diff options
Diffstat (limited to 'source3/lib')
| -rw-r--r-- | source3/lib/domain_namemap.c | 1315 | ||||
| -rw-r--r-- | source3/lib/hmacmd5.c | 120 | ||||
| -rw-r--r-- | source3/lib/md5.c | 315 | ||||
| -rw-r--r-- | source3/lib/membuffer.c | 367 | ||||
| -rw-r--r-- | source3/lib/msrpc-agent.c | 251 | ||||
| -rw-r--r-- | source3/lib/msrpc-client.c | 384 | ||||
| -rw-r--r-- | source3/lib/msrpc_use.c | 321 | ||||
| -rw-r--r-- | source3/lib/netmask.c | 358 | ||||
| -rw-r--r-- | source3/lib/passcheck.c | 289 | ||||
| -rw-r--r-- | source3/lib/sids.c | 523 | ||||
| -rw-r--r-- | source3/lib/streams.c | 140 | ||||
| -rw-r--r-- | source3/lib/unix_sec_ctxt.c | 303 | ||||
| -rw-r--r-- | source3/lib/util_array.c | 350 | ||||
| -rw-r--r-- | source3/lib/util_hnd.c | 472 | ||||
| -rw-r--r-- | source3/lib/util_pwdb.c | 435 | ||||
| -rw-r--r-- | source3/lib/util_status.c | 160 | ||||
| -rw-r--r-- | source3/lib/vagent.c | 242 | ||||
| -rw-r--r-- | source3/lib/vuser.c | 195 |
18 files changed, 0 insertions, 6540 deletions
diff --git a/source3/lib/domain_namemap.c b/source3/lib/domain_namemap.c deleted file mode 100644 index 9c94783239..0000000000 --- a/source3/lib/domain_namemap.c +++ /dev/null @@ -1,1315 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Groupname handling - Copyright (C) Jeremy Allison 1998. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/* - * UNIX gid and Local or Domain SID resolution. This module resolves - * only those entries in the map files, it is *NOT* responsible for - * resolving UNIX groups not listed: that is an entirely different - * matter, altogether... - */ - -/* - * - * - - format of the file is: - - unixname NT Group name - unixname Domain Admins (well-known Domain Group) - unixname DOMAIN_NAME\NT Group name - unixname OTHER_DOMAIN_NAME\NT Group name - unixname DOMAIN_NAME\Domain Admins (well-known Domain Group) - .... - - if the DOMAIN_NAME\ component is left off, then your own domain is assumed. - - * - * - */ - - -#include "includes.h" -extern int DEBUGLEVEL; - -extern fstring global_myworkgroup; -extern DOM_SID global_member_sid; -extern fstring global_sam_name; -extern DOM_SID global_sam_sid; -extern DOM_SID global_sid_S_1_5_20; - -/******************************************************************* - converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uid_t pwdb_user_rid_to_uid(uint32 user_rid) -{ - return ((user_rid & (~RID_TYPE_USER))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_group_rid_to_gid(uint32 group_rid) -{ - return ((group_rid & (~RID_TYPE_GROUP))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Alias RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_alias_rid_to_gid(uint32 alias_rid) -{ - return ((alias_rid & (~RID_TYPE_ALIAS))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_gid_to_group_rid(uint32 gid) -{ - uint32 grp_rid = ((((gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_GROUP); - return grp_rid; -} - -/****************************************************************** - converts UNIX gid to an NT Alias RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_gid_to_alias_rid(uint32 gid) -{ - uint32 alias_rid = ((((gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_ALIAS); - return alias_rid; -} - -/******************************************************************* - converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_uid_to_user_rid(uint32 uid) -{ - uint32 user_rid = ((((uid)*RID_MULTIPLIER) + 1000) | RID_TYPE_USER); - return user_rid; -} - -/****************************************************************** - converts SID + SID_NAME_USE type to a UNIX id. the Domain SID is, - and can only be, our own SID. - ********************************************************************/ -static BOOL pwdb_sam_sid_to_unixid(DOM_SID *sid, uint8 type, uint32 *id) -{ - DOM_SID tmp_sid; - uint32 rid; - - sid_copy(&tmp_sid, sid); - sid_split_rid(&tmp_sid, &rid); - if (!sid_equal(&global_sam_sid, &tmp_sid)) - { - return False; - } - - switch (type) - { - case SID_NAME_USER: - { - *id = pwdb_user_rid_to_uid(rid); - return True; - } - case SID_NAME_ALIAS: - { - *id = pwdb_alias_rid_to_gid(rid); - return True; - } - case SID_NAME_DOM_GRP: - case SID_NAME_WKN_GRP: - { - *id = pwdb_group_rid_to_gid(rid); - return True; - } - } - return False; -} - -/****************************************************************** - converts UNIX gid + SID_NAME_USE type to a SID. the Domain SID is, - and can only be, our own SID. - ********************************************************************/ -static BOOL pwdb_unixid_to_sam_sid(uint32 id, uint8 type, DOM_SID *sid) -{ - sid_copy(sid, &global_sam_sid); - switch (type) - { - case SID_NAME_USER: - { - sid_append_rid(sid, pwdb_uid_to_user_rid(id)); - return True; - } - case SID_NAME_ALIAS: - { - sid_append_rid(sid, pwdb_gid_to_alias_rid(id)); - return True; - } - case SID_NAME_DOM_GRP: - case SID_NAME_WKN_GRP: - { - sid_append_rid(sid, pwdb_gid_to_group_rid(id)); - return True; - } - } - return False; -} - -/******************************************************************* - Decides if a RID is a well known RID. - ********************************************************************/ -static BOOL pwdb_rid_is_well_known(uint32 rid) -{ - return (rid < 1000); -} - -/******************************************************************* - determines a rid's type. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_rid_type(uint32 rid) -{ - /* lkcl i understand that NT attaches an enumeration to a RID - * such that it can be identified as either a user, group etc - * type: SID_ENUM_TYPE. - */ - if (pwdb_rid_is_well_known(rid)) - { - /* - * The only well known user RIDs are DOMAIN_USER_RID_ADMIN - * and DOMAIN_USER_RID_GUEST. - */ - if (rid == DOMAIN_USER_RID_ADMIN || rid == DOMAIN_USER_RID_GUEST) - { - return RID_TYPE_USER; - } - if (DOMAIN_GROUP_RID_ADMINS <= rid && rid <= DOMAIN_GROUP_RID_GUESTS) - { - return RID_TYPE_GROUP; - } - if (BUILTIN_ALIAS_RID_ADMINS <= rid && rid <= BUILTIN_ALIAS_RID_REPLICATOR) - { - return RID_TYPE_ALIAS; - } - } - return (rid & RID_TYPE_MASK); -} - -/******************************************************************* - checks whether rid is a user rid. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -BOOL pwdb_rid_is_user(uint32 rid) -{ - return pwdb_rid_type(rid) == RID_TYPE_USER; -} - -/************************************************************************** - Groupname map functionality. The code loads a groupname map file and - (currently) loads it into a linked list. This is slow and memory - hungry, but can be changed into a more efficient storage format - if the demands on it become excessive. -***************************************************************************/ - -typedef struct name_map -{ - ubi_slNode next; - DOM_NAME_MAP grp; - -} name_map_entry; - -static ubi_slList groupname_map_list; -static ubi_slList aliasname_map_list; -static ubi_slList ntusrname_map_list; - -static void delete_name_entry(name_map_entry *gmep) -{ - if (gmep->grp.nt_name) - { - free(gmep->grp.nt_name); - } - if (gmep->grp.nt_domain) - { - free(gmep->grp.nt_domain); - } - if (gmep->grp.unix_name) - { - free(gmep->grp.unix_name); - } - free((char*)gmep); -} - -/************************************************************************** - Delete all the entries in the name map list. -***************************************************************************/ - -static void delete_map_list(ubi_slList *map_list) -{ - name_map_entry *gmep; - - while ((gmep = (name_map_entry *)ubi_slRemHead(map_list )) != NULL) - { - delete_name_entry(gmep); - } -} - - -/************************************************************************** - makes a group sid out of a domain sid and a _unix_ gid. -***************************************************************************/ -static BOOL make_mydomain_sid(DOM_NAME_MAP *grp, DOM_MAP_TYPE type) -{ - int ret = False; - fstring sid_str; - - if (!map_domain_name_to_sid(&grp->sid, &(grp->nt_domain))) - { - DEBUG(0,("make_mydomain_sid: unknown domain %s\n", - grp->nt_domain)); - return False; - } - - if (sid_equal(&grp->sid, &global_sid_S_1_5_20)) - { - /* - * only builtin aliases are recognised in S-1-5-20 - */ - DEBUG(10,("make_mydomain_sid: group %s in builtin domain\n", - grp->nt_name)); - - if (lookup_builtin_alias_name(grp->nt_name, "BUILTIN", &grp->sid, &grp->type) != 0x0) - { - DEBUG(0,("unix group %s mapped to an unrecognised BUILTIN domain name %s\n", - grp->unix_name, grp->nt_name)); - return False; - } - ret = True; - } - else if (lookup_wk_user_name(grp->nt_name, grp->nt_domain, &grp->sid, &grp->type) == 0x0) - { - if (type != DOM_MAP_USER) - { - DEBUG(0,("well-known NT user %s\\%s listed in wrong map file\n", - grp->nt_domain, grp->nt_name)); - return False; - } - ret = True; - } - else if (lookup_wk_group_name(grp->nt_name, grp->nt_domain, &grp->sid, &grp->type) == 0x0) - { - if (type != DOM_MAP_DOMAIN) - { - DEBUG(0,("well-known NT group %s\\%s listed in wrong map file\n", - grp->nt_domain, grp->nt_name)); - return False; - } - ret = True; - } - else - { - switch (type) - { - case DOM_MAP_USER: - { - grp->type = SID_NAME_USER; - break; - } - case DOM_MAP_DOMAIN: - { - grp->type = SID_NAME_DOM_GRP; - break; - } - case DOM_MAP_LOCAL: - { - grp->type = SID_NAME_ALIAS; - break; - } - } - - ret = pwdb_unixid_to_sam_sid(grp->unix_id, grp->type, &grp->sid); - } - - sid_to_string(sid_str, &grp->sid); - DEBUG(10,("nt name %s\\%s gid %d mapped to %s\n", - grp->nt_domain, grp->nt_name, grp->unix_id, sid_str)); - return ret; -} - -/************************************************************************** - makes a group sid out of an nt domain, nt group name or a unix group name. -***************************************************************************/ -static BOOL unix_name_to_nt_name_info(DOM_NAME_MAP *map, DOM_MAP_TYPE type) -{ - /* - * Attempt to get the unix gid_t for this name. - */ - - DEBUG(5,("unix_name_to_nt_name_info: unix_name:%s\n", map->unix_name)); - - if (type == DOM_MAP_USER) - { - const struct passwd *pwptr = Get_Pwnam(map->unix_name, False); - if (pwptr == NULL) - { - DEBUG(0,("unix_name_to_nt_name_info: Get_Pwnam for user %s\ -failed. Error was %s.\n", map->unix_name, strerror(errno) )); - return False; - } - - map->unix_id = (uint32)pwptr->pw_uid; - } - else - { - struct group *gptr = getgrnam(map->unix_name); - if (gptr == NULL) - { - DEBUG(0,("unix_name_to_nt_name_info: getgrnam for group %s\ -failed. Error was %s.\n", map->unix_name, strerror(errno) )); - return False; - } - - map->unix_id = (uint32)gptr->gr_gid; - } - - DEBUG(5,("unix_name_to_nt_name_info: unix gid:%d\n", map->unix_id)); - - /* - * Now map the name to an NT SID+RID. - */ - - if (map->nt_domain != NULL && !strequal(map->nt_domain, global_sam_name)) - { - /* Must add client-call lookup code here, to - * resolve remote domain's sid and the group's rid, - * in that domain. - * - * NOTE: it is _incorrect_ to put code here that assumes - * we are responsible for lookups for foriegn domains' RIDs. - * - * for foriegn domains for which we are *NOT* the PDC, all - * we can be responsible for is the unix gid_t to which - * the foriegn SID+rid maps to, on this _local_ machine. - * we *CANNOT* make any short-cuts or assumptions about - * RIDs in a foriegn domain. - */ - - if (!map_domain_name_to_sid(&map->sid, &(map->nt_domain))) - { - DEBUG(0,("unix_name_to_nt_name_info: no known sid for %s\n", - map->nt_domain)); - return False; - } - } - - return make_mydomain_sid(map, type); -} - -static BOOL make_name_entry(name_map_entry **new_ep, - char *nt_domain, char *nt_group, char *unix_group, - DOM_MAP_TYPE type) -{ - /* - * Create the list entry and add it onto the list. - */ - - DEBUG(5,("make_name_entry:%s,%s,%s\n", nt_domain, nt_group, unix_group)); - - (*new_ep) = (name_map_entry *)malloc(sizeof(name_map_entry)); - if ((*new_ep) == NULL) - { - DEBUG(0,("make_name_entry: malloc fail for name_map_entry.\n")); - return False; - } - - ZERO_STRUCTP(*new_ep); - - (*new_ep)->grp.nt_name = strdup(nt_group ); - (*new_ep)->grp.nt_domain = strdup(nt_domain ); - (*new_ep)->grp.unix_name = strdup(unix_group); - - if ((*new_ep)->grp.nt_name == NULL || - (*new_ep)->grp.unix_name == NULL) - { - DEBUG(0,("make_name_entry: malloc fail for names in name_map_entry.\n")); - delete_name_entry((*new_ep)); - return False; - } - - /* - * look up the group names, make the Group-SID and unix gid - */ - - if (!unix_name_to_nt_name_info(&(*new_ep)->grp, type)) - { - delete_name_entry((*new_ep)); - return False; - } - - return True; -} - -/************************************************************************** - Load a name map file. Sets last accessed timestamp. -***************************************************************************/ -static ubi_slList *load_name_map(DOM_MAP_TYPE type) -{ - static time_t groupmap_file_last_modified = (time_t)0; - static time_t aliasmap_file_last_modified = (time_t)0; - static time_t ntusrmap_file_last_modified = (time_t)0; - static BOOL initialised_group = False; - static BOOL initialised_alias = False; - static BOOL initialised_ntusr = False; - char *groupname_map_file = lp_groupname_map(); - char *aliasname_map_file = lp_aliasname_map(); - char *ntusrname_map_file = lp_ntusrname_map(); - - FILE *fp; - char *s; - pstring buf; - name_map_entry *new_ep; - - time_t *file_last_modified = NULL; - int *initialised = NULL; - char *map_file = NULL; - ubi_slList *map_list = NULL; - - switch (type) - { - case DOM_MAP_DOMAIN: - { - file_last_modified = &groupmap_file_last_modified; - initialised = &initialised_group; - map_file = groupname_map_file; - map_list = &groupname_map_list; - - break; - } - case DOM_MAP_LOCAL: - { - file_last_modified = &aliasmap_file_last_modified; - initialised = &initialised_alias; - map_file = aliasname_map_file; - map_list = &aliasname_map_list; - - break; - } - case DOM_MAP_USER: - { - file_last_modified = &ntusrmap_file_last_modified; - initialised = &initialised_ntusr; - map_file = ntusrname_map_file; - map_list = &ntusrname_map_list; - - break; - } - } - - if (!(*initialised)) - { - DEBUG(10,("initialising map %s\n", map_file)); - ubi_slInitList(map_list); - (*initialised) = True; - } - - if (!*map_file) - { - return map_list; - } - - /* - * Load the file. - */ - - fp = open_file_if_modified(map_file, "r", file_last_modified); - if (!fp) - { - return map_list; - } - - /* - * Throw away any previous list. - */ - delete_map_list(map_list); - - DEBUG(4,("load_name_map: Scanning name map %s\n",map_file)); - - while ((s = fgets_slash(buf, sizeof(buf), fp)) != NULL) - { - pstring unixname; - pstring nt_name; - fstring nt_domain; - fstring ntname; - char *p; - - DEBUG(10,("Read line |%s|\n", s)); - - memset(nt_name, 0, sizeof(nt_name)); - - if (!*s || strchr("#;",*s)) - continue; - - if (!next_token(&s,unixname, "\t\n\r=", sizeof(unixname))) - continue; - - if (!next_token(&s,nt_name, "\t\n\r=", sizeof(nt_name))) - continue; - - trim_string(unixname, " ", " "); - trim_string(nt_name, " ", " "); - - if (!*nt_name) - continue; - - if (!*unixname) - continue; - - p = strchr(nt_name, '\\'); - - if (p == NULL) - { - memset(nt_domain, 0, sizeof(nt_domain)); - fstrcpy(ntname, nt_name); - } - else - { - *p = 0; - p++; - fstrcpy(nt_domain, nt_name); - fstrcpy(ntname , p); - } - - if (make_name_entry(&new_ep, nt_domain, ntname, unixname, type)) - { - ubi_slAddTail(map_list, (ubi_slNode *)new_ep); - DEBUG(5,("unixname = %s, ntname = %s\\%s type = %d\n", - new_ep->grp.unix_name, - new_ep->grp.nt_domain, - new_ep->grp.nt_name, - new_ep->grp.type)); - } - } - - DEBUG(10,("load_name_map: Added %ld entries to name map.\n", - ubi_slCount(map_list))); - - fclose(fp); - - return map_list; -} - -static void copy_grp_map_entry(DOM_NAME_MAP *grp, const DOM_NAME_MAP *from) -{ - sid_copy(&grp->sid, &from->sid); - grp->unix_id = from->unix_id; - grp->nt_name = from->nt_name; - grp->nt_domain = from->nt_domain; - grp->unix_name = from->unix_name; - grp->type = from->type; -} - -#if 0 -/*********************************************************** - Lookup unix name. -************************************************************/ -static BOOL map_unixname(DOM_MAP_TYPE type, - char *unixname, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (strequal(gmep->grp.unix_name, unixname)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_unixname: Mapping unix name %s to nt group %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - -#endif - -/*********************************************************** - Lookup nt name. -************************************************************/ -static BOOL map_ntname(DOM_MAP_TYPE type, char *ntname, char *ntdomain, - DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (strequal(gmep->grp.nt_name , ntname) && - strequal(gmep->grp.nt_domain, ntdomain)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_ntname: Mapping unix name %s to nt name %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - - -/*********************************************************** - Lookup by SID -************************************************************/ -static BOOL map_sid(DOM_MAP_TYPE type, - DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (sid_equal(&gmep->grp.sid, psid)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_sid: Mapping unix name %s to nt name %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - -/*********************************************************** - Lookup by gid_t. -************************************************************/ -static BOOL map_unixid(DOM_MAP_TYPE type, uint32 unix_id, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - fstring sid_str; - sid_to_string(sid_str, &gmep->grp.sid); - DEBUG(10,("map_unixid: enum entry unix group %s %d nt %s %s\n", - gmep->grp.unix_name, gmep->grp.unix_id, gmep->grp.nt_name, sid_str)); - if (gmep->grp.unix_id == unix_id) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_unixid: Mapping unix name %s to nt name %s type %d\n", - gmep->grp.unix_name, gmep->grp.nt_name, gmep->grp.type)); - return True; - } - } - - return False; -} - -/*********************************************************** - * - * Call four functions to resolve unix group ids and either - * local group SIDs or domain group SIDs listed in the local group - * or domain group map files. - * - * Note that it is *NOT* the responsibility of these functions to - * resolve entries that are not in the map files. - * - * Any SID can be in the map files (i.e from any Domain). - * - ***********************************************************/ - -#if 0 - -/*********************************************************** - Lookup a UNIX Group entry by name. -************************************************************/ -BOOL map_unix_group_name(char *group_name, DOM_NAME_MAP *grp_info) -{ - return map_unixname(DOM_MAP_DOMAIN, group_name, grp_info); -} - -/*********************************************************** - Lookup a UNIX Alias entry by name. -************************************************************/ -BOOL map_unix_alias_name(char *alias_name, DOM_NAME_MAP *grp_info) -{ - return map_unixname(DOM_MAP_LOCAL, alias_name, grp_info); -} - -/*********************************************************** - Lookup an Alias name entry -************************************************************/ -BOOL map_nt_alias_name(char *ntalias_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_LOCAL, ntalias_name, nt_domain, grp_info); -} - -/*********************************************************** - Lookup a Group entry -************************************************************/ -BOOL map_nt_group_name(char *ntgroup_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_DOMAIN, ntgroup_name, nt_domain, grp_info); -} - -#endif - -/*********************************************************** - Lookup a Username entry by name. -************************************************************/ -static BOOL map_nt_username(char *nt_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_USER, nt_name, nt_domain, grp_info); -} - -/*********************************************************** - Lookup a Username entry by SID. -************************************************************/ -static BOOL map_username_sid(DOM_SID *sid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_USER, sid, grp_info); -} - -/*********************************************************** - Lookup a Username SID entry by uid. -************************************************************/ -static BOOL map_username_uid(uid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_USER, (uint32)gid, grp_info); -} - -/*********************************************************** - Lookup an Alias SID entry by name. -************************************************************/ -BOOL map_alias_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_LOCAL, psid, grp_info); -} - -/*********************************************************** - Lookup a Group entry by sid. -************************************************************/ -BOOL map_group_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_DOMAIN, psid, grp_info); -} - -/*********************************************************** - Lookup an Alias SID entry by gid_t. -************************************************************/ -static BOOL map_alias_gid(gid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_LOCAL, (uint32)gid, grp_info); -} - -/*********************************************************** - Lookup a Group SID entry by gid_t. -************************************************************/ -static BOOL map_group_gid( gid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_DOMAIN, (uint32)gid, grp_info); -} - - -/************************************************************************ - Routine to look up User details by UNIX name -*************************************************************************/ -BOOL lookupsmbpwnam(const char *unix_usr_name, DOM_NAME_MAP *grp) -{ - uid_t uid; - DEBUG(10,("lookupsmbpwnam: unix user name %s\n", unix_usr_name)); - if (nametouid(unix_usr_name, &uid)) - { - return lookupsmbpwuid(uid, grp); - } - else - { - return False; - } -} - -/************************************************************************ - Routine to look up a remote nt name -*************************************************************************/ -static BOOL lookup_remote_ntname(const char *ntname, DOM_SID *sid, uint8 *type) -{ - struct cli_state cli; - POLICY_HND lsa_pol; - fstring srv_name; - extern struct ntuser_creds *usr_creds; - struct ntuser_creds usr; - - BOOL res3 = True; - BOOL res4 = True; - uint32 num_sids; - DOM_SID *sids; - uint8 *types; - char *names[1]; - - usr_creds = &usr; - - ZERO_STRUCT(usr); - pwd_set_nullpwd(&usr.pwd); - - DEBUG(5,("lookup_remote_ntname: %s\n", ntname)); - - if (!cli_connect_serverlist(&cli, lp_passwordserver())) - { - return False; - } - - names[0] = ntname; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, cli.desthost); - strupper(srv_name); - - /* lookup domain controller; receive a policy handle */ - res3 = res3 ? lsa_open_policy( srv_name, - &lsa_pol, True) : False; - - /* send lsa lookup sids call */ - res4 = res3 ? lsa_lookup_names( &lsa_pol, - 1, names, - &sids, &types, &num_sids) : False; - - res3 = res3 ? lsa_close(&lsa_pol) : False; - - if (res4 && res3 && sids != NULL && types != NULL) - { - sid_copy(sid, &sids[0]); - *type = types[0]; - } - else - { - res3 = False; - } - if (types != NULL) - { - free(types); - } - - if (sids != NULL) - { - free(sids); - } - - return res3 && res4; -} - -/************************************************************************ - Routine to look up a remote nt name -*************************************************************************/ -static BOOL get_sid_and_type(const char *fullntname, uint8 expected_type, - DOM_NAME_MAP *gmep) -{ - /* - * check with the PDC to see if it owns the name. if so, - * the SID is resolved with the PDC database. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - if (lookup_remote_ntname(fullntname, &gmep->sid, &gmep->type)) - { - if (sid_front_equal(&gmep->sid, &global_member_sid) && - strequal(gmep->nt_domain, global_myworkgroup) && - gmep->type == expected_type) - { - return True; - } - return False; - } - } - - /* - * ... otherwise, it's one of ours. map the sid ourselves, - * which can only happen in our own SAM database. - */ - - if (!strequal(gmep->nt_domain, global_sam_name)) - { - return False; - } - if (!pwdb_unixid_to_sam_sid(gmep->unix_id, gmep->type, &gmep->sid)) - { - return False; - } - - return True; -} - -/* - * used by lookup functions below - */ - -static fstring nt_name; -static fstring unix_name; -static fstring nt_domain; - -/************************************************************************* - looks up a uid, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwuid(uid_t uid, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbpwuid: unix uid %d\n", uid)); - if (map_username_uid(uid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - gmep->unix_id = (uint32)uid; - - /* - * ok, assume it's one of ours. then double-check it - * if we are a member of a domain - */ - - gmep->type = SID_NAME_USER; - fstrcpy(gmep->nt_name, uidtoname(uid)); - fstrcpy(gmep->unix_name, gmep->nt_name); - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - lsa_lookup_names(global_myworkgroup, gmep->nt_name, &gmep->sid...); -#endif - } - - /* - * ok, it's one of ours. - */ - - gmep->nt_domain = global_sam_name; - pwdb_unixid_to_sam_sid(gmep->unix_id, gmep->type, &gmep->sid); - - return True; - } - - /* oops. */ - - return False; -} - -/************************************************************************* - looks up by NT name, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwntnam(const char *fullntname, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbpwntnam: nt user name %s\n", fullntname)); - - if (!split_domain_name(fullntname, nt_domain, nt_name)) - { - return False; - } - - if (map_nt_username(nt_name, nt_domain, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - uid_t uid; - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * ok, it's one of ours. we therefore "create" an nt user named - * after the unix user. this is the point where "appliance mode" - * should get its teeth in, as unix users won't really exist, - * they will only be numbers... - */ - - gmep->type = SID_NAME_USER; - fstrcpy(gmep->unix_name, gmep->nt_name); - if (!nametouid(gmep->unix_name, &uid)) - { - return False; - } - gmep->unix_id = (uint32)uid; - - return get_sid_and_type(fullntname, gmep->type, gmep); - } - - /* oops. */ - - return False; -} - -/************************************************************************* - looks up by RID, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwsid(DOM_SID *sid, DOM_NAME_MAP *gmep) -{ - fstring sid_str; - sid_to_string(sid_str, sid); - DEBUG(10,("lookupsmbpwsid: nt sid %s\n", sid_str)); - - if (map_username_sid(sid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - if (lookup_remote_sid(global_myworkgroup, gmep->sid, gmep->nt_name, gmep->nt_domain...); -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt user named - * after the unix user. this is the point where "appliance mode" - * should get its teeth in, as unix users won't really exist, - * they will only be numbers... - */ - - gmep->type = SID_NAME_USER; - sid_copy(&gmep->sid, sid); - if (!pwdb_sam_sid_to_unixid(&gmep->sid, gmep->type, &gmep->unix_id)) - { - return False; - } - fstrcpy(gmep->nt_name, uidtoname((uid_t)gmep->unix_id)); - fstrcpy(gmep->unix_name, gmep->nt_name); - gmep->nt_domain = global_sam_name; - - return True; - } - - /* oops. */ - - return False; -} - -/************************************************************************ - Routine to look up group / alias / well-known group RID by UNIX name -*************************************************************************/ -BOOL lookupsmbgrpnam(const char *unix_grp_name, DOM_NAME_MAP *grp) -{ - gid_t gid; - DEBUG(10,("lookupsmbgrpnam: unix user group %s\n", unix_grp_name)); - if (nametogid(unix_grp_name, &gid)) - { - return lookupsmbgrpgid(gid, grp); - } - else - { - return False; - } -} - -/************************************************************************* - looks up a SID, returns name map entry -*************************************************************************/ -BOOL lookupsmbgrpsid(DOM_SID *sid, DOM_NAME_MAP *gmep) -{ - fstring sid_str; - sid_to_string(sid_str, sid); - DEBUG(10,("lookupsmbgrpsid: nt sid %s\n", sid_str)); - - if (map_alias_sid(sid, gmep)) - { - return True; - } - if (map_group_sid(sid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - lsa_lookup_sids(global_myworkgroup, gmep->sid, gmep->nt_name, gmep->nt_domain...); -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt group or - * alias name named after the unix group. this is the point - * where "appliance mode" should get its teeth in, as unix - * groups won't really exist, they will only be numbers... - */ - - /* name is not explicitly mapped - * with map files or the PDC - * so we are responsible for it... - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - /* ... as a LOCAL group. */ - gmep->type = SID_NAME_ALIAS; - } - else - { - /* ... as a DOMAIN group. */ - gmep->type = SID_NAME_DOM_GRP; - } - - sid_copy(&gmep->sid, sid); - if (!pwdb_sam_sid_to_unixid(&gmep->sid, gmep->type, &gmep->unix_id)) - { - return False; - } - fstrcpy(gmep->nt_name, gidtoname((gid_t)gmep->unix_id)); - fstrcpy(gmep->unix_name, gmep->nt_name); - gmep->nt_domain = global_sam_name; - - return True; - } - - /* oops */ - return False; -} - -/************************************************************************* - looks up a gid, returns RID and type local, domain or well-known domain group -*************************************************************************/ -BOOL lookupsmbgrpgid(gid_t gid, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbgrpgid: unix gid %d\n", (int)gid)); - if (map_alias_gid(gid, gmep)) - { - return True; - } - if (map_group_gid(gid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - gmep->unix_id = (uint32)gid; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - if (lsa_lookup_names(global_myworkgroup, gmep->nt_name, &gmep->sid...); - { - return True; - } -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt group or - * alias name named after the unix group. this is the point - * where "appliance mode" should get its teeth in, as unix - * groups won't really exist, they will only be numbers... - */ - - /* name is not explicitly mapped - * with map files or the PDC - * so we are responsible for it... - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - /* ... as a LOCAL group. */ - gmep->type = SID_NAME_ALIAS; - } - else - { - /* ... as a DOMAIN group. */ - gmep->type = SID_NAME_DOM_GRP; - } - fstrcpy(gmep->nt_name, gidtoname(gid)); - fstrcpy(gmep->unix_name, gmep->nt_name); - - return get_sid_and_type(gmep->nt_name, gmep->type, gmep); - } - - /* oops */ - return False; -} - diff --git a/source3/lib/hmacmd5.c b/source3/lib/hmacmd5.c deleted file mode 100644 index d017bba77d..0000000000 --- a/source3/lib/hmacmd5.c +++ /dev/null @@ -1,120 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Interface header: Scheduler service - Copyright (C) Luke Kenneth Casson Leighton 1996-1999 - Copyright (C) Andrew Tridgell 1992-1999 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/* taken direct from rfc2104 implementation and modified for suitable use - * for ntlmv2. - */ - -#include "includes.h" - -/*********************************************************************** - the rfc 2104 version of hmac_md5 initialisation. -***********************************************************************/ -void hmac_md5_init_rfc2104(uchar* key, int key_len, HMACMD5Context *ctx) -{ - int i; - - /* if key is longer than 64 bytes reset it to key=MD5(key) */ - if (key_len > 64) - { - uchar tk[16]; - struct MD5Context tctx; - - MD5Init(&tctx); - MD5Update(&tctx, key, key_len); - MD5Final(tk, &tctx); - - key = tk; - key_len = 16; - } - - /* start out by storing key in pads */ - bzero( ctx->k_ipad, sizeof ctx->k_ipad); - bzero( ctx->k_opad, sizeof ctx->k_opad); - bcopy( key, ctx->k_ipad, key_len); - bcopy( key, ctx->k_opad, key_len); - - /* XOR key with ipad and opad values */ - for (i=0; i<64; i++) - { - ctx->k_ipad[i] ^= 0x36; - ctx->k_opad[i] ^= 0x5c; - } - - MD5Init(&ctx->ctx); - MD5Update(&ctx->ctx, ctx->k_ipad, 64); -} - -/*********************************************************************** - the microsoft version of hmac_md5 initialisation. -***********************************************************************/ -void hmac_md5_init_limK_to_64(const uchar* key, int key_len, - HMACMD5Context *ctx) -{ - int i; - - /* if key is longer than 64 bytes truncate it */ - if (key_len > 64) - { - key_len = 64; - } - - /* start out by storing key in pads */ - bzero( ctx->k_ipad, sizeof ctx->k_ipad); - bzero( ctx->k_opad, sizeof ctx->k_opad); - bcopy( key, ctx->k_ipad, key_len); - bcopy( key, ctx->k_opad, key_len); - - /* XOR key with ipad and opad values */ - for (i=0; i<64; i++) - { - ctx->k_ipad[i] ^= 0x36; - ctx->k_opad[i] ^= 0x5c; - } - - MD5Init(&ctx->ctx); - MD5Update(&ctx->ctx, ctx->k_ipad, 64); -} - -/*********************************************************************** - update hmac_md5 "inner" buffer -***********************************************************************/ -void hmac_md5_update(const uchar* text, int text_len, HMACMD5Context *ctx) -{ - MD5Update(&ctx->ctx, text, text_len); /* then text of datagram */ -} - -/*********************************************************************** - finish off hmac_md5 "inner" buffer and generate outer one. -***********************************************************************/ -void hmac_md5_final(uchar *digest, HMACMD5Context *ctx) - -{ - struct MD5Context ctx_o; - - MD5Final(digest, &ctx->ctx); - - MD5Init(&ctx_o); - MD5Update(&ctx_o, ctx->k_opad, 64); - MD5Update(&ctx_o, digest, 16); - MD5Final(digest, &ctx_o); -} diff --git a/source3/lib/md5.c b/source3/lib/md5.c deleted file mode 100644 index cff7bef034..0000000000 --- a/source3/lib/md5.c +++ /dev/null @@ -1,315 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Copyright (C) Andrew Tridgell 1992-1999 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/* This code has been heavily hacked by Tatu Ylonen <ylo@cs.hut.fi> to - make it compile on machines like Cray that don't have a 32 bit integer - type. */ -/* - * This code implements the MD5 message-digest algorithm. - * The algorithm is due to Ron Rivest. This code was - * written by Colin Plumb in 1993, no copyright is claimed. - * This code is in the public domain; do with it what you wish. - * - * Equivalent code is available from RSA Data Security, Inc. - * This code has been tested against that, and is equivalent, - * except that you don't need to include two pages of legalese - * with every copy. - * - * To compute the message digest of a chunk of bytes, declare an - * MD5Context structure, pass it to MD5Init, call MD5Update as - * needed on buffers full of bytes, and then call MD5Final, which - * will fill a supplied 16-byte array with the digest. - */ - -#include "includes.h" - -#ifndef _GETPUT_H -/* - -getput.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Jun 28 22:36:30 1995 ylo - -Macros for storing and retrieving data in msb first and lsb first order. - -*/ - -/*------------ macros for storing/extracting msb first words -------------*/ - -#define GET_32BIT(cp) (((uint32)(uchar)(cp)[0] << 24) | \ - ((uint32)(uchar)(cp)[1] << 16) | \ - ((uint32)(uchar)(cp)[2] << 8) | \ - ((uint32)(uchar)(cp)[3])) - -#define GET_16BIT(cp) (((uint32)(uchar)(cp)[0] << 8) | \ - ((uint32)(uchar)(cp)[1])) - -#define PUT_32BIT(cp, value) do { \ - (cp)[0] = (value) >> 24; \ - (cp)[1] = (value) >> 16; \ - (cp)[2] = (value) >> 8; \ - (cp)[3] = (value); } while (0) - -#define PUT_16BIT(cp, value) do { \ - (cp)[0] = (value) >> 8; \ - (cp)[1] = (value); } while (0) - -/*------------ macros for storing/extracting lsb first words -------------*/ - -#define GET_32BIT_LSB_FIRST(cp) \ - (((uint32)(uchar)(cp)[0]) | \ - ((uint32)(uchar)(cp)[1] << 8) | \ - ((uint32)(uchar)(cp)[2] << 16) | \ - ((uint32)(uchar)(cp)[3] << 24)) - -#define GET_16BIT_LSB_FIRST(cp) \ - (((uint32)(uchar)(cp)[0]) | \ - ((uint32)(uchar)(cp)[1] << 8)) - -#define PUT_32BIT_LSB_FIRST(cp, value) do { \ - (cp)[0] = (value); \ - (cp)[1] = (value) >> 8; \ - (cp)[2] = (value) >> 16; \ - (cp)[3] = (value) >> 24; } while (0) - -#define PUT_16BIT_LSB_FIRST(cp, value) do { \ - (cp)[0] = (value); \ - (cp)[1] = (value) >> 8; } while (0) - -#endif /* _GETPUT_H */ - -/* - * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious - * initialization constants. - */ -void MD5Init(struct MD5Context *ctx) -{ - ctx->buf[0] = 0x67452301; - ctx->buf[1] = 0xefcdab89; - ctx->buf[2] = 0x98badcfe; - ctx->buf[3] = 0x10325476; - - ctx->bits[0] = 0; - ctx->bits[1] = 0; -} - -/* - * Update context to reflect the concatenation of another buffer full - * of bytes. - */ -void MD5Update(struct MD5Context *ctx, uchar const *buf, unsigned len) -{ - uint32 t; - - /* Update bitcount */ - - t = ctx->bits[0]; - if ((ctx->bits[0] = (t + ((uint32)len << 3)) & 0xffffffff) < t) - ctx->bits[1]++; /* Carry from low to high */ - ctx->bits[1] += len >> 29; - - t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ - - /* Handle any leading odd-sized chunks */ - - if (t) { - uchar *p = ctx->in + t; - - t = 64 - t; - if (len < t) { - memcpy(p, buf, len); - return; - } - memcpy(p, buf, t); - MD5Transform(ctx->buf, ctx->in); - buf += t; - len -= t; - } - /* Process data in 64-byte chunks */ - - while (len >= 64) { - memcpy(ctx->in, buf, 64); - MD5Transform(ctx->buf, ctx->in); - buf += 64; - len -= 64; - } - - /* Handle any remaining bytes of data. */ - - memcpy(ctx->in, buf, len); -} - -/* - * Final wrapup - pad to 64-byte boundary with the bit pattern - * 1 0* (64-bit count of bits processed, MSB-first) - */ -void MD5Final(uchar digest[16], struct MD5Context *ctx) -{ - unsigned count; - uchar *p; - - /* Compute number of bytes mod 64 */ - count = (ctx->bits[0] >> 3) & 0x3F; - - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ - p = ctx->in + count; - *p++ = 0x80; - - /* Bytes of padding needed to make 64 bytes */ - count = 64 - 1 - count; - - /* Pad out to 56 mod 64 */ - if (count < 8) { - /* Two lots of padding: Pad the first block to 64 bytes */ - memset(p, 0, count); - MD5Transform(ctx->buf, ctx->in); - - /* Now