diff options
55 files changed, 655 insertions, 13909 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 69036fae3c..9b9ff24ad6 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -87,9 +87,9 @@ Changes since 3.0rc4 Please refer to the CVS log for the SAMBA_3_0 branch for complete details: -1) Fix bug that prevented restoring filenames of length - >100 characters. -2) Fix bug that prevented fast path code in strchr_m +1) Fix bug that prevented filenames of length >100 characters + from being restored using smbclient's tar functionality. +2) Fix bug that prevented fast path code in strchr_m() from being used. 3) Make sure we store the desired access flag on incoming SAMR rpc calls. @@ -105,7 +105,7 @@ details: if one of the SIDs could not be resolved (bug 470). 10) Remove -P option from smbclient printing scripts since it has a different meaning in Samba 3.0 (bug 473). -11) Sync smbldap-tools with latest version +11) Sync smbldap-tools with latest version from idealx cvs tree. 12) Cleanup some warnings produced by the Sun C compiler. 13) Several fixes for SWAT relating to international character sets. diff --git a/examples/printing/smbprint.old b/examples/printing/smbprint.old deleted file mode 100755 index 5a00a2a8aa..0000000000 --- a/examples/printing/smbprint.old +++ /dev/null @@ -1,95 +0,0 @@ -#!/bin/sh - -# This script is an input filter for printcap printing on a unix machine. It -# uses the smbclient program to print the file to the specified smb-based -# server and service. -# For example you could have a printcap entry like this -# -# smb:lp=/dev/null:sd=/usr/spool/smb:sh:if=/usr/local/samba/smbprint -# -# which would create a unix printer called "smb" that will print via this -# script. You will need to create the spool directory /usr/spool/smb with -# appropriate permissions and ownerships for your system. - -# Set these to the server and service you wish to print to -# In this example I have a WfWg PC called "lapland" that has a printer -# exported called "printer" with no password. - -# -# Script further altered by hamiltom@ecnz.co.nz (Michael Hamilton) -# so that the server, service, and password can be read from -# a /usr/var/spool/lpd/PRINTNAME/.config file. -# -# Script further modified by Richard Sharpe to fix some things. -# Get rid of the -x on the first line, and add parameters -# -# -t now causes translate to be used when sending files -# -# In order for this to work the /etc/printcap entry must include an -# accounting file (af=...): -# -# cdcolour:\ -# :cm=CD IBM Colorjet on 6th:\ -# :sd=/var/spool/lpd/cdcolour:\ -# :af=/var/spool/lpd/cdcolour/acct:\ -# :if=/usr/local/etc/smbprint:\ -# :mx=0:\ -# :lp=/dev/null: -# -# The /usr/var/spool/lpd/PRINTNAME/.config file should contain: -# server=PC_SERVER -# service=PR_SHARENAME -# password="password" -# -# E.g. -# server=PAULS_PC -# service=CJET_371 -# password="" - -# -# Debugging log file, change to /dev/null if you like. -# -logfile=/tmp/smb-print.log -# logfile=/dev/null - - -# -# The last parameter to the filter is the accounting file name. -# Extract the directory name from the file name. -# Concat this with /.config to get the config file. -# -TRANS=0 -eval acct_file=\${$#} -spool_dir=`dirname $acct_file` -config_file=$spool_dir/.config - -# Should read the following variables set in the config file: -# server -# service -# password -eval `cat $config_file` - -while getopts t c; do - case $c in - t) - TRANS=1 - ;; - - '?') # Bad parameters, ignore it ... - ;; - esac -done -# -# Some debugging help, change the >> to > if you want to same space. -# -echo "server $server, service $service" >> $logfile - -( -# NOTE You may wish to add the line `echo translate' if you want automatic -# CR/LF translation when printing. - if [ $TRANS -eq 1 ]; then - echo translate - fi - echo "print -" - cat -) | /usr/local/samba/bin/smbclient "\\\\$server\\$service" $password -U $server -N -P >> $logfile diff --git a/packaging/RedHat/samba.spec.tmpl b/packaging/RedHat/samba.spec.tmpl index ee0b43c017..7afb30bb31 100644 --- a/packaging/RedHat/samba.spec.tmpl +++ b/packaging/RedHat/samba.spec.tmpl @@ -196,6 +196,9 @@ find $RPM_BUILD_ROOT -name "*.old" -exec rm -f {} \; rm -rf $RPM_BUILD_ROOT %post +## +## only needed if this is a new install (not an upgrade) +## if [ "$1" -eq "1" ]; then /sbin/chkconfig --add smb /sbin/chkconfig --add winbind @@ -203,113 +206,119 @@ if [ "$1" -eq "1" ]; then /sbin/chkconfig winbind off fi -echo "Looking for old /etc/smb.conf..." -if [ -f /etc/smb.conf -a ! -f /etc/samba/smb.conf ]; then - echo "Moving old /etc/smb.conf to /etc/samba/smb.conf" - mv /etc/smb.conf /etc/samba/smb.conf -fi +## +## we only have to wory about this if we are upgrading +## +if [ "$1" -eq "2" ]; then + if [ -f /etc/smb.conf -a ! -f /etc/samba/smb.conf ]; then + echo "Moving old /etc/smb.conf to /etc/samba/smb.conf" + mv /etc/smb.conf /etc/samba/smb.conf + fi -echo "Looking for old /etc/smbusers..." -if [ -f /etc/smbusers -a ! -f /etc/samba/smbusers ]; then - echo "Moving old /etc/smbusers to /etc/samba/smbusers" - mv /etc/smbusers /etc/samba/smbusers -fi + if [ -f /etc/smbusers -a ! -f /etc/samba/smbusers ]; then + echo "Moving old /etc/smbusers to /etc/samba/smbusers" + mv /etc/smbusers /etc/samba/smbusers + fi -echo "Looking for old /etc/lmhosts..." -if [ -f /etc/lmhosts -a ! -f /etc/samba/lmhosts ]; then - echo "Moving old /etc/lmhosts to /etc/samba/lmhosts" - mv /etc/lmhosts /etc/samba/lmhosts -fi + if [ -f /etc/lmhosts -a ! -f /etc/samba/lmhosts ]; then + echo "Moving old /etc/lmhosts to /etc/samba/lmhosts" + mv /etc/lmhosts /etc/samba/lmhosts + fi -echo "Looking for old /etc/MACHINE.SID..." -if [ -f /etc/MACHINE.SID -a ! -f /etc/samba/MACHINE.SID ]; then - echo "Moving old /etc/MACHINE.SID to /etc/samba/MACHINE.SID" - mv /etc/MACHINE.SID /etc/samba/MACHINE.SID -fi + if [ -f /etc/MACHINE.SID -a ! -f /etc/samba/MACHINE.SID ]; then + echo "Moving old /etc/MACHINE.SID to /etc/samba/MACHINE.SID" + mv /etc/MACHINE.SID /etc/samba/MACHINE.SID + fi -echo "Looking for old /etc/smbpasswd..." -if [ -f /etc/smbpasswd -a ! -f /etc/samba/smbpasswd ]; then - echo "Moving old /etc/smbpasswd to /etc/samba/smbpasswd" - mv /etc/smbpasswd /etc/samba/smbpasswd -fi + if [ -f /etc/smbpasswd -a ! -f /etc/samba/smbpasswd ]; then + echo "Moving old /etc/smbpasswd to /etc/samba/smbpasswd" + mv /etc/smbpasswd /etc/samba/smbpasswd + fi -# -# For 2.2.1 we move the tdb files from /var/lock/samba to /var/cache/samba -# to preserve across reboots. -# -echo "Moving tdb files in /var/lock/samba/*.tdb to /var/cache/samba/*.tdb" -for i in /var/lock/samba/*.tdb -do -if [ -f $i ]; then - newname=`echo $i | sed -e's|var\/lock\/samba|var\/cache\/samba|'` - echo "Moving $i to $newname" - mv $i $newname -fi -done + # + # For 2.2.1 we move the tdb files from /var/lock/samba to /var/cache/samba + # to preserve across reboots. + # + for i in /var/lock/samba/*.tdb; do + if [ -f $i ]; then + newname=`echo $i | sed -e's|var\/lock\/samba|var\/cache\/samba|'` + echo "Moving $i to $newname" + mv $i $newname + fi + done -# Remove the transient tdb files. -if [ -e /var/cache/samba/brlock.tdb ]; then - rm -f /var/cache/samba/brlock.tdb -fi + # Remove the transient tdb files. + if [ -e /var/cache/samba/brlock.tdb ]; then + rm -f /var/cache/samba/brlock.tdb + fi -if [ -e /var/cache/samba/unexpected.tdb ]; then - rm -f /var/cache/samba/unexpected.tdb -fi + if [ -e /var/cache/samba/unexpected.tdb ]; then + rm -f /var/cache/samba/unexpected.tdb + fi -if [ -e /var/cache/samba/connections.tdb ]; then - rm -f /var/cache/samba/connections.tdb -fi + if [ -e /var/cache/samba/connections.tdb ]; then + rm -f /var/cache/samba/connections.tdb + fi -if [ -e /var/cache/samba/locking.tdb ]; then - rm -f /var/cache/samba/locking.tdb -fi + if [ -e /var/cache/samba/locking.tdb ]; then + rm -f /var/cache/samba/locking.tdb + fi -if [ -e /var/cache/samba/messages.tdb ]; then - rm -f /var/cache/samba/messages.tdb -fi + if [ -e /var/cache/samba/messages.tdb ]; then + rm -f /var/cache/samba/messages.tdb + fi -if [ -d /var/lock/samba ]; then - rm -rf /var/lock/samba + if [ -d /var/lock/samba ]; then + rm -rf /var/lock/samba + fi fi +## +## New things +## + # Add swat entry to /etc/services if not already there. -if !( grep ^[:space:]*swat /etc/services > /dev/null ) then +if [ ! "`grep ^\s**swat /etc/services`" ]; then echo 'swat 901/tcp # Add swat service used via inetd' >> /etc/services fi # Add swat entry to /etc/inetd.conf if needed. if [ -f /etc/inetd.conf ]; then - if !( grep ^[:space:]*swat /etc/inetd.conf > /dev/null ) then + if [ ! "`grep ^\s*swat /etc/inetd.conf`" ]; then echo 'swat stream tcp nowait.400 root %{prefix}/sbin/swat swat' >> /etc/inetd.conf - killall -1 inetd || : + killall -HUP inetd || : fi fi # Add swat entry to xinetd.d if needed. -if [ -d $RPM_BUILD_ROOT/etc/xinetd.d -a ! -f /etc/xinetd.d/swat ]; then +if [ -d /etc/xinetd.d -a ! -f /etc/xinetd.d/swat ]; then mv /etc/samba/samba.xinetd /etc/xinetd.d/swat else rm -f /etc/samba/samba.xinetd fi # Install the correct version of the samba pam file, depending on pam version. -if [ -f /lib/security/pam_stack.so ]; then - echo "Installing stack version of /etc/pam.d/samba..." - mv /etc/samba/samba.stack /etc/pam.d/samba -else - echo "Installing non-stack version of /etc/pam.d/samba..." - rm -f /etc/samba/samba.stack +# (always keep an existing PAM config file) +if [ ! -f /etc/pam.d/samba ]; then + if [ -f /lib/security/pam_stack.so ]; then + echo "Installing stack version of /etc/pam.d/samba..." + mv /etc/samba/samba.stack /etc/pam.d/samba + else + echo "Installing non-stack version of /etc/pam.d/samba..." + rm -f /etc/samba/samba.stack + fi fi ## call ldconfig to create the version symlink for libsmbclient.so /sbin/ldconfig %preun -if [ $1 = 0 ] ; then +if [ "$1" -eq "0" ] ; then /sbin/chkconfig --del smb /sbin/chkconfig --del winbind - # We want to remove the browse.dat and wins.dat files so they can not interfer with a new version of samba! + # We want to remove the browse.dat and wins.dat files + # so they can not interfer with a new version of samba! if [ -e /var/cache/samba/browse.dat ]; then rm -f /var/cache/samba/browse.dat fi @@ -337,45 +346,42 @@ if [ $1 = 0 ] ; then if [ -e /var/cache/samba/messages.tdb ]; then rm -f /var/cache/samba/messages.tdb fi - - # Remove winbind nss client symlink - - if [ -L /lib/libnss_winbind.so.2 ]; then - rm -f /lib/libnss_winbind.so.2 - fi fi %postun # Only delete remnants of samba if this is the final deletion. -if [ $1 = 0 ] ; then +if [ "$1" -eq "0" ] ; then if [ -x /etc/pam.d/samba ]; then rm -f /etc/pam.d/samba fi + if [ -e /var/log/samba ]; then rm -rf /var/log/samba fi - if [ -e /var/cache/samba ]; then - rm -rf /var/cache/samba - fi + + if [ -e /var/cache/samba ]; then + rm -rf /var/cache/samba + fi # Remove swat entries from /etc/inetd.conf and /etc/services cd /etc tmpfile=/etc/tmp.$$ - if [ -f /etc/inetd.conf ]; then + if [ -f /etc/inetd.conf ]; then # preserve inetd.conf permissions. cp -p /etc/inetd.conf $tmpfile sed -e '/^[:space:]*swat.*$/d' /etc/inetd.conf > $tmpfile mv $tmpfile inetd.conf - fi + fi + # preserve services permissions. cp -p /etc/services $tmpfile sed -e '/^[:space:]*swat.*$/d' /etc/services > $tmpfile mv $tmpfile /etc/services - # Remove swat entry from /etc/xinetd.d - if [ -f /etc/xinetd.d/swat ]; then - rm -r /etc/xinetd.d/swat - fi + # Remove swat entry from /etc/xinetd.d + if [ -f /etc/xinetd.d/swat ]; then + rm -r /etc/xinetd.d/swat + fi fi /sbin/ldconfig diff --git a/source3/Makefile.in b/source3/Makefile.in index 8c1c65e865..145e489f9f 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -184,8 +184,7 @@ LIB_OBJ = lib/version.o lib/charcnv.o lib/debug.o lib/fault.o \ lib/pam_errors.o intl/lang_tdb.o lib/account_pol.o \ lib/adt_tree.o lib/gencache.o $(TDB_OBJ) \ lib/module.o lib/ldap_escape.o @CHARSET_STATIC@ \ - lib/privileges.o lib/secdesc.o lib/secace.o lib/secacl.o \ - lib/genparser.o lib/genparser_samba.o + lib/privileges.o lib/secdesc.o lib/secace.o lib/secacl.o LIB_SMBD_OBJ = lib/system_smbd.o lib/util_smbd.o @@ -234,8 +233,7 @@ LIBMSRPC_OBJ = rpc_client/cli_lsarpc.o rpc_client/cli_samr.o \ rpc_client/cli_wkssvc.o rpc_client/cli_dfs.o \ rpc_client/cli_reg.o rpc_client/cli_pipe.o \ rpc_client/cli_spoolss.o rpc_client/cli_spoolss_notify.o \ - rpc_client/cli_ds.o rpc_client/cli_echo.o \ - rpc_client/cli_epmapper.o + rpc_client/cli_ds.o rpc_client/cli_echo.o REGOBJS_OBJ = registry/reg_objects.o REGISTRY_OBJ = registry/reg_frontend.o registry/reg_cachehook.o registry/reg_printing.o \ @@ -264,8 +262,6 @@ RPC_PIPE_OBJ = rpc_server/srv_pipe_hnd.o rpc_server/srv_util.o \ RPC_ECHO_OBJ = rpc_server/srv_echo.o rpc_server/srv_echo_nt.o -RPC_EPMAPPER_OBJ = rpc_server/srv_epmapper.o rpc_server/srv_epmapper_nt.o - RPC_SERVER_OBJ = @RPC_STATIC@ $(RPC_PIPE_OBJ) # this includes only the low level parse code, not stuff @@ -278,7 +274,7 @@ RPC_PARSE_OBJ = rpc_parse/parse_lsa.o rpc_parse/parse_net.o \ rpc_parse/parse_samr.o rpc_parse/parse_srv.o \ rpc_parse/parse_wks.o rpc_parse/parse_ds.o \ rpc_parse/parse_spoolss.o rpc_parse/parse_dfs.o \ - rpc_parse/parse_echo.o rpc_parse/parse_epmapper.o \ + rpc_parse/parse_echo.o \ $(REGOBJS_OBJ) @@ -286,20 +282,17 @@ RPC_CLIENT_OBJ = rpc_client/cli_pipe.o LOCKING_OBJ = locking/locking.o locking/brlock.o locking/posix.o -GUMS_OBJ = sam/gums.o sam/gums_api.o sam/gums_helper.o - PASSDB_GET_SET_OBJ = passdb/pdb_get_set.o PASSDB_OBJ = $(PASSDB_GET_SET_OBJ) passdb/passdb.o passdb/pdb_interface.o \ passdb/machine_sid.o passdb/util_sam_sid.o passdb/pdb_compat.o \ - passdb/privileges.o passdb/lookup_sid.o @PDB_STATIC@ \ - $(GUMS_OBJ) @GUMS_STATIC@ + passdb/privileges.o passdb/lookup_sid.o @PDB_STATIC@ XML_OBJ = passdb/pdb_xml.o MYSQL_OBJ = passdb/pdb_mysql.o DEVEL_HELP_WEIRD_OBJ = modules/weird.o -DEVEL_HELP_CP850_OBJ = modules/CP850.o -DEVEL_HELP_CP437_OBJ = modules/CP437.o +CP850_OBJ = modules/CP850.o +CP437_OBJ = modules/CP437.o GROUPDB_OBJ = groupdb/mapping.o @@ -448,7 +441,7 @@ RPCCLIENT_OBJ1 = rpcclient/rpcclient.o rpcclient/cmd_lsarpc.o \ rpcclient/cmd_netlogon.o rpcclient/cmd_srvsvc.o \ rpcclient/cmd_dfs.o rpcclient/cmd_reg.o \ rpcclient/display_sec.o rpcclient/cmd_ds.o \ - rpcclient/cmd_echo.o rpcclient/cmd_epmapper.o + rpcclient/cmd_echo.o RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \ $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \ @@ -457,7 +450,9 @@ RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \ $(LIBADS_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) \ $(SMBLDAP_OBJ) $(DCUTIL_OBJ) lib/dummyroot.o -PAM_WINBIND_PICOBJ = nsswitch/pam_winbind.@PICSUFFIX@ nsswitch/wb_common.@PICSUFFIX@ lib/replace1.@PICSUFFIX@ lib/snprintf.@PICSUFFIX@ +PAM_WINBIND_PICOBJ = nsswitch/pam_winbind.@PICSUFFIX@ \ + nsswitch/wb_common.@PICSUFFIX@ lib/replace1.@PICSUFFIX@ \ + lib/snprintf.@PICSUFFIX@ SMBW_OBJ1 = smbwrapper/smbw.o \ smbwrapper/smbw_dir.o smbwrapper/smbw_stat.o \ @@ -472,10 +467,8 @@ SMBWRAPPER_OBJ1 = smbwrapper/wrapped.o SMBWRAPPER_OBJ = $(SMBW_OBJ) $(SMBWRAPPER_OBJ1) LIBSMBCLIENT_OBJ = libsmb/libsmbclient.o libsmb/libsmb_compat.o \ - libsmb/libsmb_cache.o \ - $(PARAM_OBJ) $(LIB_OBJ) \ - $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(UBIQX_OBJ) \ - $(LIBMSRPC_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_GET_SET_OBJ) + libsmb/libsmb_cache.o $(PARAM_OBJ) $(LIB_OBJ) \ + $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(UBIQX_OBJ) # This shared library is intended for linking with unit test programs # to test Samba internals. It's called libbigballofmud.so to @@ -584,10 +577,9 @@ PROTO_OBJ = $(SMBD_OBJ_MAIN) \ $(PASSDB_OBJ) $(GROUPDB_OBJ) $(MSDFS_OBJ) \ $(READLINE_OBJ) $(PROFILE_OBJ) $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) \ $(LIB_SMBD_OBJ) $(SAM_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) \ - $(RPC_LSA_OBJ) $(RPC_NETLOG_OBJ) $(RPC_SAMR_OBJ) $(RPC_REG_OBJ) \ - $(RPC_LSA_DS_OBJ) $(RPC_SVC_OBJ) $(RPC_WKS_OBJ) $(RPC_DFS_OBJ) \ - $(RPC_SPOOLSS_OBJ) $(RPC_ECHO_OBJ) $(RPC_EPMAPPER_OBJ) \ - $(SMBLDAP_OBJ) $(IDMAP_OBJ) libsmb/spnego.o + $(RPC_LSA_OBJ) $(RPC_NETLOG_OBJ) $(RPC_SAMR_OBJ) $(RPC_REG_OBJ) $(RPC_LSA_DS_OBJ) \ + $(RPC_SVC_OBJ) $(RPC_WKS_OBJ) $(RPC_DFS_OBJ) $(RPC_SPOOLSS_OBJ) \ + $(RPC_ECHO_OBJ) $(SMBLDAP_OBJ) $(IDMAP_OBJ) libsmb/spnego.o WINBIND_WINS_NSS_OBJ = nsswitch/wins.o $(PARAM_OBJ) $(UBIQX_OBJ) \ $(LIBSMB_OBJ) $(LIB_OBJ) $(NSSWINS_OBJ) $(KRBCLIENT_OBJ) @@ -1010,11 +1002,6 @@ bin/librpc_echo.@SHLIBEXT@: $(RPC_ECHO_OBJ) @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_ECHO_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_epmapper.@SHLIBEXT@: $(RPC_EPMAPPER_OBJ) - @echo "Linking $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_EPMAPPER_OBJ) -lc \ - @SONAMEFLAG@`basename $@` - bin/winbindd@EXEEXT@: $(WINBINDD_OBJ) @BUILD_POPT@ bin/.dummy @echo "Linking $@" @$(LINK) -o $@ $(WINBINDD_OBJ) $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) @@ -1091,14 +1078,14 @@ bin/weird.@SHLIBEXT@: $(DEVEL_HELP_WEIRD_OBJ:.o=.@PICSUFFIX@) @$(SHLD) $(LDSHFLAGS) -o $@ $(DEVEL_HELP_WEIRD_OBJ:.o=.@PICSUFFIX@) \ @SONAMEFLAG@`basename $@` -bin/CP850.@SHLIBEXT@: $(DEVEL_HELP_CP850_OBJ:.o=.@PICSUFFIX@) +bin/CP850.@SHLIBEXT@: $(CP850_OBJ:.o=.@PICSUFFIX@) @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(DEVEL_HELP_CP850_OBJ:.o=.@PICSUFFIX@) \ + @$(SHLD) $(LDSHFLAGS) -o $@ $(CP850_OBJ:.o=.@PICSUFFIX@) \ @SONAMEFLAG@`basename $@` -bin/CP437.@SHLIBEXT@: $(DEVEL_HELP_CP437_OBJ:.o=.@PICSUFFIX@) +bin/CP437.@SHLIBEXT@: $(CP437_OBJ:.o=.@PICSUFFIX@) @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(DEVEL_HELP_CP437_OBJ:.o=.@PICSUFFIX@) \ + @$(SHLD) $(LDSHFLAGS) -o $@ $(CP437_OBJ:.o=.@PICSUFFIX@) \ @SONAMEFLAG@`basename $@` bin/xml.@SHLIBEXT@: $(XML_OBJ:.o=.@PICSUFFIX@) @@ -1368,15 +1355,6 @@ utils/net_proto.h: -h _CLIENT_PROTO_H_ $(builddir)/utils/net_proto.h \ $(NET_OBJ1) -include/tdbsam2_parse_info.h: - @if test -n "$(PERL)"; then \ - cd $(srcdir) && @PERL@ -w script/genstruct.pl \ - -o include/tdbsam2_parse_info.h $(CC) -E -O2 -g \ - include/tdbsam2.h; \ - else \ - echo Unable to build $@, continuing; \ - fi - # "make headers" or "make proto" calls a subshell because we need to # make sure these commands are executed in sequence even for a # parallel make. @@ -1389,12 +1367,7 @@ headers: $(MAKE) nsswitch/winbindd_proto.h; \ $(MAKE) web/swat_proto.h; \ $(MAKE) client/client_proto.h; \ - $(MAKE) utils/net_proto.h; - -prebuiltheaders: - $(MAKE) include/tdbsam2_parse_info.h - -genparse: prebuiltheaders + $(MAKE) utils/net_proto.h proto: headers diff --git a/source3/VERSION b/source3/VERSION index d7f386ab42..d3076d918b 100644 --- a/source3/VERSION +++ b/source3/VERSION @@ -18,8 +18,8 @@ # -> "3.0.0" # ######################################################## SAMBA_VERSION_MAJOR=3 -SAMBA_VERSION_MINOR=1 -SAMBA_VERSION_RELEASE=0 +SAMBA_VERSION_MINOR=0 +SAMBA_VERSION_RELEASE=1 ######################################################## # If a official release has a serious bug # @@ -41,7 +41,7 @@ SAMBA_VERSION_REVISION= # e.g. SAMBA_VERSION_PRE_RELEASE=1 # # -> "2.2.9pre1" # ######################################################## -SAMBA_VERSION_PRE_RELEASE= +SAMBA_VERSION_PRE_RELEASE=2 ######################################################## # For 'rc' releases the version will be # @@ -71,7 +71,7 @@ SAMBA_VERSION_BETA_RELEASE= # e.g. SAMBA_VERSION_ALPHA_RELEASE=1 # # -> "4.0.0alpha1" # ######################################################## -SAMBA_VERSION_ALPHA_RELEASE=1 +SAMBA_VERSION_ALPHA_RELEASE= ######################################################## # For 'test' releases the version will be # diff --git a/source3/configure.in b/source3/configure.in index bbf26c916d..6946ab06b3 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -296,7 +296,7 @@ DYNEXP= dnl Add modules that have to be built by default here dnl These have to be built static: -default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_reg rpc_lsa_ds rpc_wks rpc_net rpc_dfs rpc_srv rpc_spoolss rpc_epmapper auth_rhosts auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin pdb_gums gums_tdbsam2" +default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_reg rpc_lsa_ds rpc_wks rpc_net rpc_dfs rpc_srv rpc_spoolss auth_rhosts auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin" dnl These are preferably build shared, and static if dlopen() is not available default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap charset_CP850 charset_CP437" @@ -1391,22 +1391,12 @@ if test x"$samba_cv_HAVE_GETTIMEOFDAY_TZ" = x"yes"; then AC_DEFINE(HAVE_GETTIMEOFDAY_TZ,1,[Whether gettimeofday() is available]) fi -AC_CACHE_CHECK([for va_copy],samba_cv_HAVE_VA_COPY,[ +AC_CACHE_CHECK([for __va_copy],samba_cv_HAVE_VA_COPY,[ AC_TRY_LINK([#include <stdarg.h> -va_list ap1,ap2;], [va_copy(ap1,ap2);], -samba_cv_HAVE_VA_COPY=yes, -samba_cv_HAVE_VA_COPY=no)]) +va_list ap1,ap2;], [__va_copy(ap1,ap2);], +samba_cv_HAVE_VA_COPY=yes,samba_cv_HAVE_VA_COPY=no)]) if test x"$samba_cv_HAVE_VA_COPY" = x"yes"; then - AC_DEFINE(HAVE_VA_COPY,1,[Whether va_copy() is available]) -else - AC_CACHE_CHECK([for __va_copy],samba_cv_HAVE___VA_COPY,[ - AC_TRY_LINK([#include <stdarg.h> - va_list ap1,ap2;], [__va_copy(ap1,ap2);], - samba_cv_HAVE___VA_COPY=yes, - samba_cv_HAVE___VA_COPY=no)]) - if test x"$samba_cv_HAVE___VA_COPY" = x"yes"; then - AC_DEFINE(HAVE___VA_COPY,1,[Whether __va_copy() is available]) - fi + AC_DEFINE(HAVE_VA_COPY,1,[Whether __va_copy() is available]) fi AC_CACHE_CHECK([for C99 vsnprintf],samba_cv_HAVE_C99_VSNPRINTF,[ @@ -4086,7 +4076,6 @@ MODULE_pdb_guest=STATIC MODULE_rpc_spoolss=STATIC MODULE_rpc_srv=STATIC MODULE_idmap_tdb=STATIC -MODULE_gums_tdbsam2=STATIC AC_ARG_WITH(static-modules, [ --with-static-modules=MODULES Comma-seperated list of names of modules to statically link in], @@ -4122,12 +4111,8 @@ SMB_MODULE(pdb_ldap, passdb/pdb_ldap.o, "bin/ldapsam.$SHLIBEXT", PDB, SMB_MODULE(pdb_smbpasswd, passdb/pdb_smbpasswd.o, "bin/smbpasswd.$SHLIBEXT", PDB) SMB_MODULE(pdb_tdbsam, passdb/pdb_tdb.o, "bin/tdbsam.$SHLIBEXT", PDB) SMB_MODULE(pdb_guest, passdb/pdb_guest.o, "bin/guest.$SHLIBEXT", PDB) -SMB_MODULE(pdb_gums, passdb/pdb_gums.o, "bin/gums.$SHLIBEXT", PDB) SMB_SUBSYSTEM(PDB,passdb/pdb_interface.o) -SMB_MODULE(gums_tdbsam2, sam/gums_tdbsam2.o, "bin/tdbsam2.$SHLIBEXT", GUMS) -SMB_SUBSYSTEM(GUMS) - SMB_MODULE(rpc_lsa, \$(RPC_LSA_OBJ), "bin/librpc_lsarpc.$SHLIBEXT", RPC) SMB_MODULE(rpc_reg, \$(RPC_REG_OBJ), "bin/librpc_winreg.$SHLIBEXT", RPC) SMB_MODULE(rpc_lsa_ds, \$(RPC_LSA_DS_OBJ), "bin/librpc_lsa_ds.$SHLIBEXT", RPC) @@ -4138,8 +4123,6 @@ SMB_MODULE(rpc_srv, \$(RPC_SVC_OBJ), "bin/librpc_srvsvc.$SHLIBEXT", RPC) SMB_MODULE(rpc_spoolss, \$(RPC_SPOOLSS_OBJ), "bin/librpc_spoolss.$SHLIBEXT", RPC) SMB_MODULE(rpc_samr, \$(RPC_SAMR_OBJ), "bin/librpc_samr.$SHLIBEXT", RPC) SMB_MODULE(rpc_echo, \$(RPC_ECHO_OBJ), "bin/librpc_echo.$SHLIBEXT", RPC) -SMB_MODULE(rpc_epmapper, \$(RPC_EPMAPPER_OBJ), "bin/librpc_epmapper.$SHLIBEXT", - RPC) SMB_SUBSYSTEM(RPC,smbd/server.o) SMB_MODULE(idmap_ldap, sam/idmap_ldap.o, "bin/idmap_ldap.$SHLIBEXT", IDMAP) diff --git a/source3/include/.cvsignore b/source3/include/.cvsignore index 3827fdf70d..7dff121f14 100644 --- a/source3/include/.cvsignore +++ b/source3/include/.cvsignore @@ -1,7 +1,7 @@ build_env.h config.h -config.h.in -proto.h stamp-h -version.h +proto.h wrepld_proto.h +config.h.in +version.h diff --git a/source3/include/genparser.h b/source3/include/genparser.h deleted file mode 100644 index f28cd78249..0000000000 --- a/source3/include/genparser.h +++ /dev/null @@ -1,78 +0,0 @@ -/* - Copyright (C) Andrew Tridgell <genstruct@tridgell.net> 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _GENPARSER_H -#define _GENPARSER_H - -/* these macros are needed for genstruct auto-parsers */ -#ifndef GENSTRUCT -#define GENSTRUCT -#define _LEN(x) -#define _NULLTERM -#endif - -/* - automatic marshalling/unmarshalling system for C structures -*/ - -/* flag to mark a fixed size array as actually being null terminated */ -#define FLAG_NULLTERM 1 -#define FLAG_ALWAYS 2 - -struct enum_struct { - const char *name; - unsigned value; -}; - -/* intermediate dumps are stored in one of these */ -struct parse_string { - unsigned allocated; - unsigned length; - char *s; -}; - -typedef int (*gen_dump_fn)(TALLOC_CTX *, struct parse_string *, const char *ptr, unsigned indent); -typedef int (*gen_parse_fn)(TALLOC_CTX *, char *ptr, const char *str); - -/* genstruct.pl generates arrays of these */ -struct parse_struct { - const char *name; - unsigned ptr_count; - unsigned size; - unsigned offset; - unsigned array_len; - const char *dynamic_len; - unsigned flags; - gen_dump_fn dump_fn; - gen_parse_fn parse_fn; -}; - -#define DUMP_PARSE_DECL(type) \ - int gen_dump_ ## type(TALLOC_CTX *, struct parse_string *, const char *, unsigned); \ - int gen_parse_ ## type(TALLOC_CTX *, char *, const char *); - -DUMP_PARSE_DECL(char) -DUMP_PARSE_DECL(int) -DUMP_PARSE_DECL(unsigned) -DUMP_PARSE_DECL(double) -DUMP_PARSE_DECL(float) - -#define gen_dump_unsigned_char gen_dump_char -#define gen_parse_unsigned_char gen_parse_char - -#endif /* _GENPARSER_H */ diff --git a/source3/include/genparser_samba.h b/source3/include/genparser_samba.h deleted file mode 100644 index 213d51da87..0000000000 --- a/source3/include/genparser_samba.h +++ /dev/null @@ -1,63 +0,0 @@ -/* - Copyright (C) Simo Sorce <idra@samba.org> 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _GENPARSER_SAMBA_H -#define _GENPARSER_SAMBA_H - -const struct parse_struct pinfo_security_ace_info[] = { -{"type", 0, sizeof(uint8), offsetof(struct security_ace_info, type), 0, NULL, 0, gen_dump_uint8, gen_parse_uint8}, -{"flags", 0, sizeof(uint8), offsetof(struct security_ace_info, flags), 0, NULL, 0, gen_dump_uint8, gen_parse_uint8}, -{"size", 0, sizeof(uint16), offsetof(struct security_ace_info, size), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"info", 0, sizeof(char), offsetof(struct security_ace_info, info), 0, NULL, 0, gen_dump_SEC_ACCESS, gen_parse_SEC_ACCESS}, -{"obj_flags", 0, sizeof(uint32), offsetof(struct security_ace_info, obj_flags), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"obj_guid", 0, sizeof(char), offsetof(struct security_ace_info, obj_guid), 0, NULL, 0, gen_dump_GUID, gen_parse_GUID}, -{"inh_guid", 0, sizeof(char), offsetof(struct security_ace_info, inh_guid), 0, NULL, 0, gen_dump_GUID, gen_parse_GUID}, -{"trustee", 0, sizeof(char), offsetof(struct security_ace_info, trustee), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -const struct parse_struct pinfo_security_acl_info[] = { -{"revision", 0, sizeof(uint16), offsetof(struct security_acl_info, revision), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"size", 0, sizeof(uint16), offsetof(struct security_acl_info, size), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"num_aces", 0, sizeof(uint32), offsetof(struct security_acl_info, num_aces), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"ace", 1, sizeof(struct security_ace_info), offsetof(struct security_acl_info, ace), 0, "size", 0, gen_dump_SEC_ACE, gen_parse_SEC_ACE}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -const struct parse_struct pinfo_security_descriptor_info[] = { -{"revision", 0, sizeof(uint16), offsetof(struct security_descriptor_info, revision), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"type", 0, sizeof(uint16), offsetof(struct security_descriptor_info, type), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"off_owner_sid", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_owner_sid), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"off_grp_sid", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_grp_sid), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"off_sacl", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_sacl), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"off_dacl", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_dacl), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"dacl", 1, sizeof(struct security_acl_info), offsetof(struct security_descriptor_info, dacl), 0, NULL, 0, gen_dump_SEC_ACL, gen_parse_SEC_ACL}, -{"sacl", 1, sizeof(struct security_acl_info), offsetof(struct security_descriptor_info, sacl), 0, NULL, 0, gen_dump_SEC_ACL, gen_parse_SEC_ACL}, -{"owner_sid", 1, sizeof(char), offsetof(struct security_descriptor_info, owner_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"grp_sid", 1, sizeof(char), offsetof(struct security_descriptor_info, grp_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -const struct parse_struct pinfo_luid_attr_info[] = { -{"attr", 0, sizeof(uint32), offsetof(struct LUID_ATTR, attr), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"luid", 1, sizeof(LUID), offsetof(struct LUID_ATTR, luid), 0, NULL, 0, gen_dump_LUID, gen_parse_LUID}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -const struct parse_struct pinfo_data_blob_info[] = { -{"length", 0, sizeof(int), offsetof(DATA_BLOB, length), 0, NULL, 0, gen_dump_int, gen_parse_int}, -{"data", 1, sizeof(char), offsetof(DATA_BLOB, data), 0, "length", 0, gen_dump_char, gen_parse_char}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -#endif /* _GENPARSER_SAMBA_H */ diff --git a/source3/include/gums.h b/source3/include/gums.h deleted file mode 100644 index 9ce2ec4e56..0000000000 --- a/source3/include/gums.h +++ /dev/null @@ -1,262 +0,0 @@ -/* - Unix SMB/CIFS implementation. - GUMS structures - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _GUMS_H -#define _GUMS_H - -#define GUMS_VERSION_MAJOR 0 -#define GUMS_VERSION_MINOR 1 -#define GUMS_OBJECT_VERSION 1 -#define GUMS_INTERFACE_VERSION 1 - -#define GUMS_OBJ_DOMAIN 0x10 -#define GUMS_OBJ_NORMAL_USER 0x20 -#define GUMS_OBJ_GROUP 0x30 -#define GUMS_OBJ_ALIAS 0x31 -#define GUMS_OBJ_PRIVILEGE 0x40 - -/* define value types */ -#define GUMS_SET_PRIMARY_GROUP 0x1 -#define GUMS_SET_SEC_DESC 0x2 - -#define GUMS_SET_NAME 0x10 -#define GUMS_SET_DESCRIPTION 0x11 -#define GUMS_SET_FULL_NAME 0x12 - -/* user specific type values */ -#define GUMS_SET_LOGON_TIME 0x20 -#define GUMS_SET_LOGOFF_TIME 0x21 -#define GUMS_SET_KICKOFF_TIME 0x23 -#define GUMS_SET_PASS_LAST_SET_TIME 0x24 -#define GUMS_SET_PASS_CAN_CHANGE_TIME 0x25 -#define GUMS_SET_PASS_MUST_CHANGE_TIME 0x26 - - -#define GUMS_SET_HOME_DIRECTORY 0x31 -#define GUMS_SET_DRIVE 0x32 -#define GUMS_SET_LOGON_SCRIPT 0x33 -#define GUMS_SET_PROFILE_PATH 0x34 -#define GUMS_SET_WORKSTATIONS 0x35 -#define GUMS_SET_UNKNOWN_STRING 0x36 -#define GUMS_SET_MUNGED_DIAL 0x37 - -#define GUMS_SET_LM_PASSWORD 0x40 -#define GUMS_SET_NT_PASSWORD 0x41 -#define GUMS_SET_PLAINTEXT_PASSWORD 0x42 -#define GUMS_SET_UNKNOWN_3 0x43 -#define GUMS_SET_LOGON_DIVS 0x44 -#define GUMS_SET_HOURS_LEN 0x45 -#define GUMS_SET_HOURS 0x46 -#define GUMS_SET_BAD_PASSWORD_COUNT 0x47 -#define GUMS_SET_LOGON_COUNT 0x48 -#define GUMS_SET_UNKNOWN_6 0x49 - -#define GUMS_SET_MUST_CHANGE_PASS 0x50 -#define GUMS_SET_CANNOT_CHANGE_PASS 0x51 -#define GUMS_SET_PASS_NEVER_EXPIRE 0x52 -#define GUMS_SET_ACCOUNT_DISABLED 0x53 -#define GUMS_SET_ACCOUNT_LOCKOUT 0x54 - -/*group specific type values */ -#define GUMS_ADD_SID_LIST 0x60 -#define GUMS_DEL_SID_LIST 0x61 -#define GUMS_SET_SID_LIST 0x62 - -typedef struct gums_user -{ - DOM_SID *group_sid; /* Primary Group SID */ - - NTTIME logon_time; /* logon time */ - NTTIME logoff_time; /* logoff time */ - NTTIME kickoff_time; /* kickoff time */ - NTTIME pass_last_set_time; /* password last set time */ - NTTIME pass_can_change_time; /* password can change time */ - NTTIME pass_must_change_time; /* password must change time */ - - char *full_name; /* user's full name string */ - char *home_dir; /* home directory string */ - char *dir_drive; /* home directory drive string */ - char *logon_script; /* logon script string */ - char *profile_path; /* profile path string */ - char *workstations; /* login from workstations string */ - char *unknown_str; /* don't know what this is, yet. */ - char *munged_dial; /* munged path name and dial-back tel number */ - - DATA_BLOB lm_pw; /* .data is Null if no password */ - DATA_BLOB nt_pw; /* .data is Null if no password */ - - uint16 acct_ctrl; /* account type & status flags */ - uint16 logon_divs; /* 168 - number of hours in a week */ - uint32 hours_len; /* normally 21 bytes */ - uint8 *hours; - - uint16 bad_password_count; /* 0 */ - uint16 logon_count; /* 0 */ - uint32 unknown_3; /* 0x00ff ffff */ - uint32 unknown_6; /* 0x0000 04ec */ - -} GUMS_USER; - -typedef struct gums_group -{ - uint32 count; /* Number of SIDs */ - DOM_SID *members; /* SID array */ - -} GUMS_GROUP; - -typedef struct gums_domain -{ - uint32 next_rid; - -} GUMS_DOMAIN; - -typedef struct gums_privilege -{ - LUID_ATTR *privilege; /* Privilege Type */ - - uint32 count; - DOM_SID *members; - -} GUMS_PRIVILEGE; - -union gums_obj_p { - GUMS_USER *user; - GUMS_GROUP *group; - GUMS_DOMAIN *domain; - GUMS_PRIVILEGE *priv; -}; - -typedef struct gums_object -{ - TALLOC_CTX *mem_ctx; - - uint32 type; /* Object Type */ - uint32 version; /* Object Version */ - uint32 seq_num; /* Object Sequence Number */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - - DOM_SID *sid; /* Object Sid */ - char *name; /* Object Name */ - char *description; /* Object Description */ - - union gums_obj_p data; /* Object Specific data */ - -} GUMS_OBJECT; - -typedef struct gums_data_set -{ - int type; /* GUMS_SET_xxx */ - void *data; - -} GUMS_DATA_SET; - -typedef struct gums_commit_set -{ - TALLOC_CTX *mem_ctx; - - uint32 type; /* Object type */ - DOM_SID sid; /* Object Sid */ - uint32 count; /* number of changes */ - GUMS_DATA_SET *data; - -} GUMS_COMMIT_SET; - -typedef struct gums_priv_commit_set -{ - TALLOC_CTX *mem_ctx; - - uint32 type; /* Object type */ - char *name; /* Object Sid */ - uint32 count; /* number of changes */ - GUMS_DATA_SET *data; - -} GUMS_PRIV_COMMIT_SET; - - -typedef struct gums_functions -{ - /* module data */ - TALLOC_CTX *mem_ctx; - char *name; - void *private_data; - void (*free_private_data)(void **); - - /* Generic object functions */ - - NTSTATUS (*get_domain_sid) (DOM_SID *sid, const char* name); - NTSTATUS (*set_domain_sid) (const DOM_SID *sid); - - NTSTATUS (*get_sequence_number) (void); - - NTSTATUS (*new_object) (DOM_SID *sid, const char *name, const int obj_type); - NTSTATUS (*delete_object) (const DOM_SID *sid); - - NTSTATUS (*get_object_from_sid) (GUMS_OBJECT **object, const DOM_SID *sid, const int obj_type); - NTSTATUS (*get_object_from_name) (GUMS_OBJECT **object, const char *name, const int obj_type); - /* This function is used to get the list of all objects changed since b_time, it is - used to support PDC<->BDC synchronization */ - NTSTATUS (*get_updated_objects) (GUMS_OBJECT **objects, const NTTIME base_time); - - NTSTATUS (*enumerate_objects_start) (void **handle, const DOM_SID *sid, const int obj_type); - NTSTATUS (*enumerate_objects_get_next) (GUMS_OBJECT **object, void *handle); - NTSTATUS (*enumerate_objects_stop) (void *handle); - - /* This function MUST be used ONLY by PDC<->BDC replication code or recovery tools. - Never use this function to update an object in the database, use set_object_values() */ - NTSTATUS (*set_object) (const GUMS_OBJECT *object); - - /* set object values function */ - NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET *data_set); - - /* Group related functions */ - NTSTATUS (*add_members_to_group) (const DOM_SID *group, const DOM_SID **members); - NTSTATUS (*delete_members_from_group) (const DOM_SID *group, const DOM_SID **members); - NTSTATUS (*enumerate_group_members) (DOM_SID **members, const DOM_SID *sid, const int type); - - NTSTATUS (*get_sid_groups) (DOM_SID **groups, const DOM_SID *sid); - - NTSTATUS (*lock_sid) (const DOM_SID *sid); - NTSTATUS (*unlock_sid) (const DOM_SID *sid); - - /* privileges related functions */ - - NTSTATUS (*add_members_to_privilege) (const LUID_ATTR *priv, const DOM_SID **members); - NTSTATUS (*delete_members_from_privilege) (const LUID_ATTR *priv, const DOM_SID **members); - NTSTATUS (*enumerate_privilege_members) (DOM_SID **members, const LUID_ATTR *priv); - NTSTATUS (*get_sid_privileges) (DOM_SID **privs, const DOM_SID *sid); - - /* warning!: set_privilege will overwrite a prior existing privilege if such exist */ - NTSTATUS (*set_privilege) (GUMS_PRIVILEGE *priv); - -} GUMS_FUNCTIONS; - -typedef NTSTATUS (*gums_init_function)( - struct gums_functions *, - const char *); - -struct gums_init_function_entry { - - const char *name; - gums_init_function init_fn; - struct gums_init_function_entry *prev, *next; -}; - -#endif /* _GUMS_H */ diff --git a/source3/include/includes.h b/source3/include/includes.h index fba2eabbe1..2a82098fa9 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -806,10 +806,6 @@ extern int errno; #include "rpc_secdes.h" -#include "genparser.h" - -#include "gums.h" - #include "nt_printing.h" #include "msdfs.h" diff --git a/source3/include/libsmbclient.h b/source3/include/libsmbclient.h index afcafeed81..f5d653f697 100644 --- a/source3/include/libsmbclient.h +++ b/source3/include/libsmbclient.h @@ -5,7 +5,6 @@ Copyright (C) Richard Sharpe 2000 Copyright (C) John Terpsra 2000 Copyright (C) Tom Jansen (Ninja ISD) 2002 - Copyright (C) Derrell Lipman 2003 This program is free software; you can redistribute it and/or modify @@ -66,9 +65,6 @@ #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> -#include <utime.h> - -#define SMBC_BASE_FD 10000 /* smallest file descriptor returned */ #define SMBC_WORKGROUP 1 #define SMBC_SERVER 2 @@ -117,20 +113,6 @@ struct smbc_dirent char name[1]; }; -/* - * Flags for smbc_setxattr() - * Specify a bitwise OR of these, or 0 to add or replace as necessary - */ -#define SMBC_XATTR_FLAG_CREATE 0x1 /* fail if attr already exists */ -#define SMBC_XATTR_FLAG_REPLACE 0x2 /* fail if attr does not exist */ - - -#ifndef ENOATTR -# define ENOATTR ENOENT /* No such attribute */ -#endif - - - /**@ingroup structure * Structure that represents a print job. @@ -376,27 +358,6 @@ struct _SMBCCTX { off_t (*telldir) (SMBCCTX *c, SMBCFILE *dir); int (*lseekdir)(SMBCCTX *c, SMBCFILE *dir, off_t offset); int (*fstatdir)(SMBCCTX *c, SMBCFILE *dir, struct stat *st); - int (*chmod)(SMBCCTX *c, const char *fname, mode_t mode); - int (*utimes)(SMBCCTX *c, - const char *fname, struct timeval *tbuf); - int (*setxattr)(SMBCCTX *context, - const char *fname, - const char *name, - const void *value, - size_t size, - int flags); - int (*getxattr)(SMBCCTX *context, - const char *fname, - const char *name, - const void *value, - size_t size); - int (*removexattr)(SMBCCTX *context, - const char *fname, - const char *name); - int (*listxattr)(SMBCCTX *context, - const char *fname, - char *list, - size_t size); /** callable functions for printing */ @@ -538,30 +499,6 @@ SMBCCTX * smbc_init_context(SMBCCTX * context); int smbc_init(smbc_get_auth_data_fn fn, int debug); -/**@ingroup misc - * Set or retrieve the compatibility library's context pointer - * - * @param context New context to use, or NULL. If a new context is provided, - * it must have allocated with smbc_new_context() and - * initialized with smbc_init_context(), followed, optionally, - * by some manual changes to some of the non-internal fields. - * - * @return The old context. - * - * @see smbc_new_context(), smbc_init_context(), smbc_init() - * - * @note This function may be called prior to smbc_init() to force - * use of the next context without any internal calls to - * smbc_new_context() or smbc_init_context(). It may also - * be called after smbc_init() has already called those two - * functions, to replace the existing context with a new one. - * Care should be taken, in this latter case, to ensure that - * the server cache and any data allocated by the - * authentication functions have been freed, if necessary. - */ - -SMBCCTX * smbc_set_context(SMBCCTX * new_context); - /**@ingroup file * Open a file on an SMB server. * @@ -1071,807 +1008,6 @@ int smbc_chown(const char *url, uid_t owner, gid_t group); */ int smbc_chmod(const char *url, mode_t mode); -/**@ingroup attribute - * Change the last modification time on a file - * - * @param url The smb url of the file or directory to change - * the modification time of - * - * @param tbuf A timeval structure which contains the desired - * modification time. NOTE: Only the tv_sec field is - * used. The tv_usec (microseconds) portion is ignored. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * - EPERM Permission was denied. - * - */ -int smbc_utimes(const char *url, struct timeval *tbuf); - -#ifdef HAVE_UTIME_H -/**@ingroup attribute - * Change the last modification time on a file - * - * @param url The smb url of the file or directory to change - * the modification time of - * - * @param utbuf A utimebuf structure which contains the desired - * modification time. NOTE: Although the structure contains - * an access time as well, the access time value is ignored. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * - ENOMEM No memory was available for internal needs - * - EPERM Permission was denied. - * - */ -int smbc_utime(const char *fname, struct utimbuf *utbuf); -#endif - -/**@ingroup attribute - * Set extended attributes for a file. This is used for modifying a file's - * security descriptor (i.e. owner, group, and access control list) - * - * @param url The smb url of the file or directory to set extended - * attributes for. - * - * @param name The name of an attribute to be changed. Names are of - * one of the following forms: - * - * system.nt_sec_desc.<attribute name> - * system.nt_sec_desc.* - * system.nt_sec_desc.*+ - * - * where <attribute name> is one of: - * - * revision - * owner - * owner+ - * group - * group+ - * acl:<name or sid> - * acl+:<name or sid> - * - * In the forms "system.nt_sec_desc.*" and - * "system.nt_sec_desc.*+", the asterisk and plus signs are - * literal, i.e. the string is provided exactly as shown, and - * the value parameter should contain a complete security - * descriptor with name:value pairs separated by tabs, - * commas, or newlines (not spaces!). - * - * The plus sign ('+') indicates that SIDs should be mapped - * to names. Without the plus sign, SIDs are not mapped; - * rather they are simply converted to a string format. - * - * @param value The value to be assigned to the specified attribute name. - * This buffer should contain only the attribute value if the - * name was of the "system.nt_sec_desc.<attribute_name>" - * form. If the name was of the "system.nt_sec_desc.*" form - * then a complete security descriptor, with name:value pairs - * separated by tabs, commas, or newlines (not spaces!), - * should be provided in this value buffer. A complete - * security descriptor will contain one or more entries - * selected from the following: - * - * REVISION:<revision number> - * OWNER:<sid or name> - * GROUP:<sid or name> - * ACL:<sid or name>:<type>/<flags>/<mask> - * - * The revision of the ACL specifies the internal Windows NT - * ACL revision for the security descriptor. If not specified - * it defaults to 1. Using values other than 1 may cause - * strange behaviour. - * - * The owner and group specify the owner and group sids for - * the object. If the attribute name (either '*+' with a - * complete security descriptor, or individual 'owner+' or - * 'group+' attribute names) ended with a plus sign, the - * specified name is resolved to a SID value, using the - * server on which the file or directory resides. Otherwise, - * the value should be provided in SID-printable format as - * S-1-x-y-z, and is used directly. The <sid or name> - * associated with the ACL: attribute should be provided - * similarly. - * - * @param size The number of the bytes of data in the value buffer - * - * @param flags A bit-wise OR of zero or more of the following: - * SMBC_XATTR_FLAG_CREATE - - * fail if the named attribute already exists - * SMBC_XATTR_FLAG_REPLACE - - * fail if the attribute does not already exist - * - * If neither flag is specified, the specified attributes - * will be added or replace existing attributes of the same - * name, as necessary. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * or one of the parameters is not of a correct - * form - * - ENOMEM No memory was available for internal needs - * - EEXIST If the attribute already exists and the flag - * SMBC_XATTR_FLAG_CREAT was specified - * - ENOATTR If the attribute does not exist and the flag - * SMBC_XATTR_FLAG_REPLACE was specified - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - * @note Attribute names are compared in a case-insensitive - * fashion. All of the following are equivalent, although - * the all-lower-case name is the preferred format: - * system.nt_sec_desc.owner - * SYSTEM.NT_SEC_DESC.OWNER - * sYsTeM.nt_sEc_desc.owNER - * - */ -int smbc_setxattr(const char *url, - const char *name, - const void *value, - size_t size, - int flags); - - -/**@ingroup attribute - * Set extended attributes for a file. This is used for modifying a file's - * security descriptor (i.e. owner, group, and access control list). The - * POSIX function which this maps to would act on a symbolic link rather than - * acting on what the symbolic link points to, but with no symbolic links in - * SMB file systems, this function is functionally identical to - * smbc_setxattr(). - * - * @param url The smb url of the file or directory to set extended - * attributes for. - * - * @param name The name of an attribute to be changed. Names are of - * one of the following forms: - * - * system.nt_sec_desc.<attribute name> - * system.nt_sec_desc.* - * system.nt_sec_desc.*+ - * - * where <attribute name> is one of: - * - * revision - * owner - * owner+ - * group - * group+ - * acl:<name or sid> - * acl+:<name or sid> - * - * In the forms "system.nt_sec_desc.*" and - * "system.nt_sec_desc.*+", the asterisk and plus signs are - * literal, i.e. the string is provided exactly as shown, and - * the value parameter should contain a complete security - * descriptor with name:value pairs separated by tabs, - * commas, or newlines (not spaces!). - * - * The plus sign ('+') indicates that SIDs should be mapped - * to names. Without the plus sign, SIDs are not mapped; - * rather they are simply converted to a string format. - * - * @param value The value to be assigned to the specified attribute name. - * This buffer should contain only the attribute value if the - * name was of the "system.nt_sec_desc.<attribute_name>" - * form. If the name was of the "system.nt_sec_desc.*" form - * then a complete security descriptor, with name:value pairs - * separated by tabs, commas, or newlines (not spaces!), - * should be provided in this value buffer. A complete - * security descriptor will contain one or more entries - * selected from the following: - * - * REVISION:<revision number> - * OWNER:<sid or name> - * GROUP:<sid or name> - * ACL:<sid or name>:<type>/<flags>/<mask> - * - * The revision of the ACL specifies the internal Windows NT - * ACL revision for the security descriptor. If not specified - * it defaults to 1. Using values other than 1 may cause - * strange behaviour. - * - * The owner and group specify the owner and group sids for - * the object. If the attribute name (either '*+' with a - * complete security descriptor, or individual 'owner+' or - * 'group+' attribute names) ended with a plus sign, the - * specified name is resolved to a SID value, using the - * server on which the file or directory resides. Otherwise, - * the value should be provided in SID-printable format as - * S-1-x-y-z, and is used directly. The <sid or name> - * associated with the ACL: attribute should be provided - * similarly. - * - * @param size The number of the bytes of data in the value buffer - * - * @param flags A bit-wise OR of zero or more of the following: - * SMBC_XATTR_FLAG_CREATE - - * fail if the named attribute already exists - * SMBC_XATTR_FLAG_REPLACE - - * fail if the attribute does not already exist - * - * If neither flag is specified, the specified attributes - * will be added or replace existing attributes of the same - * name, as necessary. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * or one of the parameters is not of a correct - * form - * - ENOMEM No memory was available for internal needs - * - EEXIST If the attribute already exists and the flag - * SMBC_XATTR_FLAG_CREAT was specified - * - ENOATTR If the attribute does not exist and the flag - * SMBC_XATTR_FLAG_REPLACE was specified - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - * @note Attribute names are compared in a case-insensitive - * fashion. All of the following are equivalent, although - * the all-lower-case name is the preferred format: - * system.nt_sec_desc.owner - * SYSTEM.NT_SEC_DESC.OWNER - * sYsTeM.nt_sEc_desc.owNER - * - */ -int smbc_lsetxattr(const char *url, - const char *name, - const void *value, - size_t size, - int flags); - - -/**@ingroup attribute - * Set extended attributes for a file. This is used for modifying a file's - * security descriptor (i.e. owner, group, and access control list) - * - * @param fd A file descriptor associated with an open file (as - * previously returned by smbc_open(), to get extended - * attributes for. - * - * @param name The name of an attribute to be changed. Names are of - * one of the following forms: - * - * system.nt_sec_desc.<attribute name> - * system.nt_sec_desc.* - * system.nt_sec_desc.*+ - * - * where <attribute name> is one of: - * - * revision - * owner - * owner+ - * group - * group+ - * acl:<name or sid> - * acl+:<name or sid> - * - * In the forms "system.nt_sec_desc.*" and - * "system.nt_sec_desc.*+", the asterisk and plus signs are - * literal, i.e. the string is provided exactly as shown, and - * the value parameter should contain a complete security - * descriptor with name:value pairs separated by tabs, - * commas, or newlines (not spaces!). - * - * The plus sign ('+') indicates that SIDs should be mapped - * to names. Without the plus sign, SIDs are not mapped; - * rather they are simply converted to a string format. - * - * @param value The value to be assigned to the specified attribute name. - * This buffer should contain only the attribute value if the - * name was of the "system.nt_sec_desc.<attribute_name>" - * form. If the name was of the "system.nt_sec_desc.*" form - * then a complete security descriptor, with name:value pairs - * separated by tabs, commas, or newlines (not spaces!), - * should be provided in this value buffer. A complete - * security descriptor will contain one or more entries - * selected from the following: - * - * REVISION:<revision number> - * OWNER:<sid or name> - * GROUP:<sid or name> - * ACL:<sid or name>:<type>/<flags>/<mask> - * - * The revision of the ACL specifies the internal Windows NT - * ACL revision for the security descriptor. If not specified - * it defaults to 1. Using values other than 1 may cause - * strange behaviour. - * - * The owner and group specify the owner and group sids for - * the object. If the attribute name (either '*+' with a - * complete security descriptor, or individual 'owner+' or - * 'group+' attribute names) ended with a plus sign, the - * specified name is resolved to a SID value, using the - * server on which the file or directory resides. Otherwise, - * the value should be provided in SID-printable format as - * S-1-x-y-z, and is used directly. The <sid or name> - * associated with the ACL: attribute should be provided - * similarly. - * - * @param size The number of the bytes of data in the value buffer - * - * @param flags A bit-wise OR of zero or more of the following: - * SMBC_XATTR_FLAG_CREATE - - * fail if the named attribute already exists - * SMBC_XATTR_FLAG_REPLACE - - * fail if the attribute does not already exist - * - * If neither flag is specified, the specified attributes - * will be added or replace existing attributes of the same - * name, as necessary. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * or one of the parameters is not of a correct - * form - * - ENOMEM No memory was available for internal needs - * - EEXIST If the attribute already exists and the flag - * SMBC_XATTR_FLAG_CREAT was specified - * - ENOATTR If the attribute does not exist and the flag - * SMBC_XATTR_FLAG_REPLACE was specified - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - * @note Attribute names are compared in a case-insensitive - * fashion. All of the following are equivalent, although - * the all-lower-case name is the preferred format: - * system.nt_sec_desc.owner - * SYSTEM.NT_SEC_DESC.OWNER - * sYsTeM.nt_sEc_desc.owNER - * - */ -int smbc_fsetxattr(int fd, - const char *name, - const void *value, - size_t size, - int flags); - - -/**@ingroup attribute - * Get extended attributes for a file. - * - * @param url The smb url of the file or directory to get extended - * attributes for. - * - * @param name The name of an attribute to be retrieved. Names are of - * one of the following forms: - * - * system.nt_sec_desc.<attribute name> - * system.nt_sec_desc.* - * system.nt_sec_desc.*+ - * - * where <attribute name> is one of: - * - * revision - * owner - * owner+ - * group - * group+ - * acl:<name or sid> - * acl+:<name or sid> - * - * In the forms "system.nt_sec_desc.*" and - * "system.nt_sec_desc.