From ffab54750f0eec202895670dd9293ee4aa3eb475 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 18 May 1998 21:30:57 +0000 Subject: chgpasswd.c: Changed back to getsmb... from getsam... ldap.c: Stoped dummy_function being prototyped. loadparm.c: Fixed slprintf sizes. nisppass.c: Fixed safe_strcpy sizes. nmbd_processlogon.c: Changed back to getsmb... from getsam... nttrans.c: Just a dump of new code. passdb.c: Moved stuff around a lot - stopped any lookups by rid. This needs to be indirected through a function table (soon). password.c: Changed back to getsmb... from getsam... reply.c: Changed back to getsmb... from getsam... slprintf.c: Fixed prototype problems. smb.h: Fixed prototype problems. smbpass.c: Changed to getsmbfile.... smbpasswd.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup. lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam... Jeremy. (This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0) --- source3/include/proto.h | 54 ++--- source3/include/smb.h | 6 +- source3/lib/slprintf.c | 2 +- source3/nmbd/nmbd_processlogon.c | 2 +- source3/param/loadparm.c | 4 +- source3/passdb/ldap.c | 2 +- source3/passdb/nispass.c | 20 +- source3/passdb/passdb.c | 473 ++++++++++++++++++++++----------------- source3/passdb/smbpass.c | 126 +++++------ source3/rpc_server/srv_netlog.c | 8 +- source3/rpc_server/srv_samr.c | 48 +++- source3/rpc_server/srv_util.c | 4 +- source3/smbd/chgpasswd.c | 78 +++---- source3/smbd/nttrans.c | 127 +++++++++++ source3/smbd/password.c | 12 +- source3/smbd/reply.c | 14 +- source3/utils/smbpasswd.c | 20 +- 17 files changed, 607 insertions(+), 393 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 6f1f9e038c..aea8543271 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -36,12 +36,12 @@ BOOL chat_with_program(char *passwordprogram,char *name,char *chatsequence, BOOL BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root); BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root); BOOL check_lanman_password(char *user, unsigned char *pass1, - unsigned char *pass2, struct smb_passwd **psampw); -BOOL change_lanman_password(struct smb_passwd *sampw, unsigned char *pass1, unsigned char *pass2); + unsigned char *pass2, struct smb_passwd **psmbpw); +BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsigned char *pass2); BOOL check_oem_password(char *user, unsigned char *data, - struct smb_passwd **psampw, char *new_passwd, + struct smb_passwd **psmbpw, char *new_passwd, int new_passwd_size); -BOOL change_oem_password(struct smb_passwd *sampw, char *new_passwd, BOOL override); +BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL override); /*The following definitions come from client.c */ @@ -1572,21 +1572,21 @@ BOOL pm_process( char *FileName, /*The following definitions come from passdb.c */ -void *startsampwent(BOOL update); -void endsampwent(void *vp); -struct smb_passwd *getsampwent(void *vp); +void *startsmbpwent(BOOL update); +void endsmbpwent(void *vp); +struct smb_passwd *getsmbpwent(void *vp); +unsigned long getsmbpwpos(void *vp); +BOOL setsmbpwpos(void *vp, unsigned long tok); +BOOL add_smbpwd_entry(struct smb_passwd *newpwd); +BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override); +struct smb_passwd *getsmbpwnam(char *name); +struct smb_passwd *getsmbpwuid(uid_t smb_userid); struct sam_disp_info *getsamdispent(void *vp); struct sam_passwd *getsam21pwent(void *vp); -unsigned long getsampwpos(void *vp); -BOOL setsampwpos(void *vp, unsigned long tok); -BOOL add_sampwd_entry(struct smb_passwd *newpwd); BOOL add_sam21pwd_entry(struct sam_passwd *newpwd); -BOOL mod_sampwd_entry(struct smb_passwd* pwd, BOOL override); BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override); struct sam_passwd *getsam21pwnam(char *name); -struct smb_passwd *getsampwnam(char *name); -struct smb_passwd *getsampwuid(uid_t smb_userid); -struct sam_passwd *getsam21pwrid(uint32 rid); +struct sam_passwd *getsam21pwuid(uint32 uid); void pdb_init_dispinfo(struct sam_disp_info *user); void pdb_init_smb(struct smb_passwd *user); void pdb_init_sam(struct sam_passwd *user); @@ -1600,10 +1600,11 @@ uint16 pdb_decode_acct_ctrl(char *p); int pdb_gethexpwd(char *p, char *pwd); BOOL pdb_name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid); BOOL pdb_generate_machine_sid(void); -uid_t pdb_user_rid_to_uid(uint32 u_rid); -uid_t pdb_group_rid_to_uid(uint32 u_gid); +uint32 pdb_user_rid_to_uid(uint32 u_rid); +uint32 pdb_group_rid_to_gid(uint32 u_gid); uint32 pdb_uid_to_user_rid(uint32 uid); uint32 pdb_gid_to_group_rid(uint32 gid); +BOOL pdb_rid_is_user(uint32 rid); /*The following definitions come from password.c */ @@ -1804,7 +1805,6 @@ struct shmem_ops *sysv_shm_open(int ronly); /*The following definitions come from slprintf.c */ int vslprintf(char *str, int n, char *format, va_list ap); -int slprintf(char *str, int n, char *format, ...); /*The following definitions come from smbdes.c */ @@ -1830,16 +1830,16 @@ char *smb_errstr(char *inbuf); /*The following definitions come from smbpass.c */ -void *startsmbpwent(BOOL update); -void endsmbpwent(void *vp); -struct sam_passwd *getsmb21pwent(void *vp); -struct smb_passwd *getsmbpwent(void *vp); -unsigned long getsmbpwpos(void *vp); -BOOL setsmbpwpos(void *vp, unsigned long tok); -BOOL add_smb21pwd_entry(struct sam_passwd *newpwd); -BOOL add_smbpwd_entry(struct smb_passwd *newpwd); -BOOL mod_smb21pwd_entry(struct sam_passwd* pwd, BOOL override); -BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override); +void *startsmbfilepwent(BOOL update); +void endsmbfilepwent(void *vp); +struct sam_passwd *getsmbfile21pwent(void *vp); +struct smb_passwd *getsmbfilepwent(void *vp); +unsigned long getsmbfilepwpos(void *vp); +BOOL setsmbfilepwpos(void *vp, unsigned long tok); +BOOL add_smbfile21pwd_entry(struct sam_passwd *newpwd); +BOOL add_smbfilepwd_entry(struct smb_passwd *newpwd); +BOOL mod_smbfile21pwd_entry(struct sam_passwd* pwd, BOOL override); +BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override); /*The following definitions come from smbpassfile.c */ diff --git a/source3/include/smb.h b/source3/include/smb.h index 893d61fc79..c90f77a593 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -979,9 +979,11 @@ struct parm_struct #define ERRCMD 0xFF /* Command was not in the "SMB" format. */ #ifdef __STDC__ -int Debug1(char *, ...); +int Debug1(char *, ...); +int slprintf(char *str, int n, char *format, ...); #else -int Debug1(); +int Debug1(); +int slprintf(); #endif #ifdef DFS_AUTH diff --git a/source3/lib/slprintf.c b/source3/lib/slprintf.c index 3a7e268046..1d18055643 100644 --- a/source3/lib/slprintf.c +++ b/source3/lib/slprintf.c @@ -83,7 +83,7 @@ int vslprintf(char *str, int n, char *format, va_list ap) } #ifdef __STDC__ -int slprintf(char *str, int n, char *format, ...) + int slprintf(char *str, int n, char *format, ...) { #else int slprintf(va_alist) diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c index 631b8ff01f..2ad4a831ca 100644 --- a/source3/nmbd/nmbd_processlogon.c +++ b/source3/nmbd/nmbd_processlogon.c @@ -201,7 +201,7 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", fstrcpy(reply_name,"\\\\"); /* Here it wants \\LOGONSERVER. */ fstrcpy(reply_name+2,my_name); - smb_pass = getsampwnam(ascuser); + smb_pass = getsmbpwnam(ascuser); if(!smb_pass ) { diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 51c37c2342..b17ca83d4d 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -1253,7 +1253,7 @@ BOOL lp_add_home(char *pszHomename, int iDefaultService, char *pszHomedir) if (!(*(iSERVICE(i).comment))) { pstring comment; - slprintf(comment,sizeof(comment), + slprintf(comment,sizeof(comment)-1, "Home directory of %s",pszHomename); string_set(&iSERVICE(i).comment,comment); } @@ -1285,7 +1285,7 @@ static BOOL lp_add_ipc(void) if (i < 0) return(False); - slprintf(comment,sizeof(comment), + slprintf(comment,sizeof(comment)-1, "IPC Service (%s)", Globals.szServerString ); string_set(&iSERVICE(i).szPath,tmpdir()); diff --git a/source3/passdb/ldap.c b/source3/passdb/ldap.c index 6d4d2f8dcf..912aa8e5f9 100644 --- a/source3/passdb/ldap.c +++ b/source3/passdb/ldap.c @@ -917,5 +917,5 @@ BOOL setldappwpos(void *vp, unsigned long tok) } #else -static void dummy_function(void) { } /* stop some compilers complaining */ + void dummy_function(void) { } /* stop some compilers complaining */ #endif diff --git a/source3/passdb/nispass.c b/source3/passdb/nispass.c index 22206789fc..9ae6ba3c52 100644 --- a/source3/passdb/nispass.c +++ b/source3/passdb/nispass.c @@ -98,8 +98,8 @@ static char *make_nisname_from_user_rid(uint32 rid) { static pstring nisname; - safe_strcpy(nisname, "[user_rid=", sizeof(nisname)); - slprintf(nisname, sizeof(nisname), "%s%d", nisname, rid); + safe_strcpy(nisname, "[user_rid=", sizeof(nisname)-1); + slprintf(nisname, sizeof(nisname)-1, "%s%d", nisname, rid); safe_strcat(nisname, "], passwd.org_dir", sizeof(nisname)-strlen(nisname)-1); return nisname; @@ -112,8 +112,8 @@ static char *make_nisname_from_uid(int uid) { static pstring nisname; - safe_strcpy(nisname, "[uid=", sizeof(nisname)); - slprintf(nisname, sizeof(nisname), "%s%d", nisname, uid); + safe_strcpy(nisname, "[uid=", sizeof(nisname)-1); + slprintf(nisname, sizeof(nisname)-1, "%s%d", nisname, uid); safe_strcat(nisname, "], passwd.org_dir", sizeof(nisname)-strlen(nisname)-1); return