fill the next block with 56 bytes */ - memset(ctx->in, 0, 56); - } else { - /* Pad block to 56 bytes */ - memset(p, 0, count - 8); - } - - /* Append length in bits and transform */ - PUT_32BIT_LSB_FIRST(ctx->in + 56, ctx->bits[0]); - PUT_32BIT_LSB_FIRST(ctx->in + 60, ctx->bits[1]); - - MD5Transform(ctx->buf, ctx->in); - PUT_32BIT_LSB_FIRST(digest, ctx->buf[0]); - PUT_32BIT_LSB_FIRST(digest + 4, ctx->buf[1]); - PUT_32BIT_LSB_FIRST(digest + 8, ctx->buf[2]); - PUT_32BIT_LSB_FIRST(digest + 12, ctx->buf[3]); - memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */ -} - -#ifndef ASM_MD5 - -/* The four core functions - F1 is optimized somewhat */ - -/* #define F1(x, y, z) (x & y | ~x & z) */ -#define F1(x, y, z) (z ^ (x & (y ^ z))) -#define F2(x, y, z) F1(z, x, y) -#define F3(x, y, z) (x ^ y ^ z) -#define F4(x, y, z) (y ^ (x | ~z)) - -/* This is the central step in the MD5 algorithm. */ -#define MD5STEP(f, w, x, y, z, data, s) \ - ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x ) - -/* - * The core of the MD5 algorithm, this alters an existing MD5 hash to - * reflect the addition of 16 longwords of new data. MD5Update blocks - * the data and converts bytes into longwords for this routine. - */ -void MD5Transform(uint32 buf[4], const uchar inext[64]) -{ - register uint32 a, b, c, d, i; - uint32 in[16]; - - for (i = 0; i < 16; i++) - in[i] = GET_32BIT_LSB_FIRST(inext + 4 * i); - - a = buf[0]; - b = buf[1]; - c = buf[2]; - d = buf[3]; - - MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7); - MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); - MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17); - MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); - MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); - MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12); - MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17); - MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22); - MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7); - MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); - MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); - MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); - MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); - MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); - MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); - MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); - - MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5); - MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9); - MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); - MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); - MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5); - MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); - MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); - MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); - MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); - MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); - MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); - MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20); - MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); - MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); - MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14); - MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); - - MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4); - MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11); - MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); - MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); - MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4); - MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); - MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); - MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); - MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); - MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); - MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); - MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23); - MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); - MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); - MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); - MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); - - MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6); - MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10); - MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); - MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21); - MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); - MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); - MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); - MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21); - MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); - MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); - MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15); - MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); - MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6); - MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); - MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); - MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21); - - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; -} - -#endif diff --git a/source3/lib/membuffer.c b/source3/lib/membuffer.c deleted file mode 100644 index e228503643..0000000000 --- a/source3/lib/membuffer.c +++ /dev/null @@ -1,367 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Samba memory buffer functions - Copyright (C) Andrew Tridgell 1992-1997 - Copyright (C) Luke Kenneth Casson Leighton 1996-1997 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/******************************************************************* - * - * Description: memory buffer / stream management. - * Author : Luke K C Leighton - * Created : Dec 1997 - * - - * this module is intended for use in streaming data in and out of - * buffers. it is intended that a single data stream be subdivided - * into manageable sections. - - * for example, an rpc header contains a length field, but until the - * data has been created, the length is unknown. using this module, - * the header section can be tacked onto the front of the data memory - * list once the size of the data section preceding it is known. - - * the "margin" can be used to over-run and retrospectively lengthen - * the buffer. this is to save time in some of the loops, where it is - * not particularly desirable to realloc data by 1, 2 or 4 bytes - * repetitively... - - * each memory buffer contains a start and end offset. the end of - * one buffer should equal to the start of the next in the chain. - * (end - start = len, instead of end - start + 1 = len) - - * the debug log levels are very high in some of the routines: you - * have no idea how boring it gets staring at debug output from these - - ********************************************************************/ - - -#include "includes.h" - -extern int DEBUGLEVEL; - -/******************************************************************* - initialise a memory buffer. - ********************************************************************/ -void mem_init(struct mem_buf *buf, int margin) -{ - buf->dynamic = True; - buf->data = NULL; - buf->data_size = 0; - buf->data_used = 0; - - buf->margin = margin; - - buf->next = NULL; - - buf->offset.start = 0; - buf->offset.end = 0x0; -} - -/******************************************************************* - initialise a memory buffer. - - dynamic indicates memory has been dynamically allocated. - if mem_free is called, the memory will be freed. - ********************************************************************/ -void mem_create(struct mem_buf *buf, char *data, int offset, int size, int margin, BOOL dynamic) -{ - buf->dynamic = dynamic; - buf->data = data; - buf->data_size = size; - buf->data_used = size; - - buf->margin = margin; - - buf->next = NULL; - - buf->offset.start = offset; - buf->offset.end = offset + size; -} - -/******************************************************************* - allocate a memory buffer. assume it's empty - ********************************************************************/ -BOOL mem_alloc_data(struct mem_buf *buf, int size) -{ - if (!buf->dynamic) - { - DEBUG(3,("mem_alloc_data: warning - memory buffer type is set to static\n")); - } - - buf->data_size = size + buf->margin; - buf->data_used = size; - - buf->data = (char*)malloc(buf->data_size); - - if (buf->data == NULL && size != 0) - { - DEBUG(3,("mem_alloc: could not malloc size %d\n", - buf->data_size)); - mem_init(buf, buf->margin); - - return False; - } - - bzero(buf->data, buf->data_size); - buf->offset.end = buf->offset.start + size; - - return True; -} - -/******************************************************************* - allocates a memory buffer structure - ********************************************************************/ -BOOL mem_buf_copy(char *copy_into, struct mem_buf *buf, - uint32 offset, uint32 len) -{ - uint32 end = offset + len; - char *q = NULL; - uint32 data_len = mem_buf_len(buf); - uint32 start_offset = offset; - struct mem_buf **bcp = &buf; - - if (buf == NULL || copy_into == NULL) return False; - - DEBUG(200,("mem_buf_copy: data[%d..%d] offset %d len %d\n", - buf->offset.start, data_len, offset, len)); - - /* there's probably an off-by-one bug, here, and i haven't even tested the code :-) */ - while (offset < end && ((q = mem_data(bcp, offset)) != NULL)) - { - uint32 copy_len = (*bcp)->offset.end - offset; - - DEBUG(200,("\tdata[%d..%d] - offset %d len %d\n", - (*bcp)->offset.start, (*bcp)->offset.end, - offset, copy_len)); - - memcpy(copy_into, q, copy_len); - - offset += copy_len; - copy_into += copy_len; - } - - if ((*bcp) != NULL) - { - DEBUG(200,("mem_buf_copy: copied %d bytes\n", offset - start_offset)); - } - else - { - DEBUG(200,("mem_buf_copy: failed\n")); - } - - return buf != NULL; -} - -/******************************************************************* - allocates a memory buffer structure - ********************************************************************/ -BOOL mem_buf_init(struct mem_buf **buf, uint32 margin) -{ - if (buf == NULL) return False; - - if ((*buf) == NULL) - { - (*buf) = (struct mem_buf*)malloc(sizeof(**buf)); - if ((*buf) != NULL) - { - mem_init((*buf), margin); - return True; - } - } - else - { - (*buf)->margin = margin; - return True; - } - return False; -} - -/******************************************************************* - frees up a memory buffer. - ********************************************************************/ -void mem_buf_free(struct mem_buf **buf) -{ - if (buf == NULL) return; - if ((*buf) == NULL) return; - - mem_free_data(*buf); /* delete memory data */ - free(*buf); /* delete item */ - (*buf) = NULL; -} - -/******************************************************************* - frees a memory buffer chain. assumes that all items are malloced. - ********************************************************************/ -static void mem_free_chain(struct mem_buf **buf) -{ - if (buf == NULL) return; - if ((*buf) == NULL) return; - - if ((*buf)->next != NULL) - { - mem_free_chain(&((*buf)->next)); /* delete all other items in chain */ - } - mem_buf_free(buf); -} - -/******************************************************************* - frees a memory buffer. - ********************************************************************/ -void mem_free_data(struct mem_buf *buf) -{ - if (buf == NULL) return; - - if (buf->data != NULL && buf->dynamic) - { - free(buf->data); /* delete data in this structure */ - buf->data = NULL; - } - mem_init(buf, buf->margin); -} - -/******************************************************************* - reallocate a memory buffer, including a safety margin - ********************************************************************/ -BOOL mem_realloc_data(struct mem_buf *buf, size_t new_size) -{ - char *new_data; - - if (!buf->dynamic) - { - DEBUG(3,("mem_realloc_data: memory buffer has not been dynamically allocated!\n")); - return False; - } - - if (new_size == 0) - { - mem_free_data(buf); - return True; - } - - new_data = (char*)Realloc(buf->data, new_size + buf->margin); - - if (new_data != NULL) - { - buf->data = new_data; - buf->data_size = new_size + buf->margin; - buf->data_used = new_size; - } - else if (buf->data_size <= new_size) - { - DEBUG(3,("mem_realloc: warning - could not realloc to %d(+%d)\n", - new_size, buf->margin)); - - buf->data_used = new_size; - } - else - { - DEBUG(3,("mem_realloc: error - could not realloc to %d\n", - new_size)); - - mem_free_data(buf); - return False; - } - - buf->offset.end = buf->offset.start + new_size; - - DEBUG(150,("mem_realloc_data: size: %d start: %d end: %d\n", - new_size, buf->offset.start, buf->offset.end)); - return True; -} - -/******************************************************************* - reallocate a memory buffer, retrospectively :-) - ********************************************************************/ -BOOL mem_grow_data(struct mem_buf **buf, BOOL io, int new_size, BOOL force_grow) -{ - if (new_size + (*buf)->margin >= (*buf)->data_size) - { - if (!io || force_grow) - { - /* writing or forge realloc */ - return mem_realloc_data((*buf), new_size); - } - else - { - } - } - return True; -} - -/******************************************************************* - search for a memory buffer that falls within the specified offset - ********************************************************************/ -static BOOL mem_find(struct mem_buf **buf, uint32 offset) -{ - struct mem_buf *f; - if (buf == NULL) return False; - - f = *buf; - - DEBUG(200,("mem_find: data[%d..%d] offset: %d\n", - f->offset.start, f->offset.end, offset)); - - while (f != NULL && offset >= f->offset.end) - { - DEBUG(200,("mem_find: next[%d..%d]\n", - f->offset.start, f->offset.end)); - - f = f->next; - } - - (*buf) = f; - - if (f != NULL) - { - DEBUG(200,("mem_find: found data[%d..%d]\n", - (*buf)->offset.start,(*buf)->offset.end)); - } - - return f != NULL; -} - - -/******************************************************************* - add up the lengths of all sections. - ********************************************************************/ -uint32 mem_buf_len(struct mem_buf *buf) -{ - int len = 0; - while (buf != NULL) - { - len += buf->offset.end - buf->offset.start; - buf = buf->next; - } - return len; -} - - -/******************************************************************* - return the memory location specified by offset. may return NULL. - ********************************************************************/ -char *mem_data(struct mem_buf **buf, uint32 offset) -{ - if (mem_find(buf, offset)) - { - return &((*buf)->data[offset - (*buf)->offset.start]); - } - return NULL; -} - - diff --git a/source3/lib/msrpc-agent.c b/source3/lib/msrpc-agent.c deleted file mode 100644 index 9fc592d377..0000000000 --- a/source3/lib/msrpc-agent.c +++ /dev/null @@ -1,251 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 2 - SMB agent/socket plugin - Copyright (C) Andrew Tridgell 1999 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "smb.h" - -extern int DEBUGLEVEL; - -static char packet[BUFFER_SIZE]; - -/**************************************************************************** -terminate sockent connection -****************************************************************************/ -static void free_sock(void *sock) -{ - if (sock != NULL) - { - struct msrpc_state *n = (struct msrpc_state*)sock; - msrpc_use_del(n->pipe_name, &n->usr, False, NULL); - } -} - -static struct msrpc_state *init_client_connection(int c) -{ - pstring buf; - fstring pipe_name; - struct user_creds usr; - int rl; - uint32 len; - BOOL new_con = False; - struct msrpc_state *n = NULL; - - CREDS_CMD cmd; - prs_struct ps; - - ZERO_STRUCT(usr); - ZERO_STRUCT(cmd); - cmd.cred = &usr; - - DEBUG(10,("init_client_connection: first request\n")); - - rl = read(c, &buf, sizeof(len)); - - if (rl != sizeof(len)) - { - DEBUG(0,("Unable to read length\n")); - dump_data(0, buf, sizeof(len)); - return NULL; - } - - len = IVAL(buf, 0); - - if (len > sizeof(buf)) - { - DEBUG(0,("length %d too long\n", len)); - return NULL; - } - - rl = read(c, buf, len); - - if (rl < 0) - { - DEBUG(0,("Unable to read from connection\n")); - return NULL; - } - -#ifdef DEBUG_PASSWORD - dump_data(100, buf, rl); -#endif - - /* make a static data parsing structure from the api_fd_reply data */ - prs_init(&ps, 0, 4, 0, True); - mem_create(ps.data, buf, 0, len, 0, False); - - if (!creds_io_cmd("creds", &cmd, &ps, 0)) - { - DEBUG(0,("Unable to parse credentials\n")); - mem_free_data(ps.data); - return NULL; - } - - mem_free_data(ps.data); - - if (ps.offset != rl) - { - DEBUG(0,("Buffer size %d %d!\n", ps.offset, rl)); - return NULL; - } - - switch (cmd.command) - { - case AGENT_CMD_CON: - case AGENT_CMD_CON_ANON: - { - new_con = True; - break; - } - case AGENT_CMD_CON_REUSE: - { - new_con = True; - break; - } - default: - { - DEBUG(0,("unknown command %d\n", cmd.command)); - return NULL; - } - } - - if (new_con) - { - uint32 status = 0; - n = msrpc_use_add(pipe_name, &usr, False); - - if (n == NULL) - { - DEBUG(0,("Unable to connect to %s\n", pipe_name)); - status = 0x1; - } - else - { - fstrcpy(n->pipe_name, pipe_name); - copy_user_creds(&n->usr, &usr); - } - - if (write(c, &status, sizeof(status)) != sizeof(status)) - { - DEBUG(0,("Could not write connection down pipe.\n")); - if (n != NULL) - { - msrpc_use_del(pipe_name, &usr, False, NULL); - n = NULL; - } - } - } - free_user_creds(&usr); - return n; -} - -static BOOL process_cli_sock(struct sock_redir **socks, uint32 num_socks, - struct sock_redir *sock) -{ - struct msrpc_state *n = (struct msrpc_state*)sock->n; - if (n == NULL) - { - n = init_client_connection(sock->c); - if (n == NULL) - { - return False; - } - sock->n = (void*)n; - sock->s = n->fd; - } - else - { - if (!receive_smb(sock->c, packet, 0)) - { - DEBUG(0,("client closed connection\n")); - return False; - } - - if (!send_smb(sock->s, packet)) - { - DEBUG(0,("server is dead\n")); - return False; - } - } - return True; -} - -static BOOL process_srv_sock(struct sock_redir **socks, uint32 num_socks, - int fd) -{ - int i; - if (!receive_smb(fd, packet, 0)) - { - DEBUG(0,("server closed connection\n")); - return False; - } - - DEBUG(10,("process_srv_sock:\tfd:\t%d\n", fd)); - - for (i = 0; i < num_socks; i++) - { - struct msrpc_state *n; - if (socks[i] == NULL || socks[i]->n == NULL) - { - continue; - } - n = (struct msrpc_state*)socks[i]->n; - DEBUG(10,("list:\tfd:\t%d\n", - socks[i]->s)); - if (!send_smb(socks[i]->c, packet)) - { - DEBUG(0,("client is dead\n")); - return False; - } - return True; - } - return False; -} - -static int get_agent_sock(char *pipe_name) -{ - fstring path; - fstring dir; - - slprintf(dir, sizeof(dir)-1, "/tmp/.msrpc/.