summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/Makefile.in441
-rw-r--r--source3/auth/auth.c100
-rw-r--r--source3/auth/auth_builtin.c52
-rw-r--r--source3/auth/auth_domain.c16
-rw-r--r--source3/auth/auth_rhosts.c7
-rw-r--r--source3/auth/auth_sam.c51
-rw-r--r--source3/auth/auth_server.c5
-rw-r--r--source3/auth/auth_unix.c4
-rw-r--r--source3/auth/auth_util.c43
-rw-r--r--source3/auth/auth_winbind.c5
-rw-r--r--source3/bin/.cvsignore3
-rw-r--r--source3/change-log2
-rwxr-xr-xsource3/config.sub236
-rw-r--r--source3/configure.in188
-rw-r--r--source3/include/.cvsignore1
-rw-r--r--source3/include/auth.h4
-rw-r--r--source3/include/charset.h16
-rw-r--r--source3/include/debug.h1
-rw-r--r--source3/include/genparser.h78
-rw-r--r--source3/include/genparser_samba.h58
-rw-r--r--source3/include/gums.h240
-rw-r--r--source3/include/includes.h31
-rw-r--r--source3/include/libsmbclient.h11
-rw-r--r--source3/include/ntdomain.h3
-rw-r--r--source3/include/passdb.h8
-rw-r--r--source3/include/rpc_client_proto.h231
-rw-r--r--source3/include/rpc_lsa.h20
-rw-r--r--source3/include/rpc_misc.h16
-rw-r--r--source3/include/safe_string.h18
-rw-r--r--source3/include/sam.h238
-rw-r--r--source3/include/secrets.h4
-rw-r--r--source3/include/smb.h78
-rw-r--r--source3/include/smb_ldap.h59
-rw-r--r--source3/include/smb_macros.h9
-rw-r--r--source3/include/tdbsam2.h95
-rw-r--r--source3/include/trans2.h6
-rw-r--r--source3/include/version.h2
-rw-r--r--source3/include/vfs.h4
-rw-r--r--source3/lib/account_pol.c4
-rw-r--r--source3/lib/charcnv.c45
-rw-r--r--source3/lib/domain_namemap.c1317
-rw-r--r--source3/lib/genparser.c786
-rw-r--r--source3/lib/genparser_samba.c200
-rw-r--r--source3/lib/iconv.c281
-rw-r--r--source3/lib/ldap.c719
-rw-r--r--source3/lib/username.c2
-rw-r--r--source3/lib/util.c18
-rw-r--r--source3/lib/util_sid.c18
-rw-r--r--source3/lib/util_str.c6
-rw-r--r--source3/lib/util_unistr.c18
-rw-r--r--source3/libads/ads_utils.c46
-rw-r--r--source3/libads/kerberos_verify.c6
-rw-r--r--source3/libads/krb5_setpw.c11
-rw-r--r--source3/libads/ldap.c66
-rw-r--r--source3/libads/ldap_utils.c10
-rw-r--r--source3/libsmb/clientgen.c15
-rw-r--r--source3/libsmb/clierror.c107
-rw-r--r--source3/libsmb/clifile.c49
-rw-r--r--source3/libsmb/clirap.c2
-rw-r--r--source3/libsmb/libsmb_cache.c8
-rw-r--r--source3/libsmb/libsmbclient.c293
-rw-r--r--source3/libsmb/netlogon_unigrp.c37
-rw-r--r--source3/libsmb/ntlmssp.c2
-rw-r--r--source3/libsmb/ntlmssp_sign.c26
-rw-r--r--source3/libsmb/smb_signing.c17
-rw-r--r--source3/libsmb/trust_passwd.c (renamed from source3/libsmb/trusts_util.c)66
-rw-r--r--source3/mainpage.dox7
-rw-r--r--source3/modules/developer.c132
-rw-r--r--source3/modules/vfs_audit.c14
-rw-r--r--source3/modules/vfs_extd_audit.c15
-rw-r--r--source3/modules/vfs_netatalk.c8
-rw-r--r--source3/modules/vfs_recycle.c223
-rw-r--r--source3/nsswitch/winbindd.c3
-rw-r--r--source3/nsswitch/winbindd.h39
-rw-r--r--source3/nsswitch/winbindd_ads.c262
-rw-r--r--source3/nsswitch/winbindd_cache.c159
-rw-r--r--source3/nsswitch/winbindd_cm.c2
-rw-r--r--source3/nsswitch/winbindd_group.c114
-rw-r--r--source3/nsswitch/winbindd_idmap.c588
-rw-r--r--source3/nsswitch/winbindd_idmap_ldap.c392
-rw-r--r--source3/nsswitch/winbindd_rpc.c150
-rw-r--r--source3/nsswitch/winbindd_user.c56
-rw-r--r--source3/nsswitch/winbindd_util.c44
-rw-r--r--source3/param/loadparm.c489
-rw-r--r--source3/passdb/pdb_get_set.c4
-rw-r--r--source3/passdb/pdb_guest.c5
-rw-r--r--source3/passdb/pdb_interface.c110
-rw-r--r--source3/passdb/pdb_ldap.c817
-rw-r--r--source3/passdb/pdb_mysql.c (renamed from source3/modules/mysql.c)76
-rw-r--r--source3/passdb/pdb_nisplus.c10
-rw-r--r--source3/passdb/pdb_plugin.c (renamed from source3/sam/sam_plugin.c)47
-rw-r--r--source3/passdb/pdb_smbpasswd.c7
-rw-r--r--source3/passdb/pdb_tdb.c20
-rw-r--r--source3/passdb/pdb_unix.c5
-rw-r--r--source3/passdb/pdb_xml.c (renamed from source3/modules/xml.c)15
-rw-r--r--source3/passdb/secrets.c88
-rw-r--r--source3/python/py_smb.c4
-rw-r--r--source3/python/py_winbind.c4
-rw-r--r--source3/rpc_client/cli_lsarpc.c56
-rw-r--r--source3/rpc_parse/parse_lsa.c135
-rw-r--r--source3/rpc_parse/parse_misc.c142
-rw-r--r--source3/rpc_parse/parse_net.c28
-rw-r--r--source3/rpc_parse/parse_sec.c18
-rw-r--r--source3/rpc_server/srv_dfs.c4
-rw-r--r--source3/rpc_server/srv_lsa.c180
-rw-r--r--source3/rpc_server/srv_lsa_nt.c139
-rw-r--r--source3/rpc_server/srv_netlog.c4
-rw-r--r--source3/rpc_server/srv_pipe.c106
-rw-r--r--source3/rpc_server/srv_reg.c4
-rw-r--r--source3/rpc_server/srv_samr.c4
-rw-r--r--source3/rpc_server/srv_samr_nt.c12
-rwxr-xr-xsource3/rpc_server/srv_spoolss.c4
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c6
-rw-r--r--source3/rpc_server/srv_srvsvc.c4
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c9
-rw-r--r--source3/rpc_server/srv_util.c2
-rw-r--r--source3/rpc_server/srv_wkssvc.c4
-rw-r--r--source3/rpcclient/cmd_lsarpc.c45
-rw-r--r--source3/sam/SAM-interface_handles.txt123
-rw-r--r--source3/sam/account.c305
-rw-r--r--source3/sam/get_set_account.c845
-rw-r--r--source3/sam/get_set_domain.c263
-rw-r--r--source3/sam/get_set_group.c106
-rw-r--r--source3/sam/group.c193
-rw-r--r--source3/sam/gumm_tdb.c1193
-rw-r--r--source3/sam/gums.c161
-rw-r--r--source3/sam/gums_api.c1470
-rw-r--r--source3/sam/gums_helper.c610
-rw-r--r--source3/sam/idmap.c193
-rw-r--r--source3/sam/idmap_tdb.c389
-rw-r--r--source3/sam/idmap_winbind.c155
-rw-r--r--source3/sam/interface.c1338
-rwxr-xr-xsource3/sam/sam_ads.c1378
-rw-r--r--source3/sam/sam_skel.c251
-rwxr-xr-xsource3/script/find_missing_doc.pl2
-rwxr-xr-xsource3/script/genstruct.pl299
-rw-r--r--source3/smbd/build_options.c12
-rw-r--r--source3/smbd/conn.c21
-rw-r--r--source3/smbd/process.c2
-rw-r--r--source3/smbd/reply.c19
-rw-r--r--source3/smbd/server.c12
-rw-r--r--source3/smbd/uid.c122
-rw-r--r--source3/smbd/vfs.c233
-rw-r--r--source3/stf/standardcheck.py4
-rw-r--r--source3/tdb/spinlock.h2
-rw-r--r--source3/tdb/tdbbackup.c10
-rw-r--r--source3/tdb/tdbutil.c151
-rw-r--r--source3/torture/cmd_sam.c514
-rw-r--r--source3/torture/denytest.c54
-rw-r--r--source3/torture/mangle_test.c18
-rw-r--r--source3/torture/masktest.c11
-rw-r--r--source3/torture/nbio.c4
-rw-r--r--source3/torture/samtest.c445
-rw-r--r--source3/torture/torture.c2300
-rw-r--r--source3/torture/utable.c51
-rw-r--r--source3/utils/editreg.c2056
-rw-r--r--source3/utils/net_ads.c11
-rw-r--r--source3/utils/testparm.c8
158 files changed, 4190 insertions, 22518 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 2896277feb..70519847f2 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -23,16 +23,12 @@ WINBIND_NSS_LDSHFLAGS=@WINBIND_NSS_LDSHFLAGS@ @LDFLAGS@ @CFLAGS@
AWK=@AWK@
DYNEXP=@DYNEXP@
PYTHON=@PYTHON@
-PERL=@PERL@
TERMLDFLAGS=@TERMLDFLAGS@
TERMLIBS=@TERMLIBS@
PRINTLIBS=@PRINTLIBS@
AUTHLIBS=@AUTHLIBS@
ACLLIBS=@ACLLIBS@
-PASSDBLIBS=@PASSDBLIBS@
-ADSLIBS=@ADSLIBS@
-KRB5LIBS=@KRB5_LIBS@
LINK=$(CC) $(FLAGS) $(LDFLAGS)
@@ -126,8 +122,7 @@ BIN_PROGS1 = bin/smbclient@EXEEXT@ bin/net@EXEEXT@ bin/smbspool@EXEEXT@ \
BIN_PROGS2 = bin/smbcontrol@EXEEXT@ bin/smbtree@EXEEXT@ bin/tdbbackup@EXEEXT@ \
bin/nmblookup@EXEEXT@ bin/pdbedit@EXEEXT@
BIN_PROGS3 = bin/smbpasswd@EXEEXT@ bin/rpcclient@EXEEXT@ bin/smbcacls@EXEEXT@ \
- bin/profiles@EXEEXT@ bin/smbgroupedit@EXEEXT@ bin/ntlm_auth@EXEEXT@ \
- bin/editreg@EXEEXT@ bin/smbcquotas@EXEEXT@
+ bin/profiles@EXEEXT@ bin/smbgroupedit@EXEEXT@ bin/ntlm_auth@EXEEXT@
TORTURE_PROGS = bin/smbtorture@EXEEXT@ bin/msgtest@EXEEXT@ \
bin/masktest@EXEEXT@ bin/locktest@EXEEXT@ \
@@ -144,12 +139,8 @@ SCRIPTS = $(srcdir)/script/smbtar $(srcdir)/script/addtosmbpass $(srcdir)/script
QUOTAOBJS=@QUOTAOBJS@
-VFS_MODULES = @VFS_MODULES@
-PDB_MODULES = @PDB_MODULES@
-RPC_MODULES = @RPC_MODULES@
-CHARSET_MODULES = @CHARSET_MODULES@
-AUTH_MODULES = @AUTH_MODULES@
-MODULES = $(VFS_MODULES) $(PDB_MODULES) $(RPC_MODULES) $(CHARSET_MODULES) $(AUTH_MODULES)
+VFS_MODULES = bin/vfs_audit.@SHLIBEXT@ bin/vfs_extd_audit.@SHLIBEXT@ bin/vfs_recycle.@SHLIBEXT@ bin/vfs_netatalk.@SHLIBEXT@
+PDB_MODULES = @MODULE_MYSQL@ @MODULE_XML@
######################################################################
# object file lists
@@ -176,8 +167,7 @@ LIB_OBJ = lib/charcnv.o lib/debug.o lib/fault.o \
nsswitch/wb_client.o nsswitch/wb_common.o \
lib/pam_errors.o intl/lang_tdb.o lib/account_pol.o \
lib/adt_tree.o lib/gencache.o $(TDB_OBJ) \
- lib/module.o lib/genparser.o lib/genparser_samba.o \
- lib/ldap_escape.o @CHARSET_STATIC@
+ lib/module.o lib/ldap_escape.o
LIB_SMBD_OBJ = lib/system_smbd.o lib/util_smbd.o
@@ -196,7 +186,7 @@ LIBADS_OBJ = libads/ldap.o libads/ldap_printer.o libads/sasl.o \
libads/krb5_setpw.o libads/ldap_user.o \
libads/ads_struct.o libads/ads_status.o \
libads/disp_sec.o libads/ads_utils.o libads/ldap_utils.o \
- libads/ads_ldap.o libads/authdata.o
+ libads/ads_ldap.o
LIBADS_SERVER_OBJ = libads/util.o libads/kerberos_verify.o
@@ -215,11 +205,9 @@ LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \
libsmb/clireadwrite.o libsmb/clilist.o libsmb/cliprint.o \
libsmb/clitrans.o libsmb/clisecdesc.o libsmb/clidgram.o \
libsmb/clistr.o libsmb/smb_signing.o \
- libsmb/cliquota.o libsmb/clifsinfo.o \
libsmb/smberr.o libsmb/credentials.o libsmb/pwd_cache.o \
libsmb/clioplock.o libsmb/errormap.o libsmb/clirap2.o \
libsmb/passchange.o libsmb/doserr.o \
- libsmb/trustdom_cache.o \
$(RPC_PARSE_OBJ1) $(LIBNTLMSSP_OBJ) $(LIBSAMBA_OBJ) $(LIBNMB_OBJ)
LIBMSRPC_OBJ = rpc_client/cli_lsarpc.o rpc_client/cli_samr.o \
@@ -229,7 +217,7 @@ LIBMSRPC_OBJ = rpc_client/cli_lsarpc.o rpc_client/cli_samr.o \
rpc_client/cli_spoolss.o rpc_client/cli_spoolss_notify.o \
rpc_client/cli_ds.o rpc_client/cli_echo.o libsmb/namequery_dc.o
-LIBMSRPC_SERVER_OBJ = libsmb/trusts_util.o
+LIBMSRPC_SERVER_OBJ = libsmb/trust_passwd.o
REGOBJS_OBJ = registry/reg_objects.o
REGISTRY_OBJ = registry/reg_frontend.o registry/reg_cachehook.o registry/reg_printing.o \
@@ -249,14 +237,40 @@ RPC_SVC_OBJ = rpc_server/srv_srvsvc.o rpc_server/srv_srvsvc_nt.o
RPC_WKS_OBJ = rpc_server/srv_wkssvc.o rpc_server/srv_wkssvc_nt.o
RPC_DFS_OBJ = rpc_server/srv_dfs.o rpc_server/srv_dfs_nt.o
+
RPC_SPOOLSS_OBJ = rpc_server/srv_spoolss.o rpc_server/srv_spoolss_nt.o
+RPC_ECHO_OBJ = rpc_server/srv_echo.o rpc_server/srv_echo_nt.o
+
RPC_PIPE_OBJ = rpc_server/srv_pipe_hnd.o rpc_server/srv_util.o \
rpc_server/srv_pipe.o rpc_server/srv_lsa_hnd.o
-RPC_ECHO_OBJ = rpc_server/srv_echo.o rpc_server/srv_echo_nt.o
-
-RPC_SERVER_OBJ = @RPC_STATIC@ $(RPC_PIPE_OBJ)
+# These are like they are to avoid a dependency on GNU MAKE
+@LSA_DYNAMIC_YES@RPC_MODULES1 = bin/librpc_lsarpc.@SHLIBEXT@
+@NETLOG_DYNAMIC_YES@RPC_MODULES2 = bin/librpc_NETLOGON.@SHLIBEXT@
+@SAMR_DYNAMIC_YES@RPC_MODULES3 = bin/librpc_samr.@SHLIBEXT@
+@SVC_DYNAMIC_YES@RPC_MODULES4 = bin/librpc_srvsvc.@SHLIBEXT@
+@WKS_DYNAMIC_YES@RPC_MODULES5 = bin/librpc_wkssvc.@SHLIBEXT@
+@REG_DYNAMIC_YES@RPC_MODULES6 = bin/librpc_winreg.@SHLIBEXT@
+@SPOOLSS_DYNAMIC_YES@RPC_MODULES7 = bin/librpc_spoolss.@SHLIBEXT@
+@DFS_DYNAMIC_YES@RPC_MODULES8 = bin/librpc_netdfs.@SHLIBEXT@
+@ECHO_DYNAMIC_YES@RPC_MODULES9 = bin/librpc_echo.@SHLIBEXT@
+RPC_MODULES = $(RPC_MODULES1) $(RPC_MODULES2) $(RPC_MODULES3) $(RPC_MODULES4) \
+ $(RPC_MODULES5) $(RPC_MODULES6) $(RPC_MODULES7) $(RPC_MODULES8) \
+ $(RPC_MODULES9)
+
+@LSA_DYNAMIC_NO@RPC_PIPE_OBJ1 = $(RPC_LSA_OBJ)
+@NETLOG_DYNAMIC_NO@RPC_PIPE_OBJ2 = $(RPC_NETLOG_OBJ)
+@SAMR_DYNAMIC_NO@RPC_PIPE_OBJ3 = $(RPC_SAMR_OBJ)
+@SVC_DYNAMIC_NO@RPC_PIPE_OBJ4 = $(RPC_SVC_OBJ)
+@WKS_DYNAMIC_NO@RPC_PIPE_OBJ5 = $(RPC_WKS_OBJ)
+@REG_DYNAMIC_NO@RPC_PIPE_OBJ6 = $(RPC_REG_OBJ)
+@SPOOLSS_DYNAMIC_NO@RPC_PIPE_OBJ7 = $(RPC_SPOOLSS_OBJ)
+@DFS_DYNAMIC_NO@RPC_PIPE_OBJ8 = $(RPC_DFS_OBJ)
+@ECHO_DYNAMIC_NO@RPC_PIPE_OBJ9 = $(RPC_ECHO_OBJ)
+RPC_SERVER_OBJ = $(RPC_PIPE_OBJ1) $(RPC_PIPE_OBJ2) $(RPC_PIPE_OBJ3) \
+ $(RPC_PIPE_OBJ4) $(RPC_PIPE_OBJ5) $(RPC_PIPE_OBJ6) $(RPC_PIPE_OBJ7) \
+ $(RPC_PIPE_OBJ8) $(RPC_PIPE_OBJ9) $(RPC_PIPE_OBJ)
# this includes only the low level parse code, not stuff
# that requires knowledge of security contexts
@@ -268,8 +282,7 @@ RPC_PARSE_OBJ = rpc_parse/parse_lsa.o rpc_parse/parse_net.o \
rpc_parse/parse_samr.o rpc_parse/parse_srv.o \
rpc_parse/parse_wks.o rpc_parse/parse_ds.o \
rpc_parse/parse_spoolss.o rpc_parse/parse_dfs.o \
- rpc_parse/parse_echo.o \
- $(REGOBJS_OBJ)
+ rpc_parse/parse_echo.o $(REGOBJS_OBJ)
RPC_CLIENT_OBJ = rpc_client/cli_pipe.o
@@ -279,52 +292,29 @@ LOCKING_OBJ = locking/locking.o locking/brlock.o locking/posix.o
PASSDB_GET_SET_OBJ = passdb/pdb_get_set.o
PASSDB_OBJ = $(PASSDB_GET_SET_OBJ) passdb/passdb.o passdb/pdb_interface.o \
- passdb/machine_sid.o passdb/util_sam_sid.o passdb/pdb_compat.o \
- passdb/privileges.o @LDAP_OBJ@ @PDB_STATIC@
+ passdb/machine_sid.o passdb/pdb_smbpasswd.o \
+ passdb/pdb_tdb.o passdb/pdb_ldap.o passdb/pdb_plugin.o \
+ passdb/pdb_unix.o passdb/pdb_guest.o passdb/util_sam_sid.o \
+ passdb/pdb_compat.o passdb/pdb_nisplus.o
-XML_OBJ = modules/xml.o
-MYSQL_OBJ = modules/mysql.o
-DEVEL_HELP_OBJ = modules/developer.o
-
-SAM_STATIC_MODULES = sam/sam_plugin.o sam/sam_skel.o sam/sam_ads.o
-
-IDMAP_OBJ = sam/idmap.o sam/idmap_tdb.o sam/idmap_winbind.o
-
-SAM_OBJ = sam/account.o sam/get_set_account.o sam/get_set_group.o \
- sam/get_set_domain.o sam/interface.o $(SAM_STATIC_MODULES)
-
-SAMTEST_OBJ = torture/samtest.o torture/cmd_sam.o $(PARAM_OBJ) $(SAM_OBJ) $(LIB_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(READLINE_OBJ) lib/util_seaccess.o $(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(GROUPDB_OBJ)
+PDB_XML_OBJ = passdb/pdb_xml.o
+PDB_MYSQL_OBJ = passdb/pdb_mysql.o
GROUPDB_OBJ = groupdb/mapping.o
PROFILE_OBJ = profile/profile.o
-PROFILES_OBJ = utils/profiles.o
-EDITREG_OBJ = utils/editreg.o lib/snprintf.o
OPLOCK_OBJ = smbd/oplock.o smbd/oplock_irix.o smbd/oplock_linux.o
NOTIFY_OBJ = smbd/notify.o smbd/notify_hash.o smbd/notify_kernel.o
-VFS_AUDIT_OBJ = modules/vfs_audit.o
-VFS_EXTD_AUDIT_OBJ = modules/vfs_extd_audit.o
-VFS_RECYCLE_OBJ = modules/vfs_recycle.o
-VFS_NETATALK_OBJ = modules/vfs_netatalk.o
-VFS_FAKE_PERMS_OBJ = modules/vfs_fake_perms.o
-
PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o
UNIGRP_OBJ = libsmb/netlogon_unigrp.o
-AUTH_BUILTIN_OBJ = auth/auth_builtin.o
-AUTH_DOMAIN_OBJ = auth/auth_domain.o
-AUTH_SAM_OBJ = auth/auth_sam.o
-AUTH_RHOSTS_OBJ = auth/auth_rhosts.o
-AUTH_SERVER_OBJ = auth/auth_server.o
-AUTH_UNIX_OBJ = auth/auth_unix.o
-AUTH_WINBIND_OBJ = auth/auth_winbind.o
-
-AUTH_OBJ = auth/auth.o @AUTH_STATIC@ auth/auth_util.o auth/auth_compat.o \
- auth/auth_ntlmssp.o \
+AUTH_OBJ = auth/auth.o auth/auth_sam.o auth/auth_server.o auth/auth_domain.o \
+ auth/auth_rhosts.o auth/auth_unix.o auth/auth_util.o auth/auth_winbind.o \
+ auth/auth_builtin.o auth/auth_compat.o auth/auth_ntlmssp.o \
$(PLAINTEXT_AUTH_OBJ) $(UNIGRP_OBJ)
MANGLE_OBJ = smbd/mangle.o smbd/mangle_hash.o smbd/mangle_map.o smbd/mangle_hash2.o
@@ -345,17 +335,16 @@ SMBD_OBJ_SRV = smbd/files.o smbd/chgpasswd.o smbd/connection.o \
printing/printfsp.o lib/util_seaccess.o \
smbd/build_options.o \
smbd/change_trust_pw.o \
- $(MANGLE_OBJ) @VFS_STATIC@
+ $(MANGLE_OBJ)
-SMBD_OBJ_BASE = $(PARAM_OBJ) $(SMBD_OBJ_SRV) $(MSDFS_OBJ) $(LIBSMB_OBJ) \
- $(RPC_SERVER_OBJ) $(RPC_PARSE_OBJ) $(SECRETS_OBJ) $(UBIQX_OBJ) \
+SMBD_OBJ_BASE = $(SMBD_OBJ_SRV) $(MSDFS_OBJ) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \
+ $(RPC_SERVER_OBJ) $(RPC_PARSE_OBJ) $(SECRETS_OBJ) \
$(LOCKING_OBJ) $(PASSDB_OBJ) $(PRINTING_OBJ) $(PROFILE_OBJ) \
$(LIB_OBJ) $(PRINTBACKEND_OBJ) $(QUOTAOBJS) $(OPLOCK_OBJ) \
$(NOTIFY_OBJ) $(GROUPDB_OBJ) $(AUTH_OBJ) \
$(LIBMSRPC_OBJ) $(LIBMSRPC_SERVER_OBJ) \
$(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(LIBADS_SERVER_OBJ) \
- $(LIB_SMBD_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) \
- $(IDMAP_OBJ)
+ $(LIB_SMBD_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ)
PRINTING_OBJ = printing/pcap.o printing/print_svid.o \
@@ -367,7 +356,8 @@ PRINTBACKEND_OBJ = printing/printing.o printing/nt_printing.o printing/notify.o
MSDFS_OBJ = msdfs/msdfs.o
-SMBD_OBJ = $(SMBD_OBJ_BASE) $(SMBD_OBJ_MAIN)
+SMBD_OBJ = $(SMBD_OBJ_MAIN) $(SMBD_OBJ_BASE)
+
NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
nmbd/nmbd_become_lmb.o nmbd/nmbd_browserdb.o \
nmbd/nmbd_browsesync.o nmbd/nmbd_elections.o \
@@ -393,8 +383,8 @@ WREPL_OBJ = $(WREPL_OBJ1) $(PARAM_OBJ) $(UBIQX_OBJ) \
SWAT_OBJ1 = web/cgi.o web/diagnose.o web/startstop.o web/statuspage.o \
web/swat.o web/neg_lang.o
-SWAT_OBJ = $(SWAT_OBJ1) $(PARAM_OBJ) $(PRINTING_OBJ) $(LIBSMB_OBJ) \
- $(LOCKING_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(KRBCLIENT_OBJ) \
+SWAT_OBJ = $(SWAT_OBJ1) $(PRINTING_OBJ) $(LIBSMB_OBJ) $(LOCKING_OBJ) \
+ $(PARAM_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(KRBCLIENT_OBJ) \
$(UBIQX_OBJ) $(LIB_OBJ) $(GROUPDB_OBJ) $(PLAINTEXT_AUTH_OBJ) \
$(POPT_LIB_OBJ)
@@ -420,15 +410,14 @@ TESTPRNS_OBJ = utils/testprns.o $(PARAM_OBJ) $(PRINTING_OBJ) $(UBIQX_OBJ) \
SMBPASSWD_OBJ = utils/smbpasswd.o $(PARAM_OBJ) $(SECRETS_OBJ) \
$(LIBSMB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ)\
- $(UBIQX_OBJ) $(LIB_OBJ) $(KRBCLIENT_OBJ) \
- $(IDMAP_OBJ)
+ $(UBIQX_OBJ) $(LIB_OBJ) $(KRBCLIENT_OBJ)
PDBEDIT_OBJ = utils/pdbedit.o $(PARAM_OBJ) $(PASSDB_OBJ) $(LIBSAMBA_OBJ) \
$(UBIQX_OBJ) $(LIB_OBJ) $(GROUPDB_OBJ) $(SECRETS_OBJ) \
- $(POPT_LIB_OBJ) $(IDMAP_OBJ)
+ $(POPT_LIB_OBJ)
SMBGROUPEDIT_OBJ = utils/smbgroupedit.o $(GROUPDB_OBJ) $(PARAM_OBJ) \
- $(LIBSAMBA_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) $(IDMAP_OBJ)
+ $(LIBSAMBA_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(UBIQX_OBJ) $(LIB_OBJ)
RPCCLIENT_OBJ1 = rpcclient/rpcclient.o rpcclient/cmd_lsarpc.o \
rpcclient/cmd_samr.o rpcclient/cmd_spoolss.o \
@@ -441,8 +430,7 @@ RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \
$(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
$(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(LIBMSRPC_OBJ) \
$(READLINE_OBJ) $(GROUPDB_OBJ) $(KRBCLIENT_OBJ) \
- $(LIBADS_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) \
- $(IDMAP_OBJ)
+ $(LIBADS_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ)
PAM_WINBIND_OBJ = nsswitch/pam_winbind.po nsswitch/wb_common.po lib/snprintf.po
@@ -459,8 +447,8 @@ SMBWRAPPER_OBJ1 = smbwrapper/wrapped.o
SMBWRAPPER_OBJ = $(SMBW_OBJ) $(SMBWRAPPER_OBJ1)
LIBSMBCLIENT_OBJ = libsmb/libsmbclient.o libsmb/libsmb_compat.o \
- libsmb/libsmb_cache.o $(PARAM_OBJ) $(LIB_OBJ) \
- $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(UBIQX_OBJ)
+ libsmb/libsmb_cache.o $(LIB_OBJ) \
+ $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) $(UBIQX_OBJ)
# This shared library is intended for linking with unit test programs
# to test Samba internals. It's called libbigballofmud.so to
@@ -468,7 +456,7 @@ LIBSMBCLIENT_OBJ = libsmb/libsmbclient.o libsmb/libsmb_compat.o \
LIBBIGBALLOFMUD_MAJOR = 0
-LIBBIGBALLOFMUD_OBJ = $(PARAM_OBJ) $(LIB_OBJ) $(UBIQX_OBJ) $(SECRETS_OBJ) \
+LIBBIGBALLOFMUD_OBJ = $(LIB_OBJ) $(UBIQX_OBJ) $(PARAM_OBJ) $(SECRETS_OBJ) \
$(LIBSMB_OBJ) $(LIBMSRPC_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_OBJ) \
$(GROUPDB_OBJ) $(KRBCLIENT_OBJ)
@@ -485,12 +473,11 @@ NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_ads_cldap.o utils/net_help.o \
utils/net_rpc_join.o utils/net_time.o utils/net_lookup.o \
utils/net_cache.o
-NET_OBJ = $(NET_OBJ1) $(PARAM_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \
+NET_OBJ = $(NET_OBJ1) $(SECRETS_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
- $(KRBCLIENT_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
+ $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
$(LIBMSRPC_OBJ) $(LIBMSRPC_SERVER_OBJ) \
- $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) $(POPT_LIB_OBJ) \
- $(IDMAP_OBJ)
+ $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) $(POPT_LIB_OBJ)
CUPS_OBJ = client/smbspool.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \
$(LIB_OBJ) $(KRBCLIENT_OBJ)
@@ -508,37 +495,38 @@ NMBLOOKUP_OBJ = utils/nmblookup.o $(PARAM_OBJ) $(UBIQX_OBJ) $(LIBNMB_OBJ) \
SMBTORTURE_OBJ1 = torture/torture.o torture/nbio.o torture/scanner.o torture/utable.o \
torture/denytest.o torture/mangle_test.o
-SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) $(PARAM_OBJ) \
- $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(UBIQX_OBJ) $(LIB_OBJ)
+SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) \
+ $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ)
-MASKTEST_OBJ = torture/masktest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
+MASKTEST_OBJ = torture/masktest.o $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) \
$(UBIQX_OBJ) $(LIB_OBJ)
-MSGTEST_OBJ = torture/msgtest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
+MSGTEST_OBJ = torture/msgtest.o $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) \
$(UBIQX_OBJ) $(LIB_OBJ)
-LOCKTEST_OBJ = torture/locktest.o $(PARAM_OBJ) $(LOCKING_OBJ) $(KRBCLIENT_OBJ) \
- $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ)
+LOCKTEST_OBJ = torture/locktest.o $(LOCKING_OBJ) $(KRBCLIENT_OBJ) $(LIBSMB_OBJ) $(PARAM_OBJ) \
+ $(UBIQX_OBJ) $(LIB_OBJ)
-NSSTEST_OBJ = torture/nsstest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
+NSSTEST_OBJ = torture/nsstest.o $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) \
$(UBIQX_OBJ) $(LIB_OBJ)
VFSTEST_OBJ = torture/cmd_vfs.o torture/vfstest.o $(SMBD_OBJ_BASE) $(READLINE_OBJ)
-LOCKTEST2_OBJ = torture/locktest2.o $(PARAM_OBJ) $(LOCKING_OBJ) $(LIBSMB_OBJ) \
- $(KRBCLIENT_OBJ) $(UBIQX_OBJ) $(LIB_OBJ)
+VFS_AUDIT_OBJ = modules/vfs_audit.o
+VFS_EXTD_AUDIT_OBJ = modules/vfs_extd_audit.o
+VFS_RECYCLE_OBJ = modules/vfs_recycle.o
+VFS_NETATALK_OBJ = modules/vfs_netatalk.o
-SMBCACLS_OBJ = utils/smbcacls.o $(PARAM_OBJ) $(LOCKING_OBJ) $(LIBSMB_OBJ) \
- $(KRBCLIENT_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) $(RPC_PARSE_OBJ) \
- $(PASSDB_GET_SET_OBJ) $(LIBMSRPC_OBJ) $(SECRETS_OBJ) \
- $(POPT_LIB_OBJ)
+LOCKTEST2_OBJ = torture/locktest2.o $(LOCKING_OBJ) $(LIBSMB_OBJ) \
+ $(KRBCLIENT_OBJ) $(PARAM_OBJ) \
+ $(UBIQX_OBJ) $(LIB_OBJ)
-SMBCQUOTAS_OBJ = utils/smbcquotas.o $(LOCKING_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
+SMBCACLS_OBJ = utils/smbcacls.o $(LOCKING_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(PARAM_OBJ) \
- $(UBIQX_OBJ) $(LIB_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_GET_SET_OBJ) \
- $(LIBMSRPC_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ)
+ $(UBIQX_OBJ) $(LIB_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_GET_SET_OBJ) \
+ $(LIBMSRPC_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ)
-TALLOCTORT_OBJ = lib/talloctort.o $(PARAM_OBJ) $(LIB_OBJ) $(UBIQX_OBJ)
+TALLOCTORT_OBJ = lib/talloctort.o $(LIB_OBJ) $(PARAM_OBJ) $(UBIQX_OBJ)
RPCTORTURE_OBJ = torture/rpctorture.o \
rpcclient/display.o \
@@ -552,7 +540,7 @@ RPCTORTURE_OBJ = torture/rpctorture.o \
DEBUG2HTML_OBJ = utils/debug2html.o ubiqx/debugparse.o
-SMBFILTER_OBJ = utils/smbfilter.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
+SMBFILTER_OBJ = utils/smbfilter.o $(LIBSMB_OBJ) $(PARAM_OBJ) \
$(UBIQX_OBJ) $(LIB_OBJ) $(KRBCLIENT_OBJ)
PROTO_OBJ = $(SMBD_OBJ_MAIN) \
@@ -567,7 +555,7 @@ PROTO_OBJ = $(SMBD_OBJ_MAIN) \
$(LIB_SMBD_OBJ) $(SAM_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) \
$(RPC_LSA_OBJ) $(RPC_NETLOG_OBJ) $(RPC_SAMR_OBJ) $(RPC_REG_OBJ) \
$(RPC_SVC_OBJ) $(RPC_WKS_OBJ) $(RPC_DFS_OBJ) $(RPC_SPOOLSS_OBJ) \
- $(IDMAP_OBJ) $(RPC_ECHO_OBJ)
+ $(RPC_ECHO_OBJ)
NSS_OBJ_0 = nsswitch/wins.o $(PARAM_OBJ) $(UBIQX_OBJ) $(LIBSMB_OBJ) \
$(LIB_OBJ) $(NSSWINS_OBJ)
@@ -591,8 +579,6 @@ WINBINDD_OBJ1 = \
nsswitch/winbindd_user.o \
nsswitch/winbindd_group.o \
nsswitch/winbindd_idmap.o \
- nsswitch/winbindd_idmap_tdb.o \
- nsswitch/winbindd_idmap_ldap.o \
nsswitch/winbindd_util.o \
nsswitch/winbindd_cache.o \
nsswitch/winbindd_pam.o \
@@ -608,8 +594,8 @@ WINBINDD_OBJ = \
$(WINBINDD_OBJ1) $(PASSDB_GET_SET_OBJ) \
$(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
$(LIBSMB_OBJ) $(LIBMSRPC_OBJ) $(RPC_PARSE_OBJ) \
- $(PROFILE_OBJ) $(UNIGRP_OBJ) $(IDMAP_OBJ) \
- $(SECRETS_OBJ) $(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) @LDAP_OBJ@
+ $(PROFILE_OBJ) $(UNIGRP_OBJ) $(POPT_LIB_OBJ) \
+ $(SECRETS_OBJ) $(LIBADS_OBJ) $(KRBCLIENT_OBJ)
WBINFO_OBJ = nsswitch/wbinfo.o libsmb/smbencrypt.o libsmb/smbdes.o $(POPT_LIB_OBJ)
@@ -627,8 +613,7 @@ NTLM_AUTH_OBJ = utils/ntlm_auth.o $(LIBNTLMSSP_OBJ) $(LIBSAMBA_OBJ) $(POPT_LIB_O
######################################################################
# now the rules...
######################################################################
-all : SHOWFLAGS proto_exists $(SBIN_PROGS) $(BIN_PROGS) $(SHLIBS) \
- $(TORTURE_PROGS) $(MODULES) @EXTRA_ALL_TARGETS@
+all : SHOWFLAGS proto_exists $(SBIN_PROGS) $(BIN_PROGS) $(SHLIBS) $(RPC_MODULES) @EXTRA_ALL_TARGETS@
pam_smbpass : SHOWFLAGS bin/pam_smbpass.@SHLIBEXT@
@@ -646,8 +631,6 @@ locktest : SHOWFLAGS bin/locktest@EXEEXT@
smbcacls : SHOWFLAGS bin/smbcacls@EXEEXT@
-smbcquotas : SHOWFLAGS bin/smbcquotas@EXEEXT@
-
locktest2 : SHOWFLAGS bin/locktest2@EXEEXT@
rpctorture : SHOWFLAGS bin/rpctorture@EXEEXT@
@@ -658,13 +641,13 @@ smbfilter : SHOWFLAGS bin/smbfilter@EXEEXT@
talloctort : SHOWFLAGS bin/talloctort@EXEEXT@
-nsswitch : SHOWFLAGS bin/winbindd@EXEEXT@ bin/wbinfo@EXEEXT@ nsswitch/@WINBIND_NSS@.@SHLIBEXT@ nsswitch/pam_winbind.@SHLIBEXT@
+nsswitch : SHOWFLAGS bin/winbindd@EXEEXT@ bin/wbinfo@EXEEXT@ nsswitch/libnss_winbind.@SHLIBEXT@ nsswitch/pam_winbind.@SHLIBEXT@
wins : SHOWFLAGS nsswitch/libnss_wins.@SHLIBEXT@
-modules: SHOWFLAGS proto_exists $(MODULES)
+modules: SHOWFLAGS proto_exists $(VFS_MODULES) $(PDB_MODULES)
-everything: all libsmbclient debug2html smbfilter talloctort
+everything: all libsmbclient debug2html smbfilter talloctort modules torture
.SUFFIXES:
.SUFFIXES: .c .o .po .po32 .lo
@@ -699,7 +682,6 @@ MAKEDIR = || exec false; \
# rebuild it's a bit hard.
dynconfig.o: dynconfig.c Makefile
- @$(MAKE) modules_clean
@echo Compiling $*.c
@$(CC) $(FLAGS) $(PATH_FLAGS) -c $< -o $@
@@ -736,49 +718,45 @@ bin/.dummy:
bin/smbd@EXEEXT@: $(SMBD_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(ADSLIBS) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \
- $(AUTHLIBS) $(ACLLIBS) $(PASSDBLIBS) $(LIBS) @POPTLIBS@
+ @$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \
+ $(AUTHLIBS) $(ACLLIBS) $(LIBS) @BUILD_POPT@
bin/nmbd@EXEEXT@: $(NMBD_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@
bin/wrepld@EXEEXT@: $(WREPL_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(WREPL_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@
+ @$(CC) $(FLAGS) -o $@ $(WREPL_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@
bin/swat@EXEEXT@: $(SWAT_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(SWAT_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \
- $(AUTHLIBS) $(LIBS) $(PASSDBLIBS) @POPTLIBS@ $(KRB5LIBS)
+ $(AUTHLIBS) $(LIBS) @BUILD_POPT@
bin/rpcclient@EXEEXT@: $(RPCCLIENT_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(PASSDBLIBS) $(RPCCLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ $(ADSLIBS)
+ @$(CC) $(FLAGS) -o $@ $(RPCCLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @BUILD_POPT@
bin/smbclient@EXEEXT@: $(CLIENT_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(CLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(CLIENT_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @BUILD_POPT@
bin/net@EXEEXT@: $(NET_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(ADSLIBS)
-
-bin/profiles@EXEEXT@: $(PROFILES_OBJ) @BUILD_POPT@ bin/.dummy
- @echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(PROFILES_OBJ) $(LDFLAGS) $(LIBS) @POPTLIBS@
+ @$(CC) $(FLAGS) -o $@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @BUILD_POPT@
-bin/editreg@EXEEXT@: $(EDITREG_OBJ) @BUILD_POPT@ bin/.dummy
+bin/profiles@EXEEXT@: utils/profiles.o @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(EDITREG_OBJ) $(LDFLAGS) $(LIBS) @POPTLIBS@
+ @$(CC) $(FLAGS) -o $@ utils/profiles.o $(LDFLAGS) $(LIBS) @BUILD_POPT@
bin/smbspool@EXEEXT@: $(CUPS_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(CUPS_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(CUPS_OBJ) $(LDFLAGS) $(LIBS)
bin/smbmount@EXEEXT@: $(MOUNT_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(MOUNT_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(MOUNT_OBJ) $(LDFLAGS) $(LIBS)
bin/smbmnt@EXEEXT@: $(MNT_OBJ) bin/.dummy
@echo Linking $@
@@ -790,47 +768,43 @@ bin/smbumount@EXEEXT@: $(UMOUNT_OBJ) bin/.dummy
bin/testparm@EXEEXT@: $(TESTPARM_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(TESTPARM_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@
+ @$(CC) $(FLAGS) -o $@ $(TESTPARM_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@
bin/testprns@EXEEXT@: $(TESTPRNS_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(TESTPRNS_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) $(LIBS)
+ @$(CC) $(FLAGS) -o $@ $(TESTPRNS_OBJ) $(LDFLAGS) $(PRINTLIBS) $(LIBS)
bin/smbstatus@EXEEXT@: $(STATUS_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(STATUS_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@
+ @$(CC) $(FLAGS) -o $@ $(STATUS_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@
bin/smbcontrol@EXEEXT@: $(SMBCONTROL_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) -DUSING_SMBCONTROL $(FLAGS) -o $@ $(SMBCONTROL_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@
+ @$(CC) -DUSING_SMBCONTROL $(FLAGS) -o $@ $(SMBCONTROL_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@
bin/smbtree@EXEEXT@: $(SMBTREE_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBTREE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(SMBTREE_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@
bin/smbpasswd@EXEEXT@: $(SMBPASSWD_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(PASSDBLIBS) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS)
bin/pdbedit@EXEEXT@: $(PDBEDIT_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(PASSDBLIBS) $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@
-
-bin/samtest@EXEEXT@: $(SAMTEST_OBJ) @BUILD_POPT@ bin/.dummy
- @echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SAMTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS) $(ADSLIBS)
+ @$(CC) $(FLAGS) -o $@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @BUILD_POPT@
bin/smbgroupedit@EXEEXT@: $(SMBGROUPEDIT_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBGROUPEDIT_OBJ) $(PASSDBLIBS) $(LDFLAGS) $(DYNEXP) $(LIBS)
+ @$(CC) $(FLAGS) -o $@ $(SMBGROUPEDIT_OBJ) $(LDFLAGS) $(LIBS)
bin/nmblookup@EXEEXT@: $(NMBLOOKUP_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(NMBLOOKUP_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@
+ @$(CC) $(FLAGS) -o $@ $(NMBLOOKUP_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@
bin/smbtorture@EXEEXT@: $(SMBTORTURE_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(LIBS)
bin/talloctort@EXEEXT@: $(TALLOCTORT_OBJ) bin/.dummy
@echo Linking $@
@@ -838,39 +812,35 @@ bin/talloctort@EXEEXT@: $(TALLOCTORT_OBJ) bin/.dummy
bin/masktest@EXEEXT@: $(MASKTEST_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(MASKTEST_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(MASKTEST_OBJ) $(LDFLAGS) $(LIBS)
bin/msgtest@EXEEXT@: $(MSGTEST_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(MSGTEST_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(MSGTEST_OBJ) $(LDFLAGS) $(LIBS)
bin/smbcacls@EXEEXT@: $(SMBCACLS_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS)
-
-bin/smbcquotas@EXEEXT@: $(SMBCQUOTAS_OBJ) @BUILD_POPT@ bin/.dummy
- @echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @BUILD_POPT@
bin/locktest@EXEEXT@: $(LOCKTEST_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(LOCKTEST_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(LOCKTEST_OBJ) $(LDFLAGS) $(LIBS)
bin/nsstest@EXEEXT@: $(NSSTEST_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(NSSTEST_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(NSSTEST_OBJ) $(LDFLAGS) $(LIBS)
bin/vfstest@EXEEXT@: $(VFSTEST_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINTLIBS) $(AUTHLIBS) $(ACLLIBS) $(LIBS) @POPTLIBS@ $(ADSLIBS)
+ @$(CC) $(FLAGS) -o $@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINTLIBS) $(AUTHLIBS) $(ACLLIBS) $(LIBS) @BUILD_POPT@
bin/locktest2@EXEEXT@: $(LOCKTEST2_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(LOCKTEST2_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(LOCKTEST2_OBJ) $(LDFLAGS) $(LIBS)
bin/rpctorture@EXEEXT@: $(RPCTORTURE_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(RPCTORTURE_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(RPCTORTURE_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS)
bin/debug2html@EXEEXT@: $(DEBUG2HTML_OBJ) bin/.dummy
@echo Linking $@
@@ -878,41 +848,39 @@ bin/debug2html@EXEEXT@: $(DEBUG2HTML_OBJ) bin/.dummy
bin/smbfilter@EXEEXT@: $(SMBFILTER_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBFILTER_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(SMBFILTER_OBJ) $(LDFLAGS) $(LIBS)
bin/smbw_sample@EXEEXT@: $(SMBW_OBJ) utils/smbw_sample.o bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBW_OBJ) utils/smbw_sample.o $(LDFLAGS) $(LIBS) $(KRB5LIBS)
+ @$(CC) $(FLAGS) -o $@ $(SMBW_OBJ) utils/smbw_sample.o $(LDFLAGS) $(LIBS)
bin/smbsh@EXEEXT@: $(SMBSH_OBJ) bin/.dummy
@echo Linking $@
- @$(CC) $(FLAGS) -o $@ $(SMBSH_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS)
+ @$(CC) $(FLAGS) -o $@ $(SMBSH_OBJ) $(LDFLAGS) $(LIBS)
bin/smbwrapper.@SHLIBEXT@: $(PICOBJS) bin/.dummy
@echo Linking shared library $@
@$(SHLD) $(LDSHFLAGS) -o $@ $(PICOBJS) $(LIBS) \
- @SONAMEFLAG@`basename $@` $(KRB5LIBS)
+ @SONAMEFLAG@`basename $@`
bin/smbwrapper.32.@SHLIBEXT@: $(PICOBJS32)
@echo Linking shared library $@
@$(SHLD) -32 $(LDSHFLAGS) -o $@ $(PICOBJS32) $(LIBS) \
- @SONAMEFLAG@`basename $@` $(KRB5LIBS)
+ @SONAMEFLAG@`basename $@`
bin/libsmbclient.@SHLIBEXT@: $(LIBSMBCLIENT_PICOBJS)
@echo Linking libsmbclient shared library $@
- @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(LIBS) \
- $(KRB5LIBS) @SONAMEFLAG@`basename $@`.$(LIBSMBCLIENT_MAJOR)
+ $(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(LIBS) \
+ @SONAMEFLAG@`basename $@`.$(LIBSMBCLIENT_MAJOR)
bin/libsmbclient.a: $(LIBSMBCLIENT_PICOBJS)
@echo Linking libsmbclient non-shared library $@
- @-$(AR) -rc $@ $(LIBSMBCLIENT_PICOBJS)
+ -$(AR) -rc $@ $(LIBSMBCLIENT_PICOBJS)
-# This is probably wrong for anything other than the GNU linker.
bin/libbigballofmud.@SHLIBEXT@: $(LIBBIGBALLOFMUD_PICOBJS)
@echo Linking bigballofmud shared library $@
- @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBBIGBALLOFMUD_PICOBJS) $(LIBS) \
- @SONAMEFLAG@`basename $@`.$(LIBBIGBALLOFMUD_MAJOR) $(PASSDBLIBS) $(ADSLIBS)
- ln -snf libbigballofmud.so bin/libbigballofmud.so.0
+ $(SHLD) $(LDSHFLAGS) -o $@ $(LIBBIGBALLOFMUD_PICOBJS) $(LIBS) \
+ @SONAMEFLAG@`basename $@`.$(LIBBIGBALLOFMUD_MAJOR)
# It would be nice to build a static bigballofmud too, but when I try
# I get linker errors about dl_open and similar things. I'm not sure
@@ -961,11 +929,6 @@ bin/librpc_netdfs.@SHLIBEXT@: $(RPC_DFS_OBJ)
@$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_DFS_OBJ) -lc \
@SONAMEFLAG@`basename $@`
-bin/librpc_echo.@SHLIBEXT@: $(RPC_ECHO_OBJ)
- @echo "Linking $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_ECHO_OBJ) -lc \
- @SONAMEFLAG@`basename $@`
-
nsswitch/libnss_wins.@SHLIBEXT@: $(NSS_OBJ)
@echo "Linking $@"
@$(SHLD) $(LDSHFLAGS) -o $@ $(NSS_OBJ) -lc \
@@ -973,8 +936,7 @@ nsswitch/libnss_wins.@SHLIBEXT@: $(NSS_OBJ)
bin/winbindd@EXEEXT@: $(WINBINDD_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
- @$(LINK) -o $@ $(WINBINDD_OBJ) $(DYNEXP) $(LIBS) @POPTLIBS@ $(ADSLIBS) \
- @LDAP_LIBS@
+ @$(LINK) -o $@ $(WINBINDD_OBJ) $(DYNEXP) $(LIBS) @BUILD_POPT@
nsswitch/@WINBIND_NSS@.@SHLIBEXT@: $(WINBIND_NSS_PICOBJS)
@echo "Linking $@"
@@ -986,117 +948,54 @@ nsswitch/pam_winbind.@SHLIBEXT@: $(PAM_WINBIND_OBJ) bin/.dummy
@$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_WINBIND_OBJ) \
@SONAMEFLAG@`basename $@` -lpam
-bin/rhosts.@SHLIBEXT@: $(AUTH_RHOSTS_OBJ)
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_RHOSTS_OBJ) @SONAMEFLAG@`basename $@`
-
-bin/builtin.@SHLIBEXT@: $(AUTH_BUILTIN_OBJ)
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_BUILTIN_OBJ) @SONAMEFLAG@`basename $@`
-
-bin/domain.@SHLIBEXT@: $(AUTH_DOMAIN_OBJ)
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_DOMAIN_OBJ) @SONAMEFLAG@`basename $@`
-
-bin/server.@SHLIBEXT@: $(AUTH_SERVER_OBJ)
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_SERVER_OBJ) @SONAMEFLAG@`basename $@`
-
-bin/winbind.@SHLIBEXT@: $(AUTH_WINBIND_OBJ)
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_WINBIND_OBJ) @SONAMEFLAG@`basename $@`
-
-bin/unix.@SHLIBEXT@: $(AUTH_UNIX_OBJ)
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_UNIX_OBJ) @SONAMEFLAG@`basename $@`
-
-bin/sam.@SHLIBEXT@: $(AUTH_SAM_OBJ)
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_SAM_OBJ) @SONAMEFLAG@`basename $@`
-
-bin/mysql.@SHLIBEXT@: $(MYSQL_OBJ)
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(MYSQL_OBJ) @MYSQL_LIBS@ \
- @SONAMEFLAG@`basename $@`
-
-bin/ldapsam.@SHLIBEXT@: passdb/pdb_ldap.o
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) @LDAP_LIBS@ -o $@ passdb/pdb_ldap.o \
- @SONAMEFLAG@`basename $@`
-
-bin/tdbsam.@SHLIBEXT@: passdb/pdb_tdb.o
+bin/pdb_mysql.@SHLIBEXT@: $(PDB_MYSQL_OBJ)
@echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ passdb/pdb_tdb.o \
+ @$(SHLD) $(LDSHFLAGS) -o $@ $(PDB_MYSQL_OBJ) @MYSQL_LIBS@ \
@SONAMEFLAG@`basename $@`
-bin/smbpasswd.@SHLIBEXT@: passdb/pdb_smbpasswd.o
+bin/pdb_xml.@SHLIBEXT@: $(PDB_XML_OBJ)
@echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ passdb/pdb_smbpasswd.o \
+ @$(SHLD) $(LDSHFLAGS) -o $@ $(PDB_XML_OBJ) @XML_LIBS@ \
@SONAMEFLAG@`basename $@`
-bin/unixsam.@SHLIBEXT@: passdb/pdb_unix.o
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ passdb/pdb_unix.o \
- @SONAMEFLAG@`basename $@`
-
-bin/nisplussam.@SHLIBEXT@: passdb/pdb_nisplus.o
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ passdb/pdb_nisplus.o \
- @SONAMEFLAG@`basename $@`
-
-bin/weird.@SHLIBEXT@: $(DEVEL_HELP_OBJ)
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(DEVEL_HELP_OBJ) \
- @SONAMEFLAG@`basename $@`
-
-bin/xml.@SHLIBEXT@: $(XML_OBJ)
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(XML_OBJ) @XML_LIBS@ \
- @SONAMEFLAG@`basename $@`
-
-bin/audit.@SHLIBEXT@: $(VFS_AUDIT_OBJ)
+bin/vfs_audit.@SHLIBEXT@: $(VFS_AUDIT_OBJ)
@echo "Building plugin $@"
@$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_AUDIT_OBJ) \
@SONAMEFLAG@`basename $@`
-bin/extd_audit.@SHLIBEXT@: $(VFS_EXTD_AUDIT_OBJ)
+bin/vfs_extd_audit.@SHLIBEXT@: $(VFS_EXTD_AUDIT_OBJ)
@echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_EXTD_AUDIT_OBJ) \
+ @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_AUDIT_OBJ) \
@SONAMEFLAG@`basename $@`
-bin/recycle.@SHLIBEXT@: $(VFS_RECYCLE_OBJ)
+bin/vfs_recycle.@SHLIBEXT@: $(VFS_RECYCLE_OBJ)
@echo "Building plugin $@"
@$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_RECYCLE_OBJ) \
@SONAMEFLAG@`basename $@`
-bin/netatalk.@SHLIBEXT@: $(VFS_NETATALK_OBJ)
+bin/vfs_netatalk.@SHLIBEXT@: $(VFS_NETATALK_OBJ)
@echo "Building plugin $@"
@$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_NETATALK_OBJ) \
@SONAMEFLAG@`basename $@`
-bin/fake_perms.@SHLIBEXT@: $(VFS_FAKE_PERMS_OBJ)
- @echo "Building plugin $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_FAKE_PERMS_OBJ) \
- @SONAMEFLAG@`basename $@`
-
bin/wbinfo@EXEEXT@: $(WBINFO_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \
$(UBIQX_OBJ) $(SECRETS_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
@$(LINK) -o $@ $(WBINFO_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \
- $(UBIQX_OBJ) $(SECRETS_OBJ) $(LIBS) @POPTLIBS@
+ $(UBIQX_OBJ) $(SECRETS_OBJ) $(LIBS) @BUILD_POPT@
bin/ntlm_auth@EXEEXT@: $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \
$(UBIQX_OBJ) @BUILD_POPT@ bin/.dummy
@echo Linking $@
@$(LINK) -o $@ $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \
- $(UBIQX_OBJ) $(LIBS) @POPTLIBS@
+ $(UBIQX_OBJ) $(LIBS) @BUILD_POPT@
bin/pam_smbpass.@SHLIBEXT@: $(PAM_SMBPASS_PICOOBJ)
@echo "Linking shared library $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_PICOOBJ) -lpam $(DYNEXP) $(LIBS) -lc
+ $(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_PICOOBJ) -lpam $(DYNEXP) $(LIBS) -lc
bin/libmsrpc.a: $(LIBMSRPC_PICOBJ)
- @-$(AR) -rc $@ $(LIBMSRPC_PICOBJ)
+ -$(AR) -rc $@ $(LIBMSRPC_PICOBJ)
bin/tdbbackup@EXEEXT@: $(TDBBACKUP_OBJ) bin/.dummy
@echo Linking $@
@@ -1110,14 +1009,12 @@ bin/t_stringoverflow@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_stringove
bin/t_doschar@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_doschar.o
$(CC) $(FLAGS) -o $@ $(LIBS) torture/t_doschar.o -L ./bin -lbigballofmud
-
bin/t_push_ucs2@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_push_ucs2.o
$(CC) $(FLAGS) -o $@ $(LIBS) torture/t_push_ucs2.o -L ./bin -lbigballofmud
-bin/t_snprintf@EXEEXT@: lib/snprintf.c
- $(CC) $(FLAGS) -o $@ -DTEST_SNPRINTF lib/snprintf.c -lm
+install: installbin installman installscripts installdat installswat
-install: installbin installman installscripts installdat installswat installmodules installclientlib
+install-everything: install installmodules
# DESTDIR is used here to prevent packagers wasting their time
# duplicating the Makefile. Remove it and you will have the privelege
@@ -1137,13 +1034,11 @@ installbin: all installdirs
@$(SHELL) $(srcdir)/script/installbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(SBINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(SBIN_PROGS)
@$(SHELL) $(srcdir)/script/installbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(BINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(BIN_PROGS)
+ @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(RPC_MODULES)
-installmodules: all modules installdirs
+installmodules: all installdirs
@$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(VFSLIBDIR) $(VFS_MODULES)
@$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(PDBLIBDIR) $(PDB_MODULES)
- @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(RPC_MODULES)
- @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(CHARSETLIBDIR) $(CHARSET_MODULES)
- @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(AUTHLIBDIR) $(AUTH_MODULES)
installscripts: installdirs
@$(SHELL) $(srcdir)/script/installscripts.sh $(INSTALLPERMS) $(DESTDIR)$(BINDIR) $(SCRIPTS)
@@ -1154,10 +1049,10 @@ installdat: installdirs
installswat: installdirs
@$(SHELL) $(srcdir)/script/installswat.sh $(DESTDIR)$(SWATDIR) $(srcdir)
-installclientlib: libsmbclient
+installclientlib:
-$(INSTALLCLIENTCMD_SH) bin/libsmbclient.@SHLIBEXT@ $(DESTDIR)${prefix}/lib
-$(INSTALLCLIENTCMD_A) bin/libsmbclient.a $(DESTDIR)${prefix}/lib
- @$(SHELL) $(srcdir)/script/installdirs.sh $(DESTDIR)${prefix}/include
+ -$(INSTALLCMD) -d $(DESTDIR)${prefix}/include
-$(INSTALLCMD) $(srcdir)/include/libsmbclient.h $(DESTDIR)${prefix}/include
# Python extensions
@@ -1219,13 +1114,11 @@ uninstallman:
uninstallbin:
@$(SHELL) $(srcdir)/script/uninstallbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(SBINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(DESTDIR)$(SBIN_PROGS)
@$(SHELL) $(srcdir)/script/uninstallbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(BINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(DESTDIR)$(BIN_PROGS)
+ @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(DESTDIR)$(RPC_MODULES)
uninstallmodules:
- @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(VFSLIBDIR) $(DESTDIR)$(VFS_MODULES)
- @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(PDBLIBDIR) $(DESTDIR)$(PDB_MODULES)
- @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(DESTDIR)$(RPC_MODULES)
- @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(CHARSETLIBDIR) $(DESTDIR)$(CHARSET_MODULES)
- @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(AUTHLIBDIR) $(DESTDIR)$(AUTH_MODULES)
+ @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(PDBLIBDIR) $(DESTDIR)$(VFS_MODULES)
+ @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(VFSLIBDIR) $(DESTDIR)$(PDB_MODULES)
uninstallscripts:
@$(SHELL) $(srcdir)/script/uninstallscripts.sh $(INSTALLPERMS) $(DESTDIR)$(BINDIR) $(SCRIPTS)
@@ -1238,10 +1131,6 @@ clean: delheaders python_clean
$(TOPFILES) $(BIN_PROGS) $(SBIN_PROGS) $(MODULES) $(TORTURE_PROGS) \
$(LIBSMBCLIENT) $(EVERYTHING_PROGS) .headers.stamp
-# This is quite ugly actually.. But we need to make
-# sure the changes to include/config.h are used.
-modules_clean:
- @-rm -f @MODULES_CLEAN@ auth/auth.o passdb/pdb_interface.o rpc_server/srv_pipe_hnd.o lib/iconv.o smbd/vfs.o
# Making this target will just make sure that the prototype files
# exist, not necessarily that they are up to date. Since they're
@@ -1249,8 +1138,7 @@ modules_clean:
# afterwards.
proto_exists: include/proto.h include/wrepld_proto.h include/build_env.h \
nsswitch/winbindd_proto.h web/swat_proto.h \
- client/client_proto.h utils/net_proto.h \
- include/tdbsam2_parse_info.h
+ client/client_proto.h utils/net_proto.h
delheaders:
@echo Removing prototype headers
@@ -1258,12 +1146,10 @@ delheaders:
@/bin/rm -f $(srcdir)/include/wrepld_proto.h $(srcdir)/nsswitch/winbindd_proto.h
@/bin/rm -f $(srcdir)/web/swat_proto.h
@/bin/rm -f $(srcdir)/client/client_proto.h $(srcdir)/utils/net_proto.h
- @/bin/rm -f $(srcdir)/include/tdbsam2_parse_info.h
@/bin/rm -f include/proto.h include/build_env.h include/wrepld_proto.h \
nsswitch/winbindd_proto.h web/swat_proto.h \
- client/client_proto.h utils/net_proto.h \
- include/tdbsam2_parse_info.h
+ client/client_proto.h utils/net_proto.h
include/proto.h:
@echo Building include/proto.h
@@ -1301,15 +1187,6 @@ utils/net_proto.h:
-h _CLIENT_PROTO_H_ utils/net_proto.h \
$(NET_OBJ1)
-include/tdbsam2_parse_info.h:
- @if test -n "$(PERL)"; then \
- cd $(srcdir) && @PERL@ -w script/genstruct.pl \
- -o include/tdbsam2_parse_info.h $(CC) -E -O2 -g \
- include/tdbsam2.h; \
- else \
- echo Unable to build $@, continuing; \
- fi
-
# "make headers" or "make proto" calls a subshell because we need to
# make sure these commands are executed in sequence even for a
# parallel make.
@@ -1321,8 +1198,7 @@ headers:
$(MAKE) nsswitch/winbindd_proto.h; \
$(MAKE) web/swat_proto.h; \
$(MAKE) client/client_proto.h; \
- $(MAKE) utils/net_proto.h; \
- $(MAKE) include/tdbsam2_parse_info.h
+ $(MAKE) utils/net_proto.h
proto: headers
@@ -1374,7 +1250,6 @@ check: check-programs
PATH="`pwd`/bin:$$PATH" \
python stf/standardcheck.py
-# These are called by the test suite and need to be built before
-# running it. For the time being we don't build all of BIN_PROGS,
-# because they're not all needed.
-check-programs: bin/t_strcmp bin/t_push_ucs2 bin/smbcontrol bin/t_snprintf
+# These are called by the test suite
+check-programs: bin/t_strcmp bin/t_push_ucs2 bin/smbcontrol
+
diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index 71e9ab0428..126a712fbd 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -23,45 +23,26 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
-static struct auth_init_function_entry *backends = NULL;
-
-BOOL smb_register_auth(const char *name, auth_init_function init, int version)
-{
- struct auth_init_function_entry *entry = backends;
-
- if(version != AUTH_INTERFACE_VERSION)
- return False;
-
- DEBUG(5,("Attempting to register auth backend %s\n", name));
-
- while(entry) {
- if (strequal(name, entry->name)) {
- DEBUG(0,("There already is an auth backend registered with the name %s!\n", name));
- return False;
- }
- entry = entry->next;
- }
-
- entry = smb_xmalloc(sizeof(struct auth_init_function_entry));
- entry->name = smb_xstrdup(name);
- entry->init = init;
-
- DLIST_ADD(backends, entry);
- DEBUG(5,("Successfully added auth backend '%s'\n", name));
- return True;
-}
-
-static struct auth_init_function_entry *auth_find_backend_entry(const char *name)
-{
- struct auth_init_function_entry *entry = backends;
-
- while(entry) {
- if (strequal(entry->name, name)) return entry;
- entry = entry->next;
- }
-
- return NULL;
-}
+/** List of various built-in authentication modules */
+
+static const struct auth_init_function_entry builtin_auth_init_functions[] = {
+ { "guest", auth_init_guest },
+ { "rhosts", auth_init_rhosts },
+ { "hostsequiv", auth_init_hostsequiv },
+ { "sam", auth_init_sam },
+ { "samstrict", auth_init_samstrict },
+ { "unix", auth_init_unix },
+ { "smbserver", auth_init_smbserver },
+ { "ntdomain", auth_init_ntdomain },
+ { "trustdomain", auth_init_trustdomain },
+ { "winbind", auth_init_winbind },
+#ifdef DEVELOPER
+ { "name_to_ntstatus", auth_init_name_to_ntstatus },
+ { "fixed_challenge", auth_init_fixed_challenge },
+#endif
+ { "plugin", auth_init_plugin },
+ { NULL, NULL}
+};
/****************************************************************************
Try to get a challenge out of the various authentication modules.
@@ -343,8 +324,8 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context,
auth_methods *list = NULL;
auth_methods *t = NULL;
auth_methods *tmp;
+ int i;
NTSTATUS nt_status;
- static BOOL initialised_static_modules = False;
if (!text_list) {
DEBUG(2,("make_auth_context_text_list: No auth method list!?\n"));
@@ -353,22 +334,15 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context,
if (!NT_STATUS_IS_OK(nt_status = make_auth_context(auth_context)))
return nt_status;
-
- /* Initialise static modules if not done so yet */
- if(!initialised_static_modules) {
- static_init_auth;
- initialised_static_modules = True;
- }
for (;*text_list; text_list++) {
- struct auth_init_function_entry *entry;
+ DEBUG(5,("make_auth_context_text_list: Attempting to find an auth method to match %s\n",
+ *text_list));
+ for (i = 0; builtin_auth_init_functions[i].name; i++) {
char *module_name = smb_xstrdup(*text_list);
char *module_params = NULL;
char *p;
- DEBUG(5,("make_auth_context_text_list: Attempting to find an auth method to match %s\n",
- *text_list));
-
p = strchr(module_name, ':');
if (p) {
*p = 0;
@@ -378,20 +352,20 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context,
trim_string(module_name, " ", " ");
- entry = auth_find_backend_entry(module_name);
-
- if(!(entry = auth_find_backend_entry(module_name)) && !smb_probe_module("auth", module_name) &&
- !(entry = auth_find_backend_entry(module_name))) {
- DEBUG(0,("make_auth_context_text_list: can't find auth method %s!\n", module_name));
- } else if (!NT_STATUS_IS_OK(entry->init(*auth_context, module_params, &t))) {
- DEBUG(0,("make_auth_context_text_list: auth method %s did not correctly init\n",
- *text_list));
- } else {
- DEBUG(5,("make_auth_context_text_list: auth method %s has a valid init\n",
- *text_list));
- DLIST_ADD_END(list, t, tmp);
+ if (strequal(builtin_auth_init_functions[i].name, module_name)) {
+ DEBUG(5,("make_auth_context_text_list: Found auth method %s (at pos %d)\n", *text_list, i));
+ if (NT_STATUS_IS_OK(builtin_auth_init_functions[i].init(*auth_context, module_params, &t))) {
+ DEBUG(5,("make_auth_context_text_list: auth method %s has a valid init\n",
+ *text_list));
+ DLIST_ADD_END(list, t, tmp);
+ } else {
+ DEBUG(0,("make_auth_context_text_list: auth method %s did not correctly init\n",
+ *text_list));
+ }
+ break;
}
SAFE_FREE(module_name);
+ }
}
(*auth_context)->auth_method_list = list;
@@ -443,7 +417,7 @@ NTSTATUS make_auth_context_subsystem(struct auth_context **auth_context)
break;
case SEC_ADS:
DEBUG(5,("Making default auth method list for security=ADS\n"));
- auth_method_list = str_list_make("guest sam winbind ntdomain", NULL);
+ auth_method_list = str_list_make("guest sam ads winbind ntdomain", NULL);
break;
default:
DEBUG(5,("Unknown auth method!\n"));
diff --git a/source3/auth/auth_builtin.c b/source3/auth/auth_builtin.c
index 509a4afba9..a19c532fc9 100644
--- a/source3/auth/auth_builtin.c
+++ b/source3/auth/auth_builtin.c
@@ -161,12 +161,50 @@ NTSTATUS auth_init_fixed_challenge(struct auth_context *auth_context, const char
return NT_STATUS_OK;
}
-int auth_builtin_init(void)
+/**
+ * Outsorce an auth module to an external loadable .so
+ *
+ * Only works on systems with dlopen() etc.
+ **/
+
+/* Plugin modules initialisation */
+
+NTSTATUS auth_init_plugin(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
{
- smb_register_auth("guest", auth_init_guest, AUTH_INTERFACE_VERSION);
-#ifdef DEVELOPER
- smb_register_auth("fixed_challenge", auth_init_fixed_challenge, AUTH_INTERFACE_VERSION);
- smb_register_auth("name_to_ntstatus", auth_init_name_to_ntstatus, AUTH_INTERFACE_VERSION);
-#endif
- return True;
+ void * dl_handle;
+ char *plugin_param, *plugin_name, *p;
+ auth_init_function plugin_init;
+
+ if (param == NULL) {
+ DEBUG(0, ("auth_init_plugin: The plugin module needs an argument!\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ plugin_name = smb_xstrdup(param);
+ p = strchr(plugin_name, ':');
+ if (p) {
+ *p = 0;
+ plugin_param = p+1;
+ trim_string(plugin_param, " ", " ");
+ } else plugin_param = NULL;
+
+ trim_string(plugin_name, " ", " ");
+
+ DEBUG(5, ("auth_init_plugin: Trying to load auth plugin %s\n", plugin_name));
+ dl_handle = sys_dlopen(plugin_name, RTLD_NOW );
+ if (!dl_handle) {
+ DEBUG(0, ("auth_init_plugin: Failed to load auth plugin %s using sys_dlopen (%s)\n",
+ plugin_name, sys_dlerror()));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ plugin_init = sys_dlsym(dl_handle, "auth_init");
+ if (!plugin_init){
+ DEBUG(0, ("Failed to find function 'auth_init' using sys_dlsym in sam plugin %s (%s)\n",
+ plugin_name, sys_dlerror()));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ DEBUG(5, ("Starting sam plugin %s with paramater %s\n", plugin_name, plugin_param?plugin_param:"(null)"));
+ return plugin_init(auth_context, plugin_param, auth_method);
}
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 7dca5914f0..534af2257d 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -24,7 +24,7 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
-extern BOOL global_machine_password_needs_changing;
+BOOL global_machine_password_needs_changing = False;
extern userdom_struct current_user_info;
@@ -175,11 +175,6 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli,
&dest_ip, 0, "IPC$", "IPC", "", "", "",0, retry);
if (!NT_STATUS_IS_OK(result)) {
- /* map to something more useful */
- if (NT_STATUS_EQUAL(result, NT_STATUS_UNSUCCESSFUL)) {
- result = NT_STATUS_NO_LOGON_SERVERS;
- }
-
release_server_mutex();
return result;
}
@@ -277,7 +272,7 @@ static NTSTATUS find_connect_dc(struct cli_state **cli,
struct in_addr dc_ip;
fstring srv_name;
- if (!rpc_find_dc(domain, srv_name, &dc_ip)) {
+ if ( !rpc_find_dc(lp_workgroup(), srv_name, &dc_ip) ) {
DEBUG(0,("find_connect_dc: Failed to find an DCs for %s\n", lp_workgroup()));
return NT_STATUS_NO_LOGON_SERVERS;
}
@@ -550,10 +545,3 @@ NTSTATUS auth_init_trustdomain(struct auth_context *auth_context, const char* pa
(*auth_method)->auth = check_trustdomain_security;
return NT_STATUS_OK;
}
-
-int auth_domain_init(void)
-{
- smb_register_auth("trustdomain", auth_init_trustdomain, AUTH_INTERFACE_VERSION);
- smb_register_auth("ntdomain", auth_init_ntdomain, AUTH_INTERFACE_VERSION);
- return True;
-}
diff --git a/source3/auth/auth_rhosts.c b/source3/auth/auth_rhosts.c
index db37193579..5451f7d930 100644
--- a/source3/auth/auth_rhosts.c
+++ b/source3/auth/auth_rhosts.c
@@ -242,10 +242,3 @@ NTSTATUS auth_init_rhosts(struct auth_context *auth_context, const char *param,
(*auth_method)->name = "rhosts";
return NT_STATUS_OK;
}
-
-int auth_rhosts_init(void)
-{
- smb_register_auth("rhosts", auth_init_rhosts, AUTH_INTERFACE_VERSION);
- smb_register_auth("hostsequiv", auth_init_hostsequiv, AUTH_INTERFACE_VERSION);
- return True;
-}
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index aa399f33e2..b309833440 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -500,8 +500,6 @@ static NTSTATUS check_samstrict_security(const struct auth_context *auth_context
unless it is one of our aliases. */
if (!is_myname(user_info->domain.str)) {
- DEBUG(7,("The requested user domain is not the local server name. [%s]\\[%s]\n",
- user_info->domain.str,user_info->internal_username.str));
return NT_STATUS_NO_SUCH_USER;
}
@@ -520,53 +518,4 @@ NTSTATUS auth_init_samstrict(struct auth_context *auth_context, const char *para
return NT_STATUS_OK;
}
-/****************************************************************************
-Check SAM security (above) but with a few extra checks if we're a DC.
-****************************************************************************/
-
-static NTSTATUS check_samstrict_dc_security(const struct auth_context *auth_context,
- void *my_private_data,
- TALLOC_CTX *mem_ctx,
- const auth_usersupplied_info *user_info,
- auth_serversupplied_info **server_info)
-{
-
- if (!user_info || !auth_context) {
- return NT_STATUS_LOGON_FAILURE;
- }
-
- /* If we are a domain member, we must not
- attempt to check the password locally,
- unless it is one of our aliases, empty
- or our domain if we are a logon server.*/
-
- if ((!is_myworkgroup(user_info->domain.str))&&
- (!is_myname(user_info->domain.str))) {
- DEBUG(7,("The requested user domain is not the local server name or our domain. [%s]\\[%s]\n",
- user_info->domain.str,user_info->internal_username.str));
- return NT_STATUS_NO_SUCH_USER;
- }
-
- return check_sam_security(auth_context, my_private_data, mem_ctx, user_info, server_info);
-}
-
-/* module initialisation */
-NTSTATUS auth_init_samstrict_dc(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
-{
- if (!make_auth_methods(auth_context, auth_method)) {
- return NT_STATUS_NO_MEMORY;
- }
-
- (*auth_method)->auth = check_samstrict_dc_security;
- (*auth_method)->name = "samstrict_dc";
- return NT_STATUS_OK;
-}
-
-int auth_sam_init(void)
-{
- smb_register_auth("samstrict_dc", auth_init_samstrict_dc, AUTH_INTERFACE_VERSION);
- smb_register_auth("samstrict", auth_init_samstrict, AUTH_INTERFACE_VERSION);
- smb_register_auth("sam", auth_init_sam, AUTH_INTERFACE_VERSION);
- return True;
-}
diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c
index a311f01dc3..5144852d3b 100644
--- a/source3/auth/auth_server.c
+++ b/source3/auth/auth_server.c
@@ -400,8 +400,3 @@ NTSTATUS auth_init_smbserver(struct auth_context *auth_context, const char* para
(*auth_method)->free_private_data = free_server_private_data;
return NT_STATUS_OK;
}
-
-int auth_server_init(void)
-{
- return smb_register_auth("smbserver", auth_init_smbserver, AUTH_INTERFACE_VERSION);
-}
diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c
index efab2046c3..4f44767a81 100644
--- a/source3/auth/auth_unix.c
+++ b/source3/auth/auth_unix.c
@@ -130,7 +130,3 @@ NTSTATUS auth_init_unix(struct auth_context *auth_context, const char* param, au
return NT_STATUS_OK;
}
-int auth_unix_init(void)
-{
- return smb_register_auth("unix", auth_init_unix, AUTH_INTERFACE_VERSION);
-}
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index ddb833a0e5..d0f1fc1e34 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -219,18 +219,35 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info,
where it doens't supply a domain for logon script
'net use' commands.
- Finally, we do this by looking up a cache of trusted domains!
+ The way I do it here is by checking if the fully
+ qualified username exists. This is rather reliant
+ on winbind, but until we have a better method this
+ will have to do
*/
domain = client_domain;
- if (is_trusted_domain(domain)) {
- return make_user_info(user_info, smb_name, internal_username,
- client_domain, domain, wksta_name,
- lm_pwd, nt_pwd, plaintext, ntlmssp_flags,
- encrypted);
- }
+ if ((smb_name) && (*smb_name)) { /* Don't do this for guests */
+ char *user = NULL;
+ if (asprintf(&user, "%s%s%s",
+ client_domain, lp_winbind_separator(),
+ smb_name) < 0) {
+ DEBUG(0, ("make_user_info_map: asprintf() failed!\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+ DEBUG(5, ("make_user_info_map: testing for user %s\n", user));
+
+ if (Get_Pwnam(user) == NULL) {
+ DEBUG(5, ("make_user_info_map: test for user %s failed\n", user));
+ domain = lp_workgroup();
+ DEBUG(5, ("make_user_info_map: trusted domain %s doesn't appear to exist, using %s\n",
+ client_domain, domain));
+ } else {
+ DEBUG(5, ("make_user_info_map: using trusted domain %s\n", domain));
+ }
+ SAFE_FREE(user);
+ }
} else {
domain = lp_workgroup();
}
@@ -869,8 +886,8 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
struct passwd *passwd;
- unid_t u_id, g_id;
- int u_type, g_type;
+ uid_t uid;
+ gid_t gid;
int n_lgroupSIDs;
DOM_SID *lgroupSIDs = NULL;
@@ -907,11 +924,9 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
domain = domain;
}
- u_type = ID_USERID;
- g_type = ID_GROUPID;
- if (NT_STATUS_IS_OK(idmap_get_id_from_sid(&u_id, &u_type, &user_sid))
- && NT_STATUS_IS_OK(idmap_get_id_from_sid(&g_id, &g_type, &group_sid))
- && ((passwd = getpwuid_alloc(u_id.uid)))) {
+ if (winbind_sid_to_uid(&uid, &user_sid)
+ && winbind_sid_to_gid(&gid, &group_sid)
+ && ((passwd = getpwuid_alloc(uid)))) {
nt_status = pdb_init_sam_pw(&sam_account, passwd);
passwd_free(&passwd);
} else {
diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c
index e2a292dd01..5e1567d3c1 100644
--- a/source3/auth/auth_winbind.c
+++ b/source3/auth/auth_winbind.c
@@ -134,8 +134,3 @@ NTSTATUS auth_init_winbind(struct auth_context *auth_context, const char *param,
(*auth_method)->auth = check_winbind_security;
return NT_STATUS_OK;
}
-
-int auth_winbind_init(void)
-{
- return smb_register_auth("winbind", auth_init_winbind, AUTH_INTERFACE_VERSION);
-}
diff --git a/source3/bin/.cvsignore b/source3/bin/.cvsignore
index 770100fd31..2ca1f67685 100644
--- a/source3/bin/.cvsignore
+++ b/source3/bin/.cvsignore
@@ -24,7 +24,6 @@ smbcacls
smbcacls
smbclient
smbcontrol
-smbcquotas
smbd
smbfilter
smbgroupedit
@@ -39,9 +38,7 @@ smbtree
smbumount
swat
t_push_ucs2
-t_snprintf
t_strcmp
-t_stringoverflow
talloctort
tdbbackup
testparm
diff --git a/source3/change-log b/source3/change-log
index 71f5012484..1f7798b541 100644
--- a/source3/change-log
+++ b/source3/change-log
@@ -2,7 +2,7 @@ SUPERCEDED Change Log for Samba
^^^^^^^^^^
Unless otherwise attributed, all changes were made by
-Andrew.Tridgell@anu.edu.au.
+Andrew.Tridgell@anu.edu.au. All bugs to samba-bugs@samba.org.
NOTE: THIS LOG IS IN CHRONOLOGICAL ORDER
diff --git a/source3/config.sub b/source3/config.sub
index 04baf3d80d..2476310dff 100755
--- a/source3/config.sub
+++ b/source3/config.sub
@@ -1,9 +1,9 @@
#! /bin/sh
# Configuration validation subroutine script.
-# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-# 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
+# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
+# Free Software Foundation, Inc.
-timestamp='2003-01-03'
+timestamp='2001-12-03'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
@@ -118,7 +118,7 @@ esac
# Here we must recognize all the valid KERNEL-OS combinations.
maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
case $maybe_os in
- nto-qnx* | linux-gnu* | freebsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*)
+ nto-qnx* | linux-gnu* | storm-chaos* | os2-emx* | windows32-*)
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
;;
@@ -227,39 +227,26 @@ case $basic_machine in
1750a | 580 \
| a29k \
| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
- | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \
- | clipper \
- | d10v | d30v | dlx | dsp16xx \
- | fr30 | frv \
+ | c4x | clipper \
+ | d10v | d30v | dsp16xx \
+ | fr30 \
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| i370 | i860 | i960 | ia64 \
- | ip2k \
| m32r | m68000 | m68k | m88k | mcore \
- | mips | mipsbe | mipseb | mipsel | mipsle \
- | mips16 \
- | mips64 | mips64el \
- | mips64vr | mips64vrel \
- | mips64orion | mips64orionel \
- | mips64vr4100 | mips64vr4100el \
- | mips64vr4300 | mips64vr4300el \
- | mips64vr5000 | mips64vr5000el \
- | mipsisa32 | mipsisa32el \
- | mipsisa32r2 | mipsisa32r2el \
- | mipsisa64 | mipsisa64el \
- | mipsisa64sb1 | mipsisa64sb1el \
- | mipsisa64sr71k | mipsisa64sr71kel \
- | mipstx39 | mipstx39el \
+ | mips16 | mips64 | mips64el | mips64orion | mips64orionel \
+ | mips64vr4100 | mips64vr4100el | mips64vr4300 \
+ | mips64vr4300el | mips64vr5000 | mips64vr5000el \
+ | mipsbe | mipseb | mipsel | mipsle | mipstx39 | mipstx39el \
+ | mipsisa32 \
| mn10200 | mn10300 \
- | msp430 \
| ns16k | ns32k \
- | openrisc | or32 \
+ | openrisc \
| pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
| pyramid \
- | sh | sh[1234] | sh3e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
- | sh64 | sh64le \
- | sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv9 | sparcv9b \
+ | sh | sh[34] | sh[34]eb | shbe | shle \
+ | sparc | sparc64 | sparclet | sparclite | sparcv9 | sparcv9b \
| strongarm \
| tahoe | thumb | tic80 | tron \
| v850 | v850e \
@@ -291,52 +278,38 @@ case $basic_machine in
580-* \
| a29k-* \
| alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
- | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
- | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
- | arm-* | armbe-* | armle-* | armeb-* | armv*-* \
+ | alphapca5[67]-* | arc-* \
+ | arm-* | armbe-* | armle-* | armv*-* \
| avr-* \
| bs2000-* \
- | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* \
- | clipper-* | cydra-* \
- | d10v-* | d30v-* | dlx-* \
+ | c[123]* | c30-* | [cjt]90-* | c54x-* \
+ | clipper-* | cray2-* | cydra-* \
+ | d10v-* | d30v-* \
| elxsi-* \
- | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
+ | f30[01]-* | f700-* | fr30-* | fx80-* \
| h8300-* | h8500-* \
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
| i*86-* | i860-* | i960-* | ia64-* \
- | ip2k-* \
| m32r-* \
- | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
+ | m68000-* | m680[01234]0-* | m68360-* | m683?2-* | m68k-* \
| m88110-* | m88k-* | mcore-* \
- | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
- | mips16-* \
- | mips64-* | mips64el-* \
- | mips64vr-* | mips64vrel-* \
- | mips64orion-* | mips64orionel-* \
- | mips64vr4100-* | mips64vr4100el-* \
- | mips64vr4300-* | mips64vr4300el-* \
- | mips64vr5000-* | mips64vr5000el-* \
- | mipsisa32-* | mipsisa32el-* \
- | mipsisa32r2-* | mipsisa32r2el-* \
- | mipsisa64-* | mipsisa64el-* \
- | mipsisa64sb1-* | mipsisa64sb1el-* \
- | mipsisa64sr71k-* | mipsisa64sr71kel-* \
- | mipstx39-* | mipstx39el-* \
- | msp430-* \
- | none-* | np1-* | nv1-* | ns16k-* | ns32k-* \
+ | mips-* | mips16-* | mips64-* | mips64el-* | mips64orion-* \
+ | mips64orionel-* | mips64vr4100-* | mips64vr4100el-* \
+ | mips64vr4300-* | mips64vr4300el-* | mipsbe-* | mipseb-* \
+ | mipsle-* | mipsel-* | mipstx39-* | mipstx39el-* \
+ | none-* | np1-* | ns16k-* | ns32k-* \
| orion-* \
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
| pyramid-* \
| romp-* | rs6000-* \
- | sh-* | sh[1234]-* | sh3e-* | sh[34]eb-* | shbe-* \
- | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
- | sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
- | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
- | tahoe-* | thumb-* | tic30-* | tic4x-* | tic54x-* | tic80-* | tron-* \
+ | sh-* | sh[34]-* | sh[34]eb-* | shbe-* | shle-* \
+ | sparc-* | sparc64-* | sparc86x-* | sparclite-* \
+ | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* \
+ | t3e-* | tahoe-* | thumb-* | tic30-* | tic54x-* | tic80-* | tron-* \
| v850-* | v850e-* | vax-* \
| we32k-* \
- | x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \
+ | x86-* | x86_64-* | xmp-* | xps100-* | xscale-* | xstormy16-* \
| xtensa-* \
| ymp-* \
| z8k-*)
@@ -402,10 +375,6 @@ case $basic_machine in
basic_machine=ns32k-sequent
os=-dynix
;;
- c90)
- basic_machine=c90-cray
- os=-unicos
- ;;
convex-c1)
basic_machine=c1-convex
os=-bsd
@@ -426,8 +395,16 @@ case $basic_machine in
basic_machine=c38-convex
os=-bsd
;;
- cray | j90)
- basic_machine=j90-cray
+ cray | ymp)
+ basic_machine=ymp-cray
+ os=-unicos
+ ;;
+ cray2)
+ basic_machine=cray2-cray
+ os=-unicos
+ ;;
+ [cjt]90)
+ basic_machine=${basic_machine}-cray
os=-unicos
;;
crds | unos)
@@ -442,14 +419,6 @@ case $basic_machine in
decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
basic_machine=mips-dec
;;
- decsystem10* | dec10*)
- basic_machine=pdp10-dec
- os=-tops10
- ;;
- decsystem20* | dec20*)
- basic_machine=pdp10-dec
- os=-tops20
- ;;
delta | 3300 | motorola-3300 | motorola-delta \
| 3300-motorola | delta-motorola)
basic_machine=m68k-motorola
@@ -630,6 +599,14 @@ case $basic_machine in
basic_machine=m68k-atari
os=-mint
;;
+ mipsel*-linux*)
+ basic_machine=mipsel-unknown
+ os=-linux-gnu
+ ;;
+ mips*-linux*)
+ basic_machine=mips-unknown
+ os=-linux-gnu
+ ;;
mips3*-*)
basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
;;
@@ -644,10 +621,6 @@ case $basic_machine in
basic_machine=m68k-rom68k
os=-coff
;;
- morphos)
- basic_machine=powerpc-unknown
- os=-morphos
- ;;
msdos)
basic_machine=i386-pc
os=-msdos
@@ -720,10 +693,6 @@ case $basic_machine in
np1)
basic_machine=np1-gould
;;
- nv1)
- basic_machine=nv1-cray
- os=-unicosmp
- ;;
nsr-tandem)
basic_machine=nsr-tandem
;;
@@ -731,10 +700,6 @@ case $basic_machine in
basic_machine=hppa1.1-oki
os=-proelf
;;
- or32 | or32-*)
- basic_machine=or32-unknown
- os=-coff
- ;;
OSE68000 | ose68000)
basic_machine=m68000-ericsson
os=-ose
@@ -757,13 +722,13 @@ case $basic_machine in
pbb)
basic_machine=m68k-tti
;;
- pc532 | pc532-*)
+ pc532 | pc532-*)
basic_machine=ns32k-pc532
;;
pentium | p5 | k5 | k6 | nexgen | viac3)
basic_machine=i586-pc
;;
- pentiumpro | p6 | 6x86 | athlon | athlon_*)
+ pentiumpro | p6 | 6x86 | athlon)
basic_machine=i686-pc
;;
pentiumii | pentium2)
@@ -784,22 +749,22 @@ case $basic_machine in
power) basic_machine=power-ibm
;;
ppc) basic_machine=powerpc-unknown
- ;;
+ ;;
ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
ppcle | powerpclittle | ppc-le | powerpc-little)
basic_machine=powerpcle-unknown
- ;;
+ ;;
ppcle-* | powerpclittle-*)
basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
ppc64) basic_machine=powerpc64-unknown
- ;;
+ ;;
ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
ppc64le | powerpc64little | ppc64-le | powerpc64-little)
basic_machine=powerpc64le-unknown
- ;;
+ ;;
ppc64le-* | powerpc64little-*)
basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
@@ -830,12 +795,6 @@ case $basic_machine in
basic_machine=a29k-amd
os=-udi
;;
- sb1)
- basic_machine=mipsisa64sb1-unknown
- ;;
- sb1el)
- basic_machine=mipsisa64sb1el-unknown
- ;;
sequent)
basic_machine=i386-sequent
;;
@@ -910,17 +869,9 @@ case $basic_machine in
os=-dynix
;;
t3e)
- basic_machine=alphaev5-cray
+ basic_machine=t3e-cray
os=-unicos
;;
- t90)
- basic_machine=t90-cray
- os=-unicos
- ;;
- tic4x | c4x*)
- basic_machine=tic4x-unknown
- os=-coff
- ;;
tic54x | c54x*)
basic_machine=tic54x-unknown
os=-coff
@@ -931,10 +882,6 @@ case $basic_machine in
tx39el)
basic_machine=mipstx39el-unknown
;;
- toad1)
- basic_machine=pdp10-xkl
- os=-tops20
- ;;
tower | tower-32)
basic_machine=m68k-ncr
;;
@@ -959,8 +906,8 @@ case $basic_machine in
os=-vms
;;
vpp*|vx|vx-*)
- basic_machine=f301-fujitsu
- ;;
+ basic_machine=f301-fujitsu
+ ;;
vxworks960)
basic_machine=i960-wrs
os=-vxworks
@@ -981,13 +928,17 @@ case $basic_machine in
basic_machine=hppa1.1-winbond
os=-proelf
;;
- xps | xps100)
- basic_machine=xps100-honeywell
+ windows32)
+ basic_machine=i386-pc
+ os=-windows32-msvcrt
;;
- ymp)
- basic_machine=ymp-cray
+ xmp)
+ basic_machine=xmp-cray
os=-unicos
;;
+ xps | xps100)
+ basic_machine=xps100-honeywell
+ ;;
z8k-*-coff)
basic_machine=z8k-unknown
os=-sim
@@ -1008,6 +959,13 @@ case $basic_machine in
op60c)
basic_machine=hppa1.1-oki
;;
+ mips)
+ if [ x$os = x-linux-gnu ]; then
+ basic_machine=mips-unknown
+ else
+ basic_machine=mips-mips
+ fi
+ ;;
romp)
basic_machine=romp-ibm
;;
@@ -1027,16 +985,13 @@ case $basic_machine in
we32k)
basic_machine=we32k-att
;;
- sh3 | sh4 | sh3eb | sh4eb | sh[1234]le | sh3ele)
+ sh3 | sh4 | sh3eb | sh4eb)
basic_machine=sh-unknown
;;
- sh64)
- basic_machine=sh64-unknown
- ;;
sparc | sparcv9 | sparcv9b)
basic_machine=sparc-sun
;;
- cydra)
+ cydra)
basic_machine=cydra-cydrome
;;
orion)
@@ -1051,6 +1006,10 @@ case $basic_machine in
pmac | pmac-mpw)
basic_machine=powerpc-apple
;;
+ c4x*)
+ basic_machine=c4x-none
+ os=-coff
+ ;;
*-unknown)
# Make sure to match an already-canonicalized machine name.
;;
@@ -1113,12 +1072,10 @@ case $os in
| -chorusos* | -chorusrdb* \
| -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
| -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \
- | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
+ | -interix* | -uwin* | -rhapsody* | -darwin* | -opened* \
| -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
| -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
- | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
- | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
- | -powermax* | -dnix* | -microbsd*)
+ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-qnx*)
@@ -1130,10 +1087,8 @@ case $os in
;;
esac
;;
- -nto-qnx*)
- ;;
-nto*)
- os=`echo $os | sed -e 's|nto|nto-qnx|'`
+ os=-nto-qnx
;;
-sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
| -windows* | -osx | -abug | -netware* | -os9* | -beos* \
@@ -1181,11 +1136,8 @@ case $os in
-ctix* | -uts*)
os=-sysv
;;
- -nova*)
- os=-rtmk-nova
- ;;
-ns2 )
- os=-nextstep2
+ os=-nextstep2
;;
-nsk*)
os=-nsk
@@ -1224,8 +1176,8 @@ case $os in
-xenix)
os=-xenix
;;
- -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
- os=-mint
+ -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+ os=-mint
;;
-none)
;;
@@ -1258,11 +1210,10 @@ case $basic_machine in
arm*-semi)
os=-aout
;;
- # This must come before the *-dec entry.
pdp10-*)
os=-tops20
;;
- pdp11-*)
+ pdp11-*)
os=-none
;;
*-dec | vax-*)
@@ -1289,9 +1240,6 @@ case $basic_machine in
mips*-*)
os=-elf
;;
- or32-*)
- os=-coff
- ;;
*-tti) # must be before sparc entry or we get the wrong os.
os=-sysv3
;;
@@ -1355,19 +1303,19 @@ case $basic_machine in
*-next)
os=-nextstep3
;;
- *-gould)
+ *-gould)
os=-sysv
;;
- *-highlevel)
+ *-highlevel)
os=-bsd
;;
*-encore)
os=-bsd
;;
- *-sgi)
+ *-sgi)
os=-irix
;;
- *-siemens)
+ *-siemens)
os=-sysv4
;;
*-masscomp)
@@ -1439,7 +1387,7 @@ case $basic_machine in
-ptx*)
vendor=sequent
;;
- -vxsim* | -vxworks* | -windiss*)
+ -vxsim* | -vxworks*)
vendor=wrs
;;
-aux*)
diff --git a/source3/configure.in b/source3/configure.in
index 555cc06fc3..0dd73efb26 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -153,16 +153,53 @@ AC_SUBST(LIBSMBCLIENT)
AC_SUBST(PRINTLIBS)
AC_SUBST(AUTHLIBS)
AC_SUBST(ACLLIBS)
-AC_SUBST(ADSLIBS)
-AC_SUBST(PASSDBLIBS)
-AC_SUBST(KRB5_LIBS)
-AC_SUBST(LDAP_LIBS)
-AC_SUBST(LDAP_OBJ)
AC_SUBST(SHLIB_PROGS)
AC_SUBST(SMBWRAPPER)
AC_SUBST(EXTRA_BIN_PROGS)
AC_SUBST(EXTRA_SBIN_PROGS)
AC_SUBST(EXTRA_ALL_TARGETS)
+dnl For the DYNAMIC RPC stuff
+dnl The complicated _YES and _NO stuff allows us to avoid a dependency
+dnl on GNU Make.
+AC_SUBST(LSA_DYNAMIC_YES)
+AC_SUBST(LSA_DYNAMIC_NO)
+LSA_DYNAMIC_YES="#"
+LSA_DYNAMIC_NO=
+AC_SUBST(NETLOG_DYNAMIC_YES)
+AC_SUBST(NETLOG_DYNAMIC_NO)
+NETLOG_DYNAMIC_YES="#"
+NETLOG_DYNAMIC_NO=
+AC_SUBST(SAMR_DYNAMIC_YES)
+AC_SUBST(SAMR_DYNAMIC_NO)
+SAMR_DYNAMIC_YES="#"
+SAMR_DYNAMIC_NO=
+AC_SUBST(SVC_DYNAMIC_YES)
+AC_SUBST(SVC_DYNAMIC_NO)
+SVC_DYNAMIC_YES="#"
+SVC_DYNAMIC_NO=
+AC_SUBST(WKS_DYNAMIC_YES)
+AC_SUBST(WKS_DYNAMIC_NO)
+WKS_DYNAMIC_YES="#"
+WKS_DYNAMIC_NO=
+AC_SUBST(REG_DYNAMIC_YES)
+AC_SUBST(REG_DYNAMIC_NO)
+REG_DYNAMIC_YES="#"
+REG_DYNAMIC_NO=
+AC_SUBST(SPOOLSS_DYNAMIC_YES)
+AC_SUBST(SPOOLSS_DYNAMIC_NO)
+SPOOLSS_DYNAMIC_YES="#"
+SPOOLSS_DYNAMIC_NO=
+AC_SUBST(DFS_DYNAMIC_YES)
+AC_SUBST(DFS_DYNAMIC_NO)
+DFS_DYNAMIC_YES="#"
+DFS_DYNAMIC_NO=
+AC_SUBST(ECHO_DYNAMIC_YES)
+AC_SUBST(ECHO_DYNAMIC_NO)
+ECHO_DYNAMIC_YES="#"
+ECHO_DYNAMIC_NO=
+
+# compile with optimization and without debugging by default
+CFLAGS="-O ${CFLAGS}"
AC_ARG_ENABLE(debug,
[ --enable-debug Turn on compiler debugging information (default=no)],
@@ -190,19 +227,71 @@ then
LIBS="$LIBS -ldmalloc"
fi
+AC_ARG_ENABLE(dynrpc, [ --enable-dynrpc Enable dynamic RPC modules [default=no]])
+
+if test x$enable_dynrpc = xyes
+then
+ enable_dynrpc=lsa,samr,reg,wks,netlog,dfs
+fi
+
+if test x$enable_dynrpc != xno
+then
+ for i in `echo $enable_dynrpc | sed -e's/,/ /g'`
+ do case $i in lsa)
+ LSA_DYNAMIC_YES=
+ LSA_DYNAMIC_NO="#"
+ AC_DEFINE(RPC_LSA_DYNAMIC, 1,
+ [Define to make the LSA pipe dynamic])
+ ;; samr)
+ SAMR_DYNAMIC_YES=
+ SAMR_DYNAMIC_NO="#"
+ AC_DEFINE(RPC_SAMR_DYNAMIC, 1,
+ [Define to make the SAMR pipe dynamic])
+ ;; svc)
+ SVC_DYNAMIC_YES=
+ SVC_DYNAMIC_NO="#"
+ AC_DEFINE(RPC_SVC_DYNAMIC, 1,
+ [Define to make the SRVSVC pipe dynamic])
+ ;; wks)
+ WKS_DYNAMIC_YES=
+ WKS_DYNAMIC_NO="#"
+ AC_DEFINE(RPC_WKS_DYNAMIC, 1,
+ [Define to make the WKSSVC pipe dynamic])
+ ;; netlog)
+ NETLOG_DYNAMIC_YES=
+ NETLOG_DYNAMIC_NO="#"
+ AC_DEFINE(RPC_NETLOG_DYNAMIC, 1,
+ [Define to make the NETLOGON pipe dynamic])
+ ;; reg)
+ REG_DYNAMIC_YES=
+ REG_DYNAMIC_NO="#"
+ AC_DEFINE(RPC_REG_DYNAMIC, 1,
+ [Define to make the WINREG pipe dynamic])
+ ;; spoolss)
+ SPOOLSS_DYNAMIC_YES=
+ SPOOLSS_DYNAMIC_NO="#"
+ AC_DEFINE(RPC_SPOOLSS_DYNAMIC, 1,
+ [Define to make the SPOOLSS pipe dynamic])
+ ;; dfs)
+ DFS_DYNAMIC_YES=
+ DFS_DYNAMIC_NO="#"
+ AC_DEFINE(RPC_DFS_DYNAMIC, 1,
+ [Define to make the NETDFS pipe dynamic])
+ ;; echo)
+ ECHO_DYNAMIC_YES=
+ ECHO_DYNAMIC_NO="#"
+ AC_DEFINE(RPC_ECHO_DYNAMIC, 1,
+ [Define to make the ECHO pipe dynamic])
+ ;; esac
+ done
+fi
+
dnl Checks for programs.
AC_PROG_CC
AC_PROG_INSTALL
AC_PROG_AWK
AC_PATH_PROG(PERL, perl)
-# compile with optimization and without debugging by default, but
-# allow people to set their own preference.
-if test "x$CFLAGS" = x
-then
- CFLAGS="-O ${CFLAGS}"
-fi
-
dnl Check if we use GNU ld
LD=ld
AC_PROG_LD_GNU
@@ -485,7 +574,7 @@ AC_CHECK_HEADERS(sys/param.h ctype.h sys/wait.h sys/resource.h sys/ioctl.h sys/i
AC_CHECK_HEADERS(sys/mman.h sys/filio.h sys/priv.h sys/shm.h string.h strings.h stdlib.h sys/socket.h)
AC_CHECK_HEADERS(sys/mount.h sys/vfs.h sys/fs/s5param.h sys/filsys.h termios.h termio.h)
AC_CHECK_HEADERS(sys/termio.h sys/statfs.h sys/dustat.h sys/statvfs.h stdarg.h sys/sockio.h)
-AC_CHECK_HEADERS(security/pam_modules.h security/_pam_macros.h dlfcn.h)
+AC_CHECK_HEADERS(security/pam_modules.h security/_pam_macros.h ldap.h lber.h dlfcn.h)
AC_CHECK_HEADERS(sys/syslog.h syslog.h execinfo.h)
# In valgrind 1.0.x, it's just valgrind.h. In 1.9.x+ there's a
@@ -2072,14 +2161,8 @@ fi
AC_MSG_RESULT($with_ads_support)
FOUND_KRB5=no
-KRB5_LIBS=""
if test x"$with_ads_support" = x"yes"; then
-ac_save_CFLAGS="$CFLAGS"
-ac_save_LIBS="$LIBS"
-CFLAGS=""
-LIBS=""
-
#################################################
# check for krb5-config from recent MIT and Heimdal kerberos 5
AC_PATH_PROG(KRB5_CONFIG, krb5-config)
@@ -2236,22 +2319,19 @@ fi
########################################################
# now see if we can find the krb5 libs in standard paths
# or as specified above
- AC_CHECK_LIB(krb5, krb5_mk_req_extended, [KRB5_LIBS="$LIBS -lkrb5";
- KRB5_CFLAGS="$CFLAGS";
+ AC_CHECK_LIB(krb5, krb5_mk_req_extended, [LIBS="$LIBS -lkrb5";
AC_DEFINE(HAVE_KRB5,1,[Whether KRB5 is available])])
########################################################
# now see if we can find the gssapi libs in standard paths
- AC_CHECK_LIB(gssapi_krb5, gss_display_status, [KRB5_LIBS="$KRB5_LIBS -lgssapi_krb5";
+ AC_CHECK_LIB(gssapi_krb5, gss_display_status, [LIBS="$LIBS -lgssapi_krb5";
AC_DEFINE(HAVE_GSSAPI,1,[Whether GSSAPI is available])])
-LIBS="$ac_save_LIBS"; CFLAGS="$ac_save_CFLAGS"
fi
########################################################
# Compile with LDAP support?
-LDAP_OBJ=""
with_ldap_support=yes
AC_MSG_CHECKING([whether to use LDAP])
@@ -2266,8 +2346,6 @@ AC_ARG_WITH(ldap,
AC_MSG_RESULT($with_ldap_support)
if test x"$with_ldap_support" = x"yes"; then
-ac_save_LIBS="$LIBS"
-LIBS=""
##################################################################
# we might need the lber lib on some systems. To avoid link errors
@@ -2278,9 +2356,7 @@ LIBS=""
# now see if we can find the ldap libs in standard paths
if test x$have_ldap != xyes; then
AC_CHECK_LIB(ldap, ldap_domain2hostlist, [LIBS="$LIBS -lldap";
- LDAP_OBJ=lib/ldap.o;
AC_DEFINE(HAVE_LDAP,1,[Whether ldap is available])])
- AC_CHECK_HEADERS([ldap.h lber.h], [default_static_modules="$default_static_modules pdb_ldap"])
########################################################
# If we have LDAP, does it's rebind procedure take 2 or 3 arguments?
@@ -2292,29 +2368,19 @@ LIBS=""
#include <ldap.h>], [ldap_set_rebind_proc(0, 0, 0);], [pam_ldap_cv_ldap_set_rebind_proc=3], [pam_ldap_cv_ldap_set_rebind_proc=2]) ])
AC_DEFINE_UNQUOTED(LDAP_SET_REBIND_PROC_ARGS, $pam_ldap_cv_ldap_set_rebind_proc, [Number of arguments to ldap_set_rebind_proc])
fi
-
-LDAP_LIBS="$LIBS";
-LIBS="$ac_save_LIBS";
-else
- # Can't have ADS support without LDAP
- if test x"$with_ads_support" = x"yes"; then
- AC_MSG_ERROR(Active directory support requires LDAP)
- fi
-fi
-
-if test x"$with_ads_support" = x"yes"; then
- ADSLIBS="$LDAP_LIBS $KRB5_LIBS"
fi
########################################################
# Compile with MySQL support?
-AM_PATH_MYSQL([0.11.0],[default_shared_modules="$default_shared_modules pdb_mysql"],[])
+AM_PATH_MYSQL([0.11.0],[MODULE_MYSQL="bin/pdb_mysql.$SHLIBEXT"],[MODULE_MYSQL=])
CFLAGS="$CFLAGS $MYSQL_CFLAGS"
+AC_SUBST(MODULE_MYSQL)
########################################################
# Compile with XML support?
-AM_PATH_XML2([2.0.0],[default_shared_modules="$default_shared_modules pdb_xml"],[])
+AM_PATH_XML2([2.0.0],[MODULE_XML="bin/pdb_xml.$SHLIBEXT"],[MODULE_XML=])
CFLAGS="$CFLAGS $XML_CFLAGS"
+AC_SUBST(MODULE_XML)
#################################################
# check for automount support
@@ -2457,24 +2523,37 @@ AC_ARG_WITH(ldapsam,
)
#################################################
-# check for IDMAP
-
-AC_DEFINE(WITH_IDMAP,1, [Include IDMAP support])
+# check for a TDB password database
+AC_MSG_CHECKING(whether to use TDB SAM database)
+AC_ARG_WITH(tdbsam,
+[ --with-tdbsam Include experimental TDB SAM support (default=no)],
+[ case "$withval" in
+ yes)
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(WITH_TDB_SAM,1,[Whether to include experimental TDB SAM support])
+ ;;
+ *)
+ AC_MSG_RESULT(no)
+ ;;
+ esac ],
+ AC_MSG_RESULT(no)
+)
-AC_MSG_CHECKING(whether to use IDMAP only for [ug]id mapping)
-AC_ARG_WITH(idmap,
-[ --with-idmap Include experimental IDMAP support (default=yes)],
+#################################################
+# check for a NISPLUS password database
+AC_MSG_CHECKING(whether to use NISPLUS SAM database)
+AC_ARG_WITH(nisplussam,
+[ --with-nisplussam Include NISPLUS SAM support (default=no)],
[ case "$withval" in
yes)
AC_MSG_RESULT(yes)
- AC_DEFINE(WITH_IDMAP,1,[Whether to include experimental IDMAP support])
+ AC_DEFINE(WITH_NISPLUS_SAM,1,[Whether to include nisplus SAM support])
;;
- no)
+ *)
AC_MSG_RESULT(no)
- AC_DEFINE(WITH_IDMAP,0,[Whether to include experimental IDMAP support])
;;
esac ],
- AC_MSG_RESULT(yes)
+ AC_MSG_RESULT(no)
)
########################################################################################
@@ -3348,15 +3427,12 @@ AC_MSG_CHECKING(whether to use included popt)
if test x"$INCLUDED_POPT" = x"yes"; then
AC_MSG_RESULT(yes)
BUILD_POPT='$(POPT_OBJS)'
- POPTLIBS='$(POPT_OBJS)'
FLAGS1="-I$srcdir/popt"
else
AC_MSG_RESULT(no)
- BUILD_POPT=""
- POPTLIBS="-lpopt"
+ LIBS="$LIBS -lpopt"
fi
AC_SUBST(BUILD_POPT)
-AC_SUBST(POPTLIBS)
AC_SUBST(FLAGS1)
#################################################
diff --git a/source3/include/.cvsignore b/source3/include/.cvsignore
index 4bff170b3b..bff248727f 100644
--- a/source3/include/.cvsignore
+++ b/source3/include/.cvsignore
@@ -3,5 +3,4 @@ config.h
stamp-h
proto.h
wrepld_proto.h
-tdbsam2_parse_info.h
config.h.in
diff --git a/source3/include/auth.h b/source3/include/auth.h
index 626b9f3ba0..e37f181082 100644
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -148,8 +148,6 @@ struct auth_init_function_entry {
/* Function to create a member of the authmethods list */
auth_init_function init;
-
- struct auth_init_function_entry *prev, *next;
};
typedef struct auth_ntlmssp_state
@@ -160,6 +158,4 @@ typedef struct auth_ntlmssp_state
struct ntlmssp_state *ntlmssp_state;
} AUTH_NTLMSSP_STATE;
-#define AUTH_INTERFACE_VERSION 1
-
#endif /* _SMBAUTH_H_ */
diff --git a/source3/include/charset.h b/source3/include/charset.h
index c56984ca7b..07d5e2d599 100644
--- a/source3/include/charset.h
+++ b/source3/include/charset.h
@@ -2,7 +2,6 @@
Unix SMB/CIFS implementation.
charset defines
Copyright (C) Andrew Tridgell 2001
- Copyright (C) Jelmer Vernooij 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -23,18 +22,3 @@
typedef enum {CH_UCS2=0, CH_UNIX=1, CH_DISPLAY=2, CH_DOS=3, CH_UTF8=4} charset_t;
#define NUM_CHARSETS 5
-
-/*
- * for each charset we have a function that pulls from that charset to
- * a ucs2 buffer, and a function that pushes to a ucs2 buffer
- * */
-
-struct charset_functions {
- const char *name;
- size_t (*pull)(void *, char **inbuf, size_t *inbytesleft,
- char **outbuf, size_t *outbytesleft);
- size_t (*push)(void *, char **inbuf, size_t *inbytesleft,
- char **outbuf, size_t *outbytesleft);
- struct charset_functions *prev, *next;
-};
-
diff --git a/source3/include/debug.h b/source3/include/debug.h
index 70f9f7706d..d4f45539f4 100644
--- a/source3/include/debug.h
+++ b/source3/include/debug.h
@@ -88,7 +88,6 @@ extern int DEBUGLEVEL;
#define DBGC_AUTH 10
#define DBGC_WINBIND 11
#define DBGC_VFS 12
-#define DBGC_IDMAP 13
/* So you can define DBGC_CLASS before including debug.h */
#ifndef DBGC_CLASS
diff --git a/source3/include/genparser.h b/source3/include/genparser.h
deleted file mode 100644
index f28cd78249..0000000000
--- a/source3/include/genparser.h
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- Copyright (C) Andrew Tridgell <genstruct@tridgell.net> 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#ifndef _GENPARSER_H
-#define _GENPARSER_H
-
-/* these macros are needed for genstruct auto-parsers */
-#ifndef GENSTRUCT
-#define GENSTRUCT
-#define _LEN(x)
-#define _NULLTERM
-#endif
-
-/*
- automatic marshalling/unmarshalling system for C structures
-*/
-
-/* flag to mark a fixed size array as actually being null terminated */
-#define FLAG_NULLTERM 1
-#define FLAG_ALWAYS 2
-
-struct enum_struct {
- const char *name;
- unsigned value;
-};
-
-/* intermediate dumps are stored in one of these */
-struct parse_string {
- unsigned allocated;
- unsigned length;
- char *s;
-};
-
-typedef int (*gen_dump_fn)(TALLOC_CTX *, struct parse_string *, const char *ptr, unsigned indent);
-typedef int (*gen_parse_fn)(TALLOC_CTX *, char *ptr, const char *str);
-
-/* genstruct.pl generates arrays of these */
-struct parse_struct {
- const char *name;
- unsigned ptr_count;
- unsigned size;
- unsigned offset;
- unsigned array_len;
- const char *dynamic_len;
- unsigned flags;
- gen_dump_fn dump_fn;
- gen_parse_fn parse_fn;
-};
-
-#define DUMP_PARSE_DECL(type) \
- int gen_dump_ ## type(TALLOC_CTX *, struct parse_string *, const char *, unsigned); \
- int gen_parse_ ## type(TALLOC_CTX *, char *, const char *);
-
-DUMP_PARSE_DECL(char)
-DUMP_PARSE_DECL(int)
-DUMP_PARSE_DECL(unsigned)
-DUMP_PARSE_DECL(double)
-DUMP_PARSE_DECL(float)
-
-#define gen_dump_unsigned_char gen_dump_char
-#define gen_parse_unsigned_char gen_parse_char
-
-#endif /* _GENPARSER_H */
diff --git a/source3/include/genparser_samba.h b/source3/include/genparser_samba.h
deleted file mode 100644
index 172ff2362c..0000000000
--- a/source3/include/genparser_samba.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- Copyright (C) Simo Sorce <idra@samba.org> 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#ifndef _GENPARSER_SAMBA_H
-#define _GENPARSER_SAMBA_H
-
-const struct parse_struct pinfo_security_ace_info[] = {
-{"type", 0, sizeof(uint8), offsetof(struct security_ace_info, type), 0, NULL, 0, gen_dump_uint8, gen_parse_uint8},
-{"flags", 0, sizeof(uint8), offsetof(struct security_ace_info, flags), 0, NULL, 0, gen_dump_uint8, gen_parse_uint8},
-{"size", 0, sizeof(uint16), offsetof(struct security_ace_info, size), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16},
-{"info", 0, sizeof(char), offsetof(struct security_ace_info, info), 0, NULL, 0, gen_dump_SEC_ACCESS, gen_parse_SEC_ACCESS},
-{"obj_flags", 0, sizeof(uint32), offsetof(struct security_ace_info, obj_flags), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32},
-{"obj_guid", 0, sizeof(char), offsetof(struct security_ace_info, obj_guid), 0, NULL, 0, gen_dump_GUID, gen_parse_GUID},
-{"inh_guid", 0, sizeof(char), offsetof(struct security_ace_info, inh_guid), 0, NULL, 0, gen_dump_GUID, gen_parse_GUID},
-{"trustee", 0, sizeof(char), offsetof(struct security_ace_info, trustee), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID},
-{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}};
-
-const struct parse_struct pinfo_security_acl_info[] = {
-{"revision", 0, sizeof(uint16), offsetof(struct security_acl_info, revision), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16},
-{"size", 0, sizeof(uint16), offsetof(struct security_acl_info, size), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16},
-{"num_aces", 0, sizeof(uint32), offsetof(struct security_acl_info, num_aces), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32},
-{"ace", 1, sizeof(struct security_ace_info), offsetof(struct security_acl_info, ace), 0, "size", 0, gen_dump_SEC_ACE, gen_parse_SEC_ACE},
-{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}};
-
-const struct parse_struct pinfo_security_descriptor_info[] = {
-{"revision", 0, sizeof(uint16), offsetof(struct security_descriptor_info, revision), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16},
-{"type", 0, sizeof(uint16), offsetof(struct security_descriptor_info, type), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16},
-{"off_owner_sid", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_owner_sid), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32},
-{"off_grp_sid", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_grp_sid), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32},
-{"off_sacl", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_sacl), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32},
-{"off_dacl", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_dacl), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32},
-{"dacl", 1, sizeof(struct security_acl_info), offsetof(struct security_descriptor_info, dacl), 0, NULL, 0, gen_dump_SEC_ACL, gen_parse_SEC_ACL},
-{"sacl", 1, sizeof(struct security_acl_info), offsetof(struct security_descriptor_info, sacl), 0, NULL, 0, gen_dump_SEC_ACL, gen_parse_SEC_ACL},
-{"owner_sid", 1, sizeof(char), offsetof(struct security_descriptor_info, owner_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID},
-{"grp_sid", 1, sizeof(char), offsetof(struct security_descriptor_info, grp_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID},
-{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}};
-
-const struct parse_struct pinfo_luid_attr_info[] = {
-{"attr", 0, sizeof(uint32), offsetof(struct LUID_ATTR, attr), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32},
-{"luid", 1, sizeof(LUID), offsetof(struct LUID_ATTR, luid), 0, NULL, 0, gen_dump_LUID, gen_parse_LUID},
-{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}};
-
-#endif /* _GENPARSER_SAMBA_H */
diff --git a/source3/include/gums.h b/source3/include/gums.h
deleted file mode 100644
index 789acc269f..0000000000
--- a/source3/include/gums.h
+++ /dev/null
@@ -1,240 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- GUMS structures
- Copyright (C) Simo Sorce 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#ifndef _GUMS_H
-#define _GUMS_H
-
-#define GUMS_VERSION_MAJOR 0
-#define GUMS_VERSION_MINOR 1
-#define GUMS_OBJECT_VERSION 1
-
-#define GUMS_OBJ_DOMAIN 1
-#define GUMS_OBJ_NORMAL_USER 2
-#define GUMS_OBJ_GROUP 3
-#define GUMS_OBJ_ALIAS 4
-#define GUMS_OBJ_WORKSTATION_TRUST 5
-#define GUMS_OBJ_SERVER_TRUST 6
-#define GUMS_OBJ_DOMAIN_TRUST 7
-
-typedef struct gums_user
-{
- DOM_SID *group_sid; /* Primary Group SID */
-
- NTTIME logon_time; /* logon time */
- NTTIME logoff_time; /* logoff time */
- NTTIME kickoff_time; /* kickoff time */
- NTTIME pass_last_set_time; /* password last set time */
- NTTIME pass_can_change_time; /* password can change time */
- NTTIME pass_must_change_time; /* password must change time */
-
- char *full_name; /* user's full name string */
- char *home_dir; /* home directory string */
- char *dir_drive; /* home directory drive string */
- char *logon_script; /* logon script string */
- char *profile_path; /* profile path string */
- char *workstations; /* login from workstations string */
- char *unknown_str; /* don't know what this is, yet. */
- char *munged_dial; /* munged path name and dial-back tel number */
-
- DATA_BLOB lm_pw; /* .data is Null if no password */
- DATA_BLOB nt_pw; /* .data is Null if no password */
-
- uint32 unknown_3; /* 0x00ff ffff */
-
- uint16 logon_divs; /* 168 - number of hours in a week */
- uint32 hours_len; /* normally 21 bytes */
- uint8 *hours;
-
- uint32 unknown_5; /* 0x0002 0000 */
- uint32 unknown_6; /* 0x0000 04ec */
-
-} GUMS_USER;
-
-typedef struct gums_group
-{
- uint32 count; /* Number of SIDs */
- DOM_SID **members; /* SID array */
-
-} GUMS_GROUP;
-
-typedef struct gums_domain
-{
- uint32 next_rid;
-
-} GUMS_DOMAIN;
-
-union gums_obj_p {
- GUMS_USER *user;
- GUMS_GROUP *group;
- GUMS_DOMAIN *domain;
-};
-
-typedef struct gums_object
-{
- TALLOC_CTX *mem_ctx;
-
- uint32 type; /* Object Type */
- uint32 version; /* Object Version */
- uint32 seq_num; /* Object Sequence Number */
-
- SEC_DESC *sec_desc; /* Security Descriptor */
-
- DOM_SID *sid; /* Object Sid */
- char *name; /* Object Name */
- char *description; /* Object Description */
-
- union gums_obj_p data; /* Object Specific data */
-
-} GUMS_OBJECT;
-
-typedef struct gums_data_set
-{
- int type; /* GUMS_SET_xxx */
- void *data;
-
-} GUMS_DATA_SET;
-
-typedef struct gums_commit_set
-{
- TALLOC_CTX *mem_ctx;
-
- uint32 type; /* Object type */
- DOM_SID sid; /* Object Sid */
- uint32 count; /* number of changes */
- GUMS_DATA_SET **data;
-
-} GUMS_COMMIT_SET;
-
-typedef struct gums_privilege
-{
- TALLOC_CTX *mem_ctx;
-
- uint32 type; /* Object Type */
- uint32 version; /* Object Version */
- uint32 seq_num; /* Object Sequence Number */
-
- LUID_ATTR *privilege; /* Privilege Type */
- char *name; /* Object Name */
- char *description; /* Object Description */
-
- uint32 count;
- DOM_SID **members;
-
-} GUMS_PRIVILEGE;
-
-
-typedef struct gums_functions
-{
- /* Generic object functions */
-
- NTSTATUS (*get_domain_sid) (DOM_SID **sid, const char* name);
- NTSTATUS (*set_domain_sid) (const DOM_SID *sid);
-
- NTSTATUS (*get_sequence_number) (void);
-
- NTSTATUS (*new_object) (DOM_SID **sid, const char *name, const int obj_type);
- NTSTATUS (*delete_object) (const DOM_SID *sid);
-
- NTSTATUS (*get_object_from_sid) (GUMS_OBJECT **object, const DOM_SID *sid, const int obj_type);
- NTSTATUS (*get_object_from_name) (GUMS_OBJECT **object, const char *name, const int onj_type);
- /* This function is used to get the list of all objects changed since b_time, it is
- used to support PDC<->BDC synchronization */
- NTSTATUS (*get_updated_objects) (GUMS_OBJECT **objects, const NTTIME base_time);
-
- NTSTATUS (*enumerate_objects_start) (void *handle, const DOM_SID *sid, const int obj_type);
- NTSTATUS (*enumerate_objects_get_next) (GUMS_OBJECT **object, void *handle);
- NTSTATUS (*enumerate_objects_stop) (void *handle);
-
- /* This function MUST be used ONLY by PDC<->BDC replication code or recovery tools.
- Never use this function to update an object in the database, use set_object_values() */
- NTSTATUS (*set_object) (const GUMS_OBJECT *object);
-
- /* set object values function */
- NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET **data_set);
-
- /* Group related functions */
- NTSTATUS (*add_members_to_group) (const DOM_SID *group, const DOM_SID **members);
- NTSTATUS (*delete_members_from_group) (const DOM_SID *group, const DOM_SID **members);
- NTSTATUS (*enumerate_group_members) (DOM_SID **members, const DOM_SID *sid, const int type);
-
- NTSTATUS (*get_sid_groups) (DOM_SID **groups, const DOM_SID *sid);
-
- NTSTATUS (*lock_sid) (const DOM_SID *sid);
- NTSTATUS (*unlock_sid) (const DOM_SID *sid);
-
- /* privileges related functions */
-
- NTSTATUS (*add_members_to_privilege) (const LUID_ATTR *priv, const DOM_SID **members);
- NTSTATUS (*delete_members_from_privilege) (const LUID_ATTR *priv, const DOM_SID **members);
- NTSTATUS (*enumerate_privilege_members) (DOM_SID **members, const LUID_ATTR *priv);
- NTSTATUS (*get_sid_privileges) (DOM_SID **privs, const DOM_SID *sid);
-
- /* warning!: set_privilege will overwrite a prior existing privilege if such exist */
- NTSTATUS (*set_privilege) (GUMS_PRIVILEGE *priv);
-
-} GUMS_FUNCTIONS;
-
-/* define value types */
-#define GUMS_SET_PRIMARY_GROUP 0x1
-#define GUMS_SET_SEC_DESC 0x2
-
-#define GUMS_SET_NAME 0x10
-#define GUMS_SET_DESCRIPTION 0x11
-#define GUMS_SET_FULL_NAME 0x12
-
-/* user specific type values */
-#define GUMS_SET_LOGON_TIME 0x20
-#define GUMS_SET_LOGOFF_TIME 0x21
-#define GUMS_SET_KICKOFF_TIME 0x23
-#define GUMS_SET_PASS_LAST_SET_TIME 0x24
-#define GUMS_SET_PASS_CAN_CHANGE_TIME 0x25
-#define GUMS_SET_PASS_MUST_CHANGE_TIME 0x26
-
-
-#define GUMS_SET_HOME_DIRECTORY 0x31
-#define GUMS_SET_DRIVE 0x32
-#define GUMS_SET_LOGON_SCRIPT 0x33
-#define GUMS_SET_PROFILE_PATH 0x34
-#define GUMS_SET_WORKSTATIONS 0x35
-#define GUMS_SET_UNKNOWN_STRING 0x36
-#define GUMS_SET_MUNGED_DIAL 0x37
-
-#define GUMS_SET_LM_PASSWORD 0x40
-#define GUMS_SET_NT_PASSWORD 0x41
-#define GUMS_SET_PLAINTEXT_PASSWORD 0x42
-#define GUMS_SET_UNKNOWN_3 0x43
-#define GUMS_SET_LOGON_DIVS 0x44
-#define GUMS_SET_HOURS_LEN 0x45
-#define GUMS_SET_HOURS 0x46
-#define GUMS_SET_UNKNOWN_5 0x47
-#define GUMS_SET_UNKNOWN_6 0x48
-
-#define GUMS_SET_MUST_CHANGE_PASS 0x50
-#define GUMS_SET_CANNOT_CHANGE_PASS 0x51
-#define GUMS_SET_PASS_NEVER_EXPIRE 0x52
-#define GUMS_SET_ACCOUNT_DISABLED 0x53
-#define GUMS_SET_ACCOUNT_LOCKOUT 0x54
-
-/*group specific type values */
-#define GUMS_ADD_SID_LIST 0x60
-#define GUMS_DEL_SID_LIST 0x61
-#define GUMS_SET_SID_LIST 0x62
-
-#endif /* _GUMS_H */
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 9f86f08c1e..d406c07d06 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -437,23 +437,6 @@
#include <com_err.h>
#endif
-/* Special macros that are no-ops except when run under Valgrind on
- * x86. They've moved a little bit from valgrind 1.0.4 to 1.9.4 */
-#if HAVE_VALGRIND_MEMCHECK_H
- /* memcheck.h includes valgrind.h */
-#include <valgrind/memcheck.h>
-#elif HAVE_VALGRIND_H
-#include <valgrind.h>
-#endif
-
-/* If we have --enable-developer and the valgrind header is present,
- * then we're OK to use it. Set a macro so this logic can be done only
- * once. */
-#if defined(DEVELOPER) && (HAVE_VALGRIND_H || HAVE_VALGRIND_VALGRIND_H)
-#define VALGRIND
-#endif
-
-
/* we support ADS if we want it and have krb5 and ldap libs */
#if defined(WITH_ADS) && defined(HAVE_KRB5) && defined(HAVE_LDAP)
#define HAVE_ADS
@@ -794,12 +777,6 @@ extern int errno;
#include "passdb.h"
-#include "sam.h"
-
-#include "gums.h"
-
-#include "idmap.h"
-
#include "session.h"
#include "asn_1.h"
@@ -810,8 +787,6 @@ extern int errno;
#include "nsswitch/winbind_client.h"
-#include "genparser.h"
-
/*
* Type for wide character dirent structure.
* Only d_name is defined by POSIX.
@@ -856,8 +831,6 @@ struct functable {
struct printjob;
-struct smb_ldap_privates;
-
/***** automatically generated prototypes *****/
#ifndef NO_PROTO_H
#include "proto.h"
@@ -1239,6 +1212,10 @@ int smb_xvasprintf(char **ptr, const char *format, va_list ap) PRINTF_ATTRIBUTE(
time_t timegm(struct tm *tm);
#endif
+#if defined(VALGRIND)
+#define strlen(x) valgrind_strlen(x)
+#endif
+
/*
* Veritas File System. Often in addition to native.
* Quotas different.
diff --git a/source3/include/libsmbclient.h b/source3/include/libsmbclient.h
index f5d653f697..0c905edcbc 100644
--- a/source3/include/libsmbclient.h
+++ b/source3/include/libsmbclient.h
@@ -257,8 +257,9 @@ typedef int (*smbc_remove_unused_server_fn)(SMBCCTX * c, SMBCSRV *srv);
*
*/
typedef int (*smbc_add_cached_srv_fn) (SMBCCTX * c, SMBCSRV *srv,
- const char * server, const char * share,
- const char * workgroup, const char * username);
+ char * server, char * share,
+ char * workgroup, char * username);
+
/**@ingroup callback
* Look up a server in the cache system
@@ -276,9 +277,9 @@ typedef int (*smbc_add_cached_srv_fn) (SMBCCTX * c, SMBCSRV *srv,
* @return pointer to SMBCSRV on success. NULL on failure.
