diff options
| -rw-r--r-- | source3/include/proto.h | 15 | ||||
| -rw-r--r-- | source3/include/smb.h | 28 | ||||
| -rw-r--r-- | source3/passdb/ldap.c | 34 | ||||
| -rw-r--r-- | source3/passdb/nispass.c | 80 | ||||
| -rw-r--r-- | source3/passdb/passdb.c | 259 | ||||
| -rw-r--r-- | source3/passdb/smbpass.c | 1 | ||||
| -rw-r--r-- | source3/rpc_server/srv_samr.c | 38 | ||||
| -rw-r--r-- | source3/rpc_server/srv_util.c | 12 |
8 files changed, 335 insertions, 132 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 8207aa8adc..177a45c9c0 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1568,13 +1568,16 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override); struct smb_passwd *getsmbpwnam(char *name); struct smb_passwd *getsmbpwuid(uid_t smb_userid); struct sam_passwd *iterate_getsam21pwnam(char *name); -struct sam_passwd *iterate_getsam21pwuid(uint32 uid); +struct sam_passwd *iterate_getsam21pwrid(uint32 rid); +struct sam_passwd *iterate_getsam21pwuid(uid_t uid); +struct sam_disp_info *getsamdisprid(uint32 rid); struct sam_disp_info *getsamdispent(void *vp); struct sam_passwd *getsam21pwent(void *vp); BOOL add_sam21pwd_entry(struct sam_passwd *newpwd); BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override); struct sam_passwd *getsam21pwnam(char *name); -struct sam_passwd *getsam21pwuid(uint32 uid); +struct sam_passwd *getsam21pwrid(uint32 rid); +struct sam_passwd *getsam21pwuid(uid_t uid); void pdb_init_dispinfo(struct sam_disp_info *user); void pdb_init_smb(struct smb_passwd *user); void pdb_init_sam(struct sam_passwd *user); @@ -1588,10 +1591,10 @@ uint16 pdb_decode_acct_ctrl(char *p); int pdb_gethexpwd(char *p, char *pwd); BOOL pdb_name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid); BOOL pdb_generate_machine_sid(void); -uint32 pdb_user_rid_to_uid(uint32 u_rid); -uint32 pdb_group_rid_to_gid(uint32 u_gid); -uint32 pdb_uid_to_user_rid(uint32 uid); -uint32 pdb_gid_to_group_rid(uint32 gid); +uid_t pdb_user_rid_to_uid(uint32 u_rid); +gid_t pdb_group_rid_to_gid(uint32 g_rid); +uint32 pdb_uid_to_user_rid(uid_t uid); +uint32 pdb_gid_to_group_rid(gid_t gid); BOOL pdb_rid_is_user(uint32 rid); /*The following definitions come from password.c */ diff --git a/source3/include/smb.h b/source3/include/smb.h index fff44f179d..8687f618e4 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -637,6 +637,17 @@ struct shmem_ops { /* * Each implementation of the password database code needs * to support the following operations. + * + * either the get/mod/add-smbXXX or the get/mod/add-sam21XXX functions + * are optional, but not both. conversion routines will be called + * if only one of each is supported. the preference is to provide + * full getsam21pwXXX functionality. + * + * e.g: provide a getsam21pwnam() function but set getsmbpwnam() to NULL: + * passdb.c will automatically call getsam21pwnam() and then call the + * sam21-to-smb conversion routine if the passdb.c::getsmbpwnam() function + * is called. + * */ struct passdb_ops { @@ -647,12 +658,14 @@ struct passdb_ops { void (*endsmbpwent)(void *); unsigned long (*getsmbpwpos)(void *); BOOL (*setsmbpwpos)(void *, unsigned long); + /* * smb password database query functions. */ struct smb_passwd *(*getsmbpwnam)(char *); struct smb_passwd *(*getsmbpwuid)(uid_t); struct smb_passwd *(*getsmbpwent)(void *); + /* * smb password database modification functions. */ @@ -664,11 +677,24 @@ struct passdb_ops { */ struct sam_passwd *(*getsam21pwent)(void *); + /* + * sam password database query functions. + */ struct sam_passwd *(*getsam21pwnam)(char *); - struct sam_passwd *(*getsam21pwuid)(uint32); + struct sam_passwd *(*getsam21pwuid)(uid_t); + struct sam_passwd *(*getsam21pwrid)(uint32); + /* + * sam password database modification functions. + */ BOOL (*add_sam21pwd_entry)(struct sam_passwd *); BOOL (*mod_sam21pwd_entry)(struct sam_passwd *, BOOL); + + /* + * sam query