%s", pipe_name); - slprintf(path, sizeof(path)-1, "%s/agent", dir); - - return create_pipe_socket(dir, S_IRUSR|S_IWUSR|S_IXUSR, path, 0); -} - -void start_msrpc_agent(char *pipe_name) -{ - struct vagent_ops va = - { - free_sock, - get_agent_sock, - process_cli_sock, - process_srv_sock, - pipe_name, - NULL, - 0 - }; - - if (fork() == 0) - { - /* child */ - start_agent(&va); - } -} - diff --git a/source3/lib/msrpc-client.c b/source3/lib/msrpc-client.c deleted file mode 100644 index e13850a9e2..0000000000 --- a/source3/lib/msrpc-client.c +++ /dev/null @@ -1,384 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - SMB msrpcent generic functions - Copyright (C) Andrew Tridgell 1994-1999 - Copyright (C) Luke Kenneth Casson Leighton 1996-1999 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#define NO_SYSLOG - -#include "includes.h" - -extern int DEBUGLEVEL; - -/**************************************************************************** -recv an smb -****************************************************************************/ -BOOL msrpc_receive(struct msrpc_state *msrpc) -{ - return receive_smb(msrpc->fd,msrpc->inbuf,0); -} - -/**************************************************************************** - send an smb to a fd and re-establish if necessary -****************************************************************************/ -BOOL msrpc_send_prs(struct msrpc_state *msrpc, prs_struct *ps) -{ - size_t len = mem_buf_len(ps->data); - - DEBUG(10,("msrpc_send_prs: len %d\n", len)); - dbgflush(); - - _smb_setlen(msrpc->outbuf, len); - mem_buf_copy(&msrpc->outbuf[4], ps->data, 0, len); - - if (msrpc_send(msrpc, True)) - { - prs_mem_free(ps); - return True; - } - return False; -} - -/**************************************************************************** - receive msrpc packet -****************************************************************************/ -BOOL msrpc_receive_prs(struct msrpc_state *msrpc, prs_struct *ps) -{ - int len; - char *data; - - if (!msrpc_receive(msrpc)) - { - return False; - } - - len = smb_len(msrpc->inbuf); - - dump_data(10, msrpc->inbuf, len+4); - - prs_init(ps, len, 4, 0, False); - ps->offset = len; - data = mem_data(&ps->data, 0); - if (data == NULL || len <= 0) - { - return False; - } - - memcpy(data, smb_base(msrpc->inbuf), len); - - return True; -} - -/**************************************************************************** - send an smb to a fd and re-establish if necessary -****************************************************************************/ -BOOL msrpc_send(struct msrpc_state *msrpc, BOOL show) -{ - size_t len; - size_t nwritten=0; - ssize_t ret; - - len = smb_len(msrpc->outbuf) + 4; - - dump_data(10, msrpc->outbuf, len); - - while (nwritten < len) - { - ret = write_socket(msrpc->fd,msrpc->outbuf+nwritten,len - nwritten); - if (ret <= 0) - { - DEBUG(0,("Error writing %d bytes to msrpcent. %d. Exiting\n", - len,ret)); - return False; - } - nwritten += ret; - } - - return True; -} - -/**************************************************************************** -open the msrpcent sockets -****************************************************************************/ -BOOL msrpc_connect(struct msrpc_state *msrpc, const char *pipe_name) -{ - fstring path; - slprintf(path, sizeof(path)-1, "/tmp/.msrpc/%s", pipe_name); - - fstrcpy(msrpc->pipe_name, pipe_name); - - msrpc->fd = open_pipe_sock(path); - - if (msrpc->fd == -1) - { - return False; - } - - return True; -} - - -/**************************************************************************** -initialise a msrpcent structure -****************************************************************************/ -void msrpc_init_creds(struct msrpc_state *msrpc, const struct user_creds *usr) -{ - copy_user_creds(&msrpc->usr, usr); -} - -/**************************************************************************** -close the socket descriptor -****************************************************************************/ -void msrpc_close_socket(struct msrpc_state *msrpc) -{ - if (msrpc->fd != -1) - { - close(msrpc->fd); - } - msrpc->fd = -1; -} - - -/**************************************************************************** -set socket options on a open connection -****************************************************************************/ -void msrpc_sockopt(struct msrpc_state *msrpc, char *options) -{ - set_socket_options(msrpc->fd, options); -} - - -static BOOL msrpc_authenticate(struct msrpc_state *msrpc, - const struct user_creds *usr) -{ - struct msrpc_state msrpc_redir; - - int sock = msrpc->fd; - char *data; - prs_struct ps; - uint32 len; - char *in = msrpc->inbuf; - char *out = msrpc->outbuf; - uint16 command; - - command = usr != NULL ? AGENT_CMD_CON : AGENT_CMD_CON_ANON; - - if (!create_user_creds(&ps, msrpc->pipe_name, 0x0, command, usr)) - { - DEBUG(0,("could not parse credentials\n")); - close(sock); - return False; - } - - len = ps.offset; - data = mem_data(&ps.data, 0); - - SIVAL(data, 0, len); - -#ifdef DEBUG_PASSWORD - DEBUG(100,("data len: %d\n", len)); - dump_data(100, data, len); -#endif - - if (write(sock, data, len) <= 0) - { - DEBUG(0,("write failed\n")); - return False; - } - - if (msrpc->redirect) - { - len = read(sock, &msrpc_redir, sizeof(msrpc_redir)); - - if (len != sizeof(msrpc_redir)) - { - DEBUG(0,("read failed\n")); - return False; - } - - memcpy(msrpc, &msrpc_redir, sizeof(msrpc_redir)); - msrpc->inbuf = in; - msrpc->outbuf = out; - msrpc->fd = sock; - msrpc->usr.reuse = False; - } - else - { - uint32 status; - len = read(sock, &status, sizeof(status)); - - return len == sizeof(status) && status == 0x0; - } - return True; -} - -static BOOL msrpc_init_redirect(struct msrpc_state *msrpc, - const char* pipe_name, - const struct user_creds *usr) -{ - int sock; - fstring path; - - slprintf(path, sizeof(path)-1, "/tmp/.msrpc/.%s/agent", pipe_name); - - sock = open_pipe_sock(path); - - if (sock < 0) - { - return False; - } - - msrpc->fd = sock; - - if (!msrpc_authenticate(msrpc, usr)) - { - DEBUG(0,("authenticate failed\n")); - close(msrpc->fd); - msrpc->fd = -1; - return False; - } - - return True; -} - -BOOL msrpc_connect_auth(struct msrpc_state *msrpc, - const char* pipename, - const struct user_creds *usr) -{ - ZERO_STRUCTP(msrpc); - if (!msrpc_initialise(msrpc)) - { - DEBUG(0,("unable to initialise msrpcent connection.\n")); - return False; - } - - msrpc_init_creds(msrpc, usr); - - if (!msrpc_establish_connection(msrpc, pipename)) - { - msrpc_shutdown(msrpc); - return False; - } - - return True; -} - -/**************************************************************************** -initialise a msrpcent structure -****************************************************************************/ -struct msrpc_state *msrpc_initialise(struct msrpc_state *msrpc) -{ - if (!msrpc) { - msrpc = (struct msrpc_state *)malloc(sizeof(*msrpc)); - if (!msrpc) - return NULL; - ZERO_STRUCTP(msrpc); - } - - if (msrpc->initialised) { - msrpc_shutdown(msrpc); - } - - ZERO_STRUCTP(msrpc); - - msrpc->fd = -1; - msrpc->outbuf = (char *)malloc(CLI_BUFFER_SIZE+4); - msrpc->inbuf = (char *)malloc(CLI_BUFFER_SIZE+4); - if (!msrpc->outbuf || !msrpc->inbuf) - { - return False; - } - - msrpc->initialised = 1; - msrpc_init_creds(msrpc, NULL); - - return msrpc; -} - - -/**************************************************************************** -shutdown a msrpcent structure -****************************************************************************/ -void msrpc_shutdown(struct msrpc_state *msrpc) -{ - DEBUG(10,("msrpc_shutdown\n")); - if (msrpc->outbuf) - { - free(msrpc->outbuf); - } - if (msrpc->inbuf) - { - free(msrpc->inbuf); - } - msrpc_close_socket(msrpc); - memset(msrpc, 0, sizeof(*msrpc)); -} - -/**************************************************************************** -establishes a connection right up to doing tconX, reading in a password. -****************************************************************************/ -BOOL msrpc_establish_connection(struct msrpc_state *msrpc, - const char *pipe_name) -{ - DEBUG(5,("msrpc_establish_connection: connecting to %s (%s) - %s\n", - pipe_name, - msrpc->usr.ntc.user_name, msrpc->usr.ntc.domain)); - - /* establish connection */ - - if ((!msrpc->initialised)) - { - return False; - } - - if (msrpc->fd == -1 && msrpc->redirect) - { - if (msrpc_init_redirect(msrpc, pipe_name, &msrpc->usr)) - { - DEBUG(10,("msrpc_establish_connection: redirected OK\n")); - return True; - } - else - { - DEBUG(10,("redirect FAILED\n")); - return False; - } - } - if (msrpc->fd == -1) - { - if (!msrpc_connect(msrpc, pipe_name)) - { - DEBUG(1,("msrpc_establish_connection: failed %s)\n", - pipe_name)); - - return False; - } - } - - if (!msrpc_authenticate(msrpc, &msrpc->usr)) - { - DEBUG(0,("authenticate failed\n")); - close(msrpc->fd); - msrpc->fd = -1; - return False; - } - - return True; -} - diff --git a/source3/lib/msrpc_use.c b/source3/lib/msrpc_use.c deleted file mode 100644 index 193867e610..0000000000 --- a/source3/lib/msrpc_use.c +++ /dev/null @@ -1,321 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - SMB client generic functions - Copyright (C) Andrew Tridgell 1994-1999 - Copyright (C) Luke Kenneth Casson Leighton 1996-1999 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#define NO_SYSLOG - -#include "includes.h" -#include "trans2.h" - -extern int DEBUGLEVEL; -extern pstring scope; -extern pstring global_myname; - -struct msrpc_use -{ - struct msrpc_state *cli; - uint32 num_users; -}; - -static struct msrpc_use **msrpcs = NULL; -uint32 num_msrpcs = 0; - -/**************************************************************************** -terminate client connection -****************************************************************************/ -static void msrpc_use_free(struct msrpc_use *cli) -{ - if (cli->cli != NULL) - { - if (cli->cli->initialised) - { - msrpc_shutdown(cli->cli); - } - free(cli->cli); - } - - free(cli); -} - -/**************************************************************************** -free a client array -****************************************************************************/ -static void free_msrpc_array(uint32 num_entries, struct msrpc_use **entries) -{ - void(*fn)(void*) = (void(*)(void*))&msrpc_use_free; - free_void_array(num_entries, (void**)entries, *fn); -} - -/**************************************************************************** -add a client state to the array -****************************************************************************/ -static struct msrpc_use* add_msrpc_to_array(uint32 *len, - struct msrpc_use ***array, - struct msrpc_use *cli) -{ - int i; - for (i = 0; i < num_msrpcs; i++) - { - if (msrpcs[i] == NULL) - { - msrpcs[i] = cli; - return cli; - } - } - - return (struct msrpc_use*)add_item_to_array(len, - (void***)array, (void*)cli); - -} - -/**************************************************************************** -initiate client array -****************************************************************************/ -void init_msrpc_use(void) -{ - msrpcs = NULL; - num_msrpcs = 0; -} - -/**************************************************************************** -terminate client array -****************************************************************************/ -void free_msrpc_use(void) -{ - free_msrpc_array(num_msrpcs, msrpcs); - init_msrpc_use(); -} - -/**************************************************************************** -find client state. server name, user name, domain name and password must all -match. -****************************************************************************/ -static struct msrpc_use *msrpc_find(const char* pipe_name, - const struct user_creds *usr_creds) -{ - int i; - struct user_creds null_usr; - - copy_user_creds(&null_usr, usr_creds); - usr_creds = &null_usr; - - DEBUG(10,("msrpc_find: %s %s %s\n", - pipe_name, - usr_creds->ntc.user_name, - usr_creds->ntc.domain)); - - for (i = 0; i < num_msrpcs; i++) - { - char *msrpc_name = NULL; - struct msrpc_use *c = msrpcs[i]; - - if (c == NULL) continue; - - msrpc_name = c->cli->pipe_name; - - DEBUG(10,("msrpc_find[%d]: %s %s %s\n", - i, msrpc_name, - c->cli->usr.ntc.user_name, - c->cli->usr.ntc.domain)); - - if (!strequal(msrpc_name, pipe_name)) - { - continue; - } - if (!strequal(usr_creds->ntc.user_name, c->cli->usr.ntc.user_name)) - { - continue; - } - if (!usr_creds->reuse && - !pwd_compare(&usr_creds->ntc.pwd, &c->cli->usr.ntc.pwd)) - { - DEBUG(100,("password doesn't match\n")); - continue; - } - if (usr_creds->ntc.domain[0] == 0) - { - return c; - } - if (strequal(usr_creds->ntc.domain, c->cli->usr.ntc.domain)) - { - return c; - } - } - - return NULL; -} - -/**************************************************************************** -create a new client state from user credentials -****************************************************************************/ -static struct msrpc_use *msrpc_use_get(const char* pipe_name, - const struct user_creds *usr_creds) -{ - struct msrpc_use *cli = (struct msrpc_use*)malloc(sizeof(*cli)); - - if (cli == NULL) - { - return NULL; - } - - memset(cli, 0, sizeof(*cli)); - - cli->cli = msrpc_initialise(NULL); - - if (cli->cli == NULL) - { - return NULL; - } - - msrpc_init_creds(cli->cli, usr_creds); - - return cli; -} - -/**************************************************************************** -init client state -****************************************************************************/ -struct msrpc_state *msrpc_use_add(const char* pipe_name, - const struct user_creds *usr_creds, - BOOL redir) -{ - struct msrpc_use *cli = msrpc_find(pipe_name, usr_creds); - - if (cli != NULL) - { - cli->num_users++; - return cli->cli; - } - - /* reuse an existing connection requested, and one was not found */ - if (usr_creds != NULL && usr_creds->reuse && !redir) - { - return False; - } - - /* - * allocate - */ - - cli = msrpc_use_get(pipe_name, usr_creds); - cli->cli->redirect = redir; - - if (!msrpc_establish_connection(cli->cli, pipe_name)) - { - DEBUG(0,("msrpc_net_use_add: connection failed\n")); - cli->cli = NULL; - msrpc_use_free(cli); - return NULL; - } - - add_msrpc_to_array(&num_msrpcs, &msrpcs, cli); - cli->num_users++; - - return cli->cli; -} - -/**************************************************************************** -delete a client state -****************************************************************************/ -BOOL msrpc_use_del(const char* pipe_name, - const struct user_creds *usr_creds, - BOOL force_close, - BOOL *connection_closed) -{ - int i; - - DEBUG(10,("msrpc_net_use_del: %s. force close: %s\n", - pipe_name, BOOLSTR(force_close))); - - if (connection_closed != NULL) - { - *connection_closed = False; - } - - for (i = 0; i < num_msrpcs; i++) - { - char *msrpc_name = NULL; - - if (msrpcs[i] == NULL) continue; - if (msrpcs[i]->cli == NULL) continue; - - msrpc_name = msrpcs[i]->cli->pipe_name; - - if (!strequal(msrpc_name, pipe_name)) continue; - - if (strequal(usr_creds->ntc.user_name, - msrpcs[i]->cli->usr.ntc.user_name) && - strequal(usr_creds->ntc.domain, - msrpcs[i]->cli->usr.ntc.domain)) - { - /* decrement number of users */ - msrpcs[i]->num_users--; - - DEBUG(10,("idx: %i num_users now: %d\n", - i, msrpcs[i]->num_users)); - - if (force_close || msrpcs[i]->num_users == 0) - { - msrpc_use_free(msrpcs[i]); - msrpcs[i] = NULL; - if (connection_closed != NULL) - { - *connection_closed = True; - } - } - return True; - } - } - - return False; -} - -/**************************************************************************** -enumerate client states -****************************************************************************/ -void msrpc_net_use_enum(uint32 *num_cons, struct use_info ***use) -{ - int i; - - *num_cons = 0; - *use = NULL; - - for (i = 0; i < num_msrpcs; i++) - { - struct use_info item; - - ZERO_STRUCT(item); - - if (msrpcs[i] == NULL) continue; - - item.connected = msrpcs[i]->cli != NULL ? True : False; - - if (item.connected) - { - item.srv_name = msrpcs[i]->cli->pipe_name; - item.user_name = msrpcs[i]->cli->usr.ntc.user_name; - item.domain = msrpcs[i]->cli->usr.ntc.domain; - } - - add_use_info_to_array(num_cons, use, &item); - } -} - diff --git a/source3/lib/netmask.c b/source3/lib/netmask.c deleted file mode 100644 index 6d71058375..0000000000 --- a/source3/lib/netmask.c +++ /dev/null @@ -1,358 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - code to query kernel netmask - Copyright (C) Andrew Tridgell 1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - - -/* working out the netmask for an interface is an incredibly non-portable - thing. We have several possible implementations below, and autoconf - tries each of them to see what works - - Note that this file does _not_ include includes.h. That is so this code - can be called directly from the autoconf tests. That also means - this code cannot use any of the normal Samba debug stuff or defines. - This is standalone code. - -*/ - -#ifndef AUTOCONF -#include "config.h" -#endif - -#ifdef HAVE_NETMASK_IFCONF - -#include <stdio.h> -#include <unistd.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <arpa/inet.h> -#include <netdb.h> -#include <sys/ioctl.h> -#include <net/if.h> - -#ifndef SIOCGIFCONF -#include <sys/sockio.h> -#endif - -/* - * Prototype for gcc in fussy mode. - */ - -int get_netmask(struct in_addr *ipaddr, struct in_addr *nmask); - -/**************************************************************************** - get the netmask address for a local interface -****************************************************************************/ -int get_netmask(struct in_addr *ipaddr, struct in_addr *nmask) -{ - struct ifconf ifc; - char buff[2048]; - int fd, i, n; - struct ifreq *ifr=NULL; - - if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) { -#ifdef DEBUG - fprintf(stderr,"socket failed\n"); -#endif - return -1; - } - - ifc.ifc_len = sizeof(buff); - ifc.ifc_buf = buff; - if (ioctl(fd, SIOCGIFCONF, &ifc) != 0) { -#ifdef DEBUG - fprintf(stderr,"SIOCGIFCONF failed\n"); -#endif - close(fd); - return -1; - } - - ifr = ifc.ifc_req; - - n = ifc.ifc_len / sizeof(struct ifreq); - -#ifdef DEBUG - fprintf(stderr,"%d interfaces - looking for %s\n", - n, inet_ntoa(*ipaddr)); -#endif - - /* Loop through interfaces, looking for given IP address */ - for (i=n-1;i>=0;i--) { - if (ioctl(fd, SIOCGIFADDR, &ifr[i]) != 0) { -#ifdef DEBUG - fprintf(stderr,"SIOCGIFADDR failed\n"); -#endif - continue; - } - -#ifdef DEBUG - fprintf(stderr,"interface %s\n", - inet_ntoa((*(struct sockaddr_in *)&ifr[i].ifr_addr).sin_addr)); -#endif - if (ipaddr->s_addr != - (*(struct sockaddr_in *)&ifr[i].ifr_addr).sin_addr.s_addr) { - continue; - } - - if (ioctl(fd, SIOCGIFNETMASK, &ifr[i]) != 0) { -#ifdef DEBUG - fprintf(stderr,"SIOCGIFNETMASK failed\n"); -#endif - close(fd); - return -1; - } - close(fd); - (*nmask) = ((struct sockaddr_in *)&ifr[i].ifr_addr)->sin_addr; -#ifdef DEBUG - fprintf(stderr,"netmask %s\n", inet_ntoa(*nmask)); -#endif - return 0; - } - -#ifdef DEBUG - fprintf(stderr,"interface not found\n"); -#endif - - close(fd); - return -1; -} - -#elif defined(HAVE_NETMASK_IFREQ) - -#include <stdio.