diff options
Diffstat (limited to 'source3')
61 files changed, 925 insertions, 12122 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index 8d0add9b7a..63cc348eb6 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -58,6 +58,7 @@ INSTALLPERMS = 0755 LOGFILEBASE = @logfilebase@ CONFIGFILE = $(LIBDIR)/smb.conf LMHOSTSFILE = $(LIBDIR)/lmhosts +DRIVERFILE = $(LIBDIR)/printers.def # This is where smbpasswd et al go PRIVATEDIR = @privatedir@ @@ -102,7 +103,7 @@ WINBIND_LPROGS = @WINBIND_LTARGETS@ SPROGS = bin/smbd bin/nmbd bin/swat bin/wrepld @WINBIND_STARGETS@ PROGS1 = bin/smbclient bin/net bin/smbspool bin/testparm bin/testprns bin/smbstatus bin/smbcontrol bin/smbtree bin/tdbbackup @RUNPROG@ @WINBIND_TARGETS@ -PROGS2 = bin/smbpasswd bin/rpcclient bin/smbcacls bin/profiles @WRAPPROG@ @WRAP@ @WRAP32@ @PAM_MOD@ +PROGS2 = bin/smbpasswd bin/rpcclient bin/smbcacls @WRAPPROG@ @WRAP@ @WRAP32@ @PAM_MOD@ MPROGS = @MPROGS@ LPROGS = $(WINBIND_PAM_PROGS) $(WINBIND_LPROGS) @@ -140,15 +141,12 @@ LIB_OBJ = lib/charcnv.o lib/debug.o lib/fault.o \ lib/md5.o lib/hmacmd5.o lib/iconv.o lib/smbpasswd.o \ nsswitch/wb_client.o nsswitch/wb_common.o \ lib/pam_errors.o intl/lang_tdb.o lib/account_pol.o \ - lib/adt_tree.o lib/gencache.o $(TDB_OBJ) \ - lib/module.o + lib/adt_tree.o lib/popt_common.o lib/gencache.o $(TDB_OBJ) LIB_SMBD_OBJ = lib/system_smbd.o lib/util_smbd.o READLINE_OBJ = lib/readline.o -POPT_LIB_OBJ = lib/popt_common.o - UBIQX_OBJ = ubiqx/ubi_BinTree.o ubiqx/ubi_Cache.o ubiqx/ubi_SplayTree.o \ ubiqx/ubi_dLinkList.o ubiqx/ubi_sLinkList.o ubiqx/debugparse.o @@ -225,16 +223,6 @@ PASSDB_OBJ = $(PASSDB_GET_SET_OBJ) passdb/passdb.o passdb/pdb_interface.o \ passdb/pdb_unix.o passdb/util_sam_sid.o \ passdb/pdb_compat.o passdb/pdb_nisplus.o -PDB_XML_OBJ = passdb/pdb_xml.o -PDB_MYSQL_OBJ = passdb/pdb_mysql.o - -SAM_STATIC_MODULES = sam/sam_plugin.o sam/sam_skel.o sam/sam_ads.o - -SAM_OBJ = sam/account.o sam/get_set_account.o sam/get_set_group.o \ - sam/get_set_domain.o sam/interface.o $(SAM_STATIC_MODULES) - -SAMTEST_OBJ = torture/samtest.o torture/cmd_sam.o $(SAM_OBJ) $(LIB_OBJ) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(READLINE_OBJ) lib/util_seaccess.o $(LIBADS_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(GROUPDB_OBJ) - GROUPDB_OBJ = groupdb/mapping.o # passdb/smbpass.o passdb/ldap.o passdb/nispass.o @@ -281,7 +269,7 @@ SMBD_OBJ_BASE = $(SMBD_OBJ_SRV) $(MSDFS_OBJ) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_ $(NOTIFY_OBJ) $(GROUPDB_OBJ) $(AUTH_OBJ) \ $(LIBMSRPC_OBJ) $(LIBMSRPC_SERVER_OBJ) \ $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) \ - $(LIB_SMBD_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) + $(LIB_SMBD_OBJ) $(REGISTRY_OBJ) PRINTING_OBJ = printing/pcap.o printing/print_svid.o \ @@ -308,7 +296,7 @@ NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \ nmbd/nmbd_workgroupdb.o nmbd/nmbd_synclists.o NMBD_OBJ = $(NMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \ - $(PROFILE_OBJ) $(LIB_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) + $(PROFILE_OBJ) $(LIB_OBJ) $(SECRETS_OBJ) WREPL_OBJ1 = wrepld/server.o wrepld/process.o wrepld/parser.o wrepld/socket.o \ wrepld/partners.o @@ -327,7 +315,7 @@ SMBSH_OBJ = smbwrapper/smbsh.o smbwrapper/shared.o \ $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) STATUS_OBJ = utils/status.o $(LOCKING_OBJ) $(PARAM_OBJ) \ - $(UBIQX_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) $(POPT_LIB_OBJ) + $(UBIQX_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) SMBCONTROL_OBJ = utils/smbcontrol.o $(LOCKING_OBJ) $(PARAM_OBJ) \ $(UBIQX_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) @@ -336,7 +324,7 @@ SMBTREE_OBJ = utils/smbtree.o $(LOCKING_OBJ) $(PARAM_OBJ) \ $(UBIQX_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) $(LIBSMB_OBJ) TESTPARM_OBJ = utils/testparm.o \ - $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) $(POPT_LIB_OBJ) + $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) TESTPRNS_OBJ = utils/testprns.o $(PARAM_OBJ) $(PRINTING_OBJ) $(UBIQX_OBJ) \ $(LIB_OBJ) @@ -346,8 +334,7 @@ SMBPASSWD_OBJ = utils/smbpasswd.o $(PARAM_OBJ) $(SECRETS_OBJ) \ $(UBIQX_OBJ) $(LIB_OBJ) PDBEDIT_OBJ = utils/pdbedit.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(PASSDB_OBJ) \ - $(UBIQX_OBJ) $(LIB_OBJ) $(GROUPDB_OBJ) $(SECRETS_OBJ) \ - $(POPT_LIB_OBJ) + $(UBIQX_OBJ) $(LIB_OBJ) $(GROUPDB_OBJ) $(SECRETS_OBJ) SMBGROUPEDIT_OBJ = utils/smbgroupedit.o $(GROUPDB_OBJ) $(PARAM_OBJ) \ $(LIBSMB_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) @@ -362,7 +349,7 @@ RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \ $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \ $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(LIBMSRPC_OBJ) \ $(READLINE_OBJ) $(GROUPDB_OBJ) \ - $(LIBADS_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) + $(LIBADS_OBJ) $(SECRETS_OBJ) PAM_WINBIND_OBJ = nsswitch/pam_winbind.po nsswitch/wb_common.po lib/snprintf.po @@ -385,7 +372,7 @@ LIBSMBCLIENT_OBJ = libsmb/libsmbclient.o libsmb/libsmb_compat.o \ CLIENT_OBJ1 = client/client.o client/clitar.o CLIENT_OBJ = $(CLIENT_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \ - $(READLINE_OBJ) $(POPT_LIB_OBJ) + $(READLINE_OBJ) NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_ads_cldap.o utils/net_help.o \ utils/net_rap.o utils/net_rpc.o utils/net_rpc_samsync.o \ @@ -396,7 +383,7 @@ NET_OBJ = $(NET_OBJ1) $(SECRETS_OBJ) $(LIBSMB_OBJ) \ $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \ $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \ $(LIBMSRPC_OBJ) $(LIBMSRPC_SERVER_OBJ) \ - $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) $(POPT_LIB_OBJ) + $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) CUPS_OBJ = client/smbspool.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) @@ -431,9 +418,6 @@ NSSTEST_OBJ = torture/nsstest.o $(LIBSMB_OBJ) $(PARAM_OBJ) \ VFSTEST_OBJ = torture/cmd_vfs.o torture/vfstest.o $(SMBD_OBJ_BASE) $(READLINE_OBJ) -VFS_AUDIT_OBJ = vfs/audit.o -VFS_RECYCLE_OBJ = vfs/recycle.o - LOCKTEST2_OBJ = torture/locktest2.o $(LOCKING_OBJ) $(LIBSMB_OBJ) $(PARAM_OBJ) \ $(UBIQX_OBJ) $(LIB_OBJ) @@ -467,7 +451,7 @@ PROTO_OBJ = $(SMBD_OBJ_MAIN) \ $(PRINTING_OBJ) $(PRINTBACKEND_OBJ) $(OPLOCK_OBJ) $(NOTIFY_OBJ) \ $(QUOTAOBJS) $(PASSDB_OBJ) $(GROUPDB_OBJ) $(MSDFS_OBJ) \ $(READLINE_OBJ) $(PROFILE_OBJ) $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) \ - $(LIB_SMBD_OBJ) $(SAM_OBJ) $(REGISTRY_OBJ) + $(LIB_SMBD_OBJ) $(REGISTRY_OBJ) NSS_OBJ_0 = nsswitch/wins.o $(PARAM_OBJ) $(UBIQX_OBJ) $(LIBSMB_OBJ) \ $(LIB_OBJ) $(NSSWINS_OBJ) @@ -624,14 +608,14 @@ bin/.dummy: dir=bin $(MAKEDIR); fi @: >> $@ || : > $@ # what a fancy emoticon! -bin/smbd: $(SMBD_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbd: $(SMBD_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \ - $(AUTHLIBS) $(LIBS) @BUILD_POPT@ + $(AUTHLIBS) $(LIBS) -bin/nmbd: $(NMBD_OBJ) @BUILD_POPT@ bin/.dummy +bin/nmbd: $(NMBD_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@ + @$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(LIBS) bin/wrepld: $(WREPL_OBJ) bin/.dummy @echo Linking $@ @@ -646,18 +630,14 @@ bin/rpcclient: $(RPCCLIENT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(RPCCLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @BUILD_POPT@ -bin/smbclient: $(CLIENT_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbclient: $(CLIENT_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(CLIENT_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @BUILD_POPT@ + @$(CC) $(FLAGS) -o $@ $(CLIENT_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) bin/net: $(NET_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @BUILD_POPT@ -bin/profiles: utils/profiles.o bin/.dummy - @echo Linking $@ - @$(CC) $(FLAGS) -o $@ utils/profiles.o $(LDFLAGS) $(LIBS) - bin/smbspool: $(CUPS_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(CUPS_OBJ) $(LDFLAGS) $(LIBS) @@ -674,7 +654,7 @@ bin/smbumount: $(UMOUNT_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(UMOUNT_OBJ) $(LDFLAGS) $(LIBS) -bin/testparm: $(TESTPARM_OBJ) @BUILD_POPT@ bin/.dummy +bin/testparm: $(TESTPARM_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(TESTPARM_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@ @@ -698,14 +678,10 @@ bin/smbpasswd: $(SMBPASSWD_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) -bin/pdbedit: $(PDBEDIT_OBJ) @BUILD_POPT@ bin/.dummy +bin/pdbedit: $(PDBEDIT_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @BUILD_POPT@ -bin/samtest: $(SAMTEST_OBJ) @BUILD_POPT@ bin/.dummy - @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SAMTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @BUILD_POPT@ - bin/smbgroupedit: $(SMBGROUPEDIT_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBGROUPEDIT_OBJ) $(LDFLAGS) $(LIBS) @@ -742,7 +718,7 @@ bin/nsstest: $(NSSTEST_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(NSSTEST_OBJ) $(LDFLAGS) $(LIBS) -bin/vfstest: $(VFSTEST_OBJ) @BUILD_POPT@ bin/.dummy +bin/vfstest: $(VFSTEST_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINTLIBS) $(AUTHLIBS) $(LIBS) @BUILD_POPT@ @@ -791,7 +767,8 @@ bin/libsmbclient.a: $(LIBSMBCLIENT_PICOBJS) libsmbclient: bin/libsmbclient.a bin/libsmbclient.@SHLIBEXT@ -nsswitch/libnss_wins.@SHLIBEXT@: $(NSS_OBJ) + +nsswitch/libnss_wins.so: $(NSS_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(NSS_OBJ) -lc \ @SONAMEFLAG@`basename $@` @@ -815,26 +792,6 @@ nsswitch/pam_winbind.@SHLIBEXT@: $(PAM_WINBIND_OBJ) bin/.dummy @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_WINBIND_OBJ) \ @SONAMEFLAG@`basename $@` -lpam -bin/pdb_mysql.@SHLIBEXT@: $(PDB_MYSQL_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(PDB_MYSQL_OBJ) @MYSQL_LIBS@ \ - @SONAMEFLAG@`basename $@` - -bin/pdb_xml.@SHLIBEXT@: $(PDB_XML_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(PDB_XML_OBJ) @XML_LIBS@ \ - @SONAMEFLAG@`basename $@` - -bin/vfs_audit.@SHLIBEXT@: $(VFS_AUDIT_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_AUDIT_OBJ) \ - @SONAMEFLAG@`basename $@` - -bin/vfs_recycle.@SHLIBEXT@: $(VFS_RECYCLE_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_RECYCLE_OBJ) \ - @SONAMEFLAG@`basename $@` - bin/wbinfo: $(WBINFO_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \ $(UBIQX_OBJ) $(SECRETS_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @@ -913,17 +870,11 @@ python_common_proto: $(PY_COMMON_PROTO_OBJ) python_ext: $(PYTHON_OBJS) - @if test -z "$(PYTHON)"; then \ - echo Use the option --with-python to configure python; \ - exit 1; fi PYTHON_OBJS="$(PYTHON_OBJS)" PYTHON_CFLAGS="$(CFLAGS) $(CPPFLAGS) $(FLAGS)" \ LIBS="$(LIBS)" \ $(PYTHON) python/setup.py build python_install: $(PYTHON_OBJS) - @if test -z "$(PYTHON)"; then \ - echo Use the option --with-python to configure python; \ - exit 1; fi PYTHON_OBJS="$(PYTHON_OBJS)" PYTHON_CFLAGS="$(CFLAGS) $(CPPFLAGS)" \ LIBS="$(LIBS)" \ $(PYTHON) python/setup.py install diff --git a/source3/aclocal.m4 b/source3/aclocal.m4 index 758dfa3b37..f04ec9d50d 100644 --- a/source3/aclocal.m4 +++ b/source3/aclocal.m4 @@ -103,362 +103,3 @@ else ac_cv_prog_gnu_ld=no fi]) ]) - -# Configure paths for LIBXML2 -# Toshio Kuratomi 2001-04-21 -# Adapted from: -# Configure paths for GLIB -# Owen Taylor 97-11-3 - -dnl AM_PATH_XML2([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]]]) -dnl Test for XML, and define XML_CFLAGS and XML_LIBS -dnl -AC_DEFUN(AM_PATH_XML2,[ -AC_ARG_WITH(xml-prefix, - [ --with-xml-prefix=PFX Prefix where libxml is installed (optional)], - xml_config_prefix="$withval", xml_config_prefix="") -AC_ARG_WITH(xml-exec-prefix, - [ --with-xml-exec-prefix=PFX Exec prefix where libxml is installed (optional)], - xml_config_exec_prefix="$withval", xml_config_exec_prefix="") -AC_ARG_ENABLE(xmltest, - [ --disable-xmltest Do not try to compile and run a test LIBXML program],, - enable_xmltest=yes) - - if test x$xml_config_exec_prefix != x ; then - xml_config_args="$xml_config_args --exec-prefix=$xml_config_exec_prefix" - if test x${XML2_CONFIG+set} != xset ; then - XML2_CONFIG=$xml_config_exec_prefix/bin/xml2-config - fi - fi - if test x$xml_config_prefix != x ; then - xml_config_args="$xml_config_args --prefix=$xml_config_prefix" - if test x${XML2_CONFIG+set} != xset ; then - XML2_CONFIG=$xml_config_prefix/bin/xml2-config - fi - fi - - AC_PATH_PROG(XML2_CONFIG, xml2-config, no) - min_xml_version=ifelse([$1], ,2.0.0,[$1]) - AC_MSG_CHECKING(for libxml - version >= $min_xml_version) - no_xml="" - if test "$XML2_CONFIG" = "no" ; then - no_xml=yes - else - XML_CFLAGS=`$XML2_CONFIG $xml_config_args --cflags` - XML_LIBS=`$XML2_CONFIG $xml_config_args --libs` - xml_config_major_version=`$XML2_CONFIG $xml_config_args --version | \ - sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\1/'` - xml_config_minor_version=`$XML2_CONFIG $xml_config_args --version | \ - sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\2/'` - xml_config_micro_version=`$XML2_CONFIG $xml_config_args --version | \ - sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\3/'` - if test "x$enable_xmltest" = "xyes" ; then - ac_save_CFLAGS="$CFLAGS" - ac_save_LIBS="$LIBS" - CFLAGS="$CFLAGS $XML_CFLAGS" - LIBS="$XML_LIBS $LIBS" -dnl -dnl Now check if the installed libxml is sufficiently new. -dnl (Also sanity checks the results of xml2-config to some extent) -dnl - rm -f conf.xmltest - AC_TRY_RUN([ -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <libxml/xmlversion.h> - -int -main() -{ - int xml_major_version, xml_minor_version, xml_micro_version; - int major, minor, micro; - char *tmp_version; - - system("touch conf.xmltest"); - - /* Capture xml2-config output via autoconf/configure variables */ - /* HP/UX 9 (%@#!) writes to sscanf strings */ - tmp_version = (char *)strdup("$min_xml_version"); - if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, µ) != 3) { - printf("%s, bad version string from xml2-config\n", "$min_xml_version"); - exit(1); - } - free(tmp_version); - - /* Capture the version information from the header files */ - tmp_version = (char *)strdup(LIBXML_DOTTED_VERSION); - if (sscanf(tmp_version, "%d.%d.%d", &xml_major_version, &xml_minor_version, &xml_micro_version) != 3) { - printf("%s, bad version string from libxml includes\n", "LIBXML_DOTTED_VERSION"); - exit(1); - } - free(tmp_version); - - /* Compare xml2-config output to the libxml headers */ - if ((xml_major_version != $xml_config_major_version) || - (xml_minor_version != $xml_config_minor_version) || - (xml_micro_version != $xml_config_micro_version)) - { - printf("*** libxml header files (version %d.%d.%d) do not match\n", - xml_major_version, xml_minor_version, xml_micro_version); - printf("*** xml2-config (version %d.%d.%d)\n", - $xml_config_major_version, $xml_config_minor_version, $xml_config_micro_version); - return 1; - } -/* Compare the headers to the library to make sure we match */ - /* Less than ideal -- doesn't provide us with return value feedback, - * only exits if there's a serious mismatch between header and library. - */ - LIBXML_TEST_VERSION; - - /* Test that the library is greater than our minimum version */ - if ((xml_major_version > major) || - ((xml_major_version == major) && (xml_minor_version > minor)) || - ((xml_major_version == major) && (xml_minor_version == minor) && - (xml_micro_version >= micro))) - { - return 0; - } - else - { - printf("\n*** An old version of libxml (%d.%d.%d) was found.\n", - xml_major_version, xml_minor_version, xml_micro_version); - printf("*** You need a version of libxml newer than %d.%d.%d. The latest version of\n", - major, minor, micro); - printf("*** libxml is always available from ftp://ftp.xmlsoft.org.\n"); - printf("***\n"); - printf("*** If you have already installed a sufficiently new version, this error\n"); - printf("*** probably means that the wrong copy of the xml2-config shell script is\n"); - printf("*** being found. The easiest way to fix this is to remove the old version\n"); - printf("*** of LIBXML, but you can also set the XML2_CONFIG environment to point to the\n"); - printf("*** correct copy of xml2-config. (In this case, you will have to\n"); - printf("*** modify your LD_LIBRARY_PATH enviroment variable, or edit /etc/ld.so.conf\n"); - printf("*** so that the correct libraries are found at run-time))\n"); - } - return 1; -} -],, no_xml=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"]) - CFLAGS="$ac_save_CFLAGS" - LIBS="$ac_save_LIBS" - fi - fi - - if test "x$no_xml" = x ; then - AC_MSG_RESULT(yes (version $xml_config_major_version.$xml_config_minor_version.$xml_config_micro_version)) - ifelse([$2], , :, [$2]) - else - AC_MSG_RESULT(no) - if test "$XML2_CONFIG" = "no" ; then - echo "*** The xml2-config script installed by LIBXML could not be found" - echo "*** If libxml was installed in PREFIX, make sure PREFIX/bin is in" - echo "*** your path, or set the XML2_CONFIG environment variable to the" - echo "*** full path to xml2-config." - else - if test -f conf.xmltest ; then - : - else - echo "*** Could not run libxml test program, checking why..." - CFLAGS="$CFLAGS $XML_CFLAGS" - LIBS="$LIBS $XML_LIBS" - AC_TRY_LINK([ -#include <libxml/xmlversion.h> -#include <stdio.h> -], [ LIBXML_TEST_VERSION; return 0;], - [ echo "*** The test program compiled, but did not run. This usually means" - echo "*** that the run-time linker is not finding LIBXML or finding the wrong" - echo "*** version of LIBXML. If it is not finding LIBXML, you'll need to set your" - echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point" - echo "*** to the installed location Also, make sure you have run ldconfig if that" - echo "*** is required on your system" - echo "***" - echo "*** If you have an old version installed, it is best to remove it, although" - echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH" ], - [ echo "*** The test program failed to compile or link. See the file config.log for the" - echo "*** exact error that occured. This usually means LIBXML was incorrectly installed" - echo "*** or that you have moved LIBXML since it was installed. In the latter case, you" - echo "*** may want to edit the xml2-config script: $XML2_CONFIG" ]) - CFLAGS="$ac_save_CFLAGS" - LIBS="$ac_save_LIBS" - fi - fi - - XML_CFLAGS="" - XML_LIBS="" - ifelse([$3], , :, [$3]) - fi - AC_SUBST(XML_CFLAGS) - AC_SUBST(XML_LIBS) - rm -f conf.xmltest -]) - -# ========================================================================= -# AM_PATH_MYSQL : MySQL library - -dnl AM_PATH_MYSQL([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]]]) -dnl Test for MYSQL, and define MYSQL_CFLAGS and MYSQL_LIBS -dnl -AC_DEFUN(AM_PATH_MYSQL, -[dnl -dnl Get the cflags and libraries from the mysql_config script -dnl -AC_ARG_WITH(mysql-prefix,[ --with-mysql-prefix=PFX Prefix where MYSQL is installed (optional)], - mysql_prefix="$withval", mysql_prefix="") -AC_ARG_WITH(mysql-exec-prefix,[ --with-mysql-exec-prefix=PFX Exec prefix where MYSQL is installed (optional)], - mysql_exec_prefix="$withval", mysql_exec_prefix="") -AC_ARG_ENABLE(mysqltest, [ --disable-mysqltest Do not try to compile and run a test MYSQL program], - , enable_mysqltest=yes) - - if test x$mysql_exec_prefix != x ; then - mysql_args="$mysql_args --exec-prefix=$mysql_exec_prefix" - if test x${MYSQL_CONFIG+set} != xset ; then - MYSQL_CONFIG=$mysql_exec_prefix/bin/mysql_config - fi - fi - if test x$mysql_prefix != x ; then - mysql_args="$mysql_args --prefix=$mysql_prefix" - if test x${MYSQL_CONFIG+set} != xset ; then - MYSQL_CONFIG=$mysql_prefix/bin/mysql_config - fi - fi - - AC_REQUIRE([AC_CANONICAL_TARGET]) - AC_PATH_PROG(MYSQL_CONFIG, mysql_config, no) - min_mysql_version=ifelse([$1], ,0.11.0,$1) - AC_MSG_CHECKING(for MYSQL - version >= $min_mysql_version) - no_mysql="" - if test "$MYSQL_CONFIG" = "no" ; then - no_mysql=yes - else - MYSQL_CFLAGS=`$MYSQL_CONFIG $mysqlconf_args --cflags | sed -e "s/'//g"` - MYSQL_LIBS=`$MYSQL_CONFIG $mysqlconf_args --libs | sed -e "s/'//g"` - - mysql_major_version=`$MYSQL_CONFIG $mysql_args --version | \ - sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\1/'` - mysql_minor_version=`$MYSQL_CONFIG $mysql_args --version | \ - sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\2/'` - mysql_micro_version=`$MYSQL_CONFIG $mysql_config_args --version | \ - sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\3/'` - if test "x$enable_mysqltest" = "xyes" ; then - ac_save_CFLAGS="$CFLAGS" - ac_save_LIBS="$LIBS" - CFLAGS="$CFLAGS $MYSQL_CFLAGS" - LIBS="$LIBS $MYSQL_LIBS" -dnl -dnl Now check if the installed MYSQL is sufficiently new. (Also sanity -dnl checks the results of mysql_config to some extent -dnl - rm -f conf.mysqltest - AC_TRY_RUN([ -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <mysql.h> - -char* -my_strdup (char *str) -{ - char *new_str; - - if (str) - { - new_str = (char *)malloc ((strlen (str) + 1) * sizeof(char)); - strcpy (new_str, str); - } - else - new_str = NULL; - - return new_str; -} - -int main (int argc, char *argv[]) -{ -int major, minor, micro; - char *tmp_version; - - /* This hangs on some systems (?) - system ("touch conf.mysqltest"); - */ - { FILE *fp = fopen("conf.mysqltest", "a"); if ( fp ) fclose(fp); } - - /* HP/UX 9 (%@#!) writes to sscanf strings */ - tmp_version = my_strdup("$min_mysql_version"); - if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, µ) != 3) { - printf("%s, bad version string\n", "$min_mysql_version"); - exit(1); - } - - if (($mysql_major_version > major) || - (($mysql_major_version == major) && ($mysql_minor_version > minor)) || - (($mysql_major_version == major) && ($mysql_minor_version == minor) && ($mysql_micro_version >= micro))) - { - return 0; - } - else - { - printf("\n*** 'mysql_config --version' returned %d.%d.%d, but the minimum version\n", $mysql_major_version, $mysql_minor_version, $mysql_micro_version); - printf("*** of MYSQL required is %d.%d.%d. If mysql_config is correct, then it is\n", major, minor, micro); - printf("*** best to upgrade to the required version.\n"); - printf("*** If mysql_config was wrong, set the environment variable MYSQL_CONFIG\n"); - printf("*** to point to the correct copy of mysql_config, and remove the file\n"); - printf("*** config.cache before re-running configure\n"); - return 1; - } -} - -],, no_mysql=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"]) - CFLAGS="$ac_save_CFLAGS" - LIBS="$ac_save_LIBS" - fi - fi - if test "x$no_mysql" = x ; then - AC_MSG_RESULT(yes) - ifelse([$2], , :, [$2]) - else - AC_MSG_RESULT(no) - if test "$MYSQL_CONFIG" = "no" ; then - echo "*** The mysql_config script installed by MYSQL could not be found" - echo "*** If MYSQL was installed in PREFIX, make sure PREFIX/bin is in" - echo "*** your path, or set the MYSQL_CONFIG environment variable to the" - echo "*** full path to mysql_config." - else - if test -f conf.mysqltest ; then - : - else - echo "*** Could not run MYSQL test program, checking why..." - CFLAGS="$CFLAGS $MYSQL_CFLAGS" - LIBS="$LIBS $MYSQL_LIBS" - AC_TRY_LINK([ -#include <stdio.h> -#include <mysql.h> - -int main(int argc, char *argv[]) -{ return 0; } -#undef main -#define main K_and_R_C_main -], [ return 0; ], - [ echo "*** The test program compiled, but did not run. This usually means" - echo "*** that the run-time linker is not finding MYSQL or finding the wrong" - echo "*** version of MYSQL. If it is not finding MYSQL, you'll need to set your" - echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point" - echo "*** to the installed location Also, make sure you have run ldconfig if that" - echo "*** is required on your system" - echo "***" - echo "*** If you have an old version installed, it is best to remove it, although" - echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH"], - [ echo "*** The test program failed to compile or link. See the file config.log for the" - echo "*** exact error that occured. This usually means MYSQL was incorrectly installed" - echo "*** or that you have moved MYSQL since it was installed. In the latter case, you" - echo "*** may want to edit the mysql_config script: $MYSQL_CONFIG" ]) - CFLAGS="$ac_save_CFLAGS" - LIBS="$ac_save_LIBS" - fi - fi - MYSQL_CFLAGS="" - MYSQL_LIBS="" - ifelse([$3], , :, [$3]) - fi - AC_SUBST(MYSQL_CFLAGS) - AC_SUBST(MYSQL_LIBS) - rm -f conf.mysqltest -]) - diff --git a/source3/auth/auth_builtin.c b/source3/auth/auth_builtin.c index 09b9a36cdf..d54a8660b3 100644 --- a/source3/auth/auth_builtin.c +++ b/source3/auth/auth_builtin.c @@ -41,11 +41,8 @@ static NTSTATUS check_guest_security(const struct auth_context *auth_context, NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE; if (!(user_info->internal_username.str - && *user_info->internal_username.str)) { - become_root(); + && *user_info->internal_username.str)) nt_status = make_server_info_guest(server_info); - unbecome_root(); - } return nt_status; } diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index 7252193c9a..bc98f46dc2 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -162,9 +162,12 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, } } + nt_pw = pdb_get_nt_passwd(sampass); + lm_pw = pdb_get_lanman_passwd(sampass); + auth_flags = user_info->auth_flags; - if (IS_SAM_DEFAULT(sampass, PDB_NTPASSWD)) { + if (nt_pw == NULL) { DEBUG(3,("sam_password_ok: NO NT password stored for user %s.\n", pdb_get_username(sampass))); /* No return, we want to check the LM hash below in this case */ @@ -172,7 +175,6 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, } if (auth_flags & AUTH_FLAG_NTLMv2_RESP) { - nt_pw = pdb_get_nt_passwd(sampass); /* We have the NT MD4 hash challenge available - see if we can use it (ie. does it exist in the smbpasswd file). */ @@ -189,8 +191,7 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, return NT_STATUS_WRONG_PASSWORD; } } else if (auth_flags & AUTH_FLAG_NTLM_RESP) { - if (lp_ntlm_auth()) { - nt_pw = pdb_get_nt_passwd(sampass); + if (lp_ntlm_auth()) { /* We have the NT MD4 hash challenge available - see if we can use it (ie. does it exist in the smbpasswd file). */ @@ -210,14 +211,13 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, } } - if (IS_SAM_DEFAULT(sampass, PDB_LMPASSWD)) { + if (lm_pw == NULL) { DEBUG(3,("sam_password_ok: NO LanMan password set for user %s (and no NT password supplied)\n",pdb_get_username(sampass))); auth_flags &= (~AUTH_FLAG_LM_RESP); } if (auth_flags & AUTH_FLAG_LM_RESP) { - lm_pw = pdb_get_lanman_passwd(sampass); - + if (user_info->lm_resp.length != 24) { DEBUG(2,("sam_password_ok: invalid LanMan password length (%d) for user %s\n", user_info->nt_resp.length, pdb_get_username(sampass))); @@ -235,8 +235,7 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, { return NT_STATUS_OK; } else { - if (lp_ntlm_auth() && (!IS_SAM_DEFAULT(sampass, PDB_NTPASSWD))) { - nt_pw = pdb_get_nt_passwd(sampass); + if (lp_ntlm_auth()) { /* Apparently NT accepts NT responses in the LM field - I think this is related to Win9X pass-though authentication */ diff --git a/source3/bin/.cvsignore b/source3/bin/.cvsignore index 6a4d52da31..de6085d526 100644 --- a/source3/bin/.cvsignore +++ b/source3/bin/.cvsignore @@ -12,7 +12,6 @@ nmbd nmblookup nsstest pdbedit -profiles rpcclient samsync smbcacls diff --git a/source3/client/client.c b/source3/client/client.c index 96b9837fef..0b10a9fa0a 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -94,10 +94,10 @@ static pstring fileselection = ""; extern file_info def_finfo; /* timing globals */ -SMB_BIG_UINT get_total_size = 0; -unsigned int get_total_time_ms = 0; -static SMB_BIG_UINT put_total_size = 0; -static unsigned int put_total_time_ms = 0; +int get_total_size = 0; +int get_total_time_ms = 0; +static int put_total_size = 0; +static int put_total_time_ms = 0; /* totals globals */ static double dir_total; diff --git a/source3/client/testsmbc.c b/source3/client/testsmbc.c new file mode 100644 index 0000000000..ec98774dcf --- /dev/null +++ b/source3/client/testsmbc.c @@ -0,0 +1,455 @@ +/* + Unix SMB/CIFS implementation. + SMB client library test program + Copyright (C) Andrew Tridgell 1998 + Copyright (C) Richard Sharpe 2000 + Copyright (C) John Terpsra 2000 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include <stdio.h> +#include <errno.h> +#include <sys/time.h> +#include <string.h> +#include <unistd.h> +#include <stdlib.h> +#include <libsmbclient.h> + +void auth_fn(const char *server, const char *share, + char *workgroup, int wgmaxlen, char *username, int unmaxlen, + char *password, int pwmaxlen) +{ + char temp[128]; + + fprintf(stdout, "Need password for //%s/%s\n", server, share); + + fprintf(stdout, "Enter workgroup: [%s] ", workgroup); + fgets(temp, sizeof(temp), stdin); + + if (temp[strlen(temp) - 1] == 0x0a) /* A new line? */ + temp[strlen(temp) - 1] = 0x00; + + if (temp[0]) strncpy(workgroup, temp, wgmaxlen - 1); + + fprintf(stdout, "Enter username: [%s] ", username); + fgets(temp, sizeof(temp), stdin); + + if (temp[strlen(temp) - 1] == 0x0a) /* A new line? */ + temp[strlen(temp) - 1] = 0x00; + + if (temp[0]) strncpy(username, temp, unmaxlen - 1); + + fprintf(stdout, "Enter password: [%s] ", password); + fgets(temp, sizeof(temp), stdin); + + if (temp[strlen(temp) - 1] == 0x0a) /* A new line? */ + temp[strlen(temp) - 1] = 0x00; + + if (temp[0]) strncpy(password, temp, pwmaxlen - 1); + +} + +int global_id = 0; + +void print_list_fn(struct print_job_info *pji) +{ + + fprintf(stdout, "Print job: ID: %u, Prio: %u, Size: %u, User: %s, Name: %s\n", + pji->id, pji->priority, pji->size, pji->user, pji->name); + + global_id = pji->id; + +} + +int main(int argc, char *argv[]) +{ + int err, fd, dh1, dh2, dh3, dsize, dirc; + const char *file = "smb://samba/public/testfile.txt"; + const char *file2 = "smb://samba/public/testfile2.txt"; + char buff[256]; + char dirbuf[512]; + char *dirp; + struct stat st1, st2; + + err = smbc_init(auth_fn, 10); /* Initialize things */ + + if (err < 0) { + + fprintf(stderr, "Initializing the smbclient library ...: %s\n", strerror(errno)); + + } + + if (argc > 1) { + + /* Try to list the print jobs ... */ + + if (smbc_list_print_jobs("smb://samba/pclp", print_list_fn) < 0) { + + fprintf(stderr, "Could not list print jobs: %s, %d\n", strerror(errno), errno); + exit(1); + + } + + /* Try to delete the last job listed */ + + if (global_id > 0) { + + fprintf(stdout, "Trying to delete print job %u\n", global_id); + + if (smbc_unlink_print_job("smb://samba/pclp", global_id) < 0) { + + fprintf(stderr, "Failed to unlink job id %u, %s, %u\n", global_id, + strerror(errno), errno); + + exit(1); + + } + + } + + /* Try to print a file ... */ + + if (smbc_print_file("smb://samba/public/testfile2.txt", "smb://samba/pclp") < 0) { + + fprintf(stderr, "Failed to print job: %s %u\n", strerror(errno), errno); + exit(1); + + } + + /* Try to delete argv[1] as a file ... */ + + if (smbc_unlink(argv[1]) < 0) { + + fprintf(stderr, "Could not unlink: %s, %s, %d\n", + argv[1], strerror(errno), errno); + + exit(0); + + } + + if ((dh1 = smbc_opendir("smb://"))<1) { + + fprintf(stderr, "Could not open directory: smb://: %s\n", + strerror(errno)); + + exit(1); + + } + + if ((dh2 = smbc_opendir("smb://sambanet")) < 0) { + + fprintf(stderr, "Could not open directory: smb://sambanet: %s\n", + strerror(errno)); + + exit(1); + + } + + if ((dh3 = smbc_opendir("smb://samba")) < 0) { + + fprintf(stderr, "Could not open directory: smb://samba: %s\n", + strerror(errno)); + + exit(1); + + } + + fprintf(stdout, "Directory handles: %u, %u, %u\n", dh1, dh2, dh3); + + /* Now, list those directories, but in funny ways ... */ + + dirp = (char *)dirbuf; + + if ((dirc = smbc_getdents(dh1, (struct smbc_dirent *)dirp, + sizeof(dirbuf))) < 0) { + + fprintf(stderr, "Problems getting directory entries: %s\n", + strerror(errno)); + + exit(1); + + } + + /* Now, process the list of names ... */ + + fprintf(stdout, "Directory listing, size = %u\n", dirc); + + while (dirc > 0) { + + dsize = ((struct smbc_dirent *)dirp)->dirlen; + fprintf(stdout, "Dir Ent, Type: %u, Name: %s, Comment: %s\n", + ((struct smbc_dirent *)dirp)->smbc_type, + ((struct smbc_dirent *)dirp)->name, + ((struct smbc_dirent *)dirp)->comment); + + dirp += dsize; + (char *)dirc -= dsize; + + } + + dirp = (char *)dirbuf; + + if ((dirc = smbc_getdents(dh2, (struct smbc_dirent *)dirp, + sizeof(dirbuf))) < 0) { + + fprintf(stderr, "Problems getting directory entries: %s\n", + strerror(errno)); + + exit(1); + + } + + /* Now, process the list of names ... */ + + fprintf(stdout, "\nDirectory listing, size = %u\n", dirc); + + while (dirc > 0) { + + dsize = ((struct smbc_dirent *)dirp)->dirlen; + fprintf(stdout, "Dir Ent, Type: %u, Name: %s, Comment: %s\n", + ((struct smbc_dirent *)dirp)->smbc_type, + ((struct smbc_dirent *)dirp)->name, + ((struct smbc_dirent *)dirp)->comment); + + dirp += dsize; + (char *)dirc -= dsize; + + } + + dirp = (char *)dirbuf; + + if ((dirc = smbc_getdents(dh3, (struct smbc_dirent *)dirp, + sizeof(dirbuf))) < 0) { + + fprintf(stderr, "Problems getting directory entries: %s\n", + strerror(errno)); + + exit(1); + + } + + /* Now, process the list of names ... */ + + fprintf(stdout, "Directory listing, size = %u\n", dirc); + + while (dirc > 0) { + + dsize = ((struct smbc_dirent *)dirp)->dirlen; + fprintf(stdout, "\nDir Ent, Type: %u, Name: %s, Comment: %s\n", + ((struct smbc_dirent *)dirp)->smbc_type, + ((struct smbc_dirent *)dirp)->name, + ((struct smbc_dirent *)dirp)->comment); + + (char *)dirp += dsize; + (char *)dirc -= dsize; + + } + + exit(1); + + } + + /* For now, open a file on a server that is hard coded ... later will + * read from the command line ... + */ + + fd = smbc_open(file, O_RDWR | O_CREAT | O_TRUNC, 0666); + + if (fd < 0) { + + fprintf(stderr, "Creating file: %s: %s\n", file, strerror(errno)); + exit(0); + + } + + fprintf(stdout, "Opened or created file: %s\n", file); + + /* Now, write some date to the file ... */ + + bzero(buff, sizeof(buff)); + strcpy(buff, "Some test data for the moment ..."); + + err = smbc_write(fd, buff, sizeof(buff)); + + if (err < 0) { + + fprintf(stderr, "writing file: %s: %s\n", file, strerror(errno)); + exit(0); + + } + + fprintf(stdout, "Wrote %d bytes to file: %s\n", sizeof(buff), buff); + + /* Now, seek the file back to offset 0 */ + + err = smbc_lseek(fd, SEEK_SET, 0); + + if (err < 0) { + + fprintf(stderr, "Seeking file: %s: %s\n", file, strerror(errno)); + exit(0); + + } + + fprintf(stdout, "Completed lseek on file: %s\n", file); + + /* Now, read the file contents back ... */ + + err = smbc_read(fd, buff, sizeof(buff)); + + if (err < 0) { + + fprintf(stderr, "Reading file: %s: %s\n", file, strerror(errno)); + exit(0); + + } + + fprintf(stdout, "Read file: %s\n", buff); /* Should check the contents */ + + fprintf(stdout, "Now fstat'ing file: %s\n", file); + + err = smbc_fstat(fd, &st1); + + if (err < 0) { + + fprintf(stderr, "Fstat'ing file: %s: %s\n", file, strerror(errno)); + exit(0); + + } + + + /* Now, close the file ... */ + + err = smbc_close(fd); + + if (err < 0) { + + fprintf(stderr, "Closing file: %s: %s\n", file, strerror(errno)); + + } + + /* Now, rename the file ... */ + + err = smbc_rename(file, file2); + + if (err < 0) { + + fprintf(stderr, "Renaming file: %s to %s: %s\n", file, file2, strerror(errno)); + + } + + fprintf(stdout, "Renamed file %s to %s\n", file, file2); + + /* Now, create a file and delete it ... */ + + fprintf(stdout, "Now, creating file: %s so we can delete it.\n", file); + + fd = smbc_open(file, O_RDWR | O_CREAT, 0666); + + if (fd < 0) { + + fprintf(stderr, "Creating file: %s: %s\n", file, strerror(errno)); + exit(0); + + } + + fprintf(stdout, "Opened or created file: %s\n", file); + + err = smbc_close(fd); + + if (err < 0) { + + fprintf(stderr, "Closing file: %s: %s\n", file, strerror(errno)); + exit(0); + + } + + /* Now, delete the file ... */ + + fprintf(stdout, "File %s created, now deleting ...\n", file); + + err = smbc_unlink(file); + + if (err < 0) { + + fprintf(stderr, "Deleting file: %s: %s\n", file, strerror(errno)); + exit(0); + + } + + /* Now, stat the file, file 2 ... */ + + fprintf(stdout, "Now stat'ing file: %s\n", file); + + err = smbc_stat(file2, &st2); + + if (err < 0) { + + fprintf(stderr, "Stat'ing file: %s: %s\n", file, strerror(errno)); + exit(0); + + } + + fprintf(stdout, "Stat'ed file: %s. Size = %d, mode = %04X\n", file2, + (int)st2.st_size, st2.st_mode); + fprintf(stdout, " time: %s\n", ctime(&st2.st_atime)); + fprintf(stdout, "Earlier stat: %s, Size = %d, mode = %04X\n", file, + (int)st1.st_size, st1.st_mode); + fprintf(stdout, " time: %s\n", ctime(&st1.st_atime)); + + /* Now, make a directory ... */ + + fprintf(stdout, "Making directory smb://samba/public/make-dir\n"); + + if (smbc_mkdir("smb://samba/public/make-dir", 0666) < 0) { + + fprintf(stderr, "Error making directory: smb://samba/public/make-dir: %s\n", + strerror(errno)); + + if (errno == EEXIST) { /* Try to delete the directory */ + + fprintf(stdout, "Trying to delete directory: smb://samba/public/make-dir\n"); + + if (smbc_rmdir("smb://samba/public/make-dir") < 0) { /* Error */ + + fprintf(stderr, "Error removing directory: smb://samba/public/make-dir: %s\n", strerror(errno)); + + exit(0); + + } + + fprintf(stdout, "Making directory: smb://samba/public/make-dir\n"); + + if (smbc_mkdir("smb://samba/public/make-dir", 666) < 0) { + + fprintf(stderr, "Error making directory: smb://samba/public/make-dir: %s\n", + strerror(errno)); + + fprintf(stderr, "I give up!\n"); + + exit(1); + + } + + } + + exit(0); + + } + + fprintf(stdout, "Made dir: make-dir\n"); + return 0; +} diff --git a/source3/configure b/source3/configure index a04d3a5c1e..57263e77b7 100755 --- a/source3/configure +++ b/source3/configure @@ -306,7 +306,7 @@ ac_includes_default="\ # include <unistd.h> #endif" -ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS configdir lockdir piddir logfilebase privatedir swatdir RUNPROG MPROGS LDSHFLAGS SONAMEFLAG SHLD HOST_OS PAM_MOD WRAP WRAP32 WRAPPROG PICFLAG PICSUFFIX POBAD_CC SHLIBEXT LIBSMBCLIENT_SHARED LIBSMBCLIENT PRINTLIBS AUTHLIBS CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA AWK BROKEN_CC build build_cpu build_vendor build_os host host_cpu host_vendor host_os target target_cpu target_vendor target_os CPP EGREP CUPS_CONFIG LIBOBJS TERMLIBS TERMLDFLAGS ROFF DYNEXP MYSQL_CONFIG MYSQL_CFLAGS MYSQL_LIBS XML2_CONFIG XML_CFLAGS XML_LIBS QUOTAOBJS manlangs WINBIND_TARGETS WINBIND_STARGETS WINBIND_LTARGETS WINBIND_PAM_TARGETS WINBIND_NSS_EXTRA_OBJS WINBIND_NSS_EXTRA_LIBS BUILD_POPT FLAGS1 PYTHON builddir LTLIBOBJS' +ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS configdir lockdir piddir logfilebase privatedir swatdir RUNPROG MPROGS LDSHFLAGS SONAMEFLAG SHLD HOST_OS PAM_MOD WRAP WRAP32 WRAPPROG PICFLAG PICSUFFIX POBAD_CC SHLIBEXT LIBSMBCLIENT_SHARED LIBSMBCLIENT PRINTLIBS AUTHLIBS CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA AWK BROKEN_CC build build_cpu build_vendor build_os host host_cpu host_vendor host_os target target_cpu target_vendor target_os CPP EGREP CUPS_CONFIG LIBOBJS TERMLIBS TERMLDFLAGS ROFF DYNEXP QUOTAOBJS manlangs WINBIND_TARGETS WINBIND_STARGETS WINBIND_LTARGETS WINBIND_PAM_TARGETS WINBIND_NSS_EXTRA_OBJS WINBIND_NSS_EXTRA_LIBS BUILD_POPT FLAGS1 PYTHON builddir LTLIBOBJS' ac_subst_files='' # Initialize some variables set by options. @@ -847,8 +847,6 @@ Optional Features: --enable-krb5developer Turn on developer warnings and debugging, except -Wstrict-prototypes (default=no) --enable-dmalloc Enable heap debugging default=no --enable-cups Turn on CUPS support (default=auto) - --disable-mysqltest Do not try to compile and run a test MYSQL program - --disable-xmltest Do not try to compile and run a test LIBXML program Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] @@ -868,15 +866,10 @@ Optional Packages: --with-ads Active Directory support (default yes) --with-krb5=base-dir Locate Kerberos 5 support (default=/usr) --with-ldap LDAP support (default yes) - --with-mysql-prefix=PFX Prefix where MYSQL is installed (optional) - --with-mysql-exec-prefix=PFX Exec prefix where MYSQL is installed (optional) - --with-xml-prefix=PFX Prefix where libxml is installed (optional) - --with-xml-exec-prefix=PFX Exec prefix where libxml is installed (optional) --with-automount Include AUTOMOUNT support (default=no) --with-smbmount Include SMBMOUNT (Linux only) support (default=no) --with-pam Include PAM support (default=no) --with-pam_smbpass Build a PAM module to allow other applications to use our smbpasswd file (default=no) - --with-sam Build new (experimental) SAM database (default=no) --with-ldapsam Include LDAP SAM 2.2 compatible configuration (default=no) --with-tdbsam Include experimental TDB SAM support (default=no) --with-nisplussam Include NISPLUS SAM support (default=no) @@ -11532,8 +11525,7 @@ done - -for ac_func in syslog vsyslog getgrouplist timegm +for ac_func in syslog vsyslog getgrouplist do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_func" >&5 @@ -20148,571 +20140,6 @@ _ACEOF fi fi -######################################################## -# Compile with MySQL support? - -# Check whether --with-mysql-prefix or --without-mysql-prefix was given. -if test "${with_mysql_prefix+set}" = set; then - withval="$with_mysql_prefix" - mysql_prefix="$withval" -else - mysql_prefix="" -fi; - -# Check whether --with-mysql-exec-prefix or --without-mysql-exec-prefix was given. -if test "${with_mysql_exec_prefix+set}" = set; then - withval="$with_mysql_exec_prefix" - mysql_exec_prefix="$withval" -else - mysql_exec_prefix="" -fi; -# Check whether --enable-mysqltest or --disable-mysqltest was given. -if test "${enable_mysqltest+set}" = set; then - enableval="$enable_mysqltest" - -else - enable_mysqltest=yes -fi; - - if test x$mysql_exec_prefix != x ; then - mysql_args="$mysql_args --exec-prefix=$mysql_exec_prefix" - if test x${MYSQL_CONFIG+set} != xset ; then - MYSQL_CONFIG=$mysql_exec_prefix/bin/mysql_config - fi - fi - if test x$mysql_prefix != x ; then - mysql_args="$mysql_args --prefix=$mysql_prefix" - if test x${MYSQL_CONFIG+set} != xset ; then - MYSQL_CONFIG=$mysql_prefix/bin/mysql_config - fi - fi - - - # Extract the first word of "mysql_config", so it can be a program name with args. -set dummy mysql_config; ac_word=$2 -echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 -if test "${ac_cv_path_MYSQL_CONFIG+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - case $MYSQL_CONFIG in - [\\/]* | ?:[\\/]*) - ac_cv_path_MYSQL_CONFIG="$MYSQL_CONFIG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_MYSQL_CONFIG="$as_dir/$ac_word$ac_exec_ext" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done - - test -z "$ac_cv_path_MYSQL_CONFIG" && ac_cv_path_MYSQL_CONFIG="no" - ;; -esac -fi -MYSQL_CONFIG=$ac_cv_path_MYSQL_CONFIG - -if test -n "$MYSQL_CONFIG"; then - echo "$as_me:$LINENO: result: $MYSQL_CONFIG" >&5 -echo "${ECHO_T}$MYSQL_CONFIG" >&6 -else - echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6 -fi - - min_mysql_version=0.11.0 - echo "$as_me:$LINENO: checking for MYSQL - version >= $min_mysql_version" >&5 -echo $ECHO_N "checking for MYSQL - version >= $min_mysql_version... $ECHO_C" >&6 - no_mysql="" - if test "$MYSQL_CONFIG" = "no" ; then - no_mysql=yes - else - MYSQL_CFLAGS=`$MYSQL_CONFIG $mysqlconf_args --cflags | sed -e "s/'//g"` - MYSQL_LIBS=`$MYSQL_CONFIG $mysqlconf_args --libs | sed -e "s/'//g"` - - mysql_major_version=`$MYSQL_CONFIG $mysql_args --version | \ - sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\1/'` - mysql_minor_version=`$MYSQL_CONFIG $mysql_args --version | \ - sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\2/'` - mysql_micro_version=`$MYSQL_CONFIG $mysql_config_args --version | \ - sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\3/'` - if test "x$enable_mysqltest" = "xyes" ; then - ac_save_CFLAGS="$CFLAGS" - ac_save_LIBS="$LIBS" - CFLAGS="$CFLAGS $MYSQL_CFLAGS" - LIBS="$LIBS $MYSQL_LIBS" - rm -f conf.mysqltest - if test "$cross_compiling" = yes; then - echo $ac_n "cross compiling; assumed OK... $ac_c" -else - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <mysql.h> - -char* -my_strdup (char *str) -{ - char *new_str; - - if (str) - { - new_str = (char *)malloc ((strlen (str) + 1) * sizeof(char)); - strcpy (new_str, str); - } - else - new_str = NULL; - - return new_str; -} - -int main (int argc, char *argv[]) -{ -int major, minor, micro; - char *tmp_version; - - /* This hangs on some systems (?) - system ("touch conf.mysqltest"); - */ - { FILE *fp = fopen("conf.mysqltest", "a"); if ( fp ) fclose(fp); } - - /* HP/UX 9 (%@#!) writes to sscanf strings */ - tmp_version = my_strdup("$min_mysql_version"); - if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, µ) != 3) { - printf("%s, bad version string\n", "$min_mysql_version"); - exit(1); - } - - if (($mysql_major_version > major) || - (($mysql_major_version == major) && ($mysql_minor_version > minor)) || - (($mysql_major_version == major) && ($mysql_minor_version == minor) && ($mysql_micro_version >= micro))) - { - return 0; - } - else - { - printf("\n*** 'mysql_config --version' returned %d.%d.%d, but the minimum version\n", $mysql_major_version, $mysql_minor_version, $mysql_micro_version); - printf("*** of MYSQL required is %d.%d.%d. If mysql_config is correct, then it is\n", major, minor, micro); - printf("*** best to upgrade to the required version.\n"); - printf("*** If mysql_config was wrong, set the environment variable MYSQL_CONFIG\n"); - printf("*** to point to the correct copy of mysql_config, and remove the file\n"); - printf("*** config.cache before re-running configure\n"); - return 1; - } -} - - -_ACEOF -rm -f conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - : -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -( exit $ac_status ) -no_mysql=yes -fi -rm -f core core.