summaryrefslogtreecommitdiff
path: root/source3/passdb/smbpass.c
AgeCommit message (Collapse)AuthorFilesLines
1999-02-08iteration of sam passwd entries was an order n-cubed algorithm dueLuke Leighton1-1/+4
to resolution of unix name to nt name being unnecessarily _inside_ another loop. (This used to be commit d455c9d2c9f60289d78d0331228f5922152070bf)
1999-01-13Fixed the "You password will expire in 0 days. Would you like toGerald Carter1-0/+4
change it now?" message when you login to a Samba Controlled domain. The fix is a hard coded 42 days from right now until you need to change you pasword again time (see passdb/sampassdb.c:pwdb_smb_to_sam()) Also fixed getsmbfilepwent() so that it will read in the last password change time correctly. * Related to this lib/util_pwdb.c:StrnCaseCmp() returns 0 if the strings match. Chouldn't this be the pther way? Oh well. I didn't change the return code as it was used in several other cases (see lib/util_pwdb.c:pwdb_get_last_set_time()) (This used to be commit 175e598dccd042c0f8b045db45fbe3ae928a7387)
1998-11-30- adding builtin[alias]db.Luke Leighton1-20/+20
- lib/sids.c: generate_sam_sid() modified to take a domain name: it now generates "DOMAIN_NAME.SID". reasons: 1) if you run multiple samba servers on the same machine under different netbios names as members of a domain, they won't all use the same SID, which is a _big_ mistake but it would happen _by default_. 2) we have (had) a problem with sid_to_string() and string_to_sid() which cause SIDs to be incorrectly read. one of the major reasons for *NOT* making this change was so as not to disrupt existing users. but as they will be anyway by this bug, we might as well go ahead. - passdb/smbpass.c: wanted to change the meaning of the name in the smbpasswd file to an "nt" name not a "unix" name. this is probably not a good idea: reverted this. - output formatting / bug-fixing in rpcclient query_useraliases code. (This used to be commit e4930f5f48f8246ceec8add8bf769954a963190c)
1998-11-29weekend work. user / group database API.Luke Leighton1-196/+29
- split sam_passwd and smb_passwd into separate higher-order function tables - renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user" plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd password databases to fill in the blank entries that are not obtained from whatever password database API instance is being used. NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c for the only example outside of the password database APIs i could find. - added query_useraliases code to rpcclient. - dealt with some nasty interdependencies involving non-smbd programs and the password database API. this is still not satisfactorily resolved completelely, but it's the best i can do for now. - #ifdef'd out some password database options so that people don't mistakenly set them unless they recompile to _use_ those options. lots of debugging done, it's still not finished. the unix/NT uid/gid and user-rid/group-rid issues are better, but not perfect. the "BUILTIN" domain is still missing: users cannot be added to "BUILTIN" groups yet, as we only have an "alias" db API and a "group" db API but not "builtin-alias" db API... (This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
1998-11-26we have a problem: resolution of "Primary Group RID" which we assumedLuke Leighton1-1/+14
would only be a domain group rid. it can also be a local group rid, which causes us problems in attempting to turn a unix gid into the correct rid (domain group or local group). sooo.... the fix is _in_ there, we just can't use it because it causes link / knock-on problems in nmbd. (This used to be commit e4ee6538709c33000774eb1676608f2dd67d5a30)
1998-11-25fixing group database issuesLuke Leighton1-1/+1
(This used to be commit 591c63e3e1e3201ddcd7582585b652fb848d80ca)
1998-11-23unix instance of group database APILuke Leighton1-12/+12
(This used to be commit e76f593b3572ac881f1aa1fb3326d8b7169b0078)
1998-11-17Added the same open()/fopen()/creat()/mmap() -> sys_XXX calls.Jeremy Allison1-4/+4
