summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/ntdomain.h7
-rw-r--r--source3/include/proto.h6
-rw-r--r--source3/lib/domain_namemap.c22
-rw-r--r--source3/lib/util_file.c53
-rw-r--r--source3/lib/util_pwdb.c235
-rw-r--r--source3/param/loadparm.c5
-rw-r--r--source3/passdb/smbpass.c6
-rw-r--r--source3/passdb/smbpassgroup.c6
-rw-r--r--source3/rpc_server/srv_lookup.c69
9 files changed, 310 insertions, 99 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index ce4d1ed148..9ba096bb13 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -138,13 +138,6 @@ struct mem_buf
struct mem_buf *next;
};
-typedef struct
-{
- uint32 rid;
- char *name;
-
-} rid_name;
-
struct acct_info
{
fstring acct_name; /* account name */
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 97398c553c..c17cbb657b 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -497,6 +497,8 @@ SMB_BIG_UINT getfilepwpos(void *vp);
BOOL setfilepwpos(void *vp, SMB_BIG_UINT tok);
int getfileline(void *vp, char *linebuf, int linebuf_size);
char *fgets_slash(char *s2,int maxlen,FILE *f);
+BOOL file_modified(const char *filename, time_t *lastmodified);
+void *open_file_if_modified(const char *filename, char *mode, time_t *lastmodified);
/*The following definitions come from lib/util_pwdb.c */
@@ -518,6 +520,9 @@ void pwdb_set_last_set_time(char *p, int max_len, time_t t);
void pwdb_sethexpwd(char *p, const char *pwd, uint16 acct_ctrl);
BOOL pwdb_gethexpwd(const char *p, char *pwd, uint32 *acct_ctrl);
BOOL pwdb_initialise(BOOL is_server);
+char *lookup_wk_alias_rid(uint32 rid);
+char *lookup_wk_user_rid(uint32 rid);
+char *lookup_wk_group_rid(uint32 rid);
/*The following definitions come from lib/util_sid.c */
@@ -1239,6 +1244,7 @@ char *lp_username_map(void);
char *lp_aliasname_map(void);
char *lp_groupname_map(void);
char *lp_builtinname_map(void);
+char *lp_builtinrid_file(void);
char *lp_ntusrname_map(void);
char *lp_logon_script(void);
char *lp_logon_path(void);
diff --git a/source3/lib/domain_namemap.c b/source3/lib/domain_namemap.c
index 156e4e7d35..fb6ecf2acf 100644
--- a/source3/lib/domain_namemap.c
+++ b/source3/lib/domain_namemap.c
@@ -479,7 +479,6 @@ static ubi_slList *load_name_map(DOM_MAP_TYPE type)
char *aliasname_map_file = lp_aliasname_map();
char *ntusrname_map_file = lp_ntusrname_map();
- SMB_STRUCT_STAT st;
FILE *fp;
char *s;
pstring buf;
@@ -533,32 +532,13 @@ static ubi_slList *load_name_map(DOM_MAP_TYPE type)
return map_list;
}
- if (sys_stat(map_file, &st) != 0)
- {
- DEBUG(0, ("load_name_map: Unable to stat file %s. Error was %s\n",
- map_file, strerror(errno) ));
- return map_list;
- }
-
- /*
- * Check if file has changed.
- */
- if (st.st_mtime <= (*file_last_modified))
- {
- return map_list;
- }
-
- (*file_last_modified) = st.st_mtime;
-
/*
* Load the file.
