summaryrefslogtreecommitdiff
path: root/source3/passdb/passdb.c
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2000-11-13 23:03:34 +0000
committerGerald Carter <jerry@samba.org>2000-11-13 23:03:34 +0000
commit9fede0dc0dbad51528cd1384023d24549c3f0ba4 (patch)
tree0f3a045da16581462aa3dce6e7221ee12924954b /source3/passdb/passdb.c
parent8f338ee3dd5d3b68b36c021a22b624678ea116f6 (diff)
downloadsamba-9fede0dc0dbad51528cd1384023d24549c3f0ba4.tar.gz
samba-9fede0dc0dbad51528cd1384023d24549c3f0ba4.tar.bz2
samba-9fede0dc0dbad51528cd1384023d24549c3f0ba4.zip
Large commit which restructures the local password storage API.
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+) are broken, but they were somewhat broken before. :) The following functions implement the storage manipulation interface /*The following definitions come from passdb/pdb_smbpasswd.c */ BOOL pdb_setsampwent (BOOL update); void pdb_endsampwent (void); SAM_ACCOUNT* pdb_getsampwent (void); SAM_ACCOUNT* pdb_getsampwnam (char *username); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass); BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override); BOOL pdb_delete_sam_account (char* username); There is also a host of pdb_set..() and pdb_get..() functions for manipulating SAM_ACCOUNT struct members. Note that the struct passdb_ops {} has gone away. Also notice that struct smb_passwd (formally in smb.h) has been moved to passdb/pdb_smbpasswd.c and is not accessed outisde of static internal functions in this file. All local password searches should make use of the the SAM_ACCOUNT struct and the previously mentioned functions. I'll write some documentation for this later. The next step is to fix the TDB passdb backend, then work on spliting the backends out into share libraries, and finally get the LDAP backend going. What works and may not: o domain logons from Win9x works o domain logons from WinNT 4 works o user and group enumeration as implemented by Tim works o file and print access works o changing password from Win9x & NT ummm...i'll fix this tonight :) If I broke anything else, just yell and I'll fix it. I think it should be fairly quite. -- jerry (This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
Diffstat (limited to 'source3/passdb/passdb.c')
-rw-r--r--source3/passdb/passdb.c2014
1 files changed, 1020 insertions, 994 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 7bf9c1bae2..5b5b2e8a98 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -2,8 +2,9 @@
Unix SMB/Netbios implementation.
Version 1.9.
Password and authentication handling
- Copyright (C) Jeremy Allison 1996-1998
- Copyright (C) Luke Kenneth Casson Leighton 1996-1998
+ Copyright (C) Jeremy Allison 1996-1998
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1998
+ Copyright (C) Gerald (Jerry) Carter 2000
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -20,6 +21,7 @@
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#include <dlfcn.h>
#include "includes.h"
extern int DEBUGLEVEL;
@@ -58,711 +60,186 @@ extern fstring global_myworkgroup;
*
*/
-static struct passdb_ops *pdb_ops;
+struct passdb_ops *pdb_ops;
+
+static void* pdb_handle = NULL;
/***************************************************************
Initialize the password db operations.
***************************************************************/
-
-BOOL initialize_password_db(void)
-{
- if (pdb_ops)
- {
- return True;
- }
-
-#ifdef WITH_NISPLUS
- pdb_ops = nisplus_initialize_password_db();
-#elif defined(WITH_LDAP)
- pdb_ops = ldap_initialize_password_db();
-#elif defined(WITH_TDBPWD)
- pdb_ops = tdb_initialize_password_db();
-#else
- pdb_ops = file_initialize_password_db();
-#endif
-
- return (pdb_ops != NULL);
-}
-
-/*
- * Functions that return/manipulate a struct smb_passwd.
- */
-
-/************************************************************************
- Utility function to search smb passwd by rid.
-*************************************************************************/
-
-struct smb_passwd *iterate_getsmbpwrid(uint32 user_rid)
-{
- return iterate_getsmbpwuid(pdb_user_rid_to_uid(user_rid));
-}
-
-/************************************************************************
- Utility function to search smb passwd by uid. use this if your database
- does not have search facilities.
-*************************************************************************/
-
-struct smb_passwd *iterate_getsmbpwuid(uid_t smb_userid)
-{
- struct smb_passwd *pwd = NULL;
- void *fp = NULL;
-
- DEBUG(10, ("search by smb_userid: %x\n", (int)smb_userid));
-
- /* Open the smb password database - not for update. */
- fp = startsmbpwent(False);
-
- if (fp == NULL)
- {
- DEBUG(0, ("unable to open smb password database.\n"));
- return NULL;
- }
-
- while ((pwd = getsmbpwent(fp)) != NULL && pwd->smb_userid != smb_userid)
- ;
-
- if (pwd != NULL)
- {
- DEBUG(10, ("found by smb_userid: %x\n", (int)smb_userid));
- }
-
- endsmbpwent(fp);
- return pwd;
-}
-
-/************************************************************************
- Utility function to search smb passwd by name. use this if your database
- does not have search facilities.
-*************************************************************************/
-
-struct smb_passwd *iterate_getsmbpwnam(char *name)
-{
- struct smb_passwd *pwd = NULL;
- void *fp = NULL;
-
- DEBUG(10, ("search by name: %s\n", name));
-
- /* Open the sam password file - not for update. */
- fp = startsmbpwent(False);
-
- if (fp == NULL)
- {
- DEBUG(0, ("unable to open smb password database.\n"));
- return NULL;
- }
-
- while ((pwd = getsmbpwent(fp)) != NULL && !strequal(pwd->smb_name, name))
- ;
-
- if (pwd != NULL)
- {
- DEBUG(10, ("found by name: %s\n", name));
- }
-
- endsmbpwent(fp);
- return pwd;
-}
-
-/***************************************************************
- Start to enumerate the smb or sam passwd list. Returns a void pointer
- to ensure no modification outside this module.
-
- Note that currently it is being assumed that a pointer returned
- from this function may be used to enumerate struct sam_passwd
- entries as well as struct smb_passwd entries. This may need
- to change. JRA.
-
-****************************************************************/
-
-void *startsmbpwent(BOOL update)
-{
- return pdb_ops->startsmbpwent(update);
-}
-
-/***************************************************************
- End enumeration of the smb or sam passwd list.
-
- Note that currently it is being assumed that a pointer returned
- from this function may be used to enumerate struct sam_passwd
- entries as well as struct smb_passwd entries. This may need
- to change. JRA.
-
-****************************************************************/
-
-void endsmbpwent(void *vp)
-{
- pdb_ops->endsmbpwent(vp);
-}
-
-/*************************************************************************
- Routine to return the next entry in the smb passwd list.
- *************************************************************************/
-
-struct smb_passwd *getsmbpwent(void *vp)
-{
- return pdb_ops->getsmbpwent(vp);
-}
-
-/************************************************************************
- Routine to add an entry to the smb passwd file.
-*************************************************************************/
-
-BOOL add_smbpwd_entry(struct smb_passwd *newpwd)
-{
- return pdb_ops->add_smbpwd_entry(newpwd);
-}
-
-/************************************************************************
- Routine to search the smb passwd file for an entry matching the username.
- and then modify its password entry. We can't use the startsampwent()/
- getsampwent()/endsampwent() interfaces here as we depend on looking
- in the actual file to decide how much room we have to write data.
- override = False, normal
- override = True, override XXXXXXXX'd out password or NO PASS
-************************************************************************/
-
-BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override)
-{
- return pdb_ops->mod_smbpwd_entry(pwd, override);
-}
-
-/************************************************************************
- Routine to delete an entry from the smb passwd file.