Tidied up some of the mess (no other word for it). Still doesn't compile cleanly. There are calls with incorrect parameters that don't seem to be doing the right thing. This code still needs surgery :-(. Jeremy. (This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-295/+225
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-10-21the next dialog: user-groups. it's not very sensible what appears, but hey:Luke Leighton1-0/+1
it appears! (This used to be commit 399035098f212e976cc0000a215e0705ebe78c05)
1998-10-15rpcclient interactive login (with trust account changing if you are root)Luke Leighton1-2/+2
cli_session_setup handles null sessions correctly (This used to be commit 60c0f22a4e84703467006dfe1971384a6294a9aa)
1998-10-15getpwnam() failing is a serious error (corrupt smbpasswd database)Luke Leighton1-1/+6
(This used to be commit 18e628ac1516cbd9773608cb5a9f4b784cf4dd9e)
1998-10-15bug-fixing against:Luke Leighton1-0/+2
AS/U: it returns dce/rpc "first" and "last" bits _clear_ in a bind/ack response, when they should be set in a (small) packet. they also, in the bind/ack do not set a secondary address string at all, so we can't check against that... Win95: client-side dce/rpc code is a bit odd. it does a "WaitNamedPipeState" and has slightly different pipe-naming (\PIPE\LANMAN is joined by \PIPE\SRVSVC, \PIPE\WINREG etc whereas nt just has \PIPE\LANMAN and \PIPE\). Win95-USRMGR.EXE: added LsaOpenPolicy (renamed existing to LsaOpenPolicy2). added SamrConnect (renamed existing to SamrConnect2). (This used to be commit a7fccd807b938cbb51002ebae8c7a48b40dbb655)
1998-10-09anders blomdell spotted an unititialised fstring causing strlen to goLuke Leighton1-0/+1
awry (ascii_p16) (This used to be commit 0b45c08ffad6f8b12c6fb2b184d3b5d52177cabe)
1998-09-28Added fix from gildea@intouchsys.com - smbpasswd file could be leftJeremy Allison1-1/+5
locked. Jeremy. (This used to be commit 71ab5c367cf54f4b821aaf056f283f48d7eb4638)
1998-09-28Changes to test in configure if capabilities are enabled on a system.Jeremy Allison1-2/+2
Changes to get Samba to compile cleanly with the IRIX compiler with the options : -fullwarn -woff 1209,1174 (the -woff options are to turn off warnings about unused function parameters and controlling loop expressions being constants). Split prototype generation as we hit a limit in IRIX nawk. Removed "." code in smbd/filename.c (yet again :-). Jeremy. (This used to be commit e0567433bd72aec17bf5a54cc292701095d25f09)
1998-09-25Makefile.in: Fixed bug with continuation line causing proto to fail.Jeremy Allison1-0/+10
Added $(PROGS) $(SPROGS) as targets for make clean. acconfig.h: Added HAVE_IRIX_SPECIFIC_CAPABILITIES. configure.in: Added sys/capability.h header check. Added function checks for srandom random srand rand. Added HAVE_IRIX_SPECIFIC_CAPABILITIES test. includes.h: Added #include <sys/capability.h>. ntdomain.h: Moved struct acct_info into here from smb.h smb.h: Added KERNEL_OPLOCK_CAPABILITY define. Moved enum action_type into rpcclient.h Moved struct cli_state into client.h Moved struct nt_client_info, struct tar_client_info, struct client_info into rpcclient.h lib/genrand.c: Changed to use sys_random() & friends. lib/smbrun.c: Lose capabilities after fork. lib/system.c: Added set_process_capability(), set_inherited_process_capability() sys_random(), sys_srandom(). lib/util.c: Added Ander's EFBIG lock check to fcntl_lock for 64 bit access to an 32 bit mounted NFS filesystem. nmbd/nmbd.c: Changed to use sys_random() & friends. nmbd/nmbd_browsesync.c: Changed to use sys_random() & friends. passdb/ldap.c: Missed one pdb_encode_acct_ctrl call. passdb/passdb.c: Changed to Ander's code for ' ' characters. passdb/smbpass.c: Added Ander's code to reset ACB_PWNOTREQ. script/mkproto.awk: Added 'long' to prototypes. smbd/chgpasswd.c: Lose capabilities after fork. smbd/open.c: Do the mmap *after* the kernel oplock. smbd/oplock.c: Removed stub code from kernel oplock path. Added set_process_capability(), set_inherited_process_capability() calls. smbd/reply.c: Initialize count = 0, offset = 0. smbd/server.c: Added set_process_capability(), set_inherited_process_capability() calls. tests/summary.c: Ensure we have RANDOM or RAND. utils/smbpasswd.c: Added Ander's code to reset ACB_PWNOTREQ. utils/torture.c: Changed to use sys_random() & friends. Jeremy. (This used to be commit e8be306f23963ac00b1a383ebe0cc1421529fb02)
