diff options
Diffstat (limited to 'source3/include')
| -rw-r--r-- | source3/include/genparser_samba.h | 5 | ||||
| -rw-r--r-- | source3/include/gums.h | 172 | ||||
| -rw-r--r-- | source3/include/includes.h | 4 | ||||
| -rw-r--r-- | source3/include/passdb.h | 77 | ||||
| -rw-r--r-- | source3/include/tdbsam2.h | 107 |
5 files changed, 256 insertions, 109 deletions
diff --git a/source3/include/genparser_samba.h b/source3/include/genparser_samba.h index 172ff2362c..213d51da87 100644 --- a/source3/include/genparser_samba.h +++ b/source3/include/genparser_samba.h @@ -55,4 +55,9 @@ const struct parse_struct pinfo_luid_attr_info[] = { {"luid", 1, sizeof(LUID), offsetof(struct LUID_ATTR, luid), 0, NULL, 0, gen_dump_LUID, gen_parse_LUID}, {NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; +const struct parse_struct pinfo_data_blob_info[] = { +{"length", 0, sizeof(int), offsetof(DATA_BLOB, length), 0, NULL, 0, gen_dump_int, gen_parse_int}, +{"data", 1, sizeof(char), offsetof(DATA_BLOB, data), 0, "length", 0, gen_dump_char, gen_parse_char}, +{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; + #endif /* _GENPARSER_SAMBA_H */ diff --git a/source3/include/gums.h b/source3/include/gums.h index 789acc269f..9ce2ec4e56 100644 --- a/source3/include/gums.h +++ b/source3/include/gums.h @@ -24,14 +24,60 @@ #define GUMS_VERSION_MAJOR 0 #define GUMS_VERSION_MINOR 1 #define GUMS_OBJECT_VERSION 1 +#define GUMS_INTERFACE_VERSION 1 -#define GUMS_OBJ_DOMAIN 1 -#define GUMS_OBJ_NORMAL_USER 2 -#define GUMS_OBJ_GROUP 3 -#define GUMS_OBJ_ALIAS 4 -#define GUMS_OBJ_WORKSTATION_TRUST 5 -#define GUMS_OBJ_SERVER_TRUST 6 -#define GUMS_OBJ_DOMAIN_TRUST 7 +#define GUMS_OBJ_DOMAIN 0x10 +#define GUMS_OBJ_NORMAL_USER 0x20 +#define GUMS_OBJ_GROUP 0x30 +#define GUMS_OBJ_ALIAS 0x31 +#define GUMS_OBJ_PRIVILEGE 0x40 + +/* define value types */ +#define GUMS_SET_PRIMARY_GROUP 0x1 +#define GUMS_SET_SEC_DESC 0x2 + +#define GUMS_SET_NAME 0x10 +#define GUMS_SET_DESCRIPTION 0x11 +#define GUMS_SET_FULL_NAME 0x12 + +/* user specific type values */ +#define GUMS_SET_LOGON_TIME 0x20 +#define GUMS_SET_LOGOFF_TIME 0x21 +#define GUMS_SET_KICKOFF_TIME 0x23 +#define GUMS_SET_PASS_LAST_SET_TIME 0x24 +#define GUMS_SET_PASS_CAN_CHANGE_TIME 0x25 +#define GUMS_SET_PASS_MUST_CHANGE_TIME 0x26 + + +#define GUMS_SET_HOME_DIRECTORY 0x31 +#define GUMS_SET_DRIVE 0x32 +#define GUMS_SET_LOGON_SCRIPT 0x33 +#define GUMS_SET_PROFILE_PATH 0x34 +#define GUMS_SET_WORKSTATIONS 0x35 +#define GUMS_SET_UNKNOWN_STRING 0x36 +#define GUMS_SET_MUNGED_DIAL 0x37 + +#define GUMS_SET_LM_PASSWORD 0x40 +#define GUMS_SET_NT_PASSWORD 0x41 +#define GUMS_SET_PLAINTEXT_PASSWORD 0x42 +#define GUMS_SET_UNKNOWN_3 0x43 +#define GUMS_SET_LOGON_DIVS 0x44 +#define GUMS_SET_HOURS_LEN 0x45 +#define GUMS_SET_HOURS 0x46 +#define GUMS_SET_BAD_PASSWORD_COUNT 0x47 +#define GUMS_SET_LOGON_COUNT 0x48 +#define GUMS_SET_UNKNOWN_6 0x49 + +#define GUMS_SET_MUST_CHANGE_PASS 0x50 +#define GUMS_SET_CANNOT_CHANGE_PASS 0x51 +#define GUMS_SET_PASS_NEVER_EXPIRE 0x52 +#define GUMS_SET_ACCOUNT_DISABLED 0x53 +#define