summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/Makefile.in10
-rw-r--r--source3/groupdb/mapping.c981
-rw-r--r--source3/include/passdb.h8
-rw-r--r--source3/include/smb.h5
-rw-r--r--source3/lib/talloc.c40
-rw-r--r--source3/lib/tdb_multikey.c588
-rw-r--r--source3/passdb/lookup_sid.c4
-rw-r--r--source3/passdb/passdb.c2
-rw-r--r--source3/passdb/pdb_interface.c56
-rw-r--r--source3/passdb/pdb_ldap.c4
-rw-r--r--source3/rpc_server/srv_lsa_nt.c2
-rw-r--r--source3/rpc_server/srv_samr_nt.c6
-rwxr-xr-xsource3/script/tests/test_smbtorture_s3.sh3
-rw-r--r--source3/tdb/tdbutil.c12
-rw-r--r--source3/tdb/tdbutil.h2
-rw-r--r--source3/torture/local-groupmap.c64
-rw-r--r--source3/torture/local-multikey.c211
-rw-r--r--source3/torture/torture.c7
-rw-r--r--source3/utils/net_groupmap.c85
-rw-r--r--source3/utils/net_rpc_samsync.c10
-rw-r--r--source3/utils/net_sam.c8
21 files changed, 595 insertions, 1513 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 1f5a39d9da..0ff5872063 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -225,7 +225,7 @@ LIB_OBJ = $(VERSION_OBJ) lib/charcnv.o lib/debug.o lib/fault.o \
lib/md5.o lib/hmacmd5.o lib/arc4.o lib/iconv.o \
nsswitch/wb_client.o $(WBCOMMON_OBJ) \
lib/pam_errors.o intl/lang_tdb.o \
- lib/adt_tree.o lib/gencache.o $(TDB_OBJ) lib/tdb_multikey.o \
+ lib/adt_tree.o lib/gencache.o $(TDB_OBJ) \
lib/module.o lib/events.o lib/ldap_escape.o @CHARSET_STATIC@ \
lib/secdesc.o lib/util_seaccess.o lib/secace.o lib/secacl.o @SOCKWRAP@ \
libads/krb5_errs.o lib/system_smbd.o lib/audit.o
@@ -608,12 +608,10 @@ NMBLOOKUP_OBJ = utils/nmblookup.o $(PARAM_OBJ) $(LIBNMB_OBJ) $(RPC_PARSE_OBJ1) $
$(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ) $(LIBSAMBA_OBJ)
SMBTORTURE_OBJ1 = torture/torture.o torture/nbio.o torture/scanner.o torture/utable.o \
- torture/denytest.o torture/mangle_test.o \
- torture/local-multikey.o torture/local-groupmap.o
+ torture/denytest.o torture/mangle_test.o
SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) $(PARAM_OBJ) \
- $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) \
- $(PASSDB_OBJ) $(GROUPDB_OBJ) $(SMBLDAP_OBJ)
+ $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ)
MASKTEST_OBJ = torture/masktest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(LIB_NONSMBD_OBJ) $(SECRETS_OBJ)
@@ -1015,7 +1013,7 @@ bin/nmblookup@EXEEXT@: $(NMBLOOKUP_OBJ) @BUILD_POPT@ bin/.dummy
bin/smbtorture@EXEEXT@: $(SMBTORTURE_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) @PIE_LDFLAGS@ -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS)
+ @$(CC) $(FLAGS) @PIE_LDFLAGS@ -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS)
bin/talloctort@EXEEXT@: $(TALLOCTORT_OBJ) bin/.dummy
@echo Linking $@
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c
index b617e34565..c701ef165d 100644
--- a/source3/groupdb/mapping.c
+++ b/source3/groupdb/mapping.c
@@ -2,7 +2,7 @@
* Unix SMB/CIFS implementation.
* RPC Pipe client / server routines
* Copyright (C) Andrew Tridgell 1992-2000,
- * Copyright (C) Jean Francois Micouleau 1998-2001.
+ * Copyright (C) Jean François Micouleau 1998-2001.
* Copyright (C) Volker Lendecke 2006.
* Copyright (C) Gerald Carter 2006.
*
@@ -27,7 +27,6 @@ static TDB_CONTEXT *tdb; /* used for driver files */
#define DATABASE_VERSION_V1 1 /* native byte format. */
#define DATABASE_VERSION_V2 2 /* le format. */
-#define DATABASE_VERSION_V3 3 /* Indexed format */
#define GROUP_PREFIX "UNIXGROUP/"
@@ -38,243 +37,125 @@ static TDB_CONTEXT *tdb; /* used for driver files */
*/
#define MEMBEROF_PREFIX "MEMBEROF/"
-static BOOL pack_group_map(TALLOC_CTX *mem_ctx, const GROUP_MAP *map,
- TDB_DATA *data)
-{
- return tdb_pack_append(mem_ctx, &data->dptr, &data->dsize, "fddff",
- sid_string_static(&map->sid), map->gid,
- map->sid_name_use, map->nt_name, map->comment);
-}
-
-static BOOL unpack_group_map(TDB_DATA data, GROUP_MAP *map)
-{
- fstring sidstr;
-
- if (!tdb_unpack(data.dptr, data.dsize, "fddff", sidstr, &map->gid,
- &map->sid_name_use, &map->nt_name, &map->comment)) {
- DEBUG(0, ("tdb_unpack failed\n"));
- return False;
- }
- if (!string_to_sid(&map->sid, sidstr)) {
- DEBUG(0, ("sid_string %s invalid\n", sidstr));
- return False;
- }
-
- return True;
-}
-
-/*
- * Calculate keys from the group mapping record
- *
- * We've got 3 keys: SID, Name (uppercased) and gid
- */
-
-#define KEYNUM_SID (0)
-#define KEYNUM_NAME (1)
-#define KEYNUM_GID (2)
-
-static char **group_mapping_keys(TALLOC_CTX *mem_ctx, TDB_DATA data,
- void *private_data)
-{
- char **result;
- GROUP_MAP map;
- GROUP_MAP *mapp = (GROUP_MAP *)private_data;
-
- if (mapp == NULL) {
- if (!unpack_group_map(data, &map)) {
- DEBUG(0, ("unpack_groupmap failed\n"));
- return NULL;
- }
- mapp = ↦
- }
-
- result = TALLOC_ARRAY(mem_ctx, char *, 4);
- if (result == NULL) {
- DEBUG(0, ("talloc_array failed\n"));
- return NULL;
- }
-
- result[KEYNUM_SID] = talloc_strdup(result,
- sid_string_static(&mapp->sid));
- result[KEYNUM_NAME] = talloc_strdup(result, mapp->nt_name);
- result[KEYNUM_GID] = talloc_asprintf(result, "%d", (int)mapp->gid);
- result[3] = NULL;
-
- if ((result[0] == NULL) || (result[1] == NULL) ||
- (result[2] == NULL)) {
- DEBUG(0, ("talloc failed\n"));
- TALLOC_FREE(result);
- return NULL;
- }
-
- /* name lookups are case insensitive, store the key in upper case */
- strupper_m(result[KEYNUM_NAME]);
-
- return result;
-}
-
-static NTSTATUS upgrade_groupdb_to_v3(struct tdb_context *groupdb)
-{
- TDB_DATA kbuf, newkey;
- NTSTATUS status;
-
- for (kbuf = tdb_firstkey(groupdb);
- kbuf.dptr;
- newkey = tdb_nextkey(groupdb, kbuf), safe_free(kbuf.dptr),
- kbuf=newkey) {
-
- fstring string_sid;
- TDB_DATA data, newdata;
- GROUP_MAP map;
- int ret;
-
- if (strncmp(kbuf.dptr, GROUP_PREFIX,
- strlen(GROUP_PREFIX)) != 0) {
- continue;
- }
-
- data = tdb_fetch(groupdb, kbuf);
- if (!data.dptr) {
- continue;
- }
-
- fstrcpy(string_sid, kbuf.dptr+strlen(GROUP_PREFIX));
-
- ret = tdb_unpack(data.dptr, data.dsize, "ddff",
- &map.gid, &map.sid_name_use, &map.nt_name,
- &map.comment);
- SAFE_FREE(data.dptr);
-
- if ( ret == -1 ) {
- DEBUG(3,("upgrade_groupdb_to_v3: tdb_unpack "
- "failure\n"));
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
-
- if (!string_to_sid(&map.sid, string_sid)) {
- DEBUG(3, ("Got invalid sid: %s\n", string_sid));
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
-
- if (tdb_delete(groupdb, kbuf) < 0) {
- status = map_ntstatus_from_tdb(groupdb);
- DEBUG(3, ("tdb_delete failed: %s\n",
- nt_errstr(status)));
- return status;
- }
-
- if (map.gid == -1) {
- DEBUG(3, ("Deleting umapped group %s\n", map.nt_name));
- continue;
- }
-
- ZERO_STRUCT(newdata);
-
- if (!pack_group_map(NULL, &map, &newdata)) {
- DEBUG(0, ("pack_group_map_failed\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- status = tdb_add_keyed(groupdb, group_mapping_keys,
- newdata, &map);
- TALLOC_FREE(newdata.dptr);
-
- if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECTID_EXISTS)) {
- DEBUG(0, ("mapping for gid %d / name %s maps to "
- "multiple SIDs -- rejected\n",
- map.gid, map.nt_name));
- return status;
- }
-
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(5, ("tdb_add_keyed failed: %s\n",
- nt_errstr(status)));
- return status;
- }
- }
-
- return NT_STATUS_OK;
-}
+static BOOL enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
+ size_t *p_num_entries, BOOL unix_only);
+static BOOL group_map_remove(const DOM_SID *sid);
/****************************************************************************
Open the group mapping tdb.
****************************************************************************/
-static NTSTATUS init_group_mapping(void)
+static BOOL init_group_mapping(void)
{
const char *vstring = "INFO/version";
int32 vers_id;
- NTSTATUS status;
+ GROUP_MAP *map_table = NULL;
+ size_t num_entries = 0;
if (tdb)
- return NT_STATUS_OK;
+ return True;
- tdb = tdb_open_log(lock_path("group_mapping.tdb"), 0, TDB_DEFAULT,
- O_RDWR|O_CREAT, 0600);
+ tdb = tdb_open_log(lock_path("group_mapping.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
if (!tdb) {
- DEBUG(0,("Failed to open group mapping database: %s\n",
- strerror(errno)));
- return map_nt_error_from_unix(errno);
+ DEBUG(0,("Failed to open group mapping database\n"));
+ return False;
}
- if (tdb_transaction_start(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("Could not start transaction: %s\n",
- nt_errstr(status)));
- tdb_close(tdb);
- tdb = NULL;
- return status;
- }
+ /* handle a Samba upgrade */
+ tdb_lock_bystring(tdb, vstring);
/* Cope with byte-reversed older versions of the db. */
vers_id = tdb_fetch_int32(tdb, vstring);
-
- if (vers_id == DATABASE_VERSION_V3) {
- if (tdb_transaction_cancel(tdb) < 0) {
- smb_panic("tdb_cancel_transaction failed\n");
- }
- return NT_STATUS_OK;
+ if ((vers_id == DATABASE_VERSION_V1) || (IREV(vers_id) == DATABASE_VERSION_V1)) {
+ /* Written on a bigendian machine with old fetch_int code. Save as le. */
+ tdb_store_int32(tdb, vstring, DATABASE_VERSION_V2);
+ vers_id = DATABASE_VERSION_V2;
}
- if (vers_id < 0) {
- tdb_store_int32(tdb, vstring, DATABASE_VERSION_V3);
- }
-
- if ((vers_id == DATABASE_VERSION_V1) ||
- (IREV(vers_id) == DATABASE_VERSION_V1)) {
-
- /* Written on a bigendian machine with old fetch_int
- * code. Save as le. */
+ /* if its an unknown version we remove everthing in the db */
+
+ if (vers_id != DATABASE_VERSION_V2) {
+ tdb_traverse(tdb, tdb_traverse_delete_fn, NULL);
tdb_store_int32(tdb, vstring, DATABASE_VERSION_V2);
- vers_id = DATABASE_VERSION_V2;
}
- if (vers_id == DATABASE_VERSION_V2) {
- status = upgrade_groupdb_to_v3(tdb);
- if (!NT_STATUS_IS_OK(status)) {
- goto fail;
+ tdb_unlock_bystring(tdb, vstring);
+
+ /* cleanup any map entries with a gid == -1 */
+
+ if ( enum_group_mapping( NULL, SID_NAME_UNKNOWN, &map_table, &num_entries, False ) ) {
+ int i;
+
+ for ( i=0; i<num_entries; i++ ) {
+ if ( map_table[i].gid == -1 ) {
+ group_map_remove( &map_table[i].sid );
+ }
}
- tdb_store_int32(tdb, vstring, DATABASE_VERSION_V3);
+
+ SAFE_FREE( map_table );
}
- if (tdb_transaction_commit(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("tdb_transaction_commit failed: %s\n",
- nt_errstr(status)));
- goto fail;
+
+ return True;
+}
+
+/****************************************************************************
+****************************************************************************/
+static BOOL add_mapping_entry(GROUP_MAP *map, int flag)
+{
+ TDB_DATA kbuf, dbuf;
+ pstring key, buf;
+ fstring string_sid="";
+ int len;
+
+ if(!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return(False);
}
+
+ sid_to_string(string_sid, &map->sid);
- return NT_STATUS_OK;
+ len = tdb_pack(buf, sizeof(buf), "ddff",
+ map->gid, map->sid_name_use, map->nt_name, map->comment);
+
+ if (len > sizeof(buf))
+ return False;
- fail:
- if (tdb_transaction_cancel(tdb) < 0) {
- smb_panic("tdb_cancel_transaction failed\n");
+ slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid);
+
+ kbuf.dsize = strlen(key)+1;
+ kbuf.dptr = key;
+ dbuf.dsize = len;
+ dbuf.dptr = buf;
+ if (tdb_store(tdb, kbuf, dbuf, flag) != 0) return False;
+
+ return True;
+}
+
+/****************************************************************************
+initialise first time the mapping list
+****************************************************************************/
+NTSTATUS add_initial_entry(gid_t gid, const char *sid, enum SID_NAME_USE sid_name_use, const char *nt_name, const char *comment)
+{
+ GROUP_MAP map;
+
+ if(!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
}
- tdb_close(tdb);
- tdb = NULL;
+
+ map.gid=gid;
+ if (!string_to_sid(&map.sid, sid)) {
+ DEBUG(0, ("string_to_sid failed: %s", sid));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ map.sid_name_use=sid_name_use;
+ fstrcpy(map.nt_name, nt_name);
+ fstrcpy(map.comment, comment);
- return status;
+ return pdb_add_group_mapping_entry(&map);
}
/****************************************************************************
@@ -287,7 +168,7 @@ NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *pmap)
const char *grpname, *dom, *name;
uint32 rid;
- if (NT_STATUS_IS_OK(pdb_getgrgid(&map, grp->gr_gid))) {
+ if (pdb_getgrgid(&map, grp->gr_gid)) {
return NT_STATUS_GROUP_EXISTS;
}
@@ -339,172 +220,248 @@ NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *pmap)
Return the sid and the type of the unix group.
