Age | Commit message (Collapse) | Author | Files | Lines |
|
In particular this commit focuses on:
Actually adding the 'const' to the passdb interface, and the flow-on changes.
Also kill off the 'disp_info' stuff, as its no longer used.
While these changes have been mildly tested, and are pretty small, any
assistance in this is appreciated.
----
These changes introduces a large dose of 'const' to the Samba tree.
There are a number of good reasons to do this:
- I want to allow the SAM_ACCOUNT structure to move from wasteful
pstrings and fstrings to allocated strings. We can't do that if
people are modifying these outputs, as they may well make
assumptions about getting pstrings and fstrings
- I want --with-pam_smbpass to compile with a slightly sane
volume of warnings, currently its pretty bad, even in 2.2
where is compiles at all.
- Tridge assures me that he no longer opposes 'const religion'
based on the ability to #define const the problem away.
- Changed Get_Pwnam(x,y) into two variants (so that the const
parameter can work correctly): - Get_Pwnam(const x) and
Get_Pwnam_Modify(x).
- Reworked smbd/chgpasswd.c to work with these mods, passing
around a 'struct passwd' rather than the modified username
---
This finishes this line of commits off, your tree should now compile again :-)
Andrew Bartlett
(This used to be commit c95f5aeb9327347674589ae313b75bee3bf8e317)
|
|
Ensure make_conection() can only be called as root.
Jeremy.
(This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
|
|
lib/smbpasswd.c which will contain routines related to manipulating
smbpasswd entries.
- renamed and moved pdb_{get,set}hexpwd() functions
- renamed and moved pdb_{decode,encode}acct_ctrl() functions
- started hiding references to the cruftalicious
NEW_PW_FORMAT_SPACE_PADDED_LEN constant
- started gradual rename of references to acct_ctrl to acb_info which is
the nomenclature used in MSDN and header files
There's still more work to be done. Currently there are several places
where smbpasswd entries are iterated etc. Ideally this should all happen
through the passdb system.
(This used to be commit 4a01e240305fb6fead973beef4937a016b15d744)
|
|
instead of a define
(This used to be commit e2ecff419fdc0a0dc7551b33b377dc11061ef2a3)
|
|
Jeremy.
(This used to be commit 61723c18f96a7b38cab0fcf545da7fb3640c5f7b)
|
|
Jeremy.
(This used to be commit c3a1904564175a7a5cf71e88540b96f7daa59730)
|
|
libsmb/clientgen.c: Fixes for Win2k smbclient browsing.
Other fixes implement smbpasswd -x user to delete users. Also allows swat
to do the same.
Jeremy.
(This used to be commit 9f6ad046761adecafba59040baa3abc9f0959e65)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
|
|
(This used to be commit b67d66a1e9d879cd5960380c94422c0af8dedaad)
|
|
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
|
|
it appears!
(This used to be commit 399035098f212e976cc0000a215e0705ebe78c05)
|
|
Jeremy.
(This used to be commit 60dc1a4a00a22088d33369588b0d5eb292cf084a)
|
|
smbpasswd changes. Not exactly the same as his code - several
changes.
Jeremy.
(This used to be commit e96747a8e3b9ea5a79c4258e55d7e8f3bf0bf193)
|
|
widening (I hope :-).
include/config.h.in: Added #undef STAT_STATVFS64.
include/includes.h: Added SMB_STRUCT_STATVFS type, Changed SMB_BIG_INTEGER to
SMB_BIG_UINT and SMB_BIG_INT types.
include/smb.h: Added flag defines from CIFS spec.
lib/debug.c: Fixed one more mode_t issue.
lib/system.c: Added sys_statvfs wrapper.
lib/util.c: Changed trim_string to use size_t.
param/loadparm.c: Moved "blocking locks" into locking section. Alphabetised
locking options. Question - shuld we do this for all options ?
passdb/ldap.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT.
passdb/nispass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT.
passdb/smbpass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT.
smbd/dfree.c: Changed to use 64 bit types if available. Moved to use unsigned
types.
smbd/dosmode.c: Fixed one more mode_t issue.
smbd/negprot.c: Changed literals to be FLAG_ #defines.
smbd/nttrans.c: Removed dead code.
smbd/open.c: Changed disk_free call.
smbd/process.c: Changed literals to be FLAG_ #defines.
smbd/reply.c: Changed disk_free call.
smbd/trans2.c: Fixed but in SMB_QUERY_FS_VOLUME_INFO call. Was using
UNICODE - should use ascii.
tests/summary.c: Added STAT_STATVFS64 check.
Jeremy.
(This used to be commit c512b1b91fb7f2a7a93b9033a33e06d966daadb4)
|
|
config.h.in: Added fseek64 and ftell64.
includes.h: Added definition of SMB_BIG_INTEGER.
smb.h: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
access.c: Tidyup of dbug statement.
system.c: Added sys_fseek and sys_ftell. Changed mode calls to use mode_t.
asyncdns.c: Tidyup of comment.
loadparm.c: Tidyup of set_default_server_announce_type() function definition.
ldap.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
nispass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
smbpass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
smbpassfile.c: Use sys_fseek().
chgpasswd.c: Tidyup of debug statement.
dosmode.c: Changed mode calls to use mode_t.
ipc.c: Removal of dead code.
nttrans.c: Changed mode calls to use mode_t.
open.c: Changed mode calls to use mode_t.
pipes.c: Removal of dead code.
reply.c: Removal of dead code.
trans2.c: Removal of dead code. Changed mode calls to use mode_t.