* *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - CFLAGS="$ac_save_CFLAGS" - LIBS="$ac_save_LIBS" - fi - fi - if test "x$no_mysql" = x ; then - echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6 - : - else - echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6 - if test "$MYSQL_CONFIG" = "no" ; then - echo "*** The mysql_config script installed by MYSQL could not be found" - echo "*** If MYSQL was installed in PREFIX, make sure PREFIX/bin is in" - echo "*** your path, or set the MYSQL_CONFIG environment variable to the" - echo "*** full path to mysql_config." - else - if test -f conf.mysqltest ; then - : - else - echo "*** Could not run MYSQL test program, checking why..." - CFLAGS="$CFLAGS $MYSQL_CFLAGS" - LIBS="$LIBS $MYSQL_LIBS" - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" - -#include <stdio.h> -#include <mysql.h> - -int main(int argc, char *argv[]) -{ return 0; } -#undef main -#define main K_and_R_C_main - -int -main () -{ - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - echo "*** The test program compiled, but did not run. This usually means" - echo "*** that the run-time linker is not finding MYSQL or finding the wrong" - echo "*** version of MYSQL. If it is not finding MYSQL, you'll need to set your" - echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point" - echo "*** to the installed location Also, make sure you have run ldconfig if that" - echo "*** is required on your system" - echo "***" - echo "*** If you have an old version installed, it is best to remove it, although" - echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH" -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 - echo "*** The test program failed to compile or link. See the file config.log for the" - echo "*** exact error that occured. This usually means MYSQL was incorrectly installed" - echo "*** or that you have moved MYSQL since it was installed. In the latter case, you" - echo "*** may want to edit the mysql_config script: $MYSQL_CONFIG" -fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext - CFLAGS="$ac_save_CFLAGS" - LIBS="$ac_save_LIBS" - fi - fi - MYSQL_CFLAGS="" - MYSQL_LIBS="" - : - fi - - - rm -f conf.mysqltest - -CFLAGS="$CFLAGS $MYSQL_CFLAGS" - - -######################################################## -# Compile with XML support? - - -# Check whether --with-xml-prefix or --without-xml-prefix was given. -if test "${with_xml_prefix+set}" = set; then - withval="$with_xml_prefix" - xml_config_prefix="$withval" -else - xml_config_prefix="" -fi; - -# Check whether --with-xml-exec-prefix or --without-xml-exec-prefix was given. -if test "${with_xml_exec_prefix+set}" = set; then - withval="$with_xml_exec_prefix" - xml_config_exec_prefix="$withval" -else - xml_config_exec_prefix="" -fi; -# Check whether --enable-xmltest or --disable-xmltest was given. -if test "${enable_xmltest+set}" = set; then - enableval="$enable_xmltest" - -else - enable_xmltest=yes -fi; - - if test x$xml_config_exec_prefix != x ; then - xml_config_args="$xml_config_args --exec-prefix=$xml_config_exec_prefix" - if test x${XML2_CONFIG+set} != xset ; then - XML2_CONFIG=$xml_config_exec_prefix/bin/xml2-config - fi - fi - if test x$xml_config_prefix != x ; then - xml_config_args="$xml_config_args --prefix=$xml_config_prefix" - if test x${XML2_CONFIG+set} != xset ; then - XML2_CONFIG=$xml_config_prefix/bin/xml2-config - fi - fi - - # Extract the first word of "xml2-config", so it can be a program name with args. -set dummy xml2-config; ac_word=$2 -echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 -if test "${ac_cv_path_XML2_CONFIG+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - case $XML2_CONFIG in - [\\/]* | ?:[\\/]*) - ac_cv_path_XML2_CONFIG="$XML2_CONFIG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_XML2_CONFIG="$as_dir/$ac_word$ac_exec_ext" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done - - test -z "$ac_cv_path_XML2_CONFIG" && ac_cv_path_XML2_CONFIG="no" - ;; -esac -fi -XML2_CONFIG=$ac_cv_path_XML2_CONFIG - -if test -n "$XML2_CONFIG"; then - echo "$as_me:$LINENO: result: $XML2_CONFIG" >&5 -echo "${ECHO_T}$XML2_CONFIG" >&6 -else - echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6 -fi - - min_xml_version=2.0.0 - echo "$as_me:$LINENO: checking for libxml - version >= $min_xml_version" >&5 -echo $ECHO_N "checking for libxml - version >= $min_xml_version... $ECHO_C" >&6 - no_xml="" - if test "$XML2_CONFIG" = "no" ; then - no_xml=yes - else - XML_CFLAGS=`$XML2_CONFIG $xml_config_args --cflags` - XML_LIBS=`$XML2_CONFIG $xml_config_args --libs` - xml_config_major_version=`$XML2_CONFIG $xml_config_args --version | \ - sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\1/'` - xml_config_minor_version=`$XML2_CONFIG $xml_config_args --version | \ - sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\2/'` - xml_config_micro_version=`$XML2_CONFIG $xml_config_args --version | \ - sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\3/'` - if test "x$enable_xmltest" = "xyes" ; then - ac_save_CFLAGS="$CFLAGS" - ac_save_LIBS="$LIBS" - CFLAGS="$CFLAGS $XML_CFLAGS" - LIBS="$XML_LIBS $LIBS" - rm -f conf.xmltest - if test "$cross_compiling" = yes; then - echo $ac_n "cross compiling; assumed OK... $ac_c" -else - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" - -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <libxml/xmlversion.h> - -int -main() -{ - int xml_major_version, xml_minor_version, xml_micro_version; - int major, minor, micro; - char *tmp_version; - - system("touch conf.xmltest"); - - /* Capture xml2-config output via autoconf/configure variables */ - /* HP/UX 9 (%@#!) writes to sscanf strings */ - tmp_version = (char *)strdup("$min_xml_version"); - if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, µ) != 3) { - printf("%s, bad version string from xml2-config\n", "$min_xml_version"); - exit(1); - } - free(tmp_version); - - /* Capture the version information from the header files */ - tmp_version = (char *)strdup(LIBXML_DOTTED_VERSION); - if (sscanf(tmp_version, "%d.%d.%d", &xml_major_version, &xml_minor_version, &xml_micro_version) != 3) { - printf("%s, bad version string from libxml includes\n", "LIBXML_DOTTED_VERSION"); - exit(1); - } - free(tmp_version); - - /* Compare xml2-config output to the libxml headers */ - if ((xml_major_version != $xml_config_major_version) || - (xml_minor_version != $xml_config_minor_version) || - (xml_micro_version != $xml_config_micro_version)) - { - printf("*** libxml header files (version %d.%d.%d) do not match\n", - xml_major_version, xml_minor_version, xml_micro_version); - printf("*** xml2-config (version %d.%d.%d)\n", - $xml_config_major_version, $xml_config_minor_version, $xml_config_micro_version); - return 1; - } -/* Compare the headers to the library to make sure we match */ - /* Less than ideal -- doesn't provide us with return value feedback, - * only exits if there's a serious mismatch between header and library. - */ - LIBXML_TEST_VERSION; - - /* Test that the library is greater than our minimum version */ - if ((xml_major_version > major) || - ((xml_major_version == major) && (xml_minor_version > minor)) || - ((xml_major_version == major) && (xml_minor_version == minor) && - (xml_micro_version >= micro))) - { - return 0; - } - else - { - printf("\n*** An old version of libxml (%d.%d.%d) was found.\n", - xml_major_version, xml_minor_version, xml_micro_version); - printf("*** You need a version of libxml newer than %d.%d.%d. The latest version of\n", - major, minor, micro); - printf("*** libxml is always available from ftp://ftp.xmlsoft.org.\n"); - printf("***\n"); - printf("*** If you have already installed a sufficiently new version, this error\n"); - printf("*** probably means that the wrong copy of the xml2-config shell script is\n"); - printf("*** being found. The easiest way to fix this is to remove the old version\n"); - printf("*** of LIBXML, but you can also set the XML2_CONFIG environment to point to the\n"); - printf("*** correct copy of xml2-config. (In this case, you will have to\n"); - printf("*** modify your LD_LIBRARY_PATH enviroment variable, or edit /etc/ld.so.conf\n"); - printf("*** so that the correct libraries are found at run-time))\n"); - } - return 1; -} - -_ACEOF -rm -f conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - : -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -( exit $ac_status ) -no_xml=yes -fi -rm -f core core.* *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - CFLAGS="$ac_save_CFLAGS" - LIBS="$ac_save_LIBS" - fi - fi - - if test "x$no_xml" = x ; then - echo "$as_me:$LINENO: result: yes (version $xml_config_major_version.$xml_config_minor_version.$xml_config_micro_version)" >&5 -echo "${ECHO_T}yes (version $xml_config_major_version.$xml_config_minor_version.$xml_config_micro_version)" >&6 - : - else - echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6 - if test "$XML2_CONFIG" = "no" ; then - echo "*** The xml2-config script installed by LIBXML could not be found" - echo "*** If libxml was installed in PREFIX, make sure PREFIX/bin is in" - echo "*** your path, or set the XML2_CONFIG environment variable to the" - echo "*** full path to xml2-config." - else - if test -f conf.xmltest ; then - : - else - echo "*** Could not run libxml test program, checking why..." - CFLAGS="$CFLAGS $XML_CFLAGS" - LIBS="$LIBS $XML_LIBS" - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" - -#include <libxml/xmlversion.h> -#include <stdio.h> - -int -main () -{ - LIBXML_TEST_VERSION; return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - echo "*** The test program compiled, but did not run. This usually means" - echo "*** that the run-time linker is not finding LIBXML or finding the wrong" - echo "*** version of LIBXML. If it is not finding LIBXML, you'll need to set your" - echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point" - echo "*** to the installed location Also, make sure you have run ldconfig if that" - echo "*** is required on your system" - echo "***" - echo "*** If you have an old version installed, it is best to remove it, although" - echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH" -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 - echo "*** The test program failed to compile or link. See the file config.log for the" - echo "*** exact error that occured. This usually means LIBXML was incorrectly installed" - echo "*** or that you have moved LIBXML since it was installed. In the latter case, you" - echo "*** may want to edit the xml2-config script: $XML2_CONFIG" -fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext - CFLAGS="$ac_save_CFLAGS" - LIBS="$ac_save_LIBS" - fi - fi - - XML_CFLAGS="" - XML_LIBS="" - : - fi - - - rm -f conf.xmltest - -CFLAGS="$CFLAGS $XML_CFLAGS" - ################################################# # check for automount support echo "$as_me:$LINENO: checking whether to use AUTOMOUNT" >&5 @@ -21107,36 +20534,6 @@ _ACEOF fi fi -# New experimental SAM system - -echo "$as_me:$LINENO: checking whether to build the new (experimental) SAM database" >&5 -echo $ECHO_N "checking whether to build the new (experimental) SAM database... $ECHO_C" >&6 - -# Check whether --with-sam or --without-sam was given. -if test "${with_sam+set}" = set; then - withval="$with_sam" - case "$withval" in - yes) - echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6 - -cat >>confdefs.h <<\_ACEOF -#define WITH_SAM 1 -_ACEOF - - ;; - *) - echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6 - ;; - esac -else - echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6 - -fi; - - ######################################################################################## ## ## TESTS FOR SAM BACKENDS. KEEP THESE GROUPED TOGETHER @@ -21473,7 +20870,7 @@ echo "$as_me: WARNING: --with-manpages-langs called without argument - will use echo "$as_me:$LINENO: result: $manlangs" >&5 echo "${ECHO_T}$manlangs" >&6 - manlangs=`echo $manlangs | sed "s/,/ /g"` # replacing commas with spaces to produce a list + manlangs=`echo $manlangs | sed "s/,/ /"` # replacing commas with spaces to produce a list else manlangs="en" @@ -23296,7 +22693,7 @@ builddir=`pwd` # I added make files that are outside /source directory. # I know this is not a good solution, will work out a better # solution soon. --simo - ac_config_files="$ac_config_files include/stamp-h Makefile script/findsmb ../examples/VFS/Makefile ../examples/sam/Makefile" + ac_config_files="$ac_config_files include/stamp-h Makefile script/findsmb ../examples/VFS/Makefile ../examples/pdb/mysql/Makefile ../examples/pdb/xml/Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure @@ -23805,7 +23202,8 @@ do "Makefile" ) CONFIG_FILES="$CONFIG_FILES Makefile" ;; "script/findsmb" ) CONFIG_FILES="$CONFIG_FILES script/findsmb" ;; "../examples/VFS/Makefile" ) CONFIG_FILES="$CONFIG_FILES ../examples/VFS/Makefile" ;; - "../examples/sam/Makefile" ) CONFIG_FILES="$CONFIG_FILES ../examples/sam/Makefile" ;; + "../examples/pdb/mysql/Makefile" ) CONFIG_FILES="$CONFIG_FILES ../examples/pdb/mysql/Makefile" ;; + "../examples/pdb/xml/Makefile" ) CONFIG_FILES="$CONFIG_FILES ../examples/pdb/xml/Makefile" ;; "include/config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS include/config.h" ;; *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 echo "$as_me: error: invalid argument: $ac_config_target" >&2;} @@ -23944,12 +23342,6 @@ s,@TERMLIBS@,$TERMLIBS,;t t s,@TERMLDFLAGS@,$TERMLDFLAGS,;t t s,@ROFF@,$ROFF,;t t s,@DYNEXP@,$DYNEXP,;t t -s,@MYSQL_CONFIG@,$MYSQL_CONFIG,;t t -s,@MYSQL_CFLAGS@,$MYSQL_CFLAGS,;t t -s,@MYSQL_LIBS@,$MYSQL_LIBS,;t t -s,@XML2_CONFIG@,$XML2_CONFIG,;t t -s,@XML_CFLAGS@,$XML_CFLAGS,;t t -s,@XML_LIBS@,$XML_LIBS,;t t s,@QUOTAOBJS@,$QUOTAOBJS,;t t s,@manlangs@,$manlangs,;t t s,@WINBIND_TARGETS@,$WINBIND_TARGETS,;t t diff --git a/source3/configure.in b/source3/configure.in index 47856eaec3..0275c7b318 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -749,7 +749,7 @@ AC_CHECK_FUNCS(setpriv setgidx setuidx setgroups sysconf mktime rename ftruncate AC_CHECK_FUNCS(lstat64 fopen64 atexit grantpt dup2 lseek64 ftruncate64 readdir64) AC_CHECK_FUNCS(fseek64 fseeko64 ftell64 ftello64 setluid getpwanam setlinebuf) AC_CHECK_FUNCS(srandom random srand rand setenv usleep strcasecmp fcvt fcvtl symlink readlink) -AC_CHECK_FUNCS(syslog vsyslog getgrouplist timegm) +AC_CHECK_FUNCS(syslog vsyslog getgrouplist) # setbuffer is needed for smbtorture AC_CHECK_FUNCS(setbuffer) @@ -2069,17 +2069,6 @@ if test x"$with_ldap_support" = x"yes"; then fi fi -######################################################## -# Compile with MySQL support? -AM_PATH_MYSQL() -CFLAGS="$CFLAGS $MYSQL_CFLAGS" - - -######################################################## -# Compile with XML support? -AM_PATH_XML2() -CFLAGS="$CFLAGS $XML_CFLAGS" - ################################################# # check for automount support AC_MSG_CHECKING(whether to use AUTOMOUNT) @@ -2206,24 +2195,6 @@ if test x"$samba_cv_HAVE_TRUNCATED_SALT" = x"yes"; then fi fi -# New experimental SAM system - -AC_MSG_CHECKING([whether to build the new (experimental) SAM database]) -AC_ARG_WITH(sam, -[ --with-sam Build new (experimental) SAM database (default=no)], -[ case "$withval" in - yes) - AC_MSG_RESULT(yes) - AC_DEFINE(WITH_SAM,1,[Whether to build the new (experimental) SAM database]) - ;; - *) - AC_MSG_RESULT(no) - ;; - esac ], - AC_MSG_RESULT(no) -) - - ######################################################################################## ## ## TESTS FOR SAM BACKENDS. KEEP THESE GROUPED TOGETHER @@ -2414,7 +2385,7 @@ AC_ARG_WITH(manpages-langs, esac AC_MSG_RESULT($manlangs) - manlangs=`echo $manlangs | sed "s/,/ /g"` # replacing commas with spaces to produce a list + manlangs=`echo $manlangs | sed "s/,/ /"` # replacing commas with spaces to produce a list AC_SUBST(manlangs)], [manlangs="en" @@ -3160,7 +3131,7 @@ AC_SUBST(builddir) # I added make files that are outside /source directory. # I know this is not a good solution, will work out a better # solution soon. --simo -AC_OUTPUT(include/stamp-h Makefile script/findsmb ../examples/VFS/Makefile ../examples/sam/Makefile) +AC_OUTPUT(include/stamp-h Makefile script/findsmb ../examples/VFS/Makefile ../examples/pdb/mysql/Makefile ../examples/pdb/xml/Makefile) ################################################# # Print very concise instructions on building/use diff --git a/source3/dynconfig.c b/source3/dynconfig.c index 18a280f7d0..b1d4f000af 100644 --- a/source3/dynconfig.c +++ b/source3/dynconfig.c @@ -66,5 +66,9 @@ pstring dyn_LIBDIR = LIBDIR; const pstring dyn_LOCKDIR = LOCKDIR; const pstring dyn_PIDDIR = PIDDIR; +const pstring dyn_DRIVERFILE = DRIVERFILE; + const pstring dyn_SMB_PASSWD_FILE = SMB_PASSWD_FILE; const pstring dyn_PRIVATE_DIR = PRIVATE_DIR; + + diff --git a/source3/include/config.h.in b/source3/include/config.h.in index 0895a783d4..384bee8760 100644 --- a/source3/include/config.h.in +++ b/source3/include/config.h.in @@ -859,9 +859,6 @@ /* Define to 1 if you have the <termio.h> header file. */ #undef HAVE_TERMIO_H -/* Define to 1 if you have the `timegm' function. */ -#undef HAVE_TIMEGM - /* Whether Tru64 ACLs are available */ #undef HAVE_TRU64_ACLS @@ -1394,9 +1391,6 @@ /* Whether to include experimental quota support */ #undef WITH_QUOTAS -/* Whether to build the new (experimental) SAM database */ -#undef WITH_SAM - /* Whether to include sendfile() support */ #undef WITH_SENDFILE diff --git a/source3/include/dynconfig.h b/source3/include/dynconfig.h index fcc4c88b2b..f8b3bbb791 100644 --- a/source3/include/dynconfig.h +++ b/source3/include/dynconfig.h @@ -32,5 +32,6 @@ extern pstring dyn_LOGFILEBASE, dyn_LMHOSTSFILE; extern pstring dyn_LIBDIR; extern const pstring dyn_LOCKDIR; extern const pstring dyn_PIDDIR; +extern const pstring dyn_DRIVERFILE; extern const pstring dyn_SMB_PASSWD_FILE; extern const pstring dyn_PRIVATE_DIR; diff --git a/source3/include/gums.h b/source3/include/gums.h deleted file mode 100644 index d1799f377d..0000000000 --- a/source3/include/gums.h +++ /dev/null @@ -1,224 +0,0 @@ -/* - Unix SMB/CIFS implementation. - GUMS structures - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _GUMS_H -#define _GUMS_H - -#define GUMS_VERSION_MAJOR 0 -#define GUMS_VERSION_MINOR 1 - -#define GUMS_OBJ_NORMAL_USER 1 -#define GUMS_OBJ_GROUP 2 -#define GUMS_OBJ_DOMAIN 3 -#define GUMS_OBJ_ALIAS 4 -#define GUMS_OBJ_WORKSTATION_TRUST 5 -#define GUMS_OBJ_SERVER_TRUST 6 -#define GUMS_OBJ_DOMAIN_TRUST 7 - -typedef struct gums_object -{ - TALLOC_CTX *mem_ctx; - - uint32 type; /* Object Type */ - uint32 version; /* Object Version */ - uint32 seq_num; /* Object Sequence Number */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - - DOM_SID *sid; /* Object Sid */ - char *name; /* Object Name */ - char *description; /* Object Description */ - - void *data; /* Object Specific data */ - -} GUMS_OBJECT; - -typedef struct gums_user -{ - DOM_SID *group_sid; /* Primary Group SID */ - - NTTIME *logon_time; /* logon time */ - NTTIME *logoff_time; /* logoff time */ - NTTIME *kickoff_time; /* kickoff time */ - NTTIME *pass_last_set_time; /* password last set time */ - NTTIME *pass_can_change_time; /* password can change time */ - NTTIME *pass_must_change_time; /* password must change time */ - - char *full_name; /* user's full name string */ - char *home_dir; /* home directory string */ - char *dir_drive; /* home directory drive string */ - char *logon_script; /* logon script string */ - char *profile_path; /* profile path string */ - char *workstations; /* login from workstations string */ - char *unknown_str; /* don't know what this is, yet. */ - char *munged_dial; /* munged path name and dial-back tel number */ - - DATA_BLOB *lm_pw; /* .data is Null if no password */ - DATA_BLOB *nt_pw; /* .data is Null if no password */ - - uint32 unknown_3; /* 0x00ff ffff */ - - uint16 logon_divs; /* 168 - number of hours in a week */ - uint32 hours_len; /* normally 21 bytes */ - uint8 hours[MAX_HOURS_LEN]; - - uint32 unknown_5; /* 0x0002 0000 */ - uint32 unknown_6; /* 0x0000 04ec */ - -} GUMS_USER; - -typedef struct gums_group -{ - uint32 count; /* Number of SIDs */ - DOM_SID *members; /* SID array */ - -} GUMS_GROUP; - -typedef struct gums_data_set -{ - int type; /* GUMS_SET_xxx */ - void *data; - -} GUMS_DATA_SET; - -typedef struct gums_commit_set -{ - TALLOC_CTX *mem_ctx; - - uint32 type; /* Object type */ - DOM_SID sid; /* Object Sid */ - uint32 count; /* number of changes */ - GUMS_DATA_SET *data; -} GUMS_COMMIT_SET; - -typedef struct gums_privilege -{ - TALLOC_CTX *mem_ctx; - - uint32 type; /* Object Type */ - uint32 version; /* Object Version */ - uint32 seq_num; /* Object Sequence Number */ - - LUID_ATTR *privilege; /* Privilege Type */ - char *name; /* Object Name */ - char *description; /* Object Description */ - - uint32 count; - DOM_SID *members; - -} GUMS_PRIVILEGE; - - -typedef struct gums_functions -{ - /* Generic object functions */ - - NTSTATUS (*get_domain_sid) (DOM_SID **sid, const char* name); - NTSTATUS (*set_domain_sid) (const DOM_SID *sid); - - NTSTATUS (*get_sequence_number) (void); - - NTSTATUS (*new_object) (DOM_SID **sid, const char *name, const int obj_type); - NTSTATUS (*delete_object) (const DOM_SID *sid); - - NTSTATUS (*get_object_from_sid) (GUMS_OBJECT **object, const DOM_SID *sid, const int obj_type); - NTSTATUS (*get_sid_from_name) (GUMS_OBJECT **object, const char *name); - /* This function is used to get the list of all objects changed since b_time, it is - used to support PDC<->BDC synchronization */ - NTSTATUS (*get_updated_objects) (GUMS_OBJECT **objects, const NTTIME base_time); - - NTSTATUS (*enumerate_objects_start) (void *handle, const DOM_SID *sid, const int obj_type); - NTSTATUS (*enumerate_objects_get_next) (GUMS_OBJECT **object, void *handle); - NTSTATUS (*enumerate_objects_stop) (void *handle); - - /* This function MUST be used ONLY by PDC<->BDC replication code or recovery tools. - Never use this function to update an object in the database, use set_object_values() */ - NTSTATUS (*set_object) (const GUMS_OBJECT *object); - - /* set object values function */ - NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET *data_set); - - /* Group related functions */ - NTSTATUS (*add_memberss_to_group) (const DOM_SID *group, const DOM_SID **members); - NTSTATUS (*delete_members_from_group) (const DOM_SID *group, const DOM_SID **members); - NTSTATUS (*enumerate_group_members) (DOM_SID **members, const DOM_SID *sid, const int type); - - NTSTATUS (*get_sid_groups) (DOM_SID **groups, const DOM_SID *sid); - - NTSTATUS (*lock_sid) (const DOM_SID *sid); - NTSTATUS (*unlock_sid) (const DOM_SID *sid); - - /* privileges related functions */ - - NTSTATUS (*add_members_to_privilege) (const LUID_ATTR *priv, const DOM_SID **members); - NTSTATUS (*delete_members_from_privilege) (const LUID_ATTR *priv, const DOM_SID **members); - NTSTATUS (*enumerate_privilege_members) (DOM_SID **members, const LUID_ATTR *priv); - NTSTATUS (*get_sid_privileges) (DOM_SID **privs, const DOM_SID *sid); - /* warning!: set_privilege will overwrite a prior existing privilege if such exist */ - NTSTATUS (*set_privilege) (GUMS_PRIVILEGE *priv); - -} GUMS_FUNCTIONS; - -/* define value types */ - -#define GUMS_SET_PRIMARY_GROUP 1 -#define GUMS_SET_SEC_DESC 2 - -/* user specific type values */ -#define GUMS_SET_LOGON_TIME 10 /* keep NTTIME consecutive */ -#define GUMS_SET_LOGOFF_TIME 11 /* too ease checking */ -#define GUMS_SET_KICKOFF_TIME 13 -#define GUMS_SET_PASS_LAST_SET_TIME 14 -#define GUMS_SET_PASS_CAN_CHANGE_TIME 15 -#define GUMS_SET_PASS_MUST_CHANGE_TIME 16 /* NTTIME end */ - -#define GUMS_SET_NAME 20 /* keep strings consecutive */ -#define GUMS_SET_DESCRIPTION 21 /* too ease checking */ -#define GUMS_SET_FULL_NAME 22 -#define GUMS_SET_HOME_DIRECTORY 23 -#define GUMS_SET_DRIVE 24 -#define GUMS_SET_LOGON_SCRIPT 25 -#define GUMS_SET_PROFILE_PATH 26 -#define GUMS_SET_WORKSTATIONS 27 -#define GUMS_SET_UNKNOWN_STRING 28 -#define GUMS_SET_MUNGED_DIAL 29 /* strings end */ - -#define GUMS_SET_LM_PASSWORD 40 -#define GUMS_SET_NT_PASSWORD 41 -#define GUMS_SET_PLAINTEXT_PASSWORD 42 -#define GUMS_SET_UNKNOWN_3 43 -#define GUMS_SET_LOGON_DIVS 44 -#define GUMS_SET_HOURS_LEN 45 -#define GUMS_SET_HOURS 46 -#define GUMS_SET_UNKNOWN_5 47 -#define GUMS_SET_UNKNOWN_6 48 - -#define GUMS_SET_MUST_CHANGE_PASS 50 -#define GUMS_SET_CANNOT_CHANGE_PASS 51 -#define GUMS_SET_PASS_NEVER_EXPIRE 52 -#define GUMS_SET_ACCOUNT_DISABLED 53 -#define GUMS_SET_ACCOUNT_LOCKOUT 54 - -/*group specific type values */ -#define GUMS_ADD_SID_LIST 60 -#define GUMS_DEL_SID_LIST 61 -#define GUMS_SET_SID_LIST 62 - -#endif /* _GUMS_H */ diff --git a/source3/include/includes.h b/source3/include/includes.h index a7dd967bf3..7d8f44727a 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -752,8 +752,6 @@ extern int errno; #include "passdb.h" -#include "sam.h" - #include "session.h" #include "asn_1.h" @@ -1165,9 +1163,5 @@ int asprintf(char **,const char *, ...) PRINTF_ATTRIBUTE(2,3); #define VA_COPY(dest, src) (dest) = (src) #endif -#ifndef HAVE_TIMEGM -time_t timegm(struct tm *tm); -#endif - #endif /* _INCLUDES_H */ diff --git a/source3/include/libsmbclient.h b/source3/include/libsmbclient.h index 0c905edcbc..2b45709a5e 100644 --- a/source3/include/libsmbclient.h +++ b/source3/include/libsmbclient.h @@ -35,10 +35,6 @@ * \ingroup libsmbclient * Data structures, types, and constants */ -/** \defgroup callback Callback function types -* \ingroup libsmbclient -* Callback functions -*/ /** \defgroup file File Functions * \ingroup libsmbclient * Functions used to access individual file contents @@ -55,7 +51,7 @@ * \ingroup libsmbclient * Functions used to access printing functionality */ -/** \defgroup misc Miscellaneous Functions +/** \defgroup attribute Miscellaneous Functions * \ingroup libsmbclient * Functions that don't fit in to other categories */ @@ -66,6 +62,7 @@ #include <sys/stat.h> #include <fcntl.h> +#define SMBC_MAX_NAME 1023 #define SMBC_WORKGROUP 1 #define SMBC_SERVER 2 #define SMBC_FILE_SHARE 3 @@ -76,6 +73,12 @@ #define SMBC_FILE 8 #define SMBC_LINK 9 +#define SMBC_FILE_MODE (S_IFREG | 0444) +#define SMBC_DIR_MODE (S_IFDIR | 0555) + +#define SMBC_MAX_FD 10000 + + /**@ingroup structure * Structure that represents a directory entry. * @@ -113,12 +116,12 @@ struct smbc_dirent char name[1]; }; +#ifndef _CLIENT_H /**@ingroup structure * Structure that represents a print job. * */ -#ifndef _CLIENT_H struct print_job_info { /** numeric ID of the print job @@ -146,29 +149,9 @@ struct print_job_info */ time_t t; }; -#endif /* _CLIENT_H */ - - -/**@ingroup structure - * Server handle - */ -typedef struct _SMBCSRV SMBCSRV; +#endif /* ifndef _CLIENT_H */ /**@ingroup structure - * File or directory handle - */ -typedef struct _SMBCFILE SMBCFILE; - -/**@ingroup structure - * File or directory handle - */ -typedef struct _SMBCCTX SMBCCTX; - - - - - -/**@ingroup callback * Authentication callback function type. * * Type for the the authentication function called by the library to @@ -204,114 +187,51 @@ typedef void (*smbc_get_auth_data_fn)(const char *srv, char *pw, int pwlen); -/**@ingroup callback +/**@ingroup structure * Print job info callback function type. * * @param i pointer to print job information structure * */ -typedef void (*smbc_list_print_job_fn)(struct print_job_info *i); - - -/**@ingroup callback - * Check if a server is still good - * - * @param c pointer to smb context - * - * @param srv pointer to server to check - * - * @return 0 when connection is good. 1 on error. - * - */ -typedef int (*smbc_check_server_fn)(SMBCCTX * c, SMBCSRV *srv); - -/**@ingroup callback - * Remove a server if unused - * - * @param c pointer to smb context - * - * @param srv pointer to server to remove - * - * @return 0 on success. 1 on failure. - * - */ -typedef int (*smbc_remove_unused_server_fn)(SMBCCTX * c, SMBCSRV *srv); +typedef void (*smbc_get_print_job_info)(struct print_job_info *i); +typedef struct _SMBCSRV { + struct cli_state cli; + dev_t dev; + BOOL no_pathinfo2; + int server_fd; -/**@ingroup callback - * Add a server to the cache system - * - * @param c pointer to smb context - * - * @param srv pointer to server to add - * - * @param server server name - * - * @param share share name - * - * @param workgroup workgroup used to connect - * - * @param username username used to connect - * - * @return 0 on success. 1 on failure. - * - */ -typedef int (*smbc_add_cached_srv_fn) (SMBCCTX * c, SMBCSRV *srv, - char * server, char * share, - char * workgroup, char * username); - - -/**@ingroup callback - * Look up a server in the cache system - * - * @param c pointer to smb context - * - * @param server server name to match - * - * @param share share name to match - * - * @param workgroup workgroup to match - * - * @param username username to match - * - * @return pointer to SMBCSRV on success. NULL on failure. - * - */ -typedef SMBCSRV * (*smbc_get_cached_srv_fn) (SMBCCTX * c, char * server, - char * share, char * workgroup, char * username); - - -/**@ingroup callback - * Check if a server is still good - * - * @param c pointer to smb context - * - * @param srv pointer to server to remove - * - * @return 0 when found and removed. 1 on failure. - * - */ -typedef int (*smbc_remove_cached_srv_fn)(SMBCCTX * c, SMBCSRV *srv); + struct _SMBCSRV *next, *prev; + +} SMBCSRV; +/* + * Keep directory entries in a list + */ +struct smbc_dir_list { + struct smbc_dir_list *next; + struct smbc_dirent *dirent; +}; -/**@ingroup callback - * Try to remove all servers from the cache system and disconnect - * - * @param c pointer to smb context - * - * @return 0 when found and removed. 1 on failure. - * +/* + * Structure for open file management */ -typedef int (*smbc_purge_cached_fn) (SMBCCTX * c); - - - +typedef struct _SMBCFILE { + int cli_fd; + char *fname; + off_t offset; + SMBCSRV *srv; + BOOL file; + struct smbc_dir_list *dir_list, *dir_end, *dir_next; + int dir_type, dir_error; + + struct _SMBCFILE *next, *prev; +} SMBCFILE; /**@ingroup structure * Structure that contains a client context information - * This structure is know as SMBCCTX */ -struct _SMBCCTX { +typedef struct _SMBCCTX { /** debug level */ int debug; @@ -335,42 +255,42 @@ struct _SMBCCTX { /** callable functions for files: * For usage and return values see the smbc_* functions */ - SMBCFILE * (*open) (SMBCCTX *c, const char *fname, int flags, mode_t mode); - SMBCFILE * (*creat) (SMBCCTX *c, const char *path, mode_t mode); - ssize_t (*read) (SMBCCTX *c, SMBCFILE *file, void *buf, size_t count); - ssize_t (*write) (SMBCCTX *c, SMBCFILE *file, void *buf, size_t count); - int (*unlink) (SMBCCTX *c, const char *fname); - int (*rename) (SMBCCTX *ocontext, const char *oname, - SMBCCTX *ncontext, const char *nname); - off_t (*lseek) (SMBCCTX *c, SMBCFILE * file, off_t offset, int whence); - int (*stat) (SMBCCTX *c, const char *fname, struct stat *st); - int (*fstat) (SMBCCTX *c, SMBCFILE *file, struct stat *st); - int (*close) (SMBCCTX *c, SMBCFILE *file); + SMBCFILE * (*open) (struct _SMBCCTX *c, const char *fname, int flags, mode_t mode); + SMBCFILE * (*creat) (struct _SMBCCTX *c, const char *path, mode_t mode); + ssize_t (*read) (struct _SMBCCTX *c, SMBCFILE *file, void *buf, size_t count); + ssize_t (*write) (struct _SMBCCTX *c, SMBCFILE *file, void *buf, size_t count); + int (*unlink) (struct _SMBCCTX *c, const char *fname); + int (*rename) (struct _SMBCCTX *ocontext, const char *oname, + struct _SMBCCTX *ncontext, const char *nname); + off_t (*lseek) (struct _SMBCCTX *c, SMBCFILE * file, off_t offset, int whence); + int (*stat) (struct _SMBCCTX *c, const char *fname, struct stat *st); + int (*fstat) (struct _SMBCCTX *c, SMBCFILE *file, struct stat *st); + int (*close) (struct _SMBCCTX *c, SMBCFILE *file); /** callable functions for dirs */ - SMBCFILE * (*opendir) (SMBCCTX *c, const char *fname); - int (*closedir)(SMBCCTX *c, SMBCFILE *dir); - struct smbc_dirent * (*readdir)(SMBCCTX *c, SMBCFILE *dir); - int (*getdents)(SMBCCTX *c, SMBCFILE *dir, + SMBCFILE * (*opendir) (struct _SMBCCTX *c, const char *fname); + int (*closedir)(struct _SMBCCTX *c, SMBCFILE *dir); + struct smbc_dirent * (*readdir)(struct _SMBCCTX *c, SMBCFILE *dir); + int (*getdents)(struct _SMBCCTX *c, SMBCFILE *dir, struct smbc_dirent *dirp, int count); - int (*mkdir) (SMBCCTX *c, const char *fname, mode_t mode); - int (*rmdir) (SMBCCTX *c, const char *fname); - off_t (*telldir) (SMBCCTX *c, SMBCFILE *dir); - int (*lseekdir)(SMBCCTX *c, SMBCFILE *dir, off_t offset); - int (*fstatdir)(SMBCCTX *c, SMBCFILE *dir, struct stat *st); + int (*mkdir) (struct _SMBCCTX *c, const char *fname, mode_t mode); + int (*rmdir) (struct _SMBCCTX *c, const char *fname); + off_t (*telldir) (struct _SMBCCTX *c, SMBCFILE *dir); + int (*lseekdir)(struct _SMBCCTX *c, SMBCFILE *dir, off_t offset); + int (*fstatdir)(struct _SMBCCTX *c, SMBCFILE *dir, struct stat *st); /** callable functions for printing */ - int (*print_file)(SMBCCTX *c_file, const char *fname, - SMBCCTX *c_print, const char *printq); - SMBCFILE * (*open_print_job)(SMBCCTX *c, const char *fname); - int (*list_print_jobs)(SMBCCTX *c, const char *fname, smbc_list_print_job_fn fn); - int (*unlink_print_job)(SMBCCTX *c, const char *fname, int id); + int (*print_file)(struct _SMBCCTX *c_file, const char *fname, + struct _SMBCCTX *c_print, const char *printq); + SMBCFILE * (*open_print_job)(struct _SMBCCTX *c, const char *fname); + int (*list_print_jobs)(struct _SMBCCTX *c, const char *fname, void (*fn)(struct print_job_info *)); + int (*unlink_print_job)(struct _SMBCCTX *c, const char *fname, int id); /** Callbacks - * These callbacks _always_ have to be initialized because they will not be checked + * These callbacks _always_ have to be intialized because they will not be checked * at dereference for increased speed. */ struct _smbc_callbacks { @@ -380,11 +300,11 @@ struct _SMBCCTX { /** check if a server is still good */ - smbc_check_server_fn check_server_fn; + int (*check_server_fn)(struct _SMBCCTX * c, SMBCSRV *srv); /** remove a server if unused */ - smbc_remove_unused_server_fn remove_unused_server_fn; + int (*remove_unused_server_fn)(struct _SMBCCTX * c, SMBCSRV *srv); /** Cache subsystem * For an example cache system see samba/source/libsmb/libsmb_cache.c @@ -393,19 +313,21 @@ struct _SMBCCTX { /** server cache addition */ - smbc_add_cached_srv_fn add_cached_srv_fn; - + int (*add_cached_srv_fn) (struct _SMBCCTX * c, SMBCSRV *srv, + char * server, char * share, + char * workgroup, char * username); /** server cache lookup */ - smbc_get_cached_srv_fn get_cached_srv_fn; - + SMBCSRV * (*get_cached_srv_fn) (struct _SMBCCTX * c, char * server, + char * share, char * workgroup, char * username); /** server cache removal */ - smbc_remove_cached_srv_fn remove_cached_srv_fn; + int (*remove_cached_srv_fn)(struct _SMBCCTX * c, SMBCSRV *srv); /** server cache purging, try to remove all cached servers (disconnect) */ - smbc_purge_cached_fn purge_cached_fn; + int (*purge_cached_fn) (struct _SMBCCTX * c); + } callbacks; @@ -413,12 +335,27 @@ struct _SMBCCTX { */ struct smbc_server_cache * server_cache; - /** INTERNAL DATA - * do _NOT_ touch this from your program ! + /** INTERNAL functions + * do _NOT_ touch these from your program ! + */ + + /** INTERNAL: is this handle initialized ? + */ + int _initialized; + + /** INTERNAL: dirent pointer location */ - struct smbc_internal_data * internal; + char _dirent[512]; + + /** INTERNAL: server connection list + */ + SMBCSRV * _servers; -}; + /** INTERNAL: open file/dir list + */ + SMBCFILE * _files; + +} SMBCCTX; /**@ingroup misc @@ -1053,7 +990,7 @@ int smbc_open_print_job(const char *fname); * - EINVAL fname was NULL or smbc_init not called * - EACCES ??? */ -int smbc_list_print_jobs(const char *purl, smbc_list_print_job_fn fn); +int smbc_list_print_jobs(const char *purl, smbc_get_print_job_info fn); /**@ingroup print * Delete a print job diff --git a/source3/include/rpc_client_proto.h b/source3/include/rpc_client_proto.h deleted file mode 100644 index 0ecb195691..0000000000 --- a/source3/include/rpc_client_proto.h +++ /dev/null @@ -1,231 +0,0 @@ -#ifndef _RPC_CLIENT_PROTO_H_ -#define _RPC_CLIENT_PROTO_H_ -/* This file is automatically generated with "make proto". DO NOT EDIT */ - - -/*The following definitions come from lib/util_list.c */ - -BOOL copy_policy_hnd (POLICY_HND *dest, const POLICY_HND *src); -BOOL compare_rpc_hnd_node(const RPC_HND_NODE *x, - const RPC_HND_NODE *y); -BOOL RpcHndList_set_connection(const POLICY_HND *hnd, - struct cli_connection *con); -BOOL RpcHndList_del_connection(const POLICY_HND *hnd); -struct cli_connection* RpcHndList_get_connection(const POLICY_HND *hnd); - -/*The following definitions come from rpc_client/cli_connect.c */ - -void init_connections(void); -void free_connections(void); -void cli_connection_free(struct cli_connection *con); -void cli_connection_unlink(struct cli_connection *con); -BOOL cli_connection_init(const char *srv_name, char *pipe_name, - struct cli_connection **con); -BOOL cli_connection_init_auth(const char *srv_name, char *pipe_name, - struct cli_connection **con, - cli_auth_fns * auth, void *auth_creds); -struct _cli_auth_fns *cli_conn_get_authfns(struct cli_connection *con); -void *cli_conn_get_auth_creds(struct cli_connection *con); -BOOL rpc_hnd_pipe_req(const POLICY_HND * hnd, uint8 op_num, - prs_struct * data, prs_struct * rdata); -BOOL rpc_con_pipe_req(struct cli_connection *con, uint8 op_num, - prs_struct * data, prs_struct * rdata); -BOOL rpc_con_ok(struct cli_connection *con); - -/*The following definitions come from rpc_client/cli_login.c */ - -BOOL cli_nt_setup_creds(struct cli_state *cli, unsigned char mach_pwd[16]); -BOOL cli_nt_srv_pwset(struct cli_state *cli, unsigned char *new_hashof_mach_pwd); -BOOL cli_nt_login_interactive(struct cli_state *cli, char *domain, char *username, - uint32 smb_userid_low, char *password, - NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3); -BOOL cli_nt_login_network(struct cli_state *cli, char *domain, char *username, - uint32 smb_userid_low, char lm_chal[8], - char *lm_chal_resp, char *nt_chal_resp, - NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3); -BOOL cli_nt_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr); - -/*The following definitions come from rpc_client/cli_lsarpc.c */ - -BOOL do_lsa_open_policy(struct cli_state *cli, - char *system_name, POLICY_HND *hnd, - BOOL sec_qos); -BOOL do_lsa_query_info_pol(struct cli_state *cli, - POLICY_HND *hnd, uint16 info_class, - fstring domain_name, DOM_SID *domain_sid); -BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd); -BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server); -uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd, - BOOL sec_qos, uint32 des_access); -uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids, - char ***names, uint32 **types, int *num_names); -uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names, - DOM_SID **sids, uint32 **types, int *num_sids); - -/*The following definitions come from rpc_client/cli_netlogon.c */ - -BOOL cli_net_logon_ctrl2(struct cli_state *cli, uint32 status_level); -BOOL cli_net_auth2(struct cli_state *cli, uint16 sec_chan, - uint32 neg_flags, DOM_CHAL *srv_chal); -BOOL cli_net_req_chal(struct cli_state *cli, DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal); -BOOL cli_net_srv_pwset(struct cli_state *cli, uint8 hashed_mach_pwd[16]); -BOOL cli_net_sam_logon(struct cli_state *cli, NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3); -BOOL cli_net_sam_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr); -BOOL change_trust_account_password( char *domain, char *remote_machine_list); - -/*The following definitions come from rpc_client/cli_pipe.c */ - -BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num, - prs_struct *data, prs_struct *rdata); -BOOL rpc_pipe_bind(struct cli_state *cli, char *pipe_name, char *my_name); -void cli_nt_set_ntlmssp_flgs(struct cli_state *cli, uint32 ntlmssp_flgs); -BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name); -void cli_nt_session_close(struct cli_state *cli); - -/*The following definitions come from rpc_client/cli_reg.c */ - -BOOL do_reg_connect(struct cli_state *cli, char *full_keyname, char *key_name, - POLICY_HND *reg_hnd); -BOOL do_reg_open_hklm(struct cli_state *cli, uint16 unknown_0, uint32 level, - POLICY_HND *hnd); -BOOL do_reg_open_hku(struct cli_state *cli, uint16 unknown_0, uint32 level, - POLICY_HND *hnd); -BOOL do_reg_flush_key(struct cli_state *cli, POLICY_HND *hnd); -BOOL do_reg_query_key(struct cli_state *cli, POLICY_HND *hnd, - char *class, uint32 *class_len, - uint32 *num_subkeys, uint32 *max_subkeylen, - uint32 *max_subkeysize, uint32 *num_values, - uint32 *max_valnamelen, uint32 *max_valbufsize, - uint32 *sec_desc, NTTIME *mod_time); -BOOL do_reg_unknown_1a(struct cli_state *cli, POLICY_HND *hnd, uint32 *unk); -BOOL do_reg_query_info(struct cli_state *cli, POLICY_HND *hnd, - char *key_value, uint32* key_type); -BOOL do_reg_set_key_sec(struct cli_state *cli, POLICY_HND *hnd, SEC_DESC_BUF *sec_desc_buf); -BOOL do_reg_get_key_sec(struct cli_state *cli, POLICY_HND *hnd, uint32 *sec_buf_size, SEC_DESC_BUF **ppsec_desc_buf); -BOOL do_reg_delete_val(struct cli_state *cli, POLICY_HND *hnd, char *val_name); -BOOL do_reg_delete_key(struct cli_state *cli, POLICY_HND *hnd, char *key_name); -BOOL do_reg_create_key(struct cli_state *cli, POLICY_HND *hnd, - char *key_name, char *key_class, - SEC_ACCESS *sam_access, - POLICY_HND *key); -BOOL do_reg_enum_key(struct cli_state *cli, POLICY_HND *hnd, - int key_index, char *key_name, - uint32 *unk_1, uint32 *unk_2, - time_t *mod_time); -BOOL do_reg_create_val(struct cli_state *cli, POLICY_HND *hnd, - char *val_name, uint32 type, BUFFER3 *data); -BOOL do_reg_enum_val(struct cli_state *cli, POLICY_HND *hnd, - int val_index, int max_valnamelen, int max_valbufsize, - fstring val_name, - uint32 *val_type, BUFFER2 *value); -BOOL do_reg_open_entry(struct cli_state *cli, POLICY_HND *hnd, - char *key_name, uint32 unk_0, - POLICY_HND *key_hnd); -BOOL do_reg_close(struct cli_state *cli, POLICY_HND *hnd); - -/*The following definitions come from rpc_client/cli_samr.c */ - -BOOL get_samr_query_usergroups(struct cli_state *cli, - POLICY_HND *pol_open_domain, uint32 user_rid, - uint32 *num_groups, DOM_GID *gid); -BOOL get_samr_query_userinfo(struct cli_state *cli, - POLICY_HND *pol_open_domain, - uint32 info_level, - uint32 user_rid, SAM_USER_INFO_21 *usr); -BOOL do_samr_chgpasswd_user(struct cli_state *cli, - char *srv_name, char *user_name, - char nt_newpass[516], uchar nt_oldhash[16], - char lm_newpass[516], uchar lm_oldhash[16]); -BOOL do_samr_unknown_38(struct cli_state *cli, char *srv_name); -BOOL do_samr_query_dom_info(struct cli_state *cli, - POLICY_HND *domain_pol, uint16 switch_value); -BOOL do_samr_enum_dom_users(struct cli_state *cli, - POLICY_HND *pol, uint16 num_entries, uint16 unk_0, - uint16 acb_mask, uint16 unk_1, uint32 size, - struct acct_info **sam, - int *num_sam_users); -BOOL do_samr_connect(struct cli_state *cli, - char *srv_name, uint32 unknown_0, - POLICY_HND *connect_pol); -BOOL do_samr_open_user(struct cli_state *cli, - POLICY_HND *pol, uint32 unk_0, uint32 rid, - POLICY_HND *user_pol); -BOOL do_samr_open_domain(struct cli_state *cli, - POLICY_HND *connect_pol, uint32 rid, DOM_SID *sid, - POLICY_HND *domain_pol); -BOOL do_samr_query_unknown_12(struct cli_state *cli, - POLICY_HND *pol, uint32 rid, uint32 num_gids, uint32 *gids, - uint32 *num_aliases, - fstring als_names [MAX_LOOKUP_SIDS], - uint32 num_als_users[MAX_LOOKUP_SIDS]); -BOOL do_samr_query_usergroups(struct cli_state *cli, - POLICY_HND *pol, uint32 *num_groups, DOM_GID *gid); -BOOL do_samr_query_userinfo(struct cli_state *cli, - POLICY_HND *pol, uint16 switch_value, void* usr); -BOOL do_samr_close(struct cli_state *cli, POLICY_HND *hnd); - -/*The following definitions come from rpc_client/cli_spoolss_notify.c */ - -BOOL spoolss_disconnect_from_client( struct cli_state *cli); -BOOL spoolss_connect_to_client( struct cli_state *cli, char *remote_machine); -BOOL cli_spoolss_reply_open_printer(struct cli_state *cli, char *printer, uint32 localprinter, uint32 type, uint32 *status, POLICY_HND *handle); -BOOL cli_spoolss_reply_rrpcn(struct cli_state *cli, POLICY_HND *handle, - uint32 change_low, uint32 change_high, uint32 *status); -BOOL cli_spoolss_reply_close_printer(struct cli_state *cli, POLICY_HND *handle, uint32 *status); - -/*The following definitions come from rpc_client/cli_srvsvc.c */ - -BOOL do_srv_net_srv_conn_enum(struct cli_state *cli, - char *server_name, char *qual_name, - uint32 switch_value, SRV_CONN_INFO_CTR *ctr, - uint32 preferred_len, - ENUM_HND *hnd); -BOOL do_srv_net_srv_sess_enum(struct cli_state *cli, - char *server_name, char *qual_name, - uint32 switch_value, SRV_SESS_INFO_CTR *ctr, - uint32 preferred_len, - ENUM_HND *hnd); -BOOL do_srv_net_srv_share_enum(struct cli_state *cli, - char *server_name, - uint32 switch_value, SRV_R_NET_SHARE_ENUM *r_o, - uint32 preferred_len, ENUM_HND *hnd); -BOOL do_srv_net_srv_file_enum(struct cli_state *cli, - char *server_name, char *qual_name, - uint32 switch_value, SRV_FILE_INFO_CTR *ctr, - uint32 preferred_len, - ENUM_HND *hnd); -BOOL do_srv_net_srv_get_info(struct cli_state *cli, - char *server_name, uint32 switch_value, SRV_INFO_CTR *ctr); - -/*The following definitions come from rpc_client/cli_use.c */ - -void init_cli_use(void); -void free_cli_use(void); -struct cli_state *cli_net_use_add(const char *srv_name, - const struct ntuser_creds *usr_creds, - BOOL reuse, BOOL *is_new); -BOOL cli_net_use_del(const char *srv_name, - const struct ntuser_creds *usr_creds, - BOOL force_close, BOOL *connection_closed); -void cli_net_use_enum(uint32 *num_cons, struct use_info ***use); -void cli_use_wait_keyboard(void); - -/*The following definitions come from rpc_client/cli_wkssvc.c */ - -BOOL do_wks_query_info(struct cli_state *cli, - char *server_name, uint32 switch_value, - WKS_INFO_100 *wks100); - -/*The following definitions come from rpc_client/ncacn_np_use.c */ - -BOOL ncacn_np_use_del(const char *srv_name, const char *pipe_name, - const vuser_key * key, - BOOL force_close, BOOL *connection_closed); -struct ncacn_np *ncacn_np_initialise(struct ncacn_np *msrpc, - const vuser_key * key); -struct ncacn_np *ncacn_np_use_add(const char *pipe_name, - const vuser_key * key, - const char *srv_name, - const struct ntuser_creds *ntc, - BOOL reuse, BOOL *is_new_connection); -#endif /* _PROTO_H_ */ diff --git a/source3/include/sam.h b/source3/include/sam.h deleted file mode 100644 index f46a6e7bcb..0000000000 --- a/source3/include/sam.h +++ /dev/null @@ -1,238 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM structures - Copyright (C) Kai Krueger 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Simo Sorce 2002 - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _SAM_H -#define _SAM_H - -/* We want to track down bugs early */ -#if 1 -#define SAM_ASSERT(x) SMB_ASSERT(x) -#else -#define SAM_ASSERT(x) while (0) { \ - if (!(x)) { - DEBUG(0, ("SAM_ASSERT failed!