summaryrefslogtreecommitdiff
path: root/source3/smbd/uid.c
AgeCommit message (Collapse)AuthorFilesLines
2001-10-29This commit is number 3 of 4.Andrew Bartlett1-1/+1
In particular this commit focuses on: Changing the Get_Pwnam code so that it can work in a const-enforced environment. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes allow for 'const' in the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username (This used to be commit e7634f81c5116ff4addfb7e495f54b6bb78e8f77)
2001-10-19client : Fixed error return.Jeremy Allison1-1/+1
uid.c: Added missing void. Jeremy. (This used to be commit c2e06ed2219860479868fd1ac18013ae4f891e10)
2001-10-18Merge the become_XXX -> change_to_XXX fixes from 2.2.2 to HEAD.Jeremy Allison1-20/+122
Ensure make_conection() can only be called as root. Jeremy. (This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
2001-10-12fixed compiler warning.Tim Potter1-1/+1
(This used to be commit 2d5b0f7ad865f92668954f87fd3b116a7abffa10)
2001-10-09Fixes from John Trostel (modified somewhat by me) to ensure that all lookup_XXJeremy Allison1-14/+16
functions correctly deal with the SID_NAME_TYPE. One fix for connection user lookup in LSA. Jeremy. (This used to be commit 29730027d8118ec7d207c89d0fd7fb24ac173fde)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-2/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-07-28Fix invalid uid being used after logoff. Thanks to Nigel WilliamsJeremy Allison1-2/+1
for this bug report. Jeremy. (This used to be commit 50d8e5b22f2c2c792e3a2d33e00a1c9caab48981)
2001-07-04strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell1-1/+1
can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
2001-04-15Fixed potential bug in "become_guest" pointed out by elrond. Get_Pwnam()Jeremy Allison1-6/+13
returns a pointer to changable storage so ensure we save the details and don't use the pointer directly. Jeremy. (This used to be commit d9fdaae54ee3a267aebd02ff6058a98aefc084c2)
2001-03-20Fix for crash when doing name lookup with a quoted string. Part ofJeremy Allison1-2/+1
lookup_name was expecting to be able to write to the string. Changed lookup_name to use const. Jeremy. (This used to be commit 80c18d88491f1148ade623e81c33f84ba4f952f3)
2001-03-11Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison1-4/+0
RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
2001-02-16Excise snprintf -> slprintf.Jeremy Allison1-3/+12
srv_samr.c: duplicate gid fix. srv_spoolss_nt.c: Merge of JF's work. uid.c: Fix for returning names when a PDC. Jeremy. (This used to be commit d938ad6963a2dd4eda930d508600ec1902dc2b16)
2001-01-11rpc_server/srv_samr.c:Jeremy Allison1-1/+1
smbd/reply.c: Added fix needed for appliances. When using winbindd - a new user may exist (from winbind) but have no home directory. Extend add user script so it is called with a %H substitution when a user exists but their home directory does not. Thanks to Alex Win at VA Linux for finding this one and testing the fix. libsmb/clidgram.c: Fixed missing return statements. smbd/uid.c: Fixed typo in debug. Jeremy. (This used to be commit 7ba0a2192b89954604dd793c537b4a17c2d1ac07)
2000-12-12Removed the special casing of SIDs in se_access_check. This is now done ↵Jeremy Allison1-1/+6
(correctly) when the NT_USER_TOKEN is *created*. Jeremy. (This used to be commit 27d72ed1cf8ece2bede812341279ba5a7262ace4)
2000-11-14Merge from appliance head of JR's changes for driver versioning.Jeremy Allison1-13/+37
Jeremy. (This used to be commit cdbd2e99775642dc2e92004be9014bf38a92d80f)
2000-11-13Large commit which restructures the local password storage API.Gerald Carter1-1/+1
