summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_util.c
AgeCommit message (Collapse)AuthorFilesLines
2001-09-29Fix up a number of intertwined issues:Andrew Bartlett1-4/+4
The big one is a global change to allow us to NULLify the free'ed pointer to a former passdb object. This was done to allow idra's SAFE_FREE() macro to do its magic, and to satisfy the input test in pdb_init_sam() for a NULL pointer to start with. This NULL pointer test was what was breaking the adding of accounts up until now, and this code has been reworked to avoid duplicating work - I hope this will avoid a similar mess-up in future. Finally, I fixed a few nasty bugs where the pdb_ fuctions's return codes were being ignored. Some of these functions malloc() and are permitted to fail. Also, this caught a nasty bug where pdb_set_lanman_password(sam, NULL) acheived precisely didilly-squat, just returning False. Now that we check the returns this bug was spotted. This could allow different LM and NT passwords. - the pdbedit code needs to start checking these too, but I havn't had a chance to fix it. I have also fixed up where some of the password changing code was using the pdb_set functions to store *internal* data. I assume this is from a previous lot of mass conversion work... Most likally (and going on past experience) I have missed somthing, probably in the LanMan password change code which I havn't yet been able to test, but this lot is in much better shape than it was before. If all this is too much to swallow (particularly for 2.2.2) then just adding a sam_pass = NULL to the particular line of passdb.c should do the trick for the ovbious bug. Andrew Bartlett (This used to be commit 762c8758a7869809d89b4da9c2a5249678942930)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-13/+13
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-07-04strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell1-1/+1
can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
2001-05-07merge from 2.2 removing the 'domain XXX' parameters.Gerald Carter1-3/+0
(This used to be commit 9aefc86e355bf160300580acb85a58a18207ccdf)
2001-05-07Patch from Simo:Gerald Carter1-4/+4
o sed 's/pdb_clear_sam/pdb_free_sam/g' o add pdb_reset_sam() o password changing should be ok now as well. (This used to be commit 96d0e7c3301ad990f6c83b9c216720cb32661fb5)
2001-05-04Big cleanup of passdb and backends.Jean-François Micouleau1-10/+19
I did some basic tests but I have probably broken something. Notably the password changing. So don't cry ;-) J.F. (This used to be commit a4a4c02b12f030a3b9e6225b999c90689dfc4719)
2001-03-11Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison1-28/+23
RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
2000-11-13Large commit which restructures the local password storage API.Gerald Carter1-4/+4
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+) are broken, but they were somewhat broken before. :) The following functions implement the storage manipulation interface /*The following definitions come from passdb/pdb_smbpasswd.c */ BOOL pdb_setsampwent (BOOL update); void pdb_endsampwent (void); SAM_ACCOUNT* pdb_getsampwent (void); SAM_ACCOUNT* pdb_getsampwnam (char *username); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass); BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override); BOOL pdb_delete_sam_account (char* username); There is also a host of pdb_set..() and pdb_get..() functions for manipulating SAM_ACCOUNT struct members. Note that the struct passdb_ops {} has gone away. Also notice that struct smb_passwd (formally in smb.h) has been moved to passdb/pdb_smbpasswd.c and is not accessed outisde of static internal functions in this file. All local password searches should make use of the the SAM_ACCOUNT struct and the previously mentioned functions. I'll write some documentation for this later. The next step is to fix the TDB passdb backend, then work on spliting the backends out into share libraries, and finally get the LDAP backend going. What works and may not: o domain logons from Win9x works o domain logons from WinNT 4 works o user and group enumeration as implemented by Tim works o file and print access works o changing password from Win9x & NT ummm...i'll fix this tonight :) If I broke anything else, just yell and I'll fix it. I think it should be fairly quite. -- jerry (This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