*
*/
-typedef SMBCSRV * (*smbc_get_cached_srv_fn) (SMBCCTX * c, const char * server,
- const char * share, const char * workgroup,
- const char * username);
+typedef SMBCSRV * (*smbc_get_cached_srv_fn) (SMBCCTX * c, char * server,
+ char * share, char * workgroup, char * username);
+
/**@ingroup callback
* Check if a server is still good
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index b6ab4fd0c5..dc0ffc8035 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -372,9 +372,6 @@ struct acct_info
/* security descriptor structures */
#include "rpc_secdes.h"
-/* pac */
-#include "authdata.h"
-
/* different dce/rpc pipes */
#include "rpc_lsa.h"
#include "rpc_netlogon.h"
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index 06409aa34e..fa80b263ff 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -34,6 +34,13 @@
#define PASSDB_INTERFACE_VERSION 4
+/* use this inside a passdb module */
+#define PDB_MODULE_VERSIONING_MAGIC \
+int pdb_version(void)\
+{\
+ return PASSDB_INTERFACE_VERSION;\
+}
+
typedef struct pdb_context
{
struct pdb_methods *pdb_methods;
@@ -149,7 +156,6 @@ struct pdb_init_function_entry {
const char *name;
/* Function to create a member of the pdb_methods list */
pdb_init_function init;
- struct pdb_init_function_entry *prev, *next;
};
#endif /* _PASSDB_H */
diff --git a/source3/include/rpc_client_proto.h b/source3/include/rpc_client_proto.h
deleted file mode 100644
index 0ecb195691..0000000000
--- a/source3/include/rpc_client_proto.h
+++ /dev/null
@@ -1,231 +0,0 @@
-#ifndef _RPC_CLIENT_PROTO_H_
-#define _RPC_CLIENT_PROTO_H_
-/* This file is automatically generated with "make proto". DO NOT EDIT */
-
-
-/*The following definitions come from lib/util_list.c */
-
-BOOL copy_policy_hnd (POLICY_HND *dest, const POLICY_HND *src);
-BOOL compare_rpc_hnd_node(const RPC_HND_NODE *x,
- const RPC_HND_NODE *y);
-BOOL RpcHndList_set_connection(const POLICY_HND *hnd,
- struct cli_connection *con);
-BOOL RpcHndList_del_connection(const POLICY_HND *hnd);
-struct cli_connection* RpcHndList_get_connection(const POLICY_HND *hnd);
-
-/*The following definitions come from rpc_client/cli_connect.c */
-
-void init_connections(void);
-void free_connections(void);
-void cli_connection_free(struct cli_connection *con);
-void cli_connection_unlink(struct cli_connection *con);
-BOOL cli_connection_init(const char *srv_name, char *pipe_name,
- struct cli_connection **con);
-BOOL cli_connection_init_auth(const char *srv_name, char *pipe_name,
- struct cli_connection **con,
- cli_auth_fns * auth, void *auth_creds);
-struct _cli_auth_fns *cli_conn_get_authfns(struct cli_connection *con);
-void *cli_conn_get_auth_creds(struct cli_connection *con);
-BOOL rpc_hnd_pipe_req(const POLICY_HND * hnd, uint8 op_num,
- prs_struct * data, prs_struct * rdata);
-BOOL rpc_con_pipe_req(struct cli_connection *con, uint8 op_num,
- prs_struct * data, prs_struct * rdata);
-BOOL rpc_con_ok(struct cli_connection *con);
-
-/*The following definitions come from rpc_client/cli_login.c */
-
-BOOL cli_nt_setup_creds(struct cli_state *cli, unsigned char mach_pwd[16]);
-BOOL cli_nt_srv_pwset(struct cli_state *cli, unsigned char *new_hashof_mach_pwd);
-BOOL cli_nt_login_interactive(struct cli_state *cli, char *domain, char *username,
- uint32 smb_userid_low, char *password,
- NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3);
-BOOL cli_nt_login_network(struct cli_state *cli, char *domain, char *username,
- uint32 smb_userid_low, char lm_chal[8],
- char *lm_chal_resp, char *nt_chal_resp,
- NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3);
-BOOL cli_nt_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr);
-
-/*The following definitions come from rpc_client/cli_lsarpc.c */
-
-BOOL do_lsa_open_policy(struct cli_state *cli,
- char *system_name, POLICY_HND *hnd,
- BOOL sec_qos);
-BOOL do_lsa_query_info_pol(struct cli_state *cli,
- POLICY_HND *hnd, uint16 info_class,
- fstring domain_name, DOM_SID *domain_sid);
-BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd);
-BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server);
-uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd,
- BOOL sec_qos, uint32 des_access);
-uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids,
- char ***names, uint32 **types, int *num_names);
-uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names,
- DOM_SID **sids, uint32 **types, int *num_sids);
-
-/*The following definitions come from rpc_client/cli_netlogon.c */
-
-BOOL cli_net_logon_ctrl2(struct cli_state *cli, uint32 status_level);
-BOOL cli_net_auth2(struct cli_state *cli, uint16 sec_chan,
- uint32 neg_flags, DOM_CHAL *srv_chal);
-BOOL cli_net_req_chal(struct cli_state *cli, DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal);
-BOOL cli_net_srv_pwset(struct cli_state *cli, uint8 hashed_mach_pwd[16]);
-BOOL cli_net_sam_logon(struct cli_state *cli, NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3);
-BOOL cli_net_sam_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr);
-BOOL change_trust_account_password( char *domain, char *remote_machine_list);
-
-/*The following definitions come from rpc_client/cli_pipe.c */
-
-BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num,
- prs_struct *data, prs_struct *rdata);
-BOOL rpc_pipe_bind(struct cli_state *cli, char *pipe_name, char *my_name);
-void cli_nt_set_ntlmssp_flgs(struct cli_state *cli, uint32 ntlmssp_flgs);
-BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name);
-void cli_nt_session_close(struct cli_state *cli);
-
-/*The following definitions come from rpc_client/cli_reg.c */
-
-BOOL do_reg_connect(struct cli_state *cli, char *full_keyname, char *key_name,
- POLICY_HND *reg_hnd);
-BOOL do_reg_open_hklm(struct cli_state *cli, uint16 unknown_0, uint32 level,
- POLICY_HND *hnd);
-BOOL do_reg_open_hku(struct cli_state *cli, uint16 unknown_0, uint32 level,
- POLICY_HND *hnd);
-BOOL do_reg_flush_key(struct cli_state *cli, POLICY_HND *hnd);
-BOOL do_reg_query_key(struct cli_state *cli, POLICY_HND *hnd,
- char *class, uint32 *class_len,
- uint32 *num_subkeys, uint32 *max_subkeylen,
- uint32 *max_subkeysize, uint32 *num_values,
- uint32 *max_valnamelen, uint32 *max_valbufsize,
- uint32 *sec_desc, NTTIME *mod_time);
-BOOL do_reg_unknown_1a(struct cli_state *cli, POLICY_HND *hnd, uint32 *unk);
-BOOL do_reg_query_info(struct cli_state *cli, POLICY_HND *hnd,
- char *key_value, uint32* key_type);
-BOOL do_reg_set_key_sec(struct cli_state *cli, POLICY_HND *hnd, SEC_DESC_BUF *sec_desc_buf);
-BOOL do_reg_get_key_sec(struct cli_state *cli, POLICY_HND *hnd, uint32 *sec_buf_size, SEC_DESC_BUF **ppsec_desc_buf);
-BOOL do_reg_delete_val(struct cli_state *cli, POLICY_HND *hnd, char *val_name);
-BOOL do_reg_delete_key(struct cli_state *cli, POLICY_HND *hnd, char *key_name);
-BOOL do_reg_create_key(struct cli_state *cli, POLICY_HND *hnd,
- char *key_name, char *key_class,
- SEC_ACCESS *sam_access,
- POLICY_HND *key);
-BOOL do_reg_enum_key(struct cli_state *cli, POLICY_HND *hnd,
- int key_index, char *key_name,
- uint32 *unk_1, uint32 *unk_2,
- time_t *mod_time);
-BOOL do_reg_create_val(struct cli_state *cli, POLICY_HND *hnd,
- char *val_name, uint32 type, BUFFER3 *data);
-BOOL do_reg_enum_val(struct cli_state *cli, POLICY_HND *hnd,
- int val_index, int max_valnamelen, int max_valbufsize,
- fstring val_name,
- uint32 *val_type, BUFFER2 *value);
-BOOL do_reg_open_entry(struct cli_state *cli, POLICY_HND *hnd,
- char *key_name, uint32 unk_0,
- POLICY_HND *key_hnd);
-BOOL do_reg_close(struct cli_state *cli, POLICY_HND *hnd);
-
-/*The following definitions come from rpc_client/cli_samr.c */
-
-BOOL get_samr_query_usergroups(struct cli_state *cli,
- POLICY_HND *pol_open_domain, uint32 user_rid,
- uint32 *num_groups, DOM_GID *gid);
-BOOL get_samr_query_userinfo(struct cli_state *cli,
- POLICY_HND *pol_open_domain,
- uint32 info_level,
- uint32 user_rid, SAM_USER_INFO_21 *usr);
-BOOL do_samr_chgpasswd_user(struct cli_state *cli,
- char *srv_name, char *user_name,
- char nt_newpass[516], uchar nt_oldhash[16],
- char lm_newpass[516], uchar lm_oldhash[16]);
-BOOL do_samr_unknown_38(struct cli_state *cli, char *srv_name);
-BOOL do_samr_query_dom_info(struct cli_state *cli,
- POLICY_HND *domain_pol, uint16 switch_value);
-BOOL do_samr_enum_dom_users(struct cli_state *cli,
- POLICY_HND *pol, uint16 num_entries, uint16 unk_0,
- uint16 acb_mask, uint16 unk_1, uint32 size,
- struct acct_info **sam,
- int *num_sam_users);
-BOOL do_samr_connect(struct cli_state *cli,
- char *srv_name, uint32 unknown_0,
- POLICY_HND *connect_pol);
-BOOL do_samr_open_user(struct cli_state *cli,
- POLICY_HND *pol, uint32 unk_0, uint32 rid,
- POLICY_HND *user_pol);
-BOOL do_samr_open_domain(struct cli_state *cli,
- POLICY_HND *connect_pol, uint32 rid, DOM_SID *sid,
- POLICY_HND *domain_pol);
-BOOL do_samr_query_unknown_12(struct cli_state *cli,
- POLICY_HND *pol, uint32 rid, uint32 num_gids, uint32 *gids,
- uint32 *num_aliases,
- fstring als_names [MAX_LOOKUP_SIDS],
- uint32 num_als_users[MAX_LOOKUP_SIDS]);
-BOOL do_samr_query_usergroups(struct cli_state *cli,
- POLICY_HND *pol, uint32 *num_groups, DOM_GID *gid);
-BOOL do_samr_query_userinfo(struct cli_state *cli,
- POLICY_HND *pol, uint16 switch_value, void* usr);
-BOOL do_samr_close(struct cli_state *cli, POLICY_HND *hnd);
-
-/*The following definitions come from rpc_client/cli_spoolss_notify.c */
-
-BOOL spoolss_disconnect_from_client( struct cli_state *cli);
-BOOL spoolss_connect_to_client( struct cli_state *cli, char *remote_machine);
-BOOL cli_spoolss_reply_open_printer(struct cli_state *cli, char *printer, uint32 localprinter, uint32 type, uint32 *status, POLICY_HND *handle);
-BOOL cli_spoolss_reply_rrpcn(struct cli_state *cli, POLICY_HND *handle,
- uint32 change_low, uint32 change_high, uint32 *status);
-BOOL cli_spoolss_reply_close_printer(struct cli_state *cli, POLICY_HND *handle, uint32 *status);
-
-/*The following definitions come from rpc_client/cli_srvsvc.c */
-
-BOOL do_srv_net_srv_conn_enum(struct cli_state *cli,
- char *server_name, char *qual_name,
- uint32 switch_value, SRV_CONN_INFO_CTR *ctr,
- uint32 preferred_len,
- ENUM_HND *hnd);
-BOOL do_srv_net_srv_sess_enum(struct cli_state *cli,
- char *server_name, char *qual_name,
- uint32 switch_value, SRV_SESS_INFO_CTR *ctr,
- uint32 preferred_len,
- ENUM_HND *hnd);
-BOOL do_srv_net_srv_share_enum(struct cli_state *cli,
- char *server_name,
- uint32 switch_value, SRV_R_NET_SHARE_ENUM *r_o,
- uint32 preferred_len, ENUM_HND *hnd);
-BOOL do_srv_net_srv_file_enum(struct cli_state *cli,
- char *server_name, char *qual_name,
- uint32 switch_value, SRV_FILE_INFO_CTR *ctr,
- uint32 preferred_len,
- ENUM_HND *hnd);
-BOOL do_srv_net_srv_get_info(struct cli_state *cli,
- char *server_name, uint32 switch_value, SRV_INFO_CTR *ctr);
-
-/*The following definitions come from rpc_client/cli_use.c */
-
-void init_cli_use(void);
-void free_cli_use(void);
-struct cli_state *cli_net_use_add(const char *srv_name,
- const struct ntuser_creds *usr_creds,
- BOOL reuse, BOOL *is_new);
-BOOL cli_net_use_del(const char *srv_name,
- const struct ntuser_creds *usr_creds,
- BOOL force_close, BOOL *connection_closed);
-void cli_net_use_enum(uint32 *num_cons, struct use_info ***use);
-void cli_use_wait_keyboard(void);
-
-/*The following definitions come from rpc_client/cli_wkssvc.c */
-
-BOOL do_wks_query_info(struct cli_state *cli,
- char *server_name, uint32 switch_value,
- WKS_INFO_100 *wks100);
-
-/*The following definitions come from rpc_client/ncacn_np_use.c */
-
-BOOL ncacn_np_use_del(const char *srv_name, const char *pipe_name,
- const vuser_key * key,
- BOOL force_close, BOOL *connection_closed);
-struct ncacn_np *ncacn_np_initialise(struct ncacn_np *msrpc,
- const vuser_key * key);
-struct ncacn_np *ncacn_np_use_add(const char *pipe_name,
- const vuser_key * key,
- const char *srv_name,
- const struct ntuser_creds *ntc,
- BOOL reuse, BOOL *is_new_connection);
-#endif /* _PROTO_H_ */
diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h
index 8e1368810f..33dde6e3cb 100644
--- a/source3/include/rpc_lsa.h
+++ b/source3/include/rpc_lsa.h
@@ -237,7 +237,7 @@ typedef struct r_lsa_query_sec_obj_info
typedef struct lsa_query_info
{
POLICY_HND pol; /* policy handle */
- uint16 info_class; /* info class */
+ uint16 info_class; /* info class */
} LSA_Q_QUERY_INFO;
@@ -537,6 +537,7 @@ typedef struct
POLICY_HND pol; /* policy handle */
DOM_SID2 sid;
UNISTR2_ARRAY rights;
+ uint32 count;
} LSA_Q_ADD_ACCT_RIGHTS;
/* LSA_R_ADD_ACCT_RIGHTS - LSA add account rights */
@@ -553,6 +554,7 @@ typedef struct
DOM_SID2 sid;
uint32 removeall;
UNISTR2_ARRAY rights;
+ uint32 count;
} LSA_Q_REMOVE_ACCT_RIGHTS;
/* LSA_R_REMOVE_ACCT_RIGHTS - LSA remove account rights */
@@ -561,22 +563,6 @@ typedef struct
NTSTATUS status;
} LSA_R_REMOVE_ACCT_RIGHTS;
-/* LSA_Q_ENUM_ACCT_WITH_RIGHT - LSA enum accounts with right */
-typedef struct
-{
- POLICY_HND pol;
- STRHDR right_hdr;
- UNISTR2 right;
-} LSA_Q_ENUM_ACCT_WITH_RIGHT;
-
-/* LSA_R_ENUM_ACCT_WITH_RIGHT - LSA enum accounts with right */
-typedef struct
-{
- uint32 count;
- SID_ARRAY sids;
- NTSTATUS status;
-} LSA_R_ENUM_ACCT_WITH_RIGHT;
-
/* LSA_Q_PRIV_GET_DISPNAME - LSA get privilege display name */
typedef struct lsa_q_priv_get_dispname
diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h
index 06ad760c58..7710489435 100644
--- a/source3/include/rpc_misc.h
+++ b/source3/include/rpc_misc.h
@@ -227,22 +227,6 @@ typedef struct
UNISTR2_ARRAY_EL *strings;
} UNISTR2_ARRAY;
-
-/* an element in a sid array */
-typedef struct
-{
- uint32 ref_id;
- DOM_SID2 sid;
-} SID_ARRAY_EL;
-
-/* an array of sids */
-typedef struct
-{
- uint32 ref_id;
- uint32 count;
- SID_ARRAY_EL *sids;
-} SID_ARRAY;
-
/* DOM_RID2 - domain RID structure for ntlsa pipe */
typedef struct domrid2_info
{
diff --git a/source3/include/safe_string.h b/source3/include/safe_string.h
index a6b352b02e..df3633d91d 100644
--- a/source3/include/safe_string.h
+++ b/source3/include/safe_string.h
@@ -113,24 +113,24 @@ size_t __unsafe_string_function_usage_here_char__(void);
#endif /* HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS */
-/* the addition of the DEVELOPER checks in safe_strcpy means we must
- * update a lot of code. To make this a little easier here are some
- * functions that provide the lengths with less pain */
-#define pstrcpy_base(dest, src, pstring_base) \
- safe_strcpy(dest, src, sizeof(pstring)-PTR_DIFF(dest,pstring_base)-1)
-
#define safe_strcpy_base(dest, src, base, size) \
safe_strcpy(dest, src, size-PTR_DIFF(dest,base)-1)
-/* String copy functions - macro hell below adds 'type checking'
- (limited, but the best we can do in C) and may tag with function
- name/number to record the last 'clobber region' on that string */
+/* String copy functions - macro hell below adds 'type checking' (limited,
+ but the best we can do in C) and may tag with function name/number to
+ record the last 'clobber region' on that string */
#define pstrcpy(d,s) safe_strcpy((d), (s),sizeof(pstring)-1)
#define pstrcat(d,s) safe_strcat((d), (s),sizeof(pstring)-1)
#define fstrcpy(d,s) safe_strcpy((d),(s),sizeof(fstring)-1)
#define fstrcat(d,s) safe_strcat((d),(s),sizeof(fstring)-1)
+/* the addition of the DEVELOPER checks in safe_strcpy means we must
+ * update a lot of code. To make this a little easier here are some
+ * functions that provide the lengths with less pain */
+#define pstrcpy_base(dest, src, pstring_base) \
+ safe_strcpy(dest, src, sizeof(pstring)-PTR_DIFF(dest,pstring_base)-1)
+
/* Inside the _fn variants of these is a call to clobber_region(), -
* which might destroy the stack on a buggy function. We help the
diff --git a/source3/include/sam.h b/source3/include/sam.h
deleted file mode 100644
index f46a6e7bcb..0000000000
--- a/source3/include/sam.h
+++ /dev/null
@@ -1,238 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- SAM structures
- Copyright (C) Kai Krueger 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Simo Sorce 2002
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Jelmer Vernooij 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#ifndef _SAM_H
-#define _SAM_H
-
-/* We want to track down bugs early */
-#if 1
-#define SAM_ASSERT(x) SMB_ASSERT(x)
-#else
-#define SAM_ASSERT(x) while (0) { \
- if (!(x)) {
- DEBUG(0, ("SAM_ASSERT failed!\n"))
- return NT_STATUS_FAIL_CHECK;\
- } \
- }
-#endif
-
-
-/* let it be 0 until we have a stable interface --metze */
-#define SAM_INTERFACE_VERSION 0
-
-/* use this inside a passdb module */
-#define SAM_MODULE_VERSIONING_MAGIC \
-int sam_version(void)\
-{\
- return SAM_INTERFACE_VERSION;\
-}
-
-/* Backend to use by default when no backend was specified */
-#define SAM_DEFAULT_BACKEND "plugin"
-
-typedef struct sam_domain_handle {
- TALLOC_CTX *mem_ctx;
- uint32 access_granted;
- const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */
- void (*free_fn)(struct sam_domain_handle **);
- struct domain_data {
- DOM_SID sid; /*SID of the domain. Should not be changed */
- char *name; /* Name of the domain */
- char *servername; /* */
- NTTIME max_passwordage; /* time till next password expiration */
- NTTIME min_passwordage; /* time till password can be changed again */
- NTTIME lockout_duration; /* time till login is allowed again after lockout*/
- NTTIME reset_count; /* time till bad login counter is reset */
- uint16 min_passwordlength; /* minimum number of characters for a password */
- uint16 password_history; /* number of passwords stored in history */
- uint16 lockout_count; /* number of bad login attempts before lockout */
- BOOL force_logoff; /* force logoff after logon hours have expired */
- BOOL login_pwdchange; /* Users need to logon to change their password */
- uint32 num_accounts; /* number of accounts in the domain */
- uint32 num_groups; /* number of global groups */
- uint32 num_aliases; /* number of local groups */
- uint32 sam_sequence_number; /* global sequence number */
- } private;
-} SAM_DOMAIN_HANDLE;
-
-typedef struct sam_account_handle {
- TALLOC_CTX *mem_ctx;
- uint32 access_granted;
- const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */
- void (*free_fn)(struct sam_account_handle **);
- struct sam_account_data {
- uint32 init_flag;
- NTTIME logon_time; /* logon time */
- NTTIME logoff_time; /* logoff time */
- NTTIME kickoff_time; /* kickoff time */
- NTTIME pass_last_set_time; /* password last set time */
- NTTIME pass_can_change_time; /* password can change time */
- NTTIME pass_must_change_time; /* password must change time */
- char * account_name; /* account_name string */
- SAM_DOMAIN_HANDLE * domain; /* domain of account */
- char *full_name; /* account's full name string */
- char *unix_home_dir; /* UNIX home directory string */
- char *home_dir; /* home directory string */
- char *dir_drive; /* home directory drive string */
- char *logon_script; /* logon script string */
- char *profile_path; /* profile path string */
- char *acct_desc; /* account description string */
- char *workstations; /* login from workstations string */
- char *unknown_str; /* don't know what this is, yet. */
- char *munged_dial; /* munged path name and dial-back tel number */
- DOM_SID account_sid; /* Primary Account SID */
- DOM_SID group_sid; /* Primary Group SID */
- DATA_BLOB lm_pw; /* .data is Null if no password */
- DATA_BLOB nt_pw; /* .data is Null if no password */
- char *plaintext_pw; /* if Null not available */
- uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
- uint32 unknown_1; /* 0x00ff ffff */
- uint16 logon_divs; /* 168 - number of hours in a week */
- uint32 hours_len; /* normally 21 bytes */
- uint8 hours[MAX_HOURS_LEN];
- uint32 unknown_2; /* 0x0002 0000 */
- uint32 unknown_3; /* 0x0000 04ec */
- } private;
-} SAM_ACCOUNT_HANDLE;
-
-typedef struct sam_group_handle {
- TALLOC_CTX *mem_ctx;
- uint32 access_granted;
- const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */
- void (*free_fn)(struct sam_group_handle **);
- struct sam_group_data {
- char *group_name;
- char *group_desc;
- DOM_SID sid;
- uint16 group_ctrl; /* specifies if the group is a local group or a global group */
- uint32 num_members;
- } private;
-} SAM_GROUP_HANDLE;
-
-
-typedef struct sam_group_member {
- DOM_SID sid;
- BOOL group; /* specifies if it is a group or a account */
-} SAM_GROUP_MEMBER;
-
-typedef struct sam_account_enum {
- DOM_SID sid;
- char *account_name;
- char *full_name;
- char *account_desc;
- uint16 acct_ctrl;
-} SAM_ACCOUNT_ENUM;
-
-typedef struct sam_group_enum {
- DOM_SID sid;
- char *group_name;
- char *group_desc;
- uint16 group_ctrl;
-} SAM_GROUP_ENUM;
-
-
-/* bits for group_ctrl: to spezify if the group is global group or alias */
-#define GCB_LOCAL_GROUP 0x0001
-#define GCB_ALIAS_GROUP (GCB_LOCAL_GROUP |GCB_BUILTIN)
-#define GCB_GLOBAL_GROUP 0x0002
-#define GCB_BUILTIN 0x1000
-
-typedef struct sam_context
-{
- struct sam_methods *methods;
- TALLOC_CTX *mem_ctx;
-
- void (*free_fn)(struct sam_context **);
-} SAM_CONTEXT;
-
-typedef struct sam_methods
-{
- struct sam_context *parent;
- struct sam_methods *next;
- struct sam_methods *prev;
- const char *backendname;
- const char *domain_name;
- DOM_SID domain_sid;
- void *private_data;
-
- /* General API */
-
- NTSTATUS (*sam_get_sec_desc) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd);
- NTSTATUS (*sam_set_sec_desc) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd);
-
- NTSTATUS (*sam_lookup_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type);
- NTSTATUS (*sam_lookup_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const char *name, DOM_SID *sid, uint32 *type);
-
- /* Domain API */
-
- NTSTATUS (*sam_update_domain) (const struct sam_methods *, const SAM_DOMAIN_HANDLE *domain);
- NTSTATUS (*sam_get_domain_handle) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, SAM_DOMAIN_HANDLE **domain);
-
- /* Account API */
-
- NTSTATUS (*sam_create_account) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account);
- NTSTATUS (*sam_add_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account);
- NTSTATUS (*sam_update_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account);
- NTSTATUS (*sam_delete_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account);
- NTSTATUS (*sam_enum_accounts) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts);
-
- NTSTATUS (*sam_get_account_by_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account);
- NTSTATUS (*sam_get_account_by_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_ACCOUNT_HANDLE **account);
-
- /* Group API */
-
- NTSTATUS (*sam_create_group) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group);
- NTSTATUS (*sam_add_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group);
- NTSTATUS (*sam_update_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group);
- NTSTATUS (*sam_delete_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group);
- NTSTATUS (*sam_enum_groups) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups);
- NTSTATUS (*sam_get_group_by_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group);
- NTSTATUS (*sam_get_group_by_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group);
-
- NTSTATUS (*sam_add_member_to_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member);
- NTSTATUS (*sam_delete_member_from_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member);
- NTSTATUS (*sam_enum_groupmembers) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members);
-
- NTSTATUS (*sam_get_groups_of_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups);
-
- void (*free_private_data)(void **);
-} SAM_METHODS;
-
-typedef NTSTATUS (*sam_init_function)(SAM_METHODS *, const char *);
-
-struct sam_init_function_entry {
- char *module_name;
- /* Function to create a member of the sam_methods list */
- sam_init_function init;
-};
-
-typedef struct sam_backend_entry {
- char *module_name;
- char *module_params;
- char *domain_name;
- DOM_SID *domain_sid;
-} SAM_BACKEND_ENTRY;
-
-
-#endif /* _SAM_H */
diff --git a/source3/include/secrets.h b/source3/include/secrets.h
index 07faf28d43..183b29d7a8 100644
--- a/source3/include/secrets.h
+++ b/source3/include/secrets.h
@@ -57,14 +57,14 @@ struct machine_acct_pass {
/*
* storage structure for trusted domain
*/
-typedef struct trusted_dom_pass {
+struct trusted_dom_pass {
size_t uni_name_len;
smb_ucs2_t uni_name[32]; /* unicode domain name */
size_t pass_len;
fstring pass; /* trust relationship's password */
time_t mod_time;
DOM_SID domain_sid; /* remote domain's sid */
-} TRUSTED_DOM_PASS;
+};
/*
* trusted domain entry/entries returned by secrets_get_trusted_domains
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 62cc95ecb0..d8ca9bde05 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -78,10 +78,6 @@ typedef int BOOL;
#define READ_EOF 2
#define READ_ERROR 3
-/* This error code can go into the client smb_rw_error. */
-#define WRITE_ERROR 4
-#define READ_BAD_SIG 5
-
#define DIR_STRUCT_SIZE 43
/* these define the attribute byte as seen by DOS */
@@ -165,6 +161,9 @@ typedef uint16 smb_ucs2_t;
typedef smb_ucs2_t wpstring[PSTRING_LEN];
typedef smb_ucs2_t wfstring[FSTRING_LEN];
+/* This error code can go into the client smb_rw_error. */
+#define WRITE_ERROR 4
+
#ifdef WORDS_BIGENDIAN
#define UCS2_SHIFT 8
#else
@@ -238,8 +237,6 @@ typedef struct nttime_info
#define MAXSUBAUTHS 15 /* max sub authorities in a SID */
#endif
-#define SID_MAX_SIZE ((size_t)(8+(MAXSUBAUTHS*4)))
-
/* SID Types */
enum SID_NAME_USE
{
@@ -368,7 +365,6 @@ typedef struct
SMB_STRUCT_STAT *statinfo;
} smb_filename;
-#include "fake_file.h"
typedef struct files_struct
{
@@ -405,8 +401,6 @@ typedef struct files_struct
char *fsp_name;
} files_struct;
-#include "ntquotas.h"
-
/* used to hold an arbitrary blob of data */
typedef struct data_blob {
uint8 *data;
@@ -977,23 +971,23 @@ struct bitmap {
#define TRANSACT_WAITNAMEDPIPEHANDLESTATE 0x53
/* These are the TRANS2 sub commands */
-#define TRANSACT2_OPEN 0x00
-#define TRANSACT2_FINDFIRST 0x01
-#define TRANSACT2_FINDNEXT 0x02
-#define TRANSACT2_QFSINFO 0x03
-#define TRANSACT2_SETFSINFO 0x04
-#define TRANSACT2_QPATHINFO 0x05
-#define TRANSACT2_SETPATHINFO 0x06
-#define TRANSACT2_QFILEINFO 0x07
-#define TRANSACT2_SETFILEINFO 0x08
-#define TRANSACT2_FSCTL 0x09
-#define TRANSACT2_IOCTL 0x0A
-#define TRANSACT2_FINDNOTIFYFIRST 0x0B
-#define TRANSACT2_FINDNOTIFYNEXT 0x0C
-#define TRANSACT2_MKDIR 0x0D
-#define TRANSACT2_SESSION_SETUP 0x0E
-#define TRANSACT2_GET_DFS_REFERRAL 0x10
-#define TRANSACT2_REPORT_DFS_INCONSISTANCY 0x11
+#define TRANSACT2_OPEN 0
+#define TRANSACT2_FINDFIRST 1
+#define TRANSACT2_FINDNEXT 2
+#define TRANSACT2_QFSINFO 3
+#define TRANSACT2_SETFSINFO 4
+#define TRANSACT2_QPATHINFO 5
+#define TRANSACT2_SETPATHINFO 6
+#define TRANSACT2_QFILEINFO 7
+#define TRANSACT2_SETFILEINFO 8
+#define TRANSACT2_FSCTL 9
+#define TRANSACT2_IOCTL 0xA
+#define TRANSACT2_FINDNOTIFYFIRST 0xB
+#define TRANSACT2_FINDNOTIFYNEXT 0xC
+#define TRANSACT2_MKDIR 0xD
+#define TRANSACT2_SESSION_SETUP 0xE
+#define TRANSACT2_GET_DFS_REFERRAL 0x10
+#define TRANSACT2_REPORT_DFS_INCONSISTANCY 0x11
/* These are the NT transact sub commands. */
#define NT_TRANSACT_CREATE 1
@@ -1002,13 +996,6 @@ struct bitmap {
#define NT_TRANSACT_NOTIFY_CHANGE 4
#define NT_TRANSACT_RENAME 5
#define NT_TRANSACT_QUERY_SECURITY_DESC 6
-#define NT_TRANSACT_GET_USER_QUOTA 7
-#define NT_TRANSACT_SET_USER_QUOTA 8
-
-/* These are the NT transact_get_user_quota sub commands */
-#define TRANSACT_GET_USER_QUOTA_LIST_CONTINUE 0x0000
-#define TRANSACT_GET_USER_QUOTA_LIST_START 0x0100
-#define TRANSACT_GET_USER_QUOTA_FOR_SID 0x0101
/* Relevant IOCTL codes */
#define IOCTL_QUERY_JOB_INFO 0x530060
@@ -1249,23 +1236,18 @@ struct bitmap {
#define RENAME_REPLACE_IF_EXISTS 1
/* Filesystem Attributes. */
-#define FILE_CASE_SENSITIVE_SEARCH 0x00000001
-#define FILE_CASE_PRESERVED_NAMES 0x00000002
-#define FILE_UNICODE_ON_DISK 0x00000004
+#define FILE_CASE_SENSITIVE_SEARCH 0x01
+#define FILE_CASE_PRESERVED_NAMES 0x02
+#define FILE_UNICODE_ON_DISK 0x04
/* According to cifs9f, this is 4, not 8 */
/* Acconding to testing, this actually sets the security attribute! */
-#define FILE_PERSISTENT_ACLS 0x00000008
-#define FILE_FILE_COMPRESSION 0x00000010
-#define FILE_VOLUME_QUOTAS 0x00000020
-#define FILE_SUPPORTS_SPARSE_FILES 0x00000040
-#define FILE_SUPPORTS_REPARSE_POINTS 0x00000080
-#define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100
-#define FS_LFN_APIS 0x00004000
-#define FILE_VOLUME_IS_COMPRESSED 0x00008000
-#define FILE_SUPPORTS_OBJECT_IDS 0x00010000
-#define FILE_SUPPORTS_ENCRYPTION 0x00020000
-#define FILE_NAMED_STREAMS 0x00040000
-#define FILE_READ_ONLY_VOLUME 0x00080000
+#define FILE_PERSISTENT_ACLS 0x08
+/* These entries added from cifs9f --tsb */
+#define FILE_FILE_COMPRESSION 0x10
+#define FILE_VOLUME_QUOTAS 0x20
+/* I think this is wrong. JRA #define FILE_DEVICE_IS_MOUNTED 0x20 */
+#define FILE_VOLUME_SPARSE_FILE 0x40
+#define FILE_VOLUME_IS_COMPRESSED 0x8000
/* ChangeNotify flags. */
#define FILE_NOTIFY_CHANGE_FILE 0x001
diff --git a/source3/include/smb_ldap.h b/source3/include/smb_ldap.h
deleted file mode 100644
index 1a30b853e7..0000000000
--- a/source3/include/smb_ldap.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- LDAP protocol helper functions for SAMBA
- Copyright (C) Jean François Micouleau 1998
- Copyright (C) Gerald Carter 2001
- Copyright (C) Shahms King 2001
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Jim McDonough 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
-*/
-
-#ifndef SMB_LDAP_H
-#define SMB_LDAP_H
-
-#ifdef HAVE_LDAP
-
-#include <lber.h>
-#include <ldap.h>
-
-struct smb_ldap_privates {
-
- /* Former statics */
- LDAP *ldap_struct;
- LDAPMessage *result;
- LDAPMessage *entry;
- int index;
-
- time_t last_ping;
- /* retrive-once info */
- const char *uri;
-
- BOOL permit_non_unix_accounts;
-
- uint32 low_nua_rid;
- uint32 high_nua_rid;
-
- char *bind_dn;
- char *bind_secret;
-
- struct smb_ldap_privates *next;
-};
-
-#endif
-#endif
diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h
index 477940445c..8efb966d0b 100644
--- a/source3/include/smb_macros.h
+++ b/source3/include/smb_macros.h
@@ -77,12 +77,15 @@
#define OPEN_CONN(conn) ((conn) && (conn)->open)
#define IS_IPC(conn) ((conn) && (conn)->ipc)
#define IS_PRINT(conn) ((conn) && (conn)->printer)
-#define FNUM_OK(fsp,c) (OPEN_FSP(fsp) && (c)==(fsp)->conn)
+#define FNUM_OK(fsp,c) (OPEN_FSP(fsp) && (c)==(fsp)->conn && current_user.vuid==(fsp)->vuid)
-#define CHECK_FSP(fsp,conn) if (!FNUM_OK(fsp,conn)) \
+#define CHECK_FSP(fsp,conn) do {\
+ extern struct current_user current_user;\
+ if (!FNUM_OK(fsp,conn)) \
return(ERROR_DOS(ERRDOS,ERRbadfid)); \
else if((fsp)->fd == -1) \
- return(ERROR_DOS(ERRDOS,ERRbadaccess))
+ return(ERROR_DOS(ERRDOS,ERRbadaccess));\
+ } while(0)
#define CHECK_READ(fsp) if (!(fsp)->can_read) \
return(ERROR_DOS(ERRDOS,ERRbadaccess))
diff --git a/source3/include/tdbsam2.h b/source3/include/tdbsam2.h
deleted file mode 100644
index 047b4e7c90..0000000000
--- a/source3/include/tdbsam2.h
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * Unix SMB/CIFS implementation.
- * tdbsam2 genstruct enabled header file
- * Copyright (C) Simo Sorce 2002
- *
- * This program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
- * more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 675
- * Mass Ave, Cambridge, MA 02139, USA.
- */
-
-/* ALL strings assumes UTF8 as encoding */
-
-GENSTRUCT struct tdbsam2_domain_data {
- uint32 xcounter; /* counter to be updated at any change */
-
- SEC_DESC *sec_desc; /* Security Descriptor */
- DOM_SID *dom_sid; /* The Domain SID */
- char *name; _NULLTERM /* NT Domain Name */
- char *description; _NULLTERM /* Descritpion (Gecos) */
-
- uint32 next_rid; /* The Next free RID */
-};
-
-GENSTRUCT struct tdbsam2_user_data {
- uint32 xcounter; /* counter to be updated at any change */
-
- SEC_DESC *sec_desc; /* Security Descriptor */
- DOM_SID *user_sid; /* The User SID */
- char *name; _NULLTERM /* NT User Name */
- char *description; _NULLTERM /* Descritpion (Gecos) */
-
- DOM_SID *group_sid; /* The Primary Group SID */
-
- NTTIME *logon_time;
- NTTIME *logoff_time;
- NTTIME *kickoff_time;
- NTTIME *pass_last_set_time;
- NTTIME *pass_can_change_time;
- NTTIME *pass_must_change_time;
-
- char *full_name; _NULLTERM /* The Full Name */
- char *home_dir; _NULLTERM /* Home Directory */
- char *dir_drive; _NULLTERM /* Drive Letter the home should be mapped to */
- char *logon_script; _NULLTERM /* Logon script path */
- char *profile_path; _NULLTERM /* Profile is stored here */
- char *workstations; _NULLTERM /* List of Workstation names the user is allowed to LogIn */
- char *unknown_str; _NULLTERM /* Guess ... Unknown */
- char *munged_dial; _NULLTERM /* Callback Number */
-
- /* passwords are 16 byte leght, pointer is null if no password */
- uint8 *lm_pw_ptr; _LEN(16) /* Lanman hashed password */
- uint8 *nt_pw_ptr; _LEN(16) /* NT hashed password */
-
- uint16 logon_divs; /* 168 - num of hours in a week */
- uint32 hours_len; /* normally 21 */
- uint8 *hours; _LEN(hours_len) /* normally 21 bytes (depends on hours_len) */
-
- uint32 unknown_3; /* 0x00ff ffff */
- uint32 unknown_5; /* 0x0002 0000 */
- uint32 unknown_6; /* 0x0000 04ec */
-};
-
-GENSTRUCT struct tdbsam2_group_data {
- uint32 xcounter; /* counter to be updated at any change */
-
- SEC_DESC *sec_desc; /* Security Descriptor */
- DOM_SID *group_sid; /* The Group SID */
- char *name; _NULLTERM /* NT Group Name */
- char *description; _NULLTERM /* Descritpion (Gecos) */
-
- uint32 count; /* number of sids */
- DOM_SID **members; _LEN(count) /* SID array */
-};
-
-GENSTRUCT struct tdbsam2_privilege_data {
- uint32 xcounter; /* counter to be updated at any change */
-
- LUID_ATTR *privilege; /* Privilege */
- char *name; _NULLTERM /* NT User Name */
- char *description; _NULLTERM /* Descritpion (Gecos) */
-
- uint32 count; /* number of sids */
- DOM_SID **members; _LEN(count) /* SID array */
-};
-
diff --git a/source3/include/trans2.h b/source3/include/trans2.h
index 2ccf83478b..3468d3b995 100644
--- a/source3/include/trans2.h
+++ b/source3/include/trans2.h
@@ -206,9 +206,7 @@ Byte offset Type name description
#define SMB_QUERY_FS_SIZE_INFO 0x103
#define SMB_QUERY_FS_DEVICE_INFO 0x104
#define SMB_QUERY_FS_ATTRIBUTE_INFO 0x105
-#if 0
-#define SMB_QUERY_FS_QUOTA_INFO
-#endif
+
#define l2_vol_fdateCreation 0
#define l2_vol_cch 4
@@ -322,7 +320,7 @@ Byte offset Type name description
#define SMB_FS_SIZE_INFORMATION 1003
#define SMB_FS_DEVICE_INFORMATION 1004
#define SMB_FS_ATTRIBUTE_INFORMATION 1005
-#define SMB_FS_QUOTA_INFORMATION 1006
+#define SMB_FS_CONTROL_INFORMATION 1006
#define SMB_FS_FULL_SIZE_INFORMATION 1007
#define SMB_FS_OBJECTID_INFORMATION 1008
diff --git a/source3/include/version.h b/source3/include/version.h
index c0a1c702f2..3ee1d8db59 100644
--- a/source3/include/version.h
+++ b/source3/include/version.h
@@ -1 +1 @@
-#define VERSION "post3.0-HEAD"
+#define VERSION "3.0alpha24"
diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index 756e417814..9a06764371 100644
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -48,7 +48,7 @@
#define SMB_VFS_INTERFACE_VERSION 5
-/* Version of supported cascaded interface backward compatibility.
+/* Version of supported cascaded interface backward copmatibility.
(version 5 corresponds to SMB_VFS_INTERFACE_VERSION 5)
It is used in vfs_init_custom() to detect VFS modules which conform to cascaded
VFS interface but implement elder version than current version of Samba uses.
@@ -77,7 +77,7 @@
is unloaded from smbd process using sys_dlclose().
Prototypes:
- vfs_op_tuple *vfs_init(const struct vfs_ops *def_vfs_ops,
+ vfs_op_tuple *vfs_init(int *vfs_version, const struct vfs_ops *def_vfs_ops,
struct smb_vfs_handle_struct *vfs_handle);
void vfs_done(connection_struct *conn);
diff --git a/source3/lib/account_pol.c b/source3/lib/account_pol.c
index e8b382c7ab..2e619c0c6b 100644
--- a/source3/lib/account_pol.c
+++ b/source3/lib/account_pol.c
@@ -118,7 +118,7 @@ BOOL account_policy_get(int field, uint32 *value)
{
fstring name;
- if(!init_account_policy())return False;
+ init_account_policy();
*value = 0;
@@ -142,7 +142,7 @@ BOOL account_policy_set(int field, uint32 value)
{
fstring name;
- if(!init_account_policy())return False;
+ init_account_policy();
fstrcpy(name, decode_account_policy_name(field));
if (!*name) {
diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c
index 7acb7147fd..8b93e30267 100644
--- a/source3/lib/charcnv.c
+++ b/source3/lib/charcnv.c
@@ -4,7 +4,6 @@
Copyright (C) Igor Vergeichik <iverg@mail.ru> 2001
Copyright (C) Andrew Tridgell 2001
Copyright (C) Simo Sorce 2001
- Copyright (C) Martin Pool 2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -38,6 +37,7 @@
* @sa lib/iconv.c
*/
+static pstring cvtbuf;
static smb_iconv_t conv_handles[NUM_CHARSETS][NUM_CHARSETS];
@@ -193,7 +193,7 @@ size_t convert_string(charset_t from, charset_t to,
**/
size_t convert_string_allocate(charset_t from, charset_t to,
- void const *src, size_t srclen, void **dest)
+ void const *src, size_t srclen, void **dest)
{
size_t i_len, o_len, destlen;
size_t retval;
@@ -277,8 +277,6 @@ static size_t convert_string_talloc(TALLOC_CTX *ctx, charset_t from, charset_t t
void *alloced_string;
size_t dest_len;
- /* FIXME: Ridiculous to allocate two buffers and then copy the string! */
-
*dest = NULL;
dest_len=convert_string_allocate(from, to, src, srclen, &alloced_string);
if (dest_len == (size_t)-1)
@@ -293,40 +291,21 @@ static size_t convert_string_talloc(TALLOC_CTX *ctx, charset_t from, charset_t t
size_t unix_strupper(const char *src, size_t srclen, char *dest, size_t destlen)
{
size_t size;
- smb_ucs2_t *buffer;
-
- size = convert_string_allocate(CH_UNIX, CH_UCS2, src, srclen,
- (void **) &buffer);
- if (size == -1) {
- smb_panic("failed to create UCS2 buffer");
- }
- if (!strupper_w(buffer) && (dest == src)) {
- free(buffer);
+ smb_ucs2_t *buffer=(smb_ucs2_t*)cvtbuf;
+ size=convert_string(CH_UNIX, CH_UCS2, src, srclen, buffer, sizeof(cvtbuf));
+ if (!strupper_w(buffer) && (dest == src))
return srclen;
- }
-
- size = convert_string(CH_UCS2, CH_UNIX, buffer, size, dest, destlen);
- free(buffer);
- return size;
+ return convert_string(CH_UCS2, CH_UNIX, buffer, size, dest, destlen);
}
size_t unix_strlower(const char *src, size_t srclen, char *dest, size_t destlen)
{
size_t size;
- smb_ucs2_t *buffer;
-
- size = convert_string_allocate(CH_UNIX, CH_UCS2, src, srclen,
- (void **) &buffer);
- if (size == -1) {
- smb_panic("failed to create UCS2 buffer");
- }
- if (!strlower_w(buffer) && (dest == src)) {
- free(buffer);
+ smb_ucs2_t *buffer=(smb_ucs2_t*)cvtbuf;
+ size=convert_string(CH_UNIX, CH_UCS2, src, srclen, buffer, sizeof(cvtbuf));
+ if (!strlower_w(buffer) && (dest == src))
return srclen;
- }
- size = convert_string(CH_UCS2, CH_UNIX, buffer, size, dest, destlen);
- free(buffer);
- return size;
+ return convert_string(CH_UCS2, CH_UNIX, buffer, size, dest, destlen);
}
@@ -666,11 +645,11 @@ size_t pull_ucs2_talloc(TALLOC_CTX *ctx, char **dest, const smb_ucs2_t *src)
* @returns The number of bytes occupied by the string in the destination
**/
-size_t pull_ucs2_allocate(char **dest, const smb_ucs2_t *src)
+size_t pull_ucs2_allocate(void **dest, const smb_ucs2_t *src)
{
size_t src_len = (strlen_w(src)+1) * sizeof(smb_ucs2_t);
*dest = NULL;
- return convert_string_allocate(CH_UCS2, CH_UNIX, src, src_len, (void **)dest);
+ return convert_string_allocate(CH_UCS2, CH_UNIX, src, src_len, dest);
}
/**
diff --git a/source3/lib/domain_namemap.c b/source3/lib/domain_namemap.c
deleted file mode 100644
index 988f5e5d65..0000000000
--- a/source3/lib/domain_namemap.c
+++ /dev/null
@@ -1,1317 +0,0 @@
-/*
- Unix SMB/Netbios implementation.
- Version 1.9.
- Groupname handling
- Copyright (C) Jeremy Allison 1998.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-/*
- * UNIX gid and Local or Domain SID resolution. This module resolves
- * only those entries in the map files, it is *NOT* responsible for
- * resolving UNIX groups not listed: that is an entirely different
- * matter, altogether...
- */
-
-/*
- *
- *
-
- format of the file is:
-
- unixname NT Group name
- unixname Domain Admins (well-known Domain Group)
- unixname DOMAIN_NAME\NT Group name
- unixname OTHER_DOMAIN_NAME\NT Group name
- unixname DOMAIN_NAME\Domain Admins (well-known Domain Group)
- ....
-
- if the DOMAIN_NAME\ component is left off, then your own domain is assumed.
-
- *
- *
- */
-
-
-#include "includes.h"
-extern int DEBUGLEVEL;
-
-extern fstring global_myworkgroup;
-extern DOM_SID global_member_sid;
-extern fstring global_sam_name;
-extern DOM_SID global_sam_sid;
-extern DOM_SID global_sid_S_1_5_20;
-
-/*******************************************************************
- converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA
- ********************************************************************/
-static uid_t pwdb_user_rid_to_uid(uint32 user_rid)
-{
- return ((user_rid & (~RID_TYPE_USER))- 1000)/RID_MULTIPLIER;
-}
-
-/*******************************************************************
- converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA
- ********************************************************************/
-static uint32 pwdb_group_rid_to_gid(uint32 group_rid)
-{
- return ((group_rid & (~RID_TYPE_GROUP))- 1000)/RID_MULTIPLIER;
-}
-
-/*******************************************************************
- converts NT Alias RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA
- ********************************************************************/
-static uint32 pwdb_alias_rid_to_gid(uint32 alias_rid)
-{
- return ((alias_rid & (~RID_TYPE_ALIAS))- 1000)/RID_MULTIPLIER;
-}
-
-/*******************************************************************
- converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA
- ********************************************************************/
-static uint32 pwdb_gid_to_group_rid(uint32 gid)
-{
- uint32 grp_rid = ((((gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_GROUP);
- return grp_rid;
-}
-
-/******************************************************************
- converts UNIX gid to an NT Alias RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA
- ********************************************************************/
-static uint32 pwdb_gid_to_alias_rid(uint32 gid)
-{
- uint32 alias_rid = ((((gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_ALIAS);
- return alias_rid;
-}
-
-/*******************************************************************
- converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA
- ********************************************************************/
-static uint32 pwdb_uid_to_user_rid(uint32 uid)
-{
- uint32 user_rid = ((((uid)*RID_MULTIPLIER) + 1000) | RID_TYPE_USER);
- return user_rid;
-}
-
-/******************************************************************
- converts SID + SID_NAME_USE type to a UNIX id. the Domain SID is,
- and can only be, our own SID.
- ********************************************************************/
-static BOOL pwdb_sam_sid_to_unixid(DOM_SID *sid, uint8 type, uint32 *id)
-{
- DOM_SID tmp_sid;
- uint32 rid;
-
- sid_copy(&tmp_sid, sid);
- sid_split_rid(&tmp_sid, &rid);
- if (!sid_equal(&global_sam_sid, &tmp_sid))
- {
- return False;
- }
-
- switch (type)
- {
- case SID_NAME_USER:
- {
- *id = pwdb_user_rid_to_uid(rid);
- return True;
- }
- case SID_NAME_ALIAS:
- {
- *id = pwdb_alias_rid_to_gid(rid);
- return True;
- }
- case SID_NAME_DOM_GRP:
- case SID_NAME_WKN_GRP:
- {
- *id = pwdb_group_rid_to_gid(rid);
- return True;
- }
- }
- return False;
-}
-
-/******************************************************************
- converts UNIX gid + SID_NAME_USE type to a SID. the Domain SID is,
- and can only be, our own SID.
- ********************************************************************/
-static BOOL pwdb_unixid_to_sam_sid(uint32 id, uint8 type, DOM_SID *sid)
-{
- sid_copy(sid, &global_sam_sid);
- switch (type)
- {
- case SID_NAME_USER:
- {
- sid_append_rid(sid, pwdb_uid_to_user_rid(id));
- return True;
- }
- case SID_NAME_ALIAS:
- {
- sid_append_rid(sid, pwdb_gid_to_alias_rid(id));
- return True;
- }
- case SID_NAME_DOM_GRP:
- case SID_NAME_WKN_GRP:
- {
- sid_append_rid(sid, pwdb_gid_to_group_rid(id));
- return True;
- }
- }
- return False;
-}
-
-/*******************************************************************
- Decides if a RID is a well known RID.
- ********************************************************************/
-static BOOL pwdb_rid_is_well_known(uint32 rid)
-{
- return (rid < 1000);
-}
-
-/*******************************************************************
- determines a rid's type. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA
- ********************************************************************/
-static uint32 pwdb_rid_type(uint32 rid)
-{
- /* lkcl i understand that NT attaches an enumeration to a RID
- * such that it can be identified as either a user, group etc
- * type: SID_ENUM_TYPE.
- */
- if (pwdb_rid_is_well_known(rid))
- {
- /*
- * The only well known user RIDs are DOMAIN_USER_RID_ADMIN
- * and DOMAIN_USER_RID_GUEST.
- */
- if (rid == DOMAIN_USER_RID_ADMIN || rid == DOMAIN_USER_RID_GUEST)
- {
- return RID_TYPE_USER;
- }
- if (DOMAIN_GROUP_RID_ADMINS <= rid && rid <= DOMAIN_GROUP_RID_GUESTS)
- {
- return RID_TYPE_GROUP;
- }
- if (BUILTIN_ALIAS_RID_ADMINS <= rid && rid <= BUILTIN_ALIAS_RID_REPLICATOR)
- {
- return RID_TYPE_ALIAS;
- }
- }
- return (rid & RID_TYPE_MASK);
-}
-
-/*******************************************************************
- checks whether rid is a user rid. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA
- ********************************************************************/
-BOOL pwdb_rid_is_user(uint32 rid)
-{
- return pwdb_rid_type(rid) == RID_TYPE_USER;
-}
-
-/**************************************************************************
- Groupname map functionality. The code loads a groupname map file and
- (currently) loads it into a linked list. This is slow and memory
- hungry, but can be changed into a more efficient storage format
- if the demands on it become excessive.
-***************************************************************************/
-
-typedef struct name_map
-{
- ubi_slNode next;
- DOM_NAME_MAP grp;
-
-} name_map_entry;
-
-static ubi_slList groupname_map_list;
-static ubi_slList aliasname_map_list;
-static ubi_slList ntusrname_map_list;
-
-static void delete_name_entry(name_map_entry *gmep)
-{
- if (gmep->grp.nt_name)
- {
- free(gmep->grp.nt_name);
- }
- if (gmep->grp.nt_domain)
- {
- free(gmep->grp.nt_domain);
- }
- if (gmep->grp.unix_name)
- {
- free(gmep->grp.unix_name);
- }
- free((char*)gmep);
-}
-
-/**************************************************************************
- Delete all the entries in the name map list.
-***************************************************************************/
-
-static void delete_map_list(ubi_slList *map_list)
-{
- name_map_entry *gmep;
-
- while ((gmep = (name_map_entry *)ubi_slRemHead(map_list )) != NULL)
- {
- delete_name_entry(gmep);
- }
-}
-
-
-/**************************************************************************
- makes a group sid out of a domain sid and a _unix_ gid.
-***************************************************************************/
-static BOOL make_mydomain_sid(DOM_NAME_MAP *grp, DOM_MAP_TYPE type)
-{
- int ret = False;
- fstring sid_str;
-
- if (!map_domain_name_to_sid(&grp->sid, &(grp->nt_domain)))
- {
- DEBUG(0,("make_mydomain_sid: unknown domain %s\n",
- grp->nt_domain));
- return False;
- }
-
- if (sid_equal(&grp->sid, &global_sid_S_1_5_20))
- {
- /*
- * only builtin aliases are recognised in S-1-5-20
- */
- DEBUG(10,("make_mydomain_sid: group %s in builtin domain\n",
- grp->nt_name));
-
- if (lookup_builtin_alias_name(grp->nt_name, "BUILTIN", &grp->sid, &grp->type) != 0x0)
- {
- DEBUG(0,("unix group %s mapped to an unrecognised BUILTIN domain name %s\n",
- grp->unix_name, grp->nt_name));
- return False;
- }
- ret = True;
- }
- else if (lookup_wk_user_name(grp->nt_name, grp->nt_domain, &grp->sid, &grp->type) == 0x0)
- {
- if (type != DOM_MAP_USER)
- {
- DEBUG(0,("well-known NT user %s\\%s listed in wrong map file\n",
- grp->nt_domain, grp->nt_name));
- return False;
- }
- ret = True;
- }
- else if (lookup_wk_group_name(grp->nt_name, grp->nt_domain, &grp->sid, &grp->type) == 0x0)
- {
- if (type != DOM_MAP_DOMAIN)
- {
- DEBUG(0,("well-known NT group %s\\%s listed in wrong map file\n",
- grp->nt_domain, grp->nt_name));
- return False;
- }
- ret = True;
- }
- else
- {
- switch (type)
- {
- case DOM_MAP_USER:
- {
- grp->type = SID_NAME_USER;
- break;
- }
- case DOM_MAP_DOMAIN:
- {
- grp->type = SID_NAME_DOM_GRP;
- break;
- }
- case DOM_MAP_LOCAL:
- {
- grp->type = SID_NAME_ALIAS;
- break;
- }
- }
-
- ret = pwdb_unixid_to_sam_sid(grp->unix_id, grp->type, &grp->sid);
- }
-
- sid_to_string(sid_str, &grp->sid);
- DEBUG(10,("nt name %s\\%s gid %d mapped to %s\n",
- grp->nt_domain, grp->nt_name, grp->unix_id, sid_str));
- return ret;
-}
-
-/**************************************************************************
- makes a group sid out of an nt domain, nt group name or a unix group name.
-***************************************************************************/
-static BOOL unix_name_to_nt_name_info(DOM_NAME_MAP *map, DOM_MAP_TYPE type)
-{
- /*
- * Attempt to get the unix gid_t for this name.
- */
-
- DEBUG(5,("unix_name_to_nt_name_info: unix_name:%s\n", map->unix_name));
-
- if (type == DOM_MAP_USER)
- {
- const struct passwd *pwptr = Get_Pwnam(map->unix_name, False);
- if (pwptr == NULL)
- {
- DEBUG(0,("unix_name_to_nt_name_info: Get_Pwnam for user %s\
-failed. Error was %s.\n", map->unix_name, strerror(errno) ));
- return False;
- }
-
- map->unix_id = (uint32)pwptr->pw_uid;
- }
- else
- {
- struct group *gptr = getgrnam(map->unix_name);
- if (gptr == NULL)
- {
- DEBUG(0,("unix_name_to_nt_name_info: getgrnam for group %s\
-failed. Error was %s.\n", map->unix_name, strerror(errno) ));
- return False;
- }
-
- map->unix_id = (uint32)gptr->gr_gid;
- }
-
- DEBUG(5,("unix_name_to_nt_name_info: unix gid:%d\n", map->unix_id));
-
- /*
- * Now map the name to an NT SID+RID.
- */
-
- if (map->nt_domain != NULL && !strequal(map->nt_domain, global_sam_name))
- {
- /* Must add client-call lookup code here, to
- * resolve remote domain's sid and the group's rid,
- * in that domain.
- *
- * NOTE: it is _incorrect_ to put code here that assumes
- * we are responsible for lookups for foriegn domains' RIDs.
- *
- * for foriegn domains for which we are *NOT* the PDC, all
- * we can be responsible for is the unix gid_t to which
- * the foriegn SID+rid maps to, on this _local_ machine.
- * we *CANNOT* make any short-cuts or assumptions about
- * RIDs in a foriegn domain.
- */
-
- if (!map_domain_name_to_sid(&map->sid, &(map->nt_domain)))
- {
- DEBUG(0,("unix_name_to_nt_name_info: no known sid for %s\n",
- map->nt_domain));
- return False;
- }
- }
-
- return make_mydomain_sid(map, type);
-}
-
-static BOOL make_name_entry(name_map_entry **new_ep,
- char *nt_domain, char *nt_group, char *unix_group,
- DOM_MAP_TYPE type)
-{
- /*
- * Create the list entry and add it onto the list.
- */
-
- DEBUG(5,("make_name_entry:%s,%s,%s\n", nt_domain, nt_group, unix_group));
-
- (*new_ep) = (name_map_entry *)malloc(sizeof(name_map_entry));
- if ((*new_ep) == NULL)
- {
- DEBUG(0,("make_name_entry: malloc fail for name_map_entry.\n"));
- return False;
- }
-
- ZERO_STRUCTP(*new_ep);
-
- (*new_ep)->grp.nt_name = strdup(nt_group );
- (*new_ep)->grp.nt_domain = strdup(nt_domain );
- (*new_ep)->grp.unix_name = strdup(unix_group);
-
- if ((*new_ep)->grp.nt_name == NULL ||
- (*new_ep)->grp.unix_name == NULL)
- {
- DEBUG(0,("make_name_entry: malloc fail for names in name_map_entry.\n"));
- delete_name_entry((*new_ep));
- return False;
- }
-
- /*
- * look up the group names, make the Group-SID and unix gid
- */
-
- if (!unix_name_to_nt_name_info(&(*new_ep)->grp, type))
- {
- delete_name_entry((*new_ep));
- return False;
- }
-
- return True;
-}
-
-/**************************************************************************
- Load a name map file. Sets last accessed timestamp.
-***************************************************************************/
-static ubi_slList *load_name_map(DOM_MAP_TYPE type)
-{
- static time_t groupmap_file_last_modified = (time_t)0;
- static time_t aliasmap_file_last_modified = (time_t)0;
- static time_t ntusrmap_file_last_modified = (time_t)0;
- static BOOL initialised_group = False;
- static BOOL initialised_alias = False;
- static BOOL initialised_ntusr = False;
- char *groupname_map_file = lp_groupname_map();
- char *aliasname_map_file = lp_aliasname_map();
- char *ntusrname_map_file = lp_ntusrname_map();
-
- FILE *fp;
- char *s;
- pstring buf;
- name_map_entry *new_ep;
-
- time_t *file_last_modified = NULL;
- int *initialised = NULL;
- char *map_file = NULL;
- ubi_slList *map_list = NULL;
-
- switch (type)
- {
- case DOM_MAP_DOMAIN:
- {
- file_last_modified = &groupmap_file_last_modified;
- initialised = &initialised_group;
- map_file = groupname_map_file;
- map_list = &groupname_map_list;
-
- break;
- }
- case DOM_MAP_LOCAL:
- {
- file_last_modified = &aliasmap_file_last_modified;
- initialised = &initialised_alias;
- map_file = aliasname_map_file;
- map_list = &aliasname_map_list;
-
- break;
- }
- case DOM_MAP_USER:
- {
- file_last_modified = &ntusrmap_file_last_modified;
- initialised = &initialised_ntusr;
- map_file = ntusrname_map_file;
- map_list = &ntusrname_map_list;
-
- break;
- }
- }
-
- if (!(*initialised))
- {
- DEBUG(10,("initialising map %s\n", map_file));
- ubi_slInitList(map_list);
- (*initialised) = True;
- }
-
- if (!*map_file)
- {
- return map_list;
- }
-
- /*
- * Load the file.
- */
-
- fp = open_file_if_modified(map_file, "r", file_last_modified);
- if (!fp)
- {
- return map_list;
- }
-
- /*
- * Throw away any previous list.
- */
- delete_map_list(map_list);
-
- DEBUG(4,("load_name_map: Scanning name map %s\n",map_file));
-
- while ((s = fgets_slash(buf, sizeof(buf), fp)) != NULL)
- {
- pstring unixname;
- pstring nt_name;
- fstring nt_domain;
- fstring ntname;
- char *p;
-
- DEBUG(10,("Read line |%s|\n", s));
-
- memset(nt_name, 0, sizeof(nt_name));
-
- if (!*s || strchr("#;",*s))
- continue;
-
- if (!next_token(&s,unixname, "\t\n\r=", sizeof(unixname)))
- continue;
-
- if (!next_token(&s,nt_name, "\t\n\r=", sizeof(nt_name)))
- continue;
-
- trim_string(unixname, " ", " ");
- trim_string(nt_name, " ", " ");
-
- if (!*nt_name)
- continue;
-
- if (!*unixname)
- continue;
-
- p = strchr(nt_name, '\\');
-
- if (p == NULL)
- {
- memset(nt_domain, 0, sizeof(nt_domain));
- fstrcpy(ntname, nt_name);
- }
- else
- {
- *p = 0;
- p++;
- fstrcpy(nt_domain, nt_name);
- fstrcpy(ntname , p);
- }
-
- if (make_name_entry(&new_ep, nt_domain, ntname, unixname, type))
- {
- ubi_slAddTail(map_list, (ubi_slNode *)new_ep);
- DEBUG(5,("unixname = %s, ntname = %s\\%s type = %d\n",
- new_ep->grp.unix_name,
- new_ep->grp.nt_domain,
- new_ep->grp.nt_name,
- new_ep->grp.type));
- }
- }
-
- DEBUG(10,("load_name_map: Added %ld entries to name map.\n",
- ubi_slCount(map_list)));
-
- fclose(fp);
-
- return map_list;
-}
-
-static void copy_grp_map_entry(DOM_NAME_MAP *grp, const DOM_NAME_MAP *from)
-{
- sid_copy(&grp->sid, &from->sid);
- grp->unix_id = from->unix_id;
- grp->nt_name = from->nt_name;
- grp->nt_domain = from->nt_domain;
- grp->unix_name = from->unix_name;
- grp->type = from->type;
-}
-
-#if 0
-/***********************************************************
- Lookup unix name.
-************************************************************/
-static BOOL map_unixname(DOM_MAP_TYPE type,
- char *unixname, DOM_NAME_MAP *grp_info)
-{
- name_map_entry *gmep;
- ubi_slList *map_list;
-
- /*
- * Initialise and load if not already loaded.
- */
- map_list = load_name_map(type);
-
- for (gmep = (name_map_entry *)ubi_slFirst(map_list);
- gmep != NULL;
- gmep = (name_map_entry *)ubi_slNext(gmep ))
- {
- if (strequal(gmep->grp.unix_name, unixname))
- {
- copy_grp_map_entry(grp_info, &gmep->grp);
- DEBUG(7,("map_unixname: Mapping unix name %s to nt group %s.\n",
- gmep->grp.unix_name, gmep->grp.nt_name ));
- return True;
- }
- }
-
- return False;
-}
-
-#endif
-
-/***********************************************************
- Lookup nt name.
-************************************************************/
-static BOOL map_ntname(DOM_MAP_TYPE type, char *ntname, char *ntdomain,
- DOM_NAME_MAP *grp_info)
-{
- name_map_entry *gmep;
- ubi_slList *map_list;
-
- /*
- * Initialise and load if not already loaded.
- */
- map_list = load_name_map(type);
-
- for (gmep = (name_map_entry *)ubi_slFirst(map_list);
- gmep != NULL;
- gmep = (name_map_entry *)ubi_slNext(gmep ))
- {
- if (strequal(gmep->grp.nt_name , ntname) &&
- strequal(gmep->grp.nt_domain, ntdomain))
- {
- copy_grp_map_entry(grp_info, &gmep->grp);
- DEBUG(7,("map_ntname: Mapping unix name %s to nt name %s.\n",
- gmep->grp.unix_name, gmep->grp.nt_name ));
- return True;
- }
- }
-
- return False;
-}
-
-
-/***********************************************************
- Lookup by SID
-************************************************************/
-static BOOL map_sid(DOM_MAP_TYPE type,
- DOM_SID *psid, DOM_NAME_MAP *grp_info)
-{
- name_map_entry *gmep;
- ubi_slList *map_list;
-
- /*
- * Initialise and load if not already loaded.
- */
- map_list = load_name_map(type);
-
- for (gmep = (name_map_entry *)ubi_slFirst(map_list);
- gmep != NULL;
- gmep = (name_map_entry *)ubi_slNext(gmep ))
- {
- if (sid_equal(&gmep->grp.sid, psid))
- {
- copy_grp_map_entry(grp_info, &gmep->grp);
- DEBUG(7,("map_sid: Mapping unix name %s to nt name %s.\n",
- gmep->grp.unix_name, gmep->grp.nt_name ));
- return True;
- }
- }
-
- return False;
-}
-
-/***********************************************************
- Lookup by gid_t.
-************************************************************/
-static BOOL map_unixid(DOM_MAP_TYPE type, uint32 unix_id, DOM_NAME_MAP *grp_info)
-{
- name_map_entry *gmep;
- ubi_slList *map_list;
-
- /*
- * Initialise and load if not already loaded.
- */
- map_list = load_name_map(type);
-
- for (gmep = (name_map_entry *)ubi_slFirst(map_list);
- gmep != NULL;
- gmep = (name_map_entry *)ubi_slNext(gmep ))
- {
- fstring sid_str;
- sid_to_string(sid_str, &gmep->grp.sid);
- DEBUG(10,("map_unixid: enum entry unix group %s %d nt %s %s\n",
- gmep->grp.unix_name, gmep->grp.unix_id, gmep->grp.nt_name, sid_str));
- if (gmep->grp.unix_id == unix_id)
- {
- copy_grp_map_entry(grp_info, &gmep->grp);
- DEBUG(7,("map_unixid: Mapping unix name %s to nt name %s type %d\n",
- gmep->grp.unix_name, gmep->grp.nt_name, gmep->grp.type));
- return True;
- }
- }
-
- return False;
-}
-
-/***********************************************************
- *
- * Call four functions to resolve unix group ids and either
- * local group SIDs or domain group SIDs listed in the local group
- * or domain group map files.
- *
- * Note that it is *NOT* the responsibility of these functions to
- * resolve entries that are not in the map files.
- *
- * Any SID can be in the map files (i.e from any Domain).
- *
- ***********************************************************/
-
-#if 0
-
-/***********************************************************
- Lookup a UNIX Group entry by name.
-************************************************************/
-BOOL map_unix_group_name(char *group_name, DOM_NAME_MAP *grp_info)
-{
- return map_unixname(DOM_MAP_DOMAIN, group_name, grp_info);
-}
-
-/***********************************************************
- Lookup a UNIX Alias entry by name.
-************************************************************/
-BOOL map_unix_alias_name(char *alias_name, DOM_NAME_MAP *grp_info)
-{
- return map_unixname(DOM_MAP_LOCAL, alias_name, grp_info);
-}
-
-/***********************************************************
- Lookup an Alias name entry
-************************************************************/
-BOOL map_nt_alias_name(char *ntalias_name, char *nt_domain, DOM_NAME_MAP *grp_info)
-{
- return map_ntname(DOM_MAP_LOCAL, ntalias_name, nt_domain, grp_info);
-}
-
-/***********************************************************
- Lookup a Group entry
-************************************************************/
-BOOL map_nt_group_name(char *ntgroup_name, char *nt_domain, DOM_NAME_MAP *grp_info)
-{
- return map_ntname(DOM_MAP_DOMAIN, ntgroup_name, nt_domain, grp_info);
-}
-
-#endif
-
-/***********************************************************
- Lookup a Username entry by name.
-************************************************************/
-static BOOL map_nt_username(char *nt_name, char *nt_domain, DOM_NAME_MAP *grp_info)
-{
- return map_ntname(DOM_MAP_USER, nt_name, nt_domain, grp_info);
-}
-
-/***********************************************************
- Lookup a Username entry by SID.
-************************************************************/
-static BOOL map_username_sid(DOM_SID *sid, DOM_NAME_MAP *grp_info)
-{
- return map_sid(DOM_MAP_USER, sid, grp_info);
-}
-
-/***********************************************************
- Lookup a Username SID entry by uid.
-************************************************************/
-static BOOL map_username_uid(uid_t gid, DOM_NAME_MAP *grp_info)
-{
- return map_unixid(DOM_MAP_USER, (uint32)gid, grp_info);
-}
-
-/***********************************************************
- Lookup an Alias SID entry by name.
-************************************************************/
-BOOL map_alias_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info)
-{
- return map_sid(DOM_MAP_LOCAL, psid, grp_info);
-}
-
-/***********************************************************
- Lookup a Group entry by sid.
-************************************************************/
-BOOL map_group_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info)
-{
- return map_sid(DOM_MAP_DOMAIN, psid, grp_info);
-}
-
-/***********************************************************
- Lookup an Alias SID entry by gid_t.
-************************************************************/
-static BOOL map_alias_gid(gid_t gid, DOM_NAME_MAP *grp_info)
-{
- return map_unixid(DOM_MAP_LOCAL, (uint32)gid, grp_info);
-}
-
-/***********************************************************
- Lookup a Group SID entry by gid_t.
-************************************************************/
-static BOOL map_group_gid( gid_t gid, DOM_NAME_MAP *grp_info)
-{
- return map_unixid(DOM_MAP_DOMAIN, (uint32)gid, grp_info);
-}
-
-
-/************************************************************************
- Routine to look up User details by UNIX name
-*************************************************************************/
-BOOL lookupsmbpwnam(const char *unix_usr_name, DOM_NAME_MAP *grp)
-{
- uid_t uid;
- DEBUG(10,("lookupsmbpwnam: unix user name %s\n", unix_usr_name));
- if (nametouid(unix_usr_name, &uid))
- {
- return lookupsmbpwuid(uid, grp);
- }
- else
- {
- return False;
- }
-}
-
-/************************************************************************
- Routine to look up a remote nt name
-*************************************************************************/
-static BOOL lookup_remote_ntname(const char *ntname, DOM_SID *sid, uint8 *type)
-{
- struct cli_state cli;
- POLICY_HND lsa_pol;
- fstring srv_name;
- extern struct ntuser_creds *usr_creds;
- struct ntuser_creds usr;
-
- BOOL res3 = True;
- BOOL res4 = True;
- uint32 num_sids;
- DOM_SID *sids;
- uint8 *types;
- char *names[1];
-
- usr_creds = &usr;
-
- ZERO_STRUCT(usr);
- pwd_set_nullpwd(&usr.pwd);
-
- DEBUG(5,("lookup_remote_ntname: %s\n", ntname));
-
- if (!cli_connect_serverlist(&cli, lp_passwordserver()))
- {
- return False;
- }
-
- names[0] = ntname;
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, cli.desthost);
- strupper(srv_name);
-
- /* lookup domain controller; receive a policy handle */
- res3 = res3 ? lsa_open_policy( srv_name,
- &lsa_pol, True) : False;
-
- /* send lsa lookup sids call */
- res4 = res3 ? lsa_lookup_names( &lsa_pol,
- 1, names,
- &sids, &types, &num_sids) : False;
-
- res3 = res3 ? lsa_close(&lsa_pol) : False;
-
- if (res4 && res3 && sids != NULL && types != NULL)
- {
- sid_copy(sid, &sids[0]);
- *type = types[0];
- }
- else
- {
- res3 = False;
- }
- if (types != NULL)
- {
- free(types);
- }
-
- if (sids != NULL)
- {
- free(sids);
- }
-
- return res3 && res4;
-}
-
-/************************************************************************
- Routine to look up a remote nt name
-*************************************************************************/
-static BOOL get_sid_and_type(const char *fullntname, uint8 expected_type,
- DOM_NAME_MAP *gmep)
-{
- /*
- * check with the PDC to see if it owns the name. if so,
- * the SID is resolved with the PDC database.
- */
-
- if (lp_server_role() == ROLE_DOMAIN_MEMBER)
- {
- if (lookup_remote_ntname(fullntname, &gmep->sid, &gmep->type))
- {
- if (sid_front_equal(&gmep->sid, &global_member_sid) &&
- strequal(gmep->nt_domain, global_myworkgroup) &&
- gmep->type == expected_type)
- {
- return True;
- }
- return False;
- }
- }
-
- /*
- * ... otherwise, it's one of ours. map the sid ourselves,
- * which can only happen in our own SAM database.
- */
-
- if (!strequal(gmep->nt_domain, global_sam_name))
- {
- return False;
- }
- if (!pwdb_unixid_to_sam_sid(gmep->unix_id, gmep->type, &gmep->sid))
- {
- return False;
- }
-
- return True;
-}
-
-/*
- * used by lookup functions below
- */
-
-static fstring nt_name;
-static fstring unix_name;
-static fstring nt_domain;
-
-/*************************************************************************
- looks up a uid, returns User Information.
-*************************************************************************/
-BOOL lookupsmbpwuid(uid_t uid, DOM_NAME_MAP *gmep)
-{
- DEBUG(10,("lookupsmbpwuid: unix uid %d\n", uid));
- if (map_username_uid(uid, gmep))
- {
- return True;
- }
-#if 0
- if (lp_server_role() != ROLE_DOMAIN_NONE)
-#endif
- {
- gmep->nt_name = nt_name;
- gmep->unix_name = unix_name;
- gmep->nt_domain = nt_domain;
-
- gmep->unix_id = (uint32)uid;
-
- /*
- * ok, assume it's one of ours. then double-check it
- * if we are a member of a domain
- */
-
- gmep->type = SID_NAME_USER;
- fstrcpy(gmep->nt_name, uidtoname(uid));
- fstrcpy(gmep->unix_name, gmep->nt_name);
-
- /*
- * here we should do a LsaLookupNames() call
- * to check the status of the name with the PDC.
- * if the PDC know nothing of the name, it's ours.
- */
-
- if (lp_server_role() == ROLE_DOMAIN_MEMBER)
- {
-#if 0
- lsa_lookup_names(global_myworkgroup, gmep->nt_name, &gmep->sid...);
-#endif
- }
-
- /*
- * ok, it's one of ours.
- */
-
- gmep->nt_domain = global_sam_name;
- pwdb_unixid_to_sam_sid(gmep->unix_id, gmep->type, &gmep->sid);
-
- return True;
- }
-
- /* oops. */
-
- return False;
-}
-
-/*************************************************************************
- looks up by NT name, returns User Information.
-*************************************************************************/
-BOOL lookupsmbpwntnam(const char *fullntname, DOM_NAME_MAP *gmep)
-{
- DEBUG(10,("lookupsmbpwntnam: nt user name %s\n", fullntname));
-
- if (!split_domain_name(fullntname, nt_domain, nt_name))
- {
- return False;
- }
-
- if (map_nt_username(nt_name, nt_domain, gmep))
- {
- return True;
- }
- if (lp_server_role() != ROLE_DOMAIN_NONE)
- {
- uid_t uid;
- gmep->nt_name = nt_name;
- gmep->unix_name = unix_name;
- gmep->nt_domain = nt_domain;
-
- /*
- * ok, it's one of ours. we therefore "create" an nt user named
- * after the unix user. this is the point where "appliance mode"
- * should get its teeth in, as unix users won't really exist,
- * they will only be numbers...
- */
-
- gmep->type = SID_NAME_USER;
- fstrcpy(gmep->unix_name, gmep->nt_name);
- if (!nametouid(gmep->unix_name, &uid))
- {
- return False;
- }
- gmep->unix_id = (uint32)uid;
-
- return get_sid_and_type(fullntname, gmep->type, gmep);
- }
-
- /* oops. */
-
- return False;
-}
-
-/*************************************************************************
- looks up by RID, returns User Information.
-*************************************************************************/
-BOOL lookupsmbpwsid(DOM_SID *sid, DOM_NAME_MAP *gmep)
-{
- fstring sid_str;
- sid_to_string(sid_str, sid);
- DEBUG(10,("lookupsmbpwsid: nt sid %s\n", sid_str));
-
- if (map_username_sid(sid, gmep))
- {
- return True;
- }
- if (lp_server_role() != ROLE_DOMAIN_NONE)
- {
- gmep->nt_name = nt_name;
- gmep->unix_name = unix_name;
- gmep->nt_domain = nt_domain;
-
- /*
- * here we should do a LsaLookupNames() call
- * to check the status of the name with the PDC.
- * if the PDC know nothing of the name, it's ours.
- */
-
- if (lp_server_role() == ROLE_DOMAIN_MEMBER)
- {
-#if 0
- if (lookup_remote_sid(global_myworkgroup, gmep->sid, gmep->nt_name, gmep->nt_domain...);
-#endif
- }
-
- /*
- * ok, it's one of ours. we therefore "create" an nt user named
- * after the unix user. this is the point where "appliance mode"
- * should get its teeth in, as unix users won't really exist,
- * they will only be numbers...
- */
-
- gmep->type = SID_NAME_USER;
- sid_copy(&gmep->sid, sid);
- if (!pwdb_sam_sid_to_unixid(&gmep->sid, gmep->type, &gmep->unix_id))
- {
- return False;
- }
- fstrcpy(gmep->nt_name, uidtoname((uid_t)gmep->unix_id));
- fstrcpy(gmep->unix_name, gmep->nt_name);
- gmep->nt_domain = global_sam_name;
-
- return True;
- }
-
- /* oops. */
-
- return False;
-}
-
-/************************************************************************
- Routine to look up group / alias / well-known group RID by UNIX name
-*************************************************************************/
-BOOL lookupsmbgrpnam(const char *unix_grp_name, DOM_NAME_MAP *grp)
-{
- gid_t gid;
- DEBUG(10,("lookupsmbgrpnam: unix user group %s\n", unix_grp_name));
- if (nametogid(unix_grp_name, &gid))
- {
- return lookupsmbgrpgid(gid, grp);
- }
- else
- {
- return False;
- }
-}
-
-/*************************************************************************
- looks up a SID, returns name map entry
-*************************************************************************/
-BOOL lookupsmbgrpsid(DOM_SID *sid, DOM_NAME_MAP *gmep)
-{
- fstring sid_str;
- sid_to_string(sid_str, sid);
- DEBUG(10,("lookupsmbgrpsid: nt sid %s\n", sid_str));
-
- if (map_alias_sid(sid, gmep))
- {
- return True;
- }
- if (map_group_sid(sid, gmep))
- {
- return True;
- }
- if (lp_server_role() != ROLE_DOMAIN_NONE)
- {
- gmep->nt_name = nt_name;
- gmep->unix_name = unix_name;
- gmep->nt_domain = nt_domain;
-
- /*
- * here we should do a LsaLookupNames() call
- * to check the status of the name with the PDC.
- * if the PDC know nothing of the name, it's ours.
- */
-
- if (lp_server_role() == ROLE_DOMAIN_MEMBER)
- {
-#if 0
- lsa_lookup_sids(global_myworkgroup, gmep->sid, gmep->nt_name, gmep->nt_domain...);
-#endif
- }
-
- /*
- * ok, it's one of ours. we therefore "create" an nt group or
- * alias name named after the unix group. this is the point
- * where "appliance mode" should get its teeth in, as unix
- * groups won't really exist, they will only be numbers...
- */
-
- /* name is not explicitly mapped
- * with map files or the PDC
- * so we are responsible for it...
- */
-
- if (lp_server_role() == ROLE_DOMAIN_MEMBER)
- {
- /* ... as a LOCAL group. */
- gmep->type = SID_NAME_ALIAS;
- }
- else
- {
- /* ... as a DOMAIN group. */
- gmep->type = SID_NAME_DOM_GRP;
- }
-
- sid_copy(&gmep->sid, sid);
- if (!pwdb_sam_sid_to_unixid(&gmep->sid, gmep->type, &gmep->unix_id))
- {
- return False;
- }
- fstrcpy(gmep->nt_name, gidtoname((gid_t)gmep->unix_id));
- fstrcpy(gmep->unix_name, gmep->nt_name);
- gmep->nt_domain = global_sam_name;
-
- return True;
- }
-
- /* oops */
- return False;
-}
-
-/*************************************************************************
- looks up a gid, returns RID and type local, domain or well-known domain group
-*************************************************************************/
-BOOL lookupsmbgrpgid(gid_t gid, DOM_NAME_MAP *gmep)
-{
- DEBUG(10,("lookupsmbgrpgid: unix gid %d\n", (int)gid));
- if (map_alias_gid(gid, gmep))
- {
- return True;
- }
- if (map_group_gid(gid, gmep))
- {
- return True;
- }
- if (lp_server_role() != ROLE_DOMAIN_NONE)
- {
- gmep->nt_name = nt_name;
- gmep->unix_name = unix_name;
- gmep->nt_domain = nt_domain;
-
- gmep->unix_id = (uint32)gid;
-
- /*
- * here we should do a LsaLookupNames() call
- * to check the status of the name with the PDC.
- * if the PDC know nothing of the name, it's ours.
- */
-
- if (lp_server_role() == ROLE_DOMAIN_MEMBER)
- {
-#if 0
- if (lsa_lookup_names(global_myworkgroup, gmep->nt_name, &gmep->sid...);
- {
- return True;
- }
-#endif
- }
-
- /*
- * ok, it's one of ours. we therefore "create" an nt group or
- * alias name named after the unix group. this is the point
- * where "appliance mode" should get its teeth in, as unix
- * groups won't really exist, they will only be numbers...
- */
-
- /* name is not explicitly mapped
- * with map files or the PDC
- * so we are responsible for it...
- */
-
- if (lp_server_role() == ROLE_DOMAIN_MEMBER)
- {
- /* ... as a LOCAL group. */
- gmep->type = SID_NAME_ALIAS;
- }
- else
- {
- /* ... as a DOMAIN group. */
- gmep->type = SID_NAME_DOM_GRP;
- }
- fstrcpy(gmep->nt_name, gidtoname(gid));
- fstrcpy(gmep->unix_name, gmep->nt_name);
-
- return get_sid_and_type(gmep->nt_name, gmep->type, gmep);
- }
-
- /* oops */
- return False;
-}
-
diff --git a/source3/lib/genparser.c b/source3/lib/genparser.c
deleted file mode 100644
index 233050b432..0000000000
--- a/source3/lib/genparser.c
+++ /dev/null
@@ -1,786 +0,0 @@
-/*
- Copyright (C) Andrew Tridgell <genstruct@tridgell.net> 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-/*
- automatic marshalling/unmarshalling system for C structures
-*/
-
-#include "includes.h"
-
-/* see if a range of memory is all zero. Used to prevent dumping of zero elements */
-static int all_zero(const char *ptr, unsigned size)
-{
- int i;
- if (!ptr) return 1;
- for (i=0;i<size;i++) {
- if (ptr[i]) return 0;
- }
- return 1;
-}
-
-/* encode a buffer of bytes into a escaped string */
-static char *encode_bytes(TALLOC_CTX *mem_ctx, const char *ptr, unsigned len)
-{
- const char *hexdig = "0123456789abcdef";
- char *ret, *p;
- unsigned i;
- ret = talloc(mem_ctx, len*3 + 1); /* worst case size */
- if (!ret) return NULL;
- for (p=ret,i=0;i<len;i++) {
- if (isalnum(ptr[i]) || isspace(ptr[i]) ||
- (ispunct(ptr[i]) && !strchr("\\{}", ptr[i]))) {
- *p++ = ptr[i];
- } else {
- unsigned char c = *(unsigned char *)(ptr+i);
- if (c == 0 && all_zero(ptr+i, len-i)) break;
- p[0] = '\\';
- p[1] = hexdig[c>>4];
- p[2] = hexdig[c&0xF];
- p += 3;
- }
- }
-
- *p = 0;
-
- return ret;
-}
-
-/* decode an escaped string from encode_bytes() into a buffer */
-static char *decode_bytes(TALLOC_CTX *mem_ctx, const char *s, unsigned *len)
-{
- char *ret, *p;
- unsigned i;
- int slen = strlen(s) + 1;
-
- ret = talloc(mem_ctx, slen); /* worst case length */
- if (!ret)
- return NULL;
- memset(ret, 0, slen);
-
- if (*s == '{') s++;
-
- for (p=ret,i=0;s[i];i++) {
- if (s[i] == '}') {
- break;
- } else if (s[i] == '\\') {
- unsigned v;
- if (sscanf(&s[i+1], "%02x", &v) != 1 || v > 255) {
- return NULL;
- }
- *(unsigned char *)p = v;
- p++;
- i += 2;
- } else {
- *p++ = s[i];
- }
- }
- *p = 0;
-
- (*len) = (unsigned)(p - ret);
-
- return ret;
-}
-
-/* the add*() functions deal with adding things to a struct
- parse_string */
-
-/* allocate more space if needed */
-static int addgen_alloc(TALLOC_CTX *mem_ctx, struct parse_string *p, int n)
-{
- if (p->length + n <= p->allocated) return 0;
- p->allocated = p->length + n + 200;
- p->s = talloc_realloc(mem_ctx, p->s, p->allocated);
- if (!p->s) {
- errno = ENOMEM;
- return -1;
- }
- return 0;
-}
-
-/* add a character to the buffer */
-static int addchar(TALLOC_CTX *mem_ctx, struct parse_string *p, char c)
-{
- if (addgen_alloc(mem_ctx, p, 2) != 0) {
- return -1;
- }
- p->s[p->length++] = c;
- p->s[p->length] = 0;
- return 0;
-}
-
-/* add a string to the buffer */
-int addstr(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *s)
-{
- int len = strlen(s);
- if (addgen_alloc(mem_ctx, p, len+1) != 0) {
- return -1;
- }
- memcpy(p->s + p->length, s, len+1);
- p->length += len;
- return 0;
-}
-
-/* add a string to the buffer with a tab prefix */
-static int addtabbed(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *s, unsigned indent)
-{
- int len = strlen(s);
- if (addgen_alloc(mem_ctx, p, indent+len+1) != 0) {
- return -1;
- }
- while (indent--) {
- p->s[p->length++] = '\t';
- }
- memcpy(p->s + p->length, s, len+1);
- p->length += len;
- return 0;
-}
-
-/* note! this can only be used for results up to 60 chars wide! */
-int addshort(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *fmt, ...)
-{
- char buf[60];
- int n;
- va_list ap;
- va_start(ap, fmt);
- n = vsnprintf(buf, sizeof(buf), fmt, ap);
- va_end(ap);
- if (addgen_alloc(mem_ctx, p, n + 1) != 0) {
- return -1;
- }
- if (n != 0) {
- memcpy(p->s + p->length, buf, n);
- }
- p->length += n;
- p->s[p->length] = 0;
- return 0;
-}
-
-/*
- this is here to make it easier for people to write dump functions
- for their own types
- */
-int gen_addgen(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *fmt, ...)
-{
- char *buf = NULL;
- int n;
- va_list ap;
- va_start(ap, fmt);
- n = vasprintf(&buf, fmt, ap);
- va_end(ap);
- if (addgen_alloc(mem_ctx, p, n + 1) != 0) {
- if (buf) free(buf);
- return -1;
- }
- if (n != 0) {
- memcpy(p->s + p->length, buf, n);
- }
- p->length += n;
- p->s[p->length] = 0;
- if (buf) free(buf);
- return 0;
-}
-
-/* dump a enumerated type */
-int gen_dump_enum(TALLOC_CTX *mem_ctx,
- const struct enum_struct *einfo,
- struct parse_string *p,
- const char *ptr,
- unsigned indent)
-{
- unsigned v = *(unsigned *)ptr;
- int i;
- for (i=0;einfo[i].name;i++) {
- if (v == einfo[i].value) {
- addstr(mem_ctx, p, einfo[i].name);
- return 0;
- }
- }
- /* hmm, maybe we should just fail? */
- return gen_dump_unsigned(mem_ctx, p, ptr, indent);
-}
-
-/* dump a single non-array element, hanlding struct and enum */
-static int gen_dump_one(TALLOC_CTX *mem_ctx,
- struct parse_string *p,
- const struct parse_struct *pinfo,
- const char *ptr,
- unsigned indent)
-{
- if (pinfo->dump_fn == gen_dump_char && pinfo->ptr_count == 1) {
- char *s = encode_bytes(mem_ctx, ptr, strlen(ptr));
- if (addchar(mem_ctx, p,'{') ||
- addstr(mem_ctx, p, s) ||
- addstr(mem_ctx, p, "}")) {
- return -1;
- }
- return 0;
- }
-
- return pinfo->dump_fn(mem_ctx, p, ptr, indent);
-}
-
-/* handle dumping of an array of arbitrary type */
-static int gen_dump_array(TALLOC_CTX *mem_ctx,
- struct parse_string *p,
- const struct parse_struct *pinfo,
- const char *ptr,
- int array_len,
- int indent)
-{
- int i, count=0;
-
- /* special handling of fixed length strings */
- if (array_len != 0 &&
- pinfo->ptr_count == 0 &&
- pinfo->dump_fn == gen_dump_char) {
- char *s = encode_bytes(mem_ctx, ptr, array_len);
- if (!s) return -1;
- if (addtabbed(mem_ctx, p, pinfo->name, indent) ||
- addstr(mem_ctx, p, " = {") ||
- addstr(mem_ctx, p, s) ||
- addstr(mem_ctx, p, "}\n")) {
- return -1;
- }
- free(s);
- return 0;
- }
-
- for (i=0;i<array_len;i++) {
- const char *p2 = ptr;
- unsigned size = pinfo->size;
-
- /* generic pointer dereference */
- if (pinfo->ptr_count) {
- p2 = *(const char **)ptr;
- size = sizeof(void *);
- }
-
- if ((count || pinfo->ptr_count) &&
- !(pinfo->flags & FLAG_ALWAYS) &&
- all_zero(ptr, size)) {
- ptr += size;
- continue;
- }
- if (count == 0) {
- if (addtabbed(mem_ctx, p, pinfo->name, indent) ||
- addshort(mem_ctx, p, " = %u:", i)) {
- return -1;
- }
- } else {
- if (addshort(mem_ctx, p, ", %u:", i) != 0) {
- return -1;
- }
- }
- if (gen_dump_one(mem_ctx, p, pinfo, p2, indent) != 0) {
- return -1;
- }
- ptr += size;
- count++;
- }
- if (count) {
- return addstr(mem_ctx, p, "\n");
- }
- return 0;
-}
-
-/* find a variable by name in a loaded structure and return its value
- as an integer. Used to support dynamic arrays */
-static int find_var(const struct parse_struct *pinfo,
- const char *data,
- const char *var)
-{
- int i;
- const char *ptr;
-
- /* this allows for constant lengths */
- if (isdigit(*var)) {
- return atoi(var);
- }
-
- for (i=0;pinfo[i].name;i++) {
- if (strcmp(pinfo[i].name, var) == 0) break;
- }
- if (!pinfo[i].name) return -1;
-
- ptr = data + pinfo[i].offset;
-
- switch (pinfo[i].size) {
- case sizeof(int):
- return *(int *)ptr;
- case sizeof(char):
- return *(char *)ptr;
- }
-
- return -1;
-}
-
-
-int gen_dump_struct(TALLOC_CTX *mem_ctx,
- const struct parse_struct *pinfo,
- struct parse_string *p,
- const char *ptr,
- unsigned indent)
-{
- char *s = gen_dump(mem_ctx, pinfo, ptr, indent+1);
- if (!s) return -1;
- if (addstr(mem_ctx, p, "{\n") ||
- addstr(mem_ctx, p, s) ||
- addtabbed(mem_ctx, p, "}", indent)) {
- return -1;
- }
- return 0;
-}
-
-static int gen_dump_string(TALLOC_CTX *mem_ctx,
- struct parse_string *p,
- const struct parse_struct *pinfo,
- const char *data,
- unsigned indent)
-{
- const char *ptr = *(char **)data;
- char *s = encode_bytes(mem_ctx, ptr, strlen(ptr));
- if (addtabbed(mem_ctx, p, pinfo->name, indent) ||
- addstr(mem_ctx, p, " = ") ||
- addchar(mem_ctx, p, '{') ||
- addstr(mem_ctx, p, s) ||
- addstr(mem_ctx, p, "}\n")) {
- return -1;
- }
- return 0;
-}
-
-/*
- find the length of a nullterm array
-*/
-static int len_nullterm(const char *ptr, int size, int array_len)
-{
- int len;
-
- if (size == 1) {
- len = strnlen(ptr, array_len);
- } else {
- for (len=0; len < array_len; len++) {
- if (all_zero(ptr+len*size, size)) break;
- }
- }
-
- if (len == 0) len = 1;
-
- return len;
-}
-
-
-/* the generic dump routine. Scans the parse information for this structure
- and processes it recursively */
-char *gen_dump(TALLOC_CTX *mem_ctx,
- const struct parse_struct *pinfo,
- const char *data,
- unsigned indent)
-{
- struct parse_string p;
- int i;
-
- p.length = 0;
- p.allocated = 0;
- p.s = NULL;
-
- if (addstr(mem_ctx, &p, "") != 0) {
- return NULL;
- }
-
- for (i=0;pinfo[i].name;i++) {
- const char *ptr = data + pinfo[i].offset;
- unsigned size = pinfo[i].size;
-
- if (pinfo[i].ptr_count) {
- size = sizeof(void *);
- }
-
- /* special handling for array types */
- if (pinfo[i].array_len) {
- unsigned len = pinfo[i].array_len;
- if (pinfo[i].flags & FLAG_NULLTERM) {
- len = len_nullterm(ptr, size, len);
- }
- if (gen_dump_array(mem_ctx, &p, &pinfo[i], ptr,
- len, indent)) {
- goto failed;
- }
- continue;
- }
-
- /* and dynamically sized arrays */
- if (pinfo[i].dynamic_len) {
- int len = find_var(pinfo, data, pinfo[i].dynamic_len);
- struct parse_struct p2 = pinfo[i];
- if (len < 0) {
- goto failed;
- }
- if (len > 0) {
- if (pinfo[i].flags & FLAG_NULLTERM) {
- len = len_nullterm(*(char **)ptr,
- pinfo[i].size, len);
- }
- p2.ptr_count--;
- p2.dynamic_len = NULL;
- if (gen_dump_array(mem_ctx, &p, &p2,
- *(char **)ptr,
- len, indent) != 0) {
- goto failed;
- }
- }
- continue;
- }
-
- /* don't dump zero elements */
- if (!(pinfo[i].flags & FLAG_ALWAYS) && all_zero(ptr, size)) continue;
-
- /* assume char* is a null terminated string */
- if (pinfo[i].size == 1 && pinfo[i].ptr_count == 1 &&
- pinfo[i].dump_fn == gen_dump_char) {
- if (gen_dump_string(mem_ctx, &p, &pinfo[i], ptr, indent) != 0) {
- goto failed;
- }
- continue;
- }
-
- /* generic pointer dereference */
- if (pinfo[i].ptr_count) {
- ptr = *(const char **)ptr;
- }
-
- if (addtabbed(mem_ctx, &p, pinfo[i].name, indent) ||
- addstr(mem_ctx, &p, " = ") ||
- gen_dump_one(mem_ctx, &p, &pinfo[i], ptr, indent) ||
- addstr(mem_ctx, &p, "\n")) {
- goto failed;
- }
- }
- return p.s;
-
-failed:
- return NULL;
-}
-
-/* search for a character in a string, skipping over sections within
- matching braces */
-static char *match_braces(char *s, char c)
-{
- int depth = 0;
- while (*s) {
- switch (*s) {
- case '}':
- depth--;
- break;
- case '{':
- depth++;
- break;
- }
- if (depth == 0 && *s == c) {
- return s;
- }
- s++;
- }
- return s;
-}
-
-/* parse routine for enumerated types */
-int gen_parse_enum(TALLOC_CTX *mem_ctx,
- const struct enum_struct *einfo,
- char *ptr,
- const char *str)
-{
- unsigned v;
- int i;
-
- if (isdigit(*str)) {
- if (sscanf(str, "%u", &v) != 1) {
- errno = EINVAL;
- return -1;
- }
- *(unsigned *)ptr = v;
- return 0;
- }
-
- for (i=0;einfo[i].name;i++) {
- if (strcmp(einfo[i].name, str) == 0) {
- *(unsigned *)ptr = einfo[i].value;
- return 0;
- }
- }
-
- /* unknown enum value?? */
- return -1;
-}
-
-
-/* parse all base types */
-static int gen_parse_base(TALLOC_CTX *mem_ctx,
- const struct parse_struct *pinfo,
- char *ptr,
- const char *str)
-{
- if (pinfo->parse_fn == gen_parse_char && pinfo->ptr_count==1) {
- unsigned len;
- char *s = decode_bytes(mem_ctx, str, &len);
- if (!s) return -1;
- *(char **)ptr = s;
- return 0;
- }
-
- if (pinfo->ptr_count) {
- unsigned size = pinfo->ptr_count>1?sizeof(void *):pinfo->size;
- struct parse_struct p2 = *pinfo;
- *(void **)ptr = talloc(mem_ctx, size);
- if (! *(void **)ptr) {
- return -1;
- }
- memset(*(void **)ptr, 0, size);
- ptr = *(char **)ptr;
- p2.ptr_count--;
- return gen_parse_base(mem_ctx, &p2, ptr, str);
- }
-
- return pinfo->parse_fn(mem_ctx, ptr, str);
-}
-
-/* parse a generic array */
-static int gen_parse_array(TALLOC_CTX *mem_ctx,
- const struct parse_struct *pinfo,
- char *ptr,
- const char *str,
- int array_len)
-{
- char *p, *p2;
- unsigned size = pinfo->size;
-
- /* special handling of fixed length strings */
- if (array_len != 0 &&
- pinfo->ptr_count == 0 &&
- pinfo->dump_fn == gen_dump_char) {
- unsigned len = 0;
- char *s = decode_bytes(mem_ctx, str, &len);
- if (!s || (len > array_len)) return -1;
- memset(ptr, 0, array_len);
- memcpy(ptr, s, len);
- return 0;
- }
-
- if (pinfo->ptr_count) {
- size = sizeof(void *);
- }
-
- while (*str) {
- unsigned idx;
- int done;
-
- idx = atoi(str);
- p = strchr(str,':');
- if (!p) break;
- p++;
- p2 = match_braces(p, ',');
- done = (*p2 != ',');
- *p2 = 0;
-
- if (*p == '{') {
- p++;
- p[strlen(p)-1] = 0;
- }
-
- if (gen_parse_base(mem_ctx, pinfo, ptr + idx*size, p) != 0) {
- return -1;
- }
-
- if (done) break;
- str = p2+1;
- }
-
- return 0;
-}
-
-/* parse one element, hanlding dynamic and static arrays */
-static int gen_parse_one(TALLOC_CTX *mem_ctx,
- const struct parse_struct *pinfo,
- const char *name,
- char *data,
- const char *str)
-{
- int i;
- for (i=0;pinfo[i].name;i++) {
- if (strcmp(pinfo[i].name, name) == 0) {
- break;
- }
- }
- if (pinfo[i].name == NULL) {
- return 0;
- }
-
- if (pinfo[i].array_len) {
- return gen_parse_array(mem_ctx, &pinfo[i],
- data+pinfo[i].offset,
- str, pinfo[i].array_len);
- }
-
- if (pinfo[i].dynamic_len) {
- int len = find_var(pinfo, data, pinfo[i].dynamic_len);
- if (len < 0) {
- errno = EINVAL;
- return -1;
- }
- if (len > 0) {
- struct parse_struct p2 = pinfo[i];
- char *ptr;
- unsigned size = pinfo[i].ptr_count>1?sizeof(void*):pinfo[i].size;
- ptr = talloc(mem_ctx, len*size);
- if (!ptr) {
- errno = ENOMEM;
- return -1;
- }
- memset(ptr, 0, len*size);
- *((char **)(data + pinfo[i].offset)) = ptr;
- p2.ptr_count--;
- p2.dynamic_len = NULL;
- return gen_parse_array(mem_ctx, &p2, ptr, str, len);
- }
- return 0;
- }
-
- return gen_parse_base(mem_ctx, &pinfo[i], data + pinfo[i].offset, str);
-}
-
-int gen_parse_struct(TALLOC_CTX * mem_ctx, const struct parse_struct *pinfo, char *ptr, const char *str)
-{
- return gen_parse(mem_ctx, pinfo, ptr, str);
-}
-
-/* the main parse routine */
-int gen_parse(TALLOC_CTX *mem_ctx, const struct parse_struct *pinfo, char *data, const char *s)
-{
- char *str, *s0;
-
- s0 = strdup(s);
- str = s0;
-
- while (*str) {
- char *p;
- char *name;
- char *value;
-
- /* skip leading whitespace */
- while (isspace(*str)) str++;
-
- p = strchr(str, '=');
- if (!p) break;
- value = p+1;
- while (p > str && isspace(*(p-1))) {
- p--;
- }
-
- *p = 0;
- name = str;
-
- while (isspace(*value)) value++;
-
- if (*value == '{') {
- str = match_braces(value, '}');
- value++;
- } else {
- str = match_braces(value, '\n');
- }
-
- *str++ = 0;
-
- if (gen_parse_one(mem_ctx, pinfo, name, data, value) != 0) {
- free(s0);
- return -1;
- }
- }
-
- free(s0);
- return 0;
-}
-
-
-
-/* for convenience supply some standard dumpers and parsers here */
-
-int gen_parse_char(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- *(unsigned char *)ptr = atoi(str);
- return 0;
-}
-
-int gen_parse_int(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- *(int *)ptr = atoi(str);
- return 0;
-}
-
-int gen_parse_unsigned(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- *(unsigned *)ptr = strtoul(str, NULL, 10);
- return 0;
-}
-
-int gen_parse_time_t(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- *(time_t *)ptr = strtoul(str, NULL, 10);
- return 0;
-}
-
-int gen_parse_double(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- *(double *)ptr = atof(str);
- return 0;
-}
-
-int gen_parse_float(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- *(float *)ptr = atof(str);
- return 0;
-}
-
-int gen_dump_char(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return addshort(mem_ctx, p, "%u", *(unsigned char *)(ptr));
-}
-
-int gen_dump_int(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return addshort(mem_ctx, p, "%d", *(int *)(ptr));
-}
-
-int gen_dump_unsigned(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return addshort(mem_ctx, p, "%u", *(unsigned *)(ptr));
-}
-
-int gen_dump_time_t(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return addshort(mem_ctx, p, "%u", *(time_t *)(ptr));
-}
-
-int gen_dump_double(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return addshort(mem_ctx, p, "%lg", *(double *)(ptr));
-}
-
-int gen_dump_float(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return addshort(mem_ctx, p, "%g", *(float *)(ptr));
-}
diff --git a/source3/lib/genparser_samba.c b/source3/lib/genparser_samba.c
deleted file mode 100644
index bece587747..0000000000
--- a/source3/lib/genparser_samba.c
+++ /dev/null
@@ -1,200 +0,0 @@
-/*
- Copyright (C) Andrew Tridgell <genstruct@tridgell.net> 2002
- Copyright (C) Simo Sorce <idra@samba.org> 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-#include "genparser_samba.h"
-
-/* PARSE functions */
-
-int gen_parse_uint8(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- *(uint8 *)ptr = atoi(str);
- return 0;
-}
-
-int gen_parse_uint16(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- *(uint16 *)ptr = atoi(str);
- return 0;
-}
-
-int gen_parse_uint32(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- *(uint32 *)ptr = strtoul(str, NULL, 10);
- return 0;
-}
-
-int gen_parse_NTTIME(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- if(sscanf(str, "%u,%u", &(((NTTIME *)(ptr))->high), &(((NTTIME *)(ptr))->low)) != 2) {
- errno = EINVAL;
- return -1;
- }
- return 0;
-}
-
-int gen_parse_DOM_SID(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- if(!string_to_sid((DOM_SID *)ptr, str)) return -1;
- return 0;
-}
-
-int gen_parse_SEC_ACCESS(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- ((SEC_ACCESS *)ptr)->mask = strtoul(str, NULL, 10);
- return 0;
-}
-
-int gen_parse_GUID(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- int info[GUID_SIZE];
- int i;
- char *sc;
- char *p;
- char *m;
-
- m = strdup(str);
- if (!m) return -1;
- sc = m;
-
- memset(info, 0, sizeof(info));
- for (i = 0; i < GUID_SIZE; i++) {
- p = strchr(sc, ',');
- if (p != NULL) p = '\0';
- info[i] = atoi(sc);
- if (p != NULL) sc = p + 1;
- }
- free(m);
-
- for (i = 0; i < GUID_SIZE; i++) {
- ((GUID *)ptr)->info[i] = info[i];
- }
-
- return 0;
-}
-
-int gen_parse_SEC_ACE(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- return gen_parse_struct(mem_ctx, pinfo_security_ace_info, ptr, str);
-}
-
-int gen_parse_SEC_ACL(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- return gen_parse_struct(mem_ctx, pinfo_security_acl_info, ptr, str);
-}
-
-int gen_parse_SEC_DESC(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- return gen_parse_struct(mem_ctx, pinfo_security_descriptor_info, ptr, str);
-}
-
-int gen_parse_LUID_ATTR(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- return gen_parse_struct(mem_ctx, pinfo_luid_attr_info, ptr, str);
-}
-
-int gen_parse_LUID(TALLOC_CTX *mem_ctx, char *ptr, const char *str)
-{
- if(sscanf(str, "%u,%u", &(((LUID *)(ptr))->high), &(((LUID *)(ptr))->low)) != 2) {
- errno = EINVAL;
- return -1;
- }
- return 0;
-}
-
-
-
-/* DUMP functions */
-
-int gen_dump_uint8(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return addshort(mem_ctx, p, "%u", *(uint8 *)(ptr));
-}
-
-int gen_dump_uint16(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return addshort(mem_ctx, p, "%u", *(uint16 *)(ptr));
-}
-
-int gen_dump_uint32(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return addshort(mem_ctx, p, "%u", *(uint32 *)(ptr));
-}
-
-int gen_dump_NTTIME(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- uint32 low, high;
-
- high = ((NTTIME *)(ptr))->high;
- low = ((NTTIME *)(ptr))->low;
- return addshort(mem_ctx, p, "%u,%u", high, low);
-}
-
-int gen_dump_DOM_SID(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- fstring sidstr;
-
- sid_to_string(sidstr, (DOM_SID *)ptr);
- return addstr(mem_ctx, p, sidstr);
-}
-
-int gen_dump_SEC_ACCESS(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return addshort(mem_ctx, p, "%u", ((SEC_ACCESS *)ptr)->mask);
-}
-
-int gen_dump_GUID(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- int i, r;
-
- for (i = 0; i < (GUID_SIZE - 1); i++) {
- if (!(r = addshort(mem_ctx, p, "%d,", ((GUID *)ptr)->info[i]))) return r;
- }
- return addshort(mem_ctx, p, "%d", ((GUID *)ptr)->info[i]);
-}
-
-int gen_dump_SEC_ACE(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return gen_dump_struct(mem_ctx, pinfo_security_ace_info, p, ptr, indent);
-}
-
-int gen_dump_SEC_ACL(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return gen_dump_struct(mem_ctx, pinfo_security_acl_info, p, ptr, indent);
-}
-
-int gen_dump_SEC_DESC(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return gen_dump_struct(mem_ctx, pinfo_security_descriptor_info, p, ptr, indent);
-}
-
-int gen_dump_LUID_ATTR(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- return gen_dump_struct(mem_ctx, pinfo_luid_attr_info, p, ptr, indent);
-}
-
-int gen_dump_LUID(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent)
-{
- uint32 low, high;
-
- high = ((LUID *)(ptr))->high;
- low = ((LUID *)(ptr))->low;
- return addshort(mem_ctx, p, "%u,%u", high, low);
-}
-
diff --git a/source3/lib/iconv.c b/source3/lib/iconv.c
index 9240e24074..54733c2ac2 100644
--- a/source3/lib/iconv.c
+++ b/source3/lib/iconv.c
@@ -2,7 +2,6 @@
Unix SMB/CIFS implementation.
minimal iconv implementation
Copyright (C) Andrew Tridgell 2001
- Copyright (C) Jelmer Vernooij 2002,2003,2003,2003,2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -21,97 +20,35 @@
#include "includes.h"
-
-/**
- * @file
- *
- * @brief Samba wrapper/stub for iconv character set conversion.
- *
- * iconv is the XPG2 interface for converting between character
- * encodings. This file provides a Samba wrapper around it, and also
- * a simple reimplementation that is used if the system does not
- * implement iconv.
- *
- * Samba only works with encodings that are supersets of ASCII: ascii
- * characters like whitespace can be tested for directly, multibyte
- * sequences start with a byte with the high bit set, and strings are
- * terminated by a nul byte.
- *
- * Note that the only function provided by iconv is conversion between
- * characters. It doesn't directly support operations like
- * uppercasing or comparison. We have to convert to UCS-2 and compare
- * there.
- *
- * @sa Samba Developers Guide
- **/
-
static size_t ascii_pull(void *,char **, size_t *, char **, size_t *);
static size_t ascii_push(void *,char **, size_t *, char **, size_t *);
static size_t utf8_pull(void *,char **, size_t *, char **, size_t *);
static size_t utf8_push(void *,char **, size_t *, char **, size_t *);
+static size_t weird_pull(void *,char **, size_t *, char **, size_t *);
+static size_t weird_push(void *,char **, size_t *, char **, size_t *);
static size_t ucs2hex_pull(void *,char **, size_t *, char **, size_t *);
static size_t ucs2hex_push(void *,char **, size_t *, char **, size_t *);
static size_t iconv_copy(void *,char **, size_t *, char **, size_t *);
-static struct charset_functions builtin_functions[] = {
+/*
+ for each charset we have a function that pulls from that charset to
+ a ucs2 buffer, and a function that pushes to a ucs2 buffer
+*/
+static struct {
+ const char *name;
+ size_t (*pull)(void *, char **inbuf, size_t *inbytesleft,
+ char **outbuf, size_t *outbytesleft);
+ size_t (*push)(void *, char **inbuf, size_t *inbytesleft,
+ char **outbuf, size_t *outbytesleft);
+} charsets[] = {
{"UCS-2LE", iconv_copy, iconv_copy},
{"UTF8", utf8_pull, utf8_push},
{"ASCII", ascii_pull, ascii_push},
+ {"WEIRD", weird_pull, weird_push},
{"UCS2-HEX", ucs2hex_pull, ucs2hex_push},
{NULL, NULL, NULL}
};
-static struct charset_functions *charsets = NULL;
-
-static struct charset_functions *find_charset_functions(const char *name)
-{
- struct charset_functions *c = charsets;
- pstring stripped;
-
- module_path_get_name(name, stripped);
-
- while(c) {
- if (strcasecmp(stripped, c->name) == 0) {
- return c;
- }
- c = c->next;
- }
-
- return NULL;
-}
-
-BOOL smb_register_charset(struct charset_functions *funcs)
-{
- struct charset_functions *c = charsets;
-
- DEBUG(5, ("Attempting to register new charset %s\n", funcs->name));
- /* Check whether we already have this charset... */
- while(c) {
- if(!strcasecmp(c->name, funcs->name)){
- DEBUG(2, ("Duplicate charset %s, not registering\n", funcs->name));
- return False;
- }
- c = c->next;
- }
-
- funcs->next = funcs->prev = NULL;
- DEBUG(5, ("Registered charset %s\n", funcs->name));
- DLIST_ADD(charsets, funcs);
- return True;
-}
-
-void lazy_initialize_iconv(void)
-{
- static BOOL initialized;
- int i;
-
- if (!initialized) {
- initialized = True;
- for(i = 0; builtin_functions[i].name; i++)
- smb_register_charset(&builtin_functions[i]);
- static_init_charset;
- }
-}
/* if there was an error then reset the internal state,
this ensures that we don't have a shift state remaining for
@@ -179,11 +116,7 @@ size_t smb_iconv(smb_iconv_t cd,
smb_iconv_t smb_iconv_open(const char *tocode, const char *fromcode)
{
smb_iconv_t ret;
- struct charset_functions *from, *to;
-
- lazy_initialize_iconv();
- from = charsets;
- to = charsets;
+ int from, to;
ret = (smb_iconv_t)malloc(sizeof(*ret));
if (!ret) {
@@ -196,78 +129,53 @@ smb_iconv_t smb_iconv_open(const char *tocode, const char *fromcode)
ret->to_name = strdup(tocode);
/* check for the simplest null conversion */
- if (strcasecmp(fromcode, tocode) == 0) {
+ if (strcmp(fromcode, tocode) == 0) {
ret->direct = iconv_copy;
return ret;
}
- /* check if we have a builtin function for this conversion */
- from = find_charset_functions(fromcode);
- if(from)ret->pull = from->pull;
-
- to = find_charset_functions(tocode);
- if(to)ret->push = to->push;
+ for (from=0; charsets[from].name; from++) {
+ if (strcasecmp(charsets[from].name, fromcode) == 0) break;
+ }
+ for (to=0; charsets[to].name; to++) {
+ if (strcasecmp(charsets[to].name, tocode) == 0) break;
+ }
- /* check if we can use iconv for this conversion */
#ifdef HAVE_NATIVE_ICONV
- if (!ret->pull) {
+ if (!charsets[from].name) {
+ ret->pull = sys_iconv;
ret->cd_pull = iconv_open("UCS-2LE", fromcode);
- if (ret->cd_pull != (iconv_t)-1)
- ret->pull = sys_iconv;
+ if (ret->cd_pull == (iconv_t)-1) goto failed;
}
-
- if (!ret->push) {
+ if (!charsets[to].name) {
+ ret->push = sys_iconv;
ret->cd_push = iconv_open(tocode, "UCS-2LE");
- if (ret->cd_push != (iconv_t)-1)
- ret->push = sys_iconv;
- }
-#endif
-
- /* check if there is a module available that can do this conversion */
- if (!ret->pull && smb_probe_module("charset", fromcode)) {
- if(!(from = find_charset_functions(fromcode)))
- DEBUG(0, ("Module %s doesn't provide charset %s!\n", fromcode, fromcode));
- else
- ret->pull = from->pull;
+ if (ret->cd_push == (iconv_t)-1) goto failed;
}
-
- if (!ret->push && smb_probe_module("charset", tocode)) {
- if(!(to = find_charset_functions(tocode)))
- DEBUG(0, ("Module %s doesn't provide charset %s!\n", tocode, tocode));
- else
- ret->push = to->push;
- }
-
- if (!ret->push || !ret->pull) {
- SAFE_FREE(ret->from_name);
- SAFE_FREE(ret->to_name);
- SAFE_FREE(ret);
- errno = EINVAL;
- return (smb_iconv_t)-1;
+#else
+ if (!charsets[from].name || !charsets[to].name) {
+ goto failed;
}
+#endif
/* check for conversion to/from ucs2 */
- if (strcasecmp(fromcode, "UCS-2LE") == 0 && to) {
- ret->direct = to->push;
- ret->push = ret->pull = NULL;
+ if (from == 0 && charsets[to].name) {
+ ret->direct = charsets[to].push;
return ret;
}
-
- if (strcasecmp(tocode, "UCS-2LE") == 0 && from) {
- ret->direct = from->pull;
- ret->push = ret->pull = NULL;
+ if (to == 0 && charsets[from].name) {
+ ret->direct = charsets[from].pull;
return ret;
}
- /* Check if we can do the conversion direct */
#ifdef HAVE_NATIVE_ICONV
- if (strcasecmp(fromcode, "UCS-2LE") == 0) {
+ if (from == 0) {
ret->direct = sys_iconv;
ret->cd_direct = ret->cd_push;
ret->cd_push = NULL;
return ret;
}
- if (strcasecmp(tocode, "UCS-2LE") == 0) {
+ if (to == 0) {
ret->direct = sys_iconv;
ret->cd_direct = ret->cd_pull;
ret->cd_pull = NULL;
@@ -275,7 +183,15 @@ smb_iconv_t smb_iconv_open(const char *tocode, const char *fromcode)
}
#endif
+ /* the general case has to go via a buffer */
+ if (!ret->pull) ret->pull = charsets[from].pull;
+ if (!ret->push) ret->push = charsets[to].push;
return ret;
+
+failed:
+ SAFE_FREE(ret);
+ errno = EINVAL;
+ return (smb_iconv_t)-1;
}
/*
@@ -437,6 +353,111 @@ static size_t ucs2hex_push(void *cd, char **inbuf, size_t *inbytesleft,
}
+/* the "weird" character set is very useful for testing multi-byte
+ support and finding bugs. Don't use on a production system!
+*/
+static struct {
+ const char from;
+ const char *to;
+ int len;
+} weird_table[] = {
+ {'q', "^q^", 3},
+ {'Q', "^Q^", 3},
+ {0, NULL}
+};
+
+static size_t weird_pull(void *cd, char **inbuf, size_t *inbytesleft,
+ char **outbuf, size_t *outbytesleft)
+{
+ while (*inbytesleft >= 1 && *outbytesleft >= 2) {
+ int i;
+ int done = 0;
+ for (i=0;weird_table[i].from;i++) {
+ if (strncmp((*inbuf),
+ weird_table[i].to,
+ weird_table[i].len) == 0) {
+ if (*inbytesleft < weird_table[i].len) {
+ DEBUG(0,("ERROR: truncated weird string\n"));
+ /* smb_panic("weird_pull"); */
+
+ } else {
+ (*outbuf)[0] = weird_table[i].from;
+ (*outbuf)[1] = 0;
+ (*inbytesleft) -= weird_table[i].len;
+ (*outbytesleft) -= 2;
+ (*inbuf) += weird_table[i].len;
+ (*outbuf) += 2;
+ done = 1;
+ break;
+ }
+ }
+ }
+ if (done) continue;
+ (*outbuf)[0] = (*inbuf)[0];
+ (*outbuf)[1] = 0;
+ (*inbytesleft) -= 1;
+ (*outbytesleft) -= 2;
+ (*inbuf) += 1;
+ (*outbuf) += 2;
+ }
+
+ if (*inbytesleft > 0) {
+ errno = E2BIG;
+ return -1;
+ }
+
+ return 0;
+}
+
+static size_t weird_push(void *cd, char **inbuf, size_t *inbytesleft,
+ char **outbuf, size_t *outbytesleft)
+{
+ int ir_count=0;
+
+ while (*inbytesleft >= 2 && *outbytesleft >= 1) {
+ int i;
+ int done=0;
+ for (i=0;weird_table[i].from;i++) {
+ if ((*inbuf)[0] == weird_table[i].from &&
+ (*inbuf)[1] == 0) {
+ if (*outbytesleft < weird_table[i].len) {
+ DEBUG(0,("No room for weird character\n"));
+ /* smb_panic("weird_push"); */
+ } else {
+ memcpy(*outbuf, weird_table[i].to,
+ weird_table[i].len);
+ (*inbytesleft) -= 2;
+ (*outbytesleft) -= weird_table[i].len;
+ (*inbuf) += 2;
+ (*outbuf) += weird_table[i].len;
+ done = 1;
+ break;
+ }
+ }
+ }
+ if (done) continue;
+
+ (*outbuf)[0] = (*inbuf)[0];
+ if ((*inbuf)[1]) ir_count++;
+ (*inbytesleft) -= 2;
+ (*outbytesleft) -= 1;
+ (*inbuf) += 2;
+ (*outbuf) += 1;
+ }
+
+ if (*inbytesleft == 1) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ if (*inbytesleft > 1) {
+ errno = E2BIG;
+ return -1;
+ }
+
+ return ir_count;
+}
+
static size_t iconv_copy(void *cd, char **inbuf, size_t *inbytesleft,
char **outbuf, size_t *outbytesleft)
{
diff --git a/source3/lib/ldap.c b/source3/lib/ldap.c
deleted file mode 100644
index d0e72c4844..0000000000
--- a/source3/lib/ldap.c
+++ /dev/null
@@ -1,719 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- LDAP protocol helper functions for SAMBA
- Copyright (C) Jean François Micouleau 1998
- Copyright (C) Gerald Carter 2001
- Copyright (C) Shahms King 2001
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Jim McDonough 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
-*/
-
-#include "includes.h"
-
-#ifdef HAVE_LDAP
-/* TODO:
-* persistent connections: if using NSS LDAP, many connections are made
-* however, using only one within Samba would be nice
-*
-* Clean up SSL stuff, compile on OpenLDAP 1.x, 2.x, and Netscape SDK
-*
-* Other LDAP based login attributes: accountExpires, etc.
-* (should be the domain of Samba proper, but the sam_password/SAM_ACCOUNT
-* structures don't have fields for some of these attributes)
-*
-* SSL is done, but can't get the certificate based authentication to work
-* against on my test platform (Linux 2.4, OpenLDAP 2.x)
-*/
-
-/* NOTE: this will NOT work against an Active Directory server
-* due to the fact that the two password fields cannot be retrieved
-* from a server; recommend using security = domain in this situation
-* and/or winbind
-*/
-
-#include "smb_ldap.h"
-
-/* We need an internal mapping of LDAP * -> smb_ldap_privates so we implement
- it in terms of a VK list. It's a little backwards but its quite efficent */
-static struct smb_ldap_privates *head;
-
-static struct smb_ldap_privates *get_internal(LDAP *ldap_struct)
-{
- struct smb_ldap_privates *ret = head;
-
- while (NULL != ret && ret->ldap_struct != ldap_struct) {
- ret = ret->next;
- }
-
- return ret;
-}
-
-#define SMB_LDAP_DONT_PING_TIME 10 /* ping only all 10 seconds */
-
-/*******************************************************************
- find the ldap password
-******************************************************************/
-static BOOL smb_ldap_fetch_pw(char **dn, char** pw)
-{
- char *key = NULL;
- size_t size;
-
- *dn = smb_xstrdup(lp_ldap_admin_dn());
-
- if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, *dn) < 0) {
- SAFE_FREE(*dn);
- DEBUG(0, ("smb_ldap_fetch_pw: asprintf failed!\n"));
- }
-
- *pw=secrets_fetch(key, &size);
- SAFE_FREE(key);
- if (!size) {
- /* Upgrade 2.2 style entry */
- char *p;
- char* old_style_key = strdup(*dn);
- char *data;
- fstring old_style_pw;
-
- if (!old_style_key) {
- DEBUG(0, ("smb_ldap_fetch_pw: strdup failed!\n"));
- return False;
- }
-
- for (p=old_style_key; *p; p++)
- if (*p == ',') *p = '/';
-
- data=secrets_fetch(old_style_key, &size);
- if (!size && size < sizeof(old_style_pw)) {
- DEBUG(0,("fetch_ldap_pw: neither ldap secret retrieved!\n"));
- SAFE_FREE(old_style_key);
- SAFE_FREE(*dn);
- return False;
- }
-
- strncpy(old_style_pw, data, size);
- old_style_pw[size] = 0;
-
- SAFE_FREE(data);
-
- if (!secrets_store_ldap_pw(*dn, old_style_pw)) {
- DEBUG(0,("fetch_ldap_pw: ldap secret could not be upgraded!\n"));
- SAFE_FREE(old_style_key);
- SAFE_FREE(*dn);
- return False;
- }
- if (!secrets_delete(old_style_key)) {
- DEBUG(0,("fetch_ldap_pw: old ldap secret could not be deleted!\n"));
- }
-
- SAFE_FREE(old_style_key);
-
- *pw = smb_xstrdup(old_style_pw);
- }
-
- return True;
-}
-
-/*******************************************************************
- open a connection to the ldap server.
-******************************************************************/
-int smb_ldap_open_connection (struct smb_ldap_privates *ldap_state,
- LDAP ** ldap_struct)
-{
- int rc = LDAP_SUCCESS;
- int version;
- BOOL ldap_v3 = False;
-
-#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
- DEBUG(10, ("smb_ldap_open_connection: %s\n", ldap_state->uri));
-
- if ((rc = ldap_initialize(ldap_struct, ldap_state->uri)) != LDAP_SUCCESS) {
- DEBUG(0, ("ldap_initialize: %s\n", ldap_err2string(rc)));
- return rc;
- }
-
-#else
-
- /* Parse the string manually */
-
- {
- int port = 0;
- fstring protocol;
- fstring host;
- const char *p = ldap_state->uri;
- SMB_ASSERT(sizeof(protocol)>10 && sizeof(host)>254);
-
- /* skip leading "URL:" (if any) */
- if ( strncasecmp( p, "URL:", 4 ) == 0 ) {
- p += 4;
- }
-
- sscanf(p, "%10[^:]://%254s[^:]:%d", protocol, host, &port);
-
- if (port == 0) {
- if (strequal(protocol, "ldap")) {
- port = LDAP_PORT;
- } else if (strequal(protocol, "ldaps")) {
- port = LDAPS_PORT;
- } else {
- DEBUG(0, ("unrecognised protocol (%s)!\n", protocol));
- }
- }
-
- if ((*ldap_struct = ldap_init(host, port)) == NULL) {
- DEBUG(0, ("ldap_init failed !\n"));
- return LDAP_OPERATIONS_ERROR;
- }
-
- if (strequal(protocol, "ldaps")) {
-#ifdef LDAP_OPT_X_TLS
- int tls = LDAP_OPT_X_TLS_HARD;
- if (ldap_set_option (*ldap_struct, LDAP_OPT_X_TLS, &tls) != LDAP_SUCCESS)
- {
- DEBUG(0, ("Failed to setup a TLS session\n"));
- }
-
- DEBUG(3,("LDAPS option set...!\n"));
-#else
- DEBUG(0,("smb_ldap_open_connection: Secure connection not supported by LDAP client libraries!\n"));
- return LDAP_OPERATIONS_ERROR;
-#endif
- }
- }
-#endif
-
- if (ldap_get_option(*ldap_struct, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS)
- {
- if (version != LDAP_VERSION3)
- {
- version = LDAP_VERSION3;
- if (ldap_set_option (*ldap_struct, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS) {
- ldap_v3 = True;
- }
- } else {
- ldap_v3 = True;
- }
- }
-
- if (lp_ldap_ssl() == LDAP_SSL_START_TLS) {
-#ifdef LDAP_OPT_X_TLS
- if (ldap_v3) {
- if ((rc = ldap_start_tls_s (*ldap_struct, NULL, NULL)) != LDAP_SUCCESS)
- {
- DEBUG(0,("Failed to issue the StartTLS instruction: %s\n",
- ldap_err2string(rc)));
- return rc;
- }
- DEBUG (3, ("StartTLS issued: using a TLS connection\n"));
- } else {
-
- DEBUG(0, ("Need LDAPv3 for Start TLS\n"));
- return LDAP_OPERATIONS_ERROR;
- }
-#else
- DEBUG(0,("smb_ldap_open_connection: StartTLS not supported by LDAP client libraries!\n"));
- return LDAP_OPERATIONS_ERROR;
-#endif
- }
-
- DEBUG(2, ("smb_ldap_open_connection: connection opened\n"));
- return rc;
-}
-
-
-/*******************************************************************
- a rebind function for authenticated referrals
- This version takes a void* that we can shove useful stuff in :-)
-******************************************************************/
-#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
-#else
-static int rebindproc_with_state (LDAP * ld, char **whop, char **credp,
- int *methodp, int freeit, void *arg)
-{
- struct smb_ldap_privates *ldap_state = arg;
-
- /** @TODO Should we be doing something to check what servers we rebind to?
- Could we get a referral to a machine that we don't want to give our
- username and password to? */
-
- if (freeit) {
- SAFE_FREE(*whop);
- memset(*credp, '\0', strlen(*credp));
- SAFE_FREE(*credp);
- } else {
- DEBUG(5,("rebind_proc_with_state: Rebinding as \"%s\"\n",
- ldap_state->bind_dn));
-
- *whop = strdup(ldap_state->bind_dn);
- if (!*whop) {
- return LDAP_NO_MEMORY;
- }
- *credp = strdup(ldap_state->bind_secret);
- if (!*credp) {
- SAFE_FREE(*whop);
- return LDAP_NO_MEMORY;
- }
- *methodp = LDAP_AUTH_SIMPLE;
- }
- return 0;
-}
-#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
-
-/*******************************************************************
- a rebind function for authenticated referrals
- This version takes a void* that we can shove useful stuff in :-)
- and actually does the connection.
-******************************************************************/
-#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
-static int rebindproc_connect_with_state (LDAP *ldap_struct,
- LDAP_CONST char *url,
- ber_tag_t request,
- ber_int_t msgid, void *arg)
-{
- struct smb_ldap_privates *ldap_state = arg;
- int rc;
- DEBUG(5,("rebindproc_connect_with_state: Rebinding as \"%s\"\n",
- ldap_state->bind_dn));
-
- /** @TODO Should we be doing something to check what servers we rebind to?
- Could we get a referral to a machine that we don't want to give our
- username and password to? */
-
- rc = ldap_simple_bind_s(ldap_struct, ldap_state->bind_dn, ldap_state->bind_secret);
-
- return rc;
-}
-#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
-
-/*******************************************************************
- Add a rebind function for authenticated referrals
-******************************************************************/
-#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
-#else
-# if LDAP_SET_REBIND_PROC_ARGS == 2
-static int rebindproc (LDAP *ldap_struct, char **whop, char **credp,
- int *method, int freeit )
-{
- return rebindproc_with_state(ldap_struct, whop, credp,
- method, freeit, get_internal(ldap_struct));
-
-}
-# endif /*LDAP_SET_REBIND_PROC_ARGS == 2*/
-#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
-
-/*******************************************************************
- a rebind function for authenticated referrals
- this also does the connection, but no void*.
-******************************************************************/
-#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
-# if LDAP_SET_REBIND_PROC_ARGS == 2
-static int rebindproc_connect (LDAP * ld, LDAP_CONST char *url, int request,
- ber_int_t msgid)
-{
- return rebindproc_connect_with_state(ld, url, (ber_tag_t)request, msgid,
- get_internal(ld));
-}
-# endif /*LDAP_SET_REBIND_PROC_ARGS == 2*/
-#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
-
-/*******************************************************************
- connect to the ldap server under system privilege.
-******************************************************************/
-int smb_ldap_connect_system(struct smb_ldap_privates *ldap_state,
- LDAP * ldap_struct)
-{
- int rc;
- char *ldap_dn;
- char *ldap_secret;
-
- if (NULL == get_internal(ldap_struct)) {
- ldap_state->next = head;
- }
-
- /* get the password */
- if (!smb_ldap_fetch_pw(&ldap_dn, &ldap_secret))
- {
- DEBUG(0, ("ldap_connect_system: Failed to retrieve password from secrets.tdb\n"));
- return LDAP_INVALID_CREDENTIALS;
- }
-
- ldap_state->bind_dn = ldap_dn;
- ldap_state->bind_secret = ldap_secret;
-
- /* removed the sasl_bind_s "EXTERNAL" stuff, as my testsuite
- (OpenLDAP) doesnt' seem to support it */
-
- DEBUG(10,("ldap_connect_system: Binding to ldap server %s as \"%s\"\n",
- ldap_state->uri, ldap_dn));
-
-#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
-# if LDAP_SET_REBIND_PROC_ARGS == 2
- ldap_set_rebind_proc(ldap_struct, &rebindproc_connect);
-# endif
-# if LDAP_SET_REBIND_PROC_ARGS == 3
- ldap_set_rebind_proc(ldap_struct, &rebindproc_connect_with_state, (void *)ldap_state);
-# endif
-#else /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
-# if LDAP_SET_REBIND_PROC_ARGS == 2
- ldap_set_rebind_proc(ldap_struct, &rebindproc);
-# endif
-# if LDAP_SET_REBIND_PROC_ARGS == 3
- ldap_set_rebind_proc(ldap_struct, &rebindproc_with_state, (void *)ldap_state);
-# endif
-#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
-
- rc = ldap_simple_bind_s(ldap_struct, ldap_dn, ldap_secret);
-
- if (rc != LDAP_SUCCESS) {
- char *ld_error;
- ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
- &ld_error);
- DEBUG(0,
- ("failed to bind to server with dn= %s Error: %s\n\t%s\n",
- ldap_dn, ldap_err2string(rc),
- ld_error));
- free(ld_error);
- return rc;
- }
-
- DEBUG(2, ("ldap_connect_system: succesful connection to the LDAP server\n"));
- return rc;
-}
-
-/**********************************************************************
-Connect to LDAP server
-*********************************************************************/
-int smb_ldap_open(struct smb_ldap_privates *ldap_state)
-{
- int rc;
- SMB_ASSERT(ldap_state);
-
-#ifndef NO_LDAP_SECURITY
- if (geteuid() != 0) {
- DEBUG(0, ("smb_ldap_open: cannot access LDAP when not root..\n"));
- return LDAP_INSUFFICIENT_ACCESS;
- }
-#endif
-
- if ((ldap_state->ldap_struct != NULL) && ((ldap_state->last_ping + SMB_LDAP_DONT_PING_TIME) < time(NULL))) {
- struct sockaddr_un addr;
- socklen_t len;
- int sd;
- if (ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_DESC, &sd) == 0 &&
- getpeername(sd, (struct sockaddr *) &addr, &len) < 0) {
- /* the other end has died. reopen. */
- ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL);
- ldap_state->ldap_struct = NULL;
- ldap_state->last_ping = (time_t)0;
- } else {
- ldap_state->last_ping = time(NULL);
- }
- }
-
- if (ldap_state->ldap_struct != NULL) {
- DEBUG(5,("smb_ldap_open: allready connected to the LDAP server\n"));
- return LDAP_SUCCESS;
- }
-
- if ((rc = smb_ldap_open_connection(ldap_state, &ldap_state->ldap_struct))) {
- return rc;
- }
-
- if ((rc = smb_ldap_connect_system(ldap_state, ldap_state->ldap_struct))) {
- ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL);
- ldap_state->ldap_struct = NULL;
- return rc;
- }
-
-
- ldap_state->last_ping = time(NULL);
- DEBUG(4,("The LDAP server is succesful connected\n"));
-
- return LDAP_SUCCESS;
-}
-
-/**********************************************************************
-Disconnect from LDAP server
-*********************************************************************/
-NTSTATUS smb_ldap_close(struct smb_ldap_privates *ldap_state)
-{
- if (!ldap_state)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (ldap_state->ldap_struct != NULL) {
- ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL);
- ldap_state->ldap_struct = NULL;
- }
-
- DEBUG(5,("The connection to the LDAP server was closed\n"));
- /* maybe free the results here --metze */
-
- return NT_STATUS_OK;
-}
-
-static int smb_ldap_retry_open(struct smb_ldap_privates *ldap_state, int *attempts)
-{
- int rc;
-
- SMB_ASSERT(ldap_state && attempts);
-
- if (*attempts != 0) {
- /* we retry after 0.5, 2, 4.5, 8, 12.5, 18, 24.5 seconds */
- msleep((((*attempts)*(*attempts))/2)*1000);
- }
- (*attempts)++;
-
- if ((rc = smb_ldap_open(ldap_state))) {
- DEBUG(0,("Connection to LDAP Server failed for the %d try!\n",*attempts));
- return rc;
- }
-
- return LDAP_SUCCESS;
-}
-
-
-int smb_ldap_search(struct smb_ldap_privates *ldap_state,
- const char *base, int scope, const char *filter,
- const char *attrs[], int attrsonly,
- LDAPMessage **res)
-{
- int rc = LDAP_SERVER_DOWN;
- int attempts = 0;
-
- SMB_ASSERT(ldap_state);
-
- while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
-
- if ((rc = smb_ldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
- continue;
-
- rc = ldap_search_s(ldap_state->ldap_struct, base, scope,
- filter, attrs, attrsonly, res);
- }
-
- if (rc == LDAP_SERVER_DOWN) {
- DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
- smb_ldap_close(ldap_state);
- }
-
- return rc;
-}
-
-int smb_ldap_modify(struct smb_ldap_privates *ldap_state, char *dn,
- LDAPMod *attrs[])
-{
- int rc = LDAP_SERVER_DOWN;
- int attempts = 0;
-
- if (!ldap_state)
- return (-1);
-
- while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
-
- if ((rc = smb_ldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
- continue;
-
- rc = ldap_modify_s(ldap_state->ldap_struct, dn, attrs);
- }
-
- if (rc == LDAP_SERVER_DOWN) {
- DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
- smb_ldap_close(ldap_state);
- }
-
- return rc;
-}
-
-int smb_ldap_add(struct smb_ldap_privates *ldap_state, const char *dn,
- LDAPMod *attrs[])
-{
- int rc = LDAP_SERVER_DOWN;
- int attempts = 0;
-
- if (!ldap_state)
- return (-1);
-
- while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
-
- if ((rc = smb_ldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
- continue;
-
- rc = ldap_add_s(ldap_state->ldap_struct, dn, attrs);
- }
-
- if (rc == LDAP_SERVER_DOWN) {
- DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
- smb_ldap_close(ldap_state);
- }
-
- return rc;
-}
-
-int smb_ldap_delete(struct smb_ldap_privates *ldap_state, char *dn)
-{
- int rc = LDAP_SERVER_DOWN;
- int attempts = 0;
-
- if (!ldap_state)
- return (-1);
-
- while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
-
- if ((rc = smb_ldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
- continue;
-
- rc = ldap_delete_s(ldap_state->ldap_struct, dn);
- }
-
- if (rc == LDAP_SERVER_DOWN) {
- DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
- smb_ldap_close(ldap_state);
- }
-
- return rc;
-}
-
-int smb_ldap_extended_operation(struct smb_ldap_privates *ldap_state,
- LDAP_CONST char *reqoid,
- struct berval *reqdata,
- LDAPControl **serverctrls,
- LDAPControl **clientctrls, char **retoidp,
- struct berval **retdatap)
-{
- int rc = LDAP_SERVER_DOWN;
- int attempts = 0;
-
- if (!ldap_state)
- return (-1);
-
- while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
-
- if ((rc = smb_ldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
- continue;
-
- rc = ldap_extended_operation_s(ldap_state->ldap_struct, reqoid, reqdata, serverctrls, clientctrls, retoidp, retdatap);
- }
-
- if (rc == LDAP_SERVER_DOWN) {
- DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
- smb_ldap_close(ldap_state);
- }
-
- return rc;
-}
-
-/*******************************************************************
-search an attribute and return the first value found.
-******************************************************************/
-BOOL smb_ldap_get_single_attribute (LDAP * ldap_struct, LDAPMessage * entry,
- const char *attribute, pstring value)
-{
- char **values;
-
- if ((values = ldap_get_values (ldap_struct, entry, attribute)) == NULL) {
- value = NULL;
- DEBUG (10, ("smb_ldap_get_single_attribute: [%s] = [<does not exist>]\n", attribute));
-
- return False;
- }
-
- pstrcpy(value, values[0]);
- ldap_value_free(values);
-#ifdef DEBUG_PASSWORDS
- DEBUG (100, ("smb_ldap_get_single_attribute: [%s] = [%s]\n", attribute, value));
-#endif
- return True;
-}
-
-
-/************************************************************************
-Routine to manage the LDAPMod structure array
-manage memory used by the array, by each struct, and values
-
-************************************************************************/
-void smb_ldap_make_a_mod (LDAPMod *** modlist, int modop,
- const char *attribute, const char *value)
-{
- LDAPMod **mods;
- int i;
- int j;
-
- mods = *modlist;
-
- if (attribute == NULL || *attribute == '\0')
- return;
-
- if (value == NULL || *value == '\0')
- return;
-
- if (mods == NULL)
- {
- mods = (LDAPMod **) malloc(sizeof(LDAPMod *));
- if (mods == NULL)
- {
- DEBUG(0, ("smb_ldap_make_a_mod: out of memory!\n"));
- return;
- }
- mods[0] = NULL;
- }
-
- for (i = 0; mods[i] != NULL; ++i) {
- if (mods[i]->mod_op == modop && !strcasecmp(mods[i]->mod_type, attribute))
- break;
- }
-
- if (mods[i] == NULL)
- {
- mods = (LDAPMod **) Realloc (mods, (i + 2) * sizeof (LDAPMod *));
- if (mods == NULL)
- {
- DEBUG(0, ("smb_ldap_make_a_mod: out of memory!\n"));
- return;
- }
- mods[i] = (LDAPMod *) malloc(sizeof(LDAPMod));
- if (mods[i] == NULL)
- {
- DEBUG(0, ("smb_ldap_make_a_mod: out of memory!\n"));
- return;
- }
- mods[i]->mod_op = modop;
- mods[i]->mod_values = NULL;
- mods[i]->mod_type = strdup(attribute);
- mods[i + 1] = NULL;
- }
-
- if (value != NULL)
- {
- j = 0;
- if (mods[i]->mod_values != NULL) {
- for (; mods[i]->mod_values[j] != NULL; j++);
- }
- mods[i]->mod_values = (char **)Realloc(mods[i]->mod_values,
- (j + 2) * sizeof (char *));
-
- if (mods[i]->mod_values == NULL) {
- DEBUG (0, ("smb_ldap_make_a_mod: Memory allocation failure!\n"));
- return;
- }
- mods[i]->mod_values[j] = strdup(value);
- mods[i]->mod_values[j + 1] = NULL;
- }
- *modlist = mods;
-}
-
-#endif
diff --git a/source3/lib/username.c b/source3/lib/username.c
index d8f4ff80ed..b8f33494ee 100644
--- a/source3/lib/username.c
+++ b/source3/lib/username.c
@@ -339,7 +339,7 @@ static BOOL user_in_winbind_group_list(const char *user, const char *gname, BOOL
goto err;
}
- if (!lp_idmap_gid(&gid_low, &gid_high)) {
+ if (!lp_winbind_gid(&gid_low, &gid_high)) {
DEBUG(4, ("winbind gid range not configured, therefore %s cannot be a winbind group\n", gname));
goto err;
}
diff --git a/source3/lib/util.c b/source3/lib/util.c
index ddc20e492c..a392530786 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -1040,7 +1040,7 @@ BOOL get_mydomname(fstring my_domname)
Interpret a protocol description string, with a default.
****************************************************************************/
-int interpret_protocol(const char *str,int def)
+int interpret_protocol(char *str,int def)
{
if (strequal(str,"NT1"))
return(PROTOCOL_NT1);
@@ -1409,15 +1409,15 @@ void smb_panic(const char *why)
{
extern char *global_clobber_region_function;
extern unsigned int global_clobber_region_line;
-
+
if (global_clobber_region_function) {
DEBUG(0,("smb_panic: clobber_region() last called from [%s(%u)]\n",
- global_clobber_region_function,
- global_clobber_region_line));
+ global_clobber_region_function,
+ global_clobber_region_line));
}
}
#endif
-
+
cmd = lp_panic_action();
if (cmd && *cmd) {
DEBUG(0, ("smb_panic(): calling panic action [%s]\n", cmd));
@@ -1425,10 +1425,10 @@ void smb_panic(const char *why)
if (result == -1)
DEBUG(0, ("smb_panic(): fork failed in panic action: %s\n",
- strerror(errno)));
+ strerror(errno)));
else
DEBUG(0, ("smb_panic(): action returned status %d\n",
- WEXITSTATUS(result)));
+ WEXITSTATUS(result)));
}
DEBUG(0,("PANIC: %s\n", why));
@@ -1453,8 +1453,8 @@ void smb_panic(const char *why)
}
/*******************************************************************
- A readdir wrapper which just returns the file name.
- ********************************************************************/
+ A readdir wrapper which just returns the file name.
+********************************************************************/
const char *readdirname(DIR *p)
{
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index dfd3b312e0..9e5ae6b441 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -630,21 +630,3 @@ void print_guid(GUID *guid)
d_printf("%02x", guid->info[i]);
d_printf("\n");
}
-
-/*******************************************************************
- Tallocs a duplicate SID.
-********************************************************************/
-
-DOM_SID *sid_dup_talloc(TALLOC_CTX *ctx, DOM_SID *src)
-{
- DOM_SID *dst;
-
- if(!src)
- return NULL;
-
- if((dst = talloc_zero(ctx, sizeof(DOM_SID))) != NULL) {
- sid_copy( dst, src);
- }
-
- return dst;
-}
diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c
index e561d15f61..e2f9f19f58 100644
--- a/source3/lib/util_str.c
+++ b/source3/lib/util_str.c
@@ -1226,12 +1226,12 @@ char *binary_string(char *buf, int len)
return ret;
}
-
+#if 0
/**
Just a typesafety wrapper for snprintf into a fstring.
**/
-int fstr_sprintf(fstring s, const char *fmt, ...)
+static int fstr_sprintf(fstring s, const char *fmt, ...)
{
va_list ap;
int ret;
@@ -1241,7 +1241,7 @@ int fstr_sprintf(fstring s, const char *fmt, ...)
va_end(ap);
return ret;
}
-
+#endif
#ifndef HAVE_STRNDUP
/**
diff --git a/source3/lib/util_unistr.c b/source3/lib/util_unistr.c
index 812859000a..08bb03986f 100644
--- a/source3/lib/util_unistr.c
+++ b/source3/lib/util_unistr.c
@@ -40,9 +40,12 @@ static uint8 *valid_table;
static uint8 doschar_table[8192]; /* 65536 characters / 8 bits/byte */
-/*******************************************************************
-load the case handling tables
-********************************************************************/
+/**
+ * Load or generate the case handling tables.
+ *
+ * The case tables are defined in UCS2 and don't depend on any
+ * configured parameters, so they never need to be reloaded.