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <arpa/inet.h> -#include <netdb.h> -#include <sys/ioctl.h> -#include <net/if.h> - -#ifndef SIOCGIFCONF -#include <sys/sockio.h> -#endif - -#ifndef I_STR -#include <sys/stropts.h> -#endif - - -/**************************************************************************** -this should cover most of the rest of systems -****************************************************************************/ - int get_netmask(struct in_addr *ipaddr, struct in_addr *nmask) -{ - struct ifreq ifreq; - struct strioctl strioctl; - struct ifconf *ifc; - char buff[2048]; - int fd, i, n; - struct ifreq *ifr=NULL; - - if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) { -#ifdef DEBUG - fprintf(stderr,"socket failed\n"); -#endif - return -1; - } - - ifc = (struct ifconf *)buff; - ifc->ifc_len = BUFSIZ - sizeof(struct ifconf); - strioctl.ic_cmd = SIOCGIFCONF; - strioctl.ic_dp = (char *)ifc; - strioctl.ic_len = sizeof(buff); - if (ioctl(fd, I_STR, &strioctl) < 0) { -#ifdef DEBUG - fprintf(stderr,"SIOCGIFCONF failed\n"); -#endif - close(fd); - return -1; - } - - ifr = (struct ifreq *)ifc->ifc_req; - - /* Loop through interfaces, looking for given IP address */ - n = ifc->ifc_len / sizeof(struct ifreq); - - for (i = 0; i<n; i++, ifr++) { -#ifdef DEBUG - fprintf(stderr,"interface %s\n", - inet_ntoa((*(struct sockaddr_in *)&ifr->ifr_addr).sin_addr.s_addr)); -#endif - if (ipaddr->s_addr == - (*(struct sockaddr_in *) &ifr->ifr_addr).sin_addr.s_addr) { - break; - } - } - -#ifdef DEBUG - if (i == n) { - fprintf(stderr,"interface not found\n"); - close(fd); - return -1; - } -#endif - - ifreq = *ifr; - - strioctl.ic_cmd = SIOCGIFNETMASK; - strioctl.ic_dp = (char *)&ifreq; - strioctl.ic_len = sizeof(struct ifreq); - if (ioctl(fd, I_STR, &strioctl) != 0) { -#ifdef DEBUG - fprintf(stderr,"Failed SIOCGIFNETMASK\n"); -#endif - close(fd); - return -1; - } - - close(fd); - *nmask = ((struct sockaddr_in *)&ifreq.ifr_addr)->sin_addr; -#ifdef DEBUG - fprintf(stderr,"netmask %s\n", inet_ntoa(*nmask)); -#endif - return 0; -} - -#elif defined(HAVE_NETMASK_AIX) - -#include <stdio.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <arpa/inet.h> -#include <netdb.h> -#include <sys/ioctl.h> -#include <net/if.h> - -#ifndef SIOCGIFCONF -#include <sys/sockio.h> -#endif - -/**************************************************************************** -this one is for AIX -****************************************************************************/ - int get_netmask(struct in_addr *ipaddr, struct in_addr *nmask) -{ - char buff[2048]; - int fd, i, n; - struct ifconf ifc; - struct ifreq *ifr=NULL; - - if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) { -#ifdef DEBUG - fprintf(stderr,"socket failed\n"); -#endif - return -1; - } - - - ifc.ifc_len = sizeof(buff); - ifc.ifc_buf = buff; - - if (ioctl(fd, SIOCGIFCONF, &ifc) != 0) { -#ifdef DEBUG - fprintf(stderr,"SIOCGIFCONF failed\n"); -#endif - close(fd); - return -1; - } - - ifr = ifc.ifc_req; - /* Loop through interfaces, looking for given IP address */ - i = ifc.ifc_len; - while (i > 0) { -#ifdef DEBUG - fprintf(stderr,"interface %s\n", - inet_ntoa((*(struct sockaddr_in *)&ifr->ifr_addr).sin_addr)); -#endif - if (ipaddr->s_addr == - (*(struct sockaddr_in *) &ifr->ifr_addr).sin_addr.s_addr) { - break; - } - i -= ifr->ifr_addr.sa_len + IFNAMSIZ; - ifr = (struct ifreq*) ((char*) ifr + ifr->ifr_addr.sa_len + - IFNAMSIZ); - } - - -#ifdef DEBUG - if (i <= 0) { - fprintf(stderr,"interface not found\n"); - close(fd); - return -1; - } -#endif - - if (ioctl(fd, SIOCGIFNETMASK, ifr) != 0) { -#ifdef DEBUG - fprintf(stderr,"SIOCGIFNETMASK failed\n"); -#endif - close(fd); - return -1; - } - - close(fd); - - (*nmask) = ((struct sockaddr_in *)&ifr->ifr_addr)->sin_addr; -#ifdef DEBUG - fprintf(stderr,"netmask %s\n", inet_ntoa(*nmask)); -#endif - return 0; -} - -#else /* a dummy version */ -struct in_addr; /* it may not have been declared before */ - int get_netmask(struct in_addr *ipaddr, struct in_addr *nmask) -{ - return -1; -} -#endif - - -#ifdef AUTOCONF -/* this is the autoconf driver to test get_netmask() */ - - main() -{ - char buf[1024]; - struct hostent *hp; - struct in_addr ip, nmask; - - if (gethostname(buf, sizeof(buf)-1) != 0) { - fprintf(stderr,"gethostname failed\n"); - exit(1); - } - - hp = gethostbyname(buf); - - if (!hp) { - fprintf(stderr,"gethostbyname failed\n"); - exit(1); - } - - memcpy((char *)&ip, (char *)hp->h_addr, hp->h_length); - - if (get_netmask(&ip, &nmask) == 0) exit(0); - - fprintf(stderr,"get_netmask failed\n"); - exit(1); -} -#endif diff --git a/source3/lib/passcheck.c b/source3/lib/passcheck.c deleted file mode 100644 index bec6455059..0000000000 --- a/source3/lib/passcheck.c +++ /dev/null @@ -1,289 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Password and authentication handling - Copyright (C) Andrew Tridgell 1992-1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -extern int DEBUGLEVEL; -extern int Protocol; - -extern pstring scope; -extern pstring global_myname; -extern fstring global_myworkgroup; - - - -/**************************************************************************** -core of smb password checking routine. -****************************************************************************/ -static BOOL smb_pwd_check_ntlmv1(char *password, unsigned char *part_passwd, - unsigned char *c8, - uchar user_sess_key[16]) -{ - /* Finish the encryption of part_passwd. */ - unsigned char p24[24]; - - if (part_passwd == NULL) - DEBUG(10,("No password set - allowing access\n")); - /* No password set - always true ! */ - if (part_passwd == NULL) - return True; - - SMBOWFencrypt(part_passwd, c8, p24); - if (user_sess_key != NULL) - { - SMBsesskeygen_ntv1(part_passwd, NULL, user_sess_key); - } - -#if DEBUG_PASSWORD - DEBUG(100,("Part password (P16) was |")); - dump_data(100, part_passwd, 16); - DEBUG(100,("Password from client was |")); - dump_data(100, password, 24); - DEBUG(100,("Given challenge was |")); - dump_data(100, c8, 8); - DEBUG(100,("Value from encryption was |")); - dump_data(100, p24, 24); -#endif - return (memcmp(p24, password, 24) == 0); -} - -/**************************************************************************** -core of smb password checking routine. -****************************************************************************/ -static BOOL smb_pwd_check_ntlmv2(char *password, size_t pwd_len, - unsigned char *part_passwd, - unsigned char const *c8, - const char *user, const char *domain, - char *user_sess_key) -{ - /* Finish the encryption of part_passwd. */ - unsigned char kr[16]; - unsigned char resp[16]; - - if (part_passwd == NULL) - { - DEBUG(10,("No password set - allowing access\n")); - } - /* No password set - always true ! */ - if (part_passwd == NULL) - { - return True; - } - - ntv2_owf_gen(part_passwd, user, domain, kr); - SMBOWFencrypt_ntv2(kr, c8, 8, password+16, pwd_len-16, resp); - if (user_sess_key != NULL) - { - SMBsesskeygen_ntv2(kr, resp, user_sess_key); - } - -#if DEBUG_PASSWORD - DEBUG(100,("Part password (P16) was |")); - dump_data(100, part_passwd, 16); - DEBUG(100,("Password from client was |")); - dump_data(100, password, pwd_len); - DEBUG(100,("Given challenge was |")); - dump_data(100, c8, 8); - DEBUG(100,("Value from encryption was |")); - dump_data(100, resp, 16); -#endif - - return (memcmp(resp, password, 16) == 0); -} - -/**************************************************************************** - Do a specific test for an smb password being correct, given a smb_password and - the lanman and NT responses. -****************************************************************************/ -BOOL smb_password_ok(struct smb_passwd *smb_pass, uchar challenge[8], - const char *user, const char *domain, - uchar *lm_pass, size_t lm_pwd_len, - uchar *nt_pass, size_t nt_pwd_len, - uchar user_sess_key[16]) -{ - if (smb_pass == NULL) - { - return False; - } - - DEBUG(4,("Checking SMB password for user %s\n", - smb_pass->unix_name)); - - if (smb_pass->acct_ctrl & ACB_DISABLED) - { - DEBUG(3,("account for user %s was disabled.\n", - smb_pass->unix_name)); - return False; - } - - if (challenge == NULL) - { - DEBUG(1,("no challenge available - password failed\n")); - return False; - } - - if ((Protocol >= PROTOCOL_NT1) && (smb_pass->smb_nt_passwd != NULL)) - { - /* We have the NT MD4 hash challenge available - see if we can - use it (ie. does it exist in the smbpasswd file). - */ - if (lp_server_ntlmv2() != False && nt_pwd_len > 24) - { - DEBUG(4,("smb_password_ok: Check NTLMv2 password\n")); - if (smb_pwd_check_ntlmv2(nt_pass, nt_pwd_len, - (uchar *)smb_pass->smb_nt_passwd, - challenge, user, domain, - user_sess_key)) - { - return True; - } - } - if (lp_server_ntlmv2() != True && nt_pwd_len == 24) - { - DEBUG(4,("smb_password_ok: Check NT MD4 password\n")); - if (smb_pwd_check_ntlmv1((char *)nt_pass, - (uchar *)smb_pass->smb_nt_passwd, - challenge, - user_sess_key)) - { - DEBUG(4,("NT MD4 password check succeeded\n")); - return True; - } - } - DEBUG(4,("NT MD4 password check failed\n")); - } - - if (lp_server_ntlmv2() == True) - { - DEBUG(4,("Not checking LM MD4 password\n")); - return False; - } - - /* Try against the lanman password. smb_pass->smb_passwd == NULL means - no password, allow access. */ - - DEBUG(4,("Checking LM MD4 password\n")); - - if ((smb_pass->smb_passwd == NULL) && - (smb_pass->acct_ctrl & ACB_PWNOTREQ)) - { - DEBUG(4,("no password required for user %s\n", - smb_pass->unix_name)); - return True; - } - - if ((smb_pass->smb_passwd != NULL) && - smb_pwd_check_ntlmv1((char *)lm_pass, - (uchar *)smb_pass->smb_passwd, - challenge, NULL)) - { - DEBUG(4,("LM MD4 password check succeeded\n")); - return(True); - } - - DEBUG(4,("LM MD4 password check failed\n")); - - return False; -} - - -/**************************************************************************** -check if a username/password is OK assuming the password is a 24 byte -SMB hash -return True if the password is correct, False otherwise -****************************************************************************/ -BOOL pass_check_smb(struct smb_passwd *smb_pass, char *domain, uchar *chal, - uchar *lm_pwd, size_t lm_pwd_len, - uchar *nt_pwd, size_t nt_pwd_len, - struct passwd *pwd, uchar user_sess_key[16]) -{ - const struct passwd *pass; - struct passwd pw; - char *user = NULL; - - if (smb_pass == NULL) - { - DEBUG(3,("Couldn't find user %s in smb_passwd file.\n", user)); - return False; - } - - user = smb_pass->unix_name; - - if (lm_pwd == NULL || nt_pwd == NULL) - { - return False; - } - - if (pwd != NULL && user == NULL) - { - pass = (struct passwd *) pwd; - user = pass->pw_name; - } - else - { - pass = Get_Pwnam(user,True); - if (pass == NULL) - { - DEBUG(3,("Couldn't find user %s\n",user)); - return False; - } - memcpy(&pw, pass, sizeof(struct passwd)); - pass = &pw; - } - - /* Quit if the account was disabled. */ - if (smb_pass->acct_ctrl & ACB_DISABLED) { - DEBUG(3,("account for user %s was disabled.\n", user)); - return False; - } - - /* Ensure the uid's match */ - if (smb_pass->unix_uid != pass->pw_uid) - { - DEBUG(3,("Error : UNIX (%d) and SMB (%d) uids in password files do not match !\n", pass->pw_uid, smb_pass->unix_uid)); - return False; - } - - if (lm_pwd[0] == '\0' && IS_BITS_SET_ALL(smb_pass->acct_ctrl, ACB_PWNOTREQ) && lp_null_passwords()) - { - DEBUG(3,("account for user %s has no password and null passwords are allowed.\n", smb_pass->unix_name)); - return(True); - } - - if (smb_password_ok(smb_pass, chal, user, domain, - lm_pwd, lm_pwd_len, - nt_pwd, nt_pwd_len, - user_sess_key)) - { - if (user_sess_key != NULL) - { -#ifdef DEBUG_PASSWORD - DEBUG(100,("user session key: ")); - dump_data(100, user_sess_key, 16); -#endif - } - return(True); - } - - DEBUG(3,("Error pass_check_smb failed\n")); - return False; -} - diff --git a/source3/lib/sids.c b/source3/lib/sids.c deleted file mode 100644 index 712eef8a0d..0000000000 --- a/source3/lib/sids.c +++ /dev/null @@ -1,523 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Samba utility functions - Copyright (C) Andrew Tridgell 1992-1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - - -extern int DEBUGLEVEL; -extern pstring scope; -extern pstring global_myname; - -/* - * This is set on startup - it defines the SID for this - * machine, and therefore the SAM database for which it is - * responsible. - */ - -DOM_SID global_sam_sid; - -/* - * This is the name associated with the SAM database for - * which this machine is responsible. In the case of a PDC - * or PDC, this name is the same as the workgroup. In the - * case of "security = domain" mode, this is the same as - * the name of the server (global_myname). - */ - -fstring global_sam_name; - -/* - * This is obtained on startup - it defines the SID for which - * this machine is a member. It is therefore only set, and - * used, in "security = domain" mode. - */ - -DOM_SID global_member_sid; - -/* - * note the lack of a "global_member_name" - this is because - * this is the same as "global_myworkgroup". - */ - -extern fstring global_myworkgroup; -/* fstring global_member_dom_name; */ - -/* - * some useful sids - */ - -DOM_SID global_sid_S_1_5_20; /* local well-known domain */ -DOM_SID global_sid_S_1_1; /* everyone */ -DOM_SID global_sid_S_1_3; /* Creator Owner */ -DOM_SID global_sid_S_1_5; /* NT Authority */ - -struct sid_map -{ - DOM_SID *sid; - char *name; - -}; - -struct sid_map static_sid_name_map[] = -{ - { &global_sid_S_1_5_20, "BUILTIN" }, - { &global_sid_S_1_1 , "Everyone" }, - { &global_sid_S_1_3 , "Creator Owner" }, - { &global_sid_S_1_5 , "NT Authority" }, - { &global_sam_sid , global_sam_name }, - { &global_member_sid , global_myworkgroup }, - { NULL , NULL } -}; - -struct sid_map **sid_name_map = NULL; -uint32 num_maps = 0; - -static struct sid_map *sid_map_dup(const struct sid_map *from) -{ - if (from != NULL) - { - struct sid_map *copy = (struct sid_map *) - malloc(sizeof(struct sid_map)); - if (copy != NULL) - { - ZERO_STRUCTP(copy); - if (from->name != NULL) - { - copy->name = strdup(from->name ); - } - if (from->sid != NULL) - { - copy->sid = sid_dup(from->sid); - } - } - return copy; - } - return NULL; -} - -static void sid_map_free(struct sid_map *map) -{ - if (map->name != NULL) - { - free(map->name); - } - if (map->sid != NULL) - { - free(map->sid); - } - free(map); -} - -/**************************************************************************** -free a sid map array -****************************************************************************/ -static void free_sidmap_array(uint32 num_entries, struct sid_map **entries) -{ - void(*fn)(void*) = (void(*)(void*))&sid_map_free; - free_void_array(num_entries, (void**)entries, *fn); -} - -/**************************************************************************** -add a sid map state to the array -****************************************************************************/ -struct sid_map* add_sidmap_to_array(uint32 *len, struct sid_map ***array, - const struct sid_map *name) -{ - void*(*fn)(const void*) = (void*(*)(const void*))&sid_map_dup; - return (struct sid_map*)add_copy_to_array(len, - (void***)array, (const void*)name, *fn, False); - -} -/**************************************************************************** - sets up the name associated with the SAM database for which we are responsible -****************************************************************************/ -void get_sam_domain_name(void) -{ - switch (lp_server_role()) - { - case ROLE_DOMAIN_PDC: - case ROLE_DOMAIN_BDC: - { - /* we are PDC (or BDC) for a Domain */ - fstrcpy(global_sam_name, lp_workgroup()); - break; - } - case ROLE_DOMAIN_MEMBER: - { - /* we are a "PDC", but FOR LOCAL SAM DATABASE ONLY */ - fstrcpy(global_sam_name, global_myname); - break; - } - default: - { - /* no domain role, probably due to "security = share" */ - memset(global_sam_name, 0, sizeof(global_sam_name)); - break; - } - } -} - -/**************************************************************************** - obtain the sid from the PDC. -****************************************************************************/ -BOOL get_member_domain_sid(void) -{ - switch (lp_server_role()) - { - case ROLE_DOMAIN_NONE: - { - ZERO_STRUCT(global_member_sid); - return True; - } - case ROLE_DOMAIN_PDC: - { - sid_copy(&global_member_sid, &global_sam_sid); - return True; - } - default: - { - /* member or BDC, we're going for connection to PDC */ - break; - } - } - - return get_domain_sids(lp_workgroup(), NULL, &global_member_sid); -} - - -/**************************************************************************** - creates some useful well known sids -****************************************************************************/ -void generate_wellknown_sids(void) -{ - string_to_sid(&global_sid_S_1_5_20, "S-1-5-32"); - string_to_sid(&global_sid_S_1_1 , "S-1-1" ); - string_to_sid(&global_sid_S_1_3 , "S-1-3" ); - string_to_sid(&global_sid_S_1_5 , "S-1-5" ); -} - -/**************************************************************************** - create a sid map table -****************************************************************************/ -BOOL create_sidmap_table(void) -{ - int i; - char **doms = NULL; - uint32 num_doms = 0; - - for (i = 0; static_sid_name_map[i].name != NULL; i++) - { - add_sidmap_to_array(&num_maps, &sid_name_map, - &static_sid_name_map[i]); - } - - enumtrustdoms(&doms, &num_doms); - - for (i = 0; i < num_doms; i++) - { - struct sid_map map; - DOM_SID sid; - - map.name = doms[i]; - map.sid = &sid; - - if (!read_sid(map.name, map.sid)) - { - DEBUG(0,("Could not read Domain SID %s\n", map.name)); - return False; - } - add_sidmap_to_array(&num_maps, &sid_name_map, &map); - } - - - for (i = 0; i < num_maps; i++) - { - fstring sidstr; - sid_to_string(sidstr, sid_name_map[i]->sid); - DEBUG(10,("Map:\tDomain:\t%s\tSID:\t%s\n", - sid_name_map[i]->name, sidstr)); - } - - - free_char_array(num_doms, doms); - - return True; -} - -/**************************************************************************** - Generate the global machine sid. Look for the DOMAINNAME.SID file first, if - not found then look in smb.conf and use it to create the DOMAINNAME.SID file. -****************************************************************************/ -BOOL generate_sam_sid(char *domain_name, DOM_SID *sid) -{ - char *p; - pstring sid_file; - pstring machine_sid_file; - fstring file_name; - - pstrcpy(sid_file, lp_smb_passwd_file()); - - if (sid_file[0] == 0) - { - DEBUG(0,("cannot find smb passwd file\n")); - return False; - } - - p = strrchr(sid_file, '/'); - if (p != NULL) - { - *++p = '\0'; - } - - if (!directory_exist(sid_file, NULL)) { - if (mkdir(sid_file, 0700) != 0) { - DEBUG(0,("can't create private directory %s : %s\n", - sid_file, strerror(errno))); - return False; - } - } - - pstrcpy(machine_sid_file, sid_file); - pstrcat(machine_sid_file, "MACHINE.SID"); - - slprintf(file_name, sizeof(file_name)-1, "%s.SID", domain_name); - strupper(file_name); - pstrcat(sid_file, file_name); - - if (file_exist(machine_sid_file, NULL)) - { - if (file_exist(sid_file, NULL)) - { - DEBUG(0,("both %s and %s exist when only one should, unable to continue\n", - machine_sid_file, sid_file)); - return False; - } - if (file_rename(machine_sid_file, sid_file)) - { - DEBUG(0,("could not rename %s to %s. Error was %s\n", - machine_sid_file, sid_file, strerror(errno))); - return False; - } - } - - /* attempt to read the SID from the file */ - if (read_sid(domain_name, sid)) - { - return True; - } - - if (!create_new_sid(sid)) - { - return False; - } - /* attempt to read the SID from the file */ - if (!write_sid(domain_name, sid)) - { - return True; - } - - /* during the attempt to write, someone else wrote? */ - - /* attempt