*+", the asterisk and plus signs are - * literal, i.e. the string is provided exactly as shown, and - * the value parameter will return a complete security - * descriptor with name:value pairs separated by tabs, - * commas, or newlines (not spaces!). - * - * The plus sign ('+') indicates that SIDs should be mapped - * to names. Without the plus sign, SIDs are not mapped; - * rather they are simply converted to a string format. - * - * @param value A pointer to a buffer in which the value of the specified - * attribute will be placed (unless size is zero). - * - * @param size The size of the buffer pointed to by value. This parameter - * may also be zero, in which case the size of the buffer - * required to hold the attribute value will be returned, - * but nothing will be placed into the value buffer. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * or one of the parameters is not of a correct - * form - * - ENOMEM No memory was available for internal needs - * - EEXIST If the attribute already exists and the flag - * SMBC_XATTR_FLAG_CREAT was specified - * - ENOATTR If the attribute does not exist and the flag - * SMBC_XATTR_FLAG_REPLACE was specified - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - */ -int smbc_getxattr(const char *url, - const char *name, - const void *value, - size_t size); - - -/**@ingroup attribute - * Get extended attributes for a file. The POSIX function which this maps to - * would act on a symbolic link rather than acting on what the symbolic link - * points to, but with no symbolic links in SMB file systems, this function - * is functionally identical to smbc_getxattr(). - * - * @param url The smb url of the file or directory to get extended - * attributes for. - * - * @param name The name of an attribute to be retrieved. Names are of - * one of the following forms: - * - * system.nt_sec_desc.<attribute name> - * system.nt_sec_desc.* - * system.nt_sec_desc.*+ - * - * where <attribute name> is one of: - * - * revision - * owner - * owner+ - * group - * group+ - * acl:<name or sid> - * acl+:<name or sid> - * - * In the forms "system.nt_sec_desc.*" and - * "system.nt_sec_desc.*+", the asterisk and plus signs are - * literal, i.e. the string is provided exactly as shown, and - * the value parameter will return a complete security - * descriptor with name:value pairs separated by tabs, - * commas, or newlines (not spaces!). - * - * The plus sign ('+') indicates that SIDs should be mapped - * to names. Without the plus sign, SIDs are not mapped; - * rather they are simply converted to a string format. - * - * @param value A pointer to a buffer in which the value of the specified - * attribute will be placed (unless size is zero). - * - * @param size The size of the buffer pointed to by value. This parameter - * may also be zero, in which case the size of the buffer - * required to hold the attribute value will be returned, - * but nothing will be placed into the value buffer. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * or one of the parameters is not of a correct - * form - * - ENOMEM No memory was available for internal needs - * - EEXIST If the attribute already exists and the flag - * SMBC_XATTR_FLAG_CREAT was specified - * - ENOATTR If the attribute does not exist and the flag - * SMBC_XATTR_FLAG_REPLACE was specified - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - */ -int smbc_lgetxattr(const char *url, - const char *name, - const void *value, - size_t size); - - -/**@ingroup attribute - * Get extended attributes for a file. - * - * @param fd A file descriptor associated with an open file (as - * previously returned by smbc_open(), to get extended - * attributes for. - * - * @param name The name of an attribute to be retrieved. Names are of - * one of the following forms: - * - * system.nt_sec_desc.<attribute name> - * system.nt_sec_desc.* - * system.nt_sec_desc.*+ - * - * where <attribute name> is one of: - * - * revision - * owner - * owner+ - * group - * group+ - * acl:<name or sid> - * acl+:<name or sid> - * - * In the forms "system.nt_sec_desc.*" and - * "system.nt_sec_desc.*+", the asterisk and plus signs are - * literal, i.e. the string is provided exactly as shown, and - * the value parameter will return a complete security - * descriptor with name:value pairs separated by tabs, - * commas, or newlines (not spaces!). - * - * The plus sign ('+') indicates that SIDs should be mapped - * to names. Without the plus sign, SIDs are not mapped; - * rather they are simply converted to a string format. - * - * @param value A pointer to a buffer in which the value of the specified - * attribute will be placed (unless size is zero). - * - * @param size The size of the buffer pointed to by value. This parameter - * may also be zero, in which case the size of the buffer - * required to hold the attribute value will be returned, - * but nothing will be placed into the value buffer. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * or one of the parameters is not of a correct - * form - * - ENOMEM No memory was available for internal needs - * - EEXIST If the attribute already exists and the flag - * SMBC_XATTR_FLAG_CREAT was specified - * - ENOATTR If the attribute does not exist and the flag - * SMBC_XATTR_FLAG_REPLACE was specified - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - */ -int smbc_fgetxattr(int fd, - const char *name, - const void *value, - size_t size); - - -/**@ingroup attribute - * Remove extended attributes for a file. This is used for modifying a file's - * security descriptor (i.e. owner, group, and access control list) - * - * @param url The smb url of the file or directory to remove the extended - * attributes for. - * - * @param name The name of an attribute to be removed. Names are of - * one of the following forms: - * - * system.nt_sec_desc.<attribute name> - * system.nt_sec_desc.* - * system.nt_sec_desc.*+ - * - * where <attribute name> is one of: - * - * revision - * owner - * owner+ - * group - * group+ - * acl:<name or sid> - * acl+:<name or sid> - * - * In the forms "system.nt_sec_desc.*" and - * "system.nt_sec_desc.*+", the asterisk and plus signs are - * literal, i.e. the string is provided exactly as shown, and - * the value parameter will return a complete security - * descriptor with name:value pairs separated by tabs, - * commas, or newlines (not spaces!). - * - * The plus sign ('+') indicates that SIDs should be mapped - * to names. Without the plus sign, SIDs are not mapped; - * rather they are simply converted to a string format. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * - ENOMEM No memory was available for internal needs - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - */ -int smbc_removexattr(const char *url, - const char *name); - - -/**@ingroup attribute - * Remove extended attributes for a file. This is used for modifying a file's - * security descriptor (i.e. owner, group, and access control list) The POSIX - * function which this maps to would act on a symbolic link rather than acting - * on what the symbolic link points to, but with no symbolic links in SMB file - * systems, this function is functionally identical to smbc_removexattr(). - * - * @param url The smb url of the file or directory to remove the extended - * attributes for. - * - * @param name The name of an attribute to be removed. Names are of - * one of the following forms: - * - * system.nt_sec_desc.<attribute name> - * system.nt_sec_desc.* - * system.nt_sec_desc.*+ - * - * where <attribute name> is one of: - * - * revision - * owner - * owner+ - * group - * group+ - * acl:<name or sid> - * acl+:<name or sid> - * - * In the forms "system.nt_sec_desc.*" and - * "system.nt_sec_desc.*+", the asterisk and plus signs are - * literal, i.e. the string is provided exactly as shown, and - * the value parameter will return a complete security - * descriptor with name:value pairs separated by tabs, - * commas, or newlines (not spaces!). - * - * The plus sign ('+') indicates that SIDs should be mapped - * to names. Without the plus sign, SIDs are not mapped; - * rather they are simply converted to a string format. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * - ENOMEM No memory was available for internal needs - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - */ -int smbc_lremovexattr(const char *url, - const char *name); - - -/**@ingroup attribute - * Remove extended attributes for a file. This is used for modifying a file's - * security descriptor (i.e. owner, group, and access control list) - * - * @param fd A file descriptor associated with an open file (as - * previously returned by smbc_open(), to get extended - * attributes for. - * - * @param name The name of an attribute to be removed. Names are of - * one of the following forms: - * - * system.nt_sec_desc.<attribute name> - * system.nt_sec_desc.* - * system.nt_sec_desc.*+ - * - * where <attribute name> is one of: - * - * revision - * owner - * owner+ - * group - * group+ - * acl:<name or sid> - * acl+:<name or sid> - * - * In the forms "system.nt_sec_desc.*" and - * "system.nt_sec_desc.*+", the asterisk and plus signs are - * literal, i.e. the string is provided exactly as shown, and - * the value parameter will return a complete security - * descriptor with name:value pairs separated by tabs, - * commas, or newlines (not spaces!). - * - * The plus sign ('+') indicates that SIDs should be mapped - * to names. Without the plus sign, SIDs are not mapped; - * rather they are simply converted to a string format. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * - ENOMEM No memory was available for internal needs - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - */ -int smbc_fremovexattr(int fd, - const char *name); - - -/**@ingroup attribute - * List the supported extended attribute names associated with a file - * - * @param url The smb url of the file or directory to list the extended - * attributes for. - * - * @param list A pointer to a buffer in which the list of attributes for - * the specified file or directory will be placed (unless - * size is zero). - * - * @param size The size of the buffer pointed to by list. This parameter - * may also be zero, in which case the size of the buffer - * required to hold all of the attribute names will be - * returned, but nothing will be placed into the list buffer. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * - ENOMEM No memory was available for internal needs - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - * @note This function always returns all attribute names supported - * by NT file systems, regardless of wether the referenced - * file system supports extended attributes (e.g. a Windows - * 2000 machine supports extended attributes if NTFS is used, - * but not if FAT is used, and Windows 98 doesn't support - * extended attributes at all. Whether this is a feature or - * a bug is yet to be decided. - */ -int smbc_listxattr(const char *url, - char *list, - size_t size); - -/**@ingroup attribute - * List the supported extended attribute names associated with a file The - * POSIX function which this maps to would act on a symbolic link rather than - * acting on what the symbolic link points to, but with no symbolic links in - * SMB file systems, this function is functionally identical to - * smbc_listxattr(). - * - * @param url The smb url of the file or directory to list the extended - * attributes for. - * - * @param list A pointer to a buffer in which the list of attributes for - * the specified file or directory will be placed (unless - * size is zero). - * - * @param size The size of the buffer pointed to by list. This parameter - * may also be zero, in which case the size of the buffer - * required to hold all of the attribute names will be - * returned, but nothing will be placed into the list buffer. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * - ENOMEM No memory was available for internal needs - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - * @note This function always returns all attribute names supported - * by NT file systems, regardless of wether the referenced - * file system supports extended attributes (e.g. a Windows - * 2000 machine supports extended attributes if NTFS is used, - * but not if FAT is used, and Windows 98 doesn't support - * extended attributes at all. Whether this is a feature or - * a bug is yet to be decided. - */ -int smbc_llistxattr(const char *url, - char *list, - size_t size); - -/**@ingroup attribute - * List the supported extended attribute names associated with a file - * - * @param fd A file descriptor associated with an open file (as - * previously returned by smbc_open(), to get extended - * attributes for. - * - * @param list A pointer to a buffer in which the list of attributes for - * the specified file or directory will be placed (unless - * size is zero). - * - * @param size The size of the buffer pointed to by list. This parameter - * may also be zero, in which case the size of the buffer - * required to hold all of the attribute names will be - * returned, but nothing will be placed into the list buffer. - * - * @return 0 on success, < 0 on error with errno set: - * - EINVAL The client library is not properly initialized - * - ENOMEM No memory was available for internal needs - * - EPERM Permission was denied. - * - ENOTSUP The referenced file system does not support - * extended attributes - * - * @note This function always returns all attribute names supported - * by NT file systems, regardless of wether the referenced - * file system supports extended attributes (e.g. a Windows - * 2000 machine supports extended attributes if NTFS is used, - * but not if FAT is used, and Windows 98 doesn't support - * extended attributes at all. Whether this is a feature or - * a bug is yet to be decided. - */ -int smbc_flistxattr(int fd, - char *list, - size_t size); /**@ingroup print * Print a file given the name in fname. It would be a URL ... diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index 66057424ca..ccbc190c59 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -402,6 +402,5 @@ struct acct_info #include "rpc_dfs.h" #include "rpc_ds.h" #include "rpc_echo.h" -#include "rpc_epmapper.h" #endif /* _NT_DOMAIN_H */ diff --git a/source3/include/passdb.h b/source3/include/passdb.h index cd9c57a991..a4b2bcff3f 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -177,15 +177,6 @@ typedef struct sam_group { } SAM_GROUP; -typedef struct _GROUP_INFO { - struct pdb_methods *methods; - DOM_SID sid; - enum SID_NAME_USE sid_name_use; - fstring nt_name; - fstring comment; -} GROUP_INFO; - - /***************************************************************** Functions to be implemented by the new (v2) passdb API ****************************************************************/ @@ -201,28 +192,26 @@ typedef struct pdb_context { struct pdb_methods *pdb_methods; struct pdb_methods *pwent_methods; - + /* These functions are wrappers for the functions listed above. They may do extra things like re-reading a SAM_ACCOUNT on update */ NTSTATUS (*pdb_setsampwent)(struct pdb_context *, BOOL update); - + void (*pdb_endsampwent)(struct pdb_context *); - + NTSTATUS (*pdb_getsampwent)(struct pdb_context *, SAM_ACCOUNT *user); - + NTSTATUS (*pdb_getsampwnam)(struct pdb_context *, SAM_ACCOUNT *sam_acct, const char *username); - + NTSTATUS (*pdb_getsampwsid)(struct pdb_context *, SAM_ACCOUNT *sam_acct, const DOM_SID *sid); NTSTATUS (*pdb_add_sam_account)(struct pdb_context *, SAM_ACCOUNT *sampass); - + NTSTATUS (*pdb_update_sam_account)(struct pdb_context *, SAM_ACCOUNT *sampass); - + NTSTATUS (*pdb_delete_sam_account)(struct pdb_context *, SAM_ACCOUNT *username); - /* group mapping functions: to be removed */ - NTSTATUS (*pdb_getgrsid)(struct pdb_context *context, GROUP_MAP *map, DOM_SID sid); NTSTATUS (*pdb_getgrgid)(struct pdb_context *context, GROUP_MAP *map, gid_t gid); @@ -243,30 +232,6 @@ typedef struct pdb_context GROUP_MAP **rmap, int *num_entries, BOOL unix_only); - /* group functions */ - - NTSTATUS (*pdb_get_group_info_by_sid)(struct pdb_context *context, GROUP_INFO *info, const DOM_SID *group); - - NTSTATUS (*pdb_get_group_list)(struct pdb_context *context, GROUP_INFO **info, const enum SID_NAME_USE sid_name_use, int *num_groups); - - NTSTATUS (*pdb_get_group_sids)(struct pdb_context *context, const DOM_SID *group, DOM_SID **members, int *num_members); - - NTSTATUS (*pdb_add_group)(struct pdb_context *context, const SAM_GROUP *group); - - NTSTATUS (*pdb_update_group)(struct pdb_context *context, const SAM_GROUP *group); - - NTSTATUS (*pdb_delete_group)(struct pdb_context *context, const DOM_SID *group); - - NTSTATUS (*pdb_add_sid_to_group)(struct pdb_context *context, const DOM_SID *group, const DOM_SID *member); - - NTSTATUS (*pdb_remove_sid_from_group)(struct pdb_context *context, const DOM_SID *group, const DOM_SID *member); - - NTSTATUS (*pdb_get_group_info_by_name)(struct pdb_context *context, GROUP_INFO *info, const char *name); - - NTSTATUS (*pdb_get_group_info_by_nt_name)(struct pdb_context *context, GROUP_INFO *info, const char *nt_name); - - NTSTATUS (*pdb_get_group_uids)(struct pdb_context *context, const DOM_SID *group, uid_t **members, int *num_members); - void (*free_fn)(struct pdb_context **); TALLOC_CTX *mem_ctx; @@ -297,9 +262,7 @@ typedef struct pdb_methods NTSTATUS (*update_sam_account)(struct pdb_methods *, SAM_ACCOUNT *sampass); NTSTATUS (*delete_sam_account)(struct pdb_methods *, SAM_ACCOUNT *username); - - /* group mapping functions: to be removed */ - + NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map, DOM_SID sid); NTSTATUS (*getgrgid)(struct pdb_methods *methods, GROUP_MAP *map, gid_t gid); @@ -320,30 +283,6 @@ typedef struct pdb_methods GROUP_MAP **rmap, int *num_entries, BOOL unix_only); - /* group functions */ - - NTSTATUS (*get_group_info_by_sid)(struct pdb_methods *methods, GROUP_INFO *info, const DOM_SID *group); - - NTSTATUS (*get_group_list)(struct pdb_methods *methods, GROUP_INFO **info, const enum SID_NAME_USE sid_name_use, int *num_groups); - - NTSTATUS (*get_group_sids)(struct pdb_methods *methods, const DOM_SID *group, DOM_SID **members, int *num_members); - - NTSTATUS (*add_group)(struct pdb_methods *methods, const SAM_GROUP *group); - - NTSTATUS (*update_group)(struct pdb_methods *methods, const SAM_GROUP *group); - - NTSTATUS (*delete_group)(struct pdb_methods *methods, const DOM_SID *group); - - NTSTATUS (*add_sid_to_group)(struct pdb_methods *methods, const DOM_SID *group, const DOM_SID *member); - - NTSTATUS (*remove_sid_from_group)(struct pdb_methods *methods, const DOM_SID *group, const DOM_SID *member); - - NTSTATUS (*get_group_info_by_name)(struct pdb_methods *methods, GROUP_INFO *info, const char *name); - - NTSTATUS (*get_group_info_by_nt_name)(struct pdb_methods *methods, GROUP_INFO *info, const char *nt_name); - - NTSTATUS (*get_group_uids)(struct pdb_methods *methods, const DOM_SID *group, uid_t **members, int *num_members); - void *private_data; /* Private data of some kind */ void (*free_private_data)(void **); diff --git a/source3/include/rpc_client_proto.h b/source3/include/rpc_client_proto.h deleted file mode 100644 index 0ecb195691..0000000000 --- a/source3/include/rpc_client_proto.h +++ /dev/null @@ -1,231 +0,0 @@ -#ifndef _RPC_CLIENT_PROTO_H_ -#define _RPC_CLIENT_PROTO_H_ -/* This file is automatically generated with "make proto". DO NOT EDIT */ - - -/*The following definitions come from lib/util_list.c */ - -BOOL copy_policy_hnd (POLICY_HND *dest, const POLICY_HND *src); -BOOL compare_rpc_hnd_node(const RPC_HND_NODE *x, - const RPC_HND_NODE *y); -BOOL RpcHndList_set_connection(const POLICY_HND *hnd, - struct cli_connection *con); -BOOL RpcHndList_del_connection(const POLICY_HND *hnd); -struct cli_connection* RpcHndList_get_connection(const POLICY_HND *hnd); - -/*The following definitions come from rpc_client/cli_connect.c */ - -void init_connections(void); -void free_connections(void); -void cli_connection_free(struct cli_connection *con); -void cli_connection_unlink(struct cli_connection *con); -BOOL cli_connection_init(const char *srv_name, char *pipe_name, - struct cli_connection **con); -BOOL cli_connection_init_auth(const char *srv_name, char *pipe_name, - struct cli_connection **con, - cli_auth_fns * auth, void *auth_creds); -struct _cli_auth_fns *cli_conn_get_authfns(struct cli_connection *con); -void *cli_conn_get_auth_creds(struct cli_connection *con); -BOOL rpc_hnd_pipe_req(const POLICY_HND * hnd, uint8 op_num, - prs_struct * data, prs_struct * rdata); -BOOL rpc_con_pipe_req(struct cli_connection *con, uint8 op_num, - prs_struct * data, prs_struct * rdata); -BOOL rpc_con_ok(struct cli_connection *con); - -/*The following definitions come from rpc_client/cli_login.c */ - -BOOL cli_nt_setup_creds(struct cli_state *cli, unsigned char mach_pwd[16]); -BOOL cli_nt_srv_pwset(struct cli_state *cli, unsigned char *new_hashof_mach_pwd); -BOOL cli_nt_login_interactive(struct cli_state *cli, char *domain, char *username, - uint32 smb_userid_low, char *password, - NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3); -BOOL cli_nt_login_network(struct cli_state *cli, char *domain, char *username, - uint32 smb_userid_low, char lm_chal[8], - char *lm_chal_resp, char *nt_chal_resp, - NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3); -BOOL cli_nt_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr); - -/*The following definitions come from rpc_client/cli_lsarpc.c */ - -BOOL do_lsa_open_policy(struct cli_state *cli, - char *system_name, POLICY_HND *hnd, - BOOL sec_qos); -BOOL do_lsa_query_info_pol(struct cli_state *cli, - POLICY_HND *hnd, uint16 info_class, - fstring domain_name, DOM_SID *domain_sid); -BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd); -BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server); -uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd, - BOOL sec_qos, uint32 des_access); -uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids, - char ***names, uint32 **types, int *num_names); -uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names, - DOM_SID **sids, uint32 **types, int *num_sids); - -/*The following definitions come from rpc_client/cli_netlogon.c */ - -BOOL cli_net_logon_ctrl2(struct cli_state *cli, uint32 status_level); -BOOL cli_net_auth2(struct cli_state *cli, uint16 sec_chan, - uint32 neg_flags, DOM_CHAL *srv_chal); -BOOL cli_net_req_chal(struct cli_state *cli, DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal); -BOOL cli_net_srv_pwset(struct cli_state *cli, uint8 hashed_mach_pwd[16]); -BOOL cli_net_sam_logon(struct cli_state *cli, NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3); -BOOL cli_net_sam_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr); -BOOL change_trust_account_password( char *domain, char *remote_machine_list); - -/*The following definitions come from rpc_client/cli_pipe.c */ - -BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num, - prs_struct *data, prs_struct *rdata); -BOOL rpc_pipe_bind(struct cli_state *cli, char *pipe_name, char *my_name); -void cli_nt_set_ntlmssp_flgs(struct cli_state *cli, uint32 ntlmssp_flgs); -BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name); -void cli_nt_session_close(struct cli_state *cli); - -/*The following definitions come from rpc_client/cli_reg.c */ - -BOOL do_reg_connect(struct cli_state *cli, char *full_keyname, char *key_name, - POLICY_HND *reg_hnd); -BOOL do_reg_open_hklm(struct cli_state *cli, uint16 unknown_0, uint32 level, - POLICY_HND *hnd); -BOOL do_reg_open_hku(struct cli_state *cli, uint16 unknown_0, uint32 level, - POLICY_HND *hnd); -BOOL do_reg_flush_key(struct cli_state *cli, POLICY_HND *hnd); -BOOL do_reg_query_key(struct cli_state *cli, POLICY_HND *hnd, - char *class, uint32 *class_len, - uint32 *num_subkeys, uint32 *max_subkeylen, - uint32 *max_subkeysize, uint32 *num_values, - uint32 *max_valnamelen, uint32 *max_valbufsize, - uint32 *sec_desc, NTTIME *mod_time); -BOOL do_reg_unknown_1a(struct cli_state *cli, POLICY_HND *hnd, uint32 *unk); -BOOL do_reg_query_info(struct cli_state *cli, POLICY_HND *hnd, - char *key_value, uint32* key_type); -BOOL do_reg_set_key_sec(struct cli_state *cli, POLICY_HND *hnd, SEC_DESC_BUF *sec_desc_buf); -BOOL do_reg_get_key_sec(struct cli_state *cli, POLICY_HND *hnd, uint32 *sec_buf_size, SEC_DESC_BUF **ppsec_desc_buf); -BOOL do_reg_delete_val(struct cli_state *cli, POLICY_HND *hnd, char *val_name); -BOOL do_reg_delete_key(struct cli_state *cli, POLICY_HND *hnd, char *key_name); -BOOL do_reg_create_key(struct cli_state *cli, POLICY_HND *hnd, - char *key_name, char *key_class, - SEC_ACCESS *sam_access, - POLICY_HND *key); -BOOL do_reg_enum_key(struct cli_state *cli, POLICY_HND *hnd, - int key_index, char *key_name, - uint32 *unk_1, uint32 *unk_2, - time_t *mod_time); -BOOL do_reg_create_val(struct cli_state *cli, POLICY_HND *hnd, - char *val_name, uint32 type, BUFFER3 *data); -BOOL do_reg_enum_val(struct cli_state *cli, POLICY_HND *hnd, - int val_index, int max_valnamelen, int max_valbufsize, - fstring val_name, - uint32 *val_type, BUFFER2 *value); -BOOL do_reg_open_entry(struct cli_state *cli, POLICY_HND *hnd, - char *key_name, uint32 unk_0, - POLICY_HND *key_hnd); -BOOL do_reg_close(struct cli_state *cli, POLICY_HND *hnd); - -/*The following definitions come from rpc_client/cli_samr.c */ - -BOOL get_samr_query_usergroups(struct cli_state *cli, - POLICY_HND *pol_open_domain, uint32 user_rid, - uint32 *num_groups, DOM_GID *gid); -BOOL get_samr_query_userinfo(struct cli_state *cli, - POLICY_HND *pol_open_domain, - uint32 info_level, - uint32 user_rid, SAM_USER_INFO_21 *usr); -BOOL do_samr_chgpasswd_user(struct cli_state *cli, - char *srv_name, char *user_name, - char nt_newpass[516], uchar nt_oldhash[16], - char lm_newpass[516], uchar lm_oldhash[16]); -BOOL do_samr_unknown_38(struct cli_state *cli, char *srv_name); -BOOL do_samr_query_dom_info(struct cli_state *cli, - POLICY_HND *domain_pol, uint16 switch_value); -BOOL do_samr_enum_dom_users(struct cli_state *cli, - POLICY_HND *pol, uint16 num_entries, uint16 unk_0, - uint16 acb_mask, uint16 unk_1, uint32 size, - struct acct_info **sam, - int *num_sam_users); -BOOL do_samr_connect(struct cli_state *cli, - char *srv_name, uint32 unknown_0, - POLICY_HND *connect_pol); -BOOL do_samr_open_user(struct cli_state *cli, - POLICY_HND *pol, uint32 unk_0, uint32 rid, - POLICY_HND *user_pol); -BOOL do_samr_open_domain(struct cli_state *cli, - POLICY_HND *connect_pol, uint32 rid, DOM_SID *sid, - POLICY_HND *domain_pol); -BOOL do_samr_query_unknown_12(struct cli_state *cli, - POLICY_HND *pol, uint32 rid, uint32 num_gids, uint32 *gids, - uint32 *num_aliases, - fstring als_names [MAX_LOOKUP_SIDS], - uint32 num_als_users[MAX_LOOKUP_SIDS]); -BOOL do_samr_query_usergroups(struct cli_state *cli, - POLICY_HND *pol, uint32 *num_groups, DOM_GID *gid); -BOOL do_samr_query_userinfo(struct cli_state *cli, - POLICY_HND *pol, uint16 switch_value, void* usr); -BOOL do_samr_close(struct cli_state *cli, POLICY_HND *hnd); - -/*The following definitions come from rpc_client/cli_spoolss_notify.c */ - -BOOL spoolss_disconnect_from_client( struct cli_state *cli); -BOOL spoolss_connect_to_client( struct cli_state *cli, char *remote_machine); -BOOL cli_spoolss_reply_open_printer(struct cli_state *cli, char *printer, uint32 localprinter, uint32 type, uint32 *status, POLICY_HND *handle); -BOOL cli_spoolss_reply_rrpcn(struct cli_state *cli, POLICY_HND *handle, - uint32 change_low, uint32 change_high, uint32 *status); -BOOL cli_spoolss_reply_close_printer(struct cli_state *cli, POLICY_HND *handle, uint32 *status); - -/*The following definitions come from rpc_client/cli_srvsvc.c */ - -BOOL do_srv_net_srv_conn_enum(struct cli_state *cli, - char *server_name, char *qual_name, - uint32 switch_value, SRV_CONN_INFO_CTR *ctr, - uint32 preferred_len, - ENUM_HND *hnd); -BOOL do_srv_net_srv_sess_enum(struct cli_state *cli, - char *server_name, char *qual_name, - uint32 switch_value, SRV_SESS_INFO_CTR *ctr, - uint32 preferred_len, - ENUM_HND *hnd); -BOOL do_srv_net_srv_share_enum(struct cli_state *cli, - char *server_name, - uint32 switch_value, SRV_R_NET_SHARE_ENUM *r_o, - uint32 preferred_len, ENUM_HND *hnd); -BOOL do_srv_net_srv_file_enum(struct cli_state *cli, - char *server_name, char *qual_name, - uint32 switch_value, SRV_FILE_INFO_CTR *ctr, - uint32 preferred_len, - ENUM_HND *hnd); -BOOL do_srv_net_srv_get_info(struct cli_state *cli, - char *server_name, uint32 switch_value, SRV_INFO_CTR *ctr); - -/*The following definitions come from rpc_client/cli_use.c */ - -void init_cli_use(void); -void free_cli_use(void); -struct cli_state *cli_net_use_add(const char *srv_name, - const struct ntuser_creds *usr_creds, - BOOL reuse, BOOL *is_new); -BOOL cli_net_use_del(const char *srv_name, - const struct ntuser_creds *usr_creds, - BOOL force_close, BOOL *connection_closed); -void cli_net_use_enum(uint32 *num_cons, struct use_info ***use); -void cli_use_wait_keyboard(void); - -/*The following definitions come from rpc_client/cli_wkssvc.c */ - -BOOL do_wks_query_info(struct cli_state *cli, - char *server_name, uint32 switch_value, - WKS_INFO_100 *wks100); - -/*The following definitions come from rpc_client/ncacn_np_use.c */ - -BOOL ncacn_np_use_del(const char *srv_name, const char *pipe_name, - const vuser_key * key, - BOOL force_close, BOOL *connection_closed); -struct ncacn_np *ncacn_np_initialise(struct ncacn_np *msrpc, - const vuser_key * key); -struct ncacn_np *ncacn_np_use_add(const char *pipe_name, - const vuser_key * key, - const char *srv_name, - const struct ntuser_creds *ntc, - BOOL reuse, BOOL *is_new_connection); -#endif /* _PROTO_H_ */ diff --git a/source3/include/rpc_epmapper.h b/source3/include/rpc_epmapper.h deleted file mode 100644 index de3a2cb08d..0000000000 --- a/source3/include/rpc_epmapper.h +++ /dev/null @@ -1,118 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Endpoint mapper data definitions - Copyright (C) Jim McDonough (jmcd@us.ibm.com) 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#define EPM_HANDLE_LEN 20 - -/* ordinal for the mapping interface */ - -#define EPM_MAP_PIPE_NAME 0x03 - -/* some of the different connection protocols and their IDs from Windows */ - -#define EPM_FLOOR_UUID 0x0d /* floor contains UUID */ -#define EPM_FLOOR_RPC 0x0b /* tower is for connection-oriented rpc */ -#define EPM_FLOOR_TCP 0x07 /* floor contains tcp port number */ -#define EPM_FLOOR_IP 0x09 /* floor contains IP address */ -#define EPM_FLOOR_NMPIPES 0x0f /* floor contains remote named pipe name */ -#define EPM_FLOOR_LRPC 0x10 /* floor contains local named pipe name */ -#define EPM_FLOOR_NETBIOS 0x11 /* floor contains netbios address */ -#define EPM_FLOOR_NETBEUI 0x12 /* floor contains netbeui address */ -#define EPM_FLOOR_SOCKET 0x20 - -#define EPM_PIPE_NM "epmapper" - -#define MAX_TOWERS 1 - -typedef struct -{ - uint8 data[EPM_HANDLE_LEN]; -} EPM_HANDLE; - -typedef struct -{ - struct { - uint16 length; - uint8 protocol; - struct { - RPC_UUID uuid; - uint16 version; - } uuid; - } lhs; - struct { - uint16 length; - uint16 unknown; - struct { - uint16 port; - } tcp; - struct { - uint8 addr[4]; - } ip; - char string[MAXHOSTNAMELEN+3]; /* hostname + \\ + null term */ - } rhs; -} EPM_FLOOR; - -typedef struct -{ - uint32 max_length; - uint32 length; - uint16 num_floors; - EPM_FLOOR *floors; - uint8 unknown; -} EPM_TOWER; - -typedef struct -{ - EPM_HANDLE handle; - uint32 tower_ref_id; - EPM_TOWER *tower; - EPM_HANDLE term_handle; /* in/out */ - uint32 max_towers; -} EPM_Q_MAP; - -typedef struct -{ - uint32 max_count; - uint32 offset; - uint32 count; - uint32 *tower_ref_ids; - EPM_TOWER *towers; -} EPM_TOWER_ARRAY; - -typedef struct -{ - EPM_HANDLE handle; - uint32 num_results; - EPM_TOWER_ARRAY *results; - uint32 status; -} EPM_R_MAP; - - -/* port mapping entries to be read */ - -typedef struct _mapper_entries{ - uint8 protocol ; - RPC_IFACE uuid_info ; /* needs to be zeroed if no specific uuid */ - uint16 port ; - char pipe_name[40] ; - char srv_name[20] ; - uint8 srv_port[4] ; - char func_name[16][16]; /* array of up to 16 functions available */ -} mapper_entries; - diff --git a/source3/include/smb.h b/source3/include/smb.h index 1e4c48132a..8c6f47f23f 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -194,7 +194,6 @@ typedef smb_ucs2_t wfstring[FSTRING_LEN]; #define PIPE_SPOOLSS "\\PIPE\\spoolss" #define PIPE_NETDFS "\\PIPE\\netdfs" #define PIPE_ECHO "\\PIPE\\rpcecho" -#define PIPE_EPM "\\PIPE\\epmapper" #define PIPE_NETLOGON_PLAIN "\\NETLOGON" @@ -208,8 +207,7 @@ typedef smb_ucs2_t wfstring[FSTRING_LEN]; #define PI_SPOOLSS 7 #define PI_NETDFS 8 #define PI_ECHO 9 -#define PI_EPM 10 -#define PI_MAX_PIPES 11 +#define PI_MAX_PIPES 10 /* 64 bit time (100usec) since ????? - cifs6.txt, section 3.5, page 30 */ typedef struct nttime_info diff --git a/source3/include/tdbsam2.h b/source3/include/tdbsam2.h deleted file mode 100644 index b99e16586b..0000000000 --- a/source3/include/tdbsam2.h +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * tdbsam2 genstruct enabled header file - * Copyright (C) Simo Sorce 2002 - * - * This program is free software; you can redistribute it and/or modify it under - * the terms of the GNU General Public License as published by the Free - * Software Foundation; either version 2 of the License, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along with - * this program; if not, write to the Free Software Foundation, Inc., 675 - * Mass Ave, Cambridge, MA 02139, USA. - */ - -/* ALL strings assumes UTF8 as encoding */ - -#ifndef TDBSAM2_H -#define TDBSAM2_H - -/* IMPORTANT: these structures must follow closely the GUMS_OBJECTs - * structures as they will be casted over !! - * the GUMS_OBJECT union is unrolled here into four tdbsam2 - * objects cause genstruct is not able to follow arbitrary unions */ - -GENSTRUCT struct domain_sub_structure -{ - uint32 next_rid; /* The Next free RID */ -}; - -GENSTRUCT struct tdbsam2_domain_data -{ - TALLOC_CTX *mem_ctx; - - uint32 type; - uint32 version; - uint32 xcounter; /* counter to be updated at any change */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - - DOM_SID *dom_sid; /* The Domain SID */ - char *name; _NULLTERM /* NT Domain Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - struct domain_sub_structure *dss; -}; - -GENSTRUCT struct user_sub_structure -{ - DOM_SID *group_sid; /* The Primary Group SID */ - - NTTIME logon_time; - NTTIME logoff_time; - NTTIME kickoff_time; - NTTIME pass_last_set_time; - NTTIME pass_can_change_time; - NTTIME pass_must_change_time; - - char *full_name; _NULLTERM /* The Full Name */ - char *home_dir; _NULLTERM /* Home Directory */ - char *dir_drive; _NULLTERM /* Drive Letter the home should be mapped to */ - char *logon_script; _NULLTERM /* Logon script path */ - char *profile_path; _NULLTERM /* Profile is stored here */ - char *workstations; _NULLTERM /* List of Workstation names the user is allowed to LogIn */ - char *unknown_str; _NULLTERM /* Guess ... Unknown */ - char *munged_dial; _NULLTERM /* Callback Number */ - - DATA_BLOB lm_pw; /* .data is Null if no password */ - DATA_BLOB nt_pw; /* .data is Null if no password */ - - uint16 acct_ctrl; /* account flags */ - uint16 logon_divs; /* 168 - num of hours in a week */ - uint32 hours_len; /* normally 21 */ - uint8 *hours; _LEN(hours_len) /* normally 21 bytes (depends on hours_len) */ - - uint16 bad_password_count; /* 0 */ - uint16 logon_count; /* 0 */ - uint32 unknown_3; /* 0x00ff ffff */ - uint32 unknown_6; /* 0x0000 04ec */ -}; - -GENSTRUCT struct tdbsam2_user_data -{ - TALLOC_CTX *mem_ctx; - - uint32 type; - uint32 version; - uint32 xcounter; /* counter to be updated at any change */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - - DOM_SID *user_sid; /* The User SID */ - char *name; _NULLTERM /* NT User Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - struct user_sub_structure *uss; -}; - -GENSTRUCT struct group_sub_structure -{ - uint32 count; /* number of sids */ - DOM_SID *members; _LEN(count) /* SID array */ -}; - -GENSTRUCT struct tdbsam2_group_data -{ - TALLOC_CTX *mem_ctx; - - uint32 type; - uint32 version; - uint32 xcounter; /* counter to be updated at any change */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - - DOM_SID *group_sid; /* The Group SID */ - char *name; _NULLTERM /* NT Group Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - struct group_sub_structure *gss; -}; - -GENSTRUCT struct priv_sub_structure -{ - LUID_ATTR *privilege; /* Privilege */ - - uint32 count; /* number of sids */ - DOM_SID *members; _LEN(count) /* SID array */ -}; - -GENSTRUCT struct tdbsam2_priv_data -{ - TALLOC_CTX *mem_ctx; - - uint32 type; - uint32 version; - uint32 xcounter; /* counter to be updated at any change */ - - DOM_SID *null_sid; - char *name; _NULLTERM /* Privilege Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - struct priv_sub_structure *pss; -}; - -#endif /* TDBSAM2_H */ diff --git a/source3/include/tdbsam2_parse_info.h b/source3/include/tdbsam2_parse_info.h deleted file mode 100644 index f1b2936c47..0000000000 --- a/source3/include/tdbsam2_parse_info.h +++ /dev/null @@ -1,164 +0,0 @@ -/* This is an automatically generated file - DO NOT EDIT! */ - -int gen_dump_struct_domain_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_domain_sub_structure(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_domain_sub_structure[] = { -{"next_rid", 0, sizeof(uint32), offsetof(struct domain_sub_structure, next_rid), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -int gen_dump_struct_domain_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_domain_sub_structure, p, ptr, indent); -} -int gen_parse_struct_domain_sub_structure(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_domain_sub_structure, ptr, str); -} - -int gen_dump_struct_tdbsam2_domain_data(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_tdbsam2_domain_data(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_tdbsam2_domain_data[] = { -{"mem_ctx", 1, sizeof(TALLOC_CTX), offsetof(struct tdbsam2_domain_data, mem_ctx), 0, NULL, 0, gen_dump_TALLOC_CTX, gen_parse_TALLOC_CTX}, -{"type", 0, sizeof(uint32), offsetof(struct tdbsam2_domain_data, type), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"version", 0, sizeof(uint32), offsetof(struct tdbsam2_domain_data, version), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"xcounter", 0, sizeof(uint32), offsetof(struct tdbsam2_domain_data, xcounter), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"sec_desc", 1, sizeof(SEC_DESC), offsetof(struct tdbsam2_domain_data, sec_desc), 0, NULL, 0, gen_dump_SEC_DESC, gen_parse_SEC_DESC}, -{"dom_sid", 1, sizeof(DOM_SID), offsetof(struct tdbsam2_domain_data, dom_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"name", 1, sizeof(char), offsetof(struct tdbsam2_domain_data, name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"description", 1, sizeof(char), offsetof(struct tdbsam2_domain_data, description), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"dss", 1, sizeof(struct domain_sub_structure), offsetof(struct tdbsam2_domain_data, dss), 0, NULL, 0, gen_dump_struct_domain_sub_structure, gen_parse_struct_domain_sub_structure}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -int gen_dump_struct_tdbsam2_domain_data(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_tdbsam2_domain_data, p, ptr, indent); -} -int gen_parse_struct_tdbsam2_domain_data(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_tdbsam2_domain_data, ptr, str); -} - -int gen_dump_struct_user_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_user_sub_structure(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_user_sub_structure[] = { -{"group_sid", 1, sizeof(DOM_SID), offsetof(struct user_sub_structure, group_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"logon_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, logon_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"logoff_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, logoff_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"kickoff_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, kickoff_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"pass_last_set_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, pass_last_set_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"pass_can_change_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, pass_can_change_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"pass_must_change_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, pass_must_change_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"full_name", 1, sizeof(char), offsetof(struct user_sub_structure, full_name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"home_dir", 1, sizeof(char), offsetof(struct user_sub_structure, home_dir), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"dir_drive", 1, sizeof(char), offsetof(struct user_sub_structure, dir_drive), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"logon_script", 1, sizeof(char), offsetof(struct user_sub_structure, logon_script), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"profile_path", 1, sizeof(char), offsetof(struct user_sub_structure, profile_path), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"workstations", 1, sizeof(char), offsetof(struct user_sub_structure, workstations), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"unknown_str", 1, sizeof(char), offsetof(struct user_sub_structure, unknown_str), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"munged_dial", 1, sizeof(char), offsetof(struct user_sub_structure, munged_dial), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"lm_pw", 0, sizeof(DATA_BLOB), offsetof(struct user_sub_structure, lm_pw), 0, NULL, 0, gen_dump_DATA_BLOB, gen_parse_DATA_BLOB}, -{"nt_pw", 0, sizeof(DATA_BLOB), offsetof(struct user_sub_structure, nt_pw), 0, NULL, 0, gen_dump_DATA_BLOB, gen_parse_DATA_BLOB}, -{"acct_ctrl", 0, sizeof(uint16), offsetof(struct user_sub_structure, acct_ctrl), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"logon_divs", 0, sizeof(uint16), offsetof(struct user_sub_structure, logon_divs), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"hours_len", 0, sizeof(uint32), offsetof(struct user_sub_structure, hours_len), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"hours", 1, sizeof(uint8), offsetof(struct user_sub_structure, hours), 0, "hours_len", 0, gen_dump_uint8, gen_parse_uint8}, -{"bad_password_count", 0, sizeof(uint16), offsetof(struct user_sub_structure, bad_password_count), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"logon_count", 0, sizeof(uint16), offsetof(struct user_sub_structure, logon_count), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"unknown_3", 0, sizeof(uint32), offsetof(struct user_sub_structure, unknown_3), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"unknown_6", 0, sizeof(uint32), offsetof(struct user_sub_structure, unknown_6), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -int gen_dump_struct_user_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_user_sub_structure, p, ptr, indent); -} -int gen_parse_struct_user_sub_structure(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_user_sub_structure, ptr, str); -} - -int gen_dump_struct_tdbsam2_user_data(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_tdbsam2_user_data(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_tdbsam2_user_data[] = { -{"mem_ctx", 1, sizeof(TALLOC_CTX), offsetof(struct tdbsam2_user_data, mem_ctx), 0, NULL, 0, gen_dump_TALLOC_CTX, gen_parse_TALLOC_CTX}, -{"type", 0, sizeof(uint32), offsetof(struct tdbsam2_user_data, type), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"version", 0, sizeof(uint32), offsetof(struct tdbsam2_user_data, version), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"xcounter", 0, sizeof(uint32), offsetof(struct tdbsam2_user_data, xcounter), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"sec_desc", 1, sizeof(SEC_DESC), offsetof(struct tdbsam2_user_data, sec_desc), 0, NULL, 0, gen_dump_SEC_DESC, gen_parse_SEC_DESC}, -{"user_sid", 1, sizeof(DOM_SID), offsetof(struct tdbsam2_user_data, user_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"name", 1, sizeof(char), offsetof(struct tdbsam2_user_data, name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"description", 1, sizeof(char), offsetof(struct tdbsam2_user_data, description), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"uss", 1, sizeof(struct user_sub_structure), offsetof(struct tdbsam2_user_data, uss), 0, NULL, 0, gen_dump_struct_user_sub_structure, gen_parse_struct_user_sub_structure}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -int gen_dump_struct_tdbsam2_user_data(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_tdbsam2_user_data, p, ptr, indent); -} -int gen_parse_struct_tdbsam2_user_data(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_tdbsam2_user_data, ptr, str); -} - -int gen_dump_struct_group_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_group_sub_structure(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_group_sub_structure[] = { -{"count", 0, sizeof(uint32), offsetof(struct group_sub_structure, count), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"members", 1, sizeof(DOM_SID), offsetof(struct group_sub_structure, members), 0, "count", 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -int gen_dump_struct_group_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_group_sub_structure, p, ptr, indent); -} -int gen_parse_struct_group_sub_structure(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_group_sub_structure, ptr, str); -} - -int gen_dump_struct_tdbsam2_group_data(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_tdbsam2_group_data(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_tdbsam2_group_data[] = { -{"mem_ctx", 1, sizeof(TALLOC_CTX), offsetof(struct tdbsam2_group_data, mem_ctx), 0, NULL, 0, gen_dump_TALLOC_CTX, gen_parse_TALLOC_CTX}, -{"type", 0, sizeof(uint32), offsetof(struct tdbsam2_group_data, type), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"version", 0, sizeof(uint32), offsetof(struct tdbsam2_group_data, version), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"xcounter", 0, sizeof(uint32), offsetof(struct tdbsam2_group_data, xcounter), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"sec_desc", 1, sizeof(SEC_DESC), offsetof(struct tdbsam2_group_data, sec_desc), 0, NULL, 0, gen_dump_SEC_DESC, gen_parse_SEC_DESC}, -{"group_sid", 1, sizeof(DOM_SID), offsetof(struct tdbsam2_group_data, group_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"name", 1, sizeof(char), offsetof(struct tdbsam2_group_data, name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"description", 1, sizeof(char), offsetof(struct tdbsam2_group_data, description), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"gss", 1, sizeof(struct group_sub_structure), offsetof(struct tdbsam2_group_data, gss), 0, NULL, 0, gen_dump_struct_group_sub_structure, gen_parse_struct_group_sub_structure}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -int gen_dump_struct_tdbsam2_group_data(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_tdbsam2_group_data, p, ptr, indent); -} -int gen_parse_struct_tdbsam2_group_data(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_tdbsam2_group_data, ptr, str); -} - -int gen_dump_struct_priv_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_priv_sub_structure(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_priv_sub_structure[] = { -{"privilege", 1, sizeof(LUID_ATTR), offsetof(struct priv_sub_structure, privilege), 0, NULL, 0, gen_dump_LUID_ATTR, gen_parse_LUID_ATTR}, -{"count", 0, sizeof(uint32), offsetof(struct priv_sub_structure, count), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"members", 1, sizeof(DOM_SID), offsetof(struct priv_sub_structure, members), 0, "count", 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -int gen_dump_struct_priv_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_priv_sub_structure, p, ptr, indent); -} -int gen_parse_struct_priv_sub_structure(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_priv_sub_structure, ptr, str); -} - -int gen_dump_struct_tdbsam2_priv_data(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_tdbsam2_priv_data(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_tdbsam2_priv_data[] = { -{"mem_ctx", 1, sizeof(TALLOC_CTX), offsetof(struct tdbsam2_priv_data, mem_ctx), 0, NULL, 0, gen_dump_TALLOC_CTX, gen_parse_TALLOC_CTX}, -{"type", 0, sizeof(uint32), offsetof(struct tdbsam2_priv_data, type), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"version", 0, sizeof(uint32), offsetof(struct tdbsam2_priv_data, version), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"xcounter", 0, sizeof(uint32), offsetof(struct tdbsam2_priv_data, xcounter), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"null_sid", 1, sizeof(DOM_SID), offsetof(struct tdbsam2_priv_data, null_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"name", 1, sizeof(char), offsetof(struct tdbsam2_priv_data, name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"description", 1, sizeof(char), offsetof(struct tdbsam2_priv_data, description), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"pss", 1, sizeof(struct priv_sub_structure), offsetof(struct tdbsam2_priv_data, pss), 0, NULL, 0, gen_dump_struct_priv_sub_structure, gen_parse_struct_priv_sub_structure}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -int gen_dump_struct_tdbsam2_priv_data(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_tdbsam2_priv_data, p, ptr, indent); -} -int gen_parse_struct_tdbsam2_priv_data(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_tdbsam2_priv_data, ptr, str); -} - diff --git a/source3/lib/domain_namemap.c b/source3/lib/domain_namemap.c deleted file mode 100644 index 988f5e5d65..0000000000 --- a/source3/lib/domain_namemap.c +++ /dev/null @@ -1,1317 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Groupname handling - Copyright (C) Jeremy Allison 1998. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/* - * UNIX gid and Local or Domain SID resolution. This module resolves - * only those entries in the map files, it is *NOT* responsible for - * resolving UNIX groups not listed: that is an entirely different - * matter, altogether... - */ - -/* - * - * - - format of the file is: - - unixname NT Group name - unixname Domain Admins (well-known Domain Group) - unixname DOMAIN_NAME\NT Group name - unixname OTHER_DOMAIN_NAME\NT Group name - unixname DOMAIN_NAME\Domain Admins (well-known Domain Group) - .... - - if the DOMAIN_NAME\ component is left off, then your own domain is assumed. - - * - * - */ - - -#include "includes.h" -extern int DEBUGLEVEL; - -extern fstring global_myworkgroup; -extern DOM_SID global_member_sid; -extern fstring global_sam_name; -extern DOM_SID global_sam_sid; -extern DOM_SID global_sid_S_1_5_20; - -/******************************************************************* - converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uid_t pwdb_user_rid_to_uid(uint32 user_rid) -{ - return ((user_rid & (~RID_TYPE_USER))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_group_rid_to_gid(uint32 group_rid) -{ - return ((group_rid & (~RID_TYPE_GROUP))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Alias RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_alias_rid_to_gid(uint32 alias_rid) -{ - return ((alias_rid & (~RID_TYPE_ALIAS))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_gid_to_group_rid(uint32 gid) -{ - uint32 grp_rid = ((((gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_GROUP); - return grp_rid; -} - -/****************************************************************** - converts UNIX gid to an NT Alias RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_gid_to_alias_rid(uint32 gid) -{ - uint32 alias_rid = ((((gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_ALIAS); - return alias_rid; -} - -/******************************************************************* - converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_uid_to_user_rid(uint32 uid) -{ - uint32 user_rid = ((((uid)*RID_MULTIPLIER) + 1000) | RID_TYPE_USER); - return user_rid; -} - -/****************************************************************** - converts SID + SID_NAME_USE type to a UNIX id. the Domain SID is, - and can only be, our own SID. - ********************************************************************/ -static BOOL pwdb_sam_sid_to_unixid(DOM_SID *sid, uint8 type, uint32 *id) -{ - DOM_SID tmp_sid; - uint32 rid; - - sid_copy(&tmp_sid, sid); - sid_split_rid(&tmp_sid, &rid); - if (!sid_equal(&global_sam_sid, &tmp_sid)) - { - return False; - } - - switch (type) - { - case SID_NAME_USER: - { - *id = pwdb_user_rid_to_uid(rid); - return True; - } - case SID_NAME_ALIAS: - { - *id = pwdb_alias_rid_to_gid(rid); - return True; - } - case SID_NAME_DOM_GRP: - case SID_NAME_WKN_GRP: - { - *id = pwdb_group_rid_to_gid(rid); - return True; - } - } - return False; -} - -/****************************************************************** - converts UNIX gid + SID_NAME_USE type to a SID. the Domain SID is, - and can only be, our own SID. - ********************************************************************/ -static BOOL pwdb_unixid_to_sam_sid(uint32 id, uint8 type, DOM_SID *sid) -{ - sid_copy(sid, &global_sam_sid); - switch (type) - { - case SID_NAME_USER: - { - sid_append_rid(sid, pwdb_uid_to_user_rid(id)); - return True; - } - case SID_NAME_ALIAS: - { - sid_append_rid(sid, pwdb_gid_to_alias_rid(id)); - return True; - } - case SID_NAME_DOM_GRP: - case SID_NAME_WKN_GRP: - { - sid_append_rid(sid, pwdb_gid_to_group_rid(id)); - return True; - } - } - return False; -} - -/******************************************************************* - Decides if a RID is a well known RID. - ********************************************************************/ -static BOOL pwdb_rid_is_well_known(uint32 rid) -{ - return (rid < 1000); -} - -/******************************************************************* - determines a rid's type. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_rid_type(uint32 rid) -{ - /* lkcl i understand that NT attaches an enumeration to a RID - * such that it can be identified as either a user, group etc - * type: SID_ENUM_TYPE. - */ - if (pwdb_rid_is_well_known(rid)) - { - /* - * The only well known user RIDs are DOMAIN_USER_RID_ADMIN - * and DOMAIN_USER_RID_GUEST. - */ - if (rid == DOMAIN_USER_RID_ADMIN || rid == DOMAIN_USER_RID_GUEST) - { - return RID_TYPE_USER; - } - if (DOMAIN_GROUP_RID_ADMINS <= rid && rid <= DOMAIN_GROUP_RID_GUESTS) - { - return RID_TYPE_GROUP; - } - if (BUILTIN_ALIAS_RID_ADMINS <= rid && rid <= BUILTIN_ALIAS_RID_REPLICATOR) - { - return RID_TYPE_ALIAS; - } - } - return (rid & RID_TYPE_MASK); -} - -/******************************************************************* - checks whether rid is a user rid. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -BOOL pwdb_rid_is_user(uint32 rid) -{ - return pwdb_rid_type(rid) == RID_TYPE_USER; -} - -/************************************************************************** - Groupname map functionality. The code loads a groupname map file and - (currently) loads it into a linked list. This is slow and memory - hungry, but can be changed into a more efficient storage format - if the demands on it become excessive. -***************************************************************************/ - -typedef struct name_map -{ - ubi_slNode next; - DOM_NAME_MAP grp; - -} name_map_entry; - -static ubi_slList groupname_map_list; -static ubi_slList aliasname_map_list; -static ubi_slList ntusrname_map_list; - -static void delete_name_entry(name_map_entry *gmep) -{ - if (gmep->grp.nt_name) - { - free(gmep->grp.nt_name); - } - if (gmep->grp.nt_domain) - { - free(gmep->grp.nt_domain); - } - if (gmep->grp.unix_name) - { - free(gmep->grp.unix_name); - } - free((char*)gmep); -} - -/************************************************************************** - Delete all the entries in the name map list. -***************************************************************************/ - -static void delete_map_list(ubi_slList *map_list) -{ - name_map_entry *gmep; - - while ((gmep = (name_map_entry *)ubi_slRemHead(map_list )) != NULL) - { - delete_name_entry(gmep); - } -} - - -/************************************************************************** - makes a group sid out of a domain sid and a _unix_ gid. -***************************************************************************/ -static BOOL make_mydomain_sid(DOM_NAME_MAP *grp, DOM_MAP_TYPE type) -{ - int ret = False; - fstring sid_str; - - if (!map_domain_name_to_sid(&grp->sid, &(grp->nt_domain))) - { - DEBUG(0,("make_mydomain_sid: unknown domain %s\n", - grp->nt_domain)); - return False; - } - - if (sid_equal(&grp->sid, &global_sid_S_1_5_20)) - { - /* - * only builtin aliases are recognised in S-1-5-20 - */ - DEBUG(10,("make_mydomain_sid: group %s in builtin domain\n", - grp->nt_name)); - - if (lookup_builtin_alias_name(grp->nt_name, "BUILTIN", &grp->sid, &grp->type) != 0x0) - { - DEBUG(0,("unix group %s mapped to an unrecognised BUILTIN domain name %s\n", - grp->unix_name, grp->nt_name)); - return False; - } - ret = True; - } - else if (lookup_wk_user_name(grp->nt_name, grp->nt_domain, &grp->sid, &grp->type) == 0x0) - { - if (type != DOM_MAP_USER) - { - DEBUG(0,("well-known NT user %s\\%s listed in wrong map file\n", - grp->nt_domain, grp->nt_name)); - return False; - } - ret = True; - } - else if (lookup_wk_group_name(grp->nt_name, grp->nt_domain, &grp->sid, &grp->type) == 0x0) - { - if (type != DOM_MAP_DOMAIN) - { - DEBUG(0,("well-known NT group %s\\%s listed in wrong map file\n", - grp->nt_domain, grp->nt_name)); - return False; - } - ret = True; - } - else - { - switch (type) - { - case DOM_MAP_USER: - { - grp->type = SID_NAME_USER; - break; - } - case DOM_MAP_DOMAIN: - { - grp->type = SID_NAME_DOM_GRP; - break; - } - case DOM_MAP_LOCAL: - { - grp->type = SID_NAME_ALIAS; - break; - } - } - - ret = pwdb_unixid_to_sam_sid(grp->unix_id, grp->type, &grp->sid); - } - - sid_to_string(sid_str, &grp->sid); - DEBUG(10,("nt name %s\\%s gid %d mapped to %s\n", - grp->nt_domain, grp->nt_name, grp->unix_id, sid_str)); - return ret; -} - -/************************************************************************** - makes a group sid out of an nt domain, nt group name or a unix group name. -***************************************************************************/ -static BOOL unix_name_to_nt_name_info(DOM_NAME_MAP *map, DOM_MAP_TYPE type) -{ - /* - * Attempt to get the unix gid_t for this name. - */ - - DEBUG(5,("unix_name_to_nt_name_info: unix_name:%s\n", map->unix_name)); - - if (type == DOM_MAP_USER) - { - const struct passwd *pwptr = Get_Pwnam(map->unix_name, False); - if (pwptr == NULL) - { - DEBUG(0,("unix_name_to_nt_name_info: Get_Pwnam for user %s\ -failed. Error was %s.\n", map->unix_name, strerror(errno) )); - return False; - } - - map->unix_id = (uint32)pwptr->pw_uid; - } - else - { - struct group *gptr = getgrnam(map->unix_name); - if (gptr == NULL) - { - DEBUG(0,("unix_name_to_nt_name_info: getgrnam for group %s\ -failed. Error was %s.\n", map->unix_name, strerror(errno) )); - return False; - } - - map->unix_id = (uint32)gptr->gr_gid; - } - - DEBUG(5,("unix_name_to_nt_name_info: unix gid:%d\n", map->unix_id)); - - /* - * Now map the name to an NT SID+RID. - */ - - if (map->nt_domain != NULL && !strequal(map->nt_domain, global_sam_name)) - { - /* Must add client-call lookup code here, to - * resolve remote domain's sid and the group's rid, - * in that domain. - * - * NOTE: it is _incorrect_ to put code here that assumes - * we are responsible for lookups for foriegn domains' RIDs. - * - * for foriegn domains for which we are *NOT* the PDC, all - * we can be responsible for is the unix gid_t to which - * the foriegn SID+rid maps to, on this _local_ machine. - * we *CANNOT* make any short-cuts or assumptions about - * RIDs in a foriegn domain. - */ - - if (!map_domain_name_to_sid(&map->sid, &(map->nt_domain))) - { - DEBUG(0,("unix_name_to_nt_name_info: no known sid for %s\n", - map->nt_domain)); - return False; - } - } - - return make_mydomain_sid(map, type); -} - -static BOOL make_name_entry(name_map_entry **new_ep, - char *nt_domain, char *nt_group, char *unix_group, - DOM_MAP_TYPE type) -{ - /* - * Create the list entry and add it onto the list. - */ - - DEBUG(5,("make_name_entry:%s,%s,%s\n", nt_domain, nt_group, unix_group)); - - (*new_ep) = (name_map_entry *)malloc(sizeof(name_map_entry)); - if ((*new_ep) == NULL) - { - DEBUG(0,("make_name_entry: malloc fail for name_map_entry.\n")); - return False; - } - - ZERO_STRUCTP(*new_ep); - - (*new_ep)->grp.nt_name = strdup(nt_group ); - (*new_ep)->grp.nt_domain = strdup(nt_domain ); - (*new_ep)->grp.unix_name = strdup(unix_group); - - if ((*new_ep)->grp.nt_name == NULL || - (*new_ep)->grp.unix_name == NULL) - { - DEBUG(0,("make_name_entry: malloc fail for names in name_map_entry.\n")); - delete_name_entry((*new_ep)); - return False; - } - - /* - * look up the group names, make the Group-SID and unix gid - */ - - if (!unix_name_to_nt_name_info(&(*new_ep)->grp, type)) - { - delete_name_entry((*new_ep)); - return False; - } - - return True; -} - -/************************************************************************** - Load a name map file. Sets last accessed timestamp. -***************************************************************************/ -static ubi_slList *load_name_map(DOM_MAP_TYPE type) -{ - static time_t groupmap_file_last_modified = (time_t)0; - static time_t aliasmap_file_last_modified = (time_t)0; - static time_t ntusrmap_file_last_modified = (time_t)0; - static BOOL initialised_group = False; - static BOOL initialised_alias = False; - static BOOL initialised_ntusr = False; - char *groupname_map_file = lp_groupname_map(); - char *aliasname_map_file = lp_aliasname_map(); - char *ntusrname_map_file = lp_ntusrname_map(); - - FILE *fp; - char *s; - pstring buf; - name_map_entry *new_ep; - - time_t *file_last_modified = NULL; - int *initialised = NULL; - char *map_file = NULL; - ubi_slList *map_list = NULL; - - switch (type) - { - case DOM_MAP_DOMAIN: - { - file_last_modified = &groupmap_file_last_modified; - initialised = &initialised_group; - map_file = groupname_map_file; - map_list = &groupname_map_list; - - break; - } - case DOM_MAP_LOCAL: - { - file_last_modified = &aliasmap_file_last_modified; - initialised = &initialised_alias; - map_file = aliasname_map_file; - map_list = &aliasname_map_list; - - break; - } - case DOM_MAP_USER: - { - file_last_modified = &ntusrmap_file_last_modified; - initialised = &initialised_ntusr; - map_file = ntusrname_map_file; - map_list = &ntusrname_map_list; - - break; - } - } - - if (!(*initialised)) - { - DEBUG(10,("initialising map %s\n", map_file)); - ubi_slInitList(map_list); - (*initialised) = True; - } - - if (!*map_file) - { - return map_list; - } - - /* - * Load the file. - */ - - fp = open_file_if_modified(map_file, "r", file_last_modified); - if (!fp) - { - return map_list; - } - - /* - * Throw away any previous list. - */ - delete_map_list(map_list); - - DEBUG(4,("load_name_map: Scanning name map %s\n",map_file)); - - while ((s = fgets_slash(buf, sizeof(buf), fp)) != NULL) - { - pstring unixname; - pstring nt_name; - fstring nt_domain; - fstring ntname; - char *p; - - DEBUG(10,("Read line |%s|\n", s)); - - memset(nt_name, 0, sizeof(nt_name)); - - if (!*s || strchr("#;",*s)) - continue; - - if (!next_token(&s,unixname, "\t\n\r=", sizeof(unixname))) - continue; - - if (!next_token(&s,nt_name, "\t\n\r=", sizeof(nt_name))) - continue; - - trim_string(unixname, " ", " "); - trim_string(nt_name, " ", " "); - - if (!*nt_name) - continue; - - if (!*unixname) - continue; - - p = strchr(nt_name, '\\'); - - if (p == NULL) - { - memset(nt_domain, 0, sizeof(nt_domain)); - fstrcpy(ntname, nt_name); - } - else - { - *p = 0; - p++; - fstrcpy(nt_domain, nt_name); - fstrcpy(ntname , p); - } - - if (make_name_entry(&new_ep, nt_domain, ntname, unixname, type)) - { - ubi_slAddTail(map_list, (ubi_slNode *)new_ep); - DEBUG(5,("unixname = %s, ntname = %s\\%s type = %d\n", - new_ep->grp.unix_name, - new_ep->grp.nt_domain, - new_ep->grp.nt_name, - new_ep->grp.type)); - } - } - - DEBUG(10,("load_name_map: Added %ld entries to name map.\n", - ubi_slCount(map_list))); - - fclose(fp); - - return map_list; -} - -static void copy_grp_map_entry(DOM_NAME_MAP *grp, const DOM_NAME_MAP *from) -{ - sid_copy(&grp->sid, &from->sid); - grp->unix_id = from->unix_id; - grp->nt_name = from->nt_name; - grp->nt_domain = from->nt_domain; - grp->unix_name = from->unix_name; - grp->type = from->type; -} - -#if 0 -/*********************************************************** - Lookup unix name. -************************************************************/ -static BOOL map_unixname(DOM_MAP_TYPE type, - char *unixname, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (strequal(gmep->grp.unix_name, unixname)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_unixname: Mapping unix name %s to nt group %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - -#endif - -/*********************************************************** - Lookup nt name. -************************************************************/ -static BOOL map_ntname(DOM_MAP_TYPE type, char *ntname, char *ntdomain, - DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (strequal(gmep->grp.nt_name , ntname) && - strequal(gmep->grp.nt_domain, ntdomain)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_ntname: Mapping unix name %s to nt name %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - - -/*********************************************************** - Lookup by SID -************************************************************/ -static BOOL map_sid(DOM_MAP_TYPE type, - DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (sid_equal(&gmep->grp.sid, psid)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_sid: Mapping unix name %s to nt name %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - -/*********************************************************** - Lookup by gid_t. -************************************************************/ -static BOOL map_unixid(DOM_MAP_TYPE type, uint32 unix_id, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - fstring sid_str; - sid_to_string(sid_str, &gmep->grp.sid); - DEBUG(10,("map_unixid: enum entry unix group %s %d nt %s %s\n", - gmep->grp.unix_name, gmep->grp.unix_id, gmep->grp.nt_name, sid_str)); - if (gmep->grp.unix_id == unix_id) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_unixid: Mapping unix name %s to nt name %s type %d\n", - gmep->grp.unix_name, gmep->grp.nt_name, gmep->grp.type)); - return True; - } - } - - return False; -} - -/*********************************************************** - * - * Call four functions to resolve unix group ids and either - * local group SIDs or domain group SIDs listed in the local group - * or domain group map files. - * - * Note that it is *NOT* the responsibility of these functions to - * resolve entries that are not in the map files. - * - * Any SID can be in the map files (i.e from any Domain). - * - ***********************************************************/ - -#if 0 - -/*********************************************************** - Lookup a UNIX Group entry by name. -************************************************************/ -BOOL map_unix_group_name(char *group_name, DOM_NAME_MAP *grp_info) -{ - return map_unixname(DOM_MAP_DOMAIN, group_name, grp_info); -} - -/*********************************************************** - Lookup a UNIX Alias entry by name. -************************************************************/ -BOOL map_unix_alias_name(char *alias_name, DOM_NAME_MAP *grp_info) -{ - return map_unixname(DOM_MAP_LOCAL, alias_name, grp_info); -} - -/*********************************************************** - Lookup an Alias name entry -************************************************************/ -BOOL map_nt_alias_name(char *ntalias_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_LOCAL, ntalias_name, nt_domain, grp_info); -} - -/*********************************************************** - Lookup a Group entry -************************************************************/ -BOOL map_nt_group_name(char *ntgroup_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_DOMAIN, ntgroup_name, nt_domain, grp_info); -} - -#endif - -/*********************************************************** - Lookup a Username entry by name. -************************************************************/ -static BOOL map_nt_username(char *nt_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_USER, nt_name, nt_domain, grp_info); -} - -/*********************************************************** - Lookup a Username entry by SID. -************************************************************/ -static BOOL map_username_sid(DOM_SID *sid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_USER, sid, grp_info); -} - -/*********************************************************** - Lookup a Username SID entry by uid. -************************************************************/ -static BOOL map_username_uid(uid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_USER, (uint32)gid, grp_info); -} - -/*********************************************************** - Lookup an Alias SID entry by name. -************************************************************/ -BOOL map_alias_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_LOCAL, psid, grp_info); -} - -/*********************************************************** - Lookup a Group entry by sid. -************************************************************/ -BOOL map_group_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_DOMAIN, psid, grp_info); -} - -/*********************************************************** - Lookup an Alias SID entry by gid_t. -************************************************************/ -static BOOL map_alias_gid(gid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_LOCAL, (uint32)gid, grp_info); -} - -/*********************************************************** - Lookup a Group SID entry by gid_t. -************************************************************/ -static BOOL map_group_gid( gid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_DOMAIN, (uint32)gid, grp_info); -} - - -/************************************************************************ - Routine to look up User details by UNIX name -*************************************************************************/ -BOOL lookupsmbpwnam(const char *unix_usr_name, DOM_NAME_MAP *grp) -{ - uid_t uid; - DEBUG(10,("lookupsmbpwnam: unix user name %s\n", unix_usr_name)); - if (nametouid(unix_usr_name, &uid)) - { - return lookupsmbpwuid(uid, grp); - } - else - { - return False; - } -} - -/************************************************************************ - Routine to look up a remote nt name -*************************************************************************/ -static BOOL lookup_remote_ntname(const char *ntname, DOM_SID *sid, uint8 *type) -{ - struct cli_state cli; - POLICY_HND lsa_pol; - fstring srv_name; - extern struct ntuser_creds *usr_creds; - struct ntuser_creds usr; - - BOOL res3 = True; - BOOL res4 = True; - uint32 num_sids; - DOM_SID *sids; - uint8 *types; - char *names[1]; - - usr_creds = &usr; - - ZERO_STRUCT(usr); - pwd_set_nullpwd(&usr.pwd); - - DEBUG(5,("lookup_remote_ntname: %s\n", ntname)); - - if (!cli_connect_serverlist(&cli, lp_passwordserver())) - { - return False; - } - - names[0] = ntname; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, cli.desthost); - strupper(srv_name); - - /* lookup domain controller; receive a policy handle */ - res3 = res3 ? lsa_open_policy( srv_name, - &lsa_pol, True) : False; - - /* send lsa lookup sids call */ - res4 = res3 ? lsa_lookup_names( &lsa_pol, - 1, names, - &sids, &types, &num_sids) : False; - - res3 = res3 ? lsa_close(&lsa_pol) : False; - - if (res4 && res3 && sids != NULL && types != NULL) - { - sid_copy(sid, &sids[0]); - *type = types[0]; - } - else - { - res3 = False; - } - if (types != NULL) - { - free(types); - } - - if (sids != NULL) - { - free(sids); - } - - return res3 && res4; -} - -/************************************************************************ - Routine to look up a remote nt name -*************************************************************************/ -static BOOL get_sid_and_type(const char *fullntname, uint8 expected_type, - DOM_NAME_MAP *gmep) -{ - /* - * check with the PDC to see if it owns the name. if so, - * the SID is resolved with the PDC database. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - if (lookup_remote_ntname(fullntname, &gmep->sid, &gmep->type)) - { - if (sid_front_equal(&gmep->sid, &global_member_sid) && - strequal(gmep->nt_domain, global_myworkgroup) && - gmep->type == expected_type) - { - return True; - } - return False; - } - } - - /* - * ... otherwise, it's one of ours. map the sid ourselves, - * which can only happen in our own SAM database. - */ - - if (!strequal(gmep->nt_domain, global_sam_name)) - { - return False; - } - if (!pwdb_unixid_to_sam_sid(gmep->unix_id, gmep->type, &gmep->sid)) - { - return False; - } - - return True; -} - -/* - * used by lookup functions below - */ - -static fstring nt_name; -static fstring unix_name; -static fstring nt_domain; - -/************************************************************************* - looks up a uid, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwuid(uid_t uid, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbpwuid: unix uid %d\n", uid)); - if (map_username_uid(uid, gmep)) - { - return True; - } -#if 0 - if (lp_server_role() != ROLE_DOMAIN_NONE) -#endif - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - gmep->unix_id = (uint32)uid; - - /* - * ok, assume it's one of ours. then double-check it - * if we are a member of a domain - */ - - gmep->type = SID_NAME_USER; - fstrcpy(gmep->nt_name, uidtoname(uid)); - fstrcpy(gmep->unix_name, gmep->nt_name); - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - lsa_lookup_names(global_myworkgroup, gmep->nt_name, &gmep->sid...); -#endif - } - - /* - * ok, it's one of ours. - */ - - gmep->nt_domain = global_sam_name; - pwdb_unixid_to_sam_sid(gmep->unix_id, gmep->type, &gmep->sid); - - return True; - } - - /* oops. */ - - return False; -} - -/************************************************************************* - looks up by NT name, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwntnam(const char *fullntname, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbpwntnam: nt user name %s\n", fullntname)); - - if (!split_domain_name(fullntname, nt_domain, nt_name)) - { - return False; - } - - if (map_nt_username(nt_name, nt_domain, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - uid_t uid; - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * ok, it's one of ours. we therefore "create" an nt user named - * after the unix user. this is the point where "appliance mode" - * should get its teeth in, as unix users won't really exist, - * they will only be numbers... - */ - - gmep->type = SID_NAME_USER; - fstrcpy(gmep->unix_name, gmep->nt_name); - if (!nametouid(gmep->unix_name, &uid)) - { - return False; - } - gmep->unix_id = (uint32)uid; - - return get_sid_and_type(fullntname, gmep->type, gmep); - } - - /* oops. */ - - return False; -} - -/************************************************************************* - looks up by RID, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwsid(DOM_SID *sid, DOM_NAME_MAP *gmep) -{ - fstring sid_str; - sid_to_string(sid_str, sid); - DEBUG(10,("lookupsmbpwsid: nt sid %s\n", sid_str)); - - if (map_username_sid(sid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - if (lookup_remote_sid(global_myworkgroup, gmep->sid, gmep->nt_name, gmep->nt_domain...); -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt user named - * after the unix user. this is the point where "appliance mode" - * should get its teeth in, as unix users won't really exist, - * they will only be numbers... - */ - - gmep->type = SID_NAME_USER; - sid_copy(&gmep->sid, sid); - if (!pwdb_sam_sid_to_unixid(&gmep->sid, gmep->type, &gmep->unix_id)) - { - return False; - } - fstrcpy(gmep->nt_name, uidtoname((uid_t)gmep->unix_id)); - fstrcpy(gmep->unix_name, gmep->nt_name); - gmep->nt_domain = global_sam_name; - - return True; - } - - /* oops. */ - - return False; -} - -/************************************************************************ - Routine to look up group / alias / well-known group RID by UNIX name -*************************************************************************/ -BOOL lookupsmbgrpnam(const char *unix_grp_name, DOM_NAME_MAP *grp) -{ - gid_t gid; - DEBUG(10,("lookupsmbgrpnam: unix user group %s\n", unix_grp_name)); - if (nametogid(unix_grp_name, &gid)) - { - return lookupsmbgrpgid(gid, grp); - } - else - { - return False; - } -} - -/************************************************************************* - looks up a SID, returns name map entry -*************************************************************************/ -BOOL lookupsmbgrpsid(DOM_SID *sid, DOM_NAME_MAP *gmep) -{ - fstring sid_str; - sid_to_string(sid_str, sid); - DEBUG(10,("lookupsmbgrpsid: nt sid %s\n", sid_str)); - - if (map_alias_sid(sid, gmep)) - { - return True; - } - if (map_group_sid(sid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - lsa_lookup_sids(global_myworkgroup, gmep->sid, gmep->nt_name, gmep->nt_domain...); -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt group or - * alias name named after the unix group. this is the point - * where "appliance mode" should get its teeth in, as unix - * groups won't really exist, they will only be numbers... - */ - - /* name is not explicitly mapped - * with map files or the PDC - * so we are responsible for it... - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - /* ... as a LOCAL group. */ - gmep->type = SID_NAME_ALIAS; - } - else - { - /* ... as a DOMAIN group. */ - gmep->type = SID_NAME_DOM_GRP; - } - - sid_copy(&gmep->sid, sid); - if (!pwdb_sam_sid_to_unixid(&gmep->sid, gmep->type, &gmep->unix_id)) - { - return False; - } - fstrcpy(gmep->nt_name, gidtoname((gid_t)gmep->unix_id)); - fstrcpy(gmep->unix_name, gmep->nt_name); - gmep->nt_domain = global_sam_name; - - return True; - } - - /* oops */ - return False; -} - -/************************************************************************* - looks up a gid, returns RID and type local, domain or well-known domain group -*************************************************************************/ -BOOL lookupsmbgrpgid(gid_t gid, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbgrpgid: unix gid %d\n", (int)gid)); - if (map_alias_gid(gid, gmep)) - { - return True; - } - if (map_group_gid(gid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - gmep->unix_id = (uint32)gid; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - if (lsa_lookup_names(global_myworkgroup, gmep->nt_name, &gmep->sid...); - { - return True; - } -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt group or - * alias name named after the unix group. this is the point - * where "appliance mode" should get its teeth in, as unix - * groups won't really exist, they will only be numbers... - */ - - /* name is not explicitly mapped - * with map files or the PDC - * so we are responsible for it... - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - /* ... as a LOCAL group. */ - gmep->type = SID_NAME_ALIAS; - } - else - { - /* ... as a DOMAIN group. */ - gmep->type = SID_NAME_DOM_GRP; - } - fstrcpy(gmep->nt_name, gidtoname(gid)); - fstrcpy(gmep->unix_name, gmep->nt_name); - - return get_sid_and_type(gmep->nt_name, gmep->type, gmep); - } - - /* oops */ - return False; -} - diff --git a/source3/lib/genparser.c b/source3/lib/genparser.c deleted file mode 100644 index 7476b5d0af..0000000000 --- a/source3/lib/genparser.c +++ /dev/null @@ -1,783 +0,0 @@ -/* - Copyright (C) Andrew Tridgell <genstruct@tridgell.net> 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/* - automatic marshalling/unmarshalling system for C structures -*/ - -#include "includes.h" - -/* see if a range of memory is all zero. Used to prevent dumping of zero elements */ -static int all_zero(const char *ptr, unsigned size) -{ - int i; - if (!ptr) return 1; - for (i=0;i<size;i++) { - if (ptr[i]) return 0; - } - return 1; -} - -/* encode a buffer of bytes into a escaped string */ -static char *encode_bytes(TALLOC_CTX *mem_ctx, const char *ptr, unsigned len) -{ - const char *hexdig = "0123456789abcdef"; - char *ret, *p; - unsigned i; - ret = talloc(mem_ctx, len*3 + 1); /* worst case size */ - if (!ret) return NULL; - for (p=ret,i=0;i<len;i++) { - if (isalnum(ptr[i]) || isspace(ptr[i]) || - (ispunct(ptr[i]) && !strchr("\\{}", ptr[i]))) { - *p++ = ptr[i]; - } else { - unsigned char c = *(unsigned char *)(ptr+i); - if (c == 0 && all_zero(ptr+i, len-i)) break; - p[0] = '\\'; - p[1] = hexdig[c>>4]; - p[2] = hexdig[c&0xF]; - p += 3; - } - } - - *p = 0; - - return ret; -} - -/* decode an escaped string from encode_bytes() into a buffer */ -static char *decode_bytes(TALLOC_CTX *mem_ctx, const char *s, unsigned *len) -{ - char *ret, *p; - unsigned i; - int slen = strlen(s) + 1; - - ret = talloc(mem_ctx, slen); /* worst case length */ - if (!ret) - return NULL; - memset(ret, 0, slen); - - if (*s == '{') s++; - - for (p=ret,i=0;s[i];i++) { - if (s[i] == '}') { - break; - } else if (s[i] == '\\') { - unsigned v; - if (sscanf(&s[i+1], "%02x", &v) != 1 || v > 255) { - return NULL; - } - *(unsigned char *)p = v; - p++; - i += 2; - } else { - *p++ = s[i]; - } - } - *p = 0; - - (*len) = (unsigned)(p - ret); - - return ret; -} - -/* the add*() functions deal with adding things to a struct - parse_string */ - -/* allocate more space if needed */ -static int addgen_alloc(TALLOC_CTX *mem_ctx, struct parse_string *p, int n) -{ - if (p->length + n <= p->allocated) return 0; - p->allocated = p->length + n + 200; - p->s = talloc_realloc(mem_ctx, p->s, p->allocated); - if (!p->s) { - errno = ENOMEM; - return -1; - } - return 0; -} - -/* add a character to the buffer */ -static int addchar(TALLOC_CTX *mem_ctx, struct parse_string *p, char c) -{ - if (addgen_alloc(mem_ctx, p, 2) != 0) { - return -1; - } - p->s[p->length++] = c; - p->s[p->length] = 0; - return 0; -} - -/* add a string to the buffer */ -int addstr(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *s) -{ - int len = strlen(s); - if (addgen_alloc(mem_ctx, p, len+1) != 0) { - return -1; - } - memcpy(p->s + p->length, s, len+1); - p->length += len; - return 0; -} - -/* add a string to the buffer with a tab prefix */ -static int addtabbed(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *s, unsigned indent) -{ - int len = strlen(s); - if (addgen_alloc(mem_ctx, p, indent+len+1) != 0) { - return -1; - } - while (indent--) { - p->s[p->length++] = '\t'; - } - memcpy(p->s + p->length, s, len+1); - p->length += len; - return 0; -} - -/* note! this can only be used for results up to 60 chars wide! */ -int addshort(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *fmt, ...) -{ - char buf[60]; - int n; - va_list ap; - va_start(ap, fmt); - n = vsnprintf(buf, sizeof(buf), fmt, ap); - va_end(ap); - if (addgen_alloc(mem_ctx, p, n + 1) != 0) { - return -1; - } - if (n != 0) { - memcpy(p->s + p->length, buf, n); - } - p->length += n; - p->s[p->length] = 0; - return 0; -} - -/* - this is here to make it easier for people to write dump functions - for their own types - */ -int gen_addgen(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *fmt, ...) -{ - char *buf = NULL; - int n; - va_list ap; - va_start(ap, fmt); - n = vasprintf(&buf, fmt, ap); - va_end(ap); - if (addgen_alloc(mem_ctx, p, n + 1) != 0) { - if (buf) free(buf); - return -1; - } - if (n != 0) { - memcpy(p->s + p->length, buf, n); - } - p->length += n; - p->s[p->length] = 0; - if (buf) free(buf); - return 0; -} - -/* dump a enumerated type */ -int gen_dump_enum(TALLOC_CTX *mem_ctx, - const struct enum_struct *einfo, - struct parse_string *p, - const char *ptr, - unsigned indent) -{ - unsigned v = *(unsigned *)ptr; - int i; - for (i=0;einfo[i].name;i++) { - if (v == einfo[i].value) { - addstr(mem_ctx, p, einfo[i].name); - return 0; - } - } - /* hmm, maybe we should just fail? */ - return gen_dump_unsigned(mem_ctx, p, ptr, indent); -} - -/* dump a single non-array element, hanlding struct and enum */ -static int gen_dump_one(TALLOC_CTX *mem_ctx, - struct parse_string *p, - const struct parse_struct *pinfo, - const char *ptr, - unsigned indent) -{ - if (pinfo->dump_fn == gen_dump_char && pinfo->ptr_count == 1) { - char *s = encode_bytes(mem_ctx, ptr, strlen(ptr)); - if (addchar(mem_ctx, p,'{') || - addstr(mem_ctx, p, s) || - addstr(mem_ctx, p, "}")) { - return -1; - } - return 0; - } - - return pinfo->dump_fn(mem_ctx, p, ptr, indent); -} - -/* handle dumping of an array of arbitrary type */ -static int gen_dump_array(TALLOC_CTX *mem_ctx, - struct parse_string *p, - const struct parse_struct *pinfo, - const char *ptr, - int array_len, - int indent) -{ - int i, count=0; - - /* special handling of fixed length strings */ - if (array_len != 0 && - pinfo->ptr_count == 0 && - pinfo->dump_fn == gen_dump_char) { - char *s = encode_bytes(mem_ctx, ptr, array_len); - if (!s) return -1; - if (addtabbed(mem_ctx, p, pinfo->name, indent) || - addstr(mem_ctx, p, " = {") || - addstr(mem_ctx, p, s) || - addstr(mem_ctx, p, "}\n")) { - return -1; - } - return 0; - } - - for (i=0;i<array_len;i++) { - const char *p2 = ptr; - unsigned size = pinfo->size; - - /* generic pointer dereference */ - if (pinfo->ptr_count) { - p2 = *(const char **)ptr; - size = sizeof(void *); - } - - if ((count || pinfo->ptr_count) && - !(pinfo->flags & FLAG_ALWAYS) && - all_zero(ptr, size)) { - ptr += size; - continue; - } - if (count == 0) { - if (addtabbed(mem_ctx, p, pinfo->name, indent) || - addshort(mem_ctx, p, " = %u:", i)) { - return -1; - } - } else { - if (addshort(mem_ctx, p, ", %u:", i) != 0) { - return -1; - } - } - if (gen_dump_one(mem_ctx, p, pinfo, p2, indent) != 0) { - return -1; - } - ptr += size; - count++; - } - if (count) { - return addstr(mem_ctx, p, "\n"); - } - return 0; -} - -/* find a variable by name in a loaded structure and return its value - as an integer. Used to support dynamic arrays */ -static int find_var(const struct parse_struct *pinfo, - const char *data, - const char *var) -{ - int i; - const char *ptr; - - /* this allows for constant lengths */ - if (isdigit(*var)) { - return atoi(var); - } - - for (i=0;pinfo[i].name;i++) { - if (strcmp(pinfo[i].name, var) == 0) break; - } - if (!pinfo[i].name) return -1; - - ptr = data + pinfo[i].offset; - - switch (pinfo[i].size) { - case sizeof(int): - return *(int *)ptr; - case sizeof(char): - return *(char *)ptr; - } - - return -1; -} - - -int gen_dump_struct(TALLOC_CTX *mem_ctx, - const struct parse_struct *pinfo, - struct parse_string *p, - const char *ptr, - unsigned indent) -{ - char *s = gen_dump(mem_ctx, pinfo, ptr, indent+1); - if (!s) return -1; - if (addstr(mem_ctx, p, "{\n") || - addstr(mem_ctx, p, s) || - addtabbed(mem_ctx, p, "}", indent)) { - return -1; - } - return 0; -} - -static int gen_dump_string(TALLOC_CTX *mem_ctx, - struct parse_string *p, - const struct parse_struct *pinfo, - const char *data, - unsigned indent) -{ - const char *ptr = *(char **)data; - char *s = encode_bytes(mem_ctx, ptr, strlen(ptr)); - if (addtabbed(mem_ctx, p, pinfo->name, indent) || - addstr(mem_ctx, p, " = ") || - addchar(mem_ctx, p, '{') || - addstr(mem_ctx, p, s) || - addstr(mem_ctx, p, "}\n")) { - return -1; - } - return 0; -} - -/* - find the length of a nullterm array -*/ -static int len_nullterm(const char *ptr, int size, int array_len) -{ - int len; - - if (size == 1) { - len = strnlen(ptr, array_len); - } else { - for (len=0; len < array_len; len++) { - if (all_zero(ptr+len*size, size)) break; - } - } - - if (len == 0) len = 1; - - return len; -} - - -/* the generic dump routine. Scans the parse information for this structure - and processes it recursively */ -char *gen_dump(TALLOC_CTX *mem_ctx, - const struct parse_struct *pinfo, - const char *data, - unsigned indent) -{ - struct parse_string p; - int i; - - p.length = 0; - p.allocated = 0; - p.s = NULL; - - if (addstr(mem_ctx, &p, "") != 0) { - return NULL; - } - - for (i=0;pinfo[i].name;i++) { - const char *ptr = data + pinfo[i].offset; - unsigned size = pinfo[i].size; - - if (pinfo[i].ptr_count) { - size = sizeof(void *); - } - - /* special handling for array types */ - if (pinfo[i].array_len) { - unsigned len = pinfo[i].array_len; - if (pinfo[i].flags & FLAG_NULLTERM) { - len = len_nullterm(ptr, size, len); - } - if (gen_dump_array(mem_ctx, &p, &pinfo[i], ptr, - len, indent)) { - goto failed; - } - continue; - } - - /* and dynamically sized arrays */ - if (pinfo[i].dynamic_len) { - int len = find_var(pinfo, data, pinfo[i].dynamic_len); - struct parse_struct p2 = pinfo[i]; - if (len < 0) { - goto failed; - } - if (len > 0) { - if (pinfo[i].flags & FLAG_NULLTERM) { - len = len_nullterm(*(char **)ptr, - pinfo[i].size, len); - } - p2.ptr_count--; - p2.dynamic_len = NULL; - if (gen_dump_array(mem_ctx, &p, &p2, - *(char **)ptr, - len, indent) != 0) { - goto failed; - } - } - continue; - } - - /* don't dump zero elements */ - if (!(pinfo[i].flags & FLAG_ALWAYS) && all_zero(ptr, size)) continue; - - /* assume char* is a null terminated string */ - if (pinfo[i].size == 1 && pinfo[i].ptr_count == 1 && - pinfo[i].dump_fn == gen_dump_char) { - if (gen_dump_string(mem_ctx, &p, &pinfo[i], ptr, indent) != 0) { - goto failed; - } - continue; - } - - /* generic pointer dereference */ - if (pinfo[i].ptr_count) { - ptr = *(const char **)ptr; - } - - if (addtabbed(mem_ctx, &p, pinfo[i].name, indent) || - addstr(mem_ctx, &p, " = ") || - gen_dump_one(mem_ctx, &p, &pinfo[i], ptr, indent) || - addstr(mem_ctx, &p, "\n")) { - goto failed; - } - } - return p.s; - -failed: - return NULL; -} - -/* search for a character in a string, skipping over sections within - matching braces */ -static char *match_braces(char *s, char c) -{ - int depth = 0; - while (*s) { - switch (*s) { - case '}': - depth--; - break; - case '{': - depth++; - break; - } - if (depth == 0 && *s == c) { - return s; - } - s++; - } - return s; -} - -/* parse routine for enumerated types */ -int gen_parse_enum(TALLOC_CTX *mem_ctx, - const struct enum_struct *einfo, - char *ptr, - const char *str) -{ - unsigned v; - int i; - - if (isdigit(*str)) { - if (sscanf(str, "%u", &v) != 1) { - errno = EINVAL; - return -1; - } - *(unsigned *)ptr = v; - return 0; - } - - for (i=0;einfo[i].name;i++) { - if (strcmp(einfo[i].name, str) == 0) { - *(unsigned *)ptr = einfo[i].value; - return 0; - } - } - - /* unknown enum value?? */ - return -1; -} - - -/* parse all base types */ -static int gen_parse_base(TALLOC_CTX *mem_ctx, - const struct parse_struct *pinfo, - char *ptr, - const char *str) -{ - if (pinfo->parse_fn == gen_parse_char && pinfo->ptr_count==1) { - unsigned len; - char *s = decode_bytes(mem_ctx, str, &len); - if (!s) return -1; - *(char **)ptr = s; - return 0; - } - - if (pinfo->ptr_count) { - unsigned size = pinfo->ptr_count>1?sizeof(void *):pinfo->size; - struct parse_struct p2 = *pinfo; - *(void **)ptr = talloc(mem_ctx, size); - if (! *(void **)ptr) { - return -1; - } - memset(*(void **)ptr, 0, size); - ptr = *(char **)ptr; - p2.ptr_count--; - return gen_parse_base(mem_ctx, &p2, ptr, str); - } - - return pinfo->parse_fn(mem_ctx, ptr, str); -} - -/* parse a generic array */ -static int gen_parse_array(TALLOC_CTX *mem_ctx, - const struct parse_struct *pinfo, - char *ptr, - const char *str, - int array_len) -{ - char *p, *p2; - unsigned size = pinfo->size; - - /* special handling of fixed length strings */ - if (array_len != 0 && - pinfo->ptr_count == 0 && - pinfo->dump_fn == gen_dump_char) { - unsigned len = 0; - char *s = decode_bytes(mem_ctx, str, &len); - if (!s || (len > array_len)) return -1; - memset(ptr, 0, array_len); - memcpy(ptr, s, len); - return 0; - } - - if (pinfo->ptr_count) { - size = sizeof(void *); - } - - while (*str) { - unsigned idx; - int done; - - idx = atoi(str); - p = strchr(str,':'); - if (!p) break; - p++; - p2 = match_braces(p, ','); - done = (*p2 != ','); - *p2 = 0; - - if (*p == '{') { - p++; - p[strlen(p)-1] = 0; - } - - if (gen_parse_base(mem_ctx, pinfo, ptr + idx*size, p) != 0) { - return -1; - } - - if (done) break; - str = p2+1; - } - - return 0; -} - -/* parse one element, hanlding dynamic and static arrays */ -static int gen_parse_one(TALLOC_CTX *mem_ctx, - const struct parse_struct *pinfo, - const char *name, - char *data, - const char *str) -{ - int i; - for (i=0;pinfo[i].name;i++) { - if (strcmp(pinfo[i].name, name) == 0) { - break; - } - } - if (pinfo[i].name == NULL) { - return 0; - } - - if (pinfo[i].array_len) { - return gen_parse_array(mem_ctx, &pinfo[i], - data+pinfo[i].offset, - str, pinfo[i].array_len); - } - - if (pinfo[i].dynamic_len) { - int len = find_var(pinfo, data, pinfo[i].dynamic_len); - if (len < 0) { - errno = EINVAL; - return -1; - } - if (len > 0) { - struct parse_struct p2 = pinfo[i]; - char *ptr; - unsigned size = pinfo[i].ptr_count>1?sizeof(void*):pinfo[i].size; - ptr = talloc(mem_ctx, len*size); - if (!ptr) { - errno = ENOMEM; - return -1; - } - memset(ptr, 0, len*size); - *((char **)(data + pinfo[i].offset)) = ptr; - p2.ptr_count--; - p2.dynamic_len = NULL; - return gen_parse_array(mem_ctx, &p2, ptr, str, len); - } - return 0; - } - - return gen_parse_base(mem_ctx, &pinfo[i], data + pinfo[i].offset, str); -} - -int gen_parse_struct(TALLOC_CTX * mem_ctx, const struct parse_struct *pinfo, char *ptr, const char *str) -{ - return gen_parse(mem_ctx, pinfo, ptr, str); -} - -/* the main parse routine */ -int gen_parse(TALLOC_CTX *mem_ctx, const struct parse_struct *pinfo, char *data, const char *s) -{ - char *str, *s0; - - s0 = talloc_strdup(mem_ctx, s); - str = s0; - - while (*str) { - char *p; - char *name; - char *value; - - /* skip leading whitespace */ - while (isspace(*str)) str++; - - p = strchr(str, '='); - if (!p) break; - value = p+1; - while (p > str && isspace(*(p-1))) { - p--; - } - - *p = 0; - name = str; - - while (isspace(*value)) value++; - - if (*value == '{') { - str = match_braces(value, '}'); - value++; - } else { - str = match_braces(value, '\n'); - } - - *str++ = 0; - - if (gen_parse_one(mem_ctx, pinfo, name, data, value) != 0) { - return -1; - } - } - - return 0; -} - - - -/* for convenience supply some standard dumpers and parsers here */ - -int gen_parse_char(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(unsigned char *)ptr = atoi(str); - return 0; -} - -int gen_parse_int(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(int *)ptr = atoi(str); - return 0; -} - -int gen_parse_unsigned(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(unsigned *)ptr = strtoul(str, NULL, 10); - return 0; -} - -int gen_parse_time_t(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(time_t *)ptr = strtoul(str, NULL, 10); - return 0; -} - -int gen_parse_double(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(double *)ptr = atof(str); - return 0; -} - -int gen_parse_float(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(float *)ptr = atof(str); - return 0; -} - -int gen_dump_char(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(unsigned char *)(ptr)); -} - -int gen_dump_int(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%d", *(int *)(ptr)); -} - -int gen_dump_unsigned(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(unsigned *)(ptr)); -} - -int gen_dump_time_t(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(time_t *)(ptr)); -} - -int gen_dump_double(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%lg", *(double *)(ptr)); -} - -int gen_dump_float(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%g", *(float *)(ptr)); -} diff --git a/source3/lib/genparser_samba.c b/source3/lib/genparser_samba.c deleted file mode 100644 index 7eabf5a56e..0000000000 --- a/source3/lib/genparser_samba.c +++ /dev/null @@ -1,218 +0,0 @@ -/* - Copyright (C) Andrew Tridgell <genstruct@tridgell.net> 2002 - Copyright (C) Simo Sorce <idra@samba.org> 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "genparser_samba.h" - -/* PARSE functions */ - -int gen_parse_uint8(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(uint8 *)ptr = atoi(str); - return 0; -} - -int gen_parse_uint16(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(uint16 *)ptr = atoi(str); - return 0; -} - -int gen_parse_uint32(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(uint32 *)ptr = strtoul(str, NULL, 10); - return 0; -} - -int gen_parse_NTTIME(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - if(sscanf(str, "%u,%u", &(((NTTIME *)(ptr))->high), &(((NTTIME *)(ptr))->low)) != 2) { - errno = EINVAL; - return -1; - } - return 0; -} - -int gen_parse_DOM_SID(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - if(!string_to_sid((DOM_SID *)ptr, str)) return -1; - return 0; -} - -int gen_parse_SEC_ACCESS(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - ((SEC_ACCESS *)ptr)->mask = strtoul(str, NULL, 10); - return 0; -} - -int gen_parse_GUID(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - int info[GUID_SIZE]; - int i; - char *sc; - char *p; - char *m; - - m = strdup(str); - if (!m) return -1; - sc = m; - - memset(info, 0, sizeof(info)); - for (i = 0; i < GUID_SIZE; i++) { - p = strchr(sc, ','); - if (p != NULL) p = '\0'; - info[i] = atoi(sc); - if (p != NULL) sc = p + 1; - } - free(m); - - for (i = 0; i < GUID_SIZE; i++) { - ((GUID *)ptr)->info[i] = info[i]; - } - - return 0; -} - -int gen_parse_SEC_ACE(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - return gen_parse_struct(mem_ctx, pinfo_security_ace_info, ptr, str); -} - -int gen_parse_SEC_ACL(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - return gen_parse_struct(mem_ctx, pinfo_security_acl_info, ptr, str); -} - -int gen_parse_SEC_DESC(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - return gen_parse_struct(mem_ctx, pinfo_security_descriptor_info, ptr, str); -} - -int gen_parse_LUID_ATTR(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - return gen_parse_struct(mem_ctx, pinfo_luid_attr_info, ptr, str); -} - -int gen_parse_LUID(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - if(sscanf(str, "%u,%u", &(((LUID *)(ptr))->high), &(((LUID *)(ptr))->low)) != 2) { - errno = EINVAL; - return -1; - } - return 0; -} - -int gen_parse_DATA_BLOB(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - return gen_parse_struct(mem_ctx, pinfo_data_blob_info, ptr, str); -} - -int gen_parse_TALLOC_CTX(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - (TALLOC_CTX *)ptr = NULL; - return 0; -} - -/* DUMP functions */ - -int gen_dump_uint8(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(uint8 *)(ptr)); -} - -int gen_dump_uint16(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(uint16 *)(ptr)); -} - -int gen_dump_uint32(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(uint32 *)(ptr)); -} - -int gen_dump_NTTIME(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - uint32 low, high; - - high = ((NTTIME *)(ptr))->high; - low = ((NTTIME *)(ptr))->low; - return addshort(mem_ctx, p, "%u,%u", high, low); -} - -int gen_dump_DOM_SID(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - fstring sidstr; - - sid_to_string(sidstr, (DOM_SID *)ptr); - return addstr(mem_ctx, p, sidstr); -} - -int gen_dump_SEC_ACCESS(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", ((SEC_ACCESS *)ptr)->mask); -} - -int gen_dump_GUID(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - int i, r; - - for (i = 0; i < (GUID_SIZE - 1); i++) { - if (!