From 1a74d8d1f0758d15c5c35d20e33d9868565812cf Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sun, 20 Jan 2002 14:30:58 +0000
Subject: This is another *BIG* change...

Samba now features a pluggable passdb interface, along the same lines as the
one in use in the auth subsystem.  In this case, only one backend may be active
at a time by the 'normal' interface, and only one backend per passdb_context is
permitted outside that.

This pluggable interface is designed to allow any number of passdb backends to
be compiled in, with the selection at runtime.  The 'passdb backend' paramater
has been created (and documented!) to support this.

As such, configure has been modfied to allow (for example) --with-ldap and the
old smbpasswd to be selected at the same time.

This patch also introduces two new backends:  smbpasswd_nua and tdbsam_nua.
These two backends accept 'non unix accounts', where the user does *not* exist
in /etc/passwd.  These accounts' don't have UIDs in the unix sense, but to
avoid conflicts in the algroitmic mapping of RIDs, they use the values
specified in the 'non unix account range' paramter - in the same way as the
winbind ranges are specifed.

While I was at it, I cleaned up some of the code in pdb_tdb (code copied
directly from smbpasswd and not really considered properly).  Most of this was
to do with % macro expansion on stored data.  It isn't easy to get the macros
into the tdb, and the first password change will 'expand' them.  tdbsam needs
to use a similar system to pdb_ldap in this regard.

This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I
don't have the test facilities for these.  I plan to incoroprate at least
pdb_ldap into this scheme after consultation with Jerry.

Each (converted) passdb module now no longer has any 'static' variables, and
only exports 1 init function outside its .c file.

The non-unix-account support in this patch has been proven!  It is now possible
to join a win2k machine to a Samba PDC without an account in /etc/passwd!

Other changes:

Minor interface adjustments:
pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*.

pdb_update_sam_account() no longer takes the 'override' argument that was being
ignored so often (every other passdb backend).  Extra checks have been added in
some places.

Minor code changes:
smbpasswd no longer attempts to initialise the passdb at startup, this is
now done on first use.

pdbedit has lost some of its 'machine account' logic, as this behaviour is now
controlled by the passdb subsystem directly.

The samr subsystem no longer calls 'local password change', but does the pdb
interactions directly.  This allow the ACB_ flags specifed to be transferred
direct to the backend, without interference.

Doco:

I've updated the doco to reflect some of the changes, and removed some paramters
no longer applicable to HEAD.
(This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
---
 source3/passdb/pdb_interface.c | 368 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 368 insertions(+)
 create mode 100644 source3/passdb/pdb_interface.c

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
new file mode 100644
index 0000000000..b5e7273520
--- /dev/null
+++ b/source3/passdb/pdb_interface.c
@@ -0,0 +1,368 @@
+/* 
+   Unix SMB/Netbios implementation.
+   Version 3.0
+   Password and authentication handling
+   Copyright (C) Andrew Bartlett		    2002
+      
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+/** List of various built-in passdb modules */
+
+const struct pdb_init_function builtin_pdb_init_functions[] = {
+	{ "smbpasswd", pdb_init_smbpasswd },
+	{ "smbpasswd_nua", pdb_init_smbpasswd_nua },
+	{ "tdbsam", pdb_init_tdbsam },
+	{ "tdbsam_nua", pdb_init_tdbsam_nua },
+#if 0
+	{ "ldap", pdb_init_ldap },
+	{ "nisplus", pdb_init_nisplus },	
+	{ "unix", pdb_init_unix },
+#endif
+	{ NULL, NULL}
+};
+
+static BOOL context_setsampwent(struct pdb_context *context, BOOL update)
+{
+	if ((!context) || (!context->pdb_selected)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+	
+	return context->pdb_selected->setsampwent(context, update);
+}
+
+static void context_endsampwent(struct pdb_context *context)
+{
+	if ((!context) || (!context->pdb_selected)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return;
+	}
+	
+	context->pdb_selected->endsampwent(context);
+}
+
+static BOOL context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *user)
+{
+	if ((!context) || (!context->pdb_selected)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+	
+	return context->pdb_selected->getsampwent(context, user);
+}
+
+static BOOL context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const char *username)
+{
+	if ((!context) || (!context->pdb_selected)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+	
+	return context->pdb_selected->getsampwnam(context, sam_acct, username);
+}
+
+static BOOL context_getsampwrid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, uint32 rid)
+{
+	if ((!context) || (!context->pdb_selected)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+	
+	return context->pdb_selected->getsampwrid(context, sam_acct, rid);
+}
+
+static BOOL context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
+{
+	if ((!context) || (!context->pdb_selected)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+	
+	/** @todo  This is where a 're-read on add' should be done */
+  
+	return context->pdb_selected->add_sam_account(context, sam_acct);
+}
+
+static BOOL context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
+{
+	if ((!context) || (!context->pdb_selected)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+	
+	/** @todo  This is where a 're-read on update' should be done */
+	
+	return context->pdb_selected->update_sam_account(context, sam_acct);
+}
+
+static BOOL context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
+{
+	if ((!context) || (!context->pdb_selected)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+	
+	return context->pdb_selected->delete_sam_account(context, sam_acct);
+}
+
+static void free_pdb_context(struct pdb_context **context) 
+{
+	if (((*context)->pdb_selected) && ((*context)->pdb_selected->free_private_data)) {
+		(*context)->pdb_selected->free_private_data((*context)->pdb_selected->private_data);
+	}
+
+	talloc_destroy((*context)->mem_ctx);
+	*context = NULL;
+}
+
+/******************************************************************
+ Make a pdb_context from scratch.
+*******************************************************************/
+
+static NTSTATUS make_pdb_context(struct pdb_context **context) 
+{
+	TALLOC_CTX *mem_ctx;
+	
+	mem_ctx = talloc_init_named("pdb_context internal allocation context");
+
+	if (!mem_ctx) {
+		DEBUG(0, ("make_pdb_context: talloc init failed!\n"));
+		return NT_STATUS_NO_MEMORY;
+	}		
+
+	*context = talloc(mem_ctx, sizeof(**context));
+	if (!*context) {
+		DEBUG(0, ("make_pdb_context: talloc failed!\n"));
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	ZERO_STRUCTP(*context);
+
+	(*context)->mem_ctx = mem_ctx;
+
+	(*context)->pdb_setsampwent = context_setsampwent;
+	(*context)->pdb_endsampwent = context_endsampwent;
+	(*context)->pdb_getsampwent = context_getsampwent;
+	(*context)->pdb_getsampwnam = context_getsampwnam;
+	(*context)->pdb_getsampwrid = context_getsampwrid;
+	(*context)->pdb_add_sam_account = context_add_sam_account;
+	(*context)->pdb_update_sam_account = context_update_sam_account;
+	(*context)->pdb_delete_sam_account = context_delete_sam_account;
+
+	(*context)->free_fn = free_pdb_context;
+	
+	return NT_STATUS_OK;
+}
+
+
+/******************************************************************
+ Make a pdb_context, given a text string.
+*******************************************************************/
+
+NTSTATUS make_pdb_context_name(struct pdb_context **context, char *selected) 
+{
+	/* HINT: Don't store 'selected' becouse its often an lp_ string and will 'go away' */
+	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+	int i;
+	
+	if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context))) {
+		return nt_status;
+	}
+	
+	DEBUG(5,("Attempting to find an passdb backend to match %s\n", selected));
+	for (i = 0; builtin_pdb_init_functions[i].name; i++)
+	{
+		if (strequal(builtin_pdb_init_functions[i].name, selected))
+		{
+			DEBUG(5,("Found pdb backend %s (at pos %d)\n", selected, i));
+			if (NT_STATUS_IS_OK(nt_status 
+					    = builtin_pdb_init_functions[i].init(*context, &(*context)->pdb_selected, NULL))) {
+				DEBUG(5,("pdb backend %s has a valid init\n", selected));
+				(*context)->pdb_selected->name = builtin_pdb_init_functions[i].name;
+			} else {
+				DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, get_nt_error_msg(nt_status)));
+				(*context)->pdb_selected = NULL;
+			}
+			break;
+		}
+	}
+	
+	if (!(*context)->pdb_selected) {
+		DEBUG(0,("failed to select passdb backed!\n"));
+		talloc_destroy((*context)->mem_ctx);
+		*context = NULL;
+		return nt_status;
+	}
+
+	return NT_STATUS_OK;
+}
+
+
+/******************************************************************
+ Return an already initilised pdb_context, to facilitate backward 
+ compatiablity (see functions below).
+*******************************************************************/
+
+static struct pdb_context *pdb_get_static_context(BOOL reload) 
+{
+	static struct pdb_context *pdb_context = NULL;
+	
+	if ((pdb_context) && (reload)) {
+		pdb_context->free_fn(&pdb_context);
+		if (!NT_STATUS_IS_OK(make_pdb_context_name(&pdb_context, lp_passdb_backend()))) {
+			return NULL;
+		}
+	}
+	
+	if (!pdb_context) {
+		if (!NT_STATUS_IS_OK(make_pdb_context_name(&pdb_context, lp_passdb_backend()))) {
+			return NULL;
+		}
+	}
+	
+	return pdb_context;
+}
+
+#if !defined(WITH_LDAP_SAM) && !defined(WITH_NISPLUS_SAM)
+
+/******************************************************************
+ Backward compatability functions for the original passdb interface
+*******************************************************************/
+
+BOOL pdb_setsampwent(BOOL update) 
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return pdb_context->pdb_setsampwent(pdb_context, update);
+}
+
+void pdb_endsampwent(void) 
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return;
+	}
+
+	pdb_context->pdb_endsampwent(pdb_context);
+}
+
+BOOL pdb_getsampwent(SAM_ACCOUNT *user) 
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return pdb_context->pdb_getsampwent(pdb_context, user);
+}
+
+BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username) 
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return pdb_context->pdb_getsampwnam(pdb_context, sam_acct, username);
+}
+
+BOOL pdb_getsampwrid(SAM_ACCOUNT *sam_acct, uint32 rid) 
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return pdb_context->pdb_getsampwrid(pdb_context, sam_acct, rid);
+}
+
+BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct) 
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return pdb_context->pdb_add_sam_account(pdb_context, sam_acct);
+}
+
+BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct) 
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return pdb_context->pdb_update_sam_account(pdb_context, sam_acct);
+}
+
+BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct) 
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	
+	if (!pdb_context) {
+		return False;
+	}
+	
+	return pdb_context->pdb_delete_sam_account(pdb_context, sam_acct);
+}
+
+#endif /* !defined(WITH_LDAP_SAM) && !defined(WITH_NISPLUS_SAM) */
+
+/***************************************************************
+ Initialize the static context (at smbd startup etc). 
+
+ If uninitialised, context will auto-init on first use.
+***************************************************************/
+
+BOOL initialize_password_db(BOOL reload)
+{	
+	return (pdb_get_static_context(reload) != NULL);
+}
+
+
+NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) 
+{
+	*methods = talloc(mem_ctx, sizeof(struct pdb_methods));
+
+	if (!*methods) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	ZERO_STRUCTP(*methods);
+
+	return NT_STATUS_OK;
+}
+
+
+
+
+
+
+
+
-- 
cgit 


From 320f7cb4ac66bbb9fbfdd1f8b330264127c3f730 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 25 Jan 2002 11:44:15 +0000
Subject: Passdb changes:

Modules now name themselves, which should allow for sane behaviour when we get
an 'extern' passdb module (which in turn loads a .so).

Fix up tdbsam for non-unix-accounts.  Not sure if this fixes idra's bug, but
its a start...

Andrew Bartlett
(This used to be commit 7d576d89d7b4a7b95e87a844568d7d7cd89f0542)
---
 source3/passdb/pdb_interface.c | 24 +++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index b5e7273520..7c6f5e4da9 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -174,12 +174,27 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
  Make a pdb_context, given a text string.
 *******************************************************************/
 
-NTSTATUS make_pdb_context_name(struct pdb_context **context, char *selected) 
+NTSTATUS make_pdb_context_name(struct pdb_context **context, const char *selected) 
 {
 	/* HINT: Don't store 'selected' becouse its often an lp_ string and will 'go away' */
 	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
 	int i;
+	char *module_name = smb_xstrdup(selected);
+	char *module_location = NULL;
+	char *p;
+
+	p = strchr(module_name, ':');
+	
+	if (p) {
+		*p = 0;
 	
+		module_location = p+1;
+		
+		trim_string(module_location, " ", " ");
+	}
+
+	trim_string(module_name, " ", " ");
+
 	if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context))) {
 		return nt_status;
 	}
@@ -187,13 +202,12 @@ NTSTATUS make_pdb_context_name(struct pdb_context **context, char *selected)
 	DEBUG(5,("Attempting to find an passdb backend to match %s\n", selected));
 	for (i = 0; builtin_pdb_init_functions[i].name; i++)
 	{
-		if (strequal(builtin_pdb_init_functions[i].name, selected))
+		if (strequal(builtin_pdb_init_functions[i].name, module_name))
 		{
-			DEBUG(5,("Found pdb backend %s (at pos %d)\n", selected, i));
+			DEBUG(5,("Found pdb backend %s (at pos %d)\n", module_location, i));
 			if (NT_STATUS_IS_OK(nt_status 
-					    = builtin_pdb_init_functions[i].init(*context, &(*context)->pdb_selected, NULL))) {
+					    = builtin_pdb_init_functions[i].init(*context, &(*context)->pdb_selected, module_location))) {
 				DEBUG(5,("pdb backend %s has a valid init\n", selected));
-				(*context)->pdb_selected->name = builtin_pdb_init_functions[i].name;
 			} else {
 				DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, get_nt_error_msg(nt_status)));
 				(*context)->pdb_selected = NULL;
-- 
cgit 


From 806991158ef016cd7a723912a6eebe1f6d3b0ed1 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sat, 26 Jan 2002 06:18:59 +0000
Subject: fix typo (This used to be commit
 8ffc024ebc73dee32a9dfc1873e824c996205475)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7c6f5e4da9..5264c0d060 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -204,7 +204,7 @@ NTSTATUS make_pdb_context_name(struct pdb_context **context, const char *selecte
 	{
 		if (strequal(builtin_pdb_init_functions[i].name, module_name))
 		{
-			DEBUG(5,("Found pdb backend %s (at pos %d)\n", module_location, i));
+			DEBUG(5,("Found pdb backend %s (at pos %d)\n", module_name, i));
 			if (NT_STATUS_IS_OK(nt_status 
 					    = builtin_pdb_init_functions[i].init(*context, &(*context)->pdb_selected, module_location))) {
 				DEBUG(5,("pdb backend %s has a valid init\n", selected));
-- 
cgit 


From cd68afe31256ad60748b34f7318a180cfc2127cc Mon Sep 17 00:00:00 2001
From: Tim Potter <tpot@samba.org>
Date: Wed, 30 Jan 2002 06:08:46 +0000
Subject: Removed version number from file header.

Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
---
 source3/passdb/pdb_interface.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 5264c0d060..13d483fc25 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1,6 +1,5 @@
 /* 
-   Unix SMB/Netbios implementation.
-   Version 3.0
+   Unix SMB/CIFS implementation.
    Password and authentication handling
    Copyright (C) Andrew Bartlett		    2002
       
-- 
cgit 


From 527aaf6def6b53c0e01fc5d8369b06be4237fca0 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 22 Feb 2002 02:47:53 +0000
Subject: Add the pdb_plugin module from Jelmer Vernooij <jelmer@nl.linux.org>.

This allow the user to select
'passdb backend = plugin : /path/to/plugin.so : pluging args'

And load any arbitary plugin.  Apparently Jelmer has a mysql plugin in the
works - hence this patch.

We probably need to rework the interface a bit before 3.0 (add versioning of
some kind) but this is a good start.

Andrew Bartlett
(This used to be commit d6d18b70f0c377344b0b3d9df5a11d209793bfe0)
---
 source3/passdb/pdb_interface.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 13d483fc25..73532984b6 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -22,7 +22,7 @@
 
 /** List of various built-in passdb modules */
 
-const struct pdb_init_function builtin_pdb_init_functions[] = {
+const struct pdb_init_function_entry builtin_pdb_init_functions[] = {
 	{ "smbpasswd", pdb_init_smbpasswd },
 	{ "smbpasswd_nua", pdb_init_smbpasswd_nua },
 	{ "tdbsam", pdb_init_tdbsam },
@@ -32,6 +32,7 @@ const struct pdb_init_function builtin_pdb_init_functions[] = {
 	{ "nisplus", pdb_init_nisplus },	
 	{ "unix", pdb_init_unix },
 #endif
+	{ "plugin", pdb_init_plugin },
 	{ NULL, NULL}
 };
 
@@ -198,7 +199,7 @@ NTSTATUS make_pdb_context_name(struct pdb_context **context, const char *selecte
 		return nt_status;
 	}
 	
-	DEBUG(5,("Attempting to find an passdb backend to match %s\n", selected));
+	DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
 	for (i = 0; builtin_pdb_init_functions[i].name; i++)
 	{
 		if (strequal(builtin_pdb_init_functions[i].name, module_name))
@@ -214,7 +215,7 @@ NTSTATUS make_pdb_context_name(struct pdb_context **context, const char *selecte
 			break;
 		}
 	}
-	
+    
 	if (!(*context)->pdb_selected) {
 		DEBUG(0,("failed to select passdb backed!\n"));
 		talloc_destroy((*context)->mem_ctx);
-- 
cgit 


From 2ef9be9a99cbd4b3c5076433153d675aa0cd4ca2 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sat, 2 Mar 2002 10:16:28 +0000
Subject: This patch merges my private LDAP tree into HEAD.

The main change here is to move ldap into the new pluggable passdb subsystem
and to take the LDAP location as a 'location' paramter on the 'passdb backend'
line in the smb.conf.  This is an LDAP URL, parsed by OpenLDAP where supported,
and by hand where it isn't.

It also adds the ldap user suffix and ldap machine suffix smb.conf options,
so that machines added to the LDAP dir don't get mixed in with people.

Non-unix account support is also added.  This means that machines don't need to
be in /etc/passwd or in nss_ldap's scope.

This code has stood up well under my production environment, so it relitivly
well tested.

I'm commiting this now becouse others have shown interest in using it, and
there is no point 'hording' the code :-).

Andrew Bartlett
(This used to be commit cd5234d7dd7309d88944b83d807c1f1c2ca0460a)
---
 source3/passdb/pdb_interface.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 73532984b6..953b5c4d2f 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -27,8 +27,9 @@ const struct pdb_init_function_entry builtin_pdb_init_functions[] = {
 	{ "smbpasswd_nua", pdb_init_smbpasswd_nua },
 	{ "tdbsam", pdb_init_tdbsam },
 	{ "tdbsam_nua", pdb_init_tdbsam_nua },
+	{ "ldapsam", pdb_init_ldapsam },
+	{ "ldapsam_nua", pdb_init_ldapsam_nua },
 #if 0
-	{ "ldap", pdb_init_ldap },
 	{ "nisplus", pdb_init_nisplus },	
 	{ "unix", pdb_init_unix },
 #endif
@@ -252,7 +253,7 @@ static struct pdb_context *pdb_get_static_context(BOOL reload)
 	return pdb_context;
 }
 
-#if !defined(WITH_LDAP_SAM) && !defined(WITH_NISPLUS_SAM)
+#if !defined(WITH_NISPLUS_SAM)
 
 /******************************************************************
  Backward compatability functions for the original passdb interface
@@ -346,7 +347,7 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
 	return pdb_context->pdb_delete_sam_account(pdb_context, sam_acct);
 }
 
-#endif /* !defined(WITH_LDAP_SAM) && !defined(WITH_NISPLUS_SAM) */
+#endif /* !defined(WITH_NISPLUS_SAM) */
 
 /***************************************************************
  Initialize the static context (at smbd startup etc). 
-- 
cgit 


From ab13654dc9ac23872e4d1384e1c54e336f113009 Mon Sep 17 00:00:00 2001
From: Tim Potter <tpot@samba.org>
Date: Sun, 17 Mar 2002 04:36:35 +0000
Subject: Renamed get_nt_error_msg() to nt_errstr(). (This used to be commit
 1f007d3ed41c1b71a89fa6be7d173e67e927c302)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 953b5c4d2f..29f08cf46c 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -210,7 +210,7 @@ NTSTATUS make_pdb_context_name(struct pdb_context **context, const char *selecte
 					    = builtin_pdb_init_functions[i].init(*context, &(*context)->pdb_selected, module_location))) {
 				DEBUG(5,("pdb backend %s has a valid init\n", selected));
 			} else {
-				DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, get_nt_error_msg(nt_status)));
+				DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
 				(*context)->pdb_selected = NULL;
 			}
 			break;
-- 
cgit 


From 9fffb0859d07a885278c395a366656f05731235c Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Mon, 18 Mar 2002 11:35:53 +0000
Subject: Start to switch away from the alghorithmic uid->rid mapping model
 (This used to be commit 724390a8daabbecd236960562e0a50f62c6904f1)

---
 source3/passdb/pdb_interface.c | 44 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 29f08cf46c..2fc04bc3b5 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -121,6 +121,26 @@ static BOOL context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT
 	return context->pdb_selected->delete_sam_account(context, sam_acct);
 }
 
+static uint32 context_uid_to_user_rid(struct pdb_context *context, uid_t uid)
+{
+	if ((!context) || (!context->pdb_selected)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+	
+	return context->pdb_selected->uid_to_user_rid(context, uid);
+}
+
+static uid_t context_user_rid_to_uid(struct pdb_context *context, uint32 rid)
+{
+	if ((!context) || (!context->pdb_selected)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+	
+	return context->pdb_selected->user_rid_to_uid(context, rid);
+}
+
 static void free_pdb_context(struct pdb_context **context) 
 {
 	if (((*context)->pdb_selected) && ((*context)->pdb_selected->free_private_data)) {
@@ -164,6 +184,8 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_add_sam_account = context_add_sam_account;
 	(*context)->pdb_update_sam_account = context_update_sam_account;
 	(*context)->pdb_delete_sam_account = context_delete_sam_account;
+	(*context)->pdb_uid_to_user_rid = context_uid_to_user_rid;
+	(*context)->pdb_user_rid_to_uid = context_user_rid_to_uid;
 
 	(*context)->free_fn = free_pdb_context;
 	
@@ -347,6 +369,28 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
 	return pdb_context->pdb_delete_sam_account(pdb_context, sam_acct);
 }
 
+uid_t pdb_user_rid_to_uid(uint32 rid)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	
+	if (!pdb_context) {
+		return False;
+	}
+	
+	return pdb_context->pdb_user_rid_to_uid(pdb_context, rid);
+}
+
+uint32 pdb_uid_to_user_rid(uid_t uid)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	
+	if (!pdb_context) {
+		return False;
+	}
+	
+	return pdb_context->pdb_uid_to_user_rid(pdb_context, uid);
+}
+
 #endif /* !defined(WITH_NISPLUS_SAM) */
 
 /***************************************************************
-- 
cgit 


From 050b80356edea52f1bbb0a27599186ad84c18b73 Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Tue, 19 Mar 2002 13:57:53 +0000
Subject: second step to gain free uid<->rid mapping we still need to free
 gid<->rid mapping and few other stuff (This used to be commit
 aa4b6f8181f34196a28951264dd8b631a5deef7f)

---
 source3/passdb/pdb_interface.c | 46 +-----------------------------------------
 1 file changed, 1 insertion(+), 45 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 2fc04bc3b5..80b268994b 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -121,27 +121,7 @@ static BOOL context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT
 	return context->pdb_selected->delete_sam_account(context, sam_acct);
 }
 
-static uint32 context_uid_to_user_rid(struct pdb_context *context, uid_t uid)
-{
-	if ((!context) || (!context->pdb_selected)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
-	}
-	
-	return context->pdb_selected->uid_to_user_rid(context, uid);
-}
-
-static uid_t context_user_rid_to_uid(struct pdb_context *context, uint32 rid)
-{
-	if ((!context) || (!context->pdb_selected)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
-	}
-	
-	return context->pdb_selected->user_rid_to_uid(context, rid);
-}
-
-static void free_pdb_context(struct pdb_context **context) 
+static void free_pdb_context(struct pdb_context **context)
 {
 	if (((*context)->pdb_selected) && ((*context)->pdb_selected->free_private_data)) {
 		(*context)->pdb_selected->free_private_data((*context)->pdb_selected->private_data);
@@ -184,8 +164,6 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_add_sam_account = context_add_sam_account;
 	(*context)->pdb_update_sam_account = context_update_sam_account;
 	(*context)->pdb_delete_sam_account = context_delete_sam_account;
-	(*context)->pdb_uid_to_user_rid = context_uid_to_user_rid;
-	(*context)->pdb_user_rid_to_uid = context_user_rid_to_uid;
 
 	(*context)->free_fn = free_pdb_context;
 	
@@ -369,28 +347,6 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
 	return pdb_context->pdb_delete_sam_account(pdb_context, sam_acct);
 }
 
-uid_t pdb_user_rid_to_uid(uint32 rid)
-{
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
-	
-	if (!pdb_context) {
-		return False;
-	}
-	
-	return pdb_context->pdb_user_rid_to_uid(pdb_context, rid);
-}
-
-uint32 pdb_uid_to_user_rid(uid_t uid)
-{
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
-	
-	if (!pdb_context) {
-		return False;
-	}
-	
-	return pdb_context->pdb_uid_to_user_rid(pdb_context, uid);
-}
-
 #endif /* !defined(WITH_NISPLUS_SAM) */
 
 /***************************************************************
-- 
cgit 


From 18d011d736fbac006735e5a45e9a815fd71f8fb2 Mon Sep 17 00:00:00 2001
From: Tim Potter <tpot@samba.org>
Date: Thu, 4 Apr 2002 03:53:43 +0000
Subject: Fixed memory leak in make_pdb_context_name()

Some reformatting and spelling fixes.
(This used to be commit a0f7bbad11a0c0f1ecd930626289c5ff493b0f1d)
---
 source3/passdb/pdb_interface.c | 42 +++++++++++++++++++++++++-----------------
 1 file changed, 25 insertions(+), 17 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 80b268994b..435b627da6 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -177,7 +177,8 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 
 NTSTATUS make_pdb_context_name(struct pdb_context **context, const char *selected) 
 {
-	/* HINT: Don't store 'selected' becouse its often an lp_ string and will 'go away' */
+	/* HINT: Don't store 'selected' becouse its often an lp_ string and
+	   will 'go away' */
 	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
 	int i;
 	char *module_name = smb_xstrdup(selected);
@@ -196,18 +197,20 @@ NTSTATUS make_pdb_context_name(struct pdb_context **context, const char *selecte
 
 	trim_string(module_name, " ", " ");
 
-	if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context))) {
-		return nt_status;
-	}
+	if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context)))
+		goto done;
 	
-	DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
-	for (i = 0; builtin_pdb_init_functions[i].name; i++)
-	{
-		if (strequal(builtin_pdb_init_functions[i].name, module_name))
-		{
-			DEBUG(5,("Found pdb backend %s (at pos %d)\n", module_name, i));
-			if (NT_STATUS_IS_OK(nt_status 
-					    = builtin_pdb_init_functions[i].init(*context, &(*context)->pdb_selected, module_location))) {
+	DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", 
+		 selected, module_name));
+
+	for (i = 0; builtin_pdb_init_functions[i].name; i++) {
+		if (strequal(builtin_pdb_init_functions[i].name, 
+			     module_name)) {
+
+			DEBUG(5,("Found pdb backend %s (at pos %d)\n", 
+				 module_name, i));
+
+			if (NT_STATUS_IS_OK(nt_status = builtin_pdb_init_functions[i].init(*context, &(*context)->pdb_selected, module_location))) {
 				DEBUG(5,("pdb backend %s has a valid init\n", selected));
 			} else {
 				DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
@@ -221,16 +224,21 @@ NTSTATUS make_pdb_context_name(struct pdb_context **context, const char *selecte
 		DEBUG(0,("failed to select passdb backed!\n"));
 		talloc_destroy((*context)->mem_ctx);
 		*context = NULL;
-		return nt_status;
+		goto done;
 	}
 
-	return NT_STATUS_OK;
+	nt_status = NT_STATUS_OK;
+
+ done:
+	SAFE_FREE(module_name);
+
+	return nt_status;
 }
 
 
 /******************************************************************
- Return an already initilised pdb_context, to facilitate backward 
- compatiablity (see functions below).
+ Return an already initialised pdb_context, to facilitate backward 
+ compatibility (see functions below).
 *******************************************************************/
 
 static struct pdb_context *pdb_get_static_context(BOOL reload) 
@@ -256,7 +264,7 @@ static struct pdb_context *pdb_get_static_context(BOOL reload)
 #if !defined(WITH_NISPLUS_SAM)
 
 /******************************************************************
- Backward compatability functions for the original passdb interface
+ Backward compatibility functions for the original passdb interface
 *******************************************************************/
 
 BOOL pdb_setsampwent(BOOL update) 
-- 
cgit 


From e90b65284812aaa5ff9e9935ce9bbad7791cbbcd Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Mon, 15 Jul 2002 10:35:28 +0000
Subject: updated the 3.0 branch from the head branch - ready for alpha18 (This
 used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)

---
 source3/passdb/pdb_interface.c | 335 +++++++++++++++++++++++++++--------------
 1 file changed, 225 insertions(+), 110 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 435b627da6..3b0f54b2b3 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1,18 +1,19 @@
 /* 
    Unix SMB/CIFS implementation.
    Password and authentication handling
-   Copyright (C) Andrew Bartlett		    2002
-      
+   Copyright (C) Andrew Bartlett			2002
+   Copyright (C) Jelmer Vernooij			2002
+
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.
-   
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-   
+
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
@@ -20,6 +21,9 @@
 
 #include "includes.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_PASSDB
+
 /** List of various built-in passdb modules */
 
 const struct pdb_init_function_entry builtin_pdb_init_functions[] = {
@@ -29,102 +33,199 @@ const struct pdb_init_function_entry builtin_pdb_init_functions[] = {
 	{ "tdbsam_nua", pdb_init_tdbsam_nua },
 	{ "ldapsam", pdb_init_ldapsam },
 	{ "ldapsam_nua", pdb_init_ldapsam_nua },
-#if 0
-	{ "nisplus", pdb_init_nisplus },	
-	{ "unix", pdb_init_unix },
-#endif
+	{ "unixsam", pdb_init_unixsam },
 	{ "plugin", pdb_init_plugin },
 	{ NULL, NULL}
 };
 
 static BOOL context_setsampwent(struct pdb_context *context, BOOL update)
 {
-	if ((!context) || (!context->pdb_selected)) {
+	if ((!context) || (!context->pdb_methods) || (!context->pdb_methods->setsampwent)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
 		return False;
 	}
-	
-	return context->pdb_selected->setsampwent(context, update);
+
+	context->pwent_methods = context->pdb_methods;
+
+	if (!context->pwent_methods) {
+		/* No passdbs at all */
+		return True;
+	}
+
+	while (!(context->pwent_methods->setsampwent(context->pwent_methods, update))) {
+		context->pwent_methods = context->pwent_methods->next;
+		if (context->pwent_methods == NULL) 
+			return False;
+	}
+	return True;
 }
 
 static void context_endsampwent(struct pdb_context *context)
 {
-	if ((!context) || (!context->pdb_selected)) {
+	if ((!context)){
 		DEBUG(0, ("invalid pdb_context specified!\n"));
 		return;
 	}
-	
-	context->pdb_selected->endsampwent(context);
+
+	if (context->pwent_methods && context->pwent_methods->endsampwent)
+		context->pwent_methods->endsampwent(context->pwent_methods);
+
+	/* So we won't get strange data when calling getsampwent now */
+	context->pwent_methods = NULL;
 }
 
 static BOOL context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *user)
 {
-	if ((!context) || (!context->pdb_selected)) {
+	if ((!context) || (!context->pwent_methods)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
 		return False;
 	}
+	/* Loop until we find something useful */
+	while ((!context->pwent_methods->getsampwent) || 
+		  context->pwent_methods->getsampwent(context->pwent_methods, user) == False){
+
+		if (context->pwent_methods->endsampwent)
+			context->pwent_methods->endsampwent(context->pwent_methods);
+
+		context->pwent_methods = context->pwent_methods->next;
+
+		/* All methods are checked now. There are no more entries */
+		if (context->pwent_methods == NULL)
+			return False;
 	
-	return context->pdb_selected->getsampwent(context, user);
+		if (!context->pwent_methods->setsampwent){
+			DEBUG(5, ("next backend does not implment setsampwent\n"));
+			return False;
+		}
+
+		context->pwent_methods->setsampwent(context->pwent_methods, False);
+	}
+	user->methods = context->pwent_methods;
+	return True;
 }
 
 static BOOL context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const char *username)
 {
-	if ((!context) || (!context->pdb_selected)) {
+	struct pdb_methods *curmethods;
+	if ((!context)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
 		return False;
 	}
-	
-	return context->pdb_selected->getsampwnam(context, sam_acct, username);
+	curmethods = context->pdb_methods;
+	while (curmethods){
+		if (curmethods->getsampwnam && curmethods->getsampwnam(curmethods, sam_acct, username) == True){
+			sam_acct->methods = curmethods;
+			return True;
+		}
+		curmethods = curmethods->next;
+	}
+
+	return False;
 }
 
-static BOOL context_getsampwrid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, uint32 rid)
+static BOOL context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, DOM_SID *sid)
 {
-	if ((!context) || (!context->pdb_selected)) {
+	struct pdb_methods *curmethods;
+	if ((!context)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
 		return False;
 	}
 	
-	return context->pdb_selected->getsampwrid(context, sam_acct, rid);
+	curmethods = context->pdb_methods;
+
+	while (curmethods){
+		if (curmethods->getsampwsid && curmethods->getsampwsid(curmethods, sam_acct, sid) == True){
+			sam_acct->methods = curmethods;
+			return True;
+		}
+		curmethods = curmethods->next;
+	}
+
+	return False;
 }
 
 static BOOL context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
 {
-	if ((!context) || (!context->pdb_selected)) {
+	if ((!context) || (!context->pdb_methods) || (!context->pdb_methods->add_sam_account)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
 		return False;
 	}
-	
+
 	/** @todo  This is where a 're-read on add' should be done */
-  
-	return context->pdb_selected->add_sam_account(context, sam_acct);
+	/* We now add a new account to the first database listed. 
+	 * Should we? */
+
+	return context->pdb_methods->add_sam_account(context->pdb_methods, sam_acct);
 }
 
 static BOOL context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
 {
-	if ((!context) || (!context->pdb_selected)) {
+	if (!context) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
 		return False;
 	}
-	
+
+	if (!sam_acct || !sam_acct->methods){
+		DEBUG(0, ("invalid sam_acct specified\n"));
+		return False;
+	}
+
+	if (!sam_acct->methods->update_sam_account){
+		DEBUG(0, ("invalid sam_acct->methods\n"));
+		return False;
+	}
+
 	/** @todo  This is where a 're-read on update' should be done */
-	
-	return context->pdb_selected->update_sam_account(context, sam_acct);
+
+	return sam_acct->methods->update_sam_account(sam_acct->methods, sam_acct);
 }
 
 static BOOL context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
 {
-	if ((!context) || (!context->pdb_selected)) {
+	struct pdb_methods *pdb_selected;
+	if (!context) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
 		return False;
 	}
+
+	if (!sam_acct->methods){
+		pdb_selected = context->pdb_methods;
+		/* There's no passdb backend specified for this account.
+		 * Try to delete it in every passdb available 
+		 * Needed to delete accounts in smbpasswd that are not
+		 * in /etc/passwd.
+		 */
+		while (pdb_selected){
+			if (pdb_selected->delete_sam_account && pdb_selected->delete_sam_account(pdb_selected, sam_acct)){
+				return True;
+			}
+			pdb_selected = pdb_selected->next;
+		}
+		return False;
+	}
+
+	if (!sam_acct->methods->delete_sam_account){
+		DEBUG(0,("invalid sam_acct->methods->delete_sam_account\n"));
+		return False;
+	}
 	
-	return context->pdb_selected->delete_sam_account(context, sam_acct);
+	return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
 }
 
+/******************************************************************
+  Free and cleanup a pdb context, any associated data and anything
+  that the attached modules might have associated.
+ *******************************************************************/
+
 static void free_pdb_context(struct pdb_context **context)
 {
-	if (((*context)->pdb_selected) && ((*context)->pdb_selected->free_private_data)) {
-		(*context)->pdb_selected->free_private_data((*context)->pdb_selected->private_data);
+	struct pdb_methods *pdb_selected = (*context)->pdb_methods;
+
+	while (pdb_selected){
+		if (pdb_selected->free_private_data) {
+			pdb_selected->free_private_data(&(pdb_selected->private_data));
+		}
+		pdb_selected = pdb_selected->next;
 	}
 
 	talloc_destroy((*context)->mem_ctx);
@@ -132,13 +233,57 @@ static void free_pdb_context(struct pdb_context **context)
 }
 
 /******************************************************************
- Make a pdb_context from scratch.
-*******************************************************************/
+  Make a pdb_methods from scratch
+ *******************************************************************/
+
+static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_context *context, const char *selected)
+{
+	char *module_name = smb_xstrdup(selected);
+	char *module_location = NULL, *p;
+	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+	int i;
+
+	p = strchr(module_name, ':');
+
+	if (p) {
+		*p = 0;
+		module_location = p+1;
+		trim_string(module_location, " ", " ");
+	}
+
+	trim_string(module_name, " ", " ");
+
+	DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
+	for (i = 0; builtin_pdb_init_functions[i].name; i++)
+	{
+		if (strequal(builtin_pdb_init_functions[i].name, module_name))
+		{
+			DEBUG(5,("Found pdb backend %s (at pos %d)\n", module_name, i));
+			nt_status = builtin_pdb_init_functions[i].init(context, methods, module_location);
+			if (NT_STATUS_IS_OK(nt_status)) {
+				DEBUG(5,("pdb backend %s has a valid init\n", selected));
+			} else {
+				DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
+			}
+			SAFE_FREE(module_name);
+			return nt_status;
+			break; /* unreached */
+		}
+	}
+
+	/* No such backend found */
+	SAFE_FREE(module_name);
+	return NT_STATUS_INVALID_PARAMETER;
+}
+
+/******************************************************************
+  Make a pdb_context from scratch.
+ *******************************************************************/
 
 static NTSTATUS make_pdb_context(struct pdb_context **context) 
 {
 	TALLOC_CTX *mem_ctx;
-	
+
 	mem_ctx = talloc_init_named("pdb_context internal allocation context");
 
 	if (!mem_ctx) {
@@ -160,82 +305,60 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_endsampwent = context_endsampwent;
 	(*context)->pdb_getsampwent = context_getsampwent;
 	(*context)->pdb_getsampwnam = context_getsampwnam;
-	(*context)->pdb_getsampwrid = context_getsampwrid;
+	(*context)->pdb_getsampwsid = context_getsampwsid;
 	(*context)->pdb_add_sam_account = context_add_sam_account;
 	(*context)->pdb_update_sam_account = context_update_sam_account;
 	(*context)->pdb_delete_sam_account = context_delete_sam_account;
 
 	(*context)->free_fn = free_pdb_context;
-	
+
 	return NT_STATUS_OK;
 }
 
 
 /******************************************************************
- Make a pdb_context, given a text string.
-*******************************************************************/
+  Make a pdb_context, given an array of strings
+ *******************************************************************/
 
-NTSTATUS make_pdb_context_name(struct pdb_context **context, const char *selected) 
+NTSTATUS make_pdb_context_list(struct pdb_context **context, char **selected) 
 {
-	/* HINT: Don't store 'selected' becouse its often an lp_ string and
-	   will 'go away' */
+	int i = 0;
+	struct pdb_methods *curmethods, *tmpmethods;
 	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
-	int i;
-	char *module_name = smb_xstrdup(selected);
-	char *module_location = NULL;
-	char *p;
 
-	p = strchr(module_name, ':');
-	
-	if (p) {
-		*p = 0;
-	
-		module_location = p+1;
-		
-		trim_string(module_location, " ", " ");
+	if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context))) {
+		return nt_status;
 	}
 
-	trim_string(module_name, " ", " ");
-
-	if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context)))
-		goto done;
-	
-	DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", 
-		 selected, module_name));
-
-	for (i = 0; builtin_pdb_init_functions[i].name; i++) {
-		if (strequal(builtin_pdb_init_functions[i].name, 
-			     module_name)) {
-
-			DEBUG(5,("Found pdb backend %s (at pos %d)\n", 
-				 module_name, i));
-
-			if (NT_STATUS_IS_OK(nt_status = builtin_pdb_init_functions[i].init(*context, &(*context)->pdb_selected, module_location))) {
-				DEBUG(5,("pdb backend %s has a valid init\n", selected));
-			} else {
-				DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
-				(*context)->pdb_selected = NULL;
-			}
-			break;
+	while (selected[i]){
+		/* Try to initialise pdb */
+		DEBUG(5,("Trying to load: %s\n", selected[i]));
+		if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods_name(&curmethods, *context, selected[i]))) {
+			DEBUG(1, ("Loading %s failed!\n", selected[i]));
+			free_pdb_context(context);
+			return nt_status;
 		}
-	}
-    
-	if (!(*context)->pdb_selected) {
-		DEBUG(0,("failed to select passdb backed!\n"));
-		talloc_destroy((*context)->mem_ctx);
-		*context = NULL;
-		goto done;
+		curmethods->parent = *context;
+		DLIST_ADD_END((*context)->pdb_methods, curmethods, tmpmethods);
+		i++;
 	}
 
-	nt_status = NT_STATUS_OK;
+	return NT_STATUS_OK;
+}
 
- done:
-	SAFE_FREE(module_name);
+/******************************************************************
+  Make a pdb_context, given a text string.
+ *******************************************************************/
 
-	return nt_status;
+NTSTATUS make_pdb_context_string(struct pdb_context **context, const char *selected) 
+{
+	NTSTATUS ret;
+	char **newsel = str_list_make(selected);
+	ret = make_pdb_context_list(context, newsel);
+	str_list_free(&newsel);
+	return ret;
 }
 
-
 /******************************************************************
  Return an already initialised pdb_context, to facilitate backward 
  compatibility (see functions below).
@@ -244,20 +367,20 @@ NTSTATUS make_pdb_context_name(struct pdb_context **context, const char *selecte
 static struct pdb_context *pdb_get_static_context(BOOL reload) 
 {
 	static struct pdb_context *pdb_context = NULL;
-	
+
 	if ((pdb_context) && (reload)) {
 		pdb_context->free_fn(&pdb_context);
-		if (!NT_STATUS_IS_OK(make_pdb_context_name(&pdb_context, lp_passdb_backend()))) {
+		if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
 			return NULL;
 		}
 	}
-	
+
 	if (!pdb_context) {
-		if (!NT_STATUS_IS_OK(make_pdb_context_name(&pdb_context, lp_passdb_backend()))) {
+		if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
 			return NULL;
 		}
 	}
-	
+
 	return pdb_context;
 }
 
@@ -311,7 +434,7 @@ BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username)
 	return pdb_context->pdb_getsampwnam(pdb_context, sam_acct, username);
 }
 
-BOOL pdb_getsampwrid(SAM_ACCOUNT *sam_acct, uint32 rid) 
+BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, DOM_SID *sid) 
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -319,7 +442,7 @@ BOOL pdb_getsampwrid(SAM_ACCOUNT *sam_acct, uint32 rid)
 		return False;
 	}
 
-	return pdb_context->pdb_getsampwrid(pdb_context, sam_acct, rid);
+	return pdb_context->pdb_getsampwsid(pdb_context, sam_acct, sid);
 }
 
 BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct) 
@@ -347,21 +470,21 @@ BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
 BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct) 
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
-	
+
 	if (!pdb_context) {
 		return False;
 	}
-	
+
 	return pdb_context->pdb_delete_sam_account(pdb_context, sam_acct);
 }
 
 #endif /* !defined(WITH_NISPLUS_SAM) */
 
 /***************************************************************
- Initialize the static context (at smbd startup etc). 
+  Initialize the static context (at smbd startup etc). 
 
