summaryrefslogtreecommitdiff
path: root/source3/passdb/passdb.c
AgeCommit message (Collapse)AuthorFilesLines
2001-10-03set ACB_PWNOEXP by default on new accounts.Andrew Tridgell1-2/+2
(This used to be commit ead3d41f1a8293bcd2062af918b58022f4d9b10e)
2001-10-02Fixed the bug with member servers in a Samba PDC hosted domain not allowingJeremy Allison1-6/+5
other access. Problem was max time was being set to 0xffffffff, instead of 0x7fffffff. Jeremy. (This used to be commit 94403d841710391ec26539e4b4157439d5778ff7)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-2/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-10-01- fix handling of 0 last_change_time and must_change_timeAndrew Tridgell1-5/+5
- move the arbitrary 21 day timeout to local.h (This used to be commit 11075f543470c3283accce0246d0b2983420695a)
2001-09-29This is the passdb section of the previously mentioned commit.Andrew Bartlett1-63/+110
Of particular note is the change to pdb_free_sam() to take its sam argument by reference, allowing it to be NULLified by the SAFE_FREE() macro, and the changed to local_password_change() both to make it work and to remove the duplicate code that caused so much breakage over the last few days. - Small change in behaviour: when LOCAL_ADD_USER is set, the user doesn't actually exist locally but does exist in the passdb we don't attempt to do a GetPwnam(). (How the entry got there is another matter, and most passdbs won't allow this anyway). Andrew Bartlett (This used to be commit 6b45e342fd1ed82d7f5bd613048fe862a6a6f2a1)
2001-09-28How the heck I missed this I don't know, but somehow I got a copy-and-pasteAndrew Bartlett1-16/+12
error in here... Now you can change local passwords again. There is stil somthing broken about remote (via windows/sampasswd) password changing. I shall have to revise my testing, I honestly don't know how this slipped through the net. MERGE for 2.2.2. Sorry, Andrew Bartlett (This used to be commit 1f83184f881d0cabb698947660a12f729e625fae)
2001-09-27Merge HEAD and 2.2 - try frantically to keep in sync.Jeremy Allison1-13/+13
Jeremy. (This used to be commit 65bf4a36ef5967b0844ab985d7b3ea31138dd4c5)
2001-09-27Fix memory leak in get_sampwd_entries(), reindent for clarity.Andrew Bartlett1-35/+107
- call pdb_reset_sam() after each getent call. Fix bug in get_group_alias_entries(), were if num_entries was zero this caused talloc() to return NULL, failing a test below with NT_STATUS_NO_MEMORY. Fix pdb_reset_sam() to correctly initalise the sam structure. Move default value code into a single place, likewise for sam freeing code. - should make things easier if we decide to malloc other strings, or get more non-zero default values. Finally, add a function in init a sam struct from a getpwnam() return. Andrew Bartlett (This used to be commit a41fb44f5e90cf8734d57217e836e14f4a80bd47)
2001-09-26merge from 2.2Gerald Carter1-1/+1
(This used to be commit 247b9c3eba78f0ddd26d836e5e18f6630bf302c7)
2001-09-26Add a new interface pdb_set_plaintext_passwd() to the passdb. This simplyAndrew Bartlett1-11/+26
interfaces to the existing set NT and LM functions, but ensures we always do it in the same way. This also allows for the possibility for the unix password sync code to be hidden behind the passdb interface as some stage. (This used to be commit 33e3591b2db377e720ec484872e2cbe7343350b1)
2001-09-26We don't use a modified 'user' in any case, so don't modifiy it.Andrew Bartlett1-1/+1
(This used to be commit e0e05cb5a51e0e46162febd0a45ea4f59b6f6573)
2001-09-25Fixup passdb stuff to add new nisplus and ldap backends.Jeremy Allison1-158/+270
Jeremy. (This used to be commit 611bf806d569b70edabbc04a2f5408142370a550)
2001-09-17move to SAFE_FREE()Simo Sorce1-14/+5
(This used to be commit 64d35e94fe6f7e56353b286162f670c8595a90e6)
2001-09-12String length fix from Toomas Soome <tsoome@ut.ee>Tim Potter1-1/+1
(This used to be commit 42417a425b524bc74360fdf6f1a16bfad38b9818)