*/
- fp = fopen(map_file,"r");
+ fp = open_file_if_modified(map_file, "r", file_last_modified);
if (!fp)
{
- DEBUG(0,("load_name_map: can't open name map %s. Error was %s\n",
- map_file, strerror(errno)));
return map_list;
}
diff --git a/source3/lib/util_file.c b/source3/lib/util_file.c
index 37489086d8..5861314c02 100644
--- a/source3/lib/util_file.c
+++ b/source3/lib/util_file.c
@@ -188,7 +188,6 @@ int getfileline(void *vp, char *linebuf, int linebuf_size)
/* Static buffers we will return. */
FILE *fp = (FILE *)vp;
unsigned char c;
- unsigned char *p;
size_t linebuf_len;
if (fp == NULL)
@@ -248,12 +247,6 @@ int getfileline(void *vp, char *linebuf, int linebuf_size)
continue;
}
- p = (unsigned char *) strchr(linebuf, ':');
- if (p == NULL)
- {
- DEBUG(0, ("getfileline: malformed line entry (no :)\n"));
- continue;
- }
return linebuf_len;
}
return -1;
@@ -326,3 +319,49 @@ char *fgets_slash(char *s2,int maxlen,FILE *f)
return(s);
}
+/****************************************************************************
+checks if a file has changed since last read
+****************************************************************************/
+BOOL file_modified(const char *filename, time_t *lastmodified)
+{
+ SMB_STRUCT_STAT st;
+
+ if (sys_stat(filename, &st) != 0)
+ {
+ DEBUG(0, ("file_changed: Unable to stat file %s. Error was %s\n",
+ filename, strerror(errno) ));
+ return False;
+ }
+
+ if(st.st_mtime <= *lastmodified)
+ {
+ DEBUG(20, ("file_modified: %s not modified\n", filename));
+ return False;
+ }
+
+ DEBUG(20, ("file_modified: %s modified\n", filename));
+ *lastmodified = st.st_mtime;
+ return True;
+}
+
+/***************************************************************************
+opens a file if modified otherwise returns NULL
+***************************************************************************/
+void *open_file_if_modified(const char *filename, char *mode, time_t *lastmodified)
+{
+ FILE *f;
+
+ if (file_modified(filename, lastmodified))
+ {
+ return NULL;
+ }
+
+ if( (f = fopen(filename, mode)) == NULL)
+ {
+ DEBUG(0, ("open_file_if_modified: can't open file %s. Error was %s\n",
+ filename, strerror(errno)));
+ return NULL;
+ }
+
+ return (void *)f;
+}
diff --git a/source3/lib/util_pwdb.c b/source3/lib/util_pwdb.c
index b3b638b5e6..f78bdfff5d 100644
--- a/source3/lib/util_pwdb.c
+++ b/source3/lib/util_pwdb.c
@@ -34,43 +34,199 @@ extern DOM_SID global_sid_S_1_5_20;
extern pstring global_myname;
+typedef struct
+{
+ uint32 rid;
+ char *defaultname;
+ char *name;
+} rid_name;
+
/*
* A list of the rids of well known BUILTIN and Domain users
* and groups.
*/
-rid_name builtin_alias_rids[] =
+static rid_name builtin_alias_rids[] =
{
- { BUILTIN_ALIAS_RID_ADMINS , "Administrators" },
- { BUILTIN_ALIAS_RID_USERS , "Users" },
- { BUILTIN_ALIAS_RID_GUESTS , "Guests" },
- { BUILTIN_ALIAS_RID_POWER_USERS , "Power Users" },
+ { BUILTIN_ALIAS_RID_ADMINS , "Administrators" , NULL },
+ { BUILTIN_ALIAS_RID_USERS , "Users" , NULL },
