summaryrefslogtreecommitdiff
path: root/source3/groupdb
diff options
context:
space:
mode:
Diffstat (limited to 'source3/groupdb')
-rw-r--r--source3/groupdb/aliasldap.c425
-rw-r--r--source3/groupdb/aliasunix.c334
-rw-r--r--source3/groupdb/builtindb.c475
-rw-r--r--source3/groupdb/builtinldap.c426
-rw-r--r--source3/groupdb/builtinunix.c327
-rw-r--r--source3/groupdb/groupldap.c436
-rw-r--r--source3/groupdb/groupunix.c339
7 files changed, 0 insertions, 2762 deletions
diff --git a/source3/groupdb/aliasldap.c b/source3/groupdb/aliasldap.c
deleted file mode 100644
index 1e9a72a9d4..0000000000
--- a/source3/groupdb/aliasldap.c
+++ /dev/null
@@ -1,425 +0,0 @@
-/*
- Unix SMB/Netbios implementation.
- Version 2.0.
- LDAP local group database for SAMBA
- Copyright (C) Matthew Chapman 1998
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
-*/
-
-#include "includes.h"
-
-#ifdef WITH_LDAP
-
-#include <lber.h>
-#include <ldap.h>
-
-extern int DEBUGLEVEL;
-
-/* Internal state */
-extern LDAP *ldap_struct;
-extern LDAPMessage *ldap_results;
-extern LDAPMessage *ldap_entry;
-
-/* Static structure filled for requests */
-static LOCAL_GRP localgrp;
-
-
-/***************************************************************
- Get group and membership information.
- ****************************************************************/
-
-static LOCAL_GRP *ldapalias_getgrp(LOCAL_GRP *group,
- LOCAL_GRP_MEMBER **members, int *num_membs)
-{
- fstring temp;
- char **values;
- LOCAL_GRP_MEMBER *memblist;
- char *value, *sep;
- int i;
-
- if(!ldap_entry)
- return NULL;
-
- if(!ldap_get_attribute("cn", group->name)) {
- DEBUG(0, ("Missing cn\n"));
- return NULL; }
-
- DEBUG(2,("Retrieving alias [%s]\n", group->name));
-
- if(ldap_get_attribute("rid", temp)) {
- group->rid = strtol(temp, NULL, 16);
- } else {
- DEBUG(0, ("Missing rid\n"));
- return NULL;
- }
-
- if(!ldap_get_attribute("description", group->comment))
- group->comment[0] = 0;
-
- if(!members || !num_membs) {
- ldap_entry = ldap_next_entry(ldap_struct, ldap_entry);
- return group;
- }
-
- if(values = ldap_get_values(ldap_struct, ldap_entry, "member")) {
-
- *num_membs = i = ldap_count_values(values);
- *members = memblist = malloc(i * sizeof(LOCAL_GRP_MEMBER));
-
- do {
- value = values[--i];
-
- if(!(sep = strchr(value, ','))) {
- DEBUG(0, ("Malformed alias member\n"));
- return NULL;
- }
- *(sep++) = 0;
- fstrcpy(memblist[i].name, value);
-
- if(!(value = strchr(sep, ','))) {
- DEBUG(0, ("Malformed alias member\n"));
- return NULL;
- }
- *(value++) = 0;
- string_to_sid(&memblist[i].sid, sep);
-
- if((memblist[i].sid_use = atoi(value))
- >= SID_NAME_UNKNOWN)
- DEBUG(0, ("Invalid SID use in alias"));
-
- } while(i > 0);
-
- ldap_value_free(values);
-
- } else {
- *num_membs = 0;
- *members = NULL;
- }
-
- return group;
-}
-
-
-/************************************************************************
- Queues the necessary modifications to save a LOCAL_GRP structure
- ************************************************************************/
-
-static void ldapalias_grpmods(LOCAL_GRP *group, LDAPMod ***mods, int operation)
-{
- fstring temp;
-
- *mods = NULL;
-
- if(operation == LDAP_MOD_ADD) { /* immutable attributes */
- ldap_make_mod(mods, LDAP_MOD_ADD, "objectClass", "sambaAlias");
- ldap_make_mod(mods, LDAP_MOD_ADD, "cn", group->name);
-
- slprintf(temp, sizeof(temp)-1, "%x", group->rid);
- ldap_make_mod(mods, LDAP_MOD_ADD, "rid", temp);
- }
-
- ldap_make_mod(mods, operation, "description", group->comment);
-}
-
-
-/************************************************************************
- Create a alias member entry
- ************************************************************************/
-
-static BOOL ldapalias_memmods(DOM_SID *user_sid, LDAPMod ***mods,
- int operation)
-{
- pstring member;
- pstring sid_str;
- fstring name;
- uint8 type;
-
- if (lookup_sid(user_sid, name, &type))
- return (False);
- sid_to_string(sid_str, user_sid);
-
- slprintf(member, sizeof(member)-1, "%s,%s,%d", name, sid_str, type);
-
- *mods = NULL;
- ldap_make_mod(mods, operation, "member", member);
- return True;
-}
-
-
-/***************************************************************
- Begin/end smbgrp enumeration.
- ****************************************************************/
-
-static void *ldapalias_enumfirst(BOOL update)
-{
- if (lp_server_role() == ROLE_DOMAIN_NONE)
- return NULL;
-
- if (!ldap_connect())
- return NULL;
-
- ldap_search_for("objectClass=sambaAlias");
-
- return ldap_struct;
-}
-
-static void ldapalias_enumclose(void *vp)
-{
- ldap_disconnect();
-}
-
-
-/*************************************************************************
- Save/restore the current position in a query
- *************************************************************************/
-
-static SMB_BIG_UINT ldapalias_getdbpos(void *vp)
-{
- return (SMB_BIG_UINT)((ulong)ldap_entry);
-}
-
-static BOOL ldapalias_setdbpos(void *vp, SMB_BIG_UINT tok)
-{
- ldap_entry = (LDAPMessage *)((ulong)tok);
- return (True);
-}
-
-
-/*************************************************************************
- Return limited smb_passwd information, and group membership.
- *************************************************************************/
-
-static LOCAL_GRP *ldapalias_getgrpbynam(const char *name,
- LOCAL_GRP_MEMBER **members, int *num_membs)
-{
- fstring filter;
- LOCAL_GRP *ret;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(cn=%s)(objectClass=sambaAlias))", name);
- ldap_search_for(filter);
-
- ret = ldapalias_getgrp(&localgrp, members, num_membs);
-
- ldap_disconnect();
- return ret;
-}
-
-static LOCAL_GRP *ldapalias_getgrpbygid(gid_t grp_id,
- LOCAL_GRP_MEMBER **members, int *num_membs)
-{
- fstring filter;
- LOCAL_GRP *ret;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(gidNumber=%d)(objectClass=sambaAlias))", grp_id);
- ldap_search_for(filter);
- ret = ldapalias_getgrp(&localgrp, members, num_membs);
-
- ldap_disconnect();
- return ret;
-}
-
-static LOCAL_GRP *ldapalias_getgrpbyrid(uint32 grp_rid,
- LOCAL_GRP_MEMBER **members, int *num_membs)
-{
- fstring filter;
- LOCAL_GRP *ret;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(rid=%x)(objectClass=sambaAlias))", grp_rid);
- ldap_search_for(filter);
- ret = ldapalias_getgrp(&localgrp, members, num_membs);
-
- ldap_disconnect();
- return ret;
-}
-
-static LOCAL_GRP *ldapalias_getcurrentgrp(void *vp,
- LOCAL_GRP_MEMBER **members, int *num_membs)
-{
- return ldapalias_getgrp(&localgrp, members, num_membs);
-}
-
-
-/*************************************************************************
- Add/modify/delete aliases.
- *************************************************************************/
-
-static BOOL ldapalias_addgrp(LOCAL_GRP *group)
-{
- LDAPMod **mods;
-
- if (!ldap_allocaterid(&group->rid))
- {
- DEBUG(0,("RID generation failed\n"));
- return (False);
- }
-
- ldapalias_grpmods(group, &mods, LDAP_MOD_ADD);
- return ldap_makemods("cn", group->name, mods, True);
-}
-
-static BOOL ldapalias_modgrp(LOCAL_GRP *group)
-{
- LDAPMod **mods;
-
- ldapalias_grpmods(group, &mods, LDAP_MOD_REPLACE);
- return ldap_makemods("cn", group->name, mods, False);
-}
-
-static BOOL ldapalias_delgrp(uint32 grp_rid)
-{
- fstring filter;
- char *dn;
- int err;
-
- if (!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(rid=%x)(objectClass=sambaAlias))", grp_rid);
- ldap_search_for(filter);
-
- if (!ldap_entry || !(dn = ldap_get_dn(ldap_struct, ldap_entry)))
- {
- ldap_disconnect();
- return (False);
- }
-
- err = ldap_delete_s(ldap_struct, dn);
- free(dn);
- ldap_disconnect();
-
- if (err != LDAP_SUCCESS)
- {
- DEBUG(0, ("delete: %s\n", ldap_err2string(err)));
- return (False);
- }
-
- return True;
-}
-
-
-/*************************************************************************
- Add users to/remove users from aliases.
