diff options
Diffstat (limited to 'source3')
158 files changed, 4190 insertions, 22518 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index 2896277feb..70519847f2 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -23,16 +23,12 @@ WINBIND_NSS_LDSHFLAGS=@WINBIND_NSS_LDSHFLAGS@ @LDFLAGS@ @CFLAGS@ AWK=@AWK@ DYNEXP=@DYNEXP@ PYTHON=@PYTHON@ -PERL=@PERL@ TERMLDFLAGS=@TERMLDFLAGS@ TERMLIBS=@TERMLIBS@ PRINTLIBS=@PRINTLIBS@ AUTHLIBS=@AUTHLIBS@ ACLLIBS=@ACLLIBS@ -PASSDBLIBS=@PASSDBLIBS@ -ADSLIBS=@ADSLIBS@ -KRB5LIBS=@KRB5_LIBS@ LINK=$(CC) $(FLAGS) $(LDFLAGS) @@ -126,8 +122,7 @@ BIN_PROGS1 = bin/smbclient@EXEEXT@ bin/net@EXEEXT@ bin/smbspool@EXEEXT@ \ BIN_PROGS2 = bin/smbcontrol@EXEEXT@ bin/smbtree@EXEEXT@ bin/tdbbackup@EXEEXT@ \ bin/nmblookup@EXEEXT@ bin/pdbedit@EXEEXT@ BIN_PROGS3 = bin/smbpasswd@EXEEXT@ bin/rpcclient@EXEEXT@ bin/smbcacls@EXEEXT@ \ - bin/profiles@EXEEXT@ bin/smbgroupedit@EXEEXT@ bin/ntlm_auth@EXEEXT@ \ - bin/editreg@EXEEXT@ bin/smbcquotas@EXEEXT@ + bin/profiles@EXEEXT@ bin/smbgroupedit@EXEEXT@ bin/ntlm_auth@EXEEXT@ TORTURE_PROGS = bin/smbtorture@EXEEXT@ bin/msgtest@EXEEXT@ \ bin/masktest@EXEEXT@ bin/locktest@EXEEXT@ \ @@ -144,12 +139,8 @@ SCRIPTS = $(srcdir)/script/smbtar $(srcdir)/script/addtosmbpass $(srcdir)/script QUOTAOBJS=@QUOTAOBJS@ -VFS_MODULES = @VFS_MODULES@ -PDB_MODULES = @PDB_MODULES@ -RPC_MODULES = @RPC_MODULES@ -CHARSET_MODULES = @CHARSET_MODULES@ -AUTH_MODULES = @AUTH_MODULES@ -MODULES = $(VFS_MODULES) $(PDB_MODULES) $(RPC_MODULES) $(CHARSET_MODULES) $(AUTH_MODULES) +VFS_MODULES = bin/vfs_audit.@SHLIBEXT@ bin/vfs_extd_audit.@SHLIBEXT@ bin/vfs_recycle.@SHLIBEXT@ bin/vfs_netatalk.@SHLIBEXT@ +PDB_MODULES = @MODULE_MYSQL@ @MODULE_XML@ ###################################################################### # object file lists @@ -176,8 +167,7 @@ LIB_OBJ = lib/charcnv.o lib/debug.o lib/fault.o \ nsswitch/wb_client.o nsswitch/wb_common.o \ lib/pam_errors.o intl/lang_tdb.o lib/account_pol.o \ lib/adt_tree.o lib/gencache.o $(TDB_OBJ) \ - lib/module.o lib/genparser.o lib/genparser_samba.o \ - lib/ldap_escape.o @CHARSET_STATIC@ + lib/module.o lib/ldap_escape.o LIB_SMBD_OBJ = lib/system_smbd.o lib/util_smbd.o @@ -196,7 +186,7 @@ LIBADS_OBJ = libads/ldap.o libads/ldap_printer.o libads/sasl.o \ libads/krb5_setpw.o libads/ldap_user.o \ libads/ads_struct.o libads/ads_status.o \ libads/disp_sec.o libads/ads_utils.o libads/ldap_utils.o \ - libads/ads_ldap.o libads/authdata.o + libads/ads_ldap.o LIBADS_SERVER_OBJ = libads/util.o libads/kerberos_verify.o @@ -215,11 +205,9 @@ LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \ libsmb/clireadwrite.o libsmb/clilist.o libsmb/cliprint.o \ libsmb/clitrans.o libsmb/clisecdesc.o libsmb/clidgram.o \ libsmb/clistr.o libsmb/smb_signing.o \ - libsmb/cliquota.o libsmb/clifsinfo.o \ libsmb/smberr.o libsmb/credentials.o libsmb/pwd_cache.o \ libsmb/clioplock.o libsmb/errormap.o libsmb/clirap2.o \ libsmb/passchange.o libsmb/doserr.o \ - libsmb/trustdom_cache.o \ $(RPC_PARSE_OBJ1) $(LIBNTLMSSP_OBJ) $(LIBSAMBA_OBJ) $(LIBNMB_OBJ) LIBMSRPC_OBJ = rpc_client/cli_lsarpc.o rpc_client/cli_samr.o \ @@ -229,7 +217,7 @@ LIBMSRPC_OBJ = rpc_client/cli_lsarpc.o rpc_client/cli_samr.o \ rpc_client/cli_spoolss.o rpc_client/cli_spoolss_notify.o \ rpc_client/cli_ds.o rpc_client/cli_echo.o libsmb/namequery_dc.o -LIBMSRPC_SERVER_OBJ = libsmb/trusts_util.o +LIBMSRPC_SERVER_OBJ = libsmb/trust_passwd.o REGOBJS_OBJ = registry/reg_objects.o REGISTRY_OBJ = registry/reg_frontend.o registry/reg_cachehook.o registry/reg_printing.o \ @@ -249,14 +237,40 @@ RPC_SVC_OBJ = rpc_server/srv_srvsvc.o rpc_server/srv_srvsvc_nt.o RPC_WKS_OBJ = rpc_server/srv_wkssvc.o rpc_server/srv_wkssvc_nt.o RPC_DFS_OBJ = rpc_server/srv_dfs.o rpc_server/srv_dfs_nt.o + RPC_SPOOLSS_OBJ = rpc_server/srv_spoolss.o rpc_server/srv_spoolss_nt.o +RPC_ECHO_OBJ = rpc_server/srv_echo.o rpc_server/srv_echo_nt.o + RPC_PIPE_OBJ = rpc_server/srv_pipe_hnd.o rpc_server/srv_util.o \ rpc_server/srv_pipe.o rpc_server/srv_lsa_hnd.o -RPC_ECHO_OBJ = rpc_server/srv_echo.o rpc_server/srv_echo_nt.o - -RPC_SERVER_OBJ = @RPC_STATIC@ $(RPC_PIPE_OBJ) +# These are like they are to avoid a dependency on GNU MAKE +@LSA_DYNAMIC_YES@RPC_MODULES1 = bin/librpc_lsarpc.@SHLIBEXT@ +@NETLOG_DYNAMIC_YES@RPC_MODULES2 = bin/librpc_NETLOGON.@SHLIBEXT@ +@SAMR_DYNAMIC_YES@RPC_MODULES3 = bin/librpc_samr.@SHLIBEXT@ +@SVC_DYNAMIC_YES@RPC_MODULES4 = bin/librpc_srvsvc.@SHLIBEXT@ +@WKS_DYNAMIC_YES@RPC_MODULES5 = bin/librpc_wkssvc.@SHLIBEXT@ +@REG_DYNAMIC_YES@RPC_MODULES6 = bin/librpc_winreg.@SHLIBEXT@ +@SPOOLSS_DYNAMIC_YES@RPC_MODULES7 = bin/librpc_spoolss.@SHLIBEXT@ +@DFS_DYNAMIC_YES@RPC_MODULES8 = bin/librpc_netdfs.@SHLIBEXT@ +@ECHO_DYNAMIC_YES@RPC_MODULES9 = bin/librpc_echo.@SHLIBEXT@ +RPC_MODULES = $(RPC_MODULES1) $(RPC_MODULES2) $(RPC_MODULES3) $(RPC_MODULES4) \ + $(RPC_MODULES5) $(RPC_MODULES6) $(RPC_MODULES7) $(RPC_MODULES8) \ + $(RPC_MODULES9) + +@LSA_DYNAMIC_NO@RPC_PIPE_OBJ1 = $(RPC_LSA_OBJ) +@NETLOG_DYNAMIC_NO@RPC_PIPE_OBJ2 = $(RPC_NETLOG_OBJ) +@SAMR_DYNAMIC_NO@RPC_PIPE_OBJ3 = $(RPC_SAMR_OBJ) +@SVC_DYNAMIC_NO@RPC_PIPE_OBJ4 = $(RPC_SVC_OBJ) +@WKS_DYNAMIC_NO@RPC_PIPE_OBJ5 = $(RPC_WKS_OBJ) +@REG_DYNAMIC_NO@RPC_PIPE_OBJ6 = $(RPC_REG_OBJ) +@SPOOLSS_DYNAMIC_NO@RPC_PIPE_OBJ7 = $(RPC_SPOOLSS_OBJ) +@DFS_DYNAMIC_NO@RPC_PIPE_OBJ8 = $(RPC_DFS_OBJ) +@ECHO_DYNAMIC_NO@RPC_PIPE_OBJ9 = $(RPC_ECHO_OBJ) +RPC_SERVER_OBJ = $(RPC_PIPE_OBJ1) $(RPC_PIPE_OBJ2) $(RPC_PIPE_OBJ3) \ + $(RPC_PIPE_OBJ4) $(RPC_PIPE_OBJ5) $(RPC_PIPE_OBJ6) $(RPC_PIPE_OBJ7) \ + $(RPC_PIPE_OBJ8) $(RPC_PIPE_OBJ9) $(RPC_PIPE_OBJ) # this includes only the low level parse code, not stuff # that requires knowledge of security contexts @@ -268,8 +282,7 @@ RPC_PARSE_OBJ = rpc_parse/parse_lsa.o rpc_parse/parse_net.o \ rpc_parse/parse_samr.o rpc_parse/parse_srv.o \ rpc_parse/parse_wks.o rpc_parse/parse_ds.o \ rpc_parse/parse_spoolss.o rpc_parse/parse_dfs.o \ - rpc_parse/parse_echo.o \ - $(REGOBJS_OBJ) + rpc_parse/parse_echo.o $(REGOBJS_OBJ) RPC_CLIENT_OBJ = rpc_client/cli_pipe.o @@ -279,52 +292,29 @@ LOCKING_OBJ = locking/locking.o locking/brlock.o locking/posix.o PASSDB_GET_SET_OBJ = passdb/pdb_get_set.o PASSDB_OBJ = $(PASSDB_GET_SET_OBJ) passdb/passdb.o passdb/pdb_interface.o \ - passdb/machine_sid.o passdb/util_sam_sid.o passdb/pdb_compat.o \ - passdb/privileges.o @LDAP_OBJ@ @PDB_STATIC@ + passdb/machine_sid.o passdb/pdb_smbpasswd.o \ + passdb/pdb_tdb.o passdb/pdb_ldap.o passdb/pdb_plugin.o \ + passdb/pdb_unix.o passdb/pdb_guest.o passdb/util_sam_sid.o \ + passdb/pdb_compat.o passdb/pdb_nisplus.o -XML_OBJ = modules/xml.o -MYSQL_OBJ = modules/mysql.o -DEVEL_HELP_OBJ = modules/developer.o - -SAM_STATIC_MODULES = sam/sam_plugin.o sam/sam_skel.o sam/sam_ads.o - -IDMAP_OBJ = sam/idmap.o sam/idmap_tdb.o sam/idmap_winbind.o - -SAM_OBJ = sam/account.o sam/get_set_account.o sam/get_set_group.o \ - sam/get_set_domain.o sam/interface.o $(SAM_STATIC_MODULES) - -SAMTEST_OBJ = torture/samtest.o torture/cmd_sam.o $(PARAM_OBJ) $(SAM_OBJ) $(LIB_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(READLINE_OBJ) lib/util_seaccess.o $(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(GROUPDB_OBJ) +PDB_XML_OBJ = passdb/pdb_xml.o +PDB_MYSQL_OBJ = passdb/pdb_mysql.o GROUPDB_OBJ = groupdb/mapping.o PROFILE_OBJ = profile/profile.o -PROFILES_OBJ = utils/profiles.o -EDITREG_OBJ = utils/editreg.o lib/snprintf.o OPLOCK_OBJ = smbd/oplock.o smbd/oplock_irix.o smbd/oplock_linux.o NOTIFY_OBJ = smbd/notify.o smbd/notify_hash.o smbd/notify_kernel.o -VFS_AUDIT_OBJ = modules/vfs_audit.o -VFS_EXTD_AUDIT_OBJ = modules/vfs_extd_audit.o -VFS_RECYCLE_OBJ = modules/vfs_recycle.o -VFS_NETATALK_OBJ = modules/vfs_netatalk.o -VFS_FAKE_PERMS_OBJ = modules/vfs_fake_perms.o - PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o UNIGRP_OBJ = libsmb/netlogon_unigrp.o -AUTH_BUILTIN_OBJ = auth/auth_builtin.o -AUTH_DOMAIN_OBJ = auth/auth_domain.o -AUTH_SAM_OBJ = auth/auth_sam.o -AUTH_RHOSTS_OBJ = auth/auth_rhosts.o -AUTH_SERVER_OBJ = auth/auth_server.o -AUTH_UNIX_OBJ = auth/auth_unix.o -AUTH_WINBIND_OBJ = auth/auth_winbind.o - -AUTH_OBJ = auth/auth.o @AUTH_STATIC@ auth/auth_util.o auth/auth_compat.o \ - auth/auth_ntlmssp.o \ +AUTH_OBJ = auth/auth.o auth/auth_sam.o auth/auth_server.o auth/auth_domain.o \ + auth/auth_rhosts.o auth/auth_unix.o auth/auth_util.o auth/auth_winbind.o \ + auth/auth_builtin.o auth/auth_compat.o auth/auth_ntlmssp.o \ $(PLAINTEXT_AUTH_OBJ) $(UNIGRP_OBJ) MANGLE_OBJ = smbd/mangle.o smbd/mangle_hash.o smbd/mangle_map.o smbd/mangle_hash2.o @@ -345,17 +335,16 @@ SMBD_OBJ_SRV = smbd/files.o smbd/chgpasswd.o smbd/connection.o \ printing/printfsp.o lib/util_seaccess.o \ smbd/build_options.o \ smbd/change_trust_pw.o \ - $(MANGLE_OBJ) @VFS_STATIC@ + $(MANGLE_OBJ) -SMBD_OBJ_BASE = $(PARAM_OBJ) $(SMBD_OBJ_SRV) $(MSDFS_OBJ) $(LIBSMB_OBJ) \ - $(RPC_SERVER_OBJ) $(RPC_PARSE_OBJ) $(SECRETS_OBJ) $(UBIQX_OBJ) \ +SMBD_OBJ_BASE = $(SMBD_OBJ_SRV) $(MSDFS_OBJ) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \ + $(RPC_SERVER_OBJ) $(RPC_PARSE_OBJ) $(SECRETS_OBJ) \ $(LOCKING_OBJ) $(PASSDB_OBJ) $(PRINTING_OBJ) $(PROFILE_OBJ) \ $(LIB_OBJ) $(PRINTBACKEND_OBJ) $(QUOTAOBJS) $(OPLOCK_OBJ) \ $(NOTIFY_OBJ) $(GROUPDB_OBJ) $(AUTH_OBJ) \ $(LIBMSRPC_OBJ) $(LIBMSRPC_SERVER_OBJ) \ $(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(LIBADS_SERVER_OBJ) \ - $(LIB_SMBD_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) \ - $(IDMAP_OBJ) + $(LIB_SMBD_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) PRINTING_OBJ = printing/pcap.o printing/print_svid.o \ @@ -367,7 +356,8 @@ PRINTBACKEND_OBJ = printing/printing.o printing/nt_printing.o printing/notify.o MSDFS_OBJ = msdfs/msdfs.o -SMBD_OBJ = $(SMBD_OBJ_BASE) $(SMBD_OBJ_MAIN) +SMBD_OBJ = $(SMBD_OBJ_MAIN) $(SMBD_OBJ_BASE) + NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \ nmbd/nmbd_become_lmb.o nmbd/nmbd_browserdb.o \ nmbd/nmbd_browsesync.o nmbd/nmbd_elections.o \ @@ -393,8 +383,8 @@ WREPL_OBJ = $(WREPL_OBJ1) $(PARAM_OBJ) $(UBIQX_OBJ) \ SWAT_OBJ1 = web/cgi.o web/diagnose.o web/startstop.o web/statuspage.o \ web/swat.o web/neg_lang.o -SWAT_OBJ = $(SWAT_OBJ1) $(PARAM_OBJ) $(PRINTING_OBJ) $(LIBSMB_OBJ) \ - $(LOCKING_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(KRBCLIENT_OBJ) \ +SWAT_OBJ = $(SWAT_OBJ1) $(PRINTING_OBJ) $(LIBSMB_OBJ) $(LOCKING_OBJ) \ + $(PARAM_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(KRBCLIENT_OBJ) \ $(UBIQX_OBJ) $(LIB_OBJ) $(GROUPDB_OBJ) $(PLAINTEXT_AUTH_OBJ) \ $(POPT_LIB_OBJ) @@ -420,15 +410,14 @@ TESTPRNS_OBJ = utils/testprns.o $(PARAM_OBJ) $(PRINTING_OBJ) $(UBIQX_OBJ) \ SMBPASSWD_OBJ = utils/smbpasswd.o $(PARAM_OBJ) $(SECRETS_OBJ) \ $(LIBSMB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ)\ - $(UBIQX_OBJ) $(LIB_OBJ) $(KRBCLIENT_OBJ) \ - $(IDMAP_OBJ) + $(UBIQX_OBJ) $(LIB_OBJ) $(KRBCLIENT_OBJ) PDBEDIT_OBJ = utils/pdbedit.o $(PARAM_OBJ) $(PASSDB_OBJ) $(LIBSAMBA_OBJ) \ $(UBIQX_OBJ) $(LIB_OBJ) $(GROUPDB_OBJ) $(SECRETS_OBJ) \ - $(POPT_LIB_OBJ) $(IDMAP_OBJ) + $(POPT_LIB_OBJ) SMBGROUPEDIT_OBJ = utils/smbgroupedit.o $(GROUPDB_OBJ) $(PARAM_OBJ) \ - $(LIBSAMBA_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) $(IDMAP_OBJ) + $(LIBSAMBA_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) RPCCLIENT_OBJ1 = rpcclient/rpcclient.o rpcclient/cmd_lsarpc.o \ rpcclient/cmd_samr.o rpcclient/cmd_spoolss.o \ @@ -441,8 +430,7 @@ RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \ $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \ $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(LIBMSRPC_OBJ) \ $(READLINE_OBJ) $(GROUPDB_OBJ) $(KRBCLIENT_OBJ) \ - $(LIBADS_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) \ - $(IDMAP_OBJ) + $(LIBADS_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) PAM_WINBIND_OBJ = nsswitch/pam_winbind.po nsswitch/wb_common.po lib/snprintf.po @@ -459,8 +447,8 @@ SMBWRAPPER_OBJ1 = smbwrapper/wrapped.o SMBWRAPPER_OBJ = $(SMBW_OBJ) $(SMBWRAPPER_OBJ1) LIBSMBCLIENT_OBJ = libsmb/libsmbclient.o libsmb/libsmb_compat.o \ - libsmb/libsmb_cache.o $(PARAM_OBJ) $(LIB_OBJ) \ - $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(UBIQX_OBJ) + libsmb/libsmb_cache.o $(LIB_OBJ) \ + $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) $(UBIQX_OBJ) # This shared library is intended for linking with unit test programs # to test Samba internals. It's called libbigballofmud.so to @@ -468,7 +456,7 @@ LIBSMBCLIENT_OBJ = libsmb/libsmbclient.o libsmb/libsmb_compat.o \ LIBBIGBALLOFMUD_MAJOR = 0 -LIBBIGBALLOFMUD_OBJ = $(PARAM_OBJ) $(LIB_OBJ) $(UBIQX_OBJ) $(SECRETS_OBJ) \ +LIBBIGBALLOFMUD_OBJ = $(LIB_OBJ) $(UBIQX_OBJ) $(PARAM_OBJ) $(SECRETS_OBJ) \ $(LIBSMB_OBJ) $(LIBMSRPC_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_OBJ) \ $(GROUPDB_OBJ) $(KRBCLIENT_OBJ) @@ -485,12 +473,11 @@ NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_ads_cldap.o utils/net_help.o \ utils/net_rpc_join.o utils/net_time.o utils/net_lookup.o \ utils/net_cache.o -NET_OBJ = $(NET_OBJ1) $(PARAM_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \ +NET_OBJ = $(NET_OBJ1) $(SECRETS_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \ - $(KRBCLIENT_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \ + $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \ $(LIBMSRPC_OBJ) $(LIBMSRPC_SERVER_OBJ) \ - $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) $(POPT_LIB_OBJ) \ - $(IDMAP_OBJ) + $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) $(POPT_LIB_OBJ) CUPS_OBJ = client/smbspool.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \ $(LIB_OBJ) $(KRBCLIENT_OBJ) @@ -508,37 +495,38 @@ NMBLOOKUP_OBJ = utils/nmblookup.o $(PARAM_OBJ) $(UBIQX_OBJ) $(LIBNMB_OBJ) \ SMBTORTURE_OBJ1 = torture/torture.o torture/nbio.o torture/scanner.o torture/utable.o \ torture/denytest.o torture/mangle_test.o -SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) $(PARAM_OBJ) \ - $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) +SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) \ + $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) -MASKTEST_OBJ = torture/masktest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ +MASKTEST_OBJ = torture/masktest.o $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) \ $(UBIQX_OBJ) $(LIB_OBJ) -MSGTEST_OBJ = torture/msgtest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ +MSGTEST_OBJ = torture/msgtest.o $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) \ $(UBIQX_OBJ) $(LIB_OBJ) -LOCKTEST_OBJ = torture/locktest.o $(PARAM_OBJ) $(LOCKING_OBJ) $(KRBCLIENT_OBJ) \ - $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) +LOCKTEST_OBJ = torture/locktest.o $(LOCKING_OBJ) $(KRBCLIENT_OBJ) $(LIBSMB_OBJ) $(PARAM_OBJ) \ + $(UBIQX_OBJ) $(LIB_OBJ) -NSSTEST_OBJ = torture/nsstest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ +NSSTEST_OBJ = torture/nsstest.o $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) \ $(UBIQX_OBJ) $(LIB_OBJ) VFSTEST_OBJ = torture/cmd_vfs.o torture/vfstest.o $(SMBD_OBJ_BASE) $(READLINE_OBJ) -LOCKTEST2_OBJ = torture/locktest2.o $(PARAM_OBJ) $(LOCKING_OBJ) $(LIBSMB_OBJ) \ - $(KRBCLIENT_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) +VFS_AUDIT_OBJ = modules/vfs_audit.o +VFS_EXTD_AUDIT_OBJ = modules/vfs_extd_audit.o +VFS_RECYCLE_OBJ = modules/vfs_recycle.o +VFS_NETATALK_OBJ = modules/vfs_netatalk.o -SMBCACLS_OBJ = utils/smbcacls.o $(PARAM_OBJ) $(LOCKING_OBJ) $(LIBSMB_OBJ) \ - $(KRBCLIENT_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) $(RPC_PARSE_OBJ) \ - $(PASSDB_GET_SET_OBJ) $(LIBMSRPC_OBJ) $(SECRETS_OBJ) \ - $(POPT_LIB_OBJ) +LOCKTEST2_OBJ = torture/locktest2.o $(LOCKING_OBJ) $(LIBSMB_OBJ) \ + $(KRBCLIENT_OBJ) $(PARAM_OBJ) \ + $(UBIQX_OBJ) $(LIB_OBJ) -SMBCQUOTAS_OBJ = utils/smbcquotas.o $(LOCKING_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ +SMBCACLS_OBJ = utils/smbcacls.o $(LOCKING_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ $(PARAM_OBJ) \ - $(UBIQX_OBJ) $(LIB_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_GET_SET_OBJ) \ - $(LIBMSRPC_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) + $(UBIQX_OBJ) $(LIB_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_GET_SET_OBJ) \ + $(LIBMSRPC_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) -TALLOCTORT_OBJ = lib/talloctort.o $(PARAM_OBJ) $(LIB_OBJ) $(UBIQX_OBJ) +TALLOCTORT_OBJ = lib/talloctort.o $(LIB_OBJ) $(PARAM_OBJ) $(UBIQX_OBJ) RPCTORTURE_OBJ = torture/rpctorture.o \ rpcclient/display.o \ @@ -552,7 +540,7 @@ RPCTORTURE_OBJ = torture/rpctorture.o \ DEBUG2HTML_OBJ = utils/debug2html.o ubiqx/debugparse.o -SMBFILTER_OBJ = utils/smbfilter.o $(PARAM_OBJ) $(LIBSMB_OBJ) \ +SMBFILTER_OBJ = utils/smbfilter.o $(LIBSMB_OBJ) $(PARAM_OBJ) \ $(UBIQX_OBJ) $(LIB_OBJ) $(KRBCLIENT_OBJ) PROTO_OBJ = $(SMBD_OBJ_MAIN) \ @@ -567,7 +555,7 @@ PROTO_OBJ = $(SMBD_OBJ_MAIN) \ $(LIB_SMBD_OBJ) $(SAM_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) \ $(RPC_LSA_OBJ) $(RPC_NETLOG_OBJ) $(RPC_SAMR_OBJ) $(RPC_REG_OBJ) \ $(RPC_SVC_OBJ) $(RPC_WKS_OBJ) $(RPC_DFS_OBJ) $(RPC_SPOOLSS_OBJ) \ - $(IDMAP_OBJ) $(RPC_ECHO_OBJ) + $(RPC_ECHO_OBJ) NSS_OBJ_0 = nsswitch/wins.o $(PARAM_OBJ) $(UBIQX_OBJ) $(LIBSMB_OBJ) \ $(LIB_OBJ) $(NSSWINS_OBJ) @@ -591,8 +579,6 @@ WINBINDD_OBJ1 = \ nsswitch/winbindd_user.o \ nsswitch/winbindd_group.o \ nsswitch/winbindd_idmap.o \ - nsswitch/winbindd_idmap_tdb.o \ - nsswitch/winbindd_idmap_ldap.o \ nsswitch/winbindd_util.o \ nsswitch/winbindd_cache.o \ nsswitch/winbindd_pam.o \ @@ -608,8 +594,8 @@ WINBINDD_OBJ = \ $(WINBINDD_OBJ1) $(PASSDB_GET_SET_OBJ) \ $(PARAM_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \ $(LIBSMB_OBJ) $(LIBMSRPC_OBJ) $(RPC_PARSE_OBJ) \ - $(PROFILE_OBJ) $(UNIGRP_OBJ) $(IDMAP_OBJ) \ - $(SECRETS_OBJ) $(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) @LDAP_OBJ@ + $(PROFILE_OBJ) $(UNIGRP_OBJ) $(POPT_LIB_OBJ) \ + $(SECRETS_OBJ) $(LIBADS_OBJ) $(KRBCLIENT_OBJ) WBINFO_OBJ = nsswitch/wbinfo.o libsmb/smbencrypt.o libsmb/smbdes.o $(POPT_LIB_OBJ) @@ -627,8 +613,7 @@ NTLM_AUTH_OBJ = utils/ntlm_auth.o $(LIBNTLMSSP_OBJ) $(LIBSAMBA_OBJ) $(POPT_LIB_O ###################################################################### # now the rules... ###################################################################### -all : SHOWFLAGS proto_exists $(SBIN_PROGS) $(BIN_PROGS) $(SHLIBS) \ - $(TORTURE_PROGS) $(MODULES) @EXTRA_ALL_TARGETS@ +all : SHOWFLAGS proto_exists $(SBIN_PROGS) $(BIN_PROGS) $(SHLIBS) $(RPC_MODULES) @EXTRA_ALL_TARGETS@ pam_smbpass : SHOWFLAGS bin/pam_smbpass.@SHLIBEXT@ @@ -646,8 +631,6 @@ locktest : SHOWFLAGS bin/locktest@EXEEXT@ smbcacls : SHOWFLAGS bin/smbcacls@EXEEXT@ -smbcquotas : SHOWFLAGS bin/smbcquotas@EXEEXT@ - locktest2 : SHOWFLAGS bin/locktest2@EXEEXT@ rpctorture : SHOWFLAGS bin/rpctorture@EXEEXT@ @@ -658,13 +641,13 @@ smbfilter : SHOWFLAGS bin/smbfilter@EXEEXT@ talloctort : SHOWFLAGS bin/talloctort@EXEEXT@ -nsswitch : SHOWFLAGS bin/winbindd@EXEEXT@ bin/wbinfo@EXEEXT@ nsswitch/@WINBIND_NSS@.@SHLIBEXT@ nsswitch/pam_winbind.@SHLIBEXT@ +nsswitch : SHOWFLAGS bin/winbindd@EXEEXT@ bin/wbinfo@EXEEXT@ nsswitch/libnss_winbind.@SHLIBEXT@ nsswitch/pam_winbind.@SHLIBEXT@ wins : SHOWFLAGS nsswitch/libnss_wins.@SHLIBEXT@ -modules: SHOWFLAGS proto_exists $(MODULES) +modules: SHOWFLAGS proto_exists $(VFS_MODULES) $(PDB_MODULES) -everything: all libsmbclient debug2html smbfilter talloctort +everything: all libsmbclient debug2html smbfilter talloctort modules torture .SUFFIXES: .SUFFIXES: .c .o .po .po32 .lo @@ -699,7 +682,6 @@ MAKEDIR = || exec false; \ # rebuild it's a bit hard. dynconfig.o: dynconfig.c Makefile - @$(MAKE) modules_clean @echo Compiling $*.c @$(CC) $(FLAGS) $(PATH_FLAGS) -c $< -o $@ @@ -736,49 +718,45 @@ bin/.dummy: bin/smbd@EXEEXT@: $(SMBD_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(ADSLIBS) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \ - $(AUTHLIBS) $(ACLLIBS) $(PASSDBLIBS) $(LIBS) @POPTLIBS@ + @$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \ + $(AUTHLIBS) $(ACLLIBS) $(LIBS) @BUILD_POPT@ bin/nmbd@EXEEXT@: $(NMBD_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@ bin/wrepld@EXEEXT@: $(WREPL_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(WREPL_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ + @$(CC) $(FLAGS) -o $@ $(WREPL_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@ bin/swat@EXEEXT@: $(SWAT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SWAT_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \ - $(AUTHLIBS) $(LIBS) $(PASSDBLIBS) @POPTLIBS@ $(KRB5LIBS) + $(AUTHLIBS) $(LIBS) @BUILD_POPT@ bin/rpcclient@EXEEXT@: $(RPCCLIENT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(PASSDBLIBS) $(RPCCLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ $(ADSLIBS) + @$(CC) $(FLAGS) -o $@ $(RPCCLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @BUILD_POPT@ bin/smbclient@EXEEXT@: $(CLIENT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(CLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(CLIENT_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @BUILD_POPT@ bin/net@EXEEXT@: $(NET_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(ADSLIBS) - -bin/profiles@EXEEXT@: $(PROFILES_OBJ) @BUILD_POPT@ bin/.dummy - @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(PROFILES_OBJ) $(LDFLAGS) $(LIBS) @POPTLIBS@ + @$(CC) $(FLAGS) -o $@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @BUILD_POPT@ -bin/editreg@EXEEXT@: $(EDITREG_OBJ) @BUILD_POPT@ bin/.dummy +bin/profiles@EXEEXT@: utils/profiles.o @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(EDITREG_OBJ) $(LDFLAGS) $(LIBS) @POPTLIBS@ + @$(CC) $(FLAGS) -o $@ utils/profiles.o $(LDFLAGS) $(LIBS) @BUILD_POPT@ bin/smbspool@EXEEXT@: $(CUPS_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(CUPS_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(CUPS_OBJ) $(LDFLAGS) $(LIBS) bin/smbmount@EXEEXT@: $(MOUNT_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(MOUNT_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(MOUNT_OBJ) $(LDFLAGS) $(LIBS) bin/smbmnt@EXEEXT@: $(MNT_OBJ) bin/.dummy @echo Linking $@ @@ -790,47 +768,43 @@ bin/smbumount@EXEEXT@: $(UMOUNT_OBJ) bin/.dummy bin/testparm@EXEEXT@: $(TESTPARM_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(TESTPARM_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ + @$(CC) $(FLAGS) -o $@ $(TESTPARM_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@ bin/testprns@EXEEXT@: $(TESTPRNS_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(TESTPRNS_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) $(LIBS) + @$(CC) $(FLAGS) -o $@ $(TESTPRNS_OBJ) $(LDFLAGS) $(PRINTLIBS) $(LIBS) bin/smbstatus@EXEEXT@: $(STATUS_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(STATUS_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ + @$(CC) $(FLAGS) -o $@ $(STATUS_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@ bin/smbcontrol@EXEEXT@: $(SMBCONTROL_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) -DUSING_SMBCONTROL $(FLAGS) -o $@ $(SMBCONTROL_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ + @$(CC) -DUSING_SMBCONTROL $(FLAGS) -o $@ $(SMBCONTROL_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@ bin/smbtree@EXEEXT@: $(SMBTREE_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBTREE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(SMBTREE_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@ bin/smbpasswd@EXEEXT@: $(SMBPASSWD_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(PASSDBLIBS) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) bin/pdbedit@EXEEXT@: $(PDBEDIT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(PASSDBLIBS) $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ - -bin/samtest@EXEEXT@: $(SAMTEST_OBJ) @BUILD_POPT@ bin/.dummy - @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SAMTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS) $(ADSLIBS) + @$(CC) $(FLAGS) -o $@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @BUILD_POPT@ bin/smbgroupedit@EXEEXT@: $(SMBGROUPEDIT_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBGROUPEDIT_OBJ) $(PASSDBLIBS) $(LDFLAGS) $(DYNEXP) $(LIBS) + @$(CC) $(FLAGS) -o $@ $(SMBGROUPEDIT_OBJ) $(LDFLAGS) $(LIBS) bin/nmblookup@EXEEXT@: $(NMBLOOKUP_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(NMBLOOKUP_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ + @$(CC) $(FLAGS) -o $@ $(NMBLOOKUP_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@ bin/smbtorture@EXEEXT@: $(SMBTORTURE_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(LIBS) bin/talloctort@EXEEXT@: $(TALLOCTORT_OBJ) bin/.dummy @echo Linking $@ @@ -838,39 +812,35 @@ bin/talloctort@EXEEXT@: $(TALLOCTORT_OBJ) bin/.dummy bin/masktest@EXEEXT@: $(MASKTEST_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(MASKTEST_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(MASKTEST_OBJ) $(LDFLAGS) $(LIBS) bin/msgtest@EXEEXT@: $(MSGTEST_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(MSGTEST_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(MSGTEST_OBJ) $(LDFLAGS) $(LIBS) bin/smbcacls@EXEEXT@: $(SMBCACLS_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) - -bin/smbcquotas@EXEEXT@: $(SMBCQUOTAS_OBJ) @BUILD_POPT@ bin/.dummy - @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @BUILD_POPT@ bin/locktest@EXEEXT@: $(LOCKTEST_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(LOCKTEST_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(LOCKTEST_OBJ) $(LDFLAGS) $(LIBS) bin/nsstest@EXEEXT@: $(NSSTEST_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(NSSTEST_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(NSSTEST_OBJ) $(LDFLAGS) $(LIBS) bin/vfstest@EXEEXT@: $(VFSTEST_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINTLIBS) $(AUTHLIBS) $(ACLLIBS) $(LIBS) @POPTLIBS@ $(ADSLIBS) + @$(CC) $(FLAGS) -o $@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINTLIBS) $(AUTHLIBS) $(ACLLIBS) $(LIBS) @BUILD_POPT@ bin/locktest2@EXEEXT@: $(LOCKTEST2_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(LOCKTEST2_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(LOCKTEST2_OBJ) $(LDFLAGS) $(LIBS) bin/rpctorture@EXEEXT@: $(RPCTORTURE_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(RPCTORTURE_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(RPCTORTURE_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) bin/debug2html@EXEEXT@: $(DEBUG2HTML_OBJ) bin/.dummy @echo Linking $@ @@ -878,41 +848,39 @@ bin/debug2html@EXEEXT@: $(DEBUG2HTML_OBJ) bin/.dummy bin/smbfilter@EXEEXT@: $(SMBFILTER_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBFILTER_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(SMBFILTER_OBJ) $(LDFLAGS) $(LIBS) bin/smbw_sample@EXEEXT@: $(SMBW_OBJ) utils/smbw_sample.o bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBW_OBJ) utils/smbw_sample.o $(LDFLAGS) $(LIBS) $(KRB5LIBS) + @$(CC) $(FLAGS) -o $@ $(SMBW_OBJ) utils/smbw_sample.o $(LDFLAGS) $(LIBS) bin/smbsh@EXEEXT@: $(SMBSH_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBSH_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) + @$(CC) $(FLAGS) -o $@ $(SMBSH_OBJ) $(LDFLAGS) $(LIBS) bin/smbwrapper.@SHLIBEXT@: $(PICOBJS) bin/.dummy @echo Linking shared library $@ @$(SHLD) $(LDSHFLAGS) -o $@ $(PICOBJS) $(LIBS) \ - @SONAMEFLAG@`basename $@` $(KRB5LIBS) + @SONAMEFLAG@`basename $@` bin/smbwrapper.32.@SHLIBEXT@: $(PICOBJS32) @echo Linking shared library $@ @$(SHLD) -32 $(LDSHFLAGS) -o $@ $(PICOBJS32) $(LIBS) \ - @SONAMEFLAG@`basename $@` $(KRB5LIBS) + @SONAMEFLAG@`basename $@` bin/libsmbclient.@SHLIBEXT@: $(LIBSMBCLIENT_PICOBJS) @echo Linking libsmbclient shared library $@ - @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(LIBS) \ - $(KRB5LIBS) @SONAMEFLAG@`basename $@`.$(LIBSMBCLIENT_MAJOR) + $(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(LIBS) \ + @SONAMEFLAG@`basename $@`.$(LIBSMBCLIENT_MAJOR) bin/libsmbclient.a: $(LIBSMBCLIENT_PICOBJS) @echo Linking libsmbclient non-shared library $@ - @-$(AR) -rc $@ $(LIBSMBCLIENT_PICOBJS) + -$(AR) -rc $@ $(LIBSMBCLIENT_PICOBJS) -# This is probably wrong for anything other than the GNU linker. bin/libbigballofmud.@SHLIBEXT@: $(LIBBIGBALLOFMUD_PICOBJS) @echo Linking bigballofmud shared library $@ - @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBBIGBALLOFMUD_PICOBJS) $(LIBS) \ - @SONAMEFLAG@`basename $@`.$(LIBBIGBALLOFMUD_MAJOR) $(PASSDBLIBS) $(ADSLIBS) - ln -snf libbigballofmud.so bin/libbigballofmud.so.0 + $(SHLD) $(LDSHFLAGS) -o $@ $(LIBBIGBALLOFMUD_PICOBJS) $(LIBS) \ + @SONAMEFLAG@`basename $@`.$(LIBBIGBALLOFMUD_MAJOR) # It would be nice to build a static bigballofmud too, but when I try # I get linker errors about dl_open and similar things. I'm not sure @@ -961,11 +929,6 @@ bin/librpc_netdfs.@SHLIBEXT@: $(RPC_DFS_OBJ) @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_DFS_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_echo.@SHLIBEXT@: $(RPC_ECHO_OBJ) - @echo "Linking $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_ECHO_OBJ) -lc \ - @SONAMEFLAG@`basename $@` - nsswitch/libnss_wins.@SHLIBEXT@: $(NSS_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(NSS_OBJ) -lc \ @@ -973,8 +936,7 @@ nsswitch/libnss_wins.@SHLIBEXT@: $(NSS_OBJ) bin/winbindd@EXEEXT@: $(WINBINDD_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(LINK) -o $@ $(WINBINDD_OBJ) $(DYNEXP) $(LIBS) @POPTLIBS@ $(ADSLIBS) \ - @LDAP_LIBS@ + @$(LINK) -o $@ $(WINBINDD_OBJ) $(DYNEXP) $(LIBS) @BUILD_POPT@ nsswitch/@WINBIND_NSS@.@SHLIBEXT@: $(WINBIND_NSS_PICOBJS) @echo "Linking $@" @@ -986,117 +948,54 @@ nsswitch/pam_winbind.@SHLIBEXT@: $(PAM_WINBIND_OBJ) bin/.dummy @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_WINBIND_OBJ) \ @SONAMEFLAG@`basename $@` -lpam -bin/rhosts.@SHLIBEXT@: $(AUTH_RHOSTS_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_RHOSTS_OBJ) @SONAMEFLAG@`basename $@` - -bin/builtin.@SHLIBEXT@: $(AUTH_BUILTIN_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_BUILTIN_OBJ) @SONAMEFLAG@`basename $@` - -bin/domain.@SHLIBEXT@: $(AUTH_DOMAIN_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_DOMAIN_OBJ) @SONAMEFLAG@`basename $@` - -bin/server.@SHLIBEXT@: $(AUTH_SERVER_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_SERVER_OBJ) @SONAMEFLAG@`basename $@` - -bin/winbind.@SHLIBEXT@: $(AUTH_WINBIND_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_WINBIND_OBJ) @SONAMEFLAG@`basename $@` - -bin/unix.@SHLIBEXT@: $(AUTH_UNIX_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_UNIX_OBJ) @SONAMEFLAG@`basename $@` - -bin/sam.@SHLIBEXT@: $(AUTH_SAM_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_SAM_OBJ) @SONAMEFLAG@`basename $@` - -bin/mysql.@SHLIBEXT@: $(MYSQL_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(MYSQL_OBJ) @MYSQL_LIBS@ \ - @SONAMEFLAG@`basename $@` - -bin/ldapsam.@SHLIBEXT@: passdb/pdb_ldap.o - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) @LDAP_LIBS@ -o $@ passdb/pdb_ldap.o \ - @SONAMEFLAG@`basename $@` - -bin/tdbsam.@SHLIBEXT@: passdb/pdb_tdb.o +bin/pdb_mysql.@SHLIBEXT@: $(PDB_MYSQL_OBJ) @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ passdb/pdb_tdb.o \ + @$(SHLD) $(LDSHFLAGS) -o $@ $(PDB_MYSQL_OBJ) @MYSQL_LIBS@ \ @SONAMEFLAG@`basename $@` -bin/smbpasswd.@SHLIBEXT@: passdb/pdb_smbpasswd.o +bin/pdb_xml.@SHLIBEXT@: $(PDB_XML_OBJ) @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ passdb/pdb_smbpasswd.o \ + @$(SHLD) $(LDSHFLAGS) -o $@ $(PDB_XML_OBJ) @XML_LIBS@ \ @SONAMEFLAG@`basename $@` -bin/unixsam.@SHLIBEXT@: passdb/pdb_unix.o - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ passdb/pdb_unix.o \ - @SONAMEFLAG@`basename $@` - -bin/nisplussam.@SHLIBEXT@: passdb/pdb_nisplus.o - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ passdb/pdb_nisplus.o \ - @SONAMEFLAG@`basename $@` - -bin/weird.@SHLIBEXT@: $(DEVEL_HELP_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(DEVEL_HELP_OBJ) \ - @SONAMEFLAG@`basename $@` - -bin/xml.@SHLIBEXT@: $(XML_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(XML_OBJ) @XML_LIBS@ \ - @SONAMEFLAG@`basename $@` - -bin/audit.@SHLIBEXT@: $(VFS_AUDIT_OBJ) +bin/vfs_audit.@SHLIBEXT@: $(VFS_AUDIT_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_AUDIT_OBJ) \ @SONAMEFLAG@`basename $@` -bin/extd_audit.@SHLIBEXT@: $(VFS_EXTD_AUDIT_OBJ) +bin/vfs_extd_audit.@SHLIBEXT@: $(VFS_EXTD_AUDIT_OBJ) @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_EXTD_AUDIT_OBJ) \ + @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_AUDIT_OBJ) \ @SONAMEFLAG@`basename $@` -bin/recycle.@SHLIBEXT@: $(VFS_RECYCLE_OBJ) +bin/vfs_recycle.@SHLIBEXT@: $(VFS_RECYCLE_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_RECYCLE_OBJ) \ @SONAMEFLAG@`basename $@` -bin/netatalk.@SHLIBEXT@: $(VFS_NETATALK_OBJ) +bin/vfs_netatalk.@SHLIBEXT@: $(VFS_NETATALK_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_NETATALK_OBJ) \ @SONAMEFLAG@`basename $@` -bin/fake_perms.@SHLIBEXT@: $(VFS_FAKE_PERMS_OBJ) - @echo "Building plugin $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_FAKE_PERMS_OBJ) \ - @SONAMEFLAG@`basename $@` - bin/wbinfo@EXEEXT@: $(WBINFO_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \ $(UBIQX_OBJ) $(SECRETS_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(LINK) -o $@ $(WBINFO_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \ - $(UBIQX_OBJ) $(SECRETS_OBJ) $(LIBS) @POPTLIBS@ + $(UBIQX_OBJ) $(SECRETS_OBJ) $(LIBS) @BUILD_POPT@ bin/ntlm_auth@EXEEXT@: $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \ $(UBIQX_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(LINK) -o $@ $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \ - $(UBIQX_OBJ) $(LIBS) @POPTLIBS@ + $(UBIQX_OBJ) $(LIBS) @BUILD_POPT@ bin/pam_smbpass.@SHLIBEXT@: $(PAM_SMBPASS_PICOOBJ) @echo "Linking shared library $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_PICOOBJ) -lpam $(DYNEXP) $(LIBS) -lc + $(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_PICOOBJ) -lpam $(DYNEXP) $(LIBS) -lc bin/libmsrpc.a: $(LIBMSRPC_PICOBJ) - @-$(AR) -rc $@ $(LIBMSRPC_PICOBJ) + -$(AR) -rc $@ $(LIBMSRPC_PICOBJ) bin/tdbbackup@EXEEXT@: $(TDBBACKUP_OBJ) bin/.dummy @echo Linking $@ @@ -1110,14 +1009,12 @@ bin/t_stringoverflow@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_stringove bin/t_doschar@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_doschar.o $(CC) $(FLAGS) -o $@ $(LIBS) torture/t_doschar.o -L ./bin -lbigballofmud - bin/t_push_ucs2@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_push_ucs2.o $(CC) $(FLAGS) -o $@ $(LIBS) torture/t_push_ucs2.o -L ./bin -lbigballofmud -bin/t_snprintf@EXEEXT@: lib/snprintf.c - $(CC) $(FLAGS) -o $@ -DTEST_SNPRINTF lib/snprintf.c -lm +install: installbin installman installscripts installdat installswat -install: installbin installman installscripts installdat installswat installmodules installclientlib +install-everything: install installmodules # DESTDIR is used here to prevent packagers wasting their time # duplicating the Makefile. Remove it and you will have the privelege @@ -1137,13 +1034,11 @@ installbin: all installdirs @$(SHELL) $(srcdir)/script/installbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(SBINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(SBIN_PROGS) @$(SHELL) $(srcdir)/script/installbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(BINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(BIN_PROGS) + @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(RPC_MODULES) -installmodules: all modules installdirs +installmodules: all installdirs @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(VFSLIBDIR) $(VFS_MODULES) @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(PDBLIBDIR) $(PDB_MODULES) - @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(RPC_MODULES) - @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(CHARSETLIBDIR) $(CHARSET_MODULES) - @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(AUTHLIBDIR) $(AUTH_MODULES) installscripts: installdirs @$(SHELL) $(srcdir)/script/installscripts.sh $(INSTALLPERMS) $(DESTDIR)$(BINDIR) $(SCRIPTS) @@ -1154,10 +1049,10 @@ installdat: installdirs installswat: installdirs @$(SHELL) $(srcdir)/script/installswat.sh $(DESTDIR)$(SWATDIR) $(srcdir) -installclientlib: libsmbclient +installclientlib: -$(INSTALLCLIENTCMD_SH) bin/libsmbclient.@SHLIBEXT@ $(DESTDIR)${prefix}/lib -$(INSTALLCLIENTCMD_A) bin/libsmbclient.a $(DESTDIR)${prefix}/lib - @$(SHELL) $(srcdir)/script/installdirs.sh $(DESTDIR)${prefix}/include + -$(INSTALLCMD) -d $(DESTDIR)${prefix}/include -$(INSTALLCMD) $(srcdir)/include/libsmbclient.h $(DESTDIR)${prefix}/include # Python extensions @@ -1219,13 +1114,11 @@ uninstallman: uninstallbin: @$(SHELL) $(srcdir)/script/uninstallbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(SBINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(DESTDIR)$(SBIN_PROGS) @$(SHELL) $(srcdir)/script/uninstallbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(BINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(DESTDIR)$(BIN_PROGS) + @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(DESTDIR)$(RPC_MODULES) uninstallmodules: - @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(VFSLIBDIR) $(DESTDIR)$(VFS_MODULES) - @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(PDBLIBDIR) $(DESTDIR)$(PDB_MODULES) - @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(DESTDIR)$(RPC_MODULES) - @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(CHARSETLIBDIR) $(DESTDIR)$(CHARSET_MODULES) - @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(AUTHLIBDIR) $(DESTDIR)$(AUTH_MODULES) + @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(PDBLIBDIR) $(DESTDIR)$(VFS_MODULES) + @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(VFSLIBDIR) $(DESTDIR)$(PDB_MODULES) uninstallscripts: @$(SHELL) $(srcdir)/script/uninstallscripts.sh $(INSTALLPERMS) $(DESTDIR)$(BINDIR) $(SCRIPTS) @@ -1238,10 +1131,6 @@ clean: delheaders python_clean $(TOPFILES) $(BIN_PROGS) $(SBIN_PROGS) $(MODULES) $(TORTURE_PROGS) \ $(LIBSMBCLIENT) $(EVERYTHING_PROGS) .headers.stamp -# This is quite ugly actually.. But we need to make -# sure the changes to include/config.h are used. -modules_clean: - @-rm -f @MODULES_CLEAN@ auth/auth.o passdb/pdb_interface.o rpc_server/srv_pipe_hnd.o lib/iconv.o smbd/vfs.o # Making this target will just make sure that the prototype files # exist, not necessarily that they are up to date. Since they're @@ -1249,8 +1138,7 @@ modules_clean: # afterwards. proto_exists: include/proto.h include/wrepld_proto.h include/build_env.h \ nsswitch/winbindd_proto.h web/swat_proto.h \ - client/client_proto.h utils/net_proto.h \ - include/tdbsam2_parse_info.h + client/client_proto.h utils/net_proto.h delheaders: @echo Removing prototype headers @@ -1258,12 +1146,10 @@ delheaders: @/bin/rm -f $(srcdir)/include/wrepld_proto.h $(srcdir)/nsswitch/winbindd_proto.h @/bin/rm -f $(srcdir)/web/swat_proto.h @/bin/rm -f $(srcdir)/client/client_proto.h $(srcdir)/utils/net_proto.h - @/bin/rm -f $(srcdir)/include/tdbsam2_parse_info.h @/bin/rm -f include/proto.h include/build_env.h include/wrepld_proto.h \ nsswitch/winbindd_proto.h web/swat_proto.h \ - client/client_proto.h utils/net_proto.h \ - include/tdbsam2_parse_info.h + client/client_proto.h utils/net_proto.h include/proto.h: @echo Building include/proto.h @@ -1301,15 +1187,6 @@ utils/net_proto.h: -h _CLIENT_PROTO_H_ utils/net_proto.h \ $(NET_OBJ1) -include/tdbsam2_parse_info.h: - @if test -n "$(PERL)"; then \ - cd $(srcdir) && @PERL@ -w script/genstruct.pl \ - -o include/tdbsam2_parse_info.h $(CC) -E -O2 -g \ - include/tdbsam2.h; \ - else \ - echo Unable to build $@, continuing; \ - fi - # "make headers" or "make proto" calls a subshell because we need to # make sure these commands are executed in sequence even for a # parallel make. @@ -1321,8 +1198,7 @@ headers: $(MAKE) nsswitch/winbindd_proto.h; \ $(MAKE) web/swat_proto.h; \ $(MAKE) client/client_proto.h; \ - $(MAKE) utils/net_proto.h; \ - $(MAKE) include/tdbsam2_parse_info.h + $(MAKE) utils/net_proto.h proto: headers @@ -1374,7 +1250,6 @@ check: check-programs PATH="`pwd`/bin:$$PATH" \ python stf/standardcheck.py -# These are called by the test suite and need to be built before -# running it. For the time being we don't build all of BIN_PROGS, -# because they're not all needed. -check-programs: bin/t_strcmp bin/t_push_ucs2 bin/smbcontrol bin/t_snprintf +# These are called by the test suite +check-programs: bin/t_strcmp bin/t_push_ucs2 bin/smbcontrol + diff --git a/source3/auth/auth.c b/source3/auth/auth.c index 71e9ab0428..126a712fbd 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -23,45 +23,26 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH -static struct auth_init_function_entry *backends = NULL; - -BOOL smb_register_auth(const char *name, auth_init_function init, int version) -{ - struct auth_init_function_entry *entry = backends; - - if(version != AUTH_INTERFACE_VERSION) - return False; - - DEBUG(5,("Attempting to register auth backend %s\n", name)); - - while(entry) { - if (strequal(name, entry->name)) { - DEBUG(0,("There already is an auth backend registered with the name %s!\n", name)); - return False; - } - entry = entry->next; - } - - entry = smb_xmalloc(sizeof(struct auth_init_function_entry)); - entry->name = smb_xstrdup(name); - entry->init = init; - - DLIST_ADD(backends, entry); - DEBUG(5,("Successfully added auth backend '%s'\n", name)); - return True; -} - -static struct auth_init_function_entry *auth_find_backend_entry(const char *name) -{ - struct auth_init_function_entry *entry = backends; - - while(entry) { - if (strequal(entry->name, name)) return entry; - entry = entry->next; - } - - return NULL; -} +/** List of various built-in authentication modules */ + +static const struct auth_init_function_entry builtin_auth_init_functions[] = { + { "guest", auth_init_guest }, + { "rhosts", auth_init_rhosts }, + { "hostsequiv", auth_init_hostsequiv }, + { "sam", auth_init_sam }, + { "samstrict", auth_init_samstrict }, + { "unix", auth_init_unix }, + { "smbserver", auth_init_smbserver }, + { "ntdomain", auth_init_ntdomain }, + { "trustdomain", auth_init_trustdomain }, + { "winbind", auth_init_winbind }, +#ifdef DEVELOPER + { "name_to_ntstatus", auth_init_name_to_ntstatus }, + { "fixed_challenge", auth_init_fixed_challenge }, +#endif + { "plugin", auth_init_plugin }, + { NULL, NULL} +}; /**************************************************************************** Try to get a challenge out of the various authentication modules. @@ -343,8 +324,8 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context, auth_methods *list = NULL; auth_methods *t = NULL; auth_methods *tmp; + int i; NTSTATUS nt_status; - static BOOL initialised_static_modules = False; if (!text_list) { DEBUG(2,("make_auth_context_text_list: No auth method list!?\n")); @@ -353,22 +334,15 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context, if (!NT_STATUS_IS_OK(nt_status = make_auth_context(auth_context))) return nt_status; - - /* Initialise static modules if not done so yet */ - if(!initialised_static_modules) { - static_init_auth; - initialised_static_modules = True; - } for (;*text_list; text_list++) { - struct auth_init_function_entry *entry; + DEBUG(5,("make_auth_context_text_list: Attempting to find an auth method to match %s\n", + *text_list)); + for (i = 0; builtin_auth_init_functions[i].name; i++) { char *module_name = smb_xstrdup(*text_list); char *module_params = NULL; char *p; - DEBUG(5,("make_auth_context_text_list: Attempting to find an auth method to match %s\n", - *text_list)); - p = strchr(module_name, ':'); if (p) { *p = 0; @@ -378,20 +352,20 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context, trim_string(module_name, " ", " "); - entry = auth_find_backend_entry(module_name); - - if(!(entry = auth_find_backend_entry(module_name)) && !smb_probe_module("auth", module_name) && - !(entry = auth_find_backend_entry(module_name))) { - DEBUG(0,("make_auth_context_text_list: can't find auth method %s!\n", module_name)); - } else if (!NT_STATUS_IS_OK(entry->init(*auth_context, module_params, &t))) { - DEBUG(0,("make_auth_context_text_list: auth method %s did not correctly init\n", - *text_list)); - } else { - DEBUG(5,("make_auth_context_text_list: auth method %s has a valid init\n", - *text_list)); - DLIST_ADD_END(list, t, tmp); + if (strequal(builtin_auth_init_functions[i].name, module_name)) { + DEBUG(5,("make_auth_context_text_list: Found auth method %s (at pos %d)\n", *text_list, i)); + if (NT_STATUS_IS_OK(builtin_auth_init_functions[i].init(*auth_context, module_params, &t))) { + DEBUG(5,("make_auth_context_text_list: auth method %s has a valid init\n", + *text_list)); + DLIST_ADD_END(list, t, tmp); + } else { + DEBUG(0,("make_auth_context_text_list: auth method %s did not correctly init\n", + *text_list)); + } + break; } SAFE_FREE(module_name); + } } (*auth_context)->auth_method_list = list; @@ -443,7 +417,7 @@ NTSTATUS make_auth_context_subsystem(struct auth_context **auth_context) break; case SEC_ADS: DEBUG(5,("Making default auth method list for security=ADS\n")); - auth_method_list = str_list_make("guest sam winbind ntdomain", NULL); + auth_method_list = str_list_make("guest sam ads winbind ntdomain", NULL); break; default: DEBUG(5,("Unknown auth method!\n")); diff --git a/source3/auth/auth_builtin.c b/source3/auth/auth_builtin.c index 509a4afba9..a19c532fc9 100644 --- a/source3/auth/auth_builtin.c +++ b/source3/auth/auth_builtin.c @@ -161,12 +161,50 @@ NTSTATUS auth_init_fixed_challenge(struct auth_context *auth_context, const char return NT_STATUS_OK; } -int auth_builtin_init(void) +/** + * Outsorce an auth module to an external loadable .so + * + * Only works on systems with dlopen() etc. + **/ + +/* Plugin modules initialisation */ + +NTSTATUS auth_init_plugin(struct auth_context *auth_context, const char *param, auth_methods **auth_method) { - smb_register_auth("guest", auth_init_guest, AUTH_INTERFACE_VERSION); -#ifdef DEVELOPER - smb_register_auth("fixed_challenge", auth_init_fixed_challenge, AUTH_INTERFACE_VERSION); - smb_register_auth("name_to_ntstatus", auth_init_name_to_ntstatus, AUTH_INTERFACE_VERSION); -#endif - return True; + void * dl_handle; + char *plugin_param, *plugin_name, *p; + auth_init_function plugin_init; + + if (param == NULL) { + DEBUG(0, ("auth_init_plugin: The plugin module needs an argument!\n")); + return NT_STATUS_UNSUCCESSFUL; + } + + plugin_name = smb_xstrdup(param); + p = strchr(plugin_name, ':'); + if (p) { + *p = 0; + plugin_param = p+1; + trim_string(plugin_param, " ", " "); + } else plugin_param = NULL; + + trim_string(plugin_name, " ", " "); + + DEBUG(5, ("auth_init_plugin: Trying to load auth plugin %s\n", plugin_name)); + dl_handle = sys_dlopen(plugin_name, RTLD_NOW ); + if (!dl_handle) { + DEBUG(0, ("auth_init_plugin: Failed to load auth plugin %s using sys_dlopen (%s)\n", + plugin_name, sys_dlerror())); + return NT_STATUS_UNSUCCESSFUL; + } + + plugin_init = sys_dlsym(dl_handle, "auth_init"); + if (!plugin_init){ + DEBUG(0, ("Failed to find function 'auth_init' using sys_dlsym in sam plugin %s (%s)\n", + plugin_name, sys_dlerror())); + return NT_STATUS_UNSUCCESSFUL; + } + + DEBUG(5, ("Starting sam plugin %s with paramater %s\n", plugin_name, plugin_param?plugin_param:"(null)")); + return plugin_init(auth_context, plugin_param, auth_method); } diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index 7dca5914f0..534af2257d 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -24,7 +24,7 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH -extern BOOL global_machine_password_needs_changing; +BOOL global_machine_password_needs_changing = False; extern userdom_struct current_user_info; @@ -175,11 +175,6 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, &dest_ip, 0, "IPC$", "IPC", "", "", "",0, retry); if (!NT_STATUS_IS_OK(result)) { - /* map to something more useful */ - if (NT_STATUS_EQUAL(result, NT_STATUS_UNSUCCESSFUL)) { - result = NT_STATUS_NO_LOGON_SERVERS; - } - release_server_mutex(); return result; } @@ -277,7 +272,7 @@ static NTSTATUS find_connect_dc(struct cli_state **cli, struct in_addr dc_ip; fstring srv_name; - if (!rpc_find_dc(domain, srv_name, &dc_ip)) { + if ( !rpc_find_dc(lp_workgroup(), srv_name, &dc_ip) ) { DEBUG(0,("find_connect_dc: Failed to find an DCs for %s\n", lp_workgroup())); return NT_STATUS_NO_LOGON_SERVERS; } @@ -550,10 +545,3 @@ NTSTATUS auth_init_trustdomain(struct auth_context *auth_context, const char* pa (*auth_method)->auth = check_trustdomain_security; return NT_STATUS_OK; } - -int auth_domain_init(void) -{ - smb_register_auth("trustdomain", auth_init_trustdomain, AUTH_INTERFACE_VERSION); - smb_register_auth("ntdomain", auth_init_ntdomain, AUTH_INTERFACE_VERSION); - return True; -} diff --git a/source3/auth/auth_rhosts.c b/source3/auth/auth_rhosts.c index db37193579..5451f7d930 100644 --- a/source3/auth/auth_rhosts.c +++ b/source3/auth/auth_rhosts.c @@ -242,10 +242,3 @@ NTSTATUS auth_init_rhosts(struct auth_context *auth_context, const char *param, (*auth_method)->name = "rhosts"; return NT_STATUS_OK; } - -int auth_rhosts_init(void) -{ - smb_register_auth("rhosts", auth_init_rhosts, AUTH_INTERFACE_VERSION); - smb_register_auth("hostsequiv", auth_init_hostsequiv, AUTH_INTERFACE_VERSION); - return True; -} diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index aa399f33e2..b309833440 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -500,8 +500,6 @@ static NTSTATUS check_samstrict_security(const struct auth_context *auth_context unless it is one of our aliases. */ if (!is_myname(user_info->domain.str)) { - DEBUG(7,("The requested user domain is not the local server name. [%s]\\[%s]\n", - user_info->domain.str,user_info->internal_username.str)); return NT_STATUS_NO_SUCH_USER; } @@ -520,53 +518,4 @@ NTSTATUS auth_init_samstrict(struct auth_context *auth_context, const char *para return NT_STATUS_OK; } -/**************************************************************************** -Check SAM security (above) but with a few extra checks if we're a DC. -****************************************************************************/ - -static NTSTATUS check_samstrict_dc_security(const struct auth_context *auth_context, - void *my_private_data, - TALLOC_CTX *mem_ctx, - const auth_usersupplied_info *user_info, - auth_serversupplied_info **server_info) -{ - - if (!user_info || !auth_context) { - return NT_STATUS_LOGON_FAILURE; - } - - /* If we are a domain member, we must not - attempt to check the password locally, - unless it is one of our aliases, empty - or our domain if we are a logon server.*/ - - if ((!is_myworkgroup(user_info->domain.str))&& - (!is_myname(user_info->domain.str))) { - DEBUG(7,("The requested user domain is not the local server name or our domain. [%s]\\[%s]\n", - user_info->domain.str,user_info->internal_username.str)); - return NT_STATUS_NO_SUCH_USER; - } - - return check_sam_security(auth_context, my_private_data, mem_ctx, user_info, server_info); -} - -/* module initialisation */ -NTSTATUS auth_init_samstrict_dc(struct auth_context *auth_context, const char *param, auth_methods **auth_method) -{ - if (!make_auth_methods(auth_context, auth_method)) { - return NT_STATUS_NO_MEMORY; - } - - (*auth_method)->auth = check_samstrict_dc_security; - (*auth_method)->name = "samstrict_dc"; - return NT_STATUS_OK; -} - -int auth_sam_init(void) -{ - smb_register_auth("samstrict_dc", auth_init_samstrict_dc, AUTH_INTERFACE_VERSION); - smb_register_auth("samstrict", auth_init_samstrict, AUTH_INTERFACE_VERSION); - smb_register_auth("sam", auth_init_sam, AUTH_INTERFACE_VERSION); - return True; -} diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c index a311f01dc3..5144852d3b 100644 --- a/source3/auth/auth_server.c +++ b/source3/auth/auth_server.c @@ -400,8 +400,3 @@ NTSTATUS auth_init_smbserver(struct auth_context *auth_context, const char* para (*auth_method)->free_private_data = free_server_private_data; return NT_STATUS_OK; } - -int auth_server_init(void) -{ - return smb_register_auth("smbserver", auth_init_smbserver, AUTH_INTERFACE_VERSION); -} diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index efab2046c3..4f44767a81 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -130,7 +130,3 @@ NTSTATUS auth_init_unix(struct auth_context *auth_context, const char* param, au return NT_STATUS_OK; } -int auth_unix_init(void) -{ - return smb_register_auth("unix", auth_init_unix, AUTH_INTERFACE_VERSION); -} diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index ddb833a0e5..d0f1fc1e34 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -219,18 +219,35 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info, where it doens't supply a domain for logon script 'net use' commands. - Finally, we do this by looking up a cache of trusted domains! + The way I do it here is by checking if the fully + qualified username exists. This is rather reliant + on winbind, but until we have a better method this + will have to do */ domain = client_domain; - if (is_trusted_domain(domain)) { - return make_user_info(user_info, smb_name, internal_username, - client_domain, domain, wksta_name, - lm_pwd, nt_pwd, plaintext, ntlmssp_flags, - encrypted); - } + if ((smb_name) && (*smb_name)) { /* Don't do this for guests */ + char *user = NULL; + if (asprintf(&user, "%s%s%s", + client_domain, lp_winbind_separator(), + smb_name) < 0) { + DEBUG(0, ("make_user_info_map: asprintf() failed!\n")); + return NT_STATUS_NO_MEMORY; + } + DEBUG(5, ("make_user_info_map: testing for user %s\n", user)); + + if (Get_Pwnam(user) == NULL) { + DEBUG(5, ("make_user_info_map: test for user %s failed\n", user)); + domain = lp_workgroup(); + DEBUG(5, ("make_user_info_map: trusted domain %s doesn't appear to exist, using %s\n", + client_domain, domain)); + } else { + DEBUG(5, ("make_user_info_map: using trusted domain %s\n", domain)); + } + SAFE_FREE(user); + } } else { domain = lp_workgroup(); } @@ -869,8 +886,8 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, struct passwd *passwd; - unid_t u_id, g_id; - int u_type, g_type; + uid_t uid; + gid_t gid; int n_lgroupSIDs; DOM_SID *lgroupSIDs = NULL; @@ -907,11 +924,9 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, domain = domain; } - u_type = ID_USERID; - g_type = ID_GROUPID; - if (NT_STATUS_IS_OK(idmap_get_id_from_sid(&u_id, &u_type, &user_sid)) - && NT_STATUS_IS_OK(idmap_get_id_from_sid(&g_id, &g_type, &group_sid)) - && ((passwd = getpwuid_alloc(u_id.uid)))) { + if (winbind_sid_to_uid(&uid, &user_sid) + && winbind_sid_to_gid(&gid, &group_sid) + && ((passwd = getpwuid_alloc(uid)))) { nt_status = pdb_init_sam_pw(&sam_account, passwd); passwd_free(&passwd); } else { diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c index e2a292dd01..5e1567d3c1 100644 --- a/source3/auth/auth_winbind.c +++ b/source3/auth/auth_winbind.c @@ -134,8 +134,3 @@ NTSTATUS auth_init_winbind(struct auth_context *auth_context, const char *param, (*auth_method)->auth = check_winbind_security; return NT_STATUS_OK; } - -int auth_winbind_init(void) -{ - return smb_register_auth("winbind", auth_init_winbind, AUTH_INTERFACE_VERSION); -} diff --git a/source3/bin/.cvsignore b/source3/bin/.cvsignore index 770100fd31..2ca1f67685 100644 --- a/source3/bin/.cvsignore +++ b/source3/bin/.cvsignore @@ -24,7 +24,6 @@ smbcacls smbcacls smbclient smbcontrol -smbcquotas smbd smbfilter smbgroupedit @@ -39,9 +38,7 @@ smbtree smbumount swat t_push_ucs2 -t_snprintf t_strcmp -t_stringoverflow talloctort tdbbackup testparm diff --git a/source3/change-log b/source3/change-log index 71f5012484..1f7798b541 100644 --- a/source3/change-log +++ b/source3/change-log @@ -2,7 +2,7 @@ SUPERCEDED Change Log for Samba ^^^^^^^^^^ Unless otherwise attributed, all changes were made by -Andrew.Tridgell@anu.edu.au. +Andrew.Tridgell@anu.edu.au. All bugs to samba-bugs@samba.org. NOTE: THIS LOG IS IN CHRONOLOGICAL ORDER diff --git a/source3/config.sub b/source3/config.sub index 04baf3d80d..2476310dff 100755 --- a/source3/config.sub +++ b/source3/config.sub @@ -1,9 +1,9 @@ #! /bin/sh # Configuration validation subroutine script. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003 Free Software Foundation, Inc. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001 +# Free Software Foundation, Inc. -timestamp='2003-01-03' +timestamp='2001-12-03' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software @@ -118,7 +118,7 @@ esac # Here we must recognize all the valid KERNEL-OS combinations. maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in - nto-qnx* | linux-gnu* | freebsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*) + nto-qnx* | linux-gnu* | storm-chaos* | os2-emx* | windows32-*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; @@ -227,39 +227,26 @@ case $basic_machine in 1750a | 580 \ | a29k \ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ - | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \ - | clipper \ - | d10v | d30v | dlx | dsp16xx \ - | fr30 | frv \ + | c4x | clipper \ + | d10v | d30v | dsp16xx \ + | fr30 \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | i370 | i860 | i960 | ia64 \ - | ip2k \ | m32r | m68000 | m68k | m88k | mcore \ - | mips | mipsbe | mipseb | mipsel | mipsle \ - | mips16 \ - | mips64 | mips64el \ - | mips64vr | mips64vrel \ - | mips64orion | mips64orionel \ - | mips64vr4100 | mips64vr4100el \ - | mips64vr4300 | mips64vr4300el \ - | mips64vr5000 | mips64vr5000el \ - | mipsisa32 | mipsisa32el \ - | mipsisa32r2 | mipsisa32r2el \ - | mipsisa64 | mipsisa64el \ - | mipsisa64sb1 | mipsisa64sb1el \ - | mipsisa64sr71k | mipsisa64sr71kel \ - | mipstx39 | mipstx39el \ + | mips16 | mips64 | mips64el | mips64orion | mips64orionel \ + | mips64vr4100 | mips64vr4100el | mips64vr4300 \ + | mips64vr4300el | mips64vr5000 | mips64vr5000el \ + | mipsbe | mipseb | mipsel | mipsle | mipstx39 | mipstx39el \ + | mipsisa32 \ | mn10200 | mn10300 \ - | msp430 \ | ns16k | ns32k \ - | openrisc | or32 \ + | openrisc \ | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ | pyramid \ - | sh | sh[1234] | sh3e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \ - | sh64 | sh64le \ - | sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv9 | sparcv9b \ + | sh | sh[34] | sh[34]eb | shbe | shle \ + | sparc | sparc64 | sparclet | sparclite | sparcv9 | sparcv9b \ | strongarm \ | tahoe | thumb | tic80 | tron \ | v850 | v850e \ @@ -291,52 +278,38 @@ case $basic_machine in 580-* \ | a29k-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ - | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ - | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ + | alphapca5[67]-* | arc-* \ + | arm-* | armbe-* | armle-* | armv*-* \ | avr-* \ | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* \ - | clipper-* | cydra-* \ - | d10v-* | d30v-* | dlx-* \ + | c[123]* | c30-* | [cjt]90-* | c54x-* \ + | clipper-* | cray2-* | cydra-* \ + | d10v-* | d30v-* \ | elxsi-* \ - | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \ + | f30[01]-* | f700-* | fr30-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ | i*86-* | i860-* | i960-* | ia64-* \ - | ip2k-* \ | m32r-* \ - | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ + | m68000-* | m680[01234]0-* | m68360-* | m683?2-* | m68k-* \ | m88110-* | m88k-* | mcore-* \ - | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ - | mips16-* \ - | mips64-* | mips64el-* \ - | mips64vr-* | mips64vrel-* \ - | mips64orion-* | mips64orionel-* \ - | mips64vr4100-* | mips64vr4100el-* \ - | mips64vr4300-* | mips64vr4300el-* \ - | mips64vr5000-* | mips64vr5000el-* \ - | mipsisa32-* | mipsisa32el-* \ - | mipsisa32r2-* | mipsisa32r2el-* \ - | mipsisa64-* | mipsisa64el-* \ - | mipsisa64sb1-* | mipsisa64sb1el-* \ - | mipsisa64sr71k-* | mipsisa64sr71kel-* \ - | mipstx39-* | mipstx39el-* \ - | msp430-* \ - | none-* | np1-* | nv1-* | ns16k-* | ns32k-* \ + | mips-* | mips16-* | mips64-* | mips64el-* | mips64orion-* \ + | mips64orionel-* | mips64vr4100-* | mips64vr4100el-* \ + | mips64vr4300-* | mips64vr4300el-* | mipsbe-* | mipseb-* \ + | mipsle-* | mipsel-* | mipstx39-* | mipstx39el-* \ + | none-* | np1-* | ns16k-* | ns32k-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ | pyramid-* \ | romp-* | rs6000-* \ - | sh-* | sh[1234]-* | sh3e-* | sh[34]eb-* | shbe-* \ - | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ - | sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \ - | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \ - | tahoe-* | thumb-* | tic30-* | tic4x-* | tic54x-* | tic80-* | tron-* \ + | sh-* | sh[34]-* | sh[34]eb-* | shbe-* | shle-* \ + | sparc-* | sparc64-* | sparc86x-* | sparclite-* \ + | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* \ + | t3e-* | tahoe-* | thumb-* | tic30-* | tic54x-* | tic80-* | tron-* \ | v850-* | v850e-* | vax-* \ | we32k-* \ - | x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \ + | x86-* | x86_64-* | xmp-* | xps100-* | xscale-* | xstormy16-* \ | xtensa-* \ | ymp-* \ | z8k-*) @@ -402,10 +375,6 @@ case $basic_machine in basic_machine=ns32k-sequent os=-dynix ;; - c90) - basic_machine=c90-cray - os=-unicos - ;; convex-c1) basic_machine=c1-convex os=-bsd @@ -426,8 +395,16 @@ case $basic_machine in basic_machine=c38-convex os=-bsd ;; - cray | j90) - basic_machine=j90-cray + cray | ymp) + basic_machine=ymp-cray + os=-unicos + ;; + cray2) + basic_machine=cray2-cray + os=-unicos + ;; + [cjt]90) + basic_machine=${basic_machine}-cray os=-unicos ;; crds | unos) @@ -442,14 +419,6 @@ case $basic_machine in decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) basic_machine=mips-dec ;; - decsystem10* | dec10*) - basic_machine=pdp10-dec - os=-tops10 - ;; - decsystem20* | dec20*) - basic_machine=pdp10-dec - os=-tops20 - ;; delta | 3300 | motorola-3300 | motorola-delta \ | 3300-motorola | delta-motorola) basic_machine=m68k-motorola @@ -630,6 +599,14 @@ case $basic_machine in basic_machine=m68k-atari os=-mint ;; + mipsel*-linux*) + basic_machine=mipsel-unknown + os=-linux-gnu + ;; + mips*-linux*) + basic_machine=mips-unknown + os=-linux-gnu + ;; mips3*-*) basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` ;; @@ -644,10 +621,6 @@ case $basic_machine in basic_machine=m68k-rom68k os=-coff ;; - morphos) - basic_machine=powerpc-unknown - os=-morphos - ;; msdos) basic_machine=i386-pc os=-msdos @@ -720,10 +693,6 @@ case $basic_machine in np1) basic_machine=np1-gould ;; - nv1) - basic_machine=nv1-cray - os=-unicosmp - ;; nsr-tandem) basic_machine=nsr-tandem ;; @@ -731,10 +700,6 @@ case $basic_machine in basic_machine=hppa1.1-oki os=-proelf ;; - or32 | or32-*) - basic_machine=or32-unknown - os=-coff - ;; OSE68000 | ose68000) basic_machine=m68000-ericsson os=-ose @@ -757,13 +722,13 @@ case $basic_machine in pbb) basic_machine=m68k-tti ;; - pc532 | pc532-*) + pc532 | pc532-*) basic_machine=ns32k-pc532 ;; pentium | p5 | k5 | k6 | nexgen | viac3) basic_machine=i586-pc ;; - pentiumpro | p6 | 6x86 | athlon | athlon_*) + pentiumpro | p6 | 6x86 | athlon) basic_machine=i686-pc ;; pentiumii | pentium2) @@ -784,22 +749,22 @@ case $basic_machine in power) basic_machine=power-ibm ;; ppc) basic_machine=powerpc-unknown - ;; + ;; ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppcle | powerpclittle | ppc-le | powerpc-little) basic_machine=powerpcle-unknown - ;; + ;; ppcle-* | powerpclittle-*) basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppc64) basic_machine=powerpc64-unknown - ;; + ;; ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppc64le | powerpc64little | ppc64-le | powerpc64-little) basic_machine=powerpc64le-unknown - ;; + ;; ppc64le-* | powerpc64little-*) basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` ;; @@ -830,12 +795,6 @@ case $basic_machine in basic_machine=a29k-amd os=-udi ;; - sb1) - basic_machine=mipsisa64sb1-unknown - ;; - sb1el) - basic_machine=mipsisa64sb1el-unknown - ;; sequent) basic_machine=i386-sequent ;; @@ -910,17 +869,9 @@ case $basic_machine in os=-dynix ;; t3e) - basic_machine=alphaev5-cray + basic_machine=t3e-cray os=-unicos ;; - t90) - basic_machine=t90-cray - os=-unicos - ;; - tic4x | c4x*) - basic_machine=tic4x-unknown - os=-coff - ;; tic54x | c54x*) basic_machine=tic54x-unknown os=-coff @@ -931,10 +882,6 @@ case $basic_machine in tx39el) basic_machine=mipstx39el-unknown ;; - toad1) - basic_machine=pdp10-xkl - os=-tops20 - ;; tower | tower-32) basic_machine=m68k-ncr ;; @@ -959,8 +906,8 @@ case $basic_machine in os=-vms ;; vpp*|vx|vx-*) - basic_machine=f301-fujitsu - ;; + basic_machine=f301-fujitsu + ;; vxworks960) basic_machine=i960-wrs os=-vxworks @@ -981,13 +928,17 @@ case $basic_machine in basic_machine=hppa1.1-winbond os=-proelf ;; - xps | xps100) - basic_machine=xps100-honeywell + windows32) + basic_machine=i386-pc + os=-windows32-msvcrt ;; - ymp) - basic_machine=ymp-cray + xmp) + basic_machine=xmp-cray os=-unicos ;; + xps | xps100) + basic_machine=xps100-honeywell + ;; z8k-*-coff) basic_machine=z8k-unknown os=-sim @@ -1008,6 +959,13 @@ case $basic_machine in op60c) basic_machine=hppa1.1-oki ;; + mips) + if [ x$os = x-linux-gnu ]; then + basic_machine=mips-unknown + else + basic_machine=mips-mips + fi + ;; romp) basic_machine=romp-ibm ;; @@ -1027,16 +985,13 @@ case $basic_machine in we32k) basic_machine=we32k-att ;; - sh3 | sh4 | sh3eb | sh4eb | sh[1234]le | sh3ele) + sh3 | sh4 | sh3eb | sh4eb) basic_machine=sh-unknown ;; - sh64) - basic_machine=sh64-unknown - ;; sparc | sparcv9 | sparcv9b) basic_machine=sparc-sun ;; - cydra) + cydra) basic_machine=cydra-cydrome ;; orion) @@ -1051,6 +1006,10 @@ case $basic_machine in pmac | pmac-mpw) basic_machine=powerpc-apple ;; + c4x*) + basic_machine=c4x-none + os=-coff + ;; *-unknown) # Make sure to match an already-canonicalized machine name. ;; @@ -1113,12 +1072,10 @@ case $os in | -chorusos* | -chorusrdb* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \ - | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ + | -interix* | -uwin* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ - | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ - | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ - | -powermax* | -dnix* | -microbsd*) + | -os2* | -vos* | -palmos* | -uclinux* | -nucleus*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) @@ -1130,10 +1087,8 @@ case $os in ;; esac ;; - -nto-qnx*) - ;; -nto*) - os=`echo $os | sed -e 's|nto|nto-qnx|'` + os=-nto-qnx ;; -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ | -windows* | -osx | -abug | -netware* | -os9* | -beos* \ @@ -1181,11 +1136,8 @@ case $os in -ctix* | -uts*) os=-sysv ;; - -nova*) - os=-rtmk-nova - ;; -ns2 ) - os=-nextstep2 + os=-nextstep2 ;; -nsk*) os=-nsk @@ -1224,8 +1176,8 @@ case $os in -xenix) os=-xenix ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - os=-mint + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + os=-mint ;; -none) ;; @@ -1258,11 +1210,10 @@ case $basic_machine in arm*-semi) os=-aout ;; - # This must come before the *-dec entry. pdp10-*) os=-tops20 ;; - pdp11-*) + pdp11-*) os=-none ;; *-dec | vax-*) @@ -1289,9 +1240,6 @@ case $basic_machine in mips*-*) os=-elf ;; - or32-*) - os=-coff - ;; *-tti) # must be before sparc entry or we get the wrong os. os=-sysv3 ;; @@ -1355,19 +1303,19 @@ case $basic_machine in *-next) os=-nextstep3 ;; - *-gould) + *-gould) os=-sysv ;; - *-highlevel) + *-highlevel) os=-bsd ;; *-encore) os=-bsd ;; - *-sgi) + *-sgi) os=-irix ;; - *-siemens) + *-siemens) os=-sysv4 ;; *-masscomp) @@ -1439,7 +1387,7 @@ case $basic_machine in -ptx*) vendor=sequent ;; - -vxsim* | -vxworks* | -windiss*) + -vxsim* | -vxworks*) vendor=wrs ;; -aux*) diff --git a/source3/configure.in b/source3/configure.in index 555cc06fc3..0dd73efb26 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -153,16 +153,53 @@ AC_SUBST(LIBSMBCLIENT) AC_SUBST(PRINTLIBS) AC_SUBST(AUTHLIBS) AC_SUBST(ACLLIBS) -AC_SUBST(ADSLIBS) -AC_SUBST(PASSDBLIBS) -AC_SUBST(KRB5_LIBS) -AC_SUBST(LDAP_LIBS) -AC_SUBST(LDAP_OBJ) AC_SUBST(SHLIB_PROGS) AC_SUBST(SMBWRAPPER) AC_SUBST(EXTRA_BIN_PROGS) AC_SUBST(EXTRA_SBIN_PROGS) AC_SUBST(EXTRA_ALL_TARGETS) +dnl For the DYNAMIC RPC stuff +dnl The complicated _YES and _NO stuff allows us to avoid a dependency +dnl on GNU Make. +AC_SUBST(LSA_DYNAMIC_YES) +AC_SUBST(LSA_DYNAMIC_NO) +LSA_DYNAMIC_YES="#" +LSA_DYNAMIC_NO= +AC_SUBST(NETLOG_DYNAMIC_YES) +AC_SUBST(NETLOG_DYNAMIC_NO) +NETLOG_DYNAMIC_YES="#" +NETLOG_DYNAMIC_NO= +AC_SUBST(SAMR_DYNAMIC_YES) +AC_SUBST(SAMR_DYNAMIC_NO) +SAMR_DYNAMIC_YES="#" +SAMR_DYNAMIC_NO= +AC_SUBST(SVC_DYNAMIC_YES) +AC_SUBST(SVC_DYNAMIC_NO) +SVC_DYNAMIC_YES="#" +SVC_DYNAMIC_NO= +AC_SUBST(WKS_DYNAMIC_YES) +AC_SUBST(WKS_DYNAMIC_NO) +WKS_DYNAMIC_YES="#" +WKS_DYNAMIC_NO= +AC_SUBST(REG_DYNAMIC_YES) +AC_SUBST(REG_DYNAMIC_NO) +REG_DYNAMIC_YES="#" +REG_DYNAMIC_NO= +AC_SUBST(SPOOLSS_DYNAMIC_YES) +AC_SUBST(SPOOLSS_DYNAMIC_NO) +SPOOLSS_DYNAMIC_YES="#" +SPOOLSS_DYNAMIC_NO= +AC_SUBST(DFS_DYNAMIC_YES) +AC_SUBST(DFS_DYNAMIC_NO) +DFS_DYNAMIC_YES="#" +DFS_DYNAMIC_NO= +AC_SUBST(ECHO_DYNAMIC_YES) +AC_SUBST(ECHO_DYNAMIC_NO) +ECHO_DYNAMIC_YES="#" +ECHO_DYNAMIC_NO= + +# compile with optimization and without debugging by default +CFLAGS="-O ${CFLAGS}" AC_ARG_ENABLE(debug, [ --enable-debug Turn on compiler debugging information (default=no)], @@ -190,19 +227,71 @@ then LIBS="$LIBS -ldmalloc" fi +AC_ARG_ENABLE(dynrpc, [ --enable-dynrpc Enable dynamic RPC modules [default=no]]) + +if test x$enable_dynrpc = xyes +then + enable_dynrpc=lsa,samr,reg,wks,netlog,dfs +fi + +if test x$enable_dynrpc != xno +then + for i in `echo $enable_dynrpc | sed -e's/,/ /g'` + do case $i in lsa) + LSA_DYNAMIC_YES= + LSA_DYNAMIC_NO="#" + AC_DEFINE(RPC_LSA_DYNAMIC, 1, + [Define to make the LSA pipe dynamic]) + ;; samr) + SAMR_DYNAMIC_YES= + SAMR_DYNAMIC_NO="#" + AC_DEFINE(RPC_SAMR_DYNAMIC, 1, + [Define to make the SAMR pipe dynamic]) + ;; svc) + SVC_DYNAMIC_YES= + SVC_DYNAMIC_NO="#" + AC_DEFINE(RPC_SVC_DYNAMIC, 1, + [Define to make the SRVSVC pipe dynamic]) + ;; wks) + WKS_DYNAMIC_YES= + WKS_DYNAMIC_NO="#" + AC_DEFINE(RPC_WKS_DYNAMIC, 1, + [Define to make the WKSSVC pipe dynamic]) + ;; netlog) + NETLOG_DYNAMIC_YES= + NETLOG_DYNAMIC_NO="#" + AC_DEFINE(RPC_NETLOG_DYNAMIC, 1, + [Define to make the NETLOGON pipe dynamic]) + ;; reg) + REG_DYNAMIC_YES= + REG_DYNAMIC_NO="#" + AC_DEFINE(RPC_REG_DYNAMIC, 1, + [Define to make the WINREG pipe dynamic]) + ;; spoolss) + SPOOLSS_DYNAMIC_YES= + SPOOLSS_DYNAMIC_NO="#" + AC_DEFINE(RPC_SPOOLSS_DYNAMIC, 1, + [Define to make the SPOOLSS pipe dynamic]) + ;; dfs) + DFS_DYNAMIC_YES= + DFS_DYNAMIC_NO="#" + AC_DEFINE(RPC_DFS_DYNAMIC, 1, + [Define to make the NETDFS pipe dynamic]) + ;; echo) + ECHO_DYNAMIC_YES= + ECHO_DYNAMIC_NO="#" + AC_DEFINE(RPC_ECHO_DYNAMIC, 1, + [Define to make the ECHO pipe dynamic]) + ;; esac + done +fi + dnl Checks for programs. AC_PROG_CC AC_PROG_INSTALL AC_PROG_AWK AC_PATH_PROG(PERL, perl) -# compile with optimization and without debugging by default, but -# allow people to set their own preference. -if test "x$CFLAGS" = x -then - CFLAGS="-O ${CFLAGS}" -fi - dnl Check if we use GNU ld LD=ld AC_PROG_LD_GNU @@ -485,7 +574,7 @@ AC_CHECK_HEADERS(sys/param.h ctype.h sys/wait.h sys/resource.h sys/ioctl.h sys/i AC_CHECK_HEADERS(sys/mman.h sys/filio.h sys/priv.h sys/shm.h string.h strings.h stdlib.h sys/socket.h) AC_CHECK_HEADERS(sys/mount.h sys/vfs.h sys/fs/s5param.h sys/filsys.h termios.h termio.h) AC_CHECK_HEADERS(sys/termio.h sys/statfs.h sys/dustat.h sys/statvfs.h stdarg.h sys/sockio.h) -AC_CHECK_HEADERS(security/pam_modules.h security/_pam_macros.h dlfcn.h) +AC_CHECK_HEADERS(security/pam_modules.h security/_pam_macros.h ldap.h lber.h dlfcn.h) AC_CHECK_HEADERS(sys/syslog.h syslog.h execinfo.h) # In valgrind 1.0.x, it's just valgrind.h. In 1.9.x+ there's a @@ -2072,14 +2161,8 @@ fi AC_MSG_RESULT($with_ads_support) FOUND_KRB5=no -KRB5_LIBS="" if test x"$with_ads_support" = x"yes"; then -ac_save_CFLAGS="$CFLAGS" -ac_save_LIBS="$LIBS" -CFLAGS="" -LIBS="" - ################################################# # check for krb5-config from recent MIT and Heimdal kerberos 5 AC_PATH_PROG(KRB5_CONFIG, krb5-config) @@ -2236,22 +2319,19 @@ fi ######################################################## # now see if we can find the krb5 libs in standard paths # or as specified above - AC_CHECK_LIB(krb5, krb5_mk_req_extended, [KRB5_LIBS="$LIBS -lkrb5"; - KRB5_CFLAGS="$CFLAGS"; + AC_CHECK_LIB(krb5, krb5_mk_req_extended, [LIBS="$LIBS -lkrb5"; AC_DEFINE(HAVE_KRB5,1,[Whether KRB5 is available])]) ######################################################## # now see if we can find the gssapi libs in standard paths - AC_CHECK_LIB(gssapi_krb5, gss_display_status, [KRB5_LIBS="$KRB5_LIBS -lgssapi_krb5"; + AC_CHECK_LIB(gssapi_krb5, gss_display_status, [LIBS="$LIBS -lgssapi_krb5"; AC_DEFINE(HAVE_GSSAPI,1,[Whether GSSAPI is available])]) -LIBS="$ac_save_LIBS"; CFLAGS="$ac_save_CFLAGS" fi ######################################################## # Compile with LDAP support? -LDAP_OBJ="" with_ldap_support=yes AC_MSG_CHECKING([whether to use LDAP]) @@ -2266,8 +2346,6 @@ AC_ARG_WITH(ldap, AC_MSG_RESULT($with_ldap_support) if test x"$with_ldap_support" = x"yes"; then -ac_save_LIBS="$LIBS" -LIBS="" ################################################################## # we might need the lber lib on some systems. To avoid link errors @@ -2278,9 +2356,7 @@ LIBS="" # now see if we can find the ldap libs in standard paths if test x$have_ldap != xyes; then AC_CHECK_LIB(ldap, ldap_domain2hostlist, [LIBS="$LIBS -lldap"; - LDAP_OBJ=lib/ldap.o; AC_DEFINE(HAVE_LDAP,1,[Whether ldap is available])]) - AC_CHECK_HEADERS([ldap.h lber.h], [default_static_modules="$default_static_modules pdb_ldap"]) ######################################################## # If we have LDAP, does it's rebind procedure take 2 or 3 arguments? @@ -2292,29 +2368,19 @@ LIBS="" #include <ldap.h>], [ldap_set_rebind_proc(0, 0, 0);], [pam_ldap_cv_ldap_set_rebind_proc=3], [pam_ldap_cv_ldap_set_rebind_proc=2]) ]) AC_DEFINE_UNQUOTED(LDAP_SET_REBIND_PROC_ARGS, $pam_ldap_cv_ldap_set_rebind_proc, [Number of arguments to ldap_set_rebind_proc]) fi - -LDAP_LIBS="$LIBS"; -LIBS="$ac_save_LIBS"; -else - # Can't have ADS support without LDAP - if test x"$with_ads_support" = x"yes"; then - AC_MSG_ERROR(Active directory support requires LDAP) - fi -fi - -if test x"$with_ads_support" = x"yes"; then - ADSLIBS="$LDAP_LIBS $KRB5_LIBS" fi ######################################################## # Compile with MySQL support? -AM_PATH_MYSQL([0.11.0],[default_shared_modules="$default_shared_modules pdb_mysql"],[]) +AM_PATH_MYSQL([0.11.0],[MODULE_MYSQL="bin/pdb_mysql.$SHLIBEXT"],[MODULE_MYSQL=]) CFLAGS="$CFLAGS $MYSQL_CFLAGS" +AC_SUBST(MODULE_MYSQL) ######################################################## # Compile with XML support? -AM_PATH_XML2([2.0.0],[default_shared_modules="$default_shared_modules pdb_xml"],[]) +AM_PATH_XML2([2.0.0],[MODULE_XML="bin/pdb_xml.$SHLIBEXT"],[MODULE_XML=]) CFLAGS="$CFLAGS $XML_CFLAGS" +AC_SUBST(MODULE_XML) ################################################# # check for automount support @@ -2457,24 +2523,37 @@ AC_ARG_WITH(ldapsam, ) ################################################# -# check for IDMAP - -AC_DEFINE(WITH_IDMAP,1, [Include IDMAP support]) +# check for a TDB password database +AC_MSG_CHECKING(whether to use TDB SAM database) +AC_ARG_WITH(tdbsam, +[ --with-tdbsam Include experimental TDB SAM support (default=no)], +[ case "$withval" in + yes) + AC_MSG_RESULT(yes) + AC_DEFINE(WITH_TDB_SAM,1,[Whether to include experimental TDB SAM support]) + ;; + *) + AC_MSG_RESULT(no) + ;; + esac ], + AC_MSG_RESULT(no) +) -AC_MSG_CHECKING(whether to use IDMAP only for [ug]id mapping) -AC_ARG_WITH(idmap, -[ --with-idmap Include experimental IDMAP support (default=yes)], +################################################# +# check for a NISPLUS password database +AC_MSG_CHECKING(whether to use NISPLUS SAM database) +AC_ARG_WITH(nisplussam, +[ --with-nisplussam Include NISPLUS SAM support (default=no)], [ case "$withval" in yes) AC_MSG_RESULT(yes) - AC_DEFINE(WITH_IDMAP,1,[Whether to include experimental IDMAP support]) + AC_DEFINE(WITH_NISPLUS_SAM,1,[Whether to include nisplus SAM support]) ;; - no) + *) AC_MSG_RESULT(no) - AC_DEFINE(WITH_IDMAP,0,[Whether to include experimental IDMAP support]) ;; esac ], - AC_MSG_RESULT(yes) + AC_MSG_RESULT(no) ) ######################################################################################## @@ -3348,15 +3427,12 @@ AC_MSG_CHECKING(whether to use included popt) if test x"$INCLUDED_POPT" = x"yes"; then AC_MSG_RESULT(yes) BUILD_POPT='$(POPT_OBJS)' - POPTLIBS='$(POPT_OBJS)' FLAGS1="-I$srcdir/popt" else AC_MSG_RESULT(no) - BUILD_POPT="" - POPTLIBS="-lpopt" + LIBS="$LIBS -lpopt" fi AC_SUBST(BUILD_POPT) -AC_SUBST(POPTLIBS) AC_SUBST(FLAGS1) ################################################# diff --git a/source3/include/.cvsignore b/source3/include/.cvsignore index 4bff170b3b..bff248727f 100644 --- a/source3/include/.cvsignore +++ b/source3/include/.cvsignore @@ -3,5 +3,4 @@ config.h stamp-h proto.h wrepld_proto.h -tdbsam2_parse_info.h config.h.in diff --git a/source3/include/auth.h b/source3/include/auth.h index 626b9f3ba0..e37f181082 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -148,8 +148,6 @@ struct auth_init_function_entry { /* Function to create a member of the authmethods list */ auth_init_function init; - - struct auth_init_function_entry *prev, *next; }; typedef struct auth_ntlmssp_state @@ -160,6 +158,4 @@ typedef struct auth_ntlmssp_state struct ntlmssp_state *ntlmssp_state; } AUTH_NTLMSSP_STATE; -#define AUTH_INTERFACE_VERSION 1 - #endif /* _SMBAUTH_H_ */ diff --git a/source3/include/charset.h b/source3/include/charset.h index c56984ca7b..07d5e2d599 100644 --- a/source3/include/charset.h +++ b/source3/include/charset.h @@ -2,7 +2,6 @@ Unix SMB/CIFS implementation. charset defines Copyright (C) Andrew Tridgell 2001 - Copyright (C) Jelmer Vernooij 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -23,18 +22,3 @@ typedef enum {CH_UCS2=0, CH_UNIX=1, CH_DISPLAY=2, CH_DOS=3, CH_UTF8=4} charset_t; #define NUM_CHARSETS 5 - -/* - * for each charset we have a function that pulls from that charset to - * a ucs2 buffer, and a function that pushes to a ucs2 buffer - * */ - -struct charset_functions { - const char *name; - size_t (*pull)(void *, char **inbuf, size_t *inbytesleft, - char **outbuf, size_t *outbytesleft); - size_t (*push)(void *, char **inbuf, size_t *inbytesleft, - char **outbuf, size_t *outbytesleft); - struct charset_functions *prev, *next; -}; - diff --git a/source3/include/debug.h b/source3/include/debug.h index 70f9f7706d..d4f45539f4 100644 --- a/source3/include/debug.h +++ b/source3/include/debug.h @@ -88,7 +88,6 @@ extern int DEBUGLEVEL; #define DBGC_AUTH 10 #define DBGC_WINBIND 11 #define DBGC_VFS 12 -#define DBGC_IDMAP 13 /* So you can define DBGC_CLASS before including debug.h */ #ifndef DBGC_CLASS diff --git a/source3/include/genparser.h b/source3/include/genparser.h deleted file mode 100644 index f28cd78249..0000000000 --- a/source3/include/genparser.h +++ /dev/null @@ -1,78 +0,0 @@ -/* - Copyright (C) Andrew Tridgell <genstruct@tridgell.net> 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _GENPARSER_H -#define _GENPARSER_H - -/* these macros are needed for genstruct auto-parsers */ -#ifndef GENSTRUCT -#define GENSTRUCT -#define _LEN(x) -#define _NULLTERM -#endif - -/* - automatic marshalling/unmarshalling system for C structures -*/ - -/* flag to mark a fixed size array as actually being null terminated */ -#define FLAG_NULLTERM 1 -#define FLAG_ALWAYS 2 - -struct enum_struct { - const char *name; - unsigned value; -}; - -/* intermediate dumps are stored in one of these */ -struct parse_string { - unsigned allocated; - unsigned length; - char *s; -}; - -typedef int (*gen_dump_fn)(TALLOC_CTX *, struct parse_string *, const char *ptr, unsigned indent); -typedef int (*gen_parse_fn)(TALLOC_CTX *, char *ptr, const char *str); - -/* genstruct.pl generates arrays of these */ -struct parse_struct { - const char *name; - unsigned ptr_count; - unsigned size; - unsigned offset; - unsigned array_len; - const char *dynamic_len; - unsigned flags; - gen_dump_fn dump_fn; - gen_parse_fn parse_fn; -}; - -#define DUMP_PARSE_DECL(type) \ - int gen_dump_ ## type(TALLOC_CTX *, struct parse_string *, const char *, unsigned); \ - int gen_parse_ ## type(TALLOC_CTX *, char *, const char *); - -DUMP_PARSE_DECL(char) -DUMP_PARSE_DECL(int) -DUMP_PARSE_DECL(unsigned) -DUMP_PARSE_DECL(double) -DUMP_PARSE_DECL(float) - -#define gen_dump_unsigned_char gen_dump_char -#define gen_parse_unsigned_char gen_parse_char - -#endif /* _GENPARSER_H */ diff --git a/source3/include/genparser_samba.h b/source3/include/genparser_samba.h deleted file mode 100644 index 172ff2362c..0000000000 --- a/source3/include/genparser_samba.h +++ /dev/null @@ -1,58 +0,0 @@ -/* - Copyright (C) Simo Sorce <idra@samba.org> 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _GENPARSER_SAMBA_H -#define _GENPARSER_SAMBA_H - -const struct parse_struct pinfo_security_ace_info[] = { -{"type", 0, sizeof(uint8), offsetof(struct security_ace_info, type), 0, NULL, 0, gen_dump_uint8, gen_parse_uint8}, -{"flags", 0, sizeof(uint8), offsetof(struct security_ace_info, flags), 0, NULL, 0, gen_dump_uint8, gen_parse_uint8}, -{"size", 0, sizeof(uint16), offsetof(struct security_ace_info, size), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"info", 0, sizeof(char), offsetof(struct security_ace_info, info), 0, NULL, 0, gen_dump_SEC_ACCESS, gen_parse_SEC_ACCESS}, -{"obj_flags", 0, sizeof(uint32), offsetof(struct security_ace_info, obj_flags), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"obj_guid", 0, sizeof(char), offsetof(struct security_ace_info, obj_guid), 0, NULL, 0, gen_dump_GUID, gen_parse_GUID}, -{"inh_guid", 0, sizeof(char), offsetof(struct security_ace_info, inh_guid), 0, NULL, 0, gen_dump_GUID, gen_parse_GUID}, -{"trustee", 0, sizeof(char), offsetof(struct security_ace_info, trustee), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -const struct parse_struct pinfo_security_acl_info[] = { -{"revision", 0, sizeof(uint16), offsetof(struct security_acl_info, revision), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"size", 0, sizeof(uint16), offsetof(struct security_acl_info, size), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"num_aces", 0, sizeof(uint32), offsetof(struct security_acl_info, num_aces), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"ace", 1, sizeof(struct security_ace_info), offsetof(struct security_acl_info, ace), 0, "size", 0, gen_dump_SEC_ACE, gen_parse_SEC_ACE}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -const struct parse_struct pinfo_security_descriptor_info[] = { -{"revision", 0, sizeof(uint16), offsetof(struct security_descriptor_info, revision), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"type", 0, sizeof(uint16), offsetof(struct security_descriptor_info, type), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"off_owner_sid", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_owner_sid), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"off_grp_sid", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_grp_sid), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"off_sacl", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_sacl), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"off_dacl", 0, sizeof(uint32), offsetof(struct security_descriptor_info, off_dacl), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"dacl", 1, sizeof(struct security_acl_info), offsetof(struct security_descriptor_info, dacl), 0, NULL, 0, gen_dump_SEC_ACL, gen_parse_SEC_ACL}, -{"sacl", 1, sizeof(struct security_acl_info), offsetof(struct security_descriptor_info, sacl), 0, NULL, 0, gen_dump_SEC_ACL, gen_parse_SEC_ACL}, -{"owner_sid", 1, sizeof(char), offsetof(struct security_descriptor_info, owner_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"grp_sid", 1, sizeof(char), offsetof(struct security_descriptor_info, grp_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -const struct parse_struct pinfo_luid_attr_info[] = { -{"attr", 0, sizeof(uint32), offsetof(struct LUID_ATTR, attr), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"luid", 1, sizeof(LUID), offsetof(struct LUID_ATTR, luid), 0, NULL, 0, gen_dump_LUID, gen_parse_LUID}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -#endif /* _GENPARSER_SAMBA_H */ diff --git a/source3/include/gums.h b/source3/include/gums.h deleted file mode 100644 index 789acc269f..0000000000 --- a/source3/include/gums.h +++ /dev/null @@ -1,240 +0,0 @@ -/* - Unix SMB/CIFS implementation. - GUMS structures - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _GUMS_H -#define _GUMS_H - -#define GUMS_VERSION_MAJOR 0 -#define GUMS_VERSION_MINOR 1 -#define GUMS_OBJECT_VERSION 1 - -#define GUMS_OBJ_DOMAIN 1 -#define GUMS_OBJ_NORMAL_USER 2 -#define GUMS_OBJ_GROUP 3 -#define GUMS_OBJ_ALIAS 4 -#define GUMS_OBJ_WORKSTATION_TRUST 5 -#define GUMS_OBJ_SERVER_TRUST 6 -#define GUMS_OBJ_DOMAIN_TRUST 7 - -typedef struct gums_user -{ - DOM_SID *group_sid; /* Primary Group SID */ - - NTTIME logon_time; /* logon time */ - NTTIME logoff_time; /* logoff time */ - NTTIME kickoff_time; /* kickoff time */ - NTTIME pass_last_set_time; /* password last set time */ - NTTIME pass_can_change_time; /* password can change time */ - NTTIME pass_must_change_time; /* password must change time */ - - char *full_name; /* user's full name string */ - char *home_dir; /* home directory string */ - char *dir_drive; /* home directory drive string */ - char *logon_script; /* logon script string */ - char *profile_path; /* profile path string */ - char *workstations; /* login from workstations string */ - char *unknown_str; /* don't know what this is, yet. */ - char *munged_dial; /* munged path name and dial-back tel number */ - - DATA_BLOB lm_pw; /* .data is Null if no password */ - DATA_BLOB nt_pw; /* .data is Null if no password */ - - uint32 unknown_3; /* 0x00ff ffff */ - - uint16 logon_divs; /* 168 - number of hours in a week */ - uint32 hours_len; /* normally 21 bytes */ - uint8 *hours; - - uint32 unknown_5; /* 0x0002 0000 */ - uint32 unknown_6; /* 0x0000 04ec */ - -} GUMS_USER; - -typedef struct gums_group -{ - uint32 count; /* Number of SIDs */ - DOM_SID **members; /* SID array */ - -} GUMS_GROUP; - -typedef struct gums_domain -{ - uint32 next_rid; - -} GUMS_DOMAIN; - -union gums_obj_p { - GUMS_USER *user; - GUMS_GROUP *group; - GUMS_DOMAIN *domain; -}; - -typedef struct gums_object -{ - TALLOC_CTX *mem_ctx; - - uint32 type; /* Object Type */ - uint32 version; /* Object Version */ - uint32 seq_num; /* Object Sequence Number */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - - DOM_SID *sid; /* Object Sid */ - char *name; /* Object Name */ - char *description; /* Object Description */ - - union gums_obj_p data; /* Object Specific data */ - -} GUMS_OBJECT; - -typedef struct gums_data_set -{ - int type; /* GUMS_SET_xxx */ - void *data; - -} GUMS_DATA_SET; - -typedef struct gums_commit_set -{ - TALLOC_CTX *mem_ctx; - - uint32 type; /* Object type */ - DOM_SID sid; /* Object Sid */ - uint32 count; /* number of changes */ - GUMS_DATA_SET **data; - -} GUMS_COMMIT_SET; - -typedef struct gums_privilege -{ - TALLOC_CTX *mem_ctx; - - uint32 type; /* Object Type */ - uint32 version; /* Object Version */ - uint32 seq_num; /* Object Sequence Number */ - - LUID_ATTR *privilege; /* Privilege Type */ - char *name; /* Object Name */ - char *description; /* Object Description */ - - uint32 count; - DOM_SID **members; - -} GUMS_PRIVILEGE; - - -typedef struct gums_functions -{ - /* Generic object functions */ - - NTSTATUS (*get_domain_sid) (DOM_SID **sid, const char* name); - NTSTATUS (*set_domain_sid) (const DOM_SID *sid); - - NTSTATUS (*get_sequence_number) (void); - - NTSTATUS (*new_object) (DOM_SID **sid, const char *name, const int obj_type); - NTSTATUS (*delete_object) (const DOM_SID *sid); - - NTSTATUS (*get_object_from_sid) (GUMS_OBJECT **object, const DOM_SID *sid, const int obj_type); - NTSTATUS (*get_object_from_name) (GUMS_OBJECT **object, const char *name, const int onj_type); - /* This function is used to get the list of all objects changed since b_time, it is - used to support PDC<->BDC synchronization */ - NTSTATUS (*get_updated_objects) (GUMS_OBJECT **objects, const NTTIME base_time); - - NTSTATUS (*enumerate_objects_start) (void *handle, const DOM_SID *sid, const int obj_type); - NTSTATUS (*enumerate_objects_get_next) (GUMS_OBJECT **object, void *handle); - NTSTATUS (*enumerate_objects_stop) (void *handle); - - /* This function MUST be used ONLY by PDC<->BDC replication code or recovery tools. - Never use this function to update an object in the database, use set_object_values() */ - NTSTATUS (*set_object) (const GUMS_OBJECT *object); - - /* set object values function */ - NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET **data_set); - - /* Group related functions */ - NTSTATUS (*add_members_to_group) (const DOM_SID *group, const DOM_SID **members); - NTSTATUS (*delete_members_from_group) (const DOM_SID *group, const DOM_SID **members); - NTSTATUS (*enumerate_group_members) (DOM_SID **members, const DOM_SID *sid, const int type); - - NTSTATUS (*get_sid_groups) (DOM_SID **groups, const DOM_SID *sid); - - NTSTATUS (*lock_sid) (const DOM_SID *sid); - NTSTATUS (*unlock_sid) (const DOM_SID *sid); - - /* privileges related functions */ - - NTSTATUS (*add_members_to_privilege) (const LUID_ATTR *priv, const DOM_SID **members); - NTSTATUS (*delete_members_from_privilege) (const LUID_ATTR *priv, const DOM_SID **members); - NTSTATUS (*enumerate_privilege_members) (DOM_SID **members, const LUID_ATTR *priv); - NTSTATUS (*get_sid_privileges) (DOM_SID **privs, const DOM_SID *sid); - - /* warning!: set_privilege will overwrite a prior existing privilege if such exist */ - NTSTATUS (*set_privilege) (GUMS_PRIVILEGE *priv); - -} GUMS_FUNCTIONS; - -/* define value types */ -#define GUMS_SET_PRIMARY_GROUP 0x1 -#define GUMS_SET_SEC_DESC 0x2 - -#define GUMS_SET_NAME 0x10 -#define GUMS_SET_DESCRIPTION 0x11 -#define GUMS_SET_FULL_NAME 0x12 - -/* user specific type values */ -#define GUMS_SET_LOGON_TIME 0x20 -#define GUMS_SET_LOGOFF_TIME 0x21 -#define GUMS_SET_KICKOFF_TIME 0x23 -#define GUMS_SET_PASS_LAST_SET_TIME 0x24 -#define GUMS_SET_PASS_CAN_CHANGE_TIME 0x25 -#define GUMS_SET_PASS_MUST_CHANGE_TIME 0x26 - - -#define GUMS_SET_HOME_DIRECTORY 0x31 -#define GUMS_SET_DRIVE 0x32 -#define GUMS_SET_LOGON_SCRIPT 0x33 -#define GUMS_SET_PROFILE_PATH 0x34 -#define GUMS_SET_WORKSTATIONS 0x35 -#define GUMS_SET_UNKNOWN_STRING 0x36 -#define GUMS_SET_MUNGED_DIAL 0x37 - -#define GUMS_SET_LM_PASSWORD 0x40 -#define GUMS_SET_NT_PASSWORD 0x41 -#define GUMS_SET_PLAINTEXT_PASSWORD 0x42 -#define GUMS_SET_UNKNOWN_3 0x43 -#define GUMS_SET_LOGON_DIVS 0x44 -#define GUMS_SET_HOURS_LEN 0x45 -#define GUMS_SET_HOURS 0x46 -#define GUMS_SET_UNKNOWN_5 0x47 -#define GUMS_SET_UNKNOWN_6 0x48 - -#define GUMS_SET_MUST_CHANGE_PASS 0x50 -#define GUMS_SET_CANNOT_CHANGE_PASS 0x51 -#define GUMS_SET_PASS_NEVER_EXPIRE 0x52 -#define GUMS_SET_ACCOUNT_DISABLED 0x53 -#define GUMS_SET_ACCOUNT_LOCKOUT 0x54 - -/*group specific type values */ -#define GUMS_ADD_SID_LIST 0x60 -#define GUMS_DEL_SID_LIST 0x61 -#define GUMS_SET_SID_LIST 0x62 - -#endif /* _GUMS_H */ diff --git a/source3/include/includes.h b/source3/include/includes.h index 9f86f08c1e..d406c07d06 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -437,23 +437,6 @@ #include <com_err.h> #endif -/* Special macros that are no-ops except when run under Valgrind on - * x86. They've moved a little bit from valgrind 1.0.4 to 1.9.4 */ -#if HAVE_VALGRIND_MEMCHECK_H - /* memcheck.h includes valgrind.h */ -#include <valgrind/memcheck.h> -#elif HAVE_VALGRIND_H -#include <valgrind.h> -#endif - -/* If we have --enable-developer and the valgrind header is present, - * then we're OK to use it. Set a macro so this logic can be done only - * once. */ -#if defined(DEVELOPER) && (HAVE_VALGRIND_H || HAVE_VALGRIND_VALGRIND_H) -#define VALGRIND -#endif - - /* we support ADS if we want it and have krb5 and ldap libs */ #if defined(WITH_ADS) && defined(HAVE_KRB5) && defined(HAVE_LDAP) #define HAVE_ADS @@ -794,12 +777,6 @@ extern int errno; #include "passdb.h" -#include "sam.h" - -#include "gums.h" - -#include "idmap.h" - #include "session.h" #include "asn_1.h" @@ -810,8 +787,6 @@ extern int errno; #include "nsswitch/winbind_client.h" -#include "genparser.h" - /* * Type for wide character dirent structure. * Only d_name is defined by POSIX. @@ -856,8 +831,6 @@ struct functable { struct printjob; -struct smb_ldap_privates; - /***** automatically generated prototypes *****/ #ifndef NO_PROTO_H #include "proto.h" @@ -1239,6 +1212,10 @@ int smb_xvasprintf(char **ptr, const char *format, va_list ap) PRINTF_ATTRIBUTE( time_t timegm(struct tm *tm); #endif +#if defined(VALGRIND) +#define strlen(x) valgrind_strlen(x) +#endif + /* * Veritas File System. Often in addition to native. * Quotas different. diff --git a/source3/include/libsmbclient.h b/source3/include/libsmbclient.h index f5d653f697..0c905edcbc 100644 --- a/source3/include/libsmbclient.h +++ b/source3/include/libsmbclient.h @@ -257,8 +257,9 @@ typedef int (*smbc_remove_unused_server_fn)(SMBCCTX * c, SMBCSRV *srv); * */ typedef int (*smbc_add_cached_srv_fn) (SMBCCTX * c, SMBCSRV *srv, - const char * server, const char * share, - const char * workgroup, const char * username); + char * server, char * share, + char * workgroup, char * username); + /**@ingroup callback * Look up a server in the cache system @@ -276,9 +277,9 @@ typedef int (*smbc_add_cached_srv_fn) (SMBCCTX * c, SMBCSRV *srv, * @return pointer to SMBCSRV on success. NULL on failure. * */ -typedef SMBCSRV * (*smbc_get_cached_srv_fn) (SMBCCTX * c, const char * server, - const char * share, const char * workgroup, - const char * username); +typedef SMBCSRV * (*smbc_get_cached_srv_fn) (SMBCCTX * c, char * server, + char * share, char * workgroup, char * username); + /**@ingroup callback * Check if a server is still good diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index b6ab4fd0c5..dc0ffc8035 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -372,9 +372,6 @@ struct acct_info /* security descriptor structures */ #include "rpc_secdes.h" -/* pac */ -#include "authdata.h" - /* different dce/rpc pipes */ #include "rpc_lsa.h" #include "rpc_netlogon.h" diff --git a/source3/include/passdb.h b/source3/include/passdb.h index 06409aa34e..fa80b263ff 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -34,6 +34,13 @@ #define PASSDB_INTERFACE_VERSION 4 +/* use this inside a passdb module */ +#define PDB_MODULE_VERSIONING_MAGIC \ +int pdb_version(void)\ +{\ + return PASSDB_INTERFACE_VERSION;\ +} + typedef struct pdb_context { struct pdb_methods *pdb_methods; @@ -149,7 +156,6 @@ struct pdb_init_function_entry { const char *name; /* Function to create a member of the pdb_methods list */ pdb_init_function init; - struct pdb_init_function_entry *prev, *next; }; #endif /* _PASSDB_H */ diff --git a/source3/include/rpc_client_proto.h b/source3/include/rpc_client_proto.h deleted file mode 100644 index 0ecb195691..0000000000 --- a/source3/include/rpc_client_proto.h +++ /dev/null @@ -1,231 +0,0 @@ -#ifndef _RPC_CLIENT_PROTO_H_ -#define _RPC_CLIENT_PROTO_H_ -/* This file is automatically generated with "make proto". DO NOT EDIT */ - - -/*The following definitions come from lib/util_list.c */ - -BOOL copy_policy_hnd (POLICY_HND *dest, const POLICY_HND *src); -BOOL compare_rpc_hnd_node(const RPC_HND_NODE *x, - const RPC_HND_NODE *y); -BOOL RpcHndList_set_connection(const POLICY_HND *hnd, - struct cli_connection *con); -BOOL RpcHndList_del_connection(const POLICY_HND *hnd); -struct cli_connection* RpcHndList_get_connection(const POLICY_HND *hnd); - -/*The following definitions come from rpc_client/cli_connect.c */ - -void init_connections(void); -void free_connections(void); -void cli_connection_free(struct cli_connection *con); -void cli_connection_unlink(struct cli_connection *con); -BOOL cli_connection_init(const char *srv_name, char *pipe_name, - struct cli_connection **con); -BOOL cli_connection_init_auth(const char *srv_name, char *pipe_name, - struct cli_connection **con, - cli_auth_fns * auth, void *auth_creds); -struct _cli_auth_fns *cli_conn_get_authfns(struct cli_connection *con); -void *cli_conn_get_auth_creds(struct cli_connection *con); -BOOL rpc_hnd_pipe_req(const POLICY_HND * hnd, uint8 op_num, - prs_struct * data, prs_struct * rdata); -BOOL rpc_con_pipe_req(struct cli_connection *con, uint8 op_num, - prs_struct * data, prs_struct * rdata); -BOOL rpc_con_ok(struct cli_connection *con); - -/*The following definitions come from rpc_client/cli_login.c */ - -BOOL cli_nt_setup_creds(struct cli_state *cli, unsigned char mach_pwd[16]); -BOOL cli_nt_srv_pwset(struct cli_state *cli, unsigned char *new_hashof_mach_pwd); -BOOL cli_nt_login_interactive(struct cli_state *cli, char *domain, char *username, - uint32 smb_userid_low, char *password, - NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3); -BOOL cli_nt_login_network(struct cli_state *cli, char *domain, char *username, - uint32 smb_userid_low, char lm_chal[8], - char *lm_chal_resp, char *nt_chal_resp, - NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3); -BOOL cli_nt_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr); - -/*The following definitions come from rpc_client/cli_lsarpc.c */ - -BOOL do_lsa_open_policy(struct cli_state *cli, - char *system_name, POLICY_HND *hnd, - BOOL sec_qos); -BOOL do_lsa_query_info_pol(struct cli_state *cli, - POLICY_HND *hnd, uint16 info_class, - fstring domain_name, DOM_SID *domain_sid); -BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd); -BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server); -uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd, - BOOL sec_qos, uint32 des_access); -uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids, - char ***names, uint32 **types, int *num_names); -uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names, - DOM_SID **sids, uint32 **types, int *num_sids); - -/*The following definitions come from rpc_client/cli_netlogon.c */ - -BOOL cli_net_logon_ctrl2(struct cli_state *cli, uint32 status_level); -BOOL cli_net_auth2(struct cli_state *cli, uint16 sec_chan, - uint32 neg_flags, DOM_CHAL *srv_chal); -BOOL cli_net_req_chal(struct cli_state *cli, DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal); -BOOL cli_net_srv_pwset(struct cli_state *cli, uint8 hashed_mach_pwd[16]); -BOOL cli_net_sam_logon(struct cli_state *cli, NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3); -BOOL cli_net_sam_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr); -BOOL change_trust_account_password( char *domain, char *remote_machine_list); - -/*The following definitions come from rpc_client/cli_pipe.c */ - -BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num, - prs_struct *data, prs_struct *rdata); -BOOL rpc_pipe_bind(struct cli_state *cli, char *pipe_name, char *my_name); -void cli_nt_set_ntlmssp_flgs(struct cli_state *cli, uint32 ntlmssp_flgs); -BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name); -void cli_nt_session_close(struct cli_state *cli); - -/*The following definitions come from rpc_client/cli_reg.c */ - -BOOL do_reg_connect(struct cli_state *cli, char *full_keyname, char *key_name, - POLICY_HND *reg_hnd); -BOOL do_reg_open_hklm(struct cli_state *cli, uint16 unknown_0, uint32 level, - POLICY_HND *hnd); -BOOL do_reg_open_hku(struct cli_state *cli, uint16 unknown_0, uint32 level, - POLICY_HND *hnd); -BOOL do_reg_flush_key(struct cli_state *cli, POLICY_HND *hnd); -BOOL do_reg_query_key(struct cli_state *cli, POLICY_HND *hnd, - char *class, uint32 *class_len, - uint32 *num_subkeys, uint32 *max_subkeylen, - uint32 *max_subkeysize, uint32 *num_values, - uint32 *max_valnamelen, uint32 *max_valbufsize, - uint32 *sec_desc, NTTIME *mod_time); -BOOL do_reg_unknown_1a(struct cli_state *cli, POLICY_HND *hnd, uint32 *unk); -BOOL do_reg_query_info(struct cli_state *cli, POLICY_HND *hnd, - char *key_value, uint32* key_type); -BOOL do_reg_set_key_sec(struct cli_state *cli, POLICY_HND *hnd, SEC_DESC_BUF *sec_desc_buf); -BOOL do_reg_get_key_sec(struct cli_state *cli, POLICY_HND *hnd, uint32 *sec_buf_size, SEC_DESC_BUF **ppsec_desc_buf); -BOOL do_reg_delete_val(struct cli_state *cli, POLICY_HND *hnd, char *val_name); -BOOL do_reg_delete_key(struct cli_state *cli, POLICY_HND *hnd, char *key_name); -BOOL do_reg_create_key(struct cli_state *cli, POLICY_HND *hnd, - char *key_name, char *key_class, - SEC_ACCESS *sam_access, - POLICY_HND *key); -BOOL do_reg_enum_key(struct cli_state *cli, POLICY_HND *hnd, - int key_index, char *key_name, - uint32 *unk_1, uint32 *unk_2, - time_t *mod_time); -BOOL do_reg_create_val(struct cli_state *cli, POLICY_HND *hnd, - char *val_name, uint32 type, BUFFER3 *data); -BOOL do_reg_enum_val(struct cli_state *cli, POLICY_HND *hnd, - int val_index, int max_valnamelen, int max_valbufsize, - fstring val_name, - uint32 *val_type, BUFFER2 *value); -BOOL do_reg_open_entry(struct cli_state *cli, POLICY_HND *hnd, - char *key_name, uint32 unk_0, - POLICY_HND *key_hnd); -BOOL do_reg_close(struct cli_state *cli, POLICY_HND *hnd); - -/*The following definitions come from rpc_client/cli_samr.c */ - -BOOL get_samr_query_usergroups(struct cli_state *cli, - POLICY_HND *pol_open_domain, uint32 user_rid, - uint32 *num_groups, DOM_GID *gid); -BOOL get_samr_query_userinfo(struct cli_state *cli, - POLICY_HND *pol_open_domain, - uint32 info_level, - uint32 user_rid, SAM_USER_INFO_21 *usr); -BOOL do_samr_chgpasswd_user(struct cli_state *cli, - char *srv_name, char *user_name, - char nt_newpass[516], uchar nt_oldhash[16], - char lm_newpass[516], uchar lm_oldhash[16]); -BOOL do_samr_unknown_38(struct cli_state *cli, char *srv_name); -BOOL do_samr_query_dom_info(struct cli_state *cli, - POLICY_HND *domain_pol, uint16 switch_value); -BOOL do_samr_enum_dom_users(struct cli_state *cli, - POLICY_HND *pol, uint16 num_entries, uint16 unk_0, - uint16 acb_mask, uint16 unk_1, uint32 size, - struct acct_info **sam, - int *num_sam_users); -BOOL do_samr_connect(struct cli_state *cli, - char *srv_name, uint32 unknown_0, - POLICY_HND *connect_pol); -BOOL do_samr_open_user(struct cli_state *cli, - POLICY_HND *pol, uint32 unk_0, uint32 rid, - POLICY_HND *user_pol); -BOOL do_samr_open_domain(struct cli_state *cli, - POLICY_HND *connect_pol, uint32 rid, DOM_SID *sid, - POLICY_HND *domain_pol); -BOOL do_samr_query_unknown_12(struct cli_state *cli, - POLICY_HND *pol, uint32 rid, uint32 num_gids, uint32 *gids, - uint32 *num_aliases, - fstring als_names [MAX_LOOKUP_SIDS], - uint32 num_als_users[MAX_LOOKUP_SIDS]); -BOOL do_samr_query_usergroups(struct cli_state *cli, - POLICY_HND *pol, uint32 *num_groups, DOM_GID *gid); -BOOL do_samr_query_userinfo(struct cli_state *cli, - POLICY_HND *pol, uint16 switch_value, void* usr); -BOOL do_samr_close(struct cli_state *cli, POLICY_HND *hnd); - -/*The following definitions come from rpc_client/cli_spoolss_notify.c */ - -BOOL spoolss_disconnect_from_client( struct cli_state *cli); -BOOL spoolss_connect_to_client( struct cli_state *cli, char *remote_machine); -BOOL cli_spoolss_reply_open_printer(struct cli_state *cli, char *printer, uint32 localprinter, uint32 type, uint32 *status, POLICY_HND *handle); -BOOL cli_spoolss_reply_rrpcn(struct cli_state *cli, POLICY_HND *handle, - uint32 change_low, uint32 change_high, uint32 *status); -BOOL cli_spoolss_reply_close_printer(struct cli_state *cli, POLICY_HND *handle, uint32 *status); - -/*The following definitions come from rpc_client/cli_srvsvc.c */ - -BOOL do_srv_net_srv_conn_enum(struct cli_state *cli, - char *server_name, char *qual_name, - uint32 switch_value, SRV_CONN_INFO_CTR *ctr, - uint32 preferred_len, - ENUM_HND *hnd); -BOOL do_srv_net_srv_sess_enum(struct cli_state *cli, - char *server_name, char *qual_name, - uint32 switch_value, SRV_SESS_INFO_CTR *ctr, - uint32 preferred_len, - ENUM_HND *hnd); -BOOL do_srv_net_srv_share_enum(struct cli_state *cli, - char *server_name, - uint32 switch_value, SRV_R_NET_SHARE_ENUM *r_o, - uint32 preferred_len, ENUM_HND *hnd); -BOOL do_srv_net_srv_file_enum(struct cli_state *cli, - char *server_name, char *qual_name, - uint32 switch_value, SRV_FILE_INFO_CTR *ctr, - uint32 preferred_len, - ENUM_HND *hnd); -BOOL do_srv_net_srv_get_info(struct cli_state *cli, - char *server_name, uint32 switch_value, SRV_INFO_CTR *ctr); - -/*The following definitions come from rpc_client/cli_use.c */ - -void init_cli_use(void); -void free_cli_use(void); -struct cli_state *cli_net_use_add(const char *srv_name, - const struct ntuser_creds *usr_creds, - BOOL reuse, BOOL *is_new); -BOOL cli_net_use_del(const char *srv_name, - const struct ntuser_creds *usr_creds, - BOOL force_close, BOOL *connection_closed); -void cli_net_use_enum(uint32 *num_cons, struct use_info ***use); -void cli_use_wait_keyboard(void); - -/*The following definitions come from rpc_client/cli_wkssvc.c */ - -BOOL do_wks_query_info(struct cli_state *cli, - char *server_name, uint32 switch_value, - WKS_INFO_100 *wks100); - -/*The following definitions come from rpc_client/ncacn_np_use.c */ - -BOOL ncacn_np_use_del(const char *srv_name, const char *pipe_name, - const vuser_key * key, - BOOL force_close, BOOL *connection_closed); -struct ncacn_np *ncacn_np_initialise(struct ncacn_np *msrpc, - const vuser_key * key); -struct ncacn_np *ncacn_np_use_add(const char *pipe_name, - const vuser_key * key, - const char *srv_name, - const struct ntuser_creds *ntc, - BOOL reuse, BOOL *is_new_connection); -#endif /* _PROTO_H_ */ diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index 8e1368810f..33dde6e3cb 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -237,7 +237,7 @@ typedef struct r_lsa_query_sec_obj_info typedef struct lsa_query_info { POLICY_HND pol; /* policy handle */ - uint16 info_class; /* info class */ + uint16 info_class; /* info class */ } LSA_Q_QUERY_INFO; @@ -537,6 +537,7 @@ typedef struct POLICY_HND pol; /* policy handle */ DOM_SID2 sid; UNISTR2_ARRAY rights; + uint32 count; } LSA_Q_ADD_ACCT_RIGHTS; /* LSA_R_ADD_ACCT_RIGHTS - LSA add account rights */ @@ -553,6 +554,7 @@ typedef struct DOM_SID2 sid; uint32 removeall; UNISTR2_ARRAY rights; + uint32 count; } LSA_Q_REMOVE_ACCT_RIGHTS; /* LSA_R_REMOVE_ACCT_RIGHTS - LSA remove account rights */ @@ -561,22 +563,6 @@ typedef struct NTSTATUS status; } LSA_R_REMOVE_ACCT_RIGHTS; -/* LSA_Q_ENUM_ACCT_WITH_RIGHT - LSA enum accounts with right */ -typedef struct -{ - POLICY_HND pol; - STRHDR right_hdr; - UNISTR2 right; -} LSA_Q_ENUM_ACCT_WITH_RIGHT; - -/* LSA_R_ENUM_ACCT_WITH_RIGHT - LSA enum accounts with right */ -typedef struct -{ - uint32 count; - SID_ARRAY sids; - NTSTATUS status; -} LSA_R_ENUM_ACCT_WITH_RIGHT; - /* LSA_Q_PRIV_GET_DISPNAME - LSA get privilege display name */ typedef struct lsa_q_priv_get_dispname diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h index 06ad760c58..7710489435 100644 --- a/source3/include/rpc_misc.h +++ b/source3/include/rpc_misc.h @@ -227,22 +227,6 @@ typedef struct UNISTR2_ARRAY_EL *strings; } UNISTR2_ARRAY; - -/* an element in a sid array */ -typedef struct -{ - uint32 ref_id; - DOM_SID2 sid; -} SID_ARRAY_EL; - -/* an array of sids */ -typedef struct -{ - uint32 ref_id; - uint32 count; - SID_ARRAY_EL *sids; -} SID_ARRAY; - /* DOM_RID2 - domain RID structure for ntlsa pipe */ typedef struct domrid2_info { diff --git a/source3/include/safe_string.h b/source3/include/safe_string.h index a6b352b02e..df3633d91d 100644 --- a/source3/include/safe_string.h +++ b/source3/include/safe_string.h @@ -113,24 +113,24 @@ size_t __unsafe_string_function_usage_here_char__(void); #endif /* HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS */ -/* the addition of the DEVELOPER checks in safe_strcpy means we must - * update a lot of code. To make this a little easier here are some - * functions that provide the lengths with less pain */ -#define pstrcpy_base(dest, src, pstring_base) \ - safe_strcpy(dest, src, sizeof(pstring)-PTR_DIFF(dest,pstring_base)-1) - #define safe_strcpy_base(dest, src, base, size) \ safe_strcpy(dest, src, size-PTR_DIFF(dest,base)-1) -/* String copy functions - macro hell below adds 'type checking' - (limited, but the best we can do in C) and may tag with function - name/number to record the last 'clobber region' on that string */ +/* String copy functions - macro hell below adds 'type checking' (limited, + but the best we can do in C) and may tag with function name/number to + record the last 'clobber region' on that string */ #define pstrcpy(d,s) safe_strcpy((d), (s),sizeof(pstring)-1) #define pstrcat(d,s) safe_strcat((d), (s),sizeof(pstring)-1) #define fstrcpy(d,s) safe_strcpy((d),(s),sizeof(fstring)-1) #define fstrcat(d,s) safe_strcat((d),(s),sizeof(fstring)-1) +/* the addition of the DEVELOPER checks in safe_strcpy means we must + * update a lot of code. To make this a little easier here are some + * functions that provide the lengths with less pain */ +#define pstrcpy_base(dest, src, pstring_base) \ + safe_strcpy(dest, src, sizeof(pstring)-PTR_DIFF(dest,pstring_base)-1) + /* Inside the _fn variants of these is a call to clobber_region(), - * which might destroy the stack on a buggy function. We help the diff --git a/source3/include/sam.h b/source3/include/sam.h deleted file mode 100644 index f46a6e7bcb..0000000000 --- a/source3/include/sam.h +++ /dev/null @@ -1,238 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM structures - Copyright (C) Kai Krueger 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Simo Sorce 2002 - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _SAM_H -#define _SAM_H - -/* We want to track down bugs early */ -#if 1 -#define SAM_ASSERT(x) SMB_ASSERT(x) -#else -#define SAM_ASSERT(x) while (0) { \ - if (!(x)) { - DEBUG(0, ("SAM_ASSERT failed!\n")) - return NT_STATUS_FAIL_CHECK;\ - } \ - } -#endif - - -/* let it be 0 until we have a stable interface --metze */ -#define SAM_INTERFACE_VERSION 0 - -/* use this inside a passdb module */ -#define SAM_MODULE_VERSIONING_MAGIC \ -int sam_version(void)\ -{\ - return SAM_INTERFACE_VERSION;\ -} - -/* Backend to use by default when no backend was specified */ -#define SAM_DEFAULT_BACKEND "plugin" - -typedef struct sam_domain_handle { - TALLOC_CTX *mem_ctx; - uint32 access_granted; - const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */ - void (*free_fn)(struct sam_domain_handle **); - struct domain_data { - DOM_SID sid; /*SID of the domain. Should not be changed */ - char *name; /* Name of the domain */ - char *servername; /* */ - NTTIME max_passwordage; /* time till next password expiration */ - NTTIME min_passwordage; /* time till password can be changed again */ - NTTIME lockout_duration; /* time till login is allowed again after lockout*/ - NTTIME reset_count; /* time till bad login counter is reset */ - uint16 min_passwordlength; /* minimum number of characters for a password */ - uint16 password_history; /* number of passwords stored in history */ - uint16 lockout_count; /* number of bad login attempts before lockout */ - BOOL force_logoff; /* force logoff after logon hours have expired */ - BOOL login_pwdchange; /* Users need to logon to change their password */ - uint32 num_accounts; /* number of accounts in the domain */ - uint32 num_groups; /* number of global groups */ - uint32 num_aliases; /* number of local groups */ - uint32 sam_sequence_number; /* global sequence number */ - } private; -} SAM_DOMAIN_HANDLE; - -typedef struct sam_account_handle { - TALLOC_CTX *mem_ctx; - uint32 access_granted; - const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */ - void (*free_fn)(struct sam_account_handle **); - struct sam_account_data { - uint32 init_flag; - NTTIME logon_time; /* logon time */ - NTTIME logoff_time; /* logoff time */ - NTTIME kickoff_time; /* kickoff time */ - NTTIME pass_last_set_time; /* password last set time */ - NTTIME pass_can_change_time; /* password can change time */ - NTTIME pass_must_change_time; /* password must change time */ - char * account_name; /* account_name string */ - SAM_DOMAIN_HANDLE * domain; /* domain of account */ - char *full_name; /* account's full name string */ - char *unix_home_dir; /* UNIX home directory string */ - char *home_dir; /* home directory string */ - char *dir_drive; /* home directory drive string */ - char *logon_script; /* logon script string */ - char *profile_path; /* profile path string */ - char *acct_desc; /* account description string */ - char *workstations; /* login from workstations string */ - char *unknown_str; /* don't know what this is, yet. */ - char *munged_dial; /* munged path name and dial-back tel number */ - DOM_SID account_sid; /* Primary Account SID */ - DOM_SID group_sid; /* Primary Group SID */ - DATA_BLOB lm_pw; /* .data is Null if no password */ - DATA_BLOB nt_pw; /* .data is Null if no password */ - char *plaintext_pw; /* if Null not available */ - uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */ - uint32 unknown_1; /* 0x00ff ffff */ - uint16 logon_divs; /* 168 - number of hours in a week */ - uint32 hours_len; /* normally 21 bytes */ - uint8 hours[MAX_HOURS_LEN]; - uint32 unknown_2; /* 0x0002 0000 */ - uint32 unknown_3; /* 0x0000 04ec */ - } private; -} SAM_ACCOUNT_HANDLE; - -typedef struct sam_group_handle { - TALLOC_CTX *mem_ctx; - uint32 access_granted; - const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */ - void (*free_fn)(struct sam_group_handle **); - struct sam_group_data { - char *group_name; - char *group_desc; - DOM_SID sid; - uint16 group_ctrl; /* specifies if the group is a local group or a global group */ - uint32 num_members; - } private; -} SAM_GROUP_HANDLE; - - -typedef struct sam_group_member { - DOM_SID sid; - BOOL group; /* specifies if it is a group or a account */ -} SAM_GROUP_MEMBER; - -typedef struct sam_account_enum { - DOM_SID sid; - char *account_name; - char *full_name; - char *account_desc; - uint16 acct_ctrl; -} SAM_ACCOUNT_ENUM; - -typedef struct sam_group_enum { - DOM_SID sid; - char *group_name; - char *group_desc; - uint16 group_ctrl; -} SAM_GROUP_ENUM; - - -/* bits for group_ctrl: to spezify if the group is global group or alias */ -#define GCB_LOCAL_GROUP 0x0001 -#define GCB_ALIAS_GROUP (GCB_LOCAL_GROUP |GCB_BUILTIN) -#define GCB_GLOBAL_GROUP 0x0002 -#define GCB_BUILTIN 0x1000 - -typedef struct sam_context -{ - struct sam_methods *methods; - TALLOC_CTX *mem_ctx; - - void (*free_fn)(struct sam_context **); -} SAM_CONTEXT; - -typedef struct sam_methods -{ - struct sam_context *parent; - struct sam_methods *next; - struct sam_methods *prev; - const char *backendname; - const char *domain_name; - DOM_SID domain_sid; - void *private_data; - - /* General API */ - - NTSTATUS (*sam_get_sec_desc) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd); - NTSTATUS (*sam_set_sec_desc) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd); - - NTSTATUS (*sam_lookup_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type); - NTSTATUS (*sam_lookup_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const char *name, DOM_SID *sid, uint32 *type); - - /* Domain API */ - - NTSTATUS (*sam_update_domain) (const struct sam_methods *, const SAM_DOMAIN_HANDLE *domain); - NTSTATUS (*sam_get_domain_handle) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, SAM_DOMAIN_HANDLE **domain); - - /* Account API */ - - NTSTATUS (*sam_create_account) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account); - NTSTATUS (*sam_add_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account); - NTSTATUS (*sam_update_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account); - NTSTATUS (*sam_delete_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account); - NTSTATUS (*sam_enum_accounts) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts); - - NTSTATUS (*sam_get_account_by_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account); - NTSTATUS (*sam_get_account_by_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_ACCOUNT_HANDLE **account); - - /* Group API */ - - NTSTATUS (*sam_create_group) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group); - NTSTATUS (*sam_add_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group); - NTSTATUS (*sam_update_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group); - NTSTATUS (*sam_delete_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group); - NTSTATUS (*sam_enum_groups) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups); - NTSTATUS (*sam_get_group_by_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group); - NTSTATUS (*sam_get_group_by_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group); - - NTSTATUS (*sam_add_member_to_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member); - NTSTATUS (*sam_delete_member_from_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member); - NTSTATUS (*sam_enum_groupmembers) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members); - - NTSTATUS (*sam_get_groups_of_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups); - - void (*free_private_data)(void **); -} SAM_METHODS; - -typedef NTSTATUS (*sam_init_function)(SAM_METHODS *, const char *); - -struct sam_init_function_entry { - char *module_name; - /* Function to create a member of the sam_methods list */ - sam_init_function init; -}; - -typedef struct sam_backend_entry { - char *module_name; - char *module_params; - char *domain_name; - DOM_SID *domain_sid; -} SAM_BACKEND_ENTRY; - - -#endif /* _SAM_H */ diff --git a/source3/include/secrets.h b/source3/include/secrets.h index 07faf28d43..183b29d7a8 100644 --- a/source3/include/secrets.h +++ b/source3/include/secrets.h @@ -57,14 +57,14 @@ struct machine_acct_pass { /* * storage structure for trusted domain */ -typedef struct trusted_dom_pass { +struct trusted_dom_pass { size_t uni_name_len; smb_ucs2_t uni_name[32]; /* unicode domain name */ size_t pass_len; fstring pass; /* trust relationship's password */ time_t mod_time; DOM_SID domain_sid; /* remote domain's sid */ -} TRUSTED_DOM_PASS; +}; /* * trusted domain entry/entries returned by secrets_get_trusted_domains diff --git a/source3/include/smb.h b/source3/include/smb.h index 62cc95ecb0..d8ca9bde05 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -78,10 +78,6 @@ typedef int BOOL; #define READ_EOF 2 #define READ_ERROR 3 -/* This error code can go into the client smb_rw_error. */ -#define WRITE_ERROR 4 -#define READ_BAD_SIG 5 - #define DIR_STRUCT_SIZE 43 /* these define the attribute byte as seen by DOS */ @@ -165,6 +161,9 @@ typedef uint16 smb_ucs2_t; typedef smb_ucs2_t wpstring[PSTRING_LEN]; typedef smb_ucs2_t wfstring[FSTRING_LEN]; +/* This error code can go into the client smb_rw_error. */ +#define WRITE_ERROR 4 + #ifdef WORDS_BIGENDIAN #define UCS2_SHIFT 8 #else @@ -238,8 +237,6 @@ typedef struct nttime_info #define MAXSUBAUTHS 15 /* max sub authorities in a SID */ #endif -#define SID_MAX_SIZE ((size_t)(8+(MAXSUBAUTHS*4))) - /* SID Types */ enum SID_NAME_USE { @@ -368,7 +365,6 @@ typedef struct SMB_STRUCT_STAT *statinfo; } smb_filename; -#include "fake_file.h" typedef struct files_struct { @@ -405,8 +401,6 @@ typedef struct files_struct char *fsp_name; } files_struct; -#include "ntquotas.h" - /* used to hold an arbitrary blob of data */ typedef struct data_blob { uint8 *data; @@ -977,23 +971,23 @@ struct bitmap { #define TRANSACT_WAITNAMEDPIPEHANDLESTATE 0x53 /* These are the TRANS2 sub commands */ -#define TRANSACT2_OPEN 0x00 -#define TRANSACT2_FINDFIRST 0x01 -#define TRANSACT2_FINDNEXT 0x02 -#define TRANSACT2_QFSINFO 0x03 -#define TRANSACT2_SETFSINFO 0x04 -#define TRANSACT2_QPATHINFO 0x05 -#define TRANSACT2_SETPATHINFO 0x06 -#define TRANSACT2_QFILEINFO 0x07 -#define TRANSACT2_SETFILEINFO 0x08 -#define TRANSACT2_FSCTL 0x09 -#define TRANSACT2_IOCTL 0x0A -#define TRANSACT2_FINDNOTIFYFIRST 0x0B -#define TRANSACT2_FINDNOTIFYNEXT 0x0C -#define TRANSACT2_MKDIR 0x0D -#define TRANSACT2_SESSION_SETUP 0x0E -#define TRANSACT2_GET_DFS_REFERRAL 0x10 -#define TRANSACT2_REPORT_DFS_INCONSISTANCY 0x11 +#define TRANSACT2_OPEN 0 +#define TRANSACT2_FINDFIRST 1 +#define TRANSACT2_FINDNEXT 2 +#define TRANSACT2_QFSINFO 3 +#define TRANSACT2_SETFSINFO 4 +#define TRANSACT2_QPATHINFO 5 +#define TRANSACT2_SETPATHINFO 6 +#define TRANSACT2_QFILEINFO 7 +#define TRANSACT2_SETFILEINFO 8 +#define TRANSACT2_FSCTL 9 +#define TRANSACT2_IOCTL 0xA +#define TRANSACT2_FINDNOTIFYFIRST 0xB +#define TRANSACT2_FINDNOTIFYNEXT 0xC +#define TRANSACT2_MKDIR 0xD +#define TRANSACT2_SESSION_SETUP 0xE +#define TRANSACT2_GET_DFS_REFERRAL 0x10 +#define TRANSACT2_REPORT_DFS_INCONSISTANCY 0x11 /* These are the NT transact sub commands. */ #define NT_TRANSACT_CREATE 1 @@ -1002,13 +996,6 @@ struct bitmap { #define NT_TRANSACT_NOTIFY_CHANGE 4 #define NT_TRANSACT_RENAME 5 #define NT_TRANSACT_QUERY_SECURITY_DESC 6 -#define NT_TRANSACT_GET_USER_QUOTA 7 -#define NT_TRANSACT_SET_USER_QUOTA 8 - -/* These are the NT transact_get_user_quota sub commands */ -#define TRANSACT_GET_USER_QUOTA_LIST_CONTINUE 0x0000 -#define TRANSACT_GET_USER_QUOTA_LIST_START 0x0100 -#define TRANSACT_GET_USER_QUOTA_FOR_SID 0x0101 /* Relevant IOCTL codes */ #define IOCTL_QUERY_JOB_INFO 0x530060 @@ -1249,23 +1236,18 @@ struct bitmap { #define RENAME_REPLACE_IF_EXISTS 1 /* Filesystem Attributes. */ -#define FILE_CASE_SENSITIVE_SEARCH 0x00000001 -#define FILE_CASE_PRESERVED_NAMES 0x00000002 -#define FILE_UNICODE_ON_DISK 0x00000004 +#define FILE_CASE_SENSITIVE_SEARCH 0x01 +#define FILE_CASE_PRESERVED_NAMES 0x02 +#define FILE_UNICODE_ON_DISK 0x04 /* According to cifs9f, this is 4, not 8 */ /* Acconding to testing, this actually sets the security attribute! */ -#define FILE_PERSISTENT_ACLS 0x00000008 -#define FILE_FILE_COMPRESSION 0x00000010 -#define FILE_VOLUME_QUOTAS 0x00000020 -#define FILE_SUPPORTS_SPARSE_FILES 0x00000040 -#define FILE_SUPPORTS_REPARSE_POINTS 0x00000080 -#define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100 -#define FS_LFN_APIS 0x00004000 -#define FILE_VOLUME_IS_COMPRESSED 0x00008000 -#define FILE_SUPPORTS_OBJECT_IDS 0x00010000 -#define FILE_SUPPORTS_ENCRYPTION 0x00020000 -#define FILE_NAMED_STREAMS 0x00040000 -#define FILE_READ_ONLY_VOLUME 0x00080000 +#define FILE_PERSISTENT_ACLS 0x08 +/* These entries added from cifs9f --tsb */ +#define FILE_FILE_COMPRESSION 0x10 +#define FILE_VOLUME_QUOTAS 0x20 +/* I think this is wrong. JRA #define FILE_DEVICE_IS_MOUNTED 0x20 */ +#define FILE_VOLUME_SPARSE_FILE 0x40 +#define FILE_VOLUME_IS_COMPRESSED 0x8000 /* ChangeNotify flags. */ #define FILE_NOTIFY_CHANGE_FILE 0x001 diff --git a/source3/include/smb_ldap.h b/source3/include/smb_ldap.h deleted file mode 100644 index 1a30b853e7..0000000000 --- a/source3/include/smb_ldap.h +++ /dev/null @@ -1,59 +0,0 @@ -/* - Unix SMB/CIFS implementation. - LDAP protocol helper functions for SAMBA - Copyright (C) Jean François Micouleau 1998 - Copyright (C) Gerald Carter 2001 - Copyright (C) Shahms King 2001 - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jim McDonough 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - -*/ - -#ifndef SMB_LDAP_H -#define SMB_LDAP_H - -#ifdef HAVE_LDAP - -#include <lber.h> -#include <ldap.h> - -struct smb_ldap_privates { - - /* Former statics */ - LDAP *ldap_struct; - LDAPMessage *result; - LDAPMessage *entry; - int index; - - time_t last_ping; - /* retrive-once info */ - const char *uri; - - BOOL permit_non_unix_accounts; - - uint32 low_nua_rid; - uint32 high_nua_rid; - - char *bind_dn; - char *bind_secret; - - struct smb_ldap_privates *next; -}; - -#endif -#endif diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h index 477940445c..8efb966d0b 100644 --- a/source3/include/smb_macros.h +++ b/source3/include/smb_macros.h @@ -77,12 +77,15 @@ #define OPEN_CONN(conn) ((conn) && (conn)->open) #define IS_IPC(conn) ((conn) && (conn)->ipc) #define IS_PRINT(conn) ((conn) && (conn)->printer) -#define FNUM_OK(fsp,c) (OPEN_FSP(fsp) && (c)==(fsp)->conn) +#define FNUM_OK(fsp,c) (OPEN_FSP(fsp) && (c)==(fsp)->conn && current_user.vuid==(fsp)->vuid) -#define CHECK_FSP(fsp,conn) if (!FNUM_OK(fsp,conn)) \ +#define CHECK_FSP(fsp,conn) do {\ + extern struct current_user current_user;\ + if (!FNUM_OK(fsp,conn)) \ return(ERROR_DOS(ERRDOS,ERRbadfid)); \ else if((fsp)->fd == -1) \ - return(ERROR_DOS(ERRDOS,ERRbadaccess)) + return(ERROR_DOS(ERRDOS,ERRbadaccess));\ + } while(0) #define CHECK_READ(fsp) if (!