summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/passdb/pdb_smbpasswd.c44
-rw-r--r--source3/passdb/pdb_unix.c29
-rw-r--r--source3/rpc_server/srv_netlog_nt.c8
3 files changed, 33 insertions, 48 deletions
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index 88e317cea9..f7ab6f3070 100644
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -357,6 +357,8 @@ static struct smb_passwd *getsmbfilepwent(struct smbpasswd_privates *smbpasswd_s
* As 256 is shorter than a pstring we don't need to check
* length here - if this ever changes....
*/
+ SMB_ASSERT(sizeof(pstring) > sizeof(linebuf));
+
strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
user_name[PTR_DIFF(p, linebuf)] = '\0';
@@ -694,7 +696,7 @@ Error was %s. Password file may be corrupt ! Please examine by hand !\n",
static BOOL mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, const struct smb_passwd* pwd)
{
/* Static buffers we will return. */
- char * user_name = smbpasswd_state->user_name;
+ pstring user_name;
char linebuf[256];
char readbuf[1024];
@@ -812,6 +814,9 @@ static BOOL mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, con
* As 256 is shorter than a pstring we don't need to check
* length here - if this ever changes....
*/
+
+ SMB_ASSERT(sizeof(user_name) > sizeof(linebuf));
+
strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
user_name[PTR_DIFF(p, linebuf)] = '\0';
if (strequal(user_name, pwd->smb_name)) {
@@ -823,6 +828,9 @@ static BOOL mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, con
if (!found_entry) {
pw_file_unlock(lockfd, &(smbpasswd_state->pw_file_lock_depth));
fclose(fp);
+
+ DEBUG(2, ("Cannot update entry for user %s, as they don't exist in the smbpasswd file!\n",
+ pwd->smb_name));
return False;
}
@@ -1166,11 +1174,11 @@ static BOOL build_smb_pass (struct smb_passwd *smb_pw, const SAM_ACCOUNT *sampas
if (sampass == NULL)
return False;
- ZERO_STRUCTP(smb_pw);
+ ZERO_STRUCTP(smb_pw);
if (!IS_SAM_UNIX_USER(sampass)) {
smb_pw->smb_userid_set = False;
- DEBUG(5,("build_sam_pass: storing user without a UNIX uid or gid. \n"));
+ DEBUG(5,("build_smb_pass: storing user without a UNIX uid or gid. \n"));
} else {
uint32 rid = pdb_get_user_rid(sampass);
smb_pw->smb_userid_set = True;
@@ -1365,21 +1373,6 @@ static BOOL smbpasswd_getsampwnam(struct pdb_methods *my_methods, SAM_ACCOUNT *s
DEBUG(10, ("getsampwnam (smbpasswd): search by name: %s\n", username));
-
- /* break the username from the domain if we have
- been given a string in the form 'DOMAIN\user' */
- fstrcpy (name, username);
- if ((user=strchr_m(name, '\\')) != NULL) {
- domain = name;
- *user = '\0';
- user++;
- }
-
- /* if a domain was specified and it wasn't ours
- then there is no chance of matching */
- if ( domain && !StrCaseCmp(domain, lp_workgroup()) )
- return False;
-
/* startsmbfilepwent() is used here as we don't want to lookup
the UNIX account in the local system password file until
we have a match. */
@@ -1390,11 +1383,6 @@ static BOOL smbpasswd_getsampwnam(struct pdb_methods *my_methods, SAM_ACCOUNT *s
return False;
}
- /* if we have a domain name, then we should map it to a UNIX
- username first */
- if ( domain )
- map_username(user);
-
while ( ((smb_pw=getsmbfilepwent(smbpasswd_state, fp)) != NULL)&& (!strequal(smb_pw->smb_name, username)) )
/* do nothing....another loop */ ;
@@ -1492,13 +1480,17 @@ static BOOL smbpasswd_update_sam_account(struct pdb_methods *my_methods, const S
struct smb_passwd smb_pw;
/* convert the SAM_ACCOUNT */
- if (!build_smb_pass(&smb_pw, sampass))
+ if (!build_smb_pass(&smb_pw, sampass)) {
+ DEBUG(0, ("smbpasswd_update_sam_account: build_smb_pass failed!\n"));
return False;
+ }
/* update the entry */
- if(!mod_smbfilepwd_entry(smbpasswd_state, &smb_pw))
+ if(!mod_smbfilepwd_entry(smbpasswd_state, &smb_pw)) {
+ DEBUG(0, ("smbpasswd_update_sam_account: mod_smbfilepwd_entry failed!\n"));
return False;
-
+ }
+
return True;
}