2000-08-01Tidyup removing many of the 0xC0000000 | NT_STATUS_XXX stuff (only need ↵Jeremy Allison1-6/+6
NT_STATUS_XXX). Removed IS_BITS_xxx macros as they were just reproducing "C" syntax in a more obscure way. Jeremy. (This used to be commit c55bcec817f47d6162466b193d533c877194124a)
2000-06-23Removed save directory argument to become_root() calls. Probably most ofTim Potter1-4/+4
this stuff doesn't need to be done as root anyway. (This used to be commit c3cad0ff6482784f95fd54ba51ee5be2354bb95d)
2000-05-10more merging voodooAndrew Tridgell1-0/+4
this adds "#define OLD_NTDOMAIN 1" in lots of places. Don't panic - this isn't permanent, it should go after another few merge steps have been done (This used to be commit 92109d7b3c06f240452d39f669ecb8c9c86ab610)
2000-04-04Snuck in some whitespace cleanup while I was visiting these files. (-:Tim Potter1-2/+0
(This used to be commit f249dc041f3f3bdb1adaa41271236ffdb2447475)
2000-03-22acconfig.h configure configure.in: Added check for UT_SYSLEN for utmp code.Jeremy Allison1-25/+0
include/byteorder.h: Added alignment macros. include/nameserv.h: Added defines for msg_type field options - from rfc1002. lib/time.c: Typo fix. lib/util_unistr.c: Updates from UNICODE branch. printing/nt_printing.c: bzero -> memset. smbd/connection.c: Added check for UT_SYSLEN for utmp code. Other fixes : Rollback of unapproved commit from Luke. Please *ask* next time before doing large changes to HEAD. Jeremy. (This used to be commit f02999dbf7971b4ea05050d7206205d7737a78b2)
2000-03-22added the following message to all dce/rpc client/server code, exceptLuke Leighton1-0/+25
the spoolss code (it's cut from TNG) and the smb-dce/rpc interface code that jeremy has been working up to TNG-functionality. i also want this message to go into SAMBA_2_0 and SAMBA_2_0_RELEASE, because it is intolerable that potentially good modifications be made to code that is going to be thrown away, and people waste their time fixing bugs and adding enhancements that have already been carried out already, up to two years ago in the TNG branch. /* * THIS CODE IS OUT-OF-DATE BY TWO YEARS, IS LEGACY DESIGN AND VERY, VERY, * INCOMPLETE. PLEASE DO NOT MAKE ANY FURTHER ENHANCEMENTS TO THIS CODE * UNLESS THEY ARE ALSO CARRIED OUT IN THE SAMBA_TNG BRANCH. * * PLEASE DO NOT TREAT THIS CODE AS AUTHORITATIVE IN *ANY* WAY. * * REPEAT, PLEASE DO NOT MAKE ANY MODIFICATIONS TO THIS CODE WITHOUT * FIRST CHECKING THE EQUIVALENT MODULE IN SAMBA_TNG, UPDATING THAT * FIRST, *THEN* CONSIDER MAKING THE SAME MODIFICATION IN THIS BRANCH * * YOU WILL, ALMOST GUARANTEED, FIND THAT THE BUG-FIX OR ENHANCEMENT THAT * YOU THINK IS NECESSARY, HAS ALREADY BEEN IMPLEMENTED IN SAMBA_TNG. * IF IT HAS NOT, YOUR BUG-FIX OR ENHANCEMENT *MUST* GO INTO SAMBA_TNG * AS THE SAMBA_TNG CODE WILL REPLACE THIS MODULE WITHOUT REFERENCE TO * ANYTHING IN IT, WITH THE POSSIBLE RISK THAT THE BUG-FIX OR ENHANCEMENT * MAY BE LOST. * * PLEASE OBSERVE AND RESPECT THIS SIMPLE REQUEST. * * THANK YOU. * * lkcl@samba.org */ (This used to be commit cfaea90529be222f8df0e20a7ca1289f99c29e09)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-1/+322
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-322/+1
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-11-12cleaning up conflicts between group code not yet committed andLuke Leighton1-687/+0
changes from yesterday by me, jeremy and andrew. jeremy, your ACB_PWNOTREQ mod would have caused a crash if the user didn't exist (first check should be for smb_pass != NULL) (This used to be commit cbac0f165d351ba9497c222e55e453d781376e58)
