diff options
-rw-r--r-- | source3/include/ntdomain.h | 7 | ||||
-rw-r--r-- | source3/include/proto.h | 6 | ||||
-rw-r--r-- | source3/lib/domain_namemap.c | 22 | ||||
-rw-r--r-- | source3/lib/util_file.c | 53 | ||||
-rw-r--r-- | source3/lib/util_pwdb.c | 235 | ||||
-rw-r--r-- | source3/param/loadparm.c | 5 | ||||
-rw-r--r-- | source3/passdb/smbpass.c | 6 | ||||
-rw-r--r-- | source3/passdb/smbpassgroup.c | 6 | ||||
-rw-r--r-- | source3/rpc_server/srv_lookup.c | 69 |
9 files changed, 310 insertions, 99 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index ce4d1ed148..9ba096bb13 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -138,13 +138,6 @@ struct mem_buf struct mem_buf *next; }; -typedef struct -{ - uint32 rid; - char *name; - -} rid_name; - struct acct_info { fstring acct_name; /* account name */ diff --git a/source3/include/proto.h b/source3/include/proto.h index 97398c553c..c17cbb657b 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -497,6 +497,8 @@ SMB_BIG_UINT getfilepwpos(void *vp); BOOL setfilepwpos(void *vp, SMB_BIG_UINT tok); int getfileline(void *vp, char *linebuf, int linebuf_size); char *fgets_slash(char *s2,int maxlen,FILE *f); +BOOL file_modified(const char *filename, time_t *lastmodified); +void *open_file_if_modified(const char *filename, char *mode, time_t *lastmodified); /*The following definitions come from lib/util_pwdb.c */ @@ -518,6 +520,9 @@ void pwdb_set_last_set_time(char *p, int max_len, time_t t); void pwdb_sethexpwd(char *p, const char *pwd, uint16 acct_ctrl); BOOL pwdb_gethexpwd(const char *p, char *pwd, uint32 *acct_ctrl); BOOL pwdb_initialise(BOOL is_server); +char *lookup_wk_alias_rid(uint32 rid); +char *lookup_wk_user_rid(uint32 rid); +char *lookup_wk_group_rid(uint32 rid); /*The following definitions come from lib/util_sid.c */ @@ -1239,6 +1244,7 @@ char *lp_username_map(void); char *lp_aliasname_map(void); char *lp_groupname_map(void); char *lp_builtinname_map(void); +char *lp_builtinrid_file(void); char *lp_ntusrname_map(void); char *lp_logon_script(void); char *lp_logon_path(void); diff --git a/source3/lib/domain_namemap.c b/source3/lib/domain_namemap.c index 156e4e7d35..fb6ecf2acf 100644 --- a/source3/lib/domain_namemap.c +++ b/source3/lib/domain_namemap.c @@ -479,7 +479,6 @@ static ubi_slList *load_name_map(DOM_MAP_TYPE type) char *aliasname_map_file = lp_aliasname_map(); char *ntusrname_map_file = lp_ntusrname_map(); - SMB_STRUCT_STAT st; FILE *fp; char *s; pstring buf; @@ -533,32 +532,13 @@ static ubi_slList *load_name_map(DOM_MAP_TYPE type) return map_list; } - if (sys_stat(map_file, &st) != 0) - { - DEBUG(0, ("load_name_map: Unable to stat file %s. Error was %s\n", - map_file, strerror(errno) )); - return map_list; - } - - /* - * Check if file has changed. - */ - if (st.st_mtime <= (*file_last_modified)) - { - return map_list; - } - - (*file_last_modified) = st.st_mtime; - /* * Load the file. */ - fp = fopen(map_file,"r"); + fp = open_file_if_modified(map_file, "r", file_last_modified); if (!fp) { - DEBUG(0,("load_name_map: can't open name map %s. Error was %s\n", - map_file, strerror(errno))); return map_list; } diff --git a/source3/lib/util_file.c b/source3/lib/util_file.c index 37489086d8..5861314c02 100644 --- a/source3/lib/util_file.c +++ b/source3/lib/util_file.c @@ -188,7 +188,6 @@ int getfileline(void *vp, char *linebuf, int linebuf_size) /* Static buffers we will return. */ FILE *fp = (FILE *)vp; unsigned char c; - unsigned char *p; size_t linebuf_len; if (fp == NULL) @@ -248,12 +247,6 @@ int getfileline(void *vp, char *linebuf, int linebuf_size) continue; } - p = (unsigned char *) strchr(linebuf, ':'); - if (p == NULL) - { - DEBUG(0, ("getfileline: malformed line entry (no :)\n")); - continue; - } return linebuf_len; } return -1; @@ -326,3 +319,49 @@ char *fgets_slash(char *s2,int maxlen,FILE *f) return(s); } +/**************************************************************************** +checks if a file has changed since last read +****************************************************************************/ +BOOL file_modified(const char *filename, time_t *lastmodified) +{ + SMB_STRUCT_STAT st; + + if (sys_stat(filename, &st) != 0) + { + DEBUG(0, ("file_changed: Unable to stat file %s. Error was %s\n", + filename, strerror(errno) )); + return False; + } + + if(st.st_mtime <= *lastmodified) + { + DEBUG(20, ("file_modified: %s not modified\n", filename)); + return False; + } + + DEBUG(20, ("file_modified: %s modified\n", filename)); + *lastmodified = st.st_mtime; + return True; +} + +/*************************************************************************** +opens a file if modified otherwise returns NULL +***************************************************************************/ +void *open_file_if_modified(const char *filename, char *mode, time_t *lastmodified) +{ + FILE *f; + + if (file_modified(filename, lastmodified)) + { + return NULL; + } + + if( (f = fopen(filename, mode)) == NULL) + { + DEBUG(0, ("open_file_if_modified: can't open file %s. Error was %s\n", + filename, strerror(errno))); + return NULL; + } + + return (void *)f; +} diff --git a/source3/lib/util_pwdb.c b/source3/lib/util_pwdb.c index b3b638b5e6..f78bdfff5d 100644 --- a/source3/lib/util_pwdb.c +++ b/source3/lib/util_pwdb.c @@ -34,43 +34,199 @@ extern DOM_SID global_sid_S_1_5_20; extern pstring global_myname; +typedef struct +{ + uint32 rid; + char *defaultname; + char *name; +} rid_name; + /* * A list of the rids of well known BUILTIN and Domain users * and groups. */ -rid_name builtin_alias_rids[] = +static rid_name builtin_alias_rids[] = { - { BUILTIN_ALIAS_RID_ADMINS , "Administrators" }, - { BUILTIN_ALIAS_RID_USERS , "Users" }, - { BUILTIN_ALIAS_RID_GUESTS , "Guests" }, - { BUILTIN_ALIAS_RID_POWER_USERS , "Power Users" }, + { BUILTIN_ALIAS_RID_ADMINS , "Administrators" , NULL }, + { BUILTIN_ALIAS_RID_USERS , "Users" , NULL }, + { BUILTIN_ALIAS_RID_GUESTS , "Guests" , NULL }, + { BUILTIN_ALIAS_RID_POWER_USERS , "Power Users" , NULL }, - { BUILTIN_ALIAS_RID_ACCOUNT_OPS , "Account Operators" }, - { BUILTIN_ALIAS_RID_SYSTEM_OPS , "System Operators" }, - { BUILTIN_ALIAS_RID_PRINT_OPS , "Print Operators" }, - { BUILTIN_ALIAS_RID_BACKUP_OPS , "Backup Operators" }, - { BUILTIN_ALIAS_RID_REPLICATOR , "Replicator" }, - { 0 , NULL } + { BUILTIN_ALIAS_RID_ACCOUNT_OPS , "Account Operators" , NULL }, + { BUILTIN_ALIAS_RID_SYSTEM_OPS , "System Operators" , NULL }, + { BUILTIN_ALIAS_RID_PRINT_OPS , "Print Operators" , NULL }, + { BUILTIN_ALIAS_RID_BACKUP_OPS , "Backup Operators" , NULL }, + { BUILTIN_ALIAS_RID_REPLICATOR , "Replicator" , NULL }, + { 0 , NULL , NULL} }; /* array lookup of well-known Domain RID users. */ -rid_name domain_user_rids[] = +static rid_name domain_user_rids[] = { - { DOMAIN_USER_RID_ADMIN , "Administrator" }, - { DOMAIN_USER_RID_GUEST , "Guest" }, - { 0 , NULL } + { DOMAIN_USER_RID_ADMIN , "Administrator" , NULL }, + { DOMAIN_USER_RID_GUEST , "Guest" , NULL }, + { 0 , NULL , NULL} }; /* array lookup of well-known Domain RID groups. */ -rid_name domain_group_rids[] = +static rid_name domain_group_rids[] = { - { DOMAIN_GROUP_RID_ADMINS , "Domain Admins" }, - { DOMAIN_GROUP_RID_USERS , "Domain Users" }, - { DOMAIN_GROUP_RID_GUESTS , "Domain Guests" }, - { 0 , NULL } + { DOMAIN_GROUP_RID_ADMINS , "Domain Admins" , NULL }, + { DOMAIN_GROUP_RID_USERS , "Domain Users" , NULL }, + { DOMAIN_GROUP_RID_GUESTS , "Domain Guests" , NULL }, + { 0 , NULL , NULL} }; +/******************************************************************* + make an entry in wk name map + the name is strdup()ed! + *******************************************************************/ +static BOOL make_alias_entry(rid_name *map, char *defaultname, char *name) +{ + if(isdigit(*defaultname)) + { + long rid = -1; + char *s; + + if(*defaultname == '0') + { + if(defaultname[1] == 'x') + { + s = "%lx"; + defaultname += 2; + } + else + { + s = "%lo"; + } + } + else + { + s = "%ld"; + } + + sscanf(defaultname, s, &rid); + + for( ; map->rid; map++) + { + if(map->rid == rid) { + map->name = strdup(name); + DEBUG(5, ("make_alias_entry: mapping %s (rid 0x%x) to %s\n", + map->defaultname, map->rid, map->name)); + return True; + } + } + return False; + } + + for( ; map->rid; map++) + { + if(!StrCaseCmp(map->name, defaultname)) { + map->name = strdup(name); + DEBUG(5, ("make_alias_entry: mapping %s (rid 0x%x) to %s\n", + map->defaultname, map->rid, map->name)); + return True; + } + } + return False; +} + +/******************************************************************* + reset wk map to default values + *******************************************************************/ +static void reset_wk_map(rid_name *map) +{ + for( ; map->rid; map++) + { + if(map->name != NULL && map->name != map->defaultname) + free(map->name); + map->name = map->defaultname; + } +} + +/******************************************************************* + reset all wk maps + *******************************************************************/ +static void reset_wk_maps(void) +{ + DEBUG(4, ("reset_wk_maps: Initializing maps\n")); + reset_wk_map(builtin_alias_rids); + reset_wk_map(domain_user_rids); + reset_wk_map(domain_group_rids); +} + +/******************************************************************* + Load builtin alias map + *******************************************************************/ +static BOOL load_wk_rid_map(void) +{ + static int map_initialized = 0; + static time_t builtin_rid_file_last_modified = (time_t)0; + char *builtin_rid_file = lp_builtinrid_file(); + + FILE *fp; + char *s; + pstring buf; + + if (!map_initialized) + { + reset_wk_maps(); + map_initialized = 1; + } + + if (!*builtin_rid_file) + { + return False; + } + + fp = open_file_if_modified(builtin_rid_file, "r", &builtin_rid_file_last_modified); + if(!fp) + { + DEBUG(0,("load_wk_rid_map: can't open name map %s. Error was %s\n", + builtin_rid_file, strerror(errno))); + return False; + } + + reset_wk_maps(); + DEBUG(4,("load_wk_rid_map: Scanning builtin rid map %s\n",builtin_rid_file)); + + while ((s = fgets_slash(buf, sizeof(buf), fp)) != NULL) + { + pstring defaultname; + pstring name; + + DEBUG(10,("Read line |%s|\n", s)); + + if (!*s || strchr("#;",*s)) + continue; + + if (!next_token(&s,name, "\t\n\r=", sizeof(defaultname))) + continue; + + if (!next_token(&s,defaultname, "\t\n\r=", sizeof(name))) + continue; + + trim_string(defaultname, " ", " "); + trim_string(name, " ", " "); + + if (!*defaultname || !*name) + continue; + + if(make_alias_entry(builtin_alias_rids, defaultname, name)) + continue; + if(make_alias_entry(domain_user_rids, defaultname, name)) + continue; + if(make_alias_entry(domain_group_rids, defaultname, name)) + continue; + + DEBUG(0,("load_wk_rid_map: Unknown alias %s in map %s\n", + defaultname, builtin_rid_file)); + } + + fclose(fp); + return True; +} /******************************************************************* lookup_wk_group_name @@ -96,6 +252,8 @@ uint32 lookup_wk_group_name(const char *group_name, const char *domain, return 0xC0000000 | NT_STATUS_NONE_MAPPED; } + load_wk_rid_map(); + do /* find, if it exists, a group rid for the group name */ { i++; @@ -137,6 +295,8 @@ uint32 lookup_wk_user_name(const char *user_name, const char *domain, return 0xC0000000 | NT_STATUS_NONE_MAPPED; } + load_wk_rid_map(); + do /* find, if it exists, a alias rid for the alias name */ { i++; @@ -175,6 +335,8 @@ uint32 lookup_builtin_alias_name(const char *alias_name, const char *domain, return 0xC0000000 | NT_STATUS_NONE_MAPPED; } + load_wk_rid_map(); + do /* find, if it exists, a alias rid for the alias name*/ { rid = builtin_alias_rids[i].rid; @@ -471,3 +633,36 @@ BOOL pwdb_initialise(BOOL is_server) return initialise_password_db(); } + +/************************************************************* + the following functions lookup wk rid's. + these may be unnecessary... +**************************************************************/ +static char *lookup_wk_rid(uint32 rid, rid_name *table) +{ + load_wk_rid_map(); + for( ; table->rid ; table++) + { + if(table->rid == rid) + { + return table->name; + } + } + return NULL; +} + +char *lookup_wk_alias_rid(uint32 rid) +{ + return lookup_wk_rid(rid, builtin_alias_rids); +} + +char *lookup_wk_user_rid(uint32 rid) +{ + return lookup_wk_rid(rid, domain_user_rids); +} + +char *lookup_wk_group_rid(uint32 rid) +{ + return lookup_wk_rid(rid, domain_group_rids); +} + diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 3f89c53be4..c27a834914 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -127,6 +127,7 @@ typedef struct char *szAliasnameMap; char *szGroupnameMap; char *szBuiltinnameMap; + char *szBuiltinRidFile; char *szNTusernameMap; char *szCharacterSet; char *szLogonScript; @@ -716,7 +717,8 @@ static struct parm_struct parm_table[] = {"local group map", P_STRING, P_GLOBAL, &Globals.szAliasnameMap, NULL, NULL, 0}, {"domain group map", P_STRING, P_GLOBAL, &Globals.szGroupnameMap, NULL, NULL, 0}, {"builtin group map", P_STRING, P_GLOBAL, &Globals.szBuiltinnameMap, NULL, NULL, 0}, - {"domain user map", P_STRING, P_GLOBAL, &Globals.szNTusernameMap, NULL, NULL, 0}, + {"builtin rid file", P_STRING, P_GLOBAL, &Globals.szBuiltinRidFile, NULL, NULL, 0}, + {"domain user map", P_STRING, P_GLOBAL, &Globals.szNTusernameMap, NULL, NULL, 0}, {"machine password timeout", P_INTEGER, P_GLOBAL, &Globals.machine_password_timeout, NULL, NULL, 0}, {"Logon Options", P_SEP, P_SEPARATOR}, @@ -1196,6 +1198,7 @@ FN_GLOBAL_STRING(lp_username_map,&Globals.szUsernameMap) FN_GLOBAL_STRING(lp_aliasname_map,&Globals.szAliasnameMap) FN_GLOBAL_STRING(lp_groupname_map,&Globals.szGroupnameMap) FN_GLOBAL_STRING(lp_builtinname_map,&Globals.szBuiltinnameMap) +FN_GLOBAL_STRING(lp_builtinrid_file,&Globals.szBuiltinRidFile) FN_GLOBAL_STRING(lp_ntusrname_map,&Globals.szNTusernameMap) FN_GLOBAL_STRING(lp_logon_script,&Globals.szLogonScript) FN_GLOBAL_STRING(lp_logon_path,&Globals.szLogonPath) diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c index e7adbe6d45..e3c6a5da44 100644 --- a/source3/passdb/smbpass.c +++ b/source3/passdb/smbpass.c @@ -120,6 +120,12 @@ struct smb_passwd *getsmbfilepwent(void *vp) */ p = strncpyn(unix_name, linebuf, sizeof(unix_name), ':'); + if (p == NULL) + { + DEBUG(0,("getsmbfilepwent: no ':' separator found\n")); + continue; + } + /* Go past ':' */ p++; diff --git a/source3/passdb/smbpassgroup.c b/source3/passdb/smbpassgroup.c index 056f198074..8991cad978 100644 --- a/source3/passdb/smbpassgroup.c +++ b/source3/passdb/smbpassgroup.c @@ -105,6 +105,12 @@ static struct smb_passwd *getsmbfilegrpent(void *vp, */ p = strncpyn(user_name, linebuf, sizeof(user_name), ':'); + if (p == NULL) + { + DEBUG(0,("getsmbfilegrpent: no ':' separator found\n")); + continue; + } + /* Go past ':' */ p++; diff --git a/source3/rpc_server/srv_lookup.c b/source3/rpc_server/srv_lookup.c index 08f2e11d77..193c7931ab 