- *************************************************************************/
-
-static BOOL ldapalias_addmem(uint32 grp_rid, DOM_SID *user_sid)
-{
- LDAPMod **mods;
- fstring rid_str;
-
- slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
-
- if(!ldapalias_memmods(user_sid, &mods, LDAP_MOD_ADD))
- return (False);
-
- return ldap_makemods("rid", rid_str, mods, False);
-}
-
-static BOOL ldapalias_delmem(uint32 grp_rid, DOM_SID *user_sid)
-{
- LDAPMod **mods;
- fstring rid_str;
-
- slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
-
- if(!ldapalias_memmods(user_sid, &mods, LDAP_MOD_DELETE))
- return (False);
-
- return ldap_makemods("rid", rid_str, mods, False);
-}
-
-
-/*************************************************************************
- Return aliases that a user is in.
- *************************************************************************/
-
-static BOOL ldapalias_getusergroups(const char *name, LOCAL_GRP **groups,
- int *num_grps)
-{
- LOCAL_GRP *grouplist;
- fstring filter;
- int i;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(pstring)-1,
- "(&(member=%s,*)(objectclass=sambaAlias))", name);
- ldap_search_for(filter);
-
- *num_grps = i = ldap_count_entries(ldap_struct, ldap_results);
-
- if(!i) {
- *groups = NULL;
- ldap_disconnect();
- return (True);
- }
-
- *groups = grouplist = malloc(i * sizeof(LOCAL_GRP));
- do {
- i--;
- } while(ldapalias_getgrp(&grouplist[i], NULL, NULL) && (i > 0));
-
- ldap_disconnect();
- return (True);
-}
-
-
-static struct aliasdb_ops ldapalias_ops =
-{
- ldapalias_enumfirst,
- ldapalias_enumclose,
- ldapalias_getdbpos,
- ldapalias_setdbpos,
-
- ldapalias_getgrpbynam,
- ldapalias_getgrpbygid,
- ldapalias_getgrpbyrid,
- ldapalias_getcurrentgrp,
-
- ldapalias_addgrp,
- ldapalias_modgrp,
- ldapalias_delgrp,
-
- ldapalias_addmem,
- ldapalias_delmem,
-
- ldapalias_getusergroups
-};
-
-struct aliasdb_ops *ldap_initialise_alias_db(void)
-{
- return &ldapalias_ops;
-}
-
-#else
- void aliasldap_dummy_function(void);
- void aliasldap_dummy_function(void) { } /* stop some compilers complaining */
-#endif
-
diff --git a/source3/groupdb/aliasunix.c b/source3/groupdb/aliasunix.c
deleted file mode 100644
index c53692f328..0000000000
--- a/source3/groupdb/aliasunix.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/*
- * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
- * Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
- *
- * This program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
- * more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 675
- * Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "includes.h"
-
-#ifdef USE_SMBUNIX_DB
-
-extern int DEBUGLEVEL;
-
-
-extern DOM_SID global_sam_sid;
-extern fstring global_sam_name;
-
-struct unix_entries
-{
- struct group *grps;
- int num_grps;
- int grp_idx;
-};
-
-/***************************************************************
- Start to enumerate the alspasswd list. Returns a void pointer
- to ensure no modification outside this module.
-****************************************************************/
-
-static void *startalsunixpwent(BOOL update)
-{
- struct unix_entries *grps;
- grps = (struct unix_entries*)malloc(sizeof(struct unix_entries));
-
- if (grps == NULL)
- {
- return NULL;
- }
-
- if (!get_unix_grps(&grps->num_grps, &grps->grps))
- {
- free(grps);
- return NULL;
- }
-
- grps->grp_idx = 0;
-
- return (void*)grps;
-}
-
-/***************************************************************
- End enumeration of the alspasswd list.
-****************************************************************/
-
-static void endalsunixpwent(void *vp)
-{
- struct unix_entries *grps = (struct unix_entries *)vp;
-
- if (grps != NULL)
- {
- free_unix_grps(grps->num_grps, grps->grps);
- free(vp);
- }
-}
-
-/*************************************************************************
- Return the current position in the alspasswd list as an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-static SMB_BIG_UINT getalsunixpwpos(void *vp)
-{
- return (SMB_BIG_UINT)0;
-}
-
-/*************************************************************************
- Set the current position in the alspasswd list from an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-static BOOL setalsunixpwpos(void *vp, SMB_BIG_UINT tok)
-{
- return False;
-}
-
-/*************************************************************************
- Routine to return the next entry in the smbdomainalias list.
- *************************************************************************/
-BOOL get_unixalias_members(struct group *grp,
- int *num_mem, LOCAL_GRP_MEMBER **members)
-{
- int i;
- char *unix_name;
-
- if (num_mem == NULL || members == NULL)
- {
- return False;
- }
-
- (*num_mem) = 0;
- (*members) = NULL;
-
- for (i = 0; (unix_name = grp->gr_mem[i]) != NULL; i++)
- {
- fstring name;
- DOM_NAME_MAP gmep;
- LOCAL_GRP_MEMBER *mem;
-
- fstrcpy(name, unix_name);
-
- if (!lookupsmbpwnam (name, &gmep) &&
- !lookupsmbgrpnam(name, &gmep))
- {
- continue;
- }
-
- if (!sid_front_equal(&global_sam_sid, &gmep.sid))
- {
- DEBUG(0,("alias database: could not resolve name %s (wrong Domain SID)\n",
- name));
- continue;
- }
-
- (*num_mem)++;
- (*members) = Realloc((*members), (*num_mem) * sizeof(LOCAL_GRP_MEMBER));
- if ((*members) == NULL)
- {
- DEBUG(0,("get_unixalias_members: could not realloc LOCAL_GRP_MEMBERs\n"));
- return False;
- }
-
- mem = &(*members)[(*num_mem)-1];
- slprintf(mem->name, sizeof(mem->name)-1, "%s\\%s",
- gmep.nt_domain, gmep.nt_name);
- sid_copy(&mem->sid, &gmep.sid);
- mem->sid_use = gmep.type;
-
- DEBUG(10,("get_unixalias_members: adding alias %s\n",
- mem->name));
- }
- return True;
-}
-
-/*************************************************************************
- Routine to return the next entry in the domain alias list.
-
- when we are a PDC or BDC, then unix groups that are explicitly NOT mapped
- to aliases are treated as DOMAIN groups (see groupunix.c).
-
- when we are a member of a domain (not a PDC or BDC) then unix groups
- that are explicitly NOT mapped to aliases (map_alias_gid) are treated
- as LOCAL groups.
-
- the reasoning behind this is to make it as simple as possible (not an easy
- task) for people to set up a domain-aware samba server, in each role that
- the server can take.
-
- *************************************************************************/
-static LOCAL_GRP *getalsunixpwent(void *vp, LOCAL_GRP_MEMBER **mem, int *num_mem)
-{
- /* Static buffers we will return. */
- static LOCAL_GRP gp_buf;
- struct group unix_grp;
- struct unix_entries *grps = (struct unix_entries *)vp;
-
- if (lp_server_role() == ROLE_DOMAIN_NONE)
- {
- /*
- * no domain role, no domain aliases (or domain groups,
- * but that's dealt with by groupdb...).
- */
-
- return NULL;
- }
-
- aldb_init_als(&gp_buf);
-
- /* get array of unix names + gids. this function does NOT
- get a copy of the unix group members
- */
-
- /* cycle through unix groups */
- for (; grps->grp_idx < grps->num_grps; grps->grp_idx++)
- {
- DOM_NAME_MAP gmep;
- fstring sid_str;
-
- memcpy(&unix_grp, &grps->grps[grps->grp_idx], sizeof(unix_grp));
-
- DEBUG(10,("getgrpunixpwent: enum unix group entry %s\n",
- unix_grp.gr_name));
-
- if (!lookupsmbgrpgid(unix_grp.gr_gid, &gmep))
- {
- continue;
- }
-
- sid_to_string(sid_str, &gmep.sid);
- DEBUG(10,("group %s found, sid %s type %d\n",
- gmep.nt_name, sid_str, gmep.type));
-
- if (gmep.type != SID_NAME_ALIAS)
- {
- continue;
- }
-
- sid_split_rid(&gmep.sid, &gp_buf.rid);
- if (!sid_equal(&global_sam_sid, &gmep.sid))
- {
- continue;
- }
-
- fstrcpy(gp_buf.name, gmep.nt_name);
- break;
- }
-
- if (grps->grp_idx >= grps->num_grps)
- {
- return NULL;
- }
-
- /* get the user's domain aliases. there are a maximum of 32 */
-
- if (mem != NULL && num_mem != NULL)
- {
- (*mem) = NULL;
- (*num_mem) = 0;
-
- memcpy(&unix_grp, getgrgid(unix_grp.gr_gid), sizeof(unix_grp));
- get_unixalias_members(&unix_grp, num_mem, mem);
- }
-
- {
- pstring linebuf;
- make_alias_line(linebuf, sizeof(linebuf), &gp_buf, mem, num_mem);
- DEBUG(10,("line: '%s'\n", linebuf));
- }
-
- grps->grp_idx++; /* advance so next enum gets next entry */
- return &gp_buf;
-}
-
-/************************************************************************
- Routine to add an entry to the alspasswd file.
-*************************************************************************/
-
-static BOOL add_alsunixgrp_entry(LOCAL_GRP *newals)
-{
- DEBUG(0, ("add_alsunixgrp_entry: NOT IMPLEMENTED\n"));
- return False;
-}
-
-/************************************************************************
- Routine to search the alspasswd file for an entry matching the aliasname.
- and then modify its alias entry.
-************************************************************************/
-
-static BOOL mod_alsunixgrp_entry(LOCAL_GRP* als)
-{
- DEBUG(0, ("mod_alsunixgrp_entry: NOT IMPLEMENTED\n"));
- return False;
-}
-
-/************************************************************************
- Routine to search the grppasswd file for an entry matching the rid.