Jeremy.
(This used to be commit c381d32e3dc23fe887408016cae821aceb30da2c)
|
|
prompted by the interpret_security() dead code that Jean-Francois
pointed out I added a make target "finddead" that finds potentially
dead (ie. unused) code. It spat out 304 function names ...
I went through these are deleted many of them, making others static
(finddead also reports functions that are used only in the local
file).
in doing this I have almost certainly deleted some useful code. I may
have even prevented compilation with some compile options. I
apologise. I decided it was better to get rid of this code now and add
back the one or two functions that are needed than to keep all this
baggage.
So, if I have done a bit too much "destroying" then let me know. Keep
the swearing to a minimum :)
One bit I didn't do is the ubibt code. Chris, can you look at that?
Heaps of unused functions there. Can they be made static?
(This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
|
|
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
|
|
nmbd_become_lmb.c: Add 'force_new_election' parameter to some functions.
This allows the start of the election to be done *after*
the demotion from local master browser is done.
Also changed code so release of 1d name is done
immediately to allow other local master to gain it.
nmbd_elections.c: Ensured no elections are run until we have registered
the WORKGROUP<1e> name that we must listen on to participate
in elections.
nmbd_incomingdgrams.c: Use force_new_election code.
nmbd_namelistdb.c: Make update_name_in_namelist static.
nmbd_subnetdb.c: Fix bug in comparison function. We cannot use memcmp
as structure packing may make this fail.
nmbd_packets.c: Ensure that we only send one release packet when
sending a broadcast packet.
nmbd_workgroupdb.c: Ensure we put the correct value in the ElectionCriterion field.
nmblib.c: Ensure make_nmb_name zero's the struct nmb_name.
Jeremy.
(This used to be commit 1fcb094ba04f01be1261ac92198c25b21b0d5ad5)
|
|
(This used to be commit d455d194b7110d4bcbef58134d035bd55702b6f8)
|
|
(This used to be commit dab9728a4376cc52d6e53b09b5f42d08712330d6)
|
|
store passwords in ascii format
- dealt with lots of signed/unsigned char thingies spotted by Tim Winders.
(This used to be commit bd825f1ef15c4bf12aeba945f8bfdc7fd0e14d25)
|
|
(This used to be commit c74d0defcf8e9fca326af190730439f6451f826a)
|
|
going on.
(This used to be commit b7ccea8ee190a228cf479f325a2c8578e2bd90ce)
|
|
be supported. there are some stub routines in passdb.c which can be
copied into a password database api which do conversion. the module
writer can choose which of these to provide full support for instead
of using the conversion routines.
(This used to be commit d906ac5941fa22f93a38d65906b89a80f971b83c)
|
|
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
(This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
|
|
function table, selectable at compile time. This should make the
code that implements all the password functions much cleaner, as
it's now very clear exactly what a particular password database
needs to provide to Samba.
Jeremy.
(This used to be commit 27ca536ad974242524c12f7100e419d9e7f9647f)
|
|
ldap.c: Stoped dummy_function being prototyped.
loadparm.c: Fixed slprintf sizes.
nisppass.c: Fixed safe_strcpy sizes.
nmbd_processlogon.c: Changed back to getsmb... from getsam...
nttrans.c: Just a dump of new code.
passdb.c: Moved stuff around a lot - stopped any lookups by rid. This
needs to be indirected through a function table (soon).
password.c: Changed back to getsmb... from getsam...
reply.c: Changed back to getsmb... from getsam...
slprintf.c: Fixed prototype problems.
smb.h: Fixed prototype problems.
smbpass.c: Changed to getsmbfile....
smbpasswd.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup.
lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam...
Jeremy.
(This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
|
|
using nis+ on your system, so you get 100 linker errors...
(This used to be commit e325d9a81039152e8c57f7fab6cf948d8e1ec7d3)
|
|
code, use pdb_sam_to_smb(...sam21...) calls instead. this is a lot simpler.
(This used to be commit d92f4e71c12ce5010f05fa7dd3918a48e7386d1e)
|
|
taken to mean ":x".
(This used to be commit 660206e816f9be708e09a1aad3b342b94e5e4f53)
|
|
- added nisppass.c and NISPLUS_FLAGS
includes.h:
- renamed USE_LDAP to USE_LDAP_DB. renamed NISPLUS to USE_NISPLUS_DB.
added default define of USE_SMBPASS_DB.
- removed ldap headers: they are local only to ldap.c
ldap.c :
- made all ldap-specific functions static.
- added dummy sam21 functions
loadparm.c :
- renamed NISPLUS to NISPLUS_HOME
mkproto.awk
- commented out ldap-specific #ifdef generation code: it's not
needed now that ldap-specific functions in ldap.c are static
nisppass.c :
- first attempt at an add function from
(This used to be commit f215d375f0f1e12894c2a9e86bd28d4776d337c1)
|
|
based on Benny Holmgren's samba patch (copyright acknowledged).
(This used to be commit 2a87cf09572bd2154d4b373e1aa2171106e96da7)
|