So here it is a non-intrusive patch with my latest work on gums (the

laternative to the current passdb).
Currently it is run through a comatibility module in the passdb layer, with
a subset of the functionality it may provide.
It is still work in progress, but as someone asked me about it, and as it
should make no difference to the normal code, I tought it was a good idea to
put it into.
It adds a dependency on perl. I know it is not very nice, but I'm sure we
will work out a solution for that.

As always blame me if I break something, but try to fix yourself, as I am
busy-busy-busy :-)

Simo.
(This used to be commit 7b3c94b5cfc1a9ceb430613353a937345f2eda74)

1 files changed, 97 insertions, 75 deletions

diff --git a/source3/include/gums.h b/source3/include/gums.h
index 789acc269f..9ce2ec4e56 100644
--- a/source3/include/gums.h
+++ b/source3/include/gums.h
@@ -24,14 +24,60 @@
 #define GUMS_VERSION_MAJOR	0
 #define GUMS_VERSION_MINOR	1
 #define GUMS_OBJECT_VERSION	1
+#define GUMS_INTERFACE_VERSION	1
 
-#define GUMS_OBJ_DOMAIN			1
-#define GUMS_OBJ_NORMAL_USER		2
-#define GUMS_OBJ_GROUP			3
-#define GUMS_OBJ_ALIAS			4
-#define GUMS_OBJ_WORKSTATION_TRUST	5
-#define GUMS_OBJ_SERVER_TRUST		6
-#define GUMS_OBJ_DOMAIN_TRUST		7
+#define GUMS_OBJ_DOMAIN			0x10
+#define GUMS_OBJ_NORMAL_USER		0x20
+#define GUMS_OBJ_GROUP			0x30
+#define GUMS_OBJ_ALIAS			0x31
+#define GUMS_OBJ_PRIVILEGE		0x40
+
+/* define value types */
+#define GUMS_SET_PRIMARY_GROUP		0x1
+#define GUMS_SET_SEC_DESC		0x2
+
+#define GUMS_SET_NAME			0x10
+#define GUMS_SET_DESCRIPTION		0x11
+#define GUMS_SET_FULL_NAME		0x12
+
+/* user specific type values */
+#define GUMS_SET_LOGON_TIME		0x20
+#define GUMS_SET_LOGOFF_TIME		0x21
+#define GUMS_SET_KICKOFF_TIME		0x23
+#define GUMS_SET_PASS_LAST_SET_TIME	0x24
+#define GUMS_SET_PASS_CAN_CHANGE_TIME	0x25
+#define GUMS_SET_PASS_MUST_CHANGE_TIME	0x26
+
+
+#define GUMS_SET_HOME_DIRECTORY		0x31
+#define GUMS_SET_DRIVE			0x32
+#define GUMS_SET_LOGON_SCRIPT		0x33
+#define GUMS_SET_PROFILE_PATH		0x34
+#define GUMS_SET_WORKSTATIONS		0x35
+#define GUMS_SET_UNKNOWN_STRING		0x36
+#define GUMS_SET_MUNGED_DIAL		0x37
+
+#define GUMS_SET_LM_PASSWORD		0x40
+#define GUMS_SET_NT_PASSWORD		0x41
+#define GUMS_SET_PLAINTEXT_PASSWORD	0x42
+#define GUMS_SET_UNKNOWN_3		0x43
+#define GUMS_SET_LOGON_DIVS		0x44
+#define GUMS_SET_HOURS_LEN		0x45
+#define GUMS_SET_HOURS			0x46
+#define GUMS_SET_BAD_PASSWORD_COUNT	0x47
+#define GUMS_SET_LOGON_COUNT		0x48
+#define GUMS_SET_UNKNOWN_6		0x49
+
+#define GUMS_SET_MUST_CHANGE_PASS	0x50
+#define GUMS_SET_CANNOT_CHANGE_PASS	0x51
+#define GUMS_SET_PASS_NEVER_EXPIRE	0x52
+#define GUMS_SET_ACCOUNT_DISABLED	0x53
+#define GUMS_SET_ACCOUNT_LOCKOUT	0x54
+
+/*group specific type values */
+#define GUMS_ADD_SID_LIST		0x60
+#define GUMS_DEL_SID_LIST		0x61
+#define GUMS_SET_SID_LIST		0x62
 