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+) are broken, but they were somewhat broken before. :) The following functions implement the storage manipulation interface /*The following definitions come from passdb/pdb_smbpasswd.c */ BOOL pdb_setsampwent (BOOL update); void pdb_endsampwent (void); SAM_ACCOUNT* pdb_getsampwent (void); SAM_ACCOUNT* pdb_getsampwnam (char *username); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass); BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override); BOOL pdb_delete_sam_account (char* username); There is also a host of pdb_set..() and pdb_get..() functions for manipulating SAM_ACCOUNT struct members. Note that the struct passdb_ops {} has gone away. Also notice that struct smb_passwd (formally in smb.h) has been moved to passdb/pdb_smbpasswd.c and is not accessed outisde of static internal functions in this file. All local password searches should make use of the the SAM_ACCOUNT struct and the previously mentioned functions. I'll write some documentation for this later. The next step is to fix the TDB passdb backend, then work on spliting the backends out into share libraries, and finally get the LDAP backend going. What works and may not: o domain logons from Win9x works o domain logons from WinNT 4 works o user and group enumeration as implemented by Tim works o file and print access works o changing password from Win9x & NT ummm...i'll fix this tonight :) If I broke anything else, just yell and I'll fix it. I think it should be fairly quite. -- jerry (This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
2000-11-04Fix for admin user being ignored.Jeremy Allison1-0/+1
Jeremy. (This used to be commit f0dcc39d34202ed67d778ff40166856d4c2ad87b)
2000-10-13Fix to allow smbd to call winbindd if it is running for all group enumeration,Jeremy Allison1-0/+226
falling back to the UNIX calls on error. This should fix all problems with smbd enumerating all users in all groups in all trusted domains via winbindd. Also changed GETDC to query 1C name rather than 1b name as only the PDC registers 1b. Jeremy. (This used to be commit 5b0038a2afd8abbd6fd4a58f5477a40d1926d498)
2000-08-09Fixed memory leak with NT tokens.Jeremy Allison1-2/+20
Added debug messages to se_access_check(). Added FULL_ACCESS acl to default acl on printers. Jeremy. (This used to be commit 7507f6f408cf8b0f8d7e2b3da54ce5fb5ef5343b)
2000-08-04Fixed up the user/group contexts when using authenticated pipes.Jeremy Allison1-2/+1
Added a become_root()/unbecome_root() (push/pop security context) around the initgroups() call to ensure it would succeed. Hmmm - I wonder if this call being done as non-root might explain any "group access" bugs we've had in the past.... Jeremy. (This used to be commit 06a65972e872f37d88b84f22ea714feebd38f6c0)
2000-08-03Added an NT_USER_TOKEN structure that is copied/passed around associatedJeremy Allison1-3/+5
with the current user. This will allow se_access_check() to quickly do a SD check without having to translate uid/gid's to SIDs. Still needs work on pipe calls. Jeremy. (This used to be commit e28d01b744b3dbd33e0e54af4e7f426fa8c082b8)
2000-08-02Started to canonicalize our handling of uid -> sid code in order toJeremy Allison1-10/+13
get ready and fix se_access_check(). Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid() functions that look via winbind first the fall back on local lookup. All Samba should use these rather than trying to call winbindd code directly. Added NT_USER_TOKEN struct in user_struct, contains list of NT sids associated with this user. se_access_check() should use this (cached) value rather than attempting to do the same thing itself when given a uid/gid pair. More work needs to be done to preserve these things accross security context changes (especially with the tricky pipe problem) but I'm beginning to see how this will be done..... probably by registering a new vuid for an authenticated RPC pipe and not treating the pipe calls specially. More thoughts needed - but we're almost there... Jeremy. (This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
2000-07-06Moved authenticated pipe user details into a current_user struct.Tim Potter1-1/+1
(This used to be commit 3c4a5f624bfa69eb81d998530d9227e158edd109)
2000-07-03Some more sec_ctx changes. Modified some fields in the pipe_structTim Potter1-1/+2
structure so authenticated pipe users can have their unix groups set when become_authenticated_pipe_user() is called. (This used to be commit 55c9bf124dc661df43bfe582ef14b1297aeaf0fa)
