diff options
-rw-r--r-- | source3/passdb/passdb.c | 14 | ||||
-rw-r--r-- | source3/passdb/pdb_interface.c | 44 | ||||
-rw-r--r-- | source3/passdb/pdb_ldap.c | 20 | ||||
-rw-r--r-- | source3/passdb/pdb_smbpasswd.c | 21 | ||||
-rw-r--r-- | source3/passdb/pdb_tdb.c | 109 |
5 files changed, 179 insertions, 29 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 191844a454..c53b300198 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -432,28 +432,28 @@ BOOL pdb_name_to_rid(const char *user_name, uint32 *u_rid, uint32 *g_rid) Converts NT user RID to a UNIX uid. ********************************************************************/ -uid_t pdb_user_rid_to_uid(uint32 user_rid) +uid_t fallback_pdb_user_rid_to_uid(uint32 user_rid) { return (uid_t)(((user_rid & (~USER_RID_TYPE))- 1000)/RID_MULTIPLIER); } /******************************************************************* - Converts NT group RID to a UNIX gid. + converts UNIX uid to an NT User RID. ********************************************************************/ -gid_t pdb_group_rid_to_gid(uint32 group_rid) +uint32 fallback_pdb_uid_to_user_rid(uid_t uid) { - return (gid_t)(((group_rid & (~GROUP_RID_TYPE))- 1000)/RID_MULTIPLIER); + return (((((uint32)uid)*RID_MULTIPLIER) + 1000) | USER_RID_TYPE); } /******************************************************************* - converts UNIX uid to an NT User RID. + Converts NT group RID to a UNIX gid. ********************************************************************/ -uint32 pdb_uid_to_user_rid(uid_t uid) +gid_t pdb_group_rid_to_gid(uint32 group_rid) { - return (((((uint32)uid)*RID_MULTIPLIER) + 1000) | USER_RID_TYPE); + return (gid_t)(((group_rid & (~GROUP_RID_TYPE))- 1000)/RID_MULTIPLIER); } /******************************************************************* diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 29f08cf46c..2fc04bc3b5 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -121,6 +121,26 @@ static BOOL context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT return context->pdb_selected->delete_sam_account(context, sam_acct); } +static uint32 context_uid_to_user_rid(struct pdb_context *context, uid_t uid) +{ + if ((!context) || (!context->pdb_selected)) { + DEBUG(0, ("invalid pdb_context specified!\n")); + return False; + } + + return context->pdb_selected->uid_to_user_rid(context, uid); +} + +static uid_t context_user_rid_to_uid(struct pdb_context *context, uint32 rid) +{ + if ((!context) || (!context->pdb_selected)) { + DEBUG(0, ("invalid pdb_context specified!\n")); + return False; + } + + return context->pdb_selected->user_rid_to_uid(context, rid); +} + static void free_pdb_context(struct pdb_context **context) { if (((*context)->pdb_selected) && ((*context)->pdb_selected->free_private_data)) { @@ -164,6 +184,8 @@ static NTSTATUS make_pdb_context(struct pdb_context **context) (*context)->pdb_add_sam_account = context_add_sam_account; (*context)->pdb_update_sam_account = context_update_sam_account; (*context)->pdb_delete_sam_account = context_delete_sam_account; + (*context)->pdb_uid_to_user_rid = context_uid_to_user_rid; + (*context)->pdb_user_rid_to_uid = context_user_rid_to_uid; (*context)->free_fn = free_pdb_context; @@ -347,6 +369,28 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct) return pdb_context->pdb_delete_sam_account(pdb_context, sam_acct); } +uid_t pdb_user_rid_to_uid(uint32 rid) +{ + struct pdb_context *pdb_context = pdb_get_static_context(False); + + if (!pdb_context) { + return False; + } + + return pdb_context->pdb_user_rid_to_uid(pdb_context, rid); +} + +uint32 pdb_uid_to_user_rid(uid_t uid) +{ + struct pdb_context *pdb_context = pdb_get_static_context(False); + + if (!pdb_context) { + return False; + } + + return pdb_context->pdb_uid_to_user_rid(pdb_context, uid); +} + #endif /* !defined(WITH_NISPLUS_SAM) */ /*************************************************************** diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 7dae485394..4b4ff77eee 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -1145,6 +1145,24 @@ static BOOL ldapsam_getsampwrid(struct pdb_context *context, SAM_ACCOUNT * user, } /********************************************************************** + get rid by uid +*********************************************************************/ + +static uint32 ldapsam_uid_to_user_rid(struct pdb_context *context, uid_t uid) +{ + return