****************************************************************************/
-static NTSTATUS get_group_map_from_sid(const DOM_SID *sid, GROUP_MAP *map)
+static BOOL get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
{
- TDB_DATA data;
- NTSTATUS status;
-
- status = init_group_mapping();
- if(!NT_STATUS_IS_OK(status)) {
+ TDB_DATA kbuf, dbuf;
+ pstring key;
+ fstring string_sid;
+ int ret = 0;
+
+ if(!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
- return status;
+ return(False);
}
- status = tdb_find_keyed(NULL, tdb, KEYNUM_SID, sid_string_static(sid),
- &data, NULL);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
+ /* the key is the SID, retrieving is direct */
- status = unpack_group_map(data, map) ?
- NT_STATUS_OK : NT_STATUS_INTERNAL_DB_CORRUPTION;
+ sid_to_string(string_sid, &sid);
+ slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid);
- TALLOC_FREE(data.dptr);
- return status;
+ kbuf.dptr = key;
+ kbuf.dsize = strlen(key)+1;
+
+ dbuf = tdb_fetch(tdb, kbuf);
+ if (!dbuf.dptr)
+ return False;
+
+ ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
+ &map->gid, &map->sid_name_use, &map->nt_name, &map->comment);
+
+ SAFE_FREE(dbuf.dptr);
+
+ if ( ret == -1 ) {
+ DEBUG(3,("get_group_map_from_sid: tdb_unpack failure\n"));
+ return False;
+ }
+
+ sid_copy(&map->sid, &sid);
+
+ return True;
}
/****************************************************************************
Return the sid and the type of the unix group.
****************************************************************************/
-static NTSTATUS get_group_map_from_gid(gid_t gid, GROUP_MAP *map)
+static BOOL get_group_map_from_gid(gid_t gid, GROUP_MAP *map)
{
- TDB_DATA data;
- NTSTATUS status;
- char *gidstr;
+ TDB_DATA kbuf, dbuf, newkey;
+ fstring string_sid;
+ int ret;
- status = init_group_mapping();
- if(!NT_STATUS_IS_OK(status)) {
+ if(!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
- return status;
+ return(False);
}
- if (asprintf(&gidstr, "%d", (int)gid) < 0) {
- DEBUG(0, ("asprintf failed\n"));
- return NT_STATUS_NO_MEMORY;
- }
+ /* we need to enumerate the TDB to find the GID */
- status = tdb_find_keyed(NULL, tdb, KEYNUM_GID, gidstr, &data, NULL);
- SAFE_FREE(gidstr);
+ for (kbuf = tdb_firstkey(tdb);
+ kbuf.dptr;
+ newkey = tdb_nextkey(tdb, kbuf), safe_free(kbuf.dptr), kbuf=newkey) {
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
+ if (strncmp(kbuf.dptr, GROUP_PREFIX, strlen(GROUP_PREFIX)) != 0) continue;
+
+ dbuf = tdb_fetch(tdb, kbuf);
+ if (!dbuf.dptr)
+ continue;
- status = unpack_group_map(data, map) ?
- NT_STATUS_OK : NT_STATUS_INTERNAL_DB_CORRUPTION;
+ fstrcpy(string_sid, kbuf.dptr+strlen(GROUP_PREFIX));
- TALLOC_FREE(data.dptr);
- return status;
+ string_to_sid(&map->sid, string_sid);
+
+ ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
+ &map->gid, &map->sid_name_use, &map->nt_name, &map->comment);
+
+ SAFE_FREE(dbuf.dptr);
+
+ if ( ret == -1 ) {
+ DEBUG(3,("get_group_map_from_gid: tdb_unpack failure\n"));
+ return False;
+ }
+
+ if (gid==map->gid) {
+ SAFE_FREE(kbuf.dptr);
+ return True;
+ }
+ }
+
+ return False;
}
/****************************************************************************
Return the sid and the type of the unix group.
****************************************************************************/
-static NTSTATUS get_group_map_from_ntname(const char *name, GROUP_MAP *map)
+static BOOL get_group_map_from_ntname(const char *name, GROUP_MAP *map)
{
- TDB_DATA data;
- NTSTATUS status;
- char *tmp;
+ TDB_DATA kbuf, dbuf, newkey;
+ fstring string_sid;
+ int ret;
- status = init_group_mapping();
- if(!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("failed to initialize group mapping\n"));
- return status;
+ if(!init_group_mapping()) {
+ DEBUG(0,("get_group_map_from_ntname:failed to initialize group mapping\n"));
+ return(False);
}
- tmp = SMB_STRDUP(name);
- if (tmp == NULL) {
- DEBUG(0, ("strdup failed\n"));
- return NT_STATUS_NO_MEMORY;
- }
+ /* we need to enumerate the TDB to find the name */
+
+ for (kbuf = tdb_firstkey(tdb);
+ kbuf.dptr;
+ newkey = tdb_nextkey(tdb, kbuf), safe_free(kbuf.dptr), kbuf=newkey) {
+
+ if (strncmp(kbuf.dptr, GROUP_PREFIX, strlen(GROUP_PREFIX)) != 0) continue;
+
+ dbuf = tdb_fetch(tdb, kbuf);
+ if (!dbuf.dptr)
+ continue;
- /*
- * The name is stored uppercase to make the search case insensitive
- */
+ fstrcpy(string_sid, kbuf.dptr+strlen(GROUP_PREFIX));
- strupper_m(tmp);
+ string_to_sid(&map->sid, string_sid);
+
+ ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
+ &map->gid, &map->sid_name_use, &map->nt_name, &map->comment);
- status = tdb_find_keyed(NULL, tdb, KEYNUM_NAME, tmp, &data, NULL);
- SAFE_FREE(tmp);
+ SAFE_FREE(dbuf.dptr);
+
+ if ( ret == -1 ) {
+ DEBUG(3,("get_group_map_from_ntname: tdb_unpack failure\n"));
+ return False;
+ }
- if (!NT_STATUS_IS_OK(status)) {
- return status;
+ if ( strequal(name, map->nt_name) ) {
+ SAFE_FREE(kbuf.dptr);
+ return True;
+ }
}
- status = unpack_group_map(data, map) ?
- NT_STATUS_OK : NT_STATUS_INTERNAL_DB_CORRUPTION;
+ return False;
+}
+
+/****************************************************************************
+ Remove a group mapping entry.
+****************************************************************************/
- TALLOC_FREE(data.dptr);
- return status;
+static BOOL group_map_remove(const DOM_SID *sid)
+{
+ TDB_DATA kbuf, dbuf;
+ pstring key;
+ fstring string_sid;
+
+ if(!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return(False);
+ }
+
+ /* the key is the SID, retrieving is direct */
+
+ sid_to_string(string_sid, sid);
+ slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid);
+
+ kbuf.dptr = key;
+ kbuf.dsize = strlen(key)+1;
+
+ dbuf = tdb_fetch(tdb, kbuf);
+ if (!dbuf.dptr)
+ return False;
+
+ SAFE_FREE(dbuf.dptr);
+
+ if(tdb_delete(tdb, kbuf) != TDB_SUCCESS)
+ return False;
+
+ return True;
}
/****************************************************************************
Enumerate the group mapping.