(r = addshort(mem_ctx, p, "%d,", ((GUID *)ptr)->info[i]))) return r; - } - return addshort(mem_ctx, p, "%d", ((GUID *)ptr)->info[i]); -} - -int gen_dump_SEC_ACE(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return gen_dump_struct(mem_ctx, pinfo_security_ace_info, p, ptr, indent); -} - -int gen_dump_SEC_ACL(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return gen_dump_struct(mem_ctx, pinfo_security_acl_info, p, ptr, indent); -} - -int gen_dump_SEC_DESC(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return gen_dump_struct(mem_ctx, pinfo_security_descriptor_info, p, ptr, indent); -} - -int gen_dump_LUID_ATTR(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return gen_dump_struct(mem_ctx, pinfo_luid_attr_info, p, ptr, indent); -} - -int gen_dump_LUID(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - uint32 low, high; - - high = ((LUID *)(ptr))->high; - low = ((LUID *)(ptr))->low; - return addshort(mem_ctx, p, "%u,%u", high, low); -} - -int gen_dump_DATA_BLOB(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return gen_dump_struct(mem_ctx, pinfo_data_blob_info, p, ptr, indent); -} - -int gen_dump_TALLOC_CTX(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "TALLOC_CTX"); -} diff --git a/source3/lib/snprintf.c b/source3/lib/snprintf.c index 5b0cfa1ab3..a2f9f592db 100644 --- a/source3/lib/snprintf.c +++ b/source3/lib/snprintf.c @@ -147,14 +147,10 @@ #ifndef VA_COPY #ifdef HAVE_VA_COPY -#define VA_COPY(dest, src) va_copy(dest, src) -#else -#ifdef HAVE___VA_COPY #define VA_COPY(dest, src) __va_copy(dest, src) #else #define VA_COPY(dest, src) (dest) = (src) #endif -#endif /* * dopr(): poor man's version of doprintf diff --git a/source3/libsmb/libsmb_compat.c b/source3/libsmb/libsmb_compat.c index 4c96c41c56..27b274953a 100644 --- a/source3/libsmb/libsmb_compat.c +++ b/source3/libsmb/libsmb_compat.c @@ -5,7 +5,6 @@ Copyright (C) Richard Sharpe 2000 Copyright (C) John Terpstra 2000 Copyright (C) Tom Jansen (Ninja ISD) 2002 - Copyright (C) Derrell Lipman 2003 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -35,14 +34,14 @@ struct smbc_compat_fdlist { static SMBCCTX * statcont = NULL; static int smbc_compat_initialized = 0; -static int smbc_compat_nextfd = 0; -static struct smbc_compat_fdlist * smbc_compat_fd_in_use = NULL; -static struct smbc_compat_fdlist * smbc_compat_fd_avail = NULL; +static int smbc_currentfd = 10000; +static struct smbc_compat_fdlist * smbc_compat_fdlist = NULL; + /* Find an fd and return the SMBCFILE * or NULL on failure */ static SMBCFILE * find_fd(int fd) { - struct smbc_compat_fdlist * f = smbc_compat_fd_in_use; + struct smbc_compat_fdlist * f = smbc_compat_fdlist; while (f) { if (f->fd == fd) return f->file; @@ -54,36 +53,16 @@ static SMBCFILE * find_fd(int fd) /* Add an fd, returns 0 on success, -1 on error with errno set */ static int add_fd(SMBCFILE * file) { - struct smbc_compat_fdlist * f = smbc_compat_fd_avail; - - if (f) { - /* We found one that's available */ - DLIST_REMOVE(smbc_compat_fd_avail, f); - - } else { - /* - * None were available, so allocate one. Keep the number of - * file descriptors determinate. This allows the application - * to allocate bitmaps or mapping of file descriptors based on - * a known maximum number of file descriptors that will ever - * be returned. - */ - if (smbc_compat_nextfd >= FD_SETSIZE) { - errno = EMFILE; - return -1; - } - - f = malloc(sizeof(struct smbc_compat_fdlist)); - if (!f) { - errno = ENOMEM; - return -1; - } + struct smbc_compat_fdlist * f = malloc(sizeof(struct smbc_compat_fdlist)); + if (!f) { + errno = ENOMEM; + return -1; + } - f->fd = SMBC_BASE_FD + smbc_compat_nextfd++; - } - + f->fd = smbc_currentfd++; f->file = file; - DLIST_ADD(smbc_compat_fd_in_use, f); + + DLIST_ADD(smbc_compat_fdlist, f); return f->fd; } @@ -93,19 +72,16 @@ static int add_fd(SMBCFILE * file) /* Delete an fd, returns 0 on success */ static int del_fd(int fd) { - struct smbc_compat_fdlist * f = smbc_compat_fd_in_use; - + struct smbc_compat_fdlist * f = smbc_compat_fdlist; while (f) { if (f->fd == fd) break; f = f->next; } - if (f) { /* found */ - DLIST_REMOVE(smbc_compat_fd_in_use, f); - f->file = NULL; - DLIST_ADD(smbc_compat_fd_avail, f); + DLIST_REMOVE(smbc_compat_fdlist, f); + SAFE_FREE(f); return 0; } return 1; @@ -115,9 +91,6 @@ static int del_fd(int fd) int smbc_init(smbc_get_auth_data_fn fn, int debug) { - int i; - struct smbc_compat_fdlist * f; - if (!smbc_compat_initialized) { statcont = smbc_new_context(); if (!statcont) @@ -139,22 +112,6 @@ int smbc_init(smbc_get_auth_data_fn fn, int debug) } -SMBCCTX *smbc_set_context(SMBCCTX * context) -{ - SMBCCTX *old_context = statcont; - - if (context) { - /* Save provided context. It must have been initialized! */ - statcont = context; - - /* You'd better know what you're doing. We won't help you. */ - smbc_compat_initialized = 1; - } - - return old_context; -} - - int smbc_open(const char *furl, int flags, mode_t mode) { SMBCFILE * file; @@ -295,121 +252,8 @@ int smbc_fstat(int fd, struct stat *st) int smbc_chmod(const char *url, mode_t mode) { - return statcont->chmod(statcont, url, mode); -} - -int smbc_utimes(const char *fname, struct timeval *tbuf) -{ - return statcont->utimes(statcont, fname, tbuf); -} - -#ifdef HAVE_UTIME_H -int smbc_utime(const char *fname, struct utimbuf *utbuf) -{ - struct timeval tv; - - if (utbuf == NULL) - return statcont->utimes(statcont, fname, NULL); - - tv.tv_sec = utbuf->modtime; - tv.tv_usec = 0; - return statcont->utimes(statcont, fname, &tv); -} -#endif - -int smbc_setxattr(const char *fname, - const char *name, - const void *value, - size_t size, - int flags) -{ - return statcont->setxattr(statcont, fname, name, value, size, flags); -} - -int smbc_lsetxattr(const char *fname, - const char *name, - const void *value, - size_t size, - int flags) -{ - return statcont->setxattr(statcont, fname, name, value, size, flags); -} - -int smbc_fsetxattr(int fd, - const char *name, - const void *value, - size_t size, - int flags) -{ - SMBCFILE * file = find_fd(fd); - return statcont->setxattr(statcont, file->fname, - name, value, size, flags); -} - -int smbc_getxattr(const char *fname, - const char *name, - const void *value, - size_t size) -{ - return statcont->getxattr(statcont, fname, name, value, size); -} - -int smbc_lgetxattr(const char *fname, - const char *name, - const void *value, - size_t size) -{ - return statcont->getxattr(statcont, fname, name, value, size); -} - -int smbc_fgetxattr(int fd, - const char *name, - const void *value, - size_t size) -{ - SMBCFILE * file = find_fd(fd); - return statcont->getxattr(statcont, file->fname, name, value, size); -} - -int smbc_removexattr(const char *fname, - const char *name) -{ - return statcont->removexattr(statcont, fname, name); -} - -int smbc_lremovexattr(const char *fname, - const char *name) -{ - return statcont->removexattr(statcont, fname, name); -} - -int smbc_fremovexattr(int fd, - const char *name) -{ - SMBCFILE * file = find_fd(fd); - return statcont->removexattr(statcont, file->fname, name); -} - -int smbc_listxattr(const char *fname, - char *list, - size_t size) -{ - return statcont->listxattr(statcont, fname, list, size); -} - -int smbc_llistxattr(const char *fname, - char *list, - size_t size) -{ - return statcont->listxattr(statcont, fname, list, size); -} - -int smbc_flistxattr(int fd, - char *list, - size_t size) -{ - SMBCFILE * file = find_fd(fd); - return statcont->listxattr(statcont, file->fname, list, size); + /* NOT IMPLEMENTED IN LIBSMBCLIENT YET */ + return -1; } int smbc_print_file(const char *fname, const char *printq) diff --git a/source3/libsmb/libsmbclient.c b/source3/libsmb/libsmbclient.c index a11a965fde..4eb7f49760 100644 --- a/source3/libsmb/libsmbclient.c +++ b/source3/libsmb/libsmbclient.c @@ -5,7 +5,6 @@ Copyright (C) Richard Sharpe 2000, 2002 Copyright (C) John Terpstra 2000 Copyright (C) Tom Jansen (Ninja ISD) 2002 - Copyright (C) Derrell Lipman 2003 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -27,22 +26,6 @@ #include "../include/libsmb_internal.h" /* - * Internal flags for extended attributes - */ - -/* internal mode values */ -#define SMBC_XATTR_MODE_ADD 1 -#define SMBC_XATTR_MODE_REMOVE 2 -#define SMBC_XATTR_MODE_REMOVE_ALL 3 -#define SMBC_XATTR_MODE_SET 4 -#define SMBC_XATTR_MODE_CHOWN 5 -#define SMBC_XATTR_MODE_CHGRP 6 - -#define CREATE_ACCESS_READ READ_CONTROL_ACCESS - - - -/* * Functions exported by libsmb_cache.c that we need here */ int smbc_default_cache_functions(SMBCCTX *context); @@ -179,9 +162,8 @@ smbc_parse_path(SMBCCTX *context, const char *fname, char *server, char *share, /* see if it has the right prefix */ len = strlen(smbc_prefix); - if (strncmp(s,smbc_prefix,len) || (s[len] != '/' && s[len] != 0)) { - return -1; /* What about no smb: ? */ - } + if (strncmp(s,smbc_prefix,len) || + (s[len] != '/' && s[len] != 0)) return -1; /* What about no smb: ? */ p = s + len; @@ -361,67 +343,6 @@ int smbc_remove_unused_server(SMBCCTX * context, SMBCSRV * srv) return 0; } -SMBCSRV *find_server(SMBCCTX *context, - const char *server, - const char *share, - fstring workgroup, - fstring username, - fstring password) -{ - SMBCSRV *srv; - int auth_called = 0; - - check_server_cache: - - srv = context->callbacks.get_cached_srv_fn(context, server, share, - workgroup, username); - - if (!auth_called && !srv && (!username[0] || !password[0])) { - context->callbacks.auth_fn(server, share, - workgroup, sizeof(fstring), - username, sizeof(fstring), - password, sizeof(fstring)); - /* - * However, smbc_auth_fn may have picked up info relating to - * an existing connection, so try for an existing connection - * again ... - */ - auth_called = 1; - goto check_server_cache; - - } - - if (srv) { - if (context->callbacks.check_server_fn(context, srv)) { - /* - * This server is no good anymore - * Try to remove it and check for more possible - * servers in the cache - */ - if (context->callbacks.remove_unused_server_fn(context, - srv)) { - /* - * We could not remove the server completely, - * remove it from the cache so we will not get - * it again. It will be removed when the last - * file/dir is closed. - */ - context->callbacks.remove_cached_srv_fn(context, - srv); - } - - /* - * Maybe there are more cached connections to this - * server - */ - goto check_server_cache; - } - return srv; - } - - return NULL; -} - /* * Connect to a server, possibly on an existing connection * @@ -439,6 +360,7 @@ SMBCSRV *smbc_server(SMBCCTX *context, fstring password) { SMBCSRV *srv=NULL; + int auth_called = 0; struct cli_state c; struct nmb_name called, calling; char *p; @@ -456,10 +378,45 @@ SMBCSRV *smbc_server(SMBCCTX *context, return NULL; } - srv = find_server(context, server, share, - workgroup, username, password); - if (srv) - return srv; + check_server_cache: + + srv = context->callbacks.get_cached_srv_fn(context, server, share, + workgroup, username); + + if (!auth_called && !srv && (!username[0] || !password[0])) { + context->callbacks.auth_fn(server, share, workgroup, sizeof(fstring), + username, sizeof(fstring), password, sizeof(fstring)); + /* + * However, smbc_auth_fn may have picked up info relating to an + * existing connection, so try for an existing connection again ... + */ + auth_called = 1; + goto check_server_cache; + + } + + if (srv) { + if (context->callbacks.check_server_fn(context, srv)) { + /* + * This server is no good anymore + * Try to remove it and check for more possible servers in the cache + */ + if (context->callbacks.remove_unused_server_fn(context, srv)) { + /* + * We could not remove the server completely, remove it from the cache + * so we will not get it again. It will be removed when the last file/dir + * is closed. + */ + context->callbacks.remove_cached_srv_fn(context, srv); + } + + /* + * Maybe there are more cached connections to this server + */ + goto check_server_cache; + } + return srv; + } make_nmb_name(&calling, context->netbios_name, 0x0); make_nmb_name(&called , server, 0x20); @@ -484,26 +441,16 @@ SMBCSRV *smbc_server(SMBCCTX *context, /* have to open a new connection */ if (!cli_initialise(&c)) { - errno = ENOMEM; + errno = ENOENT; return NULL; } c.timeout = context->timeout; - /* Force use of port 139 for first try, so browse lists can work */ - c.port = 139; - if (!cli_connect(&c, server_n, &ip)) { - /* - * Port 139 connection failed. Try port 445 to handle - * connections to newer (e.g. XP) hosts with NetBIOS disabled. - */ - c.port = 445; - if (!cli_connect(&c, server_n, &ip)) { - cli_shutdown(&c); - errno = ENETUNREACH; - return NULL; - } + cli_shutdown(&c); + errno = ENOENT; + return NULL; } if (!cli_session_request(&c, &calling, &called)) { @@ -606,101 +553,6 @@ SMBCSRV *smbc_server(SMBCCTX *context, } /* - * Connect to a server for getting/setting attributes, possibly on an existing - * connection. This works similarly to smbc_server(). - */ -SMBCSRV *smbc_attr_server(SMBCCTX *context, - const char *server, const char *share, - fstring workgroup, - fstring username, fstring password) -{ - struct in_addr ip; - struct cli_state *ipc_cli; - NTSTATUS nt_status; - SMBCSRV *ipc_srv=NULL; - POLICY_HND pol; - - /* - * See if we've already created this special connection. Reference - * our "special" share name 'IPC$$'. - */ - ipc_srv = find_server(context, server, "IPC$$", - workgroup, username, password); - if (!ipc_srv) { - - /* We didn't find a cached connection. Get the password */ - if (*password == '\0') { - /* ... then retrieve it now. */ - context->callbacks.auth_fn(server, share, - workgroup, sizeof(fstring), - username, sizeof(fstring), - password, sizeof(fstring)); - } - - zero_ip(&ip); - nt_status = cli_full_connection(&ipc_cli, - global_myname(), server, - &ip, 0, "IPC$", "?????", - username, workgroup, - password, 0, - Undefined, NULL); - if (! NT_STATUS_IS_OK(nt_status)) { - DEBUG(0,("cli_full_connection failed! (%s)\n", - nt_errstr(nt_status))); - errno = ENOTSUP; - return NULL; - } - - if (!cli_nt_session_open(ipc_cli, PI_LSARPC)) { - DEBUG(0, ("cli_nt_session_open fail! (%s)\n", - nt_errstr(nt_status))); - errno = ENOTSUP; - free(ipc_cli); - return NULL; - } - - /* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED, - but NT sends 0x2000000 so we might as well do it too. */ - - nt_status = cli_lsa_open_policy(ipc_cli, - ipc_cli->mem_ctx, - True, - GENERIC_EXECUTE_ACCESS, - &pol); - - if (!NT_STATUS_IS_OK(nt_status)) { - errno = smbc_errno(context, ipc_cli); - free(ipc_cli); - return NULL; - } - - ipc_srv = (SMBCSRV *)malloc(sizeof(*ipc_srv)); - if (!ipc_srv) { - errno = ENOMEM; - free(ipc_cli); - return NULL; - } - - ZERO_STRUCTP(ipc_srv); - ipc_srv->cli = *ipc_cli; - - free(ipc_cli); - - /* now add it to the cache (internal or external) */ - if (context->callbacks.add_cached_srv_fn(context, ipc_srv, - server, - "IPC$$", - workgroup, - username)) { - DEBUG(3, (" Failed to add server to cache\n")); - return NULL; - } - } - - return ipc_srv; -} - -/* * Routine to open() a file ... */ @@ -998,10 +850,7 @@ static BOOL smbc_getatr(SMBCCTX * context, SMBCSRV *srv, char *path, size, mode, ino)) return True; /* if this is NT then don't bother with the getatr */ - if (srv->cli.capabilities & CAP_NT_SMBS) { - errno = EPERM; - return False; - } + if (srv->cli.capabilities & CAP_NT_SMBS) return False; if (cli_getatr(&srv->cli, path, mode, size, m_time)) { a_time = c_time = m_time; @@ -1009,7 +858,6 @@ static BOOL smbc_getatr(SMBCCTX * context, SMBCSRV *srv, char *path, return True; } - errno = EPERM; return False; } @@ -1354,7 +1202,9 @@ static int smbc_stat_ctx(SMBCCTX *context, const char *fname, struct stat *st) srv = smbc_server(context, server, share, workgroup, user, password); if (!srv) { + return -1; /* errno set by smbc_server */ + } /* if (strncmp(srv->cli.dev, "IPC", 3) == 0) { @@ -1734,17 +1584,18 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) /* * Get a connection to IPC$ on the server if we do not already have one */ - + srv = smbc_server(context, server, "IPC$", workgroup, user, password); - if (!srv) { - - if (dir) { - SAFE_FREE(dir->fname); - SAFE_FREE(dir); - } - return NULL; - } - + + if (!srv) { + + if (dir) { + SAFE_FREE(dir->fname); + SAFE_FREE(dir); + } + return NULL; + } + dir->srv = srv; dir->dir_type = SMBC_WORKGROUP; @@ -2439,1396 +2290,168 @@ static int smbc_fstatdir_ctx(SMBCCTX *context, SMBCFILE *dir, struct stat *st) } -int smbc_chmod_ctx(SMBCCTX *context, const char *fname, mode_t newmode) -{ - SMBCSRV *srv; - fstring server, share, user, password, workgroup; - pstring path; - uint16 mode; - - if (!context || !context->internal || - !context->internal->_initialized) { - - errno = EINVAL; /* Best I can think of ... */ - return -1; - - } - - if (!fname) { - - errno = EINVAL; - return -1; - - } - - DEBUG(4, ("smbc_chmod(%s, 0%3o)\n", fname, newmode)); - - smbc_parse_path(context, fname, server, share, path, user, password); /*FIXME, errors*/ - - if (user[0] == (char)0) fstrcpy(user, context->user); - - fstrcpy(workgroup, context->workgroup); - - srv = smbc_server(context, server, share, workgroup, user, password); - - if (!srv) { - return -1; /* errno set by smbc_server */ - } - - mode = 0; - - if (!(newmode & (S_IWUSR | S_IWGRP | S_IWOTH))) mode |= aRONLY; - if ((newmode & S_IXUSR) && lp_map_archive(-1)) mode |= aARCH; - if ((newmode & S_IXGRP) && lp_map_system(-1)) mode |= aSYSTEM; - if ((newmode & S_IXOTH) && lp_map_hidden(-1)) mode |= aHIDDEN; - - if (!cli_setatr(&srv->cli, path, mode, 0)) { - errno = smbc_errno(context, &srv->cli); - return -1; - } - - return 0; -} +/* + * Open a print file to be written to by other calls + */ -int smbc_utimes_ctx(SMBCCTX *context, const char *fname, struct timeval *tbuf) +static SMBCFILE *smbc_open_print_job_ctx(SMBCCTX *context, const char *fname) { - SMBCSRV *srv; - fstring server, share, user, password, workgroup; + fstring server, share, user, password; pstring path; - uint16 mode; - time_t t = (tbuf == NULL ? time(NULL) : tbuf->tv_sec); - + if (!context || !context->internal || !context->internal->_initialized) { - errno = EINVAL; /* Best I can think of ... */ - return -1; + errno = EINVAL; + return NULL; } if (!fname) { errno = EINVAL; - return -1; + return NULL; } - DEBUG(4, ("smbc_utimes(%s, [%s])\n", fname, ctime(&t))); + DEBUG(4, ("smbc_open_print_job_ctx(%s)\n", fname)); smbc_parse_path(context, fname, server, share, path, user, password); /*FIXME, errors*/ - if (user[0] == (char)0) fstrcpy(user, context->user); - - fstrcpy(workgroup, context->workgroup); - - srv = smbc_server(context, server, share, workgroup, user, password); - - if (!srv) { - return -1; /* errno set by smbc_server */ - } - - if (!smbc_getatr(context, srv, path, - &mode, NULL, - NULL, NULL, NULL, - NULL)) { - return -1; - } + /* What if the path is empty, or the file exists? */ - if (!cli_setatr(&srv->cli, path, mode, t)) { - /* some servers always refuse directory changes */ - if (!(mode & aDIR)) { - errno = smbc_errno(context, &srv->cli); - return -1; - } - } + return context->open(context, fname, O_WRONLY, 666); - return 0; } +/* + * Routine to print a file on a remote server ... + * + * We open the file, which we assume to be on a remote server, and then + * copy it to a print file on the share specified by printq. + */ -/* The MSDN is contradictory over the ordering of ACE entries in an ACL. - However NT4 gives a "The information may have been modified by a - computer running Windows NT 5.0" if denied ACEs do not appear before - allowed ACEs. */ - -static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2) -{ - if (sec_ace_equal(ace1, ace2)) - return 0; - - if (ace1->type != ace2->type) - return ace2->type - ace1->type; - - if (sid_compare(&ace1->trustee, &ace2->trustee)) - return sid_compare(&ace1->trustee, &ace2->trustee); - - if (ace1->flags != ace2->flags) - return ace1->flags - ace2->flags; - - if (ace1->info.mask != ace2->info.mask) - return ace1->info.mask - ace2->info.mask; - - if (ace1->size != ace2->size) - return ace1->size - ace2->size; - - return memcmp(ace1, ace2, sizeof(SEC_ACE)); -} - - -static void sort_acl(SEC_ACL *the_acl) -{ - uint32 i; - if (!the_acl) return; - - qsort(the_acl->ace, the_acl->num_aces, sizeof(the_acl->ace[0]), QSORT_CAST ace_compare); - - for (i=1;i<the_acl->num_aces;) { - if (sec_ace_equal(&the_acl->ace[i-1], &the_acl->ace[i])) { - int j; - for (j=i; j<the_acl->num_aces-1; j++) { - the_acl->ace[j] = the_acl->ace[j+1]; - } - the_acl->num_aces--; - } else { - i++; - } - } -} - -/* convert a SID to a string, either numeric or username/group */ -static void convert_sid_to_string(struct cli_state *ipc_cli, - POLICY_HND *pol, - fstring str, - BOOL numeric, - DOM_SID *sid) -{ - char **domains = NULL; - char **names = NULL; - uint32 *types = NULL; - - sid_to_string(str, sid); - - if (numeric) return; /* no lookup desired */ - - /* Ask LSA to convert the sid to a name */ - - if (!NT_STATUS_IS_OK(cli_lsa_lookup_sids(ipc_cli, ipc_cli->mem_ctx, - pol, 1, sid, &domains, - &names, &types)) || - !domains || !domains[0] || !names || !names[0]) { - return; - } - - /* Converted OK */ - - slprintf(str, sizeof(fstring) - 1, "%s%s%s", - domains[0], lp_winbind_separator(), - names[0]); -} - -/* convert a string to a SID, either numeric or username/group */ -static BOOL convert_string_to_sid(struct cli_state *ipc_cli, - POLICY_HND *pol, - BOOL numeric, - DOM_SID *sid, - const char *str) -{ - uint32 *types = NULL; - DOM_SID *sids = NULL; - BOOL result = True; - - if (numeric) { - if (strncmp(str, "S-", 2) == 0) { - return string_to_sid(sid, str); - } - - result = False; - goto done; - } - - if (!NT_STATUS_IS_OK(cli_lsa_lookup_names(ipc_cli, ipc_cli->mem_ctx, - pol, 1, &str, &sids, - &types))) { - result = False; - goto done; - } - - sid_copy(sid, &sids[0]); - done: - - return result; -} - - -/* parse an ACE in the same format as print_ace() */ -static BOOL parse_ace(struct cli_state *ipc_cli, - POLICY_HND *pol, - SEC_ACE *ace, - BOOL numeric, - char *str) -{ - char *p; - const char *cp; - fstring tok; - unsigned atype, aflags, amask; - DOM_SID sid; - SEC_ACCESS mask; - const struct perm_value *v; - struct perm_value { - const char *perm; - uint32 mask; - }; - - /* These values discovered by inspection */ - static const struct perm_value special_values[] = { - { "R", 0x00120089 }, - { "W", 0x00120116 }, - { "X", 0x001200a0 }, - { "D", 0x00010000 }, - { "P", 0x00040000 }, - { "O", 0x00080000 }, - { NULL, 0 }, - }; - - static const struct perm_value standard_values[] = { - { "READ", 0x001200a9 }, - { "CHANGE", 0x001301bf }, - { "FULL", 0x001f01ff }, - { NULL, 0 }, - }; - - - ZERO_STRUCTP(ace); - p = strchr_m(str,':'); - if (!p) return False; - *p = '\0'; - p++; - /* Try to parse numeric form */ - - if (sscanf(p, "%i/%i/%i", &atype, &aflags, &amask) == 3 && - convert_string_to_sid(ipc_cli, pol, numeric, &sid, str)) { - goto done; - } - - /* Try to parse text form */ - - if (!convert_string_to_sid(ipc_cli, pol, numeric, &sid, str)) { - return False; - } - - cp = p; - if (!next_token(&cp, tok, "/", sizeof(fstring))) { - return False; - } - - if (StrnCaseCmp(tok, "ALLOWED", strlen("ALLOWED")) == 0) { - atype = SEC_ACE_TYPE_ACCESS_ALLOWED; - } else if (StrnCaseCmp(tok, "DENIED", strlen("DENIED")) == 0) { - atype = SEC_ACE_TYPE_ACCESS_DENIED; - } else { - return False; - } - - /* Only numeric form accepted for flags at present */ - - if (!(next_token(&cp, tok, "/", sizeof(fstring)) && - sscanf(tok, "%i", &aflags))) { - return False; - } - - if (!next_token(&cp, tok, "/", sizeof(fstring))) { - return False; - } - - if (strncmp(tok, "0x", 2) == 0) { - if (sscanf(tok, "%i", &amask) != 1) { - return False; - } - goto done; - } - - for (v = standard_values; v->perm; v++) { - if (strcmp(tok, v->perm) == 0) { - amask = v->mask; - goto done; - } - } - - p = tok; - - while(*p) { - BOOL found = False; - - for (v = special_values; v->perm; v++) { - if (v->perm[0] == *p) { - amask |= v->mask; - found = True; - } - } - - if (!found) return False; - p++; - } - - if (*p) { - return False; - } - - done: - mask.mask = amask; - init_sec_ace(ace, &sid, atype, mask, aflags); - return True; -} - -/* add an ACE to a list of ACEs in a SEC_ACL */ -static BOOL add_ace(SEC_ACL **the_acl, SEC_ACE *ace, TALLOC_CTX *ctx) -{ - SEC_ACL *new; - SEC_ACE *aces; - if (! *the_acl) { - (*the_acl) = make_sec_acl(ctx, 3, 1, ace); - return True; - } - - aces = calloc(1+(*the_acl)->num_aces,sizeof(SEC_ACE)); - memcpy(aces, (*the_acl)->ace, (*the_acl)->num_aces * sizeof(SEC_ACE)); - memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE)); - new = make_sec_acl(ctx,(*the_acl)->revision,1+(*the_acl)->num_aces, aces); - SAFE_FREE(aces); - (*the_acl) = new; - return True; -} - - -/* parse a ascii version of a security descriptor */ -static SEC_DESC *sec_desc_parse(TALLOC_CTX *ctx, - struct cli_state *ipc_cli, - POLICY_HND *pol, - BOOL numeric, - char *str) +static int smbc_print_file_ctx(SMBCCTX *c_file, const char *fname, SMBCCTX *c_print, const char *printq) { - const char *p = str; - fstring tok; - SEC_DESC *ret; - size_t sd_size; - DOM_SID *grp_sid=NULL, *owner_sid=NULL; - SEC_ACL *dacl=NULL; - int revision=1; - - while (next_token(&p, tok, "\t,\r\n", sizeof(tok))) { - - if (StrnCaseCmp(tok,"REVISION:", 9) == 0) { - revision = strtol(tok+9, NULL, 16); - continue; - } - - if (StrnCaseCmp(tok,"OWNER:", 6) == 0) { - owner_sid = (DOM_SID *)calloc(1, sizeof(DOM_SID)); - if (!owner_sid || - !convert_string_to_sid(ipc_cli, pol, - numeric, - owner_sid, tok+6)) { - DEBUG(5, ("Failed to parse owner sid\n")); - return NULL; - } - continue; - } - - if (StrnCaseCmp(tok,"OWNER+:", 7) == 0) { - owner_sid = (DOM_SID *)calloc(1, sizeof(DOM_SID)); - if (!owner_sid || - !convert_string_to_sid(ipc_cli, pol, - False, - owner_sid, tok+7)) { - DEBUG(5, ("Failed to parse owner sid\n")); - return NULL; - } - continue; - } - - if (StrnCaseCmp(tok,"GROUP:", 6) == 0) { - grp_sid = (DOM_SID *)calloc(1, sizeof(DOM_SID)); - if (!grp_sid || - !convert_string_to_sid(ipc_cli, pol, - numeric, - grp_sid, tok+6)) { - DEBUG(5, ("Failed to parse group sid\n")); - return NULL; - } - continue; - } - - if (StrnCaseCmp(tok,"GROUP+:", 7) == 0) { - grp_sid = (DOM_SID *)calloc(1, sizeof(DOM_SID)); - if (!grp_sid || - !convert_string_to_sid(ipc_cli, pol, - False, - grp_sid, tok+6)) { - DEBUG(5, ("Failed to parse group sid\n")); - return NULL; - } - continue; - } + SMBCFILE *fid1, *fid2; + int bytes, saverr, tot_bytes = 0; + char buf[4096]; - if (StrnCaseCmp(tok,"ACL:", 4) == 0) { - SEC_ACE ace; - if (!parse_ace(ipc_cli, pol, &ace, numeric, tok+4)) { - DEBUG(5, ("Failed to parse ACL %s\n", tok)); - return NULL; - } - if(!add_ace(&dacl, &ace, ctx)) { - DEBUG(5, ("Failed to add ACL %s\n", tok)); - return NULL; - } - continue; - } + if (!c_file || !c_file->internal->_initialized || !c_print || + !c_print->internal->_initialized) { - if (StrnCaseCmp(tok,"ACL+:", 5) == 0) { - SEC_ACE ace; - if (!parse_ace(ipc_cli, pol, &ace, False, tok+5)) { - DEBUG(5, ("Failed to parse ACL %s\n", tok)); - return NULL; - } - if(!add_ace(&dacl, &ace, ctx)) { - DEBUG(5, ("Failed to add ACL %s\n", tok)); - return NULL; - } - continue; - } + errno = EINVAL; + return -1; - DEBUG(5, ("Failed to parse security descriptor\n")); - return NULL; } - ret = make_sec_desc(ctx, revision, SEC_DESC_SELF_RELATIVE, - owner_sid, grp_sid, NULL, dacl, &sd_size); + if (!fname && !printq) { - SAFE_FREE(grp_sid); - SAFE_FREE(owner_sid); - - return ret; -} - - -/***************************************************** -retrieve the acls for a file -*******************************************************/ -static int cacl_get(TALLOC_CTX *ctx, struct cli_state *cli, - struct cli_state *ipc_cli, POLICY_HND *pol, - char *filename, char *name, char *buf, int bufsize) -{ - uint32 i; - int n = 0; - int n_used; - BOOL all; - BOOL numeric = True; - BOOL determine_size = (bufsize == 0); - int fnum = -1; - SEC_DESC *sd; - fstring sidstr; - char *p; - - fnum = cli_nt_create(cli, filename, CREATE_ACCESS_READ); - - if (fnum == -1) { - DEBUG(5, ("cacl_get failed to open %s: %s\n", - filename, cli_errstr(cli))); - errno = 0; + errno = EINVAL; return -1; - } - - sd = cli_query_secdesc(cli, fnum, ctx); - if (!sd) { - DEBUG(5, ("cacl_get Failed to query old descriptor\n")); - errno = 0; - return -1; } - cli_close(cli, fnum); - - all = (*name == '*'); - numeric = (* (name + strlen(name) - 1) != '+'); - - n_used = 0; - - if (all) { - if (determine_size) { - p = talloc_asprintf(ctx, - "REVISION:%d", sd->revision); - if (!p) { - errno = ENOMEM; - return -1; - } - n = strlen(p); - } else { - n = snprintf(buf, bufsize, - "REVISION:%d", sd->revision); - } - } else if (StrCaseCmp(name, "revision") == 0) { - if (determine_size) { - p = talloc_asprintf(ctx, "%d", sd->revision); - if (!p) { - errno = ENOMEM; - return -1; - } - n = strlen(p); - } else { - n = snprintf(buf, bufsize, "%d", sd->revision); - } - } - - if (!determine_size && n > bufsize) { - errno = ERANGE; - return -1; - } - buf += n; - n_used += n; - bufsize -= n; - - /* Get owner and group sid */ - - if (sd->owner_sid) { - convert_sid_to_string(ipc_cli, pol, - sidstr, numeric, sd->owner_sid); - } else { - fstrcpy(sidstr, ""); - } - - if (all) { - if (determine_size) { - p = talloc_asprintf(ctx, ",OWNER:%s", sidstr); - if (!p) { - errno = ENOMEM; - return -1; - } - n = strlen(p); - } else { - n = snprintf(buf, bufsize, ",OWNER:%s", sidstr); - } - } else if (StrnCaseCmp(name, "owner", 5) == 0) { - if (determine_size) { - p = talloc_asprintf(ctx, "%s", sidstr); - if (!p) { - errno = ENOMEM; - return -1; - } - n = strlen(p); - } else { - n = snprintf(buf, bufsize, "%s", sidstr); - } - } - - if (!determine_size && n > bufsize) { - errno = ERANGE; - return -1; - } - buf += n; - n_used += n; - bufsize -= n; - - if (sd->grp_sid) { - convert_sid_to_string(ipc_cli, pol, - sidstr, numeric, sd->grp_sid); - } else { - fstrcpy(sidstr, ""); - } - - if (all) { - if (determine_size) { - p = talloc_asprintf(ctx, ",GROUP:%s", sidstr); - if (!p) { - errno = ENOMEM; - return -1; - } - n = strlen(p); - } else { - n = snprintf(buf, bufsize, ",GROUP:%s", sidstr); - } - } else if (StrnCaseCmp(name, "group", 5) == 0) { - if (determine_size) { - p = talloc_asprintf(ctx, "%s", sidstr); - if (!p) { - errno = ENOMEM; - return -1; - } - n = strlen(p); - } else { - n = snprintf(buf, bufsize, "%s", sidstr); - } - } + /* Try to open the file for reading ... */ - if (!determine_size && n > bufsize) { - errno = ERANGE; - return -1; - } - buf += n; - n_used += n; - bufsize -= n; - - /* Add aces to value buffer */ - for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) { - - SEC_ACE *ace = &sd->dacl->ace[i]; - convert_sid_to_string(ipc_cli, pol, - sidstr, numeric, &ace->trustee); - - if (all) { - if (determine_size) { - p = talloc_asprintf(ctx, - ",ACL:%s:%d/%d/0x%08x", - sidstr, - ace->type, - ace->flags, - ace->info.mask); - if (!p) { - errno = ENOMEM; - return -1; - } - n = strlen(p); - } else { - n = snprintf(buf, bufsize, - ",ACL:%s:%d/%d/0x%08x", - sidstr, - ace->type, - ace->flags, - ace->info.mask); - } - } else if ((StrnCaseCmp(name, "acl", 3) == 0 && - StrCaseCmp(name + 3, sidstr) == 0) || - (StrnCaseCmp(name, "acl+", 4) == 0 && - StrCaseCmp(name + 4, sidstr) == 0)) { - if (determine_size) { - p = talloc_asprintf(ctx, - "%d/%d/0x%08x", - ace->type, - ace->flags, - ace->info.mask); - if (!p) { - errno = ENOMEM; - return -1; - } - n = strlen(p); - } else { - n = snprintf(buf, bufsize, - "%d/%d/0x%08x", - ace->type, ace->flags, ace->info.mask); - } - } - if (n > bufsize) { - errno = ERANGE; - return -1; - } - buf += n; - n_used += n; - bufsize -= n; - } - - if (n_used == 0) { - errno = ENOATTR; - return -1; - } - return n_used; -} - - -/***************************************************** -set the ACLs on a file given an ascii description -*******************************************************/ -static int cacl_set(TALLOC_CTX *ctx, struct cli_state *cli, - struct cli_state *ipc_cli, POLICY_HND *pol, - const char *filename, const char *the_acl, - int mode, int flags) -{ - int fnum; - int err = 0; - SEC_DESC *sd = NULL, *old; - SEC_ACL *dacl = NULL; - DOM_SID *owner_sid = NULL; - DOM_SID *grp_sid = NULL; - uint32 i, j; - size_t sd_size; - int ret = 0; - char *p; - BOOL numeric = True; - - /* the_acl will be null for REMOVE_ALL operations */ - if (the_acl) { - numeric = ((p = strchr(the_acl, ':')) != NULL && - p > the_acl && - p[-1] != '+'); - - /* if this is to set the entire ACL... */ - if (*the_acl == '*') { - /* ... then increment past the first colon */ - the_acl = p + 1; - } - - sd = sec_desc_parse(ctx, ipc_cli, pol, - numeric, (char *) the_acl); - - if (!sd) { - errno = EINVAL; - return -1; - } - } + if ((int)(fid1 = c_file->open(c_file, fname, O_RDONLY, 0666)) < 0) { + + DEBUG(3, ("Error, fname=%s, errno=%i\n", fname, errno)); + return -1; /* smbc_open sets errno */ + + } - /* The desired access below is the only one I could find that works - with NT4, W2KP and Samba */ + /* Now, try to open the printer file for writing */ - fnum = cli_nt_create(cli, filename, CREATE_ACCESS_READ); + if ((int)(fid2 = c_print->open_print_job(c_print, printq)) < 0) { - if (fnum == -1) { - DEBUG(5, ("cacl_set failed to open %s: %s\n", - filename, cli_errstr(cli))); - errno = 0; + saverr = errno; /* Save errno */ + c_file->close(c_file, fid1); + errno = saverr; return -1; - } - - old = cli_query_secdesc(cli, fnum, ctx); - if (!old) { - DEBUG(5, ("cacl_set Failed to query old descriptor\n")); - errno = 0; - return -1; } - cli_close(cli, fnum); - - switch (mode) { - case SMBC_XATTR_MODE_REMOVE_ALL: - old->dacl->num_aces = 0; - SAFE_FREE(old->dacl->ace); - SAFE_FREE(old->dacl); - old->off_dacl = 0; - dacl = old->dacl; - break; + while ((bytes = c_file->read(c_file, fid1, buf, sizeof(buf))) > 0) { - case SMBC_XATTR_MODE_REMOVE: - for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) { - BOOL found = False; - - for (j=0;old->dacl && j<old->dacl->num_aces;j++) { - if (sec_ace_equal(&sd->dacl->ace[i], - &old->dacl->ace[j])) { - uint32 k; - for (k=j; k<old->dacl->num_aces-1;k++) { - old->dacl->ace[k] = old->dacl->ace[k+1]; - } - old->dacl->num_aces--; - if (old->dacl->num_aces == 0) { - SAFE_FREE(old->dacl->ace); - SAFE_FREE(old->dacl); - old->off_dacl = 0; - } - found = True; - dacl = old->dacl; - break; - } - } + tot_bytes += bytes; - if (!found) { - err = ENOATTR; - ret = -1; - goto failed; - } - } - break; + if ((c_print->write(c_print, fid2, buf, bytes)) < 0) { - case SMBC_XATTR_MODE_ADD: - for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) { - BOOL found = False; - - for (j=0;old->dacl && j<old->dacl->num_aces;j++) { - if (sid_equal(&sd->dacl->ace[i].trustee, - &old->dacl->ace[j].trustee)) { - if (!(flags & SMBC_XATTR_FLAG_CREATE)) { - err = EEXIST; - ret = -1; - goto failed; - } - old->dacl->ace[j] = sd->dacl->ace[i]; - ret = -1; - found = True; - } - } + saverr = errno; + c_file->close(c_file, fid1); + c_print->close(c_print, fid2); + errno = saverr; - if (!found && (flags & SMBC_XATTR_FLAG_REPLACE)) { - err = ENOATTR; - ret = -1; - goto failed; - } - - for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) { - add_ace(&old->dacl, &sd->dacl->ace[i], ctx); - } } - dacl = old->dacl; - break; - - case SMBC_XATTR_MODE_SET: - old = sd; - owner_sid = old->owner_sid; - grp_sid = old->grp_sid; - dacl = old->dacl; - break; - - case SMBC_XATTR_MODE_CHOWN: - owner_sid = sd->owner_sid; - break; - case SMBC_XATTR_MODE_CHGRP: - grp_sid = sd->grp_sid; - break; } - /* Denied ACE entries must come before allowed ones */ - sort_acl(old->dacl); + saverr = errno; - /* Create new security descriptor and set it */ - sd = make_sec_desc(ctx, old->revision, SEC_DESC_SELF_RELATIVE, - owner_sid, grp_sid, NULL, dacl, &sd_size); + c_file->close(c_file, fid1); /* We have to close these anyway */ + c_print->close(c_print, fid2); - fnum = cli_nt_create(cli, filename, - WRITE_DAC_ACCESS | WRITE_OWNER_ACCESS); + if (bytes < 0) { - if (fnum == -1) { - DEBUG(5, ("cacl_set failed to open %s: %s\n", - filename, cli_errstr(cli))); - errno = 0; + errno = saverr; return -1; - } - if (!cli_set_secdesc(cli, fnum, sd)) { - DEBUG(5, ("ERROR: secdesc set failed: %s\n", cli_errstr(cli))); - ret = -1; } - /* Clean up */ - - failed: - cli_close(cli, fnum); + return tot_bytes; - if (err != 0) { - errno = err; - } - - return ret; } +/* + * Routine to list print jobs on a printer share ... + */ -int smbc_setxattr_ctx(SMBCCTX *context, - const char *fname, - const char *name, - const void *value, - size_t size, - int flags) +static int smbc_list_print_jobs_ctx(SMBCCTX *context, const char *fname, smbc_list_print_job_fn fn) { - int ret; - SMBCSRV *srv; - SMBCSRV *ipc_srv; + SMBCSRV *srv; fstring server, share, user, password, workgroup; pstring path; - TALLOC_CTX *ctx; - POLICY_HND pol; if (!context || !context->internal || !context->internal->_initialized) { - errno = EINVAL; /* Best I can think of ... */ + errno = EINVAL; return -1; - + } if (!fname) { - + errno = EINVAL; return -1; } - DEBUG(4, ("smbc_setxattr(%s, %s, %.*s)\n", - fname, name, (int) size, (char *) value)); + DEBUG(4, ("smbc_list_print_jobs(%s)\n", fname)); smbc_parse_path(context, fname, server, share, path, user, password); /*FIXME, errors*/ if (user[0] == (char)0) fstrcpy(user, context->user); - + fstrcpy(workgroup, context->workgroup); srv = smbc_server(context, server, share, workgroup, user, password); - if (!srv) { - return -1; /* errno set by smbc_server */ - } - - ipc_srv = smbc_attr_server(context, server, share, - workgroup, user, password); - if (!ipc_srv) { - return -1; - } - - ctx = talloc_init("smbc_setxattr"); - if (!ctx) { - errno = ENOMEM; - return -1; - } - - /* - * Are they asking to set an access control element or to set - * the entire access control list? - */ - if (StrCaseCmp(name, "system.nt_sec_desc.*") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.*+") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 || - StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 || - StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0) { - - /* Yup. */ - char *namevalue = - talloc_asprintf(ctx, "%s:%s", name+19, (char *) value); - if (! namevalue) { - errno = ENOMEM; - ret = -1; - } else { - ret = cacl_set(ctx, &srv->cli, - &ipc_srv->cli, &pol, path, - namevalue, - (*namevalue == '*' - ? SMBC_XATTR_MODE_SET - : SMBC_XATTR_MODE_ADD), - flags); - } - talloc_destroy(ctx); - return ret; - } - - /* - * Are they asking to set the owner? - */ - if (StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0) { - - /* Yup. */ - char *namevalue = - talloc_asprintf(ctx, "%s:%s", name+19, (char *) value); - if (! namevalue) { - errno = ENOMEM; - ret = -1; - } else { - ret = cacl_set(ctx, &srv->cli, - &ipc_srv->cli, &pol, path, - namevalue, SMBC_XATTR_MODE_CHOWN, 0); - } - talloc_destroy(ctx); - return ret; - } - - /* - * Are they asking to set the group? - */ - if (StrCaseCmp(name, "system.nt_sec_desc.group") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.group+") == 0) { - - /* Yup. */ - char *namevalue = - talloc_asprintf(ctx, "%s:%s", name+19, (char *) value); - if (! namevalue) { - errno = ENOMEM; - ret = -1; - } else { - ret = cacl_set(ctx, &srv->cli, - &ipc_srv->cli, &pol, path, - namevalue, SMBC_XATTR_MODE_CHOWN, 0); - } - talloc_destroy(ctx); - return ret; - } - - /* Unsupported attribute name */ - talloc_destroy(ctx); - errno = EINVAL; - return -1; -} - -int smbc_getxattr_ctx(SMBCCTX *context, - const char *fname, - const char *name, - const void *value, - size_t size) -{ - int ret; - SMBCSRV *srv; - SMBCSRV *ipc_srv; - fstring server, share, user, password, workgroup; - pstring path; - TALLOC_CTX *ctx; - POLICY_HND pol; - - if (!context || !context->internal || - !context->internal->_initialized) { - - errno = EINVAL; /* Best I can think of ... */ - return -1; - - } - - if (!fname) { - - errno = EINVAL; - return -1; - - } - - DEBUG(4, ("smbc_getxattr(%s, %s)\n", fname, name)); - - smbc_parse_path(context, fname, server, share, path, user, password); /*FIXME, errors*/ - - if (user[0] == (char)0) fstrcpy(user, context->user); - - fstrcpy(workgroup, context->workgroup); - - srv = smbc_server(context, server, share, workgroup, user, password); - if (!srv) { - return -1; /* errno set by smbc_server */ - } - - ipc_srv = smbc_attr_server(context, server, share, - workgroup, user, password); - if (!ipc_srv) { - return -1; - } - - ctx = talloc_init("smbc:getxattr"); - if (!ctx) { - errno = ENOMEM; - return -1; - } - - /* Are they requesting a supported attribute? */ - if (StrCaseCmp(name, "system.nt_sec_desc.*") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.*+") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.group") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.group+") == 0 || - StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 || - StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0) { - - /* Yup. */ - ret = cacl_get(ctx, &srv->cli, - &ipc_srv->cli, &pol, - (char *) path, (char *) name + 19, - (char *) value, size); - if (ret < 0 && errno == 0) { - errno = smbc_errno(context, &srv->cli); - } - talloc_destroy(ctx); - return ret; - } - - /* Unsupported attribute name */ - talloc_destroy(ctx); - errno = EINVAL; - return -1; -} - - -int smbc_removexattr_ctx(SMBCCTX *context, - const char *fname, - const char *name) -{ - int ret; - SMBCSRV *srv; - SMBCSRV *ipc_srv; - fstring server, share, user, password, workgroup; - pstring path; - TALLOC_CTX *ctx; - POLICY_HND pol; - - if (!context || !context->internal || - !context->internal->_initialized) { - - errno = EINVAL; /* Best I can think of ... */ - return -1; - - } - - if (!fname) { - - errno = EINVAL; - return -1; - - } - - DEBUG(4, ("smbc_removexattr(%s, %s)\n", fname, name)); - - smbc_parse_path(context, fname, server, share, path, user, password); /*FIXME, errors*/ - - if (user[0] == (char)0) fstrcpy(user, context->user); - - fstrcpy(workgroup, context->workgroup); - - srv = smbc_server(context, server, share, workgroup, user, password); - if (!srv) { - return -1; /* errno set by smbc_server */ - } - - ipc_srv = smbc_attr_server(context, server, share, - workgroup, user, password); - if (!ipc_srv) { - return -1; - } - - ipc_srv = smbc_attr_server(context, server, share, - workgroup, user, password); - if (!ipc_srv) { - return -1; - } - - ctx = talloc_init("smbc_removexattr"); - if (!ctx) { - errno = ENOMEM; - return -1; - } - - /* Are they asking to set the entire ACL? */ - if (StrCaseCmp(name, "system.nt_sec_desc.*") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.*+") == 0) { - - /* Yup. */ - ret = cacl_set(ctx, &srv->cli, - &ipc_srv->cli, &pol, path, - NULL, SMBC_XATTR_MODE_REMOVE_ALL, 0); - talloc_destroy(ctx); - return ret; - } - - /* - * Are they asking to remove one or more spceific security descriptor - * attributes? - */ - if (StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.group") == 0 || - StrCaseCmp(name, "system.nt_sec_desc.group+") == 0 || - StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 || - StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0) { - - /* Yup. */ - ret = cacl_set(ctx, &srv->cli, - &ipc_srv->cli, &pol, path, - name + 19, SMBC_XATTR_MODE_REMOVE, 0); - talloc_destroy(ctx); - return ret; - } - - /* Unsupported attribute name */ - talloc_destroy(ctx); - errno = EINVAL; - return -1; -} - -int smbc_listxattr_ctx(SMBCCTX *context, - const char *fname, - char *list, - size_t size) -{ - /* - * This isn't quite what listxattr() is supposed to do. This returns - * the complete set of attributes, always, rather than only those - * attribute names which actually exist for a file. Hmmm... - */ - const char supported[] = - "system.nt_sec_desc.revision\0" - "system.nt_sec_desc.owner\0" - "system.nt_sec_desc.owner+\0" - "system.nt_sec_desc.group\0" - "system.nt_sec_desc.group+\0" - "system.nt_sec_desc.acl\0" - "system.nt_sec_desc.acl+\0" - "system.nt_sec_desc.*\0" - "system.nt_sec_desc.*+\0" - ; - - if (size == 0) { - return sizeof(supported); - } - - if (sizeof(supported) > size) { - errno = ERANGE; - return -1; - } - - /* this can't be strcpy() because there are embedded null characters */ - memcpy(list, supported, sizeof(supported)); - return sizeof(supported); -} - - -/* - * Open a print file to be written to by other calls - */ - -static SMBCFILE *smbc_open_print_job_ctx(SMBCCTX *context, const char *fname) -{ - fstring server, share, user, password; - pstring path; - - if (!context || !context->internal || - !context->internal->_initialized) { - - errno = EINVAL; - return NULL; - - } - - if (!fname) { - - errno = EINVAL; - return NULL; - - } - - DEBUG(4, ("smbc_open_print_job_ctx(%s)\n", fname)); - - smbc_parse_path(context, fname, server, share, path, user, password); /*FIXME, errors*/ - - /* What if the path is empty, or the file exists? */ - - return context->open(context, fname, O_WRONLY, 666); - -} - -/* - * Routine to print a file on a remote server ... - * - * We open the file, which we assume to be on a remote server, and then - * copy it to a print file on the share specified by printq. - */ - -static int smbc_print_file_ctx(SMBCCTX *c_file, const char *fname, SMBCCTX *c_print, const char *printq) -{ - SMBCFILE *fid1, *fid2; - int bytes, saverr, tot_bytes = 0; - char buf[4096]; - - if (!c_file || !c_file->internal->_initialized || !c_print || - !c_print->internal->_initialized) { - - errno = EINVAL; - return -1; - - } - - if (!fname && !printq) { - - errno = EINVAL; - return -1; - - } - - /* Try to open the file for reading ... */ - - if ((int)(fid1 = c_file->open(c_file, fname, O_RDONLY, 0666)) < 0) { - - DEBUG(3, ("Error, fname=%s, errno=%i\n", fname, errno)); - return -1; /* smbc_open sets errno */ - - } - - /* Now, try to open the printer file for writing */ - - if ((int)(fid2 = c_print->open_print_job(c_print, printq)) < 0) { - - saverr = errno; /* Save errno */ - c_file->close(c_file, fid1); - errno = saverr; - return -1; - - } - - while ((bytes = c_file->read(c_file, fid1, buf, sizeof(buf))) > 0) { - - tot_bytes += bytes; - - if ((c_print->write(c_print, fid2, buf, bytes)) < 0) { - - saverr = errno; - c_file->close(c_file, fid1); - c_print->close(c_print, fid2); - errno = saverr; - - } - - } - saverr = errno; - - c_file->close(c_file, fid1); /* We have to close these anyway */ - c_print->close(c_print, fid2); - - if (bytes < 0) { - - errno = saverr; - return -1; - - } - - return tot_bytes; - -} - -/* - * Routine to list print jobs on a printer share ... - */ - -static int smbc_list_print_jobs_ctx(SMBCCTX *context, const char *fname, smbc_list_print_job_fn fn) -{ - SMBCSRV *srv; - fstring server, share, user, password, workgroup; - pstring path; - - if (!context || !context->internal || - !context->internal->_initialized) { - - errno = EINVAL; - return -1; - - } - - if (!fname) { - - errno = EINVAL; - return -1; - - } - - DEBUG(4, ("smbc_list_print_jobs(%s)\n", fname)); - - smbc_parse_path(context, fname, server, share, path, user, password); /*FIXME, errors*/ - - if (user[0] == (char)0) fstrcpy(user, context->user); - - fstrcpy(workgroup, context->workgroup); - - srv = smbc_server(context, server, share, workgroup, user, password); - - if (!srv) { + if (!srv) { - return -1; /* errno set by smbc_server */ + return -1; /* errno set by smbc_server */ - } + } - if (cli_print_queue(&srv->cli, (void (*)(struct print_job_info *))fn) < 0) { + if (cli_print_queue(&srv->cli, (void (*)(struct print_job_info *))fn) < 0) { - errno = smbc_errno(context, &srv->cli); - return -1; + errno = smbc_errno(context, &srv->cli); + return -1; - } - - return 0; + } + + return 0; } @@ -3838,53 +2461,53 @@ static int smbc_list_print_jobs_ctx(SMBCCTX *context, const char *fname, smbc_li static int smbc_unlink_print_job_ctx(SMBCCTX *context, const char *fname, int id) { - SMBCSRV *srv; - fstring server, share, user, password, workgroup; - pstring path; - int err; + SMBCSRV *srv; + fstring server, share, user, password, workgroup; + pstring path; + int err; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->internal || + !context->internal->_initialized) { - errno = EINVAL; - return -1; + errno = EINVAL; + return -1; - } + } - if (!fname) { + if (!fname) { - errno = EINVAL; - return -1; + errno = EINVAL; + return -1; - } + } - DEBUG(4, ("smbc_unlink_print_job(%s)\n", fname)); + DEBUG(4, ("smbc_unlink_print_job(%s)\n", fname)); - smbc_parse_path(context, fname, server, share, path, user, password); /*FIXME, errors*/ + smbc_parse_path(context, fname, server, share, path, user, password); /*FIXME, errors*/ - if (user[0] == (char)0) fstrcpy(user, context->user); + if (user[0] == (char)0) fstrcpy(user, context->user); - fstrcpy(workgroup, context->workgroup); + fstrcpy(workgroup, context->workgroup); - srv = smbc_server(context, server, share, workgroup, user, password); + srv = smbc_server(context, server, share, workgroup, user, password); - if (!srv) { + if (!srv) { - return -1; /* errno set by smbc_server */ + return -1; /* errno set by smbc_server */ - } + } - if ((err = cli_printjob_del(&srv->cli, id)) != 0) { + if ((err = cli_printjob_del(&srv->cli, id)) != 0) { - if (err < 0) - errno = smbc_errno(context, &srv->cli); - else if (err == ERRnosuchprintjob) - errno = EINVAL; - return -1; + if (err < 0) + errno = smbc_errno(context, &srv->cli); + else if (err == ERRnosuchprintjob) + errno = EINVAL; + return -1; - } + } - return 0; + return 0; } @@ -3893,65 +2516,59 @@ static int smbc_unlink_print_job_ctx(SMBCCTX *context, const char *fname, int id */ SMBCCTX * smbc_new_context(void) { - SMBCCTX * context; + SMBCCTX * context; - context = malloc(sizeof(SMBCCTX)); - if (!context) { - errno = ENOMEM; - return NULL; - } + context = malloc(sizeof(SMBCCTX)); + if (!context) { + errno = ENOMEM; + return NULL; + } - ZERO_STRUCTP(context); + ZERO_STRUCTP(context); - context->internal = malloc(sizeof(struct smbc_internal_data)); - if (!context->internal) { - errno = ENOMEM; - return NULL; - } + context->internal = malloc(sizeof(struct smbc_internal_data)); + if (!context->internal) { + errno = ENOMEM; + return NULL; + } - ZERO_STRUCTP(context->internal); - - - /* ADD REASONABLE DEFAULTS */ - context->debug = 0; - context->timeout = 20000; /* 20 seconds */ - - context->open = smbc_open_ctx; - context->creat = smbc_creat_ctx; - context->read = smbc_read_ctx; - context->write = smbc_write_ctx; - context->close = smbc_close_ctx; - context->unlink = smbc_unlink_ctx; - context->rename = smbc_rename_ctx; - context->lseek = smbc_lseek_ctx; - context->stat = smbc_stat_ctx; - context->fstat = smbc_fstat_ctx; - context->opendir = smbc_opendir_ctx; - context->closedir = smbc_closedir_ctx; - context->readdir = smbc_readdir_ctx; - context->getdents = smbc_getdents_ctx; - context->mkdir = smbc_mkdir_ctx; - context->rmdir = smbc_rmdir_ctx; - context->telldir = smbc_telldir_ctx; - context->lseekdir = smbc_lseekdir_ctx; - context->fstatdir = smbc_fstatdir_ctx; - context->chmod = smbc_chmod_ctx; - context->utimes = smbc_utimes_ctx; - context->setxattr = smbc_setxattr_ctx; - context->getxattr = smbc_getxattr_ctx; - context->removexattr = smbc_removexattr_ctx; - context->listxattr = smbc_listxattr_ctx; - context->open_print_job = smbc_open_print_job_ctx; - context->print_file = smbc_print_file_ctx; - context->list_print_jobs = smbc_list_print_jobs_ctx; - context->unlink_print_job = smbc_unlink_print_job_ctx; - - context->callbacks.check_server_fn = smbc_check_server; - context->callbacks.remove_unused_server_fn = smbc_remove_unused_server; - - smbc_default_cache_functions(context); - - return context; + ZERO_STRUCTP(context->internal); + + + /* ADD REASONABLE DEFAULTS */ + context->debug = 0; + context->timeout = 20000; /* 20 seconds */ + + context->open = smbc_open_ctx; + context->creat = smbc_creat_ctx; + context->read = smbc_read_ctx; + context->write = smbc_write_ctx; + context->close = smbc_close_ctx; + context->unlink = smbc_unlink_ctx; + context->rename = smbc_rename_ctx; + context->lseek = smbc_lseek_ctx; + context->stat = smbc_stat_ctx; + context->fstat = smbc_fstat_ctx; + context->opendir = smbc_opendir_ctx; + context->closedir = smbc_closedir_ctx; + context->readdir = smbc_readdir_ctx; + context->getdents = smbc_getdents_ctx; + context->mkdir = smbc_mkdir_ctx; + context->rmdir = smbc_rmdir_ctx; + context->telldir = smbc_telldir_ctx; + context->lseekdir = smbc_lseekdir_ctx; + context->fstatdir = smbc_fstatdir_ctx; + context->open_print_job = smbc_open_print_job_ctx; + context->print_file = smbc_print_file_ctx; + context->list_print_jobs = smbc_list_print_jobs_ctx; + context->unlink_print_job = smbc_unlink_print_job_ctx; + + context->callbacks.check_server_fn = smbc_check_server; + context->callbacks.remove_unused_server_fn = smbc_remove_unused_server; + + smbc_default_cache_functions(context); + + return context; } /* @@ -3963,64 +2580,64 @@ SMBCCTX * smbc_new_context(void) */ int smbc_free_context(SMBCCTX * context, int shutdown_ctx) { - if (!context) { - errno = EBADF; - return 1; - } - - if (shutdown_ctx) { - SMBCFILE * f; - DEBUG(1,("Performing aggressive shutdown.\n")); - - f = context->internal->_files; - while (f) { - context->close(context, f); - f = f->next; - } - context->internal->_files = NULL; - - /* First try to remove the servers the nice way. */ - if (context->callbacks.purge_cached_fn(context)) { - SMBCSRV * s; - DEBUG(1, ("Could not purge all servers, Nice way shutdown failed.\n")); - s = context->internal->_servers; - while (s) { - cli_shutdown(&s->cli); - context->callbacks.remove_cached_srv_fn(context, s); - SAFE_FREE(s); - s = s->next; - } - context->internal->_servers = NULL; - } - } - else { - /* This is the polite way */ - if (context->callbacks.purge_cached_fn(context)) { - DEBUG(1, ("Could not purge all servers, free_context failed.\n")); - errno = EBUSY; - return 1; - } - if (context->internal->_servers) { - DEBUG(1, ("Active servers in context, free_context failed.\n")); - errno = EBUSY; - return 1; - } - if (context->internal->_files) { - DEBUG(1, ("Active files in context, free_context failed.\n")); - errno = EBUSY; - return 1; - } - } + if (!context) { + errno = EBADF; + return 1; + } + + if (shutdown_ctx) { + SMBCFILE * f; + DEBUG(1,("Performing aggressive shutdown.\n")); + + f = context->internal->_files; + while (f) { + context->close(context, f); + f = f->next; + } + context->internal->_files = NULL; + + /* First try to remove the servers the nice way. */ + if (context->callbacks.purge_cached_fn(context)) { + SMBCSRV * s; + DEBUG(1, ("Could not purge all servers, Nice way shutdown failed.\n")); + s = context->internal->_servers; + while (s) { + cli_shutdown(&s->cli); + context->callbacks.remove_cached_srv_fn(context, s); + SAFE_FREE(s); + s = s->next; + } + context->internal->_servers = NULL; + } + } + else { + /* This is the polite way */ + if (context->callbacks.purge_cached_fn(context)) { + DEBUG(1, ("Could not purge all servers, free_context failed.\n")); + errno = EBUSY; + return 1; + } + if (context->internal->_servers) { + DEBUG(1, ("Active servers in context, free_context failed.\n")); + errno = EBUSY; + return 1; + } + if (context->internal->_files) { + DEBUG(1, ("Active files in context, free_context failed.\n")); + errno = EBUSY; + return 1; + } + } - /* Things we have to clean up */ - SAFE_FREE(context->workgroup); - SAFE_FREE(context->netbios_name); - SAFE_FREE(context->user); - - DEBUG(3, ("Context %p succesfully freed\n", context)); - SAFE_FREE(context->internal); - SAFE_FREE(context); - return 0; + /* Things we have to clean up */ + SAFE_FREE(context->workgroup); + SAFE_FREE(context->netbios_name); + SAFE_FREE(context->user); + + DEBUG(3, ("Context %p succesfully freed\n", context)); + SAFE_FREE(context->internal); + SAFE_FREE(context); + return 0; } @@ -4033,128 +2650,128 @@ int smbc_free_context(SMBCCTX * context, int shutdown_ctx) */ SMBCCTX * smbc_init_context(SMBCCTX * context) { - pstring conf; - int pid; - char *user = NULL, *home = NULL; + pstring conf; + int pid; + char *user = NULL, *home = NULL; - if (!context || !context->internal) { - errno = EBADF; - return NULL; - } + if (!context || !context->internal) { + errno = EBADF; + return NULL; + } - /* Do not initialise the same client twice */ - if (context->internal->_initialized) { - return 0; - } + /* Do not initialise the same client twice */ + if (context->internal->_initialized) { + return 0; + } - if (!context->callbacks.auth_fn || context->debug < 0 || context->debug > 100) { + if (!context->callbacks.auth_fn || context->debug < 0 || context->debug > 100) { - errno = EINVAL; - return NULL; + errno = EINVAL; + return NULL; - } + } - if (!smbc_initialized) { - /* Do some library wide intialisations the first time we get called */ + if (!smbc_initialized) { + /* Do some library wide intialisations the first time we get called */ - /* Set this to what the user wants */ - DEBUGLEVEL = context->debug; - - setup_logging( "libsmbclient", True); + /* Set this to what the user wants */ + DEBUGLEVEL = context->debug; + + setup_logging( "libsmbclient", True); - /* Here we would open the smb.conf file if needed ... */ - - home = getenv("HOME"); + /* Here we would open the smb.conf file if needed ... */ + + home = getenv("HOME"); - slprintf(conf, sizeof(conf), "%s/.smb/smb.conf", home); - - load_interfaces(); /* Load the list of interfaces ... */ - - in_client = True; /* FIXME, make a param */ - - if (!lp_load(conf, True, False, False)) { - - /* - * Well, if that failed, try the dyn_CONFIGFILE - * Which points to the standard locn, and if that - * fails, silently ignore it and use the internal - * defaults ... - */ - - if (!lp_load(dyn_CONFIGFILE, True, False, False)) { - DEBUG(5, ("Could not load either config file: %s or %s\n", - conf, dyn_CONFIGFILE)); - } - } - - reopen_logs(); /* Get logging working ... */ - - /* - * Block SIGPIPE (from lib/util_sock.c: write()) - * It is not needed and should not stop execution - */ - BlockSignals(True, SIGPIPE); - - /* Done with one-time initialisation */ - smbc_initialized = 1; + slprintf(conf, sizeof(conf), "%s/.smb/smb.conf", home); + + load_interfaces(); /* Load the list of interfaces ... */ + + in_client = True; /* FIXME, make a param */ - } - - if (!context->user) { - /* - * FIXME: Is this the best way to get the user info? - */ - user = getenv("USER"); - /* walk around as "guest" if no username can be found */ - if (!user) context->user = strdup("guest"); - else context->user = strdup(user); - } + if (!lp_load(conf, True, False, False)) { - if (!context->netbios_name) { - /* - * We try to get our netbios name from the config. If that fails we fall - * back on constructing our netbios name from our hostname etc - */ - if (global_myname()) { - context->netbios_name = strdup(global_myname()); - } - else { - /* - * Hmmm, I want to get hostname as well, but I am too lazy for the moment - */ - pid = sys_getpid(); - context->netbios_name = malloc(17); - if (!context->netbios_name) { - errno = ENOMEM; - return NULL; - } - slprintf(context->netbios_name, 16, "smbc%s%d", context->user, pid); - } - } + /* + * Well, if that failed, try the dyn_CONFIGFILE + * Which points to the standard locn, and if that + * fails, silently ignore it and use the internal + * defaults ... + */ + + if (!lp_load(dyn_CONFIGFILE, True, False, False)) { + DEBUG(5, ("Could not load either config file: %s or %s\n", + conf, dyn_CONFIGFILE)); + } + } - DEBUG(1, ("Using netbios name %s.\n", context->netbios_name)); + reopen_logs(); /* Get logging working ... */ + + /* + * Block SIGPIPE (from lib/util_sock.c: write()) + * It is not needed and should not stop execution + */ + BlockSignals(True, SIGPIPE); + + /* Done with one-time initialisation */ + smbc_initialized = 1; - if (!context->workgroup) { - if (lp_workgroup()) { - context->workgroup = strdup(lp_workgroup()); - } - else { - /* TODO: Think about a decent default workgroup */ - context->workgroup = strdup("samba"); - } - } + } + + if (!context->user) { + /* + * FIXME: Is this the best way to get the user info? + */ + user = getenv("USER"); + /* walk around as "guest" if no username can be found */ + if (!user) context->user = strdup("guest"); + else context->user = strdup(user); + } - DEBUG(1, ("Using workgroup %s.\n", context->workgroup)); - - /* shortest timeout is 1 second */ - if (context->timeout > 0 && context->timeout < 1000) - context->timeout = 1000; + if (!context->netbios_name) { + /* + * We try to get our netbios name from the config. If that fails we fall + * back on constructing our netbios name from our hostname etc + */ + if (global_myname()) { + context->netbios_name = strdup(global_myname()); + } + else { + /* + * Hmmm, I want to get hostname as well, but I am too lazy for the moment + */ + pid = sys_getpid(); + context->netbios_name = malloc(17); + if (!context->netbios_name) { + errno = ENOMEM; + return NULL; + } + slprintf(context->netbios_name, 16, "smbc%s%d", context->user, pid); + } + } + + DEBUG(1, ("Using netbios name %s.