1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

190 Commits

Author SHA1 Message Date
Gerald Carter
14067f9c9c combined 2 if statments which used the same condition
-- jerry
(This used to be commit 445fd1dbd8)
2000-11-21 06:05:08 +00:00
Gerald Carter
9fede0dc0d Large commit which restructures the local password storage API.
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+)
are broken, but they were somewhat broken before. :)

The following functions implement the storage manipulation interface

/*The following definitions come from  passdb/pdb_smbpasswd.c  */

BOOL pdb_setsampwent (BOOL update);
void pdb_endsampwent (void);
SAM_ACCOUNT* pdb_getsampwent (void);
SAM_ACCOUNT* pdb_getsampwnam (char *username);
SAM_ACCOUNT* pdb_getsampwuid (uid_t uid);
SAM_ACCOUNT* pdb_getsampwrid (uint32 rid);
BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass);
BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override);
BOOL pdb_delete_sam_account (char* username);

There is also a host of pdb_set..() and pdb_get..() functions for
manipulating SAM_ACCOUNT struct members.  Note that the struct
passdb_ops {} has gone away.  Also notice that struct smb_passwd
(formally in smb.h) has been moved to passdb/pdb_smbpasswd.c
and is not accessed outisde of static internal functions in this
file.  All local password searches should make use of the the SAM_ACCOUNT
struct and the previously mentioned functions.

I'll write some documentation for this later.  The next step is to fix
the TDB passdb backend, then work on spliting the backends out into
share libraries, and finally get the LDAP backend going.

What works and may not:

	o domain logons from Win9x 	works
	o domain logons from WinNT 4	works
	o user and group enumeration
		as implemented by Tim	works
	o file and print access		works
	o changing password from
		Win9x & NT		ummm...i'll fix this tonight :)

If I broke anything else, just yell and I'll fix it.  I think it
should be fairly quite.





-- jerry
(This used to be commit 0b92d0838e)
2000-11-13 23:03:34 +00:00
Tim Potter
7c4c781df2 Remove duplicate group initialisation function.
Don't initialise groups twice.
(This used to be commit 5375261152)
2000-10-11 04:54:01 +00:00
Jeremy Allison
56d514235e Fix for null passwords being allowed bug.
Jeremy.
(This used to be commit d4d5548839)
2000-10-05 22:51:57 +00:00
Jeremy Allison
7ec53a14b1 With John Reilly help tracking it down - fixed a *nasty* bug when
authorising logins. If a user connected to a share as guest, then
the snum was getting flagged as "force guest", meaning that all
subsequent connections to it, even under a different vuid, would
be bounced to guest.
This explains several very hard to reproduce access denied bugs,
and as the NT client also has bugs in that it will sometimes
erroneously use guest instead of the correct vuid on an IPC$
connection lead to a *very* hard problem to find.
This fix should be propagated into all branches (TNG/Applience
take note) and I'll also make a separate patch availalble on the
samba-technical list.
Jeremy.
(This used to be commit 0264fdafe9)
2000-09-12 19:51:38 +00:00
Tim Potter
45d30f72ff Hopefully this should fix the primary group permission problem.
(This used to be commit 2f33ec41ac)
2000-09-07 08:43:05 +00:00
Jeremy Allison
a1f66a820d Fix for the SID history problem when using a Win2k domain controller
with security=domain. Also fixed to dynamically allocate the SIDs and GIDs.
Jeremy.
(This used to be commit 2b1f66eb82)
2000-09-06 01:06:39 +00:00
Jeremy Allison
7d93eb3483 smbd/password.c: Fixed typo in Tim's new code that caused insure overrun error.
smbd/reply.c: Fixed lowercasing UNIX character set problem.
Jeremy.
(This used to be commit 2b6e3ed7a6)
2000-08-28 20:45:00 +00:00
Tim Potter
66cc9787ef Merge bug - still getting used to dirdiff.
(This used to be commit cb717b4a2b)
2000-08-28 07:25:18 +00:00
Tim Potter
d12f3fea75 Merge from appliance branch.
(This used to be commit 567b0095b1)
2000-08-28 06:46:53 +00:00
Jeremy Allison
04de6d0258 Found the sec_ctx_stack overflow - a become_root() should have been an
unbecome_root() - typo.
Jeremy.
(This used to be commit ebb160663e)
2000-08-08 23:49:26 +00:00
Jeremy Allison
06e4f11acd Fixed up the user/group contexts when using authenticated pipes.
Added a become_root()/unbecome_root() (push/pop security context)
around the initgroups() call to ensure it would succeed. Hmmm - I
wonder if this call being done as non-root might explain any "group access"
bugs we've had in the past....
Jeremy.
(This used to be commit 06a65972e8)
2000-08-04 00:59:09 +00:00
Jeremy Allison
f87399915b Added an NT_USER_TOKEN structure that is copied/passed around associated
with the current user. This will allow se_access_check() to quickly do
a SD check without having to translate uid/gid's to SIDs.
Still needs work on pipe calls.
Jeremy.
(This used to be commit e28d01b744)
2000-08-03 22:38:43 +00:00
Jeremy Allison
17dcd9a834 Started to canonicalize our handling of uid -> sid code in order to
get ready and fix se_access_check().
Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid()
functions that look via winbind first the fall back on local lookup.