diff --git a/source3/passdb/pdb_unix.c b/source3/passdb/pdb_unix.c
index d1f95c445b..d7574e6e13 100644
--- a/source3/passdb/pdb_unix.c
+++ b/source3/passdb/pdb_unix.c
@@ -66,35 +66,28 @@ static BOOL unixsam_getsampwrid (struct pdb_methods *methods,
}
/***************************************************************************
- Delete a SAM_ACCOUNT
+ Adds an existing SAM_ACCOUNT
****************************************************************************/
-static BOOL unixsam_delete_sam_account(struct pdb_methods *methods, const SAM_ACCOUNT *sam_pass)
+static BOOL unixsam_add_sam_account (struct pdb_methods *methods, const SAM_ACCOUNT *newpwd)
{
- /*
- * Unsupported as well - we don't need to get involved in
- * unix passdb's - and hey, we would need to use pam for that anyway
- */
+ DEBUG(0,("pdb_unix should not be listed as the first passdb backend! You can't add users to it.\n"));
return False;
}
/***************************************************************************
- Modifies an existing SAM_ACCOUNT
- ****************************************************************************/
+ Updates a SAM_ACCOUNT
-static BOOL unixsam_update_sam_account (struct pdb_methods *methods, const SAM_ACCOUNT *newpwd)
-{
- return False;
-}
+ This isn't a particulary practical option for pdb_unix. We certainly don't
+ want to twidde the filesystem, so what should we do?
-/***************************************************************************
- Adds an existing SAM_ACCOUNT
+ Current plan is to transparently add the account. It should appear
+ as if the pdb_unix version was modified, but its actually stored somehwere.
****************************************************************************/
-static BOOL unixsam_add_sam_account (struct pdb_methods *methods, const SAM_ACCOUNT *newpwd)
+static BOOL unixsam_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
{
- DEBUG(0,("pdb_unix should not be listed as the first passdb backend! You can't add users to it.\n"));
- return False;
+ return methods->parent->pdb_add_sam_account(methods->parent, newpwd);
}
NTSTATUS pdb_init_unixsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
@@ -119,7 +112,7 @@ NTSTATUS pdb_init_unixsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co
(*pdb_method)->getsampwrid = unixsam_getsampwrid;
(*pdb_method)->add_sam_account = unixsam_add_sam_account;
(*pdb_method)->update_sam_account = unixsam_update_sam_account;
- (*pdb_method)->delete_sam_account = unixsam_delete_sam_account;
+ (*pdb_method)->delete_sam_account = NULL;
/* There's not very much to initialise here */
return NT_STATUS_OK;
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index bdb064c81d..21ad86b0dc 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -150,7 +150,7 @@ NTSTATUS _net_trust_dom_list(pipes_struct *p, NET_Q_TRUST_DOM_LIST *q_u, NET_R_T
***********************************************************************************/
static void init_net_r_srv_pwset(NET_R_SRV_PWSET *r_s,
- DOM_CRED *srv_cred, NTSTATUS status)
+ DOM_CRED *srv_cred, NTSTATUS status)
{
DEBUG(5,("init_net_r_srv_pwset: %d\n", __LINE__));
@@ -378,7 +378,7 @@ NTSTATUS _net_auth_2(pipes_struct *p, NET_Q_AUTH_2 *q_u, NET_R_AUTH_2 *r_u)
NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_u)
{
- NTSTATUS status = NT_STATUS_WRONG_PASSWORD;
+ NTSTATUS status = NT_STATUS_ACCESS_DENIED;
DOM_CRED srv_cred;
pstring workstation;
SAM_ACCOUNT *sampass=NULL;
@@ -395,8 +395,8 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
DEBUG(5,("_net_srv_pwset: %d\n", __LINE__));
- rpcstr_pull(workstation,q_u->clnt_id.login.uni_acct_name.buffer,
- sizeof(workstation),q_u->clnt_id.login.uni_acct_name.uni_str_len*2,0);
+ rpcstr_pull(workstation,q_u->clnt_id.login.uni_comp_name.buffer,
+ sizeof(workstation),q_u->clnt_id.login.uni_comp_name.uni_str_len*2,0);
DEBUG(3,("Server Password Set by Wksta:[%s] on account [%s]\n", workstation, p->dc.mach_acct));