nisname; @@ -126,7 +126,7 @@ static char *make_nisname_from_name(char *user_name) { static pstring nisname; - safe_strcpy(nisname, "[name=", sizeof(nisname)); + safe_strcpy(nisname, "[name=", sizeof(nisname)-1); safe_strcat(nisname, user_name, sizeof(nisname) - strlen(nisname) - 1); safe_strcat(nisname, "], passwd.org_dir", sizeof(nisname) - strlen(nisname) - 1); @@ -214,7 +214,7 @@ BOOL add_nisp21pwd_entry(struct sam_passwd *newpwd) pfile = lp_smb_passwd_file(); - safe_strcpy(user_name, newpwd->smb_name, sizeof(user_name)); + safe_strcpy(user_name, newpwd->smb_name, sizeof(user_name)-1); nisname = make_nisname_from_name(user_name); @@ -229,7 +229,7 @@ BOOL add_nisp21pwd_entry(struct sam_passwd *newpwd) user_obj = NIS_RES_OBJECT(nis_user); - safe_strcpy(nisname, "[name=", sizeof(nisname)); + safe_strcpy(nisname, "[name=", sizeof(nisname)-1); safe_strcat(nisname, ENTRY_VAL(user_obj,0),sizeof(nisname)-strlen(nisname)-1); safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1); safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1); @@ -437,7 +437,7 @@ struct sam_passwd *getnisp21pwnam(char *name) DEBUG(10, ("getnisppwnam: search by name: %s\n", name)); DEBUG(10, ("getnisppwnam: using NIS+ table %s\n", lp_smb_passwd_file())); - slprintf(nisname, sizeof(nisname), "[name=%s],%s", name, lp_smb_passwd_file()); + slprintf(nisname, sizeof(nisname)-1, "[name=%s],%s", name, lp_smb_passwd_file()); /* Search the table. */ gotalarm = 0; @@ -482,7 +482,7 @@ struct sam_passwd *getnisp21pwuid(int smb_userid) DEBUG(10, ("getnisppwuid: search by uid: %d\n", smb_userid)); DEBUG(10, ("getnisppwuid: using NIS+ table %s\n", lp_smb_passwd_file())); - slprintf(nisname, sizeof(nisname), "[uid=%d],%s", smb_userid, lp_smb_passwd_file()); + slprintf(nisname, sizeof(nisname)-1, "[uid=%d],%s", smb_userid, lp_smb_passwd_file()); /* Search the table. */ gotalarm = 0; @@ -508,5 +508,5 @@ struct sam_passwd *getnisp21pwuid(int smb_userid) } #else -static void dummy_function(void) { } /* stop some compilers complaining */ + void nisplus_dummy_function(void) { } /* stop some compilers complaining */ #endif /* USE_NISPLUS_DB */ diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 2fa9a73dda..90cb9d4de9 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -2,9 +2,9 @@ Unix SMB/Netbios implementation. Version 1.9. Password and authentication handling - Copyright (C) Andrew Tridgell 1992-1998 + Copyright (C) Jeremy Allison 1996-1998 Copyright (C) Luke Kenneth Casson Leighton 1996-1998 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or @@ -29,33 +29,95 @@ extern int DEBUGLEVEL; * This is set on startup - it defines the SID for this * machine. */ + DOM_SID global_machine_sid; -/********************************************************** - ********************************************************** +/* + * TODO NOTE. All these functions will be abstracted into a structure + * that points to the correct function for the selected database. JRA. + */ - low-level redirection routines: +/* + * Functions that return/manipulate a struct smb_passwd. + */ - startsampwent() - endsampwent() - getsampwent() - getsam21pwent() - getsampwpos() - setsampwpos() +/************************************************************************ + Routine to search smb passwd by uid. use this if your database + does not have search facilities. +*************************************************************************/ - add_sampwd_entry() - mod_sampwd_entry() - add_sam21pwd_entry() - mod_sam21pwd_entry() +static struct smb_passwd *_getsmbpwuid(uid_t smb_userid) +{ + struct smb_passwd *pwd = NULL; + void *fp = NULL; - ********************************************************** - **********************************************************/ + DEBUG(10, ("getsmbpwuid: search by smb_userid: %x\n", smb_userid)); + + /* Open the smb password database - not for update. */ + fp = startsmbpwent(False); + + if (fp == NULL) + { + DEBUG(0, ("getsmbpwuid: unable to open smb password database.\n")); + return NULL; + } + + while ((pwd = getsmbpwent(fp)) != NULL && pwd->smb_userid != smb_userid) + ; + + if (pwd != NULL) + { + DEBUG(10, ("getsmbpwuid: found by smb_userid: %x\n", smb_userid)); + } + + endsmbpwent(fp); + return pwd; +} + +/************************************************************************ + Routine to search smb passwd by name. use this if your database + does not have search facilities. +*************************************************************************/ + +static struct smb_passwd *_getsmbpwnam(char *name) +{ + struct smb_passwd *pwd = NULL; + void *fp = NULL; + + DEBUG(10, ("getsmbpwnam: search by name: %s\n", name)); + + /* Open the sam password file - not for update. */ + fp = startsmbpwent(False); + + if (fp == NULL) + { + DEBUG(0, ("_getsmbpwnam: unable to open smb password database.\n")); + return NULL; + } + + while ((pwd = getsmbpwent(fp)) != NULL && !strequal(pwd->smb_name, name)) + ; + + if (pwd != NULL) + { + DEBUG(10, ("_getsmbpwnam: found by name: %s\n", name)); + } + + endsmbpwent(fp); + return pwd; +} /*************************************************************** - Start to enumerate the sam passwd list. Returns a void pointer + Start to enumerate the smb or sam passwd list. Returns a void pointer to ensure no modification outside this module. + + Note that currently it is being assumed that a pointer returned + from this function may be used to enumerate struct sam_passwd + entries as well as struct smb_passwd entries. This may need + to change. JRA. ****************************************************************/ -void *startsampwent(BOOL update) + +void *startsmbpwent(BOOL update) { #ifdef USE_NISPLUS_DB return startnisppwent(update); @@ -66,14 +128,21 @@ void *startsampwent(BOOL update) #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - return startsmbpwent(update); + return startsmbfilepwent(update); #endif /* USE_SMBPASS_DB */ } /*************************************************************** - End enumeration of the sam passwd list. + End enumeration of the smb or sam passwd list. + + Note that currently it is being assumed that a pointer returned + from this function may be used to enumerate struct sam_passwd + entries as well as struct smb_passwd entries. This may need + to change. JRA. + ****************************************************************/ -void endsampwent(void *vp) + +void endsmbpwent(void *vp) { #ifdef USE_NISPLUS_DB endnisppwent(vp); @@ -84,14 +153,15 @@ void endsampwent(void *vp) #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - endsmbpwent(vp); + endsmbfilepwent(vp); #endif /* USE_SMBPASS_DB */ } /************************************************************************* Routine to return the next entry in the sam passwd list. *************************************************************************/ -struct smb_passwd *getsampwent(void *vp) + +struct smb_passwd *getsmbpwent(void *vp) { #ifdef USE_NISPLUS_DB return pdb_sam_to_smb(getnisp21pwent(vp)); @@ -102,156 +172,218 @@ struct smb_passwd *getsampwent(void *vp) #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - return getsmbpwent(vp); + return getsmbfilepwent(vp); #endif /* USE_SMBPASS_DB */ return NULL; } /************************************************************************* - Routine to return the next entry in the sam passwd list. + Return the current position in the smb passwd list as an unsigned long. + This must be treated as an opaque token. + + Note that currently it is being assumed that a pointer returned + from this function may be used to enumerate struct sam_passwd + entries as well as struct smb_passwd entries. This may need + to change. JRA. + *************************************************************************/ -struct sam_disp_info *getsamdispent(void *vp) + +unsigned long getsmbpwpos(void *vp) { #ifdef USE_NISPLUS_DB - return pdb_sam_to_dispinfo(getnisp21pwent(vp)); + return getnisppwpos(vp); #endif /* USE_NISPLUS_DB */ #ifdef USE_LDAP_DB - return pdb_sam_to_dispinfo(getldap21pwent(vp)); + return getldappwpos(vp); #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - return pdb_sam_to_dispinfo(getsmb21pwent(vp)); + return getsmbfilepwpos(vp); #endif /* USE_SMBPASS_DB */ - - return NULL; } /************************************************************************* - Routine to return the next entry in the sam passwd list. + Set the current position in the smb passwd list from unsigned long. + This must be treated as an opaque token. + + Note that currently it is being assumed that a pointer returned + from this function may be used to enumerate struct sam_passwd + entries as well as struct smb_passwd entries. This may need + to change. JRA. + *************************************************************************/ -struct sam_passwd *getsam21pwent(void *vp) + +BOOL setsmbpwpos(void *vp, unsigned long tok) { #ifdef USE_NISPLUS_DB - return getnisp21pwent(vp); + return setnisppwpos(vp, tok); #endif /* USE_NISPLUS_DB */ #ifdef USE_LDAP_DB - return getldap21pwent(vp); + return setldappwpos(vp, tok); #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - return getsmb21pwent(vp); + return