r13576: This is the beginnings of moving the SAM_ACCOUNT data structure

to make full use of the new talloc() interface.  Discussed with Volker
and Jeremy.

* remove the internal mem_ctx and simply use the talloc()
  structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
  upcoming changes.  Groups will most likely be replaced with a
  'struct samg' in the future.

Note that there are now passbd API changes.  And for the most
part, the wrapper functions remain the same.

While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs.  The code also needs more testing under valgrind to
ensure it's not leaking memory.

But it's a start......
(This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)

5 files changed, 55 insertions, 54 deletions

diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index 6dc30383d5..5329e736ff 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -196,7 +196,7 @@ static BOOL check_domain_match(const char *user, const char *domain)
  *                  function auth_get_challenge().  
  *
  * @param server_info If successful, contains information about the authentication, 
- *                    including a SAM_ACCOUNT struct describing the user.
+ *                    including a struct samu struct describing the user.
  *
  * @return An NTSTATUS with NT_STATUS_OK or an appropriate error.
  *
diff --git a/source3/auth/auth_rhosts.c b/source3/auth/auth_rhosts.c
index e310fa80fd..7068fa2e88 100644
--- a/source3/auth/auth_rhosts.c
+++ b/source3/auth/auth_rhosts.c
@@ -24,16 +24,17 @@
 #define DBGC_CLASS DBGC_AUTH
 
 /****************************************************************************
- Create a SAM_ACCOUNT - either by looking in the pdb, or by faking it up from
+ Create a struct samu - either by looking in the pdb, or by faking it up from
  unix info.
 ****************************************************************************/
 
-static NTSTATUS auth_get_sam_account(const char *user, SAM_ACCOUNT **account) 
+static NTSTATUS auth_get_sam_account(const char *user, struct samu **account) 
 {
 	BOOL pdb_ret;
 	NTSTATUS nt_status;
-	if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(account))) {
-		return nt_status;
+
+	if ( !(*account = samu_new( NULL )) ) {
+		return NT_STATUS_NO_MEMORY;
 	}
 	
 	become_root();
@@ -161,7 +162,7 @@ static BOOL check_user_equiv(const char *user, const char *remote, const char *e
 check for a possible hosts equiv or rhosts entry for the user
 ****************************************************************************/
 
-static BOOL check_hosts_equiv(SAM_ACCOUNT *account)
+static BOOL check_hosts_equiv(struct samu *account)
 {
 	uid_t uid;
 	char *fname = NULL;
@@ -191,7 +192,7 @@ static NTSTATUS check_hostsequiv_security(const struct auth_context *auth_contex
 					  auth_serversupplied_info **server_info)
 {
 	NTSTATUS nt_status;
-	SAM_ACCOUNT *account = NULL;
+	struct samu *account = NULL;
 	if (!NT_STATUS_IS_OK(nt_status = 
 			     auth_get_sam_account(user_info->internal_username,
 						  &account))) {
@@ -203,10 +204,10 @@ static NTSTATUS check_hostsequiv_security(const struct auth_context *auth_contex
 	if (check_hosts_equiv(account)) {
 		nt_status = make_server_info_sam(server_info, account);
 		if (!NT_STATUS_IS_OK(nt_status)) {
-			pdb_free_sam(&account);
+			TALLOC_FREE(account);
 		}
 	} else {
-		pdb_free_sam(&account);
+		TALLOC_FREE(account);
 		nt_status = NT_STATUS_NOT_IMPLEMENTED;
 	}
 
@@ -237,7 +238,7 @@ static NTSTATUS check_rhosts_security(const struct auth_context *auth_context,
 				      auth_serversupplied_info **server_info)
 {
 	NTSTATUS nt_status;
-	SAM_ACCOUNT *account = NULL;
+	struct samu *account = NULL;
 	pstring rhostsfile;
 	const char *home;
 	
