diff options
-rw-r--r-- | source3/passdb/pdb_smbpasswd.c | 44 | ||||
-rw-r--r-- | source3/passdb/pdb_unix.c | 29 | ||||
-rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 8 |
3 files changed, 33 insertions, 48 deletions
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c index 88e317cea9..f7ab6f3070 100644 --- a/source3/passdb/pdb_smbpasswd.c +++ b/source3/passdb/pdb_smbpasswd.c @@ -357,6 +357,8 @@ static struct smb_passwd *getsmbfilepwent(struct smbpasswd_privates *smbpasswd_s * As 256 is shorter than a pstring we don't need to check * length here - if this ever changes.... */ + SMB_ASSERT(sizeof(pstring) > sizeof(linebuf)); + strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); user_name[PTR_DIFF(p, linebuf)] = '\0'; @@ -694,7 +696,7 @@ Error was %s. Password file may be corrupt ! Please examine by hand !\n", static BOOL mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, const struct smb_passwd* pwd) { /* Static buffers we will return. */ - char * user_name = smbpasswd_state->user_name; + pstring user_name; char linebuf[256]; char readbuf[1024]; @@ -812,6 +814,9 @@ static BOOL mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, con * As 256 is shorter than a pstring we don't need to check * length here - if this ever changes.... */ + + SMB_ASSERT(sizeof(user_name) > sizeof(linebuf)); + strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); user_name[PTR_DIFF(p, linebuf)] = '\0'; if (strequal(user_name, pwd->smb_name)) { @@ -823,6 +828,9 @@ static BOOL mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, con if (!found_entry) { pw_file_unlock(lockfd, &(smbpasswd_state->pw_file_lock_depth)); fclose(fp); + + DEBUG(2, ("Cannot update entry for user %s, as they don't exist in the smbpasswd file!\n", + pwd->smb_name)); return False; } @@ -1166,11 +1174,11 @@ static BOOL build_smb_pass (struct smb_passwd *smb_pw, const SAM_ACCOUNT *sampas if (sampass == NULL) return False; - ZERO_STRUCTP(smb_pw); + ZERO_STRUCTP(smb_pw); if (!IS_SAM_UNIX_USER(sampass)) { smb_pw->smb_userid_set = False; - DEBUG(5,("build_sam_pass: storing user without a UNIX uid or gid. \n")); + DEBUG(5,("build_smb_pass: storing user without a UNIX uid or gid. \n")); } else { uint32 rid = pdb_get_user_rid(sampass); smb_pw->smb_userid_set = True; @@ -1365,21 +1373,6 @@ static BOOL smbpasswd_getsampwnam(struct pdb_methods *my_methods, SAM_ACCOUNT *s DEBUG(10, ("getsampwnam (smbpasswd): search by name: %s\n", username)); - - /* break the username from the domain if we have - been given a string in the form 'DOMAIN\user' */ - fstrcpy (name, username); - if ((user=strchr_m(name, '\\')) != NULL) { - domain = name; - *user = '\0'; - user++; - } - - /* if a domain was specified and it wasn't ours - then there is no chance of matching */ - if ( domain && !StrCaseCmp(domain, lp_workgroup()) ) - return False; - /* startsmbfilepwent() is used here as we don't want to lookup the UNIX account in the local system password file until we have a match. */ @@ -1390,11 +1383,6 @@ static BOOL smbpasswd_getsampwnam(struct pdb_methods *my_methods, SAM_ACCOUNT *s return False; } - /* if we have a domain name, then we should map it to a UNIX - username first */ - if ( domain ) - map_username(user); - while ( ((smb_pw=getsmbfilepwent(smbpasswd_state, fp)) != NULL)&& (!strequal(smb_pw->smb_name, username)) ) /* do nothing....another loop */ ; @@ -1492,13 +1480,17 @@ static BOOL smbpasswd_update_sam_account(struct pdb_methods *my_methods, const S struct smb_passwd smb_pw; /* convert the SAM_ACCOUNT */ - if (!build_smb_pass(&smb_pw, sampass)) + if (!build_smb_pass(&smb_pw, sampass)) { + DEBUG(0, ("smbpasswd_update_sam_account: build_smb_pass failed!\n")); return False; + } /* update the entry */ - if(!mod_smbfilepwd_entry(smbpasswd_state, &smb_pw)) + if(!mod_smbfilepwd_entry(smbpasswd_state, &smb_pw)) { + DEBUG(0, ("smbpasswd_update_sam_account: mod_smbfilepwd_entry failed!