setsmbfilepwpos(vp, tok); #endif /* USE_SMBPASS_DB */ - - return NULL; } -/************************************************************************* - Return the current position in the sam passwd list as an unsigned long. - This must be treated as an opaque token. - *************************************************************************/ -unsigned long getsampwpos(void *vp) +/************************************************************************ + Routine to add an entry to the smb passwd file. +*************************************************************************/ + +BOOL add_smbpwd_entry(struct smb_passwd *newpwd) { #ifdef USE_NISPLUS_DB - return getnisppwpos(vp); + return add_nisp21pwd_entry(pdb_smb_to_sam(newpwd)); #endif /* USE_NISPLUS_DB */ #ifdef USE_LDAP_DB - return getldappwpos(vp); + return add_ldap21pwd_entry(pdb_smb_to_sam(newpwd)); #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - return getsmbpwpos(vp); + return add_smbfilepwd_entry(newpwd); #endif /* USE_SMBPASS_DB */ } -/************************************************************************* - Set the current position in the sam passwd list from unsigned long. - This must be treated as an opaque token. - *************************************************************************/ -BOOL setsampwpos(void *vp, unsigned long tok) +/************************************************************************ + Routine to search the smb passwd file for an entry matching the username. + and then modify its password entry. We can't use the startsampwent()/ + getsampwent()/endsampwent() interfaces here as we depend on looking + in the actual file to decide how much room we have to write data. + override = False, normal + override = True, override XXXXXXXX'd out password or NO PASS +************************************************************************/ + +BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) { #ifdef USE_NISPLUS_DB - return setnisppwpos(vp, tok); + return mod_nisp21pwd_entry(pdb_smb_to_sam(pwd), override); #endif /* USE_NISPLUS_DB */ #ifdef USE_LDAP_DB - return setldappwpos(vp, tok); + return mod_ldap21pwd_entry(pdb_smb_to_sam(pwd), override); #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - return setsmbpwpos(vp, tok); + return mod_smbfilepwd_entry(pwd, override); #endif /* USE_SMBPASS_DB */ } /************************************************************************ - Routine to add an entry to the sam passwd file. + Routine to search smb passwd by name. *************************************************************************/ -BOOL add_sampwd_entry(struct smb_passwd *newpwd) + +struct smb_passwd *getsmbpwnam(char *name) { #ifdef USE_NISPLUS_DB - return add_nisp21pwd_entry(pdb_smb_to_sam(newpwd)); + return pdb_sam_to_smb(_getsam21pwnam(name)); #endif /* USE_NISPLUS_DB */ #ifdef USE_LDAP_DB - return add_ldap21pwd_entry(pdb_smb_to_sam(newpwd)); + return pdb_sam_to_smb(_getsam21pwnam(name)); #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - return add_smbpwd_entry(newpwd); + return _getsmbpwnam(name); #endif /* USE_SMBPASS_DB */ } /************************************************************************ - Routine to add an entry to the sam passwd file. + Routine to search smb passwd by uid. *************************************************************************/ -BOOL add_sam21pwd_entry(struct sam_passwd *newpwd) + +struct smb_passwd *getsmbpwuid(uid_t smb_userid) { #ifdef USE_NISPLUS_DB - return add_nisp21pwd_entry(newpwd); + return pdb_sam_to_smb(_getsam21pwrid(smb_userid)); #endif /* USE_NISPLUS_DB */ #ifdef USE_LDAP_DB - return add_ldap21pwd_entry(newpwd); + return pdb_sam_to_smb(_getsam21pwrid(smb_userid)); +#endif /* USE_LDAP_DB */ + +#ifdef USE_SMBPASS_DB + return _getsmbpwuid(smb_userid); +#endif /* USE_SMBPASS_DB */ +} + +/* + * Functions that manupulate a struct sam_passwd. + */ + +/************************************************************************* + Routine to return the next entry in the sam passwd list. + *************************************************************************/ + +struct sam_disp_info *getsamdispent(void *vp) +{ +#ifdef USE_NISPLUS_DB + return pdb_sam_to_dispinfo(getnisp21pwent(vp)); +#endif /* USE_NISPLUS_DB */ + +#ifdef USE_LDAP_DB + return pdb_sam_to_dispinfo(getldap21pwent(vp)); +#endif /* USE_LDAP_DB */ + +#ifdef USE_SMBPASS_DB + return pdb_sam_to_dispinfo(getsmbfile21pwent(vp)); +#endif /* USE_SMBPASS_DB */ + + return NULL; +} + +/************************************************************************* + Routine to return the next entry in the sam passwd list. + *************************************************************************/ + +struct sam_passwd *getsam21pwent(void *vp) +{ +#ifdef USE_NISPLUS_DB + return getnisp21pwent(vp); +#endif /* USE_NISPLUS_DB */ + +#ifdef USE_LDAP_DB + return getldap21pwent(vp); #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - return add_smb21pwd_entry(newpwd); + return getsmbfile21pwent(vp); #endif /* USE_SMBPASS_DB */ + + return NULL; } /************************************************************************ - Routine to search the sam passwd file for an entry matching the username. - and then modify its password entry. We can't use the startsampwent()/ - getsampwent()/endsampwent() interfaces here as we depend on looking - in the actual file to decide how much room we have to write data. - override = False, normal - override = True, override XXXXXXXX'd out password or NO PASS -************************************************************************/ -BOOL mod_sampwd_entry(struct smb_passwd* pwd, BOOL override) + Routine to add an entry to the sam passwd file. +*************************************************************************/ + +BOOL add_sam21pwd_entry(struct sam_passwd *newpwd) { #ifdef USE_NISPLUS_DB - return mod_nisp21pwd_entry(pdb_smb_to_sam(pwd), override); + return add_nisp21pwd_entry(newpwd); #endif /* USE_NISPLUS_DB */ #ifdef USE_LDAP_DB - return mod_ldap21pwd_entry(pdb_smb_to_sam(pwd), override); + return add_ldap21pwd_entry(newpwd); #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - return mod_smbpwd_entry(pwd, override); + return add_smbfile21pwd_entry(newpwd); #endif /* USE_SMBPASS_DB */ } /************************************************************************ - Routine to search the sam passwd file for an entry matching the username. + Routine to search the sam passwd database for an entry matching the username. and then modify its password entry. We can't use the startsampwent()/ getsampwent()/endsampwent() interfaces here as we depend on looking in the actual file to decide how much room we have to write data. override = False, normal override = True, override XXXXXXXX'd out password or NO PASS ************************************************************************/ + BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override) { #ifdef USE_NISPLUS_DB @@ -263,57 +395,15 @@ BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override) #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - return mod_smb21pwd_entry(pwd, override); + return mod_smbfile21pwd_entry(pwd, override); #endif /* USE_SMBPASS_DB */ } -/********************************************************** - ********************************************************** - - high-level database routines: - getsampwnam() - getsampwuid() - getsam21pwnam() - getsam21pwuid() - - ********************************************************** - **********************************************************/ - /************************************************************************ Routine to search sam passwd by name. use this if your database does not have search facilities. *************************************************************************/ -static struct smb_passwd *_getsampwnam(char *name) -{ - struct smb_passwd *pwd = NULL; - void *fp = NULL; - - DEBUG(10, ("getsampwnam: search by name: %s\n", name)); - - /* Open the sam password file - not for update. */ - fp = startsampwent(False); - - if (fp == NULL) - { - DEBUG(0, ("_getsampwnam: unable to open sam password database.