(fsp)->can_read) \ return(ERROR_DOS(ERRDOS,ERRbadaccess)) diff --git a/source3/include/tdbsam2.h b/source3/include/tdbsam2.h deleted file mode 100644 index 047b4e7c90..0000000000 --- a/source3/include/tdbsam2.h +++ /dev/null @@ -1,95 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * tdbsam2 genstruct enabled header file - * Copyright (C) Simo Sorce 2002 - * - * This program is free software; you can redistribute it and/or modify it under - * the terms of the GNU General Public License as published by the Free - * Software Foundation; either version 2 of the License, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along with - * this program; if not, write to the Free Software Foundation, Inc., 675 - * Mass Ave, Cambridge, MA 02139, USA. - */ - -/* ALL strings assumes UTF8 as encoding */ - -GENSTRUCT struct tdbsam2_domain_data { - uint32 xcounter; /* counter to be updated at any change */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - DOM_SID *dom_sid; /* The Domain SID */ - char *name; _NULLTERM /* NT Domain Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - uint32 next_rid; /* The Next free RID */ -}; - -GENSTRUCT struct tdbsam2_user_data { - uint32 xcounter; /* counter to be updated at any change */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - DOM_SID *user_sid; /* The User SID */ - char *name; _NULLTERM /* NT User Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - DOM_SID *group_sid; /* The Primary Group SID */ - - NTTIME *logon_time; - NTTIME *logoff_time; - NTTIME *kickoff_time; - NTTIME *pass_last_set_time; - NTTIME *pass_can_change_time; - NTTIME *pass_must_change_time; - - char *full_name; _NULLTERM /* The Full Name */ - char *home_dir; _NULLTERM /* Home Directory */ - char *dir_drive; _NULLTERM /* Drive Letter the home should be mapped to */ - char *logon_script; _NULLTERM /* Logon script path */ - char *profile_path; _NULLTERM /* Profile is stored here */ - char *workstations; _NULLTERM /* List of Workstation names the user is allowed to LogIn */ - char *unknown_str; _NULLTERM /* Guess ... Unknown */ - char *munged_dial; _NULLTERM /* Callback Number */ - - /* passwords are 16 byte leght, pointer is null if no password */ - uint8 *lm_pw_ptr; _LEN(16) /* Lanman hashed password */ - uint8 *nt_pw_ptr; _LEN(16) /* NT hashed password */ - - uint16 logon_divs; /* 168 - num of hours in a week */ - uint32 hours_len; /* normally 21 */ - uint8 *hours; _LEN(hours_len) /* normally 21 bytes (depends on hours_len) */ - - uint32 unknown_3; /* 0x00ff ffff */ - uint32 unknown_5; /* 0x0002 0000 */ - uint32 unknown_6; /* 0x0000 04ec */ -}; - -GENSTRUCT struct tdbsam2_group_data { - uint32 xcounter; /* counter to be updated at any change */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - DOM_SID *group_sid; /* The Group SID */ - char *name; _NULLTERM /* NT Group Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - uint32 count; /* number of sids */ - DOM_SID **members; _LEN(count) /* SID array */ -}; - -GENSTRUCT struct tdbsam2_privilege_data { - uint32 xcounter; /* counter to be updated at any change */ - - LUID_ATTR *privilege; /* Privilege */ - char *name; _NULLTERM /* NT User Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - uint32 count; /* number of sids */ - DOM_SID **members; _LEN(count) /* SID array */ -}; - diff --git a/source3/include/trans2.h b/source3/include/trans2.h index 2ccf83478b..3468d3b995 100644 --- a/source3/include/trans2.h +++ b/source3/include/trans2.h @@ -206,9 +206,7 @@ Byte offset Type name description #define SMB_QUERY_FS_SIZE_INFO 0x103 #define SMB_QUERY_FS_DEVICE_INFO 0x104 #define SMB_QUERY_FS_ATTRIBUTE_INFO 0x105 -#if 0 -#define SMB_QUERY_FS_QUOTA_INFO -#endif + #define l2_vol_fdateCreation 0 #define l2_vol_cch 4 @@ -322,7 +320,7 @@ Byte offset Type name description #define SMB_FS_SIZE_INFORMATION 1003 #define SMB_FS_DEVICE_INFORMATION 1004 #define SMB_FS_ATTRIBUTE_INFORMATION 1005 -#define SMB_FS_QUOTA_INFORMATION 1006 +#define SMB_FS_CONTROL_INFORMATION 1006 #define SMB_FS_FULL_SIZE_INFORMATION 1007 #define SMB_FS_OBJECTID_INFORMATION 1008 diff --git a/source3/include/version.h b/source3/include/version.h index c0a1c702f2..3ee1d8db59 100644 --- a/source3/include/version.h +++ b/source3/include/version.h @@ -1 +1 @@ -#define VERSION "post3.0-HEAD" +#define VERSION "3.0alpha24" diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 756e417814..9a06764371 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -48,7 +48,7 @@ #define SMB_VFS_INTERFACE_VERSION 5 -/* Version of supported cascaded interface backward compatibility. +/* Version of supported cascaded interface backward copmatibility. (version 5 corresponds to SMB_VFS_INTERFACE_VERSION 5) It is used in vfs_init_custom() to detect VFS modules which conform to cascaded VFS interface but implement elder version than current version of Samba uses. @@ -77,7 +77,7 @@ is unloaded from smbd process using sys_dlclose(). Prototypes: - vfs_op_tuple *vfs_init(const struct vfs_ops *def_vfs_ops, + vfs_op_tuple *vfs_init(int *vfs_version, const struct vfs_ops *def_vfs_ops, struct smb_vfs_handle_struct *vfs_handle); void vfs_done(connection_struct *conn); diff --git a/source3/lib/account_pol.c b/source3/lib/account_pol.c index e8b382c7ab..2e619c0c6b 100644 --- a/source3/lib/account_pol.c +++ b/source3/lib/account_pol.c @@ -118,7 +118,7 @@ BOOL account_policy_get(int field, uint32 *value) { fstring name; - if(!init_account_policy())return False; + init_account_policy(); *value = 0; @@ -142,7 +142,7 @@ BOOL account_policy_set(int field, uint32 value) { fstring name; - if(!init_account_policy())return False; + init_account_policy(); fstrcpy(name, decode_account_policy_name(field)); if (!*name) { diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c index 7acb7147fd..8b93e30267 100644 --- a/source3/lib/charcnv.c +++ b/source3/lib/charcnv.c @@ -4,7 +4,6 @@ Copyright (C) Igor Vergeichik <iverg@mail.ru> 2001 Copyright (C) Andrew Tridgell 2001 Copyright (C) Simo Sorce 2001 - Copyright (C) Martin Pool 2003 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -38,6 +37,7 @@ * @sa lib/iconv.c */ +static pstring cvtbuf; static smb_iconv_t conv_handles[NUM_CHARSETS][NUM_CHARSETS]; @@ -193,7 +193,7 @@ size_t convert_string(charset_t from, charset_t to, **/ size_t convert_string_allocate(charset_t from, charset_t to, - void const *src, size_t srclen, void **dest) + void const *src, size_t srclen, void **dest) { size_t i_len, o_len, destlen; size_t retval; @@ -277,8 +277,6 @@ static size_t convert_string_talloc(TALLOC_CTX *ctx, charset_t from, charset_t t void *alloced_string; size_t dest_len; - /* FIXME: Ridiculous to allocate two buffers and then copy the string! */ - *dest = NULL; dest_len=convert_string_allocate(from, to, src, srclen, &alloced_string); if (dest_len == (size_t)-1) @@ -293,40 +291,21 @@ static size_t convert_string_talloc(TALLOC_CTX *ctx, charset_t from, charset_t t size_t unix_strupper(const char *src, size_t srclen, char *dest, size_t destlen) { size_t size; - smb_ucs2_t *buffer; - - size = convert_string_allocate(CH_UNIX, CH_UCS2, src, srclen, - (void **) &buffer); - if (size == -1) { - smb_panic("failed to create UCS2 buffer"); - } - if (!strupper_w(buffer) && (dest == src)) { - free(buffer); + smb_ucs2_t *buffer=(smb_ucs2_t*)cvtbuf; + size=convert_string(CH_UNIX, CH_UCS2, src, srclen, buffer, sizeof(cvtbuf)); + if (!strupper_w(buffer) && (dest == src)) return srclen; - } - - size = convert_string(CH_UCS2, CH_UNIX, buffer, size, dest, destlen); - free(buffer); - return size; + return convert_string(CH_UCS2, CH_UNIX, buffer, size, dest, destlen); } size_t unix_strlower(const char *src, size_t srclen, char *dest, size_t destlen) { size_t size; - smb_ucs2_t *buffer; - - size = convert_string_allocate(CH_UNIX, CH_UCS2, src, srclen, - (void **) &buffer); - if (size == -1) { - smb_panic("failed to create UCS2 buffer"); - } - if (!strlower_w(buffer) && (dest == src)) { - free(buffer); + smb_ucs2_t *buffer=(smb_ucs2_t*)cvtbuf; + size=convert_string(CH_UNIX, CH_UCS2, src, srclen, buffer, sizeof(cvtbuf)); + if (!strlower_w(buffer) && (dest == src)) return srclen; - } - size = convert_string(CH_UCS2, CH_UNIX, buffer, size, dest, destlen); - free(buffer); - return size; + return convert_string(CH_UCS2, CH_UNIX, buffer, size, dest, destlen); } @@ -666,11 +645,11 @@ size_t pull_ucs2_talloc(TALLOC_CTX *ctx, char **dest, const smb_ucs2_t *src) * @returns The number of bytes occupied by the string in the destination **/ -size_t pull_ucs2_allocate(char **dest, const smb_ucs2_t *src) +size_t pull_ucs2_allocate(void **dest, const smb_ucs2_t *src) { size_t src_len = (strlen_w(src)+1) * sizeof(smb_ucs2_t); *dest = NULL; - return convert_string_allocate(CH_UCS2, CH_UNIX, src, src_len, (void **)dest); + return convert_string_allocate(CH_UCS2, CH_UNIX, src, src_len, dest); } /** diff --git a/source3/lib/domain_namemap.c b/source3/lib/domain_namemap.c deleted file mode 100644 index 988f5e5d65..0000000000 --- a/source3/lib/domain_namemap.c +++ /dev/null @@ -1,1317 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Groupname handling - Copyright (C) Jeremy Allison 1998. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/* - * UNIX gid and Local or Domain SID resolution. This module resolves - * only those entries in the map files, it is *NOT* responsible for - * resolving UNIX groups not listed: that is an entirely different - * matter, altogether... - */ - -/* - * - * - - format of the file is: - - unixname NT Group name - unixname Domain Admins (well-known Domain Group) - unixname DOMAIN_NAME\NT Group name - unixname OTHER_DOMAIN_NAME\NT Group name - unixname DOMAIN_NAME\Domain Admins (well-known Domain Group) - .... - - if the DOMAIN_NAME\ component is left off, then your own domain is assumed. - - * - * - */ - - -#include "includes.h" -extern int DEBUGLEVEL; - -extern fstring global_myworkgroup; -extern DOM_SID global_member_sid; -extern fstring global_sam_name; -extern DOM_SID global_sam_sid; -extern DOM_SID global_sid_S_1_5_20; - -/******************************************************************* - converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uid_t pwdb_user_rid_to_uid(uint32 user_rid) -{ - return ((user_rid & (~RID_TYPE_USER))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_group_rid_to_gid(uint32 group_rid) -{ - return ((group_rid & (~RID_TYPE_GROUP))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Alias RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_alias_rid_to_gid(uint32 alias_rid) -{ - return ((alias_rid & (~RID_TYPE_ALIAS))- 1000)/RID_MULTIPLIER; -} - -/******************************************************************* - converts NT Group RID to a UNIX uid. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_gid_to_group_rid(uint32 gid) -{ - uint32 grp_rid = ((((gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_GROUP); - return grp_rid; -} - -/****************************************************************** - converts UNIX gid to an NT Alias RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_gid_to_alias_rid(uint32 gid) -{ - uint32 alias_rid = ((((gid)*RID_MULTIPLIER) + 1000) | RID_TYPE_ALIAS); - return alias_rid; -} - -/******************************************************************* - converts UNIX uid to an NT User RID. NOTE: IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_uid_to_user_rid(uint32 uid) -{ - uint32 user_rid = ((((uid)*RID_MULTIPLIER) + 1000) | RID_TYPE_USER); - return user_rid; -} - -/****************************************************************** - converts SID + SID_NAME_USE type to a UNIX id. the Domain SID is, - and can only be, our own SID. - ********************************************************************/ -static BOOL pwdb_sam_sid_to_unixid(DOM_SID *sid, uint8 type, uint32 *id) -{ - DOM_SID tmp_sid; - uint32 rid; - - sid_copy(&tmp_sid, sid); - sid_split_rid(&tmp_sid, &rid); - if (!sid_equal(&global_sam_sid, &tmp_sid)) - { - return False; - } - - switch (type) - { - case SID_NAME_USER: - { - *id = pwdb_user_rid_to_uid(rid); - return True; - } - case SID_NAME_ALIAS: - { - *id = pwdb_alias_rid_to_gid(rid); - return True; - } - case SID_NAME_DOM_GRP: - case SID_NAME_WKN_GRP: - { - *id = pwdb_group_rid_to_gid(rid); - return True; - } - } - return False; -} - -/****************************************************************** - converts UNIX gid + SID_NAME_USE type to a SID. the Domain SID is, - and can only be, our own SID. - ********************************************************************/ -static BOOL pwdb_unixid_to_sam_sid(uint32 id, uint8 type, DOM_SID *sid) -{ - sid_copy(sid, &global_sam_sid); - switch (type) - { - case SID_NAME_USER: - { - sid_append_rid(sid, pwdb_uid_to_user_rid(id)); - return True; - } - case SID_NAME_ALIAS: - { - sid_append_rid(sid, pwdb_gid_to_alias_rid(id)); - return True; - } - case SID_NAME_DOM_GRP: - case SID_NAME_WKN_GRP: - { - sid_append_rid(sid, pwdb_gid_to_group_rid(id)); - return True; - } - } - return False; -} - -/******************************************************************* - Decides if a RID is a well known RID. - ********************************************************************/ -static BOOL pwdb_rid_is_well_known(uint32 rid) -{ - return (rid < 1000); -} - -/******************************************************************* - determines a rid's type. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -static uint32 pwdb_rid_type(uint32 rid) -{ - /* lkcl i understand that NT attaches an enumeration to a RID - * such that it can be identified as either a user, group etc - * type: SID_ENUM_TYPE. - */ - if (pwdb_rid_is_well_known(rid)) - { - /* - * The only well known user RIDs are DOMAIN_USER_RID_ADMIN - * and DOMAIN_USER_RID_GUEST. - */ - if (rid == DOMAIN_USER_RID_ADMIN || rid == DOMAIN_USER_RID_GUEST) - { - return RID_TYPE_USER; - } - if (DOMAIN_GROUP_RID_ADMINS <= rid && rid <= DOMAIN_GROUP_RID_GUESTS) - { - return RID_TYPE_GROUP; - } - if (BUILTIN_ALIAS_RID_ADMINS <= rid && rid <= BUILTIN_ALIAS_RID_REPLICATOR) - { - return RID_TYPE_ALIAS; - } - } - return (rid & RID_TYPE_MASK); -} - -/******************************************************************* - checks whether rid is a user rid. NOTE: THIS IS SOMETHING SPECIFIC TO SAMBA - ********************************************************************/ -BOOL pwdb_rid_is_user(uint32 rid) -{ - return pwdb_rid_type(rid) == RID_TYPE_USER; -} - -/************************************************************************** - Groupname map functionality. The code loads a groupname map file and - (currently) loads it into a linked list. This is slow and memory - hungry, but can be changed into a more efficient storage format - if the demands on it become excessive. -***************************************************************************/ - -typedef struct name_map -{ - ubi_slNode next; - DOM_NAME_MAP grp; - -} name_map_entry; - -static ubi_slList groupname_map_list; -static ubi_slList aliasname_map_list; -static ubi_slList ntusrname_map_list; - -static void delete_name_entry(name_map_entry *gmep) -{ - if (gmep->grp.nt_name) - { - free(gmep->grp.nt_name); - } - if (gmep->grp.nt_domain) - { - free(gmep->grp.nt_domain); - } - if (gmep->grp.unix_name) - { - free(gmep->grp.unix_name); - } - free((char*)gmep); -} - -/************************************************************************** - Delete all the entries in the name map list. -***************************************************************************/ - -static void delete_map_list(ubi_slList *map_list) -{ - name_map_entry *gmep; - - while ((gmep = (name_map_entry *)ubi_slRemHead(map_list )) != NULL) - { - delete_name_entry(gmep); - } -} - - -/************************************************************************** - makes a group sid out of a domain sid and a _unix_ gid. -***************************************************************************/ -static BOOL make_mydomain_sid(DOM_NAME_MAP *grp, DOM_MAP_TYPE type) -{ - int ret = False; - fstring sid_str; - - if (!map_domain_name_to_sid(&grp->sid, &(grp->nt_domain))) - { - DEBUG(0,("make_mydomain_sid: unknown domain %s\n", - grp->nt_domain)); - return False; - } - - if (sid_equal(&grp->sid, &global_sid_S_1_5_20)) - { - /* - * only builtin aliases are recognised in S-1-5-20 - */ - DEBUG(10,("make_mydomain_sid: group %s in builtin domain\n", - grp->nt_name)); - - if (lookup_builtin_alias_name(grp->nt_name, "BUILTIN", &grp->sid, &grp->type) != 0x0) - { - DEBUG(0,("unix group %s mapped to an unrecognised BUILTIN domain name %s\n", - grp->unix_name, grp->nt_name)); - return False; - } - ret = True; - } - else if (lookup_wk_user_name(grp->nt_name, grp->nt_domain, &grp->sid, &grp->type) == 0x0) - { - if (type != DOM_MAP_USER) - { - DEBUG(0,("well-known NT user %s\\%s listed in wrong map file\n", - grp->nt_domain, grp->nt_name)); - return False; - } - ret = True; - } - else if (lookup_wk_group_name(grp->nt_name, grp->nt_domain, &grp->sid, &grp->type) == 0x0) - { - if (type != DOM_MAP_DOMAIN) - { - DEBUG(0,("well-known NT group %s\\%s listed in wrong map file\n", - grp->nt_domain, grp->nt_name)); - return False; - } - ret = True; - } - else - { - switch (type) - { - case DOM_MAP_USER: - { - grp->type = SID_NAME_USER; - break; - } - case DOM_MAP_DOMAIN: - { - grp->type = SID_NAME_DOM_GRP; - break; - } - case DOM_MAP_LOCAL: - { - grp->type = SID_NAME_ALIAS; - break; - } - } - - ret = pwdb_unixid_to_sam_sid(grp->unix_id, grp->type, &grp->sid); - } - - sid_to_string(sid_str, &grp->sid); - DEBUG(10,("nt name %s\\%s gid %d mapped to %s\n", - grp->nt_domain, grp->nt_name, grp->unix_id, sid_str)); - return ret; -} - -/************************************************************************** - makes a group sid out of an nt domain, nt group name or a unix group name. -***************************************************************************/ -static BOOL unix_name_to_nt_name_info(DOM_NAME_MAP *map, DOM_MAP_TYPE type) -{ - /* - * Attempt to get the unix gid_t for this name. - */ - - DEBUG(5,("unix_name_to_nt_name_info: unix_name:%s\n", map->unix_name)); - - if (type == DOM_MAP_USER) - { - const struct passwd *pwptr = Get_Pwnam(map->unix_name, False); - if (pwptr == NULL) - { - DEBUG(0,("unix_name_to_nt_name_info: Get_Pwnam for user %s\ -failed. Error was %s.\n", map->unix_name, strerror(errno) )); - return False; - } - - map->unix_id = (uint32)pwptr->pw_uid; - } - else - { - struct group *gptr = getgrnam(map->unix_name); - if (gptr == NULL) - { - DEBUG(0,("unix_name_to_nt_name_info: getgrnam for group %s\ -failed. Error was %s.\n", map->unix_name, strerror(errno) )); - return False; - } - - map->unix_id = (uint32)gptr->gr_gid; - } - - DEBUG(5,("unix_name_to_nt_name_info: unix gid:%d\n", map->unix_id)); - - /* - * Now map the name to an NT SID+RID. - */ - - if (map->nt_domain != NULL && !strequal(map->nt_domain, global_sam_name)) - { - /* Must add client-call lookup code here, to - * resolve remote domain's sid and the group's rid, - * in that domain. - * - * NOTE: it is _incorrect_ to put code here that assumes - * we are responsible for lookups for foriegn domains' RIDs. - * - * for foriegn domains for which we are *NOT* the PDC, all - * we can be responsible for is the unix gid_t to which - * the foriegn SID+rid maps to, on this _local_ machine. - * we *CANNOT* make any short-cuts or assumptions about - * RIDs in a foriegn domain. - */ - - if (!map_domain_name_to_sid(&map->sid, &(map->nt_domain))) - { - DEBUG(0,("unix_name_to_nt_name_info: no known sid for %s\n", - map->nt_domain)); - return False; - } - } - - return make_mydomain_sid(map, type); -} - -static BOOL make_name_entry(name_map_entry **new_ep, - char *nt_domain, char *nt_group, char *unix_group, - DOM_MAP_TYPE type) -{ - /* - * Create the list entry and add it onto the list. - */ - - DEBUG(5,("make_name_entry:%s,%s,%s\n", nt_domain, nt_group, unix_group)); - - (*new_ep) = (name_map_entry *)malloc(sizeof(name_map_entry)); - if ((*new_ep) == NULL) - { - DEBUG(0,("make_name_entry: malloc fail for name_map_entry.\n")); - return False; - } - - ZERO_STRUCTP(*new_ep); - - (*new_ep)->grp.nt_name = strdup(nt_group ); - (*new_ep)->grp.nt_domain = strdup(nt_domain ); - (*new_ep)->grp.unix_name = strdup(unix_group); - - if ((*new_ep)->grp.nt_name == NULL || - (*new_ep)->grp.unix_name == NULL) - { - DEBUG(0,("make_name_entry: malloc fail for names in name_map_entry.\n")); - delete_name_entry((*new_ep)); - return False; - } - - /* - * look up the group names, make the Group-SID and unix gid - */ - - if (!unix_name_to_nt_name_info(&(*new_ep)->grp, type)) - { - delete_name_entry((*new_ep)); - return False; - } - - return True; -} - -/************************************************************************** - Load a name map file. Sets last accessed timestamp. -***************************************************************************/ -static ubi_slList *load_name_map(DOM_MAP_TYPE type) -{ - static time_t groupmap_file_last_modified = (time_t)0; - static time_t aliasmap_file_last_modified = (time_t)0; - static time_t ntusrmap_file_last_modified = (time_t)0; - static BOOL initialised_group = False; - static BOOL initialised_alias = False; - static BOOL initialised_ntusr = False; - char *groupname_map_file = lp_groupname_map(); - char *aliasname_map_file = lp_aliasname_map(); - char *ntusrname_map_file = lp_ntusrname_map(); - - FILE *fp; - char *s; - pstring buf; - name_map_entry *new_ep; - - time_t *file_last_modified = NULL; - int *initialised = NULL; - char *map_file = NULL; - ubi_slList *map_list = NULL; - - switch (type) - { - case DOM_MAP_DOMAIN: - { - file_last_modified = &groupmap_file_last_modified; - initialised = &initialised_group; - map_file = groupname_map_file; - map_list = &groupname_map_list; - - break; - } - case DOM_MAP_LOCAL: - { - file_last_modified = &aliasmap_file_last_modified; - initialised = &initialised_alias; - map_file = aliasname_map_file; - map_list = &aliasname_map_list; - - break; - } - case DOM_MAP_USER: - { - file_last_modified = &ntusrmap_file_last_modified; - initialised = &initialised_ntusr; - map_file = ntusrname_map_file; - map_list = &ntusrname_map_list; - - break; - } - } - - if (!(*initialised)) - { - DEBUG(10,("initialising map %s\n", map_file)); - ubi_slInitList(map_list); - (*initialised) = True; - } - - if (!*map_file) - { - return map_list; - } - - /* - * Load the file. - */ - - fp = open_file_if_modified(map_file, "r", file_last_modified); - if (!fp) - { - return map_list; - } - - /* - * Throw away any previous list. - */ - delete_map_list(map_list); - - DEBUG(4,("load_name_map: Scanning name map %s\n",map_file)); - - while ((s = fgets_slash(buf, sizeof(buf), fp)) != NULL) - { - pstring unixname; - pstring nt_name; - fstring nt_domain; - fstring ntname; - char *p; - - DEBUG(10,("Read line |%s|\n", s)); - - memset(nt_name, 0, sizeof(nt_name)); - - if (!*s || strchr("#;",*s)) - continue; - - if (!next_token(&s,unixname, "\t\n\r=", sizeof(unixname))) - continue; - - if (!next_token(&s,nt_name, "\t\n\r=", sizeof(nt_name))) - continue; - - trim_string(unixname, " ", " "); - trim_string(nt_name, " ", " "); - - if (!*nt_name) - continue; - - if (!*unixname) - continue; - - p = strchr(nt_name, '\\'); - - if (p == NULL) - { - memset(nt_domain, 0, sizeof(nt_domain)); - fstrcpy(ntname, nt_name); - } - else - { - *p = 0; - p++; - fstrcpy(nt_domain, nt_name); - fstrcpy(ntname , p); - } - - if (make_name_entry(&new_ep, nt_domain, ntname, unixname, type)) - { - ubi_slAddTail(map_list, (ubi_slNode *)new_ep); - DEBUG(5,("unixname = %s, ntname = %s\\%s type = %d\n", - new_ep->grp.unix_name, - new_ep->grp.nt_domain, - new_ep->grp.nt_name, - new_ep->grp.type)); - } - } - - DEBUG(10,("load_name_map: Added %ld entries to name map.\n", - ubi_slCount(map_list))); - - fclose(fp); - - return map_list; -} - -static void copy_grp_map_entry(DOM_NAME_MAP *grp, const DOM_NAME_MAP *from) -{ - sid_copy(&grp->sid, &from->sid); - grp->unix_id = from->unix_id; - grp->nt_name = from->nt_name; - grp->nt_domain = from->nt_domain; - grp->unix_name = from->unix_name; - grp->type = from->type; -} - -#if 0 -/*********************************************************** - Lookup unix name. -************************************************************/ -static BOOL map_unixname(DOM_MAP_TYPE type, - char *unixname, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (strequal(gmep->grp.unix_name, unixname)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_unixname: Mapping unix name %s to nt group %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - -#endif - -/*********************************************************** - Lookup nt name. -************************************************************/ -static BOOL map_ntname(DOM_MAP_TYPE type, char *ntname, char *ntdomain, - DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (strequal(gmep->grp.nt_name , ntname) && - strequal(gmep->grp.nt_domain, ntdomain)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_ntname: Mapping unix name %s to nt name %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - - -/*********************************************************** - Lookup by SID -************************************************************/ -static BOOL map_sid(DOM_MAP_TYPE type, - DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - if (sid_equal(&gmep->grp.sid, psid)) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_sid: Mapping unix name %s to nt name %s.\n", - gmep->grp.unix_name, gmep->grp.nt_name )); - return True; - } - } - - return False; -} - -/*********************************************************** - Lookup by gid_t. -************************************************************/ -static BOOL map_unixid(DOM_MAP_TYPE type, uint32 unix_id, DOM_NAME_MAP *grp_info) -{ - name_map_entry *gmep; - ubi_slList *map_list; - - /* - * Initialise and load if not already loaded. - */ - map_list = load_name_map(type); - - for (gmep = (name_map_entry *)ubi_slFirst(map_list); - gmep != NULL; - gmep = (name_map_entry *)ubi_slNext(gmep )) - { - fstring sid_str; - sid_to_string(sid_str, &gmep->grp.sid); - DEBUG(10,("map_unixid: enum entry unix group %s %d nt %s %s\n", - gmep->grp.unix_name, gmep->grp.unix_id, gmep->grp.nt_name, sid_str)); - if (gmep->grp.unix_id == unix_id) - { - copy_grp_map_entry(grp_info, &gmep->grp); - DEBUG(7,("map_unixid: Mapping unix name %s to nt name %s type %d\n", - gmep->grp.unix_name, gmep->grp.nt_name, gmep->grp.type)); - return True; - } - } - - return False; -} - -/*********************************************************** - * - * Call four functions to resolve unix group ids and either - * local group SIDs or domain group SIDs listed in the local group - * or domain group map files. - * - * Note that it is *NOT* the responsibility of these functions to - * resolve entries that are not in the map files. - * - * Any SID can be in the map files (i.e from any Domain). - * - ***********************************************************/ - -#if 0 - -/*********************************************************** - Lookup a UNIX Group entry by name. -************************************************************/ -BOOL map_unix_group_name(char *group_name, DOM_NAME_MAP *grp_info) -{ - return map_unixname(DOM_MAP_DOMAIN, group_name, grp_info); -} - -/*********************************************************** - Lookup a UNIX Alias entry by name. -************************************************************/ -BOOL map_unix_alias_name(char *alias_name, DOM_NAME_MAP *grp_info) -{ - return map_unixname(DOM_MAP_LOCAL, alias_name, grp_info); -} - -/*********************************************************** - Lookup an Alias name entry -************************************************************/ -BOOL map_nt_alias_name(char *ntalias_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_LOCAL, ntalias_name, nt_domain, grp_info); -} - -/*********************************************************** - Lookup a Group entry -************************************************************/ -BOOL map_nt_group_name(char *ntgroup_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_DOMAIN, ntgroup_name, nt_domain, grp_info); -} - -#endif - -/*********************************************************** - Lookup a Username entry by name. -************************************************************/ -static BOOL map_nt_username(char *nt_name, char *nt_domain, DOM_NAME_MAP *grp_info) -{ - return map_ntname(DOM_MAP_USER, nt_name, nt_domain, grp_info); -} - -/*********************************************************** - Lookup a Username entry by SID. -************************************************************/ -static BOOL map_username_sid(DOM_SID *sid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_USER, sid, grp_info); -} - -/*********************************************************** - Lookup a Username SID entry by uid. -************************************************************/ -static BOOL map_username_uid(uid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_USER, (uint32)gid, grp_info); -} - -/*********************************************************** - Lookup an Alias SID entry by name. -************************************************************/ -BOOL map_alias_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_LOCAL, psid, grp_info); -} - -/*********************************************************** - Lookup a Group entry by sid. -************************************************************/ -BOOL map_group_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info) -{ - return map_sid(DOM_MAP_DOMAIN, psid, grp_info); -} - -/*********************************************************** - Lookup an Alias SID entry by gid_t. -************************************************************/ -static BOOL map_alias_gid(gid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_LOCAL, (uint32)gid, grp_info); -} - -/*********************************************************** - Lookup a Group SID entry by gid_t. -************************************************************/ -static BOOL map_group_gid( gid_t gid, DOM_NAME_MAP *grp_info) -{ - return map_unixid(DOM_MAP_DOMAIN, (uint32)gid, grp_info); -} - - -/************************************************************************ - Routine to look up User details by UNIX name -*************************************************************************/ -BOOL lookupsmbpwnam(const char *unix_usr_name, DOM_NAME_MAP *grp) -{ - uid_t uid; - DEBUG(10,("lookupsmbpwnam: unix user name %s\n", unix_usr_name)); - if (nametouid(unix_usr_name, &uid)) - { - return lookupsmbpwuid(uid, grp); - } - else - { - return False; - } -} - -/************************************************************************ - Routine to look up a remote nt name -*************************************************************************/ -static BOOL lookup_remote_ntname(const char *ntname, DOM_SID *sid, uint8 *type) -{ - struct cli_state cli; - POLICY_HND lsa_pol; - fstring srv_name; - extern struct ntuser_creds *usr_creds; - struct ntuser_creds usr; - - BOOL res3 = True; - BOOL res4 = True; - uint32 num_sids; - DOM_SID *sids; - uint8 *types; - char *names[1]; - - usr_creds = &usr; - - ZERO_STRUCT(usr); - pwd_set_nullpwd(&usr.pwd); - - DEBUG(5,("lookup_remote_ntname: %s\n", ntname)); - - if (!cli_connect_serverlist(&cli, lp_passwordserver())) - { - return False; - } - - names[0] = ntname; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, cli.desthost); - strupper(srv_name); - - /* lookup domain controller; receive a policy handle */ - res3 = res3 ? lsa_open_policy( srv_name, - &lsa_pol, True) : False; - - /* send lsa lookup sids call */ - res4 = res3 ? lsa_lookup_names( &lsa_pol, - 1, names, - &sids, &types, &num_sids) : False; - - res3 = res3 ? lsa_close(&lsa_pol) : False; - - if (res4 && res3 && sids != NULL && types != NULL) - { - sid_copy(sid, &sids[0]); - *type = types[0]; - } - else - { - res3 = False; - } - if (types != NULL) - { - free(types); - } - - if (sids != NULL) - { - free(sids); - } - - return res3 && res4; -} - -/************************************************************************ - Routine to look up a remote nt name -*************************************************************************/ -static BOOL get_sid_and_type(const char *fullntname, uint8 expected_type, - DOM_NAME_MAP *gmep) -{ - /* - * check with the PDC to see if it owns the name. if so, - * the SID is resolved with the PDC database. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - if (lookup_remote_ntname(fullntname, &gmep->sid, &gmep->type)) - { - if (sid_front_equal(&gmep->sid, &global_member_sid) && - strequal(gmep->nt_domain, global_myworkgroup) && - gmep->type == expected_type) - { - return True; - } - return False; - } - } - - /* - * ... otherwise, it's one of ours. map the sid ourselves, - * which can only happen in our own SAM database. - */ - - if (!strequal(gmep->nt_domain, global_sam_name)) - { - return False; - } - if (!pwdb_unixid_to_sam_sid(gmep->unix_id, gmep->type, &gmep->sid)) - { - return False; - } - - return True; -} - -/* - * used by lookup functions below - */ - -static fstring nt_name; -static fstring unix_name; -static fstring nt_domain; - -/************************************************************************* - looks up a uid, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwuid(uid_t uid, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbpwuid: unix uid %d\n", uid)); - if (map_username_uid(uid, gmep)) - { - return True; - } -#if 0 - if (lp_server_role() != ROLE_DOMAIN_NONE) -#endif - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - gmep->unix_id = (uint32)uid; - - /* - * ok, assume it's one of ours. then double-check it - * if we are a member of a domain - */ - - gmep->type = SID_NAME_USER; - fstrcpy(gmep->nt_name, uidtoname(uid)); - fstrcpy(gmep->unix_name, gmep->nt_name); - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - lsa_lookup_names(global_myworkgroup, gmep->nt_name, &gmep->sid...); -#endif - } - - /* - * ok, it's one of ours. - */ - - gmep->nt_domain = global_sam_name; - pwdb_unixid_to_sam_sid(gmep->unix_id, gmep->type, &gmep->sid); - - return True; - } - - /* oops. */ - - return False; -} - -/************************************************************************* - looks up by NT name, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwntnam(const char *fullntname, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbpwntnam: nt user name %s\n", fullntname)); - - if (!split_domain_name(fullntname, nt_domain, nt_name)) - { - return False; - } - - if (map_nt_username(nt_name, nt_domain, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - uid_t uid; - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * ok, it's one of ours. we therefore "create" an nt user named - * after the unix user. this is the point where "appliance mode" - * should get its teeth in, as unix users won't really exist, - * they will only be numbers... - */ - - gmep->type = SID_NAME_USER; - fstrcpy(gmep->unix_name, gmep->nt_name); - if (!nametouid(gmep->unix_name, &uid)) - { - return False; - } - gmep->unix_id = (uint32)uid; - - return get_sid_and_type(fullntname, gmep->type, gmep); - } - - /* oops. */ - - return False; -} - -/************************************************************************* - looks up by RID, returns User Information. -*************************************************************************/ -BOOL lookupsmbpwsid(DOM_SID *sid, DOM_NAME_MAP *gmep) -{ - fstring sid_str; - sid_to_string(sid_str, sid); - DEBUG(10,("lookupsmbpwsid: nt sid %s\n", sid_str)); - - if (map_username_sid(sid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - if (lookup_remote_sid(global_myworkgroup, gmep->sid, gmep->nt_name, gmep->nt_domain...); -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt user named - * after the unix user. this is the point where "appliance mode" - * should get its teeth in, as unix users won't really exist, - * they will only be numbers... - */ - - gmep->type = SID_NAME_USER; - sid_copy(&gmep->sid, sid); - if (!pwdb_sam_sid_to_unixid(&gmep->sid, gmep->type, &gmep->unix_id)) - { - return False; - } - fstrcpy(gmep->nt_name, uidtoname((uid_t)gmep->unix_id)); - fstrcpy(gmep->unix_name, gmep->nt_name); - gmep->nt_domain = global_sam_name; - - return True; - } - - /* oops. */ - - return False; -} - -/************************************************************************ - Routine to look up group / alias / well-known group RID by UNIX name -*************************************************************************/ -BOOL lookupsmbgrpnam(const char *unix_grp_name, DOM_NAME_MAP *grp) -{ - gid_t gid; - DEBUG(10,("lookupsmbgrpnam: unix user group %s\n", unix_grp_name)); - if (nametogid(unix_grp_name, &gid)) - { - return lookupsmbgrpgid(gid, grp); - } - else - { - return False; - } -} - -/************************************************************************* - looks up a SID, returns name map entry -*************************************************************************/ -BOOL lookupsmbgrpsid(DOM_SID *sid, DOM_NAME_MAP *gmep) -{ - fstring sid_str; - sid_to_string(sid_str, sid); - DEBUG(10,("lookupsmbgrpsid: nt sid %s\n", sid_str)); - - if (map_alias_sid(sid, gmep)) - { - return True; - } - if (map_group_sid(sid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - lsa_lookup_sids(global_myworkgroup, gmep->sid, gmep->nt_name, gmep->nt_domain...); -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt group or - * alias name named after the unix group. this is the point - * where "appliance mode" should get its teeth in, as unix - * groups won't really exist, they will only be numbers... - */ - - /* name is not explicitly mapped - * with map files or the PDC - * so we are responsible for it... - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - /* ... as a LOCAL group. */ - gmep->type = SID_NAME_ALIAS; - } - else - { - /* ... as a DOMAIN group. */ - gmep->type = SID_NAME_DOM_GRP; - } - - sid_copy(&gmep->sid, sid); - if (!pwdb_sam_sid_to_unixid(&gmep->sid, gmep->type, &gmep->unix_id)) - { - return False; - } - fstrcpy(gmep->nt_name, gidtoname((gid_t)gmep->unix_id)); - fstrcpy(gmep->unix_name, gmep->nt_name); - gmep->nt_domain = global_sam_name; - - return True; - } - - /* oops */ - return False; -} - -/************************************************************************* - looks up a gid, returns RID and type local, domain or well-known domain group -*************************************************************************/ -BOOL lookupsmbgrpgid(gid_t gid, DOM_NAME_MAP *gmep) -{ - DEBUG(10,("lookupsmbgrpgid: unix gid %d\n", (int)gid)); - if (map_alias_gid(gid, gmep)) - { - return True; - } - if (map_group_gid(gid, gmep)) - { - return True; - } - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - gmep->nt_name = nt_name; - gmep->unix_name = unix_name; - gmep->nt_domain = nt_domain; - - gmep->unix_id = (uint32)gid; - - /* - * here we should do a LsaLookupNames() call - * to check the status of the name with the PDC. - * if the PDC know nothing of the name, it's ours. - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { -#if 0 - if (lsa_lookup_names(global_myworkgroup, gmep->nt_name, &gmep->sid...); - { - return True; - } -#endif - } - - /* - * ok, it's one of ours. we therefore "create" an nt group or - * alias name named after the unix group. this is the point - * where "appliance mode" should get its teeth in, as unix - * groups won't really exist, they will only be numbers... - */ - - /* name is not explicitly mapped - * with map files or the PDC - * so we are responsible for it... - */ - - if (lp_server_role() == ROLE_DOMAIN_MEMBER) - { - /* ... as a LOCAL group. */ - gmep->type = SID_NAME_ALIAS; - } - else - { - /* ... as a DOMAIN group. */ - gmep->type = SID_NAME_DOM_GRP; - } - fstrcpy(gmep->nt_name, gidtoname(gid)); - fstrcpy(gmep->unix_name, gmep->nt_name); - - return get_sid_and_type(gmep->nt_name, gmep->type, gmep); - } - - /* oops */ - return False; -} - diff --git a/source3/lib/genparser.c b/source3/lib/genparser.c deleted file mode 100644 index 233050b432..0000000000 --- a/source3/lib/genparser.c +++ /dev/null @@ -1,786 +0,0 @@ -/* - Copyright (C) Andrew Tridgell <genstruct@tridgell.net> 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/* - automatic marshalling/unmarshalling system for C structures -*/ - -#include "includes.h" - -/* see if a range of memory is all zero. Used to prevent dumping of zero elements */ -static int all_zero(const char *ptr, unsigned size) -{ - int i; - if (!ptr) return 1; - for (i=0;i<size;i++) { - if (ptr[i]) return 0; - } - return 1; -} - -/* encode a buffer of bytes into a escaped string */ -static char *encode_bytes(TALLOC_CTX *mem_ctx, const char *ptr, unsigned len) -{ - const char *hexdig = "0123456789abcdef"; - char *ret, *p; - unsigned i; - ret = talloc(mem_ctx, len*3 + 1); /* worst case size */ - if (!ret) return NULL; - for (p=ret,i=0;i<len;i++) { - if (isalnum(ptr[i]) || isspace(ptr[i]) || - (ispunct(ptr[i]) && !strchr("\\{}", ptr[i]))) { - *p++ = ptr[i]; - } else { - unsigned char c = *(unsigned char *)(ptr+i); - if (c == 0 && all_zero(ptr+i, len-i)) break; - p[0] = '\\'; - p[1] = hexdig[c>>4]; - p[2] = hexdig[c&0xF]; - p += 3; - } - } - - *p = 0; - - return ret; -} - -/* decode an escaped string from encode_bytes() into a buffer */ -static char *decode_bytes(TALLOC_CTX *mem_ctx, const char *s, unsigned *len) -{ - char *ret, *p; - unsigned i; - int slen = strlen(s) + 1; - - ret = talloc(mem_ctx, slen); /* worst case length */ - if (!ret) - return NULL; - memset(ret, 0, slen); - - if (*s == '{') s++; - - for (p=ret,i=0;s[i];i++) { - if (s[i] == '}') { - break; - } else if (s[i] == '\\') { - unsigned v; - if (sscanf(&s[i+1], "%02x", &v) != 1 || v > 255) { - return NULL; - } - *(unsigned char *)p = v; - p++; - i += 2; - } else { - *p++ = s[i]; - } - } - *p = 0; - - (*len) = (unsigned)(p - ret); - - return ret; -} - -/* the add*() functions deal with adding things to a struct - parse_string */ - -/* allocate more space if needed */ -static int addgen_alloc(TALLOC_CTX *mem_ctx, struct parse_string *p, int n) -{ - if (p->length + n <= p->allocated) return 0; - p->allocated = p->length + n + 200; - p->s = talloc_realloc(mem_ctx, p->s, p->allocated); - if (!p->s) { - errno = ENOMEM; - return -1; - } - return 0; -} - -/* add a character to the buffer */ -static int addchar(TALLOC_CTX *mem_ctx, struct parse_string *p, char c) -{ - if (addgen_alloc(mem_ctx, p, 2) != 0) { - return -1; - } - p->s[p->length++] = c; - p->s[p->length] = 0; - return 0; -} - -/* add a string to the buffer */ -int addstr(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *s) -{ - int len = strlen(s); - if (addgen_alloc(mem_ctx, p, len+1) != 0) { - return -1; - } - memcpy(p->s + p->length, s, len+1); - p->length += len; - return 0; -} - -/* add a string to the buffer with a tab prefix */ -static int addtabbed(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *s, unsigned indent) -{ - int len = strlen(s); - if (addgen_alloc(mem_ctx, p, indent+len+1) != 0) { - return -1; - } - while (indent--) { - p->s[p->length++] = '\t'; - } - memcpy(p->s + p->length, s, len+1); - p->length += len; - return 0; -} - -/* note! this can only be used for results up to 60 chars wide! */ -int addshort(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *fmt, ...) -{ - char buf[60]; - int n; - va_list ap; - va_start(ap, fmt); - n = vsnprintf(buf, sizeof(buf), fmt, ap); - va_end(ap); - if (addgen_alloc(mem_ctx, p, n + 1) != 0) { - return -1; - } - if (n != 0) { - memcpy(p->s + p->length, buf, n); - } - p->length += n; - p->s[p->length] = 0; - return 0; -} - -/* - this is here to make it easier for people to write dump functions - for their own types - */ -int gen_addgen(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *fmt, ...) -{ - char *buf = NULL; - int n; - va_list ap; - va_start(ap, fmt); - n = vasprintf(&buf, fmt, ap); - va_end(ap); - if (addgen_alloc(mem_ctx, p, n + 1) != 0) { - if (buf) free(buf); - return -1; - } - if (n != 0) { - memcpy(p->s + p->length, buf, n); - } - p->length += n; - p->s[p->length] = 0; - if (buf) free(buf); - return 0; -} - -/* dump a enumerated type */ -int gen_dump_enum(TALLOC_CTX *mem_ctx, - const struct enum_struct *einfo, - struct parse_string *p, - const char *ptr, - unsigned indent) -{ - unsigned v = *(unsigned *)ptr; - int i; - for (i=0;einfo[i].name;i++) { - if (v == einfo[i].value) { - addstr(mem_ctx, p, einfo[i].name); - return 0; - } - } - /* hmm, maybe we should just fail? */ - return gen_dump_unsigned(mem_ctx, p, ptr, indent); -} - -/* dump a single non-array element, hanlding struct and enum */ -static int gen_dump_one(TALLOC_CTX *mem_ctx, - struct parse_string *p, - const struct parse_struct *pinfo, - const char *ptr, - unsigned indent) -{ - if (pinfo->dump_fn == gen_dump_char && pinfo->ptr_count == 1) { - char *s = encode_bytes(mem_ctx, ptr, strlen(ptr)); - if (addchar(mem_ctx, p,'{') || - addstr(mem_ctx, p, s) || - addstr(mem_ctx, p, "}")) { - return -1; - } - return 0; - } - - return pinfo->dump_fn(mem_ctx, p, ptr, indent); -} - -/* handle dumping of an array of arbitrary type */ -static int gen_dump_array(TALLOC_CTX *mem_ctx, - struct parse_string *p, - const struct parse_struct *pinfo, - const char *ptr, - int array_len, - int indent) -{ - int i, count=0; - - /* special handling of fixed length strings */ - if (array_len != 0 && - pinfo->ptr_count == 0 && - pinfo->dump_fn == gen_dump_char) { - char *s = encode_bytes(mem_ctx, ptr, array_len); - if (!s) return -1; - if (addtabbed(mem_ctx, p, pinfo->name, indent) || - addstr(mem_ctx, p, " = {") || - addstr(mem_ctx, p, s) || - addstr(mem_ctx, p, "}\n")) { - return -1; - } - free(s); - return 0; - } - - for (i=0;i<array_len;i++) { - const char *p2 = ptr; - unsigned size = pinfo->size; - - /* generic pointer dereference */ - if (pinfo->ptr_count) { - p2 = *(const char **)ptr; - size = sizeof(void *); - } - - if ((count || pinfo->ptr_count) && - !(pinfo->flags & FLAG_ALWAYS) && - all_zero(ptr, size)) { - ptr += size; - continue; - } - if (count == 0) { - if (addtabbed(mem_ctx, p, pinfo->name, indent) || - addshort(mem_ctx, p, " = %u:", i)) { - return -1; - } - } else { - if (addshort(mem_ctx, p, ", %u:", i) != 0) { - return -1; - } - } - if (gen_dump_one(mem_ctx, p, pinfo, p2, indent) != 0) { - return -1; - } - ptr += size; - count++; - } - if (count) { - return addstr(mem_ctx, p, "\n"); - } - return 0; -} - -/* find a variable by name in a loaded structure and return its value - as an integer. Used to support dynamic arrays */ -static int find_var(const struct parse_struct *pinfo, - const char *data, - const char *var) -{ - int i; - const char *ptr; - - /* this allows for constant lengths */ - if (isdigit(*var)) { - return atoi(var); - } - - for (i=0;pinfo[i].name;i++) { - if (strcmp(pinfo[i].name, var) == 0) break; - } - if (!pinfo[i].name) return -1; - - ptr = data + pinfo[i].offset; - - switch (pinfo[i].size) { - case sizeof(int): - return *(int *)ptr; - case sizeof(char): - return *(char *)ptr; - } - - return -1; -} - - -int gen_dump_struct(TALLOC_CTX *mem_ctx, - const struct parse_struct *pinfo, - struct parse_string *p, - const char *ptr, - unsigned indent) -{ - char *s = gen_dump(mem_ctx, pinfo, ptr, indent+1); - if (!s) return -1; - if (addstr(mem_ctx, p, "{\n") || - addstr(mem_ctx, p, s) || - addtabbed(mem_ctx, p, "}", indent)) { - return -1; - } - return 0; -} - -static int gen_dump_string(TALLOC_CTX *mem_ctx, - struct parse_string *p, - const struct parse_struct *pinfo, - const char *data, - unsigned indent) -{ - const char *ptr = *(char **)data; - char *s = encode_bytes(mem_ctx, ptr, strlen(ptr)); - if (addtabbed(mem_ctx, p, pinfo->name, indent) || - addstr(mem_ctx, p, " = ") || - addchar(mem_ctx, p, '{') || - addstr(mem_ctx, p, s) || - addstr(mem_ctx, p, "}\n")) { - return -1; - } - return 0; -} - -/* - find the length of a nullterm array -*/ -static int len_nullterm(const char *ptr, int size, int array_len) -{ - int len; - - if (size == 1) { - len = strnlen(ptr, array_len); - } else { - for (len=0; len < array_len; len++) { - if (all_zero(ptr+len*size, size)) break; - } - } - - if (len == 0) len = 1; - - return len; -} - - -/* the generic dump routine. Scans the parse information for this structure - and processes it recursively */ -char *gen_dump(TALLOC_CTX *mem_ctx, - const struct parse_struct *pinfo, - const char *data, - unsigned indent) -{ - struct parse_string p; - int i; - - p.length = 0; - p.allocated = 0; - p.s = NULL; - - if (addstr(mem_ctx, &p, "") != 0) { - return NULL; - } - - for (i=0;pinfo[i].name;i++) { - const char *ptr = data + pinfo[i].offset; - unsigned size = pinfo[i].size; - - if (pinfo[i].ptr_count) { - size = sizeof(void *); - } - - /* special handling for array types */ - if (pinfo[i].array_len) { - unsigned len = pinfo[i].array_len; - if (pinfo[i].flags & FLAG_NULLTERM) { - len = len_nullterm(ptr, size, len); - } - if (gen_dump_array(mem_ctx, &p, &pinfo[i], ptr, - len, indent)) { - goto failed; - } - continue; - } - - /* and dynamically sized arrays */ - if (pinfo[i].dynamic_len) { - int len = find_var(pinfo, data, pinfo[i].dynamic_len); - struct parse_struct p2 = pinfo[i]; - if (len < 0) { - goto failed; - } - if (len > 0) { - if (pinfo[i].flags & FLAG_NULLTERM) { - len = len_nullterm(*(char **)ptr, - pinfo[i].size, len); - } - p2.ptr_count--; - p2.dynamic_len = NULL; - if (gen_dump_array(mem_ctx, &p, &p2, - *(char **)ptr, - len, indent) != 0) { - goto failed; - } - } - continue; - } - - /* don't dump zero elements */ - if (!(pinfo[i].flags & FLAG_ALWAYS) && all_zero(ptr, size)) continue; - - /* assume char* is a null terminated string */ - if (pinfo[i].size == 1 && pinfo[i].ptr_count == 1 && - pinfo[i].dump_fn == gen_dump_char) { - if (gen_dump_string(mem_ctx, &p, &pinfo[i], ptr, indent) != 0) { - goto failed; - } - continue; - } - - /* generic pointer dereference */ - if (pinfo[i].ptr_count) { - ptr = *(const char **)ptr; - } - - if (addtabbed(mem_ctx, &p, pinfo[i].name, indent) || - addstr(mem_ctx, &p, " = ") || - gen_dump_one(mem_ctx, &p, &pinfo[i], ptr, indent) || - addstr(mem_ctx, &p, "\n")) { - goto failed; - } - } - return p.s; - -failed: - return NULL; -} - -/* search for a character in a string, skipping over sections within - matching braces */ -static char *match_braces(char *s, char c) -{ - int depth = 0; - while (*s) { - switch (*s) { - case '}': - depth--; - break; - case '{': - depth++; - break; - } - if (depth == 0 && *s == c) { - return s; - } - s++; - } - return s; -} - -/* parse routine for enumerated types */ -int gen_parse_enum(TALLOC_CTX *mem_ctx, - const struct enum_struct *einfo, - char *ptr, - const char *str) -{ - unsigned v; - int i; - - if (isdigit(*str)) { - if (sscanf(str, "%u", &v) != 1) { - errno = EINVAL; - return -1; - } - *(unsigned *)ptr = v; - return 0; - } - - for (i=0;einfo[i].name;i++) { - if (strcmp(einfo[i].name, str) == 0) { - *(unsigned *)ptr = einfo[i].value; - return 0; - } - } - - /* unknown enum value?? */ - return -1; -} - - -/* parse all base types */ -static int gen_parse_base(TALLOC_CTX *mem_ctx, - const struct parse_struct *pinfo, - char *ptr, - const char *str) -{ - if (pinfo->parse_fn == gen_parse_char && pinfo->ptr_count==1) { - unsigned len; - char *s = decode_bytes(mem_ctx, str, &len); - if (!s) return -1; - *(char **)ptr = s; - return 0; - } - - if (pinfo->ptr_count) { - unsigned size = pinfo->ptr_count>1?sizeof(void *):pinfo->size; - struct parse_struct p2 = *pinfo; - *(void **)ptr = talloc(mem_ctx, size); - if (! *(void **)ptr) { - return -1; - } - memset(*(void **)ptr, 0, size); - ptr = *(char **)ptr; - p2.ptr_count--; - return gen_parse_base(mem_ctx, &p2, ptr, str); - } - - return pinfo->parse_fn(mem_ctx, ptr, str); -} - -/* parse a generic array */ -static int gen_parse_array(TALLOC_CTX *mem_ctx, - const struct parse_struct *pinfo, - char *ptr, - const char *str, - int array_len) -{ - char *p, *p2; - unsigned size = pinfo->size; - - /* special handling of fixed length strings */ - if (array_len != 0 && - pinfo->ptr_count == 0 && - pinfo->dump_fn == gen_dump_char) { - unsigned len = 0; - char *s = decode_bytes(mem_ctx, str, &len); - if (!s || (len > array_len)) return -1; - memset(ptr, 0, array_len); - memcpy(ptr, s, len); - return 0; - } - - if (pinfo->ptr_count) { - size = sizeof(void *); - } - - while (*str) { - unsigned idx; - int done; - - idx = atoi(str); - p = strchr(str,':'); - if (!p) break; - p++; - p2 = match_braces(p, ','); - done = (*p2 != ','); - *p2 = 0; - - if (*p == '{') { - p++; - p[strlen(p)-1] = 0; - } - - if (gen_parse_base(mem_ctx, pinfo, ptr + idx*size, p) != 0) { - return -1; - } - - if (done) break; - str = p2+1; - } - - return 0; -} - -/* parse one element, hanlding dynamic and static arrays */ -static int gen_parse_one(TALLOC_CTX *mem_ctx, - const struct parse_struct *pinfo, - const char *name, - char *data, - const char *str) -{ - int i; - for (i=0;pinfo[i].name;i++) { - if (strcmp(pinfo[i].name, name) == 0) { - break; - } - } - if (pinfo[i].name == NULL) { - return 0; - } - - if (pinfo[i].array_len) { - return gen_parse_array(mem_ctx, &pinfo[i], - data+pinfo[i].offset, - str, pinfo[i].array_len); - } - - if (pinfo[i].dynamic_len) { - int len = find_var(pinfo, data, pinfo[i].dynamic_len); - if (len < 0) { - errno = EINVAL; - return -1; - } - if (len > 0) { - struct parse_struct p2 = pinfo[i]; - char *ptr; - unsigned size = pinfo[i].ptr_count>1?sizeof(void*):pinfo[i].size; - ptr = talloc(mem_ctx, len*size); - if (!ptr) { - errno = ENOMEM; - return -1; - } - memset(ptr, 0, len*size); - *((char **)(data + pinfo[i].offset)) = ptr; - p2.ptr_count--; - p2.dynamic_len = NULL; - return gen_parse_array(mem_ctx, &p2, ptr, str, len); - } - return 0; - } - - return gen_parse_base(mem_ctx, &pinfo[i], data + pinfo[i].offset, str); -} - -int gen_parse_struct(TALLOC_CTX * mem_ctx, const struct parse_struct *pinfo, char *ptr, const char *str) -{ - return gen_parse(mem_ctx, pinfo, ptr, str); -} - -/* the main parse routine */ -int gen_parse(TALLOC_CTX *mem_ctx, const struct parse_struct *pinfo, char *data, const char *s) -{ - char *str, *s0; - - s0 = strdup(s); - str = s0; - - while (*str) { - char *p; - char *name; - char *value; - - /* skip leading whitespace */ - while (isspace(*str)) str++; - - p = strchr(str, '='); - if (!p) break; - value = p+1; - while (p > str && isspace(*(p-1))) { - p--; - } - - *p = 0; - name = str; - - while (isspace(*value)) value++; - - if (*value == '{') { - str = match_braces(value, '}'); - value++; - } else { - str = match_braces(value, '\n'); - } - - *str++ = 0; - - if (gen_parse_one(mem_ctx, pinfo, name, data, value) != 0) { - free(s0); - return -1; - } - } - - free(s0); - return 0; -} - - - -/* for convenience supply some standard dumpers and parsers here */ - -int gen_parse_char(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(unsigned char *)ptr = atoi(str); - return 0; -} - -int gen_parse_int(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(int *)ptr = atoi(str); - return 0; -} - -int gen_parse_unsigned(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(unsigned *)ptr = strtoul(str, NULL, 10); - return 0; -} - -int gen_parse_time_t(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(time_t *)ptr = strtoul(str, NULL, 10); - return 0; -} - -int gen_parse_double(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(double *)ptr = atof(str); - return 0; -} - -int gen_parse_float(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(float *)ptr = atof(str); - return 0; -} - -int gen_dump_char(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(unsigned char *)(ptr)); -} - -int gen_dump_int(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%d", *(int *)(ptr)); -} - -int gen_dump_unsigned(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(unsigned *)(ptr)); -} - -int gen_dump_time_t(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(time_t *)(ptr)); -} - -int gen_dump_double(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%lg", *(double *)(ptr)); -} - -int gen_dump_float(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%g", *(float *)(ptr)); -} diff --git a/source3/lib/genparser_samba.c b/source3/lib/genparser_samba.c deleted file mode 100644 index bece587747..0000000000 --- a/source3/lib/genparser_samba.c +++ /dev/null @@ -1,200 +0,0 @@ -/* - Copyright (C) Andrew Tridgell <genstruct@tridgell.net> 2002 - Copyright (C) Simo Sorce <idra@samba.org> 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "genparser_samba.h" - -/* PARSE functions */ - -int gen_parse_uint8(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(uint8 *)ptr = atoi(str); - return 0; -} - -int gen_parse_uint16(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(uint16 *)ptr = atoi(str); - return 0; -} - -int gen_parse_uint32(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - *(uint32 *)ptr = strtoul(str, NULL, 10); - return 0; -} - -int gen_parse_NTTIME(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - if(sscanf(str, "%u,%u", &(((NTTIME *)(ptr))->high), &(((NTTIME *)(ptr))->low)) != 2) { - errno = EINVAL; - return -1; - } - return 0; -} - -int gen_parse_DOM_SID(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - if(!string_to_sid((DOM_SID *)ptr, str)) return -1; - return 0; -} - -int gen_parse_SEC_ACCESS(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - ((SEC_ACCESS *)ptr)->mask = strtoul(str, NULL, 10); - return 0; -} - -int gen_parse_GUID(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - int info[GUID_SIZE]; - int i; - char *sc; - char *p; - char *m; - - m = strdup(str); - if (!m) return -1; - sc = m; - - memset(info, 0, sizeof(info)); - for (i = 0; i < GUID_SIZE; i++) { - p = strchr(sc, ','); - if (p != NULL) p = '\0'; - info[i] = atoi(sc); - if (p != NULL) sc = p + 1; - } - free(m); - - for (i = 0; i < GUID_SIZE; i++) { - ((GUID *)ptr)->info[i] = info[i]; - } - - return 0; -} - -int gen_parse_SEC_ACE(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - return gen_parse_struct(mem_ctx, pinfo_security_ace_info, ptr, str); -} - -int gen_parse_SEC_ACL(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - return gen_parse_struct(mem_ctx, pinfo_security_acl_info, ptr, str); -} - -int gen_parse_SEC_DESC(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - return gen_parse_struct(mem_ctx, pinfo_security_descriptor_info, ptr, str); -} - -int gen_parse_LUID_ATTR(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - return gen_parse_struct(mem_ctx, pinfo_luid_attr_info, ptr, str); -} - -int gen_parse_LUID(TALLOC_CTX *mem_ctx, char *ptr, const char *str) -{ - if(sscanf(str, "%u,%u", &(((LUID *)(ptr))->high), &(((LUID *)(ptr))->low)) != 2) { - errno = EINVAL; - return -1; - } - return 0; -} - - - -/* DUMP functions */ - -int gen_dump_uint8(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(uint8 *)(ptr)); -} - -int gen_dump_uint16(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(uint16 *)(ptr)); -} - -int gen_dump_uint32(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", *(uint32 *)(ptr)); -} - -int gen_dump_NTTIME(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - uint32 low, high; - - high = ((NTTIME *)(ptr))->high; - low = ((NTTIME *)(ptr))->low; - return addshort(mem_ctx, p, "%u,%u", high, low); -} - -int gen_dump_DOM_SID(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - fstring sidstr; - - sid_to_string(sidstr, (DOM_SID *)ptr); - return addstr(mem_ctx, p, sidstr); -} - -int gen_dump_SEC_ACCESS(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return addshort(mem_ctx, p, "%u", ((SEC_ACCESS *)ptr)->mask); -} - -int gen_dump_GUID(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - int i, r; - - for (i = 0; i < (GUID_SIZE - 1); i++) { - if (!(r = addshort(mem_ctx, p, "%d,", ((GUID *)ptr)->info[i]))) return r; - } - return addshort(mem_ctx, p, "%d", ((GUID *)ptr)->info[i]); -} - -int gen_dump_SEC_ACE(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return gen_dump_struct(mem_ctx, pinfo_security_ace_info, p, ptr, indent); -} - -int gen_dump_SEC_ACL(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return gen_dump_struct(mem_ctx, pinfo_security_acl_info, p, ptr, indent); -} - -int gen_dump_SEC_DESC(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return gen_dump_struct(mem_ctx, pinfo_security_descriptor_info, p, ptr, indent); -} - -int gen_dump_LUID_ATTR(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - return gen_dump_struct(mem_ctx, pinfo_luid_attr_info, p, ptr, indent); -} - -int gen_dump_LUID(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) -{ - uint32 low, high; - - high = ((LUID *)(ptr))->high; - low = ((LUID *)(ptr))->low; - return addshort(mem_ctx, p, "%u,%u", high, low); -} - diff --git a/source3/lib/iconv.c b/source3/lib/iconv.c index 9240e24074..54733c2ac2 100644 --- a/source3/lib/iconv.c +++ b/source3/lib/iconv.c @@ -2,7 +2,6 @@ Unix SMB/CIFS implementation. minimal iconv implementation Copyright (C) Andrew Tridgell 2001 - Copyright (C) Jelmer Vernooij 2002,2003,2003,2003,2003 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -21,97 +20,35 @@ #include "includes.h" - -/** - * @file - * - * @brief Samba wrapper/stub for iconv character set conversion. - * - * iconv is the XPG2 interface for converting between character - * encodings. This file provides a Samba wrapper around it, and also - * a simple reimplementation that is used if the system does not - * implement iconv. - * - * Samba only works with encodings that are supersets of ASCII: ascii - * characters like whitespace can be tested for directly, multibyte - * sequences start with a byte with the high bit set, and strings are - * terminated by a nul byte. - * - * Note that the only function provided by iconv is conversion between - * characters. It doesn't directly support operations like - * uppercasing or comparison. We have to convert to UCS-2 and compare - * there. - * - * @sa Samba Developers Guide - **/ - static size_t ascii_pull(void *,char **, size_t *, char **, size_t *); static size_t ascii_push(void *,char **, size_t *, char **, size_t *); static size_t utf8_pull(void *,char **, size_t *, char **, size_t *); static size_t utf8_push(void *,char **, size_t *, char **, size_t *); +static size_t weird_pull(void *,char **, size_t *, char **, size_t *); +static size_t weird_push(void *,char **, size_t *, char **, size_t *); static size_t ucs2hex_pull(void *,char **, size_t *, char **, size_t *); static size_t ucs2hex_push(void *,char **, size_t *, char **, size_t *); static size_t iconv_copy(void *,char **, size_t *, char **, size_t *); -static struct charset_functions builtin_functions[] = { +/* + for each charset we have a function that pulls from that charset to + a ucs2 buffer, and a function that pushes to a ucs2 buffer +*/ +static struct { + const char *name; + size_t (*pull)(void *, char **inbuf, size_t *inbytesleft, + char **outbuf, size_t *outbytesleft); + size_t (*push)(void *, char **inbuf, size_t *inbytesleft, + char **outbuf, size_t *outbytesleft); +} charsets[] = { {"UCS-2LE", iconv_copy, iconv_copy}, {"UTF8", utf8_pull, utf8_push}, {"ASCII", ascii_pull, ascii_push}, + {"WEIRD", weird_pull, weird_push}, {"UCS2-HEX", ucs2hex_pull, ucs2hex_push}, {NULL, NULL, NULL} }; -static struct charset_functions *charsets = NULL; - -static struct charset_functions *find_charset_functions(const char *name) -{ - struct charset_functions *c = charsets; - pstring stripped; - - module_path_get_name(name, stripped); - - while(c) { - if (strcasecmp(stripped, c->name) == 0) { - return c; - } - c = c->next; - } - - return NULL; -} - -BOOL smb_register_charset(struct charset_functions *funcs) -{ - struct charset_functions *c = charsets; - - DEBUG(5, ("Attempting to register new charset %s\n", funcs->name)); - /* Check whether we already have this charset... */ - while(c) { - if(!strcasecmp(c->name, funcs->name)){ - DEBUG(2, ("Duplicate charset %s, not registering\n", funcs->name)); - return False; - } - c = c->next; - } - - funcs->next = funcs->prev = NULL; - DEBUG(5, ("Registered charset %s\n", funcs->name)); - DLIST_ADD(charsets, funcs); - return True; -} - -void lazy_initialize_iconv(void) -{ - static BOOL initialized; - int i; - - if (!initialized) { - initialized = True; - for(i = 0; builtin_functions[i].name; i++) - smb_register_charset(&builtin_functions[i]); - static_init_charset; - } -} /* if there was an error then reset the internal state, this ensures that we don't have a shift state remaining for @@ -179,11 +116,7 @@ size_t smb_iconv(smb_iconv_t cd, smb_iconv_t smb_iconv_open(const char *tocode, const char *fromcode) { smb_iconv_t ret; - struct charset_functions *from, *to; - - lazy_initialize_iconv(); - from = charsets; - to = charsets; + int from, to; ret = (smb_iconv_t)malloc(sizeof(*ret)); if (!ret) { @@ -196,78 +129,53 @@ smb_iconv_t smb_iconv_open(const char *tocode, const char *fromcode) ret->to_name = strdup(tocode); /* check for the simplest null conversion */ - if (strcasecmp(fromcode, tocode) == 0) { + if (strcmp(fromcode, tocode) == 0) { ret->direct = iconv_copy; return ret; } - /* check if we have a builtin function for this conversion */ - from = find_charset_functions(fromcode); - if(from)ret->pull = from->pull; - - to = find_charset_functions(tocode); - if(to)ret->push = to->push; + for (from=0; charsets[from].name; from++) { + if (strcasecmp(charsets[from].name, fromcode) == 0) break; + } + for (to=0; charsets[to].name; to++) { + if (strcasecmp(charsets[to].name, tocode) == 0) break; + } - /* check if we can use iconv for this conversion */ #ifdef HAVE_NATIVE_ICONV - if (!ret->pull) { + if (!charsets[from].name) { + ret->pull = sys_iconv; ret->cd_pull = iconv_open("UCS-2LE", fromcode); - if (ret->cd_pull != (iconv_t)-1) - ret->pull = sys_iconv; + if (ret->cd_pull == (iconv_t)-1) goto failed; } - - if (!ret->push) { + if (!charsets[to].name) { + ret->push = sys_iconv; ret->cd_push = iconv_open(tocode, "UCS-2LE"); - if (ret->cd_push != (iconv_t)-1) - ret->push = sys_iconv; - } -#endif - - /* check if there is a module available that can do this conversion */ - if (!ret->pull && smb_probe_module("charset", fromcode)) { - if(!(from = find_charset_functions(fromcode))) - DEBUG(0, ("Module %s doesn't provide charset %s!\n", fromcode, fromcode)); - else - ret->pull = from->pull; + if (ret->cd_push == (iconv_t)-1) goto failed; } - - if (!ret->push && smb_probe_module("charset", tocode)) { - if(!(to = find_charset_functions(tocode))) - DEBUG(0, ("Module %s doesn't provide charset %s!\n", tocode, tocode)); - else - ret->push = to->push; - } - - if (!ret->push || !ret->pull) { - SAFE_FREE(ret->from_name); - SAFE_FREE(ret->to_name); - SAFE_FREE(ret); - errno = EINVAL; - return (smb_iconv_t)-1; +#else + if (!charsets[from].name || !charsets[to].name) { + goto failed; } +#endif /* check for conversion to/from ucs2 */ - if (strcasecmp(fromcode, "UCS-2LE") == 0 && to) { - ret->direct = to->push; - ret->push = ret->pull = NULL; + if (from == 0 && charsets[to].name) { + ret->direct = charsets[to].push; return ret; } - - if (strcasecmp(tocode, "UCS-2LE") == 0 && from) { - ret->direct = from->pull; - ret->push = ret->pull = NULL; + if (to == 0 && charsets[from].name) { + ret->direct = charsets[from].pull; return ret; } - /* Check if we can do the conversion direct */ #ifdef HAVE_NATIVE_ICONV - if (strcasecmp(fromcode, "UCS-2LE") == 0) { + if (from == 0) { ret->direct = sys_iconv; ret->cd_direct = ret->cd_push; ret->cd_push = NULL; return ret; } - if (strcasecmp(tocode, "UCS-2LE") == 0) { + if (to == 0) { ret->direct = sys_iconv; ret->cd_direct = ret->cd_pull; ret->cd_pull = NULL; @@ -275,7 +183,15 @@ smb_iconv_t smb_iconv_open(const char *tocode, const char *fromcode) } #endif + /* the general case has to go via a buffer */ + if (!ret->pull) ret->pull = charsets[from].pull; + if (!ret->push) ret->push = charsets[to].push; return ret; + +failed: + SAFE_FREE(ret); + errno = EINVAL; + return (smb_iconv_t)-1; } /* @@ -437,6 +353,111 @@ static size_t ucs2hex_push(void *cd, char **inbuf, size_t *inbytesleft, } +/* the "weird" character set is very useful for testing multi-byte + support and finding bugs. Don't use on a production system! +*/ +static struct { + const char from; + const char *to; + int len; +} weird_table[] = { + {'q', "^q^", 3}, + {'Q', "^Q^", 3}, + {0, NULL} +}; + +static size_t weird_pull(void *cd, char **inbuf, size_t *inbytesleft, + char **outbuf, size_t *outbytesleft) +{ + while (*inbytesleft >= 1 && *outbytesleft >= 2) { + int i; + int done = 0; + for (i=0;weird_table[i].from;i++) { + if (strncmp((*inbuf), + weird_table[i].to, + weird_table[i].len) == 0) { + if (*inbytesleft < weird_table[i].len) { + DEBUG(0,("ERROR: truncated weird string\n")); + /* smb_panic("weird_pull"); */ + + } else { + (*outbuf)[0] = weird_table[i].from; + (*outbuf)[1] = 0; + (*inbytesleft) -= weird_table[i].len; + (*outbytesleft) -= 2; + (*inbuf) += weird_table[i].len; + (*outbuf) += 2; + done = 1; + break; + } + } + } + if (done) continue; + (*outbuf)[0] = (*inbuf)[0]; + (*outbuf)[1] = 0; + (*inbytesleft) -= 1; + (*outbytesleft) -= 2; + (*inbuf) += 1; + (*outbuf) += 2; + } + + if (*inbytesleft > 0) { + errno = E2BIG; + return -1; + } + + return 0; +} + +static size_t weird_push(void *cd, char **inbuf, size_t *inbytesleft, + char **outbuf, size_t *outbytesleft) +{ + int ir_count=0; + + while (*inbytesleft >= 2 && *outbytesleft >= 1) { + int i; + int done=0; + for (i=0;weird_table[i].from;i++) { + if ((*inbuf)[0] == weird_table[i].from && + (*inbuf)[1] == 0) { + if (*outbytesleft < weird_table[i].len) { + DEBUG(0,("No room for weird character\n")); + /* smb_panic("weird_push"); */ + } else { + memcpy(*outbuf, weird_table[i].to, + weird_table[i].len); + (*inbytesleft) -= 2; + (*outbytesleft) -= weird_table[i].len; + (*inbuf) += 2; + (*outbuf) += weird_table[i].len; + done = 1; + break; + } + } + } + if (done) continue; + + (*outbuf)[0] = (*inbuf)[0]; + if ((*inbuf)[1]) ir_count++; + (*inbytesleft) -= 2; + (*outbytesleft) -= 1; + (*inbuf) += 2; + (*outbuf) += 1; + } + + if (*inbytesleft == 1) { + errno = EINVAL; + return -1; + } + + if (*inbytesleft > 1) { + errno = E2BIG; + return -1; + } + + return ir_count; +} + static size_t iconv_copy(void *cd, char **inbuf, size_t *inbytesleft, char **outbuf, size_t *outbytesleft) { diff --git a/source3/lib/ldap.c b/source3/lib/ldap.c deleted file mode 100644 index d0e72c4844..0000000000 --- a/source3/lib/ldap.c +++ /dev/null @@ -1,719 +0,0 @@ -/* - Unix SMB/CIFS implementation. - LDAP protocol helper functions for SAMBA - Copyright (C) Jean François Micouleau 1998 - Copyright (C) Gerald Carter 2001 - Copyright (C) Shahms King 2001 - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jim McDonough 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - -*/ - -#include "includes.h" - -#ifdef HAVE_LDAP -/* TODO: -* persistent connections: if using NSS LDAP, many connections are made -* however, using only one within Samba would be nice -* -* Clean up SSL stuff, compile on OpenLDAP 1.x, 2.x, and Netscape SDK -* -* Other LDAP based login attributes: accountExpires, etc. -* (should be the domain of Samba proper, but the sam_password/SAM_ACCOUNT -* structures don't have fields for some of these attributes) -* -* SSL is done, but can't get the certificate based authentication to work -* against on my test platform (Linux 2.4, OpenLDAP 2.x) -*/ - -/* NOTE: this will NOT work against an Active Directory server -* due to the fact that the two password fields cannot be retrieved -* from a server; recommend using security = domain in this situation -* and/or winbind -*/ - -#include "smb_ldap.h" - -/* We need an internal mapping of LDAP * -> smb_ldap_privates so we implement - it in terms of a VK list. It's a little backwards but its quite efficent */ -static struct smb_ldap_privates *head; - -static struct smb_ldap_privates *get_internal(LDAP *ldap_struct) -{ - struct smb_ldap_privates *ret = head; - - while (NULL != ret && ret->ldap_struct != ldap_struct) { - ret = ret->next; - } - - return ret; -} - -#define SMB_LDAP_DONT_PING_TIME 10 /* ping only all 10 seconds */ - -/******************************************************************* - find the ldap password -******************************************************************/ -static BOOL smb_ldap_fetch_pw(char **dn, char** pw) -{ - char *key = NULL; - size_t size; - - *dn = smb_xstrdup(lp_ldap_admin_dn()); - - if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, *dn) < 0) { - SAFE_FREE(*dn); - DEBUG(0, ("smb_ldap_fetch_pw: asprintf failed!\n")); - } - - *pw=secrets_fetch(key, &size); - SAFE_FREE(key); - if (!size) { - /* Upgrade 2.2 style entry */ - char *p; - char* old_style_key = strdup(*dn); - char *data; - fstring old_style_pw; - - if (!old_style_key) { - DEBUG(0, ("smb_ldap_fetch_pw: strdup failed!\n")); - return False; - } - - for (p=old_style_key; *p; p++) - if (*p == ',') *p = '/'; - - data=secrets_fetch(old_style_key, &size); - if (!size && size < sizeof(old_style_pw)) { - DEBUG(0,("fetch_ldap_pw: neither ldap secret retrieved!\n")); - SAFE_FREE(old_style_key); - SAFE_FREE(*dn); - return False; - } - - strncpy(old_style_pw, data, size); - old_style_pw[size] = 0; - - SAFE_FREE(data); - - if (!secrets_store_ldap_pw(*dn, old_style_pw)) { - DEBUG(0,("fetch_ldap_pw: ldap secret could not be upgraded!\n")); - SAFE_FREE(old_style_key); - SAFE_FREE(*dn); - return False; - } - if (!secrets_delete(old_style_key)) { - DEBUG(0,("fetch_ldap_pw: old ldap secret could not be deleted!\n")); - } - - SAFE_FREE(old_style_key); - - *pw = smb_xstrdup(old_style_pw); - } - - return True; -} - -/******************************************************************* - open a connection to the ldap server. -******************************************************************/ -int smb_ldap_open_connection (struct smb_ldap_privates *ldap_state, - LDAP ** ldap_struct) -{ - int rc = LDAP_SUCCESS; - int version; - BOOL ldap_v3 = False; - -#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) - DEBUG(10, ("smb_ldap_open_connection: %s\n", ldap_state->uri)); - - if ((rc = ldap_initialize(ldap_struct, ldap_state->uri)) != LDAP_SUCCESS) { - DEBUG(0, ("ldap_initialize: %s\n", ldap_err2string(rc))); - return rc; - } - -#else - - /* Parse the string manually */ - - { - int port = 0; - fstring protocol; - fstring host; - const char *p = ldap_state->uri; - SMB_ASSERT(sizeof(protocol)>10 && sizeof(host)>254); - - /* skip leading "URL:" (if any) */ - if ( strncasecmp( p, "URL:", 4 ) == 0 ) { - p += 4; - } - - sscanf(p, "%10[^:]://%254s[^:]:%d", protocol, host, &port); - - if (port == 0) { - if (strequal(protocol, "ldap")) { - port = LDAP_PORT; - } else if (strequal(protocol, "ldaps")) { - port = LDAPS_PORT; - } else { - DEBUG(0, ("unrecognised protocol (%s)!\n", protocol)); - } - } - - if ((*ldap_struct = ldap_init(host, port)) == NULL) { - DEBUG(0, ("ldap_init failed !\n")); - return LDAP_OPERATIONS_ERROR; - } - - if (strequal(protocol, "ldaps")) { -#ifdef LDAP_OPT_X_TLS - int tls = LDAP_OPT_X_TLS_HARD; - if (ldap_set_option (*ldap_struct, LDAP_OPT_X_TLS, &tls) != LDAP_SUCCESS) - { - DEBUG(0, ("Failed to setup a TLS session\n")); - } - - DEBUG(3,("LDAPS option set...!\n")); -#else - DEBUG(0,("smb_ldap_open_connection: Secure connection not supported by LDAP client libraries!\n")); - return LDAP_OPERATIONS_ERROR; -#endif - } - } -#endif - - if (ldap_get_option(*ldap_struct, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS) - { - if (version != LDAP_VERSION3) - { - version = LDAP_VERSION3; - if (ldap_set_option (*ldap_struct, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS) { - ldap_v3 = True; - } - } else { - ldap_v3 = True; - } - } - - if (lp_ldap_ssl() == LDAP_SSL_START_TLS) { -#ifdef LDAP_OPT_X_TLS - if (ldap_v3) { - if ((rc = ldap_start_tls_s (*ldap_struct, NULL, NULL)) != LDAP_SUCCESS) - { - DEBUG(0,("Failed to issue the StartTLS instruction: %s\n", - ldap_err2string(rc))); - return rc; - } - DEBUG (3, ("StartTLS issued: using a TLS connection\n")); - } else { - - DEBUG(0, ("Need LDAPv3 for Start TLS\n")); - return LDAP_OPERATIONS_ERROR; - } -#else - DEBUG(0,("smb_ldap_open_connection: StartTLS not supported by LDAP client libraries!\n")); - return LDAP_OPERATIONS_ERROR; -#endif - } - - DEBUG(2, ("smb_ldap_open_connection: connection opened\n")); - return rc; -} - - -/******************************************************************* - a rebind function for authenticated referrals - This version takes a void* that we can shove useful stuff in :-) -******************************************************************/ -#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) -#else -static int rebindproc_with_state (LDAP * ld, char **whop, char **credp, - int *methodp, int freeit, void *arg) -{ - struct smb_ldap_privates *ldap_state = arg; - - /** @TODO Should we be doing something to check what servers we rebind to? - Could we get a referral to a machine that we don't want to give our - username and password to? */ - - if (freeit) { - SAFE_FREE(*whop); - memset(*credp, '\0', strlen(*credp)); - SAFE_FREE(*credp); - } else { - DEBUG(5,("rebind_proc_with_state: Rebinding as \"%s\"\n", - ldap_state->bind_dn)); - - *whop = strdup(ldap_state->bind_dn); - if (!*whop) { - return LDAP_NO_MEMORY; - } - *credp = strdup(ldap_state->bind_secret); - if (!*credp) { - SAFE_FREE(*whop); - return LDAP_NO_MEMORY; - } - *methodp = LDAP_AUTH_SIMPLE; - } - return 0; -} -#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ - -/******************************************************************* - a rebind function for authenticated referrals - This version takes a void* that we can shove useful stuff in :-) - and actually does the connection. -******************************************************************/ -#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) -static int rebindproc_connect_with_state (LDAP *ldap_struct, - LDAP_CONST char *url, - ber_tag_t request, - ber_int_t msgid, void *arg) -{ - struct smb_ldap_privates *ldap_state = arg; - int rc; - DEBUG(5,("rebindproc_connect_with_state: Rebinding as \"%s\"\n", - ldap_state->bind_dn)); - - /** @TODO Should we be doing something to check what servers we rebind to? - Could we get a referral to a machine that we don't want to give our - username and password to? */ - - rc = ldap_simple_bind_s(ldap_struct, ldap_state->bind_dn, ldap_state->bind_secret); - - return rc; -} -#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ - -/******************************************************************* - Add a rebind function for authenticated referrals -******************************************************************/ -#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) -#else -# if LDAP_SET_REBIND_PROC_ARGS == 2 -static int rebindproc (LDAP *ldap_struct, char **whop, char **credp, - int *method, int freeit ) -{ - return rebindproc_with_state(ldap_struct, whop, credp, - method, freeit, get_internal(ldap_struct)); - -} -# endif /*LDAP_SET_REBIND_PROC_ARGS == 2*/ -#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ - -/******************************************************************* - a rebind function for authenticated referrals - this also does the connection, but no void*. -******************************************************************/ -#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) -# if LDAP_SET_REBIND_PROC_ARGS == 2 -static int rebindproc_connect (LDAP * ld, LDAP_CONST char *url, int request, - ber_int_t msgid) -{ - return rebindproc_connect_with_state(ld, url, (ber_tag_t)request, msgid, - get_internal(ld)); -} -# endif /*LDAP_SET_REBIND_PROC_ARGS == 2*/ -#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ - -/******************************************************************* - connect to the ldap server under system privilege. -******************************************************************/ -int smb_ldap_connect_system(struct smb_ldap_privates *ldap_state, - LDAP * ldap_struct) -{ - int rc; - char *ldap_dn; - char *ldap_secret; - - if (NULL == get_internal(ldap_struct)) { - ldap_state->next = head; - } - - /* get the password */ - if (!smb_ldap_fetch_pw(&ldap_dn, &ldap_secret)) - { - DEBUG(0, ("ldap_connect_system: Failed to retrieve password from secrets.tdb\n")); - return LDAP_INVALID_CREDENTIALS; - } - - ldap_state->bind_dn = ldap_dn; - ldap_state->bind_secret = ldap_secret; - - /* removed the sasl_bind_s "EXTERNAL" stuff, as my testsuite - (OpenLDAP) doesnt' seem to support it */ - - DEBUG(10,("ldap_connect_system: Binding to ldap server %s as \"%s\"\n", - ldap_state->uri, ldap_dn)); - -#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) -# if LDAP_SET_REBIND_PROC_ARGS == 2 - ldap_set_rebind_proc(ldap_struct, &rebindproc_connect); -# endif -# if LDAP_SET_REBIND_PROC_ARGS == 3 - ldap_set_rebind_proc(ldap_struct, &rebindproc_connect_with_state, (void *)ldap_state); -# endif -#else /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ -# if LDAP_SET_REBIND_PROC_ARGS == 2 - ldap_set_rebind_proc(ldap_struct, &rebindproc); -# endif -# if LDAP_SET_REBIND_PROC_ARGS == 3 - ldap_set_rebind_proc(ldap_struct, &rebindproc_with_state, (void *)ldap_state); -# endif -#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ - - rc = ldap_simple_bind_s(ldap_struct, ldap_dn, ldap_secret); - - if (rc != LDAP_SUCCESS) { - char *ld_error; - ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, - &ld_error); - DEBUG(0, - ("failed to bind to server with dn= %s Error: %s\n\t%s\n", - ldap_dn, ldap_err2string(rc), - ld_error)); - free(ld_error); - return rc; - } - - DEBUG(2, ("ldap_connect_system: succesful connection to the LDAP server\n")); - return rc; -} - -/********************************************************************** -Connect to LDAP server -*********************************************************************/ -int smb_ldap_open(struct smb_ldap_privates *ldap_state) -{ - int rc; - SMB_ASSERT(ldap_state); - -#ifndef NO_LDAP_SECURITY - if (geteuid() != 0) { - DEBUG(0, ("smb_ldap_open: cannot access LDAP when not root..\n")); - return LDAP_INSUFFICIENT_ACCESS; - } -#endif - - if ((ldap_state->ldap_struct != NULL) && ((ldap_state->last_ping + SMB_LDAP_DONT_PING_TIME) < time(NULL))) { - struct sockaddr_un addr; - socklen_t len; - int sd; - if (ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_DESC, &sd) == 0 && - getpeername(sd, (struct sockaddr *) &addr, &len) < 0) { - /* the other end has died. reopen. */ - ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL); - ldap_state->ldap_struct = NULL; - ldap_state->last_ping = (time_t)0; - } else { - ldap_state->last_ping = time(NULL); - } - } - - if (ldap_state->ldap_struct != NULL) { - DEBUG(5,("smb_ldap_open: allready connected to the LDAP server\n")); - return LDAP_SUCCESS; - } - - if ((rc = smb_ldap_open_connection(ldap_state, &ldap_state->ldap_struct))) { - return rc; - } - - if ((rc = smb_ldap_connect_system(ldap_state, ldap_state->ldap_struct))) { - ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL); - ldap_state->ldap_struct = NULL; - return rc; - } - - - ldap_state->last_ping = time(NULL); - DEBUG(4,("The LDAP server is succesful connected\n")); - - return LDAP_SUCCESS; -} - -/********************************************************************** -Disconnect from LDAP server -*********************************************************************/ -NTSTATUS smb_ldap_close(struct smb_ldap_privates *ldap_state) -{ - if (!ldap_state) - return NT_STATUS_INVALID_PARAMETER; - - if (ldap_state->ldap_struct != NULL) { - ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL); - ldap_state->ldap_struct = NULL; - } - - DEBUG(5,("The connection to the LDAP server was closed\n")); - /* maybe free the results here --metze */ - - return NT_STATUS_OK; -} - -static int smb_ldap_retry_open(struct smb_ldap_privates *ldap_state, int *attempts) -{ - int rc; - - SMB_ASSERT(ldap_state && attempts); - - if (*attempts != 0) { - /* we retry after 0.5, 2, 4.5, 8, 12.5, 18, 24.5 seconds */ - msleep((((*attempts)*(*attempts))/2)*1000); - } - (*attempts)++; - - if ((rc = smb_ldap_open(ldap_state))) { - DEBUG(0,("Connection to LDAP Server failed for the %d try!\n",*attempts)); - return rc; - } - - return LDAP_SUCCESS; -} - - -int smb_ldap_search(struct smb_ldap_privates *ldap_state, - const char *base, int scope, const char *filter, - const char *attrs[], int attrsonly, - LDAPMessage **res) -{ - int rc = LDAP_SERVER_DOWN; - int attempts = 0; - - SMB_ASSERT(ldap_state); - - while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) { - - if ((rc = smb_ldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS) - continue; - - rc = ldap_search_s(ldap_state->ldap_struct, base, scope, - filter, attrs, attrsonly, res); - } - - if (rc == LDAP_SERVER_DOWN) { - DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO)); - smb_ldap_close(ldap_state); - } - - return rc; -} - -int smb_ldap_modify(struct smb_ldap_privates *ldap_state, char *dn, - LDAPMod *attrs[]) -{ - int rc = LDAP_SERVER_DOWN; - int attempts = 0; - - if (!ldap_state) - return (-1); - - while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) { - - if ((rc = smb_ldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS) - continue; - - rc = ldap_modify_s(ldap_state->ldap_struct, dn, attrs); - } - - if (rc == LDAP_SERVER_DOWN) { - DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO)); - smb_ldap_close(ldap_state); - } - - return rc; -} - -int smb_ldap_add(struct smb_ldap_privates *ldap_state, const char *dn, - LDAPMod *attrs[]) -{ - int rc = LDAP_SERVER_DOWN; - int attempts = 0; - - if (!ldap_state) - return (-1); - - while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) { - - if ((rc = smb_ldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS) - continue; - - rc = ldap_add_s(ldap_state->ldap_struct, dn, attrs); - } - - if (rc == LDAP_SERVER_DOWN) { - DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO)); - smb_ldap_close(ldap_state); - } - - return rc; -} - -int smb_ldap_delete(struct smb_ldap_privates *ldap_state, char *dn) -{ - int rc = LDAP_SERVER_DOWN; - int attempts = 0; - - if (!ldap_state) - return (-1); - - while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) { - - if ((rc = smb_ldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS) - continue; - - rc = ldap_delete_s(ldap_state->ldap_struct, dn); - } - - if (rc == LDAP_SERVER_DOWN) { - DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO)); - smb_ldap_close(ldap_state); - } - - return rc; -} - -int smb_ldap_extended_operation(struct smb_ldap_privates *ldap_state, - LDAP_CONST char *reqoid, - struct berval *reqdata, - LDAPControl **serverctrls, - LDAPControl **clientctrls, char **retoidp, - struct berval **retdatap) -{ - int rc = LDAP_SERVER_DOWN; - int attempts = 0; - - if (!ldap_state) - return (-1); - - while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) { - - if ((rc = smb_ldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS) - continue; - - rc = ldap_extended_operation_s(ldap_state->ldap_struct, reqoid, reqdata, serverctrls, clientctrls, retoidp, retdatap); - } - - if (rc == LDAP_SERVER_DOWN) { - DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO)); - smb_ldap_close(ldap_state); - } - - return rc; -} - -/******************************************************************* -search an attribute and return the first value found. -******************************************************************/ -BOOL smb_ldap_get_single_attribute (LDAP * ldap_struct, LDAPMessage * entry, - const char *attribute, pstring value) -{ - char **values; - - if ((values = ldap_get_values (ldap_struct, entry, attribute)) == NULL) { - value = NULL; - DEBUG (10, ("smb_ldap_get_single_attribute: [%s] = [<does not exist>]\n", attribute)); - - return False; - } - - pstrcpy(value, values[0]); - ldap_value_free(values); -#ifdef DEBUG_PASSWORDS - DEBUG (100, ("smb_ldap_get_single_attribute: [%s] = [%s]\n", attribute, value)); -#endif - return True; -} - - -/************************************************************************ -Routine to manage the LDAPMod structure array -manage memory used by the array, by each struct, and values - -************************************************************************/ -void smb_ldap_make_a_mod (LDAPMod *** modlist, int modop, - const char *attribute, const char *value) -{ - LDAPMod **mods; - int i; - int j; - - mods = *modlist; - - if (attribute == NULL || *attribute == '\0') - return; - - if (value == NULL || *value == '\0') - return; - - if (mods == NULL) - { - mods = (LDAPMod **) malloc(sizeof(LDAPMod *)); - if (mods == NULL) - { - DEBUG(0, ("smb_ldap_make_a_mod: out of memory!\n")); - return; - } - mods[0] = NULL; - } - - for (i = 0; mods[i] != NULL; ++i) { - if (mods[i]->mod_op == modop && !strcasecmp(mods[i]->mod_type, attribute)) - break; - } - - if (mods[i] == NULL) - { - mods = (LDAPMod **) Realloc (mods, (i + 2) * sizeof (LDAPMod *)); - if (mods == NULL) - { - DEBUG(0, ("smb_ldap_make_a_mod: out of memory!\n")); - return; - } - mods[i] = (LDAPMod *) malloc(sizeof(LDAPMod)); - if (mods[i] == NULL) - { - DEBUG(0, ("smb_ldap_make_a_mod: out of memory!\n")); - return; - } - mods[i]->mod_op = modop; - mods[i]->mod_values = NULL; - mods[i]->mod_type = strdup(attribute); - mods[i + 1] = NULL; - } - - if (value != NULL) - { - j = 0; - if (mods[i]->mod_values != NULL) { - for (; mods[i]->mod_values[j] != NULL; j++); - } - mods[i]->mod_values = (char **)Realloc(mods[i]->mod_values, - (j + 2) * sizeof (char *)); - - if (mods[i]->mod_values == NULL) { - DEBUG (0, ("smb_ldap_make_a_mod: Memory allocation failure!\n")); - return; - } - mods[i]->mod_values[j] = strdup(value); - mods[i]->mod_values[j + 1] = NULL; - } - *modlist = mods; -} - -#endif diff --git a/source3/lib/username.c b/source3/lib/username.c index d8f4ff80ed..b8f33494ee 100644 --- a/source3/lib/username.c +++ b/source3/lib/username.c @@ -339,7 +339,7 @@ static BOOL user_in_winbind_group_list(const char *user, const char *gname, BOOL goto err; } - if (!lp_idmap_gid(&gid_low, &gid_high)) { + if (!lp_winbind_gid(&gid_low, &gid_high)) { DEBUG(4, ("winbind gid range not configured, therefore %s cannot be a winbind group\n", gname)); goto err; } diff --git a/source3/lib/util.c b/source3/lib/util.c index ddc20e492c..a392530786 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -1040,7 +1040,7 @@ BOOL get_mydomname(fstring my_domname) Interpret a protocol description string, with a default. ****************************************************************************/ -int interpret_protocol(const char *str,int def) +int interpret_protocol(char *str,int def) { if (strequal(str,"NT1")) return(PROTOCOL_NT1); @@ -1409,15 +1409,15 @@ void smb_panic(const char *why) { extern char *global_clobber_region_function; extern unsigned int global_clobber_region_line; - + if (global_clobber_region_function) { DEBUG(0,("smb_panic: clobber_region() last called from [%s(%u)]\n", - global_clobber_region_function, - global_clobber_region_line)); + global_clobber_region_function, + global_clobber_region_line)); } } #endif - + cmd = lp_panic_action(); if (cmd && *cmd) { DEBUG(0, ("smb_panic(): calling panic action [%s]\n", cmd)); @@ -1425,10 +1425,10 @@ void smb_panic(const char *why) if (result == -1) DEBUG(0, ("smb_panic(): fork failed in panic action: %s\n", - strerror(errno))); + strerror(errno))); else DEBUG(0, ("smb_panic(): action returned status %d\n", - WEXITSTATUS(result))); + WEXITSTATUS(result))); } DEBUG(0,("PANIC: %s\n", why)); @@ -1453,8 +1453,8 @@ void smb_panic(const char *why) } /******************************************************************* - A readdir wrapper which just returns the file name. - ********************************************************************/ + A readdir wrapper which just returns the file name. +********************************************************************/ const char *readdirname(DIR *p) { diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index dfd3b312e0..9e5ae6b441 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -630,21 +630,3 @@ void print_guid(GUID *guid) d_printf("%02x", guid->info[i]); d_printf("\n"); } - -/******************************************************************* - Tallocs a duplicate SID. -********************************************************************/ - -DOM_SID *sid_dup_talloc(TALLOC_CTX *ctx, DOM_SID *src) -{ - DOM_SID *dst; - - if(!src) - return NULL; - - if((dst = talloc_zero(ctx, sizeof(DOM_SID))) != NULL) { - sid_copy( dst, src); - } - - return dst; -} diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c index e561d15f61..e2f9f19f58 100644 --- a/source3/lib/util_str.c +++ b/source3/lib/util_str.c @@ -1226,12 +1226,12 @@ char *binary_string(char *buf, int len) return ret; } - +#if 0 /** Just a typesafety wrapper for snprintf into a fstring. **/ -int fstr_sprintf(fstring s, const char *fmt, ...) +static int fstr_sprintf(fstring s, const char *fmt, ...) { va_list ap; int ret; @@ -1241,7 +1241,7 @@ int fstr_sprintf(fstring s, const char *fmt, ...) va_end(ap); return ret; } - +#endif #ifndef HAVE_STRNDUP /** diff --git a/source3/lib/util_unistr.c b/source3/lib/util_unistr.c index 812859000a..08bb03986f 100644 --- a/source3/lib/util_unistr.c +++ b/source3/lib/util_unistr.c @@ -40,9 +40,12 @@ static uint8 *valid_table; static uint8 doschar_table[8192]; /* 65536 characters / 8 bits/byte */ -/******************************************************************* -load the case handling tables -********************************************************************/ +/** + * Load or generate the case handling tables. + * + * The case tables are defined in UCS2 and don't depend on any + * configured parameters, so they never need to be reloaded. + **/ void load_case_tables(void) { static int initialised; @@ -91,14 +94,9 @@ void load_case_tables(void) see if a ucs2 character can be mapped correctly to a dos character and mapped back to the same character in ucs2 */ -static int check_dos_char(smb_ucs2_t c) +int check_dos_char(smb_ucs2_t c) { - static int initialized = False; - - if (!initialized) { - initialized = True; - init_doschar_table(); - } + lazy_initialize_conv(); /* Find the right byte, and right bit within the byte; return * 1 or 0 */ diff --git a/source3/libads/ads_utils.c b/source3/libads/ads_utils.c index 626c177926..750940e336 100644 --- a/source3/libads/ads_utils.c +++ b/source3/libads/ads_utils.c @@ -89,52 +89,6 @@ uint32 ads_uf2atype(uint32 uf) } /* -translated the GROUP_CTRL Flags to GroupType (groupType) -*/ -uint32 ads_gcb2gtype(uint16 gcb) -{ - uint32 gtype = 0x00000000; - - if (gcb & GCB_ALIAS_GROUP) gtype |= GTYPE_SECURITY_BUILTIN_LOCAL_GROUP; - else if(gcb & GCB_LOCAL_GROUP) gtype |= GTYPE_SECURITY_DOMAIN_LOCAL_GROUP; - if (gcb & GCB_GLOBAL_GROUP) gtype |= GTYPE_SECURITY_GLOBAL_GROUP; - - return gtype; -} - -/* -translated the GroupType (groupType) to GROUP_CTRL Flags -*/ -uint16 ads_gtype2gcb(uint32 gtype) -{ - uint16 gcb = 0x0000; - - switch(gtype) { - case GTYPE_SECURITY_BUILTIN_LOCAL_GROUP: - gcb = GCB_ALIAS_GROUP; - break; - case GTYPE_SECURITY_DOMAIN_LOCAL_GROUP: - gcb = GCB_LOCAL_GROUP; - break; - case GTYPE_SECURITY_GLOBAL_GROUP: - gcb = GCB_GLOBAL_GROUP; - break; - - case GTYPE_DISTRIBUTION_GLOBAL_GROUP: - gcb = GCB_GLOBAL_GROUP; - break; - case GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP: - gcb = GCB_LOCAL_GROUP; - break; - case GTYPE_DISTRIBUTION_UNIVERSAL_GROUP: - gcb = GCB_GLOBAL_GROUP; - break; - } - - return gcb; -} - -/* get the accountType from the groupType */ uint32 ads_gtype2atype(uint32 gtype) diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c index 6a50137400..4d9a1bf765 100644 --- a/source3/libads/kerberos_verify.c +++ b/source3/libads/kerberos_verify.c @@ -148,12 +148,6 @@ NTSTATUS ads_verify_ticket(ADS_STRUCT *ads, const DATA_BLOB *ticket, get_auth_data_from_tkt(auth_data, tkt); - { - TALLOC_CTX *ctx = talloc_init("pac data"); - decode_pac_data(auth_data, ctx); - talloc_destroy(ctx); - } - #if 0 if (tkt->enc_part2) { file_save("/tmp/authdata.dat", diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c index 214871b3fb..a5b9eee4ce 100644 --- a/source3/libads/krb5_setpw.c +++ b/source3/libads/krb5_setpw.c @@ -538,6 +538,7 @@ ADS_STATUS krb5_set_password(const char *kdc_host, const char *princ, const char krb5_free_creds(context, credsp); krb5_free_principal(context, creds.client); + krb5_free_principal(context, creds.server); krb5_free_principal(context, principal); krb5_free_context(context); @@ -570,11 +571,11 @@ kerb_prompter(krb5_context ctx, void *data, return 0; } -static ADS_STATUS krb5_chg_password(const char *kdc_host, - const char *principal, - const char *oldpw, - const char *newpw, - int time_offset) +ADS_STATUS krb5_chg_password(const char *kdc_host, + const char *principal, + const char *oldpw, + const char *newpw, + int time_offset) { ADS_STATUS aret; krb5_error_code ret; diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index baedfb28db..67827d27f3 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -401,7 +401,7 @@ static char **ads_pull_strvals(TALLOC_CTX *ctx, const char **in_vals) * @param ads connection to ads server * @param bind_path Base dn for the search * @param scope Scope of search (LDAP_BASE | LDAP_ONE | LDAP_SUBTREE) - * @param expr Search expression - specified in local charset + * @param exp Search expression - specified in local charset * @param attrs Attributes to retrieve - specified in utf8 or ascii * @param res ** which will contain results - free res* with ads_msgfree() * @param count Number of entries retrieved on this page @@ -409,12 +409,12 @@ static char **ads_pull_strvals(TALLOC_CTX *ctx, const char **in_vals) * @return status of search **/ ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path, - int scope, const char *expr, + int scope, const char *exp, const char **attrs, void **res, int *count, void **cookie) { int rc, i, version; - char *utf8_expr, *utf8_path, **search_attrs; + char *utf8_exp, *utf8_path, **search_attrs; LDAPControl PagedResults, NoReferrals, *controls[3], **rcontrols; BerElement *cookie_be = NULL; struct berval *cookie_bv= NULL; @@ -428,7 +428,7 @@ ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path, /* 0 means the conversion worked but the result was empty so we only fail if it's -1. In any case, it always at least nulls out the dest */ - if ((push_utf8_talloc(ctx, &utf8_expr, expr) == (size_t)-1) || + if ((push_utf8_talloc(ctx, &utf8_exp, exp) == (size_t)-1) || (push_utf8_talloc(ctx, &utf8_path, bind_path) == (size_t)-1)) { rc = LDAP_NO_MEMORY; goto done; @@ -489,7 +489,7 @@ ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path, */ ldap_set_option(ads->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); - rc = ldap_search_ext_s(ads->ld, utf8_path, scope, utf8_expr, + rc = ldap_search_ext_s(ads->ld, utf8_path, scope, utf8_exp, search_attrs, 0, controls, NULL, NULL, LDAP_NO_LIMIT, (LDAPMessage **)res); @@ -497,7 +497,7 @@ ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path, ber_bvfree(cookie_bv); if (rc) { - DEBUG(3,("ldap_search_ext_s(%s) -> %s\n", expr, ldap_err2string(rc))); + DEBUG(3,("ldap_search_ext_s(%s) -> %s\n", exp, ldap_err2string(rc))); goto done; } @@ -541,20 +541,20 @@ done: * @param ads connection to ads server * @param bind_path Base dn for the search * @param scope Scope of search (LDAP_BASE | LDAP_ONE | LDAP_SUBTREE) - * @param expr Search expression + * @param exp Search expression * @param attrs Attributes to retrieve * @param res ** which will contain results - free res* with ads_msgfree() * @return status of search **/ ADS_STATUS ads_do_search_all(ADS_STRUCT *ads, const char *bind_path, - int scope, const char *expr, + int scope, const char *exp, const char **attrs, void **res) { void *cookie = NULL; int count = 0; ADS_STATUS status; - status = ads_do_paged_search(ads, bind_path, scope, expr, attrs, res, + status = ads_do_paged_search(ads, bind_path, scope, exp, attrs, res, &count, &cookie); if (!ADS_ERR_OK(status)) return status; @@ -564,7 +564,7 @@ ADS_STATUS ads_do_search_all(ADS_STRUCT *ads, const char *bind_path, ADS_STATUS status2; LDAPMessage *msg, *next; - status2 = ads_do_paged_search(ads, bind_path, scope, expr, + status2 = ads_do_paged_search(ads, bind_path, scope, exp, attrs, &res2, &count, &cookie); if (!ADS_ERR_OK(status2)) break; @@ -588,14 +588,14 @@ ADS_STATUS ads_do_search_all(ADS_STRUCT *ads, const char *bind_path, * @param ads connection to ads server * @param bind_path Base dn for the search * @param scope Scope of search (LDAP_BASE | LDAP_ONE | LDAP_SUBTREE) - * @param expr Search expression - specified in local charset + * @param exp Search expression - specified in local charset * @param attrs Attributes to retrieve - specified in UTF-8 or ascii * @param fn Function which takes attr name, values list, and data_area * @param data_area Pointer which is passed to function on each call * @return status of search **/ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, - int scope, const char *expr, const char **attrs, + int scope, const char *exp, const char **attrs, BOOL(*fn)(char *, void **, void *), void *data_area) { @@ -604,7 +604,7 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, ADS_STATUS status; void *res; - status = ads_do_paged_search(ads, bind_path, scope, expr, attrs, &res, + status = ads_do_paged_search(ads, bind_path, scope, exp, attrs, &res, &count, &cookie); if (!ADS_ERR_OK(status)) return status; @@ -613,7 +613,7 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, ads_msgfree(ads, res); while (cookie) { - status = ads_do_paged_search(ads, bind_path, scope, expr, attrs, + status = ads_do_paged_search(ads, bind_path, scope, exp, attrs, &res, &count, &cookie); if (!ADS_ERR_OK(status)) break; @@ -630,18 +630,18 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, * @param ads connection to ads server * @param bind_path Base dn for the search * @param scope Scope of search (LDAP_BASE | LDAP_ONE | LDAP_SUBTREE) - * @param expr Search expression + * @param exp Search expression * @param attrs Attributes to retrieve * @param res ** which will contain results - free res* with ads_msgfree() * @return status of search **/ ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope, - const char *expr, + const char *exp, const char **attrs, void **res) { struct timeval timeout; int rc; - char *utf8_expr, *utf8_path, **search_attrs = NULL; + char *utf8_exp, *utf8_path, **search_attrs = NULL; TALLOC_CTX *ctx; if (!(ctx = talloc_init("ads_do_search"))) { @@ -652,7 +652,7 @@ ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope, /* 0 means the conversion worked but the result was empty so we only fail if it's negative. In any case, it always at least nulls out the dest */ - if ((push_utf8_talloc(ctx, &utf8_expr, expr) == (size_t)-1) || + if ((push_utf8_talloc(ctx, &utf8_exp, exp) == (size_t)-1) || (push_utf8_talloc(ctx, &utf8_path, bind_path) == (size_t)-1)) { DEBUG(1,("ads_do_search: push_utf8_talloc() failed!")); rc = LDAP_NO_MEMORY; @@ -679,7 +679,7 @@ ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope, /* see the note in ads_do_paged_search - we *must* disable referrals */ ldap_set_option(ads->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); - rc = ldap_search_ext_s(ads->ld, utf8_path, scope, utf8_expr, + rc = ldap_search_ext_s(ads->ld, utf8_path, scope, utf8_exp, search_attrs, 0, NULL, NULL, &timeout, LDAP_NO_LIMIT, (LDAPMessage **)res); @@ -698,16 +698,16 @@ ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope, * Do a general ADS search * @param ads connection to ads server * @param res ** which will contain results - free res* with ads_msgfree() - * @param expr Search expression + * @param exp Search expression * @param attrs Attributes to retrieve * @return status of search **/ ADS_STATUS ads_search(ADS_STRUCT *ads, void **res, - const char *expr, + const char *exp, const char **attrs) { return ads_do_search(ads, ads->config.bind_path, LDAP_SCOPE_SUBTREE, - expr, attrs, res); + exp, attrs, res); } /** @@ -772,18 +772,18 @@ char *ads_get_dn(ADS_STRUCT *ads, void *res) ADS_STATUS ads_find_machine_acct(ADS_STRUCT *ads, void **res, const char *host) { ADS_STATUS status; - char *expr; + char *exp; const char *attrs[] = {"*", "nTSecurityDescriptor", NULL}; /* the easiest way to find a machine account anywhere in the tree is to look for hostname$ */ - if (asprintf(&expr, "(samAccountName=%s$)", host) == -1) { + if (asprintf(&exp, "(samAccountName=%s$)", host) == -1) { DEBUG(1, ("asprintf failed!\n")); return ADS_ERROR_NT(NT_STATUS_NO_MEMORY); } - status = ads_search(ads, res, expr, attrs); - free(expr); + status = ads_search(ads, res, exp, attrs); + free(exp); return status; } @@ -1424,7 +1424,7 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname) ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn) { const char *attrs[] = {"nTSecurityDescriptor", "objectSid", 0}; - char *expr = 0; + char *exp = 0; size_t sd_size = 0; struct berval bval = {0, NULL}; prs_struct ps_wire; @@ -1452,7 +1452,7 @@ ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn) return ADS_ERROR_NT(NT_STATUS_NO_MEMORY); } - if (asprintf(&expr, "(samAccountName=%s$)", escaped_hostname) == -1) { + if (asprintf(&exp, "(samAccountName=%s$)", escaped_hostname) == -1) { DEBUG(1, ("ads_set_machine_sd: asprintf failed!\n")); SAFE_FREE(escaped_hostname); return ADS_ERROR_NT(NT_STATUS_NO_MEMORY); @@ -1460,7 +1460,7 @@ ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn) SAFE_FREE(escaped_hostname); - ret = ads_search(ads, (void *) &res, expr, attrs); + ret = ads_search(ads, (void *) &res, exp, attrs); if (!ADS_ERR_OK(ret)) return ret; @@ -2036,7 +2036,7 @@ but you need to force the bind path to match the configurationNamingContext from */ ADS_STATUS ads_workgroup_name(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **workgroup) { - char *expr; + char *exp; ADS_STATUS rc; char **principles; char *prefix; @@ -2047,10 +2047,10 @@ ADS_STATUS ads_workgroup_name(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **workg (*workgroup) = NULL; - asprintf(&expr, "(&(objectclass=computer)(dnshostname=%s.%s))", + asprintf(&exp, "(&(objectclass=computer)(dnshostname=%s.%s))", ads->config.ldap_server_name, ads->config.realm); - rc = ads_search(ads, &res, expr, attrs); - free(expr); + rc = ads_search(ads, &res, exp, attrs); + free(exp); if (!ADS_ERR_OK(rc)) { return rc; diff --git a/source3/libads/ldap_utils.c b/source3/libads/ldap_utils.c index 6855600288..907f7c8aff 100644 --- a/source3/libads/ldap_utils.c +++ b/source3/libads/ldap_utils.c @@ -28,7 +28,7 @@ this is supposed to catch dropped connections and auto-reconnect */ ADS_STATUS ads_do_search_retry(ADS_STRUCT *ads, const char *bind_path, int scope, - const char *expr, + const char *exp, const char **attrs, void **res) { ADS_STATUS status; @@ -46,10 +46,10 @@ ADS_STATUS ads_do_search_retry(ADS_STRUCT *ads, const char *bind_path, int scope return ADS_ERROR_NT(NT_STATUS_NO_MEMORY); while (count--) { - status = ads_do_search_all(ads, bp, scope, expr, attrs, res); + status = ads_do_search_all(ads, bp, scope, exp, attrs, res); if (ADS_ERR_OK(status)) { DEBUG(5,("Search for %s gave %d replies\n", - expr, ads_count_replies(ads, *res))); + exp, ads_count_replies(ads, *res))); free(bp); return status; } @@ -79,11 +79,11 @@ ADS_STATUS ads_do_search_retry(ADS_STRUCT *ads, const char *bind_path, int scope ADS_STATUS ads_search_retry(ADS_STRUCT *ads, void **res, - const char *expr, + const char *exp, const char **attrs) { return ads_do_search_retry(ads, ads->config.bind_path, LDAP_SCOPE_SUBTREE, - expr, attrs, res); + exp, attrs, res); } ADS_STATUS ads_search_retry_dn(ADS_STRUCT *ads, void **res, diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 81cb61d757..81b3bbcab5 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -118,10 +118,7 @@ BOOL cli_receive_smb(struct cli_state *cli) } if (!cli_check_sign_mac(cli)) { - DEBUG(0, ("SMB Signature verification failed on incoming packet!\n")); - cli->smb_rw_error = READ_BAD_SIG; - close(cli->fd); - cli->fd = -1; + DEBUG(0, ("SMB Signiture verification failed on incoming packet!\n")); return False; }; return True; @@ -262,6 +259,9 @@ struct cli_state *cli_initialise(struct cli_state *cli) if (getenv("CLI_FORCE_DOSERR")) cli->force_dos_errors = True; + /* initialise signing */ + cli_null_set_signing(cli); + if (lp_client_signing()) cli->sign_info.allow_smb_signing = True; @@ -274,13 +274,6 @@ struct cli_state *cli_initialise(struct cli_state *cli) memset(cli->outbuf, 0, cli->bufsize); memset(cli->inbuf, 0, cli->bufsize); - /* just becouse we over-allocate, doesn't mean it's right to use it */ - clobber_region(FUNCTION_MACRO, __LINE__, cli->outbuf+cli->bufsize, SAFETY_MARGIN); - clobber_region(FUNCTION_MACRO, __LINE__, cli->inbuf+cli->bufsize, SAFETY_MARGIN); - - /* initialise signing */ - cli_null_set_signing(cli); - cli->nt_pipe_fnum = 0; cli->saved_netlogon_pipe_fnum = 0; diff --git a/source3/libsmb/clierror.c b/source3/libsmb/clierror.c index 9ee181a90f..12a7b5dba1 100644 --- a/source3/libsmb/clierror.c +++ b/source3/libsmb/clierror.c @@ -2,7 +2,6 @@ Unix SMB/CIFS implementation. client error handling routines Copyright (C) Andrew Tridgell 1994-1998 - Copyright (C) Jelmer Vernooij 2003 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -96,21 +95,17 @@ const char *cli_errstr(struct cli_state *cli) break; case READ_EOF: slprintf(cli_error_message, sizeof(cli_error_message) - 1, - "Call returned zero bytes (EOF)" ); + "Call returned zero bytes (EOF)\n" ); break; case READ_ERROR: slprintf(cli_error_message, sizeof(cli_error_message) - 1, - "Read error: %s", strerror(errno) ); + "Read error: %s\n", strerror(errno) ); break; case WRITE_ERROR: slprintf(cli_error_message, sizeof(cli_error_message) - 1, - "Write error: %s", strerror(errno) ); + "Write error: %s\n", strerror(errno) ); break; - case READ_BAD_SIG: - slprintf(cli_error_message, sizeof(cli_error_message) - 1, - "Server packet had invalid SMB signiture!"); - break; - default: + default: slprintf(cli_error_message, sizeof(cli_error_message) - 1, "Unknown error code %d\n", cli->smb_rw_error ); break; @@ -225,104 +220,16 @@ static struct { int error; } nt_errno_map[] = { {NT_STATUS_ACCESS_VIOLATION, EACCES}, + {NT_STATUS_NO_SUCH_FILE, ENOENT}, + {NT_STATUS_NO_SUCH_DEVICE, ENODEV}, {NT_STATUS_INVALID_HANDLE, EBADF}, + {NT_STATUS_NO_MEMORY, ENOMEM}, {NT_STATUS_ACCESS_DENIED, EACCES}, {NT_STATUS_OBJECT_NAME_NOT_FOUND, ENOENT}, {NT_STATUS_SHARING_VIOLATION, EBUSY}, {NT_STATUS_OBJECT_PATH_INVALID, ENOTDIR}, {NT_STATUS_OBJECT_NAME_COLLISION, EEXIST}, {NT_STATUS_PATH_NOT_COVERED, ENOENT}, - {NT_STATUS_UNSUCCESSFUL, EINVAL}, - {NT_STATUS_NOT_IMPLEMENTED, ENOSYS}, - {NT_STATUS_IN_PAGE_ERROR, EFAULT}, - {NT_STATUS_BAD_NETWORK_NAME, ENOENT}, -#ifdef EDQUOT - {NT_STATUS_PAGEFILE_QUOTA, EDQUOT}, - {NT_STATUS_QUOTA_EXCEEDED, EDQUOT}, - {NT_STATUS_REGISTRY_QUOTA_LIMIT, EDQUOT}, - {NT_STATUS_LICENSE_QUOTA_EXCEEDED, EDQUOT}, -#endif -#ifdef ETIME - {NT_STATUS_TIMER_NOT_CANCELED, ETIME}, -#endif - {NT_STATUS_INVALID_PARAMETER, EINVAL}, - {NT_STATUS_NO_SUCH_DEVICE, ENODEV}, - {NT_STATUS_NO_SUCH_FILE, ENOENT}, -#ifdef ENODATA - {NT_STATUS_END_OF_FILE, ENODATA}, -#endif -#ifdef ENOMEDIUM - {NT_STATUS_NO_MEDIA_IN_DEVICE, ENOMEDIUM}, - {NT_STATUS_NO_MEDIA, ENOMEDIUM}, -#endif - {NT_STATUS_NONEXISTENT_SECTOR, ESPIPE}, - {NT_STATUS_NO_MEMORY, ENOMEM}, - {NT_STATUS_CONFLICTING_ADDRESSES, EADDRINUSE}, - {NT_STATUS_NOT_MAPPED_VIEW, EINVAL}, - {NT_STATUS_UNABLE_TO_FREE_VM, EADDRINUSE}, - {NT_STATUS_ACCESS_DENIED, EACCES}, - {NT_STATUS_BUFFER_TOO_SMALL, ENOBUFS}, - {NT_STATUS_WRONG_PASSWORD, EACCES}, - {NT_STATUS_LOGON_FAILURE, EACCES}, - {NT_STATUS_INVALID_WORKSTATION, EACCES}, - {NT_STATUS_INVALID_LOGON_HOURS, EACCES}, - {NT_STATUS_PASSWORD_EXPIRED, EACCES}, - {NT_STATUS_ACCOUNT_DISABLED, EACCES}, - {NT_STATUS_DISK_FULL, ENOSPC}, - {NT_STATUS_INVALID_PIPE_STATE, EPIPE}, - {NT_STATUS_PIPE_BUSY, EPIPE}, - {NT_STATUS_PIPE_DISCONNECTED, EPIPE}, - {NT_STATUS_PIPE_NOT_AVAILABLE, ENOSYS}, - {NT_STATUS_FILE_IS_A_DIRECTORY, EISDIR}, - {NT_STATUS_NOT_SUPPORTED, ENOSYS}, - {NT_STATUS_NOT_A_DIRECTORY, ENOTDIR}, - {NT_STATUS_DIRECTORY_NOT_EMPTY, ENOTEMPTY}, - {NT_STATUS_NETWORK_UNREACHABLE, ENETUNREACH}, - {NT_STATUS_HOST_UNREACHABLE, EHOSTUNREACH}, - {NT_STATUS_CONNECTION_ABORTED, ECONNABORTED}, - {NT_STATUS_CONNECTION_REFUSED, ECONNREFUSED}, - {NT_STATUS_TOO_MANY_LINKS, EMLINK}, - {NT_STATUS_NETWORK_BUSY, EBUSY}, - {NT_STATUS_DEVICE_DOES_NOT_EXIST, ENODEV}, -#ifdef ELIBACC - {NT_STATUS_DLL_NOT_FOUND, ELIBACC}, -#endif - {NT_STATUS_PIPE_BROKEN, EPIPE}, - {NT_STATUS_REMOTE_NOT_LISTENING, ECONNREFUSED}, - {NT_STATUS_NETWORK_ACCESS_DENIED, EACCES}, - {NT_STATUS_TOO_MANY_OPENED_FILES, EMFILE}, -#ifdef EPROTO - {NT_STATUS_DEVICE_PROTOCOL_ERROR, EPROTO}, -#endif - {NT_STATUS_FLOAT_OVERFLOW, ERANGE}, - {NT_STATUS_FLOAT_UNDERFLOW, ERANGE}, - {NT_STATUS_INTEGER_OVERFLOW, ERANGE}, - {NT_STATUS_MEDIA_WRITE_PROTECTED, EROFS}, - {NT_STATUS_PIPE_CONNECTED, EISCONN}, - {NT_STATUS_MEMORY_NOT_ALLOCATED, EFAULT}, - {NT_STATUS_FLOAT_INEXACT_RESULT, ERANGE}, - {NT_STATUS_ILL_FORMED_PASSWORD, EACCES}, - {NT_STATUS_PASSWORD_RESTRICTION, EACCES}, - {NT_STATUS_ACCOUNT_RESTRICTION, EACCES}, - {NT_STATUS_PORT_CONNECTION_REFUSED, ECONNREFUSED}, - {NT_STATUS_NAME_TOO_LONG, ENAMETOOLONG}, - {NT_STATUS_REMOTE_DISCONNECT, ESHUTDOWN}, - {NT_STATUS_CONNECTION_DISCONNECTED, ECONNABORTED}, - {NT_STATUS_CONNECTION_RESET, ENETRESET}, -#ifdef ENOTUNIQ - {NT_STATUS_IP_ADDRESS_CONFLICT1, ENOTUNIQ}, - {NT_STATUS_IP_ADDRESS_CONFLICT2, ENOTUNIQ}, -#endif - {NT_STATUS_PORT_MESSAGE_TOO_LONG, EMSGSIZE}, - {NT_STATUS_PROTOCOL_UNREACHABLE, ENOPROTOOPT}, - {NT_STATUS_ADDRESS_ALREADY_EXISTS, EADDRINUSE}, - {NT_STATUS_PORT_UNREACHABLE, EHOSTUNREACH}, - {NT_STATUS_IO_TIMEOUT, ETIMEDOUT}, - {NT_STATUS_RETRY, EAGAIN}, -#ifdef ECOMM - {NT_STATUS_NET_WRITE_FAULT, ECOMM}, -#endif - {NT_STATUS(0), 0} }; diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index b771e135f4..d86f36405d 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -375,11 +375,9 @@ int cli_nt_delete_on_close(struct cli_state *cli, int fnum, BOOL flag) Used in smbtorture. ****************************************************************************/ -int cli_nt_create_full(struct cli_state *cli, const char *fname, - uint32 CreatFlags, uint32 DesiredAccess, +int cli_nt_create_full(struct cli_state *cli, const char *fname, uint32 DesiredAccess, uint32 FileAttributes, uint32 ShareAccess, - uint32 CreateDisposition, uint32 CreateOptions, - uint8 SecuityFlags) + uint32 CreateDisposition, uint32 CreateOptions) { char *p; int len; @@ -395,9 +393,9 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname, SSVAL(cli->outbuf,smb_vwv0,0xFF); if (cli->use_oplocks) - CreatFlags |= (REQUEST_OPLOCK|REQUEST_BATCH_OPLOCK); - - SIVAL(cli->outbuf,smb_ntcreate_Flags, CreatFlags); + SIVAL(cli->outbuf,smb_ntcreate_Flags, REQUEST_OPLOCK|REQUEST_BATCH_OPLOCK); + else + SIVAL(cli->outbuf,smb_ntcreate_Flags, 0); SIVAL(cli->outbuf,smb_ntcreate_RootDirectoryFid, 0x0); SIVAL(cli->outbuf,smb_ntcreate_DesiredAccess, DesiredAccess); SIVAL(cli->outbuf,smb_ntcreate_FileAttributes, FileAttributes); @@ -405,7 +403,6 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname, SIVAL(cli->outbuf,smb_ntcreate_CreateDisposition, CreateDisposition); SIVAL(cli->outbuf,smb_ntcreate_CreateOptions, CreateOptions); SIVAL(cli->outbuf,smb_ntcreate_ImpersonationLevel, 0x02); - SCVAL(cli->outbuf,smb_ntcreate_SecurityFlags, SecuityFlags); p = smb_buf(cli->outbuf); /* this alignment and termination is critical for netapp filers. Don't change */ @@ -436,8 +433,8 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname, int cli_nt_create(struct cli_state *cli, const char *fname, uint32 DesiredAccess) { - return cli_nt_create_full(cli, fname, 0, DesiredAccess, 0, - FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_EXISTS_OPEN, 0x0, 0x0); + return cli_nt_create_full(cli, fname, DesiredAccess, 0, + FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_EXISTS_OPEN, 0x0); } /**************************************************************************** @@ -945,6 +942,7 @@ BOOL cli_setatr(struct cli_state *cli, const char *fname, uint16 attr, time_t t) /**************************************************************************** Check for existance of a dir. ****************************************************************************/ + BOOL cli_chkpath(struct cli_state *cli, const char *path) { pstring path2; @@ -1051,34 +1049,3 @@ int cli_ctemp(struct cli_state *cli, const char *path, char **tmp_path) return SVAL(cli->inbuf,smb_vwv0); } - - -/* - send a raw ioctl - used by the torture code -*/ -NTSTATUS cli_raw_ioctl(struct cli_state *cli, int fnum, uint32 code, DATA_BLOB *blob) -{ - memset(cli->outbuf,'\0',smb_size); - memset(cli->inbuf,'\0',smb_size); - - set_message(cli->outbuf, 3, 0, True); - SCVAL(cli->outbuf,smb_com,SMBioctl); - cli_setup_packet(cli); - - SSVAL(cli->outbuf, smb_vwv0, fnum); - SSVAL(cli->outbuf, smb_vwv1, code>>16); - SSVAL(cli->outbuf, smb_vwv2, (code&0xFFFF)); - - cli_send_smb(cli); - if (!cli_receive_smb(cli)) { - return NT_STATUS_UNEXPECTED_NETWORK_ERROR; - } - - if (cli_is_error(cli)) { - return cli_nt_error(cli); - } - - *blob = data_blob(NULL, 0); - - return NT_STATUS_OK; -} diff --git a/source3/libsmb/clirap.c b/source3/libsmb/clirap.c index f05a65762b..224c37046c 100644 --- a/source3/libsmb/clirap.c +++ b/source3/libsmb/clirap.c @@ -233,7 +233,7 @@ BOOL cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32 stype, SIVAL(p,0,stype); p += 4; - push_ascii(p, workgroup, sizeof(pstring)-PTR_DIFF(p,param)-1, STR_TERMINATE|STR_UPPER); + p += push_pstring_base(p, workgroup, param); if (cli_api(cli, param, PTR_DIFF(p,param), 8, /* params, length, max */ diff --git a/source3/libsmb/libsmb_cache.c b/source3/libsmb/libsmb_cache.c index 67dc686b48..b1620042f3 100644 --- a/source3/libsmb/libsmb_cache.c +++ b/source3/libsmb/libsmb_cache.c @@ -50,8 +50,8 @@ struct smbc_server_cache { * This function is only used if the external cache is not enabled */ static int smbc_add_cached_server(SMBCCTX * context, SMBCSRV * new, - const char * server, const char * share, - const char * workgroup, const char * username) + char * server, char * share, + char * workgroup, char * username) { struct smbc_server_cache * srvcache = NULL; @@ -108,8 +108,8 @@ static int smbc_add_cached_server(SMBCCTX * context, SMBCSRV * new, * returns server_fd on success, -1 on error (not found) * This function is only used if the external cache is not enabled */ -static SMBCSRV * smbc_get_cached_server(SMBCCTX * context, const char * server, - const char * share, const char * workgroup, const char * user) +static SMBCSRV * smbc_get_cached_server(SMBCCTX * context, char * server, + char * share, char * workgroup, char * user) { struct smbc_server_cache * srv = NULL; diff --git a/source3/libsmb/libsmbclient.c b/source3/libsmb/libsmbclient.c index 69c4d8f7a7..92353d8c30 100644 --- a/source3/libsmb/libsmbclient.c +++ b/source3/libsmb/libsmbclient.c @@ -52,87 +52,6 @@ extern BOOL in_client; */ static int smbc_initialized = 0; -static int -hex2int( unsigned int _char ) -{ - if ( _char >= 'A' && _char <='F') - return _char - 'A' + 10; - if ( _char >= 'a' && _char <='f') - return _char - 'a' + 10; - if ( _char >= '0' && _char <='9') - return _char - '0'; - return -1; -} - -static void -decode_urlpart(char *segment, size_t sizeof_segment) -{ - int old_length = strlen(segment); - int new_length = 0; - int new_length2 = 0; - int i = 0; - pstring new_segment; - char *new_usegment = 0; - - if ( !old_length ) { - return; - } - - /* make a copy of the old one */ - new_usegment = (char*)malloc( old_length * 3 + 1 ); - - while( i < old_length ) { - int bReencode = False; - unsigned char character = segment[ i++ ]; - if ((character <= ' ') || (character > 127)) - bReencode = True; - - new_usegment [ new_length2++ ] = character; - if (character == '%' ) { - int a = i+1 < old_length ? hex2int( segment[i] ) : -1; - int b = i+1 < old_length ? hex2int( segment[i+1] ) : -1; - if ((a == -1) || (b == -1)) { /* Only replace if sequence is valid */ - /* Contains stray %, make sure to re-encode! */ - bReencode = True; - } else { - /* Valid %xx sequence */ - character = a * 16 + b; /* Replace with value of %dd */ - if (!character) - break; /* Stop at %00 */ - - new_usegment [ new_length2++ ] = (unsigned char) segment[i++]; - new_usegment [ new_length2++ ] = (unsigned char) segment[i++]; - } - } - if (bReencode) { - unsigned int c = character / 16; - new_length2--; - new_usegment [ new_length2++ ] = '%'; - - c += (c > 9) ? ('A' - 10) : '0'; - new_usegment[ new_length2++ ] = c; - - c = character % 16; - c += (c > 9) ? ('A' - 10) : '0'; - new_usegment[ new_length2++ ] = c; - } - - new_segment [ new_length++ ] = character; - } - new_segment [ new_length ] = 0; - - free(new_usegment); - - /* realloc it with unix charset */ - pull_utf8_allocate((void**)&new_usegment, new_segment); - - /* this assumes (very safely) that removing %aa sequences - only shortens the string */ - strncpy(segment, new_usegment, sizeof_segment); - - free(new_usegment); -} - /* * Function to parse a path and turn it into components * @@ -178,7 +97,7 @@ smbc_parse_path(SMBCCTX *context, const char *fname, char *server, char *share, p += 2; /* Skip the // or \\ */ if (*p == (char)0) - goto decoding; + return 0; if (*p == '/') { @@ -239,7 +158,7 @@ smbc_parse_path(SMBCCTX *context, const char *fname, char *server, char *share, } - if (*p == (char)0) goto decoding; /* That's it ... */ + if (*p == (char)0) return 0; /* That's it ... */ if (!next_token(&p, share, "/", sizeof(fstring))) { @@ -248,16 +167,9 @@ smbc_parse_path(SMBCCTX *context, const char *fname, char *server, char *share, } pstrcpy(path, p); - + all_string_sub(path, "/", "\\", 0); - decoding: - decode_urlpart(path, sizeof(pstring)); - decode_urlpart(server, sizeof(fstring)); - decode_urlpart(share, sizeof(fstring)); - decode_urlpart(user, sizeof(fstring)); - decode_urlpart(password, sizeof(fstring)); - return 0; } @@ -355,16 +267,15 @@ int smbc_remove_unused_server(SMBCCTX * context, SMBCSRV * srv) */ SMBCSRV *smbc_server(SMBCCTX *context, - const char *server, const char *share, - fstring workgroup, fstring username, - fstring password) + char *server, char *share, + char *workgroup, char *username, + char *password) { SMBCSRV *srv=NULL; int auth_called = 0; struct cli_state c; struct nmb_name called, calling; - char *p; - const char *server_n = server; + char *p, *server_n = server; fstring group; pstring ipenv; struct in_addr ip; @@ -818,6 +729,27 @@ static int smbc_close_ctx(SMBCCTX *context, SMBCFILE *file) } + if (!file->file) { + + return context->closedir(context, file); + + } + + if (!cli_close(&file->srv->cli, file->cli_fd)) { + DEBUG(3, ("cli_close failed on %s. purging server.