@@ -257,14 +258,14 @@ static NTSTATUS check_rhosts_security(const struct auth_context *auth_context,
 		if (check_user_equiv(pdb_get_username(account),client_name(),rhostsfile)) {
 			nt_status = make_server_info_sam(server_info, account);
 			if (!NT_STATUS_IS_OK(nt_status)) {
-				pdb_free_sam(&account);
+				TALLOC_FREE(account);
 			}
 		} else {
-			pdb_free_sam(&account);
+			TALLOC_FREE(account);
 		}
 		unbecome_root();
 	} else {
-		pdb_free_sam(&account);
+		TALLOC_FREE(account);
 		nt_status = NT_STATUS_NOT_IMPLEMENTED;
 	}
 	
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index 2ab42f7e11..6f8ca387d2 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -35,7 +35,7 @@ extern struct timeval smb_last_time;
 
 static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 				TALLOC_CTX *mem_ctx,
-				SAM_ACCOUNT *sampass, 
+				struct samu *sampass, 
 				const auth_usersupplied_info *user_info, 
 				DATA_BLOB *user_sess_key, 
 				DATA_BLOB *lm_sess_key)
@@ -73,7 +73,7 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
  bitmask.
 ****************************************************************************/
                                                                                                               
-static BOOL logon_hours_ok(SAM_ACCOUNT *sampass)
+static BOOL logon_hours_ok(struct samu *sampass)
 {
 	/* In logon hours first bit is Sunday from 12AM to 1AM */
 	const uint8 *hours;
@@ -108,12 +108,12 @@ static BOOL logon_hours_ok(SAM_ACCOUNT *sampass)
 }
 
 /****************************************************************************
- Do a specific test for a SAM_ACCOUNT being vaild for this connection 
+ Do a specific test for a struct samu being vaild for this connection 
  (ie not disabled, expired and the like).
 ****************************************************************************/
 
 static NTSTATUS sam_account_ok(TALLOC_CTX *mem_ctx,
-			       SAM_ACCOUNT *sampass, 
+			       struct samu *sampass, 
 			       const auth_usersupplied_info *user_info)
 {
 	uint16	acct_ctrl = pdb_get_acct_ctrl(sampass);
@@ -236,7 +236,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
 				   const auth_usersupplied_info *user_info, 
 				   auth_serversupplied_info **server_info)
 {
-	SAM_ACCOUNT *sampass=NULL;
+	struct samu *sampass=NULL;
 	BOOL ret;
 	NTSTATUS nt_status;
 	NTSTATUS update_login_attempts_status;
@@ -263,7 +263,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
 	if (ret == False) {
 		DEBUG(3,("check_sam_security: Couldn't find user '%s' in "
 			 "passdb.\n", user_info->internal_username));
-		pdb_free_sam(&sampass);
+		TALLOC_FREE(sampass);
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
@@ -301,7 +301,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
 		}
 		data_blob_free(&user_sess_key);
 		data_blob_free(&lm_sess_key);
-		pdb_free_sam(&sampass);
+		TALLOC_FREE(sampass);
 		return nt_status;
 	}
 
@@ -322,7 +322,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
 	nt_status = sam_account_ok(mem_ctx, sampass, user_info);
 
 	if (!NT_STATUS_IS_OK(nt_status)) {
-		pdb_free_sam(&sampass);
+		TALLOC_FREE(sampass);
 		data_blob_free(&user_sess_key);
 		data_blob_free(&lm_sess_key);
 		return nt_status;
@@ -334,7 +334,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
 
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		DEBUG(0,("check_sam_security: make_server_info_sam() failed with '%s'\n", nt_errstr(nt_status)));
-		pdb_free_sam(&sampass);
+		TALLOC_FREE(sampass);
 		data_blob_free(&user_sess_key);
 		data_blob_free(&lm_sess_key);
 		return nt_status;
diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c
index df0703d348..1d29389716 100644
--- a/source3/auth/auth_unix.c
+++ b/source3/auth/auth_unix.c
@@ -30,7 +30,7 @@
  **/
 static BOOL update_smbpassword_file(const char *user, const char *password)
 {
-	SAM_ACCOUNT 	*sampass = NULL;
+	struct samu 	*sampass = NULL;
 	BOOL            ret;
 	
 	pdb_init_sam(&sampass);
@@ -41,7 +41,7 @@ static BOOL update_smbpassword_file(const char *user, const char *password)
 
 	if(ret == False) {
 		DEBUG(0,("pdb_getsampwnam returned NULL\n"));
-		pdb_free_sam(&sampass);
+		TALLOC_FREE(sampass);
 		return False;
 	}
 
