6 files changed, 23 insertions, 189 deletions
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 0da9a8932f..d969193089 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -259,6 +259,9 @@ struct cli_state *cli_initialise(struct cli_state *cli)
 	if (getenv("CLI_FORCE_DOSERR"))
 		cli->force_dos_errors = True;
 
+	/* initialise signing */
+	cli_null_set_signing(cli);
+
 	if (lp_client_signing()) 
 		cli->sign_info.allow_smb_signing = True;
                                    
@@ -271,13 +274,6 @@ struct cli_state *cli_initialise(struct cli_state *cli)
 	memset(cli->outbuf, 0, cli->bufsize);
 	memset(cli->inbuf, 0, cli->bufsize);
 
-	/* just becouse we over-allocate, doesn't mean it's right to use it */
-	clobber_region(FUNCTION_MACRO, __LINE__, cli->outbuf+cli->bufsize, SAFETY_MARGIN);
-	clobber_region(FUNCTION_MACRO, __LINE__, cli->inbuf+cli->bufsize, SAFETY_MARGIN);
-
-	/* initialise signing */
-	cli_null_set_signing(cli);
-
 	cli->nt_pipe_fnum = 0;
 
 	cli->initialised = 1;
diff --git a/source3/libsmb/clierror.c b/source3/libsmb/clierror.c
index cea736ef18..12a7b5dba1 100644
--- a/source3/libsmb/clierror.c
+++ b/source3/libsmb/clierror.c
@@ -2,7 +2,6 @@
    Unix SMB/CIFS implementation.
    client error handling routines
    Copyright (C) Andrew Tridgell 1994-1998
-   Copyright (C) Jelmer Vernooij 2003
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -221,104 +220,16 @@ static struct {
 	int error;
 } nt_errno_map[] = {
         {NT_STATUS_ACCESS_VIOLATION, EACCES},
+        {NT_STATUS_NO_SUCH_FILE, ENOENT},
+        {NT_STATUS_NO_SUCH_DEVICE, ENODEV},
         {NT_STATUS_INVALID_HANDLE, EBADF},
+        {NT_STATUS_NO_MEMORY, ENOMEM},
         {NT_STATUS_ACCESS_DENIED, EACCES},
         {NT_STATUS_OBJECT_NAME_NOT_FOUND, ENOENT},
         {NT_STATUS_SHARING_VIOLATION, EBUSY},
         {NT_STATUS_OBJECT_PATH_INVALID, ENOTDIR},
         {NT_STATUS_OBJECT_NAME_COLLISION, EEXIST},
         {NT_STATUS_PATH_NOT_COVERED, ENOENT},
-	{NT_STATUS_UNSUCCESSFUL, EINVAL},
-	{NT_STATUS_NOT_IMPLEMENTED, ENOSYS},
-	{NT_STATUS_IN_PAGE_ERROR, EFAULT}, 
-	{NT_STATUS_BAD_NETWORK_NAME, ENOENT},
-#ifdef EDQUOT
-	{NT_STATUS_PAGEFILE_QUOTA, EDQUOT},
-	{NT_STATUS_QUOTA_EXCEEDED, EDQUOT},
-	{NT_STATUS_REGISTRY_QUOTA_LIMIT, EDQUOT},
-	{NT_STATUS_LICENSE_QUOTA_EXCEEDED, EDQUOT},
-#endif
-#ifdef ETIME
-	{NT_STATUS_TIMER_NOT_CANCELED, ETIME},
-#endif
-	{NT_STATUS_INVALID_PARAMETER, EINVAL},
-	{NT_STATUS_NO_SUCH_DEVICE, ENODEV},
-	{NT_STATUS_NO_SUCH_FILE, ENOENT},
-#ifdef ENODATA
-	{NT_STATUS_END_OF_FILE, ENODATA}, 
-#endif
-#ifdef ENOMEDIUM
-	{NT_STATUS_NO_MEDIA_IN_DEVICE, ENOMEDIUM}, 
-	{NT_STATUS_NO_MEDIA, ENOMEDIUM},