+ { BUILTIN_ALIAS_RID_GUESTS , "Guests" , NULL },
+ { BUILTIN_ALIAS_RID_POWER_USERS , "Power Users" , NULL },
- { BUILTIN_ALIAS_RID_ACCOUNT_OPS , "Account Operators" },
- { BUILTIN_ALIAS_RID_SYSTEM_OPS , "System Operators" },
- { BUILTIN_ALIAS_RID_PRINT_OPS , "Print Operators" },
- { BUILTIN_ALIAS_RID_BACKUP_OPS , "Backup Operators" },
- { BUILTIN_ALIAS_RID_REPLICATOR , "Replicator" },
- { 0 , NULL }
+ { BUILTIN_ALIAS_RID_ACCOUNT_OPS , "Account Operators" , NULL },
+ { BUILTIN_ALIAS_RID_SYSTEM_OPS , "System Operators" , NULL },
+ { BUILTIN_ALIAS_RID_PRINT_OPS , "Print Operators" , NULL },
+ { BUILTIN_ALIAS_RID_BACKUP_OPS , "Backup Operators" , NULL },
+ { BUILTIN_ALIAS_RID_REPLICATOR , "Replicator" , NULL },
+ { 0 , NULL , NULL}
};
/* array lookup of well-known Domain RID users. */
-rid_name domain_user_rids[] =
+static rid_name domain_user_rids[] =
{
- { DOMAIN_USER_RID_ADMIN , "Administrator" },
- { DOMAIN_USER_RID_GUEST , "Guest" },
- { 0 , NULL }
+ { DOMAIN_USER_RID_ADMIN , "Administrator" , NULL },
+ { DOMAIN_USER_RID_GUEST , "Guest" , NULL },
+ { 0 , NULL , NULL}
};
/* array lookup of well-known Domain RID groups. */
-rid_name domain_group_rids[] =
+static rid_name domain_group_rids[] =
{
- { DOMAIN_GROUP_RID_ADMINS , "Domain Admins" },
- { DOMAIN_GROUP_RID_USERS , "Domain Users" },
- { DOMAIN_GROUP_RID_GUESTS , "Domain Guests" },
- { 0 , NULL }
+ { DOMAIN_GROUP_RID_ADMINS , "Domain Admins" , NULL },
+ { DOMAIN_GROUP_RID_USERS , "Domain Users" , NULL },
+ { DOMAIN_GROUP_RID_GUESTS , "Domain Guests" , NULL },
+ { 0 , NULL , NULL}
};
+/*******************************************************************
+ make an entry in wk name map
+ the name is strdup()ed!
+ *******************************************************************/
+static BOOL make_alias_entry(rid_name *map, char *defaultname, char *name)
+{
+ if(isdigit(*defaultname))
+ {
+ long rid = -1;
+ char *s;
+
+ if(*defaultname == '0')
+ {
+ if(defaultname[1] == 'x')
+ {
+ s = "%lx";
+ defaultname += 2;
+ }
+ else
+ {
+ s = "%lo";
+ }
+ }
+ else
+ {
+ s = "%ld";
+ }
+
+ sscanf(defaultname, s, &rid);
+
+ for( ; map->rid; map++)
+ {
+ if(map->rid == rid) {
+ map->name = strdup(name);
+ DEBUG(5, ("make_alias_entry: mapping %s (rid 0x%x) to %s\n",
+ map->defaultname, map->rid, map->name));
+ return True;
+ }
+ }
+ return False;
+ }
+
+ for( ; map->rid; map++)
+ {
+ if(!StrCaseCmp(map->name, defaultname)) {
+ map->name = strdup(name);
+ DEBUG(5, ("make_alias_entry: mapping %s (rid 0x%x) to %s\n",
+ map->defaultname, map->rid, map->name));
+ return True;
+ }
+ }
+ return False;
+}
+
+/*******************************************************************
+ reset wk map to default values
+ *******************************************************************/
+static void reset_wk_map(rid_name *map)
+{
+ for( ; map->rid; map++)
+ {
+ if(map->name != NULL && map->name != map->defaultname)
+ free(map->name);
+ map->name = map->defaultname;
+ }
+}
+
+/*******************************************************************
