summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/Makefile.in63
-rwxr-xr-xsource3/configure2
-rw-r--r--source3/configure.in2
-rw-r--r--source3/groupdb/aliasfile.c24
-rw-r--r--source3/groupdb/groupfile.c28
-rw-r--r--source3/include/config.h.in3
-rw-r--r--source3/include/proto.h231
-rw-r--r--source3/include/rpc_misc.h15
-rw-r--r--source3/include/rpc_samr.h2
-rw-r--r--source3/include/smb.h130
-rw-r--r--source3/lib/debug.c20
-rw-r--r--source3/lib/util.c22
-rw-r--r--source3/lib/util_hnd.c4
-rw-r--r--source3/libsmb/clientgen.c199
-rw-r--r--source3/lsarpcd/srv_lsa.c271
-rw-r--r--source3/mem_man/mem_man.c3
-rw-r--r--source3/mem_man/mem_man.h2
-rw-r--r--source3/nmbd/nmbd.c6
-rw-r--r--source3/param/loadparm.c56
-rw-r--r--source3/passdb/ldap.c36
-rw-r--r--source3/passdb/nispass.c44
-rw-r--r--source3/passdb/passdb.c456
-rw-r--r--source3/passdb/smbpass.c520
-rw-r--r--source3/passdb/smbpassfile.c51
-rw-r--r--source3/rpc_client/cli_login.c2
-rw-r--r--source3/rpc_client/cli_lsarpc.c2
-rw-r--r--source3/rpc_client/cli_netlogon.c1
-rw-r--r--source3/rpc_client/cli_pipe.c1
-rw-r--r--source3/rpc_parse/parse_lsa.c4
-rw-r--r--source3/rpc_parse/parse_net.c4
-rw-r--r--source3/rpc_parse/parse_rpc.c11
-rw-r--r--source3/rpc_parse/parse_samr.c31
-rw-r--r--source3/rpc_server/srv_lsa.c271
-rw-r--r--source3/rpc_server/srv_lsa_hnd.c4
-rw-r--r--source3/rpc_server/srv_netlog.c416
-rw-r--r--source3/rpc_server/srv_samr.c262
-rw-r--r--source3/rpc_server/srv_util.c323
-rw-r--r--source3/smbd/groupname.c729
-rw-r--r--source3/smbd/nttrans.c4
-rw-r--r--source3/smbd/password.c114
-rw-r--r--source3/smbd/reply.c4
-rw-r--r--source3/smbd/server.c51
-rw-r--r--source3/smbd/service.c2
-rw-r--r--source3/utils/rpctorture.c503
-rw-r--r--source3/utils/smbpasswd.c2
-rw-r--r--source3/utils/torture.c421
-rw-r--r--source3/web/swat.c2
47 files changed, 3044 insertions, 2310 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 73931ef651..96ba7306d4 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -42,6 +42,9 @@ LMHOSTSFILE = $(LIBDIR)/lmhosts
DRIVERFILE = $(LIBDIR)/printers.def
PASSWD_PROGRAM = /bin/passwd
SMB_PASSWD_FILE = $(BASEDIR)/private/smbpasswd
+SMB_PASSGRP_FILE = $(BASEDIR)/private/smbpassgrp
+SMB_GROUP_FILE = $(BASEDIR)/private/smbgroup
+SMB_ALIAS_FILE = $(BASEDIR)/private/smbalias
SMB_PASSWD_PROGRAM = $(BASEDIR)/bin/smbpasswd
# This is where SWAT images and help files go
@@ -64,7 +67,13 @@ CODEPAGELIST= 437 737 850 852 861 932 866 949 950 936
SMBRUN = $(BINDIR)/smbrun
-PASSWD_FLAGS = -DPASSWD_PROGRAM=\"$(PASSWD_PROGRAM)\" -DSMB_PASSWD_FILE=\"$(SMB_PASSWD_FILE)\" -DSMB_PASSWD_PROGRAM=\"$(SMB_PASSWD_PROGRAM)\"
+PASSWD_FLAGS = \
+ -DPASSWD_PROGRAM=\"$(PASSWD_PROGRAM)\" \
+ -DSMB_PASSWD_PROGRAM=\"$(SMB_PASSWD_PROGRAM)\" \
+ -DSMB_PASSWD_FILE=\"$(SMB_PASSWD_FILE)\" \
+ -DSMB_PASSGRP_FILE=\"$(SMB_PASSGRP_FILE)\" \
+ -DSMB_GROUP_FILE=\"$(SMB_GROUP_FILE)\" \
+ -DSMB_ALIAS_FILE=\"$(SMB_ALIAS_FILE)\"
FLAGS1 = $(CFLAGS) -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I$(srcdir)/smbwrapper -DSMBLOGFILE=\"$(SMBLOGFILE)\" -DNMBLOGFILE=\"$(NMBLOGFILE)\"
FLAGS2 = -DCONFIGFILE=\"$(CONFIGFILE)\" -DLMHOSTSFILE=\"$(LMHOSTSFILE)\"
FLAGS3 = -DSWATDIR=\"$(SWATDIR)\" -DSBINDIR=\"$(SBINDIR)\" -DLOCKDIR=\"$(LOCKDIR)\" -DSMBRUN=\"$(SMBRUN)\" -DCODEPAGEDIR=\"$(CODEPAGEDIR)\"
@@ -90,11 +99,11 @@ LIB_OBJ = lib/charcnv.o lib/charset.o lib/debug.o lib/fault.o \
lib/getsmbpass.o lib/interface.o lib/kanji.o lib/md4.o \
lib/membuffer.o lib/netmask.o lib/pidfile.o lib/replace.o \
lib/signal.o lib/slprintf.o lib/system.o lib/time.o lib/ufc.o \
- lib/genrand.o lib/username.o lib/access.o lib/smbrun.o \
- lib/bitmap.o lib/crc32.o lib/snprintf.o \
- lib/util_str.o lib/util_sid.o \
- lib/util_unistr.o lib/util_file.o \
- lib/util.o lib/util_sock.o
+ lib/util.o lib/genrand.o lib/username.o lib/access.o lib/smbrun.o \
+ lib/bitmap.o lib/crc32.o lib/util_sid.o lib/snprintf.o \
+ lib/util_str.o lib/util_unistr.o \
+ lib/util_file.o mem_man/mem_man.o \
+ lib/util_sock.o
UBIQX_OBJ = ubiqx/ubi_BinTree.o ubiqx/ubi_Cache.o ubiqx/ubi_SplayTree.o \
ubiqx/ubi_dLinkList.o ubiqx/ubi_sLinkList.o ubiqx/debugparse.o
@@ -106,12 +115,18 @@ LIBSMB_OBJ = libsmb/clientgen.o libsmb/namequery.o libsmb/nmblib.o \
libsmb/smberr.o libsmb/credentials.o libsmb/pwd_cache.o \
libsmb/passchange.o
-RPC_SERVER_OBJ = rpc_server/srv_lsa.o \
- rpc_server/srv_lsa_hnd.o rpc_server/srv_netlog.o \
- rpc_server/srv_pipe_hnd.o rpc_server/srv_reg.o \
- rpc_server/srv_samr.o rpc_server/srv_srvsvc.o \
- rpc_server/srv_util.o rpc_server/srv_wkssvc.o \
- rpc_server/srv_pipe.o
+RPC_SERVER_OBJ = \
+ rpc_server/srv_sid.o \
+ rpc_server/srv_lsa.o \
+ rpc_server/srv_lsa_hnd.o \
+ rpc_server/srv_netlog.o \
+ rpc_server/srv_pipe_hnd.o \
+ rpc_server/srv_reg.o \
+ rpc_server/srv_samr.o \
+ rpc_server/srv_srvsvc.o \
+ rpc_server/srv_pipe.o \
+ rpc_server/srv_lookup.o \
+ rpc_server/srv_wkssvc.o
RPC_PARSE_OBJ = rpc_parse/parse_lsa.o rpc_parse/parse_misc.o \
rpc_parse/parse_net.o rpc_parse/parse_prs.o \
@@ -122,19 +137,24 @@ RPC_PARSE_OBJ = rpc_parse/parse_lsa.o rpc_parse/parse_misc.o \
RPC_CLIENT_OBJ = \
rpc_client/cli_login.o \
rpc_client/cli_netlogon.o \
+ rpc_client/cli_reg.o \
rpc_client/cli_pipe.o \
rpc_client/cli_lsarpc.o \
rpc_client/cli_wkssvc.o \
rpc_client/cli_srvsvc.o \
- rpc_client/cli_reg.o \
rpc_client/cli_samr.o
LOCKING_OBJ = locking/locking.o locking/locking_shm.o locking/locking_slow.o \
locking/shmem.o locking/shmem_sysv.o
+GROUPDB_OBJ = groupdb/groupdb.o groupdb/groupfile.o \
+ groupdb/aliasdb.o groupdb/aliasfile.o
+
PASSDB_OBJ = passdb/passdb.o passdb/smbpassfile.o passdb/smbpass.o \
- passdb/pass_check.o passdb/ldap.o passdb/nispass.o passdb/smbpasschange.o
+ passdb/pass_check.o passdb/ldap.o passdb/nispass.o \
+ passdb/passgrp.o passdb/smbpassgroup.o \
+ passdb/smbpasschange.o
SMBD_OBJ1 = smbd/server.o smbd/files.o smbd/chgpasswd.o smbd/connection.o \
smbd/dfree.o smbd/dir.o smbd/password.o smbd/conn.o smbd/fileio.o \
@@ -142,13 +162,15 @@ SMBD_OBJ1 = smbd/server.o smbd/files.o smbd/chgpasswd.o smbd/connection.o \
smbd/message.o smbd/nttrans.o smbd/pipes.o smbd/predict.o \
smbd/$(QUOTAOBJS) smbd/reply.o smbd/ssl.o smbd/trans2.o smbd/uid.o \
smbd/dosmode.o smbd/filename.o smbd/open.o smbd/close.o smbd/blocking.o \
- smbd/process.o smbd/oplock.o smbd/service.o smbd/error.o
+ smbd/process.o smbd/oplock.o smbd/service.o smbd/error.o \
+ smbd/groupname.o
PRINTING_OBJ = printing/pcap.o printing/print_svid.o printing/printing.o
SMBD_OBJ = $(SMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \
$(RPC_SERVER_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
- $(LOCKING_OBJ) $(PASSDB_OBJ) $(PRINTING_OBJ) $(LIB_OBJ)
+ $(LOCKING_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) $(PRINTING_OBJ) \
+ $(LIB_OBJ)
NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
@@ -192,7 +214,8 @@ TESTPARM_OBJ = utils/testparm.o \
TESTPRNS_OBJ = utils/testprns.o $(PARAM_OBJ) $(PRINTING_OBJ) $(UBIQX_OBJ) \
$(LIB_OBJ)
-SMBPASSWD_OBJ = utils/smbpasswd.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(PASSDB_OBJ) \
+SMBPASSWD_OBJ = utils/smbpasswd.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
+ $(PASSDB_OBJ) \
$(UBIQX_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) $(LIB_OBJ)
RPCCLIENT_OBJ = rpcclient/rpcclient.o \
@@ -204,7 +227,8 @@ RPCCLIENT_OBJ = rpcclient/rpcclient.o \
rpcclient/cmd_srvsvc.o \
rpcclient/cmd_netlogon.o \
$(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
- $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_OBJ)
+ $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
+ $(PASSDB_OBJ)
SMBWRAPPER_OBJ = smbwrapper/smbw.o smbwrapper/wrapped.o \
smbwrapper/smbw_dir.o smbwrapper/smbw_stat.o \
@@ -238,7 +262,8 @@ RPCTORTURE_OBJ = utils/rpctorture.o \
rpcclient/cmd_srvsvc.o \
rpcclient/cmd_netlogon.o \
$(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
- $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_OBJ)
+ $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
+ $(PASSDB_OBJ)
DEBUG2HTML_OBJ = utils/debug2html.o ubiqx/debugparse.o
diff --git a/source3/configure b/source3/configure
index 0cd5e39d74..0ec5ebb0b3 100755
--- a/source3/configure
+++ b/source3/configure
@@ -1532,7 +1532,7 @@ else
fi
done
-for ac_hdr in compat.h rpc/rpc.h rpc/types.h rpc/xdr.h rpc/auth.h rpc/clnt.h
+for ac_hdr in compat.h rpc/rpc.h rpc/types.h rpc/xdr.h rpc/auth.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
diff --git a/source3/configure.in b/source3/configure.in
index 5030c7ffe9..55fe56fe9e 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -30,7 +30,7 @@ AC_HEADER_TIME
AC_HEADER_SYS_WAIT
AC_CHECK_HEADERS(sys/fcntl.h sys/select.h fcntl.h sys/time.h sys/unistd.h)
AC_CHECK_HEADERS(unistd.h utime.h grp.h sys/id.h limits.h memory.h net/if.h)
-AC_CHECK_HEADERS(compat.h rpc/rpc.h rpc/types.h rpc/xdr.h rpc/auth.h rpc/clnt.h)
+AC_CHECK_HEADERS(compat.h rpc/rpc.h rpc/types.h rpc/xdr.h rpc/auth.h )
AC_CHECK_HEADERS(rpcsvc/yp_prot.h rpcsvc/ypclnt.h sys/param.h ctype.h )
AC_CHECK_HEADERS(sys/wait.h sys/resource.h sys/ioctl.h sys/mode.h)
AC_CHECK_HEADERS(sys/filio.h string.h strings.h stdlib.h sys/socket.h)
diff --git a/source3/groupdb/aliasfile.c b/source3/groupdb/aliasfile.c
index 4b8bbe3079..fc87b47c47 100644
--- a/source3/groupdb/aliasfile.c
+++ b/source3/groupdb/aliasfile.c
@@ -130,24 +130,36 @@ static char *get_alias_members(char *p, int *num_mem, LOCAL_GRP_MEMBER **members
{
DOM_SID sid;
uint8 type;
+ BOOL found = False;
- if (lookup_sid(name, &sid, &type))
+ if (strnequal(name, "S-", 2))
{
- (*members) = Realloc((*members), ((*num_mem)+1) * sizeof(LOCAL_GRP_MEMBER));
- (*num_mem)++;
+ /* sid entered directly */
+ string_to_sid(&sid, name);
+ found = lookup_name(&sid, name, &type) == 0x0;
}
else
{
+ found = lookup_sid(name, &sid, &type) == 0x0;
+ }
+
+ if (!found)
+ {
DEBUG(0,("alias database: could not resolve alias named %s\n", name));
continue;
}
+
+ (*members) = Realloc((*members), ((*num_mem)+1) * sizeof(LOCAL_GRP_MEMBER));
+
if ((*members) == NULL)
{
return NULL;
}
- fstrcpy((*members)[(*num_mem)-1].name, name);
- (*members)[(*num_mem)-1].sid_use = type;
- sid_copy(&(*members)[(*num_mem)-1].sid, &sid);
+
+ fstrcpy((*members)[*num_mem].name, name);
+ (*members)[*num_mem].sid_use = type;
+ sid_copy(&(*members)[*num_mem].sid, &sid);
+ (*num_mem)++;
}
return p;
}
diff --git a/source3/groupdb/groupfile.c b/source3/groupdb/groupfile.c
index 88d362e7d4..8044071391 100644
--- a/source3/groupdb/groupfile.c
+++ b/source3/groupdb/groupfile.c
@@ -26,6 +26,9 @@ extern int DEBUGLEVEL;
static char s_readbuf[1024];
+extern DOM_SID global_sam_sid;
+extern fstring global_sam_name;
+
/***************************************************************
Start to enumerate the grppasswd list. Returns a void pointer
to ensure no modification outside this module.
@@ -128,11 +131,36 @@ static char *get_group_members(char *p, int *num_mem, DOMAIN_GRP_MEMBER **member
while (next_token(&p, name, ",", sizeof(fstring)))
{
+ DOM_SID sid;
+ uint8 type;
+ BOOL found = False;
+
+ if (isdigit(name))
+ {
+ uint32 rid = get_number(name);
+ sid_copy(&sid, &global_sam_sid);
+ sid_append_rid(&sid, rid);
+
+ found = lookup_name(&sid, name, &type) == 0x0;
+ }
+ else
+ {
+ found = lookup_sid(name, &sid, &type) == 0x0;
+ }
+
+ if (!found)
+ {
+ DEBUG(0,("alias database: could not resolve name %s in domain %s\n",
+ name, global_sam_name));
+ continue;
+ }
+
(*members) = Realloc((*members), ((*num_mem)+1) * sizeof(DOMAIN_GRP_MEMBER));
if ((*members) == NULL)
{
return NULL;
}
+
fstrcpy((*members)[(*num_mem)].name, name);
(*members)[(*num_mem)].attr = 0x07;
(*num_mem)++;
diff --git a/source3/include/config.h.in b/source3/include/config.h.in
index 01bc2ee0d8..49379cfe9c 100644
--- a/source3/include/config.h.in
+++ b/source3/include/config.h.in
@@ -633,9 +633,6 @@
/* Define if you have the <rpc/auth.h> header file. */
#undef HAVE_RPC_AUTH_H
-/* Define if you have the <rpc/clnt.h> header file. */
-#undef HAVE_RPC_CLNT_H
-
/* Define if you have the <rpc/rpc.h> header file. */
#undef HAVE_RPC_RPC_H
diff --git a/source3/include/proto.h b/source3/include/proto.h
index d1aa8383c2..329903f787 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -17,6 +17,54 @@ void cmd_tar(void);
int process_tar(void);
int tar_parseargs(int argc, char *argv[], char *Optarg, int Optind);
+/*The following definitions come from groupdb/aliasdb.c */
+
+BOOL initialise_alias_db(void);
+LOCAL_GRP *iterate_getaliasgid(gid_t gid, LOCAL_GRP_MEMBER **mem, int *num_mem);
+LOCAL_GRP *iterate_getaliasrid(uint32 rid, LOCAL_GRP_MEMBER **mem, int *num_mem);
+LOCAL_GRP *iterate_getaliasnam(char *name, LOCAL_GRP_MEMBER **mem, int *num_mem);
+BOOL add_domain_alias(LOCAL_GRP **alss, int *num_alss, LOCAL_GRP *als);
+BOOL iterate_getuseraliasnam(char *user_name, LOCAL_GRP **alss, int *num_alss);
+BOOL enumdomaliases(LOCAL_GRP **alss, int *num_alss);
+void *startaliasent(BOOL update);
+void endaliasent(void *vp);
+LOCAL_GRP *getaliasent(void *vp, LOCAL_GRP_MEMBER **mem, int *num_mem);
+BOOL add_alias_entry(LOCAL_GRP *newals);
+BOOL mod_alias_entry(LOCAL_GRP* als);
+LOCAL_GRP *getaliasnam(char *name, LOCAL_GRP_MEMBER **mem, int *num_mem);
+LOCAL_GRP *getaliasrid(uint32 alias_rid, LOCAL_GRP_MEMBER **mem, int *num_mem);
+LOCAL_GRP *getaliasgid(gid_t gid, LOCAL_GRP_MEMBER **mem, int *num_mem);
+BOOL getuseraliasnam(char *user_name, LOCAL_GRP **als, int *num_alss);
+void aldb_init_als(LOCAL_GRP *als);
+
+/*The following definitions come from groupdb/aliasfile.c */
+
+struct aliasdb_ops *file_initialise_alias_db(void);
+
+/*The following definitions come from groupdb/groupdb.c */
+
+BOOL initialise_group_db(void);
+DOMAIN_GRP *iterate_getgroupgid(gid_t gid, DOMAIN_GRP_MEMBER **mem, int *num_mem);
+DOMAIN_GRP *iterate_getgrouprid(uint32 rid, DOMAIN_GRP_MEMBER **mem, int *num_mem);
+DOMAIN_GRP *iterate_getgroupnam(char *name, DOMAIN_GRP_MEMBER **mem, int *num_mem);
+BOOL add_domain_group(DOMAIN_GRP **grps, int *num_grps, DOMAIN_GRP *grp);
+BOOL iterate_getusergroupsnam(char *user_name, DOMAIN_GRP **grps, int *num_grps);
+BOOL enumdomgroups(DOMAIN_GRP **grps, int *num_grps);
+void *startgroupent(BOOL update);
+void endgroupent(void *vp);
+DOMAIN_GRP *getgroupent(void *vp, DOMAIN_GRP_MEMBER **mem, int *num_mem);
+BOOL add_group_entry(DOMAIN_GRP *newgrp);
+BOOL mod_group_entry(DOMAIN_GRP* grp);
+DOMAIN_GRP *getgroupnam(char *name, DOMAIN_GRP_MEMBER **mem, int *num_mem);
+DOMAIN_GRP *getgrouprid(uint32 group_rid, DOMAIN_GRP_MEMBER **mem, int *num_mem);
+DOMAIN_GRP *getgroupgid(gid_t gid, DOMAIN_GRP_MEMBER **mem, int *num_mem);
+BOOL getusergroupsnam(char *user_name, DOMAIN_GRP **grp, int *num_grps);
+void gpdb_init_grp(DOMAIN_GRP *grp);
+
+/*The following definitions come from groupdb/groupfile.c */
+
+struct groupdb_ops *file_initialise_group_db(void);
+
/*The following definitions come from lib/access.c */
BOOL allow_access(char *deny_list,char *allow_list,
@@ -49,6 +97,7 @@ uint32 crc32_calc_buffer( uint32 count, char *buffer);
/*The following definitions come from lib/debug.c */
+BOOL dbg_interactive(void);
void sig_usr2( int sig );
void sig_usr1( int sig );
void setup_logging( char *pname, BOOL interactive );
@@ -208,6 +257,7 @@ BOOL user_in_list(char *user,char *list);
char *tmpdir(void);
BOOL in_group(gid_t group, gid_t current_gid, int ngroups, gid_t *groups);
+int get_number(char *tmp);
char *Atoic(char *p, int *n, char *c);
char *get_numlist(char *p, uint32 **num, int *count);
void putip(void *dest,void *src);
@@ -454,6 +504,7 @@ BOOL cli_establish_connection(struct cli_state *cli,
struct nmb_name *calling, struct nmb_name *called,
char *service, char *service_type,
BOOL do_shutdown, BOOL do_tcon);
+BOOL cli_connect_serverlist(struct cli_state *cli, char *p);
int cli_printjob_del(struct cli_state *cli, int job);
int cli_print_queue(struct cli_state *cli,
void (*fn)(struct print_job_info *));
@@ -487,7 +538,7 @@ BOOL name_status(int fd,char *name,int name_type,BOOL recurse,
struct in_addr *name_query(int fd,const char *name,int name_type, BOOL bcast,BOOL recurse,
struct in_addr to_ip, int *count, void (*fn)(struct packet_struct *));
FILE *startlmhosts(char *fname);
-BOOL getlmhostsent( FILE *fp, char *name, int *name_type, struct in_addr *ipaddr);
+BOOL getlmhostsent( FILE *fp, pstring name, int *name_type, struct in_addr *ipaddr);
void endlmhosts(FILE *fp);
BOOL resolve_name(const char *name, struct in_addr *return_ip, int name_type);
BOOL find_master_ip(char *group, struct in_addr *master_ip);
@@ -595,6 +646,23 @@ struct shmem_ops *smb_shm_open(int ronly);
struct shmem_ops *sysv_shm_open(int ronly);
+/*The following definitions come from mem_man/mem_man.c */
+
+void *smb_mem_malloc(size_t size,char *file,int line);
+char *smb_mem_strdup(char *s, char *file, int line);
+int smb_mem_free(void *ptr,char *file,int line);
+void smb_mem_write_info(void *ptr,FILE *outfile);
+size_t smb_mem_query_size(void *ptr);
+size_t smb_mem_query_real_size(void *ptr);
+char *smb_mem_query_file(void *ptr);
+int smb_mem_query_line(void *ptr);
+int smb_mem_test(void *ptr);
+void smb_mem_write_status(FILE *outfile);
+void smb_mem_write_verbose(FILE *outfile);
+void smb_mem_write_errors(FILE *outfile);
+void smb_mem_set_multiplier(int multiplier);
+void *smb_mem_resize(void *ptr,size_t newsize);
+
/*The following definitions come from nmbd/asyncdns.c */
int asyncdns_fd(void);
@@ -939,6 +1007,9 @@ char *lp_logfile(void);
char *lp_smbrun(void);
char *lp_configfile(void);
char *lp_smb_passwd_file(void);
+char *lp_smb_passgrp_file(void);
+char *lp_smb_group_file(void);
+char *lp_smb_alias_file(void);
char *lp_serverstring(void);
char *lp_printcapname(void);
char *lp_lockdir(void);
@@ -953,6 +1024,7 @@ char *lp_passwordserver(void);
char *lp_name_resolve_order(void);
char *lp_workgroup(void);
char *lp_username_map(void);
+char *lp_aliasname_map(void);
char *lp_groupname_map(void);
char *lp_logon_script(void);
char *lp_logon_path(void);
@@ -967,11 +1039,6 @@ char *lp_nis_home_map_name(void);
char *lp_netbios_aliases(void);
char *lp_driverfile(void);
char *lp_panic_action(void);
-char *lp_domain_groups(void);
-char *lp_domain_admin_group(void);
-char *lp_domain_guest_group(void);
-char *lp_domain_admin_users(void);
-char *lp_domain_guest_users(void);
char *lp_ldap_server(void);
char *lp_ldap_suffix(void);
char *lp_ldap_filter(void);
@@ -1174,7 +1241,7 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd,
/*The following definitions come from passdb/passdb.c */
-BOOL initialize_password_db(void);
+BOOL initialise_password_db(void);
struct smb_passwd *iterate_getsmbpwrid(uint32 user_rid);
struct smb_passwd *iterate_getsmbpwuid(uid_t smb_userid);
struct smb_passwd *iterate_getsmbpwnam(char *name);
@@ -1193,32 +1260,60 @@ struct sam_disp_info *getsamdisprid(uint32 rid);
struct sam_passwd *getsam21pwent(void *vp);
struct sam_passwd *getsam21pwnam(char *name);
struct sam_passwd *getsam21pwrid(uint32 rid);
-void pdb_init_smb(struct smb_passwd *user);
-void pdb_init_sam(struct sam_passwd *user);
-struct sam_disp_info *pdb_sam_to_dispinfo(struct sam_passwd *user);
-struct smb_passwd *pdb_sam_to_smb(struct sam_passwd *user);
-struct sam_passwd *pdb_smb_to_sam(struct smb_passwd *user);
-char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length);
-uint16 pdb_decode_acct_ctrl(char *p);
-time_t pdb_get_last_set_time(char *p);
-void pdb_set_logon_time(char *p, int max_len, time_t t);
-void pdb_set_logoff_time(char *p, int max_len, time_t t);
-void pdb_set_kickoff_time(char *p, int max_len, time_t t);
-void pdb_set_can_change_time(char *p, int max_len, time_t t);
-void pdb_set_must_change_time(char *p, int max_len, time_t t);
-void pdb_set_last_set_time(char *p, int max_len, time_t t);
-void pdb_sethexpwd(char *p, char *pwd, uint16 acct_ctrl);
-BOOL pdb_gethexpwd(char *p, char *pwd);
-BOOL pdb_name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid);
-BOOL pdb_generate_sam_sid(void);
-uid_t pdb_user_rid_to_uid(uint32 user_rid);
-uint32 pdb_uid_to_user_rid(uid_t uid);
-uint32 pdb_gid_to_group_rid(gid_t gid);
-BOOL pdb_rid_is_user(uint32 rid);
+void pwdb_init_smb(struct smb_passwd *user);
+void pwdb_init_sam(struct sam_passwd *user);
+struct sam_disp_info *pwdb_sam_to_dispinfo(struct sam_passwd *user);
+struct smb_passwd *pwdb_sam_to_smb(struct sam_passwd *user);
+struct sam_passwd *pwdb_smb_to_sam(struct smb_passwd *user);
+char *pwdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length);
+uint16 pwdb_decode_acct_ctrl(char *p);
+time_t pwdb_get_last_set_time(char *p);
+void pwdb_set_logon_time(char *p, int max_len, time_t t);
+void pwdb_set_logoff_time(char *p, int max_len, time_t t);
+void pwdb_set_kickoff_time(char *p, int max_len, time_t t);
+void pwdb_set_can_change_time(char *p, int max_len, time_t t);
+void pwdb_set_must_change_time(char *p, int max_len, time_t t);
+void pwdb_set_last_set_time(char *p, int max_len, time_t t);
+void pwdb_sethexpwd(char *p, char *pwd, uint16 acct_ctrl);
+BOOL pwdb_gethexpwd(char *p, char *pwd);
+uid_t pwdb_user_rid_to_uid(uint32 user_rid);
+uint32 pwdb_uid_to_user_rid(uid_t uid);
+uint32 pwdb_gid_to_group_rid(gid_t gid);
+gid_t pwdb_group_rid_to_gid(uint32 group_rid);
+uint32 pwdb_gid_to_alias_rid(gid_t gid);
+gid_t pwdb_alias_rid_to_gid(uint32 alias_rid);
+BOOL pwdb_rid_is_user(uint32 rid);
+
+/*The following definitions come from passdb/passgrp.c */
+
+BOOL initialise_passgrp_db(void);
+struct smb_passwd *iterate_getsmbgrprid(uint32 user_rid,
+ uint32 **grps, int *num_grps,
+ uint32 **alss, int *num_alss);
+struct smb_passwd *iterate_getsmbgrpuid(uid_t smb_userid,
+ uint32 **grps, int *num_grps,
+ uint32 **alss, int *num_alss);
+struct smb_passwd *iterate_getsmbgrpnam(char *name,
+ uint32 **grps, int *num_grps,
+ uint32 **alss, int *num_alss);
+void *startsmbgrpent(BOOL update);
+void endsmbgrpent(void *vp);
+struct smb_passwd *getsmbgrpent(void *vp,
+ uint32 **grps, int *num_grps,
+ uint32 **alss, int *num_alss);
+struct smb_passwd *getsmbgrpnam(char *name,
+ uint32 **grps, int *num_grps,
+ uint32 **alss, int *num_alss);
+struct smb_passwd *getsmbgrprid(uint32 user_rid,
+ uint32 **grps, int *num_grps,
+ uint32 **alss, int *num_alss);
+struct smb_passwd *getsmbgrpuid(uid_t smb_userid,
+ uint32 **grps, int *num_grps,
+ uint32 **alss, int *num_alss);
/*The following definitions come from passdb/smbpass.c */
-struct passdb_ops *file_initialize_password_db(void);
+struct passdb_ops *file_initialise_password_db(void);
/*The following definitions come from passdb/smbpasschange.c */
@@ -1230,8 +1325,6 @@ BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user,
/*The following definitions come from passdb/smbpassfile.c */
-BOOL pw_file_lock(int fd, int type, int secs, int *plock_depth);
-BOOL pw_file_unlock(int fd, int *plock_depth);
BOOL trust_password_lock( char *domain, char *name, BOOL update);
BOOL trust_password_unlock(void);
BOOL trust_password_delete( char *domain, char *name );
@@ -1239,6 +1332,10 @@ BOOL get_trust_account_password( unsigned char *ret_pwd, time_t *pass_last_set_t
BOOL set_trust_account_password( unsigned char *md4_new_pwd);
BOOL trust_get_passwd( unsigned char trust_passwd[16], char *domain, char *myname);
+/*The following definitions come from passdb/smbpassgroup.c */
+
+struct passgrp_ops *file_initialise_password_grp(void);
+
/*The following definitions come from printing/pcap.c */
BOOL pcap_printername_ok(char *pszPrintername, char *pszPrintcapname);
@@ -1808,7 +1905,7 @@ void samr_io_r_enum_dom_users(char *desc, SAMR_R_ENUM_DOM_USERS *r_u, prs_struc
void make_samr_q_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_e, POLICY_HND *pol, uint32 size);
void samr_io_q_enum_dom_aliases(char *desc, SAMR_Q_ENUM_DOM_ALIASES *q_e, prs_struct *ps, int depth);
void make_samr_r_enum_dom_aliases(SAMR_R_ENUM_DOM_ALIASES *r_u,
- uint32 num_sam_entries, SAM_USER_INFO_21 grps[MAX_SAM_ENTRIES],
+ uint32 num_sam_entries, LOCAL_GRP *alss,
uint32 status);
void samr_io_r_enum_dom_aliases(char *desc, SAMR_R_ENUM_DOM_ALIASES *r_u, prs_struct *ps, int depth);
void make_samr_q_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_e, POLICY_HND *pol,
@@ -1828,7 +1925,7 @@ void make_samr_q_enum_dom_groups(SAMR_Q_ENUM_DOM_GROUPS *q_e, POLICY_HND *pol,
void samr_io_q_enum_dom_groups(char *desc, SAMR_Q_ENUM_DOM_GROUPS *q_e, prs_struct *ps, int depth);
void make_samr_r_enum_dom_groups(SAMR_R_ENUM_DOM_GROUPS *r_u,
uint32 start_idx, uint32 num_sam_entries,
- SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES],
+ DOMAIN_GRP *grp,
uint32 status);
void samr_io_r_enum_dom_groups(char *desc, SAMR_R_ENUM_DOM_GROUPS *r_u, prs_struct *ps, int depth);
void make_samr_q_query_aliasinfo(SAMR_Q_QUERY_ALIASINFO *q_e,
@@ -1845,7 +1942,7 @@ void make_samr_r_lookup_ids(SAMR_R_LOOKUP_IDS *r_u,
void samr_io_r_lookup_ids(char *desc, SAMR_R_LOOKUP_IDS *r_u, prs_struct *ps, int depth);
void samr_io_q_lookup_names(char *desc, SAMR_Q_LOOKUP_NAMES *q_u, prs_struct *ps, int depth);
void make_samr_r_lookup_names(SAMR_R_LOOKUP_NAMES *r_u,
- uint32 num_rids, uint32 *rid, uint32 status);
+ uint32 num_rids, uint32 *rid, uint8 *type, uint32 status);
void samr_io_r_lookup_names(char *desc, SAMR_R_LOOKUP_NAMES *r_u, prs_struct *ps, int depth);
void samr_io_q_unknown_12(char *desc, SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, int depth);
void make_samr_r_unknown_12(SAMR_R_UNKNOWN_12 *r_u,
@@ -2051,6 +2148,37 @@ void make_wks_r_query_info(WKS_R_QUERY_INFO *r_u,
int status) ;
void wks_io_r_query_info(char *desc, WKS_R_QUERY_INFO *r_u, prs_struct *ps, int depth);
+/*The following definitions come from rpc_server/srv_lookup.c */
+
+int make_dom_gids(DOMAIN_GRP *mem, int num_members, DOM_GID **ppgids);
+int get_domain_user_groups(DOMAIN_GRP_MEMBER **grp_members, uint32 group_rid);
+uint32 lookup_builtin_names(DOM_SID *sid, char *name, uint8 *type);
+uint32 lookup_added_name(DOM_SID *sid, char *name, uint8 *type);
+uint32 lookup_name(DOM_SID *sid, char *name, uint8 *type);
+uint32 lookup_wk_group_name(DOM_SID *sid, char *group_name, uint8 *type);
+uint32 lookup_group_name(DOM_SID *sid, char *group_name, uint8 *type);
+uint32 lookup_wk_alias_name(DOM_SID *sid, char *alias_name, uint8 *type);
+uint32 lookup_alias_name(DOM_SID *sid, char *alias_name, uint8 *type);
+uint32 lookup_wk_user_name(DOM_SID *sid, char *user_name, uint8 *type);
+uint32 lookup_user_name(DOM_SID *sid, char *user_name, uint8 *type);
+uint32 lookup_group_rid(char *group_name, uint32 *rid, uint8 *type);
+uint32 lookup_wk_group_rid(char *group_name, uint32 *rid, uint8 *type);
+uint32 lookup_alias_sid(char *alias_name, DOM_SID *sid, uint8 *type);
+uint32 lookup_alias_rid(char *alias_name, uint32 *rid, uint8 *type);
+uint32 lookup_wk_alias_sid(char *alias_name, DOM_SID *sid, uint8 *type);
+uint32 lookup_wk_alias_rid(char *alias_name, uint32 *rid, uint8 *type);
+uint32 lookup_sid(char *name, DOM_SID *sid, uint8 *type);
+uint32 lookup_added_user_rids(char *user_name,
+ uint32 *usr_rid, uint32 *grp_rid);
+uint32 lookup_added_user_rid(char *user_name, uint32 *rid, uint8 *type);
+uint32 lookup_wk_user_rid(char *user_name, uint32 *rid, uint8 *type);
+uint32 lookup_added_grp_rid(char *name, uint32 *rid, uint8 *type);
+uint32 lookup_builtin_grp_rid(char *name, uint32 *rid, uint8 *type);
+uint32 lookup_grp_rid(char *name, uint32 *rid, uint8 *type);
+uint32 lookup_user_rid(char *name, uint32 *rid, uint8 *type);
+uint32 lookup_rid(char *name, uint32 *rid, uint8 *type);
+uint32 lookup_user_rids(char *name, uint32 *usr_rid, uint32 *grp_rid);
+
/*The following definitions come from rpc_server/srv_lsa.c */
BOOL api_ntlsa_rpc(pipes_struct *p, prs_struct *data);
@@ -2103,20 +2231,18 @@ BOOL api_reg_rpc(pipes_struct *p, prs_struct *data);
BOOL api_samr_rpc(pipes_struct *p, prs_struct *data);
-/*The following definitions come from rpc_server/srv_srvsvc.c */
+/*The following definitions come from rpc_server/srv_sid.c */
-BOOL api_srvsvc_rpc(pipes_struct *p, prs_struct *data);
+BOOL get_member_domain_sid(void);
+void generate_wellknown_sids(void);
+BOOL generate_sam_sid(void);
+BOOL map_domain_name_to_sid(DOM_SID *sid, char **nt_domain);
+BOOL map_domain_sid_to_name(DOM_SID *sid, char *nt_domain);
+BOOL split_domain_name(char *fullname, char *domain, char *name);
-/*The following definitions come from rpc_server/srv_util.c */
+/*The following definitions come from rpc_server/srv_srvsvc.c */
-int make_dom_gids(char *gids_str, DOM_GID **ppgids);
-void get_domain_user_groups(char *domain_groups, char *user);
-uint32 lookup_group_name(uint32 rid, char *group_name, uint32 *type);
-uint32 lookup_alias_name(uint32 rid, char *alias_name, uint32 *type);
-uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type);
-uint32 lookup_group_rid(char *group_name, uint32 *rid);
-uint32 lookup_alias_rid(char *alias_name, uint32 *rid);
-uint32 lookup_user_rid(char *user_name, uint32 *rid);
+BOOL api_srvsvc_rpc(pipes_struct *p, prs_struct *data);
/*The following definitions come from rpc_server/srv_wkssvc.c */
@@ -2355,6 +2481,17 @@ void file_chain_reset(void);
void file_chain_save(void);
void file_chain_restore(void);
+/*The following definitions come from smbd/groupname.c */
+
+BOOL map_group_sid_to_name(DOM_SID *psid, char *group_name, char *nt_domain);
+BOOL map_alias_sid_to_name(DOM_SID *psid, char *alias_name, char *nt_domain);
+BOOL map_group_name_to_sid(char *group_name, DOM_SID *psid);
+BOOL map_alias_name_to_sid(char *alias_name, DOM_SID *psid);
+BOOL map_gid_to_alias_sid(gid_t gid, DOM_SID *psid);
+BOOL map_gid_to_group_sid( gid_t gid, DOM_SID *psid);
+BOOL map_group_sid_to_gid( DOM_SID *psid, gid_t *gid);
+BOOL map_alias_sid_to_gid( DOM_SID *psid, gid_t *gid);
+
/*The following definitions come from smbd/ipc.c */
int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, int size, int bufsize);
@@ -2431,7 +2568,7 @@ BOOL set_challenge(unsigned char *challenge);
user_struct *get_valid_user_struct(uint16 vuid);
void invalidate_vuid(uint16 vuid);
char *validated_username(uint16 vuid);
-int setup_groups(char *user, uid_t uid, gid_t gid, int *p_ngroups, gid_t **p_groups);
+int get_unixgroups(char *user, uid_t uid, gid_t gid, int *p_ngroups, gid_t **p_groups);
uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, BOOL guest);
void add_session_user(char *user);
BOOL smb_password_check(char *password, unsigned char *part_passwd, unsigned char *c8);
diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h
index e984a4842b..aa1f100dfb 100644
--- a/source3/include/rpc_misc.h
+++ b/source3/include/rpc_misc.h
@@ -56,13 +56,14 @@
* NT RIDS.