\n")) - return NT_STATUS_FAIL_CHECK;\ - } \ - } -#endif - - -/* let it be 0 until we have a stable interface --metze */ -#define SAM_INTERFACE_VERSION 0 - -/* use this inside a passdb module */ -#define SAM_MODULE_VERSIONING_MAGIC \ -int sam_version(void)\ -{\ - return SAM_INTERFACE_VERSION;\ -} - -/* Backend to use by default when no backend was specified */ -#define SAM_DEFAULT_BACKEND "plugin" - -typedef struct sam_domain_handle { - TALLOC_CTX *mem_ctx; - uint32 access_granted; - const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */ - void (*free_fn)(struct sam_domain_handle **); - struct domain_data { - DOM_SID sid; /*SID of the domain. Should not be changed */ - char *name; /* Name of the domain */ - char *servername; /* */ - NTTIME max_passwordage; /* time till next password expiration */ - NTTIME min_passwordage; /* time till password can be changed again */ - NTTIME lockout_duration; /* time till login is allowed again after lockout*/ - NTTIME reset_count; /* time till bad login counter is reset */ - uint16 min_passwordlength; /* minimum number of characters for a password */ - uint16 password_history; /* number of passwords stored in history */ - uint16 lockout_count; /* number of bad login attempts before lockout */ - BOOL force_logoff; /* force logoff after logon hours have expired */ - BOOL login_pwdchange; /* Users need to logon to change their password */ - uint32 num_accounts; /* number of accounts in the domain */ - uint32 num_groups; /* number of global groups */ - uint32 num_aliases; /* number of local groups */ - uint32 sam_sequence_number; /* global sequence number */ - } private; -} SAM_DOMAIN_HANDLE; - -typedef struct sam_account_handle { - TALLOC_CTX *mem_ctx; - uint32 access_granted; - const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */ - void (*free_fn)(struct sam_account_handle **); - struct sam_account_data { - uint32 init_flag; - NTTIME logon_time; /* logon time */ - NTTIME logoff_time; /* logoff time */ - NTTIME kickoff_time; /* kickoff time */ - NTTIME pass_last_set_time; /* password last set time */ - NTTIME pass_can_change_time; /* password can change time */ - NTTIME pass_must_change_time; /* password must change time */ - char * account_name; /* account_name string */ - SAM_DOMAIN_HANDLE * domain; /* domain of account */ - char *full_name; /* account's full name string */ - char *unix_home_dir; /* UNIX home directory string */ - char *home_dir; /* home directory string */ - char *dir_drive; /* home directory drive string */ - char *logon_script; /* logon script string */ - char *profile_path; /* profile path string */ - char *acct_desc; /* account description string */ - char *workstations; /* login from workstations string */ - char *unknown_str; /* don't know what this is, yet. */ - char *munged_dial; /* munged path name and dial-back tel number */ - DOM_SID account_sid; /* Primary Account SID */ - DOM_SID group_sid; /* Primary Group SID */ - DATA_BLOB lm_pw; /* .data is Null if no password */ - DATA_BLOB nt_pw; /* .data is Null if no password */ - char *plaintext_pw; /* if Null not available */ - uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */ - uint32 unknown_1; /* 0x00ff ffff */ - uint16 logon_divs; /* 168 - number of hours in a week */ - uint32 hours_len; /* normally 21 bytes */ - uint8 hours[MAX_HOURS_LEN]; - uint32 unknown_2; /* 0x0002 0000 */ - uint32 unknown_3; /* 0x0000 04ec */ - } private; -} SAM_ACCOUNT_HANDLE; - -typedef struct sam_group_handle { - TALLOC_CTX *mem_ctx; - uint32 access_granted; - const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */ - void (*free_fn)(struct sam_group_handle **); - struct sam_group_data { - char *group_name; - char *group_desc; - DOM_SID sid; - uint16 group_ctrl; /* specifies if the group is a local group or a global group */ - uint32 num_members; - } private; -} SAM_GROUP_HANDLE; - - -typedef struct sam_group_member { - DOM_SID sid; - BOOL group; /* specifies if it is a group or a account */ -} SAM_GROUP_MEMBER; - -typedef struct sam_account_enum { - DOM_SID sid; - char *account_name; - char *full_name; - char *account_desc; - uint16 acct_ctrl; -} SAM_ACCOUNT_ENUM; - -typedef struct sam_group_enum { - DOM_SID sid; - char *group_name; - char *group_desc; - uint16 group_ctrl; -} SAM_GROUP_ENUM; - - -/* bits for group_ctrl: to spezify if the group is global group or alias */ -#define GCB_LOCAL_GROUP 0x0001 -#define GCB_ALIAS_GROUP (GCB_LOCAL_GROUP |GCB_BUILTIN) -#define GCB_GLOBAL_GROUP 0x0002 -#define GCB_BUILTIN 0x1000 - -typedef struct sam_context -{ - struct sam_methods *methods; - TALLOC_CTX *mem_ctx; - - void (*free_fn)(struct sam_context **); -} SAM_CONTEXT; - -typedef struct sam_methods -{ - struct sam_context *parent; - struct sam_methods *next; - struct sam_methods *prev; - const char *backendname; - const char *domain_name; - DOM_SID domain_sid; - void *private_data; - - /* General API */ - - NTSTATUS (*sam_get_sec_desc) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd); - NTSTATUS (*sam_set_sec_desc) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd); - - NTSTATUS (*sam_lookup_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type); - NTSTATUS (*sam_lookup_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const char *name, DOM_SID *sid, uint32 *type); - - /* Domain API */ - - NTSTATUS (*sam_update_domain) (const struct sam_methods *, const SAM_DOMAIN_HANDLE *domain); - NTSTATUS (*sam_get_domain_handle) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, SAM_DOMAIN_HANDLE **domain); - - /* Account API */ - - NTSTATUS (*sam_create_account) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account); - NTSTATUS (*sam_add_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account); - NTSTATUS (*sam_update_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account); - NTSTATUS (*sam_delete_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account); - NTSTATUS (*sam_enum_accounts) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts); - - NTSTATUS (*sam_get_account_by_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account); - NTSTATUS (*sam_get_account_by_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_ACCOUNT_HANDLE **account); - - /* Group API */ - - NTSTATUS (*sam_create_group) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group); - NTSTATUS (*sam_add_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group); - NTSTATUS (*sam_update_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group); - NTSTATUS (*sam_delete_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group); - NTSTATUS (*sam_enum_groups) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups); - NTSTATUS (*sam_get_group_by_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group); - NTSTATUS (*sam_get_group_by_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group); - - NTSTATUS (*sam_add_member_to_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member); - NTSTATUS (*sam_delete_member_from_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member); - NTSTATUS (*sam_enum_groupmembers) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members); - - NTSTATUS (*sam_get_groups_of_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups); - - void (*free_private_data)(void **); -} SAM_METHODS; - -typedef NTSTATUS (*sam_init_function)(SAM_METHODS *, const char *); - -struct sam_init_function_entry { - char *module_name; - /* Function to create a member of the sam_methods list */ - sam_init_function init; -}; - -typedef struct sam_backend_entry { - char *module_name; - char *module_params; - char *domain_name; - DOM_SID *domain_sid; -} SAM_BACKEND_ENTRY; - - -#endif /* _SAM_H */ diff --git a/source3/include/smb.h b/source3/include/smb.h index 83125989df..4feb81beef 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -953,7 +953,7 @@ struct bitmap { #define SMBntcancel 0xA4 /* NT cancel */ /* These are the trans subcommands */ -#define TRANSACT_SETNAMEDPIPEHANDLESTATE 0x01 +#define TRANSACT_SETNAMEDPIPEHANDLESTATE 0x01 #define TRANSACT_DCERPCCMD 0x26 #define TRANSACT_WAITNAMEDPIPEHANDLESTATE 0x53 @@ -1702,12 +1702,5 @@ typedef struct { extern struct poptOption popt_common_debug[]; extern struct poptOption popt_common_configfile[]; -extern struct poptOption popt_common_socket_options[]; -extern struct poptOption popt_common_version[]; -extern struct poptOption popt_common_netbios_name[]; -extern struct poptOption popt_common_log_base[]; - -/* Module support */ -typedef NTSTATUS (init_module_function) (void); #endif /* _SMB_H */ diff --git a/source3/include/version.h b/source3/include/version.h index c0a1c702f2..415b456aac 100644 --- a/source3/include/version.h +++ b/source3/include/version.h @@ -1 +1 @@ -#define VERSION "post3.0-HEAD" +#define VERSION "3.0alpha21cvs" diff --git a/source3/lib/domain_namemap.c b/source3/lib/domain_namemap.c deleted file mode 100644 index 988f5e5d65..0000000000 --- a/source3/lib/domain_namemap.c +++ /dev/null @@ -1,1317 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Groupname handling - Copyright (C) Jeremy Allison 1998. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/* - * UNIX gid and Local or Domain SID resolution. This module resolves - * only those entries in the map files, it is *NOT* responsible for - * resolving UNIX groups not listed: that is an entirely different - * matter, altogether... - */ - -/* - * - * - - format of the file is: - - unixname NT Group name - unixname Domain Admins (well-known Domain Group) - unixname DOMAIN_NAME\NT Group name - unixname OTHER_DOMAIN_NAME\NT Group name - unixname DOMAIN_NAME\Domain Admins (well-known Domain Group) - .... - - if the DOMAIN_NAME\ component is left off, then your own domain is assumed. - - * - * - */ - - -#include "includes.h" -extern int DEBUGLEVEL; - -extern fstring global_myworkgroup; -extern DOM_SID global_member_sid; -extern fstring global_sam_name; -extern DOM_SID global_sam_sid; -extern DOM_SID global_sid_S_1_5_20; - -/******************************************************************* - converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uid_t pwdb_user_rid_to_uid(uint32 user_rid) -{ - return ((user_rid & (~RID_TYPE_USER))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_group_rid_to_gid(uint32 group_rid) -{ - return ((group_rid & (~RID_TYPE_GROUP))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Alias RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_alias_rid_to_gid(uint32 alias_rid) -{ - return ((alias_rid & (~RID_TYPE_ALIAS))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_gid_to_group_rid(uint32 gid) -{ - uint32 grp_rid = ((((gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_GROUP); - return grp_rid; -} - -/****************************************************************** - converts UNIX gid to an NT Alias RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_gid_to_alias_rid(uint32 gid) -{ - uint32 alias_rid = ((((gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_ALIAS); - return alias_rid; -} - -/******************************************************************* - converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_uid_to_user_rid(uint32 uid) -{ - uint32 user_rid = ((((uid)*RID_MULTIPLIER) + 1000) | RID_TYPE_USER); - return user_rid; -} - -/****************************************************************** - converts SID + SID_NAME_USE type to a UNIX id. the Domain SID is, - and can only be, our own SID. - ********************************************************************/ -static BOOL pwdb_sam_sid_to_unixid(DOM_SID *sid, uint8 type, uint32 *id) -{ - DOM_SID tmp_sid; - uint32 rid; - - sid_copy(&tmp_sid, sid); - sid_split_rid(&tmp_sid, &rid); - if (!sid_equal(&global_sam_sid, &tmp_sid)) - { - return False; - } - - switch (type) - { - case SID_NAME_USER: - { - *id = pwdb_user_rid_to_uid(rid); - return True; - } - case SID_NAME_ALIAS: - { - *id = pwdb_alias_rid_to_gid(rid); - return True; - } - case SID_NAME_DOM_GRP: - case SID_NAME_WKN_GRP: - { - *id = pwdb_group_rid_to_gid(rid); - return True; - } - } - return False; -} - -/****************************************************************** - converts UNIX gid + SID_NAME_USE type to a SID. the Domain SID is, - and can only be, our own SID. - ********************************************************************/ -static BOOL pwdb_unixid_to_sam_sid(uint32 id, uint8 type, DOM_SID *sid) -{ - sid_copy(sid, &global_sam_sid); - switch (type) - { - case SID_NAME_USER: - { - sid_append_rid(sid, pwdb_uid_to_user_rid(id)); - return True; - } - case SID_NAME_ALIAS: - { - sid_append_rid(sid, pwdb_gid_to_alias_rid(id)); - return True; - } - case SID_NAME_DOM_GRP: - case SID_NAME_WKN_GRP: - { - sid_append_rid(sid, pwdb_gid_to_group_rid(id)); - return True; - } - } - return False; -} - -/******************************************************************* - Decides if a RID is a well known RID. - ********************************************************************/ -static BOOL pwdb_rid_is_well_known(uint32 rid) -{ - return (rid < 1000); -} - -/******************************************************************* - determines a rid's type. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_rid_type(uint32 rid) -{ - /* lkcl i understand that NT attaches an enumeration to a RID - * such that it can be identified as either a user, group etc - * type: SID_ENUM_TYPE. - */ - if (pwdb_rid_is_well_known(rid)) - { - /* - * The only well known user RIDs are DOMAIN_USER_RID_ADMIN - * and DOMAIN_USER_RID_GUEST. - */ - if (rid == DOMAIN_USER_RID_ADMIN || rid == DOMAIN_USER_RID_GUEST) - { - return RID_TYPE_USER; - } - if (DOMAIN_GROUP_RID_ADMINS <= rid && rid <= DOMAIN_GROUP_RID_GUESTS) - { - return RID_TYPE_GROUP; - } - if (BUILTIN_ALIAS_RID_ADMINS <= rid && rid <= BUILTIN_ALIAS_RID_REPLICATOR) - { - return RID_TYPE_ALIAS; - } - } - return (rid & RID_TYPE_MASK); -} - -/******************************************************************* - checks whether rid is a user rid. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -BOOL pwdb_rid_is_user(uint32 rid) -{ - return pwdb_rid_type(rid) == RID_TYPE_USER; -} - -/************************************************************************** - Groupname map functionality. The code loads a groupname map file and - (currently) loads it into a linked list. This is slow and memory - hungry, but can be changed into a more efficient storage format - if the demands on it become excessive. -***************************************************************************/ - -typedef struct name_map -{ - ubi_slNode next; - DOM_NAME_MAP grp; - -} name_map_entry; - -static ubi_slList groupname_map_list; -static ubi_slList aliasname_map_list; -static ubi_slList ntusrname_map_list; - -static void delete_name_entry(name_map_entry *gmep) -{ - if (gmep->grp.nt_name) - { - free(gmep->grp.nt_name); - } - if (gmep->grp.nt_domain) - { - free(gmep->grp.nt_domain); - } - if (gmep->grp.unix_name) - { - free(gmep->grp.unix_name); - } - free((char*)gmep); -} - -/************************************************************************** - Delete all the entries in the name map list. -***************************************************************************/ - -static void delete_map_list(ubi_slList *map_list) -{ - name_map_entry *gmep; - - while ((gmep = (name_map_entry *)ubi_slRemHead(map_list )) != NULL) - { - delete_name_entry(gmep); - } -} - - -/************************************************************************** - makes a group sid out of a domain sid and a _unix_ gid. -***************************************************************************/ -static BOOL make_mydomain_sid(DOM_NAME_MAP *grp, DOM_MAP_TYPE type) -{ - int ret = False; - fstring sid_str; - - if (!map_domain_name_to_sid(&grp->sid, &(grp->nt_domain))) - { - DEBUG(0,("make_mydomain_sid: unknown domain %s\n", - grp->nt_domain)); - return False; - } - - if (sid_equal(&grp->sid, &global_sid_S_1_5_20)) - { - /* - * only builtin aliases are recognised in S-1-5-20 - */ - DEBUG(10,("make_mydomain_sid: group %s in builtin domain\n", - grp->nt_name)); - - if (lookup_builtin_alias_name(grp->nt_name, "BUILTIN", &grp->sid, &grp->type) != 0x0) - { - DEBUG(0,("unix group %s mapped to an unrecognised BUILTIN domain name %s\n", - grp->unix_name, grp->nt_name)); - return False; - } - ret = True; - } - else if (lookup_wk_user_name(grp->nt_name, grp->nt_domain, &grp->sid, &grp->type) == 0x0) - { - if (type != DOM_MAP_USER) - { - DEBUG(0,("well-known NT user %s\\%s listed in wrong map file\n", - grp->nt_domain, grp->nt_name)); - return False; - } - ret = True; - } - else if (lookup_wk_group_name(grp->nt_name, grp->nt_domain, &grp->sid, &grp->type) == 0x0) - { - if (type != DOM_MAP_DOMAIN) - { - DEBUG(0,("well-known NT group %s\\%s listed in wrong map file\n", - grp->nt_domain, grp->nt_name)); - return False; - } - ret = True; - } - else - { - switch (type) - { - case DOM_MAP_USER: - { - grp->type = SID_NAME_USER; - break; - } - case DOM_MAP_DOMAIN: - { - grp->type = SID_NAME_DOM_GRP; - break; - } - case DOM_MAP_LOCAL: - { - grp->type = SID_NAME_ALIAS; - break; - } - } - - ret = pwdb_unixid_to_sam_sid(grp->unix_id, grp->type, &grp->sid); - } - - sid_to_string(sid_str, &grp->sid); - DEBUG(10,("nt name %s\\%s gid %d mapped to %s\n", - grp->nt_domain, grp->nt_name, grp->unix_id, sid_str)); - return ret; -} - -/************************************************************************** - makes a group sid out of an nt domain, nt group name or a unix group name. -***************************************************************************/ -static BOOL unix_name_to_nt_name_info(DOM_NAME_MAP *map, DOM_MAP_TYPE type) -{ - /* - * Attempt to get the unix gid_t for this name. - */ - - DEBUG(5,("unix_name_to_nt_name_info: unix_name:%s\n", map->unix_name)); - - if (type == DOM_MAP_USER) - { - const struct passwd *pwptr = Get_Pwnam(map->unix_name, False); - if (pwptr == NULL) - { - DEBUG(0,("unix_name_to_nt_name_info: Get_Pwnam for user %s\ -failed. Error was %s.\n", map->unix_name, strerror(errno) )); - return False; - } - - map->unix_id = (uint32)pwptr->pw_uid; - } - else - { - struct group *gptr = getgrnam(map->unix_name); - if (gptr == NULL) - { - DEBUG(0,("unix_name_to_nt_name_info: getgrnam for group %s\ -failed. Error was %s.\n", map->unix_name, strerror(errno) )); - return False; - } - - map->unix_id = (uint32)gptr->gr_gid; - } - - DEBUG(5,("unix_name_to_nt_name_info: unix gid:%d\n", map->unix_id)); - - /* - * Now map the name to an NT SID+RID. - */ - - if (map->nt_domain != NULL && !strequal(map->nt_domain, global_sam_name)) - { - /* Must add client-call lookup code here, to - * resolve remote domain's sid and the group's rid, - * in that domain. - * - * NOTE: it is _incorrect_ to put code here that assumes - * we are responsible for lookups for foriegn domains' RIDs. - * - * for foriegn domains for which we are *NOT* the PDC, all - * we can be responsible for is the unix gid_t to which - * the foriegn SID+rid maps to, on this _local_ machine. - * we *CANNOT* make any short-cuts or assumptions about - * RIDs in a foriegn domain. - */ - - if (!map_domain_name_to_sid(&map->sid, &(map->nt_domain))) - { - DEBUG(0,("unix_name_to_nt_name_info: no known sid for %s\n", - map->nt_domain)); - return False; - } - } - - return make_mydomain_sid(map, type); -} - -static BOOL make_name_entry(name_map_entry **new_ep, - char *nt_domain, char *nt_group, char *unix_group, - DOM_MAP_TYPE type) -{ - /* - * Create the list entry and add it onto the list. - */ - - DEBUG(5,("make_name_entry:%s,%s,%s\n", nt_domain, nt_group, unix_group)); - - (*new_ep) = (name_map_entry *)malloc(sizeof(name_map_entry)); - if ((*new_ep) == NULL) - { - DEBUG(0,("make_name_entry: malloc fail for name_map_entry.\n")); - return False; - } - - ZERO_STRUCTP(*new_ep); - - (*new_ep)->grp.nt_name = strdup(nt_group ); - (*new_ep)->grp.nt_domain = strdup(nt_domain ); - (*new_ep)->grp.unix_name = strdup(unix_group); - - if ((*new_ep)->grp.nt_name == NULL || - (*new_ep)->grp.unix_name == NULL) - { - DEBUG(0,("make_name_entry: malloc fail for names in name_map_entry.\n")); - delete_name_entry((*new_ep)); - return False; - } - - /* - * look up the group names, make the Group-SID and unix gid - */ - - if (!unix_name_to_nt_name_info(&(*new_ep)->grp, type)) - { - delete_name_entry((*new_ep)); - return False; - } - - return True; -} - -/************************************************************************** - Load a name map file. Sets last accessed timestamp. -***************************************************************************/ -static ubi_slList *load_name_map(DOM_MAP_TYPE type) -{ - static time_t groupmap_file_last_modified = (time_t)0; - static time_t aliasmap_file_last_modified = (time_t)0; - static time_t ntusrmap_file_last_modified = (time_t)0; - static BOOL initialised_group = False; - static BOOL initialised_alias = False; - static BOOL initialised_ntusr = False; - char *groupname_map_file = lp_groupname_map(); - char *aliasname_map_file = lp_aliasname_map(); - char *ntusrname_map_file = lp_ntusrname_map(); - - FILE *fp; - char *s; - pstring buf; - name_map_entry *new_ep; - - time_t *file_last_modified = NULL; - int *initialised = NULL; - char *map_file = NULL; - ubi_slList *map_list = NULL; - - switch (type) - { - case DOM_MAP_DOMAIN: - { - file_last_modified = &groupmap_file_last_modified; - initialised = &initialised_group; - map_file = groupname_map_file; - map_list = &groupname_map_list; - - break; - } - case DOM_MAP_LOCAL: - { - file_last_modified = &aliasmap_file_last_modified; - initialised = &initialised_alias; - map_file = aliasname_map_file; - map_list = &aliasname_map_list; - - break; - } - case DOM_MAP_USER: - { - file_last_modified = &ntusrmap_file_last_modified; - initialised = &initialised_ntusr; - map_file = ntusrname_map_file; - map_list = &ntusrname_map_list; - - break; - } - } - - if (!(*initialised)) - { - DEBUG(10,("initialising map %s\n", map_file)); - ubi_slInitList(map_list); - (*initialised) = True; - } - - if (!*map_file) - { - return map_list; - } - - /* - * Load the file. - */ - - fp = open_file_if_modified(map_file, "r", file_last_modified); - if (!fp) - { - return map_list; - } - - /* - * Throw away any previous list. - */ - delete_map_list(map_list); - - DEBUG(4,("load_name_map: Scanning name map %s\n",map_file)); - - while ((s = fgets_slash(buf, sizeof(buf), fp)) != NULL) - { - pstring unixname; - pstring nt_name; - fstring nt_domain; - fstring ntname; - char *p; - - DEBUG(10,("Read line |%s|\n", s)); - - memset(nt_name, 0, sizeof(nt_name)); - - if (!*s || strchr("#;",*s)) - continue; - - if (!next_token(&s,unixname, "\t\n\r=", sizeof(unixname))) - continue; - - if (!next_token(&s,nt_name, "\t\n\r=", sizeof(nt_name))) - continue; - - trim_string(unixname, " ", " "); - trim_string(nt_name, " ", " "); - - if (!*nt_name) - continue; - - if (!*unixname) - continue; - - p = strchr(nt_name, '\\'); - - if (p == NULL) - { - memset(nt_domain, 0, sizeof(nt_domain)); - fstrcpy(ntname, nt_name); - } - else - { - *p = 0; - p++; - fstrcpy(nt_domain, nt_name); - fstrcpy(ntname , p); - } - - if (make_name_entry(&new_ep, nt_domain, ntname, unixname, type)) - { - ubi_slAddTail(map_list, (ubi_slNode *)new_ep); - DEBUG(5,("unixname = %s, ntname = %s\\%s type = %d\n", - new_ep->grp.unix_name, - new_ep->grp.nt_domain, - new_ep->grp.nt_name, - new_ep->grp.type)); - } - } - - DEBUG(10,("load_name_map: Added %ld entries to name map.\n", - ubi_slCount(map_list))); - - fclose(fp); - - return map_list; -} - -static void copy_grp_map_entry(DOM_NAME_MAP *grp, const DOM_NAME_MAP *from) -{ - sid_copy(&grp->sid, &from->sid); - grp->unix_id = from->unix_id; - grp->nt_name = from->nt_name; - grp->nt_domain = from->nt_domain; - grp->unix_name = from->unix_name; - grp->type = from->type; -} - -#if 0 -/*********************************************************** - Lookup unix name. -************************************************************/ -static BOOL map_unixname(DOM_MAP_TYPE type, - char *unixname, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (strequal(gmep->grp.unix_name, unixname)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_unixname: Mapping unix name %s to nt group %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - -#endif - -/*********************************************************** - Lookup nt name. -************************************************************/ -static BOOL map_ntname(DOM_MAP_TYPE type, char *ntname, char *ntdomain, - DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (strequal(gmep->grp.nt_name , ntname) && - strequal(gmep->grp.nt_domain, ntdomain)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_ntname: Mapping unix name %s to nt name %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - - -/*********************************************************** - Lookup by SID -************************************************************/ -static BOOL map_sid(DOM_MAP_TYPE type, - DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (sid_equal(&gmep->grp.sid, psid)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_sid: Mapping unix name %s to nt name %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - -/*********************************************************** - Lookup by gid_t. -************************************************************/ -static BOOL map_unixid(DOM_MAP_TYPE type, uint32 unix_id, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - fstring sid_str; - sid_to_string(sid_str, &gmep->grp.sid); - DEBUG(10,("map_unixid: enum entry unix group %s %d nt %s %s\n", - gmep->grp.unix_name, gmep->grp.unix_id, gmep->grp.nt_name, sid_str)); - if (gmep->grp.unix_id == unix_id) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_unixid: Mapping unix name %s to nt name %s type %d\n", - gmep->grp.unix_name, gmep->grp.nt_name, gmep->grp.type)); - return True; - } - } - - return False; -} - -/*********************************************************** - * - * Call four functions to resolve unix group ids and either - * local group SIDs or domain group SIDs listed in the local group - * or domain group map files. - * - * Note that it is *NOT* the responsibility of these functions to - * resolve entries that are not in the map files. - * - * Any SID can be in the map files (i.e from any Domain). - * - ***********************************************************/ - -#if 0 - -/*********************************************************** - Lookup a UNIX Group entry by name. -************************************************************/ -BOOL map_unix_group_name(char *group_name, DOM_NAME_MAP *grp_info) -{ - return map_unixname(DOM_MAP_DOMAIN, group_name, grp_info); -} - -/*********************************************************** - Lookup a UNIX Alias entry by name. -************************************************************/ -BOOL map_unix_alias_name(char *alias_name, DOM_NAME_MAP *grp_info) -{ - return map_unixname(DOM_MAP_LOCAL, alias_name, grp_info); -} - -/*********************************************************** - Lookup an Alias name entry -************************************************************/ -BOOL map_nt_alias_name(char *ntalias_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_LOCAL, ntalias_name, nt_domain, grp_info); -} - -/*********************************************************** - Lookup a Group entry -************************************************************/ -BOOL map_nt_group_name(char *ntgroup_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_DOMAIN, ntgroup_name, nt_domain, grp_info); -} - -#endif - -/*********************************************************** - Lookup a Username entry by name. -************************************************************/ -static BOOL map_nt_username(char *nt_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_USER, nt_name, nt_domain, grp_info); -} - -/*********************************************************** - Lookup a Username entry by SID. -************************************************************/ -static BOOL map_username_sid(DOM_SID *sid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_USER, sid, grp_info); -} - -/*********************************************************** - Lookup a Username SID entry by uid. -************************************************************/ -static BOOL map_username_uid(uid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_USER, (uint32)gid, grp_info); -} - -/*********************************************************** - Lookup an Alias SID entry by name. -************************************************************/ -BOOL map_alias_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_LOCAL, psid, grp_info); -} - -/*********************************************************** - Lookup a Group entry by sid. -************************************************************/ -BOOL map_group_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_DOMAIN, psid, grp_info); -} - -/*********************************************************** - Lookup an Alias SID entry by gid_t. -************************************************************/ -static BOOL map_alias_gid(gid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_LOCAL, (uint32)gid, grp_info); -} - -/*********************************************************** - Lookup a Group SID entry by gid_t. -************************************************************/ -static BOOL map_group_gid( gid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_DOMAIN, (uint32)gid, grp_info); -} - - -/************************************************************************ - Routine to look up User details by UNIX name -*************************************************************************/ -BOOL lookupsmbpwnam(const char *unix_usr_name, DOM_NAME_MAP *grp) -{ - uid_t uid; - DEBUG(10,("lookupsmbpwnam: unix user name %s\n", unix_usr_name)); - if (nametouid(unix_usr_name, &uid)) - { - return lookupsmbpwuid(uid, grp); - } - else - { - return False; - } -} - -/************************************************************************ - Routine to look up a remote nt name -*************************************************************************/ -static BOOL lookup_remote_ntname(const char *ntname, DOM_SID *sid, uint8 *type) -{ - struct cli_state cli; - POLICY_HND lsa_pol; - fstring srv_name; - extern struct ntuser_creds *usr_creds; - struct ntuser_creds usr; - - BOOL res3 = True; - BOOL res4 = True; - uint32 num_sids; - DOM_SID *sids; - uint8 *types; - char *names[1]; - - usr_creds = &usr; - - ZERO_STRUCT(usr); - pwd_set_nullpwd(&usr.pwd); - - DEBUG(5,("lookup_remote_ntname: %s\n", ntname)); - - if (!cli_connect_serverlist(&cli, lp_passwordserver())) - { - return False; - } - - names[0] = ntname; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, cli.desthost); - strupper(srv_name); - - /* lookup domain controller; receive a policy handle */ - res3 = res3 ? lsa_open_policy( srv_name, - &lsa_pol, True) : False; - - /* send lsa lookup sids call */ - res4 = res3 ? lsa_lookup_names( &lsa_pol, - 1, names, - &sids, &types, &num_sids) : False; - - res3 = res3 ? lsa_close(&lsa_pol) : False; - - if (res4 && res3 && sids != NULL && types != NULL) - { - sid_copy(sid, &sids[0]); - *type = types[0]; - } - else - { - res3 = False; - } - if (types != NULL) - { - free(types); - } - - if (sids != NULL) - { - free(sids); - } - - return res3 && res4; -} - -/************************************************************************ - Routine to look up a remote nt name -*************************************************************************/ -static BOOL get_sid_and_type(const char *fullntname, uint8 expected_type, - DOM_NAME_MAP *gmep) -{ - /* - * check with the PDC to see if it owns the name. if so, - * the SID is resolved with the PDC database. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - if (lookup_remote_ntname(fullntname, &gmep->sid, &gmep->type)) - { - if (sid_front_equal(&gmep->sid, &global_member_sid) && - strequal(gmep->nt_domain, global_myworkgroup) && - gmep->type == expected_type) - { - return True; - } - return False; - } - } - - /* - * ... otherwise, it's one of ours. map the sid ourselves, - * which can only happen in our own SAM database. - */ - - if (!strequal(gmep->nt_domain, global_sam_name)) - { - return False; - } - if (!pwdb_unixid_to_sam_sid(gmep->unix_id, gmep->type, &gmep->sid)) - { - return False; - } - - return True; -} - -/* - * used by lookup functions below - */ - -static fstring nt_name; -static fstring unix_name; -static fstring nt_domain; - -/************************************************************************* - looks up a uid, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwuid(uid_t uid, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbpwuid: unix uid %d\n", uid)); - if (map_username_uid(uid, gmep)) - { - return True; - } -#if 0 - if (lp_server_role() != ROLE_DOMAIN_NONE) -#endif - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - gmep->unix_id = (uint32)uid; - - /* - * ok, assume it's one of ours. then double-check it - * if we are a member of a domain - */ - - gmep->type = SID_NAME_USER; - fstrcpy(gmep->nt_name, uidtoname(uid)); - fstrcpy(gmep->unix_name, gmep->nt_name); - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - lsa_lookup_names(global_myworkgroup, gmep->nt_name, &gmep->sid...); -#endif - } - - /* - * ok, it's one of ours. - */ - - gmep->nt_domain = global_sam_name; - pwdb_unixid_to_sam_sid(gmep->unix_id, gmep->type, &gmep->sid); - - return True; - } - - /* oops. */ - - return False; -} - -/************************************************************************* - looks up by NT name, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwntnam(const char *fullntname, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbpwntnam: nt user name %s\n", fullntname)); - - if (!split_domain_name(fullntname, nt_domain, nt_name)) - { - return False; - } - - if (map_nt_username(nt_name, nt_domain, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - uid_t uid; - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * ok, it's one of ours. we therefore "create" an nt user named - * after the unix user. this is the point where "appliance mode" - * should get its teeth in, as unix users won't really exist, - * they will only be numbers... - */ - - gmep->type = SID_NAME_USER; - fstrcpy(gmep->unix_name, gmep->nt_name); - if (!nametouid(gmep->unix_name, &uid)) - { - return False; - } - gmep->unix_id = (uint32)uid; - - return get_sid_and_type(fullntname, gmep->type, gmep); - } - - /* oops. */ - - return False; -} - -/************************************************************************* - looks up by RID, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwsid(DOM_SID *sid, DOM_NAME_MAP *gmep) -{ - fstring sid_str; - sid_to_string(sid_str, sid); - DEBUG(10,("lookupsmbpwsid: nt sid %s\n", sid_str)); - - if (map_username_sid(sid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - if (lookup_remote_sid(global_myworkgroup, gmep->sid, gmep->nt_name, gmep->nt_domain...); -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt user named - * after the unix user. this is the point where "appliance mode" - * should get its teeth in, as unix users won't really exist, - * they will only be numbers... - */ - - gmep->type = SID_NAME_USER; - sid_copy(&gmep->sid, sid); - if (!pwdb_sam_sid_to_unixid(&gmep->sid, gmep->type, &gmep->unix_id)) - { - return False; - } - fstrcpy(gmep->nt_name, uidtoname((uid_t)gmep->unix_id)); - fstrcpy(gmep->unix_name, gmep->nt_name); - gmep->nt_domain = global_sam_name; - - return True; - } - - /* oops. */ - - return False; -} - -/************************************************************************ - Routine to look up group / alias / well-known group RID by UNIX name -*************************************************************************/ -BOOL lookupsmbgrpnam(const char *unix_grp_name, DOM_NAME_MAP *grp) -{ - gid_t gid; - DEBUG(10,("lookupsmbgrpnam: unix user group %s\n", unix_grp_name)); - if (nametogid(unix_grp_name, &gid)) - { - return lookupsmbgrpgid(gid, grp); - } - else - { - return False; - } -} - -/************************************************************************* - looks up a SID, returns name map entry -*************************************************************************/ -BOOL lookupsmbgrpsid(DOM_SID *sid, DOM_NAME_MAP *gmep) -{ - fstring sid_str; - sid_to_string(sid_str, sid); - DEBUG(10,("lookupsmbgrpsid: nt sid %s\n", sid_str)); - - if (map_alias_sid(sid, gmep)) - { - return True; - } - if (map_group_sid(sid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - lsa_lookup_sids(global_myworkgroup, gmep->sid, gmep->nt_name, gmep->nt_domain...); -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt group or - * alias name named after the unix group. this is the point - * where "appliance mode" should get its teeth in, as unix - * groups won't really exist, they will only be numbers... - */ - - /* name is not explicitly mapped - * with map files or the PDC - * so we are responsible for it... - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - /* ... as a LOCAL group. */ - gmep->type = SID_NAME_ALIAS; - } - else - { - /* ... as a DOMAIN group. */ - gmep->type = SID_NAME_DOM_GRP; - } - - sid_copy(&gmep->sid, sid); - if (!pwdb_sam_sid_to_unixid(&gmep->sid, gmep->type, &gmep->unix_id)) - { - return False; - } - fstrcpy(gmep->nt_name, gidtoname((gid_t)gmep->unix_id)); - fstrcpy(gmep->unix_name, gmep->nt_name); - gmep->nt_domain = global_sam_name; - - return True; - } - - /* oops */ - return False; -} - -/************************************************************************* - looks up a gid, returns RID and type local, domain or well-known domain group -*************************************************************************/ -BOOL lookupsmbgrpgid(gid_t gid, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbgrpgid: unix gid %d\n", (int)gid)); - if (map_alias_gid(gid, gmep)) - { - return True; - } - if (map_group_gid(gid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - gmep->unix_id = (uint32)gid; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - if (lsa_lookup_names(global_myworkgroup, gmep->nt_name, &gmep->sid...); - { - return True; - } -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt group or - * alias name named after the unix group. this is the point - * where "appliance mode" should get its teeth in, as unix - * groups won't really exist, they will only be numbers... - */ - - /* name is not explicitly mapped - * with map files or the PDC - * so we are responsible for it... - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - /* ... as a LOCAL group. */ - gmep->type = SID_NAME_ALIAS; - } - else - { - /* ... as a DOMAIN group. */ - gmep->type = SID_NAME_DOM_GRP; - } - fstrcpy(gmep->nt_name, gidtoname(gid)); - fstrcpy(gmep->unix_name, gmep->nt_name); - - return get_sid_and_type(gmep->nt_name, gmep->type, gmep); - } - - /* oops */ - return False; -} - diff --git a/source3/lib/module.c b/source3/lib/module.c deleted file mode 100644 index 2d8bd7459f..0000000000 --- a/source3/lib/module.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - Unix SMB/CIFS implementation. - module loading system - - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#ifdef HAVE_DLOPEN -NTSTATUS smb_load_module(const char *module_name) -{ - void *handle; - init_module_function *init; - NTSTATUS nt_status; - - /* Always try to use LAZY symbol resolving; if the plugin has - * backwards compatibility, there might be symbols in the - * plugin referencing to old (removed) functions - */ - handle = sys_dlopen(module_name, RTLD_LAZY); - - if(!handle) { - DEBUG(0, ("Error loading module '%s': %s\n", module_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - init = sys_dlsym(handle, "init_module"); - - if(!init) { - DEBUG(0, ("Error trying to resolve symbol 'init_module' in %s: %s\n", module_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - nt_status = init(); - - DEBUG(2, ("Module '%s' loaded\n", module_name)); - - return nt_status; -} - -/* Load all modules in list and return number of - * modules that has been successfully loaded */ -int smb_load_modules(const char **modules) -{ - int i; - int success = 0; - - for(i = 0; modules[i]; i++){ - if(NT_STATUS_IS_OK(smb_load_module(modules[i]))) { - success++; - } - } - - return success; -} - -#else /* HAVE_DLOPEN */ - -NTSTATUS smb_load_module(const char *module_name) -{ - DEBUG(0,("This samba executable has not been build with plugin support")); - return NT_STATUS_NOT_SUPPORTED; -} - -int smb_load_modules(const char **modules) -{ - DEBUG(0,("This samba executable has not been build with plugin support")); - return -1; -} - -#endif /* HAVE_DLOPEN */ diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c index aaec448762..21ee94d2e6 100644 --- a/source3/lib/popt_common.c +++ b/source3/lib/popt_common.c @@ -23,12 +23,9 @@ #include "includes.h" /* Handle command line options: - * d,--debuglevel - * s,--configfile - * O,--socket-options - * V,--version - * l,--log-base - * n,--netbios-name + * -d,--debuglevel + * -s,--configfile + * -O,--socket-options */ extern pstring user_socket_options; @@ -40,23 +37,6 @@ static void popt_common_callback(poptContext con, const struct poptOption *opt, const char *arg, const void *data) { - pstring logfile; - const char *pname; - - /* Find out basename of current program */ - pname = strrchr_m(poptGetInvocationName(con),'/'); - - if (!pname) - pname = poptGetInvocationName(con); - else - pname++; - - if (reason == POPT_CALLBACK_REASON_PRE) { - pstr_sprintf(logfile, "%s/log.%s", dyn_LOGFILEBASE, pname); - lp_set_logfile(logfile); - return; - } - switch(opt->val) { case 'd': if (arg) { @@ -71,29 +51,16 @@ static void popt_common_callback(poptContext con, break; case 'O': - if (arg) { - pstrcpy(user_socket_options,arg); - } + pstrcpy(user_socket_options,arg); break; case 's': - if (arg) { - pstrcpy(dyn_CONFIGFILE, arg); - } + pstrcpy(dyn_CONFIGFILE, arg); break; case 'n': - if (arg) { - pstrcpy(global_myname,arg); - strupper(global_myname); - } - break; - - case 'l': - if (arg) { - pstr_sprintf(logfile, "%s/log.%s", arg, pname); - lp_set_logfile(logfile); - } + pstrcpy(global_myname,arg); + strupper(global_myname); break; } } @@ -128,9 +95,3 @@ struct poptOption popt_common_netbios_name[] = { {"netbiosname", 'n', POPT_ARG_STRING, NULL, 'n', "Primary netbios name"}, { 0 } }; - -struct poptOption popt_common_log_base[] = { - { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, popt_common_callback }, - { "log-basename", 'l', POPT_ARG_STRING, NULL, 'l', "Basename for log/debug files"}, - { 0 } -}; diff --git a/source3/lib/replace.c b/source3/lib/replace.c index dfc88e7028..fd7b2cf7f0 100644 --- a/source3/lib/replace.c +++ b/source3/lib/replace.c @@ -430,28 +430,3 @@ char *rep_inet_ntoa(struct in_addr ip) #endif /* HAVE_VSYSLOG */ -#ifndef HAVE_TIMEGM -/* - see the timegm man page on linux -*/ - time_t timegm(struct tm *tm) -{ - time_t ret; - char *tz; - char *tzvar; - - tz = getenv("TZ"); - putenv("TZ="); - tzset(); - ret = mktime(tm); - if (tz) { - asprintf(&tzvar, "TZ=%s", tz); - putenv(tzvar); - safe_free(tzvar); - } else { - putenv("TZ"); - } - tzset(); - return ret; -} -#endif diff --git a/source3/libads/ads_utils.c b/source3/libads/ads_utils.c index 626c177926..750940e336 100644 --- a/source3/libads/ads_utils.c +++ b/source3/libads/ads_utils.c @@ -89,52 +89,6 @@ uint32 ads_uf2atype(uint32 uf) } /* -translated the GROUP_CTRL Flags to GroupType (groupType) -*/ -uint32 ads_gcb2gtype(uint16 gcb) -{ - uint32 gtype = 0x00000000; - - if (gcb & GCB_ALIAS_GROUP) gtype |= GTYPE_SECURITY_BUILTIN_LOCAL_GROUP; - else if(gcb & GCB_LOCAL_GROUP) gtype |= GTYPE_SECURITY_DOMAIN_LOCAL_GROUP; - if (gcb & GCB_GLOBAL_GROUP) gtype |= GTYPE_SECURITY_GLOBAL_GROUP; - - return gtype; -} - -/* -translated the GroupType (groupType) to GROUP_CTRL Flags -*/ -uint16 ads_gtype2gcb(uint32 gtype) -{ - uint16 gcb = 0x0000; - - switch(gtype) { - case GTYPE_SECURITY_BUILTIN_LOCAL_GROUP: - gcb = GCB_ALIAS_GROUP; - break; - case GTYPE_SECURITY_DOMAIN_LOCAL_GROUP: - gcb = GCB_LOCAL_GROUP; - break; - case GTYPE_SECURITY_GLOBAL_GROUP: - gcb = GCB_GLOBAL_GROUP; - break; - - case GTYPE_DISTRIBUTION_GLOBAL_GROUP: - gcb = GCB_GLOBAL_GROUP; - break; - case GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP: - gcb = GCB_LOCAL_GROUP; - break; - case GTYPE_DISTRIBUTION_UNIVERSAL_GROUP: - gcb = GCB_GLOBAL_GROUP; - break; - } - - return gcb; -} - -/* get the accountType from the groupType */ uint32 ads_gtype2atype(uint32 gtype) diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c index 52fd2e6862..22b58f47dd 100644 --- a/source3/libads/kerberos_verify.c +++ b/source3/libads/kerberos_verify.c @@ -38,7 +38,7 @@ NTSTATUS ads_verify_ticket(ADS_STRUCT *ads, const DATA_BLOB *ticket, krb5_ticket *tkt = NULL; krb5_data salt; krb5_encrypt_block eblock; - int ret, i; + int ret; krb5_keyblock * key; krb5_principal host_princ; char *host_princ_s; @@ -46,7 +46,6 @@ NTSTATUS ads_verify_ticket(ADS_STRUCT *ads, const DATA_BLOB *ticket, fstring myname; char *password_s; krb5_data password; - krb5_enctype *enctypes = NULL; if (!secrets_init()) { DEBUG(1,("secrets_init failed\n")); @@ -71,6 +70,7 @@ NTSTATUS ads_verify_ticket(ADS_STRUCT *ads, const DATA_BLOB *ticket, ret = krb5_set_default_realm(context, ads->auth.realm); if (ret) { DEBUG(1,("krb5_set_default_realm failed (%s)\n", error_message(ret))); + ads_destroy(&ads); return NT_STATUS_LOGON_FAILURE; } @@ -102,44 +102,30 @@ NTSTATUS ads_verify_ticket(ADS_STRUCT *ads, const DATA_BLOB *ticket, return NT_STATUS_NO_MEMORY; } - if ((ret = krb5_get_permitted_enctypes(context, &enctypes))) { - DEBUG(1,("krb5_get_permitted_enctypes failed (%s)\n", - error_message(ret))); + krb5_use_enctype(context, &eblock, ENCTYPE_DES_CBC_MD5); + + ret = krb5_string_to_key(context, &eblock, key, &password, &salt); + if (ret) { + DEBUG(1,("krb5_string_to_key failed (%s)\n", error_message(ret))); return NT_STATUS_LOGON_FAILURE; } - /* we need to setup a auth context with each possible encoding type in turn */ - for (i=0;enctypes[i];i++) { - krb5_use_enctype(context, &eblock, enctypes[i]); - - ret = krb5_string_to_key(context, &eblock, key, &password, &salt); - if (ret) { - continue; - } + krb5_auth_con_setuseruserkey(context, auth_context, key); - krb5_auth_con_setuseruserkey(context, auth_context, key); + packet.length = ticket->length; + packet.data = (krb5_pointer)ticket->data; - packet.length = ticket->length; - packet.data = (krb5_pointer)ticket->data; - - if (!(ret = krb5_rd_req(context, &auth_context, &packet, - NULL, keytab, NULL, &tkt))) { - krb5_free_ktypes(context, enctypes); - break; - } - } +#if 0 + file_save("/tmp/ticket.dat", ticket->data, ticket->length); +#endif - if (!enctypes[i]) { + if ((ret = krb5_rd_req(context, &auth_context, &packet, + NULL, keytab, NULL, &tkt))) { DEBUG(3,("krb5_rd_req with auth failed (%s)\n", error_message(ret))); return NT_STATUS_LOGON_FAILURE; } -#if 0 - file_save("/tmp/ticket.dat", ticket->data, ticket->length); -#endif - - if (tkt->enc_part2) { *auth_data = data_blob(tkt->enc_part2->authorization_data[0]->contents, tkt->enc_part2->authorization_data[0]->length); diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c index dacf8f7da8..aa7d99a5f7 100644 --- a/source3/libads/sasl.c +++ b/source3/libads/sasl.c @@ -192,12 +192,8 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads) #ifdef HAVE_KRB5 if (!(ads->auth.flags & ADS_AUTH_DISABLE_KERBEROS) && - got_kerberos_mechanism) { - status = ads_sasl_spnego_krb5_bind(ads, principal); - if (ADS_ERR_OK(status)) - return status; - if (ads_kinit_password(ads) == 0) - return ads_sasl_spnego_krb5_bind(ads, principal); + got_kerberos_mechanism && ads_kinit_password(ads) == 0) { + return ads_sasl_spnego_krb5_bind(ads, principal); } #endif diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index a404928a93..6a21121f43 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -1277,7 +1277,7 @@ again: Attempt a NetBIOS session request, falling back to *SMBSERVER if needed. ****************************************************************************/ -BOOL attempt_netbios_session_request(struct cli_state *cli, const char *srchost, const char *desthost, +BOOL attempt_netbios_session_request(struct cli_state *cli, char *srchost, char *desthost, struct in_addr *pdest_ip) { struct nmb_name calling, called; diff --git a/source3/libsmb/libsmb_compat.c b/source3/libsmb/libsmb_compat.c index 27b274953a..bba90c648e 100644 --- a/source3/libsmb/libsmb_compat.c +++ b/source3/libsmb/libsmb_compat.c @@ -24,7 +24,11 @@ #include "includes.h" -#include "../include/libsmb_internal.h" +/* + * Define this to get the real SMBCFILE and SMBCSRV structures + */ +#define _SMBC_INTERNAL +#include "../include/libsmbclient.h" struct smbc_compat_fdlist { SMBCFILE * file; @@ -268,7 +272,7 @@ int smbc_open_print_job(const char *fname) return (int) file; } -int smbc_list_print_jobs(const char *purl, smbc_list_print_job_fn fn) +int smbc_list_print_jobs(const char *purl, smbc_get_print_job_info fn) { return statcont->list_print_jobs(statcont, purl, fn); } diff --git a/source3/libsmb/libsmbclient.c b/source3/libsmb/libsmbclient.c index dd46749a5a..faa4191e6d 100644 --- a/source3/libsmb/libsmbclient.c +++ b/source3/libsmb/libsmbclient.c @@ -23,7 +23,7 @@ #include "includes.h" -#include "../include/libsmb_internal.h" +#include "../include/libsmbclient.h" /* * Functions exported by libsmb_cache.c that we need here @@ -219,7 +219,7 @@ int smbc_check_server(SMBCCTX * context, SMBCSRV * server) } /* - * Remove a server from the cached server list it's unused. + * Remove a server from the list server_table if it's unused. * On success, 0 is returned. 1 is returned if the server could not be removed. * * Also useable outside libsmbclient @@ -229,12 +229,11 @@ int smbc_remove_unused_server(SMBCCTX * context, SMBCSRV * srv) SMBCFILE * file; /* are we being fooled ? */ - if (!context || !context->internal || - !context->internal->_initialized || !srv) return 1; + if (!context || !context->_initialized || !srv) return 1; /* Check all open files/directories for a relation with this server */ - for (file = context->internal->_files; file; file=file->next) { + for (file = context->_files; file; file=file->next) { if (file->srv == srv) { /* Still used */ DEBUG(3, ("smbc_remove_usused_server: %p still used by %p.