- and then delete it.
-************************************************************************/
-
-static BOOL del_alsunixgrp_entry(uint32 rid)
-{
- DEBUG(0, ("del_alsunixgrp_entry: NOT IMPLEMENTED\n"));
- return False;
-}
-
-/************************************************************************
- Routine to add a member to an entry to the grppasswd file.
-*************************************************************************/
-static BOOL add_alsunixgrp_member(uint32 rid, DOM_SID *member_sid)
-{
- DEBUG(0, ("add_alsunixgrp_member: NOT IMPLEMENTED\n"));
- return False;
-}
-
-/************************************************************************
- Routine to delete a member from an entry to the grppasswd file.
-*************************************************************************/
-static BOOL del_alsunixgrp_member(uint32 rid, DOM_SID *member_sid)
-{
- DEBUG(0, ("del_alsunixgrp_member: NOT IMPLEMENTED\n"));
- return False;
-}
-
-
-static struct aliasdb_ops unix_ops =
-{
- startalsunixpwent,
- endalsunixpwent,
- getalsunixpwpos,
- setalsunixpwpos,
-
- iterate_getaliasntnam, /* In aliasdb.c */
- iterate_getaliasgid, /* In aliasdb.c */
- iterate_getaliasrid, /* In aliasdb.c */
- getalsunixpwent,
-
- add_alsunixgrp_entry,
- mod_alsunixgrp_entry,
- del_alsunixgrp_entry,
-
- add_alsunixgrp_member,
- del_alsunixgrp_member,
-
- iterate_getuseraliasntnam /* in aliasdb.c */
-};
-
-struct aliasdb_ops *unix_initialise_alias_db(void)
-{
- return &unix_ops;
-}
-
-#else
- /* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
- void unix_alspass_dummy_function(void) { } /* stop some compilers complaining */
-#endif /* USE_SMBPASS_DB */
diff --git a/source3/groupdb/builtindb.c b/source3/groupdb/builtindb.c
deleted file mode 100644
index 3b09b6225d..0000000000
--- a/source3/groupdb/builtindb.c
+++ /dev/null
@@ -1,475 +0,0 @@
-/*
- Unix SMB/Netbios implementation.
- Version 1.9.
- Pasesword and authentication handling
- Copyright (C) Jeremy Allison 1996-1998
- Copyright (C) Luke Kenneth Caseson Leighton 1996-1998
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mases Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-#include "nterr.h"
-
-extern int DEBUGLEVEL;
-
-extern fstring global_sam_name;
-extern DOM_SID global_sam_sid;
-
-/*
- * NOTE. All these functions are abstracted into a structure
- * that points to the correct function for the selected database. JRA.
- */
-
-static struct aliasdb_ops *bidb_ops = NULL;
-
-/***************************************************************
- Initialise the builtin db operations.
-***************************************************************/
-
-BOOL initialise_builtin_db(void)
-{
- if (bidb_ops)
- {
- return True;
- }
-
-#ifdef WITH_NISPLUS
- bidb_ops = nisplus_initialise_builtin_db();
-#elif defined(WITH_LDAP)
- bidb_ops = ldap_initialise_builtin_db();
-#elif defined(USE_SMBUNIX_DB)
- bidb_ops = unix_initialise_builtin_db();
-#endif
-
- return (bidb_ops != NULL);
-}
-
-/*
- * Functions that return/manipulate a LOCAL_GRP.
- */
-
-/************************************************************************
- Utility function to search builtin database by gid: the LOCAL_GRP
- structure does not have a gid member, so we have to convert here
- from gid to builtin rid.
-*************************************************************************/
-LOCAL_GRP *iterate_getbuiltingid(gid_t gid, LOCAL_GRP_MEMBER **mem, int *num_mem)
-{
- DOM_NAME_MAP gmep;
- uint32 rid;
- if (!lookupsmbgrpgid(gid, &gmep))
- {
- DEBUG(0,("iterate_getbuiltingid: gid %d does not map to one of our Domain's Aliases\n", gid));
- return NULL;
- }
-
- if (gmep.type != SID_NAME_ALIAS )
- {
- DEBUG(0,("iterate_getbuiltingid: gid %d does not map to one of our Domain's Aliases\n", gid));
- return NULL;
- }
-
- sid_split_rid(&gmep.sid, &rid);
- if (!sid_equal(&gmep.sid, &global_sam_sid))
- {
- DEBUG(0,("iterate_getbuiltingid: gid %d does not map into our Domain SID\n", gid));
- return NULL;
- }
-
- return iterate_getbuiltinrid(rid, mem, num_mem);
-}
-
-/************************************************************************
- Utility function to search builtin database by rid. use this if your database
- does not have search facilities.
-*************************************************************************/
-LOCAL_GRP *iterate_getbuiltinrid(uint32 rid, LOCAL_GRP_MEMBER **mem, int *num_mem)
-{
- LOCAL_GRP *blt = NULL;
- void *fp = NULL;
-
- DEBUG(10, ("search by rid: 0x%x\n", rid));
-
- /* Open the builtin database file - not for update. */
- fp = startbuiltinent(False);
-
- if (fp == NULL)
- {
- DEBUG(0, ("unable to open builtin database.\n"));
- return NULL;
- }
-
- while ((blt = getbuiltinent(fp, mem, num_mem)) != NULL && blt->rid != rid)
- {
- DEBUG(10,("iterate: %s 0x%x", blt->name, blt->rid));
- }
-
- if (blt != NULL)
- {
- DEBUG(10, ("found builtin %s by rid: 0x%x\n", blt->name, rid));
- }
-
- endbuiltinent(fp);
- return blt;
-}
-
-/************************************************************************
- Utility function to search builtin database by name. use this if your database
- does not have search facilities.
-*************************************************************************/
-LOCAL_GRP *iterate_getbuiltinntnam(const char *name, LOCAL_GRP_MEMBER **mem, int *num_mem)
-{
- LOCAL_GRP *blt = NULL;
- void *fp = NULL;
-
- DEBUG(10, ("search by name: %s\n", name));
-
- /* Open the builtin database file - not for update. */
- fp = startbuiltinent(False);
-
- if (fp == NULL)
- {
- DEBUG(0, ("unable to open builtin database.\n"));
- return NULL;
- }
-
- while ((blt = getbuiltinent(fp, mem, num_mem)) != NULL && !strequal(blt->name, name))
- {
- }
-
- if (blt != NULL)
- {
- DEBUG(10, ("found by name: %s\n", name));
- }
-
- endbuiltinent(fp);
- return blt;
-}
-
-/*************************************************************************
- Routine to return the next entry in the smbdomainbuiltin list.
- *************************************************************************/
-BOOL add_domain_builtin(LOCAL_GRP **blts, int *num_blts, LOCAL_GRP *blt)
-{
- if (blts == NULL || num_blts == NULL || blt == NULL)
- {
- return False;
- }
-
- (*blts) = Realloc((*blts), ((*num_blts)+1) * sizeof(LOCAL_GRP));
- if ((*blts) == NULL)
- {
- return False;
- }
-
- DEBUG(10,("adding builtin %s(%s)\n", blt->name, blt->comment));
-
- fstrcpy((*blts)[(*num_blts)].name , blt->name);
- fstrcpy((*blts)[(*num_blts)].comment, blt->comment);
- (*blts)[(*num_blts)].rid = blt->rid;
-
- (*num_blts)++;
-
- return True;
-}
-
-/*************************************************************************
- checks to see if a user is a member of a domain builtin
- *************************************************************************/
-static BOOL user_is_member(const char *user_name, LOCAL_GRP_MEMBER *mem, int num_mem)
-{
- int i;
- pstring name;
- slprintf(name, sizeof(name)-1, "%s\\%s", global_sam_name, user_name);
-
- for (i = 0; i < num_mem; i++)
- {
- DEBUG(10,("searching against user %s...\n", mem[i].name));
- if (strequal(mem[i].name, name))
- {
- DEBUG(10,("searching for user %s: found\n", name));
- return True;
- }
- }
- DEBUG(10,("searching for user %s: not found\n", name));
- return False;
-}
-
-/*************************************************************************
- gets an array of builtin aliases that a user is in. use this if your database
- does not have search facilities
- *************************************************************************/
-BOOL iterate_getuserbuiltinntnam(const char *user_name, LOCAL_GRP **blts, int *num_blts)
-{
- LOCAL_GRP *blt = NULL;
- LOCAL_GRP_MEMBER *mem = NULL;
- int num_mem = 0;
- void *fp = NULL;
-
- DEBUG(10, ("search for userbuiltin by name: %s\n", user_name));
-
- if (user_name == NULL || blts == NULL || num_blts == NULL)
- {
- return False;
- }
-
- (*blts) = NULL;
- (*num_blts) = 0;
-
- /* Open the builtin database file - not for update. */
- fp = startbuiltinent(False);
-
- if (fp == NULL)
- {
- DEBUG(0, ("unable to open builtin database.\n"));
- return False;
- }
-
- /* iterate through all builtin aliases. search members for required user */
- while ((blt = getbuiltinent(fp, &mem, &num_mem)) != NULL)
- {
- DEBUG(5,("builtin name %s members: %d\n", blt->name, num_mem));
- if (num_mem != 0 && mem != NULL)
- {
- BOOL ret = True;
- if (user_is_member(user_name, mem, num_mem))
- {
- ret = add_domain_builtin(blts, num_blts, blt);
- }
-
- free(mem);
- mem = NULL;
- num_mem = 0;
-
- if (!ret)
- {
- (*num_blts) = 0;
- break;
- }
- }
- }
-
- if ((*num_blts) != 0)
- {
- DEBUG(10, ("found %d user builtin aliases:\n", (*num_blts)));
- }
-
- endbuiltinent(fp);
- return True;
-}
-
-/*************************************************************************
- gets an array of builtin aliases that a user is in. use this if your database
- does not have search facilities
- *************************************************************************/
-BOOL enumdombuiltins(LOCAL_GRP **blts, int *num_blts)
-{
- LOCAL_GRP *blt = NULL;
- void *fp = NULL;
-
- DEBUG(10, ("enum user builtin aliases\n"));
-
- if (blts == NULL || num_blts == NULL)
- {
- return False;
- }
-
- (*blts) = NULL;
- (*num_blts) = 0;
-
- /* Open the builtin database file - not for update. */
- fp = startbuiltinent(False);
-
- if (fp == NULL)
- {
- DEBUG(0, ("unable to open builtin database.\n"));
- return False;
- }
-
- /* iterate through all builtin aliases. */
- while ((blt = getbuiltinent(fp, NULL, NULL)) != NULL)
- {
- if (!add_domain_builtin(blts, num_blts, blt))
- {
- DEBUG(0,("unable to add builtin while enumerating\n"));
- return False;
- }
- }
-
- if ((*num_blts) != 0)
- {
- DEBUG(10, ("found %d user builtin aliases:\n", (*num_blts)));
- }
-
- endbuiltinent(fp);
- return True;
-}
-
-/***************************************************************
- Start to enumerate the builtin database list. Returns a void pointer
- to ensure no modification outside this module.