- If uninitialised, context will auto-init on first use.
-***************************************************************/
+  If uninitialised, context will auto-init on first use.
+ ***************************************************************/
 
 BOOL initialize_password_db(BOOL reload)
 {	
@@ -381,11 +504,3 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 
 	return NT_STATUS_OK;
 }
-
-
-
-
-
-
-
-
-- 
cgit 


From b2edf254eda92f775e7d3d9b6793b4d77f9000b6 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sat, 17 Aug 2002 17:00:51 +0000
Subject: sync 3.0 branch with head (This used to be commit
 3928578b52cfc949be5e0ef444fce1558d75f290)

---
 source3/passdb/pdb_interface.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 3b0f54b2b3..f311223d77 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -123,7 +123,7 @@ static BOOL context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sam_ac
 	return False;
 }
 
-static BOOL context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, DOM_SID *sid)
+static BOOL context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
 {
 	struct pdb_methods *curmethods;
 	if ((!context)) {
@@ -353,7 +353,7 @@ NTSTATUS make_pdb_context_list(struct pdb_context **context, char **selected)
 NTSTATUS make_pdb_context_string(struct pdb_context **context, const char *selected) 
 {
 	NTSTATUS ret;
-	char **newsel = str_list_make(selected);
+	char **newsel = str_list_make(selected, NULL);
 	ret = make_pdb_context_list(context, newsel);
 	str_list_free(&newsel);
 	return ret;
@@ -434,7 +434,7 @@ BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username)
 	return pdb_context->pdb_getsampwnam(pdb_context, sam_acct, username);
 }
 
-BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, DOM_SID *sid) 
+BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid) 
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
-- 
cgit 


From a834a73e341059be154426390304a42e4a011f72 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Wed, 25 Sep 2002 15:19:00 +0000
Subject: sync'ing up for 3.0alpha20 release (This used to be commit
 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)

---
 source3/passdb/pdb_interface.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index f311223d77..f965dd727c 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -34,13 +34,14 @@ const struct pdb_init_function_entry builtin_pdb_init_functions[] = {
 	{ "ldapsam", pdb_init_ldapsam },
 	{ "ldapsam_nua", pdb_init_ldapsam_nua },
 	{ "unixsam", pdb_init_unixsam },
+	{ "nisplussam", pdb_init_nisplussam },
 	{ "plugin", pdb_init_plugin },
 	{ NULL, NULL}
 };
 
 static BOOL context_setsampwent(struct pdb_context *context, BOOL update)
 {
-	if ((!context) || (!context->pdb_methods) || (!context->pdb_methods->setsampwent)) {
+	if (!context) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
 		return False;
 	}
@@ -52,7 +53,7 @@ static BOOL context_setsampwent(struct pdb_context *context, BOOL update)
 		return True;
 	}
 
-	while (!(context->pwent_methods->setsampwent(context->pwent_methods, update))) {
+	while (!(context->pwent_methods->setsampwent) || !(context->pwent_methods->setsampwent(context->pwent_methods, update))) {
 		context->pwent_methods = context->pwent_methods->next;
 		if (context->pwent_methods == NULL) 
 			return False;
-- 
cgit 


From 7d1eb6f7b62300e2f0a84f045f5885118c6ffa1b Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Thu, 26 Sep 2002 18:58:34 +0000
Subject: sync with HEAD (This used to be commit
 ee9cbf58071adb627a49a94c6340aaba330486b5)

---
 source3/passdb/pdb_interface.c | 116 ++++++++++++++++++++---------------------
 1 file changed, 58 insertions(+), 58 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index f965dd727c..a94b8b8992 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -39,26 +39,28 @@ const struct pdb_init_function_entry builtin_pdb_init_functions[] = {
 	{ NULL, NULL}
 };
 
-static BOOL context_setsampwent(struct pdb_context *context, BOOL update)
+static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update)
 {
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
 	if (!context) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
+		return ret;
 	}
 
 	context->pwent_methods = context->pdb_methods;
 
 	if (!context->pwent_methods) {
 		/* No passdbs at all */
-		return True;
+		return ret;
 	}
 
-	while (!(context->pwent_methods->setsampwent) || !(context->pwent_methods->setsampwent(context->pwent_methods, update))) {
+	while (NT_STATUS_IS_ERR(ret = context->pwent_methods->setsampwent(context->pwent_methods, update))) {
 		context->pwent_methods = context->pwent_methods->next;
 		if (context->pwent_methods == NULL) 
-			return False;
+			return NT_STATUS_UNSUCCESSFUL;
 	}
-	return True;
+	return ret;
 }
 
 static void context_endsampwent(struct pdb_context *context)
@@ -75,81 +77,82 @@ static void context_endsampwent(struct pdb_context *context)
 	context->pwent_methods = NULL;
 }
 
-static BOOL context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *user)
+static NTSTATUS context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *user)
 {
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
 	if ((!context) || (!context->pwent_methods)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
+		return ret;
 	}
 	/* Loop until we find something useful */
-	while ((!context->pwent_methods->getsampwent) || 
-		  context->pwent_methods->getsampwent(context->pwent_methods, user) == False){
+	while (NT_STATUS_IS_ERR(ret = context->pwent_methods->getsampwent(context->pwent_methods, user))) {
 
-		if (context->pwent_methods->endsampwent)
-			context->pwent_methods->endsampwent(context->pwent_methods);
+		context->pwent_methods->endsampwent(context->pwent_methods);
 
 		context->pwent_methods = context->pwent_methods->next;
 
 		/* All methods are checked now. There are no more entries */
 		if (context->pwent_methods == NULL)
-			return False;
+			return ret;
 	
-		if (!context->pwent_methods->setsampwent){
-			DEBUG(5, ("next backend does not implment setsampwent\n"));
-			return False;
-		}
-
 		context->pwent_methods->setsampwent(context->pwent_methods, False);
 	}
 	user->methods = context->pwent_methods;
-	return True;
+	return ret;
 }
 
-static BOOL context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const char *username)
+static NTSTATUS context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const char *username)
 {
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
 	struct pdb_methods *curmethods;
 	if ((!context)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
+		return ret;
 	}
 	curmethods = context->pdb_methods;
 	while (curmethods){
-		if (curmethods->getsampwnam && curmethods->getsampwnam(curmethods, sam_acct, username) == True){
+		if (NT_STATUS_IS_OK(ret = curmethods->getsampwnam(curmethods, sam_acct, username))) {
 			sam_acct->methods = curmethods;
-			return True;
+			return ret;
 		}
 		curmethods = curmethods->next;
 	}
 
-	return False;
+	return ret;
 }
 
-static BOOL context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
+static NTSTATUS context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
 {
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
 	struct pdb_methods *curmethods;
 	if ((!context)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
+		return ret;
 	}
 	
 	curmethods = context->pdb_methods;
 
 	while (curmethods){
-		if (curmethods->getsampwsid && curmethods->getsampwsid(curmethods, sam_acct, sid) == True){
+		if (NT_STATUS_IS_OK(ret = curmethods->getsampwsid(curmethods, sam_acct, sid))) {
 			sam_acct->methods = curmethods;
-			return True;
+			return ret;
 		}
 		curmethods = curmethods->next;
 	}
 
-	return False;
+	return ret;
 }
 
-static BOOL context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
+static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
 {
-	if ((!context) || (!context->pdb_methods) || (!context->pdb_methods->add_sam_account)) {
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
+		return ret;
 	}
 
 	/** @todo  This is where a 're-read on add' should be done */
@@ -159,21 +162,18 @@ static BOOL context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sa
 	return context->pdb_methods->add_sam_account(context->pdb_methods, sam_acct);
 }
 
-static BOOL context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
+static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
 {
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
 	if (!context) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
+		return ret;
 	}
 
 	if (!sam_acct || !sam_acct->methods){
 		DEBUG(0, ("invalid sam_acct specified\n"));
-		return False;
-	}
-
-	if (!sam_acct->methods->update_sam_account){
-		DEBUG(0, ("invalid sam_acct->methods\n"));
-		return False;
+		return ret;
 	}
 
 	/** @todo  This is where a 're-read on update' should be done */
@@ -181,12 +181,14 @@ static BOOL context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT
 	return sam_acct->methods->update_sam_account(sam_acct->methods, sam_acct);
 }
 
-static BOOL context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
+static NTSTATUS context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
 {
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
 	struct pdb_methods *pdb_selected;
 	if (!context) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
+		return ret;
 	}
 
 	if (!sam_acct->methods){
@@ -197,17 +199,17 @@ static BOOL context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT
 		 * in /etc/passwd.
 		 */
 		while (pdb_selected){
-			if (pdb_selected->delete_sam_account && pdb_selected->delete_sam_account(pdb_selected, sam_acct)){
-				return True;
+			if (NT_STATUS_IS_OK(ret = pdb_selected->delete_sam_account(pdb_selected, sam_acct))) {
+				return ret;
 			}
 			pdb_selected = pdb_selected->next;
 		}
-		return False;
+		return ret;
 	}
 
 	if (!sam_acct->methods->delete_sam_account){
 		DEBUG(0,("invalid sam_acct->methods->delete_sam_account\n"));
-		return False;
+		return ret;
 	}
 	
 	return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
@@ -223,9 +225,7 @@ static void free_pdb_context(struct pdb_context **context)
 	struct pdb_methods *pdb_selected = (*context)->pdb_methods;
 
 	while (pdb_selected){
-		if (pdb_selected->free_private_data) {
-			pdb_selected->free_private_data(&(pdb_selected->private_data));
-		}
+		pdb_selected->free_private_data(&(pdb_selected->private_data));
 		pdb_selected = pdb_selected->next;
 	}
 
@@ -371,13 +371,13 @@ static struct pdb_context *pdb_get_static_context(BOOL reload)
 
 	if ((pdb_context) && (reload)) {
 		pdb_context->free_fn(&pdb_context);
-		if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
+		if (NT_STATUS_IS_ERR(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
 			return NULL;
 		}
 	}
 
 	if (!pdb_context) {
-		if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
+		if (NT_STATUS_IS_ERR(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
 			return NULL;
 		}
 	}
@@ -399,7 +399,7 @@ BOOL pdb_setsampwent(BOOL update)
 		return False;
 	}
 
-	return pdb_context->pdb_setsampwent(pdb_context, update);
+	return NT_STATUS_IS_OK(pdb_context->pdb_setsampwent(pdb_context, update));
 }
 
 void pdb_endsampwent(void) 
@@ -421,7 +421,7 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
 		return False;
 	}
 
-	return pdb_context->pdb_getsampwent(pdb_context, user);
+	return NT_STATUS_IS_OK(pdb_context->pdb_getsampwent(pdb_context, user));
 }
 
 BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username) 
@@ -432,7 +432,7 @@ BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username)
 		return False;
 	}
 
-	return pdb_context->pdb_getsampwnam(pdb_context, sam_acct, username);
+	return NT_STATUS_IS_OK(pdb_context->pdb_getsampwnam(pdb_context, sam_acct, username));
 }
 
 BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid) 
@@ -443,7 +443,7 @@ BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
 		return False;
 	}
 
-	return pdb_context->pdb_getsampwsid(pdb_context, sam_acct, sid);
+	return NT_STATUS_IS_OK(pdb_context->pdb_getsampwsid(pdb_context, sam_acct, sid));
 }
 
 BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct) 
@@ -454,7 +454,7 @@ BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct)
 		return False;
 	}
 
-	return pdb_context->pdb_add_sam_account(pdb_context, sam_acct);
+	return NT_STATUS_IS_OK(pdb_context->pdb_add_sam_account(pdb_context, sam_acct));
 }
 
 BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct) 
@@ -465,7 +465,7 @@ BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
 		return False;
 	}
 
-	return pdb_context->pdb_update_sam_account(pdb_context, sam_acct);
+	return NT_STATUS_IS_OK(pdb_context->pdb_update_sam_account(pdb_context, sam_acct));
 }
 
 BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct) 
@@ -476,7 +476,7 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
 		return False;
 	}
 
-	return pdb_context->pdb_delete_sam_account(pdb_context, sam_acct);
+	return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
 }
 
 #endif /* !defined(WITH_NISPLUS_SAM) */
-- 
cgit 


From 12b1a63cebe1e8942ea1d61dcce98184f401d39f Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Fri, 25 Oct 2002 00:38:10 +0000
Subject: Only run free_private_data when specified (reported by Steve Langasek
 aka vorlon) (This used to be commit ecd3acbfcf912a775718e320c7cb66f60436c546)

---
 source3/passdb/pdb_interface.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index a94b8b8992..c8a27dd8c4 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -225,7 +225,8 @@ static void free_pdb_context(struct pdb_context **context)
 	struct pdb_methods *pdb_selected = (*context)->pdb_methods;
 
 	while (pdb_selected){
-		pdb_selected->free_private_data(&(pdb_selected->private_data));
+		if(pdb_selected->free_private_data)
+			pdb_selected->free_private_data(&(pdb_selected->private_data));
 		pdb_selected = pdb_selected->next;
 	}
 
-- 
cgit 


From 6d7195d1d79c43f5ccc8dc4a9215c02177d5fa89 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sat, 2 Nov 2002 03:47:48 +0000
Subject: Merge passdb from HEAD -> 3.0

The work here includes:
 - metze' set/changed patch, which avoids making changes to ldap on unmodified
attributes.

 - volker's group mapping in passdb patch

 - volker's samsync stuff
 - volkers SAMR changes.

 - mezte's connection caching patch

 - my recent changes (fix magic root check, ldap ssl)

Andrew Bartlett
(This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f)
---
 source3/passdb/pdb_interface.c | 223 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 223 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index c8a27dd8c4..ca199f8ea6 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -215,6 +215,135 @@ static NTSTATUS context_delete_sam_account(struct pdb_context *context, SAM_ACCO
 	return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
 }
 
+static NTSTATUS context_getgrsid(struct pdb_context *context,
+				 GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	struct pdb_methods *curmethods;
+	if ((!context)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+	curmethods = context->pdb_methods;
+	while (curmethods){
+		ret = curmethods->getgrsid(curmethods, map, sid, with_priv);
+		if (NT_STATUS_IS_OK(ret)) {
+			map->methods = curmethods;
+			return ret;
+		}
+		curmethods = curmethods->next;
+	}
+
+	return ret;
+}
+
+static NTSTATUS context_getgrgid(struct pdb_context *context,
+				 GROUP_MAP *map, gid_t gid, BOOL with_priv)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	struct pdb_methods *curmethods;
+	if ((!context)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+	curmethods = context->pdb_methods;
+	while (curmethods){
+		ret = curmethods->getgrgid(curmethods, map, gid, with_priv);
+		if (NT_STATUS_IS_OK(ret)) {
+			map->methods = curmethods;
+			return ret;
+		}
+		curmethods = curmethods->next;
+	}
+
+	return ret;
+}
+
+static NTSTATUS context_getgrnam(struct pdb_context *context,
+				 GROUP_MAP *map, char *name, BOOL with_priv)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	struct pdb_methods *curmethods;
+	if ((!context)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+	curmethods = context->pdb_methods;
+	while (curmethods){
+		ret = curmethods->getgrnam(curmethods, map, name, with_priv);
+		if (NT_STATUS_IS_OK(ret)) {
+			map->methods = curmethods;
+			return ret;
+		}
+		curmethods = curmethods->next;
+	}
+
+	return ret;
+}
+
+static NTSTATUS context_add_group_mapping_entry(struct pdb_context *context,
+						GROUP_MAP *map)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->add_group_mapping_entry(context->pdb_methods,
+							     map);
+}
+
+static NTSTATUS context_update_group_mapping_entry(struct pdb_context *context,
+						   GROUP_MAP *map)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->
+		pdb_methods->update_group_mapping_entry(context->pdb_methods, map);
+}
+
+static NTSTATUS context_delete_group_mapping_entry(struct pdb_context *context,
+						   DOM_SID sid)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->
+		pdb_methods->delete_group_mapping_entry(context->pdb_methods, sid);
+}
+
+static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
+					   enum SID_NAME_USE sid_name_use,
+					   GROUP_MAP **rmap, int *num_entries,
+					   BOOL unix_only, BOOL with_priv)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->enum_group_mapping(context->pdb_methods,
+							sid_name_use, rmap,
+							num_entries, unix_only,
+							with_priv);
+}
+
 /******************************************************************
   Free and cleanup a pdb context, any associated data and anything
   that the attached modules might have associated.
@@ -311,6 +440,13 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_add_sam_account = context_add_sam_account;
 	(*context)->pdb_update_sam_account = context_update_sam_account;
 	(*context)->pdb_delete_sam_account = context_delete_sam_account;
+	(*context)->pdb_getgrsid = context_getgrsid;
+	(*context)->pdb_getgrgid = context_getgrgid;
+	(*context)->pdb_getgrnam = context_getgrnam;
+	(*context)->pdb_add_group_mapping_entry = context_add_group_mapping_entry;
+	(*context)->pdb_update_group_mapping_entry = context_update_group_mapping_entry;
+	(*context)->pdb_delete_group_mapping_entry = context_delete_group_mapping_entry;
+	(*context)->pdb_enum_group_mapping = context_enum_group_mapping;
 
 	(*context)->free_fn = free_pdb_context;
 
@@ -480,6 +616,93 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
 	return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
 }
 
+BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_getgrsid(pdb_context, map, sid, with_priv));
+}
+
+BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid, BOOL with_priv)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_getgrgid(pdb_context, map, gid, with_priv));
+}
+
+BOOL pdb_getgrnam(GROUP_MAP *map, char *name, BOOL with_priv)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_getgrnam(pdb_context, map, name, with_priv));
+}
+
+BOOL pdb_add_group_mapping_entry(GROUP_MAP *map)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_add_group_mapping_entry(pdb_context, map));
+}
+
+BOOL pdb_update_group_mapping_entry(GROUP_MAP *map)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_update_group_mapping_entry(pdb_context, map));
+}
+
+BOOL pdb_delete_group_mapping_entry(DOM_SID sid)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_delete_group_mapping_entry(pdb_context, sid));
+}
+
+BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
+			    int *num_entries, BOOL unix_only, BOOL with_priv)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_enum_group_mapping(pdb_context, sid_name_use,
+						      rmap, num_entries, unix_only,
+						      with_priv));
+}
+
 #endif /* !defined(WITH_NISPLUS_SAM) */
 
 /***************************************************************
-- 
cgit 


From 2f194322d419350f35a48dff750066894d68eccf Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 12 Nov 2002 23:20:50 +0000
Subject: Removed global_myworkgroup, global_myname, global_myscope. Added
 liberal dashes of const. This is a rather large check-in, some things may
 break. It does compile though :-). Jeremy. (This used to be commit
 f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)

---
 source3/passdb/pdb_interface.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index ca199f8ea6..edc310c0c1 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -458,7 +458,7 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
   Make a pdb_context, given an array of strings
  *******************************************************************/
 
-NTSTATUS make_pdb_context_list(struct pdb_context **context, char **selected) 
+NTSTATUS make_pdb_context_list(struct pdb_context **context, const char **selected) 
 {
 	int i = 0;
 	struct pdb_methods *curmethods, *tmpmethods;
@@ -492,7 +492,7 @@ NTSTATUS make_pdb_context_string(struct pdb_context **context, const char *selec
 {
 	NTSTATUS ret;
 	char **newsel = str_list_make(selected, NULL);
-	ret = make_pdb_context_list(context, newsel);
+	ret = make_pdb_context_list(context, (const char **)newsel);
 	str_list_free(&newsel);
 	return ret;
 }
-- 
cgit 


From 7c64e03d9d6ebe04b10c1a0069106aa207808573 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Thu, 14 Nov 2002 18:21:22 +0000
Subject: Remove #ifdef's for NISPLUS_SAM - there are no function name
 collisions anymore (This used to be commit
 32c93921b01b5d28a2f5837026aad2445a0ece03)

---
 source3/passdb/pdb_interface.c | 4 ----
 1 file changed, 4 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index edc310c0c1..88070d8694 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -522,8 +522,6 @@ static struct pdb_context *pdb_get_static_context(BOOL reload)
 	return pdb_context;
 }
 
-#if !defined(WITH_NISPLUS_SAM)
-
 /******************************************************************
  Backward compatibility functions for the original passdb interface
 *******************************************************************/
@@ -703,8 +701,6 @@ BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
 						      with_priv));
 }
 
-#endif /* !defined(WITH_NISPLUS_SAM) */
-
 /***************************************************************
   Initialize the static context (at smbd startup etc). 
 
-- 
cgit 


From ef8bd7c4f7ae8192ea05db070962ecf0ff3615f3 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Fri, 20 Dec 2002 20:21:31 +0000
Subject: Forward port the change to talloc_init() to make all talloc contexts
 named. Ensure we can query them. Jeremy. (This used to be commit
 09a218a9f6fb0bd922940467bf8500eb4f1bcf84)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 88070d8694..d21cc1d355 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -415,7 +415,7 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 {
 	TALLOC_CTX *mem_ctx;
 
-	mem_ctx = talloc_init_named("pdb_context internal allocation context");
+	mem_ctx = talloc_init("pdb_context internal allocation context");
 
 	if (!mem_ctx) {
 		DEBUG(0, ("make_pdb_context: talloc init failed!\n"));
-- 
cgit 


From 3d8c50c87482d75d18b21bee954911951f471e2a Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sat, 22 Mar 2003 09:03:46 +0000
Subject: Thanks to volker, merge passdb changes from HEAD:

 - pdb_guest (including change defaults)
 - 'default' passdb actions (instead of 'not implemented' stubs in each module)

 - net_rpc_samsync no longer assumes pdb_unix

Andrew Bartlett
(This used to be commit 4bec53c8c81019f0f06a93c4df0800bbf7281dd6)
---
 source3/passdb/pdb_interface.c | 63 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index d21cc1d355..42be673d25 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -34,6 +34,7 @@ const struct pdb_init_function_entry builtin_pdb_init_functions[] = {
 	{ "ldapsam", pdb_init_ldapsam },
 	{ "ldapsam_nua", pdb_init_ldapsam_nua },
 	{ "unixsam", pdb_init_unixsam },
+	{ "guest", pdb_init_guestsam },
 	{ "nisplussam", pdb_init_nisplussam },
 	{ "plugin", pdb_init_plugin },
 	{ NULL, NULL}
@@ -713,6 +714,51 @@ BOOL initialize_password_db(BOOL reload)
 }
 
 
+/***************************************************************************
+  Default implementations of some functions.
+ ****************************************************************************/
+
+static NTSTATUS pdb_default_getsampwnam (struct pdb_methods *methods, SAM_ACCOUNT *user, const char *sname)
+{
+	return NT_STATUS_NO_SUCH_USER;
+}
+
+static NTSTATUS pdb_default_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT * user, const DOM_SID *sid)
+{
+	return NT_STATUS_NO_SUCH_USER;
+}
+
+static NTSTATUS pdb_default_add_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
+{
+	DEBUG(0,("this backend (%s) should not be listed as the first passdb backend! You can't add users to it.\n", methods->name));
+	return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS pdb_default_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
+{
+	return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS pdb_default_delete_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *pwd)
+{
+	return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update)
+{
+	return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS pdb_default_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT *user)
+{
+	return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static void pdb_default_endsampwent(struct pdb_methods *methods)
+{
+	return; /* NT_STATUS_NOT_IMPLEMENTED; */
+}
+
 NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) 
 {
 	*methods = talloc(mem_ctx, sizeof(struct pdb_methods));
@@ -723,5 +769,22 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 
 	ZERO_STRUCTP(*methods);
 
+	(*methods)->setsampwent = pdb_default_setsampwent;
+	(*methods)->endsampwent = pdb_default_endsampwent;
+	(*methods)->getsampwent = pdb_default_getsampwent;
+	(*methods)->getsampwnam = pdb_default_getsampwnam;
+	(*methods)->getsampwsid = pdb_default_getsampwsid;
+	(*methods)->add_sam_account = pdb_default_add_sam_account;
+	(*methods)->update_sam_account = pdb_default_update_sam_account;
+	(*methods)->delete_sam_account = pdb_default_delete_sam_account;
+
+	(*methods)->getgrsid = pdb_default_getgrsid;
+	(*methods)->getgrgid = pdb_default_getgrgid;
+	(*methods)->getgrnam = pdb_default_getgrnam;
+	(*methods)->add_group_mapping_entry = pdb_default_add_group_mapping_entry;
+	(*methods)->update_group_mapping_entry = pdb_default_update_group_mapping_entry;
+	(*methods)->delete_group_mapping_entry = pdb_default_delete_group_mapping_entry;
+	(*methods)->enum_group_mapping = pdb_default_enum_group_mapping;
+
 	return NT_STATUS_OK;
 }
-- 
cgit 


From 9c3cecbdac2ea888f95db2194bf9f5d2457aef09 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Tue, 15 Apr 2003 16:01:14 +0000
Subject: Use the new modules system for passdb (merge from HEAD) (This used to
 be commit 1755d5f66221a910863cfc8a197f8d792e6b6e3d)

---
 source3/passdb/pdb_interface.c | 110 +++++++++++++++++++++++++++++------------
 1 file changed, 79 insertions(+), 31 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 42be673d25..8adcd9dbfa 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -24,21 +24,57 @@
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
 
-/** List of various built-in passdb modules */
-
-const struct pdb_init_function_entry builtin_pdb_init_functions[] = {
-	{ "smbpasswd", pdb_init_smbpasswd },
-	{ "smbpasswd_nua", pdb_init_smbpasswd_nua },
-	{ "tdbsam", pdb_init_tdbsam },
-	{ "tdbsam_nua", pdb_init_tdbsam_nua },
-	{ "ldapsam", pdb_init_ldapsam },
-	{ "ldapsam_nua", pdb_init_ldapsam_nua },
-	{ "unixsam", pdb_init_unixsam },
-	{ "guest", pdb_init_guestsam },
-	{ "nisplussam", pdb_init_nisplussam },
-	{ "plugin", pdb_init_plugin },
-	{ NULL, NULL}
-};
+static struct pdb_init_function_entry *backends = NULL;
+
+static void lazy_initialize_passdb(void)
+{
+	static BOOL initialized = False;
+	if(initialized)return;
+	static_init_pdb;
+	initialized = True;
+}
+
+BOOL smb_register_passdb(const char *name, pdb_init_function init, int version) 
+{
+	struct pdb_init_function_entry *entry = backends;
+
+	if(version != PASSDB_INTERFACE_VERSION)
+		return False;
+
+	DEBUG(5,("Attempting to register passdb backend %s\n", name));
+
+	/* Check for duplicates */
+	while(entry) { 
+		if(strcasecmp(name, entry->name) == 0) { 
+			DEBUG(0,("There already is a passdb backend registered with the name %s!\n", name));
+			return False;
+		}
+		entry = entry->next;
+	}
+
+	entry = smb_xmalloc(sizeof(struct pdb_init_function_entry));
+	entry->name = smb_xstrdup(name);
+	entry->init = init;
+
+	DLIST_ADD(backends, entry);
+	DEBUG(5,("Successfully added passdb backend '%s'\n", name));
+	return True;
+}
+
+static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
+{
+	struct pdb_init_function_entry *entry = backends;
+	pstring stripped;
+
+	module_path_get_name(name, stripped);
+
+	while(entry) {
+		if (strequal(entry->name, stripped)) return entry;
+		entry = entry->next;
+	}
+
+	return NULL;
+}
 
 static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update)
 {
@@ -372,8 +408,10 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c
 {
 	char *module_name = smb_xstrdup(selected);
 	char *module_location = NULL, *p;
+	struct pdb_init_function_entry *entry;
 	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
-	int i;
+
+	lazy_initialize_passdb();
 
 	p = strchr(module_name, ':');
 
@@ -385,27 +423,37 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c
 
 	trim_string(module_name, " ", " ");
 
+
 	DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
-	for (i = 0; builtin_pdb_init_functions[i].name; i++)
-	{
-		if (strequal(builtin_pdb_init_functions[i].name, module_name))
-		{
-			DEBUG(5,("Found pdb backend %s (at pos %d)\n", module_name, i));
-			nt_status = builtin_pdb_init_functions[i].init(context, methods, module_location);
-			if (NT_STATUS_IS_OK(nt_status)) {
-				DEBUG(5,("pdb backend %s has a valid init\n", selected));
-			} else {
-				DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
-			}
+
+	entry = pdb_find_backend_entry(module_name);
+	
+	/* Try to find a module that contains this module */
+	if (!entry) { 
+		DEBUG(2,("No builtin backend found, trying to load plugin\n"));
+		if(smb_probe_module("passdb", module_name) && !(entry = pdb_find_backend_entry(module_name))) {
+			DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", module_name));
 			SAFE_FREE(module_name);
-			return nt_status;
-			break; /* unreached */
+			return NT_STATUS_UNSUCCESSFUL;
 		}
 	}
-
+	
 	/* No such backend found */
+	if(!entry) { 
+		DEBUG(0,("No builtin nor plugin backend for %s found\n", module_name));
+		SAFE_FREE(module_name);
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+	
+	DEBUG(5,("Found pdb backend %s\n", module_name));
+	nt_status = entry->init(context, methods, module_location);
+	if (NT_STATUS_IS_OK(nt_status)) {
+		DEBUG(5,("pdb backend %s has a valid init\n", selected));
+	} else {
+		DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
+	}
 	SAFE_FREE(module_name);
-	return NT_STATUS_INVALID_PARAMETER;
+	return nt_status;
 }
 
 /******************************************************************
-- 
cgit 


From 0971cbb9eb2ba429b61292ee77985e56c2ab4be1 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Mon, 21 Apr 2003 00:38:39 +0000
Subject: Pdb modules are in $libdir/pdb not $libdir/passdb (This used to be
 commit 9c9d969c93400d91a12e78635d54e1c5f90efab8)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 8adcd9dbfa..337b563c54 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -431,7 +431,7 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c
 	/* Try to find a module that contains this module */
 	if (!entry) { 
 		DEBUG(2,("No builtin backend found, trying to load plugin\n"));
-		if(smb_probe_module("passdb", module_name) && !(entry = pdb_find_backend_entry(module_name))) {
+		if(smb_probe_module("pdb", module_name) && !(entry = pdb_find_backend_entry(module_name))) {
 			DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", module_name));
 			SAFE_FREE(module_name);
 			return NT_STATUS_UNSUCCESSFUL;
-- 
cgit 


From ec750c5d525a225efa84a9b3090646e2e9b9c427 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Thu, 24 Apr 2003 20:36:41 +0000
Subject: - Get rid of module_path_get_name() - Use find backend function to
 find duplicates - declare static function before using it (This used to be
 commit ad5ebd4f2065425a9edffc753c0f0414fd6f98d4)

---
 source3/passdb/pdb_interface.c | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 337b563c54..57424bb2d8 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -34,6 +34,8 @@ static void lazy_initialize_passdb(void)
 	initialized = True;
 }
 
+static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name);
+
 BOOL smb_register_passdb(const char *name, pdb_init_function init, int version) 
 {
 	struct pdb_init_function_entry *entry = backends;
@@ -43,13 +45,9 @@ BOOL smb_register_passdb(const char *name, pdb_init_function init, int version)
 
 	DEBUG(5,("Attempting to register passdb backend %s\n", name));
 
-	/* Check for duplicates */
-	while(entry) { 
-		if(strcasecmp(name, entry->name) == 0) { 
-			DEBUG(0,("There already is a passdb backend registered with the name %s!\n", name));
-			return False;
-		}
-		entry = entry->next;
+	if (pdb_find_backend_entry(name)) {
+		DEBUG(0,("There already is a passdb backend registered with the name %s!\n", name));
+		return False;
 	}
 
 	entry = smb_xmalloc(sizeof(struct pdb_init_function_entry));
@@ -64,12 +62,9 @@ BOOL smb_register_passdb(const char *name, pdb_init_function init, int version)
 static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
 {
 	struct pdb_init_function_entry *entry = backends;
-	pstring stripped;
-
-	module_path_get_name(name, stripped);
 
 	while(entry) {
-		if (strequal(entry->name, stripped)) return entry;
+		if (strcasecmp(entry->name, name) == 0) return entry;
 		entry = entry->next;
 	}
 
-- 
cgit 


From 17a3acafa89bfc6090b0767d05a00a7505003fcc Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Mon, 28 Apr 2003 17:48:48 +0000
Subject: Use NTSTATUS as return value for smb_register_*() functions and
 init_module() function. Patch by metze with some minor modifications. (This
 used to be commit bc4b51bcb2daa7271c884cb83bf8bdba6d3a9b6d)

---
 source3/passdb/pdb_interface.c | 24 +++++++++++++++++-------
 1 file changed, 17 insertions(+), 7 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 57424bb2d8..a8cc1f742a 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -36,18 +36,28 @@ static void lazy_initialize_passdb(void)
 
 static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name);
 
-BOOL smb_register_passdb(const char *name, pdb_init_function init, int version) 
+NTSTATUS smb_register_passdb(uint16 version, const char *name, pdb_init_function init) 
 {
 	struct pdb_init_function_entry *entry = backends;
 
-	if(version != PASSDB_INTERFACE_VERSION)
-		return False;
+	if(version != PASSDB_INTERFACE_VERSION) {
+		DEBUG(0,("Can't register passdb backend!\n"
+			 "You tried to register a passdb module with PASSDB_INTERFACE_VERSION %d, "
+			 "while this version of samba uses version %d\n", 
+			 version,PASSDB_INTERFACE_VERSION));
+		return NT_STATUS_OBJECT_TYPE_MISMATCH;
+	}
+
+	if (!name || !init) {
+		return NT_STATUS_INVALID_PARAMETER;
+	}
 
 	DEBUG(5,("Attempting to register passdb backend %s\n", name));
 
+	/* Check for duplicates */
 	if (pdb_find_backend_entry(name)) {
 		DEBUG(0,("There already is a passdb backend registered with the name %s!\n", name));
-		return False;
+		return NT_STATUS_OBJECT_NAME_COLLISION;
 	}
 
 	entry = smb_xmalloc(sizeof(struct pdb_init_function_entry));
@@ -56,7 +66,7 @@ BOOL smb_register_passdb(const char *name, pdb_init_function init, int version)
 
 	DLIST_ADD(backends, entry);
 	DEBUG(5,("Successfully added passdb backend '%s'\n", name));
-	return True;
+	return NT_STATUS_OK;
 }
 
 static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
@@ -426,7 +436,7 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c
 	/* Try to find a module that contains this module */
 	if (!entry) { 
 		DEBUG(2,("No builtin backend found, trying to load plugin\n"));
-		if(smb_probe_module("pdb", module_name) && !(entry = pdb_find_backend_entry(module_name))) {
+		if(NT_STATUS_IS_OK(smb_probe_module("pdb", module_name)) && !(entry = pdb_find_backend_entry(module_name))) {
 			DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", module_name));
 			SAFE_FREE(module_name);
 			return NT_STATUS_UNSUCCESSFUL;
@@ -439,7 +449,7 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c
 		SAFE_FREE(module_name);
 		return NT_STATUS_INVALID_PARAMETER;
 	}
-	
+
 	DEBUG(5,("Found pdb backend %s\n", module_name));
 	nt_status = entry->init(context, methods, module_location);
 	if (NT_STATUS_IS_OK(nt_status)) {
-- 
cgit 


From d2373e7dce03a933be465cfd006c20d2bcc6e758 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Wed, 30 Apr 2003 23:06:44 +0000
Subject: Make the version numbers ints (patch from metze) (This used to be
 commit dbe36b4c43dceddea9f14161c6cf7b34709287c8)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index a8cc1f742a..7b44df193f 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -36,7 +36,7 @@ static void lazy_initialize_passdb(void)
 
 static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name);
 
-NTSTATUS smb_register_passdb(uint16 version, const char *name, pdb_init_function init) 
+NTSTATUS smb_register_passdb(int version, const char *name, pdb_init_function init) 
 {
 	struct pdb_init_function_entry *entry = backends;
 
-- 
cgit 


From c507ebe56741d773bf6e7ad547863a2da1aee687 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sat, 10 May 2003 10:53:48 +0000
Subject: Patch from metze and me that adds dummy smb_register_*() functions so
 that is now possible to, for example, load a module which contains an auth
 method into a binary without the auth/ subsystem built in. (This used to be
 commit 74d9ecfe2dd7364643d32acb62ade957bd71cd0d)

---
 source3/passdb/pdb_interface.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7b44df193f..dc2b43d204 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -436,10 +436,10 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c
 	/* Try to find a module that contains this module */
 	if (!entry) { 
 		DEBUG(2,("No builtin backend found, trying to load plugin\n"));
-		if(NT_STATUS_IS_OK(smb_probe_module("pdb", module_name)) && !(entry = pdb_find_backend_entry(module_name))) {
+		if(NT_STATUS_IS_OK(nt_status = smb_probe_module("pdb", module_name)) && !(entry = pdb_find_backend_entry(module_name))) {
 			DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", module_name));
 			SAFE_FREE(module_name);
-			return NT_STATUS_UNSUCCESSFUL;
+			return nt_status;
 		}
 	}
 	
-- 
cgit 


From 0914e541f5480834c1b0ddc98b5f71f7f7abf9cb Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sat, 10 May 2003 11:49:51 +0000
Subject: Reverse previous patch from Stefan and me after comments by Andrew
 Bartlett (This used to be commit d817eaf0ecca2d878ab1ffcf7a747a02d71c811e)

---
 source3/passdb/pdb_interface.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index dc2b43d204..7b44df193f 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -436,10 +436,10 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c
 	/* Try to find a module that contains this module */
 	if (!entry) { 
 		DEBUG(2,("No builtin backend found, trying to load plugin\n"));
-		if(NT_STATUS_IS_OK(nt_status = smb_probe_module("pdb", module_name)) && !(entry = pdb_find_backend_entry(module_name))) {
+		if(NT_STATUS_IS_OK(smb_probe_module("pdb", module_name)) && !(entry = pdb_find_backend_entry(module_name))) {
 			DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", module_name));
 			SAFE_FREE(module_name);
-			return nt_status;
+			return NT_STATUS_UNSUCCESSFUL;
 		}
 	}
 	
-- 
cgit 


From 9e9849c0ee5cfc79dc51e29c8015d9c53fa4bfcc Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Fri, 16 May 2003 06:20:57 +0000
Subject: add metze's patch for smb_register functions (This used to be commit
 1480c7e8c7a84c34181118c449c50ca99fdcbc6b)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7b44df193f..7640228ab9 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -74,7 +74,7 @@ static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
 	struct pdb_init_function_entry *entry = backends;
 
 	while(entry) {
-		if (strcasecmp(entry->name, name) == 0) return entry;
+		if (strcmp(entry->name, name)==0) return entry;
 		entry = entry->next;
 	}
 
-- 
cgit 


From 75a5c0b307a79536316b651273d3f6983323f5ce Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Wed, 18 Jun 2003 15:24:10 +0000
Subject: Ok, this patch removes the privilege stuff we had in, unused, for
 some time.