2000-06-23Added return for become_authenticated_pipe_user() function.Tim Potter1-0/+2
(This used to be commit d0f55e04c9400481e4a981431715e167a8246e45)
2000-06-23Moved some static functions to sec_ctx.cTim Potter1-222/+30
Implemented become_root() and friends in terms of push/pop/set security contexts. (This used to be commit 0bcdcd0606fc2b6aba35b03255aad5bb2bd8e848)
2000-05-10more merging voodooAndrew Tridgell1-0/+4
this adds "#define OLD_NTDOMAIN 1" in lots of places. Don't panic - this isn't permanent, it should go after another few merge steps have been done (This used to be commit 92109d7b3c06f240452d39f669ecb8c9c86ab610)
2000-05-02split the username in the vuser structure into a separateAndrew Tridgell1-1/+1
userdom_struct. As the name implies this also contains a domain (unused at the moment). This will be important shortly, as operation in appliance mode needs the domain to be always carried with the username. (This used to be commit ee8546342d5be90e730372b985710d764564b124)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-273/+161
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-12-12delineation between smb and msrpc more marked. smbd now constructsLuke Leighton1-9/+115
pdus, and then feeds them over either a "local" function call or a "remote" function call to an msrpc service. the "remote" msrpc daemon, on the other side of a unix socket, then calls the same "local" function that smbd would, if the msrpc service were being run from inside smbd. this allows a transition from local msrpc services (inside the same smbd process) to remote (over a unix socket). removed reference to pipes_struct in msrpc services. all msrpc processing functions take rpcsrv_struct which is a structure containing state info for the msrpc functions to decode and create pdus. created become_vuser() which does everything not related to connection_struct that become_user() does. removed, as best i could, connection_struct dependencies from the nt spoolss printing code. todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific info on a per-connection basis, and if the connection dies then so does the info, and that's a fairly serious problem. had to put pretty much everything that is in user_struct into parse_creds.c to feed unix user info over to the msrpc daemons. why? because it's expensive to do unix password/group database lookups, and it's definitely expensive to do nt user profile lookups, not to mention pretty difficult and if you did either of these it would introduce a complication / unnecessary interdependency. so, send uid/gid/num_groups/gid_t* + SID+num_rids+domain_group_rids* + unix username + nt username + nt domain + user session key etc. this is the MINIMUM info identified so far that's actually implemented. missing bits include the called and calling netbios names etc. (basically, anything that can be loaded into standard_sub() and standard_sub_basic()...) (This used to be commit aa3c659a8dba0437c17c60055a6ed30fdfecdb6d)
1999-06-13Moved code that changes the pw_passwd entry (i.e shadow password andTim Potter1-1/+1
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug. Note that the Get_Pwnam() function now returns a const struct passwd * as a hint to other developers not to change entries in the struct passwd. (This used to be commit 36d7cb4ccc42268e8e6a7b783c945d1853624958)
1999-04-01Ken McDonell from SGI was interested in adding some profilingAndrew Tridgell1-0/+4
capabilities to Samba so that Samba could talk to the SGI PCP (Performance Co-Pilot) apps. This change adds a profiling shared memory area and uses it to count two fairly trivial things, the number of uid switches and the number of SMB packets processes. To add more just edit include/profile.h and then increment it at the right place. I've also added a -P switch to smbstatus to dump the profile area. (This used to be commit ef3d61a80ad0b87c196a63ef2bd4fe8fc3863bd0)
1998-11-25Makefile.in: Added maintainer mode fixes.Jeremy Allison1-5/+5