display info functions. + */ + struct sam_disp_info *(*getsamdisprid)(uint32); + struct sam_disp_info *(*getsamdispent)(void *); }; /* this is used for smbstatus */ diff --git a/source3/passdb/ldap.c b/source3/passdb/ldap.c index de1e3cc9ab..4ee53edbef 100644 --- a/source3/passdb/ldap.c +++ b/source3/passdb/ldap.c @@ -945,21 +945,25 @@ static BOOL mod_ldappwd_entry(struct smb_passwd* pwd, BOOL override) return mod_ldap21pwd_entry(pdb_smb_to_sam(pwd), override); } -static struct passdb_ops ldap_ops = { - startldappwent, - endldappwent, - getldappwpos, - setldappwpos, - getldappwnam, - getldappwuid, - getldappwent, - add_ldappwd_entry, - mod_ldappwd_entry, - getldap21pwent, - iterate_getsam21pwnam, /* From passdb.c */ - iterate_getsam21pwuid, /* From passdb.c */ - add_ldap21pwd_entry, - mod_ldap21pwd_entry +static struct passdb_ops ldap_ops = +{ + startldappwent, + endldappwent, + getldappwpos, + setldappwpos, + getldappwnam, + NULL, /* getldappwuid, */ + NULL, /* getldappwent, */ + NULL, /* add_ldappwd_entry, */ + NULL, /* mod_ldappwd_entry, */ + getldap21pwent, + iterate_getsam21pwnam, /* From passdb.c */ + iterate_getsam21pwuid, /* From passdb.c */ + iterate_getsam21pwrid, /* From passdb.c */ + add_ldap21pwd_entry, + mod_ldap21pwd_entry, + NULL, /* getsamdisprid, */ + NULL /* getsamdispent */ }; struct passdb_ops *ldap_initialize_password_db(void) diff --git a/source3/passdb/nispass.c b/source3/passdb/nispass.c index 436fbc0e91..cb49f15059 100644 --- a/source3/passdb/nispass.c +++ b/source3/passdb/nispass.c @@ -94,13 +94,14 @@ static void gotalarm_sig(void) /*************************************************************** make_nisname_from_user_rid ****************************************************************/ -static char *make_nisname_from_user_rid(uint32 rid) +static char *make_nisname_from_user_rid(uint32 rid, char *pfile) { static pstring nisname; safe_strcpy(nisname, "[user_rid=", sizeof(nisname)-1); slprintf(nisname, sizeof(nisname)-1, "%s%d", nisname, rid); - safe_strcat(nisname, "], passwd.org_dir", sizeof(nisname)-strlen(nisname)-1); + safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1); + safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1); return nisname; } @@ -108,13 +109,14 @@ static char *make_nisname_from_user_rid(uint32 rid) /*************************************************************** make_nisname_from_uid ****************************************************************/ -static char *make_nisname_from_uid(int uid) +static char *make_nisname_from_uid(int uid, char *pfile) { static pstring nisname; safe_strcpy(nisname, "[uid=", sizeof(nisname)-1); slprintf(nisname, sizeof(nisname)-1, "%s%d", nisname, uid); - safe_strcat(nisname, "], passwd.org_dir", sizeof(nisname)-strlen(nisname)-1); + safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1); + safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1); return nisname; } @@ -122,13 +124,14 @@ static char *make_nisname_from_uid(int uid) /*************************************************************** make_nisname_from_name ****************************************************************/ -static char *make_nisname_from_name(char *user_name) +static char *make_nisname_from_name(char *user_name, char *pfile) { static pstring nisname; safe_strcpy(nisname, "[name=", sizeof(nisname)-1); safe_strcat(nisname, user_name, sizeof(nisname) - strlen(nisname) - 1); - safe_strcat(nisname, "], passwd.org_dir", sizeof(nisname) - strlen(nisname) - 1); + safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1); + safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1); return nisname; } @@ -214,9 +217,7 @@ static BOOL add_nisp21pwd_entry(struct sam_passwd *newpwd) pfile = lp_smb_passwd_file(); - safe_strcpy(user_name, newpwd->smb_name, sizeof(user_name)-1); - - nisname = make_nisname_from_name(user_name); + nisname = make_nisname_from_name(user_name, "passwd.org_dir"); nis_user = nis_list(nisname, FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP, NULL, NULL); @@ -229,10 +230,7 @@ static BOOL add_nisp21pwd_entry(struct sam_passwd *newpwd) user_obj = NIS_RES_OBJECT(nis_user); - safe_strcpy(nisname, "[name=", sizeof(nisname)-1); - safe_strcat(nisname, ENTRY_VAL(user_obj,0),sizeof(nisname)-strlen(nisname)-1); - safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1); - safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1); + make_nisname_from_name(ENTRY_VAL(user_obj,0), pfile); result = nis_list(nisname, FOLLOW_PATH|EXPAND_NAME|HARD_LOOKUP,NULL,NULL); if (result->status != NIS_SUCCESS && result->status != NIS_NOTFOUND) @@ -465,12 +463,12 @@ static struct sam_passwd *getnisp21pwnam(char *name) /************************************************************************* Routine to search the nisplus passwd file for an entry matching the username *************************************************************************/ -static struct sam_passwd *getnisp21pwuid(int smb_userid) +static struct sam_passwd *getnisp21pwrid(uint32 rid) { /* Static buffers we will return. */ static struct sam_passwd pw_buf; nis_result *result; - pstring nisname; + char *nisname; BOOL ret; if (!*lp_smb_passwd_file()) @@ -479,10 +477,10 @@ static struct sam_passwd *getnisp21pwuid(int smb_userid) return NULL; } - DEBUG(10, ("getnisppwuid: search by uid: %d\n", smb_userid)); - DEBUG(10, ("getnisppwuid: using NIS+ table %s\n", lp_smb_passwd_file())); + DEBUG(10, ("getnisp21pwrid: search by rid: %x\n", rid)); + DEBUG(10, ("getnisp21pwrid: using NIS+ table %s\n", lp_smb_passwd_file())); - slprintf(nisname, sizeof(nisname)-1, "[uid=%d],%s", smb_userid, lp_smb_passwd_file()); + nisname = make_nisname_from_user_rid(rid, lp_smb_passwd_file()); /* Search the table. */ gotalarm = 0; @@ -496,7 +494,7 @@ static struct sam_passwd *getnisp21pwuid(int smb_userid) if (gotalarm) { - DEBUG(0,("getnisppwuid: NIS+ lookup time out\n")); + DEBUG(0,("getnisp21pwrid: NIS+ lookup time out\n")); nis_freeresult(result); return NULL; } @@ -511,46 +509,24 @@ static struct sam_passwd *getnisp21pwuid(int smb_userid) * Derived functions for NIS+. */ -static struct smb_passwd *getnispwnam(char *name) -{ - return pdb_sam_to_smb(iterate_getsam21pwnam(name)); -} - -static struct smb_passwd *getnispwuid(uid_t smb_userid) -{ - return pdb_sam_to_smb(iterate_getsam21pwuid(smb_userid)); -} - -static struct smb_passwd *getnispwent(void *vp) -{ - return pdb_sam_to_smb(getnisp21pwent(vp)); -} - -static BOOL add_nispwd_entry(struct smb_passwd *newpwd) -{ - return add_nisp21pwd_entry(pdb_smb_to_sam(newpwd)); -} - -static BOOL mod_nispwd_entry(struct smb_passwd* pwd, BOOL override) -{ - return mod_nisp21pwd_entry(pdb_smb_to_sam(pwd), override); -} - static struct passdb_ops nispasswd_ops = { startnisppwent, endnisppwent, getnisppwpos, setnisppwpos, - getnispwnam, - getsmbpwuid, - getnispwent, - add_nispwd_entry, - mod_nispwd_entry, + NULL, /* getnispwnam, */ + NULL, /* getnispwuid, */ + NULL, /* getnispwent, */ + NULL, /* add_nispwd_entry, */ + NULL, /* mod_nispwd_entry, */ getnisp21pwent, - iterate_getsam21pwnam, /* Found in passdb.c */ - iterate_getsam21pwuid, /* Found in passdb.c */ + getnisp21pwnam, + NULL, /* getsam21pwuid */ + getnisp21pwrid, add_nisp21pwd_entry, - mod_nisp21pwd_entry + mod_nisp21pwd_entry, + NULL, /* getsamdisprid */ + NULL /* getsamdispent */ }; struct passdb_ops *nisplus_initialize_password_db(void) diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index acc8d1c609..d7ba8479bf 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -35,6 +35,19 @@ DOM_SID global_machine_sid; /* * NOTE. All these functions are abstracted into a structure * that points to the correct function for the selected database. JRA. + * + * NOTE. for the get/mod/add functions, there are two sets of functions. + * one supports struct