 typedef struct gums_user
 {
@@ -52,17 +98,18 @@ typedef struct gums_user
 	char *workstations;		/* login from workstations string */
 	char *unknown_str;		/* don't know what this is, yet. */
 	char *munged_dial;		/* munged path name and dial-back tel number */
-		
+
 	DATA_BLOB lm_pw; 		/* .data is Null if no password */
 	DATA_BLOB nt_pw; 		/* .data is Null if no password */
-		
-	uint32 unknown_3;		/* 0x00ff ffff */
-		
+
+	uint16 acct_ctrl;		/* account type & status flags */
 	uint16 logon_divs;		/* 168 - number of hours in a week */
 	uint32 hours_len;		/* normally 21 bytes */
 	uint8 *hours;
-		
-	uint32 unknown_5;		/* 0x0002 0000 */
+
+	uint16 bad_password_count;	/* 0 */
+	uint16 logon_count;		/* 0 */
+	uint32 unknown_3;		/* 0x00ff ffff */
 	uint32 unknown_6;		/* 0x0000 04ec */
 
 } GUMS_USER;
@@ -70,7 +117,7 @@ typedef struct gums_user
 typedef struct gums_group
 {
 	uint32 count;			/* Number of SIDs */
-	DOM_SID **members;		/* SID array */
+	DOM_SID *members;		/* SID array */
 
 } GUMS_GROUP;
 
@@ -80,10 +127,20 @@ typedef struct gums_domain
 
 } GUMS_DOMAIN;
 
+typedef struct gums_privilege
+{
+	LUID_ATTR *privilege;		/* Privilege Type */
+
+	uint32 count;
+	DOM_SID *members;
+
+} GUMS_PRIVILEGE;
+
 union gums_obj_p {
 	GUMS_USER *user;
 	GUMS_GROUP *group;
 	GUMS_DOMAIN *domain;
+	GUMS_PRIVILEGE *priv;
 };
 
 typedef struct gums_object
@@ -118,47 +175,47 @@ typedef struct gums_commit_set
 	uint32 type;			/* Object type */
 	DOM_SID sid;			/* Object Sid */
 	uint32 count;			/* number of changes */
-	GUMS_DATA_SET **data;
+	GUMS_DATA_SET *data;
 
 } GUMS_COMMIT_SET;
 
-typedef struct gums_privilege
+typedef struct gums_priv_commit_set
 {
 	TALLOC_CTX *mem_ctx;
 
-	uint32 type;			/* Object Type */
-	uint32 version;			/* Object Version */
-	uint32 seq_num;			/* Object Sequence Number */
-
-	LUID_ATTR *privilege;		/* Privilege Type */
-	char *name;			/* Object Name */
-	char *description;		/* Object Description */
+	uint32 type;			/* Object type */
+	char *name;			/* Object Sid */
+	uint32 count;			/* number of changes */
+	GUMS_DATA_SET *data;
 
-	uint32 count;
-	DOM_SID **members;
-
-} GUMS_PRIVILEGE;
+} GUMS_PRIV_COMMIT_SET;
 
 
 typedef struct gums_functions
 {
+	/* module data */
+	TALLOC_CTX *mem_ctx;
+	char *name;
+	void *private_data;
+	void (*free_private_data)(void **);
+
 	/* Generic object functions */
 
-	NTSTATUS (*get_domain_sid) (DOM_SID **sid, const char* name);
+	NTSTATUS (*get_domain_sid) (DOM_SID *sid, const char* name);
 	NTSTATUS (*set_domain_sid) (const DOM_SID *sid);
 
 	NTSTATUS (*get_sequence_number) (void);
 
-	NTSTATUS (*new_object) (DOM_SID **sid, const char *name, const int obj_type);
+	NTSTATUS (*new_object) (DOM_SID *sid, const char *name, const int obj_type);
 	NTSTATUS (*delete_object) (const DOM_SID *sid);
 