The code was nice, but put in the wrong place (group mapping) and not
supported by most of the code, thus useless.

We will put back most of the code when our infrastructure will be changed
so that privileges actually really make sense to be set.

This is a first patch of a set to enhance all our mapping code cleaness and
stability towards a sane next beta for 3.0 code base

Simo.
(This used to be commit e341e7c49f8c17a9ee30ca3fab3aa0397c1f0c7e)
---
 source3/passdb/pdb_interface.c | 34 ++++++++++++++++------------------
 1 file changed, 16 insertions(+), 18 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7640228ab9..a78f07e829 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -258,7 +258,7 @@ static NTSTATUS context_delete_sam_account(struct pdb_context *context, SAM_ACCO
 }
 
 static NTSTATUS context_getgrsid(struct pdb_context *context,
-				 GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
+				 GROUP_MAP *map, DOM_SID sid)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -269,7 +269,7 @@ static NTSTATUS context_getgrsid(struct pdb_context *context,
 	}
 	curmethods = context->pdb_methods;
 	while (curmethods){
-		ret = curmethods->getgrsid(curmethods, map, sid, with_priv);
+		ret = curmethods->getgrsid(curmethods, map, sid);
 		if (NT_STATUS_IS_OK(ret)) {
 			map->methods = curmethods;
 			return ret;
@@ -281,7 +281,7 @@ static NTSTATUS context_getgrsid(struct pdb_context *context,
 }
 
 static NTSTATUS context_getgrgid(struct pdb_context *context,
-				 GROUP_MAP *map, gid_t gid, BOOL with_priv)
+				 GROUP_MAP *map, gid_t gid)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -292,7 +292,7 @@ static NTSTATUS context_getgrgid(struct pdb_context *context,
 	}
 	curmethods = context->pdb_methods;
 	while (curmethods){
-		ret = curmethods->getgrgid(curmethods, map, gid, with_priv);
+		ret = curmethods->getgrgid(curmethods, map, gid);
 		if (NT_STATUS_IS_OK(ret)) {
 			map->methods = curmethods;
 			return ret;
@@ -304,7 +304,7 @@ static NTSTATUS context_getgrgid(struct pdb_context *context,
 }
 
 static NTSTATUS context_getgrnam(struct pdb_context *context,
-				 GROUP_MAP *map, char *name, BOOL with_priv)
+				 GROUP_MAP *map, char *name)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -315,7 +315,7 @@ static NTSTATUS context_getgrnam(struct pdb_context *context,
 	}
 	curmethods = context->pdb_methods;
 	while (curmethods){
-		ret = curmethods->getgrnam(curmethods, map, name, with_priv);
+		ret = curmethods->getgrnam(curmethods, map, name);
 		if (NT_STATUS_IS_OK(ret)) {
 			map->methods = curmethods;
 			return ret;
@@ -371,7 +371,7 @@ static NTSTATUS context_delete_group_mapping_entry(struct pdb_context *context,
 static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
 					   enum SID_NAME_USE sid_name_use,
 					   GROUP_MAP **rmap, int *num_entries,
-					   BOOL unix_only, BOOL with_priv)
+					   BOOL unix_only)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -382,8 +382,7 @@ static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
 
 	return context->pdb_methods->enum_group_mapping(context->pdb_methods,
 							sid_name_use, rmap,
-							num_entries, unix_only,
-							with_priv);
+							num_entries, unix_only);
 }
 
 /******************************************************************
@@ -668,7 +667,7 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
 	return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
 }
 
-BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
+BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -677,10 +676,10 @@ BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
 	}
 
 	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_getgrsid(pdb_context, map, sid, with_priv));
+			       pdb_getgrsid(pdb_context, map, sid));
 }
 
-BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid, BOOL with_priv)
+BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -689,10 +688,10 @@ BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid, BOOL with_priv)
 	}
 
 	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_getgrgid(pdb_context, map, gid, with_priv));
+			       pdb_getgrgid(pdb_context, map, gid));
 }
 
-BOOL pdb_getgrnam(GROUP_MAP *map, char *name, BOOL with_priv)
+BOOL pdb_getgrnam(GROUP_MAP *map, char *name)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -701,7 +700,7 @@ BOOL pdb_getgrnam(GROUP_MAP *map, char *name, BOOL with_priv)
 	}
 
 	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_getgrnam(pdb_context, map, name, with_priv));
+			       pdb_getgrnam(pdb_context, map, name));
 }
 
 BOOL pdb_add_group_mapping_entry(GROUP_MAP *map)
@@ -741,7 +740,7 @@ BOOL pdb_delete_group_mapping_entry(DOM_SID sid)
 }
 
 BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
-			    int *num_entries, BOOL unix_only, BOOL with_priv)
+			    int *num_entries, BOOL unix_only)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -751,8 +750,7 @@ BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
 
 	return NT_STATUS_IS_OK(pdb_context->
 			       pdb_enum_group_mapping(pdb_context, sid_name_use,
-						      rmap, num_entries, unix_only,
-						      with_priv));
+						      rmap, num_entries, unix_only));
 }
 
 /***************************************************************
-- 
cgit 


From 187ef2eb2a4f13b46df788f2e6ed18da3d5d5523 Mon Sep 17 00:00:00 2001
From: Jim McDonough <jmcd@samba.org>
Date: Fri, 20 Jun 2003 17:39:53 +0000
Subject: Fix bug #136: "passdb backend = " caused smbd to segfault. Instead,
 spit out an error message. (This used to be commit
 22f083b227a6f03ae42b985e45e9c384982c6ed2)

---
 source3/passdb/pdb_interface.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index a78f07e829..478cf6c06b 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -521,6 +521,11 @@ NTSTATUS make_pdb_context_list(struct pdb_context **context, const char **select
 		return nt_status;
 	}
 
+	if (!selected) {
+		DEBUG(0, ("ERROR: empty passdb backend list!\n"));
+		return nt_status;
+	}
+
 	while (selected[i]){
 		/* Try to initialise pdb */
 		DEBUG(5,("Trying to load: %s\n", selected[i]));
-- 
cgit 


From f5974dfaae680d98b78d600cd1f1aaece332a085 Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Sun, 22 Jun 2003 10:09:52 +0000
Subject: Found out a good number of NT_STATUS_IS_ERR used the wrong way. As
 abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK

This patch will cure the problem.
Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is
used correctly, but I'm not 100% sure, coders should check the use of
NT_STATUS_IS_ERR() in samba is ok now.

Simo.
(This used to be commit c501e84d412563eb3f674f76038ec48c2b458687)
---
 source3/passdb/pdb_interface.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 478cf6c06b..af913f3ff0 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -566,13 +566,13 @@ static struct pdb_context *pdb_get_static_context(BOOL reload)
 
 	if ((pdb_context) && (reload)) {
 		pdb_context->free_fn(&pdb_context);
-		if (NT_STATUS_IS_ERR(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
+		if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
 			return NULL;
 		}
 	}
 
 	if (!pdb_context) {
-		if (NT_STATUS_IS_ERR(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
+		if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
 			return NULL;
 		}
 	}
-- 
cgit 


From f51d769dd303027a3dbf46fc89a482933988e866 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Wed, 25 Jun 2003 17:41:05 +0000
Subject: large change:

*)  consolidates the dc location routines again (dns
    and netbios)  get_dc_list() or get_sorted_dc_list()
    is the authoritative means of locating DC's again.

    (also inludes a flag to get_dc_list() to define
     if this should be a DNS only lookup or not)

    (however, if you set "name resolve order = hosts wins"
     you could still get DNS queries for domain name IFF
     ldap_domain2hostlist() fails.  The answer?  Fix your DNS
     setup)

*)  enabled DOMAIN<0x1c> lookups to be funneled through
    resolve_hosts resulting in a call to ldap_domain2hostlist()
    if lp_security() == SEC_ADS

*)  enables name cache for winbind ADS backend

*)  enable the negative connection cache for winbind
    ADS backend

*)  removes some old dead code

*)  consolidates some duplicate code

*)  moves the internal_name_resolve() to use an IP/port pair
    to deal with SRV RR dns replies.  The namecache code
    also supports the IP:port syntax now as well.

*)  removes 'ads server' and moves the functionality back
    into 'password server' (which can support "hostname:port"
    syntax now but works fine with defaults depending on
    the value of lp_security())
(This used to be commit d7f7fcda425bef380441509734eca33da943c091)
---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index af913f3ff0..9d24a42a98 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -304,7 +304,7 @@ static NTSTATUS context_getgrgid(struct pdb_context *context,
 }
 
 static NTSTATUS context_getgrnam(struct pdb_context *context,
-				 GROUP_MAP *map, char *name)
+				 GROUP_MAP *map, const char *name)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
-- 
cgit 


From aca3fa914928bdb1b7ea091ffe169a4e74b213d0 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Mon, 30 Jun 2003 14:55:45 +0000
Subject: Add the 'guest' passdb backend automatically if guest account != ""

Volker
(This used to be commit 21d330af107f744af9569b5577afc6e7ba6a269c)
---
 source3/passdb/pdb_interface.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 9d24a42a98..5ebc14030f 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -516,6 +516,7 @@ NTSTATUS make_pdb_context_list(struct pdb_context **context, const char **select
 	int i = 0;
 	struct pdb_methods *curmethods, *tmpmethods;
 	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+	BOOL have_guest = False;
 
 	if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context))) {
 		return nt_status;
@@ -527,6 +528,9 @@ NTSTATUS make_pdb_context_list(struct pdb_context **context, const char **select
 	}
 
 	while (selected[i]){
+		if (strcmp(selected[i], "guest") == 0) {
+			have_guest = True;
+		}
 		/* Try to initialise pdb */
 		DEBUG(5,("Trying to load: %s\n", selected[i]));
 		if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods_name(&curmethods, *context, selected[i]))) {
@@ -539,6 +543,27 @@ NTSTATUS make_pdb_context_list(struct pdb_context **context, const char **select
 		i++;
 	}
 
+	if (have_guest)
+		return NT_STATUS_OK;
+
+	if ( (lp_guestaccount() == NULL) ||
+	     (*lp_guestaccount() == '\0') ) {
+		/* We explicitly don't want guest access. No idea what
+		   else that breaks, but be it that way. */
+		return NT_STATUS_OK;
+	}
+
+	if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods_name(&curmethods,
+							       *context,
+							       "guest"))) {
+		DEBUG(1, ("Loading guest module failed!\n"));
+		free_pdb_context(context);
+		return nt_status;
+	}
+
+	curmethods->parent = *context;
+	DLIST_ADD_END((*context)->pdb_methods, curmethods, tmpmethods);
+	
 	return NT_STATUS_OK;
 }
 
-- 
cgit 


From 94f59f54921174fc156fade575ca114d331b1bd8 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Fri, 5 Sep 2003 19:59:55 +0000
Subject: More tuning from cachegrind. Change most trim_string() calls to
 trim_char(0, as that's what they do. Fix string_replace() to fast-path ascii.
 Jeremy. (This used to be commit f35e9a8b909d3c74be47083ccc4a4e91a14938db)

---
 source3/passdb/pdb_interface.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 5ebc14030f..d548081e78 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -422,10 +422,10 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c
 	if (p) {
 		*p = 0;
 		module_location = p+1;
-		trim_string(module_location, " ", " ");
+		trim_char(module_location, ' ', ' ');
 	}
 
-	trim_string(module_name, " ", " ");
+	trim_char(module_name, ' ', ' ');
 
 
 	DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
-- 
cgit 


From 6566a89beeb49236bdc833002375396973c62a66 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Thu, 29 Jan 2004 20:14:50 +0000
Subject: initialization fixes (This used to be commit
 54fd3992c385fd6208c061131b2c98e448baf2c2)

---
 source3/passdb/pdb_interface.c | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index d548081e78..ed05e5ad42 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -36,6 +36,44 @@ static void lazy_initialize_passdb(void)
 
 static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name);
 
+/*******************************************************************
+ Clean up uninitialised passwords.  The only way to tell 
+ that these values are not 'real' is that they do not
+ have a valid last set time.  Instead, the value is fixed at 0. 
+ Therefore we use that as the key for 'is this a valid password'.
+ However, it is perfectly valid to have a 'default' last change
+ time, such LDAP with a missing attribute would produce.
+********************************************************************/
+
+static void pdb_force_pw_initialization(SAM_ACCOUNT *pass) 
+{
+	const char *lm_pwd, *nt_pwd;
+	
+	/* only reset a password if the last set time has been 
+	   explicitly been set to zero.  A default last set time 
+	   is ignored */
+
+	if ( (pdb_get_init_flags(pass, PDB_PASSLASTSET) != PDB_DEFAULT) 
+		&& (pdb_get_pass_last_set_time(pass) == 0) ) 
+	{
+		
+		if (pdb_get_init_flags(pass, PDB_LMPASSWD) != PDB_DEFAULT) 
+		{
+			lm_pwd = pdb_get_lanman_passwd(pass);
+			if (lm_pwd) 
+				pdb_set_lanman_passwd(pass, NULL, PDB_SET);
+		}
+		if (pdb_get_init_flags(pass, PDB_NTPASSWD) != PDB_DEFAULT) 
+		{
+			nt_pwd = pdb_get_nt_passwd(pass);
+			if (nt_pwd) 
+				pdb_set_nt_passwd(pass, NULL, PDB_SET);
+		}
+	}
+
+	return;
+}
+
 NTSTATUS smb_register_passdb(int version, const char *name, pdb_init_function init) 
 {
 	struct pdb_init_function_entry *entry = backends;
@@ -141,6 +179,7 @@ static NTSTATUS context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *us
 		context->pwent_methods->setsampwent(context->pwent_methods, False);
 	}
 	user->methods = context->pwent_methods;
+	pdb_force_pw_initialization(user);
 	return ret;
 }
 
@@ -156,6 +195,7 @@ static NTSTATUS context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sa
 	curmethods = context->pdb_methods;
 	while (curmethods){
 		if (NT_STATUS_IS_OK(ret = curmethods->getsampwnam(curmethods, sam_acct, username))) {
+			pdb_force_pw_initialization(sam_acct);
 			sam_acct->methods = curmethods;
 			return ret;
 		}
@@ -179,6 +219,7 @@ static NTSTATUS context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sa
 
 	while (curmethods){
 		if (NT_STATUS_IS_OK(ret = curmethods->getsampwsid(curmethods, sam_acct, sid))) {
+			pdb_force_pw_initialization(sam_acct);
 			sam_acct->methods = curmethods;
 			return ret;
 		}
-- 
cgit 


From d4420dc9023677461570eaedd1f1ca0e6c0ef758 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Thu, 29 Jan 2004 22:16:58 +0000
Subject: more initialization fixes (This used to be commit
 9e590d603547ef1e8388bea66eb5d44e4dfd6412)

---
 source3/passdb/pdb_interface.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index ed05e5ad42..c656e08722 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -708,22 +708,44 @@ BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
 BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct) 
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	const char *lm_pw, *nt_pw;
+	uint16 acb_flags;
 
 	if (!pdb_context) {
 		return False;
 	}
 
+	/* disable acccounts with no passwords */
+	lm_pw = pdb_get_lanman_passwd( sam_acct );
+	nt_pw = pdb_get_lanman_passwd( sam_acct );
+	if ( !lm_pw || !nt_pw ) {
+		acb_flags = pdb_get_acct_ctrl( sam_acct ) | ACB_DISABLED;
+		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_SET );
+		pdb_set_init_flags(sam_acct, PDB_ACCTCTRL, PDB_SET);
+	}
+
 	return NT_STATUS_IS_OK(pdb_context->pdb_add_sam_account(pdb_context, sam_acct));
 }
 
 BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct) 
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	const char *lm_pw, *nt_pw;
+	uint16 acb_flags;
 
 	if (!pdb_context) {
 		return False;
 	}
 
+	/* disable acccounts with no passwords */
+	lm_pw = pdb_get_lanman_passwd( sam_acct );
+	nt_pw = pdb_get_lanman_passwd( sam_acct );
+	if ( !lm_pw || !nt_pw ) {
+		acb_flags = pdb_get_acct_ctrl( sam_acct ) | ACB_DISABLED;
+		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_SET );
+		pdb_set_init_flags(sam_acct, PDB_ACCTCTRL, PDB_SET);
+	}
+
 	return NT_STATUS_IS_OK(pdb_context->pdb_update_sam_account(pdb_context, sam_acct));
 }
 
-- 
cgit 


From 3141a266777dac9378c2bbbdf5ed591c220604ec Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Fri, 30 Jan 2004 14:59:40 +0000
Subject: disable any account that doesn't have a password and doesn't had the
 ACB_PWNOTREQ bit set (This used to be commit
 52bf070b10ca99be7e4b9d1b5e32f69d2667d8f4)

---
 source3/passdb/pdb_interface.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index c656e08722..e88b58f1e2 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -714,12 +714,15 @@ BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct)
 	if (!pdb_context) {
 		return False;
 	}
+	
+	/* disable acccounts with no passwords (that has not 
+	   been allowed by the  ACB_PWNOTREQ bit */
 
-	/* disable acccounts with no passwords */
 	lm_pw = pdb_get_lanman_passwd( sam_acct );
 	nt_pw = pdb_get_lanman_passwd( sam_acct );
-	if ( !lm_pw || !nt_pw ) {
-		acb_flags = pdb_get_acct_ctrl( sam_acct ) | ACB_DISABLED;
+	acb_flags = pdb_get_acct_ctrl( sam_acct );
+	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
+		acb_flags |= ACB_DISABLED;
 		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_SET );
 		pdb_set_init_flags(sam_acct, PDB_ACCTCTRL, PDB_SET);
 	}
@@ -737,11 +740,14 @@ BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
 		return False;
 	}
 
-	/* disable acccounts with no passwords */
+	/* disable acccounts with no passwords (that has not 
+	   been allowed by the  ACB_PWNOTREQ bit */
+	
 	lm_pw = pdb_get_lanman_passwd( sam_acct );
 	nt_pw = pdb_get_lanman_passwd( sam_acct );
-	if ( !lm_pw || !nt_pw ) {
-		acb_flags = pdb_get_acct_ctrl( sam_acct ) | ACB_DISABLED;
+	acb_flags = pdb_get_acct_ctrl( sam_acct );
+	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
+		acb_flags |= ACB_DISABLED;
 		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_SET );
 		pdb_set_init_flags(sam_acct, PDB_ACCTCTRL, PDB_SET);
 	}
-- 
cgit 


From 471e558b28817018f7f132aa5ef7bb99dec92176 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Wed, 4 Feb 2004 19:46:29 +0000
Subject: move disabling code to context functions instead of backwards
 compatible wrappers (This used to be commit
 e62ef2ba2d73f492d879af4d06b223f8e739dc6c)

---
 source3/passdb/pdb_interface.c | 56 +++++++++++++++++++++---------------------
 1 file changed, 28 insertions(+), 28 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index e88b58f1e2..4d8c14cda7 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -232,12 +232,26 @@ static NTSTATUS context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sa
 static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+	const char *lm_pw, *nt_pw;
+	uint16 acb_flags;
 
 	if ((!context) || (!context->pdb_methods)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
 		return ret;
 	}
 
+	/* disable acccounts with no passwords (that has not 
+	   been allowed by the  ACB_PWNOTREQ bit */
+	
+	lm_pw = pdb_get_lanman_passwd( sam_acct );
+	nt_pw = pdb_get_lanman_passwd( sam_acct );
+	acb_flags = pdb_get_acct_ctrl( sam_acct );
+	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
+		acb_flags |= ACB_DISABLED;
+		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_SET );
+		pdb_set_init_flags(sam_acct, PDB_ACCTCTRL, PDB_SET);
+	}
+	
 	/** @todo  This is where a 're-read on add' should be done */
 	/* We now add a new account to the first database listed. 
 	 * Should we? */
@@ -248,6 +262,8 @@ static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT
 static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+	const char *lm_pw, *nt_pw;
+	uint16 acb_flags;
 
 	if (!context) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
@@ -259,6 +275,18 @@ static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCO
 		return ret;
 	}
 
+	/* disable acccounts with no passwords (that has not 
+	   been allowed by the  ACB_PWNOTREQ bit */
+	
+	lm_pw = pdb_get_lanman_passwd( sam_acct );
+	nt_pw = pdb_get_lanman_passwd( sam_acct );
+	acb_flags = pdb_get_acct_ctrl( sam_acct );
+	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
+		acb_flags |= ACB_DISABLED;
+		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_SET );
+		pdb_set_init_flags(sam_acct, PDB_ACCTCTRL, PDB_SET);
+	}
+	
 	/** @todo  This is where a 're-read on update' should be done */
 
 	return sam_acct->methods->update_sam_account(sam_acct->methods, sam_acct);
@@ -708,50 +736,22 @@ BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
 BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct) 
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
-	const char *lm_pw, *nt_pw;
-	uint16 acb_flags;
 
 	if (!pdb_context) {
 		return False;
 	}
 	
-	/* disable acccounts with no passwords (that has not 
-	   been allowed by the  ACB_PWNOTREQ bit */
-
-	lm_pw = pdb_get_lanman_passwd( sam_acct );
-	nt_pw = pdb_get_lanman_passwd( sam_acct );
-	acb_flags = pdb_get_acct_ctrl( sam_acct );
-	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
-		acb_flags |= ACB_DISABLED;
-		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_SET );
-		pdb_set_init_flags(sam_acct, PDB_ACCTCTRL, PDB_SET);
-	}
-
 	return NT_STATUS_IS_OK(pdb_context->pdb_add_sam_account(pdb_context, sam_acct));
 }
 
 BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct) 
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
-	const char *lm_pw, *nt_pw;
-	uint16 acb_flags;
 
 	if (!pdb_context) {
 		return False;
 	}
 
-	/* disable acccounts with no passwords (that has not 
-	   been allowed by the  ACB_PWNOTREQ bit */
-	
-	lm_pw = pdb_get_lanman_passwd( sam_acct );
-	nt_pw = pdb_get_lanman_passwd( sam_acct );
-	acb_flags = pdb_get_acct_ctrl( sam_acct );
-	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
-		acb_flags |= ACB_DISABLED;
-		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_SET );
-		pdb_set_init_flags(sam_acct, PDB_ACCTCTRL, PDB_SET);
-	}
-
 	return NT_STATUS_IS_OK(pdb_context->pdb_update_sam_account(pdb_context, sam_acct));
 }
 
-- 
cgit 


From b6a320bdc1ff3470cec67dd901157652ccb98848 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Thu, 12 Feb 2004 17:09:01 +0000
Subject: stupid cut-n=paste error; my fault (This used to be commit
 ee8f142b874a5bd365e59f68fb48ff3fec82fcda)

---
 source3/passdb/pdb_interface.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 4d8c14cda7..57f3ce7e98 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -244,7 +244,7 @@ static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT
 	   been allowed by the  ACB_PWNOTREQ bit */
 	
 	lm_pw = pdb_get_lanman_passwd( sam_acct );
-	nt_pw = pdb_get_lanman_passwd( sam_acct );
+	nt_pw = pdb_get_nt_passwd( sam_acct );
 	acb_flags = pdb_get_acct_ctrl( sam_acct );
 	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
 		acb_flags |= ACB_DISABLED;
@@ -279,7 +279,7 @@ static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCO
 	   been allowed by the  ACB_PWNOTREQ bit */
 	
 	lm_pw = pdb_get_lanman_passwd( sam_acct );
-	nt_pw = pdb_get_lanman_passwd( sam_acct );
+	nt_pw = pdb_get_nt_passwd( sam_acct );
 	acb_flags = pdb_get_acct_ctrl( sam_acct );
 	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
 		acb_flags |= ACB_DISABLED;
-- 
cgit 


From eaece3bbe600c69cb407be0b79fb3023ee6dab93 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Thu, 12 Feb 2004 17:51:23 +0000
Subject: abartlet's pdb_set/changed flag fix for NULL passwords (This used to
 be commit cfe80f0df7ecfa6c689b03b9bed80ea80701a4c1)

---
 source3/passdb/pdb_interface.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 57f3ce7e98..f5c198b2ea 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -61,13 +61,13 @@ static void pdb_force_pw_initialization(SAM_ACCOUNT *pass)
 		{
 			lm_pwd = pdb_get_lanman_passwd(pass);
 			if (lm_pwd) 
-				pdb_set_lanman_passwd(pass, NULL, PDB_SET);
+				pdb_set_lanman_passwd(pass, NULL, PDB_CHANGED);
 		}
 		if (pdb_get_init_flags(pass, PDB_NTPASSWD) != PDB_DEFAULT) 
 		{
 			nt_pwd = pdb_get_nt_passwd(pass);
 			if (nt_pwd) 
-				pdb_set_nt_passwd(pass, NULL, PDB_SET);
+				pdb_set_nt_passwd(pass, NULL, PDB_CHANGED);
 		}
 	}
 
@@ -248,8 +248,7 @@ static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT
 	acb_flags = pdb_get_acct_ctrl( sam_acct );
 	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
 		acb_flags |= ACB_DISABLED;
-		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_SET );
-		pdb_set_init_flags(sam_acct, PDB_ACCTCTRL, PDB_SET);
+		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_CHANGED );
 	}
 	
 	/** @todo  This is where a 're-read on add' should be done */
@@ -283,8 +282,7 @@ static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCO
 	acb_flags = pdb_get_acct_ctrl( sam_acct );
 	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
 		acb_flags |= ACB_DISABLED;
-		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_SET );
-		pdb_set_init_flags(sam_acct, PDB_ACCTCTRL, PDB_SET);
+		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_CHANGED );
 	}
 	
 	/** @todo  This is where a 're-read on update' should be done */
-- 
cgit 


From e692b991d1c706261bf8efe16d9f8eedae8b1b3d Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Thu, 26 Feb 2004 11:07:06 +0000
Subject: And another little const (This used to be commit
 f6bb3304fc5ef298a921b9ee5ad2f6444b0e72bc)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index f5c198b2ea..06097d3557 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -788,7 +788,7 @@ BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
 			       pdb_getgrgid(pdb_context, map, gid));
 }
 
-BOOL pdb_getgrnam(GROUP_MAP *map, char *name)
+BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
-- 
cgit 


From 7af3777ab32ee220700ed3367d07ca18b2bbdd47 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Wed, 7 Apr 2004 12:43:44 +0000
Subject: r116: volker's patch for local group and group nesting (This used to
 be commit b393469d9581f20e4d4c52633b952ee984cca36f)

---
 source3/passdb/pdb_interface.c | 300 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 300 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 06097d3557..a3b2706c35 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -452,6 +452,156 @@ static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
 							num_entries, unix_only);
 }
 
+static NTSTATUS context_find_alias(struct pdb_context *context,
+				   const char *name, DOM_SID *sid)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->find_alias(context->pdb_methods,
+						name, sid);
+}
+
+static NTSTATUS context_create_alias(struct pdb_context *context,
+				     const char *name, uint32 *rid)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->create_alias(context->pdb_methods,
+						  name, rid);
+}
+
+static NTSTATUS context_delete_alias(struct pdb_context *context,
+				     const DOM_SID *sid)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->delete_alias(context->pdb_methods, sid);
+}
+
+static NTSTATUS context_enum_aliases(struct pdb_context *context,
+				     const DOM_SID *sid,
+				     uint32 start_idx, uint32 max_entries,
+				     uint32 *num_aliases,
+				     struct acct_info **info)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->enum_aliases(context->pdb_methods,
+						  sid, start_idx, max_entries,
+						  num_aliases, info);
+}
+
+static NTSTATUS context_get_aliasinfo(struct pdb_context *context,
+				      const DOM_SID *sid,
+				      struct acct_info *info)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->get_aliasinfo(context->pdb_methods,
+						   sid, info);
+}
+
+static NTSTATUS context_set_aliasinfo(struct pdb_context *context,
+				      const DOM_SID *sid,
+				      struct acct_info *info)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->set_aliasinfo(context->pdb_methods,
+						   sid, info);
+}
+
+static NTSTATUS context_add_aliasmem(struct pdb_context *context,
+				     const DOM_SID *alias,
+				     const DOM_SID *member)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->add_aliasmem(context->pdb_methods,
+						  alias, member);
+}
+	
+static NTSTATUS context_del_aliasmem(struct pdb_context *context,
+				     const DOM_SID *alias,
+				     const DOM_SID *member)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->del_aliasmem(context->pdb_methods,
+						  alias, member);
+}
+	
+static NTSTATUS context_enum_aliasmem(struct pdb_context *context,
+				      const DOM_SID *alias, DOM_SID **members,
+				      int *num)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->enum_aliasmem(context->pdb_methods,
+						   alias, members, num);
+}
+	
+static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
+					       const DOM_SID *sid,
+					       DOM_SID **aliases, int *num)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->
+		enum_alias_memberships(context->pdb_methods, sid, aliases,
+				       num);
+}
+	
 /******************************************************************
   Free and cleanup a pdb context, any associated data and anything
   that the attached modules might have associated.
@@ -568,6 +718,17 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_delete_group_mapping_entry = context_delete_group_mapping_entry;
 	(*context)->pdb_enum_group_mapping = context_enum_group_mapping;
 
+	(*context)->pdb_find_alias = context_find_alias;
+	(*context)->pdb_create_alias = context_create_alias;
+	(*context)->pdb_delete_alias = context_delete_alias;
+	(*context)->pdb_enum_aliases = context_enum_aliases;
+	(*context)->pdb_get_aliasinfo = context_get_aliasinfo;
+	(*context)->pdb_set_aliasinfo = context_set_aliasinfo;
+	(*context)->pdb_add_aliasmem = context_add_aliasmem;
+	(*context)->pdb_del_aliasmem = context_del_aliasmem;
+	(*context)->pdb_enum_aliasmem = context_enum_aliasmem;
+	(*context)->pdb_enum_alias_memberships = context_enum_alias_memberships;
+
 	(*context)->free_fn = free_pdb_context;
 
 	return NT_STATUS_OK;
@@ -850,6 +1011,135 @@ BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
 						      rmap, num_entries, unix_only));
 }
 
+BOOL pdb_find_alias(const char *name, DOM_SID *sid)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->pdb_find_alias(pdb_context,
+							     name, sid));
+}
+
+BOOL pdb_create_alias(const char *name, uint32 *rid)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->pdb_create_alias(pdb_context,
+							     name, rid));
+}
+
+BOOL pdb_delete_alias(const DOM_SID *sid)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->pdb_delete_alias(pdb_context,
+							     sid));
+							    
+}
+
+BOOL pdb_enum_aliases(const DOM_SID *sid, uint32 start_idx, uint32 max_entries,
+		      uint32 *num_aliases, struct acct_info **info)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->pdb_enum_aliases(pdb_context, sid,
+							     start_idx,
+							     max_entries,
+							     num_aliases,
+							     info));
+}
+
+BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->pdb_get_aliasinfo(pdb_context, sid,
+							      info));
+}
+
+BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->pdb_set_aliasinfo(pdb_context, sid,
+							      info));
+}
+
+BOOL pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_add_aliasmem(pdb_context, alias, member));
+}
+
+BOOL pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_del_aliasmem(pdb_context, alias, member));
+}
+
+BOOL pdb_enum_aliasmem(const DOM_SID *alias,
+		       DOM_SID **members, int *num_members)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_enum_aliasmem(pdb_context, alias,
+						 members, num_members));
+}
+
+BOOL pdb_enum_alias_memberships(const DOM_SID *sid,
+				DOM_SID **aliases, int *num)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_enum_alias_memberships(pdb_context, sid,
+							  aliases, num));
+}
+
 /***************************************************************
   Initialize the static context (at smbd startup etc). 
 
@@ -933,6 +1223,16 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->update_group_mapping_entry = pdb_default_update_group_mapping_entry;
 	(*methods)->delete_group_mapping_entry = pdb_default_delete_group_mapping_entry;
 	(*methods)->enum_group_mapping = pdb_default_enum_group_mapping;
+	(*methods)->find_alias = pdb_default_find_alias;
+	(*methods)->create_alias = pdb_default_create_alias;
+	(*methods)->delete_alias = pdb_default_delete_alias;
+	(*methods)->enum_aliases = pdb_default_enum_aliases;
+	(*methods)->get_aliasinfo = pdb_default_get_aliasinfo;
+	(*methods)->set_aliasinfo = pdb_default_set_aliasinfo;
+	(*methods)->add_aliasmem = pdb_default_add_aliasmem;
+	(*methods)->del_aliasmem = pdb_default_del_aliasmem;
+	(*methods)->enum_aliasmem = pdb_default_enum_aliasmem;
+	(*methods)->enum_alias_memberships = pdb_default_alias_memberships;
 
 	return NT_STATUS_OK;
 }
-- 
cgit 


From 69a91df4ed4fc8a8d2105d098e4572e6c0da5ebb Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sat, 10 Apr 2004 16:09:48 +0000
Subject: r145: pdb_create_alias now returns NTSTATUS. More of this to follow.

Volker
(This used to be commit 6e18bed17093e0b1792f68817096e64e0e841f26)
---
 source3/passdb/pdb_interface.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index a3b2706c35..d65b1b3463 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1023,16 +1023,15 @@ BOOL pdb_find_alias(const char *name, DOM_SID *sid)
 							     name, sid));
 }
 
-BOOL pdb_create_alias(const char *name, uint32 *rid)
+NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
 	if (!pdb_context) {
-		return False;
+		return NT_STATUS_NOT_IMPLEMENTED;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_create_alias(pdb_context,
-							     name, rid));
+	return pdb_context->pdb_create_alias(pdb_context, name, rid);
 }
 
 BOOL pdb_delete_alias(const DOM_SID *sid)
-- 
cgit 


From 154d5f913b4ce60f731227eb1bb3650c45fcde93 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Fri, 5 Nov 2004 23:34:00 +0000
Subject: r3566: Completely replace the queryuseraliases call. The previous
 implementation does not exactly match what you would expect.

XP workstations during login actually do this, so we should better become a
bit more correct. The LDAP query issued is not really fully optimal, but it is
a lot faster and more correct than what was there before. The change in
passdb.h makes it possible that queryuseraliases is done with a single ldap
query.

Volker
(This used to be commit 2508d4ed1e16c268fc9f3676b0c6a122e070f93d)
---
 source3/passdb/pdb_interface.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index d65b1b3463..5747435e69 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -587,7 +587,8 @@ static NTSTATUS context_enum_aliasmem(struct pdb_context *context,
 }
 	
 static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
-					       const DOM_SID *sid,
+					       const DOM_SID *members,
+					       int num_members,
 					       DOM_SID **aliases, int *num)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
@@ -598,8 +599,8 @@ static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
 	}
 
 	return context->pdb_methods->
-		enum_alias_memberships(context->pdb_methods, sid, aliases,
-				       num);
+		enum_alias_memberships(context->pdb_methods, members,
+				       num_members, aliases, num);
 }
 	
 /******************************************************************
@@ -1125,7 +1126,7 @@ BOOL pdb_enum_aliasmem(const DOM_SID *alias,
 						 members, num_members));
 }
 
-BOOL pdb_enum_alias_memberships(const DOM_SID *sid,
+BOOL pdb_enum_alias_memberships(const DOM_SID *members, int num_members,
 				DOM_SID **aliases, int *num)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
@@ -1135,7 +1136,8 @@ BOOL pdb_enum_alias_memberships(const DOM_SID *sid,
 	}
 
 	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_enum_alias_memberships(pdb_context, sid,
+			       pdb_enum_alias_memberships(pdb_context, members,
+							  num_members,
 							  aliases, num));
 }
 
-- 
cgit 


From 69ddbbf97b4c37cba879f7dd9ce8cb5f4d336857 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Fri, 12 Nov 2004 15:30:51 +0000
Subject: r3704: Implement a cache get saves the result of a pdb_getsampwnam
 for later retrieval by pdb_getsampwsid. This solves our problem that we do
 lots of calls to LDAP during a typical XP login. XP does a lookupnames, then
 an openuser and some queryinfo stuff. Lookupnames triggers the initial
 getsampwnam, and all the subsequent ones make us call getsampwsid. This patch
 gets this down to one call to LDAP.

Yes, a more "correct" way would be to stick the information to the open user
handle, but this one is simpler and saves the LDAP roundtrip for the openuser
call.

Volker
(This used to be commit 3d9758fa3c584bb25eca0b7ed04af4ddfeba315f)
---
 source3/passdb/pdb_interface.c | 28 +++++++++++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 5747435e69..082e57ecc0 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -871,6 +871,8 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
 	return NT_STATUS_IS_OK(pdb_context->pdb_getsampwent(pdb_context, user));
 }
 
+static SAM_ACCOUNT *sam_account_cache = NULL;
+
 BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username) 
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
@@ -879,7 +881,17 @@ BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username)
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_getsampwnam(pdb_context, sam_acct, username));
+	if (!NT_STATUS_IS_OK(pdb_context->pdb_getsampwnam(pdb_context,
+							  sam_acct, username)))
+		return False;
+
+	if (sam_account_cache != NULL) {
+		pdb_free_sam(&sam_account_cache);
+		sam_account_cache = NULL;
+	}
+
+	pdb_copy_sam_account(sam_acct, &sam_account_cache);
+	return True;
 }
 
 BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid) 
@@ -890,6 +902,10 @@ BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
 		return False;
 	}
 
+	if ((sam_account_cache != NULL) &&
+	    (sid_equal(sid, pdb_get_user_sid(sam_account_cache))))
+		return pdb_copy_sam_account(sam_account_cache, &sam_acct);
+
 	return NT_STATUS_IS_OK(pdb_context->pdb_getsampwsid(pdb_context, sam_acct, sid));
 }
 
@@ -912,6 +928,11 @@ BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
 		return False;
 	}
 
+	if (sam_account_cache != NULL) {
+		pdb_free_sam(&sam_account_cache);
+		sam_account_cache = NULL;
+	}
+
 	return NT_STATUS_IS_OK(pdb_context->pdb_update_sam_account(pdb_context, sam_acct));
 }
 
@@ -923,6 +944,11 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
 		return False;
 	}
 
+	if (sam_account_cache != NULL) {
+		pdb_free_sam(&sam_account_cache);
+		sam_account_cache = NULL;
+	}
+
 	return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
 }
 
-- 
cgit 


From f9e87b9ba65f37bafa45eacb1a6c9b8c5483d46b Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Fri, 12 Nov 2004 15:49:47 +0000
Subject: r3705: Nobody has commented, so I'll take this as an ack...

abartlet, I'd like to ask you to take a severe look at this!

We have solved the problem to find the global groups a user is in twice: Once
in auth_util.c and another time for the corresponding samr call. The attached
patch unifies these and sends them through the passdb backend (new function
pdb_enum_group_memberships). Thus it gives pdb_ldap.c the chance to further
optimize the corresponding call if the samba and posix accounts are unified by
issuing a specialized ldap query.

The parameter to activate this ldapsam behaviour is

ldapsam:trusted = yes

Volker
(This used to be commit b94838aff1a009f8d8c2c3efd48756a5b8f3f989)
---
 source3/passdb/pdb_interface.c | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 082e57ecc0..f18ef616f0 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -452,6 +452,24 @@ static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
 							num_entries, unix_only);
 }
 
+static NTSTATUS context_enum_group_memberships(struct pdb_context *context,
+					       const char *username,
+					       gid_t primary_gid,
+					       DOM_SID **sids, gid_t **gids,
+					       int *num_groups)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->
+		enum_group_memberships(context->pdb_methods, username,
+				       primary_gid, sids, gids, num_groups);
+}
+
 static NTSTATUS context_find_alias(struct pdb_context *context,
 				   const char *name, DOM_SID *sid)
 {
@@ -718,6 +736,7 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_update_group_mapping_entry = context_update_group_mapping_entry;
 	(*context)->pdb_delete_group_mapping_entry = context_delete_group_mapping_entry;
 	(*context)->pdb_enum_group_mapping = context_enum_group_mapping;
+	(*context)->pdb_enum_group_memberships = context_enum_group_memberships;
 
 	(*context)->pdb_find_alias = context_find_alias;
 	(*context)->pdb_create_alias = context_create_alias;
@@ -1038,6 +1057,21 @@ BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
 						      rmap, num_entries, unix_only));
 }
 
+NTSTATUS pdb_enum_group_memberships(const char *username, gid_t primary_gid,
+				    DOM_SID **sids, gid_t **gids,
+				    int *num_groups)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	return pdb_context->pdb_enum_group_memberships(pdb_context, username,
+						       primary_gid, sids, gids,
+						       num_groups);
+}
+
 BOOL pdb_find_alias(const char *name, DOM_SID *sid)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
@@ -1250,6 +1284,7 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->update_group_mapping_entry = pdb_default_update_group_mapping_entry;
 	(*methods)->delete_group_mapping_entry = pdb_default_delete_group_mapping_entry;
 	(*methods)->enum_group_mapping = pdb_default_enum_group_mapping;
+	(*methods)->enum_group_memberships = pdb_default_enum_group_memberships;
 	(*methods)->find_alias = pdb_default_find_alias;
 	(*methods)->create_alias = pdb_default_create_alias;
 	(*methods)->delete_alias = pdb_default_delete_alias;
-- 
cgit 


From acf9d61421faa6c0055d57fdee7db300dc5431aa Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 7 Dec 2004 18:25:53 +0000
Subject: r4088: Get medieval on our ass about malloc.... :-). Take control of
 all our allocation functions so we can funnel through some well known
 functions. Should help greatly with malloc checking. HEAD patch to follow.
 Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)

---
 source3/passdb/pdb_interface.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index f18ef616f0..9bc38fb444 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -98,7 +98,7 @@ NTSTATUS smb_register_passdb(int version, const char *name, pdb_init_function in
 		return NT_STATUS_OBJECT_NAME_COLLISION;
 	}
 
-	entry = smb_xmalloc(sizeof(struct pdb_init_function_entry));
+	entry = SMB_XMALLOC_P(struct pdb_init_function_entry);
 	entry->name = smb_xstrdup(name);
 	entry->init = init;
 
@@ -711,7 +711,7 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 		return NT_STATUS_NO_MEMORY;
 	}		
 
-	*context = talloc(mem_ctx, sizeof(**context));
+	*context = TALLOC_P(mem_ctx, struct pdb_context);
 	if (!*context) {
 		DEBUG(0, ("make_pdb_context: talloc failed!\n"));
 		return NT_STATUS_NO_MEMORY;
@@ -1260,7 +1260,7 @@ static void pdb_default_endsampwent(struct pdb_methods *methods)
 
 NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) 
 {
-	*methods = talloc(mem_ctx, sizeof(struct pdb_methods));
+	*methods = TALLOC_P(mem_ctx, struct pdb_methods);
 
 	if (!*methods) {
 		return NT_STATUS_NO_MEMORY;
-- 
cgit 


From 1ed62fde09f382342a396a047975fdeeea7113bb Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Wed, 19 Jan 2005 16:13:26 +0000
Subject: r4847: Hand over a acb_mask to pdb_setsampwent in
 load_sampwd_entries().

