Add some debug statments to our vampire code - try to make it easier to track

down failures.

Add a 'auto-add on modify' feature to guestsam

Fix some segfault bugs on no-op idmap modifications, and on new idmappings that
do not have a DN to tack onto.

Make the 'private data' a bit more robust.

Andrew Bartlett
(This used to be commit 6c48309cda9538da5a32f3d88a7bb9c413ae9e8e)

3 files changed, 28 insertions, 9 deletions

diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index e0b9f0e0ec..ba07a4e01c 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -332,7 +332,7 @@ uint32 pdb_get_unknown_6 (const SAM_ACCOUNT *sampass)
 
 void *pdb_get_backend_private_data (const SAM_ACCOUNT *sampass, const struct pdb_methods *my_methods)
 {
-	if (sampass && my_methods == sampass->methods)
+	if (sampass && my_methods == sampass->private.backend_private_methods)
 		return sampass->private.backend_private_data;
 	else
 		return NULL;
@@ -1028,7 +1028,7 @@ BOOL pdb_set_backend_private_data (SAM_ACCOUNT *sampass, void *private_data,
 		return False;
 
 	/* does this backend 'own' this SAM_ACCOUNT? */
-	if (my_methods != sampass->methods)
+	if (my_methods != sampass->private.backend_private_methods)
 		return False;
 
 	if (sampass->private.backend_private_data && sampass->private.backend_private_data_free_fn) {
@@ -1037,6 +1037,7 @@ BOOL pdb_set_backend_private_data (SAM_ACCOUNT *sampass, void *private_data,
 
 	sampass->private.backend_private_data = private_data;
 	sampass->private.backend_private_data_free_fn = free_fn;
+	sampass->private.backend_private_methods = my_methods;
 
 	return pdb_set_init_flags(sampass, PDB_BACKEND_PRIVATE_DATA, flag);
 }
diff --git a/source3/passdb/pdb_guest.c b/source3/passdb/pdb_guest.c
index 359e2285a3..18a456b2e1 100644
--- a/source3/passdb/pdb_guest.c
+++ b/source3/passdb/pdb_guest.c
@@ -98,6 +98,21 @@ static NTSTATUS guestsam_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT
 }
 
 
+/***************************************************************************
+  Updates a SAM_ACCOUNT
+
+  This isn't a particulary practical option for pdb_guest.  We certainly don't
+  want to twidde the filesystem, so what should we do?
+
+  Current plan is to transparently add the account.  It should appear
+  as if the pdb_unix version was modified, but its actually stored somehwere.
+ ****************************************************************************/
+
+static NTSTATUS guestsam_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
+{
+	return methods->parent->pdb_add_sam_account(methods->parent, newpwd);
+}
+
 NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
 {
 	NTSTATUS nt_status;
@@ -115,6 +130,7 @@ NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, c
 	
 	(*pdb_method)->getsampwnam = guestsam_getsampwnam;
 	(*pdb_method)->getsampwsid = guestsam_getsampwsid;
+	(*pdb_method)->update_sam_account = guestsam_update_sam_account;
 	
 	/* we should do no group mapping here */
 	(*pdb_method)->getgrsid = pdb_nop_getgrsid;
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 140b87afb9..0d16a1a985 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -1528,6 +1528,8 @@ static int ldapsam_get_ldap_user_by_sid(struct ldapsam_privates *ldap_state,
 {
 	int rc = -1;
 	char ** attr_list;
+	uint32 rid;
+
 	switch ( ldap_state->schema_ver )
 	{
 		case SCHEMAVER_SAMBASAMACCOUNT:
@@ -1540,8 +1542,6 @@ static int ldapsam_get_ldap_user_by_sid(struct ldapsam_privates *ldap_state,
 			break;
 			
 		case SCHEMAVER_SAMBAACCOUNT:
-		{
-			uint32 rid;
 			if (!sid_peek_check_rid(&ldap_state->domain_sid, sid, &rid)) {
 				return rc;
 			}
@@ -1552,8 +1552,7 @@ static int ldapsam_get_ldap_user_by_sid(struct ldapsam_privates *ldap_state,
 
 			if ( rc != LDAP_SUCCESS ) 
 				return rc;
-		}
-		break;
+			break;
 	}
 	return rc;
 }
@@ -1610,7 +1609,7 @@ static NTSTATUS ldapsam_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT
 	} else {
 		ldap_msgfree(result);
 	}
-	return ret;
+	return NT_STATUS_NO_SUCH_USER;
 }	
 
 /********************************************************************
@@ -1810,8 +1809,9 @@ static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, SAM_A
 		attr_list = get_userattr_list(ldap_state->schema_ver);
 		rc = ldapsam_search_suffix_by_name(ldap_state, pdb_get_username(newpwd), &result, attr_list );
 		free_attr_list( attr_list );
-		if (rc != LDAP_SUCCESS) 
+		if (rc != LDAP_SUCCESS) {
 			return NT_STATUS_UNSUCCESSFUL;
+		}
 		pdb_set_backend_private_data(newpwd, result, private_data_free_fn, my_methods, PDB_CHANGED);
 	}
 
@@ -1823,6 +1823,8 @@ static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, SAM_A
 	entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct, result);
 	dn = ldap_get_dn(ldap_state->smbldap_state->ldap_struct, entry);
 
+	DEBUG(4, ("user %s to be modified has dn: %s\n", pdb_get_username(newpwd), dn));
+
 	if (!init_ldap_from_sam(ldap_state, entry, &mods, newpwd,
 				element_is_changed)) {
 		DEBUG(0, ("ldapsam_update_sam_account: init_ldap_from_sam failed!\n"));
@@ -1926,7 +1928,7 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCO
 		}
 	}
 
-	/* does the entry already exist but without a samba rttibutes?
+	/* does the entry already exist but without a samba attributes?
 	   we need to return the samba attributes here */
 	   
 	escape_user = escape_ldap_string_alloc( username );