+ reset all wk maps
+ *******************************************************************/
+static void reset_wk_maps(void)
+{
+ DEBUG(4, ("reset_wk_maps: Initializing maps\n"));
+ reset_wk_map(builtin_alias_rids);
+ reset_wk_map(domain_user_rids);
+ reset_wk_map(domain_group_rids);
+}
+
+/*******************************************************************
+ Load builtin alias map
+ *******************************************************************/
+static BOOL load_wk_rid_map(void)
+{
+ static int map_initialized = 0;
+ static time_t builtin_rid_file_last_modified = (time_t)0;
+ char *builtin_rid_file = lp_builtinrid_file();
+
+ FILE *fp;
+ char *s;
+ pstring buf;
+
+ if (!map_initialized)
+ {
+ reset_wk_maps();
+ map_initialized = 1;
+ }
+
+ if (!*builtin_rid_file)
+ {
+ return False;
+ }
+
+ fp = open_file_if_modified(builtin_rid_file, "r", &builtin_rid_file_last_modified);
+ if(!fp)
+ {
+ DEBUG(0,("load_wk_rid_map: can't open name map %s. Error was %s\n",
+ builtin_rid_file, strerror(errno)));
+ return False;
+ }
+
+ reset_wk_maps();
+ DEBUG(4,("load_wk_rid_map: Scanning builtin rid map %s\n",builtin_rid_file));
+
+ while ((s = fgets_slash(buf, sizeof(buf), fp)) != NULL)
+ {
+ pstring defaultname;
+ pstring name;
+
+ DEBUG(10,("Read line |%s|\n", s));
+
+ if (!*s || strchr("#;",*s))
+ continue;
+
+ if (!next_token(&s,name, "\t\n\r=", sizeof(defaultname)))
+ continue;
+
+ if (!next_token(&s,defaultname, "\t\n\r=", sizeof(name)))
+ continue;
+
+ trim_string(defaultname, " ", " ");
+ trim_string(name, " ", " ");
+
+ if (!*defaultname || !*name)
+ continue;
+
+ if(make_alias_entry(builtin_alias_rids, defaultname, name))
+ continue;
+ if(make_alias_entry(domain_user_rids, defaultname, name))
+ continue;
+ if(make_alias_entry(domain_group_rids, defaultname, name))
+ continue;
+
+ DEBUG(0,("load_wk_rid_map: Unknown alias %s in map %s\n",
+ defaultname, builtin_rid_file));
+ }
+
+ fclose(fp);
+ return True;
+}
/*******************************************************************
lookup_wk_group_name
@@ -96,6 +252,8 @@ uint32 lookup_wk_group_name(const char *group_name, const char *domain,
return 0xC0000000 | NT_STATUS_NONE_MAPPED;
}
+ load_wk_rid_map();
+
do /* find, if it exists, a group rid for the group name */
{
i++;
@@ -137,6 +295,8 @@ uint32 lookup_wk_user_name(const char *user_name, const char *domain,
return 0xC0000000 | NT_STATUS_NONE_MAPPED;
}
+ load_wk_rid_map();
+
do /* find, if it exists, a alias rid for the alias name */
{
i++;
@@ -175,6 +335,8 @@ uint32 lookup_builtin_alias_name(const char *alias_name, const char *domain,
return 0xC0000000 | NT_STATUS_NONE_MAPPED;
}
+ load_wk_rid_map();
+
do /* find, if it exists, a alias rid for the alias name*/
{
rid = builtin_alias_rids[i].rid;
@@ -471,3 +633,36 @@ BOOL pwdb_initialise(BOOL is_server)
return initialise_password_db();
}
+
+/*************************************************************
+ the following functions lookup wk rid's.
+ these may be unnecessary...