\n")); - return NULL; - } - - while ((pwd = getsampwent(fp)) != NULL && !strequal(pwd->smb_name, name)); - - if (pwd != NULL) - { - DEBUG(10, ("_getsampwnam: found by name: %s\n", name)); - } - endsampwent(fp); - return pwd; -} - -/************************************************************************ - Routine to search sam passwd by name. use this if your database - does not have search facilities. -*************************************************************************/ static struct sam_passwd *_getsam21pwnam(char *name) { struct sam_passwd *pwd = NULL; @@ -321,8 +411,8 @@ static struct sam_passwd *_getsam21pwnam(char *name) DEBUG(10, ("_getsam21pwnam: search by name: %s\n", name)); - /* Open the sam password file - not for update. */ - fp = startsampwent(False); + /* Open the smb password database - not for update. */ + fp = startsmbpwent(False); if (fp == NULL) { @@ -337,13 +427,15 @@ static struct sam_passwd *_getsam21pwnam(char *name) DEBUG(10, ("_getsam21pwnam: found by name: %s\n", name)); } - endsampwent(fp); + endsmbpwent(fp); return pwd; } + /************************************************************************ Routine to search sam passwd by name. *************************************************************************/ + struct sam_passwd *getsam21pwnam(char *name) { #ifdef USE_NISPLUS_DB @@ -359,120 +451,55 @@ struct sam_passwd *getsam21pwnam(char *name) #endif /* USE_SMBPASS_DB */ } -/************************************************************************ - Routine to search sam passwd by name. -*************************************************************************/ -struct smb_passwd *getsampwnam(char *name) -{ -#ifdef USE_NISPLUS_DB - return pdb_sam_to_smb(_getsam21pwnam(name)); -#endif /* USE_NISPLUS_DB */ - -#ifdef USE_LDAP_DB - return pdb_sam_to_smb(_getsam21pwnam(name)); -#endif /* USE_LDAP_DB */ - -#ifdef USE_SMBPASS_DB - return _getsampwnam(name); -#endif /* USE_SMBPASS_DB */ -} - /************************************************************************ Routine to search sam passwd by uid. use this if your database does not have search facilities. *************************************************************************/ -static struct smb_passwd *_getsampwuid(uid_t smb_userid) -{ - struct smb_passwd *pwd = NULL; - void *fp = NULL; - - DEBUG(10, ("getsampwuid: search by smb_userid: %x\n", smb_userid)); - - /* Open the sam password file - not for update. */ - fp = startsampwent(False); - if (fp == NULL) - { - DEBUG(0, ("getsampwuid: unable to open sam password database.\n")); - return NULL; - } - - while ((pwd = getsampwent(fp)) != NULL && pwd->smb_userid != smb_userid); - - if (pwd != NULL) - { - DEBUG(10, ("getsampwuid: found by smb_userid: %x\n", smb_userid)); - } - - endsampwent(fp); - return pwd; -} - - -/************************************************************************ - Routine to search sam passwd by rid. use this if your database - does not have search facilities. -*************************************************************************/ -static struct sam_passwd *_getsam21pwrid(uint32 rid) +static struct sam_passwd *_getsam21pwuid(uint32 uid) { struct sam_passwd *pwd = NULL; void *fp = NULL; - DEBUG(10, ("_getsam21pwrid: search by rid: %x\n", rid)); + DEBUG(10, ("_getsam21pwuid: search by uid: %x\n", uid)); - /* Open the sam password file - not for update. */ - fp = startsampwent(False); + /* Open the smb password file - not for update. */ + fp = startsmbpwent(False); if (fp == NULL) { - DEBUG(0, ("_getsam21pwrid: unable to open sam password database.\n")); + DEBUG(0, ("_getsam21pwuid: unable to open sam password database.\n")); return NULL; } - while ((pwd = getsam21pwent(fp)) != NULL && pwd->user_rid != rid); + while ((pwd = getsam21pwent(fp)) != NULL && pwd->smb_userid != uid) + ; if (pwd != NULL) { - DEBUG(10, ("_getsam21pwrid: found by smb_userid: %x\n", rid)); + DEBUG(10, ("_getsam21pwuid: found by smb_userid: %x\n", uid)); } - endsampwent(fp); + endsmbpwent(fp); return pwd; } /************************************************************************ - Routine to search sam passwd by uid. + Routine to search sam passwd by uid. *************************************************************************/ -struct smb_passwd *getsampwuid(uid_t smb_userid) -{ -#ifdef USE_NISPLUS_DB - return pdb_sam_to_smb(_getsam21pwrid(pdb_uid_to_user_rid(smb_userid))); -#endif /* USE_NISPLUS_DB */ -#ifdef USE_LDAP_DB - return pdb_sam_to_smb(_getsam21pwrid(pdb_uid_to_user_rid(smb_userid))); -#endif /* USE_LDAP_DB */ - -#ifdef USE_SMBPASS_DB - return _getsampwuid(smb_userid); -#endif /* USE_SMBPASS_DB */ -} - -/************************************************************************ - Routine to search sam passwd by rid. -*************************************************************************/ -struct sam_passwd *getsam21pwrid(uint32 rid) +struct sam_passwd *getsam21pwuid(uint32 uid) { #ifdef USE_NISPLUS_DB - return _getsam21pwrid(rid); + return _getsam21pwuid(uid); #endif /* USE_NISPLUS_DB */ #ifdef USE_LDAP_DB - return _getsam21pwrid(rid); + return _getsam21pwuid(uid); #endif /* USE_LDAP_DB */ #ifdef USE_SMBPASS_DB - return _getsam21pwrid(rid); + return _getsam21pwuid(uid); #endif /* USE_SMBPASS_DB */ } @@ -489,6 +516,7 @@ struct sam_passwd *getsam21pwrid(uint32 rid) /************************************************************* initialises a struct sam_disp_info. **************************************************************/ + void pdb_init_dispinfo(struct sam_disp_info *user) { if (user == NULL) return; @@ -498,6 +526,7 @@ void pdb_init_dispinfo(struct sam_disp_info *user) /************************************************************* initialises a struct smb_passwd. **************************************************************/ + void pdb_init_smb(struct smb_passwd *user) { if (user == NULL) return; @@ -541,6 +570,7 @@ struct sam_disp_info *pdb_sam_to_dispinfo(struct sam_passwd *user) /************************************************************* converts a sam_passwd structure to a smb_passwd structure. **************************************************************/ + struct smb_passwd *pdb_sam_to_smb(struct sam_passwd *user) { static struct smb_passwd pw_buf; @@ -562,6 +592,7 @@ struct smb_passwd *pdb_sam_to_smb(struct sam_passwd *user) /************************************************************* converts a smb_passwd structure to a sam_passwd structure. **************************************************************/ + struct sam_passwd *pdb_smb_to_sam(struct smb_passwd *user) { static struct sam_passwd pw_buf; @@ -580,9 +611,14 @@ struct sam_passwd *pdb_smb_to_sam(struct smb_passwd *user) return &pw_buf; } +#if 0 + + COMMENTED OUT UNTIL SOMETHING ACTUALLY USES THEM. JRA. + /******************************************************************* gets password-database-format time from a string. ********************************************************************/ + static time_t get_time_from_string(char *p) { int i; @@ -607,6 +643,7 @@ static time_t get_time_from_string(char *p) /******************************************************************* gets password last set time ********************************************************************/ + time_t pdb_get_last_set_time(char *p) { if (*p && StrnCaseCmp((char *)p, "LCT-", 4)) @@ -620,6 +657,7 @@ time_t pdb_get_last_set_time(char *p) /******************************************************************* sets password-database-format time in a string. ********************************************************************/ + static void set_time_in_string(char *p, int max_len, char *type, time_t t) { slprintf(p, max_len, ":%s-%08X:", type, (uint32)t); @@ -628,13 +666,18 @@ static void set_time_in_string(char *p, int max_len, char *type, time_t t) /******************************************************************* sets password last set time ********************************************************************/ + void pdb_set_last_set_time(char *p, int max_len, time_t t) { set_time_in_string(p, max_len, "LCT", t); } + +#endif /* 0 */ + /********************************************************** Encode the account control bits into a string. **********************************************************/ + char *pdb_encode_acct_ctrl(uint16 acct_ctrl) { static fstring acct_str; @@ -664,6 +707,7 @@ char *pdb_encode_acct_ctrl(uint16 acct_ctrl) reason: vertical line-up code clarity - all case statements fit into 15 lines, which is more important. **********************************************************/ + uint16 pdb_decode_acct_ctrl(char *p) { uint16 acct_ctrl = 0; @@ -714,6 +758,7 @@ uint16 pdb_decode_acct_ctrl(char *p) Routine to get the next 32 hex characters and turn them into a 16 byte array. **************************************************************/ + int pdb_gethexpwd(char *p, char *pwd) { int i; @@ -740,6 +785,7 @@ int pdb_gethexpwd(char *p, char *pwd) /******************************************************************* Group and User RID username mapping function ********************************************************************/ + BOOL pdb_name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid) { struct passwd *pw = Get_Pwnam(user_name, False); @@ -779,6 +825,7 @@ BOOL pdb_name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid) /**************************************************************************** Read the machine SID from a file. ****************************************************************************/ + static BOOL read_sid_from_file(int fd, char *sid_file) { fstring fline; @@ -806,6 +853,7 @@ static BOOL read_sid_from_file(int fd, char *sid_file) Generate the global machine sid. Look for the MACHINE.SID file first, if not found then look in smb.conf and use it to create the MACHINE.SID file. ****************************************************************************/ + BOOL pdb_generate_machine_sid(void) { int fd; @@ -963,22 +1011,25 @@ Error was %s\n", sid_file, strerror(errno) )); /******************************************************************* converts NT User RID to a UNIX uid. ********************************************************************/ -uid_t pdb_user_rid_to_uid(uint32 u_rid) + +uint32 pdb_user_rid_to_uid(uint32 u_rid) { - return (uid_t)(u_rid - 1000); + return (u_rid - 1000); } /******************************************************************* converts NT Group RID to a