2001-09-06Started a cleanup of smbpasswd related stuff. I've created a new fileTim Potter1-132/+0
lib/smbpasswd.c which will contain routines related to manipulating smbpasswd entries. - renamed and moved pdb_{get,set}hexpwd() functions - renamed and moved pdb_{decode,encode}acct_ctrl() functions - started hiding references to the cruftalicious NEW_PW_FORMAT_SPACE_PADDED_LEN constant - started gradual rename of references to acct_ctrl to acb_info which is the nomenclature used in MSDN and header files There's still more work to be done. Currently there are several places where smbpasswd entries are iterated etc. Ideally this should all happen through the passdb system. (This used to be commit 4a01e240305fb6fead973beef4937a016b15d744)
2001-09-05fixed some compilation errors in cli_netlogon.c - tim, you need to rerun ↵Andrew Tridgell1-3/+2
configure to get the new NTSTATUS stuff right (This used to be commit 9bae57cfe30825174536d11983bb3434498e3f03)
2001-09-05more warning fixes on solarisAndrew Tridgell1-1/+3
(This used to be commit c04c67fec85b1c81ef0b3cebacde304a1de0d854)
2001-08-13Fixed typo in debug message.Tim Potter1-2/+2
(This used to be commit 45254ae23b9bcbc94857b986c69b2b1770c79c54)
2001-07-06Wrapped dlerror() in the same way as the other dlxxx() calls.Jeremy Allison1-2/+2
Jeremy. (This used to be commit ed5a1f70c6d155788b62e9e6e8c5d97a5ca0858d)
2001-07-04strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell1-2/+2
can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
2001-05-09very nasty bug !Jean-François Micouleau1-1/+1
J.F. (This used to be commit c29dfdc46a2d642722da12739138c1a7d5ee9526)
2001-05-08fixes to the group mapping code.Jean-François Micouleau1-2/+2
Not ready yet. J.F. (This used to be commit 62a7a567fdea230b77cc97a3f74d868542c34700)
2001-05-07merge from 2.2 removing the 'domain XXX' parameters.Gerald Carter1-16/+3
(This used to be commit 9aefc86e355bf160300580acb85a58a18207ccdf)
2001-05-07Patch from Simo:Gerald Carter1-19/+38
o sed 's/pdb_clear_sam/pdb_free_sam/g' o add pdb_reset_sam() o password changing should be ok now as well. (This used to be commit 96d0e7c3301ad990f6c83b9c216720cb32661fb5)
2001-05-04Big cleanup of passdb and backends.Jean-François Micouleau1-475/+258
I did some basic tests but I have probably broken something. Notably the password changing. So don't cry ;-) J.F. (This used to be commit a4a4c02b12f030a3b9e6225b999c90689dfc4719)
2001-05-04fixes from SimoGerald Carter1-0/+43
(This used to be commit 7703fbb30d9695b5a71ee0bcca9520bed4880bbd)
2001-04-28- fixed some compiler warningsAndrew Tridgell1-2/+3
- fixed slprintf and vsprintf macros (This used to be commit c986a3c51e8cdbc1230edbe0f4a91138c4ada29d)
2001-04-25converted the passdb smbpasswd implementation to using tallocGerald Carter1-257/+294
for memory allocation. This fixes a long standing seg fault (i knew i would get around to it one day :) ) Tested with NT4 and Win2k. Needs a little more testing with the "create the machine account on the fly" code for NT4. Simo, this is probably going to break the tdb passdb code. Can you look at that when you get a chance and see what you think? (This used to be commit 1c13110873e456748dc09fd51749f664643fe888)
2001-03-22New POSIX ACL mapping code. Works with UNIX permissions, now for testingJeremy Allison1-0/+6
with real ACLs... Jeremy. (This used to be commit 852b9e15ac245a593460cfff3f629d0333372e41)
2001-03-20Fix for crash when doing name lookup with a quoted string. Part ofJeremy Allison1-1/+11
lookup_name was expecting to be able to write to the string. Changed lookup_name to use const. Jeremy. (This used to be commit 80c18d88491f1148ade623e81c33f84ba4f952f3)
2001-03-19Added sys_dlopen/sys_dlsym/sys_dlclose.Jeremy Allison1-3/+3
Jeremy. (This used to be commit 49f0e7e7143f82bce9dfd8b06e9e515bc0869ab7)
2001-03-14patches from Simo. Couple of snity thingsGerald Carter1-1/+3
(This used to be commit af3f2a30c657fc42171bbf7da2354bc4cc7b088d)