GUMS_SET_ACCOUNT_LOCKOUT 0x54 + +/*group specific type values */ +#define GUMS_ADD_SID_LIST 0x60 +#define GUMS_DEL_SID_LIST 0x61 +#define GUMS_SET_SID_LIST 0x62 typedef struct gums_user { @@ -52,17 +98,18 @@ typedef struct gums_user char *workstations; /* login from workstations string */ char *unknown_str; /* don't know what this is, yet. */ char *munged_dial; /* munged path name and dial-back tel number */ - + DATA_BLOB lm_pw; /* .data is Null if no password */ DATA_BLOB nt_pw; /* .data is Null if no password */ - - uint32 unknown_3; /* 0x00ff ffff */ - + + uint16 acct_ctrl; /* account type & status flags */ uint16 logon_divs; /* 168 - number of hours in a week */ uint32 hours_len; /* normally 21 bytes */ uint8 *hours; - - uint32 unknown_5; /* 0x0002 0000 */ + + uint16 bad_password_count; /* 0 */ + uint16 logon_count; /* 0 */ + uint32 unknown_3; /* 0x00ff ffff */ uint32 unknown_6; /* 0x0000 04ec */ } GUMS_USER; @@ -70,7 +117,7 @@ typedef struct gums_user typedef struct gums_group { uint32 count; /* Number of SIDs */ - DOM_SID **members; /* SID array */ + DOM_SID *members; /* SID array */ } GUMS_GROUP; @@ -80,10 +127,20 @@ typedef struct gums_domain } GUMS_DOMAIN; +typedef struct gums_privilege +{ + LUID_ATTR *privilege; /* Privilege Type */ + + uint32 count; + DOM_SID *members; + +} GUMS_PRIVILEGE; + union gums_obj_p { GUMS_USER *user; GUMS_GROUP *group; GUMS_DOMAIN *domain; + GUMS_PRIVILEGE *priv; }; typedef struct gums_object @@ -118,47 +175,47 @@ typedef struct gums_commit_set uint32 type; /* Object type */ DOM_SID sid; /* Object Sid */ uint32 count; /* number of changes */ - GUMS_DATA_SET **data; + GUMS_DATA_SET *data; } GUMS_COMMIT_SET; -typedef struct gums_privilege +typedef struct gums_priv_commit_set { TALLOC_CTX *mem_ctx; - uint32 type; /* Object Type */ - uint32 version; /* Object Version */ - uint32 seq_num; /* Object Sequence Number */ - - LUID_ATTR *privilege; /* Privilege Type */ - char *name; /* Object Name */ - char *description; /* Object Description */ + uint32 type; /* Object type */ + char *name; /* Object Sid */ + uint32 count; /* number of changes */ + GUMS_DATA_SET *data; - uint32 count; - DOM_SID **members; - -} GUMS_PRIVILEGE; +} GUMS_PRIV_COMMIT_SET; typedef struct gums_functions { + /* module data */ + TALLOC_CTX *mem_ctx; + char *name; + void *private_data; + void (*free_private_data)(void **); + /* Generic object functions */ - NTSTATUS (*get_domain_sid) (DOM_SID **sid, const char* name); + NTSTATUS (*get_domain_sid) (DOM_SID *sid, const char* name); NTSTATUS (*set_domain_sid) (const DOM_SID *sid); NTSTATUS (*get_sequence_number) (void); - NTSTATUS (*new_object) (DOM_SID **sid, const char *name, const int obj_type); + NTSTATUS (*new_object) (DOM_SID *sid, const char *name, const int obj_type); NTSTATUS (*delete_object) (const DOM_SID *sid); NTSTATUS (*get_object_from_sid) (GUMS_OBJECT **object, const DOM_SID *sid, const int obj_type); - NTSTATUS (*get_object_from_name) (GUMS_OBJECT **object, const char *name, const int onj_type); + NTSTATUS (*get_object_from_name) (GUMS_OBJECT **object, const char *name, const int obj_type); /* This function is used to get the list of all objects changed since b_time, it is used to support PDC<->BDC synchronization */ NTSTATUS (*get_updated_objects) (GUMS_OBJECT **objects, const NTTIME base_time); - NTSTATUS (*enumerate_objects_start) (void *handle, const DOM_SID *sid, const int obj_type); + NTSTATUS (*enumerate_objects_start) (void **handle, const DOM_SID *sid, const int obj_type); NTSTATUS (*enumerate_objects_get_next) (GUMS_OBJECT **object, void *handle); NTSTATUS (*enumerate_objects_stop) (void *handle); @@ -167,7 +224,7 @@ typedef struct gums_functions NTSTATUS (*set_object) (const GUMS_OBJECT *object); /* set object values function */ - NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET **data_set); + NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET *data_set); /* Group related functions */ NTSTATUS (*add_members_to_group) (const DOM_SID *group, const DOM_SID **members); @@ -191,50 +248,15 @@ typedef struct gums_functions } GUMS_FUNCTIONS; -/* define value types */ -#define GUMS_SET_PRIMARY_GROUP 0x1 -#define GUMS_SET_SEC_DESC 0x2 - -#define GUMS_SET_NAME 0x10 -#define GUMS_SET_DESCRIPTION 0x11 -#define GUMS_SET_FULL_NAME 0x12 +typedef NTSTATUS (*gums_init_function)( + struct gums_functions *, + const char *); -/* user specific type values */ -#define GUMS_SET_LOGON_TIME 0x20 -#define GUMS_SET_LOGOFF_TIME 0x21 -#define GUMS_SET_KICKOFF_TIME 0x23 -#define GUMS_SET_PASS_LAST_SET_TIME 0x24 -#define GUMS_SET_PASS_CAN_CHANGE_TIME 0x25 -#define GUMS_SET_PASS_MUST_CHANGE_TIME 0x26 +struct gums_init_function_entry { - -#define GUMS_SET_HOME_DIRECTORY 0x31 -#define GUMS_SET_DRIVE 0x32 -#define GUMS_SET_LOGON_SCRIPT 0x33 -#define GUMS_SET_PROFILE_PATH 0x34 -#define GUMS_SET_WORKSTATIONS 0x35 -#define GUMS_SET_UNKNOWN_STRING 0x36 -#define GUMS_SET_MUNGED_DIAL 0x37 - -#define GUMS_SET_LM_PASSWORD 0x40 -#define GUMS_SET_NT_PASSWORD 0x41 -#define GUMS_SET_PLAINTEXT_PASSWORD 0x42 -#define GUMS_SET_UNKNOWN_3 0x43 -#define GUMS_SET_LOGON_DIVS 0x44 -#define GUMS_SET_HOURS_LEN 0x45 -#define GUMS_SET_HOURS 0x46 -#define GUMS_SET_UNKNOWN_5 0x47 -#define GUMS_SET_UNKNOWN_6 0x48 - -#define GUMS_SET_MUST_CHANGE_PASS 0x50 -#define GUMS_SET_CANNOT_CHANGE_PASS 0x51 -#define GUMS_SET_PASS_NEVER_EXPIRE 0x52 -#define GUMS_SET_ACCOUNT_DISABLED 0x53 -#define GUMS_SET_ACCOUNT_LOCKOUT 0x54 - -/*group specific type values */ -#define GUMS_ADD_SID_LIST 0x60 -#define GUMS_DEL_SID_LIST 0x61 -#define GUMS_SET_SID_LIST 0x62 + const char *name; + gums_init_function init_fn; + struct gums_init_function_entry *prev, *next; +}; #endif /* _GUMS_H */ diff --git a/source3/include/includes.h b/source3/include/includes.h index 29bb53980f..452b489547 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -806,6 +806,10 @@ extern int errno; #include "rpc_secdes.h" +#include "genparser.h" + +#include "gums.h" + #include "nt_printing.h" #include "msdfs.h" diff --git a/source3/include/passdb.h b/source3/include/passdb.h index a4b2bcff3f..cd9c57a991 