summaryrefslogtreecommitdiff
path: root/source3/passdb/pdb_tdb.c
AgeCommit message (Collapse)AuthorFilesLines
2002-01-20This is another *BIG* change...Andrew Bartlett1-189/+232
Samba now features a pluggable passdb interface, along the same lines as the one in use in the auth subsystem. In this case, only one backend may be active at a time by the 'normal' interface, and only one backend per passdb_context is permitted outside that. This pluggable interface is designed to allow any number of passdb backends to be compiled in, with the selection at runtime. The 'passdb backend' paramater has been created (and documented!) to support this. As such, configure has been modfied to allow (for example) --with-ldap and the old smbpasswd to be selected at the same time. This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua. These two backends accept 'non unix accounts', where the user does *not* exist in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to avoid conflicts in the algroitmic mapping of RIDs, they use the values specified in the 'non unix account range' paramter - in the same way as the winbind ranges are specifed. While I was at it, I cleaned up some of the code in pdb_tdb (code copied directly from smbpasswd and not really considered properly). Most of this was to do with % macro expansion on stored data. It isn't easy to get the macros into the tdb, and the first password change will 'expand' them. tdbsam needs to use a similar system to pdb_ldap in this regard. This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I don't have the test facilities for these. I plan to incoroprate at least pdb_ldap into this scheme after consultation with Jerry. Each (converted) passdb module now no longer has any 'static' variables, and only exports 1 init function outside its .c file. The non-unix-account support in this patch has been proven! It is now possible to join a win2k machine to a Samba PDC without an account in /etc/passwd! Other changes: Minor interface adjustments: pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*. pdb_update_sam_account() no longer takes the 'override' argument that was being ignored so often (every other passdb backend). Extra checks have been added in some places. Minor code changes: smbpasswd no longer attempts to initialise the passdb at startup, this is now done on first use. pdbedit has lost some of its 'machine account' logic, as this behaviour is now controlled by the passdb subsystem directly. The samr subsystem no longer calls 'local password change', but does the pdb interactions directly. This allow the ACB_ flags specifed to be transferred direct to the backend, without interference. Doco: I've updated the doco to reflect some of the changes, and removed some paramters no longer applicable to HEAD. (This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
2002-01-19fixes (asprintf) from 2.2Simo Sorce1-6/+6
(This used to be commit 6b123adda901ff05b0271eeda060297448f64eec)
2002-01-17A nice *big* change to the fundemental way we do things.Andrew Bartlett1-2/+6
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps them around for a long time - often past the next call... This adds a getpwnam_alloc and a getpwuid_alloc to the collection. These function as expected, returning a malloced structure that can be free()ed with passwd_free(&passwd). This patch also cuts down on the number of calls to getpwnam - mostly by taking advantage of the fact that the passdb interface is already case-insensiteve. With this patch most of the recursive cases have been removed (that I know of) and the problems are reduced further by not using the sys_ interface in the new code. This means that pointers to the cache won't be affected. (This is a tempoary HACK, I intend to kill the password cache entirly). The only change I'm a little worried about is the change to rpc_server/srv_samr_nt.c for private groups. In this case we are getting groups from the new group mapping DB. Do we still need to check for private groups? I've toned down the check to a case sensitve match with the new code, but we might be able to kill it entirly. I've also added a make_modifyable_passwd() function, that copies a passwd struct into the form that the old sys_getpw* code provided. As far as I can tell this is only actually used in the pass_check.c crazies, where I moved the final 'special case' for shadow passwords (out of _Get_Pwnam()). The matching case for getpwent() is dealt with already, in lib/util_getent.c Also included in here is a small change to register the [homes] share at vuid creation rather than just in one varient of the session setup. (This picks up the SPNEGO cases). The home directory is now stored on the vuid, and I am hoping this might provide a saner way to do %H substitions. TODO: Kill off remaining Get_Pwnam_Modify calls (they are not needed), change the remaining sys_getpwnam() callers to use getpwnam_alloc() and move Get_Pwnam to return an allocated struct. Andrew Bartlett (This used to be commit 1d86c7f94230bc53daebd4d2cd829da6292e05da)