*/
-/* Take the bottom bit. */
-#define RID_TYPE_MASK 1
-#define RID_MULTIPLIER 2
-
-/* The two common types. */
-#define USER_RID_TYPE 0
-#define GROUP_RID_TYPE 1
+/* Take the bottom bits. */
+#define RID_TYPE_MASK 2
+#define RID_MULTIPLIER 4
+
+/* The three common types. */
+#define RID_TYPE_USER 0
+#define RID_TYPE_GROUP 1
+#define RID_TYPE_ALIAS 2
/* ENUM_HND */
typedef struct enum_hnd_info
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index d45cb23388..ef7fefc72e 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -769,7 +769,7 @@ itself. the response to the lookup rids is relative to this SID.
/* SAMR_Q_LOOKUP_IDS */
typedef struct q_samr_lookup_ids_info
{
- POLICY_HND pol; /* policy handle */
+ POLICY_HND pol; /* policy handle */
uint32 num_sids1; /* number of rids being looked up */
uint32 ptr; /* buffer pointer */
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 0ffbcded13..63aa7c098d 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -463,30 +463,31 @@ typedef struct local_grp_info
{
fstring name;
fstring comment;
+ uint32 rid; /* alias rid */
} LOCAL_GRP;
-/*** enumerate these to get list of domain groups ***/
+/*** query a domain group, get a list of these: shows who is in that group ***/
-/* domain group member info */
-typedef struct domain_grp_info
+/* domain group info */
+typedef struct domain_grp_member_info
{
fstring name;
- fstring comment;
- uint32 rid; /* group rid */
uint8 attr; /* attributes forced to be set to 0x7: SE_GROUP_xxx */
-} DOMAIN_GRP;
+} DOMAIN_GRP_MEMBER;
-/*** query a domain group, get a list of these: shows who is in that group ***/
+/*** enumerate these to get list of domain groups ***/
-/* domain group info */
-typedef struct domain_grp_member_info
+/* domain group member info */
+typedef struct domain_grp_info
{
fstring name;
+ fstring comment;
+ uint32 rid; /* group rid */
uint8 attr; /* attributes forced to be set to 0x7: SE_GROUP_xxx */
-} DOMAIN_GRP_MEMBER;
+} DOMAIN_GRP;
/* DOM_CHAL - challenge info */
typedef struct chal_info
@@ -814,6 +815,110 @@ struct passdb_ops {
#endif
};
+/*
+ * Each implementation of the passgrp database code needs
+ * to support the following operations.
+ */
+
+struct passgrp_ops {
+ /*
+ * Password database ops.
+ */
+ void *(*startsmbgrpent)(BOOL);
+ void (*endsmbgrpent)(void *);
+ SMB_BIG_UINT (*getsmbgrppos)(void *);
+ BOOL (*setsmbgrppos)(void *, SMB_BIG_UINT);
+
+ /*
+ * smb passgrp database query functions.
+ */
+ struct smb_passwd *(*getsmbgrpnam)(char *, uint32**, int*, uint32**, int*);
+ struct smb_passwd *(*getsmbgrpuid)(uid_t , uint32**, int*, uint32**, int*);
+ struct smb_passwd *(*getsmbgrprid)(uint32, uint32**, int*, uint32**, int*);
+ struct smb_passwd *(*getsmbgrpent)(void *, uint32**, int*, uint32**, int*);
+
+};
+
+/*
+ * Each implementation of the group database code needs
+ * to support the following operations.
+ *
+ * This allows enumeration, modification and addition of groups. there
+ * is _no_ deletion of groups: you can only modify them to a status of
+ * "deleted" (this by the way is a requirement of c2 rating)
+ */
+
+struct groupdb_ops
+{
+ /*
+ * Group database ops.
+ */
+ void *(*startgroupent)(BOOL);
+ void (*endgroupent)(void *);
+ SMB_BIG_UINT (*getgrouppos)(void *);
+ BOOL (*setgrouppos)(void *, SMB_BIG_UINT);
+
+ /*
+ * group database query functions. set the BOOL to Tru
+ * if you want the members in the group as well.
+ */
+ DOMAIN_GRP *(*getgroupnam)(char *, DOMAIN_GRP_MEMBER **, int *);
+ DOMAIN_GRP *(*getgroupgid)(gid_t , DOMAIN_GRP_MEMBER **, int *);
+ DOMAIN_GRP *(*getgrouprid)(uint32, DOMAIN_GRP_MEMBER **, int *);
+ DOMAIN_GRP *(*getgroupent)(void *, DOMAIN_GRP_MEMBER **, int *);
+
+ /*
+ * group database modification functions.
+ */
+ BOOL (*add_group_entry)(DOMAIN_GRP *);
+ BOOL (*mod_group_entry)(DOMAIN_GRP *);
+
+ /*
+ * user group functions
+ */
+ BOOL (*getusergroupsnam)(char *, DOMAIN_GRP **, int *);
+};
+
+/*
+ * Each implementation of the alias database code needs
+ * to support the following operations.
+ *
+ * This allows enumeration, modification and addition of aliases. there
+ * is _no_ deletion of aliases: you can only modify them to a status of
+ * "deleted" (this by the way is a requirement of c2 rating)
+ */
+
+struct aliasdb_ops
+{
+ /*
+ * Alias database ops.
+ */
+ void *(*startaliasent)(BOOL);
+ void (*endaliasent)(void *);
+ SMB_BIG_UINT (*getaliaspos)(void *);
+ BOOL (*setaliaspos)(void *, SMB_BIG_UINT);
+
+ /*
+ * alias database query functions. set the BOOL to Tru
+ * if you want the members in the alias as well.
+ */
+ LOCAL_GRP *(*getaliasnam)(char *, LOCAL_GRP_MEMBER **, int *);
+ LOCAL_GRP *(*getaliasgid)(gid_t , LOCAL_GRP_MEMBER **, int *);
+ LOCAL_GRP *(*getaliasrid)(uint32, LOCAL_GRP_MEMBER **, int *);
+ LOCAL_GRP *(*getaliasent)(void *, LOCAL_GRP_MEMBER **, int *);
+
+ /*
+ * alias database modification functions.
+ */
+ BOOL (*add_alias_entry)(LOCAL_GRP *);
+ BOOL (*mod_alias_entry)(LOCAL_GRP *);
+
+ /*
+ * user alias functions
+ */
+ BOOL (*getuseraliasnam)(char *, LOCAL_GRP **, int *);
+};
+
/* this is used for smbstatus */
struct connect_record
@@ -1650,11 +1755,8 @@ extern int unix_ERR_code;
/* zero a structure */
#define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x))
-/* zero a structure given a pointer to the structure - no zero check */
-#define ZERO_STRUCTPN(x) memset((char *)(x), 0, sizeof(*(x)))
-
/* zero a structure given a pointer to the structure */
-#define ZERO_STRUCTP(x) { if ((x) != NULL) ZERO_STRUCTPN(x); }
+#define ZERO_STRUCTP(x) { if ((x) != NULL) memset((char *)(x), 0, sizeof(*(x))); }
/* zero an array - note that sizeof(array) must work - ie. it must not be a
pointer */
diff --git a/source3/lib/debug.c b/source3/lib/debug.c
index 6b7b9341a3..619a917747 100644
--- a/source3/lib/debug.c
+++ b/source3/lib/debug.c
@@ -75,6 +75,7 @@
* debugf - Debug file name.
* append_log - If True, then the output file will be opened in append
* mode.
+ * timestamp_log -
* DEBUGLEVEL - System-wide debug message limit. Messages with message-
* levels higher than DEBUGLEVEL will not be processed.
*/
@@ -82,6 +83,7 @@
FILE *dbf = NULL;
pstring debugf = "";
BOOL append_log = False;
+BOOL timestamp_log = True;
int DEBUGLEVEL = 1;
@@ -119,7 +121,17 @@ static int format_pos = 0;
* Functions...
*/
-#if defined(SIGUSR2)
+/* ************************************************************************** **
+ * tells us if interactive logging was requested
+ * ************************************************************************** **
+ */
+
+BOOL dbg_interactive(void)
+{
+ return stdout_logging;
+}
+
+#if defined(SIGUSR2) && !defined(MEM_MAN)
/* ************************************************************************** **
* catch a sigusr2 - decrease the debug log level.
* ************************************************************************** **
@@ -140,7 +152,7 @@ void sig_usr2( int sig )
} /* sig_usr2 */
#endif /* SIGUSR2 */
-#if defined(SIGUSR1)
+#if defined(SIGUSR1) && !defined(MEM_MAN)
/* ************************************************************************** **
* catch a sigusr1 - increase the debug log level.
* ************************************************************************** **
@@ -429,7 +441,7 @@ static void bufr_print( void )
static void format_debug_text( char *msg )
{
int i;
- BOOL timestamp = (!stdout_logging && (lp_timestamp_logs() ||
+ BOOL timestamp = (timestamp_log && !stdout_logging && (lp_timestamp_logs() ||
!(lp_loaded())));
for( i = 0; msg[i]; i++ )
@@ -527,7 +539,7 @@ BOOL dbghdr( int level, char *file, char *func, int line )
/* Print the header if timestamps are turned on. If parameters are
* not yet loaded, then default to timestamps on.
*/
- if( lp_timestamp_logs() || !(lp_loaded()) )
+ if( timestamp_log && (lp_timestamp_logs() || !(lp_loaded()) ))
{
/* Print it all out at once to prevent split syslog output. */
(void)Debug1( "[%s, %d] %s:%s(%d)\n",
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 1710205f3c..df3faa569a 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -143,6 +143,21 @@ BOOL in_group(gid_t group, gid_t current_gid, int ngroups, gid_t *groups)
/****************************************************************************
+gets either a hex number (0xNNN) or decimal integer (NNN).
+****************************************************************************/
+int get_number(char *tmp)
+{
+ if (strnequal(tmp, "0x", 2))
+ {
+ return strtol(tmp, (char**)NULL, 16);
+ }
+ else
+ {
+ return strtol(tmp, (char**)NULL, 10);
+ }
+}
+
+/****************************************************************************
like atoi but gets the value up to the separater character
****************************************************************************/
char *Atoic(char *p, int *n, char *c)
@@ -153,7 +168,12 @@ char *Atoic(char *p, int *n, char *c)
return NULL;
}
- (*n) = atoi(p);
+ (*n) = get_number(p);
+
+ if (strnequal(p, "0x", 2))
+ {
+ p += 2;
+ }
while ((*p) && isdigit(*p))
{
diff --git a/source3/lib/util_hnd.c b/source3/lib/util_hnd.c
index b807c40604..dabc5520ff 100644
--- a/source3/lib/util_hnd.c
+++ b/source3/lib/util_hnd.c
@@ -290,7 +290,8 @@ BOOL close_lsa_policy_hnd(POLICY_HND *hnd)
{
struct policy *p = find_lsa_policy(hnd);
- if (!p) {
+ if (!p)
+ {
DEBUG(3,("Error closing policy\n"));
return False;
}
@@ -302,6 +303,7 @@ BOOL close_lsa_policy_hnd(POLICY_HND *hnd)
bitmap_clear(bmap, p->pnum);
ZERO_STRUCTP(p);
+ ZERO_STRUCTP(hnd);
free(p);
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 550f7cc391..bb792b7e2b 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -39,18 +39,27 @@ static BOOL cli_receive_smb(struct cli_state *cli)
/****************************************************************************
send an smb to a fd and re-establish if necessary
****************************************************************************/
-static BOOL cli_send_smb(struct cli_state *cli)
+static BOOL cli_send_smb(struct cli_state *cli, BOOL show)
{
size_t len;
size_t nwritten=0;
ssize_t ret;
BOOL reestablished=False;
+ if (show)
+ {
+ show_msg(cli->outbuf);
+ }
+
len = smb_len(cli->outbuf) + 4;
while (nwritten < len) {
ret = write_socket(cli->fd,cli->outbuf+nwritten,len - nwritten);
- if (ret <= 0 && errno == EPIPE && !reestablished) {
+ if (ret <= 0 && errno == EPIPE && !reestablished)
+ {
+ DEBUG(5,("cli_send_smb: write error (%s) - reconnecting\n",
+ strerror(errno)));
+
if (cli_reestablish_connection(cli)) {
reestablished = True;
nwritten=0;
@@ -60,8 +69,7 @@ static BOOL cli_send_smb(struct cli_state *cli)
if (ret <= 0) {
DEBUG(0,("Error writing %d bytes to client. %d. Exiting\n",
len,ret));
- close_sockets();
- exit(1);
+ return False;
}
nwritten += ret;
}
@@ -259,8 +267,7 @@ static BOOL cli_send_trans(struct cli_state *cli, int trans,
set_message(cli->outbuf,14+lsetup, /* wcnt, bcc */
PTR_DIFF(outdata+this_ldata,smb_buf(cli->outbuf)),False);
- show_msg(cli->outbuf);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (this_ldata < ldata || this_lparam < lparam) {
/* receive interim response */
@@ -300,8 +307,7 @@ static BOOL cli_send_trans(struct cli_state *cli, int trans,
set_message(cli->outbuf,trans==SMBtrans?8:9, /* wcnt, bcc */
PTR_DIFF(outdata+this_ldata,smb_buf(cli->outbuf)),False);
- show_msg(cli->outbuf);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
tot_data += this_ldata;
tot_param += this_lparam;
@@ -328,8 +334,6 @@ static BOOL cli_receive_trans(struct cli_state *cli,int trans,
if (!cli_receive_smb(cli))
return False;
- show_msg(cli->inbuf);
-
/* sanity check */
if (CVAL(cli->inbuf,smb_com) != trans) {
DEBUG(0,("Expected %s response, got command 0x%02x\n",
@@ -382,8 +386,6 @@ static BOOL cli_receive_trans(struct cli_state *cli,int trans,
if (!cli_receive_smb(cli))
return False;
- show_msg(cli->inbuf);
-
/* sanity check */
if (CVAL(cli->inbuf,smb_com) != trans) {
DEBUG(0,("Expected %s response, got command 0x%02x\n",
@@ -759,11 +761,12 @@ BOOL cli_session_setup(struct cli_state *cli,
set_message(cli->outbuf,13,PTR_DIFF(p,smb_buf(cli->outbuf)),False);
}
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli))
+ {
+ DEBUG(10,("cli_session_setup: receive smb failed\n"));
return False;
-
- show_msg(cli->inbuf);
+ }
if (CVAL(cli->inbuf,smb_rcls) != 0) {
return False;
@@ -804,7 +807,7 @@ BOOL cli_ulogoff(struct cli_state *cli)
SSVAL(cli->outbuf,smb_vwv0,0xFF);
SSVAL(cli->outbuf,smb_vwv2,0); /* no additional info */
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli))
return False;
@@ -858,7 +861,7 @@ BOOL cli_send_tconX(struct cli_state *cli,
SCVAL(cli->inbuf,smb_rcls, 1);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli))
return False;
@@ -899,7 +902,7 @@ BOOL cli_tdis(struct cli_state *cli)
SSVAL(cli->outbuf,smb_tid,cli->cnum);
cli_setup_packet(cli);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli))
return False;
@@ -931,7 +934,7 @@ BOOL cli_rename(struct cli_state *cli, char *fname_src, char *fname_dst)
*p++ = 4;
pstrcpy(p,fname_dst);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
}
@@ -965,7 +968,7 @@ BOOL cli_unlink(struct cli_state *cli, char *fname)
*p++ = 4;
pstrcpy(p,fname);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
}
@@ -997,7 +1000,7 @@ BOOL cli_mkdir(struct cli_state *cli, char *dname)
*p++ = 4;
pstrcpy(p,dname);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
}
@@ -1029,7 +1032,7 @@ BOOL cli_rmdir(struct cli_state *cli, char *dname)
*p++ = 4;
pstrcpy(p,dname);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
}
@@ -1074,7 +1077,7 @@ int cli_nt_create(struct cli_state *cli, char *fname)
pstrcpy(p,fname);
p = skip_string(p,1);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return -1;
}
@@ -1145,7 +1148,7 @@ int cli_open(struct cli_state *cli, char *fname, int flags, int share_mode)
pstrcpy(p,fname);
p = skip_string(p,1);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return -1;
}
@@ -1177,7 +1180,7 @@ BOOL cli_close(struct cli_state *cli, int fnum)
SSVAL(cli->outbuf,smb_vwv0,fnum);
SIVALS(cli->outbuf,smb_vwv1,-1);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
}
@@ -1218,7 +1221,7 @@ BOOL cli_lock(struct cli_state *cli, int fnum, uint32 offset, uint32 len, int ti
SSVAL(p, 0, cli->pid);
SIVAL(p, 2, offset);
SIVAL(p, 6, len);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
cli->timeout = (timeout == -1) ? 0x7FFFFFFF : timeout;
@@ -1264,7 +1267,7 @@ BOOL cli_unlock(struct cli_state *cli, int fnum, uint32 offset, uint32 len, int
SIVAL(p, 2, offset);
SIVAL(p, 6, len);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
}
@@ -1300,7 +1303,7 @@ static void cli_issue_read(struct cli_state *cli, int fnum, off_t offset,
SSVAL(cli->outbuf,smb_vwv6,size);
SSVAL(cli->outbuf,smb_mid,cli->mid + i);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
}
/****************************************************************************
@@ -1406,8 +1409,7 @@ static void cli_issue_write(struct cli_state *cli, int fnum, off_t offset, uint1
SSVAL(cli->outbuf,smb_mid,cli->mid + i);
- show_msg(cli->outbuf);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
}
/****************************************************************************
@@ -1495,7 +1497,7 @@ BOOL cli_getattrE(struct cli_state *cli, int fd,
SSVAL(cli->outbuf,smb_vwv0,fd);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
}
@@ -1549,7 +1551,7 @@ BOOL cli_getatr(struct cli_state *cli, char *fname,
*p = 4;
pstrcpy(p+1, fname);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
}
@@ -1600,7 +1602,7 @@ BOOL cli_setatr(struct cli_state *cli, char *fname, uint16 attr, time_t t)
p = skip_string(p,1);
*p = 4;
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
}
@@ -2163,13 +2165,14 @@ BOOL cli_oem_change_password(struct cli_state *cli, const char *user, const char
data_len = 532;
- if (cli_send_trans(cli,SMBtrans,
+ if (!cli_send_trans(cli,SMBtrans,
PIPE_LANMAN,strlen(PIPE_LANMAN), /* name, length */
0,0, /* fid, flags */
NULL,0,0, /* setup, length, max */
param,param_len,2, /* param, length, max */
data,data_len,0 /* data, length, max */
- ) == False) {
+ ))
+ {
DEBUG(0,("cli_oem_change_password: Failed to send password change for user %s\n",
user ));
return False;
@@ -2223,11 +2226,11 @@ BOOL cli_negprot(struct cli_state *cli)
CVAL(smb_buf(cli->outbuf),0) = 2;
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli))
+ {
return False;
-
- show_msg(cli->inbuf);
+ }
if (CVAL(cli->inbuf,smb_rcls) != 0 ||
((int)SVAL(cli->inbuf,smb_vwv0) >= numprots)) {
@@ -2305,7 +2308,7 @@ BOOL cli_session_request(struct cli_state *cli,
retry:
#endif /* WITH_SSL */
- cli_send_smb(cli);
+ cli_send_smb(cli, False);
DEBUG(5,("Sent session request\n"));
if (!cli_receive_smb(cli))
@@ -2401,6 +2404,7 @@ shutdown a client structure
****************************************************************************/
void cli_shutdown(struct cli_state *cli)
{
+ DEBUG(10,("cli_shutdown\n"));
if (cli->outbuf)
{
free(cli->outbuf);
@@ -2414,7 +2418,9 @@ void cli_shutdown(struct cli_state *cli)
sslutil_disconnect(cli->fd);
#endif /* WITH_SSL */
if (cli->fd != -1)
- close(cli->fd);
+ {
+ close(cli->fd);
+ }
memset(cli, 0, sizeof(*cli));
}
@@ -2429,10 +2435,18 @@ void cli_shutdown(struct cli_state *cli)
****************************************************************************/
int cli_error(struct cli_state *cli, uint8 *eclass, uint32 *num)
{
- int flgs2 = SVAL(cli->inbuf,smb_flg2);
+ int flgs2;
char rcls;
int code;
+ if (!cli->initialised)
+ {
+ DEBUG(0,("cli_error: client state uninitialised!\n"));
+ return EINVAL;
+ }
+
+ flgs2 = SVAL(cli->inbuf,smb_flg2);
+
if (eclass) *eclass = 0;
if (num ) *num = 0;
@@ -2671,7 +2685,9 @@ BOOL cli_establish_connection(struct cli_state *cli,
{
DEBUG(1,("failed session setup\n"));
if (do_shutdown)
- cli_shutdown(cli);
+ {
+ cli_shutdown(cli);
+ }
return False;
}
@@ -2682,20 +2698,105 @@ BOOL cli_establish_connection(struct cli_state *cli,
{
DEBUG(1,("failed tcon_X\n"));
if (do_shutdown)
- cli_shutdown(cli);
+ {
+ cli_shutdown(cli);
+ }
return False;
}
}
}
if (do_shutdown)
- cli_shutdown(cli);
+ {
+ cli_shutdown(cli);
+ }
return True;
}
/****************************************************************************
+ connect to one of multiple servers: don't care which
+****************************************************************************/
+BOOL cli_connect_serverlist(struct cli_state *cli, char *p)
+{
+ extern pstring global_myname;
+ extern pstring scope;
+ fstring remote_machine;
+ struct in_addr dest_ip;
+ struct nmb_name calling, called;
+ BOOL connected_ok = True;
+
+ ZERO_STRUCT(cli);
+
+ if (!cli_initialise(cli))
+ {
+ DEBUG(0,("cli_connect_serverlist: unable to initialize client connection.\n"));
+ return False;
+ }
+
+ /*
+ * Treat each name in the 'password server =' line as a potential
+ * PDC/BDC. Contact each in turn and try and authenticate.
+ */
+
+ while(p && next_token(&p,remote_machine,LIST_SEP,sizeof(remote_machine)))
+ {
+ standard_sub_basic(remote_machine);
+ strupper(remote_machine);
+
+ if (!resolve_name( remote_machine, &dest_ip, 0x20))
+ {
+ DEBUG(1,("cli_connect_serverlist: Can't resolve address for %s\n", remote_machine));
+ continue;
+ }
+
+ if (ismyip(dest_ip))
+ {
+ DEBUG(1,("cli_connect_serverlist: Password server loop - not using password server %s\n", remote_machine));
+ continue;
+ }
+
+ make_nmb_name(&calling, global_myname , 0x0 , scope);
+ make_nmb_name(&called , remote_machine, 0x20, scope);
+
+ pwd_set_nullpwd(&cli->pwd);
+
+ if (!cli_establish_connection(cli, remote_machine, &dest_ip,
+ &calling, &called,
+ "IPC$", "IPC",
+ False, True))
+ {
+ cli_shutdown(cli);
+ continue;
+ }
+
+ if (!IS_BITS_SET_ALL(cli->sec_mode, 1))
+ {
+ DEBUG(1,("cli_connect_serverlist: machine %s isn't in user level security mode\n",
+ remote_machine));
+ cli_shutdown(cli);
+ continue;
+ }
+
+ /*
+ * We have an anonymous connection to IPC$.
+ */
+
+ connected_ok = True;
+ break;
+ }
+
+ if (!connected_ok)
+ {
+ DEBUG(0,("cli_connect_serverlist: Domain password server not available.\n"));
+ cli_shutdown(cli);
+ }
+
+ return connected_ok;
+}
+
+/****************************************************************************
cancel a print job
****************************************************************************/
int cli_printjob_del(struct cli_state *cli, int job)
@@ -2826,7 +2927,7 @@ BOOL cli_chkpath(struct cli_state *cli, char *path)
*p++ = 4;
fstrcpy(p,path2);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
}
@@ -2862,7 +2963,7 @@ BOOL cli_message_start(struct cli_state *cli, char *host, char *username,
set_message(cli->outbuf,0,PTR_DIFF(p,smb_buf(cli->outbuf)),False);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
@@ -2895,7 +2996,7 @@ BOOL cli_message_text(struct cli_state *cli, char *msg, int len, int grp)
*p = 1;
SSVAL(p,1,len);
memcpy(p+3,msg,len);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
@@ -2920,7 +3021,7 @@ BOOL cli_message_end(struct cli_state *cli, int grp)
cli_setup_packet(cli);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
@@ -2943,7 +3044,7 @@ BOOL cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail)
SSVAL(cli->outbuf,smb_tid,cli->cnum);
cli_setup_packet(cli);
- cli_send_smb(cli);
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return False;
}
diff --git a/source3/lsarpcd/srv_lsa.c b/source3/lsarpcd/srv_lsa.c
index 5e6e101883..51b6e8d25b 100644
--- a/source3/lsarpcd/srv_lsa.c
+++ b/source3/lsarpcd/srv_lsa.c
@@ -29,6 +29,12 @@
extern int DEBUGLEVEL;
extern DOM_SID global_sam_sid;
+extern fstring global_sam_name;
+extern DOM_SID global_member_sid;
+extern fstring global_myworkgroup;
+extern DOM_SID global_sid_S_1_1;
+extern DOM_SID global_sid_S_1_3;
+extern DOM_SID global_sid_S_1_5;
/***************************************************************************
lsa_reply_open_policy2
@@ -84,8 +90,8 @@ static void make_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
d_q->uni_dom_max_len = domlen * 2;
d_q->uni_dom_str_len = domlen * 2;
- d_q->buffer_dom_name = 4; /* domain buffer pointer */
- d_q->buffer_dom_sid = 2; /* domain sid pointer */
+ d_q->buffer_dom_name = domlen != 0 ? 1 : 0; /* domain buffer pointer */
+ d_q->buffer_dom_sid = dom_sid != NULL ? 1 : 0; /* domain sid pointer */
/* this string is supposed to be character short */
make_unistr2(&(d_q->uni_domain_name), dom_name, domlen);
@@ -137,50 +143,70 @@ static void lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata,
/***************************************************************************
-make_dom_ref
+make_dom_ref - adds a domain if it's not already in, returns the index
***************************************************************************/
-static void make_dom_ref(DOM_R_REF *ref, int num_domains,
- char **dom_names, DOM_SID **dom_sids)
+static int make_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid)
{
- int i;
+ int num = 0;
+ int len;
- if (num_domains > MAX_REF_DOMAINS)
+ if (dom_name != NULL)
{
- num_domains = MAX_REF_DOMAINS;
+ for (num = 0; num < ref->num_ref_doms_1; num++)
+ {
+ fstring domname;
+ fstrcpy(domname, unistr2_to_str(&ref->ref_dom[num].uni_dom_name));
+ if (strequal(domname, dom_name))
+ {
+ return num;
+ }
+ }
+
+ }
+ else
+ {
+ num = ref->num_ref_doms_1;
+ }
+
+ if (num >= MAX_REF_DOMAINS)
+ {
+ /* index not found, already at maximum domain limit */
+ return -1;
}
ref->undoc_buffer = 1;
- ref->num_ref_doms_1 = num_domains;
+ ref->num_ref_doms_1 = num+1;
ref->undoc_buffer2 = 1;
ref->max_entries = MAX_REF_DOMAINS;
- ref->num_ref_doms_2 = num_domains;
+ ref->num_ref_doms_2 = num+1;
- for (i = 0; i < num_domains; i++)
- {
- int len = dom_names[i] != NULL ? strlen(dom_names[i]) : 0;
+ len = dom_name != NULL ? strlen(dom_name) : 0;
- make_uni_hdr(&(ref->hdr_ref_dom[i].hdr_dom_name), len, len, len != 0 ? 1 : 0);
- ref->hdr_ref_dom[i].ptr_dom_sid = dom_sids[i] != NULL ? 1 : 0;
+ make_uni_hdr(&(ref->hdr_ref_dom[num].hdr_dom_name), len, len, len != 0 ? 1 : 0);
+ ref->hdr_ref_dom[num].ptr_dom_sid = dom_sid != NULL ? 1 : 0;
- make_unistr2 (&(ref->ref_dom[i].uni_dom_name), dom_names[i], len);
- make_dom_sid2(&(ref->ref_dom[i].ref_dom ), dom_sids [i]);
- }
+ make_unistr2 (&(ref->ref_dom[num].uni_dom_name), dom_name, len);
+ make_dom_sid2(&(ref->ref_dom[num].ref_dom ), dom_sid );
+ return num;
}
/***************************************************************************
make_reply_lookup_rids
***************************************************************************/
static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
- int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
- int num_ref_doms,
- char **dom_names, DOM_SID **dom_sids)
+ int num_entries,
+ uint32 dom_rids[MAX_LOOKUP_SIDS],
+ uint8 dom_types[MAX_LOOKUP_SIDS])
{
int i;
- make_dom_ref(&(r_l->dom_ref), num_ref_doms, dom_names, dom_sids);
+ r_l->num_entries = 0;
+ r_l->undoc_buffer = 0;
+ r_l->num_entries2 = 0;
+#if 0
r_l->num_entries = num_entries;
r_l->undoc_buffer = 1;
r_l->num_entries2 = num_entries;
@@ -189,58 +215,85 @@ static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
for (i = 0; i < num_entries; i++)
{
- make_dom_rid2(&(r_l->dom_rid[i]), dom_rids[i], 0x01);
+ make_dom_ref(&(r_l->dom_ref), dom_name, dom_sid);
+ make_dom_rid2(&(r_l->dom_rid[i]), dom_rids[i], dom_types[i]);
}
r_l->num_entries3 = num_entries;
+#endif
}
/***************************************************************************
make_lsa_trans_names
***************************************************************************/
-static void make_lsa_trans_names(LSA_TRANS_NAME_ENUM *trn,
+static void make_lsa_trans_names(DOM_R_REF *ref,
+ LSA_TRANS_NAME_ENUM *trn,
int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
- uint32 *total)
+ uint32 *mapped_count)
{
- uint32 status = 0x0;
int i;
- (*total) = 0;
+ int total = 0;
+ (*mapped_count) = 0;
SMB_ASSERT(num_entries <= MAX_LOOKUP_SIDS);
for (i = 0; i < num_entries; i++)
{
+ uint32 status = 0x0;
+ DOM_SID find_sid = sid[i].sid;
+ DOM_SID tmp = sid[i].sid;
uint32 rid = 0xffffffff;
- uint8 num_auths = sid[i].sid.num_auths;
+ int dom_idx = -1;
fstring name;
- uint32 type;
+ fstring dom_name;
+ uint8 sid_name_use = 0;
- SMB_ASSERT_ARRAY(sid[i].sid.sub_auths, num_auths);
+ memset(dom_name, 0, sizeof(dom_name));
+ memset(name , 0, sizeof(name ));
- /* find the rid to look up */
- if (num_auths != 0)
+ if (map_domain_sid_to_name(&find_sid, dom_name))
+ {
+ sid_name_use = SID_NAME_DOMAIN;
+ dom_idx = make_dom_ref(ref, dom_name, &find_sid);
+ }
+ else if (sid_split_rid (&find_sid, &rid) &&
+ map_domain_sid_to_name(&find_sid, dom_name))
+ {
+ if (sid_equal(&find_sid, &global_sam_sid))
+ {
+ status = lookup_name(&tmp, name, &sid_name_use);
+ }
+ else
+ {
+ status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
+ }
+ }
+ else
{
- rid = sid[i].sid.sub_auths[num_auths-1];
-
status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-
- status = (status != 0x0) ? lookup_user_name (rid, name, &type) : status;
- status = (status != 0x0) ? lookup_group_name(rid, name, &type) : status;
- status = (status != 0x0) ? lookup_alias_name(rid, name, &type) : status;
}
+ dom_idx = make_dom_ref(ref, dom_name, &find_sid);
+
if (status == 0x0)
{
- make_lsa_trans_name(&(trn->name [(*total)]),
- &(trn->uni_name[(*total)]),
- type, name, (*total));
- (*total)++;
+ (*mapped_count)++;
+ }
+ else
+ {
+ snprintf(name, sizeof(name), "%08x", rid);
+ sid_name_use = SID_NAME_UNKNOWN;
+
}
+ make_lsa_trans_name(&(trn->name [total]),
+ &(trn->uni_name[total]),
+ sid_name_use, name, dom_idx);
+ total++;
}
- trn->num_entries = (*total);
+ trn->num_entries = total;
trn->ptr_trans_names = 1;
- trn->num_entries2 = (*total);
+ trn->num_entries2 = total;
}
/***************************************************************************
@@ -260,9 +313,7 @@ static void make_reply_lookup_sids(LSA_R_LOOKUP_SIDS *r_l,
lsa_reply_lookup_sids
***************************************************************************/
static void lsa_reply_lookup_sids(prs_struct *rdata,
- int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
- int num_ref_doms,
- char **dom_names, DOM_SID **dom_sids)
+ DOM_SID2 *sid, int num_entries)
{
LSA_R_LOOKUP_SIDS r_l;
DOM_R_REF ref;
@@ -274,8 +325,7 @@ static void lsa_reply_lookup_sids(prs_struct *rdata,
ZERO_STRUCT(names);
/* set up the LSA Lookup SIDs response */
- make_dom_ref(&ref, num_ref_doms, dom_names, dom_sids);
- make_lsa_trans_names(&names, num_entries, sid, &mapped_count);
+ make_lsa_trans_names(&ref, &names, num_entries, sid, &mapped_count);
make_reply_lookup_sids(&r_l, &ref, &names, mapped_count, 0x0);
/* store the response in the SMB stream */
@@ -286,17 +336,17 @@ static void lsa_reply_lookup_sids(prs_struct *rdata,
lsa_reply_lookup_rids
***************************************************************************/
static void lsa_reply_lookup_rids(prs_struct *rdata,
- int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
- int num_ref_doms,
- char **dom_names, DOM_SID **dom_sids)
+ int num_entries,
+ uint32 dom_rids[MAX_LOOKUP_SIDS],
+ uint8 dom_types[MAX_LOOKUP_SIDS])
{
LSA_R_LOOKUP_RIDS r_l;
ZERO_STRUCT(r_l);
/* set up the LSA Lookup RIDs response */
- make_reply_lookup_rids(&r_l, num_entries, dom_rids,
- num_ref_doms, dom_names, dom_sids);
+ make_reply_lookup_rids(&r_l, num_entries, dom_rids, dom_types);
+
r_l.status = 0x0;
/* store the response in the SMB stream */
@@ -365,17 +415,39 @@ static void api_lsa_query_info( uint16 vuid, prs_struct *data,
prs_struct *rdata )
{
LSA_Q_QUERY_INFO q_i;
- pstring dom_name;
+ fstring name;
+ DOM_SID *sid = NULL;
+ memset(name, 0, sizeof(name));
ZERO_STRUCT(q_i);
/* grab the info class and policy handle */
lsa_io_q_query("", &q_i, data, 0);
- pstrcpy(dom_name, lp_workgroup());
+ switch (q_i.info_class)
+ {
+ case 0x03:
+ {
+ fstrcpy(name, global_myworkgroup);
+ sid = &global_member_sid;
+ break;
+ }
+ case 0x05:
+ {
+ fstrcpy(name, global_sam_name);
+ sid = &global_sam_sid;
+ break;
+ }
+ default:
+ {
+ DEBUG(5,("unknown info level in Lsa Query: %d\n",
+ q_i.info_class));
+ break;
+ }
+ }
/* construct reply. return status is always 0x0 */
- lsa_reply_query_info(&q_i, rdata, dom_name, &global_sam_sid);
+ lsa_reply_query_info(&q_i, rdata, name, sid);
}
/***************************************************************************
@@ -385,44 +457,13 @@ static void api_lsa_lookup_sids( uint16 vuid, prs_struct *data,
prs_struct *rdata )
{
LSA_Q_LOOKUP_SIDS q_l;
- pstring dom_name;
- DOM_SID sid_S_1_1;
- DOM_SID sid_S_1_3;
- DOM_SID sid_S_1_5;
-
- DOM_SID *sid_array[4];
- char *dom_names[4];
-
ZERO_STRUCT(q_l);
- ZERO_STRUCT(sid_S_1_1);
- ZERO_STRUCT(sid_S_1_3);
- ZERO_STRUCT(sid_S_1_5);
/* grab the info class and policy handle */
lsa_io_q_lookup_sids("", &q_l, data, 0);
- pstrcpy(dom_name, lp_workgroup());
-
- string_to_sid(&sid_S_1_1, "S-1-1");
- string_to_sid(&sid_S_1_3, "S-1-3");
- string_to_sid(&sid_S_1_5, "S-1-5");
-
- dom_names[0] = dom_name;
- sid_array[0] = &global_sam_sid;
-
- dom_names[1] = "Everyone";
- sid_array[1] = &sid_S_1_1;
-
- dom_names[2] = "don't know";
- sid_array[2] = &sid_S_1_3;
-
- dom_names[3] = "NT AUTHORITY";
- sid_array[3] = &sid_S_1_5;
-
/* construct reply. return status is always 0x0 */
- lsa_reply_lookup_sids(rdata,
- q_l.sids.num_entries, q_l.sids.sid, /* SIDs */
- 4, dom_names, sid_array);
+ lsa_reply_lookup_sids(rdata, q_l.sids.sid, q_l.sids.num_entries);
}
/***************************************************************************
@@ -433,63 +474,24 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
{
int i;
LSA_Q_LOOKUP_RIDS q_l;
- pstring dom_name;
uint32 dom_rids[MAX_LOOKUP_SIDS];
- uint32 dummy_g_rid;
-
- DOM_SID sid_S_1_1;
- DOM_SID sid_S_1_3;
- DOM_SID sid_S_1_5;
-
- DOM_SID *sid_array[4];
- char *dom_names[4];
+ uint8 dom_types[MAX_LOOKUP_SIDS];
ZERO_STRUCT(q_l);
- ZERO_STRUCT(sid_S_1_1);
- ZERO_STRUCT(sid_S_1_3);
- ZERO_STRUCT(sid_S_1_5);
ZERO_ARRAY(dom_rids);
/* grab the info class and policy handle */
lsa_io_q_lookup_rids("", &q_l, data, 0);
- pstrcpy(dom_name, lp_workgroup());
-
- string_to_sid(&sid_S_1_1, "S-1-1");
- string_to_sid(&sid_S_1_3, "S-1-3");
- string_to_sid(&sid_S_1_5, "S-1-5");
-
- dom_names[0] = dom_name;
- sid_array[0] = &global_sam_sid;
-
- dom_names[1] = "Everyone";
- sid_array[1] = &sid_S_1_1;
-
- dom_names[2] = "don't know";
- sid_array[2] = &sid_S_1_3;
-
- dom_names[3] = "NT AUTHORITY";
- sid_array[3] = &sid_S_1_5;
-
SMB_ASSERT_ARRAY(q_l.lookup_name, q_l.num_entries);
/* convert received RIDs to strings, so we can do them. */
for (i = 0; i < q_l.num_entries; i++)
{
- fstring user_name;
- fstrcpy(user_name, unistr2(q_l.lookup_name[i].str.buffer));
-
- /*
- * Map to the UNIX username.