+**************************************************************/
+static char *lookup_wk_rid(uint32 rid, rid_name *table)
+{
+ load_wk_rid_map();
+ for( ; table->rid ; table++)
+ {
+ if(table->rid == rid)
+ {
+ return table->name;
+ }
+ }
+ return NULL;
+}
+
+char *lookup_wk_alias_rid(uint32 rid)
+{
+ return lookup_wk_rid(rid, builtin_alias_rids);
+}
+
+char *lookup_wk_user_rid(uint32 rid)
+{
+ return lookup_wk_rid(rid, domain_user_rids);
+}
+
+char *lookup_wk_group_rid(uint32 rid)
+{
+ return lookup_wk_rid(rid, domain_group_rids);
+}
+
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 3f89c53be4..c27a834914 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -127,6 +127,7 @@ typedef struct
char *szAliasnameMap;
char *szGroupnameMap;
char *szBuiltinnameMap;
+ char *szBuiltinRidFile;
char *szNTusernameMap;
char *szCharacterSet;
char *szLogonScript;
@@ -716,7 +717,8 @@ static struct parm_struct parm_table[] =
{"local group map", P_STRING, P_GLOBAL, &Globals.szAliasnameMap, NULL, NULL, 0},
{"domain group map", P_STRING, P_GLOBAL, &Globals.szGroupnameMap, NULL, NULL, 0},
{"builtin group map", P_STRING, P_GLOBAL, &Globals.szBuiltinnameMap, NULL, NULL, 0},
- {"domain user map", P_STRING, P_GLOBAL, &Globals.szNTusernameMap, NULL, NULL, 0},
+ {"builtin rid file", P_STRING, P_GLOBAL, &Globals.szBuiltinRidFile, NULL, NULL, 0},
+ {"domain user map", P_STRING, P_GLOBAL, &Globals.szNTusernameMap, NULL, NULL, 0},
{"machine password timeout", P_INTEGER, P_GLOBAL, &Globals.machine_password_timeout, NULL, NULL, 0},
{"Logon Options", P_SEP, P_SEPARATOR},
@@ -1196,6 +1198,7 @@ FN_GLOBAL_STRING(lp_username_map,&Globals.szUsernameMap)
FN_GLOBAL_STRING(lp_aliasname_map,&Globals.szAliasnameMap)
FN_GLOBAL_STRING(lp_groupname_map,&Globals.szGroupnameMap)
FN_GLOBAL_STRING(lp_builtinname_map,&Globals.szBuiltinnameMap)
+FN_GLOBAL_STRING(lp_builtinrid_file,&Globals.szBuiltinRidFile)
FN_GLOBAL_STRING(lp_ntusrname_map,&Globals.szNTusernameMap)
FN_GLOBAL_STRING(lp_logon_script,&Globals.szLogonScript)
FN_GLOBAL_STRING(lp_logon_path,&Globals.szLogonPath)
diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c
index e7adbe6d45..e3c6a5da44 100644
--- a/source3/passdb/smbpass.c
+++ b/source3/passdb/smbpass.c
@@ -120,6 +120,12 @@ struct smb_passwd *getsmbfilepwent(void *vp)
*/
p = strncpyn(unix_name, linebuf, sizeof(unix_name), ':');
+ if (p == NULL)
+ {
+ DEBUG(0,("getsmbfilepwent: no ':' separator found\n"));
+ continue;
+ }
+
/* Go past ':' */
p++;
diff --git a/source3/passdb/smbpassgroup.c b/source3/passdb/smbpassgroup.c
index 056f198074..8991cad978 100644
--- a/source3/passdb/smbpassgroup.c
+++ b/source3/passdb/smbpassgroup.c
@@ -105,6 +105,12 @@ static struct smb_passwd *getsmbfilegrpent(void *vp,
*/
p = strncpyn(user_name, linebuf, sizeof(user_name), ':');
+ if (p == NULL)
+ {
+ DEBUG(0,("getsmbfilegrpent: no ':' separator found\n"));
+ continue;
+ }
+
/* Go past ':' */
p++;
diff --git a/source3/rpc_server/srv_lookup.c b/source3/rpc_server/srv_lookup.c
index 08f2e11d77..193c7931ab 100644
--- a/source3/rpc_server/srv_lookup.c
+++ b/source3/rpc_server/srv_lookup.c
@@ -52,10 +52,6 @@ extern fstring global_sam_name;
extern DOM_SID global_sam_sid;
extern DOM_SID global_sid_S_1_5_20;
-extern rid_name builtin_alias_rids[];
-extern rid_name domain_user_rids[];
-extern rid_name domain_group_rids[];
-