1998-11-12Moved some code (NTLMSSPcalc) out of smbdes and inline for paranioaJeremy Allison1-4/+31
resons and my own piece of mind... Jeremy. (This used to be commit 45131501f23ce1eec2f23fe2c1060cd5a2736ec9)
1998-10-22libsmb/smbdes.c: #ifdef'ed out code prior to removal.Jeremy Allison1-1/+31
rpc_client/cli_pipe.c: Inlined code removed from smbdes.c rpc_server/srv_samr.c: Fixed unused variable warning. rpc_server/srv_util.c: Inlined code removed from smbdes.c Luke - the above changes are the first part of the changes you and I discussed as being neccessary at the CIFS conference. *PLEASE REVIEW THESE CHANGES* - make sure I haven't broken any of the authenticated DCE/RPC code. smbd/nttrans.c: Fixed to allow NT5.0beta2 to use Samba shares with NT SMB support. smbd/open.c: Fixed mkdir when called from nttrans calls. smbd/server.c: Set correct size for strcpy of global_myworkgroup. Jeremy. (This used to be commit d891421d16ff80998dee429227bd391455f9d1a1)
1998-10-21domain aliases added a bit better: does local aliases if you queryLuke Leighton1-1/+0
for sid S-1-5-20 and does (nothing at the moment) if you query for your own sid. (This used to be commit da40f26f4b2f7ce286076b4e39dffd76aa2ef8e6)
1998-10-21the next dialog: user-groups. it's not very sensible what appears, but hey:Luke Leighton1-1/+1
it appears! (This used to be commit 399035098f212e976cc0000a215e0705ebe78c05)
1998-10-21Fixed mainly signed/unsigned issues found by SGI cc in -fullwarn mode.Jeremy Allison1-1/+1
smbd/chgpasswd.c: Fixed (my) stupid bug where I was returning stack based variables. Doh ! smbd/trans2.c: Allows SETFILEINFO as well as QFILEINFO on directory handles. Jeremy. (This used to be commit 0b44d27d0b5cc3948a6c2d78370ccddf1a84cd80)
1998-10-21fixing smbd encrypted rpcs (data lens, alloc hints, sequence nums argh).Luke Leighton1-6/+6
put unicode strings after SAMLOGON query regardless of whether it's an NT mailslot or a non-NT mailslot, after having observed this behaviour out of NT machines. (This used to be commit c101113ec20ed0ba633e78e4ee45596cdccaf1b5)
1998-10-20signed / unsigned warnings (found by herb).Luke Leighton1-7/+7
how do i switch on these warnings in gcc????? (This used to be commit 39db385a0c47c11adb6bf3bac89c4bb76f675049)
1998-10-20dce/rpc. bug-fix in ipc.c (introduced today :)Luke Leighton1-27/+87
(This used to be commit 48ff3e2429964404c8bf33ef625791147913a3c0)
1998-10-20some quite important bug-fixes i missed because i transferred the wrongLuke Leighton1-12/+19
smb.tgz file from my portable. particularly the call to mem_data followed by a realloc of that data in cli_pipe.c's rpc_read() function. smbd responses now use p->rdata_i which is a faked-up pointer into p->rdata's response data. rdata can be very long; rdata_i is limited to point to no more than max_tsize - 0x18 in length. this will make it an almost trivial task to add the encrypted rpc headers after rdata_i, and mem_buf_copy will cope admirably with rhdr chained to rdata_i chained to auth_verifier etc etc... (This used to be commit 05a297e3a98c14360782af4ad0d851638fb5da9a)
1998-10-19- dce/rpc codeLuke Leighton1-27/+97
- removed debug info in struni2 and unistr2 (security risk) - rpc_pipe function was getting pointer to data then calling realloc *dur* - password check function, the start of "credential checking", user, wks, domain, pass as the credentials (not just user,pass which is incorrect in a domain context) - cli_write needs to return ssize_t not size_t, because total can be -1 if the write fails. - fixed signed / unsigned warnings (how come i don't get those any more when i compile with gcc???) - nt password change added in smbd. yes, jeremy, i verified that the SMBtrans2 version still works. (This used to be commit fcfb40d2b0fc565ee4f66b3a3761c246366a2ef3)
1998-10-16oops.Luke Leighton1-1/+1
(This used to be commit fc1b7b9e75b029ffa93263766fe297d043c6d1df)