-****************************************************************/
-
-void *startbuiltinent(BOOL update)
-{
- return bidb_ops->startaliasent(update);
-}
-
-/***************************************************************
- End enumeration of the builtin database list.
-****************************************************************/
-
-void endbuiltinent(void *vp)
-{
- bidb_ops->endaliasent(vp);
-}
-
-/*************************************************************************
- Routine to return the next entry in the builtin database list.
- *************************************************************************/
-
-LOCAL_GRP *getbuiltinent(void *vp, LOCAL_GRP_MEMBER **mem, int *num_mem)
-{
- return bidb_ops->getaliasent(vp, mem, num_mem);
-}
-
-/************************************************************************
- Routine to add an entry to the builtin database file.
-*************************************************************************/
-
-BOOL add_builtin_entry(LOCAL_GRP *newblt)
-{
- return bidb_ops->add_alias_entry(newblt);
-}
-
-/************************************************************************
- Routine to search the builtin database file for an entry matching the builtinname.
- and then replace the entry.
-************************************************************************/
-
-BOOL mod_builtin_entry(LOCAL_GRP* blt)
-{
- return bidb_ops->mod_alias_entry(blt);
-}
-
-/************************************************************************
- Routine to add a member to an entry in the builtin database file.
-*************************************************************************/
-BOOL add_builtin_member(uint32 rid, DOM_SID *member_sid)
-{
- return bidb_ops->add_alias_member(rid, member_sid);
-}
-
-/************************************************************************
- Routine to delete a member from an entry in the builtindatabase file.
-*************************************************************************/
-BOOL del_builtin_member(uint32 rid, DOM_SID *member_sid)
-{
- return bidb_ops->del_alias_member(rid, member_sid);
-}
-
-/************************************************************************
- Routine to search builtin database by name.
-*************************************************************************/
-
-LOCAL_GRP *getbuiltinntnam(const char *name, LOCAL_GRP_MEMBER **mem, int *num_mem)
-{
- return bidb_ops->getaliasntnam(name, mem, num_mem);
-}
-
-/************************************************************************
- Routine to search builtin database by builtin rid.
-*************************************************************************/
-
-LOCAL_GRP *getbuiltinrid(uint32 builtin_rid, LOCAL_GRP_MEMBER **mem, int *num_mem)
-{
- return bidb_ops->getaliasrid(builtin_rid, mem, num_mem);
-}
-
-/************************************************************************
- Routine to search builtin database by gid.
-*************************************************************************/
-
-LOCAL_GRP *getbuiltingid(gid_t gid, LOCAL_GRP_MEMBER **mem, int *num_mem)
-{
- return bidb_ops->getaliasgid(gid, mem, num_mem);
-}
-
-/*************************************************************************
- gets an array of builtin aliases that a user is in.
- *************************************************************************/
-BOOL getuserbuiltinntnam(const char *user_name, LOCAL_GRP **blt, int *num_blts)
-{
- return bidb_ops->getuseraliasntnam(user_name, blt, num_blts);
-}
-
-/*************************************************************
- initialises a LOCAL_GRP.
- **************************************************************/
-void bidb_init_blt(LOCAL_GRP *blt)
-{
- if (blt == NULL) return;
- ZERO_STRUCTP(blt);
-}
-
-/*************************************************************
- turns an builtin entry into a string.
- **************************************************************/
-BOOL make_builtin_line(char *p, int max_len,
- LOCAL_GRP *blt,
- LOCAL_GRP_MEMBER **mem, int *num_mem)
-{
- int i;
- int len;
- len = slprintf(p, max_len-1, "%s:%s:%d:", blt->name, blt->comment, blt->rid);
-
- if (len == -1)
- {
- DEBUG(0,("make_builtin_line: cannot create entry\n"));
- return False;
- }
-
- p += len;
- max_len -= len;
-
- if (mem == NULL || num_mem == NULL)
- {
- return True;
- }
-
- for (i = 0; i < (*num_mem); i++)
- {
- len = strlen((*mem)[i].name);
- p = safe_strcpy(p, (*mem)[i].name, max_len);
-
- if (p == NULL)
- {
- DEBUG(0, ("make_builtin_line: out of space for builtin aliases!\n"));
- return False;
- }
-
- max_len -= len;
-
- if (i != (*num_mem)-1)
- {
- *p = ',';
- p++;
- max_len--;
- }
- }
-
- return True;
-}
diff --git a/source3/groupdb/builtinldap.c b/source3/groupdb/builtinldap.c
deleted file mode 100644
index baac82f1ba..0000000000
--- a/source3/groupdb/builtinldap.c
+++ /dev/null
@@ -1,426 +0,0 @@
-/*
- Unix SMB/Netbios implementation.
- Version 2.0.
- LDAP builtin group database for SAMBA
- Copyright (C) Matthew Chapman 1998
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
-*/
-
-#include "includes.h"
-
-#ifdef WITH_LDAP
-
-#include <lber.h>
-#include <ldap.h>
-
-extern int DEBUGLEVEL;
-
-/* Internal state */
-extern LDAP *ldap_struct;
-extern LDAPMessage *ldap_results;
-extern LDAPMessage *ldap_entry;
-
-/* Static structure filled for requests */
-static LOCAL_GRP localgrp;
-
-
-/***************************************************************
- Get group and membership information.
- ****************************************************************/
-
-static LOCAL_GRP *ldapbuiltin_getgrp(LOCAL_GRP *group,
- LOCAL_GRP_MEMBER **members, int *num_membs)
-{
- fstring temp;
- char **values;
- LOCAL_GRP_MEMBER *memblist;
- char *value, *sep;
- int i;
-
- if(!ldap_entry)
- return NULL;
-
- if(!ldap_get_attribute("cn", group->name)) {
- DEBUG(0, ("Missing cn\n"));
- return NULL; }
-
- DEBUG(2,("Retrieving builtin alias [%s]\n", group->name));
-
- if(ldap_get_attribute("rid", temp)) {
- group->rid = strtol(temp, NULL, 16);
- } else {
- DEBUG(0, ("Missing rid\n"));
- return NULL;
- }
-
- if(!ldap_get_attribute("description", group->comment))
- group->comment[0] = 0;
-
- if(!members || !num_membs) {
- ldap_entry = ldap_next_entry(ldap_struct, ldap_entry);
- return group;
- }
-
- if(values = ldap_get_values(ldap_struct, ldap_entry, "member")) {
-
- *num_membs = i = ldap_count_values(values);
- *members = memblist = malloc(i * sizeof(LOCAL_GRP_MEMBER));
-
- do {
- value = values[--i];
-
- if(!(sep = strchr(value, ','))) {
- DEBUG(0, ("Malformed alias member\n"));
- return NULL;
- }
- *(sep++) = 0;
- fstrcpy(memblist[i].name, value);
-
- if(!(value = strchr(sep, ','))) {
- DEBUG(0, ("Malformed alias member\n"));
- return NULL;
- }
- *(value++) = 0;
- string_to_sid(&memblist[i].sid, sep);
-
- if((memblist[i].sid_use = atoi(value))
- >= SID_NAME_UNKNOWN)
- DEBUG(0, ("Invalid SID use in alias"));
-
- } while(i > 0);
-
- ldap_value_free(values);
-
- } else {
- *num_membs = 0;
- *members = NULL;
- }
-
- return group;
-}
-
-
-/************************************************************************
- Queues the necessary modifications to save a LOCAL_GRP structure
- ************************************************************************/
-
-static void ldapbuiltin_grpmods(LOCAL_GRP *group, LDAPMod ***mods,
- int operation)
-{
- fstring temp;
-
- *mods = NULL;
-
- if(operation == LDAP_MOD_ADD) { /* immutable attributes */
- ldap_make_mod(mods, LDAP_MOD_ADD, "objectClass", "sambaBuiltin");
- ldap_make_mod(mods, LDAP_MOD_ADD, "cn", group->name);
-
- slprintf(temp, sizeof(temp)-1, "%x", group->rid);
- ldap_make_mod(mods, LDAP_MOD_ADD, "rid", temp);
- }
-
- ldap_make_mod(mods, operation, "description", group->comment);
-}
-
-
-/************************************************************************
- Create a builtin alias member entry
- ************************************************************************/
-
-static BOOL ldapbuiltin_memmods(DOM_SID *user_sid, LDAPMod ***mods,
- int operation)
-{
- pstring member;
- pstring sid_str;
- fstring name;
- uint8 type;
-
- if (lookup_sid(user_sid, name, &type))
- return (False);
- sid_to_string(sid_str, user_sid);
-
- slprintf(member, sizeof(member)-1, "%s,%s,%d", name, sid_str, type);
-
- *mods = NULL;
- ldap_make_mod(mods, operation, "member", member);
- return True;
-}
-
-
-/***************************************************************
- Begin/end smbgrp enumeration.