@@ -50,12 +50,12 @@ static BOOL update_smbpassword_file(const char *user, const char *password)
 	 * users password from a login.
 	 */
 	if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED, PDB_CHANGED)) {
-		pdb_free_sam(&sampass);
+		TALLOC_FREE(sampass);
 		return False;
 	}
 
 	if (!pdb_set_plaintext_passwd (sampass, password)) {
-		pdb_free_sam(&sampass);
+		TALLOC_FREE(sampass);
 		return False;
 	}
 
@@ -70,7 +70,7 @@ static BOOL update_smbpassword_file(const char *user, const char *password)
 		DEBUG(3,("pdb_update_sam_account returned %d\n",ret));
 	}
 
-	pdb_free_sam(&sampass);
+	TALLOC_FREE(sampass);
 	return ret;
 }
 
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 3e7c520fc5..7e6ab021b4 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -514,7 +514,7 @@ static int server_info_dtor(void *p)
 		talloc_get_type_abort(p, auth_serversupplied_info);
 
 	if (server_info->sam_account != NULL) {
-		pdb_free_sam(&server_info->sam_account);
+		TALLOC_FREE(server_info->sam_account);
 	}
 
 	ZERO_STRUCTP(server_info);
@@ -547,11 +547,11 @@ static auth_serversupplied_info *make_server_info(TALLOC_CTX *mem_ctx)
 }
 
 /***************************************************************************
- Make (and fill) a user_info struct from a SAM_ACCOUNT
+ Make (and fill) a user_info struct from a struct samu
 ***************************************************************************/
 
 NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info, 
-			      SAM_ACCOUNT *sampass)
+			      struct samu *sampass)
 {
 	NTSTATUS status;
 	struct passwd *pwd;
@@ -949,7 +949,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
 
 		/* This is a passdb user, so ask passdb */
 
-		SAM_ACCOUNT *sam_acct = NULL;
+		struct samu *sam_acct = NULL;
 
 		result = pdb_init_sam_talloc(tmp_ctx, &sam_acct);
 		if (!NT_STATUS_IS_OK(result)) {
@@ -1086,7 +1086,7 @@ BOOL user_in_group(const char *username, const char *groupname)
 
 /***************************************************************************
  Make (and fill) a user_info struct from a Kerberos PAC logon_info by
- conversion to a SAM_ACCOUNT
+ conversion to a struct samu
 ***************************************************************************/
 
 NTSTATUS make_server_info_pac(auth_serversupplied_info **server_info, 
@@ -1095,7 +1095,7 @@ NTSTATUS make_server_info_pac(auth_serversupplied_info **server_info,
 			      PAC_LOGON_INFO *logon_info)
 {
 	NTSTATUS status;
-	SAM_ACCOUNT *sampass = NULL;
+	struct samu *sampass = NULL;
 	DOM_SID user_sid, group_sid;
 	fstring dom_name;
 	auth_serversupplied_info *result;
@@ -1108,7 +1108,7 @@ NTSTATUS make_server_info_pac(auth_serversupplied_info **server_info,
 
 	result = make_server_info(NULL);
 	if (result == NULL) {
-		pdb_free_sam(&sampass);
+		TALLOC_FREE(sampass);
 		return NT_STATUS_NO_MEMORY;
 	}
 
@@ -1145,7 +1145,7 @@ NTSTATUS make_server_info_pac(auth_serversupplied_info **server_info,
 
 /***************************************************************************
  Make (and fill) a user_info struct from a 'struct passwd' by conversion 
- to a SAM_ACCOUNT
+ to a struct samu
 ***************************************************************************/
 