+ **/
void load_case_tables(void)
{
static int initialised;
@@ -91,14 +94,9 @@ void load_case_tables(void)
see if a ucs2 character can be mapped correctly to a dos character
and mapped back to the same character in ucs2
*/
-static int check_dos_char(smb_ucs2_t c)
+int check_dos_char(smb_ucs2_t c)
{
- static int initialized = False;
-
- if (!initialized) {
- initialized = True;
- init_doschar_table();
- }
+ lazy_initialize_conv();
/* Find the right byte, and right bit within the byte; return
* 1 or 0 */
diff --git a/source3/libads/ads_utils.c b/source3/libads/ads_utils.c
index 626c177926..750940e336 100644
--- a/source3/libads/ads_utils.c
+++ b/source3/libads/ads_utils.c
@@ -89,52 +89,6 @@ uint32 ads_uf2atype(uint32 uf)
}
/*
-translated the GROUP_CTRL Flags to GroupType (groupType)
-*/
-uint32 ads_gcb2gtype(uint16 gcb)
-{
- uint32 gtype = 0x00000000;
-
- if (gcb & GCB_ALIAS_GROUP) gtype |= GTYPE_SECURITY_BUILTIN_LOCAL_GROUP;
- else if(gcb & GCB_LOCAL_GROUP) gtype |= GTYPE_SECURITY_DOMAIN_LOCAL_GROUP;
- if (gcb & GCB_GLOBAL_GROUP) gtype |= GTYPE_SECURITY_GLOBAL_GROUP;
-
- return gtype;
-}
-
-/*
-translated the GroupType (groupType) to GROUP_CTRL Flags
-*/
-uint16 ads_gtype2gcb(uint32 gtype)
-{
- uint16 gcb = 0x0000;
-
- switch(gtype) {
- case GTYPE_SECURITY_BUILTIN_LOCAL_GROUP:
- gcb = GCB_ALIAS_GROUP;
- break;
- case GTYPE_SECURITY_DOMAIN_LOCAL_GROUP:
- gcb = GCB_LOCAL_GROUP;
- break;
- case GTYPE_SECURITY_GLOBAL_GROUP:
- gcb = GCB_GLOBAL_GROUP;
- break;
-
- case GTYPE_DISTRIBUTION_GLOBAL_GROUP:
- gcb = GCB_GLOBAL_GROUP;
- break;
- case GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP:
- gcb = GCB_LOCAL_GROUP;
- break;
- case GTYPE_DISTRIBUTION_UNIVERSAL_GROUP:
- gcb = GCB_GLOBAL_GROUP;
- break;
- }
-
- return gcb;
-}
-
-/*
get the accountType from the groupType
*/
uint32 ads_gtype2atype(uint32 gtype)
diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c
index 6a50137400..4d9a1bf765 100644
--- a/source3/libads/kerberos_verify.c
+++ b/source3/libads/kerberos_verify.c
@@ -148,12 +148,6 @@ NTSTATUS ads_verify_ticket(ADS_STRUCT *ads, const DATA_BLOB *ticket,
get_auth_data_from_tkt(auth_data, tkt);
- {
- TALLOC_CTX *ctx = talloc_init("pac data");
- decode_pac_data(auth_data, ctx);
- talloc_destroy(ctx);
- }
-
#if 0
if (tkt->enc_part2) {
file_save("/tmp/authdata.dat",
diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c
index 214871b3fb..a5b9eee4ce 100644
--- a/source3/libads/krb5_setpw.c
+++ b/source3/libads/krb5_setpw.c
@@ -538,6 +538,7 @@ ADS_STATUS krb5_set_password(const char *kdc_host, const char *princ, const char
krb5_free_creds(context, credsp);
krb5_free_principal(context, creds.client);
+ krb5_free_principal(context, creds.server);
krb5_free_principal(context, principal);
krb5_free_context(context);
@@ -570,11 +571,11 @@ kerb_prompter(krb5_context ctx, void *data,
return 0;
}
-static ADS_STATUS krb5_chg_password(const char *kdc_host,
- const char *principal,
- const char *oldpw,
- const char *newpw,
- int time_offset)
+ADS_STATUS krb5_chg_password(const char *kdc_host,
+ const char *principal,
+ const char *oldpw,
+ const char *newpw,
+ int time_offset)
{
ADS_STATUS aret;
krb5_error_code ret;
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index baedfb28db..67827d27f3 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -401,7 +401,7 @@ static char **ads_pull_strvals(TALLOC_CTX *ctx, const char **in_vals)
* @param ads connection to ads server
* @param bind_path Base dn for the search
* @param scope Scope of search (LDAP_BASE | LDAP_ONE | LDAP_SUBTREE)
- * @param expr Search expression - specified in local charset
+ * @param exp Search expression - specified in local charset
* @param attrs Attributes to retrieve - specified in utf8 or ascii
* @param res ** which will contain results - free res* with ads_msgfree()
* @param count Number of entries retrieved on this page
@@ -409,12 +409,12 @@ static char **ads_pull_strvals(TALLOC_CTX *ctx, const char **in_vals)
* @return status of search
**/
ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path,
- int scope, const char *expr,
+ int scope, const char *exp,
const char **attrs, void **res,
int *count, void **cookie)
{
int rc, i, version;
- char *utf8_expr, *utf8_path, **search_attrs;
+ char *utf8_exp, *utf8_path, **search_attrs;
LDAPControl PagedResults, NoReferrals, *controls[3], **rcontrols;
BerElement *cookie_be = NULL;
struct berval *cookie_bv= NULL;
@@ -428,7 +428,7 @@ ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path,
/* 0 means the conversion worked but the result was empty
so we only fail if it's -1. In any case, it always
at least nulls out the dest */
- if ((push_utf8_talloc(ctx, &utf8_expr, expr) == (size_t)-1) ||
+ if ((push_utf8_talloc(ctx, &utf8_exp, exp) == (size_t)-1) ||
(push_utf8_talloc(ctx, &utf8_path, bind_path) == (size_t)-1)) {
rc = LDAP_NO_MEMORY;
goto done;
@@ -489,7 +489,7 @@ ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path,
*/
ldap_set_option(ads->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);
- rc = ldap_search_ext_s(ads->ld, utf8_path, scope, utf8_expr,
+ rc = ldap_search_ext_s(ads->ld, utf8_path, scope, utf8_exp,
search_attrs, 0, controls,
NULL, NULL, LDAP_NO_LIMIT, (LDAPMessage **)res);
@@ -497,7 +497,7 @@ ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path,
ber_bvfree(cookie_bv);
if (rc) {
- DEBUG(3,("ldap_search_ext_s(%s) -> %s\n", expr, ldap_err2string(rc)));
+ DEBUG(3,("ldap_search_ext_s(%s) -> %s\n", exp, ldap_err2string(rc)));
goto done;
}
@@ -541,20 +541,20 @@ done:
* @param ads connection to ads server
* @param bind_path Base dn for the search
* @param scope Scope of search (LDAP_BASE | LDAP_ONE | LDAP_SUBTREE)
- * @param expr Search expression
+ * @param exp Search expression
* @param attrs Attributes to retrieve
* @param res ** which will contain results - free res* with ads_msgfree()
* @return status of search
**/
ADS_STATUS ads_do_search_all(ADS_STRUCT *ads, const char *bind_path,
- int scope, const char *expr,
+ int scope, const char *exp,
const char **attrs, void **res)
{
void *cookie = NULL;
int count = 0;
ADS_STATUS status;
- status = ads_do_paged_search(ads, bind_path, scope, expr, attrs, res,
+ status = ads_do_paged_search(ads, bind_path, scope, exp, attrs, res,
&count, &cookie);
if (!ADS_ERR_OK(status)) return status;
@@ -564,7 +564,7 @@ ADS_STATUS ads_do_search_all(ADS_STRUCT *ads, const char *bind_path,
ADS_STATUS status2;
LDAPMessage *msg, *next;
- status2 = ads_do_paged_search(ads, bind_path, scope, expr,
+ status2 = ads_do_paged_search(ads, bind_path, scope, exp,
attrs, &res2, &count, &cookie);
if (!ADS_ERR_OK(status2)) break;
@@ -588,14 +588,14 @@ ADS_STATUS ads_do_search_all(ADS_STRUCT *ads, const char *bind_path,
* @param ads connection to ads server
* @param bind_path Base dn for the search
* @param scope Scope of search (LDAP_BASE | LDAP_ONE | LDAP_SUBTREE)
- * @param expr Search expression - specified in local charset
+ * @param exp Search expression - specified in local charset
* @param attrs Attributes to retrieve - specified in UTF-8 or ascii
* @param fn Function which takes attr name, values list, and data_area
* @param data_area Pointer which is passed to function on each call
* @return status of search
**/
ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path,
- int scope, const char *expr, const char **attrs,
+ int scope, const char *exp, const char **attrs,
BOOL(*fn)(char *, void **, void *),
void *data_area)
{
@@ -604,7 +604,7 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path,
ADS_STATUS status;
void *res;
- status = ads_do_paged_search(ads, bind_path, scope, expr, attrs, &res,
+ status = ads_do_paged_search(ads, bind_path, scope, exp, attrs, &res,
&count, &cookie);
if (!ADS_ERR_OK(status)) return status;
@@ -613,7 +613,7 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path,
ads_msgfree(ads, res);
while (cookie) {
- status = ads_do_paged_search(ads, bind_path, scope, expr, attrs,
+ status = ads_do_paged_search(ads, bind_path, scope, exp, attrs,
&res, &count, &cookie);
if (!ADS_ERR_OK(status)) break;
@@ -630,18 +630,18 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path,
* @param ads connection to ads server
* @param bind_path Base dn for the search
* @param scope Scope of search (LDAP_BASE | LDAP_ONE | LDAP_SUBTREE)
- * @param expr Search expression
+ * @param exp Search expression
* @param attrs Attributes to retrieve
* @param res ** which will contain results - free res* with ads_msgfree()
* @return status of search
**/
ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope,
- const char *expr,
+ const char *exp,
const char **attrs, void **res)
{
struct timeval timeout;
int rc;
- char *utf8_expr, *utf8_path, **search_attrs = NULL;
+ char *utf8_exp, *utf8_path, **search_attrs = NULL;
TALLOC_CTX *ctx;
if (!(ctx = talloc_init("ads_do_search"))) {
@@ -652,7 +652,7 @@ ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope,
/* 0 means the conversion worked but the result was empty
so we only fail if it's negative. In any case, it always
at least nulls out the dest */
- if ((push_utf8_talloc(ctx, &utf8_expr, expr) == (size_t)-1) ||
+ if ((push_utf8_talloc(ctx, &utf8_exp, exp) == (size_t)-1) ||
(push_utf8_talloc(ctx, &utf8_path, bind_path) == (size_t)-1)) {
DEBUG(1,("ads_do_search: push_utf8_talloc() failed!"));
rc = LDAP_NO_MEMORY;
@@ -679,7 +679,7 @@ ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope,
/* see the note in ads_do_paged_search - we *must* disable referrals */
ldap_set_option(ads->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);
- rc = ldap_search_ext_s(ads->ld, utf8_path, scope, utf8_expr,
+ rc = ldap_search_ext_s(ads->ld, utf8_path, scope, utf8_exp,
search_attrs, 0, NULL, NULL,
&timeout, LDAP_NO_LIMIT, (LDAPMessage **)res);
@@ -698,16 +698,16 @@ ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope,
* Do a general ADS search
* @param ads connection to ads server
* @param res ** which will contain results - free res* with ads_msgfree()
- * @param expr Search expression
+ * @param exp Search expression
* @param attrs Attributes to retrieve
* @return status of search
**/
ADS_STATUS ads_search(ADS_STRUCT *ads, void **res,
- const char *expr,
+ const char *exp,
const char **attrs)
{
return ads_do_search(ads, ads->config.bind_path, LDAP_SCOPE_SUBTREE,
- expr, attrs, res);
+ exp, attrs, res);
}
/**
@@ -772,18 +772,18 @@ char *ads_get_dn(ADS_STRUCT *ads, void *res)
ADS_STATUS ads_find_machine_acct(ADS_STRUCT *ads, void **res, const char *host)
{
ADS_STATUS status;
- char *expr;
+ char *exp;
const char *attrs[] = {"*", "nTSecurityDescriptor", NULL};
/* the easiest way to find a machine account anywhere in the tree
is to look for hostname$ */
- if (asprintf(&expr, "(samAccountName=%s$)", host) == -1) {
+ if (asprintf(&exp, "(samAccountName=%s$)", host) == -1) {
DEBUG(1, ("asprintf failed!\n"));
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
- status = ads_search(ads, res, expr, attrs);
- free(expr);
+ status = ads_search(ads, res, exp, attrs);
+ free(exp);
return status;
}
@@ -1424,7 +1424,7 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn)
{
const char *attrs[] = {"nTSecurityDescriptor", "objectSid", 0};
- char *expr = 0;
+ char *exp = 0;
size_t sd_size = 0;
struct berval bval = {0, NULL};
prs_struct ps_wire;
@@ -1452,7 +1452,7 @@ ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn)
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
- if (asprintf(&expr, "(samAccountName=%s$)", escaped_hostname) == -1) {
+ if (asprintf(&exp, "(samAccountName=%s$)", escaped_hostname) == -1) {
DEBUG(1, ("ads_set_machine_sd: asprintf failed!\n"));
SAFE_FREE(escaped_hostname);
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
@@ -1460,7 +1460,7 @@ ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn)
SAFE_FREE(escaped_hostname);
- ret = ads_search(ads, (void *) &res, expr, attrs);
+ ret = ads_search(ads, (void *) &res, exp, attrs);
if (!ADS_ERR_OK(ret)) return ret;
@@ -2036,7 +2036,7 @@ but you need to force the bind path to match the configurationNamingContext from
*/
ADS_STATUS ads_workgroup_name(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **workgroup)
{
- char *expr;
+ char *exp;
ADS_STATUS rc;
char **principles;
char *prefix;
@@ -2047,10 +2047,10 @@ ADS_STATUS ads_workgroup_name(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **workg
(*workgroup) = NULL;
- asprintf(&expr, "(&(objectclass=computer)(dnshostname=%s.%s))",
+ asprintf(&exp, "(&(objectclass=computer)(dnshostname=%s.%s))",
ads->config.ldap_server_name, ads->config.realm);
- rc = ads_search(ads, &res, expr, attrs);
- free(expr);
+ rc = ads_search(ads, &res, exp, attrs);
+ free(exp);
if (!ADS_ERR_OK(rc)) {
return rc;
diff --git a/source3/libads/ldap_utils.c b/source3/libads/ldap_utils.c
index 6855600288..907f7c8aff 100644
--- a/source3/libads/ldap_utils.c
+++ b/source3/libads/ldap_utils.c
@@ -28,7 +28,7 @@
this is supposed to catch dropped connections and auto-reconnect
*/
ADS_STATUS ads_do_search_retry(ADS_STRUCT *ads, const char *bind_path, int scope,
- const char *expr,
+ const char *exp,
const char **attrs, void **res)
{
ADS_STATUS status;
@@ -46,10 +46,10 @@ ADS_STATUS ads_do_search_retry(ADS_STRUCT *ads, const char *bind_path, int scope
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
while (count--) {
- status = ads_do_search_all(ads, bp, scope, expr, attrs, res);
+ status = ads_do_search_all(ads, bp, scope, exp, attrs, res);
if (ADS_ERR_OK(status)) {
DEBUG(5,("Search for %s gave %d replies\n",
- expr, ads_count_replies(ads, *res)));
+ exp, ads_count_replies(ads, *res)));
free(bp);
return status;
}
@@ -79,11 +79,11 @@ ADS_STATUS ads_do_search_retry(ADS_STRUCT *ads, const char *bind_path, int scope
ADS_STATUS ads_search_retry(ADS_STRUCT *ads, void **res,
- const char *expr,
+ const char *exp,
const char **attrs)
{
return ads_do_search_retry(ads, ads->config.bind_path, LDAP_SCOPE_SUBTREE,
- expr, attrs, res);
+ exp, attrs, res);
}
ADS_STATUS ads_search_retry_dn(ADS_STRUCT *ads, void **res,
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 81cb61d757..81b3bbcab5 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -118,10 +118,7 @@ BOOL cli_receive_smb(struct cli_state *cli)
}
if (!cli_check_sign_mac(cli)) {
- DEBUG(0, ("SMB Signature verification failed on incoming packet!\n"));
- cli->smb_rw_error = READ_BAD_SIG;
- close(cli->fd);
- cli->fd = -1;
+ DEBUG(0, ("SMB Signiture verification failed on incoming packet!\n"));
return False;
};
return True;
@@ -262,6 +259,9 @@ struct cli_state *cli_initialise(struct cli_state *cli)
if (getenv("CLI_FORCE_DOSERR"))
cli->force_dos_errors = True;
+ /* initialise signing */
+ cli_null_set_signing(cli);
+
if (lp_client_signing())
cli->sign_info.allow_smb_signing = True;
@@ -274,13 +274,6 @@ struct cli_state *cli_initialise(struct cli_state *cli)
memset(cli->outbuf, 0, cli->bufsize);
memset(cli->inbuf, 0, cli->bufsize);
- /* just becouse we over-allocate, doesn't mean it's right to use it */
- clobber_region(FUNCTION_MACRO, __LINE__, cli->outbuf+cli->bufsize, SAFETY_MARGIN);
- clobber_region(FUNCTION_MACRO, __LINE__, cli->inbuf+cli->bufsize, SAFETY_MARGIN);
-
- /* initialise signing */
- cli_null_set_signing(cli);
-
cli->nt_pipe_fnum = 0;
cli->saved_netlogon_pipe_fnum = 0;
diff --git a/source3/libsmb/clierror.c b/source3/libsmb/clierror.c
index 9ee181a90f..12a7b5dba1 100644
--- a/source3/libsmb/clierror.c
+++ b/source3/libsmb/clierror.c
@@ -2,7 +2,6 @@
Unix SMB/CIFS implementation.
client error handling routines
Copyright (C) Andrew Tridgell 1994-1998
- Copyright (C) Jelmer Vernooij 2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -96,21 +95,17 @@ const char *cli_errstr(struct cli_state *cli)
break;
case READ_EOF:
slprintf(cli_error_message, sizeof(cli_error_message) - 1,
- "Call returned zero bytes (EOF)" );
+ "Call returned zero bytes (EOF)\n" );
break;
case READ_ERROR:
slprintf(cli_error_message, sizeof(cli_error_message) - 1,
- "Read error: %s", strerror(errno) );
+ "Read error: %s\n", strerror(errno) );
break;
case WRITE_ERROR:
slprintf(cli_error_message, sizeof(cli_error_message) - 1,
- "Write error: %s", strerror(errno) );
+ "Write error: %s\n", strerror(errno) );
break;
- case READ_BAD_SIG:
- slprintf(cli_error_message, sizeof(cli_error_message) - 1,
- "Server packet had invalid SMB signiture!");
- break;
- default:
+ default:
slprintf(cli_error_message, sizeof(cli_error_message) - 1,
"Unknown error code %d\n", cli->smb_rw_error );
break;
@@ -225,104 +220,16 @@ static struct {
int error;
} nt_errno_map[] = {
{NT_STATUS_ACCESS_VIOLATION, EACCES},
+ {NT_STATUS_NO_SUCH_FILE, ENOENT},
+ {NT_STATUS_NO_SUCH_DEVICE, ENODEV},
{NT_STATUS_INVALID_HANDLE, EBADF},
+ {NT_STATUS_NO_MEMORY, ENOMEM},
{NT_STATUS_ACCESS_DENIED, EACCES},
{NT_STATUS_OBJECT_NAME_NOT_FOUND, ENOENT},
{NT_STATUS_SHARING_VIOLATION, EBUSY},
{NT_STATUS_OBJECT_PATH_INVALID, ENOTDIR},
{NT_STATUS_OBJECT_NAME_COLLISION, EEXIST},
{NT_STATUS_PATH_NOT_COVERED, ENOENT},
- {NT_STATUS_UNSUCCESSFUL, EINVAL},
- {NT_STATUS_NOT_IMPLEMENTED, ENOSYS},
- {NT_STATUS_IN_PAGE_ERROR, EFAULT},
- {NT_STATUS_BAD_NETWORK_NAME, ENOENT},
-#ifdef EDQUOT
- {NT_STATUS_PAGEFILE_QUOTA, EDQUOT},
- {NT_STATUS_QUOTA_EXCEEDED, EDQUOT},
- {NT_STATUS_REGISTRY_QUOTA_LIMIT, EDQUOT},
- {NT_STATUS_LICENSE_QUOTA_EXCEEDED, EDQUOT},
-#endif
-#ifdef ETIME
- {NT_STATUS_TIMER_NOT_CANCELED, ETIME},
-#endif
- {NT_STATUS_INVALID_PARAMETER, EINVAL},
- {NT_STATUS_NO_SUCH_DEVICE, ENODEV},
- {NT_STATUS_NO_SUCH_FILE, ENOENT},
-#ifdef ENODATA
- {NT_STATUS_END_OF_FILE, ENODATA},
-#endif
-#ifdef ENOMEDIUM
- {NT_STATUS_NO_MEDIA_IN_DEVICE, ENOMEDIUM},
- {NT_STATUS_NO_MEDIA, ENOMEDIUM},
-#endif
- {NT_STATUS_NONEXISTENT_SECTOR, ESPIPE},
- {NT_STATUS_NO_MEMORY, ENOMEM},
- {NT_STATUS_CONFLICTING_ADDRESSES, EADDRINUSE},
- {NT_STATUS_NOT_MAPPED_VIEW, EINVAL},
- {NT_STATUS_UNABLE_TO_FREE_VM, EADDRINUSE},
- {NT_STATUS_ACCESS_DENIED, EACCES},
- {NT_STATUS_BUFFER_TOO_SMALL, ENOBUFS},
- {NT_STATUS_WRONG_PASSWORD, EACCES},
- {NT_STATUS_LOGON_FAILURE, EACCES},
- {NT_STATUS_INVALID_WORKSTATION, EACCES},
- {NT_STATUS_INVALID_LOGON_HOURS, EACCES},
- {NT_STATUS_PASSWORD_EXPIRED, EACCES},
- {NT_STATUS_ACCOUNT_DISABLED, EACCES},
- {NT_STATUS_DISK_FULL, ENOSPC},
- {NT_STATUS_INVALID_PIPE_STATE, EPIPE},
- {NT_STATUS_PIPE_BUSY, EPIPE},
- {NT_STATUS_PIPE_DISCONNECTED, EPIPE},
- {NT_STATUS_PIPE_NOT_AVAILABLE, ENOSYS},
- {NT_STATUS_FILE_IS_A_DIRECTORY, EISDIR},
- {NT_STATUS_NOT_SUPPORTED, ENOSYS},
- {NT_STATUS_NOT_A_DIRECTORY, ENOTDIR},
- {NT_STATUS_DIRECTORY_NOT_EMPTY, ENOTEMPTY},
- {NT_STATUS_NETWORK_UNREACHABLE, ENETUNREACH},
- {NT_STATUS_HOST_UNREACHABLE, EHOSTUNREACH},
- {NT_STATUS_CONNECTION_ABORTED, ECONNABORTED},
- {NT_STATUS_CONNECTION_REFUSED, ECONNREFUSED},
- {NT_STATUS_TOO_MANY_LINKS, EMLINK},
- {NT_STATUS_NETWORK_BUSY, EBUSY},
- {NT_STATUS_DEVICE_DOES_NOT_EXIST, ENODEV},
-#ifdef ELIBACC
- {NT_STATUS_DLL_NOT_FOUND, ELIBACC},
-#endif
- {NT_STATUS_PIPE_BROKEN, EPIPE},
- {NT_STATUS_REMOTE_NOT_LISTENING, ECONNREFUSED},
- {NT_STATUS_NETWORK_ACCESS_DENIED, EACCES},
- {NT_STATUS_TOO_MANY_OPENED_FILES, EMFILE},
-#ifdef EPROTO
- {NT_STATUS_DEVICE_PROTOCOL_ERROR, EPROTO},
-#endif
- {NT_STATUS_FLOAT_OVERFLOW, ERANGE},
- {NT_STATUS_FLOAT_UNDERFLOW, ERANGE},
- {NT_STATUS_INTEGER_OVERFLOW, ERANGE},
- {NT_STATUS_MEDIA_WRITE_PROTECTED, EROFS},
- {NT_STATUS_PIPE_CONNECTED, EISCONN},
- {NT_STATUS_MEMORY_NOT_ALLOCATED, EFAULT},
- {NT_STATUS_FLOAT_INEXACT_RESULT, ERANGE},
- {NT_STATUS_ILL_FORMED_PASSWORD, EACCES},
- {NT_STATUS_PASSWORD_RESTRICTION, EACCES},
- {NT_STATUS_ACCOUNT_RESTRICTION, EACCES},
- {NT_STATUS_PORT_CONNECTION_REFUSED, ECONNREFUSED},
- {NT_STATUS_NAME_TOO_LONG, ENAMETOOLONG},
- {NT_STATUS_REMOTE_DISCONNECT, ESHUTDOWN},
- {NT_STATUS_CONNECTION_DISCONNECTED, ECONNABORTED},
- {NT_STATUS_CONNECTION_RESET, ENETRESET},
-#ifdef ENOTUNIQ
- {NT_STATUS_IP_ADDRESS_CONFLICT1, ENOTUNIQ},
- {NT_STATUS_IP_ADDRESS_CONFLICT2, ENOTUNIQ},
-#endif
- {NT_STATUS_PORT_MESSAGE_TOO_LONG, EMSGSIZE},
- {NT_STATUS_PROTOCOL_UNREACHABLE, ENOPROTOOPT},
- {NT_STATUS_ADDRESS_ALREADY_EXISTS, EADDRINUSE},
- {NT_STATUS_PORT_UNREACHABLE, EHOSTUNREACH},
- {NT_STATUS_IO_TIMEOUT, ETIMEDOUT},
- {NT_STATUS_RETRY, EAGAIN},
-#ifdef ECOMM
- {NT_STATUS_NET_WRITE_FAULT, ECOMM},
-#endif
-
{NT_STATUS(0), 0}
};
diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c
index b771e135f4..d86f36405d 100644
--- a/source3/libsmb/clifile.c
+++ b/source3/libsmb/clifile.c
@@ -375,11 +375,9 @@ int cli_nt_delete_on_close(struct cli_state *cli, int fnum, BOOL flag)
Used in smbtorture.
****************************************************************************/
-int cli_nt_create_full(struct cli_state *cli, const char *fname,
- uint32 CreatFlags, uint32 DesiredAccess,
+int cli_nt_create_full(struct cli_state *cli, const char *fname, uint32 DesiredAccess,
uint32 FileAttributes, uint32 ShareAccess,
- uint32 CreateDisposition, uint32 CreateOptions,
- uint8 SecuityFlags)
+ uint32 CreateDisposition, uint32 CreateOptions)
{
char *p;
int len;
@@ -395,9 +393,9 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname,
SSVAL(cli->outbuf,smb_vwv0,0xFF);
if (cli->use_oplocks)
- CreatFlags |= (REQUEST_OPLOCK|REQUEST_BATCH_OPLOCK);
-
- SIVAL(cli->outbuf,smb_ntcreate_Flags, CreatFlags);
+ SIVAL(cli->outbuf,smb_ntcreate_Flags, REQUEST_OPLOCK|REQUEST_BATCH_OPLOCK);
+ else
+ SIVAL(cli->outbuf,smb_ntcreate_Flags, 0);
SIVAL(cli->outbuf,smb_ntcreate_RootDirectoryFid, 0x0);
SIVAL(cli->outbuf,smb_ntcreate_DesiredAccess, DesiredAccess);
SIVAL(cli->outbuf,smb_ntcreate_FileAttributes, FileAttributes);
@@ -405,7 +403,6 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname,
SIVAL(cli->outbuf,smb_ntcreate_CreateDisposition, CreateDisposition);
SIVAL(cli->outbuf,smb_ntcreate_CreateOptions, CreateOptions);
SIVAL(cli->outbuf,smb_ntcreate_ImpersonationLevel, 0x02);
- SCVAL(cli->outbuf,smb_ntcreate_SecurityFlags, SecuityFlags);
p = smb_buf(cli->outbuf);
/* this alignment and termination is critical for netapp filers. Don't change */
@@ -436,8 +433,8 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname,
int cli_nt_create(struct cli_state *cli, const char *fname, uint32 DesiredAccess)
{
- return cli_nt_create_full(cli, fname, 0, DesiredAccess, 0,
- FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_EXISTS_OPEN, 0x0, 0x0);
+ return cli_nt_create_full(cli, fname, DesiredAccess, 0,
+ FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_EXISTS_OPEN, 0x0);
}
/****************************************************************************
@@ -945,6 +942,7 @@ BOOL cli_setatr(struct cli_state *cli, const char *fname, uint16 attr, time_t t)
/****************************************************************************
Check for existance of a dir.
****************************************************************************/
+
BOOL cli_chkpath(struct cli_state *cli, const char *path)
{
pstring path2;
@@ -1051,34 +1049,3 @@ int cli_ctemp(struct cli_state *cli, const char *path, char **tmp_path)
return SVAL(cli->inbuf,smb_vwv0);
}
-
-
-/*
- send a raw ioctl - used by the torture code
-*/
-NTSTATUS cli_raw_ioctl(struct cli_state *cli, int fnum, uint32 code, DATA_BLOB *blob)
-{
- memset(cli->outbuf,'\0',smb_size);
- memset(cli->inbuf,'\0',smb_size);
-
- set_message(cli->outbuf, 3, 0, True);
- SCVAL(cli->outbuf,smb_com,SMBioctl);
- cli_setup_packet(cli);
-
- SSVAL(cli->outbuf, smb_vwv0, fnum);
- SSVAL(cli->outbuf, smb_vwv1, code>>16);
- SSVAL(cli->outbuf, smb_vwv2, (code&0xFFFF));
-
- cli_send_smb(cli);
- if (!cli_receive_smb(cli)) {
- return NT_STATUS_UNEXPECTED_NETWORK_ERROR;
- }
-
- if (cli_is_error(cli)) {
- return cli_nt_error(cli);
- }
-
- *blob = data_blob(NULL, 0);
-
- return NT_STATUS_OK;
-}
diff --git a/source3/libsmb/clirap.c b/source3/libsmb/clirap.c
index f05a65762b..224c37046c 100644
--- a/source3/libsmb/clirap.c
+++ b/source3/libsmb/clirap.c
@@ -233,7 +233,7 @@ BOOL cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32 stype,
SIVAL(p,0,stype);
p += 4;
- push_ascii(p, workgroup, sizeof(pstring)-PTR_DIFF(p,param)-1, STR_TERMINATE|STR_UPPER);
+ p += push_pstring_base(p, workgroup, param);
if (cli_api(cli,
param, PTR_DIFF(p,param), 8, /* params, length, max */
diff --git a/source3/libsmb/libsmb_cache.c b/source3/libsmb/libsmb_cache.c
index 67dc686b48..b1620042f3 100644
--- a/source3/libsmb/libsmb_cache.c
+++ b/source3/libsmb/libsmb_cache.c
@@ -50,8 +50,8 @@ struct smbc_server_cache {
* This function is only used if the external cache is not enabled
*/
static int smbc_add_cached_server(SMBCCTX * context, SMBCSRV * new,
- const char * server, const char * share,
- const char * workgroup, const char * username)
+ char * server, char * share,
+ char * workgroup, char * username)
{
struct smbc_server_cache * srvcache = NULL;
@@ -108,8 +108,8 @@ static int smbc_add_cached_server(SMBCCTX * context, SMBCSRV * new,
* returns server_fd on success, -1 on error (not found)
* This function is only used if the external cache is not enabled
*/
-static SMBCSRV * smbc_get_cached_server(SMBCCTX * context, const char * server,
- const char * share, const char * workgroup, const char * user)
+static SMBCSRV * smbc_get_cached_server(SMBCCTX * context, char * server,
+ char * share, char * workgroup, char * user)
{
struct smbc_server_cache * srv = NULL;
diff --git a/source3/libsmb/libsmbclient.c b/source3/libsmb/libsmbclient.c
index 69c4d8f7a7..92353d8c30 100644
--- a/source3/libsmb/libsmbclient.c
+++ b/source3/libsmb/libsmbclient.c
@@ -52,87 +52,6 @@ extern BOOL in_client;
*/
static int smbc_initialized = 0;
-static int
-hex2int( unsigned int _char )
-{
- if ( _char >= 'A' && _char <='F')
- return _char - 'A' + 10;
- if ( _char >= 'a' && _char <='f')
- return _char - 'a' + 10;
- if ( _char >= '0' && _char <='9')
- return _char - '0';
- return -1;
-}
-
-static void
-decode_urlpart(char *segment, size_t sizeof_segment)
-{
- int old_length = strlen(segment);
- int new_length = 0;
- int new_length2 = 0;
- int i = 0;
- pstring new_segment;
- char *new_usegment = 0;
-
- if ( !old_length ) {
- return;
- }
-
- /* make a copy of the old one */
- new_usegment = (char*)malloc( old_length * 3 + 1 );
-
- while( i < old_length ) {
- int bReencode = False;
- unsigned char character = segment[ i++ ];
- if ((character <= ' ') || (character > 127))
- bReencode = True;
-
- new_usegment [ new_length2++ ] = character;
- if (character == '%' ) {
- int a = i+1 < old_length ? hex2int( segment[i] ) : -1;
- int b = i+1 < old_length ? hex2int( segment[i+1] ) : -1;
- if ((a == -1) || (b == -1)) { /* Only replace if sequence is valid */
- /* Contains stray %, make sure to re-encode! */
- bReencode = True;
- } else {
- /* Valid %xx sequence */
- character = a * 16 + b; /* Replace with value of %dd */
- if (!character)
- break; /* Stop at %00 */
-
- new_usegment [ new_length2++ ] = (unsigned char) segment[i++];
- new_usegment [ new_length2++ ] = (unsigned char) segment[i++];
- }
- }
- if (bReencode) {
- unsigned int c = character / 16;
- new_length2--;
- new_usegment [ new_length2++ ] = '%';
-
- c += (c > 9) ? ('A' - 10) : '0';
- new_usegment[ new_length2++ ] = c;
-
- c = character % 16;
- c += (c > 9) ? ('A' - 10) : '0';
- new_usegment[ new_length2++ ] = c;
- }
-
- new_segment [ new_length++ ] = character;
- }
- new_segment [ new_length ] = 0;
-
- free(new_usegment);
-
- /* realloc it with unix charset */
- pull_utf8_allocate((void**)&new_usegment, new_segment);
-
- /* this assumes (very safely) that removing %aa sequences
- only shortens the string */
- strncpy(segment, new_usegment, sizeof_segment);
-
- free(new_usegment);
-}
-
/*
* Function to parse a path and turn it into components
*
@@ -178,7 +97,7 @@ smbc_parse_path(SMBCCTX *context, const char *fname, char *server, char *share,
p += 2; /* Skip the // or \\ */
if (*p == (char)0)
- goto decoding;
+ return 0;
if (*p == '/') {
@@ -239,7 +158,7 @@ smbc_parse_path(SMBCCTX *context, const char *fname, char *server, char *share,
}
- if (*p == (char)0) goto decoding; /* That's it ... */
+ if (*p == (char)0) return 0; /* That's it ... */
if (!next_token(&p, share, "/", sizeof(fstring))) {
@@ -248,16 +167,9 @@ smbc_parse_path(SMBCCTX *context, const char *fname, char *server, char *share,
}
pstrcpy(path, p);
-
+
all_string_sub(path, "/", "\\", 0);
- decoding:
- decode_urlpart(path, sizeof(pstring));
- decode_urlpart(server, sizeof(fstring));
- decode_urlpart(share, sizeof(fstring));
- decode_urlpart(user, sizeof(fstring));
- decode_urlpart(password, sizeof(fstring));
-
return 0;
}
@@ -355,16 +267,15 @@ int smbc_remove_unused_server(SMBCCTX * context, SMBCSRV * srv)
*/
SMBCSRV *smbc_server(SMBCCTX *context,
- const char *server, const char *share,
- fstring workgroup, fstring username,
- fstring password)
+ char *server, char *share,
+ char *workgroup, char *username,
+ char *password)
{
SMBCSRV *srv=NULL;
int auth_called = 0;
struct cli_state c;
struct nmb_name called, calling;
- char *p;
- const char *server_n = server;
+ char *p, *server_n = server;
fstring group;
pstring ipenv;
struct in_addr ip;
@@ -818,6 +729,27 @@ static int smbc_close_ctx(SMBCCTX *context, SMBCFILE *file)
}
+ if (!file->file) {
+
+ return context->closedir(context, file);
+
+ }
+
+ if (!cli_close(&file->srv->cli, file->cli_fd)) {
+ DEBUG(3, ("cli_close failed on %s. purging server.\n",
+ file->fname));
+ /* Deallocate slot and remove the server
+ * from the server cache if unused */
+ errno = smbc_errno(context, &file->srv->cli);
+ srv = file->srv;
+ DLIST_REMOVE(context->internal->_files, file);
+ SAFE_FREE(file->fname);
+ SAFE_FREE(file);
+ context->callbacks.remove_unused_server_fn(context, srv);
+
+ return -1;
+ }
+
DLIST_REMOVE(context->internal->_files, file);
SAFE_FREE(file->fname);
SAFE_FREE(file);
@@ -1071,16 +1003,12 @@ static off_t smbc_lseek_ctx(SMBCCTX *context, SMBCFILE *file, off_t offset, int
case SEEK_END:
if (!cli_qfileinfo(&file->srv->cli, file->cli_fd, NULL, &size, NULL, NULL,
- NULL, NULL, NULL))
- {
- SMB_BIG_UINT b_size = size;
- if (!cli_getattrE(&file->srv->cli, file->cli_fd, NULL, &b_size, NULL, NULL,
- NULL))
- {
+ NULL, NULL, NULL) &&
+ !cli_getattrE(&file->srv->cli, file->cli_fd, NULL, &size, NULL, NULL,
+ NULL)) {
+
errno = EINVAL;
return -1;
- } else
- size = b_size;
}
file->offset = size + offset;
break;
@@ -1278,15 +1206,12 @@ static int smbc_fstat_ctx(SMBCCTX *context, SMBCFILE *file, struct stat *st)
}
if (!cli_qfileinfo(&file->srv->cli, file->cli_fd,
- &mode, &size, &c_time, &a_time, &m_time, NULL, &ino)) {
- SMB_BIG_UINT b_size = size;
- if (!cli_getattrE(&file->srv->cli, file->cli_fd,
- &mode, &b_size, &c_time, &a_time, &m_time)) {
+ &mode, &size, &c_time, &a_time, &m_time, NULL, &ino) &&
+ !cli_getattrE(&file->srv->cli, file->cli_fd,
+ &mode, &size, &c_time, &a_time, &m_time)) {
errno = EINVAL;
return -1;
- } else
- size = b_size;
}
@@ -1339,13 +1264,6 @@ static int add_dirent(SMBCFILE *dir, const char *name, const char *comment, uint
{
struct smbc_dirent *dirent;
int size;
- char *u_name = NULL, *u_comment = NULL;
- size_t u_name_len = 0, u_comment_len = 0;
-
- if (name)
- u_name_len = push_utf8_allocate(&u_name, name);
- if (comment)
- u_comment_len = push_utf8_allocate(&u_comment, comment);
/*
* Allocate space for the dirent, which must be increased by the
@@ -1353,7 +1271,8 @@ static int add_dirent(SMBCFILE *dir, const char *name, const char *comment, uint
* The null on the name is already accounted for.
*/
- size = sizeof(struct smbc_dirent) + u_name_len + u_comment_len + 1;
+ size = sizeof(struct smbc_dirent) + (name?strlen(name):0) +
+ (comment?strlen(comment):0) + 1;
dirent = malloc(size);
@@ -1402,17 +1321,14 @@ static int add_dirent(SMBCFILE *dir, const char *name, const char *comment, uint
dir->dir_end->dirent = dirent;
dirent->smbc_type = type;
- dirent->namelen = u_name_len;
- dirent->commentlen = u_comment_len;
+ dirent->namelen = (name?strlen(name):0);
+ dirent->commentlen = (comment?strlen(comment):0);
dirent->dirlen = size;
- strncpy(dirent->name, (u_name?u_name:""), dirent->namelen + 1);
+ strncpy(dirent->name, (name?name:""), dirent->namelen + 1);
dirent->comment = (char *)(&dirent->name + dirent->namelen + 1);
- strncpy(dirent->comment, (u_comment?u_comment:""), dirent->commentlen + 1);
-
- SAFE_FREE(u_comment);
- SAFE_FREE(u_name);
+ strncpy(dirent->comment, (comment?comment:""), dirent->commentlen + 1);
return 0;
@@ -1478,8 +1394,7 @@ dir_list_fn(file_info *finfo, const char *mask, void *state)
static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname)
{
- fstring server, share, user, password;
- pstring workgroup;
+ fstring server, share, user, password, workgroup;
pstring path;
SMBCSRV *srv = NULL;
SMBCFILE *dir = NULL;
@@ -1487,29 +1402,29 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname)
if (!context || !context->internal ||
!context->internal->_initialized) {
- DEBUG(4, ("no valid context\n"));
+
errno = EINVAL;
return NULL;
}
if (!fname) {
- DEBUG(4, ("no valid fname\n"));
+
errno = EINVAL;
return NULL;
+
}
if (smbc_parse_path(context, fname, server, share, path, user, password)) {
- DEBUG(4, ("no valid path\n"));
+
errno = EINVAL;
return NULL;
- }
- DEBUG(4, ("parsed path: fname='%s' server='%s' share='%s' path='%s'\n", fname, server, share, path));
+ }
if (user[0] == (char)0) fstrcpy(user, context->user);
- pstrcpy(workgroup, context->workgroup);
+ fstrcpy(workgroup, context->workgroup);
dir = malloc(sizeof(*dir));
@@ -1530,74 +1445,64 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname)
dir->dir_list = dir->dir_next = dir->dir_end = NULL;
if (server[0] == (char)0) {
- struct in_addr server_ip;
- if (share[0] != (char)0 || path[0] != (char)0) {
+ if (share[0] != (char)0 || path[0] != (char)0) {
+
errno = EINVAL;
if (dir) {
SAFE_FREE(dir->fname);
SAFE_FREE(dir);
}
return NULL;
+
}
/* We have server and share and path empty ... so list the workgroups */
/* first try to get the LMB for our workgroup, and if that fails, */
/* try the DMB */
- pstrcpy(workgroup, lp_workgroup());
-
- if (!find_master_ip(workgroup, &server_ip)) {
- struct user_auth_info u_info;
- struct cli_state *cli;
+ if (!(resolve_name(context->workgroup, &rem_ip, 0x1d) ||
+ resolve_name(context->workgroup, &rem_ip, 0x1b))) {
+
+ errno = EINVAL; /* Something wrong with smb.conf? */
+ return NULL;
- DEBUG(4, ("Unable to find master browser for workgroup %s\n",
- workgroup));
+ }
- /* find the name of the server ... */
- pstrcpy(u_info.username, user);
- pstrcpy(u_info.password, password);
+ dir->dir_type = SMBC_WORKGROUP;
- if (!(cli = get_ipc_connect_master_ip_bcast(workgroup, &u_info))) {
- DEBUG(4, ("Unable to find master browser by "
- "broadcast\n"));
- errno = ENOENT;
- return NULL;
- }
+ /* find the name of the server ... */
- fstrcpy(server, cli->desthost);
+ if (!name_status_find("*", 0, 0, rem_ip, server)) {
- cli_shutdown(cli);
- } else {
- if (!name_status_find("*", 0, 0, server_ip, server)) {
- errno = ENOENT;
+ DEBUG(0,("Could not get the name of local/domain master browser for server %s\n", server));
+ errno = EINVAL;
return NULL;
- }
- }
- DEBUG(4, ("using workgroup %s %s\n", workgroup, server));
+ }
- /*
- * Get a connection to IPC$ on the server if we do not already have one
- */
+ /*
+ * Get a connection to IPC$ on the server if we do not already have one
+ */
srv = smbc_server(context, server, "IPC$", workgroup, user, password);
- if (!srv) {
-
- if (dir) {
- SAFE_FREE(dir->fname);
- SAFE_FREE(dir);
- }
- return NULL;
- }
-
+ if (!srv) {
+
+ if (dir) {
+ SAFE_FREE(dir->fname);
+ SAFE_FREE(dir);
+ }
+
+ return NULL;
+
+ }
+
dir->srv = srv;
- dir->dir_type = SMBC_WORKGROUP;
/* Now, list the stuff ... */
- if (!cli_NetServerEnum(&srv->cli, workgroup, SV_TYPE_DOMAIN_ENUM, list_fn,
+ if (!cli_NetServerEnum(&srv->cli, workgroup, 0x80000000, list_fn,
(void *)dir)) {
if (dir) {
@@ -1655,7 +1560,7 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname)
srv = smbc_server(context, buserver, "IPC$", workgroup, user, password);
if (!srv) {
- DEBUG(0, ("got no contact to IPC$\n"));
+
if (dir) {
SAFE_FREE(dir->fname);
SAFE_FREE(dir);
@@ -2153,7 +2058,6 @@ static int smbc_rmdir_ctx(SMBCCTX *context, const char *fname)
static off_t smbc_telldir_ctx(SMBCCTX *context, SMBCFILE *dir)
{
- off_t ret_val; /* Squash warnings about cast */
if (!context || !context->internal ||
!context->internal->_initialized) {
@@ -2177,11 +2081,7 @@ static off_t smbc_telldir_ctx(SMBCCTX *context, SMBCFILE *dir)
}
- /*
- * We return the pointer here as the offset
- */
- ret_val = (int)dir->dir_next;
- return ret_val;
+ return (off_t) dir->dir_next;
}
@@ -2221,9 +2121,8 @@ struct smbc_dir_list *smbc_check_dir_ent(struct smbc_dir_list *list,
static int smbc_lseekdir_ctx(SMBCCTX *context, SMBCFILE *dir, off_t offset)
{
- long int l_offset = offset; /* Handle problems of size */
- struct smbc_dirent *dirent = (struct smbc_dirent *)l_offset;
- struct smbc_dir_list *list_ent = (struct smbc_dir_list *)NULL;
+ struct smbc_dirent *dirent = (struct smbc_dirent *)offset;
+ struct smbc_dir_list *list_ent = NULL;
if (!context || !context->internal ||
!context->internal->_initialized) {
@@ -2670,10 +2569,10 @@ SMBCCTX * smbc_init_context(SMBCCTX * context)
if (!smbc_initialized) {
/* Do some library wide intialisations the first time we get called */
- /* Set this to what the user wants */
- DEBUGLEVEL = context->debug;
+ /* Do we still need this ? */
+ DEBUGLEVEL = 10;
- setup_logging( "libsmbclient", True);
+ setup_logging( "libsmbclient", False);
/* Here we would open the smb.conf file if needed ... */
@@ -2688,16 +2587,13 @@ SMBCCTX * smbc_init_context(SMBCCTX * context)
if (!lp_load(conf, True, False, False)) {
/*
- * Well, if that failed, try the dyn_CONFIGFILE
- * Which points to the standard locn, and if that
- * fails, silently ignore it and use the internal
- * defaults ...
+ * Hmmm, what the hell do we do here ... we could not parse the
+ * config file ... We must return an error ... and keep info around
+ * about why we failed
*/
-
- if (!lp_load(dyn_CONFIGFILE, True, False, False)) {
- DEBUG(5, ("Could not load either config file: %s or %s\n",
- conf, dyn_CONFIGFILE));
- }
+
+ errno = ENOENT; /* FIXME: Figure out the correct error response */
+ return NULL;
}
reopen_logs(); /* Get logging working ... */
@@ -2744,8 +2640,8 @@ SMBCCTX * smbc_init_context(SMBCCTX * context)
slprintf(context->netbios_name, 16, "smbc%s%d", context->user, pid);
}
}
-
- DEBUG(1, ("Using netbios name %s.\n", context->netbios_name));
+ DEBUG(0,("Using netbios name %s.\n", context->netbios_name));
+
if (!context->workgroup) {
if (lp_workgroup()) {
@@ -2756,8 +2652,7 @@ SMBCCTX * smbc_init_context(SMBCCTX * context)
context->workgroup = strdup("samba");
}
}
-
- DEBUG(1, ("Using workgroup %s.\n", context->workgroup));
+ DEBUG(0,("Using workgroup %s.\n", context->workgroup));
/* shortest timeout is 1 second */
if (context->timeout > 0 && context->timeout < 1000)
diff --git a/source3/libsmb/netlogon_unigrp.c b/source3/libsmb/netlogon_unigrp.c
index 466410d800..fa2fe32f35 100644
--- a/source3/libsmb/netlogon_unigrp.c
+++ b/source3/libsmb/netlogon_unigrp.c
@@ -22,7 +22,6 @@
*/
#include "includes.h"
-#define UNIGROUP_PREFIX "UNIGROUP"
/*
Handle for netlogon_unigrp.tdb database. It is used internally
@@ -51,22 +50,17 @@ BOOL uni_group_cache_init(void)
BOOL uni_group_cache_store_netlogon(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user)
{
TDB_DATA key,data;
- fstring keystr, sid_string;
- DOM_SID user_sid;
- unsigned int i;
+ fstring keystr;
+ int i;
if (!uni_group_cache_init()) {
DEBUG(0,("uni_group_cache_store_netlogon: cannot open netlogon_unigrp.tdb for write!\n"));
return False;
}
- sid_copy(&user_sid, &user->dom_sid.sid);
- sid_append_rid(&user_sid, user->user_rid);
-
- /* Prepare key as USER-SID string */
- slprintf(keystr, sizeof(keystr), "%s/%s",
- UNIGROUP_PREFIX,
- sid_to_string(sid_string, &user_sid));
+ /* Prepare key as DOMAIN-SID/USER-RID string */
+ slprintf(keystr, sizeof(keystr), "%s/%d",
+ sid_string_static(&user->dom_sid.sid), user->user_rid);
key.dptr = keystr;
key.dsize = strlen(keystr) + 1;
@@ -96,15 +90,14 @@ BOOL uni_group_cache_store_netlogon(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user)
and elements are array[0] ... array[num_elements-1]
*/
-DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid,
+uint32* uni_group_cache_fetch(DOM_SID *domain, uint32 user_rid,
TALLOC_CTX *mem_ctx, uint32 *num_groups)
{
TDB_DATA key,data;
fstring keystr;
- DOM_SID **groups;
+ uint32 *groups;
uint32 i;
uint32 group_count;
- fstring sid_string;
if (!domain) {
DEBUG(1,("uni_group_cache_fetch: expected non-null domain sid\n"));
@@ -130,9 +123,8 @@ DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid,
*num_groups = 0;
/* Fetch universal groups */
- slprintf(keystr, sizeof(keystr), "%s/%s",
- UNIGROUP_PREFIX,
- sid_to_string(sid_string, user_sid));
+ slprintf(keystr, sizeof(keystr), "%s/%d",
+ sid_string_static(domain), user_rid);
key.dptr = keystr;
key.dsize = strlen(keystr) + 1;
data = tdb_fetch(netlogon_unigrp_tdb, key);
@@ -144,17 +136,12 @@ DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid,
/* Transfer data to receiver's memory context */
group_count = IVAL(&((uint32*)data.dptr)[0],0);
- groups = talloc(mem_ctx, (group_count)*sizeof(*groups));
+ groups = talloc(mem_ctx, (group_count)*sizeof(uint32));
if (groups) {
for(i=0; i<group_count; i++) {
- groups[i] = talloc(mem_ctx, sizeof(**groups));
- if (!groups[i]) {
- DEBUG(1,("uni_group_cache_fetch: cannot allocate uni groups in receiver's memory context\n"));
- return NULL;
- }
- sid_copy(groups[i], domain);
- sid_append_rid(groups[i], IVAL(&((uint32*)data.dptr)[i+1],0));
+ groups[i] = IVAL(&((uint32*)data.dptr)[i+1],0);
}
+
} else {
DEBUG(1,("uni_group_cache_fetch: cannot allocate uni groups in receiver's memory context\n"));
}
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index d54655d17f..c179b98abf 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -385,7 +385,7 @@ NTSTATUS ntlmssp_server_update(NTLMSSP_STATE *ntlmssp_state,
} else if (ntlmssp_command == NTLMSSP_AUTH) {
return ntlmssp_server_auth(ntlmssp_state, request, reply);
} else {
- DEBUG(1, ("unknown NTLMSSP command %u, expected %u\n", ntlmssp_command, ntlmssp_state->expected_state));
+ DEBUG(1, ("unknown NTLMSSP command %u expected %u\n", ntlmssp_command, ntlmssp_state->expected_state));
return NT_STATUS_INVALID_PARAMETER;
}
}
diff --git a/source3/libsmb/ntlmssp_sign.c b/source3/libsmb/ntlmssp_sign.c
index 5426263fb9..8f6bd0c691 100644
--- a/source3/libsmb/ntlmssp_sign.c
+++ b/source3/libsmb/ntlmssp_sign.c
@@ -92,14 +92,8 @@ static void calc_ntlmv2_hash(unsigned char hash[16], char digest[16],
calc_hash(hash, digest, 16);
}
-enum ntlmssp_direction {
- NTLMSSP_SEND,
- NTLMSSP_RECEIVE
-};
-
static NTSTATUS ntlmssp_make_packet_signiture(NTLMSSP_CLIENT_STATE *ntlmssp_state,
const uchar *data, size_t length,
- enum ntlmssp_direction direction,
DATA_BLOB *sig)
{
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
@@ -116,14 +110,8 @@ static NTSTATUS ntlmssp_make_packet_signiture(NTLMSSP_CLIENT_STATE *ntlmssp_stat
if (!msrpc_gen(sig, "Bd", digest, sizeof(digest), ntlmssp_state->ntlmssp_seq_num)) {
return NT_STATUS_NO_MEMORY;
}
- switch (direction) {
- case NTLMSSP_SEND:
- NTLMSSPcalc_ap(ntlmssp_state->cli_sign_hash, sig->data, sig->length);
- break;
- case NTLMSSP_RECEIVE:
- NTLMSSPcalc_ap(ntlmssp_state->cli_sign_hash, sig->data, sig->length);
- break;
- }
+
+ NTLMSSPcalc_ap(ntlmssp_state->cli_seal_hash, sig->data, sig->length);
} else {
uint32 crc;
crc = crc32_calc_buffer(data, length);
@@ -141,7 +129,7 @@ NTSTATUS ntlmssp_client_sign_packet(NTLMSSP_CLIENT_STATE *ntlmssp_state,
DATA_BLOB *sig)
{
ntlmssp_state->ntlmssp_seq_num++;
- return ntlmssp_make_packet_signiture(ntlmssp_state, data, length, NTLMSSP_SEND, sig);
+ return ntlmssp_make_packet_signiture(ntlmssp_state, data, length, sig);
}
/**
@@ -163,7 +151,7 @@ NTSTATUS ntlmssp_client_check_packet(NTLMSSP_CLIENT_STATE *ntlmssp_state,
}
nt_status = ntlmssp_make_packet_signiture(ntlmssp_state, data,
- length, NTLMSSP_RECEIVE, &local_sig);
+ length, &local_sig);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("NTLMSSP packet check failed with %s\n", nt_errstr(nt_status)));
@@ -173,12 +161,6 @@ NTSTATUS ntlmssp_client_check_packet(NTLMSSP_CLIENT_STATE *ntlmssp_state,
if (memcmp(sig->data, local_sig.data, MIN(sig->length, local_sig.length)) == 0) {
return NT_STATUS_OK;
} else {
- DEBUG(5, ("BAD SIG: wanted signature of\n"));
- dump_data(5, local_sig.data, local_sig.length);
-
- DEBUG(5, ("BAD SIG: got signature of\n"));
- dump_data(5, sig->data, sig->length);
-
DEBUG(0, ("NTLMSSP packet check failed due to invalid signiture!\n"));
return NT_STATUS_ACCESS_DENIED;
}
diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c
index 4e9b895a1b..9bbf7ef91c 100644
--- a/source3/libsmb/smb_signing.c
+++ b/source3/libsmb/smb_signing.c
@@ -160,6 +160,11 @@ static BOOL cli_simple_check_incoming_message(struct cli_state *cli)
SIVAL(sequence_buf, 0, data->reply_seq_num);
SIVAL(sequence_buf, 4, 0);
+ if (smb_len(cli->inbuf) < (offset_end_of_sig - 4)) {
+ DEBUG(1, ("Can't check signature on short packet! smb_len = %u\n", smb_len(cli->inbuf)));
+ return False;
+ }
+
/* get a copy of the server-sent mac */
memcpy(server_sent_mac, &cli->inbuf[smb_ss_field], sizeof(server_sent_mac));
@@ -270,7 +275,7 @@ static BOOL cli_ntlmssp_check_incoming_message(struct cli_state *cli)
{
BOOL good;
NTSTATUS nt_status;
- DATA_BLOB sig = data_blob(&cli->inbuf[smb_ss_field], 8);
+ DATA_BLOB sig = data_blob(&cli->outbuf[smb_ss_field], 8);
NTLMSSP_CLIENT_STATE *ntlmssp_state = cli->sign_info.signing_context;
@@ -455,14 +460,8 @@ void cli_caclulate_sign_mac(struct cli_state *cli)
BOOL cli_check_sign_mac(struct cli_state *cli)
{
BOOL good;
-
- if (smb_len(cli->inbuf) < (smb_ss_field + 8 - 4)) {
- DEBUG(cli->sign_info.doing_signing ? 1 : 10, ("Can't check signature on short packet! smb_len = %u\n", smb_len(cli->inbuf)));
- good = False;
- } else {
- good = cli->sign_info.check_incoming_message(cli);
- }
-
+ good = cli->sign_info.check_incoming_message(cli);
+
if (!good) {
if (cli->sign_info.doing_signing) {
return False;
diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trust_passwd.c
index b8f84ba890..cf9fd58b13 100644
--- a/source3/libsmb/trusts_util.c
+++ b/source3/libsmb/trust_passwd.c
@@ -1,8 +1,7 @@
/*
* Unix SMB/CIFS implementation.
- * Routines to operate on various trust relationships
- * Copyright (C) Andrew Bartlett 2001
- * Copyright (C) Rafal Szczesniak 2003
+ * Routines to change trust account passwords.
+ * Copyright (C) Andrew Bartlett 2001.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -114,63 +113,4 @@ NTSTATUS trust_pw_find_change_and_store_it(struct cli_state *cli, TALLOC_CTX *me
return trust_pw_change_and_store_it(cli, mem_ctx, old_trust_passwd_hash);
-}
-
-
-/**
- * Verify whether or not given domain is trusted.
- *
- * @param domain_name name of the domain to be verified
- * @return true if domain is one of the trusted once or
- * false if otherwise
- **/
-
-BOOL is_trusted_domain(const char* dom_name)
-{
- int enum_ctx = 0;
- const int trustdom_size = 10;
- int num_domains, i;
- TRUSTDOM **domains;
- NTSTATUS result;
- fstring trustdom_name;
- DOM_SID trustdom_sid;
- TALLOC_CTX *mem_ctx;
-
- /*
- * Query the secrets db as an ultimate source of information
- * about trusted domain names. This is PDC or BDC case.
- */
- mem_ctx = talloc_init("is_trusted_domain");
-
- do {
- result = secrets_get_trusted_domains(mem_ctx, &enum_ctx, trustdom_size,
- &num_domains, &domains);
- /* compare each returned entry against incoming connection's domain */
- for (i = 0; i < num_domains; i++) {
- pull_ucs2_fstring(trustdom_name, domains[i]->name);
- if (strequal(trustdom_name, dom_name)) {
- talloc_destroy(mem_ctx);
- return True;
- }
- }
- } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
-
- talloc_destroy(mem_ctx);
-
- /*
- * Query the trustdom_cache updated periodically. The only
- * way for domain member server.
- */
- if (trustdom_cache_enable() &&
- trustdom_cache_fetch(dom_name, &trustdom_sid)) {
- trustdom_cache_shutdown();
- return True;
- }
-
- /*
- * if nothing's been found, then give up here, although
- * the last resort might be to query the PDC.
- */
- return False;
-}
-
+}
diff --git a/source3/mainpage.dox b/source3/mainpage.dox
new file mode 100644
index 0000000000..8b72f80462
--- /dev/null
+++ b/source3/mainpage.dox
@@ -0,0 +1,7 @@
+/**
+
+@mainpage
+
+@li \ref CodingSuggestions
+
+**/
diff --git a/source3/modules/developer.c b/source3/modules/developer.c
deleted file mode 100644
index 7ffc3ff50d..0000000000
--- a/source3/modules/developer.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Samba module with developer tools
- Copyright (C) Andrew Tridgell 2001
- Copyright (C) Jelmer Vernooij 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-static struct {
- char from;
- char *to;
- int len;
-} weird_table[] = {
- {'q', "^q^", 3},
- {'Q', "^Q^", 3},
- {0, NULL}
-};
-
-static size_t weird_pull(void *cd, char **inbuf, size_t *inbytesleft,
- char **outbuf, size_t *outbytesleft)
-{
- while (*inbytesleft >= 1 && *outbytesleft >= 2) {
- int i;
- int done = 0;
- for (i=0;weird_table[i].from;i++) {
- if (strncmp((*inbuf),
- weird_table[i].to,
- weird_table[i].len) == 0) {
- if (*inbytesleft < weird_table[i].len) {
- DEBUG(0,("ERROR: truncated weird string\n"));
- /* smb_panic("weird_pull"); */
-
- } else {
- (*outbuf)[0] = weird_table[i].from;
- (*outbuf)[1] = 0;
- (*inbytesleft) -= weird_table[i].len;
- (*outbytesleft) -= 2;
- (*inbuf) += weird_table[i].len;
- (*outbuf) += 2;
- done = 1;
- break;
- }
- }
- }
- if (done) continue;
- (*outbuf)[0] = (*inbuf)[0];
- (*outbuf)[1] = 0;
- (*inbytesleft) -= 1;
- (*outbytesleft) -= 2;
- (*inbuf) += 1;
- (*outbuf) += 2;
- }
-
- if (*inbytesleft > 0) {
- errno = E2BIG;
- return -1;
- }
-
- return 0;
-}
-
-static size_t weird_push(void *cd, char **inbuf, size_t *inbytesleft,
- char **outbuf, size_t *outbytesleft)
-{
- int ir_count=0;
-
- while (*inbytesleft >= 2 && *outbytesleft >= 1) {
- int i;
- int done=0;
- for (i=0;weird_table[i].from;i++) {
- if ((*inbuf)[0] == weird_table[i].from &&
- (*inbuf)[1] == 0) {
- if (*outbytesleft < weird_table[i].len) {
- DEBUG(0,("No room for weird character\n"));
- /* smb_panic("weird_push"); */
- } else {
- memcpy(*outbuf, weird_table[i].to,
- weird_table[i].len);
- (*inbytesleft) -= 2;
- (*outbytesleft) -= weird_table[i].len;
- (*inbuf) += 2;
- (*outbuf) += weird_table[i].len;
- done = 1;
- break;
- }
- }
- }
- if (done) continue;
-
- (*outbuf)[0] = (*inbuf)[0];
- if ((*inbuf)[1]) ir_count++;
- (*inbytesleft) -= 2;
- (*outbytesleft) -= 1;
- (*inbuf) += 2;
- (*outbuf) += 1;
- }
-
- if (*inbytesleft == 1) {
- errno = EINVAL;
- return -1;
- }
-
- if (*inbytesleft > 1) {
- errno = E2BIG;
- return -1;
- }
-
- return ir_count;
-}
-
-struct charset_functions weird_functions = {"WEIRD", weird_pull, weird_push};
-
-int charset_weird_init(void)
-{
- smb_register_charset(&weird_functions);
- return True;
-}
diff --git a/source3/modules/vfs_audit.c b/source3/modules/vfs_audit.c
index fa9bf67a67..1944c98e53 100644
--- a/source3/modules/vfs_audit.c
+++ b/source3/modules/vfs_audit.c
@@ -98,9 +98,10 @@ static vfs_op_tuple audit_ops[] = {
/* VFS initialisation function. Return vfs_op_tuple array back to SAMBA. */
-static vfs_op_tuple *audit_init(const struct vfs_ops *def_vfs_ops,
+vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops,
struct smb_vfs_handle_struct *vfs_handle)
{
+ *vfs_version = SMB_VFS_INTERFACE_VERSION;
memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
audit_handle = vfs_handle;
@@ -110,6 +111,12 @@ static vfs_op_tuple *audit_init(const struct vfs_ops *def_vfs_ops,
return audit_ops;
}
+/* VFS finalization function. */
+void vfs_done(connection_struct *conn)
+{
+ syslog(SYSLOG_PRIORITY, "VFS_DONE: vfs module unloaded\n");
+}
+
/* Implementation of vfs_ops. Pass everything on to the default
operation but log event first. */
@@ -269,8 +276,3 @@ static int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode)
return result;
}
-
-int vfs_audit_init(void)
-{
- return smb_register_vfs("audit", audit_init, SMB_VFS_INTERFACE_VERSION);
-}
diff --git a/source3/modules/vfs_extd_audit.c b/source3/modules/vfs_extd_audit.c
index f60acab36a..c75dc1d09c 100644
--- a/source3/modules/vfs_extd_audit.c
+++ b/source3/modules/vfs_extd_audit.c
@@ -99,9 +99,10 @@ static vfs_op_tuple audit_ops[] = {
/* VFS initialisation function. Return vfs_op_tuple array back to SAMBA. */
-static vfs_op_tuple *audit_init(const struct vfs_ops *def_vfs_ops,
+vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops,
struct smb_vfs_handle_struct *vfs_handle)
{
+ *vfs_version = SMB_VFS_INTERFACE_VERSION;
memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
audit_handle = vfs_handle;
@@ -112,6 +113,13 @@ static vfs_op_tuple *audit_init(const struct vfs_ops *def_vfs_ops,
return audit_ops;
}
+/* VFS finalization function. */
+
+void vfs_done(connection_struct *conn)
+{
+ syslog(SYSLOG_PRIORITY, "VFS_DONE: vfs module unloaded\n");
+}
+
/* Implementation of vfs_ops. Pass everything on to the default
operation but log event first. */
@@ -309,8 +317,3 @@ static int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode)
return result;
}
-
-int vfs_extd_audit_init(void)
-{
- return smb_register_vfs("extd_audit", audit_init, SMB_VFS_INTERFACE_VERSION);
-}
diff --git a/source3/modules/vfs_netatalk.c b/source3/modules/vfs_netatalk.c
index c9e3cde621..b69a900e14 100644
--- a/source3/modules/vfs_netatalk.c
+++ b/source3/modules/vfs_netatalk.c
@@ -410,9 +410,10 @@ static vfs_op_tuple atalk_ops[] = {
};
/* VFS initialisation function. Return vfs_op_tuple array back to SAMBA. */
-static vfs_op_tuple *netatalk_init(const struct vfs_ops *def_vfs_ops,
+vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops,
struct smb_vfs_handle_struct *vfs_handle)
{
+ *vfs_version = SMB_VFS_INTERFACE_VERSION;
memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
atalk_handle = vfs_handle;
@@ -421,7 +422,8 @@ static vfs_op_tuple *netatalk_init(const struct vfs_ops *def_vfs_ops,
return atalk_ops;
}
-int vfs_netatalk_init(void)
+/* VFS finalization function. */
+void vfs_done(connection_struct *conn)
{
- return smb_register_vfs("netatalk", netatalk_init, SMB_VFS_INTERFACE_VERSION);
+ DEBUG(3, ("ATALK: vfs module unloaded\n"));
}
diff --git a/source3/modules/vfs_recycle.c b/source3/modules/vfs_recycle.c
index 3a23e1a365..fd4675cb96 100644
--- a/source3/modules/vfs_recycle.c
+++ b/source3/modules/vfs_recycle.c
@@ -37,7 +37,7 @@ static const char *delimiter = "|"; /* delimiter for options */
typedef struct recycle_bin_struct
{
- TALLOC_CTX *mem_ctx;
+ TALLOC_CTX *ctx;
char *repository; /* name of the recycle bin directory */
BOOL keep_dir_tree; /* keep directory structure of deleted file in recycle bin */
BOOL versions; /* create versions of deleted files with identical name */
@@ -48,19 +48,6 @@ typedef struct recycle_bin_struct
SMB_OFF_T maxsize; /* maximum file size to be saved */
} recycle_bin_struct;
-typedef struct recycle_bin_connections {
- int conn;
- recycle_bin_struct *data;
- struct recycle_bin_connections *next;
-} recycle_bin_connections;
-
-typedef struct recycle_bin_private_data {
- TALLOC_CTX *mem_ctx;
- recycle_bin_connections *conns;
-} recycle_bin_private_data;
-
-struct smb_vfs_handle_struct *recycle_bin_private_handle;
-
/* VFS operations */
static struct vfs_ops default_vfs_ops; /* For passthrough operation */
@@ -82,17 +69,26 @@ static vfs_op_tuple recycle_ops[] = {
{NULL, SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
};
+static BOOL check_bool_param(const char *value)
+{
+ if (strwicmp(value, "yes") == 0 ||
+ strwicmp(value, "true") == 0 ||
+ strwicmp(value, "1") == 0)
+ return True;
+
+ return False;
+}
+
/**
* VFS initialisation function.
*
* @retval initialised vfs_op_tuple array
**/
-static vfs_op_tuple *recycle_init(const struct vfs_ops *def_vfs_ops,
+vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops,
struct smb_vfs_handle_struct *vfs_handle)
{
- TALLOC_CTX *mem_ctx = NULL;
-
DEBUG(10, ("Initializing VFS module recycle\n"));
+ *vfs_version = SMB_VFS_INTERFACE_VERSION;
memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
vfs_recycle_debug_level = debug_add_class("vfs_recycle_bin");
if (vfs_recycle_debug_level == -1) {
@@ -102,55 +98,41 @@ static vfs_op_tuple *recycle_init(const struct vfs_ops *def_vfs_ops,
DEBUG(0, ("vfs_recycle: Debug class number of 'vfs_recycle': %d\n", vfs_recycle_debug_level));
}
- recycle_bin_private_handle = vfs_handle;
- if (!(mem_ctx = talloc_init("recycle bin data"))) {
- DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n"));
- return NULL;
- }
-
- recycle_bin_private_handle->data = talloc(mem_ctx, sizeof(recycle_bin_private_data));
- if (recycle_bin_private_handle->data == NULL) {
- DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n"));
- return NULL;
- }
- ((recycle_bin_private_data *)(recycle_bin_private_handle->data))->mem_ctx = mem_ctx;
- ((recycle_bin_private_data *)(recycle_bin_private_handle->data))->conns = NULL;
-
return recycle_ops;
}
+/**
+ * VFS finalization function.
+ *
+ **/
+void vfs_done(connection_struct *conn)
+{
+ DEBUG(10,("Called for connection %d\n", SNUM(conn)));
+}
+
static int recycle_connect(struct connection_struct *conn, const char *service, const char *user)
{
TALLOC_CTX *ctx = NULL;
recycle_bin_struct *recbin;
- recycle_bin_connections *recconn;
- recycle_bin_connections *recconnbase;
- recycle_bin_private_data *recdata;
+ char *servicename;
char *tmp_str;
DEBUG(10, ("Called for service %s (%d) as user %s\n", service, SNUM(conn), user));
- if (recycle_bin_private_handle)
- recdata = (recycle_bin_private_data *)(recycle_bin_private_handle->data);
- else {
- DEBUG(0, ("Recycle bin not initialized!\n"));
- return -1;
- }
-
- if (!(ctx = talloc_init("recycle bin connection"))) {
+ if (!(ctx = talloc_init("recycle bin"))) {
DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n"));
- return -1;
+ return 0;
}
- recbin = talloc(ctx, sizeof(recycle_bin_struct));
- if (recbin == NULL) {
+ recbin = talloc(ctx,sizeof(recycle_bin_struct));
+ if ( recbin == NULL) {
DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n"));
return -1;
}
- recbin->mem_ctx = ctx;
+ recbin->ctx = ctx;
/* Set defaults */
- recbin->repository = talloc_strdup(recbin->mem_ctx, ".recycle");
+ recbin->repository = talloc_strdup(ctx, ".recycle");
ALLOC_CHECK(recbin->repository, error);
recbin->keep_dir_tree = False;
recbin->versions = False;
@@ -161,61 +143,55 @@ static int recycle_connect(struct connection_struct *conn, const char *service,
recbin->maxsize = 0;
/* parse configuration options */
- if ((tmp_str = lp_parm_string(SNUM(conn), "vfs_recycle_bin", "repository")) != NULL) {
- recbin->repository = talloc_sub_conn(recbin->mem_ctx, conn, tmp_str);
+ servicename = talloc_strdup(recbin->ctx, lp_servicename(SNUM(conn)));
+ DEBUG(10, ("servicename = %s\n",servicename));
+ if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "repository")) != NULL) {
+ recbin->repository = talloc_sub_conn(ctx, conn, tmp_str);
ALLOC_CHECK(recbin->repository, error);
trim_string(recbin->repository, "/", "/");
DEBUG(5, ("recycle.bin: repository = %s\n", recbin->repository));
}
-
- recbin->keep_dir_tree = lp_parm_bool(SNUM(conn), "vfs_recycle_bin", "keeptree");
- DEBUG(5, ("recycle.bin: keeptree = %d\n", recbin->keep_dir_tree));
-
- recbin->versions = lp_parm_bool(SNUM(conn), "vfs_recycle_bin", "versions");
- DEBUG(5, ("recycle.bin: versions = %d\n", recbin->versions));
-
- recbin->touch = lp_parm_bool(SNUM(conn), "vfs_recycle_bin", "touch");
- DEBUG(5, ("recycle.bin: touch = %d\n", recbin->touch));
-
- recbin->maxsize = lp_parm_ulong(SNUM(conn), "vfs_recycle_bin", "maxsize");
- if (recbin->maxsize == 0) {
- recbin->maxsize = -1;
- DEBUG(5, ("recycle.bin: maxsize = -infinite-\n"));
- } else {
- DEBUG(5, ("recycle.bin: maxsize = %ld\n", (long int)recbin->maxsize));
+ if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "keeptree")) != NULL) {
+ if (check_bool_param(tmp_str) == True)
+ recbin->keep_dir_tree = True;
+ DEBUG(5, ("recycle.bin: keeptree = %s\n", tmp_str));
+ }
+ if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "versions")) != NULL) {
+ if (check_bool_param(tmp_str) == True)
+ recbin->versions = True;
+ DEBUG(5, ("recycle.bin: versions = %s\n", tmp_str));
+ }
+ if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "touch")) != NULL) {
+ if (check_bool_param(tmp_str) == True)
+ recbin->touch = True;
+ DEBUG(5, ("recycle.bin: touch = %s\n", tmp_str));
+ }
+ if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "maxsize")) != NULL) {
+ recbin->maxsize = strtoul(tmp_str, NULL, 10);
+ if (recbin->maxsize == 0) {
+ recbin->maxsize = -1;
+ DEBUG(5, ("recycle.bin: maxsize = -infinite-\n"));
+ } else {
+ DEBUG(5, ("recycle.bin: maxsize = %ld\n", (long int)recbin->maxsize));
+ }
}
-
- if ((tmp_str = lp_parm_string(SNUM(conn), "vfs_recycle_bin", "exclude")) != NULL) {
- recbin->exclude = talloc_strdup(recbin->mem_ctx, tmp_str);
+ if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "exclude")) != NULL) {
+ recbin->exclude = talloc_strdup(ctx, tmp_str);
ALLOC_CHECK(recbin->exclude, error);
DEBUG(5, ("recycle.bin: exclude = %s\n", recbin->exclude));
}
- if ((tmp_str = lp_parm_string(SNUM(conn), "vfs_recycle_bin", "exclude_dir")) != NULL) {
- recbin->exclude_dir = talloc_strdup(recbin->mem_ctx, tmp_str);
+ if ((tmp_str = lp_parm_string(servicename,"vfs_recycle_bin", "exclude_dir")) != NULL) {
+ recbin->exclude_dir = talloc_strdup(ctx, tmp_str);
ALLOC_CHECK(recbin->exclude_dir, error);
DEBUG(5, ("recycle.bin: exclude_dir = %s\n", recbin->exclude_dir));
}
- if ((tmp_str = lp_parm_string(SNUM(conn), "vfs_recycle_bin", "noversions")) != NULL) {
- recbin->noversions = talloc_strdup(recbin->mem_ctx, tmp_str);
+ if ((tmp_str = lp_parm_string(servicename,"vfs_recycle_bin", "noversions")) != NULL) {
+ recbin->noversions = talloc_strdup(ctx, tmp_str);
ALLOC_CHECK(recbin->noversions, error);
DEBUG(5, ("recycle.bin: noversions = %s\n", recbin->noversions));
}
- recconn = talloc(recdata->mem_ctx, sizeof(recycle_bin_connections));
- if (recconn == NULL) {
- DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n"));
- goto error;
- }
- recconn->conn = SNUM(conn);
- recconn->data = recbin;
- recconn->next = NULL;
- if (recdata->conns) {
- recconnbase = recdata->conns;
- while (recconnbase->next != NULL) recconnbase = recconnbase->next;
- recconnbase->next = recconn;
- } else {
- recdata->conns = recconn;
- }
+ conn->vfs_private = (void *)recbin;
return default_vfs_ops.connect(conn, service, user);
error:
@@ -225,35 +201,10 @@ error:
static void recycle_disconnect(struct connection_struct *conn)
{
- recycle_bin_private_data *recdata;
- recycle_bin_connections *recconn;
-
DEBUG(10, ("Disconnecting VFS module recycle bin\n"));
-
- if (recycle_bin_private_handle)
- recdata = (recycle_bin_private_data *)(recycle_bin_private_handle->data);
- else {
- DEBUG(0, ("Recycle bin not initialized!\n"));
- return;
- }
-
- if (recdata) {
- if (recdata->conns) {
- if (recdata->conns->conn == SNUM(conn)) {
- talloc_destroy(recdata->conns->data->mem_ctx);
- recdata->conns = recdata->conns->next;
- } else {
- recconn = recdata->conns;
- while (recconn->next) {
- if (recconn->next->conn == SNUM(conn)) {
- talloc_destroy(recconn->next->data->mem_ctx);
- recconn->next = recconn->next->next;
- break;
- }
- recconn = recconn->next;
- }
- }
- }
+ if (conn->vfs_private) {
+ talloc_destroy(((recycle_bin_struct *)conn->vfs_private)->ctx);
+ conn->vfs_private = NULL;
}
default_vfs_ops.disconnect(conn);
}
@@ -438,35 +389,26 @@ static void recycle_touch(connection_struct *conn, const char *fname)
/**
* Check if file should be recycled
**/
-static int recycle_unlink(connection_struct *conn, const char *file_name)
+static int recycle_unlink(connection_struct *conn, const char *inname)
{
- recycle_bin_private_data *recdata;
- recycle_bin_connections *recconn;
recycle_bin_struct *recbin;
+ char *file_name = NULL;
char *path_name = NULL;
char *temp_name = NULL;
char *final_name = NULL;
- const char *base;
+ char *base;
int i;
-/* SMB_BIG_UINT dfree, dsize, bsize; */
- SMB_OFF_T file_size; /* space_avail; */
+ SMB_BIG_UINT dfree, dsize, bsize;
+ SMB_OFF_T file_size, space_avail;
BOOL exist;
int rc = -1;
- recbin = NULL;
- if (recycle_bin_private_handle) {
- recdata = (recycle_bin_private_data *)(recycle_bin_private_handle->data);
- if (recdata) {
- if (recdata->conns) {
- recconn = recdata->conns;
- while (recconn && recconn->conn != SNUM(conn)) recconn = recconn->next;
- if (recconn != NULL) {
- recbin = recconn->data;
- }
- }
- }
- }
- if (recbin == NULL) {
+ file_name = strdup(inname);
+ ALLOC_CHECK(file_name, done);
+
+ if (conn->vfs_private)
+ recbin = (recycle_bin_struct *)conn->vfs_private;
+ else {
DEBUG(0, ("Recycle bin not initialized!\n"));
rc = default_vfs_ops.unlink(conn, file_name);
goto done;
@@ -572,9 +514,10 @@ static int recycle_unlink(connection_struct *conn, const char *file_name)
}
}
- asprintf(&final_name, "%s/%s", temp_name, base);
+ final_name = (char *)malloc(PATH_MAX);
ALLOC_CHECK(final_name, done);
- DEBUG(10, ("recycle.bin: recycled file name: %s\n", temp_name)); /* new filename with path */
+ snprintf(final_name, PATH_MAX, "%s/%s", temp_name, base);
+ DEBUG(10, ("recycle.bin: recycled file name%s\n", temp_name)); /* new filename with path */
/* check if we should delete file from recycle bin */
if (recycle_file_exist(conn, final_name)) {
@@ -605,13 +548,9 @@ static int recycle_unlink(connection_struct *conn, const char *file_name)
recycle_touch(conn, final_name);
done:
+ SAFE_FREE(file_name);
SAFE_FREE(path_name);
SAFE_FREE(temp_name);
SAFE_FREE(final_name);
return rc;
}
-
-int vfs_recycle_init(void)
-{
- return smb_register_vfs("recycle", recycle_init, SMB_VFS_INTERFACE_VERSION);
-}
diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c
index eb8a36af55..7ce311b91b 100644
--- a/source3/nsswitch/winbindd.c
+++ b/source3/nsswitch/winbindd.c
@@ -895,13 +895,12 @@ int main(int argc, char **argv)
exit(1);
}
poptFreeContext(pc);
+ register_msg_pool_usage();
/* Loop waiting for requests */
process_loop();
- trustdom_cache_shutdown();
uni_group_cache_shutdown();
-
return 0;
}
diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h
index 2d9a0b5949..ad0d6fbc3b 100644
--- a/source3/nsswitch/winbindd.h
+++ b/source3/nsswitch/winbindd.h
@@ -4,7 +4,6 @@
Winbind daemon for ntdom nss module
Copyright (C) Tim Potter 2000
- Copyright (C) Anthony Liguori 2003
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public
@@ -66,8 +65,7 @@ struct getent_state {
struct getpwent_user {
fstring name; /* Account name */
fstring gecos; /* User information */
- DOM_SID user_sid; /* NT user and primary group SIDs */
- DOM_SID group_sid;
+ uint32 user_rid, group_rid; /* NT user and group rids */
};
/* Server state structure */
@@ -85,8 +83,8 @@ extern struct winbindd_state server_state; /* Server information */
typedef struct {
char *acct_name;
char *full_name;
- DOM_SID *user_sid; /* NT user and primary group SIDs */
- DOM_SID *group_sid;
+ uint32 user_rid;
+ uint32 group_rid; /* primary group */
} WINBIND_USERINFO;
/* Structures to hold per domain information */
@@ -142,7 +140,6 @@ struct winbindd_methods {
/* convert one user or group name to a sid */
NTSTATUS (*name_to_sid)(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
const char *name,
DOM_SID *sid,
enum SID_NAME_USE *type);
@@ -154,10 +151,10 @@ struct winbindd_methods {
char **name,
enum SID_NAME_USE *type);
- /* lookup user info for a given SID */
+ /* lookup user info for a given rid */
NTSTATUS (*query_user)(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *user_sid,
+ uint32 user_rid,
WINBIND_USERINFO *user_info);
/* lookup all groups that a user is a member of. The backend
@@ -165,15 +162,14 @@ struct winbindd_methods {
function */
NTSTATUS (*lookup_usergroups)(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *user_sid,
- uint32 *num_groups, DOM_SID ***user_gids);
+ uint32 user_rid,
+ uint32 *num_groups, uint32 **user_gids);
/* find all members of the group with the specified group_rid */
NTSTATUS (*lookup_groupmem)(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *group_sid,
- uint32 *num_names,
- DOM_SID ***sid_mem, char ***names,
+ uint32 group_rid, uint32 *num_names,
+ uint32 **rid_mem, char ***names,
uint32 **name_types);
/* return the current global sequence number */
@@ -202,23 +198,6 @@ typedef struct {
POLICY_HND pol;
} CLI_POLICY_HND;
-/* Filled out by IDMAP backends */
-struct winbindd_idmap_methods {
- /* Called when backend is first loaded */
- BOOL (*init)(void);
-
- BOOL (*get_sid_from_uid)(uid_t uid, DOM_SID *sid);
- BOOL (*get_sid_from_gid)(gid_t gid, DOM_SID *sid);
-
- BOOL (*get_uid_from_sid)(DOM_SID *sid, uid_t *uid);
- BOOL (*get_gid_from_sid)(DOM_SID *sid, gid_t *gid);
-
- /* Called when backend is unloaded */
- BOOL (*close)(void);
- /* Called to dump backend status */
- void (*status)(void);
-};
-
#include "winbindd_proto.h"
#include "rpc_parse.h"
diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c
index de3757aa44..f6fc3a8d6c 100644
--- a/source3/nsswitch/winbindd_ads.c
+++ b/source3/nsswitch/winbindd_ads.c
@@ -4,7 +4,6 @@
Winbind ADS backend functions
Copyright (C) Andrew Tridgell 2001
- Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -89,6 +88,13 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
return ads;
}
+/* useful utility */
+static void sid_from_rid(struct winbindd_domain *domain, uint32 rid, DOM_SID *sid)
+{
+ sid_copy(sid, &domain->sid);
+ sid_append_rid(sid, rid);
+}
+
/* Query display info for a realm. This is the basic user list fn */
static NTSTATUS query_user_list(struct winbindd_domain *domain,
@@ -137,9 +143,7 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain,
for (msg = ads_first_entry(ads, res); msg; msg = ads_next_entry(ads, msg)) {
char *name, *gecos;
DOM_SID sid;
- DOM_SID *sid2;
- DOM_SID *group_sid;
- uint32 group;
+ uint32 rid, group;
uint32 atype;
if (!ads_pull_uint32(ads, msg, "sAMAccountType", &atype) ||
@@ -159,20 +163,15 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain,
continue;
}
- sid2 = talloc(mem_ctx, sizeof(*sid2));
- if (!sid2) {
- status = NT_STATUS_NO_MEMORY;
- goto done;
+ if (!sid_peek_check_rid(&domain->sid, &sid, &rid)) {
+ DEBUG(1,("No rid for %s !?\n", name));
+ continue;
}
- sid_copy(sid2, &sid);
-
- group_sid = rid_to_talloced_sid(domain, mem_ctx, group);
-
(*info)[i].acct_name = name;
(*info)[i].full_name = gecos;
- (*info)[i].user_sid = sid2;
- (*info)[i].group_sid = group_sid;
+ (*info)[i].user_rid = rid;
+ (*info)[i].group_rid = group;
i++;
}
@@ -297,7 +296,6 @@ static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
/* convert a single name to a sid in a domain */
static NTSTATUS name_to_sid(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
const char *name,
DOM_SID *sid,
enum SID_NAME_USE *type)
@@ -330,13 +328,13 @@ static NTSTATUS sid_to_name(struct winbindd_domain *domain,
}
-/* convert a DN to a name, SID and name type
+/* convert a DN to a name, rid and name type
this might become a major speed bottleneck if groups have
lots of users, in which case we could cache the results
*/
static BOOL dn_lookup(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
const char *dn,
- char **name, uint32 *name_type, DOM_SID *sid)
+ char **name, uint32 *name_type, uint32 *rid)
{
char *exp;
void *res = NULL;
@@ -344,6 +342,7 @@ static BOOL dn_lookup(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
"objectSid", "sAMAccountType", NULL};
ADS_STATUS rc;
uint32 atype;
+ DOM_SID sid;
char *escaped_dn = escape_ldap_string_alloc(dn);
if (!escaped_dn) {
@@ -366,7 +365,8 @@ static BOOL dn_lookup(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
}
(*name_type) = ads_atype_map(atype);
- if (!ads_pull_sid(ads, res, "objectSid", sid)) {
+ if (!ads_pull_sid(ads, res, "objectSid", &sid) ||
+ !sid_peek_rid(&sid, rid)) {
goto failed;
}
@@ -381,158 +381,76 @@ failed:
/* Lookup user information from a rid */
static NTSTATUS query_user(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *sid,
+ uint32 user_rid,
WINBIND_USERINFO *info)
{
ADS_STRUCT *ads = NULL;
const char *attrs[] = {"userPrincipalName",
"sAMAccountName",
- "name",
+ "name", "objectSid",
"primaryGroupID", NULL};
ADS_STATUS rc;
int count;
void *msg = NULL;
char *exp;
+ DOM_SID sid;
char *sidstr;
- uint32 group_rid;
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
- DOM_SID *sid2;
- fstring sid_string;
DEBUG(3,("ads: query_user\n"));
+ sid_from_rid(domain, user_rid, &sid);
+
ads = ads_cached_connection(domain);
if (!ads) goto done;
- sidstr = sid_binstring(sid);
+ sidstr = sid_binstring(&sid);
asprintf(&exp, "(objectSid=%s)", sidstr);
rc = ads_search_retry(ads, &msg, exp, attrs);
free(exp);
free(sidstr);
if (!ADS_ERR_OK(rc)) {
- DEBUG(1,("query_user(sid=%s) ads_search: %s\n", sid_to_string(sid_string, sid), ads_errstr(rc)));
+ DEBUG(1,("query_user(rid=%d) ads_search: %s\n", user_rid, ads_errstr(rc)));
goto done;
}
count = ads_count_replies(ads, msg);
if (count != 1) {
- DEBUG(1,("query_user(sid=%s): Not found\n", sid_to_string(sid_string, sid)));
+ DEBUG(1,("query_user(rid=%d): Not found\n", user_rid));
goto done;
}
info->acct_name = ads_pull_username(ads, mem_ctx, msg);
info->full_name = ads_pull_string(ads, mem_ctx, msg, "name");
-
- if (!ads_pull_uint32(ads, msg, "primaryGroupID", &group_rid)) {
- DEBUG(1,("No primary group for %s !?\n", sid_to_string(sid_string, sid)));
+ if (!ads_pull_sid(ads, msg, "objectSid", &sid)) {
+ DEBUG(1,("No sid for %d !?\n", user_rid));
goto done;
}
-
- sid2 = talloc(mem_ctx, sizeof(*sid2));
- if (!sid2) {
- status = NT_STATUS_NO_MEMORY;
+ if (!ads_pull_uint32(ads, msg, "primaryGroupID", &info->group_rid)) {
+ DEBUG(1,("No primary group for %d !?\n", user_rid));
goto done;
}
- sid_copy(sid2, sid);
-
- info->user_sid = sid2;
-
- info->group_sid = rid_to_talloced_sid(domain, mem_ctx, group_rid);
-
- status = NT_STATUS_OK;
-
- DEBUG(3,("ads query_user gave %s\n", info->acct_name));
-done:
- if (msg) ads_msgfree(ads, msg);
-
- return status;
-}
-
-/* Lookup groups a user is a member of - alternate method, for when
- tokenGroups are not available. */
-static NTSTATUS lookup_usergroups_alt(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- const char *user_dn,
- DOM_SID *primary_group,
- uint32 *num_groups, DOM_SID ***user_gids)
-{
- ADS_STATUS rc;
- NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
- int count;
- void *res = NULL;
- void *msg = NULL;
- char *exp;
- ADS_STRUCT *ads;
- const char *group_attrs[] = {"objectSid", NULL};
-
- ads = ads_cached_connection(domain);
- if (!ads) goto done;
-
- /* buggy server, no tokenGroups. Instead lookup what groups this user
- is a member of by DN search on member*/
- if (asprintf(&exp, "(&(member=%s)(objectClass=group))", user_dn) == -1) {
- DEBUG(1,("lookup_usergroups(dn=%s) asprintf failed!\n", user_dn));
- return NT_STATUS_NO_MEMORY;
- }
- rc = ads_search_retry(ads, &res, exp, group_attrs);
- free(exp);
-
- if (!ADS_ERR_OK(rc)) {
- DEBUG(1,("lookup_usergroups ads_search member=%s: %s\n", user_dn, ads_errstr(rc)));
- return ads_ntstatus(rc);
- }
-
- count = ads_count_replies(ads, res);
- if (count == 0) {
- DEBUG(5,("lookup_usergroups: No supp groups found\n"));
-
- status = ads_ntstatus(rc);
+ if (!sid_peek_check_rid(&domain->sid,&sid, &info->user_rid)) {
+ DEBUG(1,("No rid for %d !?\n", user_rid));
goto done;
}
-
- (*user_gids) = talloc_zero(mem_ctx, sizeof(**user_gids) * (count + 1));
- (*user_gids)[0] = primary_group;
-
- *num_groups = 1;
-
- for (msg = ads_first_entry(ads, res); msg; msg = ads_next_entry(ads, msg)) {
- DOM_SID group_sid;
-
- if (!ads_pull_sid(ads, msg, "objectSid", &group_sid)) {
- DEBUG(1,("No sid for this group ?!?\n"));
- continue;
- }
-
- if (sid_equal(&group_sid, primary_group)) continue;
-
- (*user_gids)[*num_groups] = talloc(mem_ctx, sizeof(***user_gids));
- if (!(*user_gids)[*num_groups]) {
- status = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- sid_copy((*user_gids)[*num_groups], &group_sid);
-
- (*num_groups)++;
-
- }
status = NT_STATUS_OK;
- DEBUG(3,("ads lookup_usergroups (alt) for dn=%s\n", user_dn));
+ DEBUG(3,("ads query_user gave %s\n", info->acct_name));
done:
- if (res) ads_msgfree(ads, res);
if (msg) ads_msgfree(ads, msg);
return status;
}
+
/* Lookup groups a user is a member of. */
static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *sid,
- uint32 *num_groups, DOM_SID ***user_gids)
+ uint32 user_rid,
+ uint32 *num_groups, uint32 **user_gids)
{
ADS_STRUCT *ads = NULL;
const char *attrs[] = {"distinguishedName", NULL};
@@ -544,94 +462,63 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
char *user_dn;
DOM_SID *sids;
int i;
- DOM_SID *primary_group;
- uint32 primary_group_rid;
+ uint32 primary_group;
+ DOM_SID sid;
char *sidstr;
- fstring sid_string;
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
- DEBUG(3,("ads: lookup_usergroups\n"));
*num_groups = 0;
+ DEBUG(3,("ads: lookup_usergroups\n"));
+
+ (*num_groups) = 0;
+
+ sid_from_rid(domain, user_rid, &sid);
+
ads = ads_cached_connection(domain);
if (!ads) goto done;
- if (!(sidstr = sid_binstring(sid))) {
- DEBUG(1,("lookup_usergroups(sid=%s) sid_binstring returned NULL\n", sid_to_string(sid_string, sid)));
- status = NT_STATUS_NO_MEMORY;
- goto done;
- }
- if (asprintf(&exp, "(objectSid=%s)", sidstr) == -1) {
- free(sidstr);
- DEBUG(1,("lookup_usergroups(sid=%s) asprintf failed!\n", sid_to_string(sid_string, sid)));
- status = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
+ sidstr = sid_binstring(&sid);
+ asprintf(&exp, "(objectSid=%s)", sidstr);
rc = ads_search_retry(ads, &msg, exp, attrs);
free(exp);
free(sidstr);
-
if (!ADS_ERR_OK(rc)) {
- DEBUG(1,("lookup_usergroups(sid=%s) ads_search: %s\n", sid_to_string(sid_string, sid), ads_errstr(rc)));
+ DEBUG(1,("lookup_usergroups(rid=%d) ads_search: %s\n", user_rid, ads_errstr(rc)));
goto done;
}
user_dn = ads_pull_string(ads, mem_ctx, msg, "distinguishedName");
- if (!user_dn) {
- DEBUG(1,("lookup_usergroups(sid=%s) ads_search did not return a a distinguishedName!\n", sid_to_string(sid_string, sid)));
- if (msg) ads_msgfree(ads, msg);
- goto done;
- }
if (msg) ads_msgfree(ads, msg);
rc = ads_search_retry_dn(ads, &msg, user_dn, attrs2);
if (!ADS_ERR_OK(rc)) {
- DEBUG(1,("lookup_usergroups(sid=%s) ads_search tokenGroups: %s\n", sid_to_string(sid_string, sid), ads_errstr(rc)));
+ DEBUG(1,("lookup_usergroups(rid=%d) ads_search tokenGroups: %s\n", user_rid, ads_errstr(rc)));
goto done;
}
- if (!ads_pull_uint32(ads, msg, "primaryGroupID", &primary_group_rid)) {
- DEBUG(1,("%s: No primary group for sid=%s !?\n", domain->name, sid_to_string(sid_string, sid)));
+ if (!ads_pull_uint32(ads, msg, "primaryGroupID", &primary_group)) {
+ DEBUG(1,("%s: No primary group for rid=%d !?\n", domain->name, user_rid));
goto done;
}
- primary_group = rid_to_talloced_sid(domain, mem_ctx, primary_group_rid);
-
- count = ads_pull_sids(ads, mem_ctx, msg, "tokenGroups", &sids);
-
- if (msg) ads_msgfree(ads, msg);
+ count = ads_pull_sids(ads, mem_ctx, msg, "tokenGroups", &sids) + 1;
+ (*user_gids) = (uint32 *)talloc_zero(mem_ctx, sizeof(uint32) * count);
+ (*user_gids)[(*num_groups)++] = primary_group;
- /* there must always be at least one group in the token,
- unless we are talking to a buggy Win2k server */
- if (count == 0) {
- return lookup_usergroups_alt(domain, mem_ctx, user_dn,
- primary_group,
- num_groups, user_gids);
- }
-
- (*user_gids) = talloc_zero(mem_ctx, sizeof(**user_gids) * (count + 1));
- (*user_gids)[0] = primary_group;
-
- *num_groups = 1;
-
- for (i=0;i<count;i++) {
- if (sid_equal(&sids[i], primary_group)) continue;
-
- (*user_gids)[*num_groups] = talloc(mem_ctx, sizeof(***user_gids));
- if (!(*user_gids)[*num_groups]) {
- status = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- sid_copy((*user_gids)[*num_groups], &sids[i]);
+ for (i=1;i<count;i++) {
+ uint32 rid;
+ if (!sid_peek_check_rid(&domain->sid, &sids[i-1], &rid)) continue;
+ (*user_gids)[*num_groups] = rid;
(*num_groups)++;
}
status = NT_STATUS_OK;
- DEBUG(3,("ads lookup_usergroups for sid=%s\n", sid_to_string(sid_string, sid)));
+ DEBUG(3,("ads lookup_usergroups for rid=%d\n", user_rid));
done:
+ if (msg) ads_msgfree(ads, msg);
+
return status;
}
@@ -640,10 +527,11 @@ done:
*/
static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *group_sid, uint32 *num_names,
- DOM_SID ***sid_mem, char ***names,
+ uint32 group_rid, uint32 *num_names,
+ uint32 **rid_mem, char ***names,
uint32 **name_types)
{
+ DOM_SID group_sid;
ADS_STATUS rc;
int count;
void *res=NULL;
@@ -654,14 +542,14 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
const char *attrs[] = {"member", NULL};
char **members;
int i, num_members;
- fstring sid_string;
*num_names = 0;
ads = ads_cached_connection(domain);
if (!ads) goto done;
- sidstr = sid_binstring(group_sid);
+ sid_from_rid(domain, group_rid, &group_sid);
+ sidstr = sid_binstring(&group_sid);
/* search for all members of the group */
asprintf(&exp, "(objectSid=%s)",sidstr);
@@ -693,30 +581,24 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
for (i=0;members[i];i++) /* noop */ ;
num_members = i;
- (*sid_mem) = talloc_zero(mem_ctx, sizeof(**sid_mem) * num_members);
- (*name_types) = talloc_zero(mem_ctx, sizeof(**name_types) * num_members);
- (*names) = talloc_zero(mem_ctx, sizeof(**names) * num_members);
+ (*rid_mem) = talloc_zero(mem_ctx, sizeof(uint32) * num_members);
+ (*name_types) = talloc_zero(mem_ctx, sizeof(uint32) * num_members);
+ (*names) = talloc_zero(mem_ctx, sizeof(char *) * num_members);
for (i=0;i<num_members;i++) {
- uint32 name_type;
+ uint32 name_type, rid;
char *name;
- DOM_SID sid;
- if (dn_lookup(ads, mem_ctx, members[i], &name, &name_type, &sid)) {
+ if (dn_lookup(ads, mem_ctx, members[i], &name, &name_type, &rid)) {
(*names)[*num_names] = name;
(*name_types)[*num_names] = name_type;
- (*sid_mem)[*num_names] = talloc(mem_ctx, sizeof(***sid_mem));
- if (!(*sid_mem)[*num_names]) {
- status = NT_STATUS_NO_MEMORY;
- goto done;
- }
- sid_copy((*sid_mem)[*num_names], &sid);
+ (*rid_mem)[*num_names] = rid;
(*num_names)++;
}
}
status = NT_STATUS_OK;
- DEBUG(3,("ads lookup_groupmem for sid=%s\n", sid_to_string(sid_string, group_sid)));
+ DEBUG(3,("ads lookup_groupmem for rid=%d\n", group_rid));
done:
if (res) ads_msgfree(ads, res);
diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c
index 5eabcfca20..6ba1d48f5a 100644
--- a/source3/nsswitch/winbindd_cache.c
+++ b/source3/nsswitch/winbindd_cache.c
@@ -192,23 +192,6 @@ static char *centry_string(struct cache_entry *centry, TALLOC_CTX *mem_ctx)
return ret;
}
-/* pull a string from a cache entry, using the supplied
- talloc context
-*/
-static DOM_SID *centry_sid(struct cache_entry *centry, TALLOC_CTX *mem_ctx)
-{
- DOM_SID *sid;
- char *sid_string;
- sid = talloc(mem_ctx, sizeof(*sid));
- if (!sid) return NULL;
-
- sid_string = centry_string(centry, mem_ctx);
- if (!string_to_sid(sid, sid_string)) {
- return NULL;
- }
- return sid;
-}
-
/* the server is considered down if it can't give us a sequence number */
static BOOL wcache_server_down(struct winbindd_domain *domain)
{
@@ -277,9 +260,6 @@ static BOOL centry_expired(struct winbindd_domain *domain, struct cache_entry *c
*/
static struct cache_entry *wcache_fetch(struct winbind_cache *cache,
struct winbindd_domain *domain,
- const char *format, ...) PRINTF_ATTRIBUTE(3,4);
-static struct cache_entry *wcache_fetch(struct winbind_cache *cache,
- struct winbindd_domain *domain,
const char *format, ...)
{
va_list ap;
@@ -390,12 +370,6 @@ static void centry_put_string(struct cache_entry *centry, const char *s)
centry->ofs += len;
}
-static void centry_put_sid(struct cache_entry *centry, const DOM_SID *sid)
-{
- fstring sid_string;
- centry_put_string(centry, sid_to_string(sid_string, sid));
-}
-
/*
start a centry for output. When finished, call centry_end()
*/
@@ -419,7 +393,6 @@ struct cache_entry *centry_start(struct winbindd_domain *domain, NTSTATUS status
/*
finish a centry and write it to the tdb
*/
-static void centry_end(struct cache_entry *centry, const char *format, ...) PRINTF_ATTRIBUTE(2,3);
static void centry_end(struct cache_entry *centry, const char *format, ...)
{
va_list ap;
@@ -439,29 +412,39 @@ static void centry_end(struct cache_entry *centry, const char *format, ...)
free(kstr);
}
-static void wcache_save_name_to_sid(struct winbindd_domain *domain,
- NTSTATUS status,
- const char *name, DOM_SID *sid,
- enum SID_NAME_USE type)
+/* form a sid from the domain plus rid */
+static DOM_SID *form_sid(struct winbindd_domain *domain, uint32 rid)
+{
+ static DOM_SID sid;
+ sid_copy(&sid, &domain->sid);
+ sid_append_rid(&sid, rid);
+ return &sid;
+}
+
+static void wcache_save_name_to_sid(struct winbindd_domain *domain, NTSTATUS status,
+ const char *name, DOM_SID *sid, enum SID_NAME_USE type)
{
struct cache_entry *centry;
+ uint32 len;
fstring uname;
- fstring sid_string;
centry = centry_start(domain, status);
if (!centry) return;
- centry_put_sid(centry, sid);
+ len = sid_size(sid);
+ centry_expand(centry, len);
+ centry_put_uint32(centry, type);
+ sid_linearize(centry->data + centry->ofs, len, sid);
+ centry->ofs += len;
fstrcpy(uname, name);
strupper(uname);
- centry_end(centry, "NS/%s", sid_to_string(sid_string, sid));
+ centry_end(centry, "NS/%s/%s", domain->name, uname);
centry_free(centry);
}
static void wcache_save_sid_to_name(struct winbindd_domain *domain, NTSTATUS status,
- DOM_SID *sid, const char *name, enum SID_NAME_USE type)
+ DOM_SID *sid, const char *name, enum SID_NAME_USE type, uint32 rid)
{
struct cache_entry *centry;
- fstring sid_string;
centry = centry_start(domain, status);
if (!centry) return;
@@ -469,7 +452,7 @@ static void wcache_save_sid_to_name(struct winbindd_domain *domain, NTSTATUS sta
centry_put_uint32(centry, type);
centry_put_string(centry, name);
}
- centry_end(centry, "SN/%s", sid_to_string(sid_string, sid));
+ centry_end(centry, "SN/%s/%d", domain->name, rid);
centry_free(centry);
}
@@ -477,15 +460,14 @@ static void wcache_save_sid_to_name(struct winbindd_domain *domain, NTSTATUS sta
static void wcache_save_user(struct winbindd_domain *domain, NTSTATUS status, WINBIND_USERINFO *info)
{
struct cache_entry *centry;
- fstring sid_string;
centry = centry_start(domain, status);
if (!centry) return;
centry_put_string(centry, info->acct_name);
centry_put_string(centry, info->full_name);
- centry_put_sid(centry, info->user_sid);
- centry_put_sid(centry, info->group_sid);
- centry_end(centry, "U/%s", sid_to_string(sid_string, info->user_sid));
+ centry_put_uint32(centry, info->user_rid);
+ centry_put_uint32(centry, info->group_rid);
+ centry_end(centry, "U/%s/%d", domain->name, info->user_rid);
centry_free(centry);
}
@@ -499,7 +481,7 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain,
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
NTSTATUS status;
- unsigned int i;
+ int i;
if (!cache->tdb) goto do_query;
@@ -515,8 +497,8 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain,
for (i=0; i<(*num_entries); i++) {
(*info)[i].acct_name = centry_string(centry, mem_ctx);
(*info)[i].full_name = centry_string(centry, mem_ctx);
- (*info)[i].user_sid = centry_sid(centry, mem_ctx);
- (*info)[i].group_sid = centry_sid(centry, mem_ctx);
+ (*info)[i].user_rid = centry_uint32(centry);
+ (*info)[i].group_rid = centry_uint32(centry);
}
do_cached:
@@ -542,18 +524,18 @@ do_query:
for (i=0; i<(*num_entries); i++) {
centry_put_string(centry, (*info)[i].acct_name);
centry_put_string(centry, (*info)[i].full_name);
- centry_put_sid(centry, (*info)[i].user_sid);
- centry_put_sid(centry, (*info)[i].group_sid);
+ centry_put_uint32(centry, (*info)[i].user_rid);
+ centry_put_uint32(centry, (*info)[i].group_rid);
if (cache->backend->consistent) {
/* when the backend is consistent we can pre-prime some mappings */
wcache_save_name_to_sid(domain, NT_STATUS_OK,
(*info)[i].acct_name,
- (*info)[i].user_sid,
+ form_sid(domain, (*info)[i].user_rid),
SID_NAME_USER);
wcache_save_sid_to_name(domain, NT_STATUS_OK,
- (*info)[i].user_sid,
+ form_sid(domain, (*info)[i].user_rid),
(*info)[i].acct_name,
- SID_NAME_USER);
+ SID_NAME_USER, (*info)[i].user_rid);
wcache_save_user(domain, NT_STATUS_OK, &(*info)[i]);
}
}
@@ -573,7 +555,7 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
NTSTATUS status;
- unsigned int i;
+ int i;
if (!cache->tdb) goto do_query;
@@ -633,7 +615,7 @@ static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
NTSTATUS status;
- unsigned int i;
+ int i;
if (!cache->tdb) goto do_query;
@@ -687,7 +669,7 @@ do_query:
centry_put_string(centry, (*info)[i].acct_name);
centry_put_string(centry, (*info)[i].acct_desc);
centry_put_uint32(centry, (*info)[i].rid);
- }
+ }
centry_end(centry, "GL/%s/local", domain->name);
centry_free(centry);
@@ -697,7 +679,6 @@ skip_save:
/* convert a single name to a sid in a domain */
static NTSTATUS name_to_sid(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
const char *name,
DOM_SID *sid,
enum SID_NAME_USE *type)
@@ -706,7 +687,6 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain,
struct cache_entry *centry = NULL;
NTSTATUS status;
fstring uname;
- DOM_SID *sid2;
if (!cache->tdb) goto do_query;
@@ -715,12 +695,7 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain,
centry = wcache_fetch(cache, domain, "NS/%s/%s", domain->name, uname);
if (!centry) goto do_query;
*type = centry_uint32(centry);
- sid2 = centry_sid(centry, mem_ctx);
- if (!sid2) {
- ZERO_STRUCTP(sid);
- } else {
- sid_copy(sid, sid2);
- }
+ sid_parse(centry->data + centry->ofs, centry->len - centry->ofs, sid);
status = centry->status;
centry_free(centry);
@@ -732,7 +707,7 @@ do_query:
if (wcache_server_down(domain)) {
return NT_STATUS_SERVER_DISABLED;
}
- status = cache->backend->name_to_sid(domain, mem_ctx, name, sid, type);
+ status = cache->backend->name_to_sid(domain, name, sid, type);
/* and save it */
wcache_save_name_to_sid(domain, status, name, sid, *type);
@@ -754,11 +729,14 @@ static NTSTATUS sid_to_name(struct winbindd_domain *domain,
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
NTSTATUS status;
- fstring sid_string;
+ uint32 rid = 0;
+
+ if (!sid_peek_check_rid(&domain->sid, sid, &rid))
+ return NT_STATUS_INVALID_PARAMETER;
if (!cache->tdb) goto do_query;
- centry = wcache_fetch(cache, domain, "SN/%s", sid_to_string(sid_string, sid));
+ centry = wcache_fetch(cache, domain, "SN/%s/%d", domain->name, rid);
if (!centry) goto do_query;
if (NT_STATUS_IS_OK(centry->status)) {
*type = centry_uint32(centry);
@@ -778,7 +756,7 @@ do_query:
/* and save it */
refresh_sequence_number(domain, True);
- wcache_save_sid_to_name(domain, status, sid, *name, *type);
+ wcache_save_sid_to_name(domain, status, sid, *name, *type, rid);
wcache_save_name_to_sid(domain, status, *name, sid, *type);
return status;
@@ -788,23 +766,22 @@ do_query:
/* Lookup user information from a rid */
static NTSTATUS query_user(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *user_sid,
+ uint32 user_rid,
WINBIND_USERINFO *info)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
NTSTATUS status;
- fstring sid_string;
if (!cache->tdb) goto do_query;
- centry = wcache_fetch(cache, domain, "U/%s", sid_to_string(sid_string, user_sid));
+ centry = wcache_fetch(cache, domain, "U/%s/%d", domain->name, user_rid);
if (!centry) goto do_query;
info->acct_name = centry_string(centry, mem_ctx);
info->full_name = centry_string(centry, mem_ctx);
- info->user_sid = centry_sid(centry, mem_ctx);
- info->group_sid = centry_sid(centry, mem_ctx);
+ info->user_rid = centry_uint32(centry);
+ info->group_rid = centry_uint32(centry);
status = centry->status;
centry_free(centry);
return status;
@@ -816,7 +793,7 @@ do_query:
return NT_STATUS_SERVER_DISABLED;
}
- status = cache->backend->query_user(domain, mem_ctx, user_sid, info);
+ status = cache->backend->query_user(domain, mem_ctx, user_rid, info);
/* and save it */
refresh_sequence_number(domain, True);
@@ -829,18 +806,17 @@ do_query:
/* Lookup groups a user is a member of. */
static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *user_sid,
- uint32 *num_groups, DOM_SID ***user_gids)
+ uint32 user_rid,
+ uint32 *num_groups, uint32 **user_gids)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
NTSTATUS status;
- unsigned int i;
- fstring sid_string;
+ int i;
if (!cache->tdb) goto do_query;
- centry = wcache_fetch(cache, domain, "UG/%s", sid_to_string(sid_string, user_sid));
+ centry = wcache_fetch(cache, domain, "UG/%s/%d", domain->name, user_rid);
if (!centry) goto do_query;
*num_groups = centry_uint32(centry);
@@ -850,7 +826,7 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
(*user_gids) = talloc(mem_ctx, sizeof(**user_gids) * (*num_groups));
if (! (*user_gids)) smb_panic("lookup_usergroups out of memory");
for (i=0; i<(*num_groups); i++) {
- (*user_gids)[i] = centry_sid(centry, mem_ctx);
+ (*user_gids)[i] = centry_uint32(centry);
}
do_cached:
@@ -865,7 +841,7 @@ do_query:
if (wcache_server_down(domain)) {
return NT_STATUS_SERVER_DISABLED;
}
- status = cache->backend->lookup_usergroups(domain, mem_ctx, user_sid, num_groups, user_gids);
+ status = cache->backend->lookup_usergroups(domain, mem_ctx, user_rid, num_groups, user_gids);
/* and save it */
refresh_sequence_number(domain, True);
@@ -873,9 +849,9 @@ do_query:
if (!centry) goto skip_save;
centry_put_uint32(centry, *num_groups);
for (i=0; i<(*num_groups); i++) {
- centry_put_sid(centry, (*user_gids)[i]);
+ centry_put_uint32(centry, (*user_gids)[i]);
}
- centry_end(centry, "UG/%s", sid_to_string(sid_string, user_sid));
+ centry_end(centry, "UG/%s/%d", domain->name, user_rid);
centry_free(centry);
skip_save:
@@ -885,35 +861,34 @@ skip_save:
static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *group_sid, uint32 *num_names,
- DOM_SID ***sid_mem, char ***names,
+ uint32 group_rid, uint32 *num_names,
+ uint32 **rid_mem, char ***names,
uint32 **name_types)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
NTSTATUS status;
- unsigned int i;
- fstring sid_string;
+ int i;
if (!cache->tdb) goto do_query;
- centry = wcache_fetch(cache, domain, "GM/%s", sid_to_string(sid_string, group_sid));
+ centry = wcache_fetch(cache, domain, "GM/%s/%d", domain->name, group_rid);
if (!centry) goto do_query;
*num_names = centry_uint32(centry);
if (*num_names == 0) goto do_cached;
- (*sid_mem) = talloc(mem_ctx, sizeof(**sid_mem) * (*num_names));
+ (*rid_mem) = talloc(mem_ctx, sizeof(**rid_mem) * (*num_names));
(*names) = talloc(mem_ctx, sizeof(**names) * (*num_names));
(*name_types) = talloc(mem_ctx, sizeof(**name_types) * (*num_names));
- if (! (*sid_mem) || ! (*names) || ! (*name_types)) {
+ if (! (*rid_mem) || ! (*names) || ! (*name_types)) {
smb_panic("lookup_groupmem out of memory");
}
for (i=0; i<(*num_names); i++) {
- (*sid_mem)[i] = centry_sid(centry, mem_ctx);
+ (*rid_mem)[i] = centry_uint32(centry);
(*names)[i] = centry_string(centry, mem_ctx);
(*name_types)[i] = centry_uint32(centry);
}
@@ -925,7 +900,7 @@ do_cached:
do_query:
(*num_names) = 0;
- (*sid_mem) = NULL;
+ (*rid_mem) = NULL;
(*names) = NULL;
(*name_types) = NULL;
@@ -933,8 +908,8 @@ do_query:
if (wcache_server_down(domain)) {
return NT_STATUS_SERVER_DISABLED;
}
- status = cache->backend->lookup_groupmem(domain, mem_ctx, group_sid, num_names,
- sid_mem, names, name_types);
+ status = cache->backend->lookup_groupmem(domain, mem_ctx, group_rid, num_names,
+ rid_mem, names, name_types);
/* and save it */
refresh_sequence_number(domain, True);
@@ -942,11 +917,11 @@ do_query:
if (!centry) goto skip_save;
centry_put_uint32(centry, *num_names);
for (i=0; i<(*num_names); i++) {
- centry_put_sid(centry, (*sid_mem)[i]);
+ centry_put_uint32(centry, (*rid_mem)[i]);
centry_put_string(centry, (*names)[i]);
centry_put_uint32(centry, (*name_types)[i]);
}
- centry_end(centry, "GM/%s", sid_to_string(sid_string, group_sid));
+ centry_end(centry, "GM/%s/%d", domain->name, group_rid);
centry_free(centry);
skip_save:
diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c
index 1b49d8ce01..706408901e 100644
--- a/source3/nsswitch/winbindd_cm.c
+++ b/source3/nsswitch/winbindd_cm.c
@@ -373,7 +373,7 @@ static NTSTATUS cm_open_connection(const char *domain, const int pipe_index,
}
result = cli_full_connection(&new_conn->cli, global_myname(), new_conn->controller,
- &dc_ip, 0, "IPC$", "IPC", ipc_username, ipc_domain,
+ &dc_ip, 0, "IPC$", "IPC", ipc_username, ipc_domain,
ipc_password, CLI_FULL_CONNECTION_ANNONYMOUS_FALLBACK, &retry);
secrets_named_mutex_release(new_conn->controller);
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c
index d06db5943c..94a826fbbc 100644
--- a/source3/nsswitch/winbindd_group.c
+++ b/source3/nsswitch/winbindd_group.c
@@ -49,44 +49,43 @@ static BOOL fill_grent(struct winbindd_gr *gr, const char *dom_name,
return True;
}
-/* Fill in the group membership field of a NT group given by group_sid */
+/* Fill in the group membership field of a NT group given by group_rid */
static BOOL fill_grent_mem(struct winbindd_domain *domain,
- DOM_SID *group_sid,
+ uint32 group_rid,
enum SID_NAME_USE group_name_type,
int *num_gr_mem, char **gr_mem, int *gr_mem_len)
{
- DOM_SID **sid_mem = NULL;
- uint32 num_names = 0;
+ uint32 *rid_mem = NULL, num_names = 0;
uint32 *name_types = NULL;
- unsigned int buf_len, buf_ndx, i;
+ int buf_len, buf_ndx, i;
char **names = NULL, *buf;
BOOL result = False;
TALLOC_CTX *mem_ctx;
NTSTATUS status;
- fstring sid_string;
if (!(mem_ctx = talloc_init("fill_grent_mem(%s)", domain->name)))
return False;
/* Initialise group membership information */
- DEBUG(10, ("group SID %s\n", sid_to_string(sid_string, group_sid)));
+ DEBUG(10, ("group %s rid 0x%x\n", domain ? domain->name : "NULL",
+ group_rid));
*num_gr_mem = 0;
if (group_name_type != SID_NAME_DOM_GRP) {
- DEBUG(1, ("SID %s in domain %s isn't a domain group\n",
- sid_to_string(sid_string, group_sid), domain->name));
+ DEBUG(1, ("rid %d in domain %s isn't a domain group\n",
+ group_rid, domain->name));
goto done;
}
/* Lookup group members */
- status = domain->methods->lookup_groupmem(domain, mem_ctx, group_sid, &num_names,
- &sid_mem, &names, &name_types);
+ status = domain->methods->lookup_groupmem(domain, mem_ctx, group_rid, &num_names,
+ &rid_mem, &names, &name_types);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1, ("could not lookup membership for group rid %s in domain %s (error: %s)\n",
- sid_to_string(sid_string, group_sid), domain->name, nt_errstr(status)));
+ DEBUG(1, ("could not lookup membership for group rid %d in domain %s (error: %s)\n",
+ group_rid, domain->name, nt_errstr(status)));
goto done;
}
@@ -95,7 +94,7 @@ static BOOL fill_grent_mem(struct winbindd_domain *domain,
if (DEBUGLEVEL >= 10) {
for (i = 0; i < num_names; i++)
- DEBUG(10, ("\t%20s %s %d\n", names[i], sid_to_string(sid_string, sid_mem[i]),
+ DEBUG(10, ("\t%20s %x %d\n", names[i], rid_mem[i],
name_types[i]));
}
@@ -191,6 +190,7 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state)
DOM_SID group_sid;
struct winbindd_domain *domain;
enum SID_NAME_USE name_type;
+ uint32 group_rid;
fstring name_domain, name_group;
char *tmp, *gr_mem;
gid_t gid;
@@ -233,6 +233,10 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state)
return WINBINDD_ERROR;
}
+ /* Fill in group structure */
+ if (!sid_peek_check_rid(&domain->sid, &group_sid, &group_rid))
+ return WINBINDD_ERROR;
+
if (!winbindd_idmap_get_gid_from_sid(&group_sid, &gid)) {
DEBUG(1, ("error converting unix gid to sid\n"));
return WINBINDD_ERROR;
@@ -240,7 +244,7 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state)
if (!fill_grent(&state->response.data.gr, name_domain,
name_group, gid) ||
- !fill_grent_mem(domain, &group_sid, name_type,
+ !fill_grent_mem(domain, group_rid, name_type,
&state->response.data.gr.num_gr_mem,
&gr_mem, &gr_mem_len)) {
return WINBINDD_ERROR;
@@ -265,6 +269,7 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state)
enum SID_NAME_USE name_type;
fstring dom_name;
fstring group_name;
+ uint32 group_rid;
int gr_mem_len;
char *gr_mem;
@@ -279,13 +284,17 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state)
/* Get rid from gid */
- if (!winbindd_idmap_get_sid_from_gid(state->request.data.gid, &group_sid)) {
+ if (!winbindd_idmap_get_rid_from_gid(state->request.data.gid,
+ &group_rid, &domain)) {
DEBUG(1, ("could not convert gid %d to rid\n",
state->request.data.gid));
return WINBINDD_ERROR;
}
- /* Get name from sid */
+ /* Get sid from gid */
+
+ sid_copy(&group_sid, &domain->sid);
+ sid_append_rid(&group_sid, group_rid);
if (!winbindd_lookup_name_by_sid(&group_sid, dom_name, group_name, &name_type)) {
DEBUG(1, ("could not lookup sid\n"));
@@ -301,16 +310,9 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state)
/* Fill in group structure */
- domain = find_domain_from_sid(&group_sid);
-
- if (!domain) {
- DEBUG(1,("Can't find domain from sid\n"));
- return WINBINDD_ERROR;
- }
-
if (!fill_grent(&state->response.data.gr, dom_name, group_name,
state->request.data.gid) ||
- !fill_grent_mem(domain, &group_sid, name_type,
+ !fill_grent_mem(domain, group_rid, name_type,
&state->response.data.gr.num_gr_mem,
&gr_mem, &gr_mem_len))
return WINBINDD_ERROR;
@@ -542,9 +544,7 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state)
gid_t group_gid;
int gr_mem_len;
char *gr_mem, *new_gr_mem_list;
- DOM_SID group_sid;
- struct winbindd_domain *domain;
-
+
/* Do we need to fetch another chunk of groups? */
tryagain:
@@ -578,25 +578,16 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state)
name_list = ent->sam_entries;
- if (!(domain =
- find_domain_from_name(ent->domain_name))) {
- DEBUG(3, ("No such domain %s in winbindd_getgrent\n", ent->domain_name));
- result = False;
- goto done;
- }
-
/* Lookup group info */
- sid_copy(&group_sid, &domain->sid);
- sid_append_rid(&group_sid, name_list[ent->sam_entry_index].rid);
-
- if (!winbindd_idmap_get_gid_from_sid(
- &group_sid,
- &group_gid)) {
+ if (!winbindd_idmap_get_gid_from_rid(
+ ent->domain_name,
+ name_list[ent->sam_entry_index].rid,
+ &group_gid)) {
DEBUG(1, ("could not look up gid for group %s\n",
name_list[ent->sam_entry_index].acct_name));
-
+
ent->sam_entry_index++;
goto tryagain;
}
@@ -617,7 +608,15 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state)
/* Fill in group membership entry */
if (result) {
- DOM_SID member_sid;
+ struct winbindd_domain *domain;
+
+ if (!(domain =
+ find_domain_from_name(ent->domain_name))) {
+ DEBUG(3, ("No such domain %s in winbindd_getgrent\n", ent->domain_name));
+ result = False;
+ goto done;
+ }
+
group_list[group_list_ndx].num_gr_mem = 0;
gr_mem = NULL;
gr_mem_len = 0;
@@ -626,11 +625,9 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state)
if (state->request.cmd == WINBINDD_GETGRLST) {
result = True;
} else {
- sid_copy(&member_sid, &domain->sid);
- sid_append_rid(&member_sid, name_list[ent->sam_entry_index].rid);
result = fill_grent_mem(
domain,
- &member_sid,
+ name_list[ent->sam_entry_index].rid,
SID_NAME_DOM_GRP,
&group_list[group_list_ndx].num_gr_mem,
&gr_mem, &gr_mem_len);
@@ -733,7 +730,7 @@ enum winbindd_result winbindd_list_groups(struct winbindd_cli_state *state)
struct winbindd_domain *domain;
char *extra_data = NULL;
char *ted = NULL;
- unsigned int extra_data_len = 0, i;
+ int extra_data_len = 0, i;
DEBUG(3, ("[%5d]: list groups\n", state->pid));
@@ -808,13 +805,13 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
fstring name_domain, name_user;
DOM_SID user_sid;
enum SID_NAME_USE name_type;
- uint32 num_groups, num_gids;
+ uint32 user_rid, num_groups, num_gids;
NTSTATUS status;
- DOM_SID **user_gids;
+ uint32 *user_gids;
struct winbindd_domain *domain;
enum winbindd_result result = WINBINDD_ERROR;
gid_t *gid_list;
- unsigned int i;
+ int i;
TALLOC_CTX *mem_ctx;
/* Ensure null termination */
@@ -855,9 +852,9 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
goto done;
}
- status = domain->methods->lookup_usergroups(domain, mem_ctx,
- &user_sid, &num_groups,
- &user_gids);
+ sid_split_rid(&user_sid, &user_rid);
+
+ status = domain->methods->lookup_usergroups(domain, mem_ctx, user_rid, &num_groups, &user_gids);
if (!NT_STATUS_IS_OK(status)) goto done;
/* Copy data back to client */
@@ -869,13 +866,12 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
goto done;
for (i = 0; i < num_groups; i++) {
- if (!winbindd_idmap_get_gid_from_sid(
- user_gids[i],
- &gid_list[num_gids])) {
- fstring sid_string;
+ if (!winbindd_idmap_get_gid_from_rid(domain->name,
+ user_gids[i],
+ &gid_list[num_gids])) {
- DEBUG(1, ("unable to convert group sid %s to gid\n",
- sid_to_string(sid_string, user_gids[i])));
+ DEBUG(1, ("unable to convert group rid %d to gid\n",
+ user_gids[i]));
continue;
}
diff --git a/source3/nsswitch/winbindd_idmap.c b/source3/nsswitch/winbindd_idmap.c
index 23f4b4d081..6d184fec5f 100644
--- a/source3/nsswitch/winbindd_idmap.c
+++ b/source3/nsswitch/winbindd_idmap.c
@@ -1,19 +1,20 @@
/*
Unix SMB/CIFS implementation.
- Winbind ID Mapping
- Copyright (C) Tim Potter 2000
- Copyright (C) Anthony Liguori <aliguor@us.ibm.com> 2003
+ Winbind daemon - user related function
+
+ Copyright (C) Tim Potter 2000
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
@@ -21,175 +22,508 @@
#include "winbindd.h"
-static struct {
- const char *name;
- /* Function to create a member of the idmap_methods list */
- BOOL (*reg_meth)(struct winbindd_idmap_methods **methods);
- struct winbindd_idmap_methods *methods;
-} builtin_winbindd_idmap_functions[] = {
- { "tdb", winbind_idmap_reg_tdb, NULL },
- { "ldap", winbind_idmap_reg_ldap, NULL },
- { NULL, NULL, NULL }
-};
-
-/* singleton pattern: uberlazy evaluation */
-static struct winbindd_idmap_methods *impl;
-
-static struct winbindd_idmap_methods *get_impl(const char *name)
-{
- int i = 0;
- struct winbindd_idmap_methods *ret = NULL;
-
- while (builtin_winbindd_idmap_functions[i].name &&
- strcmp(builtin_winbindd_idmap_functions[i].name, name)) {
- i++;
- }
-
- if (builtin_winbindd_idmap_functions[i].name) {
- if (!builtin_winbindd_idmap_functions[i].methods) {
- builtin_winbindd_idmap_functions[i].reg_meth(&builtin_winbindd_idmap_functions[i].methods);
- }
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_WINBIND
- ret = builtin_winbindd_idmap_functions[i].methods;
- }
+/* High water mark keys */
- return ret;
-}
+#define HWM_GROUP "GROUP HWM"
+#define HWM_USER "USER HWM"
-/* Initialize backend */
-BOOL winbindd_idmap_init(void)
+/* idmap version determines auto-conversion */
+#define IDMAP_VERSION 2
+
+/* Globals */
+
+static TDB_CONTEXT *idmap_tdb;
+
+/* Allocate either a user or group id from the pool */
+
+static BOOL allocate_id(uid_t *id, BOOL isgroup)
{
- BOOL ret = False;
+ int hwm;
- DEBUG(3, ("winbindd_idmap_init: using '%s' as backend\n",
- lp_winbind_backend()));
+ /* Get current high water mark */
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- if (!impl) {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
+ if ((hwm = tdb_fetch_int32(idmap_tdb,
+ isgroup ? HWM_GROUP : HWM_USER)) == -1) {
+ return False;
}
- }
- if (impl) {
- ret = impl->init();
- }
+ /* Return next available uid in list */
- DEBUG(3, ("winbind_idmap_init: returning %s\n", ret ? "true" : "false"));
+ if ((isgroup && (hwm > server_state.gid_high)) ||
+ (!isgroup && (hwm > server_state.uid_high))) {
+ DEBUG(0, ("winbind %sid range full!\n", isgroup ? "g" : "u"));
+ return False;
+ }
+
+ if (id) {
+ *id = hwm;
+ }
+
+ hwm++;
+
+ /* Store new high water mark */
+
+ tdb_store_int32(idmap_tdb, isgroup ? HWM_GROUP : HWM_USER, hwm);
- return ret;
+ return True;
}
-/* Get UID from SID */
-BOOL winbindd_idmap_get_uid_from_sid(DOM_SID *sid, uid_t *uid)
+/* Get an id from a rid */
+static BOOL get_id_from_sid(DOM_SID *sid, uid_t *id, BOOL isgroup)
{
- BOOL ret = False;
+ TDB_DATA data, key;
+ fstring keystr;
+ BOOL result = False;
+
+ /* Check if sid is present in database */
+ sid_to_string(keystr, sid);
+
+ key.dptr = keystr;
+ key.dsize = strlen(keystr) + 1;
+
+ data = tdb_fetch(idmap_tdb, key);
+
+ if (data.dptr) {
+ fstring scanstr;
+ int the_id;
+
+ /* Parse and return existing uid */
+ fstrcpy(scanstr, isgroup ? "GID" : "UID");
+ fstrcat(scanstr, " %d");
+
+ if (sscanf(data.dptr, scanstr, &the_id) == 1) {
+ /* Store uid */
+ if (id) {
+ *id = the_id;
+ }
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- if (!impl) {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
+ result = True;
+ }
+
+ SAFE_FREE(data.dptr);
+ } else {
+
+ /* Allocate a new id for this sid */
+
+ if (id && allocate_id(id, isgroup)) {
+ fstring keystr2;
+
+ /* Store new id */
+
+ slprintf(keystr2, sizeof(keystr2), "%s %d", isgroup ? "GID" : "UID", *id);
+
+ data.dptr = keystr2;
+ data.dsize = strlen(keystr2) + 1;
+
+ tdb_store(idmap_tdb, key, data, TDB_REPLACE);
+ tdb_store(idmap_tdb, data, key, TDB_REPLACE);
+
+ result = True;
+ }
}
- }
- if (impl) {
- ret = impl->get_uid_from_sid(sid, uid);
- }
+ return result;
+}
- return ret;
+/* Get a uid from a user sid */
+BOOL winbindd_idmap_get_uid_from_sid(DOM_SID *sid, uid_t *uid)
+{
+ return get_id_from_sid(sid, uid, False);
}
-/* Get GID from SID */
+/* Get a gid from a group sid */
BOOL winbindd_idmap_get_gid_from_sid(DOM_SID *sid, gid_t *gid)
{
- BOOL ret = False;
+ return get_id_from_sid(sid, gid, True);
+}
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- if (!impl) {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
- }
- }
+/* Get a uid from a user rid */
+BOOL winbindd_idmap_get_uid_from_rid(const char *dom_name, uint32 rid, uid_t *uid)
+{
+ struct winbindd_domain *domain;
+ DOM_SID sid;
+
+ if (!(domain = find_domain_from_name(dom_name))) {
+ return False;
+ }
- if (impl) {
- ret = impl->get_gid_from_sid(sid, gid);
- }
+ sid_copy(&sid, &domain->sid);
+ sid_append_rid(&sid, rid);
- return ret;
+ return get_id_from_sid(&sid, uid, False);
}
-/* Get SID from UID */
-BOOL winbindd_idmap_get_sid_from_uid(uid_t uid, DOM_SID *sid)
+/* Get a gid from a group rid */
+BOOL winbindd_idmap_get_gid_from_rid(const char *dom_name, uint32 rid, gid_t *gid)
+{
+ struct winbindd_domain *domain;
+ DOM_SID sid;
+
+ if (!(domain = find_domain_from_name(dom_name))) {
+ return False;
+ }
+
+ sid_copy(&sid, &domain->sid);
+ sid_append_rid(&sid, rid);
+
+ return get_id_from_sid(&sid, gid, True);
+}
+
+
+BOOL get_sid_from_id(int id, DOM_SID *sid, BOOL isgroup)
{
- BOOL ret = False;
+ TDB_DATA key, data;
+ fstring keystr;
+ BOOL result = False;
+
+ slprintf(keystr, sizeof(keystr), "%s %d", isgroup ? "GID" : "UID", id);
+
+ key.dptr = keystr;
+ key.dsize = strlen(keystr) + 1;
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- if (!impl) {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
+ data = tdb_fetch(idmap_tdb, key);
+
+ if (data.dptr) {
+ result = string_to_sid(sid, data.dptr);
+ SAFE_FREE(data.dptr);
}
- }
- if (impl) {
- ret = impl->get_sid_from_uid(uid, sid);
- }
+ return result;
+}
- return ret;
+/* Get a sid from a uid */
+BOOL winbindd_idmap_get_sid_from_uid(uid_t uid, DOM_SID *sid)
+{
+ return get_sid_from_id((int)uid, sid, False);
}
-/* Get SID from GID */
+/* Get a sid from a gid */
BOOL winbindd_idmap_get_sid_from_gid(gid_t gid, DOM_SID *sid)
{
- BOOL ret = False;
+ return get_sid_from_id((int)gid, sid, True);
+}
+
+/* Get a user rid from a uid */
+BOOL winbindd_idmap_get_rid_from_uid(uid_t uid, uint32 *user_rid,
+ struct winbindd_domain **domain)
+{
+ DOM_SID sid;
+
+ if (!get_sid_from_id((int)uid, &sid, False)) {
+ return False;
+ }
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- }
+ *domain = find_domain_from_sid(&sid);
+ if (! *domain) return False;
- if (impl) {
- ret = impl->get_sid_from_gid(gid, sid);
- } else {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
- }
+ sid_split_rid(&sid, user_rid);
- return ret;
+ return True;
}
-/* Close backend */
-BOOL winbindd_idmap_close(void)
+/* Get a group rid from a gid */
+
+BOOL winbindd_idmap_get_rid_from_gid(gid_t gid, uint32 *group_rid,
+ struct winbindd_domain **domain)
+{
+ DOM_SID sid;
+
+ if (!get_sid_from_id((int)gid, &sid, True)) {
+ return False;
+ }
+
+ *domain = find_domain_from_sid(&sid);
+ if (! *domain) return False;
+
+ sid_split_rid(&sid, group_rid);
+
+ return True;
+}
+
+/* convert one record to the new format */
+static int convert_fn(TDB_CONTEXT *tdb, TDB_DATA key, TDB_DATA data, void *ignored)
{
- BOOL ret = False;
+ struct winbindd_domain *domain;
+ char *p;
+ DOM_SID sid;
+ uint32 rid;
+ fstring keystr;
+ fstring dom_name;
+ TDB_DATA key2;
+
+ p = strchr(key.dptr, '/');
+ if (!p)
+ return 0;
+
+ *p = 0;
+ fstrcpy(dom_name, key.dptr);
+ *p++ = '/';
+
+ domain = find_domain_from_name(dom_name);
+ if (!domain) {
+ /* We must delete the old record. */
+ DEBUG(0,("winbindd: convert_fn : Unable to find domain %s\n", dom_name ));
+ DEBUG(0,("winbindd: convert_fn : deleting record %s\n", key.dptr ));
+ tdb_delete(idmap_tdb, key);
+ return 0;
+ }
+
+ rid = atoi(p);
+
+ sid_copy(&sid, &domain->sid);
+ sid_append_rid(&sid, rid);
+
+ sid_to_string(keystr, &sid);
+ key2.dptr = keystr;
+ key2.dsize = strlen(keystr) + 1;
+
+ if (tdb_store(idmap_tdb, key2, data, TDB_INSERT) != 0) {
+ /* not good! */
+ DEBUG(0,("winbindd: convert_fn : Unable to update record %s\n", key2.dptr ));
+ DEBUG(0,("winbindd: convert_fn : conversion failed - idmap corrupt ?\n"));
+ return -1;
+ }
+
+ if (tdb_store(idmap_tdb, data, key2, TDB_REPLACE) != 0) {
+ /* not good! */
+ DEBUG(0,("winbindd: convert_fn : Unable to update record %s\n", data.dptr ));
+ DEBUG(0,("winbindd: convert_fn : conversion failed - idmap corrupt ?\n"));
+ return -1;
+ }
+
+ tdb_delete(idmap_tdb, key);
+
+ return 0;
+}
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- }
+#if 0
+/*****************************************************************************
+ Make a backup copy of the old idmap just to be safe.... JRA.
+*****************************************************************************/
- if (impl) {
- ret = impl->close();
- } else {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
- }
+static BOOL backup_old_idmap(const char *idmap_name)
+{
+ pstring new_name;
+ int outfd = -1;
+ SMB_OFF_T size;
+ struct stat st;
+
+ pstrcpy(new_name, idmap_name);
+ pstrcat(new_name, ".bak");
+
+ DEBUG(10,("backup_old_idmap: backing up %s to %s before upgrade.\n",
+ idmap_name, new_name ));
+
+ if (tdb_lockall(idmap_tdb) == -1) {
+ DEBUG(10,("backup_old_idmap: failed to lock %s. Error %s\n",
+ idmap_name, tdb_errorstr(idmap_tdb) ));
+ return False;
+ }
+ if ((outfd = open(new_name, O_CREAT|O_EXCL|O_RDWR, 0600)) == -1) {
+ DEBUG(10,("backup_old_idmap: failed to open %s. Error %s\n",
+ new_name, strerror(errno) ));
+ goto fail;
+ }
+
+ if (fstat(idmap_tdb->fd, &st) == -1) {
+ DEBUG(10,("backup_old_idmap: failed to fstat %s. Error %s\n",
+ idmap_name, strerror(errno) ));
+ goto fail;
+ }
+
+ size = (SMB_OFF_T)st.st_size;
+
+ if (transfer_file(idmap_tdb->fd, outfd, size) != size ) {
+ DEBUG(10,("backup_old_idmap: failed to copy %s. Error %s\n",
+ idmap_name, strerror(errno) ));
+ goto fail;
+ }
+
+ if (close(outfd) == -1) {
+ DEBUG(10,("backup_old_idmap: failed to close %s. Error %s\n",
+ idmap_name, strerror(errno) ));
+ outfd = -1;
+ goto fail;
+ }
+ tdb_unlockall(idmap_tdb);
+ return True;
+
+fail:
+
+ if (outfd != -1)
+ close(outfd);
+ tdb_unlockall(idmap_tdb);
+ return False;
+}
+#endif
+
+/*****************************************************************************
+ Convert the idmap database from an older version.
+*****************************************************************************/
- return ret;
+static BOOL idmap_convert(const char *idmap_name)
+{
+ int32 vers = tdb_fetch_int32(idmap_tdb, "IDMAP_VERSION");
+ BOOL bigendianheader = (idmap_tdb->flags & TDB_BIGENDIAN) ? True : False;
+
+ if (vers == IDMAP_VERSION)
+ return True;
+
+#if 0
+ /* Make a backup copy before doing anything else.... */
+ if (!backup_old_idmap(idmap_name))
+ return False;
+#endif
+
+ if (((vers == -1) && bigendianheader) || (IREV(vers) == IDMAP_VERSION)) {
+ /* Arrggghh ! Bytereversed or old big-endian - make order independent ! */
+ /*
+ * high and low records were created on a
+ * big endian machine and will need byte-reversing.
+ */
+
+ int32 wm;
+
+ wm = tdb_fetch_int32(idmap_tdb, HWM_USER);
+
+ if (wm != -1) {
+ wm = IREV(wm);
+ } else
+ wm = server_state.uid_low;
+
+ if (tdb_store_int32(idmap_tdb, HWM_USER, wm) == -1) {
+ DEBUG(0, ("idmap_convert: Unable to byteswap user hwm in idmap database\n"));
+ return False;
+ }
+
+ wm = tdb_fetch_int32(idmap_tdb, HWM_GROUP);
+ if (wm != -1) {
+ wm = IREV(wm);
+ } else
+ wm = server_state.gid_low;
+
+ if (tdb_store_int32(idmap_tdb, HWM_GROUP, wm) == -1) {
+ DEBUG(0, ("idmap_convert: Unable to byteswap group hwm in idmap database\n"));
+ return False;
+ }
+ }
+
+ /* the old format stored as DOMAIN/rid - now we store the SID direct */
+ tdb_traverse(idmap_tdb, convert_fn, NULL);
+
+ if (tdb_store_int32(idmap_tdb, "IDMAP_VERSION", IDMAP_VERSION) == -1) {
+ DEBUG(0, ("idmap_convert: Unable to byteswap group hwm in idmap database\n"));
+ return False;
+ }
+
+ return True;
}
-/* Dump backend status */
+/*****************************************************************************
+ Initialise idmap database.
+*****************************************************************************/
+
+BOOL winbindd_idmap_init(void)
+{
+ /* Open tdb cache */
+
+ if (!(idmap_tdb = tdb_open_log(lock_path("winbindd_idmap.tdb"), 0,
+ TDB_DEFAULT, O_RDWR | O_CREAT, 0600))) {
+ DEBUG(0, ("winbindd_idmap_init: Unable to open idmap database\n"));
+ return False;
+ }
+
+ /* possibly convert from an earlier version */
+ if (!idmap_convert(lock_path("winbindd_idmap.tdb"))) {
+ DEBUG(0, ("winbindd_idmap_init: Unable to open idmap database\n"));
+ return False;
+ }
+
+ /* Create high water marks for group and user id */
+
+ if (tdb_fetch_int32(idmap_tdb, HWM_USER) == -1) {
+ if (tdb_store_int32(idmap_tdb, HWM_USER, server_state.uid_low) == -1) {
+ DEBUG(0, ("winbindd_idmap_init: Unable to initialise user hwm in idmap database\n"));
+ return False;
+ }
+ }
+
+ if (tdb_fetch_int32(idmap_tdb, HWM_GROUP) == -1) {
+ if (tdb_store_int32(idmap_tdb, HWM_GROUP, server_state.gid_low) == -1) {
+ DEBUG(0, ("winbindd_idmap_init: Unable to initialise group hwm in idmap database\n"));
+ return False;
+ }
+ }
+
+ return True;
+}
+
+BOOL winbindd_idmap_close(void)
+{
+ if (idmap_tdb)
+ return (tdb_close(idmap_tdb) == 0);
+ return True;
+}
+
+/* Dump status information to log file. Display different stuff based on
+ the debug level:
+
+ Debug Level Information Displayed
+ =================================================================
+ 0 Percentage of [ug]id range allocated
+ 0 High water marks (next allocated ids)
+*/
+
+#define DUMP_INFO 0
+
void winbindd_idmap_status(void)
{
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- }
+ int user_hwm, group_hwm;
+
+ DEBUG(0, ("winbindd idmap status:\n"));
+
+ /* Get current high water marks */
+
+ if ((user_hwm = tdb_fetch_int32(idmap_tdb, HWM_USER)) == -1) {
+ DEBUG(DUMP_INFO, ("\tCould not get userid high water mark!\n"));
+ }
+
+ if ((group_hwm = tdb_fetch_int32(idmap_tdb, HWM_GROUP)) == -1) {
+ DEBUG(DUMP_INFO, ("\tCould not get groupid high water mark!\n"));
+ }
+
+ /* Display next ids to allocate */
+
+ if (user_hwm != -1) {
+ DEBUG(DUMP_INFO, ("\tNext userid to allocate is %d\n", user_hwm));
+ }
+
+ if (group_hwm != -1) {
+ DEBUG(DUMP_INFO, ("\tNext groupid to allocate is %d\n", group_hwm));
+ }
+
+ /* Display percentage of id range already allocated. */
+
+ if (user_hwm != -1) {
+ int num_users = user_hwm - server_state.uid_low;
+ int total_users = server_state.uid_high - server_state.uid_low;
+
+ DEBUG(DUMP_INFO, ("\tUser id range is %d%% full (%d of %d)\n",
+ num_users * 100 / total_users, num_users,
+ total_users));
+ }
+
+ if (group_hwm != -1) {
+ int num_groups = group_hwm - server_state.gid_low;
+ int total_groups = server_state.gid_high - server_state.gid_low;
+
+ DEBUG(DUMP_INFO, ("\tGroup id range is %d%% full (%d of %d)\n",
+ num_groups * 100 / total_groups, num_groups,
+ total_groups));
+ }
- if (impl) {
- impl->status();
- } else {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
- }
+ /* Display complete mapping of users and groups to rids */
}
diff --git a/source3/nsswitch/winbindd_idmap_ldap.c b/source3/nsswitch/winbindd_idmap_ldap.c
deleted file mode 100644
index eb10dd33e9..0000000000
--- a/source3/nsswitch/winbindd_idmap_ldap.c
+++ /dev/null
@@ -1,392 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind daemon - user related function
-
- Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "winbindd.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_WINBIND
-
-#ifdef HAVE_LDAP
-
-#include <lber.h>
-#include <ldap.h>
-
-#include "smb_ldap.h"
-
-/* Globals */
-static struct smb_ldap_privates *ldap_state;
-
-static const char *attr[] = { "uid", "rid", "domain", "uidNumber",
- "gidNumber", NULL };
-
-static const char *pool_attr[] = {"uidNumber", "gidNumber", "cn", NULL};
-
-static long ldap_allocate_id(BOOL is_user)
-{
- int rc, count;
- LDAPMessage *result;
- int scope = LDAP_SCOPE_SUBTREE;
- long ret = 0;
- int sanity = 0;
-
- do {
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, is_user?"cn=UID Pool":"cn=GID Pool", pool_attr, 0, &result);
-
- if (LDAP_SUCCESS != rc) {
- DEBUG(0,("ldap_allocate_id: No ID pool found in directory\n"));
- return 0;
- }
-
- count = ldap_count_entries(ldap_state->ldap_struct, result);
-
- if (1 < count) {
- DEBUG(0,("ldap_allocate_id: Multiple UID pools found in directory?\n"));
- break;
- } else if (1 == count) {
- LDAPMessage *entry =
- ldap_first_entry(ldap_state->ldap_struct,
- result);
- LDAPMod **mods = NULL;
- pstring temp;
-
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, is_user?"uidNumber":"gidNumber", temp)) {
- return False;
- }
- ret = atol(temp);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_DELETE,
- is_user?"uidNumber":"gidNumber",
- temp);
- slprintf(temp, sizeof(temp) - 1, "%ld", ret + 1);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, is_user?"uidNumber":"gidNumber", temp);
- slprintf(temp, sizeof(temp) - 1, "cn=%cID Pool,%s", is_user?'U':'G', lp_ldap_user_suffix());
- rc = smb_ldap_modify(ldap_state, temp, mods);
- ldap_mods_free(mods, 1);
- } else {
- DEBUG(0,("ldap_allocate_id: unexpected number of entries returned\n"));
- break;
- }
- } while (LDAP_NO_SUCH_ATTRIBUTE == rc && ++sanity < 100);
-
- return ret;
-}
-
-/*****************************************************************************
- Initialise idmap database.