This allows the ldap-backend to search much more effeciently. Machines
will be searched in the ldap_machine_suffix and users in the
ldap_users_suffix. (Note that we already use the ldap_group_suffix in
ldapsam_setsamgrent for quite some time).

Using the specific ldap-bases becomes notably important in large
domains: On my testmachine "net rpc trustdom list" has to search through
40k accounts just to list 3 interdomain-trust-accounts, similiar effects
show up the non-user query_dispinfo-calls, etc.

Also renamed all_machines to only_machines in load_sampwd_entries()
since that reflects better what is really meant.

Guenther
(This used to be commit 6394257cc721ca739bda0e320375f04506913533)
---
 source3/passdb/pdb_interface.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 9bc38fb444..ea097c10f6 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -119,7 +119,7 @@ static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
 	return NULL;
 }
 
-static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update)
+static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update, uint16 acb_mask)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -135,7 +135,7 @@ static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update)
 		return ret;
 	}
 
-	while (NT_STATUS_IS_ERR(ret = context->pwent_methods->setsampwent(context->pwent_methods, update))) {
+	while (NT_STATUS_IS_ERR(ret = context->pwent_methods->setsampwent(context->pwent_methods, update, acb_mask))) {
 		context->pwent_methods = context->pwent_methods->next;
 		if (context->pwent_methods == NULL) 
 			return NT_STATUS_UNSUCCESSFUL;
@@ -176,7 +176,7 @@ static NTSTATUS context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *us
 		if (context->pwent_methods == NULL)
 			return ret;
 	
-		context->pwent_methods->setsampwent(context->pwent_methods, False);
+		context->pwent_methods->setsampwent(context->pwent_methods, False, 0);
 	}
 	user->methods = context->pwent_methods;
 	pdb_force_pw_initialization(user);
@@ -857,7 +857,7 @@ static struct pdb_context *pdb_get_static_context(BOOL reload)
  Backward compatibility functions for the original passdb interface
 *******************************************************************/
 
-BOOL pdb_setsampwent(BOOL update) 
+BOOL pdb_setsampwent(BOOL update, uint16 acb_mask) 
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -865,7 +865,7 @@ BOOL pdb_setsampwent(BOOL update)
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_setsampwent(pdb_context, update));
+	return NT_STATUS_IS_OK(pdb_context->pdb_setsampwent(pdb_context, update, acb_mask));
 }
 
 void pdb_endsampwent(void) 
@@ -1243,7 +1243,7 @@ static NTSTATUS pdb_default_delete_sam_account (struct pdb_methods *methods, SAM
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update)
+static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint16 acb_mask)
 {
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
-- 
cgit 


From b4afdc08d5336e4a337e453443d7af1d8655a31a Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Sat, 22 Jan 2005 03:37:09 +0000
Subject: r4925: Migrate Account Policies to passdb (esp. replicating ldapsam).

Does automated migration from account_policy.tdb v1 and v2 and offers a
pdbedit-Migration interface. Jerry, please feel free to revert that if
you have other plans.

Guenther
(This used to be commit 75af83dfcd8ef365b4b1180453060ae5176389f5)
---
 source3/passdb/pdb_interface.c | 68 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 68 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index ea097c10f6..bc4df4f2a3 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -620,6 +620,35 @@ static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
 		enum_alias_memberships(context->pdb_methods, members,
 				       num_members, aliases, num);
 }
+
+static NTSTATUS context_get_account_policy(struct pdb_context *context,
+					   int policy_index, int *value)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->get_account_policy(context->pdb_methods,
+							policy_index, value);
+}
+
+static NTSTATUS context_set_account_policy(struct pdb_context *context,
+					   int policy_index, int value)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->set_account_policy(context->pdb_methods,
+							policy_index, value);
+}
+
 	
 /******************************************************************
   Free and cleanup a pdb context, any associated data and anything
@@ -749,6 +778,9 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_enum_aliasmem = context_enum_aliasmem;
 	(*context)->pdb_enum_alias_memberships = context_enum_alias_memberships;
 
+	(*context)->pdb_get_account_policy = context_get_account_policy;
+	(*context)->pdb_set_account_policy = context_set_account_policy;
+
 	(*context)->free_fn = free_pdb_context;
 
 	return NT_STATUS_OK;
@@ -1201,6 +1233,30 @@ BOOL pdb_enum_alias_memberships(const DOM_SID *members, int num_members,
 							  aliases, num));
 }
 
+BOOL pdb_get_account_policy(int policy_index, int *value)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_get_account_policy(pdb_context, policy_index, value));
+}
+
+BOOL pdb_set_account_policy(int policy_index, int value)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_set_account_policy(pdb_context, policy_index, value));
+}
+
 /***************************************************************
   Initialize the static context (at smbd startup etc). 
 
@@ -1258,6 +1314,16 @@ static void pdb_default_endsampwent(struct pdb_methods *methods)
 	return; /* NT_STATUS_NOT_IMPLEMENTED; */
 }
 
+static NTSTATUS pdb_default_get_account_policy(struct pdb_methods *methods, int policy_index, int *value)
+{
+	return account_policy_get(policy_index, value) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS pdb_default_set_account_policy(struct pdb_methods *methods, int policy_index, int value)
+{
+	return account_policy_set(policy_index, value) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
 NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) 
 {
 	*methods = TALLOC_P(mem_ctx, struct pdb_methods);
@@ -1295,6 +1361,8 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->del_aliasmem = pdb_default_del_aliasmem;
 	(*methods)->enum_aliasmem = pdb_default_enum_aliasmem;
 	(*methods)->enum_alias_memberships = pdb_default_alias_memberships;
+	(*methods)->get_account_policy = pdb_default_get_account_policy;
+	(*methods)->set_account_policy = pdb_default_set_account_policy;
 
 	return NT_STATUS_OK;
 }
-- 
cgit 


From e512799c0052dffc6dcc00eb9372971a319ddf25 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Tue, 25 Jan 2005 23:33:18 +0000
Subject: r4996: sync up copytights with trunk (This used to be commit
 8946efe102f7a8a9b5a8059a80666b782159e7b8)

---
 source3/passdb/pdb_interface.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index bc4df4f2a3..938622abff 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -3,6 +3,7 @@
    Password and authentication handling
    Copyright (C) Andrew Bartlett			2002
    Copyright (C) Jelmer Vernooij			2002
+   Copyright (C) Simo Sorce				2003
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
-- 
cgit 


From 6c84ecb55657ae28eb739a72164f6d7251dc627f Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Sat, 12 Feb 2005 00:51:31 +0000
Subject: r5349: After talking with Jerry, reverted the addition of account
 policies to passdb in 3_0 (they are still in trunk).

Guenther
(This used to be commit fdf9bdbbac1d8d4f3b3e1fc7e49c1e659b9301b1)
---
 source3/passdb/pdb_interface.c | 68 ------------------------------------------
 1 file changed, 68 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 938622abff..382c028b0c 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -622,35 +622,6 @@ static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
 				       num_members, aliases, num);
 }
 
-static NTSTATUS context_get_account_policy(struct pdb_context *context,
-					   int policy_index, int *value)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->get_account_policy(context->pdb_methods,
-							policy_index, value);
-}
-
-static NTSTATUS context_set_account_policy(struct pdb_context *context,
-					   int policy_index, int value)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->set_account_policy(context->pdb_methods,
-							policy_index, value);
-}
-
-	
 /******************************************************************
   Free and cleanup a pdb context, any associated data and anything
   that the attached modules might have associated.
@@ -779,9 +750,6 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_enum_aliasmem = context_enum_aliasmem;
 	(*context)->pdb_enum_alias_memberships = context_enum_alias_memberships;
 
-	(*context)->pdb_get_account_policy = context_get_account_policy;
-	(*context)->pdb_set_account_policy = context_set_account_policy;
-
 	(*context)->free_fn = free_pdb_context;
 
 	return NT_STATUS_OK;
@@ -1234,30 +1202,6 @@ BOOL pdb_enum_alias_memberships(const DOM_SID *members, int num_members,
 							  aliases, num));
 }
 
-BOOL pdb_get_account_policy(int policy_index, int *value)
-{
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
-
-	if (!pdb_context) {
-		return False;
-	}
-
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_get_account_policy(pdb_context, policy_index, value));
-}
-
-BOOL pdb_set_account_policy(int policy_index, int value)
-{
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
-
-	if (!pdb_context) {
-		return False;
-	}
-
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_set_account_policy(pdb_context, policy_index, value));
-}
-
 /***************************************************************
   Initialize the static context (at smbd startup etc). 
 
@@ -1315,16 +1259,6 @@ static void pdb_default_endsampwent(struct pdb_methods *methods)
 	return; /* NT_STATUS_NOT_IMPLEMENTED; */
 }
 
-static NTSTATUS pdb_default_get_account_policy(struct pdb_methods *methods, int policy_index, int *value)
-{
-	return account_policy_get(policy_index, value) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
-}
-
-static NTSTATUS pdb_default_set_account_policy(struct pdb_methods *methods, int policy_index, int value)
-{
-	return account_policy_set(policy_index, value) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
-}
-
 NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) 
 {
 	*methods = TALLOC_P(mem_ctx, struct pdb_methods);
@@ -1362,8 +1296,6 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->del_aliasmem = pdb_default_del_aliasmem;
 	(*methods)->enum_aliasmem = pdb_default_enum_aliasmem;
 	(*methods)->enum_alias_memberships = pdb_default_alias_memberships;
-	(*methods)->get_account_policy = pdb_default_get_account_policy;
-	(*methods)->set_account_policy = pdb_default_set_account_policy;
 
 	return NT_STATUS_OK;
 }
-- 
cgit 


From a90a58ff221a4469d6e87df655cb2201d68e237b Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sun, 20 Feb 2005 13:47:16 +0000
Subject: r5467: Optimize _samr_query_groupmem with LDAP backend for large
 domains.

Could someone else please look at this patch, verifying that I did not break
the ldapsam:trusted = False fallback to the old behaviour? It works fine for
me, but you never know. You're certainly free to review the new code as well :-)

Thanks,

Volker
(This used to be commit e1c3ca182b299dc65da1fa39aadb69876b5e16b8)
---
 source3/passdb/pdb_interface.c | 146 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 146 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 382c028b0c..36a575214b 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -453,6 +453,25 @@ static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
 							num_entries, unix_only);
 }
 
+static NTSTATUS context_enum_group_members(struct pdb_context *context,
+					   TALLOC_CTX *mem_ctx,
+					   const DOM_SID *group,
+					   uint32 **member_rids,
+					   int *num_members)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->enum_group_members(context->pdb_methods,
+							mem_ctx, group,
+							member_rids,
+							num_members);
+}
+
 static NTSTATUS context_enum_group_memberships(struct pdb_context *context,
 					       const char *username,
 					       gid_t primary_gid,
@@ -737,6 +756,7 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_update_group_mapping_entry = context_update_group_mapping_entry;
 	(*context)->pdb_delete_group_mapping_entry = context_delete_group_mapping_entry;
 	(*context)->pdb_enum_group_mapping = context_enum_group_mapping;
+	(*context)->pdb_enum_group_members = context_enum_group_members;
 	(*context)->pdb_enum_group_memberships = context_enum_group_memberships;
 
 	(*context)->pdb_find_alias = context_find_alias;
@@ -1058,6 +1078,21 @@ BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
 						      rmap, num_entries, unix_only));
 }
 
+NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
+				const DOM_SID *sid,
+				uint32 **member_rids,
+				int *num_members)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	return pdb_context->pdb_enum_group_members(pdb_context, mem_ctx, sid, 
+						   member_rids, num_members);
+}
+
 NTSTATUS pdb_enum_group_memberships(const char *username, gid_t primary_gid,
 				    DOM_SID **sids, gid_t **gids,
 				    int *num_groups)
@@ -1259,6 +1294,116 @@ static void pdb_default_endsampwent(struct pdb_methods *methods)
 	return; /* NT_STATUS_NOT_IMPLEMENTED; */
 }
 
+static void add_uid_to_array_unique(TALLOC_CTX *mem_ctx,
+				    uid_t uid, uid_t **uids, int *num)
+{
+	int i;
+
+	for (i=0; i<*num; i++) {
+		if ((*uids)[i] == uid)
+			return;
+	}
+	
+	*uids = TALLOC_REALLOC_ARRAY(mem_ctx, *uids, uid_t, *num+1);
+
+	if (*uids == NULL)
+		return;
+
+	(*uids)[*num] = uid;
+	*num += 1;
+}
+
+static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **uids,
+			   int *num)
+{
+	struct group *grp;
+	char **gr;
+	struct sys_pwent *userlist, *user;
+ 
+	*uids = NULL;
+	*num = 0;
+
+	/* We only look at our own sam, so don't care about imported stuff */
+
+	winbind_off();
+
+	if ((grp = getgrgid(gid)) == NULL) {
+		winbind_on();
+		return False;
+	}
+
+	/* Primary group members */
+
+	userlist = getpwent_list();
+
+	for (user = userlist; user != NULL; user = user->next) {
+		if (user->pw_gid != gid)
+			continue;
+		add_uid_to_array_unique(mem_ctx, user->pw_uid, uids, num);
+	}
+
+	pwent_free(userlist);
+
+	/* Secondary group members */
+
+	for (gr = grp->gr_mem; (*gr != NULL) && ((*gr)[0] != '\0'); gr += 1) {
+		struct passwd *pw = getpwnam(*gr);
+
+		if (pw == NULL)
+			continue;
+		add_uid_to_array_unique(mem_ctx, pw->pw_uid, uids, num);
+	}
+
+	winbind_on();
+
+	return True;
+}
+
+NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
+					TALLOC_CTX *mem_ctx,
+					const DOM_SID *group,
+					uint32 **member_rids,
+					int *num_members)
+{
+	gid_t gid;
+	uid_t *uids;
+	int i, num_uids;
+
+	*member_rids = NULL;
+	*num_members = 0;
+
+	if (!NT_STATUS_IS_OK(sid_to_gid(group, &gid)))
+		return NT_STATUS_NO_SUCH_GROUP;
+
+	if(!get_memberuids(mem_ctx, gid, &uids, &num_uids))
+		return NT_STATUS_NO_SUCH_GROUP;
+
+	if (num_uids == 0)
+		return NT_STATUS_OK;
+
+	*member_rids = TALLOC_ZERO_ARRAY(mem_ctx, uint32, num_uids);
+
+	for (i=0; i<num_uids; i++) {
+		DOM_SID sid;
+
+		if (!NT_STATUS_IS_OK(uid_to_sid(&sid, uids[i]))) {
+			DEBUG(1, ("Could not map member uid to SID\n"));
+			continue;
+		}
+
+		if (!sid_check_is_in_our_domain(&sid)) {
+			DEBUG(1, ("Inconsistent SAM -- group member uid not "
+				  "in our domain\n"));
+			continue;
+		}
+
+		sid_peek_rid(&sid, &(*member_rids)[*num_members]);
+		*num_members += 1;
+	}
+
+	return NT_STATUS_OK;
+}
+
 NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) 
 {
 	*methods = TALLOC_P(mem_ctx, struct pdb_methods);
@@ -1285,6 +1430,7 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->update_group_mapping_entry = pdb_default_update_group_mapping_entry;
 	(*methods)->delete_group_mapping_entry = pdb_default_delete_group_mapping_entry;
 	(*methods)->enum_group_mapping = pdb_default_enum_group_mapping;
+	(*methods)->enum_group_members = pdb_default_enum_group_members;
 	(*methods)->enum_group_memberships = pdb_default_enum_group_memberships;
 	(*methods)->find_alias = pdb_default_find_alias;
 	(*methods)->create_alias = pdb_default_create_alias;
-- 
cgit 


From a5f84481e38ffc79043bfbac5f0353856b77b141 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Sat, 5 Mar 2005 01:22:53 +0000
Subject: r5655: Added support for Novell NDS universal password. Code donated
 by Vince Brimhall <vbrimhall@novell.com> - slight tidyup by me to use Samba
 conventions. Vince - thanks a *lot* for this code - please test to make sure
 I haven't messed anything up. Jeremy. (This used to be commit
 6f5ea963abe8e19d17a1803d4bedd9d87a317e58)

---
 source3/passdb/pdb_interface.c | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 36a575214b..84d398ccd6 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -325,6 +325,24 @@ static NTSTATUS context_delete_sam_account(struct pdb_context *context, SAM_ACCO
 	return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
 }
 
+static NTSTATUS context_update_login_attempts(struct pdb_context *context,
+						SAM_ACCOUNT *sam_acct, BOOL success)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if (!context) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	if (!sam_acct || !sam_acct->methods){
+		DEBUG(0, ("invalid sam_acct specified\n"));
+		return ret;
+	}
+
+	return sam_acct->methods->update_login_attempts(sam_acct->methods, sam_acct, success);
+}
+
 static NTSTATUS context_getgrsid(struct pdb_context *context,
 				 GROUP_MAP *map, DOM_SID sid)
 {
@@ -749,6 +767,7 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_add_sam_account = context_add_sam_account;
 	(*context)->pdb_update_sam_account = context_update_sam_account;
 	(*context)->pdb_delete_sam_account = context_delete_sam_account;
+	(*context)->pdb_update_login_attempts = context_update_login_attempts;
 	(*context)->pdb_getgrsid = context_getgrsid;
 	(*context)->pdb_getgrgid = context_getgrgid;
 	(*context)->pdb_getgrnam = context_getgrnam;
@@ -992,6 +1011,17 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
 	return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
 }
 
+NTSTATUS pdb_update_login_attempts(SAM_ACCOUNT *sam_acct, BOOL success)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return NT_STATUS_NOT_IMPLEMENTED;
+	}
+
+	return pdb_context->pdb_update_login_attempts(pdb_context, sam_acct, success);
+}
+
 BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
@@ -1279,6 +1309,11 @@ static NTSTATUS pdb_default_delete_sam_account (struct pdb_methods *methods, SAM
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
+static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods, SAM_ACCOUNT *newpwd, BOOL success)
+{
+	return NT_STATUS_OK;
+}
+
 static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint16 acb_mask)
 {
 	return NT_STATUS_NOT_IMPLEMENTED;
@@ -1422,6 +1457,7 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->add_sam_account = pdb_default_add_sam_account;
 	(*methods)->update_sam_account = pdb_default_update_sam_account;
 	(*methods)->delete_sam_account = pdb_default_delete_sam_account;
+	(*methods)->update_login_attempts = pdb_default_update_login_attempts;
 
 	(*methods)->getgrsid = pdb_default_getgrsid;
 	(*methods)->getgrgid = pdb_default_getgrgid;
-- 
cgit 


From dbd5c968d7b90576fb63dc574e02bbb89a5dcd74 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Tue, 22 Mar 2005 15:03:17 +0000
Subject: r5951: gotta love that SGI compiler :-)  (thanks Jason) (This used to
 be commit e84d070275464de43107b6b5910e25ccc3339302)

---
 source3/passdb/pdb_interface.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 84d398ccd6..5235750739 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -48,7 +48,7 @@ static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name);
 
 static void pdb_force_pw_initialization(SAM_ACCOUNT *pass) 
 {
-	const char *lm_pwd, *nt_pwd;
+	const uint8 *lm_pwd, *nt_pwd;
 	
 	/* only reset a password if the last set time has been 
 	   explicitly been set to zero.  A default last set time 
@@ -233,7 +233,7 @@ static NTSTATUS context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sa
 static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-	const char *lm_pw, *nt_pw;
+	const uint8 *lm_pw, *nt_pw;
 	uint16 acb_flags;
 
 	if ((!context) || (!context->pdb_methods)) {
@@ -262,7 +262,7 @@ static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT
 static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-	const char *lm_pw, *nt_pw;
+	const uint8 *lm_pw, *nt_pw;
 	uint16 acb_flags;
 
 	if (!context) {
-- 
cgit 


From cf7d098b2c1032b51b8f5d439b29c8d20d0991ee Mon Sep 17 00:00:00 2001
From: Jim McDonough <jmcd@samba.org>
Date: Tue, 22 Mar 2005 20:50:29 +0000
Subject: r5965: Apply Volker's patch for "ldapsam trusted = yes" for
 samr_lookup_rids.  Gives us again up to ~6x improvement on group membership
 lookups. (This used to be commit e2117bcb09cbd21df3b6621c2794a006418c1d9e)

---
 source3/passdb/pdb_interface.c | 98 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 98 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 5235750739..949ee83dcd 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -659,6 +659,26 @@ static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
 				       num_members, aliases, num);
 }
 
+static NTSTATUS context_lookup_rids(struct pdb_context *context,
+				    TALLOC_CTX *mem_ctx,
+				    const DOM_SID *domain_sid,
+				    int num_rids,
+				    uint32 *rids,
+				    const char ***names,
+				    uint32 **attrs)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->lookup_rids(context->pdb_methods,
+						 mem_ctx, domain_sid, num_rids,
+						 rids, names, attrs);
+}
+
 /******************************************************************
   Free and cleanup a pdb context, any associated data and anything
   that the attached modules might have associated.
@@ -788,6 +808,7 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_del_aliasmem = context_del_aliasmem;
 	(*context)->pdb_enum_aliasmem = context_enum_aliasmem;
 	(*context)->pdb_enum_alias_memberships = context_enum_alias_memberships;
+	(*context)->pdb_lookup_rids = context_lookup_rids;
 
 	(*context)->free_fn = free_pdb_context;
 
@@ -1267,6 +1288,23 @@ BOOL pdb_enum_alias_memberships(const DOM_SID *members, int num_members,
 							  aliases, num));
 }
 
+NTSTATUS pdb_lookup_rids(TALLOC_CTX *mem_ctx,
+			 const DOM_SID *domain_sid,
+			 int num_rids,
+			 uint32 *rids,
+			 const char ***names,
+			 uint32 **attrs)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return NT_STATUS_NOT_IMPLEMENTED;
+	}
+
+	return pdb_context->pdb_lookup_rids(pdb_context, mem_ctx, domain_sid,
+					    num_rids, rids, names, attrs);
+}
+
 /***************************************************************
   Initialize the static context (at smbd startup etc). 
 
@@ -1439,6 +1477,65 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 	return NT_STATUS_OK;
 }
 
+NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
+				 TALLOC_CTX *mem_ctx,
+				 const DOM_SID *domain_sid,
+				 int num_rids,
+				 uint32 *rids,
+				 const char ***names,
+				 uint32 **attrs)
+{
+	int i;
+	NTSTATUS result;
+	BOOL have_mapped = False;
+	BOOL have_unmapped = False;
+
+	(*names) = TALLOC_ZERO_ARRAY(mem_ctx, const char *, num_rids);
+	(*attrs) = TALLOC_ZERO_ARRAY(mem_ctx, uint32, num_rids);
+
+	if ((num_rids != 0) && (((*names) == NULL) || ((*attrs) == NULL)))
+		return NT_STATUS_NO_MEMORY;
+
+	if (!sid_equal(domain_sid, get_global_sam_sid())) {
+		/* TODO: Sooner or later we need to look up BUILTIN rids as
+		 * well. -- vl */
+		goto done;
+	}
+
+	for (i = 0; i < num_rids; i++) {
+		fstring tmpname;
+		fstring domname;
+		DOM_SID sid;
+   		enum SID_NAME_USE type;
+
+		(*attrs)[i] = SID_NAME_UNKNOWN;
+
+		sid_copy(&sid, domain_sid);
+		sid_append_rid(&sid, rids[i]);
+
+		if (lookup_sid(&sid, domname, tmpname, &type)) {
+			(*attrs)[i] = (uint32)type;
+			(*names)[i] = talloc_strdup(mem_ctx, tmpname);
+			if ((*names)[i] == NULL)
+				return NT_STATUS_NO_MEMORY;
+			DEBUG(5,("lookup_rids: %s:%d\n", (*names)[i],
+				 (*attrs)[i]));
+			have_mapped = True;
+		} else {
+			have_unmapped = True;
+		}
+	}
+
+ done:
+
+	result = NT_STATUS_NONE_MAPPED;
+
+	if (have_mapped)
+		result = have_unmapped ? STATUS_SOME_UNMAPPED : NT_STATUS_OK;
+
+	return result;
+}
+
 NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) 
 {
 	*methods = TALLOC_P(mem_ctx, struct pdb_methods);
@@ -1478,6 +1575,7 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->del_aliasmem = pdb_default_del_aliasmem;
 	(*methods)->enum_aliasmem = pdb_default_enum_aliasmem;
 	(*methods)->enum_alias_memberships = pdb_default_alias_memberships;
+	(*methods)->lookup_rids = pdb_default_lookup_rids;
 
 	return NT_STATUS_OK;
 }
-- 
cgit 


From e84ead0cfdc5e45a577387cc54dceb4c3f32948a Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sun, 27 Mar 2005 16:33:04 +0000
Subject: r6080: Port some of the non-critical changes from HEAD to 3_0. The
 main one is the change in pdb_enum_alias_memberships to match samr.idl a bit
 closer.

Volker
(This used to be commit 3a6786516957d9f67af6d53a3167c88aa272972f)
---
 source3/passdb/pdb_interface.c | 25 ++++++++++++++++---------
 1 file changed, 16 insertions(+), 9 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 949ee83dcd..e61cf33279 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -643,9 +643,12 @@ static NTSTATUS context_enum_aliasmem(struct pdb_context *context,
 }
 	
 static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
-					       const DOM_SID *members,
+					       TALLOC_CTX *mem_ctx,
+					       const DOM_SID *domain_sid,
+					       const DOM_SID const *members,
 					       int num_members,
-					       DOM_SID **aliases, int *num)
+					       uint32 **alias_rids,
+					       int *num_alias_rids)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -655,8 +658,9 @@ static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
 	}
 
 	return context->pdb_methods->
-		enum_alias_memberships(context->pdb_methods, members,
-				       num_members, aliases, num);
+		enum_alias_memberships(context->pdb_methods, mem_ctx,
+				       domain_sid, members, num_members,
+				       alias_rids, num_alias_rids);
 }
 
 static NTSTATUS context_lookup_rids(struct pdb_context *context,
@@ -1273,8 +1277,9 @@ BOOL pdb_enum_aliasmem(const DOM_SID *alias,
 						 members, num_members));
 }
 
-BOOL pdb_enum_alias_memberships(const DOM_SID *members, int num_members,
-				DOM_SID **aliases, int *num)
+BOOL pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid,
+				const DOM_SID const *members, int num_members,
+				uint32 **alias_rids, int *num_alias_rids)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -1283,9 +1288,11 @@ BOOL pdb_enum_alias_memberships(const DOM_SID *members, int num_members,
 	}
 
 	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_enum_alias_memberships(pdb_context, members,
-							  num_members,
-							  aliases, num));
+			       pdb_enum_alias_memberships(pdb_context, mem_ctx,
+							  domain_sid,
+							  members, num_members,
+							  alias_rids,
+							  num_alias_rids));
 }
 
 NTSTATUS pdb_lookup_rids(TALLOC_CTX *mem_ctx,
-- 
cgit 


From 202c7b4571824406c5751018aa1896a31f73c24e Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 28 Mar 2005 03:27:44 +0000
Subject: r6092: This much const causes the compiler on Fedora Core 2 to throw
 up. Jeremy. (This used to be commit 051f0ed8075a3616484888ab22d68ca11aa1dd36)

---
 source3/passdb/pdb_interface.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index e61cf33279..730569ec4b 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -645,7 +645,7 @@ static NTSTATUS context_enum_aliasmem(struct pdb_context *context,
 static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
 					       TALLOC_CTX *mem_ctx,
 					       const DOM_SID *domain_sid,
-					       const DOM_SID const *members,
+					       const DOM_SID *members,
 					       int num_members,
 					       uint32 **alias_rids,
 					       int *num_alias_rids)
@@ -1278,7 +1278,7 @@ BOOL pdb_enum_aliasmem(const DOM_SID *alias,
 }
 
 BOOL pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid,
-				const DOM_SID const *members, int num_members,
+				const DOM_SID *members, int num_members,
 				uint32 **alias_rids, int *num_alias_rids)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
-- 
cgit 


From 9f4c0afa0a3e359dfe9ac5dd8df0849b450a3fe1 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sun, 10 Apr 2005 15:26:37 +0000
Subject: r6277: This implements a new caching API for enumerating the pdb
 elements. It is modeled after query_displayinfo and should hide the
 differences between users, groups and aliases while allowing a cache analog
 load_sampw_entries:

struct pdb_search *pdb_search_users(uint16 acct_flags);
struct pdb_search *pdb_search_groups(void);
struct pdb_search *pdb_search_aliases(const DOM_SID *sid);
uint32 pdb_search_entries(struct pdb_search *search, uint32 start_idx,
                          uint32 max_entries,
                          struct samr_displayentry **result);
void pdb_search_destroy(struct pdb_search *search);

Why this API? Eventually we will need to apply the work gd has started on
enumerating users with paged ldap searches to groups and aliases. Before doing
that I want to clean up the search routines we have.

The sample application (more to follow) is 'net maxrid'.

Volker
(This used to be commit 8b4f67a1e9d459145cde10b1064781d58d62b805)
---
 source3/passdb/pdb_interface.c | 358 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 358 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 730569ec4b..301dc101eb 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1586,3 +1586,361 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 
 	return NT_STATUS_OK;
 }
+
+struct pdb_search *pdb_search_users(uint16 acct_flags);
+struct pdb_search *pdb_search_groups(void);
+struct pdb_search *pdb_search_aliases(const DOM_SID *sid);
+uint32 pdb_search_entries(struct pdb_search *search, uint32 start_idx, uint32 max_entries, struct samr_displayentry **result);
+void pdb_search_destroy(struct pdb_search *search);
+
+static struct pdb_search *pdb_search_init(enum pdb_search_type type)
+{
+	TALLOC_CTX *mem_ctx;
+	struct pdb_search *result;
+
+	mem_ctx = talloc_init("pdb_search");
+	if (mem_ctx == NULL) {
+		DEBUG(0, ("talloc_init failed\n"));
+		return NULL;
+	}
+
+	result = TALLOC_P(mem_ctx, struct pdb_search);
+	if (result == NULL) {
+		DEBUG(0, ("talloc failed\n"));
+		return NULL;
+	}
+
+	result->mem_ctx = mem_ctx;
+	result->type = type;
+	result->cache = NULL;
+	result->cache_size = 0;
+	result->search_ended = False;
+
+	return result;
+}
+
+static void fill_displayentry(TALLOC_CTX *mem_ctx, uint32 rid,
+			      uint16 acct_flags,
+			      const char *account_name,
+			      const char *fullname,
+			      const char *description,
+			      struct samr_displayentry *entry)
+{
+	entry->rid = rid;
+	entry->acct_flags = acct_flags;
+
+	if (account_name != NULL)
+		entry->account_name = talloc_strdup(mem_ctx, account_name);
+
+	if (fullname != NULL)
+		entry->fullname = talloc_strdup(mem_ctx, fullname);
+
+	if (description != NULL)
+		entry->description = talloc_strdup(mem_ctx, description);
+}
+
+static BOOL user_search_in_progress = False;
+struct user_search {
+	uint16 acct_flags;
+};
+
+struct pdb_search *pdb_search_users(uint16 acct_flags)
+{
+	struct pdb_search *result;
+	struct user_search *state;
+
+	if (user_search_in_progress) {
+		DEBUG(1, ("user search in progress\n"));
+		return NULL;
+	}
+
+	if (!pdb_setsampwent(False, acct_flags))
+		return NULL;
+
+	user_search_in_progress = True;
+
+	result = pdb_search_init(PDB_USER_SEARCH);
+	if (result == NULL)
+		return NULL;
+
+	state = TALLOC_P(result->mem_ctx, struct user_search);
+	if (state == NULL) {
+		DEBUG(0, ("talloc failed\n"));
+		talloc_destroy(result->mem_ctx);
+		return NULL;
+	}
+
+	state->acct_flags = acct_flags;
+
+	result->private = state;
+	return result;
+}
+
+static BOOL pdb_search_entry_users(struct pdb_search *s, TALLOC_CTX *mem_ctx,
+				   struct samr_displayentry *entry)
+{
+	struct user_search *state = s->private;
+	SAM_ACCOUNT *user = NULL;
+	NTSTATUS status;
+
+ next:
+	status = pdb_init_sam(&user);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0, ("Could not pdb_init_sam\n"));
+		return False;
+	}
+
+	if (!pdb_getsampwent(user)) {
+		pdb_free_sam(&user);
+		return False;
+	}
+
+ 	if ((state->acct_flags != 0) &&
+	    ((pdb_get_acct_ctrl(user) & state->acct_flags) == 0)) {
+		pdb_free_sam(&user);
+		goto next;
+	}
+
+	fill_displayentry(mem_ctx, pdb_get_user_rid(user),
+			  pdb_get_acct_ctrl(user), pdb_get_username(user),
+			  pdb_get_fullname(user), pdb_get_acct_desc(user),
+			  entry);
+
+	pdb_free_sam(&user);
+	return True;
+}
+
+static void pdb_search_end_users(struct pdb_search *search)
+{
+	pdb_endsampwent();
+	user_search_in_progress = False;
+}
+
+struct group_search {
+	GROUP_MAP *groups;
+	int num_groups, current_group;
+};
+
+struct pdb_search *pdb_search_groups(void)
+{
+	struct pdb_search *result;
+	struct group_search *state;
+
+	result = pdb_search_init(PDB_GROUP_SEARCH);
+	if (result == NULL)
+		return NULL;
+
+	state = TALLOC_P(result->mem_ctx, struct group_search);
+	if (state == NULL) {
+		DEBUG(0, ("talloc failed\n"));
+		talloc_destroy(result->mem_ctx);
+		return NULL;
+	}
+
+	if (!pdb_enum_group_mapping(SID_NAME_DOM_GRP, &state->groups,
+				    &state->num_groups, True)) {
+		DEBUG(0, ("Could not enum groups\n"));
+		talloc_destroy(result->mem_ctx);
+		return NULL;
+	}
+
+	state->current_group = 0;
+	result->private = state;
+	return result;
+}
+
+static BOOL pdb_search_entry_group(struct pdb_search *s, TALLOC_CTX *mem_ctx,
+				   struct samr_displayentry *entry)
+{
+	struct group_search *state = s->private;
+	uint32 rid;
+	GROUP_MAP *map = &state->groups[state->current_group];
+
+	if (state->current_group == state->num_groups)
+		return False;
+
+	sid_peek_rid(&map->sid, &rid);
+
+	fill_displayentry(mem_ctx, rid, 0, map->nt_name, NULL, map->comment,
+			  entry);
+
+	state->current_group += 1;
+	return True;
+}
+
+static void pdb_search_end_groups(struct pdb_search *search)
+{
+	struct group_search *state = search->private;
+	SAFE_FREE(state->groups);
+}
+
+struct alias_search {
+	GROUP_MAP *aliases;
+	int num_aliases, current_alias;
+};
+
+struct pdb_search *pdb_search_aliases(const DOM_SID *sid)
+{
+	struct pdb_search *result;
+	struct alias_search *state;
+	enum SID_NAME_USE type = SID_NAME_UNKNOWN;
+	DOM_SID builtin_sid;
+
+	if (sid_equal(sid, get_global_sam_sid()))
+		type = SID_NAME_ALIAS;
+
+	string_to_sid(&builtin_sid, "S-1-5-32");
+
+	if (sid_equal(sid, &builtin_sid))
+		type = SID_NAME_WKN_GRP;
+
+	if (type == SID_NAME_UNKNOWN) {
+		DEBUG(3, ("unknown domain sid: %s\n", sid_string_static(sid)));
+		return NULL;
+	}
+
+	result = pdb_search_init(PDB_ALIAS_SEARCH);
+	if (result == NULL)
+		return NULL;
+
+	state = TALLOC_P(result->mem_ctx, struct alias_search);
+	if (state == NULL) {
+		DEBUG(0, ("talloc failed\n"));
+		talloc_destroy(result->mem_ctx);
+		return NULL;
+	}
+
+	if (!pdb_enum_group_mapping(type, &state->aliases,
+				    &state->num_aliases, False)) {
+		DEBUG(0, ("Could not enum aliases\n"));
+		talloc_destroy(result->mem_ctx);
+		return NULL;
+	}
+
+	state->current_alias = 0;
+	result->private = state;
+	return result;
+}
+
+static BOOL pdb_search_entry_alias(struct pdb_search *s, TALLOC_CTX *mem_ctx,
+				   struct samr_displayentry *entry)
+{
+	struct alias_search *state = s->private;
+	uint32 rid;
+	GROUP_MAP *map = &state->aliases[state->current_alias];
+
+	if (state->current_alias == state->num_aliases)
+		return False;
+
+	sid_peek_rid(&map->sid, &rid);
+
+	fill_displayentry(mem_ctx, rid, 0, map->nt_name, NULL, map->comment,
+			  entry);
+
+	state->current_alias += 1;
+	return True;
+}
+
+static void pdb_search_end_aliases(struct pdb_search *search)
+{
+	struct alias_search *state = search->private;
+	SAFE_FREE(state->aliases);
+}
+
+static BOOL pdb_search_entry(struct pdb_search *search, TALLOC_CTX *mem_ctx,
+			     struct samr_displayentry *entry)
+{
+	BOOL result = False;
+	switch (search->type) {
+	case PDB_USER_SEARCH:
+		result = pdb_search_entry_users(search, mem_ctx, entry);
+		break;
+	case PDB_GROUP_SEARCH:
+		result = pdb_search_entry_group(search, mem_ctx, entry);
+		break;
+	case PDB_ALIAS_SEARCH:
+		result = pdb_search_entry_alias(search, mem_ctx, entry);
+		break;
+	default:
+		DEBUG(0, ("unknown search type: %d\n", search->type));
+		break;
+	}
+	return result;
+}
+
+static void pdb_search_end(struct pdb_search *search)
+{
+	switch (search->type) {
+	case PDB_USER_SEARCH:
+		pdb_search_end_users(search);
+		break;
+	case PDB_GROUP_SEARCH:
+		pdb_search_end_groups(search);
+		break;
+	case PDB_ALIAS_SEARCH:
+		pdb_search_end_aliases(search);
+		break;
+	default:
+		DEBUG(0, ("unknown search type: %d\n", search->type));
+		break;
+	}
+}
+
+static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
+						     uint32 idx)
+{
+	if (idx < search->cache_size)
+		return &search->cache[idx];
+
+	if (search->search_ended)
+		return NULL;
+
+	while (idx >= search->cache_size) {
+		struct samr_displayentry entry;
+
+		if (!pdb_search_entry(search, search->mem_ctx, &entry)) {
+			pdb_search_end(search);
+			search->search_ended = True;
+			break;
+		}
+
+		ADD_TO_ARRAY(search->mem_ctx, struct samr_displayentry,
+			     entry, &search->cache, &search->cache_size);
+	}
+
+	return (search->cache_size > idx) ? &search->cache[idx] : NULL;
+}
+
+uint32 pdb_search_entries(struct pdb_search *search,
+			  uint32 start_idx, uint32 max_entries,
+			  struct samr_displayentry **result)
+{
+	struct samr_displayentry *end_entry;
+	uint32 end_idx = start_idx+max_entries-1;
+
+	/* The first entry needs to be searched after the last. Otherwise the
+	 * first entry might have moved due to a realloc during the search for
+	 * the last entry. */
+
+	end_entry = pdb_search_getentry(search, end_idx);
+	*result = pdb_search_getentry(search, start_idx);
+
+	if (end_entry != NULL)
+		return max_entries;
+
+	if (start_idx >= search->cache_size)
+		return 0;
+
+	return search->cache_size - start_idx;
+}
+
+void pdb_search_destroy(struct pdb_search *search)
+{
+	if (search == NULL)
+		return;
+
+	if (!search->search_ended)
+		pdb_search_end(search);
+
+	talloc_destroy(search->mem_ctx);
+}
-- 
cgit 


From d3d6126d94d55a69c45b2f7a63a7fa9b561baf48 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Fri, 15 Apr 2005 13:41:49 +0000
Subject: r6351: This is quite a large and intrusive patch, but there are not
 many pieces that can be taken out of it, so I decided to commit this in one
 lump. It changes the passdb enumerating functions to use ldap paged results
 where possible. In particular the samr calls querydispinfo, enumdomusers and
 friends have undergone significant internal changes. I have tested this
 extensively with rpcclient and a bit with usrmgr.exe. More tests and the
 merge to trunk will follow later.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The code is based on a first implementation by Günther Deschner, but has
evolved quite a bit since then.

