnam,
mysql_getsamdisprid,
mysql_getsamdispent
};
struct sam_passdb_ops *mysql_initialise_sam_password_db(void)
{
return &sam_mysql_ops;
}
#else
void mysql_dummy_sam_function(void) { }
#endif

190
source3/passdb/passgrpldap.c
View File

@ -1,190 +0,0 @@
/*
Unix SMB/Netbios implementation.
Version 2.0.
LDAP passgrp database for SAMBA
Copyright (C) Matthew Chapman 1998
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#ifdef WITH_LDAP
#include <lber.h>
#include <ldap.h>
extern int DEBUGLEVEL;
/* Internal state */
extern LDAP *ldap_struct;
extern LDAPMessage *ldap_results;
extern LDAPMessage *ldap_entry;
/***************************************************************
Enumerate RIDs of groups which user is a member of, of type
given by attribute.
****************************************************************/
static void ldappassgrp_member(char *attribute, uint32 **rids, int *numrids)
{
char **values;
uint32 *ridlist;
int i;
if((values = ldap_get_values(ldap_struct, ldap_entry, attribute))) {
*numrids = i = ldap_count_values(values);
*rids = ridlist = malloc(i * sizeof(uint32));
do {
ridlist[--i] = atoi(values[i]);
} while(i > 0);
ldap_value_free(values);
} else {
*numrids = 0;
*rids = NULL;
}
}
/***************************************************************
Begin/end smbgrp enumeration.
****************************************************************/
static void *ldappassgrp_enumfirst(BOOL update)
{
if (!ldap_connect())
return NULL;
ldap_search_for("&(objectclass=sambaAccount)(|(group=*)(alias=*))");
return ldap_struct;
}
static void ldappassgrp_enumclose(void *vp)
{
ldap_disconnect();
}
/*************************************************************************
Save/restore the current position in a query
*************************************************************************/
static SMB_BIG_UINT ldappassgrp_getdbpos(void *vp)
{
return (SMB_BIG_UINT)((ulong)ldap_entry);
}
static BOOL ldappassgrp_setdbpos(void *vp, SMB_BIG_UINT tok)
{
ldap_entry = (LDAPMessage *)((ulong)tok);
return (True);
}
/*************************************************************************
Return limited smb_passwd information, and group membership.
*************************************************************************/
static struct smb_passwd *ldappassgrp_getpwbynam(const char *name,
uint32 **grp_rids, int *num_grps,
uint32 **als_rids, int *num_alss)
{
struct smb_passwd *ret;
if(!ldap_connect())
return NULL;
ldap_search_by_ntname(name);
ldappassgrp_member("group", grp_rids, num_grps);
ldappassgrp_member("alias", als_rids, num_alss);
ret = ldap_getpw();
ldap_disconnect();
return ret;
}
static struct smb_passwd *ldappassgrp_getpwbyuid(uid_t userid,
uint32 **grp_rids, int *num_grps,
uint32 **als_rids, int *num_alss)
{
struct smb_passwd *ret;
if(!ldap_connect())
return NULL;
ldap_search_by_uid(userid);
ldappassgrp_member("group", grp_rids, num_grps);
ldappassgrp_member("alias", als_rids, num_alss);
ret = ldap_getpw();
ldap_disconnect();
return ret;
}
static struct smb_passwd *ldappassgrp_getpwbyrid(uint32 user_rid,
uint32 **grp_rids, int *num_grps,
uint32 **als_rids, int *num_alss)
{
struct smb_passwd *ret;
if(!ldap_connect())
return NULL;
ldap_search_by_rid(user_rid);
ldappassgrp_member("group", grp_rids, num_grps);
ldappassgrp_member("alias", als_rids, num_alss);
ret = ldap_getpw();
ldap_disconnect();
return ret;
}
static struct smb_passwd *ldappassgrp_getcurrentpw(void *vp,
uint32 **grp_rids, int *num_grps,
uint32 **als_rids, int *num_alss)
{
ldappassgrp_member("group", grp_rids, num_grps);
ldappassgrp_member("alias", als_rids, num_alss);
return ldap_getpw();
}
static struct passgrp_ops ldappassgrp_ops =
{
ldappassgrp_enumfirst,
ldappassgrp_enumclose,
ldappassgrp_getdbpos,
ldappassgrp_setdbpos,
ldappassgrp_getpwbynam,
ldappassgrp_getpwbyuid,
ldappassgrp_getpwbyrid,
ldappassgrp_getcurrentpw,
};
struct passgrp_ops *ldap_initialise_password_grp(void)
{
return &ldappassgrp_ops;
}
#else
void passgrpldap_dummy_function(void);
void passgrpldap_dummy_function(void) { } /* stop some compilers complaining */
#endif

278
source3/passdb/sampass.c
View File

@ -1,278 +0,0 @@
/*
* Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
* Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 675
* Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#ifdef USE_SMBPASS_DB
extern int DEBUGLEVEL;
extern pstring samlogon_user;
extern BOOL sam_logon_in_ssb;
extern DOM_SID global_sam_sid;
/***************************************************************
Start to enumerate the smbpasswd list. Returns a void pointer
to ensure no modification outside this module.
****************************************************************/
static void *startsamfilepwent(BOOL update)
{
return startsmbpwent(update);
}
/***************************************************************
End enumeration of the smbpasswd list.
****************************************************************/
static void endsamfilepwent(void *vp)
{
endsmbpwent(vp);
}
/*************************************************************************
Return the current position in the smbpasswd list as an SMB_BIG_UINT.
This must be treated as an opaque token.
*************************************************************************/
static SMB_BIG_UINT getsamfilepwpos(void *vp)
{
return getsmbpwpos(vp);
}
/*************************************************************************
Set the current position in the smbpasswd list from an SMB_BIG_UINT.
This must be treated as an opaque token.
*************************************************************************/
static BOOL setsamfilepwpos(void *vp, SMB_BIG_UINT tok)
{
return setsmbpwpos(vp, tok);
}
/*************************************************************************
Routine to return the next entry in the smbpasswd list.
this function is a nice, messy combination of reading:
- the smbpasswd file
- the unix password database
- smb.conf options (not done at present).
