diff options
-rw-r--r-- | examples/sam/sam_skel.c | 50 | ||||
-rw-r--r-- | source3/include/sam.h | 7 | ||||
-rw-r--r-- | source3/sam/group.c | 193 |
3 files changed, 223 insertions, 27 deletions
diff --git a/examples/sam/sam_skel.c b/examples/sam/sam_skel.c index 9b684270a0..5dae5a5843 100644 --- a/examples/sam/sam_skel.c +++ b/examples/sam/sam_skel.c @@ -32,26 +32,26 @@ SAM_MODULE_VERSIONING_MAGIC /* General API */ -NTSTATUS sam_skel_get_sec_desc(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd) +NTSTATUS sam_skel_get_sec_desc(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_set_sec_desc(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd) +NTSTATUS sam_skel_set_sec_desc(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_lookup_sid(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const DOM_SID *sid, char **name, uint32 *type) +NTSTATUS sam_skel_lookup_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const DOM_SID *sid, char **name, uint32 *type) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_lookup_name(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const char *name, DOM_SID **sid, uint32 *type) +NTSTATUS sam_skel_lookup_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const char *name, DOM_SID **sid, uint32 *type) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; @@ -60,13 +60,13 @@ NTSTATUS sam_skel_lookup_name(const struct sam_methods *sam_method, const NT_USE /* Domain API */ -NTSTATUS sam_skel_update_domain(const struct sam_methods *sam_method, const SAM_DOMAIN_HANDLE *domain) +NTSTATUS sam_skel_update_domain(const SAM_METHODS *sam_method, const SAM_DOMAIN_HANDLE *domain) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_get_domain_handle(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, SAM_DOMAIN_HANDLE **domain) +NTSTATUS sam_skel_get_domain_handle(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint32 access_desired, SAM_DOMAIN_HANDLE **domain) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; @@ -75,44 +75,44 @@ NTSTATUS sam_skel_get_domain_handle(const struct sam_methods *sam_method, const /* Account API */ -NTSTATUS sam_skel_create_account(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, SAM_ACCOUNT_HANDLE **account) +NTSTATUS sam_skel_create_account(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *group_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_add_account(const struct sam_methods *sam_method, const SAM_ACCOUNT_HANDLE *account) +NTSTATUS sam_skel_add_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_update_account(const struct sam_methods *sam_method, const SAM_ACCOUNT_HANDLE *account) +NTSTATUS sam_skel_update_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_delete_account(const struct sam_methods *sam_method, const SAM_ACCOUNT_HANDLE *account) +NTSTATUS sam_skel_delete_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_enum_accounts(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, int32 *account_count, SAM_ACCOUNT_ENUM **accounts) +NTSTATUS sam_skel_enum_accounts(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_get_account_by_sid(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) +NTSTATUS sam_skel_get_account_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_get_account_by_name(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *name, SAM_ACCOUNT_HANDLE **account) +NTSTATUS sam_skel_get_account_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_ACCOUNT_HANDLE **account) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; @@ -121,69 +121,69 @@ NTSTATUS sam_skel_get_account_by_name(const struct sam_methods *sam_method, cons /* Group API */ -NTSTATUS sam_skel_create_group(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const uint32 type, SAM_GROUP_HANDLE **group) +NTSTATUS sam_skel_create_group(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_add_group(const struct sam_methods *sam_method, const SAM_GROUP_HANDLE *group) +NTSTATUS sam_skel_add_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_update_group(const struct sam_methods *sam_method, const SAM_GROUP_HANDLE *group) +NTSTATUS sam_skel_update_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_delete_group(const struct sam_methods *sam_method, const SAM_GROUP_HANDLE *group) +NTSTATUS sam_skel_delete_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_enum_groups(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const uint32 type, uint32 *groups_count, SAM_GROUP_ENUM **groups) +NTSTATUS sam_skel_enum_groups(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_get_group_by_sid(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) +NTSTATUS sam_skel_get_group_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_get_group_by_name(const struct sam_methods *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group) +NTSTATUS sam_skel_get_group_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_add_member_to_group(const struct sam_methods *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) +NTSTATUS sam_skel_add_member_to_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_delete_member_from_group(const struct sam_methods *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) +NTSTATUS sam_skel_delete_member_from_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_enum_groupmembers(const struct sam_methods *sam_method, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) +NTSTATUS sam_skel_enum_groupmembers(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS sam_skel_get_groups_of_account(const struct sam_methods *sam_method, const