****************************************************************************/
-static NTSTATUS enum_group_mapping(const DOM_SID *domsid,
- enum SID_NAME_USE sid_name_use,
- GROUP_MAP **pp_rmap,
- size_t *p_num_entries, BOOL unix_only)
+static BOOL enum_group_mapping(const DOM_SID *domsid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
+ size_t *p_num_entries, BOOL unix_only)
{
- struct tdb_keyed_iterator *iterator;
- TDB_DATA dbuf;
- NTSTATUS status;
+ TDB_DATA kbuf, dbuf, newkey;
+ fstring string_sid;
+ GROUP_MAP map;
+ GROUP_MAP *mapt;
+ int ret;
+ size_t entries=0;
+ DOM_SID grpsid;
+ uint32 rid;
- status = init_group_mapping();
- if (!NT_STATUS_IS_OK(status)) {
+ if(!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
- return status;
+ return(False);
}
*p_num_entries=0;
*pp_rmap=NULL;
- iterator = tdb_enum_keyed(NULL, tdb);
- if (iterator == NULL) {
- DEBUG(0, ("tdb_enum_keyed failed\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- while (tdb_next_keyed(iterator, &dbuf)) {
+ for (kbuf = tdb_firstkey(tdb);
+ kbuf.dptr;
+ newkey = tdb_nextkey(tdb, kbuf), safe_free(kbuf.dptr), kbuf=newkey) {
- GROUP_MAP map;
- DOM_SID grpsid;
- uint32 rid;
+ if (strncmp(kbuf.dptr, GROUP_PREFIX, strlen(GROUP_PREFIX)) != 0)
+ continue;
- if (!unpack_group_map(dbuf, &map)) {
- DEBUG(5, ("Got invalid group mapping entry\n"));
- TALLOC_FREE(dbuf.dptr);
+ dbuf = tdb_fetch(tdb, kbuf);
+ if (!dbuf.dptr)
continue;
- }
+
+ fstrcpy(string_sid, kbuf.dptr+strlen(GROUP_PREFIX));
+
+ ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
+ &map.gid, &map.sid_name_use, &map.nt_name, &map.comment);
SAFE_FREE(dbuf.dptr);
+ if ( ret == -1 ) {
+ DEBUG(3,("enum_group_mapping: tdb_unpack failure\n"));
+ continue;
+ }
+
/* list only the type or everything if UNKNOWN */
- if (sid_name_use!=SID_NAME_UNKNOWN &&
- sid_name_use!=map.sid_name_use) {
- DEBUG(11,("enum_group_mapping: group %s is not of the "
- "requested type\n", map.nt_name));
+ if (sid_name_use!=SID_NAME_UNKNOWN && sid_name_use!=map.sid_name_use) {
+ DEBUG(11,("enum_group_mapping: group %s is not of the requested type\n", map.nt_name));
continue;
}
if (unix_only==ENUM_ONLY_MAPPED && map.gid==-1) {
- DEBUG(11,("enum_group_mapping: group %s is non "
- "mapped\n", map.nt_name));
+ DEBUG(11,("enum_group_mapping: group %s is non mapped\n", map.nt_name));
continue;
}
- sid_copy( &grpsid, &map.sid );
+ string_to_sid(&grpsid, string_sid);
+ sid_copy( &map.sid, &grpsid );
+
sid_split_rid( &grpsid, &rid );
/* Only check the domain if we were given one */
if ( domsid && !sid_equal( domsid, &grpsid ) ) {
- DEBUG(11,("enum_group_mapping: group %s is not in "
- "domain %s\n", sid_string_static(&map.sid),
- sid_string_static(domsid)));
+ DEBUG(11,("enum_group_mapping: group %s is not in domain %s\n",
+ string_sid, sid_string_static(domsid)));
continue;
}
@@ -512,14 +469,27 @@ static NTSTATUS enum_group_mapping(const DOM_SID *domsid,
"type %s\n", map.nt_name,
sid_type_lookup(map.sid_name_use)));
- ADD_TO_ARRAY(NULL, GROUP_MAP, map, pp_rmap, p_num_entries);
- if (*pp_rmap == NULL) {
- DEBUG(0, ("ADD_TO_ARRAY failed\n"));
- return NT_STATUS_NO_MEMORY;
+ (*pp_rmap) = SMB_REALLOC_ARRAY((*pp_rmap), GROUP_MAP, entries+1);
+ if (!(*pp_rmap)) {
+ DEBUG(0,("enum_group_mapping: Unable to enlarge group map!\n"));
+ return False;
}
+
+ mapt = (*pp_rmap);
+
+ mapt[entries].gid = map.gid;
+ sid_copy( &mapt[entries].sid, &map.sid);
+ mapt[entries].sid_name_use = map.sid_name_use;
+ fstrcpy(mapt[entries].nt_name, map.nt_name);
+ fstrcpy(mapt[entries].comment, map.comment);
+
+ entries++;
+
}
- return NT_STATUS_OK;
+ *p_num_entries=entries;
+
+ return True;
}
/* This operation happens on session setup, so it should better be fast. We
@@ -532,7 +502,7 @@ static NTSTATUS one_alias_membership(const DOM_SID *member,
TDB_DATA kbuf, dbuf;
const char *p;
- if (!NT_STATUS_IS_OK(init_group_mapping())) {
+ if (!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_ACCESS_DENIED;
}
@@ -611,41 +581,22 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
pstring key;
fstring string_sid;
char *new_memberstring;
- NTSTATUS status;
+ int result;
- status = init_group_mapping();
- if(!NT_STATUS_IS_OK(status)) {
+ if(!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
- return status;
- }
-
- if (tdb_transaction_start(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("Could not start transaction: %s\n",
- nt_errstr(status)));
- return status;
- }
-
- status = get_group_map_from_sid(alias, &map);
-
- if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
- status = NT_STATUS_NO_SUCH_ALIAS;
+ return NT_STATUS_ACCESS_DENIED;
}
- if (!NT_STATUS_IS_OK(status)) {
- goto fail;
- }
+ if (!get_group_map_from_sid(*alias, &map))
+ return NT_STATUS_NO_SUCH_ALIAS;
if ( (map.sid_name_use != SID_NAME_ALIAS) &&
- (map.sid_name_use != SID_NAME_WKN_GRP) ) {
- status = NT_STATUS_NO_SUCH_ALIAS;
- goto fail;
- }
+ (map.sid_name_use != SID_NAME_WKN_GRP) )
+ return NT_STATUS_NO_SUCH_ALIAS;
- if (is_aliasmem(alias, member)) {
- status = NT_STATUS_MEMBER_IN_ALIAS;
- goto fail;
- }
+ if (is_aliasmem(alias, member))
+ return NT_STATUS_MEMBER_IN_ALIAS;
sid_to_string(string_sid, member);
slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX, string_sid);
@@ -664,38 +615,18 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
new_memberstring = SMB_STRDUP(string_sid);
}
- if (new_memberstring == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
+ if (new_memberstring == NULL)
+ return NT_STATUS_NO_MEMORY;
SAFE_FREE(dbuf.dptr);
dbuf.dsize = strlen(new_memberstring)+1;
dbuf.dptr = new_memberstring;
- if (tdb_store(tdb, kbuf, dbuf, 0) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("tdb_store failed: %s\n", nt_errstr(status)));
- SAFE_FREE(new_memberstring);
- goto fail;
- }
+ result = tdb_store(tdb, kbuf, dbuf, 0);
SAFE_FREE(new_memberstring);
- if (tdb_transaction_commit(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("tdb_transaction_commit failed: %s\n",
- nt_errstr(status)));
- goto fail;
- }
-
- return NT_STATUS_OK;
-
- fail:
- if (tdb_transaction_cancel(tdb) < 0) {
- smb_panic("tdb_cancel_transaction failed\n");
- }
- return status;
+ return (result == 0 ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED);
}
struct aliasmem_closure {
@@ -750,18 +681,17 @@ static int collect_aliasmem(TDB_CONTEXT *tdb_ctx, TDB_DATA key, TDB_DATA data,
return 0;
}
-static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids,
- size_t *num)
+static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num)
{
GROUP_MAP map;
struct aliasmem_closure closure;
- if(!NT_STATUS_IS_OK(init_group_mapping())) {
+ if(!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_ACCESS_DENIED;
}
- if (!NT_STATUS_IS_OK(get_group_map_from_sid(alias, &map)))
+ if (!get_group_map_from_sid(*alias, &map))
return NT_STATUS_NO_SUCH_ALIAS;
if ( (map.sid_name_use != SID_NAME_ALIAS) &&
@@ -781,33 +711,19 @@ static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids,
static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
- NTSTATUS status;
- DOM_SID *sids = NULL;
+ NTSTATUS result;
+ DOM_SID *sids;
size_t i, num;
BOOL found = False;
- char *member_string = NULL;
+ char *member_string;
TDB_DATA kbuf, dbuf;
pstring key;
fstring sid_string;
- status = init_group_mapping();
- if(!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("failed to initialize group mapping\n"));
- return status;
- }
-
- if (tdb_transaction_start(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("Could not start transaction: %s\n",
- nt_errstr(status)));
- return status;
- }
-
- status = alias_memberships(member, 1, &sids, &num);
+ result = alias_memberships(member, 1, &sids, &num);
- if (!NT_STATUS_IS_OK(status)) {
- goto fail;
- }
+ if (!NT_STATUS_IS_OK(result))
+ return result;
for (i=0; i<num; i++) {
if (sid_compare(&sids[i], alias) == 0) {
@@ -818,8 +734,7 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
if (!found) {
SAFE_FREE(sids);
- status = NT_STATUS_MEMBER_NOT_IN_ALIAS;
- goto fail;
+ return NT_STATUS_MEMBER_NOT_IN_ALIAS;
}
if (i < num)
@@ -833,21 +748,15 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
kbuf.dsize = strlen(key)+1;
kbuf.dptr = key;
- if (num == 0) {
- if (tdb_delete(tdb, kbuf) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("tdb_delete failed: %s\n",
- nt_errstr(status)));
- goto fail;
- }
- goto ok;
- }
+ if (num == 0)
+ return tdb_delete(tdb, kbuf) == 0 ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
member_string = SMB_STRDUP("");
if (member_string == NULL) {
SAFE_FREE(sids);
- status = NT_STATUS_NO_MEMORY;
+ return NT_STATUS_NO_MEMORY;
}
for (i=0; i<num; i++) {
@@ -859,43 +768,20 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
SAFE_FREE(s);
if (member_string == NULL) {
SAFE_FREE(sids);
- status = NT_STATUS_NO_MEMORY;
- goto fail;
+ return NT_STATUS_NO_MEMORY;
}
}
dbuf.dsize = strlen(member_string)+1;
dbuf.dptr = member_string;
- if (tdb_store(tdb, kbuf, dbuf, 0) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("tdb_store failed: %s\n", nt_errstr(status)));
- SAFE_FREE(sids);
- SAFE_FREE(member_string);
- goto fail;
- }
-
- ok:
- SAFE_FREE(sids);
- SAFE_FREE(member_string);
-
- if (tdb_transaction_commit(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("tdb_transaction_commit failed: %s\n",
- nt_errstr(status)));
- goto fail;
- }
-
- return NT_STATUS_OK;
+ result = tdb_store(tdb, kbuf, dbuf, 0) == 0 ?
+ NT_STATUS_OK : NT_STATUS_ACCESS_DENIED;
- fail:
SAFE_FREE(sids);
SAFE_FREE(member_string);
- if (tdb_transaction_cancel(tdb) < 0) {
- smb_panic("tdb_cancel_transaction failed\n");
- }
- return status;
+ return result;
}
/*
@@ -910,16 +796,14 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
/* get a domain group from it's SID */
-NTSTATUS get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map)
+BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map)
{
struct group *grp;
- NTSTATUS status;
-
- status = init_group_mapping();
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("failed to initialize group mapping: %s\n",
- nt_errstr(status)));
- return status;
+ BOOL ret;
+
+ if(!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return(False);
}
DEBUG(10, ("get_domain_group_from_sid\n"));
@@ -927,55 +811,52 @@ NTSTATUS get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map)
/* if the group is NOT in the database, it CAN NOT be a domain group */
become_root();
- status = pdb_getgrsid(map, sid);
+ ret = pdb_getgrsid(map, sid);
unbecome_root();
/* special case check for rid 513 */
- if ( !NT_STATUS_IS_OK(status) ) {
+ if ( !ret ) {
uint32 rid;
- sid_peek_rid( sid, &rid );
+ sid_peek_rid( &sid, &rid );
if ( rid == DOMAIN_GROUP_RID_USERS ) {
fstrcpy( map->nt_name, "None" );
fstrcpy( map->comment, "Ordinary Users" );
- sid_copy( &map->sid, sid );
+ sid_copy( &map->sid, &sid );
map->sid_name_use = SID_NAME_DOM_GRP;
- return NT_STATUS_OK;
+ return True;
}
- return status;
+ return False;
}
DEBUG(10, ("get_domain_group_from_sid: SID found in the TDB\n"));
/* if it's not a domain group, continue */
if (map->sid_name_use!=SID_NAME_DOM_GRP) {
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
+ return False;
}
DEBUG(10, ("get_domain_group_from_sid: SID is a domain group\n"));
if (map->gid==-1) {
- return NT_STATUS_NOT_FOUND;
+ return False;
}
- DEBUG(10, ("get_domain_group_from_sid: SID is mapped to gid:%lu\n",
- (unsigned long)map->gid));
+ DEBUG(10, ("get_domain_group_from_sid: SID is mapped to gid:%lu\n",(unsigned long)map->gid));
grp = getgrgid(map->gid);
if ( !grp ) {
- DEBUG(10, ("get_domain_group_from_sid: gid DOESN'T exist in "
- "UNIX security\n"));
- return NT_STATUS_NOT_FOUND;
+ DEBUG(10, ("get_domain_group_from_sid: gid DOESN'T exist in UNIX security\n"));
+ return False;
}
- DEBUG(10, ("get_domain_group_from_sid: gid exists in UNIX "
- "security\n"));
+ DEBUG(10, ("get_domain_group_from_sid: gid exists in UNIX security\n"));
- return NT_STATUS_OK;
+ return True;
}
/****************************************************************************
@@ -1117,114 +998,70 @@ int smb_delete_user_group(const char *unix_group, const char *unix_user)