100644 --- a/source3/rpc_server/srv_lookup.c +++ b/source3/rpc_server/srv_lookup.c @@ -52,10 +52,6 @@ extern fstring global_sam_name; extern DOM_SID global_sam_sid; extern DOM_SID global_sid_S_1_5_20; -extern rid_name builtin_alias_rids[]; -extern rid_name domain_user_rids[]; -extern rid_name domain_group_rids[]; - int make_dom_gids(DOMAIN_GRP *mem, int num_members, DOM_GID **ppgids) { int count; @@ -192,9 +188,9 @@ uint32 lookup_sid(DOM_SID *sid, char *name, uint8 *type) ********************************************************************/ uint32 lookup_wk_group_sid(DOM_SID *sid, char *group_name, uint8 *type) { - int i = 0; uint32 rid; DOM_SID tmp; + char *mapped; (*type) = SID_NAME_DOM_GRP; @@ -208,20 +204,16 @@ uint32 lookup_wk_group_sid(DOM_SID *sid, char *group_name, uint8 *type) DEBUG(5,("lookup_wk_group_sid: rid: %d", rid)); - while (domain_group_rids[i].rid != rid && domain_group_rids[i].rid != 0) - { - i++; - } - - if (domain_group_rids[i].rid != 0) + /* look up the well-known domain group rids first */ + mapped = lookup_wk_group_rid(rid); + if(mapped == NULL) { - fstrcpy(group_name, domain_group_rids[i].name); - DEBUG(5,(" = %s\n", group_name)); - return 0x0; + DEBUG(5,(" none mapped\n")); + return 0xC0000000 | NT_STATUS_NONE_MAPPED; } - - DEBUG(5,(" none mapped\n")); - return 0xC0000000 | NT_STATUS_NONE_MAPPED; + fstrcpy(group_name, mapped); + DEBUG(5,(" = %s\n", group_name)); + return 0x0; } /******************************************************************* @@ -267,9 +259,9 @@ uint32 lookup_group_sid(DOM_SID *sid, char *group_name, uint8 *type) ********************************************************************/ uint32 lookup_wk_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type) { - int i = 0; uint32 rid; DOM_SID tmp; + char *mapped; (*type) = SID_NAME_ALIAS; @@ -283,20 +275,16 @@ uint32 lookup_wk_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type) DEBUG(5,("lookup_wk_alias_sid: rid: %d", rid)); - while (builtin_alias_rids[i].rid != rid && builtin_alias_rids[i].rid != 0) + /* look up the well-known alias group rids first */ + mapped = lookup_wk_alias_rid(rid); + if(mapped == NULL) { - i++; - } - - if (builtin_alias_rids[i].rid != 0) - { - fstrcpy(alias_name, builtin_alias_rids[i].name); - DEBUG(5,(" = %s\n", alias_name)); - return 0x0; + DEBUG(5,(" none mapped\n")); + return 0xC0000000 | NT_STATUS_NONE_MAPPED; } - - DEBUG(5,(" none mapped\n")); - return 0xC0000000 | NT_STATUS_NONE_MAPPED; + fstrcpy(alias_name, mapped); + DEBUG(5,(" = %s\n", alias_name)); + return 0x0; } /******************************************************************* @@ -342,9 +330,9 @@ uint32 lookup_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type) ********************************************************************/ uint32 lookup_wk_user_sid(DOM_SID *sid, char *user_name, uint8 *type) { - int i = 0; uint32 rid; DOM_SID tmp; + char *mapped; (*type) = SID_NAME_USER; @@ -359,20 +347,15 @@ uint32 lookup_wk_user_sid(DOM_SID *sid, char *user_name, uint8 *type) DEBUG(5,("lookup_wk_user_sid: rid: %d", rid)); /* look up the well-known domain user rids first */ - while (domain_user_rids[i].rid != rid && domain_user_rids[i].rid != 0) + mapped = lookup_wk_user_rid(rid); + if(mapped == NULL) { - i++; - } - - if (domain_user_rids[i].rid != 0) - { - fstrcpy(user_name, domain_user_rids[i].name); - DEBUG(5,(" = %s\n", user_name)); - return 0x0; + DEBUG(5,(" none mapped\n")); + return 0xC0000000 | NT_STATUS_NONE_MAPPED; } - - DEBUG(5,(" none mapped\n")); - return 0xC0000000 | NT_STATUS_NONE_MAPPED; + fstrcpy(user_name, mapped); + DEBUG(5,(" = %s\n", user_name)); + return 0x0; } /******************************************************************* |