\n", @@ -243,7 +242,7 @@ int smbc_remove_unused_server(SMBCCTX * context, SMBCSRV * srv) } } - DLIST_REMOVE(context->internal->_servers, srv); + DLIST_REMOVE(context->_servers, srv); cli_shutdown(&srv->cli); @@ -476,8 +475,7 @@ static SMBCFILE *smbc_open_ctx(SMBCCTX *context, const char *fname, int flags, m SMBCFILE *file = NULL; int fd; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; /* Best I can think of ... */ return NULL; @@ -544,7 +542,7 @@ static SMBCFILE *smbc_open_ctx(SMBCCTX *context, const char *fname, int flags, m file->offset = 0; file->file = True; - DLIST_ADD(context->internal->_files, file); + DLIST_ADD(context->_files, file); return file; } @@ -575,8 +573,7 @@ static int creat_bits = O_WRONLY | O_CREAT | O_TRUNC; /* FIXME: Do we need this static SMBCFILE *smbc_creat_ctx(SMBCCTX *context, const char *path, mode_t mode) { - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return NULL; @@ -594,8 +591,7 @@ static ssize_t smbc_read_ctx(SMBCCTX *context, SMBCFILE *file, void *buf, size_t { int ret; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; @@ -604,7 +600,7 @@ static ssize_t smbc_read_ctx(SMBCCTX *context, SMBCFILE *file, void *buf, size_t DEBUG(4, ("smbc_read(%p, %d)\n", file, (int)count)); - if (!file || !DLIST_CONTAINS(context->internal->_files, file)) { + if (!file || !DLIST_CONTAINS(context->_files, file)) { errno = EBADF; return -1; @@ -645,15 +641,14 @@ static ssize_t smbc_write_ctx(SMBCCTX *context, SMBCFILE *file, void *buf, size_ { int ret; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || context->_initialized) { errno = EINVAL; return -1; } - if (!file || !DLIST_CONTAINS(context->internal->_files, file)) { + if (!file || !DLIST_CONTAINS(context->_files, file)) { errno = EBADF; return -1; @@ -691,15 +686,14 @@ static int smbc_close_ctx(SMBCCTX *context, SMBCFILE *file) { SMBCSRV *srv; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; } - if (!file || !DLIST_CONTAINS(context->internal->_files, file)) { + if (!file || !DLIST_CONTAINS(context->_files, file)) { errno = EBADF; return -1; @@ -721,7 +715,7 @@ static int smbc_close_ctx(SMBCCTX *context, SMBCFILE *file) * from the server cache if unused */ errno = smbc_errno(context, &file->srv->cli); srv = file->srv; - DLIST_REMOVE(context->internal->_files, file); + DLIST_REMOVE(context->_files, file); SAFE_FREE(file->fname); SAFE_FREE(file); context->callbacks.remove_unused_server_fn(context, srv); @@ -743,7 +737,7 @@ static int smbc_close_ctx(SMBCCTX *context, SMBCFILE *file) * from the server cache if unused */ errno = smbc_errno(context, &file->srv->cli); srv = file->srv; - DLIST_REMOVE(context->internal->_files, file); + DLIST_REMOVE(context->_files, file); SAFE_FREE(file->fname); SAFE_FREE(file); context->callbacks.remove_unused_server_fn(context, srv); @@ -751,7 +745,7 @@ static int smbc_close_ctx(SMBCCTX *context, SMBCFILE *file) return -1; } - DLIST_REMOVE(context->internal->_files, file); + DLIST_REMOVE(context->_files, file); SAFE_FREE(file->fname); SAFE_FREE(file); @@ -768,8 +762,7 @@ static BOOL smbc_getatr(SMBCCTX * context, SMBCSRV *srv, char *path, SMB_INO_T *ino) { - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; @@ -805,8 +798,7 @@ static int smbc_unlink_ctx(SMBCCTX *context, const char *fname) pstring path; SMBCSRV *srv = NULL; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || context->_initialized) { errno = EINVAL; /* Best I can think of ... */ return -1; @@ -900,10 +892,8 @@ static int smbc_rename_ctx(SMBCCTX *ocontext, const char *oname, pstring path1, path2; SMBCSRV *srv = NULL; - if (!ocontext || !ncontext || - !ocontext->internal || !ncontext->internal || - !ocontext->internal->_initialized || - !ncontext->internal->_initialized) { + if (!ocontext || !ncontext || + !ocontext->_initialized || !ncontext->_initialized) { errno = EINVAL; /* Best I can think of ... */ return -1; @@ -971,15 +961,14 @@ static off_t smbc_lseek_ctx(SMBCCTX *context, SMBCFILE *file, off_t offset, int { size_t size; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; } - if (!file || !DLIST_CONTAINS(context->internal->_files, file)) { + if (!file || !DLIST_CONTAINS(context->_files, file)) { errno = EBADF; return -1; @@ -1032,8 +1021,7 @@ static ino_t smbc_inode(SMBCCTX *context, const char *name) { - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; @@ -1101,8 +1089,7 @@ static int smbc_stat_ctx(SMBCCTX *context, const char *fname, struct stat *st) uint16 mode = 0; SMB_INO_T ino = 0; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; /* Best I can think of ... */ return -1; @@ -1185,15 +1172,14 @@ static int smbc_fstat_ctx(SMBCCTX *context, SMBCFILE *file, struct stat *st) uint16 mode; SMB_INO_T ino = 0; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; } - if (!file || !DLIST_CONTAINS(context->internal->_files, file)) { + if (!file || !DLIST_CONTAINS(context->_files, file)) { errno = EBADF; return -1; @@ -1286,6 +1272,9 @@ static int add_dirent(SMBCFILE *dir, const char *name, const char *comment, uint ZERO_STRUCTP(dirent); + ZERO_STRUCTP(dirent); + + if (dir->dir_list == NULL) { dir->dir_list = malloc(sizeof(struct smbc_dir_list)); @@ -1366,6 +1355,8 @@ list_fn(const char *name, uint32 type, const char *comment, void *state) dirent_type = SMBC_FILE_SHARE; /* FIXME, error? */ break; } + ZERO_STRUCTP(dir->dir_list); + } else dirent_type = dir->dir_type; @@ -1400,9 +1391,9 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) SMBCSRV *srv = NULL; SMBCFILE *dir = NULL; struct in_addr rem_ip; + int slot = 0; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return NULL; @@ -1498,6 +1489,7 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) return NULL; } + ZERO_STRUCTP(dir->dir_end); dir->srv = srv; @@ -1677,7 +1669,7 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) } - DLIST_ADD(context->internal->_files, dir); + DLIST_ADD(context->_files, dir); return dir; } @@ -1689,15 +1681,14 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) static int smbc_closedir_ctx(SMBCCTX *context, SMBCFILE *dir) { - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; } - if (!dir || !DLIST_CONTAINS(context->internal->_files, dir)) { + if (!dir || !DLIST_CONTAINS(context->_files, dir)) { errno = EBADF; return -1; @@ -1706,7 +1697,7 @@ static int smbc_closedir_ctx(SMBCCTX *context, SMBCFILE *dir) smbc_remove_dir(dir); /* Clean it up */ - DLIST_REMOVE(context->internal->_files, dir); + DLIST_REMOVE(context->_files, dir); if (dir) { @@ -1729,15 +1720,14 @@ struct smbc_dirent *smbc_readdir_ctx(SMBCCTX *context, SMBCFILE *dir) /* Check that all is ok first ... */ - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return NULL; } - if (!dir || !DLIST_CONTAINS(context->internal->_files, dir)) { + if (!dir || !DLIST_CONTAINS(context->_files, dir)) { errno = EBADF; return NULL; @@ -1766,12 +1756,12 @@ struct smbc_dirent *smbc_readdir_ctx(SMBCCTX *context, SMBCFILE *dir) /* Hmmm, do I even need to copy it? */ - memcpy(context->internal->_dirent, dirent, dirent->dirlen); /* Copy the dirent */ - dirp = (struct smbc_dirent *)context->internal->_dirent; + memcpy(context->_dirent, dirent, dirent->dirlen); /* Copy the dirent */ + dirp = (struct smbc_dirent *)context->_dirent; dirp->comment = (char *)(&dirp->name + dirent->namelen + 1); dir->dir_next = dir->dir_next->next; - return (struct smbc_dirent *)context->internal->_dirent; + return (struct smbc_dirent *)context->_dirent; } } @@ -1788,15 +1778,14 @@ static int smbc_getdents_ctx(SMBCCTX *context, SMBCFILE *dir, struct smbc_dirent /* Check that all is ok first ... */ - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; } - if (!dir || !DLIST_CONTAINS(context->internal->_files, dir)) { + if (!dir || !DLIST_CONTAINS(context->_files, dir)) { errno = EBADF; return -1; @@ -1875,8 +1864,7 @@ static int smbc_mkdir_ctx(SMBCCTX *context, const char *fname, mode_t mode) fstring server, share, user, password, workgroup; pstring path; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; @@ -1962,8 +1950,7 @@ static int smbc_rmdir_ctx(SMBCCTX *context, const char *fname) fstring server, share, user, password, workgroup; pstring path; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; @@ -2060,15 +2047,14 @@ static int smbc_rmdir_ctx(SMBCCTX *context, const char *fname) static off_t smbc_telldir_ctx(SMBCCTX *context, SMBCFILE *dir) { - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; } - if (!dir || !DLIST_CONTAINS(context->internal->_files, dir)) { + if (!dir || !DLIST_CONTAINS(context->_files, dir)) { errno = EBADF; return -1; @@ -2125,8 +2111,7 @@ static int smbc_lseekdir_ctx(SMBCCTX *context, SMBCFILE *dir, off_t offset) struct smbc_dirent *dirent = (struct smbc_dirent *)offset; struct smbc_dir_list *list_ent = NULL; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; @@ -2172,8 +2157,7 @@ static int smbc_lseekdir_ctx(SMBCCTX *context, SMBCFILE *dir, off_t offset) static int smbc_fstatdir_ctx(SMBCCTX *context, SMBCFILE *dir, struct stat *st) { - if (!context || !context->internal || - !context->internal->_initialized) { + if (context || !context->_initialized) { errno = EINVAL; return -1; @@ -2195,8 +2179,7 @@ static SMBCFILE *smbc_open_print_job_ctx(SMBCCTX *context, const char *fname) fstring server, share, user, password; pstring path; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || context->_initialized) { errno = EINVAL; return NULL; @@ -2233,8 +2216,8 @@ static int smbc_print_file_ctx(SMBCCTX *c_file, const char *fname, SMBCCTX *c_pr int bytes, saverr, tot_bytes = 0; char buf[4096]; - if (!c_file || !c_file->internal->_initialized || !c_print || - !c_print->internal->_initialized) { + if (!c_file || !c_file->_initialized || !c_print || + !c_print->_initialized) { errno = EINVAL; return -1; @@ -2303,14 +2286,13 @@ static int smbc_print_file_ctx(SMBCCTX *c_file, const char *fname, SMBCCTX *c_pr * Routine to list print jobs on a printer share ... */ -static int smbc_list_print_jobs_ctx(SMBCCTX *context, const char *fname, smbc_list_print_job_fn fn) +static int smbc_list_print_jobs_ctx(SMBCCTX *context, const char *fname, void (*fn)(struct print_job_info *)) { SMBCSRV *srv; fstring server, share, user, password, workgroup; pstring path; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; @@ -2340,7 +2322,7 @@ static int smbc_list_print_jobs_ctx(SMBCCTX *context, const char *fname, smbc_li } - if (cli_print_queue(&srv->cli, (void (*)(struct print_job_info *))fn) < 0) { + if (cli_print_queue(&srv->cli, fn) < 0) { errno = smbc_errno(context, &srv->cli); return -1; @@ -2362,8 +2344,7 @@ static int smbc_unlink_print_job_ctx(SMBCCTX *context, const char *fname, int id pstring path; int err; - if (!context || !context->internal || - !context->internal->_initialized) { + if (!context || !context->_initialized) { errno = EINVAL; return -1; @@ -2414,23 +2395,14 @@ SMBCCTX * smbc_new_context(void) { SMBCCTX * context; - context = malloc(sizeof(SMBCCTX)); + context = malloc(sizeof(*context)); if (!context) { errno = ENOMEM; return NULL; } - + ZERO_STRUCTP(context); - context->internal = malloc(sizeof(struct smbc_internal_data)); - if (!context->internal) { - errno = ENOMEM; - return NULL; - } - - ZERO_STRUCTP(context->internal); - - /* ADD REASONABLE DEFAULTS */ context->debug = 0; context->timeout = 20000; /* 20 seconds */ @@ -2485,25 +2457,25 @@ int smbc_free_context(SMBCCTX * context, int shutdown_ctx) SMBCFILE * f; DEBUG(1,("Performing aggressive shutdown.\n")); - f = context->internal->_files; + f = context->_files; while (f) { context->close(context, f); f = f->next; } - context->internal->_files = NULL; + context->_files = NULL; /* First try to remove the servers the nice way. */ if (context->callbacks.purge_cached_fn(context)) { SMBCSRV * s; DEBUG(1, ("Could not purge all servers, Nice way shutdown failed.\n")); - s = context->internal->_servers; + s = context->_servers; while (s) { cli_shutdown(&s->cli); context->callbacks.remove_cached_srv_fn(context, s); SAFE_FREE(s); s = s->next; } - context->internal->_servers = NULL; + context->_servers = NULL; } } else { @@ -2513,12 +2485,12 @@ int smbc_free_context(SMBCCTX * context, int shutdown_ctx) errno = EBUSY; return 1; } - if (context->internal->_servers) { + if (context->_servers) { DEBUG(1, ("Active servers in context, free_context failed.\n")); errno = EBUSY; return 1; } - if (context->internal->_files) { + if (context->_files) { DEBUG(1, ("Active files in context, free_context failed.\n")); errno = EBUSY; return 1; @@ -2531,7 +2503,6 @@ int smbc_free_context(SMBCCTX * context, int shutdown_ctx) SAFE_FREE(context->user); DEBUG(3, ("Context %p succesfully freed\n", context)); - SAFE_FREE(context->internal); SAFE_FREE(context); return 0; } @@ -2550,13 +2521,13 @@ SMBCCTX * smbc_init_context(SMBCCTX * context) int pid; char *user = NULL, *home = NULL; - if (!context || !context->internal) { + if (!context) { errno = EBADF; return NULL; } /* Do not initialise the same client twice */ - if (context->internal->_initialized) { + if (context->_initialized) { return 0; } @@ -2663,7 +2634,7 @@ SMBCCTX * smbc_init_context(SMBCCTX * context) * FIXME: Should we check the function pointers here? */ - context->internal->_initialized = 1; + context->_initialized = 1; return context; } diff --git a/source3/nmbd/nmbd.c b/source3/nmbd/nmbd.c index 9f4a934fae..05ea4997d5 100644 --- a/source3/nmbd/nmbd.c +++ b/source3/nmbd/nmbd.c @@ -3,7 +3,6 @@ NBT netbios routines and daemon - version 2 Copyright (C) Andrew Tridgell 1994-1998 Copyright (C) Jeremy Allison 1997-2002 - Copyright (C) Jelmer Vernooij 2002 (Conversion to popt) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -657,31 +656,40 @@ static BOOL init_structs(void) } /**************************************************************************** ** + Usage on the program. + **************************************************************************** */ + +static void usage(char *pname) +{ + + printf( "Usage: %s [-DaiohV] [-H lmhosts file] [-d debuglevel] [-l log basename]\n", pname ); + printf( " [-n name] [-p port] [-s configuration file]\n" ); + printf( "\t-D Become a daemon (default)\n" ); + printf( "\t-a Append to log file (default)\n" ); + printf( "\t-i Run interactive (not a daemon)\n" ); + printf( "\t-o Overwrite log file, don't append\n" ); + printf( "\t-h Print usage\n" ); + printf( "\t-V Print version\n" ); + printf( "\t-H hosts file Load a netbios hosts file\n" ); + printf( "\t-d debuglevel Set the debuglevel\n" ); + printf( "\t-l log basename. Basename for log/debug files\n" ); + printf( "\t-n netbiosname. Primary netbios name\n" ); + printf( "\t-p port Listen on the specified port\n" ); + printf( "\t-s configuration file Configuration file name\n" ); + printf( "\n"); +} + + +/**************************************************************************** ** main program **************************************************************************** */ - int main(int argc, const char *argv[]) + int main(int argc,char *argv[]) { - extern BOOL append_log; - static BOOL opt_interactive = False; - poptContext pc; - struct poptOption long_options[] = { - POPT_AUTOHELP - {"daemon", 'D', POPT_ARG_VAL, &is_daemon, True, "Become a daemon(default)" }, - {"log-append", 'a', POPT_ARG_VAL, &append_log, True, "Append to log file" }, - {"interactive", 'i', POPT_ARG_VAL, &opt_interactive, True, "Run interactive (not a daemon)" }, - {"log-overwrite", 'o', POPT_ARG_VAL, &append_log, False, "Overwrite log file, don't append" }, - {"hosts", 'H', POPT_ARG_STRING, dyn_LMHOSTSFILE, 'H', "Load a netbios hosts file"}, - {"port", 'p', POPT_ARG_INT, &global_nmb_port, NMB_PORT, "Listen on the specified port" }, - {NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_debug }, - {NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_configfile }, - {NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_socket_options }, - {NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_version }, - {NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_netbios_name }, - {NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_log_base }, - { NULL } - }; - int opt; - pstring logfile; + int opt; + extern char *optarg; + extern BOOL append_log; + BOOL opt_interactive = False; + pstring logfile; append_log = True; /* Default, override with '-o' option. */ @@ -695,6 +703,13 @@ static BOOL init_structs(void) slprintf(logfile, sizeof(logfile)-1, "%s/log.nmbd", dyn_LOGFILEBASE); lp_set_logfile(logfile); + /* this is for people who can't start the program correctly */ + while (argc > 1 && (*argv[1] != '-')) + { + argv++; + argc--; + } + fault_setup((void (*)(void *))fault_continue ); /* POSIX demands that signals are inherited. If the invoking process has @@ -715,13 +730,70 @@ static BOOL init_structs(void) #if defined(SIGUSR2) BlockSignals(True, SIGUSR2); #endif - pc = poptGetContext("nmbd", argc, argv, long_options, 0); - - while((opt = poptGetNextOpt(pc)) != -1) - { } - poptFreeContext(pc); - + while( EOF != + (opt = getopt( argc, argv, "Vaos:T:I:C:bAB:N:Rn:l:d:Dp:hSH:G:f:i" )) ) + { + switch (opt) + { + case 's': + pstrcpy(dyn_CONFIGFILE, optarg); + break; + case 'N': + case 'B': + case 'I': + case 'C': + case 'G': + DEBUG(0,("Obsolete option '%c' used\n",opt)); + break; + case 'i': + opt_interactive = True; + break; + case 'H': + pstrcpy(dyn_LMHOSTSFILE, optarg); + break; + case 'n': + pstrcpy(global_myname,optarg); + strupper(global_myname); + break; + case 'l': + slprintf(logfile, sizeof(logfile)-1, "%s/log.nmbd", optarg); + lp_set_logfile(logfile); + break; + case 'a': + append_log = True; + break; + case 'o': + append_log = False; + break; + case 'D': + is_daemon = True; + break; + case 'd': + DEBUGLEVEL = atoi(optarg); + break; + case 'p': + global_nmb_port = atoi(optarg); + break; + case 'h': + usage(argv[0]); + exit(0); + break; + case 'V': + printf( "Version %s\n", VERSION ); + exit(0); + break; + default: + if( !is_a_socket(0) ) + { + DEBUG(0,("Incorrect program usage - is the command line correct?\n")); + usage(argv[0]); + exit(0); + } + break; + } + } + setup_logging( argv[0], opt_interactive ); reopen_logs(); diff --git a/source3/nsswitch/winbindd_misc.c b/source3/nsswitch/winbindd_misc.c index c2e744c0a7..45f2d42f98 100644 --- a/source3/nsswitch/winbindd_misc.c +++ b/source3/nsswitch/winbindd_misc.c @@ -182,8 +182,7 @@ enum winbindd_result winbindd_show_sequence(struct winbindd_cli_state *state) } state->response.extra_data = extra_data; - /* must add one to length to copy the 0 for string termination */ - state->response.length += strlen(extra_data) + 1; + state->response.length += strlen(extra_data); return WINBINDD_OK; } diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 883d271980..1a3c739f6c 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -112,7 +112,6 @@ typedef struct char *szSMBPasswdFile; char *szPrivateDir; char **szPassdbBackend; - char **szSamBackend; char *szPasswordServer; char *szSocketOptions; char *szWorkGroup; @@ -735,7 +734,6 @@ static struct parm_struct parm_table[] = { {"smb passwd file", P_STRING, P_GLOBAL, &Globals.szSMBPasswdFile, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"passdb backend", P_LIST, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"sam backend", P_LIST, P_GLOBAL, &Globals.szSamBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"non unix account range", P_STRING, P_GLOBAL, &Globals.szNonUnixAccountRange, handle_non_unix_account_range, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"algorithmic rid base", P_INTEGER, P_GLOBAL, &Globals.bAlgorithmicRidBase, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"root directory", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, @@ -1566,7 +1564,6 @@ FN_GLOBAL_STRING(lp_nis_home_map_name, &Globals.szNISHomeMapName) static FN_GLOBAL_STRING(lp_announce_version, &Globals.szAnnounceVersion) FN_GLOBAL_LIST(lp_netbios_aliases, &Globals.szNetbiosAliases) FN_GLOBAL_LIST(lp_passdb_backend, &Globals.szPassdbBackend) -FN_GLOBAL_LIST(lp_sam_backend, &Globals.szSamBackend) FN_GLOBAL_STRING(lp_panic_action, &Globals.szPanicAction) FN_GLOBAL_STRING(lp_adduser_script, &Globals.szAddUserScript) FN_GLOBAL_STRING(lp_deluser_script, &Globals.szDelUserScript) diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index 29afaddea3..ad56fcedd1 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -209,7 +209,7 @@ char *trustdom_keystr(const char *domain) Lock the trust password entry. ************************************************************************/ -BOOL secrets_lock_trust_account_password(const char *domain, BOOL dolock) +BOOL secrets_lock_trust_account_password(char *domain, BOOL dolock) { if (!tdb) return False; @@ -263,7 +263,7 @@ BOOL secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16], Routine to get account password to trusted domain ************************************************************************/ -BOOL secrets_fetch_trusted_domain_password(const char *domain, char** pwd, +BOOL secrets_fetch_trusted_domain_password(char *domain, char** pwd, DOM_SID *sid, time_t *pass_last_set_time) { struct trusted_dom_pass *pass; @@ -302,8 +302,7 @@ BOOL secrets_fetch_trusted_domain_password(const char *domain, char** pwd, /************************************************************************ Routine to set the trust account password for a domain. ************************************************************************/ - -BOOL secrets_store_trust_account_password(const char *domain, uint8 new_pwd[16]) +BOOL secrets_store_trust_account_password(char *domain, uint8 new_pwd[16]) { struct machine_acct_pass pass; @@ -323,7 +322,7 @@ BOOL secrets_store_trust_account_password(const char *domain, uint8 new_pwd[16]) * @return true if succeeded **/ -BOOL secrets_store_trusted_domain_password(const char* domain, smb_ucs2_t *uni_dom_name, +BOOL secrets_store_trusted_domain_password(char* domain, smb_ucs2_t *uni_dom_name, size_t uni_name_len, char* pwd, DOM_SID sid) { @@ -354,8 +353,7 @@ BOOL secrets_store_trusted_domain_password(const char* domain, smb_ucs2_t *uni_d Routine to set the plaintext machine account password for a realm the password is assumed to be a null terminated ascii string ************************************************************************/ - -BOOL secrets_store_machine_password(const char *pass) +BOOL secrets_store_machine_password(char *pass) { char *key; BOOL ret; @@ -396,7 +394,6 @@ BOOL trust_password_delete(const char *domain) /************************************************************************ Routine to delete the password for trusted domain ************************************************************************/ - BOOL trusted_domain_password_delete(const char *domain) { return secrets_delete(trustdom_keystr(domain)); @@ -605,7 +602,7 @@ BOOL secrets_named_mutex(const char *name, unsigned int timeout) Unlock a named mutex. *******************************************************************************/ -void secrets_named_mutex_release(const char *name) +void secrets_named_mutex_release(char *name) { tdb_unlock_bystring(tdb, name); DEBUG(10,("secrets_named_mutex: released mutex for %s\n", name )); diff --git a/source3/rpc_client/cli_spoolss.c b/source3/rpc_client/cli_spoolss.c index 15a3db389e..92077f9637 100644 --- a/source3/rpc_client/cli_spoolss.c +++ b/source3/rpc_client/cli_spoolss.c @@ -2362,104 +2362,4 @@ WERROR cli_spoolss_deleteprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ct return result; } -WERROR cli_spoolss_enumprinterkey(struct cli_state *cli, TALLOC_CTX *mem_ctx, - uint32 offered, uint32 *needed, - POLICY_HND *hnd, char *keyname, - uint16 **keylist, uint32 *len) -{ - prs_struct qbuf, rbuf; - SPOOL_Q_ENUMPRINTERKEY q; - SPOOL_R_ENUMPRINTERKEY r; - WERROR result = W_ERROR(ERRgeneral); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Initialise input parameters */ - - make_spoolss_q_enumprinterkey(&q, hnd, keyname, offered); - - /* Marshall data and send request */ - - if (!spoolss_io_q_enumprinterkey("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, SPOOLSS_ENUMPRINTERKEY, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!spoolss_io_r_enumprinterkey("", &r, &rbuf, 0)) - goto done; - - result = r.status; - - if (needed) - *needed = r.needed; - - if (!W_ERROR_IS_OK(r.status)) - goto done; - - /* Copy results */ - - if (keylist) { - *keylist = (uint16 *)malloc(r.keys.buf_len * 2); - memcpy(*keylist, r.keys.buffer, r.keys.buf_len * 2); - if (len) - *len = r.keys.buf_len * 2; - } - - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - - return result; -} - -WERROR cli_spoolss_deleteprinterkey(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *hnd, char *keyname) -{ - prs_struct qbuf, rbuf; - SPOOL_Q_DELETEPRINTERKEY q; - SPOOL_R_DELETEPRINTERKEY r; - WERROR result = W_ERROR(ERRgeneral); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Initialise input parameters */ - - make_spoolss_q_deleteprinterkey(&q, hnd, keyname); - - /* Marshall data and send request */ - - if (!spoolss_io_q_deleteprinterkey("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, SPOOLSS_DELETEPRINTERKEY, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!spoolss_io_r_deleteprinterkey("", &r, &rbuf, 0)) - goto done; - - result = r.status; - - if (!W_ERROR_IS_OK(r.status)) - goto done; - - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - - return result; -} - /** @} **/ diff --git a/source3/rpc_parse/parse_spoolss.c b/source3/rpc_parse/parse_spoolss.c index 91322a8fae..d8cd7c1729 100644 --- a/source3/rpc_parse/parse_spoolss.c +++ b/source3/rpc_parse/parse_spoolss.c @@ -7014,20 +7014,6 @@ BOOL spoolss_io_r_setprinterdataex(char *desc, SPOOL_R_SETPRINTERDATAEX *r_u, pr return True; } -/******************************************************************* - * read a structure. - ********************************************************************/ -BOOL make_spoolss_q_enumprinterkey(SPOOL_Q_ENUMPRINTERKEY *q_u, - POLICY_HND *hnd, char *key, uint32 size) -{ - DEBUG(5,("make_spoolss_q_enumprinterkey\n")); - - memcpy(&q_u->handle, hnd, sizeof(q_u->handle)); - init_unistr2(&q_u->key, key, strlen(key)+1); - q_u->size = size; - - return True; -} /******************************************************************* * read a structure. @@ -7086,21 +7072,6 @@ BOOL spoolss_io_r_enumprinterkey(char *desc, SPOOL_R_ENUMPRINTERKEY *r_u, prs_st * read a structure. ********************************************************************/ -BOOL make_spoolss_q_deleteprinterkey(SPOOL_Q_DELETEPRINTERKEY *q_u, - POLICY_HND *hnd, char *keyname) -{ - DEBUG(5,("make_spoolss_q_deleteprinterkey\n")); - - memcpy(&q_u->handle, hnd, sizeof(q_u->handle)); - init_unistr2(&q_u->keyname, keyname, strlen(keyname)+1); - - return True; -} - -/******************************************************************* - * read a structure. - ********************************************************************/ - BOOL spoolss_io_q_deleteprinterkey(char *desc, SPOOL_Q_DELETEPRINTERKEY *q_u, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "spoolss_io_q_deleteprinterkey"); diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c index 7435bdb6f7..f96de7e533 100644 --- a/source3/rpc_server/srv_reg_nt.c +++ b/source3/rpc_server/srv_reg_nt.c @@ -131,6 +131,7 @@ static NTSTATUS open_registry_key(pipes_struct *p, POLICY_HND *hnd, REGISTRY_KEY if ( fetch_reg_keys( regkey, &subkeys ) == -1 ) { /* don't really know what to return here */ + result = NT_STATUS_NO_SUCH_FILE; } else { diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index ab3d94cf75..bc3b8970d6 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -155,6 +155,7 @@ static BOOL api_samr_set_sec_obj(pipes_struct *p) return False; } + return True; } diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index b039d92d9c..7b611922f6 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -1180,18 +1180,6 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, /* Get what we need from the password database */ switch (q_u->switch_level) { case 0x1: - /* When playing with usrmgr, this is necessary - if you want immediate refresh after editing - a user. I would like to do this after the - setuserinfo2, but we do not have access to - the domain handle in that call, only to the - user handle. Where else does this hurt? - -- Volker - */ -#if 0 - /* We cannot do this here - it kills performace. JRA. */ - free_samr_users(info); -#endif case 0x2: case 0x4: become_root(); diff --git a/source3/sam/SAM-interface_handles.txt b/source3/sam/SAM-interface_handles.txt deleted file mode 100644 index 1c164bd198..0000000000 --- a/source3/sam/SAM-interface_handles.txt +++ /dev/null @@ -1,123 +0,0 @@ -SAM API
-
-NTSTATUS sam_get_sec_obj(NT_USER_TOKEN *access, DOM_SID *sid, SEC_DESC **sd)
-NTSTATUS sam_set_sec_obj(NT_USER_TOKEN *access, DOM_SID *sid, SEC_DESC *sd)
-
-NTSTATUS sam_lookup_name(NT_USER_TOKEN *access, DOM_SID *domain, char *name, DOM_SID **sid, uint32 *type)
-NTSTATUS sam_lookup_sid(NT_USER_TOKEN *access, DOM_SID *sid, char **name, uint32 *type)
-
-
-Domain API
-
-NTSTATUS sam_update_domain(SAM_DOMAIN_HANDLE *domain)
-
-NTSTATUS sam_enum_domains(NT_USER_TOKEN *access, int32 *domain_count, DOM_SID **domains, char **domain_names)
-NTSTATUS sam_lookup_domain(NT_USER_TOKEN *access, char *domain, DOM_SID **domainsid)
-
-NTSTATUS sam_get_domain_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain)
-
-
-User API
-
-NTSTATUS sam_create_user(NT_USER_TOKEN *access, uint32 access_desired, SAM_USER_HANDLE **user)
-NTSTATUS sam_add_user(SAM_USER_HANDLE *user)
-NTSTATUS sam_update_user(SAM_USER_HANDLE *user)
-NTSTATUS sam_delete_user(SAM_USER_HANDLE * user)
-
-NTSTATUS sam_enum_users(NT_USER_TOKEN *access, DOM_SID *domain, int32 *user_count, SAM_USER_ENUM **users)
-
-NTSTATUS sam_get_user_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *usersid, SAM_USER_HANDLE **user)
-NTSTATUS sam_get_user_by_name(NT_USER_TOKEN *access, uint32 access_desired, char *domain, char *name, SAM_USER_HANDLE **user)
-
-
-Group API
-
-NTSTATUS sam_create_group(NT_USER_TOKEN *access, uint32 access_desired, uint32 typ, SAM_GROUP_HANDLE **group)
-NTSTATUS sam_add_group(SAM_GROUP_HANDLE *samgroup)
-NTSTATUS sam_update_group(SAM_GROUP_HANDLE *samgroup)
-NTSTATUS sam_delete_group(SAM_GROUP_HANDLE *groupsid)
-
-NTSTATUS sam_enum_groups(NT_USER_TOKEN *access, DOM_SID *domainsid, uint32 typ, uint32 *groups_count, SAM_GROUP_ENUM **groups)
-
-NTSTATUS sam_get_group_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *groupsid, SAM_GROUP_HANDLE **group)
-NTSTATUS sam_get_group_by_name(NT_USER_TOKEN *access, uint32 access_desired, char *domain, char *name, SAM_GROUP_HANDLE **group)
-
-NTSTATUS sam_add_member_to_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
-NTSTATUS sam_delete_member_from_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
-NTSTATUS sam_enum_groupmembers(SAM_GROUP_HANLDE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
-
-NTSTATUS sam_get_groups_of_user(SAM_USER_HANDLE *user, uint32 typ, uint32 *group_count, SAM_GROUP_ENUM **groups)
-
-
-
-structures
-
-typedef _SAM_GROUP_MEMBER {
- DOM_SID sid;
- BOOL group; /* specifies if it is a group or a user */
-
-} SAM_GROUP_MEMBER
-
-typedef struct sam_user_enum {
- DOM_SID sid;
- char *username;
- char *full_name;
- char *user_desc;
- uint16 acc_ctrl;
-} SAM_USER_ENUM;
-
-typedef struct sam_group_enum {
- DOM_SID sid;
- char *groupname;
- char *comment;
-} SAM_GROUP_ENUM
-
-NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, DOM_SID **sid)
-NTSTATUS sam_get_domain_num_users(SAM_DOMAIN_HANDLE *domain, uint32 *num_users)
-NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups)
-NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases)
-NTSTATUS sam_{get,set}_domain_name(SAM_DOMAIN_HANDLE *domain, char **domain_name)
-NTSTATUS sam_{get,set}_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name)
-NTSTATUS sam_{get,set}_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage)
-NTSTATUS sam_{get,set}_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage)
-NTSTATUS sam_{get,set}_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration)
-NTSTATUS sam_{get,set}_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count)
-NTSTATUS sam_{get,set}_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength)
-NTSTATUS sam_{get,set}_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uin16 *password_history)
-NTSTATUS sam_{get,set}_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count)
-NTSTATUS sam_{get,set}_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff)
-NTSTATUS sam_{get,set}_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange)
-
-NTSTATUS sam_get_user_sid(SAM_USER_HANDLE *user, DOM_SID **sid)
-NTSTATUS sam_{get,set}_user_pgroup(SAM_USER_HANDLE *user, DOM_SID **pgroup)
-NTSTATUS sam_{get,set}_user_name(SAM_USER_HANDLE *user, char **username)
-NTSTATUS sam_{get,set}_user_fullname(SAM_USER_HANDLE *user, char** fullname)
-NTSTATUS sam_{get,set}_user_description(SAM_USER_HANDLE *user, char **description)
-NTSTATUS sam_{get,set}_user_home_dir(SAM_USER_HANDLE *user, char **home_dir)
-NTSTATUS sam_{get,set}_user_dir_drive(SAM_USER_HANDLE *user, char **dir_drive)
-NTSTATUS sam_{get,set}_user_logon_script(SAM_USER_HANDLE *user, char **logon_script)
-NTSTATUS sam_{get,set}_user_profile_path(SAM_USER_HANDLE *user, char **profile_path)
-NTSTATUS sam_{get,set}_user_workstations(SAM_USER_HANDLE *user, char **workstations)
-NTSTATUS sam_{get,set}_user_munged_dial(SAM_USER_HANDLE *user, char **munged_dial)
-NTSTATUS sam_{get,set}_user_lm_pwd(SAM_USER_HANDLE *user, DATA_BLOB *lm_pwd)
-NTSTATUS sam_{get,set}_user_nt_pwd(SAM_USER_HANDLE *user, DATA_BLOB *nt_pwd)
-NTSTATUS sam_{get,set}_user_plain_pwd(SAM_USER_HANDLE *user, DATA_BLOB *plaintext_pwd)
-NTSTATUS sam_{get,set}_user_acct_ctrl(SAM_USER_HANDLE *user, uint16 *acct_ctrl)
-NTSTATUS sam_{get,set}_user_logon_divs(SAM_USER_HANDLE *user, uint16 *logon_divs)
-NTSTATUS sam_{get,set}_user_hours(SAM_USER_HANDLE *user, uint32 *hours_len, uint8 **hours)
-NTSTATUS sam_{get,set}_user_logon_time(SAM_USER_HANDLE *user, NTTIME *logon_time)
-NTSTATUS sam_{get,set}_user_logoff_time(SAM_USER_HANDLE *user, NTTIME *logoff_time)
-NTSTATUS sam_{get,set}_user_kickoff_time(SAM_USER_HANDLE *user, NTTIME kickoff_time)
-NTSTATUS sam_{get,set}_user_pwd_last_set(SAM_USER_HANDLE *user, NTTIME pwd_last_set)
-NTSTATUS sam_{get,set}_user_pwd_can_change(SAM_USER_HANDLE *user, NTTIME pwd_can_change)
-NTSTATUS sam_{get,set}_user_pwd_must_change(SAM_USER_HANDLE *user, NTTIME pwd_must_change)
-NTSTATUS sam_{get,set}_user_unknown_1(SAM_USER_HANDLE *user, char **unknown_1)
-NTSTATUS sam_{get,set}_user_unknown_2(SAM_USER_HANDLE *user, uint32 *unknown_2)
-NTSTATUS sam_{get,set}_user_unknown_3(SAM_USER_HANDLE *user, uint32 *unknown_3)
-NTSTATUS sam_{get,set}_user_unknown_4(SAM_USER_HANDLE *user, uint32 *unknown_4)
-
-NTSTATUS sam_get_group_sid(SAM_GROUP_HANDLE *group, DOM_SID **sid)
-NTSTATUS sam_get_group_typ(SAM_GROUP_HANDLE *group, uint32 *typ)
-NTSTATUS sam_{get,set}_group_name(SAM_GROUP_HANDLE *group, char **group_name)
-NTSTATUS sam_{get,set}_group_comment(SAM_GROUP_HANDLE *group, char **comment)
-NTSTATUS sam_{get,set}_group_priv_set(SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set)
\ No newline at end of file diff --git a/source3/sam/account.c b/source3/sam/account.c deleted file mode 100644 index 1b43db57d9..0000000000 --- a/source3/sam/account.c +++ /dev/null @@ -1,305 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Password and authentication handling - Copyright (C) Jeremy Allison 1996-2001 - Copyright (C) Luke Kenneth Casson Leighton 1996-1998 - Copyright (C) Gerald (Jerry) Carter 2000-2001 - Copyright (C) Andrew Bartlett 2001-2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -/************************************************************ - Fill the SAM_ACCOUNT_HANDLE with default values. - ***********************************************************/ - -static void sam_fill_default_account(SAM_ACCOUNT_HANDLE *account) -{ - ZERO_STRUCT(account->private); /* Don't touch the talloc context */ - - /* Don't change these timestamp settings without a good reason. - They are important for NT member server compatibility. */ - - /* FIXME: We should actually call get_nt_time_max() or sthng - * here */ - unix_to_nt_time(&(account->private.logoff_time),get_time_t_max()); - unix_to_nt_time(&(account->private.kickoff_time),get_time_t_max()); - unix_to_nt_time(&(account->private.pass_must_change_time),get_time_t_max()); - account->private.unknown_1 = 0x00ffffff; /* don't know */ - account->private.logon_divs = 168; /* hours per week */ - account->private.hours_len = 21; /* 21 times 8 bits = 168 */ - memset(account->private.hours, 0xff, account->private.hours_len); /* available at all hours */ - account->private.unknown_2 = 0x00000000; /* don't know */ - account->private.unknown_3 = 0x000004ec; /* don't know */ -} - -static void destroy_sam_talloc(SAM_ACCOUNT_HANDLE **account) -{ - if (*account) { - data_blob_clear_free(&((*account)->private.lm_pw)); - data_blob_clear_free(&((*account)->private.nt_pw)); - if((*account)->private.plaintext_pw!=NULL) - memset((*account)->private.plaintext_pw,'\0',strlen((*account)->private.plaintext_pw)); - - talloc_destroy((*account)->mem_ctx); - *account = NULL; - } -} - - -/********************************************************************** - Alloc memory and initialises a SAM_ACCOUNT_HANDLE on supplied mem_ctx. -***********************************************************************/ - -NTSTATUS sam_init_account_talloc(TALLOC_CTX *mem_ctx, SAM_ACCOUNT_HANDLE **account) -{ - SMB_ASSERT(*account != NULL); - - if (!mem_ctx) { - DEBUG(0,("sam_init_account_talloc: mem_ctx was NULL!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - *account=(SAM_ACCOUNT_HANDLE *)talloc(mem_ctx, sizeof(SAM_ACCOUNT_HANDLE)); - - if (*account==NULL) { - DEBUG(0,("sam_init_account_talloc: error while allocating memory\n")); - return NT_STATUS_NO_MEMORY; - } - - (*account)->mem_ctx = mem_ctx; - - (*account)->free_fn = NULL; - - sam_fill_default_account(*account); - - return NT_STATUS_OK; -} - - -/************************************************************* - Alloc memory and initialises a struct sam_passwd. - ************************************************************/ - -NTSTATUS sam_init_account(SAM_ACCOUNT_HANDLE **account) -{ - TALLOC_CTX *mem_ctx; - NTSTATUS nt_status; - - mem_ctx = talloc_init_named("sam internal SAM_ACCOUNT_HANDLE allocation"); - - if (!mem_ctx) { - DEBUG(0,("sam_init_account: error while doing talloc_init()\n")); - return NT_STATUS_NO_MEMORY; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_init_account_talloc(mem_ctx, account))) { - talloc_destroy(mem_ctx); - return nt_status; - } - - (*account)->free_fn = destroy_sam_talloc; - - return NT_STATUS_OK; -} - -/** - * Free the contents of the SAM_ACCOUNT_HANDLE, but not the structure. - * - * Also wipes the LM and NT hashes and plaintext password from - * memory. - * - * @param account SAM_ACCOUNT_HANDLE to free members of. - **/ - -static void sam_free_account_contents(SAM_ACCOUNT_HANDLE *account) -{ - - /* Kill off sensitive data. Free()ed by the - talloc mechinism */ - - data_blob_clear_free(&(account->private.lm_pw)); - data_blob_clear_free(&(account->private.nt_pw)); - if (account->private.plaintext_pw) - memset(account->private.plaintext_pw,'\0',strlen(account->private.plaintext_pw)); -} - - -/************************************************************ - Reset the SAM_ACCOUNT_HANDLE and free the NT/LM hashes. - ***********************************************************/ - -NTSTATUS sam_reset_sam(SAM_ACCOUNT_HANDLE *account) -{ - SMB_ASSERT(account != NULL); - - sam_free_account_contents(account); - - sam_fill_default_account(account); - - return NT_STATUS_OK; -} - - -/************************************************************ - Free the SAM_ACCOUNT_HANDLE and the member pointers. - ***********************************************************/ - -NTSTATUS sam_free_account(SAM_ACCOUNT_HANDLE **account) -{ - SMB_ASSERT(*account != NULL); - - sam_free_account_contents(*account); - - if ((*account)->free_fn) { - (*account)->free_fn(account); - } - - return NT_STATUS_OK; -} - - -/********************************************************** - Encode the account control bits into a string. - length = length of string to encode into (including terminating - null). length *MUST BE MORE THAN 2* ! - **********************************************************/ - -char *sam_encode_acct_ctrl(uint16 acct_ctrl, size_t length) -{ - static fstring acct_str; - size_t i = 0; - - acct_str[i++] = '['; - - if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N'; - if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D'; - if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H'; - if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T'; - if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U'; - if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M'; - if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W'; - if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S'; - if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L'; - if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X'; - if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I'; - - for ( ; i < length - 2 ; i++ ) - acct_str[i] = ' '; - - i = length - 2; - acct_str[i++] = ']'; - acct_str[i++] = '\0'; - - return acct_str; -} - -/********************************************************** - Decode the account control bits from a string. - **********************************************************/ - -uint16 sam_decode_acct_ctrl(const char *p) -{ - uint16 acct_ctrl = 0; - BOOL finished = False; - - /* - * Check if the account type bits have been encoded after the - * NT password (in the form [NDHTUWSLXI]). - */ - - if (*p != '[') - return 0; - - for (p++; *p && !finished; p++) { - switch (*p) { - case 'N': { acct_ctrl |= ACB_PWNOTREQ ; break; /* 'N'o password. */ } - case 'D': { acct_ctrl |= ACB_DISABLED ; break; /* 'D'isabled. */ } - case 'H': { acct_ctrl |= ACB_HOMDIRREQ; break; /* 'H'omedir required. */ } - case 'T': { acct_ctrl |= ACB_TEMPDUP ; break; /* 'T'emp account. */ } - case 'U': { acct_ctrl |= ACB_NORMAL ; break; /* 'U'ser account (normal). */ } - case 'M': { acct_ctrl |= ACB_MNS ; break; /* 'M'NS logon user account. What is this ? */ } - case 'W': { acct_ctrl |= ACB_WSTRUST ; break; /* 'W'orkstation account. */ } - case 'S': { acct_ctrl |= ACB_SVRTRUST ; break; /* 'S'erver account. */ } - case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ } - case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ } - case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ } - case ' ': { break; } - case ':': - case '\n': - case '\0': - case ']': - default: { finished = True; } - } - } - - return acct_ctrl; -} - -/************************************************************* - Routine to set 32 hex password characters from a 16 byte array. -**************************************************************/ - -void sam_sethexpwd(char *p, const unsigned char *pwd, uint16 acct_ctrl) -{ - if (pwd != NULL) { - int i; - for (i = 0; i < 16; i++) - slprintf(&p[i*2], 3, "%02X", pwd[i]); - } else { - if (acct_ctrl & ACB_PWNOTREQ) - safe_strcpy(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 33); - else - safe_strcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 33); - } -} - -/************************************************************* - Routine to get the 32 hex characters and turn them - into a 16 byte array. -**************************************************************/ - -BOOL sam_gethexpwd(const char *p, unsigned char *pwd) -{ - int i; - unsigned char lonybble, hinybble; - char *hexchars = "0123456789ABCDEF"; - char *p1, *p2; - - if (!p) - return (False); - - for (i = 0; i < 32; i += 2) { - hinybble = toupper(p[i]); - lonybble = toupper(p[i + 1]); - - p1 = strchr(hexchars, hinybble); - p2 = strchr(hexchars, lonybble); - - if (!p1 || !p2) - return (False); - - hinybble = PTR_DIFF(p1, hexchars); - lonybble = PTR_DIFF(p2, hexchars); - - pwd[i / 2] = (hinybble << 4) | lonybble; - } - return (True); -} diff --git a/source3/sam/get_set_account.c b/source3/sam/get_set_account.c deleted file mode 100644 index acac281d21..0000000000 --- a/source3/sam/get_set_account.c +++ /dev/null @@ -1,845 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM_ACCOUNT_HANDLE access routines - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -NTSTATUS sam_get_account_domain_sid(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid) -{ - NTSTATUS status; - SAM_DOMAIN_HANDLE *domain; - SAM_ASSERT(!sampass || !sid); - - if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){ - DEBUG(0, ("sam_get_account_domain_sid: Can't get domain for account\n")); - return status; - } - - return sam_get_domain_sid(domain, sid); -} - -NTSTATUS sam_get_account_domain_name(const SAM_ACCOUNT_HANDLE *sampass, const char **domain_name) -{ - NTSTATUS status; - SAM_DOMAIN_HANDLE *domain; - SAM_ASSERT(sampass && domain_name); - - if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){ - DEBUG(0, ("sam_get_account_domain_name: Can't get domain for account\n")); - return status; - } - - return sam_get_domain_name(domain, domain_name); -} - -NTSTATUS sam_get_account_acct_ctrl(const SAM_ACCOUNT_HANDLE *sampass, uint16 *acct_ctrl) -{ - SAM_ASSERT(sampass && acct_ctrl); - - *acct_ctrl = sampass->private.acct_ctrl; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_logon_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logon_time) -{ - SAM_ASSERT(sampass && logon_time) ; - - *logon_time = sampass->private.logon_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_logoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logoff_time) -{ - SAM_ASSERT(sampass && logoff_time) ; - - *logoff_time = sampass->private.logoff_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_kickoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *kickoff_time) -{ - SAM_ASSERT(sampass && kickoff_time); - - *kickoff_time = sampass->private.kickoff_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_pass_last_set_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_last_set_time) -{ - SAM_ASSERT(sampass && pass_last_set_time); - - *pass_last_set_time = sampass->private.pass_last_set_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_pass_can_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_can_change_time) -{ - SAM_ASSERT(sampass && pass_can_change_time); - - *pass_can_change_time = sampass->private.pass_can_change_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_pass_must_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_must_change_time) -{ - SAM_ASSERT(sampass && pass_must_change_time); - - *pass_must_change_time = sampass->private.pass_must_change_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_logon_divs(const SAM_ACCOUNT_HANDLE *sampass, uint16 *logon_divs) -{ - SAM_ASSERT(sampass && logon_divs); - - *logon_divs = sampass->private.logon_divs; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_hours_len(const SAM_ACCOUNT_HANDLE *sampass, uint32 *hours_len) -{ - SAM_ASSERT(sampass && hours_len); - - *hours_len = sampass->private.hours_len; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_hours(const SAM_ACCOUNT_HANDLE *sampass, const uint8 **hours) -{ - SAM_ASSERT(sampass && hours); - - *hours = sampass->private.hours; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_nt_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *nt_pwd) -{ - SAM_ASSERT(sampass); - - SMB_ASSERT((!sampass->private.nt_pw.data) - || sampass->private.nt_pw.length == NT_HASH_LEN); - - *nt_pwd = sampass->private.nt_pw; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_lm_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *lm_pwd) -{ - SAM_ASSERT(sampass); - - SMB_ASSERT((!sampass->private.lm_pw.data) - || sampass->private.lm_pw.length == LM_HASH_LEN); - - *lm_pwd = sampass->private.lm_pw; - - return NT_STATUS_OK; -} - -/* Return the plaintext password if known. Most of the time - it isn't, so don't assume anything magic about this function. - - Used to pass the plaintext to sam backends that might - want to store more than just the NTLM hashes. -*/ - -NTSTATUS sam_get_account_plaintext_pwd(const SAM_ACCOUNT_HANDLE *sampass, char **plain_pwd) -{ - SAM_ASSERT(sampass && plain_pwd); - - *plain_pwd = sampass->private.plaintext_pw; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_sid(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid) -{ - SAM_ASSERT(sampass); - - *sid = &(sampass->private.account_sid); - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_pgroup(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid) -{ - SAM_ASSERT(sampass); - - *sid = &(sampass->private.group_sid); - - return NT_STATUS_OK; -} - -/** - * Get flags showing what is initalised in the SAM_ACCOUNT_HANDLE - * @param sampass the SAM_ACCOUNT_HANDLE in question - * @return the flags indicating the members initialised in the struct. - **/ - -NTSTATUS sam_get_account_init_flag(const SAM_ACCOUNT_HANDLE *sampass, uint32 *initflag) -{ - SAM_ASSERT(sampass); - - *initflag = sampass->private.init_flag; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_name(const SAM_ACCOUNT_HANDLE *sampass, char **account_name) -{ - SAM_ASSERT(sampass); - - *account_name = sampass->private.account_name; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_domain(const SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE **domain) -{ - SAM_ASSERT(sampass); - - *domain = sampass->private.domain; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_fullname(const SAM_ACCOUNT_HANDLE *sampass, char **fullname) -{ - SAM_ASSERT(sampass); - - *fullname = sampass->private.full_name; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_homedir(const SAM_ACCOUNT_HANDLE *sampass, char **homedir) -{ - SAM_ASSERT(sampass); - - *homedir = sampass->private.home_dir; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_unix_home_dir(const SAM_ACCOUNT_HANDLE *sampass, char **uhomedir) -{ - SAM_ASSERT(sampass); - - *uhomedir = sampass->private.unix_home_dir; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_dir_drive(const SAM_ACCOUNT_HANDLE *sampass, char **dirdrive) -{ - SAM_ASSERT(sampass); - - *dirdrive = sampass->private.dir_drive; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_logon_script(const SAM_ACCOUNT_HANDLE *sampass, char **logon_script) -{ - SAM_ASSERT(sampass); - - *logon_script = sampass->private.logon_script; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_profile_path(const SAM_ACCOUNT_HANDLE *sampass, char **profile_path) -{ - SAM_ASSERT(sampass); - - *profile_path = sampass->private.profile_path; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_description(const SAM_ACCOUNT_HANDLE *sampass, char **description) -{ - SAM_ASSERT(sampass); - - *description = sampass->private.acct_desc; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_workstations(const SAM_ACCOUNT_HANDLE *sampass, char **workstations) -{ - SAM_ASSERT(sampass); - - *workstations = sampass->private.workstations; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_unknown_str(const SAM_ACCOUNT_HANDLE *sampass, char **unknown_str) -{ - SAM_ASSERT(sampass); - - *unknown_str = sampass->private.unknown_str; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_munged_dial(const SAM_ACCOUNT_HANDLE *sampass, char **munged_dial) -{ - SAM_ASSERT(sampass); - - *munged_dial = sampass->private.munged_dial; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_unknown_1(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown1) -{ - SAM_ASSERT(sampass && unknown1); - - *unknown1 = sampass->private.unknown_1; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_unknown_2(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown2) -{ - SAM_ASSERT(sampass && unknown2); - - *unknown2 = sampass->private.unknown_2; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_unknown_3(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown3) -{ - SAM_ASSERT(sampass && unknown3); - - *unknown3 = sampass->private.unknown_3; - - return NT_STATUS_OK; -} - -/********************************************************************* - Collection of set...