1998-09-24Integration of Anders Blomdell <anders.blomdell@control.lth.se>'sJeremy Allison1-44/+80
smbpasswd changes. Not exactly the same as his code - several changes. Jeremy. (This used to be commit e96747a8e3b9ea5a79c4258e55d7e8f3bf0bf193)
1998-09-17configure configure.in: Added checks for statvfs64. Last bit of 64 bit ↵Jeremy Allison1-5/+5
widening (I hope :-). include/config.h.in: Added #undef STAT_STATVFS64. include/includes.h: Added SMB_STRUCT_STATVFS type, Changed SMB_BIG_INTEGER to SMB_BIG_UINT and SMB_BIG_INT types. include/smb.h: Added flag defines from CIFS spec. lib/debug.c: Fixed one more mode_t issue. lib/system.c: Added sys_statvfs wrapper. lib/util.c: Changed trim_string to use size_t. param/loadparm.c: Moved "blocking locks" into locking section. Alphabetised locking options. Question - shuld we do this for all options ? passdb/ldap.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. passdb/nispass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. passdb/smbpass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. smbd/dfree.c: Changed to use 64 bit types if available. Moved to use unsigned types. smbd/dosmode.c: Fixed one more mode_t issue. smbd/negprot.c: Changed literals to be FLAG_ #defines. smbd/nttrans.c: Removed dead code. smbd/open.c: Changed disk_free call. smbd/process.c: Changed literals to be FLAG_ #defines. smbd/reply.c: Changed disk_free call. smbd/trans2.c: Fixed but in SMB_QUERY_FS_VOLUME_INFO call. Was using UNICODE - should use ascii. tests/summary.c: Added STAT_STATVFS64 check. Jeremy. (This used to be commit c512b1b91fb7f2a7a93b9033a33e06d966daadb4)
1998-09-17configure configure.in: Added tests for fseek64 and ftell64.Jeremy Allison1-7/+7
config.h.in: Added fseek64 and ftell64. includes.h: Added definition of SMB_BIG_INTEGER. smb.h: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. access.c: Tidyup of dbug statement. system.c: Added sys_fseek and sys_ftell. Changed mode calls to use mode_t. asyncdns.c: Tidyup of comment. loadparm.c: Tidyup of set_default_server_announce_type() function definition. ldap.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. nispass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. smbpass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. smbpassfile.c: Use sys_fseek(). chgpasswd.c: Tidyup of debug statement. dosmode.c: Changed mode calls to use mode_t. ipc.c: Removal of dead code. nttrans.c: Changed mode calls to use mode_t. open.c: Changed mode calls to use mode_t. pipes.c: Removal of dead code. reply.c: Removal of dead code. trans2.c: Removal of dead code. Changed mode calls to use mode_t. Jeremy. (This used to be commit c381d32e3dc23fe887408016cae821aceb30da2c)
1998-09-03Ok - this is the 64 bit widening check in. It changes the configureJeremy Allison1-7/+7
to check for stat64 and friends, and then changes much of Samba to use the data type SMB_OFF_T for file size information. stat/fstat/lstat/lseek/ftruncate have now become sys_stat etc. to hide the 64 bit calls if needed. Note that this still does not expose 64 bit functionality to the client, as the changes to the reply_xxx smb's are not yet done. This code change should make these changes possible. Still to do before full 64 bit-ness to the client: fcntl lock code. statfs code widening of dev_t and ino_t (now possible due to SMB_DEV_T and SMB_OFF_T types being in place). Let me know if wierd things happen after this check-in and I'll fix them :-). Jeremy. (This used to be commit 14500936c321d15995c963766aac67bf1f4e3824)
1998-08-17moved connection_struct handling code into smbd/conn.c and changed itAndrew Tridgell1-4/+4