sam_passwd, the other supports struct smb_passwd. + * for speed optimisation it is best to support both these sets. + * + * it is, however, optional to support one set but not the other: there + * is conversion-capability built in to passdb.c, and run-time error + * detection for when neither are supported. + * + * password database writers are recommended to implement the sam_passwd + * functions in a first pass, as struct sam_passwd contains more + * information, needed by the NT Domain support. lkcl. + * */ static struct passdb_ops *pdb_ops; @@ -115,8 +128,10 @@ struct smb_passwd *iterate_getsmbpwnam(char *name) BOOL initialize_password_db(void) { - if(pdb_ops) + if (pdb_ops) + { return True; + } #ifdef USE_NISPLUS_DB pdb_ops = nisplus_initialize_password_db(); @@ -141,6 +156,7 @@ BOOL initialize_password_db(void) from this function may be used to enumerate struct sam_passwd entries as well as struct smb_passwd entries. This may need to change. JRA. + ****************************************************************/ void *startsmbpwent(BOOL update) @@ -169,7 +185,19 @@ void endsmbpwent(void *vp) struct smb_passwd *getsmbpwent(void *vp) { - return pdb_ops->getsmbpwent(vp); + if (pdb_ops->getsmbpwent == NULL && pdb_ops->getsam21pwent == NULL) + { + /* must have one or the other: this is an error by the password + database implementor for the back-end you are using. + */ + DEBUG(0,("getsmbpwent: getsmbpwent() and getsam21pwent() not supported!\n")); + return NULL; + } + if (pdb_ops->getsmbpwent != NULL) + { + return pdb_ops->getsmbpwent(vp); + } + return pdb_sam_to_smb(pdb_ops->getsam21pwent(vp)); } /************************************************************************* @@ -210,7 +238,19 @@ BOOL setsmbpwpos(void *vp, unsigned long tok) BOOL add_smbpwd_entry(struct smb_passwd *newpwd) { - return pdb_ops->add_smbpwd_entry(newpwd); + if (pdb_ops->add_smbpwd_entry == NULL && pdb_ops->add_sam21pwd_entry == NULL) + { + /* must have one or the other: this is an error by the password + database implementor for the back-end you are using. + */ + DEBUG(0,("add_smbpwd_entry: add_smbpwd_entry() and add_sam21pwd_entry() not supported!\n")); + return False; + } + if (pdb_ops->add_smbpwd_entry != NULL) + { + return pdb_ops->add_smbpwd_entry(newpwd); + } + return pdb_ops->add_sam21pwd_entry(pdb_smb_to_sam(newpwd)); } /************************************************************************ @@ -224,7 +264,19 @@ BOOL add_smbpwd_entry(struct smb_passwd *newpwd) BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) { - return pdb_ops->mod_smbpwd_entry(pwd, override); + if (pdb_ops->mod_smbpwd_entry == NULL && pdb_ops->mod_sam21pwd_entry == NULL) + { + /* must have one or the other: this is an error by the password + database implementor for the back-end you are using. + */ + DEBUG(0,("mod_smbpwd_entry: mod_smbpwd_entry() and mod_sam21pwd_entry() not supported!\n")); + return False; + } + if (pdb_ops->mod_smbpwd_entry != NULL) + { + return pdb_ops->mod_smbpwd_entry(pwd, override); + } + return pdb_ops->mod_sam21pwd_entry(pdb_smb_to_sam(pwd), override); } /************************************************************************ @@ -233,7 +285,19 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) struct smb_passwd *getsmbpwnam(char *name) { - return pdb_ops->getsmbpwnam(name); + if (pdb_ops->getsmbpwnam == NULL && pdb_ops->getsam21pwnam == NULL) + { + /* must have one or the other: this is an error by the password + database implementor for the back-end you are using. + */ + DEBUG(0,("getsmbpwnam: getsmbpwnam() and getsam21pwnam() not supported!