UNIX uid. ********************************************************************/ -uid_t pdb_group_rid_to_uid(uint32 u_gid) + +uint32 pdb_group_rid_to_gid(uint32 u_gid) { - return (uid_t)(u_gid - 1000); + return (u_gid - 1000); } /******************************************************************* converts UNIX uid to an NT User RID. ********************************************************************/ + uint32 pdb_uid_to_user_rid(uint32 uid) { return (uint32)(uid + 1000); @@ -987,8 +1038,18 @@ uint32 pdb_uid_to_user_rid(uint32 uid) /******************************************************************* converts NT Group RID to a UNIX uid. ********************************************************************/ + uint32 pdb_gid_to_group_rid(uint32 gid) { return (uint32)(gid + 1000); } +/******************************************************************* + Decides if a RID is a user or group RID. + ********************************************************************/ + +BOOL pdb_rid_is_user(uint32 rid) +{ + /* Punt for now - we need to look at the encoding here. JRA. */ + return False; +} diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c index c9d0ec8d44..e37e2a5f87 100644 --- a/source3/passdb/smbpass.c +++ b/source3/passdb/smbpass.c @@ -35,21 +35,21 @@ static char s_readbuf[16 * 1024]; do not call this function directly. use passdb.c instead. ****************************************************************/ -void *startsmbpwent(BOOL update) +void *startsmbfilepwent(BOOL update) { FILE *fp = NULL; char *pfile = lp_smb_passwd_file(); if (!*pfile) { - DEBUG(0, ("startsmbpwent: No SMB password file set\n")); + DEBUG(0, ("startsmbfilepwent: No SMB password file set\n")); return (NULL); } - DEBUG(10, ("startsmbpwent: opening file %s\n", pfile)); + DEBUG(10, ("startsmbfilepwent: opening file %s\n", pfile)); fp = fopen(pfile, update ? "r+b" : "rb"); if (fp == NULL) { - DEBUG(0, ("startsmbpwent: unable to open file %s\n", pfile)); + DEBUG(0, ("startsmbfilepwent: unable to open file %s\n", pfile)); return NULL; } @@ -58,7 +58,7 @@ void *startsmbpwent(BOOL update) if (!pw_file_lock(fileno(fp), (update ? F_WRLCK : F_RDLCK), 5, &pw_file_lock_depth)) { - DEBUG(0, ("startsmbpwent: unable to lock file %s\n", pfile)); + DEBUG(0, ("startsmbfilepwent: unable to lock file %s\n", pfile)); fclose(fp); return NULL; } @@ -73,13 +73,13 @@ void *startsmbpwent(BOOL update) /*************************************************************** End enumeration of the smbpasswd list. ****************************************************************/ -void endsmbpwent(void *vp) +void endsmbfilepwent(void *vp) { FILE *fp = (FILE *)vp; pw_file_unlock(fileno(fp), &pw_file_lock_depth); fclose(fp); - DEBUG(7, ("endsmbpwent: closed password file.\n")); + DEBUG(7, ("endsmbfilepwent: closed password file.\n")); } /************************************************************************* @@ -92,9 +92,9 @@ void endsmbpwent(void *vp) do not call this function directly. use passdb.c instead. *************************************************************************/ -struct sam_passwd *getsmb21pwent(void *vp) +struct sam_passwd *getsmbfile21pwent(void *vp) { - struct smb_passwd *pw_buf = getsmbpwent(vp); + struct smb_passwd *pw_buf = getsmbfilepwent(vp); static struct sam_passwd user; struct passwd *pwfile; @@ -187,7 +187,7 @@ struct sam_passwd *getsmb21pwent(void *vp) do not call this function directly. use passdb.c instead. *************************************************************************/ -struct smb_passwd *getsmbpwent(void *vp) +struct smb_passwd *getsmbfilepwent(void *vp) { /* Static buffers we will return. */ static struct smb_passwd pw_buf; @@ -202,7 +202,7 @@ struct smb_passwd *getsmbpwent(void *vp) long linebuf_len; if(fp == NULL) { - DEBUG(0,("getsmbpwent: Bad password file pointer.\n")); + DEBUG(0,("getsmbfilepwent: Bad password file pointer.\n")); return NULL; } @@ -237,10 +237,10 @@ struct smb_passwd *getsmbpwent(void *vp) linebuf[linebuf_len - 1] = '\0'; #ifdef DEBUG_PASSWORD - DEBUG(100, ("getsmbpwent: got line |%s|\n", linebuf)); + DEBUG(100, ("getsmbfilepwent: got line |%s|\n", linebuf)); #endif if ((linebuf[0] == 0) && feof(fp)) { - DEBUG(4, ("getsmbpwent: end of file reached\n")); + DEBUG(4, ("getsmbfilepwent: end of file reached\n")); break; } /* @@ -259,12 +259,12 @@ struct smb_passwd *getsmbpwent(void *vp) */ if (linebuf[0] == '#' || linebuf[0] == '\0') { - DEBUG(6, ("getsmbpwent: skipping comment or blank line\n")); + DEBUG(6, ("getsmbfilepwent: skipping comment or blank line\n")); continue; } p = (unsigned char *) strchr(linebuf, ':'); if (p == NULL) { - DEBUG(0, ("getsmbpwent: malformed password entry (no :)\n")); + DEBUG(0, ("getsmbfilepwent: malformed password entry (no :)\n")); continue; } /* @@ -278,7 +278,7 @@ struct smb_passwd *getsmbpwent(void *vp) p++; /* Go past ':' */ if (!isdigit(*p)) { - DEBUG(0, ("getsmbpwent: malformed password entry (uid not number)\n")); + DEBUG(0, ("getsmbfilepwent: malformed password entry (uid not number)\n")); continue; } @@ -288,7 +288,7 @@ struct smb_passwd *getsmbpwent(void *vp) p++; if (*p != ':') { - DEBUG(0, ("getsmbpwent: malformed password entry (no : after uid)\n")); + DEBUG(0, ("getsmbfilepwent: malformed password entry (no : after uid)\n")); continue; } @@ -306,7 +306,7 @@ struct smb_passwd *getsmbpwent(void *vp) if (*p == '*' || *p == 'X') { /* Password deliberately invalid - end here. */ - DEBUG(10, ("getsmbpwent: entry invalidated for user %s\n", user_name)); + DEBUG(10, ("getsmbfilepwent: entry invalidated for user %s\n", user_name)); pw_buf.smb_nt_passwd = NULL; pw_buf.smb_passwd = NULL; pw_buf.acct_ctrl |= ACB_DISABLED; @@ -314,12 +314,12 @@ struct smb_passwd *getsmbpwent(void *vp) } if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) { - DEBUG(0, ("getsmbpwent: malformed password entry (passwd too short)\n")); + DEBUG(0, ("getsmbfilepwent: malformed password entry (passwd too short)\n")); continue; } if (p[32] != ':') { - DEBUG(0, ("getsmbpwent: malformed password entry (no terminating :)\n")); + DEBUG(0, ("getsmbfilepwent: malformed password entry (no terminating :)\n")); continue; } @@ -328,7 +328,7 @@ struct smb_passwd *getsmbpwent(void *vp) pw_buf.acct_ctrl |= ACB_PWNOTREQ; } else { if (!pdb_gethexpwd((char *)p, (char *)smbpwd)) { - DEBUG(0, ("getsmbpwent: Malformed Lanman password entry (non hex chars)\n")); + DEBUG(0, ("getsmbfilepwent: Malformed Lanman password entry (non hex chars)\n")); continue; } pw_buf.smb_passwd = smbpwd; @@ -351,7 +351,7 @@ struct smb_passwd *getsmbpwent(void *vp) the NT password. */ } - DEBUG(5, ("getsmbpwent: returning passwd entry for user %s, uid %d\n", + DEBUG(5, ("getsmbfilepwent: returning passwd entry for user %s, uid %d\n", user_name, uidval)); if (*p == '[') @@ -400,7 +400,7 @@ struct smb_passwd *getsmbpwent(void *vp) return &pw_buf; } - DEBUG(5,("getsmbpwent: end of file reached.\n")); + DEBUG(5,("getsmbfilepwent: end of file reached.\n")); return NULL; } @@ -411,7 +411,7 @@ struct smb_passwd *getsmbpwent(void *vp) do not call this function directly. use passdb.c instead. *************************************************************************/ -unsigned long getsmbpwpos(void *vp) +unsigned long getsmbfilepwpos(void *vp) { return (unsigned long)ftell((FILE *)vp); } @@ -423,7 +423,7 @@ unsigned long getsmbpwpos(void *vp) do not call this function directly. use passdb.c instead. *************************************************************************/ -BOOL setsmbpwpos(void *vp, unsigned long tok) +BOOL setsmbfilepwpos(void *vp, unsigned long tok) { return !fseek((FILE *)vp, tok, SEEK_SET); } @@ -434,7 +434,7 @@ BOOL setsmbpwpos(void *vp, unsigned long tok) do not call this function directly. use passdb.c instead. *************************************************************************/ -BOOL add_smb21pwd_entry(struct sam_passwd *newpwd) +BOOL add_smbfile21pwd_entry(struct sam_passwd *newpwd) { return False; } @@ -445,7 +445,7 @@ BOOL add_smb21pwd_entry(struct sam_passwd *newpwd) do not call this function directly. use passdb.c instead. *************************************************************************/ -BOOL add_smbpwd_entry(struct smb_passwd *newpwd) +BOOL add_smbfilepwd_entry(struct smb_passwd *newpwd) { char *pfile = lp_smb_passwd_file(); struct smb_passwd *pwd = NULL; @@ -461,10 +461,10 @@ BOOL add_smbpwd_entry(struct smb_passwd *newpwd) unsigned char *p; /* Open the smbpassword file - for update. */ - fp = startsmbpwent(True); + fp = startsmbfilepwent(True); if (fp == NULL) { - DEBUG(0, ("add_smbpwd_entry: unable to open file.\n")); + DEBUG(0, ("add_smbfilepwd_entry: unable to open file.