to a linked list with bitmap format. (This used to be commit b7aaab1b6b2d2f72b2bb7c11f5c7bf081a6093d9)
1998-08-14this is the bug change to using connection_struct* instead of cnum.Andrew Tridgell1-2/+2
Connections[] is now a local array in server.c I might have broken something with this change. In particular the oplock code is suspect and some .dll files aren't being oplocked when I expected them to be. I'll look at it after I've got some sleep. (This used to be commit c7ee025ead4a85b6fa44a832047b878451845fb6)
1998-07-29merge from the autoconf2 branch to the main branchAndrew Tridgell1-1/+1
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
1998-06-04includes.h: Fixes for NetBSD and BSDI.Jeremy Allison1-2/+2
smbpass.c: Fixed irix warnings. Jeremy. (This used to be commit 2caefb35ff56dba67968d04755d74238a38ba29d)
1998-06-01clientutil.c: Don't core dump if no controlling terminal available for password.Jeremy Allison1-2/+2
passdb.c: lib/rpc/include/rpc_misc.h: First cut at automatic uid/gid to rid mapping. We can change this at a later date to make more bits available if neccessary. Jeremy. (This used to be commit 34f40474aba97118e1e80fe6259c686e46dc16b4)
1998-05-26smb.h: More NT SMB stuff (just defines).Jeremy Allison1-1/+2
smbpass.c: Do *NOT* make this function static. It breaks the compile on gcc util.c: Getting closer to MS wildcard semantics. A trailing '*' matches any trailing dot-separated components. trans2.c: Removed hacks that change multiple '?' -> '*' as this breaks things now. trans2.h: Removed NT_FILE_ATTRIBUTE_NORMAL - now FILE_ATTRIBUTE_NORMAL is defined in smb.h. Jeremy. (This used to be commit 42a65511068cd9006350c80bbed2f346f3f01cb0)
1998-05-24- created pdb_sethexpwd(), to be called from all pwd apis that need toLuke Leighton1-2/+2
store passwords in ascii format - dealt with lots of signed/unsigned char thingies spotted by Tim Winders. (This used to be commit bd825f1ef15c4bf12aeba945f8bfdc7fd0e14d25)
1998-05-21fixed signed / unsigned warnings spotted by tim winders. also fixedLuke Leighton1-1/+1
unnecessary "address of" warnings. (This used to be commit ed0afe1e186ce53046e70d8a92103d4f59a2eed2)
1998-05-19passdb.c: Fixed typo in coment.Jeremy Allison1-1/+5
smb.h: Removed comments no longer valid. smbpass.c: Stopped dummy function from being prototyped. util.c: Fix for multibyte char problems with strlower, strupper and string_replace. Jeremy. (This used to be commit cd244b45a5d35fceee2a4034b0c6aabdb58871aa)
1998-05-19made mod_smbfilepwd_entry() and getsmbfilepwent() static. they need notLuke Leighton1-98/+97
be exposed. (This used to be commit 61ab72b82b24006c69b573400f740ff73e742b32)
1998-05-19oops - got some of the default (conversion) functions wrong.Luke Leighton1-32/+19
(This used to be commit b836581cda2b58d285245f71f2bc419c6ece4911)
1998-05-19removed "default" system for password database api: all functions mustLuke Leighton1-0/+18
be supported. there are some stub routines in passdb.c which can be copied into a password database api which do conversion. the module writer can choose which of these to provide full support for instead of using the conversion routines. (This used to be commit d906ac5941fa22f93a38d65906b89a80f971b83c)
1998-05-19ldap.c :Luke Leighton1-0/+1
- added support for some of the new passdb_ops functions. - removed functions that are supported "indirectly" through passdb.c nisppass.c : - modified make_nisname_from_xxx() functions to take a "file" arg. - turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid() functionality is available through "indirect" support in passdb.c - removed functions that are supported "indirectly" through passdb.c - added support for some of the new passdb_ops functions. passdb.c : - created getsam21pwrid() function to go alongside getsam21pwuid. it is not expected that getsam21pwuid ever be used, certainly not from the lib/rpc code. - created getsamdisprid() and getsamdispent(). these are primarily for support of