From 76362d0d33892df39c0a370f1f64c8581daaf166 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 9 Aug 2006 15:25:26 +0000 Subject: r17468: To minimize the diff later on, pre-commit some changes independently: Change internal mapping.c functions to return NTSTATUS instead of BOOL. Volker (This used to be commit 4ebfc30a28a6f48613098176c5acdfdafbd2941a) --- source3/groupdb/mapping.c | 216 +++++++++++++++++++-------------------- source3/passdb/pdb_interface.c | 21 ++-- source3/rpc_server/srv_samr_nt.c | 6 +- source3/torture/local-groupmap.c | 5 +- source3/utils/net_groupmap.c | 6 +- source3/utils/net_rpc_samsync.c | 2 +- 6 files changed, 125 insertions(+), 131 deletions(-) diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c index 643c6e517c..589cd3c282 100644 --- a/source3/groupdb/mapping.c +++ b/source3/groupdb/mapping.c @@ -38,15 +38,17 @@ static TDB_CONTEXT *tdb; /* used for driver files */ #define MEMBEROF_PREFIX "MEMBEROF/" -static BOOL enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap, - size_t *p_num_entries, BOOL unix_only); +static NTSTATUS enum_group_mapping(const DOM_SID *sid, + enum SID_NAME_USE sid_name_use, + GROUP_MAP **pp_rmap, + size_t *p_num_entries, BOOL unix_only); static BOOL group_map_remove(const DOM_SID *sid); /**************************************************************************** Open the group mapping tdb. ****************************************************************************/ -static BOOL init_group_mapping(void) +static NTSTATUS init_group_mapping(void) { const char *vstring = "INFO/version"; int32 vers_id; @@ -54,12 +56,13 @@ static BOOL init_group_mapping(void) size_t num_entries = 0; if (tdb) - return True; + return NT_STATUS_OK; - tdb = tdb_open_log(lock_path("group_mapping.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600); + tdb = tdb_open_log(lock_path("group_mapping.tdb"), 0, TDB_DEFAULT, + O_RDWR|O_CREAT, 0600); if (!tdb) { DEBUG(0,("Failed to open group mapping database\n")); - return False; + return map_nt_error_from_unix(errno); } /* handle a Samba upgrade */ @@ -84,7 +87,9 @@ static BOOL init_group_mapping(void) /* cleanup any map entries with a gid == -1 */ - if ( enum_group_mapping( NULL, SID_NAME_UNKNOWN, &map_table, &num_entries, False ) ) { + if ( NT_STATUS_IS_OK(enum_group_mapping( NULL, SID_NAME_UNKNOWN, + &map_table, &num_entries, + False ))) { int i; for ( i=0; isid); @@ -120,7 +128,7 @@ static BOOL add_mapping_entry(GROUP_MAP *map, int flag) map->gid, map->sid_name_use, map->nt_name, map->comment); if (len > sizeof(buf)) - return False; + return NT_STATUS_NO_MEMORY; slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid); @@ -128,9 +136,11 @@ static BOOL add_mapping_entry(GROUP_MAP *map, int flag) kbuf.dptr = key; dbuf.dsize = len; dbuf.dptr = buf; - if (tdb_store(tdb, kbuf, dbuf, flag) != 0) return False; + if (tdb_store(tdb, kbuf, dbuf, flag) != 0) { + return map_ntstatus_from_tdb(tdb); + } - return True; + return NT_STATUS_OK; } /**************************************************************************** @@ -195,16 +205,19 @@ NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *pmap) Return the sid and the type of the unix group. ****************************************************************************/ -static BOOL get_group_map_from_sid(const DOM_SID *sid, GROUP_MAP *map) +static NTSTATUS get_group_map_from_sid(const DOM_SID *sid, GROUP_MAP *map) { TDB_DATA kbuf, dbuf; pstring key; fstring string_sid; int ret = 0; + NTSTATUS status; - if(!init_group_mapping()) { - DEBUG(0,("failed to initialize group mapping\n")); - return(False); + status = init_group_mapping(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("failed to initialize group mapping: %s\n", + nt_errstr(status))); + return status; } /* the key is the SID, retrieving is direct */ @@ -216,8 +229,9 @@ static BOOL get_group_map_from_sid(const DOM_SID *sid, GROUP_MAP *map) kbuf.dsize = strlen(key)+1; dbuf = tdb_fetch(tdb, kbuf); - if (!dbuf.dptr) - return False; + if (!dbuf.dptr) { + return NT_STATUS_NOT_FOUND; + } ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff", &map->gid, &map->sid_name_use, &map->nt_name, &map->comment); @@ -226,27 +240,30 @@ static BOOL get_group_map_from_sid(const DOM_SID *sid, GROUP_MAP *map) if ( ret == -1 ) { DEBUG(3,("get_group_map_from_sid: tdb_unpack failure\n")); - return False; + return NT_STATUS_INTERNAL_DB_CORRUPTION; } sid_copy(&map->sid, sid); - return True; + return NT_STATUS_OK; } /**************************************************************************** Return the sid and the type of the unix group. ****************************************************************************/ -static BOOL get_group_map_from_gid(gid_t gid, GROUP_MAP *map) +static NTSTATUS get_group_map_from_gid(gid_t gid, GROUP_MAP *map) { TDB_DATA kbuf, dbuf, newkey; fstring string_sid; int ret; + NTSTATUS status; - if(!init_group_mapping()) { - DEBUG(0,("failed to initialize group mapping\n")); - return(False); + status = init_group_mapping(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("failed to initialize group mapping: %s\n", + nt_errstr(status))); + return status; } /* we need to enumerate the TDB to find the GID */ @@ -272,31 +289,34 @@ static BOOL get_group_map_from_gid(gid_t gid, GROUP_MAP *map) if ( ret == -1 ) { DEBUG(3,("get_group_map_from_gid: tdb_unpack failure\n")); - return False; + return NT_STATUS_INTERNAL_DB_CORRUPTION; } if (gid==map->gid) { SAFE_FREE(kbuf.dptr); - return True; + return NT_STATUS_OK; } } - return False; + return NT_STATUS_NOT_FOUND; } /**************************************************************************** Return the sid and the type of the unix group. ****************************************************************************/ -static BOOL get_group_map_from_ntname(const char *name, GROUP_MAP *map) +static NTSTATUS get_group_map_from_ntname(const char *name, GROUP_MAP *map) { TDB_DATA kbuf, dbuf, newkey; fstring string_sid; int ret; + NTSTATUS status; - if(!init_group_mapping()) { - DEBUG(0,("get_group_map_from_ntname:failed to initialize group mapping\n")); - return(False); + status = init_group_mapping(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("get_group_map_from_ntname: failed to initialize " + "group mapping: %s\n", nt_errstr(status))); + return status; } /* we need to enumerate the TDB to find the name */ @@ -322,16 +342,16 @@ static BOOL get_group_map_from_ntname(const char *name, GROUP_MAP *map) if ( ret == -1 ) { DEBUG(3,("get_group_map_from_ntname: tdb_unpack failure\n")); - return False; + return NT_STATUS_INTERNAL_DB_CORRUPTION; } if ( strequal(name, map->nt_name) ) { SAFE_FREE(kbuf.dptr); - return True; + return NT_STATUS_OK; } } - return False; + return NT_STATUS_NOT_FOUND; } /**************************************************************************** @@ -344,7 +364,7 @@ static BOOL group_map_remove(const DOM_SID *sid) pstring key; fstring string_sid; - if(!init_group_mapping()) { + if(!NT_STATUS_IS_OK(init_group_mapping())) { DEBUG(0,("failed to initialize group mapping\n")); return(False); } @@ -373,8 +393,10 @@ static BOOL group_map_remove(const DOM_SID *sid) Enumerate the group mapping. ****************************************************************************/ -static BOOL enum_group_mapping(const DOM_SID *domsid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap, - size_t *p_num_entries, BOOL unix_only) +static NTSTATUS enum_group_mapping(const DOM_SID *domsid, + enum SID_NAME_USE sid_name_use, + GROUP_MAP **pp_rmap, + size_t *p_num_entries, BOOL unix_only) { TDB_DATA kbuf, dbuf, newkey; fstring string_sid; @@ -384,10 +406,13 @@ static BOOL enum_group_mapping(const DOM_SID *domsid, enum SID_NAME_USE sid_name size_t entries=0; DOM_SID grpsid; uint32 rid; + NTSTATUS status; - if(!init_group_mapping()) { - DEBUG(0,("failed to initialize group mapping\n")); - return(False); + status = init_group_mapping(); + if(!