\n", context->netbios_name)); + + if (!context->workgroup) { + if (lp_workgroup()) { + context->workgroup = strdup(lp_workgroup()); + } + else { + /* TODO: Think about a decent default workgroup */ + context->workgroup = strdup("samba"); + } + } - /* - * FIXME: Should we check the function pointers here? - */ + DEBUG(1, ("Using workgroup %s.\n", context->workgroup)); + + /* shortest timeout is 1 second */ + if (context->timeout > 0 && context->timeout < 1000) + context->timeout = 1000; - context->internal->_initialized = 1; - - return context; + /* + * FIXME: Should we check the function pointers here? + */ + + context->internal->_initialized = 1; + + return context; } diff --git a/source3/modules/developer.c b/source3/modules/developer.c deleted file mode 100644 index 7ffc3ff50d..0000000000 --- a/source3/modules/developer.c +++ /dev/null @@ -1,132 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Samba module with developer tools - Copyright (C) Andrew Tridgell 2001 - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -static struct { - char from; - char *to; - int len; -} weird_table[] = { - {'q', "^q^", 3}, - {'Q', "^Q^", 3}, - {0, NULL} -}; - -static size_t weird_pull(void *cd, char **inbuf, size_t *inbytesleft, - char **outbuf, size_t *outbytesleft) -{ - while (*inbytesleft >= 1 && *outbytesleft >= 2) { - int i; - int done = 0; - for (i=0;weird_table[i].from;i++) { - if (strncmp((*inbuf), - weird_table[i].to, - weird_table[i].len) == 0) { - if (*inbytesleft < weird_table[i].len) { - DEBUG(0,("ERROR: truncated weird string\n")); - /* smb_panic("weird_pull"); */ - - } else { - (*outbuf)[0] = weird_table[i].from; - (*outbuf)[1] = 0; - (*inbytesleft) -= weird_table[i].len; - (*outbytesleft) -= 2; - (*inbuf) += weird_table[i].len; - (*outbuf) += 2; - done = 1; - break; - } - } - } - if (done) continue; - (*outbuf)[0] = (*inbuf)[0]; - (*outbuf)[1] = 0; - (*inbytesleft) -= 1; - (*outbytesleft) -= 2; - (*inbuf) += 1; - (*outbuf) += 2; - } - - if (*inbytesleft > 0) { - errno = E2BIG; - return -1; - } - - return 0; -} - -static size_t weird_push(void *cd, char **inbuf, size_t *inbytesleft, - char **outbuf, size_t *outbytesleft) -{ - int ir_count=0; - - while (*inbytesleft >= 2 && *outbytesleft >= 1) { - int i; - int done=0; - for (i=0;weird_table[i].from;i++) { - if ((*inbuf)[0] == weird_table[i].from && - (*inbuf)[1] == 0) { - if (*outbytesleft < weird_table[i].len) { - DEBUG(0,("No room for weird character\n")); - /* smb_panic("weird_push"); */ - } else { - memcpy(*outbuf, weird_table[i].to, - weird_table[i].len); - (*inbytesleft) -= 2; - (*outbytesleft) -= weird_table[i].len; - (*inbuf) += 2; - (*outbuf) += weird_table[i].len; - done = 1; - break; - } - } - } - if (done) continue; - - (*outbuf)[0] = (*inbuf)[0]; - if ((*inbuf)[1]) ir_count++; - (*inbytesleft) -= 2; - (*outbytesleft) -= 1; - (*inbuf) += 2; - (*outbuf) += 1; - } - - if (*inbytesleft == 1) { - errno = EINVAL; - return -1; - } - - if (*inbytesleft > 1) { - errno = E2BIG; - return -1; - } - - return ir_count; -} - -struct charset_functions weird_functions = {"WEIRD", weird_pull, weird_push}; - -int charset_weird_init(void) -{ - smb_register_charset(&weird_functions); - return True; -} diff --git a/source3/nsswitch/winbindd_passdb.c b/source3/nsswitch/winbindd_passdb.c deleted file mode 100644 index 503b97899c..0000000000 --- a/source3/nsswitch/winbindd_passdb.c +++ /dev/null @@ -1,360 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind rpc backend functions - - Copyright (C) Tim Potter 2000-2001,2003 - Copyright (C) Simo Sorce 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "winbindd.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_WINBIND - - -/* Query display info for a domain. This returns enough information plus a - bit extra to give an overview of domain users for the User Manager - application. */ -static NTSTATUS query_user_list(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - uint32 *num_entries, - WINBIND_USERINFO **info) -{ - SAM_ACCOUNT *sam_account = NULL; - NTSTATUS result; - uint32 i; - - DEBUG(3,("pdb: query_user_list\n")); - - if (NT_STATUS_IS_ERR(result = pdb_init_sam(&sam_account))) { - return result; - } - - i = 0; - *info = NULL; - - if (pdb_setsampwent(False)) { - - while (pdb_getsampwent(sam_account)) { - - /* we return only nua accounts, or we will have duplicates */ - if (!idmap_check_sid_is_in_free_range(pdb_get_user_sid(sam_account))) { - continue; - } - - *info = talloc_realloc(mem_ctx, *info, (i + 1) * sizeof(WINBIND_USERINFO)); - if (!(*info)) { - DEBUG(0,("query_user_list: out of memory!\n")); - result = NT_STATUS_NO_MEMORY; - break; - } - - (*info)[i].user_sid = talloc(mem_ctx, sizeof(DOM_SID)); - (*info)[i].group_sid = talloc(mem_ctx, sizeof(DOM_SID)); - if (!((*info)[i].user_sid) || !((*info)[i].group_sid)) { - DEBUG(0,("query_user_list: out of memory!\n")); - result = NT_STATUS_NO_MEMORY; - break; - } - sid_copy((*info)[i].user_sid, pdb_get_user_sid(sam_account)); - sid_copy((*info)[i].group_sid, pdb_get_group_sid(sam_account)); - - (*info)[i].acct_name = talloc_strdup(mem_ctx, pdb_get_username(sam_account)); - (*info)[i].full_name = talloc_strdup(mem_ctx, pdb_get_fullname(sam_account)); - if (!((*info)[i].acct_name) || !((*info)[i].full_name)) { - DEBUG(0,("query_user_list: out of memory!\n")); - result = NT_STATUS_NO_MEMORY; - break; - } - - i++; - - if (NT_STATUS_IS_ERR(pdb_reset_sam(sam_account))) { - result = NT_STATUS_UNSUCCESSFUL; - break; - } - } - - *num_entries = i; - result = NT_STATUS_OK; - - } else { - result = NT_STATUS_UNSUCCESSFUL; - } - - pdb_free_sam(&sam_account); - return result; -} - -/* list all domain groups */ -static NTSTATUS enum_dom_groups(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - uint32 *num_entries, - struct acct_info **info) -{ - NTSTATUS result = NT_STATUS_OK; - - DEBUG(3,("pdb: enum_dom_groups (group support not implemented)\n")); - - *num_entries = 0; - *info = 0; - - return result; -} - -/* List all domain groups */ - -static NTSTATUS enum_local_groups(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - uint32 *num_entries, - struct acct_info **info) -{ - NTSTATUS result = NT_STATUS_OK; - - DEBUG(3,("pdb: enum_local_groups (group support not implemented)\n")); - - *num_entries = 0; - *info = 0; - - return result; -} - -/* convert a single name to a sid in a domain */ -static NTSTATUS name_to_sid(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - const char *name, - DOM_SID *sid, - enum SID_NAME_USE *type) -{ - SAM_ACCOUNT *sam_account = NULL; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(3,("pdb: name_to_sid name=%s (group support not implemented)\n", name)); - - if (NT_STATUS_IS_OK(pdb_init_sam(&sam_account))) { - if (!pdb_getsampwnam(sam_account, name)) { - result = NT_STATUS_UNSUCCESSFUL; - } else { /* it is a sam user */ - sid_copy(sid, pdb_get_user_sid(sam_account)); - *type = SID_NAME_USER; - result = NT_STATUS_OK; - } - } - - pdb_free_sam(&sam_account); - return result; -} - -/* - convert a domain SID to a user or group name -*/ -static NTSTATUS sid_to_name(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - DOM_SID *sid, - char **name, - enum SID_NAME_USE *type) -{ - SAM_ACCOUNT *sam_account = NULL; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 id; - - DEBUG(3,("pdb: sid_to_name sid=%s\n", sid_string_static(sid))); - - if (NT_STATUS_IS_OK(sid_to_uid(sid, &id))) { /* this is a user */ - - if (NT_STATUS_IS_ERR(result = pdb_init_sam(&sam_account))) { - return result; - } - - if (!pdb_getsampwsid(sam_account, sid)) { - pdb_free_sam(&sam_account); - return NT_STATUS_UNSUCCESSFUL; - } - - *name = talloc_strdup(mem_ctx, pdb_get_username(sam_account)); - if (!(*name)) { - DEBUG(0,("query_user: out of memory!\n")); - pdb_free_sam(&sam_account); - return NT_STATUS_NO_MEMORY; - } - - pdb_free_sam(&sam_account); - *type = SID_NAME_USER; - result = NT_STATUS_OK; - - } else if (NT_STATUS_IS_OK(sid_to_gid(sid, &id))) { /* this is a group */ - - DEBUG(3,("pdb: sid_to_name: group support not implemented\n")); - result = NT_STATUS_UNSUCCESSFUL; - } - - return result; -} - -/* Lookup user information from a rid or username. */ -static NTSTATUS query_user(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - DOM_SID *user_sid, - WINBIND_USERINFO *user_info) -{ - SAM_ACCOUNT *sam_account = NULL; - NTSTATUS result; - - DEBUG(3,("pdb: query_user sid=%s\n", sid_string_static(user_sid))); - - if (NT_STATUS_IS_ERR(result = pdb_init_sam(&sam_account))) { - return result; - } - - if (!pdb_getsampwsid(sam_account, user_sid)) { - pdb_free_sam(&sam_account); - return NT_STATUS_UNSUCCESSFUL; - } - - /* we return only nua accounts, or we will have duplicates */ - if (!idmap_check_sid_is_in_free_range(user_sid)) { - pdb_free_sam(&sam_account); - return NT_STATUS_UNSUCCESSFUL; - } - - user_info->user_sid = talloc(mem_ctx, sizeof(DOM_SID)); - user_info->group_sid = talloc(mem_ctx, sizeof(DOM_SID)); - if (!(user_info->user_sid) || !(user_info->group_sid)) { - DEBUG(0,("query_user: out of memory!\n")); - pdb_free_sam(&sam_account); - return NT_STATUS_NO_MEMORY; - } - sid_copy(user_info->user_sid, pdb_get_user_sid(sam_account)); - sid_copy(user_info->group_sid, pdb_get_group_sid(sam_account)); - - user_info->acct_name = talloc_strdup(mem_ctx, pdb_get_username(sam_account)); - user_info->full_name = talloc_strdup(mem_ctx, pdb_get_fullname(sam_account)); - if (!(user_info->acct_name) || !(user_info->full_name)) { - DEBUG(0,("query_user: out of memory!\n")); - pdb_free_sam(&sam_account); - return NT_STATUS_NO_MEMORY; - } - - pdb_free_sam(&sam_account); - return NT_STATUS_OK; -} - -/* Lookup groups a user is a member of. I wish Unix had a call like this! */ -static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - DOM_SID *user_sid, - uint32 *num_groups, DOM_SID ***user_gids) -{ - NTSTATUS result = NT_STATUS_OK; - - DEBUG(3,("pdb: lookup_usergroups (group support not implemented)\n")); - - num_groups = 0; - user_gids = 0; - - return result; -} - - -/* Lookup group membership given a rid. */ -static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - DOM_SID *group_sid, uint32 *num_names, - DOM_SID ***sid_mem, char ***names, - uint32 **name_types) -{ - NTSTATUS result = NT_STATUS_NOT_IMPLEMENTED; - - DEBUG(3,("pdb: lookup_groupmem (group support not implemented)\n")); - - num_names = 0; - sid_mem = 0; - names = 0; - name_types = 0; - - return result; -} - -/* find the sequence number for a domain */ -static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq) -{ - /* FIXME: we fake up the seq_num untill our passdb support it */ - static uint32 seq_num; - - DEBUG(3,("pdb: sequence_number\n")); - - *seq = seq_num++; - - return NT_STATUS_OK; -} - -/* get a list of trusted domains */ -static NTSTATUS trusted_domains(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - uint32 *num_domains, - char ***names, - char ***alt_names, - DOM_SID **dom_sids) -{ - NTSTATUS result = NT_STATUS_NOT_IMPLEMENTED; - - DEBUG(3,("pdb: trusted_domains (todo!)\n")); - - return result; -} - -/* find the domain sid for a domain */ -static NTSTATUS domain_sid(struct winbindd_domain *domain, DOM_SID *sid) -{ - DEBUG(3,("pdb: domain_sid\n")); - - if (strcmp(domain->name, lp_workgroup())) { - return NT_STATUS_INVALID_PARAMETER; - } else { - sid_copy(sid, get_global_sam_sid()); - return NT_STATUS_OK; - } -} - -/* find alternate names list for the domain - * should we look for netbios aliases?? - SSS */ -static NTSTATUS alternate_name(struct winbindd_domain *domain) -{ - DEBUG(3,("pdb: alternate_name\n")); - - return NT_STATUS_OK; -} - - -/* the rpc backend methods are exposed via this structure */ -struct winbindd_methods passdb_methods = { - False, - query_user_list, - enum_dom_groups, - enum_local_groups, - name_to_sid, - sid_to_name, - query_user, - lookup_usergroups, - lookup_groupmem, - sequence_number, - trusted_domains, - domain_sid, - alternate_name -}; diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index bedb57670d..55ab4ee3a0 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -122,7 +122,6 @@ typedef struct char *szSMBPasswdFile; char *szPrivateDir; char **szPassdbBackend; - char *szGumsBackend; char **szPreloadModules; char *szPasswordServer; char *szSocketOptions; @@ -792,7 +791,6 @@ static struct parm_struct parm_table[] = { {"smb passwd file", P_STRING, P_GLOBAL, &Globals.szSMBPasswdFile, NULL, NULL, FLAG_ADVANCED}, {"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, FLAG_ADVANCED}, {"passdb backend", P_LIST, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD}, - {"gums backend", P_STRING, P_GLOBAL, &Globals.szGumsBackend, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD}, {"algorithmic rid base", P_INTEGER, P_GLOBAL, &Globals.AlgorithmicRidBase, NULL, NULL, FLAG_ADVANCED}, {"root directory", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_ADVANCED}, {"root dir", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_HIDE}, @@ -1455,7 +1453,6 @@ static void init_globals(void) #else Globals.szPassdbBackend = str_list_make("smbpasswd", NULL); #endif /* WITH_LDAP_SAMCONFIG */ - string_set(&Globals.szGumsBackend, "tdbsam2"); string_set(&Globals.szLdapSuffix, ""); string_set(&Globals.szLdapFilter, "(uid=%u)"); @@ -1654,7 +1651,6 @@ FN_GLOBAL_STRING(lp_nis_home_map_name, &Globals.szNISHomeMapName) static FN_GLOBAL_STRING(lp_announce_version, &Globals.szAnnounceVersion) FN_GLOBAL_LIST(lp_netbios_aliases, &Globals.szNetbiosAliases) FN_GLOBAL_LIST(lp_passdb_backend, &Globals.szPassdbBackend) -FN_GLOBAL_STRING(lp_gums_backend, &Globals.szGumsBackend) FN_GLOBAL_LIST(lp_preload_modules, &Globals.szPreloadModules) FN_GLOBAL_STRING(lp_panic_action, &Globals.szPanicAction) FN_GLOBAL_STRING(lp_adduser_script, &Globals.szAddUserScript) diff --git a/source3/passdb/pdb_guest.c b/source3/passdb/pdb_guest.c index 3cd6efb38a..fa29657edc 100644 --- a/source3/passdb/pdb_guest.c +++ b/source3/passdb/pdb_guest.c @@ -141,21 +141,6 @@ NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, c (*pdb_method)->delete_group_mapping_entry = pdb_nop_delete_group_mapping_entry; (*pdb_method)->enum_group_mapping = pdb_nop_enum_group_mapping; - /* we do not handle groups in guest backend */ -/* FIXME - (*pdb_method)->get_group_info_by_sid = pdb_nop_get_group_info_by_sid; - (*pdb_method)->get_group_list = pdb_nop_get_group_list; - (*pdb_method)->get_group_sids = pdb_nop_get_group_sids; - (*pdb_method)->add_group = pdb_nop_add_group; - (*pdb_method)->update_group = pdb_nop_update_group; - (*pdb_method)->delete_group = pdb_nop_delete_group; - (*pdb_method)->add_sid_to_group = pdb_nop_add_sid_to_group; - (*pdb_method)->remove_sid_from_group = pdb_nop_remove_sid_from_group; - (*pdb_method)->get_group_info_by_name = pdb_nop_get_group_info_by_name; - (*pdb_method)->get_group_info_by_nt_name = pdb_nop_get_group_info_by_nt_name; - (*pdb_method)->get_group_uids = pdb_nop_get_group_uids; -*/ - /* There's not very much to initialise here */ return NT_STATUS_OK; diff --git a/source3/passdb/pdb_gums.c b/source3/passdb/pdb_gums.c deleted file mode 100644 index caf98e648a..0000000000 --- a/source3/passdb/pdb_gums.c +++ /dev/null @@ -1,464 +0,0 @@ -/* - * 'Guest' password backend for samba - * Copyright (C) Jelmer Vernooij 2002 - * Copyright (C) Andrew Bartlett 2003 - * - * This program is free software; you can redistribute it and/or modify it under - * the terms of the GNU General Public License as published by the Free - * Software Foundation; either version 2 of the License, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along with - * this program; if not, write to the Free Software Foundation, Inc., 675 - * Mass Ave, Cambridge, MA 02139, USA. - */ - -#include "includes.h" - -#define SET_OR_FAIL(func, label) do { if (!NT_STATUS_IS_OK(func)) { DEBUG(0, ("%s: Setting gums object data failed!\n", FUNCTION_MACRO)); goto label; } } while(0) -#define BOOL_SET_OR_FAIL(func, label) do { if (!func) { DEBUG(0, ("%s: Setting sam object data failed!\n", FUNCTION_MACRO)); goto label; } } while(0) - -struct gums_gw_data { - GUMS_FUNCTIONS *fns; - void *handle; -}; - -static NTSTATUS gums_object_to_sam_account(SAM_ACCOUNT *sa, GUMS_OBJECT *go) -{ - NTSTATUS ret; - NTTIME nt_time; - DATA_BLOB pwd; - - if (!go || !sa) - return NT_STATUS_INVALID_PARAMETER; -/* - if (!NT_STATUS_IS_OK(ret = pdb_init_sam(sa))) { - DEBUG(0, ("gums_object_to_sam_account: error occurred while creating sam_account object!\n")); - goto error; - } -*/ - if (gums_get_object_type(go) != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - BOOL_SET_OR_FAIL(pdb_set_acct_ctrl(sa, gums_get_user_acct_ctrl(go), PDB_SET), error); - - /* domain */ - /* unix_homedir ? */ - - nt_time = gums_get_user_logon_time(go); - BOOL_SET_OR_FAIL(pdb_set_logon_time(sa, nt_time_to_unix(&nt_time), PDB_SET), error); - nt_time = gums_get_user_logoff_time(go); - BOOL_SET_OR_FAIL(pdb_set_logoff_time(sa, nt_time_to_unix(&nt_time), PDB_SET), error); - nt_time = gums_get_user_kickoff_time(go); - BOOL_SET_OR_FAIL(pdb_set_kickoff_time(sa, nt_time_to_unix(&nt_time), PDB_SET), error); - nt_time = gums_get_user_pass_last_set_time(go); - BOOL_SET_OR_FAIL(pdb_set_pass_last_set_time(sa, nt_time_to_unix(&nt_time), PDB_SET), error); - nt_time = gums_get_user_pass_can_change_time(go); - BOOL_SET_OR_FAIL(pdb_set_pass_can_change_time(sa, nt_time_to_unix(&nt_time), PDB_SET), error); - nt_time = gums_get_user_pass_must_change_time(go); - BOOL_SET_OR_FAIL(pdb_set_pass_must_change_time(sa, nt_time_to_unix(&nt_time), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_hours_len(sa, gums_get_user_hours_len(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_logon_divs(sa, gums_get_user_logon_divs(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_user_sid(sa, gums_get_object_sid(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_group_sid(sa, gums_get_user_pri_group(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_username(sa, gums_get_object_name(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_nt_username(sa, gums_get_object_name(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_fullname(sa, gums_get_user_fullname(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_logon_script(sa, gums_get_user_logon_script(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_profile_path(sa, gums_get_user_profile_path(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_dir_drive(sa, gums_get_user_dir_drive(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_homedir(sa, gums_get_user_homedir(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_acct_desc(sa, gums_get_object_description(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_workstations(sa, gums_get_user_workstations(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_unknown_str(sa, gums_get_user_unknown_str(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_munged_dial(sa, gums_get_user_munged_dial(go), PDB_SET), error); - - pwd = gums_get_user_nt_pwd(go); - if (!pdb_set_nt_passwd(sa, pwd.data, PDB_SET)) { - DEBUG(5, ("gums_object_to_sam_account: unable to set nt password")); - data_blob_clear_free(&pwd); - ret = NT_STATUS_UNSUCCESSFUL; - goto error; - } - data_blob_clear_free(&pwd); - pwd = gums_get_user_lm_pwd(go); - if (!pdb_set_lanman_passwd(sa, pwd.data, PDB_SET)) { - DEBUG(5, ("gums_object_to_sam_account: unable to set lanman password")); - data_blob_clear_free(&pwd); - ret = NT_STATUS_UNSUCCESSFUL; - goto error; - } - data_blob_clear_free(&pwd); - - BOOL_SET_OR_FAIL(pdb_set_unknown_3(sa, gums_get_user_unknown_3(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_bad_password_count(sa, gums_get_user_bad_password_count(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_unknown_6(sa, gums_get_user_unknown_6(go), PDB_SET), error); - BOOL_SET_OR_FAIL(pdb_set_hours(sa, gums_get_user_hours(go), PDB_SET), error); - - return NT_STATUS_OK; - -error: - if (sa && (sa->free_fn)) { - sa->free_fn(&sa); - } - - return ret; -} - -static NTSTATUS sam_account_to_gums_object(GUMS_OBJECT *go, SAM_ACCOUNT *sa) -{ - NTSTATUS ret; - NTTIME nt_time; - DATA_BLOB pwd; - - if (!go || !sa) - return NT_STATUS_INVALID_PARAMETER; - -/* - ret = gums_create_object(go, GUMS_OBJ_NORMAL_USER); - if (!NT_STATUS_IS_OK(ret)) { - DEBUG(0, ("sam_account_to_gums_object: error occurred while creating gums object!\n")); - goto error; - } -*/ - - /* sec_desc */ - - SET_OR_FAIL(gums_set_object_name(go, pdb_get_username(sa)), error); - - SET_OR_FAIL(gums_set_object_sid(go, pdb_get_user_sid(sa)), error); - SET_OR_FAIL(gums_set_user_pri_group(go, pdb_get_group_sid(sa)), error); - - if (pdb_get_acct_desc(sa)) - SET_OR_FAIL(gums_set_object_description(go, pdb_get_acct_desc(sa)), error); - if (pdb_get_fullname(sa)) - SET_OR_FAIL(gums_set_user_fullname(go, pdb_get_fullname(sa)), error); - if (pdb_get_homedir(sa)) - SET_OR_FAIL(gums_set_user_homedir(go, pdb_get_homedir(sa)), error); - if (pdb_get_dir_drive(sa)) - SET_OR_FAIL(gums_set_user_dir_drive(go, pdb_get_dir_drive(sa)), error); - if (pdb_get_logon_script(sa)) - SET_OR_FAIL(gums_set_user_logon_script(go, pdb_get_logon_script(sa)), error); - if (pdb_get_profile_path(sa)) - SET_OR_FAIL(gums_set_user_profile_path(go, pdb_get_profile_path(sa)), error); - if (pdb_get_workstations(sa)) - SET_OR_FAIL(gums_set_user_workstations(go, pdb_get_workstations(sa)), error); - if (pdb_get_unknown_str(sa)) - SET_OR_FAIL(gums_set_user_unknown_str(go, pdb_get_unknown_str(sa)), error); - if (pdb_get_munged_dial(sa)) - SET_OR_FAIL(gums_set_user_munged_dial(go, pdb_get_munged_dial(sa)), error); - SET_OR_FAIL(gums_set_user_logon_divs(go, pdb_get_logon_divs(sa)), error); - if (pdb_get_hours(sa)) - SET_OR_FAIL(gums_set_user_hours(go, pdb_get_hours_len(sa), pdb_get_hours(sa)), error); - SET_OR_FAIL(gums_set_user_unknown_3(go, pdb_get_unknown_3(sa)), error); - SET_OR_FAIL(gums_set_user_bad_password_count(go, pdb_get_bad_password_count(sa)), error); - SET_OR_FAIL(gums_set_user_unknown_6(go, pdb_get_unknown_6(sa)), error); - - unix_to_nt_time(&nt_time, pdb_get_logon_time(sa)); - SET_OR_FAIL(gums_set_user_logon_time(go, nt_time), error); - unix_to_nt_time(&nt_time, pdb_get_logoff_time(sa)); - SET_OR_FAIL(gums_set_user_logoff_time(go, nt_time), error); - unix_to_nt_time(&nt_time, pdb_get_kickoff_time(sa)); - SET_OR_FAIL(gums_set_user_kickoff_time(go, nt_time), error); - unix_to_nt_time(&nt_time, pdb_get_pass_last_set_time(sa)); - SET_OR_FAIL(gums_set_user_pass_last_set_time(go, nt_time), error); - unix_to_nt_time(&nt_time, pdb_get_pass_can_change_time(sa)); - SET_OR_FAIL(gums_set_user_pass_can_change_time(go, nt_time), error); - unix_to_nt_time(&nt_time, pdb_get_pass_must_change_time(sa)); - SET_OR_FAIL(gums_set_user_pass_must_change_time(go, nt_time), error); - - pwd = data_blob(pdb_get_nt_passwd(sa), NT_HASH_LEN); - ret = gums_set_user_nt_pwd(go, pwd); - data_blob_clear_free(&pwd); - if (!NT_STATUS_IS_OK(ret)) { - DEBUG(5, ("sam_account_to_gums_object: failed to set nt password!\n")); - goto error; - } - pwd = data_blob(pdb_get_lanman_passwd(sa), LM_HASH_LEN); - ret = gums_set_user_lm_pwd(go, pwd); - data_blob_clear_free(&pwd); - if (!NT_STATUS_IS_OK(ret)) { - DEBUG(5, ("sam_account_to_gums_object: failed to set lanman password!\n")); - goto error; - } - - SET_OR_FAIL(gums_set_user_acct_ctrl(go, pdb_get_acct_ctrl(sa)), error); - - return NT_STATUS_OK; - -error: - gums_reset_object(go); - return ret; -} - -static NTSTATUS gums_setsampwent(struct pdb_methods *methods, BOOL update) -{ - struct gums_gw_data *ggwd = (struct gums_gw_data *)(methods->private_data); - - return ggwd->fns->enumerate_objects_start(&(ggwd->handle), NULL, GUMS_OBJ_NORMAL_USER); -} - -static NTSTATUS gums_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT *account) -{ - NTSTATUS ret; - GUMS_OBJECT *go; - struct gums_gw_data *ggwd = (struct gums_gw_data *)(methods->private_data); - - if (!NT_STATUS_IS_OK(ret = ggwd->fns->enumerate_objects_get_next(&go, ggwd->handle))) { - return ret; - } - - ret = gums_object_to_sam_account(account, go); - - gums_destroy_object(&go); - return ret; -} - -static void gums_endsampwent(struct pdb_methods *methods) -{ - struct gums_gw_data *ggwd = (struct gums_gw_data *)(methods->private_data); - - ggwd->fns->enumerate_objects_stop(ggwd->handle); -} - -/****************************************************************** - Lookup a name in the SAM database - ******************************************************************/ - -static NTSTATUS gums_getsampwnam (struct pdb_methods *methods, SAM_ACCOUNT *account, const char *name) -{ - NTSTATUS ret; - GUMS_OBJECT *go; - struct gums_gw_data *ggwd = (struct gums_gw_data *)(methods->private_data); - - if (!account || !name) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = ggwd->fns->get_object_from_name(&go, name, GUMS_OBJ_NORMAL_USER))) { - DEBUG(10, ("gums_getsampwnam: unable to find account with name %s", name)); - return ret; - } - - ret = gums_object_to_sam_account(account, go); - - gums_destroy_object(&go); - return ret; -} - -/*************************************************************************** - Search by SID - **************************************************************************/ - -static NTSTATUS gums_getsampwsid(struct pdb_methods *methods, SAM_ACCOUNT *account, const DOM_SID *sid) -{ - NTSTATUS ret; - GUMS_OBJECT *go; - struct gums_gw_data *ggwd = (struct gums_gw_data *)(methods->private_data); - - if (!account || !sid) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = ggwd->fns->get_object_from_sid(&go, sid, GUMS_OBJ_NORMAL_USER))) { - DEBUG(10, ("gums_getsampwsid: unable to find account with sid %s", sid_string_static(sid))); - return ret; - } - - ret = gums_object_to_sam_account(account, go); - - gums_destroy_object(&go); - return ret; -} - -/*************************************************************************** - Search by rid - **************************************************************************/ - -static NTSTATUS gums_getsampwrid (struct pdb_methods *methods, - SAM_ACCOUNT *account, uint32 rid) -{ - DOM_SID sid; - - sid_copy(&sid, get_global_sam_sid()); - sid_append_rid(&sid, rid); - gums_getsampwsid(methods, account, &sid); - - return NT_STATUS_OK; -} - - -/*************************************************************************** - Updates a SAM_ACCOUNT - - This isn't a particulary practical option for pdb_guest. We certainly don't - want to twidde the filesystem, so what should we do? - - Current plan is to transparently add the account. It should appear - as if the pdb_guest version was modified, but its actually stored somehwere. - ****************************************************************************/ - -static NTSTATUS gums_add_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *account) -{ - NTSTATUS ret; - GUMS_OBJECT *go; - struct gums_gw_data *ggwd = (struct gums_gw_data *)(methods->private_data); - - if (!account) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = gums_create_object(&go, GUMS_OBJ_NORMAL_USER))) { - DEBUG(0, ("gums_add_sam_account: error occurred while creating gums object!\n")); - return ret; - } - - if (!NT_STATUS_IS_OK(ret = sam_account_to_gums_object(go, account))) { - DEBUG(0, ("gums_add_sam_account: error occurred while converting object!\n")); - goto done; - } - - if (!NT_STATUS_IS_OK(ret = ggwd->fns->set_object(go))) { - DEBUG(0, ("gums_add_sam_account: unable to store account!\n")); - goto done; - } - -done: - gums_destroy_object(&go); - return ret; -} - -static NTSTATUS gums_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *account) -{ - NTSTATUS ret; - GUMS_OBJECT *go; - struct gums_gw_data *ggwd = (struct gums_gw_data *)(methods->private_data); - - if (!account) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = ggwd->fns->get_object_from_sid(&go, pdb_get_user_sid(account), GUMS_OBJ_NORMAL_USER))) { - DEBUG(0, ("gums_update_sam_account: update on invalid account!\n")); - return ret; - } - - if (!NT_STATUS_IS_OK(ret = sam_account_to_gums_object(go, account))) { - DEBUG(0, ("gums_update_sam_account: error occurred while converting object!\n")); - goto done; - } - - if (!NT_STATUS_IS_OK(ret = ggwd->fns->set_object(go))) { - DEBUG(0, ("gums_update_sam_account: unable to store account!\n")); - goto done; - } - -done: - gums_destroy_object(&go); - return ret; -} - -static NTSTATUS gums_delete_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *account) -{ - NTSTATUS ret; - struct gums_gw_data *ggwd = (struct gums_gw_data *)(methods->private_data); - - if (!account) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = ggwd->fns->delete_object(pdb_get_user_sid(account)))) { - DEBUG(0, ("gums_add_sam_account: unable to store account!\n")); - } - - return ret; -} - - -static void free_gw_private_data(void **vp) -{ - struct gums_gw_data *ggwd = (struct gums_gw_data *)vp; - ggwd->fns->free_private_data(&(ggwd->fns->private_data)); - ggwd->fns = NULL; - ggwd->handle = NULL; - SAFE_FREE(vp); -} - -NTSTATUS pdb_init_gums_gateway(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) -{ - NTSTATUS ret; - struct gums_gw_data *ggwd; - - if (!pdb_context) { - DEBUG(0, ("invalid pdb_context specified\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!NT_STATUS_IS_OK(ret = gums_setup_backend(lp_gums_backend()))) { - DEBUG(0, ("pdb_init_gums_gateway: initialization error!\n")); - return ret; - } - - ggwd = (struct gums_gw_data *)malloc(sizeof(struct gums_gw_data)); - if (!ggwd) - return NT_STATUS_NO_MEMORY; - memset(ggwd, 0, sizeof(struct gums_gw_data)); - - if (!NT_STATUS_IS_OK(ret = get_gums_fns(&(ggwd->fns)))) { - goto error; - } - - if (!NT_STATUS_IS_OK(ret = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) { - goto error; - } - - (*pdb_method)->name = "gums_gateway"; - - (*pdb_method)->setsampwent = gums_setsampwent; - (*pdb_method)->getsampwent = gums_getsampwent; - (*pdb_method)->endsampwent = gums_endsampwent; - (*pdb_method)->getsampwnam = gums_getsampwnam; - (*pdb_method)->getsampwsid = gums_getsampwsid; - (*pdb_method)->add_sam_account = gums_add_sam_account; - (*pdb_method)->update_sam_account = gums_update_sam_account; - (*pdb_method)->delete_sam_account = gums_delete_sam_account; - - /* we should do no group mapping here */ -/* (*pdb_method)->getgrsid = gums_getgrsid; - (*pdb_method)->getgrgid = gums_getgrgid; - (*pdb_method)->getgrnam = gums_getgrnam; - (*pdb_method)->add_group_mapping_entry = gums_add_group_mapping_entry; - (*pdb_method)->update_group_mapping_entry = gums_update_group_mapping_entry; - (*pdb_method)->delete_group_mapping_entry = gums_delete_group_mapping_entry; - (*pdb_method)->enum_group_mapping = gums_enum_group_mapping;*/ - - /* we do not handle groups in guest backend */ -/* FIXME - (*pdb_method)->get_group_info_by_sid = gums_get_group_info_by_sid; - (*pdb_method)->get_group_list = gums_get_group_list; - (*pdb_method)->get_group_sids = gums_get_group_sids; - (*pdb_method)->add_group = gums_add_group; - (*pdb_method)->update_group = gums_update_group; - (*pdb_method)->delete_group = gums_delete_group; - (*pdb_method)->add_sid_to_group = gums_add_sid_to_group; - (*pdb_method)->remove_sid_from_group = gums_remove_sid_from_group; - (*pdb_method)->get_group_info_by_name = gums_get_group_info_by_name; - (*pdb_method)->get_group_info_by_nt_name = gums_get_group_info_by_nt_name; - (*pdb_method)->get_group_uids = gums_get_group_uids; -*/ - - (*pdb_method)->private_data = ggwd; - (*pdb_method)->free_private_data = free_gw_private_data; - - return NT_STATUS_OK; - -error: - SAFE_FREE(ggwd); - return ret; -} - -NTSTATUS pdb_gums_init(void) -{ - return smb_register_passdb(PASSDB_INTERFACE_VERSION, "gums", pdb_init_gums_gateway); -} - diff --git a/source3/passdb/pdb_xml.c b/source3/passdb/pdb_xml.c index 19998a6655..29922bca4f 100644 --- a/source3/passdb/pdb_xml.c +++ b/source3/passdb/pdb_xml.c @@ -540,17 +540,13 @@ static NTSTATUS xmlsam_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method (*pdb_method)->getsampwsid = NULL; (*pdb_method)->update_sam_account = NULL; (*pdb_method)->delete_sam_account = NULL; - (*pdb_method)->get_group_info_by_sid = NULL; - (*pdb_method)->get_group_list = NULL; - (*pdb_method)->get_group_sids = NULL; - (*pdb_method)->add_group = NULL; - (*pdb_method)->update_group = NULL; - (*pdb_method)->delete_group = NULL; - (*pdb_method)->add_sid_to_group = NULL; - (*pdb_method)->remove_sid_from_group = NULL; - (*pdb_method)->get_group_info_by_name = NULL; - (*pdb_method)->get_group_info_by_nt_name = NULL; - (*pdb_method)->get_group_uids = NULL; + (*pdb_method)->getgrsid = NULL; + (*pdb_method)->getgrgid = NULL; + (*pdb_method)->getgrnam = NULL; + (*pdb_method)->add_group_mapping_entry = NULL; + (*pdb_method)->update_group_mapping_entry = NULL; + (*pdb_method)->delete_group_mapping_entry = NULL; + (*pdb_method)->enum_group_mapping = NULL; data = talloc(pdb_context->mem_ctx, sizeof(pdb_xml)); data->location = talloc_strdup(pdb_context->mem_ctx, (location ? location : "passdb.xml")); diff --git a/source3/rpc_client/cli_epmapper.c b/source3/rpc_client/cli_epmapper.c deleted file mode 100644 index 66362f1620..0000000000 --- a/source3/rpc_client/cli_epmapper.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - Unix SMB/CIFS implementation. - RPC pipe client - - Copyright (C) Jim McDonough (jmcd@us.ibm.com) 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -NTSTATUS cli_epm_map(struct cli_state *cli, TALLOC_CTX *mem_ctx, - EPM_HANDLE *handle, EPM_TOWER **tower, - EPM_HANDLE *entry_handle, uint32 *num_towers) -{ - prs_struct qbuf, rbuf; - EPM_Q_MAP q; - EPM_R_MAP r; - BOOL result = False; - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Marshall data and send request */ - - init_epm_q_map(mem_ctx, &q, *tower, *num_towers); - - if (!epm_io_q_map("map_query", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, EPM_MAP_PIPE_NAME, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!epm_io_r_map("map_reply", &r, &rbuf, 0)) - goto done; - - result = True; - - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - - return result ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; -} diff --git a/source3/rpc_parse/parse_epmapper.c b/source3/rpc_parse/parse_epmapper.c deleted file mode 100644 index 7a5f147c50..0000000000 --- a/source3/rpc_parse/parse_epmapper.c +++ /dev/null @@ -1,482 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Samba end point mapper functions - Copyright (C) Jim McDonough (jmcd@us.ibm.com) 2003. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_RPC_PARSE - -static uint32 internal_referent_id = 0; - - -/******************************************************************* - Reads or writes a handle. -********************************************************************/ -BOOL epm_io_handle(const char *desc, EPM_HANDLE *handle, prs_struct *ps, - int depth) -{ - if (!prs_align(ps)) - return False; - - if (!prs_uint8s(False, "data", ps, depth, handle->data, - sizeof(handle->data))) - return False; - - return True; -} - -/******************************************************************* - inits an EPM_FLOOR structure. -********************************************************************/ -NTSTATUS init_epm_floor(EPM_FLOOR *floor, uint8 protocol) -{ - /* handle lhs */ - floor->lhs.protocol = protocol; - floor->lhs.length = sizeof(floor->lhs.protocol); - - switch(floor->lhs.protocol) { - case EPM_FLOOR_UUID: - floor->lhs.length += sizeof(floor->lhs.uuid.uuid); - floor->lhs.length += sizeof(floor->lhs.uuid.version); - break; - default: - break; - } - - /* handle rhs */ - switch(floor->lhs.protocol) { - case EPM_FLOOR_RPC: - case EPM_FLOOR_UUID: - floor->rhs.length = sizeof(floor->rhs.unknown); - break; - case EPM_FLOOR_TCP: - floor->rhs.length = sizeof(floor->rhs.tcp.port); - break; - case EPM_FLOOR_IP: - floor->rhs.length = sizeof(floor->rhs.ip.addr); - break; - case EPM_FLOOR_NMPIPES: - case EPM_FLOOR_LRPC: - case EPM_FLOOR_NETBIOS: - floor->rhs.length = strlen(floor->rhs.string) + 1; - break; - default: - break; - } - - return NT_STATUS_OK; -} - -/******************************************************************* - inits an EPM_FLOOR structure with a UUID -********************************************************************/ -NTSTATUS init_epm_floor_uuid(EPM_FLOOR *floor, - const RPC_UUID *uuid, uint16 version) -{ - memcpy(&floor->lhs.uuid.uuid, uuid, sizeof(*uuid)); - floor->lhs.uuid.version = version; - floor->rhs.unknown = 0; - return init_epm_floor(floor, EPM_FLOOR_UUID); -} - -/******************************************************************* - inits an EPM_FLOOR structure for RPC -********************************************************************/ -NTSTATUS init_epm_floor_rpc(EPM_FLOOR *floor) -{ - floor->rhs.unknown = 0; - return init_epm_floor(floor, EPM_FLOOR_RPC); -} - -/******************************************************************* - inits an EPM_FLOOR structure for TCP -********************************************************************/ -NTSTATUS init_epm_floor_tcp(EPM_FLOOR *floor, uint16 port) -{ - floor->rhs.tcp.port = htons(port); - return init_epm_floor(floor, EPM_FLOOR_TCP); -} - -/******************************************************************* - inits an EPM_FLOOR structure for IP -********************************************************************/ -NTSTATUS init_epm_floor_ip(EPM_FLOOR *floor, uint8 addr[4]) -{ - memcpy(&floor->rhs.ip.addr, addr, sizeof(addr)); - return init_epm_floor(floor, EPM_FLOOR_IP); -} - -/******************************************************************* - inits an EPM_FLOOR structure for named pipe -********************************************************************/ -NTSTATUS init_epm_floor_np(EPM_FLOOR *floor, const char *pipe_name) -{ - safe_strcpy(floor->rhs.string, pipe_name, sizeof(floor->rhs.string)-1); - return init_epm_floor(floor, EPM_FLOOR_NMPIPES); -} - -/******************************************************************* - inits an EPM_FLOOR structure for named pipe -********************************************************************/ -NTSTATUS init_epm_floor_lrpc(EPM_FLOOR *floor, const char *pipe_name) -{ - safe_strcpy(floor->rhs.string, pipe_name, sizeof(floor->rhs.string)-1); - return init_epm_floor(floor, EPM_FLOOR_LRPC); -} - -/******************************************************************* - inits an EPM_FLOOR structure for named pipe -********************************************************************/ -NTSTATUS init_epm_floor_nb(EPM_FLOOR *floor, char *host_name) -{ - safe_strcpy(floor->rhs.string, host_name, sizeof(floor->rhs.string)-1); - return init_epm_floor(floor, EPM_FLOOR_NETBIOS); -} - -/******************************************************************* - reads and writes EPM_FLOOR. -********************************************************************/ -BOOL epm_io_floor(const char *desc, EPM_FLOOR *floor, - prs_struct *ps, int depth) -{ - prs_debug(ps, depth, desc, "epm_io_floor"); - depth++; - - if (!prs_uint16("lhs_length", ps, depth, &floor->lhs.length)) - return False; - if (!prs_uint8("protocol", ps, depth, &floor->lhs.protocol)) - return False; - - switch (floor->lhs.protocol) { - case EPM_FLOOR_UUID: - if (!smb_io_rpc_uuid("uuid", &floor->lhs.uuid.uuid, ps, depth)) - return False; - if (!prs_uint16("version", ps, depth, - &floor->lhs.uuid.version)) - return False; - break; - } - - if (!prs_uint16("rhs_length", ps, depth, &floor->rhs.length)) - return False; - - switch (floor->lhs.protocol) { - case EPM_FLOOR_UUID: - case EPM_FLOOR_RPC: - if (!prs_uint16("unknown", ps, depth, &floor->rhs.unknown)) - return False; - break; - case EPM_FLOOR_TCP: - if (!prs_uint16("tcp_port", ps, depth, &floor->rhs.tcp.port)) - return False; - break; - case EPM_FLOOR_IP: - if (!prs_uint8s(False, "ip_addr", ps, depth, - floor->rhs.ip.addr, - sizeof(floor->rhs.ip.addr))) - return False; - break; - case EPM_FLOOR_NMPIPES: - case EPM_FLOOR_LRPC: - case EPM_FLOOR_NETBIOS: - if (!prs_uint8s(False, "string", ps, depth, - floor->rhs.string, - floor->rhs.length)) - return False; - break; - default: - break; - } - - return True; -} - -/******************************************************************* - Inits a EPM_TOWER structure. -********************************************************************/ -NTSTATUS init_epm_tower(TALLOC_CTX *ctx, EPM_TOWER *tower, - const EPM_FLOOR *floors, int num_floors) -{ - int size = 0; - int i; - - DEBUG(5, ("init_epm_tower\n")); - - size += sizeof(uint16); /* number of floors is in tower length */ - for (i = 0; i < num_floors; i++) { - size += (sizeof(uint16) * 2); - size += floors[i].lhs.length; - size += floors[i].rhs.length; - } - - tower->max_length = tower->length = size; - tower->num_floors = num_floors; - tower->floors = talloc(ctx, sizeof(EPM_FLOOR) * num_floors); - if (!tower->floors) { - return NT_STATUS_NO_MEMORY; - } - memcpy(tower->floors, floors, sizeof(EPM_FLOOR) * num_floors); - tower->unknown = 0x7e; - - return NT_STATUS_OK; -} - -/******************************************************************* - Reads or writes an EPM_TOWER structure. -********************************************************************/ -BOOL epm_io_tower(const char *desc, EPM_TOWER *tower, - prs_struct *ps, int depth) -{ - int i; - - prs_debug(ps, depth, desc, "epm_io_tower"); - depth++; - - if (!prs_align(ps)) - return False; - - if (!prs_uint32("max_length", ps, depth, &tower->max_length)) - return False; - if (!prs_uint32("length", ps, depth, &tower->length)) - return False; - if (!prs_uint16("num_floors", ps, depth, &tower->num_floors)) - return False; - - if (UNMARSHALLING(ps)) { - tower->floors = talloc(ps->mem_ctx, - sizeof(EPM_FLOOR) * tower->num_floors); - if (!tower->floors) - return False; - } - - for (i = 0; i < tower->num_floors; i++) { - if (!epm_io_floor("floor", tower->floors + i, ps, depth)) - return False; - } - - return True; -} - -/******************************************************************* - Initialize an EPM_TOWER_ARRAY structure -********************************************************************/ -NTSTATUS init_epm_tower_array(TALLOC_CTX *ctx, EPM_TOWER_ARRAY *array, - const EPM_TOWER *towers, int num_towers) -{ - int i; - - array->max_count = num_towers; - array->offset = 0; - array->count = num_towers; - array->tower_ref_ids = talloc(ctx, sizeof(uint32) * num_towers); - if (!array->tower_ref_ids) { - return NT_STATUS_NO_MEMORY; - } - for (i=0;i<num_towers;i++) - array->tower_ref_ids[i] = ++internal_referent_id; - - array->towers = talloc(ctx, sizeof(EPM_TOWER) * num_towers); - if (!array->towers) { - return NT_STATUS_NO_MEMORY; - } - memcpy(array->towers, towers, sizeof(EPM_TOWER) * num_towers); - - return NT_STATUS_OK; -} - -/******************************************************************* - Reads or writes an EPM_TOWER_ARRAY structure. -********************************************************************/ -BOOL epm_io_tower_array(const char *desc, EPM_TOWER_ARRAY *array, - prs_struct *ps, int depth) -{ - int i; - - prs_debug(ps, depth, desc, "epm_io_tower_array"); - depth++; - - if (!prs_uint32("max_count", ps, depth, &array->max_count)) - return False; - if (!prs_uint32("offset", ps, depth, &array->offset)) - return False; - if (!prs_uint32("count", ps, depth, &array->count)) - return False; - - - if (UNMARSHALLING(ps)) { - array->tower_ref_ids = talloc(ps->mem_ctx, - sizeof(uint32) * array->count); - if (!array->tower_ref_ids) { - return False; - } - } - for (i=0; i < array->count; i++) { - if (!prs_uint32("ref_id", ps, depth, &array->tower_ref_ids[i])) { - return False; - } else { - if (array->tower_ref_ids[i] > internal_referent_id) { - internal_referent_id = array->tower_ref_ids[i]; - } - } - } - - - - if (!prs_set_offset(ps, prs_offset(ps) + array->offset)) - return False; - - if (UNMARSHALLING(ps)) { - array->towers = talloc(ps->mem_ctx, - sizeof(EPM_TOWER) * array->count); - if (!array->towers) { - return False; - } - } - - for (i = 0; i < array->count; i++) { - if (!epm_io_tower("tower", &array->towers[i], ps, depth)) - return False; - } - - return True; -} - -/******************************************************************* - Initialize EPM_R_MAP structure -******************************************************************/ -NTSTATUS init_epm_r_map(TALLOC_CTX *ctx, EPM_R_MAP *r_map, - const EPM_HANDLE *handle, const EPM_TOWER_ARRAY *array, - int num_elements, uint32 status) -{ - memcpy(&r_map->handle, handle, sizeof(*handle)); - r_map->num_results = num_elements; - r_map->results = talloc(ctx, sizeof(EPM_TOWER_ARRAY) * num_elements); - if (!r_map->results) { - return NT_STATUS_NO_MEMORY; - } - memcpy(r_map->results, array, sizeof(EPM_TOWER_ARRAY) * num_elements); - r_map->status = status; - return NT_STATUS_OK; -} - -/************************************************************************* - Inits a EPM_Q_MAP structure. -************************************************************************** -* We attempt to hide the ugliness of the wire format by taking a EPM_TOWER -* array with a defined size -**************************************************************************/ -NTSTATUS init_epm_q_map(TALLOC_CTX *ctx, EPM_Q_MAP *q_map, - const EPM_TOWER *towers, int num_towers) -{ - static uint32 handle = 1; - - ZERO_STRUCTP(q_map); - - DEBUG(5, ("init_epm_q_map\n")); - q_map->handle.data[0] = (handle >> 0) & 0xFF; - q_map->handle.data[1] = (handle >> 8) & 0xFF; - q_map->handle.data[2] = (handle >> 16) & 0xFF; - q_map->handle.data[3] = (handle >> 24) & 0xFF; - - q_map->tower = talloc(ctx, sizeof(EPM_TOWER) * (num_towers + 1)); - if (!q_map->tower) { - return NT_STATUS_NO_MEMORY; - } - - memcpy(q_map->tower, towers, sizeof(EPM_TOWER) * num_towers); - - ZERO_STRUCT(q_map->tower[num_towers]); - - /* For now let's not take more than 4 towers per result */ - q_map->max_towers = num_towers * 4; - - q_map->tower_ref_id = ++internal_referent_id; - - handle++; - - return NT_STATUS_OK; -} - -/***************************************************************** - epm_io_q_map - read or write EPM_Q_MAP structure -******************************************************************/ -BOOL epm_io_q_map(const char *desc, EPM_Q_MAP *io_map, prs_struct *ps, - int depth) -{ - prs_debug(ps, depth, desc, "epm_io_q_map"); - depth++; - - if (!epm_io_handle("handle", &io_map->handle, ps, depth)) - return False; - - if (!prs_uint32("referent_id", ps, 0, &io_map->tower_ref_id)) - return False; - if (io_map->tower_ref_id > internal_referent_id) - internal_referent_id = io_map->tower_ref_id; - - /* HACK: We need a more elegant way of doing this */ - if (UNMARSHALLING(ps)) { - io_map->tower = talloc(ps->mem_ctx, sizeof(EPM_TOWER)); - if (!io_map->tower) - return False; - } - if (!epm_io_tower("tower", io_map->tower, ps, depth)) - return False; - if (!epm_io_handle("term_handle", &io_map->term_handle, ps, depth)) - return False; - - if (!prs_uint32("max_towers", ps, 0, &io_map->max_towers)) - return False; - - return True; -} - -/******************************************************************* - epm_io_r_map - Read/Write EPM_R_MAP structure -******************************************************************/ -BOOL epm_io_r_map(const char *desc, EPM_R_MAP *io_map, - prs_struct *ps, int depth) -{ - prs_debug(ps, depth, desc, "epm_io_r_map"); - depth++; - - if (!epm_io_handle("handle", &io_map->handle, ps, depth)) - return False; - if (!prs_uint32("num_results", ps, depth, &io_map->num_results)) - return False; - - if (UNMARSHALLING(ps)) { - io_map->results = talloc(ps->mem_ctx, - sizeof(EPM_TOWER_ARRAY) * - io_map->num_results); - if (!io_map->results) - return False; - } - if (!epm_io_tower_array("results", io_map->results, ps, depth)) - return False; - - if (!prs_align(ps)) - return False; - - if (!prs_uint32("status", ps, depth, &io_map->status)) - return False; - - return True; -} diff --git a/source3/rpc_parse/parse_rpc.c b/source3/rpc_parse/parse_rpc.c index f053297192..1ea59feaed 100644 --- a/source3/rpc_parse/parse_rpc.c +++ b/source3/rpc_parse/parse_rpc.c @@ -147,15 +147,6 @@ interface/version dce/rpc pipe identification }, 0x01 \ } -#define SYNT_EPM_V3 \ -{ \ - { \ - 0xe1af8308, 0x5d1f, 0x11c9, \ - { 0x91, 0xa4, 0x08, 0x00, \ - 0x2b, 0x14, 0xa0, 0xfa } \ - }, 0x03 \ -} - /* * IMPORTANT!! If you update this structure, make sure to * update the index #defines in smb.h. @@ -174,7 +165,6 @@ const struct pipe_id_info pipe_names [] = { PIPE_SPOOLSS , SYNT_SPOOLSS_V1 , PIPE_SPOOLSS , TRANS_SYNT_V2 }, { PIPE_NETDFS , SYNT_NETDFS_V3 , PIPE_NETDFS , TRANS_SYNT_V2 }, { PIPE_ECHO , SYNT_ECHO_V1 , PIPE_ECHO , TRANS_SYNT_V2 }, - { PIPE_EPM , SYNT_EPM_V3 , PIPE_EPM , TRANS_SYNT_V2 }, { NULL , SYNT_NONE_V0 , NULL , SYNT_NONE_V0 } }; @@ -256,7 +246,7 @@ BOOL smb_io_rpc_hdr(const char *desc, RPC_HDR *rpc, prs_struct *ps, int depth) Reads or writes an RPC_UUID structure. ********************************************************************/ -BOOL smb_io_rpc_uuid(const char *desc, RPC_UUID *uuid, prs_struct *ps, int depth) +static BOOL smb_io_rpc_uuid(const char *desc, RPC_UUID *uuid, prs_struct *ps, int depth) { if (uuid == NULL) return False; @@ -264,6 +254,9 @@ BOOL smb_io_rpc_uuid(const char *desc, RPC_UUID *uuid, prs_struct *ps, int depth prs_debug(ps, depth, desc, "smb_io_rpc_uuid"); depth++; + if(!prs_align(ps)) + return False; + if(!prs_uint32 ("data ", ps, depth, &uuid->time_low)) return False; if(!prs_uint16 ("data ", ps, depth, &uuid->time_mid)) @@ -289,9 +282,6 @@ static BOOL smb_io_rpc_iface(const char *desc, RPC_IFACE *ifc, prs_struct *ps, i prs_debug(ps, depth, desc, "smb_io_rpc_iface"); depth++; - if (!prs_align(ps)) - return False; - if (!smb_io_rpc_uuid( "uuid", &ifc->uuid, ps, depth)) return False; diff --git a/source3/rpc_server/srv_epmapper.c b/source3/rpc_server/srv_epmapper.c deleted file mode 100644 index 70de092850..0000000000 --- a/source3/rpc_server/srv_epmapper.c +++ /dev/null @@ -1,88 +0,0 @@ - -/* - Unix SMB/CIFS implementation. - Samba end point mapper utility and mapping functions - Copyright (C) Jim McDonough (jmcd@us.ibm.com) 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -/***************************************************************** - api_handle_map_req - handles standard epm mapping request -******************************************************************/ -static BOOL api_handle_map_req(pipes_struct * p) -{ - - EPM_Q_MAP q_in; - EPM_R_MAP q_out; - - prs_struct *in_data = &p->in_data.data; - prs_struct *ret_data = &p->out_data.rdata; - - ZERO_STRUCT(q_in); - ZERO_STRUCT(q_out); - - /* process input request and parse packet */ - - if (!epm_io_q_map("", &q_in, in_data, 0)) { - DEBUG(0, - ("api_handle_map_request: unable to unmarshall EPMD_MAP\n")); - return False; - } - - _epm_map(p, &q_in, &q_out); - - if (!epm_io_r_map("", &q_out, ret_data, 0)) { - DEBUG(0, - ("api_handle_map_req: unable to marshall EPMD_MAP\n")); - return False; - } - - return True; -} - -/*******************************************************************/ -/* \pipe\epmapper commands */ -/*******************************************************************/ -/* opnum is 3 on map request */ - -struct api_struct api_epmapper_cmds[] = { - {"MAP_PIPE_NAME", EPM_MAP_PIPE_NAME, api_handle_map_req}, -}; - -/*******************************************************************/ -/* */ -/*******************************************************************/ - -void epm_get_pipe_fns(struct api_struct **funcs, int *n_funcs) -{ - *funcs = api_epmapper_cmds; - *n_funcs = sizeof(api_epmapper_cmds) / sizeof(struct api_struct); -} - -/*******************************************************************/ -/* */ -/*******************************************************************/ - -NTSTATUS rpc_epmapper_init(void) -{ - return rpc_pipe_register_commands(SMB_RPC_INTERFACE_VERSION, - EPM_PIPE_NM, EPM_PIPE_NM, - api_epmapper_cmds, - sizeof(api_epmapper_cmds) / - sizeof(struct api_struct)); -} diff --git a/source3/rpc_server/srv_epmapper_nt.c b/source3/rpc_server/srv_epmapper_nt.c deleted file mode 100644 index 1b72a5ed41..0000000000 --- a/source3/rpc_server/srv_epmapper_nt.c +++ /dev/null @@ -1,70 +0,0 @@ - -/* - Unix SMB/CIFS implementation. - Samba end point mapper utility and mapping functions - Copyright (C) Jim McDonough (jmcd@us.ibm.com) 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -/*******************************************************************/ -/* _epm_map - fill out mapping on input and output structs */ -/*******************************************************************/ -void _epm_map(pipes_struct *ps, const EPM_Q_MAP *q_u, EPM_R_MAP *r_u) -{ - int i; - uint8 target_address[] = { 9, 53, 95, 27 }; - EPM_FLOOR *floors = talloc(ps->mem_ctx, sizeof(EPM_FLOOR) * - q_u->tower->num_floors); - EPM_TOWER *towers = talloc(ps->mem_ctx, - sizeof(EPM_TOWER) * MAX_TOWERS); - EPM_TOWER_ARRAY array; - - if (!floors || !towers) { - DEBUG(0, ("_epm_map: talloc failed!\n")); - return; - } - - for (i = 0; i < q_u->tower->num_floors; i++) { - switch (q_u->tower->floors[i].lhs.protocol) { - case EPM_FLOOR_UUID: - init_epm_floor_uuid(&floors[i], - &q_u->tower->floors[i]. - lhs.uuid.uuid, - q_u->tower->floors[i]. - lhs.uuid.version); - break; - case EPM_FLOOR_RPC: - init_epm_floor_rpc(&floors[i]); - break; - case EPM_FLOOR_TCP: - /* for now map all requests to port 135 */ - init_epm_floor_tcp(&floors[i], 135); - break; - case EPM_FLOOR_IP: - init_epm_floor_ip(&floors[i], target_address); - break; - } - } - - init_epm_tower(ps->mem_ctx, &towers[0], floors, 5); - init_epm_tower_array(ps->mem_ctx, &array, towers, 1); - init_epm_r_map(ps->mem_ctx, r_u, &q_u->term_handle, &array, 1, 0); - - return; - -} diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index 0ef9b088a9..9c10d86379 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -317,40 +317,6 @@ static BOOL api_net_logon_ctrl(pipes_struct *p) return True; } -/************************************************************************* - api_ds_enum_dom_trusts: - *************************************************************************/ - -static BOOL api_ds_enum_dom_trusts(pipes_struct *p) -{ - DS_Q_ENUM_DOM_TRUSTS q_u; - DS_R_ENUM_DOM_TRUSTS r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - DEBUG(6,("api_ds_enum_dom_trusts\n")); - - if ( !ds_io_q_enum_domain_trusts("", data, 0, &q_u) ) { - DEBUG(0,("api_ds_enum_domain_trusts: Failed to unmarshall DS_Q_ENUM_DOM_TRUSTS.