NTSTATUS pdb_default_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
- const DOM_SID *sid)
+ DOM_SID sid)
{
- return get_group_map_from_sid(sid, map);
+ return get_group_map_from_sid(sid, map) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
gid_t gid)
{
- return get_group_map_from_gid(gid, map);
+ return get_group_map_from_gid(gid, map) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
const char *name)
{
- return get_group_map_from_ntname(name, map);
+ return get_group_map_from_ntname(name, map) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_add_group_mapping_entry(struct pdb_methods *methods,
- GROUP_MAP *map)
+ GROUP_MAP *map)
{
- TDB_DATA data;
- NTSTATUS status;
-
- status = init_group_mapping();
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("failed to initialize group mapping\n"));
- return status;
- }
-
- ZERO_STRUCT(data);
- if (!pack_group_map(NULL, map, &data)) {
- DEBUG(0, ("pack_group_map failed\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- status = tdb_add_keyed(tdb, group_mapping_keys, data, map);
- TALLOC_FREE(data.dptr);
-
- return status;
+ return add_mapping_entry(map, TDB_INSERT) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_update_group_mapping_entry(struct pdb_methods *methods,
- GROUP_MAP *map)
+ GROUP_MAP *map)
{
- TDB_DATA data;
- char *primary_key;
- NTSTATUS status;
-
- status = tdb_find_keyed(NULL, tdb, KEYNUM_SID,
- sid_string_static(&map->sid),
- &data, &primary_key);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- TALLOC_FREE(data.dptr);
- ZERO_STRUCT(data);
-
- if (!pack_group_map(NULL, map, &data)) {
- DEBUG(0, ("pack_group_map failed\n"));
- SAFE_FREE(primary_key);
- return NT_STATUS_NO_MEMORY;
- }
-
- status = tdb_update_keyed(tdb, primary_key, group_mapping_keys,
- data, NULL);
- TALLOC_FREE(data.dptr);
- TALLOC_FREE(primary_key);
- return status;
+ return add_mapping_entry(map, TDB_REPLACE) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_delete_group_mapping_entry(struct pdb_methods *methods,
- DOM_SID sid)
+ DOM_SID sid)
{
- TDB_DATA data;
- char *primary_key;
- NTSTATUS status;
- GROUP_MAP map;
-
- status = tdb_find_keyed(NULL, tdb, KEYNUM_SID, sid_string_static(&sid),
- &data, &primary_key);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
+ return group_map_remove(&sid) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
- if (!unpack_group_map(data, &map)) {
- DEBUG(0, ("unpack_group_map failed\n"));
- TALLOC_FREE(data.dptr);
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
+NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods,
+ const DOM_SID *sid, enum SID_NAME_USE sid_name_use,
+ GROUP_MAP **pp_rmap, size_t *p_num_entries,
+ BOOL unix_only)
+{
+ return enum_group_mapping(sid, sid_name_use, pp_rmap, p_num_entries, unix_only) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
- TALLOC_FREE(data.dptr);
+NTSTATUS pdb_default_find_alias(struct pdb_methods *methods,
+ const char *name, DOM_SID *sid)
+{
+ GROUP_MAP map;
- status = tdb_del_keyed(tdb, group_mapping_keys, primary_key, &map);
+ if (!pdb_getgrnam(&map, name))
+ return NT_STATUS_NO_SUCH_ALIAS;
- TALLOC_FREE(primary_key);
- return status;
-}
+ if ((map.sid_name_use != SID_NAME_WKN_GRP) &&
+ (map.sid_name_use != SID_NAME_ALIAS))
+ return NT_STATUS_OBJECT_TYPE_MISMATCH;
-NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods,
- const DOM_SID *sid,
- enum SID_NAME_USE sid_name_use,
- GROUP_MAP **pp_rmap,
- size_t *p_num_entries,
- BOOL unix_only)
-{
- return enum_group_mapping(sid, sid_name_use, pp_rmap, p_num_entries,
- unix_only);
+ sid_copy(sid, &map.sid);
+ return NT_STATUS_OK;
}
NTSTATUS pdb_default_create_alias(struct pdb_methods *methods,
@@ -1301,7 +1138,7 @@ NTSTATUS pdb_default_get_aliasinfo(struct pdb_methods *methods,
{
GROUP_MAP map;
- if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, sid)))
+ if (!pdb_getgrsid(&map, *sid))
return NT_STATUS_NO_SUCH_ALIAS;
if ((map.sid_name_use != SID_NAME_ALIAS) &&
@@ -1324,7 +1161,7 @@ NTSTATUS pdb_default_set_aliasinfo(struct pdb_methods *methods,
{
GROUP_MAP map;
- if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, sid)))
+ if (!pdb_getgrsid(&map, *sid))
return NT_STATUS_NO_SUCH_ALIAS;
fstrcpy(map.nt_name, info->acct_name);
@@ -1391,6 +1228,88 @@ NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods,
return NT_STATUS_OK;
}
+/**********************************************************************
+ no ops for passdb backends that don't implement group mapping
+ *********************************************************************/
+
+NTSTATUS pdb_nop_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
+ DOM_SID sid)
+{
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+NTSTATUS pdb_nop_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
+ gid_t gid)
+{
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+NTSTATUS pdb_nop_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
+ const char *name)
+{
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+NTSTATUS pdb_nop_add_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+NTSTATUS pdb_nop_update_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+NTSTATUS pdb_nop_delete_group_mapping_entry(struct pdb_methods *methods,
+ DOM_SID sid)
+{
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+NTSTATUS pdb_nop_enum_group_mapping(struct pdb_methods *methods,
+ enum SID_NAME_USE sid_name_use,
+ GROUP_MAP **rmap, size_t *num_entries,
+ BOOL unix_only)
+{
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+/****************************************************************************
+ These need to be redirected through pdb_interface.c
+****************************************************************************/
+BOOL pdb_get_dom_grp_info(const DOM_SID *sid, struct acct_info *info)
+{
+ GROUP_MAP map;
+ BOOL res;
+
+ become_root();
+ res = get_domain_group_from_sid(*sid, &map);
+ unbecome_root();
+
+ if (!res)
+ return False;
+
+ fstrcpy(info->acct_name, map.nt_name);
+ fstrcpy(info->acct_desc, map.comment);
+ sid_peek_rid(sid, &info->rid);
+ return True;
+}
+
+BOOL pdb_set_dom_grp_info(const DOM_SID *sid, const struct acct_info *info)
+{
+ GROUP_MAP map;
+
+ if (!get_domain_group_from_sid(*sid, &map))
+ return False;
+
+ fstrcpy(map.nt_name, info->acct_name);
+ fstrcpy(map.comment, info->acct_desc);
+
+ return NT_STATUS_IS_OK(pdb_update_group_mapping_entry(&map));
+}
+
/********************************************************************
Really just intended to be called by smbd
********************************************************************/
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index d8d0a54c3c..35bb93aa31 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -244,7 +244,7 @@ struct pdb_search {
* enum SID_NAME_USE rather than uint32.
*/
-#define PASSDB_INTERFACE_VERSION 15
+#define PASSDB_INTERFACE_VERSION 14
struct pdb_methods
{
@@ -277,8 +277,7 @@ struct pdb_methods
NTSTATUS (*update_login_attempts)(struct pdb_methods *methods, struct samu *sam_acct, BOOL success);
- NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map,
- const DOM_SID *sid);
+ NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map, DOM_SID sid);
NTSTATUS (*getgrgid)(struct pdb_methods *methods, GROUP_MAP *map, gid_t gid);
@@ -329,6 +328,9 @@ struct pdb_methods
TALLOC_CTX *mem_ctx,
uint32 group_rid, uint32 member_rid);
+ NTSTATUS (*find_alias)(struct pdb_methods *methods,
+ const char *name, DOM_SID *sid);
+
NTSTATUS (*create_alias)(struct pdb_methods *methods,
const char *name, uint32 *rid);
diff --git a/source3/include/smb.h b/source3/include/smb.h
index c80c029f3e..1a55bef428 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -1853,9 +1853,4 @@ enum usershare_err {
/* Different reasons for closing a file. */
enum file_close_type {NORMAL_CLOSE=0,SHUTDOWN_CLOSE,ERROR_CLOSE};
-struct tdb_keyed_iterator {
- struct tdb_context *tdb;
- TDB_DATA key;
-};
-
#endif /* _SMB_H */
diff --git a/source3/lib/talloc.c b/source3/lib/talloc.c
index 35c4ddaf31..0e223e8bbe 100644
--- a/source3/lib/talloc.c
+++ b/source3/lib/talloc.c
@@ -1136,46 +1136,6 @@ char *talloc_asprintf(const void *t, const char *fmt, ...)
return ret;
}
-int talloc_vasprintf_len(const void *t, char **res, const char *fmt,
- va_list ap)
-{
- int len;
- va_list ap2;
- char c;
-
- VA_COPY(ap2, ap);
-
- /* this call looks strange, but it makes it work on older solaris boxes */
- if ((len = vsnprintf(&c, 1, fmt, ap2)) < 0) {
- return len;
- }
-
- *res = (char *)_talloc(t, len+1);
- if (*res) {
- VA_COPY(ap2, ap);
- vsnprintf(*res, len+1, fmt, ap2);
- talloc_set_name_const(*res, *res);
- }
-
- return len;
-}
-
-
-/*
- Perform string formatting, and return a pointer to newly allocated
- memory holding the result, inside a memory pool.
- */
-int talloc_asprintf_len(const void *t, char **res, const char *fmt, ...)
-{
- va_list ap;
- int len;
-
- va_start(ap, fmt);
- len = talloc_vasprintf_len(t, res, fmt, ap);
- va_end(ap);
- return len;
-}
-
/**
* Realloc @p s to append the formatted result of @p fmt and @p ap,
diff --git a/source3/lib/tdb_multikey.c b/source3/lib/tdb_multikey.c
deleted file mode 100644
index 7a4c8e1d5c..0000000000
--- a/source3/lib/tdb_multikey.c
+++ /dev/null
@@ -1,588 +0,0 @@
-/*
- * Unix SMB/CIFS implementation.
- * TDB multi-key wrapper
- * Copyright (C) Volker Lendecke 2006
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "includes.h"
-
-static struct { enum TDB_ERROR t; NTSTATUS n; } tdb_to_ntstatus_map[] = {
- { TDB_ERR_CORRUPT, NT_STATUS_INTERNAL_DB_CORRUPTION },
- { TDB_ERR_IO, NT_STATUS_UNEXPECTED_IO_ERROR },
- { TDB_ERR_LOCK, NT_STATUS_FILE_LOCK_CONFLICT },
- { TDB_ERR_OOM, NT_STATUS_NO_MEMORY },
- { TDB_ERR_EXISTS, NT_STATUS_OBJECTID_EXISTS },
- { TDB_ERR_NOLOCK, NT_STATUS_NOT_LOCKED },
- { TDB_ERR_LOCK_TIMEOUT, NT_STATUS_IO_TIMEOUT },
- { TDB_ERR_NOEXIST, NT_STATUS_NOT_FOUND },
- { TDB_ERR_EINVAL, NT_STATUS_INVALID_PARAMETER },
- { TDB_ERR_RDONLY, NT_STATUS_ACCESS_DENIED },
- { 0, NT_STATUS_OK },
-};
-
-NTSTATUS map_ntstatus_from_tdb(struct tdb_context *t)
-{
- enum TDB_ERROR err = tdb_error(t);
- int i = 0;
-
- while (tdb_to_ntstatus_map[i].t != 0) {
- if (tdb_to_ntstatus_map[i].t == err) {
- return tdb_to_ntstatus_map[i].n;
- }
- i += 1;
- }
-
- return NT_STATUS_INTERNAL_ERROR;
-}
-
-#define KEY_VERSION (1)
-#define PRIMARY_KEY_LENGTH (24)
-
-/*
- * Check that the keying version is acceptable. Change operations are very
- * expensive under transactions anyway, so we do this upon every change to
- * avoid damage when someone changes the key format while we have the db open.
- *
- * To be called only within a transaction, we don't do locking here.
- */
-
-static BOOL tdb_check_keyversion(struct tdb_context *tdb)
-{
- const char *versionkey = "KEYVERSION";
- TDB_DATA key, data;
- NTSTATUS status;
- unsigned long version;
- char *endptr;
-
- key.dptr = CONST_DISCARD(char *, versionkey);
- key.dsize = strlen(versionkey)+1;
-
- data = tdb_fetch(tdb, key);
- if (data.dptr == NULL) {
- char *vstr;
- int res;
-
- asprintf(&vstr, "%d", KEY_VERSION);
- if (vstr == NULL) {
- DEBUG(0, ("asprintf failed\n"));
- return False;
- }
- data.dptr = vstr;
- data.dsize = strlen(vstr)+1;
-
- res = tdb_store(tdb, key, data, TDB_INSERT);
- SAFE_FREE(vstr);
-
- if (res < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("Could not store key: %s\n",
- nt_errstr(status)));
- return False;
- }
-
- return True;
- }
-
- /*
- * We have a key, check it
- */
-
- SMB_ASSERT(data.dsize > 0);
- if (data.dptr[data.dsize-1] != '\0') {
- DEBUG(1, ("Key field not NUL terminated\n"));
- SAFE_FREE(data.dptr);
- return False;
- }
-
- version = strtoul(data.dptr, &endptr, 10);
- if (endptr != data.dptr+data.dsize-1) {
- DEBUG(1, ("Invalid version string\n"));
- SAFE_FREE(data.dptr);
- return False;
- }
- SAFE_FREE(data.dptr);
-
- if (version != KEY_VERSION) {
- DEBUG(1, ("Wrong key version: %ld, expected %d\n",
- version, KEY_VERSION));
- return False;
- }
-
- return True;
-}
-
-/*
- * Find a record according to a key and value expected in that key. The
- * primary_key is returned for later reference in tdb_idx_update or
- * tdb_idx_delete.