- ****************************************************************/
-
-static void *ldapbuiltin_enumfirst(BOOL update)
-{
- if (lp_server_role() == ROLE_DOMAIN_NONE)
- return NULL;
-
- if (!ldap_connect())
- return NULL;
-
- ldap_search_for("objectClass=sambaBuiltin");
-
- return ldap_struct;
-}
-
-static void ldapbuiltin_enumclose(void *vp)
-{
- ldap_disconnect();
-}
-
-
-/*************************************************************************
- Save/restore the current position in a query
- *************************************************************************/
-
-static SMB_BIG_UINT ldapbuiltin_getdbpos(void *vp)
-{
- return (SMB_BIG_UINT)((ulong)ldap_entry);
-}
-
-static BOOL ldapbuiltin_setdbpos(void *vp, SMB_BIG_UINT tok)
-{
- ldap_entry = (LDAPMessage *)((ulong)tok);
- return (True);
-}
-
-
-/*************************************************************************
- Return limited smb_passwd information, and group membership.
- *************************************************************************/
-
-static LOCAL_GRP *ldapbuiltin_getgrpbynam(const char *name,
- LOCAL_GRP_MEMBER **members, int *num_membs)
-{
- fstring filter;
- LOCAL_GRP *ret;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(cn=%s)(objectClass=sambaBuiltin))", name);
- ldap_search_for(filter);
-
- ret = ldapbuiltin_getgrp(&localgrp, members, num_membs);
-
- ldap_disconnect();
- return ret;
-}
-
-static LOCAL_GRP *ldapbuiltin_getgrpbygid(gid_t grp_id,
- LOCAL_GRP_MEMBER **members, int *num_membs)
-{
- fstring filter;
- LOCAL_GRP *ret;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(gidNumber=%d)(objectClass=sambaBuiltin))", grp_id);
- ldap_search_for(filter);
- ret = ldapbuiltin_getgrp(&localgrp, members, num_membs);
-
- ldap_disconnect();
- return ret;
-}
-
-static LOCAL_GRP *ldapbuiltin_getgrpbyrid(uint32 grp_rid,
- LOCAL_GRP_MEMBER **members, int *num_membs)
-{
- fstring filter;
- LOCAL_GRP *ret;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(rid=%x)(objectClass=sambaBuiltin))", grp_rid);
- ldap_search_for(filter);
- ret = ldapbuiltin_getgrp(&localgrp, members, num_membs);
-
- ldap_disconnect();
- return ret;
-}
-
-static LOCAL_GRP *ldapbuiltin_getcurrentgrp(void *vp,
- LOCAL_GRP_MEMBER **members, int *num_membs)
-{
- return ldapbuiltin_getgrp(&localgrp, members, num_membs);
-}
-
-
-/*************************************************************************
- Add/modify/delete builtin aliases.
- *************************************************************************/
-
-static BOOL ldapbuiltin_addgrp(LOCAL_GRP *group)
-{
- LDAPMod **mods;
-
- if (!ldap_allocaterid(&group->rid))
- {
- DEBUG(0,("RID generation failed\n"));
- return (False);
- }
-
- ldapbuiltin_grpmods(group, &mods, LDAP_MOD_ADD);
- return ldap_makemods("cn", group->name, mods, True);
-}
-
-static BOOL ldapbuiltin_modgrp(LOCAL_GRP *group)
-{
- LDAPMod **mods;
-
- ldapbuiltin_grpmods(group, &mods, LDAP_MOD_REPLACE);
- return ldap_makemods("cn", group->name, mods, False);
-}
-
-static BOOL ldapbuiltin_delgrp(uint32 grp_rid)
-{
- fstring filter;
- char *dn;
- int err;
-
- if (!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(rid=%x)(objectClass=sambaBuiltin))", grp_rid);
- ldap_search_for(filter);
-
- if (!ldap_entry || !(dn = ldap_get_dn(ldap_struct, ldap_entry)))
- {
- ldap_disconnect();
- return (False);
- }
-
- err = ldap_delete_s(ldap_struct, dn);
- free(dn);
- ldap_disconnect();
-
- if (err != LDAP_SUCCESS)
- {
- DEBUG(0, ("delete: %s\n", ldap_err2string(err)));
- return (False);
- }
-
- return True;
-}
-
-
-/*************************************************************************
- Add users to/remove users from aliases.
- *************************************************************************/
-
-static BOOL ldapbuiltin_addmem(uint32 grp_rid, DOM_SID *user_sid)
-{
- LDAPMod **mods;
- fstring rid_str;
-
- slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
-
- if(!ldapbuiltin_memmods(user_sid, &mods, LDAP_MOD_ADD))
- return (False);
-
- return ldap_makemods("rid", rid_str, mods, False);
-}
-
-static BOOL ldapbuiltin_delmem(uint32 grp_rid, DOM_SID *user_sid)
-{
- LDAPMod **mods;
- fstring rid_str;
-
- slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
-
- if(!ldapbuiltin_memmods(user_sid, &mods, LDAP_MOD_DELETE))
- return (False);
-
- return ldap_makemods("rid", rid_str, mods, False);
-}
-
-
-/*************************************************************************
- Return builtin aliases that a user is in.
- *************************************************************************/
-
-static BOOL ldapbuiltin_getusergroups(const char *name,
- LOCAL_GRP **groups, int *num_grps)
-{
- LOCAL_GRP *grouplist;
- fstring filter;
- int i;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(pstring)-1,
- "(&(member=%s,*)(objectclass=sambaBuiltin))", name);
- ldap_search_for(filter);
-
- *num_grps = i = ldap_count_entries(ldap_struct, ldap_results);
-
- if(!i) {
- *groups = NULL;
- ldap_disconnect();
- return (True);
- }
-
- *groups = grouplist = malloc(i * sizeof(LOCAL_GRP));
- do {
- i--;
- } while(ldapbuiltin_getgrp(&grouplist[i], NULL, NULL) && (i > 0));
-
- ldap_disconnect();
- return (True);
-}
-
-
-static struct aliasdb_ops ldapbuiltin_ops =
-{
- ldapbuiltin_enumfirst,
- ldapbuiltin_enumclose,
- ldapbuiltin_getdbpos,
- ldapbuiltin_setdbpos,
-
- ldapbuiltin_getgrpbynam,
- ldapbuiltin_getgrpbygid,
- ldapbuiltin_getgrpbyrid,
- ldapbuiltin_getcurrentgrp,
-
- ldapbuiltin_addgrp,
- ldapbuiltin_modgrp,
- ldapbuiltin_delgrp,
-
- ldapbuiltin_addmem,
- ldapbuiltin_delmem,
-
- ldapbuiltin_getusergroups
-};
-
-struct aliasdb_ops *ldap_initialise_builtin_db(void)
-{
- return &ldapbuiltin_ops;
-}
-
-#else
- void builtinldap_dummy_function(void);
- void builtinldap_dummy_function(void) { } /* stop some compilers complaining */
-#endif
-
diff --git a/source3/groupdb/builtinunix.c b/source3/groupdb/builtinunix.c
deleted file mode 100644
index 57421cc449..0000000000
--- a/source3/groupdb/builtinunix.c
+++ /dev/null
@@ -1,327 +0,0 @@
-/*
- * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
- * Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
- *
- * This program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
- * more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 675
- * Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "includes.h"
-
-#ifdef USE_SMBUNIX_DB
-
-extern int DEBUGLEVEL;
-
-struct unix_entries
-{
- struct group *grps;
- int num_grps;
- int grp_idx;
-};
-
-extern DOM_SID global_sid_S_1_5_20;
-extern DOM_SID global_sam_sid;
-extern fstring global_sam_name;
-
-/***************************************************************
- Start to enumerate the bltpasswd list. Returns a void pointer
- to ensure no modification outside this module.
-****************************************************************/
-
-static void *startbltunixpwent(BOOL update)
-{
- struct unix_entries *grps;
- grps = (struct unix_entries*)malloc(sizeof(struct unix_entries));
-
- if (grps == NULL)
- {
- return NULL;
- }
-
- if (!get_unix_grps(&grps->num_grps, &grps->grps))
- {
- free(grps);
- return NULL;
- }
-
- grps->grp_idx = 0;
-
- return (void*)grps;
-}
-
-/***************************************************************
- End enumeration of the bltpasswd list.