Volker
(This used to be commit f0bb44ac58e190e19eb4e92928979b0446e611c9)
---
 source3/passdb/pdb_interface.c | 401 +++++++++++++++++++++++++----------------
 1 file changed, 248 insertions(+), 153 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 301dc101eb..edcd1c9222 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -549,24 +549,6 @@ static NTSTATUS context_delete_alias(struct pdb_context *context,
 	return context->pdb_methods->delete_alias(context->pdb_methods, sid);
 }
 
-static NTSTATUS context_enum_aliases(struct pdb_context *context,
-				     const DOM_SID *sid,
-				     uint32 start_idx, uint32 max_entries,
-				     uint32 *num_aliases,
-				     struct acct_info **info)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->enum_aliases(context->pdb_methods,
-						  sid, start_idx, max_entries,
-						  num_aliases, info);
-}
-
 static NTSTATUS context_get_aliasinfo(struct pdb_context *context,
 				      const DOM_SID *sid,
 				      struct acct_info *info)
@@ -683,6 +665,68 @@ static NTSTATUS context_lookup_rids(struct pdb_context *context,
 						 rids, names, attrs);
 }
 
+static BOOL context_search_users(struct pdb_context *context,
+				 struct pdb_search *search, uint16 acct_flags)
+{
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->search_users(context->pdb_methods,
+						  search, acct_flags);
+}
+
+static BOOL context_search_groups(struct pdb_context *context,
+				  struct pdb_search *search)
+{
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->search_groups(context->pdb_methods,
+						   search);
+}
+
+static BOOL context_search_aliases(struct pdb_context *context,
+				   struct pdb_search *search,
+				   const DOM_SID *sid)
+{
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->search_aliases(context->pdb_methods,
+						    search, sid);
+}
+
+static BOOL context_search_next_entry(struct pdb_context *context,
+				      struct pdb_search *search,
+				      struct samr_displayentry *entry)
+{
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->search_next_entry(context->pdb_methods,
+						       search, entry);
+}
+
+static void context_search_end(struct pdb_context *context,
+			       struct pdb_search *search)
+{
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return;
+	}
+
+	context->pdb_methods->search_end(context->pdb_methods, search);
+	return;
+}
+
 /******************************************************************
   Free and cleanup a pdb context, any associated data and anything
   that the attached modules might have associated.
@@ -805,7 +849,6 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_find_alias = context_find_alias;
 	(*context)->pdb_create_alias = context_create_alias;
 	(*context)->pdb_delete_alias = context_delete_alias;
-	(*context)->pdb_enum_aliases = context_enum_aliases;
 	(*context)->pdb_get_aliasinfo = context_get_aliasinfo;
 	(*context)->pdb_set_aliasinfo = context_set_aliasinfo;
 	(*context)->pdb_add_aliasmem = context_add_aliasmem;
@@ -814,6 +857,12 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_enum_alias_memberships = context_enum_alias_memberships;
 	(*context)->pdb_lookup_rids = context_lookup_rids;
 
+	(*context)->pdb_search_users = context_search_users;
+	(*context)->pdb_search_groups = context_search_groups;
+	(*context)->pdb_search_aliases = context_search_aliases;
+	(*context)->pdb_search_next_entry = context_search_next_entry;
+	(*context)->pdb_search_end = context_search_end;
+
 	(*context)->free_fn = free_pdb_context;
 
 	return NT_STATUS_OK;
@@ -1199,22 +1248,6 @@ BOOL pdb_delete_alias(const DOM_SID *sid)
 							    
 }
 
-BOOL pdb_enum_aliases(const DOM_SID *sid, uint32 start_idx, uint32 max_entries,
-		      uint32 *num_aliases, struct acct_info **info)
-{
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
-
-	if (!pdb_context) {
-		return False;
-	}
-
-	return NT_STATUS_IS_OK(pdb_context->pdb_enum_aliases(pdb_context, sid,
-							     start_idx,
-							     max_entries,
-							     num_aliases,
-							     info));
-}
-
 BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
@@ -1543,56 +1576,6 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 	return result;
 }
 
-NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) 
-{
-	*methods = TALLOC_P(mem_ctx, struct pdb_methods);
-
-	if (!*methods) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	ZERO_STRUCTP(*methods);
-
-	(*methods)->setsampwent = pdb_default_setsampwent;
-	(*methods)->endsampwent = pdb_default_endsampwent;
-	(*methods)->getsampwent = pdb_default_getsampwent;
-	(*methods)->getsampwnam = pdb_default_getsampwnam;
-	(*methods)->getsampwsid = pdb_default_getsampwsid;
-	(*methods)->add_sam_account = pdb_default_add_sam_account;
-	(*methods)->update_sam_account = pdb_default_update_sam_account;
-	(*methods)->delete_sam_account = pdb_default_delete_sam_account;
-	(*methods)->update_login_attempts = pdb_default_update_login_attempts;
-
-	(*methods)->getgrsid = pdb_default_getgrsid;
-	(*methods)->getgrgid = pdb_default_getgrgid;
-	(*methods)->getgrnam = pdb_default_getgrnam;
-	(*methods)->add_group_mapping_entry = pdb_default_add_group_mapping_entry;
-	(*methods)->update_group_mapping_entry = pdb_default_update_group_mapping_entry;
-	(*methods)->delete_group_mapping_entry = pdb_default_delete_group_mapping_entry;
-	(*methods)->enum_group_mapping = pdb_default_enum_group_mapping;
-	(*methods)->enum_group_members = pdb_default_enum_group_members;
-	(*methods)->enum_group_memberships = pdb_default_enum_group_memberships;
-	(*methods)->find_alias = pdb_default_find_alias;
-	(*methods)->create_alias = pdb_default_create_alias;
-	(*methods)->delete_alias = pdb_default_delete_alias;
-	(*methods)->enum_aliases = pdb_default_enum_aliases;
-	(*methods)->get_aliasinfo = pdb_default_get_aliasinfo;
-	(*methods)->set_aliasinfo = pdb_default_set_aliasinfo;
-	(*methods)->add_aliasmem = pdb_default_add_aliasmem;
-	(*methods)->del_aliasmem = pdb_default_del_aliasmem;
-	(*methods)->enum_aliasmem = pdb_default_enum_aliasmem;
-	(*methods)->enum_alias_memberships = pdb_default_alias_memberships;
-	(*methods)->lookup_rids = pdb_default_lookup_rids;
-
-	return NT_STATUS_OK;
-}
-
-struct pdb_search *pdb_search_users(uint16 acct_flags);
-struct pdb_search *pdb_search_groups(void);
-struct pdb_search *pdb_search_aliases(const DOM_SID *sid);
-uint32 pdb_search_entries(struct pdb_search *search, uint32 start_idx, uint32 max_entries, struct samr_displayentry **result);
-void pdb_search_destroy(struct pdb_search *search);
-
 static struct pdb_search *pdb_search_init(enum pdb_search_type type)
 {
 	TALLOC_CTX *mem_ctx;
@@ -1613,6 +1596,7 @@ static struct pdb_search *pdb_search_init(enum pdb_search_type type)
 	result->mem_ctx = mem_ctx;
 	result->type = type;
 	result->cache = NULL;
+	result->num_entries = 0;
 	result->cache_size = 0;
 	result->search_ended = False;
 
@@ -1631,12 +1615,18 @@ static void fill_displayentry(TALLOC_CTX *mem_ctx, uint32 rid,
 
 	if (account_name != NULL)
 		entry->account_name = talloc_strdup(mem_ctx, account_name);
+	else
+		entry->account_name = "";
 
 	if (fullname != NULL)
 		entry->fullname = talloc_strdup(mem_ctx, fullname);
+	else
+		entry->fullname = "";
 
 	if (description != NULL)
 		entry->description = talloc_strdup(mem_ctx, description);
+	else
+		entry->description = "";
 }
 
 static BOOL user_search_in_progress = False;
@@ -1644,40 +1634,38 @@ struct user_search {
 	uint16 acct_flags;
 };
 
-struct pdb_search *pdb_search_users(uint16 acct_flags)
+static BOOL pdb_default_search_users(struct pdb_methods *methods,
+				     struct pdb_search *search,
+				     uint16 acct_flags)
 {
-	struct pdb_search *result;
 	struct user_search *state;
 
 	if (user_search_in_progress) {
 		DEBUG(1, ("user search in progress\n"));
-		return NULL;
+		return False;
 	}
 
-	if (!pdb_setsampwent(False, acct_flags))
-		return NULL;
+	if (!pdb_setsampwent(False, acct_flags)) {
+		DEBUG(5, ("Could not start search\n"));
+		return False;
+	}
 
 	user_search_in_progress = True;
 
-	result = pdb_search_init(PDB_USER_SEARCH);
-	if (result == NULL)
-		return NULL;
-
-	state = TALLOC_P(result->mem_ctx, struct user_search);
+	state = TALLOC_P(search->mem_ctx, struct user_search);
 	if (state == NULL) {
 		DEBUG(0, ("talloc failed\n"));
-		talloc_destroy(result->mem_ctx);
-		return NULL;
+		return False;
 	}
 
 	state->acct_flags = acct_flags;
 
-	result->private = state;
-	return result;
+	search->private = state;
+	return True;
 }
 
-static BOOL pdb_search_entry_users(struct pdb_search *s, TALLOC_CTX *mem_ctx,
-				   struct samr_displayentry *entry)
+static BOOL pdb_search_next_entry_users(struct pdb_search *s,
+					struct samr_displayentry *entry)
 {
 	struct user_search *state = s->private;
 	SAM_ACCOUNT *user = NULL;
@@ -1701,7 +1689,7 @@ static BOOL pdb_search_entry_users(struct pdb_search *s, TALLOC_CTX *mem_ctx,
 		goto next;
 	}
 
-	fill_displayentry(mem_ctx, pdb_get_user_rid(user),
+	fill_displayentry(s->mem_ctx, pdb_get_user_rid(user),
 			  pdb_get_acct_ctrl(user), pdb_get_username(user),
 			  pdb_get_fullname(user), pdb_get_acct_desc(user),
 			  entry);
@@ -1721,36 +1709,30 @@ struct group_search {
 	int num_groups, current_group;
 };
 
-struct pdb_search *pdb_search_groups(void)
+static BOOL pdb_default_search_groups(struct pdb_methods *methods,
+				      struct pdb_search *search)
 {
-	struct pdb_search *result;
 	struct group_search *state;
 
-	result = pdb_search_init(PDB_GROUP_SEARCH);
-	if (result == NULL)
-		return NULL;
-
-	state = TALLOC_P(result->mem_ctx, struct group_search);
+	state = TALLOC_P(search->mem_ctx, struct group_search);
 	if (state == NULL) {
 		DEBUG(0, ("talloc failed\n"));
-		talloc_destroy(result->mem_ctx);
-		return NULL;
+		return False;
 	}
 
 	if (!pdb_enum_group_mapping(SID_NAME_DOM_GRP, &state->groups,
 				    &state->num_groups, True)) {
 		DEBUG(0, ("Could not enum groups\n"));
-		talloc_destroy(result->mem_ctx);
-		return NULL;
+		return False;
 	}
 
 	state->current_group = 0;
-	result->private = state;
-	return result;
+	search->private = state;
+	return True;
 }
 
-static BOOL pdb_search_entry_group(struct pdb_search *s, TALLOC_CTX *mem_ctx,
-				   struct samr_displayentry *entry)
+static BOOL pdb_search_next_entry_group(struct pdb_search *s,
+					struct samr_displayentry *entry)
 {
 	struct group_search *state = s->private;
 	uint32 rid;
@@ -1761,7 +1743,7 @@ static BOOL pdb_search_entry_group(struct pdb_search *s, TALLOC_CTX *mem_ctx,
 
 	sid_peek_rid(&map->sid, &rid);
 
-	fill_displayentry(mem_ctx, rid, 0, map->nt_name, NULL, map->comment,
+	fill_displayentry(s->mem_ctx, rid, 0, map->nt_name, NULL, map->comment,
 			  entry);
 
 	state->current_group += 1;
@@ -1779,51 +1761,43 @@ struct alias_search {
 	int num_aliases, current_alias;
 };
 
-struct pdb_search *pdb_search_aliases(const DOM_SID *sid)
+static BOOL pdb_default_search_aliases(struct pdb_methods *methods,
+				       struct pdb_search *search,
+				       const DOM_SID *sid)
 {
-	struct pdb_search *result;
 	struct alias_search *state;
 	enum SID_NAME_USE type = SID_NAME_UNKNOWN;
-	DOM_SID builtin_sid;
 
 	if (sid_equal(sid, get_global_sam_sid()))
 		type = SID_NAME_ALIAS;
 
-	string_to_sid(&builtin_sid, "S-1-5-32");
-
-	if (sid_equal(sid, &builtin_sid))
+	if (sid_equal(sid, &global_sid_Builtin))
 		type = SID_NAME_WKN_GRP;
 
 	if (type == SID_NAME_UNKNOWN) {
 		DEBUG(3, ("unknown domain sid: %s\n", sid_string_static(sid)));
-		return NULL;
+		return False;
 	}
 
-	result = pdb_search_init(PDB_ALIAS_SEARCH);
-	if (result == NULL)
-		return NULL;
-
-	state = TALLOC_P(result->mem_ctx, struct alias_search);
+	state = TALLOC_P(search->mem_ctx, struct alias_search);
 	if (state == NULL) {
 		DEBUG(0, ("talloc failed\n"));
-		talloc_destroy(result->mem_ctx);
-		return NULL;
+		return False;
 	}
 
 	if (!pdb_enum_group_mapping(type, &state->aliases,
 				    &state->num_aliases, False)) {
 		DEBUG(0, ("Could not enum aliases\n"));
-		talloc_destroy(result->mem_ctx);
-		return NULL;
+		return False;
 	}
 
 	state->current_alias = 0;
-	result->private = state;
-	return result;
+	search->private = state;
+	return True;
 }
 
-static BOOL pdb_search_entry_alias(struct pdb_search *s, TALLOC_CTX *mem_ctx,
-				   struct samr_displayentry *entry)
+static BOOL pdb_search_next_entry_alias(struct pdb_search *s,
+					struct samr_displayentry *entry)
 {
 	struct alias_search *state = s->private;
 	uint32 rid;
@@ -1834,7 +1808,7 @@ static BOOL pdb_search_entry_alias(struct pdb_search *s, TALLOC_CTX *mem_ctx,
 
 	sid_peek_rid(&map->sid, &rid);
 
-	fill_displayentry(mem_ctx, rid, 0, map->nt_name, NULL, map->comment,
+	fill_displayentry(s->mem_ctx, rid, 0, map->nt_name, NULL, map->comment,
 			  entry);
 
 	state->current_alias += 1;
@@ -1847,19 +1821,20 @@ static void pdb_search_end_aliases(struct pdb_search *search)
 	SAFE_FREE(state->aliases);
 }
 
-static BOOL pdb_search_entry(struct pdb_search *search, TALLOC_CTX *mem_ctx,
-			     struct samr_displayentry *entry)
+static BOOL pdb_default_search_next_entry(struct pdb_methods *pdb_methods,
+					  struct pdb_search *search,
+					  struct samr_displayentry *entry)
 {
 	BOOL result = False;
 	switch (search->type) {
 	case PDB_USER_SEARCH:
-		result = pdb_search_entry_users(search, mem_ctx, entry);
+		result = pdb_search_next_entry_users(search, entry);
 		break;
 	case PDB_GROUP_SEARCH:
-		result = pdb_search_entry_group(search, mem_ctx, entry);
+		result = pdb_search_next_entry_group(search, entry);
 		break;
 	case PDB_ALIAS_SEARCH:
-		result = pdb_search_entry_alias(search, mem_ctx, entry);
+		result = pdb_search_next_entry_alias(search, entry);
 		break;
 	default:
 		DEBUG(0, ("unknown search type: %d\n", search->type));
@@ -1868,7 +1843,18 @@ static BOOL pdb_search_entry(struct pdb_search *search, TALLOC_CTX *mem_ctx,
 	return result;
 }
 
-static void pdb_search_end(struct pdb_search *search)
+static BOOL pdb_search_next_entry(struct pdb_search *search,
+				  struct samr_displayentry *entry)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (pdb_context == NULL) return False;
+
+	return pdb_context->pdb_search_next_entry(pdb_context, search, entry);
+}
+
+static void pdb_default_search_end(struct pdb_methods *pdb_methods,
+				   struct pdb_search *search)
 {
 	switch (search->type) {
 	case PDB_USER_SEARCH:
@@ -1886,29 +1872,90 @@ static void pdb_search_end(struct pdb_search *search)
 	}
 }
 
+static void pdb_search_end(struct pdb_search *search)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (pdb_context == NULL) return;
+
+	pdb_context->pdb_search_end(pdb_context, search);
+}
+
 static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
 						     uint32 idx)
 {
-	if (idx < search->cache_size)
+	if (idx < search->num_entries)
 		return &search->cache[idx];
 
 	if (search->search_ended)
 		return NULL;
 
-	while (idx >= search->cache_size) {
+	while (idx >= search->num_entries) {
 		struct samr_displayentry entry;
 
-		if (!pdb_search_entry(search, search->mem_ctx, &entry)) {
+		if (!pdb_search_next_entry(search, &entry)) {
 			pdb_search_end(search);
 			search->search_ended = True;
 			break;
 		}
 
-		ADD_TO_ARRAY(search->mem_ctx, struct samr_displayentry,
-			     entry, &search->cache, &search->cache_size);
+		ADD_TO_LARGE_ARRAY(search->mem_ctx, struct samr_displayentry,
+				   entry, &search->cache, &search->num_entries,
+				   &search->cache_size);
+	}
+
+	return (search->num_entries > idx) ? &search->cache[idx] : NULL;
+}
+
+struct pdb_search *pdb_search_users(uint16 acct_flags)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_search *result;
+
+	if (pdb_context == NULL) return NULL;
+
+	result = pdb_search_init(PDB_USER_SEARCH);
+	if (result == NULL) return NULL;
+
+	if (!pdb_context->pdb_search_users(pdb_context, result, acct_flags)) {
+		talloc_destroy(result->mem_ctx);
+		return NULL;
+	}
+	return result;
+}
+
+struct pdb_search *pdb_search_groups(void)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_search *result;
+
+	if (pdb_context == NULL) return NULL;
+
+	result = pdb_search_init(PDB_GROUP_SEARCH);
+	if (result == NULL) return NULL;
+
+	if (!pdb_context->pdb_search_groups(pdb_context, result)) {
+		talloc_destroy(result->mem_ctx);
+		return NULL;
 	}
+	return result;
+}
+
+struct pdb_search *pdb_search_aliases(const DOM_SID *sid)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_search *result;
 
-	return (search->cache_size > idx) ? &search->cache[idx] : NULL;
+	if (pdb_context == NULL) return NULL;
+
+	result = pdb_search_init(PDB_ALIAS_SEARCH);
+	if (result == NULL) return NULL;
+
+	if (!pdb_context->pdb_search_aliases(pdb_context, result, sid)) {
+		talloc_destroy(result->mem_ctx);
+		return NULL;
+	}
+	return result;
 }
 
 uint32 pdb_search_entries(struct pdb_search *search,
@@ -1928,10 +1975,10 @@ uint32 pdb_search_entries(struct pdb_search *search,
 	if (end_entry != NULL)
 		return max_entries;
 
-	if (start_idx >= search->cache_size)
+	if (start_idx >= search->num_entries)
 		return 0;
 
-	return search->cache_size - start_idx;
+	return search->num_entries - start_idx;
 }
 
 void pdb_search_destroy(struct pdb_search *search)
@@ -1944,3 +1991,51 @@ void pdb_search_destroy(struct pdb_search *search)
 
 	talloc_destroy(search->mem_ctx);
 }
+
+NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) 
+{
+	*methods = TALLOC_P(mem_ctx, struct pdb_methods);
+
+	if (!*methods) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	ZERO_STRUCTP(*methods);
+
+	(*methods)->setsampwent = pdb_default_setsampwent;
+	(*methods)->endsampwent = pdb_default_endsampwent;
+	(*methods)->getsampwent = pdb_default_getsampwent;
+	(*methods)->getsampwnam = pdb_default_getsampwnam;
+	(*methods)->getsampwsid = pdb_default_getsampwsid;
+	(*methods)->add_sam_account = pdb_default_add_sam_account;
+	(*methods)->update_sam_account = pdb_default_update_sam_account;
+	(*methods)->delete_sam_account = pdb_default_delete_sam_account;
+	(*methods)->update_login_attempts = pdb_default_update_login_attempts;
+
+	(*methods)->getgrsid = pdb_default_getgrsid;
+	(*methods)->getgrgid = pdb_default_getgrgid;
+	(*methods)->getgrnam = pdb_default_getgrnam;
+	(*methods)->add_group_mapping_entry = pdb_default_add_group_mapping_entry;
+	(*methods)->update_group_mapping_entry = pdb_default_update_group_mapping_entry;
+	(*methods)->delete_group_mapping_entry = pdb_default_delete_group_mapping_entry;
+	(*methods)->enum_group_mapping = pdb_default_enum_group_mapping;
+	(*methods)->enum_group_members = pdb_default_enum_group_members;
+	(*methods)->enum_group_memberships = pdb_default_enum_group_memberships;
+	(*methods)->find_alias = pdb_default_find_alias;
+	(*methods)->create_alias = pdb_default_create_alias;
+	(*methods)->delete_alias = pdb_default_delete_alias;
+	(*methods)->get_aliasinfo = pdb_default_get_aliasinfo;
+	(*methods)->set_aliasinfo = pdb_default_set_aliasinfo;
+	(*methods)->add_aliasmem = pdb_default_add_aliasmem;
+	(*methods)->del_aliasmem = pdb_default_del_aliasmem;
+	(*methods)->enum_aliasmem = pdb_default_enum_aliasmem;
+	(*methods)->enum_alias_memberships = pdb_default_alias_memberships;
+	(*methods)->lookup_rids = pdb_default_lookup_rids;
+	(*methods)->search_users = pdb_default_search_users;
+	(*methods)->search_groups = pdb_default_search_groups;
+	(*methods)->search_aliases = pdb_default_search_aliases;
+	(*methods)->search_next_entry = pdb_default_search_next_entry;
+	(*methods)->search_end = pdb_default_search_end;
+
+	return NT_STATUS_OK;
+}
-- 
cgit 


From f74f7c933db6c981661ce5fc8666b87ad7ef41cc Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Mon, 18 Apr 2005 16:07:49 +0000
Subject: r6367: Slim down pdb_interface.c a bit. next_entry and search_end are
 function pointers now.

Yes, Jeremy, this is about re-inventing C++... :-)

Volker
(This used to be commit a831e54738c7854e68c696e9cbb132c012ff223c)
---
 source3/passdb/pdb_interface.c | 245 ++++++++++-------------------------------
 1 file changed, 60 insertions(+), 185 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index edcd1c9222..c6880b1d50 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -702,31 +702,6 @@ static BOOL context_search_aliases(struct pdb_context *context,
 						    search, sid);
 }
 
-static BOOL context_search_next_entry(struct pdb_context *context,
-				      struct pdb_search *search,
-				      struct samr_displayentry *entry)
-{
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
-	}
-
-	return context->pdb_methods->search_next_entry(context->pdb_methods,
-						       search, entry);
-}
-
-static void context_search_end(struct pdb_context *context,
-			       struct pdb_search *search)
-{
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return;
-	}
-
-	context->pdb_methods->search_end(context->pdb_methods, search);
-	return;
-}
-
 /******************************************************************
   Free and cleanup a pdb context, any associated data and anything
   that the attached modules might have associated.
@@ -860,8 +835,6 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_search_users = context_search_users;
 	(*context)->pdb_search_groups = context_search_groups;
 	(*context)->pdb_search_aliases = context_search_aliases;
-	(*context)->pdb_search_next_entry = context_search_next_entry;
-	(*context)->pdb_search_end = context_search_end;
 
 	(*context)->free_fn = free_pdb_context;
 
@@ -1600,6 +1573,10 @@ static struct pdb_search *pdb_search_init(enum pdb_search_type type)
 	result->cache_size = 0;
 	result->search_ended = False;
 
+	/* Segfault appropriately if not initialized */
+	result->next_entry = NULL;
+	result->search_end = NULL;
+
 	return result;
 }
 
@@ -1634,38 +1611,8 @@ struct user_search {
 	uint16 acct_flags;
 };
 
-static BOOL pdb_default_search_users(struct pdb_methods *methods,
-				     struct pdb_search *search,
-				     uint16 acct_flags)
-{
-	struct user_search *state;
-
-	if (user_search_in_progress) {
-		DEBUG(1, ("user search in progress\n"));
-		return False;
-	}
-
-	if (!pdb_setsampwent(False, acct_flags)) {
-		DEBUG(5, ("Could not start search\n"));
-		return False;
-	}
-
-	user_search_in_progress = True;
-
-	state = TALLOC_P(search->mem_ctx, struct user_search);
-	if (state == NULL) {
-		DEBUG(0, ("talloc failed\n"));
-		return False;
-	}
-
-	state->acct_flags = acct_flags;
-
-	search->private = state;
-	return True;
-}
-
-static BOOL pdb_search_next_entry_users(struct pdb_search *s,
-					struct samr_displayentry *entry)
+static BOOL next_entry_users(struct pdb_search *s,
+			     struct samr_displayentry *entry)
 {
 	struct user_search *state = s->private;
 	SAM_ACCOUNT *user = NULL;
@@ -1698,41 +1645,51 @@ static BOOL pdb_search_next_entry_users(struct pdb_search *s,
 	return True;
 }
 
-static void pdb_search_end_users(struct pdb_search *search)
+static void search_end_users(struct pdb_search *search)
 {
 	pdb_endsampwent();
 	user_search_in_progress = False;
 }
 
-struct group_search {
-	GROUP_MAP *groups;
-	int num_groups, current_group;
-};
-
-static BOOL pdb_default_search_groups(struct pdb_methods *methods,
-				      struct pdb_search *search)
+static BOOL pdb_default_search_users(struct pdb_methods *methods,
+				     struct pdb_search *search,
+				     uint16 acct_flags)
 {
-	struct group_search *state;
+	struct user_search *state;
 
-	state = TALLOC_P(search->mem_ctx, struct group_search);
-	if (state == NULL) {
-		DEBUG(0, ("talloc failed\n"));
+	if (user_search_in_progress) {
+		DEBUG(1, ("user search in progress\n"));
 		return False;
 	}
 
-	if (!pdb_enum_group_mapping(SID_NAME_DOM_GRP, &state->groups,
-				    &state->num_groups, True)) {
-		DEBUG(0, ("Could not enum groups\n"));
+	if (!pdb_setsampwent(False, acct_flags)) {
+		DEBUG(5, ("Could not start search\n"));
 		return False;
 	}
 
-	state->current_group = 0;
+	user_search_in_progress = True;
+
+	state = TALLOC_P(search->mem_ctx, struct user_search);
+	if (state == NULL) {
+		DEBUG(0, ("talloc failed\n"));
+		return False;
+	}
+
+	state->acct_flags = acct_flags;
+
 	search->private = state;
+	search->next_entry = next_entry_users;
+	search->search_end = search_end_users;
 	return True;
 }
 
-static BOOL pdb_search_next_entry_group(struct pdb_search *s,
-					struct samr_displayentry *entry)
+struct group_search {
+	GROUP_MAP *groups;
+	int num_groups, current_group;
+};
+
+static BOOL next_entry_groups(struct pdb_search *s,
+			      struct samr_displayentry *entry)
 {
 	struct group_search *state = s->private;
 	uint32 rid;
@@ -1750,135 +1707,55 @@ static BOOL pdb_search_next_entry_group(struct pdb_search *s,
 	return True;
 }
 
-static void pdb_search_end_groups(struct pdb_search *search)
+static void search_end_groups(struct pdb_search *search)
 {
 	struct group_search *state = search->private;
 	SAFE_FREE(state->groups);
 }
 
-struct alias_search {
-	GROUP_MAP *aliases;
-	int num_aliases, current_alias;
-};
-
-static BOOL pdb_default_search_aliases(struct pdb_methods *methods,
-				       struct pdb_search *search,
-				       const DOM_SID *sid)
+static BOOL pdb_search_grouptype(struct pdb_search *search,
+				 enum SID_NAME_USE type)
 {
-	struct alias_search *state;
-	enum SID_NAME_USE type = SID_NAME_UNKNOWN;
-
-	if (sid_equal(sid, get_global_sam_sid()))
-		type = SID_NAME_ALIAS;
-
-	if (sid_equal(sid, &global_sid_Builtin))
-		type = SID_NAME_WKN_GRP;
-
-	if (type == SID_NAME_UNKNOWN) {
-		DEBUG(3, ("unknown domain sid: %s\n", sid_string_static(sid)));
-		return False;
-	}
+	struct group_search *state;
 
-	state = TALLOC_P(search->mem_ctx, struct alias_search);
+	state = TALLOC_P(search->mem_ctx, struct group_search);
 	if (state == NULL) {
 		DEBUG(0, ("talloc failed\n"));
 		return False;
 	}
 
-	if (!pdb_enum_group_mapping(type, &state->aliases,
-				    &state->num_aliases, False)) {
-		DEBUG(0, ("Could not enum aliases\n"));
+	if (!pdb_enum_group_mapping(type, &state->groups, &state->num_groups,
+				    True)) {
+		DEBUG(0, ("Could not enum groups\n"));
 		return False;
 	}
 
-	state->current_alias = 0;
+	state->current_group = 0;
 	search->private = state;
+	search->next_entry = next_entry_groups;
+	search->search_end = search_end_groups;
 	return True;
 }
 
-static BOOL pdb_search_next_entry_alias(struct pdb_search *s,
-					struct samr_displayentry *entry)
-{
-	struct alias_search *state = s->private;
-	uint32 rid;
-	GROUP_MAP *map = &state->aliases[state->current_alias];
-
-	if (state->current_alias == state->num_aliases)
-		return False;
-
-	sid_peek_rid(&map->sid, &rid);
-
-	fill_displayentry(s->mem_ctx, rid, 0, map->nt_name, NULL, map->comment,
-			  entry);
-
-	state->current_alias += 1;
-	return True;
-}
-
-static void pdb_search_end_aliases(struct pdb_search *search)
-{
-	struct alias_search *state = search->private;
-	SAFE_FREE(state->aliases);
-}
-
-static BOOL pdb_default_search_next_entry(struct pdb_methods *pdb_methods,
-					  struct pdb_search *search,
-					  struct samr_displayentry *entry)
-{
-	BOOL result = False;
-	switch (search->type) {
-	case PDB_USER_SEARCH:
-		result = pdb_search_next_entry_users(search, entry);
-		break;
-	case PDB_GROUP_SEARCH:
-		result = pdb_search_next_entry_group(search, entry);
-		break;
-	case PDB_ALIAS_SEARCH:
-		result = pdb_search_next_entry_alias(search, entry);
-		break;
-	default:
-		DEBUG(0, ("unknown search type: %d\n", search->type));
-		break;
-	}
-	return result;
-}
-
-static BOOL pdb_search_next_entry(struct pdb_search *search,
-				  struct samr_displayentry *entry)
+static BOOL pdb_default_search_groups(struct pdb_methods *methods,
+				      struct pdb_search *search)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
-
-	if (pdb_context == NULL) return False;
-
-	return pdb_context->pdb_search_next_entry(pdb_context, search, entry);
+	return pdb_search_grouptype(search, SID_NAME_DOM_GRP);
 }
 
-static void pdb_default_search_end(struct pdb_methods *pdb_methods,
-				   struct pdb_search *search)
+static BOOL pdb_default_search_aliases(struct pdb_methods *methods,
+				       struct pdb_search *search,
+				       const DOM_SID *sid)
 {
-	switch (search->type) {
-	case PDB_USER_SEARCH:
-		pdb_search_end_users(search);
-		break;
-	case PDB_GROUP_SEARCH:
-		pdb_search_end_groups(search);
-		break;
-	case PDB_ALIAS_SEARCH:
-		pdb_search_end_aliases(search);
-		break;
-	default:
-		DEBUG(0, ("unknown search type: %d\n", search->type));
-		break;
-	}
-}
 
-static void pdb_search_end(struct pdb_search *search)
-{
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	if (sid_equal(sid, get_global_sam_sid()))
+		return pdb_search_grouptype(search, SID_NAME_ALIAS);
 
-	if (pdb_context == NULL) return;
+	if (sid_equal(sid, &global_sid_Builtin))
+		return pdb_search_grouptype(search, SID_NAME_WKN_GRP);
 
-	pdb_context->pdb_search_end(pdb_context, search);
+	DEBUG(3, ("unknown domain sid: %s\n", sid_string_static(sid)));
+	return False;
 }
 
 static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
@@ -1893,8 +1770,8 @@ static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
 	while (idx >= search->num_entries) {
 		struct samr_displayentry entry;
 
-		if (!pdb_search_next_entry(search, &entry)) {
-			pdb_search_end(search);
+		if (!search->next_entry(search, &entry)) {
+			search->search_end(search);
 			search->search_ended = True;
 			break;
 		}
@@ -1987,7 +1864,7 @@ void pdb_search_destroy(struct pdb_search *search)
 		return;
 
 	if (!search->search_ended)
-		pdb_search_end(search);
+		search->search_end(search);
 
 	talloc_destroy(search->mem_ctx);
 }
@@ -2034,8 +1911,6 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->search_users = pdb_default_search_users;
 	(*methods)->search_groups = pdb_default_search_groups;
 	(*methods)->search_aliases = pdb_default_search_aliases;
-	(*methods)->search_next_entry = pdb_default_search_next_entry;
-	(*methods)->search_end = pdb_default_search_end;
 
 	return NT_STATUS_OK;
 }
-- 
cgit 


From 19ca97a70f6b7b41d251eaa76e4d3c980c6eedff Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Fri, 24 Jun 2005 20:25:18 +0000
Subject: r7882: Looks like a large patch - but what it actually does is make
 Samba safe for using our headers and linking with C++ modules. Stops us from
 using C++ reserved keywords in our code. Jeremy (This used to be commit
 9506b8e145982b1160a2f0aee5c9b7a54980940a)

---
 source3/passdb/pdb_interface.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index c6880b1d50..d4407492c2 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1614,7 +1614,7 @@ struct user_search {
 static BOOL next_entry_users(struct pdb_search *s,
 			     struct samr_displayentry *entry)
 {
-	struct user_search *state = s->private;
+	struct user_search *state = s->private_data;
 	SAM_ACCOUNT *user = NULL;
 	NTSTATUS status;
 
@@ -1677,7 +1677,7 @@ static BOOL pdb_default_search_users(struct pdb_methods *methods,
 
 	state->acct_flags = acct_flags;
 
-	search->private = state;
+	search->private_data = state;
 	search->next_entry = next_entry_users;
 	search->search_end = search_end_users;
 	return True;
@@ -1691,7 +1691,7 @@ struct group_search {
 static BOOL next_entry_groups(struct pdb_search *s,
 			      struct samr_displayentry *entry)
 {
-	struct group_search *state = s->private;
+	struct group_search *state = s->private_data;
 	uint32 rid;
 	GROUP_MAP *map = &state->groups[state->current_group];
 
@@ -1709,7 +1709,7 @@ static BOOL next_entry_groups(struct pdb_search *s,
 
 static void search_end_groups(struct pdb_search *search)
 {
-	struct group_search *state = search->private;
+	struct group_search *state = search->private_data;
 	SAFE_FREE(state->groups);
 }
 
@@ -1731,7 +1731,7 @@ static BOOL pdb_search_grouptype(struct pdb_search *search,
 	}
 
 	state->current_group = 0;
-	search->private = state;
+	search->private_data = state;
 	search->next_entry = next_entry_groups;
 	search->search_end = search_end_groups;
 	return True;
-- 
cgit 


From 54abd2aa66069e6baf7769c496f46d9dba18db39 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Fri, 30 Sep 2005 17:13:37 +0000
Subject: r10656: BIG merge from trunk.  Features not copied over

* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
---
 source3/passdb/pdb_interface.c | 134 +++++++++++++++++++++++++++++++++++------
 1 file changed, 117 insertions(+), 17 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index d4407492c2..a9e41984c3 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -665,43 +665,46 @@ static NTSTATUS context_lookup_rids(struct pdb_context *context,
 						 rids, names, attrs);
 }
 
-static BOOL context_search_users(struct pdb_context *context,
-				 struct pdb_search *search, uint16 acct_flags)
+static NTSTATUS context_get_account_policy(struct pdb_context *context,
+					   int policy_index, uint32 *value)
 {
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
 	if ((!context) || (!context->pdb_methods)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
+		return ret;
 	}
 
-	return context->pdb_methods->search_users(context->pdb_methods,
-						  search, acct_flags);
+	return context->pdb_methods->get_account_policy(context->pdb_methods,
+							policy_index, value);
 }
 
-static BOOL context_search_groups(struct pdb_context *context,
-				  struct pdb_search *search)
+static NTSTATUS context_set_account_policy(struct pdb_context *context,
+					   int policy_index, uint32 value)
 {
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
 	if ((!context) || (!context->pdb_methods)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
+		return ret;
 	}
 
-	return context->pdb_methods->search_groups(context->pdb_methods,
-						   search);
+	return context->pdb_methods->set_account_policy(context->pdb_methods,
+							policy_index, value);
 }
 
-static BOOL context_search_aliases(struct pdb_context *context,
-				   struct pdb_search *search,
-				   const DOM_SID *sid)
+static NTSTATUS context_get_seq_num(struct pdb_context *context, time_t *seq_num)
 {
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
 	if ((!context) || (!context->pdb_methods)) {
 		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
+		return ret;
 	}
 
-	return context->pdb_methods->search_aliases(context->pdb_methods,
-						    search, sid);
+	return context->pdb_methods->get_seq_num(context->pdb_methods, seq_num);
 }
-
+	
 /******************************************************************
   Free and cleanup a pdb context, any associated data and anything
   that the attached modules might have associated.
@@ -721,6 +724,43 @@ static void free_pdb_context(struct pdb_context **context)
 	*context = NULL;
 }
 
+static BOOL context_search_users(struct pdb_context *context,
+				 struct pdb_search *search, uint16 acct_flags)
+{
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->search_users(context->pdb_methods,
+						  search, acct_flags);
+}
+
+static BOOL context_search_groups(struct pdb_context *context,
+				  struct pdb_search *search)
+{
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->search_groups(context->pdb_methods,
+						   search);
+}
+
+static BOOL context_search_aliases(struct pdb_context *context,
+				   struct pdb_search *search,
+				   const DOM_SID *sid)
+{
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->search_aliases(context->pdb_methods,
+						    search, sid);
+}
+
 /******************************************************************
   Make a pdb_methods from scratch
  *******************************************************************/
@@ -832,6 +872,11 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_enum_alias_memberships = context_enum_alias_memberships;
 	(*context)->pdb_lookup_rids = context_lookup_rids;
 
+	(*context)->pdb_get_account_policy = context_get_account_policy;
+	(*context)->pdb_set_account_policy = context_set_account_policy;
+
+	(*context)->pdb_get_seq_num = context_get_seq_num;
+
 	(*context)->pdb_search_users = context_search_users;
 	(*context)->pdb_search_groups = context_search_groups;
 	(*context)->pdb_search_aliases = context_search_aliases;
@@ -1318,6 +1363,41 @@ NTSTATUS pdb_lookup_rids(TALLOC_CTX *mem_ctx,
 					    num_rids, rids, names, attrs);
 }
 
+BOOL pdb_get_account_policy(int policy_index, uint32 *value)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_get_account_policy(pdb_context, policy_index, value));
+}
+
+BOOL pdb_set_account_policy(int policy_index, uint32 value)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_set_account_policy(pdb_context, policy_index, value));
+}
+
+BOOL pdb_get_seq_num(time_t *seq_num)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return NT_STATUS_IS_OK(pdb_context->
+			       pdb_get_seq_num(pdb_context, seq_num));
+}
 /***************************************************************
   Initialize the static context (at smbd startup etc). 
 