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("failed to initialize group mapping: %s\n", + nt_errstr(status))); + return status; } *p_num_entries=0; @@ -447,7 +472,7 @@ static BOOL enum_group_mapping(const DOM_SID *domsid, enum SID_NAME_USE sid_name (*pp_rmap) = SMB_REALLOC_ARRAY((*pp_rmap), GROUP_MAP, entries+1); if (!(*pp_rmap)) { DEBUG(0,("enum_group_mapping: Unable to enlarge group map!\n")); - return False; + return NT_STATUS_NO_MEMORY; } mapt = (*pp_rmap); @@ -464,7 +489,7 @@ static BOOL enum_group_mapping(const DOM_SID *domsid, enum SID_NAME_USE sid_name *p_num_entries=entries; - return True; + return NT_STATUS_OK; } /* This operation happens on session setup, so it should better be fast. We @@ -477,7 +502,7 @@ static NTSTATUS one_alias_membership(const DOM_SID *member, TDB_DATA kbuf, dbuf; const char *p; - if (!init_group_mapping()) { + if (!NT_STATUS_IS_OK(init_group_mapping())) { DEBUG(0,("failed to initialize group mapping\n")); return NT_STATUS_ACCESS_DENIED; } @@ -558,12 +583,12 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member) char *new_memberstring; int result; - if(!init_group_mapping()) { + if(!NT_STATUS_IS_OK(init_group_mapping())) { DEBUG(0,("failed to initialize group mapping\n")); return NT_STATUS_ACCESS_DENIED; } - if (!get_group_map_from_sid(alias, &map)) + if (!NT_STATUS_IS_OK(get_group_map_from_sid(alias, &map))) return NT_STATUS_NO_SUCH_ALIAS; if ( (map.sid_name_use != SID_NAME_ALIAS) && @@ -661,12 +686,12 @@ static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num) GROUP_MAP map; struct aliasmem_closure closure; - if(!init_group_mapping()) { + if(!NT_STATUS_IS_OK(init_group_mapping())) { DEBUG(0,("failed to initialize group mapping\n")); return NT_STATUS_ACCESS_DENIED; } - if (!get_group_map_from_sid(alias, &map)) + if (!NT_STATUS_IS_OK(get_group_map_from_sid(alias, &map))) return NT_STATUS_NO_SUCH_ALIAS; if ( (map.sid_name_use != SID_NAME_ALIAS) && @@ -771,14 +796,16 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member) /* get a domain group from it's SID */ -BOOL get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map) +NTSTATUS get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map) { struct group *grp; - BOOL ret; - - if(!init_group_mapping()) { - DEBUG(0,("failed to initialize group mapping\n")); - return(False); + NTSTATUS status; + + status = init_group_mapping(); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("failed to initialize group mapping: %s\n", + nt_errstr(status))); + return status; } DEBUG(10, ("get_domain_group_from_sid\n")); @@ -786,12 +813,12 @@ BOOL get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map) /* if the group is NOT in the database, it CAN NOT be a domain group */ become_root(); - ret = NT_STATUS_IS_OK(pdb_getgrsid(map, sid)); + status = pdb_getgrsid(map, sid); unbecome_root(); /* special case check for rid 513 */ - if ( !ret ) { + if ( !NT_STATUS_IS_OK(status) ) { uint32 rid; sid_peek_rid( sid, &rid ); @@ -802,23 +829,23 @@ BOOL get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map) sid_copy( &map->sid, sid ); map->sid_name_use = SID_NAME_DOM_GRP; - return True; + return NT_STATUS_OK; } - return False; + return status; } DEBUG(10, ("get_domain_group_from_sid: SID found in the TDB\n")); /* if it's not a domain group, continue */ if (map->sid_name_use!