- */
-
-NTSTATUS tdb_find_keyed(TALLOC_CTX *ctx, struct tdb_context *tdb,
- int keynumber, const char *value,
- TDB_DATA *result, char **primary_key)
-{
- TDB_DATA key, prim, data;
- NTSTATUS status;
-
- prim.dptr = data.dptr = NULL;
-
- key.dsize = talloc_asprintf_len(ctx, &key.dptr, "KEY/%d/%s", keynumber,
- value);
- if (key.dptr == NULL) {
- DEBUG(0, ("talloc_asprintf failed\n"));
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
- key.dsize += 1;
-
- prim = tdb_fetch(tdb, key);
- if (prim.dptr == NULL) {
- status = NT_STATUS_NOT_FOUND;
- goto fail;
- }
-
- data = tdb_fetch(tdb, prim);
- if (data.dptr == NULL) {
- DEBUG(1, ("Did not find record %s for key %s\n",
- prim.dptr, key.dptr));
- status = NT_STATUS_NOT_FOUND;
- goto fail;
- }
-
- if (primary_key != NULL) {
- *primary_key = talloc_strndup(ctx, prim.dptr, prim.dsize);
- if (*primary_key == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
- }
-
- /*
- * The following copy will be removed when tdb_fetch takes a
- * TALLOC_CTX as parameter.
- */
-
- result->dptr = (char *)talloc_memdup(ctx, data.dptr, data.dsize);
- if (result->dptr == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
- result->dsize = data.dsize;
-
- status = NT_STATUS_OK;
-
- fail:
- TALLOC_FREE(key.dptr);
- SAFE_FREE(prim.dptr);
- SAFE_FREE(data.dptr);
- return status;
-}
-
-/*
- * Store all the key entries for a data entry. Best called within a tdb
- * transaction.
- */
-
-static NTSTATUS set_keys(struct tdb_context *tdb,
- char **(*getkeys)(TALLOC_CTX *mem_ctx, TDB_DATA data,
- void *private_data),
- TDB_DATA primary_key, TDB_DATA user_data,
- void *private_data)
-{
- int i;
- char **keys = getkeys(NULL, user_data, private_data);
-
- if (keys == NULL) {
- DEBUG(5, ("Could not get keys\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- for (i=0; keys[i] != NULL; i++) {
- NTSTATUS status;
- TDB_DATA key;
-
- key.dsize = talloc_asprintf_len(keys, &key.dptr, "KEY/%d/%s",
- i, keys[i]);
- if (key.dptr == NULL) {
- DEBUG(0, ("talloc_asprintf failed\n"));
- TALLOC_FREE(keys);
- return NT_STATUS_NO_MEMORY;
- }
- key.dsize += 1;
-
- if (tdb_store(tdb, key, primary_key, TDB_INSERT) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("Could not store key %d: %s\n", i,
- nt_errstr(status)));
- TALLOC_FREE(keys);
- return status;
- }
- }
-
- TALLOC_FREE(keys);
- return NT_STATUS_OK;
-}
-
-/*
- * Delete all the key entries for a data entry. Best called within a tdb
- * transaction.
- */
-
-static NTSTATUS del_keys(struct tdb_context *tdb,
- char **(*getkeys)(TALLOC_CTX *mem_ctx, TDB_DATA data,
- void *private_data),
- TDB_DATA primary_key, void *private_data)
-{
- TDB_DATA data;
- int i;
- char **keys;
-
- /*
- * We need the data record to be able to fetch all the keys, so pull
- * the user data
- */
-
- data = tdb_fetch(tdb, primary_key);
- if (data.dptr == NULL) {
- DEBUG(5, ("Could not find record for key %s\n",
- primary_key.dptr));
- return NT_STATUS_NOT_FOUND;
- }
-
- keys = getkeys(NULL, data, private_data);
- if (keys == NULL) {
- DEBUG(5, ("Could not get keys\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- SAFE_FREE(data.dptr);
-
- for (i=0; keys[i] != NULL; i++) {
- NTSTATUS status;
- TDB_DATA key;
-
- key.dsize = talloc_asprintf_len(keys, &key.dptr, "KEY/%d/%s",
- i, keys[i]);
- if (key.dptr == NULL) {
- DEBUG(0, ("talloc_asprintf failed\n"));
- TALLOC_FREE(keys);
- return NT_STATUS_NO_MEMORY;
- }
- key.dsize += 1;
-
- if (tdb_delete(tdb, key) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("Could not delete key %d: %s\n", i,
- nt_errstr(status)));
- TALLOC_FREE(keys);
- return status;
- }
- }
-
- TALLOC_FREE(keys);
- return NT_STATUS_OK;
-}
-
-/*
- * Generate a unique primary key
- */
-
-static TDB_DATA new_primary_key(struct tdb_context *tdb)
-{
- TDB_DATA key;
- int i;
-
- /*
- * Generate a new primary key, the for loop is for the very unlikely
- * collisions.
- */
-
- for (i=0; i<20; i++) {
- TDB_DATA data;
- asprintf(&key.dptr, "KEYPRIM/%s", generate_random_str(16));
- if (key.dptr == NULL) {
- DEBUG(0, ("talloc_asprintf failed\n"));
- return key;
- }
-
-#ifdef DEVELOPER
- SMB_ASSERT(strlen(key.dptr) == PRIMARY_KEY_LENGTH);
-#endif
- key.dsize = PRIMARY_KEY_LENGTH+1;
-
- data = tdb_fetch(tdb, key);
- if (data.dptr == NULL) {
- return key;
- }
- SAFE_FREE(key.dptr);
- SAFE_FREE(data.dptr);
- }
-
- DEBUG(0, ("Did not find a unique key string!\n"));
- key.dptr = NULL;
- key.dsize = 0;
- return key;
-}
-
-/*
- * Add a new record to the database
- */
-
-NTSTATUS tdb_add_keyed(struct tdb_context *tdb,
- char **(*getkeys)(TALLOC_CTX *mem_ctx, TDB_DATA data,
- void *private_data),
- TDB_DATA data, void *private_data)
-{
- NTSTATUS status = NT_STATUS_OK;
- TDB_DATA key;
-
- key.dptr = NULL;
-
- if (tdb_transaction_start(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("Could not start transaction: %s\n",
- nt_errstr(status)));
- return status;
- }
-
- if (!tdb_check_keyversion(tdb)) {
- status = NT_STATUS_INTERNAL_DB_CORRUPTION;
- goto fail;
- }
-
- key = new_primary_key(tdb);
- if (key.dptr == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
-
- if (tdb_store(tdb, key, data, TDB_INSERT) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("Could not store record: %s\n", nt_errstr(status)));
- goto fail;
- }
-
- status = set_keys(tdb, getkeys, key, data, private_data);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(5, ("set_keys failed: %s\n", nt_errstr(status)));
- goto fail;
- }
-
- if (tdb_transaction_commit(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("tdb_transaction_commit failed: %s\n",
- nt_errstr(status)));
- goto fail;
- }
-
- SAFE_FREE(key.dptr);
- return NT_STATUS_OK;
-
- fail:
- if (tdb_transaction_cancel(tdb) < 0) {
- smb_panic("tdb_cancel_transaction failed\n");
- }
-
- SAFE_FREE(key.dptr);
- return status;
-}
-
-/*
- * Delete a record from the database, given its primary key
- */
-
-NTSTATUS tdb_del_keyed(struct tdb_context *tdb,
- char **(*getkeys)(TALLOC_CTX *mem_ctx, TDB_DATA data,
- void *private_data),
- const char *primary_key, void *private_data)
-{
- NTSTATUS status = NT_STATUS_OK;
- TDB_DATA key;
-
- if ((primary_key == NULL) ||
- (strlen(primary_key) != PRIMARY_KEY_LENGTH) ||
- (strncmp(primary_key, "KEYPRIM/", 7) != 0)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (tdb_transaction_start(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("Could not start transaction: %s\n",
- nt_errstr(status)));
- return status;
- }
-
- if (!tdb_check_keyversion(tdb)) {
- status = NT_STATUS_INTERNAL_DB_CORRUPTION;
- goto fail;
- }
-
- key.dptr = CONST_DISCARD(char *, primary_key);
- key.dsize = PRIMARY_KEY_LENGTH+1;
-
- status = del_keys(tdb, getkeys, key, private_data);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("del_keys failed: %s\n", nt_errstr(status)));
- goto fail;
- }
-
- if (tdb_delete(tdb, key) < 0) {
- DEBUG(5, ("Could not delete record %s\n", primary_key));
- status = NT_STATUS_INTERNAL_DB_CORRUPTION;
- goto fail;
- }
-
- if (tdb_transaction_commit(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("tdb_transaction_commit failed: %s\n",
- nt_errstr(status)));
- goto fail;
- }
-
- return NT_STATUS_OK;
-
- fail:
- if (tdb_transaction_cancel(tdb) < 0) {
- smb_panic("tdb_cancel_transaction failed\n");
- }
-
- return status;
-}
-
-/*
- * Update a record that has previously been fetched and then changed.
- */
-
-NTSTATUS tdb_update_keyed(struct tdb_context *tdb, const char *primary_key,
- char **(*getkeys)(TALLOC_CTX *mem_ctx,
- TDB_DATA data, void *private_data),
- TDB_DATA data, void *private_data)
-{
- NTSTATUS status = NT_STATUS_OK;
- TDB_DATA key;
-
- if ((primary_key == NULL) ||
- (strlen(primary_key) != PRIMARY_KEY_LENGTH) ||
- (strncmp(primary_key, "KEYPRIM/", 8) != 0)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (tdb_transaction_start(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("Could not start transaction: %s\n",
- nt_errstr(status)));
- return status;
- }
-
- if (!tdb_check_keyversion(tdb)) {
- status = NT_STATUS_INTERNAL_DB_CORRUPTION;
- goto fail;
- }
-
- key.dptr = CONST_DISCARD(char *, primary_key);
- key.dsize = PRIMARY_KEY_LENGTH+1;
-
- status = del_keys(tdb, getkeys, key, private_data);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(5, ("del_keys failed: %s\n", nt_errstr(status)));
- goto fail;
- }
-
- if (tdb_store(tdb, key, data, TDB_REPLACE) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("Could not store new record: %s\n",
- nt_errstr(status)));
- goto fail;
- }
-
- status = set_keys(tdb, getkeys, key, data, private_data);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(5, ("set_keys failed: %s\n", nt_errstr(status)));
- goto fail;
- }
-
- if (tdb_transaction_commit(tdb) < 0) {
- status = map_ntstatus_from_tdb(tdb);
- DEBUG(5, ("tdb_transaction_commit failed: %s\n",
- nt_errstr(status)));
- goto fail;
- }
-
- return NT_STATUS_OK;
-
- fail:
- if (tdb_transaction_cancel(tdb) < 0) {
- smb_panic("tdb_cancel_transaction failed\n");
- }
-
- return status;
-}
-
-static int iterator_destructor(void *p)
-{
- struct tdb_keyed_iterator *i = (struct tdb_keyed_iterator *)p;
- SAFE_FREE(i->key.dptr);
- return 0;
-}
-
-struct tdb_keyed_iterator *tdb_enum_keyed(TALLOC_CTX *mem_ctx,
- struct tdb_context *tdb)
-{
- struct tdb_keyed_iterator *result = TALLOC_P(
- mem_ctx, struct tdb_keyed_iterator);
-
- if (result == NULL) {
- DEBUG(0, ("talloc failed\n"));
- return result;
- }
-
- result->tdb = tdb;
- result->key = tdb_firstkey(tdb);
- talloc_set_destructor(result, iterator_destructor);
- return result;
-}
-
-BOOL tdb_next_keyed(struct tdb_keyed_iterator *it, TDB_DATA *data)
-{
- if (it->key.dptr == NULL) {
- return False;
- }
-
- while (True) {
- TDB_DATA tmp;
-
- if ((it->key.dsize == PRIMARY_KEY_LENGTH+1) &&
- (strncmp(it->key.dptr, "KEYPRIM/", 8) == 0)) {
-
- *data = tdb_fetch(it->tdb, it->key);
-
- tmp = tdb_nextkey(it->tdb, it->key);
- SAFE_FREE(it->key.dptr);
- it->key = tmp;
-
- return (data->dptr != NULL);
- }
-
- tmp = tdb_nextkey(it->tdb, it->key);
- SAFE_FREE(it->key.dptr);
- it->key = tmp;
-
- if (it->key.dptr == NULL) {
- return False;
