Age | Commit message (Collapse) | Author | Files | Lines |
|
smbd, and also makes it much cleaner inside winbindd.
It is mostly my code, with a few changes and testing performed by Alexander
Bokovoy <a.bokovoy@sam-solutions.net>. ab has tested it in security=domain and
security=ads, but more testing is always appricatiated.
The idea is that we no longer cart around a 'domain\user' string, we keep them
seperate until the last moment - when we push that string into a pwent on onto
the socket.
This removes the need to be constantly parsing that string - the domain prefix
is almost always already provided, (only a couple of functions actually changed
arguments in all this).
Some consequential changes to the RPC client code, to stop it concatonating the
two strings (it now passes them both back as params).
I havn't changed the cache code, however the usernames will no longer have a
double domain prefix in the key string. The actual structures are unchanged
- but the meaning of 'username' in the 'rid' will have changed. (The cache is
invalidated at startup, so on-disk formats are not an issue here).
Andrew Bartlett
(This used to be commit e870f0e727952aeb8599cf93ad2650ae56eca033)
|
|
- fixed gid* bug in rpc_server
(This used to be commit 48aa90c48c5f0e3054c4acdc49668e222e7c0d36)
|
|
- removed the ugly as hell sam_logon_in_ssb variable, I changed a bit the
definition of standard_sub_basic() to cope with that.
- removed the smb.conf: 'domain admin group' and 'domain guest group'
parameters ! We're not playing anymore with the user's group RIDs !
- in get_domain_user_groups(), if the user's gid is a group, put it first
in the group RID list.
I just have to write an HOWTO now ;-)
J.F.
(This used to be commit fef52c4b96c987115fb1818c00c2352c67790e50)
|
|
now return the alias correctly.
time to look at the netlogon case.
J.F.
(This used to be commit 72ee1791084d09e73d8057e37ced4a79cecffb35)
|
|
(This used to be commit 56bdb152d8617c0a36c0bc25c677a2d98bcb1328)
|
|
not the privileges. Usually we don't need them, so the memory is free
early.
lib/util_sid.c: added some helper functions to check an SID.
passdb/passdb.c: renamed local_lookup_rid() to local_lookup_sid() and pass
an RID all the way. If the group doesn't exist on the domain SID,
don't return a faked one as it can collide with a builtin one. Some rpc
structures have been badly designed, they return only rids and force the
client to do subsequent lsa_lookup_sid() on the domain sid and the builtin
sid !
rpc_server/srv_util.c: wrote a new version of get_domain_user_groups().
Only the samr code uses it atm. It uses the group mapping code instead of
a bloody hard coded crap. The netlogon code will use it too, but I have to
do some test first.
J.F.
(This used to be commit 6c87e96149101995b7d049657d5c26eefef37d8c)
|
|
In particular this commit focuses on:
Actually adding the 'const' to the passdb interface, and the flow-on changes.
Also kill off the 'disp_info' stuff, as its no longer used.
While these changes have been mildly tested, and are pretty small, any
assistance in this is appreciated.
----
These changes introduces a large dose of 'const' to the Samba tree.
There are a number of good reasons to do this:
- I want to allow the SAM_ACCOUNT structure to move from wasteful
pstrings and fstrings to allocated strings. We can't do that if
people are modifying these outputs, as they may well make
assumptions about getting pstrings and fstrings
- I want --with-pam_smbpass to compile with a slightly sane
volume of warnings, currently its pretty bad, even in 2.2
where is compiles at all.
- Tridge assures me that he no longer opposes 'const religion'
based on the ability to #define const the problem away.
- Changed Get_Pwnam(x,y) into two variants (so that the const
parameter can work correctly): - Get_Pwnam(const x) and
Get_Pwnam_Modify(x).
- Reworked smbd/chgpasswd.c to work with these mods, passing
around a 'struct passwd' rather than the modified username
---
This finishes this line of commits off, your tree should now compile again :-)
Andrew Bartlett
(This used to be commit c95f5aeb9327347674589ae313b75bee3bf8e317)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
The big one is a global change to allow us to NULLify the free'ed pointer to a
former passdb object. This was done to allow idra's SAFE_FREE() macro to do
its magic, and to satisfy the input test in pdb_init_sam() for a NULL pointer
to start with.
This NULL pointer test was what was breaking the adding of accounts up until
now, and this code has been reworked to avoid duplicating work - I hope this
will avoid a similar mess-up in future.
Finally, I fixed a few nasty bugs where the pdb_ fuctions's return codes were
being ignored. Some of these functions malloc() and are permitted to fail.
Also, this caught a nasty bug where pdb_set_lanman_password(sam, NULL) acheived
precisely didilly-squat, just returning False. Now that we check the returns
this bug was spotted. This could allow different LM and NT passwords.
