summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-07-05 10:39:41 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-07-05 10:39:41 +0000
commit85921dbd6fa417aa451ab9b6e88ecb7900333549 (patch)
tree8bdb5a575f2f9dc06d29480bbf5165e5bb8760c6
parenta3ddfa5069c9df07626135aa5fd2ec411c41943f (diff)
downloadsamba-85921dbd6fa417aa451ab9b6e88ecb7900333549.tar.gz
samba-85921dbd6fa417aa451ab9b6e88ecb7900333549.tar.bz2
samba-85921dbd6fa417aa451ab9b6e88ecb7900333549.zip
Add some debug statments to our vampire code - try to make it easier to track
down failures. Add a 'auto-add on modify' feature to guestsam Fix some segfault bugs on no-op idmap modifications, and on new idmappings that do not have a DN to tack onto. Make the 'private data' a bit more robust. Andrew Bartlett (This used to be commit 6c48309cda9538da5a32f3d88a7bb9c413ae9e8e)
-rw-r--r--source3/auth/auth_rhosts.c10
-rw-r--r--source3/include/passdb.h2
-rw-r--r--source3/passdb/pdb_get_set.c5
-rw-r--r--source3/passdb/pdb_guest.c16
-rw-r--r--source3/passdb/pdb_ldap.c16
-rw-r--r--source3/sam/idmap_ldap.c6
-rw-r--r--source3/utils/net_rpc_samsync.c6
7 files changed, 48 insertions, 13 deletions
diff --git a/source3/auth/auth_rhosts.c b/source3/auth/auth_rhosts.c
index e2c6f0b06a..fab2d551f2 100644
--- a/source3/auth/auth_rhosts.c
+++ b/source3/auth/auth_rhosts.c
@@ -162,11 +162,13 @@ static NTSTATUS check_hostsequiv_security(const struct auth_context *auth_contex
const auth_usersupplied_info *user_info,
auth_serversupplied_info **server_info)
{
- NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
+ NTSTATUS nt_status;
SAM_ACCOUNT *account = NULL;
if (!NT_STATUS_IS_OK(nt_status =
auth_get_sam_account(user_info->internal_username.str,
&account))) {
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER))
+ nt_status = NT_STATUS_NOT_IMPLEMENTED;
return nt_status;
}
@@ -174,6 +176,7 @@ static NTSTATUS check_hostsequiv_security(const struct auth_context *auth_contex
nt_status = make_server_info_sam(server_info, account);
} else {
pdb_free_sam(&account);
+ nt_status = NT_STATUS_NOT_IMPLEMENTED;
}
return nt_status;
@@ -202,7 +205,7 @@ static NTSTATUS check_rhosts_security(const struct auth_context *auth_context,
const auth_usersupplied_info *user_info,
auth_serversupplied_info **server_info)
{
- NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
+ NTSTATUS nt_status;
SAM_ACCOUNT *account = NULL;
pstring rhostsfile;
const char *home;
@@ -210,6 +213,8 @@ static NTSTATUS check_rhosts_security(const struct auth_context *auth_context,
if (!NT_STATUS_IS_OK(nt_status =
auth_get_sam_account(user_info->internal_username.str,
&account))) {
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER))
+ nt_status = NT_STATUS_NOT_IMPLEMENTED;
return nt_status;
}
@@ -226,6 +231,7 @@ static NTSTATUS check_rhosts_security(const struct auth_context *auth_context,
unbecome_root();
} else {
pdb_free_sam(&account);
+ nt_status = NT_STATUS_NOT_IMPLEMENTED;
}
return nt_status;
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index bf2fd6f6ce..e3077eee70 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -138,6 +138,8 @@ typedef struct sam_passwd
uint32 unknown_5; /* 0x0002 0000 */
uint32 unknown_6; /* 0x0000 04ec */
+ /* a tag for who added the private methods */
+ const struct pdb_methods *backend_private_methods;
void *backend_private_data;
void (*backend_private_data_free_fn)(void **);
} private;
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index e0b9f0e0ec..ba07a4e01c 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -332,7 +332,7 @@ uint32 pdb_get_unknown_6 (const SAM_ACCOUNT *sampass)
void *pdb_get_backend_private_data (const SAM_ACCOUNT *sampass, const struct pdb_methods *my_methods)
{
- if (sampass && my_methods == sampass->methods)
+ if (sampass && my_methods == sampass->private.backend_private_methods)
return sampass->private.backend_private_data;
else
return NULL;
@@ -1028,7 +1028,7 @@ BOOL pdb_set_backend_private_data (SAM_ACCOUNT *sampass, void *private_data,