@@ -1380,6 +1460,22 @@ static void pdb_default_endsampwent(struct pdb_methods *methods)
 	return; /* NT_STATUS_NOT_IMPLEMENTED; */
 }
 
+static NTSTATUS pdb_default_get_account_policy(struct pdb_methods *methods, int policy_index, uint32 *value)
+{
+	return account_policy_get(policy_index, value) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS pdb_default_set_account_policy(struct pdb_methods *methods, int policy_index, uint32 value)
+{
+	return account_policy_set(policy_index, value) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS pdb_default_get_seq_num(struct pdb_methods *methods, time_t *seq_num)
+{
+	*seq_num = time(NULL);
+	return NT_STATUS_OK;
+}
+
 static void add_uid_to_array_unique(TALLOC_CTX *mem_ctx,
 				    uid_t uid, uid_t **uids, int *num)
 {
@@ -1908,6 +2004,10 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->enum_aliasmem = pdb_default_enum_aliasmem;
 	(*methods)->enum_alias_memberships = pdb_default_alias_memberships;
 	(*methods)->lookup_rids = pdb_default_lookup_rids;
+	(*methods)->get_account_policy = pdb_default_get_account_policy;
+	(*methods)->set_account_policy = pdb_default_set_account_policy;
+	(*methods)->get_seq_num = pdb_default_get_seq_num;
+
 	(*methods)->search_users = pdb_default_search_users;
 	(*methods)->search_groups = pdb_default_search_groups;
 	(*methods)->search_aliases = pdb_default_search_aliases;
-- 
cgit 


From 254938c636b6062630d54a598b2975d7a984f70d Mon Sep 17 00:00:00 2001
From: Jim McDonough <jmcd@samba.org>
Date: Tue, 11 Oct 2005 20:14:04 +0000
Subject: r10911: part of #2861: add rename support for usrmgr.exe when using
 tdbsam

This gets it working before replacing tdb with the samba4 version.
(This used to be commit 8210b0503a050e12ee1b4335fa6e50d10ad06577)
---
 source3/passdb/pdb_interface.c | 58 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index a9e41984c3..485f405568 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -325,6 +325,41 @@ static NTSTATUS context_delete_sam_account(struct pdb_context *context, SAM_ACCO
 	return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
 }
 
+static NTSTATUS context_rename_sam_account(struct pdb_context *context, SAM_ACCOUNT *oldname, const char *newname)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	struct pdb_methods *pdb_selected;
+	if (!context) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	if (!oldname->methods){
+		pdb_selected = context->pdb_methods;
+		/* There's no passdb backend specified for this account.
+		 * Try to delete it in every passdb available 
+		 * Needed to delete accounts in smbpasswd that are not
+		 * in /etc/passwd.
+		 */
+		while (pdb_selected){
+			if (NT_STATUS_IS_OK(ret = pdb_selected->rename_sam_account(pdb_selected, oldname, newname))) {
+				return ret;
+			}
+			pdb_selected = pdb_selected->next;
+		}
+		return ret;
+	}
+
+	if (!oldname->methods->rename_sam_account){
+		DEBUG(0,("invalid oldname->methods->rename_sam_account\n"));
+		return ret;
+	}
+	
+	return oldname->methods->rename_sam_account(oldname->methods, oldname, newname);
+}
+
+
 static NTSTATUS context_update_login_attempts(struct pdb_context *context,
 						SAM_ACCOUNT *sam_acct, BOOL success)
 {
@@ -850,6 +885,7 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_add_sam_account = context_add_sam_account;
 	(*context)->pdb_update_sam_account = context_update_sam_account;
 	(*context)->pdb_delete_sam_account = context_delete_sam_account;
+	(*context)->pdb_rename_sam_account = context_rename_sam_account;
 	(*context)->pdb_update_login_attempts = context_update_login_attempts;
 	(*context)->pdb_getgrsid = context_getgrsid;
 	(*context)->pdb_getgrgid = context_getgrgid;
@@ -1103,6 +1139,22 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
 	return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
 }
 
+NTSTATUS pdb_rename_sam_account(SAM_ACCOUNT *oldname, const char *newname)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return NT_STATUS_NOT_IMPLEMENTED;
+	}
+
+	if (sam_account_cache != NULL) {
+		pdb_free_sam(&sam_account_cache);
+		sam_account_cache = NULL;
+	}
+
+	return pdb_context->pdb_rename_sam_account(pdb_context, oldname, newname);
+}
+
 NTSTATUS pdb_update_login_attempts(SAM_ACCOUNT *sam_acct, BOOL success)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
@@ -1440,6 +1492,11 @@ static NTSTATUS pdb_default_delete_sam_account (struct pdb_methods *methods, SAM
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
+static NTSTATUS pdb_default_rename_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *pwd, const char *newname)
+{
+	return NT_STATUS_NOT_IMPLEMENTED;
+}
+
 static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods, SAM_ACCOUNT *newpwd, BOOL success)
 {
 	return NT_STATUS_OK;
@@ -1983,6 +2040,7 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->add_sam_account = pdb_default_add_sam_account;
 	(*methods)->update_sam_account = pdb_default_update_sam_account;
 	(*methods)->delete_sam_account = pdb_default_delete_sam_account;
+	(*methods)->rename_sam_account = pdb_default_rename_sam_account;
 	(*methods)->update_login_attempts = pdb_default_update_login_attempts;
 
 	(*methods)->getgrsid = pdb_default_getgrsid;
-- 
cgit 


From 8d7c88667190fe286971ac4fffb64ee5bd9eeeb0 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 18 Oct 2005 03:24:00 +0000
Subject: r11137: Compile with only 2 warnings (I'm still working on that code)
 on a gcc4 x86_64 box. Jeremy. (This used to be commit
 d720867a788c735e56d53d63265255830ec21208)

---
 source3/passdb/pdb_interface.c | 119 ++++++++++++++++++++---------------------
 1 file changed, 59 insertions(+), 60 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 485f405568..482f3e3c9b 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -491,7 +491,7 @@ static NTSTATUS context_delete_group_mapping_entry(struct pdb_context *context,
 
 static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
 					   enum SID_NAME_USE sid_name_use,
-					   GROUP_MAP **rmap, int *num_entries,
+					   GROUP_MAP **pp_rmap, size_t *p_num_entries,
 					   BOOL unix_only)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
@@ -502,15 +502,15 @@ static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
 	}
 
 	return context->pdb_methods->enum_group_mapping(context->pdb_methods,
-							sid_name_use, rmap,
-							num_entries, unix_only);
+							sid_name_use, pp_rmap,
+							p_num_entries, unix_only);
 }
 
 static NTSTATUS context_enum_group_members(struct pdb_context *context,
 					   TALLOC_CTX *mem_ctx,
 					   const DOM_SID *group,
-					   uint32 **member_rids,
-					   int *num_members)
+					   uint32 **pp_member_rids,
+					   size_t *p_num_members)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -521,15 +521,15 @@ static NTSTATUS context_enum_group_members(struct pdb_context *context,
 
 	return context->pdb_methods->enum_group_members(context->pdb_methods,
 							mem_ctx, group,
-							member_rids,
-							num_members);
+							pp_member_rids,
+							p_num_members);
 }
 
 static NTSTATUS context_enum_group_memberships(struct pdb_context *context,
 					       const char *username,
 					       gid_t primary_gid,
-					       DOM_SID **sids, gid_t **gids,
-					       int *num_groups)
+					       DOM_SID **pp_sids, gid_t **pp_gids,
+					       size_t *p_num_groups)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -540,7 +540,7 @@ static NTSTATUS context_enum_group_memberships(struct pdb_context *context,
 
 	return context->pdb_methods->
 		enum_group_memberships(context->pdb_methods, username,
-				       primary_gid, sids, gids, num_groups);
+				       primary_gid, pp_sids, pp_gids, p_num_groups);
 }
 
 static NTSTATUS context_find_alias(struct pdb_context *context,
@@ -645,8 +645,8 @@ static NTSTATUS context_del_aliasmem(struct pdb_context *context,
 }
 	
 static NTSTATUS context_enum_aliasmem(struct pdb_context *context,
-				      const DOM_SID *alias, DOM_SID **members,
-				      int *num)
+				      const DOM_SID *alias, DOM_SID **pp_members,
+				      size_t *p_num)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -656,16 +656,16 @@ static NTSTATUS context_enum_aliasmem(struct pdb_context *context,
 	}
 
 	return context->pdb_methods->enum_aliasmem(context->pdb_methods,
-						   alias, members, num);
+						   alias, pp_members, p_num);
 }
 	
 static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
 					       TALLOC_CTX *mem_ctx,
 					       const DOM_SID *domain_sid,
 					       const DOM_SID *members,
-					       int num_members,
-					       uint32 **alias_rids,
-					       int *num_alias_rids)
+					       size_t num_members,
+					       uint32 **pp_alias_rids,
+					       size_t *p_num_alias_rids)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -677,16 +677,16 @@ static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
 	return context->pdb_methods->
 		enum_alias_memberships(context->pdb_methods, mem_ctx,
 				       domain_sid, members, num_members,
-				       alias_rids, num_alias_rids);
+				       pp_alias_rids, p_num_alias_rids);
 }
 
 static NTSTATUS context_lookup_rids(struct pdb_context *context,
 				    TALLOC_CTX *mem_ctx,
 				    const DOM_SID *domain_sid,
-				    int num_rids,
+				    size_t num_rids,
 				    uint32 *rids,
-				    const char ***names,
-				    uint32 **attrs)
+				    const char ***pp_names,
+				    uint32 **pp_attrs)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -697,7 +697,7 @@ static NTSTATUS context_lookup_rids(struct pdb_context *context,
 
 	return context->pdb_methods->lookup_rids(context->pdb_methods,
 						 mem_ctx, domain_sid, num_rids,
-						 rids, names, attrs);
+						 rids, pp_names, pp_attrs);
 }
 
 static NTSTATUS context_get_account_policy(struct pdb_context *context,
@@ -1238,8 +1238,8 @@ BOOL pdb_delete_group_mapping_entry(DOM_SID sid)
 			       pdb_delete_group_mapping_entry(pdb_context, sid));
 }
 
-BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
-			    int *num_entries, BOOL unix_only)
+BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
+			    size_t *p_num_entries, BOOL unix_only)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -1249,13 +1249,13 @@ BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
 
 	return NT_STATUS_IS_OK(pdb_context->
 			       pdb_enum_group_mapping(pdb_context, sid_name_use,
-						      rmap, num_entries, unix_only));
+						      pp_rmap, p_num_entries, unix_only));
 }
 
 NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
 				const DOM_SID *sid,
-				uint32 **member_rids,
-				int *num_members)
+				uint32 **pp_member_rids,
+				size_t *p_num_members)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -1264,12 +1264,12 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
 	}
 
 	return pdb_context->pdb_enum_group_members(pdb_context, mem_ctx, sid, 
-						   member_rids, num_members);
+						   pp_member_rids, p_num_members);
 }
 
 NTSTATUS pdb_enum_group_memberships(const char *username, gid_t primary_gid,
-				    DOM_SID **sids, gid_t **gids,
-				    int *num_groups)
+				    DOM_SID **pp_sids, gid_t **pp_gids,
+				    size_t *p_num_groups)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -1278,8 +1278,8 @@ NTSTATUS pdb_enum_group_memberships(const char *username, gid_t primary_gid,
 	}
 
 	return pdb_context->pdb_enum_group_memberships(pdb_context, username,
-						       primary_gid, sids, gids,
-						       num_groups);
+						       primary_gid, pp_sids, pp_gids,
+						       p_num_groups);
 }
 
 BOOL pdb_find_alias(const char *name, DOM_SID *sid)
@@ -1367,7 +1367,7 @@ BOOL pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
 }
 
 BOOL pdb_enum_aliasmem(const DOM_SID *alias,
-		       DOM_SID **members, int *num_members)
+		       DOM_SID **pp_members, size_t *p_num_members)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -1377,12 +1377,12 @@ BOOL pdb_enum_aliasmem(const DOM_SID *alias,
 
 	return NT_STATUS_IS_OK(pdb_context->
 			       pdb_enum_aliasmem(pdb_context, alias,
-						 members, num_members));
+						 pp_members, p_num_members));
 }
 
 BOOL pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid,
-				const DOM_SID *members, int num_members,
-				uint32 **alias_rids, int *num_alias_rids)
+				const DOM_SID *members, size_t num_members,
+				uint32 **pp_alias_rids, size_t *p_num_alias_rids)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -1394,8 +1394,8 @@ BOOL pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid,
 			       pdb_enum_alias_memberships(pdb_context, mem_ctx,
 							  domain_sid,
 							  members, num_members,
-							  alias_rids,
-							  num_alias_rids));
+							  pp_alias_rids,
+							  p_num_alias_rids));
 }
 
 NTSTATUS pdb_lookup_rids(TALLOC_CTX *mem_ctx,
@@ -1534,33 +1534,32 @@ static NTSTATUS pdb_default_get_seq_num(struct pdb_methods *methods, time_t *seq
 }
 
 static void add_uid_to_array_unique(TALLOC_CTX *mem_ctx,
-				    uid_t uid, uid_t **uids, int *num)
+				    uid_t uid, uid_t **pp_uids, size_t *p_num)
 {
-	int i;
+	size_t i;
 
-	for (i=0; i<*num; i++) {
-		if ((*uids)[i] == uid)
+	for (i=0; i<*p_num; i++) {
+		if ((*pp_uids)[i] == uid)
 			return;
 	}
 	
-	*uids = TALLOC_REALLOC_ARRAY(mem_ctx, *uids, uid_t, *num+1);
+	*pp_uids = TALLOC_REALLOC_ARRAY(mem_ctx, *pp_uids, uid_t, *p_num+1);
 
-	if (*uids == NULL)
+	if (*pp_uids == NULL)
 		return;
 
-	(*uids)[*num] = uid;
-	*num += 1;
+	(*pp_uids)[*p_num] = uid;
+	*p_num += 1;
 }
 
-static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **uids,
-			   int *num)
+static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size_t *p_num)
 {
 	struct group *grp;
 	char **gr;
 	struct sys_pwent *userlist, *user;
  
-	*uids = NULL;
-	*num = 0;
+	*pp_uids = NULL;
+	*p_num = 0;
 
 	/* We only look at our own sam, so don't care about imported stuff */
 
@@ -1578,7 +1577,7 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **uids,
 	for (user = userlist; user != NULL; user = user->next) {
 		if (user->pw_gid != gid)
 			continue;
-		add_uid_to_array_unique(mem_ctx, user->pw_uid, uids, num);
+		add_uid_to_array_unique(mem_ctx, user->pw_uid, pp_uids, p_num);
 	}
 
 	pwent_free(userlist);
@@ -1590,7 +1589,7 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **uids,
 
 		if (pw == NULL)
 			continue;
-		add_uid_to_array_unique(mem_ctx, pw->pw_uid, uids, num);
+		add_uid_to_array_unique(mem_ctx, pw->pw_uid, pp_uids, p_num);
 	}
 
 	winbind_on();
@@ -1601,15 +1600,15 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **uids,
 NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 					TALLOC_CTX *mem_ctx,
 					const DOM_SID *group,
-					uint32 **member_rids,
-					int *num_members)
+					uint32 **pp_member_rids,
+					size_t *p_num_members)
 {
 	gid_t gid;
 	uid_t *uids;
-	int i, num_uids;
+	size_t i, num_uids;
 
-	*member_rids = NULL;
-	*num_members = 0;
+	*pp_member_rids = NULL;
+	*p_num_members = 0;
 
 	if (!NT_STATUS_IS_OK(sid_to_gid(group, &gid)))
 		return NT_STATUS_NO_SUCH_GROUP;
@@ -1620,7 +1619,7 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 	if (num_uids == 0)
 		return NT_STATUS_OK;
 
-	*member_rids = TALLOC_ZERO_ARRAY(mem_ctx, uint32, num_uids);
+	*pp_member_rids = TALLOC_ZERO_ARRAY(mem_ctx, uint32, num_uids);
 
 	for (i=0; i<num_uids; i++) {
 		DOM_SID sid;
@@ -1636,8 +1635,8 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 			continue;
 		}
 
-		sid_peek_rid(&sid, &(*member_rids)[*num_members]);
-		*num_members += 1;
+		sid_peek_rid(&sid, &(*pp_member_rids)[*p_num_members]);
+		*p_num_members += 1;
 	}
 
 	return NT_STATUS_OK;
@@ -1838,7 +1837,7 @@ static BOOL pdb_default_search_users(struct pdb_methods *methods,
 
 struct group_search {
 	GROUP_MAP *groups;
-	int num_groups, current_group;
+	size_t num_groups, current_group;
 };
 
 static BOOL next_entry_groups(struct pdb_search *s,
-- 
cgit 


From 046a8873b9001662eff7bbdf549d2a511216c092 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sat, 26 Nov 2005 22:04:28 +0000
Subject: r11922: Looks bigger than it is: There's no point in allocating
 arrays in samr_lookup_rids twice. It was done in the srv_samr_nt.c code as
 well as in the pdb module. Remove the latter, this might happen more often.

Volker
(This used to be commit 57f0cf8cdd6928f4759036e5dd53d41736aa910d)
---
 source3/passdb/pdb_interface.c | 38 ++++++++++++++------------------------
 1 file changed, 14 insertions(+), 24 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 482f3e3c9b..9605349781 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -681,12 +681,11 @@ static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
 }
 
 static NTSTATUS context_lookup_rids(struct pdb_context *context,
-				    TALLOC_CTX *mem_ctx,
 				    const DOM_SID *domain_sid,
 				    size_t num_rids,
 				    uint32 *rids,
-				    const char ***pp_names,
-				    uint32 **pp_attrs)
+				    const char **pp_names,
+				    uint32 *pp_attrs)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
 
@@ -696,7 +695,7 @@ static NTSTATUS context_lookup_rids(struct pdb_context *context,
 	}
 
 	return context->pdb_methods->lookup_rids(context->pdb_methods,
-						 mem_ctx, domain_sid, num_rids,
+						 domain_sid, num_rids,
 						 rids, pp_names, pp_attrs);
 }
 
@@ -1398,12 +1397,11 @@ BOOL pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid,
 							  p_num_alias_rids));
 }
 
-NTSTATUS pdb_lookup_rids(TALLOC_CTX *mem_ctx,
-			 const DOM_SID *domain_sid,
+NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid,
 			 int num_rids,
 			 uint32 *rids,
-			 const char ***names,
-			 uint32 **attrs)
+			 const char **names,
+			 uint32 *attrs)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
@@ -1411,7 +1409,7 @@ NTSTATUS pdb_lookup_rids(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_NOT_IMPLEMENTED;
 	}
 
-	return pdb_context->pdb_lookup_rids(pdb_context, mem_ctx, domain_sid,
+	return pdb_context->pdb_lookup_rids(pdb_context, domain_sid,
 					    num_rids, rids, names, attrs);
 }
 
@@ -1643,24 +1641,17 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 }
 
 NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
-				 TALLOC_CTX *mem_ctx,
 				 const DOM_SID *domain_sid,
 				 int num_rids,
 				 uint32 *rids,
-				 const char ***names,
-				 uint32 **attrs)
+				 const char **names,
+				 uint32 *attrs)
 {
 	int i;
 	NTSTATUS result;
 	BOOL have_mapped = False;
 	BOOL have_unmapped = False;
 
-	(*names) = TALLOC_ZERO_ARRAY(mem_ctx, const char *, num_rids);
-	(*attrs) = TALLOC_ZERO_ARRAY(mem_ctx, uint32, num_rids);
-
-	if ((num_rids != 0) && (((*names) == NULL) || ((*attrs) == NULL)))
-		return NT_STATUS_NO_MEMORY;
-
 	if (!sid_equal(domain_sid, get_global_sam_sid())) {
 		/* TODO: Sooner or later we need to look up BUILTIN rids as
 		 * well. -- vl */
@@ -1673,18 +1664,17 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 		DOM_SID sid;
    		enum SID_NAME_USE type;
 
-		(*attrs)[i] = SID_NAME_UNKNOWN;
+		attrs[i] = SID_NAME_UNKNOWN;
 
 		sid_copy(&sid, domain_sid);
 		sid_append_rid(&sid, rids[i]);
 
 		if (lookup_sid(&sid, domname, tmpname, &type)) {
-			(*attrs)[i] = (uint32)type;
-			(*names)[i] = talloc_strdup(mem_ctx, tmpname);
-			if ((*names)[i] == NULL)
+			attrs[i] = (uint32)type;
+			names[i] = talloc_strdup(names, tmpname);
+			if (names[i] == NULL)
 				return NT_STATUS_NO_MEMORY;
-			DEBUG(5,("lookup_rids: %s:%d\n", (*names)[i],
-				 (*attrs)[i]));
+			DEBUG(5,("lookup_rids: %s:%d\n", names[i], attrs[i]));
 			have_mapped = True;
 		} else {
 			have_unmapped = True;
-- 
cgit 


From 10bc204efb9a56d1f1f53326d4354e39851e635a Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sat, 26 Nov 2005 22:28:41 +0000
Subject: r11923: Add samr_lookup_rids for the builtin domain. Doing it this
 way feels a bit wrong, but so far we don't have proper multi-domain support
 in passdb yet...

Volker
(This used to be commit c917cfc320f0250d23fda3525a7632bc01643707)
---
 source3/passdb/pdb_interface.c | 37 ++++++++++++++++++++++++++-----------
 1 file changed, 26 insertions(+), 11 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 9605349781..875e264bf0 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1652,24 +1652,38 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 	BOOL have_mapped = False;
 	BOOL have_unmapped = False;
 
-	if (!sid_equal(domain_sid, get_global_sam_sid())) {
-		/* TODO: Sooner or later we need to look up BUILTIN rids as
-		 * well. -- vl */
+	if (sid_check_is_builtin(domain_sid)) {
+
+		for (i=0; i<num_rids; i++) {
+			fstring name;
+
+			if (lookup_builtin_rid(rids[i], name)) {
+				attrs[i] = SID_NAME_ALIAS;
+				names[i] = talloc_strdup(names, name);
+				if (names[i] == NULL) {
+					return NT_STATUS_NO_MEMORY;
+				}
+				DEBUG(5,("lookup_rids: %s:%d\n",
+					 names[i], attrs[i]));
+				have_mapped = True;
+			} else {
+				have_unmapped = True;
+				attrs[i] = SID_NAME_UNKNOWN;
+			}
+		}
 		goto done;
 	}
 
+	/* Should not happen, but better check once too many */
+	if (!sid_check_is_domain(domain_sid)) {
+		return NT_STATUS_INVALID_HANDLE;
+	}
+
 	for (i = 0; i < num_rids; i++) {
 		fstring tmpname;
-		fstring domname;
-		DOM_SID sid;
    		enum SID_NAME_USE type;
 
-		attrs[i] = SID_NAME_UNKNOWN;
-
-		sid_copy(&sid, domain_sid);
-		sid_append_rid(&sid, rids[i]);
-
-		if (lookup_sid(&sid, domname, tmpname, &type)) {
+		if (lookup_global_sam_rid(rids[i], tmpname, &type)) {
 			attrs[i] = (uint32)type;
 			names[i] = talloc_strdup(names, tmpname);
 			if (names[i] == NULL)
@@ -1678,6 +1692,7 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 			have_mapped = True;
 		} else {
 			have_unmapped = True;
+			attrs[i] = SID_NAME_UNKNOWN;
 		}
 	}
 
-- 
cgit 


From 05ac2de0df78d22ad5afb42ea5c72ba17bef8395 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sat, 3 Dec 2005 18:34:13 +0000
Subject: r12051: Merge across the lookup_name and lookup_sid work. Lets see
 how the build farm reacts :-)

Volker
(This used to be commit 9f99d04a54588cd9d1a1ab163ebb304437f932f7)
---
 source3/passdb/pdb_interface.c | 116 ++++++++++++++++++++++++++++++++++++-----
 1 file changed, 102 insertions(+), 14 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 875e264bf0..6ac5a3e965 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -699,6 +699,25 @@ static NTSTATUS context_lookup_rids(struct pdb_context *context,
 						 rids, pp_names, pp_attrs);
 }
 
+static NTSTATUS context_lookup_names(struct pdb_context *context,
+				     const DOM_SID *domain_sid,
+				     size_t num_names,
+				     const char **pp_names,
+				     uint32 *rids,
+				     uint32 *pp_attrs)
+{
+	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+	if ((!context) || (!context->pdb_methods)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return ret;
+	}
+
+	return context->pdb_methods->lookup_names(context->pdb_methods,
+						  domain_sid, num_names,
+						  pp_names, rids, pp_attrs);
+}
+
 static NTSTATUS context_get_account_policy(struct pdb_context *context,
 					   int policy_index, uint32 *value)
 {
@@ -906,6 +925,7 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_enum_aliasmem = context_enum_aliasmem;
 	(*context)->pdb_enum_alias_memberships = context_enum_alias_memberships;
 	(*context)->pdb_lookup_rids = context_lookup_rids;
+	(*context)->pdb_lookup_names = context_lookup_names;
 
 	(*context)->pdb_get_account_policy = context_get_account_policy;
 	(*context)->pdb_set_account_policy = context_set_account_policy;
@@ -1413,6 +1433,22 @@ NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid,
 					    num_rids, rids, names, attrs);
 }
 
+NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
+			  int num_names,
+			  const char **names,
+			  uint32 *rids,
+			  uint32 *attrs)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return NT_STATUS_NOT_IMPLEMENTED;
+	}
+
+	return pdb_context->pdb_lookup_names(pdb_context, domain_sid,
+					     num_names, names, rids, attrs);
+}
+
 BOOL pdb_get_account_policy(int policy_index, uint32 *value)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
@@ -1655,14 +1691,11 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 	if (sid_check_is_builtin(domain_sid)) {
 
 		for (i=0; i<num_rids; i++) {
-			fstring name;
+			char *name;
 
-			if (lookup_builtin_rid(rids[i], name)) {
+			if (lookup_builtin_rid(names, rids[i], &name)) {
 				attrs[i] = SID_NAME_ALIAS;
-				names[i] = talloc_strdup(names, name);
-				if (names[i] == NULL) {
-					return NT_STATUS_NO_MEMORY;
-				}
+				names[i] = name;
 				DEBUG(5,("lookup_rids: %s:%d\n",
 					 names[i], attrs[i]));
 				have_mapped = True;
@@ -1680,14 +1713,69 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 	}
 
 	for (i = 0; i < num_rids; i++) {
-		fstring tmpname;
-   		enum SID_NAME_USE type;
-
-		if (lookup_global_sam_rid(rids[i], tmpname, &type)) {
-			attrs[i] = (uint32)type;
-			names[i] = talloc_strdup(names, tmpname);
-			if (names[i] == NULL)
-				return NT_STATUS_NO_MEMORY;
+		char *name;
+
+		if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i])) {
+			names[i] = name;
+			DEBUG(5,("lookup_rids: %s:%d\n", names[i], attrs[i]));
+			have_mapped = True;
+		} else {
+			have_unmapped = True;
+			attrs[i] = SID_NAME_UNKNOWN;
+		}
+	}
+
+ done:
+
+	result = NT_STATUS_NONE_MAPPED;
+
+	if (have_mapped)
+		result = have_unmapped ? STATUS_SOME_UNMAPPED : NT_STATUS_OK;
+
+	return result;
+}
+
+NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
+				  const DOM_SID *domain_sid,
+				  int num_names,
+				  const char **names,
+				  uint32 *rids,
+				  uint32 *attrs)
+{
+	int i;
+	NTSTATUS result;
+	BOOL have_mapped = False;
+	BOOL have_unmapped = False;
+
+	if (sid_check_is_builtin(domain_sid)) {
+
+		for (i=0; i<num_names; i++) {
+			uint32 rid;
+
+			if (lookup_builtin_name(names[i], &rid)) {
+				attrs[i] = SID_NAME_ALIAS;
+				rids[i] = rid;
+				DEBUG(5,("lookup_rids: %s:%d\n",
+					 names[i], attrs[i]));
+				have_mapped = True;
+			} else {
+				have_unmapped = True;
+				attrs[i] = SID_NAME_UNKNOWN;
+			}
+		}
+		goto done;
+	}
+
+	/* Should not happen, but better check once too many */
+	if (!sid_check_is_domain(domain_sid)) {
+		return NT_STATUS_INVALID_HANDLE;
+	}
+
+	for (i = 0; i < num_names; i++) {
+		char *name;
+
+		if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i])) {
+			names[i] = name;
 			DEBUG(5,("lookup_rids: %s:%d\n", names[i], attrs[i]));
 			have_mapped = True;
 		} else {
-- 
cgit 


From 661c5c741a5285a5ddf8c1fc74ba50335f1c1931 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sat, 10 Dec 2005 11:22:01 +0000
Subject: r12163: Change lookup_sid and lookup_name to return const char *
 instead of char *, use a temporary talloc_ctx for clarity.

Volker
(This used to be commit b15815c804bf3e558ed6357b5e9a6e3e0fac777f)
---
 source3/passdb/pdb_interface.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 6ac5a3e965..4808af3908 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1691,7 +1691,7 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 	if (sid_check_is_builtin(domain_sid)) {
 
 		for (i=0; i<num_rids; i++) {
-			char *name;
+			const char *name;
 
 			if (lookup_builtin_rid(names, rids[i], &name)) {
 				attrs[i] = SID_NAME_ALIAS;
@@ -1713,7 +1713,7 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 	}
 
 	for (i = 0; i < num_rids; i++) {
-		char *name;
+		const char *name;
 
 		if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i])) {
 			names[i] = name;
@@ -1772,7 +1772,7 @@ NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
 	}
 
 	for (i = 0; i < num_names; i++) {
-		char *name;
+		const char *name;
 
 		if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i])) {
 			names[i] = name;
-- 
cgit 


From 0af1500fc0bafe61019f1b2ab1d9e1d369221240 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Fri, 3 Feb 2006 22:19:41 +0000
Subject: r13316: Let the carnage begin.... Sync with trunk as off r13315 (This
 used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)

---
 source3/passdb/pdb_interface.c | 444 +++++++++++++++++++++++++++++++++++------
 1 file changed, 388 insertions(+), 56 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 4808af3908..d8afff2111 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -36,7 +36,10 @@ static void lazy_initialize_passdb(void)
 }
 
 static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name);
-
+static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
+				  const char **name,
+				  enum SID_NAME_USE *psid_name_use,
+				  union unid_t *unix_id);
 /*******************************************************************
  Clean up uninitialised passwords.  The only way to tell 
  that these values are not 'real' is that they do not
@@ -526,9 +529,10 @@ static NTSTATUS context_enum_group_members(struct pdb_context *context,
 }
 
 static NTSTATUS context_enum_group_memberships(struct pdb_context *context,
-					       const char *username,
-					       gid_t primary_gid,
-					       DOM_SID **pp_sids, gid_t **pp_gids,
+					       TALLOC_CTX *mem_ctx,
+					       SAM_ACCOUNT *user,
+					       DOM_SID **pp_sids,
+					       gid_t **pp_gids,
 					       size_t *p_num_groups)
 {
 	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
@@ -539,8 +543,8 @@ static NTSTATUS context_enum_group_memberships(struct pdb_context *context,
 	}
 
 	return context->pdb_methods->
-		enum_group_memberships(context->pdb_methods, username,
-				       primary_gid, pp_sids, pp_gids, p_num_groups);
+		enum_group_memberships(context->pdb_methods, mem_ctx, user,
+				       pp_sids, pp_gids, p_num_groups);
 }
 
 static NTSTATUS context_find_alias(struct pdb_context *context,
@@ -757,6 +761,63 @@ static NTSTATUS context_get_seq_num(struct pdb_context *context, time_t *seq_num
 
 	return context->pdb_methods->get_seq_num(context->pdb_methods, seq_num);
 }
+
+static BOOL context_uid_to_rid(struct pdb_context *context, uid_t uid,
+			       uint32 *rid)
+{
+	if ((context == NULL) || (context->pdb_methods == NULL)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->uid_to_rid(context->pdb_methods, uid,
+						rid);
+}
+	
+static BOOL context_gid_to_sid(struct pdb_context *context, gid_t gid,
+			       DOM_SID *sid)
+{
+	if ((context == NULL) || (context->pdb_methods == NULL)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->gid_to_sid(context->pdb_methods, gid,
+						sid);
+}
+
+static BOOL context_sid_to_id(struct pdb_context *context,
+			      const DOM_SID *sid,
+			      union unid_t *id, enum SID_NAME_USE *type)
+{
+	if ((context == NULL) || (context->pdb_methods == NULL)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->sid_to_id(context->pdb_methods, sid,
+					       id, type);
+}
+	
+static BOOL context_rid_algorithm(struct pdb_context *context)
+{
+	if ((context == NULL) || (context->pdb_methods == NULL)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->rid_algorithm(context->pdb_methods);
+}
+	
+static BOOL context_new_rid(struct pdb_context *context, uint32 *rid)
+{
+	if ((context == NULL) || (context->pdb_methods == NULL)) {
+		DEBUG(0, ("invalid pdb_context specified!\n"));
+		return False;
+	}
+
+	return context->pdb_methods->new_rid(context->pdb_methods, rid);
+}
 	
 /******************************************************************
   Free and cleanup a pdb context, any associated data and anything
@@ -936,6 +997,13 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
 	(*context)->pdb_search_groups = context_search_groups;
 	(*context)->pdb_search_aliases = context_search_aliases;
 
+	(*context)->pdb_uid_to_rid = context_uid_to_rid;
+	(*context)->pdb_gid_to_sid = context_gid_to_sid;
+	(*context)->pdb_sid_to_id = context_sid_to_id;
+
+	(*context)->pdb_rid_algorithm = context_rid_algorithm;
+	(*context)->pdb_new_rid = context_new_rid;
+
 	(*context)->free_fn = free_pdb_context;
 
 	return NT_STATUS_OK;
@@ -1126,12 +1194,12 @@ BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct)
 	return NT_STATUS_IS_OK(pdb_context->pdb_add_sam_account(pdb_context, sam_acct));
 }
 
-BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct) 
+NTSTATUS pdb_update_sam_account(SAM_ACCOUNT *sam_acct) 
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
 	if (!pdb_context) {
-		return False;
+		return NT_STATUS_UNSUCCESSFUL;
 	}
 
 	if (sam_account_cache != NULL) {
@@ -1139,7 +1207,7 @@ BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
 		sam_account_cache = NULL;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_update_sam_account(pdb_context, sam_acct));
+	return pdb_context->pdb_update_sam_account(pdb_context, sam_acct);
 }
 
 BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct) 
@@ -1221,28 +1289,26 @@ BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
 			       pdb_getgrnam(pdb_context, map, name));
 }
 
-BOOL pdb_add_group_mapping_entry(GROUP_MAP *map)
+NTSTATUS pdb_add_group_mapping_entry(GROUP_MAP *map)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
 	if (!pdb_context) {
-		return False;
+		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_add_group_mapping_entry(pdb_context, map));
+	return pdb_context->pdb_add_group_mapping_entry(pdb_context, map);
 }
 
-BOOL pdb_update_group_mapping_entry(GROUP_MAP *map)
+NTSTATUS pdb_update_group_mapping_entry(GROUP_MAP *map)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
 	if (!pdb_context) {
-		return False;
+		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_update_group_mapping_entry(pdb_context, map));
+	return pdb_context->pdb_update_group_mapping_entry(pdb_context, map);
 }
 
 BOOL pdb_delete_group_mapping_entry(DOM_SID sid)
@@ -1286,7 +1352,7 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
 						   pp_member_rids, p_num_members);
 }
 
-NTSTATUS pdb_enum_group_memberships(const char *username, gid_t primary_gid,
+NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *user,
 				    DOM_SID **pp_sids, gid_t **pp_gids,
 				    size_t *p_num_groups)
 {
@@ -1296,9 +1362,9 @@ NTSTATUS pdb_enum_group_memberships(const char *username, gid_t primary_gid,
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return pdb_context->pdb_enum_group_memberships(pdb_context, username,
-						       primary_gid, pp_sids, pp_gids,
-						       p_num_groups);
+	return pdb_context->pdb_enum_group_memberships(
+		pdb_context, mem_ctx, user,
+		pp_sids, pp_gids, p_num_groups);
 }
 
 BOOL pdb_find_alias(const char *name, DOM_SID *sid)
@@ -1361,60 +1427,58 @@ BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 							      info));
 }
 
-BOOL pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
+NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
 	if (!pdb_context) {
-		return False;
+		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_add_aliasmem(pdb_context, alias, member));
+	return pdb_context->pdb_add_aliasmem(pdb_context, alias, member);
 }
 
-BOOL pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
+NTSTATUS pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
 	if (!pdb_context) {
-		return False;
+		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_del_aliasmem(pdb_context, alias, member));
+	return pdb_context->pdb_del_aliasmem(pdb_context, alias, member);
 }
 
-BOOL pdb_enum_aliasmem(const DOM_SID *alias,
-		       DOM_SID **pp_members, size_t *p_num_members)
+NTSTATUS pdb_enum_aliasmem(const DOM_SID *alias,
+			   DOM_SID **pp_members, size_t *p_num_members)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
 	if (!pdb_context) {
-		return False;
+		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_enum_aliasmem(pdb_context, alias,
-						 pp_members, p_num_members));
+	return pdb_context->pdb_enum_aliasmem(pdb_context, alias,
+					      pp_members, p_num_members);
 }
 
-BOOL pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid,
-				const DOM_SID *members, size_t num_members,
-				uint32 **pp_alias_rids, size_t *p_num_alias_rids)
+NTSTATUS pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx,
+				    const DOM_SID *domain_sid,
+				    const DOM_SID *members, size_t num_members,
+				    uint32 **pp_alias_rids,
+				    size_t *p_num_alias_rids)
 {
 	struct pdb_context *pdb_context = pdb_get_static_context(False);
 
 	if (!pdb_context) {
-		return False;
+		return NT_STATUS_NOT_IMPLEMENTED;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_enum_alias_memberships(pdb_context, mem_ctx,
-							  domain_sid,
-							  members, num_members,
-							  pp_alias_rids,
-							  p_num_alias_rids));
+	return pdb_context->pdb_enum_alias_memberships(pdb_context, mem_ctx,
+						       domain_sid,
+						       members, num_members,
+						       pp_alias_rids,
+						       p_num_alias_rids);
 }
 
 NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid,
@@ -1484,6 +1548,78 @@ BOOL pdb_get_seq_num(time_t *seq_num)
 	return NT_STATUS_IS_OK(pdb_context->
 			       pdb_get_seq_num(pdb_context, seq_num));
 }
+
+BOOL pdb_uid_to_rid(uid_t uid, uint32 *rid)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return pdb_context->pdb_uid_to_rid(pdb_context, uid, rid);
+}
+
+BOOL pdb_gid_to_sid(gid_t gid, DOM_SID *sid)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return pdb_context->pdb_gid_to_sid(pdb_context, gid, sid);
+}
+
+BOOL pdb_sid_to_id(const DOM_SID *sid, union unid_t *id,
+		   enum SID_NAME_USE *type)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return pdb_context->pdb_sid_to_id(pdb_context, sid, id, type);
+}
+
+BOOL pdb_rid_algorithm(void)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	return pdb_context->pdb_rid_algorithm(pdb_context);
+}
+
+BOOL pdb_new_rid(uint32 *rid)
+{
+	struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+	if (!pdb_context) {
+		return False;
+	}
+
+	if (pdb_rid_algorithm()) {
+		DEBUG(0, ("Trying to allocate a RID when algorithmic RIDs "
+			  "are active\n"));
+		return False;
+	}
+
+	if (algorithmic_rid_base() != BASE_RID) {
+		DEBUG(0, ("'algorithmic rid base' is set but a passdb backend "
+			  "without algorithmic RIDs is chosen.\n"));
+		DEBUGADD(0, ("Please map all used groups using 'net groupmap "
+			     "add', set the maximum used RID using\n"));
+		DEBUGADD(0, ("'net setmaxrid' and remove the parameter\n"));
+		return False;
+	}
+
+	return pdb_context->pdb_new_rid(pdb_context, rid);
+}
+
 /***************************************************************
   Initialize the static context (at smbd startup etc). 
 