- the pdbedit code needs to start checking these too, but I havn't had a
chance to fix it.
I have also fixed up where some of the password changing code was using the
pdb_set functions to store *internal* data. I assume this is from a previous
lot of mass conversion work...
Most likally (and going on past experience) I have missed somthing, probably in
the LanMan password change code which I havn't yet been able to test, but this
lot is in much better shape than it was before.
If all this is too much to swallow (particularly for 2.2.2) then just adding a
sam_pass = NULL to the particular line of passdb.c should do the trick for the
ovbious bug.
Andrew Bartlett
(This used to be commit 762c8758a7869809d89b4da9c2a5249678942930)
|
|
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
|
|
can't redefine them. damn.
(This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
|
|
(This used to be commit 9aefc86e355bf160300580acb85a58a18207ccdf)
|
|
o sed 's/pdb_clear_sam/pdb_free_sam/g'
o add pdb_reset_sam()
o password changing should be ok now as well.
(This used to be commit 96d0e7c3301ad990f6c83b9c216720cb32661fb5)
|
|
I did some basic tests but I have probably broken something. Notably the
password changing. So don't cry ;-)
J.F.
(This used to be commit a4a4c02b12f030a3b9e6225b999c90689dfc4719)
|
|
RPC code to merge with new passdb code.
Currently rpcclient doesn't compile. I'm working on it...
Jeremy.
(This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
|
|
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+)
are broken, but they were somewhat broken before. :)
The following functions implement the storage manipulation interface
/*The following definitions come from passdb/pdb_smbpasswd.c */
BOOL pdb_setsampwent (BOOL update);
void pdb_endsampwent (void);
SAM_ACCOUNT* pdb_getsampwent (void);
SAM_ACCOUNT* pdb_getsampwnam (char *username);
SAM_ACCOUNT* pdb_getsampwuid (uid_t uid);
SAM_ACCOUNT* pdb_getsampwrid (uint32 rid);
BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass);
BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override);
BOOL pdb_delete_sam_account (char* username);
There is also a host of pdb_set..() and pdb_get..() functions for
manipulating SAM_ACCOUNT struct members. Note that the struct
passdb_ops {} has gone away. Also notice that struct smb_passwd
(formally in smb.h) has been moved to passdb/pdb_smbpasswd.c
and is not accessed outisde of static internal functions in this
file. All local password searches should make use of the the SAM_ACCOUNT
struct and the previously mentioned functions.
I'll write some documentation for this later. The next step is to fix
the TDB passdb backend, then work on spliting the backends out into
share libraries, and finally get the LDAP backend going.
What works and may not:
o domain logons from Win9x works
o domain logons from WinNT 4 works
o user and group enumeration
as implemented by Tim works
o file and print access works
o changing password from
Win9x & NT ummm...i'll fix this tonight :)
If I broke anything else, just yell and I'll fix it. I think it
should be fairly quite.
-- jerry
(This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
|
|
NT_STATUS_XXX).
Removed IS_BITS_xxx macros as they were just reproducing "C" syntax in a more
obscure way.
Jeremy.
(This used to be commit c55bcec817f47d6162466b193d533c877194124a)
|
|
this stuff doesn't need to be done as root anyway.
(This used to be commit c3cad0ff6482784f95fd54ba51ee5be2354bb95d)
|
|
this adds "#define OLD_NTDOMAIN 1" in lots of places. Don't panic -
this isn't permanent, it should go after another few merge steps have
been done
(This used to be commit 92109d7b3c06f240452d39f669ecb8c9c86ab610)
|
|
(This used to be commit f249dc041f3f3bdb1adaa41271236ffdb2447475)
|
|
include/byteorder.h: Added alignment macros.
include/nameserv.h: Added defines for msg_type field options - from rfc1002.
lib/time.c: Typo fix.
lib/util_unistr.c: Updates from UNICODE branch.
printing/nt_printing.c: bzero -> memset.
smbd/connection.c: Added check for UT_SYSLEN for utmp code.
Other fixes : Rollback of unapproved commit from Luke.
Please *ask* next time before doing large changes to HEAD.
Jeremy.
(This used to be commit f02999dbf7971b4ea05050d7206205d7737a78b2)
|
|
the spoolss code (it's cut from TNG) and the smb-dce/rpc interface
code that jeremy has been working up to TNG-functionality.
i also want this message to go into SAMBA_2_0 and SAMBA_2_0_RELEASE,
because it is intolerable that potentially good modifications be made
to code that is going to be thrown away, and people waste their time
fixing bugs and adding enhancements that have already been carried
out already, up to two years ago in the TNG branch.