SamrQueryDisplayInfo, however given that they [struct sam_disp_info] return username, rid and fullname, there may be further instances where these functions will be useful. - added support where either the get/add/mod-smb or get/add/mod-sam21 functions are optional. this can be done very easily by checking whether the struct passdb_ops table functions are NULL or not. documented this capability in the notes at the top of the module. - where unix uid was referenced, use uid_t. - where unix gid was referenced, use gid_t. smb.h : - added sam_disp_info functions to passdb_ops. - added getsam21pwrid() function. smbpass.c : - added reference to iterate_getsam21pwrid(). lib/rpc/server/srv_samr.c : - removed group rid code added to get_user_info_21() code: this had been added in the wrong place. the client / server should already know whether it wants to do a lookup by user rid or by group rid. the test of whether the rid is a user or group rid has been left in because this may become useful consistency-check code. - converted back to getsam21pwrid() not getsam21pwuid(pdb_user_rid_to_uid()). this is because the unix uid to user rid mapping can be non-monotonic in some password database systems, and monotonic in others. imposing the restriction by converting immediately from rid to uid at this point is inadviseable, and will place this potential restriction on _all_ password database systems, not just some which, for whatever reason, do not support user rids. it should be up to the individual password database writer to convert from user rid to unix uid, should that module not support rids. lib/rpc/server/srv_util.c : - got lookup_user_name() to call getsamdisprid() not getsmbpwuid(). a bug was introduced (or at least the bug already there was not fixed) whereby the nt user rid was converted to a unix uid, and then not used. (This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-18Abstracted all the crappy password interfaces through an indirectJeremy Allison1-34/+40
function table, selectable at compile time. This should make the code that implements all the password functions much cleaner, as it's now very clear exactly what a particular password database needs to provide to Samba. Jeremy. (This used to be commit 27ca536ad974242524c12f7100e419d9e7f9647f)
1998-05-18chgpasswd.c: Changed back to getsmb... from getsam...Jeremy Allison1-63/+63
ldap.c: Stoped dummy_function being prototyped. loadparm.c: Fixed slprintf sizes. nisppass.c: Fixed safe_strcpy sizes. nmbd_processlogon.c: Changed back to getsmb... from getsam... nttrans.c: Just a dump of new code. passdb.c: Moved stuff around a lot - stopped any lookups by rid. This needs to be indirected through a function table (soon). password.c: Changed back to getsmb... from getsam... reply.c: Changed back to getsmb... from getsam... slprintf.c: Fixed prototype problems. smb.h: Fixed prototype problems. smbpass.c: Changed to getsmbfile.... smbpasswd.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup. lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam... Jeremy. (This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
1998-05-18creating and using some pdb_init_(sam/smb) routines. putting ldap headersLuke Leighton1-9/+3
back in (they had been taken out of includes.h because they are only local to ldap.c. (This used to be commit 98ab085b93fb25a4d9275c0d54a863fd9fae2548)
1998-05-18resolving compilation errorsLuke Leighton1-1/+2
(This used to be commit dea0c06eec44a7c2860f97d8f23584d30e482e0a)
1998-05-18- renamed some of the passdb.c functions: they have a prefix pdb_ on themLuke Leighton1-297/+9
- split smbpass.c "password file lock" routines into smbpassfile.c: moved trust account routines into smbpassfile.c as well (This used to be commit 3e48b4eb113cc5e1c6794d7ac699fd9ac47c654a)
1998-05-18Makefile:Luke Leighton1-3/+30