1998-10-16dce/rpcLuke Leighton1-5/+22
(This used to be commit 29434f496c18e816d864060d68f357aea6ef5de8)
1998-10-16made pass_check_smb() available for dce/rpc use.Luke Leighton1-1/+1
(This used to be commit 95e8a910c5d9ba0ef57669fb1256eaa932e0bb09)
1998-10-16rpc client mods (ntlmssp flags)Luke Leighton1-0/+50
(This used to be commit 16256f86bf451535c7955b8f51a9b88fc33a8e4d)
1998-10-14more warnings...Luke Leighton1-2/+1
(This used to be commit 8b9c0bad889d4f26987d87c54b4d8bf102af1744)
1998-10-07dce/rpcLuke Leighton1-1/+279
(This used to be commit 6677b888bdb45df00646eb7cc13005b9465ff971)
1998-09-29Got very strict about the differences and uses ofJeremy Allison1-1/+1
uid_t, gid_t and vuid. Added sys_getgroups() to get around the int * return problem. Set correct datatypes for all uid, gid and vuid variables. Jeremy. (This used to be commit e570db46fc3a78e499523fd342e9a34cebb18998)
1998-09-24this fixes the last of the issues where USRMGR.EXE and SRVMGR.EXE wereLuke Leighton1-5/+4
failing. running these two programs on a samba pdc now work. parse_samr.c: - removed __LINE__ from debug macros. - removed call to SMB_ASSERT_ARRAY() in samr_r_query_usergroups. the DOM_GID array is a malloc'd array (by make_dom_gids) not a static array. srv_samr.c: - replaced all "struct smb_passwd"s with sam_passwds instead. there were uid to rid confusion issues (assumptions that uids were equal to rids). - #if 0'd the pdb_rid_is_user() call which, given the above corrections, would probably work now. srv_util.c: - replaced "struct smb_passwd" with sam_passwd in lookup_user_rid, as assumptions were being made that uids were equal to rids. (This used to be commit 3f98697cd5203fba07518d7c777ba19644e35b45)
1998-09-05tridge the destroyer returns!Andrew Tridgell1-42/+0
prompted by the interpret_security() dead code that Jean-Francois pointed out I added a make target "finddead" that finds potentially dead (ie. unused) code. It spat out 304 function names ... I went through these are deleted many of them, making others static (finddead also reports functions that are used only in the local file). in doing this I have almost certainly deleted some useful code. I may have even prevented compilation with some compile options. I apologise. I decided it was better to get rid of this code now and add back the one or two functions that are needed than to keep all this baggage. So, if I have done a bit too much "destroying" then let me know. Keep the swearing to a minimum :) One bit I didn't do is the ubibt code. Chris, can you look at that? Heaps of unused functions there. Can they be made static? (This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
1998-08-31bounds check next_token() to prevent possible buffer overflowsAndrew Tridgell1-3/+7
(This used to be commit 3eade55dc7c842bdc50205c330802d211fae54d3)
1998-08-24Changed ASSERT macros to SMB_ASSERT macros as some systems alreadyJeremy Allison1-3/+3
have an ASSERT macro defined. Jeremy. (This used to be commit dbe6ad014a8b5dcbf17d7cd9865650c2e040d666)
1998-08-22added ASSERT() and ASSERT_ARRAY() macros and sprinkled them liberallyAndrew Tridgell1-0/+3
in the rpc code. (This used to be commit e6ce1c5b5a9f29d8fcbbd23019186ff5c600e795)
1998-06-13Makefile: Added ubi_sLinkList.o as the groupname.o file needs it. Added ↵Jeremy Allison1-24/+63
groupname.o includes.h: Added ubi_sLinkList.h include. loadparm.c: Added groupname map parameter. password.c: Fix HPUX big_crypt. username.c: New user_in_list() code. Moved groupname map code to groupname.c lib/rpc/server/srv_util.c: Added lookup_wellknown_sid_from_name(). New groupname map stuff. Note that nothing currently uses this but at compiles ok. Jeremy. (This used to be commit beef636a4d772457816ef068c62ea965d07131f6)
1998-06-12ipc.c: map_username is now a BOOL function.Jeremy Allison1-25/+27
