sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-03 12:58:35 +03:00
Code

password back-end database support

Browse Source 
ldap.c :

	- added getldap21pwent() function

passdb.c :

	- getsam21pwent() no longer a stub: calls ldap21 or smb21

smbpass.c :

	- added getsmb21pwent() function (he he :-)

lib/rpc/server/srv_samr.c :

	- removed "specific" calls to ldap functions; replaced with
	  call to get_sampwd_entries instead (which is unfinished).

	- rewrote get_user_info_21 function to call getsam21pwrid.
This commit is contained in:
Luke Leighton -
parent 69ace07609
commit c760ebbf12
4 changed files with 167 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
source/passdb/ldap.c
View File

@ -496,12 +496,37 @@ void *startldappwent(BOOL update)
*************************************************************************/
struct smb_passwd *getldappwent(void *vp)
{
static struct smb_passwd user;
struct ldap_enum_info *ldap_vp = (struct ldap_enum_info *)vp;
ldap_vp->entry = ldap_next_entry(ldap_vp->ldap_struct, ldap_vp->entry);
/*
make_ldap_sam_user_info_21(ldap_struct, entry, &(pw_buf[(*num_entries)]) );
*/
if (ldap_vp->entry != NULL)
{
ldap_get_smb_passwd(ldap_vp->ldap_struct, ldap_vp->entry, &user);
return &user;
}
return NULL;
}
/*************************************************************************
Routine to return the next entry in the ldap passwd list.
do not call this function directly. use passdb.c instead.
*************************************************************************/
struct sam_passwd *getldap21pwent(void *vp)
{
static struct sam_passwd user;
struct ldap_enum_info *ldap_vp = (struct ldap_enum_info *)vp;
ldap_vp->entry = ldap_next_entry(ldap_vp->ldap_struct, ldap_vp->entry);
if (ldap_vp->entry != NULL)
{
ldap_get_sam_passwd(ldap_vp->ldap_struct, ldap_vp->entry, &user);
return &user;
}
return NULL;
}

13
source/passdb/passdb.c
View File

@ -87,16 +87,11 @@ struct smb_passwd *getsampwent(void *vp)
*************************************************************************/
struct sam_passwd *getsam21pwent(void *vp)
{
#if 0
#ifdef USE_LDAP
return getldap21pwent(vp);
#else
return getsmb21pwent(vp);
#endif /* USE_LDAP */
#else
DEBUG(0,("getsam21pwent: under development\n"));
return NULL;
#endif
}
/*************************************************************************
@ -144,9 +139,9 @@ BOOL add_sam21pwd_entry(struct sam_passwd *newpwd)
{
#if 0
#ifdef USE_LDAP
return add_ldappwd_entry(newpwd);
return add_ldap21pwd_entry(newpwd);
#else
return add_smbpwd_entry(newpwd);
return add_smb21pwd_entry(newpwd);
#endif /* USE_LDAP */
#else
DEBUG(0,("add_sam21pwd_entry() - under development\n"));
@ -183,9 +178,9 @@ BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override)
{
#if 0
#ifdef USE_LDAP
return mod_ldappwd_entry(pwd, override);
return mod_ldap21pwd_entry(pwd, override);
#else
return mod_smbpwd_entry(pwd, override);
return mod_smb21pwd_entry(pwd, override);
#endif /* USE_LDAP */
#else
DEBUG(0,("mod_sam21pwd_entry() - under development\n"));