- */
- map_username(user_name);
-
- /*
- * Do any case conversions.
- */
- (void)Get_Pwnam(user_name, True);
+ fstring name;
+ fstrcpy(name, unistr2(q_l.lookup_name[i].str.buffer));
- if (!pdb_name_to_rid(user_name, &dom_rids[i], &dummy_g_rid))
+ if (lookup_rid(name, &dom_rids[i], &dom_types[i]))
{
/* WHOOPS! we should really do something about this... */
dom_rids[i] = 0;
@@ -498,8 +500,9 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
/* construct reply. return status is always 0x0 */
lsa_reply_lookup_rids(rdata,
- q_l.num_entries, dom_rids, /* text-converted SIDs */
- 4, dom_names, sid_array);
+ q_l.num_entries,
+ dom_rids, /* text-converted SIDs */
+ dom_types); /* SID_NAME_USE types */
}
/***************************************************************************
diff --git a/source3/mem_man/mem_man.c b/source3/mem_man/mem_man.c
index 758fac4386..34ae6fd43c 100644
--- a/source3/mem_man/mem_man.c
+++ b/source3/mem_man/mem_man.c
@@ -501,8 +501,9 @@ int smb_mem_free(void *ptr,char *file,int line)
static void mem_write_Index_info(int Index,FILE *outfile)
{
if (memory_blocks[Index].status != S_UNALLOCATED)
- fprintf(outfile,"block %d file %s(%d) : size %d, alloc size %d, status %s\n",
+ fprintf(outfile,"block %d file %s(%d) : ptr: %p size %d, alloc size %d, status %s\n",
Index,memory_blocks[Index].file,memory_blocks[Index].line,
+ memory_blocks[Index].pointer,
memory_blocks[Index].present_size,
memory_blocks[Index].allocated_size,
status_to_str(memory_blocks[Index].status));
diff --git a/source3/mem_man/mem_man.h b/source3/mem_man/mem_man.h
index 60e31e6d44..eef281b2f9 100644
--- a/source3/mem_man/mem_man.h
+++ b/source3/mem_man/mem_man.h
@@ -1,4 +1,4 @@
-#if (defined(NOMEMMAN) && !defined(MEM_MAN_MAIN))
+#if (defined(NOMEMMAN) && !defined(MEM_MAN_MAIN) && defined(HAVE_MALLOC_H))
#include <malloc.h>
#else
diff --git a/source3/nmbd/nmbd.c b/source3/nmbd/nmbd.c
index d7ce42dae2..2c9dd13274 100644
--- a/source3/nmbd/nmbd.c
+++ b/source3/nmbd/nmbd.c
@@ -567,7 +567,7 @@ static void usage(char *pname)
charset_initialise();
- if(!initialize_password_db())
+ if(!initialise_password_db())
exit(1);
#ifdef LMHOSTSFILE
@@ -593,11 +593,11 @@ static void usage(char *pname)
SIGUSR1 and SIGUSR2 to do debug level changes. */
#ifndef MEM_MAN
#if defined(SIGUSR1)
- CatchSignal( SIGUSR1, SIGNAL_CAST sig_usr1 );
+ CatchSignal( SIGUSR1, SIGNAL_CAST sig_usr1 );
#endif /* SIGUSR1 */
#if defined(SIGUSR2)
- CatchSignal( SIGUSR2, SIGNAL_CAST sig_usr2 );
+ CatchSignal( SIGUSR2, SIGNAL_CAST sig_usr2 );
#endif /* SIGUSR2 */
#endif /* MEM_MAN */
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 8b35116858..7a28d3418f 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -116,20 +116,16 @@ typedef struct
char *szLogFile;
char *szConfigFile;
char *szSMBPasswdFile;
+ char *szSMBPassGroupFile;
+ char *szSMBGroupFile;
+ char *szSMBAliasFile;
char *szPasswordServer;
char *szSocketOptions;
char *szValidChars;
char *szWorkGroup;
- char *szDomainAdminGroup;
- char *szDomainGuestGroup;
- char *szDomainAdminUsers;
- char *szDomainGuestUsers;
- char *szDomainHostsallow;
- char *szDomainHostsdeny;
char *szUsernameMap;
-#ifdef USING_GROUPNAME_MAP
+ char *szAliasnameMap;
char *szGroupnameMap;
-#endif /* USING_GROUPNAME_MAP */
char *szCharacterSet;
char *szLogonScript;
char *szLogonPath;
@@ -146,7 +142,6 @@ typedef struct
char *szAnnounceVersion; /* This is initialised in init_globals */
char *szNetbiosAliases;
char *szDomainOtherSIDs;
- char *szDomainGroups;
char *szDriverFile;
char *szNameResolveOrder;
char *szLdapServer;
@@ -501,6 +496,7 @@ static struct enum_list enum_ssl_version[] = {{SMB_SSL_V2, "ssl2"}, {SMB_SSL_V3,
static struct parm_struct parm_table[] =
{
{"Base Options", P_SEP, P_SEPARATOR},
+
{"comment", P_STRING, P_LOCAL, &sDefault.comment, NULL, NULL, FLAG_BASIC|FLAG_PRINT},
{"path", P_STRING, P_LOCAL, &sDefault.szPath, NULL, NULL, FLAG_BASIC|FLAG_PRINT},
{"directory", P_STRING, P_LOCAL, &sDefault.szPath, NULL, NULL, 0},
@@ -512,6 +508,7 @@ static struct parm_struct parm_table[] =
{"bind interfaces only", P_BOOL,P_GLOBAL, &Globals.bBindInterfacesOnly,NULL, NULL, 0},
{"Security Options", P_SEP, P_SEPARATOR},
+
{"security", P_ENUM, P_GLOBAL, &Globals.security, NULL, enum_security, FLAG_BASIC},
{"encrypt passwords",P_BOOL, P_GLOBAL, &Globals.bEncryptPasswords, NULL, NULL, FLAG_BASIC},
{"update encrypted", P_BOOL, P_GLOBAL, &Globals.bUpdateEncrypt, NULL, NULL, FLAG_BASIC},
@@ -520,6 +517,9 @@ static struct parm_struct parm_table[] =
{"null passwords", P_BOOL, P_GLOBAL, &Globals.bNullPasswords, NULL, NULL, 0},
{"password server", P_STRING, P_GLOBAL, &Globals.szPasswordServer, NULL, NULL, 0},
{"smb passwd file", P_STRING, P_GLOBAL, &Globals.szSMBPasswdFile, NULL, NULL, 0},
+ {"smb passgrp file", P_STRING, P_GLOBAL, &Globals.szSMBPassGroupFile, NULL, NULL, 0},
+ {"smb group file", P_STRING, P_GLOBAL, &Globals.szSMBGroupFile, NULL, NULL, 0},
+ {"smb alias file", P_STRING, P_GLOBAL, &Globals.szSMBAliasFile, NULL, NULL, 0},
{"hosts equiv", P_STRING, P_GLOBAL, &Globals.szHostsEquiv, NULL, NULL, 0},
{"root directory", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, 0},
{"root dir", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, 0},
@@ -567,6 +567,7 @@ static struct parm_struct parm_table[] =
#ifdef WITH_SSL
{"Secure Socket Layer Options", P_SEP, P_SEPARATOR},
+
{"ssl", P_BOOL, P_GLOBAL, &Globals.sslEnabled, NULL, NULL, 0 },
{"ssl hosts", P_STRING, P_GLOBAL, &Globals.sslHostsRequire, NULL, NULL, 0 },
{"ssl hosts resign", P_STRING, P_GLOBAL, &Globals.sslHostsResign, NULL, NULL, 0} ,
@@ -584,6 +585,7 @@ static struct parm_struct parm_table[] =
#endif /* WITH_SSL */
{"Logging Options", P_SEP, P_SEPARATOR},
+
{"log level", P_INTEGER, P_GLOBAL, &DEBUGLEVEL, NULL, NULL, FLAG_BASIC},
{"debuglevel", P_INTEGER, P_GLOBAL, &DEBUGLEVEL, NULL, NULL, 0},
{"syslog", P_INTEGER, P_GLOBAL, &Globals.syslog, NULL, NULL, 0},
@@ -595,6 +597,7 @@ static struct parm_struct parm_table[] =
{"status", P_BOOL, P_LOCAL, &sDefault.status, NULL, NULL, FLAG_GLOBAL},
{"Protocol Options", P_SEP, P_SEPARATOR},
+
{"protocol", P_ENUM, P_GLOBAL, &Globals.maxprotocol, NULL, enum_protocol, 0},
{"read bmpx", P_BOOL, P_GLOBAL, &Globals.bReadbmpx, NULL, NULL, 0},
{"read raw", P_BOOL, P_GLOBAL, &Globals.bReadRaw, NULL, NULL, 0},
@@ -614,6 +617,7 @@ static struct parm_struct parm_table[] =
{"time server", P_BOOL, P_GLOBAL, &Globals.bTimeServer, NULL, NULL, 0},
{"Tuning Options", P_SEP, P_SEPARATOR},
+
{"change notify timeout", P_INTEGER, P_GLOBAL, &Globals.change_notify_timeout, NULL, NULL, 0},
{"deadtime", P_INTEGER, P_GLOBAL, &Globals.deadtime, NULL, NULL, 0},
{"getwd cache", P_BOOL, P_GLOBAL, &use_getwd_cache, NULL, NULL, 0},
@@ -632,6 +636,7 @@ static struct parm_struct parm_table[] =
{"sync always", P_BOOL, P_LOCAL, &sDefault.bSyncAlways, NULL, NULL, 0},
{"Printing Options", P_SEP, P_SEPARATOR},
+
{"load printers", P_BOOL, P_GLOBAL, &Globals.bLoadPrinters, NULL, NULL, 0},
{"printcap name", P_STRING, P_GLOBAL, &Globals.szPrintcapname, NULL, NULL, 0},
{"printcap", P_STRING, P_GLOBAL, &Globals.szPrintcapname, NULL, NULL, 0},
@@ -653,7 +658,6 @@ static struct parm_struct parm_table[] =
{"printer driver", P_STRING, P_LOCAL, &sDefault.szPrinterDriver, NULL, NULL, 0},
{"printer driver location", P_STRING, P_LOCAL, &sDefault.szPrinterDriverLocation, NULL, NULL, FLAG_GLOBAL},
-
{"Filename Handling", P_SEP, P_SEPARATOR},
{"strip dot", P_BOOL, P_GLOBAL, &Globals.bStripDot, NULL, NULL, 0},
{"character set", P_STRING, P_GLOBAL, &Globals.szCharacterSet, handle_character_set, NULL, 0},
@@ -680,17 +684,13 @@ static struct parm_struct parm_table[] =
{"stat cache", P_BOOL, P_GLOBAL, &Globals.bStatCache, NULL, NULL, 0},
{"Domain Options", P_SEP, P_SEPARATOR},
- {"domain groups", P_STRING, P_GLOBAL, &Globals.szDomainGroups, NULL, NULL, 0},
- {"domain admin group",P_STRING, P_GLOBAL, &Globals.szDomainAdminGroup, NULL, NULL, 0},
- {"domain guest group",P_STRING, P_GLOBAL, &Globals.szDomainGuestGroup, NULL, NULL, 0},
- {"domain admin users",P_STRING, P_GLOBAL, &Globals.szDomainAdminUsers, NULL, NULL, 0},
- {"domain guest users",P_STRING, P_GLOBAL, &Globals.szDomainGuestUsers, NULL, NULL, 0},
-#ifdef USING_GROUPNAME_MAP
- {"groupname map", P_STRING, P_GLOBAL, &Globals.szGroupnameMap, NULL, NULL, 0},
-#endif /* USING_GROUPNAME_MAP */
+
+ {"local group map", P_STRING, P_GLOBAL, &Globals.szAliasnameMap, NULL, NULL, 0},
+ {"domain group map", P_STRING, P_GLOBAL, &Globals.szGroupnameMap, NULL, NULL, 0},
{"machine password timeout", P_INTEGER, P_GLOBAL, &Globals.machine_password_timeout, NULL, NULL, 0},
{"Logon Options", P_SEP, P_SEPARATOR},
+
{"logon script", P_STRING, P_GLOBAL, &Globals.szLogonScript, NULL, NULL, 0},
{"logon path", P_STRING, P_GLOBAL, &Globals.szLogonPath, NULL, NULL, 0},
{"logon drive", P_STRING, P_GLOBAL, &Globals.szLogonDrive, NULL, NULL, 0},
@@ -698,6 +698,7 @@ static struct parm_struct parm_table[] =
{"domain logons", P_BOOL, P_GLOBAL, &Globals.bDomainLogons, NULL, NULL, 0},
{"Browse Options", P_SEP, P_SEPARATOR},
+
{"os level", P_INTEGER, P_GLOBAL, &Globals.os_level, NULL, NULL, FLAG_BASIC},
{"lm announce", P_ENUM, P_GLOBAL, &Globals.lm_announce, NULL, enum_lm_announce, 0},
{"lm interval", P_INTEGER, P_GLOBAL, &Globals.lm_interval, NULL, NULL, 0},
@@ -710,12 +711,14 @@ static struct parm_struct parm_table[] =
{"browsable", P_BOOL, P_LOCAL, &sDefault.bBrowseable, NULL, NULL, 0},
{"WINS Options", P_SEP, P_SEPARATOR},
+
{"dns proxy", P_BOOL, P_GLOBAL, &Globals.bDNSproxy, NULL, NULL, 0},
{"wins proxy", P_BOOL, P_GLOBAL, &Globals.bWINSproxy, NULL, NULL, 0},
{"wins server", P_STRING, P_GLOBAL, &Globals.szWINSserver, NULL, NULL, FLAG_BASIC},
{"wins support", P_BOOL, P_GLOBAL, &Globals.bWINSsupport, NULL, NULL, FLAG_BASIC},
{"Locking Options", P_SEP, P_SEPARATOR},
+
{"blocking locks", P_BOOL, P_LOCAL, &sDefault.bBlockingLocks, NULL, NULL, 0},
{"fake oplocks", P_BOOL, P_LOCAL, &sDefault.bFakeOplocks, NULL, NULL, 0},
{"kernel oplocks", P_BOOL, P_GLOBAL, &Globals.bKernelOplocks, NULL, NULL, FLAG_GLOBAL},
@@ -727,6 +730,7 @@ static struct parm_struct parm_table[] =
#ifdef WITH_LDAP
{"Ldap Options", P_SEP, P_SEPARATOR},
+
{"ldap server", P_STRING, P_GLOBAL, &Globals.szLdapServer, NULL, NULL, 0},
{"ldap port", P_INTEGER, P_GLOBAL, &Globals.ldap_port, NULL, NULL, 0},
{"ldap suffix", P_STRING, P_GLOBAL, &Globals.szLdapSuffix, NULL, NULL, 0},
@@ -737,6 +741,7 @@ static struct parm_struct parm_table[] =
{"Miscellaneous Options", P_SEP, P_SEPARATOR},
+
{"smbrun", P_STRING, P_GLOBAL, &Globals.szSmbrun, NULL, NULL, 0},
{"config file", P_STRING, P_GLOBAL, &Globals.szConfigFile, NULL, NULL, FLAG_HIDE},
{"preload", P_STRING, P_GLOBAL, &Globals.szAutoServices, NULL, NULL, 0},
@@ -814,6 +819,9 @@ static void init_globals(void)
DEBUG(3,("Initialising global parameters\n"));
string_set(&Globals.szSMBPasswdFile, SMB_PASSWD_FILE);
+ string_set(&Globals.szSMBPassGroupFile, SMB_PASSGRP_FILE);
+ string_set(&Globals.szSMBGroupFile, SMB_GROUP_FILE);
+ string_set(&Globals.szSMBAliasFile, SMB_ALIAS_FILE);
string_set(&Globals.szPasswdChat,"*old*password* %o\\n *new*password* %n\\n *new*password* %n\\n *changed*");
string_set(&Globals.szWorkGroup, WORKGROUP);
string_set(&Globals.szPasswdProgram, PASSWD_PROGRAM);
@@ -1093,6 +1101,9 @@ FN_GLOBAL_STRING(lp_logfile,&Globals.szLogFile)
FN_GLOBAL_STRING(lp_smbrun,&Globals.szSmbrun)
FN_GLOBAL_STRING(lp_configfile,&Globals.szConfigFile)
FN_GLOBAL_STRING(lp_smb_passwd_file,&Globals.szSMBPasswdFile)
+FN_GLOBAL_STRING(lp_smb_passgrp_file,&Globals.szSMBPassGroupFile)
+FN_GLOBAL_STRING(lp_smb_group_file,&Globals.szSMBGroupFile)
+FN_GLOBAL_STRING(lp_smb_alias_file,&Globals.szSMBAliasFile)
FN_GLOBAL_STRING(lp_serverstring,&Globals.szServerString)
FN_GLOBAL_STRING(lp_printcapname,&Globals.szPrintcapname)
FN_GLOBAL_STRING(lp_lockdir,&Globals.szLockDir)
@@ -1107,9 +1118,8 @@ FN_GLOBAL_STRING(lp_passwordserver,&Globals.szPasswordServer)
FN_GLOBAL_STRING(lp_name_resolve_order,&Globals.szNameResolveOrder)
FN_GLOBAL_STRING(lp_workgroup,&Globals.szWorkGroup)
FN_GLOBAL_STRING(lp_username_map,&Globals.szUsernameMap)
-#ifdef USING_GROUPNAME_MAP
+FN_GLOBAL_STRING(lp_aliasname_map,&Globals.szAliasnameMap)
FN_GLOBAL_STRING(lp_groupname_map,&Globals.szGroupnameMap)
-#endif /* USING_GROUPNAME_MAP */
FN_GLOBAL_STRING(lp_logon_script,&Globals.szLogonScript)
FN_GLOBAL_STRING(lp_logon_path,&Globals.szLogonPath)
FN_GLOBAL_STRING(lp_logon_drive,&Globals.szLogonDrive)
@@ -1125,12 +1135,6 @@ FN_GLOBAL_STRING(lp_netbios_aliases,&Globals.szNetbiosAliases)
FN_GLOBAL_STRING(lp_driverfile,&Globals.szDriverFile)
FN_GLOBAL_STRING(lp_panic_action,&Globals.szPanicAction)
-FN_GLOBAL_STRING(lp_domain_groups,&Globals.szDomainGroups)
-FN_GLOBAL_STRING(lp_domain_admin_group,&Globals.szDomainAdminGroup)
-FN_GLOBAL_STRING(lp_domain_guest_group,&Globals.szDomainGuestGroup)
-FN_GLOBAL_STRING(lp_domain_admin_users,&Globals.szDomainAdminUsers)
-FN_GLOBAL_STRING(lp_domain_guest_users,&Globals.szDomainGuestUsers)
-
#ifdef WITH_LDAP
FN_GLOBAL_STRING(lp_ldap_server,&Globals.szLdapServer);
FN_GLOBAL_STRING(lp_ldap_suffix,&Globals.szLdapSuffix);
diff --git a/source3/passdb/ldap.c b/source3/passdb/ldap.c
index ed275c4a88..af48ebbdc0 100644
--- a/source3/passdb/ldap.c
+++ b/source3/passdb/ldap.c
@@ -223,7 +223,7 @@ static void ldap_get_smb_passwd(LDAP *ldap_struct,LDAPMessage *entry,
static unsigned char smblmpwd[16];
static unsigned char smbntpwd[16];
- pdb_init_smb(user);
+ pwdb_init_smb(user);
bzero(smblmpwd, sizeof(smblmpwd));
bzero(smbntpwd, sizeof(smbntpwd));
@@ -237,16 +237,16 @@ static void ldap_get_smb_passwd(LDAP *ldap_struct,LDAPMessage *entry,
bzero(temp, sizeof(temp)); /* destroy local copy of the password */
#else
get_single_attribute(ldap_struct, entry, "unicodePwd", temp);
- pdb_gethexpwd(temp, smbntpwd);
+ pwdb_gethexpwd(temp, smbntpwd);
bzero(temp, sizeof(temp)); /* destroy local copy of the password */
get_single_attribute(ldap_struct, entry, "dBCSPwd", temp);
- pdb_gethexpwd(temp, smblmpwd);
+ pwdb_gethexpwd(temp, smblmpwd);
bzero(temp, sizeof(temp)); /* destroy local copy of the password */
#endif
get_single_attribute(ldap_struct, entry, "userAccountControl", temp);
- user->acct_ctrl = pdb_decode_acct_ctrl(temp);
+ user->acct_ctrl = pwdb_decode_acct_ctrl(temp);
get_single_attribute(ldap_struct, entry, "pwdLastSet", temp);
user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
@@ -254,7 +254,7 @@ static void ldap_get_smb_passwd(LDAP *ldap_struct,LDAPMessage *entry,
get_single_attribute(ldap_struct, entry, "rid", temp);
/* the smb (unix) ids are not stored: they are created */
- user->smb_userid = pdb_user_rid_to_uid (atoi(temp));
+ user->smb_userid = pwdb_user_rid_to_uid (atoi(temp));
if (user->acct_ctrl & (ACB_DOMTRUST|ACB_WSTRUST|ACB_SVRTRUST) )
{
@@ -288,7 +288,7 @@ static void ldap_get_sam_passwd(LDAP *ldap_struct, LDAPMessage *entry,
static pstring temp;
static struct smb_passwd pw_buf;
- pdb_init_sam(user);
+ pwdb_init_sam(user);
ldap_get_smb_passwd(ldap_struct, entry, &pw_buf);
@@ -576,7 +576,7 @@ static BOOL modadd_ldappwd_entry(struct smb_passwd *newpwd, int flag)
make_a_mod(&mods, ldap_state, "rid", rid);
make_a_mod(&mods, ldap_state, "pwdLastSet", lst);
- make_a_mod(&mods, ldap_state, "userAccountControl", pdb_encode_acct_ctrl(newpwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN));
+ make_a_mod(&mods, ldap_state, "userAccountControl", pwdb_encode_acct_ctrl(newpwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN));
switch(flag)
{
@@ -708,7 +708,7 @@ static BOOL modadd_ldap21pwd_entry(struct sam_passwd *newpwd, int flag)
make_a_mod(&mods, ldap_state, "rid", rid);
make_a_mod(&mods, ldap_state, "pwdLastSet", lst);
- make_a_mod(&mods, ldap_state, "userAccountControl", pdb_encode_acct_ctrl(newpwd->acct_ctrl,NEW_PW_FORMAT_SPACE_PADDED_LEN));
+ make_a_mod(&mods, ldap_state, "userAccountControl", pwdb_encode_acct_ctrl(newpwd->acct_ctrl,NEW_PW_FORMAT_SPACE_PADDED_LEN));
ldap_modify_s(ldap_struct, dn, mods);
@@ -922,52 +922,52 @@ static BOOL setldappwpos(void *vp, SMB_BIG_UINT tok)
static struct smb_passwd *getldappwnam(char *name)
{
- return pdb_sam_to_smb(iterate_getsam21pwnam(name));
+ return pwdb_sam_to_smb(iterate_getsam21pwnam(name));
}
static struct smb_passwd *getldappwuid(uid_t smb_userid)
{
- return pdb_sam_to_smb(iterate_getsam21pwuid(smb_userid));
+ return pwdb_sam_to_smb(iterate_getsam21pwuid(smb_userid));
}
static struct smb_passwd *getldappwrid(uint32 user_rid)
{
- return pdb_sam_to_smb(iterate_getsam21pwuid(pdb_user_rid_to_uid(user_rid)));
+ return pwdb_sam_to_smb(iterate_getsam21pwuid(pwdb_user_rid_to_uid(user_rid)));
}
static struct smb_passwd *getldappwent(void *vp)
{
- return pdb_sam_to_smb(getldap21pwent(vp));
+ return pwdb_sam_to_smb(getldap21pwent(vp));
}
static BOOL add_ldappwd_entry(struct smb_passwd *newpwd)
{
- return add_ldap21pwd_entry(pdb_smb_to_sam(newpwd));
+ return add_ldap21pwd_entry(pwdb_smb_to_sam(newpwd));
}
static BOOL mod_ldappwd_entry(struct smb_passwd* pwd, BOOL override)
{
- return mod_ldap21pwd_entry(pdb_smb_to_sam(pwd), override);
+ return mod_ldap21pwd_entry(pwdb_smb_to_sam(pwd), override);
}
static struct sam_disp_info *getldapdispnam(char *name)
{
- return pdb_sam_to_dispinfo(getldap21pwnam(name));
+ return pwdb_sam_to_dispinfo(getldap21pwnam(name));
}
static struct sam_disp_info *getldapdisprid(uint32 rid)
{
- return pdb_sam_to_dispinfo(getldap21pwrid(rid));
+ return pwdb_sam_to_dispinfo(getldap21pwrid(rid));
}
static struct sam_disp_info *getldapdispent(void *vp)
{
- return pdb_sam_to_dispinfo(getldap21pwent(vp));
+ return pwdb_sam_to_dispinfo(getldap21pwent(vp));
}
static struct sam_passwd *getldap21pwuid(uid_t uid)
{
- return pdb_smb_to_sam(iterate_getsam21pwuid(pdb_uid_to_user_rid(uid)));
+ return pwdb_smb_to_sam(iterate_getsam21pwuid(pwdb_uid_to_user_rid(uid)));
}
static struct passdb_ops ldap_ops =
diff --git a/source3/passdb/nispass.c b/source3/passdb/nispass.c
index e750fec1a1..489ccbf25f 100644
--- a/source3/passdb/nispass.c
+++ b/source3/passdb/nispass.c
@@ -361,22 +361,22 @@ static BOOL add_nisp21pwd_entry(struct sam_passwd *newpwd)
new_obj.zo_data.objdata_u.en_data.en_cols.en_cols_len = NIS_RES_OBJECT(tblresult)->zo_data.objdata_u.ta_data.ta_maxcol;
new_obj.zo_data.objdata_u.en_data.en_cols.en_cols_val = calloc(new_obj.zo_data.objdata_u.en_data.en_cols.en_cols_len, sizeof(entry_col));
- pdb_sethexpwd(smb_passwd , newpwd->smb_passwd , newpwd->acct_ctrl);
- pdb_sethexpwd(smb_nt_passwd, newpwd->smb_nt_passwd, newpwd->acct_ctrl);
+ pwdb_sethexpwd(smb_passwd , newpwd->smb_passwd , newpwd->acct_ctrl);
+ pwdb_sethexpwd(smb_nt_passwd, newpwd->smb_nt_passwd, newpwd->acct_ctrl);
- pdb_set_logon_time (logon_t , sizeof(logon_t ), newpwd->logon_time );
- pdb_set_logoff_time (logoff_t , sizeof(logoff_t ), newpwd->logoff_time );
- pdb_set_kickoff_time (kickoff_t, sizeof(kickoff_t), newpwd->kickoff_time );
- pdb_set_last_set_time (pwdlset_t, sizeof(pwdlset_t), newpwd->pass_last_set_time );
- pdb_set_can_change_time (pwdlchg_t, sizeof(pwdlchg_t), newpwd->pass_can_change_time );
- pdb_set_must_change_time(pwdmchg_t, sizeof(pwdmchg_t), newpwd->pass_must_change_time);
+ pwdb_set_logon_time (logon_t , sizeof(logon_t ), newpwd->logon_time );
+ pwdb_set_logoff_time (logoff_t , sizeof(logoff_t ), newpwd->logoff_time );
+ pwdb_set_kickoff_time (kickoff_t, sizeof(kickoff_t), newpwd->kickoff_time );
+ pwdb_set_last_set_time (pwdlset_t, sizeof(pwdlset_t), newpwd->pass_last_set_time );
+ pwdb_set_can_change_time (pwdlchg_t, sizeof(pwdlchg_t), newpwd->pass_can_change_time );
+ pwdb_set_must_change_time(pwdmchg_t, sizeof(pwdmchg_t), newpwd->pass_must_change_time);
slprintf(uid, sizeof(uid), "%u", newpwd->smb_userid);
slprintf(user_rid, sizeof(user_rid), "0x%x", newpwd->user_rid);
slprintf(smb_grpid, sizeof(smb_grpid), "%u", newpwd->smb_grpid);
slprintf(group_rid, sizeof(group_rid), "0x%x", newpwd->group_rid);
- safe_strcpy(acb, pdb_encode_acct_ctrl(newpwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN), sizeof(acb));
+ safe_strcpy(acb, pwdb_encode_acct_ctrl(newpwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN), sizeof(acb));
set_single_attribute(&new_obj, NPF_NAME , newpwd->smb_name , strlen(newpwd->smb_name) , 0);
set_single_attribute(&new_obj, NPF_UID , uid , strlen(uid) , 0);
@@ -456,7 +456,7 @@ static BOOL make_sam_from_nisp(struct sam_passwd *pw_buf, nis_result *result)
if (pw_buf == NULL || result == NULL) return False;
- pdb_init_sam(pw_buf);
+ pwdb_init_sam(pw_buf);
if (result->status != NIS_SUCCESS)
{
@@ -482,7 +482,7 @@ static BOOL make_sam_from_nisp(struct sam_passwd *pw_buf, nis_result *result)
/* Check the lanman password column. */
p = (uchar *)ENTRY_VAL(obj, NPF_LMPWD);
- if (strlen((char *)p) != 32 || !pdb_gethexpwd((char *)p, (char *)smbpwd))
+ if (strlen((char *)p) != 32 || !pwdb_gethexpwd((char *)p, (char *)smbpwd))
{
DEBUG(0, ("make_smb_from_nisp: malformed LM pwd entry.\n"));
return False;
@@ -490,7 +490,7 @@ static BOOL make_sam_from_nisp(struct sam_passwd *pw_buf, nis_result *result)
/* Check the NT password column. */
p = (uchar *)ENTRY_VAL(obj, NPF_NTPWD);
- if (strlen((char *)p) != 32 || !pdb_gethexpwd((char *)p, (char *)smbntpwd))
+ if (strlen((char *)p) != 32 || !pwdb_gethexpwd((char *)p, (char *)smbntpwd))
{
DEBUG(0, ("make_smb_from_nisp: malformed NT pwd entry\n"));
return False;
@@ -603,52 +603,52 @@ static struct sam_passwd *getnisp21pwrid(uint32 rid)
static struct smb_passwd *getnisppwent(void *vp)
{
- return pdb_sam_to_smb(getnisp21pwent(vp));
+ return pwdb_sam_to_smb(getnisp21pwent(vp));
}
static BOOL add_nisppwd_entry(struct smb_passwd *newpwd)
{
- return add_nisp21pwd_entry(pdb_smb_to_sam(newpwd));
+ return add_nisp21pwd_entry(pwdb_smb_to_sam(newpwd));
}
static BOOL mod_nisppwd_entry(struct smb_passwd* pwd, BOOL override)
{
- return mod_nisp21pwd_entry(pdb_smb_to_sam(pwd), override);
+ return mod_nisp21pwd_entry(pwdb_smb_to_sam(pwd), override);
}
static struct smb_passwd *getnisppwnam(char *name)
{
- return pdb_sam_to_smb(getnisp21pwnam(name));
+ return pwdb_sam_to_smb(getnisp21pwnam(name));
}
static struct sam_passwd *getnisp21pwuid(uid_t smb_userid)
{
- return getnisp21pwrid(pdb_uid_to_user_rid(smb_userid));
+ return getnisp21pwrid(pwdb_uid_to_user_rid(smb_userid));
}
static struct smb_passwd *getnisppwrid(uid_t user_rid)
{
- return pdb_sam_to_smb(getnisp21pwuid(pdb_user_rid_to_uid(user_rid)));
+ return pwdb_sam_to_smb(getnisp21pwuid(pwdb_user_rid_to_uid(user_rid)));
}
static struct smb_passwd *getnisppwuid(uid_t smb_userid)
{
- return pdb_sam_to_smb(getnisp21pwuid(smb_userid));
+ return pwdb_sam_to_smb(getnisp21pwuid(smb_userid));
}
static struct sam_disp_info *getnispdispnam(char *name)
{
- return pdb_sam_to_dispinfo(getnisp21pwnam(name));
+ return pwdb_sam_to_dispinfo(getnisp21pwnam(name));
}
static struct sam_disp_info *getnispdisprid(uint32 rid)
{
- return pdb_sam_to_dispinfo(getnisp21pwrid(rid));
+ return pwdb_sam_to_dispinfo(getnisp21pwrid(rid));
}
static struct sam_disp_info *getnispdispent(void *vp)
{
- return pdb_sam_to_dispinfo(getnisp21pwent(vp));
+ return pwdb_sam_to_dispinfo(getnisp21pwent(vp));
}
static struct passdb_ops nispasswd_ops = {
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index f29a9ff570..a4c663e388 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -26,14 +26,6 @@
extern int DEBUGLEVEL;
/*
- * This is set on startup - it defines the SID for this
- * machine, and therefore the SAM database for which it is
- * responsible.
- */
-
-DOM_SID global_sam_sid;
-
-/*
* NOTE. All these functions are abstracted into a structure
* that points to the correct function for the selected database. JRA.
*
@@ -49,36 +41,39 @@ DOM_SID global_sam_sid;
* functions in a first pass, as struct sam_passwd contains more
* information, needed by the NT Domain support.
*
- * a full example set of derivative functions are listed below. an API
- * writer is expected to cut/paste these into their module, replace
- * either one set (struct smb_passwd) or the other (struct sam_passwd)
- * OR both, and optionally also to write display info routines
- * (struct sam_disp_info). lkcl
+ * an API writer is expected to create either one set (struct smb_passwd) or
+ * the other (struct sam_passwd) OR both, and optionally also to write display
+ * info routines * (struct sam_disp_info). functions which the API writer
+ * chooses NOT to write must be wrapped in conversion functions (pwdb_x_to_y)
+ * such that API users can call any function and still get valid results.
+ *
+ * the password API does NOT fill in the gaps if you set an API function
+ * to NULL: it will deliberately attempt to call the NULL function.
*
*/
-static struct passdb_ops *pdb_ops;
+static struct passdb_ops *pwdb_ops;
/***************************************************************
- Initialize the password db operations.
+ Initialise the password db operations.
***************************************************************/
-BOOL initialize_password_db(void)
+BOOL initialise_password_db(void)
{
- if (pdb_ops)
+ if (pwdb_ops)
{
return True;
}
#ifdef WITH_NISPLUS
- pdb_ops = nisplus_initialize_password_db();
+ pwdb_ops = nisplus_initialise_password_db();
#elif defined(WITH_LDAP)
- pdb_ops = ldap_initialize_password_db();
+ pwdb_ops = ldap_initialise_password_db();
#else
- pdb_ops = file_initialize_password_db();
+ pwdb_ops = file_initialise_password_db();
#endif
- return (pdb_ops != NULL);
+ return (pwdb_ops != NULL);
}
/*
@@ -91,7 +86,7 @@ BOOL initialize_password_db(void)
struct smb_passwd *iterate_getsmbpwrid(uint32 user_rid)
{
- return iterate_getsmbpwuid(pdb_user_rid_to_uid(user_rid));
+ return iterate_getsmbpwuid(pwdb_user_rid_to_uid(user_rid));
}
/************************************************************************
@@ -173,7 +168,7 @@ struct smb_passwd *iterate_getsmbpwnam(char *name)
void *startsmbpwent(BOOL update)
{
- return pdb_ops->startsmbpwent(update);
+ return pwdb_ops->startsmbpwent(update);
}
/***************************************************************
@@ -188,7 +183,7 @@ void *startsmbpwent(BOOL update)
void endsmbpwent(void *vp)
{
- pdb_ops->endsmbpwent(vp);
+ pwdb_ops->endsmbpwent(vp);
}
/*************************************************************************
@@ -197,7 +192,7 @@ void endsmbpwent(void *vp)
struct smb_passwd *getsmbpwent(void *vp)
{
- return pdb_ops->getsmbpwent(vp);
+ return pwdb_ops->getsmbpwent(vp);
}
/************************************************************************
@@ -206,7 +201,7 @@ struct smb_passwd *getsmbpwent(void *vp)
BOOL add_smbpwd_entry(struct smb_passwd *newpwd)
{
- return pdb_ops->add_smbpwd_entry(newpwd);
+ return pwdb_ops->add_smbpwd_entry(newpwd);
}
/************************************************************************
@@ -220,7 +215,7 @@ BOOL add_smbpwd_entry(struct smb_passwd *newpwd)
BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override)
{
- return pdb_ops->mod_smbpwd_entry(pwd, override);
+ return pwdb_ops->mod_smbpwd_entry(pwd, override);
}
/************************************************************************
@@ -229,7 +224,7 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override)
struct smb_passwd *getsmbpwnam(char *name)
{
- return pdb_ops->getsmbpwnam(name);
+ return pwdb_ops->getsmbpwnam(name);
}
/************************************************************************
@@ -238,7 +233,7 @@ struct smb_passwd *getsmbpwnam(char *name)
struct smb_passwd *getsmbpwrid(uint32 user_rid)
{
- return pdb_ops->getsmbpwrid(user_rid);
+ return pwdb_ops->getsmbpwrid(user_rid);
}
/************************************************************************
@@ -247,7 +242,7 @@ struct smb_passwd *getsmbpwrid(uint32 user_rid)
struct smb_passwd *getsmbpwuid(uid_t smb_userid)
{
- return pdb_ops->getsmbpwuid(smb_userid);
+ return pwdb_ops->getsmbpwuid(smb_userid);
}
/*
@@ -370,7 +365,7 @@ struct sam_passwd *iterate_getsam21pwuid(uid_t uid)
*************************************************************************/
struct sam_disp_info *getsamdisprid(uint32 rid)
{
- return pdb_ops->getsamdisprid(rid);
+ return pwdb_ops->getsamdisprid(rid);
}
/*************************************************************************
@@ -379,7 +374,7 @@ struct sam_disp_info *getsamdisprid(uint32 rid)
struct sam_passwd *getsam21pwent(void *vp)
{
- return pdb_ops->getsam21pwent(vp);
+ return pwdb_ops->getsam21pwent(vp);
}
@@ -389,7 +384,7 @@ struct sam_passwd *getsam21pwent(void *vp)
struct sam_passwd *getsam21pwnam(char *name)
{
- return pdb_ops->getsam21pwnam(name);
+ return pwdb_ops->getsam21pwnam(name);
}
/************************************************************************
@@ -398,7 +393,7 @@ struct sam_passwd *getsam21pwnam(char *name)
struct sam_passwd *getsam21pwrid(uint32 rid)
{
- return pdb_ops->getsam21pwrid(rid);
+ return pwdb_ops->getsam21pwrid(rid);
}
@@ -415,7 +410,7 @@ struct sam_passwd *getsam21pwrid(uint32 rid)
initialises a struct sam_disp_info.