() functions for SAM_ACCOUNT_HANDLE_INFO. - ********************************************************************/ - -NTSTATUS sam_set_account_acct_ctrl(SAM_ACCOUNT_HANDLE *sampass, uint16 acct_ctrl) -{ - SAM_ASSERT(sampass); - - sampass->private.acct_ctrl = acct_ctrl; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_logon_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - SAM_ASSERT(sampass); - - sampass->private.logon_time = mytime; - - - return NT_STATUS_UNSUCCESSFUL; -} - -NTSTATUS sam_set_account_logoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - SAM_ASSERT(sampass); - - sampass->private.logoff_time = mytime; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_kickoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - SAM_ASSERT(sampass); - - sampass->private.kickoff_time = mytime; - - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_pass_can_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - SAM_ASSERT(sampass); - - sampass->private.pass_can_change_time = mytime; - - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_pass_must_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - SAM_ASSERT(sampass); - - sampass->private.pass_must_change_time = mytime; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_pass_last_set_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime) -{ - SAM_ASSERT(sampass); - - sampass->private.pass_last_set_time = mytime; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_hours_len(SAM_ACCOUNT_HANDLE *sampass, uint32 len) -{ - SAM_ASSERT(sampass); - - sampass->private.hours_len = len; - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_logon_divs(SAM_ACCOUNT_HANDLE *sampass, uint16 hours) -{ - SAM_ASSERT(sampass); - - sampass->private.logon_divs = hours; - return NT_STATUS_OK; -} - -/** - * Set flags showing what is initalised in the SAM_ACCOUNT_HANDLE - * @param sampass the SAM_ACCOUNT_HANDLE in question - * @param flag The *new* flag to be set. Old flags preserved - * this flag is only added. - **/ - -NTSTATUS sam_set_account_init_flag(SAM_ACCOUNT_HANDLE *sampass, uint32 flag) -{ - SAM_ASSERT(sampass); - - sampass->private.init_flag |= flag; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_sid(SAM_ACCOUNT_HANDLE *sampass, const DOM_SID *u_sid) -{ - SAM_ASSERT(sampass && u_sid); - - sid_copy(&sampass->private.account_sid, u_sid); - - DEBUG(10, ("sam_set_account_sid: setting account sid %s\n", - sid_string_static(&sampass->private.account_sid))); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_sid_from_string(SAM_ACCOUNT_HANDLE *sampass, const char *u_sid) -{ - DOM_SID new_sid; - SAM_ASSERT(sampass && u_sid); - - DEBUG(10, ("sam_set_account_sid_from_string: setting account sid %s\n", - u_sid)); - - if (!string_to_sid(&new_sid, u_sid)) { - DEBUG(1, ("sam_set_account_sid_from_string: %s isn't a valid SID!\n", u_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!NT_STATUS_IS_OK(sam_set_account_sid(sampass, &new_sid))) { - DEBUG(1, ("sam_set_account_sid_from_string: could not set sid %s on SAM_ACCOUNT_HANDLE!\n", u_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_pgroup_sid(SAM_ACCOUNT_HANDLE *sampass, const DOM_SID *g_sid) -{ - SAM_ASSERT(sampass && g_sid); - - sid_copy(&sampass->private.group_sid, g_sid); - - DEBUG(10, ("sam_set_group_sid: setting group sid %s\n", - sid_string_static(&sampass->private.group_sid))); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_pgroup_string(SAM_ACCOUNT_HANDLE *sampass, const char *g_sid) -{ - DOM_SID new_sid; - SAM_ASSERT(sampass && g_sid); - - DEBUG(10, ("sam_set_group_sid_from_string: setting group sid %s\n", - g_sid)); - - if (!string_to_sid(&new_sid, g_sid)) { - DEBUG(1, ("sam_set_group_sid_from_string: %s isn't a valid SID!\n", g_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!NT_STATUS_IS_OK(sam_set_account_pgroup_sid(sampass, &new_sid))) { - DEBUG(1, ("sam_set_group_sid_from_string: could not set sid %s on SAM_ACCOUNT_HANDLE!\n", g_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - return NT_STATUS_OK; -} - -/********************************************************************* - Set the domain name. - ********************************************************************/ - -NTSTATUS sam_set_account_domain(SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE *domain) -{ - SAM_ASSERT(sampass); - - sampass->private.domain = domain; - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's NT name. - ********************************************************************/ - -NTSTATUS sam_set_account_name(SAM_ACCOUNT_HANDLE *sampass, const char *account_name) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_account_name: setting nt account_name %s, was %s\n", account_name, sampass->private.account_name)); - - sampass->private.account_name = talloc_strdup(sampass->mem_ctx, account_name); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's full name. - ********************************************************************/ - -NTSTATUS sam_set_account_fullname(SAM_ACCOUNT_HANDLE *sampass, const char *full_name) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_account_fullname: setting full name %s, was %s\n", full_name, sampass->private.full_name)); - - sampass->private.full_name = talloc_strdup(sampass->mem_ctx, full_name); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's logon script. - ********************************************************************/ - -NTSTATUS sam_set_account_logon_script(SAM_ACCOUNT_HANDLE *sampass, const char *logon_script, BOOL store) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_logon_script: from %s to %s\n", logon_script, sampass->private.logon_script)); - - sampass->private.logon_script = talloc_strdup(sampass->mem_ctx, logon_script); - - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's profile path. - ********************************************************************/ - -NTSTATUS sam_set_account_profile_path(SAM_ACCOUNT_HANDLE *sampass, const char *profile_path, BOOL store) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_profile_path: setting profile path %s, was %s\n", profile_path, sampass->private.profile_path)); - - sampass->private.profile_path = talloc_strdup(sampass->mem_ctx, profile_path); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's directory drive. - ********************************************************************/ - -NTSTATUS sam_set_account_dir_drive(SAM_ACCOUNT_HANDLE *sampass, const char *dir_drive, BOOL store) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_dir_drive: setting dir drive %s, was %s\n", dir_drive, - sampass->private.dir_drive)); - - sampass->private.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's home directory. - ********************************************************************/ - -NTSTATUS sam_set_account_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *home_dir, BOOL store) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_homedir: setting home dir %s, was %s\n", home_dir, - sampass->private.home_dir)); - - sampass->private.home_dir = talloc_strdup(sampass->mem_ctx, home_dir); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's unix home directory. - ********************************************************************/ - -NTSTATUS sam_set_account_unix_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *unix_home_dir) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_unix_homedir: setting home dir %s, was %s\n", unix_home_dir, - sampass->private.unix_home_dir)); - - sampass->private.unix_home_dir = talloc_strdup(sampass->mem_ctx, unix_home_dir); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's account description. - ********************************************************************/ - -NTSTATUS sam_set_account_acct_desc(SAM_ACCOUNT_HANDLE *sampass, const char *acct_desc) -{ - SAM_ASSERT(sampass); - - sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's workstation allowed list. - ********************************************************************/ - -NTSTATUS sam_set_account_workstations(SAM_ACCOUNT_HANDLE *sampass, const char *workstations) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_workstations: setting workstations %s, was %s\n", workstations, - sampass->private.workstations)); - - sampass->private.workstations = talloc_strdup(sampass->mem_ctx, workstations); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's 'unknown_str', whatever the heck this actually is... - ********************************************************************/ - -NTSTATUS sam_set_account_unknown_str(SAM_ACCOUNT_HANDLE *sampass, const char *unknown_str) -{ - SAM_ASSERT(sampass); - - sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's dial string. - ********************************************************************/ - -NTSTATUS sam_set_account_munged_dial(SAM_ACCOUNT_HANDLE *sampass, const char *munged_dial) -{ - SAM_ASSERT(sampass); - - sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's NT hash. - ********************************************************************/ - -NTSTATUS sam_set_account_nt_pwd(SAM_ACCOUNT_HANDLE *sampass, const DATA_BLOB data) -{ - SAM_ASSERT(sampass); - - sampass->private.nt_pw = data; - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's LM hash. - ********************************************************************/ - -NTSTATUS sam_set_account_lm_pwd(SAM_ACCOUNT_HANDLE *sampass, const DATA_BLOB data) -{ - SAM_ASSERT(sampass); - - sampass->private.lm_pw = data; - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's plaintext password only (base procedure, see helper - below) - ********************************************************************/ - -NTSTATUS sam_set_account_plaintext_pwd(SAM_ACCOUNT_HANDLE *sampass, const char *plain_pwd) -{ - SAM_ASSERT(sampass); - - sampass->private.plaintext_pw = talloc_strdup(sampass->mem_ctx, plain_pwd); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_unknown_1(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) -{ - SAM_ASSERT(sampass); - - sampass->private.unknown_1 = unkn; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_unknown_2(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) -{ - SAM_ASSERT(sampass); - - sampass->private.unknown_2 = unkn; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_unknown_3(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) -{ - SAM_ASSERT(sampass); - - sampass->private.unknown_3 = unkn; - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_hours(SAM_ACCOUNT_HANDLE *sampass, const uint8 *hours) -{ - SAM_ASSERT(sampass); - - if (!hours) { - memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN); - return NT_STATUS_OK; - } - - memcpy(sampass->private.hours, hours, MAX_HOURS_LEN); - - return NT_STATUS_OK; -} - -/* Helpful interfaces to the above */ - -/********************************************************************* - Sets the last changed times and must change times for a normal - password change. - ********************************************************************/ - -NTSTATUS sam_set_account_pass_changed_now(SAM_ACCOUNT_HANDLE *sampass) -{ - uint32 expire; - NTTIME temptime; - - SAM_ASSERT(sampass); - - unix_to_nt_time(&temptime, time(NULL)); - if (!NT_STATUS_IS_OK(sam_set_account_pass_last_set_time(sampass, temptime))) - return NT_STATUS_UNSUCCESSFUL; - - if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire) - || (expire==(uint32)-1)) { - - get_nttime_max(&temptime); - if (!NT_STATUS_IS_OK(sam_set_account_pass_must_change_time(sampass, temptime, False))) - return NT_STATUS_UNSUCCESSFUL; - - } else { - /* FIXME: Add expire to temptime */ - - if (!NT_STATUS_IS_OK(sam_get_account_pass_last_set_time(sampass,&temptime)) || !NT_STATUS_IS_OK(sam_set_account_pass_must_change_time(sampass, temptime,True))) - return NT_STATUS_UNSUCCESSFUL; - } - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's PLAINTEXT password. Used as an interface to the above. - Also sets the last change time to NOW. - ********************************************************************/ - -NTSTATUS sam_set_account_passwd(SAM_ACCOUNT_HANDLE *sampass, const char *plaintext) -{ - DATA_BLOB data; - uchar new_lanman_p16[16]; - uchar new_nt_p16[16]; - - SAM_ASSERT(sampass && plaintext); - - nt_lm_owf_gen(plaintext, new_nt_p16, new_lanman_p16); - - data = data_blob(new_nt_p16, 16); - if (!NT_STATUS_IS_OK(sam_set_account_nt_pwd(sampass, data))) - return NT_STATUS_UNSUCCESSFUL; - - data = data_blob(new_lanman_p16, 16); - - if (!NT_STATUS_IS_OK(sam_set_account_lm_pwd(sampass, data))) - return NT_STATUS_UNSUCCESSFUL; - - if (!NT_STATUS_IS_OK(sam_set_account_plaintext_pwd(sampass, plaintext))) - return NT_STATUS_UNSUCCESSFUL; - - if (!NT_STATUS_IS_OK(sam_set_account_pass_changed_now(sampass))) - return NT_STATUS_UNSUCCESSFUL; - - return NT_STATUS_OK; -} - diff --git a/source3/sam/get_set_domain.c b/source3/sam/get_set_domain.c deleted file mode 100644 index c70a4a3f09..0000000000 --- a/source3/sam/get_set_domain.c +++ /dev/null @@ -1,263 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM_DOMAIN access routines - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, const DOM_SID **sid) -{ - SAM_ASSERT(domain &&sid); - - *sid = &(domain->private.sid); - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_num_accounts(SAM_DOMAIN_HANDLE *domain, uint32 *num_accounts) -{ - SAM_ASSERT(domain &&num_accounts); - - *num_accounts = domain->private.num_accounts; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups) -{ - SAM_ASSERT(domain &&num_groups); - - *num_groups = domain->private.num_groups; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases) -{ - SAM_ASSERT(domain &&num_aliases); - - *num_aliases = domain->private.num_aliases; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_name(SAM_DOMAIN_HANDLE *domain, const char **domain_name) -{ - SAM_ASSERT(domain &&domain_name); - - *domain_name = domain->private.name; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, const char **server_name) -{ - SAM_ASSERT(domain &&server_name); - - *server_name = domain->private.servername; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage) -{ - SAM_ASSERT(domain &&max_passwordage); - - *max_passwordage = domain->private.max_passwordage; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage) -{ - SAM_ASSERT(domain &&min_passwordage); - - *min_passwordage = domain->private.min_passwordage; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration) -{ - SAM_ASSERT(domain &&lockout_duration); - - *lockout_duration = domain->private.lockout_duration; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count) -{ - SAM_ASSERT(domain &&reset_lockout_count); - - *reset_lockout_count = domain->private.reset_count; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength) -{ - SAM_ASSERT(domain &&min_passwordlength); - - *min_passwordlength = domain->private.min_passwordlength; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 *password_history) -{ - SAM_ASSERT(domain &&password_history); - - *password_history = domain->private.password_history; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count) -{ - SAM_ASSERT(domain &&lockout_count); - - *lockout_count = domain->private.lockout_count; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff) -{ - SAM_ASSERT(domain &&force_logoff); - - *force_logoff = domain->private.force_logoff; - - return NT_STATUS_OK; -} - - -NTSTATUS sam_get_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange) -{ - SAM_ASSERT(domain && login_pwdchange); - - *login_pwdchange = domain->private.login_pwdchange; - - return NT_STATUS_OK; -} - -/* Set */ - -NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, const char *domain_name) -{ - SAM_ASSERT(domain); - - domain->private.name = talloc_strdup(domain->mem_ctx, domain_name); - - return NT_STATUS_OK; -} - - -NTSTATUS sam_set_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME max_passwordage) -{ - SAM_ASSERT(domain); - - domain->private.max_passwordage = max_passwordage; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME min_passwordage) -{ - SAM_ASSERT(domain); - - domain->private.min_passwordage = min_passwordage; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME lockout_duration) -{ - SAM_ASSERT(domain); - - domain->private.lockout_duration = lockout_duration; - - return NT_STATUS_OK; -} -NTSTATUS sam_set_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME reset_lockout_count) -{ - SAM_ASSERT(domain); - - domain->private.reset_count = reset_lockout_count; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 min_passwordlength) -{ - SAM_ASSERT(domain); - - domain->private.min_passwordlength = min_passwordlength; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 password_history) -{ - SAM_ASSERT(domain); - - domain->private.password_history = password_history; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 lockout_count) -{ - SAM_ASSERT(domain); - - domain->private.lockout_count = lockout_count; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL force_logoff) -{ - SAM_ASSERT(domain); - - domain->private.force_logoff = force_logoff; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL login_pwdchange) -{ - SAM_ASSERT(domain); - - domain->private.login_pwdchange = login_pwdchange; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, const char *server_name) -{ - SAM_ASSERT(domain); - - domain->private.servername = talloc_strdup(domain->mem_ctx, server_name); - - return NT_STATUS_OK; -} diff --git a/source3/sam/get_set_group.c b/source3/sam/get_set_group.c deleted file mode 100644 index 11ea9258a7..0000000000 --- a/source3/sam/get_set_group.c +++ /dev/null @@ -1,106 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM_USER_HANDLE access routines - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -/* sam group get functions */ - -NTSTATUS sam_get_group_sid(const SAM_GROUP_HANDLE *group, const DOM_SID **sid) -{ - SAM_ASSERT(group && sid); - - *sid = &(group->private.sid); - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_group_ctrl(const SAM_GROUP_HANDLE *group, uint32 *group_ctrl) -{ - SAM_ASSERT(group && group_ctrl); - - *group_ctrl = group->private.group_ctrl; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_group_name(const SAM_GROUP_HANDLE *group, const char **group_name) -{ - SAM_ASSERT(group); - - *group_name = group->private.group_name; - - return NT_STATUS_OK; - -} -NTSTATUS sam_get_group_comment(const SAM_GROUP_HANDLE *group, const char **group_desc) -{ - SAM_ASSERT(group); - - *group_desc = group->private.group_desc; - - return NT_STATUS_OK; -} - -/* sam group set functions */ - -NTSTATUS sam_set_group_sid(SAM_GROUP_HANDLE *group, const DOM_SID *sid) -{ - SAM_ASSERT(group); - - if (!sid) - ZERO_STRUCT(group->private.sid); - else - sid_copy(&(group->private.sid), sid); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_group_group_ctrl(SAM_GROUP_HANDLE *group, uint32 group_ctrl) -{ - SAM_ASSERT(group); - - group->private.group_ctrl = group_ctrl; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_group_name(SAM_GROUP_HANDLE *group, const char *group_name) -{ - SAM_ASSERT(group); - - group->private.group_name = talloc_strdup(group->mem_ctx, group_name); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_group_description(SAM_GROUP_HANDLE *group, const char *group_desc) -{ - SAM_ASSERT(group); - - group->private.group_desc = talloc_strdup(group->mem_ctx, group_desc); - - return NT_STATUS_OK; - -} diff --git a/source3/sam/group.c b/source3/sam/group.c deleted file mode 100644 index 7e4bcc1425..0000000000 --- a/source3/sam/group.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM_GROUP_HANDLE /SAM_GROUP_ENUM helpers - - Copyright (C) Stefan (metze) Metzmacher 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -/************************************************************ - Fill the SAM_GROUP_HANDLE with default values. - ***********************************************************/ - -static void sam_fill_default_group(SAM_GROUP_HANDLE *group) -{ - ZERO_STRUCT(group->private); /* Don't touch the talloc context */ - -} - -static void destroy_sam_group_handle_talloc(SAM_GROUP_HANDLE **group) -{ - if (*group) { - - talloc_destroy((*group)->mem_ctx); - *group = NULL; - } -} - - -/********************************************************************** - Alloc memory and initialises a SAM_GROUP_HANDLE on supplied mem_ctx. -***********************************************************************/ - -NTSTATUS sam_init_group_talloc(TALLOC_CTX *mem_ctx, SAM_GROUP_HANDLE **group) -{ - SMB_ASSERT(*group != NULL); - - if (!mem_ctx) { - DEBUG(0,("sam_init_group_talloc: mem_ctx was NULL!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - *group=(SAM_GROUP_HANDLE *)talloc(mem_ctx, sizeof(SAM_GROUP_HANDLE)); - - if (*group==NULL) { - DEBUG(0,("sam_init_group_talloc: error while allocating memory\n")); - return NT_STATUS_NO_MEMORY; - } - - (*group)->mem_ctx = mem_ctx; - - (*group)->free_fn = NULL; - - sam_fill_default_group(*group); - - return NT_STATUS_OK; -} - - -/************************************************************* - Alloc memory and initialises a struct SAM_GROUP_HANDLE. - ************************************************************/ - -NTSTATUS sam_init_group(SAM_GROUP_HANDLE **group) -{ - TALLOC_CTX *mem_ctx; - NTSTATUS nt_status; - - mem_ctx = talloc_init_named("sam internal SAM_GROUP_HANDLE allocation"); - - if (!mem_ctx) { - DEBUG(0,("sam_init_group: error while doing talloc_init()\n")); - return NT_STATUS_NO_MEMORY; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_init_group_talloc(mem_ctx, group))) { - talloc_destroy(mem_ctx); - return nt_status; - } - - (*group)->free_fn = destroy_sam_group_handle_talloc; - - return NT_STATUS_OK; -} - - -/************************************************************ - Reset the SAM_GROUP_HANDLE. - ***********************************************************/ - -NTSTATUS sam_reset_group(SAM_GROUP_HANDLE *group) -{ - SMB_ASSERT(group != NULL); - - sam_fill_default_group(group); - - return NT_STATUS_OK; -} - - -/************************************************************ - Free the SAM_GROUP_HANDLE and the member pointers. - ***********************************************************/ - -NTSTATUS sam_free_group(SAM_ACCOUNT_HANDLE **group) -{ - SMB_ASSERT(*group != NULL); - - if ((*group)->free_fn) { - (*group)->free_fn(group); - } - - return NT_STATUS_OK; -} - - -/********************************************************** - Encode the group control bits into a string. - length = length of string to encode into (including terminating - null). length *MUST BE MORE THAN 2* ! - **********************************************************/ - -char *sam_encode_acct_ctrl(uint16 group_ctrl, size_t length) -{ - static fstring group_str; - size_t i = 0; - - group_str[i++] = '['; - - if (group_ctrl & GCB_LOCAL_GROUP ) group_str[i++] = 'L'; - if (group_ctrl & GCB_GLOBAL_GROUP ) group_str[i++] = 'G'; - - for ( ; i < length - 2 ; i++ ) - group_str[i] = ' '; - - i = length - 2; - group_str[i++] = ']'; - group_str[i++] = '\0'; - - return group_str; -} - -/********************************************************** - Decode the group control bits from a string. - **********************************************************/ - -uint16 sam_decode_group_ctrl(const char *p) -{ - uint16 group_ctrl = 0; - BOOL finished = False; - - /* - * Check if the account type bits have been encoded after the - * NT password (in the form [NDHTUWSLXI]). - */ - - if (*p != '[') - return 0; - - for (p++; *p && !finished; p++) { - switch (*p) { - case 'L': { group_ctrl |= GCB_LOCAL_GROUP; break; /* 'L'ocal Aliases Group. */ } - case 'G': { group_ctrl |= GCB_GLOBAL_GROUP; break; /* 'G'lobal Domain Group. */ } - - case ' ': { break; } - case ':': - case '\n': - case '\0': - case ']': - default: { finished = True; } - } - } - - return group_ctrl; -} - diff --git a/source3/sam/gumm_tdb.c b/source3/sam/gumm_tdb.c deleted file mode 100644 index 967890e99c..0000000000 --- a/source3/sam/gumm_tdb.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * SMB parameters and setup - * Copyright (C) Andrew Tridgell 1992-1998 - * Copyright (C) Simo Sorce 2000-2002 - * Copyright (C) Gerald Carter 2000 - * Copyright (C) Jeremy Allison 2001 - * Copyright (C) Andrew Bartlett 2002 - * - * This program is free software; you can redistribute it and/or modify it under - * the terms of the GNU General Public License as published by the Free - * Software Foundation; either version 2 of the License, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along with - * this program; if not, write to the Free Software Foundation, Inc., 675 - * Mass Ave, Cambridge, MA 02139, USA. - */ - -#include "includes.h" - -static int tdbgumm_debug_level = DBGC_ALL; -#undef DBGC_CLASS -#define DBGC_CLASS tdbgumm_debug_level - -#define GUMM_VERSION "20021012" -#define TDB_FILE_NAME "gums_storage.tdb" -#define TDB_FORMAT_STRING "B" -#define DOMAIN_PREFIX "DOMAIN_" -#define USER_PREFIX "USER_" -#define GROUP_PREFIX "GROUP_" -#define SID_PREFIX "SID_" - -static TDB_CONTEXT *gumm_tdb = NULL; - -/*************************************************************** - objects enumeration. -****************************************************************/ - -static NTSTATUS enumerate_objects(DOM_SID **sids, const DOM_SID *sid, const int obj_type); -{ - TDB_CONTEXT *enum_tdb = NULL; - TDB_DATA key; - - /* Open tdb gums module */ - if (!(enum_tdb = tdb_open_log(TDB_FILE_NAME, 0, TDB_DEFAULT, update?(O_RDWR|O_CREAT):O_RDONLY, 0600))) - { - DEBUG(0, ("Unable to open/create gumm tdb database\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - enum_key = tdb_firstkey(enum_tdb); - - - - tdb_close(enum_tdb); - - return NT_STATUS_OK; -} - - -static NTSTATUS module_init() -{ -} - diff --git a/source3/sam/gums.c b/source3/sam/gums.c deleted file mode 100644 index 41218cee36..0000000000 --- a/source3/sam/gums.c +++ /dev/null @@ -1,131 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Grops and Users Management System initializations. - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -/*#undef DBGC_CLASS -#define DBGC_CLASS DBGC_GUMS*/ - -#define GMV_MAJOR 0 -#define GMV_MINOR 1 - -GUMS_FUNCTIONS *gums_storage; -static void *dl_handle; - -PRIVS privs[] = { - {PRIV_NONE, "no_privs", "No privilege"}, /* this one MUST be first */ - {PRIV_CREATE_TOKEN, "SeCreateToken", "Create Token"}, - {PRIV_ASSIGNPRIMARYTOKEN, "SeAssignPrimaryToken", "Assign Primary Token"}, - {PRIV_LOCK_MEMORY, "SeLockMemory", "Lock Memory"}, - {PRIV_INCREASE_QUOTA, "SeIncreaseQuotaPrivilege", "Increase Quota Privilege"}, - {PRIV_MACHINE_ACCOUNT, "SeMachineAccount", "Machine Account"}, - {PRIV_TCB, "SeTCB", "TCB"}, - {PRIV_SECURITY, "SeSecurityPrivilege", "Security Privilege"}, - {PRIV_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take Ownership Privilege"}, - {PRIV_LOAD_DRIVER, "SeLocalDriverPrivilege", "Local Driver Privilege"}, - {PRIV_SYSTEM_PROFILE, "SeSystemProfilePrivilege", "System Profile Privilege"}, - {PRIV_SYSTEMTIME, "SeSystemtimePrivilege", "System Time"}, - {PRIV_PROF_SINGLE_PROCESS, "SeProfileSingleProcessPrivilege", "Profile Single Process Privilege"}, - {PRIV_INC_BASE_PRIORITY, "SeIncreaseBasePriorityPrivilege", "Increase Base Priority Privilege"}, - {PRIV_CREATE_PAGEFILE, "SeCreatePagefilePrivilege", "Create Pagefile Privilege"}, - {PRIV_CREATE_PERMANENT, "SeCreatePermanent", "Create Permanent"}, - {PRIV_BACKUP, "SeBackupPrivilege", "Backup Privilege"}, - {PRIV_RESTORE, "SeRestorePrivilege", "Restore Privilege"}, - {PRIV_SHUTDOWN, "SeShutdownPrivilege", "Shutdown Privilege"}, - {PRIV_DEBUG, "SeDebugPrivilege", "Debug Privilege"}, - {PRIV_AUDIT, "SeAudit", "Audit"}, - {PRIV_SYSTEM_ENVIRONMENT, "SeSystemEnvironmentPrivilege", "System Environment Privilege"}, - {PRIV_CHANGE_NOTIFY, "SeChangeNotify", "Change Notify"}, - {PRIV_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Remote Shutdown Privilege"}, - {PRIV_UNDOCK, "SeUndock", "Undock"}, - {PRIV_SYNC_AGENT, "SeSynchronizationAgent", "Synchronization Agent"}, - {PRIV_ENABLE_DELEGATION, "SeEnableDelegation", "Enable Delegation"}, - {PRIV_ALL, "SaAllPrivs", "All Privileges"} -}; - -NTSTATUS gums_init(const char *module_name) -{ - int (*module_version)(int); - NTSTATUS (*module_init)(); -/* gums_module_init module_init;*/ - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - DEBUG(5, ("Opening gums module %s\n", module_name)); - dl_handle = sys_dlopen(module_name, RTLD_NOW); - if (!dl_handle) { - DEBUG(0, ("ERROR: Failed to load gums module %s, error: %s\n", module_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - module_version = sys_dlsym(dl_handle, "gumm_version"); - if (!module_version) { - DEBUG(0, ("ERROR: Failed to find gums module version!\n")); - goto error; - } - - if (module_version(GMV_MAJOR) != GUMS_VERSION_MAJOR) { - DEBUG(0, ("ERROR: Module's major version does not match gums version!\n")); - goto error; - } - - if (module_version(GMV_MINOR) != GUMS_VERSION_MINOR) { - DEBUG(1, ("WARNING: Module's minor version does not match gums version!\n")); - } - - module_open = sys_dlsym(dl_handle, "gumm_init"); - if (!module_open) { - DEBUG(0, ("ERROR: Failed to find gums module's init function!\n")); - goto error; - } - - DEBUG(5, ("Initializing module %s\n", module_name)); - - ret = module_init(&gums_storage); - goto done; - -error: - ret = NT_STATUS_UNSUCCESSFUL; - sys_dlclose(dl_handle); - -done: - return ret; -} - -NTSTATUS gums_unload(void) -{ - NSTATUS ret; - NTSTATUS (*module_finalize)(); - - if (!dl_handle) - return NT_STATUS_UNSUCCESSFUL; - - module_close = sys_dlsym(dl_handle, "gumm_finalize"); - if (!module_finalize) { - DEBUG(0, ("ERROR: Failed to find gums module's init function!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - DEBUG(5, ("Finalizing module %s\n", module_name)); - - ret = module_finalize(); - sys_dlclose(dl_handle); -3 - return ret; -} diff --git a/source3/sam/gums_api.c b/source3/sam/gums_api.c deleted file mode 100644 index c6c8402c93..0000000000 --- a/source3/sam/gums_api.c +++ /dev/null @@ -1,814 +0,0 @@ -/* - Unix SMB/CIFS implementation. - GUMS structures - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -extern GUMS_FUNCTIONS *gums_storage; - -/* Functions to get info from a GUMS object */ - -NTSTATUS gums_get_object_type(uint32 *type, const GUMS_OBJECT *obj) -{ - *type = obj->type; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_object_seq_num(uint32 *version, const GUMS_OBJECT *obj) -{ - *version = obj->version; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_sec_desc(SEC_DESC **sec_desc, const GUMS_OBJECT *obj) -{ - *sec_desc = obj->sec_desc; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_object_sid(DOM_SID **sid, const GUMS_OBJECT *obj) -{ - *sid = obj->sid; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_object_name(char **name, const GUMS_OBJECT *obj) -{ - *name = obj->name; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_object_description(char **description, const GUMS_OBJECT *obj) -{ - *description = obj->description; - return NT_STATUS_OK; -} - -/* User specific functions */ - -NTSTATUS gums_get_object_privileges(PRIVILEGE_SET **priv_set, const GUMS_OBJECT *obj) -{ - if (!priv_set) - return NT_STATUS_INVALID_PARAMETER; - - *priv_set = obj->priv_set; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_pri_group(DOM_SID **sid, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!sid) - return NT_STATUS_INVALID_PARAMETER; - - *sid = ((GUMS_USER *)(obj->data))->group_sid; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_nt_pwd(DATA_BLOB **nt_pwd, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!nt_pwd) - return NT_STATUS_INVALID_PARAMETER; - - *nt_pwd = ((GUMS_USER *)(obj->data))->nt_pw; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_lm_pwd(DATA_BLOB **lm_pwd, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!lm_pwd) - return NT_STATUS_INVALID_PARAMETER; - - *lm_pwd = ((GUMS_USER *)(obj->data))->lm_pw; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_fullname(char **fullname, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!fullname) - return NT_STATUS_INVALID_PARAMETER; - - *fullname = ((GUMS_USER *)(obj->data))->full_name; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_homedir(char **homedir, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!homedir) - return NT_STATUS_INVALID_PARAMETER; - - *homedir = ((GUMS_USER *)(obj->data))->home_dir; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_dir_drive(char **dirdrive, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!dirdrive) - return NT_STATUS_INVALID_PARAMETER; - - *dirdrive = ((GUMS_USER *)(obj->data))->dir_drive; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_logon_script(char **logon_script, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!logon_script) - return NT_STATUS_INVALID_PARAMETER; - - *logon_script = ((GUMS_USER *)(obj->data))->logon_script; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_profile_path(char **profile_path, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!profile_path) - return NT_STATUS_INVALID_PARAMETER; - - *profile_path = ((GUMS_USER *)(obj->data))->profile_path; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_workstations(char **workstations, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!workstations) - return NT_STATUS_INVALID_PARAMETER; - - *workstations = ((GUMS_USER *)(obj->data))->workstations; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_unknown_str(char **unknown_str, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!unknown_str) - return NT_STATUS_INVALID_PARAMETER; - - *unknown_str = ((GUMS_USER *)(obj->data))->unknown_str; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_munged_dial(char **munged_dial, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!munged_dial) - return NT_STATUS_INVALID_PARAMETER; - - *munged_dial = ((GUMS_USER *)(obj->data))->munged_dial; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_logon_time(NTTIME **logon_time, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!logon_time) - return NT_STATUS_INVALID_PARAMETER; - - *logon_time = ((GUMS_USER *)(obj->data))->logon_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_logoff_time(NTTIME **logoff_time, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!logoff_time) - return NT_STATUS_INVALID_PARAMETER; - - *logoff_time = ((GUMS_USER *)(obj->data))->logoff_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_kickoff_time(NTTIME **kickoff_time, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!kickoff_time) - return NT_STATUS_INVALID_PARAMETER; - - *kickoff_time = ((GUMS_USER *)(obj->data))->kickoff_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_pass_last_set_time(NTTIME **pass_last_set_time, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!pass_last_set_time) - return NT_STATUS_INVALID_PARAMETER; - - *pass_last_set_time = ((GUMS_USER *)(obj->data))->pass_last_set_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_pass_can_change_time(NTTIME **pass_can_change_time, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!pass_can_change_time) - return NT_STATUS_INVALID_PARAMETER; - - *pass_can_change_time = ((GUMS_USER *)(obj->data))->pass_can_change_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_pass_must_change_time(NTTIME **pass_must_change_time, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!pass_must_change_time) - return NT_STATUS_INVALID_PARAMETER; - - *pass_must_change_time = ((GUMS_USER *)(obj->data))->pass_must_change_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_logon_divs(uint16 *logon_divs, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!logon_divs) - return NT_STATUS_INVALID_PARAMETER; - - *logon_divs = ((GUMS_USER *)(obj->data))->logon_divs; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_hours_len(uint32 *hours_len, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!hours_len) - return NT_STATUS_INVALID_PARAMETER; - - *hours_len = ((GUMS_USER *)(obj->data))->hours_len; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_hours(uint8 **hours, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!hours) - return NT_STATUS_INVALID_PARAMETER; - - *hours = ((GUMS_USER *)(obj->data))->hours; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_unknown_3(uint32 *unknown3, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!unknown3) - return NT_STATUS_INVALID_PARAMETER; - - *unknown3 = ((GUMS_USER *)(obj->data))->unknown_3; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_unknown_5(uint32 *unknown5, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!unknown5) - return NT_STATUS_INVALID_PARAMETER; - - *unknown5 = ((GUMS_USER *)(obj->data))->unknown_5; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_unknown_6(uint32 *unknown6, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!unknown6) - return NT_STATUS_INVALID_PARAMETER; - - *unknown6 = ((GUMS_USER *)(obj->data))->unknown_6; - return NT_STATUS_OK; -} - -/* Group specific functions */ - -NTSTATUS gums_get_group_members(uint32 *count, DOM_SID **members, const GUMS_OBJECT *obj) -{ - if (obj->type != GUMS_OBJ_GROUP && - obj->type != GUMS_OBJ_ALIAS) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (!members) - return NT_STATUS_INVALID_PARAMETER; - - *count = ((GUMS_GROUP *)(obj->data))->count; - *members = ((GUMS_GROUP *)(obj->data))->members; - return NT_STATUS_OK; -} - -/* set functions */ - -NTSTATUS gums_create_data_set(GUMS_COMMIT_SET **com_set, TALLOC_CTX *ctx, DOM_SID *sid, uint32 type) -{ - TALLOC_CTX *mem_ctx; - GUMS_COMMIT_SET *set; - - mem_ctx = talloc_init_named("commit_set"); - if (mem_ctx == NULL) - return NT_STATUS_NO_MEMORY; - set = (GUMS_COMMIT_SET *)talloc(mem_ctx, sizeof(GUMS_COMMIT_SET)); - if (set == NULL) { - talloc_destroy(mem_ctx); - return NT_STATUS_NO_MEMORY; - } - - set->mem_ctx = mem_ctx; - set->type = type; - sid_copy(&(set->sid), sid); - set->count = 0; - set->data = NULL; - *com_set = set; - - return NT_STATUS_OK; -} - -NTSTATUS gums_set_sec_desc(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, SEC_DESC *sec_desc) -{ - GUMS_DATA_SET *data_set; - SEC_DESC *new_sec_desc; - - if (!mem_ctx || !com_set || !sec_desc) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data = data_set; - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_SET_SEC_DESC; - new_sec_desc = dup_sec_desc(mem_ctx, sec_desc); - if (new_sec_desc == NULL) - return NT_STATUS_NO_MEMORY; - - (SEC_DESC *)(data_set->data) = new_sec_desc; - - return NT_STATUS_OK; -} - -NTSTATUS gums_add_privilege(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, LUID_ATTR priv) -{ - GUMS_DATA_SET *data_set; - LUID_ATTR *new_priv; - - if (!mem_ctx || !com_set) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data = data_set; - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_ADD_PRIVILEGE; - if (NT_STATUS_IS_ERR(dupalloc_luid_attr(mem_ctx, &new_priv, priv))) - return NT_STATUS_NO_MEMORY; - - (SEC_DESC *)(data_set->data) = new_priv; - - return NT_STATUS_OK; -} - -NTSTATUS gums_del_privilege(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, LUID_ATTR priv) -{ - GUMS_DATA_SET *data_set; - LUID_ATTR *new_priv; - - if (!mem_ctx || !com_set) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data = data_set; - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_DEL_PRIVILEGE; - if (NT_STATUS_IS_ERR(dupalloc_luid_attr(mem_ctx, &new_priv, priv))) - return NT_STATUS_NO_MEMORY; - - (SEC_DESC *)(data_set->data) = new_priv; - - return NT_STATUS_OK; -} - -NTSTATUS gums_set_privilege_set(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, PRIVILEGE_SET *priv_set) -{ - GUMS_DATA_SET *data_set; - PRIVILEGE_SET *new_priv_set; - - if (!mem_ctx || !com_set || !priv_set) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data = data_set; - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_SET_SEC_DESC; - if (NT_STATUS_IS_ERR(dup_priv_set(&new_priv_set, mem_ctx, priv_set))) - return NT_STATUS_NO_MEMORY; - - (SEC_DESC *)(data_set->data) = new_priv_set; - - return NT_STATUS_OK; -} - -NTSTATUS gums_set_string(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, uint32 type, char *str) -{ - GUMS_DATA_SET *data_set; - char *new_str; - - if (!mem_ctx || !com_set || !str || type < GUMS_SET_NAME || type > GUMS_SET_MUNGED_DIAL) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data = data_set; - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = type; - new_str = talloc_strdup(mem_ctx, str); - if (new_str == NULL) - return NT_STATUS_NO_MEMORY; - - (char *)(data_set->data) = new_str; - - return NT_STATUS_OK; -} - -NTSTATUS gums_set_name(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *name) -{ - return gums_set_string(mem_ctx, com_set, GUMS_SET_NAME, name); -} - -NTSTATUS gums_set_description(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *desc) -{ - return gums_set_string(mem_ctx, com_set, GUMS_SET_DESCRIPTION, desc); -} - -NTSTATUS gums_set_full_name(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *full_name) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_string(mem_ctx, com_set, GUMS_SET_NAME, full_name); -} - -NTSTATUS gums_set_home_directory(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *home_dir) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_string(mem_ctx, com_set, GUMS_SET_NAME, home_dir); -} - -NTSTATUS gums_set_drive(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *drive) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_string(mem_ctx, com_set, GUMS_SET_NAME, drive); -} - -NTSTATUS gums_set_logon_script(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *logon_script) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_string(mem_ctx, com_set, GUMS_SET_NAME, logon_script); -} - -NTSTATUS gums_set_profile_path(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *prof_path) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_string(mem_ctx, com_set, GUMS_SET_NAME, prof_path); -} - -NTSTATUS gums_set_workstations(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *wks) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_string(mem_ctx, com_set, GUMS_SET_NAME, wks); -} - -NTSTATUS gums_set_unknown_string(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *unkn_str) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_string(mem_ctx, com_set, GUMS_SET_NAME, unkn_str); -} - -NTSTATUS gums_set_munged_dial(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *munged_dial) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_string(mem_ctx, com_set, GUMS_SET_NAME, munged_dial); -} - -NTSTATUS gums_set_nttime(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, uint32 type, NTTIME *time) -{ - GUMS_DATA_SET *data_set; - NTTIME *new_time; - - if (!mem_ctx || !com_set || !time || type < GUMS_SET_LOGON_TIME || type > GUMS_SET_PASS_MUST_CHANGE_TIME) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data = data_set; - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = type; - new_time = talloc(mem_ctx, sizeof(NTTIME)); - if (new_time == NULL) - return NT_STATUS_NO_MEMORY; - - new_time->low = time->low; - new_time->high = time->high; - (char *)(data_set->data) = new_time; - - return NT_STATUS_OK; -} - -NTSTATUS gums_set_logon_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *logon_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, logon_time); -} - -NTSTATUS gums_set_logoff_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *logoff_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_nttime(mem_ctx, com_set, GUMS_SET_LOGOFF_TIME, logoff_time); -} - -NTSTATUS gums_set_kickoff_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *kickoff_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_nttime(mem_ctx, com_set, GUMS_SET_KICKOFF_TIME, kickoff_time); -} - -NTSTATUS gums_set_pass_last_set_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *pls_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, pls_time); -} - -NTSTATUS gums_set_pass_can_change_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *pcc_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, pcc_time); -} - -NTSTATUS gums_set_pass_must_change_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *pmc_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, pmc_time); -} - -NTSTATUS gums_add_sids_to_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - GUMS_DATA_SET *data_set; - DOM_SID **new_sids; - int i; - - if (!mem_ctx || !com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data = data_set; - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_ADD_SID_LIST; - new_sids = (DOM_SID **)talloc(mem_ctx, (sizeof(void *) * count)); - if (new_sids == NULL) - return NT_STATUS_NO_MEMORY; - for (i = 0; i < count; i++) { - new_sids[i] = sid_dup_talloc(mem_ctx, sids[i]); - if (new_sids[i] == NULL) - return NT_STATUS_NO_MEMORY; - } - - (SEC_DESC *)(data_set->data) = new_sids; - - return NT_STATUS_OK; -} - -NTSTATUS gums_add_users_to_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - if (!mem_ctx || !com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - return gums_add_sids_to_group(mem_ctx, com_set, sids, count); -} - -NTSTATUS gums_add_groups_to_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - if (!mem_ctx || !com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - return gums_add_sids_to_group(mem_ctx, com_set, sids, count); -} - -NTSTATUS gums_del_sids_from_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - GUMS_DATA_SET *data_set; - DOM_SID **new_sids; - int i; - - if (!mem_ctx || !com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data = data_set; - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_DEL_SID_LIST; - new_sids = (DOM_SID **)talloc(mem_ctx, (sizeof(void *) * count)); - if (new_sids == NULL) - return NT_STATUS_NO_MEMORY; - for (i = 0; i < count; i++) { - new_sids[i] = sid_dup_talloc(mem_ctx, sids[i]); - if (new_sids[i] == NULL) - return NT_STATUS_NO_MEMORY; - } - - (SEC_DESC *)(data_set->data) = new_sids; - - return NT_STATUS_OK; -} - -NTSTATUS gums_set_sids_in_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - GUMS_DATA_SET *data_set; - DOM_SID **new_sids; - int i; - - if (!mem_ctx || !com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data = data_set; - data_set = &((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_SET_SID_LIST; - new_sids = (DOM_SID **)talloc(mem_ctx, (sizeof(void *) * count)); - if (new_sids == NULL) - return NT_STATUS_NO_MEMORY; - for (i = 0; i < count; i++) { - new_sids[i] = sid_dup_talloc(mem_ctx, sids[i]); - if (new_sids[i] == NULL) - return NT_STATUS_NO_MEMORY; - } - - (SEC_DESC *)(data_set->data) = new_sids; - - return NT_STATUS_OK; -} - - -NTSTATUS gums_commit_data(GUMS_COMMIT_SET *set) -{ - return gums_storage->set_object_values(set->sid, set->count, set->data); -} - -NTSTATUS gums_destroy_data_set(GUMS_COMMIT_SET **com_set) -{ - talloc_destroy((*com_set)->mem_ctx); - *com_set = NULL; - - return NT_STATUS_OK; -} - diff --git a/source3/sam/gums_helper.c b/source3/sam/gums_helper.c deleted file mode 100644 index d581d6574e..0000000000 --- a/source3/sam/gums_helper.c +++ /dev/null @@ -1,607 +0,0 @@ -/* - Unix SMB/CIFS implementation. - GUMS backends helper functions - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -extern GUMS_FUNCTIONS *gums_storage; - -extern DOM_SID global_sid_World; -extern DOM_SID global_sid_Builtin_Administrators; -extern DOM_SID global_sid_Builtin_Power_Users; -extern DOM_SID global_sid_Builtin_Account_Operators; -extern DOM_SID global_sid_Builtin_Server_Operators; -extern DOM_SID global_sid_Builtin_Print_Operators; -extern DOM_SID global_sid_Builtin_Backup_Operators; -extern DOM_SID global_sid_Builtin_Replicator; -extern DOM_SID global_sid_Builtin_Users; -extern DOM_SID global_sid_Builtin_Guests; - - -/* defines */ - -#define ALLOC_CHECK(str, ptr, err, label) do { if ((ptr) == NULL) { DEBUG(0, ("%s: out of memory!