-****************************************************************/
-
-static void endbltunixpwent(void *vp)
-{
- struct unix_entries *grps = (struct unix_entries *)vp;
-
- if (grps != NULL)
- {
- free_unix_grps(grps->num_grps, grps->grps);
- free(vp);
- }
-}
-
-/*************************************************************************
- Return the current position in the bltpasswd list as an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-static SMB_BIG_UINT getbltunixpwpos(void *vp)
-{
- return (SMB_BIG_UINT)0;
-}
-
-/*************************************************************************
- Set the current position in the bltpasswd list from an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-static BOOL setbltunixpwpos(void *vp, SMB_BIG_UINT tok)
-{
- return False;
-}
-
-/*************************************************************************
- Routine to return the next entry in the smbdomainbuiltin list.
- *************************************************************************/
-BOOL get_unixbuiltin_members(struct group *grp,
- int *num_mem, LOCAL_GRP_MEMBER **members)
-{
- int i;
- char *unix_name;
-
- if (num_mem == NULL || members == NULL)
- {
- return False;
- }
-
- (*num_mem) = 0;
- (*members) = NULL;
-
- for (i = 0; (unix_name = grp->gr_mem[i]) != NULL; i++)
- {
- fstring name;
- DOM_NAME_MAP gmep;
- LOCAL_GRP_MEMBER *mem;
-
- fstrcpy(name, unix_name);
-
- if (!lookupsmbpwnam (name, &gmep) &&
- !lookupsmbgrpnam(name, &gmep))
- {
- continue;
- }
-
- if (!sid_front_equal(&global_sam_sid, &gmep.sid))
- {
- DEBUG(0,("builtin database: could not resolve name %s (wrong Domain SID)\n",
- name));
- continue;
- }
-
- (*num_mem)++;
- (*members) = Realloc((*members), (*num_mem) * sizeof(LOCAL_GRP_MEMBER));
- if ((*members) == NULL)
- {
- DEBUG(0,("get_unixbuiltin_members: could not realloc LOCAL_GRP_MEMBERs\n"));
- return False;
- }
-
- mem = &(*members)[(*num_mem)-1];
- slprintf(mem->name, sizeof(mem->name)-1, "%s\\%s",
- gmep.nt_domain, gmep.nt_name);
- sid_copy(&mem->sid, &gmep.sid);
- mem->sid_use = gmep.type;
-
- DEBUG(10,("get_unixbuiltin_members: adding to builtin alias %s\n",
- mem->name));
- }
- return True;
-}
-
-/*************************************************************************
- Routine to return the next entry in the domain builtin list.
-
- when we are a PDC or BDC, then unix groups that are explicitly NOT mapped
- to builtin aliases are treated as DOMAIN groups (see groupunix.c).
-
- when we are a member of a domain (not a PDC or BDC) then unix groups
- that are explicitly NOT mapped to builtin aliases are treated
- as LOCAL groups.
-
- the reasoning behind this is to make it as simple as possible (not an easy
- task) for people to set up a domain-aware samba server, in each role that
- the server can take.
-
- *************************************************************************/
-static LOCAL_GRP *getbltunixpwent(void *vp, LOCAL_GRP_MEMBER **mem, int *num_mem)
-{
- /* Static buffers we will return. */
- static LOCAL_GRP gp_buf;
- struct group unix_grp;
- struct unix_entries *grps = (struct unix_entries *)vp;
-
- if (grps == NULL)
- {
- return NULL;
- }
-
- if (lp_server_role() == ROLE_DOMAIN_NONE)
- {
- /*
- * no domain role, no domain aliases (or domain groups,
- * but that's dealt with by groupdb...).
- */
-
- return NULL;
- }
-
- bidb_init_blt(&gp_buf);
-
- /* get array of unix names + gids. this function does NOT
- get a copy of the unix group members
- */
-
- /* cycle through unix groups */
- for (; grps->grp_idx < grps->num_grps; grps->grp_idx++)
- {
- DOM_NAME_MAP gmep;
- fstring sid_str;
-
- memcpy(&unix_grp, &grps->grps[grps->grp_idx], sizeof(unix_grp));
-
- DEBUG(10,("getgrpunixpwent: enum unix group entry %s\n",
- unix_grp.gr_name));
-
- if (!lookupsmbgrpgid(unix_grp.gr_gid, &gmep))
- {
- continue;
- }
-
- sid_to_string(sid_str, &gmep.sid);
- DEBUG(10,("group %s found, sid %s type %d\n",
- gmep.nt_name, sid_str, gmep.type));
-
- if (gmep.type != SID_NAME_ALIAS)
- {
- continue;
- }
-
- sid_split_rid(&gmep.sid, &gp_buf.rid);
- if (!sid_equal(&global_sam_sid, &gmep.sid))
- {
- continue;
- }
-
- fstrcpy(gp_buf.name, gmep.nt_name);
- break;
- }
-
- if (grps->grp_idx >= grps->num_grps)
- {
- return NULL;
- }
-
- /* get the user's domain aliases. there are a maximum of 32 */
-
- if (mem != NULL && num_mem != NULL)
- {
- (*mem) = NULL;
- (*num_mem) = 0;
-
- memcpy(&unix_grp, getgrgid(unix_grp.gr_gid), sizeof(unix_grp));
- get_unixbuiltin_members(&unix_grp, num_mem, mem);
- }
-
- {
- pstring linebuf;
- make_alias_line(linebuf, sizeof(linebuf), &gp_buf, mem, num_mem);
- DEBUG(10,("line: '%s'\n", linebuf));
- }
-
- grps->grp_idx++; /* advance so next enum gets next entry */
- return &gp_buf;
-}
-
-/************************************************************************
- Routine to add an entry to the bltpasswd file.
-*************************************************************************/
-
-static BOOL add_bltunixgrp_entry(LOCAL_GRP *newblt)
-{
- DEBUG(0, ("add_bltunixgrp_entry: NOT IMPLEMENTED\n"));
- return False;
-}
-
-/************************************************************************
- Routine to search the bltpasswd file for an entry matching the builtinname.
- and then modify its builtin entry.
-************************************************************************/
-
-static BOOL mod_bltunixgrp_entry(LOCAL_GRP* blt)
-{
- DEBUG(0, ("mod_bltunixgrp_entry: NOT IMPLEMENTED\n"));
- return False;
-}
-
-/************************************************************************
- Routine to add a member to an entry to the bltpasswd file.
-*************************************************************************/
-static BOOL add_bltunixgrp_member(uint32 rid, DOM_SID *member_sid)
-{
- DEBUG(0, ("add_bltunixgrp_member: NOT IMPLEMENTED\n"));
- return False;
-}
-
-/************************************************************************
- Routine to delete a member from an entry to the bltpasswd file.
-*************************************************************************/
-static BOOL del_bltunixgrp_member(uint32 rid, DOM_SID *member_sid)
-{
- DEBUG(0, ("del_bltunixgrp_member: NOT IMPLEMENTED\n"));
- return False;
-}
-
-static struct aliasdb_ops unix_ops =
-{
- startbltunixpwent,
- endbltunixpwent,
- getbltunixpwpos,
- setbltunixpwpos,
-
- iterate_getbuiltinntnam, /* In builtindb.c */
- iterate_getbuiltingid, /* In builtindb.c */
- iterate_getbuiltinrid, /* In builtindb.c */
- getbltunixpwent,
-
- add_bltunixgrp_entry,
- mod_bltunixgrp_entry,
- NULL, /* deliberately NULL: you can't delete builtin aliases */
-
- add_bltunixgrp_member,
- del_bltunixgrp_member,
-
- iterate_getuserbuiltinntnam /* in builtindb.c */
-};
-
-struct aliasdb_ops *unix_initialise_builtin_db(void)
-{
- return &unix_ops;
-}
-
-#else
- /* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
- void unix_bltpass_dummy_function(void) { } /* stop some compilers complaining */
-#endif /* USE_SMBPASS_DB */
diff --git a/source3/groupdb/groupldap.c b/source3/groupdb/groupldap.c
deleted file mode 100644
index d32332e1ab..0000000000
--- a/source3/groupdb/groupldap.c
+++ /dev/null
@@ -1,436 +0,0 @@
-/*
- Unix SMB/Netbios implementation.
- Version 2.0.
- LDAP domain group database for SAMBA
- Copyright (C) Matthew Chapman 1998
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
-*/
-
-#include "includes.h"
-
-#ifdef WITH_LDAP
-
-#include <lber.h>
-#include <ldap.h>
-
-extern int DEBUGLEVEL;
-extern DOM_SID global_sam_sid;
-
-/* Internal state */
-extern LDAP *ldap_struct;
-extern LDAPMessage *ldap_results;
-extern LDAPMessage *ldap_entry;
-
-/* Static structure filled for requests */
-static DOMAIN_GRP domgrp;
-
-
-/***************************************************************
- Get group and membership information.