reply.c: map_username is now a BOOL function. server.c: Added capability to do map_username on service names when looking for a home directory. That's what the original code would do. lib/rpc/server/srv_util.c: Changed domain_ to builtin_ for BUILTIN aliases. username.c: Work in progress on groupname map parameter. Jeremy (This used to be commit fa95fae5eed95aff64f0a01825477610a101bbc7)
1998-06-09loadparm.c: Removed 'domain other sids' parameter.Jeremy Allison1-10/+10
lib/rpc/include/rpc_lsa.h: Changed #defines for RPC calls - moved some, made LSA_LOOKUPNAMES correct. lib/rpc/include/rpc_misc.h: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx. Changed bitmasks for uid to rid to be 1 bit. lib/rpc/parse/parse_misc.c: Changed make_unistr2 to put length as given, max length as one more. lib/rpc/server/srv_netlog.c: Removed 'domain other sids' parameter. lib/rpc/server/srv_samr.c: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx. lib/rpc/server/srv_util.c: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx. Jeremy. (This used to be commit 34c91840a3d8c252715dc2f749b7a3b171a5b74f)
1998-06-04added "domain admin group" and "domain guest group" parameters. this isLuke Leighton1-5/+5
because "domain admin users" and "domain guest users" was overloaded. incorrectly. (This used to be commit 04b824007263ac4879c7282a2d230deaac7d2c7b)
1998-05-19ldap.c :Luke Leighton1-8/+4
- added support for some of the new passdb_ops functions. - removed functions that are supported "indirectly" through passdb.c nisppass.c : - modified make_nisname_from_xxx() functions to take a "file" arg. - turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid() functionality is available through "indirect" support in passdb.c - removed functions that are supported "indirectly" through passdb.c - added support for some of the new passdb_ops functions. passdb.c : - created getsam21pwrid() function to go alongside getsam21pwuid. it is not expected that getsam21pwuid ever be used, certainly not from the lib/rpc code. - created getsamdisprid() and getsamdispent(). these are primarily for support of SamrQueryDisplayInfo, however given that they [struct sam_disp_info] return username, rid and fullname, there may be further instances where these functions will be useful. - added support where either the get/add/mod-smb or get/add/mod-sam21 functions are optional. this can be done very easily by checking whether the struct passdb_ops table functions are NULL or not. documented this capability in the notes at the top of the module. - where unix uid was referenced, use uid_t. - where unix gid was referenced, use gid_t. smb.h : - added sam_disp_info functions to passdb_ops. - added getsam21pwrid() function. smbpass.c : - added reference to iterate_getsam21pwrid(). lib/rpc/server/srv_samr.c : - removed group rid code added to get_user_info_21() code: this had been added in the wrong place. the client / server should already know whether it wants to do a lookup by user rid or by group rid. the test of whether the rid is a user or group rid has been left in because this may become useful consistency-check code. - converted back to getsam21pwrid() not getsam21pwuid(pdb_user_rid_to_uid()). this is because the unix uid to user rid mapping can be non-monotonic in some password database systems, and monotonic in others. imposing the restriction by converting immediately from rid to uid at this point is inadviseable, and will place this potential restriction on _all_ password database systems, not just some which, for whatever reason, do not support user rids. it should be up to the individual password database writer to convert from user rid to unix uid, should that module not support rids. lib/rpc/server/srv_util.c : - got lookup_user_name() to call getsamdisprid() not getsmbpwuid(). a bug was introduced (or at least the bug already there was not fixed) whereby the nt user rid was converted to a unix uid, and then not used. (This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-18chgpasswd.c: Changed back to getsmb... from getsam...Jeremy Allison1-2/+2