\n", str)); err = NT_STATUS_NO_MEMORY; goto label; } } while(0) -#define NTSTATUS_CHECK(str1, str2, err, label) do { if (NT_STATUS_IS_ERR(err)) { DEBUG(0, ("%s: %s failed!\n", str1, str2)); } } while(0) - -/**************************************************************************** - Check if a user is a mapped group. - - This function will check if the group SID is mapped onto a - system managed gid or onto a winbind manged sid. - In the first case it will be threated like a mapped group - and the backend should take the member list with a getgrgid - and ignore any user that have been possibly set into the group - object. - - In the second case, the group is a fully SAM managed group - served back to the system through winbind. In this case the - members of a Local group are "unrolled" to cope with the fact - that unix cannot contain groups inside groups. - The backend MUST never call any getgr* / getpw* function or - loops with winbind may happen. - ****************************************************************************/ - -/* -NTSTATUS is_mapped_group(BOOL *mapped, const DOM_SID *sid) -{ - NTSTATUS result; - gid_t id; - - /* look if mapping exist, do not make idmap alloc an uid if SID is not found * / - result = idmap_get_gid_from_sid(&id, sid, False); - if (NT_STATUS_IS_OK(result)) { - *mapped = gid_is_in_winbind_range(id); - } else { - *mapped = False; - } - - return result; -} -*/ - -/**************************************************************************** - duplicate alloc luid_attr - ****************************************************************************/ -NTSTATUS dupalloc_luid_attr(TALLOC_CTX *ctx, LUID_ATTR **new_la, LUID_ATTR old_la) -{ - *new_la = (LUID_ATTR *)talloc(ctx, sizeof(LUID_ATTR)); - if (*new_la == NULL) { - DEBUG(0,("dupalloc_luid_attr: could not Alloc memory to duplicate LUID_ATTR\n")); - return NT_STATUS_NO_MEMORY; - } - - (*new_la)->luid.high = old_la.luid.high; - (*new_la)->luid.low = old_la.luid.low; - (*new_la)->attr = old_la.attr; - - return NT_STATUS_OK; -} - -/**************************************************************************** - initialise a privilege list - ****************************************************************************/ -void init_privilege(PRIVILEGE_SET *priv_set) -{ - priv_set->count=0; - priv_set->control=0; - priv_set->set=NULL; -} - -/**************************************************************************** - add a privilege to a privilege array - ****************************************************************************/ -NTSTATUS add_privilege(PRIVILEGE_SET *priv_set, TALLOC_CTX *ctx, LUID_ATTR set) -{ - LUID_ATTR *new_set; - - /* check if the privilege is not already in the list */ - if (check_priv_in_privilege(priv_set, set)) - return NT_STATUS_UNSUCCESSFUL; - - /* we can allocate memory to add the new privilege */ - - new_set=(LUID_ATTR *)talloc_realloc(ctx, priv_set->set, (priv_set->count+1)*(sizeof(LUID_ATTR))); - if (new_set==NULL) { - DEBUG(0,("add_privilege: could not Realloc memory to add a new privilege\n")); - return NT_STATUS_NO_MEMORY; - } - - new_set[priv_set->count].luid.high=set.luid.high; - new_set[priv_set->count].luid.low=set.luid.low; - new_set[priv_set->count].attr=set.attr; - - priv_set->count++; - priv_set->set=new_set; - - return NT_STATUS_OK; -} - -/**************************************************************************** - add all the privileges to a privilege array - ****************************************************************************/ -NTSTATUS add_all_privilege(PRIVILEGE_SET *priv_set, TALLOC_CTX *ctx) -{ - NTSTATUS result = NT_STATUS_OK; - LUID_ATTR set; - - set.attr=0; - set.luid.high=0; - - set.luid.low=SE_PRIV_ADD_USERS; - result = add_privilege(priv_set, ctx, set); - NTSTATUS_CHECK("add_all_privilege", "add_privilege", result, done); - - set.luid.low=SE_PRIV_ADD_MACHINES; - result = add_privilege(priv_set, ctx, set); - NTSTATUS_CHECK("add_all_privilege", "add_privilege", result, done); - - set.luid.low=SE_PRIV_PRINT_OPERATOR; - result = add_privilege(priv_set, ctx, set); - NTSTATUS_CHECK("add_all_privilege", "add_privilege", result, done); - -done: - return result; -} - -/**************************************************************************** - check if the privilege list is empty - ****************************************************************************/ -BOOL check_empty_privilege(PRIVILEGE_SET *priv_set) -{ - return (priv_set->count == 0); -} - -/**************************************************************************** - check if the privilege is in the privilege list - ****************************************************************************/ -BOOL check_priv_in_privilege(PRIVILEGE_SET *priv_set, LUID_ATTR set) -{ - int i; - - /* if the list is empty, obviously we can't have it */ - if (check_empty_privilege(priv_set)) - return False; - - for (i=0; i<priv_set->count; i++) { - LUID_ATTR *cur_set; - - cur_set=&priv_set->set[i]; - /* check only the low and high part. Checking the attr field has no meaning */ - if( (cur_set->luid.low==set.luid.low) && (cur_set->luid.high==set.luid.high) ) - return True; - } - - return False; -} - -/**************************************************************************** - remove a privilege from a privilege array - ****************************************************************************/ -NTSTATUS remove_privilege(PRIVILEGE_SET *priv_set, TALLOC_CTX *ctx, LUID_ATTR set) -{ - LUID_ATTR *new_set; - LUID_ATTR *old_set; - int i,j; - - /* check if the privilege is in the list */ - if (!check_priv_in_privilege(priv_set, set)) - return NT_STATUS_UNSUCCESSFUL; - - /* special case if it's the only privilege in the list */ - if (priv_set->count==1) { - init_privilege(priv_set); - return NT_STATUS_OK; - } - - /* - * the privilege is there, create a new list, - * and copy the other privileges - */ - - old_set = priv_set->set; - - new_set=(LUID_ATTR *)talloc(ctx, (priv_set->count - 1) * (sizeof(LUID_ATTR))); - if (new_set==NULL) { - DEBUG(0,("remove_privilege: could not malloc memory for new privilege list\n")); - return NT_STATUS_NO_MEMORY; - } - - for (i=0, j=0; i<priv_set->count; i++) { - if ((old_set[i].luid.low == set.luid.low) && - (old_set[i].luid.high == set.luid.high)) { - continue; - } - - new_set[j].luid.low = old_set[i].luid.low; - new_set[j].luid.high = old_set[i].luid.high; - new_set[j].attr = old_set[i].attr; - - j++; - } - - if (j != priv_set->count - 1) { - DEBUG(0,("remove_privilege: mismatch ! difference is not -1\n")); - DEBUGADD(0,("old count:%d, new count:%d\n", priv_set->count, j)); - return NT_STATUS_INTERNAL_ERROR; - } - - /* ok everything is fine */ - - priv_set->count--; - priv_set->set=new_set; - - return NT_STATUS_OK; -} - -/**************************************************************************** - duplicates a privilege array - ****************************************************************************/ -NTSTATUS dup_priv_set(PRIVILEGE_SET **new_priv_set, TALLOC_CTX *mem_ctx, PRIVILEGE_SET *priv_set) -{ - LUID_ATTR *new_set; - LUID_ATTR *old_set; - int i; - - *new_priv_set = (PRIVILEGE_SET *)talloc(mem_ctx, sizeof(PRIVILEGE_SET)); - init_privilege(*new_priv_set); - - /* special case if there are no privileges in the list */ - if (priv_set->count == 0) { - return NT_STATUS_OK; - } - - /* - * create a new list, - * and copy the other privileges - */ - - old_set = priv_set->set; - - new_set = (LUID_ATTR *)talloc(mem_ctx, (priv_set->count - 1) * (sizeof(LUID_ATTR))); - if (new_set==NULL) { - DEBUG(0,("remove_privilege: could not malloc memory for new privilege list\n")); - return NT_STATUS_NO_MEMORY; - } - - for (i=0; i < priv_set->count; i++) { - - new_set[i].luid.low = old_set[i].luid.low; - new_set[i].luid.high = old_set[i].luid.high; - new_set[i].attr = old_set[i].attr; - } - - (*new_priv_set)->count = priv_set->count; - (*new_priv_set)->control = priv_set->control; - (*new_priv_set)->set = new_set; - - return NT_STATUS_OK; -} - -#define ALIAS_DEFAULT_SACL_SA_RIGHTS 0x01050013 -#define ALIAS_DEFAULT_DACL_SA_RIGHTS \ - (READ_CONTROL_ACCESS | \ - SA_RIGHT_ALIAS_LOOKUP_INFO | \ - SA_RIGHT_ALIAS_GET_MEMBERS) /* 0x0002000c */ - -#define ALIAS_DEFAULT_SACL_SEC_ACE_FLAG (SEC_ACE_FLAG_FAILED_ACCESS | SEC_ACE_FLAG_SUCCESSFUL_ACCESS) /* 0xc0 */ - -NTSTATUS create_builtin_alias_default_sec_desc(SEC_DESC **sec_desc, TALLOC_CTX *ctx) -{ - DOM_SID *world = &global_sid_World; - DOM_SID *admins = &global_sid_Builtin_Administrators; - SEC_ACCESS sa; - SEC_ACE sacl_ace; - SEC_ACE dacl_aces[2]; - SEC_ACL *sacl = NULL; - SEC_ACL *dacl = NULL; - size_t psize; - - init_sec_access(&sa, ALIAS_DEFAULT_SACL_SA_RIGHTS); - init_sec_ace(&sacl_ace, world, SEC_ACE_TYPE_SYSTEM_AUDIT, sa, ALIAS_DEFAULT_SACL_SEC_ACE_FLAG); - - sacl = make_sec_acl(ctx, NT4_ACL_REVISION, 1, &sacl_ace); - if (!sacl) { - DEBUG(0, ("build_init_sec_desc: Failed to make SEC_ACL.\n")); - return NT_STATUS_NO_MEMORY; - } - - init_sec_access(&sa, ALIAS_DEFAULT_DACL_SA_RIGHTS); - init_sec_ace(&(dacl_aces[0]), world, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0); - init_sec_access(&sa, SA_RIGHT_ALIAS_ALL_ACCESS); - init_sec_ace(&(dacl_aces[1]), admins, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0); - - dacl = make_sec_acl(ctx, NT4_ACL_REVISION, 2, dacl_aces); - if (!sacl) { - DEBUG(0, ("build_init_sec_desc: Failed to make SEC_ACL.\n")); - return NT_STATUS_NO_MEMORY; - } - - *sec_desc = make_sec_desc(ctx, SEC_DESC_REVISION, admins, admins, sacl, dacl, &psize); - if (!(*sec_desc)) { - DEBUG(0,("get_share_security: Failed to make SEC_DESC.\n")); - return NT_STATUS_NO_MEMORY; - } - - return NT_STATUS_OK; -} - -NTSTATUS sec_desc_add_ace_to_dacl(SEC_DESC *sec_desc, TALLOC_CTX *ctx, DOM_SID *sid, uint32 mask) -{ - NTSTATUS result; - SEC_ACE *new_aces; - unsigned num_aces; - int i; - - num_aces = sec_desc->dacl->num_aces + 1; - result = sec_ace_add_sid(ctx, &new_aces, sec_desc->dacl->ace, &num_aces, sid, mask); - if (NT_STATUS_IS_OK(result)) { - sec_desc->dacl->ace = new_aces; - sec_desc->dacl->num_aces = num_aces; - sec_desc->dacl->size = SEC_ACL_HEADER_SIZE; - for (i = 0; i < num_aces; i++) { - sec_desc->dacl->size += sec_desc->dacl->ace[i].size; - } - } - return result; -} - -NTSTATUS gums_init_builtin_groups(void) -{ - NTSTATUS result; - GUMS_OBJECT g_obj; - GUMS_GROUP *g_grp; - GUMS_PRIVILEGE g_priv; - - /* Build the well known Builtin Local Groups */ - g_obj.type = GUMS_OBJ_GROUP; - g_obj.version = 1; - g_obj.seq_num = 0; - g_obj.mem_ctx = talloc_init_named("gums_init_backend_acct"); - if (g_obj.mem_ctx == NULL) { - DEBUG(0, ("gums_init_backend: Out of Memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - /* Administrators */ - - /* alloc group structure */ - g_obj.data = (void *)talloc(g_obj.mem_ctx, sizeof(GUMS_OBJ_GROUP)); - ALLOC_CHECK("gums_init_backend", g_obj.data, result, done); - - /* make admins sid */ - g_grp = (GUMS_GROUP *)g_obj.data; - sid_copy(g_obj.sid, &global_sid_Builtin_Administrators); - - /* make security descriptor */ - result = create_builtin_alias_default_sec_desc(&(g_obj.sec_desc), g_obj.mem_ctx); - NTSTATUS_CHECK("gums_init_backend", "create_builtin_alias_default_sec_desc", result, done); - - /* make privilege set */ - /* From BDC join trace: - SeSecurityPrivilege - SeBackupPrivilege - SeRestorePrivilege - SeSystemtimePrivilege - SeShutdownPrivilege - SeRemoteShutdownPrivilege - SeTakeOwnershipPrivilege - SeDebugPrivilege - SeSystemEnvironmentPrivilege - SeSystemProfilePrivilege - SeProfileSingleProcessPrivilege - SeIncreaseBasePriorityPrivilege - SeLocalDriverPrivilege - SeCreatePagefilePrivilege - SeIncreaseQuotaPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Administrators"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can fully administer the computer/domain"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* numebr of group members */ - g_grp->count = 0; - g_grp->members = NULL; - - /* store Administrators group */ - result = gums_storage->set_object(&g_obj); - - /* Power Users */ - /* Domain Controllers Does NOT have power Users */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Power_Users); - - /* make privilege set */ - /* SE_PRIV_??? */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Power Users"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ -/* > */ g_obj.description = talloc_strdup(g_obj.mem_ctx, "Power Users"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Power Users group */ - result = gums_storage->set_object(&g_obj); - - /* Account Operators */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Account_Operators); - - /* make privilege set */ - /* From BDC join trace: - SeShutdownPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Account Operators"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can administer domain user and group accounts"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Account Operators group */ - result = gums_storage->set_object(&g_obj); - - /* Server Operators */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Server_Operators); - - /* make privilege set */ - /* From BDC join trace: - SeBackupPrivilege - SeRestorePrivilege - SeSystemtimePrivilege - SeShutdownPrivilege - SeRemoteShutdownPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Server Operators"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can administer domain servers"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Server Operators group */ - result = gums_storage->set_object(&g_obj); - - /* Print Operators */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Print_Operators); - - /* make privilege set */ - /* From BDC join trace: - SeShutdownPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Print Operators"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can administer domain printers"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Print Operators group */ - result = gums_storage->set_object(&g_obj); - - /* Backup Operators */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Backup_Operators); - - /* make privilege set */ - /* From BDC join trace: - SeBackupPrivilege - SeRestorePrivilege - SeShutdownPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Backup Operators"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can bypass file security to backup files"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Backup Operators group */ - result = gums_storage->set_object(&g_obj); - - /* Replicator */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Replicator); - - /* make privilege set */ - /* From BDC join trace: - SeBackupPrivilege - SeRestorePrivilege - SeShutdownPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Replicator"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Supports file replication in a domain"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Replicator group */ - result = gums_storage->set_object(&g_obj); - - /* Users */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Users); - - /* add ACE to sec dsec dacl */ - sec_desc_add_ace_to_dacl(g_obj.sec_desc, g_obj.mem_ctx, &global_sid_Builtin_Account_Operators, ALIAS_DEFAULT_DACL_SA_RIGHTS); - sec_desc_add_ace_to_dacl(g_obj.sec_desc, g_obj.mem_ctx, &global_sid_Builtin_Power_Users, ALIAS_DEFAULT_DACL_SA_RIGHTS); - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Users"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Ordinary users"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Users group */ - result = gums_storage->set_object(&g_obj); - - /* Guests */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Guests); - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Guests"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Users granted guest access to the computer/domain"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Guests group */ - result = gums_storage->set_object(&g_obj); - - /* set default privileges */ - g_priv.type = GUMS_OBJ_GROUP; - g_priv.version = 1; - g_priv.seq_num = 0; - g_priv.mem_ctx = talloc_init_named("gums_init_backend_priv"); - if (g_priv.mem_ctx == NULL) { - DEBUG(0, ("gums_init_backend: Out of Memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - - -done: - talloc_destroy(g_obj.mem_ctx); - talloc_destroy(g_priv.mem_ctx); - return result; -} - diff --git a/source3/sam/interface.c b/source3/sam/interface.c deleted file mode 100644 index d08df42122..0000000000 --- a/source3/sam/interface.c +++ /dev/null @@ -1,1338 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Password and authentication handling - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Jelmer Vernooij 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Kai Krüger 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -extern DOM_SID global_sid_Builtin; - -/** List of various built-in sam modules */ - -const struct sam_init_function_entry builtin_sam_init_functions[] = { - { "plugin", sam_init_plugin }, -#ifdef HAVE_LDAP - { "ads", sam_init_ads }, -#endif - { "skel", sam_init_skel }, - { NULL, NULL} -}; - - -static NTSTATUS sam_get_methods_by_sid(const SAM_CONTEXT *context, SAM_METHODS **sam_method, const DOM_SID *domainsid) -{ - SAM_METHODS *tmp_methods; - - DEBUG(5,("sam_get_methods_by_sid: %d\n", __LINE__)); - - /* invalid sam_context specified */ - SAM_ASSERT(context && context->methods); - - tmp_methods = context->methods; - - while (tmp_methods) { - if (sid_equal(domainsid, &(tmp_methods->domain_sid))) - { - (*sam_method) = tmp_methods; - return NT_STATUS_OK; - } - tmp_methods = tmp_methods->next; - } - - DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", sid_string_static(domainsid))); - - return NT_STATUS_NO_SUCH_DOMAIN; -} - -static NTSTATUS sam_get_methods_by_name(const SAM_CONTEXT *context, SAM_METHODS **sam_method, const char *domainname) -{ - SAM_METHODS *tmp_methods; - - DEBUG(5,("sam_get_methods_by_name: %d\n", __LINE__)); - - /* invalid sam_context specified */ - SAM_ASSERT(context && context->methods); - - tmp_methods = context->methods; - - while (tmp_methods) { - if (strequal(domainname, tmp_methods->domain_name)) - { - (*sam_method) = tmp_methods; - return NT_STATUS_OK; - } - tmp_methods = tmp_methods->next; - } - - DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", domainname)); - - return NT_STATUS_NO_SUCH_DOMAIN; -} - -static NTSTATUS make_sam_methods(TALLOC_CTX *mem_ctx, SAM_METHODS **methods) -{ - *methods = talloc(mem_ctx, sizeof(SAM_METHODS)); - - if (!*methods) { - return NT_STATUS_NO_MEMORY; - } - - ZERO_STRUCTP(*methods); - - return NT_STATUS_OK; -} - -/****************************************************************** - Free and cleanup a sam context, any associated data and anything - that the attached modules might have associated. - *******************************************************************/ - -void free_sam_context(SAM_CONTEXT **context) -{ - SAM_METHODS *sam_selected = (*context)->methods; - - while (sam_selected) { - if (sam_selected->free_private_data) { - sam_selected->free_private_data(&(sam_selected->private_data)); - } - sam_selected = sam_selected->next; - } - - talloc_destroy((*context)->mem_ctx); - *context = NULL; -} - -/****************************************************************** - Make a backend_entry from scratch - *******************************************************************/ - -static NTSTATUS make_backend_entry(SAM_BACKEND_ENTRY *backend_entry, char *sam_backend_string) -{ - char *tmp = NULL; - char *tmp_string = sam_backend_string; - - DEBUG(5,("make_backend_entry: %d\n", __LINE__)); - - SAM_ASSERT(sam_backend_string && backend_entry); - - backend_entry->module_name = sam_backend_string; - - DEBUG(5,("makeing backend_entry for %s\n", backend_entry->module_name)); - - if ((tmp = strrchr(tmp_string, '|')) != NULL) { - DEBUGADD(20,("a domain name has been specified\n")); - *tmp = 0; - backend_entry->domain_name = smb_xstrdup(tmp + 1); - tmp_string = tmp + 1; - } - - if ((tmp = strchr(tmp_string, ':')) != NULL) { - DEBUG(20,("options for the backend have been specified\n")); - *tmp = 0; - backend_entry->module_params = smb_xstrdup(tmp + 1); - tmp_string = tmp + 1; - } - - if (backend_entry->domain_name == NULL) { - DEBUG(10,("make_backend_entry: no domain was specified for sam module %s. Using default domain %s\n", - backend_entry->module_name, lp_workgroup())); - backend_entry->domain_name = smb_xstrdup(lp_workgroup()); - } - - if ((backend_entry->domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID))) == NULL) { - DEBUG(0,("make_backend_entry: failed to malloc domain_sid\n")); - return NT_STATUS_NO_MEMORY; - } - - DEBUG(10,("looking up sid for domain %s\n", backend_entry->domain_name)); - - if (!secrets_fetch_domain_sid(backend_entry->domain_name, backend_entry->domain_sid)) { - DEBUG(2,("make_backend_entry: There is no SID stored for domain %s. Creating a new one.\n", - backend_entry->domain_name)); - DEBUG(0, ("FIXME in %s:%d\n", __FILE__, __LINE__)); - ZERO_STRUCTP(backend_entry->domain_sid); - } - - DEBUG(5,("make_backend_entry: module name: %s, module parameters: %s, domain name: %s, domain sid: %s\n", - backend_entry->module_name, backend_entry->module_params, backend_entry->domain_name, sid_string_static(backend_entry->domain_sid))); - - return NT_STATUS_OK; -} - -/****************************************************************** - create sam_methods struct based on sam_backend_entry - *****************************************************************/ - -static NTSTATUS make_sam_methods_backend_entry(SAM_CONTEXT *context, SAM_METHODS **methods_ptr, SAM_BACKEND_ENTRY *backend_entry) -{ - NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; - SAM_METHODS *methods; - int i; - - DEBUG(5,("make_sam_methods_backend_entry: %d\n", __LINE__)); - - if (!NT_STATUS_IS_OK(nt_status = make_sam_methods(context->mem_ctx, methods_ptr))) { - return nt_status; - } - - methods = *methods_ptr; - methods->backendname = talloc_strdup(context->mem_ctx, backend_entry->module_name); - methods->domain_name = talloc_strdup(context->mem_ctx, backend_entry->domain_name); - sid_copy(&methods->domain_sid, backend_entry->domain_sid); - methods->parent = context; - - DEBUG(5,("Attempting to find sam backend %s\n", backend_entry->module_name)); - for (i = 0; builtin_sam_init_functions[i].module_name; i++) - { - if (strequal(builtin_sam_init_functions[i].module_name, backend_entry->module_name)) - { - DEBUG(5,("Found sam backend %s (at pos %d)\n", backend_entry->module_name, i)); - DEBUGADD(5,("initialising it with options=%s for domain %s\n", backend_entry->module_params, sid_string_static(backend_entry->domain_sid))); - nt_status = builtin_sam_init_functions[i].init(methods, backend_entry->module_params); - if (NT_STATUS_IS_OK(nt_status)) { - DEBUG(5,("sam backend %s has a valid init\n", backend_entry->module_name)); - } else { - DEBUG(2,("sam backend %s did not correctly init (error was %s)\n", - backend_entry->module_name, nt_errstr(nt_status))); - } - return nt_status; - } - } - - DEBUG(2,("could not find backend %s\n", backend_entry->module_name)); - - return NT_STATUS_INVALID_PARAMETER; -} - -static NTSTATUS sam_context_check_default_backends(SAM_CONTEXT *context) -{ - SAM_BACKEND_ENTRY entry; - DOM_SID *global_sam_sid = get_global_sam_sid(); /* lp_workgroup doesn't play nicely with multiple domains */ - SAM_METHODS *methods, *tmpmethods; - NTSTATUS ntstatus; - - DEBUG(5,("sam_context_check_default_backends: %d\n", __LINE__)); - - /* Make sure domain lp_workgroup() is available */ - - ntstatus = sam_get_methods_by_sid(context, &methods, &global_sid_Builtin); - - if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_NO_SUCH_DOMAIN)) { - DEBUG(4,("There was no backend specified for domain %s(%s); using %s\n", - lp_workgroup(), sid_string_static(global_sam_sid), SAM_DEFAULT_BACKEND)); - - SAM_ASSERT(global_sam_sid); - - entry.module_name = SAM_DEFAULT_BACKEND; - entry.module_params = NULL; - entry.domain_name = lp_workgroup(); - entry.domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); - sid_copy(entry.domain_sid, global_sam_sid); - - if (!NT_STATUS_IS_OK(ntstatus = make_sam_methods_backend_entry(context, &methods, &entry))) { - DEBUG(4,("make_sam_methods_backend_entry failed\n")); - return ntstatus; - } - - DLIST_ADD_END(context->methods, methods, tmpmethods); - - } else if (!NT_STATUS_IS_OK(ntstatus)) { - DEBUG(2, ("sam_get_methods_by_sid failed for %s\n", lp_workgroup())); - return ntstatus; - } - - /* Make sure the BUILTIN domain is available */ - - ntstatus = sam_get_methods_by_sid(context, &methods, global_sam_sid); - - if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_NO_SUCH_DOMAIN)) { - DEBUG(4,("There was no backend specified for domain BUILTIN; using %s\n", - SAM_DEFAULT_BACKEND)); - entry.module_name = SAM_DEFAULT_BACKEND; - entry.module_params = NULL; - entry.domain_name = "BUILTIN"; - entry.domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); - sid_copy(entry.domain_sid, &global_sid_Builtin); - - if (!NT_STATUS_IS_OK(ntstatus = make_sam_methods_backend_entry(context, &methods, &entry))) { - DEBUG(4,("make_sam_methods_backend_entry failed\n")); - return ntstatus; - } - - DLIST_ADD_END(context->methods, methods, tmpmethods); - } else if (!NT_STATUS_IS_OK(ntstatus)) { - DEBUG(2, ("sam_get_methods_by_sid failed for BUILTIN\n")); - return ntstatus; - } - - return NT_STATUS_OK; -} - -static NTSTATUS check_duplicate_backend_entries(SAM_BACKEND_ENTRY **backend_entries, int *nBackends) -{ - int i, j; - - DEBUG(5,("check_duplicate_backend_entries: %d\n", __LINE__)); - - for (i = 0; i < *nBackends; i++) { - for (j = i + 1; j < *nBackends; j++) { - if (sid_equal((*backend_entries)[i].domain_sid, (*backend_entries)[j].domain_sid)) { - DEBUG(0,("two backend modules claim the same domain %s\n", - sid_string_static((*backend_entries)[j].domain_sid))); - return NT_STATUS_INVALID_PARAMETER; - } - } - } - - return NT_STATUS_OK; -} - -NTSTATUS make_sam_context_list(SAM_CONTEXT **context, char **sam_backends_param) -{ - int i = 0, j = 0; - SAM_METHODS *curmethods, *tmpmethods; - int nBackends = 0; - SAM_BACKEND_ENTRY *backends = NULL; - NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; - - DEBUG(5,("make_sam_context_from_conf: %d\n", __LINE__)); - - if (!sam_backends_param) { - DEBUG(1, ("no SAM backeds specified!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(nt_status = make_sam_context(context))) { - DEBUG(4,("make_sam_context failed\n")); - return nt_status; - } - - while (sam_backends_param[nBackends]) - nBackends++; - - DEBUG(6,("There are %d domains listed with their backends\n", nBackends)); - - if ((backends = (SAM_BACKEND_ENTRY *)malloc(sizeof(*backends)*nBackends)) == NULL) { - DEBUG(0,("make_sam_context_list: failed to allocate backends\n")); - return NT_STATUS_NO_MEMORY; - } - - memset(backends, '\0', sizeof(*backends)*nBackends); - - for (i = 0; i < nBackends; i++) { - DEBUG(8,("processing %s\n",sam_backends_param[i])); - if (!NT_STATUS_IS_OK(nt_status = make_backend_entry(&backends[i], sam_backends_param[i]))) { - DEBUG(4,("make_backend_entry failed\n")); - for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); - SAFE_FREE(backends); - free_sam_context(context); - return nt_status; - } - } - - if (!NT_STATUS_IS_OK(nt_status = check_duplicate_backend_entries(&backends, &nBackends))) { - DEBUG(4,("check_duplicate_backend_entries failed\n")); - for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); - SAFE_FREE(backends); - free_sam_context(context); - return nt_status; - } - - for (i = 0; i < nBackends; i++) { - if (!NT_STATUS_IS_OK(nt_status = make_sam_methods_backend_entry(*context, &curmethods, &backends[i]))) { - DEBUG(4,("make_sam_methods_backend_entry failed\n")); - for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); - SAFE_FREE(backends); - free_sam_context(context); - return nt_status; - } - DLIST_ADD_END((*context)->methods, curmethods, tmpmethods); - } - - for (i = 0; i < nBackends; i++) SAFE_FREE(backends[i].domain_sid); - - SAFE_FREE(backends); - return NT_STATUS_OK; -} - -/****************************************************************** - Make a sam_context from scratch. - *******************************************************************/ - -NTSTATUS make_sam_context(SAM_CONTEXT **context) -{ - TALLOC_CTX *mem_ctx; - - mem_ctx = talloc_init_named("sam_context internal allocation context"); - - if (!mem_ctx) { - DEBUG(0, ("make_sam_context: talloc init failed!\n")); - return NT_STATUS_NO_MEMORY; - } - - *context = talloc(mem_ctx, sizeof(**context)); - if (!*context) { - DEBUG(0, ("make_sam_context: talloc failed!\n")); - return NT_STATUS_NO_MEMORY; - } - - ZERO_STRUCTP(*context); - - (*context)->mem_ctx = mem_ctx; - - (*context)->free_fn = free_sam_context; - - return NT_STATUS_OK; -} - -/****************************************************************** - Return an already initialised sam_context, to facilitate backward - compatibility (see functions below). - *******************************************************************/ - -static struct sam_context *sam_get_static_context(BOOL reload) -{ - static SAM_CONTEXT *sam_context = NULL; - - if ((sam_context) && (reload)) { - sam_context->free_fn(&sam_context); - sam_context = NULL; - } - - if (!sam_context) { - if (!NT_STATUS_IS_OK(make_sam_context_list(&sam_context, lp_sam_backend()))) { - DEBUG(4,("make_sam_context_list failed\n")); - return NULL; - } - - /* Make sure the required domains (default domain, builtin) are available */ - if (!NT_STATUS_IS_OK(sam_context_check_default_backends(sam_context))) { - DEBUG(4,("sam_context_check_default_backends failed\n")); - return NULL; - } - } - - return sam_context; -} - -/*************************************************************** - Initialize the static context (at smbd startup etc). - - If uninitialised, context will auto-init on first use. - ***************************************************************/ - -BOOL initialize_sam(BOOL reload) -{ - return (sam_get_static_context(reload) != NULL); -} - - -/************************************************************** - External API. This is what the rest of the world calls... -***************************************************************/ - -/****************************************************************** - sam_* functions are used to link the external SAM interface - with the internal backends. These functions lookup the appropriate - backends for the domain and pass on to the function in sam_methods - in the selected backend - - When the context parmater is NULL, the default is used. - *******************************************************************/ - -#define SAM_SETUP_CONTEXT if (!context) \ - context = sam_get_static_context(False);\ - if (!context) {\ - return NT_STATUS_UNSUCCESSFUL; \ - }\ - - - -NTSTATUS sam_get_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_sec_desc: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_sec_desc) { - DEBUG(3, ("sam_get_sec_desc: sam_methods of the domain did not specify sam_get_sec_desc\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_sec_desc(tmp_methods, access_token, sid, sd))) { - DEBUG(4,("sam_get_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_set_sec_desc: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_set_sec_desc) { - DEBUG(3, ("sam_set_sec_desc: sam_methods of the domain did not specify sam_set_sec_desc\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_set_sec_desc(tmp_methods, access_token, sid, sd))) { - DEBUG(4,("sam_set_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - - -NTSTATUS sam_lookup_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const char *domain, const char *name, DOM_SID *sid, uint32 *type) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_lookup_name: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { - DEBUG(4,("sam_get_methods_by_name failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_lookup_name) { - DEBUG(3, ("sam_lookup_name: sam_methods of the domain did not specify sam_lookup_name\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_name(tmp_methods, access_token, name, sid, type))) { - DEBUG(4,("sam_lookup_name for %s\\%s in backend %s failed\n", - tmp_methods->domain_name, name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_lookup_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type) -{ - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - DOM_SID domainsid; - - DEBUG(5,("sam_lookup_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - sid_copy(&domainsid, sid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_lookup_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_lookup_sid) { - DEBUG(3, ("sam_lookup_sid: sam_methods of the domain did not specify sam_lookup_sid\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_sid(tmp_methods, access_token, mem_ctx, sid, name, type))) { - DEBUG(4,("sam_lookup_name for %s in backend %s failed\n", - sid_string_static(sid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - - -NTSTATUS sam_update_domain(const SAM_CONTEXT *context, const SAM_DOMAIN_HANDLE *domain) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_update_domain: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid domain specified */ - SAM_ASSERT(domain && domain->current_sam_methods); - - tmp_methods = domain->current_sam_methods; - - if (!tmp_methods->sam_update_domain) { - DEBUG(3, ("sam_update_domain: sam_methods of the domain did not specify sam_update_domain\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_domain(tmp_methods, domain))){ - DEBUG(4,("sam_update_domain in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, int32 *domain_count, DOM_SID **domains, char ***domain_names) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SEC_DESC *sd; - size_t sd_size; - uint32 acc_granted; - int i = 0; - - DEBUG(5,("sam_enum_domains: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid parmaters specified */ - SAM_ASSERT(domain_count && domains && domain_names); - - if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { - DEBUG(4,("samr_make_sam_obj_sd failed\n")); - return nt_status; - } - - if (!se_access_check(sd, access_token, SA_RIGHT_SAM_ENUM_DOMAINS, &acc_granted, &nt_status)) { - DEBUG(3,("sam_enum_domains: ACCESS DENIED\n")); - return nt_status; - } - - tmp_methods= context->methods; - *domain_count = 0; - - while (tmp_methods) { - (*domain_count)++; - tmp_methods= tmp_methods->next; - } - - DEBUG(6,("sam_enum_domains: enumerating %d domains\n", (*domain_count))); - - tmp_methods = context->methods; - - if (((*domains) = malloc( sizeof(DOM_SID) * (*domain_count))) == NULL) { - DEBUG(0,("sam_enum_domains: Out of memory allocating domain SID list\n")); - return NT_STATUS_NO_MEMORY; - } - - if (((*domain_names) = malloc( sizeof(char*) * (*domain_count))) == NULL) { - DEBUG(0,("sam_enum_domains: Out of memory allocating domain name list\n")); - SAFE_FREE((*domains)); - return NT_STATUS_NO_MEMORY; - } - - while (tmp_methods) { - DEBUGADD(7,(" [%d] %s: %s\n", i, tmp_methods->domain_name, sid_string_static(&tmp_methods->domain_sid))); - sid_copy(domains[i],&tmp_methods->domain_sid); - *domain_names[i] = smb_xstrdup(tmp_methods->domain_name); - i++; - tmp_methods= tmp_methods->next; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_lookup_domain(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const char *domain, DOM_SID **domainsid) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SEC_DESC *sd; - size_t sd_size; - uint32 acc_granted; - - DEBUG(5,("sam_lookup_domain: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid paramters */ - SAM_ASSERT(access_token && domain && domainsid); - - if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { - DEBUG(4,("samr_make_sam_obj_sd failed\n")); - return nt_status; - } - - if (!se_access_check(sd, access_token, SA_RIGHT_SAM_OPEN_DOMAIN, &acc_granted, &nt_status)) { - DEBUG(3,("sam_lookup_domain: ACCESS DENIED\n")); - return nt_status; - } - - tmp_methods= context->methods; - - while (tmp_methods) { - if (strcmp(domain, tmp_methods->domain_name) == 0) { - (*domainsid) = (DOM_SID *)malloc(sizeof(DOM_SID)); - sid_copy((*domainsid), &tmp_methods->domain_sid); - return NT_STATUS_OK; - } - tmp_methods= tmp_methods->next; - } - - return NT_STATUS_NO_SUCH_DOMAIN; -} - - -NTSTATUS sam_get_domain_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_domain_by_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && domain); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_domain_handle) { - DEBUG(3, ("sam_get_domain_by_sid: sam_methods of the domain did not specify sam_get_domain_handle\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_domain_handle(tmp_methods, access_token, access_desired, domain))) { - DEBUG(4,("sam_get_domain_handle for %s in backend %s failed\n", - sid_string_static(domainsid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_create_account(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_create_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid parmaters */ - SAM_ASSERT(access_token && domainsid && account_name && account); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_create_account) { - DEBUG(3, ("sam_create_account: sam_methods of the domain did not specify sam_create_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_account(tmp_methods, access_token, access_desired, account_name, acct_ctrl, account))) { - DEBUG(4,("sam_create_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_add_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) -{ - DOM_SID domainsid; - const DOM_SID *accountsid; - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - - DEBUG(5,("sam_add_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid parmaters */ - SAM_ASSERT(account); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_account_sid(account, &accountsid))) { - DEBUG(0,("Can't get account SID\n")); - return nt_status; - } - - sid_copy(&domainsid, accountsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_account_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_add_account) { - DEBUG(3, ("sam_add_account: sam_methods of the domain did not specify sam_add_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_account(tmp_methods, account))){ - DEBUG(4,("sam_add_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_update_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_update_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid account specified */ - SAM_ASSERT(account && account->current_sam_methods); - - tmp_methods = account->current_sam_methods; - - if (!tmp_methods->sam_update_account) { - DEBUG(3, ("sam_update_account: sam_methods of the domain did not specify sam_update_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_account(tmp_methods, account))){ - DEBUG(4,("sam_update_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_delete_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_delete_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid account specified */ - SAM_ASSERT(account && account->current_sam_methods); - - tmp_methods = account->current_sam_methods; - - if (!tmp_methods->sam_delete_account) { - DEBUG(3, ("sam_delete_account: sam_methods of the domain did not specify sam_delete_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_account(tmp_methods, account))){ - DEBUG(4,("sam_delete_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_accounts(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, uint16 acct_ctrl, int32 *account_count, SAM_ACCOUNT_ENUM **accounts) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_enum_accounts: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && account_count && accounts); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_enum_accounts) { - DEBUG(3, ("sam_enum_accounts: sam_methods of the domain did not specify sam_enum_accounts\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_accounts(tmp_methods, access_token, acct_ctrl, account_count, accounts))) { - DEBUG(4,("sam_enum_accounts for domain %s in backend %s failed\n", - tmp_methods->domain_name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - - -NTSTATUS sam_get_account_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) -{ - SAM_METHODS *tmp_methods; - uint32 rid; - DOM_SID domainsid; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_account_by_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && accountsid && account); - - sid_copy(&domainsid, accountsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_account_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_account_by_sid) { - DEBUG(3, ("sam_get_account_by_sid: sam_methods of the domain did not specify sam_get_account_by_sid\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_sid(tmp_methods, access_token, access_desired, accountsid, account))) { - DEBUG(4,("sam_get_account_by_sid for %s in backend %s failed\n", - sid_string_static(accountsid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *domain, const char *name, SAM_ACCOUNT_HANDLE **account) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_account_by_name: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domain && name && account); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { - DEBUG(4,("sam_get_methods_by_name failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_account_by_name) { - DEBUG(3, ("sam_get_account_by_name: sam_methods of the domain did not specify sam_get_account_by_name\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_name(tmp_methods, access_token, access_desired, name, account))) { - DEBUG(4,("sam_get_account_by_name for %s\\%s in backend %s failed\n", - domain, name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_create_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && group_name && group); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_create_group) { - DEBUG(3, ("sam_create_group: sam_methods of the domain did not specify sam_create_group\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_group(tmp_methods, access_token, access_desired, group_name, group_ctrl, group))) { - DEBUG(4,("sam_create_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) -{ - DOM_SID domainsid; - const DOM_SID *groupsid; - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - - DEBUG(5,("sam_add_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(group); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_group_sid(group, &groupsid))) { - DEBUG(0,("Can't get group SID\n")); - return nt_status; - } - - sid_copy(&domainsid, groupsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_group_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_add_group) { - DEBUG(3, ("sam_add_group: sam_methods of the domain did not specify sam_add_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_group(tmp_methods, group))){ - DEBUG(4,("sam_add_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_update_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_update_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid group specified */ - SAM_ASSERT(group && group->current_sam_methods); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_update_group) { - DEBUG(3, ("sam_update_group: sam_methods of the domain did not specify sam_update_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_group(tmp_methods, group))){ - DEBUG(4,("sam_update_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_delete_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_delete_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid group specified */ - SAM_ASSERT(group && group->current_sam_methods); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_delete_group) { - DEBUG(3, ("sam_delete_group: sam_methods of the domain did not specify sam_delete_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_group(tmp_methods, group))){ - DEBUG(4,("sam_delete_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_groups(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_enum_groups: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && groups_count && groups); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_enum_accounts) { - DEBUG(3, ("sam_enum_groups: sam_methods of the domain did not specify sam_enum_groups\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groups(tmp_methods, access_token, group_ctrl, groups_count, groups))) { - DEBUG(4,("sam_enum_groups for domain %s in backend %s failed\n", - tmp_methods->domain_name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_group_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) -{ - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - DOM_SID domainsid; - - DEBUG(5,("sam_get_group_by_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && groupsid && group); - - sid_copy(&domainsid, groupsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_group_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_group_by_sid) { - DEBUG(3, ("sam_get_group_by_sid: sam_methods of the domain did not specify sam_get_group_by_sid\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_sid(tmp_methods, access_token, access_desired, groupsid, group))) { - DEBUG(4,("sam_get_group_by_sid for %s in backend %s failed\n", - sid_string_static(groupsid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_group_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_group_by_name: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domain && name && group); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { - DEBUG(4,("sam_get_methods_by_name failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_group_by_name) { - DEBUG(3, ("sam_get_group_by_name: sam_methods of the domain did not specify sam_get_group_by_name\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_name(tmp_methods, access_token, access_desired, name, group))) { - DEBUG(4,("sam_get_group_by_name for %s\\%s in backend %s failed\n", - domain, name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_add_member_to_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SAM_SETUP_CONTEXT; - - /* invalid group or member specified */ - SAM_ASSERT(group && group->current_sam_methods && member); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_add_member_to_group) { - DEBUG(3, ("sam_add_member_to_group: sam_methods of the domain did not specify sam_add_member_to_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_member_to_group(tmp_methods, group, member))) { - DEBUG(4,("sam_add_member_to_group in backend %s failed\n", tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; - -} - -NTSTATUS sam_delete_member_from_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SAM_SETUP_CONTEXT; - - /* invalid group or member specified */ - SAM_ASSERT(group && group->current_sam_methods && member); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_delete_member_from_group) { - DEBUG(3, ("sam_delete_member_from_group: sam_methods of the domain did not specify sam_delete_member_from_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_member_from_group(tmp_methods, group, member))) { - DEBUG(4,("sam_delete_member_from_group in backend %s failed\n", tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_groupmembers(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SAM_SETUP_CONTEXT; - - /* invalid group specified */ - SAM_ASSERT(group && group->current_sam_methods && members_count && members); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_enum_groupmembers) { - DEBUG(3, ("sam_enum_groupmembers: sam_methods of the domain did not specify sam_enum_group_members\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groupmembers(tmp_methods, group, members_count, members))) { - DEBUG(4,("sam_enum_groupmembers in backend %s failed\n", tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_groups_of_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - uint32 tmp_group_count; - SAM_GROUP_ENUM *tmp_groups; - - DEBUG(5,("sam_get_groups_of_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid sam_context specified */ - SAM_ASSERT(access_token && sids && context && context->methods); - - *group_count = 0; - - *groups = NULL; - - tmp_methods= context->methods; - - while (tmp_methods) { - DEBUG(5,("getting groups from domain \n")); - if (!tmp_methods->sam_get_groups_of_sid) { - DEBUG(3, ("sam_get_groups_of_sid: sam_methods of domain did not specify sam_get_groups_of_sid\n")); - SAFE_FREE(*groups); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_groups_of_sid(tmp_methods, access_token, sids, group_ctrl, &tmp_group_count, &tmp_groups))) { - DEBUG(4,("sam_get_groups_of_sid in backend %s failed\n", tmp_methods->backendname)); - SAFE_FREE(*groups); - return nt_status; - } - - *groups = Realloc(*groups, ((*group_count) + tmp_group_count) * sizeof(SAM_GROUP_ENUM)); - - memcpy(&(*groups)[*group_count], tmp_groups, tmp_group_count); - - SAFE_FREE(tmp_groups); - - *group_count += tmp_group_count; - - tmp_methods = tmp_methods->next; - } - - return NT_STATUS_OK; -} - - diff --git a/source3/sam/sam_ads.c b/source3/sam/sam_ads.c deleted file mode 100755 index 6cb205d338..0000000000 --- a/source3/sam/sam_ads.c +++ /dev/null @@ -1,1378 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Active Directory SAM backend, for simulate a W2K DC in mixed mode. - - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Andrew Bartlett 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - - -#ifdef HAVE_LDAP - -static int sam_ads_debug_level = DBGC_SAM; - -#undef DBGC_CLASS -#define DBGC_CLASS sam_ads_debug_level - -#ifndef FIXME -#define FIXME( body ) { DEBUG(0,("FIXME: "));\ - DEBUGADD(0,(body));} -#endif - -#define ADS_STATUS_OK ADS_ERROR(0) -#define ADS_STATUS_UNSUCCESSFUL ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL) -#define ADS_STATUS_NOT_IMPLEMENTED ADS_ERROR_NT(NT_STATUS_NOT_IMPLEMENTED) - - -#define ADS_SUBTREE_BUILTIN "CN=Builtin," -#define ADS_SUBTREE_COMPUTERS "CN=Computers," -#define ADS_SUBTREE_DC "CN=Domain Controllers," -#define ADS_SUBTREE_USERS "CN=Users," -#define ADS_ROOT_TREE "" -/* Here are private module structs and functions */ - -typedef struct sam_ads_privates { - ADS_STRUCT *ads_struct; - TALLOC_CTX *mem_ctx; - BOOL bind_plaintext; - char *ads_bind_dn; - char *ads_bind_pw; - char *ldap_uri; - /* did we need something more? */ -}SAM_ADS_PRIVATES; - - -/* get only these LDAP attributes, witch we really need for an account */ -const char *account_attrs[] = { "objectSid", - "objectGUID", - "sAMAccountType", - "sAMAcountName", - "userPrincipalName", - "accountExpires", - "badPasswordTime", - "badPwdCount", - "lastLogoff", - "lastLogon", - "userWorkstations", - "dBCSPwd", - "unicodePwd", - "pwdLastSet", - "userAccountControl", - "profilePath", - "homeDrive", - "scriptPath", - "homeDirectory", - "cn", - "primaryGroupID",/* 513 */ - "nsNPAllowDialIn",/* TRUE */ - "userParameters",/* Dial Back number ...