fallback_pdb_uid_to_user_rid(uid); +} + +/********************************************************************** + get uid by rid +*********************************************************************/ + +static uid_t ldapsam_user_rid_to_uid(struct pdb_context *context, uint32 rid) +{ + return fallback_pdb_user_rid_to_uid(rid); +} + +/********************************************************************** Delete entry from LDAP for username *********************************************************************/ static BOOL ldapsam_delete_sam_account(struct pdb_context *context, const SAM_ACCOUNT * sam_acct) @@ -1409,6 +1427,8 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co (*pdb_method)->add_sam_account = ldapsam_add_sam_account; (*pdb_method)->update_sam_account = ldapsam_update_sam_account; (*pdb_method)->delete_sam_account = ldapsam_delete_sam_account; + (*pdb_method)->uid_to_user_rid = ldapsam_uid_to_user_rid; + (*pdb_method)->user_rid_to_uid = ldapsam_user_rid_to_uid; /* TODO: Setup private data and free */ diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c index 78c1a91d48..94bab7598e 100644 --- a/source3/passdb/pdb_smbpasswd.c +++ b/source3/passdb/pdb_smbpasswd.c @@ -1513,6 +1513,25 @@ static BOOL smbpasswd_getsampwrid(struct pdb_context *context, SAM_ACCOUNT *sam_ return True; } +/********************************************************************** + get rid by uid +*********************************************************************/ + +static uint32 smbpasswd_uid_to_rid(struct pdb_context *context, uid_t uid) +{ + return fallback_pdb_uid_to_user_rid(uid); +} + +/********************************************************************** + get uid by rid +*********************************************************************/ + +static uid_t smbpasswd_rid_to_uid(struct pdb_context *context, uint32 rid) +{ + return fallback_pdb_user_rid_to_uid(rid); +} + + static BOOL smbpasswd_add_sam_account(struct pdb_context *context, const SAM_ACCOUNT *sampass) { struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)context->pdb_selected->private_data; @@ -1586,6 +1605,8 @@ NTSTATUS pdb_init_smbpasswd(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, (*pdb_method)->add_sam_account = smbpasswd_add_sam_account; (*pdb_method)->update_sam_account = smbpasswd_update_sam_account; (*pdb_method)->delete_sam_account = smbpasswd_delete_sam_account; + (*pdb_method)->uid_to_user_rid = smbpasswd_uid_to_rid; + (*pdb_method)->user_rid_to_uid = smbpasswd_rid_to_uid; /* Setup private data and free function */ diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c index 40ba8dd475..86089cfd69 100644 --- a/source3/passdb/pdb_tdb.c +++ b/source3/passdb/pdb_tdb.c @@ -32,6 +32,8 @@ #define USERPREFIX "USER_" #define RIDPREFIX "RID_" +#define BASE_RID 0x200 + struct tdbsam_privates { TDB_CONTEXT *passwd_tdb; TDB_DATA key; @@ -253,8 +255,8 @@ done: /********************************************************************** Intialize a BYTE buffer from a SAM_ACCOUNT struct *********************************************************************/ -static uint32 init_buffer_from_sam (struct tdbsam_privates *tdb_state, uint8 **buf, - const SAM_ACCOUNT *sampass, uint32 user_rid, uint32 group_rid) +static uint32 init_buffer_from_sam (struct tdbsam_privates *tdb_state, + uint8 **buf, const SAM_ACCOUNT *sampass) { size_t len, buflen; @@ -267,6 +269,9 @@ static uint32 init_buffer_from_sam (struct tdbsam_privates *tdb_state, uint8 **b pass_last_set_time, pass_can_change_time, pass_must_change_time; + + uint32 user_rid, group_rid; + const char *username; const char *domain; const char *nt_username; @@ -305,6 +310,8 @@ static uint32 init_buffer_from_sam (struct tdbsam_privates *tdb_state, uint8 **b pass_must_change_time = (uint32)pdb_get_pass_must_change_time(sampass); pass_last_set_time = (uint32)pdb_get_pass_last_set_time(sampass); + user_rid = pdb_get_user_rid(sampass); + group_rid = pdb_get_group_rid(sampass); username = pdb_get_username(sampass); if (username) username_len = strlen(username) +1; @@ -641,6 +648,56 @@ static BOOL tdbsam_getsampwrid (struct pdb_context *context, SAM_ACCOUNT *user, } /*************************************************************************** + Search by rid and give back the uid! + **************************************************************************/ + +uid_t tdbsam_rid_to_uid (struct pdb_context *context, uint32 rid) +{ + uid_t ret; + SAM_ACCOUNT *sa; + + if (!NT_STATUS_IS_OK(pdb_init_sam(&sa))) return -1; + if (!tdbsam_getsampwrid (context, sa, rid)) { + ret = -1; + goto done; + } + else { + ret = pdb_get_uid(sa); + } +done: + pdb_free_sam(&sa); + return ret; +} + +/*************************************************************************** + Search by uid and give back the rid! + **************************************************************************/ + +uint32 tdbsam_uid_to_rid (struct pdb_context *context, uid_t uid) +{ + uint32 ret; + char *name; + struct passwd *pw; + SAM_ACCOUNT *sa; + + if (!NT_STATUS_IS_OK(pdb_init_sam(&sa))) return 0; + pw = getpwuid(uid); + if (!pw) return 0; + name = strdup(pw->pw_name); + if (!tdbsam_getsampwnam (context, sa, name)) { + ret = 0; + goto done; + } + else { + ret = pdb_get_user_rid(sa); + } +done: + SAFE_FREE(name); + pdb_free_sam(&sa); + return ret; +} + +/*************************************************************************** Delete a SAM_ACCOUNT ****************************************************************************/ @@ -709,9 +766,8 @@ static BOOL tdb_update_sam(struct pdb_context *context, const SAM_ACCOUNT* newpw fstring keystr; fstring name; BOOL ret = True; - uint32 user_rid; - uint32 group_rid; - int32 tdb_ret; + uint32 user_rid; + int32 tdb_ret; /* invalidate the existing TDB iterator if it is open */ if (tdb_state->passwd_tdb) { @@ -727,35 +783,42 @@ static BOOL tdb_update_sam(struct pdb_context *context, const SAM_ACCOUNT* newpw return False; } - /* if we don't have a RID, then make them up. */ - if (!(user_rid = pdb_get_user_rid(newpwd))) { - if (!tdb_state->permit_non_unix_accounts) { - DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a RID\n",pdb_get_username(newpwd))); - ret = False; - goto done; - } else { - user_rid = tdb_state->low_nua_rid; - tdb_ret = tdb_change_int32_atomic(pwd_tdb, "NUA_NEXT_RID", &user_rid, RID_MULTIPLIER); + /* if flag == TDB_INSERT then make up a new RID else throw an error. */ + if (!pdb_get_user_rid(newpwd)) { + if (flag & TDB_INSERT) { + user_rid = BASE_RID; + tdb_ret = tdb_change_int32_atomic(pwd_tdb, "RID_COUNTER", &user_rid, RID_MULTIPLIER); if (tdb_ret == -1) { ret = False; goto done; } + pdb_set_user_rid(newpwd, user_rid); + } else { + DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a RID\n",pdb_get_username(newpwd))); + ret = False; + goto done; } } - if (!(group_rid = pdb_get_group_rid(newpwd))) { - if (!tdb_state->permit_non_unix_accounts) { + if (!pdb_get_group_rid(newpwd)) { + if (flag & TDB_INSERT) { + if (!tdb_state->permit_non_unix_accounts) { + DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a primary group RID\n",pdb_get_username(newpwd))); + ret = False; + goto done; + } else { + /* This seems like a good default choice for non-unix users */ + pdb_set_group_rid(newpwd, DOMAIN_GROUP_RID_USERS); + } + } else { DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a primary group RID\n",pdb_get_username(newpwd))); ret = False; goto done; - } else { - /* This seems like a good default choice for non-unix users */ - group_rid = DOMAIN_GROUP_RID_USERS; } } /* copy the SAM_ACCOUNT struct into a BYTE buffer for storage */ - if ((data.dsize=init_buffer_from_sam (tdb_state, &buf, newpwd, user_rid, group_rid)) == -1) { + if ((data.dsize=init_buffer_from_sam (tdb_state, &buf, newpwd)) == -1) { DEBUG(0,("tdb_update_sam: ERROR - Unable to copy SAM_ACCOUNT info BYTE buffer!\n")); ret = False; goto done; @@ -853,6 +916,8 @@ NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, con (*pdb_method)->add_sam_account = tdbsam_add_sam_account; (*pdb_method)->update_sam_account = tdbsam_update_sam_account; (*pdb_method)->delete_sam_account = tdbsam_delete_sam_account; + (*pdb_method)->uid_to_user_rid = tdbsam_uid_to_rid; + (*pdb_method)->user_rid_to_uid = tdbsam_rid_to_uid; tdb_state = talloc_zero(pdb_context->mem_ctx, sizeof(struct tdbsam_privates)); @@ -899,9 +964,9 @@ NTSTATUS pdb_init_tdbsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, return NT_STATUS_UNSUCCESSFUL; } - tdb_state->low_nua_rid=pdb_uid_to_user_rid(low_nua_uid); + tdb_state->low_nua_rid=fallback_pdb_uid_to_user_rid(low_nua_uid); - tdb_state->high_nua_rid=pdb_uid_to_user_rid(high_nua_uid); + tdb_state->high_nua_rid=fallback_pdb_uid_to_user_rid(high_nua_uid); return NT_STATUS_OK; } |