- }
- }
-}
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index acfccfdd26..f612cff092 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -142,7 +142,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
GROUP_MAP map;
- if (NT_STATUS_IS_OK(pdb_getgrgid(&map, grp->gr_gid))) {
+ if (pdb_getgrgid(&map, grp->gr_gid)) {
/* The hack gets worse. Handle the case where we have
* 'force group = +unixgroup' but "unixgroup" has a
* group mapping */
@@ -1352,7 +1352,7 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid)
if ((sid_check_is_in_builtin(psid) ||
sid_check_is_in_wellknown_domain(psid))) {
- if (NT_STATUS_IS_OK(pdb_getgrsid(&map, psid))) {
+ if (pdb_getgrsid(&map, *psid)) {
*pgid = map.gid;
goto done;
}
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index ab8844f599..f74b1fbe3b 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -604,7 +604,7 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid,
*/
become_root();
- ret = NT_STATUS_IS_OK(pdb_getgrnam(&map, user));
+ ret = pdb_getgrnam(&map, user);
unbecome_root();
if (!ret) {
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7bc78af36b..7f2a8f25b3 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -561,22 +561,22 @@ NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
return pdb->update_login_attempts(pdb, sam_acct, success);
}
-NTSTATUS pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid)
+BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
{
struct pdb_methods *pdb = pdb_get_methods();
- return pdb->getgrsid(pdb, map, sid);
+ return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
}
-NTSTATUS pdb_getgrgid(GROUP_MAP *map, gid_t gid)
+BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
{
struct pdb_methods *pdb = pdb_get_methods();
- return pdb->getgrgid(pdb, map, gid);
+ return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid));
}
-NTSTATUS pdb_getgrnam(GROUP_MAP *map, const char *name)
+BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
{
struct pdb_methods *pdb = pdb_get_methods();
- return pdb->getgrnam(pdb, map, name);
+ return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name));
}
static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
@@ -584,7 +584,7 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
const char *name,
uint32 *rid)
{
- GROUP_MAP map;
+ DOM_SID group_sid;
struct group *grp;
grp = getgrnam(name);
@@ -611,12 +611,10 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
}
}
- map.gid = grp->gr_gid;
- map.sid_name_use = SID_NAME_DOM_GRP;
- sid_compose(&map.sid, get_global_sam_sid(), *rid);
- fstrcpy(map.nt_name, name);
- map.comment[0] = '\0';
- return pdb_add_group_mapping_entry(&map);
+ sid_compose(&group_sid, get_global_sam_sid(), *rid);
+
+ return add_initial_entry(grp->gr_gid, sid_string_static(&group_sid),
+ SID_NAME_DOM_GRP, name, NULL);
}
NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name,
@@ -638,7 +636,7 @@ static NTSTATUS pdb_default_delete_dom_group(struct pdb_methods *methods,
sid_compose(&group_sid, get_global_sam_sid(), rid);
- if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map))) {
+ if (!get_domain_group_from_sid(group_sid, &map)) {
DEBUG(10, ("Could not find group for rid %d\n", rid));
return NT_STATUS_NO_SUCH_GROUP;
}
@@ -698,14 +696,12 @@ NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
return pdb->delete_group_mapping_entry(pdb, sid);
}
-NTSTATUS pdb_enum_group_mapping(const DOM_SID *sid,
- enum SID_NAME_USE sid_name_use,
- GROUP_MAP **pp_rmap,
- size_t *p_num_entries, BOOL unix_only)
+BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
+ size_t *p_num_entries, BOOL unix_only)
{
struct pdb_methods *pdb = pdb_get_methods();
- return pdb->enum_group_mapping(pdb, sid, sid_name_use,
- pp_rmap, p_num_entries, unix_only);
+ return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid, sid_name_use,
+ pp_rmap, p_num_entries, unix_only));
}
NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
@@ -816,7 +812,7 @@ static NTSTATUS pdb_default_add_groupmem(struct pdb_methods *methods,
sid_compose(&group_sid, get_global_sam_sid(), group_rid);
sid_compose(&member_sid, get_global_sam_sid(), member_rid);
- if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)) ||
+ if (!get_domain_group_from_sid(group_sid, &map) ||
(map.gid == (gid_t)-1) ||
((grp = getgrgid(map.gid)) == NULL)) {
return NT_STATUS_NO_SUCH_GROUP;
@@ -878,7 +874,7 @@ static NTSTATUS pdb_default_del_groupmem(struct pdb_methods *methods,
sid_compose(&group_sid, get_global_sam_sid(), group_rid);
sid_compose(&member_sid, get_global_sam_sid(), member_rid);
- if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)) ||
+ if (!get_domain_group_from_sid(group_sid, &map) ||
(map.gid == (gid_t)-1) ||
((grp = getgrgid(map.gid)) == NULL)) {
return NT_STATUS_NO_SUCH_GROUP;
@@ -924,6 +920,12 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
}
+BOOL pdb_find_alias(const char *name, DOM_SID *sid)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
+}
+
NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
{
struct pdb_methods *pdb = pdb_get_methods();
@@ -1274,7 +1276,7 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
if (sid_peek_check_rid(&global_sid_Builtin, sid, &rid)) {
/* Here we only have aliases */
GROUP_MAP map;
- if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, sid))) {
+ if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, *sid))) {
DEBUG(10, ("Could not find map for sid %s\n",
sid_string_static(sid)));
goto done;
@@ -1520,7 +1522,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
}
TALLOC_FREE(sam_account);
- ret = NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid));
+ ret = pdb_getgrsid(&map, sid);
unbecome_root();
/* END BECOME_ROOT BLOCK */
@@ -1850,9 +1852,8 @@ static BOOL pdb_search_grouptype(struct pdb_search *search,
return False;
}
- if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(sid, type, &state->groups,
- &state->num_groups,
- True))) {
+ if (!pdb_enum_group_mapping(sid, type, &state->groups, &state->num_groups,
+ True)) {
DEBUG(0, ("Could not enum groups\n"));
return False;
}
@@ -2031,6 +2032,7 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
(*methods)->set_unix_primary_group = pdb_default_set_unix_primary_group;
(*methods)->add_groupmem = pdb_default_add_groupmem;
(*methods)->del_groupmem = pdb_default_del_groupmem;
+ (*methods)->find_alias = pdb_default_find_alias;
(*methods)->create_alias = pdb_default_create_alias;
(*methods)->delete_alias = pdb_default_delete_alias;
(*methods)->get_aliasinfo = pdb_default_get_aliasinfo;
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 3e9f321ce2..afc95fe90f 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -2245,14 +2245,14 @@ static NTSTATUS ldapsam_getgroup(struct pdb_methods *methods,
*********************************************************************/
static NTSTATUS ldapsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
- const DOM_SID *sid)
+ DOM_SID sid)
{
pstring filter;
pstr_sprintf(filter, "(&(objectClass=%s)(%s=%s))",
LDAP_OBJ_GROUPMAP,
get_attr_key2string(groupmap_attr_list, LDAP_ATTR_GROUP_SID),
- sid_string_static(sid));
+ sid_string_static(&sid));
return ldapsam_getgroup(methods, filter, map);
}
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index adccc76275..41df870414 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -1730,7 +1730,7 @@ NTSTATUS _lsa_setsystemaccount(pipes_struct *p, LSA_Q_SETSYSTEMACCOUNT *q_u, LSA
if ( !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) )
return NT_STATUS_ACCESS_DENIED;
- if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &info->sid)))
+ if (!pdb_getgrsid(&map, info->sid))
return NT_STATUS_NO_SUCH_GROUP;
return pdb_update_group_mapping_entry(&map);
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index a70a49652e..31e434cbfb 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -4438,7 +4438,7 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM
}
become_root();
- ret = NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map));
+ ret = get_domain_group_from_sid(group_sid, &map);
unbecome_root();
if (!ret)
return NT_STATUS_INVALID_HANDLE;
@@ -4535,7 +4535,7 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_
}
become_root();
- result = NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map));
+ result = get_domain_group_from_sid(group_sid, &map);
unbecome_root();
if (!result)
return NT_STATUS_NO_SUCH_GROUP;
@@ -4754,7 +4754,7 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G
/* check if that group really exists */
become_root();
- ret = NT_STATUS_IS_OK(get_domain_group_from_sid(&info->sid, &map));
+ ret = get_domain_group_from_sid(info->sid, &map);
unbecome_root();
if (!ret)
return NT_STATUS_NO_SUCH_GROUP;
diff --git a/source3/script/tests/test_smbtorture_s3.sh b/source3/script/tests/test_smbtorture_s3.sh
index 2ee2584b22..842d914ecf 100755
--- a/source3/script/tests/test_smbtorture_s3.sh
+++ b/source3/script/tests/test_smbtorture_s3.sh
@@ -25,7 +25,6 @@ tests="$tests OPLOCK1 OPLOCK2 OPLOCK3"
tests="$tests DIR DIR1 TCON TCONDEV RW1 RW2 RW3"
tests="$tests OPEN XCOPY RENAME DELETE PROPERTIES W2K"
tests="$tests PIPE_NUMBER TCON2 IOCTL CHKPATH FDSESS LOCAL-SUBSTITUTE"
-tests="$tests LOCAL-MULTIKEY LOCAL-GROUPMAP"
skipped1="RANDOMIPC NEGNOWAIT NBENCH ERRMAPEXTRACT TRANS2SCAN NTTRANSSCAN"
skipped2="DENY1 DENY2 OPENATTR CASETABLE EATEST"
@@ -42,7 +41,7 @@ for t in $tests; do
fi
start=""
name="$t"
- testit "$name" $VALGRIND $SRCDIR/bin/smbtorture $ADDARGS $unc -U"$username"%"$password" -S "$CONFFILE" $t || failed=`expr $failed + 1`
+ testit "$name" $VALGRIND $SRCDIR/bin/smbtorture $ADDARGS $unc -U"$username"%"$password" $t || failed=`expr $failed + 1`
done
testok $0 $failed
diff --git a/source3/tdb/tdbutil.c b/source3/tdb/tdbutil.c
index 21d593a26a..b946f856aa 100644
--- a/source3/tdb/tdbutil.c
+++ b/source3/tdb/tdbutil.c
@@ -505,10 +505,9 @@ size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...)
return result;
}
-BOOL tdb_pack_append(void *_mem_ctx, char **buf, size_t *len,
+BOOL tdb_pack_append(TALLOC_CTX *mem_ctx, uint8 **buf, size_t *len,
const char *fmt, ...)