**************************************************************/
-static void pdb_init_dispinfo(struct sam_disp_info *user)
+static void pwdb_init_dispinfo(struct sam_disp_info *user)
{
if (user == NULL) return;
bzero(user, sizeof(*user));
@@ -425,7 +420,7 @@ static void pdb_init_dispinfo(struct sam_disp_info *user)
initialises a struct smb_passwd.
**************************************************************/
-void pdb_init_smb(struct smb_passwd *user)
+void pwdb_init_smb(struct smb_passwd *user)
{
if (user == NULL) return;
bzero(user, sizeof(*user));
@@ -435,7 +430,7 @@ void pdb_init_smb(struct smb_passwd *user)
/*************************************************************
initialises a struct sam_passwd.
**************************************************************/
-void pdb_init_sam(struct sam_passwd *user)
+void pwdb_init_sam(struct sam_passwd *user)
{
if (user == NULL) return;
bzero(user, sizeof(*user));
@@ -451,13 +446,13 @@ void pdb_init_sam(struct sam_passwd *user)
Routine to return the next entry in the sam passwd list.
*************************************************************************/
-struct sam_disp_info *pdb_sam_to_dispinfo(struct sam_passwd *user)
+struct sam_disp_info *pwdb_sam_to_dispinfo(struct sam_passwd *user)
{
static struct sam_disp_info disp_info;
if (user == NULL) return NULL;
- pdb_init_dispinfo(&disp_info);
+ pwdb_init_dispinfo(&disp_info);
disp_info.smb_name = user->smb_name;
disp_info.full_name = user->full_name;
@@ -470,13 +465,13 @@ struct sam_disp_info *pdb_sam_to_dispinfo(struct sam_passwd *user)
converts a sam_passwd structure to a smb_passwd structure.
**************************************************************/
-struct smb_passwd *pdb_sam_to_smb(struct sam_passwd *user)
+struct smb_passwd *pwdb_sam_to_smb(struct sam_passwd *user)
{
static struct smb_passwd pw_buf;
if (user == NULL) return NULL;
- pdb_init_smb(&pw_buf);
+ pwdb_init_smb(&pw_buf);
pw_buf.smb_userid = user->smb_userid;
pw_buf.smb_name = user->smb_name;
@@ -493,13 +488,13 @@ struct smb_passwd *pdb_sam_to_smb(struct sam_passwd *user)
converts a smb_passwd structure to a sam_passwd structure.
**************************************************************/
-struct sam_passwd *pdb_smb_to_sam(struct smb_passwd *user)
+struct sam_passwd *pwdb_smb_to_sam(struct smb_passwd *user)
{
static struct sam_passwd pw_buf;
if (user == NULL) return NULL;
- pdb_init_sam(&pw_buf);
+ pwdb_init_sam(&pw_buf);
pw_buf.smb_userid = user->smb_userid;
pw_buf.smb_name = user->smb_name;
@@ -517,7 +512,7 @@ struct sam_passwd *pdb_smb_to_sam(struct smb_passwd *user)
null). length *MUST BE MORE THAN 2* !
**********************************************************/
-char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
+char *pwdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
{
static fstring acct_str;
size_t i = 0;
@@ -553,7 +548,7 @@ char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
15 lines, which is more important.
**********************************************************/
-uint16 pdb_decode_acct_ctrl(char *p)
+uint16 pwdb_decode_acct_ctrl(char *p)
{
uint16 acct_ctrl = 0;
BOOL finished = False;
@@ -603,7 +598,9 @@ static time_t get_time_from_string(char *p)
for (i = 0; i < 8; i++)
{
if (p[i] == '\0' || !isxdigit((int)(p[i]&0xFF)))
- break;
+ {
+ break;
+ }
}
if (i == 8)
{
@@ -621,7 +618,7 @@ static time_t get_time_from_string(char *p)
gets password last set time
********************************************************************/
-time_t pdb_get_last_set_time(char *p)
+time_t pwdb_get_last_set_time(char *p)
{
if (*p && StrnCaseCmp((char *)p, "LCT-", 4))
{
@@ -642,7 +639,7 @@ static void set_time_in_string(char *p, int max_len, char *type, time_t t)
/*******************************************************************
sets logon time
********************************************************************/
-void pdb_set_logon_time(char *p, int max_len, time_t t)
+void pwdb_set_logon_time(char *p, int max_len, time_t t)
{
set_time_in_string(p, max_len, "LNT", t);
}
@@ -650,7 +647,7 @@ void pdb_set_logon_time(char *p, int max_len, time_t t)
/*******************************************************************
sets logoff time
********************************************************************/
-void pdb_set_logoff_time(char *p, int max_len, time_t t)
+void pwdb_set_logoff_time(char *p, int max_len, time_t t)
{
set_time_in_string(p, max_len, "LOT", t);
}
@@ -658,7 +655,7 @@ void pdb_set_logoff_time(char *p, int max_len, time_t t)
/*******************************************************************
sets kickoff time
********************************************************************/
-void pdb_set_kickoff_time(char *p, int max_len, time_t t)
+void pwdb_set_kickoff_time(char *p, int max_len, time_t t)
{
set_time_in_string(p, max_len, "KOT", t);
}
@@ -666,7 +663,7 @@ void pdb_set_kickoff_time(char *p, int max_len, time_t t)
/*******************************************************************
sets password can change time
********************************************************************/
-void pdb_set_can_change_time(char *p, int max_len, time_t t)
+void pwdb_set_can_change_time(char *p, int max_len, time_t t)
{
set_time_in_string(p, max_len, "CCT", t);
}
@@ -674,7 +671,7 @@ void pdb_set_can_change_time(char *p, int max_len, time_t t)
/*******************************************************************
sets password last set time
********************************************************************/
-void pdb_set_must_change_time(char *p, int max_len, time_t t)
+void pwdb_set_must_change_time(char *p, int max_len, time_t t)
{
set_time_in_string(p, max_len, "MCT", t);
}
@@ -682,7 +679,7 @@ void pdb_set_must_change_time(char *p, int max_len, time_t t)
/*******************************************************************
sets password last set time
********************************************************************/
-void pdb_set_last_set_time(char *p, int max_len, time_t t)
+void pwdb_set_last_set_time(char *p, int max_len, time_t t)
{
set_time_in_string(p, max_len, "LCT", t);
}
@@ -691,7 +688,7 @@ void pdb_set_last_set_time(char *p, int max_len, time_t t)
/*************************************************************
Routine to set 32 hex password characters from a 16 byte array.
**************************************************************/
-void pdb_sethexpwd(char *p, char *pwd, uint16 acct_ctrl)
+void pwdb_sethexpwd(char *p, char *pwd, uint16 acct_ctrl)
{
if (pwd != NULL)
{
@@ -713,327 +710,114 @@ void pdb_sethexpwd(char *p, char *pwd, uint16 acct_ctrl)
}
}
}
+
/*************************************************************
Routine to get the 32 hex characters and turn them
into a 16 byte array.
**************************************************************/
-BOOL pdb_gethexpwd(char *p, char *pwd)
+BOOL pwdb_gethexpwd(char *p, char *pwd)
{
- int i;
- unsigned char lonybble, hinybble;
- char *hexchars = "0123456789ABCDEF";
- char *p1, *p2;
-
- for (i = 0; i < 32; i += 2)
- {
- hinybble = toupper(p[i]);
- lonybble = toupper(p[i + 1]);
-
- p1 = strchr(hexchars, hinybble);
- p2 = strchr(hexchars, lonybble);
-
- if (!p1 || !p2)
- {
- return (False);
- }
-
- hinybble = PTR_DIFF(p1, hexchars);
- lonybble = PTR_DIFF(p2, hexchars);
-
- pwd[i / 2] = (hinybble << 4) | lonybble;
- }
- return (True);
+ return strhex_to_str(pwd, 32, p) == 16;
}
/*******************************************************************
- Group and User RID username mapping function
+ converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA
********************************************************************/
-
-BOOL pdb_name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid)
+uid_t pwdb_user_rid_to_uid(uint32 user_rid)
{
- struct passwd *pw = Get_Pwnam(user_name, False);
-
- if (u_rid == NULL || g_rid == NULL || user_name == NULL)
- {
- return False;
- }
-
- if (!pw)
- {
- DEBUG(1,("Username %s is invalid on this system\n", user_name));
- return False;
- }
-
- if (user_in_list(user_name, lp_domain_guest_users()))
- {
- *u_rid = DOMAIN_USER_RID_GUEST;
- }
- else if (user_in_list(user_name, lp_domain_admin_users()))
- {
- *u_rid = DOMAIN_USER_RID_ADMIN;
- }
- else
- {
- /* turn the unix UID into a Domain RID. this is what the posix
- sub-system does (adds 1000 to the uid) */
- *u_rid = pdb_uid_to_user_rid(pw->pw_uid);
- }
-
- /* absolutely no idea what to do about the unix GID to Domain RID mapping */
- *g_rid = pdb_gid_to_group_rid(pw->pw_gid);
-
- return True;
+ uid_t uid = (uid_t)(((user_rid & (~RID_TYPE_USER))- 1000)/RID_MULTIPLIER);
+ return uid;
}
-/****************************************************************************
- Read the machine SID from a file.
-****************************************************************************/
-
-static BOOL read_sid_from_file(int fd, char *sid_file)
-{
- fstring fline;
-
- memset(fline, '\0', sizeof(fline));
-
- if(read(fd, fline, sizeof(fline) -1 ) < 0) {
- DEBUG(0,("unable to read file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- return False;
- }
-
- /*
- * Convert to the machine SID.
- */
-
- fline[sizeof(fline)-1] = '\0';
- if(!string_to_sid( &global_sam_sid, fline)) {
- DEBUG(0,("unable to generate machine SID.\n"));
- return False;
- }
-
- return True;
+/*******************************************************************
+ converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA
+ ********************************************************************/
+uint32 pwdb_uid_to_user_rid(uid_t uid)
+{
+ uint32 user_rid = (((((uint32)uid)*RID_MULTIPLIER) + 1000) | RID_TYPE_USER);
+ return user_rid;
}
-/****************************************************************************
- Generate the global machine sid. Look for the MACHINE.SID file first, if
- not found then look in smb.conf and use it to create the MACHINE.SID file.
-****************************************************************************/
-BOOL pdb_generate_sam_sid(void)
+/*******************************************************************
+ converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA
+ ********************************************************************/
+uint32 pwdb_gid_to_group_rid(gid_t gid)
{
- int fd;
- char *p;
- pstring sid_file;
- fstring sid_string;
- SMB_STRUCT_STAT st;
- uchar raw_sid_data[12];
-
- pstrcpy(sid_file, lp_smb_passwd_file());
- p = strrchr(sid_file, '/');
- if(p != NULL) {
- *++p = '\0';
- }
-
- if (!directory_exist(sid_file, NULL)) {
- if (dos_mkdir(sid_file, 0700) != 0) {
- DEBUG(0,("can't create private directory %s : %s\n",
- sid_file, strerror(errno)));
- return False;
- }
- }
-
- pstrcat(sid_file, "MACHINE.SID");
-
- if((fd = open(sid_file, O_RDWR | O_CREAT, 0644)) == -1) {
- DEBUG(0,("unable to open or create file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- return False;
- }
-
- /*
- * Check if the file contains data.
- */
-
- if(sys_fstat( fd, &st) < 0) {
- DEBUG(0,("unable to stat file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
-
- if(st.st_size > 0) {
- /*
- * We have a valid SID - read it.
- */
- if(!read_sid_from_file( fd, sid_file)) {
- DEBUG(0,("unable to read file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
- close(fd);
- return True;
- }
-
- /*
- * The file contains no data - we need to generate our
- * own sid.
- */
-
- {
- /*
- * Generate the new sid data & turn it into a string.
- */
- int i;
- generate_random_buffer( raw_sid_data, 12, True);
-
- fstrcpy( sid_string, "S-1-5-21");
- for( i = 0; i < 3; i++) {
- fstring tmp_string;
- slprintf( tmp_string, sizeof(tmp_string) - 1, "-%u", IVAL(raw_sid_data, i*4));
- fstrcat( sid_string, tmp_string);
- }
- }
-
- fstrcat(sid_string, "\n");
-
- /*
- * Ensure our new SID is valid.
- */
-
- if(!string_to_sid( &global_sam_sid, sid_string)) {
- DEBUG(0,("unable to generate machine SID.\n"));
- return False;
- }
-
- /*
- * Do an exclusive blocking lock on the file.
- */
-
- if(!do_file_lock( fd, 60, F_WRLCK)) {
- DEBUG(0,("unable to lock file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
-
- /*
- * At this point we have a blocking lock on the SID
- * file - check if in the meantime someone else wrote
- * SID data into the file. If so - they were here first,
- * use their data.
- */
-
- if(sys_fstat( fd, &st) < 0) {
- DEBUG(0,("unable to stat file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
-
- if(st.st_size > 0) {
- /*
- * Unlock as soon as possible to reduce
- * contention on the exclusive lock.
- */
- do_file_lock( fd, 60, F_UNLCK);
-
- /*
- * We have a valid SID - read it.
- */
-
- if(!read_sid_from_file( fd, sid_file)) {
- DEBUG(0,("unable to read file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
- close(fd);
- return True;
- }
-
- /*
- * The file is still empty and we have an exlusive lock on it.
- * Write out out SID data into the file.
- */
-
- if(fchmod(fd, 0644) < 0) {
- DEBUG(0,("unable to set correct permissions on file %s. \
-Error was %s\n", sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
-
- if(write( fd, sid_string, strlen(sid_string)) != strlen(sid_string)) {
- DEBUG(0,("unable to write file %s. Error was %s\n",
- sid_file, strerror(errno) ));
- close(fd);
- return False;
- }
-
- /*
- * Unlock & exit.
- */
-
- do_file_lock( fd, 60, F_UNLCK);
- close(fd);
- return True;
-}
+ uint32 grp_rid = (((((uint32)gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_GROUP);
+ return grp_rid;
+}
/*******************************************************************
- converts UNIX uid to an NT User RID.
+ converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA
********************************************************************/
-
-uid_t pdb_user_rid_to_uid(uint32 user_rid)
+gid_t pwdb_group_rid_to_gid(uint32 group_rid)
{
- return (uid_t)(((user_rid & (~USER_RID_TYPE))- 1000)/RID_MULTIPLIER);
+ gid_t gid = (gid_t)(((group_rid & (~RID_TYPE_GROUP))- 1000)/RID_MULTIPLIER);
+ return gid;
}
/*******************************************************************
- converts UNIX uid to an NT User RID.
+ converts UNIX gid to an NT Alias RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA
********************************************************************/
-
-uint32 pdb_uid_to_user_rid(uid_t uid)
+uint32 pwdb_gid_to_alias_rid(gid_t gid)
{
- return (((((uint32)uid)*RID_MULTIPLIER) + 1000) | USER_RID_TYPE);
+ uint32 alias_rid = (((((uint32)gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_ALIAS);
+ return alias_rid;
}
/*******************************************************************
- converts NT Group RID to a UNIX uid.
+ converts NT Alias RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA
********************************************************************/
-
-uint32 pdb_gid_to_group_rid(gid_t gid)
+gid_t pwdb_alias_rid_to_gid(uint32 alias_rid)
{
- return (((((uint32)gid)*RID_MULTIPLIER) + 1000) | GROUP_RID_TYPE);
+ gid_t gid = (gid_t)(((alias_rid & (~RID_TYPE_ALIAS))- 1000)/RID_MULTIPLIER);
+ return gid;
}
/*******************************************************************
Decides if a RID is a well known RID.
********************************************************************/
+static BOOL pwdb_rid_is_well_known(uint32 rid)
+{
+ return (rid < 1000);
+}
-static BOOL pdb_rid_is_well_known(uint32 rid)
+/*******************************************************************
+ determines a rid's type. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA
+ ********************************************************************/
+static uint32 pwdb_rid_type(uint32 rid)
{
- return (rid < 1000);
+ /* lkcl i understand that NT attaches an enumeration to a RID
+ * such that it can be identified as either a user, group etc
+ * type: SID_ENUM_TYPE.
+ */
+ if (pwdb_rid_is_well_known(rid))
+ {
+ /*
+ * The only well known user RIDs are DOMAIN_USER_RID_ADMIN
+ * and DOMAIN_USER_RID_GUEST.
+ */
+ if (rid == DOMAIN_USER_RID_ADMIN || rid == DOMAIN_USER_RID_GUEST)
+ {
+ return RID_TYPE_USER;
+ }
+ if (DOMAIN_GROUP_RID_ADMINS <= rid && rid <= DOMAIN_GROUP_RID_GUESTS)
+ {
+ return RID_TYPE_GROUP;
+ }
+ if (BUILTIN_ALIAS_RID_ADMINS <= rid && rid <= BUILTIN_ALIAS_RID_REPLICATOR)
+ {
+ return RID_TYPE_ALIAS;
+ }
+ }
+ return (rid & RID_TYPE_MASK);
}
/*******************************************************************
- Decides if a RID is a user or group RID.
+ checks whether rid is a user rid. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA
********************************************************************/
-
-BOOL pdb_rid_is_user(uint32 rid)
+BOOL pwdb_rid_is_user(uint32 rid)
{
- /* lkcl i understand that NT attaches an enumeration to a RID
- * such that it can be identified as either a user, group etc
- * type. there are 5 such categories, and they are documented.
- */
- if(pdb_rid_is_well_known(rid)) {
- /*
- * The only well known user RIDs are DOMAIN_USER_RID_ADMIN
- * and DOMAIN_USER_RID_GUEST.
- */
- if(rid == DOMAIN_USER_RID_ADMIN || rid == DOMAIN_USER_RID_GUEST)
- return True;
- } else if((rid & RID_TYPE_MASK) == USER_RID_TYPE) {
- return True;
- }
- return False;
+ return pwdb_rid_type(rid) == RID_TYPE_USER;
}
+
diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c
index c8d817dc40..bdf01ee6a8 100644
--- a/source3/passdb/smbpass.c
+++ b/source3/passdb/smbpass.c
@@ -21,7 +21,7 @@
#ifdef USE_SMBPASS_DB
-extern int pw_file_lock_depth;
+static int pw_file_lock_depth = 0;
extern int DEBUGLEVEL;
extern pstring samlogon_user;
extern BOOL sam_logon_in_ssb;
@@ -35,37 +35,8 @@ static char s_readbuf[1024];
static void *startsmbfilepwent(BOOL update)
{
- FILE *fp = NULL;
- char *pfile = lp_smb_passwd_file();
-
- if (!*pfile) {
- DEBUG(0, ("startsmbfilepwent: No SMB password file set\n"));
- return (NULL);
- }
- DEBUG(10, ("startsmbfilepwent: opening file %s\n", pfile));
-
- fp = fopen(pfile, update ? "r+b" : "rb");
-
- if (fp == NULL) {
- DEBUG(0, ("startsmbfilepwent: unable to open file %s\n", pfile));
- return NULL;
- }
-
- /* Set a buffer to do more efficient reads */
- setvbuf(fp, s_readbuf, _IOFBF, sizeof(s_readbuf));
-
- if (!pw_file_lock(fileno(fp), (update ? F_WRLCK : F_RDLCK), 5, &pw_file_lock_depth))
- {
- DEBUG(0, ("startsmbfilepwent: unable to lock file %s\n", pfile));
- fclose(fp);
- return NULL;
- }
-
- /* Make sure it is only rw by the owner */
- chmod(pfile, 0600);
-
- /* We have a lock on the file. */
- return (void *)fp;
+ return startfilepwent(lp_smb_passwd_file(), s_readbuf, sizeof(s_readbuf),
+ &pw_file_lock_depth, update);
}
/***************************************************************
@@ -74,11 +45,27 @@ static void *startsmbfilepwent(BOOL update)
static void endsmbfilepwent(void *vp)
{
- FILE *fp = (FILE *)vp;
+ endfilepwent(vp, &pw_file_lock_depth);
+}
- pw_file_unlock(fileno(fp), &pw_file_lock_depth);
- fclose(fp);
- DEBUG(7, ("endsmbfilepwent: closed password file.\n"));
+/*************************************************************************
+ Return the current position in the smbpasswd list as an SMB_BIG_UINT.
+ This must be treated as an opaque token.
+*************************************************************************/
+
+static SMB_BIG_UINT getsmbfilepwpos(void *vp)
+{
+ return getfilepwpos(vp);
+}
+
+/*************************************************************************
+ Set the current position in the smbpasswd list from an SMB_BIG_UINT.
+ This must be treated as an opaque token.
+*************************************************************************/
+
+static BOOL setsmbfilepwpos(void *vp, SMB_BIG_UINT tok)
+{
+ return setfilepwpos(vp, tok);
}
/*************************************************************************
@@ -86,219 +73,182 @@ static void endsmbfilepwent(void *vp)
*************************************************************************/
static struct smb_passwd *getsmbfilepwent(void *vp)
{
- /* Static buffers we will return. */
- static struct smb_passwd pw_buf;
- static pstring user_name;
- static unsigned char smbpwd[16];
- static unsigned char smbntpwd[16];
- FILE *fp = (FILE *)vp;
- char linebuf[256];
- unsigned char c;
- unsigned char *p;
- long uidval;
- size_t linebuf_len;
-
- if(fp == NULL) {
- DEBUG(0,("getsmbfilepwent: Bad password file pointer.\n"));
- return NULL;
- }
-
- pdb_init_smb(&pw_buf);
-
- pw_buf.acct_ctrl = ACB_NORMAL;
-
- /*
- * Scan the file, a line at a time and check if the name matches.
- */
- while (!feof(fp)) {
- linebuf[0] = '\0';
-
- fgets(linebuf, 256, fp);
- if (ferror(fp)) {
- return NULL;
- }
-
- /*
- * Check if the string is terminated with a newline - if not
- * then we must keep reading and discard until we get one.
- */
- linebuf_len = strlen(linebuf);
- if (linebuf[linebuf_len - 1] != '\n') {
- c = '\0';
- while (!ferror(fp) && !feof(fp)) {
- c = fgetc(fp);
- if (c == '\n')
- break;
- }
- } else
- linebuf[linebuf_len - 1] = '\0';
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100, ("getsmbfilepwent: got line |%s|\n", linebuf));
-#endif
- if ((linebuf[0] == 0) && feof(fp)) {
- DEBUG(4, ("getsmbfilepwent: end of file reached\n"));
- break;
- }
- /*
- * The line we have should be of the form :-
- *
- * username:uid:32hex bytes:[Account type]:LCT-12345678....other flags presently
- * ignored....
- *
- * or,
- *
- * username:uid:32hex bytes:32hex bytes:[Account type]:LCT-12345678....ignored....
- *
- * if Windows NT compatible passwords are also present.
- * [Account type] is an ascii encoding of the type of account.
- * LCT-(8 hex digits) is the time_t value of the last change time.
- */
-
- if (linebuf[0] == '#' || linebuf[0] == '\0') {
- DEBUG(6, ("getsmbfilepwent: skipping comment or blank line\n"));
- continue;
- }
- p = (unsigned char *) strchr(linebuf, ':');
- if (p == NULL) {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (no :)\n"));
- continue;
- }
- /*
- * As 256 is shorter than a pstring we don't need to check
- * length here - if this ever changes....
- */
- strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
- user_name[PTR_DIFF(p, linebuf)] = '\0';
-
- /* Get smb uid. */
-
- p++; /* Go past ':' */
- if (!isdigit(*p)) {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (uid not number)\n"));
- continue;
- }
-
- uidval = atoi((char *) p);
-
- while (*p && isdigit(*p))
- p++;
-
- if (*p != ':') {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (no : after uid)\n"));
- continue;
- }
-
- pw_buf.smb_name = user_name;
- pw_buf.smb_userid = uidval;
-
- /*
- * Now get the password value - this should be 32 hex digits
- * which are the ascii representations of a 16 byte string.
- * Get two at a time and put them into the password.
- */
-
- /* Skip the ':' */
- p++;
-
- if (*p == '*' || *p == 'X') {
- /* Password deliberately invalid - end here. */
- DEBUG(10, ("getsmbfilepwent: entry invalidated for user %s\n", user_name));
- pw_buf.smb_nt_passwd = NULL;
- pw_buf.smb_passwd = NULL;
- pw_buf.acct_ctrl |= ACB_DISABLED;
- return &pw_buf;
- }
-
- if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (passwd too short)\n"));
- continue;
- }
-
- if (p[32] != ':') {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (no terminating :)\n"));
- continue;
- }
+ /* Static buffers we will return. */
+ static struct smb_passwd pw_buf;
+ static pstring user_name;
+ static unsigned char smbpwd[16];
+ static unsigned char smbntpwd[16];
+ struct passwd *pwfile;
+ char linebuf[256];
+ unsigned char *p;
+ int uidval;
+ size_t linebuf_len;
- if (!strncasecmp((char *) p, "NO PASSWORD", 11)) {
- pw_buf.smb_passwd = NULL;
- pw_buf.acct_ctrl |= ACB_PWNOTREQ;
- } else {
- if (!pdb_gethexpwd((char *)p, (char *)smbpwd)) {
- DEBUG(0, ("getsmbfilepwent: Malformed Lanman password entry (non hex chars)\n"));
- continue;
- }
- pw_buf.smb_passwd = smbpwd;
- }
+ if (vp == NULL)
+ {
+ DEBUG(0,("getsmbfilepwent: Bad password file pointer.\n"));
+ return NULL;
+ }
- /*
- * Now check if the NT compatible password is
- * available.
- */
- pw_buf.smb_nt_passwd = NULL;
-
- p += 33; /* Move to the first character of the line after
- the lanman password. */
- if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) {
- if (*p != '*' && *p != 'X') {
- if(pdb_gethexpwd((char *)p,(char *)smbntpwd))
- pw_buf.smb_nt_passwd = smbntpwd;
- }
- p += 33; /* Move to the first character of the line after
- the NT password. */
- }
+ pwdb_init_smb(&pw_buf);
- DEBUG(5,("getsmbfilepwent: returning passwd entry for user %s, uid %ld\n",
- user_name, uidval));
+ pw_buf.acct_ctrl = ACB_NORMAL;
- if (*p == '[')
+ /*
+ * Scan the file, a line at a time.
+ */
+ while ((linebuf_len = getfileline(vp, linebuf, sizeof(linebuf))) > 0)
{
- pw_buf.acct_ctrl = pdb_decode_acct_ctrl((char*)p);
-
- /* Must have some account type set. */
- if(pw_buf.acct_ctrl == 0)
- pw_buf.acct_ctrl = ACB_NORMAL;
-
- /* Now try and get the last change time. */
- if(*p == ']')
- p++;
- if(*p == ':') {
- p++;
- if(*p && (StrnCaseCmp((char *)p, "LCT-", 4)==0)) {
- int i;
- p += 4;
- for(i = 0; i < 8; i++) {
- if(p[i] == '\0' || !isxdigit(p[i]))
- break;
- }
- if(i == 8) {
- /*
- * p points at 8 characters of hex digits -
- * read into a time_t as the seconds since
- * 1970 that the password was last changed.
- */
- pw_buf.pass_last_set_time = (time_t)strtol((char *)p, NULL, 16);
- }
- }
- }
- } else {
- /* 'Old' style file. Fake up based on user name. */
- /*
- * Currently trust accounts are kept in the same
- * password file as 'normal accounts'. If this changes
- * we will have to fix this code. JRA.
- */
- if(pw_buf.smb_name[strlen(pw_buf.smb_name) - 1] == '$') {
- pw_buf.acct_ctrl &= ~ACB_NORMAL;
- pw_buf.acct_ctrl |= ACB_WSTRUST;
- }
- }
-
- return &pw_buf;
- }
+ /*
+ * The line we have should be of the form :-
+ *
+ * username:uid:32hex bytes:[Account type]:LCT-12345678....other flags presently
+ * ignored....
+ *
+ * or,
+ *
+ * username:uid:32hex bytes:32hex bytes:[Account type]:LCT-12345678....ignored....
+ *
+ * if Windows NT compatible passwords are also present.
+ * [Account type] is an ascii encoding of the type of account.
+ * LCT-(8 hex digits) is the time_t value of the last change time.
+ */
+
+ /*
+ * As 256 is shorter than a pstring we don't need to check
+ * length here - if this ever changes....
+ */
+ p = strncpyn(user_name, linebuf, sizeof(user_name), ':');
+
+ /* Go past ':' */
+ p++;
+
+ /* Get smb uid. */
+
+ p = Atoic((char *) p, &uidval, ":");
+
+ pw_buf.smb_name = user_name;
+ pw_buf.smb_userid = uidval;
+
+ /*
+ * Now get the password value - this should be 32 hex digits
+ * which are the ascii representations of a 16 byte string.
+ * Get two at a time and put them into the password.
+ */
+
+ /* Skip the ':' */
+ p++;
+
+ if (*p == '*' || *p == 'X')
+ {
+ /* Password deliberately invalid - end here. */
+ DEBUG(10, ("getsmbfilepwent: entry invalidated for user %s\n", user_name));
+ pw_buf.smb_nt_passwd = NULL;
+ pw_buf.smb_passwd = NULL;
+ pw_buf.acct_ctrl |= ACB_DISABLED;
+ return &pw_buf;
+ }
+
+ if (linebuf_len < (PTR_DIFF(p, linebuf) + 33))
+ {
+ DEBUG(0, ("getsmbfilepwent: malformed password entry (passwd too short)\n"));
+ continue;
+ }
+
+ if (p[32] != ':')
+ {
+ DEBUG(0, ("getsmbfilepwent: malformed password entry (no terminating :)\n"));
+ continue;
+ }
+
+ if (!strncasecmp((char *) p, "NO PASSWORD", 11))
+ {
+ pw_buf.smb_passwd = NULL;
+ pw_buf.acct_ctrl |= ACB_PWNOTREQ;
+ }
+ else
+ {
+ if (!pwdb_gethexpwd((char *)p, (char *)smbpwd))
+ {
+ DEBUG(0, ("getsmbfilepwent: Malformed Lanman password entry (non hex chars)\n"));
+ continue;
+ }
+ pw_buf.smb_passwd = smbpwd;
+ }
+
+ /*
+ * Now check if the NT compatible password is
+ * available.
+ */
+ pw_buf.smb_nt_passwd = NULL;
+
+ /* Move to the first character of the line after the lanman password. */
+ p += 33;
+ if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':'))
+ {
+ if (*p != '*' && *p != 'X')
+ {
+ if(pwdb_gethexpwd((char *)p,(char *)smbntpwd))
+ {
+ pw_buf.smb_nt_passwd = smbntpwd;
+ }
+ }
+ /* Move to the first character of the line after the NT password. */
+ p += 33;
+ }
+
+ DEBUG(5,("getsmbfilepwent: returning passwd entry for user %s, uid %d\n",
+ user_name, uidval));
+
+ if (*p == '[')
+ {
+ pw_buf.acct_ctrl = pwdb_decode_acct_ctrl((char*)p);
+
+ /* Must have some account type set. */
+ if (pw_buf.acct_ctrl == 0)
+ {
+ pw_buf.acct_ctrl = ACB_NORMAL;
+ }
+
+ /* Now try and get the last change time. */
+ if (*p == ']')
+ {
+ p++;
+ }
+ if (*p == ':')
+ {
+ p++;
+ pw_buf.pass_last_set_time = pwdb_get_last_set_time(p);
+ }
+ }
+ else
+ {
+ /* 'Old' style file. Fake up based on user name. */
+ /*
+ * Currently trust accounts are kept in the same
+ * password file as 'normal accounts'. If this changes
+ * we will have to fix this code. JRA.
+ */
+ if (pw_buf.smb_name[strlen(pw_buf.smb_name) - 1] == '$')
+ {
+ pw_buf.acct_ctrl &= ~ACB_NORMAL;
+ pw_buf.acct_ctrl |= ACB_WSTRUST;
+ }
+ }
+
+ pwfile = Get_Pwnam(pw_buf.smb_name, False);
+ if (pwfile == NULL)
+ {
+ DEBUG(0,("getsmbfilepwent: smbpasswd database is corrupt!\n"));
+ DEBUG(0,("getsmbfilepwent: username %s not in unix passwd database!\n", pw_buf.smb_name));
+ return NULL;
+ }
+
+ return &pw_buf;
+ }
- DEBUG(5,("getsmbfilepwent: end of file reached.\n"));
- return NULL;
+ DEBUG(5,("getsmbfilepwent: end of file reached.\n"));
+ return NULL;
}
/*************************************************************************
@@ -327,7 +277,9 @@ static struct sam_passwd *getsmbfile21pwent(void *vp)
if (pw_buf == NULL) return NULL;
- pwfile = getpwnam(pw_buf->smb_name);
+ pwdb_init_sam(&user);
+
+ pwfile = Get_Pwnam(pw_buf->smb_name, False);
if (pwfile == NULL)
{
DEBUG(0,("getsmbfile21pwent: smbpasswd database is corrupt!\n"));
@@ -335,8 +287,6 @@ static struct sam_passwd *getsmbfile21pwent(void *vp)
return NULL;
}
- pdb_init_sam(&user);
-
pstrcpy(samlogon_user, pw_buf->smb_name);
if (samlogon_user[strlen(samlogon_user)-1] != '$')
@@ -348,8 +298,8 @@ static struct sam_passwd *getsmbfile21pwent(void *vp)
user.smb_userid = pw_buf->smb_userid;
user.smb_grpid = pwfile->pw_gid;
- user.user_rid = pdb_uid_to_user_rid (user.smb_userid);
- user.group_rid = pdb_gid_to_group_rid(user.smb_grpid );
+ user.user_rid = pwdb_uid_to_user_rid (user.smb_userid);
+ user.group_rid = pwdb_gid_to_group_rid(user.smb_grpid );
pstrcpy(full_name , pwfile->pw_gecos );
pstrcpy(logon_script , lp_logon_script ());
@@ -366,7 +316,7 @@ static struct sam_passwd *getsmbfile21pwent(void *vp)
user.smb_userid = pw_buf->smb_userid;
user.smb_grpid = pwfile->pw_gid;
- user.user_rid = pdb_uid_to_user_rid (user.smb_userid);
+ user.user_rid = pwdb_uid_to_user_rid (user.smb_userid);
user.group_rid = DOMAIN_GROUP_RID_USERS; /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */
pstrcpy(full_name , "");
@@ -405,26 +355,6 @@ static struct sam_passwd *getsmbfile21pwent(void *vp)
return &user;
}
-/*************************************************************************
- Return the current position in the smbpasswd list as an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-
-static SMB_BIG_UINT getsmbfilepwpos(void *vp)
-{
- return (SMB_BIG_UINT)sys_ftell((FILE *)vp);
-}
-
-/*************************************************************************
- Set the current position in the smbpasswd list from an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-
-static BOOL setsmbfilepwpos(void *vp, SMB_BIG_UINT tok)
-{
- return !sys_fseek((FILE *)vp, (SMB_OFF_T)tok, SEEK_SET);
-}
-
/************************************************************************
Routine to add an entry to the smbpasswd file.
*************************************************************************/
@@ -525,7 +455,7 @@ Error was %s\n", newpwd->smb_name, pfile, strerror(errno)));
/* Add the account encoding and the last change time. */
slprintf((char *)p, new_entry_length - 1 - (p - new_entry), "%s:LCT-%08X:\n",
- pdb_encode_acct_ctrl(newpwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN), (uint32)time(NULL));
+ pwdb_encode_acct_ctrl(newpwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN), (uint32)time(NULL));
#ifdef DEBUG_PASSWORD
DEBUG(100, ("add_smbfilepwd_entry(%d): new_entry_len %d entry_len %d made line |%s|",
@@ -603,7 +533,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
lockfd = fileno(fp);
- if (!pw_file_lock(lockfd, F_WRLCK, 5, &pw_file_lock_depth)) {
+ if (!file_lock(lockfd, F_WRLCK, 5, &pw_file_lock_depth)) {
DEBUG(0, ("mod_smbfilepwd_entry: unable to lock file %s\n", pfile));
fclose(fp);
return False;
@@ -623,7 +553,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
fgets(linebuf, sizeof(linebuf), fp);
if (ferror(fp)) {
- pw_file_unlock(lockfd, &pw_file_lock_depth);
+ file_unlock(lockfd, &pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -692,7 +622,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
}
if (!found_entry) {
- pw_file_unlock(lockfd, &pw_file_lock_depth);
+ file_unlock(lockfd, &pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -704,7 +634,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
if (!isdigit(*p)) {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (uid not number)\n"));
- pw_file_unlock(lockfd, &pw_file_lock_depth);
+ file_unlock(lockfd, &pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -713,7 +643,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
p++;
if (*p != ':') {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no : after uid)\n"));
- pw_file_unlock(lockfd, &pw_file_lock_depth);
+ file_unlock(lockfd, &pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -731,27 +661,27 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
if (!override && (*p == '*' || *p == 'X')) {
/* Password deliberately invalid - end here. */
DEBUG(10, ("mod_smbfilepwd_entry: entry invalidated for user %s\n", user_name));
- pw_file_unlock(lockfd, &pw_file_lock_depth);
+ file_unlock(lockfd, &pw_file_lock_depth);
fclose(fp);
return False;
}
if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n"));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return (False);
}
if (p[32] != ':') {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n"));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
if (!override && (*p == '*' || *p == 'X')) {
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -762,14 +692,14 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
the lanman password. */
if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n"));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return (False);
}
if (p[32] != ':') {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n"));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -807,7 +737,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
* acct ctrl field. Encode the given acct ctrl
* bits into it.