-*************************************************************************/
-
-BOOL del_smbpwd_entry(const char *name)
-{
- return pdb_ops->del_smbpwd_entry(name);
-}
-
-/************************************************************************
- Routine to search smb passwd by name.
-*************************************************************************/
-
-struct smb_passwd *getsmbpwnam(char *name)
-{
- return pdb_ops->getsmbpwnam(name);
-}
-
-/************************************************************************
- Routine to search smb passwd by user rid.
-*************************************************************************/
-
-struct smb_passwd *getsmbpwrid(uint32 user_rid)
-{
- return pdb_ops->getsmbpwrid(user_rid);
-}
-
-/************************************************************************
- Routine to search smb passwd by uid.
-*************************************************************************/
-
-struct smb_passwd *getsmbpwuid(uid_t smb_userid)
-{
- return pdb_ops->getsmbpwuid(smb_userid);
-}
-
-/*
- * Functions that manupulate a struct sam_passwd.
- */
-
-/************************************************************************
- Utility function to search sam passwd by name. use this if your database
- does not have search facilities.
-*************************************************************************/
-
-struct sam_passwd *iterate_getsam21pwnam(char *name)
-{
- struct sam_passwd *pwd = NULL;
- void *fp = NULL;
-
- DEBUG(10, ("search by name: %s\n", name));
-
- /* Open the smb password database - not for update. */
- fp = startsmbpwent(False);
-
- if (fp == NULL)
- {
- DEBUG(0, ("unable to open sam password database.\n"));
- return NULL;
- }
-
- while ((pwd = getsam21pwent(fp)) != NULL && !strequal(pwd->smb_name, name))
- {
- DEBUG(10, ("iterate: %s 0x%x\n", pwd->smb_name, pwd->user_rid));
- }
-
- if (pwd != NULL)
- {
- DEBUG(10, ("found by name: %s\n", name));
- }
-
- endsmbpwent(fp);
- return pwd;
-}
-
-/************************************************************************
- Utility function to search sam passwd by rid. use this if your database
- does not have search facilities.
-
- search capability by both rid and uid are needed as the rid <-> uid
- mapping may be non-monotonic.
-
-*************************************************************************/
-
-struct sam_passwd *iterate_getsam21pwrid(uint32 rid)
+BOOL initialize_password_db(BOOL reload)
{
- struct sam_passwd *pwd = NULL;
- void *fp = NULL;
-
- DEBUG(10, ("search by rid: %x\n", rid));
-
- /* Open the smb password file - not for update. */
- fp = startsmbpwent(False);
-
- if (fp == NULL)
- {
- DEBUG(0, ("unable to open sam password database.\n"));
- return NULL;
- }
- while ((pwd = getsam21pwent(fp)) != NULL && pwd->user_rid != rid)
- {
- DEBUG(10, ("iterate: %s 0x%x\n", pwd->smb_name, pwd->user_rid));
- }
-
- if (pwd != NULL)
+ char* modulename = lp_passdb_module_path();
+
+ return True;
+
+ /* load another module? */
+ if (reload && pdb_handle)
{
- DEBUG(10, ("found by user_rid: %x\n", rid));
+ dlclose (pdb_handle);
+ pdb_handle = NULL;
}
-
- endsmbpwent(fp);
- return pwd;
-}
-
-/************************************************************************
- Utility function to search sam passwd by uid. use this if your database
- does not have search facilities.
-
- search capability by both rid and uid are needed as the rid <-> uid
- mapping may be non-monotonic.
-
-*************************************************************************/
-
-struct sam_passwd *iterate_getsam21pwuid(uid_t uid)
-{
- struct sam_passwd *pwd = NULL;
- void *fp = NULL;
-
- DEBUG(10, ("search by uid: %x\n", (int)uid));
-
- /* Open the smb password file - not for update. */
- fp = startsmbpwent(False);
-
- if (fp == NULL)
+
+ /* do we have a module defined or use the default? */
+ if (strlen (modulename) != 0)
{
- DEBUG(0, ("unable to open sam password database.\n"));
- return NULL;
- }
-
- while ((pwd = getsam21pwent(fp)) != NULL && pwd->smb_userid != uid)
- ;
-
- if (pwd != NULL)
+ if ((pdb_handle=dlopen (modulename, RTLD_LAZY)) == NULL)
+ {
+ DEBUG(0,("initialize_password_db: ERROR - Unable to open passdb module \"%s\"!\n%s\n",
+ modulename, dlerror()));
+ }
+ else
+ DEBUG(1,("initialize_password_db: passdb module \"%s\" loaded successfully\n", modulename));
+ }
+
+ /* either no module name defined or the one that was failed
+ to open. Let's try the default */
+ if (pdb_handle == NULL)
{
- DEBUG(10, ("found by smb_userid: %x\n", (int)uid));
+ if ((pdb_handle=dlopen ("libpdbfile.so", RTLD_LAZY)) == NULL)
+ {
+ DEBUG(0,("initialize_password_db: ERROR - Unable to open \"libpdbfile.so\" passdb module! No user authentication possible!\n%s\n",
+ dlerror()));
+ return False;
+ }
+ else
+ DEBUG(1,("initialize_password_db: passdb module \"libpdbfile.so\" loaded successfully\n"));
}
+
- endsmbpwent(fp);
- return pwd;
-}
-
-/*************************************************************************
- Routine to return a display info structure, by rid
- *************************************************************************/
-struct sam_disp_info *getsamdisprid(uint32 rid)
-{
- return pdb_ops->getsamdisprid(rid);
-}
-
-/*************************************************************************
- Routine to return the next entry in the sam passwd list.
- *************************************************************************/
-
-struct sam_passwd *getsam21pwent(void *vp)
-{
- return pdb_ops->getsam21pwent(vp);
-}
-
-
-/************************************************************************
- Routine to search sam passwd by name.
-*************************************************************************/
-
-struct sam_passwd *getsam21pwnam(char *name)
-{
- return pdb_ops->getsam21pwnam(name);
-}
-
-/************************************************************************
- Routine to search sam passwd by rid.
-*************************************************************************/
-
-struct sam_passwd *getsam21pwrid(uint32 rid)
-{
- return pdb_ops->getsam21pwrid(rid);
-}
-
-/************************************************************************
- Routine to add a SAM entry to the smb passwd file.
-*************************************************************************/
-
-BOOL add_sam21pwd_entry(struct sam_passwd *pwd)
-{
- return pdb_ops->add_sam21pwd_entry(pwd);
-}
-
-/************************************************************************
- Routine to modify a SAM entry to the smb passwd file.
-*************************************************************************/
-
-BOOL mod_sam21pwd_entry(struct sam_passwd *pwd, BOOL override)
-{
- return pdb_ops->mod_sam21pwd_entry(pwd, override);
+ return (pdb_handle != NULL);
}
-/**********************************************************
- **********************************************************
-
- utility routines which are likely to be useful to all password
- databases
-
- **********************************************************
- **********************************************************/
-
/*************************************************************
initialises a struct sam_disp_info.
**************************************************************/
-
static void pdb_init_dispinfo(struct sam_disp_info *user)
{
- if (user == NULL) return;
- memset((char *)user, '\0', sizeof(*user));
-}
-
-/*************************************************************
- initialises a struct smb_passwd.
- **************************************************************/
-
-void pdb_init_smb(struct smb_passwd *user)
-{
- if (user == NULL) return;
- memset((char *)user, '\0', sizeof(*user));
- user->pass_last_set_time = (time_t)-1;
+ if (user == NULL)
+ return;
+ ZERO_STRUCTP(user);
}
/*************************************************************
initialises a struct sam_passwd.