{
- TALLOC_CTX *mem_ctx = (void *)_mem_ctx;
va_list ap;
size_t len1, len2;
@@ -516,8 +515,13 @@ BOOL tdb_pack_append(void *_mem_ctx, char **buf, size_t *len,
len1 = tdb_pack_va(NULL, 0, fmt, ap);
va_end(ap);
- *buf = TALLOC_REALLOC_ARRAY(mem_ctx, *buf, char,
- (*len) + len1);
+ if (mem_ctx != NULL) {
+ *buf = TALLOC_REALLOC_ARRAY(mem_ctx, *buf, uint8,
+ (*len) + len1);
+ } else {
+ *buf = SMB_REALLOC_ARRAY(*buf, uint8, (*len) + len1);
+ }
+
if (*buf == NULL) {
return False;
}
diff --git a/source3/tdb/tdbutil.h b/source3/tdb/tdbutil.h
index 60107adacb..44351619f4 100644
--- a/source3/tdb/tdbutil.h
+++ b/source3/tdb/tdbutil.h
@@ -54,8 +54,6 @@ struct tdb_context *tdb_open_log(const char *name, int hash_size,
int tdb_flags, int open_flags, mode_t mode);
int tdb_unpack(char *buf, int bufsize, const char *fmt, ...);
size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...);
-BOOL tdb_pack_append(void *_mem_ctx, char **buf, size_t *len,
- const char *fmt, ...);
TDB_DATA make_tdb_data(const char *dptr, size_t dsize);
TDB_DATA string_tdb_data(const char *string);
int tdb_trans_store(struct tdb_context *tdb, TDB_DATA key, TDB_DATA dbuf,
diff --git a/source3/torture/local-groupmap.c b/source3/torture/local-groupmap.c
index 007d107e12..bd6f060e71 100644
--- a/source3/torture/local-groupmap.c
+++ b/source3/torture/local-groupmap.c
@@ -151,6 +151,8 @@ static BOOL groupmap_diff(const GROUP_MAP *m1, const GROUP_MAP *m2)
(strcmp(m1->comment, m2->comment) != 0));
}
+#undef GROUPDB_V3
+
BOOL run_local_groupmap(int dummy)
{
TALLOC_CTX *mem_ctx;
@@ -166,6 +168,7 @@ BOOL run_local_groupmap(int dummy)
return False;
}
+#ifdef GROUPDB_V3
status = create_v2_db(True);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
@@ -173,12 +176,13 @@ BOOL run_local_groupmap(int dummy)
{
GROUP_MAP map;
- if (NT_STATUS_IS_OK(pdb_getgrgid(&map, 10001))) {
+ if (pdb_getgrgid(&map, 10001)) {
d_fprintf(stderr, "(%s) upgrading an invalid group db "
"worked\n", __location__);
goto fail;
}
}
+#endif
status = create_v2_db(False);
if (!NT_STATUS_IS_OK(status)) {
@@ -187,9 +191,8 @@ BOOL run_local_groupmap(int dummy)
/* This tests upgrading the database, as well as listing */
- if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN,
- &maps, &num_maps,
- False))) {
+ if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &maps, &num_maps,
+ False)) {
d_fprintf(stderr, "(%s) pdb_enum_group_mapping failed\n",
__location__);
goto fail;
@@ -209,18 +212,16 @@ BOOL run_local_groupmap(int dummy)
string_to_sid(&sid, "S-1-5-32-545");
ZERO_STRUCT(map);
- status = pdb_getgrsid(&map, &sid);
- if (!NT_STATUS_IS_OK(status)) {
- d_fprintf(stderr, "(%s) pdb_getgrsid failed: %s\n",
- __location__, nt_errstr(status));
+ if (!pdb_getgrsid(&map, &sid)) {
+ d_fprintf(stderr, "(%s) pdb_getgrsid failed\n",
+ __location__);
goto fail;
}
ZERO_STRUCT(map1);
- status = pdb_getgrgid(&map1, map.gid);
- if (!NT_STATUS_IS_OK(status)) {
- d_fprintf(stderr, "(%s) pdb_getgrgid failed: %s\n",
- __location__, nt_errstr(status));
+ if (!pdb_getgrgid(&map1, map.gid)) {
+ d_fprintf(stderr, "(%s) pdb_getgrgid failed\n",
+ __location__);
goto fail;
}
@@ -231,10 +232,9 @@ BOOL run_local_groupmap(int dummy)
}
ZERO_STRUCT(map1);
- status = pdb_getgrnam(&map1, map.nt_name);
- if (!NT_STATUS_IS_OK(status)) {
- d_fprintf(stderr, "(%s) pdb_getgrnam failed: %s\n",
- __location__, nt_errstr(status));
+ if (!pdb_getgrnam(&map1, map.nt_name)) {
+ d_fprintf(stderr, "(%s) pdb_getgrnam failed\n",
+ __location__);
goto fail;
}
@@ -252,31 +252,34 @@ BOOL run_local_groupmap(int dummy)
GROUP_MAP map, map1;
string_to_sid(&sid, "S-1-5-32-545");
- status = pdb_getgrsid(&map, &sid);
- if (!NT_STATUS_IS_OK(status)) {
- d_fprintf(stderr, "(%s) did not find S-1-5-32-545: "
- "%s\n", __location__, nt_errstr(status));
+ if (!pdb_getgrsid(&map, &sid)) {
+ d_fprintf(stderr, "(%s) did not find S-1-5-32-545\n",
+ __location__);
goto fail;
}
status = pdb_delete_group_mapping_entry(sid);
CHECK_STATUS(status, NT_STATUS_OK);
status = pdb_delete_group_mapping_entry(sid);
+#ifdef GROUPDB_V3
CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
+#else
+ CHECK_STATUS(status, NT_STATUS_UNSUCCESSFUL);
+#endif
- if (NT_STATUS_IS_OK(pdb_getgrsid(&map1, &sid))) {
+ if (pdb_getgrsid(&map1, &sid)) {
d_fprintf(stderr, "(%s) getgrsid found deleted "
"entry\n", __location__);
goto fail;
}
- if (NT_STATUS_IS_OK(pdb_getgrgid(&map1, map.gid))) {
+ if (pdb_getgrgid(&map1, map.gid)) {
d_fprintf(stderr, "(%s) getgrgid found deleted "
"entry\n", __location__);
goto fail;
}
- if (NT_STATUS_IS_OK(pdb_getgrnam(&map1, map.nt_name))) {
+ if (pdb_getgrnam(&map1, map.nt_name)) {
d_fprintf(stderr, "(%s) getgrnam found deleted "
"entry\n", __location__);
goto fail;
@@ -292,10 +295,9 @@ BOOL run_local_groupmap(int dummy)
GROUP_MAP map, map1;
string_to_sid(&sid, "S-1-5-32-544");
- status = pdb_getgrsid(&map, &sid);
- if (!NT_STATUS_IS_OK(status)) {
- d_fprintf(stderr, "(%s) did not find S-1-5-32-544: "
- "%s\n", __location__, nt_errstr(status));
+ if (!pdb_getgrsid(&map, &sid)) {
+ d_fprintf(stderr, "(%s) did not find S-1-5-32-544\n",
+ __location__);
goto fail;
}
@@ -305,7 +307,7 @@ BOOL run_local_groupmap(int dummy)
status = pdb_update_group_mapping_entry(&map);
CHECK_STATUS(status, NT_STATUS_OK);
- if (NT_STATUS_IS_OK(pdb_getgrgid(&map1, oldgid))) {
+ if (pdb_getgrgid(&map1, oldgid)) {
d_fprintf(stderr, "(%s) getgrgid found outdated "
"entry\n", __location__);
goto fail;
@@ -315,12 +317,16 @@ BOOL run_local_groupmap(int dummy)
map.gid = 1000;
status = pdb_update_group_mapping_entry(&map);
+#ifdef GROUPDB_V3
CHECK_STATUS(status, NT_STATUS_OBJECTID_EXISTS);
- if (!NT_STATUS_IS_OK(pdb_getgrgid(&map1, 4711))) {
+ if (!pdb_getgrgid(&map1, 4711)) {
d_fprintf(stderr, "(%s) update_group changed entry "
"upon failure\n", __location__);
goto fail;
}
+#else
+ CHECK_STATUS(status, NT_STATUS_OK);
+#endif
}
ret = True;
diff --git a/source3/torture/local-multikey.c b/source3/torture/local-multikey.c
deleted file mode 100644
index 83de2f0b40..0000000000
--- a/source3/torture/local-multikey.c
+++ /dev/null
@@ -1,211 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Run some local tests on the local tdb multikey wrapper
- Copyright (C) Volker Lendecke 2006
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-static char **key_fn(TALLOC_CTX *mem_ctx, TDB_DATA data,
- void *private_data)
-{
- fstring key, value;
- char **result;
-
- result = TALLOC_ARRAY(mem_ctx, char *, 3);
- if (result == NULL) {
- return NULL;
- }
-
- if (tdb_unpack(data.dptr, data.dsize, "ff", key, value) < 0) {
- d_fprintf(stderr, "tdb_unpack failed\n");
- TALLOC_FREE(result);
- return NULL;
- }
- result[0] = talloc_strdup(result, key);
- result[1] = talloc_strdup(result, value);
- result[2] = NULL;
-
- if ((result[0] == NULL) || (result[1] == NULL)) {
- d_fprintf(stderr, "talloc_strdup failed\n");
- TALLOC_FREE(result);
- return NULL;
- }
-
- return result;
-}
-
-static NTSTATUS multikey_add(struct tdb_context *tdb, const char *key,
- const char *value)
-{
- NTSTATUS status;
- TDB_DATA data;
-
- data.dptr = NULL;
- data.dsize = 0;
-
- if (!tdb_pack_append(NULL, &data.dptr, &data.dsize,
- "ff", key, value)) {
- return NT_STATUS_NO_MEMORY;
- }
-
- status = tdb_add_keyed(tdb, key_fn, data, NULL);
- TALLOC_FREE(data.dptr);
- return status;
-}
-
-#define CHECK_STATUS(_status, _expected) do { \
- if (!NT_STATUS_EQUAL(_status, _expected)) { \
- printf("(%d) Incorrect status %s - should be %s\n", \
- __LINE__, nt_errstr(status), nt_errstr(_expected)); \
- ret = False; \
- goto fail; \
- }} while (0)
-
-#define NUM_ELEMENTS (50)
-
-BOOL run_local_multikey(int dummy)
-{
- TALLOC_CTX *mem_ctx;
- char *prim;
- const char *tdbname = "multi_key_test.tdb";
- struct tdb_context *tdb = NULL;
- NTSTATUS status;
- BOOL ret = False;
- TDB_DATA data;
- int i;
- fstring key,value;
-
- unlink(tdbname);
-
- mem_ctx = talloc_init("run_local_multikey");
- if (mem_ctx == NULL) {
- d_fprintf(stderr, "talloc_init failed\n");
- return False;
- }
-
- tdb = tdb_open(tdbname, 0, 0, O_CREAT|O_RDWR, 0644);
- if (tdb == NULL) {
- d_fprintf(stderr, "tdb_open failed: %s\n", strerror(errno));
- goto fail;
- }
-
- for (i=0; i<NUM_ELEMENTS; i++) {
- fstr_sprintf(key, "KEY%d", i);
- fstr_sprintf(value, "VAL%d", i);
-
- status = multikey_add(tdb, key, value);
- if (!NT_STATUS_IS_OK(status)) {
- d_fprintf(stderr, "tdb_add_keyed failed: %s\n",
- nt_errstr(status));
- goto fail;
- }
- }
-
- {
- struct tdb_keyed_iterator *it = tdb_enum_keyed(mem_ctx, tdb);
- if (it == NULL) {
- d_printf("tdb_enum_keyed failed\n");
- goto fail;
- }
-
- i = 0;
-
- while (tdb_next_keyed(it, &data)) {
- i += 1;
- if (i > 1000) {
- d_printf("tdb_next_keyed overrun\n");
- goto fail;
- }
- }
-
- if (i != NUM_ELEMENTS) {
- d_printf("counted %d, elements, expected %d\n",
- i, NUM_ELEMENTS);
- goto fail;
- }
- }
-
- status = multikey_add(tdb, "KEY35", "FOOO");
- CHECK_STATUS(status, NT_STATUS_OBJECTID_EXISTS);
- status = multikey_add(tdb, "KEY42", "VAL45");
- CHECK_STATUS(status, NT_STATUS_OBJECTID_EXISTS);
- status = multikey_add(tdb, "FOO", "VAL45");
- CHECK_STATUS(status, NT_STATUS_OBJECTID_EXISTS);
-
- for (i=0; i<NUM_ELEMENTS; i++) {
- fstr_sprintf(key, "KEY%d", i);
- fstr_sprintf(value, "VAL%d", i);
-
- status = tdb_find_keyed(mem_ctx, tdb, 0, key, &data, &prim);
- CHECK_STATUS(status, NT_STATUS_OK);
- status = tdb_find_keyed(mem_ctx, tdb, 1, value, &data, &prim);
- CHECK_STATUS(status, NT_STATUS_OK);
- status = tdb_find_keyed(mem_ctx, tdb, 1, key, &data, &prim);
- CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
- status = tdb_find_keyed(mem_ctx, tdb, 0, value, &data, &prim);
- CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
- }
-
- status = tdb_find_keyed(mem_ctx, tdb, 0, "FOO", &data, &prim);
- CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
- status = tdb_find_keyed(mem_ctx, tdb, 1, "BAR", &data, &prim);
- CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
-
- status = tdb_find_keyed(mem_ctx, tdb, 0, "KEY0", &data, &prim);
- CHECK_STATUS(status, NT_STATUS_OK);
-
- ZERO_STRUCT(data);
- if (tdb_pack_append(mem_ctx, &data.dptr, &data.dsize, "ff",
- "NEWKEY", "NEWVAL") < 0) {
- d_printf("tdb_pack_alloc failed\n");
- goto fail;
- }
-
- status = tdb_update_keyed(tdb, prim, key_fn, data, NULL);
- CHECK_STATUS(status, NT_STATUS_OK);
-
- status = tdb_find_keyed(mem_ctx, tdb, 0, "KEY0", &data, &prim);
- CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
- status = tdb_find_keyed(mem_ctx, tdb, 1, "VAL0", &data, &prim);
- CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
- status = tdb_find_keyed(mem_ctx, tdb, 0, "NEWKEY", &data, &prim);
- CHECK_STATUS(status, NT_STATUS_OK);
- status = tdb_find_keyed(mem_ctx, tdb, 1, "NEWVAL", &data, &prim);
- CHECK_STATUS(status, NT_STATUS_OK);
-
- status = tdb_del_keyed(tdb, key_fn, prim, NULL);
- CHECK_STATUS(status, NT_STATUS_OK);
-
- for (i=1; i<NUM_ELEMENTS; i++) {