 	NTSTATUS (*get_object_from_sid) (GUMS_OBJECT **object, const DOM_SID *sid, const int obj_type);
-	NTSTATUS (*get_object_from_name) (GUMS_OBJECT **object, const char *name, const int onj_type);
+	NTSTATUS (*get_object_from_name) (GUMS_OBJECT **object, const char *name, const int obj_type);
 	/* This function is used to get the list of all objects changed since b_time, it is
 	   used to support PDC<->BDC synchronization */
 	NTSTATUS (*get_updated_objects) (GUMS_OBJECT **objects, const NTTIME base_time);
 
-	NTSTATUS (*enumerate_objects_start) (void *handle, const DOM_SID *sid, const int obj_type);
+	NTSTATUS (*enumerate_objects_start) (void **handle, const DOM_SID *sid, const int obj_type);
 	NTSTATUS (*enumerate_objects_get_next) (GUMS_OBJECT **object, void *handle);
 	NTSTATUS (*enumerate_objects_stop) (void *handle);
 
@@ -167,7 +224,7 @@ typedef struct gums_functions
 	NTSTATUS (*set_object) (const GUMS_OBJECT *object);
 
 	/* set object values function */
-	NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET **data_set);
+	NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET *data_set);
 
 	/* Group related functions */
 	NTSTATUS (*add_members_to_group) (const DOM_SID *group, const DOM_SID **members);
@@ -191,50 +248,15 @@ typedef struct gums_functions
 
 } GUMS_FUNCTIONS;
 
-/* define value types */
-#define GUMS_SET_PRIMARY_GROUP		0x1
-#define GUMS_SET_SEC_DESC		0x2
-
-#define GUMS_SET_NAME			0x10
-#define GUMS_SET_DESCRIPTION		0x11
-#define GUMS_SET_FULL_NAME		0x12
+typedef NTSTATUS (*gums_init_function)(
+			struct gums_functions *,
+			const char *);
 
-/* user specific type values */
-#define GUMS_SET_LOGON_TIME		0x20
-#define GUMS_SET_LOGOFF_TIME		0x21
-#define GUMS_SET_KICKOFF_TIME		0x23
-#define GUMS_SET_PASS_LAST_SET_TIME	0x24
-#define GUMS_SET_PASS_CAN_CHANGE_TIME	0x25
-#define GUMS_SET_PASS_MUST_CHANGE_TIME	0x26
+struct gums_init_function_entry {
 
-
-#define GUMS_SET_HOME_DIRECTORY		0x31
-#define GUMS_SET_DRIVE			0x32
-#define GUMS_SET_LOGON_SCRIPT		0x33
-#define GUMS_SET_PROFILE_PATH		0x34
-#define GUMS_SET_WORKSTATIONS		0x35
-#define GUMS_SET_UNKNOWN_STRING		0x36
-#define GUMS_SET_MUNGED_DIAL		0x37
-
-#define GUMS_SET_LM_PASSWORD		0x40
-#define GUMS_SET_NT_PASSWORD		0x41
-#define GUMS_SET_PLAINTEXT_PASSWORD	0x42
-#define GUMS_SET_UNKNOWN_3		0x43
-#define GUMS_SET_LOGON_DIVS		0x44
-#define GUMS_SET_HOURS_LEN		0x45
-#define GUMS_SET_HOURS			0x46
-#define GUMS_SET_UNKNOWN_5		0x47
-#define GUMS_SET_UNKNOWN_6		0x48
-
-#define GUMS_SET_MUST_CHANGE_PASS	0x50
-#define GUMS_SET_CANNOT_CHANGE_PASS	0x51
-#define GUMS_SET_PASS_NEVER_EXPIRE	0x52
-#define GUMS_SET_ACCOUNT_DISABLED	0x53
-#define GUMS_SET_ACCOUNT_LOCKOUT	0x54
-
-/*group specific type values */
-#define GUMS_ADD_SID_LIST		0x60
-#define GUMS_DEL_SID_LIST		0x61
-#define GUMS_SET_SID_LIST		0x62
+	const char *name;
+	gums_init_function init_fn;
+	struct gums_init_function_entry *prev, *next;
+};
 
 #endif /* _GUMS_H */