2002-01-15Change the passdb interface to use allocated strings.Andrew Bartlett1-1/+1
These strings are allocated using talloc(), either using its own memory context stored on the SAM_ACCOUNT or one supplied by the caller. The pdb_init_sam() and pdb_free_sam() function have been modifed so that a call to pdb_free_sam() will either clean up (remove hashes from memory) and destroy the TALLOC_CTX or just clean up depending on who supplied it. The pdb_init_sam and pdb_free_sam functions now also return an NTSTATUS, and I have modified the 3 places that actually checked these returns. The only nasty thing about this patch is the small measure needed to maintin interface compatability - strings set to NULL are actually set to "". This is becouse there are too many places in Samba that do strlen() on these strings without checking if they are NULL pointers. A supp patch will follow to set all strings to "" in pdb_default_sam(). Andrew Bartlett (This used to be commit 144345b41d39a6f68d01f62b7aee64ca0d328085)
2002-01-02Actually enforce the passdb API.Andrew Bartlett1-1/+1
Thou shalt not reference SAM_ACCOUNT members directly - always use pdb_get/pdb_set. This is achived by making the whole of SAM_ACCOUNT have a .private member, where the real members live. This caught a pile of examples, and these have beeen fixed. The pdb_get..() functions are 'const' (have been for some time) and this required a few small changes to constify other functions. I've also added some debugs to the pdb get and set, they can be removed if requested. I've rewritten the copy_id2x_to_sam_pass() functions to use the new passdb interface, but I need the flags info to do it properly. The pdb_free_sam() funciton now blanks out the LM and NT hashes, and as such I have removed many extra 'samr_clear_sam_passwd(smbpass)' calls as a result. Finally, any and all testing is always appriciated - but the basics seem to work. Andrew Bartlett (This used to be commit d3dd28f6c443187b8d820d5a39c7c5b3be2fa95c)
2001-12-31ops, froget to set the values.Simo Sorce1-1/+7
jerry, can you look at theis where we use standard_sub_advanced() fns? I think this structure should be backported to 2.2 because we do not know if the SAM_ACCOUNT strings have enough space to contain the "substituted" string. (Yes, just now we know they are pstrings, but we may change them into alloced one, I'm a strong suported of alloced strings as 1024 bytes are not always enough and are often too much) (This used to be commit 29b3b5e9292805aa65e887755567abd50f74e5cb)
2001-12-31port mods from 2.2Simo Sorce1-3/+36
(This used to be commit f796f18a83cd2fc0988612aa38c794f005efbfaf)
2001-12-31Make --with-tdbsam compile again, given the new 'am I setting a default' flags.Andrew Bartlett1-4/+4
Andrew Bartlett (This used to be commit 20d7c5d9b9bc0a426897f21b3350933602abdbf1)
2001-12-30util_sid.c - respect a const variabile (addedd strdup)Simo Sorce1-22/+35
cli_reg.c - indentation pdb_ldap.c - some checks on init fns parameters pdb_tdb.c - some checks on init fns parameters + make sure we close the db on failure (This used to be commit 49f5cb7a3df6d673f86e6769319aa657e30d8380)
2001-12-30pdb_getsampwnuid() merge from 2.2Gerald Carter1-25/+0
(This used to be commit 54cbfc7ebcdf1bd2094407b689b0050f0abfa46f)
2001-12-27moving SAM_ACCOUNT to include a bit field for initializedGerald Carter1-4/+4
members (such as uid and gid). This way we will be able to keep ourselves from writing out default smb.conf settings when the admin doesn't want to, That part is not done yet. Tested compiles with ldap/tdb/smbpasswd. Tested connection with smbpasswd backend. oh...and smbpasswd doesn'y automatically expire accounts after 21 days from the last password change either now. Just ifdef'd out that code in build_sam_account(). Will merge updates into 2.2 as they are necessary. jerry (This used to be commit f0d43791157d8f04a13a07d029f203ad4384d317)
2001-12-06again an intrusive patch:Jean-François Micouleau1-2/+0
- removed the ugly as hell sam_logon_in_ssb variable, I changed a bit the definition of standard_sub_basic() to cope with that. - removed the smb.conf: 'domain admin group' and 'domain guest group' parameters ! We're not playing anymore with the user's group RIDs ! - in get_domain_user_groups(), if the user's gid is a group, put it first in the group RID list. I just have to write an HOWTO now ;-) J.F. (This used to be commit fef52c4b96c987115fb1818c00c2352c67790e50)
2001-11-25Don't close tdb twice.Volker Lendecke1-1/+0
(This used to be commit 6dda341bc80dc7c4d044df134fc153f646a6a4e9)
2001-11-04Fixup for accounts without a local /etc/passwd entry.Andrew Bartlett1-9/+5
- Now perfectly valid. (This used to be commit be04aad90da341fb1b4ef472f2279aefab972258)
2001-11-01Various post AuthRewrite cleanups, fixups and tidyups.Andrew Bartlett1-8/+4