\n", + file->fname)); + /* Deallocate slot and remove the server + * from the server cache if unused */ + errno = smbc_errno(context, &file->srv->cli); + srv = file->srv; + DLIST_REMOVE(context->internal->_files, file); + SAFE_FREE(file->fname); + SAFE_FREE(file); + context->callbacks.remove_unused_server_fn(context, srv); + + return -1; + } + DLIST_REMOVE(context->internal->_files, file); SAFE_FREE(file->fname); SAFE_FREE(file); @@ -1071,16 +1003,12 @@ static off_t smbc_lseek_ctx(SMBCCTX *context, SMBCFILE *file, off_t offset, int case SEEK_END: if (!cli_qfileinfo(&file->srv->cli, file->cli_fd, NULL, &size, NULL, NULL, - NULL, NULL, NULL)) - { - SMB_BIG_UINT b_size = size; - if (!cli_getattrE(&file->srv->cli, file->cli_fd, NULL, &b_size, NULL, NULL, - NULL)) - { + NULL, NULL, NULL) && + !cli_getattrE(&file->srv->cli, file->cli_fd, NULL, &size, NULL, NULL, + NULL)) { + errno = EINVAL; return -1; - } else - size = b_size; } file->offset = size + offset; break; @@ -1278,15 +1206,12 @@ static int smbc_fstat_ctx(SMBCCTX *context, SMBCFILE *file, struct stat *st) } if (!cli_qfileinfo(&file->srv->cli, file->cli_fd, - &mode, &size, &c_time, &a_time, &m_time, NULL, &ino)) { - SMB_BIG_UINT b_size = size; - if (!cli_getattrE(&file->srv->cli, file->cli_fd, - &mode, &b_size, &c_time, &a_time, &m_time)) { + &mode, &size, &c_time, &a_time, &m_time, NULL, &ino) && + !cli_getattrE(&file->srv->cli, file->cli_fd, + &mode, &size, &c_time, &a_time, &m_time)) { errno = EINVAL; return -1; - } else - size = b_size; } @@ -1339,13 +1264,6 @@ static int add_dirent(SMBCFILE *dir, const char *name, const char *comment, uint { struct smbc_dirent *dirent; int size; - char *u_name = NULL, *u_comment = NULL; - size_t u_name_len = 0, u_comment_len = 0; - - if (name) - u_name_len = push_utf8_allocate(&u_name, name); - if (comment) - u_comment_len = push_utf8_allocate(&u_comment, comment); /* * Allocate space for the dirent, which must be increased by the @@ -1353,7 +1271,8 @@ static int add_dirent(SMBCFILE *dir, const char *name, const char *comment, uint * The null on the name is already accounted for. */ - size = sizeof(struct smbc_dirent) + u_name_len + u_comment_len + 1; + size = sizeof(struct smbc_dirent) + (name?strlen(name):0) + + (comment?strlen(comment):0) + 1; dirent = malloc(size); @@ -1402,17 +1321,14 @@ static int add_dirent(SMBCFILE *dir, const char *name, const char *comment, uint dir->dir_end->dirent = dirent; dirent->smbc_type = type; - dirent->namelen = u_name_len; - dirent->commentlen = u_comment_len; + dirent->namelen = (name?strlen(name):0); + dirent->commentlen = (comment?strlen(comment):0); dirent->dirlen = size; - strncpy(dirent->name, (u_name?u_name:""), dirent->namelen + 1); + strncpy(dirent->name, (name?name:""), dirent->namelen + 1); dirent->comment = (char *)(&dirent->name + dirent->namelen + 1); - strncpy(dirent->comment, (u_comment?u_comment:""), dirent->commentlen + 1); - - SAFE_FREE(u_comment); - SAFE_FREE(u_name); + strncpy(dirent->comment, (comment?comment:""), dirent->commentlen + 1); return 0; @@ -1478,8 +1394,7 @@ dir_list_fn(file_info *finfo, const char *mask, void *state) static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) { - fstring server, share, user, password; - pstring workgroup; + fstring server, share, user, password, workgroup; pstring path; SMBCSRV *srv = NULL; SMBCFILE *dir = NULL; @@ -1487,29 +1402,29 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) if (!context || !context->internal || !context->internal->_initialized) { - DEBUG(4, ("no valid context\n")); + errno = EINVAL; return NULL; } if (!fname) { - DEBUG(4, ("no valid fname\n")); + errno = EINVAL; return NULL; + } if (smbc_parse_path(context, fname, server, share, path, user, password)) { - DEBUG(4, ("no valid path\n")); + errno = EINVAL; return NULL; - } - DEBUG(4, ("parsed path: fname='%s' server='%s' share='%s' path='%s'\n", fname, server, share, path)); + } if (user[0] == (char)0) fstrcpy(user, context->user); - pstrcpy(workgroup, context->workgroup); + fstrcpy(workgroup, context->workgroup); dir = malloc(sizeof(*dir)); @@ -1530,74 +1445,64 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) dir->dir_list = dir->dir_next = dir->dir_end = NULL; if (server[0] == (char)0) { - struct in_addr server_ip; - if (share[0] != (char)0 || path[0] != (char)0) { + if (share[0] != (char)0 || path[0] != (char)0) { + errno = EINVAL; if (dir) { SAFE_FREE(dir->fname); SAFE_FREE(dir); } return NULL; + } /* We have server and share and path empty ... so list the workgroups */ /* first try to get the LMB for our workgroup, and if that fails, */ /* try the DMB */ - pstrcpy(workgroup, lp_workgroup()); - - if (!find_master_ip(workgroup, &server_ip)) { - struct user_auth_info u_info; - struct cli_state *cli; + if (!(resolve_name(context->workgroup, &rem_ip, 0x1d) || + resolve_name(context->workgroup, &rem_ip, 0x1b))) { + + errno = EINVAL; /* Something wrong with smb.conf? */ + return NULL; - DEBUG(4, ("Unable to find master browser for workgroup %s\n", - workgroup)); + } - /* find the name of the server ... */ - pstrcpy(u_info.username, user); - pstrcpy(u_info.password, password); + dir->dir_type = SMBC_WORKGROUP; - if (!(cli = get_ipc_connect_master_ip_bcast(workgroup, &u_info))) { - DEBUG(4, ("Unable to find master browser by " - "broadcast\n")); - errno = ENOENT; - return NULL; - } + /* find the name of the server ... */ - fstrcpy(server, cli->desthost); + if (!name_status_find("*", 0, 0, rem_ip, server)) { - cli_shutdown(cli); - } else { - if (!name_status_find("*", 0, 0, server_ip, server)) { - errno = ENOENT; + DEBUG(0,("Could not get the name of local/domain master browser for server %s\n", server)); + errno = EINVAL; return NULL; - } - } - DEBUG(4, ("using workgroup %s %s\n", workgroup, server)); + } - /* - * Get a connection to IPC$ on the server if we do not already have one - */ + /* + * Get a connection to IPC$ on the server if we do not already have one + */ srv = smbc_server(context, server, "IPC$", workgroup, user, password); - if (!srv) { - - if (dir) { - SAFE_FREE(dir->fname); - SAFE_FREE(dir); - } - return NULL; - } - + if (!srv) { + + if (dir) { + SAFE_FREE(dir->fname); + SAFE_FREE(dir); + } + + return NULL; + + } + dir->srv = srv; - dir->dir_type = SMBC_WORKGROUP; /* Now, list the stuff ... */ - if (!cli_NetServerEnum(&srv->cli, workgroup, SV_TYPE_DOMAIN_ENUM, list_fn, + if (!cli_NetServerEnum(&srv->cli, workgroup, 0x80000000, list_fn, (void *)dir)) { if (dir) { @@ -1655,7 +1560,7 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) srv = smbc_server(context, buserver, "IPC$", workgroup, user, password); if (!srv) { - DEBUG(0, ("got no contact to IPC$\n")); + if (dir) { SAFE_FREE(dir->fname); SAFE_FREE(dir); @@ -2153,7 +2058,6 @@ static int smbc_rmdir_ctx(SMBCCTX *context, const char *fname) static off_t smbc_telldir_ctx(SMBCCTX *context, SMBCFILE *dir) { - off_t ret_val; /* Squash warnings about cast */ if (!context || !context->internal || !context->internal->_initialized) { @@ -2177,11 +2081,7 @@ static off_t smbc_telldir_ctx(SMBCCTX *context, SMBCFILE *dir) } - /* - * We return the pointer here as the offset - */ - ret_val = (int)dir->dir_next; - return ret_val; + return (off_t) dir->dir_next; } @@ -2221,9 +2121,8 @@ struct smbc_dir_list *smbc_check_dir_ent(struct smbc_dir_list *list, static int smbc_lseekdir_ctx(SMBCCTX *context, SMBCFILE *dir, off_t offset) { - long int l_offset = offset; /* Handle problems of size */ - struct smbc_dirent *dirent = (struct smbc_dirent *)l_offset; - struct smbc_dir_list *list_ent = (struct smbc_dir_list *)NULL; + struct smbc_dirent *dirent = (struct smbc_dirent *)offset; + struct smbc_dir_list *list_ent = NULL; if (!context || !context->internal || !context->internal->_initialized) { @@ -2670,10 +2569,10 @@ SMBCCTX * smbc_init_context(SMBCCTX * context) if (!smbc_initialized) { /* Do some library wide intialisations the first time we get called */ - /* Set this to what the user wants */ - DEBUGLEVEL = context->debug; + /* Do we still need this ? */ + DEBUGLEVEL = 10; - setup_logging( "libsmbclient", True); + setup_logging( "libsmbclient", False); /* Here we would open the smb.conf file if needed ... */ @@ -2688,16 +2587,13 @@ SMBCCTX * smbc_init_context(SMBCCTX * context) if (!lp_load(conf, True, False, False)) { /* - * Well, if that failed, try the dyn_CONFIGFILE - * Which points to the standard locn, and if that - * fails, silently ignore it and use the internal - * defaults ... + * Hmmm, what the hell do we do here ... we could not parse the + * config file ... We must return an error ... and keep info around + * about why we failed */ - - if (!lp_load(dyn_CONFIGFILE, True, False, False)) { - DEBUG(5, ("Could not load either config file: %s or %s\n", - conf, dyn_CONFIGFILE)); - } + + errno = ENOENT; /* FIXME: Figure out the correct error response */ + return NULL; } reopen_logs(); /* Get logging working ... */ @@ -2744,8 +2640,8 @@ SMBCCTX * smbc_init_context(SMBCCTX * context) slprintf(context->netbios_name, 16, "smbc%s%d", context->user, pid); } } - - DEBUG(1, ("Using netbios name %s.\n", context->netbios_name)); + DEBUG(0,("Using netbios name %s.\n", context->netbios_name)); + if (!context->workgroup) { if (lp_workgroup()) { @@ -2756,8 +2652,7 @@ SMBCCTX * smbc_init_context(SMBCCTX * context) context->workgroup = strdup("samba"); } } - - DEBUG(1, ("Using workgroup %s.\n", context->workgroup)); + DEBUG(0,("Using workgroup %s.\n", context->workgroup)); /* shortest timeout is 1 second */ if (context->timeout > 0 && context->timeout < 1000) diff --git a/source3/libsmb/netlogon_unigrp.c b/source3/libsmb/netlogon_unigrp.c index 466410d800..fa2fe32f35 100644 --- a/source3/libsmb/netlogon_unigrp.c +++ b/source3/libsmb/netlogon_unigrp.c @@ -22,7 +22,6 @@ */ #include "includes.h" -#define UNIGROUP_PREFIX "UNIGROUP" /* Handle for netlogon_unigrp.tdb database. It is used internally @@ -51,22 +50,17 @@ BOOL uni_group_cache_init(void) BOOL uni_group_cache_store_netlogon(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user) { TDB_DATA key,data; - fstring keystr, sid_string; - DOM_SID user_sid; - unsigned int i; + fstring keystr; + int i; if (!uni_group_cache_init()) { DEBUG(0,("uni_group_cache_store_netlogon: cannot open netlogon_unigrp.tdb for write!\n")); return False; } - sid_copy(&user_sid, &user->dom_sid.sid); - sid_append_rid(&user_sid, user->user_rid); - - /* Prepare key as USER-SID string */ - slprintf(keystr, sizeof(keystr), "%s/%s", - UNIGROUP_PREFIX, - sid_to_string(sid_string, &user_sid)); + /* Prepare key as DOMAIN-SID/USER-RID string */ + slprintf(keystr, sizeof(keystr), "%s/%d", + sid_string_static(&user->dom_sid.sid), user->user_rid); key.dptr = keystr; key.dsize = strlen(keystr) + 1; @@ -96,15 +90,14 @@ BOOL uni_group_cache_store_netlogon(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user) and elements are array[0] ... array[num_elements-1] */ -DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid, +uint32* uni_group_cache_fetch(DOM_SID *domain, uint32 user_rid, TALLOC_CTX *mem_ctx, uint32 *num_groups) { TDB_DATA key,data; fstring keystr; - DOM_SID **groups; + uint32 *groups; uint32 i; uint32 group_count; - fstring sid_string; if (!domain) { DEBUG(1,("uni_group_cache_fetch: expected non-null domain sid\n")); @@ -130,9 +123,8 @@ DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid, *num_groups = 0; /* Fetch universal groups */ - slprintf(keystr, sizeof(keystr), "%s/%s", - UNIGROUP_PREFIX, - sid_to_string(sid_string, user_sid)); + slprintf(keystr, sizeof(keystr), "%s/%d", + sid_string_static(domain), user_rid); key.dptr = keystr; key.dsize = strlen(keystr) + 1; data = tdb_fetch(netlogon_unigrp_tdb, key); @@ -144,17 +136,12 @@ DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid, /* Transfer data to receiver's memory context */ group_count = IVAL(&((uint32*)data.dptr)[0],0); - groups = talloc(mem_ctx, (group_count)*sizeof(*groups)); + groups = talloc(mem_ctx, (group_count)*sizeof(uint32)); if (groups) { for(i=0; i<group_count; i++) { - groups[i] = talloc(mem_ctx, sizeof(**groups)); - if (!groups[i]) { - DEBUG(1,("uni_group_cache_fetch: cannot allocate uni groups in receiver's memory context\n")); - return NULL; - } - sid_copy(groups[i], domain); - sid_append_rid(groups[i], IVAL(&((uint32*)data.dptr)[i+1],0)); + groups[i] = IVAL(&((uint32*)data.dptr)[i+1],0); } + } else { DEBUG(1,("uni_group_cache_fetch: cannot allocate uni groups in receiver's memory context\n")); } diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index d54655d17f..c179b98abf 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -385,7 +385,7 @@ NTSTATUS ntlmssp_server_update(NTLMSSP_STATE *ntlmssp_state, } else if (ntlmssp_command == NTLMSSP_AUTH) { return ntlmssp_server_auth(ntlmssp_state, request, reply); } else { - DEBUG(1, ("unknown NTLMSSP command %u, expected %u\n", ntlmssp_command, ntlmssp_state->expected_state)); + DEBUG(1, ("unknown NTLMSSP command %u expected %u\n", ntlmssp_command, ntlmssp_state->expected_state)); return NT_STATUS_INVALID_PARAMETER; } } diff --git a/source3/libsmb/ntlmssp_sign.c b/source3/libsmb/ntlmssp_sign.c index 5426263fb9..8f6bd0c691 100644 --- a/source3/libsmb/ntlmssp_sign.c +++ b/source3/libsmb/ntlmssp_sign.c @@ -92,14 +92,8 @@ static void calc_ntlmv2_hash(unsigned char hash[16], char digest[16], calc_hash(hash, digest, 16); } -enum ntlmssp_direction { - NTLMSSP_SEND, - NTLMSSP_RECEIVE -}; - static NTSTATUS ntlmssp_make_packet_signiture(NTLMSSP_CLIENT_STATE *ntlmssp_state, const uchar *data, size_t length, - enum ntlmssp_direction direction, DATA_BLOB *sig) { if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) { @@ -116,14 +110,8 @@ static NTSTATUS ntlmssp_make_packet_signiture(NTLMSSP_CLIENT_STATE *ntlmssp_stat if (!msrpc_gen(sig, "Bd", digest, sizeof(digest), ntlmssp_state->ntlmssp_seq_num)) { return NT_STATUS_NO_MEMORY; } - switch (direction) { - case NTLMSSP_SEND: - NTLMSSPcalc_ap(ntlmssp_state->cli_sign_hash, sig->data, sig->length); - break; - case NTLMSSP_RECEIVE: - NTLMSSPcalc_ap(ntlmssp_state->cli_sign_hash, sig->data, sig->length); - break; - } + + NTLMSSPcalc_ap(ntlmssp_state->cli_seal_hash, sig->data, sig->length); } else { uint32 crc; crc = crc32_calc_buffer(data, length); @@ -141,7 +129,7 @@ NTSTATUS ntlmssp_client_sign_packet(NTLMSSP_CLIENT_STATE *ntlmssp_state, DATA_BLOB *sig) { ntlmssp_state->ntlmssp_seq_num++; - return ntlmssp_make_packet_signiture(ntlmssp_state, data, length, NTLMSSP_SEND, sig); + return ntlmssp_make_packet_signiture(ntlmssp_state, data, length, sig); } /** @@ -163,7 +151,7 @@ NTSTATUS ntlmssp_client_check_packet(NTLMSSP_CLIENT_STATE *ntlmssp_state, } nt_status = ntlmssp_make_packet_signiture(ntlmssp_state, data, - length, NTLMSSP_RECEIVE, &local_sig); + length, &local_sig); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("NTLMSSP packet check failed with %s\n", nt_errstr(nt_status))); @@ -173,12 +161,6 @@ NTSTATUS ntlmssp_client_check_packet(NTLMSSP_CLIENT_STATE *ntlmssp_state, if (memcmp(sig->data, local_sig.data, MIN(sig->length, local_sig.length)) == 0) { return NT_STATUS_OK; } else { - DEBUG(5, ("BAD SIG: wanted signature of\n")); - dump_data(5, local_sig.data, local_sig.length); - - DEBUG(5, ("BAD SIG: got signature of\n")); - dump_data(5, sig->data, sig->length); - DEBUG(0, ("NTLMSSP packet check failed due to invalid signiture!\n")); return NT_STATUS_ACCESS_DENIED; } diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c index 4e9b895a1b..9bbf7ef91c 100644 --- a/source3/libsmb/smb_signing.c +++ b/source3/libsmb/smb_signing.c @@ -160,6 +160,11 @@ static BOOL cli_simple_check_incoming_message(struct cli_state *cli) SIVAL(sequence_buf, 0, data->reply_seq_num); SIVAL(sequence_buf, 4, 0); + if (smb_len(cli->inbuf) < (offset_end_of_sig - 4)) { + DEBUG(1, ("Can't check signature on short packet! smb_len = %u\n", smb_len(cli->inbuf))); + return False; + } + /* get a copy of the server-sent mac */ memcpy(server_sent_mac, &cli->inbuf[smb_ss_field], sizeof(server_sent_mac)); @@ -270,7 +275,7 @@ static BOOL cli_ntlmssp_check_incoming_message(struct cli_state *cli) { BOOL good; NTSTATUS nt_status; - DATA_BLOB sig = data_blob(&cli->inbuf[smb_ss_field], 8); + DATA_BLOB sig = data_blob(&cli->outbuf[smb_ss_field], 8); NTLMSSP_CLIENT_STATE *ntlmssp_state = cli->sign_info.signing_context; @@ -455,14 +460,8 @@ void cli_caclulate_sign_mac(struct cli_state *cli) BOOL cli_check_sign_mac(struct cli_state *cli) { BOOL good; - - if (smb_len(cli->inbuf) < (smb_ss_field + 8 - 4)) { - DEBUG(cli->sign_info.doing_signing ? 1 : 10, ("Can't check signature on short packet! smb_len = %u\n", smb_len(cli->inbuf))); - good = False; - } else { - good = cli->sign_info.check_incoming_message(cli); - } - + good = cli->sign_info.check_incoming_message(cli); + if (!good) { if (cli->sign_info.doing_signing) { return False; diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trust_passwd.c index b8f84ba890..cf9fd58b13 100644 --- a/source3/libsmb/trusts_util.c +++ b/source3/libsmb/trust_passwd.c @@ -1,8 +1,7 @@ /* * Unix SMB/CIFS implementation. - * Routines to operate on various trust relationships - * Copyright (C) Andrew Bartlett 2001 - * Copyright (C) Rafal Szczesniak 2003 + * Routines to change trust account passwords. + * Copyright (C) Andrew Bartlett 2001. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -114,63 +113,4 @@ NTSTATUS trust_pw_find_change_and_store_it(struct cli_state *cli, TALLOC_CTX *me return trust_pw_change_and_store_it(cli, mem_ctx, old_trust_passwd_hash); -} - - -/** - * Verify whether or not given domain is trusted. - * - * @param domain_name name of the domain to be verified - * @return true if domain is one of the trusted once or - * false if otherwise - **/ - -BOOL is_trusted_domain(const char* dom_name) -{ - int enum_ctx = 0; - const int trustdom_size = 10; - int num_domains, i; - TRUSTDOM **domains; - NTSTATUS result; - fstring trustdom_name; - DOM_SID trustdom_sid; - TALLOC_CTX *mem_ctx; - - /* - * Query the secrets db as an ultimate source of information - * about trusted domain names. This is PDC or BDC case. - */ - mem_ctx = talloc_init("is_trusted_domain"); - - do { - result = secrets_get_trusted_domains(mem_ctx, &enum_ctx, trustdom_size, - &num_domains, &domains); - /* compare each returned entry against incoming connection's domain */ - for (i = 0; i < num_domains; i++) { - pull_ucs2_fstring(trustdom_name, domains[i]->name); - if (strequal(trustdom_name, dom_name)) { - talloc_destroy(mem_ctx); - return True; - } - } - } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); - - talloc_destroy(mem_ctx); - - /* - * Query the trustdom_cache updated periodically. The only - * way for domain member server. - */ - if (trustdom_cache_enable() && - trustdom_cache_fetch(dom_name, &trustdom_sid)) { - trustdom_cache_shutdown(); - return True; - } - - /* - * if nothing's been found, then give up here, although - * the last resort might be to query the PDC. - */ - return False; -} - +} diff --git a/source3/mainpage.dox b/source3/mainpage.dox new file mode 100644 index 0000000000..8b72f80462 --- /dev/null +++ b/source3/mainpage.dox @@ -0,0 +1,7 @@ +/** + +@mainpage + +@li \ref CodingSuggestions + +**/ diff --git a/source3/modules/developer.c b/source3/modules/developer.c deleted file mode 100644 index 7ffc3ff50d..0000000000 --- a/source3/modules/developer.c +++ /dev/null @@ -1,132 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Samba module with developer tools - Copyright (C) Andrew Tridgell 2001 - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -static struct { - char from; - char *to; - int len; -} weird_table[] = { - {'q', "^q^", 3}, - {'Q', "^Q^", 3}, - {0, NULL} -}; - -static size_t weird_pull(void *cd, char **inbuf, size_t *inbytesleft, - char **outbuf, size_t *outbytesleft) -{ - while (*inbytesleft >= 1 && *outbytesleft >= 2) { - int i; - int done = 0; - for (i=0;weird_table[i].from;i++) { - if (strncmp((*inbuf), - weird_table[i].to, - weird_table[i].len) == 0) { - if (*inbytesleft < weird_table[i].len) { - DEBUG(0,("ERROR: truncated weird string\n")); - /* smb_panic("weird_pull"); */ - - } else { - (*outbuf)[0] = weird_table[i].from; - (*outbuf)[1] = 0; - (*inbytesleft) -= weird_table[i].len; - (*outbytesleft) -= 2; - (*inbuf) += weird_table[i].len; - (*outbuf) += 2; - done = 1; - break; - } - } - } - if (done) continue; - (*outbuf)[0] = (*inbuf)[0]; - (*outbuf)[1] = 0; - (*inbytesleft) -= 1; - (*outbytesleft) -= 2; - (*inbuf) += 1; - (*outbuf) += 2; - } - - if (*inbytesleft > 0) { - errno = E2BIG; - return -1; - } - - return 0; -} - -static size_t weird_push(void *cd, char **inbuf, size_t *inbytesleft, - char **outbuf, size_t *outbytesleft) -{ - int ir_count=0; - - while (*inbytesleft >= 2 && *outbytesleft >= 1) { - int i; - int done=0; - for (i=0;weird_table[i].from;i++) { - if ((*inbuf)[0] == weird_table[i].from && - (*inbuf)[1] == 0) { - if (*outbytesleft < weird_table[i].len) { - DEBUG(0,("No room for weird character\n")); - /* smb_panic("weird_push"); */ - } else { - memcpy(*outbuf, weird_table[i].to, - weird_table[i].len); - (*inbytesleft) -= 2; - (*outbytesleft) -= weird_table[i].len; - (*inbuf) += 2; - (*outbuf) += weird_table[i].len; - done = 1; - break; - } - } - } - if (done) continue; - - (*outbuf)[0] = (*inbuf)[0]; - if ((*inbuf)[1]) ir_count++; - (*inbytesleft) -= 2; - (*outbytesleft) -= 1; - (*inbuf) += 2; - (*outbuf) += 1; - } - - if (*inbytesleft == 1) { - errno = EINVAL; - return -1; - } - - if (*inbytesleft > 1) { - errno = E2BIG; - return -1; - } - - return ir_count; -} - -struct charset_functions weird_functions = {"WEIRD", weird_pull, weird_push}; - -int charset_weird_init(void) -{ - smb_register_charset(&weird_functions); - return True; -} diff --git a/source3/modules/vfs_audit.c b/source3/modules/vfs_audit.c index fa9bf67a67..1944c98e53 100644 --- a/source3/modules/vfs_audit.c +++ b/source3/modules/vfs_audit.c @@ -98,9 +98,10 @@ static vfs_op_tuple audit_ops[] = { /* VFS initialisation function. Return vfs_op_tuple array back to SAMBA. */ -static vfs_op_tuple *audit_init(const struct vfs_ops *def_vfs_ops, +vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops, struct smb_vfs_handle_struct *vfs_handle) { + *vfs_version = SMB_VFS_INTERFACE_VERSION; memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops)); audit_handle = vfs_handle; @@ -110,6 +111,12 @@ static vfs_op_tuple *audit_init(const struct vfs_ops *def_vfs_ops, return audit_ops; } +/* VFS finalization function. */ +void vfs_done(connection_struct *conn) +{ + syslog(SYSLOG_PRIORITY, "VFS_DONE: vfs module unloaded\n"); +} + /* Implementation of vfs_ops. Pass everything on to the default operation but log event first. */ @@ -269,8 +276,3 @@ static int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode) return result; } - -int vfs_audit_init(void) -{ - return smb_register_vfs("audit", audit_init, SMB_VFS_INTERFACE_VERSION); -} diff --git a/source3/modules/vfs_extd_audit.c b/source3/modules/vfs_extd_audit.c index f60acab36a..c75dc1d09c 100644 --- a/source3/modules/vfs_extd_audit.c +++ b/source3/modules/vfs_extd_audit.c @@ -99,9 +99,10 @@ static vfs_op_tuple audit_ops[] = { /* VFS initialisation function. Return vfs_op_tuple array back to SAMBA. */ -static vfs_op_tuple *audit_init(const struct vfs_ops *def_vfs_ops, +vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops, struct smb_vfs_handle_struct *vfs_handle) { + *vfs_version = SMB_VFS_INTERFACE_VERSION; memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops)); audit_handle = vfs_handle; @@ -112,6 +113,13 @@ static vfs_op_tuple *audit_init(const struct vfs_ops *def_vfs_ops, return audit_ops; } +/* VFS finalization function. */ + +void vfs_done(connection_struct *conn) +{ + syslog(SYSLOG_PRIORITY, "VFS_DONE: vfs module unloaded\n"); +} + /* Implementation of vfs_ops. Pass everything on to the default operation but log event first. */ @@ -309,8 +317,3 @@ static int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode) return result; } - -int vfs_extd_audit_init(void) -{ - return smb_register_vfs("extd_audit", audit_init, SMB_VFS_INTERFACE_VERSION); -} diff --git a/source3/modules/vfs_netatalk.c b/source3/modules/vfs_netatalk.c index c9e3cde621..b69a900e14 100644 --- a/source3/modules/vfs_netatalk.c +++ b/source3/modules/vfs_netatalk.c @@ -410,9 +410,10 @@ static vfs_op_tuple atalk_ops[] = { }; /* VFS initialisation function. Return vfs_op_tuple array back to SAMBA. */ -static vfs_op_tuple *netatalk_init(const struct vfs_ops *def_vfs_ops, +vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops, struct smb_vfs_handle_struct *vfs_handle) { + *vfs_version = SMB_VFS_INTERFACE_VERSION; memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops)); atalk_handle = vfs_handle; @@ -421,7 +422,8 @@ static vfs_op_tuple *netatalk_init(const struct vfs_ops *def_vfs_ops, return atalk_ops; } -int vfs_netatalk_init(void) +/* VFS finalization function. */ +void vfs_done(connection_struct *conn) { - return smb_register_vfs("netatalk", netatalk_init, SMB_VFS_INTERFACE_VERSION); + DEBUG(3, ("ATALK: vfs module unloaded\n")); } diff --git a/source3/modules/vfs_recycle.c b/source3/modules/vfs_recycle.c index 3a23e1a365..fd4675cb96 100644 --- a/source3/modules/vfs_recycle.c +++ b/source3/modules/vfs_recycle.c @@ -37,7 +37,7 @@ static const char *delimiter = "|"; /* delimiter for options */ typedef struct recycle_bin_struct { - TALLOC_CTX *mem_ctx; + TALLOC_CTX *ctx; char *repository; /* name of the recycle bin directory */ BOOL keep_dir_tree; /* keep directory structure of deleted file in recycle bin */ BOOL versions; /* create versions of deleted files with identical name */ @@ -48,19 +48,6 @@ typedef struct recycle_bin_struct SMB_OFF_T maxsize; /* maximum file size to be saved */ } recycle_bin_struct; -typedef struct recycle_bin_connections { - int conn; - recycle_bin_struct *data; - struct recycle_bin_connections *next; -} recycle_bin_connections; - -typedef struct recycle_bin_private_data { - TALLOC_CTX *mem_ctx; - recycle_bin_connections *conns; -} recycle_bin_private_data; - -struct smb_vfs_handle_struct *recycle_bin_private_handle; - /* VFS operations */ static struct vfs_ops default_vfs_ops; /* For passthrough operation */ @@ -82,17 +69,26 @@ static vfs_op_tuple recycle_ops[] = { {NULL, SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP} }; +static BOOL check_bool_param(const char *value) +{ + if (strwicmp(value, "yes") == 0 || + strwicmp(value, "true") == 0 || + strwicmp(value, "1") == 0) + return True; + + return False; +} + /** * VFS initialisation function. * * @retval initialised vfs_op_tuple array **/ -static vfs_op_tuple *recycle_init(const struct vfs_ops *def_vfs_ops, +vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops, struct smb_vfs_handle_struct *vfs_handle) { - TALLOC_CTX *mem_ctx = NULL; - DEBUG(10, ("Initializing VFS module recycle\n")); + *vfs_version = SMB_VFS_INTERFACE_VERSION; memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops)); vfs_recycle_debug_level = debug_add_class("vfs_recycle_bin"); if (vfs_recycle_debug_level == -1) { @@ -102,55 +98,41 @@ static vfs_op_tuple *recycle_init(const struct vfs_ops *def_vfs_ops, DEBUG(0, ("vfs_recycle: Debug class number of 'vfs_recycle': %d\n", vfs_recycle_debug_level)); } - recycle_bin_private_handle = vfs_handle; - if (!(mem_ctx = talloc_init("recycle bin data"))) { - DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n")); - return NULL; - } - - recycle_bin_private_handle->data = talloc(mem_ctx, sizeof(recycle_bin_private_data)); - if (recycle_bin_private_handle->data == NULL) { - DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n")); - return NULL; - } - ((recycle_bin_private_data *)(recycle_bin_private_handle->data))->mem_ctx = mem_ctx; - ((recycle_bin_private_data *)(recycle_bin_private_handle->data))->conns = NULL; - return recycle_ops; } +/** + * VFS finalization function. + * + **/ +void vfs_done(connection_struct *conn) +{ + DEBUG(10,("Called for connection %d\n", SNUM(conn))); +} + static int recycle_connect(struct connection_struct *conn, const char *service, const char *user) { TALLOC_CTX *ctx = NULL; recycle_bin_struct *recbin; - recycle_bin_connections *recconn; - recycle_bin_connections *recconnbase; - recycle_bin_private_data *recdata; + char *servicename; char *tmp_str; DEBUG(10, ("Called for service %s (%d) as user %s\n", service, SNUM(conn), user)); - if (recycle_bin_private_handle) - recdata = (recycle_bin_private_data *)(recycle_bin_private_handle->data); - else { - DEBUG(0, ("Recycle bin not initialized!\n")); - return -1; - } - - if (!(ctx = talloc_init("recycle bin connection"))) { + if (!(ctx = talloc_init("recycle bin"))) { DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n")); - return -1; + return 0; } - recbin = talloc(ctx, sizeof(recycle_bin_struct)); - if (recbin == NULL) { + recbin = talloc(ctx,sizeof(recycle_bin_struct)); + if ( recbin == NULL) { DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n")); return -1; } - recbin->mem_ctx = ctx; + recbin->ctx = ctx; /* Set defaults */ - recbin->repository = talloc_strdup(recbin->mem_ctx, ".recycle"); + recbin->repository = talloc_strdup(ctx, ".recycle"); ALLOC_CHECK(recbin->repository, error); recbin->keep_dir_tree = False; recbin->versions = False; @@ -161,61 +143,55 @@ static int recycle_connect(struct connection_struct *conn, const char *service, recbin->maxsize = 0; /* parse configuration options */ - if ((tmp_str = lp_parm_string(SNUM(conn), "vfs_recycle_bin", "repository")) != NULL) { - recbin->repository = talloc_sub_conn(recbin->mem_ctx, conn, tmp_str); + servicename = talloc_strdup(recbin->ctx, lp_servicename(SNUM(conn))); + DEBUG(10, ("servicename = %s\n",servicename)); + if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "repository")) != NULL) { + recbin->repository = talloc_sub_conn(ctx, conn, tmp_str); ALLOC_CHECK(recbin->repository, error); trim_string(recbin->repository, "/", "/"); DEBUG(5, ("recycle.bin: repository = %s\n", recbin->repository)); } - - recbin->keep_dir_tree = lp_parm_bool(SNUM(conn), "vfs_recycle_bin", "keeptree"); - DEBUG(5, ("recycle.bin: keeptree = %d\n", recbin->keep_dir_tree)); - - recbin->versions = lp_parm_bool(SNUM(conn), "vfs_recycle_bin", "versions"); - DEBUG(5, ("recycle.bin: versions = %d\n", recbin->versions)); - - recbin->touch = lp_parm_bool(SNUM(conn), "vfs_recycle_bin", "touch"); - DEBUG(5, ("recycle.bin: touch = %d\n", recbin->touch)); - - recbin->maxsize = lp_parm_ulong(SNUM(conn), "vfs_recycle_bin", "maxsize"); - if (recbin->maxsize == 0) { - recbin->maxsize = -1; - DEBUG(5, ("recycle.bin: maxsize = -infinite-\n")); - } else { - DEBUG(5, ("recycle.bin: maxsize = %ld\n", (long int)recbin->maxsize)); + if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "keeptree")) != NULL) { + if (check_bool_param(tmp_str) == True) + recbin->keep_dir_tree = True; + DEBUG(5, ("recycle.bin: keeptree = %s\n", tmp_str)); + } + if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "versions")) != NULL) { + if (check_bool_param(tmp_str) == True) + recbin->versions = True; + DEBUG(5, ("recycle.bin: versions = %s\n", tmp_str)); + } + if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "touch")) != NULL) { + if (check_bool_param(tmp_str) == True) + recbin->touch = True; + DEBUG(5, ("recycle.bin: touch = %s\n", tmp_str)); + } + if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "maxsize")) != NULL) { + recbin->maxsize = strtoul(tmp_str, NULL, 10); + if (recbin->maxsize == 0) { + recbin->maxsize = -1; + DEBUG(5, ("recycle.bin: maxsize = -infinite-\n")); + } else { + DEBUG(5, ("recycle.bin: maxsize = %ld\n", (long int)recbin->maxsize)); + } } - - if ((tmp_str = lp_parm_string(SNUM(conn), "vfs_recycle_bin", "exclude")) != NULL) { - recbin->exclude = talloc_strdup(recbin->mem_ctx, tmp_str); + if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "exclude")) != NULL) { + recbin->exclude = talloc_strdup(ctx, tmp_str); ALLOC_CHECK(recbin->exclude, error); DEBUG(5, ("recycle.bin: exclude = %s\n", recbin->exclude)); } - if ((tmp_str = lp_parm_string(SNUM(conn), "vfs_recycle_bin", "exclude_dir")) != NULL) { - recbin->exclude_dir = talloc_strdup(recbin->mem_ctx, tmp_str); + if ((tmp_str = lp_parm_string(servicename,"vfs_recycle_bin", "exclude_dir")) != NULL) { + recbin->exclude_dir = talloc_strdup(ctx, tmp_str); ALLOC_CHECK(recbin->exclude_dir, error); DEBUG(5, ("recycle.bin: exclude_dir = %s\n", recbin->exclude_dir)); } - if ((tmp_str = lp_parm_string(SNUM(conn), "vfs_recycle_bin", "noversions")) != NULL) { - recbin->noversions = talloc_strdup(recbin->mem_ctx, tmp_str); + if ((tmp_str = lp_parm_string(servicename,"vfs_recycle_bin", "noversions")) != NULL) { + recbin->noversions = talloc_strdup(ctx, tmp_str); ALLOC_CHECK(recbin->noversions, error); DEBUG(5, ("recycle.bin: noversions = %s\n", recbin->noversions)); } - recconn = talloc(recdata->mem_ctx, sizeof(recycle_bin_connections)); - if (recconn == NULL) { - DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n")); - goto error; - } - recconn->conn = SNUM(conn); - recconn->data = recbin; - recconn->next = NULL; - if (recdata->conns) { - recconnbase = recdata->conns; - while (recconnbase->next != NULL) recconnbase = recconnbase->next; - recconnbase->next = recconn; - } else { - recdata->conns = recconn; - } + conn->vfs_private = (void *)recbin; return default_vfs_ops.connect(conn, service, user); error: @@ -225,35 +201,10 @@ error: static void recycle_disconnect(struct connection_struct *conn) { - recycle_bin_private_data *recdata; - recycle_bin_connections *recconn; - DEBUG(10, ("Disconnecting VFS module recycle bin\n")); - - if (recycle_bin_private_handle) - recdata = (recycle_bin_private_data *)(recycle_bin_private_handle->data); - else { - DEBUG(0, ("Recycle bin not initialized!\n")); - return; - } - - if (recdata) { - if (recdata->conns) { - if (recdata->conns->conn == SNUM(conn)) { - talloc_destroy(recdata->conns->data->mem_ctx); - recdata->conns = recdata->conns->next; - } else { - recconn = recdata->conns; - while (recconn->next) { - if (recconn->next->conn == SNUM(conn)) { - talloc_destroy(recconn->next->data->mem_ctx); - recconn->next = recconn->next->next; - break; - } - recconn = recconn->next; - } - } - } + if (conn->vfs_private) { + talloc_destroy(((recycle_bin_struct *)conn->vfs_private)->ctx); + conn->vfs_private = NULL; } default_vfs_ops.disconnect(conn); } @@ -438,35 +389,26 @@ static void recycle_touch(connection_struct *conn, const char *fname) /** * Check if file should be recycled **/ -static int recycle_unlink(connection_struct *conn, const char *file_name) +static int recycle_unlink(connection_struct *conn, const char *inname) { - recycle_bin_private_data *recdata; - recycle_bin_connections *recconn; recycle_bin_struct *recbin; + char *file_name = NULL; char *path_name = NULL; char *temp_name = NULL; char *final_name = NULL; - const char *base; + char *base; int i; -/* SMB_BIG_UINT dfree, dsize, bsize; */ - SMB_OFF_T file_size; /* space_avail; */ + SMB_BIG_UINT dfree, dsize, bsize; + SMB_OFF_T file_size, space_avail; BOOL exist; int rc = -1; - recbin = NULL; - if (recycle_bin_private_handle) { - recdata = (recycle_bin_private_data *)(recycle_bin_private_handle->data); - if (recdata) { - if (recdata->conns) { - recconn = recdata->conns; - while (recconn && recconn->conn != SNUM(conn)) recconn = recconn->next; - if (recconn != NULL) { - recbin = recconn->data; - } - } - } - } - if (recbin == NULL) { + file_name = strdup(inname); + ALLOC_CHECK(file_name, done); + + if (conn->vfs_private) + recbin = (recycle_bin_struct *)conn->vfs_private; + else { DEBUG(0, ("Recycle bin not initialized!\n")); rc = default_vfs_ops.unlink(conn, file_name); goto done; @@ -572,9 +514,10 @@ static int recycle_unlink(connection_struct *conn, const char *file_name) } } - asprintf(&final_name, "%s/%s", temp_name, base); + final_name = (char *)malloc(PATH_MAX); ALLOC_CHECK(final_name, done); - DEBUG(10, ("recycle.bin: recycled file name: %s\n", temp_name)); /* new filename with path */ + snprintf(final_name, PATH_MAX, "%s/%s", temp_name, base); + DEBUG(10, ("recycle.bin: recycled file name%s\n", temp_name)); /* new filename with path */ /* check if we should delete file from recycle bin */ if (recycle_file_exist(conn, final_name)) { @@ -605,13 +548,9 @@ static int recycle_unlink(connection_struct *conn, const char *file_name) recycle_touch(conn, final_name); done: + SAFE_FREE(file_name); SAFE_FREE(path_name); SAFE_FREE(temp_name); SAFE_FREE(final_name); return rc; } - -int vfs_recycle_init(void) -{ - return smb_register_vfs("recycle", recycle_init, SMB_VFS_INTERFACE_VERSION); -} diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c index eb8a36af55..7ce311b91b 100644 --- a/source3/nsswitch/winbindd.c +++ b/source3/nsswitch/winbindd.c @@ -895,13 +895,12 @@ int main(int argc, char **argv) exit(1); } poptFreeContext(pc); + register_msg_pool_usage(); /* Loop waiting for requests */ process_loop(); - trustdom_cache_shutdown(); uni_group_cache_shutdown(); - return 0; } diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h index 2d9a0b5949..ad0d6fbc3b 100644 --- a/source3/nsswitch/winbindd.h +++ b/source3/nsswitch/winbindd.h @@ -4,7 +4,6 @@ Winbind daemon for ntdom nss module Copyright (C) Tim Potter 2000 - Copyright (C) Anthony Liguori 2003 This library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public @@ -66,8 +65,7 @@ struct getent_state { struct getpwent_user { fstring name; /* Account name */ fstring gecos; /* User information */ - DOM_SID user_sid; /* NT user and primary group SIDs */ - DOM_SID group_sid; + uint32 user_rid, group_rid; /* NT user and group rids */ }; /* Server state structure */ @@ -85,8 +83,8 @@ extern struct winbindd_state server_state; /* Server information */ typedef struct { char *acct_name; char *full_name; - DOM_SID *user_sid; /* NT user and primary group SIDs */ - DOM_SID *group_sid; + uint32 user_rid; + uint32 group_rid; /* primary group */ } WINBIND_USERINFO; /* Structures to hold per domain information */ @@ -142,7 +140,6 @@ struct winbindd_methods { /* convert one user or group name to a sid */ NTSTATUS (*name_to_sid)(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, const char *name, DOM_SID *sid, enum SID_NAME_USE *type); @@ -154,10 +151,10 @@ struct winbindd_methods { char **name, enum SID_NAME_USE *type); - /* lookup user info for a given SID */ + /* lookup user info for a given rid */ NTSTATUS (*query_user)(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *user_sid, + uint32 user_rid, WINBIND_USERINFO *user_info); /* lookup all groups that a user is a member of. The backend @@ -165,15 +162,14 @@ struct winbindd_methods { function */ NTSTATUS (*lookup_usergroups)(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *user_sid, - uint32 *num_groups, DOM_SID ***user_gids); + uint32 user_rid, + uint32 *num_groups, uint32 **user_gids); /* find all members of the group with the specified group_rid */ NTSTATUS (*lookup_groupmem)(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *group_sid, - uint32 *num_names, - DOM_SID ***sid_mem, char ***names, + uint32 group_rid, uint32 *num_names, + uint32 **rid_mem, char ***names, uint32 **name_types); /* return the current global sequence number */ @@ -202,23 +198,6 @@ typedef struct { POLICY_HND pol; } CLI_POLICY_HND; -/* Filled out by IDMAP backends */ -struct winbindd_idmap_methods { - /* Called when backend is first loaded */ - BOOL (*init)(void); - - BOOL (*get_sid_from_uid)(uid_t uid, DOM_SID *sid); - BOOL (*get_sid_from_gid)(gid_t gid, DOM_SID *sid); - - BOOL (*get_uid_from_sid)(DOM_SID *sid, uid_t *uid); - BOOL (*get_gid_from_sid)(DOM_SID *sid, gid_t *gid); - - /* Called when backend is unloaded */ - BOOL (*close)(void); - /* Called to dump backend status */ - void (*status)(void); -}; - #include "winbindd_proto.h" #include "rpc_parse.h" diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c index de3757aa44..f6fc3a8d6c 100644 --- a/source3/nsswitch/winbindd_ads.c +++ b/source3/nsswitch/winbindd_ads.c @@ -4,7 +4,6 @@ Winbind ADS backend functions Copyright (C) Andrew Tridgell 2001 - Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -89,6 +88,13 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain) return ads; } +/* useful utility */ +static void sid_from_rid(struct winbindd_domain *domain, uint32 rid, DOM_SID *sid) +{ + sid_copy(sid, &domain->sid); + sid_append_rid(sid, rid); +} + /* Query display info for a realm. This is the basic user list fn */ static NTSTATUS query_user_list(struct winbindd_domain *domain, @@ -137,9 +143,7 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, for (msg = ads_first_entry(ads, res); msg; msg = ads_next_entry(ads, msg)) { char *name, *gecos; DOM_SID sid; - DOM_SID *sid2; - DOM_SID *group_sid; - uint32 group; + uint32 rid, group; uint32 atype; if (!ads_pull_uint32(ads, msg, "sAMAccountType", &atype) || @@ -159,20 +163,15 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, continue; } - sid2 = talloc(mem_ctx, sizeof(*sid2)); - if (!sid2) { - status = NT_STATUS_NO_MEMORY; - goto done; + if (!sid_peek_check_rid(&domain->sid, &sid, &rid)) { + DEBUG(1,("No rid for %s !?\n", name)); + continue; } - sid_copy(sid2, &sid); - - group_sid = rid_to_talloced_sid(domain, mem_ctx, group); - (*info)[i].acct_name = name; (*info)[i].full_name = gecos; - (*info)[i].user_sid = sid2; - (*info)[i].group_sid = group_sid; + (*info)[i].user_rid = rid; + (*info)[i].group_rid = group; i++; } @@ -297,7 +296,6 @@ static NTSTATUS enum_local_groups(struct winbindd_domain *domain, /* convert a single name to a sid in a domain */ static NTSTATUS name_to_sid(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, const char *name, DOM_SID *sid, enum SID_NAME_USE *type) @@ -330,13 +328,13 @@ static NTSTATUS sid_to_name(struct winbindd_domain *domain, } -/* convert a DN to a name, SID and name type +/* convert a DN to a name, rid and name type this might become a major speed bottleneck if groups have lots of users, in which case we could cache the results */ static BOOL dn_lookup(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, const char *dn, - char **name, uint32 *name_type, DOM_SID *sid) + char **name, uint32 *name_type, uint32 *rid) { char *exp; void *res = NULL; @@ -344,6 +342,7 @@ static BOOL dn_lookup(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, "objectSid", "sAMAccountType", NULL}; ADS_STATUS rc; uint32 atype; + DOM_SID sid; char *escaped_dn = escape_ldap_string_alloc(dn); if (!escaped_dn) { @@ -366,7 +365,8 @@ static BOOL dn_lookup(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, } (*name_type) = ads_atype_map(atype); - if (!ads_pull_sid(ads, res, "objectSid", sid)) { + if (!ads_pull_sid(ads, res, "objectSid", &sid) || + !sid_peek_rid(&sid, rid)) { goto failed; } @@ -381,158 +381,76 @@ failed: /* Lookup user information from a rid */ static NTSTATUS query_user(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *sid, + uint32 user_rid, WINBIND_USERINFO *info) { ADS_STRUCT *ads = NULL; const char *attrs[] = {"userPrincipalName", "sAMAccountName", - "name", + "name", "objectSid", "primaryGroupID", NULL}; ADS_STATUS rc; int count; void *msg = NULL; char *exp; + DOM_SID sid; char *sidstr; - uint32 group_rid; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - DOM_SID *sid2; - fstring sid_string; DEBUG(3,("ads: query_user\n")); + sid_from_rid(domain, user_rid, &sid); + ads = ads_cached_connection(domain); if (!ads) goto done; - sidstr = sid_binstring(sid); + sidstr = sid_binstring(&sid); asprintf(&exp, "(objectSid=%s)", sidstr); rc = ads_search_retry(ads, &msg, exp, attrs); free(exp); free(sidstr); if (!ADS_ERR_OK(rc)) { - DEBUG(1,("query_user(sid=%s) ads_search: %s\n", sid_to_string(sid_string, sid), ads_errstr(rc))); + DEBUG(1,("query_user(rid=%d) ads_search: %s\n", user_rid, ads_errstr(rc))); goto done; } count = ads_count_replies(ads, msg); if (count != 1) { - DEBUG(1,("query_user(sid=%s): Not found\n", sid_to_string(sid_string, sid))); + DEBUG(1,("query_user(rid=%d): Not found\n", user_rid)); goto done; } info->acct_name = ads_pull_username(ads, mem_ctx, msg); info->full_name = ads_pull_string(ads, mem_ctx, msg, "name"); - - if (!ads_pull_uint32(ads, msg, "primaryGroupID", &group_rid)) { - DEBUG(1,("No primary group for %s !?\n", sid_to_string(sid_string, sid))); + if (!ads_pull_sid(ads, msg, "objectSid", &sid)) { + DEBUG(1,("No sid for %d !?\n", user_rid)); goto done; } - - sid2 = talloc(mem_ctx, sizeof(*sid2)); - if (!sid2) { - status = NT_STATUS_NO_MEMORY; + if (!ads_pull_uint32(ads, msg, "primaryGroupID", &info->group_rid)) { + DEBUG(1,("No primary group for %d !?\n", user_rid)); goto done; } - sid_copy(sid2, sid); - - info->user_sid = sid2; - - info->group_sid = rid_to_talloced_sid(domain, mem_ctx, group_rid); - - status = NT_STATUS_OK; - - DEBUG(3,("ads query_user gave %s\n", info->acct_name)); -done: - if (msg) ads_msgfree(ads, msg); - - return status; -} - -/* Lookup groups a user is a member of - alternate method, for when - tokenGroups are not available. */ -static NTSTATUS lookup_usergroups_alt(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - const char *user_dn, - DOM_SID *primary_group, - uint32 *num_groups, DOM_SID ***user_gids) -{ - ADS_STATUS rc; - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - int count; - void *res = NULL; - void *msg = NULL; - char *exp; - ADS_STRUCT *ads; - const char *group_attrs[] = {"objectSid", NULL}; - - ads = ads_cached_connection(domain); - if (!ads) goto done; - - /* buggy server, no tokenGroups. Instead lookup what groups this user - is a member of by DN search on member*/ - if (asprintf(&exp, "(&(member=%s)(objectClass=group))", user_dn) == -1) { - DEBUG(1,("lookup_usergroups(dn=%s) asprintf failed!\n", user_dn)); - return NT_STATUS_NO_MEMORY; - } - rc = ads_search_retry(ads, &res, exp, group_attrs); - free(exp); - - if (!ADS_ERR_OK(rc)) { - DEBUG(1,("lookup_usergroups ads_search member=%s: %s\n", user_dn, ads_errstr(rc))); - return ads_ntstatus(rc); - } - - count = ads_count_replies(ads, res); - if (count == 0) { - DEBUG(5,("lookup_usergroups: No supp groups found\n")); - - status = ads_ntstatus(rc); + if (!sid_peek_check_rid(&domain->sid,&sid, &info->user_rid)) { + DEBUG(1,("No rid for %d !?\n", user_rid)); goto done; } - - (*user_gids) = talloc_zero(mem_ctx, sizeof(**user_gids) * (count + 1)); - (*user_gids)[0] = primary_group; - - *num_groups = 1; - - for (msg = ads_first_entry(ads, res); msg; msg = ads_next_entry(ads, msg)) { - DOM_SID group_sid; - - if (!ads_pull_sid(ads, msg, "objectSid", &group_sid)) { - DEBUG(1,("No sid for this group ?!?\n")); - continue; - } - - if (sid_equal(&group_sid, primary_group)) continue; - - (*user_gids)[*num_groups] = talloc(mem_ctx, sizeof(***user_gids)); - if (!(*user_gids)[*num_groups]) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - sid_copy((*user_gids)[*num_groups], &group_sid); - - (*num_groups)++; - - } status = NT_STATUS_OK; - DEBUG(3,("ads lookup_usergroups (alt) for dn=%s\n", user_dn)); + DEBUG(3,("ads query_user gave %s\n", info->acct_name)); done: - if (res) ads_msgfree(ads, res); if (msg) ads_msgfree(ads, msg); return status; } + /* Lookup groups a user is a member of. */ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *sid, - uint32 *num_groups, DOM_SID ***user_gids) + uint32 user_rid, + uint32 *num_groups, uint32 **user_gids) { ADS_STRUCT *ads = NULL; const char *attrs[] = {"distinguishedName", NULL}; @@ -544,94 +462,63 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, char *user_dn; DOM_SID *sids; int i; - DOM_SID *primary_group; - uint32 primary_group_rid; + uint32 primary_group; + DOM_SID sid; char *sidstr; - fstring sid_string; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - DEBUG(3,("ads: lookup_usergroups\n")); *num_groups = 0; + DEBUG(3,("ads: lookup_usergroups\n")); + + (*num_groups) = 0; + + sid_from_rid(domain, user_rid, &sid); + ads = ads_cached_connection(domain); if (!ads) goto done; - if (!(sidstr = sid_binstring(sid))) { - DEBUG(1,("lookup_usergroups(sid=%s) sid_binstring returned NULL\n", sid_to_string(sid_string, sid))); - status = NT_STATUS_NO_MEMORY; - goto done; - } - if (asprintf(&exp, "(objectSid=%s)", sidstr) == -1) { - free(sidstr); - DEBUG(1,("lookup_usergroups(sid=%s) asprintf failed!\n", sid_to_string(sid_string, sid))); - status = NT_STATUS_NO_MEMORY; - goto done; - } - + sidstr = sid_binstring(&sid); + asprintf(&exp, "(objectSid=%s)", sidstr); rc = ads_search_retry(ads, &msg, exp, attrs); free(exp); free(sidstr); - if (!ADS_ERR_OK(rc)) { - DEBUG(1,("lookup_usergroups(sid=%s) ads_search: %s\n", sid_to_string(sid_string, sid), ads_errstr(rc))); + DEBUG(1,("lookup_usergroups(rid=%d) ads_search: %s\n", user_rid, ads_errstr(rc))); goto done; } user_dn = ads_pull_string(ads, mem_ctx, msg, "distinguishedName"); - if (!user_dn) { - DEBUG(1,("lookup_usergroups(sid=%s) ads_search did not return a a distinguishedName!\n", sid_to_string(sid_string, sid))); - if (msg) ads_msgfree(ads, msg); - goto done; - } if (msg) ads_msgfree(ads, msg); rc = ads_search_retry_dn(ads, &msg, user_dn, attrs2); if (!ADS_ERR_OK(rc)) { - DEBUG(1,("lookup_usergroups(sid=%s) ads_search tokenGroups: %s\n", sid_to_string(sid_string, sid), ads_errstr(rc))); + DEBUG(1,("lookup_usergroups(rid=%d) ads_search tokenGroups: %s\n", user_rid, ads_errstr(rc))); goto done; } - if (!ads_pull_uint32(ads, msg, "primaryGroupID", &primary_group_rid)) { - DEBUG(1,("%s: No primary group for sid=%s !?\n", domain->name, sid_to_string(sid_string, sid))); + if (!ads_pull_uint32(ads, msg, "primaryGroupID", &primary_group)) { + DEBUG(1,("%s: No primary group for rid=%d !?\n", domain->name, user_rid)); goto done; } - primary_group = rid_to_talloced_sid(domain, mem_ctx, primary_group_rid); - - count = ads_pull_sids(ads, mem_ctx, msg, "tokenGroups", &sids); - - if (msg) ads_msgfree(ads, msg); + count = ads_pull_sids(ads, mem_ctx, msg, "tokenGroups", &sids) + 1; + (*user_gids) = (uint32 *)talloc_zero(mem_ctx, sizeof(uint32) * count); + (*user_gids)[(*num_groups)++] = primary_group; - /* there must always be at least one group in the token, - unless we are talking to a buggy Win2k server */ - if (count == 0) { - return lookup_usergroups_alt(domain, mem_ctx, user_dn, - primary_group, - num_groups, user_gids); - } - - (*user_gids) = talloc_zero(mem_ctx, sizeof(**user_gids) * (count + 1)); - (*user_gids)[0] = primary_group; - - *num_groups = 1; - - for (i=0;i<count;i++) { - if (sid_equal(&sids[i], primary_group)) continue; - - (*user_gids)[*num_groups] = talloc(mem_ctx, sizeof(***user_gids)); - if (!(*user_gids)[*num_groups]) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - sid_copy((*user_gids)[*num_groups], &sids[i]); + for (i=1;i<count;i++) { + uint32 rid; + if (!sid_peek_check_rid(&domain->sid, &sids[i-1], &rid)) continue; + (*user_gids)[*num_groups] = rid; (*num_groups)++; } status = NT_STATUS_OK; - DEBUG(3,("ads lookup_usergroups for sid=%s\n", sid_to_string(sid_string, sid))); + DEBUG(3,("ads lookup_usergroups for rid=%d\n", user_rid)); done: + if (msg) ads_msgfree(ads, msg); + return status; } @@ -640,10 +527,11 @@ done: */ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *group_sid, uint32 *num_names, - DOM_SID ***sid_mem, char ***names, + uint32 group_rid, uint32 *num_names, + uint32 **rid_mem, char ***names, uint32 **name_types) { + DOM_SID group_sid; ADS_STATUS rc; int count; void *res=NULL; @@ -654,14 +542,14 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, const char *attrs[] = {"member", NULL}; char **members; int i, num_members; - fstring sid_string; *num_names = 0; ads = ads_cached_connection(domain); if (!ads) goto done; - sidstr = sid_binstring(group_sid); + sid_from_rid(domain, group_rid, &group_sid); + sidstr = sid_binstring(&group_sid); /* search for all members of the group */ asprintf(&exp, "(objectSid=%s)",sidstr); @@ -693,30 +581,24 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, for (i=0;members[i];i++) /* noop */ ; num_members = i; - (*sid_mem) = talloc_zero(mem_ctx, sizeof(**sid_mem) * num_members); - (*name_types) = talloc_zero(mem_ctx, sizeof(**name_types) * num_members); - (*names) = talloc_zero(mem_ctx, sizeof(**names) * num_members); + (*rid_mem) = talloc_zero(mem_ctx, sizeof(uint32) * num_members); + (*name_types) = talloc_zero(mem_ctx, sizeof(uint32) * num_members); + (*names) = talloc_zero(mem_ctx, sizeof(char *) * num_members); for (i=0;i<num_members;i++) { - uint32 name_type; + uint32 name_type, rid; char *name; - DOM_SID sid; - if (dn_lookup(ads, mem_ctx, members[i], &name, &name_type, &sid)) { + if (dn_lookup(ads, mem_ctx, members[i], &name, &name_type, &rid)) { (*names)[*num_names] = name; (*name_types)[*num_names] = name_type; - (*sid_mem)[*num_names] = talloc(mem_ctx, sizeof(***sid_mem)); - if (!(*sid_mem)[*num_names]) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - sid_copy((*sid_mem)[*num_names], &sid); + (*rid_mem)[*num_names] = rid; (*num_names)++; } } status = NT_STATUS_OK; - DEBUG(3,("ads lookup_groupmem for sid=%s\n", sid_to_string(sid_string, group_sid))); + DEBUG(3,("ads lookup_groupmem for rid=%d\n", group_rid)); done: if (res) ads_msgfree(ads, res); diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c index 5eabcfca20..6ba1d48f5a 100644 --- a/source3/nsswitch/winbindd_cache.c +++ b/source3/nsswitch/winbindd_cache.c @@ -192,23 +192,6 @@ static char *centry_string(struct cache_entry *centry, TALLOC_CTX *mem_ctx) return ret; } -/* pull a string from a cache entry, using the supplied - talloc context -*/ -static DOM_SID *centry_sid(struct cache_entry *centry, TALLOC_CTX *mem_ctx) -{ - DOM_SID *sid; - char *sid_string; - sid = talloc(mem_ctx, sizeof(*sid)); - if (!sid) return NULL; - - sid_string = centry_string(centry, mem_ctx); - if (!string_to_sid(sid, sid_string)) { - return NULL; - } - return sid; -} - /* the server is considered down if it can't give us a sequence number */ static BOOL wcache_server_down(struct winbindd_domain *domain) { @@ -277,9 +260,6 @@ static BOOL centry_expired(struct winbindd_domain *domain, struct cache_entry *c */ static struct cache_entry *wcache_fetch(struct winbind_cache *cache, struct winbindd_domain *domain, - const char *format, ...) PRINTF_ATTRIBUTE(3,4); -static struct cache_entry *wcache_fetch(struct winbind_cache *cache, - struct winbindd_domain *domain, const char *format, ...) { va_list ap; @@ -390,12 +370,6 @@ static void centry_put_string(struct cache_entry *centry, const char *s) centry->ofs += len; } -static void centry_put_sid(struct cache_entry *centry, const DOM_SID *sid) -{ - fstring sid_string; - centry_put_string(centry, sid_to_string(sid_string, sid)); -} - /* start a centry for output. When finished, call centry_end() */ @@ -419,7 +393,6 @@ struct cache_entry *centry_start(struct winbindd_domain *domain, NTSTATUS status /* finish a centry and write it to the tdb */ -static void centry_end(struct cache_entry *centry, const char *format, ...) PRINTF_ATTRIBUTE(2,3); static void centry_end(struct cache_entry *centry, const char *format, ...) { va_list ap; @@ -439,29 +412,39 @@ static void centry_end(struct cache_entry *centry, const char *format, ...) free(kstr); } -static void wcache_save_name_to_sid(struct winbindd_domain *domain, - NTSTATUS status, - const char *name, DOM_SID *sid, - enum SID_NAME_USE type) +/* form a sid from the domain plus rid */ +static DOM_SID *form_sid(struct winbindd_domain *domain, uint32 rid) +{ + static DOM_SID sid; + sid_copy(&sid, &domain->sid); + sid_append_rid(&sid, rid); + return &sid; +} + +static void wcache_save_name_to_sid(struct winbindd_domain *domain, NTSTATUS status, + const char *name, DOM_SID *sid, enum SID_NAME_USE type) { struct cache_entry *centry; + uint32 len; fstring uname; - fstring sid_string; centry = centry_start(domain, status); if (!centry) return; - centry_put_sid(centry, sid); + len = sid_size(sid); + centry_expand(centry, len); + centry_put_uint32(centry, type); + sid_linearize(centry->data + centry->ofs, len, sid); + centry->ofs += len; fstrcpy(uname, name); strupper(uname); - centry_end(centry, "NS/%s", sid_to_string(sid_string, sid)); + centry_end(centry, "NS/%s/%s", domain->name, uname); centry_free(centry); } static void wcache_save_sid_to_name(struct winbindd_domain *domain, NTSTATUS status, - DOM_SID *sid, const char *name, enum SID_NAME_USE type) + DOM_SID *sid, const char *name, enum SID_NAME_USE type, uint32 rid) { struct cache_entry *centry; - fstring sid_string; centry = centry_start(domain, status); if (!centry) return; @@ -469,7 +452,7 @@ static void wcache_save_sid_to_name(struct winbindd_domain *domain, NTSTATUS sta centry_put_uint32(centry, type); centry_put_string(centry, name); } - centry_end(centry, "SN/%s", sid_to_string(sid_string, sid)); + centry_end(centry, "SN/%s/%d", domain->name, rid); centry_free(centry); } @@ -477,15 +460,14 @@ static void wcache_save_sid_to_name(struct winbindd_domain *domain, NTSTATUS sta static void wcache_save_user(struct winbindd_domain *domain, NTSTATUS status, WINBIND_USERINFO *info) { struct cache_entry *centry; - fstring sid_string; centry = centry_start(domain, status); if (!centry) return; centry_put_string(centry, info->acct_name); centry_put_string(centry, info->full_name); - centry_put_sid(centry, info->user_sid); - centry_put_sid(centry, info->group_sid); - centry_end(centry, "U/%s", sid_to_string(sid_string, info->user_sid)); + centry_put_uint32(centry, info->user_rid); + centry_put_uint32(centry, info->group_rid); + centry_end(centry, "U/%s/%d", domain->name, info->user_rid); centry_free(centry); } @@ -499,7 +481,7 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, struct winbind_cache *cache = get_cache(domain); struct cache_entry *centry = NULL; NTSTATUS status; - unsigned int i; + int i; if (!cache->tdb) goto do_query; @@ -515,8 +497,8 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, for (i=0; i<(*num_entries); i++) { (*info)[i].acct_name = centry_string(centry, mem_ctx); (*info)[i].full_name = centry_string(centry, mem_ctx); - (*info)[i].user_sid = centry_sid(centry, mem_ctx); - (*info)[i].group_sid = centry_sid(centry, mem_ctx); + (*info)[i].user_rid = centry_uint32(centry); + (*info)[i].group_rid = centry_uint32(centry); } do_cached: @@ -542,18 +524,18 @@ do_query: for (i=0; i<(*num_entries); i++) { centry_put_string(centry, (*info)[i].acct_name); centry_put_string(centry, (*info)[i].full_name); - centry_put_sid(centry, (*info)[i].user_sid); - centry_put_sid(centry, (*info)[i].group_sid); + centry_put_uint32(centry, (*info)[i].user_rid); + centry_put_uint32(centry, (*info)[i].group_rid); if (cache->backend->consistent) { /* when the backend is consistent we can pre-prime some mappings */ wcache_save_name_to_sid(domain, NT_STATUS_OK, (*info)[i].acct_name, - (*info)[i].user_sid, + form_sid(domain, (*info)[i].user_rid), SID_NAME_USER); wcache_save_sid_to_name(domain, NT_STATUS_OK, - (*info)[i].user_sid, + form_sid(domain, (*info)[i].user_rid), (*info)[i].acct_name, - SID_NAME_USER); + SID_NAME_USER, (*info)[i].user_rid); wcache_save_user(domain, NT_STATUS_OK, &(*info)[i]); } } @@ -573,7 +555,7 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain, struct winbind_cache *cache = get_cache(domain); struct cache_entry *centry = NULL; NTSTATUS status; - unsigned int i; + int i; if (!cache->tdb) goto do_query; @@ -633,7 +615,7 @@ static NTSTATUS enum_local_groups(struct winbindd_domain *domain, struct winbind_cache *cache = get_cache(domain); struct cache_entry *centry = NULL; NTSTATUS status; - unsigned int i; + int i; if (!cache->tdb) goto do_query; @@ -687,7 +669,7 @@ do_query: centry_put_string(centry, (*info)[i].acct_name); centry_put_string(centry, (*info)[i].acct_desc); centry_put_uint32(centry, (*info)[i].rid); - } + } centry_end(centry, "GL/%s/local", domain->name); centry_free(centry); @@ -697,7 +679,6 @@ skip_save: /* convert a single name to a sid in a domain */ static NTSTATUS name_to_sid(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, const char *name, DOM_SID *sid, enum SID_NAME_USE *type) @@ -706,7 +687,6 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain, struct cache_entry *centry = NULL; NTSTATUS status; fstring uname; - DOM_SID *sid2; if (!cache->tdb) goto do_query; @@ -715,12 +695,7 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain, centry = wcache_fetch(cache, domain, "NS/%s/%s", domain->name, uname); if (!centry) goto do_query; *type = centry_uint32(centry); - sid2 = centry_sid(centry, mem_ctx); - if (!sid2) { - ZERO_STRUCTP(sid); - } else { - sid_copy(sid, sid2); - } + sid_parse(centry->data + centry->ofs, centry->len - centry->ofs, sid); status = centry->status; centry_free(centry); @@ -732,7 +707,7 @@ do_query: if (wcache_server_down(domain)) { return NT_STATUS_SERVER_DISABLED; } - status = cache->backend->name_to_sid(domain, mem_ctx, name, sid, type); + status = cache->backend->name_to_sid(domain, name, sid, type); /* and save it */ wcache_save_name_to_sid(domain, status, name, sid, *type); @@ -754,11 +729,14 @@ static NTSTATUS sid_to_name(struct winbindd_domain *domain, struct winbind_cache *cache = get_cache(domain); struct cache_entry *centry = NULL; NTSTATUS status; - fstring sid_string; + uint32 rid = 0; + + if (!sid_peek_check_rid(&domain->sid, sid, &rid)) + return NT_STATUS_INVALID_PARAMETER; if (!cache->tdb) goto do_query; - centry = wcache_fetch(cache, domain, "SN/%s", sid_to_string(sid_string, sid)); + centry = wcache_fetch(cache, domain, "SN/%s/%d", domain->name, rid); if (!centry) goto do_query; if (NT_STATUS_IS_OK(centry->status)) { *type = centry_uint32(centry); @@ -778,7 +756,7 @@ do_query: /* and save it */ refresh_sequence_number(domain, True); - wcache_save_sid_to_name(domain, status, sid, *name, *type); + wcache_save_sid_to_name(domain, status, sid, *name, *type, rid); wcache_save_name_to_sid(domain, status, *name, sid, *type); return status; @@ -788,23 +766,22 @@ do_query: /* Lookup user information from a rid */ static NTSTATUS query_user(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *user_sid, + uint32 user_rid, WINBIND_USERINFO *info) { struct winbind_cache *cache = get_cache(domain); struct cache_entry *centry = NULL; NTSTATUS status; - fstring sid_string; if (!cache->tdb) goto do_query; - centry = wcache_fetch(cache, domain, "U/%s", sid_to_string(sid_string, user_sid)); + centry = wcache_fetch(cache, domain, "U/%s/%d", domain->name, user_rid); if (!centry) goto do_query; info->acct_name = centry_string(centry, mem_ctx); info->full_name = centry_string(centry, mem_ctx); - info->user_sid = centry_sid(centry, mem_ctx); - info->group_sid = centry_sid(centry, mem_ctx); + info->user_rid = centry_uint32(centry); + info->group_rid = centry_uint32(centry); status = centry->status; centry_free(centry); return status; @@ -816,7 +793,7 @@ do_query: return NT_STATUS_SERVER_DISABLED; } - status = cache->backend->query_user(domain, mem_ctx, user_sid, info); + status = cache->backend->query_user(domain, mem_ctx, user_rid, info); /* and save it */ refresh_sequence_number(domain, True); @@ -829,18 +806,17 @@ do_query: /* Lookup groups a user is a member of. */ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *user_sid, - uint32 *num_groups, DOM_SID ***user_gids) + uint32 user_rid, + uint32 *num_groups, uint32 **user_gids) { struct winbind_cache *cache = get_cache(domain); struct cache_entry *centry = NULL; NTSTATUS status; - unsigned int i; - fstring sid_string; + int i; if (!cache->tdb) goto do_query; - centry = wcache_fetch(cache, domain, "UG/%s", sid_to_string(sid_string, user_sid)); + centry = wcache_fetch(cache, domain, "UG/%s/%d", domain->name, user_rid); if (!centry) goto do_query; *num_groups = centry_uint32(centry); @@ -850,7 +826,7 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, (*user_gids) = talloc(mem_ctx, sizeof(**user_gids) * (*num_groups)); if (! (*user_gids)) smb_panic("lookup_usergroups out of memory"); for (i=0; i<(*num_groups); i++) { - (*user_gids)[i] = centry_sid(centry, mem_ctx); + (*user_gids)[i] = centry_uint32(centry); } do_cached: @@ -865,7 +841,7 @@ do_query: if (wcache_server_down(domain)) { return NT_STATUS_SERVER_DISABLED; } - status = cache->backend->lookup_usergroups(domain, mem_ctx, user_sid, num_groups, user_gids); + status = cache->backend->lookup_usergroups(domain, mem_ctx, user_rid, num_groups, user_gids); /* and save it */ refresh_sequence_number(domain, True); @@ -873,9 +849,9 @@ do_query: if (!centry) goto skip_save; centry_put_uint32(centry, *num_groups); for (i=0; i<(*num_groups); i++) { - centry_put_sid(centry, (*user_gids)[i]); + centry_put_uint32(centry, (*user_gids)[i]); } - centry_end(centry, "UG/%s", sid_to_string(sid_string, user_sid)); + centry_end(centry, "UG/%s/%d", domain->name, user_rid); centry_free(centry); skip_save: @@ -885,35 +861,34 @@ skip_save: static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *group_sid, uint32 *num_names, - DOM_SID ***sid_mem, char ***names, + uint32 group_rid, uint32 *num_names, + uint32 **rid_mem, char ***names, uint32 **name_types) { struct winbind_cache *cache = get_cache(domain); struct cache_entry *centry = NULL; NTSTATUS status; - unsigned int i; - fstring sid_string; + int i; if (!cache->tdb) goto do_query; - centry = wcache_fetch(cache, domain, "GM/%s", sid_to_string(sid_string, group_sid)); + centry = wcache_fetch(cache, domain, "GM/%s/%d", domain->name, group_rid); if (!centry) goto do_query; *num_names = centry_uint32(centry); if (*num_names == 0) goto do_cached; - (*sid_mem) = talloc(mem_ctx, sizeof(**sid_mem) * (*num_names)); + (*rid_mem) = talloc(mem_ctx, sizeof(**rid_mem) * (*num_names)); (*names) = talloc(mem_ctx, sizeof(**names) * (*num_names)); (*name_types) = talloc(mem_ctx, sizeof(**name_types) * (*num_names)); - if (! (*sid_mem) || ! (*names) || ! (*name_types)) { + if (! (*rid_mem) || ! (*names) || ! (*name_types)) { smb_panic("lookup_groupmem out of memory"); } for (i=0; i<(*num_names); i++) { - (*sid_mem)[i] = centry_sid(centry, mem_ctx); + (*rid_mem)[i] = centry_uint32(centry); (*names)[i] = centry_string(centry, mem_ctx); (*name_types)[i] = centry_uint32(centry); } @@ -925,7 +900,7 @@ do_cached: do_query: (*num_names) = 0; - (*sid_mem) = NULL; + (*rid_mem) = NULL; (*names) = NULL; (*name_types) = NULL; @@ -933,8 +908,8 @@ do_query: if (wcache_server_down(domain)) { return NT_STATUS_SERVER_DISABLED; } - status = cache->backend->lookup_groupmem(domain, mem_ctx, group_sid, num_names, - sid_mem, names, name_types); + status = cache->backend->lookup_groupmem(domain, mem_ctx, group_rid, num_names, + rid_mem, names, name_types); /* and save it */ refresh_sequence_number(domain, True); @@ -942,11 +917,11 @@ do_query: if (!centry) goto skip_save; centry_put_uint32(centry, *num_names); for (i=0; i<(*num_names); i++) { - centry_put_sid(centry, (*sid_mem)[i]); + centry_put_uint32(centry, (*rid_mem)[i]); centry_put_string(centry, (*names)[i]); centry_put_uint32(centry, (*name_types)[i]); } - centry_end(centry, "GM/%s", sid_to_string(sid_string, group_sid)); + centry_end(centry, "GM/%s/%d", domain->name, group_rid); centry_free(centry); skip_save: diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c index 1b49d8ce01..706408901e 100644 --- a/source3/nsswitch/winbindd_cm.c +++ b/source3/nsswitch/winbindd_cm.c @@ -373,7 +373,7 @@ static NTSTATUS cm_open_connection(const char *domain, const int pipe_index, } result = cli_full_connection(&new_conn->cli, global_myname(), new_conn->controller, - &dc_ip, 0, "IPC$", "IPC", ipc_username, ipc_domain, + &dc_ip, 0, "IPC$", "IPC", ipc_username, ipc_domain, ipc_password, CLI_FULL_CONNECTION_ANNONYMOUS_FALLBACK, &retry); secrets_named_mutex_release(new_conn->controller); diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c index d06db5943c..94a826fbbc 100644 --- a/source3/nsswitch/winbindd_group.c +++ b/source3/nsswitch/winbindd_group.c @@ -49,44 +49,43 @@ static BOOL fill_grent(struct winbindd_gr *gr, const char *dom_name, return True; } -/* Fill in the group membership field of a NT group given by group_sid */ +/* Fill in the group membership field of a NT group given by group_rid */ static BOOL fill_grent_mem(struct winbindd_domain *domain, - DOM_SID *group_sid, + uint32 group_rid, enum SID_NAME_USE group_name_type, int *num_gr_mem, char **gr_mem, int *gr_mem_len) { - DOM_SID **sid_mem = NULL; - uint32 num_names = 0; + uint32 *rid_mem = NULL, num_names = 0; uint32 *name_types = NULL; - unsigned int buf_len, buf_ndx, i; + int buf_len, buf_ndx, i; char **names = NULL, *buf; BOOL result = False; TALLOC_CTX *mem_ctx; NTSTATUS status; - fstring sid_string; if (!(mem_ctx = talloc_init("fill_grent_mem(%s)", domain->name))) return False; /* Initialise group membership information */ - DEBUG(10, ("group SID %s\n", sid_to_string(sid_string, group_sid))); + DEBUG(10, ("group %s rid 0x%x\n", domain ? domain->name : "NULL", + group_rid)); *num_gr_mem = 0; if (group_name_type != SID_NAME_DOM_GRP) { - DEBUG(1, ("SID %s in domain %s isn't a domain group\n", - sid_to_string(sid_string, group_sid), domain->name)); + DEBUG(1, ("rid %d in domain %s isn't a domain group\n", + group_rid, domain->name)); goto done; } /* Lookup group members */ - status = domain->methods->lookup_groupmem(domain, mem_ctx, group_sid, &num_names, - &sid_mem, &names, &name_types); + status = domain->methods->lookup_groupmem(domain, mem_ctx, group_rid, &num_names, + &rid_mem, &names, &name_types); if (!NT_STATUS_IS_OK(status)) { - DEBUG(1, ("could not lookup membership for group rid %s in domain %s (error: %s)\n", - sid_to_string(sid_string, group_sid), domain->name, nt_errstr(status))); + DEBUG(1, ("could not lookup membership for group rid %d in domain %s (error: %s)\n", + group_rid, domain->name, nt_errstr(status))); goto done; } @@ -95,7 +94,7 @@ static BOOL fill_grent_mem(struct winbindd_domain *domain, if (DEBUGLEVEL >= 10) { for (i = 0; i < num_names; i++) - DEBUG(10, ("\t%20s %s %d\n", names[i], sid_to_string(sid_string, sid_mem[i]), + DEBUG(10, ("\t%20s %x %d\n", names[i], rid_mem[i], name_types[i])); } @@ -191,6 +190,7 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state) DOM_SID group_sid; struct winbindd_domain *domain; enum SID_NAME_USE name_type; + uint32 group_rid; fstring name_domain, name_group; char *tmp, *gr_mem; gid_t gid; @@ -233,6 +233,10 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state) return WINBINDD_ERROR; } + /* Fill in group structure */ + if (!sid_peek_check_rid(&domain->sid, &group_sid, &group_rid)) + return WINBINDD_ERROR; + if (!winbindd_idmap_get_gid_from_sid(&group_sid, &gid)) { DEBUG(1, ("error converting unix gid to sid\n")); return WINBINDD_ERROR; @@ -240,7 +244,7 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state) if (!fill_grent(&state->response.data.gr, name_domain, name_group, gid) || - !fill_grent_mem(domain, &group_sid, name_type, + !fill_grent_mem(domain, group_rid, name_type, &state->response.data.gr.num_gr_mem, &gr_mem, &gr_mem_len)) { return WINBINDD_ERROR; @@ -265,6 +269,7 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state) enum SID_NAME_USE name_type; fstring dom_name; fstring group_name; + uint32 group_rid; int gr_mem_len; char *gr_mem; @@ -279,13 +284,17 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state) /* Get rid from gid */ - if (!winbindd_idmap_get_sid_from_gid(state->request.data.gid, &group_sid)) { + if (!winbindd_idmap_get_rid_from_gid(state->request.data.gid, + &group_rid, &domain)) { DEBUG(1, ("could not convert gid %d to rid\n", state->request.data.gid)); return WINBINDD_ERROR; } - /* Get name from sid */ + /* Get sid from gid */ + + sid_copy(&group_sid, &domain->sid); + sid_append_rid(&group_sid, group_rid); if (!winbindd_lookup_name_by_sid(&group_sid, dom_name, group_name, &name_type)) { DEBUG(1, ("could not lookup sid\n")); @@ -301,16 +310,9 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state) /* Fill in group structure */ - domain = find_domain_from_sid(&group_sid); - - if (!domain) { - DEBUG(1,("Can't find domain from sid\n")); - return WINBINDD_ERROR; - } - if (!fill_grent(&state->response.data.gr, dom_name, group_name, state->request.data.gid) || - !fill_grent_mem(domain, &group_sid, name_type, + !fill_grent_mem(domain, group_rid, name_type, &state->response.data.gr.num_gr_mem, &gr_mem, &gr_mem_len)) return WINBINDD_ERROR; @@ -542,9 +544,7 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state) gid_t group_gid; int gr_mem_len; char *gr_mem, *new_gr_mem_list; - DOM_SID group_sid; - struct winbindd_domain *domain; - + /* Do we need to fetch another chunk of groups? */ tryagain: @@ -578,25 +578,16 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state) name_list = ent->sam_entries; - if (!(domain = - find_domain_from_name(ent->domain_name))) { - DEBUG(3, ("No such domain %s in winbindd_getgrent\n", ent->domain_name)); - result = False; - goto done; - } - /* Lookup group info */ - sid_copy(&group_sid, &domain->sid); - sid_append_rid(&group_sid, name_list[ent->sam_entry_index].rid); - - if (!winbindd_idmap_get_gid_from_sid( - &group_sid, - &group_gid)) { + if (!winbindd_idmap_get_gid_from_rid( + ent->domain_name, + name_list[ent->sam_entry_index].rid, + &group_gid)) { DEBUG(1, ("could not look up gid for group %s\n", name_list[ent->sam_entry_index].acct_name)); - + ent->sam_entry_index++; goto tryagain; } @@ -617,7 +608,15 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state) /* Fill in group membership entry */ if (result) { - DOM_SID member_sid; + struct winbindd_domain *domain; + + if (!(domain = + find_domain_from_name(ent->domain_name))) { + DEBUG(3, ("No such domain %s in winbindd_getgrent\n", ent->domain_name)); + result = False; + goto done; + } + group_list[group_list_ndx].num_gr_mem = 0; gr_mem = NULL; gr_mem_len = 0; @@ -626,11 +625,9 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state) if (state->request.cmd == WINBINDD_GETGRLST) { result = True; } else { - sid_copy(&member_sid, &domain->sid); - sid_append_rid(&member_sid, name_list[ent->sam_entry_index].rid); result = fill_grent_mem( domain, - &member_sid, + name_list[ent->sam_entry_index].rid, SID_NAME_DOM_GRP, &group_list[group_list_ndx].num_gr_mem, &gr_mem, &gr_mem_len); @@ -733,7 +730,7 @@ enum winbindd_result winbindd_list_groups(struct winbindd_cli_state *state) struct winbindd_domain *domain; char *extra_data = NULL; char *ted = NULL; - unsigned int extra_data_len = 0, i; + int extra_data_len = 0, i; DEBUG(3, ("[%5d]: list groups\n", state->pid)); @@ -808,13 +805,13 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) fstring name_domain, name_user; DOM_SID user_sid; enum SID_NAME_USE name_type; - uint32 num_groups, num_gids; + uint32 user_rid, num_groups, num_gids; NTSTATUS status; - DOM_SID **user_gids; + uint32 *user_gids; struct winbindd_domain *domain; enum winbindd_result result = WINBINDD_ERROR; gid_t *gid_list; - unsigned int i; + int i; TALLOC_CTX *mem_ctx; /* Ensure null termination */ @@ -855,9 +852,9 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) goto done; } - status = domain->methods->lookup_usergroups(domain, mem_ctx, - &user_sid, &num_groups, - &user_gids); + sid_split_rid(&user_sid, &user_rid); + + status = domain->methods->lookup_usergroups(domain, mem_ctx, user_rid, &num_groups, &user_gids); if (!NT_STATUS_IS_OK(status)) goto done; /* Copy data back to client */ @@ -869,13 +866,12 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) goto done; for (i = 0; i < num_groups; i++) { - if (!winbindd_idmap_get_gid_from_sid( - user_gids[i], - &gid_list[num_gids])) { - fstring sid_string; + if (!winbindd_idmap_get_gid_from_rid(domain->name, + user_gids[i], + &gid_list[num_gids])) { - DEBUG(1, ("unable to convert group sid %s to gid\n", - sid_to_string(sid_string, user_gids[i]))); + DEBUG(1, ("unable to convert group rid %d to gid\n", + user_gids[i])); continue; } diff --git a/source3/nsswitch/winbindd_idmap.c b/source3/nsswitch/winbindd_idmap.c index 23f4b4d081..6d184fec5f 100644 --- a/source3/nsswitch/winbindd_idmap.c +++ b/source3/nsswitch/winbindd_idmap.c @@ -1,19 +1,20 @@ /* Unix SMB/CIFS implementation. - Winbind ID Mapping - Copyright (C) Tim Potter 2000 - Copyright (C) Anthony Liguori <aliguor@us.ibm.com> 2003 + Winbind daemon - user related function + + Copyright (C) Tim Potter 2000 + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. @@ -21,175 +22,508 @@ #include "winbindd.h" -static struct { - const char *name; - /* Function to create a member of the idmap_methods list */ - BOOL (*reg_meth)(struct winbindd_idmap_methods **methods); - struct winbindd_idmap_methods *methods; -} builtin_winbindd_idmap_functions[] = { - { "tdb", winbind_idmap_reg_tdb, NULL }, - { "ldap", winbind_idmap_reg_ldap, NULL }, - { NULL, NULL, NULL } -}; - -/* singleton pattern: uberlazy evaluation */ -static struct winbindd_idmap_methods *impl; - -static struct winbindd_idmap_methods *get_impl(const char *name) -{ - int i = 0; - struct winbindd_idmap_methods *ret = NULL; - - while (builtin_winbindd_idmap_functions[i].name && - strcmp(builtin_winbindd_idmap_functions[i].name, name)) { - i++; - } - - if (builtin_winbindd_idmap_functions[i].name) { - if (!builtin_winbindd_idmap_functions[i].methods) { - builtin_winbindd_idmap_functions[i].reg_meth(&builtin_winbindd_idmap_functions[i].methods); - } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_WINBIND - ret = builtin_winbindd_idmap_functions[i].methods; - } +/* High water mark keys */ - return ret; -} +#define HWM_GROUP "GROUP HWM" +#define HWM_USER "USER HWM" -/* Initialize backend */ -BOOL winbindd_idmap_init(void) +/* idmap version determines auto-conversion */ +#define IDMAP_VERSION 2 + +/* Globals */ + +static TDB_CONTEXT *idmap_tdb; + +/* Allocate either a user or group id from the pool */ + +static BOOL allocate_id(uid_t *id, BOOL isgroup) { - BOOL ret = False; + int hwm; - DEBUG(3, ("winbindd_idmap_init: using '%s' as backend\n", - lp_winbind_backend())); + /* Get current high water mark */ - if (!impl) { - impl = get_impl(lp_winbind_backend()); - if (!impl) { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); + if ((hwm = tdb_fetch_int32(idmap_tdb, + isgroup ? HWM_GROUP : HWM_USER)) == -1) { + return False; } - } - if (impl) { - ret = impl->init(); - } + /* Return next available uid in list */ - DEBUG(3, ("winbind_idmap_init: returning %s\n", ret ? "true" : "false")); + if ((isgroup && (hwm > server_state.gid_high)) || + (!isgroup && (hwm > server_state.uid_high))) { + DEBUG(0, ("winbind %sid range full!\n", isgroup ? "g" : "u")); + return False; + } + + if (id) { + *id = hwm; + } + + hwm++; + + /* Store new high water mark */ + + tdb_store_int32(idmap_tdb, isgroup ? HWM_GROUP : HWM_USER, hwm); - return ret; + return True; } -/* Get UID from SID */ -BOOL winbindd_idmap_get_uid_from_sid(DOM_SID *sid, uid_t *uid) +/* Get an id from a rid */ +static BOOL get_id_from_sid(DOM_SID *sid, uid_t *id, BOOL isgroup) { - BOOL ret = False; + TDB_DATA data, key; + fstring keystr; + BOOL result = False; + + /* Check if sid is present in database */ + sid_to_string(keystr, sid); + + key.dptr = keystr; + key.dsize = strlen(keystr) + 1; + + data = tdb_fetch(idmap_tdb, key); + + if (data.dptr) { + fstring scanstr; + int the_id; + + /* Parse and return existing uid */ + fstrcpy(scanstr, isgroup ? "GID" : "UID"); + fstrcat(scanstr, " %d"); + + if (sscanf(data.dptr, scanstr, &the_id) == 1) { + /* Store uid */ + if (id) { + *id = the_id; + } - if (!impl) { - impl = get_impl(lp_winbind_backend()); - if (!impl) { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); + result = True; + } + + SAFE_FREE(data.dptr); + } else { + + /* Allocate a new id for this sid */ + + if (id && allocate_id(id, isgroup)) { + fstring keystr2; + + /* Store new id */ + + slprintf(keystr2, sizeof(keystr2), "%s %d", isgroup ? "GID" : "UID", *id); + + data.dptr = keystr2; + data.dsize = strlen(keystr2) + 1; + + tdb_store(idmap_tdb, key, data, TDB_REPLACE); + tdb_store(idmap_tdb, data, key, TDB_REPLACE); + + result = True; + } } - } - if (impl) { - ret = impl->get_uid_from_sid(sid, uid); - } + return result; +} - return ret; +/* Get a uid from a user sid */ +BOOL winbindd_idmap_get_uid_from_sid(DOM_SID *sid, uid_t *uid) +{ + return get_id_from_sid(sid, uid, False); } -/* Get GID from SID */ +/* Get a gid from a group sid */ BOOL winbindd_idmap_get_gid_from_sid(DOM_SID *sid, gid_t *gid) { - BOOL ret = False; + return get_id_from_sid(sid, gid, True); +} - if (!impl) { - impl = get_impl(lp_winbind_backend()); - if (!impl) { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); - } - } +/* Get a uid from a user rid */ +BOOL winbindd_idmap_get_uid_from_rid(const char *dom_name, uint32 rid, uid_t *uid) +{ + struct winbindd_domain *domain; + DOM_SID sid; + + if (!(domain = find_domain_from_name(dom_name))) { + return False; + } - if (impl) { - ret = impl->get_gid_from_sid(sid, gid); - } + sid_copy(&sid, &domain->sid); + sid_append_rid(&sid, rid); - return ret; + return get_id_from_sid(&sid, uid, False); } -/* Get SID from UID */ -BOOL winbindd_idmap_get_sid_from_uid(uid_t uid, DOM_SID *sid) +/* Get a gid from a group rid */ +BOOL winbindd_idmap_get_gid_from_rid(const char *dom_name, uint32 rid, gid_t *gid) +{ + struct winbindd_domain *domain; + DOM_SID sid; + + if (!(domain = find_domain_from_name(dom_name))) { + return False; + } + + sid_copy(&sid, &domain->sid); + sid_append_rid(&sid, rid); + + return get_id_from_sid(&sid, gid, True); +} + + +BOOL get_sid_from_id(int id, DOM_SID *sid, BOOL isgroup) { - BOOL ret = False; + TDB_DATA key, data; + fstring keystr; + BOOL result = False; + + slprintf(keystr, sizeof(keystr), "%s %d", isgroup ? "GID" : "UID", id); + + key.dptr = keystr; + key.dsize = strlen(keystr) + 1; - if (!impl) { - impl = get_impl(lp_winbind_backend()); - if (!impl) { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); + data = tdb_fetch(idmap_tdb, key); + + if (data.dptr) { + result = string_to_sid(sid, data.dptr); + SAFE_FREE(data.dptr); } - } - if (impl) { - ret = impl->get_sid_from_uid(uid, sid); - } + return result; +} - return ret; +/* Get a sid from a uid */ +BOOL winbindd_idmap_get_sid_from_uid(uid_t uid, DOM_SID *sid) +{ + return get_sid_from_id((int)uid, sid, False); } -/* Get SID from GID */ +/* Get a sid from a gid */ BOOL winbindd_idmap_get_sid_from_gid(gid_t gid, DOM_SID *sid) { - BOOL ret = False; + return get_sid_from_id((int)gid, sid, True); +} + +/* Get a user rid from a uid */ +BOOL winbindd_idmap_get_rid_from_uid(uid_t uid, uint32 *user_rid, + struct winbindd_domain **domain) +{ + DOM_SID sid; + + if (!get_sid_from_id((int)uid, &sid, False)) { + return False; + } - if (!impl) { - impl = get_impl(lp_winbind_backend()); - } + *domain = find_domain_from_sid(&sid); + if (! *domain) return False; - if (impl) { - ret = impl->get_sid_from_gid(gid, sid); - } else { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); - } + sid_split_rid(&sid, user_rid); - return ret; + return True; } -/* Close backend */ -BOOL winbindd_idmap_close(void) +/* Get a group rid from a gid */ + +BOOL winbindd_idmap_get_rid_from_gid(gid_t gid, uint32 *group_rid, + struct winbindd_domain **domain) +{ + DOM_SID sid; + + if (!get_sid_from_id((int)gid, &sid, True)) { + return False; + } + + *domain = find_domain_from_sid(&sid); + if (! *domain) return False; + + sid_split_rid(&sid, group_rid); + + return True; +} + +/* convert one record to the new format */ +static int convert_fn(TDB_CONTEXT *tdb, TDB_DATA key, TDB_DATA data, void *ignored) { - BOOL ret = False; + struct winbindd_domain *domain; + char *p; + DOM_SID sid; + uint32 rid; + fstring keystr; + fstring dom_name; + TDB_DATA key2; + + p = strchr(key.dptr, '/'); + if (!p) + return 0; + + *p = 0; + fstrcpy(dom_name, key.dptr); + *p++ = '/'; + + domain = find_domain_from_name(dom_name); + if (!domain) { + /* We must delete the old record. */ + DEBUG(0,("winbindd: convert_fn : Unable to find domain %s\n", dom_name )); + DEBUG(0,("winbindd: convert_fn : deleting record %s\n", key.dptr )); + tdb_delete(idmap_tdb, key); + return 0; + } + + rid = atoi(p); + + sid_copy(&sid, &domain->sid); + sid_append_rid(&sid, rid); + + sid_to_string(keystr, &sid); + key2.dptr = keystr; + key2.dsize = strlen(keystr) + 1; + + if (tdb_store(idmap_tdb, key2, data, TDB_INSERT) != 0) { + /* not good! */ + DEBUG(0,("winbindd: convert_fn : Unable to update record %s\n", key2.dptr )); + DEBUG(0,("winbindd: convert_fn : conversion failed - idmap corrupt ?\n")); + return -1; + } + + if (tdb_store(idmap_tdb, data, key2, TDB_REPLACE) != 0) { + /* not good! */ + DEBUG(0,("winbindd: convert_fn : Unable to update record %s\n", data.dptr )); + DEBUG(0,("winbindd: convert_fn : conversion failed - idmap corrupt ?\n")); + return -1; + } + + tdb_delete(idmap_tdb, key); + + return 0; +} - if (!impl) { - impl = get_impl(lp_winbind_backend()); - } +#if 0 +/***************************************************************************** + Make a backup copy of the old idmap just to be safe.... JRA. +*****************************************************************************/ - if (impl) { - ret = impl->close(); - } else { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); - } +static BOOL backup_old_idmap(const char *idmap_name) +{ + pstring new_name; + int outfd = -1; + SMB_OFF_T size; + struct stat st; + + pstrcpy(new_name, idmap_name); + pstrcat(new_name, ".bak"); + + DEBUG(10,("backup_old_idmap: backing up %s to %s before upgrade.\n", + idmap_name, new_name )); + + if (tdb_lockall(idmap_tdb) == -1) { + DEBUG(10,("backup_old_idmap: failed to lock %s. Error %s\n", + idmap_name, tdb_errorstr(idmap_tdb) )); + return False; + } + if ((outfd = open(new_name, O_CREAT|O_EXCL|O_RDWR, 0600)) == -1) { + DEBUG(10,("backup_old_idmap: failed to open %s. Error %s\n", + new_name, strerror(errno) )); + goto fail; + } + + if (fstat(idmap_tdb->fd, &st) == -1) { + DEBUG(10,("backup_old_idmap: failed to fstat %s. Error %s\n", + idmap_name, strerror(errno) )); + goto fail; + } + + size = (SMB_OFF_T)st.st_size; + + if (transfer_file(idmap_tdb->fd, outfd, size) != size ) { + DEBUG(10,("backup_old_idmap: failed to copy %s. Error %s\n", + idmap_name, strerror(errno) )); + goto fail; + } + + if (close(outfd) == -1) { + DEBUG(10,("backup_old_idmap: failed to close %s. Error %s\n", + idmap_name, strerror(errno) )); + outfd = -1; + goto fail; + } + tdb_unlockall(idmap_tdb); + return True; + +fail: + + if (outfd != -1) + close(outfd); + tdb_unlockall(idmap_tdb); + return False; +} +#endif + +/***************************************************************************** + Convert the idmap database from an older version. +*****************************************************************************/ - return ret; +static BOOL idmap_convert(const char *idmap_name) +{ + int32 vers = tdb_fetch_int32(idmap_tdb, "IDMAP_VERSION"); + BOOL bigendianheader = (idmap_tdb->flags & TDB_BIGENDIAN) ? True : False; + + if (vers == IDMAP_VERSION) + return True; + +#if 0 + /* Make a backup copy before doing anything else.... */ + if (!backup_old_idmap(idmap_name)) + return False; +#endif + + if (((vers == -1) && bigendianheader) || (IREV(vers) == IDMAP_VERSION)) { + /* Arrggghh ! Bytereversed or old big-endian - make order independent ! */ + /* + * high and low records were created on a + * big endian machine and will need byte-reversing. + */ + + int32 wm; + + wm = tdb_fetch_int32(idmap_tdb, HWM_USER); + + if (wm != -1) { + wm = IREV(wm); + } else + wm = server_state.uid_low; + + if (tdb_store_int32(idmap_tdb, HWM_USER, wm) == -1) { + DEBUG(0, ("idmap_convert: Unable to byteswap user hwm in idmap database\n")); + return False; + } + + wm = tdb_fetch_int32(idmap_tdb, HWM_GROUP); + if (wm != -1) { + wm = IREV(wm); + } else + wm = server_state.gid_low; + + if (tdb_store_int32(idmap_tdb, HWM_GROUP, wm) == -1) { + DEBUG(0, ("idmap_convert: Unable to byteswap group hwm in idmap database\n")); + return False; + } + } + + /* the old format stored as DOMAIN/rid - now we store the SID direct */ + tdb_traverse(idmap_tdb, convert_fn, NULL); + + if (tdb_store_int32(idmap_tdb, "IDMAP_VERSION", IDMAP_VERSION) == -1) { + DEBUG(0, ("idmap_convert: Unable to byteswap group hwm in idmap database\n")); + return False; + } + + return True; } -/* Dump backend status */ +/***************************************************************************** + Initialise idmap database. +*****************************************************************************/ + +BOOL winbindd_idmap_init(void) +{ + /* Open tdb cache */ + + if (!(idmap_tdb = tdb_open_log(lock_path("winbindd_idmap.tdb"), 0, + TDB_DEFAULT, O_RDWR | O_CREAT, 0600))) { + DEBUG(0, ("winbindd_idmap_init: Unable to open idmap database\n")); + return False; + } + + /* possibly convert from an earlier version */ + if (!idmap_convert(lock_path("winbindd_idmap.tdb"))) { + DEBUG(0, ("winbindd_idmap_init: Unable to open idmap database\n")); + return False; + } + + /* Create high water marks for group and user id */ + + if (tdb_fetch_int32(idmap_tdb, HWM_USER) == -1) { + if (tdb_store_int32(idmap_tdb, HWM_USER, server_state.uid_low) == -1) { + DEBUG(0, ("winbindd_idmap_init: Unable to initialise user hwm in idmap database\n")); + return False; + } + } + + if (tdb_fetch_int32(idmap_tdb, HWM_GROUP) == -1) { + if (tdb_store_int32(idmap_tdb, HWM_GROUP, server_state.gid_low) == -1) { + DEBUG(0, ("winbindd_idmap_init: Unable to initialise group hwm in idmap database\n")); + return False; + } + } + + return True; +} + +BOOL winbindd_idmap_close(void) +{ + if (idmap_tdb) + return (tdb_close(idmap_tdb) == 0); + return True; +} + +/* Dump status information to log file. Display different stuff based on + the debug level: + + Debug Level Information Displayed + ================================================================= + 0 Percentage of [ug]id range allocated + 0 High water marks (next allocated ids) +*/ + +#define DUMP_INFO 0 + void winbindd_idmap_status(void) { - if (!impl) { - impl = get_impl(lp_winbind_backend()); - } + int user_hwm, group_hwm; + + DEBUG(0, ("winbindd idmap status:\n")); + + /* Get current high water marks */ + + if ((user_hwm = tdb_fetch_int32(idmap_tdb, HWM_USER)) == -1) { + DEBUG(DUMP_INFO, ("\tCould not get userid high water mark!\n")); + } + + if ((group_hwm = tdb_fetch_int32(idmap_tdb, HWM_GROUP)) == -1) { + DEBUG(DUMP_INFO, ("\tCould not get groupid high water mark!\n")); + } + + /* Display next ids to allocate */ + + if (user_hwm != -1) { + DEBUG(DUMP_INFO, ("\tNext userid to allocate is %d\n", user_hwm)); + } + + if (group_hwm != -1) { + DEBUG(DUMP_INFO, ("\tNext groupid to allocate is %d\n", group_hwm)); + } + + /* Display percentage of id range already allocated. */ + + if (user_hwm != -1) { + int num_users = user_hwm - server_state.uid_low; + int total_users = server_state.uid_high - server_state.uid_low; + + DEBUG(DUMP_INFO, ("\tUser id range is %d%% full (%d of %d)\n", + num_users * 100 / total_users, num_users, + total_users)); + } + + if (group_hwm != -1) { + int num_groups = group_hwm - server_state.gid_low; + int total_groups = server_state.gid_high - server_state.gid_low; + + DEBUG(DUMP_INFO, ("\tGroup id range is %d%% full (%d of %d)\n", + num_groups * 100 / total_groups, num_groups, + total_groups)); + } - if (impl) { - impl->status(); - } else { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); - } + /* Display complete mapping of users and groups to rids */ } diff --git a/source3/nsswitch/winbindd_idmap_ldap.c b/source3/nsswitch/winbindd_idmap_ldap.c deleted file mode 100644 index eb10dd33e9..0000000000 --- a/source3/nsswitch/winbindd_idmap_ldap.c +++ /dev/null @@ -1,392 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind daemon - user related function - - Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "winbindd.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_WINBIND - -#ifdef HAVE_LDAP - -#include <lber.h> -#include <ldap.h> - -#include "smb_ldap.h" - -/* Globals */ -static struct smb_ldap_privates *ldap_state; - -static const char *attr[] = { "uid", "rid", "domain", "uidNumber", - "gidNumber", NULL }; - -static const char *pool_attr[] = {"uidNumber", "gidNumber", "cn", NULL}; - -static long ldap_allocate_id(BOOL is_user) -{ - int rc, count; - LDAPMessage *result; - int scope = LDAP_SCOPE_SUBTREE; - long ret = 0; - int sanity = 0; - - do { - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, is_user?"cn=UID Pool":"cn=GID Pool", pool_attr, 0, &result); - - if (LDAP_SUCCESS != rc) { - DEBUG(0,("ldap_allocate_id: No ID pool found in directory\n")); - return 0; - } - - count = ldap_count_entries(ldap_state->ldap_struct, result); - - if (1 < count) { - DEBUG(0,("ldap_allocate_id: Multiple UID pools found in directory?\n")); - break; - } else if (1 == count) { - LDAPMessage *entry = - ldap_first_entry(ldap_state->ldap_struct, - result); - LDAPMod **mods = NULL; - pstring temp; - - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, is_user?"uidNumber":"gidNumber", temp)) { - return False; - } - ret = atol(temp); - smb_ldap_make_a_mod(&mods, LDAP_MOD_DELETE, - is_user?"uidNumber":"gidNumber", - temp); - slprintf(temp, sizeof(temp) - 1, "%ld", ret + 1); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, is_user?"uidNumber":"gidNumber", temp); - slprintf(temp, sizeof(temp) - 1, "cn=%cID Pool,%s", is_user?'U':'G', lp_ldap_user_suffix()); - rc = smb_ldap_modify(ldap_state, temp, mods); - ldap_mods_free(mods, 1); - } else { - DEBUG(0,("ldap_allocate_id: unexpected number of entries returned\n")); - break; - } - } while (LDAP_NO_SUCH_ATTRIBUTE == rc && ++sanity < 100); - - return ret; -} - -/***************************************************************************** - Initialise idmap database. -*****************************************************************************/ -static BOOL ldap_idmap_init(void) -{ - static struct smb_ldap_privates state; - ldap_state = &state; - -#ifdef WITH_LDAP_SAMCONFIG - { - int ldap_port = lp_ldap_port(); - - /* remap default port if not using SSL */ - if (lp_ldap_ssl() != LDAP_SSL_ON && ldap_port == 636) { - ldap_port = 389; - } - - ldap_state->uri = asprintf("%s://%s:d", - lp_ldap_ssl() == LDAP_SSL_ON ? "ldaps" : "ldap", - lp_ldap_server(), ldap_port); - if (!ldap_state->uri) { - DEBUG(0,("Out of memory\n")); - return False; - } - } -#else - ldap_state->uri = "ldap://localhost"; -#endif - return True; -} - -static BOOL ldap_get_sid_from_uid(uid_t uid, DOM_SID * sid) -{ - pstring filter; - int scope = LDAP_SCOPE_SUBTREE; - int rc, count; - LDAPMessage *result; - - slprintf(filter, sizeof(filter) - 1, "uidNumber=%i", uid); - - DEBUG(2, ("ldap_get_sid_from_uid: searching for:[%s]\n", filter)); - - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result); - if (LDAP_SUCCESS != rc) { - DEBUG(0,("ldap_get_sid_from_uid: user search failed\n")); - return False; - } - - count = ldap_count_entries(ldap_state->ldap_struct, result); - if (1 < count) { - DEBUG(0,("More than one user exists where: %s\n", filter)); - ldap_msgfree(result); - return False; - } else if (1 == count) { - /* we found the user, get the users RID */ - LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, - result); - pstring temp, domain; - uint32 rid; - struct winbindd_domain *wb_dom; - - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "domain", domain)) { - return False; - } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "rid", temp)) { - return False; - } - rid = (uint32)atol(temp); - wb_dom = find_domain_from_name(domain); - - if (!wb_dom) { - DEBUG(0,("ldap_get_sid_from_uid: could not find domain %s\n", domain)); - return False; - } - - sid_copy(sid, &wb_dom->sid); - sid_append_rid(sid, rid); - } else { - /* 0 entries? that ain't right */ - DEBUG(0,("ldap_get_sid_from_uid: not user entry found for %s\n", filter)); - } - - return True; -} - -static BOOL ldap_get_uid_from_sid(DOM_SID *sid, uid_t *uid) -{ - pstring filter; - int scope = LDAP_SCOPE_SUBTREE; - int rc, count; - LDAPMessage *result; - uint32 rid = 0; - struct winbindd_domain *wb_dom; - DOM_SID dom_sid; - - sid_copy(&dom_sid, sid); - - if (!sid_split_rid(&dom_sid, &rid)) { - DEBUG(0,("ldap_get_uid_from_sid: sid does not contain an rid\n")); - return False; - } - - if (!(wb_dom = find_domain_from_sid(&dom_sid))) { - DEBUG(0,("ldap_get_uid_from_sid: cannot lookup domain from sid\n")); - return False; - } - - slprintf(filter, sizeof(filter) - 1, "rid=%d,domain=%s,objectClass=sambaAccount", rid, wb_dom->name); - - DEBUG(2, ("ldap_get_uid_from_sid: searching for:[%s]\n", filter)); - - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result); - if (LDAP_NO_SUCH_OBJECT == rc) { - LDAPMod **mods = NULL; - pstring temp; - fstring dom, name; - int sid_type; - - winbindd_lookup_name_by_sid(sid, dom, name, - (enum SID_USE_TYPE *)&sid_type); - slprintf(temp, sizeof(temp) - 1, "%i", rid); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "rid", temp); - - *uid = ldap_allocate_id(True); - slprintf(temp, sizeof(temp) - 1, "%i", *uid); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "uidNumber", temp); - - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "uid", name); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "sambaAccount"); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "account"); - slprintf(temp, sizeof(temp) - 1, "uid=%s,%s", name, lp_ldap_user_suffix()); - rc = smb_ldap_modify(ldap_state, temp, mods); - - ldap_mods_free(mods, 1); - if (LDAP_SUCCESS != rc) { - return False; - } - } else if (LDAP_SUCCESS == rc) { - count = ldap_count_entries(ldap_state->ldap_struct, result); - if (1 < count) { - DEBUG(0,("More than one user exists where: %s\n", filter)); - ldap_msgfree(result); - return False; - } else if (1 == count) { - /* we found the user, get the idNumber */ - LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, result); - pstring temp; - - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "uidNumber", temp)) { - return False; - } - *uid = atol(temp); - } else { - DEBUG(0,("ldap_get_uid_from_sid: zero entries returned?\n")); - return False; - } - } else { - DEBUG(0,("ldap_get_uid_from_sid: unknown error querying user info\n")); - return False; - } - - return True; -} - -static BOOL ldap_get_sid_from_gid(gid_t gid, DOM_SID * sid) -{ - pstring filter; - int scope = LDAP_SCOPE_SUBTREE; - int rc, count; - LDAPMessage *result; - - slprintf(filter, sizeof(filter) - 1, "gidNumber=%i,objectClass=sambaGroupMapping", gid); - - DEBUG(2, ("ldap_get_sid_from_gid: searching for:[%s]\n", filter)); - - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result); - if (LDAP_SUCCESS != rc) { - DEBUG(0,("ldap_get_sid_from_gid: user search failed\n")); - return False; - } - - count = ldap_count_entries(ldap_state->ldap_struct, result); - if (1 < count) { - DEBUG(0,("More than one group exists where: %s\n", filter)); - ldap_msgfree(result); - return False; - } else if (1 == count) { - LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, - result); - pstring str_sid; - - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "ntSid", str_sid)) { - return False; - } - - string_to_sid(sid, str_sid); - } else { - /* 0 entries? that ain't right */ - DEBUG(0,("ldap_get_sid_from_gid: not group entry found for %s\n", filter)); - } - - return True; -} - -static BOOL ldap_get_gid_from_sid(DOM_SID *sid, gid_t *gid) -{ - pstring filter; - int scope = LDAP_SCOPE_SUBTREE; - int rc, count; - LDAPMessage *result; - fstring str_sid; - - sid_to_string(str_sid, sid); - - slprintf(filter, sizeof(filter) - 1, "ntSid=%s,objectClass=sambaGroupMapping", str_sid); - - DEBUG(2, ("ldap_get_gid_from_sid: searching for:[%s]\n", filter)); - - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result); - if (LDAP_NO_SUCH_OBJECT == rc) { - LDAPMod **mods = NULL; - pstring temp; - - *gid = ldap_allocate_id(False); - slprintf(temp, sizeof(temp) - 1, "%i", *gid); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "gidNumber", temp); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "sambaGroupMapping"); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "account"); - slprintf(temp, sizeof(temp) - 1, "gidNumber=%i,%s", *gid, lp_ldap_user_suffix()); - rc = smb_ldap_modify(ldap_state, temp, mods); - - ldap_mods_free(mods, 1); - if (LDAP_SUCCESS != rc) { - return False; - } - } else if (LDAP_SUCCESS == rc) { - count = ldap_count_entries(ldap_state->ldap_struct, result); - if (1 < count) { - DEBUG(0,("More than one group exists where: %s\n", filter)); - ldap_msgfree(result); - return False; - } else if (1 == count) { - LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, result); - pstring temp; - - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber", temp)) { - return False; - } - *gid = atol(temp); - } else { - DEBUG(0,("ldap_get_gid_from_sid: zero entries returned?\n")); - return False; - } - } else { - DEBUG(0,("ldap_get_gid_from_sid: unknown error querying user info\n")); - return False; - } - - return True; -} - -static BOOL ldap_idmap_close(void) -{ - smb_ldap_close(ldap_state); - ldap_state = 0; - return True; -} - -static void ldap_idmap_status(void) -{ - DEBUG(0, ("winbindd idmap status:\n")); - DEBUG(0, ("Using LDAP\n")); -} - -struct winbindd_idmap_methods ldap_idmap_methods = { - ldap_idmap_init, - - ldap_get_sid_from_uid, - ldap_get_sid_from_gid, - - ldap_get_uid_from_sid, - ldap_get_gid_from_sid, - - ldap_idmap_close, - - ldap_idmap_status -}; - -#endif - -BOOL winbind_idmap_reg_ldap(struct winbindd_idmap_methods **meth) -{ -#ifdef HAVE_LDAP - *meth = &ldap_idmap_methods; - - return True; -#else - DEBUG(0,("winbind_idmap_reg_ldap: LDAP support not compiled\n")); - return False; -#endif -} diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c index 9ec35617f1..48f528f520 100644 --- a/source3/nsswitch/winbindd_rpc.c +++ b/source3/nsswitch/winbindd_rpc.c @@ -3,7 +3,7 @@ Winbind rpc backend functions - Copyright (C) Tim Potter 2000-2001,2003 + Copyright (C) Tim Potter 2000-2001 Copyright (C) Andrew Tridgell 2001 This program is free software; you can redistribute it and/or modify @@ -26,7 +26,6 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND - /* Query display info for a domain. This returns enough information plus a bit extra to give an overview of domain users for the User Manager application. */ @@ -40,17 +39,18 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, POLICY_HND dom_pol; BOOL got_dom_pol = False; uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; - unsigned int i, start_idx, retry; + int i, loop_count = 0; + int retry; DEBUG(3,("rpc: query_user_list\n")); *num_entries = 0; *info = NULL; + /* Get sam handle */ + retry = 0; do { - /* Get sam handle */ - if (!(hnd = cm_get_sam_handle(domain->name))) goto done; @@ -66,39 +66,50 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, got_dom_pol = True; - i = start_idx = 0; + i = 0; do { + SAM_DISPINFO_CTR ctr; + SAM_DISPINFO_1 info1; + uint32 count = 0, start=i, max_entries, max_size; + int j; TALLOC_CTX *ctx2; - char **dom_users; - uint32 num_dom_users, *dom_rids, j, size = 0xffff; - uint16 acb_mask = ACB_NORMAL; - if (!(ctx2 = talloc_init("winbindd enum_users"))) { + ctr.sam.info1 = &info1; + + ctx2 = talloc_init("winbindd dispinfo"); + if (!ctx2) { result = NT_STATUS_NO_MEMORY; goto done; - } + } + + get_query_dispinfo_params( + loop_count, &max_entries, &max_size); - result = cli_samr_enum_dom_users( - hnd->cli, ctx2, &dom_pol, &start_idx, acb_mask, - size, &dom_users, &dom_rids, &num_dom_users); + /* Query display info level 1 */ + result = cli_samr_query_dispinfo( + hnd->cli, ctx2, &dom_pol, &start, 1, &count, + max_entries, max_size, &ctr); - *num_entries += num_dom_users; + loop_count++; - *info = talloc_realloc( - mem_ctx, *info, - (*num_entries) * sizeof(WINBIND_USERINFO)); + if (!NT_STATUS_IS_OK(result) && + !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) break; + (*num_entries) += count; + + /* now map the result into the WINBIND_USERINFO structure */ + (*info) = talloc_realloc(mem_ctx, *info, + (*num_entries)*sizeof(WINBIND_USERINFO)); if (!(*info)) { result = NT_STATUS_NO_MEMORY; talloc_destroy(ctx2); goto done; } - for (j = 0; j < num_dom_users; i++, j++) { - (*info)[i].acct_name = - talloc_strdup(mem_ctx, dom_users[j]); - (*info)[i].full_name = talloc_strdup(mem_ctx, ""); - (*info)[i].user_sid = rid_to_talloced_sid(domain, mem_ctx, dom_rids[j]); + for (j=0;j<count;i++, j++) { + (*info)[i].acct_name = unistr2_tdup(mem_ctx, &info1.str[j].uni_acct_name); + (*info)[i].full_name = unistr2_tdup(mem_ctx, &info1.str[j].uni_full_name); + (*info)[i].user_rid = info1.sam[j].rid_user; /* For the moment we set the primary group for every user to be the Domain Users group. There are serious problems with determining @@ -106,14 +117,10 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, This should really be made into a 'winbind force group' smb.conf parameter or something like that. */ - (*info)[i].group_sid - = rid_to_talloced_sid(domain, - mem_ctx, - DOMAIN_GROUP_RID_USERS); + (*info)[i].group_rid = DOMAIN_GROUP_RID_USERS; } talloc_destroy(ctx2); - } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); done: @@ -256,11 +263,11 @@ static NTSTATUS enum_local_groups(struct winbindd_domain *domain, /* convert a single name to a sid in a domain */ static NTSTATUS name_to_sid(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, const char *name, DOM_SID *sid, enum SID_NAME_USE *type) { + TALLOC_CTX *mem_ctx; CLI_POLICY_HND *hnd; NTSTATUS status; DOM_SID *sids = NULL; @@ -270,16 +277,23 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain, DEBUG(3,("rpc: name_to_sid name=%s\n", name)); + if (!(mem_ctx = talloc_init("name_to_sid[rpc] for [%s]\\[%s]", domain->name, name))) { + DEBUG(0, ("talloc_init failed!\n")); + return NT_STATUS_NO_MEMORY; + } + full_name = talloc_asprintf(mem_ctx, "%s\\%s", domain->name, name); if (!full_name) { DEBUG(0, ("talloc_asprintf failed!\n")); + talloc_destroy(mem_ctx); return NT_STATUS_NO_MEMORY; } retry = 0; do { if (!(hnd = cm_get_lsa_handle(domain->name))) { + talloc_destroy(mem_ctx); return NT_STATUS_UNSUCCESSFUL; } @@ -294,6 +308,7 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain, *type = types[0]; } + talloc_destroy(mem_ctx); return status; } @@ -341,22 +356,17 @@ static NTSTATUS sid_to_name(struct winbindd_domain *domain, /* Lookup user information from a rid or username. */ static NTSTATUS query_user(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *user_sid, + uint32 user_rid, WINBIND_USERINFO *user_info) { - CLI_POLICY_HND *hnd = NULL; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + CLI_POLICY_HND *hnd; + NTSTATUS result; POLICY_HND dom_pol, user_pol; BOOL got_dom_pol = False, got_user_pol = False; SAM_USERINFO_CTR *ctr; int retry; - fstring sid_string; - uint32 user_rid; - DEBUG(3,("rpc: query_user rid=%s\n", sid_to_string(sid_string, user_sid))); - if (!sid_peek_check_rid(&domain->sid, user_sid, &user_rid)) { - goto done; - } + DEBUG(3,("rpc: query_user rid=%u\n", user_rid)); retry = 0; do { @@ -395,8 +405,8 @@ static NTSTATUS query_user(struct winbindd_domain *domain, cli_samr_close(hnd->cli, mem_ctx, &user_pol); got_user_pol = False; - user_info->user_sid = rid_to_talloced_sid(domain, mem_ctx, user_rid); - user_info->group_sid = rid_to_talloced_sid(domain, mem_ctx, ctr->info.id21->group_rid); + user_info->user_rid = user_rid; + user_info->group_rid = ctr->info.id21->group_rid; user_info->acct_name = unistr2_tdup(mem_ctx, &ctr->info.id21->uni_user_name); user_info->full_name = unistr2_tdup(mem_ctx, @@ -416,8 +426,8 @@ static NTSTATUS query_user(struct winbindd_domain *domain, /* Lookup groups a user is a member of. I wish Unix had a call like this! */ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *user_sid, - uint32 *num_groups, DOM_SID ***user_gids) + uint32 user_rid, + uint32 *num_groups, uint32 **user_gids) { CLI_POLICY_HND *hnd; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; @@ -425,17 +435,15 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; BOOL got_dom_pol = False, got_user_pol = False; DOM_GID *user_groups; - unsigned int i; - unsigned int retry; - fstring sid_string; - uint32 user_rid; + int i; + int retry; - DEBUG(3,("rpc: lookup_usergroups sid=%s\n", sid_to_string(sid_string, user_sid))); + DEBUG(3,("rpc: lookup_usergroups rid=%u\n", user_rid)); *num_groups = 0; /* First try cached universal groups from logon */ - *user_gids = uni_group_cache_fetch(&domain->sid, user_sid, mem_ctx, num_groups); + *user_gids = uni_group_cache_fetch(&domain->sid, user_rid, mem_ctx, num_groups); if((*num_groups > 0) && *user_gids) { return NT_STATUS_OK; } else { @@ -451,7 +459,7 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, /* Get domain handle */ result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, - des_access, &domain->sid, &dom_pol); + des_access, &domain->sid, &dom_pol); } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && hnd && hnd->cli && hnd->cli->fd == -1); if (!NT_STATUS_IS_OK(result)) @@ -459,11 +467,6 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, got_dom_pol = True; - - if (!sid_peek_check_rid(&domain->sid, user_sid, &user_rid)) { - goto done; - } - /* Get user handle */ result = cli_samr_open_user(hnd->cli, mem_ctx, &dom_pol, des_access, user_rid, &user_pol); @@ -481,13 +484,8 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, goto done; (*user_gids) = talloc(mem_ctx, sizeof(uint32) * (*num_groups)); - if (!(*user_gids)) { - result = NT_STATUS_NO_MEMORY; - goto done; - } - for (i=0;i<(*num_groups);i++) { - (*user_gids)[i] = rid_to_talloced_sid(domain, mem_ctx, user_groups[i].g_rid); + (*user_gids)[i] = user_groups[i].g_rid; } done: @@ -505,27 +503,19 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, /* Lookup group membership given a rid. */ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - DOM_SID *group_sid, uint32 *num_names, - DOM_SID ***sid_mem, char ***names, + uint32 group_rid, uint32 *num_names, + uint32 **rid_mem, char ***names, uint32 **name_types) { - CLI_POLICY_HND *hnd = NULL; + CLI_POLICY_HND *hnd; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 i, total_names = 0; POLICY_HND dom_pol, group_pol; uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; BOOL got_dom_pol = False, got_group_pol = False; - uint32 *rid_mem = NULL; - uint32 group_rid; int retry; - unsigned int j; - fstring sid_string; - DEBUG(10,("rpc: lookup_groupmem %s sid=%s\n", domain->name, sid_to_string(sid_string, group_sid))); - - if (!sid_peek_check_rid(&domain->sid, group_sid, &group_rid)) { - goto done; - } + DEBUG(10,("rpc: lookup_groupmem %s rid=%u\n", domain->name, group_rid)); *num_names = 0; @@ -560,7 +550,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, group. */ result = cli_samr_query_groupmem(hnd->cli, mem_ctx, - &group_pol, num_names, &rid_mem, + &group_pol, num_names, rid_mem, name_types); if (!NT_STATUS_IS_OK(result)) @@ -575,16 +565,6 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, *names = talloc_zero(mem_ctx, *num_names * sizeof(char *)); *name_types = talloc_zero(mem_ctx, *num_names * sizeof(uint32)); - *sid_mem = talloc_zero(mem_ctx, *num_names * sizeof(DOM_SID *)); - - for (j=0;j<(*num_names);j++) { - (*sid_mem)[j] = rid_to_talloced_sid(domain, mem_ctx, (rid_mem)[j]); - } - - if (!*names || !*name_types) { - result = NT_STATUS_NO_MEMORY; - goto done; - } for (i = 0; i < *num_names; i += MAX_LOOKUP_RIDS) { int num_lookup_rids = MIN(*num_names - i, MAX_LOOKUP_RIDS); @@ -597,7 +577,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, result = cli_samr_lookup_rids(hnd->cli, mem_ctx, &dom_pol, 1000, /* flags */ num_lookup_rids, - &rid_mem[i], + &(*rid_mem)[i], &tmp_num_names, &tmp_names, &tmp_types); @@ -612,7 +592,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, memcpy(&(*name_types)[i], tmp_types, sizeof(uint32) * tmp_num_names); - + total_names += tmp_num_names; } diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c index d2bd231918..6c544d7cf2 100644 --- a/source3/nsswitch/winbindd_user.c +++ b/source3/nsswitch/winbindd_user.c @@ -29,30 +29,29 @@ /* Fill a pwent structure with information we have obtained */ static BOOL winbindd_fill_pwent(char *dom_name, char *user_name, - DOM_SID *user_sid, DOM_SID *group_sid, + uint32 user_rid, uint32 group_rid, char *full_name, struct winbindd_pw *pw) { extern userdom_struct current_user_info; fstring output_username; pstring homedir; - fstring sid_string; if (!pw || !dom_name || !user_name) return False; /* Resolve the uid number */ - if (!winbindd_idmap_get_uid_from_sid(user_sid, + if (!winbindd_idmap_get_uid_from_rid(dom_name, user_rid, &pw->pw_uid)) { - DEBUG(1, ("error getting user id for sid %s\n", sid_to_string(sid_string, user_sid))); + DEBUG(1, ("error getting user id for rid %d\n", user_rid)); return False; } /* Resolve the gid number */ - if (!winbindd_idmap_get_gid_from_sid(group_sid, + if (!winbindd_idmap_get_gid_from_rid(dom_name, group_rid, &pw->pw_gid)) { - DEBUG(1, ("error getting group id for sid %s\n", sid_to_string(sid_string, group_sid))); + DEBUG(1, ("error getting group id for rid %d\n", group_rid)); return False; } @@ -96,6 +95,7 @@ static BOOL winbindd_fill_pwent(char *dom_name, char *user_name, enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state) { + uint32 user_rid; WINBIND_USERINFO user_info; DOM_SID user_sid; NTSTATUS status; @@ -144,7 +144,9 @@ enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state) return WINBINDD_ERROR; } - status = domain->methods->query_user(domain, mem_ctx, &user_sid, + sid_split_rid(&user_sid, &user_rid); + + status = domain->methods->query_user(domain, mem_ctx, user_rid, &user_info); if (!NT_STATUS_IS_OK(status)) { @@ -156,7 +158,7 @@ enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state) /* Now take all this information and fill in a passwd structure */ if (!winbindd_fill_pwent(name_domain, name_user, - user_info.user_sid, user_info.group_sid, + user_rid, user_info.group_rid, user_info.full_name, &state->response.data.pw)) { talloc_destroy(mem_ctx); @@ -174,6 +176,7 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) { DOM_SID user_sid; struct winbindd_domain *domain; + uint32 user_rid; fstring dom_name; fstring user_name; enum SID_NAME_USE name_type; @@ -193,15 +196,18 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) /* Get rid from uid */ - if (!winbindd_idmap_get_sid_from_uid(state->request.data.uid, - &user_sid)) { - DEBUG(1, ("could not convert uid %d to SID\n", + if (!winbindd_idmap_get_rid_from_uid(state->request.data.uid, + &user_rid, &domain)) { + DEBUG(1, ("could not convert uid %d to rid\n", state->request.data.uid)); return WINBINDD_ERROR; } /* Get name and name type from rid */ + sid_copy(&user_sid, &domain->sid); + sid_append_rid(&user_sid, user_rid); + if (!winbindd_lookup_name_by_sid(&user_sid, dom_name, user_name, &name_type)) { fstring temp; @@ -210,13 +216,6 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) return WINBINDD_ERROR; } - domain = find_domain_from_sid(&user_sid); - - if (!domain) { - DEBUG(1,("Can't find domain from sid\n")); - return WINBINDD_ERROR; - } - /* Get some user info */ if (!(mem_ctx = talloc_init("winbind_getpwuid(%d)", @@ -226,7 +225,7 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) return WINBINDD_ERROR; } - status = domain->methods->query_user(domain, mem_ctx, &user_sid, + status = domain->methods->query_user(domain, mem_ctx, user_rid, &user_info); if (!NT_STATUS_IS_OK(status)) { @@ -238,7 +237,7 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) /* Resolve gid number */ - if (!winbindd_idmap_get_gid_from_sid(user_info.group_sid, &gid)) { + if (!winbindd_idmap_get_gid_from_rid(domain->name, user_info.group_rid, &gid)) { DEBUG(1, ("error getting group id for user %s\n", user_name)); talloc_destroy(mem_ctx); return WINBINDD_ERROR; @@ -246,8 +245,7 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) /* Fill in password structure */ - if (!winbindd_fill_pwent(domain->name, user_name, user_info.user_sid, - user_info.group_sid, + if (!winbindd_fill_pwent(domain->name, user_name, user_rid, user_info.group_rid, user_info.full_name, &state->response.data.pw)) { talloc_destroy(mem_ctx); return WINBINDD_ERROR; @@ -334,13 +332,13 @@ static BOOL get_sam_user_entries(struct getent_state *ent) TALLOC_CTX *mem_ctx; struct winbindd_domain *domain; struct winbindd_methods *methods; - unsigned int i; + int i; if (ent->num_sam_entries) return False; if (!(mem_ctx = talloc_init("get_sam_user_entries(%s)", - ent->domain_name))) + ent->domain_name))) return False; if (!(domain = find_domain_from_name(ent->domain_name))) { @@ -395,8 +393,8 @@ static BOOL get_sam_user_entries(struct getent_state *ent) } /* User and group ids */ - sid_copy(&name_list[ent->num_sam_entries+i].user_sid, info[i].user_sid); - sid_copy(&name_list[ent->num_sam_entries+i].group_sid, info[i].group_sid); + name_list[ent->num_sam_entries+i].user_rid = info[i].user_rid; + name_list[ent->num_sam_entries+i].group_rid = info[i].group_rid; } ent->num_sam_entries += num_entries; @@ -493,8 +491,8 @@ enum winbindd_result winbindd_getpwent(struct winbindd_cli_state *state) result = winbindd_fill_pwent( ent->domain_name, name_list[ent->sam_entry_index].name, - &name_list[ent->sam_entry_index].user_sid, - &name_list[ent->sam_entry_index].group_sid, + name_list[ent->sam_entry_index].user_rid, + name_list[ent->sam_entry_index].group_rid, name_list[ent->sam_entry_index].gecos, &user_list[user_list_ndx]); @@ -541,7 +539,7 @@ enum winbindd_result winbindd_list_users(struct winbindd_cli_state *state) for (domain = domain_list(); domain; domain = domain->next) { NTSTATUS status; struct winbindd_methods *methods; - unsigned int i; + int i; methods = domain->methods; diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index ac0b317b42..262d862b8a 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -179,7 +179,7 @@ void rescan_trusted_domains(BOOL force) int i; result = domain->methods->trusted_domains(domain, mem_ctx, &num_domains, - &names, &alt_names, &dom_sids); + &names, &alt_names, &dom_sids); if (!NT_STATUS_IS_OK(result)) { continue; } @@ -188,12 +188,9 @@ void rescan_trusted_domains(BOOL force) the access methods of its parent */ for(i = 0; i < num_domains; i++) { DEBUG(10,("Found domain %s\n", names[i])); - add_trusted_domain(names[i], alt_names?alt_names[i]:NULL, - domain->methods, &dom_sids[i]); - - /* store trusted domain in the cache */ - trustdom_cache_store(names[i], alt_names ? alt_names[i] : NULL, - &dom_sids[i], t + WINBINDD_RESCAN_FREQ); + add_trusted_domain(names[i], + alt_names?alt_names[i]:NULL, + domain->methods, &dom_sids[i]); } } @@ -271,20 +268,14 @@ BOOL winbindd_lookup_sid_by_name(struct winbindd_domain *domain, enum SID_NAME_USE *type) { NTSTATUS result; - TALLOC_CTX *mem_ctx; + /* Don't bother with machine accounts */ - + if (name[strlen(name) - 1] == '$') return False; - mem_ctx = talloc_init("lookup_sid_by_name for %s\n", name); - if (!mem_ctx) - return False; - /* Lookup name */ - result = domain->methods->name_to_sid(domain, mem_ctx, name, sid, type); - - talloc_destroy(mem_ctx); + result = domain->methods->name_to_sid(domain, name, sid, type); /* Return rid and type if lookup successful */ if (!NT_STATUS_IS_OK(result)) { @@ -380,12 +371,12 @@ BOOL winbindd_param_init(void) { /* Parse winbind uid and winbind_gid parameters */ - if (!lp_idmap_uid(&server_state.uid_low, &server_state.uid_high)) { + if (!lp_winbind_uid(&server_state.uid_low, &server_state.uid_high)) { DEBUG(0, ("winbind uid range missing or invalid\n")); return False; } - if (!lp_idmap_gid(&server_state.gid_low, &server_state.gid_high)) { + if (!lp_winbind_gid(&server_state.gid_low, &server_state.gid_high)) { DEBUG(0, ("winbind gid range missing or invalid\n")); return False; } @@ -558,20 +549,3 @@ int winbindd_num_clients(void) { return _num_clients; } - -/* Help with RID -> SID conversion */ - -DOM_SID *rid_to_talloced_sid(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - uint32 rid) -{ - DOM_SID *sid; - sid = talloc(mem_ctx, sizeof(*sid)); - if (!sid) { - smb_panic("rid_to_to_talloced_sid: talloc for DOM_SID failed!