- **************************************************************/
-void pdb_init_sam(struct sam_passwd *user)
+ ************************************************************/
+void pdb_init_sam(SAM_ACCOUNT *user)
{
- if (user == NULL) return;
- memset((char *)user, '\0', sizeof(*user));
+ if (user == NULL)
+ return;
+
+ ZERO_STRUCTP(user);
+
user->logon_time = (time_t)-1;
user->logoff_time = (time_t)-1;
user->kickoff_time = (time_t)-1;
user->pass_last_set_time = (time_t)-1;
user->pass_can_change_time = (time_t)-1;
user->pass_must_change_time = (time_t)-1;
+
+ user->unknown_3 = 0x00ffffff; /* don't know */
+ user->logon_divs = 168; /* hours per week */
+ user->hours_len = 21; /* 21 times 8 bits = 168 */
+ memset(user->hours, 0xff, user->hours_len); /* available at all hours */
+ user->unknown_5 = 0x00020000; /* don't know */
+ user->unknown_5 = 0x000004ec; /* don't know */
+
}
+/************************************************************
+ free all pointer members and then reinit the SAM_ACCOUNT
+ ***********************************************************/
+void pdb_clear_sam(SAM_ACCOUNT *user)
+{
+ if (user == NULL)
+ return;
+
+ /* clear all pointer members */
+ if (user->username)
+ free(user->username);
+ if (user->full_name)
+ free(user->full_name);
+ if (user->home_dir)
+ free(user->home_dir);
+ if (user->dir_drive)
+ free(user->dir_drive);
+ if (user->logon_script)
+ free(user->logon_script);
+ if (user->profile_path)
+ free(user->profile_path);
+ if (user->acct_desc)
+ free(user->acct_desc);
+ if (user->workstations)
+ free(user->workstations);
+ if (user->unknown_str)
+ free(user->unknown_str);
+ if (user->munged_dial)
+ free(user->munged_dial);
+
+ if (user->lm_pw)
+ free(user->lm_pw);
+ if (user->nt_pw)
+ free(user->nt_pw);
+
+
+ /* now initialize */
+ pdb_init_sam(user);
+
+}
+
+
/*************************************************************************
Routine to return the next entry in the sam passwd list.
*************************************************************************/
-
-struct sam_disp_info *pdb_sam_to_dispinfo(struct sam_passwd *user)
+struct sam_disp_info *pdb_sam_to_dispinfo(SAM_ACCOUNT *user)
{
static struct sam_disp_info disp_info;
- if (user == NULL) return NULL;
+ if (user == NULL)
+ return NULL;
pdb_init_dispinfo(&disp_info);
- disp_info.smb_name = user->smb_name;
+ disp_info.smb_name = user->username;
disp_info.full_name = user->full_name;
disp_info.user_rid = user->user_rid;
return &disp_info;
}
-/*************************************************************
- converts a sam_passwd structure to a smb_passwd structure.
- **************************************************************/
-
-struct smb_passwd *pdb_sam_to_smb(struct sam_passwd *user)
-{
- static struct smb_passwd pw_buf;
-
- if (user == NULL) return NULL;
-
- pdb_init_smb(&pw_buf);
-
- pw_buf.smb_userid = user->smb_userid;
- pw_buf.smb_name = user->smb_name;
- pw_buf.smb_passwd = user->smb_passwd;
- pw_buf.smb_nt_passwd = user->smb_nt_passwd;
- pw_buf.acct_ctrl = user->acct_ctrl;
- pw_buf.pass_last_set_time = user->pass_last_set_time;
-
- return &pw_buf;
-}
-
-
-/*************************************************************
- converts a smb_passwd structure to a sam_passwd structure.
- **************************************************************/
-
-struct sam_passwd *pdb_smb_to_sam(struct smb_passwd *user)
-{
- static struct sam_passwd pw_buf;
-
- if (user == NULL) return NULL;
-
- pdb_init_sam(&pw_buf);
-
- pw_buf.smb_userid = user->smb_userid;
- pw_buf.smb_name = user->smb_name;
- pw_buf.smb_passwd = user->smb_passwd;
- pw_buf.smb_nt_passwd = user->smb_nt_passwd;
- pw_buf.acct_ctrl = user->acct_ctrl;
- pw_buf.pass_last_set_time = user->pass_last_set_time;
-
- return &pw_buf;
-}
-
-static void select_name(fstring *string, char **name, const UNISTR2 *from)
-{
- if (from->buffer != 0)
- {
- unistr2_to_ascii(*string, from, sizeof(*string));
- *name = *string;
- }
-}
-
-/*************************************************************
- copies a sam passwd.
- **************************************************************/
-void copy_id23_to_sam_passwd(struct sam_passwd *to, SAM_USER_INFO_23 *from)
-{
- static fstring smb_name;
- static fstring full_name;
- static fstring home_dir;
- static fstring dir_drive;
- static fstring logon_script;
- static fstring profile_path;
- static fstring acct_desc;
- static fstring workstations;
- static fstring unknown_str;
- static fstring munged_dial;
-
- if (from == NULL || to == NULL) return;
-
- to->logon_time = nt_time_to_unix(&from->logon_time);
- to->logoff_time = nt_time_to_unix(&from->logoff_time);
- to->kickoff_time = nt_time_to_unix(&from->kickoff_time);
- to->pass_last_set_time = nt_time_to_unix(&from->pass_last_set_time);
- to->pass_can_change_time = nt_time_to_unix(&from->pass_can_change_time);
- to->pass_must_change_time = nt_time_to_unix(&from->pass_must_change_time);
-
- select_name(&smb_name , &to->smb_name , &from->uni_user_name );
- select_name(&full_name , &to->full_name , &from->uni_full_name );
- select_name(&home_dir , &to->home_dir , &from->uni_home_dir );
- select_name(&dir_drive , &to->dir_drive , &from->uni_dir_drive );
- select_name(&logon_script, &to->logon_script, &from->uni_logon_script);
- select_name(&profile_path, &to->profile_path, &from->uni_profile_path);
- select_name(&acct_desc , &to->acct_desc , &from->uni_acct_desc );
- select_name(&workstations, &to->workstations, &from->uni_workstations);
- select_name(&unknown_str , &to->unknown_str , &from->uni_unknown_str );
- select_name(&munged_dial , &to->munged_dial , &from->uni_munged_dial );
-
- to->smb_userid = (uid_t)-1;
- to->smb_grpid = (gid_t)-1;
- to->user_rid = from->user_rid;
- to->group_rid = from->group_rid;
-
- to->smb_passwd = NULL;
- to->smb_nt_passwd = NULL;
-
- to->acct_ctrl = from->acb_info;
- to->unknown_3 = from->unknown_3;
-
- to->logon_divs = from->logon_divs;
- to->hours_len = from->logon_hrs.len;
- memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
-
- to->unknown_5 = from->unknown_5;
- to->unknown_6 = from->unknown_6;
-}
-
-/*************************************************************
- copies a sam passwd.
