summaryrefslogtreecommitdiff
path: root/source3/passdb/nispass.c
AgeCommit message (Collapse)AuthorFilesLines
2000-02-25client/client.c:Jeremy Allison1-0/+6
libsmb/clientgen.c: Fixes for Win2k smbclient browsing. Other fixes implement smbpasswd -x user to delete users. Also allows swat to do the same. Jeremy. (This used to be commit 9f6ad046761adecafba59040baa3abc9f0959e65)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-127/+516
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1998-11-29weekend work. user / group database API.Luke Leighton1-6/+6
- split sam_passwd and smb_passwd into separate higher-order function tables - renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user" plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd password databases to fill in the blank entries that are not obtained from whatever password database API instance is being used. NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c for the only example outside of the password database APIs i could find. - added query_useraliases code to rpcclient. - dealt with some nasty interdependencies involving non-smbd programs and the password database API. this is still not satisfactorily resolved completelely, but it's the best i can do for now. - #ifdef'd out some password database options so that people don't mistakenly set them unless they recompile to _use_ those options. lots of debugging done, it's still not finished. the unix/NT uid/gid and user-rid/group-rid issues are better, but not perfect. the "BUILTIN" domain is still missing: users cannot be added to "BUILTIN" groups yet, as we only have an "alias" db API and a "group" db API but not "builtin-alias" db API... (This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
1998-11-24initialise not initialize...Luke Leighton1-1/+1
(This used to be commit b67d66a1e9d879cd5960380c94422c0af8dedaad)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-22/+22
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-10-21the next dialog: user-groups. it's not very sensible what appears, but hey:Luke Leighton1-0/+6
it appears! (This used to be commit 399035098f212e976cc0000a215e0705ebe78c05)
1998-10-17Small tidyups for gcc in 'preen' mode....Jeremy Allison1-0/+1
Jeremy. (This used to be commit 60dc1a4a00a22088d33369588b0d5eb292cf084a)
1998-09-24Integration of Anders Blomdell <anders.blomdell@control.lth.se>'sJeremy Allison1-1/+1
smbpasswd changes. Not exactly the same as his code - several changes. Jeremy. (This used to be commit e96747a8e3b9ea5a79c4258e55d7e8f3bf0bf193)
1998-09-17configure configure.in: Added checks for statvfs64. Last bit of 64 bit ↵Jeremy Allison1-5/+5
widening (I hope :-). include/config.h.in: Added #undef STAT_STATVFS64. include/includes.h: Added SMB_STRUCT_STATVFS type, Changed SMB_BIG_INTEGER to SMB_BIG_UINT and SMB_BIG_INT types. include/smb.h: Added flag defines from CIFS spec. lib/debug.c: Fixed one more mode_t issue. lib/system.c: Added sys_statvfs wrapper. lib/util.c: Changed trim_string to use size_t. param/loadparm.c: Moved "blocking locks" into locking section. Alphabetised locking options. Question - shuld we do this for all options ? passdb/ldap.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. passdb/nispass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. passdb/smbpass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. smbd/dfree.c: Changed to use 64 bit types if available. Moved to use unsigned types. smbd/dosmode.c: Fixed one more mode_t issue. smbd/negprot.c: Changed literals to be FLAG_ #defines. smbd/nttrans.c: Removed dead code. smbd/open.c: Changed disk_free call. smbd/process.c: Changed literals to be FLAG_ #defines. smbd/reply.c: Changed disk_free call. smbd/trans2.c: Fixed but in SMB_QUERY_FS_VOLUME_INFO call. Was using UNICODE - should use ascii. tests/summary.c: Added STAT_STATVFS64 check. Jeremy. (This used to be commit c512b1b91fb7f2a7a93b9033a33e06d966daadb4)
1998-09-17configure configure.in: Added tests for fseek64 and ftell64.Jeremy Allison1-4/+4
config.h.in: Added fseek64 and ftell64. includes.h: Added definition of SMB_BIG_INTEGER. smb.h: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. access.c: Tidyup of dbug statement. system.c: Added sys_fseek and sys_ftell. Changed mode calls to use mode_t. asyncdns.c: Tidyup of comment. loadparm.c: Tidyup of set_default_server_announce_type() function definition. ldap.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. nispass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. smbpass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. smbpassfile.c: Use sys_fseek(). chgpasswd.c: Tidyup of debug statement. dosmode.c: Changed mode calls to use mode_t. ipc.c: Removal of dead code. nttrans.c: Changed mode calls to use mode_t. open.c: Changed mode calls to use mode_t. pipes.c: Removal of dead code. reply.c: Removal of dead code. trans2.c: Removal of dead code. Changed mode calls to use mode_t. Jeremy. (This used to be commit c381d32e3dc23fe887408016cae821aceb30da2c)