\n"); - } - sid_copy(sid, &domain->sid); - sid_append_rid(sid, rid); - return sid; -} - diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 4394c4df1a..821216837e 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -8,7 +8,6 @@ Copyright (C) Simo Sorce 2001 Copyright (C) Alexander Bokovoy 2002 Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Anthony Liguori 2003 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -82,13 +81,6 @@ extern int extra_time_offset; static BOOL defaults_saved = False; -typedef struct _param_opt_struct param_opt_struct; -struct _param_opt_struct { - param_opt_struct *prev, *next; - char *key; - char *value; -}; - /* * This structure describes global (ie., server-wide) parameters. */ @@ -120,6 +112,7 @@ typedef struct char *szPrivateDir; char **szPassdbBackend; char **szPreloadModules; + char **szSamBackend; char *szPasswordServer; char *szSocketOptions; char *szRealm; @@ -161,18 +154,16 @@ typedef struct BOOL bUtmp; #endif char *szSourceEnv; - char *szIdmapUID; - char *szIdmapGID; + char *szWinbindUID; + char *szWinbindGID; char *szNonUnixAccountRange; - int AlgorithmicRidBase; + BOOL bAlgorithmicRidBase; char *szTemplateHomedir; char *szTemplateShell; char *szWinbindSeparator; BOOL bWinbindEnumUsers; BOOL bWinbindEnumGroups; BOOL bWinbindUseDefaultDomain; - char *szWinbindBackend; - char *szIdmapBackend; char *szAddShareCommand; char *szChangeShareCommand; char *szDeleteShareCommand; @@ -287,7 +278,6 @@ typedef struct int restrict_anonymous; int name_cache_timeout; BOOL client_signing; - param_opt_struct *param_opt; } global; @@ -410,7 +400,6 @@ typedef struct BOOL bNTAclSupport; BOOL bUseSendfile; BOOL bProfileAcls; - param_opt_struct *param_opt; char dummy[3]; /* for alignment */ } @@ -531,8 +520,6 @@ static service sDefault = { True, /* bNTAclSupport */ False, /* bUseSendfile */ False, /* bProfileAcls */ - - NULL, /* Parametric options */ "" /* dummy */ }; @@ -551,10 +538,11 @@ static int default_server_announce; /* prototypes for the special type handlers */ static BOOL handle_include(const char *pszParmValue, char **ptr); static BOOL handle_copy(const char *pszParmValue, char **ptr); +static BOOL handle_vfs_object(const char *pszParmValue, char **ptr); static BOOL handle_source_env(const char *pszParmValue, char **ptr); static BOOL handle_netbios_name(const char *pszParmValue, char **ptr); -static BOOL handle_idmap_uid(const char *pszParmValue, char **ptr); -static BOOL handle_idmap_gid(const char *pszParmValue, char **ptr); +static BOOL handle_winbind_uid(const char *pszParmValue, char **ptr); +static BOOL handle_winbind_gid(const char *pszParmValue, char **ptr); static BOOL handle_non_unix_account_range(const char *pszParmValue, char **ptr); static BOOL handle_debug_list( const char *pszParmValue, char **ptr ); static BOOL handle_workgroup( const char *pszParmValue, char **ptr ); @@ -755,7 +743,6 @@ static struct parm_struct parm_table[] = { {"server schannel", P_ENUM, P_GLOBAL, &Globals.serverSchannel, NULL, enum_bool_auto, FLAG_BASIC}, {"allow trusted domains", P_BOOL, P_GLOBAL, &Globals.bAllowTrustedDomains, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"hosts equiv", P_STRING, P_GLOBAL, &Globals.szHostsEquiv, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"idmap backend", P_STRING, P_GLOBAL, &Globals.szIdmapBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"min passwd length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"min password length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"map to guest", P_ENUM, P_GLOBAL, &Globals.map_to_guest, NULL, enum_map_to_guest, FLAG_ADVANCED | FLAG_DEVELOPER}, @@ -764,9 +751,9 @@ static struct parm_struct parm_table[] = { {"password server", P_STRING, P_GLOBAL, &Globals.szPasswordServer, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD | FLAG_DEVELOPER}, {"smb passwd file", P_STRING, P_GLOBAL, &Globals.szSMBPasswdFile, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"passdb backend", P_LIST, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, + {"passdb backend", P_LIST, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD | FLAG_DEVELOPER}, {"non unix account range", P_STRING, P_GLOBAL, &Globals.szNonUnixAccountRange, handle_non_unix_account_range, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"algorithmic rid base", P_INTEGER, P_GLOBAL, &Globals.AlgorithmicRidBase, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, + {"algorithmic rid base", P_INTEGER, P_GLOBAL, &Globals.bAlgorithmicRidBase, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"root directory", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"root dir", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"root", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_HIDE | FLAG_DEVELOPER}, @@ -776,7 +763,7 @@ static struct parm_struct parm_table[] = { {"passwd program", P_STRING, P_GLOBAL, &Globals.szPasswdProgram, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"passwd chat", P_STRING, P_GLOBAL, &Globals.szPasswdChat, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"passwd chat debug", P_BOOL, P_GLOBAL, &Globals.bPasswdChatDebug, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"username map", P_STRING, P_GLOBAL, &Globals.szUsernameMap, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, + {"username map", P_STRING, P_GLOBAL, &Globals.szUsernameMap, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER | FLAG_DEVELOPER}, {"password level", P_INTEGER, P_GLOBAL, &Globals.pwordlevel, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"username level", P_INTEGER, P_GLOBAL, &Globals.unamelevel, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"unix password sync", P_BOOL, P_GLOBAL, &Globals.bUnixPasswdSync, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, @@ -806,12 +793,12 @@ static struct parm_struct parm_table[] = { {"writable", P_BOOLREV, P_LOCAL, &sDefault.bRead_only, NULL, NULL, FLAG_HIDE}, {"create mask", P_OCTAL, P_LOCAL, &sDefault.iCreate_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE}, - {"create mode", P_OCTAL, P_LOCAL, &sDefault.iCreate_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE}, + {"create mode", P_OCTAL, P_LOCAL, &sDefault.iCreate_mask, NULL, NULL, FLAG_GLOBAL}, {"force create mode", P_OCTAL, P_LOCAL, &sDefault.iCreate_force_mode, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE}, {"security mask", P_OCTAL, P_LOCAL, &sDefault.iSecurity_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE}, {"force security mode", P_OCTAL, P_LOCAL, &sDefault.iSecurity_force_mode, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE}, {"directory mask", P_OCTAL, P_LOCAL, &sDefault.iDir_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE}, - {"directory mode", P_OCTAL, P_LOCAL, &sDefault.iDir_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE}, + {"directory mode", P_OCTAL, P_LOCAL, &sDefault.iDir_mask, NULL, NULL, FLAG_GLOBAL}, {"force directory mode", P_OCTAL, P_LOCAL, &sDefault.iDir_force_mode, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE}, {"directory security mask", P_OCTAL, P_LOCAL, &sDefault.iDir_Security_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE}, {"force directory security mode", P_OCTAL, P_LOCAL, &sDefault.iDir_Security_force_mode, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE}, @@ -1108,7 +1095,7 @@ static struct parm_struct parm_table[] = { {"VFS module options", P_SEP, P_SEPARATOR}, - {"vfs object", P_LIST, P_LOCAL, &sDefault.szVfsObjectFile, NULL, NULL, FLAG_SHARE}, + {"vfs object", P_STRING, P_LOCAL, &sDefault.szVfsObjectFile, handle_vfs_object, NULL, FLAG_SHARE}, {"vfs options", P_STRING, P_LOCAL, &sDefault.szVfsOptions, NULL, NULL, FLAG_SHARE}, {"vfs path", P_STRING, P_LOCAL, &sDefault.szVfsPath, NULL, NULL, FLAG_SHARE}, @@ -1119,10 +1106,8 @@ static struct parm_struct parm_table[] = { {"Winbind options", P_SEP, P_SEPARATOR}, - {"idmap uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"winbind uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER | FLAG_HIDE}, - {"idmap gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"winbind gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER | FLAG_HIDE}, + {"winbind uid", P_STRING, P_GLOBAL, &Globals.szWinbindUID, handle_winbind_uid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, + {"winbind gid", P_STRING, P_GLOBAL, &Globals.szWinbindGID, handle_winbind_gid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"template homedir", P_STRING, P_GLOBAL, &Globals.szTemplateHomedir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"template shell", P_STRING, P_GLOBAL, &Globals.szTemplateShell, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"winbind separator", P_STRING, P_GLOBAL, &Globals.szWinbindSeparator, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, @@ -1130,7 +1115,6 @@ static struct parm_struct parm_table[] = { {"winbind enum users", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumUsers, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"winbind enum groups", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumGroups, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"winbind use default domain", P_BOOL, P_GLOBAL, &Globals.bWinbindUseDefaultDomain, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"winbind backend", P_STRING, P_GLOBAL, &Globals.szWinbindBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0} }; @@ -1330,7 +1314,7 @@ static void init_globals(void) string_set(&Globals.szNameResolveOrder, "lmhosts wins host bcast"); string_set(&Globals.szPasswordServer, "*"); - Globals.AlgorithmicRidBase = BASE_RID; + Globals.bAlgorithmicRidBase = BASE_RID; Globals.bLoadPrinters = True; Globals.mangled_stack = 50; @@ -1477,8 +1461,6 @@ static void init_globals(void) Globals.bWinbindEnumGroups = True; Globals.bWinbindUseDefaultDomain = False; - string_set(&Globals.szWinbindBackend, "tdb"); - Globals.name_cache_timeout = 660; /* In seconds */ Globals.bUseSpnego = True; @@ -1529,9 +1511,6 @@ static char *lp_string(const char *s) if (!ret) return NULL; - /* Note: StrnCpy touches len+1 bytes, but we allocate 100 - * extra bytes so we're OK. */ - if (!s) *ret = 0; else @@ -1653,9 +1632,6 @@ FN_GLOBAL_STRING(lp_acl_compatibility, &Globals.szAclCompat) FN_GLOBAL_BOOL(lp_winbind_enum_users, &Globals.bWinbindEnumUsers) FN_GLOBAL_BOOL(lp_winbind_enum_groups, &Globals.bWinbindEnumGroups) FN_GLOBAL_BOOL(lp_winbind_use_default_domain, &Globals.bWinbindUseDefaultDomain) -FN_GLOBAL_STRING(lp_winbind_backend, &Globals.szWinbindBackend) - -FN_GLOBAL_STRING(lp_idmap_backend, &Globals.szIdmapBackend) #ifdef WITH_LDAP_SAMCONFIG FN_GLOBAL_STRING(lp_ldap_server, &Globals.szLdapServer) @@ -1791,7 +1767,7 @@ FN_LOCAL_LIST(lp_readlist, readlist) FN_LOCAL_LIST(lp_writelist, writelist) FN_LOCAL_LIST(lp_printer_admin, printer_admin) FN_LOCAL_STRING(lp_fstype, fstype) -FN_LOCAL_LIST(lp_vfsobj, szVfsObjectFile) +FN_LOCAL_STRING(lp_vfsobj, szVfsObjectFile) FN_LOCAL_STRING(lp_vfs_options, szVfsOptions) FN_LOCAL_STRING(lp_vfs_path, szVfsPath) FN_LOCAL_STRING(lp_msdfs_proxy, szMSDfsProxy) @@ -1869,10 +1845,53 @@ FN_LOCAL_INTEGER(lp_block_size, iBlock_size) FN_LOCAL_CHAR(lp_magicchar, magic_char) FN_GLOBAL_INTEGER(lp_winbind_cache_time, &Globals.winbind_cache_time) FN_GLOBAL_BOOL(lp_hide_local_users, &Globals.bHideLocalUsers) -FN_GLOBAL_INTEGER(lp_algorithmic_rid_base, &Globals.AlgorithmicRidBase) +FN_GLOBAL_BOOL(lp_algorithmic_rid_base, &Globals.bAlgorithmicRidBase) FN_GLOBAL_INTEGER(lp_name_cache_timeout, &Globals.name_cache_timeout) FN_GLOBAL_BOOL(lp_client_signing, &Globals.client_signing) +typedef struct _param_opt_struct param_opt_struct; +struct _param_opt_struct { + char *key; + char *value; + param_opt_struct *prev, *next; +}; + +static param_opt_struct *param_opt = NULL; + +/* Return parametric option from given service. Type is a part of option before ':' */ +/* Parametric option has following syntax: 'Type: option = value' */ +/* Returned value is allocated in 'lp_talloc' context */ + +char *lp_parm_string(const char *servicename, const char *type, const char *option) +{ + param_opt_struct *data; + pstring vfskey; + + if (param_opt != NULL) { + ZERO_STRUCT(vfskey); + pstr_sprintf(vfskey, "%s:%s:%s", (servicename==NULL) ? "global" : servicename, + type, option); + data = param_opt; + while (data) { + if (strcmp(data->key, vfskey) == 0) { + return lp_string(data->value); + } + data = data->next; + } + /* Try to fetch the same option but from globals */ + pstr_sprintf(vfskey, "global:%s:%s", type, option); + data = param_opt; + while (data) { + if (strcmp(data->key, vfskey) == 0) { + return lp_string(data->value); + } + data = data->next; + } + + } + return NULL; +} + /* local prototypes */ static int map_parameter(const char *pszParmName); @@ -1886,198 +1905,6 @@ static BOOL do_parameter(const char *pszParmName, const char *pszParmValue); static BOOL do_section(const char *pszSectionName); static void init_copymap(service * pservice); -/* This is a helper function for parametrical options support. */ -/* It returns a pointer to parametrical option value if it exists or NULL otherwise */ -/* Actual parametrical functions are quite simple */ -static const char *get_parametrics(int lookup_service, const char *type, const char *option) -{ - char* vfskey; - param_opt_struct *data; - - if (lookup_service >= iNumServices) return NULL; - - data = (lookup_service < 0) ? - Globals.param_opt : ServicePtrs[lookup_service]->param_opt; - - asprintf(&vfskey, "%s:%s", type, option); - while (data) { - if (strcmp(data->key, vfskey) == 0) { - string_free(&vfskey); - return data->value; - } - data = data->next; - } - - if (lookup_service >= 0) { - /* Try to fetch the same option but from globals */ - /* but only if we are not already working with Globals */ - data = Globals.param_opt; - while (data) { - if (strcmp(data->key, vfskey) == 0) { - string_free(&vfskey); - return data->value; - } - data = data->next; - } - } - - string_free(&vfskey); - - return NULL; -} - - -/******************************************************************* -convenience routine to return int parameters. -********************************************************************/ -static int lp_int(const char *s) -{ - - if (!s) { - DEBUG(0,("lp_int(%s): is called with NULL!\n",s)); - return (-1); - } - - return atoi(s); -} - -/******************************************************************* -convenience routine to return unsigned long parameters. -********************************************************************/ -static int lp_ulong(const char *s) -{ - - if (!s) { - DEBUG(0,("lp_int(%s): is called with NULL!\n",s)); - return (-1); - } - - return strtoul(s, NULL, 10); -} - -/******************************************************************* -convenience routine to return boolean parameters. -********************************************************************/ -static BOOL lp_bool(const char *s) -{ - BOOL ret = False; - - if (!s) { - DEBUG(0,("lp_bool(%s): is called with NULL!\n",s)); - return False; - } - - if (!set_boolean(&ret,s)) { - DEBUG(0,("lp_bool(%s): value is not boolean!\n",s)); - return False; - } - - return ret; -} - -/******************************************************************* -convenience routine to return enum parameters. -********************************************************************/ -static int lp_enum(const char *s,const struct enum_list *_enum) -{ - int i; - - if (!s || !_enum) { - DEBUG(0,("lp_enum(%s,enum): is called with NULL!\n",s)); - return False; - } - - for (i=0; _enum[i].name; i++) { - if (strcasecmp(_enum[i].name,s)==0) - return _enum[i].value; - } - - DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s)); - return (-1); -} - -/* Return parametric option from a given service. Type is a part of option before ':' */ -/* Parametric option has following syntax: 'Type: option = value' */ -/* Returned value is allocated in 'lp_talloc' context */ - -char *lp_parm_string(int lookup_service, const char *type, const char *option) -{ - const char *value = get_parametrics(lookup_service, type, option); - - if (value) - return lp_string(value); - - return NULL; -} - -/* Return parametric option from a given service. Type is a part of option before ':' */ -/* Parametric option has following syntax: 'Type: option = value' */ -/* Returned value is allocated in 'lp_talloc' context */ - -char **lp_parm_string_list(int lookup_service, const char *type, const char *option, - const char *separator) -{ - const char *value = get_parametrics(lookup_service, type, option); - - if (value) - return str_list_make(value, separator); - - return NULL; -} - -/* Return parametric option from a given service. Type is a part of option before ':' */ -/* Parametric option has following syntax: 'Type: option = value' */ - -int lp_parm_int(int lookup_service, const char *type, const char *option) -{ - const char *value = get_parametrics(lookup_service, type, option); - - if (value) - return lp_int(value); - - return (-1); -} - -/* Return parametric option from a given service. Type is a part of option before ':' */ -/* Parametric option has following syntax: 'Type: option = value' */ - -unsigned long lp_parm_ulong(int lookup_service, const char *type, const char *option) -{ - const char *value = get_parametrics(lookup_service, type, option); - - if (value) - return lp_ulong(value); - - return (0); -} - -/* Return parametric option from a given service. Type is a part of option before ':' */ -/* Parametric option has following syntax: 'Type: option = value' */ - -BOOL lp_parm_bool(int lookup_service, const char *type, const char *option) -{ - const char *value = get_parametrics(lookup_service, type, option); - - if (value) - return lp_bool(value); - - return False; -} - -/* Return parametric option from a given service. Type is a part of option before ':' */ -/* Parametric option has following syntax: 'Type: option = value' */ - -int lp_parm_enum(int lookup_service, const char *type, const char *option, - const struct enum_list *_enum) -{ - const char *value = get_parametrics(lookup_service, type, option); - - if (value) - return lp_enum(value, _enum); - - return (-1); -} - /*************************************************************************** Initialise a service to the defaults. @@ -2096,7 +1923,6 @@ static void init_service(service * pservice) static void free_service(service *pservice) { int i; - param_opt_struct *data, *pdata; if (!pservice) return; @@ -2121,16 +1947,6 @@ static void free_service(service *pservice) PTR_DIFF(parm_table[i].ptr, &sDefault))); } - DEBUG(5,("Freeing parametrics:\n")); - data = pservice->param_opt; - while (data) { - DEBUG(5,("[%s = %s]\n", data->key, data->value)); - string_free(&data->key); - string_free(&data->value); - pdata = data->next; - SAFE_FREE(data); - data = pdata; - } ZERO_STRUCTP(pservice); } @@ -2145,27 +1961,14 @@ static int add_a_service(const service *pservice, const char *name) int i; service tservice; int num_to_alloc = iNumServices + 1; - param_opt_struct *data, *pdata; tservice = *pservice; /* it might already exist */ if (name) { i = getservicebyname(name, NULL); - if (i >= 0) { - /* Clean all parametric options for service */ - /* They will be added during parsing again */ - data = ServicePtrs[i]->param_opt; - while (data) { - string_free(&data->key); - string_free(&data->value); - pdata = data->next; - SAFE_FREE(data); - data = pdata; - } - ServicePtrs[i]->param_opt = NULL; + if (i >= 0) return (i); - } } /* find an invalid one */ @@ -2408,8 +2211,6 @@ static void copy_service(service * pserviceDest, service * pserviceSource, BOOL { int i; BOOL bcopyall = (pcopymapDest == NULL); - param_opt_struct *data, *pdata, *paramo; - BOOL not_added; for (i = 0; parm_table[i].label; i++) if (parm_table[i].ptr && parm_table[i].class == P_LOCAL && @@ -2463,30 +2264,6 @@ static void copy_service(service * pserviceDest, service * pserviceSource, BOOL (void *)pserviceSource->copymap, sizeof(BOOL) * NUMPARAMETERS); } - - data = pserviceSource->param_opt; - while (data) { - not_added = True; - pdata = pserviceDest->param_opt; - /* Traverse destination */ - while (pdata) { - /* If we already have same option, override it */ - if (strcmp(pdata->key, data->key) == 0) { - string_free(&pdata->value); - pdata->value = strdup(data->value); - not_added = False; - break; - } - pdata = pdata->next; - } - if (not_added) { - paramo = smb_xmalloc(sizeof(param_opt_struct)); - paramo->key = strdup(data->key); - paramo->value = strdup(data->value); - DLIST_ADD(pserviceDest->param_opt, paramo); - } - data = data->next; - } } /*************************************************************************** @@ -2756,6 +2533,22 @@ static BOOL handle_source_env(const char *pszParmValue, char **ptr) } /*************************************************************************** + Handle the interpretation of the vfs object parameter. +*************************************************************************/ + +static BOOL handle_vfs_object(const char *pszParmValue, char **ptr) +{ + /* Set string value */ + + string_set(ptr, pszParmValue); + + /* Do any other initialisation required for vfs. Note that + anything done here may have linking repercussions in nmbd. */ + + return True; +} + +/*************************************************************************** Handle the include operation. ***************************************************************************/ @@ -2815,49 +2608,49 @@ static BOOL handle_copy(const char *pszParmValue, char **ptr) } /*************************************************************************** - Handle idmap/non unix account uid and gid allocation parameters. The format of these + Handle winbind/non unix account uid and gid allocation parameters. The format of these parameters is: [global] - idmap uid = 1000-1999 - idmap gid = 700-899 + winbind uid = 1000-1999 + winbind gid = 700-899 We only do simple parsing checks here. The strings are parsed into useful - structures in the idmap daemon code. + structures in the winbind daemon code. ***************************************************************************/ -/* Some lp_ routines to return idmap [ug]id information */ +/* Some lp_ routines to return winbind [ug]id information */ -static uid_t idmap_uid_low, idmap_uid_high; -static gid_t idmap_gid_low, idmap_gid_high; +static uid_t winbind_uid_low, winbind_uid_high; +static gid_t winbind_gid_low, winbind_gid_high; static uint32 non_unix_account_low, non_unix_account_high; -BOOL lp_idmap_uid(uid_t *low, uid_t *high) +BOOL lp_winbind_uid(uid_t *low, uid_t *high) { - if (idmap_uid_low == 0 || idmap_uid_high == 0) + if (winbind_uid_low == 0 || winbind_uid_high == 0) return False; if (low) - *low = idmap_uid_low; + *low = winbind_uid_low; if (high) - *high = idmap_uid_high; + *high = winbind_uid_high; return True; } -BOOL lp_idmap_gid(gid_t *low, gid_t *high) +BOOL lp_winbind_gid(gid_t *low, gid_t *high) { - if (idmap_gid_low == 0 || idmap_gid_high == 0) + if (winbind_gid_low == 0 || winbind_gid_high == 0) return False; if (low) - *low = idmap_gid_low; + *low = winbind_gid_low; if (high) - *high = idmap_gid_high; + *high = winbind_gid_high; return True; } @@ -2876,9 +2669,9 @@ BOOL lp_non_unix_account_range(uint32 *low, uint32 *high) return True; } -/* Do some simple checks on "idmap [ug]id" parameter values */ +/* Do some simple checks on "winbind [ug]id" parameter values */ -static BOOL handle_idmap_uid(const char *pszParmValue, char **ptr) +static BOOL handle_winbind_uid(const char *pszParmValue, char **ptr) { uint32 low, high; @@ -2889,13 +2682,13 @@ static BOOL handle_idmap_uid(const char *pszParmValue, char **ptr) string_set(ptr, pszParmValue); - idmap_uid_low = low; - idmap_uid_high = high; + winbind_uid_low = low; + winbind_uid_high = high; return True; } -static BOOL handle_idmap_gid(const char *pszParmValue, char **ptr) +static BOOL handle_winbind_gid(const char *pszParmValue, char **ptr) { uint32 low, high; @@ -2906,8 +2699,8 @@ static BOOL handle_idmap_gid(const char *pszParmValue, char **ptr) string_set(ptr, pszParmValue); - idmap_gid_low = low; - idmap_gid_high = high; + winbind_gid_low = low; + winbind_gid_high = high; return True; } @@ -3085,8 +2878,7 @@ BOOL lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue void *def_ptr = NULL; pstring vfskey; char *sep; - param_opt_struct *paramo, *data; - BOOL not_added; + param_opt_struct *paramo; parmnum = map_parameter(pszParmName); @@ -3094,35 +2886,15 @@ BOOL lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue if ((sep=strchr(pszParmName, ':')) != NULL) { *sep = 0; ZERO_STRUCT(vfskey); - pstr_sprintf(vfskey, "%s:", pszParmName); + pstr_sprintf(vfskey, "%s:%s:", + (snum >= 0) ? lp_servicename(snum) : "global", pszParmName); slen = strlen(vfskey); pstrcat(vfskey, sep+1); trim_string(vfskey+slen, " ", " "); - not_added = True; - data = (snum < 0) ? Globals.param_opt : - ServicePtrs[snum]->param_opt; - /* Traverse destination */ - while (data) { - /* If we already have same option, override it */ - if (strcmp(data->key, vfskey) == 0) { - string_free(&data->value); - data->value = strdup(pszParmValue); - not_added = False; - break; - } - data = data->next; - } - if (not_added) { - paramo = smb_xmalloc(sizeof(param_opt_struct)); - paramo->key = strdup(vfskey); - paramo->value = strdup(pszParmValue); - if (snum < 0) { - DLIST_ADD(Globals.param_opt, paramo); - } else { - DLIST_ADD(ServicePtrs[snum]->param_opt, paramo); - } - } - + paramo = smb_xmalloc(sizeof(param_opt_struct)); + paramo->key = strdup(vfskey); + paramo->value = strdup(pszParmValue); + DLIST_ADD(param_opt, paramo); *sep = ':'; return (True); } @@ -3472,6 +3244,7 @@ static void dump_globals(FILE *f) { int i; param_opt_struct *data; + char *s; fprintf(f, "# Global parameters\n[global]\n"); @@ -3485,11 +3258,14 @@ static void dump_globals(FILE *f) print_parameter(&parm_table[i], parm_table[i].ptr, f); fprintf(f, "\n"); } - if (Globals.param_opt != NULL) { - data = Globals.param_opt; + if (param_opt != NULL) { + data = param_opt; while(data) { - fprintf(f, "\t%s = %s\n", data->key, data->value); - data = data->next; + if (((s=strstr(data->key, "global")) == data->key) && + (*(s+strlen("global")) == ':')) { + fprintf(f, "\t%s = %s\n", s+strlen("global")+1, data->value); + } + data = data->next; } } @@ -3516,6 +3292,8 @@ static void dump_a_service(service * pService, FILE * f) { int i; param_opt_struct *data; + const char *sn; + char *s; if (pService != &sDefault) fprintf(f, "\n[%s]\n", pService->szService); @@ -3544,11 +3322,15 @@ static void dump_a_service(service * pService, FILE * f) ((char *)pService) + pdiff, f); fprintf(f, "\n"); } - if (pService->param_opt != NULL) { - data = pService->param_opt; + if (param_opt != NULL) { + data = param_opt; + sn = (pService == &sDefault) ? "global" : pService->szService; while(data) { - fprintf(f, "\t%s = %s\n", data->key, data->value); - data = data->next; + if (((s=strstr(data->key, sn)) == data->key) && + (*(s+strlen(sn)) == ':')) { + fprintf(f, "\t%s = %s\n", s+strlen(sn)+1, data->value); + } + data = data->next; } } } @@ -3810,18 +3592,7 @@ static void set_server_role(void) DEBUG(0, ("Server's Role (logon server) conflicts with share-level security\n")); break; case SEC_SERVER: - if (lp_domain_logons()) - DEBUG(0, ("Server's Role (logon server) conflicts with server-level security\n")); - server_role = ROLE_DOMAIN_MEMBER; - break; case SEC_DOMAIN: - if (lp_domain_logons()) { - DEBUG(1, ("Server's Role (logon server) NOT ADVISED with domain-level security\n")); - server_role = ROLE_DOMAIN_BDC; - break; - } - server_role = ROLE_DOMAIN_MEMBER; - break; case SEC_ADS: if (lp_domain_logons()) { server_role = ROLE_DOMAIN_PDC; @@ -3894,16 +3665,16 @@ BOOL lp_load(const char *pszFname, BOOL global_only, BOOL save_defaults, lp_save_defaults(); } - if (Globals.param_opt != NULL) { - data = Globals.param_opt; + if (param_opt != NULL) { + data = param_opt; while (data) { - string_free(&data->key); - string_free(&data->value); + SAFE_FREE(data->key); + SAFE_FREE(data->value); pdata = data->next; SAFE_FREE(data); data = pdata; } - Globals.param_opt = NULL; + param_opt = NULL; } /* We get sections first, so have to start 'behind' to make up */ diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index a86d936263..80b4bb4dc3 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -490,7 +490,7 @@ BOOL pdb_set_init_flags (SAM_ACCOUNT *sampass, enum pdb_elements element, enum p DEBUG(0,("Can't set flag: %d in set_flags.\n",element)); return False; } - DEBUG(10, ("element %d -> now SET\n", element)); + DEBUG(11, ("element %d -> now SET\n", element)); break; case PDB_DEFAULT: default: @@ -502,7 +502,7 @@ BOOL pdb_set_init_flags (SAM_ACCOUNT *sampass, enum pdb_elements element, enum p DEBUG(0,("Can't set flag: %d in set_flags.\n",element)); return False; } - DEBUG(11, ("element %d -> now DEFAULT\n", element)); + DEBUG(10, ("element %d -> now DEFAULT\n", element)); break; } diff --git a/source3/passdb/pdb_guest.c b/source3/passdb/pdb_guest.c index f5a15057e0..88a75aa667 100644 --- a/source3/passdb/pdb_guest.c +++ b/source3/passdb/pdb_guest.c @@ -122,8 +122,3 @@ NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, c return NT_STATUS_OK; } -int pdb_guest_init(void) -{ - return smb_register_passdb("guest", pdb_init_guestsam, PASSDB_INTERFACE_VERSION); -} - diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 8adcd9dbfa..42be673d25 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -24,57 +24,21 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_PASSDB -static struct pdb_init_function_entry *backends = NULL; - -static void lazy_initialize_passdb(void) -{ - static BOOL initialized = False; - if(initialized)return; - static_init_pdb; - initialized = True; -} - -BOOL smb_register_passdb(const char *name, pdb_init_function init, int version) -{ - struct pdb_init_function_entry *entry = backends; - - if(version != PASSDB_INTERFACE_VERSION) - return False; - - DEBUG(5,("Attempting to register passdb backend %s\n", name)); - - /* Check for duplicates */ - while(entry) { - if(strcasecmp(name, entry->name) == 0) { - DEBUG(0,("There already is a passdb backend registered with the name %s!\n", name)); - return False; - } - entry = entry->next; - } - - entry = smb_xmalloc(sizeof(struct pdb_init_function_entry)); - entry->name = smb_xstrdup(name); - entry->init = init; - - DLIST_ADD(backends, entry); - DEBUG(5,("Successfully added passdb backend '%s'\n", name)); - return True; -} - -static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name) -{ - struct pdb_init_function_entry *entry = backends; - pstring stripped; - - module_path_get_name(name, stripped); - - while(entry) { - if (strequal(entry->name, stripped)) return entry; - entry = entry->next; - } - - return NULL; -} +/** List of various built-in passdb modules */ + +const struct pdb_init_function_entry builtin_pdb_init_functions[] = { + { "smbpasswd", pdb_init_smbpasswd }, + { "smbpasswd_nua", pdb_init_smbpasswd_nua }, + { "tdbsam", pdb_init_tdbsam }, + { "tdbsam_nua", pdb_init_tdbsam_nua }, + { "ldapsam", pdb_init_ldapsam }, + { "ldapsam_nua", pdb_init_ldapsam_nua }, + { "unixsam", pdb_init_unixsam }, + { "guest", pdb_init_guestsam }, + { "nisplussam", pdb_init_nisplussam }, + { "plugin", pdb_init_plugin }, + { NULL, NULL} +}; static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update) { @@ -408,10 +372,8 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c { char *module_name = smb_xstrdup(selected); char *module_location = NULL, *p; - struct pdb_init_function_entry *entry; NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; - - lazy_initialize_passdb(); + int i; p = strchr(module_name, ':'); @@ -423,37 +385,27 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c trim_string(module_name, " ", " "); - DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name)); - - entry = pdb_find_backend_entry(module_name); - - /* Try to find a module that contains this module */ - if (!entry) { - DEBUG(2,("No builtin backend found, trying to load plugin\n")); - if(smb_probe_module("passdb", module_name) && !(entry = pdb_find_backend_entry(module_name))) { - DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", module_name)); + for (i = 0; builtin_pdb_init_functions[i].name; i++) + { + if (strequal(builtin_pdb_init_functions[i].name, module_name)) + { + DEBUG(5,("Found pdb backend %s (at pos %d)\n", module_name, i)); + nt_status = builtin_pdb_init_functions[i].init(context, methods, module_location); + if (NT_STATUS_IS_OK(nt_status)) { + DEBUG(5,("pdb backend %s has a valid init\n", selected)); + } else { + DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status))); + } SAFE_FREE(module_name); - return NT_STATUS_UNSUCCESSFUL; + return nt_status; + break; /* unreached */ } } - + /* No such backend found */ - if(!entry) { - DEBUG(0,("No builtin nor plugin backend for %s found\n", module_name)); - SAFE_FREE(module_name); - return NT_STATUS_INVALID_PARAMETER; - } - - DEBUG(5,("Found pdb backend %s\n", module_name)); - nt_status = entry->init(context, methods, module_location); - if (NT_STATUS_IS_OK(nt_status)) { - DEBUG(5,("pdb backend %s has a valid init\n", selected)); - } else { - DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status))); - } SAFE_FREE(module_name); - return nt_status; + return NT_STATUS_INVALID_PARAMETER; } /****************************************************************** diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index edae69f2cd..361cb8638a 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -6,7 +6,6 @@ Copyright (C) Shahms King 2001 Copyright (C) Andrew Bartlett 2002 Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jim McDonough 2003 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -29,6 +28,7 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_PASSDB +#ifdef HAVE_LDAP /* TODO: * persistent connections: if using NSS LDAP, many connections are made * however, using only one within Samba would be nice @@ -52,13 +52,36 @@ #include <lber.h> #include <ldap.h> -#include "smb_ldap.h" - #ifndef SAM_ACCOUNT #define SAM_ACCOUNT struct sam_passwd #endif -static uint32 ldapsam_get_next_available_nua_rid(struct smb_ldap_privates *ldap_state); +struct ldapsam_privates { + + /* Former statics */ + LDAP *ldap_struct; + LDAPMessage *result; + LDAPMessage *entry; + int index; + + time_t last_ping; + /* retrive-once info */ + const char *uri; + + BOOL permit_non_unix_accounts; + + uint32 low_nua_rid; + uint32 high_nua_rid; + + char *bind_dn; + char *bind_secret; +}; + +#define LDAPSAM_DONT_PING_TIME 10 /* ping only all 10 seconds */ + +static struct ldapsam_privates *static_ldap_state; + +static uint32 ldapsam_get_next_available_nua_rid(struct ldapsam_privates *ldap_state); /******************************************************************* find the ldap password @@ -136,16 +159,495 @@ static const char *attr[] = {"uid", "pwdLastSet", "logonTime", "homeDirectory", NULL }; /******************************************************************* + open a connection to the ldap server. +******************************************************************/ +static int ldapsam_open_connection (struct ldapsam_privates *ldap_state, LDAP ** ldap_struct) +{ + int rc = LDAP_SUCCESS; + int version; + BOOL ldap_v3 = False; + +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) + DEBUG(10, ("ldapsam_open_connection: %s\n", ldap_state->uri)); + + if ((rc = ldap_initialize(ldap_struct, ldap_state->uri)) != LDAP_SUCCESS) { + DEBUG(0, ("ldap_initialize: %s\n", ldap_err2string(rc))); + return rc; + } + +#else + + /* Parse the string manually */ + + { + int port = 0; + fstring protocol; + fstring host; + const char *p = ldap_state->uri; + SMB_ASSERT(sizeof(protocol)>10 && sizeof(host)>254); + + /* skip leading "URL:" (if any) */ + if ( strncasecmp( p, "URL:", 4 ) == 0 ) { + p += 4; + } + + sscanf(p, "%10[^:]://%254s[^:]:%d", protocol, host, &port); + + if (port == 0) { + if (strequal(protocol, "ldap")) { + port = LDAP_PORT; + } else if (strequal(protocol, "ldaps")) { + port = LDAPS_PORT; + } else { + DEBUG(0, ("unrecognised protocol (%s)!\n", protocol)); + } + } + + if ((*ldap_struct = ldap_init(host, port)) == NULL) { + DEBUG(0, ("ldap_init failed !\n")); + return LDAP_OPERATIONS_ERROR; + } + + if (strequal(protocol, "ldaps")) { +#ifdef LDAP_OPT_X_TLS + int tls = LDAP_OPT_X_TLS_HARD; + if (ldap_set_option (*ldap_struct, LDAP_OPT_X_TLS, &tls) != LDAP_SUCCESS) + { + DEBUG(0, ("Failed to setup a TLS session\n")); + } + + DEBUG(3,("LDAPS option set...!\n")); +#else + DEBUG(0,("ldapsam_open_connection: Secure connection not supported by LDAP client libraries!\n")); + return LDAP_OPERATIONS_ERROR; +#endif + } + } +#endif + + if (ldap_get_option(*ldap_struct, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS) + { + if (version != LDAP_VERSION3) + { + version = LDAP_VERSION3; + if (ldap_set_option (*ldap_struct, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS) { + ldap_v3 = True; + } + } else { + ldap_v3 = True; + } + } + + if (lp_ldap_ssl() == LDAP_SSL_START_TLS) { +#ifdef LDAP_OPT_X_TLS + if (ldap_v3) { + if ((rc = ldap_start_tls_s (*ldap_struct, NULL, NULL)) != LDAP_SUCCESS) + { + DEBUG(0,("Failed to issue the StartTLS instruction: %s\n", + ldap_err2string(rc))); + return rc; + } + DEBUG (3, ("StartTLS issued: using a TLS connection\n")); + } else { + + DEBUG(0, ("Need LDAPv3 for Start TLS\n")); + return LDAP_OPERATIONS_ERROR; + } +#else + DEBUG(0,("ldapsam_open_connection: StartTLS not supported by LDAP client libraries!\n")); + return LDAP_OPERATIONS_ERROR; +#endif + } + + DEBUG(2, ("ldapsam_open_connection: connection opened\n")); + return rc; +} + + +/******************************************************************* + a rebind function for authenticated referrals + This version takes a void* that we can shove useful stuff in :-) +******************************************************************/ +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) +#else +static int rebindproc_with_state (LDAP * ld, char **whop, char **credp, + int *methodp, int freeit, void *arg) +{ + struct ldapsam_privates *ldap_state = arg; + + /** @TODO Should we be doing something to check what servers we rebind to? + Could we get a referral to a machine that we don't want to give our + username and password to? */ + + if (freeit) { + SAFE_FREE(*whop); + memset(*credp, '\0', strlen(*credp)); + SAFE_FREE(*credp); + } else { + DEBUG(5,("rebind_proc_with_state: Rebinding as \"%s\"\n", + ldap_state->bind_dn)); + + *whop = strdup(ldap_state->bind_dn); + if (!*whop) { + return LDAP_NO_MEMORY; + } + *credp = strdup(ldap_state->bind_secret); + if (!*credp) { + SAFE_FREE(*whop); + return LDAP_NO_MEMORY; + } + *methodp = LDAP_AUTH_SIMPLE; + } + return 0; +} +#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ + +/******************************************************************* + a rebind function for authenticated referrals + This version takes a void* that we can shove useful stuff in :-) + and actually does the connection. +******************************************************************/ +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) +static int rebindproc_connect_with_state (LDAP *ldap_struct, + LDAP_CONST char *url, + ber_tag_t request, + ber_int_t msgid, void *arg) +{ + struct ldapsam_privates *ldap_state = arg; + int rc; + DEBUG(5,("rebindproc_connect_with_state: Rebinding as \"%s\"\n", + ldap_state->bind_dn)); + + /** @TODO Should we be doing something to check what servers we rebind to? + Could we get a referral to a machine that we don't want to give our + username and password to? */ + + rc = ldap_simple_bind_s(ldap_struct, ldap_state->bind_dn, ldap_state->bind_secret); + + return rc; +} +#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ + +/******************************************************************* + Add a rebind function for authenticated referrals +******************************************************************/ +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) +#else +# if LDAP_SET_REBIND_PROC_ARGS == 2 +static int rebindproc (LDAP *ldap_struct, char **whop, char **credp, + int *method, int freeit ) +{ + return rebindproc_with_state(ldap_struct, whop, credp, + method, freeit, static_ldap_state); + +} +# endif /*LDAP_SET_REBIND_PROC_ARGS == 2*/ +#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ + +/******************************************************************* + a rebind function for authenticated referrals + this also does the connection, but no void*. +******************************************************************/ +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) +# if LDAP_SET_REBIND_PROC_ARGS == 2 +static int rebindproc_connect (LDAP * ld, LDAP_CONST char *url, int request, + ber_int_t msgid) +{ + return rebindproc_connect_with_state(ld, url, (ber_tag_t)request, msgid, + static_ldap_state); +} +# endif /*LDAP_SET_REBIND_PROC_ARGS == 2*/ +#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ + +/******************************************************************* + connect to the ldap server under system privilege. +******************************************************************/ +static int ldapsam_connect_system(struct ldapsam_privates *ldap_state, LDAP * ldap_struct) +{ + int rc; + char *ldap_dn; + char *ldap_secret; + + /* The rebind proc needs this *HACK*. We are not multithreaded, so + this will work, but it's not nice. */ + static_ldap_state = ldap_state; + + /* get the password */ + if (!fetch_ldapsam_pw(&ldap_dn, &ldap_secret)) + { + DEBUG(0, ("ldap_connect_system: Failed to retrieve password from secrets.tdb\n")); + return LDAP_INVALID_CREDENTIALS; + } + + ldap_state->bind_dn = ldap_dn; + ldap_state->bind_secret = ldap_secret; + + /* removed the sasl_bind_s "EXTERNAL" stuff, as my testsuite + (OpenLDAP) doesnt' seem to support it */ + + DEBUG(10,("ldap_connect_system: Binding to ldap server %s as \"%s\"\n", + ldap_state->uri, ldap_dn)); + +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) +# if LDAP_SET_REBIND_PROC_ARGS == 2 + ldap_set_rebind_proc(ldap_struct, &rebindproc_connect); +# endif +# if LDAP_SET_REBIND_PROC_ARGS == 3 + ldap_set_rebind_proc(ldap_struct, &rebindproc_connect_with_state, (void *)ldap_state); +# endif +#else /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ +# if LDAP_SET_REBIND_PROC_ARGS == 2 + ldap_set_rebind_proc(ldap_struct, &rebindproc); +# endif +# if LDAP_SET_REBIND_PROC_ARGS == 3 + ldap_set_rebind_proc(ldap_struct, &rebindproc_with_state, (void *)ldap_state); +# endif +#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/ + + rc = ldap_simple_bind_s(ldap_struct, ldap_dn, ldap_secret); + + if (rc != LDAP_SUCCESS) { + char *ld_error = NULL; + ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, + &ld_error); + DEBUG(0, + ("failed to bind to server with dn= %s Error: %s\n\t%s\n", + ldap_dn ? ld_error : "(unknown)", ldap_err2string(rc), + ld_error)); + SAFE_FREE(ld_error); + return rc; + } + + DEBUG(2, ("ldap_connect_system: succesful connection to the LDAP server\n")); + return rc; +} + +/********************************************************************** +Connect to LDAP server +*********************************************************************/ +static int ldapsam_open(struct ldapsam_privates *ldap_state) +{ + int rc; + SMB_ASSERT(ldap_state); + +#ifndef NO_LDAP_SECURITY + if (geteuid() != 0) { + DEBUG(0, ("ldapsam_open: cannot access LDAP when not root..\n")); + return LDAP_INSUFFICIENT_ACCESS; + } +#endif + + if ((ldap_state->ldap_struct != NULL) && ((ldap_state->last_ping + LDAPSAM_DONT_PING_TIME) < time(NULL))) { + struct sockaddr_un addr; + socklen_t len; + int sd; + if (ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_DESC, &sd) == 0 && + getpeername(sd, (struct sockaddr *) &addr, &len) < 0) { + /* the other end has died. reopen. */ + ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL); + ldap_state->ldap_struct = NULL; + ldap_state->last_ping = (time_t)0; + } else { + ldap_state->last_ping = time(NULL); + } + } + + if (ldap_state->ldap_struct != NULL) { + DEBUG(5,("ldapsam_open: allready connected to the LDAP server\n")); + return LDAP_SUCCESS; + } + + if ((rc = ldapsam_open_connection(ldap_state, &ldap_state->ldap_struct))) { + return rc; + } + + if ((rc = ldapsam_connect_system(ldap_state, ldap_state->ldap_struct))) { + ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL); + ldap_state->ldap_struct = NULL; + return rc; + } + + + ldap_state->last_ping = time(NULL); + DEBUG(4,("The LDAP server is succesful connected\n")); + + return LDAP_SUCCESS; +} + +/********************************************************************** +Disconnect from LDAP server +*********************************************************************/ +static NTSTATUS ldapsam_close(struct ldapsam_privates *ldap_state) +{ + if (!ldap_state) + return NT_STATUS_INVALID_PARAMETER; + + if (ldap_state->ldap_struct != NULL) { + ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL); + ldap_state->ldap_struct = NULL; + } + + DEBUG(5,("The connection to the LDAP server was closed\n")); + /* maybe free the results here --metze */ + + return NT_STATUS_OK; +} + +static int ldapsam_retry_open(struct ldapsam_privates *ldap_state, int *attempts) +{ + int rc; + + SMB_ASSERT(ldap_state && attempts); + + if (*attempts != 0) { + /* we retry after 0.5, 2, 4.5, 8, 12.5, 18, 24.5 seconds */ + msleep((((*attempts)*(*attempts))/2)*1000); + } + (*attempts)++; + + if ((rc = ldapsam_open(ldap_state))) { + DEBUG(0,("Connection to LDAP Server failed for the %d try!\n",*attempts)); + return rc; + } + + return LDAP_SUCCESS; +} + + +static int ldapsam_search(struct ldapsam_privates *ldap_state, + const char *base, int scope, const char *filter, + const char *attrs[], int attrsonly, + LDAPMessage **res) +{ + int rc = LDAP_SERVER_DOWN; + int attempts = 0; + + SMB_ASSERT(ldap_state); + + while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) { + + if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS) + continue; + + rc = ldap_search_s(ldap_state->ldap_struct, base, scope, + filter, attrs, attrsonly, res); + } + + if (rc == LDAP_SERVER_DOWN) { + DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO)); + ldapsam_close(ldap_state); + } + + return rc; +} + +static int ldapsam_modify(struct ldapsam_privates *ldap_state, char *dn, LDAPMod *attrs[]) +{ + int rc = LDAP_SERVER_DOWN; + int attempts = 0; + + if (!ldap_state) + return (-1); + + while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) { + + if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS) + continue; + + rc = ldap_modify_s(ldap_state->ldap_struct, dn, attrs); + } + + if (rc == LDAP_SERVER_DOWN) { + DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO)); + ldapsam_close(ldap_state); + } + + return rc; +} + +static int ldapsam_add(struct ldapsam_privates *ldap_state, const char *dn, LDAPMod *attrs[]) +{ + int rc = LDAP_SERVER_DOWN; + int attempts = 0; + + if (!ldap_state) + return (-1); + + while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) { + + if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS) + continue; + + rc = ldap_add_s(ldap_state->ldap_struct, dn, attrs); + } + + if (rc == LDAP_SERVER_DOWN) { + DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO)); + ldapsam_close(ldap_state); + } + + return rc; +} + +static int ldapsam_delete(struct ldapsam_privates *ldap_state, char *dn) +{ + int rc = LDAP_SERVER_DOWN; + int attempts = 0; + + if (!ldap_state) + return (-1); + + while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) { + + if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS) + continue; + + rc = ldap_delete_s(ldap_state->ldap_struct, dn); + } + + if (rc == LDAP_SERVER_DOWN) { + DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO)); + ldapsam_close(ldap_state); + } + + return rc; +} + +static int ldapsam_extended_operation(struct ldapsam_privates *ldap_state, LDAP_CONST char *reqoid, struct berval *reqdata, LDAPControl **serverctrls, LDAPControl **clientctrls, char **retoidp, struct berval **retdatap) +{ + int rc = LDAP_SERVER_DOWN; + int attempts = 0; + + if (!ldap_state) + return (-1); + + while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) { + + if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS) + continue; + + rc = ldap_extended_operation_s(ldap_state->ldap_struct, reqoid, reqdata, serverctrls, clientctrls, retoidp, retdatap); + } + + if (rc == LDAP_SERVER_DOWN) { + DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO)); + ldapsam_close(ldap_state); + } + + return rc; +} + +/******************************************************************* run the search by name. ******************************************************************/ -static int ldapsam_search_one_user (struct smb_ldap_privates *ldap_state, const char *filter, LDAPMessage ** result) +static int ldapsam_search_one_user (struct ldapsam_privates *ldap_state, const char *filter, LDAPMessage ** result) { int scope = LDAP_SCOPE_SUBTREE; int rc; DEBUG(2, ("ldapsam_search_one_user: searching for:[%s]\n", filter)); - rc = smb_ldap_search(ldap_state, lp_ldap_suffix (), scope, filter, attr, 0, result); + rc = ldapsam_search(ldap_state, lp_ldap_suffix (), scope, filter, attr, 0, result); if (rc != LDAP_SUCCESS) { char *ld_error = NULL; @@ -164,7 +666,7 @@ static int ldapsam_search_one_user (struct smb_ldap_privates *ldap_state, const /******************************************************************* run the search by name. ******************************************************************/ -static int ldapsam_search_one_user_by_name (struct smb_ldap_privates *ldap_state, const char *user, +static int ldapsam_search_one_user_by_name (struct ldapsam_privates *ldap_state, const char *user, LDAPMessage ** result) { pstring filter; @@ -195,7 +697,7 @@ static int ldapsam_search_one_user_by_name (struct smb_ldap_privates *ldap_state /******************************************************************* run the search by uid. ******************************************************************/ -static int ldapsam_search_one_user_by_uid(struct smb_ldap_privates *ldap_state, +static int ldapsam_search_one_user_by_uid(struct ldapsam_privates *ldap_state, int uid, LDAPMessage ** result) { @@ -229,7 +731,7 @@ static int ldapsam_search_one_user_by_uid(struct smb_ldap_privates *ldap_state, /******************************************************************* run the search by rid. ******************************************************************/ -static int ldapsam_search_one_user_by_rid (struct smb_ldap_privates *ldap_state, +static int ldapsam_search_one_user_by_rid (struct ldapsam_privates *ldap_state, uint32 rid, LDAPMessage ** result) { @@ -250,10 +752,110 @@ static int ldapsam_search_one_user_by_rid (struct smb_ldap_privates *ldap_state, } /******************************************************************* +search an attribute and return the first value found. +******************************************************************/ +static BOOL get_single_attribute (LDAP * ldap_struct, LDAPMessage * entry, + const char *attribute, pstring value) +{ + char **values; + + if ((values = ldap_get_values (ldap_struct, entry, attribute)) == NULL) { + value = NULL; + DEBUG (10, ("get_single_attribute: [%s] = [<does not exist>]\n", attribute)); + + return False; + } + + pstrcpy(value, values[0]); + ldap_value_free(values); +#ifdef DEBUG_PASSWORDS + DEBUG (100, ("get_single_attribute: [%s] = [%s]\n", attribute, value)); +#endif + return True; +} + +/************************************************************************ +Routine to manage the LDAPMod structure array +manage memory used by the array, by each struct, and values + +************************************************************************/ +static void make_a_mod (LDAPMod *** modlist, int modop, const char *attribute, const char *value) +{ + LDAPMod **mods; + int i; + int j; + + mods = *modlist; + + if (attribute == NULL || *attribute == '\0') + return; + +#if 0 + /* Why do we need this??? -- vl */ + if (value == NULL || *value == '\0') + return; +#endif + + if (mods == NULL) + { + mods = (LDAPMod **) malloc(sizeof(LDAPMod *)); + if (mods == NULL) + { + DEBUG(0, ("make_a_mod: out of memory!\n")); + return; + } + mods[0] = NULL; + } + + for (i = 0; mods[i] != NULL; ++i) { + if (mods[i]->mod_op == modop && !strcasecmp(mods[i]->mod_type, attribute)) + break; + } + + if (mods[i] == NULL) + { + mods = (LDAPMod **) Realloc (mods, (i + 2) * sizeof (LDAPMod *)); + if (mods == NULL) + { + DEBUG(0, ("make_a_mod: out of memory!\n")); + return; + } + mods[i] = (LDAPMod *) malloc(sizeof(LDAPMod)); + if (mods[i] == NULL) + { + DEBUG(0, ("make_a_mod: out of memory!\n")); + return; + } + mods[i]->mod_op = modop; + mods[i]->mod_values = NULL; + mods[i]->mod_type = strdup(attribute); + mods[i + 1] = NULL; + } + + if (value != NULL) + { + j = 0; + if (mods[i]->mod_values != NULL) { + for (; mods[i]->mod_values[j] != NULL; j++); + } + mods[i]->mod_values = (char **)Realloc(mods[i]->mod_values, + (j + 2) * sizeof (char *)); + + if (mods[i]->mod_values == NULL) { + DEBUG (0, ("make_a_mod: Memory allocation failure!\n")); + return; + } + mods[i]->mod_values[j] = strdup(value); + mods[i]->mod_values[j + 1] = NULL; + } + *modlist = mods; +} + +/******************************************************************* Delete complete object or objectclass and attrs from object found in search_result depending on lp_ldap_delete_dn ******************************************************************/ -static NTSTATUS ldapsam_delete_entry(struct smb_ldap_privates *ldap_state, +static NTSTATUS ldapsam_delete_entry(struct ldapsam_privates *ldap_state, LDAPMessage *result, const char *objectclass, const char **attrs) @@ -276,7 +878,7 @@ static NTSTATUS ldapsam_delete_entry(struct smb_ldap_privates *ldap_state, if (lp_ldap_delete_dn()) { NTSTATUS ret = NT_STATUS_OK; - rc = smb_ldap_delete(ldap_state, dn); + rc = ldapsam_delete(ldap_state, dn); if (rc != LDAP_SUCCESS) { DEBUG(0, ("Could not delete object %s\n", dn)); @@ -300,7 +902,7 @@ static NTSTATUS ldapsam_delete_entry(struct smb_ldap_privates *ldap_state, for (attrib = attrs; *attrib != NULL; attrib++) { if (StrCaseCmp(*attrib, name) == 0) { DEBUG(10, ("deleting attribute %s\n", name)); - smb_ldap_make_a_mod(&mods, LDAP_MOD_DELETE, name, NULL); + make_a_mod(&mods, LDAP_MOD_DELETE, name, NULL); } } @@ -311,9 +913,9 @@ static NTSTATUS ldapsam_delete_entry(struct smb_ldap_privates *ldap_state, ber_free(ptr, 0); } - smb_ldap_make_a_mod(&mods, LDAP_MOD_DELETE, "objectClass", objectclass); + make_a_mod(&mods, LDAP_MOD_DELETE, "objectClass", objectclass); - rc = smb_ldap_modify(ldap_state, dn, mods); + rc = ldapsam_modify(ldap_state, dn, mods); ldap_mods_free(mods, 1); if (rc != LDAP_SUCCESS) { @@ -337,7 +939,7 @@ static NTSTATUS ldapsam_delete_entry(struct smb_ldap_privates *ldap_state, /********************************************************************** Initialize SAM_ACCOUNT from an LDAP query (unix attributes only) *********************************************************************/ -static BOOL get_unix_attributes (struct smb_ldap_privates *ldap_state, +static BOOL get_unix_attributes (struct ldapsam_privates *ldap_state, SAM_ACCOUNT * sampass, LDAPMessage * entry) { @@ -366,15 +968,15 @@ static BOOL get_unix_attributes (struct smb_ldap_privates *ldap_state, } ldap_value_free(ldap_values); - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "homeDirectory", homedir)) + if (!get_single_attribute(ldap_state->ldap_struct, entry, "homeDirectory", homedir)) return False; - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "uidNumber", temp)) + if (!get_single_attribute(ldap_state->ldap_struct, entry, "uidNumber", temp)) return False; uid = (uid_t)atol(temp); - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber", temp)) + if (!get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber", temp)) return False; gid = (gid_t)atol(temp); @@ -392,7 +994,7 @@ static BOOL get_unix_attributes (struct smb_ldap_privates *ldap_state, Initialize SAM_ACCOUNT from an LDAP query (Based on init_sam_from_buffer in pdb_tdb.c) *********************************************************************/ -static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, +static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state, SAM_ACCOUNT * sampass, LDAPMessage * entry) { @@ -453,7 +1055,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, return False; } - smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "uid", username); + get_single_attribute(ldap_state->ldap_struct, entry, "uid", username); DEBUG(2, ("Entry found for user: %s\n", username)); pstrcpy(nt_username, username); @@ -465,12 +1067,12 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, pdb_set_domain(sampass, domain, PDB_DEFAULT); pdb_set_nt_username(sampass, nt_username, PDB_SET); - smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "rid", temp); + get_single_attribute(ldap_state->ldap_struct, entry, "rid", temp); user_rid = (uint32)atol(temp); pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET); - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "primaryGroupID", temp)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "primaryGroupID", temp)) { group_rid = 0; } else { group_rid = (uint32)atol(temp); @@ -518,42 +1120,42 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, } } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "pwdLastSet", temp)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "pwdLastSet", temp)) { /* leave as default */ } else { pass_last_set_time = (time_t) atol(temp); pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "logonTime", temp)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "logonTime", temp)) { /* leave as default */ } else { logon_time = (time_t) atol(temp); pdb_set_logon_time(sampass, logon_time, PDB_SET); } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "logoffTime", temp)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "logoffTime", temp)) { /* leave as default */ } else { logoff_time = (time_t) atol(temp); pdb_set_logoff_time(sampass, logoff_time, PDB_SET); } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "kickoffTime", temp)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "kickoffTime", temp)) { /* leave as default */ } else { kickoff_time = (time_t) atol(temp); pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET); } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "pwdCanChange", temp)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "pwdCanChange", temp)) { /* leave as default */ } else { pass_can_change_time = (time_t) atol(temp); pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "pwdMustChange", temp)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "pwdMustChange", temp)) { /* leave as default */ } else { pass_must_change_time = (time_t) atol(temp); @@ -566,9 +1168,9 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, * that fits your needs; using cn then displayName rather than 'userFullName' */ - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, + if (!get_single_attribute(ldap_state->ldap_struct, entry, "displayName", fullname)) { - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, + if (!get_single_attribute(ldap_state->ldap_struct, entry, "cn", fullname)) { /* leave as default */ } else { @@ -578,7 +1180,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, pdb_set_fullname(sampass, fullname, PDB_SET); } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "homeDrive", dir_drive)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "homeDrive", dir_drive)) { pdb_set_dir_drive(sampass, talloc_sub_specified(sampass->mem_ctx, lp_logon_drive(), username, domain, @@ -588,7 +1190,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, pdb_set_dir_drive(sampass, dir_drive, PDB_SET); } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "smbHome", homedir)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "smbHome", homedir)) { pdb_set_homedir(sampass, talloc_sub_specified(sampass->mem_ctx, lp_logon_home(), username, domain, @@ -598,7 +1200,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, pdb_set_homedir(sampass, homedir, PDB_SET); } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "scriptPath", logon_script)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "scriptPath", logon_script)) { pdb_set_logon_script(sampass, talloc_sub_specified(sampass->mem_ctx, lp_logon_script(), username, domain, @@ -608,7 +1210,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, pdb_set_logon_script(sampass, logon_script, PDB_SET); } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "profilePath", profile_path)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "profilePath", profile_path)) { pdb_set_profile_path(sampass, talloc_sub_specified(sampass->mem_ctx, lp_logon_path(), username, domain, @@ -618,13 +1220,13 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, pdb_set_profile_path(sampass, profile_path, PDB_SET); } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "description", acct_desc)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "description", acct_desc)) { /* leave as default */ } else { pdb_set_acct_desc(sampass, acct_desc, PDB_SET); } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "userWorkstations", workstations)) { + if (!get_single_attribute(ldap_state->ldap_struct, entry, "userWorkstations", workstations)) { /* leave as default */; } else { pdb_set_workstations(sampass, workstations, PDB_SET); @@ -636,7 +1238,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, hours_len = 21; memset(hours, 0xff, hours_len); - if (!smb_ldap_get_single_attribute (ldap_state->ldap_struct, entry, "lmPassword", temp)) { + if (!get_single_attribute (ldap_state->ldap_struct, entry, "lmPassword", temp)) { /* leave as default */ } else { pdb_gethexpwd(temp, smblmpwd); @@ -646,7 +1248,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, ZERO_STRUCT(smblmpwd); } - if (!smb_ldap_get_single_attribute (ldap_state->ldap_struct, entry, "ntPassword", temp)) { + if (!get_single_attribute (ldap_state->ldap_struct, entry, "ntPassword", temp)) { /* leave as default */ } else { pdb_gethexpwd(temp, smbntpwd); @@ -656,7 +1258,7 @@ static BOOL init_sam_from_ldap (struct smb_ldap_privates *ldap_state, ZERO_STRUCT(smbntpwd); } - if (!smb_ldap_get_single_attribute (ldap_state->ldap_struct, entry, "acctFlags", temp)) { + if (!get_single_attribute (ldap_state->ldap_struct, entry, "acctFlags", temp)) { acct_ctrl |= ACB_NORMAL; } else { acct_ctrl = pdb_decode_acct_ctrl(temp); @@ -724,7 +1326,7 @@ static void make_ldap_mod(LDAP *ldap_struct, LDAPMessage *existing, the old value, should it exist. */ if ((newval != NULL) && (strlen(newval) > 0)) { - smb_ldap_make_a_mod(mods, LDAP_MOD_ADD, attribute, newval); + make_a_mod(mods, LDAP_MOD_ADD, attribute, newval); } if (values == NULL) { @@ -739,7 +1341,7 @@ static void make_ldap_mod(LDAP *ldap_struct, LDAPMessage *existing, deny the complete operation if somebody changed the attribute behind our back. */ - smb_ldap_make_a_mod(mods, LDAP_MOD_DELETE, attribute, values[0]); + make_a_mod(mods, LDAP_MOD_DELETE, attribute, values[0]); ldap_value_free(values); } @@ -747,7 +1349,7 @@ static void make_ldap_mod(LDAP *ldap_struct, LDAPMessage *existing, Initialize SAM_ACCOUNT from an LDAP query (Based on init_buffer_from_sam in pdb_tdb.c) *********************************************************************/ -static BOOL init_ldap_from_sam (struct smb_ldap_privates *ldap_state, +static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state, LDAPMessage *existing, LDAPMod *** mods, const SAM_ACCOUNT * sampass, BOOL (*need_update)(const SAM_ACCOUNT *, @@ -933,7 +1535,7 @@ static BOOL init_ldap_from_sam (struct smb_ldap_privates *ldap_state, /********************************************************************** Connect to LDAP server and find the next available RID. *********************************************************************/ -static uint32 check_nua_rid_is_avail(struct smb_ldap_privates *ldap_state, uint32 top_rid) +static uint32 check_nua_rid_is_avail(struct ldapsam_privates *ldap_state, uint32 top_rid) { LDAPMessage *result; uint32 final_rid = (top_rid & (~USER_RID_TYPE)) + RID_MULTIPLIER; @@ -964,7 +1566,7 @@ static uint32 check_nua_rid_is_avail(struct smb_ldap_privates *ldap_state, uint3 /********************************************************************** Extract the RID from an LDAP entry *********************************************************************/ -static uint32 entry_to_user_rid(struct smb_ldap_privates *ldap_state, LDAPMessage *entry) { +static uint32 entry_to_user_rid(struct ldapsam_privates *ldap_state, LDAPMessage *entry) { uint32 rid; SAM_ACCOUNT *user = NULL; if (!NT_STATUS_IS_OK(pdb_init_sam(&user))) { @@ -987,7 +1589,7 @@ static uint32 entry_to_user_rid(struct smb_ldap_privates *ldap_state, LDAPMessag /********************************************************************** Connect to LDAP server and find the next available RID. *********************************************************************/ -static uint32 search_top_nua_rid(struct smb_ldap_privates *ldap_state) +static uint32 search_top_nua_rid(struct ldapsam_privates *ldap_state) { int rc; pstring filter; @@ -1008,7 +1610,7 @@ static uint32 search_top_nua_rid(struct smb_ldap_privates *ldap_state) #endif DEBUG(2, ("ldapsam_get_next_available_nua_rid: searching for:[%s]\n", final_filter)); - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), + rc = ldapsam_search(ldap_state, lp_ldap_suffix(), LDAP_SCOPE_SUBTREE, final_filter, attr, 0, &result); @@ -1057,7 +1659,7 @@ static uint32 search_top_nua_rid(struct smb_ldap_privates *ldap_state) /********************************************************************** Connect to LDAP server and find the next available RID. *********************************************************************/ -static uint32 ldapsam_get_next_available_nua_rid(struct smb_ldap_privates *ldap_state) { +static uint32 ldapsam_get_next_available_nua_rid(struct ldapsam_privates *ldap_state) { uint32 next_nua_rid; uint32 top_nua_rid; @@ -1074,14 +1676,14 @@ Connect to LDAP server for password enumeration *********************************************************************/ static NTSTATUS ldapsam_setsampwent(struct pdb_methods *my_methods, BOOL update) { - struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data; + struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; int rc; pstring filter; pstrcpy(filter, lp_ldap_filter()); all_string_sub(filter, "%u", "*", sizeof(pstring)); - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), + rc = ldapsam_search(ldap_state, lp_ldap_suffix(), LDAP_SCOPE_SUBTREE, filter, attr, 0, &ldap_state->result); @@ -1109,7 +1711,7 @@ End enumeration of the LDAP password list *********************************************************************/ static void ldapsam_endsampwent(struct pdb_methods *my_methods) { - struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data; + struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; if (ldap_state->result) { ldap_msgfree(ldap_state->result); ldap_state->result = NULL; @@ -1122,9 +1724,13 @@ Get the next entry in the LDAP password database static NTSTATUS ldapsam_getsampwent(struct pdb_methods *my_methods, SAM_ACCOUNT *user) { NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data; + struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; BOOL bret = False; + /* The rebind proc needs this *HACK*. We are not multithreaded, so + this will work, but it's not nice. */ + static_ldap_state = ldap_state; + while (!bret) { if (!ldap_state->entry) return ret; @@ -1145,7 +1751,7 @@ Get SAM_ACCOUNT entry from LDAP by username static NTSTATUS ldapsam_getsampwnam(struct pdb_methods *my_methods, SAM_ACCOUNT *user, const char *sname) { NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data; + struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; LDAPMessage *result; LDAPMessage *entry; int count; @@ -1189,8 +1795,8 @@ Get SAM_ACCOUNT entry from LDAP by rid static NTSTATUS ldapsam_getsampwrid(struct pdb_methods *my_methods, SAM_ACCOUNT *user, uint32 rid) { NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - struct smb_ldap_privates *ldap_state = - (struct smb_ldap_privates *)my_methods->private_data; + struct ldapsam_privates *ldap_state = + (struct ldapsam_privates *)my_methods->private_data; LDAPMessage *result; LDAPMessage *entry; int count; @@ -1245,7 +1851,7 @@ static NTSTATUS ldapsam_modify_entry(struct pdb_methods *my_methods, SAM_ACCOUNT *newpwd, char *dn, LDAPMod **mods, int ldap_op, BOOL pdb_add) { - struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data; + struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; int rc; if (!my_methods || !newpwd || !dn) { @@ -1259,11 +1865,11 @@ static NTSTATUS ldapsam_modify_entry(struct pdb_methods *my_methods, switch(ldap_op) { case LDAP_MOD_ADD: - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "account"); - rc = smb_ldap_add(ldap_state, dn, mods); + make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "account"); + rc = ldapsam_add(ldap_state, dn, mods); break; case LDAP_MOD_REPLACE: - rc = smb_ldap_modify(ldap_state, dn ,mods); + rc = ldapsam_modify(ldap_state, dn ,mods); break; default: DEBUG(0,("Wrong LDAP operation type: %d!\n", ldap_op)); @@ -1310,7 +1916,7 @@ static NTSTATUS ldapsam_modify_entry(struct pdb_methods *my_methods, ber_free(ber,1); - if ((rc = smb_ldap_extended_operation(ldap_state, LDAP_EXOP_X_MODIFY_PASSWD, + if ((rc = ldapsam_extended_operation(ldap_state, LDAP_EXOP_X_MODIFY_PASSWD, bv, NULL, NULL, &retoid, &retdata))!=LDAP_SUCCESS) { DEBUG(0,("LDAP Password could not be changed for user %s: %s\n", pdb_get_username(newpwd),ldap_err2string(rc))); @@ -1333,7 +1939,7 @@ Delete entry from LDAP for username *********************************************************************/ static NTSTATUS ldapsam_delete_sam_account(struct pdb_methods *my_methods, SAM_ACCOUNT * sam_acct) { - struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data; + struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; const char *sname; int rc; LDAPMessage *result; @@ -1380,7 +1986,7 @@ Update SAM_ACCOUNT static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, SAM_ACCOUNT * newpwd) { NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data; + struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; int rc; char *dn; LDAPMessage *result; @@ -1452,7 +2058,7 @@ Add SAM_ACCOUNT to LDAP static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCOUNT * newpwd) { NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data; + struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; int rc; pstring filter; LDAPMessage *result = NULL; @@ -1530,7 +2136,7 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCO return NT_STATUS_UNSUCCESSFUL; } - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "sambaAccount"); + make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "sambaAccount"); ret = ldapsam_modify_entry(my_methods,newpwd,dn,mods,ldap_op, True); if (NT_STATUS_IS_ERR(ret)) { @@ -1547,15 +2153,15 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCO static void free_private_data(void **vp) { - struct smb_ldap_privates **ldap_state = (struct smb_ldap_privates **)vp; + struct ldapsam_privates **ldap_state = (struct ldapsam_privates **)vp; - smb_ldap_close(*ldap_state); + ldapsam_close(*ldap_state); if ((*ldap_state)->bind_secret) { memset((*ldap_state)->bind_secret, '\0', strlen((*ldap_state)->bind_secret)); } - smb_ldap_close(*ldap_state); + ldapsam_close(*ldap_state); SAFE_FREE((*ldap_state)->bind_dn); SAFE_FREE((*ldap_state)->bind_secret); @@ -1570,7 +2176,7 @@ static const char *group_attr[] = {"cn", "ntSid", "ntGroupType", "displayName", "description", NULL }; -static int ldapsam_search_one_group (struct smb_ldap_privates *ldap_state, +static int ldapsam_search_one_group (struct ldapsam_privates *ldap_state, const char *filter, LDAPMessage ** result) { @@ -1579,7 +2185,7 @@ static int ldapsam_search_one_group (struct smb_ldap_privates *ldap_state, DEBUG(2, ("ldapsam_search_one_group: searching for:[%s]\n", filter)); - rc = smb_ldap_search(ldap_state, lp_ldap_suffix (), scope, + rc = ldapsam_search(ldap_state, lp_ldap_suffix (), scope, filter, group_attr, 0, result); if (rc != LDAP_SUCCESS) { @@ -1597,7 +2203,7 @@ static int ldapsam_search_one_group (struct smb_ldap_privates *ldap_state, return rc; } -static BOOL init_group_from_ldap(struct smb_ldap_privates *ldap_state, +static BOOL init_group_from_ldap(struct ldapsam_privates *ldap_state, GROUP_MAP *map, LDAPMessage *entry) { pstring temp; @@ -1608,7 +2214,7 @@ static BOOL init_group_from_ldap(struct smb_ldap_privates *ldap_state, return False; } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber", + if (!get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber", temp)) { DEBUG(0, ("Mandatory attribute gidNumber not found\n")); return False; @@ -1617,14 +2223,14 @@ static BOOL init_group_from_ldap(struct smb_ldap_privates *ldap_state, map->gid = (gid_t)atol(temp); - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "ntSid", + if (!get_single_attribute(ldap_state->ldap_struct, entry, "ntSid", temp)) { DEBUG(0, ("Mandatory attribute ntSid not found\n")); return False; } string_to_sid(&map->sid, temp); - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "ntGroupType", + if (!get_single_attribute(ldap_state->ldap_struct, entry, "ntGroupType", temp)) { DEBUG(0, ("Mandatory attribute ntGroupType not found\n")); return False; @@ -1637,11 +2243,11 @@ static BOOL init_group_from_ldap(struct smb_ldap_privates *ldap_state, return False; } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "displayName", + if (!get_single_attribute(ldap_state->ldap_struct, entry, "displayName", temp)) { DEBUG(3, ("Attribute displayName not found\n")); temp[0] = '\0'; - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "cn", + if (!get_single_attribute(ldap_state->ldap_struct, entry, "cn", temp)) { DEBUG(0, ("Attributes cn not found either " "for gidNumber(%i)\n",map->gid)); @@ -1650,7 +2256,7 @@ static BOOL init_group_from_ldap(struct smb_ldap_privates *ldap_state, } fstrcpy(map->nt_name, temp); - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "description", + if (!get_single_attribute(ldap_state->ldap_struct, entry, "description", temp)) { DEBUG(3, ("Attribute description not found\n")); temp[0] = '\0'; @@ -1692,8 +2298,8 @@ static NTSTATUS ldapsam_getgroup(struct pdb_methods *methods, const char *filter, GROUP_MAP *map) { - struct smb_ldap_privates *ldap_state = - (struct smb_ldap_privates *)methods->private_data; + struct ldapsam_privates *ldap_state = + (struct ldapsam_privates *)methods->private_data; LDAPMessage *result; LDAPMessage *entry; int count; @@ -1772,7 +2378,7 @@ static NTSTATUS ldapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map, return ldapsam_getgroup(methods, filter, map); } -static int ldapsam_search_one_group_by_gid(struct smb_ldap_privates *ldap_state, +static int ldapsam_search_one_group_by_gid(struct ldapsam_privates *ldap_state, gid_t gid, LDAPMessage **result) { @@ -1787,8 +2393,8 @@ static int ldapsam_search_one_group_by_gid(struct smb_ldap_privates *ldap_state, static NTSTATUS ldapsam_add_group_mapping_entry(struct pdb_methods *methods, GROUP_MAP *map) { - struct smb_ldap_privates *ldap_state = - (struct smb_ldap_privates *)methods->private_data; + struct ldapsam_privates *ldap_state = + (struct ldapsam_privates *)methods->private_data; LDAPMessage *result = NULL; LDAPMod **mods = NULL; @@ -1838,10 +2444,10 @@ static NTSTATUS ldapsam_add_group_mapping_entry(struct pdb_methods *methods, return NT_STATUS_UNSUCCESSFUL; } - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", + make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "sambaGroupMapping"); - rc = smb_ldap_modify(ldap_state, dn, mods); + rc = ldapsam_modify(ldap_state, dn, mods); ldap_mods_free(mods, 1); if (rc != LDAP_SUCCESS) { @@ -1861,8 +2467,8 @@ static NTSTATUS ldapsam_add_group_mapping_entry(struct pdb_methods *methods, static NTSTATUS ldapsam_update_group_mapping_entry(struct pdb_methods *methods, GROUP_MAP *map) { - struct smb_ldap_privates *ldap_state = - (struct smb_ldap_privates *)methods->private_data; + struct ldapsam_privates *ldap_state = + (struct ldapsam_privates *)methods->private_data; int rc; char *dn; LDAPMessage *result; @@ -1898,7 +2504,7 @@ static NTSTATUS ldapsam_update_group_mapping_entry(struct pdb_methods *methods, return NT_STATUS_UNSUCCESSFUL; } - rc = smb_ldap_modify(ldap_state, dn, mods); + rc = ldapsam_modify(ldap_state, dn, mods); ldap_mods_free(mods, 1); @@ -1918,8 +2524,8 @@ static NTSTATUS ldapsam_update_group_mapping_entry(struct pdb_methods *methods, static NTSTATUS ldapsam_delete_group_mapping_entry(struct pdb_methods *methods, DOM_SID sid) { - struct smb_ldap_privates *ldap_state = - (struct smb_ldap_privates *)methods->private_data; + struct ldapsam_privates *ldap_state = + (struct ldapsam_privates *)methods->private_data; pstring sidstring, filter; LDAPMessage *result; int rc; @@ -1947,12 +2553,12 @@ static NTSTATUS ldapsam_delete_group_mapping_entry(struct pdb_methods *methods, static NTSTATUS ldapsam_setsamgrent(struct pdb_methods *my_methods, BOOL update) { - struct smb_ldap_privates *ldap_state = - (struct smb_ldap_privates *)my_methods->private_data; + struct ldapsam_privates *ldap_state = + (struct ldapsam_privates *)my_methods->private_data; const char *filter = "(objectClass=sambaGroupMapping)"; int rc; - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), + rc = ldapsam_search(ldap_state, lp_ldap_suffix(), LDAP_SCOPE_SUBTREE, filter, group_attr, 0, &ldap_state->result); @@ -1984,9 +2590,13 @@ static NTSTATUS ldapsam_getsamgrent(struct pdb_methods *my_methods, GROUP_MAP *map) { NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - struct smb_ldap_privates *ldap_state = (struct smb_ldap_privates *)my_methods->private_data; + struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; BOOL bret = False; + /* The rebind proc needs this *HACK*. We are not multithreaded, so + this will work, but it's not nice. */ + static_ldap_state = ldap_state; + while (!bret) { if (!ldap_state->entry) return ret; @@ -2054,7 +2664,7 @@ static NTSTATUS ldapsam_enum_group_mapping(struct pdb_methods *methods, NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) { NTSTATUS nt_status; - struct smb_ldap_privates *ldap_state; + struct ldapsam_privates *ldap_state; if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) { return nt_status; @@ -2081,7 +2691,7 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co /* TODO: Setup private data and free */ - ldap_state = talloc_zero(pdb_context->mem_ctx, sizeof(struct smb_ldap_privates)); + ldap_state = talloc_zero(pdb_context->mem_ctx, sizeof(struct ldapsam_privates)); if (!ldap_state) { DEBUG(0, ("talloc() failed for ldapsam private_data!\n")); @@ -2119,7 +2729,7 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co NTSTATUS pdb_init_ldapsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) { NTSTATUS nt_status; - struct smb_ldap_privates *ldap_state; + struct ldapsam_privates *ldap_state; uint32 low_nua_uid, high_nua_uid; if (!NT_STATUS_IS_OK(nt_status = pdb_init_ldapsam(pdb_context, pdb_method, location))) { @@ -2144,9 +2754,20 @@ NTSTATUS pdb_init_ldapsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method return NT_STATUS_OK; } -int pdb_ldap_init(void) + +#else + +NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) +{ + DEBUG(0, ("ldap not detected at configure time, ldapsam not availalble!\n")); + return NT_STATUS_UNSUCCESSFUL; +} + +NTSTATUS pdb_init_ldapsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) { - smb_register_passdb("ldapsam", pdb_init_ldapsam, PASSDB_INTERFACE_VERSION); - smb_register_passdb("ldapsam_nua", pdb_init_ldapsam_nua, PASSDB_INTERFACE_VERSION); - return True; + DEBUG(0, ("ldap not dectected at configure time, ldapsam_nua not available!\n")); + return NT_STATUS_UNSUCCESSFUL; } + + +#endif diff --git a/source3/modules/mysql.c b/source3/passdb/pdb_mysql.c index 684eb96645..d0f30c6394 100644 --- a/source3/modules/mysql.c +++ b/source3/passdb/pdb_mysql.c @@ -1,4 +1,3 @@ - /* * MySQL password backend for samba * Copyright (C) Jelmer Vernooij 2002 @@ -64,10 +63,12 @@ static int mysqlsam_debug_level = DBGC_ALL; #undef DBGC_CLASS #define DBGC_CLASS mysqlsam_debug_level +PDB_MODULE_VERSIONING_MAGIC + typedef struct pdb_mysql_data { MYSQL *handle; MYSQL_RES *pwent; - const char *location; + char *location; } pdb_mysql_data; /* Used to construct insert and update queries */ @@ -893,8 +894,61 @@ static NTSTATUS mysqlsam_update_sam_account(struct pdb_methods *methods, return mysqlsam_replace_sam_account(methods, newpwd, 1); } -static NTSTATUS mysqlsam_init(struct pdb_context * pdb_context, struct pdb_methods ** pdb_method, - const char *location) +static NTSTATUS mysqlsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map, + DOM_SID sid, BOOL with_priv) +{ + return get_group_map_from_sid(sid, map, with_priv) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; +} + +static NTSTATUS mysqlsam_getgrgid(struct pdb_methods *methods, GROUP_MAP *map, + gid_t gid, BOOL with_priv) +{ + return get_group_map_from_gid(gid, map, with_priv) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; +} + +static NTSTATUS mysqlsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map, + char *name, BOOL with_priv) +{ + return get_group_map_from_ntname(name, map, with_priv) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; +} + +static NTSTATUS mysqlsam_add_group_mapping_entry(struct pdb_methods *methods, + GROUP_MAP *map) +{ + return add_mapping_entry(map, TDB_INSERT) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; +} + +static NTSTATUS mysqlsam_update_group_mapping_entry(struct pdb_methods *methods, + GROUP_MAP *map) +{ + return add_mapping_entry(map, TDB_REPLACE) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; +} + +static NTSTATUS mysqlsam_delete_group_mapping_entry(struct pdb_methods *methods, + DOM_SID sid) +{ + return group_map_remove(sid) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; +} + +static NTSTATUS mysqlsam_enum_group_mapping(struct pdb_methods *methods, + enum SID_NAME_USE sid_name_use, + GROUP_MAP **rmap, int *num_entries, + BOOL unix_only, BOOL with_priv) +{ + return enum_group_mapping(sid_name_use, rmap, num_entries, unix_only, + with_priv) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; +} + + +NTSTATUS pdb_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method, + char *location) { NTSTATUS nt_status; struct pdb_mysql_data *data; @@ -926,6 +980,13 @@ static NTSTATUS mysqlsam_init(struct pdb_context * pdb_context, struct pdb_metho (*pdb_method)->add_sam_account = mysqlsam_add_sam_account; (*pdb_method)->update_sam_account = mysqlsam_update_sam_account; (*pdb_method)->delete_sam_account = mysqlsam_delete_sam_account; + (*pdb_method)->getgrsid = mysqlsam_getgrsid; + (*pdb_method)->getgrgid = mysqlsam_getgrgid; + (*pdb_method)->getgrnam = mysqlsam_getgrnam; + (*pdb_method)->add_group_mapping_entry = mysqlsam_add_group_mapping_entry; + (*pdb_method)->update_group_mapping_entry = mysqlsam_update_group_mapping_entry; + (*pdb_method)->delete_group_mapping_entry = mysqlsam_delete_group_mapping_entry; + (*pdb_method)->enum_group_mapping = mysqlsam_enum_group_mapping; data = talloc(pdb_context->mem_ctx, sizeof(struct pdb_mysql_data)); (*pdb_method)->private_data = data; @@ -933,7 +994,7 @@ static NTSTATUS mysqlsam_init(struct pdb_context * pdb_context, struct pdb_metho data->pwent = NULL; if (!location) { - DEBUG(0, ("No identifier specified. Check the Samba HOWTO Collection for details\n")); + DEBUG(0, ("No identifier specified. See README for details\n")); return NT_STATUS_INVALID_PARAMETER; } @@ -971,8 +1032,3 @@ static NTSTATUS mysqlsam_init(struct pdb_context * pdb_context, struct pdb_metho return NT_STATUS_OK; } - -int pdb_mysql_init(void) -{ - return smb_register_passdb("mysql", mysqlsam_init, PASSDB_INTERFACE_VERSION); -} diff --git a/source3/passdb/pdb_nisplus.c b/source3/passdb/pdb_nisplus.c index 73d65af1c6..0a42c36ea0 100644 --- a/source3/passdb/pdb_nisplus.c +++ b/source3/passdb/pdb_nisplus.c @@ -24,6 +24,8 @@ #include "includes.h" +#ifdef WITH_NISPLUS_SAM + #ifdef BROKEN_NISPLUS_INCLUDE_FILES /* @@ -1553,7 +1555,11 @@ NTSTATUS pdb_init_nisplussam (PDB_CONTEXT * pdb_context, return NT_STATUS_OK; } -int pdb_nisplus_init(void) +#else +NTSTATUS pdb_init_nisplussam (PDB_CONTEXT * c, PDB_METHODS ** m, + const char *l) { - return smb_register_passdb("nisplussam", pdb_init_nisplussam, PASSDB_INTERFACE_VERSION); + DEBUG (0, ("nisplus sam not compiled in!\n")); + return NT_STATUS_UNSUCCESSFUL; } +#endif /* WITH_NISPLUS_SAM */ diff --git a/source3/sam/sam_plugin.c b/source3/passdb/pdb_plugin.c index fd26c4b8d3..ea67da23a5 100644 --- a/source3/sam/sam_plugin.c +++ b/source3/passdb/pdb_plugin.c @@ -1,9 +1,8 @@ /* Unix SMB/CIFS implementation. - Loadable san module interface. - Copyright (C) Jelmer Vernooij 2002 - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 + Loadable passdb module interface. + Copyright (C) Jelmer Vernooij 2002 + Copyright (C) Andrew Bartlett 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -23,57 +22,57 @@ #include "includes.h" #undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM +#define DBGC_CLASS DBGC_PASSDB -NTSTATUS sam_init_plugin(SAM_METHODS *sam_methods, const char *module_params) +NTSTATUS pdb_init_plugin(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) { - void *dl_handle; - char *plugin_params, *plugin_name, *p; - sam_init_function plugin_init; + void * dl_handle; + char *plugin_location, *plugin_name, *p; + pdb_init_function plugin_init; int (*plugin_version)(void); - if (module_params == NULL) { + if (location == NULL) { DEBUG(0, ("The plugin module needs an argument!\n")); return NT_STATUS_UNSUCCESSFUL; } - plugin_name = smb_xstrdup(module_params); + plugin_name = smb_xstrdup(location); p = strchr(plugin_name, ':'); if (p) { *p = 0; - plugin_params = p+1; - trim_string(plugin_params, " ", " "); - } else plugin_params = NULL; + plugin_location = p+1; + trim_string(plugin_location, " ", " "); + } else plugin_location = NULL; trim_string(plugin_name, " ", " "); DEBUG(5, ("Trying to load sam plugin %s\n", plugin_name)); - dl_handle = sys_dlopen(plugin_name, RTLD_NOW); + dl_handle = sys_dlopen(plugin_name, RTLD_NOW ); if (!dl_handle) { DEBUG(0, ("Failed to load sam plugin %s using sys_dlopen (%s)\n", plugin_name, sys_dlerror())); return NT_STATUS_UNSUCCESSFUL; } - plugin_version = sys_dlsym(dl_handle, "sam_version"); + plugin_version = sys_dlsym(dl_handle, "pdb_version"); if (!plugin_version) { sys_dlclose(dl_handle); - DEBUG(0, ("Failed to find function 'sam_version' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror())); + DEBUG(0, ("Failed to find function 'pdb_version' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror())); return NT_STATUS_UNSUCCESSFUL; } - if (plugin_version()!=SAM_INTERFACE_VERSION) { + if (plugin_version() != PASSDB_INTERFACE_VERSION) { sys_dlclose(dl_handle); - DEBUG(0, ("Wrong SAM_INTERFACE_VERSION! sam plugin has version %d and version %d is needed! Please update!\n", - plugin_version(),SAM_INTERFACE_VERSION)); + DEBUG(0, ("Wrong PASSDB_INTERFACE_VERSION! sam plugin has version %d and version %d is needed! Please update!\n", + plugin_version(),PASSDB_INTERFACE_VERSION)); return NT_STATUS_UNSUCCESSFUL; } - plugin_init = sys_dlsym(dl_handle, "sam_init"); + plugin_init = sys_dlsym(dl_handle, "pdb_init"); if (!plugin_init) { sys_dlclose(dl_handle); - DEBUG(0, ("Failed to find function 'sam_init' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror())); + DEBUG(0, ("Failed to find function 'pdb_init' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror())); return NT_STATUS_UNSUCCESSFUL; } - DEBUG(5, ("Starting sam plugin %s with parameters %s for domain %s\n", plugin_name, plugin_params, sam_methods->domain_name)); - return plugin_init(sam_methods, plugin_params); + DEBUG(5, ("Starting sam plugin %s with location %s\n", plugin_name, plugin_location)); + return plugin_init(pdb_context, pdb_method, plugin_location); } diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c index 7f74196633..b5a2bbbfe7 100644 --- a/source3/passdb/pdb_smbpasswd.c +++ b/source3/passdb/pdb_smbpasswd.c @@ -1579,10 +1579,3 @@ NTSTATUS pdb_init_smbpasswd_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_meth return NT_STATUS_OK; } - -int pdb_smbpasswd_init(void) -{ - smb_register_passdb("smbpasswd", pdb_init_smbpasswd, PASSDB_INTERFACE_VERSION); - smb_register_passdb("smbpasswd_nua", pdb_init_smbpasswd_nua, PASSDB_INTERFACE_VERSION); - return True; -} diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c index 7e2f4b832f..c48c9567b1 100644 --- a/source3/passdb/pdb_tdb.c +++ b/source3/passdb/pdb_tdb.c @@ -37,6 +37,8 @@ static int tdbsam_debug_level = DBGC_ALL; #endif +#ifdef WITH_TDB_SAM + #define PDB_VERSION "20010830" #define PASSDB_FILE_NAME "passdb.tdb" #define TDB_FORMAT_STRING "ddddddBBBBBBBBBBBBddBBwdwdBdd" @@ -986,10 +988,20 @@ NTSTATUS pdb_init_tdbsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, return NT_STATUS_OK; } -int pdb_tdbsam_init(void) + +#else + +NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) { - smb_register_passdb("tdbsam", pdb_init_tdbsam, PASSDB_INTERFACE_VERSION); - smb_register_passdb("tdbsam_nua", pdb_init_tdbsam_nua, PASSDB_INTERFACE_VERSION); - return True; + DEBUG(0, ("tdbsam not compiled in!\n")); + return NT_STATUS_UNSUCCESSFUL; } +NTSTATUS pdb_init_tdbsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) +{ + DEBUG(0, ("tdbsam_nua not compiled in!\n")); + return NT_STATUS_UNSUCCESSFUL; +} + + +#endif diff --git a/source3/passdb/pdb_unix.c b/source3/passdb/pdb_unix.c index ed83024248..86a86d60d4 100644 --- a/source3/passdb/pdb_unix.c +++ b/source3/passdb/pdb_unix.c @@ -124,8 +124,3 @@ NTSTATUS pdb_init_unixsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co /* There's not very much to initialise here */ return NT_STATUS_OK; } - -int pdb_unix_init(void) -{ - return smb_register_passdb("unixsam", pdb_init_unixsam, PASSDB_INTERFACE_VERSION); -} diff --git a/source3/modules/xml.c b/source3/passdb/pdb_xml.c index 1a4aeeeac0..edf70250e2 100644 --- a/source3/modules/xml.c +++ b/source3/passdb/pdb_xml.c @@ -40,6 +40,8 @@ static int xmlsam_debug_level = DBGC_ALL; #undef DBGC_CLASS #define DBGC_CLASS xmlsam_debug_level +PDB_MODULE_VERSIONING_MAGIC + static char * iota(int a) { static char tmp[10]; @@ -47,7 +49,7 @@ static char * iota(int a) { return tmp; } -static BOOL parsePass(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u) +BOOL parsePass(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u) { pstring temp; @@ -76,7 +78,7 @@ static BOOL parsePass(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * return True; } -static BOOL parseUser(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u) +BOOL parseUser(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u) { char *tmp; DOM_SID sid; @@ -245,7 +247,7 @@ typedef struct pdb_xml { xmlNsPtr ns; } pdb_xml; -static xmlNodePtr parseSambaXMLFile(struct pdb_xml *data) +xmlNodePtr parseSambaXMLFile(struct pdb_xml *data) { xmlNodePtr cur; @@ -512,7 +514,7 @@ static NTSTATUS xmlsam_add_sam_account(struct pdb_methods *methods, SAM_ACCOUNT return NT_STATUS_OK; } -NTSTATUS xmlsam_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method, +NTSTATUS pdb_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method, const char *location) { NTSTATUS nt_status; @@ -563,8 +565,3 @@ NTSTATUS xmlsam_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method, return NT_STATUS_OK; } - -int pdb_xml_init(void) -{ - return smb_register_passdb("xml", xmlsam_init, PASSDB_INTERFACE_VERSION); -} diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index 64fedc7284..db08d02714 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -265,44 +265,38 @@ BOOL secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16], ************************************************************************/ BOOL secrets_fetch_trusted_domain_password(const char *domain, char** pwd, - DOM_SID *sid, time_t *pass_last_set_time) + DOM_SID *sid, time_t *pass_last_set_time) { - struct trusted_dom_pass pass; + struct trusted_dom_pass *pass; size_t size; - - /* unpacking structures */ - char* pass_buf; - int pass_len = 0; - - ZERO_STRUCT(pass); /* fetching trusted domain password structure */ - if (!(pass_buf = secrets_fetch(trustdom_keystr(domain), &size))) { + if (!(pass = secrets_fetch(trustdom_keystr(domain), &size))) { DEBUG(5, ("secrets_fetch failed!\n")); return False; } - /* unpack trusted domain password */ - pass_len = tdb_trusted_dom_pass_unpack(pass_buf, size, &pass); - if (pass_len != size) { - DEBUG(5, ("Invalid secrets size. Unpacked data doesn't match trusted_dom_pass structure.\n")); + if (size != sizeof(*pass)) { + DEBUG(0, ("secrets were of incorrect size!\n")); return False; } - + /* the trust's password */ if (pwd) { - *pwd = strdup(pass.pass); + *pwd = strdup(pass->pass); if (!*pwd) { return False; } } /* last change time */ - if (pass_last_set_time) *pass_last_set_time = pass.mod_time; + if (pass_last_set_time) *pass_last_set_time = pass->mod_time; /* domain sid */ - sid_copy(sid, &pass.domain_sid); - + memcpy(&sid, &(pass->domain_sid), sizeof(sid)); + + SAFE_FREE(pass); + return True; } @@ -321,7 +315,7 @@ BOOL secrets_store_trust_account_password(const char *domain, uint8 new_pwd[16]) } /** - * Routine to store the password for trusted domain + * Routine to set the password for trusted domain * * @param domain remote domain name * @param pwd plain text password of trust relationship @@ -331,17 +325,12 @@ BOOL secrets_store_trust_account_password(const char *domain, uint8 new_pwd[16]) **/ BOOL secrets_store_trusted_domain_password(const char* domain, smb_ucs2_t *uni_dom_name, - size_t uni_name_len, const char* pwd, - DOM_SID sid) -{ - /* packing structures */ - pstring pass_buf; - int pass_len = 0; - int pass_buf_len = sizeof(pass_buf); - + size_t uni_name_len, const char* pwd, + DOM_SID sid) +{ struct trusted_dom_pass pass; ZERO_STRUCT(pass); - + /* unicode domain name and its length */ if (!uni_dom_name) return False; @@ -357,11 +346,9 @@ BOOL secrets_store_trusted_domain_password(const char* domain, smb_ucs2_t *uni_d fstrcpy(pass.pass, pwd); /* domain sid */ - sid_copy(&pass.domain_sid, &sid); - - pass_len = tdb_trusted_dom_pass_pack(pass_buf, pass_buf_len, &pass); + memcpy(&(pass.domain_sid), &sid, sizeof(sid)); - return secrets_store(trustdom_keystr(domain), (void *)&pass_buf, pass_len); + return secrets_store(trustdom_keystr(domain), (void *)&pass, sizeof(pass)); } /************************************************************************ @@ -488,10 +475,9 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in char *pattern; unsigned int start_idx; uint32 idx = 0; - size_t size, packed_size = 0; + size_t size; fstring dom_name; - char *packed_pass; - struct trusted_dom_pass *pass = talloc_zero(ctx, sizeof(struct trusted_dom_pass)); + struct trusted_dom_pass *pass; NTSTATUS status; if (!secrets_init()) return NT_STATUS_ACCESS_DENIED; @@ -519,7 +505,7 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in */ status = NT_STATUS_NO_MORE_ENTRIES; - /* searching for keys in secrets db -- way to go ... */ + /* searching for keys in sectrets db -- way to go ... */ for (k = keys; k; k = k->next) { char *secrets_key; @@ -530,19 +516,14 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in return NT_STATUS_NO_MEMORY; } - packed_pass = secrets_fetch(secrets_key, &size); - packed_size = tdb_trusted_dom_pass_unpack(packed_pass, size, pass); - - if (size != packed_size) { + pass = secrets_fetch(secrets_key, &size); + + if (size != sizeof(*pass)) { DEBUG(2, ("Secrets record %s is invalid!\n", secrets_key)); - if (size) SAFE_FREE(packed_pass); - + SAFE_FREE(pass); continue; } - /* packed representation isn't needed anymore */ - SAFE_FREE(packed_pass); - pull_ucs2_fstring(dom_name, pass->uni_name); DEBUG(18, ("Fetched secret record num %d.\nDomain name: %s, SID: %s\n", idx, dom_name, sid_string_static(&pass->domain_sid))); @@ -553,6 +534,8 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in dom = talloc_zero(ctx, sizeof(*dom)); if (!dom) { /* free returned tdb record */ + SAFE_FREE(pass); + return NT_STATUS_NO_MEMORY; } @@ -586,7 +569,10 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in start_idx, max_num_domains)); } - idx++; + idx++; + + /* free returned tdb record */ + SAFE_FREE(pass); } DEBUG(5, ("secrets_get_trusted_domains: got %d domains\n", *num_domains)); @@ -609,9 +595,9 @@ BOOL secrets_named_mutex(const char *name, unsigned int timeout) if (!message_init()) return False; - ret = tdb_lock_bystring(tdb, name, timeout); - if (ret == 0) - DEBUG(10,("secrets_named_mutex: got mutex for %s\n", name )); + ret = tdb_lock_bystring(tdb, name, timeout); + if (ret == 0) + DEBUG(10,("secrets_named_mutex: got mutex for %s\n", name )); return (ret == 0); } @@ -622,8 +608,8 @@ BOOL secrets_named_mutex(const char *name, unsigned int timeout) void secrets_named_mutex_release(const char *name) { - tdb_unlock_bystring(tdb, name); - DEBUG(10,("secrets_named_mutex: released mutex for %s\n", name )); + tdb_unlock_bystring(tdb, name); + DEBUG(10,("secrets_named_mutex: released mutex for %s\n", name )); } /********************************************************* diff --git a/source3/python/py_smb.c b/source3/python/py_smb.c index d37b73cceb..8d81176e4d 100644 --- a/source3/python/py_smb.c +++ b/source3/python/py_smb.c @@ -165,8 +165,8 @@ static PyObject *py_smb_nt_create_andx(PyObject *self, PyObject *args, return NULL; result = cli_nt_create_full( - cli->cli, filename, 0, desired_access, file_attributes, - share_access, create_disposition, create_options, 0); + cli->cli, filename, desired_access, file_attributes, + share_access, create_disposition, create_options); if (cli_is_error(cli->cli)) { PyErr_SetString(PyExc_RuntimeError, "nt_create_andx failed"); diff --git a/source3/python/py_winbind.c b/source3/python/py_winbind.c index 0c40861c70..db66be2321 100644 --- a/source3/python/py_winbind.c +++ b/source3/python/py_winbind.c @@ -261,12 +261,12 @@ static PyObject *py_config_dict(void) /* Winbind uid/gid range */ - if (lp_idmap_uid(&ulow, &uhi)) { + if (lp_winbind_uid(&ulow, &uhi)) { PyDict_SetItemString(result, "uid_low", PyInt_FromLong(ulow)); PyDict_SetItemString(result, "uid_high", PyInt_FromLong(uhi)); } - if (lp_idmap_gid(&glow, &ghi)) { + if (lp_winbind_gid(&glow, &ghi)) { PyDict_SetItemString(result, "gid_low", PyInt_FromLong(glow)); PyDict_SetItemString(result, "gid_high", PyInt_FromLong(ghi)); } diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index 9002ad3d1b..db873236e4 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -1164,7 +1164,7 @@ NTSTATUS cli_lsa_enum_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx, LSA_Q_ENUM_ACCT_RIGHTS q; LSA_R_ENUM_ACCT_RIGHTS r; NTSTATUS result; - unsigned int i; + int i; ZERO_STRUCT(q); ZERO_STRUCT(r); @@ -1199,7 +1199,7 @@ NTSTATUS cli_lsa_enum_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx, *privs_name = (char **)talloc(mem_ctx, (*count) * sizeof(char **)); for (i=0;i<*count;i++) { - (*privs_name)[i] = unistr2_tdup(mem_ctx, &r.rights.strings[i].string); + pull_ucs2_talloc(mem_ctx, &(*privs_name)[i], r.rights.strings[i].string.buffer); } done: @@ -1293,58 +1293,6 @@ done: } -/* list account SIDs that have the specified right */ - -NTSTATUS cli_lsa_enum_account_with_right(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol, const char *right, - uint32 *count, DOM_SID **sids) -{ - prs_struct qbuf, rbuf; - LSA_Q_ENUM_ACCT_WITH_RIGHT q; - LSA_R_ENUM_ACCT_WITH_RIGHT r; - NTSTATUS result; - - ZERO_STRUCT(q); - - /* Initialise parse structures */ - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Marshall data and send request */ - init_q_enum_acct_with_right(&q, pol, right); - - if (!lsa_io_q_enum_acct_with_right("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, LSA_ENUMACCTWITHRIGHT, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_enum_acct_with_right("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - *count = r.count; - - if (!NT_STATUS_IS_OK(result = r.status)) { - goto done; - } - - if (*count) { - int i; - (*sids) = (DOM_SID *)talloc(mem_ctx, sizeof(DOM_SID) * (*count)); - for (i=0; i<*count; i++) { - sid_copy(&(*sids)[i], &r.sids.sids[i].sid.sid); - } - } -done: - - return result; -} - - #if 0 /** An example of how to use the routines in this file. Fetch a DOMAIN diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index fc9999dc4d..0b45c0baf3 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -2219,21 +2219,18 @@ BOOL lsa_io_r_query_info2(const char *desc, LSA_R_QUERY_INFO2 *r_c, if(!prs_uint32("ptr", ps, depth, &r_c->ptr)) return False; - - if (r_c->ptr != 0) { - if(!prs_uint16("info_class", ps, depth, &r_c->info_class)) + if(!prs_uint16("info_class", ps, depth, &r_c->info_class)) + return False; + switch(r_c->info_class) { + case 0x000c: + if (!lsa_io_dns_dom_info("info12", &r_c->info.dns_dom_info, + ps, depth)) return False; - switch(r_c->info_class) { - case 0x000c: - if (!lsa_io_dns_dom_info("info12", &r_c->info.dns_dom_info, - ps, depth)) - return False; break; - default: - DEBUG(0,("lsa_io_r_query_info2: unknown info class %d\n", - r_c->info_class)); - return False; - } + default: + DEBUG(0,("lsa_io_r_query_info2: unknown info class %d\n", + r_c->info_class)); + return False; } if(!prs_align(ps)) @@ -2304,19 +2301,6 @@ BOOL lsa_io_r_enum_acct_rights(const char *desc, LSA_R_ENUM_ACCT_RIGHTS *r_c, pr return True; } -/******************************************************************* - Inits an LSA_R_ENUM_ACCT_RIGHTS structure. -********************************************************************/ -void init_r_enum_acct_rights(LSA_R_ENUM_ACCT_RIGHTS *q_r, - uint32 count, - const char **rights) -{ - DEBUG(5, ("init_r_enum_acct_rights\n")); - - q_r->count = count; - init_unistr2_array(&q_r->rights, count, rights); -} - /******************************************************************* Inits an LSA_Q_ADD_ACCT_RIGHTS structure. @@ -2332,6 +2316,7 @@ void init_q_add_acct_rights(LSA_Q_ADD_ACCT_RIGHTS *q_q, q_q->pol = *hnd; init_dom_sid2(&q_q->sid, sid); init_unistr2_array(&q_q->rights, count, rights); + q_q->count = 5; } @@ -2372,15 +2357,6 @@ BOOL lsa_io_r_add_acct_rights(const char *desc, LSA_R_ADD_ACCT_RIGHTS *r_c, prs_ return True; } -/******************************************************************* - Inits an LSA_R_ADD_ACCT_RIGHTS structure. -********************************************************************/ -void init_r_add_acct_rights(LSA_R_ADD_ACCT_RIGHTS *q_r) -{ - DEBUG(5, ("init_r_add_acct_rights\n")); - /* oh what a silly function! */ -} - /******************************************************************* Inits an LSA_Q_REMOVE_ACCT_RIGHTS structure. @@ -2398,6 +2374,7 @@ void init_q_remove_acct_rights(LSA_Q_REMOVE_ACCT_RIGHTS *q_q, init_dom_sid2(&q_q->sid, sid); q_q->removeall = removeall; init_unistr2_array(&q_q->rights, count, rights); + q_q->count = 5; } @@ -2428,7 +2405,7 @@ BOOL lsa_io_q_remove_acct_rights(const char *desc, LSA_Q_REMOVE_ACCT_RIGHTS *q_q } /******************************************************************* -reads or writes a LSA_R_REMOVE_ACCT_RIGHTS structure. +reads or writes a LSA_R_ENUM_ACCT_RIGHTS structure. ********************************************************************/ BOOL lsa_io_r_remove_acct_rights(const char *desc, LSA_R_REMOVE_ACCT_RIGHTS *r_c, prs_struct *ps, int depth) { @@ -2440,89 +2417,3 @@ BOOL lsa_io_r_remove_acct_rights(const char *desc, LSA_R_REMOVE_ACCT_RIGHTS *r_c return True; } - -/******************************************************************* - Inits an LSA_R_REMOVE_ACCT_RIGHTS structure. -********************************************************************/ -void init_r_remove_acct_rights(LSA_R_REMOVE_ACCT_RIGHTS *q_r) -{ - DEBUG(5, ("init_r_remove_acct_rights\n")); -} - -/******************************************************************* - Inits an LSA_Q_ENUM_ACCT_WITH_RIGHT structure. -********************************************************************/ -void init_q_enum_acct_with_right(LSA_Q_ENUM_ACCT_WITH_RIGHT *q_q, - POLICY_HND *hnd, - const char *right) -{ - DEBUG(5, ("init_q_enum_acct_with_right\n")); - - q_q->pol = *hnd; - init_unistr2(&q_q->right, right, strlen(right)); - init_str_hdr(&q_q->right_hdr, - q_q->right.uni_max_len*2, - q_q->right.uni_max_len*2, right?1:0); -} - - -/******************************************************************* -reads or writes a LSA_Q_ENUM_ACCT_WITH_RIGHT structure. -********************************************************************/ -BOOL lsa_io_q_enum_acct_with_right(const char *desc, LSA_Q_ENUM_ACCT_WITH_RIGHT *q_q, prs_struct *ps, int depth) -{ - prs_debug(ps, depth, desc, "lsa_io_q_enum_acct_with_right"); - depth++; - - if (!smb_io_pol_hnd("", &q_q->pol, ps, depth)) - return False; - - if (!prs_uint32("ref_id ", ps, depth, &q_q->right_hdr.buffer)) - return False; - - if (UNMARSHALLING(ps) && q_q->right_hdr.buffer == 0) { - return True; - } - - if (!smb_io_strhdr("", &q_q->right_hdr, ps, depth)) - return False; - - if (!smb_io_unistr2("", &q_q->right, q_q->right_hdr.buffer, ps, depth)) - return False; - - return True; -} - - -/******************************************************************* -reads or writes a LSA_R_ENUM_ACCT_WITH_RIGHT structure. -********************************************************************/ -BOOL lsa_io_r_enum_acct_with_right(const char *desc, LSA_R_ENUM_ACCT_WITH_RIGHT *r_c, prs_struct *ps, int depth) -{ - prs_debug(ps, depth, desc, "lsa_io_r_enum_acct_with_right"); - depth++; - - if (!prs_uint32("count ", ps, depth, &r_c->count)) - return False; - - if (!smb_io_sid_array("sids ", &r_c->sids, ps, depth)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_c->status)) - return False; - - return True; -} - -/******************************************************************* - Inits an LSA_R_ENUM_ACCT_WITH_RIGHT structure. -********************************************************************/ -void init_r_enum_acct_with_right(LSA_R_ENUM_ACCT_WITH_RIGHT *r_c, - uint32 count, - DOM_SID *sids) -{ - DEBUG(5, ("init_r_enum_acct_with_right\n")); - - r_c->count = count; - init_sid_array(&r_c->sids, count, sids); -} diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c index a39e3391bb..f0d4c67d9f 100644 --- a/source3/rpc_parse/parse_misc.c +++ b/source3/rpc_parse/parse_misc.c @@ -1122,78 +1122,6 @@ BOOL smb_io_unistr2_array(const char *desc, UNISTR2_ARRAY *array, prs_struct *ps } -/* - initialise a SID_ARRAY from a list of sids -*/ -BOOL init_sid_array(SID_ARRAY *array, - uint32 count, DOM_SID *sids) -{ - unsigned int i; - - array->count = count; - array->ref_id = count?1:0; - if (array->count == 0) { - return True; - } - - array->sids = (SID_ARRAY_EL *)talloc_zero(get_talloc_ctx(), count * sizeof(SID_ARRAY_EL)); - if (!array->sids) { - return False; - } - - for (i=0;i<count;i++) { - array->sids[i].ref_id = 1; - init_dom_sid2(&array->sids[i].sid, &sids[i]); - } - - return True; -} - - -/******************************************************************* - Reads or writes a SID_ARRAY structure. -********************************************************************/ -BOOL smb_io_sid_array(const char *desc, SID_ARRAY *array, prs_struct *ps, int depth) -{ - unsigned int i; - - prs_debug(ps, depth, desc, "smb_io_sid_array"); - depth++; - - if(!prs_uint32("ref_id", ps, depth, &array->ref_id)) - return False; - - if (! array->ref_id) { - return True; - } - - if(!prs_uint32("count", ps, depth, &array->count)) - return False; - - if (array->count == 0) { - return True; - } - - if (UNMARSHALLING(ps)) { - array->sids = talloc_zero(get_talloc_ctx(), array->count * sizeof(array->sids[0])); - } - if (! array->sids) { - return False; - } - - for (i=0;i<array->count;i++) { - if(!prs_uint32("ref_id", ps, depth, &array->sids[i].ref_id)) - return False; - } - - for (i=0;i<array->count;i++) { - if (!smb_io_dom_sid2("sid", &array->sids[i].sid, ps, depth)) - return False; - } - - return True; -} - /******************************************************************* Inits a DOM_RID2 structure. ********************************************************************/ @@ -1289,22 +1217,22 @@ void init_dom_rid4(DOM_RID4 *rid4, uint16 unknown, uint16 attr, uint32 rid) Inits a DOM_CLNT_SRV structure. ********************************************************************/ -static void init_clnt_srv(DOM_CLNT_SRV *dlog, const char *logon_srv, const char *comp_name) +static void init_clnt_srv(DOM_CLNT_SRV *log, const char *logon_srv, const char *comp_name) { DEBUG(5,("init_clnt_srv: %d\n", __LINE__)); if (logon_srv != NULL) { - dlog->undoc_buffer = 1; - init_unistr2(&dlog->uni_logon_srv, logon_srv, strlen(logon_srv)+1); + log->undoc_buffer = 1; + init_unistr2(&log->uni_logon_srv, logon_srv, strlen(logon_srv)+1); } else { - dlog->undoc_buffer = 0; + log->undoc_buffer = 0; } if (comp_name != NULL) { - dlog->undoc_buffer2 = 1; - init_unistr2(&dlog->uni_comp_name, comp_name, strlen(comp_name)+1); + log->undoc_buffer2 = 1; + init_unistr2(&log->uni_comp_name, comp_name, strlen(comp_name)+1); } else { - dlog->undoc_buffer2 = 0; + log->undoc_buffer2 = 0; } } @@ -1312,9 +1240,9 @@ static void init_clnt_srv(DOM_CLNT_SRV *dlog, const char *logon_srv, const char Inits or writes a DOM_CLNT_SRV structure. ********************************************************************/ -static BOOL smb_io_clnt_srv(const char *desc, DOM_CLNT_SRV *dlog, prs_struct *ps, int depth) +static BOOL smb_io_clnt_srv(const char *desc, DOM_CLNT_SRV *log, prs_struct *ps, int depth) { - if (dlog == NULL) + if (log == NULL) return False; prs_debug(ps, depth, desc, "smb_io_clnt_srv"); @@ -1323,22 +1251,22 @@ static BOOL smb_io_clnt_srv(const char *desc, DOM_CLNT_SRV *dlog, prs_struct *ps if(!prs_align(ps)) return False; - if(!prs_uint32("undoc_buffer ", ps, depth, &dlog->undoc_buffer)) + if(!prs_uint32("undoc_buffer ", ps, depth, &log->undoc_buffer)) return False; - if (dlog->undoc_buffer != 0) { - if(!smb_io_unistr2("unistr2", &dlog->uni_logon_srv, dlog->undoc_buffer, ps, depth)) + if (log->undoc_buffer != 0) { + if(!smb_io_unistr2("unistr2", &log->uni_logon_srv, log->undoc_buffer, ps, depth)) return False; } if(!prs_align(ps)) return False; - if(!prs_uint32("undoc_buffer2", ps, depth, &dlog->undoc_buffer2)) + if(!prs_uint32("undoc_buffer2", ps, depth, &log->undoc_buffer2)) return False; - if (dlog->undoc_buffer2 != 0) { - if(!smb_io_unistr2("unistr2", &dlog->uni_comp_name, dlog->undoc_buffer2, ps, depth)) + if (log->undoc_buffer2 != 0) { + if(!smb_io_unistr2("unistr2", &log->uni_comp_name, log->undoc_buffer2, ps, depth)) return False; } @@ -1349,28 +1277,28 @@ static BOOL smb_io_clnt_srv(const char *desc, DOM_CLNT_SRV *dlog, prs_struct *ps Inits a DOM_LOG_INFO structure. ********************************************************************/ -void init_log_info(DOM_LOG_INFO *dlog, const char *logon_srv, const char *acct_name, +void init_log_info(DOM_LOG_INFO *log, const char *logon_srv, const char *acct_name, uint16 sec_chan, const char *comp_name) { DEBUG(5,("make_log_info %d\n", __LINE__)); - dlog->undoc_buffer = 1; + log->undoc_buffer = 1; - init_unistr2(&dlog->uni_logon_srv, logon_srv, strlen(logon_srv)+1); - init_unistr2(&dlog->uni_acct_name, acct_name, strlen(acct_name)+1); + init_unistr2(&log->uni_logon_srv, logon_srv, strlen(logon_srv)+1); + init_unistr2(&log->uni_acct_name, acct_name, strlen(acct_name)+1); - dlog->sec_chan = sec_chan; + log->sec_chan = sec_chan; - init_unistr2(&dlog->uni_comp_name, comp_name, strlen(comp_name)+1); + init_unistr2(&log->uni_comp_name, comp_name, strlen(comp_name)+1); } /******************************************************************* Reads or writes a DOM_LOG_INFO structure. ********************************************************************/ -BOOL smb_io_log_info(const char *desc, DOM_LOG_INFO *dlog, prs_struct *ps, int depth) +BOOL smb_io_log_info(const char *desc, DOM_LOG_INFO *log, prs_struct *ps, int depth) { - if (dlog == NULL) + if (log == NULL) return False; prs_debug(ps, depth, desc, "smb_io_log_info"); @@ -1379,18 +1307,18 @@ BOOL smb_io_log_info(const char *desc, DOM_LOG_INFO *dlog, prs_struct *ps, int d if(!prs_align(ps)) return False; - if(!prs_uint32("undoc_buffer", ps, depth, &dlog->undoc_buffer)) + if(!prs_uint32("undoc_buffer", ps, depth, &log->undoc_buffer)) return False; - if(!smb_io_unistr2("unistr2", &dlog->uni_logon_srv, True, ps, depth)) + if(!smb_io_unistr2("unistr2", &log->uni_logon_srv, True, ps, depth)) return False; - if(!smb_io_unistr2("unistr2", &dlog->uni_acct_name, True, ps, depth)) + if(!smb_io_unistr2("unistr2", &log->uni_acct_name, True, ps, depth)) return False; - if(!prs_uint16("sec_chan", ps, depth, &dlog->sec_chan)) + if(!prs_uint16("sec_chan", ps, depth, &log->sec_chan)) return False; - if(!smb_io_unistr2("unistr2", &dlog->uni_comp_name, True, ps, depth)) + if(!smb_io_unistr2("unistr2", &log->uni_comp_name, True, ps, depth)) return False; return True; @@ -1529,21 +1457,21 @@ BOOL smb_io_clnt_info(const char *desc, DOM_CLNT_INFO *clnt, prs_struct *ps, in Inits a DOM_LOGON_ID structure. ********************************************************************/ -void init_logon_id(DOM_LOGON_ID *dlog, uint32 log_id_low, uint32 log_id_high) +void init_logon_id(DOM_LOGON_ID *log, uint32 log_id_low, uint32 log_id_high) { DEBUG(5,("make_logon_id: %d\n", __LINE__)); - dlog->low = log_id_low; - dlog->high = log_id_high; + log->low = log_id_low; + log->high = log_id_high; } /******************************************************************* Reads or writes a DOM_LOGON_ID structure. ********************************************************************/ -BOOL smb_io_logon_id(const char *desc, DOM_LOGON_ID *dlog, prs_struct *ps, int depth) +BOOL smb_io_logon_id(const char *desc, DOM_LOGON_ID *log, prs_struct *ps, int depth) { - if (dlog == NULL) + if (log == NULL) return False; prs_debug(ps, depth, desc, "smb_io_logon_id"); @@ -1552,9 +1480,9 @@ BOOL smb_io_logon_id(const char *desc, DOM_LOGON_ID *dlog, prs_struct *ps, int d if(!prs_align(ps)) return False; - if(!prs_uint32("low ", ps, depth, &dlog->low )) + if(!prs_uint32("low ", ps, depth, &log->low )) return False; - if(!prs_uint32("high", ps, depth, &dlog->high)) + if(!prs_uint32("high", ps, depth, &log->high)) return False; return True; diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c index a660084250..163e6bab3c 100644 --- a/source3/rpc_parse/parse_net.c +++ b/source3/rpc_parse/parse_net.c @@ -1808,9 +1808,9 @@ static BOOL net_io_sam_domain_info(const char *desc, SAM_DOMAIN_INFO * info, if (!smb_io_unihdr("hdr_unknown", &info->hdr_unknown, ps, depth)) return False; - if (prs_offset(ps) + 40 > prs_data_size(ps)) + if (ps->data_offset + 40 > ps->buffer_size) return False; - prs_set_offset(ps, prs_offset(ps) + 40); + ps->data_offset += 40; if (!smb_io_unistr2("uni_dom_name", &info->uni_dom_name, info->hdr_dom_name.buffer, ps, depth)) @@ -1847,9 +1847,9 @@ static BOOL net_io_sam_group_info(const char *desc, SAM_GROUP_INFO * info, if (!smb_io_bufhdr2("hdr_sec_desc", &info->hdr_sec_desc, ps, depth)) return False; - if (prs_offset(ps) + 48 > prs_data_size(ps)) + if (ps->data_offset + 48 > ps->buffer_size) return False; - prs_set_offset(ps, prs_offset(ps) + 48); + ps->data_offset += 48; if (!smb_io_unistr2("uni_grp_name", &info->uni_grp_name, info->hdr_grp_name.buffer, ps, depth)) @@ -2128,13 +2128,13 @@ static BOOL net_io_sam_account_info(const char *desc, uint8 sess_key[16], uint32 len = 0x44; if (!prs_uint32("pwd_len", ps, depth, &len)) return False; - old_offset = prs_offset(ps); + old_offset = ps->data_offset; if (len == 0x44) { if (ps->io) { /* reading */ - if (!prs_hash1(ps, prs_offset(ps), sess_key)) + if (!prs_hash1(ps, ps->data_offset, sess_key)) return False; } if (!net_io_sam_passwd_info("pass", &info->pass, @@ -2148,9 +2148,9 @@ static BOOL net_io_sam_account_info(const char *desc, uint8 sess_key[16], return False; } } - if (old_offset + len > prs_data_size(ps)) + if (old_offset + len > ps->buffer_size) return False; - prs_set_offset(ps, old_offset + len); + ps->data_offset = old_offset + len; } if (!smb_io_buffer4("buf_sec_desc", &info->buf_sec_desc, info->hdr_sec_desc.buffer, ps, depth)) @@ -2185,9 +2185,9 @@ static BOOL net_io_sam_group_mem_info(const char *desc, SAM_GROUP_MEM_INFO * inf if (!prs_uint32("num_members", ps, depth, &info->num_members)) return False; - if (prs_offset(ps) + 16 > prs_data_size(ps)) + if (ps->data_offset + 16 > ps->buffer_size) return False; - prs_set_offset(ps, prs_offset(ps) + 16); + ps->data_offset += 16; if (info->ptr_rids != 0) { @@ -2267,9 +2267,9 @@ static BOOL net_io_sam_alias_info(const char *desc, SAM_ALIAS_INFO * info, if (!smb_io_unihdr("hdr_als_desc", &info->hdr_als_desc, ps, depth)) return False; - if (prs_offset(ps) + 40 > prs_data_size(ps)) + if (ps->data_offset + 40 > ps->buffer_size) return False; - prs_set_offset(ps, prs_offset(ps) + 40); + ps->data_offset += 40; if (!smb_io_unistr2("uni_als_name", &info->uni_als_name, info->hdr_als_name.buffer, ps, depth)) @@ -2304,9 +2304,9 @@ static BOOL net_io_sam_alias_mem_info(const char *desc, SAM_ALIAS_MEM_INFO * inf if (info->ptr_members != 0) { - if (prs_offset(ps) + 16 > prs_data_size(ps)) + if (ps->data_offset + 16 > ps->buffer_size) return False; - prs_set_offset(ps, prs_offset(ps) + 16); + ps->data_offset += 16; if (!prs_uint32("num_sids", ps, depth, &info->num_sids)) return False; diff --git a/source3/rpc_parse/parse_sec.c b/source3/rpc_parse/parse_sec.c index 081173cf8d..47300e083a 100644 --- a/source3/rpc_parse/parse_sec.c +++ b/source3/rpc_parse/parse_sec.c @@ -570,6 +570,24 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU } /******************************************************************* + Tallocs a duplicate SID. +********************************************************************/ + +static DOM_SID *sid_dup_talloc(TALLOC_CTX *ctx, DOM_SID *src) +{ + DOM_SID *dst; + + if(!src) + return NULL; + + if((dst = talloc_zero(ctx, sizeof(DOM_SID))) != NULL) { + sid_copy( dst, src); + } + + return dst; +} + +/******************************************************************* Creates a SEC_DESC structure ********************************************************************/ diff --git a/source3/rpc_server/srv_dfs.c b/source3/rpc_server/srv_dfs.c index 0807efd550..f6e9ca3d56 100644 --- a/source3/rpc_server/srv_dfs.c +++ b/source3/rpc_server/srv_dfs.c @@ -158,7 +158,11 @@ static BOOL api_dfs_enum(pipes_struct *p) \pipe\netdfs commands ********************************************************************/ +#ifdef RPC_DFS_DYNAMIC +int rpc_pipe_init(void) +#else int rpc_dfs_init(void) +#endif { struct api_struct api_netdfs_cmds[] = { diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c index bfa706acf2..11388a00b1 100644 --- a/source3/rpc_server/srv_lsa.c +++ b/source3/rpc_server/srv_lsa.c @@ -642,164 +642,38 @@ static BOOL api_lsa_query_info2(pipes_struct *p) } - -/*************************************************************************** - api_lsa_enum_acctrights - ***************************************************************************/ -static BOOL api_lsa_enum_acct_rights(pipes_struct *p) -{ - LSA_Q_ENUM_ACCT_RIGHTS q_u; - LSA_R_ENUM_ACCT_RIGHTS r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!lsa_io_q_enum_acct_rights("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_enum_acct_rights: failed to unmarshall LSA_Q_ENUM_ACCT_RIGHTS.\n")); - return False; - } - - r_u.status = _lsa_enum_acct_rights(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_enum_acct_rights("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_enum_acct_rights: Failed to marshall LSA_R_ENUM_ACCT_RIGHTS.\n")); - return False; - } - - return True; -} - - -/*************************************************************************** - api_lsa_enum_acct_with_right - ***************************************************************************/ -static BOOL api_lsa_enum_acct_with_right(pipes_struct *p) -{ - LSA_Q_ENUM_ACCT_WITH_RIGHT q_u; - LSA_R_ENUM_ACCT_WITH_RIGHT r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!lsa_io_q_enum_acct_with_right("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_enum_acct_with_right: failed to unmarshall LSA_Q_ENUM_ACCT_WITH_RIGHT.