- **************************************************************/
-void copy_id21_to_sam_passwd(struct sam_passwd *to, SAM_USER_INFO_21 *from)
-{
- static fstring smb_name;
- static fstring full_name;
- static fstring home_dir;
- static fstring dir_drive;
- static fstring logon_script;
- static fstring profile_path;
- static fstring acct_desc;
- static fstring workstations;
- static fstring unknown_str;
- static fstring munged_dial;
-
- if (from == NULL || to == NULL) return;
-
- to->logon_time = nt_time_to_unix(&from->logon_time);
- to->logoff_time = nt_time_to_unix(&from->logoff_time);
- to->kickoff_time = nt_time_to_unix(&from->kickoff_time);
- to->pass_last_set_time = nt_time_to_unix(&from->pass_last_set_time);
- to->pass_can_change_time = nt_time_to_unix(&from->pass_can_change_time);
- to->pass_must_change_time = nt_time_to_unix(&from->pass_must_change_time);
-
- select_name(&smb_name , &to->smb_name , &from->uni_user_name );
- select_name(&full_name , &to->full_name , &from->uni_full_name );
- select_name(&home_dir , &to->home_dir , &from->uni_home_dir );
- select_name(&dir_drive , &to->dir_drive , &from->uni_dir_drive );
- select_name(&logon_script, &to->logon_script, &from->uni_logon_script);
- select_name(&profile_path, &to->profile_path, &from->uni_profile_path);
- select_name(&acct_desc , &to->acct_desc , &from->uni_acct_desc );
- select_name(&workstations, &to->workstations, &from->uni_workstations);
- select_name(&unknown_str , &to->unknown_str , &from->uni_unknown_str );
- select_name(&munged_dial , &to->munged_dial , &from->uni_munged_dial );
-
- to->smb_userid = (uid_t)-1;
- to->smb_grpid = (gid_t)-1;
- to->user_rid = from->user_rid;
- to->group_rid = from->group_rid;
-
- to->smb_passwd = NULL;
- to->smb_nt_passwd = NULL;
-
- to->acct_ctrl = from->acb_info;
- to->unknown_3 = from->unknown_3;
-
- to->logon_divs = from->logon_divs;
- to->hours_len = from->logon_hrs.len;
- memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
-
- to->unknown_5 = from->unknown_5;
- to->unknown_6 = from->unknown_6;
-}
-
-
-/*************************************************************
- copies a sam passwd.
- **************************************************************/
-void copy_sam_passwd(struct sam_passwd *to, const struct sam_passwd *from)
-{
- static fstring smb_name="";
- static fstring full_name="";
- static fstring home_dir="";
- static fstring dir_drive="";
- static fstring logon_script="";
- static fstring profile_path="";
- static fstring acct_desc="";
- static fstring workstations="";
- static fstring unknown_str="";
- static fstring munged_dial="";
-
- if (from == NULL || to == NULL) return;
-
- memcpy(to, from, sizeof(*from));
-
- if (from->smb_name != NULL) {
- fstrcpy(smb_name , from->smb_name);
- to->smb_name = smb_name;
- }
-
- if (from->full_name != NULL) {
- fstrcpy(full_name, from->full_name);
- to->full_name = full_name;
- }
-
- if (from->home_dir != NULL) {
- fstrcpy(home_dir , from->home_dir);
- to->home_dir = home_dir;
- }
-
- if (from->dir_drive != NULL) {
- fstrcpy(dir_drive , from->dir_drive);
- to->dir_drive = dir_drive;
- }
-
- if (from->logon_script != NULL) {
- fstrcpy(logon_script , from->logon_script);
- to->logon_script = logon_script;
- }
-
- if (from->profile_path != NULL) {
- fstrcpy(profile_path , from->profile_path);
- to->profile_path = profile_path;
- }
-
- if (from->acct_desc != NULL) {
- fstrcpy(acct_desc , from->acct_desc);
- to->acct_desc = acct_desc;
- }
-
- if (from->workstations != NULL) {
- fstrcpy(workstations , from->workstations);
- to->workstations = workstations;
- }
-
- if (from->unknown_str != NULL) {
- fstrcpy(unknown_str , from->unknown_str);
- to->unknown_str = unknown_str;
- }
-
- if (from->munged_dial != NULL) {
- fstrcpy(munged_dial , from->munged_dial);
- to->munged_dial = munged_dial;
- }
-}
/**********************************************************
Encode the account control bits into a string.
length = length of string to encode into (including terminating
null). length *MUST BE MORE THAN 2* !
**********************************************************/
-
char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
{
- static fstring acct_str;
- size_t i = 0;
-
- acct_str[i++] = '[';
-
- if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N';
- if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D';
- if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H';
- if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T';
- if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U';
- if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M';
- if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W';
- if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S';
- if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L';
- if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X';
- if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I';
-
- for ( ; i < length - 2 ; i++ ) { acct_str[i] = ' '; }
-
- i = length - 2;
- acct_str[i++] = ']';
- acct_str[i++] = '\0';
-
- return acct_str;
+ static fstring acct_str;
+ size_t i = 0;
+
+ acct_str[i++] = '[';
+
+ if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N';
+ if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D';
+ if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H';
+ if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T';
+ if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U';
+ if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M';
+ if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W';
+ if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S';
+ if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L';
+ if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X';
+ if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I';
+
+ for ( ; i < length - 2 ; i++ ) { acct_str[i] = ' '; }
+
+ i = length - 2;
+ acct_str[i++] = ']';
+ acct_str[i++] = '\0';
+
+ return acct_str;
}
/**********************************************************
@@ -812,102 +289,6 @@ uint16 pdb_decode_acct_ctrl(const char *p)
return acct_ctrl;
}
-/*******************************************************************
- gets password-database-format time from a string.
- ********************************************************************/
-
-static time_t get_time_from_string(const char *p)
-{
- int i;
-
- for (i = 0; i < 8; i++)
- {
- if (p[i] == '\0' || !isxdigit((int)(p[i]&0xFF)))
- break;
- }
- if (i == 8)
- {
- /*
- * p points at 8 characters of hex digits -
- * read into a time_t as the seconds since
- * 1970 that the password was last changed.
- */
- return (time_t)strtol(p, NULL, 16);
- }
- return (time_t)-1;
-}
-
-/*******************************************************************
- gets password last set time
- ********************************************************************/
-
-time_t pdb_get_last_set_time(const char *p)
-{
- if (*p && StrnCaseCmp(p, "LCT-", 4))
- {
- return get_time_from_string(p + 4);
- }
- return (time_t)-1;
-}
-
-
-/*******************************************************************
- sets password-database-format time in a string.
- ********************************************************************/
-static void set_time_in_string(char *p, int max_len, char *type, time_t t)
-{
- slprintf(p, max_len, ":%s-%08X:", type, (uint32)t);
-}
-
-/*******************************************************************
- sets logon time
- ********************************************************************/
-void pdb_set_logon_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "LNT", t);
-}
-
-/*******************************************************************
- sets logoff time
- ********************************************************************/
-void pdb_set_logoff_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "LOT", t);
-}
-
-/*******************************************************************
- sets kickoff time
- ********************************************************************/
-void pdb_set_kickoff_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "KOT", t);
-}
-
-/*******************************************************************
- sets password can change time
- ********************************************************************/
-void pdb_set_can_change_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "CCT", t);
-}
-
-/*******************************************************************
- sets password last set time
- ********************************************************************/
-void pdb_set_must_change_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "MCT", t);
-}
-
-/*******************************************************************
- sets password last set time
- ********************************************************************/
-void pdb_set_last_set_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "LCT", t);
-}
-
-
/*************************************************************
Routine to set 32 hex password characters from a 16 byte array.
**************************************************************/
@@ -924,6 +305,7 @@ void pdb_sethexpwd(char *p, unsigned char *pwd, uint16 acct_ctrl)
safe_strcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 33);
}
}
+
/*************************************************************
Routine to get the 32 hex characters and turn them
into a 16 byte array.
@@ -959,10 +341,9 @@ BOOL pdb_gethexpwd(char *p, unsigned char *pwd)
/*******************************************************************
Group and User RID username mapping function
********************************************************************/
-
BOOL pdb_name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid)
{
- struct passwd *pw = Get_Pwnam(user_name, False);
+ struct passwd *pw = Get_Pwnam(user_name, False);
if (u_rid == NULL || g_rid == NULL || user_name == NULL)
{
@@ -996,243 +377,9 @@ BOOL pdb_name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid)
return True;
}
-/****************************************************************************
- Read the machine SID from a file.
-****************************************************************************/
-
-static BOOL read_sid_from_file(int fd, char *sid_file)
-{
- fstring fline;
-
- memset(fline, '\0', sizeof(fline));
-
- if(read(fd, fline, sizeof(fline) -1 ) < 0) {
- DEBUG(0,("unable to read file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- return False;
- }
-
- /*
- * Convert to the machine SID.