2001-03-11Remove "BYTE" - we already have uint8 - don't need more conflicts withJeremy Allison1-7/+7
system header files... Jeremy. (This used to be commit 31e0ce310ec38b3a3a05b344d6450d442c6be471)
2001-03-11Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison1-5/+0
RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
2001-03-02Merged JF's fixes into HEAD. These are for string parsing and SAMR fixes.Jeremy Allison1-3/+2
Jeremy. (This used to be commit c3a1904564175a7a5cf71e88540b96f7daa59730)
2001-01-15Fixes for POSIX ACLS. ACL merge code.Jeremy Allison1-2/+12
Jeremy. (This used to be commit 180e4a9cd05bcadb2f7c4c23d653724e867196f0)
2001-01-10Changes from APPLIANCE_HEAD:David O'Neill1-9/+31
source/include/proto.h source/param/loadparm.c source/passdb/passdb.c source/rpc_server/srv_samr.c - add support for "hide local users" option to HEAD. (This used to be commit 44dc339fe757b2b5578b30e74aad8c1b12c23f5f)
2000-12-06updates to the tdbsam implementation.Gerald Carter1-0/+6
--jerry (This used to be commit 29b3ac8634769d01c20bf394eecc536a02e0f36c)
2000-11-22o fixed logon script problems (wrong len in reply to net_sam_logon forGerald Carter1-3/+3
a few strings). I was the one who broke it obviously. o changed a few more defaults in the smbpasswd backend with respect to times. Now the logon time becomes '0' and the pass_can_change_time is set ot the same as pass_last_set_time o change Get_Pwnam() call in local_lookup_name to sys_getpwnam() as it did not seem necessary to try case permutations in the username. Tim, I think this was your code, so you might want to double check me. -- jerry (This used to be commit 37a665002c5cd7908c13d306f61af272a899dbc8)
2000-11-21Another large patch for the passdb rewrite.Gerald Carter1-226/+342
o added BOOL own_memory flag in SAM_ACCOUNT so we could use static memory for string pointer assignment or allocate a new string o added a reference TDB passdb backend. This is only a reference and should not be used in production because - RID's are generated using the same algorithm as with smbpasswd - a TDB can only have one key (w/o getting into problems) and we need three. Therefore the pdb_sam-getpwuid() and pdb_getsampwrid() functions are interative searches :-( we need transaction support, multiple indexes, and a nice open source DBM. The Berkeley DB (from sleepycat.com seems to fit this criteria now) o added a new parameter "private dir" as many places in the code were using lp_smb_passwd_file() and chopping off the filename part. This makes more sense to me and I will docuement it in the man pages o Ran through Insure-lite and corrected memory leaks. Need for a public flogging this time Jeremy (-: -- jerry (This used to be commit 4792029a2991bd84251d152a62b1033dec62cee2)
2000-11-14- fix "declaration of 'time' shadows global declaration" warning.David O'Neill1-12/+12
(This used to be commit 92ff07132b3834b469ad7bb73d6e714b175a12af)
2000-11-14Fixed the cut-n-paste bugs in the new passdb backend code that leaked memory.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 55c6acce26a26af68149865dafb42e5a03b497e0)
2000-11-13Large commit which restructures the local password storage API.Gerald Carter1-994/+1020
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+) are broken, but they were somewhat broken before. :) The following functions implement the storage manipulation interface /*The following definitions come from passdb/pdb_smbpasswd.c */ BOOL pdb_setsampwent (BOOL update); void pdb_endsampwent (void); SAM_ACCOUNT* pdb_getsampwent (void); SAM_ACCOUNT* pdb_getsampwnam (char *username); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass); BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override); BOOL pdb_delete_sam_account (char* username); There is also a host of pdb_set..() and pdb_get..