\n")); - return False; - } - - r_u.status = _lsa_enum_acct_with_right(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_enum_acct_with_right("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_enum_acct_with_right: Failed to marshall LSA_R_ENUM_ACCT_WITH_RIGHT.\n")); - return False; - } - - return True; -} - - -/*************************************************************************** - api_lsa_add_acctrights - ***************************************************************************/ -static BOOL api_lsa_add_acct_rights(pipes_struct *p) -{ - LSA_Q_ADD_ACCT_RIGHTS q_u; - LSA_R_ADD_ACCT_RIGHTS r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!lsa_io_q_add_acct_rights("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_add_acct_rights: failed to unmarshall LSA_Q_ADD_ACCT_RIGHTS.\n")); - return False; - } - - r_u.status = _lsa_add_acct_rights(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_add_acct_rights("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_add_acct_rights: Failed to marshall LSA_R_ADD_ACCT_RIGHTS.\n")); - return False; - } - - return True; -} - - -/*************************************************************************** - api_lsa_remove_acctrights - ***************************************************************************/ -static BOOL api_lsa_remove_acct_rights(pipes_struct *p) -{ - LSA_Q_REMOVE_ACCT_RIGHTS q_u; - LSA_R_REMOVE_ACCT_RIGHTS r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!lsa_io_q_remove_acct_rights("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_remove_acct_rights: failed to unmarshall LSA_Q_REMOVE_ACCT_RIGHTS.\n")); - return False; - } - - r_u.status = _lsa_remove_acct_rights(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_remove_acct_rights("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_remove_acct_rights: Failed to marshall LSA_R_REMOVE_ACCT_RIGHTS.\n")); - return False; - } - - return True; -} - - /*************************************************************************** \PIPE\ntlsa commands ***************************************************************************/ - +#ifdef RPC_LSA_DYNAMIC +int rpc_pipe_init(void) +#else int rpc_lsa_init(void) +#endif +{ +static const struct api_struct api_lsa_cmds[] = { - static const struct api_struct api_lsa_cmds[] = - { - { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2 , api_lsa_open_policy2 }, - { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy }, - { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info }, - { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom }, - { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close }, - { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret }, - { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids }, - { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names }, - { "LSA_ENUM_PRIVS" , LSA_ENUM_PRIVS , api_lsa_enum_privs }, - { "LSA_PRIV_GET_DISPNAME",LSA_PRIV_GET_DISPNAME,api_lsa_priv_get_dispname}, - { "LSA_ENUM_ACCOUNTS" , LSA_ENUM_ACCOUNTS , api_lsa_enum_accounts }, - { "LSA_UNK_GET_CONNUSER", LSA_UNK_GET_CONNUSER, api_lsa_unk_get_connuser }, - { "LSA_OPENACCOUNT" , LSA_OPENACCOUNT , api_lsa_open_account }, - { "LSA_ENUMPRIVSACCOUNT", LSA_ENUMPRIVSACCOUNT, api_lsa_enum_privsaccount}, - { "LSA_GETSYSTEMACCOUNT", LSA_GETSYSTEMACCOUNT, api_lsa_getsystemaccount }, - { "LSA_SETSYSTEMACCOUNT", LSA_SETSYSTEMACCOUNT, api_lsa_setsystemaccount }, - { "LSA_ADDPRIVS" , LSA_ADDPRIVS , api_lsa_addprivs }, - { "LSA_REMOVEPRIVS" , LSA_REMOVEPRIVS , api_lsa_removeprivs }, - { "LSA_QUERYSECOBJ" , LSA_QUERYSECOBJ , api_lsa_query_secobj }, - { "LSA_QUERYINFO2" , LSA_QUERYINFO2 , api_lsa_query_info2 }, - { "LSA_ENUMACCTRIGHTS" , LSA_ENUMACCTRIGHTS , api_lsa_enum_acct_rights }, - { "LSA_ENUMACCTWITHRIGHT", LSA_ENUMACCTWITHRIGHT, api_lsa_enum_acct_with_right }, - { "LSA_ADDACCTRIGHTS" , LSA_ADDACCTRIGHTS , api_lsa_add_acct_rights }, - { "LSA_REMOVEACCTRIGHTS", LSA_REMOVEACCTRIGHTS, api_lsa_remove_acct_rights}, - }; + { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2 , api_lsa_open_policy2 }, + { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy }, + { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info }, + { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom }, + { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close }, + { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret }, + { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids }, + { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names }, + { "LSA_ENUM_PRIVS" , LSA_ENUM_PRIVS , api_lsa_enum_privs }, + { "LSA_PRIV_GET_DISPNAME",LSA_PRIV_GET_DISPNAME,api_lsa_priv_get_dispname}, + { "LSA_ENUM_ACCOUNTS" , LSA_ENUM_ACCOUNTS , api_lsa_enum_accounts }, + { "LSA_UNK_GET_CONNUSER", LSA_UNK_GET_CONNUSER, api_lsa_unk_get_connuser }, + { "LSA_OPENACCOUNT" , LSA_OPENACCOUNT , api_lsa_open_account }, + { "LSA_ENUMPRIVSACCOUNT", LSA_ENUMPRIVSACCOUNT, api_lsa_enum_privsaccount}, + { "LSA_GETSYSTEMACCOUNT", LSA_GETSYSTEMACCOUNT, api_lsa_getsystemaccount }, + { "LSA_SETSYSTEMACCOUNT", LSA_SETSYSTEMACCOUNT, api_lsa_setsystemaccount }, + { "LSA_ADDPRIVS" , LSA_ADDPRIVS , api_lsa_addprivs }, + { "LSA_REMOVEPRIVS" , LSA_REMOVEPRIVS , api_lsa_removeprivs }, + { "LSA_QUERYSECOBJ" , LSA_QUERYSECOBJ , api_lsa_query_secobj }, + { "LSA_QUERYINFO2" , LSA_QUERYINFO2 , api_lsa_query_info2 } +}; return rpc_pipe_register_commands("lsarpc", "lsass", api_lsa_cmds, sizeof(api_lsa_cmds) / sizeof(struct api_struct)); diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index fb6538db39..10c583b70d 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -645,7 +645,7 @@ NTSTATUS _lsa_lookup_sids(pipes_struct *p, LSA_Q_LOOKUP_SIDS *q_u, LSA_R_LOOKUP_ num_entries = MAX_LOOKUP_SIDS; DEBUG(5,("_lsa_lookup_sids: truncating SID lookup list to %d\n", num_entries)); } - + ref = (DOM_R_REF *)talloc_zero(p->mem_ctx, sizeof(DOM_R_REF)); names = (LSA_TRANS_NAME_ENUM *)talloc_zero(p->mem_ctx, sizeof(LSA_TRANS_NAME_ENUM)); @@ -1265,140 +1265,3 @@ NTSTATUS _lsa_query_info2(pipes_struct *p, LSA_Q_QUERY_INFO2 *q_u, LSA_R_QUERY_I return r_u->status; } - - -/*************************************************************************** - For a given SID, enumerate all the privilege this account has. - ***************************************************************************/ -NTSTATUS _lsa_enum_acct_rights(pipes_struct *p, LSA_Q_ENUM_ACCT_RIGHTS *q_u, LSA_R_ENUM_ACCT_RIGHTS *r_u) -{ - struct lsa_info *info=NULL; - char **rights = NULL; - int num_rights = 0; - int i; - - r_u->status = NT_STATUS_OK; - - /* find the connection policy handle. */ - if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) - return NT_STATUS_INVALID_HANDLE; - - r_u->status = privilege_enum_account_rights(&q_u->sid.sid, &num_rights, &rights); - - init_r_enum_acct_rights(r_u, num_rights, (const char **)rights); - - for (i=0;i<num_rights;i++) { - free(rights[i]); - } - safe_free(rights); - - return r_u->status; -} - -/*************************************************************************** -return a list of SIDs for a particular privilege - ***************************************************************************/ -NTSTATUS _lsa_enum_acct_with_right(pipes_struct *p, - LSA_Q_ENUM_ACCT_WITH_RIGHT *q_u, - LSA_R_ENUM_ACCT_WITH_RIGHT *r_u) -{ - struct lsa_info *info=NULL; - char *right; - DOM_SID *sids = NULL; - uint32 count = 0; - - r_u->status = NT_STATUS_OK; - - /* find the connection policy handle. */ - if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) - return NT_STATUS_INVALID_HANDLE; - - right = unistr2_tdup(p->mem_ctx, &q_u->right); - - DEBUG(5,("lsa_enum_acct_with_right on right %s\n", right)); - - r_u->status = privilege_enum_account_with_right(right, &count, &sids); - - init_r_enum_acct_with_right(r_u, count, sids); - - safe_free(sids); - - return r_u->status; -} - -/*************************************************************************** - add privileges to a acct by SID - ***************************************************************************/ -NTSTATUS _lsa_add_acct_rights(pipes_struct *p, LSA_Q_ADD_ACCT_RIGHTS *q_u, LSA_R_ADD_ACCT_RIGHTS *r_u) -{ - struct lsa_info *info=NULL; - int i; - - r_u->status = NT_STATUS_OK; - - /* find the connection policy handle. */ - if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) - return NT_STATUS_INVALID_HANDLE; - - DEBUG(5,("_lsa_add_acct_rights to %s (%d rights)\n", - sid_string_static(&q_u->sid.sid), q_u->rights.count)); - - for (i=0;i<q_u->rights.count;i++) { - DEBUG(5,("\t%s\n", unistr2_static(&q_u->rights.strings[i].string))); - } - - - for (i=0;i<q_u->rights.count;i++) { - r_u->status = privilege_add_account_right(unistr2_static(&q_u->rights.strings[i].string), - &q_u->sid.sid); - if (!NT_STATUS_IS_OK(r_u->status)) { - DEBUG(2,("Failed to add right '%s'\n", - unistr2_static(&q_u->rights.strings[i].string))); - break; - } - } - - init_r_add_acct_rights(r_u); - - return r_u->status; -} - - -/*************************************************************************** - remove privileges from a acct by SID - ***************************************************************************/ -NTSTATUS _lsa_remove_acct_rights(pipes_struct *p, LSA_Q_REMOVE_ACCT_RIGHTS *q_u, LSA_R_REMOVE_ACCT_RIGHTS *r_u) -{ - struct lsa_info *info=NULL; - int i; - - r_u->status = NT_STATUS_OK; - - /* find the connection policy handle. */ - if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) - return NT_STATUS_INVALID_HANDLE; - - - DEBUG(5,("_lsa_remove_acct_rights from %s all=%d (%d rights)\n", - sid_string_static(&q_u->sid.sid), - q_u->removeall, - q_u->rights.count)); - - for (i=0;i<q_u->rights.count;i++) { - DEBUG(5,("\t%s\n", unistr2_static(&q_u->rights.strings[i].string))); - } - - for (i=0;i<q_u->rights.count;i++) { - r_u->status = privilege_remove_account_right(unistr2_static(&q_u->rights.strings[i].string), - &q_u->sid.sid); - if (!NT_STATUS_IS_OK(r_u->status)) { - DEBUG(2,("Failed to remove right '%s'\n", - unistr2_static(&q_u->rights.strings[i].string))); - break; - } - } - - init_r_remove_acct_rights(r_u); - - return r_u->status; -} diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index 7dc0f57f34..f377d3952b 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -321,7 +321,11 @@ static BOOL api_net_logon_ctrl(pipes_struct *p) array of \PIPE\NETLOGON operations ********************************************************************/ +#ifdef RPC_NETLOG_DYNAMIC +int rpc_pipe_init(void) +#else int rpc_net_init(void) +#endif { static struct api_struct api_net_cmds [] = { diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 43fbb4edaa..1a48435c9d 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -506,6 +506,46 @@ failed authentication on named pipe %s.\n", domain, user_name, wks, p->name )); The switch table for the pipe names and the functions to handle them. *******************************************************************/ +struct api_cmd +{ + const char *name; + int (*init)(void); +}; + +static struct api_cmd api_fd_commands[] = +{ +#ifndef RPC_LSA_DYNAMIC + { "lsarpc", rpc_lsa_init }, +#endif +#ifndef RPC_SAMR_DYNAMIC + { "samr", rpc_samr_init }, +#endif +#ifndef RPC_SVC_DYNAMIC + { "srvsvc", rpc_srv_init }, +#endif +#ifndef RPC_WKS_DYNAMIC + { "wkssvc", rpc_wks_init }, +#endif +#ifndef RPC_NETLOG_DYNAMIC + { "NETLOGON", rpc_net_init }, +#endif +#ifndef RPC_REG_DYNAMIC + { "winreg", rpc_reg_init }, +#endif +#ifndef RPC_SPOOLSS_DYNAMIC + { "spoolss", rpc_spoolss_init }, +#endif +#ifndef RPC_DFS_DYNAMIC + { "netdfs", rpc_dfs_init }, +#endif +#ifdef DEVELOPER +#ifndef RPC_ECHO_DYNAMIC + { "rpcecho", rpc_echo_init }, +#endif +#endif + { NULL, NULL } +}; + struct rpc_table { struct @@ -809,6 +849,47 @@ int rpc_pipe_register_commands(const char *clnt, const char *srv, const struct a } /******************************************************************* + Register commands to an RPC pipe +*******************************************************************/ +int rpc_load_module(const char *module) +{ +#ifdef HAVE_DLOPEN + void *handle; + int (*module_init)(void); + pstring full_path; + const char *error; + + pstrcpy(full_path, lib_path("rpc")); + pstrcat(full_path, "/librpc_"); + pstrcat(full_path, module); + pstrcat(full_path, "."); + pstrcat(full_path, shlib_ext()); + + handle = sys_dlopen(full_path, RTLD_LAZY); + if (!handle) { + DEBUG(0, ("Could not load requested pipe %s as %s\n", + module, full_path)); + DEBUG(0, (" Error: %s\n", dlerror())); + return 0; + } + + DEBUG(3, ("Module '%s' loaded\n", full_path)); + + module_init = sys_dlsym(handle, "rpc_pipe_init"); + if ((error = sys_dlerror()) != NULL) { + DEBUG(0, ("Error trying to resolve symbol 'rpc_pipe_init' in %s: %s\n", + full_path, error)); + return 0; + } + + return module_init(); +#else + DEBUG(0,("Attempting to load a dynamic RPC pipe when dlopen isn't available\n")); + return 0; +#endif +} + +/******************************************************************* Respond to a pipe bind request. *******************************************************************/ @@ -847,7 +928,14 @@ BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p) } if (i == rpc_lookup_size) { - if (!smb_probe_module("rpc", p->name)) { + for (i = 0; api_fd_commands[i].name; i++) { + if (strequal(api_fd_commands[i].name, p->name)) { + api_fd_commands[i].init(); + break; + } + } + + if (!api_fd_commands[i].name && !rpc_load_module(p->name)) { DEBUG(3,("api_pipe_bind_req: Unknown pipe name %s in bind request.\n", p->name )); if(!setup_bind_nak(p)) @@ -863,11 +951,6 @@ BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p) break; } } - - if (i == rpc_lookup_size) { - DEBUG(0, ("module %s doesn't provide functions for pipe %s!\n", p->name, p->name)); - return False; - } } /* decode the bind request */ @@ -1395,7 +1478,16 @@ BOOL api_pipe_request(pipes_struct *p) if (i == rpc_lookup_size) { - smb_probe_module("rpc", p->name); + for (i = 0; api_fd_commands[i].name; i++) { + if (strequal(api_fd_commands[i].name, p->name)) { + api_fd_commands[i].init(); + break; + } + } + + if (!api_fd_commands[i].name) { + rpc_load_module(p->name); + } for (i = 0; i < rpc_lookup_size; i++) { if (strequal(rpc_lookup[i].pipe.clnt, p->name)) { diff --git a/source3/rpc_server/srv_reg.c b/source3/rpc_server/srv_reg.c index f72d8e4f29..04960f8e3a 100644 --- a/source3/rpc_server/srv_reg.c +++ b/source3/rpc_server/srv_reg.c @@ -373,7 +373,11 @@ static BOOL api_reg_save_key(pipes_struct *p) array of \PIPE\reg operations ********************************************************************/ +#ifdef RPC_REG_DYNAMIC +int rpc_pipe_init(void) +#else int rpc_reg_init(void) +#endif { static struct api_struct api_reg_cmds[] = { diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index 67c092775b..3a31ec82e1 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -1443,7 +1443,11 @@ static BOOL api_samr_set_dom_info(pipes_struct *p) array of \PIPE\samr operations ********************************************************************/ +#ifdef RPC_SAMR_DYNAMIC +int rpc_pipe_init(void) +#else int rpc_samr_init(void) +#endif { static struct api_struct api_samr_cmds [] = { diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 6e1b6f2160..f174114473 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -915,7 +915,7 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM struct sys_grent *grp; struct passwd *pw; gid_t winbind_gid_low, winbind_gid_high; - BOOL winbind_groups_exist = lp_idmap_gid(&winbind_gid_low, &winbind_gid_high); + BOOL winbind_groups_exist = lp_winbind_gid(&winbind_gid_low, &winbind_gid_high); /* local aliases */ /* we return the UNIX groups here. This seems to be the right */ @@ -2324,11 +2324,11 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_ } else { DEBUG(3,("attempting to create non-unix account %s\n", account)); - } - - if (!pdb_set_username(sam_pass, account, PDB_CHANGED)) { - pdb_free_sam(&sam_pass); - return NT_STATUS_NO_MEMORY; + } + + if (!pdb_set_username(sam_pass, account, PDB_CHANGED)) { + pdb_free_sam(&sam_pass); + return NT_STATUS_NO_MEMORY; } pdb_set_acct_ctrl(sam_pass, acb_info, PDB_CHANGED); diff --git a/source3/rpc_server/srv_spoolss.c b/source3/rpc_server/srv_spoolss.c index a7dd7a6cef..5832ae876b 100755 --- a/source3/rpc_server/srv_spoolss.c +++ b/source3/rpc_server/srv_spoolss.c @@ -1580,7 +1580,11 @@ static BOOL api_spoolss_replycloseprinter(pipes_struct *p) \pipe\spoolss commands ********************************************************************/ +#ifdef RPC_SPOOLSS_DYNAMIC +int rpc_pipe_init(void) +#else int rpc_spoolss_init(void) +#endif { struct api_struct api_spoolss_cmds[] = { diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 026484d96d..f9788fc7f0 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1018,9 +1018,9 @@ static void send_notify2_changes( SPOOLSS_NOTIFY_MSG_CTR *ctr, uint32 idx ) } if ( sending_msg_count ) { - cli_spoolss_rrpcn( ¬ify_cli, mem_ctx, &p->notify.client_hnd, - data_len, data, p->notify.change, 0 ); - } + cli_spoolss_rrpcn( ¬ify_cli, mem_ctx, &p->notify.client_hnd, + data_len, data, p->notify.change, 0 ); + } } done: diff --git a/source3/rpc_server/srv_srvsvc.c b/source3/rpc_server/srv_srvsvc.c index 96820ae74b..983c660965 100644 --- a/source3/rpc_server/srv_srvsvc.c +++ b/source3/rpc_server/srv_srvsvc.c @@ -526,7 +526,11 @@ static BOOL api_srv_net_file_set_secdesc(pipes_struct *p) \PIPE\srvsvc commands ********************************************************************/ +#ifdef RPC_SVC_DYNAMIC +int rpc_pipe_init(void) +#else int rpc_srv_init(void) +#endif { static const struct api_struct api_srv_cmds[] = { diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 4d9130fb97..1a7b64858b 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -1840,8 +1840,6 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC struct current_user user; connection_struct *conn = NULL; BOOL became_user = False; - fstring dev; - fstrcpy(dev, "A:"); ZERO_STRUCT(st); @@ -1855,7 +1853,7 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC get_current_user(&user, p); become_root(); - conn = make_connection(qualname, null_pw, dev, user.vuid, &nt_status); + conn = make_connection(qualname, null_pw, "A:", user.vuid, &nt_status); unbecome_root(); if (conn == NULL) { @@ -1945,12 +1943,9 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_ struct current_user user; connection_struct *conn = NULL; BOOL became_user = False; - fstring dev; - fstrcpy(dev, "A:"); ZERO_STRUCT(st); - r_u->status = WERR_OK; unistr2_to_ascii(qualname, &q_u->uni_qual_name, sizeof(qualname)); @@ -1961,7 +1956,7 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_ get_current_user(&user, p); become_root(); - conn = make_connection(qualname, null_pw, dev, user.vuid, &nt_status); + conn = make_connection(qualname, null_pw, "A:", user.vuid, &nt_status); unbecome_root(); if (conn == NULL) { diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index 4656efb6fa..4eba9c7d1f 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -112,7 +112,7 @@ NTSTATUS get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups, ui *prids=NULL; *numgroups=0; - winbind_groups_exist = lp_idmap_gid(&winbind_gid_low, &winbind_gid_high); + winbind_groups_exist = lp_winbind_gid(&winbind_gid_low, &winbind_gid_high); DEBUG(10,("get_alias_user_groups: looking if SID %s is a member of groups in the SID domain %s\n", diff --git a/source3/rpc_server/srv_wkssvc.c b/source3/rpc_server/srv_wkssvc.c index ddcbadd1d4..1fed2cc6db 100644 --- a/source3/rpc_server/srv_wkssvc.c +++ b/source3/rpc_server/srv_wkssvc.c @@ -60,7 +60,11 @@ static BOOL api_wks_query_info(pipes_struct *p) \PIPE\wkssvc commands ********************************************************************/ +#ifdef RPC_WKS_DYNAMIC +int rpc_pipe_init(void) +#else int rpc_wks_init(void) +#endif { static struct api_struct api_wks_cmds[] = { diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index 808ef50a45..db74370bc0 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -543,50 +543,6 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli, } -/* Enumerate the accounts with a specific right */ - -static NTSTATUS cmd_lsa_enum_acct_with_right(struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, - const char **argv) -{ - POLICY_HND dom_pol; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - DOM_SID *sids; - uint32 count; - const char *right; - - int i; - - if (argc != 2 ) { - printf("Usage: %s <RIGHT>\n", argv[0]); - return NT_STATUS_OK; - } - - right = argv[1]; - - result = cli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, - &dom_pol); - - if (!NT_STATUS_IS_OK(result)) - goto done; - - result = cli_lsa_enum_account_with_right(cli, mem_ctx, &dom_pol, right, &count, &sids); - - if (!NT_STATUS_IS_OK(result)) - goto done; - - printf("found %d SIDs for '%s'\n", count, right); - - for (i = 0; i < count; i++) { - printf("\t%s\n", sid_string_static(&sids[i])); - } - - done: - return result; -} - - /* add some privileges to a SID via LsaAddAccountRights */ static NTSTATUS cmd_lsa_add_acct_rights(struct cli_state *cli, @@ -750,7 +706,6 @@ struct cmd_set lsarpc_commands[] = { { "lsaenumsid", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids, NULL, PI_LSARPC, "Enumerate the LSA SIDS", "" }, { "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, PI_LSARPC, "Enumerate the privileges of an SID", "" }, { "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, PI_LSARPC, "Enumerate the rights of an SID", "" }, - { "lsaenumacctwithright",RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_with_right,NULL, PI_LSARPC,"Enumerate accounts with a right", "" }, { "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, PI_LSARPC, "Add rights to an account", "" }, { "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, PI_LSARPC, "Remove rights from an account", "" }, { "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookupprivvalue, NULL, PI_LSARPC, "Get a privilege value given its name", "" }, diff --git a/source3/sam/SAM-interface_handles.txt b/source3/sam/SAM-interface_handles.txt deleted file mode 100644 index 1c164bd198..0000000000 --- a/source3/sam/SAM-interface_handles.txt +++ /dev/null @@ -1,123 +0,0 @@ -SAM API
-
-NTSTATUS sam_get_sec_obj(NT_USER_TOKEN *access, DOM_SID *sid, SEC_DESC **sd)
-NTSTATUS sam_set_sec_obj(NT_USER_TOKEN *access, DOM_SID *sid, SEC_DESC *sd)
-
-NTSTATUS sam_lookup_name(NT_USER_TOKEN *access, DOM_SID *domain, char *name, DOM_SID **sid, uint32 *type)
-NTSTATUS sam_lookup_sid(NT_USER_TOKEN *access, DOM_SID *sid, char **name, uint32 *type)
-
-
-Domain API
-
-NTSTATUS sam_update_domain(SAM_DOMAIN_HANDLE *domain)
-
-NTSTATUS sam_enum_domains(NT_USER_TOKEN *access, int32 *domain_count, DOM_SID **domains, char **domain_names)
-NTSTATUS sam_lookup_domain(NT_USER_TOKEN *access, char *domain, DOM_SID **domainsid)
-
-NTSTATUS sam_get_domain_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain)
-
-
-User API
-
-NTSTATUS sam_create_user(NT_USER_TOKEN *access, uint32 access_desired, SAM_USER_HANDLE **user)
-NTSTATUS sam_add_user(SAM_USER_HANDLE *user)
-NTSTATUS sam_update_user(SAM_USER_HANDLE *user)
-NTSTATUS sam_delete_user(SAM_USER_HANDLE * user)
-
-NTSTATUS sam_enum_users(NT_USER_TOKEN *access, DOM_SID *domain, int32 *user_count, SAM_USER_ENUM **users)
-
-NTSTATUS sam_get_user_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *usersid, SAM_USER_HANDLE **user)
-NTSTATUS sam_get_user_by_name(NT_USER_TOKEN *access, uint32 access_desired, char *domain, char *name, SAM_USER_HANDLE **user)
-
-
-Group API
-
-NTSTATUS sam_create_group(NT_USER_TOKEN *access, uint32 access_desired, uint32 typ, SAM_GROUP_HANDLE **group)
-NTSTATUS sam_add_group(SAM_GROUP_HANDLE *samgroup)
-NTSTATUS sam_update_group(SAM_GROUP_HANDLE *samgroup)
-NTSTATUS sam_delete_group(SAM_GROUP_HANDLE *groupsid)
-
-NTSTATUS sam_enum_groups(NT_USER_TOKEN *access, DOM_SID *domainsid, uint32 typ, uint32 *groups_count, SAM_GROUP_ENUM **groups)
-
-NTSTATUS sam_get_group_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *groupsid, SAM_GROUP_HANDLE **group)
-NTSTATUS sam_get_group_by_name(NT_USER_TOKEN *access, uint32 access_desired, char *domain, char *name, SAM_GROUP_HANDLE **group)
-
-NTSTATUS sam_add_member_to_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
-NTSTATUS sam_delete_member_from_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
-NTSTATUS sam_enum_groupmembers(SAM_GROUP_HANLDE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
-
-NTSTATUS sam_get_groups_of_user(SAM_USER_HANDLE *user, uint32 typ, uint32 *group_count, SAM_GROUP_ENUM **groups)
-
-
-
-structures
-
-typedef _SAM_GROUP_MEMBER {
- DOM_SID sid;
- BOOL group; /* specifies if it is a group or a user */
-
-} SAM_GROUP_MEMBER
-
-typedef struct sam_user_enum {
- DOM_SID sid;
- char *username;
- char *full_name;
- char *user_desc;
- uint16 acc_ctrl;
-} SAM_USER_ENUM;
-
-typedef struct sam_group_enum {
- DOM_SID sid;
- char *groupname;
- char *comment;
-} SAM_GROUP_ENUM
-
-NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, DOM_SID **sid)
-NTSTATUS sam_get_domain_num_users(SAM_DOMAIN_HANDLE *domain, uint32 *num_users)
-NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups)
-NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases)
-NTSTATUS sam_{get,set}_domain_name(SAM_DOMAIN_HANDLE *domain, char **domain_name)
-NTSTATUS sam_{get,set}_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name)
-NTSTATUS sam_{get,set}_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage)
-NTSTATUS sam_{get,set}_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage)
-NTSTATUS sam_{get,set}_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration)
-NTSTATUS sam_{get,set}_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count)
-NTSTATUS sam_{get,set}_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength)
-NTSTATUS sam_{get,set}_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uin16 *password_history)
-NTSTATUS sam_{get,set}_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count)
-NTSTATUS sam_{get,set}_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff)
-NTSTATUS sam_{get,set}_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange)
-
-NTSTATUS sam_get_user_sid(SAM_USER_HANDLE *user, DOM_SID **sid)
-NTSTATUS sam_{get,set}_user_pgroup(SAM_USER_HANDLE *user, DOM_SID **pgroup)
-NTSTATUS sam_{get,set}_user_name(SAM_USER_HANDLE *user, char **username)
-NTSTATUS sam_{get,set}_user_fullname(SAM_USER_HANDLE *user, char** fullname)
-NTSTATUS sam_{get,set}_user_description(SAM_USER_HANDLE *user, char **description)
-NTSTATUS sam_{get,set}_user_home_dir(SAM_USER_HANDLE *user, char **home_dir)
-NTSTATUS sam_{get,set}_user_dir_drive(SAM_USER_HANDLE *user, char **dir_drive)
-NTSTATUS sam_{get,set}_user_logon_script(SAM_USER_HANDLE *user, char **logon_script)
-NTSTATUS sam_{get,set}_user_profile_path(SAM_USER_HANDLE *user, char **profile_path)
-NTSTATUS sam_{get,set}_user_workstations(SAM_USER_HANDLE *user, char **workstations)
-NTSTATUS sam_{get,set}_user_munged_dial(SAM_USER_HANDLE *user, char **munged_dial)
-NTSTATUS sam_{get,set}_user_lm_pwd(SAM_USER_HANDLE *user, DATA_BLOB *lm_pwd)
-NTSTATUS sam_{get,set}_user_nt_pwd(SAM_USER_HANDLE *user, DATA_BLOB *nt_pwd)
-NTSTATUS sam_{get,set}_user_plain_pwd(SAM_USER_HANDLE *user, DATA_BLOB *plaintext_pwd)
-NTSTATUS sam_{get,set}_user_acct_ctrl(SAM_USER_HANDLE *user, uint16 *acct_ctrl)
-NTSTATUS sam_{get,set}_user_logon_divs(SAM_USER_HANDLE *user, uint16 *logon_divs)
-NTSTATUS sam_{get,set}_user_hours(SAM_USER_HANDLE *user, uint32 *hours_len, uint8 **hours)
-NTSTATUS sam_{get,set}_user_logon_time(SAM_USER_HANDLE *user, NTTIME *logon_time)
-NTSTATUS sam_{get,set}_user_logoff_time(SAM_USER_HANDLE *user, NTTIME *logoff_time)
-NTSTATUS sam_{get,set}_user_kickoff_time(SAM_USER_HANDLE *user, NTTIME kickoff_time)
-NTSTATUS sam_{get,set}_user_pwd_last_set(SAM_USER_HANDLE *user, NTTIME pwd_last_set)
-NTSTATUS sam_{get,set}_user_pwd_can_change(SAM_USER_HANDLE *user, NTTIME pwd_can_change)
-NTSTATUS sam_{get,set}_user_pwd_must_change(SAM_USER_HANDLE *user, NTTIME pwd_must_change)
-NTSTATUS sam_{get,set}_user_unknown_1(SAM_USER_HANDLE *user, char **unknown_1)
-NTSTATUS sam_{get,set}_user_unknown_2(SAM_USER_HANDLE *user, uint32 *unknown_2)
-NTSTATUS sam_{get,set}_user_unknown_3(SAM_USER_HANDLE *user, uint32 *unknown_3)
-NTSTATUS sam_{get,set}_user_unknown_4(SAM_USER_HANDLE *user, uint32 *unknown_4)
-
-NTSTATUS sam_get_group_sid(SAM_GROUP_HANDLE *group, DOM_SID **sid)
-NTSTATUS sam_get_group_typ(SAM_GROUP_HANDLE *group, uint32 *typ)
-NTSTATUS sam_{get,set}_group_name(SAM_GROUP_HANDLE *group, char **group_name)
-NTSTATUS sam_{get,set}_group_comment(SAM_GROUP_HANDLE *group, char **comment)
-NTSTATUS sam_{get,set}_group_priv_set(SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set)
\ No newline at end of file diff --git a/source3/sam/account.c b/source3/sam/account.c deleted file mode 100644 index b8336146cd..0000000000 --- a/source3/sam/account.c +++ /dev/null @@ -1,305 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Password and authentication handling - Copyright (C) Jeremy Allison 1996-2001 - Copyright (C) Luke Kenneth Casson Leighton 1996-1998 - Copyright (C) Gerald (Jerry) Carter 2000-2001 - Copyright (C) Andrew Bartlett 2001-2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -/************************************************************ - Fill the SAM_ACCOUNT_HANDLE with default values. - ***********************************************************/ - -static void sam_fill_default_account(SAM_ACCOUNT_HANDLE *account) -{ - ZERO_STRUCT(account->private); /* Don't touch the talloc context */ - - /* Don't change these timestamp settings without a good reason. - They are important for NT member server compatibility. */ - - /* FIXME: We should actually call get_nt_time_max() or sthng - * here */ - unix_to_nt_time(&(account->private.logoff_time),get_time_t_max()); - unix_to_nt_time(&(account->private.kickoff_time),get_time_t_max()); - unix_to_nt_time(&(account->private.pass_must_change_time),get_time_t_max()); - account->private.unknown_1 = 0x00ffffff; /* don't know */ - account->private.logon_divs = 168; /* hours per week */ - account->private.hours_len = 21; /* 21 times 8 bits = 168 */ - memset(account->private.hours, 0xff, account->private.hours_len); /* available at all hours */ - account->private.unknown_2 = 0x00000000; /* don't know */ - account->private.unknown_3 = 0x000004ec; /* don't know */ -} - -static void destroy_sam_talloc(SAM_ACCOUNT_HANDLE **account) -{ - if (*account) { - data_blob_clear_free(&((*account)->private.lm_pw)); - data_blob_clear_free(&((*account)->private.nt_pw)); - if((*account)->private.plaintext_pw!=NULL) - memset((*account)->private.plaintext_pw,'\0',strlen((*account)->private.plaintext_pw)); - - talloc_destroy((*account)->mem_ctx); - *account = NULL; - } -} - - -/********************************************************************** - Alloc memory and initialises a SAM_ACCOUNT_HANDLE on supplied mem_ctx. -***********************************************************************/ - -NTSTATUS sam_init_account_talloc(TALLOC_CTX *mem_ctx, SAM_ACCOUNT_HANDLE **account) -{ - SMB_ASSERT(*account != NULL); - - if (!mem_ctx) { - DEBUG(0,("sam_init_account_talloc: mem_ctx was NULL!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - *account=(SAM_ACCOUNT_HANDLE *)talloc(mem_ctx, sizeof(SAM_ACCOUNT_HANDLE)); - - if (*account==NULL) { - DEBUG(0,("sam_init_account_talloc: error while allocating memory\n")); - return NT_STATUS_NO_MEMORY; - } - - (*account)->mem_ctx = mem_ctx; - - (*account)->free_fn = NULL; - - sam_fill_default_account(*account); - - return NT_STATUS_OK; -} - - -/************************************************************* - Alloc memory and initialises a struct sam_passwd. - ************************************************************/ - -NTSTATUS sam_init_account(SAM_ACCOUNT_HANDLE **account) -{ - TALLOC_CTX *mem_ctx; - NTSTATUS nt_status; - - mem_ctx = talloc_init("sam internal SAM_ACCOUNT_HANDLE allocation"); - - if (!mem_ctx) { - DEBUG(0,("sam_init_account: error while doing talloc_init()\n")); - return NT_STATUS_NO_MEMORY; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_init_account_talloc(mem_ctx, account))) { - talloc_destroy(mem_ctx); - return nt_status; - } - - (*account)->free_fn = destroy_sam_talloc; - - return NT_STATUS_OK; -} - -/** - * Free the contents of the SAM_ACCOUNT_HANDLE, but not the structure. - * - * Also wipes the LM and NT hashes and plaintext password from - * memory. - * - * @param account SAM_ACCOUNT_HANDLE to free members of. - **/ - -static void sam_free_account_contents(SAM_ACCOUNT_HANDLE *account) -{ - - /* Kill off sensitive data. Free()ed by the - talloc mechinism */ - - data_blob_clear_free(&(account->private.lm_pw)); - data_blob_clear_free(&(account->private.nt_pw)); - if (account->private.plaintext_pw) - memset(account->private.plaintext_pw,'\0',strlen(account->private.plaintext_pw)); -} - - -/************************************************************ - Reset the SAM_ACCOUNT_HANDLE and free the NT/LM hashes. - ***********************************************************/ - -NTSTATUS sam_reset_sam(SAM_ACCOUNT_HANDLE *account) -{ - SMB_ASSERT(account != NULL); - - sam_free_account_contents(account); - - sam_fill_default_account(account); - - return NT_STATUS_OK; -} - - -/************************************************************ - Free the SAM_ACCOUNT_HANDLE and the member pointers. - ***********************************************************/ - -NTSTATUS sam_free_account(SAM_ACCOUNT_HANDLE **account) -{ - SMB_ASSERT(*account != NULL); - - sam_free_account_contents(*account); - - if ((*account)->free_fn) { - (*account)->free_fn(account); - } - - return NT_STATUS_OK; -} - - -/********************************************************** - Encode the account control bits into a string. - length = length of string to encode into (including terminating - null). length *MUST BE MORE THAN 2* ! - **********************************************************/ - -char *sam_encode_acct_ctrl(uint16 acct_ctrl, size_t length) -{ - static fstring acct_str; - size_t i = 0; - - acct_str[i++] = '['; - - if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N'; - if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D'; - if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H'; - if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T'; - if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U'; - if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M'; - if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W'; - if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S'; - if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L'; - if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X'; - if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I'; - - for ( ; i < length - 2 ; i++ ) - acct_str[i] = ' '; - - i = length - 2; - acct_str[i++] = ']'; - acct_str[i++] = '\0'; - - return acct_str; -} - -/********************************************************** - Decode the account control bits from a string. - **********************************************************/ - -uint16 sam_decode_acct_ctrl(const char *p) -{ - uint16 acct_ctrl = 0; - BOOL finished = False; - - /* - * Check if the account type bits have been encoded after the - * NT password (in the form [NDHTUWSLXI]). - */ - - if (*p != '[') - return 0; - - for (p++; *p && !finished; p++) { - switch (*p) { - case 'N': { acct_ctrl |= ACB_PWNOTREQ ; break; /* 'N'o password. */ } - case 'D': { acct_ctrl |= ACB_DISABLED ; break; /* 'D'isabled. */ } - case 'H': { acct_ctrl |= ACB_HOMDIRREQ; break; /* 'H'omedir required. */ } - case 'T': { acct_ctrl |= ACB_TEMPDUP ; break; /* 'T'emp account. */ } - case 'U': { acct_ctrl |= ACB_NORMAL ; break; /* 'U'ser account (normal). */ } - case 'M': { acct_ctrl |= ACB_MNS ; break; /* 'M'NS logon user account. What is this ? */ } - case 'W': { acct_ctrl |= ACB_WSTRUST ; break; /* 'W'orkstation account. */ } - case 'S': { acct_ctrl |= ACB_SVRTRUST ; break; /* 'S'erver account. */ } - case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ } - case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ } - case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ } - case ' ': { break; } - case ':': - case '\n': - case '\0': - case ']': - default: { finished = True; } - } - } - - return acct_ctrl; -} - -/************************************************************* - Routine to set 32 hex password characters from a 16 byte array. -**************************************************************/ - -void sam_sethexpwd(char *p, const unsigned char *pwd, uint16 acct_ctrl) -{ - if (pwd != NULL) { - int i; - for (i = 0; i < 16; i++) - slprintf(&p[i*2], 3, "%02X", pwd[i]); - } else { - if (acct_ctrl & ACB_PWNOTREQ) - safe_strcpy(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 33); - else - safe_strcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 33); - } -} - -/************************************************************* - Routine to get the 32 hex characters and turn them - into a 16 byte array. -**************************************************************/ - -BOOL sam_gethexpwd(const char *p, unsigned char *pwd) -{ - int i; - unsigned char lonybble, hinybble; - char *hexchars = "0123456789ABCDEF"; - char *p1, *p2; - - if (!p) - return (False); - - for (i = 0; i < 32; i += 2) { - hinybble = toupper(p[i]); - lonybble = toupper(p[i + 1]); - - p1 = strchr(hexchars, hinybble); - p2 = strchr(hexchars, lonybble); - - if (!p1 || !p2) - return (False); - - hinybble = PTR_DIFF(p1, hexchars); - lonybble = PTR_DIFF(p2, hexchars); - - pwd[i / 2] = (hinybble << 4) | lonybble; - } - return (True); -} diff --git a/source3/sam/get_set_account.c b/source3/sam/get_set_account.c deleted file mode 100644 index acac281d21..0000000000 --- a/source3/sam/get_set_account.c +++ /dev/null @@ -1,845 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM_ACCOUNT_HANDLE access routines - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -NTSTATUS sam_get_account_domain_sid(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid) -{ - NTSTATUS status; - SAM_DOMAIN_HANDLE *domain; - SAM_ASSERT(!sampass || !sid); - - if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){ - DEBUG(0, ("sam_get_account_domain_sid: Can't get domain for account\n")); - return status; - } - - return sam_get_domain_sid(domain, sid); -} - -NTSTATUS sam_get_account_domain_name(const SAM_ACCOUNT_HANDLE *sampass, const char **domain_name) -{ - NTSTATUS status; - SAM_DOMAIN_HANDLE *domain; - SAM_ASSERT(sampass && domain_name); - - if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){ - DEBUG(0, ("sam_get_account_domain_name: Can't get domain for account\n")); - return status; - } - - return sam_get_domain_name(domain, domain_name); -} - -NTSTATUS sam_get_account_acct_ctrl(const SAM_ACCOUNT_HANDLE *sampass, uint16 *acct_ctrl) -{ - SAM_ASSERT(sampass && acct_ctrl); - - *acct_ctrl = sampass->private.acct_ctrl; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_logon_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logon_time) -{ - SAM_ASSERT(sampass && logon_time) ; - - *logon_time = sampass->private.logon_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_logoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logoff_time) -{ - SAM_ASSERT(sampass && logoff_time) ; - - *logoff_time = sampass->private.logoff_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_kickoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *kickoff_time) -{ - SAM_ASSERT(sampass && kickoff_time); - - *kickoff_time = sampass->private.kickoff_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_pass_last_set_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_last_set_time) -{ - SAM_ASSERT(sampass && pass_last_set_time); - - *pass_last_set_time = sampass->private.pass_last_set_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_pass_can_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_can_change_time) -{ - SAM_ASSERT(sampass && pass_can_change_time); - - *pass_can_change_time = sampass->private.pass_can_change_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_pass_must_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_must_change_time) -{ - SAM_ASSERT(sampass && pass_must_change_time); - - *pass_must_change_time = sampass->private.pass_must_change_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_logon_divs(const SAM_ACCOUNT_HANDLE *sampass, uint16 *logon_divs) -{ - SAM_ASSERT(sampass && logon_divs); - - *logon_divs = sampass->private.logon_divs; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_hours_len(const SAM_ACCOUNT_HANDLE *sampass, uint32 *hours_len) -{ - SAM_ASSERT(sampass && hours_len); - - *hours_len = sampass->private.hours_len; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_hours(const SAM_ACCOUNT_HANDLE *sampass, const uint8 **hours) -{ - SAM_ASSERT(sampass && hours); - - *hours = sampass->private.hours; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_nt_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *nt_pwd) -{ - SAM_ASSERT(sampass); - - SMB_ASSERT((!sampass->private.nt_pw.data) - || sampass->private.nt_pw.length == NT_HASH_LEN); - - *nt_pwd = sampass->private.nt_pw; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_lm_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *lm_pwd) -{ - SAM_ASSERT(sampass); - - SMB_ASSERT((!sampass->private.lm_pw.data) - || sampass->private.lm_pw.length == LM_HASH_LEN); - - *lm_pwd = sampass->private.lm_pw; - - return NT_STATUS_OK; -} - -/* Return the plaintext password if known. Most of the time - it isn't, so don't assume anything magic about this function. - - Used to pass the plaintext to sam backends that might - want to store more than just the NTLM hashes. -*/ - -NTSTATUS sam_get_account_plaintext_pwd(const SAM_ACCOUNT_HANDLE *sampass, char **plain_pwd) -{ - SAM_ASSERT(sampass && plain_pwd); - - *plain_pwd = sampass->private.plaintext_pw; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_sid(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid) -{ - SAM_ASSERT(sampass); - - *sid = &(sampass->private.account_sid); - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_pgroup(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid) -{ - SAM_ASSERT(sampass); - - *sid = &(sampass->private.group_sid); - - return NT_STATUS_OK; -} - -/** - * Get flags showing what is initalised in the SAM_ACCOUNT_HANDLE - * @param sampass the SAM_ACCOUNT_HANDLE in question - * @return the flags indicating the members initialised in the struct. - **/ - -NTSTATUS sam_get_account_init_flag(const SAM_ACCOUNT_HANDLE *sampass, uint32 *initflag) -{ - SAM_ASSERT(sampass); - - *initflag = sampass->private.init_flag; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_name(const SAM_ACCOUNT_HANDLE *sampass, char **account_name) -{ - SAM_ASSERT(sampass); - - *account_name = sampass->private.account_name; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_domain(const SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE **domain) -{ - SAM_ASSERT(sampass); - - *domain = sampass->private.domain; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_fullname(const SAM_ACCOUNT_HANDLE *sampass, char **fullname) -{ - SAM_ASSERT(sampass); - - *fullname = sampass->private.full_name; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_homedir(const SAM_ACCOUNT_HANDLE *sampass, char **homedir) -{ - SAM_ASSERT(sampass); - - *homedir = sampass->private.home_dir; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_unix_home_dir(const SAM_ACCOUNT_HANDLE *sampass, char **uhomedir) -{ - SAM_ASSERT(sampass); - - *uhomedir = sampass->private.unix_home_dir; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_dir_drive(const SAM_ACCOUNT_HANDLE *sampass, char **dirdrive) -{ - SAM_ASSERT(sampass); - - *dirdrive = sampass->private.dir_drive; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_logon_script(const SAM_ACCOUNT_HANDLE *sampass, char **logon_script) -{ - SAM_ASSERT(sampass); - - *logon_script = sampass->private.logon_script; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_profile_path(const SAM_ACCOUNT_HANDLE *sampass, char **profile_path) -{ - SAM_ASSERT(sampass); - - *profile_path = sampass->private.profile_path; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_description(const SAM_ACCOUNT_HANDLE *sampass, char **description) -{ - SAM_ASSERT(sampass); - - *description = sampass->private.acct_desc; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_workstations(const SAM_ACCOUNT_HANDLE *sampass, char **workstations) -{ - SAM_ASSERT(sampass); - - *workstations = sampass->private.workstations; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_unknown_str(const SAM_ACCOUNT_HANDLE *sampass, char **unknown_str) -{ - SAM_ASSERT(sampass); - - *unknown_str = sampass->private.unknown_str; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_munged_dial(const SAM_ACCOUNT_HANDLE *sampass, char **munged_dial) -{ - SAM_ASSERT(sampass); - - *munged_dial = sampass->private.munged_dial; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_unknown_1(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown1) -{ - SAM_ASSERT(sampass && unknown1); - - *unknown1 = sampass->private.unknown_1; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_unknown_2(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown2) -{ - SAM_ASSERT(sampass && unknown2); - - *unknown2 = sampass->private.unknown_2; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_unknown_3(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown3) -{ - SAM_ASSERT(sampass && unknown3); - - *unknown3 = sampass->private.unknown_3; - - return NT_STATUS_OK; -} - -/********************************************************************* - Collection of set...() functions for SAM_ACCOUNT_HANDLE_INFO. - ********************************************************************/ - -NTSTATUS sam_set_account_acct_ctrl(SAM_ACCOUNT_HANDLE *sampass, uint16 acct_ctrl) -{ - SAM_ASSERT(sampass); - - sampass->private.acct_ctrl = acct_ctrl; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_logon_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - SAM_ASSERT(sampass); - - sampass->private.logon_time = mytime; - - - return NT_STATUS_UNSUCCESSFUL; -} - -NTSTATUS sam_set_account_logoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - SAM_ASSERT(sampass); - - sampass->private.logoff_time = mytime; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_kickoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - SAM_ASSERT(sampass); - - sampass->private.kickoff_time = mytime; - - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_pass_can_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - SAM_ASSERT(sampass); - - sampass->private.pass_can_change_time = mytime; - - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_pass_must_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - SAM_ASSERT(sampass); - - sampass->private.pass_must_change_time = mytime; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_pass_last_set_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime) -{ - SAM_ASSERT(sampass); - - sampass->private.pass_last_set_time = mytime; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_hours_len(SAM_ACCOUNT_HANDLE *sampass, uint32 len) -{ - SAM_ASSERT(sampass); - - sampass->private.hours_len = len; - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_logon_divs(SAM_ACCOUNT_HANDLE *sampass, uint16 hours) -{ - SAM_ASSERT(sampass); - - sampass->private.logon_divs = hours; - return NT_STATUS_OK; -} - -/** - * Set flags showing what is initalised in the SAM_ACCOUNT_HANDLE - * @param sampass the SAM_ACCOUNT_HANDLE in question - * @param flag The *new* flag to be set. Old flags preserved - * this flag is only added. - **/ - -NTSTATUS sam_set_account_init_flag(SAM_ACCOUNT_HANDLE *sampass, uint32 flag) -{ - SAM_ASSERT(sampass); - - sampass->private.init_flag |= flag; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_sid(SAM_ACCOUNT_HANDLE *sampass, const DOM_SID *u_sid) -{ - SAM_ASSERT(sampass && u_sid); - - sid_copy(&sampass->private.account_sid, u_sid); - - DEBUG(10, ("sam_set_account_sid: setting account sid %s\n", - sid_string_static(&sampass->private.account_sid))); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_sid_from_string(SAM_ACCOUNT_HANDLE *sampass, const char *u_sid) -{ - DOM_SID new_sid; - SAM_ASSERT(sampass && u_sid); - - DEBUG(10, ("sam_set_account_sid_from_string: setting account sid %s\n", - u_sid)); - - if (!string_to_sid(&new_sid, u_sid)) { - DEBUG(1, ("sam_set_account_sid_from_string: %s isn't a valid SID!\n", u_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!NT_STATUS_IS_OK(sam_set_account_sid(sampass, &new_sid))) { - DEBUG(1, ("sam_set_account_sid_from_string: could not set sid %s on SAM_ACCOUNT_HANDLE!\n", u_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_pgroup_sid(SAM_ACCOUNT_HANDLE *sampass, const DOM_SID *g_sid) -{ - SAM_ASSERT(sampass && g_sid); - - sid_copy(&sampass->private.group_sid, g_sid); - - DEBUG(10, ("sam_set_group_sid: setting group sid %s\n", - sid_string_static(&sampass->private.group_sid))); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_pgroup_string(SAM_ACCOUNT_HANDLE *sampass, const char *g_sid) -{ - DOM_SID new_sid; - SAM_ASSERT(sampass && g_sid); - - DEBUG(10, ("sam_set_group_sid_from_string: setting group sid %s\n", - g_sid)); - - if (!string_to_sid(&new_sid, g_sid)) { - DEBUG(1, ("sam_set_group_sid_from_string: %s isn't a valid SID!\n", g_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!NT_STATUS_IS_OK(sam_set_account_pgroup_sid(sampass, &new_sid))) { - DEBUG(1, ("sam_set_group_sid_from_string: could not set sid %s on SAM_ACCOUNT_HANDLE!\n", g_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - return NT_STATUS_OK; -} - -/********************************************************************* - Set the domain name. - ********************************************************************/ - -NTSTATUS sam_set_account_domain(SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE *domain) -{ - SAM_ASSERT(sampass); - - sampass->private.domain = domain; - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's NT name. - ********************************************************************/ - -NTSTATUS sam_set_account_name(SAM_ACCOUNT_HANDLE *sampass, const char *account_name) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_account_name: setting nt account_name %s, was %s\n", account_name, sampass->private.account_name)); - - sampass->private.account_name = talloc_strdup(sampass->mem_ctx, account_name); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's full name. - ********************************************************************/ - -NTSTATUS sam_set_account_fullname(SAM_ACCOUNT_HANDLE *sampass, const char *full_name) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_account_fullname: setting full name %s, was %s\n", full_name, sampass->private.full_name)); - - sampass->private.full_name = talloc_strdup(sampass->mem_ctx, full_name); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's logon script. - ********************************************************************/ - -NTSTATUS sam_set_account_logon_script(SAM_ACCOUNT_HANDLE *sampass, const char *logon_script, BOOL store) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_logon_script: from %s to %s\n", logon_script, sampass->private.logon_script)); - - sampass->private.logon_script = talloc_strdup(sampass->mem_ctx, logon_script); - - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's profile path. - ********************************************************************/ - -NTSTATUS sam_set_account_profile_path(SAM_ACCOUNT_HANDLE *sampass, const char *profile_path, BOOL store) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_profile_path: setting profile path %s, was %s\n", profile_path, sampass->private.profile_path)); - - sampass->private.profile_path = talloc_strdup(sampass->mem_ctx, profile_path); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's directory drive. - ********************************************************************/ - -NTSTATUS sam_set_account_dir_drive(SAM_ACCOUNT_HANDLE *sampass, const char *dir_drive, BOOL store) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_dir_drive: setting dir drive %s, was %s\n", dir_drive, - sampass->private.dir_drive)); - - sampass->private.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's home directory. - ********************************************************************/ - -NTSTATUS sam_set_account_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *home_dir, BOOL store) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_homedir: setting home dir %s, was %s\n", home_dir, - sampass->private.home_dir)); - - sampass->private.home_dir = talloc_strdup(sampass->mem_ctx, home_dir); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's unix home directory. - ********************************************************************/ - -NTSTATUS sam_set_account_unix_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *unix_home_dir) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_unix_homedir: setting home dir %s, was %s\n", unix_home_dir, - sampass->private.unix_home_dir)); - - sampass->private.unix_home_dir = talloc_strdup(sampass->mem_ctx, unix_home_dir); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's account description. - ********************************************************************/ - -NTSTATUS sam_set_account_acct_desc(SAM_ACCOUNT_HANDLE *sampass, const char *acct_desc) -{ - SAM_ASSERT(sampass); - - sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's workstation allowed list. - ********************************************************************/ - -NTSTATUS sam_set_account_workstations(SAM_ACCOUNT_HANDLE *sampass, const char *workstations) -{ - SAM_ASSERT(sampass); - - DEBUG(10, ("sam_set_workstations: setting workstations %s, was %s\n", workstations, - sampass->private.workstations)); - - sampass->private.workstations = talloc_strdup(sampass->mem_ctx, workstations); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's 'unknown_str', whatever the heck this actually is... - ********************************************************************/ - -NTSTATUS sam_set_account_unknown_str(SAM_ACCOUNT_HANDLE *sampass, const char *unknown_str) -{ - SAM_ASSERT(sampass); - - sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's dial string. - ********************************************************************/ - -NTSTATUS sam_set_account_munged_dial(SAM_ACCOUNT_HANDLE *sampass, const char *munged_dial) -{ - SAM_ASSERT(sampass); - - sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's NT hash. - ********************************************************************/ - -NTSTATUS sam_set_account_nt_pwd(SAM_ACCOUNT_HANDLE *sampass, const DATA_BLOB data) -{ - SAM_ASSERT(sampass); - - sampass->private.nt_pw = data; - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's LM hash. - ********************************************************************/ - -NTSTATUS sam_set_account_lm_pwd(SAM_ACCOUNT_HANDLE *sampass, const DATA_BLOB data) -{ - SAM_ASSERT(sampass); - - sampass->private.lm_pw = data; - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's plaintext password only (base procedure, see helper - below) - ********************************************************************/ - -NTSTATUS sam_set_account_plaintext_pwd(SAM_ACCOUNT_HANDLE *sampass, const char *plain_pwd) -{ - SAM_ASSERT(sampass); - - sampass->private.plaintext_pw = talloc_strdup(sampass->mem_ctx, plain_pwd); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_unknown_1(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) -{ - SAM_ASSERT(sampass); - - sampass->private.unknown_1 = unkn; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_unknown_2(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) -{ - SAM_ASSERT(sampass); - - sampass->private.unknown_2 = unkn; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_unknown_3(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) -{ - SAM_ASSERT(sampass); - - sampass->private.unknown_3 = unkn; - return NT_STATUS_OK; -} - -NTSTATUS sam_set_account_hours(SAM_ACCOUNT_HANDLE *sampass, const uint8 *hours) -{ - SAM_ASSERT(sampass); - - if (!hours) { - memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN); - return NT_STATUS_OK; - } - - memcpy(sampass->private.hours, hours, MAX_HOURS_LEN); - - return NT_STATUS_OK; -} - -/* Helpful interfaces to the above */ - -/********************************************************************* - Sets the last changed times and must change times for a normal - password change. - ********************************************************************/ - -NTSTATUS sam_set_account_pass_changed_now(SAM_ACCOUNT_HANDLE *sampass) -{ - uint32 expire; - NTTIME temptime; - - SAM_ASSERT(sampass); - - unix_to_nt_time(&temptime, time(NULL)); - if (!NT_STATUS_IS_OK(sam_set_account_pass_last_set_time(sampass, temptime))) - return NT_STATUS_UNSUCCESSFUL; - - if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire) - || (expire==(uint32)-1)) { - - get_nttime_max(&temptime); - if (!NT_STATUS_IS_OK(sam_set_account_pass_must_change_time(sampass, temptime, False))) - return NT_STATUS_UNSUCCESSFUL; - - } else { - /* FIXME: Add expire to temptime */ - - if (!NT_STATUS_IS_OK(sam_get_account_pass_last_set_time(sampass,&temptime)) || !NT_STATUS_IS_OK(sam_set_account_pass_must_change_time(sampass, temptime,True))) - return NT_STATUS_UNSUCCESSFUL; - } - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the account's PLAINTEXT password. Used as an interface to the above. - Also sets the last change time to NOW. - ********************************************************************/ - -NTSTATUS sam_set_account_passwd(SAM_ACCOUNT_HANDLE *sampass, const char *plaintext) -{ - DATA_BLOB data; - uchar new_lanman_p16[16]; - uchar new_nt_p16[16]; - - SAM_ASSERT(sampass && plaintext); - - nt_lm_owf_gen(plaintext, new_nt_p16, new_lanman_p16); - - data = data_blob(new_nt_p16, 16); - if (!NT_STATUS_IS_OK(sam_set_account_nt_pwd(sampass, data))) - return NT_STATUS_UNSUCCESSFUL; - - data = data_blob(new_lanman_p16, 16); - - if (!NT_STATUS_IS_OK(sam_set_account_lm_pwd(sampass, data))) - return NT_STATUS_UNSUCCESSFUL; - - if (!NT_STATUS_IS_OK(sam_set_account_plaintext_pwd(sampass, plaintext))) - return NT_STATUS_UNSUCCESSFUL; - - if (!NT_STATUS_IS_OK(sam_set_account_pass_changed_now(sampass))) - return NT_STATUS_UNSUCCESSFUL; - - return NT_STATUS_OK; -} - diff --git a/source3/sam/get_set_domain.c b/source3/sam/get_set_domain.c deleted file mode 100644 index c70a4a3f09..0000000000 --- a/source3/sam/get_set_domain.c +++ /dev/null @@ -1,263 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM_DOMAIN access routines - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, const DOM_SID **sid) -{ - SAM_ASSERT(domain &&sid); - - *sid = &(domain->private.sid); - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_num_accounts(SAM_DOMAIN_HANDLE *domain, uint32 *num_accounts) -{ - SAM_ASSERT(domain &&num_accounts); - - *num_accounts = domain->private.num_accounts; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups) -{ - SAM_ASSERT(domain &&num_groups); - - *num_groups = domain->private.num_groups; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases) -{ - SAM_ASSERT(domain &&num_aliases); - - *num_aliases = domain->private.num_aliases; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_name(SAM_DOMAIN_HANDLE *domain, const char **domain_name) -{ - SAM_ASSERT(domain &&domain_name); - - *domain_name = domain->private.name; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, const char **server_name) -{ - SAM_ASSERT(domain &&server_name); - - *server_name = domain->private.servername; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage) -{ - SAM_ASSERT(domain &&max_passwordage); - - *max_passwordage = domain->private.max_passwordage; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage) -{ - SAM_ASSERT(domain &&min_passwordage); - - *min_passwordage = domain->private.min_passwordage; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration) -{ - SAM_ASSERT(domain &&lockout_duration); - - *lockout_duration = domain->private.lockout_duration; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count) -{ - SAM_ASSERT(domain &&reset_lockout_count); - - *reset_lockout_count = domain->private.reset_count; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength) -{ - SAM_ASSERT(domain &&min_passwordlength); - - *min_passwordlength = domain->private.min_passwordlength; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 *password_history) -{ - SAM_ASSERT(domain &&password_history); - - *password_history = domain->private.password_history; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count) -{ - SAM_ASSERT(domain &&lockout_count); - - *lockout_count = domain->private.lockout_count; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff) -{ - SAM_ASSERT(domain &&force_logoff); - - *force_logoff = domain->private.force_logoff; - - return NT_STATUS_OK; -} - - -NTSTATUS sam_get_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange) -{ - SAM_ASSERT(domain && login_pwdchange); - - *login_pwdchange = domain->private.login_pwdchange; - - return NT_STATUS_OK; -} - -/* Set */ - -NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, const char *domain_name) -{ - SAM_ASSERT(domain); - - domain->private.name = talloc_strdup(domain->mem_ctx, domain_name); - - return NT_STATUS_OK; -} - - -NTSTATUS sam_set_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME max_passwordage) -{ - SAM_ASSERT(domain); - - domain->private.max_passwordage = max_passwordage; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME min_passwordage) -{ - SAM_ASSERT(domain); - - domain->private.min_passwordage = min_passwordage; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME lockout_duration) -{ - SAM_ASSERT(domain); - - domain->private.lockout_duration = lockout_duration; - - return NT_STATUS_OK; -} -NTSTATUS sam_set_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME reset_lockout_count) -{ - SAM_ASSERT(domain); - - domain->private.reset_count = reset_lockout_count; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 min_passwordlength) -{ - SAM_ASSERT(domain); - - domain->private.min_passwordlength = min_passwordlength; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 password_history) -{ - SAM_ASSERT(domain); - - domain->private.password_history = password_history; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 lockout_count) -{ - SAM_ASSERT(domain); - - domain->private.lockout_count = lockout_count; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL force_logoff) -{ - SAM_ASSERT(domain); - - domain->private.force_logoff = force_logoff; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL login_pwdchange) -{ - SAM_ASSERT(domain); - - domain->private.login_pwdchange = login_pwdchange; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, const char *server_name) -{ - SAM_ASSERT(domain); - - domain->private.servername = talloc_strdup(domain->mem_ctx, server_name); - - return NT_STATUS_OK; -} diff --git a/source3/sam/get_set_group.c b/source3/sam/get_set_group.c deleted file mode 100644 index 11ea9258a7..0000000000 --- a/source3/sam/get_set_group.c +++ /dev/null @@ -1,106 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM_USER_HANDLE access routines - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -/* sam group get functions */ - -NTSTATUS sam_get_group_sid(const SAM_GROUP_HANDLE *group, const DOM_SID **sid) -{ - SAM_ASSERT(group && sid); - - *sid = &(group->private.sid); - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_group_ctrl(const SAM_GROUP_HANDLE *group, uint32 *group_ctrl) -{ - SAM_ASSERT(group && group_ctrl); - - *group_ctrl = group->private.group_ctrl; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_group_name(const SAM_GROUP_HANDLE *group, const char **group_name) -{ - SAM_ASSERT(group); - - *group_name = group->private.group_name; - - return NT_STATUS_OK; - -} -NTSTATUS sam_get_group_comment(const SAM_GROUP_HANDLE *group, const char **group_desc) -{ - SAM_ASSERT(group); - - *group_desc = group->private.group_desc; - - return NT_STATUS_OK; -} - -/* sam group set functions */ - -NTSTATUS sam_set_group_sid(SAM_GROUP_HANDLE *group, const DOM_SID *sid) -{ - SAM_ASSERT(group); - - if (!sid) - ZERO_STRUCT(group->private.sid); - else - sid_copy(&(group->private.sid), sid); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_group_group_ctrl(SAM_GROUP_HANDLE *group, uint32 group_ctrl) -{ - SAM_ASSERT(group); - - group->private.group_ctrl = group_ctrl; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_group_name(SAM_GROUP_HANDLE *group, const char *group_name) -{ - SAM_ASSERT(group); - - group->private.group_name = talloc_strdup(group->mem_ctx, group_name); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_group_description(SAM_GROUP_HANDLE *group, const char *group_desc) -{ - SAM_ASSERT(group); - - group->private.group_desc = talloc_strdup(group->mem_ctx, group_desc); - - return NT_STATUS_OK; - -} diff --git a/source3/sam/group.c b/source3/sam/group.c deleted file mode 100644 index 101e3dd7ce..0000000000 --- a/source3/sam/group.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM_GROUP_HANDLE /SAM_GROUP_ENUM helpers - - Copyright (C) Stefan (metze) Metzmacher 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -/************************************************************ - Fill the SAM_GROUP_HANDLE with default values. - ***********************************************************/ - -static void sam_fill_default_group(SAM_GROUP_HANDLE *group) -{ - ZERO_STRUCT(group->private); /* Don't touch the talloc context */ - -} - -static void destroy_sam_group_handle_talloc(SAM_GROUP_HANDLE **group) -{ - if (*group) { - - talloc_destroy((*group)->mem_ctx); - *group = NULL; - } -} - - -/********************************************************************** - Alloc memory and initialises a SAM_GROUP_HANDLE on supplied mem_ctx. -***********************************************************************/ - -NTSTATUS sam_init_group_talloc(TALLOC_CTX *mem_ctx, SAM_GROUP_HANDLE **group) -{ - SMB_ASSERT(*group != NULL); - - if (!mem_ctx) { - DEBUG(0,("sam_init_group_talloc: mem_ctx was NULL!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - *group=(SAM_GROUP_HANDLE *)talloc(mem_ctx, sizeof(SAM_GROUP_HANDLE)); - - if (*group==NULL) { - DEBUG(0,("sam_init_group_talloc: error while allocating memory\n")); - return NT_STATUS_NO_MEMORY; - } - - (*group)->mem_ctx = mem_ctx; - - (*group)->free_fn = NULL; - - sam_fill_default_group(*group); - - return NT_STATUS_OK; -} - - -/************************************************************* - Alloc memory and initialises a struct SAM_GROUP_HANDLE. - ************************************************************/ - -NTSTATUS sam_init_group(SAM_GROUP_HANDLE **group) -{ - TALLOC_CTX *mem_ctx; - NTSTATUS nt_status; - - mem_ctx = talloc_init("sam internal SAM_GROUP_HANDLE allocation"); - - if (!mem_ctx) { - DEBUG(0,("sam_init_group: error while doing talloc_init()\n")); - return NT_STATUS_NO_MEMORY; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_init_group_talloc(mem_ctx, group))) { - talloc_destroy(mem_ctx); - return nt_status; - } - - (*group)->free_fn = destroy_sam_group_handle_talloc; - - return NT_STATUS_OK; -} - - -/************************************************************ - Reset the SAM_GROUP_HANDLE. - ***********************************************************/ - -NTSTATUS sam_reset_group(SAM_GROUP_HANDLE *group) -{ - SMB_ASSERT(group != NULL); - - sam_fill_default_group(group); - - return NT_STATUS_OK; -} - - -/************************************************************ - Free the SAM_GROUP_HANDLE and the member pointers. - ***********************************************************/ - -NTSTATUS sam_free_group(SAM_ACCOUNT_HANDLE **group) -{ - SMB_ASSERT(*group != NULL); - - if ((*group)->free_fn) { - (*group)->free_fn(group); - } - - return NT_STATUS_OK; -} - - -/********************************************************** - Encode the group control bits into a string. - length = length of string to encode into (including terminating - null). length *MUST BE MORE THAN 2* ! - **********************************************************/ - -char *sam_encode_acct_ctrl(uint16 group_ctrl, size_t length) -{ - static fstring group_str; - size_t i = 0; - - group_str[i++] = '['; - - if (group_ctrl & GCB_LOCAL_GROUP ) group_str[i++] = 'L'; - if (group_ctrl & GCB_GLOBAL_GROUP ) group_str[i++] = 'G'; - - for ( ; i < length - 2 ; i++ ) - group_str[i] = ' '; - - i = length - 2; - group_str[i++] = ']'; - group_str[i++] = '\0'; - - return group_str; -} - -/********************************************************** - Decode the group control bits from a string. - **********************************************************/ - -uint16 sam_decode_group_ctrl(const char *p) -{ - uint16 group_ctrl = 0; - BOOL finished = False; - - /* - * Check if the account type bits have been encoded after the - * NT password (in the form [NDHTUWSLXI]). - */ - - if (*p != '[') - return 0; - - for (p++; *p && !finished; p++) { - switch (*p) { - case 'L': { group_ctrl |= GCB_LOCAL_GROUP; break; /* 'L'ocal Aliases Group. */ } - case 'G': { group_ctrl |= GCB_GLOBAL_GROUP; break; /* 'G'lobal Domain Group. */ } - - case ' ': { break; } - case ':': - case '\n': - case '\0': - case ']': - default: { finished = True; } - } - } - - return group_ctrl; -} - diff --git a/source3/sam/gumm_tdb.c b/source3/sam/gumm_tdb.c deleted file mode 100644 index 5e390490cf..0000000000 --- a/source3/sam/gumm_tdb.c +++ /dev/null @@ -1,1193 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * SMB parameters and setup - * Copyright (C) Andrew Tridgell 1992-1998 - * Copyright (C) Simo Sorce 2000-2002 - * Copyright (C) Gerald Carter 2000 - * Copyright (C) Jeremy Allison 2001 - * Copyright (C) Andrew Bartlett 2002 - * - * This program is free software; you can redistribute it and/or modify it under - * the terms of the GNU General Public License as published by the Free - * Software Foundation; either version 2 of the License, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along with - * this program; if not, write to the Free Software Foundation, Inc., 675 - * Mass Ave, Cambridge, MA 02139, USA. - */ - -#include "includes.h" -#include "tdbsam2.h" -#include "tdbsam2_parse_info.h" - -static int tdbgumm_debug_level = DBGC_ALL; -#undef DBGC_CLASS -#define DBGC_CLASS tdbgumm_debug_level - -#define TDBSAM_VERSION 20021215 -#define TDB_FILE_NAME "tdbsam2.tdb" -#define NAMEPREFIX "NAME_" -#define SIDPREFIX "SID_" -#define PRIVILEGEPREFIX "PRIV_" - -#define TDB_FORMAT_STRING "ddB" - -#define TALLOC_CHECK(ptr, err, label) do { if ((ptr) == NULL) { DEBUG(0, ("%s: Out of memory!\n", FUNCTION_MACRO)); err = NT_STATUS_NO_MEMORY; goto label; } } while(0) -#define SET_OR_FAIL(func, label) do { if (NT_STATUS_IS_ERR(func)) { DEBUG(0, ("%s: Setting gums object data failed!\n", FUNCTION_MACRO)); goto label; } } while(0) - -struct tdbsam2_enum_objs { - uint32 type; - fstring dom_sid; - TDB_CONTEXT *db; - TDB_DATA key; - struct tdbsam2_enum_objs *next; -}; - -union tdbsam2_data { - struct tdbsam2_domain_data *domain; - struct tdbsam2_user_data *user; - struct tdbsam2_group_data *group; -}; - -struct tdbsam2_object { - uint32 type; - uint32 version; - union tdbsam2_data data; -}; - -static TDB_CONTEXT *tdbsam2_db; - -struct tdbsam2_enum_objs **teo_handlers; - -static NTSTATUS init_tdbsam2_object_from_buffer(struct tdbsam2_object *object, TALLOC_CTX *mem_ctx, char *buffer, int size) -{ - - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - int iret; - char *obj_data; - int data_size = 0; - int len; - - len = tdb_unpack (buffer, size, TDB_FORMAT_STRING, - &(object->version), - &(object->type), - &data_size, &obj_data); - - if (len == -1) - goto done; - - /* version is checked inside this function so that backward compatibility code can be - called eventually. - this way we can easily handle database format upgrades */ - if (object->version != TDBSAM_VERSION) { - DEBUG(3,("init_tdbsam2_object_from_buffer: Error, db object has wrong tdbsam version!\n")); - goto done; - } - - /* be sure the string is terminated before trying to parse it */ - if (obj_data[data_size - 1] != '\0') - obj_data[data_size - 1] = '\0'; - - switch (object->type) { - case GUMS_OBJ_DOMAIN: - object->data.domain = (struct tdbsam2_domain_data *)talloc(mem_ctx, sizeof(struct tdbsam2_domain_data)); - TALLOC_CHECK(object->data.domain, ret, done); - memset(object->data.domain, 0, sizeof(struct tdbsam2_domain_data)); - - iret = gen_parse(mem_ctx, pinfo_tdbsam2_domain_data, (char *)(object->data.domain), obj_data); - break; - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - object->data.group = (struct tdbsam2_group_data *)talloc(mem_ctx, sizeof(struct tdbsam2_group_data)); - TALLOC_CHECK(object->data.group, ret, done); - memset(object->data.group, 0, sizeof(struct tdbsam2_group_data)); - - iret = gen_parse(mem_ctx, pinfo_tdbsam2_group_data, (char *)(object->data.group), obj_data); - break; - case GUMS_OBJ_NORMAL_USER: - object->data.user = (struct tdbsam2_user_data *)talloc(mem_ctx, sizeof(struct tdbsam2_user_data)); - TALLOC_CHECK(object->data.user, ret, done); - memset(object->data.user, 0, sizeof(struct tdbsam2_user_data)); - - iret = gen_parse(mem_ctx, pinfo_tdbsam2_user_data, (char *)(object->data.user), obj_data); - break; - default: - DEBUG(3,("init_tdbsam2_object_from_buffer: Error, wrong object type number!\n")); - goto done; - } - - if (iret != 0) { - DEBUG(0,("init_tdbsam2_object_from_buffer: Fatal Error! Unable to parse object!\n")); - DEBUG(0,("init_tdbsam2_object_from_buffer: DB Corrupted ?")); - goto done; - } - - ret = NT_STATUS_OK; -done: - SAFE_FREE(obj_data); - return ret; -} - -static NTSTATUS init_buffer_from_tdbsam2_object(char **buffer, size_t *len, TALLOC_CTX *mem_ctx, struct tdbsam2_object *object) -{ - - NTSTATUS ret; - char *buf1 = NULL; - size_t buflen; - - if (!buffer) - return NT_STATUS_INVALID_PARAMETER; - - switch (object->type) { - case GUMS_OBJ_DOMAIN: - buf1 = gen_dump(mem_ctx, pinfo_tdbsam2_domain_data, (char *)(object->data.domain), 0); - break; - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - buf1 = gen_dump(mem_ctx, pinfo_tdbsam2_group_data, (char *)(object->data.group), 0); - break; - case GUMS_OBJ_NORMAL_USER: - buf1 = gen_dump(mem_ctx, pinfo_tdbsam2_user_data, (char *)(object->data.user), 0); - break; - default: - DEBUG(3,("init_buffer_from_tdbsam2_object: Error, wrong object type number!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - if (buf1 == NULL) { - DEBUG(0, ("init_buffer_from_tdbsam2_object: Fatal Error! Unable to dump object!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - buflen = tdb_pack(NULL, 0, TDB_FORMAT_STRING, - TDBSAM_VERSION, - object->type, - strlen(buf1) + 1, buf1); - - *buffer = talloc(mem_ctx, buflen); - TALLOC_CHECK(*buffer, ret, done); - - *len = tdb_pack(*buffer, buflen, TDB_FORMAT_STRING, - TDBSAM_VERSION, - object->type, - strlen(buf1) + 1, buf1); - - if (*len != buflen) { - DEBUG(0, ("init_tdb_data_from_tdbsam2_object: somthing odd is going on here: bufflen (%d) != len (%d) in tdb_pack operations!\n", - buflen, *len)); - *buffer = NULL; - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - ret = NT_STATUS_OK; -done: - return ret; -} - -static NTSTATUS opentdb(void) -{ - if (!tdbsam2_db) { - pstring tdbfile; - get_private_directory(tdbfile); - pstrcat(tdbfile, "/"); - pstrcat(tdbfile, TDB_FILE_NAME); - - tdbsam2_db = tdb_open_log(tdbfile, 0, TDB_DEFAULT, O_RDWR | O_CREAT, 0600); - if (!tdbsam2_db) - { - DEBUG(0, ("opentdb: Unable to open database (%s)!\n", tdbfile)); - return NT_STATUS_UNSUCCESSFUL; - } - } - - return NT_STATUS_OK; -} - -static NTSTATUS get_object_by_sid(TALLOC_CTX *mem_ctx, struct tdbsam2_object *obj, const DOM_SID *sid) -{ - NTSTATUS ret; - TDB_DATA data, key; - fstring keystr; - - if (!obj || !mem_ctx || !sid) - return NT_STATUS_INVALID_PARAMETER; - - if (NT_STATUS_IS_ERR(ret = opentdb())) { - return ret; - } - - slprintf(keystr, sizeof(keystr)-1, "%s%s", SIDPREFIX, sid_string_static(sid)); - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - data = tdb_fetch(tdbsam2_db, key); - if (!data.dptr) { - DEBUG(5, ("get_object_by_sid: Error fetching database, domain entry not found!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam2_db))); - DEBUGADD(5, (" Key: %s\n", keystr)); - return NT_STATUS_UNSUCCESSFUL; - } - - if (NT_STATUS_IS_ERR(init_tdbsam2_object_from_buffer(obj, mem_ctx, data.dptr, data.dsize))) { - SAFE_FREE(data.dptr); - DEBUG(0, ("get_object_by_sid: Error fetching database, malformed entry!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - SAFE_FREE(data.dptr); - - return NT_STATUS_OK; - -} - -static NTSTATUS get_object_by_name(TALLOC_CTX *mem_ctx, struct tdbsam2_object *obj, const char* name) -{ - - NTSTATUS ret; - TDB_DATA data, key; - fstring keystr; - fstring objname; - DOM_SID sid; - char *obj_sidstr; - int obj_version, obj_type, obj_sidstr_len, len; - - if (!obj || !mem_ctx || !name) - return NT_STATUS_INVALID_PARAMETER; - - if (NT_STATUS_IS_ERR(ret = opentdb())) { - return ret; - } - - unix_strlower(name, -1, objname, sizeof(objname)); - - slprintf(keystr, sizeof(keystr)-1, "%s%s", NAMEPREFIX, objname); - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - data = tdb_fetch(tdbsam2_db, key); - if (!data.dptr) { - DEBUG(5, ("get_object_by_name: Error fetching database, domain entry not found!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam2_db))); - DEBUGADD(5, (" Key: %s\n", keystr)); - return NT_STATUS_UNSUCCESSFUL; - } - - len = tdb_unpack(data.dptr, data.dsize, TDB_FORMAT_STRING, - &obj_version, - &obj_type, - &obj_sidstr_len, &obj_sidstr); - - SAFE_FREE(data.dptr); - - if (len == -1 || obj_version != TDBSAM_VERSION || obj_sidstr_len <= 0) { - DEBUG(5, ("get_object_by_name: Error unpacking database object!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!string_to_sid(&sid, obj_sidstr)) { - DEBUG(5, ("get_object_by_name: Error invalid sid string found in database object!\n")); - SAFE_FREE(obj_sidstr); - return NT_STATUS_UNSUCCESSFUL; - } - SAFE_FREE(obj_sidstr); - - return get_object_by_sid(mem_ctx, obj, &sid); -} - -static NTSTATUS store_object(TALLOC_CTX *mem_ctx, struct tdbsam2_object *object, BOOL new_obj) -{ - - NTSTATUS ret; - TDB_DATA data, key, key2; - fstring keystr; - fstring namestr; - int flag, r; - - if (NT_STATUS_IS_ERR(ret = opentdb())) { - return ret; - } - - if (new_obj) { - flag = TDB_INSERT; - } else { - flag = TDB_MODIFY; - } - - ret = init_buffer_from_tdbsam2_object(&(data.dptr), &(data.dsize), mem_ctx, object); - if (NT_STATUS_IS_ERR(ret)) - return ret; - - switch (object->type) { - case GUMS_OBJ_DOMAIN: - slprintf(keystr, sizeof(keystr) - 1, "%s%s", SIDPREFIX, sid_string_static(object->data.domain->dom_sid)); - slprintf(namestr, sizeof(namestr) - 1, "%s%s", NAMEPREFIX, object->data.domain->name); - break; - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - slprintf(keystr, sizeof(keystr) - 1, "%s%s", SIDPREFIX, sid_string_static(object->data.group->group_sid)); - slprintf(namestr, sizeof(namestr) - 1, "%s%s", NAMEPREFIX, object->data.group->name); - break; - case GUMS_OBJ_NORMAL_USER: - slprintf(keystr, sizeof(keystr) - 1, "%s%s", SIDPREFIX, sid_string_static(object->data.user->user_sid)); - slprintf(namestr, sizeof(namestr) - 1, "%s%s", NAMEPREFIX, object->data.user->name); - break; - default: - return NT_STATUS_UNSUCCESSFUL; - } - - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - if ((r = tdb_store(tdbsam2_db, key, data, flag)) != TDB_SUCCESS) { - DEBUG(0, ("store_object: Unable to modify SAM!\n")); - DEBUGADD(0, (" Error: %s", tdb_errorstr(tdbsam2_db))); - DEBUGADD(0, (" occured while storing the main record (%s)\n", keystr)); - if (r == TDB_ERR_EXISTS) return NT_STATUS_UNSUCCESSFUL; - return NT_STATUS_INTERNAL_DB_ERROR; - } - - key2.dptr = namestr; - key2.dsize = strlen(namestr) + 1; - - if ((r = tdb_store(tdbsam2_db, key2, key, flag)) != TDB_SUCCESS) { - DEBUG(0, ("store_object: Unable to modify SAM!\n")); - DEBUGADD(0, (" Error: %s", tdb_errorstr(tdbsam2_db))); - DEBUGADD(0, (" occured while storing the main record (%s)\n", keystr)); - if (r == TDB_ERR_EXISTS) return NT_STATUS_UNSUCCESSFUL; - return NT_STATUS_INTERNAL_DB_ERROR; - } -/* TODO: update the general database counter */ -/* TODO: update this entry counter too */ - - return NT_STATUS_OK; -} - -static NTSTATUS get_next_sid(TALLOC_CTX *mem_ctx, DOM_SID **sid) -{ - NTSTATUS ret; - struct tdbsam2_object obj; - DOM_SID *dom_sid = get_global_sam_sid(); - uint32 new_rid; - -/* TODO: LOCK DOMAIN OBJECT */ - ret = get_object_by_sid(mem_ctx, &obj, dom_sid); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(0, ("get_next_sid: unable to get root Domain object!\n")); - ret = NT_STATUS_INTERNAL_DB_ERROR; - goto error; - } - - new_rid = obj.data.domain->next_rid; - - /* Increment the RID Counter */ - obj.data.domain->next_rid++; - - /* Store back Domain object */ - ret = store_object(mem_ctx, &obj, False); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(0, ("get_next_sid: unable to update root Domain object!\n")); - ret = NT_STATUS_INTERNAL_DB_ERROR; - goto error; - } -/* TODO: UNLOCK DOMAIN OBJECT */ - - *sid = sid_dup_talloc(mem_ctx, dom_sid); - TALLOC_CHECK(*sid, ret, error); - - if (!sid_append_rid(*sid, new_rid)) { - DEBUG(0, ("get_next_sid: unable to build new SID !?!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto error; - } - - return NT_STATUS_OK; - -error: - return ret; -} - -static NTSTATUS user_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_user_data *userdata) -{ - NTSTATUS ret; - - if (!object || !userdata) { - DEBUG(0, ("tdbsam2_user_data_to_gums_object: no NULL pointers are accepted here!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - /* userdata->xcounter */ - /* userdata->sec_desc */ - - SET_OR_FAIL(gums_set_object_sid(*object, userdata->user_sid), error); - SET_OR_FAIL(gums_set_object_name(*object, userdata->name), error); - - SET_OR_FAIL(gums_set_user_pri_group(*object, userdata->group_sid), error); - - if (userdata->description) - SET_OR_FAIL(gums_set_object_description(*object, userdata->description), error); - - if (userdata->full_name) - SET_OR_FAIL(gums_set_user_fullname(*object, userdata->full_name), error); - - if (userdata->home_dir) - SET_OR_FAIL(gums_set_user_homedir(*object, userdata->home_dir), error); - - if (userdata->dir_drive) - SET_OR_FAIL(gums_set_user_dir_drive(*object, userdata->dir_drive), error); - - if (userdata->logon_script) - SET_OR_FAIL(gums_set_user_logon_script(*object, userdata->logon_script), error); - - if (userdata->profile_path) - SET_OR_FAIL(gums_set_user_profile_path(*object, userdata->profile_path), error); - - if (userdata->workstations) - SET_OR_FAIL(gums_set_user_workstations(*object, userdata->workstations), error); - - if (userdata->unknown_str) - SET_OR_FAIL(gums_set_user_unknown_str(*object, userdata->unknown_str), error); - - if (userdata->munged_dial) - SET_OR_FAIL(gums_set_user_munged_dial(*object, userdata->munged_dial), error); - - SET_OR_FAIL(gums_set_user_logon_divs(*object, userdata->logon_divs), error); - SET_OR_FAIL(gums_set_user_hours_len(*object, userdata->hours_len), error); - - if (userdata->hours) - SET_OR_FAIL(gums_set_user_hours(*object, userdata->hours), error); - - SET_OR_FAIL(gums_set_user_unknown_3(*object, userdata->unknown_3), error); - SET_OR_FAIL(gums_set_user_unknown_5(*object, userdata->unknown_5), error); - SET_OR_FAIL(gums_set_user_unknown_6(*object, userdata->unknown_6), error); - - SET_OR_FAIL(gums_set_user_logon_time(*object, *(userdata->logon_time)), error); - SET_OR_FAIL(gums_set_user_logoff_time(*object, *(userdata->logoff_time)), error); - SET_OR_FAIL(gums_set_user_kickoff_time(*object, *(userdata->kickoff_time)), error); - SET_OR_FAIL(gums_set_user_pass_last_set_time(*object, *(userdata->pass_last_set_time)), error); - SET_OR_FAIL(gums_set_user_pass_can_change_time(*object, *(userdata->pass_can_change_time)), error); - SET_OR_FAIL(gums_set_user_pass_must_change_time(*object, *(userdata->pass_must_change_time)), error); - - ret = NT_STATUS_OK; - return ret; - -error: - talloc_destroy((*object)->mem_ctx); - *object = NULL; - return ret; -} - -static NTSTATUS group_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_group_data *groupdata) -{ - NTSTATUS ret; - - if (!object || !groupdata) { - DEBUG(0, ("tdbsam2_group_data_to_gums_object: no NULL pointers are accepted here!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - /* groupdata->xcounter */ - /* groupdata->sec_desc */ - - SET_OR_FAIL(gums_set_object_sid(*object, groupdata->group_sid), error); - SET_OR_FAIL(gums_set_object_name(*object, groupdata->name), error); - - if (groupdata->description) - SET_OR_FAIL(gums_set_object_description(*object, groupdata->description), error); - - if (groupdata->count) - SET_OR_FAIL(gums_set_group_members(*object, groupdata->count, groupdata->members), error); - - ret = NT_STATUS_OK; - return ret; - -error: - talloc_destroy((*object)->mem_ctx); - *object = NULL; - return ret; -} - -static NTSTATUS domain_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_domain_data *domdata) -{ - - NTSTATUS ret; - - if (!object || !*object || !domdata) { - DEBUG(0, ("tdbsam2_domain_data_to_gums_object: no NULL pointers are accepted here!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - /* domdata->xcounter */ - /* domdata->sec_desc */ - - SET_OR_FAIL(gums_set_object_sid(*object, domdata->dom_sid), error); - SET_OR_FAIL(gums_set_object_name(*object, domdata->name), error); - - if (domdata->description) - SET_OR_FAIL(gums_set_object_description(*object, domdata->description), error); - - ret = NT_STATUS_OK; - return ret; - -error: - talloc_destroy((*object)->mem_ctx); - *object = NULL; - return ret; -} - -static NTSTATUS data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_object *data) -{ - - NTSTATUS ret; - - if (!object || !data) { - DEBUG(0, ("tdbsam2_user_data_to_gums_object: no NULL structure pointers are accepted here!\n")); - ret = NT_STATUS_INVALID_PARAMETER; - goto done; - } - - ret = gums_create_object(object, data->type); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(5, ("tdbsam2_user_data_to_gums_object: error creating gums object!\n")); - goto done; - } - - switch (data->type) { - case GUMS_OBJ_DOMAIN: - ret = domain_data_to_gums_object(object, data->data.domain); - break; - - case GUMS_OBJ_NORMAL_USER: - ret = user_data_to_gums_object(object, data->data.user); - break; - - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - ret = group_data_to_gums_object(object, data->data.group); - break; - - default: - ret = NT_STATUS_UNSUCCESSFUL; - } - -done: - return ret; -} - - -/* GUMM object functions */ - -static NTSTATUS tdbsam2_get_domain_sid(DOM_SID *sid, const char* name) -{ - - NTSTATUS ret; - struct tdbsam2_object obj; - TALLOC_CTX *mem_ctx; - fstring domname; - - if (!sid || !name) - return NT_STATUS_INVALID_PARAMETER; - - mem_ctx = talloc_init("tdbsam2_get_domain_sid"); - if (!mem_ctx) { - DEBUG(0, ("tdbsam2_new_object: Out of memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - if (NT_STATUS_IS_ERR(ret = opentdb())) { - goto done; - } - - unix_strlower(name, -1, domname, sizeof(domname)); - - ret = get_object_by_name(mem_ctx, &obj, domname); - - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(0, ("tdbsam2_get_domain_sid: Error fetching database!\n")); - goto done; - } - - if (obj.type != GUMS_OBJ_DOMAIN) { - DEBUG(5, ("tdbsam2_get_domain_sid: Requested object is not a domain!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - sid_copy(sid, obj.data.domain->dom_sid); - - ret = NT_STATUS_OK; - -done: - talloc_destroy(mem_ctx); - return ret; -} - -static NTSTATUS tdbsam2_set_domain_sid (const DOM_SID *sid, const char *name) -{ - - NTSTATUS ret; - struct tdbsam2_object obj; - TALLOC_CTX *mem_ctx; - fstring domname; - - if (!sid || !name) - return NT_STATUS_INVALID_PARAMETER; - - mem_ctx = talloc_init("tdbsam2_set_domain_sid"); - if (!mem_ctx) { - DEBUG(0, ("tdbsam2_new_object: Out of memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - if (tdbsam2_db == NULL) { - if (NT_STATUS_IS_ERR(ret = opentdb())) { - goto done; - } - } - - unix_strlower(name, -1, domname, sizeof(domname)); - -/* TODO: we need to lock this entry until updated! */ - - ret = get_object_by_name(mem_ctx, &obj, domname); - - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(0, ("tdbsam2_get_domain_sid: Error fetching database!\n")); - goto done; - } - - if (obj.type != GUMS_OBJ_DOMAIN) { - DEBUG(5, ("tdbsam2_get_domain_sid: Requested object is not a domain!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - sid_copy(obj.data.domain->dom_sid, sid); - - ret = store_object(mem_ctx, &obj, False); - -done: -/* TODO: unlock here */ - if (mem_ctx) talloc_destroy(mem_ctx); - return ret; -} - -/* TODO */ - NTSTATUS (*get_sequence_number) (void); - - -extern DOM_SID global_sid_NULL; - -static NTSTATUS tdbsam2_new_object(DOM_SID *sid, const char *name, const int obj_type) -{ - - NTSTATUS ret; - struct tdbsam2_object obj; - TALLOC_CTX *mem_ctx; - NTTIME zero_time = {0,0}; - const char *defpw = "NOPASSWORDXXXXXX"; - uint8 defhours[21] = {255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255}; - - if (!sid || !name) { - DEBUG(0, ("tdbsam2_new_object: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - mem_ctx = talloc_init("tdbsam2_new_object"); - if (!mem_ctx) { - DEBUG(0, ("tdbsam2_new_object: Out of memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - obj.type = obj_type; - obj.version = TDBSAM_VERSION; - - switch (obj_type) { - case GUMS_OBJ_NORMAL_USER: - obj.data.user = (struct tdbsam2_user_data *)talloc_zero(mem_ctx, sizeof(struct tdbsam2_user_data)); - TALLOC_CHECK(obj.data.user, ret, done); - - get_next_sid(mem_ctx, &(obj.data.user->user_sid)); - TALLOC_CHECK(obj.data.user->user_sid, ret, done); - sid_copy(sid, obj.data.user->user_sid); - - obj.data.user->name = talloc_strdup(mem_ctx, name); - TALLOC_CHECK(obj.data.user, ret, done); - - obj.data.user->xcounter = 1; - /*obj.data.user->sec_desc*/ - obj.data.user->description = ""; - obj.data.user->group_sid = &global_sid_NULL; - obj.data.user->logon_time = &zero_time; - obj.data.user->logoff_time = &zero_time; - obj.data.user->kickoff_time = &zero_time; - obj.data.user->pass_last_set_time = &zero_time; - obj.data.user->pass_can_change_time = &zero_time; - obj.data.user->pass_must_change_time = &zero_time; - - obj.data.user->full_name = ""; - obj.data.user->home_dir = ""; - obj.data.user->dir_drive = ""; - obj.data.user->logon_script = ""; - obj.data.user->profile_path = ""; - obj.data.user->workstations = ""; - obj.data.user->unknown_str = ""; - obj.data.user->munged_dial = ""; - - obj.data.user->lm_pw_ptr = defpw; - obj.data.user->nt_pw_ptr = defpw; - - obj.data.user->logon_divs = 168; - obj.data.user->hours_len = 21; - obj.data.user->hours = &defhours; - - obj.data.user->unknown_3 = 0x00ffffff; - obj.data.user->unknown_5 = 0x00020000; - obj.data.user->unknown_6 = 0x000004ec; - break; - - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - obj.data.group = (struct tdbsam2_group_data *)talloc_zero(mem_ctx, sizeof(struct tdbsam2_group_data)); - TALLOC_CHECK(obj.data.group, ret, done); - - get_next_sid(mem_ctx, &(obj.data.group->group_sid)); - TALLOC_CHECK(obj.data.group->group_sid, ret, done); - sid_copy(sid, obj.data.group->group_sid); - - obj.data.group->name = talloc_strdup(mem_ctx, name); - TALLOC_CHECK(obj.data.group, ret, done); - - obj.data.group->xcounter = 1; - /*obj.data.group->sec_desc*/ - obj.data.group->description = ""; - - break; - - case GUMS_OBJ_DOMAIN: - - /* FIXME: should we check against global_sam_sid to make it impossible - to store more than one domain ? */ - - obj.data.domain = (struct tdbsam2_domain_data *)talloc_zero(mem_ctx, sizeof(struct tdbsam2_domain_data)); - TALLOC_CHECK(obj.data.domain, ret, done); - - obj.data.domain->dom_sid = sid_dup_talloc(mem_ctx, get_global_sam_sid()); - TALLOC_CHECK(obj.data.domain->dom_sid, ret, done); - sid_copy(sid, obj.data.domain->dom_sid); - - obj.data.domain->name = talloc_strdup(mem_ctx, name); - TALLOC_CHECK(obj.data.domain, ret, done); - - obj.data.domain->xcounter = 1; - /*obj.data.domain->sec_desc*/ - obj.data.domain->next_rid = 0x3e9; - obj.data.domain->description = ""; - - ret = NT_STATUS_OK; - break; - - default: - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - ret = store_object(mem_ctx, &obj, True); - -done: - talloc_destroy(mem_ctx); - return ret; -} - -static NTSTATUS tdbsam2_delete_object(const DOM_SID *sid) -{ - NTSTATUS ret; - struct tdbsam2_object obj; - TALLOC_CTX *mem_ctx; - TDB_DATA data, key; - fstring keystr; - - if (!sid) { - DEBUG(0, ("tdbsam2_delete_object: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - mem_ctx = talloc_init("tdbsam2_delete_object"); - if (!mem_ctx) { - DEBUG(0, ("tdbsam2_delete_object: Out of memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - if (tdbsam2_db == NULL) { - if (NT_STATUS_IS_ERR(ret = opentdb())) { - goto done; - } - } - - slprintf(keystr, sizeof(keystr)-1, "%s%s", SIDPREFIX, sid_string_static(sid)); - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - data = tdb_fetch(tdbsam2_db, key); - if (!data.dptr) { - DEBUG(5, ("tdbsam2_delete_object: Error fetching database, SID entry not found!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam2_db))); - DEBUGADD(5, (" Key: %s\n", keystr)); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - if (tdb_delete(tdbsam2_db, key) != TDB_SUCCESS) { - DEBUG(5, ("tdbsam2_delete_object: Error deleting object!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam2_db))); - DEBUGADD(5, (" Key: %s\n", keystr)); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - if (NT_STATUS_IS_ERR(init_tdbsam2_object_from_buffer(&obj, mem_ctx, data.dptr, data.dsize))) { - SAFE_FREE(data.dptr); - DEBUG(0, ("tdbsam2_delete_object: Error fetching database, malformed entry!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - switch (obj.type) { - case GUMS_OBJ_DOMAIN: - /* TODO: SHOULD WE ALLOW TO DELETE DOMAINS ? */ - slprintf(keystr, sizeof(keystr) - 1, "%s%s", NAMEPREFIX, obj.data.domain->name); - break; - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - slprintf(keystr, sizeof(keystr) - 1, "%s%s", NAMEPREFIX, obj.data.group->name); - break; - case GUMS_OBJ_NORMAL_USER: - slprintf(keystr, sizeof(keystr) - 1, "%s%s", NAMEPREFIX, obj.data.user->name); - break; - default: - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - if (tdb_delete(tdbsam2_db, key) != TDB_SUCCESS) { - DEBUG(5, ("tdbsam2_delete_object: Error deleting object!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam2_db))); - DEBUGADD(5, (" Key: %s\n", keystr)); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - -/* TODO: update the general database counter */ - -done: - SAFE_FREE(data.dptr); - talloc_destroy(mem_ctx); - return ret; -} - -static NTSTATUS tdbsam2_get_object_from_sid(GUMS_OBJECT **object, const DOM_SID *sid, const int obj_type) -{ - NTSTATUS ret; - struct tdbsam2_object obj; - TALLOC_CTX *mem_ctx; - - if (!object || !sid) { - DEBUG(0, ("tdbsam2_get_object_from_sid: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - mem_ctx = talloc_init("tdbsam2_get_object_from_sid"); - if (!mem_ctx) { - DEBUG(0, ("tdbsam2_get_object_from_sid: Out of memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - ret = get_object_by_sid(mem_ctx, &obj, sid); - if (NT_STATUS_IS_ERR(ret) || (obj_type && obj.type != obj_type)) { - DEBUG(0, ("tdbsam2_get_object_from_sid: error fetching object or wrong object type!\n")); - goto done; - } - - ret = data_to_gums_object(object, &obj); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(0, ("tdbsam2_get_object_from_sid: error setting object data!\n")); - goto done; - } - -done: - talloc_destroy(mem_ctx); - return ret; -} - -static NTSTATUS tdbsam2_get_object_from_name(GUMS_OBJECT **object, const char *name, const int obj_type) -{ - NTSTATUS ret; - struct tdbsam2_object obj; - TALLOC_CTX *mem_ctx; - - if (!object || !name) { - DEBUG(0, ("tdbsam2_get_object_from_sid: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - mem_ctx = talloc_init("tdbsam2_get_object_from_sid"); - if (!mem_ctx) { - DEBUG(0, ("tdbsam2_get_object_from_sid: Out of memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - ret = get_object_by_name(mem_ctx, &obj, name); - if (NT_STATUS_IS_ERR(ret) || (obj_type && obj.type != obj_type)) { - DEBUG(0, ("tdbsam2_get_object_from_sid: error fetching object or wrong object type!\n")); - goto done; - } - - ret = data_to_gums_object(object, &obj); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(0, ("tdbsam2_get_object_from_sid: error setting object data!\n")); - goto done; - } - -done: - talloc_destroy(mem_ctx); - return ret; -} - - /* This function is used to get the list of all objects changed since base_time, it is - used to support PDC<->BDC synchronization */ - NTSTATUS (*get_updated_objects) (GUMS_OBJECT **objects, const NTTIME base_time); - -static NTSTATUS tdbsam2_enumerate_objects_start(void *handle, const DOM_SID *sid, const int obj_type) -{ - struct tdbsam2_enum_objs *teo, *t; - pstring tdbfile; - - teo = (struct tdbsam2_enum_objs *)calloc(1, sizeof(struct tdbsam2_enum_objs)); - if (!teo) { - DEBUG(0, ("tdbsam2_enumerate_objects_start: Out of Memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - teo->type = obj_type; - if (sid) { - sid_to_string(teo->dom_sid, sid); - } - - get_private_directory(tdbfile); - pstrcat(tdbfile, "/"); - pstrcat(tdbfile, TDB_FILE_NAME); - - teo->db = tdb_open_log(tdbfile, 0, TDB_DEFAULT, O_RDONLY, 0600); - if (!teo->db) - { - DEBUG(0, ("tdbsam2_enumerate_objects_start: Unable to open database (%s)!\n", tdbfile)); - SAFE_FREE(teo); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!teo_handlers) { - *teo_handlers = teo; - } else { - t = *teo_handlers; - while (t->next) { - t = t->next; - } - t->next = teo; - } - - handle = teo; - - teo->key = tdb_firstkey(teo->db); - - return NT_STATUS_OK; -} - -static NTSTATUS tdbsam2_enumerate_objects_get_next(GUMS_OBJECT **object, void *handle) -{ - NTSTATUS ret; - TALLOC_CTX *mem_ctx; - TDB_DATA data; - struct tdbsam2_enum_objs *teo; - struct tdbsam2_object obj; - const char *prefix = SIDPREFIX; - const int preflen = strlen(prefix); - - if (!object || !handle) { - DEBUG(0, ("tdbsam2_get_object_from_sid: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - teo = (struct tdbsam2_enum_objs *)handle; - - mem_ctx = talloc_init("tdbsam2_enumerate_objects_get_next"); - if (!mem_ctx) { - DEBUG(0, ("tdbsam2_enumerate_objects_get_next: Out of memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - while ((teo->key.dsize != 0)) { - int len, version, type, size; - char *ptr; - - if (strncmp(teo->key.dptr, prefix, preflen)) { - teo->key = tdb_nextkey(teo->db, teo->key); - continue; - } - - if (teo->dom_sid) { - if (strncmp(&(teo->key.dptr[preflen]), teo->dom_sid, strlen(teo->dom_sid))) { - teo->key = tdb_nextkey(teo->db, teo->key); - continue; - } - } - - data = tdb_fetch(teo->db, teo->key); - if (!data.dptr) { - DEBUG(5, ("tdbsam2_enumerate_objects_get_next: Error fetching database, SID entry not found!\n")); - DEBUGADD(5, (" Error: %s\n", tdb_errorstr(teo->db))); - DEBUGADD(5, (" Key: %s\n", teo->key.dptr)); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - len = tdb_unpack (data.dptr, data.dsize, TDB_FORMAT_STRING, - &version, - &type, - &size, &ptr); - - if (len == -1) { - DEBUG(5, ("tdbsam2_enumerate_objects_get_next: Error unable to unpack data!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - SAFE_FREE(ptr); - - if (teo->type && type != teo->type) { - SAFE_FREE(data.dptr); - data.dsize = 0; - teo->key = tdb_nextkey(teo->db, teo->key); - continue; - } - - break; - } - - if (data.dsize != 0) { - if (NT_STATUS_IS_ERR(init_tdbsam2_object_from_buffer(&obj, mem_ctx, data.dptr, data.dsize))) { - SAFE_FREE(data.dptr); - DEBUG(0, ("tdbsam2_enumerate_objects_get_next: Error fetching database, malformed entry!\n")); - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } - SAFE_FREE(data.dptr); - } - - ret = data_to_gums_object(object, &obj); - -done: - talloc_destroy(mem_ctx); - return ret; -} - -static NTSTATUS tdbsam2_enumerate_objects_stop(void *handle) -{ - struct tdbsam2_enum_objs *teo, *t, *p; - - teo = (struct tdbsam2_enum_objs *)handle; - - if (*teo_handlers == teo) { - *teo_handlers = teo->next; - } else { - t = *teo_handlers; - while (t != teo) { - p = t; - t = t->next; - if (t == NULL) { - DEBUG(0, ("tdbsam2_enumerate_objects_stop: Error, handle not found!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - } - p = t->next; - } - - tdb_close(teo->db); - SAFE_FREE(teo); - - return NT_STATUS_OK; -} - - /* This function MUST be used ONLY by PDC<->BDC replication code or recovery tools. - Never use this function to update an object in the database, use set_object_values() */ - NTSTATUS (*set_object) (const GUMS_OBJECT *object); - - /* set object values function */ - NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET *data_set); - - /* Group related functions */ - NTSTATUS (*add_memberss_to_group) (const DOM_SID *group, const DOM_SID **members); - NTSTATUS (*delete_members_from_group) (const DOM_SID *group, const DOM_SID **members); - NTSTATUS (*enumerate_group_members) (DOM_SID **members, const DOM_SID *sid, const int type); - - NTSTATUS (*get_sid_groups) (DOM_SID **groups, const DOM_SID *sid); - - NTSTATUS (*lock_sid) (const DOM_SID *sid); - NTSTATUS (*unlock_sid) (const DOM_SID *sid); - - /* privileges related functions */ - - NTSTATUS (*add_members_to_privilege) (const LUID_ATTR *priv, const DOM_SID **members); - NTSTATUS (*delete_members_from_privilege) (const LUID_ATTR *priv, const DOM_SID **members); - NTSTATUS (*enumerate_privilege_members) (DOM_SID **members, const LUID_ATTR *priv); - NTSTATUS (*get_sid_privileges) (DOM_SID **privs, const DOM_SID *sid); - /* warning!: set_privilege will overwrite a prior existing privilege if such exist */ - NTSTATUS (*set_privilege) (GUMS_PRIVILEGE *priv); - - -int gumm_init(GUMS_FUNCTIONS **storage) -{ - tdbsam2_db = NULL; - teo_handlers = 0; - - return 0; -} - -#if 0 -int main(int argc, char *argv[]) -{ - NTSTATUS ret; - DOM_SID dsid; - - if (argc < 2) { - printf ("not enough arguments!\n"); - exit(0); - } - - if (!lp_load(dyn_CONFIGFILE,True,False,False)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE); - exit(1); - } - - ret = tdbsam2_new_object(&dsid, "_domain_", GUMS_OBJ_DOMAIN); - if (NT_STATUS_IS_OK(ret)) { - printf ("_domain_ created, sid=%s\n", sid_string_static(&dsid)); - } else { - printf ("_domain_ creation error n. 0x%08x\n", ret.v); - } - ret = tdbsam2_new_object(&dsid, argv[1], GUMS_OBJ_NORMAL_USER); - if (NT_STATUS_IS_OK(ret)) { - printf ("%s user created, sid=%s\n", argv[1], sid_string_static(&dsid)); - } else { - printf ("%s user creation error n. 0x%08x\n", argv[1], ret.v); - } - - exit(0); -} -#endif diff --git a/source3/sam/gums.c b/source3/sam/gums.c deleted file mode 100644 index a118740637..0000000000 --- a/source3/sam/gums.c +++ /dev/null @@ -1,161 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Grops and Users Management System initializations. - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -/*#undef DBGC_CLASS -#define DBGC_CLASS DBGC_GUMS*/ - -#define GMV_MAJOR 0 -#define GMV_MINOR 1 - -#define PRIV_NONE 0 -#define PRIV_CREATE_TOKEN 1 -#define PRIV_ASSIGNPRIMARYTOKEN 2 -#define PRIV_LOCK_MEMORY 3 -#define PRIV_INCREASE_QUOTA 4 -#define PRIV_MACHINE_ACCOUNT 5 -#define PRIV_TCB 6 -#define PRIV_SECURITY 7 -#define PRIV_TAKE_OWNERSHIP 8 -#define PRIV_LOAD_DRIVER 9 -#define PRIV_SYSTEM_PROFILE 10 -#define PRIV_SYSTEMTIME 11 -#define PRIV_PROF_SINGLE_PROCESS 12 -#define PRIV_INC_BASE_PRIORITY 13 -#define PRIV_CREATE_PAGEFILE 14 -#define PRIV_CREATE_PERMANENT 15 -#define PRIV_BACKUP 16 -#define PRIV_RESTORE 17 -#define PRIV_SHUTDOWN 18 -#define PRIV_DEBUG 19 -#define PRIV_AUDIT 20 -#define PRIV_SYSTEM_ENVIRONMENT 21 -#define PRIV_CHANGE_NOTIFY 22 -#define PRIV_REMOTE_SHUTDOWN 23 -#define PRIV_UNDOCK 24 -#define PRIV_SYNC_AGENT 25 -#define PRIV_ENABLE_DELEGATION 26 -#define PRIV_ALL 255 - - -GUMS_FUNCTIONS *gums_storage; -static void *dl_handle; - -static PRIVS gums_privs[] = { - {PRIV_NONE, "no_privs", "No privilege"}, /* this one MUST be first */ - {PRIV_CREATE_TOKEN, "SeCreateToken", "Create Token"}, - {PRIV_ASSIGNPRIMARYTOKEN, "SeAssignPrimaryToken", "Assign Primary Token"}, - {PRIV_LOCK_MEMORY, "SeLockMemory", "Lock Memory"}, - {PRIV_INCREASE_QUOTA, "SeIncreaseQuotaPrivilege", "Increase Quota Privilege"}, - {PRIV_MACHINE_ACCOUNT, "SeMachineAccount", "Machine Account"}, - {PRIV_TCB, "SeTCB", "TCB"}, - {PRIV_SECURITY, "SeSecurityPrivilege", "Security Privilege"}, - {PRIV_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take Ownership Privilege"}, - {PRIV_LOAD_DRIVER, "SeLocalDriverPrivilege", "Local Driver Privilege"}, - {PRIV_SYSTEM_PROFILE, "SeSystemProfilePrivilege", "System Profile Privilege"}, - {PRIV_SYSTEMTIME, "SeSystemtimePrivilege", "System Time"}, - {PRIV_PROF_SINGLE_PROCESS, "SeProfileSingleProcessPrivilege", "Profile Single Process Privilege"}, - {PRIV_INC_BASE_PRIORITY, "SeIncreaseBasePriorityPrivilege", "Increase Base Priority Privilege"}, - {PRIV_CREATE_PAGEFILE, "SeCreatePagefilePrivilege", "Create Pagefile Privilege"}, - {PRIV_CREATE_PERMANENT, "SeCreatePermanent", "Create Permanent"}, - {PRIV_BACKUP, "SeBackupPrivilege", "Backup Privilege"}, - {PRIV_RESTORE, "SeRestorePrivilege", "Restore Privilege"}, - {PRIV_SHUTDOWN, "SeShutdownPrivilege", "Shutdown Privilege"}, - {PRIV_DEBUG, "SeDebugPrivilege", "Debug Privilege"}, - {PRIV_AUDIT, "SeAudit", "Audit"}, - {PRIV_SYSTEM_ENVIRONMENT, "SeSystemEnvironmentPrivilege", "System Environment Privilege"}, - {PRIV_CHANGE_NOTIFY, "SeChangeNotify", "Change Notify"}, - {PRIV_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Remote Shutdown Privilege"}, - {PRIV_UNDOCK, "SeUndock", "Undock"}, - {PRIV_SYNC_AGENT, "SeSynchronizationAgent", "Synchronization Agent"}, - {PRIV_ENABLE_DELEGATION, "SeEnableDelegation", "Enable Delegation"}, - {PRIV_ALL, "SaAllPrivs", "All Privileges"} -}; - -NTSTATUS gums_init(const char *module_name) -{ - int (*module_version)(int); - NTSTATUS (*module_init)(); -/* gums_module_init module_init;*/ - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - DEBUG(5, ("Opening gums module %s\n", module_name)); - dl_handle = sys_dlopen(module_name, RTLD_NOW); - if (!dl_handle) { - DEBUG(0, ("ERROR: Failed to load gums module %s, error: %s\n", module_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - module_version = sys_dlsym(dl_handle, "gumm_version"); - if (!module_version) { - DEBUG(0, ("ERROR: Failed to find gums module version!\n")); - goto error; - } - - if (module_version(GMV_MAJOR) != GUMS_VERSION_MAJOR) { - DEBUG(0, ("ERROR: Module's major version does not match gums version!\n")); - goto error; - } - - if (module_version(GMV_MINOR) != GUMS_VERSION_MINOR) { - DEBUG(1, ("WARNING: Module's minor version does not match gums version!\n")); - } - - module_init = sys_dlsym(dl_handle, "gumm_init"); - if (!module_init) { - DEBUG(0, ("ERROR: Failed to find gums module's init function!\n")); - goto error; - } - - DEBUG(5, ("Initializing module %s\n", module_name)); - - ret = module_init(&gums_storage); - goto done; - -error: - ret = NT_STATUS_UNSUCCESSFUL; - sys_dlclose(dl_handle); - -done: - return ret; -} - -NTSTATUS gums_unload(void) -{ - NTSTATUS ret; - NTSTATUS (*module_finalize)(); - - if (!dl_handle) - return NT_STATUS_UNSUCCESSFUL; - - module_finalize = sys_dlsym(dl_handle, "gumm_finalize"); - if (!module_finalize) { - DEBUG(0, ("ERROR: Failed to find gums module's init function!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - DEBUG(5, ("Finalizing module")); - - ret = module_finalize(); - sys_dlclose(dl_handle); - - return ret; -} diff --git a/source3/sam/gums_api.c b/source3/sam/gums_api.c deleted file mode 100644 index 2e5dcd143a..0000000000 --- a/source3/sam/gums_api.c +++ /dev/null @@ -1,1470 +0,0 @@ -/* - Unix SMB/CIFS implementation. - GUMS structures - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - - -/******************************************************************* - Create a SEC_ACL structure. -********************************************************************/ - -static SEC_ACL *make_sec_acl(TALLOC_CTX *ctx, uint16 revision, int num_aces, SEC_ACE *ace_list) -{ - SEC_ACL *dst; - int i; - - if((dst = (SEC_ACL *)talloc_zero(ctx,sizeof(SEC_ACL))) == NULL) - return NULL; - - dst->revision = revision; - dst->num_aces = num_aces; - dst->size = SEC_ACL_HEADER_SIZE; - - /* Now we need to return a non-NULL address for the ace list even - if the number of aces required is zero. This is because there - is a distinct difference between a NULL ace and an ace with zero - entries in it. This is achieved by checking that num_aces is a - positive number. */ - - if ((num_aces) && - ((dst->ace = (SEC_ACE *)talloc(ctx, sizeof(SEC_ACE) * num_aces)) - == NULL)) { - return NULL; - } - - for (i = 0; i < num_aces; i++) { - dst->ace[i] = ace_list[i]; /* Structure copy. */ - dst->size += ace_list[i].size; - } - - return dst; -} - - - -/******************************************************************* - Duplicate a SEC_ACL structure. -********************************************************************/ - -static SEC_ACL *dup_sec_acl(TALLOC_CTX *ctx, SEC_ACL *src) -{ - if(src == NULL) - return NULL; - - return make_sec_acl(ctx, src->revision, src->num_aces, src->ace); -} - - - -/******************************************************************* - Creates a SEC_DESC structure -********************************************************************/ - -static SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision, - DOM_SID *owner_sid, DOM_SID *grp_sid, - SEC_ACL *sacl, SEC_ACL *dacl, size_t *sd_size) -{ - SEC_DESC *dst; - uint32 offset = 0; - uint32 offset_sid = SEC_DESC_HEADER_SIZE; - uint32 offset_acl = 0; - - *sd_size = 0; - - if(( dst = (SEC_DESC *)talloc_zero(ctx, sizeof(SEC_DESC))) == NULL) - return NULL; - - dst->revision = revision; - dst->type = SEC_DESC_SELF_RELATIVE; - - if (sacl) dst->type |= SEC_DESC_SACL_PRESENT; - if (dacl) dst->type |= SEC_DESC_DACL_PRESENT; - - dst->off_owner_sid = 0; - dst->off_grp_sid = 0; - dst->off_sacl = 0; - dst->off_dacl = 0; - - if(owner_sid && ((dst->owner_sid = sid_dup_talloc(ctx,owner_sid)) == NULL)) - goto error_exit; - - if(grp_sid && ((dst->grp_sid = sid_dup_talloc(ctx,grp_sid)) == NULL)) - goto error_exit; - - if(sacl && ((dst->sacl = dup_sec_acl(ctx, sacl)) == NULL)) - goto error_exit; - - if(dacl && ((dst->dacl = dup_sec_acl(ctx, dacl)) == NULL)) - goto error_exit; - - offset = 0; - - /* - * Work out the linearization sizes. - */ - if (dst->owner_sid != NULL) { - - if (offset == 0) - offset = SEC_DESC_HEADER_SIZE; - - offset += sid_size(dst->owner_sid); - } - - if (dst->grp_sid != NULL) { - - if (offset == 0) - offset = SEC_DESC_HEADER_SIZE; - - offset += sid_size(dst->grp_sid); - } - - if (dst->sacl != NULL) { - - offset_acl = SEC_DESC_HEADER_SIZE; - - dst->off_sacl = offset_acl; - offset_acl += dst->sacl->size; - offset += dst->sacl->size; - offset_sid += dst->sacl->size; - } - - if (dst->dacl != NULL) { - - if (offset_acl == 0) - offset_acl = SEC_DESC_HEADER_SIZE; - - dst->off_dacl = offset_acl; - offset_acl += dst->dacl->size; - offset += dst->dacl->size; - offset_sid += dst->dacl->size; - } - - *sd_size = (size_t)((offset == 0) ? SEC_DESC_HEADER_SIZE : offset); - - if (dst->owner_sid != NULL) - dst->off_owner_sid = offset_sid; - - /* sid_size() returns 0 if the sid is NULL so this is ok */ - - if (dst->grp_sid != NULL) - dst->off_grp_sid = offset_sid + sid_size(dst->owner_sid); - - return dst; - -error_exit: - - *sd_size = 0; - return NULL; -} - -/******************************************************************* - Duplicate a SEC_DESC structure. -********************************************************************/ - -static SEC_DESC *dup_sec_desc( TALLOC_CTX *ctx, SEC_DESC *src) -{ - size_t dummy; - - if(src == NULL) - return NULL; - - return make_sec_desc( ctx, src->revision, - src->owner_sid, src->grp_sid, src->sacl, - src->dacl, &dummy); -} - - - - - - - -extern GUMS_FUNCTIONS *gums_storage; - -/* Functions to get/set info from a GUMS object */ - -NTSTATUS gums_get_object_type(uint32 *type, const GUMS_OBJECT *obj) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - *type = obj->type; - return NT_STATUS_OK; -} - -NTSTATUS gums_create_object(GUMS_OBJECT **obj, uint32 type) -{ - TALLOC_CTX *mem_ctx = talloc_init("gums_create_object"); - GUMS_OBJECT *go; - NTSTATUS ret; - - go = talloc_zero(mem_ctx, sizeof(GUMS_OBJECT)); - go->mem_ctx = mem_ctx; - go->type = type; - go->version = GUMS_OBJECT_VERSION; - - switch(type) { - case GUMS_OBJ_DOMAIN: - break; - -/* - case GUMS_OBJ_WORKSTATION_TRUST: - case GUMS_OBJ_SERVER_TRUST: - case GUMS_OBJ_DOMAIN_TRUST: -*/ - case GUMS_OBJ_NORMAL_USER: - go->data.user = (GUMS_USER *)talloc_zero(mem_ctx, sizeof(GUMS_USER)); - break; - - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - go->data.group = (GUMS_GROUP *)talloc_zero(mem_ctx, sizeof(GUMS_GROUP)); - break; - - default: - /* TODO: throw error */ - ret = NT_STATUS_OBJECT_TYPE_MISMATCH; - goto error; - } - - if (!(go->data.user)) { - ret = NT_STATUS_NO_MEMORY; - DEBUG(0, ("gums_create_object: Out of memory!\n")); - goto error; - } - - *obj = go; - return NT_STATUS_OK; - -error: - talloc_destroy(go->mem_ctx); - *obj = NULL; - return ret; -} - -NTSTATUS gums_get_object_seq_num(uint32 *version, const GUMS_OBJECT *obj) -{ - if (!version || !obj) - return NT_STATUS_INVALID_PARAMETER; - - *version = obj->version; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_object_seq_num(GUMS_OBJECT *obj, uint32 version) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - obj->version = version; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_sec_desc(SEC_DESC **sec_desc, const GUMS_OBJECT *obj) -{ - if (!sec_desc || !obj) - return NT_STATUS_INVALID_PARAMETER; - - *sec_desc = obj->sec_desc; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_sec_desc(GUMS_OBJECT *obj, const SEC_DESC *sec_desc) -{ - if (!obj || !sec_desc) - return NT_STATUS_INVALID_PARAMETER; - - obj->sec_desc = dup_sec_desc(obj->mem_ctx, sec_desc); - if (!(obj->sec_desc)) return NT_STATUS_UNSUCCESSFUL; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_object_sid(DOM_SID **sid, const GUMS_OBJECT *obj) -{ - if (!sid || !obj) - return NT_STATUS_INVALID_PARAMETER; - - *sid = obj->sid; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_object_sid(GUMS_OBJECT *obj, const DOM_SID *sid) -{ - if (!obj || !sid) - return NT_STATUS_INVALID_PARAMETER; - - obj->sid = sid_dup_talloc(obj->mem_ctx, sid); - if (!(obj->sid)) return NT_STATUS_UNSUCCESSFUL; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_object_name(char **name, const GUMS_OBJECT *obj) -{ - if (!name || !obj) - return NT_STATUS_INVALID_PARAMETER; - - *name = obj->name; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_object_name(GUMS_OBJECT *obj, const char *name) -{ - if (!obj || !name) - return NT_STATUS_INVALID_PARAMETER; - - obj->name = (char *)talloc_strdup(obj->mem_ctx, name); - if (!(obj->name)) return NT_STATUS_UNSUCCESSFUL; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_object_description(char **description, const GUMS_OBJECT *obj) -{ - if (!description || !obj) - return NT_STATUS_INVALID_PARAMETER; - - *description = obj->description; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_object_description(GUMS_OBJECT *obj, const char *description) -{ - if (!obj || !description) - return NT_STATUS_INVALID_PARAMETER; - - obj->description = (char *)talloc_strdup(obj->mem_ctx, description); - if (!(obj->description)) return NT_STATUS_UNSUCCESSFUL; - return NT_STATUS_OK; -} - -/* User specific functions */ - -/* -NTSTATUS gums_get_object_privileges(PRIVILEGE_SET **priv_set, const GUMS_OBJECT *obj) -{ - if (!priv_set) - return NT_STATUS_INVALID_PARAMETER; - - *priv_set = obj->priv_set; - return NT_STATUS_OK; -} -*/ - -NTSTATUS gums_get_domain_next_rid(uint32 *rid, const GUMS_OBJECT *obj) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_DOMAIN) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *rid = obj->data.domain->next_rid; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_domain_next_rid(GUMS_OBJECT *obj, uint32 rid) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_DOMAIN) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.domain->next_rid = rid; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_pri_group(DOM_SID **sid, const GUMS_OBJECT *obj) -{ - if (!sid || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *sid = obj->data.user->group_sid; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_pri_group(GUMS_OBJECT *obj, const DOM_SID *sid) -{ - if (!obj || !sid) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->group_sid = sid_dup_talloc(obj->mem_ctx, sid); - if (!(obj->data.user->group_sid)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_nt_pwd(DATA_BLOB **nt_pwd, const GUMS_OBJECT *obj) -{ - if (!nt_pwd || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *nt_pwd = &(obj->data.user->nt_pw); - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_nt_pwd(GUMS_OBJECT *obj, const DATA_BLOB nt_pwd) -{ - if (!obj || nt_pwd.length != NT_HASH_LEN) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->nt_pw = data_blob_talloc(obj->mem_ctx, nt_pwd.data, nt_pwd.length); - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_lm_pwd(DATA_BLOB **lm_pwd, const GUMS_OBJECT *obj) -{ - if (!lm_pwd || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *lm_pwd = &(obj->data.user->lm_pw); - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_lm_pwd(GUMS_OBJECT *obj, const DATA_BLOB lm_pwd) -{ - if (!obj || lm_pwd.length != LM_HASH_LEN) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->lm_pw = data_blob_talloc(obj->mem_ctx, lm_pwd.data, lm_pwd.length); - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_fullname(char **fullname, const GUMS_OBJECT *obj) -{ - if (!fullname || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *fullname = obj->data.user->full_name; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_fullname(GUMS_OBJECT *obj, const char *fullname) -{ - if (!obj || !fullname) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->full_name = (char *)talloc_strdup(obj->mem_ctx, fullname); - if (!(obj->data.user->full_name)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_homedir(char **homedir, const GUMS_OBJECT *obj) -{ - if (!homedir || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *homedir = obj->data.user->home_dir; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_homedir(GUMS_OBJECT *obj, const char *homedir) -{ - if (!obj || !homedir) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->home_dir = (char *)talloc_strdup(obj->mem_ctx, homedir); - if (!(obj->data.user->home_dir)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_dir_drive(char **dirdrive, const GUMS_OBJECT *obj) -{ - if (!dirdrive || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *dirdrive = obj->data.user->dir_drive; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_dir_drive(GUMS_OBJECT *obj, const char *dir_drive) -{ - if (!obj || !dir_drive) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->dir_drive = (char *)talloc_strdup(obj->mem_ctx, dir_drive); - if (!(obj->data.user->dir_drive)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_logon_script(char **logon_script, const GUMS_OBJECT *obj) -{ - if (!logon_script || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *logon_script = obj->data.user->logon_script; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_logon_script(GUMS_OBJECT *obj, const char *logon_script) -{ - if (!obj || !logon_script) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->logon_script = (char *)talloc_strdup(obj->mem_ctx, logon_script); - if (!(obj->data.user->logon_script)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_profile_path(char **profile_path, const GUMS_OBJECT *obj) -{ - if (!profile_path || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *profile_path = obj->data.user->profile_path; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_profile_path(GUMS_OBJECT *obj, const char *profile_path) -{ - if (!obj || !profile_path) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->profile_path = (char *)talloc_strdup(obj->mem_ctx, profile_path); - if (!(obj->data.user->profile_path)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_workstations(char **workstations, const GUMS_OBJECT *obj) -{ - if (!workstations || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *workstations = obj->data.user->workstations; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_workstations(GUMS_OBJECT *obj, const char *workstations) -{ - if (!obj || !workstations) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->workstations = (char *)talloc_strdup(obj->mem_ctx, workstations); - if (!(obj->data.user->workstations)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_unknown_str(char **unknown_str, const GUMS_OBJECT *obj) -{ - if (!unknown_str || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *unknown_str = obj->data.user->unknown_str; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_unknown_str(GUMS_OBJECT *obj, const char *unknown_str) -{ - if (!obj || !unknown_str) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->unknown_str = (char *)talloc_strdup(obj->mem_ctx, unknown_str); - if (!