-*****************************************************************************/
-static BOOL ldap_idmap_init(void)
-{
- static struct smb_ldap_privates state;
- ldap_state = &state;
-
-#ifdef WITH_LDAP_SAMCONFIG
- {
- int ldap_port = lp_ldap_port();
-
- /* remap default port if not using SSL */
- if (lp_ldap_ssl() != LDAP_SSL_ON && ldap_port == 636) {
- ldap_port = 389;
- }
-
- ldap_state->uri = asprintf("%s://%s:d",
- lp_ldap_ssl() == LDAP_SSL_ON ? "ldaps" : "ldap",
- lp_ldap_server(), ldap_port);
- if (!ldap_state->uri) {
- DEBUG(0,("Out of memory\n"));
- return False;
- }
- }
-#else
- ldap_state->uri = "ldap://localhost";
-#endif
- return True;
-}
-
-static BOOL ldap_get_sid_from_uid(uid_t uid, DOM_SID * sid)
-{
- pstring filter;
- int scope = LDAP_SCOPE_SUBTREE;
- int rc, count;
- LDAPMessage *result;
-
- slprintf(filter, sizeof(filter) - 1, "uidNumber=%i", uid);
-
- DEBUG(2, ("ldap_get_sid_from_uid: searching for:[%s]\n", filter));
-
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result);
- if (LDAP_SUCCESS != rc) {
- DEBUG(0,("ldap_get_sid_from_uid: user search failed\n"));
- return False;
- }
-
- count = ldap_count_entries(ldap_state->ldap_struct, result);
- if (1 < count) {
- DEBUG(0,("More than one user exists where: %s\n", filter));
- ldap_msgfree(result);
- return False;
- } else if (1 == count) {
- /* we found the user, get the users RID */
- LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct,
- result);
- pstring temp, domain;
- uint32 rid;
- struct winbindd_domain *wb_dom;
-
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "domain", domain)) {
- return False;
- }
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "rid", temp)) {
- return False;
- }
- rid = (uint32)atol(temp);
- wb_dom = find_domain_from_name(domain);
-
- if (!wb_dom) {
- DEBUG(0,("ldap_get_sid_from_uid: could not find domain %s\n", domain));
- return False;
- }
-
- sid_copy(sid, &wb_dom->sid);
- sid_append_rid(sid, rid);
- } else {
- /* 0 entries? that ain't right */
- DEBUG(0,("ldap_get_sid_from_uid: not user entry found for %s\n", filter));
- }
-
- return True;
-}
-
-static BOOL ldap_get_uid_from_sid(DOM_SID *sid, uid_t *uid)
-{
- pstring filter;
- int scope = LDAP_SCOPE_SUBTREE;
- int rc, count;
- LDAPMessage *result;
- uint32 rid = 0;
- struct winbindd_domain *wb_dom;
- DOM_SID dom_sid;
-
- sid_copy(&dom_sid, sid);
-
- if (!sid_split_rid(&dom_sid, &rid)) {
- DEBUG(0,("ldap_get_uid_from_sid: sid does not contain an rid\n"));
- return False;
- }
-
- if (!(wb_dom = find_domain_from_sid(&dom_sid))) {
- DEBUG(0,("ldap_get_uid_from_sid: cannot lookup domain from sid\n"));
- return False;
- }
-
- slprintf(filter, sizeof(filter) - 1, "rid=%d,domain=%s,objectClass=sambaAccount", rid, wb_dom->name);
-
- DEBUG(2, ("ldap_get_uid_from_sid: searching for:[%s]\n", filter));
-
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result);
- if (LDAP_NO_SUCH_OBJECT == rc) {
- LDAPMod **mods = NULL;
- pstring temp;
- fstring dom, name;
- int sid_type;
-
- winbindd_lookup_name_by_sid(sid, dom, name,
- (enum SID_USE_TYPE *)&sid_type);
- slprintf(temp, sizeof(temp) - 1, "%i", rid);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "rid", temp);
-
- *uid = ldap_allocate_id(True);
- slprintf(temp, sizeof(temp) - 1, "%i", *uid);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "uidNumber", temp);
-
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "uid", name);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "sambaAccount");
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "account");
- slprintf(temp, sizeof(temp) - 1, "uid=%s,%s", name, lp_ldap_user_suffix());
- rc = smb_ldap_modify(ldap_state, temp, mods);
-
- ldap_mods_free(mods, 1);
- if (LDAP_SUCCESS != rc) {
- return False;
- }
- } else if (LDAP_SUCCESS == rc) {
- count = ldap_count_entries(ldap_state->ldap_struct, result);
- if (1 < count) {
- DEBUG(0,("More than one user exists where: %s\n", filter));
- ldap_msgfree(result);
- return False;
- } else if (1 == count) {
- /* we found the user, get the idNumber */
- LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, result);
- pstring temp;
-
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "uidNumber", temp)) {
- return False;
- }
- *uid = atol(temp);
- } else {
- DEBUG(0,("ldap_get_uid_from_sid: zero entries returned?\n"));
- return False;
- }
- } else {
- DEBUG(0,("ldap_get_uid_from_sid: unknown error querying user info\n"));
- return False;
- }
-
- return True;
-}
-
-static BOOL ldap_get_sid_from_gid(gid_t gid, DOM_SID * sid)
-{
- pstring filter;
- int scope = LDAP_SCOPE_SUBTREE;
- int rc, count;
- LDAPMessage *result;
-
- slprintf(filter, sizeof(filter) - 1, "gidNumber=%i,objectClass=sambaGroupMapping", gid);
-
- DEBUG(2, ("ldap_get_sid_from_gid: searching for:[%s]\n", filter));
-
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result);
- if (LDAP_SUCCESS != rc) {
- DEBUG(0,("ldap_get_sid_from_gid: user search failed\n"));
- return False;
- }
-
- count = ldap_count_entries(ldap_state->ldap_struct, result);
- if (1 < count) {
- DEBUG(0,("More than one group exists where: %s\n", filter));
- ldap_msgfree(result);
- return False;
- } else if (1 == count) {
- LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct,
- result);
- pstring str_sid;
-
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "ntSid", str_sid)) {
- return False;
- }
-
- string_to_sid(sid, str_sid);
- } else {
- /* 0 entries? that ain't right */
- DEBUG(0,("ldap_get_sid_from_gid: not group entry found for %s\n", filter));
- }
-
- return True;
-}
-
-static BOOL ldap_get_gid_from_sid(DOM_SID *sid, gid_t *gid)
-{
- pstring filter;
- int scope = LDAP_SCOPE_SUBTREE;
- int rc, count;
- LDAPMessage *result;
- fstring str_sid;
-
- sid_to_string(str_sid, sid);
-
- slprintf(filter, sizeof(filter) - 1, "ntSid=%s,objectClass=sambaGroupMapping", str_sid);
-
- DEBUG(2, ("ldap_get_gid_from_sid: searching for:[%s]\n", filter));
-
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result);
- if (LDAP_NO_SUCH_OBJECT == rc) {
- LDAPMod **mods = NULL;
- pstring temp;
-
- *gid = ldap_allocate_id(False);
- slprintf(temp, sizeof(temp) - 1, "%i", *gid);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "gidNumber", temp);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "sambaGroupMapping");
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "account");
- slprintf(temp, sizeof(temp) - 1, "gidNumber=%i,%s", *gid, lp_ldap_user_suffix());
- rc = smb_ldap_modify(ldap_state, temp, mods);
-
- ldap_mods_free(mods, 1);
- if (LDAP_SUCCESS != rc) {
- return False;
- }
- } else if (LDAP_SUCCESS == rc) {
- count = ldap_count_entries(ldap_state->ldap_struct, result);
- if (1 < count) {
- DEBUG(0,("More than one group exists where: %s\n", filter));
- ldap_msgfree(result);
- return False;
- } else if (1 == count) {
- LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, result);
- pstring temp;
-
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber", temp)) {
- return False;
- }
- *gid = atol(temp);
- } else {
- DEBUG(0,("ldap_get_gid_from_sid: zero entries returned?\n"));
- return False;
- }
- } else {
- DEBUG(0,("ldap_get_gid_from_sid: unknown error querying user info\n"));
- return False;
- }
-
- return True;
-}
-
-static BOOL ldap_idmap_close(void)
-{
- smb_ldap_close(ldap_state);
- ldap_state = 0;
- return True;
-}
-
-static void ldap_idmap_status(void)
-{
- DEBUG(0, ("winbindd idmap status:\n"));
- DEBUG(0, ("Using LDAP\n"));
-}
-
-struct winbindd_idmap_methods ldap_idmap_methods = {
- ldap_idmap_init,
-
- ldap_get_sid_from_uid,
- ldap_get_sid_from_gid,
-
- ldap_get_uid_from_sid,
- ldap_get_gid_from_sid,
-
- ldap_idmap_close,
-
- ldap_idmap_status
-};
-
-#endif
-
-BOOL winbind_idmap_reg_ldap(struct winbindd_idmap_methods **meth)
-{
-#ifdef HAVE_LDAP
- *meth = &ldap_idmap_methods;
-
- return True;
-#else
- DEBUG(0,("winbind_idmap_reg_ldap: LDAP support not compiled\n"));
- return False;
-#endif
-}
diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c
index 9ec35617f1..48f528f520 100644
--- a/source3/nsswitch/winbindd_rpc.c
+++ b/source3/nsswitch/winbindd_rpc.c
@@ -3,7 +3,7 @@
Winbind rpc backend functions
- Copyright (C) Tim Potter 2000-2001,2003
+ Copyright (C) Tim Potter 2000-2001
Copyright (C) Andrew Tridgell 2001
This program is free software; you can redistribute it and/or modify
@@ -26,7 +26,6 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
-
/* Query display info for a domain. This returns enough information plus a
bit extra to give an overview of domain users for the User Manager
application. */
@@ -40,17 +39,18 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain,
POLICY_HND dom_pol;
BOOL got_dom_pol = False;
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
- unsigned int i, start_idx, retry;
+ int i, loop_count = 0;
+ int retry;
DEBUG(3,("rpc: query_user_list\n"));
*num_entries = 0;
*info = NULL;
+ /* Get sam handle */
+
retry = 0;
do {
- /* Get sam handle */
-
if (!(hnd = cm_get_sam_handle(domain->name)))
goto done;
@@ -66,39 +66,50 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain,
got_dom_pol = True;
- i = start_idx = 0;
+ i = 0;
do {
+ SAM_DISPINFO_CTR ctr;
+ SAM_DISPINFO_1 info1;
+ uint32 count = 0, start=i, max_entries, max_size;
+ int j;
TALLOC_CTX *ctx2;
- char **dom_users;
- uint32 num_dom_users, *dom_rids, j, size = 0xffff;
- uint16 acb_mask = ACB_NORMAL;
- if (!(ctx2 = talloc_init("winbindd enum_users"))) {
+ ctr.sam.info1 = &info1;
+
+ ctx2 = talloc_init("winbindd dispinfo");
+ if (!ctx2) {
result = NT_STATUS_NO_MEMORY;
goto done;
- }
+ }
+
+ get_query_dispinfo_params(
+ loop_count, &max_entries, &max_size);
- result = cli_samr_enum_dom_users(
- hnd->cli, ctx2, &dom_pol, &start_idx, acb_mask,
- size, &dom_users, &dom_rids, &num_dom_users);
+ /* Query display info level 1 */
+ result = cli_samr_query_dispinfo(
+ hnd->cli, ctx2, &dom_pol, &start, 1, &count,
+ max_entries, max_size, &ctr);
- *num_entries += num_dom_users;
+ loop_count++;
- *info = talloc_realloc(
- mem_ctx, *info,
- (*num_entries) * sizeof(WINBIND_USERINFO));
+ if (!NT_STATUS_IS_OK(result) &&
+ !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) break;
+ (*num_entries) += count;
+
+ /* now map the result into the WINBIND_USERINFO structure */
+ (*info) = talloc_realloc(mem_ctx, *info,
+ (*num_entries)*sizeof(WINBIND_USERINFO));
if (!(*info)) {
result = NT_STATUS_NO_MEMORY;
talloc_destroy(ctx2);
goto done;
}
- for (j = 0; j < num_dom_users; i++, j++) {
- (*info)[i].acct_name =
- talloc_strdup(mem_ctx, dom_users[j]);
- (*info)[i].full_name = talloc_strdup(mem_ctx, "");
- (*info)[i].user_sid = rid_to_talloced_sid(domain, mem_ctx, dom_rids[j]);
+ for (j=0;j<count;i++, j++) {
+ (*info)[i].acct_name = unistr2_tdup(mem_ctx, &info1.str[j].uni_acct_name);
+ (*info)[i].full_name = unistr2_tdup(mem_ctx, &info1.str[j].uni_full_name);
+ (*info)[i].user_rid = info1.sam[j].rid_user;
/* For the moment we set the primary group for
every user to be the Domain Users group.
There are serious problems with determining
@@ -106,14 +117,10 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain,
This should really be made into a 'winbind
force group' smb.conf parameter or
something like that. */
- (*info)[i].group_sid
- = rid_to_talloced_sid(domain,
- mem_ctx,
- DOMAIN_GROUP_RID_USERS);
+ (*info)[i].group_rid = DOMAIN_GROUP_RID_USERS;
}
talloc_destroy(ctx2);
-
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
done:
@@ -256,11 +263,11 @@ static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
/* convert a single name to a sid in a domain */
static NTSTATUS name_to_sid(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
const char *name,
DOM_SID *sid,
enum SID_NAME_USE *type)
{
+ TALLOC_CTX *mem_ctx;
CLI_POLICY_HND *hnd;
NTSTATUS status;
DOM_SID *sids = NULL;
@@ -270,16 +277,23 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain,
DEBUG(3,("rpc: name_to_sid name=%s\n", name));
+ if (!(mem_ctx = talloc_init("name_to_sid[rpc] for [%s]\\[%s]", domain->name, name))) {
+ DEBUG(0, ("talloc_init failed!\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+
full_name = talloc_asprintf(mem_ctx, "%s\\%s", domain->name, name);
if (!full_name) {
DEBUG(0, ("talloc_asprintf failed!\n"));
+ talloc_destroy(mem_ctx);
return NT_STATUS_NO_MEMORY;
}
retry = 0;
do {
if (!(hnd = cm_get_lsa_handle(domain->name))) {
+ talloc_destroy(mem_ctx);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -294,6 +308,7 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain,
*type = types[0];
}
+ talloc_destroy(mem_ctx);
return status;
}
@@ -341,22 +356,17 @@ static NTSTATUS sid_to_name(struct winbindd_domain *domain,
/* Lookup user information from a rid or username. */
static NTSTATUS query_user(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *user_sid,
+ uint32 user_rid,
WINBIND_USERINFO *user_info)
{
- CLI_POLICY_HND *hnd = NULL;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ CLI_POLICY_HND *hnd;
+ NTSTATUS result;
POLICY_HND dom_pol, user_pol;
BOOL got_dom_pol = False, got_user_pol = False;
SAM_USERINFO_CTR *ctr;
int retry;
- fstring sid_string;
- uint32 user_rid;
- DEBUG(3,("rpc: query_user rid=%s\n", sid_to_string(sid_string, user_sid)));
- if (!sid_peek_check_rid(&domain->sid, user_sid, &user_rid)) {
- goto done;
- }
+ DEBUG(3,("rpc: query_user rid=%u\n", user_rid));
retry = 0;
do {
@@ -395,8 +405,8 @@ static NTSTATUS query_user(struct winbindd_domain *domain,
cli_samr_close(hnd->cli, mem_ctx, &user_pol);
got_user_pol = False;
- user_info->user_sid = rid_to_talloced_sid(domain, mem_ctx, user_rid);
- user_info->group_sid = rid_to_talloced_sid(domain, mem_ctx, ctr->info.id21->group_rid);
+ user_info->user_rid = user_rid;
+ user_info->group_rid = ctr->info.id21->group_rid;
user_info->acct_name = unistr2_tdup(mem_ctx,
&ctr->info.id21->uni_user_name);
user_info->full_name = unistr2_tdup(mem_ctx,
@@ -416,8 +426,8 @@ static NTSTATUS query_user(struct winbindd_domain *domain,
/* Lookup groups a user is a member of. I wish Unix had a call like this! */
static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *user_sid,
- uint32 *num_groups, DOM_SID ***user_gids)
+ uint32 user_rid,
+ uint32 *num_groups, uint32 **user_gids)
{
CLI_POLICY_HND *hnd;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
@@ -425,17 +435,15 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
BOOL got_dom_pol = False, got_user_pol = False;
DOM_GID *user_groups;
- unsigned int i;
- unsigned int retry;
- fstring sid_string;
- uint32 user_rid;
+ int i;
+ int retry;
- DEBUG(3,("rpc: lookup_usergroups sid=%s\n", sid_to_string(sid_string, user_sid)));
+ DEBUG(3,("rpc: lookup_usergroups rid=%u\n", user_rid));
*num_groups = 0;
/* First try cached universal groups from logon */
- *user_gids = uni_group_cache_fetch(&domain->sid, user_sid, mem_ctx, num_groups);
+ *user_gids = uni_group_cache_fetch(&domain->sid, user_rid, mem_ctx, num_groups);
if((*num_groups > 0) && *user_gids) {
return NT_STATUS_OK;
} else {
@@ -451,7 +459,7 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
/* Get domain handle */
result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol,
- des_access, &domain->sid, &dom_pol);
+ des_access, &domain->sid, &dom_pol);
} while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && hnd && hnd->cli && hnd->cli->fd == -1);
if (!NT_STATUS_IS_OK(result))
@@ -459,11 +467,6 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
got_dom_pol = True;
-
- if (!sid_peek_check_rid(&domain->sid, user_sid, &user_rid)) {
- goto done;
- }
-
/* Get user handle */
result = cli_samr_open_user(hnd->cli, mem_ctx, &dom_pol,
des_access, user_rid, &user_pol);
@@ -481,13 +484,8 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
goto done;
(*user_gids) = talloc(mem_ctx, sizeof(uint32) * (*num_groups));
- if (!(*user_gids)) {
- result = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
for (i=0;i<(*num_groups);i++) {
- (*user_gids)[i] = rid_to_talloced_sid(domain, mem_ctx, user_groups[i].g_rid);
+ (*user_gids)[i] = user_groups[i].g_rid;
}
done:
@@ -505,27 +503,19 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
/* Lookup group membership given a rid. */
static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- DOM_SID *group_sid, uint32 *num_names,
- DOM_SID ***sid_mem, char ***names,
+ uint32 group_rid, uint32 *num_names,
+ uint32 **rid_mem, char ***names,
uint32 **name_types)
{
- CLI_POLICY_HND *hnd = NULL;
+ CLI_POLICY_HND *hnd;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 i, total_names = 0;
POLICY_HND dom_pol, group_pol;
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
BOOL got_dom_pol = False, got_group_pol = False;
- uint32 *rid_mem = NULL;
- uint32 group_rid;
int retry;
- unsigned int j;
- fstring sid_string;
- DEBUG(10,("rpc: lookup_groupmem %s sid=%s\n", domain->name, sid_to_string(sid_string, group_sid)));
-
- if (!sid_peek_check_rid(&domain->sid, group_sid, &group_rid)) {
- goto done;
- }
+ DEBUG(10,("rpc: lookup_groupmem %s rid=%u\n", domain->name, group_rid));
*num_names = 0;
@@ -560,7 +550,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
group. */
result = cli_samr_query_groupmem(hnd->cli, mem_ctx,
- &group_pol, num_names, &rid_mem,
+ &group_pol, num_names, rid_mem,
name_types);
if (!NT_STATUS_IS_OK(result))
@@ -575,16 +565,6 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
*names = talloc_zero(mem_ctx, *num_names * sizeof(char *));
*name_types = talloc_zero(mem_ctx, *num_names * sizeof(uint32));
- *sid_mem = talloc_zero(mem_ctx, *num_names * sizeof(DOM_SID *));
-
- for (j=0;j<(*num_names);j++) {
- (*sid_mem)[j] = rid_to_talloced_sid(domain, mem_ctx, (rid_mem)[j]);
- }
-
- if (!*names || !*name_types) {
- result = NT_STATUS_NO_MEMORY;
- goto done;
- }
for (i = 0; i < *num_names; i += MAX_LOOKUP_RIDS) {
int num_lookup_rids = MIN(*num_names - i, MAX_LOOKUP_RIDS);
@@ -597,7 +577,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
result = cli_samr_lookup_rids(hnd->cli, mem_ctx,
&dom_pol, 1000, /* flags */
num_lookup_rids,
- &rid_mem[i],
+ &(*rid_mem)[i],
&tmp_num_names,
&tmp_names, &tmp_types);
@@ -612,7 +592,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
memcpy(&(*name_types)[i], tmp_types, sizeof(uint32) *
tmp_num_names);
-
+
total_names += tmp_num_names;
}
diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c
index d2bd231918..6c544d7cf2 100644
--- a/source3/nsswitch/winbindd_user.c
+++ b/source3/nsswitch/winbindd_user.c
@@ -29,30 +29,29 @@
/* Fill a pwent structure with information we have obtained */
static BOOL winbindd_fill_pwent(char *dom_name, char *user_name,
- DOM_SID *user_sid, DOM_SID *group_sid,
+ uint32 user_rid, uint32 group_rid,
char *full_name, struct winbindd_pw *pw)
{
extern userdom_struct current_user_info;
fstring output_username;
pstring homedir;
- fstring sid_string;
if (!pw || !dom_name || !user_name)
return False;
/* Resolve the uid number */
- if (!winbindd_idmap_get_uid_from_sid(user_sid,
+ if (!winbindd_idmap_get_uid_from_rid(dom_name, user_rid,
&pw->pw_uid)) {
- DEBUG(1, ("error getting user id for sid %s\n", sid_to_string(sid_string, user_sid)));
+ DEBUG(1, ("error getting user id for rid %d\n", user_rid));
return False;
}
/* Resolve the gid number */
- if (!winbindd_idmap_get_gid_from_sid(group_sid,
+ if (!winbindd_idmap_get_gid_from_rid(dom_name, group_rid,
&pw->pw_gid)) {
- DEBUG(1, ("error getting group id for sid %s\n", sid_to_string(sid_string, group_sid)));
+ DEBUG(1, ("error getting group id for rid %d\n", group_rid));
return False;
}
@@ -96,6 +95,7 @@ static BOOL winbindd_fill_pwent(char *dom_name, char *user_name,
enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state)
{
+ uint32 user_rid;
WINBIND_USERINFO user_info;
DOM_SID user_sid;
NTSTATUS status;
@@ -144,7 +144,9 @@ enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state)
return WINBINDD_ERROR;
}
- status = domain->methods->query_user(domain, mem_ctx, &user_sid,
+ sid_split_rid(&user_sid, &user_rid);
+
+ status = domain->methods->query_user(domain, mem_ctx, user_rid,
&user_info);
if (!NT_STATUS_IS_OK(status)) {
@@ -156,7 +158,7 @@ enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state)
/* Now take all this information and fill in a passwd structure */
if (!winbindd_fill_pwent(name_domain, name_user,
- user_info.user_sid, user_info.group_sid,
+ user_rid, user_info.group_rid,
user_info.full_name,
&state->response.data.pw)) {
talloc_destroy(mem_ctx);
@@ -174,6 +176,7 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state)
{
DOM_SID user_sid;
struct winbindd_domain *domain;
+ uint32 user_rid;
fstring dom_name;
fstring user_name;
enum SID_NAME_USE name_type;
@@ -193,15 +196,18 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state)
/* Get rid from uid */
- if (!winbindd_idmap_get_sid_from_uid(state->request.data.uid,
- &user_sid)) {
- DEBUG(1, ("could not convert uid %d to SID\n",
+ if (!winbindd_idmap_get_rid_from_uid(state->request.data.uid,
+ &user_rid, &domain)) {
+ DEBUG(1, ("could not convert uid %d to rid\n",
state->request.data.uid));
return WINBINDD_ERROR;
}
/* Get name and name type from rid */
+ sid_copy(&user_sid, &domain->sid);
+ sid_append_rid(&user_sid, user_rid);
+
if (!winbindd_lookup_name_by_sid(&user_sid, dom_name, user_name, &name_type)) {
fstring temp;
@@ -210,13 +216,6 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state)
return WINBINDD_ERROR;
}
- domain = find_domain_from_sid(&user_sid);
-
- if (!domain) {
- DEBUG(1,("Can't find domain from sid\n"));
- return WINBINDD_ERROR;
- }
-
/* Get some user info */
if (!(mem_ctx = talloc_init("winbind_getpwuid(%d)",
@@ -226,7 +225,7 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state)
return WINBINDD_ERROR;
}
- status = domain->methods->query_user(domain, mem_ctx, &user_sid,
+ status = domain->methods->query_user(domain, mem_ctx, user_rid,
&user_info);
if (!NT_STATUS_IS_OK(status)) {
@@ -238,7 +237,7 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state)
/* Resolve gid number */
- if (!winbindd_idmap_get_gid_from_sid(user_info.group_sid, &gid)) {
+ if (!winbindd_idmap_get_gid_from_rid(domain->name, user_info.group_rid, &gid)) {
DEBUG(1, ("error getting group id for user %s\n", user_name));
talloc_destroy(mem_ctx);
return WINBINDD_ERROR;
@@ -246,8 +245,7 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state)
/* Fill in password structure */
- if (!winbindd_fill_pwent(domain->name, user_name, user_info.user_sid,
- user_info.group_sid,
+ if (!winbindd_fill_pwent(domain->name, user_name, user_rid, user_info.group_rid,
user_info.full_name, &state->response.data.pw)) {
talloc_destroy(mem_ctx);
return WINBINDD_ERROR;
@@ -334,13 +332,13 @@ static BOOL get_sam_user_entries(struct getent_state *ent)
TALLOC_CTX *mem_ctx;
struct winbindd_domain *domain;
struct winbindd_methods *methods;
- unsigned int i;
+ int i;
if (ent->num_sam_entries)
return False;
if (!(mem_ctx = talloc_init("get_sam_user_entries(%s)",
- ent->domain_name)))
+ ent->domain_name)))
return False;
if (!(domain = find_domain_from_name(ent->domain_name))) {
@@ -395,8 +393,8 @@ static BOOL get_sam_user_entries(struct getent_state *ent)
}
/* User and group ids */
- sid_copy(&name_list[ent->num_sam_entries+i].user_sid, info[i].user_sid);
- sid_copy(&name_list[ent->num_sam_entries+i].group_sid, info[i].group_sid);
+ name_list[ent->num_sam_entries+i].user_rid = info[i].user_rid;
+ name_list[ent->num_sam_entries+i].group_rid = info[i].group_rid;
}
ent->num_sam_entries += num_entries;
@@ -493,8 +491,8 @@ enum winbindd_result winbindd_getpwent(struct winbindd_cli_state *state)
result = winbindd_fill_pwent(
ent->domain_name,
name_list[ent->sam_entry_index].name,
- &name_list[ent->sam_entry_index].user_sid,
- &name_list[ent->sam_entry_index].group_sid,
+ name_list[ent->sam_entry_index].user_rid,
+ name_list[ent->sam_entry_index].group_rid,
name_list[ent->sam_entry_index].gecos,
&user_list[user_list_ndx]);
@@ -541,7 +539,7 @@ enum winbindd_result winbindd_list_users(struct winbindd_cli_state *state)
for (domain = domain_list(); domain; domain = domain->next) {
NTSTATUS status;
struct winbindd_methods *methods;
- unsigned int i;
+ int i;
methods = domain->methods;
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index ac0b317b42..262d862b8a 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -179,7 +179,7 @@ void rescan_trusted_domains(BOOL force)
int i;
result = domain->methods->trusted_domains(domain, mem_ctx, &num_domains,
- &names, &alt_names, &dom_sids);
+ &names, &alt_names, &dom_sids);
if (!NT_STATUS_IS_OK(result)) {
continue;
}
@@ -188,12 +188,9 @@ void rescan_trusted_domains(BOOL force)
the access methods of its parent */
for(i = 0; i < num_domains; i++) {
DEBUG(10,("Found domain %s\n", names[i]));
- add_trusted_domain(names[i], alt_names?alt_names[i]:NULL,
- domain->methods, &dom_sids[i]);
-
- /* store trusted domain in the cache */
- trustdom_cache_store(names[i], alt_names ? alt_names[i] : NULL,
- &dom_sids[i], t + WINBINDD_RESCAN_FREQ);
+ add_trusted_domain(names[i],
+ alt_names?alt_names[i]:NULL,
+ domain->methods, &dom_sids[i]);
}
}
@@ -271,20 +268,14 @@ BOOL winbindd_lookup_sid_by_name(struct winbindd_domain *domain,
enum SID_NAME_USE *type)
{
NTSTATUS result;
- TALLOC_CTX *mem_ctx;
+
/* Don't bother with machine accounts */
-
+
if (name[strlen(name) - 1] == '$')
return False;
- mem_ctx = talloc_init("lookup_sid_by_name for %s\n", name);
- if (!mem_ctx)
- return False;
-
/* Lookup name */
- result = domain->methods->name_to_sid(domain, mem_ctx, name, sid, type);
-
- talloc_destroy(mem_ctx);
+ result = domain->methods->name_to_sid(domain, name, sid, type);
/* Return rid and type if lookup successful */
if (!NT_STATUS_IS_OK(result)) {
@@ -380,12 +371,12 @@ BOOL winbindd_param_init(void)
{
/* Parse winbind uid and winbind_gid parameters */
- if (!lp_idmap_uid(&server_state.uid_low, &server_state.uid_high)) {
+ if (!lp_winbind_uid(&server_state.uid_low, &server_state.uid_high)) {
DEBUG(0, ("winbind uid range missing or invalid\n"));
return False;
}
- if (!lp_idmap_gid(&server_state.gid_low, &server_state.gid_high)) {
+ if (!lp_winbind_gid(&server_state.gid_low, &server_state.gid_high)) {
DEBUG(0, ("winbind gid range missing or invalid\n"));
return False;
}
@@ -558,20 +549,3 @@ int winbindd_num_clients(void)
{
return _num_clients;
}
-
-/* Help with RID -> SID conversion */
-
-DOM_SID *rid_to_talloced_sid(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- uint32 rid)
-{
- DOM_SID *sid;
- sid = talloc(mem_ctx, sizeof(*sid));
- if (!sid) {
- smb_panic("rid_to_to_talloced_sid: talloc for DOM_SID failed!\n");
- }
- sid_copy(sid, &domain->sid);
- sid_append_rid(sid, rid);
- return sid;
-}
-
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 4394c4df1a..821216837e 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -8,7 +8,6 @@
Copyright (C) Simo Sorce 2001
Copyright (C) Alexander Bokovoy 2002
Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Anthony Liguori 2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -82,13 +81,6 @@ extern int extra_time_offset;
static BOOL defaults_saved = False;
-typedef struct _param_opt_struct param_opt_struct;
-struct _param_opt_struct {
- param_opt_struct *prev, *next;
- char *key;
- char *value;
-};
-
/*
* This structure describes global (ie., server-wide) parameters.
*/
@@ -120,6 +112,7 @@ typedef struct
char *szPrivateDir;
char **szPassdbBackend;
char **szPreloadModules;
+ char **szSamBackend;
char *szPasswordServer;
char *szSocketOptions;
char *szRealm;
@@ -161,18 +154,16 @@ typedef struct
BOOL bUtmp;
#endif
char *szSourceEnv;
- char *szIdmapUID;
- char *szIdmapGID;
+ char *szWinbindUID;
+ char *szWinbindGID;
char *szNonUnixAccountRange;
- int AlgorithmicRidBase;
+ BOOL bAlgorithmicRidBase;
char *szTemplateHomedir;
char *szTemplateShell;
char *szWinbindSeparator;
BOOL bWinbindEnumUsers;
BOOL bWinbindEnumGroups;
BOOL bWinbindUseDefaultDomain;
- char *szWinbindBackend;
- char *szIdmapBackend;
char *szAddShareCommand;
char *szChangeShareCommand;
char *szDeleteShareCommand;
@@ -287,7 +278,6 @@ typedef struct
int restrict_anonymous;
int name_cache_timeout;
BOOL client_signing;
- param_opt_struct *param_opt;
}
global;
@@ -410,7 +400,6 @@ typedef struct
BOOL bNTAclSupport;
BOOL bUseSendfile;
BOOL bProfileAcls;
- param_opt_struct *param_opt;
char dummy[3]; /* for alignment */
}
@@ -531,8 +520,6 @@ static service sDefault = {
True, /* bNTAclSupport */
False, /* bUseSendfile */
False, /* bProfileAcls */
-
- NULL, /* Parametric options */
"" /* dummy */
};
@@ -551,10 +538,11 @@ static int default_server_announce;
/* prototypes for the special type handlers */
static BOOL handle_include(const char *pszParmValue, char **ptr);
static BOOL handle_copy(const char *pszParmValue, char **ptr);
+static BOOL handle_vfs_object(const char *pszParmValue, char **ptr);
static BOOL handle_source_env(const char *pszParmValue, char **ptr);
static BOOL handle_netbios_name(const char *pszParmValue, char **ptr);
-static BOOL handle_idmap_uid(const char *pszParmValue, char **ptr);
-static BOOL handle_idmap_gid(const char *pszParmValue, char **ptr);
+static BOOL handle_winbind_uid(const char *pszParmValue, char **ptr);
+static BOOL handle_winbind_gid(const char *pszParmValue, char **ptr);
static BOOL handle_non_unix_account_range(const char *pszParmValue, char **ptr);
static BOOL handle_debug_list( const char *pszParmValue, char **ptr );
static BOOL handle_workgroup( const char *pszParmValue, char **ptr );
@@ -755,7 +743,6 @@ static struct parm_struct parm_table[] = {
{"server schannel", P_ENUM, P_GLOBAL, &Globals.serverSchannel, NULL, enum_bool_auto, FLAG_BASIC},
{"allow trusted domains", P_BOOL, P_GLOBAL, &Globals.bAllowTrustedDomains, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"hosts equiv", P_STRING, P_GLOBAL, &Globals.szHostsEquiv, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
- {"idmap backend", P_STRING, P_GLOBAL, &Globals.szIdmapBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"min passwd length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"min password length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"map to guest", P_ENUM, P_GLOBAL, &Globals.map_to_guest, NULL, enum_map_to_guest, FLAG_ADVANCED | FLAG_DEVELOPER},
@@ -764,9 +751,9 @@ static struct parm_struct parm_table[] = {
{"password server", P_STRING, P_GLOBAL, &Globals.szPasswordServer, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD | FLAG_DEVELOPER},
{"smb passwd file", P_STRING, P_GLOBAL, &Globals.szSMBPasswdFile, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
- {"passdb backend", P_LIST, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+ {"passdb backend", P_LIST, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD | FLAG_DEVELOPER},
{"non unix account range", P_STRING, P_GLOBAL, &Globals.szNonUnixAccountRange, handle_non_unix_account_range, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
- {"algorithmic rid base", P_INTEGER, P_GLOBAL, &Globals.AlgorithmicRidBase, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+ {"algorithmic rid base", P_INTEGER, P_GLOBAL, &Globals.bAlgorithmicRidBase, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"root directory", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"root dir", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"root", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_HIDE | FLAG_DEVELOPER},
@@ -776,7 +763,7 @@ static struct parm_struct parm_table[] = {
{"passwd program", P_STRING, P_GLOBAL, &Globals.szPasswdProgram, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"passwd chat", P_STRING, P_GLOBAL, &Globals.szPasswdChat, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"passwd chat debug", P_BOOL, P_GLOBAL, &Globals.bPasswdChatDebug, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
- {"username map", P_STRING, P_GLOBAL, &Globals.szUsernameMap, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+ {"username map", P_STRING, P_GLOBAL, &Globals.szUsernameMap, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER | FLAG_DEVELOPER},
{"password level", P_INTEGER, P_GLOBAL, &Globals.pwordlevel, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"username level", P_INTEGER, P_GLOBAL, &Globals.unamelevel, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"unix password sync", P_BOOL, P_GLOBAL, &Globals.bUnixPasswdSync, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
@@ -806,12 +793,12 @@ static struct parm_struct parm_table[] = {
{"writable", P_BOOLREV, P_LOCAL, &sDefault.bRead_only, NULL, NULL, FLAG_HIDE},
{"create mask", P_OCTAL, P_LOCAL, &sDefault.iCreate_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
- {"create mode", P_OCTAL, P_LOCAL, &sDefault.iCreate_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
+ {"create mode", P_OCTAL, P_LOCAL, &sDefault.iCreate_mask, NULL, NULL, FLAG_GLOBAL},
{"force create mode", P_OCTAL, P_LOCAL, &sDefault.iCreate_force_mode, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
{"security mask", P_OCTAL, P_LOCAL, &sDefault.iSecurity_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
{"force security mode", P_OCTAL, P_LOCAL, &sDefault.iSecurity_force_mode, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
{"directory mask", P_OCTAL, P_LOCAL, &sDefault.iDir_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
- {"directory mode", P_OCTAL, P_LOCAL, &sDefault.iDir_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
+ {"directory mode", P_OCTAL, P_LOCAL, &sDefault.iDir_mask, NULL, NULL, FLAG_GLOBAL},
{"force directory mode", P_OCTAL, P_LOCAL, &sDefault.iDir_force_mode, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
{"directory security mask", P_OCTAL, P_LOCAL, &sDefault.iDir_Security_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
{"force directory security mode", P_OCTAL, P_LOCAL, &sDefault.iDir_Security_force_mode, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
@@ -1108,7 +1095,7 @@ static struct parm_struct parm_table[] = {
{"VFS module options", P_SEP, P_SEPARATOR},
- {"vfs object", P_LIST, P_LOCAL, &sDefault.szVfsObjectFile, NULL, NULL, FLAG_SHARE},
+ {"vfs object", P_STRING, P_LOCAL, &sDefault.szVfsObjectFile, handle_vfs_object, NULL, FLAG_SHARE},
{"vfs options", P_STRING, P_LOCAL, &sDefault.szVfsOptions, NULL, NULL, FLAG_SHARE},
{"vfs path", P_STRING, P_LOCAL, &sDefault.szVfsPath, NULL, NULL, FLAG_SHARE},
@@ -1119,10 +1106,8 @@ static struct parm_struct parm_table[] = {
{"Winbind options", P_SEP, P_SEPARATOR},
- {"idmap uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
- {"winbind uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER | FLAG_HIDE},
- {"idmap gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
- {"winbind gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER | FLAG_HIDE},
+ {"winbind uid", P_STRING, P_GLOBAL, &Globals.szWinbindUID, handle_winbind_uid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+ {"winbind gid", P_STRING, P_GLOBAL, &Globals.szWinbindGID, handle_winbind_gid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"template homedir", P_STRING, P_GLOBAL, &Globals.szTemplateHomedir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"template shell", P_STRING, P_GLOBAL, &Globals.szTemplateShell, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"winbind separator", P_STRING, P_GLOBAL, &Globals.szWinbindSeparator, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
@@ -1130,7 +1115,6 @@ static struct parm_struct parm_table[] = {
{"winbind enum users", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumUsers, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"winbind enum groups", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumGroups, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"winbind use default domain", P_BOOL, P_GLOBAL, &Globals.bWinbindUseDefaultDomain, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
- {"winbind backend", P_STRING, P_GLOBAL, &Globals.szWinbindBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0}
};
@@ -1330,7 +1314,7 @@ static void init_globals(void)
string_set(&Globals.szNameResolveOrder, "lmhosts wins host bcast");
string_set(&Globals.szPasswordServer, "*");
- Globals.AlgorithmicRidBase = BASE_RID;
+ Globals.bAlgorithmicRidBase = BASE_RID;
Globals.bLoadPrinters = True;
Globals.mangled_stack = 50;
@@ -1477,8 +1461,6 @@ static void init_globals(void)
Globals.bWinbindEnumGroups = True;
Globals.bWinbindUseDefaultDomain = False;
- string_set(&Globals.szWinbindBackend, "tdb");
-
Globals.name_cache_timeout = 660; /* In seconds */
Globals.bUseSpnego = True;
@@ -1529,9 +1511,6 @@ static char *lp_string(const char *s)
if (!ret)
return NULL;
- /* Note: StrnCpy touches len+1 bytes, but we allocate 100
- * extra bytes so we're OK. */
-
if (!s)
*ret = 0;
else
@@ -1653,9 +1632,6 @@ FN_GLOBAL_STRING(lp_acl_compatibility, &Globals.szAclCompat)
FN_GLOBAL_BOOL(lp_winbind_enum_users, &Globals.bWinbindEnumUsers)
FN_GLOBAL_BOOL(lp_winbind_enum_groups, &Globals.bWinbindEnumGroups)
FN_GLOBAL_BOOL(lp_winbind_use_default_domain, &Globals.bWinbindUseDefaultDomain)
-FN_GLOBAL_STRING(lp_winbind_backend, &Globals.szWinbindBackend)
-
-FN_GLOBAL_STRING(lp_idmap_backend, &Globals.szIdmapBackend)
#ifdef WITH_LDAP_SAMCONFIG
FN_GLOBAL_STRING(lp_ldap_server, &Globals.szLdapServer)
@@ -1791,7 +1767,7 @@ FN_LOCAL_LIST(lp_readlist, readlist)
FN_LOCAL_LIST(lp_writelist, writelist)
FN_LOCAL_LIST(lp_printer_admin, printer_admin)
FN_LOCAL_STRING(lp_fstype, fstype)
-FN_LOCAL_LIST(lp_vfsobj, szVfsObjectFile)
+FN_LOCAL_STRING(lp_vfsobj, szVfsObjectFile)
FN_LOCAL_STRING(lp_vfs_options, szVfsOptions)
FN_LOCAL_STRING(lp_vfs_path, szVfsPath)
FN_LOCAL_STRING(lp_msdfs_proxy, szMSDfsProxy)
@@ -1869,10 +1845,53 @@ FN_LOCAL_INTEGER(lp_block_size, iBlock_size)
FN_LOCAL_CHAR(lp_magicchar, magic_char)
FN_GLOBAL_INTEGER(lp_winbind_cache_time, &Globals.winbind_cache_time)
FN_GLOBAL_BOOL(lp_hide_local_users, &Globals.bHideLocalUsers)
-FN_GLOBAL_INTEGER(lp_algorithmic_rid_base, &Globals.AlgorithmicRidBase)
+FN_GLOBAL_BOOL(lp_algorithmic_rid_base, &Globals.bAlgorithmicRidBase)
FN_GLOBAL_INTEGER(lp_name_cache_timeout, &Globals.name_cache_timeout)
FN_GLOBAL_BOOL(lp_client_signing, &Globals.client_signing)
+typedef struct _param_opt_struct param_opt_struct;
+struct _param_opt_struct {
+ char *key;
+ char *value;
+ param_opt_struct *prev, *next;
+};
+
+static param_opt_struct *param_opt = NULL;
+
+/* Return parametric option from given service. Type is a part of option before ':' */
+/* Parametric option has following syntax: 'Type: option = value' */
+/* Returned value is allocated in 'lp_talloc' context */
+
+char *lp_parm_string(const char *servicename, const char *type, const char *option)
+{
+ param_opt_struct *data;
+ pstring vfskey;
+
+ if (param_opt != NULL) {
+ ZERO_STRUCT(vfskey);
+ pstr_sprintf(vfskey, "%s:%s:%s", (servicename==NULL) ? "global" : servicename,
+ type, option);
+ data = param_opt;
+ while (data) {
+ if (strcmp(data->key, vfskey) == 0) {
+ return lp_string(data->value);
+ }
+ data = data->next;
+ }
+ /* Try to fetch the same option but from globals */
+ pstr_sprintf(vfskey, "global:%s:%s", type, option);
+ data = param_opt;
+ while (data) {
+ if (strcmp(data->key, vfskey) == 0) {
+ return lp_string(data->value);
+ }
+ data = data->next;
+ }
+
+ }
+ return NULL;
+}
+
/* local prototypes */
static int map_parameter(const char *pszParmName);
@@ -1886,198 +1905,6 @@ static BOOL do_parameter(const char *pszParmName, const char *pszParmValue);
static BOOL do_section(const char *pszSectionName);
static void init_copymap(service * pservice);
-/* This is a helper function for parametrical options support. */
-/* It returns a pointer to parametrical option value if it exists or NULL otherwise */
-/* Actual parametrical functions are quite simple */
-static const char *get_parametrics(int lookup_service, const char *type, const char *option)
-{
- char* vfskey;
- param_opt_struct *data;
-
- if (lookup_service >= iNumServices) return NULL;
-
- data = (lookup_service < 0) ?
- Globals.param_opt : ServicePtrs[lookup_service]->param_opt;
-
- asprintf(&vfskey, "%s:%s", type, option);
- while (data) {
- if (strcmp(data->key, vfskey) == 0) {
- string_free(&vfskey);
- return data->value;
- }
- data = data->next;
- }
-
- if (lookup_service >= 0) {
- /* Try to fetch the same option but from globals */
- /* but only if we are not already working with Globals */
- data = Globals.param_opt;
- while (data) {
- if (strcmp(data->key, vfskey) == 0) {
- string_free(&vfskey);
- return data->value;
- }
- data = data->next;
- }
- }
-
- string_free(&vfskey);
-
- return NULL;
-}
-
-
-/*******************************************************************
-convenience routine to return int parameters.
-********************************************************************/
-static int lp_int(const char *s)
-{
-
- if (!s) {
- DEBUG(0,("lp_int(%s): is called with NULL!\n",s));
- return (-1);
- }
-
- return atoi(s);
-}
-
-/*******************************************************************
-convenience routine to return unsigned long parameters.
-********************************************************************/
-static int lp_ulong(const char *s)
-{
-
- if (!s) {
- DEBUG(0,("lp_int(%s): is called with NULL!\n",s));
- return (-1);
- }
-
- return strtoul(s, NULL, 10);
-}
-
-/*******************************************************************
-convenience routine to return boolean parameters.
-********************************************************************/
-static BOOL lp_bool(const char *s)
-{
- BOOL ret = False;
-
- if (!s) {
- DEBUG(0,("lp_bool(%s): is called with NULL!\n",s));
- return False;
- }
-
- if (!set_boolean(&ret,s)) {
- DEBUG(0,("lp_bool(%s): value is not boolean!\n",s));
- return False;
- }
-
- return ret;
-}
-
-/*******************************************************************
-convenience routine to return enum parameters.
-********************************************************************/
-static int lp_enum(const char *s,const struct enum_list *_enum)
-{
- int i;
-
- if (!s || !_enum) {
- DEBUG(0,("lp_enum(%s,enum): is called with NULL!\n",s));
- return False;
- }
-
- for (i=0; _enum[i].name; i++) {
- if (strcasecmp(_enum[i].name,s)==0)
- return _enum[i].value;
- }
-
- DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
- return (-1);
-}
-
-/* Return parametric option from a given service. Type is a part of option before ':' */
-/* Parametric option has following syntax: 'Type: option = value' */
-/* Returned value is allocated in 'lp_talloc' context */
-
-char *lp_parm_string(int lookup_service, const char *type, const char *option)
-{
- const char *value = get_parametrics(lookup_service, type, option);
-
- if (value)
- return lp_string(value);
-
- return NULL;
-}
-
-/* Return parametric option from a given service. Type is a part of option before ':' */
-/* Parametric option has following syntax: 'Type: option = value' */
-/* Returned value is allocated in 'lp_talloc' context */
-
-char **lp_parm_string_list(int lookup_service, const char *type, const char *option,
- const char *separator)
-{
- const char *value = get_parametrics(lookup_service, type, option);
-
- if (value)
- return str_list_make(value, separator);
-
- return NULL;
-}
-
-/* Return parametric option from a given service. Type is a part of option before ':' */
-/* Parametric option has following syntax: 'Type: option = value' */
-
-int lp_parm_int(int lookup_service, const char *type, const char *option)
-{
- const char *value = get_parametrics(lookup_service, type, option);
-
- if (value)
- return lp_int(value);
-
- return (-1);
-}
-
-/* Return parametric option from a given service. Type is a part of option before ':' */
-/* Parametric option has following syntax: 'Type: option = value' */
-
-unsigned long lp_parm_ulong(int lookup_service, const char *type, const char *option)
-{
- const char *value = get_parametrics(lookup_service, type, option);
-
- if (value)
- return lp_ulong(value);
-
- return (0);
-}
-
-/* Return parametric option from a given service. Type is a part of option before ':' */
-/* Parametric option has following syntax: 'Type: option = value' */
-
-BOOL lp_parm_bool(int lookup_service, const char *type, const char *option)
-{
- const char *value = get_parametrics(lookup_service, type, option);
-
- if (value)
- return lp_bool(value);
-
- return False;
-}
-
-/* Return parametric option from a given service. Type is a part of option before ':' */
-/* Parametric option has following syntax: 'Type: option = value' */
-
-int lp_parm_enum(int lookup_service, const char *type, const char *option,
- const struct enum_list *_enum)
-{
- const char *value = get_parametrics(lookup_service, type, option);
-
- if (value)
- return lp_enum(value, _enum);
-
- return (-1);
-}
-
/***************************************************************************
Initialise a service to the defaults.
@@ -2096,7 +1923,6 @@ static void init_service(service * pservice)
static void free_service(service *pservice)
{
int i;
- param_opt_struct *data, *pdata;
if (!pservice)
return;
@@ -2121,16 +1947,6 @@ static void free_service(service *pservice)
PTR_DIFF(parm_table[i].ptr, &sDefault)));
}
- DEBUG(5,("Freeing parametrics:\n"));
- data = pservice->param_opt;
- while (data) {
- DEBUG(5,("[%s = %s]\n", data->key, data->value));
- string_free(&data->key);
- string_free(&data->value);
- pdata = data->next;
- SAFE_FREE(data);
- data = pdata;
- }
ZERO_STRUCTP(pservice);
}
@@ -2145,27 +1961,14 @@ static int add_a_service(const service *pservice, const char *name)
int i;
service tservice;
int num_to_alloc = iNumServices + 1;
- param_opt_struct *data, *pdata;
tservice = *pservice;
/* it might already exist */
if (name) {
i = getservicebyname(name, NULL);
- if (i >= 0) {
- /* Clean all parametric options for service */
- /* They will be added during parsing again */
- data = ServicePtrs[i]->param_opt;
- while (data) {
- string_free(&data->key);
- string_free(&data->value);
- pdata = data->next;
- SAFE_FREE(data);
- data = pdata;
- }
- ServicePtrs[i]->param_opt = NULL;
+ if (i >= 0)
return (i);
- }
}
/* find an invalid one */
@@ -2408,8 +2211,6 @@ static void copy_service(service * pserviceDest, service * pserviceSource, BOOL
{
int i;
BOOL bcopyall = (pcopymapDest == NULL);
- param_opt_struct *data, *pdata, *paramo;
- BOOL not_added;
for (i = 0; parm_table[i].label; i++)
if (parm_table[i].ptr && parm_table[i].class == P_LOCAL &&
@@ -2463,30 +2264,6 @@ static void copy_service(service * pserviceDest, service * pserviceSource, BOOL
(void *)pserviceSource->copymap,
sizeof(BOOL) * NUMPARAMETERS);
}
-
- data = pserviceSource->param_opt;
- while (data) {
- not_added = True;
- pdata = pserviceDest->param_opt;
- /* Traverse destination */
- while (pdata) {
- /* If we already have same option, override it */
- if (strcmp(pdata->key, data->key) == 0) {
- string_free(&pdata->value);
- pdata->value = strdup(data->value);
- not_added = False;
- break;
- }
- pdata = pdata->next;
- }
- if (not_added) {
- paramo = smb_xmalloc(sizeof(param_opt_struct));
- paramo->key = strdup(data->key);
- paramo->value = strdup(data->value);
- DLIST_ADD(pserviceDest->param_opt, paramo);
- }
- data = data->next;
- }
}
/***************************************************************************
@@ -2756,6 +2533,22 @@ static BOOL handle_source_env(const char *pszParmValue, char **ptr)
}
/***************************************************************************
+ Handle the interpretation of the vfs object parameter.
+*************************************************************************/
+
+static BOOL handle_vfs_object(const char *pszParmValue, char **ptr)
+{
+ /* Set string value */
+
+ string_set(ptr, pszParmValue);
+
+ /* Do any other initialisation required for vfs. Note that
+ anything done here may have linking repercussions in nmbd. */
+
+ return True;
+}
+
+/***************************************************************************
Handle the include operation.
***************************************************************************/
@@ -2815,49 +2608,49 @@ static BOOL handle_copy(const char *pszParmValue, char **ptr)
}
/***************************************************************************
- Handle idmap/non unix account uid and gid allocation parameters. The format of these
+ Handle winbind/non unix account uid and gid allocation parameters. The format of these
parameters is:
[global]
- idmap uid = 1000-1999
- idmap gid = 700-899
+ winbind uid = 1000-1999
+ winbind gid = 700-899
We only do simple parsing checks here. The strings are parsed into useful
- structures in the idmap daemon code.
+ structures in the winbind daemon code.
***************************************************************************/
-/* Some lp_ routines to return idmap [ug]id information */
+/* Some lp_ routines to return winbind [ug]id information */
-static uid_t idmap_uid_low, idmap_uid_high;
-static gid_t idmap_gid_low, idmap_gid_high;
+static uid_t winbind_uid_low, winbind_uid_high;
+static gid_t winbind_gid_low, winbind_gid_high;
static uint32 non_unix_account_low, non_unix_account_high;
-BOOL lp_idmap_uid(uid_t *low, uid_t *high)
+BOOL lp_winbind_uid(uid_t *low, uid_t *high)
{
- if (idmap_uid_low == 0 || idmap_uid_high == 0)
+ if (winbind_uid_low == 0 || winbind_uid_high == 0)
return False;
if (low)
- *low = idmap_uid_low;
+ *low = winbind_uid_low;
if (high)
- *high = idmap_uid_high;
+ *high = winbind_uid_high;
return True;
}
-BOOL lp_idmap_gid(gid_t *low, gid_t *high)
+BOOL lp_winbind_gid(gid_t *low, gid_t *high)
{
- if (idmap_gid_low == 0 || idmap_gid_high == 0)
+ if (winbind_gid_low == 0 || winbind_gid_high == 0)
return False;
if (low)
- *low = idmap_gid_low;
+ *low = winbind_gid_low;
if (high)
- *high = idmap_gid_high;
+ *high = winbind_gid_high;
return True;
}
@@ -2876,9 +2669,9 @@ BOOL lp_non_unix_account_range(uint32 *low, uint32 *high)
return True;
}
-/* Do some simple checks on "idmap [ug]id" parameter values */
+/* Do some simple checks on "winbind [ug]id" parameter values */
-static BOOL handle_idmap_uid(const char *pszParmValue, char **ptr)
+static BOOL handle_winbind_uid(const char *pszParmValue, char **ptr)
{
uint32 low, high;
@@ -2889,13 +2682,13 @@ static BOOL handle_idmap_uid(const char *pszParmValue, char **ptr)
string_set(ptr, pszParmValue);
- idmap_uid_low = low;
- idmap_uid_high = high;
+ winbind_uid_low = low;
+ winbind_uid_high = high;
return True;
}
-static BOOL handle_idmap_gid(const char *pszParmValue, char **ptr)
+static BOOL handle_winbind_gid(const char *pszParmValue, char **ptr)
{
uint32 low, high;
@@ -2906,8 +2699,8 @@ static BOOL handle_idmap_gid(const char *pszParmValue, char **ptr)
string_set(ptr, pszParmValue);
- idmap_gid_low = low;
- idmap_gid_high = high;
+ winbind_gid_low = low;
+ winbind_gid_high = high;
return True;
}
@@ -3085,8 +2878,7 @@ BOOL lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue
void *def_ptr = NULL;
pstring vfskey;
char *sep;
- param_opt_struct *paramo, *data;
- BOOL not_added;
+ param_opt_struct *paramo;
parmnum = map_parameter(pszParmName);
@@ -3094,35 +2886,15 @@ BOOL lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue
if ((sep=strchr(pszParmName, ':')) != NULL) {
*sep = 0;
ZERO_STRUCT(vfskey);
- pstr_sprintf(vfskey, "%s:", pszParmName);
+ pstr_sprintf(vfskey, "%s:%s:",
+ (snum >= 0) ? lp_servicename(snum) : "global", pszParmName);
slen = strlen(vfskey);
pstrcat(vfskey, sep+1);
trim_string(vfskey+slen, " ", " ");
- not_added = True;
- data = (snum < 0) ? Globals.param_opt :
- ServicePtrs[snum]->param_opt;
- /* Traverse destination */
- while (data) {
- /* If we already have same option, override it */
- if (strcmp(data->key, vfskey) == 0) {
- string_free(&data->value);
- data->value = strdup(pszParmValue);
- not_added = False;
- break;
- }
- data = data->next;
- }
- if (not_added) {
- paramo = smb_xmalloc(sizeof(param_opt_struct));
- paramo->key = strdup(vfskey);
- paramo->value = strdup(pszParmValue);
- if (snum < 0) {
- DLIST_ADD(Globals.param_opt, paramo);
- } else {
- DLIST_ADD(ServicePtrs[snum]->param_opt, paramo);
- }
- }
-
+ paramo = smb_xmalloc(sizeof(param_opt_struct));
+ paramo->key = strdup(vfskey);
+ paramo->value = strdup(pszParmValue);
+ DLIST_ADD(param_opt, paramo);
*sep = ':';
return (True);
}
@@ -3472,6 +3244,7 @@ static void dump_globals(FILE *f)
{
int i;
param_opt_struct *data;
+ char *s;
fprintf(f, "# Global parameters\n[global]\n");
@@ -3485,11 +3258,14 @@ static void dump_globals(FILE *f)
print_parameter(&parm_table[i], parm_table[i].ptr, f);
fprintf(f, "\n");
}
- if (Globals.param_opt != NULL) {
- data = Globals.param_opt;
+ if (param_opt != NULL) {
+ data = param_opt;
while(data) {
- fprintf(f, "\t%s = %s\n", data->key, data->value);
- data = data->next;
+ if (((s=strstr(data->key, "global")) == data->key) &&
+ (*(s+strlen("global")) == ':')) {
+ fprintf(f, "\t%s = %s\n", s+strlen("global")+1, data->value);
+ }
+ data = data->next;
}
}
@@ -3516,6 +3292,8 @@ static void dump_a_service(service * pService, FILE * f)
{
int i;
param_opt_struct *data;
+ const char *sn;
+ char *s;
if (pService != &sDefault)
fprintf(f, "\n[%s]\n", pService->szService);
@@ -3544,11 +3322,15 @@ static void dump_a_service(service * pService, FILE * f)
((char *)pService) + pdiff, f);
fprintf(f, "\n");
}
- if (pService->param_opt != NULL) {
- data = pService->param_opt;
+ if (param_opt != NULL) {
+ data = param_opt;
+ sn = (pService == &sDefault) ? "global" : pService->szService;
while(data) {
- fprintf(f, "\t%s = %s\n", data->key, data->value);
- data = data->next;
+ if (((s=strstr(data->key, sn)) == data->key) &&
+ (*(s+strlen(sn)) == ':')) {
+ fprintf(f, "\t%s = %s\n", s+strlen(sn)+1, data->value);
+ }
+ data = data->next;
}
}
}
@@ -3810,18 +3592,7 @@ static void set_server_role(void)
DEBUG(0, ("Server's Role (logon server) conflicts with share-level security\n"));
break;
case SEC_SERVER:
- if (lp_domain_logons())
- DEBUG(0, ("Server's Role (logon server) conflicts with server-level security\n"));
- server_role = ROLE_DOMAIN_MEMBER;
- break;
case SEC_DOMAIN:
- if (lp_domain_logons()) {
- DEBUG(1, ("Server's Role (logon server) NOT ADVISED with domain-level security\n"));
- server_role = ROLE_DOMAIN_BDC;
- break;
- }
- server_role = ROLE_DOMAIN_MEMBER;
- break;
case SEC_ADS:
if (lp_domain_logons()) {
server_role = ROLE_DOMAIN_PDC;
@@ -3894,16 +3665,16 @@ BOOL lp_load(const char *pszFname, BOOL global_only, BOOL save_defaults,
lp_save_defaults();
}
- if (Globals.param_opt != NULL) {
- data = Globals.param_opt;
+ if (param_opt != NULL) {
+ data = param_opt;
while (data) {
- string_free(&data->key);
- string_free(&data->value);
+ SAFE_FREE(data->key);
+ SAFE_FREE(data->value);
pdata = data->next;
SAFE_FREE(data);
data = pdata;
}
- Globals.param_opt = NULL;
+ param_opt = NULL;
}
/* We get sections first, so have to start 'behind' to make up */
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index a86d936263..80b4bb4dc3 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -490,7 +490,7 @@ BOOL pdb_set_init_flags (SAM_ACCOUNT *sampass, enum pdb_elements element, enum p
DEBUG(0,("Can't set flag: %d in set_flags.\n",element));
return False;
}
- DEBUG(10, ("element %d -> now SET\n", element));
+ DEBUG(11, ("element %d -> now SET\n", element));
break;
case PDB_DEFAULT:
default:
@@ -502,7 +502,7 @@ BOOL pdb_set_init_flags (SAM_ACCOUNT *sampass, enum pdb_elements element, enum p
DEBUG(0,("Can't set flag: %d in set_flags.\n",element));
return False;
}
- DEBUG(11, ("element %d -> now DEFAULT\n", element));
+ DEBUG(10, ("element %d -> now DEFAULT\n", element));
break;
}
diff --git a/source3/passdb/pdb_guest.c b/source3/passdb/pdb_guest.c
index f5a15057e0..88a75aa667 100644
--- a/source3/passdb/pdb_guest.c
+++ b/source3/passdb/pdb_guest.c
@@ -122,8 +122,3 @@ NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, c
return NT_STATUS_OK;
}
-int pdb_guest_init(void)
-{
- return smb_register_passdb("guest", pdb_init_guestsam, PASSDB_INTERFACE_VERSION);
-}
-
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 8adcd9dbfa..42be673d25 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -24,57 +24,21 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_PASSDB
-static struct pdb_init_function_entry *backends = NULL;
-
-static void lazy_initialize_passdb(void)
-{
- static BOOL initialized = False;
- if(initialized)return;
- static_init_pdb;
- initialized = True;
-}
-
-BOOL smb_register_passdb(const char *name, pdb_init_function init, int version)
-{
- struct pdb_init_function_entry *entry = backends;
-
- if(version != PASSDB_INTERFACE_VERSION)
- return False;
-
- DEBUG(5,("Attempting to register passdb backend %s\n", name));
-
- /* Check for duplicates */
- while(entry) {
- if(strcasecmp(name, entry->name) == 0) {
- DEBUG(0,("There already is a passdb backend registered with the name %s!\n", name));
- return False;
- }
- entry = entry->next;
- }
-
- entry = smb_xmalloc(sizeof(struct pdb_init_function_entry));
- entry->name = smb_xstrdup(name);
- entry->init = init;
-
- DLIST_ADD(backends, entry);
- DEBUG(5,("Successfully added passdb backend '%s'\n", name));
- return True;
-}
-
-static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
-{
- struct pdb_init_function_entry *entry = backends;
- pstring stripped;
-
- module_path_get_name(name, stripped);
-
- while(entry) {
- if (strequal(entry->name, stripped)) return entry;
- entry = entry->next;
- }
-
- return NULL;
-}
+/** List of various built-in passdb modules */
+
+const struct pdb_init_function_entry builtin_pdb_init_functions[] = {
+ { "smbpasswd", pdb_init_smbpasswd },
+ { "smbpasswd_nua", pdb_init_smbpasswd_nua },
+ { "tdbsam", pdb_init_tdbsam },
+ { "tdbsam_nua", pdb_init_tdbsam_nua },
+ { "ldapsam", pdb_init_ldapsam },
+ { "ldapsam_nua", pdb_init_ldapsam_nua },
+ { "unixsam", pdb_init_unixsam },
+ { "guest", pdb_init_guestsam },
+ { "nisplussam", pdb_init_nisplussam },
+ { "plugin", pdb_init_plugin },
+ { NULL, NULL}
+};
static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update)
{
@@ -408,10 +372,8 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c
{
char *module_name = smb_xstrdup(selected);
char *module_location = NULL, *p;
- struct pdb_init_function_entry *entry;
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
-
- lazy_initialize_passdb();
+ int i;
p = strchr(module_name, ':');
@@ -423,37 +385,27 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c
trim_string(module_name, " ", " ");
-
DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
-
- entry = pdb_find_backend_entry(module_name);
-
- /* Try to find a module that contains this module */
- if (!entry) {
- DEBUG(2,("No builtin backend found, trying to load plugin\n"));
- if(smb_probe_module("passdb", module_name) && !(entry = pdb_find_backend_entry(module_name))) {
- DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", module_name));
+ for (i = 0; builtin_pdb_init_functions[i].name; i++)
+ {
+ if (strequal(builtin_pdb_init_functions[i].name, module_name))
+ {
+ DEBUG(5,("Found pdb backend %s (at pos %d)\n", module_name, i));
+ nt_status = builtin_pdb_init_functions[i].init(context, methods, module_location);
+ if (NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(5,("pdb backend %s has a valid init\n", selected));
+ } else {
+ DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
+ }
SAFE_FREE(module_name);
- return NT_STATUS_UNSUCCESSFUL;
+ return nt_status;
+ break; /* unreached */
}
}
-
+
/* No such backend found */
- if(!entry) {
- DEBUG(0,("No builtin nor plugin backend for %s found\n", module_name));
- SAFE_FREE(module_name);
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- DEBUG(5,("Found pdb backend %s\n", module_name));
- nt_status = entry->init(context, methods, module_location);
- if (NT_STATUS_IS_OK(nt_status)) {
- DEBUG(5,("pdb backend %s has a valid init\n", selected));
- } else {
- DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
- }
SAFE_FREE(module_name);
- return nt_status;
+ return NT_STATUS_INVALID_PARAMETER;
}
/******************************************************************
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index edae69f2cd..361cb8638a 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -6,7 +6,6 @@
Copyright (C) Shahms King 2001
Copyright (C) Andrew Bartlett 2002
Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Jim McDonough 2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -29,6 +28,7 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_PASSDB
+#ifdef HAVE_LDAP
/* TODO:
* persistent connections: if using NSS LDAP, many connections are made
* however, using only one within Samba would be nice
@@ -52,13 +52,36 @@
#include <lber.h>
#include <ldap.h>
-#include "smb_ldap.h"
-
#ifndef SAM_ACCOUNT
#define SAM_ACCOUNT struct sam_passwd
#endif
-static uint32 ldapsam_get_next_available_nua_rid(struct smb_ldap_privates *ldap_state);
+struct ldapsam_privates {
+
+ /* Former statics */
+ LDAP *ldap_struct;
+ LDAPMessage *result;
+ LDAPMessage *entry;
+ int index;
+
+ time_t last_ping;
+ /* retrive-once info */
+ const char *uri;
+
+ BOOL permit_non_unix_accounts;
+
+ uint32 low_nua_rid;
+ uint32 high_nua_rid;
+
+ char *bind_dn;
+ char *bind_secret;
+};
+
+#define LDAPSAM_DONT_PING_TIME 10 /* ping only all 10 seconds */
+
+static struct ldapsam_privates *static_ldap_state;
+
+static uint32 ldapsam_get_next_available_nua_rid(struct ldapsam_privates *ldap_state);
/*******************************************************************
find the ldap password
@@ -136,16 +159,495 @@ static const char *attr[] = {"uid", "pwdLastSet", "logonTime",
"homeDirectory", NULL };
/*******************************************************************
+ open a connection to the ldap server.
+******************************************************************/
+static int ldapsam_open_connection (struct ldapsam_privates *ldap_state, LDAP ** ldap_struct)
+{
+ int rc = LDAP_SUCCESS;
+ int version;
+ BOOL ldap_v3 = False;
+
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
+ DEBUG(10, ("ldapsam_open_connection: %s\n", ldap_state->uri));
+
+ if ((rc = ldap_initialize(ldap_struct, ldap_state->uri)) != LDAP_SUCCESS) {
+ DEBUG(0, ("ldap_initialize: %s\n", ldap_err2string(rc)));
+ return rc;
+ }
+
+#else
+
+ /* Parse the string manually */
+
+ {
+ int port = 0;
+ fstring protocol;
+ fstring host;
+ const char *p = ldap_state->uri;
+ SMB_ASSERT(sizeof(protocol)>10 && sizeof(host)>254);
+
+ /* skip leading "URL:" (if any) */
+ if ( strncasecmp( p, "URL:", 4 ) == 0 ) {
+ p += 4;
+ }
+
+ sscanf(p, "%10[^:]://%254s[^:]:%d", protocol, host, &port);
+
+ if (port == 0) {
+ if (strequal(protocol, "ldap")) {
+ port = LDAP_PORT;
+ } else if (strequal(protocol, "ldaps")) {
+ port = LDAPS_PORT;
+ } else {
+ DEBUG(0, ("unrecognised protocol (%s)!\n", protocol));
+ }
+ }
+
+ if ((*ldap_struct = ldap_init(host, port)) == NULL) {
+ DEBUG(0, ("ldap_init failed !\n"));
+ return LDAP_OPERATIONS_ERROR;
+ }
+
+ if (strequal(protocol, "ldaps")) {
+#ifdef LDAP_OPT_X_TLS
+ int tls = LDAP_OPT_X_TLS_HARD;
+ if (ldap_set_option (*ldap_struct, LDAP_OPT_X_TLS, &tls) != LDAP_SUCCESS)
+ {
+ DEBUG(0, ("Failed to setup a TLS session\n"));
+ }
+
+ DEBUG(3,("LDAPS option set...!\n"));
+#else
+ DEBUG(0,("ldapsam_open_connection: Secure connection not supported by LDAP client libraries!\n"));
+ return LDAP_OPERATIONS_ERROR;
+#endif
+ }
+ }
+#endif
+
+ if (ldap_get_option(*ldap_struct, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS)
+ {
+ if (version != LDAP_VERSION3)
+ {
+ version = LDAP_VERSION3;
+ if (ldap_set_option (*ldap_struct, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS) {
+ ldap_v3 = True;
+ }
+ } else {
+ ldap_v3 = True;
+ }
+ }
+
+ if (lp_ldap_ssl() == LDAP_SSL_START_TLS) {
+#ifdef LDAP_OPT_X_TLS
+ if (ldap_v3) {
+ if ((rc = ldap_start_tls_s (*ldap_struct, NULL, NULL)) != LDAP_SUCCESS)
+ {
+ DEBUG(0,("Failed to issue the StartTLS instruction: %s\n",
+ ldap_err2string(rc)));
+ return rc;
+ }
+ DEBUG (3, ("StartTLS issued: using a TLS connection\n"));
+ } else {
+
+ DEBUG(0, ("Need LDAPv3 for Start TLS\n"));
+ return LDAP_OPERATIONS_ERROR;
+ }
+#else
+ DEBUG(0,("ldapsam_open_connection: StartTLS not supported by LDAP client libraries!\n"));
+ return LDAP_OPERATIONS_ERROR;
+#endif
+ }
+
+ DEBUG(2, ("ldapsam_open_connection: connection opened\n"));
+ return rc;
+}
+
+
+/*******************************************************************
+ a rebind function for authenticated referrals
+ This version takes a void* that we can shove useful stuff in :-)
+******************************************************************/
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
+#else
+static int rebindproc_with_state (LDAP * ld, char **whop, char **credp,
+ int *methodp, int freeit, void *arg)
+{
+ struct ldapsam_privates *ldap_state = arg;
+
+ /** @TODO Should we be doing something to check what servers we rebind to?
+ Could we get a referral to a machine that we don't want to give our
+ username and password to? */
+
+ if (freeit) {
+ SAFE_FREE(*whop);
+ memset(*credp, '\0', strlen(*credp));
+ SAFE_FREE(*credp);
+ } else {
+ DEBUG(5,("rebind_proc_with_state: Rebinding as \"%s\"\n",
+ ldap_state->bind_dn));
+
+ *whop = strdup(ldap_state->bind_dn);
+ if (!*whop) {
+ return LDAP_NO_MEMORY;
+ }
+ *credp = strdup(ldap_state->bind_secret);
+ if (!*credp) {
+ SAFE_FREE(*whop);
+ return LDAP_NO_MEMORY;
+ }
+ *methodp = LDAP_AUTH_SIMPLE;
+ }
+ return 0;
+}
+#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
+
+/*******************************************************************
+ a rebind function for authenticated referrals
+ This version takes a void* that we can shove useful stuff in :-)
+ and actually does the connection.
+******************************************************************/
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
+static int rebindproc_connect_with_state (LDAP *ldap_struct,
+ LDAP_CONST char *url,
+ ber_tag_t request,
+ ber_int_t msgid, void *arg)
+{
+ struct ldapsam_privates *ldap_state = arg;
+ int rc;
+ DEBUG(5,("rebindproc_connect_with_state: Rebinding as \"%s\"\n",
+ ldap_state->bind_dn));
+
+ /** @TODO Should we be doing something to check what servers we rebind to?
+ Could we get a referral to a machine that we don't want to give our
+ username and password to? */
+
+ rc = ldap_simple_bind_s(ldap_struct, ldap_state->bind_dn, ldap_state->bind_secret);
+
+ return rc;
+}
+#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
+
+/*******************************************************************
+ Add a rebind function for authenticated referrals
+******************************************************************/
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
+#else
+# if LDAP_SET_REBIND_PROC_ARGS == 2
+static int rebindproc (LDAP *ldap_struct, char **whop, char **credp,
+ int *method, int freeit )
+{
+ return rebindproc_with_state(ldap_struct, whop, credp,
+ method, freeit, static_ldap_state);
+
+}
+# endif /*LDAP_SET_REBIND_PROC_ARGS == 2*/
+#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
+
+/*******************************************************************
+ a rebind function for authenticated referrals
+ this also does the connection, but no void*.
+******************************************************************/
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
+# if LDAP_SET_REBIND_PROC_ARGS == 2
+static int rebindproc_connect (LDAP * ld, LDAP_CONST char *url, int request,
+ ber_int_t msgid)
+{
+ return rebindproc_connect_with_state(ld, url, (ber_tag_t)request, msgid,
+ static_ldap_state);
+}
+# endif /*LDAP_SET_REBIND_PROC_ARGS == 2*/
+#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
+
+/*******************************************************************
+ connect to the ldap server under system privilege.
+******************************************************************/
+static int ldapsam_connect_system(struct ldapsam_privates *ldap_state, LDAP * ldap_struct)
+{
+ int rc;
+ char *ldap_dn;
+ char *ldap_secret;
+
+ /* The rebind proc needs this *HACK*. We are not multithreaded, so
+ this will work, but it's not nice. */
+ static_ldap_state = ldap_state;
+
+ /* get the password */
+ if (!fetch_ldapsam_pw(&ldap_dn, &ldap_secret))
+ {
+ DEBUG(0, ("ldap_connect_system: Failed to retrieve password from secrets.tdb\n"));
+ return LDAP_INVALID_CREDENTIALS;
+ }
+
+ ldap_state->bind_dn = ldap_dn;
+ ldap_state->bind_secret = ldap_secret;
+
+ /* removed the sasl_bind_s "EXTERNAL" stuff, as my testsuite
+ (OpenLDAP) doesnt' seem to support it */
+
+ DEBUG(10,("ldap_connect_system: Binding to ldap server %s as \"%s\"\n",
+ ldap_state->uri, ldap_dn));
+
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
+# if LDAP_SET_REBIND_PROC_ARGS == 2
+ ldap_set_rebind_proc(ldap_struct, &rebindproc_connect);
+# endif
+# if LDAP_SET_REBIND_PROC_ARGS == 3
+ ldap_set_rebind_proc(ldap_struct, &rebindproc_connect_with_state, (void *)ldap_state);
+# endif
+#else /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
+# if LDAP_SET_REBIND_PROC_ARGS == 2
+ ldap_set_rebind_proc(ldap_struct, &rebindproc);
+# endif
+# if LDAP_SET_REBIND_PROC_ARGS == 3
+ ldap_set_rebind_proc(ldap_struct, &rebindproc_with_state, (void *)ldap_state);
+# endif
+#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
+
+ rc = ldap_simple_bind_s(ldap_struct, ldap_dn, ldap_secret);
+
+ if (rc != LDAP_SUCCESS) {
+ char *ld_error = NULL;
+ ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+ &ld_error);
+ DEBUG(0,
+ ("failed to bind to server with dn= %s Error: %s\n\t%s\n",
+ ldap_dn ? ld_error : "(unknown)", ldap_err2string(rc),
+ ld_error));
+ SAFE_FREE(ld_error);
+ return rc;
+ }
+
+ DEBUG(2, ("ldap_connect_system: succesful connection to the LDAP server\n"));
+ return rc;
+}
+
+/**********************************************************************
+Connect to LDAP server
+*********************************************************************/
+static int ldapsam_open(struct ldapsam_privates *ldap_state)
+{
+ int rc;
+ SMB_ASSERT(ldap_state);
+
+#ifndef NO_LDAP_SECURITY
+ if (geteuid() != 0) {
+ DEBUG(0, ("ldapsam_open: cannot access LDAP when not root..\n"));
+ return LDAP_INSUFFICIENT_ACCESS;
+ }
+#endif
+
+ if ((ldap_state->ldap_struct != NULL) && ((ldap_state->last_ping + LDAPSAM_DONT_PING_TIME) < time(NULL))) {
+ struct sockaddr_un addr;
+ socklen_t len;
+ int sd;
+ if (ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_DESC, &sd) == 0 &&
+ getpeername(sd, (struct sockaddr *) &addr, &len) < 0) {
+ /* the other end has died. reopen. */
+ ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL);
+ ldap_state->ldap_struct = NULL;
+ ldap_state->last_ping = (time_t)0;
+ } else {
+ ldap_state->last_ping = time(NULL);
+ }
+ }
+
+ if (ldap_state->ldap_struct != NULL) {
+ DEBUG(5,("ldapsam_open: allready connected to the LDAP server\n"));
+ return LDAP_SUCCESS;
+ }
+
+ if ((rc = ldapsam_open_connection(ldap_state, &ldap_state->ldap_struct))) {
+ return rc;
+ }
+
+ if ((rc = ldapsam_connect_system(ldap_state, ldap_state->ldap_struct))) {
+ ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL);
+ ldap_state->ldap_struct = NULL;
+ return rc;
+ }
+
+
+ ldap_state->last_ping = time(NULL);
+ DEBUG(4,("The LDAP server is succesful connected\n"));
+
+ return LDAP_SUCCESS;
+}
+
+/**********************************************************************
+Disconnect from LDAP server
+*********************************************************************/
+static NTSTATUS ldapsam_close(struct ldapsam_privates *ldap_state)
+{
+ if (!ldap_state)
+ return NT_STATUS_INVALID_PARAMETER;
+
+ if (ldap_state->ldap_struct != NULL) {
+ ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL);
+ ldap_state->ldap_struct = NULL;
+ }
+
+ DEBUG(5,("The connection to the LDAP server was closed\n"));
+ /* maybe free the results here --metze */
+
+ return NT_STATUS_OK;
+}
+
+static int ldapsam_retry_open(struct ldapsam_privates *ldap_state, int *attempts)
+{
+ int rc;
+
+ SMB_ASSERT(ldap_state && attempts);
+
+ if (*attempts != 0) {
+ /* we retry after 0.5, 2, 4.5, 8, 12.5, 18, 24.5 seconds */
+ msleep((((*attempts)*(*attempts))/2)*1000);
+ }
+ (*attempts)++;
+
+ if ((rc = ldapsam_open(ldap_state))) {
+ DEBUG(0,("Connection to LDAP Server failed for the %d try!\n",*attempts));
+ return rc;
+ }
+
+ return LDAP_SUCCESS;
+}
+
+
+static int ldapsam_search(struct ldapsam_privates *ldap_state,
+ const char *base, int scope, const char *filter,
+ const char *attrs[], int attrsonly,
+ LDAPMessage **res)
+{
+ int rc = LDAP_SERVER_DOWN;
+ int attempts = 0;
+
+ SMB_ASSERT(ldap_state);
+
+ while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
+
+ if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
+ continue;
+
+ rc = ldap_search_s(ldap_state->ldap_struct, base, scope,
+ filter, attrs, attrsonly, res);
+ }
+
+ if (rc == LDAP_SERVER_DOWN) {
+ DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
+ ldapsam_close(ldap_state);
+ }
+
+ return rc;
+}
+
+static int ldapsam_modify(struct ldapsam_privates *ldap_state, char *dn, LDAPMod *attrs[])
+{
+ int rc = LDAP_SERVER_DOWN;
+ int attempts = 0;
+
+ if (!ldap_state)
+ return (-1);
+
+ while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
+
+ if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
+ continue;
+
+ rc = ldap_modify_s(ldap_state->ldap_struct, dn, attrs);
+ }
+
+ if (rc == LDAP_SERVER_DOWN) {
+ DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
+ ldapsam_close(ldap_state);
+ }
+
+ return rc;
+}
+
+static int ldapsam_add(struct ldapsam_privates *ldap_state, const char *dn, LDAPMod *attrs[])
+{
+ int rc = LDAP_SERVER_DOWN;
+ int attempts = 0;
+
+ if (!ldap_state)
+ return (-1);
+
+ while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
+
+ if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
+ continue;
+
+ rc = ldap_add_s(ldap_state->ldap_struct, dn, attrs);
+ }
+
+ if (rc == LDAP_SERVER_DOWN) {
+ DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
+ ldapsam_close(ldap_state);
+ }
+
+ return rc;
+}
+
+static int ldapsam_delete(struct ldapsam_privates *ldap_state, char *dn)
+{
+ int rc = LDAP_SERVER_DOWN;
+ int attempts = 0;
+
+ if (!ldap_state)
+ return (-1);
+
+ while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
+
+ if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
+ continue;
+
+ rc = ldap_delete_s(ldap_state->ldap_struct, dn);
+ }
+
+ if (rc == LDAP_SERVER_DOWN) {
+ DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
+ ldapsam_close(ldap_state);
+ }
+
+ return rc;
+}
+
+static int ldapsam_extended_operation(struct ldapsam_privates *ldap_state, LDAP_CONST char *reqoid, struct berval *reqdata, LDAPControl **serverctrls, LDAPControl **clientctrls, char **retoidp, struct berval **retdatap)
+{
+ int rc = LDAP_SERVER_DOWN;
+ int attempts = 0;
+
+ if (!ldap_state)
+ return (-1);
+
+ while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
+
+ if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
+ continue;
+
+ rc = ldap_extended_operation_s(ldap_state->ldap_struct, reqoid, reqdata, serverctrls, clientctrls, retoidp, retdatap);
+ }
+
+ if (rc == LDAP_SERVER_DOWN) {
+ DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
+ ldapsam_close(ldap_state);
+ }
+
+ return rc;
+}
+
+/*******************************************************************
run the search by name.
******************************************************************/
-static int ldapsam_search_one_user (struct smb_ldap_privates *ldap_state, const char *filter, LDAPMessage ** result)
+static int ldapsam_search_one_user (struct ldapsam_privates *ldap_state, const char *filter, LDAPMessage ** result)
{
int scope = LDAP_SCOPE_SUBTREE;
int rc;
DEBUG(2, ("ldapsam_search_one_user: searching for:[%s]\n", filter));
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix (), scope, filter, attr, 0, result);
+ rc = ldapsam_search(ldap_state, lp_ldap_suffix (), scope, filter, attr, 0, result);
if (rc != LDAP_SUCCESS) {
char *ld_error = NULL;
@@ -164,7 +666,7 @@ static int ldapsam_search_one_user (struct smb_ldap_privates *ldap_state, const
/*******************************************************************
run the search by name.
******************************************************************/
-static int ldapsam_search_one_user_by_name (struct smb_ldap_privates *ldap_state, const char *user,
+static int ldapsam_search_one_user_by_name (struct ldapsam_privates *ldap_state, const char *user,
LDAPMessage ** result)
{
pstring filter;
@@ -195,7 +697,7 @@ static int ldapsam_search_one_user_by_name (struct smb_ldap_privates *ldap_state
/*******************************************************************
run the search by uid.
******************************************************************/
-static int ldapsam_search_one_user_by_uid(struct smb_ldap_privates *ldap_state,
+static int ldapsam_search_one_user_by_uid(struct ldapsam_privates *ldap_state,
int uid,
LDAPMessage ** result)
{
@@ -229,7 +731,7 @@ static int ldapsam_search_one_user_by_uid(struct smb_ldap_privates *ldap_state,
/*******************************************************************
run the search by rid.
******************************************************************/
-static int ldapsam_search_one_user_by_rid (struct smb_ldap_privates *ldap_state,
+static int ldapsam_search_one_user_by_rid (struct ldapsam_privates *ldap_state,
uint32 rid,
LDAPMessage ** result)
{
@@ -250,10 +752,110 @@ static int ldapsam_search_one_user_by_rid (struct smb_ldap_privates *ldap_state,
}
/*******************************************************************
+search an attribute and return the first value found.
+******************************************************************/
+static BOOL get_single_attribute (LDAP * ldap_struct, LDAPMessage * entry,
+ const char *attribute, pstring value)
+{
+ char **values;
+
+ if ((values = ldap_get_values (ldap_struct, entry, attribute)) == NULL) {
+ value = NULL;
+ DEBUG (10, ("get_single_attribute: [%s] = [<does not exist>]\n", attribute));
+
+ return False;
+ }
+
+ pstrcpy(value, values[0]);
+ ldap_value_free(values);
+#ifdef DEBUG_PASSWORDS
+ DEBUG (100, ("get_single_attribute: [%s] = [%s]\n", attribute, value));
+#endif
+ return True;
+}
+
+/************************************************************************
+Routine to manage the LDAPMod structure array
+manage memory used by the array, by each struct, and values
+
+************************************************************************/
+static void make_a_mod (LDAPMod *** modlist, int modop, const char *attribute, const char *value)
+{
+ LDAPMod **mods;
+ int i;
+ int j;
+
+ mods = *modlist;
+
+ if (attribute == NULL || *attribute == '\0')
+ return;
+
+#if 0
+ /* Why do we need this??? -- vl */
+ if (value == NULL || *value == '\0')
+ return;
+#endif
+
+ if (mods == NULL)
+ {
+ mods = (LDAPMod **) malloc(sizeof(LDAPMod *));
+ if (mods == NULL)
+ {
+ DEBUG(0, ("make_a_mod: out of memory!\n"));
+ return;
+ }
+ mods[0] = NULL;
+ }
+
+ for (i = 0; mods[i] != NULL; ++i) {
+ if (mods[i]->mod_op == modop && !strcasecmp(mods[i]->mod_type, attribute))
+ break;
+ }
+
+ if (mods[i] == NULL)
+ {
+ mods = (LDAPMod **) Realloc (mods, (i + 2) * sizeof (LDAPMod *));
+ if (mods == NULL)
+ {
+ DEBUG(0, ("make_a_mod: out of memory!\n"));
+ return;
+ }
+ mods[i] = (LDAPMod *) malloc(sizeof(LDAPMod));
+ if (mods[i] == NULL)
+ {
+ DEBUG(0, ("make_a_mod: out of memory!\n"));
+ return;
+ }
+ mods[i]->mod_op = modop;
+ mods[i]->mod_values = NULL;
+ mods[i]->mod_type = strdup(attribute);
+ mods[i + 1] = NULL;
+ }
+
+ if (value != NULL)
+ {
+ j = 0;
+ if (mods[i]->mod_values != NULL) {
+ for (; mods[i]->mod_values[j] != NULL; j++);
+ }
+ mods[i]->mod_values = (char **)Realloc(mods[i]->mod_values,
+ (j + 2) * sizeof (char *));
+
+ if (mods[i]->mod_values == NULL) {
+ DEBUG (0, ("make_a_mod: Memory allocation failure!\n"));
+ return;
+ }
+ mods[i]->mod_values[j] = strdup(value);
+ mods[i]->mod_values[j + 1] = NULL;
+ }
+ *modlist = mods;
+}
+
+/*******************************************************************
Delete complete object or objectclass and attrs from
object found in search_result depending on lp_ldap_delete_dn
******************************************************************/
-static NTSTATUS ldapsam_delete_entry(struct smb_ldap_privates *ldap_state,
+static NTSTATUS ldapsam_delete_entry(struct ldapsam_privates *ldap_state,
LDAPMessage *result,
const char *objectclass,
const char **attrs)
@@ -276,7 +878,7 @@ static NTSTATUS ldapsam_delete_entry(struct smb_ldap_privates *ldap_state,
if (lp_ldap_delete_dn()) {
NTSTATUS ret = NT_STATUS_OK;
- rc = smb_ldap_delete(ldap_state, dn);
+ rc = ldapsam_delete(ldap_state, dn);
if (rc != LDAP_SUCCESS) {
DEBUG(0, ("Could not delete object %s\n", dn));
@@ -300,7 +902,7 @@ static NTSTATUS ldapsam_delete_entry(struct smb_ldap_privates *ldap_state,
for (attrib = attrs; *attrib != NULL; attrib++) {
if (StrCaseCmp(*attrib, name) == 0) {
DEBUG(10, ("deleting attribute %s\n", name));
- smb_ldap_make_a_mod(&mods, LDAP_MOD_DELETE, name, NULL);
+ make_a_mod(&mods, LDAP_MOD_DELETE, name, NULL);
}
}
@@ -311,9 +913,9 @@ static NTSTATUS ldapsam_delete_entry(struct smb_ldap_privates *ldap_state,
ber_free(ptr, 0);
}
- smb_ldap_make_a_mod(&mods, LDAP_MOD_DELETE, "objectClass", objectclass);
+ make_a_mod(&mods, LDAP_MOD_DELETE, "objectClass", objectclass);
- rc = smb_ldap_modify(ldap_state, dn, mods);
+ rc = ldapsam_modify(ldap_state, dn, mods);
ldap_mods_free(mods, 1);
if (rc != LDAP_SUCCESS) {
@@ -337,7 +939,7 @@ static NTSTATUS ldapsam_delete_entry(struct smb_ldap_privates *ldap_state,
/**********************************************************************
Initialize SAM_ACCOUNT from an LDAP query (unix attributes only)
*********************************************************************/
-static BOOL get_unix_attributes (struct smb_ldap_privates *ldap_state,
+static BOOL get_unix_attributes (struct ldapsam_privates *ldap_state,
SAM_ACCOUNT * sampass,
LDAPMessage * entry)
{
@@ -366,15 +968,15 @@ static BOOL get_unix_attributes (struct smb_ldap_privates *ldap_state,
}
ldap_value_free(ldap_values);
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "homeDirectory", homedir))
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "homeDirectory", homedir))
return False;
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "uidNumber", temp))
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "uidNumber", temp))
return False;
uid = (uid_t)atol(temp);
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber", temp))
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber", temp))
return False;
gid = (gid_t)atol(temp);
@@ -392,7 +994,7 @@ static BOOL get_unix_attributes (struct smb_ldap_privates *ldap_state,
Initialize SAM_ACCOUNT from an LDAP query
(Based on init_sam_from_buffer in pdb_tdb.c)
*********************************************************************/
-static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
+static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
SAM_ACCOUNT * sampass,
LDAPMessage * entry)
{
@@ -453,7 +1055,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
return False;
}
- smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "uid", username);
+ get_single_attribute(ldap_state->ldap_struct, entry, "uid", username);
DEBUG(2, ("Entry found for user: %s\n", username));
pstrcpy(nt_username, username);
@@ -465,12 +1067,12 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
pdb_set_domain(sampass, domain, PDB_DEFAULT);
pdb_set_nt_username(sampass, nt_username, PDB_SET);
- smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "rid", temp);
+ get_single_attribute(ldap_state->ldap_struct, entry, "rid", temp);
user_rid = (uint32)atol(temp);
pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "primaryGroupID", temp)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "primaryGroupID", temp)) {
group_rid = 0;
} else {
group_rid = (uint32)atol(temp);
@@ -518,42 +1120,42 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
}
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "pwdLastSet", temp)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "pwdLastSet", temp)) {
/* leave as default */
} else {
pass_last_set_time = (time_t) atol(temp);
pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "logonTime", temp)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "logonTime", temp)) {
/* leave as default */
} else {
logon_time = (time_t) atol(temp);
pdb_set_logon_time(sampass, logon_time, PDB_SET);
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "logoffTime", temp)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "logoffTime", temp)) {
/* leave as default */
} else {
logoff_time = (time_t) atol(temp);
pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "kickoffTime", temp)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "kickoffTime", temp)) {
/* leave as default */
} else {
kickoff_time = (time_t) atol(temp);
pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "pwdCanChange", temp)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "pwdCanChange", temp)) {
/* leave as default */
} else {
pass_can_change_time = (time_t) atol(temp);
pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "pwdMustChange", temp)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "pwdMustChange", temp)) {
/* leave as default */
} else {
pass_must_change_time = (time_t) atol(temp);
@@ -566,9 +1168,9 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
* that fits your needs; using cn then displayName rather than 'userFullName'
*/
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->ldap_struct, entry,
"displayName", fullname)) {
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->ldap_struct, entry,
"cn", fullname)) {
/* leave as default */
} else {
@@ -578,7 +1180,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
pdb_set_fullname(sampass, fullname, PDB_SET);
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "homeDrive", dir_drive)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "homeDrive", dir_drive)) {
pdb_set_dir_drive(sampass, talloc_sub_specified(sampass->mem_ctx,
lp_logon_drive(),
username, domain,
@@ -588,7 +1190,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "smbHome", homedir)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "smbHome", homedir)) {
pdb_set_homedir(sampass, talloc_sub_specified(sampass->mem_ctx,
lp_logon_home(),
username, domain,
@@ -598,7 +1200,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
pdb_set_homedir(sampass, homedir, PDB_SET);
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "scriptPath", logon_script)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "scriptPath", logon_script)) {
pdb_set_logon_script(sampass, talloc_sub_specified(sampass->mem_ctx,
lp_logon_script(),
username, domain,
@@ -608,7 +1210,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
pdb_set_logon_script(sampass, logon_script, PDB_SET);
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "profilePath", profile_path)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "profilePath", profile_path)) {
pdb_set_profile_path(sampass, talloc_sub_specified(sampass->mem_ctx,
lp_logon_path(),
username, domain,
@@ -618,13 +1220,13 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
pdb_set_profile_path(sampass, profile_path, PDB_SET);
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "description", acct_desc)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "description", acct_desc)) {
/* leave as default */
} else {
pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "userWorkstations", workstations)) {
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "userWorkstations", workstations)) {
/* leave as default */;
} else {
pdb_set_workstations(sampass, workstations, PDB_SET);
@@ -636,7 +1238,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
hours_len = 21;
memset(hours, 0xff, hours_len);
- if (!smb_ldap_get_single_attribute (ldap_state->ldap_struct, entry, "lmPassword", temp)) {
+ if (!get_single_attribute (ldap_state->ldap_struct, entry, "lmPassword", temp)) {
/* leave as default */
} else {
pdb_gethexpwd(temp, smblmpwd);
@@ -646,7 +1248,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
ZERO_STRUCT(smblmpwd);
}
- if (!smb_ldap_get_single_attribute (ldap_state->ldap_struct, entry, "ntPassword", temp)) {
+ if (!get_single_attribute (ldap_state->ldap_struct, entry, "ntPassword", temp)) {
/* leave as default */
} else {
pdb_gethexpwd(temp, smbntpwd);
@@ -656,7 +1258,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state,
ZERO_STRUCT(smbntpwd);
}
- if (!smb_ldap_get_single_attribute (ldap_state->ldap_struct, entry, "acctFlags", temp)) {
+ if (!get_single_attribute (ldap_state->ldap_struct, entry, "acctFlags", temp)) {
acct_ctrl |= ACB_NORMAL;
} else {
acct_ctrl = pdb_decode_acct_ctrl(temp);
@@ -724,7 +1326,7 @@ static void make_ldap_mod(LDAP *ldap_struct, LDAPMessage *existing,
the old value, should it exist. */
if ((newval != NULL) && (strlen(newval) > 0)) {
- smb_ldap_make_a_mod(mods, LDAP_MOD_ADD, attribute, newval);
+ make_a_mod(mods, LDAP_MOD_ADD, attribute, newval);
}
if (values == NULL) {
@@ -739,7 +1341,7 @@ static void make_ldap_mod(LDAP *ldap_struct, LDAPMessage *existing,
deny the complete operation if somebody changed the
attribute behind our back. */
- smb_ldap_make_a_mod(mods, LDAP_MOD_DELETE, attribute, values[0]);
+ make_a_mod(mods, LDAP_MOD_DELETE, attribute, values[0]);
ldap_value_free(values);
}
@@ -747,7 +1349,7 @@ static void make_ldap_mod(LDAP *ldap_struct, LDAPMessage *existing,
Initialize SAM_ACCOUNT from an LDAP query
(Based on init_buffer_from_sam in pdb_tdb.c)
*********************************************************************/
-static BOOL init_ldap_from_sam (struct smb_ldap_privates *ldap_state,
+static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state,
LDAPMessage *existing,
LDAPMod *** mods, const SAM_ACCOUNT * sampass,
BOOL (*need_update)(const SAM_ACCOUNT *,
@@ -933,7 +1535,7 @@ static BOOL init_ldap_from_sam (struct smb_ldap_privates *ldap_state,
/**********************************************************************
Connect to LDAP server and find the next available RID.
*********************************************************************/
-static uint32 check_nua_rid_is_avail(struct smb_ldap_privates *ldap_state, uint32 top_rid)
+static uint32 check_nua_rid_is_avail(struct ldapsam_privates *ldap_state, uint32 top_rid)
{
LDAPMessage *result;
uint32 final_rid = (top_rid & (~USER_RID_TYPE)) + RID_MULTIPLIER;
@@ -964,7 +1566,7 @@ static uint32 check_nua_rid_is_avail(struct smb_ldap_privates *ldap_state, uint3
/**********************************************************************
Extract the RID from an LDAP entry
*********************************************************************/
-static uint32 entry_to_user_rid(struct smb_ldap_privates *ldap_state, LDAPMessage *entry) {
+static uint32 entry_to_user_rid(struct ldapsam_privates *ldap_state, LDAPMessage *entry) {
uint32 rid;
SAM_ACCOUNT *user = NULL;
if (!NT_STATUS_IS_OK(pdb_init_sam(&user))) {
@@ -987,7 +1589,7 @@ static uint32 entry_to_user_rid(struct smb_ldap_privates *ldap_state, LDAPMessag
/**********************************************************************
Connect to LDAP server and find the next available RID.
*********************************************************************/
-static uint32 search_top_nua_rid(struct smb_ldap_privates *ldap_state)
+static uint32 search_top_nua_rid(struct ldapsam_privates *ldap_state)
{
int rc;
pstring filter;
@@ -1008,7 +1610,7 @@ static uint32 search_top_nua_rid(struct smb_ldap_privates *ldap_state)
#endif
DEBUG(2, ("ldapsam_get_next_available_nua_rid: searching for:[%s]\n", final_filter));
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(),
+ rc = ldapsam_search(ldap_state, lp_ldap_suffix(),
LDAP_SCOPE_SUBTREE, final_filter, attr, 0,
&result);
@@ -1057,7 +1659,7 @@ static uint32 search_top_nua_rid(struct smb_ldap_privates *ldap_state)
/**********************************************************************
Connect to LDAP server and find the next available RID.
*********************************************************************/
-static uint32 ldapsam_get_next_available_nua_rid(struct smb_ldap_privates *ldap_state) {
+static uint32 ldapsam_get_next_available_nua_rid(struct ldapsam_privates *ldap_state) {
uint32 next_nua_rid;
uint32 top_nua_rid;
@@ -1074,14 +1676,14 @@ Connect to LDAP server for password enumeration
*********************************************************************/
static NTSTATUS ldapsam_setsampwent(struct pdb_methods *my_methods, BOOL update)
{
- struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
int rc;
pstring filter;
pstrcpy(filter, lp_ldap_filter());
all_string_sub(filter, "%u", "*", sizeof(pstring));
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(),
+ rc = ldapsam_search(ldap_state, lp_ldap_suffix(),
LDAP_SCOPE_SUBTREE, filter, attr, 0,
&ldap_state->result);
@@ -1109,7 +1711,7 @@ End enumeration of the LDAP password list
*********************************************************************/
static void ldapsam_endsampwent(struct pdb_methods *my_methods)
{
- struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
if (ldap_state->result) {
ldap_msgfree(ldap_state->result);
ldap_state->result = NULL;
@@ -1122,9 +1724,13 @@ Get the next entry in the LDAP password database
static NTSTATUS ldapsam_getsampwent(struct pdb_methods *my_methods, SAM_ACCOUNT *user)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
- struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
BOOL bret = False;
+ /* The rebind proc needs this *HACK*. We are not multithreaded, so
+ this will work, but it's not nice. */
+ static_ldap_state = ldap_state;
+
while (!bret) {
if (!ldap_state->entry)
return ret;
@@ -1145,7 +1751,7 @@ Get SAM_ACCOUNT entry from LDAP by username
static NTSTATUS ldapsam_getsampwnam(struct pdb_methods *my_methods, SAM_ACCOUNT *user, const char *sname)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
- struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
LDAPMessage *result;
LDAPMessage *entry;
int count;
@@ -1189,8 +1795,8 @@ Get SAM_ACCOUNT entry from LDAP by rid
static NTSTATUS ldapsam_getsampwrid(struct pdb_methods *my_methods, SAM_ACCOUNT *user, uint32 rid)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
- struct smb_ldap_privates *ldap_state =
- (struct smb_ldap_privates *)my_methods->private_data;
+ struct ldapsam_privates *ldap_state =
+ (struct ldapsam_privates *)my_methods->private_data;
LDAPMessage *result;
LDAPMessage *entry;
int count;
@@ -1245,7 +1851,7 @@ static NTSTATUS ldapsam_modify_entry(struct pdb_methods *my_methods,
SAM_ACCOUNT *newpwd, char *dn,
LDAPMod **mods, int ldap_op, BOOL pdb_add)
{
- struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
int rc;
if (!my_methods || !newpwd || !dn) {
@@ -1259,11 +1865,11 @@ static NTSTATUS ldapsam_modify_entry(struct pdb_methods *my_methods,
switch(ldap_op)
{
case LDAP_MOD_ADD:
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "account");
- rc = smb_ldap_add(ldap_state, dn, mods);
+ make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "account");
+ rc = ldapsam_add(ldap_state, dn, mods);
break;
case LDAP_MOD_REPLACE:
- rc = smb_ldap_modify(ldap_state, dn ,mods);
+ rc = ldapsam_modify(ldap_state, dn ,mods);
break;
default:
DEBUG(0,("Wrong LDAP operation type: %d!\n", ldap_op));
@@ -1310,7 +1916,7 @@ static NTSTATUS ldapsam_modify_entry(struct pdb_methods *my_methods,
ber_free(ber,1);
- if ((rc = smb_ldap_extended_operation(ldap_state, LDAP_EXOP_X_MODIFY_PASSWD,
+ if ((rc = ldapsam_extended_operation(ldap_state, LDAP_EXOP_X_MODIFY_PASSWD,
bv, NULL, NULL, &retoid, &retdata))!=LDAP_SUCCESS) {
DEBUG(0,("LDAP Password could not be changed for user %s: %s\n",
pdb_get_username(newpwd),ldap_err2string(rc)));
@@ -1333,7 +1939,7 @@ Delete entry from LDAP for username
*********************************************************************/
static NTSTATUS ldapsam_delete_sam_account(struct pdb_methods *my_methods, SAM_ACCOUNT * sam_acct)
{
- struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
const char *sname;
int rc;
LDAPMessage *result;
@@ -1380,7 +1986,7 @@ Update SAM_ACCOUNT
static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, SAM_ACCOUNT * newpwd)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
- struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
int rc;
char *dn;
LDAPMessage *result;
@@ -1452,7 +2058,7 @@ Add SAM_ACCOUNT to LDAP
static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCOUNT * newpwd)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
- struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
int rc;
pstring filter;
LDAPMessage *result = NULL;
@@ -1530,7 +2136,7 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCO
return NT_STATUS_UNSUCCESSFUL;
}
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "sambaAccount");
+ make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "sambaAccount");
ret = ldapsam_modify_entry(my_methods,newpwd,dn,mods,ldap_op, True);
if (NT_STATUS_IS_ERR(ret)) {
@@ -1547,15 +2153,15 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCO
static void free_private_data(void **vp)
{
- struct smb_ldap_privates **ldap_state = (struct smb_ldap_privates **)vp;
+ struct ldapsam_privates **ldap_state = (struct ldapsam_privates **)vp;
- smb_ldap_close(*ldap_state);
+ ldapsam_close(*ldap_state);
if ((*ldap_state)->bind_secret) {
memset((*ldap_state)->bind_secret, '\0', strlen((*ldap_state)->bind_secret));
}
- smb_ldap_close(*ldap_state);
+ ldapsam_close(*ldap_state);
SAFE_FREE((*ldap_state)->bind_dn);
SAFE_FREE((*ldap_state)->bind_secret);
@@ -1570,7 +2176,7 @@ static const char *group_attr[] = {"cn", "ntSid", "ntGroupType",
"displayName", "description",
NULL };
-static int ldapsam_search_one_group (struct smb_ldap_privates *ldap_state,
+static int ldapsam_search_one_group (struct ldapsam_privates *ldap_state,
const char *filter,
LDAPMessage ** result)
{
@@ -1579,7 +2185,7 @@ static int ldapsam_search_one_group (struct smb_ldap_privates *ldap_state,
DEBUG(2, ("ldapsam_search_one_group: searching for:[%s]\n", filter));
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix (), scope,
+ rc = ldapsam_search(ldap_state, lp_ldap_suffix (), scope,
filter, group_attr, 0, result);
if (rc != LDAP_SUCCESS) {
@@ -1597,7 +2203,7 @@ static int ldapsam_search_one_group (struct smb_ldap_privates *ldap_state,
return rc;
}
-static BOOL init_group_from_ldap(struct smb_ldap_privates *ldap_state,
+static BOOL init_group_from_ldap(struct ldapsam_privates *ldap_state,
GROUP_MAP *map, LDAPMessage *entry)
{
pstring temp;
@@ -1608,7 +2214,7 @@ static BOOL init_group_from_ldap(struct smb_ldap_privates *ldap_state,
return False;
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber",
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber",
temp)) {
DEBUG(0, ("Mandatory attribute gidNumber not found\n"));
return False;
@@ -1617,14 +2223,14 @@ static BOOL init_group_from_ldap(struct smb_ldap_privates *ldap_state,
map->gid = (gid_t)atol(temp);
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "ntSid",
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "ntSid",
temp)) {
DEBUG(0, ("Mandatory attribute ntSid not found\n"));
return False;
}
string_to_sid(&map->sid, temp);
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "ntGroupType",
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "ntGroupType",
temp)) {
DEBUG(0, ("Mandatory attribute ntGroupType not found\n"));
return False;
@@ -1637,11 +2243,11 @@ static BOOL init_group_from_ldap(struct smb_ldap_privates *ldap_state,
return False;
}
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "displayName",
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "displayName",
temp)) {
DEBUG(3, ("Attribute displayName not found\n"));
temp[0] = '\0';
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "cn",
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "cn",
temp)) {
DEBUG(0, ("Attributes cn not found either "
"for gidNumber(%i)\n",map->gid));
@@ -1650,7 +2256,7 @@ static BOOL init_group_from_ldap(struct smb_ldap_privates *ldap_state,
}
fstrcpy(map->nt_name, temp);
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "description",
+ if (!get_single_attribute(ldap_state->ldap_struct, entry, "description",
temp)) {
DEBUG(3, ("Attribute description not found\n"));
temp[0] = '\0';
@@ -1692,8 +2298,8 @@ static NTSTATUS ldapsam_getgroup(struct pdb_methods *methods,
const char *filter,
GROUP_MAP *map)
{
- struct smb_ldap_privates *ldap_state =
- (struct smb_ldap_privates *)methods->private_data;
+ struct ldapsam_privates *ldap_state =
+ (struct ldapsam_privates *)methods->private_data;
LDAPMessage *result;
LDAPMessage *entry;
int count;
@@ -1772,7 +2378,7 @@ static NTSTATUS ldapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
return ldapsam_getgroup(methods, filter, map);
}
-static int ldapsam_search_one_group_by_gid(struct smb_ldap_privates *ldap_state,
+static int ldapsam_search_one_group_by_gid(struct ldapsam_privates *ldap_state,
gid_t gid,
LDAPMessage **result)
{
@@ -1787,8 +2393,8 @@ static int ldapsam_search_one_group_by_gid(struct smb_ldap_privates *ldap_state,
static NTSTATUS ldapsam_add_group_mapping_entry(struct pdb_methods *methods,
GROUP_MAP *map)
{
- struct smb_ldap_privates *ldap_state =
- (struct smb_ldap_privates *)methods->private_data;
+ struct ldapsam_privates *ldap_state =
+ (struct ldapsam_privates *)methods->private_data;
LDAPMessage *result = NULL;
LDAPMod **mods = NULL;
@@ -1838,10 +2444,10 @@ static NTSTATUS ldapsam_add_group_mapping_entry(struct pdb_methods *methods,
return NT_STATUS_UNSUCCESSFUL;
}
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass",
+ make_a_mod(&mods, LDAP_MOD_ADD, "objectClass",
"sambaGroupMapping");
- rc = smb_ldap_modify(ldap_state, dn, mods);
+ rc = ldapsam_modify(ldap_state, dn, mods);
ldap_mods_free(mods, 1);
if (rc != LDAP_SUCCESS) {
@@ -1861,8 +2467,8 @@ static NTSTATUS ldapsam_add_group_mapping_entry(struct pdb_methods *methods,
static NTSTATUS ldapsam_update_group_mapping_entry(struct pdb_methods *methods,
GROUP_MAP *map)
{
- struct smb_ldap_privates *ldap_state =
- (struct smb_ldap_privates *)methods->private_data;
+ struct ldapsam_privates *ldap_state =
+ (struct ldapsam_privates *)methods->private_data;
int rc;
char *dn;
LDAPMessage *result;
@@ -1898,7 +2504,7 @@ static NTSTATUS ldapsam_update_group_mapping_entry(struct pdb_methods *methods,
return NT_STATUS_UNSUCCESSFUL;
}
- rc = smb_ldap_modify(ldap_state, dn, mods);
+ rc = ldapsam_modify(ldap_state, dn, mods);
ldap_mods_free(mods, 1);
@@ -1918,8 +2524,8 @@ static NTSTATUS ldapsam_update_group_mapping_entry(struct pdb_methods *methods,
static NTSTATUS ldapsam_delete_group_mapping_entry(struct pdb_methods *methods,
DOM_SID sid)
{
- struct smb_ldap_privates *ldap_state =
- (struct smb_ldap_privates *)methods->private_data;
+ struct ldapsam_privates *ldap_state =
+ (struct ldapsam_privates *)methods->private_data;
pstring sidstring, filter;
LDAPMessage *result;
int rc;
@@ -1947,12 +2553,12 @@ static NTSTATUS ldapsam_delete_group_mapping_entry(struct pdb_methods *methods,
static NTSTATUS ldapsam_setsamgrent(struct pdb_methods *my_methods,
BOOL update)
{
- struct smb_ldap_privates *ldap_state =
- (struct smb_ldap_privates *)my_methods->private_data;
+ struct ldapsam_privates *ldap_state =
+ (struct ldapsam_privates *)my_methods->private_data;
const char *filter = "(objectClass=sambaGroupMapping)";
int rc;
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(),
+ rc = ldapsam_search(ldap_state, lp_ldap_suffix(),
LDAP_SCOPE_SUBTREE, filter,
group_attr, 0, &ldap_state->result);
@@ -1984,9 +2590,13 @@ static NTSTATUS ldapsam_getsamgrent(struct pdb_methods *my_methods,
GROUP_MAP *map)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
- struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
BOOL bret = False;
+ /* The rebind proc needs this *HACK*. We are not multithreaded, so
+ this will work, but it's not nice. */
+ static_ldap_state = ldap_state;
+
while (!bret) {
if (!ldap_state->entry)
return ret;
@@ -2054,7 +2664,7 @@ static NTSTATUS ldapsam_enum_group_mapping(struct pdb_methods *methods,
NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
- struct smb_ldap_privates *ldap_state;
+ struct ldapsam_privates *ldap_state;
if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
return nt_status;
@@ -2081,7 +2691,7 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co
/* TODO: Setup private data and free */
- ldap_state = talloc_zero(pdb_context->mem_ctx, sizeof(struct smb_ldap_privates));
+ ldap_state = talloc_zero(pdb_context->mem_ctx, sizeof(struct ldapsam_privates));
if (!ldap_state) {
DEBUG(0, ("talloc() failed for ldapsam private_data!\n"));
@@ -2119,7 +2729,7 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co
NTSTATUS pdb_init_ldapsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
- struct smb_ldap_privates *ldap_state;
+ struct ldapsam_privates *ldap_state;
uint32 low_nua_uid, high_nua_uid;
if (!NT_STATUS_IS_OK(nt_status = pdb_init_ldapsam(pdb_context, pdb_method, location))) {
@@ -2144,9 +2754,20 @@ NTSTATUS pdb_init_ldapsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method
return NT_STATUS_OK;
}
-int pdb_ldap_init(void)
+
+#else
+
+NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+{
+ DEBUG(0, ("ldap not detected at configure time, ldapsam not availalble!\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+NTSTATUS pdb_init_ldapsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
- smb_register_passdb("ldapsam", pdb_init_ldapsam, PASSDB_INTERFACE_VERSION);
- smb_register_passdb("ldapsam_nua", pdb_init_ldapsam_nua, PASSDB_INTERFACE_VERSION);
- return True;
+ DEBUG(0, ("ldap not dectected at configure time, ldapsam_nua not available!\n"));
+ return NT_STATUS_UNSUCCESSFUL;
}
+
+
+#endif
diff --git a/source3/modules/mysql.c b/source3/passdb/pdb_mysql.c
index 684eb96645..d0f30c6394 100644
--- a/source3/modules/mysql.c
+++ b/source3/passdb/pdb_mysql.c
@@ -1,4 +1,3 @@
-
/*
* MySQL password backend for samba
* Copyright (C) Jelmer Vernooij 2002
@@ -64,10 +63,12 @@ static int mysqlsam_debug_level = DBGC_ALL;
#undef DBGC_CLASS
#define DBGC_CLASS mysqlsam_debug_level
+PDB_MODULE_VERSIONING_MAGIC
+
typedef struct pdb_mysql_data {
MYSQL *handle;
MYSQL_RES *pwent;
- const char *location;
+ char *location;
} pdb_mysql_data;
/* Used to construct insert and update queries */
@@ -893,8 +894,61 @@ static NTSTATUS mysqlsam_update_sam_account(struct pdb_methods *methods,
return mysqlsam_replace_sam_account(methods, newpwd, 1);
}
-static NTSTATUS mysqlsam_init(struct pdb_context * pdb_context, struct pdb_methods ** pdb_method,
- const char *location)
+static NTSTATUS mysqlsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
+ DOM_SID sid, BOOL with_priv)
+{
+ return get_group_map_from_sid(sid, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS mysqlsam_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
+ gid_t gid, BOOL with_priv)
+{
+ return get_group_map_from_gid(gid, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS mysqlsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
+ char *name, BOOL with_priv)
+{
+ return get_group_map_from_ntname(name, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS mysqlsam_add_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return add_mapping_entry(map, TDB_INSERT) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS mysqlsam_update_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return add_mapping_entry(map, TDB_REPLACE) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS mysqlsam_delete_group_mapping_entry(struct pdb_methods *methods,
+ DOM_SID sid)
+{
+ return group_map_remove(sid) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS mysqlsam_enum_group_mapping(struct pdb_methods *methods,
+ enum SID_NAME_USE sid_name_use,
+ GROUP_MAP **rmap, int *num_entries,
+ BOOL unix_only, BOOL with_priv)
+{
+ return enum_group_mapping(sid_name_use, rmap, num_entries, unix_only,
+ with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+
+NTSTATUS pdb_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method,
+ char *location)
{
NTSTATUS nt_status;
struct pdb_mysql_data *data;
@@ -926,6 +980,13 @@ static NTSTATUS mysqlsam_init(struct pdb_context * pdb_context, struct pdb_metho
(*pdb_method)->add_sam_account = mysqlsam_add_sam_account;
(*pdb_method)->update_sam_account = mysqlsam_update_sam_account;
(*pdb_method)->delete_sam_account = mysqlsam_delete_sam_account;
+ (*pdb_method)->getgrsid = mysqlsam_getgrsid;
+ (*pdb_method)->getgrgid = mysqlsam_getgrgid;
+ (*pdb_method)->getgrnam = mysqlsam_getgrnam;
+ (*pdb_method)->add_group_mapping_entry = mysqlsam_add_group_mapping_entry;
+ (*pdb_method)->update_group_mapping_entry = mysqlsam_update_group_mapping_entry;
+ (*pdb_method)->delete_group_mapping_entry = mysqlsam_delete_group_mapping_entry;
+ (*pdb_method)->enum_group_mapping = mysqlsam_enum_group_mapping;
data = talloc(pdb_context->mem_ctx, sizeof(struct pdb_mysql_data));
(*pdb_method)->private_data = data;
@@ -933,7 +994,7 @@ static NTSTATUS mysqlsam_init(struct pdb_context * pdb_context, struct pdb_metho
data->pwent = NULL;
if (!location) {
- DEBUG(0, ("No identifier specified. Check the Samba HOWTO Collection for details\n"));
+ DEBUG(0, ("No identifier specified. See README for details\n"));
return NT_STATUS_INVALID_PARAMETER;
}
@@ -971,8 +1032,3 @@ static NTSTATUS mysqlsam_init(struct pdb_context * pdb_context, struct pdb_metho
return NT_STATUS_OK;
}
-
-int pdb_mysql_init(void)
-{
- return smb_register_passdb("mysql", mysqlsam_init, PASSDB_INTERFACE_VERSION);
-}
diff --git a/source3/passdb/pdb_nisplus.c b/source3/passdb/pdb_nisplus.c
index 73d65af1c6..0a42c36ea0 100644
--- a/source3/passdb/pdb_nisplus.c
+++ b/source3/passdb/pdb_nisplus.c
@@ -24,6 +24,8 @@
#include "includes.h"
+#ifdef WITH_NISPLUS_SAM
+
#ifdef BROKEN_NISPLUS_INCLUDE_FILES
/*
@@ -1553,7 +1555,11 @@ NTSTATUS pdb_init_nisplussam (PDB_CONTEXT * pdb_context,
return NT_STATUS_OK;
}
-int pdb_nisplus_init(void)
+#else
+NTSTATUS pdb_init_nisplussam (PDB_CONTEXT * c, PDB_METHODS ** m,
+ const char *l)
{
- return smb_register_passdb("nisplussam", pdb_init_nisplussam, PASSDB_INTERFACE_VERSION);
+ DEBUG (0, ("nisplus sam not compiled in!\n"));
+ return NT_STATUS_UNSUCCESSFUL;
}
+#endif /* WITH_NISPLUS_SAM */
diff --git a/source3/sam/sam_plugin.c b/source3/passdb/pdb_plugin.c
index fd26c4b8d3..ea67da23a5 100644
--- a/source3/sam/sam_plugin.c
+++ b/source3/passdb/pdb_plugin.c
@@ -1,9 +1,8 @@
/*
Unix SMB/CIFS implementation.
- Loadable san module interface.
- Copyright (C) Jelmer Vernooij 2002
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
+ Loadable passdb module interface.
+ Copyright (C) Jelmer Vernooij 2002
+ Copyright (C) Andrew Bartlett 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -23,57 +22,57 @@
#include "includes.h"
#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_SAM
+#define DBGC_CLASS DBGC_PASSDB
-NTSTATUS sam_init_plugin(SAM_METHODS *sam_methods, const char *module_params)
+NTSTATUS pdb_init_plugin(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
- void *dl_handle;
- char *plugin_params, *plugin_name, *p;
- sam_init_function plugin_init;
+ void * dl_handle;
+ char *plugin_location, *plugin_name, *p;
+ pdb_init_function plugin_init;
int (*plugin_version)(void);
- if (module_params == NULL) {
+ if (location == NULL) {
DEBUG(0, ("The plugin module needs an argument!\n"));
return NT_STATUS_UNSUCCESSFUL;
}
- plugin_name = smb_xstrdup(module_params);
+ plugin_name = smb_xstrdup(location);
p = strchr(plugin_name, ':');
if (p) {
*p = 0;
- plugin_params = p+1;
- trim_string(plugin_params, " ", " ");
- } else plugin_params = NULL;
+ plugin_location = p+1;
+ trim_string(plugin_location, " ", " ");
+ } else plugin_location = NULL;
trim_string(plugin_name, " ", " ");
DEBUG(5, ("Trying to load sam plugin %s\n", plugin_name));
- dl_handle = sys_dlopen(plugin_name, RTLD_NOW);
+ dl_handle = sys_dlopen(plugin_name, RTLD_NOW );
if (!dl_handle) {
DEBUG(0, ("Failed to load sam plugin %s using sys_dlopen (%s)\n", plugin_name, sys_dlerror()));
return NT_STATUS_UNSUCCESSFUL;
}
- plugin_version = sys_dlsym(dl_handle, "sam_version");
+ plugin_version = sys_dlsym(dl_handle, "pdb_version");
if (!plugin_version) {
sys_dlclose(dl_handle);
- DEBUG(0, ("Failed to find function 'sam_version' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror()));
+ DEBUG(0, ("Failed to find function 'pdb_version' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror()));
return NT_STATUS_UNSUCCESSFUL;
}
- if (plugin_version()!=SAM_INTERFACE_VERSION) {
+ if (plugin_version() != PASSDB_INTERFACE_VERSION) {
sys_dlclose(dl_handle);
- DEBUG(0, ("Wrong SAM_INTERFACE_VERSION! sam plugin has version %d and version %d is needed! Please update!\n",
- plugin_version(),SAM_INTERFACE_VERSION));
+ DEBUG(0, ("Wrong PASSDB_INTERFACE_VERSION! sam plugin has version %d and version %d is needed! Please update!\n",
+ plugin_version(),PASSDB_INTERFACE_VERSION));
return NT_STATUS_UNSUCCESSFUL;
}
- plugin_init = sys_dlsym(dl_handle, "sam_init");
+ plugin_init = sys_dlsym(dl_handle, "pdb_init");
if (!plugin_init) {
sys_dlclose(dl_handle);
- DEBUG(0, ("Failed to find function 'sam_init' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror()));
+ DEBUG(0, ("Failed to find function 'pdb_init' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror()));
return NT_STATUS_UNSUCCESSFUL;
}
- DEBUG(5, ("Starting sam plugin %s with parameters %s for domain %s\n", plugin_name, plugin_params, sam_methods->domain_name));
- return plugin_init(sam_methods, plugin_params);
+ DEBUG(5, ("Starting sam plugin %s with location %s\n", plugin_name, plugin_location));
+ return plugin_init(pdb_context, pdb_method, plugin_location);
}
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index 7f74196633..b5a2bbbfe7 100644
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -1579,10 +1579,3 @@ NTSTATUS pdb_init_smbpasswd_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_meth
return NT_STATUS_OK;
}
-
-int pdb_smbpasswd_init(void)
-{
- smb_register_passdb("smbpasswd", pdb_init_smbpasswd, PASSDB_INTERFACE_VERSION);
- smb_register_passdb("smbpasswd_nua", pdb_init_smbpasswd_nua, PASSDB_INTERFACE_VERSION);
- return True;
-}
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index 7e2f4b832f..c48c9567b1 100644
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -37,6 +37,8 @@ static int tdbsam_debug_level = DBGC_ALL;
#endif
+#ifdef WITH_TDB_SAM
+
#define PDB_VERSION "20010830"
#define PASSDB_FILE_NAME "passdb.tdb"
#define TDB_FORMAT_STRING "ddddddBBBBBBBBBBBBddBBwdwdBdd"
@@ -986,10 +988,20 @@ NTSTATUS pdb_init_tdbsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method,
return NT_STATUS_OK;
}
-int pdb_tdbsam_init(void)
+
+#else
+
+NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
- smb_register_passdb("tdbsam", pdb_init_tdbsam, PASSDB_INTERFACE_VERSION);
- smb_register_passdb("tdbsam_nua", pdb_init_tdbsam_nua, PASSDB_INTERFACE_VERSION);
- return True;
+ DEBUG(0, ("tdbsam not compiled in!\n"));
+ return NT_STATUS_UNSUCCESSFUL;
}
+NTSTATUS pdb_init_tdbsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+{
+ DEBUG(0, ("tdbsam_nua not compiled in!\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+
+#endif
diff --git a/source3/passdb/pdb_unix.c b/source3/passdb/pdb_unix.c
index ed83024248..86a86d60d4 100644
--- a/source3/passdb/pdb_unix.c
+++ b/source3/passdb/pdb_unix.c
@@ -124,8 +124,3 @@ NTSTATUS pdb_init_unixsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co
/* There's not very much to initialise here */
return NT_STATUS_OK;
}
-
-int pdb_unix_init(void)
-{
- return smb_register_passdb("unixsam", pdb_init_unixsam, PASSDB_INTERFACE_VERSION);
-}
diff --git a/source3/modules/xml.c b/source3/passdb/pdb_xml.c
index 1a4aeeeac0..edf70250e2 100644
--- a/source3/modules/xml.c
+++ b/source3/passdb/pdb_xml.c
@@ -40,6 +40,8 @@ static int xmlsam_debug_level = DBGC_ALL;
#undef DBGC_CLASS
#define DBGC_CLASS xmlsam_debug_level
+PDB_MODULE_VERSIONING_MAGIC
+
static char * iota(int a) {
static char tmp[10];
@@ -47,7 +49,7 @@ static char * iota(int a) {
return tmp;
}
-static BOOL parsePass(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u)
+BOOL parsePass(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u)
{
pstring temp;
@@ -76,7 +78,7 @@ static BOOL parsePass(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT *
return True;
}
-static BOOL parseUser(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u)
+BOOL parseUser(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u)
{
char *tmp;
DOM_SID sid;
@@ -245,7 +247,7 @@ typedef struct pdb_xml {
xmlNsPtr ns;
} pdb_xml;
-static xmlNodePtr parseSambaXMLFile(struct pdb_xml *data)
+xmlNodePtr parseSambaXMLFile(struct pdb_xml *data)
{
xmlNodePtr cur;
@@ -512,7 +514,7 @@ static NTSTATUS xmlsam_add_sam_account(struct pdb_methods *methods, SAM_ACCOUNT
return NT_STATUS_OK;
}
-NTSTATUS xmlsam_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method,
+NTSTATUS pdb_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method,
const char *location)
{
NTSTATUS nt_status;
@@ -563,8 +565,3 @@ NTSTATUS xmlsam_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method,
return NT_STATUS_OK;
}
-
-int pdb_xml_init(void)
-{
- return smb_register_passdb("xml", xmlsam_init, PASSDB_INTERFACE_VERSION);
-}
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c
index 64fedc7284..db08d02714 100644
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -265,44 +265,38 @@ BOOL secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16],
************************************************************************/
BOOL secrets_fetch_trusted_domain_password(const char *domain, char** pwd,
- DOM_SID *sid, time_t *pass_last_set_time)
+ DOM_SID *sid, time_t *pass_last_set_time)
{
- struct trusted_dom_pass pass;
+ struct trusted_dom_pass *pass;
size_t size;
-
- /* unpacking structures */
- char* pass_buf;
- int pass_len = 0;
-
- ZERO_STRUCT(pass);
/* fetching trusted domain password structure */
- if (!(pass_buf = secrets_fetch(trustdom_keystr(domain), &size))) {
+ if (!(pass = secrets_fetch(trustdom_keystr(domain), &size))) {
DEBUG(5, ("secrets_fetch failed!\n"));
return False;
}
- /* unpack trusted domain password */
- pass_len = tdb_trusted_dom_pass_unpack(pass_buf, size, &pass);
- if (pass_len != size) {
- DEBUG(5, ("Invalid secrets size. Unpacked data doesn't match trusted_dom_pass structure.\n"));
+ if (size != sizeof(*pass)) {
+ DEBUG(0, ("secrets were of incorrect size!\n"));
return False;
}
-
+
/* the trust's password */
if (pwd) {
- *pwd = strdup(pass.pass);
+ *pwd = strdup(pass->pass);
if (!*pwd) {
return False;
}
}
/* last change time */
- if (pass_last_set_time) *pass_last_set_time = pass.mod_time;
+ if (pass_last_set_time) *pass_last_set_time = pass->mod_time;
/* domain sid */
- sid_copy(sid, &pass.domain_sid);
-
+ memcpy(&sid, &(pass->domain_sid), sizeof(sid));
+
+ SAFE_FREE(pass);
+
return True;
}
@@ -321,7 +315,7 @@ BOOL secrets_store_trust_account_password(const char *domain, uint8 new_pwd[16])
}
/**
- * Routine to store the password for trusted domain
+ * Routine to set the password for trusted domain
*
* @param domain remote domain name
* @param pwd plain text password of trust relationship
@@ -331,17 +325,12 @@ BOOL secrets_store_trust_account_password(const char *domain, uint8 new_pwd[16])
**/
BOOL secrets_store_trusted_domain_password(const char* domain, smb_ucs2_t *uni_dom_name,
- size_t uni_name_len, const char* pwd,
- DOM_SID sid)
-{
- /* packing structures */
- pstring pass_buf;
- int pass_len = 0;
- int pass_buf_len = sizeof(pass_buf);
-
+ size_t uni_name_len, const char* pwd,
+ DOM_SID sid)
+{
struct trusted_dom_pass pass;
ZERO_STRUCT(pass);
-
+
/* unicode domain name and its length */
if (!uni_dom_name)
return False;
@@ -357,11 +346,9 @@ BOOL secrets_store_trusted_domain_password(const char* domain, smb_ucs2_t *uni_d
fstrcpy(pass.pass, pwd);
/* domain sid */
- sid_copy(&pass.domain_sid, &sid);
-
- pass_len = tdb_trusted_dom_pass_pack(pass_buf, pass_buf_len, &pass);
+ memcpy(&(pass.domain_sid), &sid, sizeof(sid));
- return secrets_store(trustdom_keystr(domain), (void *)&pass_buf, pass_len);
+ return secrets_store(trustdom_keystr(domain), (void *)&pass, sizeof(pass));
}
/************************************************************************
@@ -488,10 +475,9 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in
char *pattern;
unsigned int start_idx;
uint32 idx = 0;
- size_t size, packed_size = 0;
+ size_t size;
fstring dom_name;
- char *packed_pass;
- struct trusted_dom_pass *pass = talloc_zero(ctx, sizeof(struct trusted_dom_pass));
+ struct trusted_dom_pass *pass;
NTSTATUS status;
if (!secrets_init()) return NT_STATUS_ACCESS_DENIED;
@@ -519,7 +505,7 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in
*/
status = NT_STATUS_NO_MORE_ENTRIES;
- /* searching for keys in secrets db -- way to go ... */
+ /* searching for keys in sectrets db -- way to go ... */
for (k = keys; k; k = k->next) {
char *secrets_key;
@@ -530,19 +516,14 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in
return NT_STATUS_NO_MEMORY;
}
- packed_pass = secrets_fetch(secrets_key, &size);
- packed_size = tdb_trusted_dom_pass_unpack(packed_pass, size, pass);
-
- if (size != packed_size) {
+ pass = secrets_fetch(secrets_key, &size);
+
+ if (size != sizeof(*pass)) {
DEBUG(2, ("Secrets record %s is invalid!\n", secrets_key));
- if (size) SAFE_FREE(packed_pass);
-
+ SAFE_FREE(pass);
continue;
}
- /* packed representation isn't needed anymore */
- SAFE_FREE(packed_pass);
-
pull_ucs2_fstring(dom_name, pass->uni_name);
DEBUG(18, ("Fetched secret record num %d.\nDomain name: %s, SID: %s\n",
idx, dom_name, sid_string_static(&pass->domain_sid)));
@@ -553,6 +534,8 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in
dom = talloc_zero(ctx, sizeof(*dom));
if (!dom) {
/* free returned tdb record */
+ SAFE_FREE(pass);
+
return NT_STATUS_NO_MEMORY;
}
@@ -586,7 +569,10 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in
start_idx, max_num_domains));
}
- idx++;
+ idx++;
+
+ /* free returned tdb record */
+ SAFE_FREE(pass);
}
DEBUG(5, ("secrets_get_trusted_domains: got %d domains\n", *num_domains));
@@ -609,9 +595,9 @@ BOOL secrets_named_mutex(const char *name, unsigned int timeout)
if (!message_init())
return False;
- ret = tdb_lock_bystring(tdb, name, timeout);
- if (ret == 0)
- DEBUG(10,("secrets_named_mutex: got mutex for %s\n", name ));
+ ret = tdb_lock_bystring(tdb, name, timeout);
+ if (ret == 0)
+ DEBUG(10,("secrets_named_mutex: got mutex for %s\n", name ));
return (ret == 0);
}
@@ -622,8 +608,8 @@ BOOL secrets_named_mutex(const char *name, unsigned int timeout)
void secrets_named_mutex_release(const char *name)
{
- tdb_unlock_bystring(tdb, name);
- DEBUG(10,("secrets_named_mutex: released mutex for %s\n", name ));
+ tdb_unlock_bystring(tdb, name);
+ DEBUG(10,("secrets_named_mutex: released mutex for %s\n", name ));
}
/*********************************************************
diff --git a/source3/python/py_smb.c b/source3/python/py_smb.c
index d37b73cceb..8d81176e4d 100644
--- a/source3/python/py_smb.c
+++ b/source3/python/py_smb.c
@@ -165,8 +165,8 @@ static PyObject *py_smb_nt_create_andx(PyObject *self, PyObject *args,
return NULL;
result = cli_nt_create_full(
- cli->cli, filename, 0, desired_access, file_attributes,
- share_access, create_disposition, create_options, 0);
+ cli->cli, filename, desired_access, file_attributes,
+ share_access, create_disposition, create_options);
if (cli_is_error(cli->cli)) {
PyErr_SetString(PyExc_RuntimeError, "nt_create_andx failed");
diff --git a/source3/python/py_winbind.c b/source3/python/py_winbind.c
index 0c40861c70..db66be2321 100644
--- a/source3/python/py_winbind.c
+++ b/source3/python/py_winbind.c
@@ -261,12 +261,12 @@ static PyObject *py_config_dict(void)
/* Winbind uid/gid range */
- if (lp_idmap_uid(&ulow, &uhi)) {
+ if (lp_winbind_uid(&ulow, &uhi)) {
PyDict_SetItemString(result, "uid_low", PyInt_FromLong(ulow));
PyDict_SetItemString(result, "uid_high", PyInt_FromLong(uhi));
}
- if (lp_idmap_gid(&glow, &ghi)) {
+ if (lp_winbind_gid(&glow, &ghi)) {
PyDict_SetItemString(result, "gid_low", PyInt_FromLong(glow));
PyDict_SetItemString(result, "gid_high", PyInt_FromLong(ghi));
}
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index 9002ad3d1b..db873236e4 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -1164,7 +1164,7 @@ NTSTATUS cli_lsa_enum_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx,
LSA_Q_ENUM_ACCT_RIGHTS q;
LSA_R_ENUM_ACCT_RIGHTS r;
NTSTATUS result;
- unsigned int i;
+ int i;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
@@ -1199,7 +1199,7 @@ NTSTATUS cli_lsa_enum_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx,
*privs_name = (char **)talloc(mem_ctx, (*count) * sizeof(char **));
for (i=0;i<*count;i++) {
- (*privs_name)[i] = unistr2_tdup(mem_ctx, &r.rights.strings[i].string);
+ pull_ucs2_talloc(mem_ctx, &(*privs_name)[i], r.rights.strings[i].string.buffer);
}
done:
@@ -1293,58 +1293,6 @@ done:
}
-/* list account SIDs that have the specified right */
-
-NTSTATUS cli_lsa_enum_account_with_right(struct cli_state *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, const char *right,
- uint32 *count, DOM_SID **sids)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_ENUM_ACCT_WITH_RIGHT q;
- LSA_R_ENUM_ACCT_WITH_RIGHT r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
-
- /* Initialise parse structures */
- prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
- prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
-
- /* Marshall data and send request */
- init_q_enum_acct_with_right(&q, pol, right);
-
- if (!lsa_io_q_enum_acct_with_right("", &q, &qbuf, 0) ||
- !rpc_api_pipe_req(cli, LSA_ENUMACCTWITHRIGHT, &qbuf, &rbuf)) {
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- /* Unmarshall response */
-
- if (!lsa_io_r_enum_acct_with_right("", &r, &rbuf, 0)) {
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- *count = r.count;
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- if (*count) {
- int i;
- (*sids) = (DOM_SID *)talloc(mem_ctx, sizeof(DOM_SID) * (*count));
- for (i=0; i<*count; i++) {
- sid_copy(&(*sids)[i], &r.sids.sids[i].sid.sid);
- }
- }
-done:
-
- return result;
-}
-
-
#if 0
/** An example of how to use the routines in this file. Fetch a DOMAIN
diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c
index fc9999dc4d..0b45c0baf3 100644
--- a/source3/rpc_parse/parse_lsa.c
+++ b/source3/rpc_parse/parse_lsa.c
@@ -2219,21 +2219,18 @@ BOOL lsa_io_r_query_info2(const char *desc, LSA_R_QUERY_INFO2 *r_c,
if(!prs_uint32("ptr", ps, depth, &r_c->ptr))
return False;
-
- if (r_c->ptr != 0) {
- if(!prs_uint16("info_class", ps, depth, &r_c->info_class))
+ if(!prs_uint16("info_class", ps, depth, &r_c->info_class))
+ return False;
+ switch(r_c->info_class) {
+ case 0x000c:
+ if (!lsa_io_dns_dom_info("info12", &r_c->info.dns_dom_info,
+ ps, depth))
return False;
- switch(r_c->info_class) {
- case 0x000c:
- if (!lsa_io_dns_dom_info("info12", &r_c->info.dns_dom_info,
- ps, depth))
- return False;
break;
- default:
- DEBUG(0,("lsa_io_r_query_info2: unknown info class %d\n",
- r_c->info_class));
- return False;
- }
+ default:
+ DEBUG(0,("lsa_io_r_query_info2: unknown info class %d\n",
+ r_c->info_class));
+ return False;
}
if(!prs_align(ps))
@@ -2304,19 +2301,6 @@ BOOL lsa_io_r_enum_acct_rights(const char *desc, LSA_R_ENUM_ACCT_RIGHTS *r_c, pr
return True;
}
-/*******************************************************************
- Inits an LSA_R_ENUM_ACCT_RIGHTS structure.
-********************************************************************/
-void init_r_enum_acct_rights(LSA_R_ENUM_ACCT_RIGHTS *q_r,
- uint32 count,
- const char **rights)
-{
- DEBUG(5, ("init_r_enum_acct_rights\n"));
-
- q_r->count = count;
- init_unistr2_array(&q_r->rights, count, rights);
-}
-
/*******************************************************************
Inits an LSA_Q_ADD_ACCT_RIGHTS structure.
@@ -2332,6 +2316,7 @@ void init_q_add_acct_rights(LSA_Q_ADD_ACCT_RIGHTS *q_q,
q_q->pol = *hnd;
init_dom_sid2(&q_q->sid, sid);
init_unistr2_array(&q_q->rights, count, rights);
+ q_q->count = 5;
}
@@ -2372,15 +2357,6 @@ BOOL lsa_io_r_add_acct_rights(const char *desc, LSA_R_ADD_ACCT_RIGHTS *r_c, prs_
return True;
}
-/*******************************************************************
- Inits an LSA_R_ADD_ACCT_RIGHTS structure.
-********************************************************************/
-void init_r_add_acct_rights(LSA_R_ADD_ACCT_RIGHTS *q_r)
-{
- DEBUG(5, ("init_r_add_acct_rights\n"));
- /* oh what a silly function! */
-}
-
/*******************************************************************
Inits an LSA_Q_REMOVE_ACCT_RIGHTS structure.
@@ -2398,6 +2374,7 @@ void init_q_remove_acct_rights(LSA_Q_REMOVE_ACCT_RIGHTS *q_q,
init_dom_sid2(&q_q->sid, sid);
q_q->removeall = removeall;
init_unistr2_array(&q_q->rights, count, rights);
+ q_q->count = 5;
}
@@ -2428,7 +2405,7 @@ BOOL lsa_io_q_remove_acct_rights(const char *desc, LSA_Q_REMOVE_ACCT_RIGHTS *q_q
}
/*******************************************************************
-reads or writes a LSA_R_REMOVE_ACCT_RIGHTS structure.
+reads or writes a LSA_R_ENUM_ACCT_RIGHTS structure.
********************************************************************/
BOOL lsa_io_r_remove_acct_rights(const char *desc, LSA_R_REMOVE_ACCT_RIGHTS *r_c, prs_struct *ps, int depth)
{
@@ -2440,89 +2417,3 @@ BOOL lsa_io_r_remove_acct_rights(const char *desc, LSA_R_REMOVE_ACCT_RIGHTS *r_c
return True;
}
-
-/*******************************************************************
- Inits an LSA_R_REMOVE_ACCT_RIGHTS structure.
-********************************************************************/
-void init_r_remove_acct_rights(LSA_R_REMOVE_ACCT_RIGHTS *q_r)
-{
- DEBUG(5, ("init_r_remove_acct_rights\n"));
-}
-
-/*******************************************************************
- Inits an LSA_Q_ENUM_ACCT_WITH_RIGHT structure.