*************************************************************************/
static struct sam_passwd *getsamfile21pwent(void *vp)
{
struct sam_passwd *user;
static pstring full_name;
static pstring home_dir;
static pstring home_drive;
static pstring logon_script;
static pstring profile_path;
static pstring acct_desc;
static pstring workstations;
DEBUG(5,("getsamfile21pwent\n"));
user = pwdb_smb_to_sam(getsmbfilepwent(vp));
if (user == NULL)
{
return NULL;
}
/*
* get all the other gubbins we need. substitute unix name for %U
* as putting the nt name in is a bit meaningless.
*/
pstrcpy(samlogon_user, user->unix_name);
if (samlogon_user[strlen(samlogon_user)-1] == '$' &&
user->group_rid != DOMAIN_GROUP_RID_USERS)
{
DEBUG(0,("trust account %s should be in DOMAIN_GROUP_RID_USERS\n",
samlogon_user));
}
/* XXXX hack to get standard_sub_basic() to use sam logon username */
/* possibly a better way would be to do a become_user() call */
sam_logon_in_ssb = True;
pstrcpy(full_name , "");
pstrcpy(logon_script , lp_logon_script ());
pstrcpy(profile_path , lp_logon_path ());
pstrcpy(home_drive , lp_logon_drive ());
pstrcpy(home_dir , lp_logon_home ());
pstrcpy(acct_desc , "");
pstrcpy(workstations , "");
sam_logon_in_ssb = False;
/*
only overwrite values with defaults IIF specific backend
didn't filled the values
*/
if (user->full_name == NULL)
user->full_name = full_name;
if (user->home_dir == NULL)
user->home_dir = home_dir;
if (user->dir_drive == NULL)
user->dir_drive = home_drive;
if (user->logon_script == NULL)
user->logon_script = logon_script;
if (user->profile_path == NULL)
user->profile_path = profile_path;
if (user->acct_desc == NULL)
user->acct_desc = acct_desc;
if (user->workstations == NULL)
user->workstations = workstations;
user->unknown_str = NULL; /* don't know, yet! */
user->munged_dial = NULL; /* "munged" dial-back telephone number */
user->unknown_3 = 0xffffff; /* don't know */
user->logon_divs = 168; /* hours per week */
user->hours_len = 21; /* 21 times 8 bits = 168 */
memset(user->hours, 0xff, user->hours_len); /* available at all hours */
user->unknown_5 = 0x00020000; /* don't know */
user->unknown_6 = 0x000004ec; /* don't know */
return user;
}
/************************************************************************
search sam db by uid.
*************************************************************************/
static struct sam_passwd *getsamfilepwuid(uid_t uid)
{
struct sam_passwd *pwd = NULL;
void *fp = NULL;
DEBUG(10, ("search by uid: %x\n", (int)uid));
/* Open the smb password file - not for update. */
fp = startsam21pwent(False);
if (fp == NULL)
{
DEBUG(0, ("unable to open sam password database.\n"));
return NULL;
}
while ((pwd = getsamfile21pwent(fp)) != NULL && pwd->unix_uid != uid)
{
}
if (pwd != NULL)
{
DEBUG(10, ("found by unix_uid: %x\n", (int)uid));
}
endsam21pwent(fp);
return pwd;
}
/************************************************************************
search sam db by rid.
*************************************************************************/
static struct sam_passwd *getsamfilepwrid(uint32 user_rid)
{
DOM_NAME_MAP gmep;
DOM_SID sid;
sid_copy(&sid, &global_sam_sid);
sid_append_rid(&sid, user_rid);
if (!lookupsmbpwsid(&sid, &gmep))
{
return NULL;
}
return getsamfilepwuid((uid_t)gmep.unix_id);
}
/************************************************************************
search sam db by nt name.
*************************************************************************/
static struct sam_passwd *getsamfilepwntnam(const char *nt_name)
{
DOM_NAME_MAP gmep;
if (!lookupsmbpwntnam(nt_name, &gmep))
{
return NULL;
}
return getsamfilepwuid((uid_t)gmep.unix_id);
}
/*
* Stub functions - implemented in terms of others.
*/
static BOOL mod_samfile21pwd_entry(struct sam_passwd* pwd, BOOL override)
{
return mod_smbpwd_entry(pwdb_sam_to_smb(pwd), override);
}
static BOOL add_samfile21pwd_entry(struct sam_passwd *newpwd)
{
return add_smbpwd_entry(pwdb_sam_to_smb(newpwd));
}
static struct sam_disp_info *getsamfiledispntnam(const char *ntname)
{
return pwdb_sam_to_dispinfo(getsam21pwntnam(ntname));
}
static struct sam_disp_info *getsamfiledisprid(uint32 rid)
{
return pwdb_sam_to_dispinfo(getsam21pwrid(rid));
}
static struct sam_disp_info *getsamfiledispent(void *vp)
{
return pwdb_sam_to_dispinfo(getsam21pwent(vp));
}
static struct sam_passdb_ops sam_file_ops =
{
startsamfilepwent,
endsamfilepwent,
getsamfilepwpos,
setsamfilepwpos,
getsamfilepwntnam,
getsamfilepwuid,
getsamfilepwrid,
getsamfile21pwent,
add_samfile21pwd_entry,
mod_samfile21pwd_entry,
getsamfiledispntnam,
getsamfiledisprid,
getsamfiledispent
};
struct sam_passdb_ops *file_initialise_sam_password_db(void)
{
return &sam_file_ops;
}
#else
/* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
void sampass_dummy_function(void) { } /* stop some compilers complaining */
#endif /* USE_SMBPASS_DB */

793
source3/passdb/sampassdb.c
View File

@ -1,793 +0,0 @@
/*
Unix SMB/Netbios implementation.
Version 1.9.
Password and authentication handling
Copyright (C) Jeremy Allison 1996-1998
Copyright (C) Luke Kenneth Casson Leighton 1996-1998
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#include "nterr.h"
extern int DEBUGLEVEL;
extern DOM_SID global_sam_sid;
/*
* NOTE. All these functions are abstracted into a structure
* that points to the correct function for the selected database. JRA.
*
* NOTE. for the get/mod/add functions, there are two sets of functions.
