Large commit which restructures the local password storage API.

Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+)
are broken, but they were somewhat broken before. :)

The following functions implement the storage manipulation interface

/*The following definitions come from  passdb/pdb_smbpasswd.c  */

BOOL pdb_setsampwent (BOOL update);
void pdb_endsampwent (void);
SAM_ACCOUNT* pdb_getsampwent (void);
SAM_ACCOUNT* pdb_getsampwnam (char *username);
SAM_ACCOUNT* pdb_getsampwuid (uid_t uid);
SAM_ACCOUNT* pdb_getsampwrid (uint32 rid);
BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass);
BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override);
BOOL pdb_delete_sam_account (char* username);

There is also a host of pdb_set..() and pdb_get..() functions for
manipulating SAM_ACCOUNT struct members.  Note that the struct
passdb_ops {} has gone away.  Also notice that struct smb_passwd
(formally in smb.h) has been moved to passdb/pdb_smbpasswd.c
and is not accessed outisde of static internal functions in this
file.  All local password searches should make use of the the SAM_ACCOUNT
struct and the previously mentioned functions.

I'll write some documentation for this later.  The next step is to fix
the TDB passdb backend, then work on spliting the backends out into
share libraries, and finally get the LDAP backend going.

What works and may not:

	o domain logons from Win9x 	works
	o domain logons from WinNT 4	works
	o user and group enumeration
		as implemented by Tim	works
	o file and print access		works
	o changing password from
		Win9x & NT		ummm...i'll fix this tonight :)

If I broke anything else, just yell and I'll fix it.  I think it
should be fairly quite.





-- jerry
(This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)

1 files changed, 0 insertions, 173 deletions

diff --git a/source3/passdb/smbpasschange.c b/source3/passdb/smbpasschange.c
index 0c30bbe4a5..f4af6e8745 100644
--- a/source3/passdb/smbpasschange.c
+++ b/source3/passdb/smbpasschange.c
@@ -22,177 +22,4 @@
 #include "includes.h"
 
 
-/*************************************************************
-add a new user to the local smbpasswd file
-*************************************************************/
 