1998-09-05tridge the destroyer returns!Andrew Tridgell1-0/+2
prompted by the interpret_security() dead code that Jean-Francois pointed out I added a make target "finddead" that finds potentially dead (ie. unused) code. It spat out 304 function names ... I went through these are deleted many of them, making others static (finddead also reports functions that are used only in the local file). in doing this I have almost certainly deleted some useful code. I may have even prevented compilation with some compile options. I apologise. I decided it was better to get rid of this code now and add back the one or two functions that are needed than to keep all this baggage. So, if I have done a bit too much "destroying" then let me know. Keep the swearing to a minimum :) One bit I didn't do is the ubibt code. Chris, can you look at that? Heaps of unused functions there. Can they be made static? (This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
1998-07-29merge from the autoconf2 branch to the main branchAndrew Tridgell1-7/+7
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
1998-06-27nisppass.c: Fixed incorrect parameter usage.Jeremy Allison1-1/+1
nmbd_become_lmb.c: Add 'force_new_election' parameter to some functions. This allows the start of the election to be done *after* the demotion from local master browser is done. Also changed code so release of 1d name is done immediately to allow other local master to gain it. nmbd_elections.c: Ensured no elections are run until we have registered the WORKGROUP<1e> name that we must listen on to participate in elections. nmbd_incomingdgrams.c: Use force_new_election code. nmbd_namelistdb.c: Make update_name_in_namelist static. nmbd_subnetdb.c: Fix bug in comparison function. We cannot use memcmp as structure packing may make this fail. nmbd_packets.c: Ensure that we only send one release packet when sending a broadcast packet. nmbd_workgroupdb.c: Ensure we put the correct value in the ElectionCriterion field. nmblib.c: Ensure make_nmb_name zero's the struct nmb_name. Jeremy. (This used to be commit 1fcb094ba04f01be1261ac92198c25b21b0d5ad5)
1998-05-28latest messing about: probably doesn't compile; doesn't matter.Luke Leighton1-3/+54
(This used to be commit d455d194b7110d4bcbef58134d035bd55702b6f8)
1998-05-25added set logon, logoff, kickoff etc time functions.Luke Leighton1-7/+3
(This used to be commit dab9728a4376cc52d6e53b09b5f42d08712330d6)
1998-05-24- created pdb_sethexpwd(), to be called from all pwd apis that need toLuke Leighton1-23/+28
store passwords in ascii format - dealt with lots of signed/unsigned char thingies spotted by Tim Winders. (This used to be commit bd825f1ef15c4bf12aeba945f8bfdc7fd0e14d25)
1998-05-22add_nisp21pwd_entry() finished but not tested. module now compiles.Luke Leighton1-107/+77
(This used to be commit c74d0defcf8e9fca326af190730439f6451f826a)
1998-05-22doesn't compile: don't care. checking this in so people can see what'sLuke Leighton1-19/+107
going on. (This used to be commit b7ccea8ee190a228cf479f325a2c8578e2bd90ce)
1998-05-19removed "default" system for password database api: all functions mustLuke Leighton1-8/+54
be supported. there are some stub routines in passdb.c which can be copied into a password database api which do conversion. the module writer can choose which of these to provide full support for instead of using the conversion routines. (This used to be commit d906ac5941fa22f93a38d65906b89a80f971b83c)
1998-05-19ldap.c :Luke Leighton1-52/+28
- added support for some of the new passdb_ops functions. - removed functions that are supported "indirectly" through passdb.c nisppass.c : - modified make_nisname_from_xxx() functions to take a "file" arg. - turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid() functionality is available through "indirect" support in passdb.c - removed functions that are supported "indirectly" through passdb.c - added support for some of the new passdb_ops functions. passdb.c : - created getsam21pwrid() function to go alongside getsam21pwuid. it is not expected that getsam21pwuid ever be used, certainly not from the lib/rpc code. - created getsamdisprid() and getsamdispent(). these are primarily for support of SamrQueryDisplayInfo, however