\n")); + return NULL; + } + if (pdb_ops->getsam21pwnam != NULL) + { + return pdb_ops->getsmbpwnam(name); + } + return pdb_sam_to_smb(getsam21pwnam(name)); } /************************************************************************ @@ -242,7 +306,19 @@ struct smb_passwd *getsmbpwnam(char *name) struct smb_passwd *getsmbpwuid(uid_t smb_userid) { - return pdb_ops->getsmbpwuid(smb_userid); + if (pdb_ops->getsmbpwuid == NULL && pdb_ops->getsam21pwrid == NULL) + { + /* must have one or the other: this is an error by the password + database implementor for the back-end you are using. + */ + DEBUG(0,("getsmbpwuid: getsmbpwuid() and getsam21pwrid() not supported!\n")); + return NULL; + } + if (pdb_ops->getsmbpwuid != NULL) + { + return pdb_ops->getsmbpwuid(smb_userid); + } + return pdb_sam_to_smb(pdb_ops->getsam21pwuid(pdb_uid_to_user_rid(smb_userid))); } /* @@ -285,9 +361,50 @@ struct sam_passwd *iterate_getsam21pwnam(char *name) /************************************************************************ Utility function to search sam passwd by uid. use this if your database does not have search facilities. + + search capability by both rid and uid are needed as the rid <-> uid + mapping may be non-monotonic. + *************************************************************************/ -struct sam_passwd *iterate_getsam21pwuid(uint32 uid) +struct sam_passwd *iterate_getsam21pwrid(uint32 rid) +{ + struct sam_passwd *pwd = NULL; + void *fp = NULL; + + DEBUG(10, ("iterate_getsam21pwrid: search by rid: %x\n", rid)); + + /* Open the smb password file - not for update. */ + fp = startsmbpwent(False); + + if (fp == NULL) + { + DEBUG(0, ("iterate_getsam21pwrid: unable to open sam password database.\n")); + return NULL; + } + + while ((pwd = getsam21pwent(fp)) != NULL && pwd->user_rid != rid) + ; + + if (pwd != NULL) + { + DEBUG(10, ("iterate_getsam21pwrid: found by user_rid: %x\n", rid)); + } + + endsmbpwent(fp); + return pwd; +} + +/************************************************************************ + Utility function to search sam passwd by uid. use this if your database + does not have search facilities. + + search capability by both rid and uid are needed as the rid <-> uid + mapping may be non-monotonic. + +*************************************************************************/ + +struct sam_passwd *iterate_getsam21pwuid(uid_t uid) { struct sam_passwd *pwd = NULL; void *fp = NULL; @@ -316,12 +433,27 @@ struct sam_passwd *iterate_getsam21pwuid(uint32 uid) } /************************************************************************* - Routine to return the next entry in the sam passwd list. + Routine to return a display info structure, by rid *************************************************************************/ +struct sam_disp_info *getsamdisprid(uint32 rid) +{ + if (pdb_ops->getsamdisprid != NULL) + { + return pdb_ops->getsamdisprid(rid); + } + return pdb_sam_to_dispinfo(pdb_ops->getsam21pwrid(rid)); +} +/************************************************************************* + Routine to return the next entry in the sam passwd list. + *************************************************************************/ struct sam_disp_info *getsamdispent(void *vp) { - return pdb_sam_to_dispinfo(pdb_ops->getsam21pwent(vp)); + if (pdb_ops->getsamdispent != NULL) + { + return pdb_ops->getsamdispent(vp); + } + return pdb_sam_to_dispinfo(pdb_ops->getsam21pwent(vp)); } /************************************************************************* @@ -330,7 +462,19 @@ struct sam_disp_info *getsamdispent(void *vp) struct sam_passwd *getsam21pwent(void *vp) { - return pdb_ops->getsam21pwent(vp); + if (pdb_ops->getsmbpwent == NULL && pdb_ops->getsam21pwent == NULL) + { + /* must have one or the other: this is an error by the password + database implementor for the back-end you are using. + */ + DEBUG(0,("getsmbpwent: getsmbpwent() and getsam21pwent() not supported!