(obj->data.user->unknown_str)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_munged_dial(char **munged_dial, const GUMS_OBJECT *obj) -{ - if (!munged_dial || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *munged_dial = obj->data.user->munged_dial; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_munged_dial(GUMS_OBJECT *obj, const char *munged_dial) -{ - if (!obj || !munged_dial) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->munged_dial = (char *)talloc_strdup(obj->mem_ctx, munged_dial); - if (!(obj->data.user->munged_dial)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_logon_time(NTTIME *logon_time, const GUMS_OBJECT *obj) -{ - if (!logon_time || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *logon_time = obj->data.user->logon_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_logon_time(GUMS_OBJECT *obj, NTTIME logon_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->logon_time = logon_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_logoff_time(NTTIME *logoff_time, const GUMS_OBJECT *obj) -{ - if (!logoff_time || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *logoff_time = obj->data.user->logoff_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_logoff_time(GUMS_OBJECT *obj, NTTIME logoff_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->logoff_time = logoff_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_kickoff_time(NTTIME *kickoff_time, const GUMS_OBJECT *obj) -{ - if (!kickoff_time || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *kickoff_time = obj->data.user->kickoff_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_kickoff_time(GUMS_OBJECT *obj, NTTIME kickoff_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->kickoff_time = kickoff_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_pass_last_set_time(NTTIME *pass_last_set_time, const GUMS_OBJECT *obj) -{ - if (!pass_last_set_time || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *pass_last_set_time = obj->data.user->pass_last_set_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_pass_last_set_time(GUMS_OBJECT *obj, NTTIME pass_last_set_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->pass_last_set_time = pass_last_set_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_pass_can_change_time(NTTIME *pass_can_change_time, const GUMS_OBJECT *obj) -{ - if (!pass_can_change_time || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *pass_can_change_time = obj->data.user->pass_can_change_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_pass_can_change_time(GUMS_OBJECT *obj, NTTIME pass_can_change_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->pass_can_change_time = pass_can_change_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_pass_must_change_time(NTTIME *pass_must_change_time, const GUMS_OBJECT *obj) -{ - if (!pass_must_change_time || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *pass_must_change_time = obj->data.user->pass_must_change_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_pass_must_change_time(GUMS_OBJECT *obj, NTTIME pass_must_change_time) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->pass_must_change_time = pass_must_change_time; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_logon_divs(uint16 *logon_divs, const GUMS_OBJECT *obj) -{ - if (!logon_divs || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *logon_divs = obj->data.user->logon_divs; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_logon_divs(GUMS_OBJECT *obj, uint16 logon_divs) -{ - if (!obj || !logon_divs) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->logon_divs = logon_divs; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_hours_len(uint32 *hours_len, const GUMS_OBJECT *obj) -{ - if (!hours_len || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *hours_len = obj->data.user->hours_len; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_hours_len(GUMS_OBJECT *obj, uint32 hours_len) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->hours_len = hours_len; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_hours(uint8 **hours, const GUMS_OBJECT *obj) -{ - if (!hours || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *hours = obj->data.user->hours; - return NT_STATUS_OK; -} - -/* WARNING: always set hours_len before hours */ -NTSTATUS gums_set_user_hours(GUMS_OBJECT *obj, const uint8 *hours) -{ - if (!obj || !hours) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - if (obj->data.user->hours_len == 0) - DEBUG(10, ("gums_set_user_hours: Warning, hours_len is zero!\n")); - - obj->data.user->hours = (uint8 *)talloc_memdup(obj->mem_ctx, hours, obj->data.user->hours_len); - if (!(obj->data.user->hours) & (obj->data.user->hours_len != 0)) return NT_STATUS_NO_MEMORY; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_unknown_3(uint32 *unknown_3, const GUMS_OBJECT *obj) -{ - if (!unknown_3 || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *unknown_3 = obj->data.user->unknown_3; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_unknown_3(GUMS_OBJECT *obj, uint32 unknown_3) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->unknown_3 = unknown_3; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_unknown_5(uint32 *unknown_5, const GUMS_OBJECT *obj) -{ - if (!unknown_5 || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *unknown_5 = obj->data.user->unknown_5; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_unknown_5(GUMS_OBJECT *obj, uint32 unknown_5) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->unknown_5 = unknown_5; - return NT_STATUS_OK; -} - -NTSTATUS gums_get_user_unknown_6(uint32 *unknown_6, const GUMS_OBJECT *obj) -{ - if (!unknown_6 || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *unknown_6 = obj->data.user->unknown_6; - return NT_STATUS_OK; -} - -NTSTATUS gums_set_user_unknown_6(GUMS_OBJECT *obj, uint32 unknown_6) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->unknown_6 = unknown_6; - return NT_STATUS_OK; -} - -/* Group specific functions */ - -NTSTATUS gums_get_group_members(uint32 *count, DOM_SID **members, const GUMS_OBJECT *obj) -{ - if (!count || !members || !obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_GROUP && - obj->type != GUMS_OBJ_ALIAS) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - *count = obj->data.group->count; - *members = *(obj->data.group->members); - return NT_STATUS_OK; -} - -NTSTATUS gums_set_group_members(GUMS_OBJECT *obj, uint32 count, DOM_SID **members) -{ - uint32 n; - - if (!obj || !members || !members) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_GROUP && - obj->type != GUMS_OBJ_ALIAS) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.group->count = count; - n = 0; - do { - obj->data.group->members[n] = sid_dup_talloc(obj->mem_ctx, members[n]); - if (!(obj->data.group->members[n])) return NT_STATUS_NO_MEMORY; - n++; - } while (n < count); - return NT_STATUS_OK; -} - -/* data_store set functions */ - -NTSTATUS gums_create_commit_set(GUMS_COMMIT_SET **com_set, TALLOC_CTX *ctx, DOM_SID *sid, uint32 type) -{ - TALLOC_CTX *mem_ctx; - GUMS_COMMIT_SET *set; - - mem_ctx = talloc_init("commit_set"); - if (mem_ctx == NULL) - return NT_STATUS_NO_MEMORY; - set = (GUMS_COMMIT_SET *)talloc(mem_ctx, sizeof(GUMS_COMMIT_SET)); - if (set == NULL) { - talloc_destroy(mem_ctx); - return NT_STATUS_NO_MEMORY; - } - - set->mem_ctx = mem_ctx; - set->type = type; - sid_copy(&(set->sid), sid); - set->count = 0; - set->data = NULL; - *com_set = set; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_set_sec_desc(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, SEC_DESC *sec_desc) -{ - GUMS_DATA_SET *data_set; - SEC_DESC *new_sec_desc; - - if (!mem_ctx || !com_set || !sec_desc) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data[0] = data_set; - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_SET_SEC_DESC; - new_sec_desc = dup_sec_desc(mem_ctx, sec_desc); - if (new_sec_desc == NULL) - return NT_STATUS_NO_MEMORY; - - (SEC_DESC *)(data_set->data) = new_sec_desc; - - return NT_STATUS_OK; -} - -/* -NTSTATUS gums_cs_add_privilege(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, LUID_ATTR priv) -{ - GUMS_DATA_SET *data_set; - LUID_ATTR *new_priv; - - if (!mem_ctx || !com_set) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data[0] = data_set; - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_ADD_PRIVILEGE; - if (NT_STATUS_IS_ERR(dupalloc_luid_attr(mem_ctx, &new_priv, priv))) - return NT_STATUS_NO_MEMORY; - - (SEC_DESC *)(data_set->data) = new_priv; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_del_privilege(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, LUID_ATTR priv) -{ - GUMS_DATA_SET *data_set; - LUID_ATTR *new_priv; - - if (!mem_ctx || !com_set) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data[0] = data_set; - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_DEL_PRIVILEGE; - if (NT_STATUS_IS_ERR(dupalloc_luid_attr(mem_ctx, &new_priv, priv))) - return NT_STATUS_NO_MEMORY; - - (SEC_DESC *)(data_set->data) = new_priv; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_set_privilege_set(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, PRIVILEGE_SET *priv_set) -{ - GUMS_DATA_SET *data_set; - PRIVILEGE_SET *new_priv_set; - - if (!mem_ctx || !com_set || !priv_set) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data[0] = data_set; - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_SET_PRIVILEGE; - if (NT_STATUS_IS_ERR(dup_priv_set(&new_priv_set, mem_ctx, priv_set))) - return NT_STATUS_NO_MEMORY; - - (SEC_DESC *)(data_set->data) = new_priv_set; - - return NT_STATUS_OK; -} -*/ - -NTSTATUS gums_cs_set_string(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, uint32 type, char *str) -{ - GUMS_DATA_SET *data_set; - char *new_str; - - if (!mem_ctx || !com_set || !str || type < GUMS_SET_NAME || type > GUMS_SET_MUNGED_DIAL) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data[0] = data_set; - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = type; - new_str = talloc_strdup(mem_ctx, str); - if (new_str == NULL) - return NT_STATUS_NO_MEMORY; - - (char *)(data_set->data) = new_str; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_set_name(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *name) -{ - return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, name); -} - -NTSTATUS gums_cs_set_description(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *desc) -{ - return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_DESCRIPTION, desc); -} - -NTSTATUS gums_cs_set_full_name(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *full_name) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, full_name); -} - -NTSTATUS gums_cs_set_home_directory(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *home_dir) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, home_dir); -} - -NTSTATUS gums_cs_set_drive(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *drive) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, drive); -} - -NTSTATUS gums_cs_set_logon_script(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *logon_script) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, logon_script); -} - -NTSTATUS gums_cs_set_profile_path(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *prof_path) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, prof_path); -} - -NTSTATUS gums_cs_set_workstations(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *wks) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, wks); -} - -NTSTATUS gums_cs_set_unknown_string(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *unkn_str) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, unkn_str); -} - -NTSTATUS gums_cs_set_munged_dial(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, char *munged_dial) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_string(mem_ctx, com_set, GUMS_SET_NAME, munged_dial); -} - -NTSTATUS gums_cs_set_nttime(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, uint32 type, NTTIME *nttime) -{ - GUMS_DATA_SET *data_set; - NTTIME *new_time; - - if (!mem_ctx || !com_set || !nttime || type < GUMS_SET_LOGON_TIME || type > GUMS_SET_PASS_MUST_CHANGE_TIME) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data[0] = data_set; - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = type; - new_time = talloc(mem_ctx, sizeof(NTTIME)); - if (new_time == NULL) - return NT_STATUS_NO_MEMORY; - - new_time->low = nttime->low; - new_time->high = nttime->high; - (char *)(data_set->data) = new_time; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_set_logon_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *logon_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, logon_time); -} - -NTSTATUS gums_cs_set_logoff_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *logoff_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_LOGOFF_TIME, logoff_time); -} - -NTSTATUS gums_cs_set_kickoff_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *kickoff_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_KICKOFF_TIME, kickoff_time); -} - -NTSTATUS gums_cs_set_pass_last_set_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *pls_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, pls_time); -} - -NTSTATUS gums_cs_set_pass_can_change_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *pcc_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, pcc_time); -} - -NTSTATUS gums_cs_set_pass_must_change_time(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, NTTIME *pmc_time) -{ - if (com_set->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_set_nttime(mem_ctx, com_set, GUMS_SET_LOGON_TIME, pmc_time); -} - -NTSTATUS gums_cs_add_sids_to_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - GUMS_DATA_SET *data_set; - DOM_SID **new_sids; - int i; - - if (!mem_ctx || !com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data[0] = data_set; - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_ADD_SID_LIST; - new_sids = (DOM_SID **)talloc(mem_ctx, (sizeof(void *) * count)); - if (new_sids == NULL) - return NT_STATUS_NO_MEMORY; - for (i = 0; i < count; i++) { - new_sids[i] = sid_dup_talloc(mem_ctx, sids[i]); - if (new_sids[i] == NULL) - return NT_STATUS_NO_MEMORY; - } - - (SEC_DESC *)(data_set->data) = new_sids; - - return NT_STATUS_OK; -} - -NTSTATUS gums_cs_add_users_to_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - if (!mem_ctx || !com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_add_sids_to_group(mem_ctx, com_set, sids, count); -} - -NTSTATUS gums_cs_add_groups_to_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - if (!mem_ctx || !com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - return gums_cs_add_sids_to_group(mem_ctx, com_set, sids, count); -} - -NTSTATUS gums_cs_del_sids_from_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - GUMS_DATA_SET *data_set; - DOM_SID **new_sids; - int i; - - if (!mem_ctx || !com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data[0] = data_set; - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_DEL_SID_LIST; - new_sids = (DOM_SID **)talloc(mem_ctx, (sizeof(void *) * count)); - if (new_sids == NULL) - return NT_STATUS_NO_MEMORY; - for (i = 0; i < count; i++) { - new_sids[i] = sid_dup_talloc(mem_ctx, sids[i]); - if (new_sids[i] == NULL) - return NT_STATUS_NO_MEMORY; - } - - (SEC_DESC *)(data_set->data) = new_sids; - - return NT_STATUS_OK; -} - -NTSTATUS gums_ds_set_sids_in_group(TALLOC_CTX *mem_ctx, GUMS_COMMIT_SET *com_set, const DOM_SID **sids, const uint32 count) -{ - GUMS_DATA_SET *data_set; - DOM_SID **new_sids; - int i; - - if (!mem_ctx || !com_set || !sids) - return NT_STATUS_INVALID_PARAMETER; - if (com_set->type != GUMS_OBJ_GROUP || com_set->type != GUMS_OBJ_ALIAS) - return NT_STATUS_INVALID_PARAMETER; - - com_set->count = com_set->count + 1; - if (com_set->count == 1) { /* first data set */ - data_set = (GUMS_DATA_SET *)talloc(mem_ctx, sizeof(GUMS_DATA_SET)); - } else { - data_set = (GUMS_DATA_SET *)talloc_realloc(mem_ctx, com_set->data, sizeof(GUMS_DATA_SET) * com_set->count); - } - if (data_set == NULL) - return NT_STATUS_NO_MEMORY; - - com_set->data[0] = data_set; - data_set = ((com_set->data)[com_set->count - 1]); - - data_set->type = GUMS_SET_SID_LIST; - new_sids = (DOM_SID **)talloc(mem_ctx, (sizeof(void *) * count)); - if (new_sids == NULL) - return NT_STATUS_NO_MEMORY; - for (i = 0; i < count; i++) { - new_sids[i] = sid_dup_talloc(mem_ctx, sids[i]); - if (new_sids[i] == NULL) - return NT_STATUS_NO_MEMORY; - } - - (SEC_DESC *)(data_set->data) = new_sids; - - return NT_STATUS_OK; -} - - -NTSTATUS gums_commit_data(GUMS_COMMIT_SET *set) -{ - return gums_storage->set_object_values(&(set->sid), set->count, set->data); -} - -NTSTATUS gums_destroy_commit_set(GUMS_COMMIT_SET **com_set) -{ - talloc_destroy((*com_set)->mem_ctx); - *com_set = NULL; - - return NT_STATUS_OK; -} - diff --git a/source3/sam/gums_helper.c b/source3/sam/gums_helper.c deleted file mode 100644 index c22e6cf7ff..0000000000 --- a/source3/sam/gums_helper.c +++ /dev/null @@ -1,610 +0,0 @@ -/* - Unix SMB/CIFS implementation. - GUMS backends helper functions - Copyright (C) Simo Sorce 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -extern GUMS_FUNCTIONS *gums_storage; - -extern DOM_SID global_sid_World; -extern DOM_SID global_sid_Builtin_Administrators; -extern DOM_SID global_sid_Builtin_Power_Users; -extern DOM_SID global_sid_Builtin_Account_Operators; -extern DOM_SID global_sid_Builtin_Server_Operators; -extern DOM_SID global_sid_Builtin_Print_Operators; -extern DOM_SID global_sid_Builtin_Backup_Operators; -extern DOM_SID global_sid_Builtin_Replicator; -extern DOM_SID global_sid_Builtin_Users; -extern DOM_SID global_sid_Builtin_Guests; - - -/* defines */ - -#define ALLOC_CHECK(str, ptr, err, label) do { if ((ptr) == NULL) { DEBUG(0, ("%s: out of memory!\n", str)); err = NT_STATUS_NO_MEMORY; goto label; } } while(0) -#define NTSTATUS_CHECK(str1, str2, err, label) do { if (NT_STATUS_IS_ERR(err)) { DEBUG(0, ("%s: %s failed!\n", str1, str2)); } } while(0) - -/**************************************************************************** - Check if a user is a mapped group. - - This function will check if the group SID is mapped onto a - system managed gid or onto a winbind manged sid. - In the first case it will be threated like a mapped group - and the backend should take the member list with a getgrgid - and ignore any user that have been possibly set into the group - object. - - In the second case, the group is a fully SAM managed group - served back to the system through winbind. In this case the - members of a Local group are "unrolled" to cope with the fact - that unix cannot contain groups inside groups. - The backend MUST never call any getgr* / getpw* function or - loops with winbind may happen. - ****************************************************************************/ - -#if 0 -NTSTATUS is_mapped_group(BOOL *mapped, const DOM_SID *sid) -{ - NTSTATUS result; - gid_t id; - - /* look if mapping exist, do not make idmap alloc an uid if SID is not found */ - result = idmap_get_gid_from_sid(&id, sid, False); - if (NT_STATUS_IS_OK(result)) { - *mapped = gid_is_in_winbind_range(id); - } else { - *mapped = False; - } - - return result; -} -#endif - -/**************************************************************************** - duplicate alloc luid_attr - ****************************************************************************/ -NTSTATUS dupalloc_luid_attr(TALLOC_CTX *ctx, LUID_ATTR **new_la, LUID_ATTR old_la) -{ - *new_la = (LUID_ATTR *)talloc(ctx, sizeof(LUID_ATTR)); - if (*new_la == NULL) { - DEBUG(0,("dupalloc_luid_attr: could not Alloc memory to duplicate LUID_ATTR\n")); - return NT_STATUS_NO_MEMORY; - } - - (*new_la)->luid.high = old_la.luid.high; - (*new_la)->luid.low = old_la.luid.low; - (*new_la)->attr = old_la.attr; - - return NT_STATUS_OK; -} - -/**************************************************************************** - initialise a privilege list - ****************************************************************************/ -void gums_init_privilege(PRIVILEGE_SET *priv_set) -{ - priv_set->count=0; - priv_set->control=0; - priv_set->set=NULL; -} - -/**************************************************************************** - add a privilege to a privilege array - ****************************************************************************/ -NTSTATUS gums_add_privilege(PRIVILEGE_SET *priv_set, TALLOC_CTX *ctx, LUID_ATTR set) -{ - LUID_ATTR *new_set; - - /* check if the privilege is not already in the list */ - if (gums_check_priv_in_privilege(priv_set, set)) - return NT_STATUS_UNSUCCESSFUL; - - /* we can allocate memory to add the new privilege */ - - new_set=(LUID_ATTR *)talloc_realloc(ctx, priv_set->set, (priv_set->count+1)*(sizeof(LUID_ATTR))); - if (new_set==NULL) { - DEBUG(0,("add_privilege: could not Realloc memory to add a new privilege\n")); - return NT_STATUS_NO_MEMORY; - } - - new_set[priv_set->count].luid.high=set.luid.high; - new_set[priv_set->count].luid.low=set.luid.low; - new_set[priv_set->count].attr=set.attr; - - priv_set->count++; - priv_set->set=new_set; - - return NT_STATUS_OK; -} - -/**************************************************************************** - add all the privileges to a privilege array - ****************************************************************************/ -NTSTATUS gums_add_all_privilege(PRIVILEGE_SET *priv_set, TALLOC_CTX *ctx) -{ - NTSTATUS result = NT_STATUS_OK; - LUID_ATTR set; - - set.attr=0; - set.luid.high=0; - - set.luid.low=SE_PRIV_ADD_USERS; - result = gums_add_privilege(priv_set, ctx, set); - NTSTATUS_CHECK("add_all_privilege", "add_privilege", result, done); - - set.luid.low=SE_PRIV_ADD_MACHINES; - result = gums_add_privilege(priv_set, ctx, set); - NTSTATUS_CHECK("add_all_privilege", "add_privilege", result, done); - - set.luid.low=SE_PRIV_PRINT_OPERATOR; - result = gums_add_privilege(priv_set, ctx, set); - NTSTATUS_CHECK("add_all_privilege", "add_privilege", result, done); - -done: - return result; -} - -/**************************************************************************** - check if the privilege list is empty - ****************************************************************************/ -BOOL gums_check_empty_privilege(PRIVILEGE_SET *priv_set) -{ - return (priv_set->count == 0); -} - -/**************************************************************************** - check if the privilege is in the privilege list - ****************************************************************************/ -BOOL gums_check_priv_in_privilege(PRIVILEGE_SET *priv_set, LUID_ATTR set) -{ - int i; - - /* if the list is empty, obviously we can't have it */ - if (gums_check_empty_privilege(priv_set)) - return False; - - for (i=0; i<priv_set->count; i++) { - LUID_ATTR *cur_set; - - cur_set=&priv_set->set[i]; - /* check only the low and high part. Checking the attr field has no meaning */ - if( (cur_set->luid.low==set.luid.low) && (cur_set->luid.high==set.luid.high) ) - return True; - } - - return False; -} - -/**************************************************************************** - remove a privilege from a privilege array - ****************************************************************************/ -NTSTATUS gums_remove_privilege(PRIVILEGE_SET *priv_set, TALLOC_CTX *ctx, LUID_ATTR set) -{ - LUID_ATTR *new_set; - LUID_ATTR *old_set; - int i,j; - - /* check if the privilege is in the list */ - if (!gums_check_priv_in_privilege(priv_set, set)) - return NT_STATUS_UNSUCCESSFUL; - - /* special case if it's the only privilege in the list */ - if (priv_set->count==1) { - gums_init_privilege(priv_set); - return NT_STATUS_OK; - } - - /* - * the privilege is there, create a new list, - * and copy the other privileges - */ - - old_set = priv_set->set; - - new_set=(LUID_ATTR *)talloc(ctx, (priv_set->count - 1) * (sizeof(LUID_ATTR))); - if (new_set==NULL) { - DEBUG(0,("remove_privilege: could not malloc memory for new privilege list\n")); - return NT_STATUS_NO_MEMORY; - } - - for (i=0, j=0; i<priv_set->count; i++) { - if ((old_set[i].luid.low == set.luid.low) && - (old_set[i].luid.high == set.luid.high)) { - continue; - } - - new_set[j].luid.low = old_set[i].luid.low; - new_set[j].luid.high = old_set[i].luid.high; - new_set[j].attr = old_set[i].attr; - - j++; - } - - if (j != priv_set->count - 1) { - DEBUG(0,("remove_privilege: mismatch ! difference is not -1\n")); - DEBUGADD(0,("old count:%d, new count:%d\n", priv_set->count, j)); - return NT_STATUS_INTERNAL_ERROR; - } - - /* ok everything is fine */ - - priv_set->count--; - priv_set->set=new_set; - - return NT_STATUS_OK; -} - -/**************************************************************************** - duplicates a privilege array - ****************************************************************************/ -NTSTATUS gums_dup_priv_set(PRIVILEGE_SET **new_priv_set, TALLOC_CTX *mem_ctx, PRIVILEGE_SET *priv_set) -{ - LUID_ATTR *new_set; - LUID_ATTR *old_set; - int i; - - *new_priv_set = (PRIVILEGE_SET *)talloc(mem_ctx, sizeof(PRIVILEGE_SET)); - gums_init_privilege(*new_priv_set); - - /* special case if there are no privileges in the list */ - if (priv_set->count == 0) { - return NT_STATUS_OK; - } - - /* - * create a new list, - * and copy the other privileges - */ - - old_set = priv_set->set; - - new_set = (LUID_ATTR *)talloc(mem_ctx, (priv_set->count - 1) * (sizeof(LUID_ATTR))); - if (new_set==NULL) { - DEBUG(0,("remove_privilege: could not malloc memory for new privilege list\n")); - return NT_STATUS_NO_MEMORY; - } - - for (i=0; i < priv_set->count; i++) { - - new_set[i].luid.low = old_set[i].luid.low; - new_set[i].luid.high = old_set[i].luid.high; - new_set[i].attr = old_set[i].attr; - } - - (*new_priv_set)->count = priv_set->count; - (*new_priv_set)->control = priv_set->control; - (*new_priv_set)->set = new_set; - - return NT_STATUS_OK; -} - -#define ALIAS_DEFAULT_SACL_SA_RIGHTS 0x01050013 -#define ALIAS_DEFAULT_DACL_SA_RIGHTS \ - (READ_CONTROL_ACCESS | \ - SA_RIGHT_ALIAS_LOOKUP_INFO | \ - SA_RIGHT_ALIAS_GET_MEMBERS) /* 0x0002000c */ - -#define ALIAS_DEFAULT_SACL_SEC_ACE_FLAG (SEC_ACE_FLAG_FAILED_ACCESS | SEC_ACE_FLAG_SUCCESSFUL_ACCESS) /* 0xc0 */ - - -#if 0 -NTSTATUS create_builtin_alias_default_sec_desc(SEC_DESC **sec_desc, TALLOC_CTX *ctx) -{ - DOM_SID *world = &global_sid_World; - DOM_SID *admins = &global_sid_Builtin_Administrators; - SEC_ACCESS sa; - SEC_ACE sacl_ace; - SEC_ACE dacl_aces[2]; - SEC_ACL *sacl = NULL; - SEC_ACL *dacl = NULL; - size_t psize; - - init_sec_access(&sa, ALIAS_DEFAULT_SACL_SA_RIGHTS); - init_sec_ace(&sacl_ace, world, SEC_ACE_TYPE_SYSTEM_AUDIT, sa, ALIAS_DEFAULT_SACL_SEC_ACE_FLAG); - - sacl = make_sec_acl(ctx, NT4_ACL_REVISION, 1, &sacl_ace); - if (!sacl) { - DEBUG(0, ("build_init_sec_desc: Failed to make SEC_ACL.\n")); - return NT_STATUS_NO_MEMORY; - } - - init_sec_access(&sa, ALIAS_DEFAULT_DACL_SA_RIGHTS); - init_sec_ace(&(dacl_aces[0]), world, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0); - init_sec_access(&sa, SA_RIGHT_ALIAS_ALL_ACCESS); - init_sec_ace(&(dacl_aces[1]), admins, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0); - - dacl = make_sec_acl(ctx, NT4_ACL_REVISION, 2, dacl_aces); - if (!sacl) { - DEBUG(0, ("build_init_sec_desc: Failed to make SEC_ACL.\n")); - return NT_STATUS_NO_MEMORY; - } - - *sec_desc = make_sec_desc(ctx, SEC_DESC_REVISION, admins, admins, sacl, dacl, &psize); - if (!(*sec_desc)) { - DEBUG(0,("get_share_security: Failed to make SEC_DESC.\n")); - return NT_STATUS_NO_MEMORY; - } - - return NT_STATUS_OK; -} - -NTSTATUS sec_desc_add_ace_to_dacl(SEC_DESC *sec_desc, TALLOC_CTX *ctx, DOM_SID *sid, uint32 mask) -{ - NTSTATUS result; - SEC_ACE *new_aces; - unsigned num_aces; - int i; - - num_aces = sec_desc->dacl->num_aces + 1; - result = sec_ace_add_sid(ctx, &new_aces, sec_desc->dacl->ace, &num_aces, sid, mask); - if (NT_STATUS_IS_OK(result)) { - sec_desc->dacl->ace = new_aces; - sec_desc->dacl->num_aces = num_aces; - sec_desc->dacl->size = SEC_ACL_HEADER_SIZE; - for (i = 0; i < num_aces; i++) { - sec_desc->dacl->size += sec_desc->dacl->ace[i].size; - } - } - return result; -} - -NTSTATUS gums_init_builtin_groups(void) -{ - NTSTATUS result; - GUMS_OBJECT g_obj; - GUMS_GROUP *g_grp; - GUMS_PRIVILEGE g_priv; - - /* Build the well known Builtin Local Groups */ - g_obj.type = GUMS_OBJ_GROUP; - g_obj.version = 1; - g_obj.seq_num = 0; - g_obj.mem_ctx = talloc_init("gums_init_backend_acct"); - if (g_obj.mem_ctx == NULL) { - DEBUG(0, ("gums_init_backend: Out of Memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - /* Administrators * / - - /* alloc group structure */ - g_obj.data.group = (GUMS_GROUP *)talloc(g_obj.mem_ctx, sizeof(GUMS_GROUP)); - ALLOC_CHECK("gums_init_backend", g_obj.data.group, result, done); - - /* make admins sid */ - g_grp = (GUMS_GROUP *)g_obj.data.group; - sid_copy(g_obj.sid, &global_sid_Builtin_Administrators); - - /* make security descriptor */ - result = create_builtin_alias_default_sec_desc(&(g_obj.sec_desc), g_obj.mem_ctx); - NTSTATUS_CHECK("gums_init_backend", "create_builtin_alias_default_sec_desc", result, done); - - /* make privilege set */ - /* From BDC join trace: - SeSecurityPrivilege - SeBackupPrivilege - SeRestorePrivilege - SeSystemtimePrivilege - SeShutdownPrivilege - SeRemoteShutdownPrivilege - SeTakeOwnershipPrivilege - SeDebugPrivilege - SeSystemEnvironmentPrivilege - SeSystemProfilePrivilege - SeProfileSingleProcessPrivilege - SeIncreaseBasePriorityPrivilege - SeLocalDriverPrivilege - SeCreatePagefilePrivilege - SeIncreaseQuotaPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Administrators"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can fully administer the computer/domain"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* numebr of group members */ - g_grp->count = 0; - g_grp->members = NULL; - - /* store Administrators group */ - result = gums_storage->set_object(&g_obj); - - /* Power Users */ - /* Domain Controllers Does NOT have power Users */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Power_Users); - - /* make privilege set */ - /* SE_PRIV_??? */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Power Users"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ -/* > */ g_obj.description = talloc_strdup(g_obj.mem_ctx, "Power Users"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Power Users group */ - result = gums_storage->set_object(&g_obj); - - /* Account Operators */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Account_Operators); - - /* make privilege set */ - /* From BDC join trace: - SeShutdownPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Account Operators"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can administer domain user and group accounts"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Account Operators group */ - result = gums_storage->set_object(&g_obj); - - /* Server Operators */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Server_Operators); - - /* make privilege set */ - /* From BDC join trace: - SeBackupPrivilege - SeRestorePrivilege - SeSystemtimePrivilege - SeShutdownPrivilege - SeRemoteShutdownPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Server Operators"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can administer domain servers"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Server Operators group */ - result = gums_storage->set_object(&g_obj); - - /* Print Operators */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Print_Operators); - - /* make privilege set */ - /* From BDC join trace: - SeShutdownPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Print Operators"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can administer domain printers"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Print Operators group */ - result = gums_storage->set_object(&g_obj); - - /* Backup Operators */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Backup_Operators); - - /* make privilege set */ - /* From BDC join trace: - SeBackupPrivilege - SeRestorePrivilege - SeShutdownPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Backup Operators"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Members can bypass file security to backup files"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Backup Operators group */ - result = gums_storage->set_object(&g_obj); - - /* Replicator */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Replicator); - - /* make privilege set */ - /* From BDC join trace: - SeBackupPrivilege - SeRestorePrivilege - SeShutdownPrivilege - */ - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Replicator"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Supports file replication in a domain"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Replicator group */ - result = gums_storage->set_object(&g_obj); - - /* Users */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Users); - - /* add ACE to sec dsec dacl */ - sec_desc_add_ace_to_dacl(g_obj.sec_desc, g_obj.mem_ctx, &global_sid_Builtin_Account_Operators, ALIAS_DEFAULT_DACL_SA_RIGHTS); - sec_desc_add_ace_to_dacl(g_obj.sec_desc, g_obj.mem_ctx, &global_sid_Builtin_Power_Users, ALIAS_DEFAULT_DACL_SA_RIGHTS); - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Users"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Ordinary users"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Users group */ - result = gums_storage->set_object(&g_obj); - - /* Guests */ - - sid_copy(g_obj.sid, &global_sid_Builtin_Guests); - - /* set name */ - g_obj.name = talloc_strdup(g_obj.mem_ctx, "Guests"); - ALLOC_CHECK("gums_init_backend", g_obj.name, result, done); - - /* set description */ - g_obj.description = talloc_strdup(g_obj.mem_ctx, "Users granted guest access to the computer/domain"); - ALLOC_CHECK("gums_init_backend", g_obj.description, result, done); - - /* store Guests group */ - result = gums_storage->set_object(&g_obj); - - /* set default privileges */ - g_priv.type = GUMS_OBJ_GROUP; - g_priv.version = 1; - g_priv.seq_num = 0; - g_priv.mem_ctx = talloc_init("gums_init_backend_priv"); - if (g_priv.mem_ctx == NULL) { - DEBUG(0, ("gums_init_backend: Out of Memory!\n")); - return NT_STATUS_NO_MEMORY; - } - - - -done: - talloc_destroy(g_obj.mem_ctx); - talloc_destroy(g_priv.mem_ctx); - return result; -} -#endif - diff --git a/source3/sam/idmap.c b/source3/sam/idmap.c deleted file mode 100644 index 06fcc5a956..0000000000 --- a/source3/sam/idmap.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Winbind ID Mapping - Copyright (C) Tim Potter 2000 - Copyright (C) Anthony Liguori <aliguor@us.ibm.com> 2003 - Copyright (C) Simo Sorce 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_IDMAP - -static struct { - - const char *name; - /* Function to create a member of the idmap_methods list */ - NTSTATUS (*reg_meth)(struct idmap_methods **methods); - struct idmap_methods *methods; - -} remote_idmap_functions[] = { - - { "winbind", idmap_reg_winbind, NULL }, - { NULL, NULL, NULL } - -}; - -static struct idmap_methods *local_map; -static struct idmap_methods *remote_map; - -static struct idmap_methods *get_methods(const char *name) -{ - int i = 0; - struct idmap_methods *ret = NULL; - - while (remote_idmap_functions[i].name && strcmp(remote_idmap_functions[i].name, name)) { - i++; - } - - if (remote_idmap_functions[i].name) { - - if (!remote_idmap_functions[i].methods) { - remote_idmap_functions[i].reg_meth(&remote_idmap_functions[i].methods); - } - - ret = remote_idmap_functions[i].methods; - } - - return ret; -} - -/* Initialize backend */ -BOOL idmap_init(const char *remote_backend) -{ - if (!local_map) { - idmap_reg_tdb(&local_map); - local_map->init(); - } - - if (!remote_map && remote_backend && *remote_backend != 0) { - DEBUG(3, ("load_methods: using '%s' as remote backend\n", remote_backend)); - - remote_map = get_methods(remote_backend); - if (!remote_map) { - DEBUG(0, ("load_methods: could not load remote backend '%s'\n", remote_backend)); - return False; - } - remote_map->init(); - } - - return True; -} - -NTSTATUS idmap_set_mapping(const DOM_SID *sid, unid_t id, int id_type) -{ - NTSTATUS ret; - - ret = local_map->set_mapping(sid, id, id_type); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG (0, ("idmap_set_mapping: Error, unable to modify local cache!\n")); - DEBUGADD(0, ("Error num. %d", NT_STATUS_V(ret))); - return ret; - } - - /* Being able to update the remote cache is seldomly right. - Generally this is a forbidden operation. */ - if (!(id_type & ID_CACHE) && (remote_map != NULL)) { - remote_map->set_mapping(sid, id, id_type); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG (0, ("idmap_set_mapping: Error, unable to modify remote cache!\n")); - DEBUGADD(0, ("Error num. %d", NT_STATUS_V(ret))); - } - } - - return ret; -} - -/* Get ID from SID */ -NTSTATUS idmap_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid) -{ - NTSTATUS ret; - int loc_type; - - loc_type = *id_type; - if (remote_map) { /* We have a central remote idmap */ - loc_type |= ID_NOMAP; - } - ret = local_map->get_id_from_sid(id, &loc_type, sid); - if (NT_STATUS_IS_ERR(ret)) { - if (remote_map) { - ret = remote_map->get_id_from_sid(id, id_type, sid); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(3, ("idmap_get_id_from_sid: error fetching id!\n")); - return ret; - } else { - loc_type |= ID_CACHE; - idmap_set_mapping(sid, *id, loc_type); - } - } - } else { - *id_type = loc_type & ID_TYPEMASK; - } - - return ret; -} - -/* Get SID from ID */ -NTSTATUS idmap_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type) -{ - NTSTATUS ret; - int loc_type; - - loc_type = id_type; - if (remote_map) { - loc_type = id_type | ID_NOMAP; - } - ret = local_map->get_sid_from_id(sid, id, loc_type); - if (NT_STATUS_IS_ERR(ret)) { - if (remote_map) { - ret = remote_map->get_sid_from_id(sid, id, id_type); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(3, ("idmap_get_sid_from_id: unable to fetch sid!\n")); - return ret; - } else { - loc_type |= ID_CACHE; - idmap_set_mapping(sid, id, loc_type); - } - } - } - - return ret; -} - -/* Close backend */ -NTSTATUS idmap_close(void) -{ - NTSTATUS ret; - - ret = local_map->close(); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(3, ("idmap_close: failed to close local cache!\n")); - } - - if (remote_map) { - ret = remote_map->close(); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(3, ("idmap_close: failed to close remote idmap repository!\n")); - } - } - - return ret; -} - -/* Dump backend status */ -void idmap_status(void) -{ - local_map->status(); - if (remote_map) remote_map->status(); -} - diff --git a/source3/sam/idmap_tdb.c b/source3/sam/idmap_tdb.c deleted file mode 100644 index 7080ac56e6..0000000000 --- a/source3/sam/idmap_tdb.c +++ /dev/null @@ -1,389 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - idmap TDB backend - - Copyright (C) Tim Potter 2000 - Copyright (C) Anthony Liguori 2003 - Copyright (C) Simo Sorce 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_IDMAP - -/* High water mark keys */ -#define HWM_GROUP "GROUP HWM" -#define HWM_USER "USER HWM" - -/* idmap version determines auto-conversion */ -#define IDMAP_VERSION 2 - -/* Globals */ -static TDB_CONTEXT *idmap_tdb; - -static struct idmap_state { - - /* User and group id pool */ - - uid_t uid_low, uid_high; /* Range of uids to allocate */ - gid_t gid_low, gid_high; /* Range of gids to allocate */ -} idmap_state; - -/* Allocate either a user or group id from the pool */ -static NTSTATUS db_allocate_id(unid_t *id, int id_type) -{ - int hwm; - - if (!id) return NT_STATUS_INVALID_PARAMETER; - - /* Get current high water mark */ - switch (id_type & ID_TYPEMASK) { - case ID_USERID: - if ((hwm = tdb_fetch_int32(idmap_tdb, HWM_USER)) == -1) { - return NT_STATUS_INTERNAL_DB_ERROR; - } - - if (hwm > idmap_state.uid_high) { - DEBUG(0, ("idmap Fatal Error: UID range full!!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - (*id).uid = hwm++; - - /* Store new high water mark */ - tdb_store_int32(idmap_tdb, HWM_USER, hwm); - break; - case ID_GROUPID: - if ((hwm = tdb_fetch_int32(idmap_tdb, HWM_GROUP)) == -1) { - return NT_STATUS_INTERNAL_DB_ERROR; - } - - if (hwm > idmap_state.gid_high) { - DEBUG(0, ("idmap Fatal Error: GID range full!!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - (*id).gid = hwm++; - - /* Store new high water mark */ - tdb_store_int32(idmap_tdb, HWM_GROUP, hwm); - break; - default: - return NT_STATUS_INVALID_PARAMETER; - } - - return NT_STATUS_OK; -} - -/* Get a sid from an id */ -static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type) -{ - TDB_DATA key, data; - fstring keystr; - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - if (!sid) return NT_STATUS_INVALID_PARAMETER; - - switch (id_type & ID_TYPEMASK) { - case ID_USERID: - slprintf(keystr, sizeof(keystr), "UID %d", id.uid); - break; - case ID_GROUPID: - slprintf(keystr, sizeof(keystr), "GID %d", id.gid); - break; - default: - return NT_STATUS_UNSUCCESSFUL; - } - - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - data = tdb_fetch(idmap_tdb, key); - - if (data.dptr) { - if (string_to_sid(sid, data.dptr)) { - ret = NT_STATUS_OK; - } - SAFE_FREE(data.dptr); - } - - return ret; -} - -/* Get an id from a sid */ -static NTSTATUS db_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid) -{ - TDB_DATA data, key; - fstring keystr; - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - if (!sid || !id || !id_type) return NT_STATUS_INVALID_PARAMETER; - - /* Check if sid is present in database */ - sid_to_string(keystr, sid); - - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - data = tdb_fetch(idmap_tdb, key); - - if (data.dptr) { - int type = *id_type & ID_TYPEMASK; - fstring scanstr; - - if (type == ID_EMPTY || type == ID_USERID) { - /* Parse and return existing uid */ - fstrcpy(scanstr, "UID %d"); - - if (sscanf(data.dptr, scanstr, &((*id).uid)) == 1) { - /* uid ok? */ - if (type == ID_EMPTY) { - *id_type = ID_USERID; - } - ret = NT_STATUS_OK; - goto idok; - } - } - - if (type == ID_EMPTY || type == ID_GROUPID) { - /* Parse and return existing gid */ - fstrcpy(scanstr, "GID %d"); - - if (sscanf(data.dptr, scanstr, &((*id).gid)) == 1) { - /* gid ok? */ - if (type == ID_EMPTY) { - *id_type = ID_GROUPID; - } - ret = NT_STATUS_OK; - } - } -idok: - SAFE_FREE(data.dptr); - - } else if (!(*id_type & ID_NOMAP) && - (((*id_type & ID_TYPEMASK) == ID_USERID) - || (*id_type & ID_TYPEMASK) == ID_GROUPID)) { - - /* Allocate a new id for this sid */ - ret = db_allocate_id(id, *id_type); - if (NT_STATUS_IS_OK(ret)) { - fstring keystr2; - - /* Store new id */ - if (*id_type & ID_USERID) { - slprintf(keystr2, sizeof(keystr2), "UID %d", (*id).uid); - } else { - slprintf(keystr2, sizeof(keystr2), "GID %d", (*id).gid); - } - - data.dptr = keystr2; - data.dsize = strlen(keystr2) + 1; - - if (tdb_store(idmap_tdb, key, data, TDB_REPLACE) == -1) { - /* TODO: print tdb error !! */ - return NT_STATUS_UNSUCCESSFUL; - } - if (tdb_store(idmap_tdb, data, key, TDB_REPLACE) == -1) { - /* TODO: print tdb error !! */ - return NT_STATUS_UNSUCCESSFUL; - } - - ret = NT_STATUS_OK; - } - } - - return ret; -} - -static NTSTATUS db_set_mapping(DOM_SID *sid, unid_t id, int id_type) -{ - TDB_DATA ksid, kid; - fstring ksidstr; - fstring kidstr; - - if (!sid) return NT_STATUS_INVALID_PARAMETER; - - sid_to_string(ksidstr, sid); - - ksid.dptr = ksidstr; - ksid.dsize = strlen(ksidstr) + 1; - - if (id_type & ID_USERID) { - slprintf(kidstr, sizeof(kidstr), "UID %d", id.uid); - } else if (id_type & ID_GROUPID) { - slprintf(kidstr, sizeof(kidstr), "GID %d", id.gid); - } else { - return NT_STATUS_INVALID_PARAMETER; - } - - kid.dptr = kidstr; - kid.dsize = strlen(kidstr) + 1; - - if (tdb_store(idmap_tdb, ksid, kid, TDB_INSERT) == -1) { - DEBUG(0, ("idb_set_mapping: tdb_store 1 error: %s", tdb_errorstr(idmap_tdb))); - return NT_STATUS_UNSUCCESSFUL; - } - if (tdb_store(idmap_tdb, kid, ksid, TDB_INSERT) == -1) { - DEBUG(0, ("idb_set_mapping: tdb_store 2 error: %s", tdb_errorstr(idmap_tdb))); - return NT_STATUS_UNSUCCESSFUL; - } - return NT_STATUS_OK; -} - -/***************************************************************************** - Initialise idmap database. -*****************************************************************************/ -static NTSTATUS db_idmap_init(void) -{ - SMB_STRUCT_STAT stbuf; - - /* move to the new database on first startup */ - if (!file_exist(lock_path("idmap.tdb"), &stbuf)) { - if (file_exist(lock_path("winbindd_idmap.tdb"), &stbuf)) { - DEBUG(0, ("idmap_init: winbindd_idmap.tdb is present and idmap.tdb is not!\nPlease RUN winbindd first to convert the db to the new format!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - } - - /* Open tdb cache */ - if (!(idmap_tdb = tdb_open_log(lock_path("idmap.tdb"), 0, - TDB_DEFAULT, O_RDWR | O_CREAT, - 0600))) { - DEBUG(0, ("idmap_init: Unable to open idmap database\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - /* Create high water marks for group and user id */ - if (tdb_fetch_int32(idmap_tdb, HWM_USER) == -1) { - if (tdb_store_int32(idmap_tdb, HWM_USER, idmap_state.uid_low) == -1) { - DEBUG(0, ("idmap_init: Unable to initialise user hwm in idmap database\n")); - return NT_STATUS_INTERNAL_DB_ERROR; - } - } - - if (tdb_fetch_int32(idmap_tdb, HWM_GROUP) == -1) { - if (tdb_store_int32(idmap_tdb, HWM_GROUP, idmap_state.gid_low) == -1) { - DEBUG(0, ("idmap_init: Unable to initialise group hwm in idmap database\n")); - return NT_STATUS_INTERNAL_DB_ERROR; - } - } - - return NT_STATUS_OK; -} - -/* Close the tdb */ -static NTSTATUS db_idmap_close(void) -{ - if (idmap_tdb) { - if (tdb_close(idmap_tdb) == 0) { - return NT_STATUS_OK; - } else { - return NT_STATUS_UNSUCCESSFUL; - } - } - return NT_STATUS_OK; -} - - -/* Dump status information to log file. Display different stuff based on - the debug level: - - Debug Level Information Displayed - ================================================================= - 0 Percentage of [ug]id range allocated - 0 High water marks (next allocated ids) -*/ - -#define DUMP_INFO 0 - -static void db_idmap_status(void) -{ - int user_hwm, group_hwm; - - DEBUG(0, ("winbindd idmap status:\n")); - - /* Get current high water marks */ - - if ((user_hwm = tdb_fetch_int32(idmap_tdb, HWM_USER)) == -1) { - DEBUG(DUMP_INFO, - ("\tCould not get userid high water mark!\n")); - } - - if ((group_hwm = tdb_fetch_int32(idmap_tdb, HWM_GROUP)) == -1) { - DEBUG(DUMP_INFO, - ("\tCould not get groupid high water mark!\n")); - } - - /* Display next ids to allocate */ - - if (user_hwm != -1) { - DEBUG(DUMP_INFO, - ("\tNext userid to allocate is %d\n", user_hwm)); - } - - if (group_hwm != -1) { - DEBUG(DUMP_INFO, - ("\tNext groupid to allocate is %d\n", group_hwm)); - } - - /* Display percentage of id range already allocated. */ - - if (user_hwm != -1) { - int num_users = user_hwm - idmap_state.uid_low; - int total_users = - idmap_state.uid_high - idmap_state.uid_low; - - DEBUG(DUMP_INFO, - ("\tUser id range is %d%% full (%d of %d)\n", - num_users * 100 / total_users, num_users, - total_users)); - } - - if (group_hwm != -1) { - int num_groups = group_hwm - idmap_state.gid_low; - int total_groups = - idmap_state.gid_high - idmap_state.gid_low; - - DEBUG(DUMP_INFO, - ("\tGroup id range is %d%% full (%d of %d)\n", - num_groups * 100 / total_groups, num_groups, - total_groups)); - } - - /* Display complete mapping of users and groups to rids */ -} - -struct idmap_methods db_methods = { - - db_idmap_init, - db_get_sid_from_id, - db_get_id_from_sid, - db_set_mapping, - db_idmap_close, - db_idmap_status - -}; - -NTSTATUS idmap_reg_tdb(struct idmap_methods **meth) -{ - *meth = &db_methods; - - return NT_STATUS_OK; -} - diff --git a/source3/sam/idmap_winbind.c b/source3/sam/idmap_winbind.c deleted file mode 100644 index d89c9e7bac..0000000000 --- a/source3/sam/idmap_winbind.c +++ /dev/null @@ -1,155 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - idmap Winbind backend - - Copyright (C) Simo Sorce 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "nsswitch/winbind_nss.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_IDMAP - -extern DOM_SID global_sid_NULL; /* NULL sid */ - -NSS_STATUS winbindd_request(int req_type, - struct winbindd_request *request, - struct winbindd_response *response); - -/* Get a sid from an id */ -static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type) -{ - struct winbindd_request request; - struct winbindd_response response; - int result, operation; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - switch (id_type & ID_TYPEMASK) { - case ID_USERID: - request.data.uid = id.uid; - operation = WINBINDD_UID_TO_SID; - break; - case ID_GROUPID: - request.data.gid = id.gid; - operation = WINBINDD_GID_TO_SID; - break; - default: - return NT_STATUS_INVALID_PARAMETER; - } - - /* Make The Request */ - result = winbindd_request(operation, &request, &response); - if (result == NSS_STATUS_SUCCESS) { - if (!string_to_sid(sid, response.data.sid.sid)) { - return NT_STATUS_INVALID_SID; - } - return NT_STATUS_OK; - } else { - sid_copy(sid, &global_sid_NULL); - } - - return NT_STATUS_UNSUCCESSFUL; -} - -/* Get an id from a sid */ -static NTSTATUS db_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - int result, operation; - fstring sid_str; - - if (!id || !id_type) { - return NT_STATUS_INVALID_PARAMETER; - } - - /* setup request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - switch (*id_type & ID_TYPEMASK) { - case ID_USERID: - operation = WINBINDD_SID_TO_UID; - break; - case ID_GROUPID: - operation = WINBINDD_SID_TO_GID; - break; - default: - return NT_STATUS_INVALID_PARAMETER; - } - - sid_to_string(sid_str, sid); - fstrcpy(request.data.sid, sid_str); - - /* Make The Request */ - result = winbindd_request(operation, &request, &response); - - if (result == NSS_STATUS_SUCCESS) { - if (operation == WINBINDD_SID_TO_UID) { - (*id).uid = response.data.uid; - } else { - (*id).gid = response.data.gid; - } - return NT_STATUS_OK; - } - - return NT_STATUS_UNSUCCESSFUL; -} - -static NTSTATUS db_set_mapping(DOM_SID *sid, unid_t id, int id_type) { - return NT_STATUS_UNSUCCESSFUL; -} - -/***************************************************************************** - Initialise idmap database. -*****************************************************************************/ -static NTSTATUS db_init(void) { - return NT_STATUS_OK; -} - -/* Close the tdb */ -static NTSTATUS db_close(void) { - return NT_STATUS_OK; -} - -static void db_status(void) { - return; -} - -struct idmap_methods winbind_methods = { - - db_init, - db_get_sid_from_id, - db_get_id_from_sid, - db_set_mapping, - db_close, - db_status - -}; - -NTSTATUS idmap_reg_winbind(struct idmap_methods **meth) -{ - *meth = &winbind_methods; - - return NT_STATUS_OK; -} - diff --git a/source3/sam/interface.c b/source3/sam/interface.c deleted file mode 100644 index 51ae561999..0000000000 --- a/source3/sam/interface.c +++ /dev/null @@ -1,1338 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Password and authentication handling - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Jelmer Vernooij 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Kai Krüger 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -extern DOM_SID global_sid_Builtin; - -/** List of various built-in sam modules */ - -const struct sam_init_function_entry builtin_sam_init_functions[] = { - { "plugin", sam_init_plugin }, -#ifdef HAVE_LDAP - { "ads", sam_init_ads }, -#endif - { "skel", sam_init_skel }, - { NULL, NULL} -}; - - -static NTSTATUS sam_get_methods_by_sid(const SAM_CONTEXT *context, SAM_METHODS **sam_method, const DOM_SID *domainsid) -{ - SAM_METHODS *tmp_methods; - - DEBUG(5,("sam_get_methods_by_sid: %d\n", __LINE__)); - - /* invalid sam_context specified */ - SAM_ASSERT(context && context->methods); - - tmp_methods = context->methods; - - while (tmp_methods) { - if (sid_equal(domainsid, &(tmp_methods->domain_sid))) - { - (*sam_method) = tmp_methods; - return NT_STATUS_OK; - } - tmp_methods = tmp_methods->next; - } - - DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", sid_string_static(domainsid))); - - return NT_STATUS_NO_SUCH_DOMAIN; -} - -static NTSTATUS sam_get_methods_by_name(const SAM_CONTEXT *context, SAM_METHODS **sam_method, const char *domainname) -{ - SAM_METHODS *tmp_methods; - - DEBUG(5,("sam_get_methods_by_name: %d\n", __LINE__)); - - /* invalid sam_context specified */ - SAM_ASSERT(context && context->methods); - - tmp_methods = context->methods; - - while (tmp_methods) { - if (strequal(domainname, tmp_methods->domain_name)) - { - (*sam_method) = tmp_methods; - return NT_STATUS_OK; - } - tmp_methods = tmp_methods->next; - } - - DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", domainname)); - - return NT_STATUS_NO_SUCH_DOMAIN; -} - -static NTSTATUS make_sam_methods(TALLOC_CTX *mem_ctx, SAM_METHODS **methods) -{ - *methods = talloc(mem_ctx, sizeof(SAM_METHODS)); - - if (!*methods) { - return NT_STATUS_NO_MEMORY; - } - - ZERO_STRUCTP(*methods); - - return NT_STATUS_OK; -} - -/****************************************************************** - Free and cleanup a sam context, any associated data and anything - that the attached modules might have associated. - *******************************************************************/ - -void free_sam_context(SAM_CONTEXT **context) -{ - SAM_METHODS *sam_selected = (*context)->methods; - - while (sam_selected) { - if (sam_selected->free_private_data) { - sam_selected->free_private_data(&(sam_selected->private_data)); - } - sam_selected = sam_selected->next; - } - - talloc_destroy((*context)->mem_ctx); - *context = NULL; -} - -/****************************************************************** - Make a backend_entry from scratch - *******************************************************************/ - -static NTSTATUS make_backend_entry(SAM_BACKEND_ENTRY *backend_entry, char *sam_backend_string) -{ - char *tmp = NULL; - char *tmp_string = sam_backend_string; - - DEBUG(5,("make_backend_entry: %d\n", __LINE__)); - - SAM_ASSERT(sam_backend_string && backend_entry); - - backend_entry->module_name = sam_backend_string; - - DEBUG(5,("makeing backend_entry for %s\n", backend_entry->module_name)); - - if ((tmp = strrchr(tmp_string, '|')) != NULL) { - DEBUGADD(20,("a domain name has been specified\n")); - *tmp = 0; - backend_entry->domain_name = smb_xstrdup(tmp + 1); - tmp_string = tmp + 1; - } - - if ((tmp = strchr(tmp_string, ':')) != NULL) { - DEBUG(20,("options for the backend have been specified\n")); - *tmp = 0; - backend_entry->module_params = smb_xstrdup(tmp + 1); - tmp_string = tmp + 1; - } - - if (backend_entry->domain_name == NULL) { - DEBUG(10,("make_backend_entry: no domain was specified for sam module %s. Using default domain %s\n", - backend_entry->module_name, lp_workgroup())); - backend_entry->domain_name = smb_xstrdup(lp_workgroup()); - } - - if ((backend_entry->domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID))) == NULL) { - DEBUG(0,("make_backend_entry: failed to malloc domain_sid\n")); - return NT_STATUS_NO_MEMORY; - } - - DEBUG(10,("looking up sid for domain %s\n", backend_entry->domain_name)); - - if (!secrets_fetch_domain_sid(backend_entry->domain_name, backend_entry->domain_sid)) { - DEBUG(2,("make_backend_entry: There is no SID stored for domain %s. Creating a new one.\n", - backend_entry->domain_name)); - DEBUG(0, ("FIXME in %s:%d\n", __FILE__, __LINE__)); - ZERO_STRUCTP(backend_entry->domain_sid); - } - - DEBUG(5,("make_backend_entry: module name: %s, module parameters: %s, domain name: %s, domain sid: %s\n", - backend_entry->module_name, backend_entry->module_params, backend_entry->domain_name, sid_string_static(backend_entry->domain_sid))); - - return NT_STATUS_OK; -} - -/****************************************************************** - create sam_methods struct based on sam_backend_entry - *****************************************************************/ - -static NTSTATUS make_sam_methods_backend_entry(SAM_CONTEXT *context, SAM_METHODS **methods_ptr, SAM_BACKEND_ENTRY *backend_entry) -{ - NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; - SAM_METHODS *methods; - int i; - - DEBUG(5,("make_sam_methods_backend_entry: %d\n", __LINE__)); - - if (!NT_STATUS_IS_OK(nt_status = make_sam_methods(context->mem_ctx, methods_ptr))) { - return nt_status; - } - - methods = *methods_ptr; - methods->backendname = talloc_strdup(context->mem_ctx, backend_entry->module_name); - methods->domain_name = talloc_strdup(context->mem_ctx, backend_entry->domain_name); - sid_copy(&methods->domain_sid, backend_entry->domain_sid); - methods->parent = context; - - DEBUG(5,("Attempting to find sam backend %s\n", backend_entry->module_name)); - for (i = 0; builtin_sam_init_functions[i].module_name; i++) - { - if (strequal(builtin_sam_init_functions[i].module_name, backend_entry->module_name)) - { - DEBUG(5,("Found sam backend %s (at pos %d)\n", backend_entry->module_name, i)); - DEBUGADD(5,("initialising it with options=%s for domain %s\n", backend_entry->module_params, sid_string_static(backend_entry->domain_sid))); - nt_status = builtin_sam_init_functions[i].init(methods, backend_entry->module_params); - if (NT_STATUS_IS_OK(nt_status)) { - DEBUG(5,("sam backend %s has a valid init\n", backend_entry->module_name)); - } else { - DEBUG(2,("sam backend %s did not correctly init (error was %s)\n", - backend_entry->module_name, nt_errstr(nt_status))); - } - return nt_status; - } - } - - DEBUG(2,("could not find backend %s\n", backend_entry->module_name)); - - return NT_STATUS_INVALID_PARAMETER; -} - -static NTSTATUS sam_context_check_default_backends(SAM_CONTEXT *context) -{ - SAM_BACKEND_ENTRY entry; - DOM_SID *global_sam_sid = get_global_sam_sid(); /* lp_workgroup doesn't play nicely with multiple domains */ - SAM_METHODS *methods, *tmpmethods; - NTSTATUS ntstatus; - - DEBUG(5,("sam_context_check_default_backends: %d\n", __LINE__)); - - /* Make sure domain lp_workgroup() is available */ - - ntstatus = sam_get_methods_by_sid(context, &methods, &global_sid_Builtin); - - if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_NO_SUCH_DOMAIN)) { - DEBUG(4,("There was no backend specified for domain %s(%s); using %s\n", - lp_workgroup(), sid_string_static(global_sam_sid), SAM_DEFAULT_BACKEND)); - - SAM_ASSERT(global_sam_sid); - - entry.module_name = SAM_DEFAULT_BACKEND; - entry.module_params = NULL; - entry.domain_name = lp_workgroup(); - entry.domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); - sid_copy(entry.domain_sid, global_sam_sid); - - if (!NT_STATUS_IS_OK(ntstatus = make_sam_methods_backend_entry(context, &methods, &entry))) { - DEBUG(4,("make_sam_methods_backend_entry failed\n")); - return ntstatus; - } - - DLIST_ADD_END(context->methods, methods, tmpmethods); - - } else if (!NT_STATUS_IS_OK(ntstatus)) { - DEBUG(2, ("sam_get_methods_by_sid failed for %s\n", lp_workgroup())); - return ntstatus; - } - - /* Make sure the BUILTIN domain is available */ - - ntstatus = sam_get_methods_by_sid(context, &methods, global_sam_sid); - - if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_NO_SUCH_DOMAIN)) { - DEBUG(4,("There was no backend specified for domain BUILTIN; using %s\n", - SAM_DEFAULT_BACKEND)); - entry.module_name = SAM_DEFAULT_BACKEND; - entry.module_params = NULL; - entry.domain_name = "BUILTIN"; - entry.domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); - sid_copy(entry.domain_sid, &global_sid_Builtin); - - if (!NT_STATUS_IS_OK(ntstatus = make_sam_methods_backend_entry(context, &methods, &entry))) { - DEBUG(4,("make_sam_methods_backend_entry failed\n")); - return ntstatus; - } - - DLIST_ADD_END(context->methods, methods, tmpmethods); - } else if (!NT_STATUS_IS_OK(ntstatus)) { - DEBUG(2, ("sam_get_methods_by_sid failed for BUILTIN\n")); - return ntstatus; - } - - return NT_STATUS_OK; -} - -static NTSTATUS check_duplicate_backend_entries(SAM_BACKEND_ENTRY **backend_entries, int *nBackends) -{ - int i, j; - - DEBUG(5,("check_duplicate_backend_entries: %d\n", __LINE__)); - - for (i = 0; i < *nBackends; i++) { - for (j = i + 1; j < *nBackends; j++) { - if (sid_equal((*backend_entries)[i].domain_sid, (*backend_entries)[j].domain_sid)) { - DEBUG(0,("two backend modules claim the same domain %s\n", - sid_string_static((*backend_entries)[j].domain_sid))); - return NT_STATUS_INVALID_PARAMETER; - } - } - } - - return NT_STATUS_OK; -} - -NTSTATUS make_sam_context_list(SAM_CONTEXT **context, char **sam_backends_param) -{ - int i = 0, j = 0; - SAM_METHODS *curmethods, *tmpmethods; - int nBackends = 0; - SAM_BACKEND_ENTRY *backends = NULL; - NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; - - DEBUG(5,("make_sam_context_from_conf: %d\n", __LINE__)); - - if (!sam_backends_param) { - DEBUG(1, ("no SAM backeds specified!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(nt_status = make_sam_context(context))) { - DEBUG(4,("make_sam_context failed\n")); - return nt_status; - } - - while (sam_backends_param[nBackends]) - nBackends++; - - DEBUG(6,("There are %d domains listed with their backends\n", nBackends)); - - if ((backends = (SAM_BACKEND_ENTRY *)malloc(sizeof(*backends)*nBackends)) == NULL) { - DEBUG(0,("make_sam_context_list: failed to allocate backends\n")); - return NT_STATUS_NO_MEMORY; - } - - memset(backends, '\0', sizeof(*backends)*nBackends); - - for (i = 0; i < nBackends; i++) { - DEBUG(8,("processing %s\n",sam_backends_param[i])); - if (!NT_STATUS_IS_OK(nt_status = make_backend_entry(&backends[i], sam_backends_param[i]))) { - DEBUG(4,("make_backend_entry failed\n")); - for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); - SAFE_FREE(backends); - free_sam_context(context); - return nt_status; - } - } - - if (!NT_STATUS_IS_OK(nt_status = check_duplicate_backend_entries(&backends, &nBackends))) { - DEBUG(4,("check_duplicate_backend_entries failed\n")); - for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); - SAFE_FREE(backends); - free_sam_context(context); - return nt_status; - } - - for (i = 0; i < nBackends; i++) { - if (!NT_STATUS_IS_OK(nt_status = make_sam_methods_backend_entry(*context, &curmethods, &backends[i]))) { - DEBUG(4,("make_sam_methods_backend_entry failed\n")); - for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); - SAFE_FREE(backends); - free_sam_context(context); - return nt_status; - } - DLIST_ADD_END((*context)->methods, curmethods, tmpmethods); - } - - for (i = 0; i < nBackends; i++) SAFE_FREE(backends[i].domain_sid); - - SAFE_FREE(backends); - return NT_STATUS_OK; -} - -/****************************************************************** - Make a sam_context from scratch. - *******************************************************************/ - -NTSTATUS make_sam_context(SAM_CONTEXT **context) -{ - TALLOC_CTX *mem_ctx; - - mem_ctx = talloc_init("sam_context internal allocation context"); - - if (!mem_ctx) { - DEBUG(0, ("make_sam_context: talloc init failed!\n")); - return NT_STATUS_NO_MEMORY; - } - - *context = talloc(mem_ctx, sizeof(**context)); - if (!*context) { - DEBUG(0, ("make_sam_context: talloc failed!\n")); - return NT_STATUS_NO_MEMORY; - } - - ZERO_STRUCTP(*context); - - (*context)->mem_ctx = mem_ctx; - - (*context)->free_fn = free_sam_context; - - return NT_STATUS_OK; -} - -/****************************************************************** - Return an already initialised sam_context, to facilitate backward - compatibility (see functions below). - *******************************************************************/ - -static struct sam_context *sam_get_static_context(BOOL reload) -{ - static SAM_CONTEXT *sam_context = NULL; - - if ((sam_context) && (reload)) { - sam_context->free_fn(&sam_context); - sam_context = NULL; - } - - if (!sam_context) { - if (!NT_STATUS_IS_OK(make_sam_context_list(&sam_context, lp_sam_backend()))) { - DEBUG(4,("make_sam_context_list failed\n")); - return NULL; - } - - /* Make sure the required domains (default domain, builtin) are available */ - if (!NT_STATUS_IS_OK(sam_context_check_default_backends(sam_context))) { - DEBUG(4,("sam_context_check_default_backends failed\n")); - return NULL; - } - } - - return sam_context; -} - -/*************************************************************** - Initialize the static context (at smbd startup etc). - - If uninitialised, context will auto-init on first use. - ***************************************************************/ - -BOOL initialize_sam(BOOL reload) -{ - return (sam_get_static_context(reload) != NULL); -} - - -/************************************************************** - External API. This is what the rest of the world calls... -***************************************************************/ - -/****************************************************************** - sam_* functions are used to link the external SAM interface - with the internal backends. These functions lookup the appropriate - backends for the domain and pass on to the function in sam_methods - in the selected backend - - When the context parmater is NULL, the default is used. - *******************************************************************/ - -#define SAM_SETUP_CONTEXT if (!context) \ - context = sam_get_static_context(False);\ - if (!context) {\ - return NT_STATUS_UNSUCCESSFUL; \ - }\ - - - -NTSTATUS sam_get_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_sec_desc: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_sec_desc) { - DEBUG(3, ("sam_get_sec_desc: sam_methods of the domain did not specify sam_get_sec_desc\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_sec_desc(tmp_methods, access_token, sid, sd))) { - DEBUG(4,("sam_get_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_set_sec_desc: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_set_sec_desc) { - DEBUG(3, ("sam_set_sec_desc: sam_methods of the domain did not specify sam_set_sec_desc\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_set_sec_desc(tmp_methods, access_token, sid, sd))) { - DEBUG(4,("sam_set_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - - -NTSTATUS sam_lookup_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const char *domain, const char *name, DOM_SID *sid, uint32 *type) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_lookup_name: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { - DEBUG(4,("sam_get_methods_by_name failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_lookup_name) { - DEBUG(3, ("sam_lookup_name: sam_methods of the domain did not specify sam_lookup_name\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_name(tmp_methods, access_token, name, sid, type))) { - DEBUG(4,("sam_lookup_name for %s\\%s in backend %s failed\n", - tmp_methods->domain_name, name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_lookup_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type) -{ - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - DOM_SID domainsid; - - DEBUG(5,("sam_lookup_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - sid_copy(&domainsid, sid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_lookup_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_lookup_sid) { - DEBUG(3, ("sam_lookup_sid: sam_methods of the domain did not specify sam_lookup_sid\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_sid(tmp_methods, access_token, mem_ctx, sid, name, type))) { - DEBUG(4,("sam_lookup_name for %s in backend %s failed\n", - sid_string_static(sid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - - -NTSTATUS sam_update_domain(const SAM_CONTEXT *context, const SAM_DOMAIN_HANDLE *domain) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_update_domain: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid domain specified */ - SAM_ASSERT(domain && domain->current_sam_methods); - - tmp_methods = domain->current_sam_methods; - - if (!tmp_methods->sam_update_domain) { - DEBUG(3, ("sam_update_domain: sam_methods of the domain did not specify sam_update_domain\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_domain(tmp_methods, domain))){ - DEBUG(4,("sam_update_domain in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, int32 *domain_count, DOM_SID **domains, char ***domain_names) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SEC_DESC *sd; - size_t sd_size; - uint32 acc_granted; - int i = 0; - - DEBUG(5,("sam_enum_domains: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid parmaters specified */ - SAM_ASSERT(domain_count && domains && domain_names); - - if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { - DEBUG(4,("samr_make_sam_obj_sd failed\n")); - return nt_status; - } - - if (!se_access_check(sd, access_token, SA_RIGHT_SAM_ENUM_DOMAINS, &acc_granted, &nt_status)) { - DEBUG(3,("sam_enum_domains: ACCESS DENIED\n")); - return nt_status; - } - - tmp_methods= context->methods; - *domain_count = 0; - - while (tmp_methods) { - (*domain_count)++; - tmp_methods= tmp_methods->next; - } - - DEBUG(6,("sam_enum_domains: enumerating %d domains\n", (*domain_count))); - - tmp_methods = context->methods; - - if (((*domains) = malloc( sizeof(DOM_SID) * (*domain_count))) == NULL) { - DEBUG(0,("sam_enum_domains: Out of memory allocating domain SID list\n")); - return NT_STATUS_NO_MEMORY; - } - - if (((*domain_names) = malloc( sizeof(char*) * (*domain_count))) == NULL) { - DEBUG(0,("sam_enum_domains: Out of memory allocating domain name list\n")); - SAFE_FREE((*domains)); - return NT_STATUS_NO_MEMORY; - } - - while (tmp_methods) { - DEBUGADD(7,(" [%d] %s: %s\n", i, tmp_methods->domain_name, sid_string_static(&tmp_methods->domain_sid))); - sid_copy(domains[i],&tmp_methods->domain_sid); - *domain_names[i] = smb_xstrdup(tmp_methods->domain_name); - i++; - tmp_methods= tmp_methods->next; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_lookup_domain(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const char *domain, DOM_SID **domainsid) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SEC_DESC *sd; - size_t sd_size; - uint32 acc_granted; - - DEBUG(5,("sam_lookup_domain: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid paramters */ - SAM_ASSERT(access_token && domain && domainsid); - - if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { - DEBUG(4,("samr_make_sam_obj_sd failed\n")); - return nt_status; - } - - if (!se_access_check(sd, access_token, SA_RIGHT_SAM_OPEN_DOMAIN, &acc_granted, &nt_status)) { - DEBUG(3,("sam_lookup_domain: ACCESS DENIED\n")); - return nt_status; - } - - tmp_methods= context->methods; - - while (tmp_methods) { - if (strcmp(domain, tmp_methods->domain_name) == 0) { - (*domainsid) = (DOM_SID *)malloc(sizeof(DOM_SID)); - sid_copy((*domainsid), &tmp_methods->domain_sid); - return NT_STATUS_OK; - } - tmp_methods= tmp_methods->next; - } - - return NT_STATUS_NO_SUCH_DOMAIN; -} - - -NTSTATUS sam_get_domain_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_domain_by_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && domain); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_domain_handle) { - DEBUG(3, ("sam_get_domain_by_sid: sam_methods of the domain did not specify sam_get_domain_handle\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_domain_handle(tmp_methods, access_token, access_desired, domain))) { - DEBUG(4,("sam_get_domain_handle for %s in backend %s failed\n", - sid_string_static(domainsid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_create_account(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_create_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid parmaters */ - SAM_ASSERT(access_token && domainsid && account_name && account); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_create_account) { - DEBUG(3, ("sam_create_account: sam_methods of the domain did not specify sam_create_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_account(tmp_methods, access_token, access_desired, account_name, acct_ctrl, account))) { - DEBUG(4,("sam_create_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_add_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) -{ - DOM_SID domainsid; - const DOM_SID *accountsid; - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - - DEBUG(5,("sam_add_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid parmaters */ - SAM_ASSERT(account); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_account_sid(account, &accountsid))) { - DEBUG(0,("Can't get account SID\n")); - return nt_status; - } - - sid_copy(&domainsid, accountsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_account_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_add_account) { - DEBUG(3, ("sam_add_account: sam_methods of the domain did not specify sam_add_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_account(tmp_methods, account))){ - DEBUG(4,("sam_add_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_update_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_update_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid account specified */ - SAM_ASSERT(account && account->current_sam_methods); - - tmp_methods = account->current_sam_methods; - - if (!tmp_methods->sam_update_account) { - DEBUG(3, ("sam_update_account: sam_methods of the domain did not specify sam_update_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_account(tmp_methods, account))){ - DEBUG(4,("sam_update_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_delete_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_delete_account: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid account specified */ - SAM_ASSERT(account && account->current_sam_methods); - - tmp_methods = account->current_sam_methods; - - if (!tmp_methods->sam_delete_account) { - DEBUG(3, ("sam_delete_account: sam_methods of the domain did not specify sam_delete_account\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_account(tmp_methods, account))){ - DEBUG(4,("sam_delete_account in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_accounts(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, uint16 acct_ctrl, int32 *account_count, SAM_ACCOUNT_ENUM **accounts) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_enum_accounts: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && account_count && accounts); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_enum_accounts) { - DEBUG(3, ("sam_enum_accounts: sam_methods of the domain did not specify sam_enum_accounts\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_accounts(tmp_methods, access_token, acct_ctrl, account_count, accounts))) { - DEBUG(4,("sam_enum_accounts for domain %s in backend %s failed\n", - tmp_methods->domain_name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - - -NTSTATUS sam_get_account_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) -{ - SAM_METHODS *tmp_methods; - uint32 rid; - DOM_SID domainsid; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_account_by_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && accountsid && account); - - sid_copy(&domainsid, accountsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_account_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_account_by_sid) { - DEBUG(3, ("sam_get_account_by_sid: sam_methods of the domain did not specify sam_get_account_by_sid\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_sid(tmp_methods, access_token, access_desired, accountsid, account))) { - DEBUG(4,("sam_get_account_by_sid for %s in backend %s failed\n", - sid_string_static(accountsid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_account_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *domain, const char *name, SAM_ACCOUNT_HANDLE **account) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_account_by_name: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domain && name && account); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { - DEBUG(4,("sam_get_methods_by_name failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_account_by_name) { - DEBUG(3, ("sam_get_account_by_name: sam_methods of the domain did not specify sam_get_account_by_name\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_name(tmp_methods, access_token, access_desired, name, account))) { - DEBUG(4,("sam_get_account_by_name for %s\\%s in backend %s failed\n", - domain, name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_create_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && group_name && group); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_create_group) { - DEBUG(3, ("sam_create_group: sam_methods of the domain did not specify sam_create_group\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_group(tmp_methods, access_token, access_desired, group_name, group_ctrl, group))) { - DEBUG(4,("sam_create_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) -{ - DOM_SID domainsid; - const DOM_SID *groupsid; - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - - DEBUG(5,("sam_add_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(group); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_group_sid(group, &groupsid))) { - DEBUG(0,("Can't get group SID\n")); - return nt_status; - } - - sid_copy(&domainsid, groupsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_group_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_add_group) { - DEBUG(3, ("sam_add_group: sam_methods of the domain did not specify sam_add_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_group(tmp_methods, group))){ - DEBUG(4,("sam_add_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_update_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_update_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid group specified */ - SAM_ASSERT(group && group->current_sam_methods); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_update_group) { - DEBUG(3, ("sam_update_group: sam_methods of the domain did not specify sam_update_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_group(tmp_methods, group))){ - DEBUG(4,("sam_update_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_delete_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_delete_group: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid group specified */ - SAM_ASSERT(group && group->current_sam_methods); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_delete_group) { - DEBUG(3, ("sam_delete_group: sam_methods of the domain did not specify sam_delete_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_group(tmp_methods, group))){ - DEBUG(4,("sam_delete_group in backend %s failed\n", - tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_groups(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_enum_groups: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domainsid && groups_count && groups); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_enum_accounts) { - DEBUG(3, ("sam_enum_groups: sam_methods of the domain did not specify sam_enum_groups\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groups(tmp_methods, access_token, group_ctrl, groups_count, groups))) { - DEBUG(4,("sam_enum_groups for domain %s in backend %s failed\n", - tmp_methods->domain_name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_group_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) -{ - SAM_METHODS *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - DOM_SID domainsid; - - DEBUG(5,("sam_get_group_by_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && groupsid && group); - - sid_copy(&domainsid, groupsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("sam_get_group_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_group_by_sid) { - DEBUG(3, ("sam_get_group_by_sid: sam_methods of the domain did not specify sam_get_group_by_sid\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_sid(tmp_methods, access_token, access_desired, groupsid, group))) { - DEBUG(4,("sam_get_group_by_sid for %s in backend %s failed\n", - sid_string_static(groupsid), tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_group_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - DEBUG(5,("sam_get_group_by_name: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - SAM_ASSERT(access_token && domain && name && group); - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { - DEBUG(4,("sam_get_methods_by_name failed\n")); - return nt_status; - } - - if (!tmp_methods->sam_get_group_by_name) { - DEBUG(3, ("sam_get_group_by_name: sam_methods of the domain did not specify sam_get_group_by_name\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_name(tmp_methods, access_token, access_desired, name, group))) { - DEBUG(4,("sam_get_group_by_name for %s\\%s in backend %s failed\n", - domain, name, tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_add_member_to_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SAM_SETUP_CONTEXT; - - /* invalid group or member specified */ - SAM_ASSERT(group && group->current_sam_methods && member); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_add_member_to_group) { - DEBUG(3, ("sam_add_member_to_group: sam_methods of the domain did not specify sam_add_member_to_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_member_to_group(tmp_methods, group, member))) { - DEBUG(4,("sam_add_member_to_group in backend %s failed\n", tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; - -} - -NTSTATUS sam_delete_member_from_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SAM_SETUP_CONTEXT; - - /* invalid group or member specified */ - SAM_ASSERT(group && group->current_sam_methods && member); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_delete_member_from_group) { - DEBUG(3, ("sam_delete_member_from_group: sam_methods of the domain did not specify sam_delete_member_from_group\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_member_from_group(tmp_methods, group, member))) { - DEBUG(4,("sam_delete_member_from_group in backend %s failed\n", tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_enum_groupmembers(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) -{ - const SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - SAM_SETUP_CONTEXT; - - /* invalid group specified */ - SAM_ASSERT(group && group->current_sam_methods && members_count && members); - - tmp_methods = group->current_sam_methods; - - if (!tmp_methods->sam_enum_groupmembers) { - DEBUG(3, ("sam_enum_groupmembers: sam_methods of the domain did not specify sam_enum_group_members\n")); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groupmembers(tmp_methods, group, members_count, members))) { - DEBUG(4,("sam_enum_groupmembers in backend %s failed\n", tmp_methods->backendname)); - return nt_status; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_groups_of_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) -{ - SAM_METHODS *tmp_methods; - NTSTATUS nt_status; - - uint32 tmp_group_count; - SAM_GROUP_ENUM *tmp_groups; - - DEBUG(5,("sam_get_groups_of_sid: %d\n", __LINE__)); - - SAM_SETUP_CONTEXT; - - /* invalid sam_context specified */ - SAM_ASSERT(access_token && sids && context && context->methods); - - *group_count = 0; - - *groups = NULL; - - tmp_methods= context->methods; - - while (tmp_methods) { - DEBUG(5,("getting groups from domain \n")); - if (!tmp_methods->sam_get_groups_of_sid) { - DEBUG(3, ("sam_get_groups_of_sid: sam_methods of domain did not specify sam_get_groups_of_sid\n")); - SAFE_FREE(*groups); - return NT_STATUS_NOT_IMPLEMENTED; - } - - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_groups_of_sid(tmp_methods, access_token, sids, group_ctrl, &tmp_group_count, &tmp_groups))) { - DEBUG(4,("sam_get_groups_of_sid in backend %s failed\n", tmp_methods->backendname)); - SAFE_FREE(*groups); - return nt_status; - } - - *groups = Realloc(*groups, ((*group_count) + tmp_group_count) * sizeof(SAM_GROUP_ENUM)); - - memcpy(&(*groups)[*group_count], tmp_groups, tmp_group_count); - - SAFE_FREE(tmp_groups); - - *group_count += tmp_group_count; - - tmp_methods = tmp_methods->next; - } - - return NT_STATUS_OK; -} - - diff --git a/source3/sam/sam_ads.c b/source3/sam/sam_ads.c deleted file mode 100755 index 13e0369004..0000000000 --- a/source3/sam/sam_ads.c +++ /dev/null @@ -1,1378 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Active Directory SAM backend, for simulate a W2K DC in mixed mode. - - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Andrew Bartlett 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - - -#ifdef HAVE_LDAP - -static int sam_ads_debug_level = DBGC_SAM; - -#undef DBGC_CLASS -#define DBGC_CLASS sam_ads_debug_level - -#ifndef FIXME -#define FIXME( body ) { DEBUG(0,("FIXME: "));\ - DEBUGADD(0,(body));} -#endif - -#define ADS_STATUS_OK ADS_ERROR(0) -#define ADS_STATUS_UNSUCCESSFUL ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL) -#define ADS_STATUS_NOT_IMPLEMENTED ADS_ERROR_NT(NT_STATUS_NOT_IMPLEMENTED) - - -#define ADS_SUBTREE_BUILTIN "CN=Builtin," -#define ADS_SUBTREE_COMPUTERS "CN=Computers," -#define ADS_SUBTREE_DC "CN=Domain Controllers," -#define ADS_SUBTREE_USERS "CN=Users," -#define ADS_ROOT_TREE "" -/* Here are private module structs and functions */ - -typedef struct sam_ads_privates { - ADS_STRUCT *ads_struct; - TALLOC_CTX *mem_ctx; - BOOL bind_plaintext; - char *ads_bind_dn; - char *ads_bind_pw; - char *ldap_uri; - /* did we need something more? */ -}SAM_ADS_PRIVATES; - - -/* get only these LDAP attributes, witch we really need for an account */ -const char *account_attrs[] = { "objectSid", - "objectGUID", - "sAMAccountType", - "sAMAcountName", - "userPrincipalName", - "accountExpires", - "badPasswordTime", - "badPwdCount", - "lastLogoff", - "lastLogon", - "userWorkstations", - "dBCSPwd", - "unicodePwd", - "pwdLastSet", - "userAccountControl", - "profilePath", - "homeDrive", - "scriptPath", - "homeDirectory", - "cn", - "primaryGroupID",/* 513 */ - "nsNPAllowDialIn",/* TRUE */ - "userParameters",/* Dial Back number ...*/ - "codePage",/* 0 */ - "countryCode",/* 0 */ - "adminCount",/* 1 or 0 */ - "logonCount",/* 0 */ - "managedObjects", - "memberOf",/* dn */ - "instanceType",/* 4 */ - "name", /* sync with cn */ - "description", - /* "nTSecurityDescriptor", */ - NULL}; - -/* get only these LDAP attributes, witch we really need for a group */ -const char *group_attrs[] = {"objectSid", - /* "objectGUID", */ - "sAMAccountType", - "sAMAcountName", - "groupType", - /* "member", */ - "description", - "name", /* sync with cn */ - /* "nTSecurityDescriptor", */ - NULL}; - - -/*************************************************** - return our ads connection. We keep the connection - open to make things faster -****************************************************/ -static ADS_STATUS sam_ads_cached_connection(SAM_ADS_PRIVATES *privates) -{ - ADS_STRUCT *ads_struct; - ADS_STATUS ads_status; - - if (!privates->ads_struct) { - privates->ads_struct = ads_init_simple(); - ads_struct = privates->ads_struct; - ads_struct->server.ldap_uri = smb_xstrdup(privates->ldap_uri); - if ((!privates->ads_bind_dn) || (!*privates->ads_bind_dn)) { - ads_struct->auth.flags |= ADS_AUTH_ANON_BIND; - } else { - ads_struct->auth.user_name - = smb_xstrdup(privates->ads_bind_dn); - if (privates->ads_bind_pw) { - ads_struct->auth.password - = smb_xstrdup(privates->ads_bind_pw); - } - } - if (privates->bind_plaintext) { - ads_struct->auth.flags |= ADS_AUTH_SIMPLE_BIND; - } - } else { - ads_struct = privates->ads_struct; - } - - if (ads_struct->ld != NULL) { - /* connection has been opened. ping server. */ - struct sockaddr_un addr; - socklen_t len; - int sd; - if (ldap_get_option(ads_struct->ld, LDAP_OPT_DESC, &sd) == 0 && - getpeername(sd, (struct sockaddr *) &addr, &len) < 0) { - /* the other end has died. reopen. */ - ldap_unbind_ext(ads_struct->ld, NULL, NULL); - ads_struct->ld = NULL; - } - } - - if (ads_struct->ld != NULL) { - DEBUG(5,("sam_ads_cached_connection: allready connected to the LDAP server\n")); - return ADS_SUCCESS; - } - - ads_status = ads_connect(ads_struct); - - ads_status = ads_server_info(ads_struct); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(0,("Can't set server info: %s\n",ads_errstr(ads_status))); - /* return ads_status; */ FIXME("for now we only warn!\n"); - } - - DEBUG(2, ("sam_ads_cached_connection: succesful connection to the LDAP server\n")); - return ADS_SUCCESS; -} - -static ADS_STATUS sam_ads_do_search(SAM_ADS_PRIVATES *privates, const char *bind_path, int scope, const char *exp, const char **attrs, void **res) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - - ads_status = sam_ads_cached_connection(privates); - if (!ADS_ERR_OK(ads_status)) - return ads_status; - - return ads_do_search_retry(privates->ads_struct, bind_path, scope, exp, attrs, res); -} - - -/********************************************* -here we have to check the update serial number - - this is the core of the ldap cache -*********************************************/ -static ADS_STATUS sam_ads_usn_is_valid(SAM_ADS_PRIVATES *privates, uint32 usn_in, uint32 *usn_out) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - - SAM_ASSERT(privates && privates->ads_struct && usn_out); - - ads_status = ads_USN(privates->ads_struct, usn_out); - if (!ADS_ERR_OK(ads_status)) - return ads_status; - - if (*usn_out == usn_in) - return ADS_SUCCESS; - - return ads_status; -} - -/*********************************************** -Initialize SAM_ACCOUNT_HANDLE from an ADS query -************************************************/ -/* not ready :-( */ -static ADS_STATUS ads_entry2sam_account_handle(SAM_ADS_PRIVATES *privates, SAM_ACCOUNT_HANDLE *account ,void *msg) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_NO_SUCH_USER); - NTSTATUS nt_status = NT_STATUS_NO_SUCH_USER; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = account->mem_ctx; - char *tmp_str = NULL; - - SAM_ASSERT(privates && ads_struct && account && mem_ctx && msg); - - FIXME("should we really use ads_pull_username()(or ads_pull_string())?\n"); - if ((account->private.account_name = ads_pull_username(ads_struct, mem_ctx, msg))==NULL) { - DEBUG(0,("ads_pull_username failed\n")); - return ADS_ERROR_NT(NT_STATUS_NO_SUCH_USER); - } - - if ((account->private.full_name = ads_pull_string(ads_struct, mem_ctx, msg,"name"))==NULL) { - DEBUG(3,("ads_pull_string for 'name' failed - skip\n")); - } - - if ((account->private.acct_desc = ads_pull_string(ads_struct, mem_ctx, msg,"description"))!=NULL) { - DEBUG(3,("ads_pull_string for 'acct_desc' failed - skip\n")); - } - - if ((account->private.home_dir = ads_pull_string(ads_struct, mem_ctx, msg,"homeDirectory"))!=NULL) { - DEBUG(3,("ads_pull_string for 'homeDirectory' failed - skip\n")); - } - - if ((account->private.dir_drive = ads_pull_string(ads_struct, mem_ctx, msg,"homeDrive"))!=NULL) { - DEBUG(3,("ads_pull_string for 'homeDrive' failed - skip\n")); - } - - if ((account->private.profile_path = ads_pull_string(ads_struct, mem_ctx, msg,"profilePath"))!=NULL) { - DEBUG(3,("ads_pull_string for 'profilePath' failed - skip\n")); - } - - if ((account->private.logon_script = ads_pull_string(ads_struct, mem_ctx, msg,"scriptPath"))!=NULL) { - DEBUG(3,("ads_pull_string for 'scriptPath' failed - skip\n")); - } - - FIXME("check 'nsNPAllowDialIn' for munged_dial!\n"); - if ((account->private.munged_dial = ads_pull_string(ads_struct, mem_ctx, msg,"userParameters"))!=NULL) { - DEBUG(3,("ads_pull_string for 'userParameters' failed - skip\n")); - } - - if ((account->private.unix_home_dir = ads_pull_string(ads_struct, mem_ctx, msg,"msSFUHomeDrirectory"))!=NULL) { - DEBUG(3,("ads_pull_string for 'msSFUHomeDrirectory' failed - skip\n")); - } - -#if 0 - FIXME("use function intern mem_ctx for pwdLastSet\n"); - if ((tmp_str = ads_pull_string(ads_struct, mem_ctx, msg,"pwdLastSet"))!=NULL) { - DEBUG(3,("ads_pull_string for 'pwdLastSet' failed - skip\n")); - } else { - account->private.pass_last_set_time = ads_parse_nttime(tmp_str); - tmp_str = NULL; - - } -#endif - -#if 0 -typedef struct sam_account_handle { - TALLOC_CTX *mem_ctx; - uint32 access_granted; - const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */ - void (*free_fn)(struct sam_account_handle **); - struct sam_account_data { - uint32 init_flag; - NTTIME logon_time; /* logon time */ - NTTIME logoff_time; /* logoff time */ - NTTIME kickoff_time; /* kickoff time */ - NTTIME pass_last_set_time; /* password last set time */ - NTTIME pass_can_change_time; /* password can change time */ - NTTIME pass_must_change_time; /* password must change time */ - char * account_name; /* account_name string */ - SAM_DOMAIN_HANDLE * domain; /* domain of account */ - char *full_name; /* account's full name string */ - char *unix_home_dir; /* UNIX home directory string */ - char *home_dir; /* home directory string */ - char *dir_drive; /* home directory drive string */ - char *logon_script; /* logon script string */ - char *profile_path; /* profile path string */ - char *acct_desc; /* account description string */ - char *workstations; /* login from workstations string */ - char *unknown_str; /* don't know what this is, yet. */ - char *munged_dial; /* munged path name and dial-back tel number */ - DOM_SID account_sid; /* Primary Account SID */ - DOM_SID group_sid; /* Primary Group SID */ - DATA_BLOB lm_pw; /* .data is Null if no password */ - DATA_BLOB nt_pw; /* .data is Null if no password */ - char *plaintext_pw; /* if Null not available */ - uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */ - uint32 unknown_1; /* 0x00ff ffff */ - uint16 logon_divs; /* 168 - number of hours in a week */ - uint32 hours_len; /* normally 21 bytes */ - uint8 hours[MAX_HOURS_LEN]; - uint32 unknown_2; /* 0x0002 0000 */ - uint32 unknown_3; /* 0x0000 04ec */ - } private; -} SAM_ACCOUNT_HANDLE; -#endif - - return ads_status; -} - - -/*********************************************** -Initialize SAM_GROUP_ENUM from an ads entry -************************************************/ -/* not ready :-( */ -static ADS_STATUS ads_entry2sam_group_enum(SAM_ADS_PRIVATES *privates, TALLOC_CTX *mem_ctx, SAM_GROUP_ENUM **group_enum,const void *entry) -{ - ADS_STATUS ads_status = ADS_STATUS_UNSUCCESSFUL; - ADS_STRUCT *ads_struct = privates->ads_struct; - SAM_GROUP_ENUM __group_enum; - SAM_GROUP_ENUM *_group_enum = &__group_enum; - - SAM_ASSERT(privates && ads_struct && mem_ctx && group_enum && entry); - - *group_enum = _group_enum; - - DEBUG(3,("sam_ads: ads_entry2sam_account_handle\n")); - - if (!ads_pull_sid(ads_struct, &entry, "objectSid", &(_group_enum->sid))) { - DEBUG(0,("No sid for!?\n")); - return ADS_STATUS_UNSUCCESSFUL; - } - - if (!(_group_enum->group_name = ads_pull_string(ads_struct, mem_ctx, &entry, "sAMAccountName"))) { - DEBUG(0,("No groupname found")); - return ADS_STATUS_UNSUCCESSFUL; - } - - if (!(_group_enum->group_desc = ads_pull_string(ads_struct, mem_ctx, &entry, "desciption"))) { - DEBUG(0,("No description found")); - return ADS_STATUS_UNSUCCESSFUL; - } - - DEBUG(0,("sAMAccountName: %s\ndescription: %s\nobjectSid: %s\n", - _group_enum->group_name, - _group_enum->group_desc, - sid_string_static(&(_group_enum->sid)) - )); - - return ads_status; -} - -static ADS_STATUS sam_ads_access_check(SAM_ADS_PRIVATES *privates, const SEC_DESC *sd, const NT_USER_TOKEN *access_token, uint32 access_desired, uint32 *acc_granted) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_ACCESS_DENIED); - NTSTATUS nt_status; - uint32 my_acc_granted; - - SAM_ASSERT(privates && sd && access_token); - /* acc_granted can be set to NULL */ - - /* the steps you need are: - 1. get_sec_desc for sid - 2. se_map_generic(accessdesired, generic_mapping) - 3. se_access_check() */ - - if (!se_access_check(sd, access_token, access_desired, (acc_granted)?acc_granted:&my_acc_granted, &nt_status)) { - DEBUG(3,("sam_ads_access_check: ACCESS DENIED\n")); - ads_status = ADS_ERROR_NT(nt_status); - return ads_status; - } - ads_status = ADS_ERROR_NT(nt_status); - return ads_status; -} - -static ADS_STATUS sam_ads_get_tree_sec_desc(SAM_ADS_PRIVATES *privates, const char *subtree, SEC_DESC **sd) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = privates->mem_ctx; - char *search_path; - void *sec_desc_res; - void *sec_desc_msg; - const char *sec_desc_attrs[] = {"nTSecurityDescriptor",NULL}; - - SAM_ASSERT(privates && ads_struct && mem_ctx && sd); - *sd = NULL; - - if (subtree) { - asprintf(&search_path, "%s%s",subtree,ads_struct->config.bind_path); - } else { - asprintf(&search_path, "%s",""); - } - ads_status = sam_ads_do_search(privates, search_path, LDAP_SCOPE_BASE, "(objectClass=*)", sec_desc_attrs, &sec_desc_res); - SAFE_FREE(search_path); - if (!ADS_ERR_OK(ads_status)) - return ads_status; - - if ((sec_desc_msg = ads_first_entry(ads_struct, sec_desc_res))==NULL) { - ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); - return ads_status; - } - - if (!ads_pull_sd(ads_struct, mem_ctx, sec_desc_msg, sec_desc_attrs[0], sd)) { - *sd = NULL; - ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); - return ads_status; - } - - return ads_status; -} - -static ADS_STATUS sam_ads_account_policy_get(SAM_ADS_PRIVATES *privates, int field, uint32 *value) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); - ADS_STRUCT *ads_struct = privates->ads_struct; - void *ap_res; - void *ap_msg; - const char *ap_attrs[] = {"minPwdLength",/* AP_MIN_PASSWORD_LEN */ - "pwdHistoryLength",/* AP_PASSWORD_HISTORY */ - "AP_USER_MUST_LOGON_TO_CHG_PASS",/* AP_USER_MUST_LOGON_TO_CHG_PASS */ - "maxPwdAge",/* AP_MAX_PASSWORD_AGE */ - "minPwdAge",/* AP_MIN_PASSWORD_AGE */ - "lockoutDuration",/* AP_LOCK_ACCOUNT_DURATION */ - "AP_RESET_COUNT_TIME",/* AP_RESET_COUNT_TIME */ - "AP_BAD_ATTEMPT_LOCKOUT",/* AP_BAD_ATTEMPT_LOCKOUT */ - "AP_TIME_TO_LOGOUT",/* AP_TIME_TO_LOGOUT */ - NULL}; - /*lockOutObservationWindow - lockoutThreshold $ pwdProperties*/ - static uint32 ap[9]; - static uint32 ap_usn = 0; - uint32 tmp_usn = 0; - - SAM_ASSERT(privates && ads_struct && value); - - FIXME("We need to decode all account_policy attributes!\n"); - - ads_status = sam_ads_usn_is_valid(privates,ap_usn,&tmp_usn); - if (!ADS_ERR_OK(ads_status)) { - ads_status = sam_ads_do_search(privates, ads_struct->config.bind_path, LDAP_SCOPE_BASE, "(objectClass=*)", ap_attrs, &ap_res); - if (!ADS_ERR_OK(ads_status)) - return ads_status; - - if (ads_count_replies(ads_struct, ap_res) != 1) { - ads_msgfree(ads_struct, ap_res); - return ADS_ERROR(LDAP_NO_RESULTS_RETURNED); - } - - if (!(ap_msg = ads_first_entry(ads_struct, ap_res))) { - ads_msgfree(ads_struct, ap_res); - return ADS_ERROR(LDAP_NO_RESULTS_RETURNED); - } - - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[0], &ap[0])) { - /* AP_MIN_PASSWORD_LEN */ - ap[0] = MINPASSWDLENGTH;/* 5 chars minimum */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[1], &ap[1])) { - /* AP_PASSWORD_HISTORY */ - ap[1] = 0;/* don't keep any old password */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[2], &ap[2])) { - /* AP_USER_MUST_LOGON_TO_CHG_PASS */ - ap[2] = 0;/* don't force user to logon */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[3], &ap[3])) { - /* AP_MAX_PASSWORD_AGE */ - ap[3] = MAX_PASSWORD_AGE;/* 21 days */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[4], &ap[4])) { - /* AP_MIN_PASSWORD_AGE */ - ap[4] = 0;/* 0 days */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[5], &ap[5])) { - /* AP_LOCK_ACCOUNT_DURATION */ - ap[5] = 0;/* lockout for 0 minutes */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[6], &ap[6])) { - /* AP_RESET_COUNT_TIME */ - ap[6] = 0;/* reset immediatly */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[7], &ap[7])) { - /* AP_BAD_ATTEMPT_LOCKOUT */ - ap[7] = 0;/* don't lockout */ - } - if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[8], &ap[8])) { - /* AP_TIME_TO_LOGOUT */ - ap[8] = -1;/* don't force logout */ - } - - ads_msgfree(ads_struct, ap_res); - ap_usn = tmp_usn; - } - - switch(field) { - case AP_MIN_PASSWORD_LEN: - *value = ap[0]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_PASSWORD_HISTORY: - *value = ap[1]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_USER_MUST_LOGON_TO_CHG_PASS: - *value = ap[2]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_MAX_PASSWORD_AGE: - *value = ap[3]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_MIN_PASSWORD_AGE: - *value = ap[4]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_LOCK_ACCOUNT_DURATION: - *value = ap[5]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_RESET_COUNT_TIME: - *value = ap[6]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_BAD_ATTEMPT_LOCKOUT: - *value = ap[7]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - case AP_TIME_TO_LOGOUT: - *value = ap[8]; - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - break; - default: *value = 0; break; - } - - return ads_status; -} - - -/********************************** -Now the functions off the SAM API -***********************************/ - -/* General API */ -static NTSTATUS sam_ads_get_sec_desc(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, - const DOM_SID *sid, SEC_DESC **sd) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx; - char *sidstr,*filter; - void *sec_desc_res; - void *sec_desc_msg; - const char *sec_desc_attrs[] = {"nTSecurityDescriptor",NULL}; - fstring sid_str; - SEC_DESC *my_sd; - - SAM_ASSERT(sam_method && access_token && sid && sd); - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL); - - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - sidstr = sid_binstring(sid); - if (asprintf(&filter, "(objectSid=%s)", sidstr) == -1) { - SAFE_FREE(sidstr); - return NT_STATUS_NO_MEMORY; - } - - SAFE_FREE(sidstr); - - ads_status = sam_ads_do_search(privates,ads_struct->config.bind_path, - LDAP_SCOPE_SUBTREE, filter, sec_desc_attrs, - &sec_desc_res); - SAFE_FREE(filter); - - if (!ADS_ERR_OK(ads_status)) { - return ads_ntstatus(ads_status); - } - - if (!(mem_ctx = talloc_init("sec_desc parse in sam_ads"))) { - DEBUG(1, ("talloc_init() failed for sec_desc parse context in sam_ads")); - ads_msgfree(ads_struct, sec_desc_res); - return NT_STATUS_NO_MEMORY; - } - - if (ads_count_replies(ads_struct, sec_desc_res) != 1) { - DEBUG(1,("sam_ads_get_sec_desc: duplicate or 0 results for sid %s\n", - sid_to_string(sid_str, sid))); - talloc_destroy(mem_ctx); - ads_msgfree(ads_struct, sec_desc_res); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!(sec_desc_msg = ads_first_entry(ads_struct, sec_desc_res))) { - talloc_destroy(mem_ctx); - ads_msgfree(ads_struct, sec_desc_res); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!ads_pull_sd(ads_struct, mem_ctx, sec_desc_msg, sec_desc_attrs[0], sd)) { - ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); - talloc_destroy(mem_ctx); - ads_msgfree(ads_struct, sec_desc_res); - return ads_ntstatus(ads_status); - } - - /* now, were we allowed to see the SD we just got? */ - - ads_msgfree(ads_struct, sec_desc_res); - talloc_destroy(mem_ctx); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_set_sec_desc(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, - const DOM_SID *sid, const SEC_DESC *sd) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - - -static NTSTATUS sam_ads_lookup_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, - TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, - enum SID_NAME_USE *type) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - SEC_DESC *my_sd; - - SAM_ASSERT(sam_method && access_token && mem_ctx && sid && name && type); - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - return ads_sid_to_name(ads_struct, mem_ctx, sid, name, type); -} - -static NTSTATUS sam_ads_lookup_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, - const char *name, DOM_SID *sid, enum SID_NAME_USE *type) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - SEC_DESC *my_sd; - - SAM_ASSERT(sam_method && access_token && name && sid && type); - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - return ads_name_to_sid(ads_struct, name, sid, type); -} - - -/* Domain API */ - -static NTSTATUS sam_ads_update_domain(const SAM_METHODS *sam_method, const SAM_DOMAIN_HANDLE *domain) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_get_domain_handle(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, - const uint32 access_desired, SAM_DOMAIN_HANDLE **domain) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - TALLOC_CTX *mem_ctx = privates->mem_ctx; /*Fix me is this right??? */ - SAM_DOMAIN_HANDLE *dom_handle = NULL; - SEC_DESC *sd; - uint32 acc_granted; - uint32 tmp_value; - - DEBUG(5,("sam_ads_get_domain_handle: %d\n",__LINE__)); - - SAM_ASSERT(sam_method && access_token && domain); - - (*domain) = NULL; - - if ((dom_handle = talloc(mem_ctx, sizeof(SAM_DOMAIN_HANDLE))) == NULL) { - DEBUG(0,("failed to talloc dom_handle\n")); - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - return ads_ntstatus(ads_status); - } - - ZERO_STRUCTP(dom_handle); - - dom_handle->mem_ctx = mem_ctx; /*Fix me is this right??? */ - dom_handle->free_fn = NULL; - dom_handle->current_sam_methods = sam_method; - - /* check if access can be granted as requested */ - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - dom_handle->access_granted = acc_granted; - - /* fill all the values of dom_handle */ - sid_copy(&dom_handle->private.sid, &sam_method->domain_sid); - dom_handle->private.name = smb_xstrdup(sam_method->domain_name); - dom_handle->private.servername = "WHOKNOWS"; /* what is the servername */ - - /*Fix me: sam_ads_account_policy_get() return ADS_STATUS! */ - ads_status = sam_ads_account_policy_get(privates, AP_MAX_PASSWORD_AGE, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for max password age. Useing default\n")); - tmp_value = MAX_PASSWORD_AGE; - } - unix_to_nt_time_abs(&dom_handle->private.max_passwordage,tmp_value); - - ads_status = sam_ads_account_policy_get(privates, AP_MIN_PASSWORD_AGE, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for min password age. Useing default\n")); - tmp_value = 0; - } - unix_to_nt_time_abs(&dom_handle->private.min_passwordage, tmp_value); - - ads_status = sam_ads_account_policy_get(privates, AP_LOCK_ACCOUNT_DURATION, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for lockout duration. Useing default\n")); - tmp_value = 0; - } - unix_to_nt_time_abs(&dom_handle->private.lockout_duration, tmp_value); - - ads_status = sam_ads_account_policy_get(privates, AP_RESET_COUNT_TIME, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for time till locout count is reset. Useing default\n")); - tmp_value = 0; - } - unix_to_nt_time_abs(&dom_handle->private.reset_count, tmp_value); - - ads_status = sam_ads_account_policy_get(privates, AP_MIN_PASSWORD_LEN, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for min password length. Useing default\n")); - tmp_value = 0; - } - dom_handle->private.min_passwordlength = (uint16)tmp_value; - - ads_status = sam_ads_account_policy_get(privates, AP_PASSWORD_HISTORY, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed password history. Useing default\n")); - tmp_value = 0; - } - dom_handle->private.password_history = (uint16)tmp_value; - - ads_status = sam_ads_account_policy_get(privates, AP_BAD_ATTEMPT_LOCKOUT, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for bad attempts till lockout. Useing default\n")); - tmp_value = 0; - } - dom_handle->private.lockout_count = (uint16)tmp_value; - - ads_status = sam_ads_account_policy_get(privates, AP_TIME_TO_LOGOUT, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for force logout. Useing default\n")); - tmp_value = -1; - } - - ads_status = sam_ads_account_policy_get(privates, AP_USER_MUST_LOGON_TO_CHG_PASS, &tmp_value); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(4,("sam_ads_account_policy_get failed for user must login to change password. Useing default\n")); - tmp_value = 0; - } - - /* should the real values of num_accounts, num_groups and num_aliases be retreved? - * I think it is to expensive to bother - */ - dom_handle->private.num_accounts = 3; - dom_handle->private.num_groups = 4; - dom_handle->private.num_aliases = 5; - - *domain = dom_handle; - - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - return ads_ntstatus(ads_status); -} - -/* Account API */ -static NTSTATUS sam_ads_create_account(const SAM_METHODS *sam_method, - const NT_USER_TOKEN *access_token, uint32 access_desired, - const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - SEC_DESC *sd = NULL; - uint32 acc_granted; - - SAM_ASSERT(sam_method && privates && access_token && account_name && account); - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_SUBTREE_USERS, &sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = ADS_ERROR_NT(sam_init_account(account)); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - (*account)->access_granted = acc_granted; - - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_add_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account) -{ - ADS_STATUS ads_status = ADS_ERROR(LDAP_NO_MEMORY); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = privates->mem_ctx; - ADS_MODLIST mods; - uint16 acct_ctrl; - char *new_dn; - SEC_DESC *sd; - uint32 acc_granted; - - SAM_ASSERT(sam_method && account); - - ads_status = ADS_ERROR_NT(sam_get_account_acct_ctrl(account,&acct_ctrl)); - if (!ADS_ERR_OK(ads_status)) - goto done; - - if ((acct_ctrl & ACB_WSTRUST)||(acct_ctrl & ACB_SVRTRUST)) { - /* Computer account */ - char *name,*controlstr; - char *hostname,*host_upn,*host_spn; - const char *objectClass[] = {"top", "person", "organizationalPerson", - "user", "computer", NULL}; - - ads_status = ADS_ERROR_NT(sam_get_account_name(account,&name)); - if (!ADS_ERR_OK(ads_status)) - goto done; - - if (!(host_upn = talloc_asprintf(mem_ctx, "%s@%s", name, ads_struct->config.realm))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(new_dn = talloc_asprintf(mem_ctx, "CN=%s,CN=Computers,%s", hostname, - ads_struct->config.bind_path))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(controlstr = talloc_asprintf(mem_ctx, "%u", ads_acb2uf(acct_ctrl)))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(mods = ads_init_mods(mem_ctx))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - ads_status = ads_mod_str(mem_ctx, &mods, "cn", hostname); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_strlist(mem_ctx, &mods, "objectClass", objectClass); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "userPrincipalName", host_upn); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "displayName", hostname); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "sAMAccountName", name); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr); - if (!ADS_ERR_OK(ads_status)) - goto done; - - ads_status = ads_mod_str(mem_ctx, &mods, "servicePrincipalName", host_spn); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "dNSHostName", hostname); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr); - if (!ADS_ERR_OK(ads_status)) - goto done; - /* ads_status = ads_mod_str(mem_ctx, &mods, "operatingSystem", "Samba"); - if (!ADS_ERR_OK(ads_status)) - goto done; - *//* ads_status = ads_mod_str(mem_ctx, &mods, "operatingSystemVersion", VERSION); - if (!ADS_ERR_OK(ads_status)) - goto done; - */ - /* End Computer account */ - } else { - /* User account*/ - char *upn, *controlstr; - char *name, *fullname; - const char *objectClass[] = {"top", "person", "organizationalPerson", - "user", NULL}; - - ads_status = ADS_ERROR_NT(sam_get_account_name(account,&name)); - if (!ADS_ERR_OK(ads_status)) - goto done; - - ads_status = ADS_ERROR_NT(sam_get_account_fullname(account,&fullname)); - if (!ADS_ERR_OK(ads_status)) - goto done; - - if (!(upn = talloc_asprintf(mem_ctx, "%s@%s", name, ads_struct->config.realm))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(new_dn = talloc_asprintf(mem_ctx, "CN=%s,CN=Users,%s", fullname, - ads_struct->config.bind_path))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(controlstr = talloc_asprintf(mem_ctx, "%u", ads_acb2uf(acct_ctrl)))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - if (!(mods = ads_init_mods(mem_ctx))) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - goto done; - } - - ads_status = ads_mod_str(mem_ctx, &mods, "cn", fullname); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_strlist(mem_ctx, &mods, "objectClass", objectClass); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "userPrincipalName", upn); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "displayName", fullname); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "sAMAccountName", name); - if (!ADS_ERR_OK(ads_status)) - goto done; - ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr); - if (!ADS_ERR_OK(ads_status)) - goto done; - }/* End User account */ - - /* Finally at the account */ - ads_status = ads_gen_add(ads_struct, new_dn, mods); - -done: - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_update_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_delete_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - - - - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_enum_accounts(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -#if 0 -static NTSTATUS sam_ads_get_account_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *account_sid, SAM_ACCOUNT_HANDLE **account) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = privates->mem_ctx; - SEC_DESC *sd = NULL; - uint32 acc_granted; - - SAM_ASSERT(sam_method && privates && ads_struct && access_token && account_sid && account); - - ads_status = ADS_ERROR_NT(sam_ads_get_sec_desc(sam_method, access_token, account_sid, &my_sd)); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = ADS_ERROR_NT(sam_init_account(account)); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - (*account)->access_granted = acc_granted; - - return ads_ntstatus(ads_status); -} -#else -static NTSTATUS sam_ads_get_account_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *account_sid, SAM_ACCOUNT_HANDLE **account) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} -#endif - -#if 0 -static NTSTATUS sam_ads_get_account_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *account_name, SAM_ACCOUNT_HANDLE **account) -{ - ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = privates->mem_ctx; - SEC_DESC *sd = NULL; - uint32 acc_granted; - - SAM_ASSERT(sam_method && privates && ads_struct && access_token && account_name && account); - - ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &sd); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - ads_status = ADS_ERROR_NT(sam_init_account(account)); - if (!ADS_ERR_OK(ads_status)) - return ads_ntstatus(ads_status); - - (*account)->access_granted = acc_granted; - - return ads_ntstatus(ads_status); -} -#else -static NTSTATUS sam_ads_get_account_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *account_name, SAM_ACCOUNT_HANDLE **account) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} -#endif - -/* Group API */ -static NTSTATUS sam_ads_create_group(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_add_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_update_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_delete_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_enum_groups(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data; - ADS_STRUCT *ads_struct = privates->ads_struct; - TALLOC_CTX *mem_ctx = privates->mem_ctx; - void *res = NULL; - void *msg = NULL; - char *filter = NULL; - int i = 0; - - /* get only these LDAP attributes, witch we really need for a group */ - const char *group_enum_attrs[] = {"objectSid", - "description", - "sAMAcountName", - NULL}; - - SAM_ASSERT(sam_method && access_token && groups_count && groups); - - *groups_count = 0; - - DEBUG(3,("ads: enum_dom_groups\n")); - - FIXME("get only group from the wanted Type!\n"); - asprintf(&filter, "(&(objectClass=group)(groupType=%s))", "*"); - ads_status = sam_ads_do_search(privates, ads_struct->config.bind_path, LDAP_SCOPE_SUBTREE, filter, group_enum_attrs, &res); - if (!ADS_ERR_OK(ads_status)) { - DEBUG(1,("enum_groups ads_search: %s\n", ads_errstr(ads_status))); - } - - *groups_count = ads_count_replies(ads_struct, res); - if (*groups_count == 0) { - DEBUG(1,("enum_groups: No groups found\n")); - } - - (*groups) = talloc_zero(mem_ctx, (*groups_count) * sizeof(**groups)); - if (!*groups) { - ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); - } - - for (msg = ads_first_entry(ads_struct, res); msg; msg = ads_next_entry(ads_struct, msg)) { - uint32 grouptype; - - if (!ads_pull_uint32(ads_struct, msg, "groupType", &grouptype)) { - ; - } else { - (*groups)->group_ctrl = ads_gtype2gcb(grouptype); - } - - if (!((*groups)->group_name = ads_pull_string(ads_struct, mem_ctx, msg, "sAMAccountName"))) { - ; - } - - if (!((*groups)->group_desc = ads_pull_string(ads_struct, mem_ctx, msg, "description"))) { - ; - } - - if (!ads_pull_sid(ads_struct, msg, "objectSid", &((*groups)->sid))) { - DEBUG(1,("No sid for group %s !?\n", (*groups)->group_name)); - continue; - } - - i++; - } - - (*groups_count) = i; - - ads_status = ADS_ERROR_NT(NT_STATUS_OK); - - DEBUG(3,("ads enum_dom_groups gave %d entries\n", (*groups_count))); - - if (res) ads_msgfree(ads_struct, res); - - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_get_group_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_get_group_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_add_member_to_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_delete_member_from_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_enum_groupmembers(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -static NTSTATUS sam_ads_get_groups_of_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const DOM_SID **sids, const uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) -{ - ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED; - DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO)); - SAM_ASSERT(sam_method); - return ads_ntstatus(ads_status); -} - -/********************************** -Free our private data -***********************************/ -static void sam_ads_free_private_data(void **vp) -{ - SAM_ADS_PRIVATES **sam_ads_state = (SAM_ADS_PRIVATES **)vp; - - if ((*sam_ads_state)->ads_struct->ld) { - ldap_unbind((*sam_ads_state)->ads_struct->ld); - } - - ads_destroy(&((*sam_ads_state)->ads_struct)); - - talloc_destroy((*sam_ads_state)->mem_ctx); - FIXME("maybe we must free some other stuff here\n"); - - *sam_ads_state = NULL; -} - - - -/***************************************************** -Init the ADS SAM backend -******************************************************/ -NTSTATUS sam_init_ads(SAM_METHODS *sam_method, const char *module_params) -{ - ADS_STATUS ads_status; - SAM_ADS_PRIVATES *sam_ads_state; - TALLOC_CTX *mem_ctx; - - SAM_ASSERT(sam_method && sam_method->parent); - - mem_ctx = sam_method->parent->mem_ctx; - - /* Here the SAM API functions of the sam_ads module */ - - /* General API */ - - sam_method->sam_get_sec_desc = sam_ads_get_sec_desc; - sam_method->sam_set_sec_desc = sam_ads_set_sec_desc; - - sam_method->sam_lookup_sid = sam_ads_lookup_sid; - sam_method->sam_lookup_name = sam_ads_lookup_name; - - /* Domain API */ - - sam_method->sam_update_domain = sam_ads_update_domain; - sam_method->sam_get_domain_handle = sam_ads_get_domain_handle; - - /* Account API */ - - sam_method->sam_create_account = sam_ads_create_account; - sam_method->sam_add_account = sam_ads_add_account; - sam_method->sam_update_account = sam_ads_update_account; - sam_method->sam_delete_account = sam_ads_delete_account; - sam_method->sam_enum_accounts = sam_ads_enum_accounts; - - sam_method->sam_get_account_by_sid = sam_ads_get_account_by_sid; - sam_method->sam_get_account_by_name = sam_ads_get_account_by_name; - - /* Group API */ - - sam_method->sam_create_group = sam_ads_create_group; - sam_method->sam_add_group = sam_ads_add_group; - sam_method->sam_update_group = sam_ads_update_group; - sam_method->sam_delete_group = sam_ads_delete_group; - sam_method->sam_enum_groups = sam_ads_enum_groups; - sam_method->sam_get_group_by_sid = sam_ads_get_group_by_sid; - sam_method->sam_get_group_by_name = sam_ads_get_group_by_name; - - sam_method->sam_add_member_to_group = sam_ads_add_member_to_group; - sam_method->sam_delete_member_from_group = sam_ads_delete_member_from_group; - sam_method->sam_enum_groupmembers = sam_ads_enum_groupmembers; - - sam_method->sam_get_groups_of_sid = sam_ads_get_groups_of_sid; - - sam_ads_state = talloc_zero(mem_ctx, sizeof(SAM_ADS_PRIVATES)); - if (!sam_ads_state) { - DEBUG(0, ("talloc() failed for sam_ads private_data!\n")); - return NT_STATUS_NO_MEMORY; - } - - if (!(sam_ads_state->mem_ctx = talloc_init("sam_ads_method"))) { - DEBUG(0, ("talloc_init() failed for sam_ads_state->mem_ctx\n")); - return NT_STATUS_NO_MEMORY; - } - - sam_ads_state->ads_bind_dn = talloc_strdup(sam_ads_state->mem_ctx, lp_parm_string(NULL,"sam_ads","bind as")); - sam_ads_state->ads_bind_pw = talloc_strdup(sam_ads_state->mem_ctx, lp_parm_string(NULL,"sam_ads","bind pw")); - - sam_ads_state->bind_plaintext = strequal(lp_parm_string(NULL, "sam_ads", "plaintext bind"), "yes"); - - if (!sam_ads_state->ads_bind_dn || !sam_ads_state->ads_bind_pw) { - DEBUG(0, ("talloc_strdup() failed for bind dn or password\n")); - return NT_STATUS_NO_MEMORY; - } - - /* Maybe we should not check the result here? Server down on startup? */ - - if (module_params && *module_params) { - sam_ads_state->ldap_uri = talloc_strdup(sam_ads_state->mem_ctx, module_params); - if (!sam_ads_state->ldap_uri) { - DEBUG(0, ("talloc_strdup() failed for bind dn or password\n")); - return NT_STATUS_NO_MEMORY; - } - } else { - sam_ads_state->ldap_uri = "ldapi://"; - } - - ads_status = sam_ads_cached_connection(sam_ads_state); - if (!ADS_ERR_OK(ads_status)) { - return ads_ntstatus(ads_status); - } - - sam_method->private_data = sam_ads_state; - sam_method->free_private_data = sam_ads_free_private_data; - - sam_ads_debug_level = debug_add_class("sam_ads"); - if (sam_ads_debug_level == -1) { - sam_ads_debug_level = DBGC_ALL; - DEBUG(0, ("sam_ads: Couldn't register custom debugging class!