- */
-
- fline[sizeof(fline)-1] = '\0';
- if(!string_to_sid( &global_sam_sid, fline)) {
- DEBUG(0,("unable to generate machine SID.\n"));
- return False;
- }
-
- return True;
-}
-
-/****************************************************************************
- Generate the global machine sid. Look for the MACHINE.SID file first, if
- not found then look in smb.conf and use it to create the MACHINE.SID file.
- Note this function will be replaced soon. JRA.
-****************************************************************************/
-
-BOOL pdb_generate_sam_sid(void)
-{
- int fd;
- char *p;
- pstring sid_file;
- fstring sid_string;
- SMB_STRUCT_STAT st;
- BOOL overwrite_bad_sid = False;
-
- generate_wellknown_sids();
-
- pstrcpy(sid_file, lp_smb_passwd_file());
- p = strrchr(sid_file, '/');
- if(p != NULL) {
- *++p = '\0';
- }
-
- if (!directory_exist(sid_file, NULL)) {
- if (mkdir(sid_file, 0700) != 0) {
- DEBUG(0,("can't create private directory %s : %s\n",
- sid_file, strerror(errno)));
- return False;
- }
- }
-
- pstrcat(sid_file, "MACHINE.SID");
-
- if((fd = sys_open(sid_file, O_RDWR | O_CREAT, 0644)) == -1) {
- DEBUG(0,("unable to open or create file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- return False;
- }
-
- /*
- * Check if the file contains data.
- */
-
- if(sys_fstat( fd, &st) < 0) {
- DEBUG(0,("unable to stat file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
-
- if(st.st_size > 0) {
- /*
- * We have a valid SID - read it.
- */
- if(!read_sid_from_file( fd, sid_file)) {
- DEBUG(0,("unable to read file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
-
- /*
- * JRA. Reversed the sense of this test now that I have
- * actually done this test *personally*. One more reason
- * to never trust third party information you have not
- * independently verified.... sigh. JRA.
- */
-
- if(global_sam_sid.num_auths > 0 && global_sam_sid.sub_auths[0] == 0x21) {
- /*
- * Fix and re-write...
- */
- overwrite_bad_sid = True;
- global_sam_sid.sub_auths[0] = 21;
- DEBUG(5,("pdb_generate_sam_sid: Old (incorrect) sid id_auth of hex 21 \
-detected - re-writing to be decimal 21 instead.\n" ));
- sid_to_string(sid_string, &global_sam_sid);
- if(sys_lseek(fd, (SMB_OFF_T)0, SEEK_SET) != 0) {
- DEBUG(0,("unable to seek file file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
- } else {
- close(fd);
- return True;
- }
- } else {
- /*
- * The file contains no data - we need to generate our
- * own sid.
- * Generate the new sid data & turn it into a string.
- */
- int i;
- uchar raw_sid_data[12];
- DOM_SID mysid;
-
- memset((char *)&mysid, '\0', sizeof(DOM_SID));
- mysid.sid_rev_num = 1;
- mysid.id_auth[5] = 5;
- mysid.num_auths = 0;
- mysid.sub_auths[mysid.num_auths++] = 21;
-
- generate_random_buffer( raw_sid_data, 12, True);
- for( i = 0; i < 3; i++)
- mysid.sub_auths[mysid.num_auths++] = IVAL(raw_sid_data, i*4);
-
- sid_to_string(sid_string, &mysid);
- }
-
- fstrcat(sid_string, "\n");
-
- /*
- * Ensure our new SID is valid.
- */
-
- if(!string_to_sid( &global_sam_sid, sid_string)) {
- DEBUG(0,("unable to generate machine SID.\n"));
- return False;
- }
-
- /*
- * Do an exclusive blocking lock on the file.
- */
-
- if(!do_file_lock( fd, 60, F_WRLCK)) {
- DEBUG(0,("unable to lock file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
-
- if(!overwrite_bad_sid) {
- /*
- * At this point we have a blocking lock on the SID
- * file - check if in the meantime someone else wrote
- * SID data into the file. If so - they were here first,
- * use their data.
- */
-
- if(sys_fstat( fd, &st) < 0) {
- DEBUG(0,("unable to stat file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
-
- if(st.st_size > 0) {
- /*
- * Unlock as soon as possible to reduce
- * contention on the exclusive lock.
- */
- do_file_lock( fd, 60, F_UNLCK);
-
- /*
- * We have a valid SID - read it.
- */
-
- if(!read_sid_from_file( fd, sid_file)) {
- DEBUG(0,("unable to read file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
- close(fd);
- return True;
- }
- }
-
- /*
- * The file is still empty and we have an exlusive lock on it,
- * or we're fixing an earlier mistake.
- * Write out out SID data into the file.
- */
-
- /*
- * Use chmod here as some (strange) UNIX's don't
- * have fchmod. JRA.
- */
-
- if(chmod(sid_file, 0644) < 0) {
- DEBUG(0,("unable to set correct permissions on file %s. \
-Error was %s\n", sid_file, strerror(errno) ));
- do_file_lock( fd, 60, F_UNLCK);
- close(fd);
- return False;
- }
-
- if(write( fd, sid_string, strlen(sid_string)) != strlen(sid_string)) {
- DEBUG(0,("unable to write file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- do_file_lock( fd, 60, F_UNLCK);
- close(fd);
- return False;
- }
-
- /*
- * Unlock & exit.
- */
-
- do_file_lock( fd, 60, F_UNLCK);
- close(fd);
- return True;
-}
/*******************************************************************
Converts NT user RID to a UNIX uid.
********************************************************************/
-
uid_t pdb_user_rid_to_uid(uint32 user_rid)
{
return (uid_t)(((user_rid & (~USER_RID_TYPE))- 1000)/RID_MULTIPLIER);
@@ -1277,7 +424,6 @@ static BOOL pdb_rid_is_well_known(uint32 rid)
/*******************************************************************
Decides if a RID is a user or group RID.
********************************************************************/
-
BOOL pdb_rid_is_user(uint32 rid)
{
/* lkcl i understand that NT attaches an enumeration to a RID
@@ -1300,7 +446,6 @@ BOOL pdb_rid_is_user(uint32 rid)
/*******************************************************************
Convert a rid into a name. Used in the lookup SID rpc.
********************************************************************/
-
BOOL local_lookup_rid(uint32 rid, char *name, enum SID_NAME_USE *psid_name_use)
{
@@ -1418,10 +563,9 @@ BOOL local_lookup_name(char *domain, char *user, DOM_SID *psid, enum SID_NAME_US
/****************************************************************************
Convert a uid to SID - locally.
****************************************************************************/
-
DOM_SID *local_uid_to_sid(DOM_SID *psid, uid_t uid)
{
- extern DOM_SID global_sam_sid;
+ extern DOM_SID global_sam_sid;
sid_copy(psid, &global_sam_sid);
sid_append_rid(psid, pdb_uid_to_user_rid(uid));
@@ -1433,10 +577,10 @@ DOM_SID *local_uid_to_sid(DOM_SID *psid, uid_t uid)
/****************************************************************************
Convert a SID to uid - locally.
****************************************************************************/
-
BOOL local_sid_to_uid(uid_t *puid, DOM_SID *psid, enum SID_NAME_USE *name_type)
{
- extern DOM_SID global_sam_sid;
+ extern DOM_SID global_sam_sid;
+
DOM_SID dom_sid;
uint32 rid;
@@ -1449,7 +593,6 @@ BOOL local_sid_to_uid(uid_t *puid, DOM_SID *psid, enum SID_NAME_USE *name_type)
* We can only convert to a uid if this is our local
* Domain SID (ie. we are the controling authority).