\n")); + return NULL; + } + if (pdb_ops->getsam21pwent != NULL) + { + return pdb_ops->getsam21pwent(vp); + } + return pdb_smb_to_sam(pdb_ops->getsmbpwent(vp)); } /************************************************************************ @@ -339,7 +483,19 @@ struct sam_passwd *getsam21pwent(void *vp) BOOL add_sam21pwd_entry(struct sam_passwd *newpwd) { - return pdb_ops->add_sam21pwd_entry(newpwd); + if (pdb_ops->add_smbpwd_entry == NULL && pdb_ops->add_sam21pwd_entry == NULL) + { + /* must have one or the other: this is an error by the password + database implementor for the back-end you are using. + */ + DEBUG(0,("add_smbpwd_entry: add_smbpwd_entry() and add_sam21pwd_entry() not supported!\n")); + return False; + } + if (pdb_ops->add_sam21pwd_entry != NULL) + { + return pdb_ops->add_sam21pwd_entry(newpwd); + } + return pdb_ops->add_smbpwd_entry(pdb_sam_to_smb(newpwd)); } /************************************************************************ @@ -353,7 +509,19 @@ BOOL add_sam21pwd_entry(struct sam_passwd *newpwd) BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override) { - return pdb_ops->mod_sam21pwd_entry(pwd, override); + if (pdb_ops->mod_smbpwd_entry == NULL && pdb_ops->mod_sam21pwd_entry == NULL) + { + /* must have one or the other: this is an error by the password + database implementor for the back-end you are using. + */ + DEBUG(0,("mod_smbpwd_entry: mod_smbpwd_entry() and mod_sam21pwd_entry() not supported!\n")); + return False; + } + if (pdb_ops->mod_sam21pwd_entry != NULL) + { + return pdb_ops->mod_sam21pwd_entry(pwd, override); + } + return pdb_ops->mod_smbpwd_entry(pdb_sam_to_smb(pwd), override); } @@ -363,16 +531,61 @@ BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override) struct sam_passwd *getsam21pwnam(char *name) { - return pdb_ops->getsam21pwnam(name); + if (pdb_ops->getsmbpwnam == NULL && pdb_ops->getsam21pwnam == NULL) + { + /* must have one or the other: this is an error by the password + database implementor for the back-end you are using. + */ + DEBUG(0,("getsam21pwnam: getsmbpwnam() and getsam21pwnam() not supported!\n")); + return NULL; + } + if (pdb_ops->getsam21pwnam != NULL) + { + return pdb_ops->getsam21pwnam(name); + } + return pdb_smb_to_sam(getsmbpwnam(name)); +} + +/************************************************************************ + Routine to search sam passwd by rid. +*************************************************************************/ + +struct sam_passwd *getsam21pwrid(uint32 rid) +{ + if (pdb_ops->getsmbpwuid == NULL && pdb_ops->getsam21pwrid == NULL) + { + /* must have one or the other: this is an error by the password + database implementor for the back-end you are using. + */ + DEBUG(0,("getsam21pwrid: getsmbpwuid() and getsam21pwrid() not supported!\n")); + return NULL; + } + if (pdb_ops->getsam21pwrid != NULL) + { + return pdb_ops->getsam21pwrid(rid); + } + return pdb_smb_to_sam(pdb_ops->getsmbpwuid(pdb_user_rid_to_uid(rid))); } /************************************************************************ Routine to search sam passwd by uid. *************************************************************************/ -struct sam_passwd *getsam21pwuid(uint32 uid) +struct sam_passwd *getsam21pwuid(uid_t uid) { - return pdb_ops->getsam21pwuid(uid); + if (pdb_ops->getsmbpwuid == NULL && pdb_ops->getsam21pwrid == NULL) + { + /* must have one or the other: this is an error by the password + database implementor for the back-end you are using. + */ + DEBUG(0,("getsam21pwuid: getsmbpwuid() and getsam21pwrid() not supported!\n")); + return NULL; + } + if (pdb_ops->getsam21pwuid != NULL) + { + return pdb_ops->getsam21pwuid(uid); + } + return pdb_smb_to_sam(pdb_ops->getsmbpwuid(uid)); } @@ -885,25 +1098,25 @@ Error was %s\n", sid_file, strerror(errno) )); converts NT User RID to a UNIX uid. ********************************************************************/ -uint32 pdb_user_rid_to_uid(uint32 u_rid) +uid_t pdb_user_rid_to_uid(uint32 u_rid) { - return (u_rid - 1000); + return (uid_t)(u_rid - 1000); } /******************************************************************* converts NT Group RID to a UNIX uid. ********************************************************************/ -uint32 pdb_group_rid_to_gid(uint32 u_gid) +gid_t pdb_group_rid_to_gid(uint32 g_rid) { - return (u_gid - 1000); + return (gid_t)(g_rid - 1000); } /******************************************************************* converts UNIX uid to an NT User RID. ********************************************************************/ -uint32 pdb_uid_to_user_rid(uint32 uid) +uint32 pdb_uid_to_user_rid(uid_t uid) { return (uint32)(uid + 1000); } @@ -912,7 +1125,7 @@ uint32 pdb_uid_to_user_rid(uint32 uid) converts NT Group RID to a UNIX uid. ********************************************************************/ -uint32 pdb_gid_to_group_rid(uint32 gid) +uint32 pdb_gid_to_group_rid(gid_t gid) { return (uint32)(gid + 1000); } @@ -924,5 +1137,9 @@ uint32 pdb_gid_to_group_rid(uint32 gid) BOOL pdb_rid_is_user(uint32 rid) { /* Punt for now - we need to look at the encoding here. JRA. */ + /* lkcl i understand that NT attaches an enumeration to a RID + * such that it can be identified as either a user, group etc + * type. there are 5 such categories, and they are documented. + */ return True; } diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c index 8e0ace9986..ff06905927 100644 --- a/source3/passdb/smbpass.c +++ b/source3/passdb/smbpass.c @@ -933,6 +933,7 @@ static struct passdb_ops file_ops = { getsmbfile21pwent, iterate_getsam21pwnam, /* In passdb.c */ iterate_getsam21pwuid, /* In passdb.c */ + iterate_getsam21pwrid, /* In passdb.c */ add_smbfile21pwd_entry, mod_smbfile21pwd_entry }; diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index adc16fa5c8..d1503a762e 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -860,41 +860,21 @@ static void api_samr_open_user( int uid, prs_struct *data, prs_struct *rdata) /************************************************************************* get_user_info_21 *************************************************************************/ -static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid) +static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid) { NTTIME dummy_time; struct sam_passwd *sam_pass; LOGON_HRS hrs; int i; - /* - * Convert from rid to either a uid or gid as soon as - * possible. JRA. - */ - - if(pdb_rid_is_user(rid)) - { - uint32 uid = pdb_user_rid_to_uid(rid); - become_root(True); - sam_pass = getsam21pwuid(uid); - unbecome_root(True); - } - else - { - struct group *grent; - uint32 gid; - gid = pdb_group_rid_to_gid(rid); - if((grent = getgrgid(gid)) == NULL) - { - DEBUG(0,("get_user_info_21: Unable to get group info.\n")); - return False; - } - /* TODO - at this point we need to convert from - a UNIX struct group into a user info 21 structure. - Punt for now. JRA. - */ - return False; - } + if (!pdb_rid_is_user(user_rid)) + { + return False; + } + + become_root(True); + sam_pass = getsam21pwrid(user_rid); + unbecome_root(True); if (sam_pass == NULL) { diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index 15c06d18bd..fca37db717 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -394,8 +394,7 @@ uint32 lookup_alias_name(uint32 rid, char *alias_name, uint32 *type) ********************************************************************/ uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type) { - struct smb_passwd *smb_pass; - uint32 unix_uid; + struct sam_disp_info *disp_info; int i = 0; (*type) = SID_NAME_USER; @@ -414,17 +413,14 @@ uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type) return 0x0; } - unix_uid = pdb_uid_to_user_rid(rid); - DEBUG(5,(" uid: %d", unix_uid)); - /* ok, it's a user. find the user account */ become_root(True); - smb_pass = getsmbpwuid(rid); /* lkclXXXX SHOULD use rid mapping here! */ + disp_info = getsamdisprid(rid); unbecome_root(True); - if (smb_pass != NULL) + if (disp_info != NULL) { - fstrcpy(user_name, smb_pass->smb_name); + fstrcpy(user_name, disp_info->smb_name); DEBUG(5,(" = %s\n", user_name)); return 0x0; } |