int make_dom_gids(DOMAIN_GRP *mem, int num_members, DOM_GID **ppgids)
{
int count;
@@ -192,9 +188,9 @@ uint32 lookup_sid(DOM_SID *sid, char *name, uint8 *type)
********************************************************************/
uint32 lookup_wk_group_sid(DOM_SID *sid, char *group_name, uint8 *type)
{
- int i = 0;
uint32 rid;
DOM_SID tmp;
+ char *mapped;
(*type) = SID_NAME_DOM_GRP;
@@ -208,20 +204,16 @@ uint32 lookup_wk_group_sid(DOM_SID *sid, char *group_name, uint8 *type)
DEBUG(5,("lookup_wk_group_sid: rid: %d", rid));
- while (domain_group_rids[i].rid != rid && domain_group_rids[i].rid != 0)
- {
- i++;
- }
-
- if (domain_group_rids[i].rid != 0)
+ /* look up the well-known domain group rids first */
+ mapped = lookup_wk_group_rid(rid);
+ if(mapped == NULL)
{
- fstrcpy(group_name, domain_group_rids[i].name);
- DEBUG(5,(" = %s\n", group_name));
- return 0x0;
+ DEBUG(5,(" none mapped\n"));
+ return 0xC0000000 | NT_STATUS_NONE_MAPPED;
}
-
- DEBUG(5,(" none mapped\n"));
- return 0xC0000000 | NT_STATUS_NONE_MAPPED;
+ fstrcpy(group_name, mapped);
+ DEBUG(5,(" = %s\n", group_name));
+ return 0x0;
}
/*******************************************************************
@@ -267,9 +259,9 @@ uint32 lookup_group_sid(DOM_SID *sid, char *group_name, uint8 *type)
********************************************************************/
uint32 lookup_wk_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type)
{
- int i = 0;
uint32 rid;
DOM_SID tmp;
+ char *mapped;
(*type) = SID_NAME_ALIAS;
@@ -283,20 +275,16 @@ uint32 lookup_wk_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type)
DEBUG(5,("lookup_wk_alias_sid: rid: %d", rid));
- while (builtin_alias_rids[i].rid != rid && builtin_alias_rids[i].rid != 0)
+ /* look up the well-known alias group rids first */
+ mapped = lookup_wk_alias_rid(rid);
+ if(mapped == NULL)
{
- i++;
- }
-
- if (builtin_alias_rids[i].rid != 0)
- {
- fstrcpy(alias_name, builtin_alias_rids[i].name);
- DEBUG(5,(" = %s\n", alias_name));
- return 0x0;
+ DEBUG(5,(" none mapped\n"));
+ return 0xC0000000 | NT_STATUS_NONE_MAPPED;
}
-
- DEBUG(5,(" none mapped\n"));
- return 0xC0000000 | NT_STATUS_NONE_MAPPED;
+ fstrcpy(alias_name, mapped);
+ DEBUG(5,(" = %s\n", alias_name));
+ return 0x0;
}
/*******************************************************************
@@ -342,9 +330,9 @@ uint32 lookup_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type)
********************************************************************/
uint32 lookup_wk_user_sid(DOM_SID *sid, char *user_name, uint8 *type)
{
- int i = 0;
uint32 rid;
DOM_SID tmp;
+ char *mapped;
(*type) = SID_NAME_USER;
@@ -359,20 +347,15 @@ uint32 lookup_wk_user_sid(DOM_SID *sid, char *user_name, uint8 *type)
DEBUG(5,("lookup_wk_user_sid: rid: %d", rid));
/* look up the well-known domain user rids first */
- while (domain_user_rids[i].rid != rid && domain_user_rids[i].rid != 0)
+ mapped = lookup_wk_user_rid(rid);
+ if(mapped == NULL)
{
- i++;
- }
-
- if (domain_user_rids[i].rid != 0)
- {
- fstrcpy(user_name, domain_user_rids[i].name);
- DEBUG(5,(" = %s\n", user_name));
- return 0x0;
+ DEBUG(5,(" none mapped\n"));
+ return 0xC0000000 | NT_STATUS_NONE_MAPPED;
}
-
- DEBUG(5,(" none mapped\n"));
- return 0xC0000000 | NT_STATUS_NONE_MAPPED;
+ fstrcpy(user_name, mapped);
+ DEBUG(5,(" = %s\n", user_name));
+ return 0x0;
}
/*******************************************************************