-static BOOL add_new_user(char *user_name, uid_t uid, int local_flags,
-			 uchar *new_p16, uchar *new_nt_p16)
-{
-	struct smb_passwd new_smb_pwent;
-
-	/* Create a new smb passwd entry and set it to the given password. */
-	new_smb_pwent.smb_userid = uid;
-	new_smb_pwent.smb_name = user_name; 
-	new_smb_pwent.smb_passwd = NULL;
-	new_smb_pwent.smb_nt_passwd = NULL;
-	new_smb_pwent.pass_last_set_time = time(NULL);
-	new_smb_pwent.acct_ctrl = ((local_flags & LOCAL_TRUST_ACCOUNT) ? ACB_WSTRUST : ACB_NORMAL);
-	
-	if(local_flags & LOCAL_DISABLE_USER) {
-		new_smb_pwent.acct_ctrl |= ACB_DISABLED;
-	}
-	
-	if (local_flags & LOCAL_SET_NO_PASSWORD) {
-		new_smb_pwent.acct_ctrl |= ACB_PWNOTREQ;
-	} else {
-		new_smb_pwent.smb_passwd = new_p16;
-		new_smb_pwent.smb_nt_passwd = new_nt_p16;
-	}
-
-	
-	return add_smbpwd_entry(&new_smb_pwent);
-}
-
-
-/*************************************************************
-change a password entry in the local smbpasswd file
-*************************************************************/
-
-BOOL local_password_change(char *user_name, int local_flags,
-			   char *new_passwd, 
-			   char *err_str, size_t err_str_len,
-			   char *msg_str, size_t msg_str_len)
-{
-	struct passwd  *pwd = NULL;
-	void *vp;
-	struct smb_passwd *smb_pwent;
-	uchar           new_p16[16];
-	uchar           new_nt_p16[16];
-
-	*err_str = '\0';
-	*msg_str = '\0';
-
-	if (local_flags & LOCAL_ADD_USER) {
-	
-		/*
-		 * Check for a local account - if we're adding only.
-		 */
-	
-		if(!(pwd = sys_getpwnam(user_name))) {
-			slprintf(err_str, err_str_len - 1, "User %s does not \
-exist in system password file (usually /etc/passwd). Cannot add \
-account without a valid local system user.\n", user_name);
-			return False;
-		}
-	}
-
-	/* Calculate the MD4 hash (NT compatible) of the new password. */
-	nt_lm_owf_gen(new_passwd, new_nt_p16, new_p16);
-
-	/*
-	 * Open the smbpaswd file.
-	 */
-	vp = startsmbpwent(True);
-	if (!vp && errno == ENOENT) {
-		FILE *fp;
-		slprintf(msg_str,msg_str_len-1,
-			"smbpasswd file did not exist - attempting to create it.\n");
-		fp = sys_fopen(lp_smb_passwd_file(), "w");
-		if (fp) {
-			fprintf(fp, "# Samba SMB password file\n");
-			fclose(fp);
-			vp = startsmbpwent(True);
-		}
-	}
-
-	if (!vp) {
-		slprintf(err_str, err_str_len-1, "Cannot open file %s. Error was %s\n",
-			lp_smb_passwd_file(), strerror(errno) );
-		return False;
-	}
-  
-	/* Get the smb passwd entry for this user */
-	smb_pwent = getsmbpwnam(user_name);
-	if (smb_pwent == NULL) {
-		if(!(local_flags & LOCAL_ADD_USER)) {
-			slprintf(err_str, err_str_len-1,
-				"Failed to find entry for user %s.\n", user_name);
-			endsmbpwent(vp);
-			return False;
-		}
-
-		if (add_new_user(user_name, pwd->pw_uid, local_flags, new_p16, new_nt_p16)) {
-			slprintf(msg_str, msg_str_len-1, "Added user %s.\n", user_name);
-			endsmbpwent(vp);
-			return True;
-		} else {
-			slprintf(err_str, err_str_len-1, "Failed to add entry for user %s.\n", user_name);
-			endsmbpwent(vp);
-			return False;
-		}
-	} else {
-		/* the entry already existed */
-		local_flags &= ~LOCAL_ADD_USER;
-	}
-
-	/*
-	 * We are root - just write the new password
-	 * and the valid last change time.
-	 */
-
-	if(local_flags & LOCAL_DISABLE_USER) {
-		smb_pwent->acct_ctrl |= ACB_DISABLED;
-	} else if (local_flags & LOCAL_ENABLE_USER) {
-		if(smb_pwent->smb_passwd == NULL) {
-			smb_pwent->smb_passwd = new_p16;
-			smb_pwent->smb_nt_passwd = new_nt_p16;
-		}
-		smb_pwent->acct_ctrl &= ~ACB_DISABLED;
-	} else if (local_flags & LOCAL_SET_NO_PASSWORD) {
-		smb_pwent->acct_ctrl |= ACB_PWNOTREQ;
-		/* This is needed to preserve ACB_PWNOTREQ in mod_smbfilepwd_entry */
-		smb_pwent->smb_passwd = NULL;
-		smb_pwent->smb_nt_passwd = NULL;
-	} else {
-		/*
-		 * If we're dealing with setting a completely empty user account
-		 * ie. One with a password of 'XXXX', but not set disabled (like
-		 * an account created from scratch) then if the old password was
-		 * 'XX's then getsmbpwent will have set the ACB_DISABLED flag.
-		 * We remove that as we're giving this user their first password
-		 * and the decision hasn't really been made to disable them (ie.
-		 * don't create them disabled). JRA.
-		 */
-		if((smb_pwent->smb_passwd == NULL) && (smb_pwent->acct_ctrl & ACB_DISABLED))
-			smb_pwent->acct_ctrl &= ~ACB_DISABLED;
-		smb_pwent->acct_ctrl &= ~ACB_PWNOTREQ;
-		smb_pwent->smb_passwd = new_p16;
-		smb_pwent->smb_nt_passwd = new_nt_p16;
-	}
-	
-	if(local_flags & LOCAL_DELETE_USER) {
-		if (del_smbpwd_entry(user_name)==False) {
-			slprintf(err_str,err_str_len-1, "Failed to delete entry for user %s.\n", user_name);
-			endsmbpwent(vp);
-			return False;
-		}
-		slprintf(msg_str, msg_str_len-1, "Deleted user %s.\n", user_name);
-	} else {
-		if(mod_smbpwd_entry(smb_pwent,True) == False) {
-			slprintf(err_str, err_str_len-1, "Failed to modify entry for user %s.\n", user_name);
-			endsmbpwent(vp);
-			return False;
-		}
-		if(local_flags & LOCAL_DISABLE_USER)
-			slprintf(msg_str, msg_str_len-1, "Disabled user %s.\n", user_name);
-		else if (local_flags & LOCAL_ENABLE_USER)
-			slprintf(msg_str, msg_str_len-1, "Enabled user %s.\n", user_name);
-		else if (local_flags & LOCAL_SET_NO_PASSWORD)
-			slprintf(msg_str, msg_str_len-1, "User %s password set to none.\n", user_name);
-	}
-
-	endsmbpwent(vp);
-
-	return True;
-}