*/
-
if (!sid_equal(&global_sam_sid, &dom_sid))
return False;
@@ -1458,7 +601,6 @@ BOOL local_sid_to_uid(uid_t *puid, DOM_SID *psid, enum SID_NAME_USE *name_type)
/*
* Ensure this uid really does exist.
*/
-
if(!sys_getpwuid(*puid))
return False;
@@ -1468,7 +610,6 @@ BOOL local_sid_to_uid(uid_t *puid, DOM_SID *psid, enum SID_NAME_USE *name_type)
/****************************************************************************
Convert a gid to SID - locally.
****************************************************************************/
-
DOM_SID *local_gid_to_sid(DOM_SID *psid, gid_t gid)
{
extern DOM_SID global_sam_sid;
@@ -1482,7 +623,6 @@ DOM_SID *local_gid_to_sid(DOM_SID *psid, gid_t gid)
/****************************************************************************
Convert a SID to gid - locally.
****************************************************************************/
-
BOOL local_sid_to_gid(gid_t *pgid, DOM_SID *psid, enum SID_NAME_USE *name_type)
{
extern DOM_SID global_sam_sid;
@@ -1513,3 +653,889 @@ BOOL local_sid_to_gid(gid_t *pgid, DOM_SID *psid, enum SID_NAME_USE *name_type)
return True;
}
+
+static void select_name(fstring *string, char **name, const UNISTR2 *from)
+{
+ if (from->buffer != 0)
+ {
+ unistr2_to_ascii(*string, from, sizeof(*string));
+ *name = *string;
+ }
+}
+
+/*************************************************************
+ copies a sam passwd.
+ **************************************************************/
+void copy_id23_to_sam_passwd(struct sam_passwd *to, SAM_USER_INFO_23 *from)
+{
+ static fstring smb_name;
+ static fstring full_name;
+ static fstring home_dir;
+ static fstring dir_drive;
+ static fstring logon_script;
+ static fstring profile_path;
+ static fstring acct_desc;
+ static fstring workstations;
+ static fstring unknown_str;
+ static fstring munged_dial;
+
+ if (from == NULL || to == NULL) return;
+
+ to->logon_time = nt_time_to_unix(&from->logon_time);
+ to->logoff_time = nt_time_to_unix(&from->logoff_time);
+ to->kickoff_time = nt_time_to_unix(&from->kickoff_time);
+ to->pass_last_set_time = nt_time_to_unix(&from->pass_last_set_time);
+ to->pass_can_change_time = nt_time_to_unix(&from->pass_can_change_time);
+ to->pass_must_change_time = nt_time_to_unix(&from->pass_must_change_time);
+
+ select_name(&smb_name , &to->username , &from->uni_user_name );
+ select_name(&full_name , &to->full_name , &from->uni_full_name );
+ select_name(&home_dir , &to->home_dir , &from->uni_home_dir );
+ select_name(&dir_drive , &to->dir_drive , &from->uni_dir_drive );
+ select_name(&logon_script, &to->logon_script, &from->uni_logon_script);
+ select_name(&profile_path, &to->profile_path, &from->uni_profile_path);
+ select_name(&acct_desc , &to->acct_desc , &from->uni_acct_desc );
+ select_name(&workstations, &to->workstations, &from->uni_workstations);
+ select_name(&unknown_str , &to->unknown_str , &from->uni_unknown_str );
+ select_name(&munged_dial , &to->munged_dial , &from->uni_munged_dial );
+
+ to->uid = (uid_t)-1;
+ to->gid = (gid_t)-1;
+ to->user_rid = from->user_rid;
+ to->group_rid = from->group_rid;
+
+ to->lm_pw = NULL;
+ to->nt_pw = NULL;
+
+ to->acct_ctrl = from->acb_info;
+ to->unknown_3 = from->unknown_3;
+
+ to->logon_divs = from->logon_divs;
+ to->hours_len = from->logon_hrs.len;
+ memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
+
+ to->unknown_5 = from->unknown_5;
+ to->unknown_6 = from->unknown_6;
+}
+
+/*************************************************************
+ copies a sam passwd.
+ **************************************************************/
+void copy_id21_to_sam_passwd(struct sam_passwd *to, SAM_USER_INFO_21 *from)
+{
+ static fstring smb_name;
+ static fstring full_name;
+ static fstring home_dir;
+ static fstring dir_drive;
+ static fstring logon_script;
+ static fstring profile_path;
+ static fstring acct_desc;
+ static fstring workstations;
+ static fstring unknown_str;
+ static fstring munged_dial;
+
+ if (from == NULL || to == NULL) return;
+
+ to->logon_time = nt_time_to_unix(&from->logon_time);
+ to->logoff_time = nt_time_to_unix(&from->logoff_time);
+ to->kickoff_time = nt_time_to_unix(&from->kickoff_time);
+ to->pass_last_set_time = nt_time_to_unix(&from->pass_last_set_time);
+ to->pass_can_change_time = nt_time_to_unix(&from->pass_can_change_time);
+ to->pass_must_change_time = nt_time_to_unix(&from->pass_must_change_time);
+
+ select_name(&smb_name , &to->username , &from->uni_user_name );
+ select_name(&full_name , &to->full_name , &from->uni_full_name );
+ select_name(&home_dir , &to->home_dir , &from->uni_home_dir );
+ select_name(&dir_drive , &to->dir_drive , &from->uni_dir_drive );
+ select_name(&logon_script, &to->logon_script, &from->uni_logon_script);
+ select_name(&profile_path, &to->profile_path, &from->uni_profile_path);
+ select_name(&acct_desc , &to->acct_desc , &from->uni_acct_desc );
+ select_name(&workstations, &to->workstations, &from->uni_workstations);
+ select_name(&unknown_str , &to->unknown_str , &from->uni_unknown_str );
+ select_name(&munged_dial , &to->munged_dial , &from->uni_munged_dial );
+
+ to->uid = (uid_t)-1;
+ to->gid = (gid_t)-1;
+ to->user_rid = from->user_rid;
+ to->group_rid = from->group_rid;
+
+ to->lm_pw = NULL;
+ to->nt_pw = NULL;
+
+ to->acct_ctrl = from->acb_info;
+ to->unknown_3 = from->unknown_3;
+
+ to->logon_divs = from->logon_divs;
+ to->hours_len = from->logon_hrs.len;
+ memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
+
+ to->unknown_5 = from->unknown_5;
+ to->unknown_6 = from->unknown_6;
+}
+
+
+/*************************************************************
+ copies a sam passwd.
+
+ FIXME! Do we need to use dynamically allocated strings
+ here instead of static strings?