@@ -1567,6 +1703,117 @@ static NTSTATUS pdb_default_get_seq_num(struct pdb_methods *methods, time_t *seq
 	return NT_STATUS_OK;
 }
 
+static BOOL pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
+				   uint32 *rid)
+{
+	SAM_ACCOUNT *sampw = NULL;
+	struct passwd *unix_pw;
+	BOOL ret;
+	
+	unix_pw = sys_getpwuid( uid );
+
+	if ( !unix_pw ) {
+		DEBUG(4,("pdb_default_uid_to_rid: host has no idea of uid "
+			 "%lu\n", (unsigned long)uid));
+		return False;
+	}
+	
+	if ( !NT_STATUS_IS_OK(pdb_init_sam(&sampw)) ) {
+		DEBUG(0,("pdb_default_uid_to_rid: failed to allocate "
+			 "SAM_ACCOUNT object\n"));
+		return False;
+	}
+	
+	become_root();
+	ret = NT_STATUS_IS_OK(
+		methods->getsampwnam(methods, sampw, unix_pw->pw_name ));
+	unbecome_root();
+
+	if (!ret) {
+		DEBUG(5, ("pdb_default_uid_to_rid: Did not find user "
+			  "%s (%d)\n", unix_pw->pw_name, uid));
+		pdb_free_sam(&sampw);
+		return False;
+	}
+
+	ret = sid_peek_check_rid(get_global_sam_sid(),
+				 pdb_get_user_sid(sampw), rid);
+
+	if (!ret) {
+		DEBUG(1, ("Could not peek rid out of sid %s\n",
+			  sid_string_static(pdb_get_user_sid(sampw))));
+	}
+
+	pdb_free_sam(&sampw);
+	return ret;
+}
+
+static BOOL pdb_default_gid_to_sid(struct pdb_methods *methods, gid_t gid,
+				   DOM_SID *sid)
+{
+	GROUP_MAP map;
+
+	if (!NT_STATUS_IS_OK(methods->getgrgid(methods, &map, gid))) {
+		return False;
+	}
+
+	sid_copy(sid, &map.sid);
+	return True;
+}
+
+static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
+				  const DOM_SID *sid,
+				  union unid_t *id, enum SID_NAME_USE *type)
+{
+	TALLOC_CTX *mem_ctx;
+	BOOL ret = False;
+	const char *name;
+	uint32 rid;
+
+	mem_ctx = talloc_new(NULL);
+
+	if (mem_ctx == NULL) {
+		DEBUG(0, ("talloc_new failed\n"));
+		return False;
+	}
+
+	if (sid_peek_check_rid(get_global_sam_sid(), sid, &rid)) {
+		/* Here we might have users as well as groups and aliases */
+		ret = lookup_global_sam_rid(mem_ctx, rid, &name, type, id);
+		goto done;
+	}
+
+	if (sid_peek_check_rid(&global_sid_Builtin, sid, &rid)) {
+		/* Here we only have aliases */
+		GROUP_MAP map;
+		if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, *sid))) {
+			DEBUG(10, ("Could not find map for sid %s\n",
+				   sid_string_static(sid)));
+			goto done;
+		}
+		if ((map.sid_name_use != SID_NAME_ALIAS) &&
+		    (map.sid_name_use != SID_NAME_WKN_GRP)) {
+			DEBUG(10, ("Map for sid %s is a %s, expected an "
+				   "alias\n", sid_string_static(sid),
+				   sid_type_lookup(map.sid_name_use)));
+			goto done;
+		}
+
+		id->gid = map.gid;
+		*type = SID_NAME_ALIAS;
+		ret = True;
+		goto done;
+	}
+
+	DEBUG(5, ("Sid %s is neither ours nor builtin, don't know it\n",
+		  sid_string_static(sid)));
+
+ done:
+
+	talloc_free(mem_ctx);
+	return ret;
+}
+
 static void add_uid_to_array_unique(TALLOC_CTX *mem_ctx,
 				    uid_t uid, uid_t **pp_uids, size_t *p_num)
 {
@@ -1644,7 +1891,7 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 	*pp_member_rids = NULL;
 	*p_num_members = 0;
 
-	if (!NT_STATUS_IS_OK(sid_to_gid(group, &gid)))
+	if (!sid_to_gid(group, &gid))
 		return NT_STATUS_NO_SUCH_GROUP;
 
 	if(!get_memberuids(mem_ctx, gid, &uids, &num_uids))
@@ -1658,10 +1905,7 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 	for (i=0; i<num_uids; i++) {
 		DOM_SID sid;
 
-		if (!NT_STATUS_IS_OK(uid_to_sid(&sid, uids[i]))) {
-			DEBUG(1, ("Could not map member uid to SID\n"));
-			continue;
-		}
+		uid_to_sid(&sid, uids[i]);
 
 		if (!sid_check_is_in_our_domain(&sid)) {
 			DEBUG(1, ("Inconsistent SAM -- group member uid not "
@@ -1676,6 +1920,92 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 	return NT_STATUS_OK;
 }
 
+/*******************************************************************
+ Look up a rid in the SAM we're responsible for (i.e. passdb)
+ ********************************************************************/
+
+static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
+				  const char **name,
+				  enum SID_NAME_USE *psid_name_use,
+				  union unid_t *unix_id)
+{
+	SAM_ACCOUNT *sam_account = NULL;
+	GROUP_MAP map;
+	BOOL ret;
+	DOM_SID sid;
+
+	*psid_name_use = SID_NAME_UNKNOWN;
+	
+	DEBUG(5,("lookup_global_sam_rid: looking up RID %u.\n",
+		 (unsigned int)rid));
+
+	sid_copy(&sid, get_global_sam_sid());
+	sid_append_rid(&sid, rid);
+	
+	/* see if the passdb can help us with the name of the user */
+	if (!NT_STATUS_IS_OK(pdb_init_sam(&sam_account))) {
+		return False;
+	}
+
+	/* BEING ROOT BLLOCK */
+	become_root();
+	if (pdb_getsampwsid(sam_account, &sid)) {
+		struct passwd *pw;
+
+		unbecome_root();		/* -----> EXIT BECOME_ROOT() */
+		*name = talloc_strdup(mem_ctx, pdb_get_username(sam_account));
+		*psid_name_use = SID_NAME_USER;
+
+		pdb_free_sam(&sam_account);
+
+		if (unix_id == NULL) {
+			return True;
+		}
+
+		pw = Get_Pwnam(*name);
+		if (pw == NULL) {
+			return False;
+		}
+		unix_id->uid = pw->pw_uid;
+		return True;
+	}
+	pdb_free_sam(&sam_account);
+	
+	ret = pdb_getgrsid(&map, sid);
+	unbecome_root();
+	/* END BECOME_ROOT BLOCK */
+	
+	if ( ret ) {
+		if (map.gid!=(gid_t)-1) {
+			DEBUG(5,("lookup_global_sam_rid: mapped group %s to "
+				 "gid %u\n", map.nt_name,
+				 (unsigned int)map.gid));
+		} else {
+			DEBUG(5,("lookup_global_sam_rid: mapped group %s to "
+				 "no unix gid.  Returning name.\n",
+				 map.nt_name));
+		}
+
+		*name = talloc_strdup(mem_ctx, map.nt_name);
+		*psid_name_use = map.sid_name_use;
+
+		if (unix_id == NULL) {
+			return True;
+		}
+
+		if (map.gid == (gid_t)-1) {
+			DEBUG(5, ("Can't find a unix id for an unmapped "
+				  "group\n"));
+			return False;
+		}
+
+		unix_id->gid = map.gid;
+		return True;
+	}
+
+	return False;
+}
+
 NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 				 const DOM_SID *domain_sid,
 				 int num_rids,
@@ -1715,7 +2045,8 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 	for (i = 0; i < num_rids; i++) {
 		const char *name;
 
-		if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i])) {
+		if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i],
+					  NULL)) {
 			names[i] = name;
 			DEBUG(5,("lookup_rids: %s:%d\n", names[i], attrs[i]));
 			have_mapped = True;
@@ -1772,11 +2103,9 @@ NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
 	}
 
 	for (i = 0; i < num_names; i++) {
-		const char *name;
-
-		if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i])) {
-			names[i] = name;
-			DEBUG(5,("lookup_rids: %s:%d\n", names[i], attrs[i]));
+		if (lookup_global_sam_name(names[i], 0, &rids[i], &attrs[i])) {
+			DEBUG(5,("lookup_names: %s-> %d:%d\n", names[i],
+				 rids[i], attrs[i]));
 			have_mapped = True;
 		} else {
 			have_unmapped = True;
@@ -2157,6 +2486,9 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
 	(*methods)->get_account_policy = pdb_default_get_account_policy;
 	(*methods)->set_account_policy = pdb_default_set_account_policy;
 	(*methods)->get_seq_num = pdb_default_get_seq_num;
+	(*methods)->uid_to_rid = pdb_default_uid_to_rid;
+	(*methods)->gid_to_sid = pdb_default_gid_to_sid;
+	(*methods)->sid_to_id = pdb_default_sid_to_id;
 
 	(*methods)->search_users = pdb_default_search_users;
 	(*methods)->search_groups = pdb_default_search_groups;
-- 
cgit 


From 75ef18fa7510d894ccc4540d82616110c3166db3 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Sat, 11 Feb 2006 21:27:08 +0000
Subject: r13460: by popular demand....

* remove pdb_context data structure
* set default group for DOMAIN_RID_GUEST user as RID 513 (just
  like Windows)
* Allow RID 513 to resolve to always resolve to a name
* Remove auto mapping of guest account primary group given the
  previous 2 changes
(This used to be commit 7a2da5f0cc05c1920c664c9a690a23bdf854e285)
---
 source3/passdb/pdb_interface.c | 1293 +++++++---------------------------------
 1 file changed, 218 insertions(+), 1075 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index d8afff2111..04b2f4ca11 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -25,6 +25,10 @@
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
 
+/* Cache of latest SAM lookup query */
+
+static SAM_ACCOUNT *csamuser = NULL;
+
 static struct pdb_init_function_entry *backends = NULL;
 
 static void lazy_initialize_passdb(void)
@@ -123,763 +127,11 @@ static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
 	return NULL;
 }
 
-static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update, uint16 acb_mask)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if (!context) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	context->pwent_methods = context->pdb_methods;
-
-	if (!context->pwent_methods) {
-		/* No passdbs at all */
-		return ret;
-	}
-
-	while (NT_STATUS_IS_ERR(ret = context->pwent_methods->setsampwent(context->pwent_methods, update, acb_mask))) {
-		context->pwent_methods = context->pwent_methods->next;
-		if (context->pwent_methods == NULL) 
-			return NT_STATUS_UNSUCCESSFUL;
-	}
-	return ret;
-}
-
-static void context_endsampwent(struct pdb_context *context)
-{
-	if ((!context)){
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return;
-	}
-
-	if (context->pwent_methods && context->pwent_methods->endsampwent)
-		context->pwent_methods->endsampwent(context->pwent_methods);
-
-	/* So we won't get strange data when calling getsampwent now */
-	context->pwent_methods = NULL;
-}
-
-static NTSTATUS context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *user)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pwent_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-	/* Loop until we find something useful */
-	while (NT_STATUS_IS_ERR(ret = context->pwent_methods->getsampwent(context->pwent_methods, user))) {
-
-		context->pwent_methods->endsampwent(context->pwent_methods);
-
-		context->pwent_methods = context->pwent_methods->next;
-
-		/* All methods are checked now. There are no more entries */
-		if (context->pwent_methods == NULL)
-			return ret;
-	
-		context->pwent_methods->setsampwent(context->pwent_methods, False, 0);
-	}
-	user->methods = context->pwent_methods;
-	pdb_force_pw_initialization(user);
-	return ret;
-}
-
-static NTSTATUS context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const char *username)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	struct pdb_methods *curmethods;
-	if ((!context)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-	curmethods = context->pdb_methods;
-	while (curmethods){
-		if (NT_STATUS_IS_OK(ret = curmethods->getsampwnam(curmethods, sam_acct, username))) {
-			pdb_force_pw_initialization(sam_acct);
-			sam_acct->methods = curmethods;
-			return ret;
-		}
-		curmethods = curmethods->next;
-	}
-
-	return ret;
-}
-
-static NTSTATUS context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	struct pdb_methods *curmethods;
-	if ((!context)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-	
-	curmethods = context->pdb_methods;
-
-	while (curmethods){
-		if (NT_STATUS_IS_OK(ret = curmethods->getsampwsid(curmethods, sam_acct, sid))) {
-			pdb_force_pw_initialization(sam_acct);
-			sam_acct->methods = curmethods;
-			return ret;
-		}
-		curmethods = curmethods->next;
-	}
-
-	return ret;
-}
-
-static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-	const uint8 *lm_pw, *nt_pw;
-	uint16 acb_flags;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	/* disable acccounts with no passwords (that has not 
-	   been allowed by the  ACB_PWNOTREQ bit */
-	
-	lm_pw = pdb_get_lanman_passwd( sam_acct );
-	nt_pw = pdb_get_nt_passwd( sam_acct );
-	acb_flags = pdb_get_acct_ctrl( sam_acct );
-	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
-		acb_flags |= ACB_DISABLED;
-		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_CHANGED );
-	}
-	
-	/** @todo  This is where a 're-read on add' should be done */
-	/* We now add a new account to the first database listed. 
-	 * Should we? */
-
-	return context->pdb_methods->add_sam_account(context->pdb_methods, sam_acct);
-}
-
-static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-	const uint8 *lm_pw, *nt_pw;
-	uint16 acb_flags;
-
-	if (!context) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	if (!sam_acct || !sam_acct->methods){
-		DEBUG(0, ("invalid sam_acct specified\n"));
-		return ret;
-	}
-
-	/* disable acccounts with no passwords (that has not 
-	   been allowed by the  ACB_PWNOTREQ bit */
-	
-	lm_pw = pdb_get_lanman_passwd( sam_acct );
-	nt_pw = pdb_get_nt_passwd( sam_acct );
-	acb_flags = pdb_get_acct_ctrl( sam_acct );
-	if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
-		acb_flags |= ACB_DISABLED;
-		pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_CHANGED );
-	}
-	
-	/** @todo  This is where a 're-read on update' should be done */
-
-	return sam_acct->methods->update_sam_account(sam_acct->methods, sam_acct);
-}
-
-static NTSTATUS context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	struct pdb_methods *pdb_selected;
-	if (!context) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	if (!sam_acct->methods){
-		pdb_selected = context->pdb_methods;
-		/* There's no passdb backend specified for this account.
-		 * Try to delete it in every passdb available 
-		 * Needed to delete accounts in smbpasswd that are not
-		 * in /etc/passwd.
-		 */
-		while (pdb_selected){
-			if (NT_STATUS_IS_OK(ret = pdb_selected->delete_sam_account(pdb_selected, sam_acct))) {
-				return ret;
-			}
-			pdb_selected = pdb_selected->next;
-		}
-		return ret;
-	}
-
-	if (!sam_acct->methods->delete_sam_account){
-		DEBUG(0,("invalid sam_acct->methods->delete_sam_account\n"));
-		return ret;
-	}
-	
-	return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
-}
-
-static NTSTATUS context_rename_sam_account(struct pdb_context *context, SAM_ACCOUNT *oldname, const char *newname)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	struct pdb_methods *pdb_selected;
-	if (!context) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	if (!oldname->methods){
-		pdb_selected = context->pdb_methods;
-		/* There's no passdb backend specified for this account.
-		 * Try to delete it in every passdb available 
-		 * Needed to delete accounts in smbpasswd that are not
-		 * in /etc/passwd.
-		 */
-		while (pdb_selected){
-			if (NT_STATUS_IS_OK(ret = pdb_selected->rename_sam_account(pdb_selected, oldname, newname))) {
-				return ret;
-			}
-			pdb_selected = pdb_selected->next;
-		}
-		return ret;
-	}
-
-	if (!oldname->methods->rename_sam_account){
-		DEBUG(0,("invalid oldname->methods->rename_sam_account\n"));
-		return ret;
-	}
-	
-	return oldname->methods->rename_sam_account(oldname->methods, oldname, newname);
-}
-
-
-static NTSTATUS context_update_login_attempts(struct pdb_context *context,
-						SAM_ACCOUNT *sam_acct, BOOL success)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if (!context) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	if (!sam_acct || !sam_acct->methods){
-		DEBUG(0, ("invalid sam_acct specified\n"));
-		return ret;
-	}
-
-	return sam_acct->methods->update_login_attempts(sam_acct->methods, sam_acct, success);
-}
-
-static NTSTATUS context_getgrsid(struct pdb_context *context,
-				 GROUP_MAP *map, DOM_SID sid)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	struct pdb_methods *curmethods;
-	if ((!context)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-	curmethods = context->pdb_methods;
-	while (curmethods){
-		ret = curmethods->getgrsid(curmethods, map, sid);
-		if (NT_STATUS_IS_OK(ret)) {
-			map->methods = curmethods;
-			return ret;
-		}
-		curmethods = curmethods->next;
-	}
-
-	return ret;
-}
-
-static NTSTATUS context_getgrgid(struct pdb_context *context,
-				 GROUP_MAP *map, gid_t gid)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	struct pdb_methods *curmethods;
-	if ((!context)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-	curmethods = context->pdb_methods;
-	while (curmethods){
-		ret = curmethods->getgrgid(curmethods, map, gid);
-		if (NT_STATUS_IS_OK(ret)) {
-			map->methods = curmethods;
-			return ret;
-		}
-		curmethods = curmethods->next;
-	}
-
-	return ret;
-}
-
-static NTSTATUS context_getgrnam(struct pdb_context *context,
-				 GROUP_MAP *map, const char *name)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	struct pdb_methods *curmethods;
-	if ((!context)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-	curmethods = context->pdb_methods;
-	while (curmethods){
-		ret = curmethods->getgrnam(curmethods, map, name);
-		if (NT_STATUS_IS_OK(ret)) {
-			map->methods = curmethods;
-			return ret;
-		}
-		curmethods = curmethods->next;
-	}
-
-	return ret;
-}
-
-static NTSTATUS context_add_group_mapping_entry(struct pdb_context *context,
-						GROUP_MAP *map)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->add_group_mapping_entry(context->pdb_methods,
-							     map);
-}
-
-static NTSTATUS context_update_group_mapping_entry(struct pdb_context *context,
-						   GROUP_MAP *map)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->
-		pdb_methods->update_group_mapping_entry(context->pdb_methods, map);
-}
-
-static NTSTATUS context_delete_group_mapping_entry(struct pdb_context *context,
-						   DOM_SID sid)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->
-		pdb_methods->delete_group_mapping_entry(context->pdb_methods, sid);
-}
-
-static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
-					   enum SID_NAME_USE sid_name_use,
-					   GROUP_MAP **pp_rmap, size_t *p_num_entries,
-					   BOOL unix_only)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->enum_group_mapping(context->pdb_methods,
-							sid_name_use, pp_rmap,
-							p_num_entries, unix_only);
-}
-
-static NTSTATUS context_enum_group_members(struct pdb_context *context,
-					   TALLOC_CTX *mem_ctx,
-					   const DOM_SID *group,
-					   uint32 **pp_member_rids,
-					   size_t *p_num_members)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->enum_group_members(context->pdb_methods,
-							mem_ctx, group,
-							pp_member_rids,
-							p_num_members);
-}
-
-static NTSTATUS context_enum_group_memberships(struct pdb_context *context,
-					       TALLOC_CTX *mem_ctx,
-					       SAM_ACCOUNT *user,
-					       DOM_SID **pp_sids,
-					       gid_t **pp_gids,
-					       size_t *p_num_groups)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->
-		enum_group_memberships(context->pdb_methods, mem_ctx, user,
-				       pp_sids, pp_gids, p_num_groups);
-}
-
-static NTSTATUS context_find_alias(struct pdb_context *context,
-				   const char *name, DOM_SID *sid)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->find_alias(context->pdb_methods,
-						name, sid);
-}
-
-static NTSTATUS context_create_alias(struct pdb_context *context,
-				     const char *name, uint32 *rid)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->create_alias(context->pdb_methods,
-						  name, rid);
-}
-
-static NTSTATUS context_delete_alias(struct pdb_context *context,
-				     const DOM_SID *sid)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->delete_alias(context->pdb_methods, sid);
-}
-
-static NTSTATUS context_get_aliasinfo(struct pdb_context *context,
-				      const DOM_SID *sid,
-				      struct acct_info *info)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->get_aliasinfo(context->pdb_methods,
-						   sid, info);
-}
-
-static NTSTATUS context_set_aliasinfo(struct pdb_context *context,
-				      const DOM_SID *sid,
-				      struct acct_info *info)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->set_aliasinfo(context->pdb_methods,
-						   sid, info);
-}
-
-static NTSTATUS context_add_aliasmem(struct pdb_context *context,
-				     const DOM_SID *alias,
-				     const DOM_SID *member)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->add_aliasmem(context->pdb_methods,
-						  alias, member);
-}
-	
-static NTSTATUS context_del_aliasmem(struct pdb_context *context,
-				     const DOM_SID *alias,
-				     const DOM_SID *member)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->del_aliasmem(context->pdb_methods,
-						  alias, member);
-}
-	
-static NTSTATUS context_enum_aliasmem(struct pdb_context *context,
-				      const DOM_SID *alias, DOM_SID **pp_members,
-				      size_t *p_num)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->enum_aliasmem(context->pdb_methods,
-						   alias, pp_members, p_num);
-}
-	
-static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
-					       TALLOC_CTX *mem_ctx,
-					       const DOM_SID *domain_sid,
-					       const DOM_SID *members,
-					       size_t num_members,
-					       uint32 **pp_alias_rids,
-					       size_t *p_num_alias_rids)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->
-		enum_alias_memberships(context->pdb_methods, mem_ctx,
-				       domain_sid, members, num_members,
-				       pp_alias_rids, p_num_alias_rids);
-}
-
-static NTSTATUS context_lookup_rids(struct pdb_context *context,
-				    const DOM_SID *domain_sid,
-				    size_t num_rids,
-				    uint32 *rids,
-				    const char **pp_names,
-				    uint32 *pp_attrs)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->lookup_rids(context->pdb_methods,
-						 domain_sid, num_rids,
-						 rids, pp_names, pp_attrs);
-}
-
-static NTSTATUS context_lookup_names(struct pdb_context *context,
-				     const DOM_SID *domain_sid,
-				     size_t num_names,
-				     const char **pp_names,
-				     uint32 *rids,
-				     uint32 *pp_attrs)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->lookup_names(context->pdb_methods,
-						  domain_sid, num_names,
-						  pp_names, rids, pp_attrs);
-}
-
-static NTSTATUS context_get_account_policy(struct pdb_context *context,
-					   int policy_index, uint32 *value)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->get_account_policy(context->pdb_methods,
-							policy_index, value);
-}
-
-static NTSTATUS context_set_account_policy(struct pdb_context *context,
-					   int policy_index, uint32 value)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->set_account_policy(context->pdb_methods,
-							policy_index, value);
-}
-
-static NTSTATUS context_get_seq_num(struct pdb_context *context, time_t *seq_num)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return ret;
-	}
-
-	return context->pdb_methods->get_seq_num(context->pdb_methods, seq_num);
-}
-
-static BOOL context_uid_to_rid(struct pdb_context *context, uid_t uid,
-			       uint32 *rid)
-{
-	if ((context == NULL) || (context->pdb_methods == NULL)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
-	}
-
-	return context->pdb_methods->uid_to_rid(context->pdb_methods, uid,
-						rid);
-}
-	
-static BOOL context_gid_to_sid(struct pdb_context *context, gid_t gid,
-			       DOM_SID *sid)
-{
-	if ((context == NULL) || (context->pdb_methods == NULL)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
-	}
-
-	return context->pdb_methods->gid_to_sid(context->pdb_methods, gid,
-						sid);
-}
-
-static BOOL context_sid_to_id(struct pdb_context *context,
-			      const DOM_SID *sid,
-			      union unid_t *id, enum SID_NAME_USE *type)
-{
-	if ((context == NULL) || (context->pdb_methods == NULL)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
-	}
-
-	return context->pdb_methods->sid_to_id(context->pdb_methods, sid,
-					       id, type);
-}
-	
-static BOOL context_rid_algorithm(struct pdb_context *context)
-{
-	if ((context == NULL) || (context->pdb_methods == NULL)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
-	}
-
-	return context->pdb_methods->rid_algorithm(context->pdb_methods);
-}
-	
-static BOOL context_new_rid(struct pdb_context *context, uint32 *rid)
-{
-	if ((context == NULL) || (context->pdb_methods == NULL)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
-	}
-
-	return context->pdb_methods->new_rid(context->pdb_methods, rid);
-}
-	
-/******************************************************************
-  Free and cleanup a pdb context, any associated data and anything
-  that the attached modules might have associated.
- *******************************************************************/
-
-static void free_pdb_context(struct pdb_context **context)
-{
-	struct pdb_methods *pdb_selected = (*context)->pdb_methods;
-
-	while (pdb_selected){
-		if(pdb_selected->free_private_data)
-			pdb_selected->free_private_data(&(pdb_selected->private_data));
-		pdb_selected = pdb_selected->next;
-	}
-
-	talloc_destroy((*context)->mem_ctx);
-	*context = NULL;
-}
-
-static BOOL context_search_users(struct pdb_context *context,
-				 struct pdb_search *search, uint16 acct_flags)
-{
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
-	}
-
-	return context->pdb_methods->search_users(context->pdb_methods,
-						  search, acct_flags);
-}
-
-static BOOL context_search_groups(struct pdb_context *context,
-				  struct pdb_search *search)
-{
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
-	}
-
-	return context->pdb_methods->search_groups(context->pdb_methods,
-						   search);
-}
-
-static BOOL context_search_aliases(struct pdb_context *context,
-				   struct pdb_search *search,
-				   const DOM_SID *sid)
-{
-	if ((!context) || (!context->pdb_methods)) {
-		DEBUG(0, ("invalid pdb_context specified!\n"));
-		return False;
-	}
-
-	return context->pdb_methods->search_aliases(context->pdb_methods,
-						    search, sid);
-}
-
 /******************************************************************
   Make a pdb_methods from scratch
  *******************************************************************/
 
-static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_context *context, const char *selected)
+NTSTATUS make_pdb_method_name(struct pdb_methods **methods, const char *selected)
 {
 	char *module_name = smb_xstrdup(selected);
 	char *module_location = NULL, *p;
@@ -921,191 +173,41 @@ static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_c
 	}
 
 	DEBUG(5,("Found pdb backend %s\n", module_name));
-	nt_status = entry->init(context, methods, module_location);
-	if (NT_STATUS_IS_OK(nt_status)) {
-		DEBUG(5,("pdb backend %s has a valid init\n", selected));
-	} else {
-		DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
-	}
 	SAFE_FREE(module_name);
-	return nt_status;
-}
-
-/******************************************************************
-  Make a pdb_context from scratch.
- *******************************************************************/
-
-static NTSTATUS make_pdb_context(struct pdb_context **context) 
-{
-	TALLOC_CTX *mem_ctx;
-
-	mem_ctx = talloc_init("pdb_context internal allocation context");
-
-	if (!mem_ctx) {
-		DEBUG(0, ("make_pdb_context: talloc init failed!\n"));
-		return NT_STATUS_NO_MEMORY;
-	}		
-
-	*context = TALLOC_P(mem_ctx, struct pdb_context);
-	if (!*context) {
-		DEBUG(0, ("make_pdb_context: talloc failed!\n"));
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	ZERO_STRUCTP(*context);
-
-	(*context)->mem_ctx = mem_ctx;
-
-	(*context)->pdb_setsampwent = context_setsampwent;
-	(*context)->pdb_endsampwent = context_endsampwent;
-	(*context)->pdb_getsampwent = context_getsampwent;
-	(*context)->pdb_getsampwnam = context_getsampwnam;
-	(*context)->pdb_getsampwsid = context_getsampwsid;
-	(*context)->pdb_add_sam_account = context_add_sam_account;
-	(*context)->pdb_update_sam_account = context_update_sam_account;
-	(*context)->pdb_delete_sam_account = context_delete_sam_account;
-	(*context)->pdb_rename_sam_account = context_rename_sam_account;
-	(*context)->pdb_update_login_attempts = context_update_login_attempts;
-	(*context)->pdb_getgrsid = context_getgrsid;
-	(*context)->pdb_getgrgid = context_getgrgid;
-	(*context)->pdb_getgrnam = context_getgrnam;
-	(*context)->pdb_add_group_mapping_entry = context_add_group_mapping_entry;
-	(*context)->pdb_update_group_mapping_entry = context_update_group_mapping_entry;
-	(*context)->pdb_delete_group_mapping_entry = context_delete_group_mapping_entry;
-	(*context)->pdb_enum_group_mapping = context_enum_group_mapping;
-	(*context)->pdb_enum_group_members = context_enum_group_members;
-	(*context)->pdb_enum_group_memberships = context_enum_group_memberships;
-
-	(*context)->pdb_find_alias = context_find_alias;
-	(*context)->pdb_create_alias = context_create_alias;
-	(*context)->pdb_delete_alias = context_delete_alias;
-	(*context)->pdb_get_aliasinfo = context_get_aliasinfo;
-	(*context)->pdb_set_aliasinfo = context_set_aliasinfo;
-	(*context)->pdb_add_aliasmem = context_add_aliasmem;
-	(*context)->pdb_del_aliasmem = context_del_aliasmem;
-	(*context)->pdb_enum_aliasmem = context_enum_aliasmem;
-	(*context)->pdb_enum_alias_memberships = context_enum_alias_memberships;
-	(*context)->pdb_lookup_rids = context_lookup_rids;
-	(*context)->pdb_lookup_names = context_lookup_names;
-
-	(*context)->pdb_get_account_policy = context_get_account_policy;
-	(*context)->pdb_set_account_policy = context_set_account_policy;
-
-	(*context)->pdb_get_seq_num = context_get_seq_num;
-
-	(*context)->pdb_search_users = context_search_users;
-	(*context)->pdb_search_groups = context_search_groups;
-	(*context)->pdb_search_aliases = context_search_aliases;
-
-	(*context)->pdb_uid_to_rid = context_uid_to_rid;
-	(*context)->pdb_gid_to_sid = context_gid_to_sid;
-	(*context)->pdb_sid_to_id = context_sid_to_id;
-
-	(*context)->pdb_rid_algorithm = context_rid_algorithm;
-	(*context)->pdb_new_rid = context_new_rid;
-
-	(*context)->free_fn = free_pdb_context;
-
-	return NT_STATUS_OK;
-}
-
-
-/******************************************************************
-  Make a pdb_context, given an array of strings
- *******************************************************************/
-
-NTSTATUS make_pdb_context_list(struct pdb_context **context, const char **selected) 
-{
-	int i = 0;
-	struct pdb_methods *curmethods, *tmpmethods;
-	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
-	BOOL have_guest = False;
-
-	if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context))) {
-		return nt_status;
-	}
-
-	if (!selected) {
-		DEBUG(0, ("ERROR: empty passdb backend list!\n"));
-		return nt_status;
-	}
 
-	while (selected[i]){
-		if (strcmp(selected[i], "guest") == 0) {
-			have_guest = True;
-		}
-		/* Try to initialise pdb */
-		DEBUG(5,("Trying to load: %s\n", selected[i]));
-		if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods_name(&curmethods, *context, selected[i]))) {
-			DEBUG(1, ("Loading %s failed!\n", selected[i]));
-			free_pdb_context(context);
-			return nt_status;
-		}
-		curmethods->parent = *context;
-		DLIST_ADD_END((*context)->pdb_methods, curmethods, tmpmethods);
-		i++;
-	}
-
-	if (have_guest)
-		return NT_STATUS_OK;
-
-	if ( (lp_guestaccount() == NULL) ||
-	     (*lp_guestaccount() == '\0') ) {
-		/* We explicitly don't want guest access. No idea what
-		   else that breaks, but be it that way. */
-		return NT_STATUS_OK;
-	}
-
-	if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods_name(&curmethods,
-							       *context,
-							       "guest"))) {
-		DEBUG(1, ("Loading guest module failed!\n"));
-		free_pdb_context(context);
+	if ( !NT_STATUS_IS_OK( nt_status = entry->init(methods, module_location) ) ) {
+		DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", 
+			selected, nt_errstr(nt_status)));
 		return nt_status;
 	}
 
-	curmethods->parent = *context;
-	DLIST_ADD_END((*context)->pdb_methods, curmethods, tmpmethods);
-	
-	return NT_STATUS_OK;
-}
+	DEBUG(5,("pdb backend %s has a valid init\n", selected));
 
-/******************************************************************
-  Make a pdb_context, given a text string.
- *******************************************************************/
-
-NTSTATUS make_pdb_context_string(struct pdb_context **context, const char *selected) 
-{
-	NTSTATUS ret;
-	char **newsel = str_list_make(selected, NULL);
-	ret = make_pdb_context_list(context, (const char **)newsel);
-	str_list_free(&newsel);
-	return ret;
+	return nt_status;
 }
 
 /******************************************************************
- Return an already initialised pdb_context, to facilitate backward 
- compatibility (see functions below).
+ Return an already initialised pdn_methods structure
 *******************************************************************/
 
-static struct pdb_context *pdb_get_static_context(BOOL reload) 
+static struct pdb_methods *pdb_get_methods( BOOL reload ) 
 {
-	static struct pdb_context *pdb_context = NULL;
+	static struct pdb_methods *pdb = NULL;
 
-	if ((pdb_context) && (reload)) {
-		pdb_context->free_fn(&pdb_context);
-		if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
+	if ( pdb && reload ) {
+		pdb->free_private_data( &(pdb->private_data) );
+		if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
 			return NULL;
 		}
 	}
 
-	if (!pdb_context) {
-		if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
+	if ( !pdb ) {
+		if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
 			return NULL;
 		}
 	}
 
-	return pdb_context;
+	return pdb;
 }
 
 /******************************************************************
@@ -1114,227 +216,266 @@ static struct pdb_context *pdb_get_static_context(BOOL reload)
 
 BOOL pdb_setsampwent(BOOL update, uint16 acb_mask) 
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_setsampwent(pdb_context, update, acb_mask));
+	return NT_STATUS_IS_OK(pdb->setsampwent(pdb, update, acb_mask));
 }
 
 void pdb_endsampwent(void) 
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return;
 	}
 
-	pdb_context->pdb_endsampwent(pdb_context);
+	pdb->endsampwent(pdb);
 }
 
 BOOL pdb_getsampwent(SAM_ACCOUNT *user) 
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_getsampwent(pdb_context, user));
-}
+	if ( !NT_STATUS_IS_OK(pdb->getsampwent(pdb, user) ) ) {
+		return False;
+	}
+
+	pdb_force_pw_initialization( user );
 
-static SAM_ACCOUNT *sam_account_cache = NULL;
+	return True;
+}
 
 BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username) 
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	if (!NT_STATUS_IS_OK(pdb_context->pdb_getsampwnam(pdb_context,
-							  sam_acct, username)))
+	if (!NT_STATUS_IS_OK(pdb->getsampwnam(pdb, sam_acct, username))) {
 		return False;
+	}
 
-	if (sam_account_cache != NULL) {
-		pdb_free_sam(&sam_account_cache);
-		sam_account_cache = NULL;
+	if (csamuser != NULL) {
+		pdb_free_sam(&csamuser);
+		csamuser = NULL;
 	}
 
-	pdb_copy_sam_account(sam_acct, &sam_account_cache);
+	pdb_force_pw_initialization( sam_acct );
+	pdb_copy_sam_account(sam_acct, &csamuser);
+
 	return True;
 }
 
+/**********************************************************************
+**********************************************************************/
+
+BOOL guest_user_info( SAM_ACCOUNT *user )
+{
+	struct passwd *pwd;
+	NTSTATUS ntstatus;
+	const char *guestname = lp_guestaccount();
+	
+	if ( !(pwd = getpwnam_alloc( NULL, guestname ) ) ) {
+		DEBUG(0,("guest_user_info: Unable to locate guest account [%s]!\n", 
+			guestname));
+		return False;
+	}
+	
+	/* fill in from the users information */
+	
+	ntstatus = pdb_fill_sam_pw( user, pwd );
+	
+	return NT_STATUS_IS_OK(ntstatus);
+
+}
+
+/**********************************************************************
+**********************************************************************/
+
 BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid) 
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb;
+	uint32 rid;
 
-	if (!pdb_context) {
+	if ( !(pdb = pdb_get_methods(False)) ) {
 		return False;
 	}
 
-	if ((sam_account_cache != NULL) &&
-	    (sid_equal(sid, pdb_get_user_sid(sam_account_cache))))
-		return pdb_copy_sam_account(sam_account_cache, &sam_acct);
+	/* hard code the Guest RID of 501 */
+
+	if ( !sid_peek_check_rid( get_global_sam_sid(), sid, &rid ) )
+		return False;
+
+	if ( rid == DOMAIN_USER_RID_GUEST ) {
+		DEBUG(6,("pdb_getsampwsid: Building guest account\n"));
+		return guest_user_info( sam_acct );
+	}
+	
+	/* check the cache first */
+	
+	if ( csamuser && sid_equal(sid, pdb_get_user_sid(csamuser) ) )
+		return pdb_copy_sam_account(csamuser, &sam_acct);
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_getsampwsid(pdb_context, sam_acct, sid));
+	return NT_STATUS_IS_OK(pdb->getsampwsid(pdb, sam_acct, sid));
 }
 
 BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct) 
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 	
-	return NT_STATUS_IS_OK(pdb_context->pdb_add_sam_account(pdb_context, sam_acct));
+	return NT_STATUS_IS_OK(pdb->add_sam_account(pdb, sam_acct));
 }
 
 NTSTATUS pdb_update_sam_account(SAM_ACCOUNT *sam_acct) 
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	if (sam_account_cache != NULL) {
-		pdb_free_sam(&sam_account_cache);
-		sam_account_cache = NULL;
+	if (csamuser != NULL) {
+		pdb_free_sam(&csamuser);
+		csamuser = NULL;
 	}
 
-	return pdb_context->pdb_update_sam_account(pdb_context, sam_acct);
+	return pdb->update_sam_account(pdb, sam_acct);
 }
 
 BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct) 
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	if (sam_account_cache != NULL) {
-		pdb_free_sam(&sam_account_cache);
-		sam_account_cache = NULL;
+	if (csamuser != NULL) {
+		pdb_free_sam(&csamuser);
+		csamuser = NULL;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
+	return NT_STATUS_IS_OK(pdb->delete_sam_account(pdb, sam_acct));
 }
 
 NTSTATUS pdb_rename_sam_account(SAM_ACCOUNT *oldname, const char *newname)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
 	}
 
-	if (sam_account_cache != NULL) {
-		pdb_free_sam(&sam_account_cache);
-		sam_account_cache = NULL;
+	if (csamuser != NULL) {
+		pdb_free_sam(&csamuser);
+		csamuser = NULL;
 	}
 
-	return pdb_context->pdb_rename_sam_account(pdb_context, oldname, newname);
+	return pdb->rename_sam_account(pdb, oldname, newname);
 }
 
 NTSTATUS pdb_update_login_attempts(SAM_ACCOUNT *sam_acct, BOOL success)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
 	}
 
-	return pdb_context->pdb_update_login_attempts(pdb_context, sam_acct, success);
+	return pdb->update_login_attempts(pdb, sam_acct, success);
 }
 
 BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_getgrsid(pdb_context, map, sid));
+	return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
 }
 
 BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_getgrgid(pdb_context, map, gid));
+	return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid));
 }
 
 BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_getgrnam(pdb_context, map, name));
+	return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name));
 }
 
 NTSTATUS pdb_add_group_mapping_entry(GROUP_MAP *map)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return pdb_context->pdb_add_group_mapping_entry(pdb_context, map);
+	return pdb->add_group_mapping_entry(pdb, map);
 }
 
 NTSTATUS pdb_update_group_mapping_entry(GROUP_MAP *map)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return pdb_context->pdb_update_group_mapping_entry(pdb_context, map);
+	return pdb->update_group_mapping_entry(pdb, map);
 }
 
 BOOL pdb_delete_group_mapping_entry(DOM_SID sid)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_delete_group_mapping_entry(pdb_context, sid));
+	return NT_STATUS_IS_OK(pdb->delete_group_mapping_entry(pdb, sid));
 }
 
 BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
 			    size_t *p_num_entries, BOOL unix_only)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_enum_group_mapping(pdb_context, sid_name_use,
-						      pp_rmap, p_num_entries, unix_only));
+	return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid_name_use,
+		pp_rmap, p_num_entries, unix_only));
 }
 
 NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
@@ -1342,13 +483,13 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
 				uint32 **pp_member_rids,
 				size_t *p_num_members)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return pdb_context->pdb_enum_group_members(pdb_context, mem_ctx, sid, 
+	return pdb->enum_group_members(pdb, mem_ctx, sid, 
 						   pp_member_rids, p_num_members);
 }
 
@@ -1356,109 +497,109 @@ NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *user,
 				    DOM_SID **pp_sids, gid_t **pp_gids,
 				    size_t *p_num_groups)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return pdb_context->pdb_enum_group_memberships(
-		pdb_context, mem_ctx, user,
+	return pdb->enum_group_memberships(
+		pdb, mem_ctx, user,
 		pp_sids, pp_gids, p_num_groups);
 }
 
 BOOL pdb_find_alias(const char *name, DOM_SID *sid)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_find_alias(pdb_context,
+	return NT_STATUS_IS_OK(pdb->find_alias(pdb,
 							     name, sid));
 }
 
 NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
 	}
 
-	return pdb_context->pdb_create_alias(pdb_context, name, rid);
+	return pdb->create_alias(pdb, name, rid);
 }
 
 BOOL pdb_delete_alias(const DOM_SID *sid)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_delete_alias(pdb_context,
+	return NT_STATUS_IS_OK(pdb->delete_alias(pdb,
 							     sid));
 							    
 }
 
 BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_get_aliasinfo(pdb_context, sid,
+	return NT_STATUS_IS_OK(pdb->get_aliasinfo(pdb, sid,
 							      info));
 }
 
 BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->pdb_set_aliasinfo(pdb_context, sid,
+	return NT_STATUS_IS_OK(pdb->set_aliasinfo(pdb, sid,
 							      info));
 }
 
 NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return pdb_context->pdb_add_aliasmem(pdb_context, alias, member);
+	return pdb->add_aliasmem(pdb, alias, member);
 }
 
 NTSTATUS pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return pdb_context->pdb_del_aliasmem(pdb_context, alias, member);
+	return pdb->del_aliasmem(pdb, alias, member);
 }
 