aclocal.m4: Added AC_LIBTESTFUNC. configure.in: Fixed -lsecurity -lsec problems. client.c: dos_ fixes. groupdb/aliasunix.c: Dead code removal. include/includes.h: Added default PRINTCAP_NAME. lib/genrand.c: dos_ fixes. lib/replace.c: Added strtoul. lib/system.c: dos_ fixes. lib/util.c: dos_ fixes. lib/util_sid.c: Signed/unsigned fixes. lib/util_str.c: removed bad const. locking/locking_slow.c: dos_ fixes. printing/printing.c: dos_ fixes. rpc_server/srv_samr.c: Dead code removal. rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN ! smbd/dir.c: dos_ fixes. smbd/open.c: dos_ fixes. smbd/oplock.c: dos_ fixes. smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes. Jeremy. (This used to be commit 6acb4b68f68d516e2ac3c47e500f5600d653435e)
1998-11-12extracted the password change code from smbpasswd and used it in swatAndrew Tridgell1-0/+2
instead of opening pipes and other horrible stuff. (This used to be commit 49bf19710345a59a2d17cd449be1a132885ed821)
1998-09-29Got very strict about the differences and uses ofJeremy Allison1-19/+19
uid_t, gid_t and vuid. Added sys_getgroups() to get around the int * return problem. Set correct datatypes for all uid, gid and vuid variables. Jeremy. (This used to be commit e570db46fc3a78e499523fd342e9a34cebb18998)
1998-08-17moved connection_struct handling code into smbd/conn.c and changed itAndrew Tridgell1-1/+1
to a linked list with bitmap format. (This used to be commit b7aaab1b6b2d2f72b2bb7c11f5c7bf081a6093d9)
1998-08-15configure: Changes for extra headers.Jeremy Allison1-4/+4
configure.in: Source for header changes. client/clitar.c: Fixed isXXX macros & debugs for gcc pedantic compile. include/config.h.in: Added MEMSET, BZERO, MEMORY, RPCSVC_YPCLNT, STRINGS headers. include/includes.h: Headers for the above. include/smb.h: Made SIGNAL_CAST POSIX by default void (*)(int). lib/access.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/charset.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/debug.c: Fixed signal functs. lib/kanji.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/smbrun.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/util.c: Fixed isXXX macros & debugs for gcc pedantic compile. libsmb/namequery.c: Fixed isXXX macros & debugs for gcc pedantic compile. locking/shmem.c: Fixed isXXX macros & debugs for gcc pedantic compile. locking/shmem_sysv.c: Fixed error messages in sysV stuff. nmbd/asyncdns.c: Fixed signal functs. nmbd/nmbd.c: Fixed isXXX macros & debugs for gcc pedantic compile. passdb/passdb.c: Fixed isXXX macros & debugs for gcc pedantic compile. passdb/smbpassfile.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/chgpasswd.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/ipc.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/nttrans.c: Fixed fsp code path. smbd/password.c: fixed HAVE_YP_GET_DEFAULT_DOMAIN problem. smbd/printing.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/reply.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/server.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/trans2.c: Fixed core dump bug. smbd/uid.c: Fixed isXXX macros & debugs for gcc pedantic compile. Jeremy. (This used to be commit 1b9cbcd02e575dc0a95fa589f720df30a4acc46b)
1998-08-14this is the bug change to using connection_struct* instead of cnum.Andrew Tridgell1-225/+78
Connections[] is now a local array in server.c I might have broken something with this change. In particular the oplock code is suspect and some .dll files aren't being oplocked when I expected them to be. I'll look at it after I've got some sleep. (This used to be commit c7ee025ead4a85b6fa44a832047b878451845fb6)
1998-08-04nttrans.c: Fix change_notify. Queue processing code wasn't changing toJeremy Allison1-1/+12
the correct directory before doing the stat. Doh ! uid.c: Fix for performance in security=share mode. Invalid vuid meant that in security=share mode Samba was always doing the become_user/ undebome_user pairs for *every* smb. This code fixes it, but tridge should review for security implications. Jeremy. (This used to be commit c3663379fdcec487feea2e5d848ee012ee6c6baf)