-********************************************************************/
-void init_q_enum_acct_with_right(LSA_Q_ENUM_ACCT_WITH_RIGHT *q_q,
- POLICY_HND *hnd,
- const char *right)
-{
- DEBUG(5, ("init_q_enum_acct_with_right\n"));
-
- q_q->pol = *hnd;
- init_unistr2(&q_q->right, right, strlen(right));
- init_str_hdr(&q_q->right_hdr,
- q_q->right.uni_max_len*2,
- q_q->right.uni_max_len*2, right?1:0);
-}
-
-
-/*******************************************************************
-reads or writes a LSA_Q_ENUM_ACCT_WITH_RIGHT structure.
-********************************************************************/
-BOOL lsa_io_q_enum_acct_with_right(const char *desc, LSA_Q_ENUM_ACCT_WITH_RIGHT *q_q, prs_struct *ps, int depth)
-{
- prs_debug(ps, depth, desc, "lsa_io_q_enum_acct_with_right");
- depth++;
-
- if (!smb_io_pol_hnd("", &q_q->pol, ps, depth))
- return False;
-
- if (!prs_uint32("ref_id ", ps, depth, &q_q->right_hdr.buffer))
- return False;
-
- if (UNMARSHALLING(ps) && q_q->right_hdr.buffer == 0) {
- return True;
- }
-
- if (!smb_io_strhdr("", &q_q->right_hdr, ps, depth))
- return False;
-
- if (!smb_io_unistr2("", &q_q->right, q_q->right_hdr.buffer, ps, depth))
- return False;
-
- return True;
-}
-
-
-/*******************************************************************
-reads or writes a LSA_R_ENUM_ACCT_WITH_RIGHT structure.
-********************************************************************/
-BOOL lsa_io_r_enum_acct_with_right(const char *desc, LSA_R_ENUM_ACCT_WITH_RIGHT *r_c, prs_struct *ps, int depth)
-{
- prs_debug(ps, depth, desc, "lsa_io_r_enum_acct_with_right");
- depth++;
-
- if (!prs_uint32("count ", ps, depth, &r_c->count))
- return False;
-
- if (!smb_io_sid_array("sids ", &r_c->sids, ps, depth))
- return False;
-
- if(!prs_ntstatus("status", ps, depth, &r_c->status))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Inits an LSA_R_ENUM_ACCT_WITH_RIGHT structure.
-********************************************************************/
-void init_r_enum_acct_with_right(LSA_R_ENUM_ACCT_WITH_RIGHT *r_c,
- uint32 count,
- DOM_SID *sids)
-{
- DEBUG(5, ("init_r_enum_acct_with_right\n"));
-
- r_c->count = count;
- init_sid_array(&r_c->sids, count, sids);
-}
diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c
index a39e3391bb..f0d4c67d9f 100644
--- a/source3/rpc_parse/parse_misc.c
+++ b/source3/rpc_parse/parse_misc.c
@@ -1122,78 +1122,6 @@ BOOL smb_io_unistr2_array(const char *desc, UNISTR2_ARRAY *array, prs_struct *ps
}
-/*
- initialise a SID_ARRAY from a list of sids
-*/
-BOOL init_sid_array(SID_ARRAY *array,
- uint32 count, DOM_SID *sids)
-{
- unsigned int i;
-
- array->count = count;
- array->ref_id = count?1:0;
- if (array->count == 0) {
- return True;
- }
-
- array->sids = (SID_ARRAY_EL *)talloc_zero(get_talloc_ctx(), count * sizeof(SID_ARRAY_EL));
- if (!array->sids) {
- return False;
- }
-
- for (i=0;i<count;i++) {
- array->sids[i].ref_id = 1;
- init_dom_sid2(&array->sids[i].sid, &sids[i]);
- }
-
- return True;
-}
-
-
-/*******************************************************************
- Reads or writes a SID_ARRAY structure.
-********************************************************************/
-BOOL smb_io_sid_array(const char *desc, SID_ARRAY *array, prs_struct *ps, int depth)
-{
- unsigned int i;
-
- prs_debug(ps, depth, desc, "smb_io_sid_array");
- depth++;
-
- if(!prs_uint32("ref_id", ps, depth, &array->ref_id))
- return False;
-
- if (! array->ref_id) {
- return True;
- }
-
- if(!prs_uint32("count", ps, depth, &array->count))
- return False;
-
- if (array->count == 0) {
- return True;
- }
-
- if (UNMARSHALLING(ps)) {
- array->sids = talloc_zero(get_talloc_ctx(), array->count * sizeof(array->sids[0]));
- }
- if (! array->sids) {
- return False;
- }
-
- for (i=0;i<array->count;i++) {
- if(!prs_uint32("ref_id", ps, depth, &array->sids[i].ref_id))
- return False;
- }
-
- for (i=0;i<array->count;i++) {
- if (!smb_io_dom_sid2("sid", &array->sids[i].sid, ps, depth))
- return False;
- }
-
- return True;
-}
-
/*******************************************************************
Inits a DOM_RID2 structure.
********************************************************************/
@@ -1289,22 +1217,22 @@ void init_dom_rid4(DOM_RID4 *rid4, uint16 unknown, uint16 attr, uint32 rid)
Inits a DOM_CLNT_SRV structure.
********************************************************************/
-static void init_clnt_srv(DOM_CLNT_SRV *dlog, const char *logon_srv, const char *comp_name)
+static void init_clnt_srv(DOM_CLNT_SRV *log, const char *logon_srv, const char *comp_name)
{
DEBUG(5,("init_clnt_srv: %d\n", __LINE__));
if (logon_srv != NULL) {
- dlog->undoc_buffer = 1;
- init_unistr2(&dlog->uni_logon_srv, logon_srv, strlen(logon_srv)+1);
+ log->undoc_buffer = 1;
+ init_unistr2(&log->uni_logon_srv, logon_srv, strlen(logon_srv)+1);
} else {
- dlog->undoc_buffer = 0;
+ log->undoc_buffer = 0;
}
if (comp_name != NULL) {
- dlog->undoc_buffer2 = 1;
- init_unistr2(&dlog->uni_comp_name, comp_name, strlen(comp_name)+1);
+ log->undoc_buffer2 = 1;
+ init_unistr2(&log->uni_comp_name, comp_name, strlen(comp_name)+1);
} else {
- dlog->undoc_buffer2 = 0;
+ log->undoc_buffer2 = 0;
}
}
@@ -1312,9 +1240,9 @@ static void init_clnt_srv(DOM_CLNT_SRV *dlog, const char *logon_srv, const char
Inits or writes a DOM_CLNT_SRV structure.
********************************************************************/
-static BOOL smb_io_clnt_srv(const char *desc, DOM_CLNT_SRV *dlog, prs_struct *ps, int depth)
+static BOOL smb_io_clnt_srv(const char *desc, DOM_CLNT_SRV *log, prs_struct *ps, int depth)
{
- if (dlog == NULL)
+ if (log == NULL)
return False;
prs_debug(ps, depth, desc, "smb_io_clnt_srv");
@@ -1323,22 +1251,22 @@ static BOOL smb_io_clnt_srv(const char *desc, DOM_CLNT_SRV *dlog, prs_struct *ps
if(!prs_align(ps))
return False;
- if(!prs_uint32("undoc_buffer ", ps, depth, &dlog->undoc_buffer))
+ if(!prs_uint32("undoc_buffer ", ps, depth, &log->undoc_buffer))
return False;
- if (dlog->undoc_buffer != 0) {
- if(!smb_io_unistr2("unistr2", &dlog->uni_logon_srv, dlog->undoc_buffer, ps, depth))
+ if (log->undoc_buffer != 0) {
+ if(!smb_io_unistr2("unistr2", &log->uni_logon_srv, log->undoc_buffer, ps, depth))
return False;
}
if(!prs_align(ps))
return False;
- if(!prs_uint32("undoc_buffer2", ps, depth, &dlog->undoc_buffer2))
+ if(!prs_uint32("undoc_buffer2", ps, depth, &log->undoc_buffer2))
return False;
- if (dlog->undoc_buffer2 != 0) {
- if(!smb_io_unistr2("unistr2", &dlog->uni_comp_name, dlog->undoc_buffer2, ps, depth))
+ if (log->undoc_buffer2 != 0) {
+ if(!smb_io_unistr2("unistr2", &log->uni_comp_name, log->undoc_buffer2, ps, depth))
return False;
}
@@ -1349,28 +1277,28 @@ static BOOL smb_io_clnt_srv(const char *desc, DOM_CLNT_SRV *dlog, prs_struct *ps
Inits a DOM_LOG_INFO structure.
********************************************************************/
-void init_log_info(DOM_LOG_INFO *dlog, const char *logon_srv, const char *acct_name,
+void init_log_info(DOM_LOG_INFO *log, const char *logon_srv, const char *acct_name,
uint16 sec_chan, const char *comp_name)
{
DEBUG(5,("make_log_info %d\n", __LINE__));
- dlog->undoc_buffer = 1;
+ log->undoc_buffer = 1;
- init_unistr2(&dlog->uni_logon_srv, logon_srv, strlen(logon_srv)+1);
- init_unistr2(&dlog->uni_acct_name, acct_name, strlen(acct_name)+1);
+ init_unistr2(&log->uni_logon_srv, logon_srv, strlen(logon_srv)+1);
+ init_unistr2(&log->uni_acct_name, acct_name, strlen(acct_name)+1);
- dlog->sec_chan = sec_chan;
+ log->sec_chan = sec_chan;
- init_unistr2(&dlog->uni_comp_name, comp_name, strlen(comp_name)+1);
+ init_unistr2(&log->uni_comp_name, comp_name, strlen(comp_name)+1);
}
/*******************************************************************
Reads or writes a DOM_LOG_INFO structure.
********************************************************************/
-BOOL smb_io_log_info(const char *desc, DOM_LOG_INFO *dlog, prs_struct *ps, int depth)
+BOOL smb_io_log_info(const char *desc, DOM_LOG_INFO *log, prs_struct *ps, int depth)
{
- if (dlog == NULL)
+ if (log == NULL)
return False;
prs_debug(ps, depth, desc, "smb_io_log_info");
@@ -1379,18 +1307,18 @@ BOOL smb_io_log_info(const char *desc, DOM_LOG_INFO *dlog, prs_struct *ps, int d
if(!prs_align(ps))
return False;
- if(!prs_uint32("undoc_buffer", ps, depth, &dlog->undoc_buffer))
+ if(!prs_uint32("undoc_buffer", ps, depth, &log->undoc_buffer))
return False;
- if(!smb_io_unistr2("unistr2", &dlog->uni_logon_srv, True, ps, depth))
+ if(!smb_io_unistr2("unistr2", &log->uni_logon_srv, True, ps, depth))
return False;
- if(!smb_io_unistr2("unistr2", &dlog->uni_acct_name, True, ps, depth))
+ if(!smb_io_unistr2("unistr2", &log->uni_acct_name, True, ps, depth))
return False;
- if(!prs_uint16("sec_chan", ps, depth, &dlog->sec_chan))
+ if(!prs_uint16("sec_chan", ps, depth, &log->sec_chan))
return False;
- if(!smb_io_unistr2("unistr2", &dlog->uni_comp_name, True, ps, depth))
+ if(!smb_io_unistr2("unistr2", &log->uni_comp_name, True, ps, depth))
return False;
return True;
@@ -1529,21 +1457,21 @@ BOOL smb_io_clnt_info(const char *desc, DOM_CLNT_INFO *clnt, prs_struct *ps, in
Inits a DOM_LOGON_ID structure.
********************************************************************/
-void init_logon_id(DOM_LOGON_ID *dlog, uint32 log_id_low, uint32 log_id_high)
+void init_logon_id(DOM_LOGON_ID *log, uint32 log_id_low, uint32 log_id_high)
{
DEBUG(5,("make_logon_id: %d\n", __LINE__));
- dlog->low = log_id_low;
- dlog->high = log_id_high;
+ log->low = log_id_low;
+ log->high = log_id_high;
}
/*******************************************************************
Reads or writes a DOM_LOGON_ID structure.
********************************************************************/
-BOOL smb_io_logon_id(const char *desc, DOM_LOGON_ID *dlog, prs_struct *ps, int depth)
+BOOL smb_io_logon_id(const char *desc, DOM_LOGON_ID *log, prs_struct *ps, int depth)
{
- if (dlog == NULL)
+ if (log == NULL)
return False;
prs_debug(ps, depth, desc, "smb_io_logon_id");
@@ -1552,9 +1480,9 @@ BOOL smb_io_logon_id(const char *desc, DOM_LOGON_ID *dlog, prs_struct *ps, int d
if(!prs_align(ps))
return False;
- if(!prs_uint32("low ", ps, depth, &dlog->low ))
+ if(!prs_uint32("low ", ps, depth, &log->low ))
return False;
- if(!prs_uint32("high", ps, depth, &dlog->high))
+ if(!prs_uint32("high", ps, depth, &log->high))
return False;
return True;
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index a660084250..163e6bab3c 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -1808,9 +1808,9 @@ static BOOL net_io_sam_domain_info(const char *desc, SAM_DOMAIN_INFO * info,
if (!smb_io_unihdr("hdr_unknown", &info->hdr_unknown, ps, depth))
return False;
- if (prs_offset(ps) + 40 > prs_data_size(ps))
+ if (ps->data_offset + 40 > ps->buffer_size)
return False;
- prs_set_offset(ps, prs_offset(ps) + 40);
+ ps->data_offset += 40;
if (!smb_io_unistr2("uni_dom_name", &info->uni_dom_name,
info->hdr_dom_name.buffer, ps, depth))
@@ -1847,9 +1847,9 @@ static BOOL net_io_sam_group_info(const char *desc, SAM_GROUP_INFO * info,
if (!smb_io_bufhdr2("hdr_sec_desc", &info->hdr_sec_desc, ps, depth))
return False;
- if (prs_offset(ps) + 48 > prs_data_size(ps))
+ if (ps->data_offset + 48 > ps->buffer_size)
return False;
- prs_set_offset(ps, prs_offset(ps) + 48);
+ ps->data_offset += 48;
if (!smb_io_unistr2("uni_grp_name", &info->uni_grp_name,
info->hdr_grp_name.buffer, ps, depth))
@@ -2128,13 +2128,13 @@ static BOOL net_io_sam_account_info(const char *desc, uint8 sess_key[16],
uint32 len = 0x44;
if (!prs_uint32("pwd_len", ps, depth, &len))
return False;
- old_offset = prs_offset(ps);
+ old_offset = ps->data_offset;
if (len == 0x44)
{
if (ps->io)
{
/* reading */
- if (!prs_hash1(ps, prs_offset(ps), sess_key))
+ if (!prs_hash1(ps, ps->data_offset, sess_key))
return False;
}
if (!net_io_sam_passwd_info("pass", &info->pass,
@@ -2148,9 +2148,9 @@ static BOOL net_io_sam_account_info(const char *desc, uint8 sess_key[16],
return False;
}
}
- if (old_offset + len > prs_data_size(ps))
+ if (old_offset + len > ps->buffer_size)
return False;
- prs_set_offset(ps, old_offset + len);
+ ps->data_offset = old_offset + len;
}
if (!smb_io_buffer4("buf_sec_desc", &info->buf_sec_desc,
info->hdr_sec_desc.buffer, ps, depth))
@@ -2185,9 +2185,9 @@ static BOOL net_io_sam_group_mem_info(const char *desc, SAM_GROUP_MEM_INFO * inf
if (!prs_uint32("num_members", ps, depth, &info->num_members))
return False;
- if (prs_offset(ps) + 16 > prs_data_size(ps))
+ if (ps->data_offset + 16 > ps->buffer_size)
return False;
- prs_set_offset(ps, prs_offset(ps) + 16);
+ ps->data_offset += 16;
if (info->ptr_rids != 0)
{
@@ -2267,9 +2267,9 @@ static BOOL net_io_sam_alias_info(const char *desc, SAM_ALIAS_INFO * info,
if (!smb_io_unihdr("hdr_als_desc", &info->hdr_als_desc, ps, depth))
return False;
- if (prs_offset(ps) + 40 > prs_data_size(ps))
+ if (ps->data_offset + 40 > ps->buffer_size)
return False;
- prs_set_offset(ps, prs_offset(ps) + 40);
+ ps->data_offset += 40;
if (!smb_io_unistr2("uni_als_name", &info->uni_als_name,
info->hdr_als_name.buffer, ps, depth))
@@ -2304,9 +2304,9 @@ static BOOL net_io_sam_alias_mem_info(const char *desc, SAM_ALIAS_MEM_INFO * inf
if (info->ptr_members != 0)
{
- if (prs_offset(ps) + 16 > prs_data_size(ps))
+ if (ps->data_offset + 16 > ps->buffer_size)
return False;
- prs_set_offset(ps, prs_offset(ps) + 16);
+ ps->data_offset += 16;
if (!prs_uint32("num_sids", ps, depth, &info->num_sids))
return False;
diff --git a/source3/rpc_parse/parse_sec.c b/source3/rpc_parse/parse_sec.c
index 081173cf8d..47300e083a 100644
--- a/source3/rpc_parse/parse_sec.c
+++ b/source3/rpc_parse/parse_sec.c
@@ -570,6 +570,24 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU
}
/*******************************************************************
+ Tallocs a duplicate SID.
+********************************************************************/
+
+static DOM_SID *sid_dup_talloc(TALLOC_CTX *ctx, DOM_SID *src)
+{
+ DOM_SID *dst;
+
+ if(!src)
+ return NULL;
+
+ if((dst = talloc_zero(ctx, sizeof(DOM_SID))) != NULL) {
+ sid_copy( dst, src);
+ }
+
+ return dst;
+}
+
+/*******************************************************************
Creates a SEC_DESC structure
********************************************************************/
diff --git a/source3/rpc_server/srv_dfs.c b/source3/rpc_server/srv_dfs.c
index 0807efd550..f6e9ca3d56 100644
--- a/source3/rpc_server/srv_dfs.c
+++ b/source3/rpc_server/srv_dfs.c
@@ -158,7 +158,11 @@ static BOOL api_dfs_enum(pipes_struct *p)
\pipe\netdfs commands
********************************************************************/
+#ifdef RPC_DFS_DYNAMIC
+int rpc_pipe_init(void)
+#else
int rpc_dfs_init(void)
+#endif
{
struct api_struct api_netdfs_cmds[] =
{
diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c
index bfa706acf2..11388a00b1 100644
--- a/source3/rpc_server/srv_lsa.c
+++ b/source3/rpc_server/srv_lsa.c
@@ -642,164 +642,38 @@ static BOOL api_lsa_query_info2(pipes_struct *p)
}
-
-/***************************************************************************
- api_lsa_enum_acctrights
- ***************************************************************************/
-static BOOL api_lsa_enum_acct_rights(pipes_struct *p)
-{
- LSA_Q_ENUM_ACCT_RIGHTS q_u;
- LSA_R_ENUM_ACCT_RIGHTS r_u;
-
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- if(!lsa_io_q_enum_acct_rights("", &q_u, data, 0)) {
- DEBUG(0,("api_lsa_enum_acct_rights: failed to unmarshall LSA_Q_ENUM_ACCT_RIGHTS.\n"));
- return False;
- }
-
- r_u.status = _lsa_enum_acct_rights(p, &q_u, &r_u);
-
- /* store the response in the SMB stream */
- if(!lsa_io_r_enum_acct_rights("", &r_u, rdata, 0)) {
- DEBUG(0,("api_lsa_enum_acct_rights: Failed to marshall LSA_R_ENUM_ACCT_RIGHTS.\n"));
- return False;
- }
-
- return True;
-}
-
-
-/***************************************************************************
- api_lsa_enum_acct_with_right
- ***************************************************************************/
-static BOOL api_lsa_enum_acct_with_right(pipes_struct *p)
-{
- LSA_Q_ENUM_ACCT_WITH_RIGHT q_u;
- LSA_R_ENUM_ACCT_WITH_RIGHT r_u;
-
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- if(!lsa_io_q_enum_acct_with_right("", &q_u, data, 0)) {
- DEBUG(0,("api_lsa_enum_acct_with_right: failed to unmarshall LSA_Q_ENUM_ACCT_WITH_RIGHT.\n"));
- return False;
- }
-
- r_u.status = _lsa_enum_acct_with_right(p, &q_u, &r_u);
-
- /* store the response in the SMB stream */
- if(!lsa_io_r_enum_acct_with_right("", &r_u, rdata, 0)) {
- DEBUG(0,("api_lsa_enum_acct_with_right: Failed to marshall LSA_R_ENUM_ACCT_WITH_RIGHT.\n"));
- return False;
- }
-
- return True;
-}
-
-
-/***************************************************************************
- api_lsa_add_acctrights
- ***************************************************************************/
-static BOOL api_lsa_add_acct_rights(pipes_struct *p)
-{
- LSA_Q_ADD_ACCT_RIGHTS q_u;
- LSA_R_ADD_ACCT_RIGHTS r_u;
-
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- if(!lsa_io_q_add_acct_rights("", &q_u, data, 0)) {
- DEBUG(0,("api_lsa_add_acct_rights: failed to unmarshall LSA_Q_ADD_ACCT_RIGHTS.\n"));
- return False;
- }
-
- r_u.status = _lsa_add_acct_rights(p, &q_u, &r_u);
-
- /* store the response in the SMB stream */
- if(!lsa_io_r_add_acct_rights("", &r_u, rdata, 0)) {
- DEBUG(0,("api_lsa_add_acct_rights: Failed to marshall LSA_R_ADD_ACCT_RIGHTS.\n"));
- return False;
- }
-
- return True;
-}
-
-
-/***************************************************************************
- api_lsa_remove_acctrights
- ***************************************************************************/
-static BOOL api_lsa_remove_acct_rights(pipes_struct *p)
-{
- LSA_Q_REMOVE_ACCT_RIGHTS q_u;
- LSA_R_REMOVE_ACCT_RIGHTS r_u;
-
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- if(!lsa_io_q_remove_acct_rights("", &q_u, data, 0)) {
- DEBUG(0,("api_lsa_remove_acct_rights: failed to unmarshall LSA_Q_REMOVE_ACCT_RIGHTS.\n"));
- return False;
- }
-
- r_u.status = _lsa_remove_acct_rights(p, &q_u, &r_u);
-
- /* store the response in the SMB stream */
- if(!lsa_io_r_remove_acct_rights("", &r_u, rdata, 0)) {
- DEBUG(0,("api_lsa_remove_acct_rights: Failed to marshall LSA_R_REMOVE_ACCT_RIGHTS.\n"));
- return False;
- }
-
- return True;
-}
-
-
/***************************************************************************
\PIPE\ntlsa commands
***************************************************************************/
-
+#ifdef RPC_LSA_DYNAMIC
+int rpc_pipe_init(void)
+#else
int rpc_lsa_init(void)
+#endif
+{
+static const struct api_struct api_lsa_cmds[] =
{
- static const struct api_struct api_lsa_cmds[] =
- {
- { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2 , api_lsa_open_policy2 },
- { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy },
- { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info },
- { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom },
- { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close },
- { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret },
- { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids },
- { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names },
- { "LSA_ENUM_PRIVS" , LSA_ENUM_PRIVS , api_lsa_enum_privs },
- { "LSA_PRIV_GET_DISPNAME",LSA_PRIV_GET_DISPNAME,api_lsa_priv_get_dispname},
- { "LSA_ENUM_ACCOUNTS" , LSA_ENUM_ACCOUNTS , api_lsa_enum_accounts },
- { "LSA_UNK_GET_CONNUSER", LSA_UNK_GET_CONNUSER, api_lsa_unk_get_connuser },
- { "LSA_OPENACCOUNT" , LSA_OPENACCOUNT , api_lsa_open_account },
- { "LSA_ENUMPRIVSACCOUNT", LSA_ENUMPRIVSACCOUNT, api_lsa_enum_privsaccount},
- { "LSA_GETSYSTEMACCOUNT", LSA_GETSYSTEMACCOUNT, api_lsa_getsystemaccount },
- { "LSA_SETSYSTEMACCOUNT", LSA_SETSYSTEMACCOUNT, api_lsa_setsystemaccount },
- { "LSA_ADDPRIVS" , LSA_ADDPRIVS , api_lsa_addprivs },
- { "LSA_REMOVEPRIVS" , LSA_REMOVEPRIVS , api_lsa_removeprivs },
- { "LSA_QUERYSECOBJ" , LSA_QUERYSECOBJ , api_lsa_query_secobj },
- { "LSA_QUERYINFO2" , LSA_QUERYINFO2 , api_lsa_query_info2 },
- { "LSA_ENUMACCTRIGHTS" , LSA_ENUMACCTRIGHTS , api_lsa_enum_acct_rights },
- { "LSA_ENUMACCTWITHRIGHT", LSA_ENUMACCTWITHRIGHT, api_lsa_enum_acct_with_right },
- { "LSA_ADDACCTRIGHTS" , LSA_ADDACCTRIGHTS , api_lsa_add_acct_rights },
- { "LSA_REMOVEACCTRIGHTS", LSA_REMOVEACCTRIGHTS, api_lsa_remove_acct_rights},
- };
+ { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2 , api_lsa_open_policy2 },
+ { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy },
+ { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info },
+ { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom },
+ { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close },
+ { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret },
+ { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids },
+ { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names },
+ { "LSA_ENUM_PRIVS" , LSA_ENUM_PRIVS , api_lsa_enum_privs },
+ { "LSA_PRIV_GET_DISPNAME",LSA_PRIV_GET_DISPNAME,api_lsa_priv_get_dispname},
+ { "LSA_ENUM_ACCOUNTS" , LSA_ENUM_ACCOUNTS , api_lsa_enum_accounts },
+ { "LSA_UNK_GET_CONNUSER", LSA_UNK_GET_CONNUSER, api_lsa_unk_get_connuser },
+ { "LSA_OPENACCOUNT" , LSA_OPENACCOUNT , api_lsa_open_account },
+ { "LSA_ENUMPRIVSACCOUNT", LSA_ENUMPRIVSACCOUNT, api_lsa_enum_privsaccount},
+ { "LSA_GETSYSTEMACCOUNT", LSA_GETSYSTEMACCOUNT, api_lsa_getsystemaccount },
+ { "LSA_SETSYSTEMACCOUNT", LSA_SETSYSTEMACCOUNT, api_lsa_setsystemaccount },
+ { "LSA_ADDPRIVS" , LSA_ADDPRIVS , api_lsa_addprivs },
+ { "LSA_REMOVEPRIVS" , LSA_REMOVEPRIVS , api_lsa_removeprivs },
+ { "LSA_QUERYSECOBJ" , LSA_QUERYSECOBJ , api_lsa_query_secobj },
+ { "LSA_QUERYINFO2" , LSA_QUERYINFO2 , api_lsa_query_info2 }
+};
return rpc_pipe_register_commands("lsarpc", "lsass", api_lsa_cmds,
sizeof(api_lsa_cmds) / sizeof(struct api_struct));
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index fb6538db39..10c583b70d 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -645,7 +645,7 @@ NTSTATUS _lsa_lookup_sids(pipes_struct *p, LSA_Q_LOOKUP_SIDS *q_u, LSA_R_LOOKUP_
num_entries = MAX_LOOKUP_SIDS;
DEBUG(5,("_lsa_lookup_sids: truncating SID lookup list to %d\n", num_entries));
}
-
+
ref = (DOM_R_REF *)talloc_zero(p->mem_ctx, sizeof(DOM_R_REF));
names = (LSA_TRANS_NAME_ENUM *)talloc_zero(p->mem_ctx, sizeof(LSA_TRANS_NAME_ENUM));
@@ -1265,140 +1265,3 @@ NTSTATUS _lsa_query_info2(pipes_struct *p, LSA_Q_QUERY_INFO2 *q_u, LSA_R_QUERY_I
return r_u->status;
}
-
-
-/***************************************************************************
- For a given SID, enumerate all the privilege this account has.
- ***************************************************************************/
-NTSTATUS _lsa_enum_acct_rights(pipes_struct *p, LSA_Q_ENUM_ACCT_RIGHTS *q_u, LSA_R_ENUM_ACCT_RIGHTS *r_u)
-{
- struct lsa_info *info=NULL;
- char **rights = NULL;
- int num_rights = 0;
- int i;
-
- r_u->status = NT_STATUS_OK;
-
- /* find the connection policy handle. */
- if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
- return NT_STATUS_INVALID_HANDLE;
-
- r_u->status = privilege_enum_account_rights(&q_u->sid.sid, &num_rights, &rights);
-
- init_r_enum_acct_rights(r_u, num_rights, (const char **)rights);
-
- for (i=0;i<num_rights;i++) {
- free(rights[i]);
- }
- safe_free(rights);
-
- return r_u->status;
-}
-
-/***************************************************************************
-return a list of SIDs for a particular privilege
- ***************************************************************************/
-NTSTATUS _lsa_enum_acct_with_right(pipes_struct *p,
- LSA_Q_ENUM_ACCT_WITH_RIGHT *q_u,
- LSA_R_ENUM_ACCT_WITH_RIGHT *r_u)
-{
- struct lsa_info *info=NULL;
- char *right;
- DOM_SID *sids = NULL;
- uint32 count = 0;
-
- r_u->status = NT_STATUS_OK;
-
- /* find the connection policy handle. */
- if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
- return NT_STATUS_INVALID_HANDLE;
-
- right = unistr2_tdup(p->mem_ctx, &q_u->right);
-
- DEBUG(5,("lsa_enum_acct_with_right on right %s\n", right));
-
- r_u->status = privilege_enum_account_with_right(right, &count, &sids);
-
- init_r_enum_acct_with_right(r_u, count, sids);
-
- safe_free(sids);
-
- return r_u->status;
-}
-
-/***************************************************************************
- add privileges to a acct by SID
- ***************************************************************************/
-NTSTATUS _lsa_add_acct_rights(pipes_struct *p, LSA_Q_ADD_ACCT_RIGHTS *q_u, LSA_R_ADD_ACCT_RIGHTS *r_u)
-{
- struct lsa_info *info=NULL;
- int i;
-
- r_u->status = NT_STATUS_OK;
-
- /* find the connection policy handle. */
- if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
- return NT_STATUS_INVALID_HANDLE;
-
- DEBUG(5,("_lsa_add_acct_rights to %s (%d rights)\n",
- sid_string_static(&q_u->sid.sid), q_u->rights.count));
-
- for (i=0;i<q_u->rights.count;i++) {
- DEBUG(5,("\t%s\n", unistr2_static(&q_u->rights.strings[i].string)));
- }
-
-
- for (i=0;i<q_u->rights.count;i++) {
- r_u->status = privilege_add_account_right(unistr2_static(&q_u->rights.strings[i].string),
- &q_u->sid.sid);
- if (!NT_STATUS_IS_OK(r_u->status)) {
- DEBUG(2,("Failed to add right '%s'\n",
- unistr2_static(&q_u->rights.strings[i].string)));
- break;
- }
- }
-
- init_r_add_acct_rights(r_u);
-
- return r_u->status;
-}
-
-
-/***************************************************************************
- remove privileges from a acct by SID
- ***************************************************************************/
-NTSTATUS _lsa_remove_acct_rights(pipes_struct *p, LSA_Q_REMOVE_ACCT_RIGHTS *q_u, LSA_R_REMOVE_ACCT_RIGHTS *r_u)
-{
- struct lsa_info *info=NULL;
- int i;
-
- r_u->status = NT_STATUS_OK;
-
- /* find the connection policy handle. */
- if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
- return NT_STATUS_INVALID_HANDLE;
-
-
- DEBUG(5,("_lsa_remove_acct_rights from %s all=%d (%d rights)\n",
- sid_string_static(&q_u->sid.sid),
- q_u->removeall,
- q_u->rights.count));
-
- for (i=0;i<q_u->rights.count;i++) {
- DEBUG(5,("\t%s\n", unistr2_static(&q_u->rights.strings[i].string)));
- }
-
- for (i=0;i<q_u->rights.count;i++) {
- r_u->status = privilege_remove_account_right(unistr2_static(&q_u->rights.strings[i].string),
- &q_u->sid.sid);
- if (!NT_STATUS_IS_OK(r_u->status)) {
- DEBUG(2,("Failed to remove right '%s'\n",
- unistr2_static(&q_u->rights.strings[i].string)));
- break;
- }
- }
-
- init_r_remove_acct_rights(r_u);
-
- return r_u->status;
-}
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 7dc0f57f34..f377d3952b 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -321,7 +321,11 @@ static BOOL api_net_logon_ctrl(pipes_struct *p)
array of \PIPE\NETLOGON operations
********************************************************************/
+#ifdef RPC_NETLOG_DYNAMIC
+int rpc_pipe_init(void)
+#else
int rpc_net_init(void)
+#endif
{
static struct api_struct api_net_cmds [] =
{
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 43fbb4edaa..1a48435c9d 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -506,6 +506,46 @@ failed authentication on named pipe %s.\n", domain, user_name, wks, p->name ));
The switch table for the pipe names and the functions to handle them.
*******************************************************************/
+struct api_cmd
+{
+ const char *name;
+ int (*init)(void);
+};
+
+static struct api_cmd api_fd_commands[] =
+{
+#ifndef RPC_LSA_DYNAMIC
+ { "lsarpc", rpc_lsa_init },
+#endif
+#ifndef RPC_SAMR_DYNAMIC
+ { "samr", rpc_samr_init },
+#endif
+#ifndef RPC_SVC_DYNAMIC
+ { "srvsvc", rpc_srv_init },
+#endif
+#ifndef RPC_WKS_DYNAMIC
+ { "wkssvc", rpc_wks_init },
+#endif
+#ifndef RPC_NETLOG_DYNAMIC
+ { "NETLOGON", rpc_net_init },
+#endif
+#ifndef RPC_REG_DYNAMIC
+ { "winreg", rpc_reg_init },
+#endif
+#ifndef RPC_SPOOLSS_DYNAMIC
+ { "spoolss", rpc_spoolss_init },
+#endif
+#ifndef RPC_DFS_DYNAMIC
+ { "netdfs", rpc_dfs_init },
+#endif
+#ifdef DEVELOPER
+#ifndef RPC_ECHO_DYNAMIC
+ { "rpcecho", rpc_echo_init },
+#endif
+#endif
+ { NULL, NULL }
+};
+
struct rpc_table
{
struct
@@ -809,6 +849,47 @@ int rpc_pipe_register_commands(const char *clnt, const char *srv, const struct a
}
/*******************************************************************
+ Register commands to an RPC pipe
+*******************************************************************/
+int rpc_load_module(const char *module)
+{
+#ifdef HAVE_DLOPEN
+ void *handle;
+ int (*module_init)(void);
+ pstring full_path;
+ const char *error;
+
+ pstrcpy(full_path, lib_path("rpc"));
+ pstrcat(full_path, "/librpc_");
+ pstrcat(full_path, module);
+ pstrcat(full_path, ".");
+ pstrcat(full_path, shlib_ext());
+
+ handle = sys_dlopen(full_path, RTLD_LAZY);
+ if (!handle) {
+ DEBUG(0, ("Could not load requested pipe %s as %s\n",
+ module, full_path));
+ DEBUG(0, (" Error: %s\n", dlerror()));
+ return 0;
+ }
+
+ DEBUG(3, ("Module '%s' loaded\n", full_path));
+
+ module_init = sys_dlsym(handle, "rpc_pipe_init");
+ if ((error = sys_dlerror()) != NULL) {
+ DEBUG(0, ("Error trying to resolve symbol 'rpc_pipe_init' in %s: %s\n",
+ full_path, error));
+ return 0;
+ }
+
+ return module_init();
+#else
+ DEBUG(0,("Attempting to load a dynamic RPC pipe when dlopen isn't available\n"));
+ return 0;
+#endif
+}
+
+/*******************************************************************
Respond to a pipe bind request.
*******************************************************************/
@@ -847,7 +928,14 @@ BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p)
}
if (i == rpc_lookup_size) {
- if (!smb_probe_module("rpc", p->name)) {
+ for (i = 0; api_fd_commands[i].name; i++) {
+ if (strequal(api_fd_commands[i].name, p->name)) {
+ api_fd_commands[i].init();
+ break;
+ }
+ }
+
+ if (!api_fd_commands[i].name && !rpc_load_module(p->name)) {
DEBUG(3,("api_pipe_bind_req: Unknown pipe name %s in bind request.\n",
p->name ));
if(!setup_bind_nak(p))
@@ -863,11 +951,6 @@ BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p)
break;
}
}
-
- if (i == rpc_lookup_size) {
- DEBUG(0, ("module %s doesn't provide functions for pipe %s!\n", p->name, p->name));
- return False;
- }
}
/* decode the bind request */
@@ -1395,7 +1478,16 @@ BOOL api_pipe_request(pipes_struct *p)
if (i == rpc_lookup_size) {
- smb_probe_module("rpc", p->name);
+ for (i = 0; api_fd_commands[i].name; i++) {
+ if (strequal(api_fd_commands[i].name, p->name)) {
+ api_fd_commands[i].init();
+ break;
+ }
+ }
+
+ if (!api_fd_commands[i].name) {
+ rpc_load_module(p->name);
+ }
for (i = 0; i < rpc_lookup_size; i++) {
if (strequal(rpc_lookup[i].pipe.clnt, p->name)) {
diff --git a/source3/rpc_server/srv_reg.c b/source3/rpc_server/srv_reg.c
index f72d8e4f29..04960f8e3a 100644
--- a/source3/rpc_server/srv_reg.c
+++ b/source3/rpc_server/srv_reg.c
@@ -373,7 +373,11 @@ static BOOL api_reg_save_key(pipes_struct *p)
array of \PIPE\reg operations
********************************************************************/
+#ifdef RPC_REG_DYNAMIC
+int rpc_pipe_init(void)
+#else
int rpc_reg_init(void)
+#endif
{
static struct api_struct api_reg_cmds[] =
{
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index 67c092775b..3a31ec82e1 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -1443,7 +1443,11 @@ static BOOL api_samr_set_dom_info(pipes_struct *p)
array of \PIPE\samr operations
********************************************************************/
+#ifdef RPC_SAMR_DYNAMIC
+int rpc_pipe_init(void)
+#else
int rpc_samr_init(void)
+#endif
{
static struct api_struct api_samr_cmds [] =
{
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 6e1b6f2160..f174114473 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -915,7 +915,7 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM
struct sys_grent *grp;
struct passwd *pw;
gid_t winbind_gid_low, winbind_gid_high;
- BOOL winbind_groups_exist = lp_idmap_gid(&winbind_gid_low, &winbind_gid_high);
+ BOOL winbind_groups_exist = lp_winbind_gid(&winbind_gid_low, &winbind_gid_high);
/* local aliases */
/* we return the UNIX groups here. This seems to be the right */
@@ -2324,11 +2324,11 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
} else {
DEBUG(3,("attempting to create non-unix account %s\n", account));
- }
-
- if (!pdb_set_username(sam_pass, account, PDB_CHANGED)) {
- pdb_free_sam(&sam_pass);
- return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!pdb_set_username(sam_pass, account, PDB_CHANGED)) {
+ pdb_free_sam(&sam_pass);
+ return NT_STATUS_NO_MEMORY;
}
pdb_set_acct_ctrl(sam_pass, acb_info, PDB_CHANGED);
diff --git a/source3/rpc_server/srv_spoolss.c b/source3/rpc_server/srv_spoolss.c
index a7dd7a6cef..5832ae876b 100755
--- a/source3/rpc_server/srv_spoolss.c
+++ b/source3/rpc_server/srv_spoolss.c
@@ -1580,7 +1580,11 @@ static BOOL api_spoolss_replycloseprinter(pipes_struct *p)
\pipe\spoolss commands
********************************************************************/
+#ifdef RPC_SPOOLSS_DYNAMIC
+int rpc_pipe_init(void)
+#else
int rpc_spoolss_init(void)
+#endif
{
struct api_struct api_spoolss_cmds[] =
{
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 026484d96d..f9788fc7f0 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -1018,9 +1018,9 @@ static void send_notify2_changes( SPOOLSS_NOTIFY_MSG_CTR *ctr, uint32 idx )
}
if ( sending_msg_count ) {
- cli_spoolss_rrpcn( &notify_cli, mem_ctx, &p->notify.client_hnd,
- data_len, data, p->notify.change, 0 );
- }
+ cli_spoolss_rrpcn( &notify_cli, mem_ctx, &p->notify.client_hnd,
+ data_len, data, p->notify.change, 0 );
+ }
}
done:
diff --git a/source3/rpc_server/srv_srvsvc.c b/source3/rpc_server/srv_srvsvc.c
index 96820ae74b..983c660965 100644
--- a/source3/rpc_server/srv_srvsvc.c
+++ b/source3/rpc_server/srv_srvsvc.c
@@ -526,7 +526,11 @@ static BOOL api_srv_net_file_set_secdesc(pipes_struct *p)
\PIPE\srvsvc commands
********************************************************************/
+#ifdef RPC_SVC_DYNAMIC
+int rpc_pipe_init(void)
+#else
int rpc_srv_init(void)
+#endif
{
static const struct api_struct api_srv_cmds[] =
{
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 4d9130fb97..1a7b64858b 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -1840,8 +1840,6 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
struct current_user user;
connection_struct *conn = NULL;
BOOL became_user = False;
- fstring dev;
- fstrcpy(dev, "A:");
ZERO_STRUCT(st);
@@ -1855,7 +1853,7 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
get_current_user(&user, p);
become_root();
- conn = make_connection(qualname, null_pw, dev, user.vuid, &nt_status);
+ conn = make_connection(qualname, null_pw, "A:", user.vuid, &nt_status);
unbecome_root();
if (conn == NULL) {
@@ -1945,12 +1943,9 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
struct current_user user;
connection_struct *conn = NULL;
BOOL became_user = False;
- fstring dev;
- fstrcpy(dev, "A:");
ZERO_STRUCT(st);
-
r_u->status = WERR_OK;
unistr2_to_ascii(qualname, &q_u->uni_qual_name, sizeof(qualname));
@@ -1961,7 +1956,7 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
get_current_user(&user, p);
become_root();
- conn = make_connection(qualname, null_pw, dev, user.vuid, &nt_status);
+ conn = make_connection(qualname, null_pw, "A:", user.vuid, &nt_status);
unbecome_root();
if (conn == NULL) {
diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index 4656efb6fa..4eba9c7d1f 100644
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -112,7 +112,7 @@ NTSTATUS get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups, ui
*prids=NULL;
*numgroups=0;
- winbind_groups_exist = lp_idmap_gid(&winbind_gid_low, &winbind_gid_high);
+ winbind_groups_exist = lp_winbind_gid(&winbind_gid_low, &winbind_gid_high);
DEBUG(10,("get_alias_user_groups: looking if SID %s is a member of groups in the SID domain %s\n",
diff --git a/source3/rpc_server/srv_wkssvc.c b/source3/rpc_server/srv_wkssvc.c
index ddcbadd1d4..1fed2cc6db 100644
--- a/source3/rpc_server/srv_wkssvc.c
+++ b/source3/rpc_server/srv_wkssvc.c
@@ -60,7 +60,11 @@ static BOOL api_wks_query_info(pipes_struct *p)
\PIPE\wkssvc commands
********************************************************************/
+#ifdef RPC_WKS_DYNAMIC
+int rpc_pipe_init(void)
+#else
int rpc_wks_init(void)
+#endif
{
static struct api_struct api_wks_cmds[] =
{
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
index 808ef50a45..db74370bc0 100644
--- a/source3/rpcclient/cmd_lsarpc.c
+++ b/source3/rpcclient/cmd_lsarpc.c
@@ -543,50 +543,6 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli,
}
-/* Enumerate the accounts with a specific right */
-
-static NTSTATUS cmd_lsa_enum_acct_with_right(struct cli_state *cli,
- TALLOC_CTX *mem_ctx, int argc,
- const char **argv)
-{
- POLICY_HND dom_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_SID *sids;
- uint32 count;
- const char *right;
-
- int i;
-
- if (argc != 2 ) {
- printf("Usage: %s <RIGHT>\n", argv[0]);
- return NT_STATUS_OK;
- }
-
- right = argv[1];
-
- result = cli_lsa_open_policy2(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
- &dom_pol);
-
- if (!NT_STATUS_IS_OK(result))
- goto done;
-
- result = cli_lsa_enum_account_with_right(cli, mem_ctx, &dom_pol, right, &count, &sids);
-
- if (!NT_STATUS_IS_OK(result))
- goto done;
-
- printf("found %d SIDs for '%s'\n", count, right);
-
- for (i = 0; i < count; i++) {
- printf("\t%s\n", sid_string_static(&sids[i]));
- }
-
- done:
- return result;
-}
-
-
/* add some privileges to a SID via LsaAddAccountRights */
static NTSTATUS cmd_lsa_add_acct_rights(struct cli_state *cli,
@@ -750,7 +706,6 @@ struct cmd_set lsarpc_commands[] = {
{ "lsaenumsid", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids, NULL, PI_LSARPC, "Enumerate the LSA SIDS", "" },
{ "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, PI_LSARPC, "Enumerate the privileges of an SID", "" },
{ "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, PI_LSARPC, "Enumerate the rights of an SID", "" },
- { "lsaenumacctwithright",RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_with_right,NULL, PI_LSARPC,"Enumerate accounts with a right", "" },
{ "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, PI_LSARPC, "Add rights to an account", "" },
{ "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, PI_LSARPC, "Remove rights from an account", "" },
{ "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookupprivvalue, NULL, PI_LSARPC, "Get a privilege value given its name", "" },
diff --git a/source3/sam/SAM-interface_handles.txt b/source3/sam/SAM-interface_handles.txt
deleted file mode 100644
index 1c164bd198..0000000000
--- a/source3/sam/SAM-interface_handles.txt
+++ /dev/null
@@ -1,123 +0,0 @@
-SAM API
-
-NTSTATUS sam_get_sec_obj(NT_USER_TOKEN *access, DOM_SID *sid, SEC_DESC **sd)
-NTSTATUS sam_set_sec_obj(NT_USER_TOKEN *access, DOM_SID *sid, SEC_DESC *sd)
-
-NTSTATUS sam_lookup_name(NT_USER_TOKEN *access, DOM_SID *domain, char *name, DOM_SID **sid, uint32 *type)
-NTSTATUS sam_lookup_sid(NT_USER_TOKEN *access, DOM_SID *sid, char **name, uint32 *type)
-
-
-Domain API
-
-NTSTATUS sam_update_domain(SAM_DOMAIN_HANDLE *domain)
-
-NTSTATUS sam_enum_domains(NT_USER_TOKEN *access, int32 *domain_count, DOM_SID **domains, char **domain_names)
-NTSTATUS sam_lookup_domain(NT_USER_TOKEN *access, char *domain, DOM_SID **domainsid)
-
-NTSTATUS sam_get_domain_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain)
-
-
-User API
-
-NTSTATUS sam_create_user(NT_USER_TOKEN *access, uint32 access_desired, SAM_USER_HANDLE **user)
-NTSTATUS sam_add_user(SAM_USER_HANDLE *user)
-NTSTATUS sam_update_user(SAM_USER_HANDLE *user)
-NTSTATUS sam_delete_user(SAM_USER_HANDLE * user)
-
-NTSTATUS sam_enum_users(NT_USER_TOKEN *access, DOM_SID *domain, int32 *user_count, SAM_USER_ENUM **users)
-
-NTSTATUS sam_get_user_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *usersid, SAM_USER_HANDLE **user)
-NTSTATUS sam_get_user_by_name(NT_USER_TOKEN *access, uint32 access_desired, char *domain, char *name, SAM_USER_HANDLE **user)
-
-
-Group API
-
-NTSTATUS sam_create_group(NT_USER_TOKEN *access, uint32 access_desired, uint32 typ, SAM_GROUP_HANDLE **group)
-NTSTATUS sam_add_group(SAM_GROUP_HANDLE *samgroup)
-NTSTATUS sam_update_group(SAM_GROUP_HANDLE *samgroup)
-NTSTATUS sam_delete_group(SAM_GROUP_HANDLE *groupsid)
-
-NTSTATUS sam_enum_groups(NT_USER_TOKEN *access, DOM_SID *domainsid, uint32 typ, uint32 *groups_count, SAM_GROUP_ENUM **groups)
-
-NTSTATUS sam_get_group_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *groupsid, SAM_GROUP_HANDLE **group)
-NTSTATUS sam_get_group_by_name(NT_USER_TOKEN *access, uint32 access_desired, char *domain, char *name, SAM_GROUP_HANDLE **group)
-
-NTSTATUS sam_add_member_to_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
-NTSTATUS sam_delete_member_from_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
-NTSTATUS sam_enum_groupmembers(SAM_GROUP_HANLDE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
-
-NTSTATUS sam_get_groups_of_user(SAM_USER_HANDLE *user, uint32 typ, uint32 *group_count, SAM_GROUP_ENUM **groups)
-
-
-
-structures
-
-typedef _SAM_GROUP_MEMBER {
- DOM_SID sid;
- BOOL group; /* specifies if it is a group or a user */
-
-} SAM_GROUP_MEMBER
-
-typedef struct sam_user_enum {
- DOM_SID sid;
- char *username;
- char *full_name;
- char *user_desc;
- uint16 acc_ctrl;
-} SAM_USER_ENUM;
-
-typedef struct sam_group_enum {
- DOM_SID sid;
- char *groupname;
- char *comment;
-} SAM_GROUP_ENUM
-
-NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, DOM_SID **sid)
-NTSTATUS sam_get_domain_num_users(SAM_DOMAIN_HANDLE *domain, uint32 *num_users)
-NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups)
-NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases)
-NTSTATUS sam_{get,set}_domain_name(SAM_DOMAIN_HANDLE *domain, char **domain_name)
-NTSTATUS sam_{get,set}_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name)
-NTSTATUS sam_{get,set}_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage)
-NTSTATUS sam_{get,set}_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage)
-NTSTATUS sam_{get,set}_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration)
-NTSTATUS sam_{get,set}_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count)
-NTSTATUS sam_{get,set}_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength)
-NTSTATUS sam_{get,set}_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uin16 *password_history)
-NTSTATUS sam_{get,set}_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count)
-NTSTATUS sam_{get,set}_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff)
-NTSTATUS sam_{get,set}_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange)
-
-NTSTATUS sam_get_user_sid(SAM_USER_HANDLE *user, DOM_SID **sid)
-NTSTATUS sam_{get,set}_user_pgroup(SAM_USER_HANDLE *user, DOM_SID **pgroup)
-NTSTATUS sam_{get,set}_user_name(SAM_USER_HANDLE *user, char **username)
-NTSTATUS sam_{get,set}_user_fullname(SAM_USER_HANDLE *user, char** fullname)
-NTSTATUS sam_{get,set}_user_description(SAM_USER_HANDLE *user, char **description)
-NTSTATUS sam_{get,set}_user_home_dir(SAM_USER_HANDLE *user, char **home_dir)
-NTSTATUS sam_{get,set}_user_dir_drive(SAM_USER_HANDLE *user, char **dir_drive)
-NTSTATUS sam_{get,set}_user_logon_script(SAM_USER_HANDLE *user, char **logon_script)
-NTSTATUS sam_{get,set}_user_profile_path(SAM_USER_HANDLE *user, char **profile_path)
-NTSTATUS sam_{get,set}_user_workstations(SAM_USER_HANDLE *user, char **workstations)
-NTSTATUS sam_{get,set}_user_munged_dial(SAM_USER_HANDLE *user, char **munged_dial)
-NTSTATUS sam_{get,set}_user_lm_pwd(SAM_USER_HANDLE *user, DATA_BLOB *lm_pwd)
-NTSTATUS sam_{get,set}_user_nt_pwd(SAM_USER_HANDLE *user, DATA_BLOB *nt_pwd)
-NTSTATUS sam_{get,set}_user_plain_pwd(SAM_USER_HANDLE *user, DATA_BLOB *plaintext_pwd)
-NTSTATUS sam_{get,set}_user_acct_ctrl(SAM_USER_HANDLE *user, uint16 *acct_ctrl)
-NTSTATUS sam_{get,set}_user_logon_divs(SAM_USER_HANDLE *user, uint16 *logon_divs)
-NTSTATUS sam_{get,set}_user_hours(SAM_USER_HANDLE *user, uint32 *hours_len, uint8 **hours)
-NTSTATUS sam_{get,set}_user_logon_time(SAM_USER_HANDLE *user, NTTIME *logon_time)
-NTSTATUS sam_{get,set}_user_logoff_time(SAM_USER_HANDLE *user, NTTIME *logoff_time)
-NTSTATUS sam_{get,set}_user_kickoff_time(SAM_USER_HANDLE *user, NTTIME kickoff_time)
-NTSTATUS sam_{get,set}_user_pwd_last_set(SAM_USER_HANDLE *user, NTTIME pwd_last_set)
-NTSTATUS sam_{get,set}_user_pwd_can_change(SAM_USER_HANDLE *user, NTTIME pwd_can_change)
-NTSTATUS sam_{get,set}_user_pwd_must_change(SAM_USER_HANDLE *user, NTTIME pwd_must_change)
-NTSTATUS sam_{get,set}_user_unknown_1(SAM_USER_HANDLE *user, char **unknown_1)
-NTSTATUS sam_{get,set}_user_unknown_2(SAM_USER_HANDLE *user, uint32 *unknown_2)
-NTSTATUS sam_{get,set}_user_unknown_3(SAM_USER_HANDLE *user, uint32 *unknown_3)
-NTSTATUS sam_{get,set}_user_unknown_4(SAM_USER_HANDLE *user, uint32 *unknown_4)
-
-NTSTATUS sam_get_group_sid(SAM_GROUP_HANDLE *group, DOM_SID **sid)
-NTSTATUS sam_get_group_typ(SAM_GROUP_HANDLE *group, uint32 *typ)
-NTSTATUS sam_{get,set}_group_name(SAM_GROUP_HANDLE *group, char **group_name)
-NTSTATUS sam_{get,set}_group_comment(SAM_GROUP_HANDLE *group, char **comment)
-NTSTATUS sam_{get,set}_group_priv_set(SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set) \ No newline at end of file
diff --git a/source3/sam/account.c b/source3/sam/account.c
deleted file mode 100644
index b8336146cd..0000000000
--- a/source3/sam/account.c
+++ /dev/null
@@ -1,305 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Password and authentication handling
- Copyright (C) Jeremy Allison 1996-2001
- Copyright (C) Luke Kenneth Casson Leighton 1996-1998
- Copyright (C) Gerald (Jerry) Carter 2000-2001
- Copyright (C) Andrew Bartlett 2001-2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_SAM
-
-/************************************************************
- Fill the SAM_ACCOUNT_HANDLE with default values.
- ***********************************************************/
-
-static void sam_fill_default_account(SAM_ACCOUNT_HANDLE *account)
-{
- ZERO_STRUCT(account->private); /* Don't touch the talloc context */
-
- /* Don't change these timestamp settings without a good reason.
- They are important for NT member server compatibility. */
-
- /* FIXME: We should actually call get_nt_time_max() or sthng
- * here */
- unix_to_nt_time(&(account->private.logoff_time),get_time_t_max());
- unix_to_nt_time(&(account->private.kickoff_time),get_time_t_max());
- unix_to_nt_time(&(account->private.pass_must_change_time),get_time_t_max());
- account->private.unknown_1 = 0x00ffffff; /* don't know */
- account->private.logon_divs = 168; /* hours per week */
- account->private.hours_len = 21; /* 21 times 8 bits = 168 */
- memset(account->private.hours, 0xff, account->private.hours_len); /* available at all hours */
- account->private.unknown_2 = 0x00000000; /* don't know */
- account->private.unknown_3 = 0x000004ec; /* don't know */
-}
-
-static void destroy_sam_talloc(SAM_ACCOUNT_HANDLE **account)
-{
- if (*account) {
- data_blob_clear_free(&((*account)->private.lm_pw));
- data_blob_clear_free(&((*account)->private.nt_pw));
- if((*account)->private.plaintext_pw!=NULL)
- memset((*account)->private.plaintext_pw,'\0',strlen((*account)->private.plaintext_pw));
-
- talloc_destroy((*account)->mem_ctx);
- *account = NULL;
- }
-}
-
-
-/**********************************************************************
- Alloc memory and initialises a SAM_ACCOUNT_HANDLE on supplied mem_ctx.
-***********************************************************************/
-
-NTSTATUS sam_init_account_talloc(TALLOC_CTX *mem_ctx, SAM_ACCOUNT_HANDLE **account)
-{
- SMB_ASSERT(*account != NULL);
-
- if (!mem_ctx) {
- DEBUG(0,("sam_init_account_talloc: mem_ctx was NULL!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- *account=(SAM_ACCOUNT_HANDLE *)talloc(mem_ctx, sizeof(SAM_ACCOUNT_HANDLE));
-
- if (*account==NULL) {
- DEBUG(0,("sam_init_account_talloc: error while allocating memory\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- (*account)->mem_ctx = mem_ctx;
-
- (*account)->free_fn = NULL;
-
- sam_fill_default_account(*account);
-
- return NT_STATUS_OK;
-}
-
-
-/*************************************************************
- Alloc memory and initialises a struct sam_passwd.
- ************************************************************/
-
-NTSTATUS sam_init_account(SAM_ACCOUNT_HANDLE **account)
-{
- TALLOC_CTX *mem_ctx;
- NTSTATUS nt_status;
-
- mem_ctx = talloc_init("sam internal SAM_ACCOUNT_HANDLE allocation");
-
- if (!mem_ctx) {
- DEBUG(0,("sam_init_account: error while doing talloc_init()\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = sam_init_account_talloc(mem_ctx, account))) {
- talloc_destroy(mem_ctx);
- return nt_status;
- }
-
- (*account)->free_fn = destroy_sam_talloc;
-
- return NT_STATUS_OK;
-}
-
-/**
- * Free the contents of the SAM_ACCOUNT_HANDLE, but not the structure.
- *
- * Also wipes the LM and NT hashes and plaintext password from
- * memory.
- *
- * @param account SAM_ACCOUNT_HANDLE to free members of.
- **/
-
-static void sam_free_account_contents(SAM_ACCOUNT_HANDLE *account)
-{
-
- /* Kill off sensitive data. Free()ed by the
- talloc mechinism */
-
- data_blob_clear_free(&(account->private.lm_pw));
- data_blob_clear_free(&(account->private.nt_pw));
- if (account->private.plaintext_pw)
- memset(account->private.plaintext_pw,'\0',strlen(account->private.plaintext_pw));
-}
-
-
-/************************************************************
- Reset the SAM_ACCOUNT_HANDLE and free the NT/LM hashes.
- ***********************************************************/
-
-NTSTATUS sam_reset_sam(SAM_ACCOUNT_HANDLE *account)
-{
- SMB_ASSERT(account != NULL);
-
- sam_free_account_contents(account);
-
- sam_fill_default_account(account);
-
- return NT_STATUS_OK;
-}
-
-
-/************************************************************
- Free the SAM_ACCOUNT_HANDLE and the member pointers.
- ***********************************************************/
-
-NTSTATUS sam_free_account(SAM_ACCOUNT_HANDLE **account)
-{
- SMB_ASSERT(*account != NULL);
-
- sam_free_account_contents(*account);
-
- if ((*account)->free_fn) {
- (*account)->free_fn(account);
- }
-
- return NT_STATUS_OK;
-}
-
-
-/**********************************************************
- Encode the account control bits into a string.
- length = length of string to encode into (including terminating
- null). length *MUST BE MORE THAN 2* !
- **********************************************************/
-
-char *sam_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
-{
- static fstring acct_str;
- size_t i = 0;
-
- acct_str[i++] = '[';
-
- if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N';
- if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D';
- if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H';
- if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T';
- if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U';
- if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M';
- if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W';
- if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S';
- if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L';
- if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X';
- if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I';
-
- for ( ; i < length - 2 ; i++ )
- acct_str[i] = ' ';
-
- i = length - 2;
- acct_str[i++] = ']';
- acct_str[i++] = '\0';
-
- return acct_str;
-}
-
-/**********************************************************
- Decode the account control bits from a string.
- **********************************************************/
-
-uint16 sam_decode_acct_ctrl(const char *p)
-{
- uint16 acct_ctrl = 0;
- BOOL finished = False;
-
- /*
- * Check if the account type bits have been encoded after the
- * NT password (in the form [NDHTUWSLXI]).
- */
-
- if (*p != '[')
- return 0;
-
- for (p++; *p && !finished; p++) {
- switch (*p) {
- case 'N': { acct_ctrl |= ACB_PWNOTREQ ; break; /* 'N'o password. */ }
- case 'D': { acct_ctrl |= ACB_DISABLED ; break; /* 'D'isabled. */ }
- case 'H': { acct_ctrl |= ACB_HOMDIRREQ; break; /* 'H'omedir required. */ }
- case 'T': { acct_ctrl |= ACB_TEMPDUP ; break; /* 'T'emp account. */ }
- case 'U': { acct_ctrl |= ACB_NORMAL ; break; /* 'U'ser account (normal). */ }
- case 'M': { acct_ctrl |= ACB_MNS ; break; /* 'M'NS logon user account. What is this ? */ }
- case 'W': { acct_ctrl |= ACB_WSTRUST ; break; /* 'W'orkstation account. */ }
- case 'S': { acct_ctrl |= ACB_SVRTRUST ; break; /* 'S'erver account. */ }
- case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ }
- case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ }
- case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ }
- case ' ': { break; }
- case ':':
- case '\n':
- case '\0':
- case ']':
- default: { finished = True; }
- }
- }
-
- return acct_ctrl;
-}
-
-/*************************************************************
- Routine to set 32 hex password characters from a 16 byte array.
-**************************************************************/
-
-void sam_sethexpwd(char *p, const unsigned char *pwd, uint16 acct_ctrl)
-{
- if (pwd != NULL) {
- int i;
- for (i = 0; i < 16; i++)
- slprintf(&p[i*2], 3, "%02X", pwd[i]);
- } else {
- if (acct_ctrl & ACB_PWNOTREQ)
- safe_strcpy(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 33);
- else
- safe_strcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 33);
- }
-}
-
-/*************************************************************
- Routine to get the 32 hex characters and turn them
- into a 16 byte array.
-**************************************************************/
-
-BOOL sam_gethexpwd(const char *p, unsigned char *pwd)
-{
- int i;
- unsigned char lonybble, hinybble;
- char *hexchars = "0123456789ABCDEF";
- char *p1, *p2;
-
- if (!p)
- return (False);
-
- for (i = 0; i < 32; i += 2) {
- hinybble = toupper(p[i]);
- lonybble = toupper(p[i + 1]);
-
- p1 = strchr(hexchars, hinybble);
- p2 = strchr(hexchars, lonybble);
-
- if (!p1 || !p2)
- return (False);
-
- hinybble = PTR_DIFF(p1, hexchars);
- lonybble = PTR_DIFF(p2, hexchars);
-
- pwd[i / 2] = (hinybble << 4) | lonybble;
- }
- return (True);
-}
diff --git a/source3/sam/get_set_account.c b/source3/sam/get_set_account.c
deleted file mode 100644
index acac281d21..0000000000
--- a/source3/sam/get_set_account.c
+++ /dev/null
@@ -1,845 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- SAM_ACCOUNT_HANDLE access routines
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Jelmer Vernooij 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_SAM
-
-NTSTATUS sam_get_account_domain_sid(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid)
-{
- NTSTATUS status;
- SAM_DOMAIN_HANDLE *domain;
- SAM_ASSERT(!sampass || !sid);
-
- if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){
- DEBUG(0, ("sam_get_account_domain_sid: Can't get domain for account\n"));
- return status;
- }
-
- return sam_get_domain_sid(domain, sid);
-}
-
-NTSTATUS sam_get_account_domain_name(const SAM_ACCOUNT_HANDLE *sampass, const char **domain_name)
-{
- NTSTATUS status;
- SAM_DOMAIN_HANDLE *domain;
- SAM_ASSERT(sampass && domain_name);
-
- if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){
- DEBUG(0, ("sam_get_account_domain_name: Can't get domain for account\n"));
- return status;
- }
-
- return sam_get_domain_name(domain, domain_name);
-}
-
-NTSTATUS sam_get_account_acct_ctrl(const SAM_ACCOUNT_HANDLE *sampass, uint16 *acct_ctrl)
-{
- SAM_ASSERT(sampass && acct_ctrl);
-
- *acct_ctrl = sampass->private.acct_ctrl;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_logon_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logon_time)
-{
- SAM_ASSERT(sampass && logon_time) ;
-
- *logon_time = sampass->private.logon_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_logoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logoff_time)
-{
- SAM_ASSERT(sampass && logoff_time) ;
-
- *logoff_time = sampass->private.logoff_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_kickoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *kickoff_time)
-{
- SAM_ASSERT(sampass && kickoff_time);
-
- *kickoff_time = sampass->private.kickoff_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_pass_last_set_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_last_set_time)
-{
- SAM_ASSERT(sampass && pass_last_set_time);
-
- *pass_last_set_time = sampass->private.pass_last_set_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_pass_can_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_can_change_time)
-{
- SAM_ASSERT(sampass && pass_can_change_time);
-
- *pass_can_change_time = sampass->private.pass_can_change_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_pass_must_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_must_change_time)
-{
- SAM_ASSERT(sampass && pass_must_change_time);
-
- *pass_must_change_time = sampass->private.pass_must_change_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_logon_divs(const SAM_ACCOUNT_HANDLE *sampass, uint16 *logon_divs)
-{
- SAM_ASSERT(sampass && logon_divs);
-
- *logon_divs = sampass->private.logon_divs;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_hours_len(const SAM_ACCOUNT_HANDLE *sampass, uint32 *hours_len)
-{
- SAM_ASSERT(sampass && hours_len);
-
- *hours_len = sampass->private.hours_len;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_hours(const SAM_ACCOUNT_HANDLE *sampass, const uint8 **hours)
-{
- SAM_ASSERT(sampass && hours);
-
- *hours = sampass->private.hours;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_nt_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *nt_pwd)
-{
- SAM_ASSERT(sampass);
-
- SMB_ASSERT((!sampass->private.nt_pw.data)
- || sampass->private.nt_pw.length == NT_HASH_LEN);
-
- *nt_pwd = sampass->private.nt_pw;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_lm_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *lm_pwd)
-{
- SAM_ASSERT(sampass);
-
- SMB_ASSERT((!sampass->private.lm_pw.data)
- || sampass->private.lm_pw.length == LM_HASH_LEN);
-
- *lm_pwd = sampass->private.lm_pw;
-
- return NT_STATUS_OK;
-}
-
-/* Return the plaintext password if known. Most of the time
- it isn't, so don't assume anything magic about this function.
-
- Used to pass the plaintext to sam backends that might
- want to store more than just the NTLM hashes.
-*/
-
-NTSTATUS sam_get_account_plaintext_pwd(const SAM_ACCOUNT_HANDLE *sampass, char **plain_pwd)
-{
- SAM_ASSERT(sampass && plain_pwd);
-
- *plain_pwd = sampass->private.plaintext_pw;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_sid(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid)
-{
- SAM_ASSERT(sampass);
-
- *sid = &(sampass->private.account_sid);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_pgroup(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid)
-{
- SAM_ASSERT(sampass);
-
- *sid = &(sampass->private.group_sid);
-
- return NT_STATUS_OK;
-}
-
-/**
- * Get flags showing what is initalised in the SAM_ACCOUNT_HANDLE
- * @param sampass the SAM_ACCOUNT_HANDLE in question
- * @return the flags indicating the members initialised in the struct.
- **/
-
-NTSTATUS sam_get_account_init_flag(const SAM_ACCOUNT_HANDLE *sampass, uint32 *initflag)
-{
- SAM_ASSERT(sampass);
-
- *initflag = sampass->private.init_flag;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_name(const SAM_ACCOUNT_HANDLE *sampass, char **account_name)
-{
- SAM_ASSERT(sampass);
-
- *account_name = sampass->private.account_name;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_domain(const SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE **domain)
-{
- SAM_ASSERT(sampass);
-
- *domain = sampass->private.domain;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_fullname(const SAM_ACCOUNT_HANDLE *sampass, char **fullname)
-{
- SAM_ASSERT(sampass);
-
- *fullname = sampass->private.full_name;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_homedir(const SAM_ACCOUNT_HANDLE *sampass, char **homedir)
-{
- SAM_ASSERT(sampass);
-
- *homedir = sampass->private.home_dir;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_unix_home_dir(const SAM_ACCOUNT_HANDLE *sampass, char **uhomedir)
-{
- SAM_ASSERT(sampass);
-
- *uhomedir = sampass->private.unix_home_dir;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_dir_drive(const SAM_ACCOUNT_HANDLE *sampass, char **dirdrive)
-{
- SAM_ASSERT(sampass);
-
- *dirdrive = sampass->private.dir_drive;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_logon_script(const SAM_ACCOUNT_HANDLE *sampass, char **logon_script)
-{
- SAM_ASSERT(sampass);
-
- *logon_script = sampass->private.logon_script;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_profile_path(const SAM_ACCOUNT_HANDLE *sampass, char **profile_path)
-{
- SAM_ASSERT(sampass);
-
- *profile_path = sampass->private.profile_path;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_description(const SAM_ACCOUNT_HANDLE *sampass, char **description)
-{
- SAM_ASSERT(sampass);
-
- *description = sampass->private.acct_desc;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_workstations(const SAM_ACCOUNT_HANDLE *sampass, char **workstations)
-{
- SAM_ASSERT(sampass);
-
- *workstations = sampass->private.workstations;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_unknown_str(const SAM_ACCOUNT_HANDLE *sampass, char **unknown_str)
-{
- SAM_ASSERT(sampass);
-
- *unknown_str = sampass->private.unknown_str;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_munged_dial(const SAM_ACCOUNT_HANDLE *sampass, char **munged_dial)
-{
- SAM_ASSERT(sampass);
-
- *munged_dial = sampass->private.munged_dial;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_unknown_1(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown1)
-{
- SAM_ASSERT(sampass && unknown1);
-
- *unknown1 = sampass->private.unknown_1;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_unknown_2(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown2)
-{
- SAM_ASSERT(sampass && unknown2);
-
- *unknown2 = sampass->private.unknown_2;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_unknown_3(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown3)
-{
- SAM_ASSERT(sampass && unknown3);
-
- *unknown3 = sampass->private.unknown_3;
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Collection of set...() functions for SAM_ACCOUNT_HANDLE_INFO.
- ********************************************************************/
-
-NTSTATUS sam_set_account_acct_ctrl(SAM_ACCOUNT_HANDLE *sampass, uint16 acct_ctrl)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.acct_ctrl = acct_ctrl;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_logon_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.logon_time = mytime;
-
-
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS sam_set_account_logoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.logoff_time = mytime;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_kickoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.kickoff_time = mytime;
-
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_pass_can_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.pass_can_change_time = mytime;
-
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_pass_must_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.pass_must_change_time = mytime;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_pass_last_set_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.pass_last_set_time = mytime;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_hours_len(SAM_ACCOUNT_HANDLE *sampass, uint32 len)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.hours_len = len;
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_logon_divs(SAM_ACCOUNT_HANDLE *sampass, uint16 hours)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.logon_divs = hours;
- return NT_STATUS_OK;
-}
-
-/**
- * Set flags showing what is initalised in the SAM_ACCOUNT_HANDLE
- * @param sampass the SAM_ACCOUNT_HANDLE in question
- * @param flag The *new* flag to be set. Old flags preserved
- * this flag is only added.
- **/
-
-NTSTATUS sam_set_account_init_flag(SAM_ACCOUNT_HANDLE *sampass, uint32 flag)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.init_flag |= flag;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_sid(SAM_ACCOUNT_HANDLE *sampass, const DOM_SID *u_sid)
-{
- SAM_ASSERT(sampass && u_sid);
-
- sid_copy(&sampass->private.account_sid, u_sid);
-
- DEBUG(10, ("sam_set_account_sid: setting account sid %s\n",
- sid_string_static(&sampass->private.account_sid)));
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_sid_from_string(SAM_ACCOUNT_HANDLE *sampass, const char *u_sid)
-{
- DOM_SID new_sid;
- SAM_ASSERT(sampass && u_sid);
-
- DEBUG(10, ("sam_set_account_sid_from_string: setting account sid %s\n",
- u_sid));
-
- if (!string_to_sid(&new_sid, u_sid)) {
- DEBUG(1, ("sam_set_account_sid_from_string: %s isn't a valid SID!\n", u_sid));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (!NT_STATUS_IS_OK(sam_set_account_sid(sampass, &new_sid))) {
- DEBUG(1, ("sam_set_account_sid_from_string: could not set sid %s on SAM_ACCOUNT_HANDLE!\n", u_sid));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_pgroup_sid(SAM_ACCOUNT_HANDLE *sampass, const DOM_SID *g_sid)
-{
- SAM_ASSERT(sampass && g_sid);
-
- sid_copy(&sampass->private.group_sid, g_sid);
-
- DEBUG(10, ("sam_set_group_sid: setting group sid %s\n",
- sid_string_static(&sampass->private.group_sid)));
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_pgroup_string(SAM_ACCOUNT_HANDLE *sampass, const char *g_sid)
-{
- DOM_SID new_sid;
- SAM_ASSERT(sampass && g_sid);
-
- DEBUG(10, ("sam_set_group_sid_from_string: setting group sid %s\n",
- g_sid));
-
- if (!string_to_sid(&new_sid, g_sid)) {
- DEBUG(1, ("sam_set_group_sid_from_string: %s isn't a valid SID!\n", g_sid));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (!NT_STATUS_IS_OK(sam_set_account_pgroup_sid(sampass, &new_sid))) {
- DEBUG(1, ("sam_set_group_sid_from_string: could not set sid %s on SAM_ACCOUNT_HANDLE!\n", g_sid));
- return NT_STATUS_UNSUCCESSFUL;
- }
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the domain name.
- ********************************************************************/
-
-NTSTATUS sam_set_account_domain(SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE *domain)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.domain = domain;
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's NT name.
- ********************************************************************/
-
-NTSTATUS sam_set_account_name(SAM_ACCOUNT_HANDLE *sampass, const char *account_name)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_account_name: setting nt account_name %s, was %s\n", account_name, sampass->private.account_name));
-
- sampass->private.account_name = talloc_strdup(sampass->mem_ctx, account_name);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's full name.
- ********************************************************************/
-
-NTSTATUS sam_set_account_fullname(SAM_ACCOUNT_HANDLE *sampass, const char *full_name)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_account_fullname: setting full name %s, was %s\n", full_name, sampass->private.full_name));
-
- sampass->private.full_name = talloc_strdup(sampass->mem_ctx, full_name);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's logon script.
- ********************************************************************/
-
-NTSTATUS sam_set_account_logon_script(SAM_ACCOUNT_HANDLE *sampass, const char *logon_script, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_logon_script: from %s to %s\n", logon_script, sampass->private.logon_script));
-
- sampass->private.logon_script = talloc_strdup(sampass->mem_ctx, logon_script);
-
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's profile path.
- ********************************************************************/
-
-NTSTATUS sam_set_account_profile_path(SAM_ACCOUNT_HANDLE *sampass, const char *profile_path, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_profile_path: setting profile path %s, was %s\n", profile_path, sampass->private.profile_path));
-
- sampass->private.profile_path = talloc_strdup(sampass->mem_ctx, profile_path);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's directory drive.
- ********************************************************************/
-
-NTSTATUS sam_set_account_dir_drive(SAM_ACCOUNT_HANDLE *sampass, const char *dir_drive, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_dir_drive: setting dir drive %s, was %s\n", dir_drive,
- sampass->private.dir_drive));
-
- sampass->private.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's home directory.
- ********************************************************************/
-
-NTSTATUS sam_set_account_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *home_dir, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_homedir: setting home dir %s, was %s\n", home_dir,
- sampass->private.home_dir));
-
- sampass->private.home_dir = talloc_strdup(sampass->mem_ctx, home_dir);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's unix home directory.
- ********************************************************************/
-
-NTSTATUS sam_set_account_unix_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *unix_home_dir)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_unix_homedir: setting home dir %s, was %s\n", unix_home_dir,
- sampass->private.unix_home_dir));
-
- sampass->private.unix_home_dir = talloc_strdup(sampass->mem_ctx, unix_home_dir);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's account description.
- ********************************************************************/
-
-NTSTATUS sam_set_account_acct_desc(SAM_ACCOUNT_HANDLE *sampass, const char *acct_desc)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's workstation allowed list.
- ********************************************************************/
-
-NTSTATUS sam_set_account_workstations(SAM_ACCOUNT_HANDLE *sampass, const char *workstations)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_workstations: setting workstations %s, was %s\n", workstations,
- sampass->private.workstations));
-
- sampass->private.workstations = talloc_strdup(sampass->mem_ctx, workstations);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's 'unknown_str', whatever the heck this actually is...
- ********************************************************************/
-
-NTSTATUS sam_set_account_unknown_str(SAM_ACCOUNT_HANDLE *sampass, const char *unknown_str)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's dial string.
- ********************************************************************/
-
-NTSTATUS sam_set_account_munged_dial(SAM_ACCOUNT_HANDLE *sampass, const char *munged_dial)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's NT hash.
- ********************************************************************/
-
-NTSTATUS sam_set_account_nt_pwd(SAM_ACCOUNT_HANDLE *sampass, const DATA_BLOB data)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.nt_pw = data;
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's LM hash.
- ********************************************************************/
-
-NTSTATUS sam_set_account_lm_pwd(SAM_ACCOUNT_HANDLE *sampass, const DATA_BLOB data)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.lm_pw = data;
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's plaintext password only (base procedure, see helper
- below)
- ********************************************************************/
-
-NTSTATUS sam_set_account_plaintext_pwd(SAM_ACCOUNT_HANDLE *sampass, const char *plain_pwd)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.plaintext_pw = talloc_strdup(sampass->mem_ctx, plain_pwd);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_unknown_1(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.unknown_1 = unkn;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_unknown_2(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.unknown_2 = unkn;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_unknown_3(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.unknown_3 = unkn;
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_hours(SAM_ACCOUNT_HANDLE *sampass, const uint8 *hours)
-{
- SAM_ASSERT(sampass);
-
- if (!hours) {
- memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN);
- return NT_STATUS_OK;
- }
-
- memcpy(sampass->private.hours, hours, MAX_HOURS_LEN);
-
- return NT_STATUS_OK;
-}
-
-/* Helpful interfaces to the above */
-
-/*********************************************************************
- Sets the last changed times and must change times for a normal
- password change.
- ********************************************************************/
-
-NTSTATUS sam_set_account_pass_changed_now(SAM_ACCOUNT_HANDLE *sampass)
-{
- uint32 expire;
- NTTIME temptime;
-
- SAM_ASSERT(sampass);
-
- unix_to_nt_time(&temptime, time(NULL));
- if (!NT_STATUS_IS_OK(sam_set_account_pass_last_set_time(sampass, temptime)))
- return NT_STATUS_UNSUCCESSFUL;
-
- if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire)
- || (expire==(uint32)-1)) {
-
- get_nttime_max(&temptime);
- if (!NT_STATUS_IS_OK(sam_set_account_pass_must_change_time(sampass, temptime, False)))
- return NT_STATUS_UNSUCCESSFUL;
-
- } else {
- /* FIXME: Add expire to temptime */
-
- if (!NT_STATUS_IS_OK(sam_get_account_pass_last_set_time(sampass,&temptime)) || !NT_STATUS_IS_OK(sam_set_account_pass_must_change_time(sampass, temptime,True)))
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's PLAINTEXT password. Used as an interface to the above.
- Also sets the last change time to NOW.
- ********************************************************************/
-
-NTSTATUS sam_set_account_passwd(SAM_ACCOUNT_HANDLE *sampass, const char *plaintext)
-{
- DATA_BLOB data;
- uchar new_lanman_p16[16];
- uchar new_nt_p16[16];
-
- SAM_ASSERT(sampass && plaintext);
-
- nt_lm_owf_gen(plaintext, new_nt_p16, new_lanman_p16);
-
- data = data_blob(new_nt_p16, 16);
- if (!NT_STATUS_IS_OK(sam_set_account_nt_pwd(sampass, data)))
- return NT_STATUS_UNSUCCESSFUL;
-
- data = data_blob(new_lanman_p16, 16);
-
- if (!NT_STATUS_IS_OK(sam_set_account_lm_pwd(sampass, data)))
- return NT_STATUS_UNSUCCESSFUL;
-
- if (!NT_STATUS_IS_OK(sam_set_account_plaintext_pwd(sampass, plaintext)))
- return NT_STATUS_UNSUCCESSFUL;
-
- if (!NT_STATUS_IS_OK(sam_set_account_pass_changed_now(sampass)))
- return NT_STATUS_UNSUCCESSFUL;
-
- return NT_STATUS_OK;
-}
-
diff --git a/source3/sam/get_set_domain.c b/source3/sam/get_set_domain.c
deleted file mode 100644
index c70a4a3f09..0000000000
--- a/source3/sam/get_set_domain.c
+++ /dev/null
@@ -1,263 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- SAM_DOMAIN access routines
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Jelmer Vernooij 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_SAM
-
-NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, const DOM_SID **sid)
-{
- SAM_ASSERT(domain &&sid);
-
- *sid = &(domain->private.sid);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_num_accounts(SAM_DOMAIN_HANDLE *domain, uint32 *num_accounts)
-{
- SAM_ASSERT(domain &&num_accounts);
-
- *num_accounts = domain->private.num_accounts;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups)
-{
- SAM_ASSERT(domain &&num_groups);
-
- *num_groups = domain->private.num_groups;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases)
-{
- SAM_ASSERT(domain &&num_aliases);
-
- *num_aliases = domain->private.num_aliases;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_name(SAM_DOMAIN_HANDLE *domain, const char **domain_name)
-{
- SAM_ASSERT(domain &&domain_name);
-
- *domain_name = domain->private.name;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, const char **server_name)
-{
- SAM_ASSERT(domain &&server_name);
-
- *server_name = domain->private.servername;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage)
-{
- SAM_ASSERT(domain &&max_passwordage);
-
- *max_passwordage = domain->private.max_passwordage;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage)
-{
- SAM_ASSERT(domain &&min_passwordage);
-
- *min_passwordage = domain->private.min_passwordage;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration)
-{
- SAM_ASSERT(domain &&lockout_duration);
-
- *lockout_duration = domain->private.lockout_duration;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count)
-{
- SAM_ASSERT(domain &&reset_lockout_count);
-
- *reset_lockout_count = domain->private.reset_count;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength)
-{
- SAM_ASSERT(domain &&min_passwordlength);
-
- *min_passwordlength = domain->private.min_passwordlength;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 *password_history)
-{
- SAM_ASSERT(domain &&password_history);
-
- *password_history = domain->private.password_history;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count)
-{
- SAM_ASSERT(domain &&lockout_count);
-
- *lockout_count = domain->private.lockout_count;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff)
-{
- SAM_ASSERT(domain &&force_logoff);
-
- *force_logoff = domain->private.force_logoff;
-
- return NT_STATUS_OK;
-}
-
-
-NTSTATUS sam_get_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange)
-{
- SAM_ASSERT(domain && login_pwdchange);
-
- *login_pwdchange = domain->private.login_pwdchange;
-
- return NT_STATUS_OK;
-}
-
-/* Set */
-
-NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, const char *domain_name)
-{
- SAM_ASSERT(domain);
-
- domain->private.name = talloc_strdup(domain->mem_ctx, domain_name);
-
- return NT_STATUS_OK;
-}
-
-
-NTSTATUS sam_set_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME max_passwordage)
-{
- SAM_ASSERT(domain);
-
- domain->private.max_passwordage = max_passwordage;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME min_passwordage)
-{
- SAM_ASSERT(domain);
-
- domain->private.min_passwordage = min_passwordage;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME lockout_duration)
-{
- SAM_ASSERT(domain);
-
- domain->private.lockout_duration = lockout_duration;
-
- return NT_STATUS_OK;
-}
-NTSTATUS sam_set_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME reset_lockout_count)
-{
- SAM_ASSERT(domain);
-
- domain->private.reset_count = reset_lockout_count;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 min_passwordlength)
-{
- SAM_ASSERT(domain);
-
- domain->private.min_passwordlength = min_passwordlength;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 password_history)
-{
- SAM_ASSERT(domain);
-
- domain->private.password_history = password_history;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 lockout_count)
-{
- SAM_ASSERT(domain);
-
- domain->private.lockout_count = lockout_count;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL force_logoff)
-{
- SAM_ASSERT(domain);
-
- domain->private.force_logoff = force_logoff;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL login_pwdchange)
-{
- SAM_ASSERT(domain);
-
- domain->private.login_pwdchange = login_pwdchange;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, const char *server_name)
-{
- SAM_ASSERT(domain);
-
- domain->private.servername = talloc_strdup(domain->mem_ctx, server_name);
-
- return NT_STATUS_OK;
-}
diff --git a/source3/sam/get_set_group.c b/source3/sam/get_set_group.c
deleted file mode 100644
index 11ea9258a7..0000000000
--- a/source3/sam/get_set_group.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- SAM_USER_HANDLE access routines
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Jelmer Vernooij 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_SAM
-
-/* sam group get functions */
-
-NTSTATUS sam_get_group_sid(const SAM_GROUP_HANDLE *group, const DOM_SID **sid)
-{
- SAM_ASSERT(group && sid);
-
- *sid = &(group->private.sid);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_group_ctrl(const SAM_GROUP_HANDLE *group, uint32 *group_ctrl)
-{
- SAM_ASSERT(group && group_ctrl);
-
- *group_ctrl = group->private.group_ctrl;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_group_name(const SAM_GROUP_HANDLE *group, const char **group_name)
-{
- SAM_ASSERT(group);
-
- *group_name = group->private.group_name;
-
- return NT_STATUS_OK;
-
-}
-NTSTATUS sam_get_group_comment(const SAM_GROUP_HANDLE *group, const char **group_desc)
-{
- SAM_ASSERT(group);
-
- *group_desc = group->private.group_desc;
-
- return NT_STATUS_OK;
-}
-
-/* sam group set functions */
-
-NTSTATUS sam_set_group_sid(SAM_GROUP_HANDLE *group, const DOM_SID *sid)
-{
- SAM_ASSERT(group);
-
- if (!sid)
- ZERO_STRUCT(group->private.sid);
- else
- sid_copy(&(group->private.sid), sid);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_group_group_ctrl(SAM_GROUP_HANDLE *group, uint32 group_ctrl)
-{
- SAM_ASSERT(group);
-
- group->private.group_ctrl = group_ctrl;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_group_name(SAM_GROUP_HANDLE *group, const char *group_name)
-{
- SAM_ASSERT(group);
-
- group->private.group_name = talloc_strdup(group->mem_ctx, group_name);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_group_description(SAM_GROUP_HANDLE *group, const char *group_desc)
-{
- SAM_ASSERT(group);
-
- group->private.group_desc = talloc_strdup(group->mem_ctx, group_desc);
-
- return NT_STATUS_OK;
-
-}
diff --git a/source3/sam/group.c b/source3/sam/group.c
deleted file mode 100644
index 101e3dd7ce..0000000000
--- a/source3/sam/group.c
+++ /dev/null
@@ -1,193 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- SAM_GROUP_HANDLE /SAM_GROUP_ENUM helpers
-
- Copyright (C) Stefan (metze) Metzmacher 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_SAM
-
-/************************************************************
- Fill the SAM_GROUP_HANDLE with default values.
- ***********************************************************/
-
-static void sam_fill_default_group(SAM_GROUP_HANDLE *group)
-{
- ZERO_STRUCT(group->private); /* Don't touch the talloc context */
-
-}
-
-static void destroy_sam_group_handle_talloc(SAM_GROUP_HANDLE **group)
-{
- if (*group) {
-
- talloc_destroy((*group)->mem_ctx);
- *group = NULL;
- }
-}
-
-
-/**********************************************************************
- Alloc memory and initialises a SAM_GROUP_HANDLE on supplied mem_ctx.
-***********************************************************************/
-
-NTSTATUS sam_init_group_talloc(TALLOC_CTX *mem_ctx, SAM_GROUP_HANDLE **group)
-{
- SMB_ASSERT(*group != NULL);
-
- if (!mem_ctx) {
- DEBUG(0,("sam_init_group_talloc: mem_ctx was NULL!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- *group=(SAM_GROUP_HANDLE *)talloc(mem_ctx, sizeof(SAM_GROUP_HANDLE));
-
- if (*group==NULL) {
- DEBUG(0,("sam_init_group_talloc: error while allocating memory\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- (*group)->mem_ctx = mem_ctx;
-
- (*group)->free_fn = NULL;
-
- sam_fill_default_group(*group);
-
- return NT_STATUS_OK;
-}
-
-
-/*************************************************************
- Alloc memory and initialises a struct SAM_GROUP_HANDLE.
- ************************************************************/
-
-NTSTATUS sam_init_group(SAM_GROUP_HANDLE **group)
-{
- TALLOC_CTX *mem_ctx;
- NTSTATUS nt_status;
-
- mem_ctx = talloc_init("sam internal SAM_GROUP_HANDLE allocation");
-
- if (!mem_ctx) {
- DEBUG(0,("sam_init_group: error while doing talloc_init()\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = sam_init_group_talloc(mem_ctx, group))) {
- talloc_destroy(mem_ctx);
- return nt_status;
- }
-
- (*group)->free_fn = destroy_sam_group_handle_talloc;
-
- return NT_STATUS_OK;
-}
-
-
-/************************************************************
- Reset the SAM_GROUP_HANDLE.
- ***********************************************************/
-
-NTSTATUS sam_reset_group(SAM_GROUP_HANDLE *group)
-{
- SMB_ASSERT(group != NULL);
-
- sam_fill_default_group(group);
-
- return NT_STATUS_OK;
-}
-
-
-/************************************************************
- Free the SAM_GROUP_HANDLE and the member pointers.
- ***********************************************************/
-
-NTSTATUS sam_free_group(SAM_ACCOUNT_HANDLE **group)
-{
- SMB_ASSERT(*group != NULL);
-
- if ((*group)->free_fn) {
- (*group)->free_fn(group);
- }
-
- return NT_STATUS_OK;
-}
-
-
-/**********************************************************
- Encode the group control bits into a string.
- length = length of string to encode into (including terminating
- null). length *MUST BE MORE THAN 2* !
- **********************************************************/
-
-char *sam_encode_acct_ctrl(uint16 group_ctrl, size_t length)
-{
- static fstring group_str;
- size_t i = 0;
-
- group_str[i++] = '[';
-
- if (group_ctrl & GCB_LOCAL_GROUP ) group_str[i++] = 'L';
- if (group_ctrl & GCB_GLOBAL_GROUP ) group_str[i++] = 'G';
-
- for ( ; i < length - 2 ; i++ )
- group_str[i] = ' ';
-
- i = length - 2;
- group_str[i++] = ']';
- group_str[i++] = '\0';
-
- return group_str;
-}
-
-/**********************************************************
- Decode the group control bits from a string.
- **********************************************************/
-
-uint16 sam_decode_group_ctrl(const char *p)
-{
- uint16 group_ctrl = 0;
- BOOL finished = False;
-
- /*
- * Check if the account type bits have been encoded after the
- * NT password (in the form [NDHTUWSLXI]).
- */
-
- if (*p != '[')
- return 0;
-
- for (p++; *p && !finished; p++) {
- switch (*p) {
- case 'L': { group_ctrl |= GCB_LOCAL_GROUP; break; /* 'L'ocal Aliases Group. */ }
- case 'G': { group_ctrl |= GCB_GLOBAL_GROUP; break; /* 'G'lobal Domain Group. */ }
-
- case ' ': { break; }
- case ':':
- case '\n':
- case '\0':
- case ']':
- default: { finished = True; }
- }
- }
-
- return group_ctrl;
-}
-
diff --git a/source3/sam/gumm_tdb.c b/source3/sam/gumm_tdb.c
deleted file mode 100644
index 5e390490cf..0000000000
--- a/source3/sam/gumm_tdb.c
+++ /dev/null
@@ -1,1193 +0,0 @@
-/*
- * Unix SMB/CIFS implementation.
- * SMB parameters and setup
- * Copyright (C) Andrew Tridgell 1992-1998
- * Copyright (C) Simo Sorce 2000-2002
- * Copyright (C) Gerald Carter 2000
- * Copyright (C) Jeremy Allison 2001
- * Copyright (C) Andrew Bartlett 2002
- *
- * This program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
- * more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 675
- * Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "includes.h"
-#include "tdbsam2.h"
-#include "tdbsam2_parse_info.h"
-
-static int tdbgumm_debug_level = DBGC_ALL;
-#undef DBGC_CLASS
-#define DBGC_CLASS tdbgumm_debug_level
-
-#define TDBSAM_VERSION 20021215
-#define TDB_FILE_NAME "tdbsam2.tdb"
-#define NAMEPREFIX "NAME_"
-#define SIDPREFIX "SID_"
-#define PRIVILEGEPREFIX "PRIV_"
-
-#define TDB_FORMAT_STRING "ddB"
-
-#define TALLOC_CHECK(ptr, err, label) do { if ((ptr) == NULL) { DEBUG(0, ("%s: Out of memory!\n", FUNCTION_MACRO)); err = NT_STATUS_NO_MEMORY; goto label; } } while(0)
-#define SET_OR_FAIL(func, label) do { if (NT_STATUS_IS_ERR(func)) { DEBUG(0, ("%s: Setting gums object data failed!\n", FUNCTION_MACRO)); goto label; } } while(0)
-
-struct tdbsam2_enum_objs {
- uint32 type;
- fstring dom_sid;
- TDB_CONTEXT *db;
- TDB_DATA key;
- struct tdbsam2_enum_objs *next;
-};
-
-union tdbsam2_data {
- struct tdbsam2_domain_data *domain;
- struct tdbsam2_user_data *user;
- struct tdbsam2_group_data *group;
-};
-
-struct tdbsam2_object {
- uint32 type;
- uint32 version;
- union tdbsam2_data data;
-};
-
-static TDB_CONTEXT *tdbsam2_db;
-
-struct tdbsam2_enum_objs **teo_handlers;
-
-static NTSTATUS init_tdbsam2_object_from_buffer(struct tdbsam2_object *object, TALLOC_CTX *mem_ctx, char *buffer, int size)
-{
-
- NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
- int iret;
- char *obj_data;
- int data_size = 0;
- int len;
-
- len = tdb_unpack (buffer, size, TDB_FORMAT_STRING,
- &(object->version),
- &(object->type),
- &data_size, &obj_data);
-
- if (len == -1)
- goto done;
-
- /* version is checked inside this function so that backward compatibility code can be
- called eventually.
- this way we can easily handle database format upgrades */
- if (object->version != TDBSAM_VERSION) {
- DEBUG(3,("init_tdbsam2_object_from_buffer: Error, db object has wrong tdbsam version!\n"));
- goto done;
- }
-
- /* be sure the string is terminated before trying to parse it */
- if (obj_data[data_size - 1] != '\0')
- obj_data[data_size - 1] = '\0';
-
- switch (object->type) {
- case GUMS_OBJ_DOMAIN:
- object->data.domain = (struct tdbsam2_domain_data *)talloc(mem_ctx, sizeof(struct tdbsam2_domain_data));
- TALLOC_CHECK(object->data.domain, ret, done);
- memset(object->data.domain, 0, sizeof(struct tdbsam2_domain_data));
-
- iret = gen_parse(mem_ctx, pinfo_tdbsam2_domain_data, (char *)(object->data.domain), obj_data);
- break;
- case GUMS_OBJ_GROUP:
- case GUMS_OBJ_ALIAS:
- object->data.group = (struct tdbsam2_group_data *)talloc(mem_ctx, sizeof(struct tdbsam2_group_data));
- TALLOC_CHECK(object->data.group, ret, done);
- memset(object->data.group, 0, sizeof(struct tdbsam2_group_data));
-
- iret = gen_parse(mem_ctx, pinfo_tdbsam2_group_data, (char *)(object->data.group), obj_data);
- break;
- case GUMS_OBJ_NORMAL_USER:
- object->data.user = (struct tdbsam2_user_data *)talloc(mem_ctx, sizeof(struct tdbsam2_user_data));
- TALLOC_CHECK(object->data.user, ret, done);
- memset(object->data.user, 0, sizeof(struct tdbsam2_user_data));
-
- iret = gen_parse(mem_ctx, pinfo_tdbsam2_user_data, (char *)(object->data.user), obj_data);
- break;
- default:
- DEBUG(3,("init_tdbsam2_object_from_buffer: Error, wrong object type number!\n"));
- goto done;
- }
-
- if (iret != 0) {
- DEBUG(0,("init_tdbsam2_object_from_buffer: Fatal Error! Unable to parse object!\n"));
- DEBUG(0,("init_tdbsam2_object_from_buffer: DB Corrupted ?"));
- goto done;
- }
-
- ret = NT_STATUS_OK;
-done:
- SAFE_FREE(obj_data);
- return ret;
-}
-
-static NTSTATUS init_buffer_from_tdbsam2_object(char **buffer, size_t *len, TALLOC_CTX *mem_ctx, struct tdbsam2_object *object)
-{
-
- NTSTATUS ret;
- char *buf1 = NULL;
- size_t buflen;
-
- if (!buffer)
- return NT_STATUS_INVALID_PARAMETER;
-
- switch (object->type) {
- case GUMS_OBJ_DOMAIN:
- buf1 = gen_dump(mem_ctx, pinfo_tdbsam2_domain_data, (char *)(object->data.domain), 0);
- break;
- case GUMS_OBJ_GROUP:
- case GUMS_OBJ_ALIAS:
- buf1 = gen_dump(mem_ctx, pinfo_tdbsam2_group_data, (char *)(object->data.group), 0);
- break;
- case GUMS_OBJ_NORMAL_USER:
- buf1 = gen_dump(mem_ctx, pinfo_tdbsam2_user_data, (char *)(object->data.user), 0);
- break;
- default:
- DEBUG(3,("init_buffer_from_tdbsam2_object: Error, wrong object type number!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (buf1 == NULL) {
- DEBUG(0, ("init_buffer_from_tdbsam2_object: Fatal Error! Unable to dump object!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- buflen = tdb_pack(NULL, 0, TDB_FORMAT_STRING,
- TDBSAM_VERSION,
- object->type,
- strlen(buf1) + 1, buf1);
-
- *buffer = talloc(mem_ctx, buflen);
- TALLOC_CHECK(*buffer, ret, done);
-
- *len = tdb_pack(*buffer, buflen, TDB_FORMAT_STRING,
- TDBSAM_VERSION,
- object->type,
- strlen(buf1) + 1, buf1);
-
- if (*len != buflen) {
- DEBUG(0, ("init_tdb_data_from_tdbsam2_object: somthing odd is going on here: bufflen (%d) != len (%d) in tdb_pack operations!\n",
- buflen, *len));
- *buffer = NULL;
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- ret = NT_STATUS_OK;
-done:
- return ret;
-}
-
-static NTSTATUS opentdb(void)
-{
- if (!tdbsam2_db) {
- pstring tdbfile;
- get_private_directory(tdbfile);
- pstrcat(tdbfile, "/");
- pstrcat(tdbfile, TDB_FILE_NAME);
-
- tdbsam2_db = tdb_open_log(tdbfile, 0, TDB_DEFAULT, O_RDWR | O_CREAT, 0600);
- if (!tdbsam2_db)
- {
- DEBUG(0, ("opentdb: Unable to open database (%s)!\n", tdbfile));
- return NT_STATUS_UNSUCCESSFUL;
- }
- }
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS get_object_by_sid(TALLOC_CTX *mem_ctx, struct tdbsam2_object *obj, const DOM_SID *sid)
-{
- NTSTATUS ret;
- TDB_DATA data, key;
- fstring keystr;
-
- if (!obj || !mem_ctx || !sid)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (NT_STATUS_IS_ERR(ret = opentdb())) {
- return ret;
- }
-
- slprintf(keystr, sizeof(keystr)-1, "%s%s", SIDPREFIX, sid_string_static(sid));
- key.dptr = keystr;
- key.dsize = strlen(keystr) + 1;
-
- data = tdb_fetch(tdbsam2_db, key);
- if (!data.dptr) {
- DEBUG(5, ("get_object_by_sid: Error fetching database, domain entry not found!\n"));
- DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam2_db)));
- DEBUGADD(5, (" Key: %s\n", keystr));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (NT_STATUS_IS_ERR(init_tdbsam2_object_from_buffer(obj, mem_ctx, data.dptr, data.dsize))) {
- SAFE_FREE(data.dptr);
- DEBUG(0, ("get_object_by_sid: Error fetching database, malformed entry!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
- SAFE_FREE(data.dptr);
-
- return NT_STATUS_OK;
-
-}
-
-static NTSTATUS get_object_by_name(TALLOC_CTX *mem_ctx, struct tdbsam2_object *obj, const char* name)
-{
-
- NTSTATUS ret;
- TDB_DATA data, key;
- fstring keystr;
- fstring objname;
- DOM_SID sid;
- char *obj_sidstr;
- int obj_version, obj_type, obj_sidstr_len, len;
-
- if (!obj || !mem_ctx || !name)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (NT_STATUS_IS_ERR(ret = opentdb())) {
- return ret;
- }
-
- unix_strlower(name, -1, objname, sizeof(objname));
-
- slprintf(keystr, sizeof(keystr)-1, "%s%s", NAMEPREFIX, objname);
- key.dptr = keystr;
- key.dsize = strlen(keystr) + 1;
-
- data = tdb_fetch(tdbsam2_db, key);
- if (!data.dptr) {
- DEBUG(5, ("get_object_by_name: Error fetching database, domain entry not found!\n"));
- DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam2_db)));
- DEBUGADD(5, (" Key: %s\n", keystr));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- len = tdb_unpack(data.dptr, data.dsize, TDB_FORMAT_STRING,
- &obj_version,
- &obj_type,
- &obj_sidstr_len, &obj_sidstr);
-
- SAFE_FREE(data.dptr);
-
- if (len == -1 || obj_version != TDBSAM_VERSION || obj_sidstr_len <= 0) {
- DEBUG(5, ("get_object_by_name: Error unpacking database object!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (!string_to_sid(&sid, obj_sidstr)) {
- DEBUG(5, ("get_object_by_name: Error invalid sid string found in database object!\n"));
- SAFE_FREE(obj_sidstr);
- return NT_STATUS_UNSUCCESSFUL;
- }
- SAFE_FREE(obj_sidstr);
-
- return get_object_by_sid(mem_ctx, obj, &sid);
-}
-
-static NTSTATUS store_object(TALLOC_CTX *mem_ctx, struct tdbsam2_object *object, BOOL new_obj)
-{
-
- NTSTATUS ret;
- TDB_DATA data, key, key2;
- fstring keystr;
- fstring namestr;
- int flag, r;
-
- if (NT_STATUS_IS_ERR(ret = opentdb())) {
- return ret;
- }
-
- if (new_obj) {
- flag = TDB_INSERT;
- } else {
- flag = TDB_MODIFY;
- }
-
- ret = init_buffer_from_tdbsam2_object(&(data.dptr), &(data.dsize), mem_ctx, object);
- if (NT_STATUS_IS_ERR(ret))
- return ret;
-
- switch (object->type) {
- case GUMS_OBJ_DOMAIN:
- slprintf(keystr, sizeof(keystr) - 1, "%s%s", SIDPREFIX, sid_string_static(object->data.domain->dom_sid));
- slprintf(namestr, sizeof(namestr) - 1, "%s%s", NAMEPREFIX, object->data.domain->name);
- break;
- case GUMS_OBJ_GROUP:
- case GUMS_OBJ_ALIAS:
- slprintf(keystr, sizeof(keystr) - 1, "%s%s", SIDPREFIX, sid_string_static(object->data.group->group_sid));
- slprintf(namestr, sizeof(namestr) - 1, "%s%s", NAMEPREFIX, object->data.group->name);
- break;
- case GUMS_OBJ_NORMAL_USER:
- slprintf(keystr, sizeof(keystr) - 1, "%s%s", SIDPREFIX, sid_string_static(object->data.user->user_sid));
- slprintf(namestr, sizeof(namestr) - 1, "%s%s", NAMEPREFIX, object->data.user->name);
- break;
- default:
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- key.dptr = keystr;
- key.dsize = strlen(keystr) + 1;
-
- if ((r = tdb_store(tdbsam2_db, key, data, flag)) != TDB_SUCCESS) {
- DEBUG(0, ("store_object: Unable to modify SAM!\n"));
- DEBUGADD(0, (" Error: %s", tdb_errorstr(tdbsam2_db)));
- DEBUGADD(0, (" occured while storing the main record (%s)\n", keystr));
- if (r == TDB_ERR_EXISTS) return NT_STATUS_UNSUCCESSFUL;
- return NT_STATUS_INTERNAL_DB_ERROR;
- }
-
- key2.dptr = namestr;
- key2.dsize = strlen(namestr) + 1;
-
- if ((r = tdb_store(tdbsam2_db, key2, key, flag)) != TDB_SUCCESS) {
- DEBUG(0, ("store_object: Unable to modify SAM!\n"));
- DEBUGADD(0, (" Error: %s", tdb_errorstr(tdbsam2_db)));
- DEBUGADD(0, (" occured while storing the main record (%s)\n", keystr));
- if (r == TDB_ERR_EXISTS) return NT_STATUS_UNSUCCESSFUL;
- return NT_STATUS_INTERNAL_DB_ERROR;
- }
-/* TODO: update the general database counter */
-/* TODO: update this entry counter too */
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS get_next_sid(TALLOC_CTX *mem_ctx, DOM_SID **sid)
-{
- NTSTATUS ret;
- struct tdbsam2_object obj;
- DOM_SID *dom_sid = get_global_sam_sid();
- uint32 new_rid;
-
-/* TODO: LOCK DOMAIN OBJECT */
- ret = get_object_by_sid(mem_ctx, &obj, dom_sid);
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG(0, ("get_next_sid: unable to get root Domain object!\n"));
- ret = NT_STATUS_INTERNAL_DB_ERROR;
- goto error;
- }
-
- new_rid = obj.data.domain->next_rid;
-
- /* Increment the RID Counter */
- obj.data.domain->next_rid++;
-
- /* Store back Domain object */
- ret = store_object(mem_ctx, &obj, False);
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG(0, ("get_next_sid: unable to update root Domain object!\n"));
- ret = NT_STATUS_INTERNAL_DB_ERROR;
- goto error;
- }
-/* TODO: UNLOCK DOMAIN OBJECT */
-
- *sid = sid_dup_talloc(mem_ctx, dom_sid);
- TALLOC_CHECK(*sid, ret, error);
-
- if (!sid_append_rid(*sid, new_rid)) {
- DEBUG(0, ("get_next_sid: unable to build new SID !?!\n"));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto error;
- }
-
- return NT_STATUS_OK;
-
-error:
- return ret;
-}
-
-static NTSTATUS user_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_user_data *userdata)
-{
- NTSTATUS ret;
-
- if (!object || !userdata) {
- DEBUG(0, ("tdbsam2_user_data_to_gums_object: no NULL pointers are accepted here!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- /* userdata->xcounter */
- /* userdata->sec_desc */
-
- SET_OR_FAIL(gums_set_object_sid(*object, userdata->user_sid), error);
- SET_OR_FAIL(gums_set_object_name(*object, userdata->name), error);
-
- SET_OR_FAIL(gums_set_user_pri_group(*object, userdata->group_sid), error);
-
- if (userdata->description)
- SET_OR_FAIL(gums_set_object_description(*object, userdata->description), error);
-
- if (userdata->full_name)
- SET_OR_FAIL(gums_set_user_fullname(*object, userdata->full_name), error);
-
- if (userdata->home_dir)
- SET_OR_FAIL(gums_set_user_homedir(*object, userdata->home_dir), error);
-
- if (userdata->dir_drive)
- SET_OR_FAIL(gums_set_user_dir_drive(*object, userdata->dir_drive), error);
-
- if (userdata->logon_script)
- SET_OR_FAIL(gums_set_user_logon_script(*object, userdata->logon_script), error);
-
- if (userdata->profile_path)
- SET_OR_FAIL(gums_set_user_profile_path(*object, userdata->profile_path), error);
-
- if (userdata->workstations)
- SET_OR_FAIL(gums_set_user_workstations(*object, userdata->workstations), error);
-
- if (userdata->unknown_str)
- SET_OR_FAIL(gums_set_user_unknown_str(*object, userdata->unknown_str), error);
-
- if (userdata->munged_dial)
- SET_OR_FAIL(gums_set_user_munged_dial(*object, userdata->munged_dial), error);
-
- SET_OR_FAIL(gums_set_user_logon_divs(*object, userdata->logon_divs), error);
- SET_OR_FAIL(gums_set_user_hours_len(*object, userdata->hours_len), error);
-
- if (userdata->hours)
- SET_OR_FAIL(gums_set_user_hours(*object, userdata->hours), error);
-
- SET_OR_FAIL(gums_set_user_unknown_3(*object, userdata->unknown_3), error);
- SET_OR_FAIL(gums_set_user_unknown_5(*object, userdata->unknown_5), error);
- SET_OR_FAIL(gums_set_user_unknown_6(*object, userdata->unknown_6), error);
-
- SET_OR_FAIL(gums_set_user_logon_time(*object, *(userdata->logon_time)), error);
- SET_OR_FAIL(gums_set_user_logoff_time(*object, *(userdata->logoff_time)), error);
- SET_OR_FAIL(gums_set_user_kickoff_time(*object, *(userdata->kickoff_time)), error);
- SET_OR_FAIL(gums_set_user_pass_last_set_time(*object, *(userdata->pass_last_set_time)), error);
- SET_OR_FAIL(gums_set_user_pass_can_change_time(*object, *(userdata->pass_can_change_time)), error);
- SET_OR_FAIL(gums_set_user_pass_must_change_time(*object, *(userdata->pass_must_change_time)), error);
-
- ret = NT_STATUS_OK;
- return ret;
-
-error:
- talloc_destroy((*object)->mem_ctx);
- *object = NULL;
- return ret;
-}
-
-static NTSTATUS group_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_group_data *groupdata)
-{
- NTSTATUS ret;
-
- if (!object || !groupdata) {
- DEBUG(0, ("tdbsam2_group_data_to_gums_object: no NULL pointers are accepted here!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- /* groupdata->xcounter */
- /* groupdata->sec_desc */
-
- SET_OR_FAIL(gums_set_object_sid(*object, groupdata->group_sid), error);
- SET_OR_FAIL(gums_set_object_name(*object, groupdata->name), error);
-
- if (groupdata->description)
- SET_OR_FAIL(gums_set_object_description(*object, groupdata->description), error);
-
- if (groupdata->count)
- SET_OR_FAIL(gums_set_group_members(*object, groupdata->count, groupdata->members), error);
-
- ret = NT_STATUS_OK;
- return ret;
-
-error:
- talloc_destroy((*object)->mem_ctx);
- *object = NULL;
- return ret;
-}
-
-static NTSTATUS domain_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_domain_data *domdata)
-{
-
- NTSTATUS ret;
-
- if (!object || !*object || !domdata) {
- DEBUG(0, ("tdbsam2_domain_data_to_gums_object: no NULL pointers are accepted here!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- /* domdata->xcounter */
- /* domdata->sec_desc */
-
- SET_OR_FAIL(gums_set_object_sid(*object, domdata->dom_sid), error);
- SET_OR_FAIL(gums_set_object_name(*object, domdata->name), error);
-
- if (domdata->description)
- SET_OR_FAIL(gums_set_object_description(*object, domdata->description), error);
-
- ret = NT_STATUS_OK;
- return ret;
-
-error:
- talloc_destroy((*object)->mem_ctx);
- *object = NULL;
- return ret;
-}
-
-static NTSTATUS data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_object *data)
-{
-
- NTSTATUS ret;
-
- if (!object || !data) {
- DEBUG(0, ("tdbsam2_user_data_to_gums_object: no NULL structure pointers are accepted here!\n"));
- ret = NT_STATUS_INVALID_PARAMETER;
- goto done;
- }
-
- ret = gums_create_object(object, data->type);
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG(5, ("tdbsam2_user_data_to_gums_object: error creating gums object!\n"));
- goto done;
- }
-
- switch (data->type) {
- case GUMS_OBJ_DOMAIN:
- ret = domain_data_to_gums_object(object, data->data.domain);
- break;
-
- case GUMS_OBJ_NORMAL_USER:
- ret = user_data_to_gums_object(object, data->data.user);
- break;
-
- case GUMS_OBJ_GROUP:
- case GUMS_OBJ_ALIAS:
- ret = group_data_to_gums_object(object, data->data.group);
- break;
-
- default:
- ret = NT_STATUS_UNSUCCESSFUL;
- }
-
-done:
- return ret;
-}
-
-
-/* GUMM object functions */
-
-static NTSTATUS tdbsam2_get_domain_sid(DOM_SID *sid, const char* name)
-{
-
- NTSTATUS ret;
- struct tdbsam2_object obj;
- TALLOC_CTX *mem_ctx;
- fstring domname;
-
- if (!sid || !name)
- return NT_STATUS_INVALID_PARAMETER;
-
- mem_ctx = talloc_init("tdbsam2_get_domain_sid");
- if (!mem_ctx) {
- DEBUG(0, ("tdbsam2_new_object: Out of memory!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- if (NT_STATUS_IS_ERR(ret = opentdb())) {
- goto done;
- }
-
- unix_strlower(name, -1, domname, sizeof(domname));
-
- ret = get_object_by_name(mem_ctx, &obj, domname);
-
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG(0, ("tdbsam2_get_domain_sid: Error fetching database!\n"));
- goto done;
- }
-
- if (obj.type != GUMS_OBJ_DOMAIN) {
- DEBUG(5, ("tdbsam2_get_domain_sid: Requested object is not a domain!\n"));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- sid_copy(sid, obj.data.domain->dom_sid);
-
- ret = NT_STATUS_OK;
-
-done:
- talloc_destroy(mem_ctx);
- return ret;
-}
-
-static NTSTATUS tdbsam2_set_domain_sid (const DOM_SID *sid, const char *name)
-{
-
- NTSTATUS ret;
- struct tdbsam2_object obj;
- TALLOC_CTX *mem_ctx;
- fstring domname;
-
- if (!sid || !name)
- return NT_STATUS_INVALID_PARAMETER;
-
- mem_ctx = talloc_init("tdbsam2_set_domain_sid");
- if (!mem_ctx) {
- DEBUG(0, ("tdbsam2_new_object: Out of memory!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- if (tdbsam2_db == NULL) {
- if (NT_STATUS_IS_ERR(ret = opentdb())) {
- goto done;
- }
- }
-
- unix_strlower(name, -1, domname, sizeof(domname));
-
-/* TODO: we need to lock this entry until updated! */
-
- ret = get_object_by_name(mem_ctx, &obj, domname);
-
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG(0, ("tdbsam2_get_domain_sid: Error fetching database!\n"));
- goto done;
- }
-
- if (obj.type != GUMS_OBJ_DOMAIN) {
- DEBUG(5, ("tdbsam2_get_domain_sid: Requested object is not a domain!\n"));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- sid_copy(obj.data.domain->dom_sid, sid);
-
- ret = store_object(mem_ctx, &obj, False);
-
-done:
-/* TODO: unlock here */
- if (mem_ctx) talloc_destroy(mem_ctx);
- return ret;
-}
-
-/* TODO */
- NTSTATUS (*get_sequence_number) (void);
-
-
-extern DOM_SID global_sid_NULL;
-
-static NTSTATUS tdbsam2_new_object(DOM_SID *sid, const char *name, const int obj_type)
-{
-
- NTSTATUS ret;
- struct tdbsam2_object obj;
- TALLOC_CTX *mem_ctx;
- NTTIME zero_time = {0,0};
- const char *defpw = "NOPASSWORDXXXXXX";
- uint8 defhours[21] = {255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255};
-
- if (!sid || !name) {
- DEBUG(0, ("tdbsam2_new_object: no NULL pointers are accepted here!\n"));
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- mem_ctx = talloc_init("tdbsam2_new_object");
- if (!mem_ctx) {
- DEBUG(0, ("tdbsam2_new_object: Out of memory!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- obj.type = obj_type;
- obj.version = TDBSAM_VERSION;
-
- switch (obj_type) {
- case GUMS_OBJ_NORMAL_USER:
- obj.data.user = (struct tdbsam2_user_data *)talloc_zero(mem_ctx, sizeof(struct tdbsam2_user_data));
- TALLOC_CHECK(obj.data.user, ret, done);
-
- get_next_sid(mem_ctx, &(obj.data.user->user_sid));
- TALLOC_CHECK(obj.data.user->user_sid, ret, done);
- sid_copy(sid, obj.data.user->user_sid);
-
- obj.data.user->name = talloc_strdup(mem_ctx, name);
- TALLOC_CHECK(obj.data.user, ret, done);
-
- obj.data.user->xcounter = 1;
- /*obj.data.user->sec_desc*/
- obj.data.user->description = "";
- obj.data.user->group_sid = &global_sid_NULL;
- obj.data.user->logon_time = &zero_time;
- obj.data.user->logoff_time = &zero_time;
- obj.data.user->kickoff_time = &zero_time;
- obj.data.user->pass_last_set_time = &zero_time;
- obj.data.user->pass_can_change_time = &zero_time;
- obj.data.user->pass_must_change_time = &zero_time;
-
- obj.data.user->full_name = "";
- obj.data.user->home_dir = "";
- obj.data.user->dir_drive = "";
- obj.data.user->logon_script = "";
- obj.data.user->profile_path = "";
- obj.data.user->workstations = "";
- obj.data.user->unknown_str = "";
- obj.data.user->munged_dial = "";
-
- obj.data.user->lm_pw_ptr = defpw;
- obj.data.user->nt_pw_ptr = defpw;
-
- obj.data.user->logon_divs = 168;
- obj.data.user->hours_len = 21;
- obj.data.user->hours = &defhours;
-
- obj.data.user->unknown_3 = 0x00ffffff;
- obj.data.user->unknown_5 = 0x00020000;
- obj.data.user->unknown_6 = 0x000004ec;
- break;
-
- case GUMS_OBJ_GROUP:
- case GUMS_OBJ_ALIAS:
- obj.data.group = (struct tdbsam2_group_data *)talloc_zero(mem_ctx, sizeof(struct tdbsam2_group_data));
- TALLOC_CHECK(obj.data.group, ret, done);
-
- get_next_sid(mem_ctx, &(obj.data.group->group_sid));
- TALLOC_CHECK(obj.data.group->group_sid, ret, done);
- sid_copy(sid, obj.data.group->group_sid);
-
- obj.data.group->name = talloc_strdup(mem_ctx, name);
- TALLOC_CHECK(obj.data.group, ret, done);
-
- obj.data.group->xcounter = 1;
- /*obj.data.group->sec_desc*/
- obj.data.group->description = "";
-
- break;
-
- case GUMS_OBJ_DOMAIN:
-
- /* FIXME: should we check against global_sam_sid to make it impossible
- to store more than one domain ? */
-
- obj.data.domain = (struct tdbsam2_domain_data *)talloc_zero(mem_ctx, sizeof(struct tdbsam2_domain_data));
- TALLOC_CHECK(obj.data.domain, ret, done);
-
- obj.data.domain->dom_sid = sid_dup_talloc(mem_ctx, get_global_sam_sid());
- TALLOC_CHECK(obj.data.domain->dom_sid, ret, done);
- sid_copy(sid, obj.data.domain->dom_sid);
-
- obj.data.domain->name = talloc_strdup(mem_ctx, name);
- TALLOC_CHECK(obj.data.domain, ret, done);
-
- obj.data.domain->xcounter = 1;
- /*obj.data.domain->sec_desc*/
- obj.data.domain->next_rid = 0x3e9;
- obj.data.domain->description = "";
-
- ret = NT_STATUS_OK;
- break;
-
- default:
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- ret = store_object(mem_ctx, &obj, True);
-
-done:
- talloc_destroy(mem_ctx);
- return ret;
-}
-
-static NTSTATUS tdbsam2_delete_object(const DOM_SID *sid)
-{
- NTSTATUS ret;
- struct tdbsam2_object obj;
- TALLOC_CTX *mem_ctx;
- TDB_DATA data, key;
- fstring keystr;
-
- if (!sid) {
- DEBUG(0, ("tdbsam2_delete_object: no NULL pointers are accepted here!\n"));
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- mem_ctx = talloc_init("tdbsam2_delete_object");
- if (!mem_ctx) {
- DEBUG(0, ("tdbsam2_delete_object: Out of memory!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- if (tdbsam2_db == NULL) {
- if (NT_STATUS_IS_ERR(ret = opentdb())) {
- goto done;
- }
- }
-
- slprintf(keystr, sizeof(keystr)-1, "%s%s", SIDPREFIX, sid_string_static(sid));
- key.dptr = keystr;
- key.dsize = strlen(keystr) + 1;
-
- data = tdb_fetch(tdbsam2_db, key);
- if (!data.dptr) {
- DEBUG(5, ("tdbsam2_delete_object: Error fetching database, SID entry not found!\n"));
- DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam2_db)));
- DEBUGADD(5, (" Key: %s\n", keystr));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- if (tdb_delete(tdbsam2_db, key) != TDB_SUCCESS) {
- DEBUG(5, ("tdbsam2_delete_object: Error deleting object!\n"));
- DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam2_db)));
- DEBUGADD(5, (" Key: %s\n", keystr));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- if (NT_STATUS_IS_ERR(init_tdbsam2_object_from_buffer(&obj, mem_ctx, data.dptr, data.dsize))) {
- SAFE_FREE(data.dptr);
- DEBUG(0, ("tdbsam2_delete_object: Error fetching database, malformed entry!\n"));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- switch (obj.type) {
- case GUMS_OBJ_DOMAIN:
- /* TODO: SHOULD WE ALLOW TO DELETE DOMAINS ? */
- slprintf(keystr, sizeof(keystr) - 1, "%s%s", NAMEPREFIX, obj.data.domain->name);
- break;
- case GUMS_OBJ_GROUP:
- case GUMS_OBJ_ALIAS:
- slprintf(keystr, sizeof(keystr) - 1, "%s%s", NAMEPREFIX, obj.data.group->name);
- break;
- case GUMS_OBJ_NORMAL_USER:
- slprintf(keystr, sizeof(keystr) - 1, "%s%s", NAMEPREFIX, obj.data.user->name);
- break;
- default:
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- key.dptr = keystr;
- key.dsize = strlen(keystr) + 1;
-
- if (tdb_delete(tdbsam2_db, key) != TDB_SUCCESS) {
- DEBUG(5, ("tdbsam2_delete_object: Error deleting object!\n"));
- DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam2_db)));
- DEBUGADD(5, (" Key: %s\n", keystr));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
-/* TODO: update the general database counter */
-
-done:
- SAFE_FREE(data.dptr);
- talloc_destroy(mem_ctx);
- return ret;
-}
-
-static NTSTATUS tdbsam2_get_object_from_sid(GUMS_OBJECT **object, const DOM_SID *sid, const int obj_type)
-{
- NTSTATUS ret;
- struct tdbsam2_object obj;
- TALLOC_CTX *mem_ctx;
-
- if (!object || !sid) {
- DEBUG(0, ("tdbsam2_get_object_from_sid: no NULL pointers are accepted here!\n"));
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- mem_ctx = talloc_init("tdbsam2_get_object_from_sid");
- if (!mem_ctx) {
- DEBUG(0, ("tdbsam2_get_object_from_sid: Out of memory!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- ret = get_object_by_sid(mem_ctx, &obj, sid);
- if (NT_STATUS_IS_ERR(ret) || (obj_type && obj.type != obj_type)) {
- DEBUG(0, ("tdbsam2_get_object_from_sid: error fetching object or wrong object type!\n"));
- goto done;
- }
-
- ret = data_to_gums_object(object, &obj);
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG(0, ("tdbsam2_get_object_from_sid: error setting object data!\n"));
- goto done;
- }
-
-done:
- talloc_destroy(mem_ctx);
- return ret;
-}
-
-static NTSTATUS tdbsam2_get_object_from_name(GUMS_OBJECT **object, const char *name, const int obj_type)
-{
- NTSTATUS ret;
- struct tdbsam2_object obj;
- TALLOC_CTX *mem_ctx;
-
- if (!object || !name) {
- DEBUG(0, ("tdbsam2_get_object_from_sid: no NULL pointers are accepted here!\n"));
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- mem_ctx = talloc_init("tdbsam2_get_object_from_sid");
- if (!mem_ctx) {
- DEBUG(0, ("tdbsam2_get_object_from_sid: Out of memory!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- ret = get_object_by_name(mem_ctx, &obj, name);
- if (NT_STATUS_IS_ERR(ret) || (obj_type && obj.type != obj_type)) {
- DEBUG(0, ("tdbsam2_get_object_from_sid: error fetching object or wrong object type!\n"));
- goto done;
- }
-
- ret = data_to_gums_object(object, &obj);
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG(0, ("tdbsam2_get_object_from_sid: error setting object data!\n"));
- goto done;
- }
-
-done:
- talloc_destroy(mem_ctx);
- return ret;
-}
-
- /* This function is used to get the list of all objects changed since base_time, it is
- used to support PDC<->BDC synchronization */
- NTSTATUS (*get_updated_objects) (GUMS_OBJECT **objects, const NTTIME base_time);
-
-static NTSTATUS tdbsam2_enumerate_objects_start(void *handle, const DOM_SID *sid, const int obj_type)
-{
- struct tdbsam2_enum_objs *teo, *t;
- pstring tdbfile;
-
- teo = (struct tdbsam2_enum_objs *)calloc(1, sizeof(struct tdbsam2_enum_objs));
- if (!teo) {
- DEBUG(0, ("tdbsam2_enumerate_objects_start: Out of Memory!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- teo->type = obj_type;
- if (sid) {
- sid_to_string(teo->dom_sid, sid);
- }
-
- get_private_directory(tdbfile);
- pstrcat(tdbfile, "/");
- pstrcat(tdbfile, TDB_FILE_NAME);
-
- teo->db = tdb_open_log(tdbfile, 0, TDB_DEFAULT, O_RDONLY, 0600);
- if (!teo->db)
- {
- DEBUG(0, ("tdbsam2_enumerate_objects_start: Unable to open database (%s)!\n", tdbfile));
- SAFE_FREE(teo);
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (!teo_handlers) {
- *teo_handlers = teo;
- } else {
- t = *teo_handlers;
- while (t->next) {
- t = t->next;
- }
- t->next = teo;
- }
-
- handle = teo;
-
- teo->key = tdb_firstkey(teo->db);
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS tdbsam2_enumerate_objects_get_next(GUMS_OBJECT **object, void *handle)
-{
- NTSTATUS ret;
- TALLOC_CTX *mem_ctx;
- TDB_DATA data;
- struct tdbsam2_enum_objs *teo;
- struct tdbsam2_object obj;
- const char *prefix = SIDPREFIX;
- const int preflen = strlen(prefix);
-
- if (!object || !handle) {
- DEBUG(0, ("tdbsam2_get_object_from_sid: no NULL pointers are accepted here!\n"));
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- teo = (struct tdbsam2_enum_objs *)handle;
-
- mem_ctx = talloc_init("tdbsam2_enumerate_objects_get_next");
- if (!mem_ctx) {
- DEBUG(0, ("tdbsam2_enumerate_objects_get_next: Out of memory!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- while ((teo->key.dsize != 0)) {
- int len, version, type, size;
- char *ptr;
-
- if (strncmp(teo->key.dptr, prefix, preflen)) {
- teo->key = tdb_nextkey(teo->db, teo->key);
- continue;
- }
-
- if (teo->dom_sid) {
- if (strncmp(&(teo->key.dptr[preflen]), teo->dom_sid, strlen(teo->dom_sid))) {
- teo->key = tdb_nextkey(teo->db, teo->key);
- continue;
- }
- }
-
- data = tdb_fetch(teo->db, teo->key);
- if (!data.dptr) {
- DEBUG(5, ("tdbsam2_enumerate_objects_get_next: Error fetching database, SID entry not found!\n"));
- DEBUGADD(5, (" Error: %s\n", tdb_errorstr(teo->db)));
- DEBUGADD(5, (" Key: %s\n", teo->key.dptr));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- len = tdb_unpack (data.dptr, data.dsize, TDB_FORMAT_STRING,
- &version,
- &type,
- &size, &ptr);
-
- if (len == -1) {
- DEBUG(5, ("tdbsam2_enumerate_objects_get_next: Error unable to unpack data!\n"));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
- SAFE_FREE(ptr);
-
- if (teo->type && type != teo->type) {
- SAFE_FREE(data.dptr);
- data.dsize = 0;
- teo->key = tdb_nextkey(teo->db, teo->key);
- continue;
- }
-
- break;
- }
-
- if (data.dsize != 0) {
- if (NT_STATUS_IS_ERR(init_tdbsam2_object_from_buffer(&obj, mem_ctx, data.dptr, data.dsize))) {
- SAFE_FREE(data.dptr);
- DEBUG(0, ("tdbsam2_enumerate_objects_get_next: Error fetching database, malformed entry!\n"));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
- SAFE_FREE(data.dptr);
- }
-
- ret = data_to_gums_object(object, &obj);
-
-done:
- talloc_destroy(mem_ctx);
- return ret;
-}
-
-static NTSTATUS tdbsam2_enumerate_objects_stop(void *handle)
-{
- struct tdbsam2_enum_objs *teo, *t, *p;
-
- teo = (struct tdbsam2_enum_objs *)handle;
-
- if (*teo_handlers == teo) {
- *teo_handlers = teo->next;
- } else {
- t = *teo_handlers;
- while (t != teo) {
- p = t;
- t = t->next;
- if (t == NULL) {
- DEBUG(0, ("tdbsam2_enumerate_objects_stop: Error, handle not found!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
- }
- p = t->next;
- }
-
- tdb_close(teo->db);
- SAFE_FREE(teo);
-
- return NT_STATUS_OK;
-}
-
- /* This function MUST be used ONLY by PDC<->BDC replication code or recovery tools.
- Never use this function to update an object in the database, use set_object_values() */
- NTSTATUS (*set_object) (const GUMS_OBJECT *object);
-
- /* set object values function */
- NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET *data_set);
-
- /* Group related functions */
- NTSTATUS (*add_memberss_to_group) (const DOM_SID *group, const DOM_SID **members);
- NTSTATUS (*delete_members_from_group) (const DOM_SID *group, const DOM_SID **members);
- NTSTATUS (*enumerate_group_members) (DOM_SID **members, const DOM_SID *sid, const int type);
-
- NTSTATUS (*get_sid_groups) (DOM_SID **groups, const DOM_SID *sid);
-
- NTSTATUS (*lock_sid) (const DOM_SID *sid);
- NTSTATUS (*unlock_sid) (const DOM_SID *sid);
-
- /* privileges related functions */
-
- NTSTATUS (*add_members_to_privilege) (const LUID_ATTR *priv, const DOM_SID **members);
- NTSTATUS (*delete_members_from_privilege) (const LUID_ATTR *priv, const DOM_SID **members);
- NTSTATUS (*enumerate_privilege_members) (DOM_SID **members, const LUID_ATTR *priv);
- NTSTATUS (*get_sid_privileges) (DOM_SID **privs, const DOM_SID *sid);
- /* warning!: set_privilege will overwrite a prior existing privilege if such exist */
- NTSTATUS (*set_privilege) (GUMS_PRIVILEGE *priv);
-
-
-int gumm_init(GUMS_FUNCTIONS **storage)
-{
- tdbsam2_db = NULL;
- teo_handlers = 0;
-
- return 0;
-}
-
-#if 0
-int main(int argc, char *argv[])
-{
- NTSTATUS ret;
- DOM_SID dsid;
-
- if (argc < 2) {
- printf ("not enough arguments!\n");
- exit(0);
- }
-
- if (!lp_load(dyn_CONFIGFILE,True,False,False)) {
- fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE);
- exit(1);
- }
-
- ret = tdbsam2_new_object(&dsid, "_domain_", GUMS_OBJ_DOMAIN);
- if (NT_STATUS_IS_OK(ret)) {
- printf ("_domain_ created, sid=%s\n", sid_string_static(&dsid));
- } else {
- printf ("_domain_ creation error n. 0x%08x\n", ret.v);
- }
- ret = tdbsam2_new_object(&dsid, argv[1], GUMS_OBJ_NORMAL_USER);
- if (NT_STATUS_IS_OK(ret)) {
- printf ("%s user created, sid=%s\n", argv[1], sid_string_static(&dsid));
- } else {
- printf ("%s user creation error n. 0x%08x\n", argv[1], ret.v);
- }
-
- exit(0);
-}
-#endif
diff --git a/source3/sam/gums.c b/source3/sam/gums.c
deleted file mode 100644
index a118740637..0000000000
--- a/source3/sam/gums.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Grops and Users Management System initializations.
- Copyright (C) Simo Sorce 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-/*#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_GUMS*/
-
-#define GMV_MAJOR 0
-#define GMV_MINOR 1
-
-#define PRIV_NONE 0
-#define PRIV_CREATE_TOKEN 1
-#define PRIV_ASSIGNPRIMARYTOKEN 2
-#define PRIV_LOCK_MEMORY 3
-#define PRIV_INCREASE_QUOTA 4
-#define PRIV_MACHINE_ACCOUNT 5
-#define PRIV_TCB 6
-#define PRIV_SECURITY 7
-#define PRIV_TAKE_OWNERSHIP 8
-#define PRIV_LOAD_DRIVER 9
-#define PRIV_SYSTEM_PROFILE 10
-#define PRIV_SYSTEMTIME 11
-#define PRIV_PROF_SINGLE_PROCESS 12
-#define PRIV_INC_BASE_PRIORITY 13
-#define PRIV_CREATE_PAGEFILE 14
-#define PRIV_CREATE_PERMANENT 15
-#define PRIV_BACKUP 16
-#define PRIV_RESTORE 17
-#define PRIV_SHUTDOWN 18
-#define PRIV_DEBUG 19
-#define PRIV_AUDIT 20
-#define PRIV_SYSTEM_ENVIRONMENT 21
-#define PRIV_CHANGE_NOTIFY 22
-#define PRIV_REMOTE_SHUTDOWN 23
-#define PRIV_UNDOCK 24
-#define PRIV_SYNC_AGENT 25
-#define PRIV_ENABLE_DELEGATION 26
-#define PRIV_ALL 255
-
-
-GUMS_FUNCTIONS *gums_storage;
-static void *dl_handle;
-
-static PRIVS gums_privs[] = {
- {PRIV_NONE, "no_privs", "No privilege"}, /* this one MUST be first */
- {PRIV_CREATE_TOKEN, "SeCreateToken", "Create Token"},
- {PRIV_ASSIGNPRIMARYTOKEN, "SeAssignPrimaryToken", "Assign Primary Token"},
- {PRIV_LOCK_MEMORY, "SeLockMemory", "Lock Memory"},
- {PRIV_INCREASE_QUOTA, "SeIncreaseQuotaPrivilege", "Increase Quota Privilege"},
- {PRIV_MACHINE_ACCOUNT, "SeMachineAccount", "Machine Account"},
- {PRIV_TCB, "SeTCB", "TCB"},
- {PRIV_SECURITY, "SeSecurityPrivilege", "Security Privilege"},
- {PRIV_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take Ownership Privilege"},
- {PRIV_LOAD_DRIVER, "SeLocalDriverPrivilege", "Local Driver Privilege"},
- {PRIV_SYSTEM_PROFILE, "SeSystemProfilePrivilege", "System Profile Privilege"},
- {PRIV_SYSTEMTIME, "SeSystemtimePrivilege", "System Time"},
- {PRIV_PROF_SINGLE_PROCESS, "SeProfileSingleProcessPrivilege", "Profile Single Process Privilege"},
- {PRIV_INC_BASE_PRIORITY, "SeIncreaseBasePriorityPrivilege", "Increase Base Priority Privilege"},
- {PRIV_CREATE_PAGEFILE, "SeCreatePagefilePrivilege", "Create Pagefile Privilege"},
- {PRIV_CREATE_PERMANENT, "SeCreatePermanent", "Create Permanent"},
- {PRIV_BACKUP, "SeBackupPrivilege", "Backup Privilege"},
- {PRIV_RESTORE, "SeRestorePrivilege", "Restore Privilege"},
- {PRIV_SHUTDOWN, "SeShutdownPrivilege", "Shutdown Privilege"},
- {PRIV_DEBUG, "SeDebugPrivilege", "Debug Privilege"},
- {PRIV_AUDIT, "SeAudit", "Audit"},
- {PRIV_SYSTEM_ENVIRONMENT, "SeSystemEnvironmentPrivilege", "System Environment Privilege"},
- {PRIV_CHANGE_NOTIFY, "SeChangeNotify", "Change Notify"},
- {PRIV_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Remote Shutdown Privilege"},
- {PRIV_UNDOCK, "SeUndock", "Undock"},
- {PRIV_SYNC_AGENT, "SeSynchronizationAgent", "Synchronization Agent"},
- {PRIV_ENABLE_DELEGATION, "SeEnableDelegation", "Enable Delegation"},
- {PRIV_ALL, "SaAllPrivs", "All Privileges"}
-};
-
-NTSTATUS gums_init(const char *module_name)
-{
- int (*module_version)(int);
- NTSTATUS (*module_init)();
-/* gums_module_init module_init;*/
- NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(5, ("Opening gums module %s\n", module_name));
- dl_handle = sys_dlopen(module_name, RTLD_NOW);
- if (!dl_handle) {
- DEBUG(0, ("ERROR: Failed to load gums module %s, error: %s\n", module_name, sys_dlerror()));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- module_version = sys_dlsym(dl_handle, "gumm_version");
- if (!module_version) {
- DEBUG(0, ("ERROR: Failed to find gums module version!\n"));
- goto error;
- }
-
- if (module_version(GMV_MAJOR) != GUMS_VERSION_MAJOR) {
- DEBUG(0, ("ERROR: Module's major version does not match gums version!\n"));
- goto error;
- }
-
- if (module_version(GMV_MINOR) != GUMS_VERSION_MINOR) {
- DEBUG(1, ("WARNING: Module's minor version does not match gums version!\n"));
- }
-
- module_init = sys_dlsym(dl_handle, "gumm_init");
- if (!module_init) {
- DEBUG(0, ("ERROR: Failed to find gums module's init function!\n"));
- goto error;
- }
-
- DEBUG(5, ("Initializing module %s\n", module_name));
-
- ret = module_init(&gums_storage);
- goto done;
-
-error:
- ret = NT_STATUS_UNSUCCESSFUL;
- sys_dlclose(dl_handle);
-
-done:
- return ret;
-}
-
-NTSTATUS gums_unload(void)
-{
- NTSTATUS ret;
- NTSTATUS (*module_finalize)();
-
- if (!dl_handle)
- return NT_STATUS_UNSUCCESSFUL;
-
- module_finalize = sys_dlsym(dl_handle, "gumm_finalize");
- if (!module_finalize) {
- DEBUG(0, ("ERROR: Failed to find gums module's init function!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- DEBUG(5, ("Finalizing module"));
-
- ret = module_finalize();
- sys_dlclose(dl_handle);
-
- return ret;
-}
diff --git a/source3/sam/gums_api.c b/source3/sam/gums_api.c
deleted file mode 100644
index 2e5dcd143a..0000000000
--- a/source3/sam/gums_api.c
+++ /dev/null
@@ -1,1470 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- GUMS structures
- Copyright (C) Simo Sorce 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-
-/*******************************************************************
- Create a SEC_ACL structure.
-********************************************************************/
-
-static SEC_ACL *make_sec_acl(TALLOC_CTX *ctx, uint16 revision, int num_aces, SEC_ACE *ace_list)
-{
- SEC_ACL *dst;
- int i;
-
- if((dst = (SEC_ACL *)talloc_zero(ctx,sizeof(SEC_ACL))) == NULL)
- return NULL;
-
- dst->revision = revision;
- dst->num_aces = num_aces;
- dst->size = SEC_ACL_HEADER_SIZE;
-
- /* Now we need to return a non-NULL address for the ace list even
- if the number of aces required is zero. This is because there
- is a distinct difference between a NULL ace and an ace with zero
- entries in it. This is achieved by checking that num_aces is a
- positive number. */
-
- if ((num_aces) &&
- ((dst->ace = (SEC_ACE *)talloc(ctx, sizeof(SEC_ACE) * num_aces))
- == NULL)) {
- return NULL;
- }
-
- for (i = 0; i < num_aces; i++) {
- dst->ace[i] = ace_list[i]; /* Structure copy. */
- dst->size += ace_list[i].size;
- }
-
- return dst;
-}
-
-
-
-/*******************************************************************
- Duplicate a SEC_ACL structure.
-********************************************************************/
-
-static SEC_ACL *dup_sec_acl(TALLOC_CTX *ctx, SEC_ACL *src)
-{
- if(src == NULL)
- return NULL;
-
- return make_sec_acl(ctx, src->revision, src->num_aces, src->ace);
-}
-
-
-
-/*******************************************************************
- Creates a SEC_DESC structure
-********************************************************************/
-
-static SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision,
- DOM_SID *owner_sid, DOM_SID *grp_sid,
- SEC_ACL *sacl, SEC_ACL *dacl, size_t *sd_size)
-{
- SEC_DESC *dst;
- uint32 offset = 0;
- uint32 offset_sid = SEC_DESC_HEADER_SIZE;
- uint32 offset_acl = 0;
-
- *sd_size = 0;
-
- if(( dst = (SEC_DESC *)talloc_zero(ctx, sizeof(SEC_DESC))) == NULL)
- return NULL;
-
- dst->revision = revision;
- dst->type = SEC_DESC_SELF_RELATIVE;
-
- if (sacl) dst->type |= SEC_DESC_SACL_PRESENT;
- if (dacl) dst->type |= SEC_DESC_DACL_PRESENT;
-
- dst->off_owner_sid = 0;
- dst->off_grp_sid = 0;
- dst->off_sacl = 0;
- dst->off_dacl = 0;
-
- if(owner_sid && ((dst->owner_sid = sid_dup_talloc(ctx,owner_sid)) == NULL))
- goto error_exit;
-
- if(grp_sid && ((dst->grp_sid = sid_dup_talloc(ctx,grp_sid)) == NULL))
- goto error_exit;
-
- if(sacl && ((dst->sacl = dup_sec_acl(ctx, sacl)) == NULL))
- goto error_exit;
-
- if(dacl && ((dst->dacl = dup_sec_acl(ctx, dacl)) == NULL))
- goto error_exit;
-
- offset = 0;
-
- /*
- * Work out the linearization sizes.