-#endif
-	{NT_STATUS_NONEXISTENT_SECTOR, ESPIPE}, 
-        {NT_STATUS_NO_MEMORY, ENOMEM},
-	{NT_STATUS_CONFLICTING_ADDRESSES, EADDRINUSE},
-	{NT_STATUS_NOT_MAPPED_VIEW, EINVAL},
-	{NT_STATUS_UNABLE_TO_FREE_VM, EADDRINUSE},
-	{NT_STATUS_ACCESS_DENIED, EACCES}, 
-	{NT_STATUS_BUFFER_TOO_SMALL, ENOBUFS},
-	{NT_STATUS_WRONG_PASSWORD, EACCES},
-	{NT_STATUS_LOGON_FAILURE, EACCES},
-	{NT_STATUS_INVALID_WORKSTATION, EACCES},
-	{NT_STATUS_INVALID_LOGON_HOURS, EACCES},
-	{NT_STATUS_PASSWORD_EXPIRED, EACCES},
-	{NT_STATUS_ACCOUNT_DISABLED, EACCES},
-	{NT_STATUS_DISK_FULL, ENOSPC},
-	{NT_STATUS_INVALID_PIPE_STATE, EPIPE},
-	{NT_STATUS_PIPE_BUSY, EPIPE},
-	{NT_STATUS_PIPE_DISCONNECTED, EPIPE},
-	{NT_STATUS_PIPE_NOT_AVAILABLE, ENOSYS},
-	{NT_STATUS_FILE_IS_A_DIRECTORY, EISDIR},
-	{NT_STATUS_NOT_SUPPORTED, ENOSYS},
-	{NT_STATUS_NOT_A_DIRECTORY, ENOTDIR},
-	{NT_STATUS_DIRECTORY_NOT_EMPTY, ENOTEMPTY},
-	{NT_STATUS_NETWORK_UNREACHABLE, ENETUNREACH},
-	{NT_STATUS_HOST_UNREACHABLE, EHOSTUNREACH},
-	{NT_STATUS_CONNECTION_ABORTED, ECONNABORTED},
-	{NT_STATUS_CONNECTION_REFUSED, ECONNREFUSED},
-	{NT_STATUS_TOO_MANY_LINKS, EMLINK},
-	{NT_STATUS_NETWORK_BUSY, EBUSY},
-	{NT_STATUS_DEVICE_DOES_NOT_EXIST, ENODEV},
-#ifdef ELIBACC
-	{NT_STATUS_DLL_NOT_FOUND, ELIBACC},
-#endif
-	{NT_STATUS_PIPE_BROKEN, EPIPE},
-	{NT_STATUS_REMOTE_NOT_LISTENING, ECONNREFUSED},
-	{NT_STATUS_NETWORK_ACCESS_DENIED, EACCES},
-	{NT_STATUS_TOO_MANY_OPENED_FILES, EMFILE},
-#ifdef EPROTO
-	{NT_STATUS_DEVICE_PROTOCOL_ERROR, EPROTO},
-#endif
-	{NT_STATUS_FLOAT_OVERFLOW, ERANGE},
-	{NT_STATUS_FLOAT_UNDERFLOW, ERANGE},
-	{NT_STATUS_INTEGER_OVERFLOW, ERANGE},
-	{NT_STATUS_MEDIA_WRITE_PROTECTED, EROFS},
-	{NT_STATUS_PIPE_CONNECTED, EISCONN},
-	{NT_STATUS_MEMORY_NOT_ALLOCATED, EFAULT},
-	{NT_STATUS_FLOAT_INEXACT_RESULT, ERANGE},
-	{NT_STATUS_ILL_FORMED_PASSWORD, EACCES},
-	{NT_STATUS_PASSWORD_RESTRICTION, EACCES},
-	{NT_STATUS_ACCOUNT_RESTRICTION, EACCES},
-	{NT_STATUS_PORT_CONNECTION_REFUSED, ECONNREFUSED},
-	{NT_STATUS_NAME_TOO_LONG, ENAMETOOLONG},
-	{NT_STATUS_REMOTE_DISCONNECT, ESHUTDOWN},
-	{NT_STATUS_CONNECTION_DISCONNECTED, ECONNABORTED},
-	{NT_STATUS_CONNECTION_RESET, ENETRESET},
-#ifdef ENOTUNIQ
-	{NT_STATUS_IP_ADDRESS_CONFLICT1, ENOTUNIQ},
-	{NT_STATUS_IP_ADDRESS_CONFLICT2, ENOTUNIQ},
-#endif
-	{NT_STATUS_PORT_MESSAGE_TOO_LONG, EMSGSIZE},
-	{NT_STATUS_PROTOCOL_UNREACHABLE, ENOPROTOOPT},
-	{NT_STATUS_ADDRESS_ALREADY_EXISTS, EADDRINUSE},
-	{NT_STATUS_PORT_UNREACHABLE, EHOSTUNREACH},
-	{NT_STATUS_IO_TIMEOUT, ETIMEDOUT},
-	{NT_STATUS_RETRY, EAGAIN},
-#ifdef ECOMM
-	{NT_STATUS_NET_WRITE_FAULT, ECOMM},
-#endif
-
 	{NT_STATUS(0), 0}
 };
 