* one supports struct sam_passwd, the other supports struct smb_passwd.
* for speed optimisation it is best to support both these sets.
*
* it is, however, optional to support one set but not the other: there
* is conversion-capability built in to passdb.c, and run-time error
* detection for when neither are supported.
*
* password database writers are recommended to implement the sam_passwd
* functions in a first pass, as struct sam_passwd contains more
* information, needed by the NT Domain support.
*
* an API writer is expected to create either one set (struct smb_passwd) or
* the other (struct sam_passwd) OR both, and optionally also to write display
* info routines * (struct sam_disp_info). functions which the API writer
* chooses NOT to write must be wrapped in conversion functions (pwdb_x_to_y)
* such that API users can call any function and still get valid results.
*
* the password API does NOT fill in the gaps if you set an API function
* to NULL: it will deliberately attempt to call the NULL function.
*
*/
static struct sam_passdb_ops *pwdb_ops;
/***************************************************************
Initialise the password db operations.
***************************************************************/
BOOL initialise_sam_password_db(void)
{
if (pwdb_ops)
{
return True;
}
#ifdef WITH_NISPLUS
pwdb_ops = nisplus_initialise_sam_password_db();
#elif defined(WITH_LDAP)
pwdb_ops = ldap_initialise_sam_password_db();
#elif defined(HAVE_MYSQL_H) && defined(WITH_MYSQLSAM)
pwdb_ops = mysql_initialise_sam_password_db();
#elif defined(USE_SMBPASS_DB)
pwdb_ops = file_initialise_sam_password_db();
#endif
return (pwdb_ops != NULL);
}
/*
* Functions that return/manipulate a struct sam_passwd.
*/
/***************************************************************
Start to enumerate the smb or sam passwd list. Returns a void pointer
to ensure no modification outside this module.
Note that currently it is being assumed that a pointer returned
from this function may be used to enumerate struct sam_passwd
entries as well as struct smb_passwd entries. This may need
to change. JRA.
****************************************************************/
void *startsam21pwent(BOOL update)
{
return pwdb_ops->startsam21pwent(update);
}
/***************************************************************
End enumeration of the sam passwd list.
Note that currently it is being assumed that a pointer returned
from this function may be used to enumerate struct sam_passwd
entries as well as struct smb_passwd entries. This may need
to change. JRA.
****************************************************************/
void endsam21pwent(void *vp)
{
pwdb_ops->endsam21pwent(vp);
}
/*************************************************************************
Routine to return the next entry in the smb passwd list.
*************************************************************************/
struct sam_passwd *getsam21pwent(void *vp)
{
return pwdb_sam_map_names(pwdb_ops->getsam21pwent(vp));
}
/************************************************************************
Routine to search the smb passwd file for an entry matching the username.
and then modify its password entry. We can't use the startsampwent()/
getsampwent()/endsampwent() interfaces here as we depend on looking
in the actual file to decide how much room we have to write data.
override = False, normal
override = True, override XXXXXXXX'd out password or NO PASS
************************************************************************/
BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override)
{
struct sam_passwd *mapped;
DEBUG(10,("mod_sam21pwd_entry: unix user %s rid %d\n",
pwd->unix_name, pwd->user_rid));
mapped = pwdb_sam_map_names(pwd);
if (mapped != NULL)
{
return pwdb_ops->mod_sam21pwd_entry(mapped, override);
}
return False;
}
/************************************************************************
Utility function to search sam passwd by name. use this if your database
does not have search facilities.
*************************************************************************/
struct sam_passwd *iterate_getsam21pwntnam(const char *ntname)
{
fstring nt_name;
struct sam_passwd *pwd = NULL;
void *fp = NULL;
DEBUG(10, ("search by name: %s\n", ntname));
fstrcpy(nt_name, ntname);
/* Open the smb password database - not for update. */
fp = startsmbpwent(False);
if (fp == NULL)
{
DEBUG(0, ("unable to open sam password database.\n"));
return NULL;
}
while ((pwd = getsam21pwent(fp)) != NULL && !strequal(pwd->nt_name, nt_name))
{
DEBUG(10, ("iterate: %s 0x%x\n", pwd->nt_name, pwd->user_rid));
}
if (pwd != NULL)
{
DEBUG(10, ("found by name: %s\n", nt_name));
}
endsmbpwent(fp);
return pwd;
}
/************************************************************************
Utility function to search sam passwd by rid. use this if your database
does not have search facilities.
search capability by both rid and uid are needed as the rid <-> uid
mapping may be non-monotonic.
*************************************************************************/
struct sam_passwd *iterate_getsam21pwrid(uint32 rid)
{
struct sam_passwd *pwd = NULL;
void *fp = NULL;
DEBUG(10, ("search by rid: %x\n", rid));
/* Open the smb password file - not for update. */
fp = startsmbpwent(False);
if (fp == NULL)
{
DEBUG(0, ("unable to open sam password database.\n"));
return NULL;
}
while ((pwd = getsam21pwent(fp)) != NULL && pwd->user_rid != rid)
{
DEBUG(10, ("iterate: %s 0x%x\n", pwd->nt_name, pwd->user_rid));
}
if (pwd != NULL)
{
DEBUG(10, ("found by user_rid: %x\n", rid));
}
endsmbpwent(fp);
return pwd;
}
/************************************************************************
Utility function to search sam passwd by uid. use this if your database
does not have search facilities.
search capability by both rid and uid are needed as the rid <-> uid
mapping may be non-monotonic.
*************************************************************************/
struct sam_passwd *iterate_getsam21pwuid(uid_t uid)
{
struct sam_passwd *pwd = NULL;
void *fp = NULL;
DEBUG(10, ("search by uid: %x\n", (int)uid));
/* Open the smb password file - not for update. */
fp = startsmbpwent(False);
if (fp == NULL)
{
DEBUG(0, ("unable to open sam password database.\n"));
return NULL;
}
while ((pwd = getsam21pwent(fp)) != NULL && pwd->unix_uid != uid)
{
}
if (pwd != NULL)
{
DEBUG(10, ("found by unix_uid: %x\n", (int)uid));
}
endsmbpwent(fp);
return pwd;
}
/*************************************************************************
Routine to return a display info structure, by rid
*************************************************************************/
struct sam_disp_info *getsamdisprid(uint32 rid)
{
return pwdb_ops->getsamdisprid(rid);
}
/************************************************************************
Routine to search sam passwd by name.