return False;
/* does this backend 'own' this SAM_ACCOUNT? */
- if (my_methods != sampass->methods)
+ if (my_methods != sampass->private.backend_private_methods)
return False;
if (sampass->private.backend_private_data && sampass->private.backend_private_data_free_fn) {
@@ -1037,6 +1037,7 @@ BOOL pdb_set_backend_private_data (SAM_ACCOUNT *sampass, void *private_data,
sampass->private.backend_private_data = private_data;
sampass->private.backend_private_data_free_fn = free_fn;
+ sampass->private.backend_private_methods = my_methods;
return pdb_set_init_flags(sampass, PDB_BACKEND_PRIVATE_DATA, flag);
}
diff --git a/source3/passdb/pdb_guest.c b/source3/passdb/pdb_guest.c
index 359e2285a3..18a456b2e1 100644
--- a/source3/passdb/pdb_guest.c
+++ b/source3/passdb/pdb_guest.c
@@ -98,6 +98,21 @@ static NTSTATUS guestsam_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT
}
+/***************************************************************************
+ Updates a SAM_ACCOUNT
+
+ This isn't a particulary practical option for pdb_guest. We certainly don't
+ want to twidde the filesystem, so what should we do?
+
+ Current plan is to transparently add the account. It should appear
+ as if the pdb_unix version was modified, but its actually stored somehwere.
+ ****************************************************************************/
+
+static NTSTATUS guestsam_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
+{
+ return methods->parent->pdb_add_sam_account(methods->parent, newpwd);
+}
+
NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
@@ -115,6 +130,7 @@ NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, c
(*pdb_method)->getsampwnam = guestsam_getsampwnam;
(*pdb_method)->getsampwsid = guestsam_getsampwsid;
+ (*pdb_method)->update_sam_account = guestsam_update_sam_account;
/* we should do no group mapping here */
(*pdb_method)->getgrsid = pdb_nop_getgrsid;
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 140b87afb9..0d16a1a985 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -1528,6 +1528,8 @@ static int ldapsam_get_ldap_user_by_sid(struct ldapsam_privates *ldap_state,
{
int rc = -1;
char ** attr_list;
+ uint32 rid;
+
switch ( ldap_state->schema_ver )
{
case SCHEMAVER_SAMBASAMACCOUNT:
@@ -1540,8 +1542,6 @@ static int ldapsam_get_ldap_user_by_sid(struct ldapsam_privates *ldap_state,
break;
case SCHEMAVER_SAMBAACCOUNT:
- {
- uint32 rid;
if (!sid_peek_check_rid(&ldap_state->domain_sid, sid, &rid)) {
return rc;
}
@@ -1552,8 +1552,7 @@ static int ldapsam_get_ldap_user_by_sid(struct ldapsam_privates *ldap_state,
if ( rc != LDAP_SUCCESS )
return rc;
- }
- break;
+ break;
}
return rc;
}
@@ -1610,7 +1609,7 @@ static NTSTATUS ldapsam_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT
} else {
ldap_msgfree(result);
}
- return ret;
+ return NT_STATUS_NO_SUCH_USER;
}
/********************************************************************
@@ -1810,8 +1809,9 @@ static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, SAM_A
attr_list = get_userattr_list(ldap_state->schema_ver);
rc = ldapsam_search_suffix_by_name(ldap_state, pdb_get_username(newpwd), &result, attr_list );
free_attr_list( attr_list );
- if (rc != LDAP_SUCCESS)
+ if (rc != LDAP_SUCCESS) {
return NT_STATUS_UNSUCCESSFUL;
+ }
pdb_set_backend_private_data(newpwd, result, private_data_free_fn, my_methods, PDB_CHANGED);
}
@@ -1823,6 +1823,8 @@ static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, SAM_A
entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct, result);
dn = ldap_get_dn(ldap_state->smbldap_state->ldap_struct, entry);
+ DEBUG(4, ("user %s to be modified has dn: %s\n", pdb_get_username(newpwd), dn));
+
if (!init_ldap_from_sam(ldap_state, entry, &mods, newpwd,
element_is_changed)) {
DEBUG(0, ("ldapsam_update_sam_account: init_ldap_from_sam failed!\n"));
@@ -1926,7 +1928,7 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCO
}
}
- /* does the entry already exist but without a samba rttibutes?