Zero out some of the plaintext passwords for paranoia Fix up some of the other passdb backends with the change to *uid_t rather than uid_t. Make some of the code in srv_netlog_nt.c clearer, is passing an array around, so pass its lenght in is definition, not as a seperate paramater. Use sizeof() rather than magic numbers, it makes things easier to read. Cope with a PAM authenticated user who is not in /etc/passwd - currently by saying NO_SUCH_USER, but this can change in future. Andrew Bartlett (This used to be commit 514c91b16baca639bb04638042bf9894d881172a)
2001-10-29This commit is number 4 of 4.Andrew Bartlett1-19/+19
In particular this commit focuses on: Actually adding the 'const' to the passdb interface, and the flow-on changes. Also kill off the 'disp_info' stuff, as its no longer used. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes introduces a large dose of 'const' to the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username --- This finishes this line of commits off, your tree should now compile again :-) Andrew Bartlett (This used to be commit c95f5aeb9327347674589ae313b75bee3bf8e317)
2001-10-29This commit is number 2 of 4.Andrew Bartlett1-19/+8
In particular this commit focuses on: The guts of the moving about inside passdb. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes allow for the introduction of a large dose of 'const' to the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username passdb/ - Kill off disp_info stuff, it isn't used any more - Kill off support for writing to the old smbpasswd format, it isn't relevent to Samba 3.0 - Move around and modify the pdb_...() helper functions, adding one that sets the last changed time to 'now' and that sets the must change time appropriately. - Remove the ugly forced update of the LCT- value in pdb_smbpasswd. - Remove the implicit modification of the ACB flags when both NT and LM passwords are set. - Removed substation in pdb_getsampwnam output, as a single password change will render them inoperable in any case (they will be substituted and stored) - Added a default RID to the init_sam_from_pw() function, based on our rid algorithm. - Added checks that an smbpasswd stored user has a uid-based RID. - Fail to store tdb based users without a RID lib/ - Change the substituion code to use global_myname if there is no connection (and therefore no called name) at the present time. (This used to be commit 8f607810eb24ed1157bbd2e896c2c167bc34d986)
2001-10-01- fix handling of 0 last_change_time and must_change_timeAndrew Tridgell1-3/+0
- move the arbitrary 21 day timeout to local.h (This used to be commit 11075f543470c3283accce0246d0b2983420695a)
2001-09-29This is the passdb section of the previously mentioned commit.Andrew Bartlett1-2/+1
Of particular note is the change to pdb_free_sam() to take its sam argument by reference, allowing it to be NULLified by the SAFE_FREE() macro, and the changed to local_password_change() both to make it work and to remove the duplicate code that caused so much breakage over the last few days. - Small change in behaviour: when LOCAL_ADD_USER is set, the user doesn't actually exist locally but does exist in the passdb we don't attempt to do a GetPwnam(). (How the entry got there is another matter, and most passdbs won't allow this anyway). Andrew Bartlett (This used to be commit 6b45e342fd1ed82d7f5bd613048fe862a6a6f2a1)
2001-09-27minor fixesSimo Sorce1-22/+10
(This used to be commit 57e639bbdd115b51362caf7e3db4ba34ccdeddc2)
2001-09-26Fix the uninitialised variable, but more importantly fix the SEGFAULT.Andrew Bartlett1-2/+4
Merge for 2.2.2 Should TDB cope with TDB pointers itself? Andrew Bartlett (This used to be commit 27f0510a0b458792293d5ce2957f61383569f62f)
2001-09-26Fix up TDB_SAM with repect to case sensitvity. (need to use unix_strlower)Andrew Bartlett1-7/+9
Also attempt to make some of the syntax clearer, its confusing enought for the compiler... (it thinks that there is use of an unitilaised variable) In fact there is, see next patch... (This used to be commit 540abc8125f1b821bd362dc0d8c19a107382479f)
2001-09-25Fixup passdb stuff to add new nisplus and ldap backends.Jeremy Allison1-116/+127
Jeremy. (This used to be commit 611bf806d569b70edabbc04a2f5408142370a550)
2001-09-25Don't segfault when deleting accounts not in /etc/passwd. The RID we want isAndrew Bartlett1-5/+2
the one in the sampass anyway. Andrew Bartlett (This used to be commit 29b7434293d7778376486b241f9458a71fa843a6)
2001-09-25memory leak fixes ..Simo Sorce1-7/+21
(This used to be commit 7f07004571ad1b8d1ce787f6788b4c4d8685db37)
2001-09-17move to SAFE_FREE()Simo Sorce1-1/+1
(This used to be commit 64d35e94fe6f7e56353b286162f670c8595a90e6)
2001-09-14merges from 2.2Gerald Carter1-2/+2
(This used to be commit b619458dde158c37a4420a28a7e1e1f70e7a18d1)
2001-09-06got rid of USE_TDB_MMAP_FLAG as its not needed any moreAndrew Tridgell1-7/+7
(This used to be commit c26e0d3f27a05ecc8bd2390f9aab7f9451524e47)
2001-08-31changed the data format in the tdb, as the time fields were notSimo Sorce1-24/+29