 NTSTATUS make_server_info_pw(auth_serversupplied_info **server_info, 
@@ -1153,7 +1153,7 @@ NTSTATUS make_server_info_pw(auth_serversupplied_info **server_info,
 			     struct passwd *pwd)
 {
 	NTSTATUS status;
-	SAM_ACCOUNT *sampass = NULL;
+	struct samu *sampass = NULL;
 	gid_t *gids;
 	auth_serversupplied_info *result;
 	
@@ -1166,7 +1166,7 @@ NTSTATUS make_server_info_pw(auth_serversupplied_info **server_info,
 	result = make_server_info(NULL);
 
 	if (!NT_STATUS_IS_OK(status)) {
-		pdb_free_sam(&sampass);
+		TALLOC_FREE(sampass);
 		return status;
 	}
 
@@ -1206,7 +1206,7 @@ NTSTATUS make_server_info_pw(auth_serversupplied_info **server_info,
 static NTSTATUS make_new_server_info_guest(auth_serversupplied_info **server_info)
 {
 	NTSTATUS status;
-	SAM_ACCOUNT *sampass = NULL;
+	struct samu *sampass = NULL;
 	DOM_SID guest_sid;
 	BOOL ret;
 	static const char zeros[16];
@@ -1225,13 +1225,13 @@ static NTSTATUS make_new_server_info_guest(auth_serversupplied_info **server_inf
 	unbecome_root();
 
 	if (!ret) {
-		pdb_free_sam(&sampass);
+		TALLOC_FREE(sampass);
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
 	status = make_server_info_sam(server_info, sampass);
 	if (!NT_STATUS_IS_OK(status)) {
-		pdb_free_sam(&sampass);
+		TALLOC_FREE(sampass);
 		return status;
 	}
 	
@@ -1311,7 +1311,7 @@ static NTSTATUS fill_sam_account(TALLOC_CTX *mem_ctx,
 				 const char *username,
 				 char **found_username,
 				 uid_t *uid, gid_t *gid,
-				 SAM_ACCOUNT **sam_account)
+				 struct samu **sam_account)
 {
 	NTSTATUS nt_status;
 	fstring dom_user, lower_username;
@@ -1453,7 +1453,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
 	const char *nt_domain;
 	const char *nt_username;
 
-	SAM_ACCOUNT *sam_account = NULL;
+	struct samu *sam_account = NULL;
 	DOM_SID user_sid;
 	DOM_SID group_sid;
 
@@ -1532,74 +1532,74 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
 	}
 		
 	if (!pdb_set_nt_username(sam_account, nt_username, PDB_CHANGED)) {
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	if (!pdb_set_username(sam_account, nt_username, PDB_CHANGED)) {
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	if (!pdb_set_domain(sam_account, nt_domain, PDB_CHANGED)) {
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	if (!pdb_set_user_sid(sam_account, &user_sid, PDB_CHANGED)) {
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
 	if (!pdb_set_group_sid(sam_account, &group_sid, PDB_CHANGED)) {
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 		
 	if (!pdb_set_fullname(sam_account,
 			      unistr2_static(&(info3->uni_full_name)), 
 			      PDB_CHANGED)) {
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	if (!pdb_set_logon_script(sam_account,
 				  unistr2_static(&(info3->uni_logon_script)),
 				  PDB_CHANGED)) {
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	if (!pdb_set_profile_path(sam_account,
 				  unistr2_static(&(info3->uni_profile_path)),
 				  PDB_CHANGED)) {
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	if (!pdb_set_homedir(sam_account,
 			     unistr2_static(&(info3->uni_home_dir)),
 			     PDB_CHANGED)) {
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	if (!pdb_set_dir_drive(sam_account,
 			       unistr2_static(&(info3->uni_dir_drive)),
 			       PDB_CHANGED)) {
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	result = make_server_info(NULL);
 	if (result == NULL) {
 		DEBUG(4, ("make_server_info failed!\n"));
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	/* save this here to _net_sam_logon() doesn't fail (it assumes a 
-	   valid SAM_ACCOUNT) */
+	   valid struct samu) */
 		   
 	result->sam_account = sam_account;
 	result->unix_name = talloc_strdup(result, found_username);