- added nisppass.c and NISPLUS_FLAGS includes.h: - renamed USE_LDAP to USE_LDAP_DB. renamed NISPLUS to USE_NISPLUS_DB. added default define of USE_SMBPASS_DB. - removed ldap headers: they are local only to ldap.c ldap.c : - made all ldap-specific functions static. - added dummy sam21 functions loadparm.c : - renamed NISPLUS to NISPLUS_HOME mkproto.awk - commented out ldap-specific #ifdef generation code: it's not needed now that ldap-specific functions in ldap.c are static nisppass.c : - first attempt at an add function from (This used to be commit f215d375f0f1e12894c2a9e86bd28d4776d337c1)
1998-05-14namequery.c: Fixed SGI IRIX 5.x compiler problem.Jeremy Allison1-4/+4
server.c: Added MACHINE.SID file generation - use lp_domain_sid() be default. smbpass.c: Exposed do_file_lock() as I now use it in server.c Jeremy. (This used to be commit 5bf17840ac7d65d08dd3fdfe8b789010488f6808)
1998-05-13initialise a variableAndrew Tridgell1-1/+1
(This used to be commit 1c052f8744c3f1f64638eb4c0ea7b0db39d50040)
1998-05-12removed lp_domain_workstation() parameterLuke Leighton1-1/+1
(This used to be commit 80d6a3bb0cf3853aa51594cce888e6c0a6e6f634)
1998-05-12This is a security audit change of the main source.Jeremy Allison1-21/+22
It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
1998-05-11password back-end database supportLuke Leighton1-1/+108
ldap.c : - added getldap21pwent() function passdb.c : - getsam21pwent() no longer a stub: calls ldap21 or smb21 smbpass.c : - added getsmb21pwent() function (he he :-) lib/rpc/server/srv_samr.c : - removed "specific" calls to ldap functions; replaced with call to get_sampwd_entries instead (which is unfinished). - rewrote get_user_info_21 function to call getsam21pwrid. (This used to be commit c760ebbf127796427c4602aae61952df938c6def)
1998-05-11ldap back-end database developmentLuke Leighton1-199/+34
Makefile: created PASSBD_OBJ group includes.h: added #ifdef USE_LDAP to #include <ldap> headers ldap.c: - renamed "_machine" to "_trust" everywhere. - added sam_passwd support routines - removed get_ldappwd_entry function: replaced with get_sampwd_entry - removed getldappwnam/uid: replaced with getsampwnam/uid - other messing about bits which are probably going to annoy the hell out of jean-francois (sorry!) mkproto.awk: - added stuff to wrap ldap.c protos with #ifdef USE_LDAP - added uid_t and gid_t return results to the prototype generation passdb.c: - created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry. - modified getsampwnam/uid and created getsam21pwnam/rid functions to replace the local get_smbpwd_entry() and get_ldappwd_entry() functions, which jeremy didn't like anyway because they were dual-purpose. - added utility routines which are or may be useful to all the password database routines. password.c: - renamed "machine_" to "trust_" everywhere. smbpass.c: - removed get_smbpwd_entry function: replaced it with get_sampwd_entry functions in passdb.c - moved code that decoded acct_ctrl into passdb.c - moved encode_acct_ctrl into passdb.c - removed getsmbpwnam/uid: replaced with getsampwnam/uid - renamed "machine_" to "trust_" everywhere. smbpasswd.c: - renamed "machine_" to "trust_" everywhere. util.c: - moved gethexpwd function into passdb.c lib/rpc/server/srv_util.c: - moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c (This used to be commit 673ab50c4c2c25db355d90efde3a6bfbb4d8369e)
1998-05-11changed to use slprintf() instead of sprintf() just aboutAndrew Tridgell1-9/+11
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
1998-05-08renamed last_change_time to pass_must_change_time. removed "if (bool==True)"Luke Leighton1-10/+10
and "if (bool==False)" code from ldap.c - a boolean test may not necessarily return exactly True or exactly False: True may be defined to be -1: you never know... (This used to be commit 9bf9752134a92b9a6e8895300d986cfa23547c03)
1998-05-07remove unused ldap functions: add stub start/get/endldappwent routines.Luke Leighton1-1/+0
(This used to be commit a827412effe75029622cc3c822b1d581dd374fda)
1998-05-07moving gethexpwd into util.c, because it's used in both smbpass.c and ldap.cLuke Leighton1-29/+0
(This used to be commit abe261b2f5ea7036e7be6230876176d134ef4ee4)