109
source/passdb/smbpass.c
View File

@ -20,6 +20,8 @@
#include "includes.h"
extern int DEBUGLEVEL;
extern pstring samlogon_user;
extern BOOL sam_logon_in_ssb;
static int gotalarm;
static char s_readbuf[16 * 1024];
@ -154,7 +156,6 @@ void *startsmbpwent(BOOL update)
/***************************************************************
End enumeration of the smbpasswd list.
****************************************************************/
void endsmbpwent(void *vp)
{
FILE *fp = (FILE *)vp;
@ -164,6 +165,112 @@ void endsmbpwent(void *vp)
DEBUG(7, ("endsmbpwent: closed password file.\n"));
}
/*************************************************************************
Routine to return the next entry in the smbpasswd list.
this function is a nice, messy combination of reading:
- the smbpasswd file
- the unix password database
- smb.conf options (not done at present).
do not call this function directly. use passdb.c instead.
*************************************************************************/
struct sam_passwd *getsmb21pwent(void *vp)
{
struct smb_passwd *pw_buf = getsmbpwent(vp);
static struct sam_passwd user;
struct passwd *pwfile;
static pstring full_name;
static pstring home_dir;
static pstring home_drive;
static pstring logon_script;
static pstring profile_path;
static pstring acct_desc;
static pstring workstations;
if (pw_buf == NULL) return NULL;
pwfile = getpwnam(pw_buf->smb_name);
if (pwfile == NULL) return NULL;
bzero(&user, sizeof(user));
pstrcpy(samlogon_user, pw_buf->smb_name);
if (samlogon_user[strlen(samlogon_user)-1] != '$')
{
/* XXXX hack to get standard_sub_basic() to use sam logon username */
/* possibly a better way would be to do a become_user() call */
sam_logon_in_ssb = True;
user.smb_userid = pw_buf->smb_userid;
user.smb_grpid = pwfile->pw_gid;
user.user_rid = uid_to_user_rid (user.smb_userid);
user.group_rid = gid_to_group_rid(user.smb_grpid );
pstrcpy(full_name , pwfile->pw_gecos );
pstrcpy(logon_script , lp_logon_script ());
pstrcpy(profile_path , lp_logon_path ());
pstrcpy(home_drive , lp_logon_drive ());
pstrcpy(home_dir , lp_logon_home ());
pstrcpy(acct_desc , "");
pstrcpy(workstations , lp_domain_workstations());
sam_logon_in_ssb = False;
}
else
{
user.smb_userid = pw_buf->smb_userid;
user.smb_grpid = pwfile->pw_gid;
user.user_rid = uid_to_user_rid (user.smb_userid);
user.group_rid = DOMAIN_GROUP_RID_USERS; /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */
pstrcpy(full_name , "");
pstrcpy(logon_script , "");
pstrcpy(profile_path , "");
pstrcpy(home_drive , "");
pstrcpy(home_dir , "");
pstrcpy(acct_desc , "");
pstrcpy(workstations , "");
}
user.logon_time = (time_t)-1;
user.logoff_time = (time_t)-1;
user.kickoff_time = (time_t)-1;
user.pass_last_set_time = pw_buf->pass_last_set_time;
user.pass_can_change_time = (time_t)-1;
user.pass_must_change_time = (time_t)-1;
user.smb_name = pw_buf->smb_name;
user.full_name = full_name;
user.home_dir = home_dir;
user.dir_drive = home_drive;
user.logon_script = logon_script;
user.profile_path = profile_path;
user.acct_desc = acct_desc;
user.workstations = workstations;
user.unknown_str = NULL; /* don't know, yet! */
user.munged_dial = NULL; /* "munged" dial-back telephone number */
user.smb_nt_passwd = pw_buf->smb_nt_passwd;
user.smb_passwd = pw_buf->smb_passwd;
user.acct_ctrl = pw_buf->acct_ctrl;
user.unknown_3 = 0xffffff; /* don't know */
user.logon_divs = 168; /* hours per week */
user.hours_len = 21; /* 21 times 8 bits = 168 */
memset(user.hours, 0xff, user.hours_len); /* available at all hours */
user.unknown_5 = 0x00020000; /* don't know */
user.unknown_5 = 0x000004ec; /* don't know */
return &user;
}
/*************************************************************************
Routine to return the next entry in the smbpasswd list.