to read the SID from the file */ - if (read_sid(domain_name, sid)) - { - return True; - } - - return True; -} - -/************************************************************************** - turns a domain name into a SID. - - *** side-effect: if the domain name is NULL, it is set to our domain *** - -***************************************************************************/ -BOOL map_domain_name_to_sid(DOM_SID *sid, char **nt_domain) -{ - int i = 0; - - if (nt_domain == NULL) - { - sid_copy(sid, &global_sam_sid); - return True; - } - - if ((*nt_domain) == NULL) - { - DEBUG(5,("map_domain_name_to_sid: overriding NULL name to %s\n", - global_sam_name)); - (*nt_domain) = strdup(global_sam_name); - sid_copy(sid, &global_sam_sid); - return True; - } - - if ((*nt_domain)[0] == 0) - { - free(*nt_domain); - (*nt_domain) = strdup(global_sam_name); - DEBUG(5,("map_domain_name_to_sid: overriding blank name to %s\n", - (*nt_domain))); - sid_copy(sid, &global_sam_sid); - return True; - } - - DEBUG(5,("map_domain_name_to_sid: %s\n", (*nt_domain))); - - for (i = 0; sid_name_map[i]->name != NULL; i++) - { - DEBUG(5,("compare: %s\n", sid_name_map[i]->name)); - if (strequal(sid_name_map[i]->name, (*nt_domain))) - { - fstring sid_str; - sid_copy(sid, sid_name_map[i]->sid); - sid_to_string(sid_str, sid_name_map[i]->sid); - DEBUG(5,("found %s\n", sid_str)); - return True; - } - } - - DEBUG(0,("map_domain_name_to_sid: mapping to %s NOT IMPLEMENTED\n", - (*nt_domain))); - return False; -} - -/************************************************************************** - turns a domain SID into a name. - -***************************************************************************/ -BOOL map_domain_sid_to_name(DOM_SID *sid, char *nt_domain) -{ - fstring sid_str; - int i = 0; - sid_to_string(sid_str, sid); - - DEBUG(5,("map_domain_sid_to_name: %s\n", sid_str)); - - if (nt_domain == NULL) - { - return False; - } - - for (i = 0; sid_name_map[i]->sid != NULL; i++) - { - sid_to_string(sid_str, sid_name_map[i]->sid); - DEBUG(5,("compare: %s\n", sid_str)); - if (sid_equal(sid_name_map[i]->sid, sid)) - { - fstrcpy(nt_domain, sid_name_map[i]->name); - DEBUG(5,("found %s\n", nt_domain)); - return True; - } - } - - DEBUG(0,("map_domain_sid_to_name: mapping NOT IMPLEMENTED\n")); - - return False; -} -/************************************************************************** - turns a domain SID into a domain controller name. -***************************************************************************/ -BOOL map_domain_sid_to_any_dc(DOM_SID *sid, char *dc_name) -{ - fstring domain; - - if (!map_domain_sid_to_name(sid, domain)) - { - return False; - } - - return get_any_dc_name(domain, dc_name); -} - -/************************************************************************** - splits a name of format \DOMAIN\name or name into its two components. - sets the DOMAIN name to global_sam_name if it has not been specified. -***************************************************************************/ -BOOL split_domain_name(const char *fullname, char *domain, char *name) -{ - fstring full_name; - char *p; - - if (fullname == NULL || domain == NULL || name == NULL) - { - return False; - } - - if (fullname[0] == '\\') - { - fullname++; - } - fstrcpy(full_name, fullname); - p = strchr(full_name+1, '\\'); - - if (p != NULL) - { - *p = 0; - fstrcpy(domain, full_name); - fstrcpy(name, p+1); - } - else - { - fstrcpy(domain, global_sam_name); - fstrcpy(name, full_name); - } - - DEBUG(10,("name '%s' split into domain:%s and nt name:%s'\n", fullname, domain, name)); - return True; -} - -/************************************************************************** - enumerates all trusted domains -***************************************************************************/ -BOOL enumtrustdoms(char ***doms, uint32 *num_entries) -{ - fstring tmp; - char *tok; - - /* add trusted domains */ - - tok = lp_trusted_domains(); - if (next_token(&tok, tmp, NULL, sizeof(tmp))) - { - do - { - fstring domain; - split_at_first_component(tmp, domain, '=', NULL); - add_chars_to_array(num_entries, doms, domain); - - } while (next_token(NULL, tmp, NULL, sizeof(tmp))); - } - - return True; -} - -/************************************************************************** - enumerates all domains for which the SAM server is responsible -***************************************************************************/ -BOOL enumdomains(char ***doms, uint32 *num_entries) -{ - add_chars_to_array(num_entries, doms, global_sam_name); - add_chars_to_array(num_entries, doms, "Builtin"); - - return True; -} - diff --git a/source3/lib/streams.c b/source3/lib/streams.c deleted file mode 100644 index 8e6ad9f53a..0000000000 --- a/source3/lib/streams.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Samba utility functions - Copyright (C) Andrew Tridgell 1992-1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "MacExtensions.h" - -extern int DEBUGLEVEL; - -/* -** Given a path to file/directory build a path to the stream in question. -** If it is not a directory they place the .streams folder after the last -** slash then add the filename with the stream cat on. If it is a directory -** then just cat the .streams folder and the stream on it. If mode is true -** then force the .streams directory to be created. -** -** Some examples. -** input:: -** fname = folder1/folder2/filea -** stream = :AFP_Resource:$DATA the resource fork -** isDir = False -** output:: -** streampath = folder1/folder2/.streams/filea:AFP_Resource:$DATA -** -** input:: -** fname = folder1/folder2 -** stream = :AFP_AfpInfo:$DATA the Finder Info -** isDir = True -** output:: -** streampath = folder1/folder2/.streams/:AFP_Resource:$DATA -** -*/ -void makestreampath(char *fname, char *stream, char *streampath, int mode, int isDir, int dirOnly) -{ - char *cptr; - - pstrcpy(streampath, fname); - if (!isDir) - { - cptr = strrchr(streampath, '/'); - if (cptr) *(cptr+1) = 0; - else streampath[0] = 0; - } - else - if (streampath[0] == 0) /* Start at the current position */ - pstrcat(streampath, "./"); - else pstrcat(streampath, "/"); - - pstrcat(streampath, STREAM_FOLDER_SLASH); - if (mode) - (void)mkdir(streampath, 0777); - if (! dirOnly) - { - cptr = strrchr(fname, '/'); - if (!isDir) - { - cptr = strrchr(fname, '/'); - if (cptr) pstrcat(streampath, cptr+1); - else pstrcat(streampath, fname); - } - pstrcat(streampath, stream); - } - DEBUG(4,("MACEXTENSION-makestreampath: streampath = %s\n", streampath)); -} - -/* -** Given a path to file/directory open the stream in question. -*/ -int openstream(char *fname, char *stream, int oflag, int mode, int isDir) -{ - pstring streampath; - char *cptr; - - makestreampath(fname, stream, streampath, mode, isDir, False); - return(open(streampath, oflag, mode)); -} - -/* -** Fill in the AFP structure with the default values and -** then write it out. -*/ -void writedefaultafp(int fd, SambaAfpInfo *safp, int writeit) -{ - safp->afp.afpi_Signature = AFP_Signature; /* Must be *(PDWORD)"AFP" */ - safp->afp.afpi_Version = AFP_Version; /* Must be 0x00010000 */ - safp->afp.afpi_Reserved1 = 0; - safp->afp.afpi_BackupTime = AFP_BackupTime; /* Backup time for the file/dir */ - bzero(safp->afp.afpi_FinderInfo, AFP_FinderSize); /* Finder Info (32 bytes) */ - bzero(safp->afp.afpi_ProDosInfo, 6); /* ProDos Info (6 bytes) # */ - bzero(safp->afp.afpi_Reserved2, 6); - safp->createtime = time(NULL); - if (writeit) (void)write(fd, safp, sizeof(*safp)); -} - -/* -** Check to see if the fname has a stream component. -** If it does then check to see if it is the data fork -** stream. If so then just remove the stream since we -** treat them the same otherwise build a path to the -** streams folder. -** Return true if it is a stream -** Return false no stream and the name has not been touched. -*/ -int CheckForStream(char *fname) -{ - pstring streampath; - char *cptr; - - cptr = strrchr(fname, ':'); - /* Must be a streams file */ - if (cptr && strequal(cptr, DefaultStreamTest)) - { - cptr = strstr(fname, AFPDATA_STREAM); - if (cptr) *cptr = 0;/* The datafork just remove the stream name */ - else /* Build the streams path */ - { - makestreampath(fname, "", streampath, 1, False, False); - pstrcpy(fname, streampath); - } - return(True); - } - return(False); -} diff --git a/source3/lib/unix_sec_ctxt.c b/source3/lib/unix_sec_ctxt.c deleted file mode 100644 index ead1f3c6d3..0000000000 --- a/source3/lib/unix_sec_ctxt.c +++ /dev/null @@ -1,303 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - uid/user handling - Copyright (C) Andrew Tridgell 1992-1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -extern int DEBUGLEVEL; - -static uid_t initial_uid; -static gid_t initial_gid; - -/* what context is current */ -struct unix_sec_ctxt curr_ctxt; - -/**************************************************************************** -initialise the security context routines -****************************************************************************/ -void init_sec_ctxt(void) -{ - initial_uid = curr_ctxt.uid = geteuid(); - initial_gid = curr_ctxt.gid = getegid(); - - if (initial_gid != 0 && initial_uid == 0) { -#ifdef HAVE_SETRESUID - setresgid(0,0,0); -#else - setgid(0); - setegid(0); -#endif - } - - initial_uid = geteuid(); - initial_gid = getegid(); -} - - -/**************************************************************************** - become the specified uid -****************************************************************************/ -static BOOL become_uid(uid_t uid) -{ - if (initial_uid != 0) - { - return(True); - } - - if (uid == (uid_t)-1 || ((sizeof(uid_t) == 2) && (uid == (uid_t)65535))) - { - static int done; - if (!done) { - DEBUG(1,("WARNING: using uid %d is a security risk\n",(int)uid)); - done=1; - } - } - -#ifdef HAVE_TRAPDOOR_UID -#ifdef HAVE_SETUIDX - /* AIX3 has setuidx which is NOT a trapoor function (tridge) */ - if (setuidx(ID_EFFECTIVE, uid) != 0) { - if (seteuid(uid) != 0) { - DEBUG(1,("Can't set uid %d (setuidx)\n", (int)uid)); - return False; - } - } -#endif -#endif - -#ifdef HAVE_SETRESUID - if (setresuid(-1,uid,-1) != 0) -#else - if ((seteuid(uid) != 0) && - (setuid(uid) != 0)) -#endif - { - DEBUG(0,("Couldn't set uid %d currently set to (%d,%d)\n", - (int)uid,(int)getuid(), (int)geteuid())); - if (uid > (uid_t)32000) { - DEBUG(0,("Looks like your OS doesn't like high uid values - try using a different account\n")); - } - return(False); - } - - if (((uid == (uid_t)-1) || ((sizeof(uid_t) == 2) && (uid == 65535))) && (geteuid() != uid)) - { - DEBUG(0,("Invalid uid -1. perhaps you have a account with uid 65535?\n")); - return(False); - } - - curr_ctxt.uid = uid; - - return(True); -} - - -/**************************************************************************** - become the specified gid -****************************************************************************/ -static BOOL become_gid(gid_t gid) -{ - if (initial_uid != 0) - return(True); - - if (gid == (gid_t)-1 || ((sizeof(gid_t) == 2) && (gid == (gid_t)65535))) { - DEBUG(1,("WARNING: using gid %d is a security risk\n",(int)gid)); - } - -#ifdef HAVE_SETRESUID - if (setresgid(-1,gid,-1) != 0) -#else - if (setgid(gid) != 0) -#endif - { - DEBUG(0,("Couldn't set gid %d currently set to (%d,%d)\n", - (int)gid,(int)getgid(),(int)getegid())); - if (gid > 32000) { - DEBUG(0,("Looks like your OS doesn't like high gid values - try using a different account\n")); - } - return(False); - } - - curr_ctxt.gid = gid; - - return(True); -} - - -/**************************************************************************** - become the user of a connection number -****************************************************************************/ -BOOL become_unix_sec_ctxt(struct unix_sec_ctxt const *ctxt) -{ - if (curr_ctxt.uid == ctxt->uid) - { - DEBUG(4,("Skipping become_unix_sec_ctxt - already user\n")); - return(True); - } - - unbecome_unix_sec_ctxt(); - - curr_ctxt.ngroups = ctxt->ngroups; - curr_ctxt.groups = ctxt->groups; - curr_ctxt.name = ctxt->name; - - if (initial_uid == 0) - { - if (!become_uid(ctxt->uid)) return(False); -#ifdef HAVE_SETGROUPS - if (curr_ctxt.ngroups > 0) - { - if (setgroups(curr_ctxt.ngroups, - curr_ctxt.groups) < 0) - { - DEBUG(0,("setgroups call failed!\n")); - } - } -#endif - if (!become_gid(ctxt->gid)) return(False); - - } - - DEBUG(5,("become_unix_sec_ctxt uid=(%d,%d) gid=(%d,%d)\n", - (int)getuid(),(int)geteuid(),(int)getgid(),(int)getegid())); - - return(True); -} - -/**************************************************************************** - unbecome the user of a connection number -****************************************************************************/ -BOOL unbecome_unix_sec_ctxt(void) -{ - if (initial_uid == 0) - { -#ifdef HAVE_SETRESUID - setresuid(-1,getuid(),-1); - setresgid(-1,getgid(),-1); -#else - if (seteuid(initial_uid) != 0) - setuid(initial_uid); - setgid(initial_gid); -#endif - } - -#ifdef NO_EID - if (initial_uid == 0) - DEBUG(2,("Running with no EID\n")); - initial_uid = getuid(); - initial_gid = getgid(); -#else - if (geteuid() != initial_uid) { - DEBUG(0,("Warning: You appear to have a trapdoor uid system\n")); - initial_uid = geteuid(); - } - if (getegid() != initial_gid) { - DEBUG(0,("Warning: You appear to have a trapdoor gid system\n")); - initial_gid = getegid(); - } -#endif - - curr_ctxt.uid = initial_uid; - curr_ctxt.gid = initial_gid; - curr_ctxt.name = NULL; - - curr_ctxt.ngroups = 0; - curr_ctxt.groups = NULL; - - DEBUG(5,("unbecome_unix_sec_ctxt now uid=(%d,%d) gid=(%d,%d)\n", - (int)getuid(),(int)geteuid(),(int)getgid(),(int)getegid())); - - return(True); -} - -static struct unix_sec_ctxt curr_ctxt_saved; -static int become_root_depth; - -/**************************************************************************** -This is used when we need to do a privileged operation (such as mucking -with share mode files) and temporarily need root access to do it. This -call should always be paired with an unbecome_root() call immediately -after the operation - -Set save_dir if you also need to save/restore the CWD -****************************************************************************/ -void become_unix_root_sec_ctxt(void) -{ - if (become_root_depth) { - DEBUG(0,("ERROR: become root depth is non zero\n")); - } - - curr_ctxt_saved = curr_ctxt; - become_root_depth = 1; - - become_uid(0); - become_gid(0); -} - -/**************************************************************************** -When the privileged operation is over call this - -Set save_dir if you also need to save/restore the CWD -****************************************************************************/ -void unbecome_unix_root_sec_ctxt(void) -{ - if (become_root_depth != 1) - { - DEBUG(0,("ERROR: unbecome root depth is %d\n", - become_root_depth)); - } - - /* we might have done a become_user() while running as root, - if we have then become root again in order to become - non root! */ - if (curr_ctxt.uid != 0) - { - become_uid(0); - } - - /* restore our gid first */ - if (!become_gid(curr_ctxt_saved.gid)) - { - DEBUG(0,("ERROR: Failed to restore gid\n")); - exit(-1); - } - -#ifdef HAVE_SETGROUPS - if (curr_ctxt_saved.ngroups > 0) - { - if (setgroups(curr_ctxt_saved.ngroups, - curr_ctxt_saved.groups) < 0) - { - DEBUG(0,("setgroups call failed!\n")); - } - } -#endif - /* now restore our uid */ - if (!become_uid(curr_ctxt_saved.uid)) - { - DEBUG(0,("ERROR: Failed to restore uid\n")); - exit(-1); - } - - curr_ctxt = curr_ctxt_saved; - - become_root_depth = 0; -} - diff --git a/source3/lib/util_array.c b/source3/lib/util_array.c deleted file mode 100644 index c3945ff9f8..0000000000 --- a/source3/lib/util_array.c +++ /dev/null @@ -1,350 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Samba utility functions - Copyright (C) Andrew Tridgell 1992-1999 - Copyright (C) Luke Kenneth Casson Leighton 1996-1999 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -void free_void_array(uint32 num_entries, void **entries, - void(free_item)(void*)) -{ - uint32 i; - if (entries != NULL) - { - for (i = 0; i < num_entries; i++) - { - if (entries[i] != NULL) - { - free_item(entries[i]); - } - } - free(entries); - } -} - -void* add_copy_to_array(uint32 *len, void ***array, const void *item, - void*(item_dup)(const void*), BOOL alloc_anyway) -{ - void* copy = NULL; - if (len == NULL || array == NULL) - { - return NULL; - } - - if (item != NULL || alloc_anyway) - { - copy = item_dup(item); - return add_item_to_array(len, array, copy); - } - return copy; -} - -void* add_item_to_array(uint32 *len, void ***array, void *item) -{ - if (len == NULL || array == NULL) - { - return NULL; - } - - (*array) = (void**)Realloc((*array), ((*len)+1)*sizeof((*array)[0])); - - if ((*array) != NULL) - { - (*array)[(*len)] = item; - (*len)++; - return item; - } - return NULL; -} - -static void use_info_free(struct use_info *item) -{ - if (item != NULL) - { - if (item->srv_name != NULL) - { - free(item->srv_name); - } - if (item->user_name != NULL) - { - free(item->user_name); - } - if (item->domain != NULL) - { - free(item->domain); - } - free(item); - } -} - -static struct use_info *use_info_dup(const struct use_info *from) -{ - if (from != NULL) - { - struct use_info *copy = (struct use_info *) - malloc(sizeof(struct use_info)); - if (copy != NULL) - { - ZERO_STRUCTP(copy); - copy->connected = from->connected; - if (from->srv_name != NULL) - { - copy->srv_name = strdup(from->srv_name ); - } - if (from->user_name != NULL) - { - copy->user_name = strdup(from->user_name); - } - if (from->domain != NULL) - { - copy->domain = strdup(from->domain ); - } - } - return copy; - } - return NULL; -} - -void free_use_info_array(uint32 num_entries, struct use_info **entries) -{ - void(*fn)(void*) = (void(*)(void*))&use_info_free; - free_void_array(num_entries, (void**)entries, *fn); -} - -struct use_info* add_use_info_to_array(uint32 *len, struct use_info ***array, - const struct use_info *name) -{ - void*(*fn)(const void*) = (void*(*)(const void*))&use_info_dup; - return (struct use_info*)add_copy_to_array(len, - (void***)array, (const void*)name, *fn, False); - -} - -void free_char_array(uint32 num_entries, char **entries) -{ - void(*fn)(void*) = (void(*)(void*))&free; - free_void_array(num_entries, (void**)entries, *fn); -} - -char* add_chars_to_array(uint32 *len, char ***array, const char *name) -{ - void*(*fn)(const void*) = (void*(*)(const void*))&strdup; - return (char*)add_copy_to_array(len, - (void***)array, (const void*)name, *fn, False); - -} - -static uint32 *uint32_dup(const uint32* from) -{ - if (from != NULL) - { - uint32 *copy = (uint32 *)malloc(sizeof(uint32)); - if (copy != NULL) - { - memcpy(copy, from, sizeof(*copy)); - } - return copy; - } - return NULL; -} - -void free_uint32_array(uint32 num_entries, uint32 **entries) -{ - void(*fn)(void*) = (void(*)(void*))&free; - free_void_array(num_entries, (void**)entries, *fn); -} - -uint32* add_uint32s_to_array(uint32 *len, uint32 ***array, const uint32 *name) -{ - void*(*fn)(const void*) = (void*(*)(const void*))&uint32_dup; - return (uint32*)add_copy_to_array(len, - (void***)array, (const void*)name, *fn, False); - -} - -void free_unistr_array(uint32 num_entries, UNISTR2 **entries) -{ - void(*fn)(void*) = (void(*)(void*))&unistr2_free; - free_void_array(num_entries, (void**)entries, *fn); -} - -UNISTR2* add_unistr_to_array(uint32 *len, UNISTR2 ***array, UNISTR2 *name) -{ - void*(*fn)(const void*) = (void*(*)(const void*))&unistr2_dup; - return (UNISTR2*)add_copy_to_array(len, - (void***)array, (const void*)name, *fn, False); -} - -void free_sid_array(uint32 num_entries, DOM_SID **entries) -{ - void(*fn)(void*) = (void(*)(void*))&free; - free_void_array(num_entries, (void**)entries, *fn); -} - -DOM_SID* add_sid_to_array(uint32 *len, DOM_SID ***array, const DOM_SID *sid) -{ - void*(*fn)(const void*) = (void*(*)(const void*))&sid_dup; - return (DOM_SID*)add_copy_to_array(len, - (void***)array, (const void*)sid, *fn, False); -} - -void free_devmode(DEVICEMODE *devmode) -{ - if (devmode!