- ****************************************************************/
-
-static DOMAIN_GRP *ldapgroup_getgrp(DOMAIN_GRP *group,
- DOMAIN_GRP_MEMBER **members, int *num_membs)
-{
- fstring temp;
- char **values;
- DOMAIN_GRP_MEMBER *memblist;
- char *value, *sep;
- int i;
-
- if(!ldap_entry)
- return NULL;
-
- if(!ldap_get_attribute("cn", group->name)) {
- DEBUG(0, ("Missing cn\n"));
- return NULL; }
-
- DEBUG(2,("Retrieving group [%s]\n", group->name));
-
- if(ldap_get_attribute("rid", temp)) {
- group->rid = strtol(temp, NULL, 16);
- } else {
- DEBUG(0, ("Missing rid\n"));
- return NULL;
- }
-
- if(!ldap_get_attribute("description", group->comment))
- group->comment[0] = 0;
-
- group->attr = 0x7;
-
- if(!members || !num_membs) {
- ldap_entry = ldap_next_entry(ldap_struct, ldap_entry);
- return group;
- }
-
- if(values = ldap_get_values(ldap_struct, ldap_entry, "member")) {
-
- *num_membs = i = ldap_count_values(values);
- *members = memblist = malloc(i * sizeof(DOMAIN_GRP_MEMBER));
-
- do {
- value = values[--i];
-
- if(!(sep = strchr(value, ','))) {
- DEBUG(0, ("Malformed group member\n"));
- return NULL;
- }
- *(sep++) = 0;
- fstrcpy(memblist[i].name, value);
-
- if(!(value = strchr(sep, ','))) {
- DEBUG(0, ("Malformed group member\n"));
- return NULL;
- }
- memblist[i].rid = strtol(sep, &value, 16);
-
- if((memblist[i].sid_use = atoi(value+1))
- >= SID_NAME_UNKNOWN)
- DEBUG(0, ("Invalid SID use in group"));
-
- memblist[i].attr = 0x7;
-
- } while(i > 0);
-
- ldap_value_free(values);
-
- } else {
- *num_membs = 0;
- *members = NULL;
- }
-
- ldap_entry = ldap_next_entry(ldap_struct, ldap_entry);
- return group;
-}
-
-
-/************************************************************************
- Queues the necessary modifications to save a DOMAIN_GRP structure
- ************************************************************************/
-
-static void ldapgroup_grpmods(DOMAIN_GRP *group, LDAPMod ***mods,
- int operation)
-{
- fstring temp;
-
- *mods = NULL;
-
- if(operation == LDAP_MOD_ADD) { /* immutable attributes */
- ldap_make_mod(mods, LDAP_MOD_ADD, "objectClass", "sambaGroup");
- ldap_make_mod(mods, LDAP_MOD_ADD, "cn", group->name);
-
- slprintf(temp, sizeof(temp)-1, "%x", group->rid);
- ldap_make_mod(mods, LDAP_MOD_ADD, "rid", temp);
- }
-
- ldap_make_mod(mods, operation, "description", group->comment);
-}
-
-
-/************************************************************************
- Create a group member entry
- ************************************************************************/
-
-static BOOL ldapgroup_memmods(uint32 user_rid, LDAPMod ***mods, int operation)
-{
- pstring member;
- fstring name;
- DOM_SID sid;
- uint8 type;
-
- sid_copy(&sid, &global_sam_sid);
- sid_append_rid(&sid, user_rid);
- if (lookup_sid(&sid, name, &type))
- return (False);
-
- slprintf(member, sizeof(member)-1, "%s,%x,%d", name, user_rid, type);
-
- *mods = NULL;
- ldap_make_mod(mods, operation, "member", member);
- return True;
-}
-
-
-/***************************************************************
- Begin/end domain group enumeration.
- ****************************************************************/
-
-static void *ldapgroup_enumfirst(BOOL update)
-{
- int server_role = lp_server_role();
-
- if (server_role == ROLE_DOMAIN_NONE ||
- server_role == ROLE_DOMAIN_MEMBER)
- return NULL;
-
- if (!ldap_connect())
- return NULL;
-
- ldap_search_for("objectclass=sambaGroup");
-
- return ldap_struct;
-}
-
-static void ldapgroup_enumclose(void *vp)
-{
- ldap_disconnect();
-}
-
-
-/*************************************************************************
- Save/restore the current position in a query
- *************************************************************************/
-
-static SMB_BIG_UINT ldapgroup_getdbpos(void *vp)
-{
- return (SMB_BIG_UINT)((ulong)ldap_entry);
-}
-
-static BOOL ldapgroup_setdbpos(void *vp, SMB_BIG_UINT tok)
-{
- ldap_entry = (LDAPMessage *)((ulong)tok);
- return (True);
-}
-
-
-/*************************************************************************
- Return information about domain groups and their members.
- *************************************************************************/
-
-static DOMAIN_GRP *ldapgroup_getgrpbynam(const char *name,
- DOMAIN_GRP_MEMBER **members, int *num_membs)
-{
- fstring filter;
- DOMAIN_GRP *ret;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(cn=%s*)(objectClass=sambaGroup))", name);
- ldap_search_for(filter);
-
- ret = ldapgroup_getgrp(&domgrp, members, num_membs);
-
- ldap_disconnect();
- return ret;
-}
-
-static DOMAIN_GRP *ldapgroup_getgrpbygid(gid_t grp_id,
- DOMAIN_GRP_MEMBER **members, int *num_membs)
-{
- fstring filter;
- DOMAIN_GRP *ret;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(gidNumber=%d)(objectClass=sambaGroup))", grp_id);
- ldap_search_for(filter);
-
- ret = ldapgroup_getgrp(&domgrp, members, num_membs);
-
- ldap_disconnect();
- return ret;
-}
-
-static DOMAIN_GRP *ldapgroup_getgrpbyrid(uint32 grp_rid,
- DOMAIN_GRP_MEMBER **members, int *num_membs)
-{
- fstring filter;
- DOMAIN_GRP *ret;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(rid=%x)(objectClass=sambaGroup))", grp_rid);
- ldap_search_for(filter);
-
- ret = ldapgroup_getgrp(&domgrp, members, num_membs);
-
- ldap_disconnect();
- return ret;
-}
-
-static DOMAIN_GRP *ldapgroup_getcurrentgrp(void *vp,
- DOMAIN_GRP_MEMBER **members, int *num_membs)
-{
- return ldapgroup_getgrp(&domgrp, members, num_membs);
-}
-
-
-/*************************************************************************
- Add/modify/delete domain groups.
- *************************************************************************/
-
-static BOOL ldapgroup_addgrp(DOMAIN_GRP *group)
-{
- LDAPMod **mods;
-
- if (!ldap_allocaterid(&group->rid))
- {
- DEBUG(0,("RID generation failed\n"));
- return (False);
- }
-
- ldapgroup_grpmods(group, &mods, LDAP_MOD_ADD);
- return ldap_makemods("cn", group->name, mods, True);
-}
-
-static BOOL ldapgroup_modgrp(DOMAIN_GRP *group)
-{
- LDAPMod **mods;
-
- ldapgroup_grpmods(group, &mods, LDAP_MOD_REPLACE);
- return ldap_makemods("cn", group->name, mods, False);
-}
-
-static BOOL ldapgroup_delgrp(uint32 grp_rid)
-{
- fstring filter;
- char *dn;
- int err;
-
- if (!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(filter)-1,
- "(&(rid=%x)(objectClass=sambaGroup))", grp_rid);
- ldap_search_for(filter);
-
- if (!ldap_entry || !(dn = ldap_get_dn(ldap_struct, ldap_entry)))
- {
- ldap_disconnect();
- return (False);
- }
-
- err = ldap_delete_s(ldap_struct, dn);
- free(dn);
- ldap_disconnect();
-
- if (err != LDAP_SUCCESS)
- {
- DEBUG(0, ("delete: %s\n", ldap_err2string(err)));
- return (False);
- }
-
- return True;
-}
-
-
-/*************************************************************************
- Add users to/remove users from groups.
- *************************************************************************/
-
-static BOOL ldapgroup_addmem(uint32 grp_rid, uint32 user_rid)
-{
- LDAPMod **mods;
- fstring rid_str;
-
- slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
-
- if(!ldapgroup_memmods(user_rid, &mods, LDAP_MOD_ADD))
- return (False);
-
- return ldap_makemods("rid", rid_str, mods, False);
-}
-
-static BOOL ldapgroup_delmem(uint32 grp_rid, uint32 user_rid)
-{
- LDAPMod **mods;
- fstring rid_str;
-
- slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
-
- if(!ldapgroup_memmods(user_rid, &mods, LDAP_MOD_DELETE))
- return (False);
-
- return ldap_makemods("rid", rid_str, mods, False);
-}
-
-
-/*************************************************************************
- Return domain groups that a user is in.
- *************************************************************************/
-
-static BOOL ldapgroup_getusergroups(const char *name, DOMAIN_GRP **groups,
- int *num_grps)
-{
- DOMAIN_GRP *grouplist;
- fstring filter;
- int i;
-
- if(!ldap_connect())
- return (False);
-
- slprintf(filter, sizeof(pstring)-1,
- "(&(member=%s,*)(objectclass=sambaGroup))", name);
- ldap_search_for(filter);
-
- *num_grps = i = ldap_count_entries(ldap_struct, ldap_results);
-
- if(!i) {
- *groups = NULL;
- ldap_disconnect();
- return (True);
- }
-
- *groups = grouplist = malloc(i * sizeof(DOMAIN_GRP));
- do {
- i--;
- } while(ldapgroup_getgrp(&grouplist[i], NULL, NULL) && (i > 0));
-
- ldap_disconnect();
- return (True);
-}
-
-
-static struct groupdb_ops ldapgroup_ops =
-{
- ldapgroup_enumfirst,
- ldapgroup_enumclose,
- ldapgroup_getdbpos,
- ldapgroup_setdbpos,
-
- ldapgroup_getgrpbynam,
- ldapgroup_getgrpbygid,
- ldapgroup_getgrpbyrid,
- ldapgroup_getcurrentgrp,
-
- ldapgroup_addgrp,
- ldapgroup_modgrp,
- ldapgroup_delgrp,
-
- ldapgroup_addmem,
- ldapgroup_delmem,
-
- ldapgroup_getusergroups
-};
-
-struct groupdb_ops *ldap_initialise_group_db(void)
-{
- return &ldapgroup_ops;
-}
-
-#else
- void groupldap_dummy_function(void);
- void groupldap_dummy_function(void) { } /* stop some compilers complaining */
-#endif
-
diff --git a/source3/groupdb/groupunix.c b/source3/groupdb/groupunix.c
deleted file mode 100644
index 306e499858..0000000000
--- a/source3/groupdb/groupunix.c
+++ /dev/null
@@ -1,339 +0,0 @@
-/*
- * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
- * Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
- *
- * This program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
- * more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 675
- * Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "includes.h"
-
-#ifdef USE_SMBUNIX_DB
-
-extern int DEBUGLEVEL;
-
-
-extern DOM_SID global_sam_sid;
-
-/***************************************************************
- Start to enumerate the grppasswd list. Returns a void pointer
- to ensure no modification outside this module.