+
+ Why are password hashes not also copied? --jerry
+ **************************************************************/
+void copy_sam_passwd(struct sam_passwd *to, const struct sam_passwd *from)
+{
+ static fstring smb_name="";
+ static fstring full_name="";
+ static fstring home_dir="";
+ static fstring dir_drive="";
+ static fstring logon_script="";
+ static fstring profile_path="";
+ static fstring acct_desc="";
+ static fstring workstations="";
+ static fstring unknown_str="";
+ static fstring munged_dial="";
+
+ if (from == NULL || to == NULL) return;
+
+ memcpy(to, from, sizeof(*from));
+
+ if (from->username != NULL) {
+ fstrcpy(smb_name , from->username);
+ to->username = smb_name;
+ }
+
+ if (from->full_name != NULL) {
+ fstrcpy(full_name, from->full_name);
+ to->full_name = full_name;
+ }
+
+ if (from->home_dir != NULL) {
+ fstrcpy(home_dir , from->home_dir);
+ to->home_dir = home_dir;
+ }
+
+ if (from->dir_drive != NULL) {
+ fstrcpy(dir_drive , from->dir_drive);
+ to->dir_drive = dir_drive;
+ }
+
+ if (from->logon_script != NULL) {
+ fstrcpy(logon_script , from->logon_script);
+ to->logon_script = logon_script;
+ }
+
+ if (from->profile_path != NULL) {
+ fstrcpy(profile_path , from->profile_path);
+ to->profile_path = profile_path;
+ }
+
+ if (from->acct_desc != NULL) {
+ fstrcpy(acct_desc , from->acct_desc);
+ to->acct_desc = acct_desc;
+ }
+
+ if (from->workstations != NULL) {
+ fstrcpy(workstations , from->workstations);
+ to->workstations = workstations;
+ }
+
+ if (from->unknown_str != NULL) {
+ fstrcpy(unknown_str , from->unknown_str);
+ to->unknown_str = unknown_str;
+ }
+
+ if (from->munged_dial != NULL) {
+ fstrcpy(munged_dial , from->munged_dial);
+ to->munged_dial = munged_dial;
+ }
+}
+
+/*************************************************************
+ change a password entry in the local smbpasswd file
+
+ FIXME!! The function needs to be abstracted into the
+ passdb interface or something. It is currently being called
+ by _api_samr_create_user() in rpc_server/srv_samr.c
+
+ --jerry
+ *************************************************************/
+
+BOOL local_password_change(char *user_name, int local_flags,
+ char *new_passwd,
+ char *err_str, size_t err_str_len,
+ char *msg_str, size_t msg_str_len)
+{
+ struct passwd *pwd = NULL;
+ SAM_ACCOUNT *sam_pass;
+ SAM_ACCOUNT new_sam_acct;
+ uchar new_p16[16];
+ uchar new_nt_p16[16];
+
+ *err_str = '\0';
+ *msg_str = '\0';
+
+ if (local_flags & LOCAL_ADD_USER) {
+
+ /*
+ * Check for a local account - if we're adding only.
+ */
+
+ if(!(pwd = sys_getpwnam(user_name))) {
+ slprintf(err_str, err_str_len - 1, "User %s does not \
+exist in system password file (usually /etc/passwd). Cannot add \
+account without a valid local system user.\n", user_name);
+ return False;
+ }
+ }
+
+ /* Calculate the MD4 hash (NT compatible) of the new password. */
+ nt_lm_owf_gen(new_passwd, new_nt_p16, new_p16);
+
+ /* Get the smb passwd entry for this user */
+ sam_pass = pdb_getsampwnam(user_name);
+ if (sam_pass == NULL)
+ {
+ if(!(local_flags & LOCAL_ADD_USER))
+ {
+ slprintf(err_str, err_str_len-1,"Failed to find entry for user %s.\n", user_name);
+ return False;
+ }
+
+ /* create the SAM_ACCOUNT struct and call pdb_add_sam_account */
+ pdb_init_sam (&new_sam_acct);
+ pdb_set_username (&new_sam_acct, user_name);
+ pdb_set_uid (&new_sam_acct, pwd->pw_uid);
+ pdb_set_pass_last_set_time(&new_sam_acct, time(NULL));
+
+ /* set account flags */
+ pdb_set_acct_ctrl(&new_sam_acct,((local_flags & LOCAL_TRUST_ACCOUNT) ? ACB_WSTRUST : ACB_NORMAL) );
+ if (local_flags & LOCAL_DISABLE_USER)
+ {
+ pdb_set_acct_ctrl (&new_sam_acct, pdb_get_acct_ctrl(&new_sam_acct)|ACB_DISABLED);
+ }
+ if (local_flags & LOCAL_SET_NO_PASSWORD)
+ {
+ pdb_set_acct_ctrl (&new_sam_acct, pdb_get_acct_ctrl(&new_sam_acct)|ACB_PWNOTREQ);
+ }
+ else
+ {
+ /* set the passwords here. if we get to here it means
+ we have a valid, active account */
+ pdb_set_lanman_passwd (&new_sam_acct, new_p16);
+ pdb_set_nt_passwd (&new_sam_acct, new_nt_p16);
+ }
+
+
+ if (pdb_add_sam_account(&new_sam_acct))
+ {
+ slprintf(msg_str, msg_str_len-1, "Added user %s.\n", user_name);
+ pdb_clear_sam (&new_sam_acct);
+ return True;
+ }
+ else
+ {
+ slprintf(err_str, err_str_len-1, "Failed to add entry for user %s.\n", user_name);
+ return False;
+ }
+ }
+ else
+ {
+ /* the entry already existed */
+ local_flags &= ~LOCAL_ADD_USER;
+ }
+
+ /*
+ * We are root - just write the new password
+ * and the valid last change time.
+ */
+
+ if(local_flags & LOCAL_DISABLE_USER)
+ {
+ pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_DISABLED);
+ }
+ else if (local_flags & LOCAL_ENABLE_USER)
+ {
+ if(pdb_get_lanman_passwd(sam_pass) == NULL)
+ {
+ pdb_set_lanman_passwd (sam_pass, new_p16);
+ pdb_set_nt_passwd (sam_pass, new_nt_p16);
+ }
+ pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED));
+ } else if (local_flags & LOCAL_SET_NO_PASSWORD)
+ {
+ pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_PWNOTREQ);
+
+ /* This is needed to preserve ACB_PWNOTREQ in mod_smbfilepwd_entry */
+ pdb_set_lanman_passwd (sam_pass, NULL);
+ pdb_set_nt_passwd (sam_pass, NULL);
+ }
+ else
+ {
+ /*
+ * If we're dealing with setting a completely empty user account
+ * ie. One with a password of 'XXXX', but not set disabled (like
+ * an account created from scratch) then if the old password was
+ * 'XX's then getsmbpwent will have set the ACB_DISABLED flag.
+ * We remove that as we're giving this user their first password
+ * and the decision hasn't really been made to disable them (ie.
+ * don't create them disabled). JRA.