=NULL) - { - if (devmode->private!=NULL) - free(devmode->private); - free(devmode); - } -} - -void free_printer_info_2(PRINTER_INFO_2 *printer) -{ - if (printer!=NULL) - { - free_devmode(printer->devmode); - free(printer); - } -} - -static PRINTER_INFO_2 *prt2_dup(const PRINTER_INFO_2* from) -{ - PRINTER_INFO_2 *copy = (PRINTER_INFO_2 *)malloc(sizeof(PRINTER_INFO_2)); - if (copy != NULL) - { - if (from != NULL) - { - memcpy(copy, from, sizeof(*copy)); - } - else - { - ZERO_STRUCTP(copy); - } - } - return copy; -} - -void free_print2_array(uint32 num_entries, PRINTER_INFO_2 **entries) -{ - void(*fn)(void*) = (void(*)(void*))&free_printer_info_2; - free_void_array(num_entries, (void**)entries, *fn); -} - -PRINTER_INFO_2 *add_print2_to_array(uint32 *len, PRINTER_INFO_2 ***array, - const PRINTER_INFO_2 *prt) -{ - void*(*fn)(const void*) = (void*(*)(const void*))&prt2_dup; - return (PRINTER_INFO_2*)add_copy_to_array(len, - (void***)array, (const void*)prt, *fn, True); -} - -static PRINTER_INFO_1 *prt1_dup(const PRINTER_INFO_1* from) -{ - PRINTER_INFO_1 *copy = (PRINTER_INFO_1 *)malloc(sizeof(PRINTER_INFO_1)); - if (copy != NULL) - { - if (from != NULL) - { - memcpy(copy, from, sizeof(*copy)); - } - else - { - ZERO_STRUCTP(copy); - } - } - return copy; -} - -void free_print1_array(uint32 num_entries, PRINTER_INFO_1 **entries) -{ - void(*fn)(void*) = (void(*)(void*))&free; - free_void_array(num_entries, (void**)entries, *fn); -} - -PRINTER_INFO_1 *add_print1_to_array(uint32 *len, PRINTER_INFO_1 ***array, - const PRINTER_INFO_1 *prt) -{ - void*(*fn)(const void*) = (void*(*)(const void*))&prt1_dup; - return (PRINTER_INFO_1*)add_copy_to_array(len, - (void***)array, (const void*)prt, *fn, True); -} - -static JOB_INFO_1 *job1_dup(const JOB_INFO_1* from) -{ - JOB_INFO_1 *copy = (JOB_INFO_1 *)malloc(sizeof(JOB_INFO_1)); - if (copy != NULL) - { - if (from != NULL) - { - memcpy(copy, from, sizeof(*copy)); - } - else - { - ZERO_STRUCTP(copy); - } - } - return copy; -} - -void free_job1_array(uint32 num_entries, JOB_INFO_1 **entries) -{ - void(*fn)(void*) = (void(*)(void*))&free; - free_void_array(num_entries, (void**)entries, *fn); -} - -JOB_INFO_1 *add_job1_to_array(uint32 *len, JOB_INFO_1 ***array, - const JOB_INFO_1 *job) -{ - void*(*fn)(const void*) = (void*(*)(const void*))&job1_dup; - return (JOB_INFO_1*)add_copy_to_array(len, - (void***)array, (const void*)job, *fn, True); -} - -static JOB_INFO_2 *job2_dup(const JOB_INFO_2* from) -{ - JOB_INFO_2 *copy = (JOB_INFO_2 *)malloc(sizeof(JOB_INFO_2)); - if (copy != NULL) - { - if (from != NULL) - { - memcpy(copy, from, sizeof(*copy)); - } - else - { - ZERO_STRUCTP(copy); - } - } - return copy; -} - -void free_job2_array(uint32 num_entries, JOB_INFO_2 **entries) -{ - void(*fn)(void*) = (void(*)(void*))&free; - free_void_array(num_entries, (void**)entries, *fn); -} - -JOB_INFO_2 *add_job2_to_array(uint32 *len, JOB_INFO_2 ***array, - const JOB_INFO_2 *job) -{ - void*(*fn)(const void*) = (void*(*)(const void*))&job2_dup; - return (JOB_INFO_2*)add_copy_to_array(len, - (void***)array, (const void*)job, *fn, True); -} - diff --git a/source3/lib/util_hnd.c b/source3/lib/util_hnd.c deleted file mode 100644 index b895fb31c0..0000000000 --- a/source3/lib/util_hnd.c +++ /dev/null @@ -1,472 +0,0 @@ - -/* - * Unix SMB/Netbios implementation. - * Version 1.9. - * RPC Pipe client / server routines - * Copyright (C) Andrew Tridgell 1992-1997, - * Copyright (C) Luke Kenneth Casson Leighton 1996-1997, - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - */ - - -#include "includes.h" - - -extern int DEBUGLEVEL; - -#ifndef MAX_OPEN_POLS -#define MAX_OPEN_POLS 64 -#endif - -#define POL_NO_INFO 0 -#define POL_REG_INFO 1 -#define POL_SAMR_INFO 2 -#define POL_CLI_INFO 3 - -struct reg_info -{ - /* for use by \PIPE\winreg */ - fstring name; /* name of registry key */ -}; - -struct samr_info -{ - /* for use by the \PIPE\samr policy */ - DOM_SID sid; - uint32 rid; /* relative id associated with the pol_hnd */ - uint32 status; /* some sort of flag. best to record it. comes from opnum 0x39 */ -}; - -struct con_info -{ - struct cli_connection *con; - void (*free)(struct cli_connection*); -}; - -static struct policy -{ - struct policy *next, *prev; - int pnum; - BOOL open; - POLICY_HND pol_hnd; - int type; - - union { - struct samr_info *samr; - struct reg_info *reg; - struct con_info *con; - - } dev; - -} *Policy; - -static struct bitmap *bmap; - - -/**************************************************************************** - create a unique policy handle -****************************************************************************/ -static void create_pol_hnd(POLICY_HND *hnd) -{ - static uint32 pol_hnd_low = 0; - static uint32 pol_hnd_high = 0; - - if (hnd == NULL) return; - - /* i severely doubt that pol_hnd_high will ever be non-zero... */ - pol_hnd_low++; - if (pol_hnd_low == 0) pol_hnd_high++; - - SIVAL(hnd->data, 0 , 0x0); /* first bit must be null */ - SIVAL(hnd->data, 4 , pol_hnd_low ); /* second bit is incrementing */ - SIVAL(hnd->data, 8 , pol_hnd_high); /* second bit is incrementing */ - SIVAL(hnd->data, 12, time(NULL)); /* something random */ - SIVAL(hnd->data, 16, getpid()); /* something more random */ -} - -/**************************************************************************** - initialise policy handle states... -****************************************************************************/ -BOOL init_policy_hnd(int num_pol_hnds) -{ - bmap = bitmap_allocate(num_pol_hnds); - - return bmap != NULL; -} - -/**************************************************************************** - find first available policy slot. creates a policy handle for you. -****************************************************************************/ -BOOL register_policy_hnd(POLICY_HND *hnd) -{ - int i; - struct policy *p; - - i = bitmap_find(bmap, 1); - - if (i == -1) { - DEBUG(0,("ERROR: out of Policy Handles!\n")); - return False; - } - - p = (struct policy *)malloc(sizeof(*p)); - if (!p) { - DEBUG(0,("ERROR: out of memory!\n")); - return False; - } - - ZERO_STRUCTP(p); - - p->open = True; - p->pnum = i; - p->type = POL_NO_INFO; - - memcpy(&p->pol_hnd, hnd, sizeof(*hnd)); - - bitmap_set(bmap, i); - - DLIST_ADD(Policy, p); - - DEBUG(4,("Opened policy hnd[%x] ", i)); - dump_data(4, (char *)hnd->data, sizeof(hnd->data)); - - return True; -} - -/**************************************************************************** - find first available policy slot. creates a policy handle for you. -****************************************************************************/ -BOOL open_policy_hnd(POLICY_HND *hnd) -{ - create_pol_hnd(hnd); - return register_policy_hnd(hnd); -} - -/**************************************************************************** - find policy by handle -****************************************************************************/ -static struct policy *find_policy(const POLICY_HND *hnd) -{ - struct policy *p; - - for (p=Policy;p;p=p->next) { - if (memcmp(&p->pol_hnd, hnd, sizeof(*hnd)) == 0) { - DEBUG(4,("Found policy hnd[%x] ", p->pnum)); - dump_data(4, (const char *)hnd->data, - sizeof(hnd->data)); - return p; - } - } - - DEBUG(4,("Policy not found: ")); - dump_data(4, (const char *)hnd->data, sizeof(hnd->data)); - - return NULL; -} - -/**************************************************************************** - find policy index by handle -****************************************************************************/ -int find_policy_by_hnd(const POLICY_HND *hnd) -{ - struct policy *p = find_policy(hnd); - - return p?p->pnum:-1; -} - -/**************************************************************************** - set samr rid -****************************************************************************/ -BOOL set_policy_samr_rid(POLICY_HND *hnd, uint32 rid) -{ - struct policy *p = find_policy(hnd); - - if (p && p->open) - { - DEBUG(3,("Setting policy device rid=%x pnum=%x\n", - rid, p->pnum)); - - if (p->dev.samr == NULL) - { - p->dev.samr = (struct samr_info*)malloc(sizeof(*p->dev.samr)); - } - if (p->dev.samr == NULL) - { - return False; - } - p->dev.samr->rid = rid; - return True; - } - - DEBUG(3,("Error setting policy rid=%x\n",rid)); - return False; -} - - -/**************************************************************************** - set samr pol status. absolutely no idea what this is. -****************************************************************************/ -BOOL set_policy_samr_pol_status(POLICY_HND *hnd, uint32 pol_status) -{ - struct policy *p = find_policy(hnd); - - if (p && p->open) - { - DEBUG(3,("Setting policy status=%x pnum=%x\n", - pol_status, p->pnum)); - - if (p->dev.samr == NULL) - { - p->type = POL_SAMR_INFO; - p->dev.samr = (struct samr_info*)malloc(sizeof(*p->dev.samr)); - } - if (p->dev.samr == NULL) - { - return False; - } - p->dev.samr->status = pol_status; - return True; - } - - DEBUG(3,("Error setting policy status=%x\n", - pol_status)); - return False; -} - -/**************************************************************************** - set samr sid -****************************************************************************/ -BOOL set_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid) -{ - pstring sidstr; - struct policy *p = find_policy(hnd); - - if (p && p->open) { - DEBUG(3,("Setting policy sid=%s pnum=%x\n", - sid_to_string(sidstr, sid), p->pnum)); - - if (p->dev.samr == NULL) - { - p->type = POL_SAMR_INFO; - p->dev.samr = (struct samr_info*)malloc(sizeof(*p->dev.samr)); - } - if (p->dev.samr == NULL) - { - return False; - } - memcpy(&p->dev.samr->sid, sid, sizeof(*sid)); - return True; - } - - DEBUG(3,("Error setting policy sid=%s\n", - sid_to_string(sidstr, sid))); - return False; -} - -/**************************************************************************** - get samr sid -****************************************************************************/ -BOOL get_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid) -{ - struct policy *p = find_policy(hnd); - - if (p != NULL && p->open) - { - pstring sidstr; - memcpy(sid, &p->dev.samr->sid, sizeof(*sid)); - DEBUG(3,("Getting policy sid=%s pnum=%x\n", - sid_to_string(sidstr, sid), p->pnum)); - - return True; - } - - DEBUG(3,("Error getting policy\n")); - return False; -} - -/**************************************************************************** - get samr rid -****************************************************************************/ -uint32 get_policy_samr_rid(POLICY_HND *hnd) -{ - struct policy *p = find_policy(hnd); - - if (p && p->open) { - uint32 rid = p->dev.samr->rid; - DEBUG(3,("Getting policy device rid=%x pnum=%x\n", - rid, p->pnum)); - - return rid; - } - - DEBUG(3,("Error getting policy\n")); - return 0xffffffff; -} - -/**************************************************************************** - set reg name -****************************************************************************/ -BOOL set_policy_reg_name(POLICY_HND *hnd, fstring name) -{ - struct policy *p = find_policy(hnd); - - if (p && p->open) - { - DEBUG(3,("Getting policy pnum=%x\n", - p->pnum)); - - if (p->dev.reg == NULL) - { - p->type = POL_REG_INFO; - p->dev.reg = (struct reg_info*)malloc(sizeof(*p->dev.reg)); - } - if (p->dev.reg == NULL) - { - return False; - } - fstrcpy(p->dev.reg->name, name); - return True; - } - - DEBUG(3,("Error setting policy name=%s\n", name)); - return False; -} - -/**************************************************************************** - set reg name -****************************************************************************/ -BOOL get_policy_reg_name(POLICY_HND *hnd, fstring name) -{ - struct policy *p = find_policy(hnd); - - if (p && p->open) - { - DEBUG(3,("Setting policy pnum=%x name=%s\n", - p->pnum, name)); - - fstrcpy(name, p->dev.reg->name); - DEBUG(5,("getting policy reg name=%s\n", name)); - return True; - } - - DEBUG(3,("Error getting policy reg name\n")); - return False; -} - -/**************************************************************************** - set con state -****************************************************************************/ -BOOL set_policy_con(POLICY_HND *hnd, struct cli_connection *con, - void (*free_fn)(struct cli_connection *)) -{ - struct policy *p = find_policy(hnd); - - if (p && p->open) - { - DEBUG(3,("Setting policy con state pnum=%x\n", p->pnum)); - - if (p->dev.con == NULL) - { - p->type = POL_CLI_INFO; - p->dev.con = (struct con_info*)malloc(sizeof(*p->dev.con)); - } - if (p->dev.con == NULL) - { - return False; - } - p->dev.con->con = con; - p->dev.con->free = free_fn; - return True; - } - - DEBUG(3,("Error setting policy con state\n")); - - return False; -} - -/**************************************************************************** - get con state -****************************************************************************/ -BOOL get_policy_con(const POLICY_HND *hnd, struct cli_connection **con) -{ - struct policy *p = find_policy(hnd); - - if (p != NULL && p->open) - { - DEBUG(3,("Getting con state pnum=%x\n", p->pnum)); - - if (con != NULL) - { - (*con ) = p->dev.con->con; - } - - return True; - } - - DEBUG(3,("Error getting policy\n")); - return False; -} - -/**************************************************************************** - close an lsa policy -****************************************************************************/ -BOOL close_policy_hnd(POLICY_HND *hnd) -{ - struct policy *p = find_policy(hnd); - - if (!p) - { - DEBUG(3,("Error closing policy\n")); - return False; - } - - DEBUG(3,("Closed policy name pnum=%x\n", p->pnum)); - - DLIST_REMOVE(Policy, p); - - bitmap_clear(bmap, p->pnum); - - ZERO_STRUCTP(p); - ZERO_STRUCTP(hnd); - - switch (p->type) - { - case POL_REG_INFO: - { - free(p->dev.reg); - break; - } - case POL_SAMR_INFO: - { - free(p->dev.samr); - break; - } - case POL_CLI_INFO: - { - if (p->dev.con->free != NULL) - { - p->dev.con->free(p->dev.con->con); - } - free(p->dev.con); - break; - } - } - - free(p); - - return True; -} - diff --git a/source3/lib/util_pwdb.c b/source3/lib/util_pwdb.c deleted file mode 100644 index 3de1829da3..0000000000 --- a/source3/lib/util_pwdb.c +++ /dev/null @@ -1,435 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Password and authentication handling - Copyright (C) Jeremy Allison 1996-1998 - Copyright (C) Luke Kenneth Casson Leighton 1996-1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "nterr.h" - -extern int DEBUGLEVEL; -extern DOM_SID global_sam_sid; -extern fstring global_sam_name; - -extern DOM_SID global_member_sid; -extern fstring global_myworkgroup; - -extern DOM_SID global_sid_S_1_5_20; - -extern pstring global_myname; - -typedef struct -{ - uint32 rid; - char *defaultname; - char *name; -} rid_name; - -/* - * A list of the rids of well known BUILTIN and Domain users - * and groups. - */ - -static rid_name builtin_alias_rids[] = -{ - { BUILTIN_ALIAS_RID_ADMINS , "Administrators" , NULL }, - { BUILTIN_ALIAS_RID_USERS , "Users" , NULL }, - { BUILTIN_ALIAS_RID_GUESTS , "Guests" , NULL }, - { BUILTIN_ALIAS_RID_POWER_USERS , "Power Users" , NULL }, - - { BUILTIN_ALIAS_RID_ACCOUNT_OPS , "Account Operators" , NULL }, - { BUILTIN_ALIAS_RID_SYSTEM_OPS , "System Operators" , NULL }, - { BUILTIN_ALIAS_RID_PRINT_OPS , "Print Operators" , NULL }, - { BUILTIN_ALIAS_RID_BACKUP_OPS , "Backup Operators" , NULL }, - { BUILTIN_ALIAS_RID_REPLICATOR , "Replicator" , NULL }, - { 0 , NULL , NULL} -}; - -/* array lookup of well-known Domain RID users. */ -static rid_name domain_user_rids[] = -{ - { DOMAIN_USER_RID_ADMIN , "Administrator" , NULL }, - { DOMAIN_USER_RID_GUEST , "Guest" , NULL }, - { 0 , NULL , NULL} -}; - -/* array lookup of well-known Domain RID groups. */ -static rid_name domain_group_rids[] = -{ - { DOMAIN_GROUP_RID_ADMINS , "Domain Admins" , NULL }, - { DOMAIN_GROUP_RID_USERS , "Domain Users" , NULL }, - { DOMAIN_GROUP_RID_GUESTS , "Domain Guests" , NULL }, - { 0 , NULL , NULL} -}; - -/******************************************************************* - make an entry in wk name map - the name is strdup()ed! - *******************************************************************/ -static BOOL make_alias_entry(rid_name *map, char *defaultname, char *name) -{ - if(isdigit(*defaultname)) - { - long rid = -1; - char *s; - - if(*defaultname == '0') - { - if(defaultname[1] == 'x') - { - s = "%lx"; - defaultname += 2; - } - else - { - s = "%lo"; - } - } - else - { - s = "%ld"; - } - - sscanf(defaultname, s, &rid); - - for( ; map->rid; map++) - { - if(map->rid == rid) { - map->name = strdup(name); - DEBUG(5, ("make_alias_entry: mapping %s (rid 0x%x) to %s\n", - map->defaultname, map->rid, map->name)); - return True; - } - } - return False; - } - - for( ; map->rid; map++) - { - if(!StrCaseCmp(map->name, defaultname)) { - map->name = strdup(name); - DEBUG(5, ("make_alias_entry: mapping %s (rid 0x%x) to %s\n", - map->defaultname, map->rid, map->name)); - return True; - } - } - return False; -} - -/******************************************************************* - reset wk map to default values - *******************************************************************/ -static void reset_wk_map(rid_name *map) -{ - for( ; map->rid; map++) - { - if(map->name != NULL && map->name != map->defaultname) - free(map->name); - map->name = map->defaultname; - } -} - -/******************************************************************* - reset all wk maps - *******************************************************************/ -static void reset_wk_maps(void) -{ - DEBUG(4, ("reset_wk_maps: Initializing maps\n")); - reset_wk_map(builtin_alias_rids); - reset_wk_map(domain_user_rids); - reset_wk_map(domain_group_rids); -} - -/******************************************************************* - Load builtin alias map - *******************************************************************/ -static BOOL load_wk_rid_map(void) -{ - static int map_initialized = 0; - static time_t builtin_rid_file_last_modified = (time_t)0; - char *builtin_rid_file = lp_builtinrid_file(); - - FILE *fp; - char *s; - pstring buf; - - if (!map_initialized) - { - reset_wk_maps(); - map_initialized = 1; - } - - if (!*builtin_rid_file) - { - return False; - } - - fp = open_file_if_modified(builtin_rid_file, "r", &builtin_rid_file_last_modified); - if(!fp) - { - DEBUG(0,("load_wk_rid_map: can't open name map %s. Error was %s\n", - builtin_rid_file, strerror(errno))); - return False; - } - - reset_wk_maps(); - DEBUG(4,("load_wk_rid_map: Scanning builtin rid map %s\n",builtin_rid_file)); - - while ((s = fgets_slash(buf, sizeof(buf), fp)) != NULL) - { - pstring defaultname; - pstring name; - - DEBUG(10,("Read line |%s|\n", s)); - - if (!