*/
- fstrcpy(encode_bits, pdb_encode_acct_ctrl(pwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN));
+ fstrcpy(encode_bits, pwdb_encode_acct_ctrl(pwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN));
} else {
/*
* If using the old format and the ACB_DISABLED or
@@ -897,7 +827,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
if(wr_len > sizeof(linebuf)) {
DEBUG(0, ("mod_smbfilepwd_entry: line to write (%d) is too long.\n", wr_len+1));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return (False);
}
@@ -915,7 +845,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
if (sys_lseek(fd, pwd_seekpos - 1, SEEK_SET) != pwd_seekpos - 1) {
DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -923,33 +853,33 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
/* Sanity check - ensure the areas we are writing are framed by ':' */
if (read(fd, linebuf, wr_len+1) != wr_len+1) {
DEBUG(0, ("mod_smbfilepwd_entry: read fail on file %s.\n", pfile));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
if ((linebuf[0] != ':') || (linebuf[wr_len] != ':')) {
DEBUG(0, ("mod_smbfilepwd_entry: check on passwd file %s failed.\n", pfile));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
if (sys_lseek(fd, pwd_seekpos, SEEK_SET) != pwd_seekpos) {
DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
if (write(fd, ascii_p16, wr_len) != wr_len) {
DEBUG(0, ("mod_smbfilepwd_entry: write failed in passwd file %s\n", pfile));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
- pw_file_unlock(lockfd,&pw_file_lock_depth);
+ file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return True;
}
@@ -960,27 +890,27 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
static BOOL mod_smbfile21pwd_entry(struct sam_passwd* pwd, BOOL override)
{
- return mod_smbfilepwd_entry(pdb_sam_to_smb(pwd), override);
+ return mod_smbfilepwd_entry(pwdb_sam_to_smb(pwd), override);
}
static BOOL add_smbfile21pwd_entry(struct sam_passwd *newpwd)
{
- return add_smbfilepwd_entry(pdb_sam_to_smb(newpwd));
+ return add_smbfilepwd_entry(pwdb_sam_to_smb(newpwd));
}
static struct sam_disp_info *getsmbfiledispnam(char *name)
{
- return pdb_sam_to_dispinfo(getsam21pwnam(name));
+ return pwdb_sam_to_dispinfo(getsam21pwnam(name));
}
static struct sam_disp_info *getsmbfiledisprid(uint32 rid)
{
- return pdb_sam_to_dispinfo(getsam21pwrid(rid));
+ return pwdb_sam_to_dispinfo(getsam21pwrid(rid));
}
static struct sam_disp_info *getsmbfiledispent(void *vp)
{
- return pdb_sam_to_dispinfo(getsam21pwent(vp));
+ return pwdb_sam_to_dispinfo(getsam21pwent(vp));
}
static struct passdb_ops file_ops = {
@@ -1005,7 +935,7 @@ static struct passdb_ops file_ops = {
getsmbfiledispent
};
-struct passdb_ops *file_initialize_password_db(void)
+struct passdb_ops *file_initialise_password_db(void)
{
return &file_ops;
}
diff --git a/source3/passdb/smbpassfile.c b/source3/passdb/smbpassfile.c
index 0d4f9d3203..a50bc93eac 100644
--- a/source3/passdb/smbpassfile.c
+++ b/source3/passdb/smbpassfile.c
@@ -21,52 +21,7 @@
extern int DEBUGLEVEL;
-int pw_file_lock_depth = 0;
-
BOOL global_machine_password_needs_changing = False;
-
-
-/***************************************************************
- Lock an fd. Abandon after waitsecs seconds.
-****************************************************************/
-
-BOOL pw_file_lock(int fd, int type, int secs, int *plock_depth)
-{
- if (fd < 0)
- return False;
-
- (*plock_depth)++;
-
- if(pw_file_lock_depth == 0) {
- if (!do_file_lock(fd, secs, type)) {
- DEBUG(10,("pw_file_lock: locking file failed, error = %s.\n",
- strerror(errno)));
- return False;
- }
- }
-
- return True;
-}
-
-/***************************************************************
- Unlock an fd. Abandon after waitsecs seconds.
-****************************************************************/
-
-BOOL pw_file_unlock(int fd, int *plock_depth)
-{
- BOOL ret=True;
-
- if(*plock_depth == 1)
- ret = do_file_lock(fd, 5, F_UNLCK);
-
- (*plock_depth)--;
-
- if(!ret)
- DEBUG(10,("pw_file_unlock: unlocking file failed, error = %s.\n",
- strerror(errno)));
- return ret;
-}
-
static int mach_passwd_lock_depth;
static FILE *mach_passwd_fp;
@@ -125,7 +80,7 @@ BOOL trust_password_lock( char *domain, char *name, BOOL update)
chmod(mac_file, 0600);
- if(!pw_file_lock(fileno(mach_passwd_fp), (update ? F_WRLCK : F_RDLCK),
+ if(!file_lock(fileno(mach_passwd_fp), (update ? F_WRLCK : F_RDLCK),
60, &mach_passwd_lock_depth))
{
DEBUG(0,("trust_password_lock: cannot lock file %s\n", mac_file));
@@ -144,7 +99,7 @@ BOOL trust_password_lock( char *domain, char *name, BOOL update)
BOOL trust_password_unlock(void)
{
- BOOL ret = pw_file_unlock(fileno(mach_passwd_fp), &mach_passwd_lock_depth);
+ BOOL ret = file_unlock(fileno(mach_passwd_fp), &mach_passwd_lock_depth);
if(mach_passwd_lock_depth == 0)
fclose(mach_passwd_fp);
return ret;
@@ -212,7 +167,7 @@ BOOL get_trust_account_password( unsigned char *ret_pwd, time_t *pass_last_set_t
* Get the hex password.
*/
- if (!pdb_gethexpwd((char *)linebuf, (char *)ret_pwd) || linebuf[32] != ':' ||
+ if (!pwdb_gethexpwd((char *)linebuf, (char *)ret_pwd) || linebuf[32] != ':' ||
strncmp(&linebuf[33], "TLC-", 4)) {
DEBUG(0,("get_trust_account_password: Malformed trust password file (incorrect format).\n"));
#ifdef DEBUG_PASSWORD
diff --git a/source3/rpc_client/cli_login.c b/source3/rpc_client/cli_login.c
index e18062220b..3ce22fd854 100644
--- a/source3/rpc_client/cli_login.c
+++ b/source3/rpc_client/cli_login.c
@@ -24,8 +24,6 @@
#include "nterr.h"
extern int DEBUGLEVEL;
-extern fstring global_myworkgroup;
-extern pstring global_myname;
/****************************************************************************
Initialize domain session credentials.
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index 5255732c5d..a43b65ad64 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -193,7 +193,7 @@ BOOL do_lsa_lookup_sids(struct cli_state *cli,
fstrcpy(dom_name, unistr2(ref.ref_dom[dom_idx].uni_dom_name.buffer));
fstrcpy(name , unistr2(t_names.uni_name[i].buffer));
- slprintf(full_name, sizeof(full_name)-1, "\\%s\\%s",
+ slprintf(full_name, sizeof(full_name), "\\%s\\%s",
dom_name, name);
(*names)[i] = strdup(full_name);
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index d75ad6947f..ed2f391256 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -32,7 +32,6 @@
extern int DEBUGLEVEL;
extern pstring scope;
extern pstring global_myname;
-extern fstring global_myworkgroup;
/****************************************************************************
Generate the next creds to use.
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 579eeebdac..712e608847 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -31,7 +31,6 @@
extern int DEBUGLEVEL;
extern struct pipe_id_info pipe_names[];
-extern fstring global_myworkgroup;
extern pstring global_myname;
/********************************************************************
diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c
index a5c523fdb6..818e7a0baf 100644
--- a/source3/rpc_parse/parse_lsa.c
+++ b/source3/rpc_parse/parse_lsa.c
@@ -37,7 +37,7 @@ void make_lsa_trans_name(LSA_TRANS_NAME *trn, UNISTR2 *uni_name,
int len_name = strlen(name);
trn->sid_name_use = sid_name_use;
- make_uni_hdr(&(trn->hdr_name), len_name, len_name, len_name != 0);
+ make_uni_hdr(&(trn->hdr_name), len_name, len_name, 1);
make_unistr2(uni_name, name, len_name);
trn->domain_idx = idx;
}
@@ -692,7 +692,7 @@ void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, i
for (i = 0; i < q_r->num_entries; i++)
{
- smb_io_unistr3("", &(q_r->lookup_name[i]), ps, depth); /* names to be looked up */
+ smb_io_unistr3("dom_name", &(q_r->lookup_name[i]), ps, depth); /* names to be looked up */
}
prs_uint8s (False, "undoc ", ps, depth, q_r->undoc, UNKNOWN_LEN);
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index 57fc73e516..ce573c7bf2 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -665,8 +665,8 @@ void make_id_info2(NET_ID_INFO_2 *id, char *domain_name,
int len_domain_name = strlen(domain_name);
int len_user_name = strlen(user_name );
int len_wksta_name = strlen(wksta_name );
- int nt_chal_resp_len = ((nt_chal_resp != NULL) ? 24 : 0);
- int lm_chal_resp_len = ((lm_chal_resp != NULL) ? 24 : 0);
+ int nt_chal_resp_len = ((nt_chal_resp != NULL) ? 24 : 0);
+ int lm_chal_resp_len = ((lm_chal_resp != NULL) ? 24 : 0);
unsigned char lm_owf[24];
unsigned char nt_owf[24];
diff --git a/source3/rpc_parse/parse_rpc.c b/source3/rpc_parse/parse_rpc.c
index 3bf017d25e..5059ca222b 100644
--- a/source3/rpc_parse/parse_rpc.c
+++ b/source3/rpc_parse/parse_rpc.c
@@ -122,17 +122,6 @@ interface/version dce/rpc pipe identification
}, 0x00 \
} \
-/* pipe string names */
-#define PIPE_SRVSVC "\\PIPE\\srvsvc"
-#define PIPE_SAMR "\\PIPE\\samr"
-#define PIPE_WINREG "\\PIPE\\winreg"
-#define PIPE_WKSSVC "\\PIPE\\wkssvc"
-#define PIPE_NETLOGON "\\PIPE\\NETLOGON"
-#define PIPE_NTLSA "\\PIPE\\ntlsa"
-#define PIPE_NTSVCS "\\PIPE\\ntsvcs"
-#define PIPE_LSASS "\\PIPE\\lsass"
-#define PIPE_LSARPC "\\PIPE\\lsarpc"
-
struct pipe_id_info pipe_names [] =
{
/* client pipe , abstract syntax , server pipe , transfer syntax */
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index ec4411b783..e7f4f0547c 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -993,7 +993,7 @@ void samr_io_q_enum_dom_aliases(char *desc, SAMR_Q_ENUM_DOM_ALIASES *q_e, prs_s
makes a SAMR_R_ENUM_DOM_ALIASES structure.
********************************************************************/
void make_samr_r_enum_dom_aliases(SAMR_R_ENUM_DOM_ALIASES *r_u,
- uint32 num_sam_entries, SAM_USER_INFO_21 grps[MAX_SAM_ENTRIES],
+ uint32 num_sam_entries, LOCAL_GRP *alss,
uint32 status)
{
int i;
@@ -1022,11 +1022,13 @@ void make_samr_r_enum_dom_aliases(SAMR_R_ENUM_DOM_ALIASES *r_u,
for (i = 0; i < num_sam_entries; i++)
{
+ int acct_name_len = strlen(alss[i].name);
+
make_sam_entry(&(r_u->sam[i]),
- grps[i].uni_user_name.uni_str_len,
- grps[i].user_rid);
+ acct_name_len,
+ alss[i].rid);
- copy_unistr2(&(r_u->uni_grp_name[i]), &(grps[i].uni_user_name));
+ make_unistr2(&(r_u->uni_grp_name[i]), alss[i].name , acct_name_len);
}
r_u->num_entries4 = num_sam_entries;
@@ -1415,7 +1417,7 @@ makes a SAMR_R_ENUM_DOM_GROUPS structure.
********************************************************************/
void make_samr_r_enum_dom_groups(SAMR_R_ENUM_DOM_GROUPS *r_u,
uint32 start_idx, uint32 num_sam_entries,
- SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES],
+ DOMAIN_GRP *grp,
uint32 status)
{
int i;
@@ -1436,14 +1438,17 @@ void make_samr_r_enum_dom_groups(SAMR_R_ENUM_DOM_GROUPS *r_u,
{
for (i = start_idx, entries_added = 0; i < num_sam_entries; i++)
{
+ int acct_name_len = strlen(grp[i].name);
+ int acct_desc_len = strlen(grp[i].comment);
+
make_sam_entry3(&(r_u->sam[entries_added]),
start_idx + entries_added + 1,
- pass[i].uni_user_name.uni_str_len,
- pass[i].uni_acct_desc.uni_str_len,
- pass[i].user_rid);
+ acct_name_len,
+ acct_desc_len,
+ grp[i].rid);
- copy_unistr2(&(r_u->str[entries_added].uni_grp_name), &(pass[i].uni_user_name));
- copy_unistr2(&(r_u->str[entries_added].uni_grp_desc), &(pass[i].uni_acct_desc));
+ make_unistr2(&(r_u->str[entries_added].uni_grp_name), grp[i].name , acct_name_len);
+ make_unistr2(&(r_u->str[entries_added].uni_grp_desc), grp[i].comment, acct_desc_len);
entries_added++;
}
@@ -1793,7 +1798,7 @@ void samr_io_q_lookup_names(char *desc, SAMR_Q_LOOKUP_NAMES *q_u, prs_struct *p
makes a SAMR_R_LOOKUP_NAMES structure.
********************************************************************/
void make_samr_r_lookup_names(SAMR_R_LOOKUP_NAMES *r_u,
- uint32 num_rids, uint32 *rid, uint32 status)
+ uint32 num_rids, uint32 *rid, uint8 *type, uint32 status)
{
int i;
if (r_u == NULL) return;
@@ -1810,7 +1815,7 @@ void make_samr_r_lookup_names(SAMR_R_LOOKUP_NAMES *r_u,
for (i = 0; i < num_rids; i++)
{
- make_dom_rid3(&(r_u->dom_rid[i]), rid[i], 0x01);
+ make_dom_rid3(&(r_u->dom_rid[i]), rid[i], type[i]);
}
r_u->num_entries3 = num_rids;
@@ -2100,7 +2105,7 @@ void make_samr_r_query_usergroups(SAMR_R_QUERY_USERGROUPS *r_u,
{
r_u->ptr_0 = 1;
r_u->num_entries = num_gids;
- r_u->ptr_1 = 1;
+ r_u->ptr_1 = (num_gids != 0) ? 1 : 0;
r_u->num_entries2 = num_gids;
r_u->gid = gid;
diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c
index 5e6e101883..51b6e8d25b 100644
--- a/source3/rpc_server/srv_lsa.c
+++ b/source3/rpc_server/srv_lsa.c
@@ -29,6 +29,12 @@
extern int DEBUGLEVEL;
extern DOM_SID global_sam_sid;
+extern fstring global_sam_name;
+extern DOM_SID global_member_sid;
+extern fstring global_myworkgroup;
+extern DOM_SID global_sid_S_1_1;
+extern DOM_SID global_sid_S_1_3;
+extern DOM_SID global_sid_S_1_5;
/***************************************************************************
lsa_reply_open_policy2
@@ -84,8 +90,8 @@ static void make_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
d_q->uni_dom_max_len = domlen * 2;
d_q->uni_dom_str_len = domlen * 2;
- d_q->buffer_dom_name = 4; /* domain buffer pointer */
- d_q->buffer_dom_sid = 2; /* domain sid pointer */
+ d_q->buffer_dom_name = domlen != 0 ? 1 : 0; /* domain buffer pointer */
+ d_q->buffer_dom_sid = dom_sid != NULL ? 1 : 0; /* domain sid pointer */
/* this string is supposed to be character short */
make_unistr2(&(d_q->uni_domain_name), dom_name, domlen);
@@ -137,50 +143,70 @@ static void lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata,
/***************************************************************************
-make_dom_ref
+make_dom_ref - adds a domain if it's not already in, returns the index
***************************************************************************/
-static void make_dom_ref(DOM_R_REF *ref, int num_domains,
- char **dom_names, DOM_SID **dom_sids)
+static int make_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid)
{
- int i;
+ int num = 0;
+ int len;
- if (num_domains > MAX_REF_DOMAINS)
+ if (dom_name != NULL)
{
- num_domains = MAX_REF_DOMAINS;
+ for (num = 0; num < ref->num_ref_doms_1; num++)
+ {
+ fstring domname;
+ fstrcpy(domname, unistr2_to_str(&ref->ref_dom[num].uni_dom_name));
+ if (strequal(domname, dom_name))
+ {
+ return num;
+ }
+ }
+
+ }
+ else
+ {
+ num = ref->num_ref_doms_1;
+ }
+
+ if (num >= MAX_REF_DOMAINS)
+ {
+ /* index not found, already at maximum domain limit */
+ return -1;
}
ref->undoc_buffer = 1;
- ref->num_ref_doms_1 = num_domains;
+ ref->num_ref_doms_1 = num+1;
ref->undoc_buffer2 = 1;
ref->max_entries = MAX_REF_DOMAINS;
- ref->num_ref_doms_2 = num_domains;
+ ref->num_ref_doms_2 = num+1;
- for (i = 0; i < num_domains; i++)
- {
- int len = dom_names[i] != NULL ? strlen(dom_names[i]) : 0;
+ len = dom_name != NULL ? strlen(dom_name) : 0;
- make_uni_hdr(&(ref->hdr_ref_dom[i].hdr_dom_name), len, len, len != 0 ? 1 : 0);
- ref->hdr_ref_dom[i].ptr_dom_sid = dom_sids[i] != NULL ? 1 : 0;
+ make_uni_hdr(&(ref->hdr_ref_dom[num].hdr_dom_name), len, len, len != 0 ? 1 : 0);
+ ref->hdr_ref_dom[num].ptr_dom_sid = dom_sid != NULL ? 1 : 0;
- make_unistr2 (&(ref->ref_dom[i].uni_dom_name), dom_names[i], len);
- make_dom_sid2(&(ref->ref_dom[i].ref_dom ), dom_sids [i]);
- }
+ make_unistr2 (&(ref->ref_dom[num].uni_dom_name), dom_name, len);
+ make_dom_sid2(&(ref->ref_dom[num].ref_dom ), dom_sid );
+ return num;
}
/***************************************************************************
make_reply_lookup_rids
***************************************************************************/
static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
- int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
- int num_ref_doms,
- char **dom_names, DOM_SID **dom_sids)
+ int num_entries,
+ uint32 dom_rids[MAX_LOOKUP_SIDS],
+ uint8 dom_types[MAX_LOOKUP_SIDS])
{
int i;
- make_dom_ref(&(r_l->dom_ref), num_ref_doms, dom_names, dom_sids);
+ r_l->num_entries = 0;
+ r_l->undoc_buffer = 0;
+ r_l->num_entries2 = 0;
+#if 0
r_l->num_entries = num_entries;
r_l->undoc_buffer = 1;
r_l->num_entries2 = num_entries;
@@ -189,58 +215,85 @@ static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
for (i = 0; i < num_entries; i++)
{
- make_dom_rid2(&(r_l->dom_rid[i]), dom_rids[i], 0x01);
+ make_dom_ref(&(r_l->dom_ref), dom_name, dom_sid);
+ make_dom_rid2(&(r_l->dom_rid[i]), dom_rids[i], dom_types[i]);
}
r_l->num_entries3 = num_entries;
+#endif
}
/***************************************************************************
make_lsa_trans_names
***************************************************************************/
-static void make_lsa_trans_names(LSA_TRANS_NAME_ENUM *trn,
+static void make_lsa_trans_names(DOM_R_REF *ref,
+ LSA_TRANS_NAME_ENUM *trn,
int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
- uint32 *total)
+ uint32 *mapped_count)
{
- uint32 status = 0x0;
int i;
- (*total) = 0;
+ int total = 0;
+ (*mapped_count) = 0;
SMB_ASSERT(num_entries <= MAX_LOOKUP_SIDS);
for (i = 0; i < num_entries; i++)
{
+ uint32 status = 0x0;
+ DOM_SID find_sid = sid[i].sid;
+ DOM_SID tmp = sid[i].sid;
uint32 rid = 0xffffffff;
- uint8 num_auths = sid[i].sid.num_auths;
+ int dom_idx = -1;
fstring name;
- uint32 type;
+ fstring dom_name;
+ uint8 sid_name_use = 0;
- SMB_ASSERT_ARRAY(sid[i].sid.sub_auths, num_auths);
+ memset(dom_name, 0, sizeof(dom_name));
+ memset(name , 0, sizeof(name ));
- /* find the rid to look up */
- if (num_auths != 0)
+ if (map_domain_sid_to_name(&find_sid, dom_name))
+ {
+ sid_name_use = SID_NAME_DOMAIN;
+ dom_idx = make_dom_ref(ref, dom_name, &find_sid);
+ }
+ else if (sid_split_rid (&find_sid, &rid) &&
+ map_domain_sid_to_name(&find_sid, dom_name))
+ {
+ if (sid_equal(&find_sid, &global_sam_sid))
+ {
+ status = lookup_name(&tmp, name, &sid_name_use);
+ }
+ else
+ {
+ status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
+ }
+ }
+ else
{
- rid = sid[i].sid.sub_auths[num_auths-1];
-
status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-
- status = (status != 0x0) ? lookup_user_name (rid, name, &type) : status;
- status = (status != 0x0) ? lookup_group_name(rid, name, &type) : status;
- status = (status != 0x0) ? lookup_alias_name(rid, name, &type) : status;
}
+ dom_idx = make_dom_ref(ref, dom_name, &find_sid);
+
if (status == 0x0)
{
- make_lsa_trans_name(&(trn->name [(*total)]),
- &(trn->uni_name[(*total)]),
- type, name, (*total));
- (*total)++;
+ (*mapped_count)++;
+ }
+ else
+ {
+ snprintf(name, sizeof(name), "%08x", rid);
+ sid_name_use = SID_NAME_UNKNOWN;
+
}
+ make_lsa_trans_name(&(trn->name [total]),
+ &(trn->uni_name[total]),
+ sid_name_use, name, dom_idx);
+ total++;
}
- trn->num_entries = (*total);
+ trn->num_entries = total;
trn->ptr_trans_names = 1;
- trn->num_entries2 = (*total);
+ trn->num_entries2 = total;
}
/***************************************************************************
@@ -260,9 +313,7 @@ static void make_reply_lookup_sids(LSA_R_LOOKUP_SIDS *r_l,
lsa_reply_lookup_sids
***************************************************************************/
static void lsa_reply_lookup_sids(prs_struct *rdata,
- int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
- int num_ref_doms,
- char **dom_names, DOM_SID **dom_sids)
+ DOM_SID2 *sid, int num_entries)
{
LSA_R_LOOKUP_SIDS r_l;
DOM_R_REF ref;
@@ -274,8 +325,7 @@ static void lsa_reply_lookup_sids(prs_struct *rdata,
ZERO_STRUCT(names);
/* set up the LSA Lookup SIDs response */
- make_dom_ref(&ref, num_ref_doms, dom_names, dom_sids);
- make_lsa_trans_names(&names, num_entries, sid, &mapped_count);
+ make_lsa_trans_names(&ref, &names, num_entries, sid, &mapped_count);
make_reply_lookup_sids(&r_l, &ref, &names, mapped_count, 0x0);
/* store the response in the SMB stream */
@@ -286,17 +336,17 @@ static void lsa_reply_lookup_sids(prs_struct *rdata,
lsa_reply_lookup_rids
***************************************************************************/
static void lsa_reply_lookup_rids(prs_struct *rdata,
- int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
- int num_ref_doms,
- char **dom_names, DOM_SID **dom_sids)
+ int num_entries,
+ uint32 dom_rids[MAX_LOOKUP_SIDS],
+ uint8 dom_types[MAX_LOOKUP_SIDS])
{
LSA_R_LOOKUP_RIDS r_l;
ZERO_STRUCT(r_l);
/* set up the LSA Lookup RIDs response */
- make_reply_lookup_rids(&r_l, num_entries, dom_rids,
- num_ref_doms, dom_names, dom_sids);
+ make_reply_lookup_rids(&r_l, num_entries, dom_rids, dom_types);
+
r_l.status = 0x0;
/* store the response in the SMB stream */
@@ -365,17 +415,39 @@ static void api_lsa_query_info( uint16 vuid, prs_struct *data,
prs_struct *rdata )
{
LSA_Q_QUERY_INFO q_i;
- pstring dom_name;
+ fstring name;
+ DOM_SID *sid = NULL;
+ memset(name, 0, sizeof(name));
ZERO_STRUCT(q_i);
/* grab the info class and policy handle */
lsa_io_q_query("", &q_i, data, 0);
- pstrcpy(dom_name, lp_workgroup());
+ switch (q_i.info_class)
+ {
+ case 0x03:
+ {
+ fstrcpy(name, global_myworkgroup);
+ sid = &global_member_sid;
+ break;
+ }
+ case 0x05:
+ {
+ fstrcpy(name, global_sam_name);
+ sid = &global_sam_sid;
+ break;
+ }
+ default:
+ {
+ DEBUG(5,("unknown info level in Lsa Query: %d\n",
+ q_i.info_class));
+ break;
+ }
+ }
/* construct reply. return status is always 0x0 */
- lsa_reply_query_info(&q_i, rdata, dom_name, &global_sam_sid);
+ lsa_reply_query_info(&q_i, rdata, name, sid);
}
/***************************************************************************
@@ -385,44 +457,13 @@ static void api_lsa_lookup_sids( uint16 vuid, prs_struct *data,
prs_struct *rdata )
{
LSA_Q_LOOKUP_SIDS q_l;
- pstring dom_name;
- DOM_SID sid_S_1_1;
- DOM_SID sid_S_1_3;
- DOM_SID sid_S_1_5;
-
- DOM_SID *sid_array[4];
- char *dom_names[4];
-
ZERO_STRUCT(q_l);
- ZERO_STRUCT(sid_S_1_1);
- ZERO_STRUCT(sid_S_1_3);
- ZERO_STRUCT(sid_S_1_5);
/* grab the info class and policy handle */
lsa_io_q_lookup_sids("", &q_l, data, 0);
- pstrcpy(dom_name, lp_workgroup());
-
- string_to_sid(&sid_S_1_1, "S-1-1");
- string_to_sid(&sid_S_1_3, "S-1-3");
- string_to_sid(&sid_S_1_5, "S-1-5");
-
- dom_names[0] = dom_name;
- sid_array[0] = &global_sam_sid;
-
- dom_names[1] = "Everyone";
- sid_array[1] = &sid_S_1_1;
-
- dom_names[2] = "don't know";
- sid_array[2] = &sid_S_1_3;
-
- dom_names[3] = "NT AUTHORITY";
- sid_array[3] = &sid_S_1_5;
-
/* construct reply. return status is always 0x0 */
- lsa_reply_lookup_sids(rdata,
- q_l.sids.num_entries, q_l.sids.sid, /* SIDs */
- 4, dom_names, sid_array);
+ lsa_reply_lookup_sids(rdata, q_l.sids.sid, q_l.sids.num_entries);
}
/***************************************************************************
@@ -433,63 +474,24 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
{
int i;
LSA_Q_LOOKUP_RIDS q_l;
- pstring dom_name;
uint32 dom_rids[MAX_LOOKUP_SIDS];
- uint32 dummy_g_rid;
-
- DOM_SID sid_S_1_1;
- DOM_SID sid_S_1_3;
- DOM_SID sid_S_1_5;
-
- DOM_SID *sid_array[4];
- char *dom_names[4];
+ uint8 dom_types[MAX_LOOKUP_SIDS];
ZERO_STRUCT(q_l);
- ZERO_STRUCT(sid_S_1_1);
- ZERO_STRUCT(sid_S_1_3);
- ZERO_STRUCT(sid_S_1_5);
ZERO_ARRAY(dom_rids);
/* grab the info class and policy handle */
lsa_io_q_lookup_rids("", &q_l, data, 0);
- pstrcpy(dom_name, lp_workgroup());
-
- string_to_sid(&sid_S_1_1, "S-1-1");
- string_to_sid(&sid_S_1_3, "S-1-3");
- string_to_sid(&sid_S_1_5, "S-1-5");
-
- dom_names[0] = dom_name;
- sid_array[0] = &global_sam_sid;
-
- dom_names[1] = "Everyone";
- sid_array[1] = &sid_S_1_1;
-
- dom_names[2] = "don't know";
- sid_array[2] = &sid_S_1_3;
-
- dom_names[3] = "NT AUTHORITY";
- sid_array[3] = &sid_S_1_5;
-
SMB_ASSERT_ARRAY(q_l.lookup_name, q_l.num_entries);
/* convert received RIDs to strings, so we can do them. */
for (i = 0; i < q_l.num_entries; i++)
{
- fstring user_name;
- fstrcpy(user_name, unistr2(q_l.lookup_name[i].str.buffer));
-
- /*
- * Map to the UNIX username.
- */
- map_username(user_name);
-
- /*
- * Do any case conversions.
- */
- (void)Get_Pwnam(user_name, True);
+ fstring name;
+ fstrcpy(name, unistr2(q_l.lookup_name[i].str.buffer));
- if (!pdb_name_to_rid(user_name, &dom_rids[i], &dummy_g_rid))
+ if (lookup_rid(name, &dom_rids[i], &dom_types[i]))
{
/* WHOOPS! we should really do something about this... */
dom_rids[i] = 0;
@@ -498,8 +500,9 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
/* construct reply. return status is always 0x0 */
lsa_reply_lookup_rids(rdata,
- q_l.num_entries, dom_rids, /* text-converted SIDs */
- 4, dom_names, sid_array);
+ q_l.num_entries,
+ dom_rids, /* text-converted SIDs */
+ dom_types); /* SID_NAME_USE types */
}
/***************************************************************************
diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c
index b807c40604..dabc5520ff 100644
--- a/source3/rpc_server/srv_lsa_hnd.c
+++ b/source3/rpc_server/srv_lsa_hnd.c
@@ -290,7 +290,8 @@ BOOL close_lsa_policy_hnd(POLICY_HND *hnd)
{
struct policy *p = find_lsa_policy(hnd);
- if (!p) {
+ if (!p)
+ {
DEBUG(3,("Error closing policy\n"));
return False;
}
@@ -302,6 +303,7 @@ BOOL close_lsa_policy_hnd(POLICY_HND *hnd)
bitmap_clear(bmap, p->pnum);
ZERO_STRUCTP(p);
+ ZERO_STRUCTP(hnd);
free(p);
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 04118800e2..77b17dca2f 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -1,4 +1,3 @@
-
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -544,7 +543,8 @@ static uint32 net_login_interactive(NET_ID_INFO_1 *id1,
net_login_network:
*************************************************************************/
static uint32 net_login_network(NET_ID_INFO_2 *id2,
- struct smb_passwd *smb_pass)
+ struct smb_passwd *smb_pass,
+ user_struct *vuser)
{
DEBUG(5,("net_login_network: lm_len: %d nt_len: %d\n",
id2->hdr_lm_chal_resp.str_str_len,
@@ -593,221 +593,213 @@ static void api_net_sam_logon( uint16 vuid,
prs_struct *data,
prs_struct *rdata)
{
- NET_Q_SAM_LOGON q_l;
- NET_ID_INFO_CTR ctr;
- NET_USER_INFO_3 usr_info;
- uint32 status = 0x0;
- DOM_CRED srv_cred;
- struct smb_passwd *smb_pass = NULL;
- UNISTR2 *uni_samlogon_user = NULL;
-
- user_struct *vuser = NULL;
-
- if ((vuser = get_valid_user_struct(vuid)) == NULL)
- return;
-
- q_l.sam_id.ctr = &ctr;
-
- net_io_q_sam_logon("", &q_l, data, 0);
-
- /* checks and updates credentials. creates reply credentials */
- if (!deal_with_creds(vuser->dc.sess_key, &(vuser->dc.clnt_cred),
- &(q_l.sam_id.client.cred), &srv_cred))
- {
- status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- }
- else
- {
- memcpy(&(vuser->dc.srv_cred), &(vuser->dc.clnt_cred), sizeof(vuser->dc.clnt_cred));
- }
-
- /* find the username */
-
- if (status == 0)
- {
- switch (q_l.sam_id.logon_level)
- {
- case INTERACTIVE_LOGON_TYPE:
- {
- uni_samlogon_user = &(q_l.sam_id.ctr->auth.id1.uni_user_name);
-
- DEBUG(3,("SAM Logon (Interactive). Domain:[%s]. ", lp_workgroup()));
- break;
- }
- case NET_LOGON_TYPE:
- {
- uni_samlogon_user = &(q_l.sam_id.ctr->auth.id2.uni_user_name);
-
- DEBUG(3,("SAM Logon (Network). Domain:[%s]. ", lp_workgroup()));
- break;
- }
- default:
- {
- DEBUG(2,("SAM Logon: unsupported switch value\n"));
- status = 0xC0000000 | NT_STATUS_INVALID_INFO_CLASS;
- break;
- }
- } /* end switch */
- } /* end if status == 0 */
-
- /* check username exists */
-
- if (status == 0)
- {
- pstrcpy(samlogon_user, unistrn2(uni_samlogon_user->buffer,
- uni_samlogon_user->uni_str_len));
-
- DEBUG(3,("User:[%s]\n", samlogon_user));
+ NET_Q_SAM_LOGON q_l;
+ NET_ID_INFO_CTR ctr;
+ NET_USER_INFO_3 usr_info;
+ uint32 status = 0x0;
+ DOM_CRED srv_cred;
+ struct smb_passwd *smb_pass = NULL;
+ UNISTR2 *uni_samlogon_user = NULL;
- /*
- * Convert to a UNIX username.
- */
- map_username(samlogon_user);
+ user_struct *vuser = NULL;
- /*
- * Do any case conversions.
- */
- (void)Get_Pwnam(samlogon_user, True);
-
- become_root(True);
- smb_pass = getsmbpwnam(samlogon_user);
- unbecome_root(True);
-
- if (smb_pass == NULL)
- status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
- else if (smb_pass->acct_ctrl & ACB_PWNOTREQ)
- status = 0;
- else if (smb_pass->acct_ctrl & ACB_DISABLED)
- status = 0xC0000000 | NT_STATUS_ACCOUNT_DISABLED;
- }
-
- /* Validate password - if required. */
-
- if ((status == 0) && !(smb_pass->acct_ctrl & ACB_PWNOTREQ))
- {
- switch (q_l.sam_id.logon_level)
- {
- case INTERACTIVE_LOGON_TYPE:
- {
- /* interactive login. */
- status = net_login_interactive(&q_l.sam_id.ctr->auth.id1, smb_pass, vuser);
- break;
- }
- case NET_LOGON_TYPE:
- {
- /* network login. lm challenge and 24 byte responses */
- status = net_login_network(&q_l.sam_id.ctr->auth.id2, smb_pass);
- break;
- }
- }
- }
-
- /* lkclXXXX this is the point at which, if the login was
- successful, that the SAM Local Security Authority should
- record that the user is logged in to the domain.
- */
-
- /* return the profile plus other bits :-) */
-
- if (status == 0)
- {
- DOM_GID *gids = NULL;
- int num_gids = 0;
- NTTIME dummy_time;
- pstring logon_script;
- pstring profile_path;
- pstring home_dir;
- pstring home_drive;
- pstring my_name;
- pstring my_workgroup;
- pstring domain_groups;
- uint32 r_uid;
- uint32 r_gid;
-
- /* set up pointer indicating user/password failed to be found */
- usr_info.ptr_user_info = 0;
-
- dummy_time.low = 0xffffffff;
- dummy_time.high = 0x7fffffff;
-
- /* XXXX hack to get standard_sub_basic() to use sam logon username */
- /* possibly a better way would be to do a become_user() call */
- sam_logon_in_ssb = True;
-
- pstrcpy(logon_script, lp_logon_script());
- pstrcpy(profile_path, lp_logon_path());
-
- pstrcpy(my_workgroup, lp_workgroup());
-
- pstrcpy(home_drive, lp_logon_drive());
- pstrcpy(home_dir, lp_logon_home());
-
- pstrcpy(my_name, global_myname);
- strupper(my_name);
+ if ((vuser = get_valid_user_struct(vuid)) == NULL)
+ return;
- /*
- * This is the point at which we get the group
- * database - we should be getting the gid_t list
- * from /etc/group and then turning the uids into
- * rids and then into machine sids for this user.
- * JRA.
- */
+ q_l.sam_id.ctr = &ctr;
- get_domain_user_groups(domain_groups, samlogon_user);
+ net_io_q_sam_logon("", &q_l, data, 0);
- /*
- * make_dom_gids allocates the gids array. JRA.
- */
- gids = NULL;
- num_gids = make_dom_gids(domain_groups, &gids);
-
- sam_logon_in_ssb = False;
-
- if (pdb_name_to_rid(samlogon_user, &r_uid, &r_gid))
- {
- make_net_user_info3(&usr_info,
- &dummy_time, /* logon_time */
- &dummy_time, /* logoff_time */
- &dummy_time, /* kickoff_time */
- &dummy_time, /* pass_last_set_time */
- &dummy_time, /* pass_can_change_time */
- &dummy_time, /* pass_must_change_time */
-
- samlogon_user , /* user_name */
- vuser->real_name, /* full_name */
- logon_script , /* logon_script */
- profile_path , /* profile_path */
- home_dir , /* home_dir */
- home_drive , /* dir_drive */
-
- 0, /* logon_count */
- 0, /* bad_pw_count */
-
- r_uid , /* RID user_id */
- r_gid , /* RID group_id */
- num_gids, /* uint32 num_groups */
- gids , /* DOM_GID *gids */
- 0x20 , /* uint32 user_flgs (?) */
-
- NULL, /* char sess_key[16] */
-
- my_name , /* char *logon_srv */
- my_workgroup, /* char *logon_dom */
-
- &global_sam_sid, /* DOM_SID *dom_sid */
- NULL); /* char *other_sids */
- }
- else
- {
- status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
- }
-
- /* Free any allocated groups array. */
- if(gids)
- free((char *)gids);
- }
-
- net_reply_sam_logon(&q_l, rdata, &srv_cred, &usr_info, status);
+ /* checks and updates credentials. creates reply credentials */
+ if (!deal_with_creds(vuser->dc.sess_key, &(vuser->dc.clnt_cred),
+ &(q_l.sam_id.client.cred), &srv_cred))
+ {
+ status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
+ }
+ else
+ {
+ memcpy(&(vuser->dc.srv_cred), &(vuser->dc.clnt_cred), sizeof(vuser->dc.clnt_cred));
+ }
+
+ /* find the username */
+
+ if (status == 0)
+ {
+ switch (q_l.sam_id.logon_level)
+ {
+ case INTERACTIVE_LOGON_TYPE:
+ {
+ uni_samlogon_user = &(q_l.sam_id.ctr->auth.id1.uni_user_name);
+
+ DEBUG(3,("SAM Logon (Interactive). Domain:[%s]. ", lp_workgroup()));
+ break;
+ }
+ case NET_LOGON_TYPE:
+ {
+ uni_samlogon_user = &(q_l.sam_id.ctr->auth.id2.uni_user_name);
+
+ DEBUG(3,("SAM Logon (Network). Domain:[%s]. ", lp_workgroup()));
+ break;
+ }
+ default:
+ {
+ DEBUG(2,("SAM Logon: unsupported switch value\n"));
+ status = 0xC0000000 | NT_STATUS_INVALID_INFO_CLASS;
+ break;
+ }
+ } /* end switch */
+ } /* end if status == 0 */
+
+ /* check username exists */
+
+ if (status == 0)
+ {
+ pstrcpy(samlogon_user, unistrn2(uni_samlogon_user->buffer,
+ uni_samlogon_user->uni_str_len));
+
+ DEBUG(3,("User:[%s]\n", samlogon_user));
+
+ /*
+ * Convert to a UNIX username.
+ */
+ map_username(samlogon_user);
+
+ /*
+ * Do any case conversions.