All Samba should use these rather than trying to call winbindd code
directly.

Added NT_USER_TOKEN struct in user_struct, contains list of NT sids
associated with this user.

se_access_check() should use this (cached) value rather than attempting
to do the same thing itself when given a uid/gid pair.

More work needs to be done to preserve these things accross security
context changes (especially with the tricky pipe problem) but I'm
beginning to see how this will be done..... probably by registering
a new vuid for an authenticated RPC pipe and not treating the
pipe calls specially.

More thoughts needed - but we're almost there...

Jeremy.
(This used to be commit 5e5cc6efe2)
2000-08-02 02:11:55 +00:00
Jeremy Allison
7f36df301e Tidyup removing many of the 0xC0000000 | NT_STATUS_XXX stuff (only need NT_STATUS_XXX).
Removed IS_BITS_xxx macros as they were just reproducing "C" syntax in a more
obscure way.
Jeremy.
(This used to be commit c55bcec817)
2000-08-01 18:32:34 +00:00
Tim Potter
5af35320a9 Spelling fixes.
(This used to be commit c1d242f1dd)
2000-07-10 04:57:09 +00:00
Tim Potter
2a1dbb0acd Delete OriginalDir stuff.
(This used to be commit 3d0f1845c8)
2000-06-23 05:57:48 +00:00
Tim Potter
31e83abd3d ZERO_STRUCT() of info3 structure before using it.
(This used to be commit efe7f818c9)
2000-06-14 01:48:08 +00:00
Jeremy Allison
03e0164270 Luke, I am moving the code back into passdb/passdb.c, this the correct
place to do this, not in smbd/passwd.c

Please don't change this without asking first, I have run this past
Andrew so talk to him (I'm on vacation next week).

I also removed the g_newXXX macros. There are essentially a private C extension,
not used anywhere else in the code, and add no functionality over malloc(XX)
and make the code harder to understand (everyone knows what malloc does).

Jeremy.
(This used to be commit e1b1b6fb67)
2000-06-09 18:45:31 +00:00
Luke Leighton
979f509e74 free NET_USER_INFO_3 gids when vuser invalidated.
(This used to be commit 2f056c2aad)
2000-06-09 03:30:54 +00:00
Luke Leighton
ad98207f54 dynamic allocation of NET_USER_INFO_3 gids.
jeremy, the intent is to call se_access_check() with usr-sid, grp-sid,
array-of-group-rids (but array-of-group-sids would do).

please do look at smbd/lanman.c's api_NetWkstaGetInfo, it will show you
that we really do need to store the entire NET_USER_INFO_3 structure.

then again, api_NetWkstaGetInfo is only used by win9x so who cares :)
(This used to be commit bd34f65239)
2000-06-09 03:00:34 +00:00
Luke Leighton
c3487b00dd reverted jeremy's changes that removed NET_USER_INFO_3. will you please
not just undercut work in progress, thank you.
(This used to be commit 86d440a88c)
2000-06-09 01:26:42 +00:00
Jeremy Allison
28555ec92e include/smb.h: Removed NET_USER_3 struct from user struct. It doesn't belong there (yet)
as there is no infrastructure for it. Replaced it with a dynamic array
				of group SIDs plus a user.
passdb/passdb.c: Added setup_user_sids() function. This is where the lookup should be done,
				eventually calling winbind.
smbd/password.c: Changed to call setup_user_sids(). Removed spurious DEBUG(0) statements.
smbd/reply.c: Removed extra parameter to register_vuid().