*s || strchr("#;",*s)) - continue; - - if (!next_token(&s,name, "\t\n\r=", sizeof(defaultname))) - continue; - - if (!next_token(&s,defaultname, "\t\n\r=", sizeof(name))) - continue; - - trim_string(defaultname, " ", " "); - trim_string(name, " ", " "); - - if (!*defaultname || !*name) - continue; - - if(make_alias_entry(builtin_alias_rids, defaultname, name)) - continue; - if(make_alias_entry(domain_user_rids, defaultname, name)) - continue; - if(make_alias_entry(domain_group_rids, defaultname, name)) - continue; - - DEBUG(0,("load_wk_rid_map: Unknown alias %s in map %s\n", - defaultname, builtin_rid_file)); - } - - fclose(fp); - return True; -} - -/******************************************************************* - lookup_wk_group_name - ********************************************************************/ -uint32 lookup_wk_group_name(const char *group_name, const char *domain, - DOM_SID *sid, uint8 *type) -{ - char *grp_name; - int i = -1; /* start do loop at -1 */ - uint32 rid; - (*type) = SID_NAME_DOM_GRP; - - if (strequal(domain, global_sam_name)) - { - sid_copy(sid, &global_sam_sid); - } - else if (strequal(domain, "BUILTIN")) - { - sid_copy(sid, &global_sid_S_1_5_20); - } - else - { - return 0xC0000000 | NT_STATUS_NONE_MAPPED; - } - - load_wk_rid_map(); - - do /* find, if it exists, a group rid for the group name */ - { - i++; - rid = domain_group_rids[i].rid; - grp_name = domain_group_rids[i].name; - - if (strequal(grp_name, group_name)) - { - sid_append_rid(sid, rid); - - return 0x0; - } - - } while (grp_name != NULL); - - return 0xC0000000 | NT_STATUS_NONE_MAPPED; -} - -/******************************************************************* - lookup_wk_user_name - ********************************************************************/ -uint32 lookup_wk_user_name(const char *user_name, const char *domain, - DOM_SID *sid, uint8 *type) -{ - char *usr_name; - int i = -1; /* start do loop at -1 */ - (*type) = SID_NAME_USER; - - if (strequal(domain, global_sam_name)) - { - sid_copy(sid, &global_sam_sid); - } - else if (strequal(domain, "BUILTIN")) - { - sid_copy(sid, &global_sid_S_1_5_20); - } - else - { - return 0xC0000000 | NT_STATUS_NONE_MAPPED; - } - - load_wk_rid_map(); - - do /* find, if it exists, a alias rid for the alias name */ - { - i++; - usr_name = domain_user_rids[i].name; - - } while (usr_name != NULL && !strequal(usr_name, user_name)); - - if (usr_name != NULL) - { - sid_append_rid(sid, domain_user_rids[i].rid); - return 0; - } - - return 0xC0000000 | NT_STATUS_NONE_MAPPED; -} - -/******************************************************************* - lookup_builtin_alias_name - ********************************************************************/ -uint32 lookup_builtin_alias_name(const char *alias_name, const char *domain, - DOM_SID *sid, uint8 *type) -{ - char *als_name; - int i = 0; - uint32 rid; - - if (strequal(domain, "BUILTIN")) - { - if (sid != NULL) - { - sid_copy(sid, &global_sid_S_1_5_20); - } - } - else - { - return 0xC0000000 | NT_STATUS_NONE_MAPPED; - } - - load_wk_rid_map(); - - do /* find, if it exists, a alias rid for the alias name*/ - { - rid = builtin_alias_rids[i].rid; - als_name = builtin_alias_rids[i].name; - - if (strequal(als_name, alias_name)) - { - if (sid != NULL) - { - sid_append_rid(sid, rid); - } - - if (type != NULL) - { - (*type) = SID_NAME_ALIAS; - } - - return 0x0; - } - - i++; - - } while (als_name != NULL); - - return 0xC0000000 | NT_STATUS_NONE_MAPPED; -} - -/************************************************************* - initialise password databases, domain names, domain sid. -**************************************************************/ -BOOL pwdb_initialise(BOOL is_server) -{ - get_sam_domain_name(); - - if (!init_myworkgroup()) - { - return False; - } - - generate_wellknown_sids(); - - if (is_server) - { - if (!generate_sam_sid(global_sam_name, &global_sam_sid)) - { - DEBUG(0,("ERROR: Samba cannot create a SAM SID for its domain (%s).\n", - global_sam_name)); - return False; - } - } - else - { - if (!get_domain_sids(lp_workgroup(), &global_member_sid, - &global_sam_sid)) - { - return False; - } - } - - create_sidmap_table(); - - return initialise_password_db(); -} - -/************************************************************* - the following functions lookup wk rid's. - these may be unnecessary... -**************************************************************/ -static char *lookup_wk_rid(uint32 rid, rid_name *table) -{ - load_wk_rid_map(); - for( ; table->rid ; table++) - { - if(table->rid == rid) - { - return table->name; - } - } - return NULL; -} - -char *lookup_wk_alias_rid(uint32 rid) -{ - return lookup_wk_rid(rid, builtin_alias_rids); -} - -char *lookup_wk_user_rid(uint32 rid) -{ - return lookup_wk_rid(rid, domain_user_rids); -} - -char *lookup_wk_group_rid(uint32 rid) -{ - return lookup_wk_rid(rid, domain_group_rids); -} - diff --git a/source3/lib/util_status.c b/source3/lib/util_status.c deleted file mode 100644 index 836388a1bd..0000000000 --- a/source3/lib/util_status.c +++ /dev/null @@ -1,160 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Samba connection status utility functions - Copyright (C) Andrew Tridgell 1992-1999 - Copyright (C) Michael Glauche 1999 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -extern int DEBUGLEVEL; - -/******************************************************************* -parse the STATUS..LCK file. caller is responsible for freeing *crec. -********************************************************************/ -BOOL get_connection_status(struct connect_record **crec, - uint32 *connection_count) -{ - int fd; - pstring fname; - int conn; - int num_recs; - struct connect_record *c; - int i; - - if (crec == NULL || connection_count == NULL) - { - return False; - } - - pstrcpy(fname,lp_lockdir()); - standard_sub_basic(fname); - trim_string(fname,"","/"); - pstrcat(fname,"/STATUS..LCK"); - - fd = sys_open(fname,O_RDONLY, 0); - - if (fd == -1) - { - DEBUG(0,("Couldn't open status file %s\n",fname)); - return False; - } - - (*crec) = NULL; - - num_recs = file_size(fname) / sizeof(*c); - - DEBUG(5,("Opened status file %s, record count %d\n",fname, num_recs)); - - for (i = 0, conn = 0; i < num_recs; i++) - { - (*crec) = Realloc((*crec), (conn+1) * sizeof((*crec)[conn])); - if ((*crec) == NULL) - { - DEBUG(0,("Realloc failed in get_connection_status\n")); - return False; - } - - c = &((*crec)[conn]); - if (sys_lseek(fd,i*sizeof(*c),SEEK_SET) != i*sizeof(*c) || - read(fd,c,sizeof(*c)) != sizeof(*c)) - { - DEBUG(0,("unable to read a crec in get_connection_status\n")); - break; - } - DEBUG(10,("cnum:%u. pid: %d magic: %x\n", - c->cnum, c->pid, c->magic)); - - /* valid connection, smbd process still going, connection still going */ - if ( c->magic == 0x280267 && process_exists(c->pid) && c->cnum != -1 ) - { - conn++; - } - - } - close(fd); - (*connection_count)=conn; - return True; -} - -/******************************************************************* -Get the number of open Sessions. Not optimal yet. Has at least O(n*log(n)). - ********************************************************************/ -BOOL get_session_count(struct connect_record **srec,uint32 *session_count) -{ - struct connect_record *crec = NULL; - struct connect_record *c; - - uint32 connection_count; - uint32 conn; - int *pid; - int i; - int MaxPid; - BOOL found; - - (*srec) = NULL; - pid = NULL; - if (get_connection_status(&crec, &connection_count)) - { - MaxPid = 0; - for (conn = 0; conn < connection_count; conn++) - { - DEBUG(10,("Connection nr : %u\n",conn)); - found=False; - for (i = 0; i < MaxPid; i++) - { - if (crec[conn].pid == pid[i]) - { - found = True; - i=MaxPid; - } - } - if (!found) { - (*srec) = Realloc((*srec), (MaxPid+1) * sizeof((*srec)[MaxPid])); - if ((*srec) == NULL) - { - DEBUG(0,("Realloc failed in get_connection_status\n")); - return False; - } - pid = Realloc(pid, (MaxPid+1) * sizeof(int)); - if (pid == NULL) - { - DEBUG(0,("Realloc failed in get_session_count\n")); - free(crec); - return False; - } - c = &((*srec)[MaxPid]); - pid[MaxPid]=crec[conn].pid; - pstrcpy(c->machine,crec[conn].machine); - c->uid = crec[conn].uid; - c->pid = crec[conn].pid; - c->cnum = crec[conn].cnum; - pstrcpy(c->name,crec[conn].name); - - MaxPid++; - } - } - } else { -/* crec is not valid, so no need to free it here */ - return False; - } - free(crec); - (*session_count) = MaxPid; - return True; -} - diff --git a/source3/lib/vagent.c b/source3/lib/vagent.c deleted file mode 100644 index 96df03e2f3..0000000000 --- a/source3/lib/vagent.c +++ /dev/null @@ -1,242 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 2 - SMB agent/socket plugin - Copyright (C) Andrew Tridgell 1999 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "smb.h" - -extern int DEBUGLEVEL; - - -/**************************************************************************** -terminate socket connection -****************************************************************************/ -static void sock_redir_free(struct vagent_ops *va, struct sock_redir *sock) -{ - if (sock->c != -1) - { - close(sock->c); - sock->c = -1; - } - if (sock->n != NULL) - { - va->free_sock(sock->n); - sock->n = NULL; - } - free(sock); -} - -/**************************************************************************** -free a sockent array -****************************************************************************/ -static void free_sock_array(struct vagent_ops*va) -{ - void(*fn)(void*) = (void(*)(void*))&va->free_sock; - free_void_array(va->num_socks, (void**)va->socks, *fn); -} - -/**************************************************************************** -add a sockent state to the array -****************************************************************************/ -static struct sock_redir* add_sock_to_array(uint32 *len, - struct sock_redir ***array, - struct sock_redir *sock) -{ - int i; - for (i = 0; i < (*len); i++) - { - if ((*array)[i] == NULL) - { - (*array)[i] = sock; - return sock; - } - } - - return (struct sock_redir*)add_item_to_array(len, - (void***)array, (void*)sock); - -} - -/**************************************************************************** -initiate sockent array -****************************************************************************/ -void init_sock_redir(struct vagent_ops*va) -{ - va->socks = NULL; - va->num_socks = 0; -} - -/**************************************************************************** -terminate sockent array -****************************************************************************/ -void free_sock_redir(struct vagent_ops*va) -{ - free_sock_array(va); - init_sock_redir(va); -} - -/**************************************************************************** -create a new sockent state from user credentials -****************************************************************************/ -static struct sock_redir *sock_redir_get(struct vagent_ops *va, int fd) -{ - struct sock_redir *sock = (struct sock_redir*)malloc(sizeof(*sock)); - - if (sock == NULL) - { - return NULL; - } - - ZERO_STRUCTP(sock); - - sock->c = fd; - sock->n = NULL; - - DEBUG(10,("sock_redir_get:\tfd:\t%d\n", fd)); - - return sock; -} -/**************************************************************************** -init sock state -****************************************************************************/ -static void sock_add(struct vagent_ops *va, int fd) -{ - struct sock_redir *sock; - sock = sock_redir_get(va, fd); - if (sock != NULL) - { - add_sock_to_array(&va->num_socks, &va->socks, sock); - } -} - -/**************************************************************************** -delete a sockent state -****************************************************************************/ -static BOOL sock_del(struct vagent_ops *va, int fd) -{ - int i; - - for (i = 0; i < va->num_socks; i++) - { - if (va->socks[i] == NULL) continue; - if (va->socks[i]->c == fd) - { - sock_redir_free(va, va->socks[i]); - va->socks[i] = NULL; - return True; - } - } - - return False; -} - -void start_agent(struct vagent_ops *va) -{ - int s, c; - - s = va->get_agent_sock(va->id); - - while (1) - { - int i; - fd_set fds; - int num; - struct sockaddr_un addr; - int in_addrlen = sizeof(addr); - int maxfd = s; - - FD_ZERO(&fds); - FD_SET(s, &fds); - - for (i = 0; i < va->num_socks; i++) - { - if (va->socks[i] != NULL) - { - int fd = va->socks[i]->c; - FD_SET(fd, &fds); - maxfd = MAX(maxfd, fd); - - if (va->socks[i]->n != NULL) - { - fd = va->socks[i]->s; - FD_SET(fd, &fds); - maxfd = MAX(fd, maxfd); - } - } - } - - dbgflush(); - num = sys_select(maxfd+1,&fds,NULL, NULL); - - if (num <= 0) - { - continue; - } - - if (FD_ISSET(s, &fds)) - { - FD_CLR(s, &fds); - c = accept(s, (struct sockaddr*)&addr, &in_addrlen); - if (c != -1) - { - sock_add(va, c); - } - } - - for (i = 0; i < va->num_socks; i++) - { - if (va->socks[i] == NULL) - { - continue; - } - if (FD_ISSET(va->socks[i]->c, &fds)) - { - FD_CLR(va->socks[i]->c, &fds); - if (!va->process_cli_sock(va->socks, - va->num_socks, - va->socks[i])) - { - sock_redir_free(va, va->socks[i]); - va->socks[i] = NULL; - } - } - if (va->socks[i] == NULL) - { - continue; - } - if (va->socks[i]->n == NULL) - { - continue; - } - if (FD_ISSET(va->socks[i]->s, &fds)) - { - FD_CLR(va->socks[i]->s, &fds); - if (!va->process_srv_sock(va->socks, - va->num_socks, - va->socks[i]->s)) - { - sock_redir_free(va, va->socks[i]); - va->socks[i] = NULL; - } - } - } - } -} - diff --git a/source3/lib/vuser.c b/source3/lib/vuser.c deleted file mode 100644 index 09a553e4e6..0000000000 --- a/source3/lib/vuser.c +++ /dev/null @@ -1,195 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Password and authentication handling - Copyright (C) Andrew Tridgell 1992-1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -extern int DEBUGLEVEL; - -/* this holds info on user ids that are already validated for this VC */ -static user_struct *validated_users = NULL; -static int num_validated_users = 0; - -/**************************************************************************** -check if a uid has been validated, and return an pointer to the user_struct -if it has. NULL if not. vuid is biased by an offset. This allows us to -tell random client vuid's (normally zero) from valid vuids. -****************************************************************************/ -user_struct *get_valid_user_struct(uint16 vuid) -{ - if (vuid == UID_FIELD_INVALID) - return NULL; - vuid -= VUID_OFFSET; - if ((vuid >= (uint16)num_validated_users) || - (validated_users[vuid].uid == (uid_t)-1) || (validated_users[vuid].gid == (gid_t)-1)) - return NULL; - return &validated_users[vuid]; -} - -/**************************************************************************** -invalidate a uid -****************************************************************************/ -void invalidate_vuid(uint16 vuid) -{ - user_struct *vuser = get_valid_user_struct(vuid); - - if (vuser == NULL) return; - - vuser->uid = (uid_t)-1; - vuser->gid = (gid_t)-1; - - /* same number of igroups as groups */ - vuser->n_groups = 0; - - if (vuser->groups) - free((char *)vuser->groups); - - vuser->groups = NULL; -} - - -/**************************************************************************** -return a validated username -****************************************************************************/ -char *validated_username(uint16 vuid) -{ - user_struct *vuser = get_valid_user_struct(vuid); - if (vuser == NULL) - return 0; - return(vuser->name); -} - - - -/**************************************************************************** -register a uid/name pair as being valid and that a valid password -has been given. vuid is biased by an offset. This allows us to -tell random client vuid's (normally zero) from valid vuids. -****************************************************************************/ -uint16 create_vuid(uid_t uid, gid_t gid, int n_groups, gid_t *groups, - char *unix_name, char *requested_name, - char *real_name, - BOOL guest, uchar user_sess_key[16]) -{ - user_struct *vuser; - - validated_users = (user_struct *)Realloc(validated_users, - sizeof(user_struct)* - (num_validated_users+1)); - - if (!validated_users) - { - DEBUG(0,("Failed to realloc users struct!\n")); - num_validated_users = 0; - return UID_FIELD_INVALID; - } - - vuser = &validated_users[num_validated_users]; - num_validated_users++; - - vuser->uid = uid; - vuser->gid = gid; - vuser->guest = guest; - fstrcpy(vuser->name,unix_name); - fstrcpy(vuser->requested_name,requested_name); - fstrcpy(vuser->real_name,real_name); - memcpy(vuser->user_sess_key, user_sess_key, sizeof(vuser->user_sess_key)); - - vuser->n_groups = n_groups; - vuser->groups = groups; - - DEBUG(3,("uid %d registered to name %s\n",(int)uid,unix_name)); - - return (uint16)((num_validated_users - 1) + VUID_OFFSET); -} - -/**************************************************************************** -register a uid/name pair as being valid and that a valid password -has been given. vuid is biased by an offset. This allows us to -tell random client vuid's (normally zero) from valid vuids. -****************************************************************************/ -uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, BOOL guest, uchar user_sess_key[16]) -{ - int n_groups; - gid_t *groups; - fstring real_name; - struct passwd *pwfile; /* for getting real name from passwd file */ - - /* Ensure no vuid gets registered in share level security. */ - if(lp_security() == SEC_SHARE) - return UID_FIELD_INVALID; - -#if 0 - /* - * After observing MS-Exchange services writing to a Samba share - * I belive this code is incorrect. Each service does its own - * sessionsetup_and_X for the same user, and as each service shuts - * down, it does a user_logoff_and_X. As we are consolidating multiple - * sessionsetup_and_X's onto the same vuid here, when the first service - * shuts down, it invalidates all the open files for the other services. - * Hence I am removing this code and forcing each sessionsetup_and_X - * to get a new vuid. - * Jeremy Allison. (jallison@whistle.com). - */ - - int i; - for(i = 0; i < num_validated_users; i++) { - vuser = &validated_users[i]; - if ( vuser->uid == uid ) - return (uint16)(i + VUID_OFFSET); /* User already validated */ - } -#endif - - validated_users = (user_struct *)Realloc(validated_users, - sizeof(user_struct)* - (num_validated_users+1)); - - if (!validated_users) - { - DEBUG(0,("Failed to realloc users struct!\n")); - num_validated_users = 0; - return UID_FIELD_INVALID; - } - - /* Find all the groups this uid is in and store them. - Used by become_user() */ - get_unixgroups(unix_name,uid,gid, - &n_groups, - &groups); - - DEBUG(3,("uid %d registered to name %s\n",(int)uid,unix_name)); - - DEBUG(3, ("Clearing default real name\n")); - fstrcpy(real_name, "<Full Name>\0"); - if (lp_unix_realname()) - { - if ((pwfile=hashed_getpwnam(unix_name))!= NULL) - { - DEBUG(3, ("User name: %s\tReal name: %s\n",unix_name,pwfile->pw_gecos)); - fstrcpy(real_name, pwfile->pw_gecos); - } - } - - return create_vuid(uid, gid, n_groups, groups, - unix_name, requested_name, - real_name, - guest, user_sess_key); -} - |