129
source/rpc_server/srv_samr.c
View File

@ -463,13 +463,9 @@ static void samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u,
DEBUG(5,("samr_reply_query_dispinfo: %d\n", __LINE__));
#ifndef USE_LDAP
become_root(True);
got_pwds = get_sampwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, 0);
unbecome_root(True);
#endif /* USE_LDAP */
switch (q_u->switch_level)
{
@ -478,14 +474,6 @@ static void samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u,
/* query disp info is for users */
switch_level = 0x1;
#ifdef USE_LDAP
got_pwds = get_ldap_entries(pass,
&total_entries,
&num_entries,
MAX_SAM_ENTRIES,
0,
switch_level);
#endif /* USE_DLAP */
make_sam_info_1(&info1, ACB_NORMAL,
q_u->start_idx, num_entries, pass);
@ -497,14 +485,6 @@ static void samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u,
{
/* query disp info is for servers */
switch_level = 0x2;
#ifdef USE_LDAP
got_pwds = get_ldap_entries(pass,
&total_entries,
&num_entries,
MAX_SAM_ENTRIES,
0,
switch_level);
#endif /* USE_LDAP */
make_sam_info_2(&info2, ACB_WSTRUST,
q_u->start_idx, num_entries, pass);
@ -876,87 +856,34 @@ static void api_samr_open_user( int uid, prs_struct *data, prs_struct *rdata)
static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid)
{
NTTIME dummy_time;
pstring logon_script;
pstring profile_path;
pstring home_drive;
pstring home_dir;
pstring description;
pstring workstations;
pstring full_name;
pstring munged_dialin;
pstring unknown_str;
uint32 r_uid;
uint32 r_gid;
struct sam_passwd *sam_pass;
LOGON_HRS hrs;
int i;
struct smb_passwd *smb_pass;
become_root(True);
smb_pass = getsampwuid(rid);
sam_pass = getsam21pwrid(rid);
unbecome_root(True);
if (smb_pass == NULL)
if (sam_pass == NULL)
{
return False;
}
DEBUG(3,("User:[%s]\n", smb_pass->smb_name));
DEBUG(3,("User:[%s]\n", sam_pass->smb_name));
dummy_time.low = 0xffffffff;
dummy_time.high = 0x7fffffff;
pstrcpy(samlogon_user, smb_pass->smb_name);
DEBUG(0,("get_user_info_21 - TODO: convert unix times to NTTIMEs\n"));
if (samlogon_user[strlen(samlogon_user)-1] != '$')
{
if (!name_to_rid(samlogon_user, &r_uid, &r_gid))
{
return False;
}
/* XXXX hack to get standard_sub_basic() to use sam logon username */
/* possibly a better way would be to do a become_user() call */
sam_logon_in_ssb = True;
pstrcpy(full_name , "<Full Name>");
pstrcpy(logon_script , lp_logon_script ());
pstrcpy(profile_path , lp_logon_path ());
pstrcpy(home_drive , lp_logon_drive ());
pstrcpy(home_dir , lp_logon_home ());
pstrcpy(description , "<Description>");
pstrcpy(workstations , "");
pstrcpy(unknown_str , "");
pstrcpy(munged_dialin, "");
sam_logon_in_ssb = False;
}
else
{
r_uid = smb_pass->smb_userid;
r_gid = DOMAIN_GROUP_RID_USERS;
pstrcpy(samlogon_user, smb_pass->smb_name);
pstrcpy(full_name , "");
pstrcpy(logon_script , "");
pstrcpy(profile_path , "");
pstrcpy(home_drive , "");
pstrcpy(home_dir , "");
pstrcpy(description , "");
pstrcpy(workstations , "");
pstrcpy(unknown_str , "");
pstrcpy(munged_dialin, "");
}
hrs.len = 21;
/* create a LOGON_HRS structure */
hrs.len = sam_pass->hours_len;
for (i = 0; i < hrs.len; i++)
{
hrs.hours[i] = 0xff;
hrs.hours[i] = sam_pass->hours[i];
}
make_sam_user_info21(id21,
&dummy_time, /* logon_time */
@ -966,26 +893,26 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid)
&dummy_time, /* pass_can_change_time */
&dummy_time, /* pass_must_change_time */
samlogon_user, /* user_name */
full_name, /* full_name */
home_dir, /* home_dir */
home_drive, /* dir_drive */
logon_script, /* logon_script */
profile_path, /* profile_path */
description, /* description */
workstations, /* workstations user can log in from */
unknown_str, /* don't know, yet */
munged_dialin, /* dialin info. contains dialin path and tel no */
sam_pass->smb_name, /* user_name */
sam_pass->full_name, /* full_name */
sam_pass->home_dir, /* home_dir */
sam_pass->dir_drive, /* dir_drive */
sam_pass->logon_script, /* logon_script */
sam_pass->profile_path, /* profile_path */
sam_pass->acct_desc, /* description */
sam_pass->workstations, /* workstations user can log in from */
sam_pass->unknown_str, /* don't know, yet */
sam_pass->munged_dial, /* dialin info. contains dialin path and tel no */
r_uid, /* RID user_id */
r_gid, /* RID group_id */
smb_pass->acct_ctrl,
sam_pass->user_rid, /* RID user_id */
sam_pass->group_rid, /* RID group_id */
sam_pass->acct_ctrl,
0x00ffffff, /* unknown_3 */
168, /* divisions per week */
sam_pass->unknown_3, /* unknown_3 */
sam_pass->logon_divs, /* divisions per week */
&hrs, /* logon hours */
0x00020000,
0x000004ec);
sam_pass->unknown_5,
sam_pass->unknown_6);
return True;
}
@ -1044,11 +971,7 @@ static void samr_reply_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u,
case 21:
{
info = (void*)&id21;
#ifdef USE_LDAP
status = ldap_get_user_info_21(&id21, rid) ? 0 : NT_STATUS_NO_SUCH_USER;
#else /* USE_LDAP */
status = get_user_info_21(&id21, rid) ? 0 : NT_STATUS_NO_SUCH_USER;
#endif /* USE_LDAP */
break;
}