*************************************************************************/
struct sam_passwd *getsam21pwntnam(const char *name)
{
return pwdb_sam_map_names(pwdb_ops->getsam21pwntnam(name));
}
/************************************************************************
Routine to search sam passwd by rid.
*************************************************************************/
struct sam_passwd *getsam21pwrid(uint32 rid)
{
return pwdb_sam_map_names(pwdb_ops->getsam21pwrid(rid));
}
/**********************************************************
**********************************************************
utility routines which are likely to be useful to all password
databases
**********************************************************
**********************************************************/
/*************************************************************
initialises a struct sam_disp_info.
**************************************************************/
static void pwdb_init_dispinfo(struct sam_disp_info *user)
{
if (user == NULL) return;
bzero(user, sizeof(*user));
user->user_rid = 0xffffffff;
}
/*************************************************************
initialises a struct sam_passwd.
**************************************************************/
void pwdb_init_sam(struct sam_passwd *user)
{
if (user == NULL) return;
bzero(user, sizeof(*user));
init_nt_time(&user->logon_time);
init_nt_time(&user->logoff_time);
init_nt_time(&user->kickoff_time);
init_nt_time(&user->pass_last_set_time);
init_nt_time(&user->pass_can_change_time);
init_nt_time(&user->pass_must_change_time);
user->unix_uid = (uid_t)-1;
user->unix_gid = (gid_t)-1;
user->user_rid = 0xffffffff;
user->group_rid = 0xffffffff;
}
/*************************************************************************
Routine to return the next entry in the sam passwd list.
*************************************************************************/
struct sam_disp_info *pwdb_sam_to_dispinfo(struct sam_passwd *user)
{
static struct sam_disp_info disp_info;
if (user == NULL) return NULL;
pwdb_init_dispinfo(&disp_info);
disp_info.nt_name = user->nt_name;
disp_info.full_name = user->full_name;
disp_info.user_rid = user->user_rid;
return &disp_info;
}
static void select_name(fstring *string, char **name, const UNISTR2 *from)
{
if (from->buffer != 0)
{
unistr2_to_ascii(*string, from, sizeof(*string));
*name = *string;
}
}
/*************************************************************
copies a sam passwd.
**************************************************************/
void copy_id23_to_sam_passwd(struct sam_passwd *to, const SAM_USER_INFO_23 *from)
{
static fstring nt_name;
static fstring full_name;
static fstring home_dir;
static fstring dir_drive;
static fstring logon_script;
static fstring profile_path;
static fstring acct_desc;
static fstring workstations;
static fstring unknown_str;
static fstring munged_dial;
if (from == NULL || to == NULL) return;
to->logon_time = from->logon_time;
to->logoff_time = from->logoff_time;
to->kickoff_time = from->kickoff_time;
to->pass_last_set_time = from->pass_last_set_time;
to->pass_can_change_time = from->pass_can_change_time;
to->pass_must_change_time = from->pass_must_change_time;
select_name(&nt_name , &to->nt_name , &from->uni_user_name );
select_name(&full_name , &to->full_name , &from->uni_full_name );
select_name(&home_dir , &to->home_dir , &from->uni_home_dir );
select_name(&dir_drive , &to->dir_drive , &from->uni_dir_drive );
select_name(&logon_script, &to->logon_script, &from->uni_logon_script);
select_name(&profile_path, &to->profile_path, &from->uni_profile_path);
select_name(&acct_desc , &to->acct_desc , &from->uni_acct_desc );
select_name(&workstations, &to->workstations, &from->uni_workstations);
select_name(&unknown_str , &to->unknown_str , &from->uni_unknown_str );
select_name(&munged_dial , &to->munged_dial , &from->uni_munged_dial );
to->unix_uid = (uid_t)-1;
to->unix_gid = (gid_t)-1;
to->user_rid = from->user_rid;
to->group_rid = from->group_rid;
to->smb_passwd = NULL;
to->smb_nt_passwd = NULL;
to->acct_ctrl = from->acb_info;
to->unknown_3 = from->unknown_3;
to->logon_divs = from->logon_divs;
to->hours_len = from->logon_hrs.len;
memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
to->unknown_5 = from->unknown_5;
to->unknown_6 = from->unknown_6;
}
/*************************************************************
copies a sam passwd.