-****************************************************************/
-
-struct unix_entries
-{
- struct group *grps;
- int num_grps;
- int grp_idx;
-};
-
-static void *startgrpunixpwent(BOOL update)
-{
- struct unix_entries *grps;
- grps = (struct unix_entries*)malloc(sizeof(struct unix_entries));
-
- if (grps == NULL)
- {
- return NULL;
- }
-
- if (!get_unix_grps(&grps->num_grps, &grps->grps))
- {
- free(grps);
- return NULL;
- }
-
- grps->grp_idx = 0;
-
- return (void*)grps;
-}
-
-/***************************************************************
- End enumeration of the grppasswd list.
-****************************************************************/
-
-static void endgrpunixpwent(void *vp)
-{
- struct unix_entries *grps = (struct unix_entries *)vp;
-
- if (grps != NULL)
- {
- free_unix_grps(grps->num_grps, grps->grps);
- free(vp);
- }
-}
-
-/*************************************************************************
- Return the current position in the grppasswd list as an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-static SMB_BIG_UINT getgrpunixpwpos(void *vp)
-{
- return (SMB_BIG_UINT)0;
-}
-
-/*************************************************************************
- Set the current position in the grppasswd list from an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-static BOOL setgrpunixpwpos(void *vp, SMB_BIG_UINT tok)
-{
- return False;
-}
-
-/*************************************************************************
- Routine to return the next entry in the smbdomaingroup list.
- *************************************************************************/
-BOOL get_unixgroup_members(struct group *grp,
- int *num_mem, DOMAIN_GRP_MEMBER **members)
-{
- int i;
- char *unix_name;
-
- if (num_mem == NULL || members == NULL)
- {
- return False;
- }
-
- (*num_mem) = 0;
- (*members) = NULL;
-
- for (i = 0; (unix_name = grp->gr_mem[i]) != NULL; i++)
- {
- DOM_NAME_MAP gmep;
- DOMAIN_GRP_MEMBER *mem;
- uint32 rid;
-
- if (!lookupsmbpwnam (unix_name, &gmep) &&
- !lookupsmbgrpnam(unix_name, &gmep))
- {
- continue;
- }
-
- if (gmep.type != SID_NAME_DOM_GRP &&
- gmep.type != SID_NAME_USER &&
- gmep.type != SID_NAME_WKN_GRP)
- {
- DEBUG(0,("group database: name %s is not in a Domain Group\n",
- unix_name));
- continue;
- }
-
- sid_split_rid(&gmep.sid, &rid);
- if (!sid_equal(&global_sam_sid, &gmep.sid))
- {
- DEBUG(0,("group database: could not resolve name %s (wrong Domain SID)\n",
- unix_name));
- continue;
- }
-
- (*members) = Realloc((*members), ((*num_mem)+1) * sizeof(DOMAIN_GRP_MEMBER));
- if ((*members) == NULL)
- {
- return False;
- }
-
- mem = &(*members)[(*num_mem)];
- (*num_mem)++;
-
- fstrcpy(mem->name, gmep.nt_name);
- mem->attr = 0x07;
- mem->sid_use = gmep.type;
- mem->rid = rid;
- }
- return True;
-}
-
-/*************************************************************************
- Routine to return the next entry in the domain group list.
-
- if we are not a PDC or BDC, then we do NOT support Domain groups, only
- aliases. try running MUSRMGR.EXE or running USRMGR.EXE selected on a
- workstation, you will find that no Domain groups are listed: only aliases.
-
- so, as a PDC or BDC, all unix groups not explicitly mapped using
- map_group_gid() are treated as Domain groups.
-
- *************************************************************************/
-static DOMAIN_GRP *getgrpunixpwent(void *vp, DOMAIN_GRP_MEMBER **mem, int *num_mem)
-{
- /* Static buffers we will return. */
- static DOMAIN_GRP gp_buf;
- struct group unix_grp;
- struct unix_entries *grps = (struct unix_entries *)vp;
-
- if (grps == NULL)
- {
- return NULL;
- }
-
- if (lp_server_role() == ROLE_DOMAIN_NONE ||
- lp_server_role() == ROLE_DOMAIN_MEMBER)
- {
- /*
- * only PDC and BDC have domain groups in the SAM.
- * (however as member of domain you can have LOCAL groups,
- * but that's dealt with in the aliasdb...)
- */
-
- return NULL;
- }
-
- gpdb_init_grp(&gp_buf);
-
- fstrcpy(gp_buf.comment, "");
- gp_buf.attr = 0x07;
-
- /* get array of unix names + gids. this function does NOT
- get a copy of the unix group members
- */
-
- /* cycle through unix groups */
- for (; grps->grp_idx < grps->num_grps; grps->grp_idx++)
- {
- DOM_NAME_MAP gmep;
-
- memcpy(&unix_grp, &grps->grps[grps->grp_idx], sizeof(unix_grp));
-
- DEBUG(10,("getgrpunixpwent: enum unix group entry %s\n",
- unix_grp.gr_name));
-
- if (!lookupsmbgrpgid(unix_grp.gr_gid, &gmep))
- {
- continue;
- }
-
- if (gmep.type != SID_NAME_DOM_GRP &&
- gmep.type != SID_NAME_WKN_GRP)
- {
- continue;
- }
-
- sid_split_rid(&gmep.sid, &gp_buf.rid);
- if (!sid_equal(&gmep.sid, &global_sam_sid))
- {
- continue;
- }
-
- fstrcpy(gp_buf.name, gmep.nt_name);
- break;
- }
-
- if (grps->grp_idx >= grps->num_grps)
- {
- return NULL;
- }
-
- /* get the user's domain groups. there are a maximum of 32 */
-
- if (mem != NULL && num_mem != NULL)
- {
- (*mem) = NULL;
- (*num_mem) = 0;
-
- memcpy(&unix_grp, getgrgid(unix_grp.gr_gid), sizeof(unix_grp));
- get_unixgroup_members(&unix_grp, num_mem, mem);
- }
-
- {
- pstring linebuf;
- make_group_line(linebuf, sizeof(linebuf), &gp_buf, mem, num_mem);
- DEBUG(10,("line: '%s'\n", linebuf));
- }
-
- grps->grp_idx++; /* advance so next enum gets next entry */
- return &gp_buf;
-}
-
-/************************************************************************
- Routine to add an entry to the grppasswd file.
-*************************************************************************/
-
-static BOOL add_grpunixgrp_entry(DOMAIN_GRP *newgrp)
-{
- DEBUG(0, ("add_grpunixgrp_entry: NOT IMPLEMENTED\n"));
- return False;
-}
-
-/************************************************************************
- Routine to search database for entry matching the groupname and/or rid.
- and then modify its group entry.
-************************************************************************/
-
-static BOOL mod_grpunixgrp_entry(DOMAIN_GRP* grp)
-{
- DEBUG(0, ("mod_grpunixgrp_entry: NOT IMPLEMENTED\n"));
- return False;
-}
-
-/************************************************************************
- Routine to search the grppasswd file for an entry matching the rid.
- and then delete it.
-************************************************************************/
-
-static BOOL del_grpunixgrp_entry(uint32 rid)
-{
- DEBUG(0, ("del_grpunixgrp_entry: NOT IMPLEMENTED\n"));
- return False;
-}
-
-/************************************************************************
- Routine to add a member to an entry to the grppasswd file.
-*************************************************************************/
-static BOOL add_grpunixgrp_member(uint32 rid, uint32 member_rid)
-{
- DEBUG(0, ("add_grpunixgrp_member: NOT IMPLEMENTED\n"));
- return False;
-}
-
-/************************************************************************
- Routine to delete a member from an entry to the grppasswd file.
-*************************************************************************/
-static BOOL del_grpunixgrp_member(uint32 rid, uint32 member_rid)
-{
- DEBUG(0, ("del_grpunixgrp_member: NOT IMPLEMENTED\n"));
- return False;
-}
-
-static struct groupdb_ops unix_ops =
-{
- startgrpunixpwent,
- endgrpunixpwent,
- getgrpunixpwpos,
- setgrpunixpwpos,
-
- iterate_getgroupntnam, /* In groupdb.c */
- iterate_getgroupgid, /* In groupdb.c */
- iterate_getgrouprid, /* In groupdb.c */
- getgrpunixpwent,
-
- add_grpunixgrp_entry,
- mod_grpunixgrp_entry,
- del_grpunixgrp_entry,
-
- add_grpunixgrp_member,
- del_grpunixgrp_member,
-
- iterate_getusergroupsnam /* in groupdb.c */
-};
-
-struct groupdb_ops *unix_initialise_group_db(void)
-{
- return &unix_ops;
-}
-
-#else
- /* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
- void unix_grppass_dummy_function(void) { } /* stop some compilers complaining */
-#endif /* USE_SMBPASS_DB */