\n")); - } else DEBUG(2, ("sam_ads: Debug class number of 'sam_ads': %d\n", sam_ads_debug_level)); - - DEBUG(5, ("Initializing sam_ads\n")); - if (module_params) - DEBUG(10, ("Module Parameters for Domain %s[%s]: %s\n", sam_method->domain_name, sam_method->domain_name, module_params)); - return NT_STATUS_OK; -} - -#else /* HAVE_LDAP */ -void sam_ads_dummy(void) -{ - DEBUG(0,("sam_ads: not supported!\n")); -} -#endif /* HAVE_LDAP */ diff --git a/source3/sam/sam_skel.c b/source3/sam/sam_skel.c deleted file mode 100644 index b4d64bb6da..0000000000 --- a/source3/sam/sam_skel.c +++ /dev/null @@ -1,251 +0,0 @@ -/* - Unix SMB/CIFS implementation. - this is a skeleton for SAM backend modules. - - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jelmer Vernooij 2002 - Copyright (C) Andrew Bartlett 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -static int sam_skel_debug_level = DBGC_SAM; - -#undef DBGC_CLASS -#define DBGC_CLASS sam_skel_debug_level - -/* define the version of the SAM interface */ -SAM_MODULE_VERSIONING_MAGIC - -/* General API */ - -static NTSTATUS sam_skel_get_sec_desc(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_set_sec_desc(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS sam_skel_lookup_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_lookup_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const char *name, DOM_SID *sid, uint32 *type) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -/* Domain API */ - -static NTSTATUS sam_skel_update_domain(const SAM_METHODS *sam_methods, const SAM_DOMAIN_HANDLE *domain) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_get_domain_handle(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, SAM_DOMAIN_HANDLE **domain) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -/* Account API */ - -static NTSTATUS sam_skel_create_account(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_add_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_update_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_delete_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_enum_accounts(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS sam_skel_get_account_by_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_get_account_by_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_ACCOUNT_HANDLE **account) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -/* Group API */ - -static NTSTATUS sam_skel_create_group(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_add_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_update_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_delete_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_enum_groups(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_get_group_by_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_get_group_by_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS sam_skel_add_member_to_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_delete_member_from_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS sam_skel_enum_groupmembers(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS sam_skel_get_groups_of_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) -{ - DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO)); - return NT_STATUS_NOT_IMPLEMENTED; -} - -NTSTATUS sam_init_skel(SAM_METHODS *sam_methods, const char *module_params) -{ - /* Functions your SAM module doesn't provide should be set - * to NULL */ - - sam_methods->sam_get_sec_desc = sam_skel_get_sec_desc; - sam_methods->sam_set_sec_desc = sam_skel_set_sec_desc; - - sam_methods->sam_lookup_sid = sam_skel_lookup_sid; - sam_methods->sam_lookup_name = sam_skel_lookup_name; - - /* Domain API */ - - sam_methods->sam_update_domain = sam_skel_update_domain; - sam_methods->sam_get_domain_handle = sam_skel_get_domain_handle; - - /* Account API */ - - sam_methods->sam_create_account = sam_skel_create_account; - sam_methods->sam_add_account = sam_skel_add_account; - sam_methods->sam_update_account = sam_skel_update_account; - sam_methods->sam_delete_account = sam_skel_delete_account; - sam_methods->sam_enum_accounts = sam_skel_enum_accounts; - - sam_methods->sam_get_account_by_sid = sam_skel_get_account_by_sid; - sam_methods->sam_get_account_by_name = sam_skel_get_account_by_name; - - /* Group API */ - - sam_methods->sam_create_group = sam_skel_create_group; - sam_methods->sam_add_group = sam_skel_add_group; - sam_methods->sam_update_group = sam_skel_update_group; - sam_methods->sam_delete_group = sam_skel_delete_group; - sam_methods->sam_enum_groups = sam_skel_enum_groups; - sam_methods->sam_get_group_by_sid = sam_skel_get_group_by_sid; - sam_methods->sam_get_group_by_name = sam_skel_get_group_by_name; - - sam_methods->sam_add_member_to_group = sam_skel_add_member_to_group; - sam_methods->sam_delete_member_from_group = sam_skel_delete_member_from_group; - sam_methods->sam_enum_groupmembers = sam_skel_enum_groupmembers; - - sam_methods->sam_get_groups_of_sid = sam_skel_get_groups_of_sid; - - sam_methods->free_private_data = NULL; - - - sam_skel_debug_level = debug_add_class("sam_skel"); - if (sam_skel_debug_level == -1) { - sam_skel_debug_level = DBGC_SAM; - DEBUG(0, ("sam_skel: Couldn't register custom debugging class!\n")); - } else DEBUG(2, ("sam_skel: Debug class number of 'sam_skel': %d\n", sam_skel_debug_level)); - - if(module_params) - DEBUG(0, ("Starting 'sam_skel' with parameters '%s' for domain %s\n", module_params, sam_methods->domain_name)); - else - DEBUG(0, ("Starting 'sam_skel' for domain %s without paramters\n", sam_methods->domain_name)); - - return NT_STATUS_OK; -} diff --git a/source3/script/find_missing_doc.pl b/source3/script/find_missing_doc.pl index b27a405e4d..b582446569 100755 --- a/source3/script/find_missing_doc.pl +++ b/source3/script/find_missing_doc.pl @@ -30,7 +30,7 @@ close(IN); open(IN,$topdir.$doc_file) || die("Can't open $topdir$doc_file"); while(<IN>) { - if( /<term><anchor id="([^"]*)"\/>([^<]*?)([ ]*)\(.\)([ ]*)<\/term>/g ) { + if( /<term><anchor id="([^"]*)">([^<]*?)([ ]*)\(.\)([ ]*)<\/term>/g ) { $key = $1; $value = $2; $doc{$value} = $key; diff --git a/source3/script/genstruct.pl b/source3/script/genstruct.pl deleted file mode 100755 index a6abd718c9..0000000000 --- a/source3/script/genstruct.pl +++ /dev/null @@ -1,299 +0,0 @@ -#!/usr/bin/perl -w -# a simple system for generating C parse info -# this can be used to write generic C structer load/save routines -# Copyright 2002 Andrew Tridgell <genstruct@tridgell.net> -# released under the GNU General Public License v2 or later - -use strict; - -my(%enum_done) = (); -my(%struct_done) = (); - -################################################### -# general handler -sub handle_general($$$$$$$$) -{ - my($name) = shift; - my($ptr_count) = shift; - my($size) = shift; - my($element) = shift; - my($flags) = shift; - my($dump_fn) = shift; - my($parse_fn) = shift; - my($tflags) = shift; - my($array_len) = 0; - my($dynamic_len) = "NULL"; - - # handle arrays, currently treat multidimensional arrays as 1 dimensional - while ($element =~ /(.*)\[(.*?)\]$/) { - $element = $1; - if ($array_len == 0) { - $array_len = $2; - } else { - $array_len = "$2 * $array_len"; - } - } - - if ($flags =~ /_LEN\((\w*?)\)/) { - $dynamic_len = "\"$1\""; - } - - if ($flags =~ /_NULLTERM/) { - $tflags = "FLAG_NULLTERM"; - } - - print OFILE "{\"$element\", $ptr_count, $size, offsetof(struct $name, $element), $array_len, $dynamic_len, $tflags, $dump_fn, $parse_fn},\n"; -} - - -#################################################### -# parse one element -sub parse_one($$$$) -{ - my($name) = shift; - my($type) = shift; - my($element) = shift; - my($flags) = shift; - my($ptr_count) = 0; - my($size) = "sizeof($type)"; - my($tflags) = "0"; - - # enums get the FLAG_ALWAYS flag - if ($type =~ /^enum /) { - $tflags = "FLAG_ALWAYS"; - } - - - # make the pointer part of the base type - while ($element =~ /^\*(.*)/) { - $ptr_count++; - $element = $1; - } - - # convert spaces to _ - $type =~ s/ /_/g; - - my($dump_fn) = "gen_dump_$type"; - my($parse_fn) = "gen_parse_$type"; - - handle_general($name, $ptr_count, $size, $element, $flags, $dump_fn, $parse_fn, $tflags); -} - -#################################################### -# parse one element -sub parse_element($$$) -{ - my($name) = shift; - my($element) = shift; - my($flags) = shift; - my($type); - my($data); - - # pull the base type - if ($element =~ /^struct (\S*) (.*)/) { - $type = "struct $1"; - $data = $2; - } elsif ($element =~ /^enum (\S*) (.*)/) { - $type = "enum $1"; - $data = $2; - } elsif ($element =~ /^unsigned (\S*) (.*)/) { - $type = "unsigned $1"; - $data = $2; - } elsif ($element =~ /^(\S*) (.*)/) { - $type = $1; - $data = $2; - } else { - die "Can't parse element '$element'"; - } - - # handle comma separated lists - while ($data =~ /(\S*),[\s]?(.*)/) { - parse_one($name, $type, $1, $flags); - $data = $2; - } - parse_one($name, $type, $data, $flags); -} - - -my($first_struct) = 1; - -#################################################### -# parse the elements of one structure -sub parse_elements($$) -{ - my($name) = shift; - my($elements) = shift; - - if ($first_struct) { - $first_struct = 0; - print "Parsing structs: $name"; - } else { - print ", $name"; - } - - print OFILE "int gen_dump_struct_$name(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned);\n"; - print OFILE "int gen_parse_struct_$name(TALLOC_CTX *mem_ctx, char *, const char *);\n"; - - print OFILE "static const struct parse_struct pinfo_" . $name . "[] = {\n"; - - - while ($elements =~ /^.*?([a-z].*?);\s*?(\S*?)\s*?$(.*)/msi) { - my($element) = $1; - my($flags) = $2; - $elements = $3; - parse_element($name, $element, $flags); - } - - print OFILE "{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}};\n"; - - print OFILE " -int gen_dump_struct_$name(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_$name, p, ptr, indent); -} -int gen_parse_struct_$name(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_$name, ptr, str); -} - -"; -} - -my($first_enum) = 1; - -#################################################### -# parse out the enum declarations -sub parse_enum_elements($$) -{ - my($name) = shift; - my($elements) = shift; - - if ($first_enum) { - $first_enum = 0; - print "Parsing enums: $name"; - } else { - print ", $name"; - } - - print OFILE "static const struct enum_struct einfo_" . $name . "[] = {\n"; - - my(@enums) = split(/,/s, $elements); - for (my($i)=0; $i <= $#{@enums}; $i++) { - my($enum) = $enums[$i]; - if ($enum =~ /\s*(\w*)/) { - my($e) = $1; - print OFILE "{\"$e\", $e},\n"; - } - } - - print OFILE "{NULL, 0}};\n"; - - print OFILE " -int gen_dump_enum_$name(struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_enum(einfo_$name, p, ptr, indent); -} - -int gen_parse_enum_$name(char *ptr, const char *str) { - return gen_parse_enum(einfo_$name, ptr, str); -} - -"; -} - -#################################################### -# parse out the enum declarations -sub parse_enums($) -{ - my($data) = shift; - - while ($data =~ /^GENSTRUCT\s+enum\s+(\w*?)\s*{(.*?)}\s*;(.*)/ms) { - my($name) = $1; - my($elements) = $2; - $data = $3; - - if (!defined($enum_done{$name})) { - $enum_done{$name} = 1; - parse_enum_elements($name, $elements); - } - } - - if (! $first_enum) { - print "\n"; - } -} - -#################################################### -# parse all the structures -sub parse_structs($) -{ - my($data) = shift; - - # parse into structures - while ($data =~ /^GENSTRUCT\s+struct\s+(\w+?)\s*{\s*(.*?)\s*}\s*;(.*)/ms) { - my($name) = $1; - my($elements) = $2; - $data = $3; - if (!defined($struct_done{$name})) { - $struct_done{$name} = 1; - parse_elements($name, $elements); - } - } - - if (! $first_struct) { - print "\n"; - } else { - print "No GENSTRUCT structures found?\n"; - } -} - - -#################################################### -# parse a header file, generating a dumper structure -sub parse_data($) -{ - my($data) = shift; - - # collapse spaces - $data =~ s/[\t ]+/ /sg; - $data =~ s/\s*\n\s+/\n/sg; - # strip debug lines - $data =~ s/^\#.*?\n//smg; - - parse_enums($data); - parse_structs($data); -} - - -######################################### -# display help text -sub ShowHelp() -{ - print " -generator for C structure dumpers -Copyright Andrew Tridgell <genstruct\@tridgell.net> - -Sample usage: - genstruct -o output.h gcc -E -O2 -g test.h - -Options: - --help this help page - -o OUTPUT place output in OUTPUT -"; - exit(0); -} - -######################################## -# main program -if ($ARGV[0] ne "-o" || $#ARGV < 2) { - ShowHelp(); -} - -shift; -my($opt_ofile)=shift; - -print "creating $opt_ofile\n"; - -open(OFILE, ">$opt_ofile") || die "can't open $opt_ofile"; - -print OFILE "/* This is an automatically generated file - DO NOT EDIT! */\n\n"; - -parse_data(`@ARGV -DGENSTRUCT=GENSTRUCT`); -exit(0); diff --git a/source3/smbd/build_options.c b/source3/smbd/build_options.c index 43335666a6..da5accebab 100644 --- a/source3/smbd/build_options.c +++ b/source3/smbd/build_options.c @@ -104,6 +104,15 @@ void build_options(BOOL screen) #ifdef WITH_PAM output(screen," WITH_PAM\n"); #endif +#ifdef WITH_TDB_SAM + output(screen," WITH_TDB_SAM\n"); +#endif +#ifdef WITH_SMBPASSWD_SAM + output(screen," WITH_SMBPASSWD_SAM\n"); +#endif +#ifdef WITH_NISPLUS_SAM + output(screen," WITH_NISPLUS_SAM\n"); +#endif #ifdef WITH_NISPLUS_HOME output(screen," WITH_NISPLUS_HOME\n"); #endif @@ -523,9 +532,6 @@ void build_options(BOOL screen) output(screen," sizeof(uint32): %d\n",sizeof(uint32)); output(screen," sizeof(short): %d\n",sizeof(short)); output(screen," sizeof(void*): %d\n",sizeof(void*)); - - output(screen,"\nBuiltin modules:\n"); - output(screen,"%s\n", STRING_STATIC_MODULES); } diff --git a/source3/smbd/conn.c b/source3/smbd/conn.c index b6c7aa1076..38fa2e0237 100644 --- a/source3/smbd/conn.c +++ b/source3/smbd/conn.c @@ -201,18 +201,15 @@ void conn_free(connection_struct *conn) /* Free vfs_connection_struct */ handle = conn->vfs_private; while(handle) { - /* Only call dlclose for the old modules */ - if (handle->handle) { - /* Close dlopen() handle */ - done_fptr = (void (*)(connection_struct *))sys_dlsym(handle->handle, "vfs_done"); - - if (done_fptr == NULL) { - DEBUG(3, ("No vfs_done() symbol found in module with handle %p, ignoring\n", handle->handle)); - } else { - done_fptr(conn); - } - sys_dlclose(handle->handle); - } + /* Close dlopen() handle */ + done_fptr = (void (*)(connection_struct *))sys_dlsym(handle->handle, "vfs_done"); + + if (done_fptr == NULL) { + DEBUG(3, ("No vfs_done() symbol found in module with handle %p, ignoring\n", handle->handle)); + } else { + done_fptr(conn); + } + sys_dlclose(handle->handle); DLIST_REMOVE(conn->vfs_private, handle); thandle = handle->next; SAFE_FREE(handle); diff --git a/source3/smbd/process.c b/source3/smbd/process.c index de1bea493f..16ef30c46c 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -44,7 +44,7 @@ extern userdom_struct current_user_info; extern int smb_read_error; SIG_ATOMIC_T reload_after_sighup = 0; SIG_ATOMIC_T got_sig_term = 0; -BOOL global_machine_password_needs_changing = False; +extern BOOL global_machine_password_needs_changing; extern int max_send; /**************************************************************************** diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b2dab2fea2..d655184042 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -148,7 +148,7 @@ int reply_tcon(connection_struct *conn, const char *service; pstring service_buf; pstring password; - fstring dev; + pstring dev; int outsize = 0; uint16 vuid = SVAL(inbuf,smb_uid); int pwlen=0; @@ -204,7 +204,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt { fstring service; DATA_BLOB password; - + /* what the cleint thinks the device is */ fstring client_devicetype; /* what the server tells the client the share represents */ @@ -286,12 +286,13 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt const char *fsname = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); set_message(outbuf,3,0,True); - - p = smb_buf(outbuf); + + p = smb_buf(outbuf); p += srvstr_push(outbuf, p, server_devicetype, -1, - STR_TERMINATE|STR_ASCII); - p += srvstr_push(outbuf, p, fsname, -1, - STR_TERMINATE); + STR_TERMINATE|STR_ASCII); + p += srvstr_push(outbuf, p, fsname, -1, + STR_TERMINATE); + set_message_end(outbuf,p); /* what does setting this bit do? It is set by NT4 and @@ -1463,6 +1464,7 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int dum_buffsize) { + extern struct current_user current_user; ssize_t maxcount,mincount; size_t nread = 0; SMB_OFF_T startpos; @@ -2360,6 +2362,7 @@ int reply_exit(connection_struct *conn, int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { + extern struct current_user current_user; int outsize = 0; time_t mtime; int32 eclass = 0, err = 0; @@ -2380,7 +2383,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * We can only use CHECK_FSP if we know it's not a directory. */ - if(!fsp || (fsp->conn != conn)) { + if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) { END_PROFILE(SMBclose); return ERROR_DOS(ERRDOS,ERRbadfid); } diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 8ce20c87a4..a6d3d92a8a 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -833,16 +833,9 @@ static BOOL init_structs(void ) if (!init_registry()) exit(1); - if (!idmap_init(lp_idmap_backend())) - exit(1); - if(!initialize_password_db(False)) exit(1); - static_init_rpc; - - init_modules(); - uni_group_cache_init(); /* Non-critical */ /* possibly reload the services file. */ @@ -871,10 +864,6 @@ static BOOL init_structs(void ) if (!init_change_notify()) exit(1); - /* Setup privileges database */ - if (!privilege_init()) - exit(1); - /* re-initialise the timezone */ TimeInit(); @@ -884,7 +873,6 @@ static BOOL init_structs(void ) smbd_process(); uni_group_cache_shutdown(); - namecache_shutdown(); exit_server("normal exit"); return(0); } diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 0fa65f47ca..b9cf0de3bd 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -722,33 +722,6 @@ static void store_gid_sid_cache(const DOM_SID *psid, const enum SID_NAME_USE sid DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid) { -#ifdef WITH_IDMAP - unid_t id; - - DEBUG(10,("uid_to_sid: uid = [%d]\n", uid)); - - id.uid = uid; - if (NT_STATUS_IS_OK(idmap_get_sid_from_id(psid, id, ID_USERID))) { - DEBUG(10, ("uid_to_sid: sid = [%s]\n", sid_string_static(psid))); - return psid; - } - - /* If mapping is not found in idmap try with traditional method, - then stores the result in idmap. - We may add a switch in future to allow smooth migrations to - idmap-only db ---Simo */ - - become_root(); - psid = local_uid_to_sid(psid, uid); - unbecome_root(); - - DEBUG(10,("uid_to_sid: algorithmic %u -> %s\n", (unsigned int)uid, sid_string_static(psid))); - if (psid) - idmap_set_mapping(psid, id, ID_USERID); - - return psid; - -#else uid_t low, high; enum SID_NAME_USE sidtype; fstring sid; @@ -756,7 +729,7 @@ DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid) if (fetch_sid_from_uid_cache(psid, &sidtype, uid)) return psid; - if (lp_idmap_uid(&low, &high) && uid >= low && uid <= high) { + if (lp_winbind_uid(&low, &high) && uid >= low && uid <= high) { if (winbind_uid_to_sid(psid, uid)) { DEBUG(10,("uid_to_sid: winbindd %u -> %s\n", @@ -778,7 +751,6 @@ DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid) store_uid_sid_cache(psid, SID_NAME_USER, uid); return psid; -#endif } /***************************************************************** @@ -789,33 +761,6 @@ DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid) DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid) { -#ifdef WITH_IDMAP - unid_t id; - - DEBUG(10,("gid_to_sid: gid = [%d]\n", gid)); - - id.gid = gid; - if (NT_STATUS_IS_OK(idmap_get_sid_from_id(psid, id, ID_GROUPID))) { - DEBUG(10, ("gid_to_sid: sid = [%s]\n", sid_string_static(psid))); - return psid; - } - - /* If mapping is not found in idmap try with traditional method, - then stores the result in idmap. - We may add a switch in future to allow smooth migrations to - idmap-only db ---Simo */ - - become_root(); - psid = local_gid_to_sid(psid, gid); - unbecome_root(); - - DEBUG(10,("gid_to_sid: algorithmic %u -> %s\n", (unsigned int)gid, sid_string_static(psid))); - if (psid) - idmap_set_mapping(psid, id, ID_GROUPID); - - return psid; - -#else gid_t low, high; enum SID_NAME_USE sidtype; fstring sid; @@ -823,7 +768,7 @@ DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid) if (fetch_sid_from_gid_cache(psid, &sidtype, gid)) return psid; - if (lp_idmap_gid(&low, &high) && gid >= low && gid <= high) { + if (lp_winbind_gid(&low, &high) && gid >= low && gid <= high) { if (winbind_gid_to_sid(psid, gid)) { DEBUG(10,("gid_to_sid: winbindd %u -> %s\n", @@ -844,7 +789,6 @@ DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid) store_gid_sid_cache(psid, SID_NAME_DOM_GRP, gid); return psid; -#endif } /***************************************************************** @@ -856,35 +800,6 @@ DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid) BOOL sid_to_uid(const DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype) { -#ifdef WITH_IDMAP - unid_t id; - int type; - - DEBUG(10,("sid_to_uid: sid = [%s]\n", sid_string_static(psid))); - - *sidtype = SID_NAME_USER; - - type = ID_USERID; - if (NT_STATUS_IS_OK(idmap_get_id_from_sid(&id, &type, psid))) { - DEBUG(10,("sid_to_uid: uid = [%d]\n", id.uid)); - *puid = id.uid; - return True; - } - - if (sid_compare_domain(get_global_sam_sid(), psid) == 0) { - BOOL result; - become_root(); - result = local_sid_to_uid(puid, psid, sidtype); - unbecome_root(); - if (result) { - id.uid = *puid; - DEBUG(10,("sid_to_uid: uid = [%d]\n", id.uid)); - idmap_set_mapping(psid, id, ID_USERID); - return True; - } - } - return False; -#else fstring sid_str; if (fetch_uid_from_cache(puid, psid, *sidtype)) @@ -958,7 +873,6 @@ BOOL sid_to_uid(const DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype) store_uid_sid_cache(psid, *sidtype, *puid); return True; -#endif } /***************************************************************** @@ -970,37 +884,6 @@ BOOL sid_to_uid(const DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype) BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype) { -#ifdef WITH_IDMAP - unid_t id; - int type; - - DEBUG(10,("sid_to_gid: sid = [%s]\n", sid_string_static(psid))); - - *sidtype = SID_NAME_ALIAS; - - type = ID_GROUPID; - if (NT_STATUS_IS_OK(idmap_get_id_from_sid(&id, &type, psid))) { - DEBUG(10,("sid_to_gid: gid = [%d]\n", id.gid)); - *pgid = id.gid; - return True; - } - - if (sid_compare_domain(get_global_sam_sid(), psid) == 0) { - BOOL result; - become_root(); - result = local_sid_to_gid(pgid, psid, sidtype); - unbecome_root(); - if (result) { - id.gid = *pgid; - DEBUG(10,("sid_to_gid: gid = [%d]\n", id.gid)); - idmap_set_mapping(psid, id, ID_GROUPID); - return True; - } - } - - return False; - -#else fstring dom_name, name, sid_str; enum SID_NAME_USE name_type; @@ -1061,6 +944,5 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype) store_gid_sid_cache(psid, *sidtype, *pgid); return True; -#endif } diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c index 06aca51322..533c64b229 100644 --- a/source3/smbd/vfs.c +++ b/source3/smbd/vfs.c @@ -27,13 +27,6 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_VFS -struct vfs_init_function_entry { - char *name; - vfs_op_tuple *ops, *(*init)(const struct vfs_ops *, struct smb_vfs_handle_struct *); - struct vfs_init_function_entry *prev, *next; -}; - -static struct vfs_init_function_entry *backends = NULL; /* Some structures to help us initialise the vfs operations table */ @@ -135,59 +128,6 @@ static struct vfs_ops default_vfs_ops = { }; /**************************************************************************** - maintain the list of available backends -****************************************************************************/ - -static struct vfs_init_function_entry *vfs_find_backend_entry(const char *name) -{ - struct vfs_init_function_entry *entry = backends; - pstring stripped; - - module_path_get_name(name, stripped); - - while(entry) { - if (strequal(entry->name, stripped)) return entry; - entry = entry->next; - } - - return NULL; -} - -BOOL smb_register_vfs(const char *name, vfs_op_tuple *(*init)(const struct vfs_ops *, struct smb_vfs_handle_struct *), int version) -{ - struct vfs_init_function_entry *entry = backends; - - if ((version < SMB_VFS_INTERFACE_CASCADED)) { - DEBUG(0, ("vfs_init() returned wrong interface version info (was %d, should be no less than %d)\n", - version, SMB_VFS_INTERFACE_VERSION )); - return False; - } - - if ((version < SMB_VFS_INTERFACE_VERSION)) { - DEBUG(0, ("Warning: vfs_init() states that module confirms interface version #%d, current interface version is #%d.\n\ - Proceeding in compatibility mode, new operations (since version #%d) will fallback to default ones.\n", - version, SMB_VFS_INTERFACE_VERSION, version )); - return False; - } - - while(entry) { - if (strequal(entry->name, name)) { - DEBUG(0,("VFS module %s already loaded!\n", name)); - return False; - } - entry = entry->next; - } - - entry = smb_xmalloc(sizeof(struct vfs_init_function_entry)); - entry->name = smb_xstrdup(name); - entry->init = init; - - DLIST_ADD(backends, entry); - DEBUG(5, ("Successfully added vfs backend '%s'\n", name)); - return True; -} - -/**************************************************************************** initialise default vfs hooks ****************************************************************************/ @@ -199,19 +139,23 @@ static void vfs_init_default(connection_struct *conn) conn->vfs_private = NULL; } -/*************************************************************************** - Function to load old VFS modules. Should go away after a while. - **************************************************************************/ +/**************************************************************************** + initialise custom vfs hooks +****************************************************************************/ -static vfs_op_tuple *vfs_load_old_plugin(connection_struct *conn, const char *vfs_object) +BOOL vfs_init_custom(connection_struct *conn, const char *vfs_object) { int vfs_version = -1; - vfs_op_tuple *ops, *(*init_fptr)(int *, const struct vfs_ops *, struct smb_vfs_handle_struct *); + vfs_op_tuple *ops, *(*init_fptr)(int *, const struct vfs_ops *, struct smb_vfs_handle_struct *); + int i; + + DEBUG(3, ("Initialising custom vfs hooks from %s\n", vfs_object)); + /* Open object file */ if ((conn->vfs_private->handle = sys_dlopen(vfs_object, RTLD_NOW)) == NULL) { DEBUG(0, ("Error opening %s: %s\n", vfs_object, sys_dlerror())); - return NULL; + return False; } /* Get handle on vfs_init() symbol */ @@ -221,73 +165,32 @@ static vfs_op_tuple *vfs_load_old_plugin(connection_struct *conn, const char *vf if (init_fptr == NULL) { DEBUG(0, ("No vfs_init() symbol found in %s\n", vfs_object)); sys_dlclose(conn->vfs_private->handle); - return NULL; + return False; } /* Initialise vfs_ops structure */ - if ((ops = init_fptr(&vfs_version, &conn->vfs_ops, conn->vfs_private)) == NULL) { - DEBUG(0, ("vfs_init() function from %s failed\n", vfs_object)); - sys_dlclose(conn->vfs_private->handle); - return NULL; - } - if ((vfs_version < SMB_VFS_INTERFACE_CASCADED)) { - DEBUG(0, ("vfs_init() returned wrong interface version info (was %d, should be no less than %d)\n", - vfs_version, SMB_VFS_INTERFACE_VERSION )); + if ((ops = init_fptr(&vfs_version, &conn->vfs_ops, conn->vfs_private)) == NULL) { + DEBUG(0, ("vfs_init() function from %s failed\n", vfs_object)); sys_dlclose(conn->vfs_private->handle); - return NULL; - } - - if ((vfs_version < SMB_VFS_INTERFACE_VERSION)) { - DEBUG(0, ("Warning: vfs_init() states that module confirms interface version #%d, current interface version is #%d.\n\ - Proceeding in compatibility mode, new operations (since version #%d) will fallback to default ones.\n", - vfs_version, SMB_VFS_INTERFACE_VERSION, vfs_version )); + return False; + } + + if ((vfs_version < SMB_VFS_INTERFACE_CASCADED)) { + DEBUG(0, ("vfs_init() returned wrong interface version info (was %d, should be no less than %d)\n", + vfs_version, SMB_VFS_INTERFACE_VERSION )); sys_dlclose(conn->vfs_private->handle); - return NULL; - } - - return ops; -} - - - -/**************************************************************************** - initialise custom vfs hooks - ****************************************************************************/ - -BOOL vfs_init_custom(connection_struct *conn, const char *vfs_object) -{ - vfs_op_tuple *ops; - int i; - struct vfs_init_function_entry *entry; - - DEBUG(3, ("Initialising custom vfs hooks from %s\n", vfs_object)); - - if(!backends) static_init_vfs; - - /* First, try to load the module with the new module system */ - if((entry = vfs_find_backend_entry(vfs_object)) || - (smb_probe_module("vfs", vfs_object) && - (entry = vfs_find_backend_entry(vfs_object)))) { - - DEBUG(3,("Successfully loaded %s with the new modules system\n", vfs_object)); - - if ((ops = entry->init(&conn->vfs_ops, conn->vfs_private)) == NULL) { - DEBUG(0, ("vfs init function from %s failed\n", vfs_object)); - return False; - } - } else { - /* If that doesn't work, fall back to the old system - * (This part should go away after a while, it's only here - * for backwards compatibility) */ - DEBUG(2, ("Can't load module %s with new modules system, falling back to compatibility\n", - vfs_object)); - if ((ops = vfs_load_old_plugin(conn, vfs_object)) == NULL) { - DEBUG(0, ("vfs init function from %s failed\n", vfs_object)); - return False; - } - } - + return False; + } + + if ((vfs_version < SMB_VFS_INTERFACE_VERSION)) { + DEBUG(0, ("Warning: vfs_init() states that module confirms interface version #%d, current interface version is #%d.\n\ +Proceeding in compatibility mode, new operations (since version #%d) will fallback to default ones.\n", + vfs_version, SMB_VFS_INTERFACE_VERSION, vfs_version )); + sys_dlclose(conn->vfs_private->handle); + return False; + } + for(i=0; ops[i].op != NULL; i++) { DEBUG(3, ("Checking operation #%d (type %d, layer %d)\n", i, ops[i].type, ops[i].layer)); if(ops[i].layer == SMB_VFS_LAYER_OPAQUE) { @@ -312,50 +215,54 @@ BOOL vfs_init_custom(connection_struct *conn, const char *vfs_object) BOOL smbd_vfs_init(connection_struct *conn) { - const char **vfs_objects; - char *vfs_module, *vfs_path; - unsigned int i = 0; - int j = 0; + char **vfs_objects, *vfsobj, *vfs_module, *vfs_path; + int nobj, i; struct smb_vfs_handle_struct *handle; /* Normal share - initialise with disk access functions */ vfs_init_default(conn); - vfs_objects = lp_vfsobj(SNUM(conn)); /* Override VFS functions if 'vfs object' was specified*/ - if (!vfs_objects) - return True; - - for(i=0; i<SMB_VFS_OP_LAST; i++) { - vfs_opaque_ops[i].op = ((void**)&default_vfs_ops)[i]; - vfs_opaque_ops[i].type = i; - vfs_opaque_ops[i].layer = SMB_VFS_LAYER_OPAQUE; - } - - vfs_path = lp_vfs_path(SNUM(conn)); - - for (i=0; vfs_objects[i]; i++); /* count passed modules */ - - for (j=i-1; j >= 0; j--) { - conn->vfs_private = NULL; - handle = (struct smb_vfs_handle_struct *) smb_xmalloc(sizeof(smb_vfs_handle_struct)); - /* Loadable object file */ - handle->handle = NULL; - DLIST_ADD(conn->vfs_private, handle); - vfs_module = NULL; - if (vfs_path && *vfs_path) { - asprintf(&vfs_module, "%s/%s", vfs_path, vfs_objects[j]); - } else { - asprintf(&vfs_module, "%s", vfs_objects[j]); + if (*lp_vfsobj(SNUM(conn))) { + vfsobj = NULL; + for(i=0; i<SMB_VFS_OP_LAST; i++) { + vfs_opaque_ops[i].op = ((void**)&default_vfs_ops)[i]; + vfs_opaque_ops[i].type = i; + vfs_opaque_ops[i].layer = SMB_VFS_LAYER_OPAQUE; } - if (!vfs_init_custom(conn, vfs_module)) { - DEBUG(0, ("smbd_vfs_init: vfs_init_custom failed for %s\n", vfs_module)); - SAFE_FREE(vfs_module); - DLIST_REMOVE(conn->vfs_private, handle); - SAFE_FREE(handle); - return False; + if (string_set(&vfsobj, lp_vfsobj(SNUM(conn)))) { + /* Parse passed modules specification to array of modules */ + set_first_token(vfsobj); + /* We are using default separators: ' \t\r\n' */ + vfs_objects = toktocliplist(&nobj, NULL); + if (vfs_objects) { + vfs_path = lp_vfs_path(SNUM(conn)); + conn->vfs_private = NULL; + for(i=nobj-1; i>=0; i--) { + handle = (struct smb_vfs_handle_struct *) smb_xmalloc(sizeof(smb_vfs_handle_struct)); + /* Loadable object file */ + handle->handle = NULL; + DLIST_ADD(conn->vfs_private, handle) + vfs_module = NULL; + if (vfs_path) { + asprintf(&vfs_module, "%s/%s", vfs_path, vfs_objects[i]); + } else { + asprintf(&vfs_module, "%s", vfs_objects[i]); + } + if (!vfs_init_custom(conn, vfs_module)) { + DEBUG(0, ("smbd_vfs_init: vfs_init_custom failed for %s\n", vfs_module)); + string_free(&vfsobj); + SAFE_FREE(vfs_module); + DLIST_REMOVE(conn->vfs_private, handle); + SAFE_FREE(handle); + return False; + } + SAFE_FREE(vfs_module); + } + } + string_free(&vfsobj); + return True; } - SAFE_FREE(vfs_module); } return True; } diff --git a/source3/stf/standardcheck.py b/source3/stf/standardcheck.py index e3292353e8..bec21b8ec5 100644 --- a/source3/stf/standardcheck.py +++ b/source3/stf/standardcheck.py @@ -22,13 +22,13 @@ """These tests are run by Samba's "make check".""" import strings, comfychair -import smbcontrol, sambalib +import smbcontrol # There should not be any actual tests in here: this file just serves # to define the ones run by default. They're imported from other # modules. -tests = strings.tests + smbcontrol.tests + sambalib.tests +tests = strings.tests + smbcontrol.tests if __name__ == '__main__': comfychair.main(tests) diff --git a/source3/tdb/spinlock.h b/source3/tdb/spinlock.h index 8b0e833ff5..d6a2ac6eb8 100644 --- a/source3/tdb/spinlock.h +++ b/source3/tdb/spinlock.h @@ -1,7 +1,7 @@ #ifndef __SPINLOCK_H__ #define __SPINLOCK_H__ -#ifdef HAVE_CONFIG_H +#if HAVE_CONFIG_H #include <config.h> #endif diff --git a/source3/tdb/tdbbackup.c b/source3/tdb/tdbbackup.c index 36ba7db918..7b344de6c4 100644 --- a/source3/tdb/tdbbackup.c +++ b/source3/tdb/tdbbackup.c @@ -303,3 +303,13 @@ static void usage(void) return ret; } + +#ifdef VALGRIND +size_t valgrind_strlen(const char *s) +{ + size_t count; + for(count = 0; *s++; count++) + ; + return count; +} +#endif diff --git a/source3/tdb/tdbutil.c b/source3/tdb/tdbutil.c index 69b282cda0..49005f8765 100644 --- a/source3/tdb/tdbutil.c +++ b/source3/tdb/tdbutil.c @@ -387,7 +387,6 @@ BOOL tdb_change_uint32_atomic(TDB_CONTEXT *tdb, const char *keystr, uint32 *oldv size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...) { va_list ap; - uint8 bt; uint16 w; uint32 d; int i; @@ -403,46 +402,40 @@ size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...) while (*fmt) { switch ((c = *fmt++)) { - case 'b': /* unsigned 8-bit integer */ - len = 1; - bt = (uint8)va_arg(ap, int); - if (bufsize && bufsize >= len) - SSVAL(buf, 0, bt); - break; - case 'w': /* unsigned 16-bit integer */ + case 'w': len = 2; w = (uint16)va_arg(ap, int); if (bufsize && bufsize >= len) SSVAL(buf, 0, w); break; - case 'd': /* signed 32-bit integer (standard int in most systems) */ + case 'd': len = 4; d = va_arg(ap, uint32); if (bufsize && bufsize >= len) SIVAL(buf, 0, d); break; - case 'p': /* pointer */ + case 'p': len = 4; p = va_arg(ap, void *); d = p?1:0; if (bufsize && bufsize >= len) SIVAL(buf, 0, d); break; - case 'P': /* null-terminated string */ + case 'P': s = va_arg(ap,char *); w = strlen(s); len = w + 1; if (bufsize && bufsize >= len) memcpy(buf, s, len); break; - case 'f': /* null-terminated string */ + case 'f': s = va_arg(ap,char *); w = strlen(s); len = w + 1; if (bufsize && bufsize >= len) memcpy(buf, s, len); break; - case 'B': /* fixed-length string */ + case 'B': i = va_arg(ap, int); s = va_arg(ap, char *); len = 4+i; @@ -481,7 +474,6 @@ size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...) int tdb_unpack(char *buf, int bufsize, const char *fmt, ...) { va_list ap; - uint8 *bt; uint16 *w; uint32 *d; int len; @@ -497,13 +489,6 @@ int tdb_unpack(char *buf, int bufsize, const char *fmt, ...) while (*fmt) { switch ((c=*fmt++)) { - case 'b': - len = 1; - bt = va_arg(ap, uint8 *); - if (bufsize < len) - goto no_space; - *bt = SVAL(buf, 0); - break; case 'w': len = 2; w = va_arg(ap, uint16 *); @@ -581,130 +566,6 @@ int tdb_unpack(char *buf, int bufsize, const char *fmt, ...) return -1; } - -/** - * Pack SID passed by pointer - * - * @param pack_buf pointer to buffer which is to be filled with packed data - * @param bufsize size of packing buffer - * @param sid pointer to sid to be packed - * - * @return length of the packed representation of the whole structure - **/ -size_t tdb_sid_pack(char* pack_buf, int bufsize, DOM_SID* sid) -{ - int idx; - size_t len = 0; - - if (!sid || !pack_buf) return -1; - - len += tdb_pack(pack_buf + len, bufsize - len, "bb", sid->sid_rev_num, - sid->num_auths); - - for (idx = 0; idx < 6; idx++) { - len += tdb_pack(pack_buf + len, bufsize - len, "b", sid->id_auth[idx]); - } - - for (idx = 0; idx < MAXSUBAUTHS; idx++) { - len += tdb_pack(pack_buf + len, bufsize - len, "d", sid->sub_auths[idx]); - } - - return len; -} - - -/** - * Unpack SID into a pointer - * - * @param pack_buf pointer to buffer with packed representation - * @param bufsize size of the buffer - * @param sid pointer to sid structure to be filled with unpacked data - * - * @return size of structure unpacked from buffer - **/ -size_t tdb_sid_unpack(char* pack_buf, int bufsize, DOM_SID* sid) -{ - int idx, len = 0; - - if (!sid || !pack_buf) return -1; - - len += tdb_unpack(pack_buf + len, bufsize - len, "bb", - &sid->sid_rev_num, &sid->num_auths); - - for (idx = 0; idx < 6; idx++) { - len += tdb_unpack(pack_buf + len, bufsize - len, "b", &sid->id_auth[idx]); - } - - for (idx = 0; idx < MAXSUBAUTHS; idx++) { - len += tdb_unpack(pack_buf + len, bufsize - len, "d", &sid->sub_auths[idx]); - } - - return len; -} - - -/** - * Pack TRUSTED_DOM_PASS passed by pointer - * - * @param pack_buf pointer to buffer which is to be filled with packed data - * @param bufsize size of the buffer - * @param pass pointer to trusted domain password to be packed - * - * @return length of the packed representation of the whole structure - **/ -size_t tdb_trusted_dom_pass_pack(char* pack_buf, int bufsize, TRUSTED_DOM_PASS* pass) -{ - int idx, len = 0; - - if (!pack_buf || !pass) return -1; - - /* packing unicode domain name and password */ - len += tdb_pack(pack_buf + len, bufsize - len, "d", pass->uni_name_len); - - for (idx = 0; idx < 32; idx++) - len += tdb_pack(pack_buf + len, bufsize - len, "w", pass->uni_name[idx]); - - len += tdb_pack(pack_buf + len, bufsize - len, "dPd", pass->pass_len, - pass->pass, pass->mod_time); - - /* packing SID structure */ - len += tdb_sid_pack(pack_buf + len, bufsize - len, &pass->domain_sid); - - return len; -} - - -/** - * Unpack TRUSTED_DOM_PASS passed by pointer - * - * @param pack_buf pointer to buffer with packed representation - * @param bufsize size of the buffer - * @param pass pointer to trusted domain password to be filled with unpacked data - * - * @return size of structure unpacked from buffer - **/ -size_t tdb_trusted_dom_pass_unpack(char* pack_buf, int bufsize, TRUSTED_DOM_PASS* pass) -{ - int idx, len = 0; - - if (!pack_buf || !pass) return -1; - - /* unpack unicode domain name and plaintext password */ - len += tdb_unpack(pack_buf, bufsize - len, "d", &pass->uni_name_len); - - for (idx = 0; idx < 32; idx++) - len += tdb_unpack(pack_buf + len, bufsize - len, "w", &pass->uni_name[idx]); - - len += tdb_unpack(pack_buf + len, bufsize - len, "dPd", &pass->pass_len, &pass->pass, - &pass->mod_time); - - /* unpack domain sid */ - len += tdb_sid_unpack(pack_buf + len, bufsize - len, &pass->domain_sid); - - return len; -} - - /**************************************************************************** Log tdb messages via DEBUG(). ****************************************************************************/ diff --git a/source3/torture/cmd_sam.c b/source3/torture/cmd_sam.c deleted file mode 100644 index 3f7f7dfe27..0000000000 --- a/source3/torture/cmd_sam.c +++ /dev/null @@ -1,514 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM module functions - - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "samtest.h" - -static void print_account(SAM_ACCOUNT_HANDLE *a) -{ - /* FIXME */ -} - -static NTSTATUS cmd_context(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - NTSTATUS status; - char **plugins; - int i; - - plugins = malloc(argc * sizeof(char *)); - - for(i = 1; i < argc; i++) - plugins[i-1] = argv[i]; - - plugins[argc-1] = NULL; - - if(!NT_STATUS_IS_OK(status = make_sam_context_list(&st->context, plugins))) { - printf("make_sam_context_list failed: %s\n", nt_errstr(status)); - SAFE_FREE(plugins); - return status; - } - - SAFE_FREE(plugins); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_load_module(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - char *plugin_arg[2]; - NTSTATUS status; - if (argc != 2 && argc != 3) { - printf("Usage: load <module path> [domain-name]\n"); - return NT_STATUS_OK; - } - - if (argc == 3) - asprintf(&plugin_arg[0], "plugin:%s|%s", argv[1], argv[2]); - else - asprintf(&plugin_arg[0], "plugin:%s", argv[1]); - - plugin_arg[1] = NULL; - - if(!NT_STATUS_IS_OK(status = make_sam_context_list(&st->context, plugin_arg))) { - free(plugin_arg[0]); - return status; - } - - free(plugin_arg[0]); - - printf("load: ok\n"); - return NT_STATUS_OK; -} - -static NTSTATUS cmd_get_sec_desc(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_set_sec_desc(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_lookup_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - char *name; - uint32 type; - NTSTATUS status; - DOM_SID sid; - if (argc != 2) { - printf("Usage: lookup_sid <sid>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!string_to_sid(&sid, argv[1])){ - printf("Unparseable SID specified!\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_lookup_sid(st->context, st->token, mem_ctx, &sid, &name, &type))) { - printf("sam_lookup_sid failed!\n"); - return status; - } - - printf("Name: %s\n", name); - printf("Type: %d\n", type); /* FIXME: What kind of an integer is type ? */ - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_lookup_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - DOM_SID sid; - uint32 type; - NTSTATUS status; - if (argc != 3) { - printf("Usage: lookup_name <domain> <name>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_lookup_name(st->context, st->token, argv[1], argv[2], &sid, &type))) { - printf("sam_lookup_name failed!\n"); - return status; - } - - printf("SID: %s\n", sid_string_static(&sid)); - printf("Type: %d\n", type); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_lookup_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_lookup_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_lookup_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - DOM_SID *sid; - NTSTATUS status; - if (argc != 2) { - printf("Usage: lookup_domain <domain>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_lookup_domain(st->context, st->token, argv[1], &sid))) { - printf("sam_lookup_name failed!\n"); - return status; - } - - printf("SID: %s\n", sid_string_static(sid)); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_enum_domains(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - int32 domain_count, i; - DOM_SID *domain_sids; - char **domain_names; - NTSTATUS status; - - if (!NT_STATUS_IS_OK(status = sam_enum_domains(st->context, st->token, &domain_count, &domain_sids, &domain_names))) { - printf("sam_enum_domains failed!\n"); - return status; - } - - if (domain_count == 0) { - printf("No domains found!\n"); - return NT_STATUS_OK; - } - - for (i = 0; i < domain_count; i++) { - printf("%s %s\n", domain_names[i], sid_string_static(&domain_sids[i])); - } - - SAFE_FREE(domain_sids); - SAFE_FREE(domain_names); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_update_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_show_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - NTSTATUS status; - DOM_SID sid; - SAM_DOMAIN_HANDLE *domain; - uint32 tmp_uint32; - uint16 tmp_uint16; - NTTIME tmp_nttime; - BOOL tmp_bool; - const char *tmp_string; - - if (argc != 2) { - printf("Usage: show_domain <sid>\n"); - return status; - } - - if (!string_to_sid(&sid, argv[1])){ - printf("Unparseable SID specified!\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_by_sid(st->context, st->token, GENERIC_RIGHTS_DOMAIN_ALL_ACCESS, &sid, &domain))) { - printf("sam_get_domain_by_sid failed\n"); - return status; - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_num_accounts(domain, &tmp_uint32))) { - printf("sam_get_domain_num_accounts failed: %s\n", nt_errstr(status)); - } else { - printf("Number of accounts: %d\n", tmp_uint32); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_num_groups(domain, &tmp_uint32))) { - printf("sam_get_domain_num_groups failed: %s\n", nt_errstr(status)); - } else { - printf("Number of groups: %u\n", tmp_uint32); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_num_aliases(domain, &tmp_uint32))) { - printf("sam_get_domain_num_aliases failed: %s\n", nt_errstr(status)); - } else { - printf("Number of aliases: %u\n", tmp_uint32); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_name(domain, &tmp_string))) { - printf("sam_get_domain_name failed: %s\n", nt_errstr(status)); - } else { - printf("Domain Name: %s\n", tmp_string); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_lockout_count(domain, &tmp_uint16))) { - printf("sam_get_domain_lockout_count failed: %s\n", nt_errstr(status)); - } else { - printf("Lockout Count: %u\n", tmp_uint16); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_force_logoff(domain, &tmp_bool))) { - printf("sam_get_domain_force_logoff failed: %s\n", nt_errstr(status)); - } else { - printf("Force Logoff: %s\n", (tmp_bool?"Yes":"No")); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_lockout_duration(domain, &tmp_nttime))) { - printf("sam_get_domain_lockout_duration failed: %s\n", nt_errstr(status)); - } else { - printf("Lockout duration: %u\n", tmp_nttime.low); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_login_pwdchange(domain, &tmp_bool))) { - printf("sam_get_domain_login_pwdchange failed: %s\n", nt_errstr(status)); - } else { - printf("Password changing allowed: %s\n", (tmp_bool?"Yes":"No")); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_max_pwdage(domain, &tmp_nttime))) { - printf("sam_get_domain_max_pwdage failed: %s\n", nt_errstr(status)); - } else { - printf("Maximum password age: %u\n", tmp_nttime.low); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_min_pwdage(domain, &tmp_nttime))) { - printf("sam_get_domain_min_pwdage failed: %s\n", nt_errstr(status)); - } else { - printf("Minimal password age: %u\n", tmp_nttime.low); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_min_pwdlength(domain, &tmp_uint16))) { - printf("sam_get_domain_min_pwdlength: %s\n", nt_errstr(status)); - } else { - printf("Minimal Password Length: %u\n", tmp_uint16); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_pwd_history(domain, &tmp_uint16))) { - printf("sam_get_domain_pwd_history failed: %s\n", nt_errstr(status)); - } else { - printf("Password history: %u\n", tmp_uint16); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_reset_count(domain, &tmp_nttime))) { - printf("sam_get_domain_reset_count failed: %s\n", nt_errstr(status)); - } else { - printf("Reset count: %u\n", tmp_nttime.low); - } - - if (!NT_STATUS_IS_OK(status = sam_get_domain_server(domain, &tmp_string))) { - printf("sam_get_domain_server failed: %s\n", nt_errstr(status)); - } else { - printf("Server: %s\n", tmp_string); - } - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_create_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_update_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_delete_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_enum_accounts(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - NTSTATUS status; - DOM_SID sid; - int32 account_count, i; - SAM_ACCOUNT_ENUM *accounts; - - if (argc != 2) { - printf("Usage: enum_accounts <domain-sid>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!string_to_sid(&sid, argv[1])){ - printf("Unparseable SID specified!\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_enum_accounts(st->context, st->token, &sid, 0, &account_count, &accounts))) { - printf("sam_enum_accounts failed: %s\n", nt_errstr(status)); - return status; - } - - if (account_count == 0) { - printf("No accounts found!\n"); - return NT_STATUS_OK; - } - - for (i = 0; i < account_count; i++) - printf("SID: %s\nName: %s\nFullname: %s\nDescription: %s\nACB_BITS: %08X\n\n", - sid_string_static(&accounts[i].sid), accounts[i].account_name, - accounts[i].full_name, accounts[i].account_desc, - accounts[i].acct_ctrl); - - SAFE_FREE(accounts); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_lookup_account_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - NTSTATUS status; - DOM_SID sid; - SAM_ACCOUNT_HANDLE *account; - - if (argc != 2) { - printf("Usage: lookup_account_sid <account-sid>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!string_to_sid(&sid, argv[1])){ - printf("Unparseable SID specified!\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - if (!NT_STATUS_IS_OK(status = sam_get_account_by_sid(st->context, st->token, GENERIC_RIGHTS_USER_ALL_ACCESS, &sid, &account))) { - printf("context_sam_get_account_by_sid failed: %s\n", nt_errstr(status)); - return status; - } - - print_account(account); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_lookup_account_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - NTSTATUS status; - SAM_ACCOUNT_HANDLE *account; - - if (argc != 3) { - printf("Usage: lookup_account_name <domain-name> <account-name>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - - if (!NT_STATUS_IS_OK(status = sam_get_account_by_name(st->context, st->token, GENERIC_RIGHTS_USER_ALL_ACCESS, argv[1], argv[2], &account))) { - printf("context_sam_get_account_by_sid failed: %s\n", nt_errstr(status)); - return status; - } - - print_account(account); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_create_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_update_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_delete_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_enum_groups(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_lookup_group_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_lookup_group_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_group_add_member(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -static NTSTATUS cmd_group_del_member(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS cmd_group_enum(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - - -static NTSTATUS cmd_get_sid_groups(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -struct cmd_set sam_general_commands[] = { - - { "General SAM Commands" }, - - { "load", cmd_load_module, "Load a module", "load <module.so> [domain-sid]" }, - { "context", cmd_context, "Load specified context", "context [DOMAIN|]backend1[:options] [DOMAIN|]backend2[:options]" }, - { "get_sec_desc", cmd_get_sec_desc, "Get security descriptor info", "get_sec_desc <access-token> <sid>" }, - { "set_sec_desc", cmd_set_sec_desc, "Set security descriptor info", "set_sec_desc <access-token> <sid>" }, - { "lookup_sid", cmd_lookup_sid, "Lookup type of specified SID", "lookup_sid <sid>" }, - { "lookup_name", cmd_lookup_name, "Lookup type of specified name", "lookup_name <sid>" }, - { NULL } -}; - -struct cmd_set sam_domain_commands[] = { - { "Domain Commands" }, - { "update_domain", cmd_update_domain, "Update domain information", "update_domain [domain-options] domain-name | domain-sid" }, - { "show_domain", cmd_show_domain, "Show domain information", "show_domain domain-sid | domain-name" }, - { "enum_domains", cmd_enum_domains, "Enumerate all domains", "enum_domains <token> <acct-ctrl>" }, - { "lookup_domain", cmd_lookup_domain, "Lookup a domain by name", "lookup_domain domain-name" }, - { NULL } -}; - -struct cmd_set sam_account_commands[] = { - { "Account Commands" }, - { "create_account", cmd_create_account, "Create a new account with specified properties", "create_account [account-options]" }, - { "update_account", cmd_update_account, "Update an existing account", "update_account [account-options] account-sid | account-name" }, - { "delete_account", cmd_delete_account, "Delete an account", "delete_account account-sid | account-name" }, - { "enum_accounts", cmd_enum_accounts, "Enumerate all accounts", "enum_accounts <token> <acct-ctrl>" }, - { "lookup_account", cmd_lookup_account, "Lookup an account by either sid or name", "lookup_account account-sid | account-name" }, - { "lookup_account_sid", cmd_lookup_account_sid, "Lookup an account by sid", "lookup_account_sid account-sid" }, - { "lookup_account_name", cmd_lookup_account_name, "Lookup an account by name", "lookup_account_name account-name" }, - { NULL } -}; - -struct cmd_set sam_group_commands[] = { - { "Group Commands" }, - { "create_group", cmd_create_group, "Create a new group", "create_group [group-opts]" }, - { "update_group", cmd_update_group, "Update an existing group", "update_group [group-opts] group-name | group-sid" }, - { "delete_group", cmd_delete_group, "Delete an existing group", "delete_group group-name | group-sid" }, - { "enum_groups", cmd_enum_groups, "Enumerate all groups", "enum_groups <token> <group-ctrl>" }, - { "lookup_group", cmd_lookup_group, "Lookup a group by SID or name", "lookup_group group-sid | group-name" }, - { "lookup_group_sid", cmd_lookup_group_sid, "Lookup a group by SID", "lookup_group_sid <sid>" }, - { "lookup_group_name", cmd_lookup_group_name, "Lookup a group by name", "lookup_group_name <name>" }, - { "group_add_member", cmd_group_add_member, "Add group member to group", "group_add_member <group-name | group-sid> <member-name | member-sid>" }, - { "group_del_member", cmd_group_del_member, "Delete group member from group", "group_del_member <group-name | group-sid> <member-name | member-sid>" }, - { "group_enum", cmd_group_enum, "Enumerate all members of specified group", "group_enum group-sid | group-name" }, - - { "get_sid_groups", cmd_get_sid_groups, "Get a list of groups specified sid is a member of", "group_enum <group-sid | group-name>" }, - { NULL } -}; diff --git a/source3/torture/denytest.c b/source3/torture/denytest.c index 3a7906fb33..017bb1c06d 100644 --- a/source3/torture/denytest.c +++ b/source3/torture/denytest.c @@ -1408,7 +1408,7 @@ static void progress_bar(unsigned i, unsigned total) */ BOOL torture_denytest1(int dummy) { - struct cli_state *cli1; + static struct cli_state cli1; int fnum1, fnum2; int i; BOOL correct = True; @@ -1421,10 +1421,10 @@ BOOL torture_denytest1(int dummy) printf("starting denytest1\n"); for (i=0;i<2;i++) { - cli_unlink(cli1, fnames[i]); - fnum1 = cli_open(cli1, fnames[i], O_RDWR|O_CREAT, DENY_NONE); - cli_write(cli1, fnum1, 0, fnames[i], 0, strlen(fnames[i])); - cli_close(cli1, fnum1); + cli_unlink(&cli1, fnames[i]); + fnum1 = cli_open(&cli1, fnames[i], O_RDWR|O_CREAT, DENY_NONE); + cli_write(&cli1, fnum1, 0, fnames[i], 0, strlen(fnames[i])); + cli_close(&cli1, fnum1); } printf("testing %d entries\n", ARRAY_SIZE(denytable1)); @@ -1435,10 +1435,10 @@ BOOL torture_denytest1(int dummy) progress_bar(i, ARRAY_SIZE(denytable1)); - fnum1 = cli_open(cli1, fname, + fnum1 = cli_open(&cli1, fname, denytable1[i].mode1, denytable1[i].deny1); - fnum2 = cli_open(cli1, fname, + fnum2 = cli_open(&cli1, fname, denytable1[i].mode2, denytable1[i].deny2); @@ -1449,10 +1449,10 @@ BOOL torture_denytest1(int dummy) } else { char x = 1; res = A_0; - if (cli_read(cli1, fnum2, (void *)&x, 0, 1) == 1) { + if (cli_read(&cli1, fnum2, (void *)&x, 0, 1) == 1) { res += A_R; } - if (cli_write(cli1, fnum2, 0, (void *)&x, 0, 1) == 1) { + if (cli_write(&cli1, fnum2, 0, (void *)&x, 0, 1) == 1) { res += A_W; } } @@ -1472,15 +1472,15 @@ BOOL torture_denytest1(int dummy) resultstr(denytable1[i].result)); } - cli_close(cli1, fnum1); - cli_close(cli1, fnum2); + cli_close(&cli1, fnum1); + cli_close(&cli1, fnum2); } for (i=0;i<2;i++) { - cli_unlink(cli1, fnames[i]); + cli_unlink(&cli1, fnames[i]); } - if (!torture_close_connection(cli1)) { + if (!torture_close_connection(&cli1)) { correct = False; } @@ -1494,7 +1494,7 @@ BOOL torture_denytest1(int dummy) */ BOOL torture_denytest2(int dummy) { - static struct cli_state *cli1, *cli2; + static struct cli_state cli1, cli2; int fnum1, fnum2; int i; BOOL correct = True; @@ -1507,10 +1507,10 @@ BOOL torture_denytest2(int dummy) printf("starting denytest2\n"); for (i=0;i<2;i++) { - cli_unlink(cli1, fnames[i]); - fnum1 = cli_open(cli1, fnames[i], O_RDWR|O_CREAT, DENY_NONE); - cli_write(cli1, fnum1, 0, fnames[i], 0, strlen(fnames[i])); - cli_close(cli1, fnum1); + cli_unlink(&cli1, fnames[i]); + fnum1 = cli_open(&cli1, fnames[i], O_RDWR|O_CREAT, DENY_NONE); + cli_write(&cli1, fnum1, 0, fnames[i], 0, strlen(fnames[i])); + cli_close(&cli1, fnum1); } for (i=0; i<ARRAY_SIZE(denytable2); i++) { @@ -1519,10 +1519,10 @@ BOOL torture_denytest2(int dummy) progress_bar(i, ARRAY_SIZE(denytable1)); - fnum1 = cli_open(cli1, fname, + fnum1 = cli_open(&cli1, fname, denytable2[i].mode1, denytable2[i].deny1); - fnum2 = cli_open(cli2, fname, + fnum2 = cli_open(&cli2, fname, denytable2[i].mode2, denytable2[i].deny2); @@ -1533,10 +1533,10 @@ BOOL torture_denytest2(int dummy) } else { char x = 1; res = A_0; - if (cli_read(cli2, fnum2, (void *)&x, 0, 1) == 1) { + if (cli_read(&cli2, fnum2, (void *)&x, 0, 1) == 1) { res += A_R; } - if (cli_write(cli2, fnum2, 0, (void *)&x, 0, 1) == 1) { + if (cli_write(&cli2, fnum2, 0, (void *)&x, 0, 1) == 1) { res += A_W; } } @@ -1556,18 +1556,18 @@ BOOL torture_denytest2(int dummy) resultstr(denytable2[i].result)); } - cli_close(cli1, fnum1); - cli_close(cli2, fnum2); + cli_close(&cli1, fnum1); + cli_close(&cli2, fnum2); } for (i=0;i<2;i++) { - cli_unlink(cli1, fnames[i]); + cli_unlink(&cli1, fnames[i]); } - if (!torture_close_connection(cli1)) { + if (!torture_close_connection(&cli1)) { correct = False; } - if (!torture_close_connection(cli2)) { + if (!torture_close_connection(&cli2)) { correct = False; } diff --git a/source3/torture/mangle_test.c b/source3/torture/mangle_test.c index d1475eb64e..6d127a918e 100644 --- a/source3/torture/mangle_test.c +++ b/source3/torture/mangle_test.c @@ -135,7 +135,7 @@ static void gen_name(char *name) /* and a medium probability of a common lead string */ if (random() % 10 == 0) { - strncpy(p, "ABCDE", 6); + strncpy(p, "ABCDE", 5); } /* and a high probability of a good extension length */ @@ -151,7 +151,7 @@ static void gen_name(char *name) BOOL torture_mangle(int dummy) { extern int torture_numops; - static struct cli_state *cli; + static struct cli_state cli; int i; printf("starting mangle test\n"); @@ -167,10 +167,10 @@ BOOL torture_mangle(int dummy) return False; } - cli_unlink(cli, "\\mangle_test\\*"); - cli_rmdir(cli, "\\mangle_test"); + cli_unlink(&cli, "\\mangle_test\\*"); + cli_rmdir(&cli, "\\mangle_test"); - if (!cli_mkdir(cli, "\\mangle_test")) { + if (!cli_mkdir(&cli, "\\mangle_test")) { printf("ERROR: Failed to make directory\n"); return False; } @@ -180,7 +180,7 @@ BOOL torture_mangle(int dummy) gen_name(name); - if (!test_one(cli, name)) { + if (!test_one(&cli, name)) { break; } if (total && total % 100 == 0) { @@ -189,8 +189,8 @@ BOOL torture_mangle(int dummy) } } - cli_unlink(cli, "\\mangle_test\\*"); - if (!cli_rmdir(cli, "\\mangle_test")) { + cli_unlink(&cli, "\\mangle_test\\*"); + if (!cli_rmdir(&cli, "\\mangle_test")) { printf("ERROR: Failed to remove directory\n"); return False; } @@ -198,7 +198,7 @@ BOOL torture_mangle(int dummy) printf("\nTotal collisions %u/%u - %.2f%% (%u failures)\n", collisions, total, (100.0*collisions) / total, failures); - torture_close_connection(cli); + torture_close_connection(&cli); printf("mangle test finished\n"); return (failures == 0); diff --git a/source3/torture/masktest.c b/source3/torture/masktest.c index 06dead3f16..7d751fb789 100644 --- a/source3/torture/masktest.c +++ b/source3/torture/masktest.c @@ -33,7 +33,6 @@ static const char *filechars = "abcdefghijklm."; static int verbose; static int die_on_error; static int NumLoops = 0; -static int ignore_dot_errors = 0; /* a test fn for LANMAN mask support */ int ms_fnmatch_lanman_core(const char *pattern, const char *string) @@ -325,9 +324,7 @@ static void testpair(struct cli_state *cli, char *mask, char *file) res2 = reg_test(cli, mask, long_name, short_name); - if (showall || - ((strcmp(res1, res2) && !ignore_dot_errors) || - (strcmp(res1+2, res2+2) && ignore_dot_errors))) { + if (showall || strcmp(res1, res2)) { DEBUG(0,("%s %s %d mask=[%s] file=[%s] rfile=[%s/%s]\n", res1, res2, count, mask, file, long_name, short_name)); if (die_on_error) exit(1); @@ -412,7 +409,6 @@ static void usage(void) -v verbose mode\n\ -E die on error\n\ -a show all tests\n\ - -i ignore . and .. errors\n\ \n\ This program tests wildcard matching between two servers. It generates\n\ random pairs of filenames/masks and tests that they match in the same\n\ @@ -465,7 +461,7 @@ static void usage(void) seed = time(NULL); - while ((opt = getopt(argc, argv, "n:d:U:s:hm:f:aoW:M:vEi")) != EOF) { + while ((opt = getopt(argc, argv, "n:d:U:s:hm:f:aoW:M:vE")) != EOF) { switch (opt) { case 'n': NumLoops = atoi(optarg); @@ -476,9 +472,6 @@ static void usage(void) case 'E': die_on_error = 1; break; - case 'i': - ignore_dot_errors = 1; - break; case 'v': verbose++; break; diff --git a/source3/torture/nbio.c b/source3/torture/nbio.c index d8d3ca0c09..2d519b40ba 100644 --- a/source3/torture/nbio.c +++ b/source3/torture/nbio.c @@ -148,12 +148,12 @@ void nb_createx(char *fname, desired_access = FILE_READ_DATA | FILE_WRITE_DATA; } - fd = cli_nt_create_full(c, fname, 0, + fd = cli_nt_create_full(c, fname, desired_access, 0x0, FILE_SHARE_READ|FILE_SHARE_WRITE, create_disposition, - create_options, 0); + create_options); if (fd == -1 && handle != -1) { printf("ERROR: cli_nt_create_full failed for %s - %s\n", fname, cli_errstr(c)); diff --git a/source3/torture/samtest.c b/source3/torture/samtest.c deleted file mode 100644 index fd5f75a664..0000000000 --- a/source3/torture/samtest.c +++ /dev/null @@ -1,445 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM module tester - - Copyright (C) 2002 Jelmer Vernooij - - Parts of the code stolen from vfstest by Simo Sorce and Eric Lorimer - Parts of the code stolen from rpcclient by Tim Potter - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "samtest.h" - -struct func_entry { - char *name; - int (*fn)(struct connection_struct *conn, const char *path); -}; - -/* List to hold groups of commands */ -static struct cmd_list { - struct cmd_list *prev, *next; - struct cmd_set *cmd_set; -} *cmd_list; - -static char* next_command (char** cmdstr) -{ - static pstring command; - char *p; - - if (!cmdstr || !(*cmdstr)) - return NULL; - - p = strchr_m(*cmdstr, ';'); - if (p) - *p = '\0'; - pstrcpy(command, *cmdstr); - *cmdstr = p; - - return command; -} - -/* Load specified configuration file */ -static NTSTATUS cmd_conf(struct samtest_state *sam, TALLOC_CTX *mem_ctx, - int argc, char **argv) -{ - if (argc != 2) { - printf("Usage: %s <smb.conf>\n", argv[0]); - return NT_STATUS_OK; - } - - if (!lp_load(argv[1], False, True, False)) { - printf("Error loading \"%s\"\n", argv[1]); - return NT_STATUS_OK; - } - - printf("\"%s\" successfully loaded\n", argv[1]); - return NT_STATUS_OK; -} - -/* Display help on commands */ -static NTSTATUS cmd_help(struct samtest_state *st, TALLOC_CTX *mem_ctx, - int argc, const char **argv) -{ - struct cmd_list *tmp; - struct cmd_set *tmp_set; - - /* Usage */ - if (argc > 2) { - printf("Usage: %s [command]\n", argv[0]); - return NT_STATUS_OK; - } - - /* Help on one command */ - - if (argc == 2) { - for (tmp = cmd_list; tmp; tmp = tmp->next) { - - tmp_set = tmp->cmd_set; - - while(tmp_set->name) { - if (strequal(argv[1], tmp_set->name)) { - if (tmp_set->usage && - tmp_set->usage[0]) - printf("%s\n", tmp_set->usage); - else - printf("No help for %s\n", tmp_set->name); - - return NT_STATUS_OK; - } - - tmp_set++; - } - } - - printf("No such command: %s\n", argv[1]); - return NT_STATUS_OK; - } - - /* List all commands */ - - for (tmp = cmd_list; tmp; tmp = tmp->next) { - - tmp_set = tmp->cmd_set; - - while(tmp_set->name) { - - printf("%20s\t%s\n", tmp_set->name, - tmp_set->description ? tmp_set->description: - ""); - - tmp_set++; - } - } - - return NT_STATUS_OK; -} - -/* Change the debug level */ -static NTSTATUS cmd_debuglevel(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - if (argc > 2) { - printf("Usage: %s [debuglevel]\n", argv[0]); - return NT_STATUS_OK; - } - - if (argc == 2) { - DEBUGLEVEL = atoi(argv[1]); - } - - printf("debuglevel is %d\n", DEBUGLEVEL); - - return NT_STATUS_OK; -} - -static NTSTATUS cmd_quit(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv) -{ - /* Cleanup */ - talloc_destroy(mem_ctx); - - exit(0); - return NT_STATUS_OK; /* NOTREACHED */ -} - -static struct cmd_set samtest_commands[] = { - - { "GENERAL OPTIONS" }, - - { "help", cmd_help, "Get help on commands", "" }, - { "?", cmd_help, "Get help on commands", "" }, - { "conf", cmd_conf, "Load smb configuration file", "conf <smb.conf>" }, - { "debuglevel", cmd_debuglevel, "Set debug level", "" }, - { "exit", cmd_quit, "Exit program", "" }, - { "quit", cmd_quit, "Exit program", "" }, - - { NULL } -}; - -static struct cmd_set separator_command[] = { - { "---------------", NULL, "----------------------" }, - { NULL } -}; - - -/*extern struct cmd_set sam_commands[];*/ -extern struct cmd_set sam_general_commands[]; -extern struct cmd_set sam_domain_commands[]; -extern struct cmd_set sam_account_commands[]; -extern struct cmd_set sam_group_commands[]; -static struct cmd_set *samtest_command_list[] = { - samtest_commands, - sam_general_commands, - sam_domain_commands, - sam_account_commands, - sam_group_commands, - NULL -}; - -static void add_command_set(struct cmd_set *cmd_set) -{ - struct cmd_list *entry; - - if (!(entry = (struct cmd_list *)malloc(sizeof(struct cmd_list)))) { - DEBUG(0, ("out of memory\n")); - return; - } - - ZERO_STRUCTP(entry); - - entry->cmd_set = cmd_set; - DLIST_ADD(cmd_list, entry); -} - -static NTSTATUS do_cmd(struct samtest_state *st, struct cmd_set *cmd_entry, char *cmd) -{ - char *p = cmd, **argv = NULL; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - TALLOC_CTX *mem_ctx = NULL; - pstring buf; - int argc = 0, i; - - /* Count number of arguments first time through the loop then - allocate memory and strdup them. */ - - again: - while(next_token(&p, buf, " ", sizeof(buf))) { - if (argv) { - argv[argc] = strdup(buf); - } - - argc++; - } - - if (!argv) { - - /* Create argument list */ - - argv = (char **)malloc(sizeof(char *) * argc); - memset(argv, 0, sizeof(char *) * argc); - - if (!argv) { - fprintf(stderr, "out of memory\n"); - result = NT_STATUS_NO_MEMORY; - goto done; - } - - p = cmd; - argc = 0; - - goto again; - } - - /* Call the function */ - - if (cmd_entry->fn) { - - if (mem_ctx == NULL) { - /* Create mem_ctx */ - if (!(mem_ctx = talloc_init("do_cmd"))) { - DEBUG(0, ("talloc_init() failed\n")); - goto done; - } - } - - /* Run command */ - result = cmd_entry->fn(st, mem_ctx, argc, argv); - - } else { - fprintf (stderr, "Invalid command\n"); - goto done; - } - - done: - - /* Cleanup */ - - if (argv) { - for (i = 0; i < argc; i++) - SAFE_FREE(argv[i]); - - SAFE_FREE(argv); - } - - return result; -} - -/* Process a command entered at the prompt or as part of -c */ -static NTSTATUS process_cmd(struct samtest_state *st, char *cmd) -{ - struct cmd_list *temp_list; - BOOL found = False; - pstring buf; - char *p = cmd; - NTSTATUS result = NT_STATUS_OK; - int len = 0; - - if (cmd[strlen(cmd) - 1] == '\n') - cmd[strlen(cmd) - 1] = '\0'; - - if (!next_token(&p, buf, " ", sizeof(buf))) { - return NT_STATUS_OK; - } - - /* strip the trainly \n if it exsists */ - len = strlen(buf); - if (buf[len-1] == '\n') - buf[len-1] = '\0'; - - /* Search for matching commands */ - - for (temp_list = cmd_list; temp_list; temp_list = temp_list->next) { - struct cmd_set *temp_set = temp_list->cmd_set; - - while(temp_set->name) { - if (strequal(buf, temp_set->name)) { - found = True; - result = do_cmd(st, temp_set, cmd); - - goto done; - } - temp_set++; - } - } - - done: - if (!found && buf[0]) { - printf("command not found: %s\n", buf); - return NT_STATUS_OK; - } - - if (!NT_STATUS_IS_OK(result)) { - printf("result was %s\n", nt_errstr(result)); - } - - return result; -} - -void exit_server(char *reason) -{ - DEBUG(3,("Server exit (%s)\n", (reason ? reason : ""))); - exit(0); -} - -static int server_fd = -1; -int last_message = -1; - -int smbd_server_fd(void) -{ - return server_fd; -} - -BOOL reload_services(BOOL test) -{ - return True; -} - -/* Main function */ - -int main(int argc, char *argv[]) -{ - BOOL interactive = True; - int opt; - static char *cmdstr = NULL; - struct cmd_set **cmd_set; - struct samtest_state st; - - /* make sure the vars that get altered (4th field) are in - a fixed location or certain compilers complain */ - poptContext pc; - struct poptOption long_options[] = { - POPT_AUTOHELP - {"command", 'e', POPT_ARG_STRING, &cmdstr, 'e', "Execute semicolon seperated cmds"}, - POPT_COMMON_SAMBA - POPT_TABLEEND - }; - - ZERO_STRUCT(st); - - st.token = get_system_token(); - - setlinebuf(stdout); - - DEBUGLEVEL = 1; - - pc = poptGetContext("samtest", argc, (const char **) argv, - long_options, 0); - - while((opt = poptGetNextOpt(pc)) != -1) { - switch (opt) { - case 'l': - slprintf(logfile, sizeof(logfile) - 1, "%s.client", - opt_logfile); - lp_set_logfile(logfile); - interactive = False; - break; - } - } - - if (!lp_load(config_file,True,False,False)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", config_file); - exit(1); - } - - poptFreeContext(pc); - - /* the following functions are part of the Samba debugging - facilities. See lib/debug.c */ - setup_logging("samtest", interactive); - if (!interactive) - reopen_logs(); - - /* Load command lists */ - - cmd_set = samtest_command_list; - - while(*cmd_set) { - add_command_set(*cmd_set); - add_command_set(separator_command); - cmd_set++; - } - - /* Do anything specified with -c */ - if (cmdstr && cmdstr[0]) { - char *cmd; - char *p = cmdstr; - - while((cmd=next_command(&p)) != NULL) { - process_cmd(&st, cmd); - } - - return 0; - } - - /* Loop around accepting commands */ - - while(1) { - pstring prompt; - char *line; - - slprintf(prompt, sizeof(prompt) - 1, "samtest $> "); - - line = smb_readline(prompt, NULL, NULL); - - if (line == NULL) - break; - - if (line[0] != '\n') - process_cmd(&st, line); - } - - return 0; -} diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 94ee4dc791..a4dfac8490 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -29,7 +29,7 @@ static int nprocs=1; static int port_to_use=0; int torture_numops=100; static int procnum; /* records process count number when forking */ -static struct cli_state *current_cli; +static struct cli_state current_cli; static fstring randomfname; static BOOL use_oplocks; static BOOL use_level_II_oplocks; @@ -105,14 +105,7 @@ static BOOL open_nbt_connection(struct cli_state *c) zero_ip(&ip); - if (!cli_initialise(c)) { - printf("Failed initialize cli_struct to connect with %s\n", host); - return False; - } - - c->port = port_to_use; - - if (!cli_connect(c, host, &ip)) { + if (!cli_initialise(c) || !cli_connect(c, host, &ip)) { printf("Failed to connect with %s\n", host); return False; } @@ -124,67 +117,45 @@ static BOOL open_nbt_connection(struct cli_state *c) if (use_level_II_oplocks) c->use_level_II_oplocks = True; if (!cli_session_request(c, &calling, &called)) { - /* - * Well, that failed, try *SMBSERVER ... - * However, we must reconnect as well ... - */ - if (!cli_connect(c, host, &ip)) { - printf("Failed to connect with %s\n", host); - return False; - } - - make_nmb_name(&called, "*SMBSERVER", 0x20); - if (!cli_session_request(c, &calling, &called)) { - printf("%s rejected the session\n",host); - printf("We tried with a called name of %s & %s\n", - host, "*SMBSERVER"); - cli_shutdown(c); - return False; - } + printf("%s rejected the session\n",host); + cli_shutdown(c); + return False; } return True; } -BOOL torture_open_connection(struct cli_state **c) +BOOL torture_open_connection(struct cli_state *c) { - BOOL retry; - int flags = 0; - NTSTATUS status; + ZERO_STRUCTP(c); - if (use_kerberos) - flags |= CLI_FULL_CONNECTION_USE_KERBEROS; - - status = cli_full_connection(c, myname, - host, NULL, port_to_use, - share, "?????", - username, workgroup, - password, flags, &retry); - if (!NT_STATUS_IS_OK(status)) { + if (!open_nbt_connection(c)) { return False; } - if (use_oplocks) (*c)->use_oplocks = True; - if (use_level_II_oplocks) (*c)->use_level_II_oplocks = True; - (*c)->timeout = 120000; /* set a really long timeout (2 minutes) */ + if (!cli_negprot(c)) { + printf("%s rejected the negprot (%s)\n",host, cli_errstr(c)); + cli_shutdown(c); + return False; + } - return True; -} + if (!cli_session_setup(c, username, + password, strlen(password), + password, strlen(password), + workgroup)) { + printf("%s rejected the sessionsetup (%s)\n", host, cli_errstr(c)); + cli_shutdown(c); + return False; + } -BOOL torture_cli_session_setup2(struct cli_state *cli, uint16 *new_vuid) -{ - uint16 old_vuid = cli->vuid; - fstring old_user_name; - size_t passlen = strlen(password); - BOOL ret; + if (!cli_send_tconX(c, share, "?????", + password, strlen(password)+1)) { + printf("%s refused tree connect (%s)\n", host, cli_errstr(c)); + cli_shutdown(c); + return False; + } - fstrcpy(old_user_name, cli->user_name); - cli->vuid = 0; - ret = cli_session_setup(cli, username, password, passlen, password, passlen, workgroup); - *new_vuid = cli->vuid; - cli->vuid = old_vuid; - fstrcpy(cli->user_name, old_user_name); - return ret; + return True; } @@ -340,16 +311,16 @@ static BOOL rw_torture(struct cli_state *c) static BOOL run_torture(int dummy) { - struct cli_state *cli; + struct cli_state cli; BOOL ret; cli = current_cli; - cli_sockopt(cli, sockops); + cli_sockopt(&cli, sockops); - ret = rw_torture(cli); + ret = rw_torture(&cli); - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { ret = False; } @@ -359,7 +330,7 @@ static BOOL run_torture(int dummy) static BOOL rw_torture3(struct cli_state *c, char *lockfname) { int fnum = -1; - unsigned int i = 0; + int i = 0; char buf[131072]; char buf_rd[131072]; unsigned count; @@ -533,28 +504,28 @@ static BOOL rw_torture2(struct cli_state *c1, struct cli_state *c2) static BOOL run_readwritetest(int dummy) { - static struct cli_state *cli1, *cli2; + static struct cli_state cli1, cli2; BOOL test1, test2; if (!torture_open_connection(&cli1) || !torture_open_connection(&cli2)) { return False; } - cli_sockopt(cli1, sockops); - cli_sockopt(cli2, sockops); + cli_sockopt(&cli1, sockops); + cli_sockopt(&cli2, sockops); printf("starting readwritetest\n"); - test1 = rw_torture2(cli1, cli2); + test1 = rw_torture2(&cli1, &cli2); printf("Passed readwritetest v1: %s\n", BOOLSTR(test1)); - test2 = rw_torture2(cli1, cli1); + test2 = rw_torture2(&cli1, &cli1); printf("Passed readwritetest v2: %s\n", BOOLSTR(test2)); - if (!torture_close_connection(cli1)) { + if (!torture_close_connection(&cli1)) { test1 = False; } - if (!torture_close_connection(cli2)) { + if (!torture_close_connection(&cli2)) { test2 = False; } @@ -563,7 +534,7 @@ static BOOL run_readwritetest(int dummy) static BOOL run_readwritemulti(int dummy) { - struct cli_state *cli; + static struct cli_state cli; BOOL test; cli = current_cli; @@ -582,7 +553,7 @@ static BOOL run_readwritemulti(int dummy) static BOOL run_readwritelarge(int dummy) { - static struct cli_state *cli1; + static struct cli_state cli1; int fnum1; const char *lockfname = "\\large.dat"; size_t fsize; @@ -592,25 +563,25 @@ static BOOL run_readwritelarge(int dummy) if (!torture_open_connection(&cli1)) { return False; } - cli_sockopt(cli1, sockops); + cli_sockopt(&cli1, sockops); memset(buf,'\0',sizeof(buf)); - cli1->max_xmit = 128*1024; + cli1.max_xmit = 128*1024; printf("starting readwritelarge\n"); - cli_unlink(cli1, lockfname); + cli_unlink(&cli1, lockfname); - fnum1 = cli_open(cli1, lockfname, O_RDWR | O_CREAT | O_EXCL, DENY_NONE); + fnum1 = cli_open(&cli1, lockfname, O_RDWR | O_CREAT | O_EXCL, DENY_NONE); if (fnum1 == -1) { - printf("open read/write of %s failed (%s)\n", lockfname, cli_errstr(cli1)); + printf("open read/write of %s failed (%s)\n", lockfname, cli_errstr(&cli1)); return False; } - cli_write(cli1, fnum1, 0, buf, 0, sizeof(buf)); + cli_write(&cli1, fnum1, 0, buf, 0, sizeof(buf)); - if (!cli_qfileinfo(cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) { - printf("qfileinfo failed (%s)\n", cli_errstr(cli1)); + if (!cli_qfileinfo(&cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) { + printf("qfileinfo failed (%s)\n", cli_errstr(&cli1)); correct = False; } @@ -621,28 +592,28 @@ static BOOL run_readwritelarge(int dummy) correct = False; } - if (!cli_close(cli1, fnum1)) { - printf("close failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close failed (%s)\n", cli_errstr(&cli1)); correct = False; } - if (!cli_unlink(cli1, lockfname)) { - printf("unlink failed (%s)\n", cli_errstr(cli1)); + if (!cli_unlink(&cli1, lockfname)) { + printf("unlink failed (%s)\n", cli_errstr(&cli1)); correct = False; } - fnum1 = cli_open(cli1, lockfname, O_RDWR | O_CREAT | O_EXCL, DENY_NONE); + fnum1 = cli_open(&cli1, lockfname, O_RDWR | O_CREAT | O_EXCL, DENY_NONE); if (fnum1 == -1) { - printf("open read/write of %s failed (%s)\n", lockfname, cli_errstr(cli1)); + printf("open read/write of %s failed (%s)\n", lockfname, cli_errstr(&cli1)); return False; } - cli1->max_xmit = 4*1024; + cli1.max_xmit = 4*1024; - cli_smbwrite(cli1, fnum1, buf, 0, sizeof(buf)); + cli_smbwrite(&cli1, fnum1, buf, 0, sizeof(buf)); - if (!cli_qfileinfo(cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) { - printf("qfileinfo failed (%s)\n", cli_errstr(cli1)); + if (!cli_qfileinfo(&cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) { + printf("qfileinfo failed (%s)\n", cli_errstr(&cli1)); correct = False; } @@ -655,28 +626,28 @@ static BOOL run_readwritelarge(int dummy) #if 0 /* ToDo - set allocation. JRA */ - if(!cli_set_allocation_size(cli1, fnum1, 0)) { + if(!cli_set_allocation_size(&cli1, fnum1, 0)) { printf("set allocation size to zero failed (%s)\n", cli_errstr(&cli1)); return False; } - if (!cli_qfileinfo(cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) { - printf("qfileinfo failed (%s)\n", cli_errstr(cli1)); + if (!cli_qfileinfo(&cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) { + printf("qfileinfo failed (%s)\n", cli_errstr(&cli1)); correct = False; } if (fsize != 0) printf("readwritelarge test 3 (truncate test) succeeded (size = %x)\n", fsize); #endif - if (!cli_close(cli1, fnum1)) { - printf("close failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close failed (%s)\n", cli_errstr(&cli1)); correct = False; } - if (!torture_close_connection(cli1)) { + if (!torture_close_connection(&cli1)) { correct = False; } return correct; -} + } int line_count = 0; int nbio_id; @@ -686,7 +657,7 @@ int nbio_id; /* run a test that simulates an approximate netbench client load */ static BOOL run_netbench(int client) { - struct cli_state *cli; + struct cli_state cli; int i; fstring fname; pstring line; @@ -699,9 +670,9 @@ static BOOL run_netbench(int client) nbio_id = client; - cli_sockopt(cli, sockops); + cli_sockopt(&cli, sockops); - nb_setup(cli); + nb_setup(&cli); slprintf(cname,sizeof(fname), "client%d", client); @@ -773,7 +744,7 @@ static BOOL run_netbench(int client) nb_cleanup(); - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } @@ -811,7 +782,7 @@ static BOOL run_nbench(int dummy) */ static BOOL run_locktest1(int dummy) { - struct cli_state *cli1, *cli2; + static struct cli_state cli1, cli2; const char *fname = "\\lockt1.lck"; int fnum1, fnum2, fnum3; time_t t1, t2; @@ -820,40 +791,40 @@ static BOOL run_locktest1(int dummy) if (!torture_open_connection(&cli1) || !torture_open_connection(&cli2)) { return False; } - cli_sockopt(cli1, sockops); - cli_sockopt(cli2, sockops); + cli_sockopt(&cli1, sockops); + cli_sockopt(&cli2, sockops); printf("starting locktest1\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); - fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); if (fnum1 == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - fnum2 = cli_open(cli1, fname, O_RDWR, DENY_NONE); + fnum2 = cli_open(&cli1, fname, O_RDWR, DENY_NONE); if (fnum2 == -1) { - printf("open2 of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("open2 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - fnum3 = cli_open(cli2, fname, O_RDWR, DENY_NONE); + fnum3 = cli_open(&cli2, fname, O_RDWR, DENY_NONE); if (fnum3 == -1) { - printf("open3 of %s failed (%s)\n", fname, cli_errstr(cli2)); + printf("open3 of %s failed (%s)\n", fname, cli_errstr(&cli2)); return False; } - if (!cli_lock(cli1, fnum1, 0, 4, 0, WRITE_LOCK)) { - printf("lock1 failed (%s)\n", cli_errstr(cli1)); + if (!cli_lock(&cli1, fnum1, 0, 4, 0, WRITE_LOCK)) { + printf("lock1 failed (%s)\n", cli_errstr(&cli1)); return False; } - if (cli_lock(cli2, fnum3, 0, 4, 0, WRITE_LOCK)) { + if (cli_lock(&cli2, fnum3, 0, 4, 0, WRITE_LOCK)) { printf("lock2 succeeded! This is a locking bug\n"); return False; } else { - if (!check_error(__LINE__, cli2, ERRDOS, ERRlock, + if (!check_error(__LINE__, &cli2, ERRDOS, ERRlock, NT_STATUS_LOCK_NOT_GRANTED)) return False; } @@ -861,11 +832,11 @@ static BOOL run_locktest1(int dummy) lock_timeout = (1 + (random() % 20)); printf("Testing lock timeout with timeout=%u\n", lock_timeout); t1 = time(NULL); - if (cli_lock(cli2, fnum3, 0, 4, lock_timeout * 1000, WRITE_LOCK)) { + if (cli_lock(&cli2, fnum3, 0, 4, lock_timeout * 1000, WRITE_LOCK)) { printf("lock3 succeeded! This is a locking bug\n"); return False; } else { - if (!check_error(__LINE__, cli2, ERRDOS, ERRlock, + if (!check_error(__LINE__, &cli2, ERRDOS, ERRlock, NT_STATUS_FILE_LOCK_CONFLICT)) return False; } t2 = time(NULL); @@ -876,40 +847,40 @@ static BOOL run_locktest1(int dummy) printf("server slept for %u seconds for a %u second timeout\n", (unsigned int)(t2-t1), lock_timeout); - if (!cli_close(cli1, fnum2)) { - printf("close1 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum2)) { + printf("close1 failed (%s)\n", cli_errstr(&cli1)); return False; } - if (cli_lock(cli2, fnum3, 0, 4, 0, WRITE_LOCK)) { + if (cli_lock(&cli2, fnum3, 0, 4, 0, WRITE_LOCK)) { printf("lock4 succeeded! This is a locking bug\n"); return False; } else { - if (!check_error(__LINE__, cli2, ERRDOS, ERRlock, + if (!check_error(__LINE__, &cli2, ERRDOS, ERRlock, NT_STATUS_FILE_LOCK_CONFLICT)) return False; } - if (!cli_close(cli1, fnum1)) { - printf("close2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close2 failed (%s)\n", cli_errstr(&cli1)); return False; } - if (!cli_close(cli2, fnum3)) { - printf("close3 failed (%s)\n", cli_errstr(cli2)); + if (!cli_close(&cli2, fnum3)) { + printf("close3 failed (%s)\n", cli_errstr(&cli2)); return False; } - if (!cli_unlink(cli1, fname)) { - printf("unlink failed (%s)\n", cli_errstr(cli1)); + if (!cli_unlink(&cli1, fname)) { + printf("unlink failed (%s)\n", cli_errstr(&cli1)); return False; } - if (!torture_close_connection(cli1)) { + if (!torture_close_connection(&cli1)) { return False; } - if (!torture_close_connection(cli2)) { + if (!torture_close_connection(&cli2)) { return False; } @@ -918,144 +889,76 @@ static BOOL run_locktest1(int dummy) } /* - this checks to see if a secondary tconx can use open files from an - earlier tconx + checks for correct tconX support */ static BOOL run_tcon_test(int dummy) { - static struct cli_state *cli; + static struct cli_state cli1; const char *fname = "\\tcontest.tmp"; int fnum1; - uint16 cnum1, cnum2, cnum3; - uint16 vuid1, vuid2; + uint16 cnum; char buf[4]; - BOOL ret = True; - if (!torture_open_connection(&cli)) { + if (!torture_open_connection(&cli1)) { return False; } - cli_sockopt(cli, sockops); + cli_sockopt(&cli1, sockops); printf("starting tcontest\n"); - cli_unlink(cli, fname); + cli_unlink(&cli1, fname); - fnum1 = cli_open(cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); - if (fnum1 == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli)); + fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + if (fnum1 == -1) + { + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - cnum1 = cli->cnum; - vuid1 = cli->vuid; + cnum = cli1.cnum; - if (cli_write(cli, fnum1, 0, buf, 130, 4) != 4) { - printf("initial write failed (%s)", cli_errstr(cli)); + if (cli_write(&cli1, fnum1, 0, buf, 130, 4) != 4) + { + printf("write failed (%s)", cli_errstr(&cli1)); return False; } - if (!cli_send_tconX(cli, share, "?????", + if (!cli_send_tconX(&cli1, share, "?????", password, strlen(password)+1)) { printf("%s refused 2nd tree connect (%s)\n", host, - cli_errstr(cli)); - cli_shutdown(cli); + cli_errstr(&cli1)); + cli_shutdown(&cli1); return False; } - cnum2 = cli->cnum; - cnum3 = MAX(cnum1, cnum2) + 1; /* any invalid number */ - vuid2 = cli->vuid + 1; - - /* try a write with the wrong tid */ - cli->cnum = cnum2; - - if (cli_write(cli, fnum1, 0, buf, 130, 4) == 4) { - printf("* server allows write with wrong TID\n"); - ret = False; - } else { - printf("server fails write with wrong TID : %s\n", cli_errstr(cli)); - } - - - /* try a write with an invalid tid */ - cli->cnum = cnum3; - - if (cli_write(cli, fnum1, 0, buf, 130, 4) == 4) { - printf("* server allows write with invalid TID\n"); - ret = False; - } else { - printf("server fails write with invalid TID : %s\n", cli_errstr(cli)); - } - - /* try a write with an invalid vuid */ - cli->vuid = vuid2; - cli->cnum = cnum1; - - if (cli_write(cli, fnum1, 0, buf, 130, 4) == 4) { - printf("* server allows write with invalid VUID\n"); - ret = False; - } else { - printf("server fails write with invalid VUID : %s\n", cli_errstr(cli)); - } - - cli->cnum = cnum1; - cli->vuid = vuid1; - - if (!cli_close(cli, fnum1)) { - printf("close failed (%s)\n", cli_errstr(cli)); + if (cli_write(&cli1, fnum1, 0, buf, 130, 4) == 4) + { + printf("write succeeded (%s)", cli_errstr(&cli1)); return False; } - cli->cnum = cnum2; - - if (!cli_tdis(cli)) { - printf("secondary tdis failed (%s)\n", cli_errstr(cli)); + if (cli_close(&cli1, fnum1)) { + printf("close2 succeeded (%s)\n", cli_errstr(&cli1)); return False; } - cli->cnum = cnum1; - - if (!torture_close_connection(cli)) { + if (!cli_tdis(&cli1)) { + printf("tdis failed (%s)\n", cli_errstr(&cli1)); return False; } - return ret; -} - + cli1.cnum = cnum; -/* - checks for old style tcon support - */ -static BOOL run_tcon2_test(int dummy) -{ - static struct cli_state *cli; - uint16 cnum, max_xmit; - char *service; - NTSTATUS status; - - if (!torture_open_connection(&cli)) { + if (!cli_close(&cli1, fnum1)) { + printf("close2 failed (%s)\n", cli_errstr(&cli1)); return False; } - cli_sockopt(cli, sockops); - printf("starting tcon2 test\n"); - - asprintf(&service, "\\\\%s\\%s", host, share); - - status = cli_raw_tcon(cli, service, password, "?????", &max_xmit, &cnum); - - if (!NT_STATUS_IS_OK(status)) { - printf("tcon2 failed : %s\n", cli_errstr(cli)); - } else { - printf("tcon OK : max_xmit=%d cnum=%d tid=%d\n", - (int)max_xmit, (int)cnum, SVAL(cli->inbuf, smb_tid)); - } - - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli1)) { return False; } - printf("Passed tcon2 test\n"); + printf("Passed tcontest\n"); return True; } @@ -1172,7 +1075,7 @@ static BOOL run_tcon_devtype_test(int dummy) */ static BOOL run_locktest2(int dummy) { - static struct cli_state *cli; + static struct cli_state cli; const char *fname = "\\lockt2.lck"; int fnum1, fnum2, fnum3; BOOL correct = True; @@ -1181,117 +1084,117 @@ static BOOL run_locktest2(int dummy) return False; } - cli_sockopt(cli, sockops); + cli_sockopt(&cli, sockops); printf("starting locktest2\n"); - cli_unlink(cli, fname); + cli_unlink(&cli, fname); - cli_setpid(cli, 1); + cli_setpid(&cli, 1); - fnum1 = cli_open(cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + fnum1 = cli_open(&cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); if (fnum1 == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli)); + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli)); return False; } - fnum2 = cli_open(cli, fname, O_RDWR, DENY_NONE); + fnum2 = cli_open(&cli, fname, O_RDWR, DENY_NONE); if (fnum2 == -1) { - printf("open2 of %s failed (%s)\n", fname, cli_errstr(cli)); + printf("open2 of %s failed (%s)\n", fname, cli_errstr(&cli)); return False; } - cli_setpid(cli, 2); + cli_setpid(&cli, 2); - fnum3 = cli_open(cli, fname, O_RDWR, DENY_NONE); + fnum3 = cli_open(&cli, fname, O_RDWR, DENY_NONE); if (fnum3 == -1) { - printf("open3 of %s failed (%s)\n", fname, cli_errstr(cli)); + printf("open3 of %s failed (%s)\n", fname, cli_errstr(&cli)); return False; } - cli_setpid(cli, 1); + cli_setpid(&cli, 1); - if (!cli_lock(cli, fnum1, 0, 4, 0, WRITE_LOCK)) { - printf("lock1 failed (%s)\n", cli_errstr(cli)); + if (!cli_lock(&cli, fnum1, 0, 4, 0, WRITE_LOCK)) { + printf("lock1 failed (%s)\n", cli_errstr(&cli)); return False; } - if (cli_lock(cli, fnum1, 0, 4, 0, WRITE_LOCK)) { + if (cli_lock(&cli, fnum1, 0, 4, 0, WRITE_LOCK)) { printf("WRITE lock1 succeeded! This is a locking bug\n"); correct = False; } else { - if (!check_error(__LINE__, cli, ERRDOS, ERRlock, + if (!check_error(__LINE__, &cli, ERRDOS, ERRlock, NT_STATUS_LOCK_NOT_GRANTED)) return False; } - if (cli_lock(cli, fnum2, 0, 4, 0, WRITE_LOCK)) { + if (cli_lock(&cli, fnum2, 0, 4, 0, WRITE_LOCK)) { printf("WRITE lock2 succeeded! This is a locking bug\n"); correct = False; } else { - if (!check_error(__LINE__, cli, ERRDOS, ERRlock, + if (!check_error(__LINE__, &cli, ERRDOS, ERRlock, NT_STATUS_LOCK_NOT_GRANTED)) return False; } - if (cli_lock(cli, fnum2, 0, 4, 0, READ_LOCK)) { + if (cli_lock(&cli, fnum2, 0, 4, 0, READ_LOCK)) { printf("READ lock2 succeeded! This is a locking bug\n"); correct = False; } else { - if (!check_error(__LINE__, cli, ERRDOS, ERRlock, + if (!check_error(__LINE__, &cli, ERRDOS, ERRlock, NT_STATUS_FILE_LOCK_CONFLICT)) return False; } - if (!cli_lock(cli, fnum1, 100, 4, 0, WRITE_LOCK)) { - printf("lock at 100 failed (%s)\n", cli_errstr(cli)); + if (!cli_lock(&cli, fnum1, 100, 4, 0, WRITE_LOCK)) { + printf("lock at 100 failed (%s)\n", cli_errstr(&cli)); } - cli_setpid(cli, 2); - if (cli_unlock(cli, fnum1, 100, 4)) { + cli_setpid(&cli, 2); + if (cli_unlock(&cli, fnum1, 100, 4)) { printf("unlock at 100 succeeded! This is a locking bug\n"); correct = False; } - if (cli_unlock(cli, fnum1, 0, 4)) { + if (cli_unlock(&cli, fnum1, 0, 4)) { printf("unlock1 succeeded! This is a locking bug\n"); correct = False; } else { - if (!check_error(__LINE__, cli, + if (!check_error(__LINE__, &cli, ERRDOS, ERRlock, NT_STATUS_RANGE_NOT_LOCKED)) return False; } - if (cli_unlock(cli, fnum1, 0, 8)) { + if (cli_unlock(&cli, fnum1, 0, 8)) { printf("unlock2 succeeded! This is a locking bug\n"); correct = False; } else { - if (!check_error(__LINE__, cli, + if (!check_error(__LINE__, &cli, ERRDOS, ERRlock, NT_STATUS_RANGE_NOT_LOCKED)) return False; } - if (cli_lock(cli, fnum3, 0, 4, 0, WRITE_LOCK)) { + if (cli_lock(&cli, fnum3, 0, 4, 0, WRITE_LOCK)) { printf("lock3 succeeded! This is a locking bug\n"); correct = False; } else { - if (!check_error(__LINE__, cli, ERRDOS, ERRlock, NT_STATUS_LOCK_NOT_GRANTED)) return False; + if (!check_error(__LINE__, &cli, ERRDOS, ERRlock, NT_STATUS_LOCK_NOT_GRANTED)) return False; } - cli_setpid(cli, 1); + cli_setpid(&cli, 1); - if (!cli_close(cli, fnum1)) { - printf("close1 failed (%s)\n", cli_errstr(cli)); + if (!cli_close(&cli, fnum1)) { + printf("close1 failed (%s)\n", cli_errstr(&cli)); return False; } - if (!cli_close(cli, fnum2)) { - printf("close2 failed (%s)\n", cli_errstr(cli)); + if (!cli_close(&cli, fnum2)) { + printf("close2 failed (%s)\n", cli_errstr(&cli)); return False; } - if (!cli_close(cli, fnum3)) { - printf("close3 failed (%s)\n", cli_errstr(cli)); + if (!cli_close(&cli, fnum3)) { + printf("close3 failed (%s)\n", cli_errstr(&cli)); return False; } - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } @@ -1308,7 +1211,7 @@ static BOOL run_locktest2(int dummy) */ static BOOL run_locktest3(int dummy) { - static struct cli_state *cli1, *cli2; + static struct cli_state cli1, cli2; const char *fname = "\\lockt3.lck"; int fnum1, fnum2, i; uint32 offset; @@ -1319,37 +1222,37 @@ static BOOL run_locktest3(int dummy) if (!torture_open_connection(&cli1) || !torture_open_connection(&cli2)) { return False; } - cli_sockopt(cli1, sockops); - cli_sockopt(cli2, sockops); + cli_sockopt(&cli1, sockops); + cli_sockopt(&cli2, sockops); printf("starting locktest3\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); - fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); if (fnum1 == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - fnum2 = cli_open(cli2, fname, O_RDWR, DENY_NONE); + fnum2 = cli_open(&cli2, fname, O_RDWR, DENY_NONE); if (fnum2 == -1) { - printf("open2 of %s failed (%s)\n", fname, cli_errstr(cli2)); + printf("open2 of %s failed (%s)\n", fname, cli_errstr(&cli2)); return False; } for (offset=i=0;i<torture_numops;i++) { NEXT_OFFSET; - if (!cli_lock(cli1, fnum1, offset-1, 1, 0, WRITE_LOCK)) { + if (!cli_lock(&cli1, fnum1, offset-1, 1, 0, WRITE_LOCK)) { printf("lock1 %d failed (%s)\n", i, - cli_errstr(cli1)); + cli_errstr(&cli1)); return False; } - if (!cli_lock(cli2, fnum2, offset-2, 1, 0, WRITE_LOCK)) { + if (!cli_lock(&cli2, fnum2, offset-2, 1, 0, WRITE_LOCK)) { printf("lock2 %d failed (%s)\n", i, - cli_errstr(cli1)); + cli_errstr(&cli1)); return False; } } @@ -1357,22 +1260,22 @@ static BOOL run_locktest3(int dummy) for (offset=i=0;i<torture_numops;i++) { NEXT_OFFSET; - if (cli_lock(cli1, fnum1, offset-2, 1, 0, WRITE_LOCK)) { + if (cli_lock(&cli1, fnum1, offset-2, 1, 0, WRITE_LOCK)) { printf("error: lock1 %d succeeded!\n", i); return False; } - if (cli_lock(cli2, fnum2, offset-1, 1, 0, WRITE_LOCK)) { + if (cli_lock(&cli2, fnum2, offset-1, 1, 0, WRITE_LOCK)) { printf("error: lock2 %d succeeded!\n", i); return False; } - if (cli_lock(cli1, fnum1, offset-1, 1, 0, WRITE_LOCK)) { + if (cli_lock(&cli1, fnum1, offset-1, 1, 0, WRITE_LOCK)) { printf("error: lock3 %d succeeded!\n", i); return False; } - if (cli_lock(cli2, fnum2, offset-2, 1, 0, WRITE_LOCK)) { + if (cli_lock(&cli2, fnum2, offset-2, 1, 0, WRITE_LOCK)) { printf("error: lock4 %d succeeded!\n", i); return False; } @@ -1381,41 +1284,41 @@ static BOOL run_locktest3(int dummy) for (offset=i=0;i<torture_numops;i++) { NEXT_OFFSET; - if (!cli_unlock(cli1, fnum1, offset-1, 1)) { + if (!cli_unlock(&cli1, fnum1, offset-1, 1)) { printf("unlock1 %d failed (%s)\n", i, - cli_errstr(cli1)); + cli_errstr(&cli1)); return False; } - if (!cli_unlock(cli2, fnum2, offset-2, 1)) { + if (!cli_unlock(&cli2, fnum2, offset-2, 1)) { printf("unlock2 %d failed (%s)\n", i, - cli_errstr(cli1)); + cli_errstr(&cli1)); return False; } } - if (!cli_close(cli1, fnum1)) { - printf("close1 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close1 failed (%s)\n", cli_errstr(&cli1)); return False; } - if (!cli_close(cli2, fnum2)) { - printf("close2 failed (%s)\n", cli_errstr(cli2)); + if (!cli_close(&cli2, fnum2)) { + printf("close2 failed (%s)\n", cli_errstr(&cli2)); return False; } - if (!cli_unlink(cli1, fname)) { - printf("unlink failed (%s)\n", cli_errstr(cli1)); + if (!cli_unlink(&cli1, fname)) { + printf("unlink failed (%s)\n", cli_errstr(&cli1)); return False; } - if (!torture_close_connection(cli1)) { + if (!torture_close_connection(&cli1)) { correct = False; } - if (!torture_close_connection(cli2)) { + if (!torture_close_connection(&cli2)) { correct = False; } @@ -1433,7 +1336,7 @@ static BOOL run_locktest3(int dummy) */ static BOOL run_locktest4(int dummy) { - static struct cli_state *cli1, *cli2; + static struct cli_state cli1, cli2; const char *fname = "\\lockt4.lck"; int fnum1, fnum2, f; BOOL ret; @@ -1444,156 +1347,156 @@ static BOOL run_locktest4(int dummy) return False; } - cli_sockopt(cli1, sockops); - cli_sockopt(cli2, sockops); + cli_sockopt(&cli1, sockops); + cli_sockopt(&cli2, sockops); printf("starting locktest4\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); - fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); - fnum2 = cli_open(cli2, fname, O_RDWR, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + fnum2 = cli_open(&cli2, fname, O_RDWR, DENY_NONE); memset(buf, 0, sizeof(buf)); - if (cli_write(cli1, fnum1, 0, buf, 0, sizeof(buf)) != sizeof(buf)) { + if (cli_write(&cli1, fnum1, 0, buf, 0, sizeof(buf)) != sizeof(buf)) { printf("Failed to create file\n"); correct = False; goto fail; } - ret = cli_lock(cli1, fnum1, 0, 4, 0, WRITE_LOCK) && - cli_lock(cli1, fnum1, 2, 4, 0, WRITE_LOCK); + ret = cli_lock(&cli1, fnum1, 0, 4, 0, WRITE_LOCK) && + cli_lock(&cli1, fnum1, 2, 4, 0, WRITE_LOCK); EXPECTED(ret, False); printf("the same process %s set overlapping write locks\n", ret?"can":"cannot"); - ret = cli_lock(cli1, fnum1, 10, 4, 0, READ_LOCK) && - cli_lock(cli1, fnum1, 12, 4, 0, READ_LOCK); + ret = cli_lock(&cli1, fnum1, 10, 4, 0, READ_LOCK) && + cli_lock(&cli1, fnum1, 12, 4, 0, READ_LOCK); EXPECTED(ret, True); printf("the same process %s set overlapping read locks\n", ret?"can":"cannot"); - ret = cli_lock(cli1, fnum1, 20, 4, 0, WRITE_LOCK) && - cli_lock(cli2, fnum2, 22, 4, 0, WRITE_LOCK); + ret = cli_lock(&cli1, fnum1, 20, 4, 0, WRITE_LOCK) && + cli_lock(&cli2, fnum2, 22, 4, 0, WRITE_LOCK); EXPECTED(ret, False); printf("a different connection %s set overlapping write locks\n", ret?"can":"cannot"); - ret = cli_lock(cli1, fnum1, 30, 4, 0, READ_LOCK) && - cli_lock(cli2, fnum2, 32, 4, 0, READ_LOCK); + ret = cli_lock(&cli1, fnum1, 30, 4, 0, READ_LOCK) && + cli_lock(&cli2, fnum2, 32, 4, 0, READ_LOCK); EXPECTED(ret, True); printf("a different connection %s set overlapping read locks\n", ret?"can":"cannot"); - ret = (cli_setpid(cli1, 1), cli_lock(cli1, fnum1, 40, 4, 0, WRITE_LOCK)) && - (cli_setpid(cli1, 2), cli_lock(cli1, fnum1, 42, 4, 0, WRITE_LOCK)); + ret = (cli_setpid(&cli1, 1), cli_lock(&cli1, fnum1, 40, 4, 0, WRITE_LOCK)) && + (cli_setpid(&cli1, 2), cli_lock(&cli1, fnum1, 42, 4, 0, WRITE_LOCK)); EXPECTED(ret, False); printf("a different pid %s set overlapping write locks\n", ret?"can":"cannot"); - ret = (cli_setpid(cli1, 1), cli_lock(cli1, fnum1, 50, 4, 0, READ_LOCK)) && - (cli_setpid(cli1, 2), cli_lock(cli1, fnum1, 52, 4, 0, READ_LOCK)); + ret = (cli_setpid(&cli1, 1), cli_lock(&cli1, fnum1, 50, 4, 0, READ_LOCK)) && + (cli_setpid(&cli1, 2), cli_lock(&cli1, fnum1, 52, 4, 0, READ_LOCK)); EXPECTED(ret, True); printf("a different pid %s set overlapping read locks\n", ret?"can":"cannot"); - ret = cli_lock(cli1, fnum1, 60, 4, 0, READ_LOCK) && - cli_lock(cli1, fnum1, 60, 4, 0, READ_LOCK); + ret = cli_lock(&cli1, fnum1, 60, 4, 0, READ_LOCK) && + cli_lock(&cli1, fnum1, 60, 4, 0, READ_LOCK); EXPECTED(ret, True); printf("the same process %s set the same read lock twice\n", ret?"can":"cannot"); - ret = cli_lock(cli1, fnum1, 70, 4, 0, WRITE_LOCK) && - cli_lock(cli1, fnum1, 70, 4, 0, WRITE_LOCK); + ret = cli_lock(&cli1, fnum1, 70, 4, 0, WRITE_LOCK) && + cli_lock(&cli1, fnum1, 70, 4, 0, WRITE_LOCK); EXPECTED(ret, False); printf("the same process %s set the same write lock twice\n", ret?"can":"cannot"); - ret = cli_lock(cli1, fnum1, 80, 4, 0, READ_LOCK) && - cli_lock(cli1, fnum1, 80, 4, 0, WRITE_LOCK); + ret = cli_lock(&cli1, fnum1, 80, 4, 0, READ_LOCK) && + cli_lock(&cli1, fnum1, 80, 4, 0, WRITE_LOCK); EXPECTED(ret, False); printf("the same process %s overlay a read lock with a write lock\n", ret?"can":"cannot"); - ret = cli_lock(cli1, fnum1, 90, 4, 0, WRITE_LOCK) && - cli_lock(cli1, fnum1, 90, 4, 0, READ_LOCK); + ret = cli_lock(&cli1, fnum1, 90, 4, 0, WRITE_LOCK) && + cli_lock(&cli1, fnum1, 90, 4, 0, READ_LOCK); EXPECTED(ret, True); printf("the same process %s overlay a write lock with a read lock\n", ret?"can":"cannot"); - ret = (cli_setpid(cli1, 1), cli_lock(cli1, fnum1, 100, 4, 0, WRITE_LOCK)) && - (cli_setpid(cli1, 2), cli_lock(cli1, fnum1, 100, 4, 0, READ_LOCK)); + ret = (cli_setpid(&cli1, 1), cli_lock(&cli1, fnum1, 100, 4, 0, WRITE_LOCK)) && + (cli_setpid(&cli1, 2), cli_lock(&cli1, fnum1, 100, 4, 0, READ_LOCK)); EXPECTED(ret, False); printf("a different pid %s overlay a write lock with a read lock\n", ret?"can":"cannot"); - ret = cli_lock(cli1, fnum1, 110, 4, 0, READ_LOCK) && - cli_lock(cli1, fnum1, 112, 4, 0, READ_LOCK) && - cli_unlock(cli1, fnum1, 110, 6); + ret = cli_lock(&cli1, fnum1, 110, 4, 0, READ_LOCK) && + cli_lock(&cli1, fnum1, 112, 4, 0, READ_LOCK) && + cli_unlock(&cli1, fnum1, 110, 6); EXPECTED(ret, False); printf("the same process %s coalesce read locks\n", ret?"can":"cannot"); - ret = cli_lock(cli1, fnum1, 120, 4, 0, WRITE_LOCK) && - (cli_read(cli2, fnum2, buf, 120, 4) == 4); + ret = cli_lock(&cli1, fnum1, 120, 4, 0, WRITE_LOCK) && + (cli_read(&cli2, fnum2, buf, 120, 4) == 4); EXPECTED(ret, False); printf("this server %s strict write locking\n", ret?"doesn't do":"does"); - ret = cli_lock(cli1, fnum1, 130, 4, 0, READ_LOCK) && - (cli_write(cli2, fnum2, 0, buf, 130, 4) == 4); + ret = cli_lock(&cli1, fnum1, 130, 4, 0, READ_LOCK) && + (cli_write(&cli2, fnum2, 0, buf, 130, 4) == 4); EXPECTED(ret, False); printf("this server %s strict read locking\n", ret?"doesn't do":"does"); - ret = cli_lock(cli1, fnum1, 140, 4, 0, READ_LOCK) && - cli_lock(cli1, fnum1, 140, 4, 0, READ_LOCK) && - cli_unlock(cli1, fnum1, 140, 4) && - cli_unlock(cli1, fnum1, 140, 4); + ret = cli_lock(&cli1, fnum1, 140, 4, 0, READ_LOCK) && + cli_lock(&cli1, fnum1, 140, 4, 0, READ_LOCK) && + cli_unlock(&cli1, fnum1, 140, 4) && + cli_unlock(&cli1, fnum1, 140, 4); EXPECTED(ret, True); printf("this server %s do recursive read locking\n", ret?"does":"doesn't"); - ret = cli_lock(cli1, fnum1, 150, 4, 0, WRITE_LOCK) && - cli_lock(cli1, fnum1, 150, 4, 0, READ_LOCK) && - cli_unlock(cli1, fnum1, 150, 4) && - (cli_read(cli2, fnum2, buf, 150, 4) == 4) && - !(cli_write(cli2, fnum2, 0, buf, 150, 4) == 4) && - cli_unlock(cli1, fnum1, 150, 4); + ret = cli_lock(&cli1, fnum1, 150, 4, 0, WRITE_LOCK) && + cli_lock(&cli1, fnum1, 150, 4, 0, READ_LOCK) && + cli_unlock(&cli1, fnum1, 150, 4) && + (cli_read(&cli2, fnum2, buf, 150, 4) == 4) && + !(cli_write(&cli2, fnum2, 0, buf, 150, 4) == 4) && + cli_unlock(&cli1, fnum1, 150, 4); EXPECTED(ret, True); printf("this server %s do recursive lock overlays\n", ret?"does":"doesn't"); - ret = cli_lock(cli1, fnum1, 160, 4, 0, READ_LOCK) && - cli_unlock(cli1, fnum1, 160, 4) && - (cli_write(cli2, fnum2, 0, buf, 160, 4) == 4) && - (cli_read(cli2, fnum2, buf, 160, 4) == 4); + ret = cli_lock(&cli1, fnum1, 160, 4, 0, READ_LOCK) && + cli_unlock(&cli1, fnum1, 160, 4) && + (cli_write(&cli2, fnum2, 0, buf, 160, 4) == 4) && + (cli_read(&cli2, fnum2, buf, 160, 4) == 4); EXPECTED(ret, True); printf("the same process %s remove a read lock using write locking\n", ret?"can":"cannot"); - ret = cli_lock(cli1, fnum1, 170, 4, 0, WRITE_LOCK) && - cli_unlock(cli1, fnum1, 170, 4) && - (cli_write(cli2, fnum2, 0, buf, 170, 4) == 4) && - (cli_read(cli2, fnum2, buf, 170, 4) == 4); + ret = cli_lock(&cli1, fnum1, 170, 4, 0, WRITE_LOCK) && + cli_unlock(&cli1, fnum1, 170, 4) && + (cli_write(&cli2, fnum2, 0, buf, 170, 4) == 4) && + (cli_read(&cli2, fnum2, buf, 170, 4) == 4); EXPECTED(ret, True); printf("the same process %s remove a write lock using read locking\n", ret?"can":"cannot"); - ret = cli_lock(cli1, fnum1, 190, 4, 0, WRITE_LOCK) && - cli_lock(cli1, fnum1, 190, 4, 0, READ_LOCK) && - cli_unlock(cli1, fnum1, 190, 4) && - !(cli_write(cli2, fnum2, 0, buf, 190, 4) == 4) && - (cli_read(cli2, fnum2, buf, 190, 4) == 4); + ret = cli_lock(&cli1, fnum1, 190, 4, 0, WRITE_LOCK) && + cli_lock(&cli1, fnum1, 190, 4, 0, READ_LOCK) && + cli_unlock(&cli1, fnum1, 190, 4) && + !(cli_write(&cli2, fnum2, 0, buf, 190, 4) == 4) && + (cli_read(&cli2, fnum2, buf, 190, 4) == 4); EXPECTED(ret, True); printf("the same process %s remove the first lock first\n", ret?"does":"doesn't"); - cli_close(cli1, fnum1); - cli_close(cli2, fnum2); - fnum1 = cli_open(cli1, fname, O_RDWR, DENY_NONE); - f = cli_open(cli1, fname, O_RDWR, DENY_NONE); - ret = cli_lock(cli1, fnum1, 0, 8, 0, READ_LOCK) && - cli_lock(cli1, f, 0, 1, 0, READ_LOCK) && - cli_close(cli1, fnum1) && - ((fnum1 = cli_open(cli1, fname, O_RDWR, DENY_NONE)) != -1) && - cli_lock(cli1, fnum1, 7, 1, 0, WRITE_LOCK); - cli_close(cli1, f); - cli_close(cli1, fnum1); + cli_close(&cli1, fnum1); + cli_close(&cli2, fnum2); + fnum1 = cli_open(&cli1, fname, O_RDWR, DENY_NONE); + f = cli_open(&cli1, fname, O_RDWR, DENY_NONE); + ret = cli_lock(&cli1, fnum1, 0, 8, 0, READ_LOCK) && + cli_lock(&cli1, f, 0, 1, 0, READ_LOCK) && + cli_close(&cli1, fnum1) && + ((fnum1 = cli_open(&cli1, fname, O_RDWR, DENY_NONE)) != -1) && + cli_lock(&cli1, fnum1, 7, 1, 0, WRITE_LOCK); + cli_close(&cli1, f); + cli_close(&cli1, fnum1); EXPECTED(ret, True); printf("the server %s have the NT byte range lock bug\n", !ret?"does":"doesn't"); fail: - cli_close(cli1, fnum1); - cli_close(cli2, fnum2); - cli_unlink(cli1, fname); - torture_close_connection(cli1); - torture_close_connection(cli2); + cli_close(&cli1, fnum1); + cli_close(&cli2, fnum2); + cli_unlink(&cli1, fname); + torture_close_connection(&cli1); + torture_close_connection(&cli2); printf("finished locktest4\n"); return correct; @@ -1604,7 +1507,7 @@ static BOOL run_locktest4(int dummy) */ static BOOL run_locktest5(int dummy) { - static struct cli_state *cli1, *cli2; + static struct cli_state cli1, cli2; const char *fname = "\\lockt5.lck"; int fnum1, fnum2, fnum3; BOOL ret; @@ -1615,61 +1518,61 @@ static BOOL run_locktest5(int dummy) return False; } - cli_sockopt(cli1, sockops); - cli_sockopt(cli2, sockops); + cli_sockopt(&cli1, sockops); + cli_sockopt(&cli2, sockops); printf("starting locktest5\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); - fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); - fnum2 = cli_open(cli2, fname, O_RDWR, DENY_NONE); - fnum3 = cli_open(cli1, fname, O_RDWR, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + fnum2 = cli_open(&cli2, fname, O_RDWR, DENY_NONE); + fnum3 = cli_open(&cli1, fname, O_RDWR, DENY_NONE); memset(buf, 0, sizeof(buf)); - if (cli_write(cli1, fnum1, 0, buf, 0, sizeof(buf)) != sizeof(buf)) { + if (cli_write(&cli1, fnum1, 0, buf, 0, sizeof(buf)) != sizeof(buf)) { printf("Failed to create file\n"); correct = False; goto fail; } /* Check for NT bug... */ - ret = cli_lock(cli1, fnum1, 0, 8, 0, READ_LOCK) && - cli_lock(cli1, fnum3, 0, 1, 0, READ_LOCK); - cli_close(cli1, fnum1); - fnum1 = cli_open(cli1, fname, O_RDWR, DENY_NONE); - ret = cli_lock(cli1, fnum1, 7, 1, 0, WRITE_LOCK); + ret = cli_lock(&cli1, fnum1, 0, 8, 0, READ_LOCK) && + cli_lock(&cli1, fnum3, 0, 1, 0, READ_LOCK); + cli_close(&cli1, fnum1); + fnum1 = cli_open(&cli1, fname, O_RDWR, DENY_NONE); + ret = cli_lock(&cli1, fnum1, 7, 1, 0, WRITE_LOCK); EXPECTED(ret, True); printf("this server %s the NT locking bug\n", ret ? "doesn't have" : "has"); - cli_close(cli1, fnum1); - fnum1 = cli_open(cli1, fname, O_RDWR, DENY_NONE); - cli_unlock(cli1, fnum3, 0, 1); + cli_close(&cli1, fnum1); + fnum1 = cli_open(&cli1, fname, O_RDWR, DENY_NONE); + cli_unlock(&cli1, fnum3, 0, 1); - ret = cli_lock(cli1, fnum1, 0, 4, 0, WRITE_LOCK) && - cli_lock(cli1, fnum1, 1, 1, 0, READ_LOCK); + ret = cli_lock(&cli1, fnum1, 0, 4, 0, WRITE_LOCK) && + cli_lock(&cli1, fnum1, 1, 1, 0, READ_LOCK); EXPECTED(ret, True); printf("the same process %s overlay a write with a read lock\n", ret?"can":"cannot"); - ret = cli_lock(cli2, fnum2, 0, 4, 0, READ_LOCK); + ret = cli_lock(&cli2, fnum2, 0, 4, 0, READ_LOCK); EXPECTED(ret, False); printf("a different processs %s get a read lock on the first process lock stack\n", ret?"can":"cannot"); /* Unlock the process 2 lock. */ - cli_unlock(cli2, fnum2, 0, 4); + cli_unlock(&cli2, fnum2, 0, 4); - ret = cli_lock(cli1, fnum3, 0, 4, 0, READ_LOCK); + ret = cli_lock(&cli1, fnum3, 0, 4, 0, READ_LOCK); EXPECTED(ret, False); printf("the same processs on a different fnum %s get a read lock\n", ret?"can":"cannot"); /* Unlock the process 1 fnum3 lock. */ - cli_unlock(cli1, fnum3, 0, 4); + cli_unlock(&cli1, fnum3, 0, 4); /* Stack 2 more locks here. */ - ret = cli_lock(cli1, fnum1, 0, 4, 0, READ_LOCK) && - cli_lock(cli1, fnum1, 0, 4, 0, READ_LOCK); + ret = cli_lock(&cli1, fnum1, 0, 4, 0, READ_LOCK) && + cli_lock(&cli1, fnum1, 0, 4, 0, READ_LOCK); EXPECTED(ret, True); printf("the same process %s stack read locks\n", ret?"can":"cannot"); @@ -1677,44 +1580,44 @@ static BOOL run_locktest5(int dummy) /* Unlock the first process lock, then check this was the WRITE lock that was removed. */ - ret = cli_unlock(cli1, fnum1, 0, 4) && - cli_lock(cli2, fnum2, 0, 4, 0, READ_LOCK); + ret = cli_unlock(&cli1, fnum1, 0, 4) && + cli_lock(&cli2, fnum2, 0, 4, 0, READ_LOCK); EXPECTED(ret, True); printf("the first unlock removes the %s lock\n", ret?"WRITE":"READ"); /* Unlock the process 2 lock. */ - cli_unlock(cli2, fnum2, 0, 4); + cli_unlock(&cli2, fnum2, 0, 4); /* We should have 3 stacked locks here. Ensure we need to do 3 unlocks. */ - ret = cli_unlock(cli1, fnum1, 1, 1) && - cli_unlock(cli1, fnum1, 0, 4) && - cli_unlock(cli1, fnum1, 0, 4); + ret = cli_unlock(&cli1, fnum1, 1, 1) && + cli_unlock(&cli1, fnum1, 0, 4) && + cli_unlock(&cli1, fnum1, 0, 4); EXPECTED(ret, True); printf("the same process %s unlock the stack of 4 locks\n", ret?"can":"cannot"); /* Ensure the next unlock fails. */ - ret = cli_unlock(cli1, fnum1, 0, 4); + ret = cli_unlock(&cli1, fnum1, 0, 4); EXPECTED(ret, False); printf("the same process %s count the lock stack\n", !ret?"can":"cannot"); /* Ensure connection 2 can get a write lock. */ - ret = cli_lock(cli2, fnum2, 0, 4, 0, WRITE_LOCK); + ret = cli_lock(&cli2, fnum2, 0, 4, 0, WRITE_LOCK); EXPECTED(ret, True); printf("a different processs %s get a write lock on the unlocked stack\n", ret?"can":"cannot"); fail: - cli_close(cli1, fnum1); - cli_close(cli2, fnum2); - cli_unlink(cli1, fname); - if (!torture_close_connection(cli1)) { + cli_close(&cli1, fnum1); + cli_close(&cli2, fnum2); + cli_unlink(&cli1, fname); + if (!torture_close_connection(&cli1)) { correct = False; } - if (!torture_close_connection(cli2)) { + if (!torture_close_connection(&cli2)) { correct = False; } @@ -1728,7 +1631,7 @@ static BOOL run_locktest5(int dummy) */ static BOOL run_locktest6(int dummy) { - static struct cli_state *cli; + static struct cli_state cli; const char *fname[1] = { "\\lock6.txt" }; int i; int fnum; @@ -1738,174 +1641,41 @@ static BOOL run_locktest6(int dummy) return False; } - cli_sockopt(cli, sockops); + cli_sockopt(&cli, sockops); printf("starting locktest6\n"); for (i=0;i<1;i++) { printf("Testing %s\n", fname[i]); - cli_unlink(cli, fname[i]); + cli_unlink(&cli, fname[i]); - fnum = cli_open(cli, fname[i], O_RDWR|O_CREAT|O_EXCL, DENY_NONE); - status = cli_locktype(cli, fnum, 0, 8, 0, LOCKING_ANDX_CHANGE_LOCKTYPE); - cli_close(cli, fnum); + fnum = cli_open(&cli, fname[i], O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + status = cli_locktype(&cli, fnum, 0, 8, 0, LOCKING_ANDX_CHANGE_LOCKTYPE); + cli_close(&cli, fnum); printf("CHANGE_LOCKTYPE gave %s\n", nt_errstr(status)); - fnum = cli_open(cli, fname[i], O_RDWR, DENY_NONE); - status = cli_locktype(cli, fnum, 0, 8, 0, LOCKING_ANDX_CANCEL_LOCK); - cli_close(cli, fnum); + fnum = cli_open(&cli, fname[i], O_RDWR, DENY_NONE); + status = cli_locktype(&cli, fnum, 0, 8, 0, LOCKING_ANDX_CANCEL_LOCK); + cli_close(&cli, fnum); printf("CANCEL_LOCK gave %s\n", nt_errstr(status)); - cli_unlink(cli, fname[i]); + cli_unlink(&cli, fname[i]); } - torture_close_connection(cli); + torture_close_connection(&cli); printf("finished locktest6\n"); return True; } -static BOOL run_locktest7(int dummy) -{ - struct cli_state *cli1; - const char *fname = "\\lockt7.lck"; - int fnum1; - char buf[200]; - BOOL correct = False; - - if (!torture_open_connection(&cli1)) { - return False; - } - - cli_sockopt(cli1, sockops); - - printf("starting locktest7\n"); - - cli_unlink(cli1, fname); - - fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); - - memset(buf, 0, sizeof(buf)); - - if (cli_write(cli1, fnum1, 0, buf, 0, sizeof(buf)) != sizeof(buf)) { - printf("Failed to create file\n"); - goto fail; - } - - cli_setpid(cli1, 1); - - if (!cli_lock(cli1, fnum1, 130, 4, 0, READ_LOCK)) { - printf("Unable to apply read lock on range 130:4, error was %s\n", cli_errstr(cli1)); - goto fail; - } else { - printf("pid1 successfully locked range 130:4 for READ\n"); - } - - if (cli_read(cli1, fnum1, buf, 130, 4) != 4) { - printf("pid1 unable to read the range 130:4, error was %s\n", cli_errstr(cli1)); - goto fail; - } else { - printf("pid1 successfully read the range 130:4\n"); - } - - if (cli_write(cli1, fnum1, 0, buf, 130, 4) != 4) { - printf("pid1 unable to write to the range 130:4, error was %s\n", cli_errstr(cli1)); - if (NT_STATUS_V(cli_nt_error(cli1)) != NT_STATUS_V(NT_STATUS_FILE_LOCK_CONFLICT)) { - printf("Incorrect error (should be NT_STATUS_FILE_LOCK_CONFLICT)\n"); - goto fail; - } - } else { - printf("pid1 successfully wrote to the range 130:4 (should be denied)\n"); - goto fail; - } - - cli_setpid(cli1, 2); - - if (cli_read(cli1, fnum1, buf, 130, 4) != 4) { - printf("pid2 unable to read the range 130:4, error was %s\n", cli_errstr(cli1)); - } else { - printf("pid2 successfully read the range 130:4\n"); - } - - if (cli_write(cli1, fnum1, 0, buf, 130, 4) != 4) { - printf("pid2 unable to write to the range 130:4, error was %s\n", cli_errstr(cli1)); - if (NT_STATUS_V(cli_nt_error(cli1)) != NT_STATUS_V(NT_STATUS_FILE_LOCK_CONFLICT)) { - printf("Incorrect error (should be NT_STATUS_FILE_LOCK_CONFLICT)\n"); - goto fail; - } - } else { - printf("pid2 successfully wrote to the range 130:4 (should be denied)\n"); - goto fail; - } - - cli_setpid(cli1, 1); - cli_unlock(cli1, fnum1, 130, 4); - - if (!cli_lock(cli1, fnum1, 130, 4, 0, WRITE_LOCK)) { - printf("Unable to apply write lock on range 130:4, error was %s\n", cli_errstr(cli1)); - goto fail; - } else { - printf("pid1 successfully locked range 130:4 for WRITE\n"); - } - - if (cli_read(cli1, fnum1, buf, 130, 4) != 4) { - printf("pid1 unable to read the range 130:4, error was %s\n", cli_errstr(cli1)); - goto fail; - } else { - printf("pid1 successfully read the range 130:4\n"); - } - - if (cli_write(cli1, fnum1, 0, buf, 130, 4) != 4) { - printf("pid1 unable to write to the range 130:4, error was %s\n", cli_errstr(cli1)); - goto fail; - } else { - printf("pid1 successfully wrote to the range 130:4\n"); - } - - cli_setpid(cli1, 2); - - if (cli_read(cli1, fnum1, buf, 130, 4) != 4) { - printf("pid2 unable to read the range 130:4, error was %s\n", cli_errstr(cli1)); - if (NT_STATUS_V(cli_nt_error(cli1)) != NT_STATUS_V(NT_STATUS_FILE_LOCK_CONFLICT)) { - printf("Incorrect error (should be NT_STATUS_FILE_LOCK_CONFLICT)\n"); - goto fail; - } - } else { - printf("pid2 successfully read the range 130:4 (should be denied)\n"); - goto fail; - } - - if (cli_write(cli1, fnum1, 0, buf, 130, 4) != 4) { - printf("pid2 unable to write to the range 130:4, error was %s\n", cli_errstr(cli1)); - if (NT_STATUS_V(cli_nt_error(cli1)) != NT_STATUS_V(NT_STATUS_FILE_LOCK_CONFLICT)) { - printf("Incorrect error (should be NT_STATUS_FILE_LOCK_CONFLICT)\n"); - goto fail; - } - } else { - printf("pid2 successfully wrote to the range 130:4 (should be denied)\n"); - goto fail; - } - - cli_unlock(cli1, fnum1, 130, 0); - correct = True; - -fail: - cli_close(cli1, fnum1); - cli_unlink(cli1, fname); - torture_close_connection(cli1); - - printf("finished locktest7\n"); - return correct; -} - /* test whether fnums and tids open on one VC are available on another (a major security hole) */ static BOOL run_fdpasstest(int dummy) { - struct cli_state *cli1, *cli2; + static struct cli_state cli1, cli2, cli3; const char *fname = "\\fdpass.tst"; int fnum1; pstring buf; @@ -1913,125 +1683,45 @@ static BOOL run_fdpasstest(int dummy) if (!torture_open_connection(&cli1) || !torture_open_connection(&cli2)) { return False; } - cli_sockopt(cli1, sockops); - cli_sockopt(cli2, sockops); + cli_sockopt(&cli1, sockops); + cli_sockopt(&cli2, sockops); printf("starting fdpasstest\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); - fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); if (fnum1 == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - if (cli_write(cli1, fnum1, 0, "hello world\n", 0, 13) != 13) { - printf("write failed (%s)\n", cli_errstr(cli1)); + if (cli_write(&cli1, fnum1, 0, "hello world\n", 0, 13) != 13) { + printf("write failed (%s)\n", cli_errstr(&cli1)); return False; } - cli2->vuid = cli1->vuid; - cli2->cnum = cli1->cnum; - cli2->pid = cli1->pid; + cli3 = cli2; + cli3.vuid = cli1.vuid; + cli3.cnum = cli1.cnum; + cli3.pid = cli1.pid; - if (cli_read(cli2, fnum1, buf, 0, 13) == 13) { + if (cli_read(&cli3, fnum1, buf, 0, 13) == 13) { printf("read succeeded! nasty security hole [%s]\n", buf); return False; } - cli_close(cli1, fnum1); - cli_unlink(cli1, fname); + cli_close(&cli1, fnum1); + cli_unlink(&cli1, fname); - torture_close_connection(cli1); - torture_close_connection(cli2); + torture_close_connection(&cli1); + torture_close_connection(&cli2); printf("finished fdpasstest\n"); return True; } -static BOOL run_fdsesstest(int dummy) -{ - struct cli_state *cli; - uint16 new_vuid; - uint16 saved_vuid; - uint16 new_cnum; - uint16 saved_cnum; - const char *fname = "\\fdsess.tst"; - const char *fname1 = "\\fdsess1.tst"; - int fnum1; - int fnum2; - pstring buf; - BOOL ret = True; - - if (!torture_open_connection(&cli)) - return False; - cli_sockopt(cli, sockops); - - if (!torture_cli_session_setup2(cli, &new_vuid)) - return False; - - saved_cnum = cli->cnum; - if (!cli_send_tconX(cli, share, "?????", "", 1)) - return False; - new_cnum = cli->cnum; - cli->cnum = saved_cnum; - - printf("starting fdsesstest\n"); - - cli_unlink(cli, fname); - cli_unlink(cli, fname1); - - fnum1 = cli_open(cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); - if (fnum1 == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli)); - return False; - } - - if (cli_write(cli, fnum1, 0, "hello world\n", 0, 13) != 13) { - printf("write failed (%s)\n", cli_errstr(cli)); - return False; - } - - saved_vuid = cli->vuid; - cli->vuid = new_vuid; - - if (cli_read(cli, fnum1, buf, 0, 13) == 13) { - printf("read succeeded with different vuid! nasty security hole [%s]\n", - buf); - ret = False; - } - /* Try to open a file with different vuid, samba cnum. */ - fnum2 = cli_open(cli, fname1, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); - if (fnum2 != -1) { - printf("create with different vuid, same cnum succeeded.\n"); - cli_close(cli, fnum2); - cli_unlink(cli, fname1); - } else { - printf("create with different vuid, same cnum failed.\n"); - } - - cli->vuid = saved_vuid; - - /* Try with same vuid, different cnum. */ - cli->cnum = new_cnum; - - if (cli_read(cli, fnum1, buf, 0, 13) == 13) { - printf("read succeeded with different cnum![%s]\n", - buf); - ret = False; - } - - cli->cnum = saved_cnum; - cli_close(cli, fnum1); - cli_unlink(cli, fname); - - torture_close_connection(cli); - - printf("finished fdsesstest\n"); - return ret; -} /* This test checks that @@ -2040,7 +1730,7 @@ static BOOL run_fdsesstest(int dummy) */ static BOOL run_unlinktest(int dummy) { - struct cli_state *cli; + static struct cli_state cli; const char *fname = "\\unlink.tst"; int fnum; BOOL correct = True; @@ -2049,32 +1739,32 @@ static BOOL run_unlinktest(int dummy) return False; } - cli_sockopt(cli, sockops); + cli_sockopt(&cli, sockops); printf("starting unlink test\n"); - cli_unlink(cli, fname); + cli_unlink(&cli, fname); - cli_setpid(cli, 1); + cli_setpid(&cli, 1); - fnum = cli_open(cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + fnum = cli_open(&cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); if (fnum == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli)); + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli)); return False; } - if (cli_unlink(cli, fname)) { + if (cli_unlink(&cli, fname)) { printf("error: server allowed unlink on an open file\n"); correct = False; } else { - correct = check_error(__LINE__, cli, ERRDOS, ERRbadshare, + correct = check_error(__LINE__, &cli, ERRDOS, ERRbadshare, NT_STATUS_SHARING_VIOLATION); } - cli_close(cli, fnum); - cli_unlink(cli, fname); + cli_close(&cli, fnum); + cli_unlink(&cli, fname); - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } @@ -2089,7 +1779,7 @@ test how many open files this server supports on the one socket */ static BOOL run_maxfidtest(int dummy) { - struct cli_state *cli; + static struct cli_state cli; const char *template = "\\maxfid.%d.