=SID_NAME_DOM_GRP) { - return False; + return NT_STATUS_OBJECT_TYPE_MISMATCH; } DEBUG(10, ("get_domain_group_from_sid: SID is a domain group\n")); if (map->gid==-1) { - return False; + return NT_STATUS_NOT_FOUND; } DEBUG(10, ("get_domain_group_from_sid: SID is mapped to gid:%lu\n",(unsigned long)map->gid)); @@ -826,12 +853,12 @@ BOOL get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map) grp = getgrgid(map->gid); if ( !grp ) { DEBUG(10, ("get_domain_group_from_sid: gid DOESN'T exist in UNIX security\n")); - return False; + return NT_STATUS_NOT_FOUND; } DEBUG(10, ("get_domain_group_from_sid: gid exists in UNIX security\n")); - return True; + return NT_STATUS_OK; } /**************************************************************************** @@ -975,36 +1002,31 @@ int smb_delete_user_group(const char *unix_group, const char *unix_user) NTSTATUS pdb_default_getgrsid(struct pdb_methods *methods, GROUP_MAP *map, const DOM_SID *sid) { - return get_group_map_from_sid(sid, map) ? - NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; + return get_group_map_from_sid(sid, map); } NTSTATUS pdb_default_getgrgid(struct pdb_methods *methods, GROUP_MAP *map, gid_t gid) { - return get_group_map_from_gid(gid, map) ? - NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; + return get_group_map_from_gid(gid, map); } NTSTATUS pdb_default_getgrnam(struct pdb_methods *methods, GROUP_MAP *map, const char *name) { - return get_group_map_from_ntname(name, map) ? - NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; + return get_group_map_from_ntname(name, map); } NTSTATUS pdb_default_add_group_mapping_entry(struct pdb_methods *methods, GROUP_MAP *map) { - return add_mapping_entry(map, TDB_INSERT) ? - NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; + return add_mapping_entry(map, TDB_INSERT); } NTSTATUS pdb_default_update_group_mapping_entry(struct pdb_methods *methods, GROUP_MAP *map) { - return add_mapping_entry(map, TDB_REPLACE) ? - NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; + return add_mapping_entry(map, TDB_REPLACE); } NTSTATUS pdb_default_delete_group_mapping_entry(struct pdb_methods *methods, @@ -1015,12 +1037,14 @@ NTSTATUS pdb_default_delete_group_mapping_entry(struct pdb_methods *methods, } NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods, - const DOM_SID *sid, enum SID_NAME_USE sid_name_use, - GROUP_MAP **pp_rmap, size_t *p_num_entries, - BOOL unix_only) + const DOM_SID *sid, + enum SID_NAME_USE sid_name_use, + GROUP_MAP **pp_rmap, + size_t *p_num_entries, + BOOL unix_only) { - return enum_group_mapping(sid, sid_name_use, pp_rmap, p_num_entries, unix_only) ? - NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; + return enum_group_mapping(sid, sid_name_use, pp_rmap, p_num_entries, + unix_only); } NTSTATUS pdb_default_create_alias(struct pdb_methods *methods, @@ -1187,40 +1211,6 @@ NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods, return NT_STATUS_OK; } -/**************************************************************************** - These need to be redirected through pdb_interface.c -****************************************************************************/ -BOOL pdb_get_dom_grp_info(const DOM_SID *sid, struct acct_info *info) -{ - GROUP_MAP map; - BOOL res; - - become_root(); - res = get_domain_group_from_sid(sid, &map); - unbecome_root(); - - if (!res) - return False; - - fstrcpy(info->acct_name, map.nt_name); - fstrcpy(info->acct_desc, map.comment); - sid_peek_rid(sid, &info->rid); - return True; -} - -BOOL pdb_set_dom_grp_info(const DOM_SID *sid, const struct acct_info *info) -{ - GROUP_MAP map; - - if (!get_domain_group_from_sid(sid, &map)) - return False; - - fstrcpy(map.nt_name, info->acct_name); - fstrcpy(map.comment, info->acct_desc); - - return NT_STATUS_IS_OK(pdb_update_group_mapping_entry(&map)); -} - /******************************************************************** Really just intended to be called by smbd ********************************************************************/ diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 8d287cf2ec..7bc78af36b 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -638,7 +638,7 @@ static NTSTATUS pdb_default_delete_dom_group(struct pdb_methods *methods, sid_compose(&group_sid, get_global_sam_sid(), rid); - if (!get_domain_group_from_sid(&group_sid, &map)) { + if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map))) { DEBUG(10, ("Could not find group for rid %d\n", rid)); return