**************************************************************/
void copy_sam_passwd(struct sam_passwd *to, const struct sam_passwd *from)
{
static fstring nt_name;
static fstring unix_name;
static fstring full_name;
static fstring home_dir;
static fstring dir_drive;
static fstring logon_script;
static fstring profile_path;
static fstring acct_desc;
static fstring workstations;
static fstring unknown_str;
static fstring munged_dial;
if (from == NULL || to == NULL) return;
memcpy(to, from, sizeof(*from));
if (from->nt_name != NULL)
{
fstrcpy(nt_name , from->nt_name);
to->nt_name = nt_name;
}
else if (to->nt_name != NULL)
{
fstrcpy(nt_name , to->nt_name);
to->nt_name = nt_name;
}
if (from->unix_name != NULL)
{
fstrcpy(unix_name, from->unix_name);
to->unix_name = unix_name;
}
else if (to->unix_name != NULL)
{
fstrcpy(unix_name, to->unix_name);
to->unix_name = unix_name;
}
if (from->full_name != NULL)
{
fstrcpy(full_name, from->full_name);
to->full_name = full_name;
}
else if (to->full_name != NULL)
{
fstrcpy(full_name, to->full_name);
to->full_name = full_name;
}
if (from->home_dir != NULL)
{
fstrcpy(home_dir , from->home_dir);
to->home_dir = home_dir;
}
else if (to->home_dir != NULL)
{
fstrcpy(home_dir , to->home_dir);
to->home_dir = home_dir;
}
if (from->dir_drive != NULL)
{
fstrcpy(dir_drive , from->dir_drive);
to->dir_drive = dir_drive;
}
else if (to->dir_drive != NULL)
{
fstrcpy(dir_drive , to->dir_drive);
to->dir_drive = dir_drive;
}
if (from->logon_script != NULL)
{
fstrcpy(logon_script , from->logon_script);
to->logon_script = logon_script;
}
else if (to->logon_script != NULL)
{
fstrcpy(logon_script , to->logon_script);
to->logon_script = logon_script;
}
if (from->profile_path != NULL)
{
fstrcpy(profile_path , from->profile_path);
to->profile_path = profile_path;
}
else if (to->profile_path != NULL)
{
fstrcpy(profile_path , to->profile_path);
to->profile_path = profile_path;
}
if (from->acct_desc != NULL)
{
fstrcpy(acct_desc , from->acct_desc);
to->acct_desc = acct_desc;
}
else if (to->acct_desc != NULL)
{
fstrcpy(acct_desc , to->acct_desc);
to->acct_desc = acct_desc;
}
if (from->workstations != NULL)
{
fstrcpy(workstations , from->workstations);
to->workstations = workstations;
}
else if (to->workstations != NULL)
{
fstrcpy(workstations , to->workstations);
to->workstations = workstations;
}
if (from->unknown_str != NULL)
{
fstrcpy(unknown_str , from->unknown_str);
to->unknown_str = unknown_str;
}
else if (to->unknown_str != NULL)
{
fstrcpy(unknown_str , to->unknown_str);
to->unknown_str = unknown_str;
}
if (from->munged_dial != NULL)
{
fstrcpy(munged_dial , from->munged_dial);
to->munged_dial = munged_dial;
}
else if (to->munged_dial != NULL)
{
fstrcpy(munged_dial , to->munged_dial);
to->munged_dial = munged_dial;
}
}
/*************************************************************
converts a sam_passwd structure to a smb_passwd structure.
**************************************************************/
struct smb_passwd *pwdb_sam_to_smb(struct sam_passwd *user)
{
static struct smb_passwd pw_buf;
static fstring nt_name;
static fstring unix_name;
if (user == NULL) return NULL;
pwdb_init_smb(&pw_buf);
if (user->nt_name != NULL)
{
fstrcpy(nt_name , user->nt_name);
pw_buf.nt_name = nt_name;
}
if (user->unix_name != NULL)
{
fstrcpy(unix_name, user->unix_name);
pw_buf.unix_name = unix_name;
}
pw_buf.unix_uid = user->unix_uid;
pw_buf.user_rid = user->user_rid;
pw_buf.smb_passwd = user->smb_passwd;
pw_buf.smb_nt_passwd = user->smb_nt_passwd;
pw_buf.acct_ctrl = user->acct_ctrl;
pw_buf.pass_last_set_time = nt_time_to_unix(&user->pass_last_set_time);
return &pw_buf;
}
/*************************************************************
converts a smb_passwd structure to a sam_passwd structure.
**************************************************************/
struct sam_passwd *pwdb_smb_to_sam(struct smb_passwd *user)
{
static struct sam_passwd pw_buf;
struct passwd *pass=NULL;
static fstring nt_name;
static fstring unix_name;
static pstring unix_gecos;
if (user == NULL) return NULL;
pwdb_init_sam(&pw_buf);
if (user->nt_name != NULL)
{
fstrcpy(nt_name , user->nt_name);
pw_buf.nt_name = nt_name;
}
if (user->unix_name != NULL)
{
fstrcpy(unix_name, user->unix_name);
pw_buf.unix_name = unix_name;
}
pw_buf.unix_uid = user->unix_uid;
pw_buf.user_rid = user->user_rid;
pw_buf.smb_passwd = user->smb_passwd;
pw_buf.smb_nt_passwd = user->smb_nt_passwd;
pw_buf.acct_ctrl = user->acct_ctrl;
pass = hashed_getpwnam(unix_name);
if (pass != NULL)
{
pstrcpy(unix_gecos, pass->pw_gecos);
pw_buf.full_name=unix_gecos;
}
if ( user->pass_last_set_time != (time_t)-1 )
{
unix_to_nt_time(&pw_buf.pass_last_set_time, user->pass_last_set_time);
unix_to_nt_time(&pw_buf.pass_can_change_time, user->pass_last_set_time);
}
return &pw_buf;
}
static BOOL trust_account_warning_done = False;
/*************************************************************
fills in missing details. one set of details _must_ exist.
**************************************************************/
struct sam_passwd *pwdb_sam_map_names(struct sam_passwd *sam)
{
DOM_NAME_MAP gmep;
BOOL found = False;
DOM_SID sid;
static fstring unix_name;
static fstring nt_name;
/*
* name details
*/
if (sam == NULL)
{
DEBUG(10,("pwdb_sam_map_names: NULL\n"));
return NULL;
}
DEBUG(10,("pwdb_sam_map_names: unix %s nt %s unix %d nt%d\n",
sam->unix_name != NULL ? sam->unix_name : "NULL",
sam->nt_name != NULL ? sam->nt_name : "NULL",
sam->unix_uid, sam->user_rid));
if (!found && sam->unix_name != NULL)
{
found = lookupsmbpwnam(sam->unix_name, &gmep);
}
if (!found && sam->unix_uid != (uid_t)-1)
{
found = lookupsmbpwuid(sam->unix_uid , &gmep);
}
if (!found && sam->user_rid != 0xffffffff)
{
sid_copy(&sid, &global_sam_sid);
sid_append_rid(&sid, sam->user_rid);
found = lookupsmbpwsid (&sid , &gmep);
}
if (!found && sam->nt_name != NULL)
{
found = lookupsmbpwntnam(sam->nt_name, &gmep);
}
if (!found)
{
return NULL;
}
if (!sid_front_equal(&global_sam_sid, &gmep.sid))
{
return NULL;
}
fstrcpy(unix_name, gmep.unix_name);
fstrcpy(nt_name , gmep.nt_name );
if (sam->unix_name == NULL ) sam->unix_name = unix_name;
if (sam->nt_name == NULL ) sam->nt_name = nt_name ;
if (sam->unix_uid == (uid_t)-1 ) sam->unix_uid = (uid_t)gmep.unix_id;
if (sam->user_rid == 0xffffffff) sid_split_rid(&gmep.sid, &sam->user_rid);
DEBUG(10,("pwdb_sam_map_name: found unix user %s nt %s uid %d rid 0x%x\n",
sam->unix_name, sam->nt_name, sam->unix_uid, sam->user_rid));
/*
* group details
*/
found = False;
if (sam->unix_gid != (gid_t)-1 && sam->group_rid != 0xffffffff)
{
return sam;
}
if (sam->unix_gid == (gid_t)-1 && sam->group_rid == 0xffffffff)
{
struct passwd *pass = hashed_getpwnam(unix_name);
if (pass != NULL)
{
sam->unix_gid = pass->pw_gid;
}
else
{
DEBUG(0,("pwdb_sam_map_names: no unix password entry for %s\n",
unix_name));
}
}
if (!found && sam->unix_gid != (gid_t)-1)
{
found = lookupsmbgrpgid(sam->unix_gid , &gmep);
}
if (!found && sam->group_rid != 0xffffffff)
{
sid_copy(&sid, &global_sam_sid);
sid_append_rid(&sid, sam->group_rid);
found = lookupsmbgrpsid(&sid , &gmep);
}
if (!found)
{
if (IS_BITS_SET_SOME(sam->acct_ctrl, ACB_WSTRUST|ACB_DOMTRUST|ACB_SVRTRUST))
{
if (!trust_account_warning_done)
{
trust_account_warning_done = True;
DEBUG(0, ("\
pwdb_sam_map_names: your unix password database appears to have difficulties\n\
resolving trust account %s, probably because it ends in a '$'.\n\
you will get this warning only once (for all trust accounts)\n", unix_name));
}
/*
* oh, dear.