+ */
+ if ((pdb_get_lanman_passwd(sam_pass)==NULL) && (pdb_get_acct_ctrl(sam_pass)&ACB_DISABLED))
+ pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED));
+ pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_PWNOTREQ));
+ pdb_set_lanman_passwd (sam_pass, new_p16);
+ pdb_set_nt_passwd (sam_pass, new_nt_p16);
+ }
+
+ if(local_flags & LOCAL_DELETE_USER)
+ {
+ if (!pdb_delete_sam_account(user_name))
+ {
+ slprintf(err_str,err_str_len-1, "Failed to delete entry for user %s.\n", user_name);
+ return False;
+ }
+ slprintf(msg_str, msg_str_len-1, "Deleted user %s.\n", user_name);
+ }
+ else
+ {
+ if(!pdb_update_sam_account(sam_pass, True))
+ {
+ slprintf(err_str, err_str_len-1, "Failed to modify entry for user %s.\n", user_name);
+ return False;
+ }
+ if(local_flags & LOCAL_DISABLE_USER)
+ slprintf(msg_str, msg_str_len-1, "Disabled user %s.\n", user_name);
+ else if (local_flags & LOCAL_ENABLE_USER)
+ slprintf(msg_str, msg_str_len-1, "Enabled user %s.\n", user_name);
+ else if (local_flags & LOCAL_SET_NO_PASSWORD)
+ slprintf(msg_str, msg_str_len-1, "User %s password set to none.\n", user_name);
+ }
+
+ return True;
+}
+
+
+/*********************************************************************
+ collection of get...() functions for SAM_ACCOUNT_INFO
+ ********************************************************************/
+uint16 pdb_get_acct_ctrl (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->acct_ctrl);
+ else
+ return (ACB_DISABLED);
+}
+
+time_t pdb_get_logon_time (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->logon_time);
+ else
+ return (-1);
+}
+
+time_t pdb_get_logoff_time (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->logoff_time);
+ else
+ return (-1);
+}
+
+time_t pdb_get_kickoff_time (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->kickoff_time);
+ else
+ return (-1);
+}
+
+time_t pdb_get_pass_last_set_time (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->pass_last_set_time);
+ else
+ return (-1);
+}
+
+time_t pdb_get_pass_can_change_time (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->pass_can_change_time);
+ else
+ return (-1);
+}
+
+time_t pdb_get_pass_must_change_time (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->pass_must_change_time);
+ else
+ return (-1);
+}
+
+uint16 pdb_get_logon_divs (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->logon_divs);
+ else
+ return (-1);
+}
+
+uint32 pdb_get_hours_len (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->hours_len);
+ else
+ return (-1);
+}
+
+uint8* pdb_get_hours (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->hours);
+ else
+ return (NULL);
+}
+
+BYTE* pdb_get_nt_passwd (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->nt_pw);
+ else
+ return (NULL);
+}
+
+BYTE* pdb_get_lanman_passwd (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->lm_pw);
+ else
+ return (NULL);
+}
+
+
+uint32 pdb_get_user_rid (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->user_rid);
+ else
+ return (-1);
+}
+
+uint32 pdb_get_group_rid (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->group_rid);
+ else
+ return (-1);
+}
+
+uid_t pdb_get_uid (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->uid);
+ else
+ return ((uid_t)-1);
+}
+
+gid_t pdb_get_gid (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->gid);
+ else
+ return ((gid_t)-1);
+}
+
+char* pdb_get_username (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->username);
+ else
+ return (NULL);
+}
+
+char* pdb_get_domain (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->domain);
+ else
+ return (NULL);
+}
+
+char* pdb_get_nt_username (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->nt_username);
+ else
+ return (NULL);
+}
+
+char* pdb_get_fullname (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->full_name);
+ else
+ return (NULL);
+}
+
+char* pdb_get_homedir (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->home_dir);
+ else
+ return (NULL);
+}
+
+char* pdb_get_dirdrive (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->dir_drive);
+ else
+ return (NULL);
+}
+
+char* pdb_get_logon_script (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->logon_script);
+ else
+ return (NULL);
+}
+
+char* pdb_get_profile_path (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->profile_path);
+ else
+ return (NULL);
+}
+
+char* pdb_get_acct_desc (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->acct_desc);
+ else
+ return (NULL);
+}
+
+char* pdb_get_workstations (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->workstations);
+ else
+ return (NULL);
+}
+
+char* pdb_get_munged_dial (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->munged_dial);
+ else
+ return (NULL);
+}
+
+uint32 pdb_get_unknown3 (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->unknown_3);
+ else
+ return (-1);
+}
+
+uint32 pdb_get_unknown5 (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->unknown_5);
+ else
+ return (-1);
+}
+
+uint32 pdb_get_unknown6 (SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->unknown_6);
+ else
+ return (-1);
+}
+
+/*********************************************************************
+ collection of set...() functions for SAM_ACCOUNT_INFO
+ ********************************************************************/
+BOOL pdb_set_acct_ctrl (SAM_ACCOUNT *sampass, uint16 flags)
+{
+ if (sampass)
+ {
+ sampass->acct_ctrl = flags;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_logon_time (SAM_ACCOUNT *sampass, time_t time)
+{
+ if (sampass)
+ {
+ sampass->logon_time = time;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_logoff_time (SAM_ACCOUNT *sampass, time_t time)
+{
+ if (sampass)
+ {
+ sampass->logoff_time = time;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_kickoff_time (SAM_ACCOUNT *sampass, time_t time)
+{
+ if (sampass)
+ {
+ sampass->kickoff_time = time;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_pass_can_change_time (SAM_ACCOUNT *sampass, time_t time)
+{
+ if (sampass)
+ {
+ sampass->pass_can_change_time = time;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_pass_must_change_time (SAM_ACCOUNT *sampass, time_t time)
+{
+ if (sampass)
+ {
+ sampass->pass_must_change_time = time;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_pass_last_set_time (SAM_ACCOUNT *sampass, time_t time)
+{
+ if (sampass)
+ {
+ sampass->pass_last_set_time = time;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_hours_len (SAM_ACCOUNT *sampass, uint32 len)
+{
+ if (sampass)
+ {
+ sampass->hours_len = len;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_logons_divs (SAM_ACCOUNT *sampass, uint16 hours)
+{
+ if (sampass)
+ {
+ sampass->logon_divs = hours;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_uid (SAM_ACCOUNT *sampass, uid_t uid)
+{
+ if (sampass)
+ {
+ sampass->uid = uid;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_gid (SAM_ACCOUNT *sampass, gid_t gid)
+{
+ if (sampass)
+ {
+ sampass->gid = gid;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_user_rid (SAM_ACCOUNT *sampass, uint32 rid)
+{
+ if (sampass)
+ {
+ sampass->user_rid = rid;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_group_rid (SAM_ACCOUNT *sampass, uint32 grid)
+{
+ if (sampass)
+ {
+ sampass->group_rid = grid;
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_username (SAM_ACCOUNT *sampass, char *username)
+{
+ if (sampass)
+ {
+ sampass->username = strdup(username);
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_domain (SAM_ACCOUNT *sampass, char *domain)
+{
+ if (sampass)
+ {
+ sampass->username = strdup(domain);
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_nt_username (SAM_ACCOUNT *sampass, char *nt_username)
+{
+ if (sampass)
+ {
+ sampass->username = strdup(nt_username);
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_fullname (SAM_ACCOUNT *sampass, char *fullname)
+{
+ if (sampass)
+ {
+ sampass->full_name = strdup(fullname);
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_logon_script (SAM_ACCOUNT *sampass, char *logon_script)
+{
+ if (sampass)
+ {
+ sampass->logon_script = strdup(logon_script);
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_profile_path (SAM_ACCOUNT *sampass, char *profile_path)
+{
+ if (sampass)
+ {
+ sampass->profile_path = strdup(profile_path);
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_dir_drive (SAM_ACCOUNT *sampass, char *dir_drive)
+{
+ if (sampass)
+ {
+ sampass->dir_drive = strdup(dir_drive);
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_homedir (SAM_ACCOUNT *sampass, char *homedir)
+{
+ if (sampass)
+ {
+ sampass->home_dir = strdup(homedir);
+ return True;
+ }
+
+ return False;
+}
+
+
+BOOL pdb_set_nt_passwd (SAM_ACCOUNT *sampass, BYTE *pwd)
+{
+
+ if (pwd == NULL)
+ return False;
+
+ /* allocate space for the password and make a copy of it */
+ if (sampass)
+ {
+ if ((sampass->nt_pw=(BYTE*)malloc(sizeof(BYTE)*16)) == NULL)
+ {
+ DEBUG(0,("pdb_set_nt_passwd: ERROR - out of memory for nt_pw!\n"));
+ return False;
+ }
+ if (memcpy(sampass->nt_pw, pwd, 16))
+ return True;
+ }
+
+ return False;
+}
+
+BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, BYTE *pwd)
+{
+ if (pwd == NULL)
+ return False;
+
+ /* allocate space for the password and make a copy of it */
+ if (sampass)
+ {
+ if ((sampass->lm_pw=(BYTE*)malloc(sizeof(BYTE)*16)) == NULL)
+ {
+ DEBUG(0,("pdb_set_lanman_passwd: ERROR - out of memory for lm_pw!\n"));
+ return False;
+ }
+ if (memcpy(sampass->lm_pw, pwd, 16))
+ return True;
+ }
+
+ return False;
+}
+
+
+
+
+
generated by cgit (git 2.34.1) at 2024-07-15 23:30:47 +0000