\n")); return False; } @@ -472,10 +472,10 @@ BOOL add_smbpwd_entry(struct smb_passwd *newpwd) * Scan the file, a line at a time and check if the name matches. */ - while ((pwd = getsmbpwent(fp)) != NULL) { + while ((pwd = getsmbfilepwent(fp)) != NULL) { if (strequal(newpwd->smb_name, pwd->smb_name)) { - DEBUG(0, ("add_smbpwd_entry: entry with name %s already exists\n", pwd->smb_name)); - endsmbpwent(fp); + DEBUG(0, ("add_smbfilepwd_entry: entry with name %s already exists\n", pwd->smb_name)); + endsmbfilepwent(fp); return False; } } @@ -490,18 +490,18 @@ BOOL add_smbpwd_entry(struct smb_passwd *newpwd) fd = fileno(fp); if((offpos = lseek(fd, 0, SEEK_END)) == -1) { - DEBUG(0, ("add_smbpwd_entry(lseek): Failed to add entry for user %s to file %s. \ + DEBUG(0, ("add_smbfilepwd_entry(lseek): Failed to add entry for user %s to file %s. \ Error was %s\n", newpwd->smb_name, pfile, strerror(errno))); - endsmbpwent(fp); + endsmbfilepwent(fp); return False; } new_entry_length = strlen(newpwd->smb_name) + 1 + 15 + 1 + 32 + 1 + 32 + 1 + 5 + 1 + 13 + 2; if((new_entry = (char *)malloc( new_entry_length )) == NULL) { - DEBUG(0, ("add_smbpwd_entry(malloc): Failed to add entry for user %s to file %s. \ + DEBUG(0, ("add_smbfilepwd_entry(malloc): Failed to add entry for user %s to file %s. \ Error was %s\n", newpwd->smb_name, pfile, strerror(errno))); - endsmbpwent(fp); + endsmbfilepwent(fp); return False; } @@ -545,26 +545,26 @@ Error was %s\n", newpwd->smb_name, pfile, strerror(errno))); (uint32)time(NULL)); #ifdef DEBUG_PASSWORD - DEBUG(100, ("add_smbpwd_entry(%d): new_entry_len %d entry_len %d made line |%s|", + DEBUG(100, ("add_smbfilepwd_entry(%d): new_entry_len %d entry_len %d made line |%s|", fd, new_entry_length, strlen(new_entry), new_entry)); #endif if ((wr_len = write(fd, new_entry, strlen(new_entry))) != strlen(new_entry)) { - DEBUG(0, ("add_smbpwd_entry(write): %d Failed to add entry for user %s to file %s. \ + DEBUG(0, ("add_smbfilepwd_entry(write): %d Failed to add entry for user %s to file %s. \ Error was %s\n", wr_len, newpwd->smb_name, pfile, strerror(errno))); /* Remove the entry we just wrote. */ if(ftruncate(fd, offpos) == -1) { - DEBUG(0, ("add_smbpwd_entry: ERROR failed to ftruncate file %s. \ + DEBUG(0, ("add_smbfilepwd_entry: ERROR failed to ftruncate file %s. \ Error was %s. Password file may be corrupt ! Please examine by hand !\n", newpwd->smb_name, strerror(errno))); } - endsmbpwent(fp); + endsmbfilepwent(fp); return False; } - endsmbpwent(fp); + endsmbfilepwent(fp); return True; } @@ -579,7 +579,7 @@ Error was %s. Password file may be corrupt ! Please examine by hand !\n", do not call this function directly. use passdb.c instead. ************************************************************************/ -BOOL mod_smb21pwd_entry(struct sam_passwd* pwd, BOOL override) +BOOL mod_smbfile21pwd_entry(struct sam_passwd* pwd, BOOL override) { return False; } @@ -595,7 +595,7 @@ BOOL mod_smb21pwd_entry(struct sam_passwd* pwd, BOOL override) do not call this function directly. use passdb.c instead. ************************************************************************/ -BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) +BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override) { /* Static buffers we will return. */ static pstring user_name; @@ -623,12 +623,12 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) DEBUG(0, ("No SMB password file set\n")); return False; } - DEBUG(10, ("mod_smbpwd_entry: opening file %s\n", pfile)); + DEBUG(10, ("mod_smbfilepwd_entry: opening file %s\n", pfile)); fp = fopen(pfile, "r+"); if (fp == NULL) { - DEBUG(0, ("mod_smbpwd_entry: unable to open file %s\n", pfile)); + DEBUG(0, ("mod_smbfilepwd_entry: unable to open file %s\n", pfile)); return False; } /* Set a 16k buffer to do more efficient reads */ @@ -637,7 +637,7 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) lockfd = fileno(fp); if (!pw_file_lock(lockfd, F_WRLCK, 5, &pw_file_lock_depth)) { - DEBUG(0, ("mod_smbpwd_entry: unable to lock file %s\n", pfile)); + DEBUG(0, ("mod_smbfilepwd_entry: unable to lock file %s\n", pfile)); fclose(fp); return False; } @@ -679,11 +679,11 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) } #ifdef DEBUG_PASSWORD - DEBUG(100, ("mod_smbpwd_entry: got line |%s|\n", linebuf)); + DEBUG(100, ("mod_smbfilepwd_entry: got line |%s|\n", linebuf)); #endif if ((linebuf[0] == 0) && feof(fp)) { - DEBUG(4, ("mod_smbpwd_entry: end of file reached\n")); + DEBUG(4, ("mod_smbfilepwd_entry: end of file reached\n")); break; } @@ -701,14 +701,14 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) */ if (linebuf[0] == '#' || linebuf[0] == '\0') { - DEBUG(6, ("mod_smbpwd_entry: skipping comment or blank line\n")); + DEBUG(6, ("mod_smbfilepwd_entry: skipping comment or blank line\n")); continue; } p = (unsigned char *) strchr(linebuf, ':'); if (p == NULL) { - DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no :)\n")); + DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no :)\n")); continue; } @@ -726,13 +726,13 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) if (!found_entry) return False; - DEBUG(6, ("mod_smbpwd_entry: entry exists\n")); + DEBUG(6, ("mod_smbfilepwd_entry: entry exists\n")); /* User name matches - get uid and password */ p++; /* Go past ':' */ if (!isdigit(*p)) { - DEBUG(0, ("mod_smbpwd_entry: malformed password entry (uid not number)\n")); + DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (uid not number)\n")); pw_file_unlock(lockfd, &pw_file_lock_depth); fclose(fp); return False; @@ -741,7 +741,7 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) while (*p && isdigit(*p)) p++; if (*p != ':') { - DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no : after uid)\n")); + DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no : after uid)\n")); pw_file_unlock(lockfd, &pw_file_lock_depth); fclose(fp); return False; @@ -759,21 +759,21 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) if (!override && (*p == '*' || *p == 'X')) { /* Password deliberately invalid - end here. */ - DEBUG(10, ("mod_smbpwd_entry: entry invalidated for user %s\n", user_name)); + DEBUG(10, ("mod_smbfilepwd_entry: entry invalidated for user %s\n", user_name)); pw_file_unlock(lockfd, &pw_file_lock_depth); fclose(fp); return False; } if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) { - DEBUG(0, ("mod_smbpwd_entry: malformed password entry (passwd too short)\n")); + DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n")); pw_file_unlock(lockfd,&pw_file_lock_depth); fclose(fp); return (False); } if (p[32] != ':') { - DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no terminating :)\n")); + DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n")); pw_file_unlock(lockfd,&pw_file_lock_depth); fclose(fp); return False; @@ -790,14 +790,14 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) p += 33; /* Move to the first character of the line after the lanman password. */ if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) { - DEBUG(0, ("mod_smbpwd_entry: malformed password entry (passwd too short)\n")); + DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n")); pw_file_unlock(lockfd,&pw_file_lock_depth); fclose(fp); return (False); } if (p[32] != ':') { - DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no terminating :)\n")); + DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n")); pw_file_unlock(lockfd,&pw_file_lock_depth); fclose(fp); return False; @@ -860,7 +860,7 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) fd = fileno(fp); if (lseek(fd, pwd_seekpos - 1, SEEK_SET) != pwd_seekpos - 1) { - DEBUG(0, ("mod_smbpwd_entry: seek fail on file %s.\n", pfile)); + DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile)); pw_file_unlock(lockfd,&pw_file_lock_depth); fclose(fp); return False; @@ -868,14 +868,14 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) /* Sanity check - ensure the character is a ':' */ if (read(fd, &c, 1) != 1) { - DEBUG(0, ("mod_smbpwd_entry: read fail on file %s.\n", pfile)); + DEBUG(0, ("mod_smbfilepwd_entry: read fail on file %s.\n", pfile)); pw_file_unlock(lockfd,&pw_file_lock_depth); fclose(fp); return False; } if (c != ':') { - DEBUG(0, ("mod_smbpwd_entry: check on passwd file %s failed.\n", pfile)); + DEBUG(0, ("mod_smbfilepwd_entry: check on passwd file %s failed.\n", pfile)); pw_file_unlock(lockfd,&pw_file_lock_depth); fclose(fp); return False; @@ -921,12 +921,12 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) } #ifdef DEBUG_PASSWORD - DEBUG(100,("mod_smbpwd_entry: ")); + DEBUG(100,("mod_smbfilepwd_entry: ")); dump_data(100, ascii_p16, wr_len); #endif if (write(fd, ascii_p16, wr_len) != wr_len) { - DEBUG(0, ("mod_smbpwd_entry: write failed in passwd file %s\n", pfile)); + DEBUG(0, ("mod_smbfilepwd_entry: write failed in passwd file %s\n", pfile)); pw_file_unlock(lockfd,&pw_file_lock_depth); fclose(fp); return False; diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index e5ae3959b9..c81a8244d9 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -239,7 +239,7 @@ static BOOL get_md4pw(char *md4pw, char *mach_name, char *mach_acct) } become_root(True); - smb_pass = getsampwnam(mach_acct); + smb_pass = getsmbpwnam(mach_acct); unbecome_root(True); if (smb_pass != NULL) @@ -391,7 +391,7 @@ static void api_net_srv_pwset( int uid, DEBUG(3,("Server Password Set Wksta:[%s]\n", mach_acct)); become_root(True); - smb_pass = getsampwnam(mach_acct); + smb_pass = getsmbpwnam(mach_acct); unbecome_root(True); if (smb_pass != NULL) @@ -414,7 +414,7 @@ static void api_net_srv_pwset( int uid, smb_pass->acct_ctrl = ACB_WSTRUST; become_root(True); - ret = mod_sampwd_entry(smb_pass,False); + ret = mod_smbpwd_entry(smb_pass,False); unbecome_root(True); if (ret) @@ -632,7 +632,7 @@ static void api_net_sam_logon( int uid, DEBUG(3,("User:[%s]\n", samlogon_user)); become_root(True); - smb_pass = getsampwnam(samlogon_user); + smb_pass = getsmbpwnam(samlogon_user); unbecome_root(True); if (smb_pass == NULL) diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index 821ae75c11..adc16fa5c8 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -53,14 +53,14 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, if (pw_buf == NULL) return False; - vp = startsampwent(False); + vp = startsmbpwent(False); if (!vp) { - DEBUG(0, ("get_sampwd_entries: Unable to open SMB password file.