*/ - "codePage",/* 0 */ - "countryCode",/* 0 */ - "adminCount",/* 1 or 0 */ - "logonCount",/* 0 */ - "managedObjects", - "memberOf",/* dn */ - "instanceType",/* 4 */ - "name", /* sync with cn */ - "description", - /* "nTSecurityDescriptor", */ - NULL}; - -/* get only these LDAP attributes, witch we really need for a group */ -const char *group_attrs[] = {"objectSid", - /* "objectGUID", */ - "sAMAccountType", - "sAMAcountName", - "groupType", - /* "member", */ - "description", - "name", /* sync with cn */ - /* "nTSecurityDescriptor", */ - NULL}; - - -/*************************************************** - return our ads connection. We keep the connection - open to make things faster -****************************************************/ -static ADS_STATUS sam_ads_cached_connection(SAM_ADS_PRIVATES *privates) -{ - ADS_STRUCT *ads_struct; - ADS_STATUS ads_status; - - if (!privates->ads_struct) { - privates->ads_struct = ads_init_simple(); - ads_struct = privates->ads_struct; - ads_struct->server.ldap_uri = smb_xstrdup(privates->ldap_uri); - if ((!privates->ads_bind_dn) || (!*privates->ads_bind_dn)) { - ads_struct->auth.flags |= ADS_AUTH_ANON_BIND; - } else { - ads_struct->auth.user_name - = smb_xstrdup(privates->ads_bind_dn); - if (privates->ads_bind_pw) { - ads_struct->auth.password - = smb_xstrdup(privates->ads_bind_pw); - } - } - if (privates->bind_plaintext) { - ads_struct->auth.flags |= ADS_AUTH_SIMPLE_BIND; - } - } else { - ads_struct = privates->ads_struct; - } - - if (ads_struct->ld != NULL) { - /* connection has been opened. ping server. */ - struct sockaddr_un addr; - socklen_t len; - int sd; - if (ldap_get_option(ads_struct->ld, LDAP_OPT_DESC, &sd) == 0 && - getpeername(sd, (struct sockaddr *) &addr, &len) < 0) { - /* the other end has died. reopen. */ - ldap_unbind_ext(ads_struct->ld, NULL, NULL); - ads_struct->ld = NULL; - } - } - - if (ads_struct->ld != NULL) { - DEBUG(5,("sam_ads_cached_connection: allready connected to the LDAP server\n")); - return ADS_SUCCESS; - } - - ads_status = ads_connect(ads_struct); - - ads_status = ads_server_info(ads_struct); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(0,("Can't set server info: %s\n",ads_errstr(ads_status))); - /* return ads_status; */ FIXME("for now we only warn!\n"); - } - - DEBUG(2, ("sam_ads_cached_connection: succesful connection to the LDAP server\n")); - return ADS_SUCCESS; -} - -static ADS_STATUS sam_ads_do_search(SAM_ADS_PRIVATES *privates, const char *bind_path, int scope, const char *exp, const char **attrs, void **res) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - - ads_status = sam_ads_cached_connection(privates); - if (!ADS_ERR_OK(ads_status)) - return ads_status; - - return ads_do_search_retry(privates->ads_struct, bind_path, scope, exp, attrs, res); -} - - -/********************************************* -here we have to check the update serial number - - this is the core of the ldap cache -*********************************************/ -static ADS_STATUS sam_ads_usn_is_valid(SAM_ADS_PRIVATES *privates, uint32 usn_in, uint32 *usn_out) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - - SAM_ASSERT(privates && privates->ads_struct && usn_out); - - ads_status = ads_USN(privates->ads_struct, usn_out); - if (!ADS_ERR_OK(ads_status)) - return ads_status; - - if (*usn_out == usn_in) - return ADS_SUCCESS; - - return ads_status; -} - -/*********************************************** -Initialize SAM_ACCOUNT_HANDLE from an ADS query -************************************************/ -/* not ready :-( */ -static ADS_STATUS ads_entry2sam_account_handle(SAM_ADS_PRIVATES *privates, SAM_ACCOUNT_HANDLE *account ,void *msg) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_NO_SUCH_USER); - NTSTATUS nt_status = NT_STATUS_NO_SUCH_USER; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = account->mem_ctx; - char *tmp_str = NULL; - - SAM_ASSERT(privates && ads_struct && account && mem_ctx && msg); - - FIXME("should we really use ads_pull_username()(or ads_pull_string())?\n"); - if ((account->private.account_name = ads_pull_username(ads_struct, mem_ctx, msg))==NULL) { - DEBUG(0,("ads_pull_username failed\n")); - return ADS_ERROR_NT(NT_STATUS_NO_SUCH_USER); - } - - if ((account->private.full_name = ads_pull_string(ads_struct, mem_ctx, msg,"name"))==NULL) { - DEBUG(3,("ads_pull_string for 'name' failed - skip\n")); - } - - if ((account->private.acct_desc = ads_pull_string(ads_struct, mem_ctx, msg,"description"))!=NULL) { - DEBUG(3,("ads_pull_string for 'acct_desc' failed - skip\n")); - } - - if ((account->private.home_dir = ads_pull_string(ads_struct, mem_ctx, msg,"homeDirectory"))!=NULL) { - DEBUG(3,("ads_pull_string for 'homeDirectory' failed - skip\n")); - } - - if ((account->private.dir_drive = ads_pull_string(ads_struct, mem_ctx, msg,"homeDrive"))!=NULL) { - DEBUG(3,("ads_pull_string for 'homeDrive' failed - skip\n")); - } - - if ((account->private.profile_path = ads_pull_string(ads_struct, mem_ctx, msg,"profilePath"))!=NULL) { - DEBUG(3,("ads_pull_string for 'profilePath' failed - skip\n")); - } - - if ((account->private.logon_script = ads_pull_string(ads_struct, mem_ctx, msg,"scriptPath"))!=NULL) { - DEBUG(3,("ads_pull_string for 'scriptPath' failed - skip\n")); - } - - FIXME("check 'nsNPAllowDialIn' for munged_dial!\n"); - if ((account->private.munged_dial = ads_pull_string(ads_struct, mem_ctx, msg,"userParameters"))!=NULL) { - DEBUG(3,("ads_pull_string for 'userParameters' failed - skip\n")); - } - - if ((account->private.unix_home_dir = ads_pull_string(ads_struct, mem_ctx, msg,"msSFUHomeDrirectory"))!=NULL) { - DEBUG(3,("ads_pull_string for 'msSFUHomeDrirectory' failed - skip\n")); - } - -#if 0 - FIXME("use function intern mem_ctx for pwdLastSet\n"); - if ((tmp_str = ads_pull_string(ads_struct, mem_ctx, msg,"pwdLastSet"))!=NULL) { - DEBUG(3,("ads_pull_string for 'pwdLastSet' failed - skip\n")); - } else { - account->private.pass_last_set_time = ads_parse_nttime(tmp_str); - tmp_str = NULL; - - } -#endif - -#if 0 -typedef struct sam_account_handle { - TALLOC_CTX *mem_ctx; - uint32 access_granted; - const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */ - void (*free_fn)(struct sam_account_handle **); - struct sam_account_data { - uint32 init_flag; - NTTIME logon_time; /* logon time */ - NTTIME logoff_time; /* logoff time */ - NTTIME kickoff_time; /* kickoff time */ - NTTIME pass_last_set_time; /* password last set time */ - NTTIME pass_can_change_time; /* password can change time */ - NTTIME pass_must_change_time; /* password must change time */ - char * account_name; /* account_name string */ - SAM_DOMAIN_HANDLE * domain; /* domain of account */ - char *full_name; /* account's full name string */ - char *unix_home_dir; /* UNIX home directory string */ - char *home_dir; /* home directory string */ - char *dir_drive; /* home directory drive string */ - char *logon_script; /* logon script string */ - char *profile_path; /* profile path string */ - char *acct_desc; /* account description string */ - char *workstations; /* login from workstations string */ - char *unknown_str; /* don't know what this is, yet. */ - char *munged_dial; /* munged path name and dial-back tel number */ - DOM_SID account_sid; /* Primary Account SID */ - DOM_SID group_sid; /* Primary Group SID */ - DATA_BLOB lm_pw; /* .data is Null if no password */ - DATA_BLOB nt_pw; /* .data is Null if no password */ - char *plaintext_pw; /* if Null not available */ - uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */ - uint32 unknown_1; /* 0x00ff ffff */ - uint16 logon_divs; /* 168 - number of hours in a week */ - uint32 hours_len; /* normally 21 bytes */ - uint8 hours[MAX_HOURS_LEN]; - uint32 unknown_2; /* 0x0002 0000 */ - uint32 unknown_3; /* 0x0000 04ec */ - } private; -} SAM_ACCOUNT_HANDLE; -#endif - - return ads_status; -} - - -/*********************************************** -Initialize SAM_GROUP_ENUM from an ads entry -************************************************/ -/* not ready :-( */ -static ADS_STATUS ads_entry2sam_group_enum(SAM_ADS_PRIVATES *privates, TALLOC_CTX *mem_ctx, SAM_GROUP_ENUM **group_enum,const void *entry) -{ - ADS_STATUS ads_status = ADS_STATUS_UNSUCCESSFUL; - ADS_STRUCT *ads_struct = privates->ads_struct; - SAM_GROUP_ENUM __group_enum; - SAM_GROUP_ENUM *_group_enum = &__group_enum; - - SAM_ASSERT(privates && ads_struct && mem_ctx && group_enum && entry); - - *group_enum = _group_enum; - - DEBUG(3,("sam_ads: ads_entry2sam_account_handle\n")); - - if (!ads_pull_sid(ads_struct, &entry, "objectSid", &(_group_enum->sid))) { - DEBUG(0,("No sid for!?\n")); - return ADS_STATUS_UNSUCCESSFUL; - } - - if (!(_group_enum->group_name = ads_pull_string(ads_struct, mem_ctx, &entry, "sAMAccountName"))) { - DEBUG(0,("No groupname found")); - return ADS_STATUS_UNSUCCESSFUL; - } - - if (!(_group_enum->group_desc = ads_pull_string(ads_struct, mem_ctx, &entry, "desciption"))) { - DEBUG(0,("No description found")); - return ADS_STATUS_UNSUCCESSFUL; - } - - DEBUG(0,("sAMAccountName: %s\ndescription: %s\nobjectSid: %s\n", - _group_enum->group_name, - _group_enum->group_desc, - sid_string_static(&(_group_enum->sid)) - )); - - return ads_status; -} - -static ADS_STATUS sam_ads_access_check(SAM_ADS_PRIVATES *privates, const SEC_DESC *sd, const NT_USER_TOKEN *access_token, uint32 access_desired, uint32 *acc_granted) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_ACCESS_DENIED); - NTSTATUS nt_status; - uint32 my_acc_granted; - - SAM_ASSERT(privates && sd && access_token); - /* acc_granted can be set to NULL */ - - /* the steps you need are: - 1. get_sec_desc for sid - 2. se_map_generic(accessdesired, generic_mapping) - 3. se_access_check() */ - - if (!se_access_check(sd, access_token, access_desired, (acc_granted)?acc_granted:&my_acc_granted, &nt_status)) { - DEBUG(3,("sam_ads_access_check: ACCESS DENIED\n")); - ads_status = ADS_ERROR_NT(nt_status); - return ads_status; - } - ads_status = ADS_ERROR_NT(nt_status); - return ads_status; -} - -static ADS_STATUS sam_ads_get_tree_sec_desc(SAM_ADS_PRIVATES *privates, const char *subtree, SEC_DESC **sd) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = privates->mem_ctx; - char *search_path; - void *sec_desc_res; - void *sec_desc_msg; - const char *sec_desc_attrs[] = {"nTSecurityDescriptor",NULL}; - - SAM_ASSERT(privates && ads_struct && mem_ctx && sd); - *sd = NULL; - - if (subtree) { - asprintf(&search_path, "%s%s",subtree,ads_struct->config.bind_path); - } else { - asprintf(&search_path, "%s",""); - } - ads_status = sam_ads_do_search(privates, search_path, LDAP_SCOPE_BASE, "(objectClass=*)", sec_desc_attrs, &sec_desc_res); - SAFE_FREE(search_path); - if (!ADS_ERR_OK(ads_status)) - return ads_status; - - if ((sec_desc_msg = ads_first_entry(ads_struct, sec_desc_res))==NULL) { - ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); - return ads_status; - } - - if (!ads_pull_sd(ads_struct, mem_ctx, sec_desc_msg, sec_desc_attrs[0], sd)) { - *sd = NULL; - ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); - return ads_status; - } - - return ads_status; -} - -static ADS_STATUS sam_ads_account_policy_get(SAM_ADS_PRIVATES *privates, int field, uint32 *value) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); - ADS_STRUCT *ads_struct = privates->ads_struct; - void *ap_res; - void *ap_msg; - const char *ap_attrs[] = {"minPwdLength",/* AP_MIN_PASSWORD_LEN */ - "pwdHistoryLength",/* AP_PASSWORD_HISTORY */ - "AP_USER_MUST_LOGON_TO_CHG_PASS",/* AP_USER_MUST_LOGON_TO_CHG_PASS */ - "maxPwdAge",/* AP_MAX_PASSWORD_AGE */ - "minPwdAge",/* AP_MIN_PASSWORD_AGE */ - "lockoutDuration",/* AP_LOCK_ACCOUNT_DURATION */ - "AP_RESET_COUNT_TIME",/* AP_RESET_COUNT_TIME */ - "AP_BAD_ATTEMPT_LOCKOUT",/* AP_BAD_ATTEMPT_LOCKOUT */ - "AP_TIME_TO_LOGOUT",/* AP_TIME_TO_LOGOUT */ - NULL}; - /*lockOutObservationWindow - lockoutThreshold $ pwdProperties*/ - static uint32 ap[9]; - static uint32 ap_usn = 0; - uint32 tmp_usn = 0; - - SAM_ASSERT(privates && ads_struct && value); - - FIXME("We need to decode all account_policy attributes!\n"); - - ads_status = sam_ads_usn_is_valid(privates,ap_usn,&tmp_usn); - if (!ADS_ERR_OK(ads_status)) { - ads_status = sam_ads_do_search(privates, ads_struct->config.bind_path, LDAP_SCOPE_BASE, "(objectClass=*)", ap_attrs, &ap_res); - if (!ADS_ERR_OK(ads_status)) - return ads_status; - - if (ads_count_replies(ads_struct, ap_res) != 1) { - ads_msgfree(ads_struct, ap_res); - return ADS_ERROR(LDAP_NO_RESULTS_RETURNED); - } - - if (!(ap_msg = ads_first_entry(ads_struct, ap_res))) { - ads_msgfree(ads_struct, ap_res); - return ADS_ERROR(LDAP_NO_RESULTS_RETURNED); - } - - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[0], &ap[0])) { - /* AP_MIN_PASSWORD_LEN */ - ap[0] = MINPASSWDLENGTH;/* 5 chars minimum */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[1], &ap[1])) { - /* AP_PASSWORD_HISTORY */ - ap[1] = 0;/* don't keep any old password */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[2], &ap[2])) { - /* AP_USER_MUST_LOGON_TO_CHG_PASS */ - ap[2] = 0;/* don't force user to logon */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[3], &ap[3])) { - /* AP_MAX_PASSWORD_AGE */ - ap[3] = MAX_PASSWORD_AGE;/* 21 days */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[4], &ap[4])) { - /* AP_MIN_PASSWORD_AGE */ - ap[4] = 0;/* 0 days */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[5], &ap[5])) { - /* AP_LOCK_ACCOUNT_DURATION */ - ap[5] = 0;/* lockout for 0 minutes */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[6], &ap[6])) { - /* AP_RESET_COUNT_TIME */ - ap[6] = 0;/* reset immediatly */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[7], &ap[7])) { - /* AP_BAD_ATTEMPT_LOCKOUT */ - ap[7] = 0;/* don't lockout */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[8], &ap[8])) { - /* AP_TIME_TO_LOGOUT */ - ap[8] = -1;/* don't force logout */ - } - - ads_msgfree(ads_struct, ap_res); - ap_usn = tmp_usn; - } - - switch(field) { - case AP_MIN_PASSWORD_LEN: - *value = ap[0]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_PASSWORD_HISTORY: - *value = ap[1]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_USER_MUST_LOGON_TO_CHG_PASS: - *value = ap[2]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_MAX_PASSWORD_AGE: - *value = ap[3]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_MIN_PASSWORD_AGE: - *value = ap[4]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_LOCK_ACCOUNT_DURATION: - *value = ap[5]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_RESET_COUNT_TIME: - *value = ap[6]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_BAD_ATTEMPT_LOCKOUT: - *value = ap[7]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_TIME_TO_LOGOUT: - *value = ap[8]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - default: *value = 0; break; - } - - return ads_status; -} - - -/********************************** -Now the functions off the SAM API -***********************************/ - -/* General API */ -static NTSTATUS sam_ads_get_sec_desc(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, - const DOM_SID *sid, SEC_DESC **sd) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx; - char *sidstr,*filter; - void *sec_desc_res; - void *sec_desc_msg; - const char *sec_desc_attrs[] = {"nTSecurityDescriptor",NULL}; - fstring sid_str; - SEC_DESC *my_sd; - - SAM_ASSERT(sam_method && access_token && sid && sd); - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL); - - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - sidstr = sid_binstring(sid); - if (asprintf(&filter, "(objectSid=%s)", sidstr) == -1) { - SAFE_FREE(sidstr); - return NT_STATUS_NO_MEMORY; - } - - SAFE_FREE(sidstr); - - ads_status = sam_ads_do_search(privates,ads_struct->config.bind_path, - LDAP_SCOPE_SUBTREE, filter, sec_desc_attrs, - &sec_desc_res); - SAFE_FREE(filter); - - if (!ADS_ERR_OK(ads_status)) { - return ads_ntstatus(ads_status); - } - - if (!(mem_ctx = talloc_init_named("sec_desc parse in sam_ads"))) { - DEBUG(1, ("talloc_init_named() failed for sec_desc parse context in sam_ads")); - ads_msgfree(ads_struct, sec_desc_res); - return NT_STATUS_NO_MEMORY; - } - - if (ads_count_replies(ads_struct, sec_desc_res) != 1) { - DEBUG(1,("sam_ads_get_sec_desc: duplicate or 0 results for sid %s\n", - sid_to_string(sid_str, sid))); - talloc_destroy(mem_ctx); - ads_msgfree(ads_struct, sec_desc_res); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!(sec_desc_msg = ads_first_entry(ads_struct, sec_desc_res))) { - talloc_destroy(mem_ctx); - ads_msgfree(ads_struct, sec_desc_res); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!ads_pull_sd(ads_struct, mem_ctx, sec_desc_msg, sec_desc_attrs[0], sd)) { - ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); - talloc_destroy(mem_ctx); - ads_msgfree(ads_struct, sec_desc_res); - return ads_ntstatus(ads_status); - } - - /* now, were we allowed to see the SD we just got? */ - - ads_msgfree(ads_struct, sec_desc_res); - talloc_destroy(mem_ctx); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_set_sec_desc(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, - const DOM_SID *sid, const SEC_DESC *sd) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - - -static NTSTATUS sam_ads_lookup_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, - TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, - enum SID_NAME_USE *type) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - SEC_DESC *my_sd; - - SAM_ASSERT(sam_method && access_token && mem_ctx && sid && name && type); - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - return ads_sid_to_name(ads_struct, mem_ctx, sid, name, type); -} - -static NTSTATUS sam_ads_lookup_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, - const char *name, DOM_SID *sid, enum SID_NAME_USE *type) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - SEC_DESC *my_sd; - - SAM_ASSERT(sam_method && access_token && name && sid && type); - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - return ads_name_to_sid(ads_struct, name, sid, type); -} - - -/* Domain API */ - -static NTSTATUS sam_ads_update_domain(const SAM_METHODS *sam_method, const SAM_DOMAIN_HANDLE *domain) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_get_domain_handle(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, - const uint32 access_desired, SAM_DOMAIN_HANDLE **domain) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - TALLOC_CTX *mem_ctx = privates->mem_ctx; /*Fix me is this right??? */ - SAM_DOMAIN_HANDLE *dom_handle = NULL; - SEC_DESC *sd; - uint32 acc_granted; - uint32 tmp_value; - - DEBUG(5,("sam_ads_get_domain_handle: %d\n",__LINE__)); - - SAM_ASSERT(sam_method && access_token && domain); - - (*domain) = NULL; - - if ((dom_handle = talloc(mem_ctx, sizeof(SAM_DOMAIN_HANDLE))) == NULL) { - DEBUG(0,("failed to talloc dom_handle\n")); - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - return ads_ntstatus(ads_status); - } - - ZERO_STRUCTP(dom_handle); - - dom_handle->mem_ctx = mem_ctx; /*Fix me is this right??? */ - dom_handle->free_fn = NULL; - dom_handle->current_sam_methods = sam_method; - - /* check if access can be granted as requested */ - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - dom_handle->access_granted = acc_granted; - - /* fill all the values of dom_handle */ - sid_copy(&dom_handle->private.sid, &sam_method->domain_sid); - dom_handle->private.name = smb_xstrdup(sam_method->domain_name); - dom_handle->private.servername = "WHOKNOWS"; /* what is the servername */ - - /*Fix me: sam_ads_account_policy_get() return ADS_STATUS! */ - ads_status = sam_ads_account_policy_get(privates, AP_MAX_PASSWORD_AGE, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for max password age. Useing default\n")); - tmp_value = MAX_PASSWORD_AGE; - } - unix_to_nt_time_abs(&dom_handle->private.max_passwordage,tmp_value); - - ads_status = sam_ads_account_policy_get(privates, AP_MIN_PASSWORD_AGE, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for min password age. Useing default\n")); - tmp_value = 0; - } - unix_to_nt_time_abs(&dom_handle->private.min_passwordage, tmp_value); - - ads_status = sam_ads_account_policy_get(privates, AP_LOCK_ACCOUNT_DURATION, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for lockout duration. Useing default\n")); - tmp_value = 0; - } - unix_to_nt_time_abs(&dom_handle->private.lockout_duration, tmp_value); - - ads_status = sam_ads_account_policy_get(privates, AP_RESET_COUNT_TIME, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for time till locout count is reset. Useing default\n")); - tmp_value = 0; - } - unix_to_nt_time_abs(&dom_handle->private.reset_count, tmp_value); - - ads_status = sam_ads_account_policy_get(privates, AP_MIN_PASSWORD_LEN, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for min password length. Useing default\n")); - tmp_value = 0; - } - dom_handle->private.min_passwordlength = (uint16)tmp_value; - - ads_status = sam_ads_account_policy_get(privates, AP_PASSWORD_HISTORY, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed password history. Useing default\n")); - tmp_value = 0; - } - dom_handle->private.password_history = (uint16)tmp_value; - - ads_status = sam_ads_account_policy_get(privates, AP_BAD_ATTEMPT_LOCKOUT, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for bad attempts till lockout. Useing default\n")); - tmp_value = 0; - } - dom_handle->private.lockout_count = (uint16)tmp_value; - - ads_status = sam_ads_account_policy_get(privates, AP_TIME_TO_LOGOUT, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for force logout. Useing default\n")); - tmp_value = -1; - } - - ads_status = sam_ads_account_policy_get(privates, AP_USER_MUST_LOGON_TO_CHG_PASS, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for user must login to change password. Useing default\n")); - tmp_value = 0; - } - - /* should the real values of num_accounts, num_groups and num_aliases be retreved? - * I think it is to expensive to bother - */ - dom_handle->private.num_accounts = 3; - dom_handle->private.num_groups = 4; - dom_handle->private.num_aliases = 5; - - *domain = dom_handle; - - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - return ads_ntstatus(ads_status); -} - -/* Account API */ -static NTSTATUS sam_ads_create_account(const SAM_METHODS *sam_method, - const NT_USER_TOKEN *access_token, uint32 access_desired, - const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - SEC_DESC *sd = NULL; - uint32 acc_granted; - - SAM_ASSERT(sam_method && privates && access_token && account_name && account); - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_SUBTREE_USERS, &sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = ADS_ERROR_NT(sam_init_account(account)); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - (*account)->access_granted = acc_granted; - - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_add_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account) -{ - ADS_STATUS ads_status = ADS_ERROR(LDAP_NO_MEMORY); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = privates->mem_ctx; - ADS_MODLIST mods; - uint16 acct_ctrl; - char *new_dn; - SEC_DESC *sd; - uint32 acc_granted; - - SAM_ASSERT(sam_method && account); - - ads_status = ADS_ERROR_NT(sam_get_account_acct_ctrl(account,&acct_ctrl)); - if (!ADS_ERR_OK(ads_status)) - goto done; - - if ((acct_ctrl & ACB_WSTRUST)||(acct_ctrl & ACB_SVRTRUST)) { - /* Computer account */ - char *name,*controlstr; - char *hostname,*host_upn,*host_spn; - const char *objectClass[] = {"top", "person", "organizationalPerson", - "user", "computer", NULL}; - - ads_status = ADS_ERROR_NT(sam_get_account_name(account,&name)); - if (!ADS_ERR_OK(ads_status)) - goto done; - - if (!(host_upn = talloc_asprintf(mem_ctx, "%s@%s", name, ads_struct->config.realm))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(new_dn = talloc_asprintf(mem_ctx, "CN=%s,CN=Computers,%s", hostname, - ads_struct->config.bind_path))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(controlstr = talloc_asprintf(mem_ctx, "%u", ads_acb2uf(acct_ctrl)))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(mods = ads_init_mods(mem_ctx))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - ads_status = ads_mod_str(mem_ctx, &mods, "cn", hostname); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_strlist(mem_ctx, &mods, "objectClass", objectClass); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "userPrincipalName", host_upn); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "displayName", hostname); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "sAMAccountName", name); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr); - if (!ADS_ERR_OK(ads_status)) - goto done; - - ads_status = ads_mod_str(mem_ctx, &mods, "servicePrincipalName", host_spn); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "dNSHostName", hostname); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr); - if (!ADS_ERR_OK(ads_status)) - goto done; - /* ads_status = ads_mod_str(mem_ctx, &mods, "operatingSystem", "Samba"); - if (!ADS_ERR_OK(ads_status)) - goto done; - *//* ads_status = ads_mod_str(mem_ctx, &mods, "operatingSystemVersion", VERSION); - if (!ADS_ERR_OK(ads_status)) - goto done; - */ - /* End Computer account */ - } else { - /* User account*/ - char *upn, *controlstr; - char *name, *fullname; - const char *objectClass[] = {"top", "person", "organizationalPerson", - "user", NULL}; - - ads_status = ADS_ERROR_NT(sam_get_account_name(account,&name)); - if (!ADS_ERR_OK(ads_status)) - goto done; - - ads_status = ADS_ERROR_NT(sam_get_account_fullname(account,&fullname)); - if (!ADS_ERR_OK(ads_status)) - goto done; - - if (!(upn = talloc_asprintf(mem_ctx, "%s@%s", name, ads_struct->config.realm))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(new_dn = talloc_asprintf(mem_ctx, "CN=%s,CN=Users,%s", fullname, - ads_struct->config.bind_path))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(controlstr = talloc_asprintf(mem_ctx, "%u", ads_acb2uf(acct_ctrl)))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(mods = ads_init_mods(mem_ctx))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - ads_status = ads_mod_str(mem_ctx, &mods, "cn", fullname); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_strlist(mem_ctx, &mods, "objectClass", objectClass); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "userPrincipalName", upn); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "displayName", fullname); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "sAMAccountName", name); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr); - if (!ADS_ERR_OK(ads_status)) - goto done; - }/* End User account */ - - /* Finally at the account */ - ads_status = ads_gen_add(ads_struct, new_dn, mods); - -done: - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_update_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_delete_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - - - - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_enum_accounts(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -#if 0 -static NTSTATUS sam_ads_get_account_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *account_sid, SAM_ACCOUNT_HANDLE **account) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = privates->mem_ctx; - SEC_DESC *sd = NULL; - uint32 acc_granted; - - SAM_ASSERT(sam_method && privates && ads_struct && access_token && account_sid && account); - - ads_status = ADS_ERROR_NT(sam_ads_get_sec_desc(sam_method, access_token, account_sid, &my_sd)); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = ADS_ERROR_NT(sam_init_account(account)); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - (*account)->access_granted = acc_granted; - - return ads_ntstatus(ads_status); -} -#else -static NTSTATUS sam_ads_get_account_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *account_sid, SAM_ACCOUNT_HANDLE **account) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} -#endif - -#if 0 -static NTSTATUS sam_ads_get_account_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *account_name, SAM_ACCOUNT_HANDLE **account) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = privates->mem_ctx; - SEC_DESC *sd = NULL; - uint32 acc_granted; - - SAM_ASSERT(sam_method && privates && ads_struct && access_token && account_name && account); - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = ADS_ERROR_NT(sam_init_account(account)); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - (*account)->access_granted = acc_granted; - - return ads_ntstatus(ads_status); -} -#else -static NTSTATUS sam_ads_get_account_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *account_name, SAM_ACCOUNT_HANDLE **account) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} -#endif - -/* Group API */ -static NTSTATUS sam_ads_create_group(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_add_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_update_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_delete_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_enum_groups(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = privates->mem_ctx; - void *res = NULL; - void *msg = NULL; - char *filter = NULL; - int i = 0; - - /* get only these LDAP attributes, witch we really need for a group */ - const char *group_enum_attrs[] = {"objectSid", - "description", - "sAMAcountName", - NULL}; - - SAM_ASSERT(sam_method && access_token && groups_count && groups); - - *groups_count = 0; - - DEBUG(3,("ads: enum_dom_groups\n")); - - FIXME("get only group from the wanted Type!\n"); - asprintf(&filter, "(&(objectClass=group)(groupType=%s))", "*"); - ads_status = sam_ads_do_search(privates, ads_struct->config.bind_path, LDAP_SCOPE_SUBTREE, filter, group_enum_attrs, &res); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(1,("enum_groups ads_search: %s\n", ads_errstr(ads_status))); - } - - *groups_count = ads_count_replies(ads_struct, res); - if (*groups_count == 0) { - DEBUG(1,("enum_groups: No groups found\n")); - } - - (*groups) = talloc_zero(mem_ctx, (*groups_count) * sizeof(**groups)); - if (!*groups) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - } - - for (msg = ads_first_entry(ads_struct, res); msg; msg = ads_next_entry(ads_struct, msg)) { - uint32 grouptype; - - if (!ads_pull_uint32(ads_struct, msg, "groupType", &grouptype)) { - ; - } else { - (*groups)->group_ctrl = ads_gtype2gcb(grouptype); - } - - if (!((*groups)->group_name = ads_pull_string(ads_struct, mem_ctx, msg, "sAMAccountName"))) { - ; - } - - if (!((*groups)->group_desc = ads_pull_string(ads_struct, mem_ctx, msg, "description"))) { - ; - } - - if (!ads_pull_sid(ads_struct, msg, "objectSid", &((*groups)->sid))) { - DEBUG(1,("No sid for group %s !?\n", (*groups)->group_name)); - continue; - } - - i++; - } - - (*groups_count) = i; - - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - - DEBUG(3,("ads enum_dom_groups gave %d entries\n", (*groups_count))); - - if (res) ads_msgfree(ads_struct, res); - - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_get_group_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_get_group_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_add_member_to_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_delete_member_from_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_enum_groupmembers(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_get_groups_of_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const DOM_SID **sids, const uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",__FUNCTION__)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -/********************************** -Free our private data -***********************************/ -static void sam_ads_free_private_data(void **vp) -{ - SAM_ADS_PRIVATES **sam_ads_state = (SAM_ADS_PRIVATES **)vp; - - if ((*sam_ads_state)->ads_struct->ld) { - ldap_unbind((*sam_ads_state)->ads_struct->ld); - } - - ads_destroy(&((*sam_ads_state)->ads_struct)); - - talloc_destroy((*sam_ads_state)->mem_ctx); - FIXME("maybe we must free some other stuff here\n"); - - *sam_ads_state = NULL; -} - - - -/***************************************************** -Init the ADS SAM backend -******************************************************/ -NTSTATUS sam_init_ads(SAM_METHODS *sam_method, const char *module_params) -{ - ADS_STATUS ads_status; - SAM_ADS_PRIVATES *sam_ads_state; - TALLOC_CTX *mem_ctx; - - SAM_ASSERT(sam_method && sam_method->parent); - - mem_ctx = sam_method->parent->mem_ctx; - - /* Here the SAM API functions of the sam_ads module */ - - /* General API */ - - sam_method->sam_get_sec_desc = sam_ads_get_sec_desc; - sam_method->sam_set_sec_desc = sam_ads_set_sec_desc; - - sam_method->sam_lookup_sid = sam_ads_lookup_sid; - sam_method->sam_lookup_name = sam_ads_lookup_name; - - /* Domain API */ - - sam_method->sam_update_domain = sam_ads_update_domain; - sam_method->sam_get_domain_handle = sam_ads_get_domain_handle; - - /* Account API */ - - sam_method->sam_create_account = sam_ads_create_account; - sam_method->sam_add_account = sam_ads_add_account; - sam_method->sam_update_account = sam_ads_update_account; - sam_method->sam_delete_account = sam_ads_delete_account; - sam_method->sam_enum_accounts = sam_ads_enum_accounts; - - sam_method->sam_get_account_by_sid = sam_ads_get_account_by_sid; - sam_method->sam_get_account_by_name = sam_ads_get_account_by_name; - - /* Group API */ - - sam_method->sam_create_group = sam_ads_create_group; - sam_method->sam_add_group = sam_ads_add_group; - sam_method->sam_update_group = sam_ads_update_group; - sam_method->sam_delete_group = sam_ads_delete_group; - sam_method->sam_enum_groups = sam_ads_enum_groups; - sam_method->sam_get_group_by_sid = sam_ads_get_group_by_sid; - sam_method->sam_get_group_by_name = sam_ads_get_group_by_name; - - sam_method->sam_add_member_to_group = sam_ads_add_member_to_group; - sam_method->sam_delete_member_from_group = sam_ads_delete_member_from_group; - sam_method->sam_enum_groupmembers = sam_ads_enum_groupmembers; - - sam_method->sam_get_groups_of_sid = sam_ads_get_groups_of_sid; - - sam_ads_state = talloc_zero(mem_ctx, sizeof(SAM_ADS_PRIVATES)); - if (!sam_ads_state) { - DEBUG(0, ("talloc() failed for sam_ads private_data!\n")); - return NT_STATUS_NO_MEMORY; - } - - if (!(sam_ads_state->mem_ctx = talloc_init_named("sam_ads_method"))) { - DEBUG(0, ("talloc_init_named() failed for sam_ads_state->mem_ctx\n")); - return NT_STATUS_NO_MEMORY; - } - - sam_ads_state->ads_bind_dn = talloc_strdup(sam_ads_state->mem_ctx, lp_parm_string(NULL,"sam_ads","bind as")); - sam_ads_state->ads_bind_pw = talloc_strdup(sam_ads_state->mem_ctx, lp_parm_string(NULL,"sam_ads","bind pw")); - - sam_ads_state->bind_plaintext = strequal(lp_parm_string(NULL, "sam_ads", "plaintext bind"), "yes"); - - if (!sam_ads_state->ads_bind_dn || !sam_ads_state->ads_bind_pw) { - DEBUG(0, ("talloc_strdup() failed for bind dn or password\n")); - return NT_STATUS_NO_MEMORY; - } - - /* Maybe we should not check the result here? Server down on startup? */ - - if (module_params && *module_params) { - sam_ads_state->ldap_uri = talloc_strdup(sam_ads_state->mem_ctx, module_params); - if (!sam_ads_state->ldap_uri) { - DEBUG(0, ("talloc_strdup() failed for bind dn or password\n")); - return NT_STATUS_NO_MEMORY; - } - } else { - sam_ads_state->ldap_uri = "ldapi://"; - } - - ads_status = sam_ads_cached_connection(sam_ads_state); - if (!ADS_ERR_OK(ads_status)) { - return ads_ntstatus(ads_status); - } - - sam_method->private_data = sam_ads_state; - sam_method->free_private_data = sam_ads_free_private_data; - - sam_ads_debug_level = debug_add_class("sam_ads"); - if (sam_ads_debug_level == -1) { - sam_ads_debug_level = DBGC_ALL; - DEBUG(0, ("sam_ads: Couldn't register custom debugging class!\n")); - } else DEBUG(2, ("sam_ads: Debug class number of 'sam_ads': %d\n", sam_ads_debug_level)); - - DEBUG(5, ("Initializing sam_ads\n")); - if (module_params) - DEBUG(10, ("Module Parameters for Domain %s[%s]: %s\n", sam_method->domain_name, sam_method->domain_name, module_params)); - return NT_STATUS_OK; -} - -#else /* HAVE_LDAP */ -void sam_ads_dummy(void) -{ - DEBUG(0,("sam_ads: not supported!\n")); -} -#endif /* HAVE_LDAP */ diff --git a/source3/sam/sam_plugin.c b/source3/sam/sam_plugin.c deleted file mode 100644 index fd26c4b8d3..0000000000 --- a/source3/sam/sam_plugin.c +++ /dev/null @@ -1,79 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Loadable san module interface. - Copyright (C) Jelmer Vernooij 2002 - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -NTSTATUS sam_init_plugin(SAM_METHODS *sam_methods, const char *module_params) -{ - void *dl_handle; - char *plugin_params, *plugin_name, *p; - sam_init_function plugin_init; - int (*plugin_version)(void); - - if (module_params == NULL) { - DEBUG(0, ("The plugin module needs an argument!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - plugin_name = smb_xstrdup(module_params); - p = strchr(plugin_name, ':'); - if (p) { - *p = 0; - plugin_params = p+1; - trim_string(plugin_params, " ", " "); - } else plugin_params = NULL; - trim_string(plugin_name, " ", " "); - - DEBUG(5, ("Trying to load sam plugin %s\n", plugin_name)); - dl_handle = sys_dlopen(plugin_name, RTLD_NOW); - if (!dl_handle) { - DEBUG(0, ("Failed to load sam plugin %s using sys_dlopen (%s)\n", plugin_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - plugin_version = sys_dlsym(dl_handle, "sam_version"); - if (!plugin_version) { - sys_dlclose(dl_handle); - DEBUG(0, ("Failed to find function 'sam_version' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - if (plugin_version()!=SAM_INTERFACE_VERSION) { - sys_dlclose(dl_handle); - DEBUG(0, ("Wrong SAM_INTERFACE_VERSION! sam plugin has version %d and version %d is needed! Please update!\n", - plugin_version(),SAM_INTERFACE_VERSION)); - return NT_STATUS_UNSUCCESSFUL; - } - - plugin_init = sys_dlsym(dl_handle, "sam_init"); - if (!plugin_init) { - sys_dlclose(dl_handle); - DEBUG(0, ("Failed to find function 'sam_init' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - DEBUG(5, ("Starting sam plugin %s with parameters %s for domain %s\n", plugin_name, plugin_params, sam_methods->domain_name)); - return plugin_init(sam_methods, plugin_params); -} diff --git a/source3/sam/sam_skel.c b/source3/sam/sam_skel.c deleted file mode 100644 index 8073470716..0000000000 --- a/source3/sam/sam_skel.c +++ /dev/null @@ -1,251 +0,0 @@ -/* - Unix SMB/CIFS implementation. - this is a skeleton for SAM backend modules. - - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jelmer Vernooij 2002 - Copyright (C) Andrew Bartlett 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -static int sam_skel_debug_level = DBGC_SAM; - -#undef DBGC_CLASS -#define DBGC_CLASS sam_skel_debug_level - -/* define the version of the SAM interface */ -SAM_MODULE_VERSIONING_MAGIC - -/* General API */ - -static NTSTATUS sam_skel_get_sec_desc(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_set_sec_desc(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS sam_skel_lookup_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_lookup_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const char *name, DOM_SID *sid, uint32 *type) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -/* Domain API */ - -static NTSTATUS sam_skel_update_domain(const SAM_METHODS *sam_methods, const SAM_DOMAIN_HANDLE *domain) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_get_domain_handle(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, SAM_DOMAIN_HANDLE **domain) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -/* Account API */ - -static NTSTATUS sam_skel_create_account(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_add_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_update_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_delete_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_enum_accounts(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS sam_skel_get_account_by_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_get_account_by_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_ACCOUNT_HANDLE **account) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -/* Group API */ - -static NTSTATUS sam_skel_create_group(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_add_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_update_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_delete_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_enum_groups(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_get_group_by_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_get_group_by_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS sam_skel_add_member_to_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_delete_member_from_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_enum_groupmembers(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS sam_skel_get_groups_of_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) -{ - DEBUG(0,("sam_skel: %s was called!\n",__FUNCTION__)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -NTSTATUS sam_init_skel(SAM_METHODS *sam_methods, const char *module_params) -{ - /* Functions your SAM module doesn't provide should be set - * to NULL */ - - sam_methods->sam_get_sec_desc = sam_skel_get_sec_desc; - sam_methods->sam_set_sec_desc = sam_skel_set_sec_desc; - - sam_methods->sam_lookup_sid = sam_skel_lookup_sid; - sam_methods->sam_lookup_name = sam_skel_lookup_name; - - /* Domain API */ - - sam_methods->sam_update_domain = sam_skel_update_domain; - sam_methods->sam_get_domain_handle = sam_skel_get_domain_handle; - - /* Account API */ - - sam_methods->sam_create_account = sam_skel_create_account; - sam_methods->sam_add_account = sam_skel_add_account; - sam_methods->sam_update_account = sam_skel_update_account; - sam_methods->sam_delete_account = sam_skel_delete_account; - sam_methods->sam_enum_accounts = sam_skel_enum_accounts; - - sam_methods->sam_get_account_by_sid = sam_skel_get_account_by_sid; - sam_methods->sam_get_account_by_name = sam_skel_get_account_by_name; - - /* Group API */ - - sam_methods->sam_create_group = sam_skel_create_group; - sam_methods->sam_add_group = sam_skel_add_group; - sam_methods->sam_update_group = sam_skel_update_group; - sam_methods->sam_delete_group = sam_skel_delete_group; - sam_methods->sam_enum_groups = sam_skel_enum_groups; - sam_methods->sam_get_group_by_sid = sam_skel_get_group_by_sid; - sam_methods->sam_get_group_by_name = sam_skel_get_group_by_name; - - sam_methods->sam_add_member_to_group = sam_skel_add_member_to_group; - sam_methods->sam_delete_member_from_group = sam_skel_delete_member_from_group; - sam_methods->sam_enum_groupmembers = sam_skel_enum_groupmembers; - - sam_methods->sam_get_groups_of_sid = sam_skel_get_groups_of_sid; - - sam_methods->free_private_data = NULL; - - - sam_skel_debug_level = debug_add_class("sam_skel"); - if (sam_skel_debug_level == -1) { - sam_skel_debug_level = DBGC_SAM; - DEBUG(0, ("sam_skel: Couldn't register custom debugging class!\n")); - } else DEBUG(2, ("sam_skel: Debug class number of 'sam_skel': %d\n", sam_skel_debug_level)); - - if(module_params) - DEBUG(0, ("Starting 'sam_skel' with parameters '%s' for domain %s\n", module_params, sam_methods->domain_name)); - else - DEBUG(0, ("Starting 'sam_skel' for domain %s without paramters\n", sam_methods->domain_name)); - - return NT_STATUS_OK; -} diff --git a/source3/smbd/build_options.c b/source3/smbd/build_options.c index 8129f22898..f52c53dda5 100644 --- a/source3/smbd/build_options.c +++ b/source3/smbd/build_options.c @@ -188,6 +188,7 @@ void build_options(BOOL screen) output(screen," SBINDIR: %s\n", dyn_SBINDIR); output(screen," BINDIR: %s\n", dyn_BINDIR); output(screen," LOCKDIR: %s\n",dyn_LOCKDIR); + output(screen," DRIVERFILE: %s\n", dyn_DRIVERFILE); output(screen," LOGFILEBASE: %s\n", dyn_LOGFILEBASE); /*Output various other options (most map to defines in the configure script*/ diff --git a/source3/smbd/change_trust_pw.c b/source3/smbd/change_trust_pw.c index 4811083c2d..7cb9084072 100644 --- a/source3/smbd/change_trust_pw.c +++ b/source3/smbd/change_trust_pw.c @@ -122,6 +122,7 @@ account password for domain %s.\n", domain)); if(NT_STATUS_IS_OK(res = modify_trust_password( domain, dc_name, old_trust_passwd_hash))) break; + } else { res = modify_trust_password( domain, remote_machine, old_trust_passwd_hash); diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 3d9a4675b2..ad00794bd7 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -3,7 +3,6 @@ Main SMB server routines Copyright (C) Andrew Tridgell 1992-1998 Copyright (C) Martin Pool 2002 - Copyright (C) Jelmer Vernooij 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -613,48 +612,120 @@ static void init_structs(void ) } /**************************************************************************** + Usage on the program. +****************************************************************************/ + +static void usage(char *pname) +{ + + d_printf("Usage: %s [-DaioPh?Vb] [-d debuglevel] [-l log basename] [-p port]\n", pname); + d_printf(" [-O socket options] [-s services file]\n"); + d_printf("\t-D Become a daemon (default)\n"); + d_printf("\t-a Append to log file (default)\n"); + d_printf("\t-i Run interactive (not a daemon)\n" ); + d_printf("\t-o Overwrite log file, don't append\n"); + d_printf("\t-h Print usage\n"); + d_printf("\t-? Print usage\n"); + d_printf("\t-V Print version\n"); + d_printf("\t-b Print build options\n"); + d_printf("\t-d debuglevel Set the debuglevel\n"); + d_printf("\t-l log basename. Basename for log/debug files\n"); + d_printf("\t-p port Listen on the specified port\n"); + d_printf("\t-O socket options Socket options\n"); + d_printf("\t-s services file. Filename of services file\n"); + d_printf("\n"); +} + +/**************************************************************************** main program. ****************************************************************************/ - int main(int argc,const char *argv[]) + int main(int argc,char *argv[]) { + extern BOOL append_log; + extern BOOL AllowDebugChange; + extern char *optarg; /* shall I run as a daemon */ - static BOOL is_daemon = False; - static BOOL interactive = False; - static char *ports = NULL; + BOOL is_daemon = False; + BOOL interactive = False; + BOOL specified_logfile = False; + char *ports = NULL; int opt; - poptContext pc; - - struct poptOption long_options[] = { - POPT_AUTOHELP - {"daemon", 'D', POPT_ARG_VAL, &is_daemon, True, "Become a daemon (default)" }, - {"interactive", 'i', POPT_ARG_VAL, &interactive, True, "Run interactive (not a daemon)"}, - {"build-options", 'b', POPT_ARG_NONE, NULL, 'b', "Print build options" }, - {"port", 'p', POPT_ARG_STRING, &ports, 0, "Listen on the specified ports"}, - {NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_debug}, - {NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_configfile}, - {NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_socket_options}, - {NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_log_base}, - {NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_version}, - { NULL } - }; + pstring logfile; #ifdef HAVE_SET_AUTH_PARAMETERS set_auth_parameters(argc,argv); #endif - pc = poptGetContext("smbd", argc, argv, long_options, 0); - - while((opt = poptGetNextOpt(pc)) != -1) { + /* this is for people who can't start the program correctly */ + while (argc > 1 && (*argv[1] != '-')) { + argv++; + argc--; + } + + while ( EOF != (opt = getopt(argc, argv, "O:l:s:d:Dp:h?bVaiof:")) ) switch (opt) { + case 'O': + pstrcpy(user_socket_options,optarg); + break; + + case 's': + pstrcpy(dyn_CONFIGFILE,optarg); + break; + + case 'l': + specified_logfile = True; + pstr_sprintf(logfile, "%s/log.smbd", optarg); + lp_set_logfile(logfile); + break; + + case 'a': + append_log = True; + break; + + case 'i': + interactive = True; + break; + + case 'o': + append_log = False; + break; + + case 'D': + is_daemon = True; + break; + + case 'd': + if (*optarg == 'A') + DEBUGLEVEL = 10000; + else + DEBUGLEVEL = atoi(optarg); + AllowDebugChange = False; + break; + + case 'p': + ports = optarg; + break; + + case 'h': + case '?': + usage(argv[0]); + exit(0); + break; + + case 'V': + d_printf("Version %s\n",VERSION); + exit(0); + break; case 'b': - build_options(True); /* Display output to screen as well as debug */ + build_options(True); /* Display output to screen as well as debug */ exit(0); break; + default: + DEBUG(0,("Incorrect program usage - are you sure the command line is correct?