\n")); - return False; - } - - r_u.status = _ds_enum_dom_trusts(p, &q_u, &r_u); - - if ( !ds_io_r_enum_domain_trusts("", rdata, 0, &r_u) ) { - DEBUG(0,("api_ds_enum_domain_trusts: Failed to marshall DS_R_ENUM_DOM_TRUSTS.\n")); - return False; - } - - DEBUG(6,("api_ds_enum_dom_trusts\n")); - - return True; -} - /******************************************************************* array of \PIPE\NETLOGON operations ********************************************************************/ @@ -364,8 +330,7 @@ static struct api_struct api_net_cmds [] = { "NET_SAMLOGOFF" , NET_SAMLOGOFF , api_net_sam_logoff }, { "NET_LOGON_CTRL2" , NET_LOGON_CTRL2 , api_net_logon_ctrl2 }, { "NET_TRUST_DOM_LIST", NET_TRUST_DOM_LIST, api_net_trust_dom_list }, - { "NET_LOGON_CTRL" , NET_LOGON_CTRL , api_net_logon_ctrl }, - { "DS_ENUM_DOM_TRUSTS", DS_ENUM_DOM_TRUSTS, api_ds_enum_dom_trusts } + { "NET_LOGON_CTRL" , NET_LOGON_CTRL , api_net_logon_ctrl } }; void netlog_get_pipe_fns( struct api_struct **fns, int *n_fns ) diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 66fa6e7678..602cd7d2d5 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -762,18 +762,4 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * return status; } -/************************************************************************* - _ds_enum_dom_trusts - *************************************************************************/ -NTSTATUS _ds_enum_dom_trusts(pipes_struct *p, DS_Q_ENUM_DOM_TRUSTS *q_u, - DS_R_ENUM_DOM_TRUSTS *r_u) -{ - NTSTATUS status = NT_STATUS_OK; - /* We just return zero trusts for now. At least that way we're - consistent with NetTrustedDomainList which is what the fallback - for this function is. Both of these functions need to be - reworked. */ - - return status; -} diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 444c35987a..96261c665f 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -1603,9 +1603,6 @@ void get_pipe_fns( int idx, struct api_struct **fns, int *n_fns ) echo_get_pipe_fns( &cmds, &n_cmds ); break; #endif - case PI_EPM: - epm_get_pipe_fns( &cmds, &n_cmds ); - break; default: DEBUG(0,("get_pipe_fns: Unknown pipe index! [%d]\n", idx)); } diff --git a/source3/rpcclient/cmd_epmapper.c b/source3/rpcclient/cmd_epmapper.c deleted file mode 100644 index e2eecb6f04..0000000000 --- a/source3/rpcclient/cmd_epmapper.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - Unix SMB/CIFS implementation. - RPC pipe client - - Copyright (C) Jim McDonough (jmcd@us.ibm.com) 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "rpcclient.h" - - -static NTSTATUS cmd_epm_map(struct cli_state *cli, - TALLOC_CTX *mem_ctx, - int argc, const char **argv) -{ - EPM_HANDLE handle, entry_handle; - EPM_TOWER *towers; - EPM_FLOOR floors[5]; - uint8 addr[4] = {0,0,0,0}; - uint32 numtowers; - /* need to allow all this stuff to be passed in, but - for now, it demonstrates the call */ - RPC_UUID if_uuid = {0xe3514235, 0x4b06, 0x11d1, \ - { 0xab, 0x04, 0x00, 0xc0, \ - 0x4f, 0xc2, 0xdc, 0xd2 }}, - syn_uuid = {0x8a885d04, 0x1ceb, 0x11c9, \ - { 0x9f, 0xe8, 0x08, 0x00, \ - 0x2b, 0x10, 0x48, 0x60 }}; - - NTSTATUS result; - - ZERO_STRUCT(handle); - numtowers = 1; - init_epm_floor_uuid(&floors[0], &if_uuid, 4); - init_epm_floor_uuid(&floors[1], &syn_uuid, 2); - init_epm_floor_rpc(&floors[2]); - - /* sample for netbios named pipe query - init_epm_floor_np(&floors[3], "\\PIPE\\lsass"); - init_epm_floor_nb(&floors[4], "\\\\psflinux"); - */ - init_epm_floor_tcp(&floors[3], 135); - init_epm_floor_ip(&floors[4], addr); - towers = talloc(mem_ctx, sizeof(EPM_TOWER)); - init_epm_tower(mem_ctx, towers, floors, 5); - - result = cli_epm_map(cli, mem_ctx, &handle, &towers, &entry_handle, &numtowers); - - return result; -} - -struct cmd_set epm_commands[] = { - - { "EPMAPPER" }, - - { "map", RPC_RTYPE_NTSTATUS, cmd_epm_map, NULL, PI_EPM, "map endpoint", "" }, - { NULL } -}; - - diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index f60cb67cba..773441a27c 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -462,7 +462,6 @@ extern struct cmd_set dfs_commands[]; extern struct cmd_set reg_commands[]; extern struct cmd_set ds_commands[]; extern struct cmd_set echo_commands[]; -extern struct cmd_set epm_commands[]; static struct cmd_set *rpcclient_command_list[] = { rpcclient_commands, @@ -475,7 +474,6 @@ static struct cmd_set *rpcclient_command_list[] = { dfs_commands, reg_commands, echo_commands, - epm_commands, NULL }; diff --git a/source3/sam/account.c b/source3/sam/account.c deleted file mode 100644 index b8336146cd..0000000000 --- a/source3/sam/account.c +++ /dev/null @@ -1,305 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Password and authentication handling - Copyright (C) Jeremy Allison 1996-2001 - Copyright (C) Luke Kenneth Casson Leighton 1996-1998 - Copyright (C) Gerald (Jerry) Carter 2000-2001 - Copyright (C) Andrew Bartlett 2001-2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -/************************************************************ - Fill the SAM_ACCOUNT_HANDLE with default values. - ***********************************************************/ - -static void sam_fill_default_account(SAM_ACCOUNT_HANDLE *account) -{ - ZERO_STRUCT(account->private); /* Don't touch the talloc context */ - - /* Don't change these timestamp settings without a good reason. - They are important for NT member server compatibility. */ - - /* FIXME: We should actually call get_nt_time_max() or sthng - * here */ - unix_to_nt_time(&(account->private.logoff_time),get_time_t_max()); - unix_to_nt_time(&(account->private.kickoff_time),get_time_t_max()); - unix_to_nt_time(&(account->private.pass_must_change_time),get_time_t_max()); - account->private.unknown_1 = 0x00ffffff; /* don't know */ - account->private.logon_divs = 168; /* hours per week */ - account->private.hours_len = 21; /* 21 times 8 bits = 168 */ - memset(account->private.hours, 0xff, account->private.hours_len); /* available at all hours */ - account->private.unknown_2 = 0x00000000; /* don't know */ - account->private.unknown_3 = 0x000004ec; /* don't know */ -} - -static void destroy_sam_talloc(SAM_ACCOUNT_HANDLE **account) -{ - if (*account) { - data_blob_clear_free(&((*account)->private.lm_pw)); - data_blob_clear_free(&((*account)->private.nt_pw)); - if((*account)->private.plaintext_pw!=NULL) - memset((*account)->private.plaintext_pw,'\0',strlen((*account)->private.plaintext_pw)); - - talloc_destroy((*account)->mem_ctx); - *account = NULL; - } -} - - -/********************************************************************** - Alloc memory and initialises a SAM_ACCOUNT_HANDLE on supplied mem_ctx. -***********************************************************************/ - -NTSTATUS sam_init_account_talloc(TALLOC_CTX *mem_ctx, SAM_ACCOUNT_HANDLE **account) -{ - SMB_ASSERT(*account != NULL); - - if (!mem_ctx) { - DEBUG(0,("sam_init_account_talloc: mem_ctx was NULL!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - *account=(SAM_ACCOUNT_HANDLE *)talloc(mem_ctx, sizeof(SAM_ACCOUNT_HANDLE)); - - if (*account==NULL) { - DEBUG(0,("sam_init_account_talloc: error while allocating memory\n")); - return NT_STATUS_NO_MEMORY; - } - - (*account)->mem_ctx = mem_ctx; - - (*account)->free_fn = NULL; - - sam_fill_default_account(*account); - - return NT_STATUS_OK; -} - - -/************************************************************* - Alloc memory and initialises a struct sam_passwd. - ************************************************************/ - -NTSTATUS sam_init_account(SAM_ACCOUNT_HANDLE **account) -{ - TALLOC_CTX *mem_ctx; - NTSTATUS nt_status; - - mem_ctx = talloc_init("sam internal SAM_ACCOUNT_HANDLE allocation"); - - if (!mem_ctx) { - DEBUG(0,("sam_init_account: error while doing talloc_init()\n")); - return NT_STATUS_NO_MEMORY; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_init_account_talloc(mem_ctx, account))) { - talloc_destroy(mem_ctx); - return nt_status; - } - - (*account)->free_fn = destroy_sam_talloc; - - return NT_STATUS_OK; -} - -/** - * Free the contents of the SAM_ACCOUNT_HANDLE, but not the structure. - * - * Also wipes the LM and NT hashes and plaintext password from - * memory. - * - * @param account SAM_ACCOUNT_HANDLE to free members of. - **/ - -static void sam_free_account_contents(SAM_ACCOUNT_HANDLE *account) -{ - - /* Kill off sensitive data. Free()ed by the - talloc mechinism */ - - data_blob_clear_free(&(account->private.lm_pw)); - data_blob_clear_free(&(account->private.nt_pw)); - if (account->private.plaintext_pw) - memset(account->private.plaintext_pw,'\0',strlen(account->private.plaintext_pw)); -} - - -/************************************************************ - Reset the SAM_ACCOUNT_HANDLE and free the NT/LM hashes. - ***********************************************************/ - -NTSTATUS sam_reset_sam(SAM_ACCOUNT_HANDLE *account) -{ - SMB_ASSERT(account != NULL); - - sam_free_account_contents(account); - - sam_fill_default_account(account); - - return NT_STATUS_OK; -} - - -/************************************************************ - Free the SAM_ACCOUNT_HANDLE and the member pointers. - ***********************************************************/ - -NTSTATUS sam_free_account(SAM_ACCOUNT_HANDLE **account) -{ - SMB_ASSERT(*account != NULL); - - sam_free_account_contents(*account); - - if ((*account)->free_fn) { - (*account)->free_fn(account); - } - - return NT_STATUS_OK; -} - - -/********************************************************** - Encode the account control bits into a string. - length = length of string to encode into (including terminating - null). length *MUST BE MORE THAN 2* ! - **********************************************************/ - -char *sam_encode_acct_ctrl(uint16 acct_ctrl, size_t length) -{ - static fstring acct_str; - size_t i = 0; - - acct_str[i++] = '['; - - if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N'; - if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D'; - if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H'; - if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T'; - if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U'; - if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M'; - if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W'; - if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S'; - if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L'; - if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X'; - if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I'; - - for ( ; i < length - 2 ; i++ ) - acct_str[i] = ' '; - - i = length - 2; - acct_str[i++] = ']'; - acct_str[i++] = '\0'; - - return acct_str; -} - -/********************************************************** - Decode the account control bits from a string. - **********************************************************/ - -uint16 sam_decode_acct_ctrl(const char *p) -{ - uint16 acct_ctrl = 0; - BOOL finished = False; - - /* - * Check if the account type bits have been encoded after the - * NT password (in the form [NDHTUWSLXI]). - */ - - if (*p != '[') - return 0; - - for (p++; *p && !finished; p++) { - switch (*p) { - case 'N': { acct_ctrl |= ACB_PWNOTREQ ; break; /* 'N'o password. */ } - case 'D': { acct_ctrl |= ACB_DISABLED ; break; /* 'D'isabled. */ } - case 'H': { acct_ctrl |= ACB_HOMDIRREQ; break; /* 'H'omedir required. */ } - case 'T': { acct_ctrl |= ACB_TEMPDUP ; break; /* 'T'emp account. */ } - case 'U': { acct_ctrl |= ACB_NORMAL ; break; /* 'U'ser account (normal). */ } - case 'M': { acct_ctrl |= ACB_MNS ; break; /* 'M'NS logon user account. What is this ? */ } - case 'W': { acct_ctrl |= ACB_WSTRUST ; break; /* 'W'orkstation account. */ } - case 'S': { acct_ctrl |= ACB_SVRTRUST ; break; /* 'S'erver account. */ } - case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ } - case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ } - case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ } - case ' ': { break; } - case ':': - case '\n': - case '\0': - case ']': - default: { finished = True; } - } - } - - return acct_ctrl; -} - -/************************************************************* - Routine to set 32 hex password characters from a 16 byte array. -**************************************************************/ - -void sam_sethexpwd(char *p, const unsigned char *pwd, uint16 acct_ctrl) -{ - if (pwd != NULL) { - int i; - for (i = 0; i < 16; i++) - slprintf(&p[i*2], 3, "%02X", pwd[i]); - } else { - if (acct_ctrl & ACB_PWNOTREQ) - safe_strcpy(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 33); - else - safe_strcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 33); - } -} - -/************************************************************* - Routine to get the 32 hex characters and turn them - into a 16 byte array. -**************************************************************/ - -BOOL sam_gethexpwd(const char *p, unsigned char *pwd) -{ - int i; - unsigned char lonybble, hinybble; - char *hexchars = "0123456789ABCDEF"; - char *p1, *p2; - - if (!p) - return (False); - - for (i = 0; i < 32; i += 2) { - hinybble = toupper(p[i]); - lonybble = toupper(p[i + 1]); - - p1 = strchr(hexchars, hinybble); - p2 = strchr(hexchars, lonybble); - - if (!p1 || !p2) - return (False); - - hinybble = PTR_DIFF(p1, hexchars); - lonybble = PTR_DIFF(p2, hexchars); - - pwd[i / 2] = (hinybble << 4) | lonybble; - } - return (True); -} diff --git a/source3/sam/group.c b/source3/sam/group.c deleted file mode 100644 index 101e3dd7ce..0000000000 --- a/source3/sam/group.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM_GROUP_HANDLE /SAM_GROUP_ENUM helpers - - Copyright (C) Stefan (metze) Metzmacher 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -/************************************************************ - Fill the SAM_GROUP_HANDLE with default values. - ***********************************************************/ - -static void sam_fill_default_group(SAM_GROUP_HANDLE *group) -{ - ZERO_STRUCT(group->private); /* Don't touch the talloc context */ - -} - -static void destroy_sam_group_handle_talloc(SAM_GROUP_HANDLE **group) -{ - if (*group) { - - talloc_destroy((*group)->mem_ctx); - *group = NULL; - } -} - - -/********************************************************************** - Alloc memory and initialises a SAM_GROUP_HANDLE on supplied mem_ctx. -***********************************************************************/ - -NTSTATUS sam_init_group_talloc(TALLOC_CTX *mem_ctx, SAM_GROUP_HANDLE **group) -{ - SMB_ASSERT(*group != NULL); - - if (!mem_ctx) { - DEBUG(0,("sam_init_group_talloc: mem_ctx was NULL!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - *group=(SAM_GROUP_HANDLE *)talloc(mem_ctx, sizeof(SAM_GROUP_HANDLE)); - - if (*group==NULL) { - DEBUG(0,("sam_init_group_talloc: error while allocating memory\n")); - return NT_STATUS_NO_MEMORY; - } - - (*group)->mem_ctx = mem_ctx; - - (*group)->free_fn = NULL; - - sam_fill_default_group(*group); - - return NT_STATUS_OK; -} - - -/************************************************************* - Alloc memory and initialises a struct SAM_GROUP_HANDLE. - ************************************************************/ - -NTSTATUS sam_init_group(SAM_GROUP_HANDLE **group) -{ - TALLOC_CTX *mem_ctx; - NTSTATUS nt_status; - - mem_ctx = talloc_init("sam internal SAM_GROUP_HANDLE allocation"); - - if (!mem_ctx) { - DEBUG(0,("sam_init_group: error while doing talloc_init()\n")); - return NT_STATUS_NO_MEMORY; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_init_group_talloc(mem_ctx, group))) { - talloc_destroy(mem_ctx); - return nt_status; - } - - (*group)->free_fn = destroy_sam_group_handle_talloc; - - return NT_STATUS_OK; -} - - -/************************************************************ - Reset the SAM_GROUP_HANDLE. - ***********************************************************/ - -NTSTATUS sam_reset_group(SAM_GROUP_HANDLE *group) -{ - SMB_ASSERT(group != NULL); - - sam_fill_default_group(group); - - return NT_STATUS_OK; -} - - -/************************************************************ - Free the SAM_GROUP_HANDLE and the member pointers. - ***********************************************************/ - -NTSTATUS sam_free_group(SAM_ACCOUNT_HANDLE **group) -{ - SMB_ASSERT(*group != NULL); - - if ((*group)->free_fn) { - (*group)->free_fn(group); - } - - return NT_STATUS_OK; -} - - -/********************************************************** - Encode the group control bits into a string. - length = length of string to encode into (including terminating - null). length *MUST BE MORE THAN 2* ! - **********************************************************/ - -char *sam_encode_acct_ctrl(uint16 group_ctrl, size_t length) -{ - static fstring group_str; - size_t i = 0; - - group_str[i++] = '['; - - if (group_ctrl & GCB_LOCAL_GROUP ) group_str[i++] = 'L'; - if (group_ctrl & GCB_GLOBAL_GROUP ) group_str[i++] = 'G'; - - for ( ; i < length - 2 ; i++ ) - group_str[i] = ' '; - - i = length - 2; - group_str[i++] = ']'; - group_str[i++] = '\0'; - - return group_str; -} - -/********************************************************** - Decode the group control bits from a string. - **********************************************************/ - -uint16 sam_decode_group_ctrl(const char *p) -{ - uint16 group_ctrl = 0; - BOOL finished = False; - - /* - * Check if the account type bits have been encoded after the - * NT password (in the form [NDHTUWSLXI]). - */ - - if (*p != '[') - return 0; - - for (p++; *p && !finished; p++) { - switch (*p) { - case 'L': { group_ctrl |= GCB_LOCAL_GROUP; break; /* 'L'ocal Aliases Group. */ } - case 'G': { group_ctrl |= GCB_GLOBAL_GROUP; break; /* 'G'lobal Domain Group. */ } - - case ' ': { break; } - case ':': - case '\n': - case '\0': - case ']': - default: { finished = True; } - } - } - - return group_ctrl; -} - diff --git a/source3/sam/gums.c b/source3/sam/gums.c deleted file mode 100644 index ab374b9342..0000000000 --- a/source3/sam/gums.c +++ /dev/null @@ -1,234 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Grops and Users Management System initializations. - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -#define GMV_MAJOR 0 -#define GMV_MINOR 1 - -#define PRIV_NONE 0 -#define PRIV_CREATE_TOKEN 1 -#define PRIV_ASSIGNPRIMARYTOKEN 2 -#define PRIV_LOCK_MEMORY 3 -#define PRIV_INCREASE_QUOTA 4 -#define PRIV_MACHINE_ACCOUNT 5 -#define PRIV_TCB 6 -#define PRIV_SECURITY 7 -#define PRIV_TAKE_OWNERSHIP 8 -#define PRIV_LOAD_DRIVER 9 -#define PRIV_SYSTEM_PROFILE 10 -#define PRIV_SYSTEMTIME 11 -#define PRIV_PROF_SINGLE_PROCESS 12 -#define PRIV_INC_BASE_PRIORITY 13 -#define PRIV_CREATE_PAGEFILE 14 -#define PRIV_CREATE_PERMANENT 15 -#define PRIV_BACKUP 16 -#define PRIV_RESTORE 17 -#define PRIV_SHUTDOWN 18 -#define PRIV_DEBUG 19 -#define PRIV_AUDIT 20 -#define PRIV_SYSTEM_ENVIRONMENT 21 -#define PRIV_CHANGE_NOTIFY 22 -#define PRIV_REMOTE_SHUTDOWN 23 -#define PRIV_UNDOCK 24 -#define PRIV_SYNC_AGENT 25 -#define PRIV_ENABLE_DELEGATION 26 -#define PRIV_ALL 255 - - -static GUMS_FUNCTIONS *gums_backend = NULL; - -static PRIVS gums_privs[] = { - {PRIV_NONE, "no_privs", "No privilege"}, /* this one MUST be first */ - {PRIV_CREATE_TOKEN, "SeCreateToken", "Create Token"}, - {PRIV_ASSIGNPRIMARYTOKEN, "SeAssignPrimaryToken", "Assign Primary Token"}, - {PRIV_LOCK_MEMORY, "SeLockMemory", "Lock Memory"}, - {PRIV_INCREASE_QUOTA, "SeIncreaseQuotaPrivilege", "Increase Quota Privilege"}, - {PRIV_MACHINE_ACCOUNT, "SeMachineAccount", "Machine Account"}, - {PRIV_TCB, "SeTCB", "TCB"}, - {PRIV_SECURITY, "SeSecurityPrivilege", "Security Privilege"}, - {PRIV_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take Ownership Privilege"}, - {PRIV_LOAD_DRIVER, "SeLocalDriverPrivilege", "Local Driver Privilege"}, - {PRIV_SYSTEM_PROFILE, "SeSystemProfilePrivilege", "System Profile Privilege"}, - {PRIV_SYSTEMTIME, "SeSystemtimePrivilege", "System Time"}, - {PRIV_PROF_SINGLE_PROCESS, "SeProfileSingleProcessPrivilege", "Profile Single Process Privilege"}, - {PRIV_INC_BASE_PRIORITY, "SeIncreaseBasePriorityPrivilege", "Increase Base Priority Privilege"}, - {PRIV_CREATE_PAGEFILE, "SeCreatePagefilePrivilege", "Create Pagefile Privilege"}, - {PRIV_CREATE_PERMANENT, "SeCreatePermanent", "Create Permanent"}, - {PRIV_BACKUP, "SeBackupPrivilege", "Backup Privilege"}, - {PRIV_RESTORE, "SeRestorePrivilege", "Restore Privilege"}, - {PRIV_SHUTDOWN, "SeShutdownPrivilege", "Shutdown Privilege"}, - {PRIV_DEBUG, "SeDebugPrivilege", "Debug Privilege"}, - {PRIV_AUDIT, "SeAudit", "Audit"}, - {PRIV_SYSTEM_ENVIRONMENT, "SeSystemEnvironmentPrivilege", "System Environment Privilege"}, - {PRIV_CHANGE_NOTIFY, "SeChangeNotify", "Change Notify"}, - {PRIV_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Remote Shutdown Privilege"}, - {PRIV_UNDOCK, "SeUndock", "Undock"}, - {PRIV_SYNC_AGENT, "SeSynchronizationAgent", "Synchronization Agent"}, - {PRIV_ENABLE_DELEGATION, "SeEnableDelegation", "Enable Delegation"}, - {PRIV_ALL, "SaAllPrivs", "All Privileges"} -}; - -static struct gums_init_function_entry *backends = NULL; - -static void lazy_initialize_gums(void) -{ - static BOOL initialized = False; - - if (initialized) - return; - - static_init_gums; - initialized = True; -} - -static struct gums_init_function_entry *gums_find_backend_entry(const char *name); - -NTSTATUS gums_register_module(int version, const char *name, gums_init_function init_fn) -{ - struct gums_init_function_entry *entry = backends; - - if (version != GUMS_INTERFACE_VERSION) { - DEBUG(0,("Can't register gums backend!\n" - "You tried to register a gums module with" - "GUMS_INTERFACE_VERSION %d, while this version" - "of samba uses version %d\n", version, - GUMS_INTERFACE_VERSION)); - - return NT_STATUS_OBJECT_TYPE_MISMATCH; - } - - if (!name || !init_fn) { - return NT_STATUS_INVALID_PARAMETER; - } - - DEBUG(5,("Attempting to register gums backend %s\n", name)); - - /* Check for duplicates */ - if (gums_find_backend_entry(name)) { - DEBUG(0,("There already is a gums backend registered" - "with the name %s!\n", name)); - return NT_STATUS_OBJECT_NAME_COLLISION; - } - - entry = smb_xmalloc(sizeof(struct gums_init_function_entry)); - entry->name = smb_xstrdup(name); - entry->init_fn = init_fn; - - DLIST_ADD(backends, entry); - DEBUG(5,("Successfully added gums backend '%s'\n", name)); - return NT_STATUS_OK; -} - -static struct gums_init_function_entry *gums_find_backend_entry(const char *name) -{ - struct gums_init_function_entry *entry = backends; - - while (entry) { - if (strcmp(entry->name, name) == 0) - return entry; - entry = entry->next; - } - - return NULL; -} - -NTSTATUS gums_setup_backend(const char *backend) -{ - - TALLOC_CTX *mem_ctx; - char *module_name = smb_xstrdup(backend); - char *p, *module_data = NULL; - struct gums_init_function_entry *entry; - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - lazy_initialize_gums(); - - p = strchr(module_name, ':'); - if (p) { - *p = 0; - module_data = p+1; - trim_string(module_data, " ", " "); - } - - trim_string(module_name, " ", " "); - - DEBUG(5,("Attempting to find a gums backend to match %s (%s)\n", backend, module_name)); - - entry = gums_find_backend_entry(module_name); - - /* Try to find a module that contains this module */ - if (!entry) { - DEBUG(2,("No builtin backend found, trying to load plugin\n")); - if(NT_STATUS_IS_OK(smb_probe_module("gums", module_name)) && !(entry = gums_find_backend_entry(module_name))) { - DEBUG(0,("Plugin is available, but doesn't register gums backend %s\n", module_name)); - SAFE_FREE(module_name); - return NT_STATUS_UNSUCCESSFUL; - } - } - - /* No such backend found */ - if(!entry) { - DEBUG(0,("No builtin nor plugin backend for %s found\n", module_name)); - SAFE_FREE(module_name); - return NT_STATUS_INVALID_PARAMETER; - } - - DEBUG(5,("Found gums backend %s\n", module_name)); - - /* free current functions structure if any */ - if (gums_backend) { - gums_backend->free_private_data(gums_backend->private_data); - talloc_destroy(gums_backend->mem_ctx); - gums_backend = NULL; - } - - /* allocate a new GUMS_FUNCTIONS structure and memory context */ - mem_ctx = talloc_init("gums_backend (%s)", module_name); - if (!mem_ctx) - return NT_STATUS_NO_MEMORY; - gums_backend = talloc(mem_ctx, sizeof(GUMS_FUNCTIONS)); - if (!gums_backend) - return NT_STATUS_NO_MEMORY; - gums_backend->mem_ctx = mem_ctx; - - /* init the requested backend module */ - if (NT_STATUS_IS_OK(ret = entry->init_fn(gums_backend, module_data))) { - DEBUG(5,("gums backend %s has a valid init\n", backend)); - } else { - DEBUG(0,("gums backend %s did not correctly init (error was %s)\n", backend, nt_errstr(ret))); - } - SAFE_FREE(module_name); - return ret; -} - -NTSTATUS get_gums_fns(GUMS_FUNCTIONS **fns) -{ - if (gums_backend != NULL) { - *fns = gums_backend; - return NT_STATUS_OK; - } - - DEBUG(2, ("get_gums_fns: unable to get gums functions! backend uninitialized?\n")); - return NT_STATUS_UNSUCCESSFUL; -} diff --git a/source3/sam/gums_api.c b/source3/sam/gums_api.c deleted file mode 100644 index 17f7d33baa..0000000000 --- a/source3/sam/gums_api.c +++ /dev/null @@ -1,1378 +0,0 @@ -/* - Unix SMB/CIFS implementation. - GUMS structures - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -/* Functions to get/set info from a GUMS object */ - -NTSTATUS gums_create_object(GUMS_OBJECT **obj, uint32 type) -{ - TALLOC_CTX *mem_ctx = talloc_init("gums_create_object"); - GUMS_OBJECT *go; - NTSTATUS ret; - - go = talloc_zero(mem_ctx, sizeof(GUMS_OBJECT)); - go->mem_ctx = mem_ctx; - go->type = type; - go->version = GUMS_OBJECT_VERSION; - - switch(type) { - case GUMS_OBJ_DOMAIN: - go->data.domain = (GUMS_DOMAIN *)talloc_zero(mem_ctx, sizeof(GUMS_DOMAIN)); - break; - -/* - case GUMS_OBJ_WORKSTATION_TRUST: - case GUMS_OBJ_SERVER_TRUST: - case GUMS_OBJ_DOMAIN_TRUST: -*/ - case GUMS_OBJ_NORMAL_USER: - go->data.user = (GUMS_USER *)talloc_zero(mem_ctx, sizeof(GUMS_USER)); - break; - - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - go->data.group = (GUMS_GROUP *)talloc_zero(mem_ctx, sizeof(GUMS_GROUP)); - break; - - case GUMS_OBJ_PRIVILEGE: - go->data.priv = (GUMS_PRIVILEGE *)talloc_zero(mem_ctx, sizeof(GUMS_PRIVILEGE)); - break; - - default: - /* TODO: throw error */ - ret = NT_STATUS_OBJECT_TYPE_MISMATCH; - goto error; - } - - if (!(go->data.user)) { - ret = NT_STATUS_NO_MEMORY; - DEBUG(0, ("gums_create_object: Out of memory!\n")); - goto error; - } - - switch(type) { - case GUMS_OBJ_NORMAL_USER: - gums_set_user_acct_ctrl(go, ACB_NORMAL); - gums_set_user_hours(go, 0, NULL); - } - - *obj = go; - return NT_STATUS_OK; - -error: - talloc_destroy(go->mem_ctx); - *obj = NULL; - return ret; -} - -NTSTATUS gums_destroy_object(GUMS_OBJECT **obj) -{ - if (!obj || !(*obj)) - return NT_STATUS_INVALID_PARAMETER; - - if ((*obj)->mem_ctx) - talloc_destroy((*obj)->mem_ctx); - *obj = NULL; - - return NT_STATUS_OK; -} - -void gums_reset_object(GUMS_OBJECT *go) -{ - go->seq_num = 0; - go->sid = NULL; - go->name = NULL; - go->description = NULL; - - switch(go->type) { - case GUMS_OBJ_DOMAIN: - memset(go->data.domain, 0, sizeof(GUMS_DOMAIN)); - break; - -/* - case GUMS_OBJ_WORKSTATION_TRUST: - case GUMS_OBJ_SERVER_TRUST: - case GUMS_OBJ_DOMAIN_TRUST: -*/ - case GUMS_OBJ_NORMAL_USER: - memset(go->data.user, 0, sizeof(GUMS_USER)); - gums_set_user_acct_ctrl(go, ACB_NORMAL); - break; - - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - memset(go->data.group, 0, sizeof(GUMS_GROUP)); - break; - - case GUMS_OBJ_PRIVILEGE: - memset(go->data.priv, 0, sizeof(GUMS_PRIVILEGE)); - break; - - default: - return; - } -} - -uint32 gums_get_object_type(const GUMS_OBJECT *obj) -{ - if (!obj) - return 0; - - return obj->type; -} - -uint32 gums_get_object_seq_num(const GUMS_OBJECT *obj) -{ - if (!obj) - return 0; - - return obj->seq_num; -} - -uint32 gums_get_object_version(const GUMS_OBJECT *obj) -{ - if (!obj) - return 0; - - return obj->version; -} - -const SEC_DESC *gums_get_sec_desc(const GUMS_OBJECT *obj) -{ - if (!obj) - return NULL; - - return obj->sec_desc; -} - -const DOM_SID *gums_get_object_sid(const GUMS_OBJECT *obj) -{ - if (!obj) - return NULL; - - return obj->sid; -} - -const char *gums_get_object_name(const GUMS_OBJECT *obj) -{ - if (!obj) - return NULL; - - return obj->name; -} - -const char *gums_get_object_description(const GUMS_OBJECT *obj) -{ - if (!obj) - return NULL; - - return obj->description; -} - -NTSTATUS gums_set_object_seq_num(GUMS_OBJECT *obj, uint32 seq_num) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - obj->seq_num = seq_num; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_object_version(GUMS_OBJECT *obj, uint32 version) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - obj->version = version; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_sec_desc(GUMS_OBJECT *obj, const SEC_DESC *sec_desc) -{ - if (!obj || !sec_desc) - return NT_STATUS_INVALID_PARAMETER; - - obj->sec_desc = dup_sec_desc(obj->mem_ctx, sec_desc); - if (!(obj->sec_desc)) return NT_STATUS_UNSUCCESSFUL; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_object_sid(GUMS_OBJECT *obj, const DOM_SID *sid) -{ - if (!obj || !sid) - return NT_STATUS_INVALID_PARAMETER; - - obj->sid = sid_dup_talloc(obj->mem_ctx, sid); - if (!(obj->sid)) return NT_STATUS_UNSUCCESSFUL; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_object_name(GUMS_OBJECT *obj, const char *name) -{ - if (!obj || !name) - return NT_STATUS_INVALID_PARAMETER; - - obj->name = (char *)talloc_strdup(obj->mem_ctx, name); - if (!(obj->name)) return NT_STATUS_UNSUCCESSFUL; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_object_description(GUMS_OBJECT *obj, const char *description) -{ - if (!obj || !description) - return NT_STATUS_INVALID_PARAMETER; - - obj->description = (char *)talloc_strdup(obj->mem_ctx, description); - if (!(obj->description)) return NT_STATUS_UNSUCCESSFUL; - return NT_STATUS_OK; -} - -/* -NTSTATUS gums_get_object_privileges(PRIVILEGE_SET **priv_set, const GUMS_OBJECT *obj) -{ - if (!priv_set) - return NT_STATUS_INVALID_PARAMETER; - - *priv_set = obj->priv_set; - return NT_STATUS_OK; -} -*/ - -uint32 gums_get_domain_next_rid(const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_DOMAIN) - return -1; - - return obj->data.domain->next_rid; -} - -NTSTATUS gums_set_domain_next_rid(GUMS_OBJECT *obj, uint32 rid) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_DOMAIN) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.domain->next_rid = rid; - return NT_STATUS_OK; -} - -/* User specific functions */ - -const DOM_SID *gums_get_user_pri_group(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return NULL; - - return obj->data.user->group_sid; -} - -const DATA_BLOB gums_get_user_nt_pwd(const GUMS_OBJECT *obj) -{ - fstring p; - - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return data_blob(NULL, 0); - - smbpasswd_sethexpwd(p, (unsigned char *)(obj->data.user->nt_pw.data), 0); - DEBUG(100, ("Reading NT Password=[%s]\n", p)); - - return obj->data.user->nt_pw; -} - -const DATA_BLOB gums_get_user_lm_pwd(const GUMS_OBJECT *obj) -{ - fstring p; - - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return data_blob(NULL, 0); - - smbpasswd_sethexpwd(p, (unsigned char *)(obj->data.user->lm_pw.data), 0); - DEBUG(100, ("Reading LM Password=[%s]\n", p)); - - return obj->data.user->lm_pw; -} - -const char *gums_get_user_fullname(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return NULL; - - return obj->data.user->full_name; -} - -const char *gums_get_user_homedir(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return NULL; - - return obj->data.user->home_dir; -} - -const char *gums_get_user_dir_drive(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return NULL; - - return obj->data.user->dir_drive; -} - -const char *gums_get_user_profile_path(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return NULL; - - return obj->data.user->profile_path; -} - -const char *gums_get_user_logon_script(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return NULL; - - return obj->data.user->logon_script; -} - -const char *gums_get_user_workstations(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return NULL; - - return obj->data.user->workstations; -} - -const char *gums_get_user_unknown_str(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return NULL; - - return obj->data.user->unknown_str; -} - -const char *gums_get_user_munged_dial(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return NULL; - - return obj->data.user->munged_dial; -} - -NTTIME gums_get_user_logon_time(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) { - NTTIME null_time; - init_nt_time(&null_time); - return null_time; - } - - return obj->data.user->logon_time; -} - -NTTIME gums_get_user_logoff_time(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) { - NTTIME null_time; - init_nt_time(&null_time); - return null_time; - } - - return obj->data.user->logoff_time; -} - -NTTIME gums_get_user_kickoff_time(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) { - NTTIME null_time; - init_nt_time(&null_time); - return null_time; - } - - return obj->data.user->kickoff_time; -} - -NTTIME gums_get_user_pass_last_set_time(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) { - NTTIME null_time; - init_nt_time(&null_time); - return null_time; - } - - return obj->data.user->pass_last_set_time; -} - -NTTIME gums_get_user_pass_can_change_time(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) { - NTTIME null_time; - init_nt_time(&null_time); - return null_time; - } - - return obj->data.user->pass_can_change_time; -} - -NTTIME gums_get_user_pass_must_change_time(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) { - NTTIME null_time; - init_nt_time(&null_time); - return null_time; - } - - return obj->data.user->pass_must_change_time; -} - -uint16 gums_get_user_acct_ctrl(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return 0; - - return obj->data.user->acct_ctrl; -} - -uint16 gums_get_user_logon_divs(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return 0; - - return obj->data.user->logon_divs; -} - -uint32 gums_get_user_hours_len(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return 0; - - return obj->data.user->hours_len; -} - -const uint8 *gums_get_user_hours(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return NULL; - - return obj->data.user->hours; -} - -uint32 gums_get_user_unknown_3(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return 0; - - return obj->data.user->unknown_3; -} - -uint16 gums_get_user_bad_password_count(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return 0; - - return obj->data.user->bad_password_count; -} - -uint16 gums_get_user_logon_count(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return 0; - - return obj->data.user->logon_count; -} - -uint32 gums_get_user_unknown_6(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return 0; - - return obj->data.user->unknown_6; -} - -NTSTATUS gums_set_user_pri_group(GUMS_OBJECT *obj, const DOM_SID *sid) -{ - if (!obj || !sid) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->group_sid = sid_dup_talloc(obj->mem_ctx, sid); - if (!(obj->data.user->group_sid)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_nt_pwd(GUMS_OBJECT *obj, const DATA_BLOB nt_pwd) -{ - fstring p; - unsigned char r[16]; - - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->nt_pw = data_blob_talloc(obj->mem_ctx, nt_pwd.data, nt_pwd.length); - - memcpy(r, nt_pwd.data, 16); - smbpasswd_sethexpwd(p, r, 0); - DEBUG(100, ("Setting NT Password=[%s]\n", p)); - - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_lm_pwd(GUMS_OBJECT *obj, const DATA_BLOB lm_pwd) -{ - fstring p; - unsigned char r[16]; - - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->lm_pw = data_blob_talloc(obj->mem_ctx, lm_pwd.data, lm_pwd.length); - - memcpy(r, lm_pwd.data, 16); - smbpasswd_sethexpwd(p, r, 0); - DEBUG(100, ("Setting LM Password=[%s]\n", p)); - - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_fullname(GUMS_OBJECT *obj, const char *fullname) -{ - if (!obj || !fullname) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->full_name = (char *)talloc_strdup(obj->mem_ctx, fullname); - if (!(obj->data.user->full_name)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_homedir(GUMS_OBJECT *obj, const char *homedir) -{ - if (!obj || !homedir) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->home_dir = (char *)talloc_strdup(obj->mem_ctx, homedir); - if (!(obj->data.user->home_dir)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_dir_drive(GUMS_OBJECT *obj, const char *dir_drive) -{ - if (!obj || !dir_drive) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->dir_drive = (char *)talloc_strdup(obj->mem_ctx, dir_drive); - if (!(obj->data.user->dir_drive)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_logon_script(GUMS_OBJECT *obj, const char *logon_script) -{ - if (!obj || !logon_script) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->logon_script = (char *)talloc_strdup(obj->mem_ctx, logon_script); - if (!(obj->data.user->logon_script)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_profile_path(GUMS_OBJECT *obj, const char *profile_path) -{ - if (!obj || !profile_path) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->profile_path = (char *)talloc_strdup(obj->mem_ctx, profile_path); - if (!(obj->data.user->profile_path)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_workstations(GUMS_OBJECT *obj, const char *workstations) -{ - if (!obj || !workstations) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->workstations = (char *)talloc_strdup(obj->mem_ctx, workstations); - if (!(obj->data.user->workstations)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_unknown_str(GUMS_OBJECT *obj, const char *unknown_str) -{ - if (!obj || !unknown_str) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->unknown_str = (char *)talloc_strdup(obj->mem_ctx, unknown_str); - if (!(obj->data.user->unknown_str)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_munged_dial(GUMS_OBJECT *obj, const char *munged_dial) -{ - if (!obj || !munged_dial) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->munged_dial = (char *)talloc_strdup(obj->mem_ctx, munged_dial); - if (!(obj->data.user->munged_dial)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_logon_time(GUMS_OBJECT *obj, NTTIME logon_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->logon_time = logon_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_logoff_time(GUMS_OBJECT *obj, NTTIME logoff_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->logoff_time = logoff_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_kickoff_time(GUMS_OBJECT *obj, NTTIME kickoff_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->kickoff_time = kickoff_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_pass_last_set_time(GUMS_OBJECT *obj, NTTIME pass_last_set_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->pass_last_set_time = pass_last_set_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_pass_can_change_time(GUMS_OBJECT *obj, NTTIME pass_can_change_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->pass_can_change_time = pass_can_change_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_pass_must_change_time(GUMS_OBJECT *obj, NTTIME pass_must_change_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->pass_must_change_time = pass_must_change_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_acct_ctrl(GUMS_OBJECT *obj, uint16 acct_ctrl) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->acct_ctrl = acct_ctrl; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_logon_divs(GUMS_OBJECT *obj, uint16 logon_divs) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->logon_divs = logon_divs; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_hours(GUMS_OBJECT *obj, uint32 hours_len, const uint8 *hours) -{ - if (!obj || !hours) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->hours_len = hours_len; - if (hours_len == 0) - DEBUG(10, ("gums_set_user_hours: Warning, hours_len is zero!\n")); - - obj->data.user->hours = (uint8 *)talloc(obj->mem_ctx, MAX_HOURS_LEN); - if (!(obj->data.user->hours)) - return NT_STATUS_NO_MEMORY; - if (hours_len) - memcpy(obj->data.user->hours, hours, hours_len); - - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_unknown_3(GUMS_OBJECT *obj, uint32 unknown_3) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->unknown_3 = unknown_3; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_bad_password_count(GUMS_OBJECT *obj, uint16 bad_password_count) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->bad_password_count = bad_password_count; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_logon_count(GUMS_OBJECT *obj, uint16 logon_count) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->logon_count = logon_count; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_unknown_6(GUMS_OBJECT *obj, uint32 unknown_6) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->unknown_6 = unknown_6; - return NT_STATUS_OK; -} - -/* Group specific functions */ - -const DOM_SID *gums_get_group_members(int *count, const GUMS_OBJECT *obj) -{ - if (!count || !obj || !(obj->type == GUMS_OBJ_GROUP || obj->type == GUMS_OBJ_ALIAS)) { - *count = -1; - return NULL; - } - - *count = obj->data.group->count; - return obj->data.group->members; -} - -NTSTATUS gums_set_group_members(GUMS_OBJECT *obj, uint32 count, DOM_SID *members) -{ - uint32 n; - - if (!obj || ((count > 0) && !members)) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_GROUP && - obj->type != GUMS_OBJ_ALIAS) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.group->count = count; - - if (count) { - obj->data.group->members = (DOM_SID *)talloc(obj->mem_ctx, count * sizeof(DOM_SID)); - if (!(obj->data.group->members)) { - return NT_STATUS_NO_MEMORY; - } - - - n = 0; - do { - sid_copy(&(obj->data.group->members[n]), &(members[n])); - n++; - } while (n < count); - } else { - obj->data.group->members = 0; - } - - return NT_STATUS_OK; -} - -/* Privilege specific functions */ - -const LUID_ATTR *gums_get_priv_luid_attr(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_PRIVILEGE) - return NULL; - - return obj->data.priv->privilege; -} - -const DOM_SID *gums_get_priv_members(int *count, const GUMS_OBJECT *obj) -{ - if (!count || !obj || obj->type != GUMS_OBJ_PRIVILEGE) { - *count = -1; - return NULL; - } - - *count = obj->data.priv->count; - return obj->data.priv->members; -} - -NTSTATUS gums_set_priv_luid_attr(GUMS_OBJECT *obj, LUID_ATTR *luid_attr) -{ - if (!luid_attr || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_PRIVILEGE) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.priv->privilege = (LUID_ATTR *)talloc_memdup(obj->mem_ctx, luid_attr, sizeof(LUID_ATTR)); - if (!(obj->data.priv->privilege)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_priv_members(GUMS_OBJECT *obj, uint32 count, DOM_SID *members) -{ - uint32 n; - - if (!obj || !members || !members) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_PRIVILEGE) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.priv->count = count; - obj->data.priv->members = (DOM_SID *)talloc(obj->mem_ctx, count * sizeof(DOM_SID)); - if (!(obj->data.priv->members)) - return NT_STATUS_NO_MEMORY; - - n = 0; - do { - sid_copy(&(obj->data.priv->members[n]), &(members[n])); - n++; - } while (n < count); - - return NT_STATUS_OK; -} - -/* data_store set functions */ - -NTSTATUS gums_create_commit_set(GUMS_COMMIT_SET **com_set, DOM_SID *sid, uint32 type) -{ - TALLOC_CTX *mem_ctx; - - mem_ctx = talloc_init("commit_set"); - if (mem_ctx == NULL) - return NT_STATUS_NO_MEMORY; - - *com_set = (GUMS_COMMIT_SET *)talloc_zero(mem_ctx, sizeof(GUMS_COMMIT_SET)); - if (*com_set == NULL) { - talloc_destroy(mem_ctx); - return NT_STATUS_NO_MEMORY; - } - - (*com_set)->mem_ctx = mem_ctx; - (*com_set)->type = type; - sid_copy(&((*com_set)->sid), sid); - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_grow_data_set(GUMS_COMMIT_SET *com_set, int size) -{ - GUMS_DATA_SET *data_set; - - com_set->count = com_set->count + size; - if (com_set->count == size) { /* data set is empty*/ - data_set = (GUMS_DATA_SET *)talloc_zero(com_set->mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(com_set->mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data = data_set; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_set_sec_desc(GUMS_COMMIT_SET *com_set, SEC_DESC *sec_desc) -{ - NTSTATUS ret; - GUMS_DATA_SET *data_set; - SEC_DESC *new_sec_desc; - - if (!com_set || !sec_desc) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = gums_cs_grow_data_set(com_set, 1))) - return ret; - - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_SET_SEC_DESC; - new_sec_desc = dup_sec_desc(com_set->mem_ctx, sec_desc); - if (new_sec_desc == NULL) - return NT_STATUS_NO_MEMORY; - - (SEC_DESC *)(data_set->data) = new_sec_desc; - - return NT_STATUS_OK; -} - -/* -NTSTATUS gums_cs_add_privilege(GUMS_PRIV_COMMIT_SET *com_set, LUID_ATTR priv) -{ - NTSTATUS ret; - GUMS_DATA_SET *data_set; - LUID_ATTR *new_priv; - - if (!com_set) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_OK(ret = gums_pcs_grow_data_set(com_set, 1))) - return ret; - - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_ADD_PRIVILEGE; - if (!NT_STATUS_IS_OK(ret = dupalloc_luid_attr(com_set->mem_ctx, &new_priv, priv))) - return ret; - - (SEC_DESC *)(data_set->data) = new_priv; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_del_privilege(GUMS_PRIV_COMMIT_SET *com_set, LUID_ATTR priv) -{ - NTSTATUS ret; - GUMS_DATA_SET *data_set; - LUID_ATTR *new_priv; - - if (!com_set) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_OK(ret = gums_pcs_grow_data_set(com_set, 1))) - return ret; - - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_DEL_PRIVILEGE; - if (!NT_STATUS_IS_OK(ret = dupalloc_luid_attr(com_set->mem_ctx, &new_priv, priv))) - return ret; - - (SEC_DESC *)(data_set->data) = new_priv; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_set_privilege_set(GUMS_PRIV_COMMIT_SET *com_set, PRIVILEGE_SET *priv_set) -{ - NTSTATUS ret; - GUMS_DATA_SET *data_set; - PRIVILEGE_SET *new_priv_set; - - if (!com_set || !priv_set) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_OK(ret = gums_pcs_grow_data_set(com_set, 1))) - return ret; - - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_SET_PRIVILEGE; - if (!NT_STATUS_IS_OK(ret = init_priv_set_with_ctx(com_set->mem_ctx, &new_priv_set))) - return ret; - - if (!NT_STATUS_IS_OK(ret = dup_priv_set(new_priv_set, priv_set))) - return ret; - - (SEC_DESC *)(data_set->data) = new_priv_set; - - return NT_STATUS_OK; -} -*/ - -NTSTATUS gums_cs_set_string(GUMS_COMMIT_SET *com_set, uint32 type, char *str) -{ - NTSTATUS ret; - GUMS_DATA_SET *data_set; - char *new_str; - - if (!com_set || !str || type < GUMS_SET_NAME || type > GUMS_SET_MUNGED_DIAL) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = gums_cs_grow_data_set(com_set, 1))) - return ret; - - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = type; - new_str = talloc_strdup(com_set->mem_ctx, str); - if (new_str == NULL) - return NT_STATUS_NO_MEMORY; - - (char *)(data_set->data) = new_str; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_set_name(GUMS_COMMIT_SET *com_set, char *name) -{ - return gums_cs_set_string(com_set, GUMS_SET_NAME, name); -} - -NTSTATUS gums_cs_set_description(GUMS_COMMIT_SET *com_set, char *desc) -{ - return gums_cs_set_string(com_set, GUMS_SET_DESCRIPTION, desc); -} - -NTSTATUS gums_cs_set_full_name(GUMS_COMMIT_SET *com_set, char *full_name) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(com_set, GUMS_SET_NAME, full_name); -} - -NTSTATUS gums_cs_set_home_directory(GUMS_COMMIT_SET *com_set, char *home_dir) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(com_set, GUMS_SET_NAME, home_dir); -} - -NTSTATUS gums_cs_set_drive(GUMS_COMMIT_SET *com_set, char *drive) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(com_set, GUMS_SET_NAME, drive); -} - -NTSTATUS gums_cs_set_logon_script(GUMS_COMMIT_SET *com_set, char *logon_script) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(com_set, GUMS_SET_NAME, logon_script); -} - -NTSTATUS gums_cs_set_profile_path(GUMS_COMMIT_SET *com_set, char *prof_path) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(com_set, GUMS_SET_NAME, prof_path); -} - -NTSTATUS gums_cs_set_workstations(GUMS_COMMIT_SET *com_set, char *wks) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(com_set, GUMS_SET_NAME, wks); -} - -NTSTATUS gums_cs_set_unknown_string(GUMS_COMMIT_SET *com_set, char *unkn_str) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(com_set, GUMS_SET_NAME, unkn_str); -} - -NTSTATUS gums_cs_set_munged_dial(GUMS_COMMIT_SET *com_set, char *munged_dial) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(com_set, GUMS_SET_NAME, munged_dial); -} - -NTSTATUS gums_cs_set_nttime(GUMS_COMMIT_SET *com_set, uint32 type, NTTIME *nttime) -{ - NTSTATUS ret; - GUMS_DATA_SET *data_set; - NTTIME *new_time; - - if (!com_set || !nttime || type < GUMS_SET_LOGON_TIME || type > GUMS_SET_PASS_MUST_CHANGE_TIME) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = gums_cs_grow_data_set(com_set, 1))) - return ret; - - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = type; - new_time = talloc(com_set->mem_ctx, sizeof(NTTIME)); - if (new_time == NULL) - return NT_STATUS_NO_MEMORY; - - new_time->low = nttime->low; - new_time->high = nttime->high; - (char *)(data_set->data) = new_time; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_set_logon_time(GUMS_COMMIT_SET *com_set, NTTIME *logon_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(com_set, GUMS_SET_LOGON_TIME, logon_time); -} - -NTSTATUS gums_cs_set_logoff_time(GUMS_COMMIT_SET *com_set, NTTIME *logoff_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(com_set, GUMS_SET_LOGOFF_TIME, logoff_time); -} - -NTSTATUS gums_cs_set_kickoff_time(GUMS_COMMIT_SET *com_set, NTTIME *kickoff_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(com_set, GUMS_SET_KICKOFF_TIME, kickoff_time); -} - -NTSTATUS gums_cs_set_pass_last_set_time(GUMS_COMMIT_SET *com_set, NTTIME *pls_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(com_set, GUMS_SET_LOGON_TIME, pls_time); -} - -NTSTATUS gums_cs_set_pass_can_change_time(GUMS_COMMIT_SET *com_set, NTTIME *pcc_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(com_set, GUMS_SET_LOGON_TIME, pcc_time); -} - -NTSTATUS gums_cs_set_pass_must_change_time(GUMS_COMMIT_SET *com_set, NTTIME *pmc_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(com_set, GUMS_SET_LOGON_TIME, pmc_time); -} - -NTSTATUS gums_cs_add_sids_to_group(GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - NTSTATUS ret; - GUMS_DATA_SET *data_set; - DOM_SID **new_sids; - int i; - - if (!com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = gums_cs_grow_data_set(com_set, 1))) - return ret; - - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_ADD_SID_LIST; - new_sids = (DOM_SID **)talloc(com_set->mem_ctx, (sizeof(void *) * count)); - if (new_sids == NULL) - return NT_STATUS_NO_MEMORY; - for (i = 0; i < count; i++) { - new_sids[i] = sid_dup_talloc(com_set->mem_ctx, sids[i]); - if (new_sids[i] == NULL) - return NT_STATUS_NO_MEMORY; - } - - (SEC_DESC *)(data_set->data) = new_sids; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_add_users_to_group(GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - if (!com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_add_sids_to_group(com_set, sids, count); -} - -NTSTATUS gums_cs_add_groups_to_group(GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - if (!com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_add_sids_to_group(com_set, sids, count); -} - -NTSTATUS gums_cs_del_sids_from_group(GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - NTSTATUS ret; - GUMS_DATA_SET *data_set; - DOM_SID **new_sids; - int i; - - if (!com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = gums_cs_grow_data_set(com_set, 1))) - return ret; - - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_DEL_SID_LIST; - new_sids = (DOM_SID **)talloc(com_set->mem_ctx, (sizeof(void *) * count)); - if (new_sids == NULL) - return NT_STATUS_NO_MEMORY; - for (i = 0; i < count; i++) { - new_sids[i] = sid_dup_talloc(com_set->mem_ctx, sids[i]); - if (new_sids[i] == NULL) - return NT_STATUS_NO_MEMORY; - } - - (SEC_DESC *)(data_set->data) = new_sids; - - return NT_STATUS_OK; -} - -NTSTATUS gums_ds_set_sids_in_group(GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - NTSTATUS ret; - GUMS_DATA_SET *data_set; - DOM_SID **new_sids; - int i; - - if (!com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = gums_cs_grow_data_set(com_set, 1))) - return ret; - - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_SET_SID_LIST; - new_sids = (DOM_SID **)talloc(com_set->mem_ctx, (sizeof(void *) * count)); - if (new_sids == NULL) - return NT_STATUS_NO_MEMORY; - for (i = 0; i < count; i++) { - new_sids[i] = sid_dup_talloc(com_set->mem_ctx, sids[i]); - if (new_sids[i] == NULL) - return NT_STATUS_NO_MEMORY; - } - - (SEC_DESC *)(data_set->data) = new_sids; - - return NT_STATUS_OK; -} - -NTSTATUS gums_commit_data(GUMS_COMMIT_SET *set) -{ - NTSTATUS ret; - GUMS_FUNCTIONS *fns; - - if (!NT_STATUS_IS_OK(ret = get_gums_fns(&fns))) { - DEBUG(0, ("gums_commit_data: unable to get gums functions! backend uninitialized?