managed correctly. this mean you need to rebuild your passdb.tdb file. (This used to be commit 57b8d3bb84e261e55febdde88e45684455f0a294)
2001-07-30Added "use mmap" for HPUX.Jeremy Allison1-7/+7
Jeremy. (This used to be commit 840802f10677cb0009cb4df4c37c7d01aa5edacd)
2001-07-12Changed instances of TRUE, FALSE to True, False as some compilers don'tTim Potter1-1/+1
have the first set of symbols. (This used to be commit ad0cbfbd790bc5d6003ffcff2835d82fb0140625)
2001-06-04use LDSHFLAGS not -shared in several placesAndrew Tridgell1-7/+7
(This used to be commit 8ec9c87b5d1a7dae17d5b1a30f58effaf5e69e4b)
2001-05-10update from SimoGerald Carter1-8/+8
(This used to be commit 9e4a6c227f719226cac6e00f1a6719651570e2c7)
2001-05-07Patch from Simo:Gerald Carter1-5/+15
o sed 's/pdb_clear_sam/pdb_free_sam/g' o add pdb_reset_sam() o password changing should be ok now as well. (This used to be commit 96d0e7c3301ad990f6c83b9c216720cb32661fb5)
2001-05-04Big cleanup of passdb and backends.Jean-François Micouleau1-39/+58
I did some basic tests but I have probably broken something. Notably the password changing. So don't cry ;-) J.F. (This used to be commit a4a4c02b12f030a3b9e6225b999c90689dfc4719)
2001-05-04fixes from SimoGerald Carter1-213/+238
(This used to be commit 7703fbb30d9695b5a71ee0bcca9520bed4880bbd)
2001-04-08HEAD specific slprintf paranoia fixes.Jeremy Allison1-6/+6
Jeremy. (This used to be commit 61723c18f96a7b38cab0fcf545da7fb3640c5f7b)
2001-03-11Remove "BYTE" - we already have uint8 - don't need more conflicts withJeremy Allison1-6/+6
system header files... Jeremy. (This used to be commit 31e0ce310ec38b3a3a05b344d6450d442c6be471)
2000-12-12more fixes from Simo. Also fixed the password expiration fieldGerald Carter1-134/+59
in the tdbsam to never expire (we don't support this yet). jerry (This used to be commit 3b7d0fe7eb3a9275d2713d7b3325de0ab510ea62)
2000-12-09group rid assignment cut and paste errorGerald Carter1-2/+2
--jerry (This used to be commit bb48b02d5f2118470a415d5f1f92305688e6b432)
2000-12-06updates to the tdbsam implementation.Gerald Carter1-36/+263
--jerry (This used to be commit 29b3ac8634769d01c20bf394eecc536a02e0f36c)
2000-11-21Another large patch for the passdb rewrite.Gerald Carter1-503/+512
o added BOOL own_memory flag in SAM_ACCOUNT so we could use static memory for string pointer assignment or allocate a new string o added a reference TDB passdb backend. This is only a reference and should not be used in production because - RID's are generated using the same algorithm as with smbpasswd - a TDB can only have one key (w/o getting into problems) and we need three. Therefore the pdb_sam-getpwuid() and pdb_getsampwrid() functions are interative searches :-( we need transaction support, multiple indexes, and a nice open source DBM. The Berkeley DB (from sleepycat.com seems to fit this criteria now) o added a new parameter "private dir" as many places in the code were using lp_smb_passwd_file() and chopping off the filename part. This makes more sense to me and I will docuement it in the man pages o Ran through Insure-lite and corrected memory leaks. Need for a public flogging this time Jeremy (-: -- jerry (This used to be commit 4792029a2991bd84251d152a62b1033dec62cee2)
2000-11-13Large commit which restructures the local password storage API.Gerald Carter1-0/+600
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+) are broken, but they were somewhat broken before. :) The following functions implement the storage manipulation interface /*The following definitions come from passdb/pdb_smbpasswd.c */ BOOL pdb_setsampwent (BOOL update); void pdb_endsampwent (void); SAM_ACCOUNT* pdb_getsampwent (void); SAM_ACCOUNT* pdb_getsampwnam (char *username); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass); BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override); BOOL pdb_delete_sam_account (char* username); There is also a host of pdb_set..() and pdb_get..() functions for manipulating SAM_ACCOUNT struct members. Note that the struct passdb_ops {} has gone away. Also notice that struct smb_passwd (formally in smb.h) has been moved to passdb/pdb_smbpasswd.c and is not accessed outisde of static internal functions in this file. All local password searches should make use of the the SAM_ACCOUNT struct and the previously mentioned functions. I'll write some documentation for this later. The next step is to fix the TDB passdb backend, then work on spliting the backends out into share libraries, and finally get the LDAP backend going. What works and may not: o domain logons from Win9x works o domain logons from WinNT 4 works o user and group enumeration as implemented by Tim works o file and print access works o changing password from Win9x & NT ummm...i'll fix this tonight :) If I broke anything else, just yell and I'll fix it. I think it should be fairly quite. -- jerry (This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)