diff --git a/source3/libsmb/clistr.c b/source3/libsmb/clistr.c
index c61445c073..bba9fcf15a 100644
--- a/source3/libsmb/clistr.c
+++ b/source3/libsmb/clistr.c
@@ -3,7 +3,7 @@
    client string routines
    Copyright (C) Andrew Tridgell 2001
    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003
-
+   
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
diff --git a/source3/libsmb/netlogon_unigrp.c b/source3/libsmb/netlogon_unigrp.c
index 466410d800..fa2fe32f35 100644
--- a/source3/libsmb/netlogon_unigrp.c
+++ b/source3/libsmb/netlogon_unigrp.c
@@ -22,7 +22,6 @@
 */
 
 #include "includes.h"
-#define UNIGROUP_PREFIX "UNIGROUP"
 
 /*
     Handle for netlogon_unigrp.tdb database. It is used internally
@@ -51,22 +50,17 @@ BOOL uni_group_cache_init(void)
 BOOL  uni_group_cache_store_netlogon(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user)
 {
 	TDB_DATA key,data;
-        fstring keystr, sid_string;
-	DOM_SID user_sid;
-        unsigned int i;
+        fstring keystr;
+        int i;
 
 	if (!uni_group_cache_init()) {
 		DEBUG(0,("uni_group_cache_store_netlogon: cannot open netlogon_unigrp.tdb for write!\n"));
 		return False;
 	}
 
-	sid_copy(&user_sid, &user->dom_sid.sid);
-	sid_append_rid(&user_sid, user->user_rid);
-
-	/* Prepare key as USER-SID string */
-	slprintf(keystr, sizeof(keystr), "%s/%s",
-		 UNIGROUP_PREFIX,
-		 sid_to_string(sid_string, &user_sid));
+	/* Prepare key as DOMAIN-SID/USER-RID string */
+	slprintf(keystr, sizeof(keystr), "%s/%d", 
+		 sid_string_static(&user->dom_sid.sid), user->user_rid);
 	key.dptr = keystr;
 	key.dsize = strlen(keystr) + 1;
 	
@@ -96,15 +90,14 @@ BOOL  uni_group_cache_store_netlogon(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user)
     and elements are array[0] ... array[num_elements-1]
     
 */
-DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid,
+uint32* uni_group_cache_fetch(DOM_SID *domain, uint32 user_rid,
 			      TALLOC_CTX *mem_ctx, uint32 *num_groups)
 {
 	TDB_DATA key,data;
 	fstring keystr;
-	DOM_SID **groups;
+	uint32 *groups;
 	uint32 i;
 	uint32 group_count;
-	fstring sid_string;
 	
 	if (!domain) {
 		DEBUG(1,("uni_group_cache_fetch: expected non-null domain sid\n"));
@@ -130,9 +123,8 @@ DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid,
 	*num_groups = 0;
 	
 	/* Fetch universal groups */
-	slprintf(keystr, sizeof(keystr), "%s/%s", 
-		 UNIGROUP_PREFIX,
-		 sid_to_string(sid_string, user_sid));
+	slprintf(keystr, sizeof(keystr), "%s/%d", 
+		 sid_string_static(domain), user_rid);
 	key.dptr = keystr;
 	key.dsize = strlen(keystr) + 1;
 	data = tdb_fetch(netlogon_unigrp_tdb, key);
@@ -144,17 +136,12 @@ DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid,
 	