ldap.c: Stoped dummy_function being prototyped. loadparm.c: Fixed slprintf sizes. nisppass.c: Fixed safe_strcpy sizes. nmbd_processlogon.c: Changed back to getsmb... from getsam... nttrans.c: Just a dump of new code. passdb.c: Moved stuff around a lot - stopped any lookups by rid. This needs to be indirected through a function table (soon). password.c: Changed back to getsmb... from getsam... reply.c: Changed back to getsmb... from getsam... slprintf.c: Fixed prototype problems. smb.h: Fixed prototype problems. smbpass.c: Changed to getsmbfile.... smbpasswd.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup. lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam... Jeremy. (This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
1998-05-18- renamed some of the passdb.c functions: they have a prefix pdb_ on themLuke Leighton1-1/+1
- split smbpass.c "password file lock" routines into smbpassfile.c: moved trust account routines into smbpassfile.c as well (This used to be commit 3e48b4eb113cc5e1c6794d7ac699fd9ac47c654a)
1998-05-14chgpasswd.c: Added comments to #ifdefsJeremy Allison1-50/+67
ipc.c: Caused samba password changing not to be done if UNIX password changing requested and not successful. util.c: Added string_to_sid() and sid_to_string() functions. lib/rpc/client/cli_samr.c: lib/rpc/include/rpc_misc.h: lib/rpc/parse/parse_lsa.c: lib/rpc/parse/parse_misc.c: lib/rpc/parse/parse_net.c: lib/rpc/parse/parse_samr.c: lib/rpc/server/srv_lsa.c: lib/rpc/server/srv_lsa_hnd.c: lib/rpc/server/srv_netlog.c: lib/rpc/server/srv_samr.c: lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs around as char *, they are converted to DOM_SID at the earliest opportunity, and passed around as that. Also added dynamic memory allocation of group sids. Preparing to auto-generate machine sid. Jeremy. (This used to be commit 134d6fa79c1b6b9505a2c84ba9bfb91dd3be76e5)
1998-05-12This is a security audit change of the main source.Jeremy Allison1-6/+6
It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
1998-05-11ldap back-end database developmentLuke Leighton1-126/+38
Makefile: created PASSBD_OBJ group includes.h: added #ifdef USE_LDAP to #include <ldap> headers ldap.c: - renamed "_machine" to "_trust" everywhere. - added sam_passwd support routines - removed get_ldappwd_entry function: replaced with get_sampwd_entry - removed getldappwnam/uid: replaced with getsampwnam/uid - other messing about bits which are probably going to annoy the hell out of jean-francois (sorry!) mkproto.awk: - added stuff to wrap ldap.c protos with #ifdef USE_LDAP - added uid_t and gid_t return results to the prototype generation passdb.c: - created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry. - modified getsampwnam/uid and created getsam21pwnam/rid functions to replace the local get_smbpwd_entry() and get_ldappwd_entry() functions, which jeremy didn't like anyway because they were dual-purpose. - added utility routines which are or may be useful to all the password database routines. password.c: - renamed "machine_" to "trust_" everywhere. smbpass.c: - removed get_smbpwd_entry function: replaced it with get_sampwd_entry functions in passdb.c - moved code that decoded acct_ctrl into passdb.c - moved encode_acct_ctrl into passdb.c - removed getsmbpwnam/uid: replaced with getsampwnam/uid - renamed "machine_" to "trust_" everywhere. smbpasswd.c: - renamed "machine_" to "trust_" everywhere. util.c: - moved gethexpwd function into passdb.c lib/rpc/server/srv_util.c: - moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c (This used to be commit 673ab50c4c2c25db355d90efde3a6bfbb4d8369e)
1998-05-07created "passdb.c" which is an interface point to (at present) eitherLuke Leighton1-2/+2
smbpasswd or ldap passwd, at compile-time (-DUSE_LDAP). _none_ of the functions in ldap.c or smbpass.c should be called directly: only those in passdb.c should be used. -DUSE_LDAP is unlikely to compile at the moment. (This used to be commit 57b01ad4ffb14ebd600d4e66602b54ed987f6106)