+ */
+ (void)Get_Pwnam(samlogon_user, True);
+
+ become_root(True);
+ smb_pass = getsmbpwnam(samlogon_user);
+ unbecome_root(True);
+
+ if (smb_pass == NULL)
+ {
+ status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
+ }
+ else if (IS_BITS_SET_ALL(smb_pass->acct_ctrl, ACB_DISABLED) &&
+ IS_BITS_CLR_ALL(smb_pass->acct_ctrl, ACB_PWNOTREQ))
+ {
+ status = 0xC0000000 | NT_STATUS_ACCOUNT_DISABLED;
+ }
+ }
+
+ /* validate password - if required */
+
+ if (status == 0 && !(IS_BITS_SET_ALL(smb_pass->acct_ctrl, ACB_PWNOTREQ)))
+ {
+ switch (q_l.sam_id.logon_level)
+ {
+ case INTERACTIVE_LOGON_TYPE:
+ {
+ /* interactive login. */
+ status = net_login_interactive(&q_l.sam_id.ctr->auth.id1, smb_pass, vuser);
+ break;
+ }
+ case NET_LOGON_TYPE:
+ {
+ /* network login. lm challenge and 24 byte responses */
+ status = net_login_network(&q_l.sam_id.ctr->auth.id2, smb_pass, vuser);
+ break;
+ }
+ }
+ }
+
+ /* lkclXXXX this is the point at which, if the login was
+ successful, that the SAM Local Security Authority should
+ record that the user is logged in to the domain.
+ */
+
+ /* return the profile plus other bits :-) */
+
+ if (status == 0)
+ {
+ DOM_GID *gids = NULL;
+ int num_gids = 0;
+ NTTIME dummy_time;
+ pstring logon_script;
+ pstring profile_path;
+ pstring home_dir;
+ pstring home_drive;
+ pstring my_name;
+ pstring my_workgroup;
+ DOMAIN_GRP *grp_mem;
+ uint32 r_uid;
+ uint32 r_gid;
+
+ /* set up pointer indicating user/password failed to be found */
+ usr_info.ptr_user_info = 0;
+
+ dummy_time.low = 0xffffffff;
+ dummy_time.high = 0x7fffffff;
+
+ /* XXXX hack to get standard_sub_basic() to use sam logon username */
+ /* possibly a better way would be to do a become_user() call */
+ sam_logon_in_ssb = True;
+
+ pstrcpy(logon_script, lp_logon_script());
+ pstrcpy(profile_path, lp_logon_path());
+
+ pstrcpy(my_workgroup, lp_workgroup());
+
+ pstrcpy(home_drive, lp_logon_drive());
+ pstrcpy(home_dir, lp_logon_home());
+ pstrcpy(my_name, global_myname);
+ strupper(my_name);
+
+ status = lookup_user_rids(samlogon_user, &r_uid, &r_gid);
+ status = status == 0 ? getusergroupsnam(samlogon_user, &grp_mem, &num_gids) : 0xC0000000 | NT_STATUS_INVALID_PRIMARY_GROUP;
+
+ if (status == 0x0)
+ {
+ gids = NULL;
+ num_gids = make_dom_gids(grp_mem, num_gids, &gids);
+
+ make_net_user_info3(&usr_info,
+ &dummy_time, /* logon_time */
+ &dummy_time, /* logoff_time */
+ &dummy_time, /* kickoff_time */
+ &dummy_time, /* pass_last_set_time */
+ &dummy_time, /* pass_can_change_time */
+ &dummy_time, /* pass_must_change_time */
+
+ samlogon_user , /* user_name */
+ vuser->real_name, /* full_name */
+ logon_script , /* logon_script */
+ profile_path , /* profile_path */
+ home_dir , /* home_dir */
+ home_drive , /* dir_drive */
+
+ 0, /* logon_count */
+ 0, /* bad_pw_count */
+
+ r_uid , /* RID user_id */
+ r_gid , /* RID group_id */
+ num_gids, /* uint32 num_groups */
+ gids , /* DOM_GID *gids */
+ 0x20 , /* uint32 user_flgs (?) */
+
+ NULL, /* char sess_key[16] */
+
+ my_name , /* char *logon_srv */
+ my_workgroup, /* char *logon_dom */
+
+ &global_sam_sid, /* DOM_SID *dom_sid */
+ NULL); /* char *other_sids */
+ }
+ else
+ {
+ status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
+ }
+
+ /* Free any allocated groups array. */
+ if (gids)
+ {
+ free((char *)gids);
+ }
+ }
+
+ net_reply_sam_logon(&q_l, rdata, &srv_cred, &usr_info, status);
}
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index 323298ef7a..b70a71b5c0 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -30,9 +30,11 @@ extern int DEBUGLEVEL;
extern BOOL sam_logon_in_ssb;
extern pstring samlogon_user;
-extern fstring global_myworkgroup;
+extern fstring global_sam_name;
extern pstring global_myname;
extern DOM_SID global_sam_sid;
+extern DOM_SID global_sid_S_1_1;
+extern DOM_SID global_sid_S_1_5_20;
extern rid_name domain_group_rids[];
extern rid_name domain_alias_rids[];
@@ -79,8 +81,8 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf,
user_name_len = strlen(pwd->smb_name);
make_unistr2(&(pw_buf[(*num_entries)].uni_user_name), pwd->smb_name, user_name_len);
- make_uni_hdr(&(pw_buf[(*num_entries)].hdr_user_name), user_name_len,
- user_name_len, 1);
+ make_uni_hdr(&(pw_buf[(*num_entries)].hdr_user_name), user_name_len-1,
+ user_name_len-1, 1);
pw_buf[(*num_entries)].user_rid = pwd->user_rid;
bzero( pw_buf[(*num_entries)].nt_pwd , 16);
@@ -292,24 +294,21 @@ static void samr_reply_unknown_3(SAMR_Q_UNKNOWN_3 *q_u,
if (status == 0x0)
{
- DOM_SID user_sid;
- DOM_SID everyone_sid;
+ DOM_SID usr_sid;
- user_sid = global_sam_sid;
+ usr_sid = global_sam_sid;
- SMB_ASSERT_ARRAY(user_sid.sub_auths, user_sid.num_auths+1);
+ SMB_ASSERT_ARRAY(usr_sid.sub_auths, usr_sid.num_auths+1);
/*
* Add the user RID.
*/
- user_sid.sub_auths[user_sid.num_auths++] = rid;
+ sid_append_rid(&usr_sid, rid);
- string_to_sid(&everyone_sid, "S-1-1");
-
- /* maybe need another 1 or 2 (S-1-5-0x20-0x220 and S-1-5-20-0x224) */
- /* these two are DOMAIN_ADMIN and DOMAIN_ACCT_OP group RIDs */
- make_dom_sid3(&(sid[0]), 0x035b, 0x0002, &everyone_sid);
- make_dom_sid3(&(sid[1]), 0x0044, 0x0002, &user_sid);
+ /* maybe need another 1 or 2 (S-1-5-0x20-0x220 and S-1-5-20-0x224) */
+ /* these two are DOMAIN_ADMIN and DOMAIN_ACCT_OP group RIDs */
+ make_dom_sid3(&(sid[0]), 0x035b, 0x0002, &global_sid_S_1_1);
+ make_dom_sid3(&(sid[1]), 0x0044, 0x0002, &usr_sid);
}
make_samr_r_unknown_3(&r_u,
@@ -400,37 +399,92 @@ static void samr_reply_enum_dom_groups(SAMR_Q_ENUM_DOM_GROUPS *q_u,
prs_struct *rdata)
{
SAMR_R_ENUM_DOM_GROUPS r_e;
- SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
- int num_entries;
+ DOMAIN_GRP *grps = NULL;
+ int num_entries = 0;
BOOL got_grps;
- char *dummy_group = "Domain Admins";
+ DOM_SID sid;
+ fstring sid_str;
r_e.status = 0x0;
r_e.num_entries = 0;
/* find the policy handle. open a policy on it. */
- if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
+ if (r_e.status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &sid))
{
r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
}
- DEBUG(5,("samr_reply_enum_dom_groups: %d\n", __LINE__));
+ sid_to_string(sid_str, &sid);
+
+ DEBUG(5,("samr_reply_enum_dom_groups: sid %s\n", sid_str));
+
+ /* well-known groups */
+ if (sid_equal(&sid, &global_sid_S_1_5_20))
+ {
+ char *name;
+ got_grps = True;
+
+ while (num_entries < MAX_SAM_ENTRIES && ((name = domain_group_rids[num_entries].name) != NULL))
+ {
+ DOMAIN_GRP tmp_grp;
+
+ fstrcpy(tmp_grp.name , name);
+ fstrcpy(tmp_grp.comment, "");
+ tmp_grp.rid = domain_group_rids[num_entries].rid;
+ tmp_grp.attr = 0x7;
+
+ if (!add_domain_group(&grps, &num_entries, &tmp_grp))
+ {
+ r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
+ break;
+ }
+ }
+ }
+ else if (sid_equal(&sid, &global_sam_sid))
+ {
+ BOOL ret;
+ char *name;
+ got_grps = True;
+
+ while (num_entries < MAX_SAM_ENTRIES && ((name = domain_group_rids[num_entries].name) != NULL))
+ {
+ DOMAIN_GRP tmp_grp;
+
+ fstrcpy(tmp_grp.name , name);
+ fstrcpy(tmp_grp.comment, "");
+ tmp_grp.rid = domain_group_rids[num_entries].rid;
+ tmp_grp.attr = 0x7;
- got_grps = True;
- num_entries = 1;
- make_unistr2(&(pass[0].uni_user_name), dummy_group, strlen(dummy_group));
- pass[0].user_rid = DOMAIN_GROUP_RID_ADMINS;
+ if (!add_domain_group(&grps, &num_entries, &tmp_grp))
+ {
+ r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
+ break;
+ }
+ }
+
+ become_root(True);
+ ret = enumdomgroups(&grps, &num_entries);
+ unbecome_root(True);
+ if (!ret)
+ {
+ r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
+ }
+ }
if (r_e.status == 0 && got_grps)
{
- make_samr_r_enum_dom_groups(&r_e, q_u->start_idx, num_entries, pass, r_e.status);
+ make_samr_r_enum_dom_groups(&r_e, q_u->start_idx, num_entries, grps, r_e.status);
}
/* store the response in the SMB stream */
samr_io_r_enum_dom_groups("", &r_e, rdata, 0);
- DEBUG(5,("samr_enum_dom_groups: %d\n", __LINE__));
+ if (grps != NULL)
+ {
+ free(grps);
+ }
+ DEBUG(5,("samr_enum_dom_groups: %d\n", __LINE__));
}
/*******************************************************************
@@ -455,11 +509,10 @@ static void samr_reply_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_u,
prs_struct *rdata)
{
SAMR_R_ENUM_DOM_ALIASES r_e;
- SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
+ LOCAL_GRP *alss = NULL;
int num_entries = 0;
DOM_SID sid;
fstring sid_str;
- fstring sam_sid_str;
r_e.status = 0x0;
r_e.num_entries = 0;
@@ -471,34 +524,57 @@ static void samr_reply_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_u,
}
sid_to_string(sid_str, &sid);
- sid_to_string(sam_sid_str, &global_sam_sid);
DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n", sid_str));
/* well-known aliases */
- if (strequal(sid_str, "S-1-5-32"))
+ if (sid_equal(&sid, &global_sid_S_1_5_20))
{
char *name;
- while (num_entries < MAX_SAM_ENTRIES && ((name = builtin_alias_rids[num_entries].name) != NULL))
+
+ while ((name = builtin_alias_rids[num_entries].name) != NULL)
{
- make_unistr2(&(pass[num_entries].uni_user_name), name, strlen(name));
- pass[num_entries].user_rid = builtin_alias_rids[num_entries].rid;
- num_entries++;
+ LOCAL_GRP tmp_als;
+
+ fstrcpy(tmp_als.name , name);
+ fstrcpy(tmp_als.comment, "");
+ tmp_als.rid = builtin_alias_rids[num_entries].rid;
+
+ if (!add_domain_alias(&alss, &num_entries, &tmp_als))
+ {
+ r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
+ break;
+ }
}
}
- else if (strequal(sid_str, sam_sid_str))
+ else if (sid_equal(&sid, &global_sam_sid))
{
+ BOOL ret;
/* local aliases */
- /* oops! there's no code to deal with this */
- DEBUG(3,("samr_reply_enum_dom_aliases: enum of aliases in our domain not supported yet\n"));
num_entries = 0;
+
+ become_root(True);
+ ret = enumdomaliases(&alss, &num_entries);
+ unbecome_root(True);
+ if (!ret)
+ {
+ r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
+ }
}
- make_samr_r_enum_dom_aliases(&r_e, num_entries, pass, r_e.status);
+ if (r_e.status == 0x0)
+ {
+ make_samr_r_enum_dom_aliases(&r_e, num_entries, alss, r_e.status);
+ }
/* store the response in the SMB stream */
samr_io_r_enum_dom_aliases("", &r_e, rdata, 0);
+ if (alss != NULL)
+ {
+ free(alss);
+ }
+
DEBUG(5,("samr_enum_dom_aliases: %d\n", __LINE__));
}
@@ -669,50 +745,92 @@ static void samr_reply_lookup_ids(SAMR_Q_LOOKUP_IDS *q_u,
{
uint32 rid[MAX_SAM_ENTRIES];
uint32 status = 0;
- int num_rids = q_u->num_sids1;
+ int num_rids = 0;
+ int i;
+ struct sam_passwd *sam_pass;
+ DOM_SID usr_sid;
+ DOM_SID dom_sid;
+ uint32 user_rid;
+ fstring sam_sid_str;
+ fstring dom_sid_str;
+ fstring usr_sid_str;
SAMR_R_LOOKUP_IDS r_u;
DEBUG(5,("samr_lookup_ids: %d\n", __LINE__));
+ /* find the policy handle. open a policy on it. */
+ if (status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &dom_sid))
+ {
+ status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
+ }
+ else
+ {
+ sid_to_string(dom_sid_str, &dom_sid );
+ sid_to_string(sam_sid_str, &global_sam_sid);
+ }
+
if (num_rids > MAX_SAM_ENTRIES)
{
num_rids = MAX_SAM_ENTRIES;
DEBUG(5,("samr_lookup_ids: truncating entries to %d\n", num_rids));
}
-#if 0
- int i;
- SMB_ASSERT_ARRAY(q_u->uni_user_name, num_rids);
-
- for (i = 0; i < num_rids && status == 0; i++)
+ if (status == 0x0)
{
- struct sam_passwd *sam_pass;
- fstring user_name;
-
+ usr_sid = q_u->sid[0].sid;
+ sid_split_rid(&usr_sid, &user_rid);
+ sid_to_string(usr_sid_str, &usr_sid);
- fstrcpy(user_name, unistrn2(q_u->uni_user_name[i].buffer,
- q_u->uni_user_name[i].uni_str_len));
+ }
+ if (status == 0x0)
+ {
/* find the user account */
become_root(True);
- sam_pass = get_smb21pwd_entry(user_name, 0);
+ sam_pass = getsam21pwrid(user_rid);
unbecome_root(True);
if (sam_pass == NULL)
{
status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
- rid[i] = 0;
+ num_rids = 0;
+ }
+ }
+
+ if (status == 0x0)
+ {
+ if (sid_equal(&dom_sid, &global_sid_S_1_5_20))
+ {
+ DEBUG(5,("lookup on S-1-5-20\n"));
+ }
+ else if (sid_equal(&dom_sid, &usr_sid))
+ {
+ DOMAIN_GRP *mem_grp = NULL;
+ BOOL ret;
+
+ DEBUG(5,("lookup on Domain SID\n"));
+
+ become_root(True);
+ ret = getusergroupsnam(sam_pass->smb_name, &mem_grp, &num_rids);
+ unbecome_root(True);
+
+ num_rids = MIN(num_rids, MAX_SAM_ENTRIES);
+
+ if (mem_grp != NULL)
+ {
+ for (i = 0; i < num_rids; i++)
+ {
+ rid[i] = mem_grp[i].rid;
+ }
+ free(mem_grp);
+ }
}
else
{
- rid[i] = sam_pass->user_rid;
+ status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
}
}
-#endif
-
- num_rids = 1;
- rid[0] = BUILTIN_ALIAS_RID_USERS;
make_samr_r_lookup_ids(&r_u, num_rids, rid, status);
@@ -743,7 +861,8 @@ static void api_samr_lookup_ids( uint16 vuid, prs_struct *data, prs_struct *rdat
static void samr_reply_lookup_names(SAMR_Q_LOOKUP_NAMES *q_u,
prs_struct *rdata)
{
- uint32 rid[MAX_SAM_ENTRIES];
+ uint32 rid [MAX_SAM_ENTRIES];
+ uint8 type[MAX_SAM_ENTRIES];
uint32 status = 0;
int i;
int num_rids = q_u->num_rids1;
@@ -763,17 +882,12 @@ static void samr_reply_lookup_names(SAMR_Q_LOOKUP_NAMES *q_u,
for (i = 0; i < num_rids && status == 0; i++)
{
fstring name;
-
- status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-
fstrcpy(name, unistrn2(q_u->uni_user_name[i].buffer, q_u->uni_user_name[i].uni_str_len));
- status = (status != 0x0) ? lookup_user_rid (name, &(rid[i])) : status;
- status = (status != 0x0) ? lookup_group_rid(name, &(rid[i])) : status;
- status = (status != 0x0) ? lookup_alias_rid(name, &(rid[i])) : status;
+ status = lookup_rid(name, &(rid[i]), &(type[i]));
}
- make_samr_r_lookup_names(&r_u, num_rids, rid, status);
+ make_samr_r_lookup_names(&r_u, num_rids, rid, type, status);
/* store the response in the SMB stream */
samr_io_r_lookup_names("", &r_u, rdata, 0);
@@ -1017,7 +1131,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
{
struct smb_passwd *smb_pass;
- if (!pdb_rid_is_user(user_rid))
+ if (!pwdb_rid_is_user(user_rid))
{
DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
return False;
@@ -1050,7 +1164,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
LOGON_HRS hrs;
int i;
- if (!pdb_rid_is_user(user_rid))
+ if (!pwdb_rid_is_user(user_rid))
{
DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
return False;
@@ -1255,10 +1369,20 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
if (status == 0x0)
{
- pstring groups;
- get_domain_user_groups(groups, sam_pass->smb_name);
+ DOMAIN_GRP *mem_grp = NULL;
+ BOOL ret;
+
+ become_root(True);
+ ret = getusergroupsnam(sam_pass->smb_name, &mem_grp, &num_groups);
+ unbecome_root(True);
+
gids = NULL;
- num_groups = make_dom_gids(groups, &gids);
+ num_groups = make_dom_gids(mem_grp, num_groups, &gids);
+
+ if (mem_grp != NULL)
+ {
+ free(mem_grp);
+ }
}
/* construct the response. lkclXXXX: gids are not copied! */
@@ -1322,7 +1446,7 @@ static void samr_reply_query_dom_info(SAMR_Q_QUERY_DOMAIN_INFO *q_u,
case 0x02:
{
switch_value = 0x2;
- make_unk_info2(&ctr.info.inf2, global_myworkgroup, global_myname);
+ make_unk_info2(&ctr.info.inf2, global_sam_name, global_myname);
break;
}
diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index 097ab92d76..25dceb41a0 100644
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -22,325 +22,4 @@
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-/* this module apparently provides an implementation of DCE/RPC over a
- * named pipe (IPC$ connection using SMBtrans). details of DCE/RPC
- * documentation are available (in on-line form) from the X-Open group.
- *
- * this module should provide a level of abstraction between SMB
- * and DCE/RPC, while minimising the amount of mallocs, unnecessary
- * data copies, and network traffic.
- *
- * in this version, which takes a "let's learn what's going on and
- * get something running" approach, there is additional network
- * traffic generated, but the code should be easier to understand...
- *
- * ... if you read the docs. or stare at packets for weeks on end.
- *
- */
-
-#include "includes.h"
-#include "nterr.h"
-
-extern int DEBUGLEVEL;
-
-/*
- * A list of the rids of well known BUILTIN and Domain users
- * and groups.
- */
-
-rid_name builtin_alias_rids[] =
-{
- { BUILTIN_ALIAS_RID_ADMINS , "Administrators" },
- { BUILTIN_ALIAS_RID_USERS , "Users" },
- { BUILTIN_ALIAS_RID_GUESTS , "Guests" },
- { BUILTIN_ALIAS_RID_POWER_USERS , "Power Users" },
-
- { BUILTIN_ALIAS_RID_ACCOUNT_OPS , "Account Operators" },
- { BUILTIN_ALIAS_RID_SYSTEM_OPS , "System Operators" },
- { BUILTIN_ALIAS_RID_PRINT_OPS , "Print Operators" },
- { BUILTIN_ALIAS_RID_BACKUP_OPS , "Backup Operators" },
- { BUILTIN_ALIAS_RID_REPLICATOR , "Replicator" },
- { 0 , NULL }
-};
-
-/* array lookup of well-known Domain RID users. */
-rid_name domain_user_rids[] =
-{
- { DOMAIN_USER_RID_ADMIN , "Administrator" },
- { DOMAIN_USER_RID_GUEST , "Guest" },
- { 0 , NULL }
-};
-
-/* array lookup of well-known Domain RID groups. */
-rid_name domain_group_rids[] =
-{
- { DOMAIN_GROUP_RID_ADMINS , "Domain Admins" },
- { DOMAIN_GROUP_RID_USERS , "Domain Users" },
- { DOMAIN_GROUP_RID_GUESTS , "Domain Guests" },
- { 0 , NULL }
-};
-
-int make_dom_gids(char *gids_str, DOM_GID **ppgids)
-{
- char *ptr;
- pstring s2;
- int count;
- DOM_GID *gids;
-
- *ppgids = NULL;
-
- DEBUG(4,("make_dom_gids: %s\n", gids_str));
-
- if (gids_str == NULL || *gids_str == 0)
- return 0;
-
- for (count = 0, ptr = gids_str;
- next_token(&ptr, s2, NULL, sizeof(s2));
- count++)
- ;
-
- gids = (DOM_GID *)malloc( sizeof(DOM_GID) * count );
- if(!gids)
- {
- DEBUG(0,("make_dom_gids: malloc fail !\n"));
- return 0;
- }
-
- for (count = 0, ptr = gids_str;
- next_token(&ptr, s2, NULL, sizeof(s2)) &&
- count < LSA_MAX_GROUPS;
- count++)
- {
- /* the entries are of the form GID/ATTR, ATTR being optional.*/
- char *attr;
- uint32 rid = 0;
- int i;
-
- attr = strchr(s2,'/');
- if (attr)
- *attr++ = 0;
-
- if (!attr || !*attr)
- attr = "7"; /* default value for attribute is 7 */
-
- /* look up the RID string and see if we can turn it into a rid number */
- for (i = 0; builtin_alias_rids[i].name != NULL; i++)
- {
- if (strequal(builtin_alias_rids[i].name, s2))
- {
- rid = builtin_alias_rids[i].rid;
- break;
- }
- }
-
- if (rid == 0)
- rid = atoi(s2);
-
- if (rid == 0)
- {
- DEBUG(1,("make_dom_gids: unknown well-known alias RID %s/%s\n", s2, attr));
- count--;
- }
- else
- {
- gids[count].g_rid = rid;
- gids[count].attr = atoi(attr);
-
- DEBUG(5,("group id: %d attr: %d\n", gids[count].g_rid, gids[count].attr));
- }
- }
-
- *ppgids = gids;
- return count;
-}
-
-
-/*******************************************************************
- gets a domain user's groups
- ********************************************************************/
-void get_domain_user_groups(char *domain_groups, char *user)
-{
- pstring tmp;
-
- if (domain_groups == NULL || user == NULL) return;
-
- /* any additional groups this user is in. e.g power users */
- pstrcpy(domain_groups, lp_domain_groups());
-
- /* can only be a user or a guest. cannot be guest _and_ admin */
- if (user_in_list(user, lp_domain_guest_group()))
- {
- slprintf(tmp, sizeof(tmp) - 1, " %ld/7 ", DOMAIN_GROUP_RID_GUESTS);
- pstrcat(domain_groups, tmp);
-
- DEBUG(3,("domain guest group access %s granted\n", tmp));
- }
- else
- {
- slprintf(tmp, sizeof(tmp) -1, " %ld/7 ", DOMAIN_GROUP_RID_USERS);
- pstrcat(domain_groups, tmp);
-
- DEBUG(3,("domain group access %s granted\n", tmp));
-
- if (user_in_list(user, lp_domain_admin_group()))
- {
- slprintf(tmp, sizeof(tmp) - 1, " %ld/7 ", DOMAIN_GROUP_RID_ADMINS);
- pstrcat(domain_groups, tmp);
-
- DEBUG(3,("domain admin group access %s granted\n", tmp));
- }
- }
-}
-
-
-/*******************************************************************
- lookup_group_name
- ********************************************************************/
-uint32 lookup_group_name(uint32 rid, char *group_name, uint32 *type)
-{
- int i = 0;
- (*type) = SID_NAME_DOM_GRP;
-
- DEBUG(5,("lookup_group_name: rid: %d", rid));
-
- while (domain_group_rids[i].rid != rid && domain_group_rids[i].rid != 0)
- {
- i++;
- }
-
- if (domain_group_rids[i].rid != 0)
- {
- fstrcpy(group_name, domain_group_rids[i].name);
- DEBUG(5,(" = %s\n", group_name));
- return 0x0;
- }
-
- DEBUG(5,(" none mapped\n"));
- return 0xC0000000 | NT_STATUS_NONE_MAPPED;
-}
-
-/*******************************************************************
- lookup_alias_name
- ********************************************************************/
-uint32 lookup_alias_name(uint32 rid, char *alias_name, uint32 *type)
-{
- int i = 0;
- (*type) = SID_NAME_WKN_GRP;
-
- DEBUG(5,("lookup_alias_name: rid: %d", rid));
-
- while (builtin_alias_rids[i].rid != rid && builtin_alias_rids[i].rid != 0)
- {
- i++;
- }
-
- if (builtin_alias_rids[i].rid != 0)
- {
- fstrcpy(alias_name, builtin_alias_rids[i].name);
- DEBUG(5,(" = %s\n", alias_name));
- return 0x0;
- }
-
- DEBUG(5,(" none mapped\n"));
- return 0xC0000000 | NT_STATUS_NONE_MAPPED;
-}
-
-/*******************************************************************
- lookup_user_name
- ********************************************************************/
-uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type)
-{
- struct sam_disp_info *disp_info;
- int i = 0;
- (*type) = SID_NAME_USER;
-
- DEBUG(5,("lookup_user_name: rid: %d", rid));
-
- /* look up the well-known domain user rids first */
- while (domain_user_rids[i].rid != rid && domain_user_rids[i].rid != 0)
- {
- i++;
- }
-
- if (domain_user_rids[i].rid != 0)
- {
- fstrcpy(user_name, domain_user_rids[i].name);
- DEBUG(5,(" = %s\n", user_name));
- return 0x0;
- }
-
- /* ok, it's a user. find the user account */
- become_root(True);
- disp_info = getsamdisprid(rid);
- unbecome_root(True);
-
- if (disp_info != NULL)
- {
- fstrcpy(user_name, disp_info->smb_name);
- DEBUG(5,(" = %s\n", user_name));
- return 0x0;
- }
-
- DEBUG(5,(" none mapped\n"));
- return 0xC0000000 | NT_STATUS_NONE_MAPPED;
-}
-
-/*******************************************************************
- lookup_group_rid
- ********************************************************************/
-uint32 lookup_group_rid(char *group_name, uint32 *rid)
-{
- char *grp_name;
- int i = -1; /* start do loop at -1 */
-
- do /* find, if it exists, a group rid for the group name*/
- {
- i++;
- (*rid) = domain_group_rids[i].rid;
- grp_name = domain_group_rids[i].name;
-
- } while (grp_name != NULL && !strequal(grp_name, group_name));
-
- return (grp_name != NULL) ? 0 : 0xC0000000 | NT_STATUS_NONE_MAPPED;
-}
-
-/*******************************************************************
- lookup_alias_rid
- ********************************************************************/
-uint32 lookup_alias_rid(char *alias_name, uint32 *rid)
-{
- char *als_name;
- int i = -1; /* start do loop at -1 */
-
- do /* find, if it exists, a alias rid for the alias name*/
- {
- i++;
- (*rid) = builtin_alias_rids[i].rid;
- als_name = builtin_alias_rids[i].name;
-
- } while (als_name != NULL && !strequal(als_name, alias_name));
-
- return (als_name != NULL) ? 0 : 0xC0000000 | NT_STATUS_NONE_MAPPED;
-}
-
-/*******************************************************************
- lookup_user_rid
- ********************************************************************/
-uint32 lookup_user_rid(char *user_name, uint32 *rid)
-{
- struct sam_passwd *sam_pass;
- (*rid) = 0;
-
- /* find the user account */
- become_root(True);
- sam_pass = getsam21pwnam(user_name);
- unbecome_root(True);
-
- if (sam_pass != NULL)
- {
- (*rid) = sam_pass->user_rid;
- return 0x0;
- }
-
- return 0xC0000000 | NT_STATUS_NONE_MAPPED;
-}
+/* retired module */
diff --git a/source3/smbd/groupname.c b/source3/smbd/groupname.c
index 4afa9ece88..2b87cad330 100644
--- a/source3/smbd/groupname.c
+++ b/source3/smbd/groupname.c
@@ -19,12 +19,43 @@
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-#ifdef USING_GROUPNAME_MAP
+/*
+ * UNIX gid and Local or Domain SID resolution. This module resolves
+ * only those entries in the map files, it is *NOT* responsible for
+ * resolving UNIX groups not listed: that is an entirely different
+ * matter, altogether...
+ */
+
+/*
+ *
+ *
+
+ format of the file is:
+
+ unixname NT Group name
+ unixname Domain Admins (well-known Domain Group)
+ unixname DOMAIN_NAME\NT Group name
+ unixname OTHER_DOMAIN_NAME\NT Group name
+ unixname DOMAIN_NAME\Domain Admins (well-known Domain Group)
+ ....
+
+ if the DOMAIN_NAME\ component is left off, then your own domain is assumed.
+
+ *
+ *
+ */
+
#include "includes.h"
extern int DEBUGLEVEL;
-extern DOM_SID global_sam_sid;
+/* we can map either local aliases or domain groups */
+typedef enum
+{
+ GROUP_LOCAL,
+ GROUP_DOMAIN
+
+} GROUP_TYPE;
/**************************************************************************
Groupname map functionality. The code loads a groupname map file and
@@ -33,211 +64,543 @@ extern DOM_SID global_sam_sid;
if the demands on it become excessive.
***************************************************************************/
-typedef struct groupname_map {
- ubi_slNode next;
-
- char *windows_name;
- DOM_SID windows_sid;
+typedef struct group_name_info
+{
+ char *nt_name;
+ char *nt_domain;
char *unix_name;
- gid_t unix_gid;
-} groupname_map_entry;
+
+ DOM_SID sid;
+ gid_t unix_gid;
+
+} GROUP_NAME_INFO;
+
+typedef struct name_map
+{
+ ubi_slNode next;
+ GROUP_NAME_INFO grp;
+
+} name_map_entry;
static ubi_slList groupname_map_list;
+static ubi_slList aliasname_map_list;
+
+static void delete_name_entry(name_map_entry *gmep)
+{
+ if (gmep->grp.nt_name)
+ {
+ free(gmep->grp.nt_name);
+ }
+ if (gmep->grp.nt_domain)
+ {
+ free(gmep->grp.nt_domain);
+ }
+ if (gmep->grp.unix_name)
+ {
+ free(gmep->grp.unix_name);
+ }
+ free((char*)gmep);
+}
+
+/**************************************************************************
+ Delete all the entries in the name map list.
+***************************************************************************/
+
+static void delete_map_list(ubi_slList *map_list)
+{
+ name_map_entry *gmep;
+
+ while ((gmep = (name_map_entry *)ubi_slRemHead(map_list )) != NULL)
+ {
+ delete_name_entry(gmep);
+ }
+}
+
/**************************************************************************
- Delete all the entries in the groupname map list.
+ makes a group sid out of a domain sid and a _unix_ gid.
***************************************************************************/
+static BOOL make_mydomain_sid(GROUP_NAME_INFO *grp, GROUP_TYPE type)
+{
+ uint32 tmp_rid;
+ uint8 tmp_type;
+
+ DEBUG(10,("make_mydomain_sid\n"));
+
+ if (!map_domain_name_to_sid(&grp->sid, &(grp->nt_domain)))
+ {
+ DEBUG(0,("make_mydomain_sid: unknown domain %s\n",
+ grp->nt_domain));
+ return False;
+ }
+ else if (lookup_wk_group_rid(grp->nt_name, &tmp_rid, &tmp_type))
+ {
+ return sid_append_rid(&grp->sid, tmp_rid);
+ }
+ else
+ {
+ if (type == GROUP_DOMAIN)
+ {
+ tmp_rid = pwdb_gid_to_group_rid(grp->unix_gid);
+ }
+ else
+ {
+ tmp_rid = pwdb_gid_to_alias_rid(grp->unix_gid);
+ }
+ return sid_append_rid(&(grp->sid), tmp_rid);
+ }
+}
-static void delete_groupname_map_list(void)
+/**************************************************************************
+ makes a group sid out of an nt domain, nt group name or a unix group name.
+***************************************************************************/
+static BOOL unix_name_to_group_info(GROUP_NAME_INFO *grp, GROUP_TYPE type)
{
- groupname_map_entry *gmep;
+ extern fstring global_sam_name;
+ struct group *gptr = NULL;
+
+ /*
+ * Attempt to get the unix gid_t for this name.
+ */
+
+ DEBUG(5,("unix_name_to_group_info: unix_name:%s\n", grp->unix_name));
+
+ gptr = (struct group *)getgrnam(grp->unix_name);
+ if (gptr == NULL)
+ {
+ DEBUG(0,("unix_name_to_group_info: getgrnam for group %s\
+failed. Error was %s.\n", grp->unix_name, strerror(errno) ));
+ return False;
+ }
+
+ grp->unix_gid = (gid_t)gptr->gr_gid;
+
+ DEBUG(5,("unix_name_to_group_info: unix gid:%d\n", grp->unix_gid));
+
+ /*
+ * Now map the name to an NT SID+RID.
+ */
+
+ if (grp->nt_domain != NULL && !strequal(grp->nt_domain, global_sam_name))
+ {
+ /* Must add client-call lookup code here, to
+ * resolve remote domain's sid and the group's rid,
+ * in that domain.
+ *
+ * NOTE: it is _incorrect_ to put code here that assumes
+ * that we can call pwdb_gid_to_group_rid() or _alias_rid():
+ * it is a totally different domain for which we are *NOT*
+ * responsible.
+ * for foriegn domains for which we are *NOT* the PDC, all
+ * we can be responsible for is the unix * gid_t to which
+ * the foriegn SID+rid maps to, on this _local_ machine.
+ */
+
+ if (!map_domain_name_to_sid(&grp->sid, &(grp->nt_domain)))
+ {
+ DEBUG(0,("unix_name_to_group_info: no known sid for %s\n",
+ grp->nt_domain));
+ return False;
+ }
+
+ DEBUG(0,("unix_name_to_group_info: cannot resolve domain %s\n",
+ grp->nt_domain));
+
+ return False;
+ }
+ else
+ {
+ return make_mydomain_sid(grp, type);
+ }
+}
- while((gmep = (groupname_map_entry *)ubi_slRemHead( &groupname_map_list )) != NULL) {
- if(gmep->windows_name)
- free(gmep->windows_name);
- if(gmep->unix_name)
- free(gmep->unix_name);
- free((char *)gmep);
- }
+static BOOL make_name_entry(name_map_entry **new_ep,
+ char *nt_domain, char *nt_group, char *unix_group,
+ GROUP_TYPE type)
+{
+ /*
+ * Create the list entry and add it onto the list.
+ */
+
+ DEBUG(5,("make_name_entry:%s,%s,%s\n", nt_domain, nt_group, unix_group));
+
+ (*new_ep) = (name_map_entry *)malloc(sizeof(name_map_entry));
+ if ((*new_ep) == NULL)
+ {
+ DEBUG(0,("make_name_entry: malloc fail for name_map_entry.\n"));
+ return False;
+ }
+
+ ZERO_STRUCTP(*new_ep);
+
+ (*new_ep)->grp.nt_name = strdup(nt_group );
+ (*new_ep)->grp.nt_domain = strdup(nt_domain );
+ (*new_ep)->grp.unix_name = strdup(unix_group);
+
+ if ((*new_ep)->grp.nt_name == NULL ||
+ (*new_ep)->grp.unix_name == NULL)
+ {
+ DEBUG(0,("make_name_entry: malloc fail for names in name_map_entry.\n"));
+ delete_name_entry((*new_ep));
+ return False;
+ }
+
+ /*
+ * look up the group names, make the Group-SID and unix gid
+ */
+
+ if (!unix_name_to_group_info(&(*new_ep)->grp, type))
+ {
+ delete_name_entry((*new_ep));
+ return False;
+ }
+
+ return True;
}
/**************************************************************************
- Load a groupname map file. Sets last accessed timestamp.
+ Load a name map file. Sets last accessed timestamp.
***************************************************************************/
+static void load_name_map(GROUP_TYPE type)
+{
+ static time_t groupmap_file_last_modified = (time_t)0;
+ static time_t aliasmap_file_last_modified = (time_t)0;
+ static BOOL initialised_group = False;
+ static BOOL initialised_alias = False;
+ char *groupname_map_file = lp_groupname_map();
+ char *aliasname_map_file = lp_aliasname_map();
+
+ SMB_STRUCT_STAT st;
+ FILE *fp;
+ char *s;
+ pstring buf;
+ name_map_entry *new_ep;
+
+ time_t *file_last_modified;
+ int *initialised;
+ char *map_file;
+ ubi_slList *map_list;
+
+ if (type == GROUP_DOMAIN)
+ {
+ file_last_modified = &groupmap_file_last_modified;
+ initialised = &initialised_group;
+ map_file = groupname_map_file;
+ map_list = &groupname_map_list;
+ }
+ else
+ {
+ file_last_modified = &aliasmap_file_last_modified;
+ initialised = &initialised_alias;
+ map_file = aliasname_map_file;
+ map_list = &aliasname_map_list;
+ }
+
+ DEBUG(10,("load_name_map : %s\n", map_file));
+
+ if (!(*initialised))
+ {
+ ubi_slInitList(map_list);
+ (*initialised) = True;
+ }
+
+ if (!*map_file)
+ {
+ return;
+ }
+
+ if (sys_stat(map_file, &st) != 0)
+ {
+ DEBUG(0, ("load_name_map: Unable to stat file %s. Error was %s\n",
+ map_file, strerror(errno) ));
+ return;
+ }
+
+ /*
+ * Check if file has changed.
+ */
+ if (st.st_mtime <= (*file_last_modified))
+ {
+ return;
+ }
+
+ (*file_last_modified) = st.st_mtime;
+
+ /*
+ * Load the file.
+ */
+
+ fp = fopen(map_file,"r");
+ if (!fp)
+ {
+ DEBUG(0,("load_name_map: can't open name map %s. Error was %s\n",
+ map_file, strerror(errno)));
+ return;
+ }
+
+ /*
+ * Throw away any previous list.