/*
* THIS CODE IS OUT-OF-DATE BY TWO YEARS, IS LEGACY DESIGN AND VERY, VERY,
* INCOMPLETE. PLEASE DO NOT MAKE ANY FURTHER ENHANCEMENTS TO THIS CODE
* UNLESS THEY ARE ALSO CARRIED OUT IN THE SAMBA_TNG BRANCH.
*
* PLEASE DO NOT TREAT THIS CODE AS AUTHORITATIVE IN *ANY* WAY.
*
* REPEAT, PLEASE DO NOT MAKE ANY MODIFICATIONS TO THIS CODE WITHOUT
* FIRST CHECKING THE EQUIVALENT MODULE IN SAMBA_TNG, UPDATING THAT
* FIRST, *THEN* CONSIDER MAKING THE SAME MODIFICATION IN THIS BRANCH
*
* YOU WILL, ALMOST GUARANTEED, FIND THAT THE BUG-FIX OR ENHANCEMENT THAT
* YOU THINK IS NECESSARY, HAS ALREADY BEEN IMPLEMENTED IN SAMBA_TNG.
* IF IT HAS NOT, YOUR BUG-FIX OR ENHANCEMENT *MUST* GO INTO SAMBA_TNG
* AS THE SAMBA_TNG CODE WILL REPLACE THIS MODULE WITHOUT REFERENCE TO
* ANYTHING IN IT, WITH THE POSSIBLE RISK THAT THE BUG-FIX OR ENHANCEMENT
* MAY BE LOST.
*
* PLEASE OBSERVE AND RESPECT THIS SIMPLE REQUEST.
*
* THANK YOU.
*
* lkcl@samba.org
*/
(This used to be commit cfaea90529be222f8df0e20a7ca1289f99c29e09)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
|
|
changes from yesterday by me, jeremy and andrew.
jeremy, your ACB_PWNOTREQ mod would have caused a crash if the user
didn't exist (first check should be for smb_pass != NULL)
(This used to be commit cbac0f165d351ba9497c222e55e453d781376e58)
|
|
resons and my own piece of mind...
Jeremy.
(This used to be commit 45131501f23ce1eec2f23fe2c1060cd5a2736ec9)
|
|
rpc_client/cli_pipe.c: Inlined code removed from smbdes.c
rpc_server/srv_samr.c: Fixed unused variable warning.
rpc_server/srv_util.c: Inlined code removed from smbdes.c
Luke - the above changes are the first part of the changes
you and I discussed as being neccessary at the CIFS conference.
*PLEASE REVIEW THESE CHANGES* - make sure I haven't broken
any of the authenticated DCE/RPC code.
smbd/nttrans.c: Fixed to allow NT5.0beta2 to use Samba shares
with NT SMB support.
smbd/open.c: Fixed mkdir when called from nttrans calls.
smbd/server.c: Set correct size for strcpy of global_myworkgroup.
Jeremy.
(This used to be commit d891421d16ff80998dee429227bd391455f9d1a1)
|
|
for sid S-1-5-20 and does (nothing at the moment) if you query for
your own sid.
(This used to be commit da40f26f4b2f7ce286076b4e39dffd76aa2ef8e6)
|
|
it appears!
(This used to be commit 399035098f212e976cc0000a215e0705ebe78c05)
|
|
smbd/chgpasswd.c: Fixed (my) stupid bug where I was returning stack based variables. Doh !
smbd/trans2.c: Allows SETFILEINFO as well as QFILEINFO on directory handles.
Jeremy.
(This used to be commit 0b44d27d0b5cc3948a6c2d78370ccddf1a84cd80)
|
|
put unicode strings after SAMLOGON query regardless of whether it's
an NT mailslot or a non-NT mailslot, after having observed this behaviour
out of NT machines.
(This used to be commit c101113ec20ed0ba633e78e4ee45596cdccaf1b5)
|
|
how do i switch on these warnings in gcc?????
(This used to be commit 39db385a0c47c11adb6bf3bac89c4bb76f675049)
|
|
(This used to be commit 48ff3e2429964404c8bf33ef625791147913a3c0)
|
|
smb.tgz file from my portable.
particularly the call to mem_data followed by a realloc of that data in
cli_pipe.c's rpc_read() function.
smbd responses now use p->rdata_i which is a faked-up pointer into
p->rdata's response data. rdata can be very long; rdata_i is limited
to point to no more than max_tsize - 0x18 in length. this will make
it an almost trivial task to add the encrypted rpc headers after
rdata_i, and mem_buf_copy will cope admirably with rhdr chained to
rdata_i chained to auth_verifier etc etc...
(This used to be commit 05a297e3a98c14360782af4ad0d851638fb5da9a)
|
|
- removed debug info in struni2 and unistr2 (security risk)
- rpc_pipe function was getting pointer to data then calling realloc *dur*
- password check function, the start of "credential checking",
user, wks, domain, pass as the credentials (not just user,pass which
is incorrect in a domain context)
- cli_write needs to return ssize_t not size_t, because total can be -1
if the write fails.
