From 30038de4623bc827ee8019c569faf00583d1fe58 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sun, 29 Nov 1998 20:03:33 +0000 Subject: weekend work. user / group database API. - split sam_passwd and smb_passwd into separate higher-order function tables - renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user" plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd password databases to fill in the blank entries that are not obtained from whatever password database API instance is being used. NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c for the only example outside of the password database APIs i could find. - added query_useraliases code to rpcclient. - dealt with some nasty interdependencies involving non-smbd programs and the password database API. this is still not satisfactorily resolved completelely, but it's the best i can do for now. - #ifdef'd out some password database options so that people don't mistakenly set them unless they recompile to _use_ those options. lots of debugging done, it's still not finished. the unix/NT uid/gid and user-rid/group-rid issues are better, but not perfect. the "BUILTIN" domain is still missing: users cannot be added to "BUILTIN" groups yet, as we only have an "alias" db API and a "group" db API but not "builtin-alias" db API... (This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1) --- source3/lib/util.c | 103 ++++++++++++++++++++++++++++--------------------- source3/lib/util_sid.c | 37 +++++++++++++++--- 2 files changed, 91 insertions(+), 49 deletions(-) (limited to 'source3/lib') diff --git a/source3/lib/util.c b/source3/lib/util.c index 757abc8175..8bc75e1137 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -121,7 +121,7 @@ BOOL in_group(gid_t group, gid_t current_gid, int ngroups, gid_t *groups) /**************************************************************************** gets either a hex number (0xNNN) or decimal integer (NNN). ****************************************************************************/ -int get_number(char *tmp) +int get_number(const char *tmp) { if (strnequal(tmp, "0x", 2)) { @@ -2185,33 +2185,18 @@ void standard_sub(connection_struct *conn,char *str) { char *p, *s, *home; - for (s=str; (p=strchr(s, '%'));s=p) { - switch (*(p+1)) { - case 'H': - if ((home = get_home_dir(conn->user))) { - string_sub(p,"%H",home); - } else { - p += 2; - } - break; - - case 'P': - string_sub(p,"%P",conn->connectpath); - break; - - case 'S': - string_sub(p,"%S", - lp_servicename(SNUM(conn))); - break; - - case 'g': - string_sub(p,"%g", - gidtoname(conn->gid)); - break; - case 'u': - string_sub(p,"%u",conn->user); - break; - + for (s=str; (p=strchr(s, '%'));s=p) + { + switch (*(p+1)) + { + case 'H': + if ((home = get_home_dir(conn->user)) != NULL) { + string_sub(p,"%H",home); + } else { + p += 2; + } + break; + /* Patch from jkf@soton.ac.uk Left the %N (NIS * server name) in standard_sub_basic as it is * a feature for logon servers, hence uses the @@ -2219,17 +2204,14 @@ void standard_sub(connection_struct *conn,char *str) * here as it is used instead of the default * "path =" string in [homes] and so needs the * service name, not the username. */ - case 'p': - string_sub(p,"%p", - automount_path(lp_servicename(SNUM(conn)))); - break; - case '\0': - p++; - break; /* don't run off the end of the string - */ - - default: p+=2; - break; + case 'p': string_sub(p,"%p", automount_path(lp_servicename(SNUM(conn)))); break; + case 'P': string_sub(p,"%P",conn->connectpath); break; + case 'S': string_sub(p,"%S", lp_servicename(SNUM(conn))); break; + case 'g': string_sub(p,"%g", gidtoname(conn->gid)); break; + case 'u': string_sub(p,"%u", conn->user); break; + + case '\0': p++; break; /* don't run off the end of the string */ + default : p+=2; break; } } @@ -2350,14 +2332,49 @@ char *gidtoname(gid_t gid) return(name); } +/******************************************************************* +turn a group name into a gid +********************************************************************/ + +BOOL nametogid(const char *name, gid_t *gid) +{ + struct group *grp = getgrnam(name); + if (grp) + { + *gid = grp->gr_gid; + return True; + } + else if (isdigit(name[0])) + { + *gid = (gid_t)get_number(name); + return True; + } + else + { + return False; + } +} + /******************************************************************* turn a user name into a uid ********************************************************************/ -uid_t nametouid(const char *name) +BOOL nametouid(const char *name, uid_t *uid) { - struct passwd *pass = getpwnam(name); - if (pass) return(pass->pw_uid); - return (uid_t)-1; + struct passwd *pass = Get_Pwnam(name, False); + if (pass) + { + *uid = pass->pw_uid; + return True; + } + else if (isdigit(name[0])) + { + *uid = (uid_t)get_number(name); + return True; + } + else + { + return False; + } } /******************************************************************* diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index 8741479067..48c092ecf7 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -29,7 +29,7 @@ extern int DEBUGLEVEL; Convert a SID to an ascii string. *****************************************************************/ -char *sid_to_string(pstring sidstr_out, DOM_SID *sid) +char *sid_to_string(pstring sidstr_out, const DOM_SID *sid) { char subauth[16]; int i; @@ -55,10 +55,10 @@ char *sid_to_string(pstring sidstr_out, DOM_SID *sid) Convert a string to a SID. Returns True on success, False on fail. *****************************************************************/ -BOOL string_to_sid(DOM_SID *sidout, char *sidstr) +BOOL string_to_sid(DOM_SID *sidout, const char *sidstr) { pstring tok; - char *p = sidstr; + const char *p = sidstr; /* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */ uint32 ia; @@ -146,7 +146,7 @@ BOOL sid_split_rid(DOM_SID *sid, uint32 *rid) /***************************************************************** copies a sid *****************************************************************/ -void sid_copy(DOM_SID *sid1, DOM_SID *sid2) +void sid_copy(DOM_SID *sid1, const DOM_SID *sid2) { int i; @@ -163,10 +163,35 @@ void sid_copy(DOM_SID *sid1, DOM_SID *sid2) sid1->num_auths = sid2->num_auths; sid1->sid_rev_num = sid2->sid_rev_num; } + +/***************************************************************** + compare two sids up to the auths of the first sid +*****************************************************************/ +BOOL sid_front_equal(const DOM_SID *sid1, const DOM_SID *sid2) +{ + int i; + + /* compare most likely different rids, first: i.e start at end */ + for (i = sid1->num_auths-1; i >= 0; --i) + { + if (sid1->sub_auths[i] != sid2->sub_auths[i]) return False; + } + + if (sid1->num_auths > sid2->num_auths ) return False; + if (sid1->sid_rev_num != sid2->sid_rev_num) return False; + + for (i = 0; i < 6; i++) + { + if (sid1->id_auth[i] != sid2->id_auth[i]) return False; + } + + return True; +} + /***************************************************************** compare two sids *****************************************************************/ -BOOL sid_equal(DOM_SID *sid1, DOM_SID *sid2) +BOOL sid_equal(const DOM_SID *sid1, const DOM_SID *sid2) { int i; @@ -191,7 +216,7 @@ BOOL sid_equal(DOM_SID *sid1, DOM_SID *sid2) /***************************************************************** calculates size of a sid *****************************************************************/ -int sid_size(DOM_SID *sid) +int sid_size(const DOM_SID *sid) { if (sid == NULL) { -- cgit