given that they [struct sam_disp_info] return username, rid and fullname, there may be further instances where these functions will be useful. - added support where either the get/add/mod-smb or get/add/mod-sam21 functions are optional. this can be done very easily by checking whether the struct passdb_ops table functions are NULL or not. documented this capability in the notes at the top of the module. - where unix uid was referenced, use uid_t. - where unix gid was referenced, use gid_t. smb.h : - added sam_disp_info functions to passdb_ops. - added getsam21pwrid() function. smbpass.c : - added reference to iterate_getsam21pwrid(). lib/rpc/server/srv_samr.c : - removed group rid code added to get_user_info_21() code: this had been added in the wrong place. the client / server should already know whether it wants to do a lookup by user rid or by group rid. the test of whether the rid is a user or group rid has been left in because this may become useful consistency-check code. - converted back to getsam21pwrid() not getsam21pwuid(pdb_user_rid_to_uid()). this is because the unix uid to user rid mapping can be non-monotonic in some password database systems, and monotonic in others. imposing the restriction by converting immediately from rid to uid at this point is inadviseable, and will place this potential restriction on _all_ password database systems, not just some which, for whatever reason, do not support user rids. it should be up to the individual password database writer to convert from user rid to unix uid, should that module not support rids. lib/rpc/server/srv_util.c : - got lookup_user_name() to call getsamdisprid() not getsmbpwuid(). a bug was introduced (or at least the bug already there was not fixed) whereby the nt user rid was converted to a unix uid, and then not used. (This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-18Abstracted all the crappy password interfaces through an indirectJeremy Allison1-9/+60
function table, selectable at compile time. This should make the code that implements all the password functions much cleaner, as it's now very clear exactly what a particular password database needs to provide to Samba. Jeremy. (This used to be commit 27ca536ad974242524c12f7100e419d9e7f9647f)
1998-05-18chgpasswd.c: Changed back to getsmb... from getsam...Jeremy Allison1-10/+10
ldap.c: Stoped dummy_function being prototyped. loadparm.c: Fixed slprintf sizes. nisppass.c: Fixed safe_strcpy sizes. nmbd_processlogon.c: Changed back to getsmb... from getsam... nttrans.c: Just a dump of new code. passdb.c: Moved stuff around a lot - stopped any lookups by rid. This needs to be indirected through a function table (soon). password.c: Changed back to getsmb... from getsam... reply.c: Changed back to getsmb... from getsam... slprintf.c: Fixed prototype problems. smb.h: Fixed prototype problems. smbpass.c: Changed to getsmbfile.... smbpasswd.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup. lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam... Jeremy. (This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
1998-05-18linker errors with -DUSE_NISPLUS_DB - difficult to spot when you're notLuke Leighton1-2/+2
using nis+ on your system, so you get 100 linker errors... (This used to be commit e325d9a81039152e8c57f7fab6cf948d8e1ec7d3)
1998-05-18removed references to some of the smb_passwd routines from ldap and nis+Luke Leighton1-47/+9
code, use pdb_sam_to_smb(...sam21...) calls instead. this is a lot simpler. (This used to be commit d92f4e71c12ce5010f05fa7dd3918a48e7386d1e)
1998-05-18oops. pressed ctrl-z while editing the previous cvs message: this wasLuke Leighton1-19/+105
taken to mean ":x". (This used to be commit 660206e816f9be708e09a1aad3b342b94e5e4f53)
1998-05-18Makefile:Luke Leighton1-63/+197
- added nisppass.c and NISPLUS_FLAGS includes.h: - renamed USE_LDAP to USE_LDAP_DB. renamed NISPLUS to USE_NISPLUS_DB. added default define of USE_SMBPASS_DB. - removed ldap headers: they are local only to ldap.c ldap.c : - made all ldap-specific functions static. - added dummy sam21 functions loadparm.c : - renamed NISPLUS to NISPLUS_HOME mkproto.awk - commented out ldap-specific #ifdef generation code: it's not needed now that ldap-specific functions in ldap.c are static nisppass.c : - first attempt at an add function from (This used to be commit f215d375f0f1e12894c2a9e86bd28d4776d337c1)
1998-05-15first non-compiling, unused, mostly stub version of NIS+ password database.Luke Leighton1-0/+330
based on Benny Holmgren's samba patch (copyright acknowledged). (This used to be commit 2a87cf09572bd2154d4b373e1aa2171106e96da7)