\n")); return False; - + } + return True; } diff --git a/source3/passdb/pdb_unix.c b/source3/passdb/pdb_unix.c index d1f95c445b..d7574e6e13 100644 --- a/source3/passdb/pdb_unix.c +++ b/source3/passdb/pdb_unix.c @@ -66,35 +66,28 @@ static BOOL unixsam_getsampwrid (struct pdb_methods *methods, } /*************************************************************************** - Delete a SAM_ACCOUNT + Adds an existing SAM_ACCOUNT ****************************************************************************/ -static BOOL unixsam_delete_sam_account(struct pdb_methods *methods, const SAM_ACCOUNT *sam_pass) +static BOOL unixsam_add_sam_account (struct pdb_methods *methods, const SAM_ACCOUNT *newpwd) { - /* - * Unsupported as well - we don't need to get involved in - * unix passdb's - and hey, we would need to use pam for that anyway - */ + DEBUG(0,("pdb_unix should not be listed as the first passdb backend! You can't add users to it.\n")); return False; } /*************************************************************************** - Modifies an existing SAM_ACCOUNT - ****************************************************************************/ + Updates a SAM_ACCOUNT -static BOOL unixsam_update_sam_account (struct pdb_methods *methods, const SAM_ACCOUNT *newpwd) -{ - return False; -} + This isn't a particulary practical option for pdb_unix. We certainly don't + want to twidde the filesystem, so what should we do? -/*************************************************************************** - Adds an existing SAM_ACCOUNT + Current plan is to transparently add the account. It should appear + as if the pdb_unix version was modified, but its actually stored somehwere. ****************************************************************************/ -static BOOL unixsam_add_sam_account (struct pdb_methods *methods, const SAM_ACCOUNT *newpwd) +static BOOL unixsam_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd) { - DEBUG(0,("pdb_unix should not be listed as the first passdb backend! You can't add users to it.\n")); - return False; + return methods->parent->pdb_add_sam_account(methods->parent, newpwd); } NTSTATUS pdb_init_unixsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) @@ -119,7 +112,7 @@ NTSTATUS pdb_init_unixsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co (*pdb_method)->getsampwrid = unixsam_getsampwrid; (*pdb_method)->add_sam_account = unixsam_add_sam_account; (*pdb_method)->update_sam_account = unixsam_update_sam_account; - (*pdb_method)->delete_sam_account = unixsam_delete_sam_account; + (*pdb_method)->delete_sam_account = NULL; /* There's not very much to initialise here */ return NT_STATUS_OK; diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index bdb064c81d..21ad86b0dc 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -150,7 +150,7 @@ NTSTATUS _net_trust_dom_list(pipes_struct *p, NET_Q_TRUST_DOM_LIST *q_u, NET_R_T ***********************************************************************************/ static void init_net_r_srv_pwset(NET_R_SRV_PWSET *r_s, - DOM_CRED *srv_cred, NTSTATUS status) + DOM_CRED *srv_cred, NTSTATUS status) { DEBUG(5,("init_net_r_srv_pwset: %d\n", __LINE__)); @@ -378,7 +378,7 @@ NTSTATUS _net_auth_2(pipes_struct *p, NET_Q_AUTH_2 *q_u, NET_R_AUTH_2 *r_u) NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_u) { - NTSTATUS status = NT_STATUS_WRONG_PASSWORD; + NTSTATUS status = NT_STATUS_ACCESS_DENIED; DOM_CRED srv_cred; pstring workstation; SAM_ACCOUNT *sampass=NULL; @@ -395,8 +395,8 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET * DEBUG(5,("_net_srv_pwset: %d\n", __LINE__)); - rpcstr_pull(workstation,q_u->clnt_id.login.uni_acct_name.buffer, - sizeof(workstation),q_u->clnt_id.login.uni_acct_name.uni_str_len*2,0); + rpcstr_pull(workstation,q_u->clnt_id.login.uni_comp_name.buffer, + sizeof(workstation),q_u->clnt_id.login.uni_comp_name.uni_str_len*2,0); DEBUG(3,("Server Password Set by Wksta:[%s] on account [%s]\n", workstation, p->dc.mach_acct)); |