*/
if (sam->unix_gid != (gid_t)-1)
{
sam->unix_gid = (gid_t)-1;
}
sam->group_rid = DOMAIN_GROUP_RID_USERS;
return sam;
}
else
{
DEBUG(0, ("pwdb_sam_map_names: could not find Primary Group for %s\n",
unix_name));
return NULL;
}
}
if (!sid_front_equal(&global_sam_sid, &gmep.sid))
{
fstring sid_str;
sid_to_string(sid_str, &gmep.sid);
DEBUG(0,("UNIX User %s Primary Group is in the wrong domain! %s\n",
sam->unix_name, sid_str));
return NULL;
}
if (sam->unix_gid == (gid_t)-1 ) sam->unix_gid = (gid_t)gmep.unix_id;
if (sam->group_rid == 0xffffffff) sid_split_rid(&gmep.sid, &sam->group_rid);
DEBUG(10,("pwdb_sam_map_name: found gid %d and group rid 0x%x for unix user %s\n",
sam->unix_gid, sam->group_rid, sam->unix_name));
return sam;
}

422
source3/passdb/sampassldap.c
View File

@ -1,422 +0,0 @@
/*
Unix SMB/Netbios implementation.
Version 2.0.
LDAP protocol helper functions for SAMBA
Copyright (C) Matthew Chapman 1998
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#ifdef WITH_LDAP
#include <lber.h>
#include <ldap.h>
extern int DEBUGLEVEL;
/* Internal state */
extern LDAP *ldap_struct;
extern LDAPMessage *ldap_results;
extern LDAPMessage *ldap_entry;
/*******************************************************************
NT name/RID search functions.
******************************************************************/
BOOL ldap_search_by_rid(uint32 rid)
{
fstring filter;
slprintf(filter, sizeof(filter)-1,
"(&(rid=%x)(objectclass=sambaAccount))", rid);
return ldap_search_for(filter);
}
BOOL ldap_search_by_ntname(const char *ntname)
{
fstring filter;
slprintf(filter, sizeof(filter)-1,
"(&(ntuid=%s)(objectclass=sambaAccount))", ntname);
return ldap_search_for(filter);
}
/*******************************************************************
Store NTTIMEs as time_t's.
******************************************************************/
static void ldap_save_time(LDAPMod ***modlist, int modop, char *attribute,
NTTIME *nttime)
{
fstring tstr;
time_t t;
t = nt_time_to_unix(nttime);
if(t == -1)
return;
slprintf(tstr, sizeof(tstr)-1, "%08X", t);
ldap_make_mod(modlist, modop, attribute, tstr);
}
static void ldap_read_time(char *attribute, NTTIME *nttime)
{
fstring timestr;
time_t t;
if(ldap_get_attribute(attribute, timestr))
{
t = (time_t)strtol(timestr, NULL, 16);
unix_to_nt_time(nttime, t);
}
}
/*******************************************************************
Contruct a sam_passwd structure.
******************************************************************/
static struct sam_passwd *ldapsam_getsam()
{
static pstring full_name;
static pstring acct_desc;
static pstring home_dir;
static pstring home_drive;
static pstring logon_script;
static pstring profile_path;
static pstring workstations;
pstring temp;
struct sam_passwd *sam21;
struct smb_passwd *smbpw;
if(!ldap_entry)
return NULL;
smbpw = ldap_getpw();
sam21 = pwdb_smb_to_sam(smbpw);
if(ldap_get_attribute("gidNumber", temp))
sam21->unix_gid = atoi(temp);
if(ldap_get_attribute("grouprid", temp))
sam21->group_rid = strtol(temp, NULL, 16);
if(ldap_get_attribute("cn", full_name))
sam21->full_name = full_name;
if(ldap_get_attribute("description", acct_desc))
sam21->acct_desc = acct_desc;
if(ldap_get_attribute("smbHome", home_dir))
sam21->home_dir = home_dir;
if(ldap_get_attribute("homeDrive", home_drive))
sam21->dir_drive = home_drive;
if(ldap_get_attribute("script", logon_script))
sam21->logon_script = logon_script;
if(ldap_get_attribute("profile", profile_path))
sam21->profile_path = profile_path;
if(ldap_get_attribute("workstations", workstations))
sam21->workstations = workstations;
ldap_read_time("pwdCanChange", &sam21->pass_can_change_time);
ldap_read_time("pwdMustChange", &sam21->pass_must_change_time);
ldap_read_time("logonTime", &sam21->logon_time);
ldap_read_time("logoffTime", &sam21->logoff_time);
ldap_read_time("kickoffTime", &sam21->kickoff_time);
sam21->unknown_3 = 0xffffff; /* don't know */
sam21->logon_divs = 168; /* hours per week */
sam21->hours_len = 21; /* 21 times 8 bits = 168 */
memset(sam21->hours, 0xff, sam21->hours_len); /* all hours */
sam21->unknown_5 = 0x00020000; /* don't know */
sam21->unknown_6 = 0x000004ec; /* don't know */
sam21->unknown_str = NULL;
sam21->munged_dial = NULL;
ldap_entry = ldap_next_entry(ldap_struct, ldap_entry);
return sam21;
}
/*******************************************************************
Contruct a sam_disp_info structure.