+ */
+ delete_map_list(map_list);
+
+ DEBUG(4,("load_name_map: Scanning name map %s\n",map_file));
+
+ while ((s = fgets_slash(buf, sizeof(buf), fp)) != NULL)
+ {
+ pstring unixname;
+ pstring nt_name;
+ fstring nt_domain;
+ fstring nt_group;
+ char *p;
+
+ DEBUG(10,("Read line |%s|\n", s));
+
+ memset(nt_name, 0, sizeof(nt_name));
+
+ if (!*s || strchr("#;",*s))
+ continue;
+
+ if (!next_token(&s,unixname, "\t\n\r=", sizeof(unixname)))
+ continue;
+
+ if (!next_token(&s,nt_name, "\t\n\r=", sizeof(nt_name)))
+ continue;
+
+ trim_string(unixname, " ", " ");
+ trim_string(nt_name, " ", " ");
+
+ if (!*nt_name)
+ continue;
+
+ if (!*unixname)
+ continue;
+
+ DEBUG(5,("unixname = %s, ntname = %s.\n",
+ unixname, nt_name));
+
+ p = strchr(nt_name, '\\');
+
+ if (p == NULL)
+ {
+ memset(nt_domain, 0, sizeof(nt_domain));
+ fstrcpy(nt_group, nt_name);
+ }
+ else
+ {
+ *p = 0;
+ p++;
+ fstrcpy(nt_domain, nt_name);
+ fstrcpy(nt_group , p);
+ }
+
+ if (make_name_entry(&new_ep, nt_domain, nt_name, unixname, type))
+ {
+ ubi_slAddHead(map_list, (ubi_slNode *)new_ep);
+ }
+ }
+
+ DEBUG(10,("load_name_map: Added %ld entries to name map.\n",
+ ubi_slCount(map_list)));
+
+ fclose(fp);
+}
+
+/***********************************************************
+ Lookup a gid_t by SID
+************************************************************/
+static BOOL map_sid_to_gid(GROUP_TYPE type, ubi_slList *map_list,
+ DOM_SID *psid, gid_t *gid)
+{
+ name_map_entry *gmep;
+
+ /*
+ * Initialize and load if not already loaded.
+ */
+ load_name_map(type);
+
+ for (gmep = (name_map_entry *)ubi_slFirst(map_list);
+ gmep != NULL;
+ gmep = (name_map_entry *)ubi_slNext(gmep ))
+ {
+ if (sid_equal(&gmep->grp.sid, psid))
+ {
+ *gid = gmep->grp.unix_gid;
+ DEBUG(7,("map_sid_to_gid: Mapping unix group %s to nt group %s.\n",
+ gmep->grp.unix_name, gmep->grp.nt_name ));
+ return True;
+ }
+ }
+
+ return False;
+}
+
+/***********************************************************
+ Lookup a SID entry by nt name.
+************************************************************/
+static BOOL map_sid_to_ntname(GROUP_TYPE type, ubi_slList *map_list,
+ DOM_SID *psid, char *ntname, char *ntdomain)
+{
+ name_map_entry *gmep;
+
+ /*
+ * Initialize and load if not already loaded.
+ */
+ load_name_map(type);
+
+ for (gmep = (name_map_entry *)ubi_slFirst(&map_list);
+ gmep != NULL;
+ gmep = (name_map_entry *)ubi_slNext(gmep ))
+ {
+ if (sid_equal(&gmep->grp.sid, psid))
+ {
+ if (ntname != NULL)
+ {
+ fstrcpy(ntname, gmep->grp.nt_name);
+ }
+ if (ntdomain != NULL)
+ {
+ fstrcpy(ntname, gmep->grp.nt_domain);
+ }
+ DEBUG(7,("map_sid_to_ntname: Mapping unix group %s to nt group \%s\%s\n",
+ gmep->grp.unix_name,
+ gmep->grp.nt_domain, gmep->grp.nt_name ));
+ return True;
+ }
+ }
+
+ return False;
+}
-void load_groupname_map(void)
-{
- static time_t groupmap_file_last_modified = (time_t)0;
- static BOOL initialized = False;
- char *groupname_map_file = lp_groupname_map();
- SMB_STRUCT_STAT st;
- FILE *fp;
- char *s;
- pstring buf;
- groupname_map_entry *new_ep;
-
- if(!initialized) {
- ubi_slInitList( &groupname_map_list );
- initialized = True;
- }
-
- if (!*groupname_map_file)
- return;
-
- if(sys_stat(groupname_map_file, &st) != 0) {
- DEBUG(0, ("load_groupname_map: Unable to stat file %s. Error was %s\n",
- groupname_map_file, strerror(errno) ));
- return;
- }
-
- /*
- * Check if file has changed.
- */
- if( st.st_mtime <= groupmap_file_last_modified)
- return;
-
- groupmap_file_last_modified = st.st_mtime;
-
- /*
- * Load the file.
- */
-
- fp = fopen(groupname_map_file,"r");
- if (!fp) {
- DEBUG(0,("load_groupname_map: can't open groupname map %s. Error was %s\n",
- groupname_map_file, strerror(errno)));
- return;
- }
-
- /*
- * Throw away any previous list.
- */
- delete_groupname_map_list();
-
- DEBUG(4,("load_groupname_map: Scanning groupname map %s\n",groupname_map_file));
-
- while((s=fgets_slash(buf,sizeof(buf),fp))!=NULL) {
- pstring unixname;
- pstring windows_name;
- struct group *gptr;
- DOM_SID tmp_sid;
-
- DEBUG(10,("load_groupname_map: Read line |%s|\n", s));
-
- if (!*s || strchr("#;",*s))
- continue;
-
- if(!next_token(&s,unixname, "\t\n\r=", sizeof(unixname)))
- continue;
-
- if(!next_token(&s,windows_name, "\t\n\r=", sizeof(windows_name)))
- continue;
-
- trim_string(unixname, " ", " ");
- trim_string(windows_name, " ", " ");
-
- if (!*windows_name)
- continue;
-
- if(!*unixname)
- continue;
-
- DEBUG(5,("load_groupname_map: unixname = %s, windowsname = %s.\n",
- unixname, windows_name));
-
- /*
- * Attempt to get the unix gid_t for this name.
- */
-
- if((gptr = (struct group *)getgrnam(unixname)) == NULL) {
- DEBUG(0,("load_groupname_map: getgrnam for group %s failed.\
-Error was %s.\n", unixname, strerror(errno) ));
- continue;
- }
-
- /*
- * Now map to an NT SID.
- */
-
- if(!lookup_wellknown_sid_from_name(windows_name, &tmp_sid)) {
- /*
- * It's not a well known name, convert the UNIX gid_t
- * to a rid within this domain SID.
- */
- tmp_sid = global_sam_sid;
- tmp_sid.sub_auths[tmp_sid.num_auths++] =
- pdb_gid_to_group_rid((gid_t)gptr->gr_gid);
- }
-
- /*
- * Create the list entry and add it onto the list.
- */
-
- if((new_ep = (groupname_map_entry *)malloc( sizeof(groupname_map_entry) ))== NULL) {
- DEBUG(0,("load_groupname_map: malloc fail for groupname_map_entry.\n"));
- fclose(fp);
- return;
- }
-
- new_ep->unix_gid = gptr->gr_gid;
- new_ep->windows_sid = tmp_sid;
- new_ep->windows_name = strdup( windows_name );
- new_ep->unix_name = strdup( unixname );
-
- if(new_ep->windows_name == NULL || new_ep->unix_name == NULL) {
- DEBUG(0,("load_groupname_map: malloc fail for names in groupname_map_entry.\n"));
- fclose(fp);
- if(new_ep->windows_name != NULL)
- free(new_ep->windows_name);
- if(new_ep->unix_name != NULL)
- free(new_ep->unix_name);
- free((char *)new_ep);
- return;
- }
- memset((char *)&new_ep->next, '\0', sizeof(new_ep->next) );
-
- ubi_slAddHead( &groupname_map_list, (ubi_slNode *)new_ep);
- }
-
- DEBUG(10,("load_groupname_map: Added %ld entries to groupname map.\n",
- ubi_slCount(&groupname_map_list)));
-
- fclose(fp);
+/***********************************************************
+ Lookup a SID entry by nt name.
+************************************************************/
+static BOOL map_ntname_to_sid(GROUP_TYPE type, ubi_slList *map_list,
+ char * ntname, DOM_SID *psid)
+{
+ name_map_entry *gmep;
+
+ /*
+ * Initialize and load if not already loaded.
+ */
+ load_name_map(type);
+
+ for (gmep = (name_map_entry *)ubi_slFirst(&map_list);
+ gmep != NULL;
+ gmep = (name_map_entry *)ubi_slNext(gmep ))
+ {
+ if (strequal(gmep->grp.nt_name, ntname))
+ {
+ *psid = gmep->grp.sid;
+ DEBUG(7,("map_ntname_to_sid: Mapping unix group %s to nt group %s.\n",
+ gmep->grp.unix_name, gmep->grp.nt_name ));
+ return True;
+ }
+ }
+
+ return False;
}
/***********************************************************
Lookup a SID entry by gid_t.
************************************************************/
+static BOOL map_gid_to_sid(GROUP_TYPE type, ubi_slList *map_list,
+ gid_t gid, DOM_SID *psid)
+{
+ name_map_entry *gmep;
+
+ /*
+ * Initialize and load if not already loaded.
+ */
+ load_name_map(type);
+
+ for (gmep = (name_map_entry *)ubi_slFirst(&map_list);
+ gmep != NULL;
+ gmep = (name_map_entry *)ubi_slNext(gmep ))
+ {
+ if (gmep->grp.unix_gid == gid)
+ {
+ *psid = gmep->grp.sid;
+ DEBUG(7,("map_gid_to_sid: Mapping unix group %s to nt group %s.\n",
+ gmep->grp.unix_name, gmep->grp.nt_name ));
+ return True;
+ }
+ }
+
+ return False;
+}
+
+/*
+ * Call these four functions to resolve unix group ids and either
+ * local group SIDs or domain group SIDs listed in the local group
+ * or domain group map files.
+ *
+ * Note that it is *NOT* the responsibility of these functions to
+ * resolve entries that are not in the map files.
+ *
+ * Any SID can be in the map files (i.e from any Domain).
+ */
-void map_gid_to_sid( gid_t gid, DOM_SID *psid)
+/***********************************************************
+ Lookup a Group entry by sid.
+************************************************************/
+BOOL map_group_sid_to_name(DOM_SID *psid, char *group_name, char *nt_domain)
+{
+ return map_sid_to_ntname(GROUP_DOMAIN, &groupname_map_list, psid, group_name, nt_domain);
+}
+
+/***********************************************************
+ Lookup an Alias SID entry by name.
+************************************************************/
+BOOL map_alias_sid_to_name(DOM_SID *psid, char *alias_name, char *nt_domain)
+{
+ return map_sid_to_ntname(GROUP_LOCAL, &aliasname_map_list, psid, alias_name, nt_domain);
+}
+
+/***********************************************************
+ Lookup a Group SID entry by name.
+************************************************************/
+BOOL map_group_name_to_sid(char *group_name, DOM_SID *psid)
{
- groupname_map_entry *gmep;
+ return map_ntname_to_sid(GROUP_DOMAIN, &groupname_map_list, group_name, psid);
+}
- /*
- * Initialize and load if not already loaded.
- */
- load_groupname_map();
+/***********************************************************
+ Lookup an Alias SID entry by name.
+************************************************************/
+BOOL map_alias_name_to_sid(char *alias_name, DOM_SID *psid)
+{
+ return map_ntname_to_sid(GROUP_LOCAL, &aliasname_map_list, alias_name, psid);
+}
- for( gmep = (groupname_map_entry *)ubi_slFirst( &groupname_map_list);
- gmep; gmep = (groupname_map_entry *)ubi_slNext( gmep )) {
+/***********************************************************
+ Lookup an Alias SID entry by gid_t.
+************************************************************/
+BOOL map_gid_to_alias_sid(gid_t gid, DOM_SID *psid)
+{
+ return map_gid_to_sid(GROUP_LOCAL, &aliasname_map_list, gid, psid);
+}
- if( gmep->unix_gid == gid) {
- *psid = gmep->windows_sid;
- DEBUG(7,("map_gid_to_sid: Mapping unix group %s to windows group %s.\n",
- gmep->unix_name, gmep->windows_name ));
- return;
- }
- }
+/***********************************************************
+ Lookup a Group SID entry by gid_t.
+************************************************************/
+BOOL map_gid_to_group_sid( gid_t gid, DOM_SID *psid)
+{
+ return map_gid_to_sid(GROUP_DOMAIN, &groupname_map_list, gid, psid);
+}
- /*
- * If there's no map, convert the UNIX gid_t
- * to a rid within this domain SID.
- */
- *psid = global_sam_sid;
- psid->sub_auths[psid->num_auths++] = pdb_gid_to_group_rid(gid);
+/***********************************************************
+ Lookup a Group gid_t by SID
+************************************************************/
+BOOL map_group_sid_to_gid( DOM_SID *psid, gid_t *gid)
+{
+ return map_sid_to_gid(GROUP_DOMAIN, &groupname_map_list, psid, gid);
+}
- return;
+/***********************************************************
+ Lookup an Alias gid_t by SID
+************************************************************/
+BOOL map_alias_sid_to_gid( DOM_SID *psid, gid_t *gid)
+{
+ return map_sid_to_gid(GROUP_LOCAL, &aliasname_map_list, psid, gid);
}
-#else /* USING_GROUPNAME_MAP */
- void load_groupname_map(void) {;}
-#endif /* USING_GROUPNAME_MAP */
+
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 8b4049cd96..e4f0d2e2ec 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -562,8 +562,8 @@ int reply_ntcreate_and_X(connection_struct *conn,
/* If it's an IPC, use the pipe handler. */
- if (IS_IPC(conn) && lp_nt_pipe_support()) {
-
+ if (IS_IPC(conn) && lp_nt_pipe_support() && lp_security() != SEC_SHARE)
+ {
int ret = nt_open_pipe(fname, conn, inbuf, outbuf, &pnum);
if(ret != 0)
return ret;
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index fb5acf156f..0c8eb124ff 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -153,7 +153,7 @@ char *validated_username(uint16 vuid)
/****************************************************************************
Setup the groups a user belongs to.
****************************************************************************/
-int setup_groups(char *user, uid_t uid, gid_t gid, int *p_ngroups, gid_t **p_groups)
+int get_unixgroups(char *user, uid_t uid, gid_t gid, int *p_ngroups, gid_t **p_groups)
{
int i,ngroups;
gid_t grp = 0;
@@ -180,7 +180,7 @@ int setup_groups(char *user, uid_t uid, gid_t gid, int *p_ngroups, gid_t **p_gro
if((groups = (gid_t *)malloc(sizeof(gid_t)*ngroups)) == NULL)
{
- DEBUG(0,("setup_groups malloc fail !\n"));
+ DEBUG(0,("get_unixgroups malloc fail !\n"));
return -1;
}
@@ -263,7 +263,7 @@ uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name,
/* Find all the groups this uid is in and store them.
Used by become_user() */
- setup_groups(unix_name,uid,gid,
+ get_unixgroups(unix_name,uid,gid,
&vuser->n_groups,
&vuser->groups);
@@ -1142,15 +1142,10 @@ BOOL domain_client_validate( char *user, char *domain,
unsigned char local_lm_response[24];
unsigned char local_nt_reponse[24];
unsigned char trust_passwd[16];
- fstring remote_machine;
- char *p;
- struct in_addr dest_ip;
NET_ID_INFO_CTR ctr;
NET_USER_INFO_3 info3;
struct cli_state cli;
uint32 smb_uid_low;
- BOOL connected_ok = False;
- struct nmb_name calling, called;
/*
* Check that the requested domain is not our own machine name.
@@ -1211,102 +1206,9 @@ BOOL domain_client_validate( char *user, char *domain,
* see if they were valid.
*/
- ZERO_STRUCT(cli);
-
- if(cli_initialise(&cli) == False) {
- DEBUG(0,("domain_client_validate: unable to initialize client connection.\n"));
- return False;
- }
-
- /*
- * Treat each name in the 'password server =' line as a potential
- * PDC/BDC. Contact each in turn and try and authenticate.
- */
-
- p = lp_passwordserver();
- while(p && next_token(&p,remote_machine,LIST_SEP,sizeof(remote_machine))) {
-
- standard_sub_basic(remote_machine);
- strupper(remote_machine);
-
- if(!resolve_name( remote_machine, &dest_ip, 0x20)) {
- DEBUG(1,("domain_client_validate: Can't resolve address for %s\n", remote_machine));
- continue;
- }
-
- if (ismyip(dest_ip)) {
- DEBUG(1,("domain_client_validate: Password server loop - not using password server %s\n",remote_machine));
- continue;
- }
-
- if (!cli_connect(&cli, remote_machine, &dest_ip)) {
- DEBUG(0,("domain_client_validate: unable to connect to SMB server on \
-machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
- continue;
- }
-
- make_nmb_name(&calling, global_myname , 0x0 , scope);
- make_nmb_name(&called , remote_machine, 0x20, scope);
-
- if (!cli_session_request(&cli, &calling, &called))
+ if (!cli_connect_serverlist(&cli, lp_passwordserver()))
{
- DEBUG(0,("domain_client_validate: machine %s rejected the session setup. \
-Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
- cli_shutdown(&cli);
- continue;
- }
-
- cli.protocol = PROTOCOL_NT1;
-
- if (!cli_negprot(&cli)) {
- DEBUG(0,("domain_client_validate: machine %s rejected the negotiate protocol. \
-Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
- cli_shutdown(&cli);
- continue;
- }
-
- if (cli.protocol != PROTOCOL_NT1) {
- DEBUG(0,("domain_client_validate: machine %s didn't negotiate NT protocol.\n",
- remote_machine));
- cli_shutdown(&cli);
- continue;
- }
-
- /*
- * Do an anonymous session setup.
- */
-
- if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) {
- DEBUG(0,("domain_client_validate: machine %s rejected the session setup. \
-Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
- cli_shutdown(&cli);
- continue;
- }
-
- if (!(cli.sec_mode & 1)) {
- DEBUG(1,("domain_client_validate: machine %s isn't in user level security mode\n",
- remote_machine));
- cli_shutdown(&cli);
- continue;
- }
-
- if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
- DEBUG(0,("domain_client_validate: machine %s rejected the tconX on the IPC$ share. \
-Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
- cli_shutdown(&cli);
- continue;
- }
-
- /*
- * We have an anonymous connection to IPC$.
- */
- connected_ok = True;
- break;
- }
-
- if (!connected_ok) {
DEBUG(0,("domain_client_validate: Domain password server not available.\n"));
- cli_shutdown(&cli);
return False;
}
@@ -1317,7 +1219,7 @@ Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
if(cli_nt_session_open(&cli, PIPE_NETLOGON) == False) {
DEBUG(0,("domain_client_validate: unable to open the domain client session to \
-machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli)));
+machine %s. Error was : %s.\n", cli.desthost, cli_errstr(&cli)));
cli_nt_session_close(&cli);
cli_ulogoff(&cli);
cli_shutdown(&cli);
@@ -1326,7 +1228,7 @@ machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli)));
if(cli_nt_setup_creds(&cli, trust_passwd) == False) {
DEBUG(0,("domain_client_validate: unable to setup the PDC credentials to machine \
-%s. Error was : %s.\n", remote_machine, cli_errstr(&cli)));
+%s. Error was : %s.\n", cli.desthost, cli_errstr(&cli)));
cli_nt_session_close(&cli);
cli_ulogoff(&cli);
cli_shutdown(&cli);
@@ -1341,7 +1243,7 @@ machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli)));
((smb_ntpasslen != 0) ? smb_ntpasswd : NULL),
&ctr, &info3) == False) {
DEBUG(0,("domain_client_validate: unable to validate password for user %s in domain \
-%s to Domain controller %s. Error was %s.\n", user, domain, remote_machine, cli_errstr(&cli)));
+%s to Domain controller %s. Error was %s.\n", user, domain, cli.desthost, cli_errstr(&cli)));
cli_nt_session_close(&cli);
cli_ulogoff(&cli);
cli_shutdown(&cli);
@@ -1361,7 +1263,7 @@ machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli)));
if(cli_nt_logoff(&cli, &ctr) == False) {
DEBUG(0,("domain_client_validate: unable to log off user %s in domain \
-%s to Domain controller %s. Error was %s.\n", user, domain, remote_machine, cli_errstr(&cli)));
+%s to Domain controller %s. Error was %s.\n", user, domain, cli.desthost, cli_errstr(&cli)));
cli_nt_session_close(&cli);
cli_ulogoff(&cli);
cli_shutdown(&cli);
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index ee0053aed0..78a09e46e7 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -1403,8 +1403,10 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt
files_struct *fsp;
/* If it's an IPC, pass off the pipe handler. */
- if (IS_IPC(conn) && lp_nt_pipe_support())
+ if (IS_IPC(conn) && lp_nt_pipe_support() && lp_security() != SEC_SHARE)
+ {
return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize);
+ }
/* XXXX we need to handle passed times, sattr and flags */
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 68f722ff51..49816e5d47 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -25,6 +25,7 @@
pstring servicesf = CONFIGFILE;
extern pstring debugf;
extern fstring global_myworkgroup;
+extern fstring global_sam_name;
extern pstring global_myname;
int am_parent = 1;
@@ -428,6 +429,13 @@ void exit_server(char *reason)
locking_end();
DEBUG(3,("Server exit (%s)\n", (reason ? reason : "")));
+#ifdef MEM_MAN
+ {
+ extern FILE *dbf;
+ smb_mem_write_verbose(dbf);
+ dbgflush();
+ }
+#endif
exit(0);
}
@@ -644,12 +652,42 @@ static void usage(char *pname)
codepage_initialise(lp_client_code_page());
fstrcpy(global_myworkgroup, lp_workgroup());
+ memset(global_sam_name, 0, sizeof(global_sam_name));
+
+ if (lp_domain_logons())
+ {
+ if (lp_security() == SEC_USER)
+ {
+ /* we are PDC (or BDC) for a Domain */
+ fstrcpy(global_sam_name, lp_workgroup());
+ }
+ else if (lp_security() == SEC_DOMAIN)
+ {
+ /* we are a "PDC", but FOR LOCAL SAM DATABASE ONLY */
+ fstrcpy(global_sam_name, global_myname);
+ }
+ else if (lp_security() == SEC_SHARE)
+ {
+ DEBUG(0,("ERROR: no Domain functionality in security = share\n"));
+ exit(1);
+ }
+ }
+
+ generate_wellknown_sids();
- if(!pdb_generate_sam_sid()) {
+ if (!generate_sam_sid())
+ {
DEBUG(0,("ERROR: Samba cannot create a SAM SID.\n"));
exit(1);
}
+ if (lp_security() == SEC_DOMAIN && !get_member_domain_sid())
+ {
+ DEBUG(0,("ERROR: Samba cannot obtain PDC SID from PDC(s) %s.\n",
+ lp_passwordserver()));
+ exit(1);
+ }
+
CatchSignal(SIGHUP,SIGNAL_CAST sig_hup);
/* Setup the signals that allow the debug log level
@@ -696,7 +734,16 @@ static void usage(char *pname)
if (!locking_init(0))
exit(1);
- if(!initialize_password_db())
+ if(!initialise_passgrp_db())
+ exit(1);
+
+ if(!initialise_password_db())
+ exit(1);
+
+ if(!initialise_group_db())
+ exit(1);
+
+ if(!initialise_alias_db())
exit(1);
/* possibly reload the services file. */
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index ee195e12ec..cedac1c76f 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -387,7 +387,7 @@ connection_struct *make_connection(char *service,char *user,char *password, int
if (!IS_IPC(conn)) {
/* Find all the groups this uid is in and
store them. Used by become_user() */
- setup_groups(conn->user,conn->uid,conn->gid,
+ get_unixgroups(conn->user,conn->uid,conn->gid,
&conn->ngroups,&conn->groups);
/* check number of connections */
diff --git a/source3/utils/rpctorture.c b/source3/utils/rpctorture.c
index 96d1181ca0..dac64a22e3 100644
--- a/source3/utils/rpctorture.c
+++ b/source3/utils/rpctorture.c
@@ -49,7 +49,36 @@ struct cli_state *smb_cli = &smbcli;
FILE *out_hnd;
+static pstring user_name; /* local copy only, if one is entered */
static pstring password; /* local copy only, if one is entered */
+static pstring domain; /* local copy only, if one is entered */
+BOOL got_pass = False;
+
+static struct nmb_name calling;
+static struct nmb_name called;
+
+static void get_passwd(void)
+{
+ /* set the password cache info */
+ if (got_pass)
+ {
+ if (password[0] == 0)
+ {
+ pwd_set_nullpwd(&(smb_cli->pwd));
+ }
+ else
+ {
+ pwd_make_lm_nt_16(&(smb_cli->pwd), password); /* generate 16 byte hashes */
+ }
+ }
+ else
+ {
+ char *pwd = getpass("Enter Password:");
+ safe_strcpy(password, pwd, sizeof(password));
+ pwd_make_lm_nt_16(&(smb_cli->pwd), password); /* generate 16 byte hashes */
+ got_pass = True;
+ }
+}
/****************************************************************************
initialise smb client structure
@@ -59,6 +88,23 @@ void rpcclient_init(void)
bzero(smb_cli, sizeof(smb_cli));
cli_initialise(smb_cli);
smb_cli->capabilities |= CAP_NT_SMBS;
+ smb_cli->capabilities |= CAP_STATUS32;
+
+ pstrcpy(smb_cli->user_name, user_name);
+ smb_cli->nt_pipe_fnum = 0xffff;
+
+ get_passwd();
+
+ if (*domain == 0)
+ {
+ pstrcpy(smb_cli->domain,lp_workgroup());
+ }
+ else
+ {
+ pstrcpy(smb_cli->domain, domain);
+ }
+
+ strupper(smb_cli->domain);
}
/****************************************************************************
@@ -66,11 +112,7 @@ make smb client connection
****************************************************************************/
static BOOL rpcclient_connect(struct client_info *info)
{
- struct nmb_name calling;
- struct nmb_name called;
-
- make_nmb_name(&called , dns_to_netbios_name(info->dest_host ), info->name_type, scope);
- make_nmb_name(&calling, dns_to_netbios_name(info->myhostname), 0x0 , scope);
+ rpcclient_init();
if (!cli_establish_connection(smb_cli,
info->dest_host, &info->dest_ip,
@@ -97,7 +139,7 @@ static void rpcclient_stop(void)
/****************************************************************************
log in as an nt user, log out again.
****************************************************************************/
-void run_enums_test(int num_ops, struct client_info *cli_info, struct cli_state *cli)
+void run_enums_test(int num_ops, struct client_info *cli_info)
{
pstring cmd;
int i;
@@ -105,8 +147,8 @@ void run_enums_test(int num_ops, struct client_info *cli_info, struct cli_state
/* establish connections. nothing to stop these being re-established. */
rpcclient_connect(cli_info);
- DEBUG(5,("rpcclient_connect: cli->fd:%d\n", cli->fd));
- if (cli->fd <= 0)
+ DEBUG(5,("rpcclient_connect: smb_cli->fd:%d\n", smb_cli->fd));
+ if (smb_cli->fd <= 0)
{
fprintf(out_hnd, "warning: connection could not be established to %s<%02x>\n",
cli_info->dest_host, cli_info->name_type);
@@ -141,7 +183,7 @@ void run_enums_test(int num_ops, struct client_info *cli_info, struct cli_state
/****************************************************************************
log in as an nt user, log out again.
****************************************************************************/
-void run_ntlogin_test(int num_ops, struct client_info *cli_info, struct cli_state *cli)
+void run_ntlogin_test(int num_ops, struct client_info *cli_info)
{
pstring cmd;
int i;
@@ -149,8 +191,8 @@ void run_ntlogin_test(int num_ops, struct client_info *cli_info, struct cli_stat
/* establish connections. nothing to stop these being re-established. */
rpcclient_connect(cli_info);
- DEBUG(5,("rpcclient_connect: cli->fd:%d\n", cli->fd));
- if (cli->fd <= 0)
+ DEBUG(5,("rpcclient_connect: smb_cli->fd:%d\n", smb_cli->fd));
+ if (smb_cli->fd <= 0)
{
fprintf(out_hnd, "warning: connection could not be established to %s<%02x>\n",
cli_info->dest_host, cli_info->name_type);
@@ -159,7 +201,7 @@ void run_ntlogin_test(int num_ops, struct client_info *cli_info, struct cli_stat
for (i = 0; i < num_ops; i++)
{
- slprintf(cmd, sizeof(cmd)-1, "%s %s", cli->user_name, password);
+ slprintf(cmd, sizeof(cmd)-1, "%s %s", smb_cli->user_name, password);
set_first_token(cmd);
cmd_netlogon_login_test(cli_info);
@@ -169,12 +211,387 @@ void run_ntlogin_test(int num_ops, struct client_info *cli_info, struct cli_stat
}
+/* generate a random buffer */
+static void rand_buf(char *buf, int len)
+{
+ while (len--) {
+ *buf = sys_random();
+ buf++;
+ }
+}
+
+/****************************************************************************
+do a random rpc command
+****************************************************************************/
+BOOL do_random_rpc(struct cli_state *cli, int max_len)
+{
+ prs_struct rbuf;
+ prs_struct buf;
+ uint8 opcode;
+ int param_len;
+ BOOL response = False;
+
+ if ((sys_random() % 20) == 0)
+ {
+ param_len = (sys_random() % 256) + 4;
+ }
+ else
+ {
+ param_len = (sys_random() % max_len) + 4;
+ }
+
+ prs_init(&buf , param_len, 4, SAFETY_MARGIN, False);
+ prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
+
+ opcode = sys_random() % 256;
+
+ /* turn parameters into data stream */
+ rand_buf(mem_data(&buf.data, 0), param_len);
+ buf.offset = param_len;
+
+ /* send the data on \PIPE\ */
+ if (rpc_api_pipe_req(cli, opcode, &buf, &rbuf))
+ {
+ response = rbuf.offset != 0;
+
+ if (response)
+ {
+ DEBUG(0,("response! opcode: 0x%x\n", opcode));
+ DEBUG(0,("request: length %d\n", param_len));
+ dump_data(0, mem_data(&buf.data , 0), MIN(param_len, 128));
+ DEBUG(0,("response: length %d\n", rbuf.data->offset.end));
+ dump_data(0, mem_data(&rbuf.data, 0), rbuf.data->offset.end);
+ }
+ }
+
+ prs_mem_free(&rbuf);
+ prs_mem_free(&buf );
+
+ return response;
+}
+
+
+/* send random IPC commands */
+static void random_rpc_pipe_enc(char *pipe_name, struct client_info *cli_info,
+ int numops)
+{
+ int i;
+
+ DEBUG(0,("starting random rpc test on %s (encryped)\n", pipe_name));
+
+ /* establish connections. nothing to stop these being re-established. */
+ if (!rpcclient_connect(cli_info))
+ {
+ DEBUG(0,("random rpc test: connection failed\n"));
+ return;
+ }
+
+ cli_nt_set_ntlmssp_flgs(smb_cli,
+ NTLMSSP_NEGOTIATE_UNICODE |
+ NTLMSSP_NEGOTIATE_OEM |
+ NTLMSSP_NEGOTIATE_SIGN |
+ NTLMSSP_NEGOTIATE_SEAL |
+ NTLMSSP_NEGOTIATE_LM_KEY |
+ NTLMSSP_NEGOTIATE_NTLM |
+ NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
+ NTLMSSP_NEGOTIATE_00001000 |
+ NTLMSSP_NEGOTIATE_00002000);
+
+ for (i = 1; i <= numops * 100; i++)
+ {
+ /* open session. */
+ cli_nt_session_open(smb_cli, pipe_name);
+
+ do_random_rpc(smb_cli, 1024);
+ if (i % 500 == 0)
+ {
+ DEBUG(0,("calls: %i\n", i));
+ }
+
+ /* close the session */
+ cli_nt_session_close(smb_cli);
+ }
+
+ /* close the rpc pipe */
+ rpcclient_stop();
+
+ DEBUG(0,("finished random rpc test on %s\n", pipe_name));
+}
+
+/* send random IPC commands */
+static void random_rpc_pipe(char *pipe_name, struct client_info *cli_info,
+ int numops)
+{
+ int i;
+
+ DEBUG(0,("starting random rpc test on %s\n", pipe_name));
+
+ /* establish connections. nothing to stop these being re-established. */
+ if (!rpcclient_connect(cli_info))
+ {
+ DEBUG(0,("random rpc test: connection failed\n"));
+ return;
+ }
+
+ /* open session. */
+ if (!cli_nt_session_open(smb_cli, pipe_name))
+ {
+ DEBUG(0,("random rpc test: session open failed\n"));
+ return;
+ }
+
+ for (i = 1; i <= numops * 100; i++)
+ {
+ do_random_rpc(smb_cli, 8192);
+ if (i % 500 == 0)
+ {
+ DEBUG(0,("calls: %i\n", i));
+ }
+ }
+
+ /* close the session */
+ cli_nt_session_close(smb_cli);
+
+ /* close the rpc pipe */
+ rpcclient_stop();
+
+ DEBUG(0,("finished random rpc test on %s\n", pipe_name));
+}
+
+static void run_randomrpc(int numops, struct client_info *cli_info)
+{
+ char *pipes[] =
+ {
+ PIPE_SAMR ,
+ PIPE_WINREG ,
+ PIPE_SRVSVC ,
+ PIPE_WKSSVC ,
+ PIPE_NETLOGON ,
+ PIPE_NTSVCS ,
+ PIPE_LSARPC ,
+ NULL
+ };
+
+ int i = 0;
+
+ while (pipes[i] != NULL)
+ {
+ random_rpc_pipe(pipes[i], cli_info, numops);
+#if 0
+ random_rpc_pipe_enc(pipes[i], cli_info, numops);
+#endif
+
+ i++;
+ }
+}
+
+
+static void run_samhandles(int numops, struct client_info *cli_info)
+{
+ int i;
+ int count = 0;
+ int failed = 0;
+ int retry = 500;
+ fstring srv_name;
+ fstrcpy(srv_name, "\\\\");
+ fstrcat(srv_name, cli_info->dest_host);
+ strupper(srv_name);
+
+ DEBUG(0,("starting sam handle test\n"));
+
+ /* establish connections. nothing to stop these being re-established. */
+ while (retry > 0 && !rpcclient_connect(cli_info))
+ {
+ retry--;
+ }
+
+ if (retry == 0)
+ {
+ DEBUG(0,("samhandle test: connection failed\n"));
+ return;
+ }
+
+ /* open session. */
+ if (!cli_nt_session_open(smb_cli, PIPE_SAMR))
+ {
+ DEBUG(0,("samhandle test: session open failed\n"));
+ return;
+ }
+
+ for (i = 1; i <= numops * 100; i++)
+ {
+ POLICY_HND pol;
+ POLICY_HND dom;
+ if (!do_samr_connect(smb_cli, srv_name, 0x20, &pol))
+ {
+ failed++;
+ }
+/*
+ if (!do_samr_open_domain(smb_cli, srv_name, 0x00000020, &pol))
+ {
+ DEBUG(0,("samhandle domain open test (%i): failed\n", i));
+ }
+ */
+ if (i % 500 == 0)
+ {
+ DEBUG(0,("calls: %i\n", i));
+ }
+ count++;
+ }
+
+ /* close the session */
+ cli_nt_session_close(smb_cli);
+
+ /* close the rpc pipe */
+ rpcclient_stop();
+
+ DEBUG(0,("finished samhandle test. count: %d failed: %d\n", count, failed));
+}
+
+
+static void run_lsahandles(int numops, struct client_info *cli_info)
+{
+ int i;
+ int count = 0;
+ int failed = 0;
+ int retry = 500;
+ fstring srv_name;
+ fstrcpy(srv_name, "\\\\");
+ fstrcat(srv_name, cli_info->myhostname);
+ strupper(srv_name);
+
+ DEBUG(0,("starting lsa handle test\n"));
+
+ /* establish connections. nothing to stop these being re-established. */
+ while (retry > 0 && !rpcclient_connect(cli_info))
+ {
+ retry--;
+ }
+
+ if (retry == 0)
+ {
+ DEBUG(0,("lsahandle test: connection failed\n"));
+ return;
+ }
+ /* open session. */
+ if (!cli_nt_session_open(smb_cli, PIPE_LSARPC))
+ {
+ DEBUG(0,("lsahandle test: session open failed\n"));
+ return;
+ }
+
+ for (i = 1; i <= numops * 100; i++)
+ {
+ POLICY_HND pol;
+ if (!do_lsa_open_policy(smb_cli, srv_name, &pol, False))
+ {
+ failed++;
+ }
+ if (i % 500 == 0)
+ {
+ DEBUG(0,("calls: %i\n", i));
+ }
+ count++;
+ }
+
+ /* close the session */
+ cli_nt_session_close(smb_cli);
+
+ /* close the rpc pipe */
+ rpcclient_stop();
+
+ DEBUG(0,("finished lsahandle test. count: %d failed: %d\n", count, failed));
+}
+
+
+static void run_pipegobble(int numops, struct client_info *cli_info, char *pipe_name)
+{
+ int i;
+ int count = 0;
+ int failed = 0;
+ int retry = 500;
+ fstring srv_name;
+ fstrcpy(srv_name, "\\\\");
+ fstrcat(srv_name, cli_info->myhostname);
+ strupper(srv_name);
+
+ DEBUG(0,("starting pipe gobble test (%s)\n", pipe_name));
+
+ /* establish connections. nothing to stop these being re-established. */
+ while (retry > 0 && !rpcclient_connect(cli_info))
+ {
+ retry--;
+ }
+
+ if (retry == 0)
+ {
+ DEBUG(0,("pipe gobble test: connection failed\n"));
+ return;
+ }
+ for (i = 1; i <= numops * 100; i++)
+ {
+ /* open session. */
+ if (!cli_nt_session_open(smb_cli, pipe_name))
+ {
+ DEBUG(0,("pipe gobble test: session open failed\n"));
+ }
+
+ if (i % 500 == 0)
+ {
+ DEBUG(0,("calls: %i\n", i));
+ }
+ count++;
+ }
+
+ rpcclient_stop();
+
+ DEBUG(0,("finished pipe gobble test (%s). count: %d failed: %d\n",
+ pipe_name, count, failed));
+}
+
+
+static void run_handles(int numops, struct client_info *cli_info)
+{
+ run_samhandles(numops, cli_info);
+ run_lsahandles(numops, cli_info);
+}
+
+static void run_pipegobbler(int numops, struct client_info *cli_info)
+{
+/*
+ run_pipegobble(numops, cli_info, PIPE_SAMR);
+*/
+ run_pipegobble(numops, cli_info, PIPE_LSARPC);
+}
+
+/****************************************************************************
+make tcp connection
+****************************************************************************/
+static void run_tcpconnect(int numops, struct client_info *info)
+{
+ int i;
+ int failed = 0;
+
+ for (i = 0; i < numops; i++)
+ {
+ rpcclient_init();
+
+ if (!cli_connect(smb_cli, info->dest_host, &info->dest_ip))
+ {
+ failed++;
+ }
+ cli_shutdown(smb_cli);
+ }
+
+ DEBUG(0,("tcp connections: count: %d failed: %d\n", numops, failed));
+}
+
/****************************************************************************
runs n simultaneous functions.