SAM_ACCOUNT_HANDLE *account, const uint32 type, uint32 *group_count, SAM_GROUP_ENUM **groups) +NTSTATUS sam_skel_get_groups_of_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) { DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); return NT_STATUS_NOT_IMPLEMENTED; @@ -238,7 +238,7 @@ NTSTATUS sam_init(const SAM_CONTEXT *sam_context, SAM_METHODS **sam_method, cons (*sam_method)->sam_delete_member_from_group = sam_skel_delete_member_from_group; (*sam_method)->sam_enum_groupmembers = sam_skel_enum_groupmembers; - (*sam_method)->sam_get_groups_of_account = sam_skel_get_groups_of_account; + (*sam_method)->sam_get_groups_of_sid = sam_skel_get_groups_of_sid; (*sam_method)->free_private_data = NULL; diff --git a/source3/include/sam.h b/source3/include/sam.h index 53d56a2a80..afa7e55c65 100644 --- a/source3/include/sam.h +++ b/source3/include/sam.h @@ -30,8 +30,11 @@ #define SAM_ASSERT(x) SMB_ASSERT(x) #else #define SAM_ASSERT(x) while (0) { \ - if (!(x)) return NT_STATUS_FAIL_CHECK;\ - } + if (!(x)) { + DEBUG(0, ("SAM_ASSERT failed!\n")) + return NT_STATUS_FAIL_CHECK;\ + } \ + } #endif diff --git a/source3/sam/group.c b/source3/sam/group.c new file mode 100644 index 0000000000..7e4bcc1425 --- /dev/null +++ b/source3/sam/group.c @@ -0,0 +1,193 @@ +/* + Unix SMB/CIFS implementation. + SAM_GROUP_HANDLE /SAM_GROUP_ENUM helpers + + Copyright (C) Stefan (metze) Metzmacher 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_SAM + +/************************************************************ + Fill the SAM_GROUP_HANDLE with default values. + ***********************************************************/ + +static void sam_fill_default_group(SAM_GROUP_HANDLE *group) +{ + ZERO_STRUCT(group->private); /* Don't touch the talloc context */ + +} + +static void destroy_sam_group_handle_talloc(SAM_GROUP_HANDLE **group) +{ + if (*group) { + + talloc_destroy((*group)->mem_ctx); + *group = NULL; + } +} + + +/********************************************************************** + Alloc memory and initialises a SAM_GROUP_HANDLE on supplied mem_ctx. +***********************************************************************/ + +NTSTATUS sam_init_group_talloc(TALLOC_CTX *mem_ctx, SAM_GROUP_HANDLE **group) +{ + SMB_ASSERT(*group != NULL); + + if (!mem_ctx) { + DEBUG(0,("sam_init_group_talloc: mem_ctx was NULL!\n")); + return NT_STATUS_UNSUCCESSFUL; + } + + *group=(SAM_GROUP_HANDLE *)talloc(mem_ctx, sizeof(SAM_GROUP_HANDLE)); + + if (*group==NULL) { + DEBUG(0,("sam_init_group_talloc: error while allocating memory\n")); + return NT_STATUS_NO_MEMORY; + } + + (*group)->mem_ctx = mem_ctx; + + (*group)->free_fn = NULL; + + sam_fill_default_group(*group); + + return NT_STATUS_OK; +} + + +/************************************************************* + Alloc memory and initialises a struct SAM_GROUP_HANDLE. + ************************************************************/ + +NTSTATUS sam_init_group(SAM_GROUP_HANDLE **group) +{ + TALLOC_CTX *mem_ctx; + NTSTATUS nt_status; + + mem_ctx = talloc_init_named("sam internal SAM_GROUP_HANDLE allocation"); + + if (!mem_ctx) { + DEBUG(0,("sam_init_group: error while doing talloc_init()\n")); + return NT_STATUS_NO_MEMORY; + } + + if (!NT_STATUS_IS_OK(nt_status = sam_init_group_talloc(mem_ctx, group))) { + talloc_destroy(mem_ctx); + return nt_status; + } + + (*group)->free_fn = destroy_sam_group_handle_talloc; + + return NT_STATUS_OK; +} + + +/************************************************************ + Reset the SAM_GROUP_HANDLE. + ***********************************************************/ + +NTSTATUS sam_reset_group(SAM_GROUP_HANDLE *group) +{ + SMB_ASSERT(group != NULL); + + sam_fill_default_group(group); + + return NT_STATUS_OK; +} + + +/************************************************************ + Free the SAM_GROUP_HANDLE and the member pointers. + ***********************************************************/ + +NTSTATUS sam_free_group(SAM_ACCOUNT_HANDLE **group) +{ + SMB_ASSERT(*group != NULL); + + if ((*group)->free_fn) { + (*group)->free_fn(group); + } + + return NT_STATUS_OK; +} + + +/********************************************************** + Encode the group control bits into a string. + length = length of string to encode into (including terminating + null). length *MUST BE MORE THAN 2* ! + **********************************************************/ + +char *sam_encode_acct_ctrl(uint16 group_ctrl, size_t length) +{ + static fstring group_str; + size_t i = 0; + + group_str[i++] = '['; + + if (group_ctrl & GCB_LOCAL_GROUP ) group_str[i++] = 'L'; + if (group_ctrl & GCB_GLOBAL_GROUP ) group_str[i++] = 'G'; + + for ( ; i < length - 2 ; i++ ) + group_str[i] = ' '; + + i = length - 2; + group_str[i++] = ']'; + group_str[i++] = '\0'; + + return group_str; +} + +/********************************************************** + Decode the group control bits from a string. + **********************************************************/ + +uint16 sam_decode_group_ctrl(const char *p) +{ + uint16 group_ctrl = 0; + BOOL finished = False; + + /* + * Check if the account type bits have been encoded after the + * NT password (in the form [NDHTUWSLXI]). + */ + + if (*p != '[') + return 0; + + for (p++; *p && !finished; p++) { + switch (*p) { + case 'L': { group_ctrl |= GCB_LOCAL_GROUP; break; /* 'L'ocal Aliases Group. */ } + case 'G': { group_ctrl |= GCB_GLOBAL_GROUP; break; /* 'G'lobal Domain Group. */ } + + case ' ': { break; } + case ':': + case '\n': + case '\0': + case ']': + default: { finished = True; } + } + } + + return group_ctrl; +} + |