\n")); + DEBUG(0, ("get_sampwd_entries: Unable to open SMB password database.\n")); return False; } - while (((pwd = getsampwent(vp)) != NULL) && (*num_entries) < max_num_entries) + while (((pwd = getsmbpwent(vp)) != NULL) && (*num_entries) < max_num_entries) { int user_name_len = strlen(pwd->smb_name); make_unistr2(&(pw_buf[(*num_entries)].uni_user_name), pwd->smb_name, user_name_len-1); @@ -77,7 +77,7 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, pw_buf[(*num_entries)].acb_info = (uint16)pwd->acct_ctrl; - DEBUG(5, ("get_sampwd_entries: idx: %d user %s, uid %d, acb %x", + DEBUG(5, ("get_smbpwd_entries: idx: %d user %s, uid %d, acb %x", (*num_entries), pwd->smb_name, pwd->smb_userid, pwd->acct_ctrl)); if (acb_mask == 0 || IS_BITS_SET_SOME(pwd->acct_ctrl, acb_mask)) @@ -93,7 +93,7 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, (*total_entries)++; } - endsampwent(vp); + endsmbpwent(vp); return (*num_entries) > 0; } @@ -812,7 +812,7 @@ static void samr_reply_open_user(SAMR_Q_OPEN_USER *q_u, } become_root(True); - smb_pass = getsampwuid(q_u->user_rid); + smb_pass = getsmbpwuid(q_u->user_rid); unbecome_root(True); /* check that the RID exists in our domain. */ @@ -864,13 +864,37 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid) { NTTIME dummy_time; struct sam_passwd *sam_pass; - LOGON_HRS hrs; int i; - become_root(True); - sam_pass = getsam21pwrid(rid); - unbecome_root(True); + /* + * Convert from rid to either a uid or gid as soon as + * possible. JRA. + */ + + if(pdb_rid_is_user(rid)) + { + uint32 uid = pdb_user_rid_to_uid(rid); + become_root(True); + sam_pass = getsam21pwuid(uid); + unbecome_root(True); + } + else + { + struct group *grent; + uint32 gid; + gid = pdb_group_rid_to_gid(rid); + if((grent = getgrgid(gid)) == NULL) + { + DEBUG(0,("get_user_info_21: Unable to get group info.\n")); + return False; + } + /* TODO - at this point we need to convert from + a UNIX struct group into a user info 21 structure. + Punt for now. JRA. + */ + return False; + } if (sam_pass == NULL) { @@ -1047,7 +1071,7 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u, if (status == 0x0) { become_root(True); - smb_pass = getsampwuid(rid); + smb_pass = getsmbpwuid(rid); unbecome_root(True); if (smb_pass == NULL) @@ -1146,7 +1170,7 @@ static void api_samr_unknown_32( int uid, prs_struct *data, prs_struct *rdata) q_u.uni_mach_acct.uni_str_len)); become_root(True); - smb_pass = getsampwnam(mach_acct); + smb_pass = getsmbpwnam(mach_acct); unbecome_root(True); if (smb_pass != NULL) diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index 632c508343..15c06d18bd 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -419,7 +419,7 @@ uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type) /* ok, it's a user. find the user account */ become_root(True); - smb_pass = getsampwuid(rid); /* lkclXXXX SHOULD use rid mapping here! */ + smb_pass = getsmbpwuid(rid); /* lkclXXXX SHOULD use rid mapping here! */ unbecome_root(True); if (smb_pass != NULL) @@ -481,7 +481,7 @@ uint32 lookup_user_rid(char *user_name, uint32 *rid) /* find the user account */ become_root(True); - smb_pass = getsampwnam(user_name); + smb_pass = getsmbpwnam(user_name); unbecome_root(True); if (smb_pass != NULL) diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index ece3107257..e8f3abc4f1 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -440,56 +440,56 @@ BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root) ************************************************************/ BOOL check_lanman_password(char *user, unsigned char *pass1, - unsigned char *pass2, struct smb_passwd **psampw) + unsigned char *pass2, struct smb_passwd **psmbpw) { unsigned char unenc_new_pw[16]; unsigned char unenc_old_pw[16]; unsigned char null_pw[16]; - struct smb_passwd *sampw; + struct smb_passwd *smbpw; - *psampw = NULL; + *psmbpw = NULL; become_root(0); - sampw = getsampwnam(user); + smbpw = getsmbpwnam(user); unbecome_root(0); - if(sampw == NULL) + if(smbpw == NULL) { - DEBUG(0,("check_lanman_password: getsampwnam returned NULL\n")); + DEBUG(0,("check_lanman_password: getsmbpwnam returned NULL\n")); return False; } - if(sampw->acct_ctrl & ACB_DISABLED) + if(smbpw->acct_ctrl & ACB_DISABLED) { DEBUG(0,("check_lanman_password: account %s disabled.\n", user)); return False; } - if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ)) + if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) { unsigned char no_pw[14]; memset(no_pw, '\0', 14); E_P16((uchar *)no_pw, (uchar *)null_pw); - sampw->smb_passwd = null_pw; - } else if (sampw->smb_passwd == NULL) { + smbpw->smb_passwd = null_pw; + } else if (smbpw->smb_passwd == NULL) { DEBUG(0,("check_lanman_password: no lanman password !\n")); return False; } /* Get the new lanman hash. */ - D_P16(sampw->smb_passwd, pass2, unenc_new_pw); + D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); /* Use this to get the old lanman hash. */ D_P16(unenc_new_pw, pass1, unenc_old_pw); /* Check that the two old passwords match. */ - if(memcmp(sampw->smb_passwd, unenc_old_pw, 16)) + if(memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) { DEBUG(0,("check_lanman_password: old password doesn't match.\n")); return False; } - *psampw = sampw; + *psmbpw = smbpw; return True; } @@ -499,44 +499,44 @@ BOOL check_lanman_password(char *user, unsigned char *pass1, no longer be valid. ************************************************************/ -BOOL change_lanman_password(struct smb_passwd *sampw, unsigned char *pass1, unsigned char *pass2) +BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsigned char *pass2) { unsigned char unenc_new_pw[16]; unsigned char null_pw[16]; BOOL ret; - if(sampw == NULL) + if(smbpw == NULL) { DEBUG(0,("change_lanman_password: no smb password entry.\n")); return False; } - if(sampw->acct_ctrl & ACB_DISABLED) + if(smbpw->acct_ctrl & ACB_DISABLED) { - DEBUG(0,("change_lanman_password: account %s disabled.\n", sampw->smb_name)); + DEBUG(0,("change_lanman_password: account %s disabled.\n", smbpw->smb_name)); return False; } - if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ)) + if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) { unsigned char no_pw[14]; memset(no_pw, '\0', 14); E_P16((uchar *)no_pw, (uchar *)null_pw); - sampw->smb_passwd = null_pw; - } else if (sampw->smb_passwd == NULL) { + smbpw->smb_passwd = null_pw; + } else if (smbpw->smb_passwd == NULL) { DEBUG(0,("change_lanman_password: no lanman password !\n")); return False; } /* Get the new lanman hash. */ - D_P16(sampw->smb_passwd, pass2, unenc_new_pw); + D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); - sampw->smb_passwd = unenc_new_pw; - sampw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */ + smbpw->smb_passwd = unenc_new_pw; + smbpw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */ /* Now write it into the file. */ become_root(0); - ret = mod_sampwd_entry(sampw,False); + ret = mod_smbpwd_entry(smbpw,False); unbecome_root(0); return ret; @@ -547,10 +547,10 @@ BOOL change_lanman_password(struct smb_passwd *sampw, unsigned char *pass1, unsi ************************************************************/ BOOL check_oem_password(char *user, unsigned char *data, - struct smb_passwd **psampw, char *new_passwd, + struct smb_passwd **psmbpw, char *new_passwd, int new_passwd_size) { - struct smb_passwd *sampw = NULL; + struct smb_passwd *smbpw = NULL; int new_pw_len; fstring upper_case_new_passwd; unsigned char new_p16[16]; @@ -558,28 +558,28 @@ BOOL check_oem_password(char *user, unsigned char *data, unsigned char null_pw[16]; become_root(0); - *psampw = sampw = getsampwnam(user); + *psmbpw = smbpw = getsmbpwnam(user); unbecome_root(0); - if(sampw == NULL) + if(smbpw == NULL) { - DEBUG(0,("check_oem_password: getsampwnam returned NULL\n")); + DEBUG(0,("check_oem_password: getsmbpwnam returned NULL\n")); return False; } - if(sampw->acct_ctrl & ACB_DISABLED) + if(smbpw->acct_ctrl & ACB_DISABLED) { DEBUG(0,("check_lanman_password: account %s disabled.\n", user)); return False; } - if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ)) + if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) { unsigned char no_pw[14]; memset(no_pw, '\0', 14); E_P16((uchar *)no_pw, (uchar *)null_pw); - sampw->smb_passwd = null_pw; - } else if (sampw->smb_passwd == NULL) { + smbpw->smb_passwd = null_pw; + } else if (smbpw->smb_passwd == NULL) { DEBUG(0,("check_oem_password: no lanman password !