- fixed signed / unsigned warnings (how come i don't get those any more
when i compile with gcc???)
- nt password change added in smbd. yes, jeremy, i verified that the
SMBtrans2 version still works.
(This used to be commit fcfb40d2b0fc565ee4f66b3a3761c246366a2ef3)
|
|
(This used to be commit fc1b7b9e75b029ffa93263766fe297d043c6d1df)
|
|
(This used to be commit 29434f496c18e816d864060d68f357aea6ef5de8)
|
|
(This used to be commit 95e8a910c5d9ba0ef57669fb1256eaa932e0bb09)
|
|
(This used to be commit 16256f86bf451535c7955b8f51a9b88fc33a8e4d)
|
|
(This used to be commit 8b9c0bad889d4f26987d87c54b4d8bf102af1744)
|
|
(This used to be commit 6677b888bdb45df00646eb7cc13005b9465ff971)
|
|
uid_t, gid_t and vuid. Added sys_getgroups() to get
around the int * return problem. Set correct datatypes
for all uid, gid and vuid variables.
Jeremy.
(This used to be commit e570db46fc3a78e499523fd342e9a34cebb18998)
|
|
failing. running these two programs on a samba pdc now work.
parse_samr.c:
- removed __LINE__ from debug macros.
- removed call to SMB_ASSERT_ARRAY() in samr_r_query_usergroups. the
DOM_GID array is a malloc'd array (by make_dom_gids) not a static
array.
srv_samr.c:
- replaced all "struct smb_passwd"s with sam_passwds instead. there
were uid to rid confusion issues (assumptions that uids were equal
to rids).
- #if 0'd the pdb_rid_is_user() call which, given the above corrections,
would probably work now.
srv_util.c:
- replaced "struct smb_passwd" with sam_passwd in lookup_user_rid, as
assumptions were being made that uids were equal to rids.
(This used to be commit 3f98697cd5203fba07518d7c777ba19644e35b45)
|
|
prompted by the interpret_security() dead code that Jean-Francois
pointed out I added a make target "finddead" that finds potentially
dead (ie. unused) code. It spat out 304 function names ...
I went through these are deleted many of them, making others static
(finddead also reports functions that are used only in the local
file).
in doing this I have almost certainly deleted some useful code. I may
have even prevented compilation with some compile options. I
apologise. I decided it was better to get rid of this code now and add
back the one or two functions that are needed than to keep all this
baggage.
So, if I have done a bit too much "destroying" then let me know. Keep
the swearing to a minimum :)
One bit I didn't do is the ubibt code. Chris, can you look at that?
Heaps of unused functions there. Can they be made static?
(This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
|
|
(This used to be commit 3eade55dc7c842bdc50205c330802d211fae54d3)
|
|
have an ASSERT macro defined.
Jeremy.
(This used to be commit dbe6ad014a8b5dcbf17d7cd9865650c2e040d666)
|
|
in the rpc code.
(This used to be commit e6ce1c5b5a9f29d8fcbbd23019186ff5c600e795)
|
|
groupname.o
includes.h: Added ubi_sLinkList.h include.
loadparm.c: Added groupname map parameter.
password.c: Fix HPUX big_crypt.
username.c: New user_in_list() code. Moved groupname map code to groupname.c
lib/rpc/server/srv_util.c: Added lookup_wellknown_sid_from_name().
New groupname map stuff. Note that nothing currently uses this but at
compiles ok.
Jeremy.
(This used to be commit beef636a4d772457816ef068c62ea965d07131f6)
|
|
reply.c: map_username is now a BOOL function.
server.c: Added capability to do map_username on service names
when looking for a home directory. That's what the
original code would do.
lib/rpc/server/srv_util.c: Changed domain_ to builtin_ for
BUILTIN aliases.
username.c: Work in progress on groupname map parameter.
Jeremy
(This used to be commit fa95fae5eed95aff64f0a01825477610a101bbc7)
|
|
lib/rpc/include/rpc_lsa.h: Changed #defines for RPC calls - moved some, made LSA_LOOKUPNAMES correct.
lib/rpc/include/rpc_misc.h: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx.
Changed bitmasks for uid to rid to be 1 bit.
lib/rpc/parse/parse_misc.c: Changed make_unistr2 to put length as given, max length as one more.
lib/rpc/server/srv_netlog.c: Removed 'domain other sids' parameter.
lib/rpc/server/srv_samr.c: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx.
lib/rpc/server/srv_util.c: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx.
Jeremy.
(This used to be commit 34c91840a3d8c252715dc2f749b7a3b171a5b74f)
|