Jeremy.
(This used to be commit 425f4ad9a5)
2000-06-08 17:50:19 +00:00
Luke Leighton
84d40095e1 added a NET_USER_INFO_3 struct to user_struct.
register_vuid fills it with constructed info.
(This used to be commit b1889e4334)
2000-06-08 13:56:07 +00:00
Andrew Tridgell
da44845a09 moved secrets fns into secrets.c
(This used to be commit f890bcf067)
2000-06-03 06:22:19 +00:00
Andrew Tridgell
7f2b42abec got rid of lp_revalidate()
(This used to be commit 8dea95e62c)
2000-05-24 06:36:10 +00:00
Andrew Tridgell
479c73559e use "winbind separator" option for domain/user separator character
(This used to be commit 6cbb826b15)
2000-05-12 06:30:45 +00:00
Andrew Tridgell
ebd73f37a2 use our primary domain trust account for trusted domain authentication
(This used to be commit db90a4b960)
2000-05-12 05:07:26 +00:00
Andrew Tridgell
43a3faab08 - changed smb_getpwnam() to use winbind style usernames
- finished ntdom -> winbind rename in head
(This used to be commit ada483cb56)
2000-05-10 14:48:33 +00:00
Andrew Tridgell
a71d9b291c treat a blank "password server =" line as a "*" if in domain security
(This used to be commit 5a617c013c)
2000-05-10 13:21:32 +00:00
Andrew Tridgell
49a0e6d598 more merging voodoo
this adds "#define OLD_NTDOMAIN 1" in lots of places. Don't panic -
this isn't permanent, it should go after another few merge steps have
been done
(This used to be commit 92109d7b3c)
2000-05-10 10:41:59 +00:00
Andrew Tridgell
4c061ca15c - use smb_gwtpwnam() in another couple of places
- don't call add/del user if the scripts are empty
(This used to be commit 43860215d4)
2000-05-09 15:09:52 +00:00
Andrew Tridgell
2958dfcdf8 added secrets.tdb and changed storage of trust account password to use
it
(This used to be commit 88ad00b82a)
2000-05-08 10:42:21 +00:00
Andrew Tridgell
f6844e0b7e a minimal change to get appliance mode to work with winbindd
we needed to accept usernames of the form DOMAIN/user, which means we
needed to pass the domain to a getpwnam() like routine in certain
critical spots.

What I'd rather do is get rid of "char *user" everywhere and use the
new userdom_struct, but that will have to wait a few days.
(This used to be commit 8b7a10febe)
2000-05-04 16:01:47 +00:00
Andrew Tridgell
f3a861e04e - use full_name instead of real_name
- got rid of guest map code in lpq parser
(This used to be commit 8e53f781d3)
2000-05-04 07:59:34 +00:00
Jeremy Allison
99352a0986 Insure uninitialized memory read fixes.
Jeremy.
(This used to be commit 577ddbfbec)
2000-05-03 02:24:01 +00:00
Andrew Tridgell
32d5416b6a split the username in the vuser structure into a separate
userdom_struct. As the name implies this also contains a domain
(unused at the moment).

This will be important shortly, as operation in appliance mode needs
the domain to be always carried with the username.
(This used to be commit ee8546342d)
2000-05-02 13:55:42 +00:00
Jeremy Allison
693ffb8466 Added sys_fork() and sys_getpid() functions to stop the overhead
of doing a system call every time we want to just get our pid.
Jeremy.
(This used to be commit 148628b616)
2000-05-02 02:23:41 +00:00
Andrew Tridgell
8d7e498db1 converted a couple more functions to use a fd instead of a FILE*
added a new utility fn file_lines_slashcont() which is used to handle
files that treat a \ followed by a newline as a blank
(This used to be commit 384ecd9d66)
2000-04-16 11:17:19 +00:00
Andrew Tridgell
2fa922611b finally got sick of the "extern int Client" code and the stupid
assumption that we have one socket everywhere

while doing so I discovered a few bugs!

1) the clientgen session retarget code if used from smbd or nmbd would
cause a crash as it called close_sockets() which closed our main
socket! fixed by removing close_sockets() completely - it is unnecessary

2) the caching in client_addr() and client_name() was bogus - it could
easily get fooled and give the wrong result. fixed.

3) the retarget could could recurse, allowing an easy denial of
service attack on nmbd. fixed.
(This used to be commit 5937ab14d2)
2000-04-11 13:55:53 +00:00
Luke Leighton
83ee9372fc you know, when you do a cvs commit, you _really_ expect it to actually work.
this explains why j-f wasn't happy.
(This used to be commit c51e38214a)
2000-03-10 18:10:10 +00:00
Jeremy Allison
3cf31a194f Added replacement functions sys_popen and sys_pclose. These are based
on the glibc source code and are safer than the traditional popen as
they don't use a shell to exec the requested command. Now we have
these functions they can be tightened up (environment etc.) as required
to make a safe popen. It should now be safe to add the environement
variable loading code to loadparm.c
Jeremy.
(This used to be commit b52e92b09d)
2000-02-15 19:36:47 +00:00
Andrew Tridgell
171da4d787 this looks like a big commit, but it isn't really :)
This fixes our netbios scope handling. We now have a 'netbios scope' option
in smb.conf and the scope option is removed from make_nmb_name()