1998-07-31As per a Andrew's message, I went through and removed the timestring()Christopher R. Hertel1-2/+1
timestamps from several DEBUG messages. The timestamps are redundant now that DEBUG() provides them automatically. There are still a few more files to do, but I've got to get home for dinner. Chris -)----- (This used to be commit 60286ccecaa6028d687e6406755016455e3b3a26)
1998-07-29get rid of the runtime test for broken getgroups() and add a compileAndrew Tridgell1-2/+0
time test instead. This also allows us to get rid of the igroups element of a couple of structures. (This used to be commit 8b25fe734166b76ceebf8d9543c706ebe0fddc96)
1998-07-29merge from the autoconf2 branch to the main branchAndrew Tridgell1-204/+75
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
1998-07-27chgpasswd.c: Fixed up debug calls to stop crashes if ptsname failed.Jeremy Allison1-2/+0
local.h: Kept FSTYPE_STRING as Samba for now. nmbd_browsesync.c: Added bugfix from Matt Chapman mattyc@cyberdude.com - lmb_browserlist is now a struct ubi_dlList not a struct browse_cache_record *. server.c: smb.h: uid.c: password.c: Removed attrs code - it is not used anywhere. Jeremy (This used to be commit ef1af7fe6d5c58ae57b8e4efff0729e1a315da43)
1998-07-10AIX patch from Michael Wojcik <mww@microfocus.com> adding detailJeremy Allison1-4/+135
to the AIX specific (and undocumented) setpriv and setuidx calls. Jeremy. (This used to be commit 7a8d0a4ed4e07090bfe776b5544712274d2426e4)
1998-05-11changed to use slprintf() instead of sprintf() just aboutAndrew Tridgell1-1/+1
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
1998-05-07This should (hopefully :-) be the final fix for the %U %G substitutionJeremy Allison1-6/+0
problem.... smbpass.c: Removed Luke's dire warning - as some of the functions in here *need* to be called externally :-). Jeremy. (This used to be commit 1fd8d12ca414066acec71b33eb8a13e16c2acd3a)
1998-05-06Fixes for the %U and %G problems people have reported.Jeremy Allison1-1/+7
Essentially, multiple session_setup_and_X's may be done to an smbd. As there is only one global variable containing the requested connection name (sessionsetup_user), then any subsequent sessionsetups overwrite this name (causing %U and %G to get the wrong name). This is particularly common when an NT client does a null session setup to get a browse list after the user has connected, but before a share has been mounted. These changes store the requested_name in the vuid structure (so this only really works for user level and above security) and copies this name back into the global variable before the standard_sub call. Jeremy. (This used to be commit b5187ad6a3b3af9fbbeee8bced0ab16b41e9825b)
1998-02-11Makefile: Added AIX 3.2.5.Jeremy Allison1-2/+6
loadparm.c: Added "win95 bug compatibility" parameter. local.h: Replaced MAX_OPEN_FILES back to 100 from 10 (oops). reply.c: Fixed ulogoff check against uid - changed to vuid. server.c: Changed file struct save of uid - changed to vuid. smb.h: Changed id in struct current_user to vuid. Changed file struct uid to vuid. time.c: Added "win95 bug compatibility" atime -> mtime return. trans2.c: Added "win95 bug compatibility" fixes. uid.c: Changed id in struct current_user to vuid - added checks to set/reset it. util.c: Added code to expand environment variables. version.h : still at 1.9.18 (head branch doesn't matter too much at present). Jeremy. (This used to be commit adc903bcf59ad1664babd7f1d43675d3a75bfbc9)
1998-01-22This is *not* a big change (although it looks like one).Jeremy Allison1-1/+1
This is merely updating the Copyright statements from 1997 to 1998. It's a once a year thing :-). NO OTHER CHANGES WERE MADE. Jeremy. (This used to be commit b9c16977231efb274e08856f7f3f4408dad6d96c)
1997-12-23Fixed security bug when 'force user' and 'user only' are set.Jeremy Allison1-2/+5
Reported by Brian McCauley <B.A.McCauley@bham.ac.uk>. Jeremy. (This used to be commit 00067800a25d6f5fe11e833a01d5a7a1e76dcc11)