%d"; fstring fname; int fnums[0x11000], i; @@ -2103,15 +1793,15 @@ static BOOL run_maxfidtest(int dummy) return False; } - cli_sockopt(cli, sockops); + cli_sockopt(&cli, sockops); for (i=0; i<0x11000; i++) { slprintf(fname,sizeof(fname)-1,template, i,(int)getpid()); - if ((fnums[i] = cli_open(cli, fname, + if ((fnums[i] = cli_open(&cli, fname, O_RDWR|O_CREAT|O_TRUNC, DENY_NONE)) == -1) { printf("open of %s failed (%s)\n", - fname, cli_errstr(cli)); + fname, cli_errstr(&cli)); printf("maximum fnum is %d\n", i); break; } @@ -2123,10 +1813,10 @@ static BOOL run_maxfidtest(int dummy) printf("cleaning up\n"); for (;i>=0;i--) { slprintf(fname,sizeof(fname)-1,template, i,(int)getpid()); - cli_close(cli, fnums[i]); - if (!cli_unlink(cli, fname)) { + cli_close(&cli, fnums[i]); + if (!cli_unlink(&cli, fname)) { printf("unlink of %s failed (%s)\n", - fname, cli_errstr(cli)); + fname, cli_errstr(&cli)); correct = False; } printf("%6d\r", i); @@ -2134,7 +1824,7 @@ static BOOL run_maxfidtest(int dummy) printf("%6d\n", 0); printf("maxfid test finished\n"); - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } return correct; @@ -2184,7 +1874,7 @@ static BOOL run_randomipc(int dummy) int rdrcnt,rprcnt; pstring param; int api, param_len, i; - struct cli_state *cli; + static struct cli_state cli; BOOL correct = True; int count = 50000; @@ -2202,7 +1892,7 @@ static BOOL run_randomipc(int dummy) SSVAL(param,0,api); - cli_api(cli, + cli_api(&cli, param, param_len, 8, NULL, 0, BUFFER_SIZE, &rparam, &rprcnt, @@ -2213,7 +1903,7 @@ static BOOL run_randomipc(int dummy) } printf("%d/%d\n", i, count); - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } @@ -2238,7 +1928,7 @@ static void browse_callback(const char *sname, uint32 stype, */ static BOOL run_browsetest(int dummy) { - static struct cli_state *cli; + static struct cli_state cli; BOOL correct = True; printf("starting browse test\n"); @@ -2248,16 +1938,16 @@ static BOOL run_browsetest(int dummy) } printf("domain list:\n"); - cli_NetServerEnum(cli, cli->server_domain, + cli_NetServerEnum(&cli, cli.server_domain, SV_TYPE_DOMAIN_ENUM, browse_callback, NULL); printf("machine list:\n"); - cli_NetServerEnum(cli, cli->server_domain, + cli_NetServerEnum(&cli, cli.server_domain, SV_TYPE_ALL, browse_callback, NULL); - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } @@ -2273,10 +1963,10 @@ static BOOL run_browsetest(int dummy) */ static BOOL run_attrtest(int dummy) { - struct cli_state *cli; + static struct cli_state cli; int fnum; time_t t, t2; - const char *fname = "\\attrib123456789.tst"; + const char *fname = "\\attrib.tst"; BOOL correct = True; printf("starting attrib test\n"); @@ -2285,12 +1975,12 @@ static BOOL run_attrtest(int dummy) return False; } - cli_unlink(cli, fname); - fnum = cli_open(cli, fname, + cli_unlink(&cli, fname); + fnum = cli_open(&cli, fname, O_RDWR | O_CREAT | O_TRUNC, DENY_NONE); - cli_close(cli, fnum); - if (!cli_getatr(cli, fname, NULL, NULL, &t)) { - printf("getatr failed (%s)\n", cli_errstr(cli)); + cli_close(&cli, fnum); + if (!cli_getatr(&cli, fname, NULL, NULL, &t)) { + printf("getatr failed (%s)\n", cli_errstr(&cli)); correct = False; } @@ -2303,13 +1993,13 @@ static BOOL run_attrtest(int dummy) t2 = t-60*60*24; /* 1 day ago */ - if (!cli_setatr(cli, fname, 0, t2)) { - printf("setatr failed (%s)\n", cli_errstr(cli)); + if (!cli_setatr(&cli, fname, 0, t2)) { + printf("setatr failed (%s)\n", cli_errstr(&cli)); correct = True; } - if (!cli_getatr(cli, fname, NULL, NULL, &t)) { - printf("getatr failed (%s)\n", cli_errstr(cli)); + if (!cli_getatr(&cli, fname, NULL, NULL, &t)) { + printf("getatr failed (%s)\n", cli_errstr(&cli)); correct = True; } @@ -2320,9 +2010,9 @@ static BOOL run_attrtest(int dummy) correct = True; } - cli_unlink(cli, fname); + cli_unlink(&cli, fname); - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } @@ -2337,7 +2027,7 @@ static BOOL run_attrtest(int dummy) */ static BOOL run_trans2test(int dummy) { - struct cli_state *cli; + static struct cli_state cli; int fnum; size_t size; time_t c_time, a_time, m_time, w_time, m_time2; @@ -2353,17 +2043,17 @@ static BOOL run_trans2test(int dummy) return False; } - cli_unlink(cli, fname); - fnum = cli_open(cli, fname, + cli_unlink(&cli, fname); + fnum = cli_open(&cli, fname, O_RDWR | O_CREAT | O_TRUNC, DENY_NONE); - if (!cli_qfileinfo(cli, fnum, NULL, &size, &c_time, &a_time, &m_time, + if (!cli_qfileinfo(&cli, fnum, NULL, &size, &c_time, &a_time, &m_time, NULL, NULL)) { - printf("ERROR: qfileinfo failed (%s)\n", cli_errstr(cli)); + printf("ERROR: qfileinfo failed (%s)\n", cli_errstr(&cli)); correct = False; } - if (!cli_qfilename(cli, fnum, pname)) { - printf("ERROR: qfilename failed (%s)\n", cli_errstr(cli)); + if (!cli_qfilename(&cli, fnum, pname)) { + printf("ERROR: qfilename failed (%s)\n", cli_errstr(&cli)); correct = False; } @@ -2373,27 +2063,28 @@ static BOOL run_trans2test(int dummy) correct = False; } - cli_close(cli, fnum); + cli_close(&cli, fnum); sleep(2); - cli_unlink(cli, fname); - fnum = cli_open(cli, fname, + cli_unlink(&cli, fname); + fnum = cli_open(&cli, fname, O_RDWR | O_CREAT | O_TRUNC, DENY_NONE); if (fnum == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli)); + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli)); return False; } - cli_close(cli, fnum); + cli_close(&cli, fnum); - if (!cli_qpathinfo(cli, fname, &c_time, &a_time, &m_time, &size, NULL)) { - printf("ERROR: qpathinfo failed (%s)\n", cli_errstr(cli)); + if (!cli_qpathinfo(&cli, fname, &c_time, &a_time, &m_time, &size, NULL)) { + printf("ERROR: qpathinfo failed (%s)\n", cli_errstr(&cli)); correct = False; } else { if (c_time != m_time) { printf("create time=%s", ctime(&c_time)); printf("modify time=%s", ctime(&m_time)); printf("This system appears to have sticky create times\n"); + correct = False; } if (a_time % (60*60) == 0) { printf("access time=%s", ctime(&a_time)); @@ -2408,13 +2099,13 @@ static BOOL run_trans2test(int dummy) } - cli_unlink(cli, fname); - fnum = cli_open(cli, fname, + cli_unlink(&cli, fname); + fnum = cli_open(&cli, fname, O_RDWR | O_CREAT | O_TRUNC, DENY_NONE); - cli_close(cli, fnum); - if (!cli_qpathinfo2(cli, fname, &c_time, &a_time, &m_time, + cli_close(&cli, fnum); + if (!cli_qpathinfo2(&cli, fname, &c_time, &a_time, &m_time, &w_time, &size, NULL, NULL)) { - printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(cli)); + printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli)); correct = False; } else { if (w_time < 60*60*24*2) { @@ -2424,29 +2115,29 @@ static BOOL run_trans2test(int dummy) } } - cli_unlink(cli, fname); + cli_unlink(&cli, fname); /* check if the server updates the directory modification time when creating a new file */ - if (!cli_mkdir(cli, dname)) { - printf("ERROR: mkdir failed (%s)\n", cli_errstr(cli)); + if (!cli_mkdir(&cli, dname)) { + printf("ERROR: mkdir failed (%s)\n", cli_errstr(&cli)); correct = False; } sleep(3); - if (!cli_qpathinfo2(cli, "\\trans2\\", &c_time, &a_time, &m_time, + if (!cli_qpathinfo2(&cli, "\\trans2\\", &c_time, &a_time, &m_time, &w_time, &size, NULL, NULL)) { - printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(cli)); + printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli)); correct = False; } - fnum = cli_open(cli, fname2, + fnum = cli_open(&cli, fname2, O_RDWR | O_CREAT | O_TRUNC, DENY_NONE); - cli_write(cli, fnum, 0, (char *)&fnum, 0, sizeof(fnum)); - cli_close(cli, fnum); - if (!cli_qpathinfo2(cli, "\\trans2\\", &c_time, &a_time, &m_time2, + cli_write(&cli, fnum, 0, (char *)&fnum, 0, sizeof(fnum)); + cli_close(&cli, fnum); + if (!cli_qpathinfo2(&cli, "\\trans2\\", &c_time, &a_time, &m_time2, &w_time, &size, NULL, NULL)) { - printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(cli)); + printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(&cli)); correct = False; } else { if (m_time2 == m_time) { @@ -2454,10 +2145,10 @@ static BOOL run_trans2test(int dummy) correct = False; } } - cli_unlink(cli, fname2); - cli_rmdir(cli, dname); + cli_unlink(&cli, fname2); + cli_rmdir(&cli, dname); - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } @@ -2490,7 +2181,7 @@ static BOOL new_trans(struct cli_state *pcli, int fnum, int level) static BOOL run_w2ktest(int dummy) { - struct cli_state *cli; + static struct cli_state cli; int fnum; const char *fname = "\\w2ktest\\w2k.tst"; int level; @@ -2502,16 +2193,16 @@ static BOOL run_w2ktest(int dummy) return False; } - fnum = cli_open(cli, fname, + fnum = cli_open(&cli, fname, O_RDWR | O_CREAT , DENY_NONE); for (level = 1004; level < 1040; level++) { - new_trans(cli, fnum, level); + new_trans(&cli, fnum, level); } - cli_close(cli, fnum); + cli_close(&cli, fnum); - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } @@ -2526,7 +2217,7 @@ static BOOL run_w2ktest(int dummy) */ static BOOL run_oplock1(int dummy) { - struct cli_state *cli1; + static struct cli_state cli1; const char *fname = "\\lockt1.lck"; int fnum1; BOOL correct = True; @@ -2537,34 +2228,34 @@ static BOOL run_oplock1(int dummy) return False; } - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); - cli_sockopt(cli1, sockops); + cli_sockopt(&cli1, sockops); - cli1->use_oplocks = True; + cli1.use_oplocks = True; - fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); if (fnum1 == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - cli1->use_oplocks = False; + cli1.use_oplocks = False; - cli_unlink(cli1, fname); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); + cli_unlink(&cli1, fname); - if (!cli_close(cli1, fnum1)) { - printf("close2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close2 failed (%s)\n", cli_errstr(&cli1)); return False; } - if (!cli_unlink(cli1, fname)) { - printf("unlink failed (%s)\n", cli_errstr(cli1)); + if (!cli_unlink(&cli1, fname)) { + printf("unlink failed (%s)\n", cli_errstr(&cli1)); return False; } - if (!torture_close_connection(cli1)) { + if (!torture_close_connection(&cli1)) { correct = False; } @@ -2575,7 +2266,7 @@ static BOOL run_oplock1(int dummy) static BOOL run_oplock2(int dummy) { - struct cli_state *cli1, *cli2; + static struct cli_state cli1, cli2; const char *fname = "\\lockt2.lck"; int fnum1, fnum2; int saved_use_oplocks = use_oplocks; @@ -2597,8 +2288,8 @@ static BOOL run_oplock2(int dummy) return False; } - cli1->use_oplocks = True; - cli1->use_level_II_oplocks = True; + cli1.use_oplocks = True; + cli1.use_level_II_oplocks = True; if (!torture_open_connection(&cli2)) { use_level_II_oplocks = False; @@ -2606,17 +2297,17 @@ static BOOL run_oplock2(int dummy) return False; } - cli2->use_oplocks = True; - cli2->use_level_II_oplocks = True; + cli2.use_oplocks = True; + cli2.use_level_II_oplocks = True; - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); - cli_sockopt(cli1, sockops); - cli_sockopt(cli2, sockops); + cli_sockopt(&cli1, sockops); + cli_sockopt(&cli2, sockops); - fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); if (fnum1 == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } @@ -2626,17 +2317,17 @@ static BOOL run_oplock2(int dummy) if (fork() == 0) { /* Child code */ - fnum2 = cli_open(cli2, fname, O_RDWR, DENY_NONE); + fnum2 = cli_open(&cli2, fname, O_RDWR, DENY_NONE); if (fnum2 == -1) { - printf("second open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("second open of %s failed (%s)\n", fname, cli_errstr(&cli1)); *shared_correct = False; exit(0); } sleep(2); - if (!cli_close(cli2, fnum2)) { - printf("close2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli2, fnum2)) { + printf("close2 failed (%s)\n", cli_errstr(&cli1)); *shared_correct = False; } @@ -2647,54 +2338,54 @@ static BOOL run_oplock2(int dummy) /* Ensure cli1 processes the break. */ - if (cli_read(cli1, fnum1, buf, 0, 4) != 4) { - printf("read on fnum1 failed (%s)\n", cli_errstr(cli1)); + if (cli_read(&cli1, fnum1, buf, 0, 4) != 4) { + printf("read on fnum1 failed (%s)\n", cli_errstr(&cli1)); correct = False; } /* Should now be at level II. */ /* Test if sending a write locks causes a break to none. */ - if (!cli_lock(cli1, fnum1, 0, 4, 0, READ_LOCK)) { - printf("lock failed (%s)\n", cli_errstr(cli1)); + if (!cli_lock(&cli1, fnum1, 0, 4, 0, READ_LOCK)) { + printf("lock failed (%s)\n", cli_errstr(&cli1)); correct = False; } - cli_unlock(cli1, fnum1, 0, 4); + cli_unlock(&cli1, fnum1, 0, 4); sleep(2); - if (!cli_lock(cli1, fnum1, 0, 4, 0, WRITE_LOCK)) { - printf("lock failed (%s)\n", cli_errstr(cli1)); + if (!cli_lock(&cli1, fnum1, 0, 4, 0, WRITE_LOCK)) { + printf("lock failed (%s)\n", cli_errstr(&cli1)); correct = False; } - cli_unlock(cli1, fnum1, 0, 4); + cli_unlock(&cli1, fnum1, 0, 4); sleep(2); - cli_read(cli1, fnum1, buf, 0, 4); + cli_read(&cli1, fnum1, buf, 0, 4); #if 0 - if (cli_write(cli1, fnum1, 0, buf, 0, 4) != 4) { - printf("write on fnum1 failed (%s)\n", cli_errstr(cli1)); + if (cli_write(&cli1, fnum1, 0, buf, 0, 4) != 4) { + printf("write on fnum1 failed (%s)\n", cli_errstr(&cli1)); correct = False; } #endif - if (!cli_close(cli1, fnum1)) { - printf("close1 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close1 failed (%s)\n", cli_errstr(&cli1)); correct = False; } sleep(4); - if (!cli_unlink(cli1, fname)) { - printf("unlink failed (%s)\n", cli_errstr(cli1)); + if (!cli_unlink(&cli1, fname)) { + printf("unlink failed (%s)\n", cli_errstr(&cli1)); correct = False; } - if (!torture_close_connection(cli1)) { + if (!torture_close_connection(&cli1)) { correct = False; } @@ -2717,7 +2408,7 @@ static BOOL oplock3_handler(struct cli_state *cli, int fnum, unsigned char level static BOOL run_oplock3(int dummy) { - struct cli_state *cli; + static struct cli_state cli; const char *fname = "\\oplockt3.dat"; int fnum; char buf[4] = "abcd"; @@ -2739,8 +2430,8 @@ static BOOL run_oplock3(int dummy) } sleep(2); /* try to trigger a oplock break in parent */ - fnum = cli_open(cli, fname, O_RDWR, DENY_NONE); - cli_write(cli, fnum, 0, buf, 0, 4); + fnum = cli_open(&cli, fname, O_RDWR, DENY_NONE); + cli_write(&cli, fnum, 0, buf, 0, 4); exit(0); } @@ -2750,13 +2441,13 @@ static BOOL run_oplock3(int dummy) if (!torture_open_connection(&cli)) { return False; } - cli_oplock_handler(cli, oplock3_handler); - fnum = cli_open(cli, fname, O_RDWR|O_CREAT, DENY_NONE); - cli_write(cli, fnum, 0, buf, 0, 4); - cli_close(cli, fnum); - fnum = cli_open(cli, fname, O_RDWR, DENY_NONE); - cli->timeout = 20000; - cli_receive_smb(cli); + cli_oplock_handler(&cli, oplock3_handler); + fnum = cli_open(&cli, fname, O_RDWR|O_CREAT, DENY_NONE); + cli_write(&cli, fnum, 0, buf, 0, 4); + cli_close(&cli, fnum); + fnum = cli_open(&cli, fname, O_RDWR, DENY_NONE); + cli.timeout = 20000; + cli_receive_smb(&cli); printf("finished oplock test 3\n"); return (correct && *shared_correct); @@ -2771,8 +2462,8 @@ static BOOL run_oplock3(int dummy) */ static BOOL run_deletetest(int dummy) { - struct cli_state *cli1; - struct cli_state *cli2; + static struct cli_state cli1; + static struct cli_state cli2; const char *fname = "\\delete.file"; int fnum1 = -1; int fnum2 = -1; @@ -2780,36 +2471,45 @@ static BOOL run_deletetest(int dummy) printf("starting delete test\n"); + ZERO_STRUCT(cli1); + ZERO_STRUCT(cli2); + if (!torture_open_connection(&cli1)) { return False; } - cli_sockopt(cli1, sockops); + cli_sockopt(&cli1, sockops); - /* Test 1 - this should delete the file on close. */ + /* Test 1 - this should *NOT* delete the file on close. */ - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); + cli_setatr(&cli1, fname, 0, 0); + cli_unlink(&cli1, fname); - fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_NORMAL, + fnum1 = cli_nt_create_full(&cli1, fname, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_DELETE, FILE_OVERWRITE_IF, - FILE_DELETE_ON_CLOSE, 0); + DELETE_ON_CLOSE_FLAG); if (fnum1 == -1) { - printf("[1] open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[1] open of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_close(cli1, fnum1)) { - printf("[1] close failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[1] close failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } - fnum1 = cli_open(cli1, fname, O_RDWR, DENY_NONE); - if (fnum1 != -1) { - printf("[1] open of %s succeeded (should fail)\n", fname); + fnum1 = cli_open(&cli1, fname, O_RDWR, DENY_NONE); + if (fnum1 == -1) { + printf("[1] open of %s failed (%s)\n", fname, cli_errstr(&cli1)); + correct = False; + goto fail; + } + + if (!cli_close(&cli1, fnum1)) { + printf("[1] close failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } @@ -2818,52 +2518,52 @@ static BOOL run_deletetest(int dummy) /* Test 2 - this should delete the file on close. */ - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); + cli_setatr(&cli1, fname, 0, 0); + cli_unlink(&cli1, fname); - fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_ALL_ACCESS, + fnum1 = cli_nt_create_full(&cli1, fname, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, - FILE_OVERWRITE_IF, 0, 0); + FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("[2] open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[2] open of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_nt_delete_on_close(cli1, fnum1, True)) { - printf("[2] setting delete_on_close failed (%s)\n", cli_errstr(cli1)); + if (!cli_nt_delete_on_close(&cli1, fnum1, True)) { + printf("[2] setting delete_on_close failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_close(cli1, fnum1)) { - printf("[2] close failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[2] close failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } - fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_NONE); if (fnum1 != -1) { printf("[2] open of %s succeeded should have been deleted on close !\n", fname); - if (!cli_close(cli1, fnum1)) { - printf("[2] close failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[2] close failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); } else printf("second delete on close test succeeded.\n"); /* Test 3 - ... */ - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); + cli_setatr(&cli1, fname, 0, 0); + cli_unlink(&cli1, fname); - fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("[3] open - 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[3] open - 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } @@ -2871,8 +2571,8 @@ static BOOL run_deletetest(int dummy) /* This should fail with a sharing violation - open for delete is only compatible with SHARE_DELETE. */ - fnum2 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, 0); + fnum2 = cli_nt_create_full(&cli1, fname, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0); if (fnum2 != -1) { printf("[3] open - 2 of %s succeeded - should have failed.\n", fname); @@ -2882,85 +2582,84 @@ static BOOL run_deletetest(int dummy) /* This should succeed. */ - fnum2 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0, 0); + fnum2 = cli_nt_create_full(&cli1, fname, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0); if (fnum2 == -1) { - printf("[3] open - 2 of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[3] open - 2 of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_nt_delete_on_close(cli1, fnum1, True)) { - printf("[3] setting delete_on_close failed (%s)\n", cli_errstr(cli1)); + if (!cli_nt_delete_on_close(&cli1, fnum1, True)) { + printf("[3] setting delete_on_close failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_close(cli1, fnum1)) { - printf("[3] close 1 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[3] close 1 failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_close(cli1, fnum2)) { - printf("[3] close 2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum2)) { + printf("[3] close 2 failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } /* This should fail - file should no longer be there. */ - fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_NONE); if (fnum1 != -1) { printf("[3] open of %s succeeded should have been deleted on close !\n", fname); - if (!cli_close(cli1, fnum1)) { - printf("[3] close failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[3] close failed (%s)\n", cli_errstr(&cli1)); } - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); correct = False; goto fail; } else printf("third delete on close test succeeded.\n"); /* Test 4 ... */ - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); + cli_setatr(&cli1, fname, 0, 0); + cli_unlink(&cli1, fname); - fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS, - FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS, + FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("[4] open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[4] open of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } /* This should succeed. */ - fnum2 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS, - FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0, 0); + fnum2 = cli_nt_create_full(&cli1, fname, GENERIC_READ_ACCESS, + FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0); if (fnum2 == -1) { - printf("[4] open - 2 of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[4] open - 2 of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_close(cli1, fnum2)) { - printf("[4] close - 1 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum2)) { + printf("[4] close - 1 failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_nt_delete_on_close(cli1, fnum1, True)) { - printf("[4] setting delete_on_close failed (%s)\n", cli_errstr(cli1)); + if (!cli_nt_delete_on_close(&cli1, fnum1, True)) { + printf("[4] setting delete_on_close failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } /* This should fail - no more opens once delete on close set. */ - fnum2 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS, - FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, 0, 0); + fnum2 = cli_nt_create_full(&cli1, fname, GENERIC_READ_ACCESS, + FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0); if (fnum2 != -1) { printf("[4] open - 3 of %s succeeded ! Should have failed.\n", fname ); correct = False; @@ -2968,33 +2667,33 @@ static BOOL run_deletetest(int dummy) } else printf("fourth delete on close test succeeded.\n"); - if (!cli_close(cli1, fnum1)) { - printf("[4] close - 2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[4] close - 2 failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } /* Test 5 ... */ - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); + cli_setatr(&cli1, fname, 0, 0); + cli_unlink(&cli1, fname); - fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT, DENY_NONE); if (fnum1 == -1) { - printf("[5] open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[5] open of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } /* This should fail - only allowed on NT opens with DELETE access. */ - if (cli_nt_delete_on_close(cli1, fnum1, True)) { + if (cli_nt_delete_on_close(&cli1, fnum1, True)) { printf("[5] setting delete_on_close on OpenX file succeeded - should fail !\n"); correct = False; goto fail; } - if (!cli_close(cli1, fnum1)) { - printf("[5] close - 2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[5] close - 2 failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } @@ -3002,29 +2701,29 @@ static BOOL run_deletetest(int dummy) printf("fifth delete on close test succeeded.\n"); /* Test 6 ... */ - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); + cli_setatr(&cli1, fname, 0, 0); + cli_unlink(&cli1, fname); - fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA, + fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OVERWRITE_IF, 0, 0); + FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("[6] open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[6] open of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } /* This should fail - only allowed on NT opens with DELETE access. */ - if (cli_nt_delete_on_close(cli1, fnum1, True)) { + if (cli_nt_delete_on_close(&cli1, fnum1, True)) { printf("[6] setting delete_on_close on file with no delete access succeeded - should fail !\n"); correct = False; goto fail; } - if (!cli_close(cli1, fnum1)) { - printf("[6] close - 2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[6] close - 2 failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } @@ -3032,47 +2731,47 @@ static BOOL run_deletetest(int dummy) printf("sixth delete on close test succeeded.\n"); /* Test 7 ... */ - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); + cli_setatr(&cli1, fname, 0, 0); + cli_unlink(&cli1, fname); - fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS, - FILE_ATTRIBUTE_NORMAL, 0, FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS, + FILE_ATTRIBUTE_NORMAL, 0, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("[7] open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[7] open of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_nt_delete_on_close(cli1, fnum1, True)) { + if (!cli_nt_delete_on_close(&cli1, fnum1, True)) { printf("[7] setting delete_on_close on file failed !\n"); correct = False; goto fail; } - if (!cli_nt_delete_on_close(cli1, fnum1, False)) { + if (!cli_nt_delete_on_close(&cli1, fnum1, False)) { printf("[7] unsetting delete_on_close on file failed !\n"); correct = False; goto fail; } - if (!cli_close(cli1, fnum1)) { - printf("[7] close - 2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[7] close - 2 failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } /* This next open should succeed - we reset the flag. */ - fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_NONE); if (fnum1 == -1) { - printf("[5] open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[5] open of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_close(cli1, fnum1)) { - printf("[7] close - 2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[7] close - 2 failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } @@ -3080,8 +2779,8 @@ static BOOL run_deletetest(int dummy) printf("seventh delete on close test succeeded.\n"); /* Test 7 ... */ - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); + cli_setatr(&cli1, fname, 0, 0); + cli_unlink(&cli1, fname); if (!torture_open_connection(&cli2)) { printf("[8] failed to open second connection.\n"); @@ -3089,48 +2788,46 @@ static BOOL run_deletetest(int dummy) goto fail; } - cli_sockopt(cli1, sockops); + cli_sockopt(&cli1, sockops); - fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS, - FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS, + FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("[8] open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[8] open of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } - fnum2 = cli_nt_create_full(cli2, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS, - FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, 0, 0); + fnum2 = cli_nt_create_full(&cli2, fname, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS, + FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, 0); if (fnum2 == -1) { - printf("[8] open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[8] open of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_nt_delete_on_close(cli1, fnum1, True)) { + if (!cli_nt_delete_on_close(&cli1, fnum1, True)) { printf("[8] setting delete_on_close on file failed !\n"); correct = False; goto fail; } - if (!cli_close(cli1, fnum1)) { - printf("[8] close - 1 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[8] close - 1 failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } - if (!cli_close(cli2, fnum2)) { - printf("[8] close - 2 failed (%s)\n", cli_errstr(cli2)); + if (!cli_close(&cli2, fnum2)) { + printf("[8] close - 2 failed (%s)\n", cli_errstr(&cli2)); correct = False; goto fail; } /* This should fail.. */ - fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_NONE); if (fnum1 != -1) { printf("[8] open of %s succeeded should have been deleted on close !\n", fname); goto fail; @@ -3139,8 +2836,8 @@ static BOOL run_deletetest(int dummy) printf("eighth delete on close test succeeded.\n"); /* This should fail - we need to set DELETE_ACCESS. */ - fnum1 = cli_nt_create_full(cli1, fname, 0,FILE_READ_DATA|FILE_WRITE_DATA, - FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, FILE_OVERWRITE_IF, FILE_DELETE_ON_CLOSE, 0); + fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA, + FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, FILE_OVERWRITE_IF, FILE_DELETE_ON_CLOSE); if (fnum1 != -1) { printf("[9] open of %s succeeded should have failed!\n", fname); @@ -3150,23 +2847,23 @@ static BOOL run_deletetest(int dummy) printf("ninth delete on close test succeeded.\n"); - fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS, - FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, FILE_OVERWRITE_IF, FILE_DELETE_ON_CLOSE, 0); + fnum1 = cli_nt_create_full(&cli1, fname, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS, + FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, FILE_OVERWRITE_IF, FILE_DELETE_ON_CLOSE); if (fnum1 == -1) { - printf("[10] open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("[10] open of %s failed (%s)\n", fname, cli_errstr(&cli1)); correct = False; goto fail; } /* This should delete the file. */ - if (!cli_close(cli1, fnum1)) { - printf("[10] close failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("[10] close failed (%s)\n", cli_errstr(&cli1)); correct = False; goto fail; } /* This should fail.. */ - fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_NONE); if (fnum1 != -1) { printf("[10] open of %s succeeded should have been deleted on close !\n", fname); goto fail; @@ -3176,19 +2873,16 @@ static BOOL run_deletetest(int dummy) printf("finished delete test\n"); fail: - /* FIXME: This will crash if we aborted before cli2 got - * intialized, because these functions don't handle - * uninitialized connections. */ - - cli_close(cli1, fnum1); - cli_close(cli1, fnum2); - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); - - if (!torture_close_connection(cli1)) { + + cli_close(&cli1, fnum1); + cli_close(&cli1, fnum2); + cli_setatr(&cli1, fname, 0, 0); + cli_unlink(&cli1, fname); + + if (!torture_close_connection(&cli1)) { correct = False; } - if (!torture_close_connection(cli2)) { + if (!torture_close_connection(&cli2)) { correct = False; } return correct; @@ -3200,7 +2894,7 @@ static BOOL run_deletetest(int dummy) */ static BOOL run_properties(int dummy) { - static struct cli_state *cli; + static struct cli_state cli; BOOL correct = True; printf("starting properties test\n"); @@ -3211,11 +2905,11 @@ static BOOL run_properties(int dummy) return False; } - cli_sockopt(cli, sockops); + cli_sockopt(&cli, sockops); - d_printf("Capabilities 0x%08x\n", cli->capabilities); + d_printf("Capabilities 0x%08x\n", cli.capabilities); - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } @@ -3248,7 +2942,7 @@ static BOOL run_properties(int dummy) */ static BOOL run_xcopy(int dummy) { - static struct cli_state *cli1; + static struct cli_state cli1; const char *fname = "\\test.txt"; BOOL correct = True; int fnum1, fnum2; @@ -3259,26 +2953,26 @@ static BOOL run_xcopy(int dummy) return False; } - fnum1 = cli_nt_create_full(cli1, fname, 0, + fnum1 = cli_nt_create_full(&cli1, fname, FIRST_DESIRED_ACCESS, FILE_ATTRIBUTE_ARCHIVE, FILE_SHARE_NONE, FILE_OVERWRITE_IF, - 0x4044, 0); + 0x4044); if (fnum1 == -1) { - printf("First open failed - %s\n", cli_errstr(cli1)); + printf("First open failed - %s\n", cli_errstr(&cli1)); return False; } - fnum2 = cli_nt_create_full(cli1, fname, 0, + fnum2 = cli_nt_create_full(&cli1, fname, SECOND_DESIRED_ACCESS, 0, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, - 0x200000, 0); + 0x200000); if (fnum2 == -1) { - printf("second open failed - %s\n", cli_errstr(cli1)); + printf("second open failed - %s\n", cli_errstr(&cli1)); return False; } - if (!torture_close_connection(cli1)) { + if (!torture_close_connection(&cli1)) { correct = False; } @@ -3290,7 +2984,7 @@ static BOOL run_xcopy(int dummy) */ static BOOL run_rename(int dummy) { - static struct cli_state *cli1; + static struct cli_state cli1; const char *fname = "\\test.txt"; const char *fname1 = "\\test1.txt"; BOOL correct = True; @@ -3302,62 +2996,62 @@ static BOOL run_rename(int dummy) return False; } - cli_unlink(cli1, fname); - cli_unlink(cli1, fname1); - fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ, FILE_OVERWRITE_IF, 0, 0); + cli_unlink(&cli1, fname); + cli_unlink(&cli1, fname1); + fnum1 = cli_nt_create_full(&cli1, fname, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("First open failed - %s\n", cli_errstr(cli1)); + printf("First open failed - %s\n", cli_errstr(&cli1)); return False; } - if (!cli_rename(cli1, fname, fname1)) { - printf("First rename failed (this is correct) - %s\n", cli_errstr(cli1)); + if (!cli_rename(&cli1, fname, fname1)) { + printf("First rename failed (this is correct) - %s\n", cli_errstr(&cli1)); } else { printf("First rename succeeded - this should have failed !\n"); correct = False; } - if (!cli_close(cli1, fnum1)) { - printf("close - 1 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close - 1 failed (%s)\n", cli_errstr(&cli1)); return False; } - cli_unlink(cli1, fname); - cli_unlink(cli1, fname1); - fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL, + cli_unlink(&cli1, fname); + cli_unlink(&cli1, fname1); + fnum1 = cli_nt_create_full(&cli1, fname,GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL, #if 0 - FILE_SHARE_DELETE|FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0); + FILE_SHARE_DELETE|FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); #else - FILE_SHARE_DELETE|FILE_SHARE_READ, FILE_OVERWRITE_IF, 0, 0); + FILE_SHARE_DELETE|FILE_SHARE_READ, FILE_OVERWRITE_IF, 0); #endif if (fnum1 == -1) { - printf("Second open failed - %s\n", cli_errstr(cli1)); + printf("Second open failed - %s\n", cli_errstr(&cli1)); return False; } - if (!cli_rename(cli1, fname, fname1)) { - printf("Second rename failed - this should have succeeded - %s\n", cli_errstr(cli1)); + if (!cli_rename(&cli1, fname, fname1)) { + printf("Second rename failed - this should have succeeded - %s\n", cli_errstr(&cli1)); correct = False; } else { printf("Second rename succeeded\n"); } - if (!cli_close(cli1, fnum1)) { - printf("close - 2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close - 2 failed (%s)\n", cli_errstr(&cli1)); return False; } - cli_unlink(cli1, fname); - cli_unlink(cli1, fname1); + cli_unlink(&cli1, fname); + cli_unlink(&cli1, fname1); - fnum1 = cli_nt_create_full(cli1, fname, 0, READ_CONTROL_ACCESS, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname,READ_CONTROL_ACCESS, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("Third open failed - %s\n", cli_errstr(cli1)); + printf("Third open failed - %s\n", cli_errstr(&cli1)); return False; } @@ -3366,41 +3060,41 @@ static BOOL run_rename(int dummy) { int fnum2; - fnum2 = cli_nt_create_full(cli1, fname, 0, DELETE_ACCESS, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0); + fnum2 = cli_nt_create_full(&cli1, fname,DELETE_ACCESS, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); if (fnum2 == -1) { - printf("Fourth open failed - %s\n", cli_errstr(cli1)); + printf("Fourth open failed - %s\n", cli_errstr(&cli1)); return False; } - if (!cli_nt_delete_on_close(cli1, fnum2, True)) { + if (!cli_nt_delete_on_close(&cli1, fnum2, True)) { printf("[8] setting delete_on_close on file failed !\n"); return False; } - if (!cli_close(cli1, fnum2)) { - printf("close - 4 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum2)) { + printf("close - 4 failed (%s)\n", cli_errstr(&cli1)); return False; } } #endif - if (!cli_rename(cli1, fname, fname1)) { - printf("Third rename failed - this should have succeeded - %s\n", cli_errstr(cli1)); + if (!cli_rename(&cli1, fname, fname1)) { + printf("Third rename failed - this should have succeeded - %s\n", cli_errstr(&cli1)); correct = False; } else { printf("Third rename succeeded\n"); } - if (!cli_close(cli1, fnum1)) { - printf("close - 3 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close - 3 failed (%s)\n", cli_errstr(&cli1)); return False; } - cli_unlink(cli1, fname); - cli_unlink(cli1, fname1); + cli_unlink(&cli1, fname); + cli_unlink(&cli1, fname1); - if (!torture_close_connection(cli1)) { + if (!torture_close_connection(&cli1)) { correct = False; } @@ -3409,7 +3103,7 @@ static BOOL run_rename(int dummy) static BOOL run_pipe_number(int dummy) { - struct cli_state *cli1; + static struct cli_state cli1; const char *pipe_name = "\\SPOOLSS"; int fnum; int num_pipes = 0; @@ -3419,20 +3113,20 @@ static BOOL run_pipe_number(int dummy) return False; } - cli_sockopt(cli1, sockops); + cli_sockopt(&cli1, sockops); while(1) { - fnum = cli_nt_create_full(cli1, pipe_name, 0, FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN_IF, 0, 0); + fnum = cli_nt_create_full(&cli1, pipe_name,FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN_IF, 0); if (fnum == -1) { - printf("Open of pipe %s failed with error (%s)\n", pipe_name, cli_errstr(cli1)); + printf("Open of pipe %s failed with error (%s)\n", pipe_name, cli_errstr(&cli1)); break; } num_pipes++; } printf("pipe_number test - we can open %d %s pipes.\n", num_pipes, pipe_name ); - torture_close_connection(cli1); + torture_close_connection(&cli1); return True; } @@ -3441,14 +3135,15 @@ static BOOL run_pipe_number(int dummy) */ static BOOL run_opentest(int dummy) { - static struct cli_state *cli1; - static struct cli_state *cli2; + static struct cli_state cli1; + static struct cli_state cli2; const char *fname = "\\readonly.file"; int fnum1, fnum2; char buf[20]; size_t fsize; BOOL correct = True; char *tmp_path; + uint16 attr; printf("starting open test\n"); @@ -3456,77 +3151,77 @@ static BOOL run_opentest(int dummy) return False; } - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); + cli_setatr(&cli1, fname, 0, 0); + cli_unlink(&cli1, fname); - cli_sockopt(cli1, sockops); + cli_sockopt(&cli1, sockops); - fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); if (fnum1 == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - if (!cli_close(cli1, fnum1)) { - printf("close2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close2 failed (%s)\n", cli_errstr(&cli1)); return False; } - if (!cli_setatr(cli1, fname, aRONLY, 0)) { - printf("cli_setatr failed (%s)\n", cli_errstr(cli1)); + if (!cli_setatr(&cli1, fname, aRONLY, 0)) { + printf("cli_setatr failed (%s)\n", cli_errstr(&cli1)); return False; } - fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_WRITE); + fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_WRITE); if (fnum1 == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } /* This will fail - but the error should be ERRnoaccess, not ERRbadshare. */ - fnum2 = cli_open(cli1, fname, O_RDWR, DENY_ALL); + fnum2 = cli_open(&cli1, fname, O_RDWR, DENY_ALL); - if (check_error(__LINE__, cli1, ERRDOS, ERRnoaccess, + if (check_error(__LINE__, &cli1, ERRDOS, ERRnoaccess, NT_STATUS_ACCESS_DENIED)) { printf("correct error code ERRDOS/ERRnoaccess returned\n"); } printf("finished open test 1\n"); - cli_close(cli1, fnum1); + cli_close(&cli1, fnum1); /* Now try not readonly and ensure ERRbadshare is returned. */ - cli_setatr(cli1, fname, 0, 0); + cli_setatr(&cli1, fname, 0, 0); - fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_WRITE); + fnum1 = cli_open(&cli1, fname, O_RDONLY, DENY_WRITE); if (fnum1 == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("open of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } /* This will fail - but the error should be ERRshare. */ - fnum2 = cli_open(cli1, fname, O_RDWR, DENY_ALL); + fnum2 = cli_open(&cli1, fname, O_RDWR, DENY_ALL); - if (check_error(__LINE__, cli1, ERRDOS, ERRbadshare, + if (check_error(__LINE__, &cli1, ERRDOS, ERRbadshare, NT_STATUS_SHARING_VIOLATION)) { printf("correct error code ERRDOS/ERRbadshare returned\n"); } - if (!cli_close(cli1, fnum1)) { - printf("close2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close2 failed (%s)\n", cli_errstr(&cli1)); return False; } - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); printf("finished open test 2\n"); /* Test truncate open disposition on file opened for read. */ - fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); if (fnum1 == -1) { - printf("(3) open (1) of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("(3) open (1) of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } @@ -3534,19 +3229,19 @@ static BOOL run_opentest(int dummy) memset(buf, '\0', 20); - if (cli_write(cli1, fnum1, 0, buf, 0, 20) != 20) { - printf("write failed (%s)\n", cli_errstr(cli1)); + if (cli_write(&cli1, fnum1, 0, buf, 0, 20) != 20) { + printf("write failed (%s)\n", cli_errstr(&cli1)); correct = False; } - if (!cli_close(cli1, fnum1)) { - printf("(3) close1 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("(3) close1 failed (%s)\n", cli_errstr(&cli1)); return False; } /* Ensure size == 20. */ - if (!cli_getatr(cli1, fname, NULL, &fsize, NULL)) { - printf("(3) getatr failed (%s)\n", cli_errstr(cli1)); + if (!cli_getatr(&cli1, fname, NULL, &fsize, NULL)) { + printf("(3) getatr failed (%s)\n", cli_errstr(&cli1)); return False; } @@ -3557,20 +3252,20 @@ static BOOL run_opentest(int dummy) /* Now test if we can truncate a file opened for readonly. */ - fnum1 = cli_open(cli1, fname, O_RDONLY|O_TRUNC, DENY_NONE); + fnum1 = cli_open(&cli1, fname, O_RDONLY|O_TRUNC, DENY_NONE); if (fnum1 == -1) { - printf("(3) open (2) of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("(3) open (2) of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - if (!cli_close(cli1, fnum1)) { - printf("close2 failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close2 failed (%s)\n", cli_errstr(&cli1)); return False; } /* Ensure size == 0. */ - if (!cli_getatr(cli1, fname, NULL, &fsize, NULL)) { - printf("(3) getatr failed (%s)\n", cli_errstr(cli1)); + if (!cli_getatr(&cli1, fname, NULL, &fsize, NULL)) { + printf("(3) getatr failed (%s)\n", cli_errstr(&cli1)); return False; } @@ -3580,21 +3275,21 @@ static BOOL run_opentest(int dummy) } printf("finished open test 3\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); printf("testing ctemp\n"); - fnum1 = cli_ctemp(cli1, "\\", &tmp_path); + fnum1 = cli_ctemp(&cli1, "\\", &tmp_path); if (fnum1 == -1) { - printf("ctemp failed (%s)\n", cli_errstr(cli1)); + printf("ctemp failed (%s)\n", cli_errstr(&cli1)); return False; } printf("ctemp gave path %s\n", tmp_path); - if (!cli_close(cli1, fnum1)) { - printf("close of temp failed (%s)\n", cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("close of temp failed (%s)\n", cli_errstr(&cli1)); } - if (!cli_unlink(cli1, tmp_path)) { - printf("unlink of temp failed (%s)\n", cli_errstr(cli1)); + if (!cli_unlink(&cli1, tmp_path)) { + printf("unlink of temp failed (%s)\n", cli_errstr(&cli1)); } /* Test the non-io opens... */ @@ -3603,158 +3298,158 @@ static BOOL run_opentest(int dummy) return False; } - cli_setatr(cli2, fname, 0, 0); - cli_unlink(cli2, fname); + cli_setatr(&cli2, fname, 0, 0); + cli_unlink(&cli2, fname); - cli_sockopt(cli2, sockops); + cli_sockopt(&cli2, sockops); printf("TEST #1 testing 2 non-io opens (no delete)\n"); - fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("test 1 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("test 1 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - fnum2 = cli_nt_create_full(cli2, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OPEN_IF, 0, 0); + fnum2 = cli_nt_create_full(&cli2, fname,FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OPEN_IF, 0); if (fnum2 == -1) { - printf("test 1 open 2 of %s failed (%s)\n", fname, cli_errstr(cli2)); + printf("test 1 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli2)); return False; } - if (!cli_close(cli1, fnum1)) { - printf("test 1 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("test 1 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - if (!cli_close(cli2, fnum2)) { - printf("test 1 close 2 of %s failed (%s)\n", fname, cli_errstr(cli2)); + if (!cli_close(&cli2, fnum2)) { + printf("test 1 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli2)); return False; } printf("non-io open test #1 passed.\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); printf("TEST #2 testing 2 non-io opens (first with delete)\n"); - fnum1 = cli_nt_create_full(cli1, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("test 2 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("test 2 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - fnum2 = cli_nt_create_full(cli2, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OPEN_IF, 0, 0); + fnum2 = cli_nt_create_full(&cli2, fname,FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OPEN_IF, 0); if (fnum2 == -1) { - printf("test 2 open 2 of %s failed (%s)\n", fname, cli_errstr(cli2)); + printf("test 2 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli2)); return False; } - if (!cli_close(cli1, fnum1)) { - printf("test 1 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("test 1 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - if (!cli_close(cli2, fnum2)) { - printf("test 1 close 2 of %s failed (%s)\n", fname, cli_errstr(cli1)); + if (!cli_close(&cli2, fnum2)) { + printf("test 1 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } printf("non-io open test #2 passed.\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); printf("TEST #3 testing 2 non-io opens (second with delete)\n"); - fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("test 3 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("test 3 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - fnum2 = cli_nt_create_full(cli2, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OPEN_IF, 0, 0); + fnum2 = cli_nt_create_full(&cli2, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OPEN_IF, 0); if (fnum2 == -1) { - printf("test 3 open 2 of %s failed (%s)\n", fname, cli_errstr(cli2)); + printf("test 3 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli2)); return False; } - if (!cli_close(cli1, fnum1)) { - printf("test 3 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("test 3 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - if (!cli_close(cli2, fnum2)) { - printf("test 3 close 2 of %s failed (%s)\n", fname, cli_errstr(cli2)); + if (!cli_close(&cli2, fnum2)) { + printf("test 3 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli2)); return False; } printf("non-io open test #3 passed.\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); printf("TEST #4 testing 2 non-io opens (both with delete)\n"); - fnum1 = cli_nt_create_full(cli1, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("test 4 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("test 4 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - fnum2 = cli_nt_create_full(cli2, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OPEN_IF, 0, 0); + fnum2 = cli_nt_create_full(&cli2, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OPEN_IF, 0); if (fnum2 != -1) { - printf("test 4 open 2 of %s SUCCEEDED - should have failed (%s)\n", fname, cli_errstr(cli2)); + printf("test 4 open 2 of %s SUCCEEDED - should have failed (%s)\n", fname, cli_errstr(&cli2)); return False; } - printf("test 3 open 2 of %s gave %s (correct error should be %s)\n", fname, cli_errstr(cli2), "sharing violation"); + printf("test 3 open 2 of %s gave %s (correct error should be %s)\n", fname, cli_errstr(&cli2), "sharing violation"); - if (!cli_close(cli1, fnum1)) { - printf("test 4 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("test 4 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } printf("non-io open test #4 passed.\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); printf("TEST #5 testing 2 non-io opens (both with delete - both with file share delete)\n"); - fnum1 = cli_nt_create_full(cli1, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_DELETE, FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_DELETE, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("test 5 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("test 5 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - fnum2 = cli_nt_create_full(cli2, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_DELETE, FILE_OPEN_IF, 0, 0); + fnum2 = cli_nt_create_full(&cli2, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_DELETE, FILE_OPEN_IF, 0); if (fnum2 == -1) { - printf("test 5 open 2 of %s failed (%s)\n", fname, cli_errstr(cli2)); + printf("test 5 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli2)); return False; } - if (!cli_close(cli1, fnum1)) { - printf("test 5 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("test 5 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - if (!cli_close(cli2, fnum2)) { - printf("test 5 close 2 of %s failed (%s)\n", fname, cli_errstr(cli2)); + if (!cli_close(&cli2, fnum2)) { + printf("test 5 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli2)); return False; } @@ -3762,31 +3457,31 @@ static BOOL run_opentest(int dummy) printf("TEST #6 testing 1 non-io open, one io open\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); - fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("test 6 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("test 6 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - fnum2 = cli_nt_create_full(cli2, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ, FILE_OPEN_IF, 0, 0); + fnum2 = cli_nt_create_full(&cli2, fname,FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ, FILE_OPEN_IF, 0); if (fnum2 == -1) { - printf("test 6 open 2 of %s failed (%s)\n", fname, cli_errstr(cli2)); + printf("test 6 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli2)); return False; } - if (!cli_close(cli1, fnum1)) { - printf("test 6 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("test 6 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - if (!cli_close(cli2, fnum2)) { - printf("test 6 close 2 of %s failed (%s)\n", fname, cli_errstr(cli2)); + if (!cli_close(&cli2, fnum2)) { + printf("test 6 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli2)); return False; } @@ -3794,203 +3489,135 @@ static BOOL run_opentest(int dummy) printf("TEST #7 testing 1 non-io open, one io open with delete\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); - fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0); + fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); if (fnum1 == -1) { - printf("test 7 open 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + printf("test 7 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - fnum2 = cli_nt_create_full(cli2, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ|FILE_SHARE_DELETE, FILE_OPEN_IF, 0, 0); + fnum2 = cli_nt_create_full(&cli2, fname,DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ|FILE_SHARE_DELETE, FILE_OPEN_IF, 0); if (fnum2 != -1) { - printf("test 7 open 2 of %s SUCCEEDED - should have failed (%s)\n", fname, cli_errstr(cli2)); + printf("test 7 open 2 of %s SUCCEEDED - should have failed (%s)\n", fname, cli_errstr(&cli2)); return False; } - printf("test 7 open 2 of %s gave %s (correct error should be %s)\n", fname, cli_errstr(cli2), "sharing violation"); + printf("test 7 open 2 of %s gave %s (correct error should be %s)\n", fname, cli_errstr(&cli2), "sharing violation"); - if (!cli_close(cli1, fnum1)) { - printf("test 7 close 1 of %s failed (%s)\n", fname, cli_errstr(cli1)); + if (!cli_close(&cli1, fnum1)) { + printf("test 7 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } printf("non-io open test #7 passed.\n"); - cli_unlink(cli1, fname); + cli_unlink(&cli1, fname); - if (!torture_close_connection(cli1)) { - correct = False; + /* Test 8 - attributes test #1... */ + fnum1 = cli_nt_create_full(&cli1, fname,FILE_WRITE_DATA, FILE_ATTRIBUTE_HIDDEN, + FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); + + if (fnum1 == -1) { + printf("test 8 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); + return False; } - if (!torture_close_connection(cli2)) { - correct = False; + + if (!cli_close(&cli1, fnum1)) { + printf("test 8 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); + return False; } - - return correct; -} -static uint32 open_attrs_table[] = { - FILE_ATTRIBUTE_NORMAL, - FILE_ATTRIBUTE_ARCHIVE, - FILE_ATTRIBUTE_READONLY, - FILE_ATTRIBUTE_HIDDEN, - FILE_ATTRIBUTE_SYSTEM, - - FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY, - FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, - FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, - FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, - FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, - FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM, - - FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, - FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, - FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM, - FILE_ATTRIBUTE_HIDDEN,FILE_ATTRIBUTE_SYSTEM, -}; - -struct trunc_open_results { - unsigned int num; - uint32 init_attr; - uint32 trunc_attr; - uint32 result_attr; -}; - -static struct trunc_open_results attr_results[] = { - { 0, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE }, - { 1, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE }, - { 2, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_READONLY, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY }, - { 16, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE }, - { 17, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE }, - { 18, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_READONLY, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY }, - { 51, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN }, - { 54, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN }, - { 56, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN }, - { 68, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM }, - { 71, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM }, - { 73, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM }, - { 99, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN }, - { 102, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN }, - { 104, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN }, - { 116, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM }, - { 119, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM }, - { 121, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM }, - { 170, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN }, - { 173, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM }, - { 227, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN }, - { 230, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN }, - { 232, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN }, - { 244, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM }, - { 247, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM }, - { 249, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM } -}; - -static BOOL run_openattrtest(int dummy) -{ - static struct cli_state *cli1; - const char *fname = "\\openattr.file"; - int fnum1; - BOOL correct = True; - uint16 attr; - unsigned int i, j, k, l; + /* FILE_SUPERSEDE && FILE_OVERWRITE_IF have the same effect here. */ + fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_DATA, FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); - printf("starting open attr test\n"); - - if (!torture_open_connection(&cli1)) { + if (fnum1 == -1) { + printf("test 8 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli1)); return False; } - - cli_sockopt(cli1, sockops); - for (k = 0, i = 0; i < sizeof(open_attrs_table)/sizeof(uint32); i++) { - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); - fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_WRITE_DATA, open_attrs_table[i], - FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0); + if (!cli_close(&cli1, fnum1)) { + printf("test 8 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli1)); + return False; + } - if (fnum1 == -1) { - printf("open %d (1) of %s failed (%s)\n", i, fname, cli_errstr(cli1)); - return False; - } + /* This open should fail with ACCESS_DENIED for FILE_SUPERSEDE, FILE_OVERWRITE and FILE_OVERWRITE_IF. */ + fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OVERWRITE, 0); - if (!cli_close(cli1, fnum1)) { - printf("close %d (1) of %s failed (%s)\n", i, fname, cli_errstr(cli1)); - return False; + if (fnum1 != -1) { + printf("test 8 open 3 of %s succeeded - should have failed with (NT_STATUS_ACCESS_DENIED)\n", fname); + correct = False; + cli_close(&cli1, fnum1); + } else { + if (check_error(__LINE__, &cli1, ERRDOS, ERRnoaccess, NT_STATUS_ACCESS_DENIED)) { + printf("correct error code NT_STATUS_ACCESS_DENIED/ERRDOS:ERRnoaccess returned\n"); } + } - for (j = 0; j < sizeof(open_attrs_table)/sizeof(uint32); j++) { - fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA, open_attrs_table[j], - FILE_SHARE_NONE, FILE_OVERWRITE, 0, 0); - - if (fnum1 == -1) { - for (l = 0; l < sizeof(attr_results)/sizeof(struct trunc_open_results); l++) { - if (attr_results[l].num == k) { - printf("[%d] trunc open 0x%x -> 0x%x of %s failed - should have succeeded !(0x%x:%s)\n", - k, open_attrs_table[i], - open_attrs_table[j], - fname, NT_STATUS_V(cli_nt_error(cli1)), cli_errstr(cli1)); - correct = False; - } - } - if (NT_STATUS_V(cli_nt_error(cli1)) != NT_STATUS_V(NT_STATUS_ACCESS_DENIED)) { - printf("[%d] trunc open 0x%x -> 0x%x failed with wrong error code %s\n", - k, open_attrs_table[i], open_attrs_table[j], - cli_errstr(cli1)); - correct = False; - } -#if 0 - printf("[%d] trunc open 0x%x -> 0x%x failed\n", k, open_attrs_table[i], open_attrs_table[j]); -#endif - k++; - continue; - } + printf("Attribute open test #8 %s.\n", correct ? "passed" : "failed"); - if (!cli_close(cli1, fnum1)) { - printf("close %d (2) of %s failed (%s)\n", j, fname, cli_errstr(cli1)); - return False; - } + cli_unlink(&cli1, fname); - if (!cli_getatr(cli1, fname, &attr, NULL, NULL)) { - printf("getatr(2) failed (%s)\n", cli_errstr(cli1)); - return False; - } + /* + * Test #9. Open with NORMAL, close, then re-open with attribute + * HIDDEN and request to truncate. + */ -#if 0 - printf("[%d] getatr check [0x%x] trunc [0x%x] got attr 0x%x\n", - k, open_attrs_table[i], open_attrs_table[j], attr ); -#endif + fnum1 = cli_nt_create_full(&cli1, fname,FILE_WRITE_DATA, FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0); - for (l = 0; l < sizeof(attr_results)/sizeof(struct trunc_open_results); l++) { - if (attr_results[l].num == k) { - if (attr != attr_results[l].result_attr || - open_attrs_table[i] != attr_results[l].init_attr || - open_attrs_table[j] != attr_results[l].trunc_attr) { - printf("getatr check failed. [0x%x] trunc [0x%x] got attr 0x%x, should be 0x%x\n", - open_attrs_table[i], - open_attrs_table[j], - (unsigned int)attr, - attr_results[l].result_attr); - correct = False; - } - break; - } - } - k++; - } + if (fnum1 == -1) { + printf("test 9 open 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); + return False; + } + + if (!cli_close(&cli1, fnum1)) { + printf("test 9 close 1 of %s failed (%s)\n", fname, cli_errstr(&cli1)); + return False; + } + + fnum1 = cli_nt_create_full(&cli1, fname,FILE_READ_DATA|FILE_WRITE_DATA, FILE_ATTRIBUTE_HIDDEN, + FILE_SHARE_NONE, FILE_OVERWRITE, 0); + + if (fnum1 == -1) { + printf("test 9 open 2 of %s failed (%s)\n", fname, cli_errstr(&cli1)); + return False; + } + + if (!cli_close(&cli1, fnum1)) { + printf("test 9 close 2 of %s failed (%s)\n", fname, cli_errstr(&cli1)); + return False; + } + + /* Ensure we have attr hidden. */ + if (!cli_getatr(&cli1, fname, &attr, NULL, NULL)) { + printf("test 9 getatr(2) failed (%s)\n", cli_errstr(&cli1)); + return False; + } + + if (!(attr & FILE_ATTRIBUTE_HIDDEN)) { + printf("test 9 getatr didn't have HIDDEN attribute\n"); + cli_unlink(&cli1, fname); + return False; } - cli_setatr(cli1, fname, 0, 0); - cli_unlink(cli1, fname); + printf("Attribute open test #9 %s.\n", correct ? "passed" : "failed"); - printf("open attr test %s.\n", correct ? "passed" : "failed"); + cli_unlink(&cli1, fname); - if (!torture_close_connection(cli1)) { + if (!torture_close_connection(&cli1)) { + correct = False; + } + if (!torture_close_connection(&cli2)) { correct = False; } + return correct; } @@ -4005,7 +3632,7 @@ static void list_fn(file_info *finfo, const char *name, void *state) static BOOL run_dirtest(int dummy) { int i; - static struct cli_state *cli; + static struct cli_state cli; int fnum; double t1; BOOL correct = True; @@ -4016,25 +3643,25 @@ static BOOL run_dirtest(int dummy) return False; } - cli_sockopt(cli, sockops); + cli_sockopt(&cli, sockops); srandom(0); for (i=0;i<torture_numops;i++) { fstring fname; slprintf(fname, sizeof(fname), "\\%x", (int)random()); - fnum = cli_open(cli, fname, O_RDWR|O_CREAT, DENY_NONE); + fnum = cli_open(&cli, fname, O_RDWR|O_CREAT, DENY_NONE); if (fnum == -1) { fprintf(stderr,"Failed to open %s\n", fname); return False; } - cli_close(cli, fnum); + cli_close(&cli, fnum); } t1 = end_timer(); - printf("Matched %d\n", cli_list(cli, "a*.*", 0, list_fn, NULL)); - printf("Matched %d\n", cli_list(cli, "b*.*", 0, list_fn, NULL)); - printf("Matched %d\n", cli_list(cli, "xyzabc", 0, list_fn, NULL)); + printf("Matched %d\n", cli_list(&cli, "a*.*", 0, list_fn, NULL)); + printf("Matched %d\n", cli_list(&cli, "b*.*", 0, list_fn, NULL)); + printf("Matched %d\n", cli_list(&cli, "xyzabc", 0, list_fn, NULL)); printf("dirtest core %g seconds\n", end_timer() - t1); @@ -4042,10 +3669,10 @@ static BOOL run_dirtest(int dummy) for (i=0;i<torture_numops;i++) { fstring fname; slprintf(fname, sizeof(fname), "\\%x", (int)random()); - cli_unlink(cli, fname); + cli_unlink(&cli, fname); } - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } @@ -4072,150 +3699,10 @@ static void del_fn(file_info *finfo, const char *mask, void *state) } } - -/* - sees what IOCTLs are supported - */ -BOOL torture_ioctl_test(int dummy) -{ - static struct cli_state *cli; - uint16 device, function; - int fnum; - const char *fname = "\\ioctl.dat"; - DATA_BLOB blob; - NTSTATUS status; - - if (!torture_open_connection(&cli)) { - return False; - } - - printf("starting ioctl test\n"); - - cli_unlink(cli, fname); - - fnum = cli_open(cli, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); - if (fnum == -1) { - printf("open of %s failed (%s)\n", fname, cli_errstr(cli)); - return False; - } - - status = cli_raw_ioctl(cli, fnum, 0x2d0000 | (0x0420<<2), &blob); - printf("ioctl device info: %s\n", cli_errstr(cli)); - - status = cli_raw_ioctl(cli, fnum, IOCTL_QUERY_JOB_INFO, &blob); - printf("ioctl job info: %s\n", cli_errstr(cli)); - - for (device=0;device<0x100;device++) { - printf("testing device=0x%x\n", device); - for (function=0;function<0x100;function++) { - uint32 code = (device<<16) | function; - - status = cli_raw_ioctl(cli, fnum, code, &blob); - - if (NT_STATUS_IS_OK(status)) { - printf("ioctl 0x%x OK : %d bytes\n", code, blob.length); - data_blob_free(&blob); - } - } - } - - if (!torture_close_connection(cli)) { - return False; - } - - return True; -} - - -/* - tries varients of chkpath - */ -BOOL torture_chkpath_test(int dummy) -{ - static struct cli_state *cli; - int fnum; - BOOL ret; - - if (!torture_open_connection(&cli)) { - return False; - } - - printf("starting chkpath test\n"); - - /* cleanup from an old run */ - cli_rmdir(cli, "\\chkpath.dir\\dir2"); - cli_unlink(cli, "\\chkpath.dir\\*"); - cli_rmdir(cli, "\\chkpath.dir"); - - if (!cli_mkdir(cli, "\\chkpath.dir")) { - printf("mkdir1 failed : %s\n", cli_errstr(cli)); - return False; - } - - if (!cli_mkdir(cli, "\\chkpath.dir\\dir2")) { - printf("mkdir2 failed : %s\n", cli_errstr(cli)); - return False; - } - - fnum = cli_open(cli, "\\chkpath.dir\\foo.txt", O_RDWR|O_CREAT|O_EXCL, DENY_NONE); - if (fnum == -1) { - printf("open1 failed (%s)\n", cli_errstr(cli)); - return False; - } - cli_close(cli, fnum); - - if (!cli_chkpath(cli, "\\chkpath.dir")) { - printf("chkpath1 failed: %s\n", cli_errstr(cli)); - ret = False; - } - - if (!cli_chkpath(cli, "\\chkpath.dir\\dir2")) { - printf("chkpath2 failed: %s\n", cli_errstr(cli)); - ret = False; - } - - if (!cli_chkpath(cli, "\\chkpath.dir\\foo.txt")) { - ret = check_error(__LINE__, cli, ERRDOS, ERRbadpath, - NT_STATUS_NOT_A_DIRECTORY); - } else { - printf("* chkpath on a file should fail\n"); - ret = False; - } - - if (!cli_chkpath(cli, "\\chkpath.dir\\bar.txt")) { - ret = check_error(__LINE__, cli, ERRDOS, ERRbadfile, - NT_STATUS_OBJECT_NAME_NOT_FOUND); - } else { - printf("* chkpath on a non existant file should fail\n"); - ret = False; - } - - if (!cli_chkpath(cli, "\\chkpath.dir\\dirxx\\bar.txt")) { - ret = check_error(__LINE__, cli, ERRDOS, ERRbadpath, - NT_STATUS_OBJECT_PATH_NOT_FOUND); - } else { - printf("* chkpath on a non existent component should fail\n"); - ret = False; - } - - cli_rmdir(cli, "\\chkpath.dir\\dir2"); - cli_unlink(cli, "\\chkpath.dir\\*"); - cli_rmdir(cli, "\\chkpath.dir"); - - if (!torture_close_connection(cli)) { - return False; - } - - return ret; -} - - - - static BOOL run_dirtest1(int dummy) { int i; - static struct cli_state *cli; + static struct cli_state cli; int fnum, num_seen; BOOL correct = True; @@ -4225,36 +3712,36 @@ static BOOL run_dirtest1(int dummy) return False; } - cli_sockopt(cli, sockops); + cli_sockopt(&cli, sockops); - cli_list(cli, "\\LISTDIR\\*", 0, del_fn, cli); - cli_list(cli, "\\LISTDIR\\*", aDIR, del_fn, cli); - cli_rmdir(cli, "\\LISTDIR"); - cli_mkdir(cli, "\\LISTDIR"); + cli_list(&cli, "\\LISTDIR\\*", 0, del_fn, &cli); + cli_list(&cli, "\\LISTDIR\\*", aDIR, del_fn, &cli); + cli_rmdir(&cli, "\\LISTDIR"); + cli_mkdir(&cli, "\\LISTDIR"); /* Create 1000 files and 1000 directories. */ for (i=0;i<1000;i++) { fstring fname; slprintf(fname, sizeof(fname), "\\LISTDIR\\f%d", i); - fnum = cli_nt_create_full(cli, fname, 0, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_ARCHIVE, - FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0, 0); + fnum = cli_nt_create_full(&cli, fname, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_ARCHIVE, + FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0); if (fnum == -1) { fprintf(stderr,"Failed to open %s\n", fname); return False; } - cli_close(cli, fnum); + cli_close(&cli, fnum); } for (i=0;i<1000;i++) { fstring fname; slprintf(fname, sizeof(fname), "\\LISTDIR\\d%d", i); - if (!cli_mkdir(cli, fname)) { + if (!cli_mkdir(&cli, fname)) { fprintf(stderr,"Failed to open %s\n", fname); return False; } } /* Now ensure that doing an old list sees both files and directories. */ - num_seen = cli_list_old(cli, "\\LISTDIR\\*", aDIR, list_fn, NULL); + num_seen = cli_list_old(&cli, "\\LISTDIR\\*", aDIR, list_fn, NULL); printf("num_seen = %d\n", num_seen ); /* We should see 100 files + 1000 directories + . and .. */ if (num_seen != 2002) @@ -4263,28 +3750,28 @@ static BOOL run_dirtest1(int dummy) /* Ensure if we have the "must have" bits we only see the * relevent entries. */ - num_seen = cli_list_old(cli, "\\LISTDIR\\*", (aDIR<<8)|aDIR, list_fn, NULL); + num_seen = cli_list_old(&cli, "\\LISTDIR\\*", (aDIR<<8)|aDIR, list_fn, NULL); printf("num_seen = %d\n", num_seen ); if (num_seen != 1002) correct = False; - num_seen = cli_list_old(cli, "\\LISTDIR\\*", (aARCH<<8)|aDIR, list_fn, NULL); + num_seen = cli_list_old(&cli, "\\LISTDIR\\*", (aARCH<<8)|aDIR, list_fn, NULL); printf("num_seen = %d\n", num_seen ); if (num_seen != 1000) correct = False; /* Delete everything. */ - cli_list(cli, "\\LISTDIR\\*", 0, del_fn, cli); - cli_list(cli, "\\LISTDIR\\*", aDIR, del_fn, cli); - cli_rmdir(cli, "\\LISTDIR"); + cli_list(&cli, "\\LISTDIR\\*", 0, del_fn, &cli); + cli_list(&cli, "\\LISTDIR\\*", aDIR, del_fn, &cli); + cli_rmdir(&cli, "\\LISTDIR"); #if 0 - printf("Matched %d\n", cli_list(cli, "a*.*", 0, list_fn, NULL)); - printf("Matched %d\n", cli_list(cli, "b*.*", 0, list_fn, NULL)); - printf("Matched %d\n", cli_list(cli, "xyzabc", 0, list_fn, NULL)); + printf("Matched %d\n", cli_list(&cli, "a*.*", 0, list_fn, NULL)); + printf("Matched %d\n", cli_list(&cli, "b*.*", 0, list_fn, NULL)); + printf("Matched %d\n", cli_list(&cli, "xyzabc", 0, list_fn, NULL)); #endif - if (!torture_close_connection(cli)) { + if (!torture_close_connection(&cli)) { correct = False; } @@ -4438,6 +3925,7 @@ static double create_procs(BOOL (*fn)(int), BOOL *result) slprintf(myname,sizeof(myname),"CLIENT%d", i); while (1) { + memset(¤t_cli, 0, sizeof(current_cli)); if (torture_open_connection(¤t_cli)) break; if (tries-- == 0) { printf("pid %d failed to start\n", (int)getpid()); @@ -4507,7 +3995,6 @@ static struct { {"LOCK4", run_locktest4, 0}, {"LOCK5", run_locktest5, 0}, {"LOCK6", run_locktest6, 0}, - {"LOCK7", run_locktest7, 0}, {"UNLINK", run_unlinktest, 0}, {"BROWSE", run_browsetest, 0}, {"ATTR", run_attrtest, 0}, @@ -4530,9 +4017,6 @@ static struct { {"RW2", run_readwritemulti, FLAG_MULTIPROC}, {"RW3", run_readwritelarge, 0}, {"OPEN", run_opentest, 0}, -#if 1 - {"OPENATTR", run_openattrtest, 0}, -#endif {"XCOPY", run_xcopy, 0}, {"RENAME", run_rename, 0}, {"DELETE", run_deletetest, 0}, @@ -4545,10 +4029,6 @@ static struct { {"CASETABLE", torture_casetable, 0}, {"ERRMAPEXTRACT", run_error_map_extract, 0}, {"PIPE_NUMBER", run_pipe_number, 0}, - {"TCON2", run_tcon2_test, 0}, - {"IOCTL", torture_ioctl_test, 0}, - {"CHKPATH", torture_chkpath_test, 0}, - {"FDSESS", run_fdsesstest, 0}, {NULL, NULL, 0}}; @@ -4614,7 +4094,6 @@ static void usage(void) printf("\t-L use oplocks\n"); printf("\t-c CLIENT.TXT specify client load file for NBENCH\n"); printf("\t-A showall\n"); - printf("\t-p port\n"); printf("\t-s seed\n"); printf("\n\n"); @@ -4629,6 +4108,10 @@ static void usage(void) exit(1); } + + + + /**************************************************************************** main program ****************************************************************************/ @@ -4684,11 +4167,8 @@ static void usage(void) fstrcpy(workgroup, lp_workgroup()); - while ((opt = getopt(argc, argv, "p:hW:U:n:N:O:o:m:Ld:Ac:ks:")) != EOF) { + while ((opt = getopt(argc, argv, "hW:U:n:N:O:o:m:Ld:Ac:ks:")) != EOF) { switch (opt) { - case 'p': - port_to_use = atoi(optarg); - break; case 's': srandom(atoi(optarg)); break; diff --git a/source3/torture/utable.c b/source3/torture/utable.c index 3ec5932b79..2b5a912062 100644 --- a/source3/torture/utable.c +++ b/source3/torture/utable.c @@ -24,7 +24,7 @@ BOOL torture_utable(int dummy) { - struct cli_state *cli; + static struct cli_state cli; fstring fname, alt_name; int fnum; smb_ucs2_t c2; @@ -40,8 +40,8 @@ BOOL torture_utable(int dummy) memset(valid, 0, sizeof(valid)); - cli_mkdir(cli, "\\utable"); - cli_unlink(cli, "\\utable\\*"); + cli_mkdir(&cli, "\\utable"); + cli_unlink(&cli, "\\utable\\*"); for (c=1; c < 0x10000; c++) { char *p; @@ -55,13 +55,13 @@ BOOL torture_utable(int dummy) p[len] = 0; fstrcat(fname,"_a_long_extension"); - fnum = cli_open(cli, fname, O_RDWR | O_CREAT | O_TRUNC, + fnum = cli_open(&cli, fname, O_RDWR | O_CREAT | O_TRUNC, DENY_NONE); if (fnum == -1) continue; chars_allowed++; - cli_qpathinfo_alt_name(cli, fname, alt_name); + cli_qpathinfo_alt_name(&cli, fname, alt_name); if (strncmp(alt_name, "X_A_L", 5) != 0) { alt_allowed++; @@ -69,8 +69,8 @@ BOOL torture_utable(int dummy) d_printf("fname=[%s] alt_name=[%s]\n", fname, alt_name); } - cli_close(cli, fnum); - cli_unlink(cli, fname); + cli_close(&cli, fnum); + cli_unlink(&cli, fname); if (c % 100 == 0) { printf("%d (%d/%d)\r", c, chars_allowed, alt_allowed); @@ -78,7 +78,7 @@ BOOL torture_utable(int dummy) } printf("%d (%d/%d)\n", c, chars_allowed, alt_allowed); - cli_rmdir(cli, "\\utable"); + cli_rmdir(&cli, "\\utable"); d_printf("%d chars allowed %d alt chars allowed\n", chars_allowed, alt_allowed); @@ -115,7 +115,7 @@ static char *form_name(int c) BOOL torture_casetable(int dummy) { - static struct cli_state *cli; + static struct cli_state cli; char *fname; int fnum; int c, i; @@ -129,35 +129,28 @@ BOOL torture_casetable(int dummy) memset(equiv, 0, sizeof(equiv)); - cli_unlink(cli, "\\utable\\*"); - cli_rmdir(cli, "\\utable"); - if (!cli_mkdir(cli, "\\utable")) { - printf("Failed to create utable directory!\n"); - return False; - } + cli_mkdir(&cli, "\\utable"); + cli_unlink(&cli, "\\utable\\*"); for (c=1; c < 0x10000; c++) { size_t size; if (c == '.' || c == '\\') continue; - printf("%04x (%c)\n", c, isprint(c)?c:'.'); + printf("%04x\n", c); fname = form_name(c); - fnum = cli_nt_create_full(cli, fname, 0, + fnum = cli_nt_create_full(&cli, fname, GENERIC_ALL_ACCESS, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, - FILE_OPEN_IF, 0, 0); + FILE_OPEN_IF, 0); - if (fnum == -1) { - printf("Failed to create file with char %04x\n", c); - continue; - } + if (fnum == -1) continue; size = 0; - if (!cli_qfileinfo(cli, fnum, NULL, &size, + if (!cli_qfileinfo(&cli, fnum, NULL, &size, NULL, NULL, NULL, NULL, NULL)) continue; if (size > 0) { @@ -167,11 +160,11 @@ BOOL torture_casetable(int dummy) if (size/sizeof(int) >= MAX_EQUIVALENCE) { printf("too many chars match?? size=%d c=0x%04x\n", size, c); - cli_close(cli, fnum); + cli_close(&cli, fnum); return False; } - cli_read(cli, fnum, (char *)c2, 0, size); + cli_read(&cli, fnum, (char *)c2, 0, size); printf("%04x: ", c); equiv[c][0] = c; for (i=0; i<size/sizeof(int); i++) { @@ -182,12 +175,12 @@ BOOL torture_casetable(int dummy) fflush(stdout); } - cli_write(cli, fnum, 0, (char *)&c, size, sizeof(c)); - cli_close(cli, fnum); + cli_write(&cli, fnum, 0, (char *)&c, size, sizeof(c)); + cli_close(&cli, fnum); } - cli_unlink(cli, "\\utable\\*"); - cli_rmdir(cli, "\\utable"); + cli_unlink(&cli, "\\utable\\*"); + cli_rmdir(&cli, "\\utable"); return True; } diff --git a/source3/utils/editreg.c b/source3/utils/editreg.c deleted file mode 100644 index 6b3b4516bb..0000000000 --- a/source3/utils/editreg.c +++ /dev/null @@ -1,2056 +0,0 @@ -/* - Samba Unix/Linux SMB client utility editreg.c - Copyright (C) 2002 Richard Sharpe, rsharpe@richardsharpe.com - Copyright (C) 2003 Jelmer Vernooij (conversion to popt) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -/************************************************************************* - - A utility to edit a Windows NT/2K etc registry file. - - Many of the ideas in here come from other people and software. - I first looked in Wine in misc/registry.c and was also influenced by - http://www.wednesday.demon.co.uk/dosreg.html - - Which seems to contain comments from someone else. I reproduce them here - incase the site above disappears. It actually comes from - http://home.eunet.no/~pnordahl/ntpasswd/WinReg.txt. - - The goal here is to read the registry into memory, manipulate it, and then - write it out if it was changed by any actions of the user. - -The windows NT registry has 2 different blocks, where one can occur many -times... - -the "regf"-Block -================ - -"regf" is obviosly the abbreviation for "Registry file". "regf" is the -signature of the header-block which is always 4kb in size, although only -the first 64 bytes seem to be used and a checksum is calculated over -the first 0x200 bytes only! - -Offset Size Contents -0x00000000 D-Word ID: ASCII-"regf" = 0x66676572 -0x00000004 D-Word ???? //see struct REGF -0x00000008 D-Word ???? Always the same value as at 0x00000004 -0x0000000C Q-Word last modify date in WinNT date-format -0x00000014 D-Word 1 -0x00000018 D-Word 3 -0x0000001C D-Word 0 -0x00000020 D-Word 1 -0x00000024 D-Word Offset of 1st key record -0x00000028 D-Word Size of the data-blocks (Filesize-4kb) -0x0000002C D-Word 1 -0x000001FC D-Word Sum of all D-Words from 0x00000000 to -0x000001FB //XOR of all words. Nigel - -I have analyzed more registry files (from multiple machines running -NT 4.0 german version) and could not find an explanation for the values -marked with ???? the rest of the first 4kb page is not important... - -the "hbin"-Block -================ -I don't know what "hbin" stands for, but this block is always a multiple -of 4kb in size. - -Inside these hbin-blocks the different records are placed. The memory- -management looks like a C-compiler heap management to me... - -hbin-Header -=========== -Offset Size Contents -0x0000 D-Word ID: ASCII-"hbin" = 0x6E696268 -0x0004 D-Word Offset from the 1st hbin-Block -0x0008 D-Word Offset to the next hbin-Block -0x001C D-Word Block-size - -The values in 0x0008 and 0x001C should be the same, so I don't know -if they are correct or swapped... - -From offset 0x0020 inside a hbin-block data is stored with the following -format: - -Offset Size Contents -0x0000 D-Word Data-block size //this size must be a -multiple of 8. Nigel -0x0004 ???? Data - -If the size field is negative (bit 31 set), the corresponding block -is free and has a size of -blocksize! - -That does not seem to be true. All block lengths seem to be negative! (Richard Sharpe) - -The data is stored as one record per block. Block size is a multiple -of 4 and the last block reaches the next hbin-block, leaving no room. - -Records in the hbin-blocks -========================== - -nk-Record - - The nk-record can be treated as a kombination of tree-record and - key-record of the win 95 registry. - -lf-Record - - The lf-record is the counterpart to the RGKN-record (the - hash-function) - -vk-Record - - The vk-record consists information to a single value. - -sk-Record - - sk (? Security Key ?) is the ACL of the registry. - -Value-Lists - - The value-lists contain information about which values are inside a - sub-key and don't have a header. - -Datas - - The datas of the registry are (like the value-list) stored without a - header. - -All offset-values are relative to the first hbin-block and point to the -block-size field of the record-entry. to get the file offset, you have to add -the header size (4kb) and the size field (4 bytes)... - -the nk-Record -============= -Offset Size Contents -0x0000 Word ID: ASCII-"nk" = 0x6B6E -0x0002 Word for the root-key: 0x2C, otherwise 0x20 //key symbolic links 0x10. Nigel -0x0004 Q-Word write-date/time in windows nt notation -0x0010 D-Word Offset of Owner/Parent key -0x0014 D-Word number of sub-Keys -0x001C D-Word Offset of the sub-key lf-Records -0x0024 D-Word number of values -0x0028 D-Word Offset of the Value-List -0x002C D-Word Offset of the sk-Record - -0x0030 D-Word Offset of the Class-Name //see NK structure for the use of these fields. Nigel -0x0044 D-Word Unused (data-trash) //some kind of run time index. Does not appear to be important. Nigel -0x0048 Word name-length -0x004A Word class-name length -0x004C ???? key-name - -the Value-List -============== -Offset Size Contents -0x0000 D-Word Offset 1st Value -0x0004 D-Word Offset 2nd Value -0x???? D-Word Offset nth Value - -To determine the number of values, you have to look at the owner-nk-record! - -Der vk-Record -============= -Offset Size Contents -0x0000 Word ID: ASCII-"vk" = 0x6B76 -0x0002 Word name length -0x0004 D-Word length of the data //if top bit is set when offset contains data. Nigel -0x0008 D-Word Offset of Data -0x000C D-Word Type of value -0x0010 Word Flag -0x0012 Word Unused (data-trash) -0x0014 ???? Name - -If bit 0 of the flag-word is set, a name is present, otherwise the value has no name (=default) - -If the data-size is lower 5, the data-offset value is used to store the data itself! - -The data-types -============== -Wert Beteutung -0x0001 RegSZ: character string (in UNICODE!) -0x0002 ExpandSZ: string with "%var%" expanding (UNICODE!) -0x0003 RegBin: raw-binary value -0x0004 RegDWord: Dword -0x0007 RegMultiSZ: multiple strings, seperated with 0 - (UNICODE!) - -The "lf"-record -=============== -Offset Size Contents -0x0000 Word ID: ASCII-"lf" = 0x666C -0x0002 Word number of keys -0x0004 ???? Hash-Records - -Hash-Record -=========== -Offset Size Contents -0x0000 D-Word Offset of corresponding "nk"-Record -0x0004 D-Word ASCII: the first 4 characters of the key-name, padded with 0's. Case sensitiv! - -Keep in mind, that the value at 0x0004 is used for checking the data-consistency! If you change the -key-name you have to change the hash-value too! - -//These hashrecords must be sorted low to high within the lf record. Nigel. - -The "sk"-block -============== -(due to the complexity of the SAM-info, not clear jet) -(This is just a security descriptor in the data. R Sharpe.) - - -Offset Size Contents -0x0000 Word ID: ASCII-"sk" = 0x6B73 -0x0002 Word Unused -0x0004 D-Word Offset of previous "sk"-Record -0x0008 D-Word Offset of next "sk"-Record -0x000C D-Word usage-counter -0x0010 D-Word Size of "sk"-record in bytes -???? //standard self -relative security desciptor. Nigel -???? ???? Security and auditing settings... -???? - -The usage counter counts the number of references to this -"sk"-record. You can use one "sk"-record for the entire registry! - -Windows nt date/time format -=========================== -The time-format is a 64-bit integer which is incremented every -0,0000001 seconds by 1 (I don't know how accurate it realy is!) -It starts with 0 at the 1st of january 1601 0:00! All values are -stored in GMT time! The time-zone is important to get the real -time! - -Common values for win95 and win-nt -================================== -Offset values marking an "end of list", are either 0 or -1 (0xFFFFFFFF). -If a value has no name (length=0, flag(bit 0)=0), it is treated as the -"Default" entry... -If a value has no data (length=0), it is displayed as empty. - -simplyfied win-3.?? registry: -============================= - -+-----------+ -| next rec. |---+ +----->+------------+ -| first sub | | | | Usage cnt. | -| name | | +-->+------------+ | | length | -| value | | | | next rec. | | | text |------->+-------+ -+-----------+ | | | name rec. |--+ +------------+ | xxxxx | - +------------+ | | value rec. |-------->+------------+ +-------+ - v | +------------+ | Usage cnt. | -+-----------+ | | length | -| next rec. | | | text |------->+-------+ -| first sub |------+ +------------+ | xxxxx | -| name | +-------+ -| value | -+-----------+ - -Greatly simplyfied structure of the nt-registry: -================================================ - -+---------------------------------------------------------------+ -| | -v | -+---------+ +---------->+-----------+ +----->+---------+ | -| "nk" | | | lf-rec. | | | nk-rec. | | -| ID | | | # of keys | | | parent |---+ -| Date | | | 1st key |--+ | .... | -| parent | | +-----------+ +---------+ -| suk-keys|-----+ -| values |--------------------->+----------+ -| SK-rec. |---------------+ | 1. value |--> +----------+ -| class |--+ | +----------+ | vk-rec. | -+---------+ | | | .... | - v | | data |--> +-------+ - +------------+ | +----------+ | xxxxx | - | Class name | | +-------+ - +------------+ | - v - +---------+ +---------+ - +----->| next sk |--->| Next sk |--+ - | +---| prev sk |<---| prev sk | | - | | | .... | | ... | | - | | +---------+ +---------+ | - | | ^ | - | | | | - | +--------------------+ | - +----------------------------------+ - ---------------------------------------------------------------------------- - -Hope this helps.... (Although it was "fun" for me to uncover this things, - it took me several sleepless nights ;) - - B.D. - -*************************************************************************/ - -#include <stdio.h> -#include <stdlib.h> -#include <errno.h> -#include <assert.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <unistd.h> -#include <sys/mman.h> -#include <string.h> -#include <fcntl.h> -#include "popt.h" - -static int verbose = 0; - -/* - * These definitions are for the in-memory registry structure. - * It is a tree structure that mimics what you see with tools like regedit - */ - -/* - * DateTime struct for Windows - */ - -typedef struct date_time_s { - unsigned int low, high; -} NTTIME; - -/* - * Definition of a Key. It has a name, classname, date/time last modified, - * sub-keys, values, and a security descriptor - */ - -#define REG_ROOT_KEY 1 -#define REG_SUB_KEY 2 -#define REG_SYM_LINK 3 - -typedef struct reg_key_s { - char *name; /* Name of the key */ - char *class_name; - int type; /* One of REG_ROOT_KEY or REG_SUB_KEY */ - NTTIME last_mod; /* Time last modified */ - struct reg_key_s *owner; - struct key_list_s *sub_keys; - struct val_list_s *values; - struct key_sec_desc_s *security; -} REG_KEY; - -/* - * The KEY_LIST struct lists sub-keys. - */ - -typedef struct key_list_s { - int key_count; - REG_KEY *keys[1]; -} KEY_LIST; - -typedef struct val_key_s { - char *name; - int has_name; - int data_type; - int data_len; - void *data_blk; /* Might want a separate block */ -} VAL_KEY; - -typedef struct val_list_s { - int val_count; - VAL_KEY *vals[1]; -} VAL_LIST; - -#ifndef MAXSUBAUTHS -#define MAXSUBAUTHS 15 -#endif - -typedef struct dom_sid_s { - unsigned char ver, auths; - unsigned char auth[6]; - unsigned int sub_auths[MAXSUBAUTHS]; -} DOM_SID; - -typedef struct ace_struct_s { - unsigned char type, flags; - unsigned int perms; /* Perhaps a better def is in order */ - DOM_SID *trustee; -} ACE; - -typedef struct acl_struct_s { - unsigned short rev, refcnt; - unsigned short num_aces; - ACE *aces[1]; -} ACL; - -typedef struct sec_desc_s { - unsigned int rev, type; - DOM_SID *owner, *group; - ACL *sacl, *dacl; -} SEC_DESC; - -#define SEC_DESC_NON 0 -#define SEC_DESC_RES 1 -#define SEC_DESC_OCU 2 - -typedef struct key_sec_desc_s { - struct key_sec_desc_s *prev, *next; - int ref_cnt; - int state; - SEC_DESC *sec_desc; -} KEY_SEC_DESC; - - -/* - * An API for accessing/creating/destroying items above - */ - -/* - * Iterate over the keys, depth first, calling a function for each key - * and indicating if it is terminal or non-terminal and if it has values. - * - * In addition, for each value in the list, call a value list function - */ - -/* - * There should eventually be one to deal with security keys as well - */ - -typedef int (*key_print_f)(const char *path, char *key_name, char *class_name, - int root, int terminal, int values); - -typedef int (*val_print_f)(const char *path, char *val_name, int val_type, - int data_len, void *data_blk, int terminal, - int first, int last); - -typedef int (*sec_print_f)(SEC_DESC *sec_desc); - -typedef struct regf_struct_s REGF; - -int nt_key_iterator(REGF *regf, REG_KEY *key_tree, int bf, const char *path, - key_print_f key_print, sec_print_f sec_print, - val_print_f val_print); - -int nt_val_list_iterator(REGF *regf, VAL_LIST *val_list, int bf, char *path, - int terminal, val_print_f val_print) -{ - int i; - - if (!val_list) return 1; - - if (!val_print) return 1; - - for (i=0; i<val_list->val_count; i++) { - if (!val_print(path, val_list->vals[i]->name, val_list->vals[i]->data_type, - val_list->vals[i]->data_len, val_list->vals[i]->data_blk, - terminal, - (i == 0), - (i == val_list->val_count))) { - - return 0; - - } - } - - return 1; -} - -int nt_key_list_iterator(REGF *regf, KEY_LIST *key_list, int bf, - const char *path, - key_print_f key_print, sec_print_f sec_print, - val_print_f val_print) -{ - int i; - - if (!key_list) return 1; - - for (i=0; i< key_list->key_count; i++) { - if (!nt_key_iterator(regf, key_list->keys[i], bf, path, key_print, - sec_print, val_print)) { - return 0; - } - } - return 1; -} - -int nt_key_iterator(REGF *regf, REG_KEY *key_tree, int bf, const char *path, - key_print_f key_print, sec_print_f sec_print, - val_print_f val_print) -{ - int path_len = strlen(path); - char *new_path; - - if (!regf || !key_tree) - return -1; - - /* List the key first, then the values, then the sub-keys */ - - if (key_print) { - - if (!(*key_print)(path, key_tree->name, - key_tree->class_name, - (key_tree->type == REG_ROOT_KEY), - (key_tree->sub_keys == NULL), - (key_tree->values?(key_tree->values->val_count):0))) - return 0; - } - - /* - * If we have a security print routine, call it - * If the security print routine returns false, stop. - */ - if (sec_print) { - if (key_tree->security && !(*sec_print)(key_tree->security->sec_desc)) - return 0; - } - - new_path = (char *)malloc(path_len + 1 + strlen(key_tree->name) + 1); - if (!new_path) return 0; /* Errors? */ - new_path[0] = '\0'; - strcat(new_path, path); - strcat(new_path, "\\"); - strcat(new_path, key_tree->name); - - /* - * Now, iterate through the values in the val_list - */ - - if (key_tree->values && - !nt_val_list_iterator(regf, key_tree->values, bf, new_path, - (key_tree->values!=NULL), - val_print)) { - - free(new_path); - return 0; - } - - /* - * Now, iterate through the keys in the key list - */ - - if (key_tree->sub_keys && - !nt_key_list_iterator(regf, key_tree->sub_keys, bf, new_path, key_print, - sec_print, val_print)) { - free(new_path); - return 0; - } - - free(new_path); - return 1; -} - -/* Make, delete keys */ - -int nt_delete_val_key(VAL_KEY *val_key) -{ - - if (val_key) { - if (val_key->data_blk) free(val_key->data_blk); - free(val_key); - }; - return 1; -} - -int nt_delete_val_list(VAL_LIST *vl) -{ - int i; - - if (vl) { - for (i=0; i<vl->val_count; i++) - nt_delete_val_key(vl->vals[i]); - free(vl); - } - return 1; -} - -int nt_delete_reg_key(REG_KEY *key); -int nt_delete_key_list(KEY_LIST *key_list) -{ - int i; - - if (key_list) { - for (i=0; i<key_list->key_count; i++) - nt_delete_reg_key(key_list->keys[i]); - free(key_list); - } - return 1; -} - -int nt_delete_sid(DOM_SID *sid) -{ - - if (sid) free(sid); - return 1; - -} - -int nt_delete_ace(ACE *ace) -{ - - if (ace) { - nt_delete_sid(ace->trustee); - free(ace); - } - return 1; - -} - -int nt_delete_acl(ACL *acl) -{ - - if (acl) { - int i; - - for (i=0; i<acl->num_aces; i++) - nt_delete_ace(acl->aces[i]); - - free(acl); - } - return 1; -} - -int nt_delete_sec_desc(SEC_DESC *sec_desc) -{ - - if (sec_desc) { - - nt_delete_sid(sec_desc->owner); - nt_delete_sid(sec_desc->group); - nt_delete_acl(sec_desc->sacl); - nt_delete_acl(sec_desc->dacl); - free(sec_desc); - - } - return 1; -} - -int nt_delete_key_sec_desc(KEY_SEC_DESC *key_sec_desc) -{ - - if (key_sec_desc) { - key_sec_desc->ref_cnt--; - if (key_sec_desc->ref_cnt<=0) { - /* - * There should always be a next and prev, even if they point to us - */ - key_sec_desc->next->prev = key_sec_desc->prev; - key_sec_desc->prev->next = key_sec_desc->next; - nt_delete_sec_desc(key_sec_desc->sec_desc); - } - } - return 1; -} - -int nt_delete_reg_key(REG_KEY *key) -{ - - if (key) { - if (key->name) free(key->name); - if (key->class_name) free(key->class_name); - - /* - * Do not delete the owner ... - */ - - if (key->sub_keys) nt_delete_key_list(key->sub_keys); - if (key->values) nt_delete_val_list(key->values); - if (key->security) nt_delete_key_sec_desc(key->security); - free(key); - } - return 1; -} - -/* - * Create/delete key lists and add delete keys to/from a list, count the keys - */ - - -/* - * Create/delete value lists, add/delete values, count them - */ - - -/* - * Create/delete security descriptors, add/delete SIDS, count SIDS, etc. - * We reference count the security descriptors. Any new reference increments - * the ref count. If we modify an SD, we copy the old one, dec the ref count - * and make the change. We also want to be able to check for equality so - * we can reduce the number of SDs in use. - */ - -/* - * Code to parse registry specification from command line or files - * - * Format: - * [cmd:]key:type:value - * - * cmd = a|d|c|add|delete|change|as|ds|cs - * - */ - - -/* - * Load and unload a registry file. - * - * Load, loads it into memory as a tree, while unload sealizes/flattens it - */ - -/* - * Get the starting record for NT Registry file - */ - -/* A map of sk offsets in the regf to KEY_SEC_DESCs for quick lookup etc */ -typedef struct sk_map_s { - int sk_off; - KEY_SEC_DESC *key_sec_desc; -} SK_MAP; - -/* - * Where we keep all the regf stuff for one registry. - * This is the structure that we use to tie the in memory tree etc - * together. By keeping separate structs, we can operate on different - * registries at the same time. - * Currently, the SK_MAP is an array of mapping structure. - * Since we only need this on input and output, we fill in the structure - * as we go on input. On output, we know how many SK items we have, so - * we can allocate the structure as we need to. - * If you add stuff here that is dynamically allocated, add the - * appropriate free statements below. - */ - -#define REGF_REGTYPE_NONE 0 -#define REGF_REGTYPE_NT 1 -#define REGF_REGTYPE_W9X 2 - -#define TTTONTTIME(r, t1, t2) (r)->last_mod_time.low = (t1); \ - (r)->last_mod_time.high = (t2); - -#define REGF_HDR_BLKSIZ 0x1000 - -struct regf_struct_s { - int reg_type; - char *regfile_name, *outfile_name; - int fd; - struct stat sbuf; - char *base; - int modified; - NTTIME last_mod_time; - REG_KEY *root; /* Root of the tree for this file */ - int sk_count, sk_map_size; - SK_MAP *sk_map; -}; - -/* - * Structures for dealing with the on-disk format of the registry - */ - -#define IVAL(buf) ((unsigned int) \ - (unsigned int)*((unsigned char *)(buf)+3)<<24| \ - (unsigned int)*((unsigned char *)(buf)+2)<<16| \ - (unsigned int)*((unsigned char *)(buf)+1)<<8| \ - (unsigned int)*((unsigned char *)(buf)+0)) - -#define SVAL(buf) ((unsigned short) \ - (unsigned short)*((unsigned char *)(buf)+1)<<8| \ - (unsigned short)*((unsigned char *)(buf)+0)) - -#define CVAL(buf) ((unsigned char)*((unsigned char *)(buf))) - -#define OFF(f) ((f) + REGF_HDR_BLKSIZ + 4) -#define LOCN(base, f) ((base) + OFF(f)) - -/* - * All of the structures below actually have a four-byte lenght before them - * which always seems to be negative. The following macro retrieves that - * size as an integer - */ - -#define BLK_SIZE(b) ((int)*(int *)(((int *)b)-1)) - -typedef unsigned int DWORD; -typedef unsigned short WORD; - -#define REG_REGF_ID 0x66676572 - -typedef struct regf_block { - DWORD REGF_ID; /* regf */ - DWORD uk1; - DWORD uk2; - DWORD tim1, tim2; - DWORD uk3; /* 1 */ - DWORD uk4; /* 3 */ - DWORD uk5; /* 0 */ - DWORD uk6; /* 1 */ - DWORD first_key; /* offset */ - unsigned int dblk_size; - DWORD uk7[116]; /* 1 */ - DWORD chksum; -} REGF_HDR; - -typedef struct hbin_sub_struct { - DWORD dblocksize; - char data[1]; -} HBIN_SUB_HDR; - -#define REG_HBIN_ID 0x6E696268 - -typedef struct hbin_struct { - DWORD HBIN_ID; /* hbin */ - DWORD next_off; - DWORD prev_off; - DWORD uk1; - DWORD uk2; - DWORD uk3; - DWORD uk4; - DWORD blk_size; - HBIN_SUB_HDR hbin_sub_hdr; -} HBIN_HDR; - -#define REG_NK_ID 0x6B6E - -typedef struct nk_struct { - WORD NK_ID; - WORD type; - DWORD t1, t2; - DWORD uk1; - DWORD own_off; - DWORD subk_num; - DWORD uk2; - DWORD lf_off; - DWORD uk3; - DWORD val_cnt; - DWORD val_off; - DWORD sk_off; - DWORD clsnam_off; - DWORD unk4[4]; - DWORD unk5; - WORD nam_len; - WORD clsnam_len; - char key_nam[1]; /* Actual length determined by nam_len */ -} NK_HDR; - -#define REG_SK_ID 0x6B73 - -typedef struct sk_struct { - WORD SK_ID; - WORD uk1; - DWORD prev_off; - DWORD next_off; - DWORD ref_cnt; - DWORD rec_size; - char sec_desc[1]; -} SK_HDR; - -typedef struct ace_struct { - unsigned char type; - unsigned char flags; - unsigned short length; - unsigned int perms; - DOM_SID trustee; -} REG_ACE; - -typedef struct acl_struct { - WORD rev; - WORD size; - DWORD num_aces; - REG_ACE *aces; /* One or more ACEs */ -} REG_ACL; - -typedef struct sec_desc_rec { - WORD rev; - WORD type; - DWORD owner_off; - DWORD group_off; - DWORD sacl_off; - DWORD dacl_off; -} REG_SEC_DESC; - -typedef struct hash_struct { - DWORD nk_off; - char hash[4]; -} HASH_REC; - -#define REG_LF_ID 0x666C - -typedef struct lf_struct { - WORD LF_ID; - WORD key_count; - struct hash_struct hr[1]; /* Array of hash records, depending on key_count */ -} LF_HDR; - -typedef DWORD VL_TYPE[1]; /* Value list is an array of vk rec offsets */ - -#define REG_VK_ID 0x6B76 - -typedef struct vk_struct { - WORD VK_ID; - WORD nam_len; - DWORD dat_len; /* If top-bit set, offset contains the data */ - DWORD dat_off; - DWORD dat_type; - WORD flag; /* =1, has name, else no name (=Default). */ - WORD unk1; - char dat_name[1]; /* Name starts here ... */ -} VK_HDR; - -#define REG_TYPE_REGSZ 1 -#define REG_TYPE_EXPANDSZ 2 -#define REG_TYPE_BIN 3 -#define REG_TYPE_DWORD 4 -#define REG_TYPE_MULTISZ 7 - -typedef struct _val_str { - unsigned int val; - const char * str; -} VAL_STR; - -const VAL_STR reg_type_names[] = { - { 1, "REG_SZ" }, - { 2, "REG_EXPAND_SZ" }, - { 3, "REG_BIN" }, - { 4, "REG_DWORD" }, - { 7, "REG_MULTI_SZ" }, - { 0, NULL }, -}; - -const char *val_to_str(unsigned int val, const VAL_STR *val_array) -{ - int i = 0; - - if (!val_array) return NULL; - - while (val_array[i].val && val_array[i].str) { - - if (val_array[i].val == val) return val_array[i].str; - i++; - - } - - return NULL; - -} - -/* - * Convert from UniCode to Ascii ... Does not take into account other lang - * Restrict by ascii_max if > 0 - */ -int uni_to_ascii(unsigned char *uni, unsigned char *ascii, int ascii_max, - int uni_max) -{ - int i = 0; - - while (i < ascii_max && !(!uni[i*2] && !uni[i*2+1])) { - if (uni_max > 0 && (i*2) >= uni_max) break; - ascii[i] = uni[i*2]; - i++; - - } - - ascii[i] = '\0'; - - return i; -} - -/* - * Convert a data value to a string for display - */ -int data_to_ascii(unsigned char *datap, int len, int type, char *ascii, int ascii_max) -{ - unsigned char *asciip; - int i; - - switch (type) { - case REG_TYPE_REGSZ: - fprintf(stderr, "Len: %d\n", len); - return uni_to_ascii(datap, ascii, len, ascii_max); - break; - - case REG_TYPE_EXPANDSZ: - return uni_to_ascii(datap, ascii, len, ascii_max); - break; - - case REG_TYPE_BIN: - asciip = ascii; - for (i=0; (i<len)&&(i+1)*3<ascii_max; i++) { - int str_rem = ascii_max - ((int)asciip - (int)ascii); - asciip += snprintf(asciip, str_rem, "%02x", *(unsigned char *)(datap+i)); - if (i < len && str_rem > 0) - *asciip = ' '; asciip++; - } - *asciip = '\0'; - return ((int)asciip - (int)ascii); - break; - - case REG_TYPE_DWORD: - if (*(int *)datap == 0) - return snprintf(ascii, ascii_max, "0"); - else - return snprintf(ascii, ascii_max, "0x%x", *(int *)datap); - break; - - case REG_TYPE_MULTISZ: - - break; - - default: - return 0; - break; - } - - return len; - -} - -REG_KEY *nt_get_key_tree(REGF *regf, NK_HDR *nk_hdr, int size); - -int nt_set_regf_input_file(REGF *regf, char *filename) -{ - return ((regf->regfile_name = strdup(filename)) != NULL); -} - -int nt_set_regf_output_file(REGF *regf, char *filename) -{ - return ((regf->outfile_name = strdup(filename)) != NULL); -} - -/* Create a regf structure and init it */ - -REGF *nt_create_regf(void) -{ - REGF *tmp = (REGF *)malloc(sizeof(REGF)); - if (!tmp) return tmp; - bzero(tmp, sizeof(REGF)); - return tmp; -} - -/* Free all the bits and pieces ... Assumes regf was malloc'd */ -/* If you add stuff to REGF, add the relevant free bits here */ -int nt_free_regf(REGF *regf) -{ - if (!regf) return 0; - - if (regf->regfile_name) free(regf->regfile_name); - if (regf->outfile_name) free(regf->outfile_name); - - /* Free the mmap'd area */ - - if (regf->base) munmap(regf->base, regf->sbuf.st_size); - regf->base = NULL; - close(regf->fd); /* Ignore the error :-) */ - - nt_delete_reg_key(regf->root); /* Free the tree */ - free(regf->sk_map); - regf->sk_count = regf->sk_map_size = 0; - - free(regf); - - return 1; -} - -/* Get the header of the registry. Return a pointer to the structure - * If the mmap'd area has not been allocated, then mmap the input file - */ -REGF_HDR *nt_get_regf_hdr(REGF *regf) -{ - if (!regf) - return NULL; /* What about errors */ - - if (!regf->regfile_name) - return NULL; /* What about errors */ - - if (!regf->base) { /* Try to mmap etc the file */ - - if ((regf->fd = open(regf->regfile_name, O_RDONLY, 0000)) <0) { - return NULL; /* What about errors? */ - } - - if (fstat(regf->fd, ®f->sbuf) < 0) { - return NULL; - } - - regf->base = mmap(0, regf->sbuf.st_size, PROT_READ, MAP_SHARED, regf->fd, 0); - - if ((int)regf->base == 1) { - fprintf(stderr, "Could not mmap file: %s, %s\n", regf->regfile_name, - strerror(errno)); - return NULL; - } - } - - /* - * At this point, regf->base != NULL, and we should be able to read the - * header - */ - - assert(regf->base != NULL); - - return (REGF_HDR *)regf->base; -} - -/* - * Validate a regf header - * For now, do nothing, but we should check the checksum - */ -int valid_regf_hdr(REGF_HDR *regf_hdr) -{ - if (!regf_hdr) return 0; - - return 1; -} - -/* - * Process an SK header ... - * Every time we see a new one, add it to the map. Otherwise, just look it up. - * We will do a simple linear search for the moment, since many KEYs have the - * same security descriptor. - * We allocate the map in increments of 10 entries. - */ - -/* - * Create a new entry in the map, and increase the size of the map if needed - */ - -SK_MAP *alloc_sk_map_entry(REGF *regf, KEY_SEC_DESC *tmp, int sk_off) -{ - if (!regf->sk_map) { /* Allocate a block of 10 */ - regf->sk_map = (SK_MAP *)malloc(sizeof(SK_MAP) * 10); - if (!regf->sk_map) { - free(tmp); - return NULL; - } - regf->sk_map_size = 10; - regf->sk_count = 1; - (regf->sk_map)[0].sk_off = sk_off; - (regf->sk_map)[0].key_sec_desc = tmp; - } - else { /* Simply allocate a new slot, unless we have to expand the list */ - int ndx = regf->sk_count; - if (regf->sk_count >= regf->sk_map_size) { - regf->sk_map = (SK_MAP *)realloc(regf->sk_map, - (regf->sk_map_size + 10)*sizeof(SK_MAP)); - if (!regf->sk_map) { - free(tmp); - return NULL; - } - /* - * ndx already points at the first entry of the new block - */ - regf->sk_map_size += 10; - } - (regf->sk_map)[ndx].sk_off = sk_off; - (regf->sk_map)[ndx].key_sec_desc = tmp; - regf->sk_count++; - } - return regf->sk_map; -} - -/* - * Search for a KEY_SEC_DESC in the sk_map, but dont create one if not - * found - */ - -KEY_SEC_DESC *lookup_sec_key(SK_MAP *sk_map, int count, int sk_off) -{ - int i; - - if (!sk_map) return NULL; - - for (i = 0; i < count; i++) { - - if (sk_map[i].sk_off == sk_off) - return sk_map[i].key_sec_desc; - - } - - return NULL; - -} - -/* - * Allocate a KEY_SEC_DESC if we can't find one in the map - */ - -KEY_SEC_DESC *lookup_create_sec_key(REGF *regf, SK_MAP *sk_map, int sk_off) -{ - KEY_SEC_DESC *tmp = lookup_sec_key(regf->sk_map, regf->sk_count, sk_off); - - if (tmp) { - return tmp; - } - else { /* Allocate a new one */ - tmp = (KEY_SEC_DESC *)malloc(sizeof(KEY_SEC_DESC)); - if (!tmp) { - return NULL; - } - tmp->state = SEC_DESC_RES; - if (!alloc_sk_map_entry(regf, tmp, sk_off)) { - return NULL; - } - return tmp; - } -} - -/* - * Allocate storage and duplicate a SID - * We could allocate the SID to be only the size needed, but I am too lazy. - */ -DOM_SID *dup_sid(DOM_SID *sid) -{ - DOM_SID *tmp = (DOM_SID *)malloc(sizeof(DOM_SID)); - int i; - - if (!tmp) return NULL; - tmp->ver = sid->ver; - tmp->auths = sid->auths; - for (i=0; i<6; i++) { - tmp->auth[i] = sid->auth[i]; - } - for (i=0; i<tmp->auths&&i<MAXSUBAUTHS; i++) { - tmp->sub_auths[i] = sid->sub_auths[i]; - } - return tmp; -} - -/* - * Allocate space for an ACE and duplicate the registry encoded one passed in - */ -ACE *dup_ace(REG_ACE *ace) -{ - ACE *tmp = NULL; - - tmp = (ACE *)malloc(sizeof(ACE)); - - if (!tmp) return NULL; - - tmp->type = CVAL(&ace->type); - tmp->flags = CVAL(&ace->flags); - tmp->perms = IVAL(&ace->perms); - tmp->trustee = dup_sid(&ace->trustee); - return tmp; -} - -/* - * Allocate space for an ACL and duplicate the registry encoded one passed in - */ -ACL *dup_acl(REG_ACL *acl) -{ - ACL *tmp = NULL; - REG_ACE* ace; - int i, num_aces; - - num_aces = IVAL(&acl->num_aces); - - tmp = (ACL *)malloc(sizeof(ACL) + (num_aces - 1)*sizeof(ACE *)); - if (!tmp) return NULL; - - tmp->num_aces = num_aces; - tmp->refcnt = 1; - tmp->rev = SVAL(&acl->rev); - ace = (REG_ACE *)&acl->aces; - for (i=0; i<num_aces; i++) { - tmp->aces[i] = dup_ace(ace); - ace = (REG_ACE *)((char *)ace + SVAL(&ace->length)); - /* XXX: FIXME, should handle malloc errors */ - } - - return tmp; -} - -SEC_DESC *process_sec_desc(REGF *regf, REG_SEC_DESC *sec_desc) -{ - SEC_DESC *tmp = NULL; - - tmp = (SEC_DESC *)malloc(sizeof(SEC_DESC)); - - if (!tmp) { - return NULL; - } - - tmp->rev = SVAL(&sec_desc->rev); - tmp->type = SVAL(&sec_desc->type); - tmp->owner = dup_sid((DOM_SID *)((char *)sec_desc + IVAL(&sec_desc->owner_off))); - if (!tmp->owner) { - free(tmp); - return NULL; - } - tmp->group = dup_sid((DOM_SID *)((char *)sec_desc + IVAL(&sec_desc->group_off))); - if (!tmp->group) { - free(tmp); - return NULL; - } - - /* Now pick up the SACL and DACL */ - - if (sec_desc->sacl_off) - tmp->sacl = dup_acl((REG_ACL *)((char *)sec_desc + IVAL(&sec_desc->sacl_off))); - else - tmp->sacl = NULL; - - if (sec_desc->dacl_off) - tmp->dacl = dup_acl((REG_ACL *)((char *)sec_desc + IVAL(&sec_desc->dacl_off))); - else - tmp->dacl = NULL; - - return tmp; -} - -KEY_SEC_DESC *process_sk(REGF *regf, SK_HDR *sk_hdr, int sk_off, int size) -{ - KEY_SEC_DESC *tmp = NULL; - int sk_next_off, sk_prev_off, sk_size; - REG_SEC_DESC *sec_desc; - - if (!sk_hdr) return NULL; - - if (SVAL(&sk_hdr->SK_ID) != REG_SK_ID) { - fprintf(stderr, "Unrecognized SK Header ID: %08X, %s\n", (int)sk_hdr, - regf->regfile_name); - return NULL; - } - - if (-size < (sk_size = IVAL(&sk_hdr->rec_size))) { - fprintf(stderr, "Incorrect SK record size: %d vs %d. %s\n", - -size, sk_size, regf->regfile_name); - return NULL; - } - - /* - * Now, we need to look up the SK Record in the map, and return it - * Since the map contains the SK_OFF mapped to KEY_SEC_DESC, we can - * use that - */ - - if (regf->sk_map && - ((tmp = lookup_sec_key(regf->sk_map, regf->sk_count, sk_off)) != NULL) - && (tmp->state == SEC_DESC_OCU)) { - tmp->ref_cnt++; - return tmp; - } - - /* Here, we have an item in the map that has been reserved, or tmp==NULL. */ - - assert(tmp == NULL || (tmp && tmp->state != SEC_DESC_NON)); - - /* - * Now, allocate a KEY_SEC_DESC, and parse the structure here, and add the - * new KEY_SEC_DESC to the mapping structure, since the offset supplied is - * the actual offset of structure. The same offset will be used by all - * all future references to this structure - * We chould put all this unpleasantness in a function. - */ - - if (!tmp) { - tmp = (KEY_SEC_DESC *)malloc(sizeof(KEY_SEC_DESC)); - if (!tmp) return NULL; - bzero(tmp, sizeof(KEY_SEC_DESC)); - - /* - * Allocate an entry in the SK_MAP ... - * We don't need to free tmp, because that is done for us if the - * sm_map entry can't be expanded when we need more space in the map. - */ - - if (!alloc_sk_map_entry(regf, tmp, sk_off)) { - return NULL; - } - } - - tmp->ref_cnt++; - tmp->state = SEC_DESC_OCU; - - /* - * Now, process the actual sec desc and plug the values in - */ - - sec_desc = (REG_SEC_DESC *)&sk_hdr->sec_desc[0]; - tmp->sec_desc = process_sec_desc(regf, sec_desc); - - /* - * Now forward and back links. Here we allocate an entry in the sk_map - * if it does not exist, and mark it reserved - */ - - sk_prev_off = IVAL(&sk_hdr->prev_off); - tmp->prev = lookup_create_sec_key(regf, regf->sk_map, sk_prev_off); - assert(tmp->prev != NULL); - sk_next_off = IVAL(&sk_hdr->next_off); - tmp->next = lookup_create_sec_key(regf, regf->sk_map, sk_next_off); - assert(tmp->next != NULL); - - return tmp; -} - -/* - * Process a VK header and return a value - */ -VAL_KEY *process_vk(REGF *regf, VK_HDR *vk_hdr, int size) -{ - char val_name[1024]; - int nam_len, dat_len, flag, dat_type, dat_off, vk_id; - const char *val_type; - VAL_KEY *tmp = NULL; - - if (!vk_hdr) return NULL; - - if ((vk_id = SVAL(&vk_hdr->VK_ID)) != REG_VK_ID) { - fprintf(stderr, "Unrecognized VK header ID: %0X, block: %0X, %s\n", - vk_id, (int)vk_hdr, regf->regfile_name); - return NULL; - } - - nam_len = SVAL(&vk_hdr->nam_len); - val_name[nam_len] = '\0'; - flag = SVAL(&vk_hdr->flag); - dat_type = IVAL(&vk_hdr->dat_type); - dat_len = IVAL(&vk_hdr->dat_len); /* If top bit, offset contains data */ - dat_off = IVAL(&vk_hdr->dat_off); - - tmp = (VAL_KEY *)malloc(sizeof(VAL_KEY)); - if (!tmp) { - goto error; - } - bzero(tmp, sizeof(VAL_KEY)); - tmp->has_name = flag; - tmp->data_type = dat_type; - - if (flag & 0x01) { - strncpy(val_name, vk_hdr->dat_name, nam_len); - tmp->name = strdup(val_name); - if (!tmp->name) { - goto error; - } - } - else - strncpy(val_name, "<No Name>", 10); - - /* - * Allocate space and copy the data as a BLOB - */ - - if (dat_len) { - - char *dtmp = (char *)malloc(dat_len&0x7FFFFFFF); - - if (!dtmp) { - goto error; - } - - tmp->data_blk = dtmp; - - if ((dat_len&0x80000000) == 0) { /* The data is pointed to by the offset */ - char *dat_ptr = LOCN(regf->base, dat_off); - bcopy(dat_ptr, dtmp, dat_len); - } - else { /* The data is in the offset */ - dat_len = dat_len & 0x7FFFFFFF; - bcopy(&dat_off, dtmp, dat_len); - } - - tmp->data_len = dat_len; - } - - val_type = val_to_str(dat_type, reg_type_names); - - /* - * We need to save the data area as well - */ - - if (verbose) fprintf(stdout, " %s : %s : \n", val_name, val_type); - - return tmp; - - error: - /* XXX: FIXME, free the partially allocated struct */ - return NULL; - -} - -/* - * Process a VL Header and return a list of values - */ -VAL_LIST *process_vl(REGF *regf, VL_TYPE vl, int count, int size) -{ - int i, vk_off; - VK_HDR *vk_hdr; - VAL_LIST *tmp = NULL; - - if (!vl) return NULL; - - if (-size < (count+1)*sizeof(int)){ - fprintf(stderr, "Error in VL header format. Size less than space required. %d\n", -size); - return NULL; - } - - tmp = (VAL_LIST *)malloc(sizeof(VAL_LIST) + (count - 1) * sizeof(VAL_KEY *)); - if (!tmp) { - goto error; - } - - for (i=0; i<count; i++) { - vk_off = IVAL(&vl[i]); - vk_hdr = (VK_HDR *)LOCN(regf->base, vk_off); - tmp->vals[i] = process_vk(regf, vk_hdr, BLK_SIZE(vk_hdr)); - if (!tmp->vals[i]){ - goto error; - } - } - - tmp->val_count = count; - - return tmp; - - error: - /* XXX: FIXME, free the partially allocated structure */ - return NULL; -} - -/* - * Process an LF Header and return a list of sub-keys - */ -KEY_LIST *process_lf(REGF *regf, LF_HDR *lf_hdr, int size) -{ - int count, i, nk_off; - unsigned int lf_id; - KEY_LIST *tmp; - - if (!lf_hdr) return NULL; - - if ((lf_id = SVAL(&lf_hdr->LF_ID)) != REG_LF_ID) { - fprintf(stderr, "Unrecognized LF Header format: %0X, Block: %0X, %s.\n", - lf_id, (int)lf_hdr, regf->regfile_name); - return NULL; - } - - assert(size < 0); - - count = SVAL(&lf_hdr->key_count); - - if (count <= 0) return NULL; - - /* Now, we should allocate a KEY_LIST struct and fill it in ... */ - - tmp = (KEY_LIST *)malloc(sizeof(KEY_LIST) + (count - 1) * sizeof(REG_KEY *)); - if (!tmp) { - goto error; - } - - tmp->key_count = count; - - for (i=0; i<count; i++) { - NK_HDR *nk_hdr; - - nk_off = IVAL(&lf_hdr->hr[i].nk_off); - nk_hdr = (NK_HDR *)LOCN(regf->base, nk_off); - tmp->keys[i] = nt_get_key_tree(regf, nk_hdr, BLK_SIZE(nk_hdr)); - if (!tmp->keys[i]) { - goto error; - } - } - - return tmp; - - error: - /* XXX: FIXME, free the partially allocated structure */ - return NULL; -} - -/* - * This routine is passed a NK_HDR pointer and retrieves the entire tree - * from there down. It return a REG_KEY *. - */ -REG_KEY *nt_get_key_tree(REGF *regf, NK_HDR *nk_hdr, int size) -{ - REG_KEY *tmp = NULL; - int name_len, clsname_len, lf_off, val_off, val_count, sk_off; - unsigned int nk_id; - LF_HDR *lf_hdr; - VL_TYPE *vl; - SK_HDR *sk_hdr; - char key_name[1024], cls_name[1024]; - - if (!nk_hdr) return NULL; - - if ((nk_id = SVAL(&nk_hdr->NK_ID)) != REG_NK_ID) { - fprintf(stderr, "Unrecognized NK Header format: %08X, Block: %0X. %s\n", - nk_id, (int)nk_hdr, regf->regfile_name); - return NULL; - } - - assert(size < 0); - - name_len = SVAL(&nk_hdr->nam_len); - clsname_len = SVAL(&nk_hdr->clsnam_len); - - /* - * The value of -size should be ge - * (sizeof(NK_HDR) - 1 + name_len) - * The -1 accounts for the fact that we included the first byte of - * the name in the structure. clsname_len is the length of the thing - * pointed to by clsnam_off - */ - - if (-size < (sizeof(NK_HDR) - 1 + name_len)) { - fprintf(stderr, "Incorrect NK_HDR size: %d, %0X\n", -size, (int)nk_hdr); - fprintf(stderr, "Sizeof NK_HDR: %d, name_len %d, clsname_len %d\n", - sizeof(NK_HDR), name_len, clsname_len); - /*return NULL;*/ - } - - if (verbose) fprintf(stdout, "NK HDR: Name len: %d, class name len: %d\n", - name_len, clsname_len); - - /* Fish out the key name and process the LF list */ - - assert(name_len < sizeof(key_name)); - - /* Allocate the key struct now */ - tmp = (REG_KEY *)malloc(sizeof(REG_KEY)); - if (!tmp) return tmp; - bzero(tmp, sizeof(REG_KEY)); - - tmp->type = (SVAL(&nk_hdr->type)==0x2C?REG_ROOT_KEY:REG_SUB_KEY); - - strncpy(key_name, nk_hdr->key_nam, name_len); - key_name[name_len] = '\0'; - - if (verbose) fprintf(stdout, "Key name: %s\n", key_name); - - tmp->name = strdup(key_name); - if (!tmp->name) { - goto error; - } - - /* - * Fish out the class name, it is in UNICODE, while the key name is - * ASCII :-) - */ - - if (clsname_len) { /* Just print in Ascii for now */ - char *clsnamep; - int clsnam_off; - - clsnam_off = IVAL(&nk_hdr->clsnam_off); - clsnamep = LOCN(regf->base, clsnam_off); - - bzero(cls_name, clsname_len); - uni_to_ascii(clsnamep, cls_name, sizeof(cls_name), clsname_len); - - /* - * I am keeping class name as an ascii string for the moment. - * That means it needs to be converted on output. - * XXX: FIXME - */ - - tmp->class_name = strdup(cls_name); - if (!tmp->class_name) { - goto error; - } - - if (verbose) fprintf(stdout, " Class Name: %s\n", cls_name); - - } - - /* - * If there are any values, process them here - */ - - val_count = IVAL(&nk_hdr->val_cnt); - - if (val_count) { - - val_off = IVAL(&nk_hdr->val_off); - vl = (VL_TYPE *)LOCN(regf->base, val_off); - - tmp->values = process_vl(regf, *vl, val_count, BLK_SIZE(vl)); - if (!tmp->values) { - goto error; - } - - } - - /* - * Also handle the SK header ... - */ - - sk_off = IVAL(&nk_hdr->sk_off); - sk_hdr = (SK_HDR *)LOCN(regf->base, sk_off); - - if (sk_off != -1) { - - tmp->security = process_sk(regf, sk_hdr, sk_off, BLK_SIZE(sk_hdr)); - - } - - lf_off = IVAL(&nk_hdr->lf_off); - - /* - * No more subkeys if lf_off == -1 - */ - - if (lf_off != -1) { - - lf_hdr = (LF_HDR *)LOCN(regf->base, lf_off); - - tmp->sub_keys = process_lf(regf, lf_hdr, BLK_SIZE(lf_hdr)); - if (!tmp->sub_keys){ - goto error; - } - - } - - return tmp; - - error: - if (tmp) nt_delete_reg_key(tmp); - return NULL; -} - -int nt_load_registry(REGF *regf) -{ - REGF_HDR *regf_hdr; - unsigned int regf_id, hbin_id; - HBIN_HDR *hbin_hdr; - NK_HDR *first_key; - - /* Get the header */ - - if ((regf_hdr = nt_get_regf_hdr(regf)) == NULL) { - return -1; - } - - /* Now process that header and start to read the rest in */ - - if ((regf_id = IVAL(®f_hdr->REGF_ID)) != REG_REGF_ID) { - fprintf(stderr, "Unrecognized NT registry header id: %0X, %s\n", - regf_id, regf->regfile_name); - return -1; - } - - /* - * Validate the header ... - */ - if (!valid_regf_hdr(regf_hdr)) { - fprintf(stderr, "Registry file header does not validate: %s\n", - regf->regfile_name); - return -1; - } - - /* Update the last mod date, and then go get the first NK record and on */ - - TTTONTTIME(regf, IVAL(®f_hdr->tim1), IVAL(®f_hdr->tim2)); - - /* - * The hbin hdr seems to be just uninteresting garbage. Check that - * it is there, but that is all. - */ - - hbin_hdr = (HBIN_HDR *)(regf->base + REGF_HDR_BLKSIZ); - - if ((hbin_id = IVAL(&hbin_hdr->HBIN_ID)) != REG_HBIN_ID) { - fprintf(stderr, "Unrecognized registry hbin hdr ID: %0X, %s\n", - hbin_id, regf->regfile_name); - return -1; - } - - /* - * Get a pointer to the first key from the hreg_hdr - */ - - first_key = (NK_HDR *)LOCN(regf->base, IVAL(®f_hdr->first_key)); - - /* - * Now, get the registry tree by processing that NK recursively - */ - - regf->root = nt_get_key_tree(regf, first_key, BLK_SIZE(first_key)); - - assert(regf->root != NULL); - - return 1; -} - -/* - * Routines to parse a REGEDIT4 file - * - * The file consists of: - * - * REGEDIT4 - * \[[-]key-path\]\n - * <value-spec>* - * - * There can be more than one key-path and value-spec. - * - * Since we want to support more than one type of file format, we - * construct a command-file structure that keeps info about the command file - */ - -#define FMT_UNREC -1 -#define FMT_REGEDIT4 0 -#define FMT_EDITREG1_1 1 - -typedef struct command_s { - int cmd; - char *key; - void *val_spec_list; -} CMD; - -/* - * We seek to offset 0, read in the required number of bytes, - * and compare to the correct value. - * We then seek back to the original location - */ -int regedit4_file_type(int fd) -{ - int cur_ofs = 0; - - cur_ofs = lseek(fd, 0, SEEK_CUR); /* Get current offset */ - if (cur_ofs < 0) { - fprintf(stderr, "Unable to get current offset: %s\n", strerror(errno)); - exit(1); - } - - if (cur_ofs) { - lseek(fd, 0, SEEK_SET); - } - - return FMT_UNREC; -} - -CMD *regedit4_get_cmd(int fd) -{ - return NULL; -} - -int regedit4_exec_cmd(CMD *cmd) -{ - - return 0; -} - -int editreg_1_1_file_type(int fd) -{ - - return FMT_UNREC; -} - -CMD *editreg_1_1_get_cmd(int fd) -{ - return NULL; -} - -int editreg_1_1_exec_cmd(CMD *cmd) -{ - - return -1; -} - -typedef struct command_ops_s { - int type; - int (*file_type)(int fd); - CMD *(*get_cmd)(int fd); - int (*exec_cmd)(CMD *cmd); -} CMD_OPS; - -CMD_OPS default_cmd_ops[] = { - {0, regedit4_file_type, regedit4_get_cmd, regedit4_exec_cmd}, - {1, editreg_1_1_file_type, editreg_1_1_get_cmd, editreg_1_1_exec_cmd}, - {-1, NULL, NULL, NULL} -}; - -typedef struct command_file_s { - char *name; - int type, fd; - CMD_OPS cmd_ops; -} CMD_FILE; - -/* - * Create a new command file structure - */ - -CMD_FILE *cmd_file_create(char *file) -{ - CMD_FILE *tmp; - struct stat sbuf; - int i = 0; - - /* - * Let's check if the file exists ... - * No use creating the cmd_file structure if the file does not exist - */ - - if (stat(file, &sbuf) < 0) { /* Not able to access file */ - - return NULL; - } - - tmp = (CMD_FILE *)malloc(sizeof(CMD_FILE)); - if (!tmp) { - return NULL; - } - - /* - * Let's fill in some of the fields; - */ - - tmp->name = strdup(file); - - if ((tmp->fd = open(file, O_RDONLY, 666)) < 0) { - free(tmp); - return NULL; - } - - /* - * Now, try to find the format by indexing through the table - */ - while (default_cmd_ops[i].type != -1) { - if ((tmp->type = default_cmd_ops[i].file_type(tmp->fd)) >= 0) { - tmp->cmd_ops = default_cmd_ops[i]; - return tmp; - } - i++; - } - - /* - * If we got here, return NULL, as we could not figure out the type - * of command file. - * - * What about errors? - */ - - free(tmp); - return NULL; -} - -/* - * Extract commands from the command file, and execute them. - * We pass a table of command callbacks for that - */ - -/* - * Main code from here on ... - */ - -/* - * key print function here ... - */ - -int print_key(const char *path, char *name, char *class_name, int root, - int terminal, int vals) -{ - - if (terminal) fprintf(stdout, "%s\\%s\n", path, name); - - return 1; -} - -/* - * Sec Desc print functions - */ - -void print_sid(DOM_SID *sid) -{ - int i, comps = sid->auths; - fprintf(stdout, "S-%u-%u", sid->ver, sid->auth[5]); - - for (i = 0; i < comps; i++) { - - fprintf(stdout, "-%u", sid->sub_auths[i]); - - } - fprintf(stdout, "\n"); -} - -int print_sec(SEC_DESC *sec_desc) -{ - - fprintf(stdout, " SECURITY\n"); - fprintf(stdout, " Owner: "); - print_sid(sec_desc->owner); - fprintf(stdout, " Group: "); - print_sid(sec_desc->group); - return 1; -} - -/* - * Value print function here ... - */ -int print_val(const char *path, char *val_name, int val_type, int data_len, - void *data_blk, int terminal, int first, int last) -{ - char data_asc[1024]; - - bzero(data_asc, sizeof(data_asc)); - if (!terminal && first) - fprintf(stdout, "%s\n", path); - data_to_ascii((unsigned char *)data_blk, data_len, val_type, data_asc, - sizeof(data_asc) - 1); - fprintf(stdout, " %s : %s : %s\n", (val_name?val_name:"<No Name>"), - val_to_str(val_type, reg_type_names), data_asc); - return 1; -} - -int main(int argc, char *argv[]) -{ - REGF *regf; - int opt; - static char *cmd_file = NULL; - poptContext pc; - struct poptOption long_options[] = { - POPT_AUTOHELP - { "verbose", 'v', POPT_ARG_NONE, NULL, 'v', "Sets verbose mode" }, - { "command-file", 'c', POPT_ARG_STRING, &cmd_file, 'c', "Specifies a command file" }, - { 0, 0, 0, 0 } - }; - - pc = poptGetContext("editreg", argc, (const char **)argv, long_options, - POPT_CONTEXT_KEEP_FIRST); - - poptSetOtherOptionHelp(pc, "<registry-file>"); - - while((opt = poptGetNextOpt(pc)) != -1) - switch(opt) { - case 'v': - verbose++; - break; - } - - poptGetArg(pc); /* For argv[0] */ - - if (!poptPeekArg(pc)) { - poptPrintUsage(pc, stderr, 0); - exit(1); - } - - if ((regf = nt_create_regf()) == NULL) { - fprintf(stderr, "Could not create registry object: %s\n", strerror(errno)); - exit(2); - } - - if (!nt_set_regf_input_file(regf, poptPeekArg(pc))) { - fprintf(stderr, "Could not set name of registry file: %s, %s\n", - poptPeekArg(pc), strerror(errno)); - exit(3); - } - - /* Now, open it, and bring it into memory :-) */ - - if (nt_load_registry(regf) < 0) { - fprintf(stderr, "Could not load registry: %s\n", poptPeekArg(pc)); - exit(4); - } - - /* - * At this point, we should have a registry in memory and should be able - * to iterate over it. - */ - - nt_key_iterator(regf, regf->root, 0, "", print_key, print_sec, print_val); - poptFreeContext(pc); - return 0; -} diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 5a8265f0b9..71b7a0802f 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -124,7 +124,6 @@ static ADS_STRUCT *ads_startup(void) ADS_STATUS status; BOOL need_password = False; BOOL second_time = False; - char *realm; ads = ads_init(NULL, NULL, opt_host); @@ -151,16 +150,6 @@ retry: ads->auth.user_name = strdup(opt_user_name); - /* - * If the username is of the form "name@realm", - * extract the realm and convert to upper case. - */ - if ((realm = strchr(ads->auth.user_name, '@'))) { - *realm++ = '\0'; - ads->auth.realm = strdup(realm); - strupper(ads->auth.realm); - } - status = ads_connect(ads); if (!ADS_ERR_OK(status)) { if (!need_password && !second_time) { diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index e3d6ce0274..56d13a5fd9 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -178,11 +178,11 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_ } #ifndef HAVE_DLOPEN - if (lp_preload_modules()) { - printf("WARNING: 'preload modules = ' set while loading plugins not supported.\n"); - } + if (lp_preload_modules()) { + printf("WARNING: 'preload modules = ' set while loading plugins not supported.\n"); + } #endif - + return ret; } |