- fstr_sprintf(key, "KEY%d", i);
- status = tdb_find_keyed(mem_ctx, tdb, 0, key, &data, &prim);
- CHECK_STATUS(status, NT_STATUS_OK);
- status = tdb_del_keyed(tdb, key_fn, prim, NULL);
- CHECK_STATUS(status, NT_STATUS_OK);
- }
-
- ret = True;
- fail:
- if (tdb != NULL) {
- tdb_close(tdb);
- }
- unlink(tdbname);
- TALLOC_FREE(mem_ctx);
- return ret;
-}
-
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 67d13068bb..5876707d62 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -4948,8 +4948,6 @@ static struct {
{"FDSESS", run_fdsesstest, 0},
{ "EATEST", run_eatest, 0},
{ "LOCAL-SUBSTITUTE", run_local_substitute, 0},
- { "LOCAL-MULTIKEY", run_local_multikey, 0},
- { "LOCAL-GROUPMAP", run_local_groupmap, 0},
{NULL, NULL, 0}};
@@ -5098,7 +5096,7 @@ static void usage(void)
fstrcpy(workgroup, lp_workgroup());
- while ((opt = getopt(argc, argv, "p:hW:U:n:N:O:o:m:Ld:Ac:ks:b:S:")) != EOF) {
+ while ((opt = getopt(argc, argv, "p:hW:U:n:N:O:o:m:Ld:Ac:ks:b:")) != EOF) {
switch (opt) {
case 'p':
port_to_use = atoi(optarg);
@@ -5106,9 +5104,6 @@ static void usage(void)
case 's':
srandom(atoi(optarg));
break;
- case 'S':
- lp_load(optarg,True,False,False,True);
- break;
case 'W':
fstrcpy(workgroup,optarg);
break;
diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c
index b95e8c65e4..df13a93de6 100644
--- a/source3/utils/net_groupmap.c
+++ b/source3/utils/net_groupmap.c
@@ -66,7 +66,7 @@ static BOOL get_sid_from_input(DOM_SID *sid, char *input)
if (StrnCaseCmp( input, "S-", 2)) {
/* Perhaps its the NT group name? */
- if (!NT_STATUS_IS_OK(pdb_getgrnam(&map, input))) {
+ if (!pdb_getgrnam(&map, input)) {
printf("NT Group %s doesn't exist in mapping DB\n", input);
return False;
} else {
@@ -153,7 +153,7 @@ static int net_groupmap_list(int argc, const char **argv)
}
/* Get the current mapping from the database */
- if(!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) {
+ if(!pdb_getgrsid(&map, sid)) {
d_fprintf(stderr, "Failure to local group SID in the database\n");
return -1;
}
@@ -163,7 +163,7 @@ static int net_groupmap_list(int argc, const char **argv)
else {
GROUP_MAP *map=NULL;
/* enumerate all group mappings */
- if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED)))
+ if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED))
return -1;
for (i=0; i<entries; i++) {
@@ -182,12 +182,18 @@ static int net_groupmap_list(int argc, const char **argv)
static int net_groupmap_add(int argc, const char **argv)
{
+ DOM_SID sid;
+ fstring ntgroup = "";
fstring unixgrp = "";
fstring string_sid = "";
fstring type = "";
+ fstring ntcomment = "";
+ enum SID_NAME_USE sid_type = SID_NAME_DOM_GRP;
uint32 rid = 0;
+ gid_t gid;
int i;
GROUP_MAP map;
+
const char *name_type;
ZERO_STRUCT(map);
@@ -213,8 +219,8 @@ static int net_groupmap_add(int argc, const char **argv)
}
}
else if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) {
- fstrcpy( map.nt_name, get_string_param( argv[i] ) );
- if ( !map.nt_name[0] ) {
+ fstrcpy( ntgroup, get_string_param( argv[i] ) );
+ if ( !ntgroup[0] ) {
d_fprintf(stderr, "must supply a name\n");
return -1;
}
@@ -224,16 +230,11 @@ static int net_groupmap_add(int argc, const char **argv)
if ( !string_sid[0] ) {
d_fprintf(stderr, "must supply a SID\n");
return -1;
- }
- if (!string_to_sid(&map.sid, string_sid)) {
- d_fprintf(stderr, "%s is not a valid SID\n",
- string_sid);
- return -1;
- }
+ }
}
else if ( !StrnCaseCmp(argv[i], "comment", strlen("comment")) ) {
- fstrcpy( map.comment, get_string_param( argv[i] ) );
- if ( !map.comment[0] ) {
+ fstrcpy( ntcomment, get_string_param( argv[i] ) );
+ if ( !ntcomment[0] ) {
d_fprintf(stderr, "must supply a comment string\n");
return -1;
}
@@ -243,17 +244,17 @@ static int net_groupmap_add(int argc, const char **argv)
switch ( type[0] ) {
case 'b':
case 'B':
- map.sid_name_use = SID_NAME_WKN_GRP;
+ sid_type = SID_NAME_WKN_GRP;
name_type = "wellknown group";
break;
case 'd':
case 'D':
- map.sid_name_use = SID_NAME_DOM_GRP;
+ sid_type = SID_NAME_DOM_GRP;
name_type = "domain group";
break;
case 'l':
case 'L':
- map.sid_name_use = SID_NAME_ALIAS;
+ sid_type = SID_NAME_ALIAS;
name_type = "alias (local) group";
break;
default:
@@ -272,13 +273,13 @@ static int net_groupmap_add(int argc, const char **argv)
return -1;
}
- if ( (map.gid = nametogid(unixgrp)) == (gid_t)-1 ) {
+ if ( (gid = nametogid(unixgrp)) == (gid_t)-1 ) {
d_fprintf(stderr, "Can't lookup UNIX group %s\n", unixgrp);
return -1;
}
{
- if (NT_STATUS_IS_OK(pdb_getgrgid(&map, map.gid))) {
+ if (pdb_getgrgid(&map, gid)) {
d_printf("Unix group %s already mapped to SID %s\n",
unixgrp, sid_string_static(&map.sid));
return -1;
@@ -288,7 +289,7 @@ static int net_groupmap_add(int argc, const char **argv)
if ( (rid == 0) && (string_sid[0] == '\0') ) {
d_printf("No rid or sid specified, choosing a RID\n");
if (pdb_rid_algorithm()) {
- rid = pdb_gid_to_group_rid(map.gid);
+ rid = pdb_gid_to_group_rid(gid);
} else {
if (!pdb_new_rid(&rid)) {
d_printf("Could not get new RID\n");
@@ -299,38 +300,39 @@ static int net_groupmap_add(int argc, const char **argv)
/* append the rid to our own domain/machine SID if we don't have a full SID */
if ( !string_sid[0] ) {
- sid_copy(&map.sid, get_global_sam_sid());
- sid_append_rid(&map.sid, rid);
+ sid_copy(&sid, get_global_sam_sid());
+ sid_append_rid(&sid, rid);
+ sid_to_string(string_sid, &sid);
}
- if (!map.comment[0]) {
- switch (map.sid_name_use) {
+ if (!ntcomment[0]) {
+ switch (sid_type) {
case SID_NAME_WKN_GRP:
- fstrcpy(map.comment, "Wellknown Unix group");
+ fstrcpy(ntcomment, "Wellknown Unix group");
break;
case SID_NAME_DOM_GRP:
- fstrcpy(map.comment, "Domain Unix group");
+ fstrcpy(ntcomment, "Domain Unix group");
break;
case SID_NAME_ALIAS:
- fstrcpy(map.comment, "Local Unix group");
+ fstrcpy(ntcomment, "Local Unix group");
break;
default:
- fstrcpy(map.comment, "Unix group");
+ fstrcpy(ntcomment, "Unix group");
break;
}
}
- if (!map.nt_name[0] )
- fstrcpy( map.nt_name, unixgrp );
-
- if (!NT_STATUS_IS_OK(pdb_add_group_mapping_entry(&map))) {
- d_fprintf(stderr, "adding entry for group %s failed!\n",
- map.nt_name);
+ if (!ntgroup[0] )
+ fstrcpy( ntgroup, unixgrp );
+
+
+ if (!NT_STATUS_IS_OK(add_initial_entry(gid, string_sid, sid_type, ntgroup, ntcomment))) {
+ d_fprintf(stderr, "adding entry for group %s failed!\n", ntgroup);
return -1;
}
d_printf("Successfully added group %s to the mapping db as a %s\n",
- map.nt_name, name_type);
+ ntgroup, name_type);
return 0;
}
@@ -417,7 +419,7 @@ static int net_groupmap_modify(int argc, const char **argv)
}
/* Get the current mapping from the database */
- if(!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) {
+ if(!pdb_getgrsid(&map, sid)) {
d_fprintf(stderr, "Failure to local group SID in the database\n");
return -1;
}
@@ -426,17 +428,16 @@ static int net_groupmap_modify(int argc, const char **argv)
* Allow changing of group type only between domain and local
* We disallow changing Builtin groups !!! (SID problem)
*/
-
if (sid_type == SID_NAME_UNKNOWN) {
d_fprintf(stderr, "Can't map to an unknown group type.\n");
return -1;
- }
+ }
if (map.sid_name_use == SID_NAME_WKN_GRP) {
d_fprintf(stderr, "You can only change between domain and local groups.\n");
return -1;
}
-
+
map.sid_name_use=sid_type;
/* Change comment if new one */
@@ -550,13 +551,13 @@ static int net_groupmap_set(int argc, const char **argv)
}
}
- have_map = NT_STATUS_IS_OK(pdb_getgrnam(&map, ntgroup));
+ have_map = pdb_getgrnam(&map, ntgroup);
if (!have_map) {
DOM_SID sid;
have_map = ( (strncmp(ntgroup, "S-", 2) == 0) &&
string_to_sid(&sid, ntgroup) &&
- NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid)) );
+ pdb_getgrsid(&map, sid) );
}
if (!have_map) {
@@ -629,8 +630,8 @@ static int net_groupmap_cleanup(int argc, const char **argv)
GROUP_MAP *map = NULL;
size_t i, entries;
- if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries,
- ENUM_ALL_MAPPED))) {
+ if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries,
+ ENUM_ALL_MAPPED)) {
d_fprintf(stderr, "Could not list group mappings\n");
return -1;
}
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c
index 7cf3bb6e1d..bbe09a3b35 100644
--- a/source3/utils/net_rpc_samsync.c
+++ b/source3/utils/net_rpc_samsync.c
@@ -588,7 +588,7 @@ static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta)
group_sid = *pdb_get_group_sid(sam_account);
- if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &group_sid))) {
+ if (!pdb_getgrsid(&map, group_sid)) {
DEBUG(0, ("Primary group of %s has no mapping!\n",
pdb_get_username(sam_account)));
} else {
@@ -630,7 +630,7 @@ static NTSTATUS fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta)
sid_append_rid(&group_sid, rid);
sid_to_string(sid_string, &group_sid);
- if (NT_STATUS_IS_OK(pdb_getgrsid(&map, &group_sid))) {
+ if (pdb_getgrsid(&map, group_sid)) {
if ( map.gid != -1 )
grp = getgrgid(map.gid);
insert = False;
@@ -689,7 +689,7 @@ static NTSTATUS fetch_group_mem_info(uint32 rid, SAM_GROUP_MEM_INFO *delta)
sid_copy(&group_sid, get_global_sam_sid());
sid_append_rid(&group_sid, rid);
- if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map))) {
+ if (!get_domain_group_from_sid(group_sid, &map)) {
DEBUG(0, ("Could not find global group %d\n", rid));
return NT_STATUS_NO_SUCH_GROUP;
}
@@ -805,6 +805,7 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta,
fstring comment;
struct group *grp = NULL;
DOM_SID alias_sid;
+ fstring sid_string;
GROUP_MAP map;
BOOL insert = True;
@@ -814,8 +815,9 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta,
/* Find out whether the group is already mapped */
sid_copy(&alias_sid, &dom_sid);
sid_append_rid(&alias_sid, rid);
+ sid_to_string(sid_string, &alias_sid);
- if (NT_STATUS_IS_OK(pdb_getgrsid(&map, &alias_sid))) {
+ if (pdb_getgrsid(&map, alias_sid)) {
grp = getgrgid(map.gid);
insert = False;
}
diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c
index 16f7b1b25b..654c9ec5b2 100644
--- a/source3/utils/net_sam.c
+++ b/source3/utils/net_sam.c
@@ -330,7 +330,7 @@ static int net_sam_set_comment(int argc, const char **argv)
return -1;
}
- if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) {
+ if (!pdb_getgrsid(&map, sid)) {
d_fprintf(stderr, "Could not load group %s\n", argv[0]);
return -1;
}
@@ -882,7 +882,7 @@ static int net_sam_provision(int argc, const char **argv)
sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS);
- if (!NT_STATUS_IS_OK(pdb_getgrsid(&gmap, &gsid))) {
+ if (!pdb_getgrsid(&gmap, gsid)) {
LDAPMod **mods = NULL;
char *dn;
char *uname;
@@ -935,7 +935,7 @@ domu_done:
sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_ADMINS);
- if (!NT_STATUS_IS_OK(pdb_getgrsid(&gmap, &gsid))) {
+ if (!pdb_getgrsid(&gmap, gsid)) {
LDAPMod **mods = NULL;
char *dn;
char *uname;
@@ -1153,7 +1153,7 @@ doma_done:
goto done;
}
- if (!NT_STATUS_IS_OK(pdb_getgrgid(&gmap, pwd->pw_gid))) {
+ if (!pdb_getgrgid(&gmap, pwd->pw_gid)) {
LDAPMod **mods = NULL;
char *dn;
char *uname;