\n")); - return ret; - } - return fns->set_object_values(&(set->sid), set->count, set->data); -} - -NTSTATUS gums_destroy_commit_set(GUMS_COMMIT_SET **com_set) -{ - talloc_destroy((*com_set)->mem_ctx); - *com_set = NULL; - - return NT_STATUS_OK; -} - diff --git a/source3/sam/gums_helper.c b/source3/sam/gums_helper.c deleted file mode 100644 index 5bbd054be1..0000000000 --- a/source3/sam/gums_helper.c +++ /dev/null @@ -1,383 +0,0 @@ -/* - Unix SMB/CIFS implementation. - GUMS backends helper functions - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -extern DOM_SID global_sid_World; -extern DOM_SID global_sid_Builtin; -extern DOM_SID global_sid_Builtin_Administrators; -extern DOM_SID global_sid_Builtin_Power_Users; -extern DOM_SID global_sid_Builtin_Account_Operators; -extern DOM_SID global_sid_Builtin_Server_Operators; -extern DOM_SID global_sid_Builtin_Print_Operators; -extern DOM_SID global_sid_Builtin_Backup_Operators; -extern DOM_SID global_sid_Builtin_Replicator; -extern DOM_SID global_sid_Builtin_Users; -extern DOM_SID global_sid_Builtin_Guests; - - -/* defines */ - -#define ALLOC_CHECK(str, ptr, err, label) do { if ((ptr) == NULL) { DEBUG(0, ("%s: out of memory!\n", str)); err = NT_STATUS_NO_MEMORY; goto label; } } while(0) -#define NTSTATUS_CHECK(err, label, str1, str2) do { if (NT_STATUS_IS_ERR(err)) { DEBUG(0, ("%s: %s\n", str1, str2)); } } while(0) - -/**************************************************************************** - Check if a user is a mapped group. - - This function will check if the group SID is mapped onto a - system managed gid or onto a winbind manged sid. - In the first case it will be threated like a mapped group - and the backend should take the member list with a getgrgid - and ignore any user that have been possibly set into the group - object. - - In the second case, the group is a fully SAM managed group - served back to the system through winbind. In this case the - members of a Local group are "unrolled" to cope with the fact - that unix cannot contain groups inside groups. - The backend MUST never call any getgr* / getpw* function or - loops with winbind may happen. - ****************************************************************************/ - -#if 0 -NTSTATUS is_mapped_group(BOOL *mapped, const DOM_SID *sid) -{ - NTSTATUS result; - gid_t id; - - /* look if mapping exist, do not make idmap alloc an uid if SID is not found */ - result = idmap_get_gid_from_sid(&id, sid, False); - if (NT_STATUS_IS_OK(result)) { - *mapped = gid_is_in_winbind_range(id); - } else { - *mapped = False; - } - - return result; -} -#endif - -#define ALIAS_DEFAULT_SACL_SA_RIGHTS 0x01050013 -#define ALIAS_DEFAULT_DACL_SA_RIGHTS \ - (READ_CONTROL_ACCESS | \ - SA_RIGHT_ALIAS_LOOKUP_INFO | \ - SA_RIGHT_ALIAS_GET_MEMBERS) /* 0x0002000c */ - -#define ALIAS_DEFAULT_SACL_SEC_ACE_FLAG (SEC_ACE_FLAG_FAILED_ACCESS | SEC_ACE_FLAG_SUCCESSFUL_ACCESS) /* 0xc0 */ - - -NTSTATUS create_builtin_alias_default_sec_desc(SEC_DESC **sec_desc, TALLOC_CTX *ctx) -{ - DOM_SID *world = &global_sid_World; - DOM_SID *admins = &global_sid_Builtin_Administrators; - SEC_ACCESS sa; - SEC_ACE sacl_ace; - SEC_ACE dacl_aces[2]; - SEC_ACL *sacl = NULL; - SEC_ACL *dacl = NULL; - size_t psize; - - init_sec_access(&sa, ALIAS_DEFAULT_SACL_SA_RIGHTS); - init_sec_ace(&sacl_ace, world, SEC_ACE_TYPE_SYSTEM_AUDIT, sa, ALIAS_DEFAULT_SACL_SEC_ACE_FLAG); - - sacl = make_sec_acl(ctx, NT4_ACL_REVISION, 1, &sacl_ace); - if (!sacl) { - DEBUG(0, ("build_init_sec_desc: Failed to make SEC_ACL.\n")); - return NT_STATUS_NO_MEMORY; - } - - init_sec_access(&sa, ALIAS_DEFAULT_DACL_SA_RIGHTS); - init_sec_ace(&(dacl_aces[0]), world, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0); - init_sec_access(&sa, SA_RIGHT_ALIAS_ALL_ACCESS); - init_sec_ace(&(dacl_aces[1]), admins, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0); - - dacl = make_sec_acl(ctx, NT4_ACL_REVISION, 2, dacl_aces); - if (!sacl) { - DEBUG(0, ("build_init_sec_desc: Failed to make SEC_ACL.\n")); - return NT_STATUS_NO_MEMORY; - } - - *sec_desc = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, admins, admins, sacl, dacl, &psize); - if (!(*sec_desc)) { - DEBUG(0,("get_share_security: Failed to make SEC_DESC.\n")); - return NT_STATUS_NO_MEMORY; - } - - return NT_STATUS_OK; -} - -NTSTATUS sec_desc_add_ace_to_dacl(SEC_DESC *sec_desc, TALLOC_CTX *ctx, DOM_SID *sid, uint32 mask) -{ - NTSTATUS result; - SEC_ACE *new_aces; - unsigned num_aces; - int i; - - num_aces = sec_desc->dacl->num_aces + 1; - result = sec_ace_add_sid(ctx, &new_aces, sec_desc->dacl->ace, &num_aces, sid, mask); - if (NT_STATUS_IS_OK(result)) { - sec_desc->dacl->ace = new_aces; - sec_desc->dacl->num_aces = num_aces; - sec_desc->dacl->size = SEC_ACL_HEADER_SIZE; - for (i = 0; i < num_aces; i++) { - sec_desc->dacl->size += sec_desc->dacl->ace[i].size; - } - } - return result; -} - -NTSTATUS gums_make_domain(DOM_SID *sid, const char *name, const char *description) -{ - NTSTATUS ret; - GUMS_OBJECT *go; - GUMS_FUNCTIONS *fns; - - if (!NT_STATUS_IS_OK(ret = get_gums_fns(&fns))) - return ret; - - if (!NT_STATUS_IS_OK(ret = gums_create_object(&go, GUMS_OBJ_DOMAIN))) - return ret; - - ret = gums_set_object_sid(go, sid); - NTSTATUS_CHECK(ret, done, "gums_make_alias", "unable to set sid!"); - - ret = gums_set_object_name(go, name); - NTSTATUS_CHECK(ret, done, "gums_make_alias", "unable to set name!"); - - if (description) { - ret = gums_set_object_description(go, description); - NTSTATUS_CHECK(ret, done, "gums_make_alias", "unable to set description!"); - } - - /* make security descriptor * / - ret = create_builtin_alias_default_sec_desc(&((*go).sec_desc), (*go).mem_ctx); - NTSTATUS_CHECK(ret, error, "gums_init_backend", "create_builtin_alias_default_sec_desc"); - */ - - ret = fns->set_object(go); - - gums_destroy_object(&go); - return ret; -} - -NTSTATUS gums_make_alias(DOM_SID *sid, const char *name, const char *description) -{ - NTSTATUS ret; - GUMS_OBJECT *go; - GUMS_FUNCTIONS *fns; - - if (!NT_STATUS_IS_OK(ret = get_gums_fns(&fns))) - return ret; - - if (!NT_STATUS_IS_OK(ret = gums_create_object(&go, GUMS_OBJ_ALIAS))) - return ret; - - ret = gums_set_object_sid(go, sid); - NTSTATUS_CHECK(ret, done, "gums_make_alias", "unable to set sid!"); - - ret = gums_set_object_name(go, name); - NTSTATUS_CHECK(ret, done, "gums_make_alias", "unable to set name!"); - - if (description) { - ret = gums_set_object_description(go, description); - NTSTATUS_CHECK(ret, done, "gums_make_alias", "unable to set description!"); - } - - /* make security descriptor * / - ret = create_builtin_alias_default_sec_desc(&((*go).sec_desc), (*go).mem_ctx); - NTSTATUS_CHECK(ret, error, "gums_init_backend", "create_builtin_alias_default_sec_desc"); - */ - - ret = fns->set_object(go); - - gums_destroy_object(&go); - return ret; -} - -NTSTATUS gums_init_domain(DOM_SID *sid, const char *name) -{ - NTSTATUS ret; - - /* Add the weelknown Builtin Domain */ - if (!NT_STATUS_IS_OK(ret = gums_make_domain( - sid, - name, - NULL - ))) { - return ret; - } - - /* Add default users and groups */ - /* Administrator - Guest - Domain Administrators - Domain Users - Domain Guests - */ - - return ret; -} - -NTSTATUS gums_init_builtin_domain(void) -{ - NTSTATUS ret; - - generate_wellknown_sids(); - - /* Add the weelknown Builtin Domain */ - if (!NT_STATUS_IS_OK(ret = gums_make_domain( - &global_sid_Builtin, - "BUILTIN", - "Builtin Domain" - ))) { - return ret; - } - - /* Add the well known Builtin Local Groups */ - - /* Administrators */ - if (!NT_STATUS_IS_OK(ret = gums_make_alias( - &global_sid_Builtin_Administrators, - "Administrators", - "Members can fully administer the computer/domain" - ))) { - return ret; - } - /* Administrator privilege set */ - /* From BDC join trace: - SeSecurityPrivilege, SeBackupPrivilege, SeRestorePrivilege, - SeSystemtimePrivilege, SeShutdownPrivilege, - SeRemoteShutdownPrivilege, SeTakeOwnershipPrivilege, - SeDebugPrivilege, SeSystemEnvironmentPrivilege, - SeSystemProfilePrivilege, SeProfileSingleProcessPrivilege, - SeIncreaseBasePriorityPrivilege, SeLocalDriverPrivilege, - SeCreatePagefilePrivilege, SeIncreaseQuotaPrivilege - */ - - /* Power Users */ - /* Domain Controllers Does NOT have Power Users (?) */ - if (!NT_STATUS_IS_OK(ret = gums_make_alias( - &global_sid_Builtin_Power_Users, - "Power Users", - "Power Users" - ))) { - return ret; - } - - /* Power Users privilege set */ - /* (?) */ - - /* Account Operators */ - if (!NT_STATUS_IS_OK(ret = gums_make_alias( - &global_sid_Builtin_Account_Operators, - "Account Operators", - "Members can administer domain user and group accounts" - ))) { - return ret; - } - - /* make privilege set */ - /* From BDC join trace: - SeShutdownPrivilege - */ - - /* Server Operators */ - if (!NT_STATUS_IS_OK(ret = gums_make_alias( - &global_sid_Builtin_Server_Operators, - "Server Operators", - "Members can administer domain servers" - ))) { - return ret; - } - - /* make privilege set */ - /* From BDC join trace: - SeBackupPrivilege, SeRestorePrivilege, SeSystemtimePrivilege, - SeShutdownPrivilege, SeRemoteShutdownPrivilege - */ - - /* Print Operators */ - if (!NT_STATUS_IS_OK(ret = gums_make_alias( - &global_sid_Builtin_Print_Operators, - "Print Operators", - "Members can administer domain printers" - ))) { - return ret; - } - - /* make privilege set */ - /* From BDC join trace: - SeShutdownPrivilege - */ - - /* Backup Operators */ - if (!NT_STATUS_IS_OK(ret = gums_make_alias( - &global_sid_Builtin_Backup_Operators, - "Backup Operators", - "Members can bypass file security to backup files" - ))) { - return ret; - } - - /* make privilege set */ - /* From BDC join trace: - SeBackupPrivilege, SeRestorePrivilege, SeShutdownPrivilege - */ - - /* Replicator */ - if (!NT_STATUS_IS_OK(ret = gums_make_alias( - &global_sid_Builtin_Replicator, - "Replicator", - "Supports file replication in a domain" - ))) { - return ret; - } - - /* make privilege set */ - /* From BDC join trace: - SeBackupPrivilege, SeRestorePrivilege, SeShutdownPrivilege - */ - - /* Users */ - if (!NT_STATUS_IS_OK(ret = gums_make_alias( - &global_sid_Builtin_Users, - "Users", - "Ordinary users" - ))) { - return ret; - } - - /* Users specific ACEs * / - sec_desc_add_ace_to_dacl(go->sec_desc, go->mem_ctx, &global_sid_Builtin_Account_Operators, ALIAS_DEFAULT_DACL_SA_RIGHTS); - sec_desc_add_ace_to_dacl(go->sec_desc, go->mem_ctx, &global_sid_Builtin_Power_Users, ALIAS_DEFAULT_DACL_SA_RIGHTS); - */ - - /* Guests */ - if (!NT_STATUS_IS_OK(ret = gums_make_alias( - &global_sid_Builtin_Guests, - "Guests", - "Users granted guest access to the computer/domain" - ))) { - return ret; - } - - return ret; -} - diff --git a/source3/sam/gums_tdbsam2.c b/source3/sam/gums_tdbsam2.c deleted file mode 100644 index 82e3923f7c..0000000000 --- a/source3/sam/gums_tdbsam2.c +++ /dev/null @@ -1,1297 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * tdbsam2 - sam backend - * Copyright (C) Simo Sorce 2002-2003 - * - * This program is free software; you can redistribute it and/or modify it under - * the terms of the GNU General Public License as published by the Free - * Software Foundation; either version 2 of the License, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along with - * this program; if not, write to the Free Software Foundation, Inc., 675 - * Mass Ave, Cambridge, MA 02139, USA. - */ - -#include "includes.h" -#include "tdbsam2.h" -#include "tdbsam2_parse_info.h" - -static int gums_tdbsam2_debug_class = DBGC_ALL; -/* -#undef DBGC_CLASS -#define DBGC_CLASS gums_tdbsam2_debug_class -*/ - -#define TDBSAM_VERSION 20021215 -#define TDB_FILE_NAME "tdbsam2.tdb" -#define NAMEPREFIX "NAME_" -#define SIDPREFIX "SID_" -#define PRIVILEGEPREFIX "PRIV_" - -#define TDB_FORMAT_STRING "ddB" - -#define TALLOC_CHECK(ptr, err, label) do { if ((ptr) == NULL) { DEBUG(0, ("%s: Out of memory!\n", FUNCTION_MACRO)); err = NT_STATUS_NO_MEMORY; goto label; } } while(0) -#define SET_OR_FAIL(func, label) do { if (!NT_STATUS_IS_OK(func)) { DEBUG(0, ("%s: Setting gums object data failed!\n", FUNCTION_MACRO)); goto label; } } while(0) - - - -struct tdbsam2_enum_objs { - uint32 type; - DOM_SID *dom_sid; - TDB_CONTEXT *db; - TDB_DATA key; - struct tdbsam2_enum_objs *next; -}; - -union tdbsam2_data { - struct tdbsam2_domain_data *domain; - struct tdbsam2_user_data *user; - struct tdbsam2_group_data *group; - struct tdbsam2_priv_data *priv; -}; - -struct tdbsam2_object { - uint32 type; - uint32 version; - union tdbsam2_data data; -}; - -struct tdbsam2_private_data { - - const char *storage; - struct tdbsam2_enum_objs *teo_handlers; -}; - -static struct tdbsam2_private_data *ts2_privs; - - -static NTSTATUS init_object_from_buffer(GUMS_OBJECT **go, char *buffer, int size) -{ - - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - TALLOC_CTX *mem_ctx; - int iret; - char *obj_data = NULL; - int data_size = 0; - int version, type; - int len; - - mem_ctx = talloc_init("init_object_from_buffer"); - if (!mem_ctx) { - DEBUG(0, ("init_object_from_buffer: Out of memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - len = tdb_unpack (buffer, size, TDB_FORMAT_STRING, - &version, - &type, - &data_size, &obj_data); - - if (len == -1 || data_size <= 0) - goto done; - - /* version is checked inside this function so that backward compatibility code can be - called eventually. - this way we can easily handle database format upgrades */ - if (version != TDBSAM_VERSION) { - DEBUG(3,("init_tdbsam2_object_from_buffer: Error, db object has wrong tdbsam version!\n")); - goto done; - } - - /* be sure the string is terminated before trying to parse it */ - if (obj_data[data_size - 1] != '\0') - obj_data[data_size - 1] = '\0'; - - *go = (GUMS_OBJECT *)talloc_zero(mem_ctx, sizeof(GUMS_OBJECT)); - TALLOC_CHECK(*go, ret, done); - - switch (type) { - - case GUMS_OBJ_DOMAIN: - iret = gen_parse(mem_ctx, pinfo_tdbsam2_domain_data, (char *)(*go), obj_data); - break; - - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - iret = gen_parse(mem_ctx, pinfo_tdbsam2_group_data, (char *)(*go), obj_data); - break; - - case GUMS_OBJ_NORMAL_USER: - iret = gen_parse(mem_ctx, pinfo_tdbsam2_user_data, (char *)(*go), obj_data); - break; - - case GUMS_OBJ_PRIVILEGE: - iret = gen_parse(mem_ctx, pinfo_tdbsam2_priv_data, (char *)(*go), obj_data); - break; - - default: - DEBUG(3,("init_object_from_buffer: Error, wrong object type number!\n")); - goto done; - } - - if (iret != 0) { - DEBUG(0, ("init_object_from_buffer: Fatal Error! Unable to parse object!\n")); - DEBUG(0, ("init_object_from_buffer: DB Corrupt ?")); - goto done; - } - - (*go)->mem_ctx = mem_ctx; - - ret = NT_STATUS_OK; -done: - SAFE_FREE(obj_data); - return ret; -} - -static NTSTATUS init_buffer_from_object(char **buffer, size_t *len, TALLOC_CTX *mem_ctx, GUMS_OBJECT *object) -{ - - NTSTATUS ret; - char *genbuf = NULL; - size_t buflen; - - if (!buffer) - return NT_STATUS_INVALID_PARAMETER; - - switch (gums_get_object_type(object)) { - - case GUMS_OBJ_DOMAIN: - genbuf = gen_dump(mem_ctx, pinfo_tdbsam2_domain_data, (char *)object, 0); - break; - - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - genbuf = gen_dump(mem_ctx, pinfo_tdbsam2_group_data, (char *)object, 0); - break; - - case GUMS_OBJ_NORMAL_USER: - genbuf = gen_dump(mem_ctx, pinfo_tdbsam2_user_data, (char *)object, 0); - break; - - case GUMS_OBJ_PRIVILEGE: - genbuf = gen_dump(mem_ctx, pinfo_tdbsam2_priv_data, (char *)object, 0); - break; - - default: - DEBUG(3,("init_buffer_from_object: Error, wrong object type number!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - if (genbuf == NULL) { - DEBUG(0, ("init_buffer_from_object: Fatal Error! Unable to dump object!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - buflen = tdb_pack(NULL, 0, TDB_FORMAT_STRING, - TDBSAM_VERSION, - object->type, - strlen(genbuf) + 1, genbuf); - - *buffer = talloc(mem_ctx, buflen); - TALLOC_CHECK(*buffer, ret, done); - - *len = tdb_pack(*buffer, buflen, TDB_FORMAT_STRING, - TDBSAM_VERSION, - object->type, - strlen(genbuf) + 1, genbuf); - - if (*len != buflen) { - DEBUG(0, ("init_buffer_from_object: something odd is going on here: bufflen (%d) != len (%d) in tdb_pack operations!\n", - buflen, *len)); - *buffer = NULL; - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - ret = NT_STATUS_OK; -done: - return ret; -} - -static NTSTATUS opentdb(TDB_CONTEXT **tdb, BOOL readonly) -{ - if (!tdb) - return NT_STATUS_INVALID_PARAMETER; - - *tdb = tdb_open_log(ts2_privs->storage, 0, TDB_DEFAULT, readonly?(O_RDONLY):(O_RDWR | O_CREAT), 0600); - if (!(*tdb)) - { - DEBUG(0, ("opentdb: Unable to open database (%s)!\n", ts2_privs->storage)); - return NT_STATUS_UNSUCCESSFUL; - } - - return NT_STATUS_OK; -} - -static NTSTATUS get_object_by_sid(TDB_CONTEXT *tdb, GUMS_OBJECT **obj, const DOM_SID *sid) -{ - NTSTATUS ret; - TDB_DATA data, key; - fstring keystr; - - if (!obj || !sid) - return NT_STATUS_INVALID_PARAMETER; - - slprintf(keystr, sizeof(keystr)-1, "%s%s", SIDPREFIX, sid_string_static(sid)); - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - data = tdb_fetch(tdb, key); - if (!data.dptr) { - DEBUG(5, ("get_object_by_sid: Entry not found!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdb))); - DEBUGADD(5, (" Key: %s\n", keystr)); - ret = NT_STATUS_NOT_FOUND; - goto done; - } - - if (!NT_STATUS_IS_OK(init_object_from_buffer(obj, data.dptr, data.dsize))) { - DEBUG(0, ("get_object_by_sid: Error fetching database, malformed entry!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - ret = NT_STATUS_OK; - -done: - SAFE_FREE(data.dptr); - return ret; -} - -static NTSTATUS get_object_by_name(TDB_CONTEXT *tdb, GUMS_OBJECT **obj, const char* name) -{ - - NTSTATUS ret = NT_STATUS_OK; - TDB_DATA data, key; - fstring keystr; - fstring objname; - DOM_SID sid; - fstring sidstr; - int sidstr_len; - - if (!obj || !name) - return NT_STATUS_INVALID_PARAMETER; - - /* Data is stored in all lower-case */ - fstrcpy(objname, name); - strlower_m(objname); - - slprintf(keystr, sizeof(keystr)-1, "%s%s", NAMEPREFIX, objname); - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - data = tdb_fetch(tdb, key); - if (!data.dptr) { - DEBUG(5, ("get_object_by_name: Entry not found!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdb))); - DEBUGADD(5, (" Key: %s\n", keystr)); - ret = NT_STATUS_NOT_FOUND; - goto done; - } - - fstrcpy(sidstr, data.dptr); - sidstr_len = data.dsize; - - SAFE_FREE(data.dptr); - - if (sidstr_len <= 0) { - DEBUG(5, ("get_object_by_name: Error unpacking database object!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - if (!string_to_sid(&sid, sidstr)) { - DEBUG(5, ("get_object_by_name: Error invalid sid string found in database object!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - -done: - if (NT_STATUS_IS_OK(ret)) - return get_object_by_sid(tdb, obj, &sid); - return ret; -} - -/* store a tdbsam2_object - * flag: TDB_REPLACE or TDB_MODIFY or TDB_INSERT - */ - -static NTSTATUS store_object(TDB_CONTEXT *tdb, const GUMS_OBJECT *object, int flag) -{ - - NTSTATUS ret = NT_STATUS_OK; - TDB_DATA data, data2, key, key2; - TALLOC_CTX *mem_ctx; - fstring keystr; - fstring sidstr; - fstring namestr; - fstring objname; - int r; - - /* TODO: on object renaming/replacing this function should - * check name->sid record and delete the old one - */ - - mem_ctx = talloc_init("store_object"); - if (!mem_ctx) { - DEBUG(0, ("store_object: Out of memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - if (!NT_STATUS_IS_OK(ret = init_buffer_from_object(&(data.dptr), &(data.dsize), mem_ctx, object))) - goto done; - - switch (object->type) { - - case GUMS_OBJ_DOMAIN: - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - case GUMS_OBJ_NORMAL_USER: - - fstrcpy(sidstr, sid_string_static(gums_get_object_sid(object))); - slprintf(keystr, sizeof(keystr) - 1, "%s%s", SIDPREFIX, sidstr); - break; - - default: - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Data is stored in all lower-case */ - fstrcpy(objname, gums_get_object_name(object)); - strlower_m(objname); - - slprintf(namestr, sizeof(namestr) - 1, "%s%s", NAMEPREFIX, objname); - - if (object->type != GUMS_OBJ_PRIVILEGE) { - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - if ((r = tdb_store(tdb, key, data, flag)) != TDB_SUCCESS) { - DEBUG(0, ("store_object: Unable to modify TDBSAM!\n")); - DEBUGADD(0, (" Error: %s", tdb_errorstr(tdb))); - DEBUGADD(0, (" occured while storing sid record (%s)\n", keystr)); - if (r == TDB_ERR_EXISTS) - ret = NT_STATUS_UNSUCCESSFUL; - else - ret = NT_STATUS_INTERNAL_DB_ERROR; - goto done; - } - - data2.dptr = sidstr; - data2.dsize = strlen(sidstr) + 1; - key2.dptr = namestr; - key2.dsize = strlen(namestr) + 1; - - if ((r = tdb_store(tdb, key2, data2, flag)) != TDB_SUCCESS) { - DEBUG(0, ("store_object: Unable to modify TDBSAM!\n")); - DEBUGADD(0, (" Error: %s", tdb_errorstr(tdb))); - DEBUGADD(0, (" occured while storing name record (%s)\n", keystr)); - DEBUGADD(0, (" attempting rollback operation.\n")); - if ((tdb_delete(tdb, key)) != TDB_SUCCESS) { - DEBUG(0, ("store_object: Unable to rollback! Check database consitency!\n")); - } - if (r == TDB_ERR_EXISTS) - ret = NT_STATUS_UNSUCCESSFUL; - else - ret = NT_STATUS_INTERNAL_DB_ERROR; - goto done; - } - } else { - key.dptr = namestr; - key.dsize = strlen(keystr) + 1; - - if ((r = tdb_store(tdb, key, data, flag)) != TDB_SUCCESS) { - DEBUG(0, ("store_object: Unable to modify TDBSAM!\n")); - DEBUGADD(0, (" Error: %s", tdb_errorstr(tdb))); - DEBUGADD(0, (" occured while storing sid record (%s)\n", keystr)); - if (r == TDB_ERR_EXISTS) - ret = NT_STATUS_UNSUCCESSFUL; - else - ret = NT_STATUS_INTERNAL_DB_ERROR; - goto done; - } - } - -/* TODO: update the general database counter */ -/* TODO: update this entry counter too */ - -done: - talloc_destroy(mem_ctx); - return ret; -} - -#if 0 -static NTSTATUS user_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_user_data *userdata) -{ - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - DATA_BLOB pwd; - - if (!object || !userdata) { - DEBUG(0, ("tdbsam2_user_data_to_gums_object: no NULL pointers are accepted here!\n")); - return ret; - } - - /* userdata->xcounter */ - /* userdata->sec_desc */ - - SET_OR_FAIL(gums_set_object_sid(*object, userdata->user_sid), error); - SET_OR_FAIL(gums_set_object_name(*object, userdata->name), error); - - SET_OR_FAIL(gums_set_user_pri_group(*object, userdata->group_sid), error); - - if (userdata->description) - SET_OR_FAIL(gums_set_object_description(*object, userdata->description), error); - - if (userdata->full_name) - SET_OR_FAIL(gums_set_user_fullname(*object, userdata->full_name), error); - - if (userdata->home_dir) - SET_OR_FAIL(gums_set_user_homedir(*object, userdata->home_dir), error); - - if (userdata->dir_drive) - SET_OR_FAIL(gums_set_user_dir_drive(*object, userdata->dir_drive), error); - - if (userdata->logon_script) - SET_OR_FAIL(gums_set_user_logon_script(*object, userdata->logon_script), error); - - if (userdata->profile_path) - SET_OR_FAIL(gums_set_user_profile_path(*object, userdata->profile_path), error); - - if (userdata->workstations) - SET_OR_FAIL(gums_set_user_workstations(*object, userdata->workstations), error); - - if (userdata->unknown_str) - SET_OR_FAIL(gums_set_user_unknown_str(*object, userdata->unknown_str), error); - - if (userdata->munged_dial) - SET_OR_FAIL(gums_set_user_munged_dial(*object, userdata->munged_dial), error); - - SET_OR_FAIL(gums_set_user_logon_divs(*object, userdata->logon_divs), error); - - if (userdata->hours) - SET_OR_FAIL(gums_set_user_hours(*object, userdata->hours_len, userdata->hours), error); - - SET_OR_FAIL(gums_set_user_unknown_3(*object, userdata->unknown_3), error); - SET_OR_FAIL(gums_set_user_unknown_5(*object, userdata->unknown_5), error); - SET_OR_FAIL(gums_set_user_unknown_6(*object, userdata->unknown_6), error); - - SET_OR_FAIL(gums_set_user_logon_time(*object, *(userdata->logon_time)), error); - SET_OR_FAIL(gums_set_user_logoff_time(*object, *(userdata->logoff_time)), error); - SET_OR_FAIL(gums_set_user_kickoff_time(*object, *(userdata->kickoff_time)), error); - SET_OR_FAIL(gums_set_user_pass_last_set_time(*object, *(userdata->pass_last_set_time)), error); - SET_OR_FAIL(gums_set_user_pass_can_change_time(*object, *(userdata->pass_can_change_time)), error); - SET_OR_FAIL(gums_set_user_pass_must_change_time(*object, *(userdata->pass_must_change_time)), error); - - pwd = data_blob(userdata->nt_pw_ptr, NT_HASH_LEN); - ret = gums_set_user_nt_pwd(*object, pwd); - data_blob_clear_free(&pwd); - if (!NT_STATUS_IS_OK(ret)) { - DEBUG(5, ("user_data_to_gums_object: failed to set nt password!\n")); - goto error; - } - pwd = data_blob(userdata->lm_pw_ptr, LM_HASH_LEN); - ret = gums_set_user_lm_pwd(*object, pwd); - data_blob_clear_free(&pwd); - if (!NT_STATUS_IS_OK(ret)) { - DEBUG(5, ("user_data_to_gums_object: failed to set lanman password!\n")); - goto error; - } - - ret = NT_STATUS_OK; - return ret; - -error: - talloc_destroy((*object)->mem_ctx); - *object = NULL; - return ret; -} - -static NTSTATUS group_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_group_data *groupdata) -{ - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - if (!object || !groupdata) { - DEBUG(0, ("tdbsam2_group_data_to_gums_object: no NULL pointers are accepted here!\n")); - return ret; - } - - /* groupdata->xcounter */ - /* groupdata->sec_desc */ - - SET_OR_FAIL(gums_set_object_sid(*object, groupdata->group_sid), error); - SET_OR_FAIL(gums_set_object_name(*object, groupdata->name), error); - - if (groupdata->description) - SET_OR_FAIL(gums_set_object_description(*object, groupdata->description), error); - - if (groupdata->count) - SET_OR_FAIL(gums_set_group_members(*object, groupdata->count, groupdata->members), error); - - ret = NT_STATUS_OK; - return ret; - -error: - talloc_destroy((*object)->mem_ctx); - *object = NULL; - return ret; -} - -static NTSTATUS domain_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_domain_data *domdata) -{ - - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - if (!object || !*object || !domdata) { - DEBUG(0, ("tdbsam2_domain_data_to_gums_object: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - /* domdata->xcounter */ - /* domdata->sec_desc */ - - SET_OR_FAIL(gums_set_object_sid(*object, domdata->dom_sid), error); - SET_OR_FAIL(gums_set_object_name(*object, domdata->name), error); - - if (domdata->description) - SET_OR_FAIL(gums_set_object_description(*object, domdata->description), error); - - ret = NT_STATUS_OK; - return ret; - -error: - talloc_destroy((*object)->mem_ctx); - *object = NULL; - return ret; -} - -static NTSTATUS priv_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_priv_data *privdata) -{ - - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - if (!object || !*object || !privdata) { - DEBUG(0, ("tdbsam2_priv_data_to_gums_object: no NULL pointers are accepted here!\n")); - return ret; - } - - /* domdata->xcounter */ - /* domdata->sec_desc */ - - SET_OR_FAIL(gums_set_priv_luid_attr(*object, privdata->privilege), error); - SET_OR_FAIL(gums_set_object_name(*object, privdata->name), error); - - if (privdata->description) - SET_OR_FAIL(gums_set_object_description(*object, privdata->description), error); - - if (privdata->count) - SET_OR_FAIL(gums_set_priv_members(*object, privdata->count, privdata->members), error); - - ret = NT_STATUS_OK; - return ret; - -error: - talloc_destroy((*object)->mem_ctx); - *object = NULL; - return ret; -} - -static NTSTATUS data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_object *data) -{ - - NTSTATUS ret; - - if (!object || !data) { - DEBUG(0, ("tdbsam2_user_data_to_gums_object: no NULL structure pointers are accepted here!\n")); - ret = NT_STATUS_INVALID_PARAMETER; - goto done; - } - - ret = gums_create_object(object, data->type); - if (!NT_STATUS_IS_OK(ret)) { - DEBUG(5, ("tdbsam2_user_data_to_gums_object: error creating gums object!\n")); - goto done; - } - - switch (data->type) { - - case GUMS_OBJ_DOMAIN: - ret = domain_data_to_gums_object(object, data->data.domain); - break; - - case GUMS_OBJ_NORMAL_USER: - ret = user_data_to_gums_object(object, data->data.user); - break; - - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - ret = group_data_to_gums_object(object, data->data.group); - break; - - case GUMS_OBJ_PRIVILEGE: - ret = priv_data_to_gums_object(object, data->data.priv); - break; - - default: - ret = NT_STATUS_UNSUCCESSFUL; - } - -done: - return ret; -} -#endif - -/* GUMM object functions */ - -static NTSTATUS tdbsam2_get_domain_sid(DOM_SID *sid, const char* name) -{ - - NTSTATUS ret; - TDB_CONTEXT *tdb; - GUMS_OBJECT *go; - fstring domname; - - if (!sid || !name) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = opentdb(&tdb, True))) { - return ret; - } - - /* Data is stored in all lower-case */ - fstrcpy(domname, name); - strlower_m(domname); - - if (!NT_STATUS_IS_OK(ret = get_object_by_name(tdb, &go, domname))) { - go = NULL; - DEBUG(0, ("tdbsam2_get_domain_sid: Error fetching database!\n")); - goto done; - } - - if (gums_get_object_type(go) != GUMS_OBJ_DOMAIN) { - DEBUG(5, ("tdbsam2_get_domain_sid: Requested object is not a domain!\n")); - ret = NT_STATUS_OBJECT_TYPE_MISMATCH; - goto done; - } - - sid_copy(sid, gums_get_object_sid(go)); - - ret = NT_STATUS_OK; - -done: - if (go) - gums_destroy_object(&go); - tdb_close(tdb); - return ret; -} - -static NTSTATUS get_next_sid(TDB_CONTEXT *tdb, DOM_SID *sid) -{ - NTSTATUS ret; - GUMS_OBJECT *go; - DOM_SID dom_sid; - TDB_DATA dom_sid_key; - fstring dom_sid_str; - uint32 new_rid; - - /* Find the domain SID */ - if (!NT_STATUS_IS_OK(tdbsam2_get_domain_sid(&dom_sid, global_myname()))) { - DEBUG(0, ("get_next_sid: cannot found the domain sid!!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - /* Lock the domain record */ - sid_to_string(dom_sid_str, &dom_sid); - dom_sid_key.dptr = dom_sid_str; - dom_sid_key.dsize = strlen(dom_sid_key.dptr) + 1; - - if(tdb_chainlock(tdb, dom_sid_key) != 0) { - DEBUG(0, ("get_next_sid: unable to lock domain record!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - /* Get the domain object */ - ret = get_object_by_sid(tdb, &go, &dom_sid); - if (!NT_STATUS_IS_OK(ret)) { - DEBUG(0, ("get_next_sid: unable to get root Domain object!\n")); - ret = NT_STATUS_INTERNAL_DB_ERROR; - goto done; - } - - new_rid = gums_get_domain_next_rid(go); - - /* Increment the RID Counter */ - gums_set_domain_next_rid(go, new_rid+1); - - /* Store back Domain object */ - ret = store_object(tdb, go, TDB_MODIFY); - if (!NT_STATUS_IS_OK(ret)) { - DEBUG(0, ("get_next_sid: unable to update root Domain object!\n")); - ret = NT_STATUS_INTERNAL_DB_ERROR; - goto done; - } - - /* Build the Domain SID to return */ - sid_copy(sid, &dom_sid); - - if (!sid_append_rid(sid, new_rid)) { - DEBUG(0, ("get_next_sid: unable to build new SID !?!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - ret = NT_STATUS_OK; - -done: - /* Unlock the Domain object */ - tdb_chainunlock(tdb, dom_sid_key); - - return ret; -} - -/* TODO */ - NTSTATUS (*get_sequence_number) (void); - - -extern DOM_SID global_sid_NULL; - -static NTSTATUS tdbsam2_new_object(DOM_SID *sid, const char *name, const int obj_type) -{ - - NTSTATUS ret = NT_STATUS_OK; - TDB_CONTEXT *tdb; - GUMS_OBJECT *go; - NTTIME null_time; - DATA_BLOB pw; - const char *defpw = "NOPASSWORDXXXXXX"; - uint8 defhours[21] = {255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255}; - - if (!name) { - DEBUG(0, ("tdbsam2_new_object: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(ret = opentdb(&tdb, False))) { - return ret; - } - - if (!NT_STATUS_IS_OK(ret = gums_create_object(&go, obj_type))) { - go = NULL; - goto done; - } - - if (obj_type != GUMS_OBJ_PRIVILEGE) { - if (!sid) { - ret = NT_STATUS_INVALID_PARAMETER; - goto done; - } - - if (obj_type == GUMS_OBJ_DOMAIN) { - sid_copy(sid, get_global_sam_sid()); - } else { - if (!NT_STATUS_IS_OK(ret = get_next_sid(tdb, sid))) - goto done; - } - - gums_set_object_sid(go, sid); - } - - gums_set_object_name(go, name); - gums_set_object_seq_num(go, 1); - - /*obj.data.domain->sec_desc*/ - - switch (obj_type) { - case GUMS_OBJ_NORMAL_USER: - - init_nt_time(&null_time); - - gums_set_user_logon_time(go, null_time); - gums_set_user_logoff_time(go, null_time); - gums_set_user_kickoff_time(go, null_time); - gums_set_user_pass_last_set_time(go, null_time); - gums_set_user_pass_can_change_time(go, null_time); - gums_set_user_pass_must_change_time(go, null_time); - - pw = data_blob(defpw, NT_HASH_LEN); - gums_set_user_nt_pwd(go, pw); - gums_set_user_lm_pwd(go, pw); - data_blob_free(&pw); - - gums_set_user_logon_divs(go, 168); - gums_set_user_hours(go, 21, defhours); - - gums_set_user_unknown_3(go, 0x00ffffff); - gums_set_user_bad_password_count(go, 0); - gums_set_user_logon_count(go, 0); - gums_set_user_unknown_6(go, 0x000004ec); - break; - - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - - break; - - case GUMS_OBJ_DOMAIN: - - gums_set_domain_next_rid(go, 0x3e9); - - break; - - case GUMS_OBJ_PRIVILEGE: - - break; - - default: - ret = NT_STATUS_OBJECT_TYPE_MISMATCH; - goto done; - } - - ret = store_object(tdb, go, TDB_INSERT); - -done: - if (go) - gums_destroy_object(&go); - tdb_close(tdb); - return ret; -} - -static NTSTATUS tdbsam2_delete_object(const DOM_SID *sid) -{ - /* TODO: need to address privilege deletion */ - NTSTATUS ret = NT_STATUS_OK; - TDB_CONTEXT *tdb; - GUMS_OBJECT *go; - TDB_DATA data, key; - fstring keystr; - - if (!sid) { - DEBUG(0, ("tdbsam2_delete_object: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(ret = opentdb(&tdb, False))) { - return ret; - } - - slprintf(keystr, sizeof(keystr)-1, "%s%s", SIDPREFIX, sid_string_static(sid)); - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - data = tdb_fetch(tdb, key); - if (!data.dptr) { - DEBUG(5, ("tdbsam2_delete_object: Error fetching database, SID entry not found!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdb))); - DEBUGADD(5, (" Key: %s\n", keystr)); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - if (tdb_delete(tdb, key) != TDB_SUCCESS) { - DEBUG(5, ("tdbsam2_delete_object: Error deleting object!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdb))); - DEBUGADD(5, (" Key: %s\n", keystr)); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - if (!NT_STATUS_IS_OK(init_object_from_buffer(&go, data.dptr, data.dsize))) { - DEBUG(0, ("tdbsam2_delete_object: Error fetching database, malformed entry!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - switch (go->type) { - case GUMS_OBJ_DOMAIN: - /* FIXME: SHOULD WE ALLOW TO DELETE DOMAINS ? */ - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - case GUMS_OBJ_NORMAL_USER: - slprintf(keystr, sizeof(keystr) - 1, "%s%s", NAMEPREFIX, gums_get_object_name(go)); - break; - default: - ret = NT_STATUS_OBJECT_TYPE_MISMATCH; - goto done; - } - - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - if (tdb_delete(tdb, key) != TDB_SUCCESS) { - DEBUG(5, ("tdbsam2_delete_object: Error deleting object!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdb))); - DEBUGADD(5, (" Key: %s\n", keystr)); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - -/* TODO: update the general database counter */ - -done: - gums_destroy_object(&go); - SAFE_FREE(data.dptr); - return ret; -} - -static NTSTATUS tdbsam2_get_object_from_sid(GUMS_OBJECT **object, const DOM_SID *sid, const int obj_type) -{ - NTSTATUS ret; - TDB_CONTEXT *tdb; - - if (!object || !sid) { - DEBUG(0, ("tdbsam2_get_object_from_sid: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(ret = opentdb(&tdb, True))) { - return ret; - } - - ret = get_object_by_sid(tdb, object, sid); - if (!NT_STATUS_IS_OK(ret) || (obj_type && gums_get_object_type(*object) != obj_type)) { - DEBUG(0, ("tdbsam2_get_object_from_sid: %s\n", nt_errstr(ret))); - goto error; - } - - tdb_close(tdb); - return NT_STATUS_OK; - -error: - gums_destroy_object(object); - tdb_close(tdb); - return ret; -} - -static NTSTATUS tdbsam2_get_object_from_name(GUMS_OBJECT **object, const char *name, const int obj_type) -{ - NTSTATUS ret; - TDB_CONTEXT *tdb; - - if (!object || !name) { - DEBUG(0, ("tdbsam2_get_object_from_name: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(ret = opentdb(&tdb, True))) { - return ret; - } - - *object = NULL; - ret = get_object_by_name(tdb, object, name); - if (!NT_STATUS_IS_OK(ret) || (obj_type && gums_get_object_type(*object) != obj_type)) { - DEBUG(0, ("tdbsam2_get_object_from_name: %s\n", nt_errstr(ret))); - goto error; - } - - tdb_close(tdb); - return NT_STATUS_OK; - -error: - gums_destroy_object(object); - tdb_close(tdb); - return ret; -} - - /* This function is used to get the list of all objects changed since base_time, it is - used to support PDC<->BDC synchronization */ - NTSTATUS (*get_updated_objects) (GUMS_OBJECT **objects, const NTTIME base_time); - -static NTSTATUS tdbsam2_enumerate_objects_start(void **handle, const DOM_SID *sid, const int obj_type) -{ - struct tdbsam2_enum_objs *teo, *t; - - teo = (struct tdbsam2_enum_objs *)malloc(sizeof(struct tdbsam2_enum_objs)); - if (!teo) { - DEBUG(0, ("tdbsam2_enumerate_objects_start: Out of Memory!\n")); - return NT_STATUS_NO_MEMORY; - } - memset(teo, 0, sizeof(struct tdbsam2_enum_objs)); - - teo->type = obj_type; - if (sid) { - teo->dom_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); - if (!teo->dom_sid) { - DEBUG(0, ("tdbsam2_enumerate_objects_start: Out of Memory!\n")); - return NT_STATUS_NO_MEMORY; - } - sid_copy(teo->dom_sid, sid); - } - - if (!NT_STATUS_IS_OK(opentdb(&(teo->db), True))) - { - DEBUG(0, ("tdbsam2_enumerate_objects_start: Unable to open database (%s)!\n", ts2_privs->storage)); - SAFE_FREE(teo); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!ts2_privs->teo_handlers) { - ts2_privs->teo_handlers = teo; - } else { - t = ts2_privs->teo_handlers; - while (t->next) { - t = t->next; - } - t->next = teo; - } - - *handle = teo; - - teo->key = tdb_firstkey(teo->db); - - return NT_STATUS_OK; -} - -static NTSTATUS tdbsam2_enumerate_objects_get_next(GUMS_OBJECT **object, void *handle) -{ - NTSTATUS ret; - TDB_DATA data; - struct tdbsam2_enum_objs *teo; - const char *prefix = SIDPREFIX; - const int preflen = strlen(prefix); - fstring dom_sid_str; - int dom_sid_str_len = 0; - - if (!object || !handle) { - DEBUG(0, ("tdbsam2_get_object_from_sid: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - teo = (struct tdbsam2_enum_objs *)handle; - - if (teo->dom_sid) { - sid_to_string(dom_sid_str, teo->dom_sid); - dom_sid_str_len = strlen(dom_sid_str); - } - - while ((teo->key.dptr != NULL)) { - int len, version, type, size; - char *ptr; - - if (strncmp(teo->key.dptr, prefix, preflen)) { - teo->key = tdb_nextkey(teo->db, teo->key); - continue; - } - - if (dom_sid_str_len != 0) { - if (strncmp(&(teo->key.dptr[preflen]), dom_sid_str, dom_sid_str_len)) { - teo->key = tdb_nextkey(teo->db, teo->key); - continue; - } - } - - data = tdb_fetch(teo->db, teo->key); - if (!data.dptr) { - DEBUG(5, ("tdbsam2_enumerate_objects_get_next: Error fetching database, SID entry not found!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(teo->db))); - DEBUGADD(5, (" Key: %s\n", teo->key.dptr)); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - len = tdb_unpack (data.dptr, data.dsize, TDB_FORMAT_STRING, - &version, - &type, - &size, &ptr); - - if (len == -1) { - DEBUG(5, ("tdbsam2_enumerate_objects_get_next: Error unable to unpack data!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - SAFE_FREE(ptr); - - if (teo->type && type != teo->type) { - SAFE_FREE(data.dptr); - data.dsize = 0; - teo->key = tdb_nextkey(teo->db, teo->key); - continue; - } - - break; - } - - if (teo->key.dptr == NULL) { /* no more objs */ - ret = NT_STATUS_NO_MORE_ENTRIES; - goto done; - } - - if (!NT_STATUS_IS_OK(ret = init_object_from_buffer(object, data.dptr, data.dsize))) { - SAFE_FREE(data.dptr); - DEBUG(0, ("tdbsam2_enumerate_objects_get_next: Error fetching database, malformed entry!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - SAFE_FREE(data.dptr); - - /* prepare next run */ - teo->key = tdb_nextkey(teo->db, teo->key); - -done: - return ret; -} - -static NTSTATUS tdbsam2_enumerate_objects_stop(void *handle) -{ - struct tdbsam2_enum_objs *teo, *t, *p; - - teo = (struct tdbsam2_enum_objs *)handle; - - if (ts2_privs->teo_handlers == teo) { - ts2_privs->teo_handlers = teo->next; - } else { - t = ts2_privs->teo_handlers; - while (t != teo) { - p = t; - t = t->next; - if (t == NULL) { - DEBUG(0, ("tdbsam2_enumerate_objects_stop: Error, handle not found!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - } - p = t->next; - } - - tdb_close(teo->db); - SAFE_FREE(teo->dom_sid); - SAFE_FREE(teo); - - return NT_STATUS_OK; -} - -static NTSTATUS tdbsam2_set_object(const GUMS_OBJECT *go) -{ - NTSTATUS ret; - TDB_CONTEXT *tdb; - - if (!go) - return NT_STATUS_INVALID_PARAMETER; - - if (!NT_STATUS_IS_OK(ret = opentdb(&tdb, False))) { - return ret; - } - - ret = store_object(tdb, go, TDB_REPLACE); - - tdb_close(tdb); - return ret; -} - - /* set object values function */ -static NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET *data_set); - - /* Group related functions */ -static NTSTATUS (*add_memberss_to_group) (const DOM_SID *group, const DOM_SID **members); - NTSTATUS (*delete_members_from_group) (const DOM_SID *group, const DOM_SID **members); -static NTSTATUS (*enumerate_group_members) (DOM_SID **members, const DOM_SID *sid, const int type); - -static NTSTATUS (*get_sid_groups) (DOM_SID **groups, const DOM_SID *sid); - -static NTSTATUS (*lock_sid) (const DOM_SID *sid); -static NTSTATUS (*unlock_sid) (const DOM_SID *sid); - - /* privileges related functions */ - -static NTSTATUS (*add_members_to_privilege) (const LUID_ATTR *priv, const DOM_SID **members); -static NTSTATUS (*delete_members_from_privilege) (const LUID_ATTR *priv, const DOM_SID **members); -static NTSTATUS (*enumerate_privilege_members) (DOM_SID **members, const LUID_ATTR *priv); -static NTSTATUS (*get_sid_privileges) (DOM_SID **privs, const DOM_SID *sid); - /* warning!: set_privilege will overwrite a prior existing privilege if such exist */ -static NTSTATUS (*set_privilege) (GUMS_PRIVILEGE *priv); - -static void free_tdbsam2_private_data(void **vp) -{ - struct tdbsam2_private_data **tdb_privs = (struct tdbsam2_private_data **)vp; - while (ts2_privs->teo_handlers) - tdbsam2_enumerate_objects_stop(ts2_privs->teo_handlers); - *tdb_privs = NULL; - /* No need to free any further, as it is talloc()ed */ -} - -static NTSTATUS init_tdbsam2(GUMS_FUNCTIONS *fns, const char *storage) -{ - NTSTATUS ret; - TDB_CONTEXT *tdb; - DOM_SID dom_sid; - - fns->name = talloc_strdup(fns->mem_ctx, "tdbsam2"); - - fns->get_domain_sid = tdbsam2_get_domain_sid; - /* fns->get_sequence_number = tdbsam2_get_sequence_number; */ - fns->new_object = tdbsam2_new_object; - fns->delete_object = tdbsam2_delete_object; - fns->get_object_from_sid = tdbsam2_get_object_from_sid; - fns->get_object_from_name = tdbsam2_get_object_from_name; - /* fns->get_updated_objects = tdbsam2_get_updated_objects; */ - fns->enumerate_objects_start = tdbsam2_enumerate_objects_start; - fns->enumerate_objects_get_next = tdbsam2_enumerate_objects_get_next; - fns->enumerate_objects_stop = tdbsam2_enumerate_objects_stop; - fns->set_object = tdbsam2_set_object; - /* fns->set_object_values = tdbsam2_set_object_values; - fns->add_members_to_group = tdbsam2_add_members_to_group; - fns->delete_members_from_group = tdbsam2_delete_members_from_group; - fns->enumerate_group_members = tdbsam2_enumerate_group_members; - fns->get_sid_groups = tdbsam2_get_sid_groups; - fns->lock_sid = tdbsam2_lock_sid; - fns->unlock_sid = tdbsam2_unlock_sid; - fns->add_members_to_privilege = tdbsam2_add_members_to_privilege; - fns->delete_members_from_privilege = tdbsam2_delete_members_from_privilege; - fns->enumerate_privilege_members = tdbsam2_enumerate_privilege_members; - fns->get_sid_privileges = tdbsam2_get_sid_privileges; - fns->set_privilege = tdbsam2_set_privilege; */ - - ts2_privs = talloc_zero(fns->mem_ctx, sizeof(struct tdbsam2_private_data)); - if (!ts2_privs) { - DEBUG(0, ("talloc() failed for tdbsam2 private_data!\n")); - return NT_STATUS_NO_MEMORY; - } - - if (storage) { - ts2_privs->storage = talloc_strdup(fns->mem_ctx, storage); - } else { - pstring tdbfile; - get_private_directory(tdbfile); - pstrcat(tdbfile, "/"); - pstrcat(tdbfile, TDB_FILE_NAME); - ts2_privs->storage = talloc_strdup(fns->mem_ctx, tdbfile); - } - - /* check tdb exist (or create it) */ - - /* Find the domain SID */ - if (!NT_STATUS_IS_OK(tdbsam2_get_domain_sid(&dom_sid, global_myname()))) { - /* db file does not exist or it is not inited */ - /* make the tdb file */ - if (!NT_STATUS_IS_OK(ret = opentdb(&tdb, False))) { - return ret; - } - tdb_close(tdb); - - if (!NT_STATUS_IS_OK(tdbsam2_get_domain_sid(&dom_sid, "BUILTIN"))) { - gums_init_builtin_domain(); - } - - gums_init_domain(get_global_sam_sid(), global_myname()); - } - - fns->private_data = &ts2_privs; - fns->free_private_data = free_tdbsam2_private_data; - - return NT_STATUS_OK; -} - -NTSTATUS gums_tdbsam2_init(void) -{ - /* - if ((gums_tdbsam2_debug_class = debug_add_class("gums_tdbsam2")) == -1) { - DEBUG(0, ("gums_tdbsam2: unable to register my own debug class! going on ...\n")); - gums_tdbsam2_debug_class = DBGC_ALL; - } - */ - return gums_register_module(GUMS_INTERFACE_VERSION, "tdbsam2", init_tdbsam2); -} diff --git a/source3/sam/interface.c b/source3/sam/interface.c deleted file mode 100644 index 51ae561999..0000000000 --- a/source3/sam/interface.c +++ /dev/null @@ -1,1338 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Password and authentication handling - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Jelmer Vernooij 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Kai Krger 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -extern DOM_SID global_sid_Builtin; - -/** List of various built-in sam modules */ - -const struct sam_init_function_entry builtin_sam_init_functions[] = { - { "plugin", sam_init_plugin }, -#ifdef HAVE_LDAP - { "ads", sam_init_ads }, -#endif - { "skel", sam_init_skel }, - { NULL, NULL} -}; - - -static NTSTATUS sam_get_methods_by_sid(const SAM_CONTEXT *context, SAM_METHODS **sam_method, const DOM_SID *domainsid) -{ - SAM_METHODS *tmp_methods; - - DEBUG(5,("sam_get_methods_by_sid: %d\n", __LINE__)); - - /* invalid sam_context specified */ - SAM_ASSERT(context && context->methods); - - tmp_methods = context->methods; - - while (tmp_methods) { - if (sid_equal(domainsid, &(tmp_methods->domain_sid))) - { - (*sam_method) = tmp_methods; - return NT_STATUS_OK; - } - tmp_methods = tmp_methods->next; - } - - DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", sid_string_static(domainsid))); - - return NT_STATUS_NO_SUCH_DOMAIN; -} - -static NTSTATUS sam_get_methods_by_name(const SAM_CONTEXT *context, SAM_METHODS **sam_method, const char *domainname) -{ - SAM_METHODS *tmp_methods; - - DEBUG(5,("sam_get_methods_by_name: %d\n", __LINE__)); - - /* invalid sam_context specified */ - SAM_ASSERT(context && context->methods); - - tmp_methods = context->methods; - - while (tmp_methods) { - if (strequal(domainname, tmp_methods->domain_name)) - { - (*sam_method) = tmp_methods; - return NT_STATUS_OK; - } - tmp_methods = tmp_methods->next; - } - - DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", domainname)); - - return NT_STATUS_NO_SUCH_DOMAIN; -} - -static NTSTATUS make_sam_methods(TALLOC_CTX *mem_ctx, SAM_METHODS **methods) -{ - *methods = talloc(mem_ctx, sizeof(SAM_METHODS)); - - if (!*methods) { - return NT_STATUS_NO_MEMORY; - } - - ZERO_STRUCTP(*methods); - - return NT_STATUS_OK; -} - -/****************************************************************** - Free and cleanup a sam context, any associated data and anything - that the attached modules might have associated. - *******************************************************************/ - -void free_sam_context(SAM_CONTEXT **context) -{ - SAM_METHODS *sam_selected = (*context)->methods; - - while (sam_selected) { - if (sam_selected->free_private_data) { - sam_selected->free_private_data(&(sam_selected->private_data)); - } - sam_selected = sam_selected->next; - } - - talloc_destroy((*context)->mem_ctx); - *context = NULL; -} - -/****************************************************************** - Make a backend_entry from scratch - *******************************************************************/ - -static NTSTATUS make_backend_entry(SAM_BACKEND_ENTRY *backend_entry, char *sam_backend_string) -{ - char *tmp = NULL; - char *tmp_string = sam_backend_string; - - DEBUG(5,("make_backend_entry: %d\n", __LINE__)); - - SAM_ASSERT(sam_backend_string && backend_entry); - - backend_entry->module_name = sam_backend_string; - - DEBUG(5,("makeing backend_entry for %s\n", backend_entry->module_name)); - - if ((tmp = strrchr(tmp_string, '|')) != NULL) { - DEBUGADD(20,("a domain name has been specified\n")); - *tmp = 0; - backend_entry->domain_name = smb_xstrdup(tmp + 1); - tmp_string = tmp + 1; - } - - if ((tmp = strchr(tmp_string, ':')) != NULL) { - DEBUG(20,("options for the backend have been specified\n")); - *tmp = 0; - backend_entry->module_params = smb_xstrdup(tmp + 1); - tmp_string = tmp + 1; - } - - if (backend_entry->domain_name == NULL) { - DEBUG(10,("make_backend_entry: no domain was specified for sam module %s. Using default domain %s\n", - backend_entry->module_name, lp_workgroup())); - backend_entry->domain_name = smb_xstrdup(lp_workgroup()); - } - - if ((backend_entry->domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID))) == NULL) { - DEBUG(0,("make_backend_entry: failed to malloc domain_sid\n")); - return NT_STATUS_NO_MEMORY; - } - - DEBUG(10,("looking up sid for domain %s\n", backend_entry->domain_name)); - - if (!secrets_fetch_domain_sid(backend_entry->domain_name, backend_entry->domain_sid)) { - DEBUG(2,("make_backend_entry: There is no SID stored for domain %s. Creating a new one.\n", - backend_entry->domain_name)); - DEBUG(0, ("FIXME in %s:%d\n", __FILE__, __LINE__)); - ZERO_STRUCTP(backend_entry->domain_sid); - } - - DEBUG(5,("make_backend_entry: module name: %s, module parameters: %s, domain name: %s, domain sid: %s\n", - backend_entry->module_name, backend_entry->module_params, backend_entry->domain_name, sid_string_static(backend_entry->domain_sid))); - - return NT_STATUS_OK; -} - -/****************************************************************** - create sam_methods struct based on sam_backend_entry - *****************************************************************/ - -static NTSTATUS make_sam_methods_backend_entry(SAM_CONTEXT *context, SAM_METHODS **methods_ptr, SAM_BACKEND_ENTRY *backend_entry) -{ - NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; - SAM_METHODS *methods; - int i; - - DEBUG(5,("make_sam_methods_backend_entry: %d\n", __LINE__)); - - if (!NT_STATUS_IS_OK(nt_status = make_sam_methods(context->mem_ctx, methods_ptr))) { - return nt_status; - } - - methods = *methods_ptr; - methods->backendname = talloc_strdup(context->mem_ctx, backend_entry->module_name); - methods->domain_name = talloc_strdup(context->mem_ctx, backend_entry->domain_name); - sid_copy(&methods->domain_sid, backend_entry->domain_sid); - methods->parent = context; - - DEBUG(5,("Attempting to find sam backend %s\n", backend_entry->module_name)); - for (i = 0; builtin_sam_init_functions[i].module_name; i++) - { - if (strequal(builtin_sam_init_functions[i].module_name, backend_entry->module_name)) - { - DEBUG(5,("Found sam backend %s (at pos %d)\n", backend_entry->module_name, i)); - DEBUGADD(5,("initialising it with options=%s for domain %s\n", backend_entry->module_params, sid_string_static(backend_entry->domain_sid))); - nt_status = builtin_sam_init_functions[i].init(methods, backend_entry->module_params); - if (NT_STATUS_IS_OK(nt_status)) { - DEBUG(5,("sam backend %s has a valid init\n", backend_entry->module_name)); - } else { - DEBUG(2,("sam backend %s did not correctly init (error was %s)\n", - backend_entry->module_name, nt_errstr(nt_status))); - } - return nt_status; - } - } - - DEBUG(2,("could not find backend %s\n", backend_entry->module_name)); - - return NT_STATUS_INVALID_PARAMETER; -} - -static NTSTATUS sam_context_check_default_backends(SAM_CONTEXT *context) -{ - SAM_BACKEND_ENTRY entry; - DOM_SID *global_sam_sid = get_global_sam_sid(); /* lp_workgroup doesn't play nicely with multiple domains */ - SAM_METHODS *methods, *tmpmethods; - NTSTATUS ntstatus; - - DEBUG(5,("sam_context_check_default_backends: %d\n", __LINE__)); - - /* Make sure domain lp_workgroup() is available */ - - ntstatus = sam_get_methods_by_sid(context, &methods, &global_sid_Builtin); - - if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_NO_SUCH_DOMAIN)) { - DEBUG(4,("There was no backend specified for domain %s(%s); using %s\n", - lp_workgroup(), sid_string_static(global_sam_sid), SAM_DEFAULT_BACKEND)); - - SAM_ASSERT(global_sam_sid); - - entry.module_name = SAM_DEFAULT_BACKEND; - entry.module_params = NULL; - entry.domain_name = lp_workgroup(); - entry.domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); - sid_copy(entry.domain_sid, global_sam_sid); - - if (!NT_STATUS_IS_OK(ntstatus = make_sam_methods_backend_entry(context, &methods, &entry))) { - DEBUG(4,("make_sam_methods_backend_entry failed\n")); - return ntstatus; - } - - DLIST_ADD_END(context->methods, methods, tmpmethods); - - } else if (!NT_STATUS_IS_OK(ntstatus)) { - DEBUG(2, ("sam_get_methods_by_sid failed for %s\n", lp_workgroup())); - return ntstatus; - } - - /* Make sure the BUILTIN domain is available */ - - ntstatus = sam_get_methods_by_sid(context, &methods, global_sam_sid); - - if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_NO_SUCH_DOMAIN)) { - DEBUG(4,("There was no backend specified for domain BUILTIN; using %s\n", - SAM_DEFAULT_BACKEND)); - entry.module_name = SAM_DEFAULT_BACKEND; - entry.module_params = NULL; - entry.domain_name = "BUILTIN"; - entry.domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); - sid_copy(entry.domain_sid, &global_sid_Builtin); - - if (!NT_STATUS_IS_OK(ntstatus = make_sam_methods_backend_entry(context, &methods, &entry))) { - DEBUG(4,("make_sam_methods_backend_entry failed\n")); - return ntstatus; - } - - DLIST_ADD_END(context->methods, methods, tmpmethods); - } else if (!NT_STATUS_IS_OK(ntstatus)) { - DEBUG(2, ("sam_get_methods_by_sid failed for BUILTIN\n")); - return ntstatus; - } - - return NT_STATUS_OK; -} - -static NTSTATUS check_duplicate_backend_entries(SAM_BACKEND_ENTRY **backend_entries, int *nBackends) -{ - int i, j; - - DEBUG(5,("check_duplicate_backend_entries: %d\n", __LINE__)); - - for (i = 0; i < *nBackends; i++) { - for (j = i + 1; j < *nBackends; j++) { - if (sid_equal((*backend_entries)[i].domain_sid, (*backend_entries)[j].domain_sid)) { - DEBUG(0,("two backend modules claim the same domain %s\n", - sid_string_static((*backend_entries)[j].domain_sid))); - return NT_STATUS_INVALID_PARAMETER; - } - } - } - - return NT_STATUS_OK; -} - -NTSTATUS make_sam_context_list(SAM_CONTEXT **context, char **sam_backends_param) -{ - int i = 0, j = 0; - SAM_METHODS *curmethods, *tmpmethods; - int nBackends = 0; - SAM_BACKEND_ENTRY *backends = NULL; - NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; - - DEBUG(5,("make_sam_context_from_conf: %d\n", __LINE__)); - - if (!sam_backends_param) { - DEBUG(1, ("no SAM backeds specified!