- */
- if (dst->owner_sid != NULL) {
-
- if (offset == 0)
- offset = SEC_DESC_HEADER_SIZE;
-
- offset += sid_size(dst->owner_sid);
- }
-
- if (dst->grp_sid != NULL) {
-
- if (offset == 0)
- offset = SEC_DESC_HEADER_SIZE;
-
- offset += sid_size(dst->grp_sid);
- }
-
- if (dst->sacl != NULL) {
-
- offset_acl = SEC_DESC_HEADER_SIZE;
-
- dst->off_sacl = offset_acl;
- offset_acl += dst->sacl->size;
- offset += dst->sacl->size;
- offset_sid += dst->sacl->size;
- }
-
- if (dst->dacl != NULL) {
-
- if (offset_acl == 0)
- offset_acl = SEC_DESC_HEADER_SIZE;
-
- dst->off_dacl = offset_acl;
- offset_acl += dst->dacl->size;
- offset += dst->dacl->size;
- offset_sid += dst->dacl->size;
- }
-
- *sd_size = (size_t)((offset == 0) ? SEC_DESC_HEADER_SIZE : offset);
-
- if (dst->owner_sid != NULL)
- dst->off_owner_sid = offset_sid;
-
- /* sid_size() returns 0 if the sid is NULL so this is ok */
-
- if (dst->grp_sid != NULL)
- dst->off_grp_sid = offset_sid + sid_size(dst->owner_sid);
-
- return dst;
-
-error_exit:
-
- *sd_size = 0;
- return NULL;
-}
-
-/*******************************************************************
- Duplicate a SEC_DESC structure.
-********************************************************************/
-
-static SEC_DESC *dup_sec_desc( TALLOC_CTX *ctx, SEC_DESC *src)
-{
- size_t dummy;
-
- if(src == NULL)
- return NULL;
-
- return make_sec_desc( ctx, src->revision,
- src->owner_sid, src->grp_sid, src->sacl,
- src->dacl, &dummy);
-}
-
-
-
-
-
-
-
-extern GUMS_FUNCTIONS *gums_storage;
-
-/* Functions to get/set info from a GUMS object */
-
-NTSTATUS gums_get_object_type(uint32 *type, const GUMS_OBJECT *obj)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- *type = obj->type;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_create_object(GUMS_OBJECT **obj, uint32 type)
-{
- TALLOC_CTX *mem_ctx = talloc_init("gums_create_object");
- GUMS_OBJECT *go;
- NTSTATUS ret;
-
- go = talloc_zero(mem_ctx, sizeof(GUMS_OBJECT));
- go->mem_ctx = mem_ctx;
- go->type = type;
- go->version = GUMS_OBJECT_VERSION;
-
- switch(type) {
- case GUMS_OBJ_DOMAIN:
- break;
-
-/*
- case GUMS_OBJ_WORKSTATION_TRUST:
- case GUMS_OBJ_SERVER_TRUST:
- case GUMS_OBJ_DOMAIN_TRUST:
-*/
- case GUMS_OBJ_NORMAL_USER:
- go->data.user = (GUMS_USER *)talloc_zero(mem_ctx, sizeof(GUMS_USER));
- break;
-
- case GUMS_OBJ_GROUP:
- case GUMS_OBJ_ALIAS:
- go->data.group = (GUMS_GROUP *)talloc_zero(mem_ctx, sizeof(GUMS_GROUP));
- break;
-
- default:
- /* TODO: throw error */
- ret = NT_STATUS_OBJECT_TYPE_MISMATCH;
- goto error;
- }
-
- if (!(go->data.user)) {
- ret = NT_STATUS_NO_MEMORY;
- DEBUG(0, ("gums_create_object: Out of memory!\n"));
- goto error;
- }
-
- *obj = go;
- return NT_STATUS_OK;
-
-error:
- talloc_destroy(go->mem_ctx);
- *obj = NULL;
- return ret;
-}
-
-NTSTATUS gums_get_object_seq_num(uint32 *version, const GUMS_OBJECT *obj)
-{
- if (!version || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- *version = obj->version;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_object_seq_num(GUMS_OBJECT *obj, uint32 version)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- obj->version = version;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_sec_desc(SEC_DESC **sec_desc, const GUMS_OBJECT *obj)
-{
- if (!sec_desc || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- *sec_desc = obj->sec_desc;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_sec_desc(GUMS_OBJECT *obj, const SEC_DESC *sec_desc)
-{
- if (!obj || !sec_desc)
- return NT_STATUS_INVALID_PARAMETER;
-
- obj->sec_desc = dup_sec_desc(obj->mem_ctx, sec_desc);
- if (!(obj->sec_desc)) return NT_STATUS_UNSUCCESSFUL;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_object_sid(DOM_SID **sid, const GUMS_OBJECT *obj)
-{
- if (!sid || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- *sid = obj->sid;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_object_sid(GUMS_OBJECT *obj, const DOM_SID *sid)
-{
- if (!obj || !sid)
- return NT_STATUS_INVALID_PARAMETER;
-
- obj->sid = sid_dup_talloc(obj->mem_ctx, sid);
- if (!(obj->sid)) return NT_STATUS_UNSUCCESSFUL;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_object_name(char **name, const GUMS_OBJECT *obj)
-{
- if (!name || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- *name = obj->name;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_object_name(GUMS_OBJECT *obj, const char *name)
-{
- if (!obj || !name)
- return NT_STATUS_INVALID_PARAMETER;
-
- obj->name = (char *)talloc_strdup(obj->mem_ctx, name);
- if (!(obj->name)) return NT_STATUS_UNSUCCESSFUL;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_object_description(char **description, const GUMS_OBJECT *obj)
-{
- if (!description || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- *description = obj->description;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_object_description(GUMS_OBJECT *obj, const char *description)
-{
- if (!obj || !description)
- return NT_STATUS_INVALID_PARAMETER;
-
- obj->description = (char *)talloc_strdup(obj->mem_ctx, description);
- if (!(obj->description)) return NT_STATUS_UNSUCCESSFUL;
- return NT_STATUS_OK;
-}
-
-/* User specific functions */
-
-/*
-NTSTATUS gums_get_object_privileges(PRIVILEGE_SET **priv_set, const GUMS_OBJECT *obj)
-{
- if (!priv_set)
- return NT_STATUS_INVALID_PARAMETER;
-
- *priv_set = obj->priv_set;
- return NT_STATUS_OK;
-}
-*/
-
-NTSTATUS gums_get_domain_next_rid(uint32 *rid, const GUMS_OBJECT *obj)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_DOMAIN)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *rid = obj->data.domain->next_rid;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_domain_next_rid(GUMS_OBJECT *obj, uint32 rid)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_DOMAIN)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.domain->next_rid = rid;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_pri_group(DOM_SID **sid, const GUMS_OBJECT *obj)
-{
- if (!sid || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *sid = obj->data.user->group_sid;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_pri_group(GUMS_OBJECT *obj, const DOM_SID *sid)
-{
- if (!obj || !sid)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->group_sid = sid_dup_talloc(obj->mem_ctx, sid);
- if (!(obj->data.user->group_sid)) return NT_STATUS_NO_MEMORY;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_nt_pwd(DATA_BLOB **nt_pwd, const GUMS_OBJECT *obj)
-{
- if (!nt_pwd || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *nt_pwd = &(obj->data.user->nt_pw);
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_nt_pwd(GUMS_OBJECT *obj, const DATA_BLOB nt_pwd)
-{
- if (!obj || nt_pwd.length != NT_HASH_LEN)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->nt_pw = data_blob_talloc(obj->mem_ctx, nt_pwd.data, nt_pwd.length);
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_lm_pwd(DATA_BLOB **lm_pwd, const GUMS_OBJECT *obj)
-{
- if (!lm_pwd || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *lm_pwd = &(obj->data.user->lm_pw);
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_lm_pwd(GUMS_OBJECT *obj, const DATA_BLOB lm_pwd)
-{
- if (!obj || lm_pwd.length != LM_HASH_LEN)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->lm_pw = data_blob_talloc(obj->mem_ctx, lm_pwd.data, lm_pwd.length);
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_fullname(char **fullname, const GUMS_OBJECT *obj)
-{
- if (!fullname || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *fullname = obj->data.user->full_name;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_fullname(GUMS_OBJECT *obj, const char *fullname)
-{
- if (!obj || !fullname)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->full_name = (char *)talloc_strdup(obj->mem_ctx, fullname);
- if (!(obj->data.user->full_name)) return NT_STATUS_NO_MEMORY;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_homedir(char **homedir, const GUMS_OBJECT *obj)
-{
- if (!homedir || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *homedir = obj->data.user->home_dir;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_homedir(GUMS_OBJECT *obj, const char *homedir)
-{
- if (!obj || !homedir)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->home_dir = (char *)talloc_strdup(obj->mem_ctx, homedir);
- if (!(obj->data.user->home_dir)) return NT_STATUS_NO_MEMORY;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_dir_drive(char **dirdrive, const GUMS_OBJECT *obj)
-{
- if (!dirdrive || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *dirdrive = obj->data.user->dir_drive;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_dir_drive(GUMS_OBJECT *obj, const char *dir_drive)
-{
- if (!obj || !dir_drive)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->dir_drive = (char *)talloc_strdup(obj->mem_ctx, dir_drive);
- if (!(obj->data.user->dir_drive)) return NT_STATUS_NO_MEMORY;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_logon_script(char **logon_script, const GUMS_OBJECT *obj)
-{
- if (!logon_script || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *logon_script = obj->data.user->logon_script;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_logon_script(GUMS_OBJECT *obj, const char *logon_script)
-{
- if (!obj || !logon_script)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->logon_script = (char *)talloc_strdup(obj->mem_ctx, logon_script);
- if (!(obj->data.user->logon_script)) return NT_STATUS_NO_MEMORY;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_profile_path(char **profile_path, const GUMS_OBJECT *obj)
-{
- if (!profile_path || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *profile_path = obj->data.user->profile_path;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_profile_path(GUMS_OBJECT *obj, const char *profile_path)
-{
- if (!obj || !profile_path)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->profile_path = (char *)talloc_strdup(obj->mem_ctx, profile_path);
- if (!(obj->data.user->profile_path)) return NT_STATUS_NO_MEMORY;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_workstations(char **workstations, const GUMS_OBJECT *obj)
-{
- if (!workstations || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *workstations = obj->data.user->workstations;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_workstations(GUMS_OBJECT *obj, const char *workstations)
-{
- if (!obj || !workstations)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->workstations = (char *)talloc_strdup(obj->mem_ctx, workstations);
- if (!(obj->data.user->workstations)) return NT_STATUS_NO_MEMORY;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_unknown_str(char **unknown_str, const GUMS_OBJECT *obj)
-{
- if (!unknown_str || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *unknown_str = obj->data.user->unknown_str;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_unknown_str(GUMS_OBJECT *obj, const char *unknown_str)
-{
- if (!obj || !unknown_str)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->unknown_str = (char *)talloc_strdup(obj->mem_ctx, unknown_str);
- if (!(obj->data.user->unknown_str)) return NT_STATUS_NO_MEMORY;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_munged_dial(char **munged_dial, const GUMS_OBJECT *obj)
-{
- if (!munged_dial || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *munged_dial = obj->data.user->munged_dial;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_munged_dial(GUMS_OBJECT *obj, const char *munged_dial)
-{
- if (!obj || !munged_dial)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->munged_dial = (char *)talloc_strdup(obj->mem_ctx, munged_dial);
- if (!(obj->data.user->munged_dial)) return NT_STATUS_NO_MEMORY;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_logon_time(NTTIME *logon_time, const GUMS_OBJECT *obj)
-{
- if (!logon_time || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *logon_time = obj->data.user->logon_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_logon_time(GUMS_OBJECT *obj, NTTIME logon_time)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->logon_time = logon_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_logoff_time(NTTIME *logoff_time, const GUMS_OBJECT *obj)
-{
- if (!logoff_time || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *logoff_time = obj->data.user->logoff_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_logoff_time(GUMS_OBJECT *obj, NTTIME logoff_time)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->logoff_time = logoff_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_kickoff_time(NTTIME *kickoff_time, const GUMS_OBJECT *obj)
-{
- if (!kickoff_time || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *kickoff_time = obj->data.user->kickoff_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_kickoff_time(GUMS_OBJECT *obj, NTTIME kickoff_time)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->kickoff_time = kickoff_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_pass_last_set_time(NTTIME *pass_last_set_time, const GUMS_OBJECT *obj)
-{
- if (!pass_last_set_time || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *pass_last_set_time = obj->data.user->pass_last_set_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_pass_last_set_time(GUMS_OBJECT *obj, NTTIME pass_last_set_time)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->pass_last_set_time = pass_last_set_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_pass_can_change_time(NTTIME *pass_can_change_time, const GUMS_OBJECT *obj)
-{
- if (!pass_can_change_time || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *pass_can_change_time = obj->data.user->pass_can_change_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_pass_can_change_time(GUMS_OBJECT *obj, NTTIME pass_can_change_time)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->pass_can_change_time = pass_can_change_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_pass_must_change_time(NTTIME *pass_must_change_time, const GUMS_OBJECT *obj)
-{
- if (!pass_must_change_time || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *pass_must_change_time = obj->data.user->pass_must_change_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_pass_must_change_time(GUMS_OBJECT *obj, NTTIME pass_must_change_time)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->pass_must_change_time = pass_must_change_time;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_logon_divs(uint16 *logon_divs, const GUMS_OBJECT *obj)
-{
- if (!logon_divs || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *logon_divs = obj->data.user->logon_divs;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_logon_divs(GUMS_OBJECT *obj, uint16 logon_divs)
-{
- if (!obj || !logon_divs)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->logon_divs = logon_divs;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_hours_len(uint32 *hours_len, const GUMS_OBJECT *obj)
-{
- if (!hours_len || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *hours_len = obj->data.user->hours_len;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_hours_len(GUMS_OBJECT *obj, uint32 hours_len)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->hours_len = hours_len;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_hours(uint8 **hours, const GUMS_OBJECT *obj)
-{
- if (!hours || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *hours = obj->data.user->hours;
- return NT_STATUS_OK;
-}
-
-/* WARNING: always set hours_len before hours */
-NTSTATUS gums_set_user_hours(GUMS_OBJECT *obj, const uint8 *hours)
-{
- if (!obj || !hours)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- if (obj->data.user->hours_len == 0)
- DEBUG(10, ("gums_set_user_hours: Warning, hours_len is zero!\n"));
-
- obj->data.user->hours = (uint8 *)talloc_memdup(obj->mem_ctx, hours, obj->data.user->hours_len);
- if (!(obj->data.user->hours) & (obj->data.user->hours_len != 0)) return NT_STATUS_NO_MEMORY;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_unknown_3(uint32 *unknown_3, const GUMS_OBJECT *obj)
-{
- if (!unknown_3 || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *unknown_3 = obj->data.user->unknown_3;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_unknown_3(GUMS_OBJECT *obj, uint32 unknown_3)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->unknown_3 = unknown_3;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_unknown_5(uint32 *unknown_5, const GUMS_OBJECT *obj)
-{
- if (!unknown_5 || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *unknown_5 = obj->data.user->unknown_5;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_unknown_5(GUMS_OBJECT *obj, uint32 unknown_5)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->unknown_5 = unknown_5;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_get_user_unknown_6(uint32 *unknown_6, const GUMS_OBJECT *obj)
-{
- if (!unknown_6 || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *unknown_6 = obj->data.user->unknown_6;
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_user_unknown_6(GUMS_OBJECT *obj, uint32 unknown_6)
-{
- if (!obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.user->unknown_6 = unknown_6;
- return NT_STATUS_OK;
-}
-
-/* Group specific functions */
-
-NTSTATUS gums_get_group_members(uint32 *count, DOM_SID **members, const GUMS_OBJECT *obj)
-{
- if (!count || !members || !obj)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_GROUP &&
- obj->type != GUMS_OBJ_ALIAS)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- *count = obj->data.group->count;
- *members = *(obj->data.group->members);
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_set_group_members(GUMS_OBJECT *obj, uint32 count, DOM_SID **members)
-{
- uint32 n;
-
- if (!obj || !members || !members)
- return NT_STATUS_INVALID_PARAMETER;
-
- if (obj->type != GUMS_OBJ_GROUP &&
- obj->type != GUMS_OBJ_ALIAS)
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- obj->data.group->count = count;
- n = 0;
- do {
- obj->data.group->members[n] = sid_dup_talloc(obj->mem_ctx, members[n]);
- if (!(obj->data.group->members[n])) return NT_STATUS_NO_MEMORY;
- n++;
- } while (n < count);
- return NT_STATUS_OK;
-}
-
-/* data_store set functions */
-
-NTSTATUS gums_create_commit_set(GUMS_COMMIT_SET **com_set, TALLOC_CTX *ctx, DOM_SID *sid, uint32 type)
-{
- TALLOC_CTX *mem_ctx;
- GUMS_COMMIT_SET *set;
-
- mem_ctx = talloc_init("commit_set");
- if (mem_ctx == NULL)
- return NT_STATUS_NO_MEMORY;
- set = (GUMS_COMMIT_SET *)talloc(mem_ctx, sizeof(GUMS_COMMIT_SET));
- if (set == NULL) {
- talloc_destroy(mem_ctx);
- return NT_STATUS_NO_MEMORY;
- }
-
- set->mem_ctx = mem_ctx;
- set->type = type;
- sid_copy(&(set->sid), sid);
- set->count = 0;
- set->data = NULL;
- *com_set = set;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_cs_set_sec_desc(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, SEC_DESC *sec_desc)
-{
- GUMS_DATA_SET *data_set;
- SEC_DESC *new_sec_desc;
-
- if (!mem_ctx || !com_set || !sec_desc)
- return NT_STATUS_INVALID_PARAMETER;
-
- com_set->count = com_set->count + 1;
- if (com_set->count == 1) { /* first data set */
- data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET));
- } else {
- data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count);
- }
- if (data_set == NULL)
- return NT_STATUS_NO_MEMORY;
-
- com_set->data[0] = data_set;
- data_set = ((com_set->data)[com_set->count - 1]);
-
- data_set->type = GUMS_SET_SEC_DESC;
- new_sec_desc = dup_sec_desc(mem_ctx, sec_desc);
- if (new_sec_desc == NULL)
- return NT_STATUS_NO_MEMORY;
-
- (SEC_DESC *)(data_set->data) = new_sec_desc;
-
- return NT_STATUS_OK;
-}
-
-/*
-NTSTATUS gums_cs_add_privilege(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, LUID_ATTR priv)
-{
- GUMS_DATA_SET *data_set;
- LUID_ATTR *new_priv;
-
- if (!mem_ctx || !com_set)
- return NT_STATUS_INVALID_PARAMETER;
-
- com_set->count = com_set->count + 1;
- if (com_set->count == 1) {
- data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET));
- } else {
- data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count);
- }
- if (data_set == NULL)
- return NT_STATUS_NO_MEMORY;
-
- com_set->data[0] = data_set;
- data_set = ((com_set->data)[com_set->count - 1]);
-
- data_set->type = GUMS_ADD_PRIVILEGE;
- if (NT_STATUS_IS_ERR(dupalloc_luid_attr(mem_ctx, &new_priv, priv)))
- return NT_STATUS_NO_MEMORY;
-
- (SEC_DESC *)(data_set->data) = new_priv;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_cs_del_privilege(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, LUID_ATTR priv)
-{
- GUMS_DATA_SET *data_set;
- LUID_ATTR *new_priv;
-
- if (!mem_ctx || !com_set)
- return NT_STATUS_INVALID_PARAMETER;
-
- com_set->count = com_set->count + 1;
- if (com_set->count == 1) {
- data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET));
- } else {
- data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count);
- }
- if (data_set == NULL)
- return NT_STATUS_NO_MEMORY;
-
- com_set->data[0] = data_set;
- data_set = ((com_set->data)[com_set->count - 1]);
-
- data_set->type = GUMS_DEL_PRIVILEGE;
- if (NT_STATUS_IS_ERR(dupalloc_luid_attr(mem_ctx, &new_priv, priv)))
- return NT_STATUS_NO_MEMORY;
-
- (SEC_DESC *)(data_set->data) = new_priv;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_cs_set_privilege_set(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, PRIVILEGE_SET *priv_set)
-{
- GUMS_DATA_SET *data_set;
- PRIVILEGE_SET *new_priv_set;
-
- if (!mem_ctx || !com_set || !priv_set)
- return NT_STATUS_INVALID_PARAMETER;
-
- com_set->count = com_set->count + 1;
- if (com_set->count == 1) {
- data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET));
- } else {
- data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count);
- }
- if (data_set == NULL)
- return NT_STATUS_NO_MEMORY;
-
- com_set->data[0] = data_set;
- data_set = ((com_set->data)[com_set->count - 1]);
-
- data_set->type = GUMS_SET_PRIVILEGE;
- if (NT_STATUS_IS_ERR(dup_priv_set(&new_priv_set, mem_ctx, priv_set)))
- return NT_STATUS_NO_MEMORY;
-
- (SEC_DESC *)(data_set->data) = new_priv_set;
-
- return NT_STATUS_OK;
-}
-*/
-
-NTSTATUS gums_cs_set_string(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, uint32 type, char *str)
-{
- GUMS_DATA_SET *data_set;
- char *new_str;
-
- if (!mem_ctx || !com_set || !str || type < GUMS_SET_NAME || type > GUMS_SET_MUNGED_DIAL)
- return NT_STATUS_INVALID_PARAMETER;
-
- com_set->count = com_set->count + 1;
- if (com_set->count == 1) { /* first data set */
- data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET));
- } else {
- data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count);
- }
- if (data_set == NULL)
- return NT_STATUS_NO_MEMORY;
-
- com_set->data[0] = data_set;
- data_set = ((com_set->data)[com_set->count - 1]);
-
- data_set->type = type;
- new_str = talloc_strdup(mem_ctx, str);
- if (new_str == NULL)
- return NT_STATUS_NO_MEMORY;
-
- (char *)(data_set->data) = new_str;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_cs_set_name(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *name)
-{
- return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, name);
-}
-
-NTSTATUS gums_cs_set_description(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *desc)
-{
- return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_DESCRIPTION, desc);
-}
-
-NTSTATUS gums_cs_set_full_name(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *full_name)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, full_name);
-}
-
-NTSTATUS gums_cs_set_home_directory(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *home_dir)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, home_dir);
-}
-
-NTSTATUS gums_cs_set_drive(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *drive)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, drive);
-}
-
-NTSTATUS gums_cs_set_logon_script(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *logon_script)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, logon_script);
-}
-
-NTSTATUS gums_cs_set_profile_path(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *prof_path)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, prof_path);
-}
-
-NTSTATUS gums_cs_set_workstations(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *wks)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, wks);
-}
-
-NTSTATUS gums_cs_set_unknown_string(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *unkn_str)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, unkn_str);
-}
-
-NTSTATUS gums_cs_set_munged_dial(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *munged_dial)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, munged_dial);
-}
-
-NTSTATUS gums_cs_set_nttime(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, uint32 type, NTTIME *nttime)
-{
- GUMS_DATA_SET *data_set;
- NTTIME *new_time;
-
- if (!mem_ctx || !com_set || !nttime || type < GUMS_SET_LOGON_TIME || type > GUMS_SET_PASS_MUST_CHANGE_TIME)
- return NT_STATUS_INVALID_PARAMETER;
-
- com_set->count = com_set->count + 1;
- if (com_set->count == 1) { /* first data set */
- data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET));
- } else {
- data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count);
- }
- if (data_set == NULL)
- return NT_STATUS_NO_MEMORY;
-
- com_set->data[0] = data_set;
- data_set = ((com_set->data)[com_set->count - 1]);
-
- data_set->type = type;
- new_time = talloc(mem_ctx, sizeof(NTTIME));
- if (new_time == NULL)
- return NT_STATUS_NO_MEMORY;
-
- new_time->low = nttime->low;
- new_time->high = nttime->high;
- (char *)(data_set->data) = new_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_cs_set_logon_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *logon_time)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, logon_time);
-}
-
-NTSTATUS gums_cs_set_logoff_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *logoff_time)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_LOGOFF_TIME, logoff_time);
-}
-
-NTSTATUS gums_cs_set_kickoff_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *kickoff_time)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_KICKOFF_TIME, kickoff_time);
-}
-
-NTSTATUS gums_cs_set_pass_last_set_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *pls_time)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, pls_time);
-}
-
-NTSTATUS gums_cs_set_pass_can_change_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *pcc_time)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, pcc_time);
-}
-
-NTSTATUS gums_cs_set_pass_must_change_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *pmc_time)
-{
- if (com_set->type != GUMS_OBJ_NORMAL_USER)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, pmc_time);
-}
-
-NTSTATUS gums_cs_add_sids_to_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count)
-{
- GUMS_DATA_SET *data_set;
- DOM_SID **new_sids;
- int i;
-
- if (!mem_ctx || !com_set || !sids)
- return NT_STATUS_INVALID_PARAMETER;
-
- com_set->count = com_set->count + 1;
- if (com_set->count == 1) { /* first data set */
- data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET));
- } else {
- data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count);
- }
- if (data_set == NULL)
- return NT_STATUS_NO_MEMORY;
-
- com_set->data[0] = data_set;
- data_set = ((com_set->data)[com_set->count - 1]);
-
- data_set->type = GUMS_ADD_SID_LIST;
- new_sids = (DOM_SID **)talloc(mem_ctx, (sizeof(void *) * count));
- if (new_sids == NULL)
- return NT_STATUS_NO_MEMORY;
- for (i = 0; i < count; i++) {
- new_sids[i] = sid_dup_talloc(mem_ctx, sids[i]);
- if (new_sids[i] == NULL)
- return NT_STATUS_NO_MEMORY;
- }
-
- (SEC_DESC *)(data_set->data) = new_sids;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_cs_add_users_to_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count)
-{
- if (!mem_ctx || !com_set || !sids)
- return NT_STATUS_INVALID_PARAMETER;
- if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_add_sids_to_group(mem_ctx, com_set, sids, count);
-}
-
-NTSTATUS gums_cs_add_groups_to_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count)
-{
- if (!mem_ctx || !com_set || !sids)
- return NT_STATUS_INVALID_PARAMETER;
- if (com_set->type != GUMS_OBJ_ALIAS)
- return NT_STATUS_INVALID_PARAMETER;
-
- return gums_cs_add_sids_to_group(mem_ctx, com_set, sids, count);
-}
-
-NTSTATUS gums_cs_del_sids_from_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count)
-{
- GUMS_DATA_SET *data_set;
- DOM_SID **new_sids;
- int i;
-
- if (!mem_ctx || !com_set || !sids)
- return NT_STATUS_INVALID_PARAMETER;
- if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS)
- return NT_STATUS_INVALID_PARAMETER;
-
- com_set->count = com_set->count + 1;
- if (com_set->count == 1) { /* first data set */
- data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET));
- } else {
- data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count);
- }
- if (data_set == NULL)
- return NT_STATUS_NO_MEMORY;
-
- com_set->data[0] = data_set;
- data_set = ((com_set->data)[com_set->count - 1]);
-
- data_set->type = GUMS_DEL_SID_LIST;
- new_sids = (DOM_SID **)talloc(mem_ctx, (sizeof(void *) * count));
- if (new_sids == NULL)
- return NT_STATUS_NO_MEMORY;
- for (i = 0; i < count; i++) {
- new_sids[i] = sid_dup_talloc(mem_ctx, sids[i]);
- if (new_sids[i] == NULL)
- return NT_STATUS_NO_MEMORY;
- }
-
- (SEC_DESC *)(data_set->data) = new_sids;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS gums_ds_set_sids_in_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count)
-{
- GUMS_DATA_SET *data_set;
- DOM_SID **new_sids;
- int i;
-
- if (!mem_ctx || !com_set || !sids)
- return NT_STATUS_INVALID_PARAMETER;
- if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS)
- return NT_STATUS_INVALID_PARAMETER;
-
- com_set->count = com_set->count + 1;
- if (com_set->count == 1) { /* first data set */
- data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET));
- } else {
- data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count);
- }
- if (data_set == NULL)
- return NT_STATUS_NO_MEMORY;
-
- com_set->data[0] = data_set;
- data_set = ((com_set->data)[com_set->count - 1]);
-
- data_set->type = GUMS_SET_SID_LIST;
- new_sids = (DOM_SID **)talloc(mem_ctx, (sizeof(void *) * count));
- if (new_sids == NULL)
- return NT_STATUS_NO_MEMORY;
- for (i = 0; i < count; i++) {
- new_sids[i] = sid_dup_talloc(mem_ctx, sids[i]);
- if (new_sids[i] == NULL)
- return NT_STATUS_NO_MEMORY;
- }
-
- (SEC_DESC *)(data_set->data) = new_sids;
-
- return NT_STATUS_OK;
-}
-
-
-NTSTATUS gums_commit_data(GUMS_COMMIT_SET *set)
-{
- return gums_storage->set_object_values(&(set->sid), set->count, set->data);
-}
-
-NTSTATUS gums_destroy_commit_set(GUMS_COMMIT_SET **com_set)
-{
- talloc_destroy((*com_set)->mem_ctx);
- *com_set = NULL;
-
- return NT_STATUS_OK;
-}
-
diff --git a/source3/sam/gums_helper.c b/source3/sam/gums_helper.c
deleted file mode 100644
index c22e6cf7ff..0000000000
--- a/source3/sam/gums_helper.c
+++ /dev/null
@@ -1,610 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- GUMS backends helper functions
- Copyright (C) Simo Sorce 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-extern GUMS_FUNCTIONS *gums_storage;
-
-extern DOM_SID global_sid_World;
-extern DOM_SID global_sid_Builtin_Administrators;
-extern DOM_SID global_sid_Builtin_Power_Users;
-extern DOM_SID global_sid_Builtin_Account_Operators;
-extern DOM_SID global_sid_Builtin_Server_Operators;
-extern DOM_SID global_sid_Builtin_Print_Operators;
-extern DOM_SID global_sid_Builtin_Backup_Operators;
-extern DOM_SID global_sid_Builtin_Replicator;
-extern DOM_SID global_sid_Builtin_Users;
-extern DOM_SID global_sid_Builtin_Guests;
-
-
-/* defines */
-
-#define ALLOC_CHECK(str, ptr, err, label) do { if ((ptr) == NULL) { DEBUG(0, ("%s: out of memory!\n", str)); err = NT_STATUS_NO_MEMORY; goto label; } } while(0)
-#define NTSTATUS_CHECK(str1, str2, err, label) do { if (NT_STATUS_IS_ERR(err)) { DEBUG(0, ("%s: %s failed!\n", str1, str2)); } } while(0)
-
-/****************************************************************************
- Check if a user is a mapped group.
-
- This function will check if the group SID is mapped onto a
- system managed gid or onto a winbind manged sid.
- In the first case it will be threated like a mapped group
- and the backend should take the member list with a getgrgid
- and ignore any user that have been possibly set into the group
- object.
-
- In the second case, the group is a fully SAM managed group
- served back to the system through winbind. In this case the
- members of a Local group are "unrolled" to cope with the fact
- that unix cannot contain groups inside groups.
- The backend MUST never call any getgr* / getpw* function or
- loops with winbind may happen.
- ****************************************************************************/
-
-#if 0
-NTSTATUS is_mapped_group(BOOL *mapped, const DOM_SID *sid)
-{
- NTSTATUS result;
- gid_t id;
-
- /* look if mapping exist, do not make idmap alloc an uid if SID is not found */
- result = idmap_get_gid_from_sid(&id, sid, False);
- if (NT_STATUS_IS_OK(result)) {
- *mapped = gid_is_in_winbind_range(id);
- } else {
- *mapped = False;
- }
-
- return result;
-}
-#endif
-
-/****************************************************************************
- duplicate alloc luid_attr
- ****************************************************************************/
-NTSTATUS dupalloc_luid_attr(TALLOC_CTX *ctx, LUID_ATTR **new_la, LUID_ATTR old_la)
-{
- *new_la = (LUID_ATTR *)talloc(ctx, sizeof(LUID_ATTR));
- if (*new_la == NULL) {
- DEBUG(0,("dupalloc_luid_attr: could not Alloc memory to duplicate LUID_ATTR\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- (*new_la)->luid.high = old_la.luid.high;
- (*new_la)->luid.low = old_la.luid.low;
- (*new_la)->attr = old_la.attr;
-
- return NT_STATUS_OK;
-}
-
-/****************************************************************************
- initialise a privilege list
- ****************************************************************************/
-void gums_init_privilege(PRIVILEGE_SET *priv_set)
-{
- priv_set->count=0;
- priv_set->control=0;
- priv_set->set=NULL;
-}
-
-/****************************************************************************
- add a privilege to a privilege array
- ****************************************************************************/
-NTSTATUS gums_add_privilege(PRIVILEGE_SET *priv_set, TALLOC_CTX *ctx, LUID_ATTR set)
-{
- LUID_ATTR *new_set;
-
- /* check if the privilege is not already in the list */
- if (gums_check_priv_in_privilege(priv_set, set))
- return NT_STATUS_UNSUCCESSFUL;
-
- /* we can allocate memory to add the new privilege */
-
- new_set=(LUID_ATTR *)talloc_realloc(ctx, priv_set->set, (priv_set->count+1)*(sizeof(LUID_ATTR)));
- if (new_set==NULL) {
- DEBUG(0,("add_privilege: could not Realloc memory to add a new privilege\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- new_set[priv_set->count].luid.high=set.luid.high;
- new_set[priv_set->count].luid.low=set.luid.low;
- new_set[priv_set->count].attr=set.attr;
-
- priv_set->count++;
- priv_set->set=new_set;
-
- return NT_STATUS_OK;
-}
-
-/****************************************************************************
- add all the privileges to a privilege array
- ****************************************************************************/
-NTSTATUS gums_add_all_privilege(PRIVILEGE_SET *priv_set, TALLOC_CTX *ctx)
-{
- NTSTATUS result = NT_STATUS_OK;
- LUID_ATTR set;
-
- set.attr=0;
- set.luid.high=0;
-
- set.luid.low=SE_PRIV_ADD_USERS;
- result = gums_add_privilege(priv_set, ctx, set);
- NTSTATUS_CHECK("add_all_privilege", "add_privilege", result, done);
-
- set.luid.low=SE_PRIV_ADD_MACHINES;
- result = gums_add_privilege(priv_set, ctx, set);
- NTSTATUS_CHECK("add_all_privilege", "add_privilege", result, done);
-
- set.luid.low=SE_PRIV_PRINT_OPERATOR;
- result = gums_add_privilege(priv_set, ctx, set);
- NTSTATUS_CHECK("add_all_privilege", "add_privilege", result, done);
-
-done:
- return result;
-}
-
-/****************************************************************************
- check if the privilege list is empty
- ****************************************************************************/
-BOOL gums_check_empty_privilege(PRIVILEGE_SET *priv_set)
-{
- return (priv_set->count == 0);
-}
-
-/****************************************************************************
- check if the privilege is in the privilege list
- ****************************************************************************/
-BOOL gums_check_priv_in_privilege(PRIVILEGE_SET *priv_set, LUID_ATTR set)
-{
- int i;
-
- /* if the list is empty, obviously we can't have it */
- if (gums_check_empty_privilege(priv_set))
- return False;
-
- for (i=0; i<priv_set->count; i++) {
- LUID_ATTR *cur_set;
-
- cur_set=&priv_set->set[i];
- /* check only the low and high part. Checking the attr field has no meaning */
- if( (cur_set->luid.low==set.luid.low) && (cur_set->luid.high==set.luid.high) )
- return True;
- }
-
- return False;
-}
-
-/****************************************************************************
- remove a privilege from a privilege array
- ****************************************************************************/
-NTSTATUS gums_remove_privilege(PRIVILEGE_SET *priv_set, TALLOC_CTX *ctx, LUID_ATTR set)
-{
- LUID_ATTR *new_set;
- LUID_ATTR *old_set;
- int i,j;
-
- /* check if the privilege is in the list */
- if (!gums_check_priv_in_privilege(priv_set, set))
- return NT_STATUS_UNSUCCESSFUL;
-
- /* special case if it's the only privilege in the list */
- if (priv_set->count==1) {
- gums_init_privilege(priv_set);
- return NT_STATUS_OK;
- }
-
- /*
- * the privilege is there, create a new list,
- * and copy the other privileges
- */
-
- old_set = priv_set->set;
-
- new_set=(LUID_ATTR *)talloc(ctx, (priv_set->count - 1) * (sizeof(LUID_ATTR)));
- if (new_set==NULL) {
- DEBUG(0,("remove_privilege: could not malloc memory for new privilege list\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- for (i=0, j=0; i<priv_set->count; i++) {
- if ((old_set[i].luid.low == set.luid.low) &&
- (old_set[i].luid.high == set.luid.high)) {
- continue;
- }
-
- new_set[j].luid.low = old_set[i].luid.low;
- new_set[j].luid.high = old_set[i].luid.high;
- new_set[j].attr = old_set[i].attr;
-
- j++;
- }
-
- if (j != priv_set->count - 1) {
- DEBUG(0,("remove_privilege: mismatch ! difference is not -1\n"));
- DEBUGADD(0,("old count:%d, new count:%d\n", priv_set->count, j));
- return NT_STATUS_INTERNAL_ERROR;
- }
-
- /* ok everything is fine */
-
- priv_set->count--;
- priv_set->set=new_set;
-
- return NT_STATUS_OK;
-}
-
-/****************************************************************************
- duplicates a privilege array
- ****************************************************************************/
-NTSTATUS gums_dup_priv_set(PRIVILEGE_SET **new_priv_set, TALLOC_CTX *mem_ctx, PRIVILEGE_SET *priv_set)
-{
- LUID_ATTR *new_set;
- LUID_ATTR *old_set;
- int i;
-
- *new_priv_set = (PRIVILEGE_SET *)talloc(mem_ctx, sizeof(PRIVILEGE_SET));
- gums_init_privilege(*new_priv_set);
-
- /* special case if there are no privileges in the list */
- if (priv_set->count == 0) {
- return NT_STATUS_OK;
- }
-
- /*
- * create a new list,
- * and copy the other privileges
- */
-
- old_set = priv_set->set;
-
- new_set = (LUID_ATTR *)talloc(mem_ctx, (priv_set->count - 1) * (sizeof(LUID_ATTR)));
- if (new_set==NULL) {
- DEBUG(0,("remove_privilege: could not malloc memory for new privilege list\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- for (i=0; i < priv_set->count; i++) {
-
- new_set[i].luid.low = old_set[i].luid.low;
- new_set[i].luid.high = old_set[i].luid.high;
- new_set[i].attr = old_set[i].attr;
- }
-
- (*new_priv_set)->count = priv_set->count;
- (*new_priv_set)->control = priv_set->control;
- (*new_priv_set)->set = new_set;
-
- return NT_STATUS_OK;
-}
-
-#define ALIAS_DEFAULT_SACL_SA_RIGHTS 0x01050013
-#define ALIAS_DEFAULT_DACL_SA_RIGHTS \
- (READ_CONTROL_ACCESS | \
- SA_RIGHT_ALIAS_LOOKUP_INFO | \
- SA_RIGHT_ALIAS_GET_MEMBERS) /* 0x0002000c */
-
-#define ALIAS_DEFAULT_SACL_SEC_ACE_FLAG (SEC_ACE_FLAG_FAILED_ACCESS | SEC_ACE_FLAG_SUCCESSFUL_ACCESS) /* 0xc0 */
-
-
-#if 0
-NTSTATUS create_builtin_alias_default_sec_desc(SEC_DESC **sec_desc, TALLOC_CTX *ctx)
-{
- DOM_SID *world = &global_sid_World;
- DOM_SID *admins = &global_sid_Builtin_Administrators;
- SEC_ACCESS sa;
- SEC_ACE sacl_ace;
- SEC_ACE dacl_aces[2];
- SEC_ACL *sacl = NULL;
- SEC_ACL *dacl = NULL;
- size_t psize;
-
- init_sec_access(&sa, ALIAS_DEFAULT_SACL_SA_RIGHTS);
- init_sec_ace(&sacl_ace, world, SEC_ACE_TYPE_SYSTEM_AUDIT, sa, ALIAS_DEFAULT_SACL_SEC_ACE_FLAG);
-
- sacl = make_sec_acl(ctx, NT4_ACL_REVISION, 1, &sacl_ace);
- if (!sacl) {
- DEBUG(0, ("build_init_sec_desc: Failed to make SEC_ACL.\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- init_sec_access(&sa, ALIAS_DEFAULT_DACL_SA_RIGHTS);
- init_sec_ace(&(dacl_aces[0]), world, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0);
- init_sec_access(&sa, SA_RIGHT_ALIAS_ALL_ACCESS);
- init_sec_ace(&(dacl_aces[1]), admins, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0);
-
- dacl = make_sec_acl(ctx, NT4_ACL_REVISION, 2, dacl_aces);
- if (!sacl) {
- DEBUG(0, ("build_init_sec_desc: Failed to make SEC_ACL.\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- *sec_desc = make_sec_desc(ctx, SEC_DESC_REVISION, admins, admins, sacl, dacl, &psize);
- if (!(*sec_desc)) {
- DEBUG(0,("get_share_security: Failed to make SEC_DESC.\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sec_desc_add_ace_to_dacl(SEC_DESC *sec_desc, TALLOC_CTX *ctx, DOM_SID *sid, uint32 mask)
-{
- NTSTATUS result;
- SEC_ACE *new_aces;
- unsigned num_aces;
- int i;
-
- num_aces = sec_desc->dacl->num_aces + 1;
- result = sec_ace_add_sid(ctx, &new_aces, sec_desc->dacl->ace, &num_aces, sid, mask);
- if (NT_STATUS_IS_OK(result)) {
- sec_desc->dacl->ace = new_aces;
- sec_desc->dacl->num_aces = num_aces;
- sec_desc->dacl->size = SEC_ACL_HEADER_SIZE;
- for (i = 0; i < num_aces; i++) {
- sec_desc->dacl->size += sec_desc->dacl->ace[i].size;
- }
- }
- return result;
-}
-
-NTSTATUS gums_init_builtin_groups(void)
-{
- NTSTATUS result;
- GUMS_OBJECT g_obj;
- GUMS_GROUP *g_grp;
- GUMS_PRIVILEGE g_priv;
-
- /* Build the well known Builtin Local Groups */
- g_obj.type = GUMS_OBJ_GROUP;
- g_obj.version = 1;
- g_obj.seq_num = 0;
- g_obj.mem_ctx = talloc_init("gums_init_backend_acct");
- if (g_obj.mem_ctx == NULL) {
- DEBUG(0, ("gums_init_backend: Out of Memory!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- /* Administrators * /
-
- /* alloc group structure */
- g_obj.data.group = (GUMS_GROUP *)talloc(g_obj.mem_ctx, sizeof(GUMS_GROUP));
- ALLOC_CHECK("gums_init_backend", g_obj.data.group, result, done);
-
- /* make admins sid */
- g_grp = (GUMS_GROUP *)g_obj.data.group;
- sid_copy(g_obj.sid, &global_sid_Builtin_Administrators);
-
- /* make security descriptor */
- result = create_builtin_alias_default_sec_desc(&(g_obj.sec_desc), g_obj.mem_ctx);
- NTSTATUS_CHECK("gums_init_backend", "create_builtin_alias_default_sec_desc", result, done);
-
- /* make privilege set */
- /* From BDC join trace:
- SeSecurityPrivilege
- SeBackupPrivilege
- SeRestorePrivilege
- SeSystemtimePrivilege
- SeShutdownPrivilege
- SeRemoteShutdownPrivilege
- SeTakeOwnershipPrivilege
- SeDebugPrivilege
- SeSystemEnvironmentPrivilege
- SeSystemProfilePrivilege
- SeProfileSingleProcessPrivilege
- SeIncreaseBasePriorityPrivilege
- SeLocalDriverPrivilege
- SeCreatePagefilePrivilege
- SeIncreaseQuotaPrivilege
- */
-
- /* set name */
- g_obj.name = talloc_strdup(g_obj.mem_ctx, "Administrators");
- ALLOC_CHECK("gums_init_backend", g_obj.name, result, done);
-
- /* set description */
- g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can fully administer the computer/domain");
- ALLOC_CHECK("gums_init_backend", g_obj.description, result, done);
-
- /* numebr of group members */
- g_grp->count = 0;
- g_grp->members = NULL;
-
- /* store Administrators group */
- result = gums_storage->set_object(&g_obj);
-
- /* Power Users */
- /* Domain Controllers Does NOT have power Users */
-
- sid_copy(g_obj.sid, &global_sid_Builtin_Power_Users);
-
- /* make privilege set */
- /* SE_PRIV_??? */
-
- /* set name */
- g_obj.name = talloc_strdup(g_obj.mem_ctx, "Power Users");
- ALLOC_CHECK("gums_init_backend", g_obj.name, result, done);
-
- /* set description */
-/* > */ g_obj.description = talloc_strdup(g_obj.mem_ctx, "Power Users");
- ALLOC_CHECK("gums_init_backend", g_obj.description, result, done);
-
- /* store Power Users group */
- result = gums_storage->set_object(&g_obj);
-
- /* Account Operators */
-
- sid_copy(g_obj.sid, &global_sid_Builtin_Account_Operators);
-
- /* make privilege set */
- /* From BDC join trace:
- SeShutdownPrivilege
- */
-
- /* set name */
- g_obj.name = talloc_strdup(g_obj.mem_ctx, "Account Operators");
- ALLOC_CHECK("gums_init_backend", g_obj.name, result, done);
-
- /* set description */
- g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can administer domain user and group accounts");
- ALLOC_CHECK("gums_init_backend", g_obj.description, result, done);
-
- /* store Account Operators group */
- result = gums_storage->set_object(&g_obj);
-
- /* Server Operators */
-
- sid_copy(g_obj.sid, &global_sid_Builtin_Server_Operators);
-
- /* make privilege set */
- /* From BDC join trace:
- SeBackupPrivilege
- SeRestorePrivilege
- SeSystemtimePrivilege
- SeShutdownPrivilege
- SeRemoteShutdownPrivilege
- */
-
- /* set name */
- g_obj.name = talloc_strdup(g_obj.mem_ctx, "Server Operators");
- ALLOC_CHECK("gums_init_backend", g_obj.name, result, done);
-
- /* set description */
- g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can administer domain servers");
- ALLOC_CHECK("gums_init_backend", g_obj.description, result, done);
-
- /* store Server Operators group */
- result = gums_storage->set_object(&g_obj);
-
- /* Print Operators */
-
- sid_copy(g_obj.sid, &global_sid_Builtin_Print_Operators);
-
- /* make privilege set */
- /* From BDC join trace:
- SeShutdownPrivilege
- */
-
- /* set name */
- g_obj.name = talloc_strdup(g_obj.mem_ctx, "Print Operators");
- ALLOC_CHECK("gums_init_backend", g_obj.name, result, done);
-
- /* set description */
- g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can administer domain printers");
- ALLOC_CHECK("gums_init_backend", g_obj.description, result, done);
-
- /* store Print Operators group */
- result = gums_storage->set_object(&g_obj);
-
- /* Backup Operators */
-
- sid_copy(g_obj.sid, &global_sid_Builtin_Backup_Operators);
-
- /* make privilege set */
- /* From BDC join trace:
- SeBackupPrivilege
- SeRestorePrivilege
- SeShutdownPrivilege
- */
-
- /* set name */
- g_obj.name = talloc_strdup(g_obj.mem_ctx, "Backup Operators");
- ALLOC_CHECK("gums_init_backend", g_obj.name, result, done);
-
- /* set description */
- g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can bypass file security to backup files");
- ALLOC_CHECK("gums_init_backend", g_obj.description, result, done);
-
- /* store Backup Operators group */
- result = gums_storage->set_object(&g_obj);
-
- /* Replicator */
-
- sid_copy(g_obj.sid, &global_sid_Builtin_Replicator);
-
- /* make privilege set */
- /* From BDC join trace:
- SeBackupPrivilege
- SeRestorePrivilege
- SeShutdownPrivilege
- */
-
- /* set name */
- g_obj.name = talloc_strdup(g_obj.mem_ctx, "Replicator");
- ALLOC_CHECK("gums_init_backend", g_obj.name, result, done);
-
- /* set description */
- g_obj.description = talloc_strdup(g_obj.mem_ctx, "Supports file replication in a domain");
- ALLOC_CHECK("gums_init_backend", g_obj.description, result, done);
-
- /* store Replicator group */
- result = gums_storage->set_object(&g_obj);
-
- /* Users */
-
- sid_copy(g_obj.sid, &global_sid_Builtin_Users);
-
- /* add ACE to sec dsec dacl */
- sec_desc_add_ace_to_dacl(g_obj.sec_desc, g_obj.mem_ctx, &global_sid_Builtin_Account_Operators, ALIAS_DEFAULT_DACL_SA_RIGHTS);
- sec_desc_add_ace_to_dacl(g_obj.sec_desc, g_obj.mem_ctx, &global_sid_Builtin_Power_Users, ALIAS_DEFAULT_DACL_SA_RIGHTS);
-
- /* set name */
- g_obj.name = talloc_strdup(g_obj.mem_ctx, "Users");
- ALLOC_CHECK("gums_init_backend", g_obj.name, result, done);
-
- /* set description */
- g_obj.description = talloc_strdup(g_obj.mem_ctx, "Ordinary users");
- ALLOC_CHECK("gums_init_backend", g_obj.description, result, done);
-
- /* store Users group */
- result = gums_storage->set_object(&g_obj);
-
- /* Guests */
-
- sid_copy(g_obj.sid, &global_sid_Builtin_Guests);
-
- /* set name */
- g_obj.name = talloc_strdup(g_obj.mem_ctx, "Guests");
- ALLOC_CHECK("gums_init_backend", g_obj.name, result, done);
-
- /* set description */
- g_obj.description = talloc_strdup(g_obj.mem_ctx, "Users granted guest access to the computer/domain");
- ALLOC_CHECK("gums_init_backend", g_obj.description, result, done);
-
- /* store Guests group */
- result = gums_storage->set_object(&g_obj);
-
- /* set default privileges */
- g_priv.type = GUMS_OBJ_GROUP;
- g_priv.version = 1;
- g_priv.seq_num = 0;
- g_priv.mem_ctx = talloc_init("gums_init_backend_priv");
- if (g_priv.mem_ctx == NULL) {
- DEBUG(0, ("gums_init_backend: Out of Memory!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
-
-
-done:
- talloc_destroy(g_obj.mem_ctx);
- talloc_destroy(g_priv.mem_ctx);
- return result;
-}
-#endif
-
diff --git a/source3/sam/idmap.c b/source3/sam/idmap.c
deleted file mode 100644
index 06fcc5a956..0000000000
--- a/source3/sam/idmap.c
+++ /dev/null
@@ -1,193 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Winbind ID Mapping
- Copyright (C) Tim Potter 2000
- Copyright (C) Anthony Liguori <aliguor@us.ibm.com> 2003
- Copyright (C) Simo Sorce 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_IDMAP
-
-static struct {
-
- const char *name;
- /* Function to create a member of the idmap_methods list */
- NTSTATUS (*reg_meth)(struct idmap_methods **methods);
- struct idmap_methods *methods;
-
-} remote_idmap_functions[] = {
-
- { "winbind", idmap_reg_winbind, NULL },
- { NULL, NULL, NULL }
-
-};
-
-static struct idmap_methods *local_map;
-static struct idmap_methods *remote_map;
-
-static struct idmap_methods *get_methods(const char *name)
-{
- int i = 0;
- struct idmap_methods *ret = NULL;
-
- while (remote_idmap_functions[i].name && strcmp(remote_idmap_functions[i].name, name)) {
- i++;
- }
-
- if (remote_idmap_functions[i].name) {
-
- if (!remote_idmap_functions[i].methods) {
- remote_idmap_functions[i].reg_meth(&remote_idmap_functions[i].methods);
- }
-
- ret = remote_idmap_functions[i].methods;
- }
-
- return ret;
-}
-
-/* Initialize backend */
-BOOL idmap_init(const char *remote_backend)
-{
- if (!local_map) {
- idmap_reg_tdb(&local_map);
- local_map->init();
- }
-
- if (!remote_map && remote_backend && *remote_backend != 0) {
- DEBUG(3, ("load_methods: using '%s' as remote backend\n", remote_backend));
-
- remote_map = get_methods(remote_backend);
- if (!remote_map) {
- DEBUG(0, ("load_methods: could not load remote backend '%s'\n", remote_backend));
- return False;
- }
- remote_map->init();
- }
-
- return True;
-}
-
-NTSTATUS idmap_set_mapping(const DOM_SID *sid, unid_t id, int id_type)
-{
- NTSTATUS ret;
-
- ret = local_map->set_mapping(sid, id, id_type);
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG (0, ("idmap_set_mapping: Error, unable to modify local cache!\n"));
- DEBUGADD(0, ("Error num. %d", NT_STATUS_V(ret)));
- return ret;
- }
-
- /* Being able to update the remote cache is seldomly right.
- Generally this is a forbidden operation. */
- if (!(id_type & ID_CACHE) && (remote_map != NULL)) {
- remote_map->set_mapping(sid, id, id_type);
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG (0, ("idmap_set_mapping: Error, unable to modify remote cache!\n"));
- DEBUGADD(0, ("Error num. %d", NT_STATUS_V(ret)));
- }
- }
-
- return ret;
-}
-
-/* Get ID from SID */
-NTSTATUS idmap_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid)
-{
- NTSTATUS ret;
- int loc_type;
-
- loc_type = *id_type;
- if (remote_map) { /* We have a central remote idmap */
- loc_type |= ID_NOMAP;
- }
- ret = local_map->get_id_from_sid(id, &loc_type, sid);
- if (NT_STATUS_IS_ERR(ret)) {
- if (remote_map) {
- ret = remote_map->get_id_from_sid(id, id_type, sid);
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG(3, ("idmap_get_id_from_sid: error fetching id!\n"));
- return ret;
- } else {
- loc_type |= ID_CACHE;
- idmap_set_mapping(sid, *id, loc_type);
- }
- }
- } else {
- *id_type = loc_type & ID_TYPEMASK;
- }
-
- return ret;
-}
-
-/* Get SID from ID */
-NTSTATUS idmap_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type)
-{
- NTSTATUS ret;
- int loc_type;
-
- loc_type = id_type;
- if (remote_map) {
- loc_type = id_type | ID_NOMAP;
- }
- ret = local_map->get_sid_from_id(sid, id, loc_type);
- if (NT_STATUS_IS_ERR(ret)) {
- if (remote_map) {
- ret = remote_map->get_sid_from_id(sid, id, id_type);
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG(3, ("idmap_get_sid_from_id: unable to fetch sid!\n"));
- return ret;
- } else {
- loc_type |= ID_CACHE;
- idmap_set_mapping(sid, id, loc_type);
- }
- }
- }
-
- return ret;
-}
-
-/* Close backend */
-NTSTATUS idmap_close(void)
-{
- NTSTATUS ret;
-
- ret = local_map->close();
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG(3, ("idmap_close: failed to close local cache!\n"));
- }
-
- if (remote_map) {
- ret = remote_map->close();
- if (NT_STATUS_IS_ERR(ret)) {
- DEBUG(3, ("idmap_close: failed to close remote idmap repository!\n"));
- }
- }
-
- return ret;
-}
-
-/* Dump backend status */
-void idmap_status(void)
-{
- local_map->status();
- if (remote_map) remote_map->status();
-}
-
diff --git a/source3/sam/idmap_tdb.c b/source3/sam/idmap_tdb.c
deleted file mode 100644
index 7080ac56e6..0000000000
--- a/source3/sam/idmap_tdb.c
+++ /dev/null
@@ -1,389 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- idmap TDB backend
-
- Copyright (C) Tim Potter 2000
- Copyright (C) Anthony Liguori 2003
- Copyright (C) Simo Sorce 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_IDMAP
-
-/* High water mark keys */
-#define HWM_GROUP "GROUP HWM"
-#define HWM_USER "USER HWM"
-
-/* idmap version determines auto-conversion */
-#define IDMAP_VERSION 2
-
-/* Globals */
-static TDB_CONTEXT *idmap_tdb;
-
-static struct idmap_state {
-
- /* User and group id pool */
-
- uid_t uid_low, uid_high; /* Range of uids to allocate */
- gid_t gid_low, gid_high; /* Range of gids to allocate */
-} idmap_state;
-
-/* Allocate either a user or group id from the pool */
-static NTSTATUS db_allocate_id(unid_t *id, int id_type)
-{
- int hwm;
-
- if (!id) return NT_STATUS_INVALID_PARAMETER;
-
- /* Get current high water mark */
- switch (id_type & ID_TYPEMASK) {
- case ID_USERID:
- if ((hwm = tdb_fetch_int32(idmap_tdb, HWM_USER)) == -1) {
- return NT_STATUS_INTERNAL_DB_ERROR;
- }
-
- if (hwm > idmap_state.uid_high) {
- DEBUG(0, ("idmap Fatal Error: UID range full!!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- (*id).uid = hwm++;
-
- /* Store new high water mark */
- tdb_store_int32(idmap_tdb, HWM_USER, hwm);
- break;
- case ID_GROUPID:
- if ((hwm = tdb_fetch_int32(idmap_tdb, HWM_GROUP)) == -1) {
- return NT_STATUS_INTERNAL_DB_ERROR;
- }
-
- if (hwm > idmap_state.gid_high) {
- DEBUG(0, ("idmap Fatal Error: GID range full!!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- (*id).gid = hwm++;
-
- /* Store new high water mark */
- tdb_store_int32(idmap_tdb, HWM_GROUP, hwm);
- break;
- default:
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- return NT_STATUS_OK;
-}
-
-/* Get a sid from an id */
-static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type)
-{
- TDB_DATA key, data;
- fstring keystr;
- NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
- if (!sid) return NT_STATUS_INVALID_PARAMETER;
-
- switch (id_type & ID_TYPEMASK) {
- case ID_USERID:
- slprintf(keystr, sizeof(keystr), "UID %d", id.uid);
- break;
- case ID_GROUPID:
- slprintf(keystr, sizeof(keystr), "GID %d", id.gid);
- break;
- default:
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- key.dptr = keystr;
- key.dsize = strlen(keystr) + 1;
-
- data = tdb_fetch(idmap_tdb, key);
-
- if (data.dptr) {
- if (string_to_sid(sid, data.dptr)) {
- ret = NT_STATUS_OK;
- }
- SAFE_FREE(data.dptr);
- }
-
- return ret;
-}
-
-/* Get an id from a sid */
-static NTSTATUS db_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid)
-{
- TDB_DATA data, key;
- fstring keystr;
- NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
- if (!sid || !id || !id_type) return NT_STATUS_INVALID_PARAMETER;
-
- /* Check if sid is present in database */
- sid_to_string(keystr, sid);
-
- key.dptr = keystr;
- key.dsize = strlen(keystr) + 1;
-
- data = tdb_fetch(idmap_tdb, key);
-
- if (data.dptr) {
- int type = *id_type & ID_TYPEMASK;
- fstring scanstr;
-
- if (type == ID_EMPTY || type == ID_USERID) {
- /* Parse and return existing uid */
- fstrcpy(scanstr, "UID %d");
-
- if (sscanf(data.dptr, scanstr, &((*id).uid)) == 1) {
- /* uid ok? */
- if (type == ID_EMPTY) {
- *id_type = ID_USERID;
- }
- ret = NT_STATUS_OK;
- goto idok;
- }
- }
-
- if (type == ID_EMPTY || type == ID_GROUPID) {
- /* Parse and return existing gid */
- fstrcpy(scanstr, "GID %d");
-
- if (sscanf(data.dptr, scanstr, &((*id).gid)) == 1) {
- /* gid ok? */
- if (type == ID_EMPTY) {
- *id_type = ID_GROUPID;
- }
- ret = NT_STATUS_OK;
- }
- }
-idok:
- SAFE_FREE(data.dptr);
-
- } else if (!(*id_type & ID_NOMAP) &&
- (((*id_type & ID_TYPEMASK) == ID_USERID)
- || (*id_type & ID_TYPEMASK) == ID_GROUPID)) {
-
- /* Allocate a new id for this sid */
- ret = db_allocate_id(id, *id_type);
- if (NT_STATUS_IS_OK(ret)) {
- fstring keystr2;
-
- /* Store new id */
- if (*id_type & ID_USERID) {
- slprintf(keystr2, sizeof(keystr2), "UID %d", (*id).uid);
- } else {
- slprintf(keystr2, sizeof(keystr2), "GID %d", (*id).gid);
- }
-
- data.dptr = keystr2;
- data.dsize = strlen(keystr2) + 1;
-
- if (tdb_store(idmap_tdb, key, data, TDB_REPLACE) == -1) {
- /* TODO: print tdb error !! */
- return NT_STATUS_UNSUCCESSFUL;
- }
- if (tdb_store(idmap_tdb, data, key, TDB_REPLACE) == -1) {
- /* TODO: print tdb error !! */
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- ret = NT_STATUS_OK;
- }
- }
-
- return ret;
-}
-
-static NTSTATUS db_set_mapping(DOM_SID *sid, unid_t id, int id_type)
-{
- TDB_DATA ksid, kid;
- fstring ksidstr;
- fstring kidstr;
-
- if (!sid) return NT_STATUS_INVALID_PARAMETER;
-
- sid_to_string(ksidstr, sid);
-
- ksid.dptr = ksidstr;
- ksid.dsize = strlen(ksidstr) + 1;
-
- if (id_type & ID_USERID) {
- slprintf(kidstr, sizeof(kidstr), "UID %d", id.uid);
- } else if (id_type & ID_GROUPID) {
- slprintf(kidstr, sizeof(kidstr), "GID %d", id.gid);
- } else {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- kid.dptr = kidstr;
- kid.dsize = strlen(kidstr) + 1;
-
- if (tdb_store(idmap_tdb, ksid, kid, TDB_INSERT) == -1) {
- DEBUG(0, ("idb_set_mapping: tdb_store 1 error: %s", tdb_errorstr(idmap_tdb)));
- return NT_STATUS_UNSUCCESSFUL;
- }
- if (tdb_store(idmap_tdb, kid, ksid, TDB_INSERT) == -1) {
- DEBUG(0, ("idb_set_mapping: tdb_store 2 error: %s", tdb_errorstr(idmap_tdb)));
- return NT_STATUS_UNSUCCESSFUL;
- }
- return NT_STATUS_OK;
-}
-
-/*****************************************************************************
- Initialise idmap database.
-*****************************************************************************/
-static NTSTATUS db_idmap_init(void)
-{
- SMB_STRUCT_STAT stbuf;
-
- /* move to the new database on first startup */
- if (!file_exist(lock_path("idmap.tdb"), &stbuf)) {
- if (file_exist(lock_path("winbindd_idmap.tdb"), &stbuf)) {
- DEBUG(0, ("idmap_init: winbindd_idmap.tdb is present and idmap.tdb is not!\nPlease RUN winbindd first to convert the db to the new format!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
- }
-
- /* Open tdb cache */
- if (!(idmap_tdb = tdb_open_log(lock_path("idmap.tdb"), 0,
- TDB_DEFAULT, O_RDWR | O_CREAT,
- 0600))) {
- DEBUG(0, ("idmap_init: Unable to open idmap database\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- /* Create high water marks for group and user id */
- if (tdb_fetch_int32(idmap_tdb, HWM_USER) == -1) {
- if (tdb_store_int32(idmap_tdb, HWM_USER, idmap_state.uid_low) == -1) {
- DEBUG(0, ("idmap_init: Unable to initialise user hwm in idmap database\n"));
- return NT_STATUS_INTERNAL_DB_ERROR;
- }
- }
-
- if (tdb_fetch_int32(idmap_tdb, HWM_GROUP) == -1) {
- if (tdb_store_int32(idmap_tdb, HWM_GROUP, idmap_state.gid_low) == -1) {
- DEBUG(0, ("idmap_init: Unable to initialise group hwm in idmap database\n"));
- return NT_STATUS_INTERNAL_DB_ERROR;
- }
- }
-
- return NT_STATUS_OK;
-}
-
-/* Close the tdb */
-static NTSTATUS db_idmap_close(void)
-{
- if (idmap_tdb) {
- if (tdb_close(idmap_tdb) == 0) {
- return NT_STATUS_OK;
- } else {
- return NT_STATUS_UNSUCCESSFUL;
- }
- }
- return NT_STATUS_OK;
-}
-
-
-/* Dump status information to log file. Display different stuff based on
- the debug level:
-
- Debug Level Information Displayed
- =================================================================
- 0 Percentage of [ug]id range allocated
- 0 High water marks (next allocated ids)
-*/
-
-#define DUMP_INFO 0
-
-static void db_idmap_status(void)
-{
- int user_hwm, group_hwm;
-
- DEBUG(0, ("winbindd idmap status:\n"));
-
- /* Get current high water marks */
-
- if ((user_hwm = tdb_fetch_int32(idmap_tdb, HWM_USER)) == -1) {
- DEBUG(DUMP_INFO,
- ("\tCould not get userid high water mark!\n"));
- }
-
- if ((group_hwm = tdb_fetch_int32(idmap_tdb, HWM_GROUP)) == -1) {
- DEBUG(DUMP_INFO,
- ("\tCould not get groupid high water mark!\n"));
- }
-
- /* Display next ids to allocate */
-
- if (user_hwm != -1) {
- DEBUG(DUMP_INFO,
- ("\tNext userid to allocate is %d\n", user_hwm));
- }
-
- if (group_hwm != -1) {
- DEBUG(DUMP_INFO,
- ("\tNext groupid to allocate is %d\n", group_hwm));
- }
-
- /* Display percentage of id range already allocated. */
-
- if (user_hwm != -1) {
- int num_users = user_hwm - idmap_state.uid_low;
- int total_users =
- idmap_state.uid_high - idmap_state.uid_low;
-
- DEBUG(DUMP_INFO,
- ("\tUser id range is %d%% full (%d of %d)\n",
- num_users * 100 / total_users, num_users,
- total_users));
- }
-
- if (group_hwm != -1) {
- int num_groups = group_hwm - idmap_state.gid_low;
- int total_groups =
- idmap_state.gid_high - idmap_state.gid_low;
-
- DEBUG(DUMP_INFO,
- ("\tGroup id range is %d%% full (%d of %d)\n",
- num_groups * 100 / total_groups, num_groups,
- total_groups));
- }
-
- /* Display complete mapping of users and groups to rids */
-}
-
-struct idmap_methods db_methods = {
-
- db_idmap_init,
- db_get_sid_from_id,
- db_get_id_from_sid,
- db_set_mapping,
- db_idmap_close,
- db_idmap_status
-
-};
-
-NTSTATUS idmap_reg_tdb(struct idmap_methods **meth)
-{
- *meth = &db_methods;
-
- return NT_STATUS_OK;
-}
-
diff --git a/source3/sam/idmap_winbind.c b/source3/sam/idmap_winbind.c
deleted file mode 100644
index d89c9e7bac..0000000000
--- a/source3/sam/idmap_winbind.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- idmap Winbind backend
-
- Copyright (C) Simo Sorce 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-#include "nsswitch/winbind_nss.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_IDMAP
-
-extern DOM_SID global_sid_NULL; /* NULL sid */
-
-NSS_STATUS winbindd_request(int req_type,
- struct winbindd_request *request,
- struct winbindd_response *response);
-
-/* Get a sid from an id */
-static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result, operation;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- switch (id_type & ID_TYPEMASK) {
- case ID_USERID:
- request.data.uid = id.uid;
- operation = WINBINDD_UID_TO_SID;
- break;
- case ID_GROUPID:
- request.data.gid = id.gid;
- operation = WINBINDD_GID_TO_SID;
- break;
- default:
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* Make The Request */
- result = winbindd_request(operation, &request, &response);
- if (result == NSS_STATUS_SUCCESS) {
- if (!string_to_sid(sid, response.data.sid.sid)) {
- return NT_STATUS_INVALID_SID;
- }
- return NT_STATUS_OK;
- } else {
- sid_copy(sid, &global_sid_NULL);
- }
-
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-/* Get an id from a sid */
-static NTSTATUS db_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result, operation;
- fstring sid_str;
-
- if (!id || !id_type) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* setup request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- switch (*id_type & ID_TYPEMASK) {
- case ID_USERID:
- operation = WINBINDD_SID_TO_UID;
- break;
- case ID_GROUPID:
- operation = WINBINDD_SID_TO_GID;
- break;
- default:
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- sid_to_string(sid_str, sid);
- fstrcpy(request.data.sid, sid_str);
-
- /* Make The Request */
- result = winbindd_request(operation, &request, &response);
-
- if (result == NSS_STATUS_SUCCESS) {
- if (operation == WINBINDD_SID_TO_UID) {
- (*id).uid = response.data.uid;
- } else {
- (*id).gid = response.data.gid;
- }
- return NT_STATUS_OK;
- }
-
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-static NTSTATUS db_set_mapping(DOM_SID *sid, unid_t id, int id_type) {
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-/*****************************************************************************
- Initialise idmap database.
-*****************************************************************************/
-static NTSTATUS db_init(void) {
- return NT_STATUS_OK;
-}
-
-/* Close the tdb */
-static NTSTATUS db_close(void) {
- return NT_STATUS_OK;
-}
-
-static void db_status(void) {
- return;
-}
-
-struct idmap_methods winbind_methods = {
-
- db_init,
- db_get_sid_from_id,
- db_get_id_from_sid,
- db_set_mapping,
- db_close,
- db_status
-
-};
-
-NTSTATUS idmap_reg_winbind(struct idmap_methods **meth)
-{
- *meth = &winbind_methods;
-
- return NT_STATUS_OK;
-}
-
diff --git a/source3/sam/interface.c b/source3/sam/interface.c
deleted file mode 100644
index 51ae561999..0000000000
--- a/source3/sam/interface.c
+++ /dev/null
@@ -1,1338 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Password and authentication handling
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Jelmer Vernooij 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Kai Krüger 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_SAM
-
-extern DOM_SID global_sid_Builtin;
-
-/** List of various built-in sam modules */
-
-const struct sam_init_function_entry builtin_sam_init_functions[] = {
- { "plugin", sam_init_plugin },
-#ifdef HAVE_LDAP
- { "ads", sam_init_ads },
-#endif
- { "skel", sam_init_skel },
- { NULL, NULL}
-};
-
-
-static NTSTATUS sam_get_methods_by_sid(const SAM_CONTEXT *context, SAM_METHODS **sam_method, const DOM_SID *domainsid)
-{
- SAM_METHODS *tmp_methods;
-
- DEBUG(5,("sam_get_methods_by_sid: %d\n", __LINE__));
-
- /* invalid sam_context specified */
- SAM_ASSERT(context && context->methods);
-
- tmp_methods = context->methods;
-
- while (tmp_methods) {
- if (sid_equal(domainsid, &(tmp_methods->domain_sid)))
- {
- (*sam_method) = tmp_methods;
- return NT_STATUS_OK;
- }
- tmp_methods = tmp_methods->next;
- }
-
- DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", sid_string_static(domainsid)));
-
- return NT_STATUS_NO_SUCH_DOMAIN;
-}
-
-static NTSTATUS sam_get_methods_by_name(const SAM_CONTEXT *context, SAM_METHODS **sam_method, const char *domainname)
-{
- SAM_METHODS *tmp_methods;
-
- DEBUG(5,("sam_get_methods_by_name: %d\n", __LINE__));
-
- /* invalid sam_context specified */
- SAM_ASSERT(context && context->methods);
-
- tmp_methods = context->methods;
-
- while (tmp_methods) {
- if (strequal(domainname, tmp_methods->domain_name))
- {
- (*sam_method) = tmp_methods;
- return NT_STATUS_OK;
- }
- tmp_methods = tmp_methods->next;
- }
-
- DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", domainname));
-
- return NT_STATUS_NO_SUCH_DOMAIN;
-}
-
-static NTSTATUS make_sam_methods(TALLOC_CTX *mem_ctx, SAM_METHODS **methods)
-{
- *methods = talloc(mem_ctx, sizeof(SAM_METHODS));
-
- if (!*methods) {
- return NT_STATUS_NO_MEMORY;
- }
-
- ZERO_STRUCTP(*methods);
-
- return NT_STATUS_OK;
-}
-
-/******************************************************************
- Free and cleanup a sam context, any associated data and anything
- that the attached modules might have associated.
- *******************************************************************/
-
-void free_sam_context(SAM_CONTEXT **context)
-{
- SAM_METHODS *sam_selected = (*context)->methods;
-
- while (sam_selected) {
- if (sam_selected->free_private_data) {
- sam_selected->free_private_data(&(sam_selected->private_data));
- }
- sam_selected = sam_selected->next;
- }
-
- talloc_destroy((*context)->mem_ctx);
- *context = NULL;
-}
-
-/******************************************************************
- Make a backend_entry from scratch
- *******************************************************************/
-
-static NTSTATUS make_backend_entry(SAM_BACKEND_ENTRY *backend_entry, char *sam_backend_string)
-{
- char *tmp = NULL;
- char *tmp_string = sam_backend_string;
-
- DEBUG(5,("make_backend_entry: %d\n", __LINE__));
-
- SAM_ASSERT(sam_backend_string && backend_entry);
-
- backend_entry->module_name = sam_backend_string;
-
- DEBUG(5,("makeing backend_entry for %s\n", backend_entry->module_name));
-
- if ((tmp = strrchr(tmp_string, '|')) != NULL) {
- DEBUGADD(20,("a domain name has been specified\n"));
- *tmp = 0;
- backend_entry->domain_name = smb_xstrdup(tmp + 1);
- tmp_string = tmp + 1;
- }
-
- if ((tmp = strchr(tmp_string, ':')) != NULL) {
- DEBUG(20,("options for the backend have been specified\n"));
- *tmp = 0;
- backend_entry->module_params = smb_xstrdup(tmp + 1);
- tmp_string = tmp + 1;
- }
-
- if (backend_entry->domain_name == NULL) {
- DEBUG(10,("make_backend_entry: no domain was specified for sam module %s. Using default domain %s\n",
- backend_entry->module_name, lp_workgroup()));
- backend_entry->domain_name = smb_xstrdup(lp_workgroup());
- }
-
- if ((backend_entry->domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID))) == NULL) {
- DEBUG(0,("make_backend_entry: failed to malloc domain_sid\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- DEBUG(10,("looking up sid for domain %s\n", backend_entry->domain_name));
-
- if (!secrets_fetch_domain_sid(backend_entry->domain_name, backend_entry->domain_sid)) {
- DEBUG(2,("make_backend_entry: There is no SID stored for domain %s. Creating a new one.\n",
- backend_entry->domain_name));
- DEBUG(0, ("FIXME in %s:%d\n", __FILE__, __LINE__));
- ZERO_STRUCTP(backend_entry->domain_sid);
- }
-
- DEBUG(5,("make_backend_entry: module name: %s, module parameters: %s, domain name: %s, domain sid: %s\n",
- backend_entry->module_name, backend_entry->module_params, backend_entry->domain_name, sid_string_static(backend_entry->domain_sid)));
-
- return NT_STATUS_OK;
-}
-
-/******************************************************************
- create sam_methods struct based on sam_backend_entry
- *****************************************************************/
-
-static NTSTATUS make_sam_methods_backend_entry(SAM_CONTEXT *context, SAM_METHODS **methods_ptr, SAM_BACKEND_ENTRY *backend_entry)
-{
- NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
- SAM_METHODS *methods;
- int i;
-
- DEBUG(5,("make_sam_methods_backend_entry: %d\n", __LINE__));
-
- if (!NT_STATUS_IS_OK(nt_status = make_sam_methods(context->mem_ctx, methods_ptr))) {
- return nt_status;
- }
-
- methods = *methods_ptr;
- methods->backendname = talloc_strdup(context->mem_ctx, backend_entry->module_name);
- methods->domain_name = talloc_strdup(context->mem_ctx, backend_entry->domain_name);
- sid_copy(&methods->domain_sid, backend_entry->domain_sid);
- methods->parent = context;
-
- DEBUG(5,("Attempting to find sam backend %s\n", backend_entry->module_name));
- for (i = 0; builtin_sam_init_functions[i].module_name; i++)
- {
- if (strequal(builtin_sam_init_functions[i].module_name, backend_entry->module_name))
- {
- DEBUG(5,("Found sam backend %s (at pos %d)\n", backend_entry->module_name, i));
- DEBUGADD(5,("initialising it with options=%s for domain %s\n", backend_entry->module_params, sid_string_static(backend_entry->domain_sid)));
- nt_status = builtin_sam_init_functions[i].init(methods, backend_entry->module_params);
- if (NT_STATUS_IS_OK(nt_status)) {
- DEBUG(5,("sam backend %s has a valid init\n", backend_entry->module_name));
- } else {
- DEBUG(2,("sam backend %s did not correctly init (error was %s)\n",
- backend_entry->module_name, nt_errstr(nt_status)));
- }
- return nt_status;
- }
- }
-
- DEBUG(2,("could not find backend %s\n", backend_entry->module_name));
-
- return NT_STATUS_INVALID_PARAMETER;
-}
-
-static NTSTATUS sam_context_check_default_backends(SAM_CONTEXT *context)
-{
- SAM_BACKEND_ENTRY entry;
- DOM_SID *global_sam_sid = get_global_sam_sid(); /* lp_workgroup doesn't play nicely with multiple domains */
- SAM_METHODS *methods, *tmpmethods;
- NTSTATUS ntstatus;
-
- DEBUG(5,("sam_context_check_default_backends: %d\n", __LINE__));
-
- /* Make sure domain lp_workgroup() is available */
-
- ntstatus = sam_get_methods_by_sid(context, &methods, &global_sid_Builtin);
-
- if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_NO_SUCH_DOMAIN)) {
- DEBUG(4,("There was no backend specified for domain %s(%s); using %s\n",
- lp_workgroup(), sid_string_static(global_sam_sid), SAM_DEFAULT_BACKEND));
-
- SAM_ASSERT(global_sam_sid);
-
- entry.module_name = SAM_DEFAULT_BACKEND;
- entry.module_params = NULL;
- entry.domain_name = lp_workgroup();
- entry.domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID));
- sid_copy(entry.domain_sid, global_sam_sid);
-
- if (!NT_STATUS_IS_OK(ntstatus = make_sam_methods_backend_entry(context, &methods, &entry))) {
- DEBUG(4,("make_sam_methods_backend_entry failed\n"));
- return ntstatus;
- }
-
- DLIST_ADD_END(context->methods, methods, tmpmethods);
-
- } else if (!NT_STATUS_IS_OK(ntstatus)) {
- DEBUG(2, ("sam_get_methods_by_sid failed for %s\n", lp_workgroup()));
- return ntstatus;
- }
-
- /* Make sure the BUILTIN domain is available */
-
- ntstatus = sam_get_methods_by_sid(context, &methods, global_sam_sid);
-
- if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_NO_SUCH_DOMAIN)) {
- DEBUG(4,("There was no backend specified for domain BUILTIN; using %s\n",
- SAM_DEFAULT_BACKEND));
- entry.module_name = SAM_DEFAULT_BACKEND;
- entry.module_params = NULL;
- entry.domain_name = "BUILTIN";
- entry.domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID));
- sid_copy(entry.domain_sid, &global_sid_Builtin);
-
- if (!NT_STATUS_IS_OK(ntstatus = make_sam_methods_backend_entry(context, &methods, &entry))) {
- DEBUG(4,("make_sam_methods_backend_entry failed\n"));
- return ntstatus;
- }
-
- DLIST_ADD_END(context->methods, methods, tmpmethods);
- } else if (!NT_STATUS_IS_OK(ntstatus)) {
- DEBUG(2, ("sam_get_methods_by_sid failed for BUILTIN\n"));
- return ntstatus;
- }
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS check_duplicate_backend_entries(SAM_BACKEND_ENTRY **backend_entries, int *nBackends)
-{
- int i, j;
-
- DEBUG(5,("check_duplicate_backend_entries: %d\n", __LINE__));
-
- for (i = 0; i < *nBackends; i++) {
- for (j = i + 1; j < *nBackends; j++) {
- if (sid_equal((*backend_entries)[i].domain_sid, (*backend_entries)[j].domain_sid)) {
- DEBUG(0,("two backend modules claim the same domain %s\n",
- sid_string_static((*backend_entries)[j].domain_sid)));
- return NT_STATUS_INVALID_PARAMETER;
- }
- }
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS make_sam_context_list(SAM_CONTEXT **context, char **sam_backends_param)
-{
- int i = 0, j = 0;
- SAM_METHODS *curmethods, *tmpmethods;
- int nBackends = 0;
- SAM_BACKEND_ENTRY *backends = NULL;
- NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(5,("make_sam_context_from_conf: %d\n", __LINE__));
-
- if (!sam_backends_param) {
- DEBUG(1, ("no SAM backeds specified!\n"));
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = make_sam_context(context))) {
- DEBUG(4,("make_sam_context failed\n"));
- return nt_status;
- }
-
- while (sam_backends_param[nBackends])
- nBackends++;
-
- DEBUG(6,("There are %d domains listed with their backends\n", nBackends));
-
- if ((backends = (SAM_BACKEND_ENTRY *)malloc(sizeof(*backends)*nBackends)) == NULL) {
- DEBUG(0,("make_sam_context_list: failed to allocate backends\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- memset(backends, '\0', sizeof(*backends)*nBackends);
-
- for (i = 0; i < nBackends; i++) {
- DEBUG(8,("processing %s\n",sam_backends_param[i]));
- if (!NT_STATUS_IS_OK(nt_status = make_backend_entry(&backends[i], sam_backends_param[i]))) {
- DEBUG(4,("make_backend_entry failed\n"));
- for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid);
- SAFE_FREE(backends);
- free_sam_context(context);
- return nt_status;
- }
- }
-
- if (!NT_STATUS_IS_OK(nt_status = check_duplicate_backend_entries(&backends, &nBackends))) {
- DEBUG(4,("check_duplicate_backend_entries failed\n"));
- for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid);
- SAFE_FREE(backends);
- free_sam_context(context);
- return nt_status;
- }
-
- for (i = 0; i < nBackends; i++) {
- if (!NT_STATUS_IS_OK(nt_status = make_sam_methods_backend_entry(*context, &curmethods, &backends[i]))) {
- DEBUG(4,("make_sam_methods_backend_entry failed\n"));
- for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid);
- SAFE_FREE(backends);
- free_sam_context(context);
- return nt_status;
- }
- DLIST_ADD_END((*context)->methods, curmethods, tmpmethods);
- }
-
- for (i = 0; i < nBackends; i++) SAFE_FREE(backends[i].domain_sid);
-
- SAFE_FREE(backends);
- return NT_STATUS_OK;
-}
-
-/******************************************************************
- Make a sam_context from scratch.
- *******************************************************************/
-
-NTSTATUS make_sam_context(SAM_CONTEXT **context)
-{
- TALLOC_CTX *mem_ctx;
-
- mem_ctx = talloc_init("sam_context internal allocation context");
-
- if (!mem_ctx) {
- DEBUG(0, ("make_sam_context: talloc init failed!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- *context = talloc(mem_ctx, sizeof(**context));
- if (!*context) {
- DEBUG(0, ("make_sam_context: talloc failed!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- ZERO_STRUCTP(*context);
-
- (*context)->mem_ctx = mem_ctx;
-
- (*context)->free_fn = free_sam_context;
-
- return NT_STATUS_OK;
-}
-
-/******************************************************************
- Return an already initialised sam_context, to facilitate backward
- compatibility (see functions below).
- *******************************************************************/
-
-static struct sam_context *sam_get_static_context(BOOL reload)
-{
- static SAM_CONTEXT *sam_context = NULL;
-
- if ((sam_context) && (reload)) {
- sam_context->free_fn(&sam_context);
- sam_context = NULL;
- }
-
- if (!sam_context) {
- if (!NT_STATUS_IS_OK(make_sam_context_list(&sam_context, lp_sam_backend()))) {
- DEBUG(4,("make_sam_context_list failed\n"));
- return NULL;
- }
-
- /* Make sure the required domains (default domain, builtin) are available */
- if (!NT_STATUS_IS_OK(sam_context_check_default_backends(sam_context))) {
- DEBUG(4,("sam_context_check_default_backends failed\n"));
- return NULL;
- }
- }
-
- return sam_context;
-}
-
-/***************************************************************
- Initialize the static context (at smbd startup etc).
-
- If uninitialised, context will auto-init on first use.
- ***************************************************************/
-
-BOOL initialize_sam(BOOL reload)
-{
- return (sam_get_static_context(reload) != NULL);
-}
-
-
-/**************************************************************
- External API. This is what the rest of the world calls...
-***************************************************************/
-
-/******************************************************************
- sam_* functions are used to link the external SAM interface
- with the internal backends. These functions lookup the appropriate
- backends for the domain and pass on to the function in sam_methods
- in the selected backend
-
- When the context parmater is NULL, the default is used.
- *******************************************************************/
-
-#define SAM_SETUP_CONTEXT if (!context) \
- context = sam_get_static_context(False);\
- if (!context) {\
- return NT_STATUS_UNSUCCESSFUL; \
- }\
-
-
-
-NTSTATUS sam_get_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_get_sec_desc: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_get_sec_desc) {
- DEBUG(3, ("sam_get_sec_desc: sam_methods of the domain did not specify sam_get_sec_desc\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_sec_desc(tmp_methods, access_token, sid, sd))) {
- DEBUG(4,("sam_get_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_set_sec_desc: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_set_sec_desc) {
- DEBUG(3, ("sam_set_sec_desc: sam_methods of the domain did not specify sam_set_sec_desc\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_set_sec_desc(tmp_methods, access_token, sid, sd))) {
- DEBUG(4,("sam_set_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-
-NTSTATUS sam_lookup_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const char *domain, const char *name, DOM_SID *sid, uint32 *type)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_lookup_name: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) {
- DEBUG(4,("sam_get_methods_by_name failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_lookup_name) {
- DEBUG(3, ("sam_lookup_name: sam_methods of the domain did not specify sam_lookup_name\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_name(tmp_methods, access_token, name, sid, type))) {
- DEBUG(4,("sam_lookup_name for %s\\%s in backend %s failed\n",
- tmp_methods->domain_name, name, tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_lookup_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type)
-{
- SAM_METHODS *tmp_methods;
- uint32 rid;
- NTSTATUS nt_status;
- DOM_SID domainsid;
-
- DEBUG(5,("sam_lookup_sid: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- sid_copy(&domainsid, sid);
- if (!sid_split_rid(&domainsid, &rid)) {
- DEBUG(3,("sam_lookup_sid: failed to split the sid\n"));
- return NT_STATUS_INVALID_SID;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_lookup_sid) {
- DEBUG(3, ("sam_lookup_sid: sam_methods of the domain did not specify sam_lookup_sid\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_sid(tmp_methods, access_token, mem_ctx, sid, name, type))) {
- DEBUG(4,("sam_lookup_name for %s in backend %s failed\n",
- sid_string_static(sid), tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-
-NTSTATUS sam_update_domain(const SAM_CONTEXT *context, const SAM_DOMAIN_HANDLE *domain)
-{
- const SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_update_domain: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- /* invalid domain specified */
- SAM_ASSERT(domain && domain->current_sam_methods);
-
- tmp_methods = domain->current_sam_methods;
-
- if (!tmp_methods->sam_update_domain) {
- DEBUG(3, ("sam_update_domain: sam_methods of the domain did not specify sam_update_domain\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_domain(tmp_methods, domain))){
- DEBUG(4,("sam_update_domain in backend %s failed\n",
- tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, int32 *domain_count, DOM_SID **domains, char ***domain_names)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- SEC_DESC *sd;
- size_t sd_size;
- uint32 acc_granted;
- int i = 0;
-
- DEBUG(5,("sam_enum_domains: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- /* invalid parmaters specified */
- SAM_ASSERT(domain_count && domains && domain_names);
-
- if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) {
- DEBUG(4,("samr_make_sam_obj_sd failed\n"));
- return nt_status;
- }
-
- if (!se_access_check(sd, access_token, SA_RIGHT_SAM_ENUM_DOMAINS, &acc_granted, &nt_status)) {
- DEBUG(3,("sam_enum_domains: ACCESS DENIED\n"));
- return nt_status;
- }
-
- tmp_methods= context->methods;
- *domain_count = 0;
-
- while (tmp_methods) {
- (*domain_count)++;
- tmp_methods= tmp_methods->next;
- }
-
- DEBUG(6,("sam_enum_domains: enumerating %d domains\n", (*domain_count)));
-
- tmp_methods = context->methods;
-
- if (((*domains) = malloc( sizeof(DOM_SID) * (*domain_count))) == NULL) {
- DEBUG(0,("sam_enum_domains: Out of memory allocating domain SID list\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- if (((*domain_names) = malloc( sizeof(char*) * (*domain_count))) == NULL) {
- DEBUG(0,("sam_enum_domains: Out of memory allocating domain name list\n"));
- SAFE_FREE((*domains));
- return NT_STATUS_NO_MEMORY;
- }
-
- while (tmp_methods) {
- DEBUGADD(7,(" [%d] %s: %s\n", i, tmp_methods->domain_name, sid_string_static(&tmp_methods->domain_sid)));
- sid_copy(domains[i],&tmp_methods->domain_sid);
- *domain_names[i] = smb_xstrdup(tmp_methods->domain_name);
- i++;
- tmp_methods= tmp_methods->next;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_lookup_domain(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const char *domain, DOM_SID **domainsid)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- SEC_DESC *sd;
- size_t sd_size;
- uint32 acc_granted;
-
- DEBUG(5,("sam_lookup_domain: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- /* invalid paramters */
- SAM_ASSERT(access_token && domain && domainsid);
-
- if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) {
- DEBUG(4,("samr_make_sam_obj_sd failed\n"));
- return nt_status;
- }
-
- if (!se_access_check(sd, access_token, SA_RIGHT_SAM_OPEN_DOMAIN, &acc_granted, &nt_status)) {
- DEBUG(3,("sam_lookup_domain: ACCESS DENIED\n"));
- return nt_status;
- }
-
- tmp_methods= context->methods;
-
- while (tmp_methods) {
- if (strcmp(domain, tmp_methods->domain_name) == 0) {
- (*domainsid) = (DOM_SID *)malloc(sizeof(DOM_SID));
- sid_copy((*domainsid), &tmp_methods->domain_sid);
- return NT_STATUS_OK;
- }
- tmp_methods= tmp_methods->next;
- }
-
- return NT_STATUS_NO_SUCH_DOMAIN;
-}
-
-
-NTSTATUS sam_get_domain_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_get_domain_by_sid: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- SAM_ASSERT(access_token && domainsid && domain);
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_get_domain_handle) {
- DEBUG(3, ("sam_get_domain_by_sid: sam_methods of the domain did not specify sam_get_domain_handle\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_domain_handle(tmp_methods, access_token, access_desired, domain))) {
- DEBUG(4,("sam_get_domain_handle for %s in backend %s failed\n",
- sid_string_static(domainsid), tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_create_account(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_create_account: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- /* invalid parmaters */
- SAM_ASSERT(access_token && domainsid && account_name && account);
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_create_account) {
- DEBUG(3, ("sam_create_account: sam_methods of the domain did not specify sam_create_account\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_account(tmp_methods, access_token, access_desired, account_name, acct_ctrl, account))) {
- DEBUG(4,("sam_create_account in backend %s failed\n",
- tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_add_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account)
-{
- DOM_SID domainsid;
- const DOM_SID *accountsid;
- SAM_METHODS *tmp_methods;
- uint32 rid;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_add_account: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- /* invalid parmaters */
- SAM_ASSERT(account);
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_account_sid(account, &accountsid))) {
- DEBUG(0,("Can't get account SID\n"));
- return nt_status;
- }
-
- sid_copy(&domainsid, accountsid);
- if (!sid_split_rid(&domainsid, &rid)) {
- DEBUG(3,("sam_get_account_by_sid: failed to split the sid\n"));
- return NT_STATUS_INVALID_SID;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_add_account) {
- DEBUG(3, ("sam_add_account: sam_methods of the domain did not specify sam_add_account\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_account(tmp_methods, account))){
- DEBUG(4,("sam_add_account in backend %s failed\n",
- tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_update_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account)
-{
- const SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_update_account: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- /* invalid account specified */
- SAM_ASSERT(account && account->current_sam_methods);
-
- tmp_methods = account->current_sam_methods;
-
- if (!tmp_methods->sam_update_account) {
- DEBUG(3, ("sam_update_account: sam_methods of the domain did not specify sam_update_account\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_account(tmp_methods, account))){
- DEBUG(4,("sam_update_account in backend %s failed\n",
- tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_delete_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account)
-{
- const SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_delete_account: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- /* invalid account specified */
- SAM_ASSERT(account && account->current_sam_methods);
-
- tmp_methods = account->current_sam_methods;
-
- if (!tmp_methods->sam_delete_account) {
- DEBUG(3, ("sam_delete_account: sam_methods of the domain did not specify sam_delete_account\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_account(tmp_methods, account))){
- DEBUG(4,("sam_delete_account in backend %s failed\n",
- tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_enum_accounts(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, uint16 acct_ctrl, int32 *account_count, SAM_ACCOUNT_ENUM **accounts)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_enum_accounts: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- SAM_ASSERT(access_token && domainsid && account_count && accounts);
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_enum_accounts) {
- DEBUG(3, ("sam_enum_accounts: sam_methods of the domain did not specify sam_enum_accounts\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_accounts(tmp_methods, access_token, acct_ctrl, account_count, accounts))) {
- DEBUG(4,("sam_enum_accounts for domain %s in backend %s failed\n",
- tmp_methods->domain_name, tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-
-NTSTATUS sam_get_account_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account)
-{
- SAM_METHODS *tmp_methods;
- uint32 rid;
- DOM_SID domainsid;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_get_account_by_sid: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- SAM_ASSERT(access_token && accountsid && account);
-
- sid_copy(&domainsid, accountsid);
- if (!sid_split_rid(&domainsid, &rid)) {
- DEBUG(3,("sam_get_account_by_sid: failed to split the sid\n"));
- return NT_STATUS_INVALID_SID;
- }
-
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_get_account_by_sid) {
- DEBUG(3, ("sam_get_account_by_sid: sam_methods of the domain did not specify sam_get_account_by_sid\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_sid(tmp_methods, access_token, access_desired, accountsid, account))) {
- DEBUG(4,("sam_get_account_by_sid for %s in backend %s failed\n",
- sid_string_static(accountsid), tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *domain, const char *name, SAM_ACCOUNT_HANDLE **account)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_get_account_by_name: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- SAM_ASSERT(access_token && domain && name && account);
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) {
- DEBUG(4,("sam_get_methods_by_name failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_get_account_by_name) {
- DEBUG(3, ("sam_get_account_by_name: sam_methods of the domain did not specify sam_get_account_by_name\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_name(tmp_methods, access_token, access_desired, name, account))) {
- DEBUG(4,("sam_get_account_by_name for %s\\%s in backend %s failed\n",
- domain, name, tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_create_group: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- SAM_ASSERT(access_token && domainsid && group_name && group);
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_create_group) {
- DEBUG(3, ("sam_create_group: sam_methods of the domain did not specify sam_create_group\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_group(tmp_methods, access_token, access_desired, group_name, group_ctrl, group))) {
- DEBUG(4,("sam_create_group in backend %s failed\n",
- tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group)
-{
- DOM_SID domainsid;
- const DOM_SID *groupsid;
- SAM_METHODS *tmp_methods;
- uint32 rid;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_add_group: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- SAM_ASSERT(group);
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_group_sid(group, &groupsid))) {
- DEBUG(0,("Can't get group SID\n"));
- return nt_status;
- }
-
- sid_copy(&domainsid, groupsid);
- if (!sid_split_rid(&domainsid, &rid)) {
- DEBUG(3,("sam_get_group_by_sid: failed to split the sid\n"));
- return NT_STATUS_INVALID_SID;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_add_group) {
- DEBUG(3, ("sam_add_group: sam_methods of the domain did not specify sam_add_group\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_group(tmp_methods, group))){
- DEBUG(4,("sam_add_group in backend %s failed\n",
- tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_update_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group)
-{
- const SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_update_group: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- /* invalid group specified */
- SAM_ASSERT(group && group->current_sam_methods);
-
- tmp_methods = group->current_sam_methods;
-
- if (!tmp_methods->sam_update_group) {
- DEBUG(3, ("sam_update_group: sam_methods of the domain did not specify sam_update_group\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_group(tmp_methods, group))){
- DEBUG(4,("sam_update_group in backend %s failed\n",
- tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_delete_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group)
-{
- const SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_delete_group: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- /* invalid group specified */
- SAM_ASSERT(group && group->current_sam_methods);
-
- tmp_methods = group->current_sam_methods;
-
- if (!tmp_methods->sam_delete_group) {
- DEBUG(3, ("sam_delete_group: sam_methods of the domain did not specify sam_delete_group\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_group(tmp_methods, group))){
- DEBUG(4,("sam_delete_group in backend %s failed\n",
- tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_enum_groups(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_enum_groups: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- SAM_ASSERT(access_token && domainsid && groups_count && groups);
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_enum_accounts) {
- DEBUG(3, ("sam_enum_groups: sam_methods of the domain did not specify sam_enum_groups\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groups(tmp_methods, access_token, group_ctrl, groups_count, groups))) {
- DEBUG(4,("sam_enum_groups for domain %s in backend %s failed\n",
- tmp_methods->domain_name, tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_group_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group)
-{
- SAM_METHODS *tmp_methods;
- uint32 rid;
- NTSTATUS nt_status;
- DOM_SID domainsid;
-
- DEBUG(5,("sam_get_group_by_sid: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- SAM_ASSERT(access_token && groupsid && group);
-
- sid_copy(&domainsid, groupsid);
- if (!sid_split_rid(&domainsid, &rid)) {
- DEBUG(3,("sam_get_group_by_sid: failed to split the sid\n"));
- return NT_STATUS_INVALID_SID;
- }
-
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
- DEBUG(4,("sam_get_methods_by_sid failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_get_group_by_sid) {
- DEBUG(3, ("sam_get_group_by_sid: sam_methods of the domain did not specify sam_get_group_by_sid\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_sid(tmp_methods, access_token, access_desired, groupsid, group))) {
- DEBUG(4,("sam_get_group_by_sid for %s in backend %s failed\n",
- sid_string_static(groupsid), tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_group_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- DEBUG(5,("sam_get_group_by_name: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- SAM_ASSERT(access_token && domain && name && group);
-
- if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) {
- DEBUG(4,("sam_get_methods_by_name failed\n"));
- return nt_status;
- }
-
- if (!tmp_methods->sam_get_group_by_name) {
- DEBUG(3, ("sam_get_group_by_name: sam_methods of the domain did not specify sam_get_group_by_name\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_name(tmp_methods, access_token, access_desired, name, group))) {
- DEBUG(4,("sam_get_group_by_name for %s\\%s in backend %s failed\n",
- domain, name, tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_add_member_to_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member)
-{
- const SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- SAM_SETUP_CONTEXT;
-
- /* invalid group or member specified */
- SAM_ASSERT(group && group->current_sam_methods && member);
-
- tmp_methods = group->current_sam_methods;
-
- if (!tmp_methods->sam_add_member_to_group) {
- DEBUG(3, ("sam_add_member_to_group: sam_methods of the domain did not specify sam_add_member_to_group\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_member_to_group(tmp_methods, group, member))) {
- DEBUG(4,("sam_add_member_to_group in backend %s failed\n", tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-
-}
-
-NTSTATUS sam_delete_member_from_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member)
-{
- const SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- SAM_SETUP_CONTEXT;
-
- /* invalid group or member specified */
- SAM_ASSERT(group && group->current_sam_methods && member);
-
- tmp_methods = group->current_sam_methods;
-
- if (!tmp_methods->sam_delete_member_from_group) {
- DEBUG(3, ("sam_delete_member_from_group: sam_methods of the domain did not specify sam_delete_member_from_group\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_member_from_group(tmp_methods, group, member))) {
- DEBUG(4,("sam_delete_member_from_group in backend %s failed\n", tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_enum_groupmembers(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
-{
- const SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- SAM_SETUP_CONTEXT;
-
- /* invalid group specified */
- SAM_ASSERT(group && group->current_sam_methods && members_count && members);
-
- tmp_methods = group->current_sam_methods;
-
- if (!tmp_methods->sam_enum_groupmembers) {
- DEBUG(3, ("sam_enum_groupmembers: sam_methods of the domain did not specify sam_enum_group_members\n"));
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groupmembers(tmp_methods, group, members_count, members))) {
- DEBUG(4,("sam_enum_groupmembers in backend %s failed\n", tmp_methods->backendname));
- return nt_status;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_groups_of_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups)
-{
- SAM_METHODS *tmp_methods;
- NTSTATUS nt_status;
-
- uint32 tmp_group_count;
- SAM_GROUP_ENUM *tmp_groups;
-
- DEBUG(5,("sam_get_groups_of_sid: %d\n", __LINE__));
-
- SAM_SETUP_CONTEXT;
-
- /* invalid sam_context specified */
- SAM_ASSERT(access_token && sids && context && context->methods);
-
- *group_count = 0;
-
- *groups = NULL;
-
- tmp_methods= context->methods;
-
- while (tmp_methods) {
- DEBUG(5,("getting groups from domain \n"));
- if (!tmp_methods->sam_get_groups_of_sid) {
- DEBUG(3, ("sam_get_groups_of_sid: sam_methods of domain did not specify sam_get_groups_of_sid\n"));
- SAFE_FREE(*groups);
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
- if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_groups_of_sid(tmp_methods, access_token, sids, group_ctrl, &tmp_group_count, &tmp_groups))) {
- DEBUG(4,("sam_get_groups_of_sid in backend %s failed\n", tmp_methods->backendname));
- SAFE_FREE(*groups);
- return nt_status;
- }
-
- *groups = Realloc(*groups, ((*group_count) + tmp_group_count) * sizeof(SAM_GROUP_ENUM));
-
- memcpy(&(*groups)[*group_count], tmp_groups, tmp_group_count);
-
- SAFE_FREE(tmp_groups);
-
- *group_count += tmp_group_count;
-
- tmp_methods = tmp_methods->next;
- }
-
- return NT_STATUS_OK;
-}
-
-
diff --git a/source3/sam/sam_ads.c b/source3/sam/sam_ads.c
deleted file mode 100755
index 13e0369004..0000000000
--- a/source3/sam/sam_ads.c
+++ /dev/null
@@ -1,1378 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Active Directory SAM backend, for simulate a W2K DC in mixed mode.
-
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Andrew Bartlett 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-
-#ifdef HAVE_LDAP
-
-static int sam_ads_debug_level = DBGC_SAM;
-
-#undef DBGC_CLASS
-#define DBGC_CLASS sam_ads_debug_level
-
-#ifndef FIXME
-#define FIXME( body ) { DEBUG(0,("FIXME: "));\
- DEBUGADD(0,(body));}
-#endif
-
-#define ADS_STATUS_OK ADS_ERROR(0)
-#define ADS_STATUS_UNSUCCESSFUL ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL)
-#define ADS_STATUS_NOT_IMPLEMENTED ADS_ERROR_NT(NT_STATUS_NOT_IMPLEMENTED)
-
-
-#define ADS_SUBTREE_BUILTIN "CN=Builtin,"
-#define ADS_SUBTREE_COMPUTERS "CN=Computers,"
-#define ADS_SUBTREE_DC "CN=Domain Controllers,"
-#define ADS_SUBTREE_USERS "CN=Users,"
-#define ADS_ROOT_TREE ""
-/* Here are private module structs and functions */
-
-typedef struct sam_ads_privates {
- ADS_STRUCT *ads_struct;
- TALLOC_CTX *mem_ctx;
- BOOL bind_plaintext;
- char *ads_bind_dn;
- char *ads_bind_pw;
- char *ldap_uri;
- /* did we need something more? */
-}SAM_ADS_PRIVATES;
-
-
-/* get only these LDAP attributes, witch we really need for an account */
-const char *account_attrs[] = { "objectSid",
- "objectGUID",
- "sAMAccountType",
- "sAMAcountName",
- "userPrincipalName",
- "accountExpires",
- "badPasswordTime",
- "badPwdCount",
- "lastLogoff",
- "lastLogon",
- "userWorkstations",
- "dBCSPwd",
- "unicodePwd",
- "pwdLastSet",
- "userAccountControl",
- "profilePath",
- "homeDrive",
- "scriptPath",
- "homeDirectory",
- "cn",
- "primaryGroupID",/* 513 */
- "nsNPAllowDialIn",/* TRUE */
- "userParameters",/* Dial Back number ...*/
- "codePage",/* 0 */
- "countryCode",/* 0 */
- "adminCount",/* 1 or 0 */
- "logonCount",/* 0 */
- "managedObjects",
- "memberOf",/* dn */
- "instanceType",/* 4 */
- "name", /* sync with cn */
- "description",
- /* "nTSecurityDescriptor", */
- NULL};
-
-/* get only these LDAP attributes, witch we really need for a group */
-const char *group_attrs[] = {"objectSid",
- /* "objectGUID", */
- "sAMAccountType",
- "sAMAcountName",
- "groupType",
- /* "member", */
- "description",
- "name", /* sync with cn */
- /* "nTSecurityDescriptor", */
- NULL};
-
-
-/***************************************************
- return our ads connection. We keep the connection
- open to make things faster
-****************************************************/
-static ADS_STATUS sam_ads_cached_connection(SAM_ADS_PRIVATES *privates)
-{
- ADS_STRUCT *ads_struct;
- ADS_STATUS ads_status;
-
- if (!privates->ads_struct) {
- privates->ads_struct = ads_init_simple();
- ads_struct = privates->ads_struct;
- ads_struct->server.ldap_uri = smb_xstrdup(privates->ldap_uri);
- if ((!privates->ads_bind_dn) || (!*privates->ads_bind_dn)) {
- ads_struct->auth.flags |= ADS_AUTH_ANON_BIND;
- } else {
- ads_struct->auth.user_name
- = smb_xstrdup(privates->ads_bind_dn);
- if (privates->ads_bind_pw) {
- ads_struct->auth.password
- = smb_xstrdup(privates->ads_bind_pw);
- }
- }
- if (privates->bind_plaintext) {
- ads_struct->auth.flags |= ADS_AUTH_SIMPLE_BIND;
- }
- } else {
- ads_struct = privates->ads_struct;
- }
-
- if (ads_struct->ld != NULL) {
- /* connection has been opened. ping server. */
- struct sockaddr_un addr;
- socklen_t len;
- int sd;
- if (ldap_get_option(ads_struct->ld, LDAP_OPT_DESC, &sd) == 0 &&
- getpeername(sd, (struct sockaddr *) &addr, &len) < 0) {
- /* the other end has died. reopen. */
- ldap_unbind_ext(ads_struct->ld, NULL, NULL);
- ads_struct->ld = NULL;
- }
- }
-
- if (ads_struct->ld != NULL) {
- DEBUG(5,("sam_ads_cached_connection: allready connected to the LDAP server\n"));
- return ADS_SUCCESS;
- }
-
- ads_status = ads_connect(ads_struct);
-
- ads_status = ads_server_info(ads_struct);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(0,("Can't set server info: %s\n",ads_errstr(ads_status)));
- /* return ads_status; */ FIXME("for now we only warn!\n");
- }
-
- DEBUG(2, ("sam_ads_cached_connection: succesful connection to the LDAP server\n"));
- return ADS_SUCCESS;
-}
-
-static ADS_STATUS sam_ads_do_search(SAM_ADS_PRIVATES *privates, const char *bind_path, int scope, const char *exp, const char **attrs, void **res)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
-
- ads_status = sam_ads_cached_connection(privates);
- if (!ADS_ERR_OK(ads_status))
- return ads_status;
-
- return ads_do_search_retry(privates->ads_struct, bind_path, scope, exp, attrs, res);
-}
-
-
-/*********************************************
-here we have to check the update serial number
- - this is the core of the ldap cache
-*********************************************/
-static ADS_STATUS sam_ads_usn_is_valid(SAM_ADS_PRIVATES *privates, uint32 usn_in, uint32 *usn_out)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
-
- SAM_ASSERT(privates && privates->ads_struct && usn_out);
-
- ads_status = ads_USN(privates->ads_struct, usn_out);
- if (!ADS_ERR_OK(ads_status))
- return ads_status;
-
- if (*usn_out == usn_in)
- return ADS_SUCCESS;
-
- return ads_status;
-}
-
-/***********************************************
-Initialize SAM_ACCOUNT_HANDLE from an ADS query
-************************************************/
-/* not ready :-( */
-static ADS_STATUS ads_entry2sam_account_handle(SAM_ADS_PRIVATES *privates, SAM_ACCOUNT_HANDLE *account ,void *msg)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_NO_SUCH_USER);
- NTSTATUS nt_status = NT_STATUS_NO_SUCH_USER;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = account->mem_ctx;
- char *tmp_str = NULL;
-
- SAM_ASSERT(privates && ads_struct && account && mem_ctx && msg);
-
- FIXME("should we really use ads_pull_username()(or ads_pull_string())?\n");
- if ((account->private.account_name = ads_pull_username(ads_struct, mem_ctx, msg))==NULL) {
- DEBUG(0,("ads_pull_username failed\n"));
- return ADS_ERROR_NT(NT_STATUS_NO_SUCH_USER);
- }
-
- if ((account->private.full_name = ads_pull_string(ads_struct, mem_ctx, msg,"name"))==NULL) {
- DEBUG(3,("ads_pull_string for 'name' failed - skip\n"));
- }
-
- if ((account->private.acct_desc = ads_pull_string(ads_struct, mem_ctx, msg,"description"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'acct_desc' failed - skip\n"));
- }
-
- if ((account->private.home_dir = ads_pull_string(ads_struct, mem_ctx, msg,"homeDirectory"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'homeDirectory' failed - skip\n"));
- }
-
- if ((account->private.dir_drive = ads_pull_string(ads_struct, mem_ctx, msg,"homeDrive"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'homeDrive' failed - skip\n"));
- }
-
- if ((account->private.profile_path = ads_pull_string(ads_struct, mem_ctx, msg,"profilePath"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'profilePath' failed - skip\n"));
- }
-
- if ((account->private.logon_script = ads_pull_string(ads_struct, mem_ctx, msg,"scriptPath"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'scriptPath' failed - skip\n"));
- }
-
- FIXME("check 'nsNPAllowDialIn' for munged_dial!\n");
- if ((account->private.munged_dial = ads_pull_string(ads_struct, mem_ctx, msg,"userParameters"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'userParameters' failed - skip\n"));
- }
-
- if ((account->private.unix_home_dir = ads_pull_string(ads_struct, mem_ctx, msg,"msSFUHomeDrirectory"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'msSFUHomeDrirectory' failed - skip\n"));
- }
-
-#if 0
- FIXME("use function intern mem_ctx for pwdLastSet\n");
- if ((tmp_str = ads_pull_string(ads_struct, mem_ctx, msg,"pwdLastSet"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'pwdLastSet' failed - skip\n"));
- } else {
- account->private.pass_last_set_time = ads_parse_nttime(tmp_str);
- tmp_str = NULL;
-
- }
-#endif
-
-#if 0
-typedef struct sam_account_handle {
- TALLOC_CTX *mem_ctx;
- uint32 access_granted;
- const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */
- void (*free_fn)(struct sam_account_handle **);
- struct sam_account_data {
- uint32 init_flag;
- NTTIME logon_time; /* logon time */
- NTTIME logoff_time; /* logoff time */
- NTTIME kickoff_time; /* kickoff time */
- NTTIME pass_last_set_time; /* password last set time */
- NTTIME pass_can_change_time; /* password can change time */
- NTTIME pass_must_change_time; /* password must change time */
- char * account_name; /* account_name string */
- SAM_DOMAIN_HANDLE * domain; /* domain of account */
- char *full_name; /* account's full name string */
- char *unix_home_dir; /* UNIX home directory string */
- char *home_dir; /* home directory string */
- char *dir_drive; /* home directory drive string */
- char *logon_script; /* logon script string */
- char *profile_path; /* profile path string */
- char *acct_desc; /* account description string */
- char *workstations; /* login from workstations string */
- char *unknown_str; /* don't know what this is, yet. */
- char *munged_dial; /* munged path name and dial-back tel number */
- DOM_SID account_sid; /* Primary Account SID */
- DOM_SID group_sid; /* Primary Group SID */
- DATA_BLOB lm_pw; /* .data is Null if no password */
- DATA_BLOB nt_pw; /* .data is Null if no password */
- char *plaintext_pw; /* if Null not available */
- uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
- uint32 unknown_1; /* 0x00ff ffff */
- uint16 logon_divs; /* 168 - number of hours in a week */
- uint32 hours_len; /* normally 21 bytes */
- uint8 hours[MAX_HOURS_LEN];
- uint32 unknown_2; /* 0x0002 0000 */
- uint32 unknown_3; /* 0x0000 04ec */
- } private;
-} SAM_ACCOUNT_HANDLE;
-#endif
-
- return ads_status;
-}
-
-
-/***********************************************
-Initialize SAM_GROUP_ENUM from an ads entry
-************************************************/
-/* not ready :-( */
-static ADS_STATUS ads_entry2sam_group_enum(SAM_ADS_PRIVATES *privates, TALLOC_CTX *mem_ctx, SAM_GROUP_ENUM **group_enum,const void *entry)
-{
- ADS_STATUS ads_status = ADS_STATUS_UNSUCCESSFUL;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- SAM_GROUP_ENUM __group_enum;
- SAM_GROUP_ENUM *_group_enum = &__group_enum;
-
- SAM_ASSERT(privates && ads_struct && mem_ctx && group_enum && entry);
-
- *group_enum = _group_enum;
-
- DEBUG(3,("sam_ads: ads_entry2sam_account_handle\n"));
-
- if (!ads_pull_sid(ads_struct, &entry, "objectSid", &(_group_enum->sid))) {
- DEBUG(0,("No sid for!?\n"));
- return ADS_STATUS_UNSUCCESSFUL;
- }
-
- if (!(_group_enum->group_name = ads_pull_string(ads_struct, mem_ctx, &entry, "sAMAccountName"))) {
- DEBUG(0,("No groupname found"));
- return ADS_STATUS_UNSUCCESSFUL;
- }
-
- if (!(_group_enum->group_desc = ads_pull_string(ads_struct, mem_ctx, &entry, "desciption"))) {
- DEBUG(0,("No description found"));
- return ADS_STATUS_UNSUCCESSFUL;
- }
-
- DEBUG(0,("sAMAccountName: %s\ndescription: %s\nobjectSid: %s\n",
- _group_enum->group_name,
- _group_enum->group_desc,
- sid_string_static(&(_group_enum->sid))
- ));
-
- return ads_status;
-}
-
-static ADS_STATUS sam_ads_access_check(SAM_ADS_PRIVATES *privates, const SEC_DESC *sd, const NT_USER_TOKEN *access_token, uint32 access_desired, uint32 *acc_granted)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_ACCESS_DENIED);
- NTSTATUS nt_status;
- uint32 my_acc_granted;
-
- SAM_ASSERT(privates && sd && access_token);
- /* acc_granted can be set to NULL */
-
- /* the steps you need are:
- 1. get_sec_desc for sid
- 2. se_map_generic(accessdesired, generic_mapping)
- 3. se_access_check() */
-
- if (!se_access_check(sd, access_token, access_desired, (acc_granted)?acc_granted:&my_acc_granted, &nt_status)) {
- DEBUG(3,("sam_ads_access_check: ACCESS DENIED\n"));
- ads_status = ADS_ERROR_NT(nt_status);
- return ads_status;
- }
- ads_status = ADS_ERROR_NT(nt_status);
- return ads_status;
-}
-
-static ADS_STATUS sam_ads_get_tree_sec_desc(SAM_ADS_PRIVATES *privates, const char *subtree, SEC_DESC **sd)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = privates->mem_ctx;
- char *search_path;
- void *sec_desc_res;
- void *sec_desc_msg;
- const char *sec_desc_attrs[] = {"nTSecurityDescriptor",NULL};
-
- SAM_ASSERT(privates && ads_struct && mem_ctx && sd);
- *sd = NULL;
-
- if (subtree) {
- asprintf(&search_path, "%s%s",subtree,ads_struct->config.bind_path);
- } else {
- asprintf(&search_path, "%s","");
- }
- ads_status = sam_ads_do_search(privates, search_path, LDAP_SCOPE_BASE, "(objectClass=*)", sec_desc_attrs, &sec_desc_res);
- SAFE_FREE(search_path);
- if (!ADS_ERR_OK(ads_status))
- return ads_status;
-
- if ((sec_desc_msg = ads_first_entry(ads_struct, sec_desc_res))==NULL) {
- ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
- return ads_status;
- }
-
- if (!ads_pull_sd(ads_struct, mem_ctx, sec_desc_msg, sec_desc_attrs[0], sd)) {
- *sd = NULL;
- ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
- return ads_status;
- }
-
- return ads_status;
-}
-
-static ADS_STATUS sam_ads_account_policy_get(SAM_ADS_PRIVATES *privates, int field, uint32 *value)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
- ADS_STRUCT *ads_struct = privates->ads_struct;
- void *ap_res;
- void *ap_msg;
- const char *ap_attrs[] = {"minPwdLength",/* AP_MIN_PASSWORD_LEN */
- "pwdHistoryLength",/* AP_PASSWORD_HISTORY */
- "AP_USER_MUST_LOGON_TO_CHG_PASS",/* AP_USER_MUST_LOGON_TO_CHG_PASS */
- "maxPwdAge",/* AP_MAX_PASSWORD_AGE */
- "minPwdAge",/* AP_MIN_PASSWORD_AGE */
- "lockoutDuration",/* AP_LOCK_ACCOUNT_DURATION */
- "AP_RESET_COUNT_TIME",/* AP_RESET_COUNT_TIME */
- "AP_BAD_ATTEMPT_LOCKOUT",/* AP_BAD_ATTEMPT_LOCKOUT */
- "AP_TIME_TO_LOGOUT",/* AP_TIME_TO_LOGOUT */
- NULL};
- /*lockOutObservationWindow
- lockoutThreshold $ pwdProperties*/
- static uint32 ap[9];
- static uint32 ap_usn = 0;
- uint32 tmp_usn = 0;
-
- SAM_ASSERT(privates && ads_struct && value);
-
- FIXME("We need to decode all account_policy attributes!\n");
-
- ads_status = sam_ads_usn_is_valid(privates,ap_usn,&tmp_usn);
- if (!ADS_ERR_OK(ads_status)) {
- ads_status = sam_ads_do_search(privates, ads_struct->config.bind_path, LDAP_SCOPE_BASE, "(objectClass=*)", ap_attrs, &ap_res);
- if (!ADS_ERR_OK(ads_status))
- return ads_status;
-
- if (ads_count_replies(ads_struct, ap_res) != 1) {
- ads_msgfree(ads_struct, ap_res);
- return ADS_ERROR(LDAP_NO_RESULTS_RETURNED);
- }
-
- if (!(ap_msg = ads_first_entry(ads_struct, ap_res))) {
- ads_msgfree(ads_struct, ap_res);
- return ADS_ERROR(LDAP_NO_RESULTS_RETURNED);
- }
-
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[0], &ap[0])) {
- /* AP_MIN_PASSWORD_LEN */
- ap[0] = MINPASSWDLENGTH;/* 5 chars minimum */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[1], &ap[1])) {
- /* AP_PASSWORD_HISTORY */
- ap[1] = 0;/* don't keep any old password */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[2], &ap[2])) {
- /* AP_USER_MUST_LOGON_TO_CHG_PASS */
- ap[2] = 0;/* don't force user to logon */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[3], &ap[3])) {
- /* AP_MAX_PASSWORD_AGE */
- ap[3] = MAX_PASSWORD_AGE;/* 21 days */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[4], &ap[4])) {
- /* AP_MIN_PASSWORD_AGE */
- ap[4] = 0;/* 0 days */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[5], &ap[5])) {
- /* AP_LOCK_ACCOUNT_DURATION */
- ap[5] = 0;/* lockout for 0 minutes */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[6], &ap[6])) {
- /* AP_RESET_COUNT_TIME */
- ap[6] = 0;/* reset immediatly */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[7], &ap[7])) {
- /* AP_BAD_ATTEMPT_LOCKOUT */
- ap[7] = 0;/* don't lockout */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[8], &ap[8])) {
- /* AP_TIME_TO_LOGOUT */
- ap[8] = -1;/* don't force logout */
- }
-
- ads_msgfree(ads_struct, ap_res);
- ap_usn = tmp_usn;
- }
-
- switch(field) {
- case AP_MIN_PASSWORD_LEN:
- *value = ap[0];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_PASSWORD_HISTORY:
- *value = ap[1];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_USER_MUST_LOGON_TO_CHG_PASS:
- *value = ap[2];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_MAX_PASSWORD_AGE:
- *value = ap[3];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_MIN_PASSWORD_AGE:
- *value = ap[4];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_LOCK_ACCOUNT_DURATION:
- *value = ap[5];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_RESET_COUNT_TIME:
- *value = ap[6];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_BAD_ATTEMPT_LOCKOUT:
- *value = ap[7];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_TIME_TO_LOGOUT:
- *value = ap[8];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- default: *value = 0; break;
- }
-
- return ads_status;
-}
-
-
-/**********************************
-Now the functions off the SAM API
-***********************************/
-
-/* General API */
-static NTSTATUS sam_ads_get_sec_desc(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token,
- const DOM_SID *sid, SEC_DESC **sd)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx;
- char *sidstr,*filter;
- void *sec_desc_res;
- void *sec_desc_msg;
- const char *sec_desc_attrs[] = {"nTSecurityDescriptor",NULL};
- fstring sid_str;
- SEC_DESC *my_sd;
-
- SAM_ASSERT(sam_method && access_token && sid && sd);
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL);
-
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- sidstr = sid_binstring(sid);
- if (asprintf(&filter, "(objectSid=%s)", sidstr) == -1) {
- SAFE_FREE(sidstr);
- return NT_STATUS_NO_MEMORY;
- }
-
- SAFE_FREE(sidstr);
-
- ads_status = sam_ads_do_search(privates,ads_struct->config.bind_path,
- LDAP_SCOPE_SUBTREE, filter, sec_desc_attrs,
- &sec_desc_res);
- SAFE_FREE(filter);
-
- if (!ADS_ERR_OK(ads_status)) {
- return ads_ntstatus(ads_status);
- }
-
- if (!(mem_ctx = talloc_init("sec_desc parse in sam_ads"))) {
- DEBUG(1, ("talloc_init() failed for sec_desc parse context in sam_ads"));
- ads_msgfree(ads_struct, sec_desc_res);
- return NT_STATUS_NO_MEMORY;
- }
-
- if (ads_count_replies(ads_struct, sec_desc_res) != 1) {
- DEBUG(1,("sam_ads_get_sec_desc: duplicate or 0 results for sid %s\n",
- sid_to_string(sid_str, sid)));
- talloc_destroy(mem_ctx);
- ads_msgfree(ads_struct, sec_desc_res);
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (!(sec_desc_msg = ads_first_entry(ads_struct, sec_desc_res))) {
- talloc_destroy(mem_ctx);
- ads_msgfree(ads_struct, sec_desc_res);
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!ads_pull_sd(ads_struct, mem_ctx, sec_desc_msg, sec_desc_attrs[0], sd)) {
- ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
- talloc_destroy(mem_ctx);
- ads_msgfree(ads_struct, sec_desc_res);
- return ads_ntstatus(ads_status);
- }
-
- /* now, were we allowed to see the SD we just got? */
-
- ads_msgfree(ads_struct, sec_desc_res);
- talloc_destroy(mem_ctx);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_set_sec_desc(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token,
- const DOM_SID *sid, const SEC_DESC *sd)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-
-static NTSTATUS sam_ads_lookup_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token,
- TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name,
- enum SID_NAME_USE *type)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- SEC_DESC *my_sd;
-
- SAM_ASSERT(sam_method && access_token && mem_ctx && sid && name && type);
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- return ads_sid_to_name(ads_struct, mem_ctx, sid, name, type);
-}
-
-static NTSTATUS sam_ads_lookup_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token,
- const char *name, DOM_SID *sid, enum SID_NAME_USE *type)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- SEC_DESC *my_sd;
-
- SAM_ASSERT(sam_method && access_token && name && sid && type);
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- return ads_name_to_sid(ads_struct, name, sid, type);
-}
-
-
-/* Domain API */
-
-static NTSTATUS sam_ads_update_domain(const SAM_METHODS *sam_method, const SAM_DOMAIN_HANDLE *domain)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_get_domain_handle(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token,
- const uint32 access_desired, SAM_DOMAIN_HANDLE **domain)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- TALLOC_CTX *mem_ctx = privates->mem_ctx; /*Fix me is this right??? */
- SAM_DOMAIN_HANDLE *dom_handle = NULL;
- SEC_DESC *sd;
- uint32 acc_granted;
- uint32 tmp_value;
-
- DEBUG(5,("sam_ads_get_domain_handle: %d\n",__LINE__));
-
- SAM_ASSERT(sam_method && access_token && domain);
-
- (*domain) = NULL;
-
- if ((dom_handle = talloc(mem_ctx, sizeof(SAM_DOMAIN_HANDLE))) == NULL) {
- DEBUG(0,("failed to talloc dom_handle\n"));
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- return ads_ntstatus(ads_status);
- }
-
- ZERO_STRUCTP(dom_handle);
-
- dom_handle->mem_ctx = mem_ctx; /*Fix me is this right??? */
- dom_handle->free_fn = NULL;
- dom_handle->current_sam_methods = sam_method;
-
- /* check if access can be granted as requested */
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- dom_handle->access_granted = acc_granted;
-
- /* fill all the values of dom_handle */
- sid_copy(&dom_handle->private.sid, &sam_method->domain_sid);
- dom_handle->private.name = smb_xstrdup(sam_method->domain_name);
- dom_handle->private.servername = "WHOKNOWS"; /* what is the servername */
-
- /*Fix me: sam_ads_account_policy_get() return ADS_STATUS! */
- ads_status = sam_ads_account_policy_get(privates, AP_MAX_PASSWORD_AGE, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for max password age. Useing default\n"));
- tmp_value = MAX_PASSWORD_AGE;
- }
- unix_to_nt_time_abs(&dom_handle->private.max_passwordage,tmp_value);
-
- ads_status = sam_ads_account_policy_get(privates, AP_MIN_PASSWORD_AGE, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for min password age. Useing default\n"));
- tmp_value = 0;
- }
- unix_to_nt_time_abs(&dom_handle->private.min_passwordage, tmp_value);
-
- ads_status = sam_ads_account_policy_get(privates, AP_LOCK_ACCOUNT_DURATION, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for lockout duration. Useing default\n"));
- tmp_value = 0;
- }
- unix_to_nt_time_abs(&dom_handle->private.lockout_duration, tmp_value);
-
- ads_status = sam_ads_account_policy_get(privates, AP_RESET_COUNT_TIME, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for time till locout count is reset. Useing default\n"));
- tmp_value = 0;
- }
- unix_to_nt_time_abs(&dom_handle->private.reset_count, tmp_value);
-
- ads_status = sam_ads_account_policy_get(privates, AP_MIN_PASSWORD_LEN, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for min password length. Useing default\n"));
- tmp_value = 0;
- }
- dom_handle->private.min_passwordlength = (uint16)tmp_value;
-
- ads_status = sam_ads_account_policy_get(privates, AP_PASSWORD_HISTORY, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed password history. Useing default\n"));
- tmp_value = 0;
- }
- dom_handle->private.password_history = (uint16)tmp_value;
-
- ads_status = sam_ads_account_policy_get(privates, AP_BAD_ATTEMPT_LOCKOUT, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for bad attempts till lockout. Useing default\n"));
- tmp_value = 0;
- }
- dom_handle->private.lockout_count = (uint16)tmp_value;
-
- ads_status = sam_ads_account_policy_get(privates, AP_TIME_TO_LOGOUT, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for force logout. Useing default\n"));
- tmp_value = -1;
- }
-
- ads_status = sam_ads_account_policy_get(privates, AP_USER_MUST_LOGON_TO_CHG_PASS, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for user must login to change password. Useing default\n"));
- tmp_value = 0;
- }
-
- /* should the real values of num_accounts, num_groups and num_aliases be retreved?
- * I think it is to expensive to bother
- */
- dom_handle->private.num_accounts = 3;
- dom_handle->private.num_groups = 4;
- dom_handle->private.num_aliases = 5;
-
- *domain = dom_handle;
-
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- return ads_ntstatus(ads_status);
-}
-
-/* Account API */
-static NTSTATUS sam_ads_create_account(const SAM_METHODS *sam_method,
- const NT_USER_TOKEN *access_token, uint32 access_desired,
- const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- SEC_DESC *sd = NULL;
- uint32 acc_granted;
-
- SAM_ASSERT(sam_method && privates && access_token && account_name && account);
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_SUBTREE_USERS, &sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = ADS_ERROR_NT(sam_init_account(account));
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- (*account)->access_granted = acc_granted;
-
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_add_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account)
-{
- ADS_STATUS ads_status = ADS_ERROR(LDAP_NO_MEMORY);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = privates->mem_ctx;
- ADS_MODLIST mods;
- uint16 acct_ctrl;
- char *new_dn;
- SEC_DESC *sd;
- uint32 acc_granted;
-
- SAM_ASSERT(sam_method && account);
-
- ads_status = ADS_ERROR_NT(sam_get_account_acct_ctrl(account,&acct_ctrl));
- if (!ADS_ERR_OK(ads_status))
- goto done;
-
- if ((acct_ctrl & ACB_WSTRUST)||(acct_ctrl & ACB_SVRTRUST)) {
- /* Computer account */
- char *name,*controlstr;
- char *hostname,*host_upn,*host_spn;
- const char *objectClass[] = {"top", "person", "organizationalPerson",
- "user", "computer", NULL};
-
- ads_status = ADS_ERROR_NT(sam_get_account_name(account,&name));
- if (!ADS_ERR_OK(ads_status))
- goto done;
-
- if (!(host_upn = talloc_asprintf(mem_ctx, "%s@%s", name, ads_struct->config.realm))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(new_dn = talloc_asprintf(mem_ctx, "CN=%s,CN=Computers,%s", hostname,
- ads_struct->config.bind_path))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(controlstr = talloc_asprintf(mem_ctx, "%u", ads_acb2uf(acct_ctrl)))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(mods = ads_init_mods(mem_ctx))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- ads_status = ads_mod_str(mem_ctx, &mods, "cn", hostname);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_strlist(mem_ctx, &mods, "objectClass", objectClass);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "userPrincipalName", host_upn);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "displayName", hostname);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "sAMAccountName", name);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr);
- if (!ADS_ERR_OK(ads_status))
- goto done;
-
- ads_status = ads_mod_str(mem_ctx, &mods, "servicePrincipalName", host_spn);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "dNSHostName", hostname);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- /* ads_status = ads_mod_str(mem_ctx, &mods, "operatingSystem", "Samba");
- if (!ADS_ERR_OK(ads_status))
- goto done;
- *//* ads_status = ads_mod_str(mem_ctx, &mods, "operatingSystemVersion", VERSION);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- */
- /* End Computer account */
- } else {
- /* User account*/
- char *upn, *controlstr;
- char *name, *fullname;
- const char *objectClass[] = {"top", "person", "organizationalPerson",
- "user", NULL};
-
- ads_status = ADS_ERROR_NT(sam_get_account_name(account,&name));
- if (!ADS_ERR_OK(ads_status))
- goto done;
-
- ads_status = ADS_ERROR_NT(sam_get_account_fullname(account,&fullname));
- if (!ADS_ERR_OK(ads_status))
- goto done;
-
- if (!(upn = talloc_asprintf(mem_ctx, "%s@%s", name, ads_struct->config.realm))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(new_dn = talloc_asprintf(mem_ctx, "CN=%s,CN=Users,%s", fullname,
- ads_struct->config.bind_path))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(controlstr = talloc_asprintf(mem_ctx, "%u", ads_acb2uf(acct_ctrl)))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(mods = ads_init_mods(mem_ctx))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- ads_status = ads_mod_str(mem_ctx, &mods, "cn", fullname);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_strlist(mem_ctx, &mods, "objectClass", objectClass);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "userPrincipalName", upn);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "displayName", fullname);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "sAMAccountName", name);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- }/* End User account */
-
- /* Finally at the account */
- ads_status = ads_gen_add(ads_struct, new_dn, mods);
-
-done:
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_update_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_delete_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
-
-
-
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_enum_accounts(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-#if 0
-static NTSTATUS sam_ads_get_account_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *account_sid, SAM_ACCOUNT_HANDLE **account)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = privates->mem_ctx;
- SEC_DESC *sd = NULL;
- uint32 acc_granted;
-
- SAM_ASSERT(sam_method && privates && ads_struct && access_token && account_sid && account);
-
- ads_status = ADS_ERROR_NT(sam_ads_get_sec_desc(sam_method, access_token, account_sid, &my_sd));
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = ADS_ERROR_NT(sam_init_account(account));
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- (*account)->access_granted = acc_granted;
-
- return ads_ntstatus(ads_status);
-}
-#else
-static NTSTATUS sam_ads_get_account_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *account_sid, SAM_ACCOUNT_HANDLE **account)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-#endif
-
-#if 0
-static NTSTATUS sam_ads_get_account_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *account_name, SAM_ACCOUNT_HANDLE **account)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = privates->mem_ctx;
- SEC_DESC *sd = NULL;
- uint32 acc_granted;
-
- SAM_ASSERT(sam_method && privates && ads_struct && access_token && account_name && account);
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = ADS_ERROR_NT(sam_init_account(account));
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- (*account)->access_granted = acc_granted;
-
- return ads_ntstatus(ads_status);
-}
-#else
-static NTSTATUS sam_ads_get_account_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *account_name, SAM_ACCOUNT_HANDLE **account)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-#endif
-
-/* Group API */
-static NTSTATUS sam_ads_create_group(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_add_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_update_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_delete_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_enum_groups(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = privates->mem_ctx;
- void *res = NULL;
- void *msg = NULL;
- char *filter = NULL;
- int i = 0;
-
- /* get only these LDAP attributes, witch we really need for a group */
- const char *group_enum_attrs[] = {"objectSid",
- "description",
- "sAMAcountName",
- NULL};
-
- SAM_ASSERT(sam_method && access_token && groups_count && groups);
-
- *groups_count = 0;
-
- DEBUG(3,("ads: enum_dom_groups\n"));
-
- FIXME("get only group from the wanted Type!\n");
- asprintf(&filter, "(&(objectClass=group)(groupType=%s))", "*");
- ads_status = sam_ads_do_search(privates, ads_struct->config.bind_path, LDAP_SCOPE_SUBTREE, filter, group_enum_attrs, &res);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(1,("enum_groups ads_search: %s\n", ads_errstr(ads_status)));
- }
-
- *groups_count = ads_count_replies(ads_struct, res);
- if (*groups_count == 0) {
- DEBUG(1,("enum_groups: No groups found\n"));
- }
-
- (*groups) = talloc_zero(mem_ctx, (*groups_count) * sizeof(**groups));
- if (!*groups) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- }
-
- for (msg = ads_first_entry(ads_struct, res); msg; msg = ads_next_entry(ads_struct, msg)) {
- uint32 grouptype;
-
- if (!ads_pull_uint32(ads_struct, msg, "groupType", &grouptype)) {
- ;
- } else {
- (*groups)->group_ctrl = ads_gtype2gcb(grouptype);
- }
-
- if (!((*groups)->group_name = ads_pull_string(ads_struct, mem_ctx, msg, "sAMAccountName"))) {
- ;
- }
-
- if (!((*groups)->group_desc = ads_pull_string(ads_struct, mem_ctx, msg, "description"))) {
- ;
- }
-
- if (!ads_pull_sid(ads_struct, msg, "objectSid", &((*groups)->sid))) {
- DEBUG(1,("No sid for group %s !?\n", (*groups)->group_name));
- continue;
- }
-
- i++;
- }
-
- (*groups_count) = i;
-
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
-
- DEBUG(3,("ads enum_dom_groups gave %d entries\n", (*groups_count)));
-
- if (res) ads_msgfree(ads_struct, res);
-
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_get_group_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_get_group_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_add_member_to_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_delete_member_from_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_enum_groupmembers(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_get_groups_of_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const DOM_SID **sids, const uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-/**********************************
-Free our private data
-***********************************/
-static void sam_ads_free_private_data(void **vp)
-{
- SAM_ADS_PRIVATES **sam_ads_state = (SAM_ADS_PRIVATES **)vp;
-
- if ((*sam_ads_state)->ads_struct->ld) {
- ldap_unbind((*sam_ads_state)->ads_struct->ld);
- }
-
- ads_destroy(&((*sam_ads_state)->ads_struct));
-
- talloc_destroy((*sam_ads_state)->mem_ctx);
- FIXME("maybe we must free some other stuff here\n");
-
- *sam_ads_state = NULL;
-}
-
-
-
-/*****************************************************
-Init the ADS SAM backend
-******************************************************/
-NTSTATUS sam_init_ads(SAM_METHODS *sam_method, const char *module_params)
-{
- ADS_STATUS ads_status;
- SAM_ADS_PRIVATES *sam_ads_state;
- TALLOC_CTX *mem_ctx;
-
- SAM_ASSERT(sam_method && sam_method->parent);
-
- mem_ctx = sam_method->parent->mem_ctx;
-
- /* Here the SAM API functions of the sam_ads module */
-
- /* General API */
-
- sam_method->sam_get_sec_desc = sam_ads_get_sec_desc;
- sam_method->sam_set_sec_desc = sam_ads_set_sec_desc;
-
- sam_method->sam_lookup_sid = sam_ads_lookup_sid;
- sam_method->sam_lookup_name = sam_ads_lookup_name;
-
- /* Domain API */
-
- sam_method->sam_update_domain = sam_ads_update_domain;
- sam_method->sam_get_domain_handle = sam_ads_get_domain_handle;
-
- /* Account API */
-
- sam_method->sam_create_account = sam_ads_create_account;
- sam_method->sam_add_account = sam_ads_add_account;
- sam_method->sam_update_account = sam_ads_update_account;
- sam_method->sam_delete_account = sam_ads_delete_account;
- sam_method->sam_enum_accounts = sam_ads_enum_accounts;
-
- sam_method->sam_get_account_by_sid = sam_ads_get_account_by_sid;
- sam_method->sam_get_account_by_name = sam_ads_get_account_by_name;
-
- /* Group API */
-
- sam_method->sam_create_group = sam_ads_create_group;
- sam_method->sam_add_group = sam_ads_add_group;
- sam_method->sam_update_group = sam_ads_update_group;
- sam_method->sam_delete_group = sam_ads_delete_group;
- sam_method->sam_enum_groups = sam_ads_enum_groups;
- sam_method->sam_get_group_by_sid = sam_ads_get_group_by_sid;
- sam_method->sam_get_group_by_name = sam_ads_get_group_by_name;
-
- sam_method->sam_add_member_to_group = sam_ads_add_member_to_group;
- sam_method->sam_delete_member_from_group = sam_ads_delete_member_from_group;
- sam_method->sam_enum_groupmembers = sam_ads_enum_groupmembers;
-
- sam_method->sam_get_groups_of_sid = sam_ads_get_groups_of_sid;
-
- sam_ads_state = talloc_zero(mem_ctx, sizeof(SAM_ADS_PRIVATES));
- if (!sam_ads_state) {
- DEBUG(0, ("talloc() failed for sam_ads private_data!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- if (!(sam_ads_state->mem_ctx = talloc_init("sam_ads_method"))) {
- DEBUG(0, ("talloc_init() failed for sam_ads_state->mem_ctx\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- sam_ads_state->ads_bind_dn = talloc_strdup(sam_ads_state->mem_ctx, lp_parm_string(NULL,"sam_ads","bind as"));
- sam_ads_state->ads_bind_pw = talloc_strdup(sam_ads_state->mem_ctx, lp_parm_string(NULL,"sam_ads","bind pw"));
-
- sam_ads_state->bind_plaintext = strequal(lp_parm_string(NULL, "sam_ads", "plaintext bind"), "yes");
-
- if (!sam_ads_state->ads_bind_dn || !sam_ads_state->ads_bind_pw) {
- DEBUG(0, ("talloc_strdup() failed for bind dn or password\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- /* Maybe we should not check the result here? Server down on startup? */
-
- if (module_params && *module_params) {
- sam_ads_state->ldap_uri = talloc_strdup(sam_ads_state->mem_ctx, module_params);
- if (!sam_ads_state->ldap_uri) {
- DEBUG(0, ("talloc_strdup() failed for bind dn or password\n"));
- return NT_STATUS_NO_MEMORY;
- }
- } else {
- sam_ads_state->ldap_uri = "ldapi://";
- }
-
- ads_status = sam_ads_cached_connection(sam_ads_state);
- if (!ADS_ERR_OK(ads_status)) {
- return ads_ntstatus(ads_status);
- }
-
- sam_method->private_data = sam_ads_state;
- sam_method->free_private_data = sam_ads_free_private_data;
-
- sam_ads_debug_level = debug_add_class("sam_ads");
- if (sam_ads_debug_level == -1) {
- sam_ads_debug_level = DBGC_ALL;
- DEBUG(0, ("sam_ads: Couldn't register custom debugging class!\n"));
- } else DEBUG(2, ("sam_ads: Debug class number of 'sam_ads': %d\n", sam_ads_debug_level));
-
- DEBUG(5, ("Initializing sam_ads\n"));
- if (module_params)
- DEBUG(10, ("Module Parameters for Domain %s[%s]: %s\n", sam_method->domain_name, sam_method->domain_name, module_params));
- return NT_STATUS_OK;
-}
-
-#else /* HAVE_LDAP */
-void sam_ads_dummy(void)
-{
- DEBUG(0,("sam_ads: not supported!\n"));
-}
-#endif /* HAVE_LDAP */
diff --git a/source3/sam/sam_skel.c b/source3/sam/sam_skel.c
deleted file mode 100644
index b4d64bb6da..0000000000
--- a/source3/sam/sam_skel.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- this is a skeleton for SAM backend modules.