******************************************************************/
static struct sam_disp_info *ldapsam_getdispinfo()
{
static struct sam_disp_info dispinfo;
static pstring nt_name;
static pstring full_name;
pstring temp;
if(!ldap_entry)
return NULL;
if(!ldap_get_attribute("ntuid", nt_name) &&
!ldap_get_attribute("uid", nt_name)) {
DEBUG(0,("Missing uid\n"));
return NULL; }
dispinfo.nt_name = nt_name;
DEBUG(2,("Retrieving account [%s]\n",nt_name));
if(ldap_get_attribute("rid", temp))
dispinfo.user_rid = strtol(temp, NULL, 16);
else {
DEBUG(0,("Missing rid\n"));
return NULL; }
if(ldap_get_attribute("cn", full_name))
dispinfo.full_name = full_name;
else
dispinfo.full_name = NULL;
ldap_entry = ldap_next_entry(ldap_struct, ldap_entry);
return &dispinfo;
}
/************************************************************************
Queues the necessary modifications to save a sam_passwd structure
************************************************************************/
static void ldapsam_sammods(struct sam_passwd *newpwd, LDAPMod ***mods,
int operation)
{
struct smb_passwd *smbpw;
pstring temp;
smbpw = pwdb_sam_to_smb(newpwd);
ldap_smbpwmods(smbpw, mods, operation);
slprintf(temp, sizeof(temp)-1, "%d", newpwd->unix_gid);
ldap_make_mod(mods, operation, "gidNumber", temp);
slprintf(temp, sizeof(temp)-1, "%x", newpwd->group_rid);
ldap_make_mod(mods, operation, "grouprid", temp);
ldap_make_mod(mods, operation, "cn", newpwd->full_name);
ldap_make_mod(mods, operation, "description", newpwd->acct_desc);
ldap_make_mod(mods, operation, "smbHome", newpwd->home_dir);
ldap_make_mod(mods, operation, "homeDrive", newpwd->dir_drive);
ldap_make_mod(mods, operation, "script", newpwd->logon_script);
ldap_make_mod(mods, operation, "profile", newpwd->profile_path);
ldap_make_mod(mods, operation, "workstations", newpwd->workstations);
ldap_save_time(mods, operation, "pwdCanChange",
&newpwd->pass_can_change_time);
ldap_save_time(mods, operation, "pwdMustChange",
&newpwd->pass_must_change_time);
ldap_save_time(mods, operation, "logonTime",
&newpwd->logon_time);
ldap_save_time(mods, operation, "logoffTime",
&newpwd->logoff_time);
ldap_save_time(mods, operation, "kickoffTime",
&newpwd->kickoff_time);
}
/***************************************************************
Begin/end account enumeration.
****************************************************************/
static void *ldapsam_enumfirst(BOOL update)
{
if (!ldap_connect())
return NULL;
ldap_search_for("objectclass=sambaAccount");
return ldap_struct;
}
static void ldapsam_enumclose(void *vp)
{
ldap_disconnect();
}
/*************************************************************************
Save/restore the current position in a query
*************************************************************************/
static SMB_BIG_UINT ldapsam_getdbpos(void *vp)
{
return (SMB_BIG_UINT)((ulong)ldap_entry);
}
static BOOL ldapsam_setdbpos(void *vp, SMB_BIG_UINT tok)
{
ldap_entry = (LDAPMessage *)((ulong)tok);
return (True);
}
/*************************************************************************
Return sam_passwd information.
*************************************************************************/
static struct sam_passwd *ldapsam_getsambynam(const char *name)
{
struct sam_passwd *ret;
if(!ldap_connect())
return NULL;
ldap_search_by_ntname(name);
ret = ldapsam_getsam();
ldap_disconnect();
return ret;
}
static struct sam_passwd *ldapsam_getsambyuid(uid_t userid)
{
struct sam_passwd *ret;
if(!ldap_connect())
return NULL;
ldap_search_by_uid(userid);
ret = ldapsam_getsam();
ldap_disconnect();
return ret;
}
static struct sam_passwd *ldapsam_getsambyrid(uint32 user_rid)
{
struct sam_passwd *ret;
if(!ldap_connect())
return NULL;
ldap_search_by_rid(user_rid);
ret = ldapsam_getsam();
ldap_disconnect();
return ret;
}
static struct sam_passwd *ldapsam_getcurrentsam(void *vp)
{
return ldapsam_getsam();
}
/************************************************************************
Modify user information given a sam_passwd struct.
*************************************************************************/
static BOOL ldapsam_addsam(struct sam_passwd *newpwd)
{
LDAPMod **mods;
if (!newpwd || !ldap_allocaterid(&newpwd->user_rid))
return (False);
ldapsam_sammods(newpwd, &mods, LDAP_MOD_ADD);
return ldap_makemods("uid", newpwd->unix_name, mods, True);
}
static BOOL ldapsam_modsam(struct sam_passwd *pwd, BOOL override)
{
LDAPMod **mods;
if (!pwd)
return (False);
ldapsam_sammods(pwd, &mods, LDAP_MOD_REPLACE);
return ldap_makemods("uid", pwd->unix_name, mods, False);
}
/*************************************************************************
Return sam_disp_info information.