****************************************************************************/
static void create_procs(int nprocs, int numops,
- struct client_info *cli_info, struct cli_state *cli,
- void (*fn)(int, struct client_info *, struct cli_state *))
+ struct client_info *cli_info,
+ void (*fn)(int, struct client_info *))
{
int i, status;
@@ -184,8 +601,8 @@ static void create_procs(int nprocs, int numops,
{
int mypid = getpid();
sys_srandom(mypid ^ time(NULL));
- fn(numops, cli_info, cli);
- fflush(out_hnd);
+ fn(numops, cli_info);
+ dbgflush();
_exit(0);
}
}
@@ -195,6 +612,8 @@ static void create_procs(int nprocs, int numops,
waitpid(0, &status, 0);
}
}
+
+
/****************************************************************************
usage on the program - OUT OF DATE!
****************************************************************************/
@@ -235,7 +654,6 @@ enum client_action
extern int optind;
static pstring servicesf = CONFIGFILE;
pstring term_code;
- BOOL got_pass = False;
char *cmd_str="";
mode_t myumask = 0755;
enum client_action cli_action = CLIENT_NONE;
@@ -246,8 +664,6 @@ enum client_action
out_hnd = stdout;
- rpcclient_init();
-
#ifdef KANJI
pstrcpy(term_code, KANJI);
#else /* KANJI */
@@ -285,8 +701,6 @@ enum client_action
pstrcpy(cli_info.cur_dir , "\\");
pstrcpy(cli_info.file_sel, "");
pstrcpy(cli_info.base_dir, "");
- pstrcpy(smb_cli->domain, "");
- pstrcpy(smb_cli->user_name, "");
pstrcpy(cli_info.myhostname, "");
pstrcpy(cli_info.dest_host, "");
@@ -299,7 +713,6 @@ enum client_action
ZERO_STRUCT(cli_info.dom.level5_sid);
pstrcpy(cli_info.dom.level5_dom, "");
- smb_cli->nt_pipe_fnum = 0xffff;
setup_logging(pname, True);
@@ -403,8 +816,8 @@ enum client_action
case 'U':
{
char *lp;
- pstrcpy(smb_cli->user_name,optarg);
- if ((lp=strchr(smb_cli->user_name,'%')))
+ pstrcpy(user_name,optarg);
+ if ((lp=strchr(user_name,'%')))
{
*lp = 0;
pstrcpy(password,lp+1);
@@ -416,7 +829,7 @@ enum client_action
case 'W':
{
- pstrcpy(smb_cli->domain,optarg);
+ pstrcpy(domain,optarg);
break;
}
@@ -516,12 +929,6 @@ enum client_action
DEBUG(3,("%s client started (version %s)\n",timestring(),VERSION));
- if (*smb_cli->domain == 0)
- {
- pstrcpy(smb_cli->domain,lp_workgroup());
- }
- strupper(smb_cli->domain);
-
load_interfaces();
if (cli_action == CLIENT_IPC)
@@ -534,31 +941,25 @@ enum client_action
strupper(cli_info.mach_acct);
fstrcat(cli_info.mach_acct, "$");
- /* set the password cache info */
- if (got_pass)
- {
- if (password[0] == 0)
- {
- pwd_set_nullpwd(&(smb_cli->pwd));
- }
- else
- {
- pwd_make_lm_nt_16(&(smb_cli->pwd), password); /* generate 16 byte hashes */
- }
- }
- else
- {
- char *pwd = getpass("Enter Password:");
- safe_strcpy(password, pwd, sizeof(password));
- pwd_make_lm_nt_16(&(smb_cli->pwd), password); /* generate 16 byte hashes */
- }
+ make_nmb_name(&called , dns_to_netbios_name(cli_info.dest_host ), cli_info.name_type, scope);
+ make_nmb_name(&calling, dns_to_netbios_name(cli_info.myhostname), 0x0 , scope);
- create_procs(nprocs, numops, &cli_info, smb_cli, run_enums_test);
+ get_passwd();
+/*
+ create_procs(nprocs, numops, &cli_info, run_enums_test);
if (password[0] != 0)
{
- create_procs(nprocs, numops, &cli_info, smb_cli, run_ntlogin_test);
+ create_procs(nprocs, numops, &cli_info, run_ntlogin_test);
}
+*/
+
+ create_procs(nprocs, numops, &cli_info, run_tcpconnect);
+/*
+ create_procs(nprocs, numops, &cli_info, run_pipegobbler);
+ create_procs(nprocs, numops, &cli_info, run_handles);
+ create_procs(nprocs, numops, &cli_info, run_randomrpc);
+*/
fflush(out_hnd);
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
index 902f59b245..3249103a27 100644
--- a/source3/utils/smbpasswd.c
+++ b/source3/utils/smbpasswd.c
@@ -554,7 +554,7 @@ int main(int argc, char **argv)
charset_initialise();
- if(!initialize_password_db()) {
+ if(!initialise_password_db()) {
fprintf(stderr, "Can't setup password database vectors.\n");
exit(1);
}
diff --git a/source3/utils/torture.c b/source3/utils/torture.c
index 81fa33fc75..fb09f515cf 100644
--- a/source3/utils/torture.c
+++ b/source3/utils/torture.c
@@ -23,6 +23,9 @@
#include "includes.h"
+extern int DEBUGLEVEL;
+extern pstring debugf;
+
static fstring host, workgroup, share, password, username, myname;
static int max_protocol = PROTOCOL_NT1;
static char *sockops="";
@@ -42,8 +45,27 @@ static double end_timer(void)
(tp2.tv_usec - tp1.tv_usec)*1.0e-6);
}
+#define FAILED_NO_ERROR 0
+#define FAILED_TCP_CONNECT 1
+#define FAILED_SESSION_REQ 2
+#define FAILED_SMB_SESS_SETUP 3
+#define FAILED_SMB_TCON 4
+#define FAILED_SMB_NEGPROT 5
+#define FAILED_CLI_STATE_INIT 6
+#define NUM_ERR_STATES 7
-static BOOL open_connection(struct cli_state *c)
+static char *smb_messages[] =
+{
+ "No errors in connection",
+ "TCP connection ",
+ "NetBIOS Session Request",
+ "SMB Session Setup ",
+ "SMB Tcon ",
+ "SMB Negprot ",
+ "Client initialisation "
+};
+
+static int open_connection(struct cli_state *c)
{
struct nmb_name called, calling;
@@ -52,48 +74,53 @@ static BOOL open_connection(struct cli_state *c)
make_nmb_name(&calling, myname, 0x0, "");
make_nmb_name(&called , host, 0x20, "");
- if (!cli_initialise(c) || !cli_connect(c, host, NULL)) {
- printf("Failed to connect with %s\n", host);
- return False;
+ if (!cli_initialise(c))
+ {
+ DEBUG(0,("Failed to connect with %s\n", host));
+ return FAILED_CLI_STATE_INIT;
+ }
+
+ if (!cli_connect(c, host, NULL)) {
+ DEBUG(0,("Failed to connect with %s\n", host));
+ return FAILED_TCP_CONNECT;
}
if (!cli_session_request(c, &calling, &called)) {
cli_shutdown(c);
- printf("%s rejected the session\n",host);
- return False;
+ DEBUG(0,("%s rejected the session\n",host));
+ return FAILED_SESSION_REQ;
}
if (!cli_negprot(c)) {
- printf("%s rejected the negprot (%s)\n",host, cli_errstr(c));
+ DEBUG(0,("%s rejected the negprot (%s)\n",host, cli_errstr(c)));
cli_shutdown(c);
- return False;
+ return FAILED_SMB_NEGPROT;
}
if (!cli_session_setup(c, username,
password, strlen(password),
password, strlen(password),
workgroup)) {
+ DEBUG(0,("%s rejected the sessionsetup (%s)\n", host, cli_errstr(c)));
cli_shutdown(c);
- printf("%s rejected the sessionsetup (%s)\n", host, cli_errstr(c));
- return False;
+ return FAILED_SMB_SESS_SETUP;
}
if (!cli_send_tconX(c, share, "?????",
password, strlen(password)+1)) {
- printf("%s refused tree connect (%s)\n", host, cli_errstr(c));
+ DEBUG(0,("%s refused tree connect (%s)\n", host, cli_errstr(c)));
cli_shutdown(c);
- return False;
+ return FAILED_SMB_TCON;
}
- return True;
+ return FAILED_NO_ERROR;
}
-
static void close_connection(struct cli_state *c)
{
if (!cli_tdis(c)) {
- printf("tdis failed (%s)\n", cli_errstr(c));
+ DEBUG(0,("tdis failed (%s)\n", cli_errstr(c)));
}
cli_shutdown(c);
@@ -110,10 +137,10 @@ static BOOL check_error(struct cli_state *c,
eno = cli_error(c, &class, &num);
if ((eclass != class || ecode != num) &&
num != (nterr&0xFFFFFF)) {
- printf("unexpected error code class=%d code=%d\n",
- (int)class, (int)num);
- printf(" expected %d/%d %d\n",
- (int)eclass, (int)ecode, (int)nterr);
+ DEBUG(0,("unexpected error code class=%d code=%d\n",
+ (int)class, (int)num));
+ DEBUG(0,(" expected %d/%d %d\n",
+ (int)eclass, (int)ecode, (int)nterr));
return False;
}
return True;
@@ -144,7 +171,7 @@ static BOOL rw_torture(struct cli_state *c, int numops)
if (fnum2 == -1)
fnum2 = cli_open(c, lockfname, O_RDWR, DENY_NONE);
if (fnum2 == -1) {
- printf("open of %s failed (%s)\n", lockfname, cli_errstr(c));
+ DEBUG(0,("open of %s failed (%s)\n", lockfname, cli_errstr(c)));
return False;
}
@@ -152,7 +179,7 @@ static BOOL rw_torture(struct cli_state *c, int numops)
for (i=0;i<numops;i++) {
unsigned n = (unsigned)sys_random()%10;
if (i % 10 == 0) {
- printf("%d\r", i); fflush(stdout);
+ DEBUG(0,("%d\r", i));
}
slprintf(fname, sizeof(fstring) - 1, "\\torture.%u", n);
@@ -162,49 +189,49 @@ static BOOL rw_torture(struct cli_state *c, int numops)
fnum = cli_open(c, fname, O_RDWR | O_CREAT | O_TRUNC, DENY_ALL);
if (fnum == -1) {
- printf("open failed (%s)\n", cli_errstr(c));
+ DEBUG(0,("open failed (%s)\n", cli_errstr(c)));
break;
}
if (cli_write(c, fnum, 0, (char *)&pid, 0, sizeof(pid)) != sizeof(pid)) {
- printf("write failed (%s)\n", cli_errstr(c));
+ DEBUG(0,("write failed (%s)\n", cli_errstr(c)));
}
for (j=0;j<50;j++) {
if (cli_write(c, fnum, 0, (char *)buf,
sizeof(pid)+(j*sizeof(buf)),
sizeof(buf)) != sizeof(buf)) {
- printf("write failed (%s)\n", cli_errstr(c));
+ DEBUG(0,("write failed (%s)\n", cli_errstr(c)));
}
}
pid2 = 0;
if (cli_read(c, fnum, (char *)&pid2, 0, sizeof(pid)) != sizeof(pid)) {
- printf("read failed (%s)\n", cli_errstr(c));
+ DEBUG(0,("read failed (%s)\n", cli_errstr(c)));
}
if (pid2 != pid) {
- printf("data corruption!\n");
+ DEBUG(0,("data corruption!\n"));
}
if (!cli_close(c, fnum)) {
- printf("close failed (%s)\n", cli_errstr(c));
+ DEBUG(0,("close failed (%s)\n", cli_errstr(c)));
}
if (!cli_unlink(c, fname)) {
- printf("unlink failed (%s)\n", cli_errstr(c));
+ DEBUG(0,("unlink failed (%s)\n", cli_errstr(c)));
}
if (!cli_unlock(c, fnum2, n*sizeof(int), sizeof(int), -1)) {
- printf("unlock failed (%s)\n", cli_errstr(c));
+ DEBUG(0,("unlock failed (%s)\n", cli_errstr(c)));
}
}
cli_close(c, fnum2);
cli_unlink(c, lockfname);
- printf("%d\n", i);
+ DEBUG(0,("%d\n", i));
return True;
}
@@ -231,15 +258,21 @@ static void run_torture(int numops)
{
static struct cli_state cli;
- if (open_connection(&cli)) {
+ if (open_connection(&cli) == 0)
+ {
cli_sockopt(&cli, sockops);
- printf("pid %d OK\n", getpid());
+ DEBUG(0,("pid %d OK\n", getpid()));
rw_torture(&cli, numops);
close_connection(&cli);
}
+ else
+ {
+ DEBUG(0,("pid %d failed\n", getpid()));
+ }
+
}
/*
@@ -256,50 +289,50 @@ static void run_locktest1(void)
int fnum1, fnum2, fnum3;
time_t t1, t2;
- if (!open_connection(&cli1) || !open_connection(&cli2)) {
+ if (open_connection(&cli1) != 0 || open_connection(&cli2) != 0) {
return;
}
cli_sockopt(&cli1, sockops);
cli_sockopt(&cli2, sockops);
- printf("starting locktest1\n");
+ DEBUG(0,("starting locktest1\n"));
cli_unlink(&cli1, fname);
fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ DEBUG(0,("open of %s failed (%s)\n", fname, cli_errstr(&cli1)));
return;
}
fnum2 = cli_open(&cli1, fname, O_RDWR, DENY_NONE);
if (fnum2 == -1) {
- printf("open2 of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ DEBUG(0,("open2 of %s failed (%s)\n", fname, cli_errstr(&cli1)));
return;
}
fnum3 = cli_open(&cli2, fname, O_RDWR, DENY_NONE);
if (fnum3 == -1) {
- printf("open3 of %s failed (%s)\n", fname, cli_errstr(&cli2));
+ DEBUG(0,("open3 of %s failed (%s)\n", fname, cli_errstr(&cli2)));
return;
}
if (!cli_lock(&cli1, fnum1, 0, 4, 0)) {
- printf("lock1 failed (%s)\n", cli_errstr(&cli1));
+ DEBUG(0,("lock1 failed (%s)\n", cli_errstr(&cli1)));
return;
}
if (cli_lock(&cli2, fnum3, 0, 4, 0)) {
- printf("lock2 succeeded! This is a locking bug\n");
+ DEBUG(0,("lock2 succeeded! This is a locking bug\n"));
return;
} else {
if (!check_error(&cli2, ERRDOS, ERRlock, 0)) return;
}
- printf("Testing lock timeouts\n");
+ DEBUG(0,("Testing lock timeouts\n"));
t1 = time(NULL);
if (cli_lock(&cli2, fnum3, 0, 4, 10*1000)) {
- printf("lock3 succeeded! This is a locking bug\n");
+ DEBUG(0,("lock3 succeeded! This is a locking bug\n"));
return;
} else {
if (!check_error(&cli2, ERRDOS, ERRlock, 0)) return;
@@ -307,33 +340,33 @@ static void run_locktest1(void)
t2 = time(NULL);
if (t2 - t1 < 5) {
- printf("error: This server appears not to support timed lock requests\n");
+ DEBUG(0,("error: This server appears not to support timed lock requests\n"));
}
if (!cli_close(&cli1, fnum2)) {
- printf("close1 failed (%s)\n", cli_errstr(&cli1));
+ DEBUG(0,("close1 failed (%s)\n", cli_errstr(&cli1)));
return;
}
if (cli_lock(&cli2, fnum3, 0, 4, 0)) {
- printf("lock4 succeeded! This is a locking bug\n");
+ DEBUG(0,("lock4 succeeded! This is a locking bug\n"));
return;
} else {
if (!check_error(&cli2, ERRDOS, ERRlock, 0)) return;
}
if (!cli_close(&cli1, fnum1)) {
- printf("close2 failed (%s)\n", cli_errstr(&cli1));
+ DEBUG(0,("close2 failed (%s)\n", cli_errstr(&cli1)));
return;
}
if (!cli_close(&cli2, fnum3)) {
- printf("close3 failed (%s)\n", cli_errstr(&cli2));
+ DEBUG(0,("close3 failed (%s)\n", cli_errstr(&cli2)));
return;
}
if (!cli_unlink(&cli1, fname)) {
- printf("unlink failed (%s)\n", cli_errstr(&cli1));
+ DEBUG(0,("unlink failed (%s)\n", cli_errstr(&cli1)));
return;
}
@@ -341,7 +374,7 @@ static void run_locktest1(void)
close_connection(&cli1);
close_connection(&cli2);
- printf("Passed locktest1\n");
+ DEBUG(0,("Passed locktest1\n"));
}
@@ -362,13 +395,13 @@ static void run_locktest2(void)
char *fname = "\\lockt2.lck";
int fnum1, fnum2, fnum3;
- if (!open_connection(&cli)) {
+ if (open_connection(&cli) != 0) {
return;
}
cli_sockopt(&cli, sockops);
- printf("starting locktest2\n");
+ DEBUG(0,("starting locktest2\n"));
cli_unlink(&cli, fname);
@@ -376,13 +409,13 @@ static void run_locktest2(void)
fnum1 = cli_open(&cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(&cli));
+ DEBUG(0,("open of %s failed (%s)\n", fname, cli_errstr(&cli)));
return;
}
fnum2 = cli_open(&cli, fname, O_RDWR, DENY_NONE);
if (fnum2 == -1) {
- printf("open2 of %s failed (%s)\n", fname, cli_errstr(&cli));
+ DEBUG(0,("open2 of %s failed (%s)\n", fname, cli_errstr(&cli)));
return;
}
@@ -390,19 +423,19 @@ static void run_locktest2(void)
fnum3 = cli_open(&cli, fname, O_RDWR, DENY_NONE);
if (fnum3 == -1) {
- printf("open3 of %s failed (%s)\n", fname, cli_errstr(&cli));
+ DEBUG(0,("open3 of %s failed (%s)\n", fname, cli_errstr(&cli)));
return;
}
cli_setpid(&cli, 1);
if (!cli_lock(&cli, fnum1, 0, 4, 0)) {
- printf("lock1 failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("lock1 failed (%s)\n", cli_errstr(&cli)));
return;
}
if (cli_lock(&cli, fnum2, 0, 4, 0)) {
- printf("lock2 succeeded! This is a locking bug\n");
+ DEBUG(0,("lock2 succeeded! This is a locking bug\n"));
} else {
if (!check_error(&cli, ERRDOS, ERRlock, 0)) return;
}
@@ -410,11 +443,11 @@ static void run_locktest2(void)
cli_setpid(&cli, 2);
if (cli_unlock(&cli, fnum1, 0, 4, 0)) {
- printf("unlock1 succeeded! This is a locking bug\n");
+ DEBUG(0,("unlock1 succeeded! This is a locking bug\n"));
}
if (cli_lock(&cli, fnum3, 0, 4, 0)) {
- printf("lock3 succeeded! This is a locking bug\n");
+ DEBUG(0,("lock3 succeeded! This is a locking bug\n"));
} else {
if (!check_error(&cli, ERRDOS, ERRlock, 0)) return;
}
@@ -422,23 +455,23 @@ static void run_locktest2(void)
cli_setpid(&cli, 1);
if (!cli_close(&cli, fnum1)) {
- printf("close1 failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("close1 failed (%s)\n", cli_errstr(&cli)));
return;
}
if (!cli_close(&cli, fnum2)) {
- printf("close2 failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("close2 failed (%s)\n", cli_errstr(&cli)));
return;
}
if (!cli_close(&cli, fnum3)) {
- printf("close3 failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("close3 failed (%s)\n", cli_errstr(&cli)));
return;
}
close_connection(&cli);
- printf("locktest2 finished\n");
+ DEBUG(0,("locktest2 finished\n"));
}
@@ -456,40 +489,40 @@ static void run_locktest3(int numops)
#define NEXT_OFFSET offset += (~(uint32)0) / numops
- if (!open_connection(&cli1) || !open_connection(&cli2)) {
+ if (open_connection(&cli1) != 0 || open_connection(&cli2) != 0) {
return;
}
cli_sockopt(&cli1, sockops);
cli_sockopt(&cli2, sockops);
- printf("starting locktest3\n");
+ DEBUG(0,("starting locktest3\n"));
cli_unlink(&cli1, fname);
fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ DEBUG(0,("open of %s failed (%s)\n", fname, cli_errstr(&cli1)));
return;
}
fnum2 = cli_open(&cli2, fname, O_RDWR, DENY_NONE);
if (fnum2 == -1) {
- printf("open2 of %s failed (%s)\n", fname, cli_errstr(&cli2));
+ DEBUG(0,("open2 of %s failed (%s)\n", fname, cli_errstr(&cli2)));
return;
}
for (offset=i=0;i<numops;i++) {
NEXT_OFFSET;
if (!cli_lock(&cli1, fnum1, offset-1, 1, 0)) {
- printf("lock1 %d failed (%s)\n",
+ DEBUG(0,("lock1 %d failed (%s)\n",
i,
- cli_errstr(&cli1));
+ cli_errstr(&cli1)));
return;
}
if (!cli_lock(&cli2, fnum2, offset-2, 1, 0)) {
- printf("lock2 %d failed (%s)\n",
+ DEBUG(0,("lock2 %d failed (%s)\n",
i,
- cli_errstr(&cli1));
+ cli_errstr(&cli1)));
return;
}
}
@@ -498,22 +531,22 @@ static void run_locktest3(int numops)
NEXT_OFFSET;
if (cli_lock(&cli1, fnum1, offset-2, 1, 0)) {
- printf("error: lock1 %d succeeded!\n", i);
+ DEBUG(0,("error: lock1 %d succeeded!\n", i));
return;
}
if (cli_lock(&cli2, fnum2, offset-1, 1, 0)) {
- printf("error: lock2 %d succeeded!\n", i);
+ DEBUG(0,("error: lock2 %d succeeded!\n", i));
return;
}
if (cli_lock(&cli1, fnum1, offset-1, 1, 0)) {
- printf("error: lock3 %d succeeded!\n", i);
+ DEBUG(0,("error: lock3 %d succeeded!\n", i));
return;
}
if (cli_lock(&cli2, fnum2, offset-2, 1, 0)) {
- printf("error: lock4 %d succeeded!\n", i);
+ DEBUG(0,("error: lock4 %d succeeded!\n", i));
return;
}
}
@@ -522,37 +555,37 @@ static void run_locktest3(int numops)
NEXT_OFFSET;
if (!cli_unlock(&cli1, fnum1, offset-1, 1, 0)) {
- printf("unlock1 %d failed (%s)\n",
+ DEBUG(0,("unlock1 %d failed (%s)\n",
i,
- cli_errstr(&cli1));
+ cli_errstr(&cli1)));
return;
}
if (!cli_unlock(&cli2, fnum2, offset-2, 1, 0)) {
- printf("unlock2 %d failed (%s)\n",
+ DEBUG(0,("unlock2 %d failed (%s)\n",
i,
- cli_errstr(&cli1));
+ cli_errstr(&cli1)));
return;
}
}
if (!cli_close(&cli1, fnum1)) {
- printf("close1 failed (%s)\n", cli_errstr(&cli1));
+ DEBUG(0,("close1 failed (%s)\n", cli_errstr(&cli1)));
}
if (!cli_close(&cli2, fnum2)) {
- printf("close2 failed (%s)\n", cli_errstr(&cli2));
+ DEBUG(0,("close2 failed (%s)\n", cli_errstr(&cli2)));
}
if (!cli_unlink(&cli1, fname)) {
- printf("unlink failed (%s)\n", cli_errstr(&cli1));
+ DEBUG(0,("unlink failed (%s)\n", cli_errstr(&cli1)));
return;
}
close_connection(&cli1);
close_connection(&cli2);
- printf("finished locktest3\n");
+ DEBUG(0,("finished locktest3\n"));
}
@@ -567,24 +600,24 @@ static void run_fdpasstest(void)
int fnum1;
pstring buf;
- if (!open_connection(&cli1) || !open_connection(&cli2)) {
+ if (open_connection(&cli1) != 0 || open_connection(&cli2) != 0) {
return;
}
cli_sockopt(&cli1, sockops);
cli_sockopt(&cli2, sockops);
- printf("starting fdpasstest\n");
+ DEBUG(0,("starting fdpasstest\n"));
cli_unlink(&cli1, fname);
fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ DEBUG(0,("open of %s failed (%s)\n", fname, cli_errstr(&cli1)));
return;
}
if (cli_write(&cli1, fnum1, 0, "hello world\n", 0, 13) != 13) {
- printf("write failed (%s)\n", cli_errstr(&cli1));
+ DEBUG(0,("write failed (%s)\n", cli_errstr(&cli1)));
return;
}
@@ -594,8 +627,8 @@ static void run_fdpasstest(void)
if (cli_read(&cli2, fnum1, buf, 0, 13) == 13) {
- printf("read succeeded! nasty security hole [%s]\n",
- buf);
+ DEBUG(0,("read succeeded! nasty security hole [%s]\n",
+ buf));
return;
}
@@ -605,7 +638,7 @@ static void run_fdpasstest(void)
close_connection(&cli1);
close_connection(&cli2);
- printf("finished fdpasstest\n");
+ DEBUG(0,("finished fdpasstest\n"));
}
@@ -620,13 +653,13 @@ static void run_unlinktest(void)
char *fname = "\\unlink.tst";
int fnum;
- if (!open_connection(&cli)) {
+ if (open_connection(&cli) != 0) {
return;
}
cli_sockopt(&cli, sockops);
- printf("starting unlink test\n");
+ DEBUG(0,("starting unlink test\n"));
cli_unlink(&cli, fname);
@@ -634,12 +667,12 @@ static void run_unlinktest(void)
fnum = cli_open(&cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(&cli));
+ DEBUG(0,("open of %s failed (%s)\n", fname, cli_errstr(&cli)));
return;
}
if (cli_unlink(&cli, fname)) {
- printf("error: server allowed unlink on an open file\n");
+ DEBUG(0,("error: server allowed unlink on an open file\n"));
}
cli_close(&cli, fnum);
@@ -647,7 +680,7 @@ static void run_unlinktest(void)
close_connection(&cli);
- printf("unlink test finished\n");
+ DEBUG(0,("unlink test finished\n"));
}
@@ -664,16 +697,16 @@ static void run_maxfidtest(int n)
srandom(getpid());
- while (!open_connection(&cli) && retries--) msleep(random() % 2000);
+ while (open_connection(&cli) != 0 && retries--) msleep(random() % 2000);
if (retries <= 0) {
- printf("failed to connect\n");
+ DEBUG(0,("failed to connect\n"));
return;
}
cli_sockopt(&cli, sockops);
- printf("starting maxfid test\n");
+ DEBUG(0,("starting maxfid test\n"));
fnum = 0;
while (1) {
@@ -681,25 +714,25 @@ static void run_maxfidtest(int n)
if (cli_open(&cli, fname,
O_RDWR|O_CREAT|O_TRUNC, DENY_NONE) ==
-1) {
- printf("open of %s failed (%s)\n",
- fname, cli_errstr(&cli));
- printf("maximum fnum is %d\n", fnum);
+ DEBUG(0,("open of %s failed (%s)\n",
+ fname, cli_errstr(&cli)));
+ DEBUG(0,("maximum fnum is %d\n", fnum));
break;
}
fnum++;
}
- printf("cleaning up\n");
+ DEBUG(0,("cleaning up\n"));
while (fnum > n) {
fnum--;
slprintf(fname,sizeof(fname)-1,template, fnum,getpid());
if (cli_unlink(&cli, fname)) {
- printf("unlink of %s failed (%s)\n",
- fname, cli_errstr(&cli));
+ DEBUG(0,("unlink of %s failed (%s)\n",
+ fname, cli_errstr(&cli)));
}
}
- printf("maxfid test finished\n");
+ DEBUG(0,("maxfid test finished\n"));
close_connection(&cli);
}
@@ -713,24 +746,41 @@ static void rand_buf(char *buf, int len)
}
/* send random IPC commands */
-static void run_randomipc(void)
+static void run_randomipc(int numops)
{
char *rparam = NULL;
char *rdata = NULL;
int rdrcnt,rprcnt;
- pstring param;
+ char param[BUFFER_SIZE];
int api, param_len, i;
+ int reconnect_count = 50;
static struct cli_state cli;
- printf("starting random ipc test\n");
+ DEBUG(0,("starting random ipc test\n"));
+
+ while (reconnect_count > 0 && open_connection(&cli) != 0)
+ {
+ DEBUG(0,("connection failed: retrying %d\n", reconnect_count));
+ msleep(sys_random() % 1000);
+ reconnect_count--;
+ }
- if (!open_connection(&cli)) {
+ if (reconnect_count == 0)
+ {
return;
}
- for (i=0;i<50000;i++) {
+ for (i=0;i<numops * 100;i++)
+ {
api = sys_random() % 500;
- param_len = (sys_random() % 64);
+ if ((sys_random() % 10) == 0)
+ {
+ param_len = (sys_random() % BUFFER_SIZE);
+ }
+ else
+ {
+ param_len = (sys_random() % 64);
+ }
rand_buf(param, param_len);
@@ -745,7 +795,7 @@ static void run_randomipc(void)
close_connection(&cli);
- printf("finished random ipc test\n");
+ DEBUG(0,("finished random ipc test\n"));
}
@@ -753,7 +803,7 @@ static void run_randomipc(void)
static void browse_callback(const char *sname, uint32 stype,
const char *comment)
{
- printf("\t%20.20s %08x %s\n", sname, stype, comment);
+ DEBUG(0,("\t%20.20s %08x %s\n", sname, stype, comment));
}
@@ -766,25 +816,25 @@ static void run_browsetest(void)
{
static struct cli_state cli;
- printf("starting browse test\n");
+ DEBUG(0,("starting browse test\n"));
- if (!open_connection(&cli)) {
+ if (open_connection(&cli) != 0) {
return;
}
- printf("domain list:\n");
+ DEBUG(0,("domain list:\n"));
cli_NetServerEnum(&cli, workgroup,
SV_TYPE_DOMAIN_ENUM,
browse_callback);
- printf("machine list:\n");
+ DEBUG(0,("machine list:\n"));
cli_NetServerEnum(&cli, workgroup,
SV_TYPE_ALL,
browse_callback);
close_connection(&cli);
- printf("browse test finished\n");
+ DEBUG(0,("browse test finished\n"));
}
@@ -798,9 +848,9 @@ static void run_attrtest(void)
time_t t, t2;
char *fname = "\\attrib.tst";
- printf("starting attrib test\n");
+ DEBUG(0,("starting attrib test\n"));
- if (!open_connection(&cli)) {
+ if (open_connection(&cli) != 0) {
return;
}
@@ -809,36 +859,36 @@ static void run_attrtest(void)
O_RDWR | O_CREAT | O_TRUNC, DENY_NONE);
cli_close(&cli, fnum);
if (!cli_getatr(&cli, fname, NULL, NULL, &t)) {
- printf("getatr failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("getatr failed (%s)\n", cli_errstr(&cli)));
}
if (abs(t - time(NULL)) > 2) {
- printf("ERROR: SMBgetatr bug. time is %s",
- ctime(&t));
+ DEBUG(0,("ERROR: SMBgetatr bug. time is %s",
+ ctime(&t)));
t = time(NULL);
}
t2 = t-60*60*24; /* 1 day ago */
if (!cli_setatr(&cli, fname, 0, t2)) {
- printf("setatr failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("setatr failed (%s)\n", cli_errstr(&cli)));
}
if (!cli_getatr(&cli, fname, NULL, NULL, &t)) {
- printf("getatr failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("getatr failed (%s)\n", cli_errstr(&cli)));
}
if (t != t2) {
- printf("ERROR: getatr/setatr bug. times are\n%s",
- ctime(&t));
- printf("%s", ctime(&t2));
+ DEBUG(0,("ERROR: getatr/setatr bug. times are\n%s",
+ ctime(&t)));
+ DEBUG(0,("%s", ctime(&t2)));
}
cli_unlink(&cli, fname);
close_connection(&cli);
- printf("attrib test finished\n");
+ DEBUG(0,("attrib test finished\n"));
}
@@ -855,9 +905,9 @@ static void run_trans2test(void)
char *dname = "\\trans2";
char *fname2 = "\\trans2\\trans2.tst";
- printf("starting trans2 test\n");
+ DEBUG(0,("starting trans2 test\n"));
- if (!open_connection(&cli)) {
+ if (open_connection(&cli) != 0) {
return;
}
@@ -866,7 +916,7 @@ static void run_trans2test(void)
O_RDWR | O_CREAT | O_TRUNC, DENY_NONE);
if (!cli_qfileinfo(&cli, fnum, NULL, &size, &c_time, &a_time, &m_time,
NULL, NULL)) {
- printf("ERROR: qfileinfo failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("ERROR: qfileinfo failed (%s)\n", cli_errstr(&cli)));
}
cli_close(&cli, fnum);
@@ -878,20 +928,20 @@ static void run_trans2test(void)
cli_close(&cli, fnum);
if (!cli_qpathinfo(&cli, fname, &c_time, &a_time, &m_time, &size, NULL)) {
- printf("ERROR: qpathinfo failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("ERROR: qpathinfo failed (%s)\n", cli_errstr(&cli)));
} else {
if (c_time != m_time) {
- printf("create time=%s", ctime(&c_time));
- printf("modify time=%s", ctime(&m_time));
- printf("This system appears to have sticky create times\n");
+ DEBUG(0,("create time=%s", ctime(&c_time)));
+ DEBUG(0,("modify time=%s", ctime(&m_time)));
+ DEBUG(0,("This system appears to have sticky create times\n"));
}
if (a_time % (60*60) == 0) {
- printf("access time=%s", ctime(&a_time));
- printf("This system appears to set a midnight access time\n");
+ DEBUG(0,("access time=%s", ctime(&a_time)));
+ DEBUG(0,("This system appears to set a midnight access time\n"));
}
if (abs(m_time - time(NULL)) > 60*60*24*7) {
- printf("ERROR: totally incorrect times - maybe word reversed?\n");
+ DEBUG(0,("ERROR: totally incorrect times - maybe word reversed?\n"));
}
}
@@ -902,11 +952,11 @@ static void run_trans2test(void)
cli_close(&cli, fnum);
if (!cli_qpathinfo2(&cli, fname, &c_time, &a_time, &m_time,
&w_time, &size, NULL, NULL)) {
- printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli)));
} else {
if (w_time < 60*60*24*2) {
- printf("write time=%s", ctime(&w_time));
- printf("This system appears to set a initial 0 write time\n");
+ DEBUG(0,("write time=%s", ctime(&w_time)));
+ DEBUG(0,("This system appears to set a initial 0 write time\n"));
}
}
@@ -916,12 +966,12 @@ static void run_trans2test(void)
/* check if the server updates the directory modification time
when creating a new file */
if (!cli_mkdir(&cli, dname)) {
- printf("ERROR: mkdir failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("ERROR: mkdir failed (%s)\n", cli_errstr(&cli)));
}
sleep(3);
if (!cli_qpathinfo2(&cli, "\\trans2\\", &c_time, &a_time, &m_time,
&w_time, &size, NULL, NULL)) {
- printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli)));
}
fnum = cli_open(&cli, fname2,
@@ -930,10 +980,10 @@ static void run_trans2test(void)
cli_close(&cli, fnum);
if (!cli_qpathinfo2(&cli, "\\trans2\\", &c_time, &a_time, &m_time2,
&w_time, &size, NULL, NULL)) {
- printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli));
+ DEBUG(0,("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli)));
} else {
if (m_time2 == m_time)
- printf("This system does not update directory modification times\n");
+ DEBUG(0,("This system does not update directory modification times\n"));
}
cli_unlink(&cli, fname2);
cli_rmdir(&cli, dname);
@@ -941,29 +991,83 @@ static void run_trans2test(void)
close_connection(&cli);
- printf("trans2 test finished\n");
+ DEBUG(0,("trans2 test finished\n"));
}
+static void run_connection(int numops)
+{
+ struct cli_state c;
+ int count = 0;
+ int failed[NUM_ERR_STATES];
+ int i;
+
+ DEBUG(0,("Connection test starts:\n"));
+
+ for (i = 0; i < NUM_ERR_STATES; i++)
+ {
+ failed[i] = 0;
+ }
+
+ for (i = 0; i < numops; i++)
+ {
+ int err;
+ DEBUG(0,("Connection test %d %d\n", i, numops));
+ if ((err = open_connection(&c)))
+ {
+ failed[err]++;
+ }
+ count++;
+ }
+
+ {
+ int failtotal = 0;
+
+ for (i = 0, failtotal = 0; i < NUM_ERR_STATES; i++)
+ {
+ failtotal += failed[i];
+ }
+ DEBUG(0,("Connection test results: count %d success %d\n", count, count-failtotal));
+ }
+ for (i = 0; i < NUM_ERR_STATES; i++)
+ {
+ DEBUG(0,("%s: failed: %d\n", smb_messages[i], failed[i]));
+ }
+}
+
static void create_procs(int nprocs, int numops, void (*fn)(int ))
{
int i, status;
- for (i=0;i<nprocs;i++) {
- if (fork() == 0) {
+ for (i=0;i<nprocs;i++)
+ {
+ if (fork() == 0)
+ {
int mypid = getpid();
sys_srandom(mypid ^ time(NULL));
+
+ if (!dbg_interactive())
+ {
+ slprintf(debugf, sizeof(debugf), "./log.torture.%d", mypid);
+ reopen_logs();
+ }
+
fn(numops);
+ dbgflush();
_exit(0);
}
}
for (i=0;i<nprocs;i++)
+ {
waitpid(0, &status, 0);
+ }
}
+#define DEBUG_INTERACTIVE True
+
/****************************************************************************
main program
****************************************************************************/
@@ -975,9 +1079,14 @@ static void create_procs(int nprocs, int numops, void (*fn)(int ))
int gotpass = 0;
extern char *optarg;
extern int optind;
- extern FILE *dbf;
+ extern BOOL append_log;
+ extern BOOL timestamp_log;
- dbf = stdout;
+ DEBUGLEVEL = 0;
+ pstrcpy(debugf,"./log.torture");
+ setup_logging(argv[0], DEBUG_INTERACTIVE);
+ append_log = True;
+ timestamp_log = False;
charset_initialise();
@@ -1055,8 +1164,12 @@ static void create_procs(int nprocs, int numops, void (*fn)(int ))
}
}
- printf("host=%s share=%s user=%s myname=%s\n",
- host, share, username, myname);
+ printf("host=%s share=%s user=%s myname=%s procs=%d ops=%d\n",
+ host, share, username, myname, nprocs, numops);
+
+ create_procs(nprocs, numops, run_connection);
+/*
+ create_procs(nprocs, numops, run_randomipc);
run_fdpasstest();
run_locktest1();
@@ -1069,11 +1182,13 @@ static void create_procs(int nprocs, int numops, void (*fn)(int ))
create_procs(nprocs, numops, run_maxfidtest);
+
+
start_timer();
create_procs(nprocs, numops, run_torture);
printf("rw_torture: %g secs\n", end_timer());
-
- run_randomipc();
+*/
+ dbgflush();
return(0);
}
diff --git a/source3/web/swat.c b/source3/web/swat.c
index 8f47ced52d..cdbd1f8c8c 100644
--- a/source3/web/swat.c
+++ b/source3/web/swat.c
@@ -603,7 +603,7 @@ static BOOL change_password(const char *remote_machine, char *user_name,
return ret;
}
- if(!initialize_password_db()) {
+ if(!initialise_password_db()) {
printf("Can't setup password database vectors.\n<p>");
return False;
}