-
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Jelmer Vernooij 2002
- Copyright (C) Andrew Bartlett 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-static int sam_skel_debug_level = DBGC_SAM;
-
-#undef DBGC_CLASS
-#define DBGC_CLASS sam_skel_debug_level
-
-/* define the version of the SAM interface */
-SAM_MODULE_VERSIONING_MAGIC
-
-/* General API */
-
-static NTSTATUS sam_skel_get_sec_desc(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_set_sec_desc(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-static NTSTATUS sam_skel_lookup_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_lookup_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const char *name, DOM_SID *sid, uint32 *type)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-/* Domain API */
-
-static NTSTATUS sam_skel_update_domain(const SAM_METHODS *sam_methods, const SAM_DOMAIN_HANDLE *domain)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_get_domain_handle(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, SAM_DOMAIN_HANDLE **domain)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-/* Account API */
-
-static NTSTATUS sam_skel_create_account(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_add_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_update_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_delete_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_enum_accounts(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-static NTSTATUS sam_skel_get_account_by_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_get_account_by_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_ACCOUNT_HANDLE **account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-/* Group API */
-
-static NTSTATUS sam_skel_create_group(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_add_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_update_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_delete_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_enum_groups(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_get_group_by_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_get_group_by_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-static NTSTATUS sam_skel_add_member_to_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_delete_member_from_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_enum_groupmembers(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-static NTSTATUS sam_skel_get_groups_of_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-NTSTATUS sam_init_skel(SAM_METHODS *sam_methods, const char *module_params)
-{
- /* Functions your SAM module doesn't provide should be set
- * to NULL */
-
- sam_methods->sam_get_sec_desc = sam_skel_get_sec_desc;
- sam_methods->sam_set_sec_desc = sam_skel_set_sec_desc;
-
- sam_methods->sam_lookup_sid = sam_skel_lookup_sid;
- sam_methods->sam_lookup_name = sam_skel_lookup_name;
-
- /* Domain API */
-
- sam_methods->sam_update_domain = sam_skel_update_domain;
- sam_methods->sam_get_domain_handle = sam_skel_get_domain_handle;
-
- /* Account API */
-
- sam_methods->sam_create_account = sam_skel_create_account;
- sam_methods->sam_add_account = sam_skel_add_account;
- sam_methods->sam_update_account = sam_skel_update_account;
- sam_methods->sam_delete_account = sam_skel_delete_account;
- sam_methods->sam_enum_accounts = sam_skel_enum_accounts;
-
- sam_methods->sam_get_account_by_sid = sam_skel_get_account_by_sid;
- sam_methods->sam_get_account_by_name = sam_skel_get_account_by_name;
-
- /* Group API */
-
- sam_methods->sam_create_group = sam_skel_create_group;
- sam_methods->sam_add_group = sam_skel_add_group;
- sam_methods->sam_update_group = sam_skel_update_group;
- sam_methods->sam_delete_group = sam_skel_delete_group;
- sam_methods->sam_enum_groups = sam_skel_enum_groups;
- sam_methods->sam_get_group_by_sid = sam_skel_get_group_by_sid;
- sam_methods->sam_get_group_by_name = sam_skel_get_group_by_name;
-
- sam_methods->sam_add_member_to_group = sam_skel_add_member_to_group;
- sam_methods->sam_delete_member_from_group = sam_skel_delete_member_from_group;
- sam_methods->sam_enum_groupmembers = sam_skel_enum_groupmembers;
-
- sam_methods->sam_get_groups_of_sid = sam_skel_get_groups_of_sid;
-
- sam_methods->free_private_data = NULL;
-
-
- sam_skel_debug_level = debug_add_class("sam_skel");
- if (sam_skel_debug_level == -1) {
- sam_skel_debug_level = DBGC_SAM;
- DEBUG(0, ("sam_skel: Couldn't register custom debugging class!\n"));
- } else DEBUG(2, ("sam_skel: Debug class number of 'sam_skel': %d\n", sam_skel_debug_level));
-
- if(module_params)
- DEBUG(0, ("Starting 'sam_skel' with parameters '%s' for domain %s\n", module_params, sam_methods->domain_name));
- else
- DEBUG(0, ("Starting 'sam_skel' for domain %s without paramters\n", sam_methods->domain_name));
-
- return NT_STATUS_OK;
-}
diff --git a/source3/script/find_missing_doc.pl b/source3/script/find_missing_doc.pl
index b27a405e4d..b582446569 100755
--- a/source3/script/find_missing_doc.pl
+++ b/source3/script/find_missing_doc.pl
@@ -30,7 +30,7 @@ close(IN);
open(IN,$topdir.$doc_file) || die("Can't open $topdir$doc_file");
while(<IN>) {
- if( /<term><anchor id="([^"]*)"\/>([^<]*?)([ ]*)\(.\)([ ]*)<\/term>/g ) {
+ if( /<term><anchor id="([^"]*)">([^<]*?)([ ]*)\(.\)([ ]*)<\/term>/g ) {
$key = $1;
$value = $2;
$doc{$value} = $key;
diff --git a/source3/script/genstruct.pl b/source3/script/genstruct.pl
deleted file mode 100755
index a6abd718c9..0000000000
--- a/source3/script/genstruct.pl
+++ /dev/null
@@ -1,299 +0,0 @@
-#!/usr/bin/perl -w
-# a simple system for generating C parse info
-# this can be used to write generic C structer load/save routines
-# Copyright 2002 Andrew Tridgell <genstruct@tridgell.net>
-# released under the GNU General Public License v2 or later
-
-use strict;
-
-my(%enum_done) = ();
-my(%struct_done) = ();
-
-###################################################
-# general handler
-sub handle_general($$$$$$$$)
-{
- my($name) = shift;
- my($ptr_count) = shift;
- my($size) = shift;
- my($element) = shift;
- my($flags) = shift;
- my($dump_fn) = shift;
- my($parse_fn) = shift;
- my($tflags) = shift;
- my($array_len) = 0;
- my($dynamic_len) = "NULL";
-
- # handle arrays, currently treat multidimensional arrays as 1 dimensional
- while ($element =~ /(.*)\[(.*?)\]$/) {
- $element = $1;
- if ($array_len == 0) {
- $array_len = $2;
- } else {
- $array_len = "$2 * $array_len";
- }
- }
-
- if ($flags =~ /_LEN\((\w*?)\)/) {
- $dynamic_len = "\"$1\"";
- }
-
- if ($flags =~ /_NULLTERM/) {
- $tflags = "FLAG_NULLTERM";
- }
-
- print OFILE "{\"$element\", $ptr_count, $size, offsetof(struct $name, $element), $array_len, $dynamic_len, $tflags, $dump_fn, $parse_fn},\n";
-}
-
-
-####################################################
-# parse one element
-sub parse_one($$$$)
-{
- my($name) = shift;
- my($type) = shift;
- my($element) = shift;
- my($flags) = shift;
- my($ptr_count) = 0;
- my($size) = "sizeof($type)";
- my($tflags) = "0";
-
- # enums get the FLAG_ALWAYS flag
- if ($type =~ /^enum /) {
- $tflags = "FLAG_ALWAYS";
- }
-
-
- # make the pointer part of the base type
- while ($element =~ /^\*(.*)/) {
- $ptr_count++;
- $element = $1;
- }
-
- # convert spaces to _
- $type =~ s/ /_/g;
-
- my($dump_fn) = "gen_dump_$type";
- my($parse_fn) = "gen_parse_$type";
-
- handle_general($name, $ptr_count, $size, $element, $flags, $dump_fn, $parse_fn, $tflags);
-}
-
-####################################################
-# parse one element
-sub parse_element($$$)
-{
- my($name) = shift;
- my($element) = shift;
- my($flags) = shift;
- my($type);
- my($data);
-
- # pull the base type
- if ($element =~ /^struct (\S*) (.*)/) {
- $type = "struct $1";
- $data = $2;
- } elsif ($element =~ /^enum (\S*) (.*)/) {
- $type = "enum $1";
- $data = $2;
- } elsif ($element =~ /^unsigned (\S*) (.*)/) {
- $type = "unsigned $1";
- $data = $2;
- } elsif ($element =~ /^(\S*) (.*)/) {
- $type = $1;
- $data = $2;
- } else {
- die "Can't parse element '$element'";
- }
-
- # handle comma separated lists
- while ($data =~ /(\S*),[\s]?(.*)/) {
- parse_one($name, $type, $1, $flags);
- $data = $2;
- }
- parse_one($name, $type, $data, $flags);
-}
-
-
-my($first_struct) = 1;
-
-####################################################
-# parse the elements of one structure
-sub parse_elements($$)
-{
- my($name) = shift;
- my($elements) = shift;
-
- if ($first_struct) {
- $first_struct = 0;
- print "Parsing structs: $name";
- } else {
- print ", $name";
- }
-
- print OFILE "int gen_dump_struct_$name(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned);\n";
- print OFILE "int gen_parse_struct_$name(TALLOC_CTX *mem_ctx, char *, const char *);\n";
-
- print OFILE "static const struct parse_struct pinfo_" . $name . "[] = {\n";
-
-
- while ($elements =~ /^.*?([a-z].*?);\s*?(\S*?)\s*?$(.*)/msi) {
- my($element) = $1;
- my($flags) = $2;
- $elements = $3;
- parse_element($name, $element, $flags);
- }
-
- print OFILE "{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}};\n";
-
- print OFILE "
-int gen_dump_struct_$name(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) {
- return gen_dump_struct(mem_ctx, pinfo_$name, p, ptr, indent);
-}
-int gen_parse_struct_$name(TALLOC_CTX *mem_ctx, char *ptr, const char *str) {
- return gen_parse_struct(mem_ctx, pinfo_$name, ptr, str);
-}
-
-";
-}
-
-my($first_enum) = 1;
-
-####################################################
-# parse out the enum declarations
-sub parse_enum_elements($$)
-{
- my($name) = shift;
- my($elements) = shift;
-
- if ($first_enum) {
- $first_enum = 0;
- print "Parsing enums: $name";
- } else {
- print ", $name";
- }
-
- print OFILE "static const struct enum_struct einfo_" . $name . "[] = {\n";
-
- my(@enums) = split(/,/s, $elements);
- for (my($i)=0; $i <= $#{@enums}; $i++) {
- my($enum) = $enums[$i];
- if ($enum =~ /\s*(\w*)/) {
- my($e) = $1;
- print OFILE "{\"$e\", $e},\n";
- }
- }
-
- print OFILE "{NULL, 0}};\n";
-
- print OFILE "
-int gen_dump_enum_$name(struct parse_string *p, const char *ptr, unsigned indent) {
- return gen_dump_enum(einfo_$name, p, ptr, indent);
-}
-
-int gen_parse_enum_$name(char *ptr, const char *str) {
- return gen_parse_enum(einfo_$name, ptr, str);
-}
-
-";
-}
-
-####################################################
-# parse out the enum declarations
-sub parse_enums($)
-{
- my($data) = shift;
-
- while ($data =~ /^GENSTRUCT\s+enum\s+(\w*?)\s*{(.*?)}\s*;(.*)/ms) {
- my($name) = $1;
- my($elements) = $2;
- $data = $3;
-
- if (!defined($enum_done{$name})) {
- $enum_done{$name} = 1;
- parse_enum_elements($name, $elements);
- }
- }
-
- if (! $first_enum) {
- print "\n";
- }
-}
-
-####################################################
-# parse all the structures
-sub parse_structs($)
-{
- my($data) = shift;
-
- # parse into structures
- while ($data =~ /^GENSTRUCT\s+struct\s+(\w+?)\s*{\s*(.*?)\s*}\s*;(.*)/ms) {
- my($name) = $1;
- my($elements) = $2;
- $data = $3;
- if (!defined($struct_done{$name})) {
- $struct_done{$name} = 1;
- parse_elements($name, $elements);
- }
- }
-
- if (! $first_struct) {
- print "\n";
- } else {
- print "No GENSTRUCT structures found?\n";
- }
-}
-
-
-####################################################
-# parse a header file, generating a dumper structure
-sub parse_data($)
-{
- my($data) = shift;
-
- # collapse spaces
- $data =~ s/[\t ]+/ /sg;
- $data =~ s/\s*\n\s+/\n/sg;
- # strip debug lines
- $data =~ s/^\#.*?\n//smg;
-
- parse_enums($data);
- parse_structs($data);
-}
-
-
-#########################################
-# display help text
-sub ShowHelp()
-{
- print "
-generator for C structure dumpers
-Copyright Andrew Tridgell <genstruct\@tridgell.net>
-
-Sample usage:
- genstruct -o output.h gcc -E -O2 -g test.h
-
-Options:
- --help this help page
- -o OUTPUT place output in OUTPUT
-";
- exit(0);
-}
-
-########################################
-# main program
-if ($ARGV[0] ne "-o" || $#ARGV < 2) {
- ShowHelp();
-}
-
-shift;
-my($opt_ofile)=shift;
-
-print "creating $opt_ofile\n";
-
-open(OFILE, ">$opt_ofile") || die "can't open $opt_ofile";
-
-print OFILE "/* This is an automatically generated file - DO NOT EDIT! */\n\n";
-
-parse_data(`@ARGV -DGENSTRUCT=GENSTRUCT`);
-exit(0);
diff --git a/source3/smbd/build_options.c b/source3/smbd/build_options.c
index 43335666a6..da5accebab 100644
--- a/source3/smbd/build_options.c
+++ b/source3/smbd/build_options.c
@@ -104,6 +104,15 @@ void build_options(BOOL screen)
#ifdef WITH_PAM
output(screen," WITH_PAM\n");
#endif
+#ifdef WITH_TDB_SAM
+ output(screen," WITH_TDB_SAM\n");
+#endif
+#ifdef WITH_SMBPASSWD_SAM
+ output(screen," WITH_SMBPASSWD_SAM\n");
+#endif
+#ifdef WITH_NISPLUS_SAM
+ output(screen," WITH_NISPLUS_SAM\n");
+#endif
#ifdef WITH_NISPLUS_HOME
output(screen," WITH_NISPLUS_HOME\n");
#endif
@@ -523,9 +532,6 @@ void build_options(BOOL screen)
output(screen," sizeof(uint32): %d\n",sizeof(uint32));
output(screen," sizeof(short): %d\n",sizeof(short));
output(screen," sizeof(void*): %d\n",sizeof(void*));
-
- output(screen,"\nBuiltin modules:\n");
- output(screen,"%s\n", STRING_STATIC_MODULES);
}
diff --git a/source3/smbd/conn.c b/source3/smbd/conn.c
index b6c7aa1076..38fa2e0237 100644
--- a/source3/smbd/conn.c
+++ b/source3/smbd/conn.c
@@ -201,18 +201,15 @@ void conn_free(connection_struct *conn)
/* Free vfs_connection_struct */
handle = conn->vfs_private;
while(handle) {
- /* Only call dlclose for the old modules */
- if (handle->handle) {
- /* Close dlopen() handle */
- done_fptr = (void (*)(connection_struct *))sys_dlsym(handle->handle, "vfs_done");
-
- if (done_fptr == NULL) {
- DEBUG(3, ("No vfs_done() symbol found in module with handle %p, ignoring\n", handle->handle));
- } else {
- done_fptr(conn);
- }
- sys_dlclose(handle->handle);
- }
+ /* Close dlopen() handle */
+ done_fptr = (void (*)(connection_struct *))sys_dlsym(handle->handle, "vfs_done");
+
+ if (done_fptr == NULL) {
+ DEBUG(3, ("No vfs_done() symbol found in module with handle %p, ignoring\n", handle->handle));
+ } else {
+ done_fptr(conn);
+ }
+ sys_dlclose(handle->handle);
DLIST_REMOVE(conn->vfs_private, handle);
thandle = handle->next;
SAFE_FREE(handle);
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index de1bea493f..16ef30c46c 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -44,7 +44,7 @@ extern userdom_struct current_user_info;
extern int smb_read_error;
SIG_ATOMIC_T reload_after_sighup = 0;
SIG_ATOMIC_T got_sig_term = 0;
-BOOL global_machine_password_needs_changing = False;
+extern BOOL global_machine_password_needs_changing;
extern int max_send;
/****************************************************************************
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index b2dab2fea2..d655184042 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -148,7 +148,7 @@ int reply_tcon(connection_struct *conn,
const char *service;
pstring service_buf;
pstring password;
- fstring dev;
+ pstring dev;
int outsize = 0;
uint16 vuid = SVAL(inbuf,smb_uid);
int pwlen=0;
@@ -204,7 +204,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt
{
fstring service;
DATA_BLOB password;
-
+
/* what the cleint thinks the device is */
fstring client_devicetype;
/* what the server tells the client the share represents */
@@ -286,12 +286,13 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt
const char *fsname = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
set_message(outbuf,3,0,True);
-
- p = smb_buf(outbuf);
+
+ p = smb_buf(outbuf);
p += srvstr_push(outbuf, p, server_devicetype, -1,
- STR_TERMINATE|STR_ASCII);
- p += srvstr_push(outbuf, p, fsname, -1,
- STR_TERMINATE);
+ STR_TERMINATE|STR_ASCII);
+ p += srvstr_push(outbuf, p, fsname, -1,
+ STR_TERMINATE);
+
set_message_end(outbuf,p);
/* what does setting this bit do? It is set by NT4 and
@@ -1463,6 +1464,7 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st
int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int dum_buffsize)
{
+ extern struct current_user current_user;
ssize_t maxcount,mincount;
size_t nread = 0;
SMB_OFF_T startpos;
@@ -2360,6 +2362,7 @@ int reply_exit(connection_struct *conn,
int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size,
int dum_buffsize)
{
+ extern struct current_user current_user;
int outsize = 0;
time_t mtime;
int32 eclass = 0, err = 0;
@@ -2380,7 +2383,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size,
* We can only use CHECK_FSP if we know it's not a directory.
*/
- if(!fsp || (fsp->conn != conn)) {
+ if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) {
END_PROFILE(SMBclose);
return ERROR_DOS(ERRDOS,ERRbadfid);
}
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 8ce20c87a4..a6d3d92a8a 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -833,16 +833,9 @@ static BOOL init_structs(void )
if (!init_registry())
exit(1);
- if (!idmap_init(lp_idmap_backend()))
- exit(1);
-
if(!initialize_password_db(False))
exit(1);
- static_init_rpc;
-
- init_modules();
-
uni_group_cache_init(); /* Non-critical */
/* possibly reload the services file. */
@@ -871,10 +864,6 @@ static BOOL init_structs(void )
if (!init_change_notify())
exit(1);
- /* Setup privileges database */
- if (!privilege_init())
- exit(1);
-
/* re-initialise the timezone */
TimeInit();
@@ -884,7 +873,6 @@ static BOOL init_structs(void )
smbd_process();
uni_group_cache_shutdown();
- namecache_shutdown();
exit_server("normal exit");
return(0);
}
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 0fa65f47ca..b9cf0de3bd 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -722,33 +722,6 @@ static void store_gid_sid_cache(const DOM_SID *psid, const enum SID_NAME_USE sid
DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid)
{
-#ifdef WITH_IDMAP
- unid_t id;
-
- DEBUG(10,("uid_to_sid: uid = [%d]\n", uid));
-
- id.uid = uid;
- if (NT_STATUS_IS_OK(idmap_get_sid_from_id(psid, id, ID_USERID))) {
- DEBUG(10, ("uid_to_sid: sid = [%s]\n", sid_string_static(psid)));
- return psid;
- }
-
- /* If mapping is not found in idmap try with traditional method,
- then stores the result in idmap.
- We may add a switch in future to allow smooth migrations to
- idmap-only db ---Simo */
-
- become_root();
- psid = local_uid_to_sid(psid, uid);
- unbecome_root();
-
- DEBUG(10,("uid_to_sid: algorithmic %u -> %s\n", (unsigned int)uid, sid_string_static(psid)));
- if (psid)
- idmap_set_mapping(psid, id, ID_USERID);
-
- return psid;
-
-#else
uid_t low, high;
enum SID_NAME_USE sidtype;
fstring sid;
@@ -756,7 +729,7 @@ DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid)
if (fetch_sid_from_uid_cache(psid, &sidtype, uid))
return psid;
- if (lp_idmap_uid(&low, &high) && uid >= low && uid <= high) {
+ if (lp_winbind_uid(&low, &high) && uid >= low && uid <= high) {
if (winbind_uid_to_sid(psid, uid)) {
DEBUG(10,("uid_to_sid: winbindd %u -> %s\n",
@@ -778,7 +751,6 @@ DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid)
store_uid_sid_cache(psid, SID_NAME_USER, uid);
return psid;
-#endif
}
/*****************************************************************
@@ -789,33 +761,6 @@ DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid)
DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid)
{
-#ifdef WITH_IDMAP
- unid_t id;
-
- DEBUG(10,("gid_to_sid: gid = [%d]\n", gid));
-
- id.gid = gid;
- if (NT_STATUS_IS_OK(idmap_get_sid_from_id(psid, id, ID_GROUPID))) {
- DEBUG(10, ("gid_to_sid: sid = [%s]\n", sid_string_static(psid)));
- return psid;
- }
-
- /* If mapping is not found in idmap try with traditional method,
- then stores the result in idmap.
- We may add a switch in future to allow smooth migrations to
- idmap-only db ---Simo */
-
- become_root();
- psid = local_gid_to_sid(psid, gid);
- unbecome_root();
-
- DEBUG(10,("gid_to_sid: algorithmic %u -> %s\n", (unsigned int)gid, sid_string_static(psid)));
- if (psid)
- idmap_set_mapping(psid, id, ID_GROUPID);
-
- return psid;
-
-#else
gid_t low, high;
enum SID_NAME_USE sidtype;
fstring sid;
@@ -823,7 +768,7 @@ DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid)
if (fetch_sid_from_gid_cache(psid, &sidtype, gid))
return psid;
- if (lp_idmap_gid(&low, &high) && gid >= low && gid <= high) {
+ if (lp_winbind_gid(&low, &high) && gid >= low && gid <= high) {
if (winbind_gid_to_sid(psid, gid)) {
DEBUG(10,("gid_to_sid: winbindd %u -> %s\n",
@@ -844,7 +789,6 @@ DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid)
store_gid_sid_cache(psid, SID_NAME_DOM_GRP, gid);
return psid;
-#endif
}
/*****************************************************************
@@ -856,35 +800,6 @@ DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid)
BOOL sid_to_uid(const DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype)
{
-#ifdef WITH_IDMAP
- unid_t id;
- int type;
-
- DEBUG(10,("sid_to_uid: sid = [%s]\n", sid_string_static(psid)));
-
- *sidtype = SID_NAME_USER;
-
- type = ID_USERID;
- if (NT_STATUS_IS_OK(idmap_get_id_from_sid(&id, &type, psid))) {
- DEBUG(10,("sid_to_uid: uid = [%d]\n", id.uid));
- *puid = id.uid;
- return True;
- }
-
- if (sid_compare_domain(get_global_sam_sid(), psid) == 0) {
- BOOL result;
- become_root();
- result = local_sid_to_uid(puid, psid, sidtype);
- unbecome_root();
- if (result) {
- id.uid = *puid;
- DEBUG(10,("sid_to_uid: uid = [%d]\n", id.uid));
- idmap_set_mapping(psid, id, ID_USERID);
- return True;
- }
- }
- return False;
-#else
fstring sid_str;
if (fetch_uid_from_cache(puid, psid, *sidtype))
@@ -958,7 +873,6 @@ BOOL sid_to_uid(const DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype)
store_uid_sid_cache(psid, *sidtype, *puid);
return True;
-#endif
}
/*****************************************************************
@@ -970,37 +884,6 @@ BOOL sid_to_uid(const DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype)
BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype)
{
-#ifdef WITH_IDMAP
- unid_t id;
- int type;
-
- DEBUG(10,("sid_to_gid: sid = [%s]\n", sid_string_static(psid)));
-
- *sidtype = SID_NAME_ALIAS;
-
- type = ID_GROUPID;
- if (NT_STATUS_IS_OK(idmap_get_id_from_sid(&id, &type, psid))) {
- DEBUG(10,("sid_to_gid: gid = [%d]\n", id.gid));
- *pgid = id.gid;
- return True;
- }
-
- if (sid_compare_domain(get_global_sam_sid(), psid) == 0) {
- BOOL result;
- become_root();
- result = local_sid_to_gid(pgid, psid, sidtype);
- unbecome_root();
- if (result) {
- id.gid = *pgid;
- DEBUG(10,("sid_to_gid: gid = [%d]\n", id.gid));
- idmap_set_mapping(psid, id, ID_GROUPID);
- return True;
- }
- }
-
- return False;
-
-#else
fstring dom_name, name, sid_str;
enum SID_NAME_USE name_type;
@@ -1061,6 +944,5 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype)
store_gid_sid_cache(psid, *sidtype, *pgid);
return True;
-#endif
}
diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c
index 06aca51322..533c64b229 100644
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -27,13 +27,6 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_VFS
-struct vfs_init_function_entry {
- char *name;
- vfs_op_tuple *ops, *(*init)(const struct vfs_ops *, struct smb_vfs_handle_struct *);
- struct vfs_init_function_entry *prev, *next;
-};
-
-static struct vfs_init_function_entry *backends = NULL;
/* Some structures to help us initialise the vfs operations table */
@@ -135,59 +128,6 @@ static struct vfs_ops default_vfs_ops = {
};
/****************************************************************************
- maintain the list of available backends
-****************************************************************************/
-
-static struct vfs_init_function_entry *vfs_find_backend_entry(const char *name)
-{
- struct vfs_init_function_entry *entry = backends;
- pstring stripped;
-
- module_path_get_name(name, stripped);
-
- while(entry) {
- if (strequal(entry->name, stripped)) return entry;
- entry = entry->next;
- }
-
- return NULL;
-}
-
-BOOL smb_register_vfs(const char *name, vfs_op_tuple *(*init)(const struct vfs_ops *, struct smb_vfs_handle_struct *), int version)
-{
- struct vfs_init_function_entry *entry = backends;
-
- if ((version < SMB_VFS_INTERFACE_CASCADED)) {
- DEBUG(0, ("vfs_init() returned wrong interface version info (was %d, should be no less than %d)\n",
- version, SMB_VFS_INTERFACE_VERSION ));
- return False;
- }
-
- if ((version < SMB_VFS_INTERFACE_VERSION)) {
- DEBUG(0, ("Warning: vfs_init() states that module confirms interface version #%d, current interface version is #%d.\n\
- Proceeding in compatibility mode, new operations (since version #%d) will fallback to default ones.\n",
- version, SMB_VFS_INTERFACE_VERSION, version ));
- return False;
- }
-
- while(entry) {
- if (strequal(entry->name, name)) {
- DEBUG(0,("VFS module %s already loaded!\n", name));
- return False;
- }
- entry = entry->next;
- }
-
- entry = smb_xmalloc(sizeof(struct vfs_init_function_entry));
- entry->name = smb_xstrdup(name);
- entry->init = init;
-
- DLIST_ADD(backends, entry);
- DEBUG(5, ("Successfully added vfs backend '%s'\n", name));
- return True;
-}
-
-/****************************************************************************
initialise default vfs hooks
****************************************************************************/
@@ -199,19 +139,23 @@ static void vfs_init_default(connection_struct *conn)
conn->vfs_private = NULL;
}
-/***************************************************************************
- Function to load old VFS modules. Should go away after a while.
- **************************************************************************/
+/****************************************************************************
+ initialise custom vfs hooks
+****************************************************************************/
-static vfs_op_tuple *vfs_load_old_plugin(connection_struct *conn, const char *vfs_object)
+BOOL vfs_init_custom(connection_struct *conn, const char *vfs_object)
{
int vfs_version = -1;
- vfs_op_tuple *ops, *(*init_fptr)(int *, const struct vfs_ops *, struct smb_vfs_handle_struct *);
+ vfs_op_tuple *ops, *(*init_fptr)(int *, const struct vfs_ops *, struct smb_vfs_handle_struct *);
+ int i;
+
+ DEBUG(3, ("Initialising custom vfs hooks from %s\n", vfs_object));
+
/* Open object file */
if ((conn->vfs_private->handle = sys_dlopen(vfs_object, RTLD_NOW)) == NULL) {
DEBUG(0, ("Error opening %s: %s\n", vfs_object, sys_dlerror()));
- return NULL;
+ return False;
}
/* Get handle on vfs_init() symbol */
@@ -221,73 +165,32 @@ static vfs_op_tuple *vfs_load_old_plugin(connection_struct *conn, const char *vf
if (init_fptr == NULL) {
DEBUG(0, ("No vfs_init() symbol found in %s\n", vfs_object));
sys_dlclose(conn->vfs_private->handle);
- return NULL;
+ return False;
}
/* Initialise vfs_ops structure */
- if ((ops = init_fptr(&vfs_version, &conn->vfs_ops, conn->vfs_private)) == NULL) {
- DEBUG(0, ("vfs_init() function from %s failed\n", vfs_object));
- sys_dlclose(conn->vfs_private->handle);
- return NULL;
- }
- if ((vfs_version < SMB_VFS_INTERFACE_CASCADED)) {
- DEBUG(0, ("vfs_init() returned wrong interface version info (was %d, should be no less than %d)\n",
- vfs_version, SMB_VFS_INTERFACE_VERSION ));
+ if ((ops = init_fptr(&vfs_version, &conn->vfs_ops, conn->vfs_private)) == NULL) {
+ DEBUG(0, ("vfs_init() function from %s failed\n", vfs_object));
sys_dlclose(conn->vfs_private->handle);
- return NULL;
- }
-
- if ((vfs_version < SMB_VFS_INTERFACE_VERSION)) {
- DEBUG(0, ("Warning: vfs_init() states that module confirms interface version #%d, current interface version is #%d.\n\
- Proceeding in compatibility mode, new operations (since version #%d) will fallback to default ones.\n",
- vfs_version, SMB_VFS_INTERFACE_VERSION, vfs_version ));
+ return False;
+ }
+
+ if ((vfs_version < SMB_VFS_INTERFACE_CASCADED)) {
+ DEBUG(0, ("vfs_init() returned wrong interface version info (was %d, should be no less than %d)\n",
+ vfs_version, SMB_VFS_INTERFACE_VERSION ));
sys_dlclose(conn->vfs_private->handle);
- return NULL;
- }
-
- return ops;
-}
-
-
-
-/****************************************************************************
- initialise custom vfs hooks
- ****************************************************************************/
-
-BOOL vfs_init_custom(connection_struct *conn, const char *vfs_object)
-{
- vfs_op_tuple *ops;
- int i;
- struct vfs_init_function_entry *entry;
-
- DEBUG(3, ("Initialising custom vfs hooks from %s\n", vfs_object));
-
- if(!backends) static_init_vfs;
-
- /* First, try to load the module with the new module system */
- if((entry = vfs_find_backend_entry(vfs_object)) ||
- (smb_probe_module("vfs", vfs_object) &&
- (entry = vfs_find_backend_entry(vfs_object)))) {
-
- DEBUG(3,("Successfully loaded %s with the new modules system\n", vfs_object));
-
- if ((ops = entry->init(&conn->vfs_ops, conn->vfs_private)) == NULL) {
- DEBUG(0, ("vfs init function from %s failed\n", vfs_object));
- return False;
- }
- } else {
- /* If that doesn't work, fall back to the old system
- * (This part should go away after a while, it's only here
- * for backwards compatibility) */
- DEBUG(2, ("Can't load module %s with new modules system, falling back to compatibility\n",
- vfs_object));
- if ((ops = vfs_load_old_plugin(conn, vfs_object)) == NULL) {
- DEBUG(0, ("vfs init function from %s failed\n", vfs_object));
- return False;
- }
- }
-
+ return False;
+ }
+
+ if ((vfs_version < SMB_VFS_INTERFACE_VERSION)) {
+ DEBUG(0, ("Warning: vfs_init() states that module confirms interface version #%d, current interface version is #%d.\n\
+Proceeding in compatibility mode, new operations (since version #%d) will fallback to default ones.\n",
+ vfs_version, SMB_VFS_INTERFACE_VERSION, vfs_version ));
+ sys_dlclose(conn->vfs_private->handle);
+ return False;
+ }
+
for(i=0; ops[i].op != NULL; i++) {
DEBUG(3, ("Checking operation #%d (type %d, layer %d)\n", i, ops[i].type, ops[i].layer));
if(ops[i].layer == SMB_VFS_LAYER_OPAQUE) {
@@ -312,50 +215,54 @@ BOOL vfs_init_custom(connection_struct *conn, const char *vfs_object)
BOOL smbd_vfs_init(connection_struct *conn)
{
- const char **vfs_objects;
- char *vfs_module, *vfs_path;
- unsigned int i = 0;
- int j = 0;
+ char **vfs_objects, *vfsobj, *vfs_module, *vfs_path;
+ int nobj, i;
struct smb_vfs_handle_struct *handle;
/* Normal share - initialise with disk access functions */
vfs_init_default(conn);
- vfs_objects = lp_vfsobj(SNUM(conn));
/* Override VFS functions if 'vfs object' was specified*/
- if (!vfs_objects)
- return True;
-
- for(i=0; i<SMB_VFS_OP_LAST; i++) {
- vfs_opaque_ops[i].op = ((void**)&default_vfs_ops)[i];
- vfs_opaque_ops[i].type = i;
- vfs_opaque_ops[i].layer = SMB_VFS_LAYER_OPAQUE;
- }
-
- vfs_path = lp_vfs_path(SNUM(conn));
-
- for (i=0; vfs_objects[i]; i++); /* count passed modules */
-
- for (j=i-1; j >= 0; j--) {
- conn->vfs_private = NULL;
- handle = (struct smb_vfs_handle_struct *) smb_xmalloc(sizeof(smb_vfs_handle_struct));
- /* Loadable object file */
- handle->handle = NULL;
- DLIST_ADD(conn->vfs_private, handle);
- vfs_module = NULL;
- if (vfs_path && *vfs_path) {
- asprintf(&vfs_module, "%s/%s", vfs_path, vfs_objects[j]);
- } else {
- asprintf(&vfs_module, "%s", vfs_objects[j]);
+ if (*lp_vfsobj(SNUM(conn))) {
+ vfsobj = NULL;
+ for(i=0; i<SMB_VFS_OP_LAST; i++) {
+ vfs_opaque_ops[i].op = ((void**)&default_vfs_ops)[i];
+ vfs_opaque_ops[i].type = i;
+ vfs_opaque_ops[i].layer = SMB_VFS_LAYER_OPAQUE;
}
- if (!vfs_init_custom(conn, vfs_module)) {
- DEBUG(0, ("smbd_vfs_init: vfs_init_custom failed for %s\n", vfs_module));
- SAFE_FREE(vfs_module);
- DLIST_REMOVE(conn->vfs_private, handle);
- SAFE_FREE(handle);
- return False;
+ if (string_set(&vfsobj, lp_vfsobj(SNUM(conn)))) {
+ /* Parse passed modules specification to array of modules */
+ set_first_token(vfsobj);
+ /* We are using default separators: ' \t\r\n' */
+ vfs_objects = toktocliplist(&nobj, NULL);
+ if (vfs_objects) {
+ vfs_path = lp_vfs_path(SNUM(conn));
+ conn->vfs_private = NULL;
+ for(i=nobj-1; i>=0; i--) {
+ handle = (struct smb_vfs_handle_struct *) smb_xmalloc(sizeof(smb_vfs_handle_struct));
+ /* Loadable object file */
+ handle->handle = NULL;
+ DLIST_ADD(conn->vfs_private, handle)
+ vfs_module = NULL;
+ if (vfs_path) {
+ asprintf(&vfs_module, "%s/%s", vfs_path, vfs_objects[i]);
+ } else {
+ asprintf(&vfs_module, "%s", vfs_objects[i]);
+ }
+ if (!vfs_init_custom(conn, vfs_module)) {
+ DEBUG(0, ("smbd_vfs_init: vfs_init_custom failed for %s\n", vfs_module));
+ string_free(&vfsobj);
+ SAFE_FREE(vfs_module);
+ DLIST_REMOVE(conn->vfs_private, handle);
+ SAFE_FREE(handle);
+ return False;
+ }
+ SAFE_FREE(vfs_module);
+ }
+ }
+ string_free(&vfsobj);
+ return True;
}
- SAFE_FREE(vfs_module);
}
return True;
}
diff --git a/source3/stf/standardcheck.py b/source3/stf/standardcheck.py
index e3292353e8..bec21b8ec5 100644
--- a/source3/stf/standardcheck.py
+++ b/source3/stf/standardcheck.py
@@ -22,13 +22,13 @@
"""These tests are run by Samba's "make check"."""
import strings, comfychair
-import smbcontrol, sambalib
+import smbcontrol
# There should not be any actual tests in here: this file just serves
# to define the ones run by default. They're imported from other
# modules.
-tests = strings.tests + smbcontrol.tests + sambalib.tests
+tests = strings.tests + smbcontrol.tests
if __name__ == '__main__':
comfychair.main(tests)
diff --git a/source3/tdb/spinlock.h b/source3/tdb/spinlock.h
index 8b0e833ff5..d6a2ac6eb8 100644
--- a/source3/tdb/spinlock.h
+++ b/source3/tdb/spinlock.h
@@ -1,7 +1,7 @@
#ifndef __SPINLOCK_H__
#define __SPINLOCK_H__
-#ifdef HAVE_CONFIG_H
+#if HAVE_CONFIG_H
#include <config.h>
#endif
diff --git a/source3/tdb/tdbbackup.c b/source3/tdb/tdbbackup.c
index 36ba7db918..7b344de6c4 100644
--- a/source3/tdb/tdbbackup.c
+++ b/source3/tdb/tdbbackup.c
@@ -303,3 +303,13 @@ static void usage(void)
return ret;
}
+
+#ifdef VALGRIND
+size_t valgrind_strlen(const char *s)
+{
+ size_t count;
+ for(count = 0; *s++; count++)
+ ;
+ return count;
+}
+#endif
diff --git a/source3/tdb/tdbutil.c b/source3/tdb/tdbutil.c
index 69b282cda0..49005f8765 100644
--- a/source3/tdb/tdbutil.c
+++ b/source3/tdb/tdbutil.c
@@ -387,7 +387,6 @@ BOOL tdb_change_uint32_atomic(TDB_CONTEXT *tdb, const char *keystr, uint32 *oldv
size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...)
{
va_list ap;
- uint8 bt;
uint16 w;
uint32 d;
int i;
@@ -403,46 +402,40 @@ size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...)
while (*fmt) {
switch ((c = *fmt++)) {
- case 'b': /* unsigned 8-bit integer */
- len = 1;
- bt = (uint8)va_arg(ap, int);
- if (bufsize && bufsize >= len)
- SSVAL(buf, 0, bt);
- break;
- case 'w': /* unsigned 16-bit integer */
+ case 'w':
len = 2;
w = (uint16)va_arg(ap, int);
if (bufsize && bufsize >= len)
SSVAL(buf, 0, w);
break;
- case 'd': /* signed 32-bit integer (standard int in most systems) */
+ case 'd':
len = 4;
d = va_arg(ap, uint32);
if (bufsize && bufsize >= len)
SIVAL(buf, 0, d);
break;
- case 'p': /* pointer */
+ case 'p':
len = 4;
p = va_arg(ap, void *);
d = p?1:0;
if (bufsize && bufsize >= len)
SIVAL(buf, 0, d);
break;
- case 'P': /* null-terminated string */
+ case 'P':
s = va_arg(ap,char *);
w = strlen(s);
len = w + 1;
if (bufsize && bufsize >= len)
memcpy(buf, s, len);
break;
- case 'f': /* null-terminated string */
+ case 'f':
s = va_arg(ap,char *);
w = strlen(s);
len = w + 1;
if (bufsize && bufsize >= len)
memcpy(buf, s, len);
break;
- case 'B': /* fixed-length string */
+ case 'B':
i = va_arg(ap, int);
s = va_arg(ap, char *);
len = 4+i;
@@ -481,7 +474,6 @@ size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...)
int tdb_unpack(char *buf, int bufsize, const char *fmt, ...)
{
va_list ap;
- uint8 *bt;
uint16 *w;
uint32 *d;
int len;
@@ -497,13 +489,6 @@ int tdb_unpack(char *buf, int bufsize, const char *fmt, ...)
while (*fmt) {
switch ((c=*fmt++)) {
- case 'b':
- len = 1;
- bt = va_arg(ap, uint8 *);
- if (bufsize < len)
- goto no_space;
- *bt = SVAL(buf, 0);
- break;
case 'w':
len = 2;
w = va_arg(ap, uint16 *);
@@ -581,130 +566,6 @@ int tdb_unpack(char *buf, int bufsize, const char *fmt, ...)
return -1;
}
-
-/**
- * Pack SID passed by pointer
- *
- * @param pack_buf pointer to buffer which is to be filled with packed data
- * @param bufsize size of packing buffer
- * @param sid pointer to sid to be packed
- *
- * @return length of the packed representation of the whole structure
- **/
-size_t tdb_sid_pack(char* pack_buf, int bufsize, DOM_SID* sid)
-{
- int idx;
- size_t len = 0;
-
- if (!sid || !pack_buf) return -1;
-
- len += tdb_pack(pack_buf + len, bufsize - len, "bb", sid->sid_rev_num,
- sid->num_auths);
-
- for (idx = 0; idx < 6; idx++) {
- len += tdb_pack(pack_buf + len, bufsize - len, "b", sid->id_auth[idx]);
- }
-
- for (idx = 0; idx < MAXSUBAUTHS; idx++) {
- len += tdb_pack(pack_buf + len, bufsize - len, "d", sid->sub_auths[idx]);
- }
-
- return len;
-}
-
-
-/**
- * Unpack SID into a pointer
- *
- * @param pack_buf pointer to buffer with packed representation
- * @param bufsize size of the buffer
- * @param sid pointer to sid structure to be filled with unpacked data
- *
- * @return size of structure unpacked from buffer
- **/
-size_t tdb_sid_unpack(char* pack_buf, int bufsize, DOM_SID* sid)
-{
- int idx, len = 0;
-
- if (!sid || !pack_buf) return -1;
-
- len += tdb_unpack(pack_buf + len, bufsize - len, "bb",
- &sid->sid_rev_num, &sid->num_auths);
-
- for (idx = 0; idx < 6; idx++) {
- len += tdb_unpack(pack_buf + len, bufsize - len, "b", &sid->id_auth[idx]);
- }
-
- for (idx = 0; idx < MAXSUBAUTHS; idx++) {
- len += tdb_unpack(pack_buf + len, bufsize - len, "d", &sid->sub_auths[idx]);
- }
-
- return len;
-}
-
-
-/**
- * Pack TRUSTED_DOM_PASS passed by pointer
- *
- * @param pack_buf pointer to buffer which is to be filled with packed data
- * @param bufsize size of the buffer
- * @param pass pointer to trusted domain password to be packed
- *
- * @return length of the packed representation of the whole structure
- **/
-size_t tdb_trusted_dom_pass_pack(char* pack_buf, int bufsize, TRUSTED_DOM_PASS* pass)
-{
- int idx, len = 0;
-
- if (!pack_buf || !pass) return -1;
-
- /* packing unicode domain name and password */
- len += tdb_pack(pack_buf + len, bufsize - len, "d", pass->uni_name_len);
-
- for (idx = 0; idx < 32; idx++)
- len += tdb_pack(pack_buf + len, bufsize - len, "w", pass->uni_name[idx]);
-
- len += tdb_pack(pack_buf + len, bufsize - len, "dPd", pass->pass_len,
- pass->pass, pass->mod_time);
-
- /* packing SID structure */
- len += tdb_sid_pack(pack_buf + len, bufsize - len, &pass->domain_sid);
-
- return len;
-}
-
-
-/**
- * Unpack TRUSTED_DOM_PASS passed by pointer
- *
- * @param pack_buf pointer to buffer with packed representation
- * @param bufsize size of the buffer
- * @param pass pointer to trusted domain password to be filled with unpacked data
- *
- * @return size of structure unpacked from buffer
- **/
-size_t tdb_trusted_dom_pass_unpack(char* pack_buf, int bufsize, TRUSTED_DOM_PASS* pass)
-{
- int idx, len = 0;
-
- if (!pack_buf || !pass) return -1;
-
- /* unpack unicode domain name and plaintext password */
- len += tdb_unpack(pack_buf, bufsize - len, "d", &pass->uni_name_len);
-
- for (idx = 0; idx < 32; idx++)
- len += tdb_unpack(pack_buf + len, bufsize - len, "w", &pass->uni_name[idx]);
-
- len += tdb_unpack(pack_buf + len, bufsize - len, "dPd", &pass->pass_len, &pass->pass,
- &pass->mod_time);
-
- /* unpack domain sid */
- len += tdb_sid_unpack(pack_buf + len, bufsize - len, &pass->domain_sid);
-
- return len;
-}
-
-
/****************************************************************************
Log tdb messages via DEBUG().
****************************************************************************/
diff --git a/source3/torture/cmd_sam.c b/source3/torture/cmd_sam.c
deleted file mode 100644
index 3f7f7dfe27..0000000000
--- a/source3/torture/cmd_sam.c
+++ /dev/null
@@ -1,514 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- SAM module functions
-
- Copyright (C) Jelmer Vernooij 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-#include "samtest.h"
-
-static void print_account(SAM_ACCOUNT_HANDLE *a)
-{
- /* FIXME */
-}
-
-static NTSTATUS cmd_context(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- NTSTATUS status;
- char **plugins;
- int i;
-
- plugins = malloc(argc * sizeof(char *));
-
- for(i = 1; i < argc; i++)
- plugins[i-1] = argv[i];
-
- plugins[argc-1] = NULL;
-
- if(!NT_STATUS_IS_OK(status = make_sam_context_list(&st->context, plugins))) {
- printf("make_sam_context_list failed: %s\n", nt_errstr(status));
- SAFE_FREE(plugins);
- return status;
- }
-
- SAFE_FREE(plugins);
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS cmd_load_module(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- char *plugin_arg[2];
- NTSTATUS status;
- if (argc != 2 && argc != 3) {
- printf("Usage: load <module path> [domain-name]\n");
- return NT_STATUS_OK;
- }
-
- if (argc == 3)
- asprintf(&plugin_arg[0], "plugin:%s|%s", argv[1], argv[2]);
- else
- asprintf(&plugin_arg[0], "plugin:%s", argv[1]);
-
- plugin_arg[1] = NULL;
-
- if(!NT_STATUS_IS_OK(status = make_sam_context_list(&st->context, plugin_arg))) {
- free(plugin_arg[0]);
- return status;
- }
-
- free(plugin_arg[0]);
-
- printf("load: ok\n");
- return NT_STATUS_OK;
-}
-
-static NTSTATUS cmd_get_sec_desc(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_set_sec_desc(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_lookup_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- char *name;
- uint32 type;
- NTSTATUS status;
- DOM_SID sid;
- if (argc != 2) {
- printf("Usage: lookup_sid <sid>\n");
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!string_to_sid(&sid, argv[1])){
- printf("Unparseable SID specified!\n");
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!NT_STATUS_IS_OK(status = sam_lookup_sid(st->context, st->token, mem_ctx, &sid, &name, &type))) {
- printf("sam_lookup_sid failed!\n");
- return status;
- }
-
- printf("Name: %s\n", name);
- printf("Type: %d\n", type); /* FIXME: What kind of an integer is type ? */
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS cmd_lookup_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- DOM_SID sid;
- uint32 type;
- NTSTATUS status;
- if (argc != 3) {
- printf("Usage: lookup_name <domain> <name>\n");
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!NT_STATUS_IS_OK(status = sam_lookup_name(st->context, st->token, argv[1], argv[2], &sid, &type))) {
- printf("sam_lookup_name failed!\n");
- return status;
- }
-
- printf("SID: %s\n", sid_string_static(&sid));
- printf("Type: %d\n", type);
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS cmd_lookup_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_lookup_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_lookup_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- DOM_SID *sid;
- NTSTATUS status;
- if (argc != 2) {
- printf("Usage: lookup_domain <domain>\n");
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!NT_STATUS_IS_OK(status = sam_lookup_domain(st->context, st->token, argv[1], &sid))) {
- printf("sam_lookup_name failed!\n");
- return status;
- }
-
- printf("SID: %s\n", sid_string_static(sid));
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS cmd_enum_domains(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- int32 domain_count, i;
- DOM_SID *domain_sids;
- char **domain_names;
- NTSTATUS status;
-
- if (!NT_STATUS_IS_OK(status = sam_enum_domains(st->context, st->token, &domain_count, &domain_sids, &domain_names))) {
- printf("sam_enum_domains failed!\n");
- return status;
- }
-
- if (domain_count == 0) {
- printf("No domains found!\n");
- return NT_STATUS_OK;
- }
-
- for (i = 0; i < domain_count; i++) {
- printf("%s %s\n", domain_names[i], sid_string_static(&domain_sids[i]));
- }
-
- SAFE_FREE(domain_sids);
- SAFE_FREE(domain_names);
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS cmd_update_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_show_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- NTSTATUS status;
- DOM_SID sid;
- SAM_DOMAIN_HANDLE *domain;
- uint32 tmp_uint32;
- uint16 tmp_uint16;
- NTTIME tmp_nttime;
- BOOL tmp_bool;
- const char *tmp_string;
-
- if (argc != 2) {
- printf("Usage: show_domain <sid>\n");
- return status;
- }
-
- if (!string_to_sid(&sid, argv[1])){
- printf("Unparseable SID specified!\n");
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_by_sid(st->context, st->token, GENERIC_RIGHTS_DOMAIN_ALL_ACCESS, &sid, &domain))) {
- printf("sam_get_domain_by_sid failed\n");
- return status;
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_num_accounts(domain, &tmp_uint32))) {
- printf("sam_get_domain_num_accounts failed: %s\n", nt_errstr(status));
- } else {
- printf("Number of accounts: %d\n", tmp_uint32);
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_num_groups(domain, &tmp_uint32))) {
- printf("sam_get_domain_num_groups failed: %s\n", nt_errstr(status));
- } else {
- printf("Number of groups: %u\n", tmp_uint32);
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_num_aliases(domain, &tmp_uint32))) {
- printf("sam_get_domain_num_aliases failed: %s\n", nt_errstr(status));
- } else {
- printf("Number of aliases: %u\n", tmp_uint32);
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_name(domain, &tmp_string))) {
- printf("sam_get_domain_name failed: %s\n", nt_errstr(status));
- } else {
- printf("Domain Name: %s\n", tmp_string);
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_lockout_count(domain, &tmp_uint16))) {
- printf("sam_get_domain_lockout_count failed: %s\n", nt_errstr(status));
- } else {
- printf("Lockout Count: %u\n", tmp_uint16);
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_force_logoff(domain, &tmp_bool))) {
- printf("sam_get_domain_force_logoff failed: %s\n", nt_errstr(status));
- } else {
- printf("Force Logoff: %s\n", (tmp_bool?"Yes":"No"));
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_lockout_duration(domain, &tmp_nttime))) {
- printf("sam_get_domain_lockout_duration failed: %s\n", nt_errstr(status));
- } else {
- printf("Lockout duration: %u\n", tmp_nttime.low);
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_login_pwdchange(domain, &tmp_bool))) {
- printf("sam_get_domain_login_pwdchange failed: %s\n", nt_errstr(status));
- } else {
- printf("Password changing allowed: %s\n", (tmp_bool?"Yes":"No"));
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_max_pwdage(domain, &tmp_nttime))) {
- printf("sam_get_domain_max_pwdage failed: %s\n", nt_errstr(status));
- } else {
- printf("Maximum password age: %u\n", tmp_nttime.low);
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_min_pwdage(domain, &tmp_nttime))) {
- printf("sam_get_domain_min_pwdage failed: %s\n", nt_errstr(status));
- } else {
- printf("Minimal password age: %u\n", tmp_nttime.low);
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_min_pwdlength(domain, &tmp_uint16))) {
- printf("sam_get_domain_min_pwdlength: %s\n", nt_errstr(status));
- } else {
- printf("Minimal Password Length: %u\n", tmp_uint16);
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_pwd_history(domain, &tmp_uint16))) {
- printf("sam_get_domain_pwd_history failed: %s\n", nt_errstr(status));
- } else {
- printf("Password history: %u\n", tmp_uint16);
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_reset_count(domain, &tmp_nttime))) {
- printf("sam_get_domain_reset_count failed: %s\n", nt_errstr(status));
- } else {
- printf("Reset count: %u\n", tmp_nttime.low);
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_domain_server(domain, &tmp_string))) {
- printf("sam_get_domain_server failed: %s\n", nt_errstr(status));
- } else {
- printf("Server: %s\n", tmp_string);
- }
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS cmd_create_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_update_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_delete_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_enum_accounts(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- NTSTATUS status;
- DOM_SID sid;
- int32 account_count, i;
- SAM_ACCOUNT_ENUM *accounts;
-
- if (argc != 2) {
- printf("Usage: enum_accounts <domain-sid>\n");
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!string_to_sid(&sid, argv[1])){
- printf("Unparseable SID specified!\n");
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!NT_STATUS_IS_OK(status = sam_enum_accounts(st->context, st->token, &sid, 0, &account_count, &accounts))) {
- printf("sam_enum_accounts failed: %s\n", nt_errstr(status));
- return status;
- }
-
- if (account_count == 0) {
- printf("No accounts found!\n");
- return NT_STATUS_OK;
- }
-
- for (i = 0; i < account_count; i++)
- printf("SID: %s\nName: %s\nFullname: %s\nDescription: %s\nACB_BITS: %08X\n\n",
- sid_string_static(&accounts[i].sid), accounts[i].account_name,
- accounts[i].full_name, accounts[i].account_desc,
- accounts[i].acct_ctrl);
-
- SAFE_FREE(accounts);
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS cmd_lookup_account_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- NTSTATUS status;
- DOM_SID sid;
- SAM_ACCOUNT_HANDLE *account;
-
- if (argc != 2) {
- printf("Usage: lookup_account_sid <account-sid>\n");
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!string_to_sid(&sid, argv[1])){
- printf("Unparseable SID specified!\n");
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!NT_STATUS_IS_OK(status = sam_get_account_by_sid(st->context, st->token, GENERIC_RIGHTS_USER_ALL_ACCESS, &sid, &account))) {
- printf("context_sam_get_account_by_sid failed: %s\n", nt_errstr(status));
- return status;
- }
-
- print_account(account);
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS cmd_lookup_account_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- NTSTATUS status;
- SAM_ACCOUNT_HANDLE *account;
-
- if (argc != 3) {
- printf("Usage: lookup_account_name <domain-name> <account-name>\n");
- return NT_STATUS_INVALID_PARAMETER;
- }
-
-
- if (!NT_STATUS_IS_OK(status = sam_get_account_by_name(st->context, st->token, GENERIC_RIGHTS_USER_ALL_ACCESS, argv[1], argv[2], &account))) {
- printf("context_sam_get_account_by_sid failed: %s\n", nt_errstr(status));
- return status;
- }
-
- print_account(account);
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS cmd_create_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_update_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_delete_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_enum_groups(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_lookup_group_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_lookup_group_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_group_add_member(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS cmd_group_del_member(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-static NTSTATUS cmd_group_enum(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-static NTSTATUS cmd_get_sid_groups(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-struct cmd_set sam_general_commands[] = {
-
- { "General SAM Commands" },
-
- { "load", cmd_load_module, "Load a module", "load <module.so> [domain-sid]" },
- { "context", cmd_context, "Load specified context", "context [DOMAIN|]backend1[:options] [DOMAIN|]backend2[:options]" },
- { "get_sec_desc", cmd_get_sec_desc, "Get security descriptor info", "get_sec_desc <access-token> <sid>" },
- { "set_sec_desc", cmd_set_sec_desc, "Set security descriptor info", "set_sec_desc <access-token> <sid>" },
- { "lookup_sid", cmd_lookup_sid, "Lookup type of specified SID", "lookup_sid <sid>" },
- { "lookup_name", cmd_lookup_name, "Lookup type of specified name", "lookup_name <sid>" },
- { NULL }
-};
-
-struct cmd_set sam_domain_commands[] = {
- { "Domain Commands" },
- { "update_domain", cmd_update_domain, "Update domain information", "update_domain [domain-options] domain-name | domain-sid" },
- { "show_domain", cmd_show_domain, "Show domain information", "show_domain domain-sid | domain-name" },
- { "enum_domains", cmd_enum_domains, "Enumerate all domains", "enum_domains <token> <acct-ctrl>" },
- { "lookup_domain", cmd_lookup_domain, "Lookup a domain by name", "lookup_domain domain-name" },
- { NULL }
-};
-
-struct cmd_set sam_account_commands[] = {
- { "Account Commands" },
- { "create_account", cmd_create_account, "Create a new account with specified properties", "create_account [account-options]" },
- { "update_account", cmd_update_account, "Update an existing account", "update_account [account-options] account-sid | account-name" },
- { "delete_account", cmd_delete_account, "Delete an account", "delete_account account-sid | account-name" },
- { "enum_accounts", cmd_enum_accounts, "Enumerate all accounts", "enum_accounts <token> <acct-ctrl>" },
- { "lookup_account", cmd_lookup_account, "Lookup an account by either sid or name", "lookup_account account-sid | account-name" },
- { "lookup_account_sid", cmd_lookup_account_sid, "Lookup an account by sid", "lookup_account_sid account-sid" },
- { "lookup_account_name", cmd_lookup_account_name, "Lookup an account by name", "lookup_account_name account-name" },
- { NULL }
-};
-
-struct cmd_set sam_group_commands[] = {
- { "Group Commands" },
- { "create_group", cmd_create_group, "Create a new group", "create_group [group-opts]" },
- { "update_group", cmd_update_group, "Update an existing group", "update_group [group-opts] group-name | group-sid" },
- { "delete_group", cmd_delete_group, "Delete an existing group", "delete_group group-name | group-sid" },
- { "enum_groups", cmd_enum_groups, "Enumerate all groups", "enum_groups <token> <group-ctrl>" },
- { "lookup_group", cmd_lookup_group, "Lookup a group by SID or name", "lookup_group group-sid | group-name" },
- { "lookup_group_sid", cmd_lookup_group_sid, "Lookup a group by SID", "lookup_group_sid <sid>" },
- { "lookup_group_name", cmd_lookup_group_name, "Lookup a group by name", "lookup_group_name <name>" },
- { "group_add_member", cmd_group_add_member, "Add group member to group", "group_add_member <group-name | group-sid> <member-name | member-sid>" },
- { "group_del_member", cmd_group_del_member, "Delete group member from group", "group_del_member <group-name | group-sid> <member-name | member-sid>" },
- { "group_enum", cmd_group_enum, "Enumerate all members of specified group", "group_enum group-sid | group-name" },
-
- { "get_sid_groups", cmd_get_sid_groups, "Get a list of groups specified sid is a member of", "group_enum <group-sid | group-name>" },
- { NULL }
-};
diff --git a/source3/torture/denytest.c b/source3/torture/denytest.c
index 3a7906fb33..017bb1c06d 100644
--- a/source3/torture/denytest.c
+++ b/source3/torture/denytest.c
@@ -1408,7 +1408,7 @@ static void progress_bar(unsigned i, unsigned total)
*/
BOOL torture_denytest1(int dummy)
{
- struct cli_state *cli1;
+ static struct cli_state cli1;
int fnum1, fnum2;
int i;
BOOL correct = True;
@@ -1421,10 +1421,10 @@ BOOL torture_denytest1(int dummy)
printf("starting denytest1\n");
for (i=0;i<2;i++) {
- cli_unlink(cli1, fnames[i]);
- fnum1 = cli_open(cli1, fnames[i], O_RDWR|O_CREAT, DENY_NONE);
- cli_write(cli1, fnum1, 0, fnames[i], 0, strlen(fnames[i]));
- cli_close(cli1, fnum1);
+ cli_unlink(&cli1, fnames[i]);
+ fnum1 = cli_open(&cli1, fnames[i], O_RDWR|O_CREAT, DENY_NONE);
+ cli_write(&cli1, fnum1, 0, fnames[i], 0, strlen(fnames[i]));
+ cli_close(&cli1, fnum1);
}
printf("testing %d entries\n", ARRAY_SIZE(denytable1));
@@ -1435,10 +1435,10 @@ BOOL torture_denytest1(int dummy)
progress_bar(i, ARRAY_SIZE(denytable1));
- fnum1 = cli_open(cli1, fname,
+ fnum1 = cli_open(&cli1, fname,
denytable1[i].mode1,
denytable1[i].deny1);
- fnum2 = cli_open(cli1, fname,
+ fnum2 = cli_open(&cli1, fname,
denytable1[i].mode2,
denytable1[i].deny2);
@@ -1449,10 +1449,10 @@ BOOL torture_denytest1(int dummy)
} else {
char x = 1;
res = A_0;
- if (cli_read(cli1, fnum2, (void *)&x, 0, 1) == 1) {
+ if (cli_read(&cli1, fnum2, (void *)&x, 0, 1) == 1) {
res += A_R;
}
- if (cli_write(cli1, fnum2, 0, (void *)&x, 0, 1) == 1) {
+ if (cli_write(&cli1, fnum2, 0, (void *)&x, 0, 1) == 1) {
res += A_W;
}
}
@@ -1472,15 +1472,15 @@ BOOL torture_denytest1(int dummy)
resultstr(denytable1[i].result));
}
- cli_close(cli1, fnum1);
- cli_close(cli1, fnum2);
+ cli_close(&cli1, fnum1);
+ cli_close(&cli1, fnum2);
}
for (i=0;i<2;i++) {
- cli_unlink(cli1, fnames[i]);
+ cli_unlink(&cli1, fnames[i]);
}
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(&cli1)) {
correct = False;
}
@@ -1494,7 +1494,7 @@ BOOL torture_denytest1(int dummy)
*/
BOOL torture_denytest2(int dummy)
{
- static struct cli_state *cli1, *cli2;
+ static struct cli_state cli1, cli2;
int fnum1, fnum2;
int i;
BOOL correct = True;
@@ -1507,10 +1507,10 @@ BOOL torture_denytest2(int dummy)
printf("starting denytest2\n");
for (i=0;i<2;i++) {
- cli_unlink(cli1, fnames[i]);
- fnum1 = cli_open(cli1, fnames[i], O_RDWR|O_CREAT, DENY_NONE);
- cli_write(cli1, fnum1, 0, fnames[i], 0, strlen(fnames[i]));
- cli_close(cli1, fnum1);
+ cli_unlink(&cli1, fnames[i]);
+ fnum1 = cli_open(&cli1, fnames[i], O_RDWR|O_CREAT, DENY_NONE);
+ cli_write(&cli1, fnum1, 0, fnames[i], 0, strlen(fnames[i]));
+ cli_close(&cli1, fnum1);
}
for (i=0; i<ARRAY_SIZE(denytable2); i++) {
@@ -1519,10 +1519,10 @@ BOOL torture_denytest2(int dummy)
progress_bar(i, ARRAY_SIZE(denytable1));
- fnum1 = cli_open(cli1, fname,
+ fnum1 = cli_open(&cli1, fname,
denytable2[i].mode1,
denytable2[i].deny1);
- fnum2 = cli_open(cli2, fname,
+ fnum2 = cli_open(&cli2, fname,
denytable2[i].mode2,
denytable2[i].deny2);
@@ -1533,10 +1533,10 @@ BOOL torture_denytest2(int dummy)
} else {
char x = 1;
res = A_0;
- if (cli_read(cli2, fnum2, (void *)&x, 0, 1) == 1) {
+ if (cli_read(&cli2, fnum2, (void *)&x, 0, 1) == 1) {
res += A_R;
}
- if (cli_write(cli2, fnum2, 0, (void *)&x, 0, 1) == 1) {
+ if (cli_write(&cli2, fnum2, 0, (void *)&x, 0, 1) == 1) {
res += A_W;
}
}
@@ -1556,18 +1556,18 @@ BOOL torture_denytest2(int dummy)
resultstr(denytable2[i].result));
}
- cli_close(cli1, fnum1);
- cli_close(cli2, fnum2);
+ cli_close(&cli1, fnum1);
+ cli_close(&cli2, fnum2);
}
for (i=0;i<2;i++) {
- cli_unlink(cli1, fnames[i]);
+ cli_unlink(&cli1, fnames[i]);
}
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(&cli1)) {
correct = False;
}
- if (!torture_close_connection(cli2)) {
+ if (!torture_close_connection(&cli2)) {
correct = False;
}
diff --git a/source3/torture/mangle_test.c b/source3/torture/mangle_test.c
index d1475eb64e..6d127a918e 100644
--- a/source3/torture/mangle_test.c
+++ b/source3/torture/mangle_test.c
@@ -135,7 +135,7 @@ static void gen_name(char *name)
/* and a medium probability of a common lead string */
if (random() % 10 == 0) {
- strncpy(p, "ABCDE", 6);
+ strncpy(p, "ABCDE", 5);
}
/* and a high probability of a good extension length */
@@ -151,7 +151,7 @@ static void gen_name(char *name)
BOOL torture_mangle(int dummy)
{
extern int torture_numops;
- static struct cli_state *cli;
+ static struct cli_state cli;
int i;
printf("starting mangle test\n");
@@ -167,10 +167,10 @@ BOOL torture_mangle(int dummy)
return False;
}
- cli_unlink(cli, "\\mangle_test\\*");
- cli_rmdir(cli, "\\mangle_test");
+ cli_unlink(&cli, "\\mangle_test\\*");
+ cli_rmdir(&cli, "\\mangle_test");
- if (!cli_mkdir(cli, "\\mangle_test")) {
+ if (!cli_mkdir(&cli, "\\mangle_test")) {
printf("ERROR: Failed to make directory\n");
return False;
}
@@ -180,7 +180,7 @@ BOOL torture_mangle(int dummy)
gen_name(name);
- if (!test_one(cli, name)) {
+ if (!test_one(&cli, name)) {
break;
}
if (total && total % 100 == 0) {
@@ -189,8 +189,8 @@ BOOL torture_mangle(int dummy)
}
}
- cli_unlink(cli, "\\mangle_test\\*");
- if (!cli_rmdir(cli, "\\mangle_test")) {
+ cli_unlink(&cli, "\\mangle_test\\*");
+ if (!cli_rmdir(&cli, "\\mangle_test")) {
printf("ERROR: Failed to remove directory\n");
return False;
}
@@ -198,7 +198,7 @@ BOOL torture_mangle(int dummy)
printf("\nTotal collisions %u/%u - %.2f%% (%u failures)\n",
collisions, total, (100.0*collisions) / total, failures);
- torture_close_connection(cli);
+ torture_close_connection(&cli);
printf("mangle test finished\n");
return (failures == 0);
diff --git a/source3/torture/masktest.c b/source3/torture/masktest.c
index 06dead3f16..7d751fb789 100644
--- a/source3/torture/masktest.c
+++ b/source3/torture/masktest.c
@@ -33,7 +33,6 @@ static const char *filechars = "abcdefghijklm.";
static int verbose;
static int die_on_error;
static int NumLoops = 0;
-static int ignore_dot_errors = 0;
/* a test fn for LANMAN mask support */
int ms_fnmatch_lanman_core(const char *pattern, const char *string)
@@ -325,9 +324,7 @@ static void testpair(struct cli_state *cli, char *mask, char *file)
res2 = reg_test(cli, mask, long_name, short_name);
- if (showall ||
- ((strcmp(res1, res2) && !ignore_dot_errors) ||
- (strcmp(res1+2, res2+2) && ignore_dot_errors))) {
+ if (showall || strcmp(res1, res2)) {
DEBUG(0,("%s %s %d mask=[%s] file=[%s] rfile=[%s/%s]\n",
res1, res2, count, mask, file, long_name, short_name));
if (die_on_error) exit(1);
@@ -412,7 +409,6 @@ static void usage(void)
-v verbose mode\n\
-E die on error\n\
-a show all tests\n\
- -i ignore . and .. errors\n\
\n\
This program tests wildcard matching between two servers. It generates\n\
random pairs of filenames/masks and tests that they match in the same\n\
@@ -465,7 +461,7 @@ static void usage(void)
seed = time(NULL);
- while ((opt = getopt(argc, argv, "n:d:U:s:hm:f:aoW:M:vEi")) != EOF) {
+ while ((opt = getopt(argc, argv, "n:d:U:s:hm:f:aoW:M:vE")) != EOF) {
switch (opt) {
case 'n':
NumLoops = atoi(optarg);
@@ -476,9 +472,6 @@ static void usage(void)
case 'E':
die_on_error = 1;
break;
- case 'i':
- ignore_dot_errors = 1;
- break;
case 'v':
verbose++;
break;
diff --git a/source3/torture/nbio.c b/source3/torture/nbio.c
index d8d3ca0c09..2d519b40ba 100644
--- a/source3/torture/nbio.c
+++ b/source3/torture/nbio.c
@@ -148,12 +148,12 @@ void nb_createx(char *fname,
desired_access = FILE_READ_DATA | FILE_WRITE_DATA;
}
- fd = cli_nt_create_full(c, fname, 0,
+ fd = cli_nt_create_full(c, fname,
desired_access,
0x0,
FILE_SHARE_READ|FILE_SHARE_WRITE,
create_disposition,
- create_options, 0);
+ create_options);
if (fd == -1 && handle != -1) {
printf("ERROR: cli_nt_create_full failed for %s - %s\n",
fname, cli_errstr(c));
diff --git a/source3/torture/samtest.c b/source3/torture/samtest.c
deleted file mode 100644
index fd5f75a664..0000000000
--- a/source3/torture/samtest.c
+++ /dev/null
@@ -1,445 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- SAM module tester
-
- Copyright (C) 2002 Jelmer Vernooij
-
- Parts of the code stolen from vfstest by Simo Sorce and Eric Lorimer
- Parts of the code stolen from rpcclient by Tim Potter
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-#include "samtest.h"
-
-struct func_entry {
- char *name;
- int (*fn)(struct connection_struct *conn, const char *path);
-};
-
-/* List to hold groups of commands */
-static struct cmd_list {
- struct cmd_list *prev, *next;
- struct cmd_set *cmd_set;
-} *cmd_list;
-
-static char* next_command (char** cmdstr)
-{
- static pstring command;
- char *p;
-
- if (!cmdstr || !(*cmdstr))
- return NULL;
-
- p = strchr_m(*cmdstr, ';');
- if (p)
- *p = '\0';
- pstrcpy(command, *cmdstr);
- *cmdstr = p;
-
- return command;
-}
-
-/* Load specified configuration file */
-static NTSTATUS cmd_conf(struct samtest_state *sam, TALLOC_CTX *mem_ctx,
- int argc, char **argv)
-{
- if (argc != 2) {
- printf("Usage: %s <smb.conf>\n", argv[0]);
- return NT_STATUS_OK;
- }
-
- if (!lp_load(argv[1], False, True, False)) {
- printf("Error loading \"%s\"\n", argv[1]);
- return NT_STATUS_OK;
- }
-
- printf("\"%s\" successfully loaded\n", argv[1]);
- return NT_STATUS_OK;
-}
-
-/* Display help on commands */
-static NTSTATUS cmd_help(struct samtest_state *st, TALLOC_CTX *mem_ctx,
- int argc, const char **argv)
-{
- struct cmd_list *tmp;
- struct cmd_set *tmp_set;
-
- /* Usage */
- if (argc > 2) {
- printf("Usage: %s [command]\n", argv[0]);
- return NT_STATUS_OK;
- }
-
- /* Help on one command */
-
- if (argc == 2) {
- for (tmp = cmd_list; tmp; tmp = tmp->next) {
-
- tmp_set = tmp->cmd_set;
-
- while(tmp_set->name) {
- if (strequal(argv[1], tmp_set->name)) {
- if (tmp_set->usage &&
- tmp_set->usage[0])
- printf("%s\n", tmp_set->usage);
- else
- printf("No help for %s\n", tmp_set->name);
-
- return NT_STATUS_OK;
- }
-
- tmp_set++;
- }
- }
-
- printf("No such command: %s\n", argv[1]);
- return NT_STATUS_OK;
- }
-
- /* List all commands */
-
- for (tmp = cmd_list; tmp; tmp = tmp->next) {
-
- tmp_set = tmp->cmd_set;
-
- while(tmp_set->name) {
-
- printf("%20s\t%s\n", tmp_set->name,
- tmp_set->description ? tmp_set->description:
- "");
-
- tmp_set++;
- }
- }
-
- return NT_STATUS_OK;
-}
-
-/* Change the debug level */
-static NTSTATUS cmd_debuglevel(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- if (argc > 2) {
- printf("Usage: %s [debuglevel]\n", argv[0]);
- return NT_STATUS_OK;
- }
-
- if (argc == 2) {
- DEBUGLEVEL = atoi(argv[1]);
- }
-
- printf("debuglevel is %d\n", DEBUGLEVEL);
-
- return NT_STATUS_OK;
-}
-
-static NTSTATUS cmd_quit(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
-{
- /* Cleanup */
- talloc_destroy(mem_ctx);
-
- exit(0);
- return NT_STATUS_OK; /* NOTREACHED */
-}
-
-static struct cmd_set samtest_commands[] = {
-
- { "GENERAL OPTIONS" },
-
- { "help", cmd_help, "Get help on commands", "" },
- { "?", cmd_help, "Get help on commands", "" },
- { "conf", cmd_conf, "Load smb configuration file", "conf <smb.conf>" },
- { "debuglevel", cmd_debuglevel, "Set debug level", "" },
- { "exit", cmd_quit, "Exit program", "" },
- { "quit", cmd_quit, "Exit program", "" },
-
- { NULL }
-};
-
-static struct cmd_set separator_command[] = {
- { "---------------", NULL, "----------------------" },
- { NULL }
-};
-
-
-/*extern struct cmd_set sam_commands[];*/
-extern struct cmd_set sam_general_commands[];
-extern struct cmd_set sam_domain_commands[];
-extern struct cmd_set sam_account_commands[];
-extern struct cmd_set sam_group_commands[];
-static struct cmd_set *samtest_command_list[] = {
- samtest_commands,
- sam_general_commands,
- sam_domain_commands,
- sam_account_commands,
- sam_group_commands,
- NULL
-};
-
-static void add_command_set(struct cmd_set *cmd_set)
-{
- struct cmd_list *entry;
-
- if (!(entry = (struct cmd_list *)malloc(sizeof(struct cmd_list)))) {
- DEBUG(0, ("out of memory\n"));
- return;
- }
-
- ZERO_STRUCTP(entry);
-
- entry->cmd_set = cmd_set;
- DLIST_ADD(cmd_list, entry);
-}
-
-static NTSTATUS do_cmd(struct samtest_state *st, struct cmd_set *cmd_entry, char *cmd)
-{
- char *p = cmd, **argv = NULL;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- TALLOC_CTX *mem_ctx = NULL;
- pstring buf;
- int argc = 0, i;
-
- /* Count number of arguments first time through the loop then
- allocate memory and strdup them. */
-
- again:
- while(next_token(&p, buf, " ", sizeof(buf))) {
- if (argv) {
- argv[argc] = strdup(buf);
- }
-
- argc++;
- }
-
- if (!argv) {
-
- /* Create argument list */
-
- argv = (char **)malloc(sizeof(char *) * argc);
- memset(argv, 0, sizeof(char *) * argc);
-
- if (!argv) {
- fprintf(stderr, "out of memory\n");
- result = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- p = cmd;
- argc = 0;
-
- goto again;
- }
-
- /* Call the function */
-
- if (cmd_entry->fn) {
-
- if (mem_ctx == NULL) {
- /* Create mem_ctx */
- if (!(mem_ctx = talloc_init("do_cmd"))) {
- DEBUG(0, ("talloc_init() failed\n"));
- goto done;
- }
- }
-
- /* Run command */
- result = cmd_entry->fn(st, mem_ctx, argc, argv);
-
- } else {
- fprintf (stderr, "Invalid command\n");
- goto done;
- }
-
- done:
-
- /* Cleanup */
-
- if (argv) {
- for (i = 0; i < argc; i++)
- SAFE_FREE(argv[i]);
-
- SAFE_FREE(argv);
- }
-
- return result;
-}
-
-/* Process a command entered at the prompt or as part of -c */
-static NTSTATUS process_cmd(struct samtest_state *st, char *cmd)
-{
- struct cmd_list *temp_list;
- BOOL found = False;
- pstring buf;
- char *p = cmd;
- NTSTATUS result = NT_STATUS_OK;
- int len = 0;
-
- if (cmd[strlen(cmd) - 1] == '\n')
- cmd[strlen(cmd) - 1] = '\0';
-
- if (!next_token(&p, buf, " ", sizeof(buf))) {
- return NT_STATUS_OK;
- }
-
- /* strip the trainly \n if it exsists */
- len = strlen(buf);
- if (buf[len-1] == '\n')
- buf[len-1] = '\0';
-
- /* Search for matching commands */
-
- for (temp_list = cmd_list; temp_list; temp_list = temp_list->next) {
- struct cmd_set *temp_set = temp_list->cmd_set;
-
- while(temp_set->name) {
- if (strequal(buf, temp_set->name)) {
- found = True;
- result = do_cmd(st, temp_set, cmd);
-
- goto done;
- }
- temp_set++;
- }
- }
-
- done:
- if (!found && buf[0]) {
- printf("command not found: %s\n", buf);
- return NT_STATUS_OK;
- }
-
- if (!NT_STATUS_IS_OK(result)) {
- printf("result was %s\n", nt_errstr(result));
- }
-
- return result;
-}
-
-void exit_server(char *reason)
-{
- DEBUG(3,("Server exit (%s)\n", (reason ? reason : "")));
- exit(0);
-}
-
-static int server_fd = -1;
-int last_message = -1;
-
-int smbd_server_fd(void)
-{
- return server_fd;
-}
-
-BOOL reload_services(BOOL test)
-{
- return True;
-}
-
-/* Main function */
-
-int main(int argc, char *argv[])
-{
- BOOL interactive = True;
- int opt;
- static char *cmdstr = NULL;
- struct cmd_set **cmd_set;
- struct samtest_state st;
-
- /* make sure the vars that get altered (4th field) are in
- a fixed location or certain compilers complain */
- poptContext pc;
- struct poptOption long_options[] = {
- POPT_AUTOHELP
- {"command", 'e', POPT_ARG_STRING, &cmdstr, 'e', "Execute semicolon seperated cmds"},
- POPT_COMMON_SAMBA
- POPT_TABLEEND
- };
-
- ZERO_STRUCT(st);
-
- st.token = get_system_token();
-
- setlinebuf(stdout);
-
- DEBUGLEVEL = 1;
-
- pc = poptGetContext("samtest", argc, (const char **) argv,
- long_options, 0);
-
- while((opt = poptGetNextOpt(pc)) != -1) {
- switch (opt) {
- case 'l':
- slprintf(logfile, sizeof(logfile) - 1, "%s.client",
- opt_logfile);
- lp_set_logfile(logfile);
- interactive = False;
- break;
- }
- }
-
- if (!lp_load(config_file,True,False,False)) {
- fprintf(stderr, "Can't load %s - run testparm to debug it\n", config_file);
- exit(1);
- }
-
- poptFreeContext(pc);
-
- /* the following functions are part of the Samba debugging
- facilities. See lib/debug.c */
- setup_logging("samtest", interactive);
- if (!interactive)
- reopen_logs();
-
- /* Load command lists */
-
- cmd_set = samtest_command_list;
-
- while(*cmd_set) {
- add_command_set(*cmd_set);
- add_command_set(separator_command);
- cmd_set++;
- }
-
- /* Do anything specified with -c */
- if (cmdstr && cmdstr[0]) {
- char *cmd;
- char *p = cmdstr;
-
- while((cmd=next_command(&p)) != NULL) {
- process_cmd(&st, cmd);
- }
-
- return 0;
- }
-
- /* Loop around accepting commands */
-
- while(1) {
- pstring prompt;
- char *line;
-
- slprintf(prompt, sizeof(prompt) - 1, "samtest $> ");
-
- line = smb_readline(prompt, NULL, NULL);
-
- if (line == NULL)
- break;
-
- if (line[0] != '\n')
- process_cmd(&st, line);
- }
-
- return 0;
-}
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 94ee4dc791..a4dfac8490 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -29,7 +29,7 @@ static int nprocs=1;
static int port_to_use=0;
int torture_numops=100;
static int procnum; /* records process count number when forking */
-static struct cli_state *current_cli;
+static struct cli_state current_cli;
static fstring randomfname;
static BOOL use_oplocks;
static BOOL use_level_II_oplocks;
@@ -105,14 +105,7 @@ static BOOL open_nbt_connection(struct cli_state *c)
zero_ip(&ip);
- if (!cli_initialise(c)) {
- printf("Failed initialize cli_struct to connect with %s\n", host);
- return False;
- }
-
- c->port = port_to_use;
-
- if (!cli_connect(c, host, &ip)) {
+ if (!cli_initialise(c) || !cli_connect(c, host, &ip)) {
printf("Failed to connect with %s\n", host);
return False;
}
@@ -124,67 +117,45 @@ static BOOL open_nbt_connection(struct cli_state *c)
if (use_level_II_oplocks) c->use_level_II_oplocks = True;
if (!cli_session_request(c, &calling, &called)) {
- /*
- * Well, that failed, try *SMBSERVER ...
- * However, we must reconnect as well ...
- */
- if (!cli_connect(c, host, &ip)) {
- printf("Failed to connect with %s\n", host);
- return False;
- }
-
- make_nmb_name(&called, "*SMBSERVER", 0x20);
- if (!cli_session_request(c, &calling, &called)) {
- printf("%s rejected the session\n",host);
- printf("We tried with a called name of %s & %s\n",
- host, "*SMBSERVER");
- cli_shutdown(c);
- return False;
- }
+ printf("%s rejected the session\n",host);
+ cli_shutdown(c);
+ return False;
}
return True;
}
-BOOL torture_open_connection(struct cli_state **c)
+BOOL torture_open_connection(struct cli_state *c)
{
- BOOL retry;
- int flags = 0;
- NTSTATUS status;
+ ZERO_STRUCTP(c);
- if (use_kerberos)
- flags |= CLI_FULL_CONNECTION_USE_KERBEROS;
-
- status = cli_full_connection(c, myname,
- host, NULL, port_to_use,
- share, "?????",
- username, workgroup,
- password, flags, &retry);
- if (!NT_STATUS_IS_OK(status)) {
+ if (!open_nbt_connection(c)) {
return False;
}
- if (use_oplocks) (*c)->use_oplocks = True;
- if (use_level_II_oplocks) (*c)->use_level_II_oplocks = True;
- (*c)->timeout = 120000; /* set a really long timeout (2 minutes) */
+ if (!cli_negprot(c)) {
+ printf("%s rejected the negprot (%s)\n",host, cli_errstr(c));
+ cli_shutdown(c);
+ return False;
+ }
- return True;
-}
+ if (!cli_session_setup(c, username,
+ password, strlen(password),
+ password, strlen(password),
+ workgroup)) {
+ printf("%s rejected the sessionsetup (%s)\n", host, cli_errstr(c));
+ cli_shutdown(c);
+ return False;
+ }
-BOOL torture_cli_session_setup2(struct cli_state *cli, uint16 *new_vuid)
-{
- uint16 old_vuid = cli->vuid;
- fstring old_user_name;
- size_t passlen = strlen(password);
- BOOL ret;
+ if (!cli_send_tconX(c, share, "?????",
+ password, strlen(password)+1)) {
+ printf("%s refused tree connect (%s)\n", host, cli_errstr(c));
+ cli_shutdown(c);
+ return False;
+ }
- fstrcpy(old_user_name, cli->user_name);
- cli->vuid = 0;
- ret = cli_session_setup(cli, username, password, passlen, password, passlen, workgroup);
- *new_vuid = cli->vuid;
- cli->vuid = old_vuid;
- fstrcpy(cli->user_name, old_user_name);
- return ret;
+ return True;
}
@@ -340,16 +311,16 @@ static BOOL rw_torture(struct cli_state *c)
static BOOL run_torture(int dummy)
{
- struct cli_state *cli;
+ struct cli_state cli;
BOOL ret;
cli = current_cli;
- cli_sockopt(cli, sockops);
+ cli_sockopt(&cli, sockops);
- ret = rw_torture(cli);
+ ret = rw_torture(&cli);
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
ret = False;
}
@@ -359,7 +330,7 @@ static BOOL run_torture(int dummy)
static BOOL rw_torture3(struct cli_state *c, char *lockfname)
{
int fnum = -1;
- unsigned int i = 0;
+ int i = 0;
char buf[131072];
char buf_rd[131072];
unsigned count;
@@ -533,28 +504,28 @@ static BOOL rw_torture2(struct cli_state *c1, struct cli_state *c2)
static BOOL run_readwritetest(int dummy)
{
- static struct cli_state *cli1, *cli2;
+ static struct cli_state cli1, cli2;
BOOL test1, test2;
if (!torture_open_connection(&cli1) || !torture_open_connection(&cli2)) {
return False;
}
- cli_sockopt(cli1, sockops);
- cli_sockopt(cli2, sockops);
+ cli_sockopt(&cli1, sockops);
+ cli_sockopt(&cli2, sockops);
printf("starting readwritetest\n");
- test1 = rw_torture2(cli1, cli2);
+ test1 = rw_torture2(&cli1, &cli2);
printf("Passed readwritetest v1: %s\n", BOOLSTR(test1));
- test2 = rw_torture2(cli1, cli1);
+ test2 = rw_torture2(&cli1, &cli1);
printf("Passed readwritetest v2: %s\n", BOOLSTR(test2));
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(&cli1)) {
test1 = False;
}
- if (!torture_close_connection(cli2)) {
+ if (!torture_close_connection(&cli2)) {
test2 = False;
}
@@ -563,7 +534,7 @@ static BOOL run_readwritetest(int dummy)
static BOOL run_readwritemulti(int dummy)
{
- struct cli_state *cli;
+ static struct cli_state cli;
BOOL test;
cli = current_cli;
@@ -582,7 +553,7 @@ static BOOL run_readwritemulti(int dummy)
static BOOL run_readwritelarge(int dummy)
{
- static struct cli_state *cli1;
+ static struct cli_state cli1;
int fnum1;
const char *lockfname = "\\large.dat";
size_t fsize;
@@ -592,25 +563,25 @@ static BOOL run_readwritelarge(int dummy)
if (!torture_open_connection(&cli1)) {
return False;
}
- cli_sockopt(cli1, sockops);
+ cli_sockopt(&cli1, sockops);
memset(buf,'\0',sizeof(buf));
- cli1->max_xmit = 128*1024;
+ cli1.max_xmit = 128*1024;
printf("starting readwritelarge\n");
- cli_unlink(cli1, lockfname);
+ cli_unlink(&cli1, lockfname);
- fnum1 = cli_open(cli1, lockfname, O_RDWR | O_CREAT | O_EXCL, DENY_NONE);
+ fnum1 = cli_open(&cli1, lockfname, O_RDWR | O_CREAT | O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open read/write of %s failed (%s)\n", lockfname, cli_errstr(cli1));
+ printf("open read/write of %s failed (%s)\n", lockfname, cli_errstr(&cli1));
return False;
}
- cli_write(cli1, fnum1, 0, buf, 0, sizeof(buf));
+ cli_write(&cli1, fnum1, 0, buf, 0, sizeof(buf));
- if (!cli_qfileinfo(cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) {
- printf("qfileinfo failed (%s)\n", cli_errstr(cli1));
+ if (!cli_qfileinfo(&cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) {
+ printf("qfileinfo failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
@@ -621,28 +592,28 @@ static BOOL run_readwritelarge(int dummy)
correct = False;
}
- if (!cli_close(cli1, fnum1)) {
- printf("close failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
- if (!cli_unlink(cli1, lockfname)) {
- printf("unlink failed (%s)\n", cli_errstr(cli1));
+ if (!cli_unlink(&cli1, lockfname)) {
+ printf("unlink failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
- fnum1 = cli_open(cli1, lockfname, O_RDWR | O_CREAT | O_EXCL, DENY_NONE);
+ fnum1 = cli_open(&cli1, lockfname, O_RDWR | O_CREAT | O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open read/write of %s failed (%s)\n", lockfname, cli_errstr(cli1));
+ printf("open read/write of %s failed (%s)\n", lockfname, cli_errstr(&cli1));
return False;
}
- cli1->max_xmit = 4*1024;
+ cli1.max_xmit = 4*1024;
- cli_smbwrite(cli1, fnum1, buf, 0, sizeof(buf));
+ cli_smbwrite(&cli1, fnum1, buf, 0, sizeof(buf));
- if (!cli_qfileinfo(cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) {
- printf("qfileinfo failed (%s)\n", cli_errstr(cli1));
+ if (!cli_qfileinfo(&cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) {
+ printf("qfileinfo failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
@@ -655,28 +626,28 @@ static BOOL run_readwritelarge(int dummy)
#if 0
/* ToDo - set allocation. JRA */
- if(!cli_set_allocation_size(cli1, fnum1, 0)) {
+ if(!cli_set_allocation_size(&cli1, fnum1, 0)) {
printf("set allocation size to zero failed (%s)\n", cli_errstr(&cli1));
return False;
}
- if (!cli_qfileinfo(cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) {
- printf("qfileinfo failed (%s)\n", cli_errstr(cli1));
+ if (!cli_qfileinfo(&cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) {
+ printf("qfileinfo failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
if (fsize != 0)
printf("readwritelarge test 3 (truncate test) succeeded (size = %x)\n", fsize);
#endif
- if (!cli_close(cli1, fnum1)) {
- printf("close failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(&cli1)) {
correct = False;
}
return correct;
-}
+ }
int line_count = 0;
int nbio_id;
@@ -686,7 +657,7 @@ int nbio_id;
/* run a test that simulates an approximate netbench client load */
static BOOL run_netbench(int client)
{
- struct cli_state *cli;
+ struct cli_state cli;
int i;
fstring fname;
pstring line;
@@ -699,9 +670,9 @@ static BOOL run_netbench(int client)
nbio_id = client;
- cli_sockopt(cli, sockops);
+ cli_sockopt(&cli, sockops);
- nb_setup(cli);
+ nb_setup(&cli);
slprintf(cname,sizeof(fname), "client%d", client);
@@ -773,7 +744,7 @@ static BOOL run_netbench(int client)
nb_cleanup();
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
@@ -811,7 +782,7 @@ static BOOL run_nbench(int dummy)
*/
static BOOL run_locktest1(int dummy)
{
- struct cli_state *cli1, *cli2;
+ static struct cli_state cli1, cli2;
const char *fname = "\\lockt1.lck";
int fnum1, fnum2, fnum3;
time_t t1, t2;
@@ -820,40 +791,40 @@ static BOOL run_locktest1(int dummy)
if (!torture_open_connection(&cli1) || !torture_open_connection(&cli2)) {
return False;
}
- cli_sockopt(cli1, sockops);
- cli_sockopt(cli2, sockops);
+ cli_sockopt(&cli1, sockops);
+ cli_sockopt(&cli2, sockops);
printf("starting locktest1\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- fnum2 = cli_open(cli1, fname, O_RDWR, DENY_NONE);
+ fnum2 = cli_open(&cli1, fname, O_RDWR, DENY_NONE);
if (fnum2 == -1) {
- printf("open2 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("open2 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- fnum3 = cli_open(cli2, fname, O_RDWR, DENY_NONE);
+ fnum3 = cli_open(&cli2, fname, O_RDWR, DENY_NONE);
if (fnum3 == -1) {
- printf("open3 of %s failed (%s)\n", fname, cli_errstr(cli2));
+ printf("open3 of %s failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
- if (!cli_lock(cli1, fnum1, 0, 4, 0, WRITE_LOCK)) {
- printf("lock1 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_lock(&cli1, fnum1, 0, 4, 0, WRITE_LOCK)) {
+ printf("lock1 failed (%s)\n", cli_errstr(&cli1));
return False;
}
- if (cli_lock(cli2, fnum3, 0, 4, 0, WRITE_LOCK)) {
+ if (cli_lock(&cli2, fnum3, 0, 4, 0, WRITE_LOCK)) {
printf("lock2 succeeded! This is a locking bug\n");
return False;
} else {
- if (!check_error(__LINE__, cli2, ERRDOS, ERRlock,
+ if (!check_error(__LINE__, &cli2, ERRDOS, ERRlock,
NT_STATUS_LOCK_NOT_GRANTED)) return False;
}
@@ -861,11 +832,11 @@ static BOOL run_locktest1(int dummy)
lock_timeout = (1 + (random() % 20));
printf("Testing lock timeout with timeout=%u\n", lock_timeout);
t1 = time(NULL);
- if (cli_lock(cli2, fnum3, 0, 4, lock_timeout * 1000, WRITE_LOCK)) {
+ if (cli_lock(&cli2, fnum3, 0, 4, lock_timeout * 1000, WRITE_LOCK)) {
printf("lock3 succeeded! This is a locking bug\n");
return False;
} else {
- if (!check_error(__LINE__, cli2, ERRDOS, ERRlock,
+ if (!check_error(__LINE__, &cli2, ERRDOS, ERRlock,
NT_STATUS_FILE_LOCK_CONFLICT)) return False;
}
t2 = time(NULL);
@@ -876,40 +847,40 @@ static BOOL run_locktest1(int dummy)
printf("server slept for %u seconds for a %u second timeout\n",
(unsigned int)(t2-t1), lock_timeout);
- if (!cli_close(cli1, fnum2)) {
- printf("close1 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum2)) {
+ printf("close1 failed (%s)\n", cli_errstr(&cli1));
return False;
}
- if (cli_lock(cli2, fnum3, 0, 4, 0, WRITE_LOCK)) {
+ if (cli_lock(&cli2, fnum3, 0, 4, 0, WRITE_LOCK)) {
printf("lock4 succeeded! This is a locking bug\n");
return False;
} else {
- if (!check_error(__LINE__, cli2, ERRDOS, ERRlock,
+ if (!check_error(__LINE__, &cli2, ERRDOS, ERRlock,
NT_STATUS_FILE_LOCK_CONFLICT)) return False;
}
- if (!cli_close(cli1, fnum1)) {
- printf("close2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close2 failed (%s)\n", cli_errstr(&cli1));
return False;
}
- if (!cli_close(cli2, fnum3)) {
- printf("close3 failed (%s)\n", cli_errstr(cli2));
+ if (!cli_close(&cli2, fnum3)) {
+ printf("close3 failed (%s)\n", cli_errstr(&cli2));
return False;
}
- if (!cli_unlink(cli1, fname)) {
- printf("unlink failed (%s)\n", cli_errstr(cli1));
+ if (!cli_unlink(&cli1, fname)) {
+ printf("unlink failed (%s)\n", cli_errstr(&cli1));
return False;
}
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(&cli1)) {
return False;
}
- if (!torture_close_connection(cli2)) {
+ if (!torture_close_connection(&cli2)) {
return False;
}
@@ -918,144 +889,76 @@ static BOOL run_locktest1(int dummy)
}
/*
- this checks to see if a secondary tconx can use open files from an
- earlier tconx
+ checks for correct tconX support
*/
static BOOL run_tcon_test(int dummy)
{
- static struct cli_state *cli;
+ static struct cli_state cli1;
const char *fname = "\\tcontest.tmp";
int fnum1;
- uint16 cnum1, cnum2, cnum3;
- uint16 vuid1, vuid2;
+ uint16 cnum;
char buf[4];
- BOOL ret = True;
- if (!torture_open_connection(&cli)) {
+ if (!torture_open_connection(&cli1)) {
return False;
}
- cli_sockopt(cli, sockops);
+ cli_sockopt(&cli1, sockops);
printf("starting tcontest\n");
- cli_unlink(cli, fname);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_open(cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
- if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli));
+ fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ if (fnum1 == -1)
+ {
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- cnum1 = cli->cnum;
- vuid1 = cli->vuid;
+ cnum = cli1.cnum;
- if (cli_write(cli, fnum1, 0, buf, 130, 4) != 4) {
- printf("initial write failed (%s)", cli_errstr(cli));
+ if (cli_write(&cli1, fnum1, 0, buf, 130, 4) != 4)
+ {
+ printf("write failed (%s)", cli_errstr(&cli1));
return False;
}
- if (!cli_send_tconX(cli, share, "?????",
+ if (!cli_send_tconX(&cli1, share, "?????",
password, strlen(password)+1)) {
printf("%s refused 2nd tree connect (%s)\n", host,
- cli_errstr(cli));
- cli_shutdown(cli);
+ cli_errstr(&cli1));
+ cli_shutdown(&cli1);
return False;
}
- cnum2 = cli->cnum;
- cnum3 = MAX(cnum1, cnum2) + 1; /* any invalid number */
- vuid2 = cli->vuid + 1;
-
- /* try a write with the wrong tid */
- cli->cnum = cnum2;
-
- if (cli_write(cli, fnum1, 0, buf, 130, 4) == 4) {
- printf("* server allows write with wrong TID\n");
- ret = False;
- } else {
- printf("server fails write with wrong TID : %s\n", cli_errstr(cli));
- }
-
-
- /* try a write with an invalid tid */
- cli->cnum = cnum3;
-
- if (cli_write(cli, fnum1, 0, buf, 130, 4) == 4) {
- printf("* server allows write with invalid TID\n");
- ret = False;
- } else {
- printf("server fails write with invalid TID : %s\n", cli_errstr(cli));
- }
-
- /* try a write with an invalid vuid */
- cli->vuid = vuid2;
- cli->cnum = cnum1;
-
- if (cli_write(cli, fnum1, 0, buf, 130, 4) == 4) {
- printf("* server allows write with invalid VUID\n");
- ret = False;
- } else {
- printf("server fails write with invalid VUID : %s\n", cli_errstr(cli));
- }
-
- cli->cnum = cnum1;
- cli->vuid = vuid1;
-
- if (!cli_close(cli, fnum1)) {
- printf("close failed (%s)\n", cli_errstr(cli));
+ if (cli_write(&cli1, fnum1, 0, buf, 130, 4) == 4)
+ {
+ printf("write succeeded (%s)", cli_errstr(&cli1));
return False;
}
- cli->cnum = cnum2;
-
- if (!cli_tdis(cli)) {
- printf("secondary tdis failed (%s)\n", cli_errstr(cli));
+ if (cli_close(&cli1, fnum1)) {
+ printf("close2 succeeded (%s)\n", cli_errstr(&cli1));
return False;
}
- cli->cnum = cnum1;
-
- if (!torture_close_connection(cli)) {
+ if (!cli_tdis(&cli1)) {
+ printf("tdis failed (%s)\n", cli_errstr(&cli1));
return False;
}
- return ret;
-}
-
+ cli1.cnum = cnum;
-/*
- checks for old style tcon support
- */
-static BOOL run_tcon2_test(int dummy)
-{
- static struct cli_state *cli;
- uint16 cnum, max_xmit;
- char *service;
- NTSTATUS status;
-
- if (!torture_open_connection(&cli)) {
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close2 failed (%s)\n", cli_errstr(&cli1));
return False;
}
- cli_sockopt(cli, sockops);
- printf("starting tcon2 test\n");
-
- asprintf(&service, "\\\\%s\\%s", host, share);
-
- status = cli_raw_tcon(cli, service, password, "?????", &max_xmit, &cnum);
-
- if (!NT_STATUS_IS_OK(status)) {
- printf("tcon2 failed : %s\n", cli_errstr(cli));
- } else {
- printf("tcon OK : max_xmit=%d cnum=%d tid=%d\n",
- (int)max_xmit, (int)cnum, SVAL(cli->inbuf, smb_tid));
- }
-
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli1)) {
return False;
}
- printf("Passed tcon2 test\n");
+ printf("Passed tcontest\n");
return True;
}
@@ -1172,7 +1075,7 @@ static BOOL run_tcon_devtype_test(int dummy)
*/
static BOOL run_locktest2(int dummy)
{
- static struct cli_state *cli;
+ static struct cli_state cli;
const char *fname = "\\lockt2.lck";
int fnum1, fnum2, fnum3;
BOOL correct = True;
@@ -1181,117 +1084,117 @@ static BOOL run_locktest2(int dummy)
return False;
}
- cli_sockopt(cli, sockops);
+ cli_sockopt(&cli, sockops);
printf("starting locktest2\n");
- cli_unlink(cli, fname);
+ cli_unlink(&cli, fname);
- cli_setpid(cli, 1);
+ cli_setpid(&cli, 1);
- fnum1 = cli_open(cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ fnum1 = cli_open(&cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli));
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli));
return False;
}
- fnum2 = cli_open(cli, fname, O_RDWR, DENY_NONE);
+ fnum2 = cli_open(&cli, fname, O_RDWR, DENY_NONE);
if (fnum2 == -1) {
- printf("open2 of %s failed (%s)\n", fname, cli_errstr(cli));
+ printf("open2 of %s failed (%s)\n", fname, cli_errstr(&cli));
return False;
}
- cli_setpid(cli, 2);
+ cli_setpid(&cli, 2);
- fnum3 = cli_open(cli, fname, O_RDWR, DENY_NONE);
+ fnum3 = cli_open(&cli, fname, O_RDWR, DENY_NONE);
if (fnum3 == -1) {
- printf("open3 of %s failed (%s)\n", fname, cli_errstr(cli));
+ printf("open3 of %s failed (%s)\n", fname, cli_errstr(&cli));
return False;
}
- cli_setpid(cli, 1);
+ cli_setpid(&cli, 1);
- if (!cli_lock(cli, fnum1, 0, 4, 0, WRITE_LOCK)) {
- printf("lock1 failed (%s)\n", cli_errstr(cli));
+ if (!cli_lock(&cli, fnum1, 0, 4, 0, WRITE_LOCK)) {
+ printf("lock1 failed (%s)\n", cli_errstr(&cli));
return False;
}
- if (cli_lock(cli, fnum1, 0, 4, 0, WRITE_LOCK)) {
+ if (cli_lock(&cli, fnum1, 0, 4, 0, WRITE_LOCK)) {
printf("WRITE lock1 succeeded! This is a locking bug\n");
correct = False;
} else {
- if (!check_error(__LINE__, cli, ERRDOS, ERRlock,
+ if (!check_error(__LINE__, &cli, ERRDOS, ERRlock,
NT_STATUS_LOCK_NOT_GRANTED)) return False;
}
- if (cli_lock(cli, fnum2, 0, 4, 0, WRITE_LOCK)) {
+ if (cli_lock(&cli, fnum2, 0, 4, 0, WRITE_LOCK)) {
printf("WRITE lock2 succeeded! This is a locking bug\n");
correct = False;
} else {
- if (!check_error(__LINE__, cli, ERRDOS, ERRlock,
+ if (!check_error(__LINE__, &cli, ERRDOS, ERRlock,
NT_STATUS_LOCK_NOT_GRANTED)) return False;
}
- if (cli_lock(cli, fnum2, 0, 4, 0, READ_LOCK)) {
+ if (cli_lock(&cli, fnum2, 0, 4, 0, READ_LOCK)) {
printf("READ lock2 succeeded! This is a locking bug\n");
correct = False;
} else {
- if (!check_error(__LINE__, cli, ERRDOS, ERRlock,
+ if (!check_error(__LINE__, &cli, ERRDOS, ERRlock,
NT_STATUS_FILE_LOCK_CONFLICT)) return False;
}
- if (!cli_lock(cli, fnum1, 100, 4, 0, WRITE_LOCK)) {
- printf("lock at 100 failed (%s)\n", cli_errstr(cli));
+ if (!cli_lock(&cli, fnum1, 100, 4, 0, WRITE_LOCK)) {
+ printf("lock at 100 failed (%s)\n", cli_errstr(&cli));
}
- cli_setpid(cli, 2);
- if (cli_unlock(cli, fnum1, 100, 4)) {
+ cli_setpid(&cli, 2);
+ if (cli_unlock(&cli, fnum1, 100, 4)) {
printf("unlock at 100 succeeded! This is a locking bug\n");
correct = False;
}
- if (cli_unlock(cli, fnum1, 0, 4)) {
+ if (cli_unlock(&cli, fnum1, 0, 4)) {
printf("unlock1 succeeded! This is a locking bug\n");
correct = False;
} else {
- if (!check_error(__LINE__, cli,
+ if (!check_error(__LINE__, &cli,
ERRDOS, ERRlock,
NT_STATUS_RANGE_NOT_LOCKED)) return False;
}
- if (cli_unlock(cli, fnum1, 0, 8)) {
+ if (cli_unlock(&cli, fnum1, 0, 8)) {
printf("unlock2 succeeded! This is a locking bug\n");
correct = False;
} else {
- if (!check_error(__LINE__, cli,
+ if (!check_error(__LINE__, &cli,
ERRDOS, ERRlock,
NT_STATUS_RANGE_NOT_LOCKED)) return False;
}
- if (cli_lock(cli, fnum3, 0, 4, 0, WRITE_LOCK)) {
+ if (cli_lock(&cli, fnum3, 0, 4, 0, WRITE_LOCK)) {
printf("lock3 succeeded! This is a locking bug\n");
correct = False;
} else {
- if (!check_error(__LINE__, cli, ERRDOS, ERRlock, NT_STATUS_LOCK_NOT_GRANTED)) return False;
+ if (!check_error(__LINE__, &cli, ERRDOS, ERRlock, NT_STATUS_LOCK_NOT_GRANTED)) return False;
}
- cli_setpid(cli, 1);
+ cli_setpid(&cli, 1);
- if (!cli_close(cli, fnum1)) {
- printf("close1 failed (%s)\n", cli_errstr(cli));
+ if (!cli_close(&cli, fnum1)) {
+ printf("close1 failed (%s)\n", cli_errstr(&cli));
return False;
}
- if (!cli_close(cli, fnum2)) {
- printf("close2 failed (%s)\n", cli_errstr(cli));
+ if (!cli_close(&cli, fnum2)) {
+ printf("close2 failed (%s)\n", cli_errstr(&cli));
return False;
}
- if (!cli_close(cli, fnum3)) {
- printf("close3 failed (%s)\n", cli_errstr(cli));
+ if (!cli_close(&cli, fnum3)) {
+ printf("close3 failed (%s)\n", cli_errstr(&cli));
return False;
}
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
@@ -1308,7 +1211,7 @@ static BOOL run_locktest2(int dummy)
*/
static BOOL run_locktest3(int dummy)
{
- static struct cli_state *cli1, *cli2;
+ static struct cli_state cli1, cli2;
const char *fname = "\\lockt3.lck";
int fnum1, fnum2, i;
uint32 offset;
@@ -1319,37 +1222,37 @@ static BOOL run_locktest3(int dummy)
if (!torture_open_connection(&cli1) || !torture_open_connection(&cli2)) {
return False;
}
- cli_sockopt(cli1, sockops);
- cli_sockopt(cli2, sockops);
+ cli_sockopt(&cli1, sockops);
+ cli_sockopt(&cli2, sockops);
printf("starting locktest3\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- fnum2 = cli_open(cli2, fname, O_RDWR, DENY_NONE);
+ fnum2 = cli_open(&cli2, fname, O_RDWR, DENY_NONE);
if (fnum2 == -1) {
- printf("open2 of %s failed (%s)\n", fname, cli_errstr(cli2));
+ printf("open2 of %s failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
for (offset=i=0;i<torture_numops;i++) {
NEXT_OFFSET;
- if (!cli_lock(cli1, fnum1, offset-1, 1, 0, WRITE_LOCK)) {
+ if (!cli_lock(&cli1, fnum1, offset-1, 1, 0, WRITE_LOCK)) {
printf("lock1 %d failed (%s)\n",
i,
- cli_errstr(cli1));
+ cli_errstr(&cli1));
return False;
}
- if (!cli_lock(cli2, fnum2, offset-2, 1, 0, WRITE_LOCK)) {
+ if (!cli_lock(&cli2, fnum2, offset-2, 1, 0, WRITE_LOCK)) {
printf("lock2 %d failed (%s)\n",
i,
- cli_errstr(cli1));
+ cli_errstr(&cli1));
return False;
}
}
@@ -1357,22 +1260,22 @@ static BOOL run_locktest3(int dummy)
for (offset=i=0;i<torture_numops;i++) {
NEXT_OFFSET;
- if (cli_lock(cli1, fnum1, offset-2, 1, 0, WRITE_LOCK)) {
+ if (cli_lock(&cli1, fnum1, offset-2, 1, 0, WRITE_LOCK)) {
printf("error: lock1 %d succeeded!\n", i);
return False;
}
- if (cli_lock(cli2, fnum2, offset-1, 1, 0, WRITE_LOCK)) {
+ if (cli_lock(&cli2, fnum2, offset-1, 1, 0, WRITE_LOCK)) {
printf("error: lock2 %d succeeded!\n", i);
return False;
}
- if (cli_lock(cli1, fnum1, offset-1, 1, 0, WRITE_LOCK)) {
+ if (cli_lock(&cli1, fnum1, offset-1, 1, 0, WRITE_LOCK)) {
printf("error: lock3 %d succeeded!\n", i);
return False;
}
- if (cli_lock(cli2, fnum2, offset-2, 1, 0, WRITE_LOCK)) {
+ if (cli_lock(&cli2, fnum2, offset-2, 1, 0, WRITE_LOCK)) {
printf("error: lock4 %d succeeded!\n", i);
return False;
}
@@ -1381,41 +1284,41 @@ static BOOL run_locktest3(int dummy)
for (offset=i=0;i<torture_numops;i++) {
NEXT_OFFSET;
- if (!cli_unlock(cli1, fnum1, offset-1, 1)) {
+ if (!cli_unlock(&cli1, fnum1, offset-1, 1)) {
printf("unlock1 %d failed (%s)\n",
i,
- cli_errstr(cli1));
+ cli_errstr(&cli1));
return False;
}
- if (!cli_unlock(cli2, fnum2, offset-2, 1)) {
+ if (!cli_unlock(&cli2, fnum2, offset-2, 1)) {
printf("unlock2 %d failed (%s)\n",
i,
- cli_errstr(cli1));
+ cli_errstr(&cli1));
return False;
}
}
- if (!cli_close(cli1, fnum1)) {
- printf("close1 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close1 failed (%s)\n", cli_errstr(&cli1));
return False;
}
- if (!cli_close(cli2, fnum2)) {
- printf("close2 failed (%s)\n", cli_errstr(cli2));
+ if (!cli_close(&cli2, fnum2)) {
+ printf("close2 failed (%s)\n", cli_errstr(&cli2));
return False;
}
- if (!cli_unlink(cli1, fname)) {
- printf("unlink failed (%s)\n", cli_errstr(cli1));
+ if (!cli_unlink(&cli1, fname)) {
+ printf("unlink failed (%s)\n", cli_errstr(&cli1));
return False;
}
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(&cli1)) {
correct = False;
}
- if (!torture_close_connection(cli2)) {
+ if (!torture_close_connection(&cli2)) {
correct = False;
}
@@ -1433,7 +1336,7 @@ static BOOL run_locktest3(int dummy)
*/
static BOOL run_locktest4(int dummy)
{
- static struct cli_state *cli1, *cli2;
+ static struct cli_state cli1, cli2;
const char *fname = "\\lockt4.lck";
int fnum1, fnum2, f;
BOOL ret;
@@ -1444,156 +1347,156 @@ static BOOL run_locktest4(int dummy)
return False;
}
- cli_sockopt(cli1, sockops);
- cli_sockopt(cli2, sockops);
+ cli_sockopt(&cli1, sockops);
+ cli_sockopt(&cli2, sockops);
printf("starting locktest4\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
- fnum2 = cli_open(cli2, fname, O_RDWR, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ fnum2 = cli_open(&cli2, fname, O_RDWR, DENY_NONE);
memset(buf, 0, sizeof(buf));
- if (cli_write(cli1, fnum1, 0, buf, 0, sizeof(buf)) != sizeof(buf)) {
+ if (cli_write(&cli1, fnum1, 0, buf, 0, sizeof(buf)) != sizeof(buf)) {
printf("Failed to create file\n");
correct = False;
goto fail;
}
- ret = cli_lock(cli1, fnum1, 0, 4, 0, WRITE_LOCK) &&
- cli_lock(cli1, fnum1, 2, 4, 0, WRITE_LOCK);
+ ret = cli_lock(&cli1, fnum1, 0, 4, 0, WRITE_LOCK) &&
+ cli_lock(&cli1, fnum1, 2, 4, 0, WRITE_LOCK);
EXPECTED(ret, False);
printf("the same process %s set overlapping write locks\n", ret?"can":"cannot");
- ret = cli_lock(cli1, fnum1, 10, 4, 0, READ_LOCK) &&
- cli_lock(cli1, fnum1, 12, 4, 0, READ_LOCK);
+ ret = cli_lock(&cli1, fnum1, 10, 4, 0, READ_LOCK) &&
+ cli_lock(&cli1, fnum1, 12, 4, 0, READ_LOCK);
EXPECTED(ret, True);
printf("the same process %s set overlapping read locks\n", ret?"can":"cannot");
- ret = cli_lock(cli1, fnum1, 20, 4, 0, WRITE_LOCK) &&
- cli_lock(cli2, fnum2, 22, 4, 0, WRITE_LOCK);
+ ret = cli_lock(&cli1, fnum1, 20, 4, 0, WRITE_LOCK) &&
+ cli_lock(&cli2, fnum2, 22, 4, 0, WRITE_LOCK);
EXPECTED(ret, False);
printf("a different connection %s set overlapping write locks\n", ret?"can":"cannot");
- ret = cli_lock(cli1, fnum1, 30, 4, 0, READ_LOCK) &&
- cli_lock(cli2, fnum2, 32, 4, 0, READ_LOCK);
+ ret = cli_lock(&cli1, fnum1, 30, 4, 0, READ_LOCK) &&
+ cli_lock(&cli2, fnum2, 32, 4, 0, READ_LOCK);
EXPECTED(ret, True);
printf("a different connection %s set overlapping read locks\n", ret?"can":"cannot");
- ret = (cli_setpid(cli1, 1), cli_lock(cli1, fnum1, 40, 4, 0, WRITE_LOCK)) &&
- (cli_setpid(cli1, 2), cli_lock(cli1, fnum1, 42, 4, 0, WRITE_LOCK));
+ ret = (cli_setpid(&cli1, 1), cli_lock(&cli1, fnum1, 40, 4, 0, WRITE_LOCK)) &&
+ (cli_setpid(&cli1, 2), cli_lock(&cli1, fnum1, 42, 4, 0, WRITE_LOCK));
EXPECTED(ret, False);
printf("a different pid %s set overlapping write locks\n", ret?"can":"cannot");
- ret = (cli_setpid(cli1, 1), cli_lock(cli1, fnum1, 50, 4, 0, READ_LOCK)) &&
- (cli_setpid(cli1, 2), cli_lock(cli1, fnum1, 52, 4, 0, READ_LOCK));
+ ret = (cli_setpid(&cli1, 1), cli_lock(&cli1, fnum1, 50, 4, 0, READ_LOCK)) &&
+ (cli_setpid(&cli1, 2), cli_lock(&cli1, fnum1, 52, 4, 0, READ_LOCK));
EXPECTED(ret, True);
printf("a different pid %s set overlapping read locks\n", ret?"can":"cannot");
- ret = cli_lock(cli1, fnum1, 60, 4, 0, READ_LOCK) &&
- cli_lock(cli1, fnum1, 60, 4, 0, READ_LOCK);
+ ret = cli_lock(&cli1, fnum1, 60, 4, 0, READ_LOCK) &&
+ cli_lock(&cli1, fnum1, 60, 4, 0, READ_LOCK);
EXPECTED(ret, True);
printf("the same process %s set the same read lock twice\n", ret?"can":"cannot");
- ret = cli_lock(cli1, fnum1, 70, 4, 0, WRITE_LOCK) &&
- cli_lock(cli1, fnum1, 70, 4, 0, WRITE_LOCK);
+ ret = cli_lock(&cli1, fnum1, 70, 4, 0, WRITE_LOCK) &&
+ cli_lock(&cli1, fnum1, 70, 4, 0, WRITE_LOCK);
EXPECTED(ret, False);
printf("the same process %s set the same write lock twice\n", ret?"can":"cannot");
- ret = cli_lock(cli1, fnum1, 80, 4, 0, READ_LOCK) &&
- cli_lock(cli1, fnum1, 80, 4, 0, WRITE_LOCK);
+ ret = cli_lock(&cli1, fnum1, 80, 4, 0, READ_LOCK) &&
+ cli_lock(&cli1, fnum1, 80, 4, 0, WRITE_LOCK);
EXPECTED(ret, False);
printf("the same process %s overlay a read lock with a write lock\n", ret?"can":"cannot");
- ret = cli_lock(cli1, fnum1, 90, 4, 0, WRITE_LOCK) &&
- cli_lock(cli1, fnum1, 90, 4, 0, READ_LOCK);
+ ret = cli_lock(&cli1, fnum1, 90, 4, 0, WRITE_LOCK) &&
+ cli_lock(&cli1, fnum1, 90, 4, 0, READ_LOCK);
EXPECTED(ret, True);
printf("the same process %s overlay a write lock with a read lock\n", ret?"can":"cannot");
- ret = (cli_setpid(cli1, 1), cli_lock(cli1, fnum1, 100, 4, 0, WRITE_LOCK)) &&
- (cli_setpid(cli1, 2), cli_lock(cli1, fnum1, 100, 4, 0, READ_LOCK));
+ ret = (cli_setpid(&cli1, 1), cli_lock(&cli1, fnum1, 100, 4, 0, WRITE_LOCK)) &&
+ (cli_setpid(&cli1, 2), cli_lock(&cli1, fnum1, 100, 4, 0, READ_LOCK));
EXPECTED(ret, False);
printf("a different pid %s overlay a write lock with a read lock\n", ret?"can":"cannot");
- ret = cli_lock(cli1, fnum1, 110, 4, 0, READ_LOCK) &&
- cli_lock(cli1, fnum1, 112, 4, 0, READ_LOCK) &&
- cli_unlock(cli1, fnum1, 110, 6);
+ ret = cli_lock(&cli1, fnum1, 110, 4, 0, READ_LOCK) &&
+ cli_lock(&cli1, fnum1, 112, 4, 0, READ_LOCK) &&
+ cli_unlock(&cli1, fnum1, 110, 6);
EXPECTED(ret, False);
printf("the same process %s coalesce read locks\n", ret?"can":"cannot");
- ret = cli_lock(cli1, fnum1, 120, 4, 0, WRITE_LOCK) &&
- (cli_read(cli2, fnum2, buf, 120, 4) == 4);
+ ret = cli_lock(&cli1, fnum1, 120, 4, 0, WRITE_LOCK) &&
+ (cli_read(&cli2, fnum2, buf, 120, 4) == 4);
EXPECTED(ret, False);
printf("this server %s strict write locking\n", ret?"doesn't do":"does");
- ret = cli_lock(cli1, fnum1, 130, 4, 0, READ_LOCK) &&
- (cli_write(cli2, fnum2, 0, buf, 130, 4) == 4);
+ ret = cli_lock(&cli1, fnum1, 130, 4, 0, READ_LOCK) &&
+ (cli_write(&cli2, fnum2, 0, buf, 130, 4) == 4);
EXPECTED(ret, False);
printf("this server %s strict read locking\n", ret?"doesn't do":"does");
- ret = cli_lock(cli1, fnum1, 140, 4, 0, READ_LOCK) &&
- cli_lock(cli1, fnum1, 140, 4, 0, READ_LOCK) &&
- cli_unlock(cli1, fnum1, 140, 4) &&
- cli_unlock(cli1, fnum1, 140, 4);
+ ret = cli_lock(&cli1, fnum1, 140, 4, 0, READ_LOCK) &&
+ cli_lock(&cli1, fnum1, 140, 4, 0, READ_LOCK) &&
+ cli_unlock(&cli1, fnum1, 140, 4) &&
+ cli_unlock(&cli1, fnum1, 140, 4);
EXPECTED(ret, True);
printf("this server %s do recursive read locking\n", ret?"does":"doesn't");
- ret = cli_lock(cli1, fnum1, 150, 4, 0, WRITE_LOCK) &&
- cli_lock(cli1, fnum1, 150, 4, 0, READ_LOCK) &&
- cli_unlock(cli1, fnum1, 150, 4) &&
- (cli_read(cli2, fnum2, buf, 150, 4) == 4) &&
- !(cli_write(cli2, fnum2, 0, buf, 150, 4) == 4) &&
- cli_unlock(cli1, fnum1, 150, 4);
+ ret = cli_lock(&cli1, fnum1, 150, 4, 0, WRITE_LOCK) &&
+ cli_lock(&cli1, fnum1, 150, 4, 0, READ_LOCK) &&
+ cli_unlock(&cli1, fnum1, 150, 4) &&
+ (cli_read(&cli2, fnum2, buf, 150, 4) == 4) &&
+ !(cli_write(&cli2, fnum2, 0, buf, 150, 4) == 4) &&
+ cli_unlock(&cli1, fnum1, 150, 4);
EXPECTED(ret, True);
printf("this server %s do recursive lock overlays\n", ret?"does":"doesn't");
- ret = cli_lock(cli1, fnum1, 160, 4, 0, READ_LOCK) &&
- cli_unlock(cli1, fnum1, 160, 4) &&
- (cli_write(cli2, fnum2, 0, buf, 160, 4) == 4) &&
- (cli_read(cli2, fnum2, buf, 160, 4) == 4);
+ ret = cli_lock(&cli1, fnum1, 160, 4, 0, READ_LOCK) &&
+ cli_unlock(&cli1, fnum1, 160, 4) &&
+ (cli_write(&cli2, fnum2, 0, buf, 160, 4) == 4) &&
+ (cli_read(&cli2, fnum2, buf, 160, 4) == 4);
EXPECTED(ret, True);
printf("the same process %s remove a read lock using write locking\n", ret?"can":"cannot");
- ret = cli_lock(cli1, fnum1, 170, 4, 0, WRITE_LOCK) &&
- cli_unlock(cli1, fnum1, 170, 4) &&
- (cli_write(cli2, fnum2, 0, buf, 170, 4) == 4) &&
- (cli_read(cli2, fnum2, buf, 170, 4) == 4);
+ ret = cli_lock(&cli1, fnum1, 170, 4, 0, WRITE_LOCK) &&
+ cli_unlock(&cli1, fnum1, 170, 4) &&
+ (cli_write(&cli2, fnum2, 0, buf, 170, 4) == 4) &&
+ (cli_read(&cli2, fnum2, buf, 170, 4) == 4);
EXPECTED(ret, True);
printf("the same process %s remove a write lock using read locking\n", ret?"can":"cannot");
- ret = cli_lock(cli1, fnum1, 190, 4, 0, WRITE_LOCK) &&
- cli_lock(cli1, fnum1, 190, 4, 0, READ_LOCK) &&
- cli_unlock(cli1, fnum1, 190, 4) &&
- !(cli_write(cli2, fnum2, 0, buf, 190, 4) == 4) &&
- (cli_read(cli2, fnum2, buf, 190, 4) == 4);
+ ret = cli_lock(&cli1, fnum1, 190, 4, 0, WRITE_LOCK) &&
+ cli_lock(&cli1, fnum1, 190, 4, 0, READ_LOCK) &&
+ cli_unlock(&cli1, fnum1, 190, 4) &&
+ !(cli_write(&cli2, fnum2, 0, buf, 190, 4) == 4) &&
+ (cli_read(&cli2, fnum2, buf, 190, 4) == 4);
EXPECTED(ret, True);
printf("the same process %s remove the first lock first\n", ret?"does":"doesn't");
- cli_close(cli1, fnum1);
- cli_close(cli2, fnum2);
- fnum1 = cli_open(cli1, fname, O_RDWR, DENY_NONE);
- f = cli_open(cli1, fname, O_RDWR, DENY_NONE);
- ret = cli_lock(cli1, fnum1, 0, 8, 0, READ_LOCK) &&
- cli_lock(cli1, f, 0, 1, 0, READ_LOCK) &&
- cli_close(cli1, fnum1) &&
- ((fnum1 = cli_open(cli1, fname, O_RDWR, DENY_NONE)) != -1) &&
- cli_lock(cli1, fnum1, 7, 1, 0, WRITE_LOCK);
- cli_close(cli1, f);
- cli_close(cli1, fnum1);
+ cli_close(&cli1, fnum1);
+ cli_close(&cli2, fnum2);
+ fnum1 = cli_open(&cli1, fname, O_RDWR, DENY_NONE);
+ f = cli_open(&cli1, fname, O_RDWR, DENY_NONE);
+ ret = cli_lock(&cli1, fnum1, 0, 8, 0, READ_LOCK) &&
+ cli_lock(&cli1, f, 0, 1, 0, READ_LOCK) &&
+ cli_close(&cli1, fnum1) &&
+ ((fnum1 = cli_open(&cli1, fname, O_RDWR, DENY_NONE)) != -1) &&
+ cli_lock(&cli1, fnum1, 7, 1, 0, WRITE_LOCK);
+ cli_close(&cli1, f);
+ cli_close(&cli1, fnum1);
EXPECTED(ret, True);
printf("the server %s have the NT byte range lock bug\n", !ret?"does":"doesn't");
fail:
- cli_close(cli1, fnum1);
- cli_close(cli2, fnum2);
- cli_unlink(cli1, fname);
- torture_close_connection(cli1);
- torture_close_connection(cli2);
+ cli_close(&cli1, fnum1);
+ cli_close(&cli2, fnum2);
+ cli_unlink(&cli1, fname);
+ torture_close_connection(&cli1);
+ torture_close_connection(&cli2);
printf("finished locktest4\n");
return correct;
@@ -1604,7 +1507,7 @@ static BOOL run_locktest4(int dummy)
*/
static BOOL run_locktest5(int dummy)
{
- static struct cli_state *cli1, *cli2;
+ static struct cli_state cli1, cli2;
const char *fname = "\\lockt5.lck";
int fnum1, fnum2, fnum3;
BOOL ret;
@@ -1615,61 +1518,61 @@ static BOOL run_locktest5(int dummy)
return False;
}
- cli_sockopt(cli1, sockops);
- cli_sockopt(cli2, sockops);
+ cli_sockopt(&cli1, sockops);
+ cli_sockopt(&cli2, sockops);
printf("starting locktest5\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
- fnum2 = cli_open(cli2, fname, O_RDWR, DENY_NONE);
- fnum3 = cli_open(cli1, fname, O_RDWR, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ fnum2 = cli_open(&cli2, fname, O_RDWR, DENY_NONE);
+ fnum3 = cli_open(&cli1, fname, O_RDWR, DENY_NONE);
memset(buf, 0, sizeof(buf));
- if (cli_write(cli1, fnum1, 0, buf, 0, sizeof(buf)) != sizeof(buf)) {
+ if (cli_write(&cli1, fnum1, 0, buf, 0, sizeof(buf)) != sizeof(buf)) {
printf("Failed to create file\n");
correct = False;
goto fail;
}
/* Check for NT bug... */
- ret = cli_lock(cli1, fnum1, 0, 8, 0, READ_LOCK) &&
- cli_lock(cli1, fnum3, 0, 1, 0, READ_LOCK);
- cli_close(cli1, fnum1);
- fnum1 = cli_open(cli1, fname, O_RDWR, DENY_NONE);
- ret = cli_lock(cli1, fnum1, 7, 1, 0, WRITE_LOCK);
+ ret = cli_lock(&cli1, fnum1, 0, 8, 0, READ_LOCK) &&
+ cli_lock(&cli1, fnum3, 0, 1, 0, READ_LOCK);
+ cli_close(&cli1, fnum1);
+ fnum1 = cli_open(&cli1, fname, O_RDWR, DENY_NONE);
+ ret = cli_lock(&cli1, fnum1, 7, 1, 0, WRITE_LOCK);
EXPECTED(ret, True);
printf("this server %s the NT locking bug\n", ret ? "doesn't have" : "has");
- cli_close(cli1, fnum1);
- fnum1 = cli_open(cli1, fname, O_RDWR, DENY_NONE);
- cli_unlock(cli1, fnum3, 0, 1);
+ cli_close(&cli1, fnum1);
+ fnum1 = cli_open(&cli1, fname, O_RDWR, DENY_NONE);
+ cli_unlock(&cli1, fnum3, 0, 1);
- ret = cli_lock(cli1, fnum1, 0, 4, 0, WRITE_LOCK) &&
- cli_lock(cli1, fnum1, 1, 1, 0, READ_LOCK);
+ ret = cli_lock(&cli1, fnum1, 0, 4, 0, WRITE_LOCK) &&
+ cli_lock(&cli1, fnum1, 1, 1, 0, READ_LOCK);
EXPECTED(ret, True);
printf("the same process %s overlay a write with a read lock\n", ret?"can":"cannot");
- ret = cli_lock(cli2, fnum2, 0, 4, 0, READ_LOCK);
+ ret = cli_lock(&cli2, fnum2, 0, 4, 0, READ_LOCK);
EXPECTED(ret, False);
printf("a different processs %s get a read lock on the first process lock stack\n", ret?"can":"cannot");
/* Unlock the process 2 lock. */
- cli_unlock(cli2, fnum2, 0, 4);
+ cli_unlock(&cli2, fnum2, 0, 4);
- ret = cli_lock(cli1, fnum3, 0, 4, 0, READ_LOCK);
+ ret = cli_lock(&cli1, fnum3, 0, 4, 0, READ_LOCK);
EXPECTED(ret, False);
printf("the same processs on a different fnum %s get a read lock\n", ret?"can":"cannot");
/* Unlock the process 1 fnum3 lock. */
- cli_unlock(cli1, fnum3, 0, 4);
+ cli_unlock(&cli1, fnum3, 0, 4);
/* Stack 2 more locks here. */
- ret = cli_lock(cli1, fnum1, 0, 4, 0, READ_LOCK) &&
- cli_lock(cli1, fnum1, 0, 4, 0, READ_LOCK);
+ ret = cli_lock(&cli1, fnum1, 0, 4, 0, READ_LOCK) &&
+ cli_lock(&cli1, fnum1, 0, 4, 0, READ_LOCK);
EXPECTED(ret, True);
printf("the same process %s stack read locks\n", ret?"can":"cannot");
@@ -1677,44 +1580,44 @@ static BOOL run_locktest5(int dummy)
/* Unlock the first process lock, then check this was the WRITE lock that was
removed. */
- ret = cli_unlock(cli1, fnum1, 0, 4) &&
- cli_lock(cli2, fnum2, 0, 4, 0, READ_LOCK);
+ ret = cli_unlock(&cli1, fnum1, 0, 4) &&
+ cli_lock(&cli2, fnum2, 0, 4, 0, READ_LOCK);
EXPECTED(ret, True);
printf("the first unlock removes the %s lock\n", ret?"WRITE":"READ");
/* Unlock the process 2 lock. */
- cli_unlock(cli2, fnum2, 0, 4);
+ cli_unlock(&cli2, fnum2, 0, 4);
/* We should have 3 stacked locks here. Ensure we need to do 3 unlocks. */
- ret = cli_unlock(cli1, fnum1, 1, 1) &&
- cli_unlock(cli1, fnum1, 0, 4) &&
- cli_unlock(cli1, fnum1, 0, 4);
+ ret = cli_unlock(&cli1, fnum1, 1, 1) &&
+ cli_unlock(&cli1, fnum1, 0, 4) &&
+ cli_unlock(&cli1, fnum1, 0, 4);
EXPECTED(ret, True);
printf("the same process %s unlock the stack of 4 locks\n", ret?"can":"cannot");
/* Ensure the next unlock fails. */
- ret = cli_unlock(cli1, fnum1, 0, 4);
+ ret = cli_unlock(&cli1, fnum1, 0, 4);
EXPECTED(ret, False);
printf("the same process %s count the lock stack\n", !ret?"can":"cannot");
/* Ensure connection 2 can get a write lock. */
- ret = cli_lock(cli2, fnum2, 0, 4, 0, WRITE_LOCK);
+ ret = cli_lock(&cli2, fnum2, 0, 4, 0, WRITE_LOCK);
EXPECTED(ret, True);
printf("a different processs %s get a write lock on the unlocked stack\n", ret?"can":"cannot");
fail:
- cli_close(cli1, fnum1);
- cli_close(cli2, fnum2);
- cli_unlink(cli1, fname);
- if (!torture_close_connection(cli1)) {
+ cli_close(&cli1, fnum1);
+ cli_close(&cli2, fnum2);
+ cli_unlink(&cli1, fname);
+ if (!torture_close_connection(&cli1)) {
correct = False;
}
- if (!torture_close_connection(cli2)) {
+ if (!torture_close_connection(&cli2)) {
correct = False;
}
@@ -1728,7 +1631,7 @@ static BOOL run_locktest5(int dummy)
*/
static BOOL run_locktest6(int dummy)
{
- static struct cli_state *cli;
+ static struct cli_state cli;
const char *fname[1] = { "\\lock6.txt" };
int i;
int fnum;
@@ -1738,174 +1641,41 @@ static BOOL run_locktest6(int dummy)
return False;
}
- cli_sockopt(cli, sockops);
+ cli_sockopt(&cli, sockops);
printf("starting locktest6\n");
for (i=0;i<1;i++) {
printf("Testing %s\n", fname[i]);
- cli_unlink(cli, fname[i]);
+ cli_unlink(&cli, fname[i]);
- fnum = cli_open(cli, fname[i], O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
- status = cli_locktype(cli, fnum, 0, 8, 0, LOCKING_ANDX_CHANGE_LOCKTYPE);
- cli_close(cli, fnum);
+ fnum = cli_open(&cli, fname[i], O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ status = cli_locktype(&cli, fnum, 0, 8, 0, LOCKING_ANDX_CHANGE_LOCKTYPE);
+ cli_close(&cli, fnum);
printf("CHANGE_LOCKTYPE gave %s\n", nt_errstr(status));
- fnum = cli_open(cli, fname[i], O_RDWR, DENY_NONE);
- status = cli_locktype(cli, fnum, 0, 8, 0, LOCKING_ANDX_CANCEL_LOCK);
- cli_close(cli, fnum);
+ fnum = cli_open(&cli, fname[i], O_RDWR, DENY_NONE);
+ status = cli_locktype(&cli, fnum, 0, 8, 0, LOCKING_ANDX_CANCEL_LOCK);
+ cli_close(&cli, fnum);
printf("CANCEL_LOCK gave %s\n", nt_errstr(status));
- cli_unlink(cli, fname[i]);
+ cli_unlink(&cli, fname[i]);
}
- torture_close_connection(cli);
+ torture_close_connection(&cli);
printf("finished locktest6\n");
return True;
}
-static BOOL run_locktest7(int dummy)
-{
- struct cli_state *cli1;
- const char *fname = "\\lockt7.lck";
- int fnum1;
- char buf[200];
- BOOL correct = False;
-
- if (!torture_open_connection(&cli1)) {
- return False;
- }
-
- cli_sockopt(cli1, sockops);
-
- printf("starting locktest7\n");
-
- cli_unlink(cli1, fname);
-
- fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
-
- memset(buf, 0, sizeof(buf));
-
- if (cli_write(cli1, fnum1, 0, buf, 0, sizeof(buf)) != sizeof(buf)) {
- printf("Failed to create file\n");
- goto fail;
- }
-
- cli_setpid(cli1, 1);
-
- if (!cli_lock(cli1, fnum1, 130, 4, 0, READ_LOCK)) {
- printf("Unable to apply read lock on range 130:4, error was %s\n", cli_errstr(cli1));
- goto fail;
- } else {
- printf("pid1 successfully locked range 130:4 for READ\n");
- }
-
- if (cli_read(cli1, fnum1, buf, 130, 4) != 4) {
- printf("pid1 unable to read the range 130:4, error was %s\n", cli_errstr(cli1));
- goto fail;
- } else {
- printf("pid1 successfully read the range 130:4\n");
- }
-
- if (cli_write(cli1, fnum1, 0, buf, 130, 4) != 4) {
- printf("pid1 unable to write to the range 130:4, error was %s\n", cli_errstr(cli1));
- if (NT_STATUS_V(cli_nt_error(cli1)) != NT_STATUS_V(NT_STATUS_FILE_LOCK_CONFLICT)) {
- printf("Incorrect error (should be NT_STATUS_FILE_LOCK_CONFLICT)\n");
- goto fail;
- }
- } else {
- printf("pid1 successfully wrote to the range 130:4 (should be denied)\n");
- goto fail;
- }
-
- cli_setpid(cli1, 2);
-
- if (cli_read(cli1, fnum1, buf, 130, 4) != 4) {
- printf("pid2 unable to read the range 130:4, error was %s\n", cli_errstr(cli1));
- } else {
- printf("pid2 successfully read the range 130:4\n");
- }
-
- if (cli_write(cli1, fnum1, 0, buf, 130, 4) != 4) {
- printf("pid2 unable to write to the range 130:4, error was %s\n", cli_errstr(cli1));
- if (NT_STATUS_V(cli_nt_error(cli1)) != NT_STATUS_V(NT_STATUS_FILE_LOCK_CONFLICT)) {
- printf("Incorrect error (should be NT_STATUS_FILE_LOCK_CONFLICT)\n");
- goto fail;
- }
- } else {
- printf("pid2 successfully wrote to the range 130:4 (should be denied)\n");
- goto fail;
- }
-
- cli_setpid(cli1, 1);
- cli_unlock(cli1, fnum1, 130, 4);
-
- if (!cli_lock(cli1, fnum1, 130, 4, 0, WRITE_LOCK)) {
- printf("Unable to apply write lock on range 130:4, error was %s\n", cli_errstr(cli1));
- goto fail;
- } else {
- printf("pid1 successfully locked range 130:4 for WRITE\n");
- }
-
- if (cli_read(cli1, fnum1, buf, 130, 4) != 4) {
- printf("pid1 unable to read the range 130:4, error was %s\n", cli_errstr(cli1));
- goto fail;
- } else {
- printf("pid1 successfully read the range 130:4\n");
- }
-
- if (cli_write(cli1, fnum1, 0, buf, 130, 4) != 4) {
- printf("pid1 unable to write to the range 130:4, error was %s\n", cli_errstr(cli1));
- goto fail;
- } else {
- printf("pid1 successfully wrote to the range 130:4\n");
- }
-
- cli_setpid(cli1, 2);
-
- if (cli_read(cli1, fnum1, buf, 130, 4) != 4) {
- printf("pid2 unable to read the range 130:4, error was %s\n", cli_errstr(cli1));
- if (NT_STATUS_V(cli_nt_error(cli1)) != NT_STATUS_V(NT_STATUS_FILE_LOCK_CONFLICT)) {
- printf("Incorrect error (should be NT_STATUS_FILE_LOCK_CONFLICT)\n");
- goto fail;
- }
- } else {
- printf("pid2 successfully read the range 130:4 (should be denied)\n");
- goto fail;
- }
-
- if (cli_write(cli1, fnum1, 0, buf, 130, 4) != 4) {
- printf("pid2 unable to write to the range 130:4, error was %s\n", cli_errstr(cli1));
- if (NT_STATUS_V(cli_nt_error(cli1)) != NT_STATUS_V(NT_STATUS_FILE_LOCK_CONFLICT)) {
- printf("Incorrect error (should be NT_STATUS_FILE_LOCK_CONFLICT)\n");
- goto fail;
- }
- } else {
- printf("pid2 successfully wrote to the range 130:4 (should be denied)\n");
- goto fail;
- }
-
- cli_unlock(cli1, fnum1, 130, 0);
- correct = True;
-
-fail:
- cli_close(cli1, fnum1);
- cli_unlink(cli1, fname);
- torture_close_connection(cli1);
-
- printf("finished locktest7\n");
- return correct;
-}
-
/*
test whether fnums and tids open on one VC are available on another (a major
security hole)
*/
static BOOL run_fdpasstest(int dummy)
{
- struct cli_state *cli1, *cli2;
+ static struct cli_state cli1, cli2, cli3;
const char *fname = "\\fdpass.tst";
int fnum1;
pstring buf;
@@ -1913,125 +1683,45 @@ static BOOL run_fdpasstest(int dummy)
if (!torture_open_connection(&cli1) || !torture_open_connection(&cli2)) {
return False;
}
- cli_sockopt(cli1, sockops);
- cli_sockopt(cli2, sockops);
+ cli_sockopt(&cli1, sockops);
+ cli_sockopt(&cli2, sockops);
printf("starting fdpasstest\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- if (cli_write(cli1, fnum1, 0, "hello world\n", 0, 13) != 13) {
- printf("write failed (%s)\n", cli_errstr(cli1));
+ if (cli_write(&cli1, fnum1, 0, "hello world\n", 0, 13) != 13) {
+ printf("write failed (%s)\n", cli_errstr(&cli1));
return False;
}
- cli2->vuid = cli1->vuid;
- cli2->cnum = cli1->cnum;
- cli2->pid = cli1->pid;
+ cli3 = cli2;
+ cli3.vuid = cli1.vuid;
+ cli3.cnum = cli1.cnum;
+ cli3.pid = cli1.pid;
- if (cli_read(cli2, fnum1, buf, 0, 13) == 13) {
+ if (cli_read(&cli3, fnum1, buf, 0, 13) == 13) {
printf("read succeeded! nasty security hole [%s]\n",
buf);
return False;
}
- cli_close(cli1, fnum1);
- cli_unlink(cli1, fname);
+ cli_close(&cli1, fnum1);
+ cli_unlink(&cli1, fname);
- torture_close_connection(cli1);
- torture_close_connection(cli2);
+ torture_close_connection(&cli1);
+ torture_close_connection(&cli2);
printf("finished fdpasstest\n");
return True;
}
-static BOOL run_fdsesstest(int dummy)
-{
- struct cli_state *cli;
- uint16 new_vuid;
- uint16 saved_vuid;
- uint16 new_cnum;
- uint16 saved_cnum;
- const char *fname = "\\fdsess.tst";
- const char *fname1 = "\\fdsess1.tst";
- int fnum1;
- int fnum2;
- pstring buf;
- BOOL ret = True;
-
- if (!torture_open_connection(&cli))
- return False;
- cli_sockopt(cli, sockops);
-
- if (!torture_cli_session_setup2(cli, &new_vuid))
- return False;
-
- saved_cnum = cli->cnum;
- if (!cli_send_tconX(cli, share, "?????", "", 1))
- return False;
- new_cnum = cli->cnum;
- cli->cnum = saved_cnum;
-
- printf("starting fdsesstest\n");
-
- cli_unlink(cli, fname);
- cli_unlink(cli, fname1);
-
- fnum1 = cli_open(cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
- if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli));
- return False;
- }
-
- if (cli_write(cli, fnum1, 0, "hello world\n", 0, 13) != 13) {
- printf("write failed (%s)\n", cli_errstr(cli));
- return False;
- }
-
- saved_vuid = cli->vuid;
- cli->vuid = new_vuid;
-
- if (cli_read(cli, fnum1, buf, 0, 13) == 13) {
- printf("read succeeded with different vuid! nasty security hole [%s]\n",
- buf);
- ret = False;
- }
- /* Try to open a file with different vuid, samba cnum. */
- fnum2 = cli_open(cli, fname1, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
- if (fnum2 != -1) {
- printf("create with different vuid, same cnum succeeded.\n");
- cli_close(cli, fnum2);
- cli_unlink(cli, fname1);
- } else {
- printf("create with different vuid, same cnum failed.\n");
- }
-
- cli->vuid = saved_vuid;
-
- /* Try with same vuid, different cnum. */
- cli->cnum = new_cnum;
-
- if (cli_read(cli, fnum1, buf, 0, 13) == 13) {
- printf("read succeeded with different cnum![%s]\n",
- buf);
- ret = False;
- }
-
- cli->cnum = saved_cnum;
- cli_close(cli, fnum1);
- cli_unlink(cli, fname);
-
- torture_close_connection(cli);
-
- printf("finished fdsesstest\n");
- return ret;
-}
/*
This test checks that
@@ -2040,7 +1730,7 @@ static BOOL run_fdsesstest(int dummy)
*/
static BOOL run_unlinktest(int dummy)
{
- struct cli_state *cli;
+ static struct cli_state cli;
const char *fname = "\\unlink.tst";
int fnum;
BOOL correct = True;
@@ -2049,32 +1739,32 @@ static BOOL run_unlinktest(int dummy)
return False;
}
- cli_sockopt(cli, sockops);
+ cli_sockopt(&cli, sockops);
printf("starting unlink test\n");
- cli_unlink(cli, fname);
+ cli_unlink(&cli, fname);
- cli_setpid(cli, 1);
+ cli_setpid(&cli, 1);
- fnum = cli_open(cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ fnum = cli_open(&cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli));
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli));
return False;
}
- if (cli_unlink(cli, fname)) {
+ if (cli_unlink(&cli, fname)) {
printf("error: server allowed unlink on an open file\n");
correct = False;
} else {
- correct = check_error(__LINE__, cli, ERRDOS, ERRbadshare,
+ correct = check_error(__LINE__, &cli, ERRDOS, ERRbadshare,
NT_STATUS_SHARING_VIOLATION);
}
- cli_close(cli, fnum);
- cli_unlink(cli, fname);
+ cli_close(&cli, fnum);
+ cli_unlink(&cli, fname);
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
@@ -2089,7 +1779,7 @@ test how many open files this server supports on the one socket
*/
static BOOL run_maxfidtest(int dummy)
{
- struct cli_state *cli;
+ static struct cli_state cli;
const char *template = "\\maxfid.%d.%d";
fstring fname;
int fnums[0x11000], i;
@@ -2103,15 +1793,15 @@ static BOOL run_maxfidtest(int dummy)
return False;
}
- cli_sockopt(cli, sockops);
+ cli_sockopt(&cli, sockops);
for (i=0; i<0x11000; i++) {
slprintf(fname,sizeof(fname)-1,template, i,(int)getpid());
- if ((fnums[i] = cli_open(cli, fname,
+ if ((fnums[i] = cli_open(&cli, fname,
O_RDWR|O_CREAT|O_TRUNC, DENY_NONE)) ==
-1) {
printf("open of %s failed (%s)\n",
- fname, cli_errstr(cli));
+ fname, cli_errstr(&cli));
printf("maximum fnum is %d\n", i);
break;
}
@@ -2123,10 +1813,10 @@ static BOOL run_maxfidtest(int dummy)
printf("cleaning up\n");
for (;i>=0;i--) {
slprintf(fname,sizeof(fname)-1,template, i,(int)getpid());
- cli_close(cli, fnums[i]);