 	/* Transfer data to receiver's memory context */
 	group_count = IVAL(&((uint32*)data.dptr)[0],0);
-	groups = talloc(mem_ctx, (group_count)*sizeof(*groups));
+	groups = talloc(mem_ctx, (group_count)*sizeof(uint32));
 	if (groups) {
 		for(i=0; i<group_count; i++) {
-			groups[i] = talloc(mem_ctx, sizeof(**groups));
-			if (!groups[i]) {
-				DEBUG(1,("uni_group_cache_fetch: cannot allocate uni groups in receiver's memory context\n"));
-				return NULL;
-			}
-			sid_copy(groups[i], domain);
-			sid_append_rid(groups[i], IVAL(&((uint32*)data.dptr)[i+1],0));
+			groups[i] = IVAL(&((uint32*)data.dptr)[i+1],0);
 		}
+		
 	} else {
 		DEBUG(1,("uni_group_cache_fetch: cannot allocate uni groups in receiver's memory context\n"));
 	}
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index d54655d17f..0cd1ac33ec 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -385,7 +385,7 @@ NTSTATUS ntlmssp_server_update(NTLMSSP_STATE *ntlmssp_state,
 	} else if (ntlmssp_command == NTLMSSP_AUTH) {
 		return ntlmssp_server_auth(ntlmssp_state, request, reply);
 	} else {
-		DEBUG(1, ("unknown NTLMSSP command %u, expected %u\n", ntlmssp_command, ntlmssp_state->expected_state));
+		DEBUG(1, ("unknown NTLMSSP command %u\n", ntlmssp_command, ntlmssp_state->expected_state));
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 }
diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trust_passwd.c
index b8f84ba890..cf9fd58b13 100644
--- a/source3/libsmb/trusts_util.c
+++ b/source3/libsmb/trust_passwd.c
@@ -1,8 +1,7 @@
 /* 
  *  Unix SMB/CIFS implementation.
- *  Routines to operate on various trust relationships
- *  Copyright (C) Andrew Bartlett                   2001
- *  Copyright (C) Rafal Szczesniak                  2003
+ *  Routines to change trust account passwords.
+ *  Copyright (C) Andrew Bartlett                   2001.
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
@@ -114,63 +113,4 @@ NTSTATUS trust_pw_find_change_and_store_it(struct cli_state *cli, TALLOC_CTX *me
 	
 	return trust_pw_change_and_store_it(cli, mem_ctx, old_trust_passwd_hash);
 	
-}
-
-
-/**
- * Verify whether or not given domain is trusted.
- *
- * @param domain_name name of the domain to be verified
- * @return true if domain is one of the trusted once or
- *         false if otherwise
- **/
- 
-BOOL is_trusted_domain(const char* dom_name)
-{
-	int enum_ctx = 0;
-	const int trustdom_size = 10;
-	int num_domains, i;
-	TRUSTDOM **domains;
-	NTSTATUS result;
-	fstring trustdom_name;
-	DOM_SID trustdom_sid;
-	TALLOC_CTX *mem_ctx;
-	
-	/*
-	 * Query the secrets db as an ultimate source of information
-	 * about trusted domain names. This is PDC or BDC case.
-	 */
-	mem_ctx = talloc_init("is_trusted_domain");
-	
-	do {
-		result = secrets_get_trusted_domains(mem_ctx, &enum_ctx, trustdom_size,
-		                                     &num_domains, &domains);
-		/* compare each returned entry against incoming connection's domain */
-		for (i = 0; i < num_domains; i++) {
-			pull_ucs2_fstring(trustdom_name, domains[i]->name);
-			if (strequal(trustdom_name, dom_name)) {
-				talloc_destroy(mem_ctx);
-				return True;
-			}
-		}
-	} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
-
-	talloc_destroy(mem_ctx);
-
-	/*
-	 * Query the trustdom_cache updated periodically. The only
-	 * way for domain member server.
-	 */
-	if (trustdom_cache_enable() &&
-		trustdom_cache_fetch(dom_name, &trustdom_sid)) {
-		trustdom_cache_shutdown();
-		return True;
-	}
-
-	/*
-	 * if nothing's been found, then give up here, although
-	 * the last resort might be to query the PDC.
-	 */
-	return False;
-}
-
+}