From a3f891dbd2e9ee1681e3c8295cd62a877c727d4f Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 2 Jan 2002 07:41:54 +0000 Subject: Actually enforce the passdb API. Thou shalt not reference SAM_ACCOUNT members directly - always use pdb_get/pdb_set. This is achived by making the whole of SAM_ACCOUNT have a .private member, where the real members live. This caught a pile of examples, and these have beeen fixed. The pdb_get..() functions are 'const' (have been for some time) and this required a few small changes to constify other functions. I've also added some debugs to the pdb get and set, they can be removed if requested. I've rewritten the copy_id2x_to_sam_pass() functions to use the new passdb interface, but I need the flags info to do it properly. The pdb_free_sam() funciton now blanks out the LM and NT hashes, and as such I have removed many extra 'samr_clear_sam_passwd(smbpass)' calls as a result. Finally, any and all testing is always appriciated - but the basics seem to work. Andrew Bartlett (This used to be commit d3dd28f6c443187b8d820d5a39c7c5b3be2fa95c) --- source3/include/smb.h | 103 +++++++++++++++++++++++++++----------------------- 1 file changed, 55 insertions(+), 48 deletions(-) (limited to 'source3/include/smb.h') diff --git a/source3/include/smb.h b/source3/include/smb.h index 5b57c8318c..d4161323e3 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -432,6 +432,12 @@ typedef struct files_struct char *fsp_name; } files_struct; +/* used to hold an arbitrary blob of data */ +typedef struct { + uint8 *data; + size_t length; +} DATA_BLOB; + /* * Structure used to keep directory state information around. * Used in NT change-notify code. @@ -588,6 +594,9 @@ typedef struct { #define SHAREMODE_FN(fn) \ void (*fn)(share_mode_entry *, char*) +#define NT_HASH_LEN 16 +#define LM_HASH_LEN 16 + /* * bit flags representing initialized fields in SAM_ACCOUNT */ @@ -600,53 +609,57 @@ typedef struct { #define FLAG_SAM_DRIVE 0x00000020 #define IS_SAM_UNIX_USER(x) \ - (((x)->init_flag & FLAG_SAM_UID) \ - && ((x)->init_flag & FLAG_SAM_GID)) + ((pdb_get_init_flag(x) & FLAG_SAM_UID) \ + && (pdb_get_init_flag(x) & FLAG_SAM_GID)) #define IS_SAM_SET(x, flag) ((x)->init_flag & (flag)) typedef struct sam_passwd { - /* initiailization flags */ - uint32 init_flag; - - time_t logon_time; /* logon time */ - time_t logoff_time; /* logoff time */ - time_t kickoff_time; /* kickoff time */ - time_t pass_last_set_time; /* password last set time */ - time_t pass_can_change_time; /* password can change time */ - time_t pass_must_change_time; /* password must change time */ - - pstring username; /* UNIX username string */ - pstring domain; /* Windows Domain name */ - pstring nt_username; /* Windows username string */ - pstring full_name; /* user's full name string */ - pstring home_dir; /* home directory string */ - pstring dir_drive; /* home directory drive string */ - pstring logon_script; /* logon script string */ - pstring profile_path; /* profile path string */ - pstring acct_desc ; /* user description string */ - pstring workstations; /* login from workstations string */ - pstring unknown_str ; /* don't know what this is, yet. */ - pstring munged_dial ; /* munged path name and dial-back tel number */ - - uid_t uid; /* this is a pointer to the unix uid_t */ - gid_t gid; /* this is a pointer to the unix gid_t */ - uint32 user_rid; /* Primary User ID */ - uint32 group_rid; /* Primary Group ID */ - - unsigned char *lm_pw; /* Null if no password */ - unsigned char *nt_pw; /* Null if no password */ - - uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */ - uint32 unknown_3; /* 0x00ff ffff */ - - uint16 logon_divs; /* 168 - number of hours in a week */ - uint32 hours_len; /* normally 21 bytes */ - uint8 hours[MAX_HOURS_LEN]; - - uint32 unknown_5; /* 0x0002 0000 */ - uint32 unknown_6; /* 0x0000 04ec */ + struct { + /* initiailization flags */ + uint32 init_flag; + + time_t logon_time; /* logon time */ + time_t logoff_time; /* logoff time */ + time_t kickoff_time; /* kickoff time */ + time_t pass_last_set_time; /* password last set time */ + time_t pass_can_change_time; /* password can change time */ + time_t pass_must_change_time; /* password must change time */ + + pstring username; /* UNIX username string */ + pstring domain; /* Windows Domain name */ + pstring nt_username; /* Windows username string */ + pstring full_name; /* user's full name string */ + pstring home_dir; /* home directory string */ + pstring dir_drive; /* home directory drive string */ + pstring logon_script; /* logon script string */ + pstring profile_path; /* profile path string */ + pstring acct_desc ; /* user description string */ + pstring workstations; /* login from workstations string */ + pstring unknown_str ; /* don't know what this is, yet. */ + pstring munged_dial ; /* munged path name and dial-back tel number */ + + uid_t uid; /* this is a unix uid_t */ + gid_t gid; /* this is a unix gid_t */ + uint32 user_rid; /* Primary User ID */ + uint32 group_rid; /* Primary Group ID */ + + DATA_BLOB lm_pw; /* .data is Null if no password */ + DATA_BLOB nt_pw; /* .data is Null if no password */ + + uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */ + uint32 unknown_3; /* 0x00ff ffff */ + + uint16 logon_divs; /* 168 - number of hours in a week */ + uint32 hours_len; /* normally 21 bytes */ + uint8 hours[MAX_HOURS_LEN]; + + uint32 unknown_5; /* 0x0002 0000 */ + uint32 unknown_6; /* 0x0000 04ec */ + } private; + /* Lets see if the remaining code can get the hint that you + are meant to use the pdb_...() functions. */ } SAM_ACCOUNT; @@ -1616,12 +1629,6 @@ typedef struct user_struct int session_id; /* used by utmp and pam session code */ } user_struct; -/* used to hold an arbitrary blob of data */ -typedef struct { - uint8 *data; - size_t length; -} DATA_BLOB; - #include "ntdomain.h" -- cgit