() functions for manipulating SAM_ACCOUNT struct members. Note that the struct passdb_ops {} has gone away. Also notice that struct smb_passwd (formally in smb.h) has been moved to passdb/pdb_smbpasswd.c and is not accessed outisde of static internal functions in this file. All local password searches should make use of the the SAM_ACCOUNT struct and the previously mentioned functions. I'll write some documentation for this later. The next step is to fix the TDB passdb backend, then work on spliting the backends out into share libraries, and finally get the LDAP backend going. What works and may not: o domain logons from Win9x works o domain logons from WinNT 4 works o user and group enumeration as implemented by Tim works o file and print access works o changing password from Win9x & NT ummm...i'll fix this tonight :) If I broke anything else, just yell and I'll fix it. I think it should be fairly quite. -- jerry (This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
2000-10-26TDB password backend support written by Simo Sorce <simo.sorce@polimi.it>Gerald Carter1-0/+2
Marked as an experimental compile time option (defaults to off) for now. jerry (This used to be commit 0435af4417b876c2ea1dd4591ae7647784c28e30)
2000-10-13last part of W2K support.Jean-François Micouleau1-1/+0
the trust domain list reply on netlogon pipe was wrong, interim hack until we have full trust relationships. changed some unistr2 to parse the ending NULL char. added a prs_align_needed() function. much like a prs_align but with a condition. needed for the unistr2 parsing. J.F. (This used to be commit d8bf81553c17d9ee3419d8150b96119ebb0b8fa9)
2000-10-07added samr_set_user_info and info_2.Jean-François Micouleau1-0/+209
cleanup of create_user cleanup of rid/sid mix in samr. now we only have sid. some prs_align() missing in parse_samr.c a small debug change in srv_pipe.c You still can't change a user's password in this commit. Will be availble in the next one. J.F. (This used to be commit b655bc281fa183b1827a946ada1fcf500fb93aea)
2000-08-23Added code to do SID to uid/gid conversion. Needed for ACL support.Jeremy Allison1-2/+73
Jeremy. (This used to be commit 81c5380f91839b6416c8a42739dadf00e7388528)
2000-08-02Started to canonicalize our handling of uid -> sid code in order toJeremy Allison1-64/+22
get ready and fix se_access_check(). Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid() functions that look via winbind first the fall back on local lookup. All Samba should use these rather than trying to call winbindd code directly. Added NT_USER_TOKEN struct in user_struct, contains list of NT sids associated with this user. se_access_check() should use this (cached) value rather than attempting to do the same thing itself when given a uid/gid pair. More work needs to be done to preserve these things accross security context changes (especially with the tricky pipe problem) but I'm beginning to see how this will be done..... probably by registering a new vuid for an authenticated RPC pipe and not treating the pipe calls specially. More thoughts needed - but we're almost there... Jeremy. (This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
2000-08-01Tidyup removing many of the 0xC0000000 | NT_STATUS_XXX stuff (only need ↵Jeremy Allison1-12/+3
NT_STATUS_XXX). Removed IS_BITS_xxx macros as they were just reproducing "C" syntax in a more obscure way. Jeremy. (This used to be commit c55bcec817f47d6162466b193d533c877194124a)
2000-06-09Luke, I am moving the code back into passdb/passdb.c, this the correctJeremy Allison1-2/+41
place to do this, not in smbd/passwd.c Please don't change this without asking first, I have run this past Andrew so talk to him (I'm on vacation next week). I also removed the g_newXXX macros. There are essentially a private C extension, not used anywhere else in the code, and add no functionality over malloc(XX) and make the code harder to understand (everyone knows what malloc does). Jeremy. (This used to be commit e1b1b6fb6794ba02e1fea510a981fa0ce0d12b58)