+ /* does the entry already exist but without a samba attributes?
we need to return the samba attributes here */
escape_user = escape_ldap_string_alloc( username );
diff --git a/source3/sam/idmap_ldap.c b/source3/sam/idmap_ldap.c
index 56a289d8aa..ade88d9220 100644
--- a/source3/sam/idmap_ldap.c
+++ b/source3/sam/idmap_ldap.c
@@ -397,7 +397,7 @@ static NTSTATUS ldap_set_mapping_internals(const DOM_SID *sid, unid_t id,
int rc = -1;
int ldap_op;
fstring sid_string;
- char **values;
+ char **values = NULL;
int i;
sid_to_string( sid_string, sid );
@@ -424,7 +424,9 @@ static NTSTATUS ldap_set_mapping_internals(const DOM_SID *sid, unid_t id,
snprintf(id_str, sizeof(id_str), "%u", ((id_type & ID_USERID) ? id.uid : id.gid));
- values = ldap_get_values(ldap_state.smbldap_state->ldap_struct, entry, "objectClass");
+ if (entry)
+ values = ldap_get_values(ldap_state.smbldap_state->ldap_struct, entry, "objectClass");
+
if (values) {
BOOL found_idmap = False;
for (i=0; values[i]; i++) {
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c
index 881ea96db6..2831645550 100644
--- a/source3/utils/net_rpc_samsync.c
+++ b/source3/utils/net_rpc_samsync.c
@@ -414,6 +414,7 @@ fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta)
struct passwd *passwd;
unid_t id;
int u_type = ID_USERID | ID_QUERY_ONLY;
+ fstring sid_string;
fstrcpy(account, unistr2_static(&delta->uni_acct_name));
d_printf("Creating account: %s\n", account);
@@ -449,8 +450,11 @@ fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta)
sid_copy(&user_sid, get_global_sam_sid());
sid_append_rid(&user_sid, delta->user_rid);
+ DEBUG(3, ("Attempting to find SID %s for user %s in the passdb\n", sid_to_string(sid_string, &user_sid), account));
if (!pdb_getsampwsid(sam_account, &user_sid)) {
sam_account_from_delta(sam_account, delta);
+ DEBUG(3, ("Attempting to add user SID %s for user %s in the passdb\n",
+ sid_to_string(sid_string, &user_sid), pdb_get_username(sam_account)));
if (!pdb_add_sam_account(sam_account)) {
DEBUG(1, ("SAM Account for %s failed to be added to the passdb!\n",
account));
@@ -458,6 +462,8 @@ fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta)
}
} else {
sam_account_from_delta(sam_account, delta);
+ DEBUG(3, ("Attempting to update user SID %s for user %s in the passdb\n",
+ sid_to_string(sid_string, &user_sid), pdb_get_username(sam_account)));
if (!pdb_update_sam_account(sam_account)) {
DEBUG(1, ("SAM Account for %s failed to be updated in the passdb!\n",
account));