NT_STATUS_NO_SUCH_GROUP; } @@ -698,12 +698,14 @@ NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid) return pdb->delete_group_mapping_entry(pdb, sid); } -BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap, - size_t *p_num_entries, BOOL unix_only) +NTSTATUS pdb_enum_group_mapping(const DOM_SID *sid, + enum SID_NAME_USE sid_name_use, + GROUP_MAP **pp_rmap, + size_t *p_num_entries, BOOL unix_only) { struct pdb_methods *pdb = pdb_get_methods(); - return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid, sid_name_use, - pp_rmap, p_num_entries, unix_only)); + return pdb->enum_group_mapping(pdb, sid, sid_name_use, + pp_rmap, p_num_entries, unix_only); } NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx, @@ -814,7 +816,7 @@ static NTSTATUS pdb_default_add_groupmem(struct pdb_methods *methods, sid_compose(&group_sid, get_global_sam_sid(), group_rid); sid_compose(&member_sid, get_global_sam_sid(), member_rid); - if (!get_domain_group_from_sid(&group_sid, &map) || + if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)) || (map.gid == (gid_t)-1) || ((grp = getgrgid(map.gid)) == NULL)) { return NT_STATUS_NO_SUCH_GROUP; @@ -876,7 +878,7 @@ static NTSTATUS pdb_default_del_groupmem(struct pdb_methods *methods, sid_compose(&group_sid, get_global_sam_sid(), group_rid); sid_compose(&member_sid, get_global_sam_sid(), member_rid); - if (!get_domain_group_from_sid(&group_sid, &map) || + if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)) || (map.gid == (gid_t)-1) || ((grp = getgrgid(map.gid)) == NULL)) { return NT_STATUS_NO_SUCH_GROUP; @@ -1848,8 +1850,9 @@ static BOOL pdb_search_grouptype(struct pdb_search *search, return False; } - if (!pdb_enum_group_mapping(sid, type, &state->groups, &state->num_groups, - True)) { + if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(sid, type, &state->groups, + &state->num_groups, + True))) { DEBUG(0, ("Could not enum groups\n")); return False; } diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 0835da4908..a70a49652e 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -4438,7 +4438,7 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM } become_root(); - ret = get_domain_group_from_sid(&group_sid, &map); + ret = NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)); unbecome_root(); if (!ret) return NT_STATUS_INVALID_HANDLE; @@ -4535,7 +4535,7 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_ } become_root(); - result = get_domain_group_from_sid(&group_sid, &map); + result = NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)); unbecome_root(); if (!result) return NT_STATUS_NO_SUCH_GROUP; @@ -4754,7 +4754,7 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G /* check if that group really exists */ become_root(); - ret = get_domain_group_from_sid(&info->sid, &map); + ret = NT_STATUS_IS_OK(get_domain_group_from_sid(&info->sid, &map)); unbecome_root(); if (!ret) return NT_STATUS_NO_SUCH_GROUP; diff --git a/source3/torture/local-groupmap.c b/source3/torture/local-groupmap.c index e83cfece97..d223bd58b7 100644 --- a/source3/torture/local-groupmap.c +++ b/source3/torture/local-groupmap.c @@ -191,8 +191,9 @@ BOOL run_local_groupmap(int dummy) /* This tests upgrading the database, as well as listing */ - if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &maps, &num_maps, - False)) { + if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, + &maps, &num_maps, + False))) { d_fprintf(stderr, "(%s) pdb_enum_group_mapping failed\n", __location__); goto fail; diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index fc16bb8e49..86bec385e7 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -163,7 +163,7 @@ static int net_groupmap_list(int argc, const char **argv) else { GROUP_MAP *map=NULL; /* enumerate all group mappings */ - if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED)) + if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED))) return -1; for (i=0; i