\n")); return False; } @@ -587,7 +587,7 @@ BOOL check_oem_password(char *user, unsigned char *data, /* * Call the hash function to get the new password. */ - SamOEMhash( (unsigned char *)data, (unsigned char *)sampw->smb_passwd, True); + SamOEMhash( (unsigned char *)data, (unsigned char *)smbpw->smb_passwd, True); /* * The length of the new password is in the last 4 bytes of @@ -619,7 +619,7 @@ BOOL check_oem_password(char *user, unsigned char *data, */ D_P16(new_p16, &data[516], unenc_old_pw); - if(memcmp(sampw->smb_passwd, unenc_old_pw, 16)) { + if(memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) { DEBUG(0,("check_oem_password: old password doesn't match.\n")); return False; } @@ -636,7 +636,7 @@ BOOL check_oem_password(char *user, unsigned char *data, override = True, override XXXXXXXXXX'd password ************************************************************/ -BOOL change_oem_password(struct smb_passwd *sampw, char *new_passwd, BOOL override) +BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL override) { int ret; fstring upper_case_new_passwd; @@ -649,14 +649,14 @@ BOOL change_oem_password(struct smb_passwd *sampw, char *new_passwd, BOOL overri E_P16((uchar *)upper_case_new_passwd, new_p16); - sampw->smb_passwd = new_p16; + smbpw->smb_passwd = new_p16; E_md4hash((uchar *) new_passwd, new_nt_p16); - sampw->smb_nt_passwd = new_nt_p16; + smbpw->smb_nt_passwd = new_nt_p16; /* Now write it into the file. */ become_root(0); - ret = mod_sampwd_entry(sampw,override); + ret = mod_smbpwd_entry(smbpw,override); unbecome_root(0); memset(upper_case_new_passwd, '\0', strlen(upper_case_new_passwd)); diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 73f6786a04..81aa578daf 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -43,6 +43,133 @@ static char *known_nt_pipes[] = { NULL }; +/**************************************************************************** + reply to an NT create and X call. +****************************************************************************/ + +THIS IS JUST CRIBBED FROM REPLY.C AT PRESENT AND IS A WORK +IN PROGRESS. JRA. + +int reply_ntcreate_and_X(char *inbuf,char *outbuf,int length,int bufsize) +{ + pstring fname; + int cnum = SVAL(inbuf,smb_tid); + int fnum = -1; + int smb_mode = SVAL(inbuf,smb_vwv3); + int smb_attr = SVAL(inbuf,smb_vwv5); + /* Breakout the oplock request bits so we can set the + reply bits separately. */ + BOOL ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf); + BOOL core_oplock_request = CORE_OPLOCK_REQUEST(inbuf); + BOOL oplock_request = ex_oplock_request | core_oplock_request; +#if 0 + int open_flags = SVAL(inbuf,smb_vwv2); + int smb_sattr = SVAL(inbuf,smb_vwv4); + uint32 smb_time = make_unix_date3(inbuf+smb_vwv6); +#endif + int smb_ofun = SVAL(inbuf,smb_vwv8); + int unixmode; + int size=0,fmode=0,mtime=0,rmode=0; + struct stat sbuf; + int smb_action = 0; + BOOL bad_path = False; + files_struct *fsp; + + /* If it's an IPC, pass off the pipe handler. */ + if (IS_IPC(cnum)) + return reply_open_pipe_and_X(inbuf,outbuf,length,bufsize); + + /* XXXX we need to handle passed times, sattr and flags */ + + pstrcpy(fname,smb_buf(inbuf)); + unix_convert(fname,cnum,0,&bad_path); + + fnum = find_free_file(); + if (fnum < 0) + return(ERROR(ERRSRV,ERRnofids)); + if (!check_name(fname,cnum)) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } + Files[fnum].reserved = False; + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + + unixmode = unix_mode(cnum,smb_attr | aARCH); + + open_file_shared(fnum,cnum,fname,smb_mode,smb_ofun,unixmode, + oplock_request, &rmode,&smb_action); + + fsp = &Files[fnum]; + + if (!fsp->open) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } + Files[fnum].reserved = False; + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + + if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + close_file(fnum,False); + return(ERROR(ERRDOS,ERRnoaccess)); + } + + size = sbuf.st_size; + fmode = dos_mode(cnum,fname,&sbuf); + mtime = sbuf.st_mtime; + if (fmode & aDIR) { + close_file(fnum,False); + return(ERROR(ERRDOS,ERRnoaccess)); + } + + /* If the caller set the extended oplock request bit + and we granted one (by whatever means) - set the + correct bit for extended oplock reply. + */ + + if (ex_oplock_request && lp_fake_oplocks(SNUM(cnum))) { + smb_action |= EXTENDED_OPLOCK_GRANTED; + } + + if(ex_oplock_request && fsp->granted_oplock) { + smb_action |= EXTENDED_OPLOCK_GRANTED; + } + + /* If the caller set the core oplock request bit + and we granted one (by whatever means) - set the + correct bit for core oplock reply. + */ + + if (core_oplock_request && lp_fake_oplocks(SNUM(cnum))) { + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + } + + if(core_oplock_request && fsp->granted_oplock) { + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + } + + set_message(outbuf,15,0,True); + SSVAL(outbuf,smb_vwv2,fnum); + SSVAL(outbuf,smb_vwv3,fmode); + if(lp_dos_filetime_resolution(SNUM(cnum)) ) + put_dos_date3(outbuf,smb_vwv4,mtime & ~1); + else + put_dos_date3(outbuf,smb_vwv4,mtime); + SIVAL(outbuf,smb_vwv6,size); + SSVAL(outbuf,smb_vwv8,rmode); + SSVAL(outbuf,smb_vwv11,smb_action); + + chain_fnum = fnum; + + return chain_reply(inbuf,outbuf,length,bufsize); +} /**************************************************************************** reply to an unsolicited SMBNTtranss - just ignore it! diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 3040775e03..a8d9ece557 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -429,21 +429,21 @@ update the encrypted smbpasswd file from the plaintext username and password *****************************************************************************/ BOOL update_smbpassword_file( char *user, fstring password) { - struct smb_passwd *sampw; + struct smb_passwd *smbpw; BOOL ret; become_root(0); - sampw = getsampwnam(user); + smbpw = getsmbpwnam(user); unbecome_root(0); - if(sampw == NULL) + if(smbpw == NULL) { - DEBUG(0,("update_smbpassword_file: getsampwnam returned NULL\n")); + DEBUG(0,("update_smbpassword_file: getsmbpwnam returned NULL\n")); return False; } /* Here, the flag is one, because we want to ignore the XXXXXXX'd out password */ - ret = change_oem_password( sampw, password, True); + ret = change_oem_password( smbpw, password, True); if (ret == False) DEBUG(3,("update_smbpasswd_file: change_oem_password returned False\n")); @@ -1131,7 +1131,7 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) return(False); } - smb_pass = getsampwnam(user); + smb_pass = getsmbpwnam(user); if (!smb_pass) { diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 21a20b0712..4cde83cefe 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -377,10 +377,10 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, char *smb_passwd, int smb_passlen, char *smb_nt_passwd, int smb_nt_passlen) { - struct smb_passwd *sam_trust_acct = NULL; /* check if trust account exists */ + struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ if (lp_security() == SEC_USER) { - sam_trust_acct = getsampwnam(user); + smb_trust_acct = getsmbpwnam(user); } else { @@ -389,7 +389,7 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (sam_trust_acct == NULL) + if (smb_trust_acct == NULL) { /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); @@ -405,28 +405,28 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(sam_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) + if (!smb_password_ok(smb_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_DOMTRUST)) + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_DOMTRUST)) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_SVRTRUST)) + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_SVRTRUST)) { DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_WSTRUST)) + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_WSTRUST)) { DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index 35283b824b..c01f29f94f 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -637,13 +637,13 @@ int main(int argc, char **argv) /* * Open the smbpaswd file. */ - vp = startsampwent(True); + vp = startsmbpwent(True); if (!vp && errno == ENOENT) { fp = fopen(lp_smb_passwd_file(), "w"); if (fp) { fprintf(fp, "# Samba SMB password file\n"); fclose(fp); - vp = startsampwent(True); + vp = startsmbpwent(True); } } if (!vp) { @@ -656,12 +656,12 @@ int main(int argc, char **argv) } /* Get the smb passwd entry for this user */ - smb_pwent = getsampwnam(user_name); + smb_pwent = getsmbpwnam(user_name); if (smb_pwent == NULL) { if(add_user == False) { fprintf(stderr, "%s: Failed to find entry for user %s.\n", prog_name, pwd->pw_name); - endsampwent(vp); + endsmbpwent(vp); exit(1); } @@ -684,14 +684,14 @@ int main(int argc, char **argv) new_smb_pwent.smb_nt_passwd = new_nt_p16; } - if(add_sampwd_entry(&new_smb_pwent) == False) { + if(add_smbpwd_entry(&new_smb_pwent) == False) { fprintf(stderr, "%s: Failed to add entry for user %s.\n", prog_name, pwd->pw_name); - endsampwent(vp); + endsmbpwent(vp); exit(1); } - endsampwent(vp); + endsmbpwent(vp); printf("%s: Added user %s.\n", prog_name, user_name); exit(0); } @@ -726,14 +726,14 @@ int main(int argc, char **argv) smb_pwent->smb_nt_passwd = new_nt_p16; } - if(mod_sampwd_entry(smb_pwent,True) == False) { + if(mod_smbpwd_entry(smb_pwent,True) == False) { fprintf(stderr, "%s: Failed to modify entry for user %s.\n", prog_name, pwd->pw_name); - endsampwent(vp); + endsmbpwent(vp); exit(1); } - endsampwent(vp); + endsmbpwent(vp); if(disable_user) printf("User %s disabled.\n", user_name); else if (set_no_password) -- cgit