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -177,6 +177,15 @@ typedef struct sam_group { } SAM_GROUP; +typedef struct _GROUP_INFO { + struct pdb_methods *methods; + DOM_SID sid; + enum SID_NAME_USE sid_name_use; + fstring nt_name; + fstring comment; +} GROUP_INFO; + + /***************************************************************** Functions to be implemented by the new (v2) passdb API ****************************************************************/ @@ -192,26 +201,28 @@ typedef struct pdb_context { struct pdb_methods *pdb_methods; struct pdb_methods *pwent_methods; - + /* These functions are wrappers for the functions listed above. They may do extra things like re-reading a SAM_ACCOUNT on update */ NTSTATUS (*pdb_setsampwent)(struct pdb_context *, BOOL update); - + void (*pdb_endsampwent)(struct pdb_context *); - + NTSTATUS (*pdb_getsampwent)(struct pdb_context *, SAM_ACCOUNT *user); - + NTSTATUS (*pdb_getsampwnam)(struct pdb_context *, SAM_ACCOUNT *sam_acct, const char *username); - + NTSTATUS (*pdb_getsampwsid)(struct pdb_context *, SAM_ACCOUNT *sam_acct, const DOM_SID *sid); NTSTATUS (*pdb_add_sam_account)(struct pdb_context *, SAM_ACCOUNT *sampass); - + NTSTATUS (*pdb_update_sam_account)(struct pdb_context *, SAM_ACCOUNT *sampass); - + NTSTATUS (*pdb_delete_sam_account)(struct pdb_context *, SAM_ACCOUNT *username); + /* group mapping functions: to be removed */ + NTSTATUS (*pdb_getgrsid)(struct pdb_context *context, GROUP_MAP *map, DOM_SID sid); NTSTATUS (*pdb_getgrgid)(struct pdb_context *context, GROUP_MAP *map, gid_t gid); @@ -232,6 +243,30 @@ typedef struct pdb_context GROUP_MAP **rmap, int *num_entries, BOOL unix_only); + /* group functions */ + + NTSTATUS (*pdb_get_group_info_by_sid)(struct pdb_context *context, GROUP_INFO *info, const DOM_SID *group); + + NTSTATUS (*pdb_get_group_list)(struct pdb_context *context, GROUP_INFO **info, const enum SID_NAME_USE sid_name_use, int *num_groups); + + NTSTATUS (*pdb_get_group_sids)(struct pdb_context *context, const DOM_SID *group, DOM_SID **members, int *num_members); + + NTSTATUS (*pdb_add_group)(struct pdb_context *context, const SAM_GROUP *group); + + NTSTATUS (*pdb_update_group)(struct pdb_context *context, const SAM_GROUP *group); + + NTSTATUS (*pdb_delete_group)(struct pdb_context *context, const DOM_SID *group); + + NTSTATUS (*pdb_add_sid_to_group)(struct pdb_context *context, const DOM_SID *group, const DOM_SID *member); + + NTSTATUS (*pdb_remove_sid_from_group)(struct pdb_context *context, const DOM_SID *group, const DOM_SID *member); + + NTSTATUS (*pdb_get_group_info_by_name)(struct pdb_context *context, GROUP_INFO *info, const char *name); + + NTSTATUS (*pdb_get_group_info_by_nt_name)(struct pdb_context *context, GROUP_INFO *info, const char *nt_name); + + NTSTATUS (*pdb_get_group_uids)(struct pdb_context *context, const DOM_SID *group, uid_t **members, int *num_members); + void (*free_fn)(struct pdb_context **); TALLOC_CTX *mem_ctx; @@ -262,7 +297,9 @@ typedef struct pdb_methods NTSTATUS (*update_sam_account)(struct pdb_methods *, SAM_ACCOUNT *sampass); NTSTATUS (*delete_sam_account)(struct pdb_methods *, SAM_ACCOUNT *username); - + + /* group mapping functions: to be removed */ + NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map, DOM_SID sid); NTSTATUS (*getgrgid)(struct pdb_methods *methods, GROUP_MAP *map, gid_t gid); @@ -283,6 +320,30 @@ typedef struct pdb_methods GROUP_MAP **rmap, int *num_entries, BOOL unix_only); + /* group functions */ + + NTSTATUS (*get_group_info_by_sid)(struct pdb_methods *methods, GROUP_INFO *info, const DOM_SID *group); + + NTSTATUS (*get_group_list)(struct pdb_methods *methods, GROUP_INFO **info, const enum SID_NAME_USE sid_name_use, int *num_groups); + + NTSTATUS (*get_group_sids)(struct pdb_methods *methods, const DOM_SID *group, DOM_SID **members, int *num_members); + + NTSTATUS (*add_group)(struct pdb_methods *methods, const SAM_GROUP *group); + + NTSTATUS (*update_group)(struct pdb_methods *methods, const SAM_GROUP *group); + + NTSTATUS (*delete_group)(struct pdb_methods *methods, const DOM_SID *group); + + NTSTATUS (*add_sid_to_group)(struct pdb_methods *methods, const DOM_SID *group, const DOM_SID *member); + + NTSTATUS (*remove_sid_from_group)(struct pdb_methods *methods, const DOM_SID *group, const DOM_SID *member); + + NTSTATUS (*get_group_info_by_name)(struct pdb_methods *methods, GROUP_INFO *info, const char *name); + + NTSTATUS (*get_group_info_by_nt_name)(struct pdb_methods *methods, GROUP_INFO *info, const char *nt_name); + + NTSTATUS (*get_group_uids)(struct pdb_methods *methods, const DOM_SID *group, uid_t **members, int *num_members); + void *private_data; /* Private data of some kind */ void (*free_private_data)(void **); diff --git a/source3/include/tdbsam2.h b/source3/include/tdbsam2.h index 047b4e7c90..b99e16586b 100644 --- a/source3/include/tdbsam2.h +++ b/source3/include/tdbsam2.h @@ -20,33 +20,46 @@ /* ALL strings assumes UTF8 as encoding */ -GENSTRUCT struct tdbsam2_domain_data { - uint32 xcounter; /* counter to be updated at any change */ +#ifndef TDBSAM2_H +#define TDBSAM2_H - SEC_DESC *sec_desc; /* Security Descriptor */ - DOM_SID *dom_sid; /* The Domain SID */ - char *name; _NULLTERM /* NT Domain Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ +/* IMPORTANT: these structures must follow closely the GUMS_OBJECTs + * structures as they will be casted over !! + * the GUMS_OBJECT union is unrolled here into four tdbsam2 + * objects cause genstruct is not able to follow arbitrary unions */ +GENSTRUCT struct domain_sub_structure +{ uint32 next_rid; /* The Next free RID */ }; -GENSTRUCT struct tdbsam2_user_data { +GENSTRUCT struct tdbsam2_domain_data +{ + TALLOC_CTX *mem_ctx; + + uint32 type; + uint32 version; uint32 xcounter; /* counter to be updated at any change */ SEC_DESC *sec_desc; /* Security Descriptor */ - DOM_SID *user_sid; /* The User SID */ - char *name; _NULLTERM /* NT User Name */ + + DOM_SID *dom_sid; /* The Domain SID */ + char *name; _NULLTERM /* NT Domain Name */ char *description; _NULLTERM /* Descritpion (Gecos) */ + struct domain_sub_structure *dss; +}; + +GENSTRUCT struct user_sub_structure +{ DOM_SID *group_sid; /* The Primary Group SID */ - NTTIME *logon_time; - NTTIME *logoff_time; - NTTIME *kickoff_time; - NTTIME *pass_last_set_time; - NTTIME *pass_can_change_time; - NTTIME *pass_must_change_time; + NTTIME logon_time; + NTTIME logoff_time; + NTTIME kickoff_time; + NTTIME pass_last_set_time; + NTTIME pass_can_change_time; + NTTIME pass_must_change_time; char *full_name; _NULLTERM /* The Full Name */ char *home_dir; _NULLTERM /* Home Directory */ @@ -57,39 +70,81 @@ GENSTRUCT struct tdbsam2_user_data { char *unknown_str; _NULLTERM /* Guess ... Unknown */ char *munged_dial; _NULLTERM /* Callback Number */ - /* passwords are 16 byte leght, pointer is null if no password */ - uint8 *lm_pw_ptr; _LEN(16) /* Lanman hashed password */ - uint8 *nt_pw_ptr; _LEN(16) /* NT hashed password */ + DATA_BLOB lm_pw; /* .data is Null if no password */ + DATA_BLOB nt_pw; /* .data is Null if no password */ + uint16 acct_ctrl; /* account flags */ uint16 logon_divs; /* 168 - num of hours in a week */ uint32 hours_len; /* normally 21 */ uint8 *hours; _LEN(hours_len) /* normally 21 bytes (depends on hours_len) */ + uint16 bad_password_count; /* 0 */ + uint16 logon_count; /* 0 */ uint32 unknown_3; /* 0x00ff ffff */ - uint32 unknown_5; /* 0x0002 0000 */ uint32 unknown_6; /* 0x0000 04ec */ }; -GENSTRUCT struct tdbsam2_group_data { +GENSTRUCT struct tdbsam2_user_data +{ + TALLOC_CTX *mem_ctx; + + uint32 type; + uint32 version; uint32 xcounter; /* counter to be updated at any change */ SEC_DESC *sec_desc; /* Security Descriptor */ + + DOM_SID *user_sid; /* The User SID */ + char *name; _NULLTERM /* NT User Name */ + char *description; _NULLTERM /* Descritpion (Gecos) */ + + struct user_sub_structure *uss; +}; + +GENSTRUCT struct group_sub_structure +{ + uint32 count; /* number of sids */ + DOM_SID *members; _LEN(count) /* SID array */ +}; + +GENSTRUCT struct tdbsam2_group_data +{ + TALLOC_CTX *mem_ctx; + + uint32 type; + uint32 version; + uint32 xcounter; /* counter to be updated at any change */ + + SEC_DESC *sec_desc; /* Security Descriptor */ + DOM_SID *group_sid; /* The Group SID */ char *name; _NULLTERM /* NT Group Name */ char *description; _NULLTERM /* Descritpion (Gecos) */ + struct group_sub_structure *gss; +}; + +GENSTRUCT struct priv_sub_structure +{ + LUID_ATTR *privilege; /* Privilege */ + uint32 count; /* number of sids */ - DOM_SID **members; _LEN(count) /* SID array */ + DOM_SID *members; _LEN(count) /* SID array */ }; -GENSTRUCT struct tdbsam2_privilege_data { +GENSTRUCT struct tdbsam2_priv_data +{ + TALLOC_CTX *mem_ctx; + + uint32 type; + uint32 version; uint32 xcounter; /* counter to be updated at any change */ - LUID_ATTR *privilege; /* Privilege */ - char *name; _NULLTERM /* NT User Name */ + DOM_SID *null_sid; + char *name; _NULLTERM /* Privilege Name */ char *description; _NULLTERM /* Descritpion (Gecos) */ - uint32 count; /* number of sids */ - DOM_SID **members; _LEN(count) /* SID array */ + struct priv_sub_structure *pss; }; +#endif /* TDBSAM2_H */ |