*************************************************************************/
static struct sam_disp_info *ldapsam_getdispbynam(const char *name)
{
struct sam_disp_info *ret;
if(!ldap_connect())
return NULL;
ldap_search_by_ntname(name);
ret = ldapsam_getdispinfo();
ldap_disconnect();
return ret;
}
static struct sam_disp_info *ldapsam_getdispbyrid(uint32 user_rid)
{
struct sam_disp_info *ret;
if(!ldap_connect())
return NULL;
ldap_search_by_rid(user_rid);
ret = ldapsam_getdispinfo();
ldap_disconnect();
return ret;
}
static struct sam_disp_info *ldapsam_getcurrentdisp(void *vp)
{
return ldapsam_getdispinfo();
}
static struct sam_passdb_ops ldapsam_ops =
{
ldapsam_enumfirst,
ldapsam_enumclose,
ldapsam_getdbpos,
ldapsam_setdbpos,
ldapsam_getsambynam,
ldapsam_getsambyuid,
ldapsam_getsambyrid,
ldapsam_getcurrentsam,
ldapsam_addsam,
ldapsam_modsam,
ldapsam_getdispbynam,
ldapsam_getdispbyrid,
ldapsam_getcurrentdisp
};
struct sam_passdb_ops *ldap_initialise_sam_password_db(void)
{
return &ldapsam_ops;
}
#else
void sampassldap_dummy_function(void);
void sampassldap_dummy_function(void) { } /* stop some compilers complaining */
#endif

227
source3/passdb/smbpassgroupunix.c
View File

@ -1,227 +0,0 @@
/*
* Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
* Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 675
* Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#ifdef USE_SMBUNIX_DB
extern int DEBUGLEVEL;
extern DOM_SID global_sam_sid;
/***************************************************************
Start to enumerate the smbpasswd list. Returns a void pointer
to ensure no modification outside this module.
****************************************************************/
static void *startsmbunixgrpent(BOOL update)
{
return startsmbpwent(False);
}
/***************************************************************
End enumeration of the smbpasswd list.
****************************************************************/
static void endsmbunixgrpent(void *vp)
{
endsmbpwent(vp);
}
/*************************************************************************
Return the current position in the smbpasswd list as an SMB_BIG_UINT.
This must be treated as an opaque token.
*************************************************************************/
static SMB_BIG_UINT getsmbunixgrppos(void *vp)
{
return getsmbpwpos(vp);
}
/*************************************************************************
Set the current position in the smbpasswd list from an SMB_BIG_UINT.
This must be treated as an opaque token.
*************************************************************************/
static BOOL setsmbunixgrppos(void *vp, SMB_BIG_UINT tok)
{
return setsmbpwpos(vp, tok);
}
/*************************************************************************
Routine to return the next smbpassgroup entry
*************************************************************************/
static struct smb_passwd *getsmbunixgrpent(void *vp,
uint32 **grp_rids, int *num_grps,
uint32 **als_rids, int *num_alss)
{
/* Static buffers we will return. */
struct sam_passwd *pw_buf;
fstring unix_name;
int i;
int unixgrps;
gid_t *grps;
BOOL failed = False;
if (vp == NULL)
{
DEBUG(0,("getsmbunixgrpent: Bad password file pointer.\n"));
return NULL;
}
pw_buf = getsam21pwent(vp);
if (pw_buf == NULL)
{
return NULL;
}
fstrcpy(unix_name, pw_buf->unix_name);
if (grp_rids != NULL)
{
(*grp_rids) = NULL;
(*num_grps) = 0;
}
if (als_rids != NULL)
{
(*als_rids) = NULL;
(*num_alss) = 0;
}
if (als_rids == NULL && grp_rids == NULL)
{
/* they didn't want to know the members. */
return pwdb_sam_to_smb(pw_buf);
}
/*
* find all unix groups
*/
if (get_unixgroups(unix_name, pw_buf->unix_uid, pw_buf->unix_gid, &unixgrps, &grps))
{
return NULL;
}
/*
* check each unix group for a mapping as an nt alias or an nt group
*/
for (i = 0; i < unixgrps && !failed; i++)
{
uint32 rid;
/*
* find the unix name for each user's group.
* assume the unix group is an nt name (alias? group? user?)
* (user or not our own domain will be an error).
*
* oh, oh, can anyone spot what's missing heeere?
* you guessed it: built-in aliases. those are in
* Domain S-1-5-20, and NT Domain Users can only
* have lists of RIDs as groups.
*
* doesn't stop you making NT Domain Users a member
* of a BUILTIN Alias (e.g "Administrators" or "Power Users")
* it's just that there's no way to tell that from this
* API call: wrong domain, sorry.
*
*/
DOM_NAME_MAP gmep;
if (!lookupsmbgrpgid(grps[i], &gmep))
{
continue;
}
sid_split_rid(&gmep.sid, &rid);
if (!sid_equal(&global_sam_sid, &gmep.sid))
{
continue;
}
switch (gmep.type)
{
case SID_NAME_ALIAS:
{
if (als_rids != NULL && add_num_to_list(als_rids, num_alss, rid) == NULL)
{
failed = True;
}
break;
}
case SID_NAME_DOM_GRP:
case SID_NAME_WKN_GRP:
{
if (grp_rids != NULL && add_num_to_list(grp_rids, num_grps, rid) == NULL)
{
failed = True;
}
break;
}
default:
{
break;
}
}
}
if (failed)
{
if (grp_rids != NULL && (*grp_rids) != NULL)
{
free(*grp_rids);
(*num_grps) = 0;
}
if (als_rids != NULL && (*als_rids) != NULL)
{
free(*als_rids);
(*num_alss) = 0;
}
return NULL;
}
return pwdb_sam_to_smb(pw_buf);
}
static struct passgrp_ops smbunixgrp_ops =
{
startsmbunixgrpent,
endsmbunixgrpent,
getsmbunixgrppos,
setsmbunixgrppos,
iterate_getsmbgrpntnam, /* In passgrp.c */
iterate_getsmbgrpuid, /* In passgrp.c */
iterate_getsmbgrprid, /* In passgrp.c */
getsmbunixgrpent
};
struct passgrp_ops *unix_initialise_password_grp(void)
{
return &smbunixgrp_ops;
}
#else
/* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
void smbpassgroupunix_dummy_function(void) { } /* stop some compilers complaining */
#endif /* USE_SMBPASS_DB */