this was prompted by a bug in our PDC finding code where it didn't append
the scope to the query of the '*' name.
(This used to be commit b563be824b)
2000-01-07 06:55:36 +00:00
Jeremy Allison
7434c1aabd Fixed getgrent() recurse problem.
Jeremy.
(This used to be commit b5420f6152)
2000-01-04 01:01:27 +00:00
Andrew Tridgell
632b4f806e added suppport for unexpected udp/138 packets
I also fixed up the lookup_pdc_name() code so that it now works, even
with a NT server that insists on replying to udp/138.

The method I used to match packets was to use the mailslot string as a
datagram ID. The true dgm_id doesn't work as NT doesn't set it
correctly. uggh.

PS: Jeremy, I had to change your code quite a bit, are you sure this
worked with a Samba PDC?? The code looked broken, it got the offsets
wrong in the SMB portion of the packet and filled in the IP
incorrectly.
(This used to be commit 32f66f4ea6)
2000-01-03 06:30:50 +00:00
Andrew Tridgell
3db52feb1f first pass at updating head branch to be to be the same as the SAMBA_2_0 branch
(This used to be commit 453a822a76)
1999-12-13 13:27:58 +00:00
Luke Leighton
f6276724ba changed function name of get_home_dir() to get_unixhome_dir(), to stop
clash with gnu readline library.

fixed issue with [homes] service not being there - call lp_add_home()
just before starting the msrpc processing.
(This used to be commit 054195df9b)
1999-12-12 21:00:35 +00:00
Luke Leighton
4f8a24522c final part of "first" phase converting over to msrpc daemon architecture.
done a minimal amout of clean-up in the Makefile, removing unnecessary
modules from the link stage.  this is not complete, yet, and will
involve some changes, for example to smbd, to remove dependencies on
the password database API that shouldn't be there.  for example,
smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa
API.

this first implementation has minor problems with not reinstantiating
the same services as the caller.  the "homes" service is a good example.
(This used to be commit caa5052522)
1999-12-12 20:03:42 +00:00
Luke Leighton
0ce128e355 delineation between smb and msrpc more marked. smbd now constructs
pdus, and then feeds them over either a "local" function call or a "remote"
function call to an msrpc service.  the "remote" msrpc daemon, on the
other side of a unix socket, then calls the same "local" function that
smbd would, if the msrpc service were being run from inside smbd.

this allows a transition from local msrpc services (inside the same smbd
process) to remote (over a unix socket).

removed reference to pipes_struct in msrpc services.  all msrpc processing
functions take rpcsrv_struct which is a structure containing state info
for the msrpc functions to decode and create pdus.

created become_vuser() which does everything not related to connection_struct
that become_user() does.

removed, as best i could, connection_struct dependencies from the nt spoolss
printing code.

todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific
info on a per-connection basis, and if the connection dies then so does
the info, and that's a fairly serious problem.

had to put pretty much everything that is in user_struct into parse_creds.c
to feed unix user info over to the msrpc daemons.  why?  because it's
expensive to do unix password/group database lookups, and it's definitely
expensive to do nt user profile lookups, not to mention pretty difficult
and if you did either of these it would introduce a complication /
unnecessary interdependency.  so, send uid/gid/num_groups/gid_t* +
SID+num_rids+domain_group_rids* + unix username + nt username + nt domain
+ user session key etc.  this is the MINIMUM info identified so far that's
actually implemented.  missing bits include the called and calling
netbios names etc.  (basically, anything that can be loaded into
standard_sub() and standard_sub_basic()...)
(This used to be commit aa3c659a8d)
1999-12-12 01:25:49 +00:00
Luke Leighton
a0ba234cf9 the first independent msrpc daemon - lsarpcd.
one horrible cut / paste job from smbd, plus a code split of shared
components between the two.

the job is not _yet_ complete, as i need to be able to do a become_user()
call for security reasons.  i picked lsarpcd first because you don't
_need_ security on it (microsoft botched so badly on this one, it's not
real.  at least they fixed this in nt5 with restrictanonymous=0x2).
fixing this involves sending the current smb and unix credentials down
the unix pipe so that the daemon it eventually goes to can pick them
up at the other end.

i can't believe this all worked!!!
(This used to be commit 2245b0c6d1)
1999-12-06 00:44:32 +00:00