- if (!cli_unlink(cli, fname)) {
+ cli_close(&cli, fnums[i]);
+ if (!cli_unlink(&cli, fname)) {
printf("unlink of %s failed (%s)\n",
- fname, cli_errstr(cli));
+ fname, cli_errstr(&cli));
correct = False;
}
printf("%6d\r", i);
@@ -2134,7 +1824,7 @@ static BOOL run_maxfidtest(int dummy)
printf("%6d\n", 0);
printf("maxfid test finished\n");
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
return correct;
@@ -2184,7 +1874,7 @@ static BOOL run_randomipc(int dummy)
int rdrcnt,rprcnt;
pstring param;
int api, param_len, i;
- struct cli_state *cli;
+ static struct cli_state cli;
BOOL correct = True;
int count = 50000;
@@ -2202,7 +1892,7 @@ static BOOL run_randomipc(int dummy)
SSVAL(param,0,api);
- cli_api(cli,
+ cli_api(&cli,
param, param_len, 8,
NULL, 0, BUFFER_SIZE,
&rparam, &rprcnt,
@@ -2213,7 +1903,7 @@ static BOOL run_randomipc(int dummy)
}
printf("%d/%d\n", i, count);
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
@@ -2238,7 +1928,7 @@ static void browse_callback(const char *sname, uint32 stype,
*/
static BOOL run_browsetest(int dummy)
{
- static struct cli_state *cli;
+ static struct cli_state cli;
BOOL correct = True;
printf("starting browse test\n");
@@ -2248,16 +1938,16 @@ static BOOL run_browsetest(int dummy)
}
printf("domain list:\n");
- cli_NetServerEnum(cli, cli->server_domain,
+ cli_NetServerEnum(&cli, cli.server_domain,
SV_TYPE_DOMAIN_ENUM,
browse_callback, NULL);
printf("machine list:\n");
- cli_NetServerEnum(cli, cli->server_domain,
+ cli_NetServerEnum(&cli, cli.server_domain,
SV_TYPE_ALL,
browse_callback, NULL);
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
@@ -2273,10 +1963,10 @@ static BOOL run_browsetest(int dummy)
*/
static BOOL run_attrtest(int dummy)
{
- struct cli_state *cli;
+ static struct cli_state cli;
int fnum;
time_t t, t2;
- const char *fname = "\\attrib123456789.tst";
+ const char *fname = "\\attrib.tst";
BOOL correct = True;
printf("starting attrib test\n");
@@ -2285,12 +1975,12 @@ static BOOL run_attrtest(int dummy)
return False;
}
- cli_unlink(cli, fname);
- fnum = cli_open(cli, fname,
+ cli_unlink(&cli, fname);
+ fnum = cli_open(&cli, fname,
O_RDWR | O_CREAT | O_TRUNC, DENY_NONE);
- cli_close(cli, fnum);
- if (!cli_getatr(cli, fname, NULL, NULL, &t)) {
- printf("getatr failed (%s)\n", cli_errstr(cli));
+ cli_close(&cli, fnum);
+ if (!cli_getatr(&cli, fname, NULL, NULL, &t)) {
+ printf("getatr failed (%s)\n", cli_errstr(&cli));
correct = False;
}
@@ -2303,13 +1993,13 @@ static BOOL run_attrtest(int dummy)
t2 = t-60*60*24; /* 1 day ago */
- if (!cli_setatr(cli, fname, 0, t2)) {
- printf("setatr failed (%s)\n", cli_errstr(cli));
+ if (!cli_setatr(&cli, fname, 0, t2)) {
+ printf("setatr failed (%s)\n", cli_errstr(&cli));
correct = True;
}
- if (!cli_getatr(cli, fname, NULL, NULL, &t)) {
- printf("getatr failed (%s)\n", cli_errstr(cli));
+ if (!cli_getatr(&cli, fname, NULL, NULL, &t)) {
+ printf("getatr failed (%s)\n", cli_errstr(&cli));
correct = True;
}
@@ -2320,9 +2010,9 @@ static BOOL run_attrtest(int dummy)
correct = True;
}
- cli_unlink(cli, fname);
+ cli_unlink(&cli, fname);
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
@@ -2337,7 +2027,7 @@ static BOOL run_attrtest(int dummy)
*/
static BOOL run_trans2test(int dummy)
{
- struct cli_state *cli;
+ static struct cli_state cli;
int fnum;
size_t size;
time_t c_time, a_time, m_time, w_time, m_time2;
@@ -2353,17 +2043,17 @@ static BOOL run_trans2test(int dummy)
return False;
}
- cli_unlink(cli, fname);
- fnum = cli_open(cli, fname,
+ cli_unlink(&cli, fname);
+ fnum = cli_open(&cli, fname,
O_RDWR | O_CREAT | O_TRUNC, DENY_NONE);
- if (!cli_qfileinfo(cli, fnum, NULL, &size, &c_time, &a_time, &m_time,
+ if (!cli_qfileinfo(&cli, fnum, NULL, &size, &c_time, &a_time, &m_time,
NULL, NULL)) {
- printf("ERROR: qfileinfo failed (%s)\n", cli_errstr(cli));
+ printf("ERROR: qfileinfo failed (%s)\n", cli_errstr(&cli));
correct = False;
}
- if (!cli_qfilename(cli, fnum, pname)) {
- printf("ERROR: qfilename failed (%s)\n", cli_errstr(cli));
+ if (!cli_qfilename(&cli, fnum, pname)) {
+ printf("ERROR: qfilename failed (%s)\n", cli_errstr(&cli));
correct = False;
}
@@ -2373,27 +2063,28 @@ static BOOL run_trans2test(int dummy)
correct = False;
}
- cli_close(cli, fnum);
+ cli_close(&cli, fnum);
sleep(2);
- cli_unlink(cli, fname);
- fnum = cli_open(cli, fname,
+ cli_unlink(&cli, fname);
+ fnum = cli_open(&cli, fname,
O_RDWR | O_CREAT | O_TRUNC, DENY_NONE);
if (fnum == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli));
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli));
return False;
}
- cli_close(cli, fnum);
+ cli_close(&cli, fnum);
- if (!cli_qpathinfo(cli, fname, &c_time, &a_time, &m_time, &size, NULL)) {
- printf("ERROR: qpathinfo failed (%s)\n", cli_errstr(cli));
+ if (!cli_qpathinfo(&cli, fname, &c_time, &a_time, &m_time, &size, NULL)) {
+ printf("ERROR: qpathinfo failed (%s)\n", cli_errstr(&cli));
correct = False;
} else {
if (c_time != m_time) {
printf("create time=%s", ctime(&c_time));
printf("modify time=%s", ctime(&m_time));
printf("This system appears to have sticky create times\n");
+ correct = False;
}
if (a_time % (60*60) == 0) {
printf("access time=%s", ctime(&a_time));
@@ -2408,13 +2099,13 @@ static BOOL run_trans2test(int dummy)
}
- cli_unlink(cli, fname);
- fnum = cli_open(cli, fname,
+ cli_unlink(&cli, fname);
+ fnum = cli_open(&cli, fname,
O_RDWR | O_CREAT | O_TRUNC, DENY_NONE);
- cli_close(cli, fnum);
- if (!cli_qpathinfo2(cli, fname, &c_time, &a_time, &m_time,
+ cli_close(&cli, fnum);
+ if (!cli_qpathinfo2(&cli, fname, &c_time, &a_time, &m_time,
&w_time, &size, NULL, NULL)) {
- printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(cli));
+ printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli));
correct = False;
} else {
if (w_time < 60*60*24*2) {
@@ -2424,29 +2115,29 @@ static BOOL run_trans2test(int dummy)
}
}
- cli_unlink(cli, fname);
+ cli_unlink(&cli, fname);
/* check if the server updates the directory modification time
when creating a new file */
- if (!cli_mkdir(cli, dname)) {
- printf("ERROR: mkdir failed (%s)\n", cli_errstr(cli));
+ if (!cli_mkdir(&cli, dname)) {
+ printf("ERROR: mkdir failed (%s)\n", cli_errstr(&cli));
correct = False;
}
sleep(3);
- if (!cli_qpathinfo2(cli, "\\trans2\\", &c_time, &a_time, &m_time,
+ if (!cli_qpathinfo2(&cli, "\\trans2\\", &c_time, &a_time, &m_time,
&w_time, &size, NULL, NULL)) {
- printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(cli));
+ printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli));
correct = False;
}
- fnum = cli_open(cli, fname2,
+ fnum = cli_open(&cli, fname2,
O_RDWR | O_CREAT | O_TRUNC, DENY_NONE);
- cli_write(cli, fnum, 0, (char *)&fnum, 0, sizeof(fnum));
- cli_close(cli, fnum);
- if (!cli_qpathinfo2(cli, "\\trans2\\", &c_time, &a_time, &m_time2,
+ cli_write(&cli, fnum, 0, (char *)&fnum, 0, sizeof(fnum));
+ cli_close(&cli, fnum);
+ if (!cli_qpathinfo2(&cli, "\\trans2\\", &c_time, &a_time, &m_time2,
&w_time, &size, NULL, NULL)) {
- printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(cli));
+ printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli));
correct = False;
} else {
if (m_time2 == m_time) {
@@ -2454,10 +2145,10 @@ static BOOL run_trans2test(int dummy)
correct = False;
}
}
- cli_unlink(cli, fname2);
- cli_rmdir(cli, dname);
+ cli_unlink(&cli, fname2);
+ cli_rmdir(&cli, dname);
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
@@ -2490,7 +2181,7 @@ static BOOL new_trans(struct cli_state *pcli, int fnum, int level)
static BOOL run_w2ktest(int dummy)
{
- struct cli_state *cli;
+ static struct cli_state cli;
int fnum;
const char *fname = "\\w2ktest\\w2k.tst";
int level;
@@ -2502,16 +2193,16 @@ static BOOL run_w2ktest(int dummy)
return False;
}
- fnum = cli_open(cli, fname,
+ fnum = cli_open(&cli, fname,
O_RDWR | O_CREAT , DENY_NONE);
for (level = 1004; level < 1040; level++) {
- new_trans(cli, fnum, level);
+ new_trans(&cli, fnum, level);
}
- cli_close(cli, fnum);
+ cli_close(&cli, fnum);
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
@@ -2526,7 +2217,7 @@ static BOOL run_w2ktest(int dummy)
*/
static BOOL run_oplock1(int dummy)
{
- struct cli_state *cli1;
+ static struct cli_state cli1;
const char *fname = "\\lockt1.lck";
int fnum1;
BOOL correct = True;
@@ -2537,34 +2228,34 @@ static BOOL run_oplock1(int dummy)
return False;
}
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
- cli_sockopt(cli1, sockops);
+ cli_sockopt(&cli1, sockops);
- cli1->use_oplocks = True;
+ cli1.use_oplocks = True;
- fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- cli1->use_oplocks = False;
+ cli1.use_oplocks = False;
- cli_unlink(cli1, fname);
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
+ cli_unlink(&cli1, fname);
- if (!cli_close(cli1, fnum1)) {
- printf("close2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close2 failed (%s)\n", cli_errstr(&cli1));
return False;
}
- if (!cli_unlink(cli1, fname)) {
- printf("unlink failed (%s)\n", cli_errstr(cli1));
+ if (!cli_unlink(&cli1, fname)) {
+ printf("unlink failed (%s)\n", cli_errstr(&cli1));
return False;
}
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(&cli1)) {
correct = False;
}
@@ -2575,7 +2266,7 @@ static BOOL run_oplock1(int dummy)
static BOOL run_oplock2(int dummy)
{
- struct cli_state *cli1, *cli2;
+ static struct cli_state cli1, cli2;
const char *fname = "\\lockt2.lck";
int fnum1, fnum2;
int saved_use_oplocks = use_oplocks;
@@ -2597,8 +2288,8 @@ static BOOL run_oplock2(int dummy)
return False;
}
- cli1->use_oplocks = True;
- cli1->use_level_II_oplocks = True;
+ cli1.use_oplocks = True;
+ cli1.use_level_II_oplocks = True;
if (!torture_open_connection(&cli2)) {
use_level_II_oplocks = False;
@@ -2606,17 +2297,17 @@ static BOOL run_oplock2(int dummy)
return False;
}
- cli2->use_oplocks = True;
- cli2->use_level_II_oplocks = True;
+ cli2.use_oplocks = True;
+ cli2.use_level_II_oplocks = True;
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
- cli_sockopt(cli1, sockops);
- cli_sockopt(cli2, sockops);
+ cli_sockopt(&cli1, sockops);
+ cli_sockopt(&cli2, sockops);
- fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
@@ -2626,17 +2317,17 @@ static BOOL run_oplock2(int dummy)
if (fork() == 0) {
/* Child code */
- fnum2 = cli_open(cli2, fname, O_RDWR, DENY_NONE);
+ fnum2 = cli_open(&cli2, fname, O_RDWR, DENY_NONE);
if (fnum2 == -1) {
- printf("second open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("second open of %s failed (%s)\n", fname, cli_errstr(&cli1));
*shared_correct = False;
exit(0);
}
sleep(2);
- if (!cli_close(cli2, fnum2)) {
- printf("close2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli2, fnum2)) {
+ printf("close2 failed (%s)\n", cli_errstr(&cli1));
*shared_correct = False;
}
@@ -2647,54 +2338,54 @@ static BOOL run_oplock2(int dummy)
/* Ensure cli1 processes the break. */
- if (cli_read(cli1, fnum1, buf, 0, 4) != 4) {
- printf("read on fnum1 failed (%s)\n", cli_errstr(cli1));
+ if (cli_read(&cli1, fnum1, buf, 0, 4) != 4) {
+ printf("read on fnum1 failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
/* Should now be at level II. */
/* Test if sending a write locks causes a break to none. */
- if (!cli_lock(cli1, fnum1, 0, 4, 0, READ_LOCK)) {
- printf("lock failed (%s)\n", cli_errstr(cli1));
+ if (!cli_lock(&cli1, fnum1, 0, 4, 0, READ_LOCK)) {
+ printf("lock failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
- cli_unlock(cli1, fnum1, 0, 4);
+ cli_unlock(&cli1, fnum1, 0, 4);
sleep(2);
- if (!cli_lock(cli1, fnum1, 0, 4, 0, WRITE_LOCK)) {
- printf("lock failed (%s)\n", cli_errstr(cli1));
+ if (!cli_lock(&cli1, fnum1, 0, 4, 0, WRITE_LOCK)) {
+ printf("lock failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
- cli_unlock(cli1, fnum1, 0, 4);
+ cli_unlock(&cli1, fnum1, 0, 4);
sleep(2);
- cli_read(cli1, fnum1, buf, 0, 4);
+ cli_read(&cli1, fnum1, buf, 0, 4);
#if 0
- if (cli_write(cli1, fnum1, 0, buf, 0, 4) != 4) {
- printf("write on fnum1 failed (%s)\n", cli_errstr(cli1));
+ if (cli_write(&cli1, fnum1, 0, buf, 0, 4) != 4) {
+ printf("write on fnum1 failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
#endif
- if (!cli_close(cli1, fnum1)) {
- printf("close1 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close1 failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
sleep(4);
- if (!cli_unlink(cli1, fname)) {
- printf("unlink failed (%s)\n", cli_errstr(cli1));
+ if (!cli_unlink(&cli1, fname)) {
+ printf("unlink failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(&cli1)) {
correct = False;
}
@@ -2717,7 +2408,7 @@ static BOOL oplock3_handler(struct cli_state *cli, int fnum, unsigned char level
static BOOL run_oplock3(int dummy)
{
- struct cli_state *cli;
+ static struct cli_state cli;
const char *fname = "\\oplockt3.dat";
int fnum;
char buf[4] = "abcd";
@@ -2739,8 +2430,8 @@ static BOOL run_oplock3(int dummy)
}
sleep(2);
/* try to trigger a oplock break in parent */
- fnum = cli_open(cli, fname, O_RDWR, DENY_NONE);
- cli_write(cli, fnum, 0, buf, 0, 4);
+ fnum = cli_open(&cli, fname, O_RDWR, DENY_NONE);
+ cli_write(&cli, fnum, 0, buf, 0, 4);
exit(0);
}
@@ -2750,13 +2441,13 @@ static BOOL run_oplock3(int dummy)
if (!torture_open_connection(&cli)) {
return False;
}
- cli_oplock_handler(cli, oplock3_handler);
- fnum = cli_open(cli, fname, O_RDWR|O_CREAT, DENY_NONE);
- cli_write(cli, fnum, 0, buf, 0, 4);
- cli_close(cli, fnum);
- fnum = cli_open(cli, fname, O_RDWR, DENY_NONE);
- cli->timeout = 20000;
- cli_receive_smb(cli);
+ cli_oplock_handler(&cli, oplock3_handler);
+ fnum = cli_open(&cli, fname, O_RDWR|O_CREAT, DENY_NONE);
+ cli_write(&cli, fnum, 0, buf, 0, 4);
+ cli_close(&cli, fnum);
+ fnum = cli_open(&cli, fname, O_RDWR, DENY_NONE);
+ cli.timeout = 20000;
+ cli_receive_smb(&cli);
printf("finished oplock test 3\n");
return (correct && *shared_correct);
@@ -2771,8 +2462,8 @@ static BOOL run_oplock3(int dummy)
*/
static BOOL run_deletetest(int dummy)
{
- struct cli_state *cli1;
- struct cli_state *cli2;
+ static struct cli_state cli1;
+ static struct cli_state cli2;
const char *fname = "\\delete.file";
int fnum1 = -1;
int fnum2 = -1;
@@ -2780,36 +2471,45 @@ static BOOL run_deletetest(int dummy)
printf("starting delete test\n");
+ ZERO_STRUCT(cli1);
+ ZERO_STRUCT(cli2);
+
if (!torture_open_connection(&cli1)) {
return False;
}
- cli_sockopt(cli1, sockops);
+ cli_sockopt(&cli1, sockops);
- /* Test 1 - this should delete the file on close. */
+ /* Test 1 - this should *NOT* delete the file on close. */
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
+ cli_setatr(&cli1, fname, 0, 0);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_NORMAL,
+ fnum1 = cli_nt_create_full(&cli1, fname, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_DELETE, FILE_OVERWRITE_IF,
- FILE_DELETE_ON_CLOSE, 0);
+ DELETE_ON_CLOSE_FLAG);
if (fnum1 == -1) {
- printf("[1] open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[1] open of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_close(cli1, fnum1)) {
- printf("[1] close failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[1] close failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
- fnum1 = cli_open(cli1, fname, O_RDWR, DENY_NONE);
- if (fnum1 != -1) {
- printf("[1] open of %s succeeded (should fail)\n", fname);
+ fnum1 = cli_open(&cli1, fname, O_RDWR, DENY_NONE);
+ if (fnum1 == -1) {
+ printf("[1] open of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ correct = False;
+ goto fail;
+ }
+
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[1] close failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
@@ -2818,52 +2518,52 @@ static BOOL run_deletetest(int dummy)
/* Test 2 - this should delete the file on close. */
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
+ cli_setatr(&cli1, fname, 0, 0);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_ALL_ACCESS,
+ fnum1 = cli_nt_create_full(&cli1, fname, GENERIC_ALL_ACCESS,
FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE,
- FILE_OVERWRITE_IF, 0, 0);
+ FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("[2] open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[2] open of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_nt_delete_on_close(cli1, fnum1, True)) {
- printf("[2] setting delete_on_close failed (%s)\n", cli_errstr(cli1));
+ if (!cli_nt_delete_on_close(&cli1, fnum1, True)) {
+ printf("[2] setting delete_on_close failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_close(cli1, fnum1)) {
- printf("[2] close failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[2] close failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
- fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_NONE);
if (fnum1 != -1) {
printf("[2] open of %s succeeded should have been deleted on close !\n", fname);
- if (!cli_close(cli1, fnum1)) {
- printf("[2] close failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[2] close failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
} else
printf("second delete on close test succeeded.\n");
/* Test 3 - ... */
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
+ cli_setatr(&cli1, fname, 0, 0);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("[3] open - 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[3] open - 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
@@ -2871,8 +2571,8 @@ static BOOL run_deletetest(int dummy)
/* This should fail with a sharing violation - open for delete is only compatible
with SHARE_DELETE. */
- fnum2 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, 0);
+ fnum2 = cli_nt_create_full(&cli1, fname, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0);
if (fnum2 != -1) {
printf("[3] open - 2 of %s succeeded - should have failed.\n", fname);
@@ -2882,85 +2582,84 @@ static BOOL run_deletetest(int dummy)
/* This should succeed. */
- fnum2 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0, 0);
+ fnum2 = cli_nt_create_full(&cli1, fname, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0);
if (fnum2 == -1) {
- printf("[3] open - 2 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[3] open - 2 of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_nt_delete_on_close(cli1, fnum1, True)) {
- printf("[3] setting delete_on_close failed (%s)\n", cli_errstr(cli1));
+ if (!cli_nt_delete_on_close(&cli1, fnum1, True)) {
+ printf("[3] setting delete_on_close failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_close(cli1, fnum1)) {
- printf("[3] close 1 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[3] close 1 failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_close(cli1, fnum2)) {
- printf("[3] close 2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum2)) {
+ printf("[3] close 2 failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
/* This should fail - file should no longer be there. */
- fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_NONE);
if (fnum1 != -1) {
printf("[3] open of %s succeeded should have been deleted on close !\n", fname);
- if (!cli_close(cli1, fnum1)) {
- printf("[3] close failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[3] close failed (%s)\n", cli_errstr(&cli1));
}
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
correct = False;
goto fail;
} else
printf("third delete on close test succeeded.\n");
/* Test 4 ... */
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
+ cli_setatr(&cli1, fname, 0, 0);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
- FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
+ FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("[4] open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[4] open of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
/* This should succeed. */
- fnum2 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS,
- FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0, 0);
+ fnum2 = cli_nt_create_full(&cli1, fname, GENERIC_READ_ACCESS,
+ FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0);
if (fnum2 == -1) {
- printf("[4] open - 2 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[4] open - 2 of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_close(cli1, fnum2)) {
- printf("[4] close - 1 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum2)) {
+ printf("[4] close - 1 failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_nt_delete_on_close(cli1, fnum1, True)) {
- printf("[4] setting delete_on_close failed (%s)\n", cli_errstr(cli1));
+ if (!cli_nt_delete_on_close(&cli1, fnum1, True)) {
+ printf("[4] setting delete_on_close failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
/* This should fail - no more opens once delete on close set. */
- fnum2 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS,
- FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
- FILE_OPEN, 0, 0);
+ fnum2 = cli_nt_create_full(&cli1, fname, GENERIC_READ_ACCESS,
+ FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0);
if (fnum2 != -1) {
printf("[4] open - 3 of %s succeeded ! Should have failed.\n", fname );
correct = False;
@@ -2968,33 +2667,33 @@ static BOOL run_deletetest(int dummy)
} else
printf("fourth delete on close test succeeded.\n");
- if (!cli_close(cli1, fnum1)) {
- printf("[4] close - 2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[4] close - 2 failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
/* Test 5 ... */
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
+ cli_setatr(&cli1, fname, 0, 0);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT, DENY_NONE);
if (fnum1 == -1) {
- printf("[5] open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[5] open of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
/* This should fail - only allowed on NT opens with DELETE access. */
- if (cli_nt_delete_on_close(cli1, fnum1, True)) {
+ if (cli_nt_delete_on_close(&cli1, fnum1, True)) {
printf("[5] setting delete_on_close on OpenX file succeeded - should fail !\n");
correct = False;
goto fail;
}
- if (!cli_close(cli1, fnum1)) {
- printf("[5] close - 2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[5] close - 2 failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
@@ -3002,29 +2701,29 @@ static BOOL run_deletetest(int dummy)
printf("fifth delete on close test succeeded.\n");
/* Test 6 ... */
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
+ cli_setatr(&cli1, fname, 0, 0);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA,
+ fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA,
FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
- FILE_OVERWRITE_IF, 0, 0);
+ FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("[6] open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[6] open of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
/* This should fail - only allowed on NT opens with DELETE access. */
- if (cli_nt_delete_on_close(cli1, fnum1, True)) {
+ if (cli_nt_delete_on_close(&cli1, fnum1, True)) {
printf("[6] setting delete_on_close on file with no delete access succeeded - should fail !\n");
correct = False;
goto fail;
}
- if (!cli_close(cli1, fnum1)) {
- printf("[6] close - 2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[6] close - 2 failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
@@ -3032,47 +2731,47 @@ static BOOL run_deletetest(int dummy)
printf("sixth delete on close test succeeded.\n");
/* Test 7 ... */
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
+ cli_setatr(&cli1, fname, 0, 0);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
- FILE_ATTRIBUTE_NORMAL, 0, FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
+ FILE_ATTRIBUTE_NORMAL, 0, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("[7] open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[7] open of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_nt_delete_on_close(cli1, fnum1, True)) {
+ if (!cli_nt_delete_on_close(&cli1, fnum1, True)) {
printf("[7] setting delete_on_close on file failed !\n");
correct = False;
goto fail;
}
- if (!cli_nt_delete_on_close(cli1, fnum1, False)) {
+ if (!cli_nt_delete_on_close(&cli1, fnum1, False)) {
printf("[7] unsetting delete_on_close on file failed !\n");
correct = False;
goto fail;
}
- if (!cli_close(cli1, fnum1)) {
- printf("[7] close - 2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[7] close - 2 failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
/* This next open should succeed - we reset the flag. */
- fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_NONE);
if (fnum1 == -1) {
- printf("[5] open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[5] open of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_close(cli1, fnum1)) {
- printf("[7] close - 2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[7] close - 2 failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
@@ -3080,8 +2779,8 @@ static BOOL run_deletetest(int dummy)
printf("seventh delete on close test succeeded.\n");
/* Test 7 ... */
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
+ cli_setatr(&cli1, fname, 0, 0);
+ cli_unlink(&cli1, fname);
if (!torture_open_connection(&cli2)) {
printf("[8] failed to open second connection.\n");
@@ -3089,48 +2788,46 @@ static BOOL run_deletetest(int dummy)
goto fail;
}
- cli_sockopt(cli1, sockops);
+ cli_sockopt(&cli1, sockops);
- fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
- FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
- FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
+ FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("[8] open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[8] open of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
- fnum2 = cli_nt_create_full(cli2, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
- FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
- FILE_OPEN, 0, 0);
+ fnum2 = cli_nt_create_full(&cli2, fname, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
+ FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0);
if (fnum2 == -1) {
- printf("[8] open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[8] open of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_nt_delete_on_close(cli1, fnum1, True)) {
+ if (!cli_nt_delete_on_close(&cli1, fnum1, True)) {
printf("[8] setting delete_on_close on file failed !\n");
correct = False;
goto fail;
}
- if (!cli_close(cli1, fnum1)) {
- printf("[8] close - 1 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[8] close - 1 failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
- if (!cli_close(cli2, fnum2)) {
- printf("[8] close - 2 failed (%s)\n", cli_errstr(cli2));
+ if (!cli_close(&cli2, fnum2)) {
+ printf("[8] close - 2 failed (%s)\n", cli_errstr(&cli2));
correct = False;
goto fail;
}
/* This should fail.. */
- fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_NONE);
if (fnum1 != -1) {
printf("[8] open of %s succeeded should have been deleted on close !\n", fname);
goto fail;
@@ -3139,8 +2836,8 @@ static BOOL run_deletetest(int dummy)
printf("eighth delete on close test succeeded.\n");
/* This should fail - we need to set DELETE_ACCESS. */
- fnum1 = cli_nt_create_full(cli1, fname, 0,FILE_READ_DATA|FILE_WRITE_DATA,
- FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, FILE_OVERWRITE_IF, FILE_DELETE_ON_CLOSE, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA,
+ FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, FILE_OVERWRITE_IF, FILE_DELETE_ON_CLOSE);
if (fnum1 != -1) {
printf("[9] open of %s succeeded should have failed!\n", fname);
@@ -3150,23 +2847,23 @@ static BOOL run_deletetest(int dummy)
printf("ninth delete on close test succeeded.\n");
- fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
- FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, FILE_OVERWRITE_IF, FILE_DELETE_ON_CLOSE, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
+ FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, FILE_OVERWRITE_IF, FILE_DELETE_ON_CLOSE);
if (fnum1 == -1) {
- printf("[10] open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("[10] open of %s failed (%s)\n", fname, cli_errstr(&cli1));
correct = False;
goto fail;
}
/* This should delete the file. */
- if (!cli_close(cli1, fnum1)) {
- printf("[10] close failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("[10] close failed (%s)\n", cli_errstr(&cli1));
correct = False;
goto fail;
}
/* This should fail.. */
- fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_NONE);
if (fnum1 != -1) {
printf("[10] open of %s succeeded should have been deleted on close !\n", fname);
goto fail;
@@ -3176,19 +2873,16 @@ static BOOL run_deletetest(int dummy)
printf("finished delete test\n");
fail:
- /* FIXME: This will crash if we aborted before cli2 got
- * intialized, because these functions don't handle
- * uninitialized connections. */
-
- cli_close(cli1, fnum1);
- cli_close(cli1, fnum2);
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
-
- if (!torture_close_connection(cli1)) {
+
+ cli_close(&cli1, fnum1);
+ cli_close(&cli1, fnum2);
+ cli_setatr(&cli1, fname, 0, 0);
+ cli_unlink(&cli1, fname);
+
+ if (!torture_close_connection(&cli1)) {
correct = False;
}
- if (!torture_close_connection(cli2)) {
+ if (!torture_close_connection(&cli2)) {
correct = False;
}
return correct;
@@ -3200,7 +2894,7 @@ static BOOL run_deletetest(int dummy)
*/
static BOOL run_properties(int dummy)
{
- static struct cli_state *cli;
+ static struct cli_state cli;
BOOL correct = True;
printf("starting properties test\n");
@@ -3211,11 +2905,11 @@ static BOOL run_properties(int dummy)
return False;
}
- cli_sockopt(cli, sockops);
+ cli_sockopt(&cli, sockops);
- d_printf("Capabilities 0x%08x\n", cli->capabilities);
+ d_printf("Capabilities 0x%08x\n", cli.capabilities);
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
@@ -3248,7 +2942,7 @@ static BOOL run_properties(int dummy)
*/
static BOOL run_xcopy(int dummy)
{
- static struct cli_state *cli1;
+ static struct cli_state cli1;
const char *fname = "\\test.txt";
BOOL correct = True;
int fnum1, fnum2;
@@ -3259,26 +2953,26 @@ static BOOL run_xcopy(int dummy)
return False;
}
- fnum1 = cli_nt_create_full(cli1, fname, 0,
+ fnum1 = cli_nt_create_full(&cli1, fname,
FIRST_DESIRED_ACCESS, FILE_ATTRIBUTE_ARCHIVE,
FILE_SHARE_NONE, FILE_OVERWRITE_IF,
- 0x4044, 0);
+ 0x4044);
if (fnum1 == -1) {
- printf("First open failed - %s\n", cli_errstr(cli1));
+ printf("First open failed - %s\n", cli_errstr(&cli1));
return False;
}
- fnum2 = cli_nt_create_full(cli1, fname, 0,
+ fnum2 = cli_nt_create_full(&cli1, fname,
SECOND_DESIRED_ACCESS, 0,
FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN,
- 0x200000, 0);
+ 0x200000);
if (fnum2 == -1) {
- printf("second open failed - %s\n", cli_errstr(cli1));
+ printf("second open failed - %s\n", cli_errstr(&cli1));
return False;
}
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(&cli1)) {
correct = False;
}
@@ -3290,7 +2984,7 @@ static BOOL run_xcopy(int dummy)
*/
static BOOL run_rename(int dummy)
{
- static struct cli_state *cli1;
+ static struct cli_state cli1;
const char *fname = "\\test.txt";
const char *fname1 = "\\test1.txt";
BOOL correct = True;
@@ -3302,62 +2996,62 @@ static BOOL run_rename(int dummy)
return False;
}
- cli_unlink(cli1, fname);
- cli_unlink(cli1, fname1);
- fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_READ, FILE_OVERWRITE_IF, 0, 0);
+ cli_unlink(&cli1, fname);
+ cli_unlink(&cli1, fname1);
+ fnum1 = cli_nt_create_full(&cli1, fname, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("First open failed - %s\n", cli_errstr(cli1));
+ printf("First open failed - %s\n", cli_errstr(&cli1));
return False;
}
- if (!cli_rename(cli1, fname, fname1)) {
- printf("First rename failed (this is correct) - %s\n", cli_errstr(cli1));
+ if (!cli_rename(&cli1, fname, fname1)) {
+ printf("First rename failed (this is correct) - %s\n", cli_errstr(&cli1));
} else {
printf("First rename succeeded - this should have failed !\n");
correct = False;
}
- if (!cli_close(cli1, fnum1)) {
- printf("close - 1 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close - 1 failed (%s)\n", cli_errstr(&cli1));
return False;
}
- cli_unlink(cli1, fname);
- cli_unlink(cli1, fname1);
- fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL,
+ cli_unlink(&cli1, fname);
+ cli_unlink(&cli1, fname1);
+ fnum1 = cli_nt_create_full(&cli1, fname,GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL,
#if 0
- FILE_SHARE_DELETE|FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
+ FILE_SHARE_DELETE|FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
#else
- FILE_SHARE_DELETE|FILE_SHARE_READ, FILE_OVERWRITE_IF, 0, 0);
+ FILE_SHARE_DELETE|FILE_SHARE_READ, FILE_OVERWRITE_IF, 0);
#endif
if (fnum1 == -1) {
- printf("Second open failed - %s\n", cli_errstr(cli1));
+ printf("Second open failed - %s\n", cli_errstr(&cli1));
return False;
}
- if (!cli_rename(cli1, fname, fname1)) {
- printf("Second rename failed - this should have succeeded - %s\n", cli_errstr(cli1));
+ if (!cli_rename(&cli1, fname, fname1)) {
+ printf("Second rename failed - this should have succeeded - %s\n", cli_errstr(&cli1));
correct = False;
} else {
printf("Second rename succeeded\n");
}
- if (!cli_close(cli1, fnum1)) {
- printf("close - 2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close - 2 failed (%s)\n", cli_errstr(&cli1));
return False;
}
- cli_unlink(cli1, fname);
- cli_unlink(cli1, fname1);
+ cli_unlink(&cli1, fname);
+ cli_unlink(&cli1, fname1);
- fnum1 = cli_nt_create_full(cli1, fname, 0, READ_CONTROL_ACCESS, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname,READ_CONTROL_ACCESS, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("Third open failed - %s\n", cli_errstr(cli1));
+ printf("Third open failed - %s\n", cli_errstr(&cli1));
return False;
}
@@ -3366,41 +3060,41 @@ static BOOL run_rename(int dummy)
{
int fnum2;
- fnum2 = cli_nt_create_full(cli1, fname, 0, DELETE_ACCESS, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
+ fnum2 = cli_nt_create_full(&cli1, fname,DELETE_ACCESS, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
if (fnum2 == -1) {
- printf("Fourth open failed - %s\n", cli_errstr(cli1));
+ printf("Fourth open failed - %s\n", cli_errstr(&cli1));
return False;
}
- if (!cli_nt_delete_on_close(cli1, fnum2, True)) {
+ if (!cli_nt_delete_on_close(&cli1, fnum2, True)) {
printf("[8] setting delete_on_close on file failed !\n");
return False;
}
- if (!cli_close(cli1, fnum2)) {
- printf("close - 4 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum2)) {
+ printf("close - 4 failed (%s)\n", cli_errstr(&cli1));
return False;
}
}
#endif
- if (!cli_rename(cli1, fname, fname1)) {
- printf("Third rename failed - this should have succeeded - %s\n", cli_errstr(cli1));
+ if (!cli_rename(&cli1, fname, fname1)) {
+ printf("Third rename failed - this should have succeeded - %s\n", cli_errstr(&cli1));
correct = False;
} else {
printf("Third rename succeeded\n");
}
- if (!cli_close(cli1, fnum1)) {
- printf("close - 3 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close - 3 failed (%s)\n", cli_errstr(&cli1));
return False;
}
- cli_unlink(cli1, fname);
- cli_unlink(cli1, fname1);
+ cli_unlink(&cli1, fname);
+ cli_unlink(&cli1, fname1);
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(&cli1)) {
correct = False;
}
@@ -3409,7 +3103,7 @@ static BOOL run_rename(int dummy)
static BOOL run_pipe_number(int dummy)
{
- struct cli_state *cli1;
+ static struct cli_state cli1;
const char *pipe_name = "\\SPOOLSS";
int fnum;
int num_pipes = 0;
@@ -3419,20 +3113,20 @@ static BOOL run_pipe_number(int dummy)
return False;
}
- cli_sockopt(cli1, sockops);
+ cli_sockopt(&cli1, sockops);
while(1) {
- fnum = cli_nt_create_full(cli1, pipe_name, 0, FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN_IF, 0, 0);
+ fnum = cli_nt_create_full(&cli1, pipe_name,FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN_IF, 0);
if (fnum == -1) {
- printf("Open of pipe %s failed with error (%s)\n", pipe_name, cli_errstr(cli1));
+ printf("Open of pipe %s failed with error (%s)\n", pipe_name, cli_errstr(&cli1));
break;
}
num_pipes++;
}
printf("pipe_number test - we can open %d %s pipes.\n", num_pipes, pipe_name );
- torture_close_connection(cli1);
+ torture_close_connection(&cli1);
return True;
}
@@ -3441,14 +3135,15 @@ static BOOL run_pipe_number(int dummy)
*/
static BOOL run_opentest(int dummy)
{
- static struct cli_state *cli1;
- static struct cli_state *cli2;
+ static struct cli_state cli1;
+ static struct cli_state cli2;
const char *fname = "\\readonly.file";
int fnum1, fnum2;
char buf[20];
size_t fsize;
BOOL correct = True;
char *tmp_path;
+ uint16 attr;
printf("starting open test\n");
@@ -3456,77 +3151,77 @@ static BOOL run_opentest(int dummy)
return False;
}
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
+ cli_setatr(&cli1, fname, 0, 0);
+ cli_unlink(&cli1, fname);
- cli_sockopt(cli1, sockops);
+ cli_sockopt(&cli1, sockops);
- fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- if (!cli_close(cli1, fnum1)) {
- printf("close2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close2 failed (%s)\n", cli_errstr(&cli1));
return False;
}
- if (!cli_setatr(cli1, fname, aRONLY, 0)) {
- printf("cli_setatr failed (%s)\n", cli_errstr(cli1));
+ if (!cli_setatr(&cli1, fname, aRONLY, 0)) {
+ printf("cli_setatr failed (%s)\n", cli_errstr(&cli1));
return False;
}
- fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_WRITE);
+ fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_WRITE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
/* This will fail - but the error should be ERRnoaccess, not ERRbadshare. */
- fnum2 = cli_open(cli1, fname, O_RDWR, DENY_ALL);
+ fnum2 = cli_open(&cli1, fname, O_RDWR, DENY_ALL);
- if (check_error(__LINE__, cli1, ERRDOS, ERRnoaccess,
+ if (check_error(__LINE__, &cli1, ERRDOS, ERRnoaccess,
NT_STATUS_ACCESS_DENIED)) {
printf("correct error code ERRDOS/ERRnoaccess returned\n");
}
printf("finished open test 1\n");
- cli_close(cli1, fnum1);
+ cli_close(&cli1, fnum1);
/* Now try not readonly and ensure ERRbadshare is returned. */
- cli_setatr(cli1, fname, 0, 0);
+ cli_setatr(&cli1, fname, 0, 0);
- fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_WRITE);
+ fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_WRITE);
if (fnum1 == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
/* This will fail - but the error should be ERRshare. */
- fnum2 = cli_open(cli1, fname, O_RDWR, DENY_ALL);
+ fnum2 = cli_open(&cli1, fname, O_RDWR, DENY_ALL);
- if (check_error(__LINE__, cli1, ERRDOS, ERRbadshare,
+ if (check_error(__LINE__, &cli1, ERRDOS, ERRbadshare,
NT_STATUS_SHARING_VIOLATION)) {
printf("correct error code ERRDOS/ERRbadshare returned\n");
}
- if (!cli_close(cli1, fnum1)) {
- printf("close2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close2 failed (%s)\n", cli_errstr(&cli1));
return False;
}
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
printf("finished open test 2\n");
/* Test truncate open disposition on file opened for read. */
- fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
- printf("(3) open (1) of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("(3) open (1) of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
@@ -3534,19 +3229,19 @@ static BOOL run_opentest(int dummy)
memset(buf, '\0', 20);
- if (cli_write(cli1, fnum1, 0, buf, 0, 20) != 20) {
- printf("write failed (%s)\n", cli_errstr(cli1));
+ if (cli_write(&cli1, fnum1, 0, buf, 0, 20) != 20) {
+ printf("write failed (%s)\n", cli_errstr(&cli1));
correct = False;
}
- if (!cli_close(cli1, fnum1)) {
- printf("(3) close1 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("(3) close1 failed (%s)\n", cli_errstr(&cli1));
return False;
}
/* Ensure size == 20. */
- if (!cli_getatr(cli1, fname, NULL, &fsize, NULL)) {
- printf("(3) getatr failed (%s)\n", cli_errstr(cli1));
+ if (!cli_getatr(&cli1, fname, NULL, &fsize, NULL)) {
+ printf("(3) getatr failed (%s)\n", cli_errstr(&cli1));
return False;
}
@@ -3557,20 +3252,20 @@ static BOOL run_opentest(int dummy)
/* Now test if we can truncate a file opened for readonly. */
- fnum1 = cli_open(cli1, fname, O_RDONLY|O_TRUNC, DENY_NONE);
+ fnum1 = cli_open(&cli1, fname, O_RDONLY|O_TRUNC, DENY_NONE);
if (fnum1 == -1) {
- printf("(3) open (2) of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("(3) open (2) of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- if (!cli_close(cli1, fnum1)) {
- printf("close2 failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close2 failed (%s)\n", cli_errstr(&cli1));
return False;
}
/* Ensure size == 0. */
- if (!cli_getatr(cli1, fname, NULL, &fsize, NULL)) {
- printf("(3) getatr failed (%s)\n", cli_errstr(cli1));
+ if (!cli_getatr(&cli1, fname, NULL, &fsize, NULL)) {
+ printf("(3) getatr failed (%s)\n", cli_errstr(&cli1));
return False;
}
@@ -3580,21 +3275,21 @@ static BOOL run_opentest(int dummy)
}
printf("finished open test 3\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
printf("testing ctemp\n");
- fnum1 = cli_ctemp(cli1, "\\", &tmp_path);
+ fnum1 = cli_ctemp(&cli1, "\\", &tmp_path);
if (fnum1 == -1) {
- printf("ctemp failed (%s)\n", cli_errstr(cli1));
+ printf("ctemp failed (%s)\n", cli_errstr(&cli1));
return False;
}
printf("ctemp gave path %s\n", tmp_path);
- if (!cli_close(cli1, fnum1)) {
- printf("close of temp failed (%s)\n", cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("close of temp failed (%s)\n", cli_errstr(&cli1));
}
- if (!cli_unlink(cli1, tmp_path)) {
- printf("unlink of temp failed (%s)\n", cli_errstr(cli1));
+ if (!cli_unlink(&cli1, tmp_path)) {
+ printf("unlink of temp failed (%s)\n", cli_errstr(&cli1));
}
/* Test the non-io opens... */
@@ -3603,158 +3298,158 @@ static BOOL run_opentest(int dummy)
return False;
}
- cli_setatr(cli2, fname, 0, 0);
- cli_unlink(cli2, fname);
+ cli_setatr(&cli2, fname, 0, 0);
+ cli_unlink(&cli2, fname);
- cli_sockopt(cli2, sockops);
+ cli_sockopt(&cli2, sockops);
printf("TEST #1 testing 2 non-io opens (no delete)\n");
- fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("test 1 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("test 1 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- fnum2 = cli_nt_create_full(cli2, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OPEN_IF, 0, 0);
+ fnum2 = cli_nt_create_full(&cli2, fname,FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OPEN_IF, 0);
if (fnum2 == -1) {
- printf("test 1 open 2 of %s failed (%s)\n", fname, cli_errstr(cli2));
+ printf("test 1 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
- if (!cli_close(cli1, fnum1)) {
- printf("test 1 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("test 1 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- if (!cli_close(cli2, fnum2)) {
- printf("test 1 close 2 of %s failed (%s)\n", fname, cli_errstr(cli2));
+ if (!cli_close(&cli2, fnum2)) {
+ printf("test 1 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
printf("non-io open test #1 passed.\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
printf("TEST #2 testing 2 non-io opens (first with delete)\n");
- fnum1 = cli_nt_create_full(cli1, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("test 2 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("test 2 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- fnum2 = cli_nt_create_full(cli2, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OPEN_IF, 0, 0);
+ fnum2 = cli_nt_create_full(&cli2, fname,FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OPEN_IF, 0);
if (fnum2 == -1) {
- printf("test 2 open 2 of %s failed (%s)\n", fname, cli_errstr(cli2));
+ printf("test 2 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
- if (!cli_close(cli1, fnum1)) {
- printf("test 1 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("test 1 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- if (!cli_close(cli2, fnum2)) {
- printf("test 1 close 2 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ if (!cli_close(&cli2, fnum2)) {
+ printf("test 1 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
printf("non-io open test #2 passed.\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
printf("TEST #3 testing 2 non-io opens (second with delete)\n");
- fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("test 3 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("test 3 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- fnum2 = cli_nt_create_full(cli2, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OPEN_IF, 0, 0);
+ fnum2 = cli_nt_create_full(&cli2, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OPEN_IF, 0);
if (fnum2 == -1) {
- printf("test 3 open 2 of %s failed (%s)\n", fname, cli_errstr(cli2));
+ printf("test 3 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
- if (!cli_close(cli1, fnum1)) {
- printf("test 3 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("test 3 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- if (!cli_close(cli2, fnum2)) {
- printf("test 3 close 2 of %s failed (%s)\n", fname, cli_errstr(cli2));
+ if (!cli_close(&cli2, fnum2)) {
+ printf("test 3 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
printf("non-io open test #3 passed.\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
printf("TEST #4 testing 2 non-io opens (both with delete)\n");
- fnum1 = cli_nt_create_full(cli1, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("test 4 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("test 4 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- fnum2 = cli_nt_create_full(cli2, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OPEN_IF, 0, 0);
+ fnum2 = cli_nt_create_full(&cli2, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OPEN_IF, 0);
if (fnum2 != -1) {
- printf("test 4 open 2 of %s SUCCEEDED - should have failed (%s)\n", fname, cli_errstr(cli2));
+ printf("test 4 open 2 of %s SUCCEEDED - should have failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
- printf("test 3 open 2 of %s gave %s (correct error should be %s)\n", fname, cli_errstr(cli2), "sharing violation");
+ printf("test 3 open 2 of %s gave %s (correct error should be %s)\n", fname, cli_errstr(&cli2), "sharing violation");
- if (!cli_close(cli1, fnum1)) {
- printf("test 4 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("test 4 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
printf("non-io open test #4 passed.\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
printf("TEST #5 testing 2 non-io opens (both with delete - both with file share delete)\n");
- fnum1 = cli_nt_create_full(cli1, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_DELETE, FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_DELETE, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("test 5 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("test 5 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- fnum2 = cli_nt_create_full(cli2, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_DELETE, FILE_OPEN_IF, 0, 0);
+ fnum2 = cli_nt_create_full(&cli2, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_DELETE, FILE_OPEN_IF, 0);
if (fnum2 == -1) {
- printf("test 5 open 2 of %s failed (%s)\n", fname, cli_errstr(cli2));
+ printf("test 5 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
- if (!cli_close(cli1, fnum1)) {
- printf("test 5 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("test 5 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- if (!cli_close(cli2, fnum2)) {
- printf("test 5 close 2 of %s failed (%s)\n", fname, cli_errstr(cli2));
+ if (!cli_close(&cli2, fnum2)) {
+ printf("test 5 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
@@ -3762,31 +3457,31 @@ static BOOL run_opentest(int dummy)
printf("TEST #6 testing 1 non-io open, one io open\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("test 6 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("test 6 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- fnum2 = cli_nt_create_full(cli2, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_READ, FILE_OPEN_IF, 0, 0);
+ fnum2 = cli_nt_create_full(&cli2, fname,FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ, FILE_OPEN_IF, 0);
if (fnum2 == -1) {
- printf("test 6 open 2 of %s failed (%s)\n", fname, cli_errstr(cli2));
+ printf("test 6 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
- if (!cli_close(cli1, fnum1)) {
- printf("test 6 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("test 6 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- if (!cli_close(cli2, fnum2)) {
- printf("test 6 close 2 of %s failed (%s)\n", fname, cli_errstr(cli2));
+ if (!cli_close(&cli2, fnum2)) {
+ printf("test 6 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
@@ -3794,203 +3489,135 @@ static BOOL run_opentest(int dummy)
printf("TEST #7 testing 1 non-io open, one io open with delete\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
- fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
+ fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
if (fnum1 == -1) {
- printf("test 7 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ printf("test 7 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
- fnum2 = cli_nt_create_full(cli2, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_READ|FILE_SHARE_DELETE, FILE_OPEN_IF, 0, 0);
+ fnum2 = cli_nt_create_full(&cli2, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_DELETE, FILE_OPEN_IF, 0);
if (fnum2 != -1) {
- printf("test 7 open 2 of %s SUCCEEDED - should have failed (%s)\n", fname, cli_errstr(cli2));
+ printf("test 7 open 2 of %s SUCCEEDED - should have failed (%s)\n", fname, cli_errstr(&cli2));
return False;
}
- printf("test 7 open 2 of %s gave %s (correct error should be %s)\n", fname, cli_errstr(cli2), "sharing violation");
+ printf("test 7 open 2 of %s gave %s (correct error should be %s)\n", fname, cli_errstr(&cli2), "sharing violation");
- if (!cli_close(cli1, fnum1)) {
- printf("test 7 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
+ if (!cli_close(&cli1, fnum1)) {
+ printf("test 7 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
printf("non-io open test #7 passed.\n");
- cli_unlink(cli1, fname);
+ cli_unlink(&cli1, fname);
- if (!torture_close_connection(cli1)) {
- correct = False;
+ /* Test 8 - attributes test #1... */
+ fnum1 = cli_nt_create_full(&cli1, fname,FILE_WRITE_DATA, FILE_ATTRIBUTE_HIDDEN,
+ FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
+
+ if (fnum1 == -1) {
+ printf("test 8 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ return False;
}
- if (!torture_close_connection(cli2)) {
- correct = False;
+
+ if (!cli_close(&cli1, fnum1)) {
+ printf("test 8 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ return False;
}
-
- return correct;
-}
-static uint32 open_attrs_table[] = {
- FILE_ATTRIBUTE_NORMAL,
- FILE_ATTRIBUTE_ARCHIVE,
- FILE_ATTRIBUTE_READONLY,
- FILE_ATTRIBUTE_HIDDEN,
- FILE_ATTRIBUTE_SYSTEM,
-
- FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY,
- FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN,
- FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM,
- FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN,
- FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM,
- FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM,
-
- FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN,
- FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM,
- FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM,
- FILE_ATTRIBUTE_HIDDEN,FILE_ATTRIBUTE_SYSTEM,
-};
-
-struct trunc_open_results {
- unsigned int num;
- uint32 init_attr;
- uint32 trunc_attr;
- uint32 result_attr;
-};
-
-static struct trunc_open_results attr_results[] = {
- { 0, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE },
- { 1, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE },
- { 2, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_READONLY, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY },
- { 16, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE },
- { 17, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE },
- { 18, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_READONLY, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY },
- { 51, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
- { 54, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
- { 56, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN },
- { 68, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
- { 71, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
- { 73, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM },
- { 99, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
- { 102, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
- { 104, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN },
- { 116, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
- { 119, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
- { 121, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM },
- { 170, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN },
- { 173, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM },
- { 227, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
- { 230, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
- { 232, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN },
- { 244, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
- { 247, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
- { 249, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM }
-};
-
-static BOOL run_openattrtest(int dummy)
-{
- static struct cli_state *cli1;
- const char *fname = "\\openattr.file";
- int fnum1;
- BOOL correct = True;
- uint16 attr;
- unsigned int i, j, k, l;
+ /* FILE_SUPERSEDE && FILE_OVERWRITE_IF have the same effect here. */
+ fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_DATA, FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
- printf("starting open attr test\n");
-
- if (!torture_open_connection(&cli1)) {
+ if (fnum1 == -1) {
+ printf("test 8 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli1));
return False;
}
-
- cli_sockopt(cli1, sockops);
- for (k = 0, i = 0; i < sizeof(open_attrs_table)/sizeof(uint32); i++) {
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
- fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_WRITE_DATA, open_attrs_table[i],
- FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
+ if (!cli_close(&cli1, fnum1)) {
+ printf("test 8 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ return False;
+ }
- if (fnum1 == -1) {
- printf("open %d (1) of %s failed (%s)\n", i, fname, cli_errstr(cli1));
- return False;
- }
+ /* This open should fail with ACCESS_DENIED for FILE_SUPERSEDE, FILE_OVERWRITE and FILE_OVERWRITE_IF. */
+ fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OVERWRITE, 0);
- if (!cli_close(cli1, fnum1)) {
- printf("close %d (1) of %s failed (%s)\n", i, fname, cli_errstr(cli1));
- return False;
+ if (fnum1 != -1) {
+ printf("test 8 open 3 of %s succeeded - should have failed with (NT_STATUS_ACCESS_DENIED)\n", fname);
+ correct = False;
+ cli_close(&cli1, fnum1);
+ } else {
+ if (check_error(__LINE__, &cli1, ERRDOS, ERRnoaccess, NT_STATUS_ACCESS_DENIED)) {
+ printf("correct error code NT_STATUS_ACCESS_DENIED/ERRDOS:ERRnoaccess returned\n");
}
+ }
- for (j = 0; j < sizeof(open_attrs_table)/sizeof(uint32); j++) {
- fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA, open_attrs_table[j],
- FILE_SHARE_NONE, FILE_OVERWRITE, 0, 0);
-
- if (fnum1 == -1) {
- for (l = 0; l < sizeof(attr_results)/sizeof(struct trunc_open_results); l++) {
- if (attr_results[l].num == k) {
- printf("[%d] trunc open 0x%x -> 0x%x of %s failed - should have succeeded !(0x%x:%s)\n",
- k, open_attrs_table[i],
- open_attrs_table[j],
- fname, NT_STATUS_V(cli_nt_error(cli1)), cli_errstr(cli1));
- correct = False;
- }
- }
- if (NT_STATUS_V(cli_nt_error(cli1)) != NT_STATUS_V(NT_STATUS_ACCESS_DENIED)) {
- printf("[%d] trunc open 0x%x -> 0x%x failed with wrong error code %s\n",
- k, open_attrs_table[i], open_attrs_table[j],
- cli_errstr(cli1));
- correct = False;
- }
-#if 0
- printf("[%d] trunc open 0x%x -> 0x%x failed\n", k, open_attrs_table[i], open_attrs_table[j]);
-#endif
- k++;
- continue;
- }
+ printf("Attribute open test #8 %s.\n", correct ? "passed" : "failed");
- if (!cli_close(cli1, fnum1)) {
- printf("close %d (2) of %s failed (%s)\n", j, fname, cli_errstr(cli1));
- return False;
- }
+ cli_unlink(&cli1, fname);
- if (!cli_getatr(cli1, fname, &attr, NULL, NULL)) {
- printf("getatr(2) failed (%s)\n", cli_errstr(cli1));
- return False;
- }
+ /*
+ * Test #9. Open with NORMAL, close, then re-open with attribute
+ * HIDDEN and request to truncate.
+ */
-#if 0
- printf("[%d] getatr check [0x%x] trunc [0x%x] got attr 0x%x\n",
- k, open_attrs_table[i], open_attrs_table[j], attr );
-#endif
+ fnum1 = cli_nt_create_full(&cli1, fname,FILE_WRITE_DATA, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0);
- for (l = 0; l < sizeof(attr_results)/sizeof(struct trunc_open_results); l++) {
- if (attr_results[l].num == k) {
- if (attr != attr_results[l].result_attr ||
- open_attrs_table[i] != attr_results[l].init_attr ||
- open_attrs_table[j] != attr_results[l].trunc_attr) {
- printf("getatr check failed. [0x%x] trunc [0x%x] got attr 0x%x, should be 0x%x\n",
- open_attrs_table[i],
- open_attrs_table[j],
- (unsigned int)attr,
- attr_results[l].result_attr);
- correct = False;
- }
- break;
- }
- }
- k++;
- }
+ if (fnum1 == -1) {
+ printf("test 9 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ return False;
+ }
+
+ if (!cli_close(&cli1, fnum1)) {
+ printf("test 9 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ return False;
+ }
+
+ fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_DATA|FILE_WRITE_DATA, FILE_ATTRIBUTE_HIDDEN,
+ FILE_SHARE_NONE, FILE_OVERWRITE, 0);
+
+ if (fnum1 == -1) {
+ printf("test 9 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ return False;
+ }
+
+ if (!cli_close(&cli1, fnum1)) {
+ printf("test 9 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli1));
+ return False;
+ }
+
+ /* Ensure we have attr hidden. */
+ if (!cli_getatr(&cli1, fname, &attr, NULL, NULL)) {
+ printf("test 9 getatr(2) failed (%s)\n", cli_errstr(&cli1));
+ return False;
+ }
+
+ if (!(attr & FILE_ATTRIBUTE_HIDDEN)) {
+ printf("test 9 getatr didn't have HIDDEN attribute\n");
+ cli_unlink(&cli1, fname);
+ return False;
}
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname);
+ printf("Attribute open test #9 %s.\n", correct ? "passed" : "failed");
- printf("open attr test %s.\n", correct ? "passed" : "failed");
+ cli_unlink(&cli1, fname);
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(&cli1)) {
+ correct = False;
+ }
+ if (!torture_close_connection(&cli2)) {
correct = False;
}
+
return correct;
}
@@ -4005,7 +3632,7 @@ static void list_fn(file_info *finfo, const char *name, void *state)
static BOOL run_dirtest(int dummy)
{
int i;
- static struct cli_state *cli;
+ static struct cli_state cli;
int fnum;
double t1;
BOOL correct = True;
@@ -4016,25 +3643,25 @@ static BOOL run_dirtest(int dummy)
return False;
}
- cli_sockopt(cli, sockops);
+ cli_sockopt(&cli, sockops);
srandom(0);
for (i=0;i<torture_numops;i++) {
fstring fname;
slprintf(fname, sizeof(fname), "\\%x", (int)random());
- fnum = cli_open(cli, fname, O_RDWR|O_CREAT, DENY_NONE);
+ fnum = cli_open(&cli, fname, O_RDWR|O_CREAT, DENY_NONE);
if (fnum == -1) {
fprintf(stderr,"Failed to open %s\n", fname);
return False;
}
- cli_close(cli, fnum);
+ cli_close(&cli, fnum);
}
t1 = end_timer();
- printf("Matched %d\n", cli_list(cli, "a*.*", 0, list_fn, NULL));
- printf("Matched %d\n", cli_list(cli, "b*.*", 0, list_fn, NULL));
- printf("Matched %d\n", cli_list(cli, "xyzabc", 0, list_fn, NULL));
+ printf("Matched %d\n", cli_list(&cli, "a*.*", 0, list_fn, NULL));
+ printf("Matched %d\n", cli_list(&cli, "b*.*", 0, list_fn, NULL));
+ printf("Matched %d\n", cli_list(&cli, "xyzabc", 0, list_fn, NULL));
printf("dirtest core %g seconds\n", end_timer() - t1);
@@ -4042,10 +3669,10 @@ static BOOL run_dirtest(int dummy)
for (i=0;i<torture_numops;i++) {
fstring fname;
slprintf(fname, sizeof(fname), "\\%x", (int)random());
- cli_unlink(cli, fname);
+ cli_unlink(&cli, fname);
}
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
@@ -4072,150 +3699,10 @@ static void del_fn(file_info *finfo, const char *mask, void *state)
}
}
-
-/*
- sees what IOCTLs are supported
- */
-BOOL torture_ioctl_test(int dummy)
-{
- static struct cli_state *cli;
- uint16 device, function;
- int fnum;
- const char *fname = "\\ioctl.dat";
- DATA_BLOB blob;
- NTSTATUS status;
-
- if (!torture_open_connection(&cli)) {
- return False;
- }
-
- printf("starting ioctl test\n");
-
- cli_unlink(cli, fname);
-
- fnum = cli_open(cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
- if (fnum == -1) {
- printf("open of %s failed (%s)\n", fname, cli_errstr(cli));
- return False;
- }
-
- status = cli_raw_ioctl(cli, fnum, 0x2d0000 | (0x0420<<2), &blob);
- printf("ioctl device info: %s\n", cli_errstr(cli));
-
- status = cli_raw_ioctl(cli, fnum, IOCTL_QUERY_JOB_INFO, &blob);
- printf("ioctl job info: %s\n", cli_errstr(cli));
-
- for (device=0;device<0x100;device++) {
- printf("testing device=0x%x\n", device);
- for (function=0;function<0x100;function++) {
- uint32 code = (device<<16) | function;
-
- status = cli_raw_ioctl(cli, fnum, code, &blob);
-
- if (NT_STATUS_IS_OK(status)) {
- printf("ioctl 0x%x OK : %d bytes\n", code, blob.length);
- data_blob_free(&blob);
- }
- }
- }
-
- if (!torture_close_connection(cli)) {
- return False;
- }
-
- return True;
-}
-
-
-/*
- tries varients of chkpath
- */
-BOOL torture_chkpath_test(int dummy)
-{
- static struct cli_state *cli;
- int fnum;
- BOOL ret;
-
- if (!torture_open_connection(&cli)) {
- return False;
- }
-
- printf("starting chkpath test\n");
-
- /* cleanup from an old run */
- cli_rmdir(cli, "\\chkpath.dir\\dir2");
- cli_unlink(cli, "\\chkpath.dir\\*");
- cli_rmdir(cli, "\\chkpath.dir");
-
- if (!cli_mkdir(cli, "\\chkpath.dir")) {
- printf("mkdir1 failed : %s\n", cli_errstr(cli));
- return False;
- }
-
- if (!cli_mkdir(cli, "\\chkpath.dir\\dir2")) {
- printf("mkdir2 failed : %s\n", cli_errstr(cli));
- return False;
- }
-
- fnum = cli_open(cli, "\\chkpath.dir\\foo.txt", O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
- if (fnum == -1) {
- printf("open1 failed (%s)\n", cli_errstr(cli));
- return False;
- }
- cli_close(cli, fnum);
-
- if (!cli_chkpath(cli, "\\chkpath.dir")) {
- printf("chkpath1 failed: %s\n", cli_errstr(cli));
- ret = False;
- }
-
- if (!cli_chkpath(cli, "\\chkpath.dir\\dir2")) {
- printf("chkpath2 failed: %s\n", cli_errstr(cli));
- ret = False;
- }
-
- if (!cli_chkpath(cli, "\\chkpath.dir\\foo.txt")) {
- ret = check_error(__LINE__, cli, ERRDOS, ERRbadpath,
- NT_STATUS_NOT_A_DIRECTORY);
- } else {
- printf("* chkpath on a file should fail\n");
- ret = False;
- }
-
- if (!cli_chkpath(cli, "\\chkpath.dir\\bar.txt")) {
- ret = check_error(__LINE__, cli, ERRDOS, ERRbadfile,
- NT_STATUS_OBJECT_NAME_NOT_FOUND);
- } else {
- printf("* chkpath on a non existant file should fail\n");
- ret = False;
- }
-
- if (!cli_chkpath(cli, "\\chkpath.dir\\dirxx\\bar.txt")) {
- ret = check_error(__LINE__, cli, ERRDOS, ERRbadpath,
- NT_STATUS_OBJECT_PATH_NOT_FOUND);
- } else {
- printf("* chkpath on a non existent component should fail\n");
- ret = False;
- }
-
- cli_rmdir(cli, "\\chkpath.dir\\dir2");
- cli_unlink(cli, "\\chkpath.dir\\*");
- cli_rmdir(cli, "\\chkpath.dir");
-
- if (!torture_close_connection(cli)) {
- return False;
- }
-
- return ret;
-}
-
-
-
-
static BOOL run_dirtest1(int dummy)
{
int i;
- static struct cli_state *cli;
+ static struct cli_state cli;
int fnum, num_seen;
BOOL correct = True;
@@ -4225,36 +3712,36 @@ static BOOL run_dirtest1(int dummy)
return False;
}
- cli_sockopt(cli, sockops);
+ cli_sockopt(&cli, sockops);
- cli_list(cli, "\\LISTDIR\\*", 0, del_fn, cli);
- cli_list(cli, "\\LISTDIR\\*", aDIR, del_fn, cli);
- cli_rmdir(cli, "\\LISTDIR");
- cli_mkdir(cli, "\\LISTDIR");
+ cli_list(&cli, "\\LISTDIR\\*", 0, del_fn, &cli);
+ cli_list(&cli, "\\LISTDIR\\*", aDIR, del_fn, &cli);
+ cli_rmdir(&cli, "\\LISTDIR");
+ cli_mkdir(&cli, "\\LISTDIR");
/* Create 1000 files and 1000 directories. */
for (i=0;i<1000;i++) {
fstring fname;
slprintf(fname, sizeof(fname), "\\LISTDIR\\f%d", i);
- fnum = cli_nt_create_full(cli, fname, 0, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_ARCHIVE,
- FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0, 0);
+ fnum = cli_nt_create_full(&cli, fname, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_ARCHIVE,
+ FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0);
if (fnum == -1) {
fprintf(stderr,"Failed to open %s\n", fname);
return False;
}
- cli_close(cli, fnum);
+ cli_close(&cli, fnum);
}
for (i=0;i<1000;i++) {
fstring fname;
slprintf(fname, sizeof(fname), "\\LISTDIR\\d%d", i);
- if (!cli_mkdir(cli, fname)) {
+ if (!cli_mkdir(&cli, fname)) {
fprintf(stderr,"Failed to open %s\n", fname);
return False;
}
}
/* Now ensure that doing an old list sees both files and directories. */
- num_seen = cli_list_old(cli, "\\LISTDIR\\*", aDIR, list_fn, NULL);
+ num_seen = cli_list_old(&cli, "\\LISTDIR\\*", aDIR, list_fn, NULL);
printf("num_seen = %d\n", num_seen );
/* We should see 100 files + 1000 directories + . and .. */
if (num_seen != 2002)
@@ -4263,28 +3750,28 @@ static BOOL run_dirtest1(int dummy)
/* Ensure if we have the "must have" bits we only see the
* relevent entries.
*/
- num_seen = cli_list_old(cli, "\\LISTDIR\\*", (aDIR<<8)|aDIR, list_fn, NULL);
+ num_seen = cli_list_old(&cli, "\\LISTDIR\\*", (aDIR<<8)|aDIR, list_fn, NULL);
printf("num_seen = %d\n", num_seen );
if (num_seen != 1002)
correct = False;
- num_seen = cli_list_old(cli, "\\LISTDIR\\*", (aARCH<<8)|aDIR, list_fn, NULL);
+ num_seen = cli_list_old(&cli, "\\LISTDIR\\*", (aARCH<<8)|aDIR, list_fn, NULL);
printf("num_seen = %d\n", num_seen );
if (num_seen != 1000)
correct = False;
/* Delete everything. */
- cli_list(cli, "\\LISTDIR\\*", 0, del_fn, cli);
- cli_list(cli, "\\LISTDIR\\*", aDIR, del_fn, cli);
- cli_rmdir(cli, "\\LISTDIR");
+ cli_list(&cli, "\\LISTDIR\\*", 0, del_fn, &cli);
+ cli_list(&cli, "\\LISTDIR\\*", aDIR, del_fn, &cli);
+ cli_rmdir(&cli, "\\LISTDIR");
#if 0
- printf("Matched %d\n", cli_list(cli, "a*.*", 0, list_fn, NULL));
- printf("Matched %d\n", cli_list(cli, "b*.*", 0, list_fn, NULL));
- printf("Matched %d\n", cli_list(cli, "xyzabc", 0, list_fn, NULL));
+ printf("Matched %d\n", cli_list(&cli, "a*.*", 0, list_fn, NULL));
+ printf("Matched %d\n", cli_list(&cli, "b*.*", 0, list_fn, NULL));
+ printf("Matched %d\n", cli_list(&cli, "xyzabc", 0, list_fn, NULL));
#endif
- if (!torture_close_connection(cli)) {
+ if (!torture_close_connection(&cli)) {
correct = False;
}
@@ -4438,6 +3925,7 @@ static double create_procs(BOOL (*fn)(int), BOOL *result)
slprintf(myname,sizeof(myname),"CLIENT%d", i);
while (1) {
+ memset(&current_cli, 0, sizeof(current_cli));
if (torture_open_connection(&current_cli)) break;
if (tries-- == 0) {
printf("pid %d failed to start\n", (int)getpid());
@@ -4507,7 +3995,6 @@ static struct {
{"LOCK4", run_locktest4, 0},
{"LOCK5", run_locktest5, 0},
{"LOCK6", run_locktest6, 0},
- {"LOCK7", run_locktest7, 0},
{"UNLINK", run_unlinktest, 0},
{"BROWSE", run_browsetest, 0},
{"ATTR", run_attrtest, 0},
@@ -4530,9 +4017,6 @@ static struct {
{"RW2", run_readwritemulti, FLAG_MULTIPROC},
{"RW3", run_readwritelarge, 0},
{"OPEN", run_opentest, 0},
-#if 1
- {"OPENATTR", run_openattrtest, 0},
-#endif
{"XCOPY", run_xcopy, 0},
{"RENAME", run_rename, 0},
{"DELETE", run_deletetest, 0},
@@ -4545,10 +4029,6 @@ static struct {
{"CASETABLE", torture_casetable, 0},
{"ERRMAPEXTRACT", run_error_map_extract, 0},
{"PIPE_NUMBER", run_pipe_number, 0},
- {"TCON2", run_tcon2_test, 0},
- {"IOCTL", torture_ioctl_test, 0},
- {"CHKPATH", torture_chkpath_test, 0},
- {"FDSESS", run_fdsesstest, 0},
{NULL, NULL, 0}};
@@ -4614,7 +4094,6 @@ static void usage(void)
printf("\t-L use oplocks\n");
printf("\t-c CLIENT.TXT specify client load file for NBENCH\n");
printf("\t-A showall\n");
- printf("\t-p port\n");
printf("\t-s seed\n");
printf("\n\n");
@@ -4629,6 +4108,10 @@ static void usage(void)
exit(1);
}
+
+
+
+
/****************************************************************************
main program
****************************************************************************/
@@ -4684,11 +4167,8 @@ static void usage(void)
fstrcpy(workgroup, lp_workgroup());
- while ((opt = getopt(argc, argv, "p:hW:U:n:N:O:o:m:Ld:Ac:ks:")) != EOF) {
+ while ((opt = getopt(argc, argv, "hW:U:n:N:O:o:m:Ld:Ac:ks:")) != EOF) {
switch (opt) {
- case 'p':
- port_to_use = atoi(optarg);
- break;
case 's':
srandom(atoi(optarg));
break;
diff --git a/source3/torture/utable.c b/source3/torture/utable.c
index 3ec5932b79..2b5a912062 100644
--- a/source3/torture/utable.c
+++ b/source3/torture/utable.c
@@ -24,7 +24,7 @@
BOOL torture_utable(int dummy)
{
- struct cli_state *cli;
+ static struct cli_state cli;
fstring fname, alt_name;
int fnum;
smb_ucs2_t c2;
@@ -40,8 +40,8 @@ BOOL torture_utable(int dummy)
memset(valid, 0, sizeof(valid));
- cli_mkdir(cli, "\\utable");
- cli_unlink(cli, "\\utable\\*");
+ cli_mkdir(&cli, "\\utable");
+ cli_unlink(&cli, "\\utable\\*");
for (c=1; c < 0x10000; c++) {
char *p;
@@ -55,13 +55,13 @@ BOOL torture_utable(int dummy)
p[len] = 0;
fstrcat(fname,"_a_long_extension");
- fnum = cli_open(cli, fname, O_RDWR | O_CREAT | O_TRUNC,
+ fnum = cli_open(&cli, fname, O_RDWR | O_CREAT | O_TRUNC,
DENY_NONE);
if (fnum == -1) continue;
chars_allowed++;
- cli_qpathinfo_alt_name(cli, fname, alt_name);
+ cli_qpathinfo_alt_name(&cli, fname, alt_name);
if (strncmp(alt_name, "X_A_L", 5) != 0) {
alt_allowed++;
@@ -69,8 +69,8 @@ BOOL torture_utable(int dummy)
d_printf("fname=[%s] alt_name=[%s]\n", fname, alt_name);
}
- cli_close(cli, fnum);
- cli_unlink(cli, fname);
+ cli_close(&cli, fnum);
+ cli_unlink(&cli, fname);
if (c % 100 == 0) {
printf("%d (%d/%d)\r", c, chars_allowed, alt_allowed);
@@ -78,7 +78,7 @@ BOOL torture_utable(int dummy)
}
printf("%d (%d/%d)\n", c, chars_allowed, alt_allowed);
- cli_rmdir(cli, "\\utable");
+ cli_rmdir(&cli, "\\utable");
d_printf("%d chars allowed %d alt chars allowed\n", chars_allowed, alt_allowed);
@@ -115,7 +115,7 @@ static char *form_name(int c)
BOOL torture_casetable(int dummy)
{
- static struct cli_state *cli;
+ static struct cli_state cli;
char *fname;
int fnum;
int c, i;
@@ -129,35 +129,28 @@ BOOL torture_casetable(int dummy)
memset(equiv, 0, sizeof(equiv));
- cli_unlink(cli, "\\utable\\*");
- cli_rmdir(cli, "\\utable");
- if (!cli_mkdir(cli, "\\utable")) {
- printf("Failed to create utable directory!\n");
- return False;
- }
+ cli_mkdir(&cli, "\\utable");
+ cli_unlink(&cli, "\\utable\\*");
for (c=1; c < 0x10000; c++) {
size_t size;
if (c == '.' || c == '\\') continue;
- printf("%04x (%c)\n", c, isprint(c)?c:'.');
+ printf("%04x\n", c);
fname = form_name(c);
- fnum = cli_nt_create_full(cli, fname, 0,
+ fnum = cli_nt_create_full(&cli, fname,
GENERIC_ALL_ACCESS,
FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_NONE,
- FILE_OPEN_IF, 0, 0);
+ FILE_OPEN_IF, 0);
- if (fnum == -1) {
- printf("Failed to create file with char %04x\n", c);
- continue;
- }
+ if (fnum == -1) continue;
size = 0;
- if (!cli_qfileinfo(cli, fnum, NULL, &size,
+ if (!cli_qfileinfo(&cli, fnum, NULL, &size,
NULL, NULL, NULL, NULL, NULL)) continue;
if (size > 0) {
@@ -167,11 +160,11 @@ BOOL torture_casetable(int dummy)
if (size/sizeof(int) >= MAX_EQUIVALENCE) {
printf("too many chars match?? size=%d c=0x%04x\n",
size, c);
- cli_close(cli, fnum);
+ cli_close(&cli, fnum);
return False;
}
- cli_read(cli, fnum, (char *)c2, 0, size);
+ cli_read(&cli, fnum, (char *)c2, 0, size);
printf("%04x: ", c);
equiv[c][0] = c;
for (i=0; i<size/sizeof(int); i++) {
@@ -182,12 +175,12 @@ BOOL torture_casetable(int dummy)
fflush(stdout);
}
- cli_write(cli, fnum, 0, (char *)&c, size, sizeof(c));
- cli_close(cli, fnum);
+ cli_write(&cli, fnum, 0, (char *)&c, size, sizeof(c));
+ cli_close(&cli, fnum);
}
- cli_unlink(cli, "\\utable\\*");
- cli_rmdir(cli, "\\utable");
+ cli_unlink(&cli, "\\utable\\*");
+ cli_rmdir(&cli, "\\utable");
return True;
}
diff --git a/source3/utils/editreg.c b/source3/utils/editreg.c
deleted file mode 100644
index 6b3b4516bb..0000000000
--- a/source3/utils/editreg.c
+++ /dev/null
@@ -1,2056 +0,0 @@
-/*
- Samba Unix/Linux SMB client utility editreg.c
- Copyright (C) 2002 Richard Sharpe, rsharpe@richardsharpe.com
- Copyright (C) 2003 Jelmer Vernooij (conversion to popt)
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
-
-/*************************************************************************
-
- A utility to edit a Windows NT/2K etc registry file.
-
- Many of the ideas in here come from other people and software.
- I first looked in Wine in misc/registry.c and was also influenced by
- http://www.wednesday.demon.co.uk/dosreg.html
-
- Which seems to contain comments from someone else. I reproduce them here
- incase the site above disappears. It actually comes from
- http://home.eunet.no/~pnordahl/ntpasswd/WinReg.txt.
-
- The goal here is to read the registry into memory, manipulate it, and then
- write it out if it was changed by any actions of the user.
-
-The windows NT registry has 2 different blocks, where one can occur many
-times...
-
-the "regf"-Block
-================
-
-"regf" is obviosly the abbreviation for "Registry file". "regf" is the
-signature of the header-block which is always 4kb in size, although only
-the first 64 bytes seem to be used and a checksum is calculated over
-the first 0x200 bytes only!
-
-Offset Size Contents
-0x00000000 D-Word ID: ASCII-"regf" = 0x66676572
-0x00000004 D-Word ???? //see struct REGF
-0x00000008 D-Word ???? Always the same value as at 0x00000004
-0x0000000C Q-Word last modify date in WinNT date-format
-0x00000014 D-Word 1
-0x00000018 D-Word 3
-0x0000001C D-Word 0
-0x00000020 D-Word 1
-0x00000024 D-Word Offset of 1st key record
-0x00000028 D-Word Size of the data-blocks (Filesize-4kb)
-0x0000002C D-Word 1
-0x000001FC D-Word Sum of all D-Words from 0x00000000 to
-0x000001FB //XOR of all words. Nigel
-
-I have analyzed more registry files (from multiple machines running
-NT 4.0 german version) and could not find an explanation for the values
-marked with ???? the rest of the first 4kb page is not important...
-
-the "hbin"-Block
-================
-I don't know what "hbin" stands for, but this block is always a multiple
-of 4kb in size.
-
-Inside these hbin-blocks the different records are placed. The memory-
-management looks like a C-compiler heap management to me...
-
-hbin-Header
-===========
-Offset Size Contents
-0x0000 D-Word ID: ASCII-"hbin" = 0x6E696268
-0x0004 D-Word Offset from the 1st hbin-Block
-0x0008 D-Word Offset to the next hbin-Block
-0x001C D-Word Block-size
-
-The values in 0x0008 and 0x001C should be the same, so I don't know
-if they are correct or swapped...
-
-From offset 0x0020 inside a hbin-block data is stored with the following
-format:
-
-Offset Size Contents
-0x0000 D-Word Data-block size //this size must be a
-multiple of 8. Nigel
-0x0004 ???? Data
-
-If the size field is negative (bit 31 set), the corresponding block
-is free and has a size of -blocksize!
-
-That does not seem to be true. All block lengths seem to be negative! (Richard Sharpe)
-
-The data is stored as one record per block. Block size is a multiple
-of 4 and the last block reaches the next hbin-block, leaving no room.
-
-Records in the hbin-blocks
-==========================
-
-nk-Record
-
- The nk-record can be treated as a kombination of tree-record and
- key-record of the win 95 registry.
-
-lf-Record
-
- The lf-record is the counterpart to the RGKN-record (the
- hash-function)
-
-vk-Record
-
- The vk-record consists information to a single value.
-
-sk-Record
-
- sk (? Security Key ?) is the ACL of the registry.
-
-Value-Lists
-
- The value-lists contain information about which values are inside a
- sub-key and don't have a header.
-
-Datas
-
- The datas of the registry are (like the value-list) stored without a
- header.
-
-All offset-values are relative to the first hbin-block and point to the
-block-size field of the record-entry. to get the file offset, you have to add
-the header size (4kb) and the size field (4 bytes)...
-
-the nk-Record
-=============
-Offset Size Contents
-0x0000 Word ID: ASCII-"nk" = 0x6B6E
-0x0002 Word for the root-key: 0x2C, otherwise 0x20 //key symbolic links 0x10. Nigel
-0x0004 Q-Word write-date/time in windows nt notation
-0x0010 D-Word Offset of Owner/Parent key
-0x0014 D-Word number of sub-Keys
-0x001C D-Word Offset of the sub-key lf-Records
-0x0024 D-Word number of values
-0x0028 D-Word Offset of the Value-List
-0x002C D-Word Offset of the sk-Record
-
-0x0030 D-Word Offset of the Class-Name //see NK structure for the use of these fields. Nigel
-0x0044 D-Word Unused (data-trash) //some kind of run time index. Does not appear to be important. Nigel
-0x0048 Word name-length
-0x004A Word class-name length
-0x004C ???? key-name
-
-the Value-List
-==============
-Offset Size Contents
-0x0000 D-Word Offset 1st Value
-0x0004 D-Word Offset 2nd Value
-0x???? D-Word Offset nth Value
-
-To determine the number of values, you have to look at the owner-nk-record!
-
-Der vk-Record
-=============
-Offset Size Contents
-0x0000 Word ID: ASCII-"vk" = 0x6B76
-0x0002 Word name length
-0x0004 D-Word length of the data //if top bit is set when offset contains data. Nigel
-0x0008 D-Word Offset of Data
-0x000C D-Word Type of value
-0x0010 Word Flag
-0x0012 Word Unused (data-trash)
-0x0014 ???? Name
-
-If bit 0 of the flag-word is set, a name is present, otherwise the value has no name (=default)
-
-If the data-size is lower 5, the data-offset value is used to store the data itself!
-
-The data-types
-==============
-Wert Beteutung
-0x0001 RegSZ: character string (in UNICODE!)
-0x0002 ExpandSZ: string with "%var%" expanding (UNICODE!)
-0x0003 RegBin: raw-binary value
-0x0004 RegDWord: Dword
-0x0007 RegMultiSZ: multiple strings, seperated with 0
- (UNICODE!)
-
-The "lf"-record
-===============
-Offset Size Contents
-0x0000 Word ID: ASCII-"lf" = 0x666C
-0x0002 Word number of keys
-0x0004 ???? Hash-Records
-
-Hash-Record
-===========
-Offset Size Contents
-0x0000 D-Word Offset of corresponding "nk"-Record
-0x0004 D-Word ASCII: the first 4 characters of the key-name, padded with 0's. Case sensitiv!
-
-Keep in mind, that the value at 0x0004 is used for checking the data-consistency! If you change the
-key-name you have to change the hash-value too!
-
-//These hashrecords must be sorted low to high within the lf record. Nigel.
-
-The "sk"-block
-==============
-(due to the complexity of the SAM-info, not clear jet)
-(This is just a security descriptor in the data. R Sharpe.)
-
-
-Offset Size Contents
-0x0000 Word ID: ASCII-"sk" = 0x6B73
-0x0002 Word Unused
-0x0004 D-Word Offset of previous "sk"-Record
-0x0008 D-Word Offset of next "sk"-Record
-0x000C D-Word usage-counter
-0x0010 D-Word Size of "sk"-record in bytes
-???? //standard self
-relative security desciptor. Nigel
-???? ???? Security and auditing settings...
-????
-
-The usage counter counts the number of references to this
-"sk"-record. You can use one "sk"-record for the entire registry!
-
-Windows nt date/time format
-===========================
-The time-format is a 64-bit integer which is incremented every
-0,0000001 seconds by 1 (I don't know how accurate it realy is!)
-It starts with 0 at the 1st of january 1601 0:00! All values are
-stored in GMT time! The time-zone is important to get the real
-time!
-
-Common values for win95 and win-nt
-==================================
-Offset values marking an "end of list", are either 0 or -1 (0xFFFFFFFF).
-If a value has no name (length=0, flag(bit 0)=0), it is treated as the
-"Default" entry...
-If a value has no data (length=0), it is displayed as empty.
-
-simplyfied win-3.?? registry:
-=============================
-
-+-----------+
-| next rec. |---+ +----->+------------+
-| first sub | | | | Usage cnt. |
-| name | | +-->+------------+ | | length |
-| value | | | | next rec. | | | text |------->+-------+
-+-----------+ | | | name rec. |--+ +------------+ | xxxxx |
- +------------+ | | value rec. |-------->+------------+ +-------+
- v | +------------+ | Usage cnt. |
-+-----------+ | | length |
-| next rec. | | | text |------->+-------+
-| first sub |------+ +------------+ | xxxxx |
-| name | +-------+
-| value |
-+-----------+
-
-Greatly simplyfied structure of the nt-registry:
-================================================
-
-+---------------------------------------------------------------+
-| |
-v |
-+---------+ +---------->+-----------+ +----->+---------+ |
-| "nk" | | | lf-rec. | | | nk-rec. | |
-| ID | | | # of keys | | | parent |---+
-| Date | | | 1st key |--+ | .... |
-| parent | | +-----------+ +---------+
-| suk-keys|-----+
-| values |--------------------->+----------+
-| SK-rec. |---------------+ | 1. value |--> +----------+
-| class |--+ | +----------+ | vk-rec. |
-+---------+ | | | .... |
- v | | data |--> +-------+
- +------------+ | +----------+ | xxxxx |
- | Class name | | +-------+
- +------------+ |
- v
- +---------+ +---------+
- +----->| next sk |--->| Next sk |--+
- | +---| prev sk |<---| prev sk | |
- | | | .... | | ... | |
- | | +---------+ +---------+ |
- | | ^ |
- | | | |
- | +--------------------+ |
- +----------------------------------+
-
----------------------------------------------------------------------------
-
-Hope this helps.... (Although it was "fun" for me to uncover this things,
- it took me several sleepless nights ;)
-
- B.D.
-
-*************************************************************************/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <errno.h>
-#include <assert.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <unistd.h>
-#include <sys/mman.h>
-#include <string.h>
-#include <fcntl.h>
-#include "popt.h"
-
-static int verbose = 0;
-
-/*
- * These definitions are for the in-memory registry structure.
- * It is a tree structure that mimics what you see with tools like regedit
- */
-
-/*
- * DateTime struct for Windows
- */
-
-typedef struct date_time_s {
- unsigned int low, high;
-} NTTIME;
-
-/*
- * Definition of a Key. It has a name, classname, date/time last modified,
- * sub-keys, values, and a security descriptor
- */
-
-#define REG_ROOT_KEY 1
-#define REG_SUB_KEY 2
-#define REG_SYM_LINK 3
-
-typedef struct reg_key_s {
- char *name; /* Name of the key */
- char *class_name;
- int type; /* One of REG_ROOT_KEY or REG_SUB_KEY */
- NTTIME last_mod; /* Time last modified */
- struct reg_key_s *owner;
- struct key_list_s *sub_keys;
- struct val_list_s *values;
- struct key_sec_desc_s *security;
-} REG_KEY;
-
-/*
- * The KEY_LIST struct lists sub-keys.
- */
-
-typedef struct key_list_s {
- int key_count;
- REG_KEY *keys[1];
-} KEY_LIST;
-
-typedef struct val_key_s {
- char *name;
- int has_name;
- int data_type;
- int data_len;
- void *data_blk; /* Might want a separate block */
-} VAL_KEY;
-
-typedef struct val_list_s {
- int val_count;
- VAL_KEY *vals[1];
-} VAL_LIST;
-
-#ifndef MAXSUBAUTHS
-#define MAXSUBAUTHS 15
-#endif
-
-typedef struct dom_sid_s {
- unsigned char ver, auths;
- unsigned char auth[6];
- unsigned int sub_auths[MAXSUBAUTHS];
-} DOM_SID;
-
-typedef struct ace_struct_s {
- unsigned char type, flags;
- unsigned int perms; /* Perhaps a better def is in order */
- DOM_SID *trustee;
-} ACE;
-
-typedef struct acl_struct_s {
- unsigned short rev, refcnt;
- unsigned short num_aces;
- ACE *aces[1];
-} ACL;
-
-typedef struct sec_desc_s {
- unsigned int rev, type;
- DOM_SID *owner, *group;
- ACL *sacl, *dacl;
-} SEC_DESC;
-
-#define SEC_DESC_NON 0
-#define SEC_DESC_RES 1
-#define SEC_DESC_OCU 2
-
-typedef struct key_sec_desc_s {
- struct key_sec_desc_s *prev, *next;
- int ref_cnt;
- int state;
- SEC_DESC *sec_desc;
-} KEY_SEC_DESC;
-
-
-/*
- * An API for accessing/creating/destroying items above
- */
-
-/*
- * Iterate over the keys, depth first, calling a function for each key
- * and indicating if it is terminal or non-terminal and if it has values.
- *
- * In addition, for each value in the list, call a value list function
- */
-
-/*
- * There should eventually be one to deal with security keys as well
- */
-
-typedef int (*key_print_f)(const char *path, char *key_name, char *class_name,
- int root, int terminal, int values);
-
-typedef int (*val_print_f)(const char *path, char *val_name, int val_type,
- int data_len, void *data_blk, int terminal,
- int first, int last);
-
-typedef int (*sec_print_f)(SEC_DESC *sec_desc);
-
-typedef struct regf_struct_s REGF;
-
-int nt_key_iterator(REGF *regf, REG_KEY *key_tree, int bf, const char *path,
- key_print_f key_print, sec_print_f sec_print,
- val_print_f val_print);
-
-int nt_val_list_iterator(REGF *regf, VAL_LIST *val_list, int bf, char *path,
- int terminal, val_print_f val_print)
-{
- int i;
-
- if (!val_list) return 1;
-
- if (!val_print) return 1;
-
- for (i=0; i<val_list->val_count; i++) {
- if (!val_print(path, val_list->vals[i]->name, val_list->vals[i]->data_type,
- val_list->vals[i]->data_len, val_list->vals[i]->data_blk,
- terminal,
- (i == 0),
- (i == val_list->val_count))) {
-
- return 0;
-
- }
- }
-
- return 1;
-}
-
-int nt_key_list_iterator(REGF *regf, KEY_LIST *key_list, int bf,
- const char *path,
- key_print_f key_print, sec_print_f sec_print,
- val_print_f val_print)
-{
- int i;
-
- if (!key_list) return 1;
-
- for (i=0; i< key_list->key_count; i++) {
- if (!nt_key_iterator(regf, key_list->keys[i], bf, path, key_print,
- sec_print, val_print)) {
- return 0;
- }
- }
- return 1;
-}
-
-int nt_key_iterator(REGF *regf, REG_KEY *key_tree, int bf, const char *path,
- key_print_f key_print, sec_print_f sec_print,
- val_print_f val_print)
-{
- int path_len = strlen(path);
- char *new_path;
-
- if (!regf || !key_tree)
- return -1;
-
- /* List the key first, then the values, then the sub-keys */
-
- if (key_print) {
-
- if (!(*key_print)(path, key_tree->name,
- key_tree->class_name,
- (key_tree->type == REG_ROOT_KEY),
- (key_tree->sub_keys == NULL),
- (key_tree->values?(key_tree->values->val_count):0)))
- return 0;
- }
-
- /*
- * If we have a security print routine, call it
- * If the security print routine returns false, stop.
- */
- if (sec_print) {
- if (key_tree->security && !(*sec_print)(key_tree->security->sec_desc))
- return 0;
- }
-
- new_path = (char *)malloc(path_len + 1 + strlen(key_tree->name) + 1);
- if (!new_path) return 0; /* Errors? */
- new_path[0] = '\0';
- strcat(new_path, path);
- strcat(new_path, "\\");
- strcat(new_path, key_tree->name);
-
- /*
- * Now, iterate through the values in the val_list
- */
-
- if (key_tree->values &&
- !nt_val_list_iterator(regf, key_tree->values, bf, new_path,
- (key_tree->values!=NULL),
- val_print)) {
-
- free(new_path);
- return 0;
- }
-
- /*
- * Now, iterate through the keys in the key list
- */
-
- if (key_tree->sub_keys &&
- !nt_key_list_iterator(regf, key_tree->sub_keys, bf, new_path, key_print,
- sec_print, val_print)) {
- free(new_path);
- return 0;
- }
-
- free(new_path);
- return 1;
-}
-
-/* Make, delete keys */
-
-int nt_delete_val_key(VAL_KEY *val_key)
-{
-
- if (val_key) {
- if (val_key->data_blk) free(val_key->data_blk);
- free(val_key);
- };
- return 1;
-}
-
-int nt_delete_val_list(VAL_LIST *vl)
-{
- int i;
-
- if (vl) {
- for (i=0; i<vl->val_count; i++)
- nt_delete_val_key(vl->vals[i]);
- free(vl);
- }
- return 1;
-}
-
-int nt_delete_reg_key(REG_KEY *key);
-int nt_delete_key_list(KEY_LIST *key_list)
-{
- int i;
-
- if (key_list) {
- for (i=0; i<key_list->key_count; i++)
- nt_delete_reg_key(key_list->keys[i]);
- free(key_list);
- }
- return 1;
-}
-
-int nt_delete_sid(DOM_SID *sid)
-{
-
- if (sid) free(sid);
- return 1;
-
-}
-
-int nt_delete_ace(ACE *ace)
-{
-
- if (ace) {
- nt_delete_sid(ace->trustee);
- free(ace);
- }
- return 1;
-
-}
-
-int nt_delete_acl(ACL *acl)
-{
-
- if (acl) {
- int i;
-
- for (i=0; i<acl->num_aces; i++)
- nt_delete_ace(acl->aces[i]);
-
- free(acl);
- }
- return 1;
-}
-
-int nt_delete_sec_desc(SEC_DESC *sec_desc)
-{
-
- if (sec_desc) {
-
- nt_delete_sid(sec_desc->owner);
- nt_delete_sid(sec_desc->group);
- nt_delete_acl(sec_desc->sacl);
- nt_delete_acl(sec_desc->dacl);
- free(sec_desc);
-
- }
- return 1;
-}
-
-int nt_delete_key_sec_desc(KEY_SEC_DESC *key_sec_desc)
-{
-
- if (key_sec_desc) {
- key_sec_desc->ref_cnt--;
- if (key_sec_desc->ref_cnt<=0) {
- /*
- * There should always be a next and prev, even if they point to us
- */
- key_sec_desc->next->prev = key_sec_desc->prev;
- key_sec_desc->prev->next = key_sec_desc->next;
- nt_delete_sec_desc(key_sec_desc->sec_desc);
- }
- }
- return 1;
-}
-
-int nt_delete_reg_key(REG_KEY *key)
-{
-
- if (key) {
- if (key->name) free(key->name);
- if (key->class_name) free(key->class_name);
-
- /*
- * Do not delete the owner ...
- */
-
- if (key->sub_keys) nt_delete_key_list(key->sub_keys);
- if (key->values) nt_delete_val_list(key->values);
- if (key->security) nt_delete_key_sec_desc(key->security);
- free(key);
- }
- return 1;
-}
-
-/*
- * Create/delete key lists and add delete keys to/from a list, count the keys
- */
-
-
-/*
- * Create/delete value lists, add/delete values, count them
- */
-
-
-/*
- * Create/delete security descriptors, add/delete SIDS, count SIDS, etc.
- * We reference count the security descriptors. Any new reference increments
- * the ref count. If we modify an SD, we copy the old one, dec the ref count
- * and make the change. We also want to be able to check for equality so
- * we can reduce the number of SDs in use.
- */
-
-/*
- * Code to parse registry specification from command line or files
- *
- * Format:
- * [cmd:]key:type:value
- *
- * cmd = a|d|c|add|delete|change|as|ds|cs
- *
- */
-
-
-/*
- * Load and unload a registry file.
- *
- * Load, loads it into memory as a tree, while unload sealizes/flattens it
- */
-
-/*
- * Get the starting record for NT Registry file
- */
-
-/* A map of sk offsets in the regf to KEY_SEC_DESCs for quick lookup etc */
-typedef struct sk_map_s {
- int sk_off;
- KEY_SEC_DESC *key_sec_desc;
-} SK_MAP;
-
-/*
- * Where we keep all the regf stuff for one registry.
- * This is the structure that we use to tie the in memory tree etc
- * together. By keeping separate structs, we can operate on different
- * registries at the same time.
- * Currently, the SK_MAP is an array of mapping structure.
- * Since we only need this on input and output, we fill in the structure
- * as we go on input. On output, we know how many SK items we have, so
- * we can allocate the structure as we need to.
- * If you add stuff here that is dynamically allocated, add the
- * appropriate free statements below.
- */
-
-#define REGF_REGTYPE_NONE 0
-#define REGF_REGTYPE_NT 1
-#define REGF_REGTYPE_W9X 2
-
-#define TTTONTTIME(r, t1, t2) (r)->last_mod_time.low = (t1); \
- (r)->last_mod_time.high = (t2);
-
-#define REGF_HDR_BLKSIZ 0x1000
-
-struct regf_struct_s {
- int reg_type;
- char *regfile_name, *outfile_name;
- int fd;
- struct stat sbuf;
- char *base;
- int modified;
- NTTIME last_mod_time;
- REG_KEY *root; /* Root of the tree for this file */
- int sk_count, sk_map_size;
- SK_MAP *sk_map;
-};
-
-/*
- * Structures for dealing with the on-disk format of the registry
- */
-
-#define IVAL(buf) ((unsigned int) \
- (unsigned int)*((unsigned char *)(buf)+3)<<24| \
- (unsigned int)*((unsigned char *)(buf)+2)<<16| \
- (unsigned int)*((unsigned char *)(buf)+1)<<8| \
- (unsigned int)*((unsigned char *)(buf)+0))
-
-#define SVAL(buf) ((unsigned short) \
- (unsigned short)*((unsigned char *)(buf)+1)<<8| \
- (unsigned short)*((unsigned char *)(buf)+0))
-
-#define CVAL(buf) ((unsigned char)*((unsigned char *)(buf)))
-
-#define OFF(f) ((f) + REGF_HDR_BLKSIZ + 4)
-#define LOCN(base, f) ((base) + OFF(f))
-
-/*
- * All of the structures below actually have a four-byte lenght before them
- * which always seems to be negative. The following macro retrieves that
- * size as an integer
- */
-
-#define BLK_SIZE(b) ((int)*(int *)(((int *)b)-1))
-
-typedef unsigned int DWORD;
-typedef unsigned short WORD;
-
-#define REG_REGF_ID 0x66676572
-
-typedef struct regf_block {
- DWORD REGF_ID; /* regf */
- DWORD uk1;
- DWORD uk2;
- DWORD tim1, tim2;
- DWORD uk3; /* 1 */
- DWORD uk4; /* 3 */
- DWORD uk5; /* 0 */
- DWORD uk6; /* 1 */
- DWORD first_key; /* offset */
- unsigned int dblk_size;
- DWORD uk7[116]; /* 1 */
- DWORD chksum;
-} REGF_HDR;
-
-typedef struct hbin_sub_struct {
- DWORD dblocksize;
- char data[1];
-} HBIN_SUB_HDR;
-
-#define REG_HBIN_ID 0x6E696268
-
-typedef struct hbin_struct {
- DWORD HBIN_ID; /* hbin */
- DWORD next_off;
- DWORD prev_off;
- DWORD uk1;
- DWORD uk2;
- DWORD uk3;
- DWORD uk4;
- DWORD blk_size;
- HBIN_SUB_HDR hbin_sub_hdr;
-} HBIN_HDR;
-
-#define REG_NK_ID 0x6B6E
-
-typedef struct nk_struct {
- WORD NK_ID;
- WORD type;
- DWORD t1, t2;
- DWORD uk1;
- DWORD own_off;
- DWORD subk_num;
- DWORD uk2;
- DWORD lf_off;
- DWORD uk3;
- DWORD val_cnt;
- DWORD val_off;
- DWORD sk_off;
- DWORD clsnam_off;
- DWORD unk4[4];
- DWORD unk5;
- WORD nam_len;
- WORD clsnam_len;
- char key_nam[1]; /* Actual length determined by nam_len */
-} NK_HDR;
-
-#define REG_SK_ID 0x6B73
-
-typedef struct sk_struct {
- WORD SK_ID;
- WORD uk1;
- DWORD prev_off;
- DWORD next_off;
- DWORD ref_cnt;
- DWORD rec_size;
- char sec_desc[1];
-} SK_HDR;
-
-typedef struct ace_struct {
- unsigned char type;
- unsigned char flags;
- unsigned short length;
- unsigned int perms;
- DOM_SID trustee;
-} REG_ACE;
-
-typedef struct acl_struct {
- WORD rev;
- WORD size;
- DWORD num_aces;
- REG_ACE *aces; /* One or more ACEs */
-} REG_ACL;
-
-typedef struct sec_desc_rec {
- WORD rev;
- WORD type;
- DWORD owner_off;
- DWORD group_off;
- DWORD sacl_off;
- DWORD dacl_off;
-} REG_SEC_DESC;
-
-typedef struct hash_struct {
- DWORD nk_off;
- char hash[4];
-} HASH_REC;
-
-#define REG_LF_ID 0x666C
-
-typedef struct lf_struct {
- WORD LF_ID;
- WORD key_count;
- struct hash_struct hr[1]; /* Array of hash records, depending on key_count */
-} LF_HDR;
-
-typedef DWORD VL_TYPE[1]; /* Value list is an array of vk rec offsets */
-
-#define REG_VK_ID 0x6B76
-
-typedef struct vk_struct {
- WORD VK_ID;
- WORD nam_len;
- DWORD dat_len; /* If top-bit set, offset contains the data */
- DWORD dat_off;
- DWORD dat_type;
- WORD flag; /* =1, has name, else no name (=Default). */
- WORD unk1;
- char dat_name[1]; /* Name starts here ... */
-} VK_HDR;
-
-#define REG_TYPE_REGSZ 1
-#define REG_TYPE_EXPANDSZ 2
-#define REG_TYPE_BIN 3
-#define REG_TYPE_DWORD 4
-#define REG_TYPE_MULTISZ 7
-
-typedef struct _val_str {
- unsigned int val;
- const char * str;
-} VAL_STR;
-
-const VAL_STR reg_type_names[] = {
- { 1, "REG_SZ" },
- { 2, "REG_EXPAND_SZ" },
- { 3, "REG_BIN" },
- { 4, "REG_DWORD" },
- { 7, "REG_MULTI_SZ" },
- { 0, NULL },
-};
-
-const char *val_to_str(unsigned int val, const VAL_STR *val_array)
-{
- int i = 0;
-
- if (!val_array) return NULL;
-
- while (val_array[i].val && val_array[i].str) {
-
- if (val_array[i].val == val) return val_array[i].str;
- i++;
-
- }
-
- return NULL;
-
-}
-
-/*
- * Convert from UniCode to Ascii ... Does not take into account other lang
- * Restrict by ascii_max if > 0
- */
-int uni_to_ascii(unsigned char *uni, unsigned char *ascii, int ascii_max,
- int uni_max)
-{
- int i = 0;
-
- while (i < ascii_max && !(!uni[i*2] && !uni[i*2+1])) {
- if (uni_max > 0 && (i*2) >= uni_max) break;
- ascii[i] = uni[i*2];
- i++;
-
- }
-
- ascii[i] = '\0';
-
- return i;
-}
-
-/*
- * Convert a data value to a string for display
- */
-int data_to_ascii(unsigned char *datap, int len, int type, char *ascii, int ascii_max)
-{
- unsigned char *asciip;
- int i;
-
- switch (type) {
- case REG_TYPE_REGSZ:
- fprintf(stderr, "Len: %d\n", len);
- return uni_to_ascii(datap, ascii, len, ascii_max);
- break;
-
- case REG_TYPE_EXPANDSZ:
- return uni_to_ascii(datap, ascii, len, ascii_max);
- break;
-
- case REG_TYPE_BIN:
- asciip = ascii;
- for (i=0; (i<len)&&(i+1)*3<ascii_max; i++) {
- int str_rem = ascii_max - ((int)asciip - (int)ascii);
- asciip += snprintf(asciip, str_rem, "%02x", *(unsigned char *)(datap+i));
- if (i < len && str_rem > 0)
- *asciip = ' '; asciip++;
- }
- *asciip = '\0';
- return ((int)asciip - (int)ascii);
- break;
-
- case REG_TYPE_DWORD:
- if (*(int *)datap == 0)
- return snprintf(ascii, ascii_max, "0");
- else
- return snprintf(ascii, ascii_max, "0x%x", *(int *)datap);
- break;
-
- case REG_TYPE_MULTISZ:
-
- break;
-
- default:
- return 0;
- break;
- }
-
- return len;
-
-}
-
-REG_KEY *nt_get_key_tree(REGF *regf, NK_HDR *nk_hdr, int size);
-
-int nt_set_regf_input_file(REGF *regf, char *filename)
-{
- return ((regf->regfile_name = strdup(filename)) != NULL);
-}
-
-int nt_set_regf_output_file(REGF *regf, char *filename)
-{
- return ((regf->outfile_name = strdup(filename)) != NULL);
-}
-
-/* Create a regf structure and init it */
-
-REGF *nt_create_regf(void)
-{
- REGF *tmp = (REGF *)malloc(sizeof(REGF));
- if (!tmp) return tmp;
- bzero(tmp, sizeof(REGF));
- return tmp;
-}
-
-/* Free all the bits and pieces ... Assumes regf was malloc'd */
-/* If you add stuff to REGF, add the relevant free bits here */
-int nt_free_regf(REGF *regf)
-{
- if (!regf) return 0;
-
- if (regf->regfile_name) free(regf->regfile_name);
- if (regf->outfile_name) free(regf->outfile_name);
-
- /* Free the mmap'd area */
-
- if (regf->base) munmap(regf->base, regf->sbuf.st_size);
- regf->base = NULL;
- close(regf->fd); /* Ignore the error :-) */
-
- nt_delete_reg_key(regf->root); /* Free the tree */
- free(regf->sk_map);
- regf->sk_count = regf->sk_map_size = 0;
-
- free(regf);
-
- return 1;
-}
-
-/* Get the header of the registry. Return a pointer to the structure
- * If the mmap'd area has not been allocated, then mmap the input file
- */
-REGF_HDR *nt_get_regf_hdr(REGF *regf)
-{
- if (!regf)
- return NULL; /* What about errors */
-
- if (!regf->regfile_name)
- return NULL; /* What about errors */
-
- if (!regf->base) { /* Try to mmap etc the file */
-
- if ((regf->fd = open(regf->regfile_name, O_RDONLY, 0000)) <0) {
- return NULL; /* What about errors? */
- }
-
- if (fstat(regf->fd, &regf->sbuf) < 0) {
- return NULL;
- }
-
- regf->base = mmap(0, regf->sbuf.st_size, PROT_READ, MAP_SHARED, regf->fd, 0);
-
- if ((int)regf->base == 1) {
- fprintf(stderr, "Could not mmap file: %s, %s\n", regf->regfile_name,
- strerror(errno));
- return NULL;
- }
- }
-
- /*
- * At this point, regf->base != NULL, and we should be able to read the
- * header
- */
-
- assert(regf->base != NULL);
-
- return (REGF_HDR *)regf->base;
-}
-
-/*
- * Validate a regf header
- * For now, do nothing, but we should check the checksum
- */
-int valid_regf_hdr(REGF_HDR *regf_hdr)
-{
- if (!regf_hdr) return 0;
-
- return 1;
-}
-
-/*
- * Process an SK header ...
- * Every time we see a new one, add it to the map. Otherwise, just look it up.
- * We will do a simple linear search for the moment, since many KEYs have the
- * same security descriptor.
- * We allocate the map in increments of 10 entries.
- */
-
-/*
- * Create a new entry in the map, and increase the size of the map if needed
- */
-
-SK_MAP *alloc_sk_map_entry(REGF *regf, KEY_SEC_DESC *tmp, int sk_off)
-{
- if (!regf->sk_map) { /* Allocate a block of 10 */
- regf->sk_map = (SK_MAP *)malloc(sizeof(SK_MAP) * 10);
- if (!regf->sk_map) {
- free(tmp);
- return NULL;
- }
- regf->sk_map_size = 10;
- regf->sk_count = 1;
- (regf->sk_map)[0].sk_off = sk_off;
- (regf->sk_map)[0].key_sec_desc = tmp;
- }
- else { /* Simply allocate a new slot, unless we have to expand the list */
- int ndx = regf->sk_count;
- if (regf->sk_count >= regf->sk_map_size) {
- regf->sk_map = (SK_MAP *)realloc(regf->sk_map,
- (regf->sk_map_size + 10)*sizeof(SK_MAP));
- if (!regf->sk_map) {
- free(tmp);
- return NULL;
- }
- /*
- * ndx already points at the first entry of the new block
- */
- regf->sk_map_size += 10;
- }
- (regf->sk_map)[ndx].sk_off = sk_off;
- (regf->sk_map)[ndx].key_sec_desc = tmp;
- regf->sk_count++;
- }
- return regf->sk_map;
-}
-
-/*
- * Search for a KEY_SEC_DESC in the sk_map, but dont create one if not
- * found
- */
-
-KEY_SEC_DESC *lookup_sec_key(SK_MAP *sk_map, int count, int sk_off)
-{
- int i;
-
- if (!sk_map) return NULL;
-
- for (i = 0; i < count; i++) {
-
- if (sk_map[i].sk_off == sk_off)
- return sk_map[i].key_sec_desc;
-
- }
-
- return NULL;
-
-}
-
-/*
- * Allocate a KEY_SEC_DESC if we can't find one in the map
- */
-
-KEY_SEC_DESC *lookup_create_sec_key(REGF *regf, SK_MAP *sk_map, int sk_off)
-{
- KEY_SEC_DESC *tmp = lookup_sec_key(regf->sk_map, regf->sk_count, sk_off);
-
- if (tmp) {
- return tmp;
- }
- else { /* Allocate a new one */
- tmp = (KEY_SEC_DESC *)malloc(sizeof(KEY_SEC_DESC));
- if (!tmp) {
- return NULL;
- }
- tmp->state = SEC_DESC_RES;
- if (!alloc_sk_map_entry(regf, tmp, sk_off)) {
- return NULL;
- }
- return tmp;
- }
-}
-
-/*
- * Allocate storage and duplicate a SID
- * We could allocate the SID to be only the size needed, but I am too lazy.
- */
-DOM_SID *dup_sid(DOM_SID *sid)
-{
- DOM_SID *tmp = (DOM_SID *)malloc(sizeof(DOM_SID));
- int i;
-
- if (!tmp) return NULL;
- tmp->ver = sid->ver;
- tmp->auths = sid->auths;
- for (i=0; i<6; i++) {
- tmp->auth[i] = sid->auth[i];
- }
- for (i=0; i<tmp->auths&&i<MAXSUBAUTHS; i++) {
- tmp->sub_auths[i] = sid->sub_auths[i];
- }
- return tmp;
-}
-
-/*
- * Allocate space for an ACE and duplicate the registry encoded one passed in
- */
-ACE *dup_ace(REG_ACE *ace)
-{
- ACE *tmp = NULL;
-
- tmp = (ACE *)malloc(sizeof(ACE));
-
- if (!tmp) return NULL;
-
- tmp->type = CVAL(&ace->type);
- tmp->flags = CVAL(&ace->flags);
- tmp->perms = IVAL(&ace->perms);
- tmp->trustee = dup_sid(&ace->trustee);
- return tmp;
-}
-
-/*
- * Allocate space for an ACL and duplicate the registry encoded one passed in
- */
-ACL *dup_acl(REG_ACL *acl)
-{
- ACL *tmp = NULL;
- REG_ACE* ace;
- int i, num_aces;
-
- num_aces = IVAL(&acl->num_aces);
-
- tmp = (ACL *)malloc(sizeof(ACL) + (num_aces - 1)*sizeof(ACE *));
- if (!tmp) return NULL;
-
- tmp->num_aces = num_aces;
- tmp->refcnt = 1;
- tmp->rev = SVAL(&acl->rev);
- ace = (REG_ACE *)&acl->aces;
- for (i=0; i<num_aces; i++) {
- tmp->aces[i] = dup_ace(ace);
- ace = (REG_ACE *)((char *)ace + SVAL(&ace->length));
- /* XXX: FIXME, should handle malloc errors */
- }
-
- return tmp;
-}
-
-SEC_DESC *process_sec_desc(REGF *regf, REG_SEC_DESC *sec_desc)
-{
- SEC_DESC *tmp = NULL;
-
- tmp = (SEC_DESC *)malloc(sizeof(SEC_DESC));
-
- if (!tmp) {
- return NULL;
- }
-
- tmp->rev = SVAL(&sec_desc->rev);
- tmp->type = SVAL(&sec_desc->type);
- tmp->owner = dup_sid((DOM_SID *)((char *)sec_desc + IVAL(&sec_desc->owner_off)));
- if (!tmp->owner) {
- free(tmp);
- return NULL;
- }
- tmp->group = dup_sid((DOM_SID *)((char *)sec_desc + IVAL(&sec_desc->group_off)));
- if (!tmp->group) {
- free(tmp);
- return NULL;
- }
-
- /* Now pick up the SACL and DACL */
-
- if (sec_desc->sacl_off)
- tmp->sacl = dup_acl((REG_ACL *)((char *)sec_desc + IVAL(&sec_desc->sacl_off)));
- else
- tmp->sacl = NULL;
-
- if (sec_desc->dacl_off)
- tmp->dacl = dup_acl((REG_ACL *)((char *)sec_desc + IVAL(&sec_desc->dacl_off)));
- else
- tmp->dacl = NULL;
-
- return tmp;
-}
-
-KEY_SEC_DESC *process_sk(REGF *regf, SK_HDR *sk_hdr, int sk_off, int size)
-{
- KEY_SEC_DESC *tmp = NULL;
- int sk_next_off, sk_prev_off, sk_size;
- REG_SEC_DESC *sec_desc;
-
- if (!sk_hdr) return NULL;
-
- if (SVAL(&sk_hdr->SK_ID) != REG_SK_ID) {
- fprintf(stderr, "Unrecognized SK Header ID: %08X, %s\n", (int)sk_hdr,
- regf->regfile_name);
- return NULL;
- }
-
- if (-size < (sk_size = IVAL(&sk_hdr->rec_size))) {
- fprintf(stderr, "Incorrect SK record size: %d vs %d. %s\n",
- -size, sk_size, regf->regfile_name);
- return NULL;
- }
-
- /*
- * Now, we need to look up the SK Record in the map, and return it
- * Since the map contains the SK_OFF mapped to KEY_SEC_DESC, we can
- * use that
- */
-
- if (regf->sk_map &&
- ((tmp = lookup_sec_key(regf->sk_map, regf->sk_count, sk_off)) != NULL)
- && (tmp->state == SEC_DESC_OCU)) {
- tmp->ref_cnt++;
- return tmp;
- }
-
- /* Here, we have an item in the map that has been reserved, or tmp==NULL. */
-
- assert(tmp == NULL || (tmp && tmp->state != SEC_DESC_NON));
-
- /*
- * Now, allocate a KEY_SEC_DESC, and parse the structure here, and add the
- * new KEY_SEC_DESC to the mapping structure, since the offset supplied is
- * the actual offset of structure. The same offset will be used by all
- * all future references to this structure
- * We chould put all this unpleasantness in a function.
- */
-
- if (!tmp) {
- tmp = (KEY_SEC_DESC *)malloc(sizeof(KEY_SEC_DESC));
- if (!tmp) return NULL;
- bzero(tmp, sizeof(KEY_SEC_DESC));
-
- /*
- * Allocate an entry in the SK_MAP ...
- * We don't need to free tmp, because that is done for us if the
- * sm_map entry can't be expanded when we need more space in the map.
- */
-
- if (!alloc_sk_map_entry(regf, tmp, sk_off)) {
- return NULL;
- }
- }
-
- tmp->ref_cnt++;
- tmp->state = SEC_DESC_OCU;
-
- /*
- * Now, process the actual sec desc and plug the values in
- */
-
- sec_desc = (REG_SEC_DESC *)&sk_hdr->sec_desc[0];
- tmp->sec_desc = process_sec_desc(regf, sec_desc);
-
- /*
- * Now forward and back links. Here we allocate an entry in the sk_map
- * if it does not exist, and mark it reserved
- */
-
- sk_prev_off = IVAL(&sk_hdr->prev_off);
- tmp->prev = lookup_create_sec_key(regf, regf->sk_map, sk_prev_off);
- assert(tmp->prev != NULL);
- sk_next_off = IVAL(&sk_hdr->next_off);
- tmp->next = lookup_create_sec_key(regf, regf->sk_map, sk_next_off);
- assert(tmp->next != NULL);
-
- return tmp;
-}
-
-/*
- * Process a VK header and return a value
- */
-VAL_KEY *process_vk(REGF *regf, VK_HDR *vk_hdr, int size)
-{
- char val_name[1024];
- int nam_len, dat_len, flag, dat_type, dat_off, vk_id;
- const char *val_type;
- VAL_KEY *tmp = NULL;
-
- if (!vk_hdr) return NULL;
-
- if ((vk_id = SVAL(&vk_hdr->VK_ID)) != REG_VK_ID) {
- fprintf(stderr, "Unrecognized VK header ID: %0X, block: %0X, %s\n",
- vk_id, (int)vk_hdr, regf->regfile_name);
- return NULL;
- }
-
- nam_len = SVAL(&vk_hdr->nam_len);
- val_name[nam_len] = '\0';
- flag = SVAL(&vk_hdr->flag);
- dat_type = IVAL(&vk_hdr->dat_type);
- dat_len = IVAL(&vk_hdr->dat_len); /* If top bit, offset contains data */
- dat_off = IVAL(&vk_hdr->dat_off);
-
- tmp = (VAL_KEY *)malloc(sizeof(VAL_KEY));
- if (!tmp) {
- goto error;
- }
- bzero(tmp, sizeof(VAL_KEY));
- tmp->has_name = flag;
- tmp->data_type = dat_type;
-
- if (flag & 0x01) {
- strncpy(val_name, vk_hdr->dat_name, nam_len);
- tmp->name = strdup(val_name);
- if (!tmp->name) {
- goto error;
- }
- }
- else
- strncpy(val_name, "<No Name>", 10);
-
- /*
- * Allocate space and copy the data as a BLOB
- */
-
- if (dat_len) {
-
- char *dtmp = (char *)malloc(dat_len&0x7FFFFFFF);
-
- if (!dtmp) {
- goto error;
- }
-
- tmp->data_blk = dtmp;
-
- if ((dat_len&0x80000000) == 0) { /* The data is pointed to by the offset */
- char *dat_ptr = LOCN(regf->base, dat_off);
- bcopy(dat_ptr, dtmp, dat_len);
- }
- else { /* The data is in the offset */
- dat_len = dat_len & 0x7FFFFFFF;
- bcopy(&dat_off, dtmp, dat_len);
- }
-
- tmp->data_len = dat_len;
- }
-
- val_type = val_to_str(dat_type, reg_type_names);
-
- /*
- * We need to save the data area as well
- */
-
- if (verbose) fprintf(stdout, " %s : %s : \n", val_name, val_type);
-
- return tmp;
-
- error:
- /* XXX: FIXME, free the partially allocated struct */
- return NULL;
-
-}
-
-/*
- * Process a VL Header and return a list of values
- */
-VAL_LIST *process_vl(REGF *regf, VL_TYPE vl, int count, int size)
-{
- int i, vk_off;
- VK_HDR *vk_hdr;
- VAL_LIST *tmp = NULL;
-
- if (!vl) return NULL;
-
- if (-size < (count+1)*sizeof(int)){
- fprintf(stderr, "Error in VL header format. Size less than space required. %d\n", -size);
- return NULL;
- }
-
- tmp = (VAL_LIST *)malloc(sizeof(VAL_LIST) + (count - 1) * sizeof(VAL_KEY *));
- if (!tmp) {
- goto error;
- }
-
- for (i=0; i<count; i++) {
- vk_off = IVAL(&vl[i]);
- vk_hdr = (VK_HDR *)LOCN(regf->base, vk_off);
- tmp->vals[i] = process_vk(regf, vk_hdr, BLK_SIZE(vk_hdr));
- if (!tmp->vals[i]){
- goto error;
- }
- }
-
- tmp->val_count = count;
-
- return tmp;
-
- error:
- /* XXX: FIXME, free the partially allocated structure */
- return NULL;
-}
-
-/*
- * Process an LF Header and return a list of sub-keys
- */
-KEY_LIST *process_lf(REGF *regf, LF_HDR *lf_hdr, int size)
-{
- int count, i, nk_off;
- unsigned int lf_id;
- KEY_LIST *tmp;
-
- if (!lf_hdr) return NULL;
-
- if ((lf_id = SVAL(&lf_hdr->LF_ID)) != REG_LF_ID) {
- fprintf(stderr, "Unrecognized LF Header format: %0X, Block: %0X, %s.\n",
- lf_id, (int)lf_hdr, regf->regfile_name);
- return NULL;
- }
-
- assert(size < 0);
-
- count = SVAL(&lf_hdr->key_count);
-
- if (count <= 0) return NULL;
-
- /* Now, we should allocate a KEY_LIST struct and fill it in ... */
-
- tmp = (KEY_LIST *)malloc(sizeof(KEY_LIST) + (count - 1) * sizeof(REG_KEY *));
- if (!tmp) {
- goto error;
- }
-
- tmp->key_count = count;
-
- for (i=0; i<count; i++) {
- NK_HDR *nk_hdr;
-
- nk_off = IVAL(&lf_hdr->hr[i].nk_off);
- nk_hdr = (NK_HDR *)LOCN(regf->base, nk_off);
- tmp->keys[i] = nt_get_key_tree(regf, nk_hdr, BLK_SIZE(nk_hdr));
- if (!tmp->keys[i]) {
- goto error;
- }
- }
-
- return tmp;
-
- error:
- /* XXX: FIXME, free the partially allocated structure */
- return NULL;
-}
-
-/*
- * This routine is passed a NK_HDR pointer and retrieves the entire tree
- * from there down. It return a REG_KEY *.
- */
-REG_KEY *nt_get_key_tree(REGF *regf, NK_HDR *nk_hdr, int size)
-{
- REG_KEY *tmp = NULL;
- int name_len, clsname_len, lf_off, val_off, val_count, sk_off;
- unsigned int nk_id;
- LF_HDR *lf_hdr;
- VL_TYPE *vl;
- SK_HDR *sk_hdr;
- char key_name[1024], cls_name[1024];
-
- if (!nk_hdr) return NULL;
-
- if ((nk_id = SVAL(&nk_hdr->NK_ID)) != REG_NK_ID) {
- fprintf(stderr, "Unrecognized NK Header format: %08X, Block: %0X. %s\n",
- nk_id, (int)nk_hdr, regf->regfile_name);
- return NULL;
- }
-
- assert(size < 0);
-
- name_len = SVAL(&nk_hdr->nam_len);
- clsname_len = SVAL(&nk_hdr->clsnam_len);
-
- /*
- * The value of -size should be ge
- * (sizeof(NK_HDR) - 1 + name_len)
- * The -1 accounts for the fact that we included the first byte of
- * the name in the structure. clsname_len is the length of the thing
- * pointed to by clsnam_off
- */
-
- if (-size < (sizeof(NK_HDR) - 1 + name_len)) {
- fprintf(stderr, "Incorrect NK_HDR size: %d, %0X\n", -size, (int)nk_hdr);
- fprintf(stderr, "Sizeof NK_HDR: %d, name_len %d, clsname_len %d\n",
- sizeof(NK_HDR), name_len, clsname_len);
- /*return NULL;*/
- }
-
- if (verbose) fprintf(stdout, "NK HDR: Name len: %d, class name len: %d\n",
- name_len, clsname_len);
-
- /* Fish out the key name and process the LF list */
-
- assert(name_len < sizeof(key_name));
-
- /* Allocate the key struct now */
- tmp = (REG_KEY *)malloc(sizeof(REG_KEY));
- if (!tmp) return tmp;
- bzero(tmp, sizeof(REG_KEY));
-
- tmp->type = (SVAL(&nk_hdr->type)==0x2C?REG_ROOT_KEY:REG_SUB_KEY);
-
- strncpy(key_name, nk_hdr->key_nam, name_len);
- key_name[name_len] = '\0';
-
- if (verbose) fprintf(stdout, "Key name: %s\n", key_name);
-
- tmp->name = strdup(key_name);
- if (!tmp->name) {
- goto error;
- }
-
- /*
- * Fish out the class name, it is in UNICODE, while the key name is
- * ASCII :-)
- */
-
- if (clsname_len) { /* Just print in Ascii for now */
- char *clsnamep;
- int clsnam_off;
-
- clsnam_off = IVAL(&nk_hdr->clsnam_off);
- clsnamep = LOCN(regf->base, clsnam_off);
-
- bzero(cls_name, clsname_len);
- uni_to_ascii(clsnamep, cls_name, sizeof(cls_name), clsname_len);
-
- /*
- * I am keeping class name as an ascii string for the moment.
- * That means it needs to be converted on output.
- * XXX: FIXME
- */
-
- tmp->class_name = strdup(cls_name);
- if (!tmp->class_name) {
- goto error;
- }
-
- if (verbose) fprintf(stdout, " Class Name: %s\n", cls_name);
-
- }
-
- /*
- * If there are any values, process them here
- */
-
- val_count = IVAL(&nk_hdr->val_cnt);
-
- if (val_count) {
-
- val_off = IVAL(&nk_hdr->val_off);
- vl = (VL_TYPE *)LOCN(regf->base, val_off);
-
- tmp->values = process_vl(regf, *vl, val_count, BLK_SIZE(vl));
- if (!tmp->values) {
- goto error;
- }
-
- }
-
- /*
- * Also handle the SK header ...
- */
-
- sk_off = IVAL(&nk_hdr->sk_off);
- sk_hdr = (SK_HDR *)LOCN(regf->base, sk_off);
-
- if (sk_off != -1) {
-
- tmp->security = process_sk(regf, sk_hdr, sk_off, BLK_SIZE(sk_hdr));
-
- }
-
- lf_off = IVAL(&nk_hdr->lf_off);
-
- /*
- * No more subkeys if lf_off == -1
- */
-
- if (lf_off != -1) {
-
- lf_hdr = (LF_HDR *)LOCN(regf->base, lf_off);
-
- tmp->sub_keys = process_lf(regf, lf_hdr, BLK_SIZE(lf_hdr));
- if (!tmp->sub_keys){
- goto error;
- }
-
- }
-
- return tmp;
-
- error:
- if (tmp) nt_delete_reg_key(tmp);
- return NULL;
-}
-
-int nt_load_registry(REGF *regf)
-{
- REGF_HDR *regf_hdr;
- unsigned int regf_id, hbin_id;
- HBIN_HDR *hbin_hdr;
- NK_HDR *first_key;
-
- /* Get the header */
-
- if ((regf_hdr = nt_get_regf_hdr(regf)) == NULL) {
- return -1;
- }
-
- /* Now process that header and start to read the rest in */
-
- if ((regf_id = IVAL(&regf_hdr->REGF_ID)) != REG_REGF_ID) {
- fprintf(stderr, "Unrecognized NT registry header id: %0X, %s\n",
- regf_id, regf->regfile_name);
- return -1;
- }
-
- /*
- * Validate the header ...
- */
- if (!valid_regf_hdr(regf_hdr)) {
- fprintf(stderr, "Registry file header does not validate: %s\n",
- regf->regfile_name);
- return -1;
- }
-
- /* Update the last mod date, and then go get the first NK record and on */
-
- TTTONTTIME(regf, IVAL(&regf_hdr->tim1), IVAL(&regf_hdr->tim2));
-
- /*
- * The hbin hdr seems to be just uninteresting garbage. Check that
- * it is there, but that is all.
- */
-
- hbin_hdr = (HBIN_HDR *)(regf->base + REGF_HDR_BLKSIZ);
-
- if ((hbin_id = IVAL(&hbin_hdr->HBIN_ID)) != REG_HBIN_ID) {
- fprintf(stderr, "Unrecognized registry hbin hdr ID: %0X, %s\n",
- hbin_id, regf->regfile_name);
- return -1;
- }
-
- /*
- * Get a pointer to the first key from the hreg_hdr
- */
-
- first_key = (NK_HDR *)LOCN(regf->base, IVAL(&regf_hdr->first_key));
-
- /*
- * Now, get the registry tree by processing that NK recursively
- */
-
- regf->root = nt_get_key_tree(regf, first_key, BLK_SIZE(first_key));
-
- assert(regf->root != NULL);
-
- return 1;
-}
-
-/*
- * Routines to parse a REGEDIT4 file
- *
- * The file consists of:
- *
- * REGEDIT4
- * \[[-]key-path\]\n
- * <value-spec>*
- *
- * There can be more than one key-path and value-spec.
- *
- * Since we want to support more than one type of file format, we
- * construct a command-file structure that keeps info about the command file
- */
-
-#define FMT_UNREC -1
-#define FMT_REGEDIT4 0
-#define FMT_EDITREG1_1 1
-
-typedef struct command_s {
- int cmd;
- char *key;
- void *val_spec_list;
-} CMD;
-
-/*
- * We seek to offset 0, read in the required number of bytes,
- * and compare to the correct value.
- * We then seek back to the original location
- */
-int regedit4_file_type(int fd)
-{
- int cur_ofs = 0;
-
- cur_ofs = lseek(fd, 0, SEEK_CUR); /* Get current offset */
- if (cur_ofs < 0) {
- fprintf(stderr, "Unable to get current offset: %s\n", strerror(errno));
- exit(1);
- }
-
- if (cur_ofs) {
- lseek(fd, 0, SEEK_SET);
- }
-
- return FMT_UNREC;
-}
-
-CMD *regedit4_get_cmd(int fd)
-{
- return NULL;
-}
-
-int regedit4_exec_cmd(CMD *cmd)
-{
-
- return 0;
-}
-
-int editreg_1_1_file_type(int fd)
-{
-
- return FMT_UNREC;
-}
-
-CMD *editreg_1_1_get_cmd(int fd)
-{
- return NULL;
-}
-
-int editreg_1_1_exec_cmd(CMD *cmd)
-{
-
- return -1;
-}
-
-typedef struct command_ops_s {
- int type;
- int (*file_type)(int fd);
- CMD *(*get_cmd)(int fd);
- int (*exec_cmd)(CMD *cmd);
-} CMD_OPS;
-
-CMD_OPS default_cmd_ops[] = {
- {0, regedit4_file_type, regedit4_get_cmd, regedit4_exec_cmd},
- {1, editreg_1_1_file_type, editreg_1_1_get_cmd, editreg_1_1_exec_cmd},
- {-1, NULL, NULL, NULL}
-};
-
-typedef struct command_file_s {
- char *name;
- int type, fd;
- CMD_OPS cmd_ops;
-} CMD_FILE;
-
-/*
- * Create a new command file structure
- */
-
-CMD_FILE *cmd_file_create(char *file)
-{
- CMD_FILE *tmp;
- struct stat sbuf;
- int i = 0;
-
- /*
- * Let's check if the file exists ...
- * No use creating the cmd_file structure if the file does not exist
- */
-
- if (stat(file, &sbuf) < 0) { /* Not able to access file */
-
- return NULL;
- }
-
- tmp = (CMD_FILE *)malloc(sizeof(CMD_FILE));
- if (!tmp) {
- return NULL;
- }
-
- /*
- * Let's fill in some of the fields;
- */
-
- tmp->name = strdup(file);
-
- if ((tmp->fd = open(file, O_RDONLY, 666)) < 0) {
- free(tmp);
- return NULL;
- }
-
- /*
- * Now, try to find the format by indexing through the table
- */
- while (default_cmd_ops[i].type != -1) {
- if ((tmp->type = default_cmd_ops[i].file_type(tmp->fd)) >= 0) {
- tmp->cmd_ops = default_cmd_ops[i];
- return tmp;
- }
- i++;
- }
-
- /*
- * If we got here, return NULL, as we could not figure out the type
- * of command file.
- *
- * What about errors?
- */
-
- free(tmp);
- return NULL;
-}
-
-/*
- * Extract commands from the command file, and execute them.
- * We pass a table of command callbacks for that
- */
-
-/*
- * Main code from here on ...
- */
-
-/*
- * key print function here ...
- */
-
-int print_key(const char *path, char *name, char *class_name, int root,
- int terminal, int vals)
-{
-
- if (terminal) fprintf(stdout, "%s\\%s\n", path, name);
-
- return 1;
-}
-
-/*
- * Sec Desc print functions
- */
-
-void print_sid(DOM_SID *sid)
-{
- int i, comps = sid->auths;
- fprintf(stdout, "S-%u-%u", sid->ver, sid->auth[5]);
-
- for (i = 0; i < comps; i++) {
-
- fprintf(stdout, "-%u", sid->sub_auths[i]);
-
- }
- fprintf(stdout, "\n");
-}
-
-int print_sec(SEC_DESC *sec_desc)
-{
-
- fprintf(stdout, " SECURITY\n");
- fprintf(stdout, " Owner: ");
- print_sid(sec_desc->owner);
- fprintf(stdout, " Group: ");
- print_sid(sec_desc->group);
- return 1;
-}
-
-/*
- * Value print function here ...
- */
-int print_val(const char *path, char *val_name, int val_type, int data_len,
- void *data_blk, int terminal, int first, int last)
-{
- char data_asc[1024];
-
- bzero(data_asc, sizeof(data_asc));
- if (!terminal && first)
- fprintf(stdout, "%s\n", path);
- data_to_ascii((unsigned char *)data_blk, data_len, val_type, data_asc,
- sizeof(data_asc) - 1);
- fprintf(stdout, " %s : %s : %s\n", (val_name?val_name:"<No Name>"),
- val_to_str(val_type, reg_type_names), data_asc);
- return 1;
-}
-
-int main(int argc, char *argv[])
-{
- REGF *regf;
- int opt;
- static char *cmd_file = NULL;
- poptContext pc;
- struct poptOption long_options[] = {
- POPT_AUTOHELP
- { "verbose", 'v', POPT_ARG_NONE, NULL, 'v', "Sets verbose mode" },
- { "command-file", 'c', POPT_ARG_STRING, &cmd_file, 'c', "Specifies a command file" },
- { 0, 0, 0, 0 }
- };
-
- pc = poptGetContext("editreg", argc, (const char **)argv, long_options,
- POPT_CONTEXT_KEEP_FIRST);
-
- poptSetOtherOptionHelp(pc, "<registry-file>");
-
- while((opt = poptGetNextOpt(pc)) != -1)
- switch(opt) {
- case 'v':
- verbose++;
- break;
- }
-
- poptGetArg(pc); /* For argv[0] */
-
- if (!poptPeekArg(pc)) {
- poptPrintUsage(pc, stderr, 0);
- exit(1);
- }
-
- if ((regf = nt_create_regf()) == NULL) {
- fprintf(stderr, "Could not create registry object: %s\n", strerror(errno));
- exit(2);
- }
-
- if (!nt_set_regf_input_file(regf, poptPeekArg(pc))) {
- fprintf(stderr, "Could not set name of registry file: %s, %s\n",
- poptPeekArg(pc), strerror(errno));
- exit(3);
- }
-
- /* Now, open it, and bring it into memory :-) */
-
- if (nt_load_registry(regf) < 0) {
- fprintf(stderr, "Could not load registry: %s\n", poptPeekArg(pc));
- exit(4);
- }
-
- /*
- * At this point, we should have a registry in memory and should be able
- * to iterate over it.
- */
-
- nt_key_iterator(regf, regf->root, 0, "", print_key, print_sec, print_val);
- poptFreeContext(pc);
- return 0;
-}
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 5a8265f0b9..71b7a0802f 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -124,7 +124,6 @@ static ADS_STRUCT *ads_startup(void)
ADS_STATUS status;
BOOL need_password = False;
BOOL second_time = False;
- char *realm;
ads = ads_init(NULL, NULL, opt_host);
@@ -151,16 +150,6 @@ retry:
ads->auth.user_name = strdup(opt_user_name);
- /*
- * If the username is of the form "name@realm",
- * extract the realm and convert to upper case.
- */
- if ((realm = strchr(ads->auth.user_name, '@'))) {
- *realm++ = '\0';
- ads->auth.realm = strdup(realm);
- strupper(ads->auth.realm);
- }
-
status = ads_connect(ads);
if (!ADS_ERR_OK(status)) {
if (!need_password && !second_time) {
diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c
index e3d6ce0274..56d13a5fd9 100644
--- a/source3/utils/testparm.c
+++ b/source3/utils/testparm.c
@@ -178,11 +178,11 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_
}
#ifndef HAVE_DLOPEN
- if (lp_preload_modules()) {
- printf("WARNING: 'preload modules = ' set while loading plugins not supported.\n");
- }
+ if (lp_preload_modules()) {
+ printf("WARNING: 'preload modules = ' set while loading plugins not supported.\n");
+ }
#endif
-
+
return ret;
}