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(nt_status = make_sam_context(context))) { - DEBUG(4,("make_sam_context failed\n")); - return nt_status; - } - - while (sam_backends_param[nBackends]) - nBackends++; - - DEBUG(6,("There are %d domains listed with their backends\n", nBackends)); - - if ((backends = (SAM_BACKEND_ENTRY *)malloc(sizeof(*backends)*nBackends)) == NULL) { - DEBUG(0,("make_sam_context_list: failed to allocate backends\n")); - return NT_STATUS_NO_MEMORY; - } - - memset(backends, '\0', sizeof(*backends)*nBackends); - - for (i = 0; i < nBackends; i++) { - DEBUG(8,("processing %s\n",sam_backends_param[i])); - if (!NT_STATUS_IS_OK(nt_status = make_backend_entry(&backends[i], sam_backends_param[i]))) { - DEBUG(4,("make_backend_entry failed\n")); - for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); - SAFE_FREE(backends); - free_sam_context(context); - return nt_status; - } - } - - if (!NT_STATUS_IS_OK(nt_status = check_duplicate_backend_entries(&backends, &nBackends))) { - DEBUG(4,("check_duplicate_backend_entries failed\n")); - for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); - SAFE_FREE(backends); - free_sam_context(context); - return nt_status; - } - - for (i = 0; i < nBackends; i++) { - if (!NT_STATUS_IS_OK(nt_status = make_sam_methods_backend_entry(*context, &curmethods, &backends[i]))) { - DEBUG(4,("make_sam_methods_backend_entry failed\n")); - for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); - SAFE_FREE(backends); - free_sam_context(context); - return nt_status; - } - DLIST_ADD_END((*context)->methods, curmethods, tmpmethods); - } - - for (i = 0; i < nBackends; i++) SAFE_FREE(backends[i].domain_sid); - - SAFE_FREE(backends); - return NT_STATUS_OK; -} - -/****************************************************************** - Make a sam_context from scratch. - *******************************************************************/ - -NTSTATUS make_sam_context(SAM_CONTEXT **context) -{ - TALLOC_CTX *mem_ctx; - - mem_ctx = talloc_init("sam_context internal allocation context"); - - if (!mem_ctx) { - DEBUG(0, ("make_sam_context: talloc init failed!\n")); - return NT_STATUS_NO_MEMORY; - } - - *context = talloc(mem_ctx, sizeof(**context)); - if (!*context) { - DEBUG(0, ("make_sam_context: talloc failed!\n")); - return NT_STATUS_NO_MEMORY; - } - - ZERO_STRUCTP(*context); - - (*context)->mem_ctx = mem_ctx; - - (*context)->free_fn = free_sam_context; - - return NT_STATUS_OK; -} - -/****************************************************************** - Return an already initialised sam_context, to facilitate backward - compatibility (see functions below). - *******************************************************************/ - -static struct sam_context *sam_get_static_context(BOOL reload) -{ - static SAM_CONTEXT *sam_context = NULL; - - if ((sam_context) && (reload)) { - sam_context->free_fn(&sam_context); - sam_context = NULL; - } - - if (!sam_context) { - if (!NT_STATUS_IS_OK(make_sam_context_list(&sam_context, lp_sam_backend()))) { - DEBUG(4,("make_sam_context_list failed\n")); - return NULL; - } - - /* Make sure the required domains (default domain, builtin) are available */ - if (!NT_STATUS_IS_OK(sam_context_check_default_backends(sam_context))) { - DEBUG(4,("sam_context_check_default_backends failed\n")); - return NULL; - } - } - - return sam_context; -} - -/*************************************************************** - Initialize the static context (at smbd startup etc). - - If uninitialised, context will auto-init on first use. - ***************************************************************/ - -BOOL initialize_sam(BOOL reload) -{ - return (sam_get_static_context(reload) != NULL); -} - - -/************************************************************** - External API. This is what the rest of the world calls... -***************************************************************/ - -/****************************************************************** - sam_* functions are used to link the external SAM interface - with the internal backends. These functions lookup the appropriate - backends for the domain and pass on to the function in sam_methods - in the selected backend - - When the context parmater is NULL, the default is used. - *******************************************************************/ - -#define SAM_SETUP_CONTEXT if (!context) \ - context = sam_get_static_context(False);\ - if (!context) {\ - return NT_STATUS_UNSUCCESSFUL; \ - }\ - - - -NTSTATUS sam_get_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_sec_desc: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_sec_desc) { - DEBUG(3, ("sam_get_sec_desc: sam_methods of the domain did not specify sam_get_sec_desc\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_sec_desc(tmp_methods, access_token, sid, sd))) { - DEBUG(4,("sam_get_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_set_sec_desc: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_set_sec_desc) { - DEBUG(3, ("sam_set_sec_desc: sam_methods of the domain did not specify sam_set_sec_desc\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_set_sec_desc(tmp_methods, access_token, sid, sd))) { - DEBUG(4,("sam_set_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - - -NTSTATUS sam_lookup_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const char *domain, const char *name, DOM_SID *sid, uint32 *type) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_lookup_name: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { - DEBUG(4,("sam_get_methods_by_name failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_lookup_name) { - DEBUG(3, ("sam_lookup_name: sam_methods of the domain did not specify sam_lookup_name\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_name(tmp_methods, access_token, name, sid, type))) { - DEBUG(4,("sam_lookup_name for %s\\%s in backend %s failed\n", - tmp_methods->domain_name, name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_lookup_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type) -{ - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - DOM_SID domainsid; - - DEBUG(5,("sam_lookup_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - sid_copy(&domainsid, sid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_lookup_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_lookup_sid) { - DEBUG(3, ("sam_lookup_sid: sam_methods of the domain did not specify sam_lookup_sid\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_sid(tmp_methods, access_token, mem_ctx, sid, name, type))) { - DEBUG(4,("sam_lookup_name for %s in backend %s failed\n", - sid_string_static(sid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - - -NTSTATUS sam_update_domain(const SAM_CONTEXT *context, const SAM_DOMAIN_HANDLE *domain) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_update_domain: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid domain specified */ - SAM_ASSERT(domain && domain->current_sam_methods); - - tmp_methods = domain->current_sam_methods; - - if (!tmp_methods->sam_update_domain) { - DEBUG(3, ("sam_update_domain: sam_methods of the domain did not specify sam_update_domain\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_domain(tmp_methods, domain))){ - DEBUG(4,("sam_update_domain in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, int32 *domain_count, DOM_SID **domains, char ***domain_names) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SEC_DESC *sd; - size_t sd_size; - uint32 acc_granted; - int i = 0; - - DEBUG(5,("sam_enum_domains: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid parmaters specified */ - SAM_ASSERT(domain_count && domains && domain_names); - - if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { - DEBUG(4,("samr_make_sam_obj_sd failed\n")); - return nt_status; - } - - if (!se_access_check(sd, access_token, SA_RIGHT_SAM_ENUM_DOMAINS, &acc_granted, &nt_status)) { - DEBUG(3,("sam_enum_domains: ACCESS DENIED\n")); - return nt_status; - } - - tmp_methods= context->methods; - *domain_count = 0; - - while (tmp_methods) { - (*domain_count)++; - tmp_methods= tmp_methods->next; - } - - DEBUG(6,("sam_enum_domains: enumerating %d domains\n", (*domain_count))); - - tmp_methods = context->methods; - - if (((*domains) = malloc( sizeof(DOM_SID) * (*domain_count))) == NULL) { - DEBUG(0,("sam_enum_domains: Out of memory allocating domain SID list\n")); - return NT_STATUS_NO_MEMORY; - } - - if (((*domain_names) = malloc( sizeof(char*) * (*domain_count))) == NULL) { - DEBUG(0,("sam_enum_domains: Out of memory allocating domain name list\n")); - SAFE_FREE((*domains)); - return NT_STATUS_NO_MEMORY; - } - - while (tmp_methods) { - DEBUGADD(7,(" [%d] %s: %s\n", i, tmp_methods->domain_name, sid_string_static(&tmp_methods->domain_sid))); - sid_copy(domains[i],&tmp_methods->domain_sid); - *domain_names[i] = smb_xstrdup(tmp_methods->domain_name); - i++; - tmp_methods= tmp_methods->next; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_lookup_domain(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const char *domain, DOM_SID **domainsid) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SEC_DESC *sd; - size_t sd_size; - uint32 acc_granted; - - DEBUG(5,("sam_lookup_domain: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid paramters */ - SAM_ASSERT(access_token && domain && domainsid); - - if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { - DEBUG(4,("samr_make_sam_obj_sd failed\n")); - return nt_status; - } - - if (!se_access_check(sd, access_token, SA_RIGHT_SAM_OPEN_DOMAIN, &acc_granted, &nt_status)) { - DEBUG(3,("sam_lookup_domain: ACCESS DENIED\n")); - return nt_status; - } - - tmp_methods= context->methods; - - while (tmp_methods) { - if (strcmp(domain, tmp_methods->domain_name) == 0) { - (*domainsid) = (DOM_SID *)malloc(sizeof(DOM_SID)); - sid_copy((*domainsid), &tmp_methods->domain_sid); - return NT_STATUS_OK; - } - tmp_methods= tmp_methods->next; - } - - return NT_STATUS_NO_SUCH_DOMAIN; -} - - -NTSTATUS sam_get_domain_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_domain_by_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && domain); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_domain_handle) { - DEBUG(3, ("sam_get_domain_by_sid: sam_methods of the domain did not specify sam_get_domain_handle\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_domain_handle(tmp_methods, access_token, access_desired, domain))) { - DEBUG(4,("sam_get_domain_handle for %s in backend %s failed\n", - sid_string_static(domainsid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_create_account(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_create_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid parmaters */ - SAM_ASSERT(access_token && domainsid && account_name && account); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_create_account) { - DEBUG(3, ("sam_create_account: sam_methods of the domain did not specify sam_create_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_account(tmp_methods, access_token, access_desired, account_name, acct_ctrl, account))) { - DEBUG(4,("sam_create_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_add_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) -{ - DOM_SID domainsid; - const DOM_SID *accountsid; - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - - DEBUG(5,("sam_add_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid parmaters */ - SAM_ASSERT(account); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_account_sid(account, &accountsid))) { - DEBUG(0,("Can't get account SID\n")); - return nt_status; - } - - sid_copy(&domainsid, accountsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_account_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_add_account) { - DEBUG(3, ("sam_add_account: sam_methods of the domain did not specify sam_add_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_account(tmp_methods, account))){ - DEBUG(4,("sam_add_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_update_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_update_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid account specified */ - SAM_ASSERT(account && account->current_sam_methods); - - tmp_methods = account->current_sam_methods; - - if (!tmp_methods->sam_update_account) { - DEBUG(3, ("sam_update_account: sam_methods of the domain did not specify sam_update_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_account(tmp_methods, account))){ - DEBUG(4,("sam_update_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_delete_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_delete_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid account specified */ - SAM_ASSERT(account && account->current_sam_methods); - - tmp_methods = account->current_sam_methods; - - if (!tmp_methods->sam_delete_account) { - DEBUG(3, ("sam_delete_account: sam_methods of the domain did not specify sam_delete_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_account(tmp_methods, account))){ - DEBUG(4,("sam_delete_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_accounts(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, uint16 acct_ctrl, int32 *account_count, SAM_ACCOUNT_ENUM **accounts) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_enum_accounts: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && account_count && accounts); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_enum_accounts) { - DEBUG(3, ("sam_enum_accounts: sam_methods of the domain did not specify sam_enum_accounts\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_accounts(tmp_methods, access_token, acct_ctrl, account_count, accounts))) { - DEBUG(4,("sam_enum_accounts for domain %s in backend %s failed\n", - tmp_methods->domain_name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - - -NTSTATUS sam_get_account_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) -{ - SAM_METHODS *tmp_methods; - uint32 rid; - DOM_SID domainsid; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_account_by_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && accountsid && account); - - sid_copy(&domainsid, accountsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_account_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_account_by_sid) { - DEBUG(3, ("sam_get_account_by_sid: sam_methods of the domain did not specify sam_get_account_by_sid\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_sid(tmp_methods, access_token, access_desired, accountsid, account))) { - DEBUG(4,("sam_get_account_by_sid for %s in backend %s failed\n", - sid_string_static(accountsid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *domain, const char *name, SAM_ACCOUNT_HANDLE **account) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_account_by_name: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domain && name && account); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { - DEBUG(4,("sam_get_methods_by_name failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_account_by_name) { - DEBUG(3, ("sam_get_account_by_name: sam_methods of the domain did not specify sam_get_account_by_name\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_name(tmp_methods, access_token, access_desired, name, account))) { - DEBUG(4,("sam_get_account_by_name for %s\\%s in backend %s failed\n", - domain, name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_create_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && group_name && group); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_create_group) { - DEBUG(3, ("sam_create_group: sam_methods of the domain did not specify sam_create_group\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_group(tmp_methods, access_token, access_desired, group_name, group_ctrl, group))) { - DEBUG(4,("sam_create_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) -{ - DOM_SID domainsid; - const DOM_SID *groupsid; - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - - DEBUG(5,("sam_add_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(group); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_group_sid(group, &groupsid))) { - DEBUG(0,("Can't get group SID\n")); - return nt_status; - } - - sid_copy(&domainsid, groupsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_group_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_add_group) { - DEBUG(3, ("sam_add_group: sam_methods of the domain did not specify sam_add_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_group(tmp_methods, group))){ - DEBUG(4,("sam_add_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_update_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_update_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid group specified */ - SAM_ASSERT(group && group->current_sam_methods); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_update_group) { - DEBUG(3, ("sam_update_group: sam_methods of the domain did not specify sam_update_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_group(tmp_methods, group))){ - DEBUG(4,("sam_update_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_delete_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_delete_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid group specified */ - SAM_ASSERT(group && group->current_sam_methods); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_delete_group) { - DEBUG(3, ("sam_delete_group: sam_methods of the domain did not specify sam_delete_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_group(tmp_methods, group))){ - DEBUG(4,("sam_delete_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_groups(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_enum_groups: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && groups_count && groups); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_enum_accounts) { - DEBUG(3, ("sam_enum_groups: sam_methods of the domain did not specify sam_enum_groups\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groups(tmp_methods, access_token, group_ctrl, groups_count, groups))) { - DEBUG(4,("sam_enum_groups for domain %s in backend %s failed\n", - tmp_methods->domain_name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_group_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) -{ - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - DOM_SID domainsid; - - DEBUG(5,("sam_get_group_by_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && groupsid && group); - - sid_copy(&domainsid, groupsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_group_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_group_by_sid) { - DEBUG(3, ("sam_get_group_by_sid: sam_methods of the domain did not specify sam_get_group_by_sid\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_sid(tmp_methods, access_token, access_desired, groupsid, group))) { - DEBUG(4,("sam_get_group_by_sid for %s in backend %s failed\n", - sid_string_static(groupsid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_group_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_group_by_name: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domain && name && group); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { - DEBUG(4,("sam_get_methods_by_name failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_group_by_name) { - DEBUG(3, ("sam_get_group_by_name: sam_methods of the domain did not specify sam_get_group_by_name\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_name(tmp_methods, access_token, access_desired, name, group))) { - DEBUG(4,("sam_get_group_by_name for %s\\%s in backend %s failed\n", - domain, name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_add_member_to_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SAM_SETUP_CONTEXT; - - /* invalid group or member specified */ - SAM_ASSERT(group && group->current_sam_methods && member); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_add_member_to_group) { - DEBUG(3, ("sam_add_member_to_group: sam_methods of the domain did not specify sam_add_member_to_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_member_to_group(tmp_methods, group, member))) { - DEBUG(4,("sam_add_member_to_group in backend %s failed\n", tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; - -} - -NTSTATUS sam_delete_member_from_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SAM_SETUP_CONTEXT; - - /* invalid group or member specified */ - SAM_ASSERT(group && group->current_sam_methods && member); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_delete_member_from_group) { - DEBUG(3, ("sam_delete_member_from_group: sam_methods of the domain did not specify sam_delete_member_from_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_member_from_group(tmp_methods, group, member))) { - DEBUG(4,("sam_delete_member_from_group in backend %s failed\n", tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_groupmembers(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SAM_SETUP_CONTEXT; - - /* invalid group specified */ - SAM_ASSERT(group && group->current_sam_methods && members_count && members); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_enum_groupmembers) { - DEBUG(3, ("sam_enum_groupmembers: sam_methods of the domain did not specify sam_enum_group_members\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groupmembers(tmp_methods, group, members_count, members))) { - DEBUG(4,("sam_enum_groupmembers in backend %s failed\n", tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_groups_of_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - uint32 tmp_group_count; - SAM_GROUP_ENUM *tmp_groups; - - DEBUG(5,("sam_get_groups_of_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid sam_context specified */ - SAM_ASSERT(access_token && sids && context && context->methods); - - *group_count = 0; - - *groups = NULL; - - tmp_methods= context->methods; - - while (tmp_methods) { - DEBUG(5,("getting groups from domain \n")); - if (!tmp_methods->sam_get_groups_of_sid) { - DEBUG(3, ("sam_get_groups_of_sid: sam_methods of domain did not specify sam_get_groups_of_sid\n")); - SAFE_FREE(*groups); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_groups_of_sid(tmp_methods, access_token, sids, group_ctrl, &tmp_group_count, &tmp_groups))) { - DEBUG(4,("sam_get_groups_of_sid in backend %s failed\n", tmp_methods->backendname)); - SAFE_FREE(*groups); - return nt_status; - } - - *groups = Realloc(*groups, ((*group_count) + tmp_group_count) * sizeof(SAM_GROUP_ENUM)); - - memcpy(&(*groups)[*group_count], tmp_groups, tmp_group_count); - - SAFE_FREE(tmp_groups); - - *group_count += tmp_group_count; - - tmp_methods = tmp_methods->next; - } - - return NT_STATUS_OK; -} - - diff --git a/source3/script/genstruct.pl b/source3/script/genstruct.pl deleted file mode 100755 index a6abd718c9..0000000000 --- a/source3/script/genstruct.pl +++ /dev/null @@ -1,299 +0,0 @@ -#!/usr/bin/perl -w -# a simple system for generating C parse info -# this can be used to write generic C structer load/save routines -# Copyright 2002 Andrew Tridgell <genstruct@tridgell.net> -# released under the GNU General Public License v2 or later - -use strict; - -my(%enum_done) = (); -my(%struct_done) = (); - -################################################### -# general handler -sub handle_general($$$$$$$$) -{ - my($name) = shift; - my($ptr_count) = shift; - my($size) = shift; - my($element) = shift; - my($flags) = shift; - my($dump_fn) = shift; - my($parse_fn) = shift; - my($tflags) = shift; - my($array_len) = 0; - my($dynamic_len) = "NULL"; - - # handle arrays, currently treat multidimensional arrays as 1 dimensional - while ($element =~ /(.*)\[(.*?)\]$/) { - $element = $1; - if ($array_len == 0) { - $array_len = $2; - } else { - $array_len = "$2 * $array_len"; - } - } - - if ($flags =~ /_LEN\((\w*?)\)/) { - $dynamic_len = "\"$1\""; - } - - if ($flags =~ /_NULLTERM/) { - $tflags = "FLAG_NULLTERM"; - } - - print OFILE "{\"$element\", $ptr_count, $size, offsetof(struct $name, $element), $array_len, $dynamic_len, $tflags, $dump_fn, $parse_fn},\n"; -} - - -#################################################### -# parse one element -sub parse_one($$$$) -{ - my($name) = shift; - my($type) = shift; - my($element) = shift; - my($flags) = shift; - my($ptr_count) = 0; - my($size) = "sizeof($type)"; - my($tflags) = "0"; - - # enums get the FLAG_ALWAYS flag - if ($type =~ /^enum /) { - $tflags = "FLAG_ALWAYS"; - } - - - # make the pointer part of the base type - while ($element =~ /^\*(.*)/) { - $ptr_count++; - $element = $1; - } - - # convert spaces to _ - $type =~ s/ /_/g; - - my($dump_fn) = "gen_dump_$type"; - my($parse_fn) = "gen_parse_$type"; - - handle_general($name, $ptr_count, $size, $element, $flags, $dump_fn, $parse_fn, $tflags); -} - -#################################################### -# parse one element -sub parse_element($$$) -{ - my($name) = shift; - my($element) = shift; - my($flags) = shift; - my($type); - my($data); - - # pull the base type - if ($element =~ /^struct (\S*) (.*)/) { - $type = "struct $1"; - $data = $2; - } elsif ($element =~ /^enum (\S*) (.*)/) { - $type = "enum $1"; - $data = $2; - } elsif ($element =~ /^unsigned (\S*) (.*)/) { - $type = "unsigned $1"; - $data = $2; - } elsif ($element =~ /^(\S*) (.*)/) { - $type = $1; - $data = $2; - } else { - die "Can't parse element '$element'"; - } - - # handle comma separated lists - while ($data =~ /(\S*),[\s]?(.*)/) { - parse_one($name, $type, $1, $flags); - $data = $2; - } - parse_one($name, $type, $data, $flags); -} - - -my($first_struct) = 1; - -#################################################### -# parse the elements of one structure -sub parse_elements($$) -{ - my($name) = shift; - my($elements) = shift; - - if ($first_struct) { - $first_struct = 0; - print "Parsing structs: $name"; - } else { - print ", $name"; - } - - print OFILE "int gen_dump_struct_$name(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned);\n"; - print OFILE "int gen_parse_struct_$name(TALLOC_CTX *mem_ctx, char *, const char *);\n"; - - print OFILE "static const struct parse_struct pinfo_" . $name . "[] = {\n"; - - - while ($elements =~ /^.*?([a-z].*?);\s*?(\S*?)\s*?$(.*)/msi) { - my($element) = $1; - my($flags) = $2; - $elements = $3; - parse_element($name, $element, $flags); - } - - print OFILE "{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}};\n"; - - print OFILE " -int gen_dump_struct_$name(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_$name, p, ptr, indent); -} -int gen_parse_struct_$name(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_$name, ptr, str); -} - -"; -} - -my($first_enum) = 1; - -#################################################### -# parse out the enum declarations -sub parse_enum_elements($$) -{ - my($name) = shift; - my($elements) = shift; - - if ($first_enum) { - $first_enum = 0; - print "Parsing enums: $name"; - } else { - print ", $name"; - } - - print OFILE "static const struct enum_struct einfo_" . $name . "[] = {\n"; - - my(@enums) = split(/,/s, $elements); - for (my($i)=0; $i <= $#{@enums}; $i++) { - my($enum) = $enums[$i]; - if ($enum =~ /\s*(\w*)/) { - my($e) = $1; - print OFILE "{\"$e\", $e},\n"; - } - } - - print OFILE "{NULL, 0}};\n"; - - print OFILE " -int gen_dump_enum_$name(struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_enum(einfo_$name, p, ptr, indent); -} - -int gen_parse_enum_$name(char *ptr, const char *str) { - return gen_parse_enum(einfo_$name, ptr, str); -} - -"; -} - -#################################################### -# parse out the enum declarations -sub parse_enums($) -{ - my($data) = shift; - - while ($data =~ /^GENSTRUCT\s+enum\s+(\w*?)\s*{(.*?)}\s*;(.*)/ms) { - my($name) = $1; - my($elements) = $2; - $data = $3; - - if (!defined($enum_done{$name})) { - $enum_done{$name} = 1; - parse_enum_elements($name, $elements); - } - } - - if (! $first_enum) { - print "\n"; - } -} - -#################################################### -# parse all the structures -sub parse_structs($) -{ - my($data) = shift; - - # parse into structures - while ($data =~ /^GENSTRUCT\s+struct\s+(\w+?)\s*{\s*(.*?)\s*}\s*;(.*)/ms) { - my($name) = $1; - my($elements) = $2; - $data = $3; - if (!defined($struct_done{$name})) { - $struct_done{$name} = 1; - parse_elements($name, $elements); - } - } - - if (! $first_struct) { - print "\n"; - } else { - print "No GENSTRUCT structures found?\n"; - } -} - - -#################################################### -# parse a header file, generating a dumper structure -sub parse_data($) -{ - my($data) = shift; - - # collapse spaces - $data =~ s/[\t ]+/ /sg; - $data =~ s/\s*\n\s+/\n/sg; - # strip debug lines - $data =~ s/^\#.*?\n//smg; - - parse_enums($data); - parse_structs($data); -} - - -######################################### -# display help text -sub ShowHelp() -{ - print " -generator for C structure dumpers -Copyright Andrew Tridgell <genstruct\@tridgell.net> - -Sample usage: - genstruct -o output.h gcc -E -O2 -g test.h - -Options: - --help this help page - -o OUTPUT place output in OUTPUT -"; - exit(0); -} - -######################################## -# main program -if ($ARGV[0] ne "-o" || $#ARGV < 2) { - ShowHelp(); -} - -shift; -my($opt_ofile)=shift; - -print "creating $opt_ofile\n"; - -open(OFILE, ">$opt_ofile") || die "can't open $opt_ofile"; - -print OFILE "/* This is an automatically generated file - DO NOT EDIT! */\n\n"; - -parse_data(`@ARGV -DGENSTRUCT=GENSTRUCT`); -exit(0); diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index e7d7c20f6b..19af61f190 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -43,7 +43,6 @@ static const char *known_nt_pipes[] = { "\\spoolss", "\\netdfs", "\\rpcecho", - "\\epmapper", NULL }; diff --git a/source3/smbwrapper/smbw_stat.c b/source3/smbwrapper/smbw_stat.c index bb76ef006a..6c476a8a67 100644 --- a/source3/smbwrapper/smbw_stat.c +++ b/source3/smbwrapper/smbw_stat.c @@ -41,12 +41,8 @@ void smbw_setup_stat(struct stat *st, char *fname, size_t size, int mode) if (!IS_DOS_READONLY(mode)) st->st_mode |= S_IWUSR; st->st_size = size; -#ifdef HAVE_STAT_ST_BLKSIZE st->st_blksize = 512; -#endif -#ifdef HAVE_STAT_ST_BLOCKS st->st_blocks = (size+511)/512; -#endif st->st_uid = getuid(); st->st_gid = getgid(); if (IS_DOS_DIR(mode)) { diff --git a/source3/tdb/tdb.c b/source3/tdb/tdb.c index e68bda4055..c98b0936ed 100644 --- a/source3/tdb/tdb.c +++ b/source3/tdb/tdb.c @@ -237,10 +237,15 @@ static int tdb_brlock(TDB_CONTEXT *tdb, tdb_off offset, tdb->fd, offset, rw_type, lck_type)); } /* Was it an alarm timeout ? */ - if (errno == EINTR && palarm_fired && *palarm_fired) + if (errno == EINTR && palarm_fired && *palarm_fired) { + TDB_LOG((tdb, 5, "tdb_brlock timed out (fd=%d) at offset %d rw_type=%d lck_type=%d\n", + tdb->fd, offset, rw_type, lck_type)); return TDB_ERRCODE(TDB_ERR_LOCK_TIMEOUT, -1); + } /* Otherwise - generic lock error. */ /* errno set by fcntl */ + TDB_LOG((tdb, 5, "tdb_brlock failed (fd=%d) at offset %d rw_type=%d lck_type=%d: %s\n", + tdb->fd, offset, rw_type, lck_type, strerror(errno))); return TDB_ERRCODE(TDB_ERR_LOCK, -1); } return 0; diff --git a/source3/tests/sysquotas.c b/source3/tests/sysquotas.c index e83f28e2d0..2aa643326c 100644 --- a/source3/tests/sysquotas.c +++ b/source3/tests/sysquotas.c @@ -1,4 +1,4 @@ -/* this test should find out what quota api is avalable on the os */ +/* this test should find out what quota api is available on the os */ #if defined(HAVE_QUOTACTL_4A) /* long quotactl(int cmd, char *special, qid_t id, caddr_t addr) */ diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index 085156305b..a74c2eaa97 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -47,28 +47,28 @@ static int do_global_checks(void) SMB_STRUCT_STAT st; if (lp_security() >= SEC_DOMAIN && !lp_encrypted_passwords()) { - printf("ERROR: in 'security=domain' mode the 'encrypt passwords' parameter must always be set to 'true'.\n"); + fprintf(stderr, "ERROR: in 'security=domain' mode the 'encrypt passwords' parameter must always be set to 'true'.\n"); ret = 1; } if (lp_wins_support() && lp_wins_server_list()) { - printf("ERROR: both 'wins support = true' and 'wins server = <server list>' \ + fprintf(stderr, "ERROR: both 'wins support = true' and 'wins server = <server list>' \ cannot be set in the smb.conf file. nmbd will abort with this setting.\n"); ret = 1; } if (!directory_exist(lp_lockdir(), &st)) { - printf("ERROR: lock directory %s does not exist\n", + fprintf(stderr, "ERROR: lock directory %s does not exist\n", lp_lockdir()); ret = 1; } else if ((st.st_mode & 0777) != 0755) { - printf("WARNING: lock directory %s should have permissions 0755 for browsing to work\n", + fprintf(stderr, "WARNING: lock directory %s should have permissions 0755 for browsing to work\n", lp_lockdir()); ret = 1; } if (!directory_exist(lp_piddir(), &st)) { - printf("ERROR: pid directory %s does not exist\n", + fprintf(stderr, "ERROR: pid directory %s does not exist\n", lp_piddir()); ret = 1; } @@ -84,7 +84,7 @@ cannot be set in the smb.conf file. nmbd will abort with this setting.\n"); else if(lp_security() == SEC_DOMAIN) pstrcpy(sec_setting, "domain"); - printf("ERROR: The setting 'security=%s' requires the 'password server' parameter be set \ + fprintf(stderr, "ERROR: The setting 'security=%s' requires the 'password server' parameter be set \ to a valid password server.\n", sec_setting ); ret = 1; } @@ -95,7 +95,7 @@ to a valid password server.\n", sec_setting ); */ if(*lp_hosts_equiv() && !lp_hostname_lookups()) { - printf("ERROR: The setting 'hosts equiv = %s' requires that 'hostname lookups = yes'.\n", lp_hosts_equiv()); + fprintf(stderr, "ERROR: The setting 'hosts equiv = %s' requires that 'hostname lookups = yes'.\n", lp_hosts_equiv()); ret = 1; } @@ -114,7 +114,7 @@ to a valid password server.\n", sec_setting ); #endif if(lp_passwd_program() == NULL) { - printf("ERROR: the 'unix password sync' parameter is set and there is no valid 'passwd program' \ + fprintf( stderr, "ERROR: the 'unix password sync' parameter is set and there is no valid 'passwd program' \ parameter.\n" ); ret = 1; } else { @@ -128,7 +128,7 @@ parameter.\n" ); next_token(&p, truncated_prog, NULL, sizeof(pstring)); if(access(truncated_prog, F_OK) == -1) { - printf("ERROR: the 'unix password sync' parameter is set and the 'passwd program' (%s) \ + fprintf(stderr, "ERROR: the 'unix password sync' parameter is set and the 'passwd program' (%s) \ cannot be executed (error was %s).\n", truncated_prog, strerror(errno) ); ret = 1; } @@ -139,7 +139,7 @@ cannot be executed (error was %s).\n", truncated_prog, strerror(errno) ); #endif if(lp_passwd_chat() == NULL) { - printf("ERROR: the 'unix password sync' parameter is set and there is no valid 'passwd chat' \ + fprintf(stderr, "ERROR: the 'unix password sync' parameter is set and there is no valid 'passwd chat' \ parameter.\n"); ret = 1; } @@ -151,7 +151,7 @@ parameter.\n"); if(lp_encrypted_passwords()) { if(strstr( lp_passwd_chat(), "%o")!=NULL) { - printf("ERROR: the 'passwd chat' script [%s] expects to use the old plaintext password \ + fprintf(stderr, "ERROR: the 'passwd chat' script [%s] expects to use the old plaintext password \ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_passwd_chat() ); ret = 1; } @@ -159,32 +159,32 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_ } if (strlen(lp_winbind_separator()) != 1) { - printf("ERROR: the 'winbind separator' parameter must be a single character.\n"); + fprintf(stderr,"ERROR: the 'winbind separator' parameter must be a single character.\n"); ret = 1; } if (*lp_winbind_separator() == '+') { - printf("'winbind separator = +' might cause problems with group membership.\n"); + fprintf(stderr,"'winbind separator = +' might cause problems with group membership.\n"); } if (lp_algorithmic_rid_base() < BASE_RID) { /* Try to prevent admin foot-shooting, we can't put algorithmic rids below 1000, that's the 'well known RIDs' on NT */ - printf("'algorithmic rid base' must be equal to or above %lu\n", BASE_RID); + fprintf(stderr,"'algorithmic rid base' must be equal to or above %lu\n", BASE_RID); } if (lp_algorithmic_rid_base() & 1) { - printf("'algorithmic rid base' must be even.\n"); + fprintf(stderr,"'algorithmic rid base' must be even.\n"); } #ifndef HAVE_DLOPEN if (lp_preload_modules()) { - printf("WARNING: 'preload modules = ' set while loading plugins not supported.\n"); + fprintf(stderr,"WARNING: 'preload modules = ' set while loading plugins not supported.\n"); } #endif if (!lp_passdb_backend()) { - printf("ERROR: passdb backend must have a value or be left out\n"); + fprintf(stderr,"ERROR: passdb backend must have a value or be left out\n"); } return ret; @@ -236,27 +236,27 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_ set_local_machine_name(new_local_machine, True); } - dbf = x_stdout; + dbf = x_stderr; DEBUGLEVEL = 2; AllowDebugChange = False; - printf("Load smb config files from %s\n",config_file); + fprintf(stderr,"Load smb config files from %s\n",config_file); if (!lp_load(config_file,False,True,False)) { - printf("Error loading services.\n"); + fprintf(stderr,"Error loading services.\n"); return(1); } - printf("Loaded services file OK.\n"); + fprintf(stderr,"Loaded services file OK.\n"); ret = do_global_checks(); for (s=0;s<1000;s++) { if (VALID_SNUM(s)) if (strlen(lp_servicename(s)) > 12) { - printf( "WARNING: You have some share names that are longer than 12 characters.\n" ); - printf( "These may not be accessible to some older clients.\n" ); - printf( "(Eg. Windows9x, WindowsMe, and smbclient prior to Samba 3.0.)\n" ); + fprintf(stderr, "WARNING: You have some share names that are longer than 12 characters.\n" ); + fprintf(stderr, "These may not be accessible to some older clients.\n" ); + fprintf(stderr, "(Eg. Windows9x, WindowsMe, and smbclient prior to Samba 3.0.)\n" ); break; } } @@ -271,7 +271,7 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_ char *hasstar = strchr_m(deny_list[i], '*'); char *hasquery = strchr_m(deny_list[i], '?'); if(hasstar || hasquery) { - printf("Invalid character %c in hosts deny list (%s) for service %s.\n", + fprintf(stderr,"Invalid character %c in hosts deny list (%s) for service %s.\n", hasstar ? *hasstar : *hasquery, deny_list[i], lp_servicename(s) ); } } @@ -282,35 +282,35 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_ char *hasstar = strchr_m(allow_list[i], '*'); char *hasquery = strchr_m(allow_list[i], '?'); if(hasstar || hasquery) { - printf("Invalid character %c in hosts allow list (%s) for service %s.\n", + fprintf(stderr,"Invalid character %c in hosts allow list (%s) for service %s.\n", hasstar ? *hasstar : *hasquery, allow_list[i], lp_servicename(s) ); } } } if(lp_level2_oplocks(s) && !lp_oplocks(s)) { - printf("Invalid combination of parameters for service %s. \ + fprintf(stderr,"Invalid combination of parameters for service %s. \ Level II oplocks can only be set if oplocks are also set.\n", lp_servicename(s) ); } if (lp_map_hidden(s) && !(lp_create_mask(s) & S_IXOTH)) { - printf("Invalid combination of parameters for service %s. \ + fprintf(stderr,"Invalid combination of parameters for service %s. \ Map hidden can only work if create mask includes octal 01 (S_IXOTH).\n", lp_servicename(s) ); } if (lp_map_hidden(s) && (lp_force_create_mode(s) & S_IXOTH)) { - printf("Invalid combination of parameters for service %s. \ + fprintf(stderr,"Invalid combination of parameters for service %s. \ Map hidden can only work if force create mode excludes octal 01 (S_IXOTH).\n", lp_servicename(s) ); } if (lp_map_system(s) && !(lp_create_mask(s) & S_IXGRP)) { - printf("Invalid combination of parameters for service %s. \ + fprintf(stderr,"Invalid combination of parameters for service %s. \ Map system can only work if create mask includes octal 010 (S_IXGRP).\n", lp_servicename(s) ); } if (lp_map_system(s) && (lp_force_create_mode(s) & S_IXGRP)) { - printf("Invalid combination of parameters for service %s. \ + fprintf(stderr,"Invalid combination of parameters for service %s. \ Map system can only work if force create mode excludes octal 010 (S_IXGRP).\n", lp_servicename(s) ); } @@ -319,29 +319,29 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_ if (!silent_mode) { - printf("Server role: "); + fprintf(stderr,"Server role: "); switch(lp_server_role()) { case ROLE_STANDALONE: - printf("ROLE_STANDALONE\n"); + fprintf(stderr,"ROLE_STANDALONE\n"); break; case ROLE_DOMAIN_MEMBER: - printf("ROLE_DOMAIN_MEMBER\n"); + fprintf(stderr,"ROLE_DOMAIN_MEMBER\n"); break; case ROLE_DOMAIN_BDC: - printf("ROLE_DOMAIN_BDC\n"); + fprintf(stderr,"ROLE_DOMAIN_BDC\n"); break; case ROLE_DOMAIN_PDC: - printf("ROLE_DOMAIN_PDC\n"); + fprintf(stderr,"ROLE_DOMAIN_PDC\n"); break; default: - printf("Unknown -- internal error?\n"); + fprintf(stderr,"Unknown -- internal error?\n"); break; } } if (!cname) { if (!silent_mode) { - printf("Press enter to see a dump of your service definitions\n"); + fprintf(stderr,"Press enter to see a dump of your service definitions\n"); fflush(stdout); getc(stdin); } @@ -354,10 +354,10 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_ if (VALID_SNUM(s)) { if (allow_access(lp_hostsdeny(-1), lp_hostsallow(-1), cname, caddr) && allow_access(lp_hostsdeny(s), lp_hostsallow(s), cname, caddr)) { - printf("Allow connection from %s (%s) to %s\n", + fprintf(stderr,"Allow connection from %s (%s) to %s\n", cname,caddr,lp_servicename(s)); } else { - printf("Deny connection from %s (%s) to %s\n", + fprintf(stderr,"Deny connection from %s (%s) to %s\n", cname,caddr,lp_servicename(s)); } } diff --git a/swat/lang/ja/help/welcome.html b/swat/lang/ja/help/welcome.html index fee6d2084a..240ad22cef 100644 --- a/swat/lang/ja/help/welcome.html +++ b/swat/lang/ja/help/welcome.html @@ -1,86 +1,69 @@ -<h2>SWAT : Samba Web Administration Tool !</h2> - -<p>Sambaの設定は上のボタンをクリックして行います。 </p> - -<h3>ドキュメント</h3> - -<ul> - <li><b>導入編</b><ul> - <li><a href="/swat/ja/help/samba-j.html" target="docs">Samba日本語版について</a> - <li><a href="/swat/ja/help/samba-func.html" target="docs">Samba 機能詳細</a> - Windows NTとの機能比較 - <li><a href="/swat/ja/help/samba2.html" target="docs">Samba 2.0 新機能紹介</a> - <li><a href="/swat/ja/help/sambafaq.html" target="docs">Samba FAQ よくある質問</a> - - <li><a href="/swat/ja/help/encrypt-passwd.html" target="docs">Windows 98/Me, Windows NT 4.0, Windows 2000での注意事項</a> - <li><a href="/swat/ja/help/HowToUseSamba/index.html" target="docs">Sambaによるファイルサーバ構築法(Samba入門)</a> - <li><a href="/swat/using_samba/ja/index.html" target="docs">Using Samba(翻訳版)</a> - </ul> - - <li><b>デーモン</b> <ul> - <li><a href="/swat/ja/help/smbd.8.html" target="docs">smbd</a> - ファイル共有サービスデーモン - <li><a href="/swat/ja/help/nmbd.8.html" target="docs">nmbd</a> - ネーム サービスデーモン - </ul> - - <li><b>管理ユーティリティ</b> <ul> - <li><a href="/swat/ja/help/smbstatus.1.html" target="docs">smbstatus</a> - 現在の Samba への接続状況を報告 - <li><a href="/swat/ja/help/swat.8.html" target="docs">SWAT</a> - Samba Web 管理ツール - <li><a href="/swat/ja/help/smbpasswd.8.html" target="docs">smbpasswd</a> - ユーザの SMB パスワードの変更 - <li><a href="/swat/ja/help/make_smbcodepage.1.html" target="docs">make_smbcodepage</a> - コードページ定義ファイルの作成 - <li><a href="/swat/ja/help/testparm.1.html" target="docs">testparm</a> - smb.conf 設定ファイル内部の正当性を検査 - <li><a href="/swat/ja/help/testprns.1.html" target="docs">testprns</a> - smbd で有効なプリンタ名かどうかの検査 - <li><a href="/swat/ja/help/smbmnt.8.html" target="docs">smbmnt(8)</a> - SMB ファイルシステムのマウント - <li><a href="/swat/ja/help/smbmount.8.html" target="docs">smbmount(8)</a> - SMB ファイルシステムのマウント -<!-- <li><a href="/swat/ja/help/smbumount.8.html" target="docs">smbumount(8)</a> - - 一般ユーザによるアンマウント --> - </ul> - - <li><b>ユーティリティ</b> <ul> - <li><a href="/swat/ja/help/smbsh.1.html" target="docs">smbsh(1)</a> - UNIX シェルから SMB 共有へのアクセスを実現 - <li><a href="/swat/ja/help/nmblookup.1.html" target="docs">nmblookup</a> - NetBIOS 名の検索 - <li><a href="/swat/ja/help/smbtar.1.html" target="docs">smbtar</a> - SMB/CIFS 共有を UNIX のテープなどへバックアップ - <li><a href="/swat/ja/help/smbclient.1.html" target="docs">smbclient</a> - ftp コマンド風の SMB/CIFS クライアント - </ul> - - <li><b>設定ファイル</b> <ul> - <li><a href="/swat/ja/help/smb.conf.5.html" target="docs">smb.conf</a> - Samba の設定ファイル -<!-- <li><a href="/swat/ja/help/smb.conf.default.txt.html" target="docs">smb.conf.default</a> - Samba設定ファイルの例</code> - --> - <li><a href="/swat/ja/help/lmhosts.5.html" target="docs">lmhosts</a> - Samba の NetBIOS hosts ファイル - <li><a href="/swat/ja/help/smbpasswd.5.html" target="docs">smbpasswd</a> - Samba の暗号化パスワード・ファイル - </ul> - - <li><b>その他</b> <ul> - <li><a href="/swat/ja/help/DIAGNOSIS.txt.html" target="docs">Sambaサーバの診断・障害解析方法</a> - <code>DIAGNOSIS.txt</code> - <li><a href="/swat/ja/help/tuning.japanese.html" target="docs">SambaでWindows NT Server と同じ転送速度を確保する方法</a> - <li><a href="/swat/help/samba.7.html" target="docs">Samba introduction</a> - UNIX 用の Windows SMB/CIFS ファイルサーバ - <li><a href="/swat/ja/help/DOMAIN_MEMBER.txt.html" target="docs">Samba サーバを NT ドメインに参加させるには</a> - <code>DOMAIN_MEMBER.txt</code> - <li><a href="/swat/ja/help/NT_Security.html" target="docs">NT のセキュリティダイアログを利用し UNIX のパーミッションを閲覧/変更する</a> - <li><a href="/swat/ja/help/smbrun.1.html" target="docs">smbrun</a> - smbd と外部プログラム間のインタフェース - <li><a href="/swat/ja/help/Application_Serving.txt.html" target="docs">Samba 共有を MS Office などの管理共有として使用</a> - <code>Application_Serving.txt</code> - <li><a href="/swat/ja/help/BROWSING.txt.html" target="docs">ブラウジングを改善するための設定方法</a> - <code>BROWSING.txt</code> - <li><a href="/swat/ja/help/CRLF-LF-Conversions.txt.html" target="docs">プラットフォーム間のテキストファイルの問題</a> - <code>CRLF-LF-Conversions.txt</code> - <li><a href="/swat/ja/help/DOMAIN.txt.html" target="docs">ネットワークログオンと移動プロファイル</a> - <code>DOMAIN.txt</code> - <li><a href="/swat/ja/help/ENCRYPTION.txt.html" target="docs">LanManager / Samba パスワードの暗号化</a> - <code>ENCRYPTION.txt</code> - <li><a href="/swat/ja/help/File-Cacheing.txt.html" target="docs">便宜的ロック(oplocks)によるキャッシュの問題</a> - <code>File-Cacheing.txt</code> - <li><a href="/swat/ja/help/NT-Guest-Access.txt.html" target="docs">NT のゲスト・アカウントのバグ</a> - <code>NT-Guest-Access.txt</code> - <li><a href="/swat/ja/help/NTDOMAIN.txt.html" target="docs">NT ドメインログオン機能</a> - <code>NTDOMAIN.txt</code> - <li><a href="/swat/ja/help/NetBIOS.txt.html" target="docs">NetBIOS - プロトコルと名前解決方式の説明</a> - <code>NetBIOS.txt</code> - <li><a href="/swat/ja/help/PRINTER_DRIVER.txt.html" target="docs">共有 <code>PRINTER$</code> のサポート</a> - <code>PRINTER_DRIVER.txt</code> - <li><a href="/swat/ja/help/PROFILES.txt.html" target="docs">ユーザ・プロファイルについての議論</a> - <code>PROFILES.txt</code> - <li><a href="/swat/ja/help/Passwords.txt.html" target="docs">パスワードについての注意</a> - <code>Passwords.txt</code> - <li><a href="/swat/ja/help/README.smbmount.txt.html" target="docs">SMBFS 用マウントツールに関して</a> - <code>README.smbmount</code> - <li><a href="/swat/ja/help/Speed.txt.html" target="docs">Samba の性能について</a> - <code>Speed.txt</code> - <li><a href="/swat/ja/help/Speed2.txt.html" target="docs">Samba <code>Speed.txt</code> に対するコメント</a> - <code>Speed2.txt</code> - <li><a href="/swat/ja/help/UNIX-SMB.txt.html" target="docs">UNIX 界における NetBIOS についての論文</a> - <code>UNIX-SMB.txt</code> - <li><a href="/swat/ja/help/UNIX_INSTALL.txt.html" target="docs">Samba のインストールとテスト方法</a> - <code>UNIX_INSTALL.txt</code> - <li><a href="/swat/ja/help/security_level.txt.html" target="docs">SMB セキュリティ・レベルの種類</a> - <code>security_level.txt</code> - <li><a href="/swat/ja/help/WinNT.txt.html" target="docs">Samba と Windows NT のパスワードの扱い</a> - <code>WinNT.txt</code> - <li><a href="/swat/ja/help/Win95.txt.html" target="docs">Windows 95 / 98 と Samba の相互運用</a> - <code>Win95.txt</code> - <li><a href="/swat/ja/help/Macintosh_Clients.txt.html" target="docs">マックで動く Samba クライアントはありますか?</a> - <code>Macintosh_Clients.txt</code> - </ul> -</ul> - -<h3>フィードバック</h3> - -<p>日本語化に関することは、 <a href="http://www.samba.gr.jp/ml/#sugj-tech" target="docs">Sambaテクニカルメーリングリスト</a>までお願いします。</p> +<h3>SWAT へようこそ!</h3>
+
+上のボタンをクリックして設定を行ってください。
+
+<h3><a href="/swat/help/samba.7.html" target="docs">Samba</a> ドキュメント</h3>
+
+<ul>
+ <li><b>デーモン</b>
+ <ul>
+ <li><a href="/swat/help/smbd.8.html" target="docs">smbd</a> - SMB デーモン
+ <li><a href="/swat/help/nmbd.8.html" target="docs">nmbd</a> - NetBIOS ネームサーバ
+ <li><a href="/swat/help/winbindd.8.html" target="docs">winbindd</a> - winbind デーモン
+ </ul>
+ <li><b>設定ファイル</b>
+ <ul>
+ <li><a href="/swat/help/smb.conf.5.html" target="docs">smb.conf</a> - Samba 設定ファイル
+ <li><a href="/swat/help/lmhosts.5.html" target="docs">lmhosts</a> - NetBIOS の hosts ファイル
+ <li><a href="/swat/help/smbpasswd.5.html" target="docs">smbpasswd</a> - SMB パスワードファイル
+ </ul>
+ <li><b>管理ユーティリティ</b>
+ <ul>
+ <li><a href="/swat/help/smbcontrol.1.html" target="docs">smbcontrol</a> - Samba デーモンへのコントロールメッセージの送出
+ <li><a href="/swat/help/smbpasswd.8.html" target="docs">smbpasswd</a> - SMB パスワードの管理
+ <li><a href="/swat/help/swat.8.html" target="docs">SWAT</a> - Web 設定ツール
+ <li><a href="/swat/help/net.8.html" target="docs">net</a> - Samba およびリモートの CIFS サーバの管理ツール
+ <li><a href="/swat/help/pdbedit.8.html" target="docs">pdbedit</a> - Samba のユーザアカウント管理ツール
+ <li><a href="/swat/help/tdbbackup.8.html" target="docs">tdbbackup</a> - TDB データベースのバックアップツール
+ </ul>
+ <li><b>クライアントツール</b>
+ <ul>
+ <li><a href="/swat/help/rpcclient.1.html" target="docs">rpcclient</a> - コマンドラインの MS-RPC クライアント
+ <li><a href="/swat/help/smbtar.1.html" target="docs">smbtar</a> - SMB バックアップツール
+ <li><a href="/swat/help/smbclient.1.html" target="docs">smbclient</a> - コマンドラインの SMB クライアント
+ <li><a href="/swat/help/smbmnt.8.html" target="docs">smbmnt</a> - Linux 上の SMB ファイルシステムをマウントする際の補助ツール
+ <li><a href="/swat/help/smbmount.8.html" target="docs">smbmount</a> - Linux における SMB ファイルシステムのマウントを実現するユーザ空間のツール
+ <li><a href="/swat/help/smbspool.8.html" target="docs">smbspool</a> - コマンドラインの SMB 印刷クライアント
+ <li><a href="/swat/help/smbumount.8.html" target="docs">smbumount</a> - Linux における SMB ファイルシステムのアンマウントを実現するユーザ空間のツール
+ <li><a href="/swat/help/ntlm_auth.1.html" target="docs">ntlm_auth</a> - 別プログラムからの NTLM 認証の使用を実現
+ <li><a href="/swat/help/smbcquotas.1.html" target="docs">smbcquotas</a> - NTFS 5 共有のクォータ情報の設定と取得
+ <li><a href="/swat/help/smbsh.1.html" target="docs">smbsh</a> - UNIX シェルを用いたリモート SMB 共有へのアクセスを実現
+ <li><a href="/swat/help/smbtree.1.html" target="docs">smbtree</a> - テキストベースの SMB ネットワークブラウジング
+ <li><a href="/swat/help/smbspool.8.html" target="docs">smbspool</a> - 印刷ジョブを SMB プリンタに送信
+ </ul>
+ <li><b>診断ユーティリティ</b>
+ <ul>
+ <li><a href="/swat/help/smbstatus.1.html" target="docs">smbstatus</a> - Samba の監視
+ <li><a href="/swat/help/testparm.1.html" target="docs">testparm</a> - 設定ファイルの整合性の検査
+ <li><a href="/swat/help/testprns.1.html" target="docs">testprns</a> - プリンタ設定の検査
+ <li><a href="/swat/help/nmblookup.1.html" target="docs">nmblookup</a> - NetBIOS 名の検索ツール
+ <li><a href="/swat/help/wbinfo.1.html" target="docs">wbinfo</a> - winbind 情報の取得ツール
+ </ul>
+ <li><b>その他のユーティリティ</b>
+ <ul>
+ <li><a href="/swat/help/profiles.1.html" target="docs">profiles</a> - 別ドメインへのプロファイルの移行
+ <li><a href="/swat/help/editreg.1.html" target="docs">editreg</a> - Windows レジストリファイルの編集
+ <li><a href="/swat/help/log2pcap.1.html" target="docs">log2pcap</a> - Samba のログファイルから pcap ファイルの生成
+ </ul>
+ <li><b>書籍</b>
+ <ul>
+ <li><a href="/swat/using_samba/toc.html" target="docs">Using Samba 第二版</a> - 著者: Jay Ts, Robert Eckstein, David Collier-Brown
+ <li><a href="/swat/help/Samba-HOWTO-Collection.html">Samba HOWTO コレクション</a>
+ </ul>
+</ul>
+
+ <h3>フィードバック</h3>
+
+ このバージョンの SWAT に関する問題についての議論を行ないたい方は、
+ <A HREF="http://lists.samba.org/">samba</A> メーリングリストへの参加をお願いします。
+<small>(もしくは <A HREF="http://www.samba.gr.jp/ml/">sugj-tech</A> メーリングリストに日本語でお願いします)</small>
|