\n")); + usage(argv[0]); + exit(1); } - } - - poptFreeContext(pc); #ifdef HAVE_SETLUID /* needed for SecureWare on SCO */ @@ -665,6 +736,13 @@ static void init_structs(void ) load_case_tables(); + append_log = True; + + if(!specified_logfile) { + pstr_sprintf(logfile, "%s/log.smbd", dyn_LOGFILEBASE); + lp_set_logfile(logfile); + } + set_remote_machine_name("smbd"); setup_logging(argv[0],interactive); diff --git a/source3/torture/cmd_sam.c b/source3/torture/cmd_sam.c deleted file mode 100644 index 3f7f7dfe27..0000000000 --- a/source3/torture/cmd_sam.c +++ /dev/null @@ -1,514 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM module functions - - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "samtest.h" - -static void print_account(SAM_ACCOUNT_HANDLE *a) -{ - /* FIXME */ -} - -static NTSTATUS cmd_context(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - NTSTATUS status; - char **plugins; - int i; - - plugins = malloc(argc * sizeof(char *)); - - for(i = 1; i < argc; i++) - plugins[i-1] = argv[i]; - - plugins[argc-1] = NULL; - - if(!NT_STATUS_IS_OK(status = make_sam_context_list(&st->context, plugins))) { - printf("make_sam_context_list failed: %s\n", nt_errstr(status)); - SAFE_FREE(plugins); - return status; - } - - SAFE_FREE(plugins); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_load_module(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - char *plugin_arg[2]; - NTSTATUS status; - if (argc != 2 && argc != 3) { - printf("Usage: load <module path> [domain-name]\n"); - return NT_STATUS_OK; - } - - if (argc == 3) - asprintf(&plugin_arg[0], "plugin:%s|%s", argv[1], argv[2]); - else - asprintf(&plugin_arg[0], "plugin:%s", argv[1]); - - plugin_arg[1] = NULL; - - if(!NT_STATUS_IS_OK(status = make_sam_context_list(&st->context, plugin_arg))) { - free(plugin_arg[0]); - return status; - } - - free(plugin_arg[0]); - - printf("load: ok\n"); - return NT_STATUS_OK; -} - -static NTSTATUS cmd_get_sec_desc(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_set_sec_desc(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_lookup_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - char *name; - uint32 type; - NTSTATUS status; - DOM_SID sid; - if (argc != 2) { - printf("Usage: lookup_sid <sid>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!string_to_sid(&sid, argv[1])){ - printf("Unparseable SID specified!\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_lookup_sid(st->context, st->token, mem_ctx, &sid, &name, &type))) { - printf("sam_lookup_sid failed!\n"); - return status; - } - - printf("Name: %s\n", name); - printf("Type: %d\n", type); /* FIXME: What kind of an integer is type ? */ - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_lookup_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - DOM_SID sid; - uint32 type; - NTSTATUS status; - if (argc != 3) { - printf("Usage: lookup_name <domain> <name>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_lookup_name(st->context, st->token, argv[1], argv[2], &sid, &type))) { - printf("sam_lookup_name failed!\n"); - return status; - } - - printf("SID: %s\n", sid_string_static(&sid)); - printf("Type: %d\n", type); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_lookup_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_lookup_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_lookup_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - DOM_SID *sid; - NTSTATUS status; - if (argc != 2) { - printf("Usage: lookup_domain <domain>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_lookup_domain(st->context, st->token, argv[1], &sid))) { - printf("sam_lookup_name failed!\n"); - return status; - } - - printf("SID: %s\n", sid_string_static(sid)); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_enum_domains(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - int32 domain_count, i; - DOM_SID *domain_sids; - char **domain_names; - NTSTATUS status; - - if (!NT_STATUS_IS_OK(status = sam_enum_domains(st->context, st->token, &domain_count, &domain_sids, &domain_names))) { - printf("sam_enum_domains failed!\n"); - return status; - } - - if (domain_count == 0) { - printf("No domains found!\n"); - return NT_STATUS_OK; - } - - for (i = 0; i < domain_count; i++) { - printf("%s %s\n", domain_names[i], sid_string_static(&domain_sids[i])); - } - - SAFE_FREE(domain_sids); - SAFE_FREE(domain_names); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_update_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_show_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - NTSTATUS status; - DOM_SID sid; - SAM_DOMAIN_HANDLE *domain; - uint32 tmp_uint32; - uint16 tmp_uint16; - NTTIME tmp_nttime; - BOOL tmp_bool; - const char *tmp_string; - - if (argc != 2) { - printf("Usage: show_domain <sid>\n"); - return status; - } - - if (!string_to_sid(&sid, argv[1])){ - printf("Unparseable SID specified!\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_by_sid(st->context, st->token, GENERIC_RIGHTS_DOMAIN_ALL_ACCESS, &sid, &domain))) { - printf("sam_get_domain_by_sid failed\n"); - return status; - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_num_accounts(domain, &tmp_uint32))) { - printf("sam_get_domain_num_accounts failed: %s\n", nt_errstr(status)); - } else { - printf("Number of accounts: %d\n", tmp_uint32); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_num_groups(domain, &tmp_uint32))) { - printf("sam_get_domain_num_groups failed: %s\n", nt_errstr(status)); - } else { - printf("Number of groups: %u\n", tmp_uint32); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_num_aliases(domain, &tmp_uint32))) { - printf("sam_get_domain_num_aliases failed: %s\n", nt_errstr(status)); - } else { - printf("Number of aliases: %u\n", tmp_uint32); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_name(domain, &tmp_string))) { - printf("sam_get_domain_name failed: %s\n", nt_errstr(status)); - } else { - printf("Domain Name: %s\n", tmp_string); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_lockout_count(domain, &tmp_uint16))) { - printf("sam_get_domain_lockout_count failed: %s\n", nt_errstr(status)); - } else { - printf("Lockout Count: %u\n", tmp_uint16); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_force_logoff(domain, &tmp_bool))) { - printf("sam_get_domain_force_logoff failed: %s\n", nt_errstr(status)); - } else { - printf("Force Logoff: %s\n", (tmp_bool?"Yes":"No")); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_lockout_duration(domain, &tmp_nttime))) { - printf("sam_get_domain_lockout_duration failed: %s\n", nt_errstr(status)); - } else { - printf("Lockout duration: %u\n", tmp_nttime.low); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_login_pwdchange(domain, &tmp_bool))) { - printf("sam_get_domain_login_pwdchange failed: %s\n", nt_errstr(status)); - } else { - printf("Password changing allowed: %s\n", (tmp_bool?"Yes":"No")); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_max_pwdage(domain, &tmp_nttime))) { - printf("sam_get_domain_max_pwdage failed: %s\n", nt_errstr(status)); - } else { - printf("Maximum password age: %u\n", tmp_nttime.low); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_min_pwdage(domain, &tmp_nttime))) { - printf("sam_get_domain_min_pwdage failed: %s\n", nt_errstr(status)); - } else { - printf("Minimal password age: %u\n", tmp_nttime.low); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_min_pwdlength(domain, &tmp_uint16))) { - printf("sam_get_domain_min_pwdlength: %s\n", nt_errstr(status)); - } else { - printf("Minimal Password Length: %u\n", tmp_uint16); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_pwd_history(domain, &tmp_uint16))) { - printf("sam_get_domain_pwd_history failed: %s\n", nt_errstr(status)); - } else { - printf("Password history: %u\n", tmp_uint16); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_reset_count(domain, &tmp_nttime))) { - printf("sam_get_domain_reset_count failed: %s\n", nt_errstr(status)); - } else { - printf("Reset count: %u\n", tmp_nttime.low); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_server(domain, &tmp_string))) { - printf("sam_get_domain_server failed: %s\n", nt_errstr(status)); - } else { - printf("Server: %s\n", tmp_string); - } - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_create_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_update_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_delete_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_enum_accounts(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - NTSTATUS status; - DOM_SID sid; - int32 account_count, i; - SAM_ACCOUNT_ENUM *accounts; - - if (argc != 2) { - printf("Usage: enum_accounts <domain-sid>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!string_to_sid(&sid, argv[1])){ - printf("Unparseable SID specified!\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_enum_accounts(st->context, st->token, &sid, 0, &account_count, &accounts))) { - printf("sam_enum_accounts failed: %s\n", nt_errstr(status)); - return status; - } - - if (account_count == 0) { - printf("No accounts found!\n"); - return NT_STATUS_OK; - } - - for (i = 0; i < account_count; i++) - printf("SID: %s\nName: %s\nFullname: %s\nDescription: %s\nACB_BITS: %08X\n\n", - sid_string_static(&accounts[i].sid), accounts[i].account_name, - accounts[i].full_name, accounts[i].account_desc, - accounts[i].acct_ctrl); - - SAFE_FREE(accounts); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_lookup_account_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - NTSTATUS status; - DOM_SID sid; - SAM_ACCOUNT_HANDLE *account; - - if (argc != 2) { - printf("Usage: lookup_account_sid <account-sid>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!string_to_sid(&sid, argv[1])){ - printf("Unparseable SID specified!\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_get_account_by_sid(st->context, st->token, GENERIC_RIGHTS_USER_ALL_ACCESS, &sid, &account))) { - printf("context_sam_get_account_by_sid failed: %s\n", nt_errstr(status)); - return status; - } - - print_account(account); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_lookup_account_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - NTSTATUS status; - SAM_ACCOUNT_HANDLE *account; - - if (argc != 3) { - printf("Usage: lookup_account_name <domain-name> <account-name>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - - if (!NT_STATUS_IS_OK(status = sam_get_account_by_name(st->context, st->token, GENERIC_RIGHTS_USER_ALL_ACCESS, argv[1], argv[2], &account))) { - printf("context_sam_get_account_by_sid failed: %s\n", nt_errstr(status)); - return status; - } - - print_account(account); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_create_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_update_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_delete_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_enum_groups(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_lookup_group_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_lookup_group_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_group_add_member(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_group_del_member(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS cmd_group_enum(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS cmd_get_sid_groups(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -struct cmd_set sam_general_commands[] = { - - { "General SAM Commands" }, - - { "load", cmd_load_module, "Load a module", "load <module.so> [domain-sid]" }, - { "context", cmd_context, "Load specified context", "context [DOMAIN|]backend1[:options] [DOMAIN|]backend2[:options]" }, - { "get_sec_desc", cmd_get_sec_desc, "Get security descriptor info", "get_sec_desc <access-token> <sid>" }, - { "set_sec_desc", cmd_set_sec_desc, "Set security descriptor info", "set_sec_desc <access-token> <sid>" }, - { "lookup_sid", cmd_lookup_sid, "Lookup type of specified SID", "lookup_sid <sid>" }, - { "lookup_name", cmd_lookup_name, "Lookup type of specified name", "lookup_name <sid>" }, - { NULL } -}; - -struct cmd_set sam_domain_commands[] = { - { "Domain Commands" }, - { "update_domain", cmd_update_domain, "Update domain information", "update_domain [domain-options] domain-name | domain-sid" }, - { "show_domain", cmd_show_domain, "Show domain information", "show_domain domain-sid | domain-name" }, - { "enum_domains", cmd_enum_domains, "Enumerate all domains", "enum_domains <token> <acct-ctrl>" }, - { "lookup_domain", cmd_lookup_domain, "Lookup a domain by name", "lookup_domain domain-name" }, - { NULL } -}; - -struct cmd_set sam_account_commands[] = { - { "Account Commands" }, - { "create_account", cmd_create_account, "Create a new account with specified properties", "create_account [account-options]" }, - { "update_account", cmd_update_account, "Update an existing account", "update_account [account-options] account-sid | account-name" }, - { "delete_account", cmd_delete_account, "Delete an account", "delete_account account-sid | account-name" }, - { "enum_accounts", cmd_enum_accounts, "Enumerate all accounts", "enum_accounts <token> <acct-ctrl>" }, - { "lookup_account", cmd_lookup_account, "Lookup an account by either sid or name", "lookup_account account-sid | account-name" }, - { "lookup_account_sid", cmd_lookup_account_sid, "Lookup an account by sid", "lookup_account_sid account-sid" }, - { "lookup_account_name", cmd_lookup_account_name, "Lookup an account by name", "lookup_account_name account-name" }, - { NULL } -}; - -struct cmd_set sam_group_commands[] = { - { "Group Commands" }, - { "create_group", cmd_create_group, "Create a new group", "create_group [group-opts]" }, - { "update_group", cmd_update_group, "Update an existing group", "update_group [group-opts] group-name | group-sid" }, - { "delete_group", cmd_delete_group, "Delete an existing group", "delete_group group-name | group-sid" }, - { "enum_groups", cmd_enum_groups, "Enumerate all groups", "enum_groups <token> <group-ctrl>" }, - { "lookup_group", cmd_lookup_group, "Lookup a group by SID or name", "lookup_group group-sid | group-name" }, - { "lookup_group_sid", cmd_lookup_group_sid, "Lookup a group by SID", "lookup_group_sid <sid>" }, - { "lookup_group_name", cmd_lookup_group_name, "Lookup a group by name", "lookup_group_name <name>" }, - { "group_add_member", cmd_group_add_member, "Add group member to group", "group_add_member <group-name | group-sid> <member-name | member-sid>" }, - { "group_del_member", cmd_group_del_member, "Delete group member from group", "group_del_member <group-name | group-sid> <member-name | member-sid>" }, - { "group_enum", cmd_group_enum, "Enumerate all members of specified group", "group_enum group-sid | group-name" }, - - { "get_sid_groups", cmd_get_sid_groups, "Get a list of groups specified sid is a member of", "group_enum <group-sid | group-name>" }, - { NULL } -}; diff --git a/source3/torture/samtest.c b/source3/torture/samtest.c deleted file mode 100644 index d3268d8b5b..0000000000 --- a/source3/torture/samtest.c +++ /dev/null @@ -1,450 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM module tester - - Copyright (C) 2002 Jelmer Vernooij - - Parts of the code stolen from vfstest by Simo Sorce and Eric Lorimer - Parts of the code stolen from rpcclient by Tim Potter - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "samtest.h" - -struct func_entry { - char *name; - int (*fn)(struct connection_struct *conn, const char *path); -}; - -/* List to hold groups of commands */ -static struct cmd_list { - struct cmd_list *prev, *next; - struct cmd_set *cmd_set; -} *cmd_list; - -static char* next_command (char** cmdstr) -{ - static pstring command; - char *p; - - if (!cmdstr || !(*cmdstr)) - return NULL; - - p = strchr_m(*cmdstr, ';'); - if (p) - *p = '\0'; - pstrcpy(command, *cmdstr); - *cmdstr = p; - - return command; -} - -/* Load specified configuration file */ -static NTSTATUS cmd_conf(struct samtest_state *sam, TALLOC_CTX *mem_ctx, - int argc, char **argv) -{ - if (argc != 2) { - printf("Usage: %s <smb.conf>\n", argv[0]); - return NT_STATUS_OK; - } - - if (!lp_load(argv[1], False, True, False)) { - printf("Error loading \"%s\"\n", argv[1]); - return NT_STATUS_OK; - } - - printf("\"%s\" successfully loaded\n", argv[1]); - return NT_STATUS_OK; -} - -/* Display help on commands */ -static NTSTATUS cmd_help(struct samtest_state *st, TALLOC_CTX *mem_ctx, - int argc, char **argv) -{ - struct cmd_list *tmp; - struct cmd_set *tmp_set; - - /* Usage */ - if (argc > 2) { - printf("Usage: %s [command]\n", argv[0]); - return NT_STATUS_OK; - } - - /* Help on one command */ - - if (argc == 2) { - for (tmp = cmd_list; tmp; tmp = tmp->next) { - - tmp_set = tmp->cmd_set; - - while(tmp_set->name) { - if (strequal(argv[1], tmp_set->name)) { - if (tmp_set->usage && - tmp_set->usage[0]) - printf("%s\n", tmp_set->usage); - else - printf("No help for %s\n", tmp_set->name); - - return NT_STATUS_OK; - } - - tmp_set++; - } - } - - printf("No such command: %s\n", argv[1]); - return NT_STATUS_OK; - } - - /* List all commands */ - - for (tmp = cmd_list; tmp; tmp = tmp->next) { - - tmp_set = tmp->cmd_set; - - while(tmp_set->name) { - - printf("%20s\t%s\n", tmp_set->name, - tmp_set->description ? tmp_set->description: - ""); - - tmp_set++; - } - } - - return NT_STATUS_OK; -} - -/* Change the debug level */ -static NTSTATUS cmd_debuglevel(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - if (argc > 2) { - printf("Usage: %s [debuglevel]\n", argv[0]); - return NT_STATUS_OK; - } - - if (argc == 2) { - DEBUGLEVEL = atoi(argv[1]); - } - - printf("debuglevel is %d\n", DEBUGLEVEL); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_quit(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - /* Cleanup */ - talloc_destroy(mem_ctx); - - exit(0); - return NT_STATUS_OK; /* NOTREACHED */ -} - -static struct cmd_set samtest_commands[] = { - - { "GENERAL OPTIONS" }, - - { "help", cmd_help, "Get help on commands", "" }, - { "?", cmd_help, "Get help on commands", "" }, - { "conf", cmd_conf, "Load smb configuration file", "conf <smb.conf>" }, - { "debuglevel", cmd_debuglevel, "Set debug level", "" }, - { "exit", cmd_quit, "Exit program", "" }, - { "quit", cmd_quit, "Exit program", "" }, - - { NULL } -}; - -static struct cmd_set separator_command[] = { - { "---------------", NULL, "----------------------" }, - { NULL } -}; - - -/*extern struct cmd_set sam_commands[];*/ -extern struct cmd_set sam_general_commands[]; -extern struct cmd_set sam_domain_commands[]; -extern struct cmd_set sam_account_commands[]; -extern struct cmd_set sam_group_commands[]; -static struct cmd_set *samtest_command_list[] = { - samtest_commands, - sam_general_commands, - sam_domain_commands, - sam_account_commands, - sam_group_commands, - NULL -}; - -static void add_command_set(struct cmd_set *cmd_set) -{ - struct cmd_list *entry; - - if (!(entry = (struct cmd_list *)malloc(sizeof(struct cmd_list)))) { - DEBUG(0, ("out of memory\n")); - return; - } - - ZERO_STRUCTP(entry); - - entry->cmd_set = cmd_set; - DLIST_ADD(cmd_list, entry); -} - -static NTSTATUS do_cmd(struct samtest_state *st, struct cmd_set *cmd_entry, char *cmd) -{ - char *p = cmd, **argv = NULL; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - TALLOC_CTX *mem_ctx = NULL; - pstring buf; - int argc = 0, i; - - /* Count number of arguments first time through the loop then - allocate memory and strdup them. */ - - again: - while(next_token(&p, buf, " ", sizeof(buf))) { - if (argv) { - argv[argc] = strdup(buf); - } - - argc++; - } - - if (!argv) { - - /* Create argument list */ - - argv = (char **)malloc(sizeof(char *) * argc); - memset(argv, 0, sizeof(char *) * argc); - - if (!argv) { - fprintf(stderr, "out of memory\n"); - result = NT_STATUS_NO_MEMORY; - goto done; - } - - p = cmd; - argc = 0; - - goto again; - } - - /* Call the function */ - - if (cmd_entry->fn) { - - if (mem_ctx == NULL) { - /* Create mem_ctx */ - if (!(mem_ctx = talloc_init())) { - DEBUG(0, ("talloc_init() failed\n")); - goto done; - } - } - - /* Run command */ - result = cmd_entry->fn(st, mem_ctx, argc, argv); - - } else { - fprintf (stderr, "Invalid command\n"); - goto done; - } - - done: - - /* Cleanup */ - - if (argv) { - for (i = 0; i < argc; i++) - SAFE_FREE(argv[i]); - - SAFE_FREE(argv); - } - - return result; -} - -/* Process a command entered at the prompt or as part of -c */ -static NTSTATUS process_cmd(struct samtest_state *st, char *cmd) -{ - struct cmd_list *temp_list; - BOOL found = False; - pstring buf; - char *p = cmd; - NTSTATUS result = NT_STATUS_OK; - int len = 0; - - if (cmd[strlen(cmd) - 1] == '\n') - cmd[strlen(cmd) - 1] = '\0'; - - if (!next_token(&p, buf, " ", sizeof(buf))) { - return NT_STATUS_OK; - } - - /* strip the trainly \n if it exsists */ - len = strlen(buf); - if (buf[len-1] == '\n') - buf[len-1] = '\0'; - - /* Search for matching commands */ - - for (temp_list = cmd_list; temp_list; temp_list = temp_list->next) { - struct cmd_set *temp_set = temp_list->cmd_set; - - while(temp_set->name) { - if (strequal(buf, temp_set->name)) { - found = True; - result = do_cmd(st, temp_set, cmd); - - goto done; - } - temp_set++; - } - } - - done: - if (!found && buf[0]) { - printf("command not found: %s\n", buf); - return NT_STATUS_OK; - } - - if (!NT_STATUS_IS_OK(result)) { - printf("result was %s\n", nt_errstr(result)); - } - - return result; -} - -void exit_server(char *reason) -{ - DEBUG(3,("Server exit (%s)\n", (reason ? reason : ""))); - exit(0); -} - -static int server_fd = -1; -int last_message = -1; - -int smbd_server_fd(void) -{ - return server_fd; -} - -BOOL reload_services(BOOL test) -{ - return True; -} - -/* Main function */ - -int main(int argc, char *argv[]) -{ - BOOL interactive = True; - int opt; - static char *cmdstr = ""; - static char *opt_logfile=NULL; - static char *config_file = dyn_CONFIGFILE; - pstring logfile; - struct cmd_set **cmd_set; - struct samtest_state st; - - /* make sure the vars that get altered (4th field) are in - a fixed location or certain compilers complain */ - poptContext pc; - struct poptOption long_options[] = { - POPT_AUTOHELP - { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_debug }, - {"command", 'e', POPT_ARG_STRING, &cmdstr, 'e', "Execute semicolon seperated cmds"}, - {"logfile", 'l', POPT_ARG_STRING, &opt_logfile, 'l', "Logfile to use instead of stdout"}, - {"configfile", 'c', POPT_ARG_STRING, &config_file, 0,"use different configuration file",NULL}, - { 0, 0, 0, 0} - }; - - ZERO_STRUCT(st); - - st.token = get_system_token(); - - setlinebuf(stdout); - - DEBUGLEVEL = 1; - - pc = poptGetContext("samtest", argc, (const char **) argv, - long_options, 0); - - while((opt = poptGetNextOpt(pc)) != -1) { - switch (opt) { - case 'l': - slprintf(logfile, sizeof(logfile) - 1, "%s.client", - opt_logfile); - lp_set_logfile(logfile); - interactive = False; - break; - } - } - - if (!lp_load(config_file,True,False,False)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", config_file); - exit(1); - } - - poptFreeContext(pc); - - /* the following functions are part of the Samba debugging - facilities. See lib/debug.c */ - setup_logging("samtest", interactive); - if (!interactive) - reopen_logs(); - - /* Load command lists */ - - cmd_set = samtest_command_list; - - while(*cmd_set) { - add_command_set(*cmd_set); - add_command_set(separator_command); - cmd_set++; - } - - /* Do anything specified with -c */ - if (cmdstr[0]) { - char *cmd; - char *p = cmdstr; - - while((cmd=next_command(&p)) != NULL) { - process_cmd(&st, cmd); - } - - return 0; - } - - /* Loop around accepting commands */ - - while(1) { - pstring prompt; - char *line; - - slprintf(prompt, sizeof(prompt) - 1, "samtest $> "); - - line = smb_readline(prompt, NULL, NULL); - - if (line == NULL) - break; - - if (line[0] != '\n') - process_cmd(&st, line); - } - - return 0; -} diff --git a/source3/utils/net.c b/source3/utils/net.c index 607e47cf71..27713d863f 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -389,84 +389,6 @@ static int net_getdomainsid(int argc, const char **argv) return 0; } -static uint32 get_maxrid(void) -{ - SAM_ACCOUNT *pwd = NULL; - uint32 max_rid = 0; - GROUP_MAP *map = NULL; - int num_entries = 0; - int i; - - if (!pdb_setsampwent(False)) { - DEBUG(0, ("load_sampwd_entries: Unable to open passdb.\n")); - return 0; - } - - for (; (NT_STATUS_IS_OK(pdb_init_sam(&pwd))) - && pdb_getsampwent(pwd) == True; pwd=NULL) { - uint32 rid; - - if (!sid_peek_rid(pdb_get_user_sid(pwd), &rid)) { - DEBUG(0, ("can't get RID for user '%s'\n", - pdb_get_username(pwd))); - pdb_free_sam(&pwd); - continue; - } - - if (rid > max_rid) - max_rid = rid; - - DEBUG(1,("%d is user '%s'\n", rid, pdb_get_username(pwd))); - pdb_free_sam(&pwd); - } - - pdb_endsampwent(); - pdb_free_sam(&pwd); - - if (!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &num_entries, - ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV)) - return max_rid; - - for (i = 0; i < num_entries; i++) { - uint32 rid; - - if (!sid_peek_check_rid(get_global_sam_sid(), &map[i].sid, - &rid)) { - DEBUG(3, ("skipping map for group '%s', SID %s\n", - map[i].nt_name, - sid_string_static(&map[i].sid))); - continue; - } - DEBUG(1,("%d is group '%s'\n", rid, map[i].nt_name)); - - if (rid > max_rid) - max_rid = rid; - } - - SAFE_FREE(map); - - return max_rid; -} - -static int net_maxrid(int argc, const char **argv) -{ - uint32 rid; - - if (argc != 0) { - DEBUG(0, ("usage: net initrid\n")); - return 1; - } - - if ((rid = get_maxrid()) == 0) { - DEBUG(0, ("can't get current maximum rid\n")); - return 1; - } - - d_printf("Currently used maximum rid: %d\n", rid); - - return 0; -} - /* main function table */ static struct functable net_func[] = { {"RPC", net_rpc}, @@ -494,7 +416,6 @@ static struct functable net_func[] = { {"GETLOCALSID", net_getlocalsid}, {"SETLOCALSID", net_setlocalsid}, {"GETDOMAINSID", net_getdomainsid}, - {"MAXRID", net_maxrid}, {"HELP", net_help}, {NULL, NULL} diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c deleted file mode 100644 index c7356a7323..0000000000 --- a/source3/utils/profiles.c +++ /dev/null @@ -1,729 +0,0 @@ -/* - Samba Unix/Linux SMB client utility profiles.c - Copyright (C) 2002 Richard Sharpe, rsharpe@richardsharpe.com - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -/************************************************************************* - - A utility to report and change SIDs in registry files - - Many of the ideas in here come from other people and software. - I first looked in Wine in misc/registry.c and was also influenced by - http://www.wednesday.demon.co.uk/dosreg.html - - Which seems to contain comments from someone else. I reproduce them here - incase the site above disappears. It actually comes from - http://home.eunet.no/~pnordahl/ntpasswd/WinReg.txt. - -The windows NT registry has 2 different blocks, where one can occure many -times... - -the "regf"-Block -================ - -"regf" is obviosly the abbreviation for "Registry file". "regf" is the -signature of the header-block which is always 4kb in size, although only -the first 64 bytes seem to be used and a checksum is calculated over -the first 0x200 bytes only! - -Offset Size Contents -0x00000000 D-Word ID: ASCII-"regf" = 0x66676572 -0x00000004 D-Word ???? //see struct REGF -0x00000008 D-Word ???? Always the same value as at 0x00000004 -0x0000000C Q-Word last modify date in WinNT date-format -0x00000014 D-Word 1 -0x00000018 D-Word 3 -0x0000001C D-Word 0 -0x00000020 D-Word 1 -0x00000024 D-Word Offset of 1st key record -0x00000028 D-Word Size of the data-blocks (Filesize-4kb) -0x0000002C D-Word 1 -0x000001FC D-Word Sum of all D-Words from 0x00000000 to -0x000001FB //XOR of all words. Nigel - -I have analyzed more registry files (from multiple machines running -NT 4.0 german version) and could not find an explanation for the values -marked with ???? the rest of the first 4kb page is not important... - -the "hbin"-Block -================ -I don't know what "hbin" stands for, but this block is always a multiple -of 4kb in size. - -Inside these hbin-blocks the different records are placed. The memory- -management looks like a C-compiler heap management to me... - -hbin-Header -=========== -Offset Size Contents -0x0000 D-Word ID: ASCII-"hbin" = 0x6E696268 -0x0004 D-Word Offset from the 1st hbin-Block -0x0008 D-Word Offset to the next hbin-Block -0x001C D-Word Block-size - -The values in 0x0008 and 0x001C should be the same, so I don't know -if they are correct or swapped... - -From offset 0x0020 inside a hbin-block data is stored with the following -format: - -Offset Size Contents -0x0000 D-Word Data-block size //this size must be a -multiple of 8. Nigel -0x0004 ???? Data - -If the size field is negative (bit 31 set), the corresponding block -is free and has a size of -blocksize! - -The data is stored as one record per block. Block size is a multiple -of 4 and the last block reaches the next hbin-block, leaving no room. - -Records in the hbin-blocks -========================== - -nk-Record - - The nk-record can be treated as a kombination of tree-record and - key-record of the win 95 registry. - -lf-Record - - The lf-record is the counterpart to the RGKN-record (the - hash-function) - -vk-Record - - The vk-record consists information to a single value. - -sk-Record - - sk (? Security Key ?) is the ACL of the registry. - -Value-Lists - - The value-lists contain information about which values are inside a - sub-key and don't have a header. - -Datas - - The datas of the registry are (like the value-list) stored without a - header. - -All offset-values are relative to the first hbin-block and point to the -block-size field of the record-entry. to get the file offset, you have to add -the header size (4kb) and the size field (4 bytes)... - -the nk-Record -============= -Offset Size Contents -0x0000 Word ID: ASCII-"nk" = 0x6B6E -0x0002 Word for the root-key: 0x2C, otherwise 0x20 //key symbolic links 0x10. Nigel -0x0004 Q-Word write-date/time in windows nt notation -0x0010 D-Word Offset of Owner/Parent key -0x0014 D-Word number of sub-Keys -0x001C D-Word Offset of the sub-key lf-Records -0x0024 D-Word number of values -0x0028 D-Word Offset of the Value-List -0x002C D-Word Offset of the sk-Record - -0x0030 D-Word Offset of the Class-Name //see NK structure for the use of these fields. Nigel -0x0044 D-Word Unused (data-trash) //some kind of run time index. Does not appear to be important. Nigel -0x0048 Word name-length -0x004A Word class-name length -0x004C ???? key-name - -the Value-List -============== -Offset Size Contents -0x0000 D-Word Offset 1st Value -0x0004 D-Word Offset 2nd Value -0x???? D-Word Offset nth Value - -To determine the number of values, you have to look at the owner-nk-record! - -Der vk-Record -============= -Offset Size Contents -0x0000 Word ID: ASCII-"vk" = 0x6B76 -0x0002 Word name length -0x0004 D-Word length of the data //if top bit is set when offset contains data. Nigel -0x0008 D-Word Offset of Data -0x000C D-Word Type of value -0x0010 Word Flag -0x0012 Word Unused (data-trash) -0x0014 ???? Name - -If bit 0 of the flag-word is set, a name is present, otherwise the value has no name (=default) - -If the data-size is lower 5, the data-offset value is used to store the data itself! - -The data-types -============== -Wert Beteutung -0x0001 RegSZ: character string (in UNICODE!) -0x0002 ExpandSZ: string with "%var%" expanding (UNICODE!) -0x0003 RegBin: raw-binary value -0x0004 RegDWord: Dword -0x0007 RegMultiSZ: multiple strings, seperated with 0 - (UNICODE!) - -The "lf"-record -=============== -Offset Size Contents -0x0000 Word ID: ASCII-"lf" = 0x666C -0x0002 Word number of keys -0x0004 ???? Hash-Records - -Hash-Record -=========== -Offset Size Contents -0x0000 D-Word Offset of corresponding "nk"-Record -0x0004 D-Word ASCII: the first 4 characters of the key-name, padded with 0's. Case sensitiv! - -Keep in mind, that the value at 0x0004 is used for checking the data-consistency! If you change the -key-name you have to change the hash-value too! - -//These hashrecords must be sorted low to high within the lf record. Nigel. - -The "sk"-block -============== -(due to the complexity of the SAM-info, not clear jet) - -Offset Size Contents -0x0000 Word ID: ASCII-"sk" = 0x6B73 -0x0002 Word Unused -0x0004 D-Word Offset of previous "sk"-Record -0x0008 D-Word Offset of next "sk"-Record -0x000C D-Word usage-counter -0x0010 D-Word Size of "sk"-record in bytes -???? //standard self -relative security desciptor. Nigel -???? ???? Security and auditing settings... -???? - -The usage counter counts the number of references to this -"sk"-record. You can use one "sk"-record for the entire registry! - -Windows nt date/time format -=========================== -The time-format is a 64-bit integer which is incremented every -0,0000001 seconds by 1 (I don't know how accurate it realy is!) -It starts with 0 at the 1st of january 1601 0:00! All values are -stored in GMT time! The time-zone is important to get the real -time! - -Common values for win95 and win-nt -================================== -Offset values marking an "end of list", are either 0 or -1 (0xFFFFFFFF). -If a value has no name (length=0, flag(bit 0)=0), it is treated as the -"Default" entry... -If a value has no data (length=0), it is displayed as empty. - -simplyfied win-3.?? registry: -============================= - -+-----------+ -| next rec. |---+ +----->+------------+ -| first sub | | | | Usage cnt. | -| name | | +-->+------------+ | | length | -| value | | | | next rec. | | | text |------->+-------+ -+-----------+ | | | name rec. |--+ +------------+ | xxxxx | - +------------+ | | value rec. |-------->+------------+ +-------+ - v | +------------+ | Usage cnt. | -+-----------+ | | length | -| next rec. | | | text |------->+-------+ -| first sub |------+ +------------+ | xxxxx | -| name | +-------+ -| value | -+-----------+ - -Greatly simplyfied structure of the nt-registry: -================================================ - -+---------------------------------------------------------------+ -| | -v | -+---------+ +---------->+-----------+ +----->+---------+ | -| "nk" | | | lf-rec. | | | nk-rec. | | -| ID | | | # of keys | | | parent |---+ -| Date | | | 1st key |--+ | .... | -| parent | | +-----------+ +---------+ -| suk-keys|-----+ -| values |--------------------->+----------+ -| SK-rec. |---------------+ | 1. value |--> +----------+ -| class |--+ | +----------+ | vk-rec. | -+---------+ | | | .... | - v | | data |--> +-------+ - +------------+ | +----------+ | xxxxx | - | Class name | | +-------+ - +------------+ | - v - +---------+ +---------+ - +----->| next sk |--->| Next sk |--+ - | +---| prev sk |<---| prev sk | | - | | | .... | | ... | | - | | +---------+ +---------+ | - | | ^ | | - | +----------+ | - +-------------------------------+ - ---------------------------------------------------------------------------- - -Hope this helps.... (Although it was "fun" for me to uncover this things, - it took me several sleepless nights ;) - - B.D. - -*************************************************************************/ -#include "includes.h" -#include <stdio.h> -#include <errno.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <unistd.h> -#include <sys/mman.h> - -typedef unsigned int DWORD; -typedef unsigned short WORD; - -#define REG_REGF_ID 0x66676572 - -typedef struct regf_block { - DWORD REGF_ID; /* regf */ - DWORD uk1; - DWORD uk2; - DWORD tim1, tim2; - DWORD uk3; /* 1 */ - DWORD uk4; /* 3 */ - DWORD uk5; /* 0 */ - DWORD uk6; /* 1 */ - DWORD first_key; /* offset */ - unsigned int dblk_size; - DWORD uk7[116]; /* 1 */ - DWORD chksum; -} REGF_HDR; - -typedef struct hbin_sub_struct { - DWORD dblocksize; - char data[1]; -} HBIN_SUB_HDR; - -#define REG_HBIN_ID 0x6E696268 - -typedef struct hbin_struct { - DWORD HBIN_ID; /* hbin */ - DWORD next_off; - DWORD prev_off; - DWORD uk1; - DWORD uk2; - DWORD uk3; - DWORD uk4; - DWORD blk_size; - HBIN_SUB_HDR hbin_sub_hdr; -} HBIN_HDR; - -#define REG_NK_ID 0x6B6E - -typedef struct nk_struct { - WORD NK_ID; - WORD type; - DWORD t1, t2; - DWORD uk1; - DWORD own_off; - DWORD subk_num; - DWORD uk2; - DWORD lf_off; - DWORD uk3; - DWORD val_cnt; - DWORD val_off; - DWORD sk_off; - DWORD clsnam_off; -} NK_HDR; - -#define REG_SK_ID 0x6B73 - -typedef struct sk_struct { - WORD SK_ID; - WORD uk1; - DWORD prev_off; - DWORD next_off; - DWORD ref_cnt; - DWORD rec_size; - char sec_desc[1]; -} SK_HDR; - -typedef struct sec_desc_rec { - WORD rev; - WORD type; - DWORD owner_off; - DWORD group_off; - DWORD sacl_off; - DWORD dacl_off; -} MY_SEC_DESC; - -typedef struct ace_struct { - unsigned char type; - unsigned char flags; - unsigned short length; - unsigned int perms; - DOM_SID trustee; -} ACE; - -typedef struct acl_struct { - WORD rev; - WORD size; - DWORD num_aces; - ACE *aces; /* One or more ACEs */ -} ACL; - -#define OFF(f) (0x1000 + (f) + 4) - -void print_sid(DOM_SID *sid); - -int verbose = 1; -DOM_SID old_sid, new_sid; -int change = 0, new = 0; - -/* Compare two SIDs for equality */ -int my_sid_equal(DOM_SID *s1, DOM_SID *s2) -{ - int sa1, sa2; - - if (s1->sid_rev_num != s2->sid_rev_num) return 0; - - sa1 = s1->num_auths; sa2 = s2->num_auths; - - if (sa1 != sa2) return 0; - - return !bcmp((char *)&s1->id_auth, (char *)&s2->id_auth, - 6 + sa1 * 4); - -} - -/* - * Quick and dirty to read a SID in S-1-5-21-x-y-z-rid format and - * construct a DOM_SID - */ -int get_sid(DOM_SID *sid, char *sid_str) -{ - int i = 0, auth; - char *lstr; - - if (strncmp(sid_str, "S-1-5", 5)) { - fprintf(stderr, "Does not conform to S-1-5...: %s\n", sid_str); - return 0; - } - - /* We only allow strings of form S-1-5... */ - - sid->sid_rev_num = 1; - sid->id_auth[5] = 5; - - lstr = sid_str + 5; - - while (1) { - if (!lstr || !lstr[0] || sscanf(lstr, "-%u", &auth) == 0) { - if (i < 4) { - fprintf(stderr, "Not of form -d-d...: %s, %u\n", lstr, i); - return 0; - } - sid->num_auths=i; - print_sid(sid); - return 1; - } - - SIVAL(&sid->sub_auths[i], 0, auth); - i++; - lstr = strchr(lstr + 1, '-'); - } - - return 1; -} - -/* - * Replace SID1, component by component with SID2 - * Assumes will never be called with unequal length SIDS - * so only touches 21-x-y-z-rid portion - * This routine does not need to deal with endianism as - * long as the incoming SIDs are both in the same (LE) format. - */ -void change_sid(DOM_SID *s1, DOM_SID *s2) -{ - int i; - - for (i=0; i<s1->num_auths; i++) { - s1->sub_auths[i] = s2->sub_auths[i]; - } -} - -void print_sid(DOM_SID *sid) -{ - int i, comps = sid->num_auths; - fprintf(stdout, "S-%u-%u", sid->sid_rev_num, sid->id_auth[5]); - - for (i = 0; i < comps; i++) { - - fprintf(stdout, "-%u", IVAL(&sid->sub_auths[i],0)); - - } - fprintf(stdout, "\n"); -} - -void process_sid(DOM_SID *sid, DOM_SID *o_sid, DOM_SID *n_sid) -{ - int i; - if (my_sid_equal(sid, o_sid)) { - - for (i=0; i<sid->num_auths; i++) { - sid->sub_auths[i] = n_sid->sub_auths[i]; - - } - - } - -} - -void process_acl(ACL *acl, char *prefix) -{ - int ace_cnt, i; - ACE *ace; - - ace_cnt = IVAL(&acl->num_aces, 0); - ace = (ACE *)&acl->aces; - if (verbose) fprintf(stdout, "%sACEs: %u\n", prefix, ace_cnt); - for (i=0; i<ace_cnt; i++) { - if (verbose) fprintf(stdout, "%s Perms: %08X, SID: ", prefix, - IVAL(&ace->perms, 0)); - if (change) - process_sid(&ace->trustee, &old_sid, &new_sid); - print_sid(&ace->trustee); - ace = (ACE *)((char *)ace + SVAL(&ace->length, 0)); - } -} - -void usage(void) -{ - fprintf(stderr, "usage: profiles [-c <OLD-SID> -n <NEW-SID>] <profilefile>\n"); - fprintf(stderr, "Version: %s\n", VERSION); - fprintf(stderr, "\n\t-v\t sets verbose mode"); - fprintf(stderr, "\n\t-c S-1-5-21-z-y-x-oldrid - provides SID to change"); - fprintf(stderr, "\n\t-n S-1-5-21-a-b-c-newrid - provides SID to change to"); - fprintf(stderr, "\n\t\tBoth must be present if the other is."); - fprintf(stderr, "\n\t\tIf neither present, just report the SIDs found\n"); -} - -int main(int argc, char *argv[]) -{ - extern char *optarg; - extern int optind; - int opt; - int fd, start = 0; - char *base; - struct stat sbuf; - REGF_HDR *regf_hdr; - HBIN_HDR *hbin_hdr; - NK_HDR *nk_hdr; - SK_HDR *sk_hdr; - WORD first_sk_off, sk_off; - MY_SEC_DESC *sec_desc; - int *ptr; - - if (argc < 2) { - usage(); - exit(1); - } - - /* - * Now, process the arguments - */ - - while ((opt = getopt(argc, argv, "c:n:v")) != EOF) { - switch (opt) { - case 'c': - change = 1; - if (!get_sid(&old_sid, optarg)) { - fprintf(stderr, "Argument to -c should be a SID in form of S-1-5-...\n"); - usage(); - exit(254); - } - break; - - case 'n': - new = 1; - if (!get_sid(&new_sid, optarg)) { - fprintf(stderr, "Argument to -n should be a SID in form of S-1-5-...\n"); - usage(); - exit(253); - } - - break; - - case 'v': - verbose++; - break; - - default: - usage(); - exit(255); - } - } - - if ((!change & new) || (change & !new)) { - fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n"); - usage(); - exit(252); - } - - fd = open(argv[optind], O_RDWR, 0000); - - if (fd < 0) { - fprintf(stderr, "Could not open %s: %s\n", argv[optind], - strerror(errno)); - exit(2); - } - - if (fstat(fd, &sbuf) < 0) { - fprintf(stderr, "Could not stat file %s, %s\n", argv[optind], - strerror(errno)); - exit(3); - } - - /* - * Now, mmap the file into memory, check the header and start - * dealing with the records. We are interested in the sk record - */ - start = 0; - base = mmap(&start, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); - - if ((int)base == -1) { - fprintf(stderr, "Could not mmap file: %s, %s\n", argv[optind], - strerror(errno)); - exit(4); - } - - /* - * In what follows, and in places above, in order to work on both LE and - * BE platforms, we have to use the Samba macros to extract SHORT, LONG - * and associated UNSIGNED quantities from the data in the mmap'd file. - * NOTE, however, that we do not need to do anything with memory - * addresses that we construct from pointers in our address space. - * For example, - * - * sec_desc = (MY_SEC_DESC *)&(sk_hdr->sec_desc[0]); - * - * is simply taking the address of a structure we already have the address - * of in our address space, while, the fields within it, will have to - * be accessed with the macros: - * - * owner_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + - * IVAL(&sec_desc->owner_off, 0)); - * - * Which is pulling out an offset and adding it to an existing pointer. - * - */ - - regf_hdr = (REGF_HDR *)base; - - if (verbose) fprintf(stdout, "Registry file size: %u\n", (unsigned int)sbuf.st_size); - - if (IVAL(®f_hdr->REGF_ID, 0) != REG_REGF_ID) { - fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[optind]); - exit(5); - } - - if (verbose) fprintf(stdout, "First Key Off: %u, Data Block Size: %u\n", - IVAL(®f_hdr->first_key, 0), - IVAL(®f_hdr->dblk_size, 0)); - - hbin_hdr = (HBIN_HDR *)(base + 0x1000); /* No need for Endian stuff */ - - /* - * This should be the hbin_hdr - */ - - if (IVAL(&hbin_hdr->HBIN_ID, 0) != REG_HBIN_ID) { - fprintf(stderr, "Incorrect hbin hdr: %s\n", argv[optind]); - exit(6); - } - - if (verbose) fprintf(stdout, "Next Off: %u, Prev Off: %u\n", - IVAL(&hbin_hdr->next_off, 0), - IVAL(&hbin_hdr->prev_off, 0)); - - nk_hdr = (NK_HDR *)(base + 0x1000 + IVAL(®f_hdr->first_key, 0) + 4); - - if (SVAL(&nk_hdr->NK_ID, 0) != REG_NK_ID) { - fprintf(stderr, "Incorrect NK Header: %s\n", argv[optind]); - exit(7); - } - - sk_off = first_sk_off = IVAL(&nk_hdr->sk_off, 0); - if (verbose) { - fprintf(stdout, "Type: %0x\n", SVAL(&nk_hdr->type, 0)); - fprintf(stdout, "SK Off : %o\n", (0x1000 + sk_off + 4)); - } - - sk_hdr = (SK_HDR *)(base + 0x1000 + sk_off + 4); - - do { - DOM_SID *owner_sid, *group_sid; - ACL *sacl, *dacl; - if (SVAL(&sk_hdr->SK_ID, 0) != REG_SK_ID) { - fprintf(stderr, "Incorrect SK Header format: %08X\n", - (0x1000 + sk_off + 4)); - exit(8); - } - ptr = (int *)sk_hdr; - if (verbose) fprintf(stdout, "Off: %08X, Refs: %u, Size: %u\n", - sk_off, IVAL(&sk_hdr->ref_cnt, 0), - IVAL(&sk_hdr->rec_size, 0)); - - sec_desc = (MY_SEC_DESC *)&(sk_hdr->sec_desc[0]); - owner_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + - IVAL(&sec_desc->owner_off, 0)); - group_sid = (DOM_SID *)(&sk_hdr->sec_desc[0] + - IVAL(&sec_desc->group_off, 0)); - sacl = (ACL *)(&sk_hdr->sec_desc[0] + - IVAL(&sec_desc->sacl_off, 0)); - dacl = (ACL *)(&sk_hdr->sec_desc[0] + - IVAL(&sec_desc->dacl_off, 0)); - if (verbose)fprintf(stdout, " Owner SID: "); - if (change) process_sid(owner_sid, &old_sid, &new_sid); - if (verbose) print_sid(owner_sid); - if (verbose) fprintf(stdout, " Group SID: "); - if (change) process_sid(group_sid, &old_sid, &new_sid); - if (verbose) print_sid(group_sid); - fprintf(stdout, " SACL: "); - if (!sec_desc->sacl_off) { /* LE zero == BE zero */ - if (verbose) fprintf(stdout, "NONE\n"); - } - else - process_acl(sacl, " "); - if (verbose) fprintf(stdout, " DACL: "); - if (!sec_desc->dacl_off) { - if (verbose) fprintf(stdout, "NONE\n"); - } - else - process_acl(dacl, " "); - sk_off = IVAL(&sk_hdr->prev_off, 0); - sk_hdr = (SK_HDR *)(base + OFF(IVAL(&sk_hdr->prev_off, 0))); - } while (sk_off != first_sk_off); - - munmap(base, sbuf.st_size); - - close(fd); - return 0; -} diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index 451a15992b..c92692fda2 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -168,12 +168,6 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_ printf("'winbind separator = +' might cause problems with group membership.\n"); } -#ifndef HAVE_DLOPEN - if (lp_modules() != NULL) { - printf("'modules = ' specified in configuration file, but this samba build does not support plugins!\n"); - } -#endif - if (lp_algorithmic_rid_base() < BASE_RID) { /* Try to prevent admin foot-shooting, we can't put algorithmic rids below 1000, that's the 'well known RIDs' on NT */ @@ -214,7 +208,6 @@ int main(int argc, const char *argv[]) pc = poptGetContext(NULL, argc, argv, long_options, POPT_CONTEXT_KEEP_FIRST); - poptSetOtherOptionHelp(pc, "[OPTION...] <config-file> [host-name] [host-ip]"); while((opt = poptGetNextOpt(pc)) != -1); diff --git a/source3/web/swat.c b/source3/web/swat.c index fc38852245..af6fa82ffe 100644 --- a/source3/web/swat.c +++ b/source3/web/swat.c @@ -696,9 +696,9 @@ static void wizard_page(void) /* Now determine smb.conf WINS settings */ if (lp_wins_support()) winstype = 1; - if (lp_wins_server_list() && strlen(*lp_wins_server_list())) - winstype = 2; - +/* if (strlen(lp_wins_server_list()) != 0 ) + * winstype = 2; + */ /* Do we have a homes share? */ have_home = lp_servicenumber(HOMES_NAME); |