 NTSTATUS pdb_enum_aliasmem(const DOM_SID *alias,
 			   DOM_SID **pp_members, size_t *p_num_members)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return pdb_context->pdb_enum_aliasmem(pdb_context, alias,
+	return pdb->enum_aliasmem(pdb, alias,
 					      pp_members, p_num_members);
 }
 
@@ -1468,13 +609,13 @@ NTSTATUS pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx,
 				    uint32 **pp_alias_rids,
 				    size_t *p_num_alias_rids)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
 	}
 
-	return pdb_context->pdb_enum_alias_memberships(pdb_context, mem_ctx,
+	return pdb->enum_alias_memberships(pdb, mem_ctx,
 						       domain_sid,
 						       members, num_members,
 						       pp_alias_rids,
@@ -1487,13 +628,13 @@ NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid,
 			 const char **names,
 			 uint32 *attrs)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
 	}
 
-	return pdb_context->pdb_lookup_rids(pdb_context, domain_sid,
+	return pdb->lookup_rids(pdb, domain_sid,
 					    num_rids, rids, names, attrs);
 }
 
@@ -1503,102 +644,99 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 			  uint32 *rids,
 			  uint32 *attrs)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
 	}
 
-	return pdb_context->pdb_lookup_names(pdb_context, domain_sid,
+	return pdb->lookup_names(pdb, domain_sid,
 					     num_names, names, rids, attrs);
 }
 
 BOOL pdb_get_account_policy(int policy_index, uint32 *value)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_get_account_policy(pdb_context, policy_index, value));
+	return NT_STATUS_IS_OK(pdb->get_account_policy(pdb, policy_index, value));
 }
 
 BOOL pdb_set_account_policy(int policy_index, uint32 value)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_set_account_policy(pdb_context, policy_index, value));
+	return NT_STATUS_IS_OK(pdb->set_account_policy(pdb, policy_index, value));
 }
 
 BOOL pdb_get_seq_num(time_t *seq_num)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb_context->
-			       pdb_get_seq_num(pdb_context, seq_num));
+	return NT_STATUS_IS_OK(pdb->get_seq_num(pdb, seq_num));
 }
 
 BOOL pdb_uid_to_rid(uid_t uid, uint32 *rid)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return pdb_context->pdb_uid_to_rid(pdb_context, uid, rid);
+	return pdb->uid_to_rid(pdb, uid, rid);
 }
 
 BOOL pdb_gid_to_sid(gid_t gid, DOM_SID *sid)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return pdb_context->pdb_gid_to_sid(pdb_context, gid, sid);
+	return pdb->gid_to_sid(pdb, gid, sid);
 }
 
 BOOL pdb_sid_to_id(const DOM_SID *sid, union unid_t *id,
 		   enum SID_NAME_USE *type)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return pdb_context->pdb_sid_to_id(pdb_context, sid, id, type);
+	return pdb->sid_to_id(pdb, sid, id, type);
 }
 
 BOOL pdb_rid_algorithm(void)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
-	return pdb_context->pdb_rid_algorithm(pdb_context);
+	return pdb->rid_algorithm(pdb);
 }
 
 BOOL pdb_new_rid(uint32 *rid)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 
-	if (!pdb_context) {
+	if ( !pdb ) {
 		return False;
 	}
 
@@ -1617,7 +755,7 @@ BOOL pdb_new_rid(uint32 *rid)
 		return False;
 	}
 
-	return pdb_context->pdb_new_rid(pdb_context, rid);
+	return pdb->new_rid(pdb, rid);
 }
 
 /***************************************************************
@@ -1628,7 +766,7 @@ BOOL pdb_new_rid(uint32 *rid)
 
 BOOL initialize_password_db(BOOL reload)
 {	
-	return (pdb_get_static_context(reload) != NULL);
+	return (pdb_get_methods(reload) != NULL);
 }
 
 
@@ -2360,15 +1498,15 @@ static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
 
 struct pdb_search *pdb_search_users(uint16 acct_flags)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 	struct pdb_search *result;
 
-	if (pdb_context == NULL) return NULL;
+	if (pdb == NULL) return NULL;
 
 	result = pdb_search_init(PDB_USER_SEARCH);
 	if (result == NULL) return NULL;
 
-	if (!pdb_context->pdb_search_users(pdb_context, result, acct_flags)) {
+	if (!pdb->search_users(pdb, result, acct_flags)) {
 		talloc_destroy(result->mem_ctx);
 		return NULL;
 	}
@@ -2377,15 +1515,15 @@ struct pdb_search *pdb_search_users(uint16 acct_flags)
 
 struct pdb_search *pdb_search_groups(void)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 	struct pdb_search *result;
 
-	if (pdb_context == NULL) return NULL;
+	if (pdb == NULL) return NULL;
 
 	result = pdb_search_init(PDB_GROUP_SEARCH);
 	if (result == NULL) return NULL;
 
-	if (!pdb_context->pdb_search_groups(pdb_context, result)) {
+	if (!pdb->search_groups(pdb, result)) {
 		talloc_destroy(result->mem_ctx);
 		return NULL;
 	}
@@ -2394,15 +1532,15 @@ struct pdb_search *pdb_search_groups(void)
 
 struct pdb_search *pdb_search_aliases(const DOM_SID *sid)
 {
-	struct pdb_context *pdb_context = pdb_get_static_context(False);
+	struct pdb_methods *pdb = pdb_get_methods(False);
 	struct pdb_search *result;
 
-	if (pdb_context == NULL) return NULL;
+	if (pdb == NULL) return NULL;
 
 	result = pdb_search_init(PDB_ALIAS_SEARCH);
 	if (result == NULL) return NULL;
 
-	if (!pdb_context->pdb_search_aliases(pdb_context, result, sid)) {
+	if (!pdb->search_aliases(pdb, result, sid)) {
 		talloc_destroy(result->mem_ctx);
 		return NULL;
 	}
@@ -2443,16 +1581,21 @@ void pdb_search_destroy(struct pdb_search *search)
 	talloc_destroy(search->mem_ctx);
 }
 
-NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) 
+/*******************************************************************
+ Create a pdb_methods structure and initialize it with the default
+ operations.  In this way a passdb module can simply implement
+ the functionality it cares about.  However, normally this is done 
+ in groups of related functions.
+*******************************************************************/
+
+NTSTATUS make_pdb_method( struct pdb_methods **methods ) 
 {
-	*methods = TALLOC_P(mem_ctx, struct pdb_methods);
+	/* allocate memory for the structure as its own talloc CTX */
 
-	if (!*methods) {
+	if ( !(*methods = TALLOC_ZERO_P(NULL, struct pdb_methods) ) ) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	ZERO_STRUCTP(*methods);
-
 	(*methods)->setsampwent = pdb_default_setsampwent;
 	(*methods)->endsampwent = pdb_default_endsampwent;
 	(*methods)->getsampwent = pdb_default_getsampwent;
-- 
cgit 


From 3b67210eec560d0c79b625ac11acb940e29fe8e0 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Mon, 13 Feb 2006 16:48:24 +0000
Subject: r13493: module_name and module_location are the same string. Fix a
 valgrind error.

Volker
(This used to be commit 5a92df31d69ff7b0f2de6564d644949c2906c8f1)
---
 source3/passdb/pdb_interface.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 04b2f4ca11..479ce18c05 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -173,14 +173,16 @@ NTSTATUS make_pdb_method_name(struct pdb_methods **methods, const char *selected
 	}
 
 	DEBUG(5,("Found pdb backend %s\n", module_name));
-	SAFE_FREE(module_name);
 
 	if ( !NT_STATUS_IS_OK( nt_status = entry->init(methods, module_location) ) ) {
 		DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", 
 			selected, nt_errstr(nt_status)));
+		SAFE_FREE(module_name);
 		return nt_status;
 	}
 
+	SAFE_FREE(module_name);
+
 	DEBUG(5,("pdb backend %s has a valid init\n", selected));
 
 	return nt_status;
-- 
cgit 


From 301d51e13a1aa4e633e2da161b0dd260a8a499cd Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Mon, 13 Feb 2006 17:08:25 +0000
Subject: r13494: Merge the stuff I've done in head the last days.

Volker
(This used to be commit bb40e544de68f01a6e774753f508e69373b39899)
---
 source3/passdb/pdb_interface.c | 512 +++++++++++++++++++++++++++++++++++++++--
 1 file changed, 493 insertions(+), 19 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 479ce18c05..c8917b9356 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -4,6 +4,7 @@
    Copyright (C) Andrew Bartlett			2002
    Copyright (C) Jelmer Vernooij			2002
    Copyright (C) Simo Sorce				2003
+   Copyright (C) Volker Lendecke			2006
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -331,15 +332,141 @@ BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
 	return NT_STATUS_IS_OK(pdb->getsampwsid(pdb, sam_acct, sid));
 }
 
-BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct) 
+static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
+					TALLOC_CTX *tmp_ctx, const char *name,
+					uint32 acb_info, uint32 *rid)
+{
+	SAM_ACCOUNT *sam_pass = NULL;
+	NTSTATUS status;
+
+	if (Get_Pwnam_alloc(tmp_ctx, name) == NULL) {
+		pstring add_script;
+		int add_ret;
+
+		if ((acb_info & ACB_NORMAL) && name[strlen(name)-1] != '$') {
+			pstrcpy(add_script, lp_adduser_script());
+		} else {
+			pstrcpy(add_script, lp_addmachine_script());
+		}
+
+		if (add_script[0] == '\0') {
+			DEBUG(3, ("Could not find user %s and no add script "
+				  "defined\n", name));
+			return NT_STATUS_NO_SUCH_USER;
+		}
+
+		all_string_sub(add_script, "%u", name, sizeof(add_script));
+		add_ret = smbrun(add_script,NULL);
+		DEBUG(add_ret ? 0 : 3, ("_samr_create_user: Running the "
+					"command `%s' gave %d\n",
+					add_script, add_ret));
+	}
+
+	/* implicit call to getpwnam() next.  we have a valid SID coming out
+	 * of this call */
+
+	flush_pwnam_cache();
+	status = pdb_init_sam_new(&sam_pass, name);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(3, ("pdb_init_sam_new failed: %s\n", nt_errstr(status)));
+		return status;
+	}
+
+	if (!sid_peek_check_rid(get_global_sam_sid(),
+				pdb_get_user_sid(sam_pass), rid)) {
+		DEBUG(0, ("Could not get RID of fresh user\n"));
+		return NT_STATUS_INTERNAL_ERROR;
+	}
+
+	/* Disable the account on creation, it does not have a reasonable
+	 * password yet. */
+
+	acb_info |= ACB_DISABLED;
+
+	pdb_set_acct_ctrl(sam_pass, acb_info, PDB_CHANGED);
+
+	status = pdb_add_sam_account(sam_pass);
+
+	pdb_free_sam(&sam_pass);
+
+	return status;
+}
+
+NTSTATUS pdb_create_user(TALLOC_CTX *mem_ctx, const char *name, uint32 flags,
+			 uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
 	if ( !pdb ) {
-		return False;
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	return pdb->create_user(pdb, mem_ctx, name, flags, rid);
+}
+
+/****************************************************************************
+ Delete a UNIX user on demand.
+****************************************************************************/
+
+static int smb_delete_user(const char *unix_user)
+{
+	pstring del_script;
+	int ret;
+
+	pstrcpy(del_script, lp_deluser_script());
+	if (! *del_script)
+		return -1;
+	all_string_sub(del_script, "%u", unix_user, sizeof(del_script));
+	ret = smbrun(del_script,NULL);
+	flush_pwnam_cache();
+	DEBUG(ret ? 0 : 3,("smb_delete_user: Running the command `%s' gave %d\n",del_script,ret));
+
+	return ret;
+}
+
+static NTSTATUS pdb_default_delete_user(struct pdb_methods *methods,
+					TALLOC_CTX *mem_ctx,
+					SAM_ACCOUNT *sam_acct)
+{
+	NTSTATUS status;
+
+	status = pdb_delete_sam_account(sam_acct);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
+	}
+
+	/*
+	 * Now delete the unix side ....
+	 * note: we don't check if the delete really happened as the script is
+	 * not necessary present and maybe the sysadmin doesn't want to delete
+	 * the unix side
+	 */
+	smb_delete_user( pdb_get_username(sam_acct) );
+	
+	return status;
+}
+
+NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *sam_acct)
+{
+	struct pdb_methods *pdb = pdb_get_methods(False);
+
+	if ( !pdb ) {
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	return pdb->delete_user(pdb, mem_ctx, sam_acct);
+}
+
+NTSTATUS pdb_add_sam_account(SAM_ACCOUNT *sam_acct) 
+{
+	struct pdb_methods *pdb = pdb_get_methods(False);
+
+	if ( !pdb ) {
+		return NT_STATUS_UNSUCCESSFUL;
 	}
 	
-	return NT_STATUS_IS_OK(pdb->add_sam_account(pdb, sam_acct));
+	return pdb->add_sam_account(pdb, sam_acct);
 }
 
 NTSTATUS pdb_update_sam_account(SAM_ACCOUNT *sam_acct) 
@@ -358,12 +485,12 @@ NTSTATUS pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
 	return pdb->update_sam_account(pdb, sam_acct);
 }
 
-BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct) 
+NTSTATUS pdb_delete_sam_account(SAM_ACCOUNT *sam_acct) 
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
 	if ( !pdb ) {
-		return False;
+		return NT_STATUS_UNSUCCESSFUL;
 	}
 
 	if (csamuser != NULL) {
@@ -371,7 +498,7 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
 		csamuser = NULL;
 	}
 
-	return NT_STATUS_IS_OK(pdb->delete_sam_account(pdb, sam_acct));
+	return pdb->delete_sam_account(pdb, sam_acct);
 }
 
 NTSTATUS pdb_rename_sam_account(SAM_ACCOUNT *oldname, const char *newname)
@@ -434,6 +561,115 @@ BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
 	return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name));
 }
 
+static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
+					     TALLOC_CTX *mem_ctx,
+					     const char *name,
+					     uint32 *rid)
+{
+	DOM_SID group_sid;
+	struct group *grp;
+
+	grp = getgrnam(name);
+
+	if (grp == NULL) {
+		gid_t gid;
+
+		if (smb_create_group(name, &gid) != 0) {
+			return NT_STATUS_ACCESS_DENIED;
+		}
+
+		grp = getgrgid(gid);
+	}
+
+	if (grp == NULL) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	if (pdb_rid_algorithm()) {
+		*rid = pdb_gid_to_group_rid( grp->gr_gid );
+	} else {
+		if (!pdb_new_rid(rid)) {
+			return NT_STATUS_ACCESS_DENIED;
+		}
+	}
+
+	sid_compose(&group_sid, get_global_sam_sid(), *rid);
+		
+	return add_initial_entry(grp->gr_gid, sid_string_static(&group_sid),
+				 SID_NAME_DOM_GRP, name, NULL);
+}
+
+NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name,
+			      uint32 *rid)
+{
+	struct pdb_methods *pdb = pdb_get_methods(False);
+
+	if ( !pdb ) {
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	return pdb->create_dom_group(pdb, mem_ctx, name, rid);
+}
+
+static NTSTATUS pdb_default_delete_dom_group(struct pdb_methods *methods,
+					     TALLOC_CTX *mem_ctx,
+					     uint32 rid)
+{
+	DOM_SID group_sid;
+	GROUP_MAP map;
+	NTSTATUS status;
+	struct group *grp;
+	const char *grp_name;
+
+	sid_compose(&group_sid, get_global_sam_sid(), rid);
+
+	if (!get_domain_group_from_sid(group_sid, &map)) {
+		DEBUG(10, ("Could not find group for rid %d\n", rid));
+		return NT_STATUS_NO_SUCH_GROUP;
+	}
+
+	/* We need the group name for the smb_delete_group later on */
+
+	if (map.gid == (gid_t)-1) {
+		return NT_STATUS_NO_SUCH_GROUP;
+	}
+
+	grp = getgrgid(map.gid);
+	if (grp == NULL) {
+		return NT_STATUS_NO_SUCH_GROUP;
+	}
+
+	/* Copy the name, no idea what pdb_delete_group_mapping_entry does.. */
+
+	grp_name = talloc_strdup(mem_ctx, grp->gr_name);
+	if (grp_name == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	status = pdb_delete_group_mapping_entry(group_sid);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
+	}
+
+	/* Don't check the result of smb_delete_group */
+	
+	smb_delete_group(grp_name);
+
+	return NT_STATUS_OK;
+}
+
+NTSTATUS pdb_delete_dom_group(TALLOC_CTX *mem_ctx, uint32 rid)
+{
+	struct pdb_methods *pdb = pdb_get_methods(False);
+
+	if ( !pdb ) {
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	return pdb->delete_dom_group(pdb, mem_ctx, rid);
+}
+
 NTSTATUS pdb_add_group_mapping_entry(GROUP_MAP *map)
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
@@ -456,15 +692,15 @@ NTSTATUS pdb_update_group_mapping_entry(GROUP_MAP *map)
 	return pdb->update_group_mapping_entry(pdb, map);
 }
 
-BOOL pdb_delete_group_mapping_entry(DOM_SID sid)
+NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
 	if ( !pdb ) {
-		return False;
+		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return NT_STATUS_IS_OK(pdb->delete_group_mapping_entry(pdb, sid));
+	return pdb->delete_group_mapping_entry(pdb, sid);
 }
 
 BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
@@ -510,6 +746,200 @@ NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *user,
 		pp_sids, pp_gids, p_num_groups);
 }
 
+static NTSTATUS pdb_default_set_unix_primary_group(struct pdb_methods *methods,
+						   TALLOC_CTX *mem_ctx,
+						   SAM_ACCOUNT *sampass)
+{
+	struct group *grp;
+	gid_t gid;
+
+	if (!sid_to_gid(pdb_get_group_sid(sampass), &gid) ||
+	    (grp = getgrgid(gid)) == NULL) {
+		return NT_STATUS_INVALID_PRIMARY_GROUP;
+	}
+
+	if (smb_set_primary_group(grp->gr_name,
+				  pdb_get_username(sampass)) != 0) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	return NT_STATUS_OK;
+}
+
+NTSTATUS pdb_set_unix_primary_group(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *user)
+{
+	struct pdb_methods *pdb = pdb_get_methods(False);
+
+	if ( !pdb ) {
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	return pdb->set_unix_primary_group(pdb, mem_ctx, user);
+}
+
+/*
+ * Helper function to see whether a user is in a group. We can't use
+ * user_in_group_sid here because this creates dependencies only smbd can
+ * fulfil.
+ */
+
+static BOOL pdb_user_in_group(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *account,
+			      const DOM_SID *group_sid)
+{
+	DOM_SID *sids;
+	gid_t *gids;
+	size_t i, num_groups;
+
+	if (!NT_STATUS_IS_OK(pdb_enum_group_memberships(mem_ctx, account,
+							&sids, &gids,
+							&num_groups))) {
+		return False;
+	}
+
+	for (i=0; i<num_groups; i++) {
+		if (sid_equal(group_sid, &sids[i])) {
+			return True;
+		}
+	}
+	return False;
+}
+
+static NTSTATUS pdb_default_add_groupmem(struct pdb_methods *methods,
+					 TALLOC_CTX *mem_ctx,
+					 uint32 group_rid,
+					 uint32 member_rid)
+{
+	DOM_SID group_sid, member_sid;
+	SAM_ACCOUNT *account = NULL;
+	GROUP_MAP map;
+	struct group *grp;
+	struct passwd *pwd;
+	const char *group_name;
+	uid_t uid;
+	NTSTATUS status;
+
+	sid_compose(&group_sid, get_global_sam_sid(), group_rid);
+	sid_compose(&member_sid, get_global_sam_sid(), member_rid);
+
+	if (!get_domain_group_from_sid(group_sid, &map) ||
+	    (map.gid == (gid_t)-1) ||
+	    ((grp = getgrgid(map.gid)) == NULL)) {
+		return NT_STATUS_NO_SUCH_GROUP;
+	}
+
+	group_name = talloc_strdup(mem_ctx, grp->gr_name);
+	if (group_name == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	if (!NT_STATUS_IS_OK(status = pdb_init_sam(&account))) {
+		return status;
+	}
+
+	if (!pdb_getsampwsid(account, &member_sid) ||
+	    !sid_to_uid(&member_sid, &uid) ||
+	    ((pwd = getpwuid_alloc(mem_ctx, uid)) == NULL)) {
+		return NT_STATUS_NO_SUCH_USER;
+	}
+
+	if (pdb_user_in_group(mem_ctx, account, &group_sid)) {
+		return NT_STATUS_MEMBER_IN_GROUP;
+	}
+
+	/* 
+	 * ok, the group exist, the user exist, the user is not in the group,
+	 * we can (finally) add it to the group !
+	 */
+
+	smb_add_user_group(group_name, pwd->pw_name);
+
+	if (!pdb_user_in_group(mem_ctx, account, &group_sid)) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	return NT_STATUS_OK;
+}
+
+NTSTATUS pdb_add_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
+			  uint32 member_rid)
+{
+	struct pdb_methods *pdb = pdb_get_methods(False);
+
+	if ( !pdb ) {
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	return pdb->add_groupmem(pdb, mem_ctx, group_rid, member_rid);
+}
+
+static NTSTATUS pdb_default_del_groupmem(struct pdb_methods *methods,
+					 TALLOC_CTX *mem_ctx,
+					 uint32 group_rid,
+					 uint32 member_rid)
+{
+	DOM_SID group_sid, member_sid;
+	SAM_ACCOUNT *account = NULL;
+	GROUP_MAP map;
+	struct group *grp;
+	struct passwd *pwd;
+	const char *group_name;
+	uid_t uid;
+	NTSTATUS status;
+
+	sid_compose(&group_sid, get_global_sam_sid(), group_rid);
+	sid_compose(&member_sid, get_global_sam_sid(), member_rid);
+
+	if (!get_domain_group_from_sid(group_sid, &map) ||
+	    (map.gid == (gid_t)-1) ||
+	    ((grp = getgrgid(map.gid)) == NULL)) {
+		return NT_STATUS_NO_SUCH_GROUP;
+	}
+
+	group_name = talloc_strdup(mem_ctx, grp->gr_name);
+	if (group_name == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	if (!NT_STATUS_IS_OK(status = pdb_init_sam(&account))) {
+		return status;
+	}
+
+	if (!pdb_getsampwsid(account, &member_sid) ||
+	    !sid_to_uid(&member_sid, &uid) ||
+	    ((pwd = getpwuid_alloc(mem_ctx, uid)) == NULL)) {
+		return NT_STATUS_NO_SUCH_USER;
+	}
+
+	if (!pdb_user_in_group(mem_ctx, account, &group_sid)) {
+		return NT_STATUS_MEMBER_NOT_IN_GROUP;
+	}
+
+	/* 
+	 * ok, the group exist, the user exist, the user is in the group,
+	 * we can (finally) delete it from the group!
+	 */
+
+	smb_delete_user_group(group_name, pwd->pw_name);
+
+	if (pdb_user_in_group(mem_ctx, account, &group_sid)) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	return NT_STATUS_OK;
+}
+
+NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
+			  uint32 member_rid)
+{
+	struct pdb_methods *pdb = pdb_get_methods(False);
+
+	if ( !pdb ) {
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
+}
+
 BOOL pdb_find_alias(const char *name, DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
@@ -977,7 +1407,7 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 {
 	struct group *grp;
 	char **gr;
-	struct sys_pwent *userlist, *user;
+	struct passwd *pwd;
  
 	*pp_uids = NULL;
 	*p_num = 0;
@@ -993,15 +1423,14 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 
 	/* Primary group members */
 
-	userlist = getpwent_list();
-
-	for (user = userlist; user != NULL; user = user->next) {
-		if (user->pw_gid != gid)
-			continue;
-		add_uid_to_array_unique(mem_ctx, user->pw_uid, pp_uids, p_num);
+	setpwent();
+	while ((pwd = getpwent()) != NULL) {
+		if (pwd->pw_gid == gid) {
+			add_uid_to_array_unique(mem_ctx, pwd->pw_uid,
+						pp_uids, p_num);
+		}
 	}
-
-	pwent_free(userlist);
+	endpwent();
 
 	/* Secondary group members */
 
@@ -1048,7 +1477,7 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 		uid_to_sid(&sid, uids[i]);
 
 		if (!sid_check_is_in_our_domain(&sid)) {
-			DEBUG(1, ("Inconsistent SAM -- group member uid not "
+			DEBUG(5, ("Inconsistent SAM -- group member uid not "
 				  "in our domain\n"));
 			continue;
 		}
@@ -1060,6 +1489,44 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 	return NT_STATUS_OK;
 }
 
+NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
+					    TALLOC_CTX *mem_ctx,
+					    SAM_ACCOUNT *user,
+					    DOM_SID **pp_sids,
+					    gid_t **pp_gids,
+					    size_t *p_num_groups)
+{
+	size_t i;
+	gid_t gid;
+
+	if (!sid_to_gid(pdb_get_group_sid(user), &gid)) {
+		DEBUG(10, ("sid_to_gid failed\n"));
+		return NT_STATUS_NO_SUCH_USER;
+	}
+
+	if (!getgroups_unix_user(mem_ctx, pdb_get_username(user), gid,
+				 pp_gids, p_num_groups)) {
+		return NT_STATUS_NO_SUCH_USER;
+	}
+
+	if (*p_num_groups == 0) {
+		smb_panic("primary group missing");
+	}
+
+	*pp_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, *p_num_groups);
+
+	if (*pp_sids == NULL) {
+		talloc_free(*pp_gids);
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	for (i=0; i<*p_num_groups; i++) {
+		gid_to_sid(&(*pp_sids)[i], (*pp_gids)[i]);
+	}
+
+	return NT_STATUS_OK;
+}
+
 /*******************************************************************
  Look up a rid in the SAM we're responsible for (i.e. passdb)
  ********************************************************************/
@@ -1603,6 +2070,8 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
 	(*methods)->getsampwent = pdb_default_getsampwent;
 	(*methods)->getsampwnam = pdb_default_getsampwnam;
 	(*methods)->getsampwsid = pdb_default_getsampwsid;
+	(*methods)->create_user = pdb_default_create_user;
+	(*methods)->delete_user = pdb_default_delete_user;
 	(*methods)->add_sam_account = pdb_default_add_sam_account;
 	(*methods)->update_sam_account = pdb_default_update_sam_account;
 	(*methods)->delete_sam_account = pdb_default_delete_sam_account;
@@ -1612,12 +2081,17 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
 	(*methods)->getgrsid = pdb_default_getgrsid;
 	(*methods)->getgrgid = pdb_default_getgrgid;
 	(*methods)->getgrnam = pdb_default_getgrnam;
+	(*methods)->create_dom_group = pdb_default_create_dom_group;
+	(*methods)->delete_dom_group = pdb_default_delete_dom_group;
 	(*methods)->add_group_mapping_entry = pdb_default_add_group_mapping_entry;
 	(*methods)->update_group_mapping_entry = pdb_default_update_group_mapping_entry;
 	(*methods)->delete_group_mapping_entry = pdb_default_delete_group_mapping_entry;
 	(*methods)->enum_group_mapping = pdb_default_enum_group_mapping;
 	(*methods)->enum_group_members = pdb_default_enum_group_members;
 	(*methods)->enum_group_memberships = pdb_default_enum_group_memberships;
+	(*methods)->set_unix_primary_group = pdb_default_set_unix_primary_group;
+	(*methods)->add_groupmem = pdb_default_add_groupmem;
+	(*methods)->del_groupmem = pdb_default_del_groupmem;
 	(*methods)->find_alias = pdb_default_find_alias;
 	(*methods)->create_alias = pdb_default_create_alias;
 	(*methods)->delete_alias = pdb_default_delete_alias;
-- 
cgit 


From 671c0098f683510194ae672973b167c0532eeba8 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Fri, 17 Feb 2006 19:07:58 +0000
Subject: r13545: A patch which I think it's time has come.  VOlker, we can
 talk about this more but it gets around the primary group issue.

* don't map a SID to a name from the group mapping code if
  the map doesn't have a valid gid.  This is only an issue
  in a tdb setup
* Always allow S-1-$DOMAIN-513 to resolve (just like Windows)
* if we cannot resolve a users primary GID to a SID, then set
  it to S-1-$DOMAIN-513
* Ignore the primary group SID inside pdb_enum_group_memberships().
  Only look at the Unix group membersip.

Jeremy, this fixes a fresh install startup for smbd as far as my tests
are concerned.
(This used to be commit f79f4dc4c58a6172bf69d37469fdd8de05a812df)
---
 source3/passdb/pdb_interface.c | 60 ++++++++++++++++++++++++++----------------
 1 file changed, 38 insertions(+), 22 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index c8917b9356..f42ff3a725 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1498,14 +1498,29 @@ NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
 {
 	size_t i;
 	gid_t gid;
+	struct passwd *pw;
+	const char *username = pdb_get_username(user);
+	
 
+#if 0
+	/* Ignore the primary group SID.  Honor the real Unix primary group.
+	   The primary group SID is only of real use to Windows clients */
+	   
 	if (!sid_to_gid(pdb_get_group_sid(user), &gid)) {
 		DEBUG(10, ("sid_to_gid failed\n"));
 		return NT_STATUS_NO_SUCH_USER;
 	}
+#else
+	if ( !(pw = getpwnam_alloc(mem_ctx, username)) ) {
+		return NT_STATUS_NO_SUCH_USER;
+	}
+	
+	gid = pw->pw_gid;
+	
+	TALLOC_FREE( pw );
+#endif
 
-	if (!getgroups_unix_user(mem_ctx, pdb_get_username(user), gid,
-				 pp_gids, p_num_groups)) {
+	if (!getgroups_unix_user(mem_ctx, username, gid, pp_gids, p_num_groups)) {
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
@@ -1581,32 +1596,33 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 	ret = pdb_getgrsid(&map, sid);
 	unbecome_root();
 	/* END BECOME_ROOT BLOCK */
-	
-	if ( ret ) {
-		if (map.gid!=(gid_t)-1) {
-			DEBUG(5,("lookup_global_sam_rid: mapped group %s to "
-				 "gid %u\n", map.nt_name,
-				 (unsigned int)map.gid));
-		} else {
-			DEBUG(5,("lookup_global_sam_rid: mapped group %s to "
-				 "no unix gid.  Returning name.\n",
-				 map.nt_name));
-		}
-
+  
+	/* do not resolve SIDs to a name unless there is a valid 
+	   gid associated with it */
+		   
+	if ( ret && (map.gid != (gid_t)-1) ) {
 		*name = talloc_strdup(mem_ctx, map.nt_name);
 		*psid_name_use = map.sid_name_use;
 
-		if (unix_id == NULL) {
-			return True;
+		if ( unix_id ) {
+			unix_id->gid = map.gid;
 		}
 
-		if (map.gid == (gid_t)-1) {
-			DEBUG(5, ("Can't find a unix id for an unmapped "
-				  "group\n"));
-			return False;
-		}
+		return True;
+	}
+	
+	/* Windows will always map RID 513 to something.  On a non-domain 
+	   controller, this gets mapped to SERVER\None. */
 
-		unix_id->gid = map.gid;
+	if ( unix_id ) {
+		DEBUG(5, ("Can't find a unix id for an unmapped group\n"));
+		return False;
+	}
+	
+	if ( rid == DOMAIN_GROUP_RID_USERS ) {
+		*name = talloc_strdup(mem_ctx, "None" );
+		*psid_name_use = IS_DC ? SID_NAME_DOM_GRP : SID_NAME_ALIAS;
+		
 		return True;
 	}
 
-- 
cgit 


From fb5362c069b5b6548478b2217a0519c56d856705 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Mon, 20 Feb 2006 17:59:58 +0000
Subject: r13571: Replace all calls to talloc_free() with thye TALLOC_FREE()
 macro which sets the freed pointer to NULL. (This used to be commit
 b65be8874a2efe5a4b167448960a4fcf6bd995e2)

---
 source3/passdb/pdb_interface.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index f42ff3a725..e2035296cc 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1380,7 +1380,7 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
 
  done:
 
-	talloc_free(mem_ctx);
+	TALLOC_FREE(mem_ctx);
 	return ret;
 }
 
@@ -1531,7 +1531,7 @@ NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
 	*pp_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, *p_num_groups);
 
 	if (*pp_sids == NULL) {
-		talloc_free(*pp_gids);
+		TALLOC_FREE(*pp_gids);
 		return NT_STATUS_NO_MEMORY;
 	}
 
-- 
cgit 


From 2203bed32c84c63737f402accf73452efb76b483 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Mon, 20 Feb 2006 20:09:36 +0000
Subject: r13576: This is the beginnings of moving the SAM_ACCOUNT data
 structure to make full use of the new talloc() interface.  Discussed with
 Volker and Jeremy.

* remove the internal mem_ctx and simply use the talloc()
  structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
  upcoming changes.  Groups will most likely be replaced with a
  'struct samg' in the future.

Note that there are now passbd API changes.  And for the most
part, the wrapper functions remain the same.

While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs.  The code also needs more testing under valgrind to
ensure it's not leaking memory.

But it's a start......
(This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
---
 source3/passdb/pdb_interface.c | 90 +++++++++++++++++++++---------------------
 1 file changed, 45 insertions(+), 45 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index e2035296cc..7f85c4d7c4 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -28,7 +28,7 @@
 
 /* Cache of latest SAM lookup query */
 
-static SAM_ACCOUNT *csamuser = NULL;
+static struct samu *csamuser = NULL;
 
 static struct pdb_init_function_entry *backends = NULL;
 
@@ -54,7 +54,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
  time, such LDAP with a missing attribute would produce.
 ********************************************************************/
 
-static void pdb_force_pw_initialization(SAM_ACCOUNT *pass) 
+static void pdb_force_pw_initialization(struct samu *pass) 
 {
 	const uint8 *lm_pwd, *nt_pwd;
 	
@@ -239,7 +239,7 @@ void pdb_endsampwent(void)
 	pdb->endsampwent(pdb);
 }
 
-BOOL pdb_getsampwent(SAM_ACCOUNT *user) 
+BOOL pdb_getsampwent(struct samu *user) 
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
@@ -256,7 +256,7 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
 	return True;
 }
 
-BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username) 
+BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username) 
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
@@ -269,7 +269,7 @@ BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username)
 	}
 
 	if (csamuser != NULL) {
-		pdb_free_sam(&csamuser);
+		TALLOC_FREE(csamuser);
 		csamuser = NULL;
 	}
 
@@ -282,7 +282,7 @@ BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username)
 /**********************************************************************
 **********************************************************************/
 
-BOOL guest_user_info( SAM_ACCOUNT *user )
+BOOL guest_user_info( struct samu *user )
 {
 	struct passwd *pwd;
 	NTSTATUS ntstatus;
@@ -305,7 +305,7 @@ BOOL guest_user_info( SAM_ACCOUNT *user )
 /**********************************************************************
 **********************************************************************/
 
-BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid) 
+BOOL pdb_getsampwsid(struct samu *sam_acct, const DOM_SID *sid) 
 {
 	struct pdb_methods *pdb;
 	uint32 rid;
@@ -336,7 +336,7 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 					TALLOC_CTX *tmp_ctx, const char *name,
 					uint32 acb_info, uint32 *rid)
 {
-	SAM_ACCOUNT *sam_pass = NULL;
+	struct samu *sam_pass = NULL;
 	NTSTATUS status;
 
 	if (Get_Pwnam_alloc(tmp_ctx, name) == NULL) {
@@ -388,7 +388,7 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 
 	status = pdb_add_sam_account(sam_pass);
 
-	pdb_free_sam(&sam_pass);
+	TALLOC_FREE(sam_pass);
 
 	return status;
 }
@@ -427,7 +427,7 @@ static int smb_delete_user(const char *unix_user)
 
 static NTSTATUS pdb_default_delete_user(struct pdb_methods *methods,
 					TALLOC_CTX *mem_ctx,
-					SAM_ACCOUNT *sam_acct)
+					struct samu *sam_acct)
 {
 	NTSTATUS status;
 
@@ -447,7 +447,7 @@ static NTSTATUS pdb_default_delete_user(struct pdb_methods *methods,
 	return status;
 }
 
-NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *sam_acct)
+NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
@@ -458,7 +458,7 @@ NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *sam_acct)
 	return pdb->delete_user(pdb, mem_ctx, sam_acct);
 }
 
-NTSTATUS pdb_add_sam_account(SAM_ACCOUNT *sam_acct) 
+NTSTATUS pdb_add_sam_account(struct samu *sam_acct) 
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
@@ -469,7 +469,7 @@ NTSTATUS pdb_add_sam_account(SAM_ACCOUNT *sam_acct)
 	return pdb->add_sam_account(pdb, sam_acct);
 }
 
-NTSTATUS pdb_update_sam_account(SAM_ACCOUNT *sam_acct) 
+NTSTATUS pdb_update_sam_account(struct samu *sam_acct) 
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
@@ -478,14 +478,14 @@ NTSTATUS pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
 	}
 
 	if (csamuser != NULL) {
-		pdb_free_sam(&csamuser);
+		TALLOC_FREE(csamuser);
 		csamuser = NULL;
 	}
 
 	return pdb->update_sam_account(pdb, sam_acct);
 }
 
-NTSTATUS pdb_delete_sam_account(SAM_ACCOUNT *sam_acct) 
+NTSTATUS pdb_delete_sam_account(struct samu *sam_acct) 
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
@@ -494,14 +494,14 @@ NTSTATUS pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
 	}
 
 	if (csamuser != NULL) {
-		pdb_free_sam(&csamuser);
+		TALLOC_FREE(csamuser);
 		csamuser = NULL;
 	}
 
 	return pdb->delete_sam_account(pdb, sam_acct);
 }
 
-NTSTATUS pdb_rename_sam_account(SAM_ACCOUNT *oldname, const char *newname)
+NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
@@ -510,14 +510,14 @@ NTSTATUS pdb_rename_sam_account(SAM_ACCOUNT *oldname, const char *newname)
 	}
 
 	if (csamuser != NULL) {
-		pdb_free_sam(&csamuser);
+		TALLOC_FREE(csamuser);
 		csamuser = NULL;
 	}
 
 	return pdb->rename_sam_account(pdb, oldname, newname);
 }
 
-NTSTATUS pdb_update_login_attempts(SAM_ACCOUNT *sam_acct, BOOL success)
+NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
@@ -731,7 +731,7 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
 						   pp_member_rids, p_num_members);
 }
 
-NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *user,
+NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, struct samu *user,
 				    DOM_SID **pp_sids, gid_t **pp_gids,
 				    size_t *p_num_groups)
 {
@@ -748,7 +748,7 @@ NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *user,
 
 static NTSTATUS pdb_default_set_unix_primary_group(struct pdb_methods *methods,
 						   TALLOC_CTX *mem_ctx,
-						   SAM_ACCOUNT *sampass)
+						   struct samu *sampass)
 {
 	struct group *grp;
 	gid_t gid;
@@ -766,7 +766,7 @@ static NTSTATUS pdb_default_set_unix_primary_group(struct pdb_methods *methods,
 	return NT_STATUS_OK;
 }
 
-NTSTATUS pdb_set_unix_primary_group(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *user)
+NTSTATUS pdb_set_unix_primary_group(TALLOC_CTX *mem_ctx, struct samu *user)
 {
 	struct pdb_methods *pdb = pdb_get_methods(False);
 
@@ -783,7 +783,7 @@ NTSTATUS pdb_set_unix_primary_group(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *user)
  * fulfil.
  */
 
-static BOOL pdb_user_in_group(TALLOC_CTX *mem_ctx, SAM_ACCOUNT *account,
+static BOOL pdb_user_in_group(TALLOC_CTX *mem_ctx, struct samu *account,
 			      const DOM_SID *group_sid)
 {
 	DOM_SID *sids;
@@ -810,7 +810,7 @@ static NTSTATUS pdb_default_add_groupmem(struct pdb_methods *methods,
 					 uint32 member_rid)
 {
 	DOM_SID group_sid, member_sid;
-	SAM_ACCOUNT *account = NULL;
+	struct samu *account = NULL;
 	GROUP_MAP map;
 	struct group *grp;
 	struct passwd *pwd;
@@ -878,7 +878,7 @@ static NTSTATUS pdb_default_del_groupmem(struct pdb_methods *methods,
 					 uint32 member_rid)
 {
 	DOM_SID group_sid, member_sid;
-	SAM_ACCOUNT *account = NULL;
+	struct samu *account = NULL;
 	GROUP_MAP map;
 	struct group *grp;
 	struct passwd *pwd;
@@ -1206,38 +1206,38 @@ BOOL initialize_password_db(BOOL reload)
   Default implementations of some functions.
  ****************************************************************************/
 
-static NTSTATUS pdb_default_getsampwnam (struct pdb_methods *methods, SAM_ACCOUNT *user, const char *sname)
+static NTSTATUS pdb_default_getsampwnam (struct pdb_methods *methods, struct samu *user, const char *sname)
 {
 	return NT_STATUS_NO_SUCH_USER;
 }
 
-static NTSTATUS pdb_default_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT * user, const DOM_SID *sid)
+static NTSTATUS pdb_default_getsampwsid(struct pdb_methods *my_methods, struct samu * user, const DOM_SID *sid)
 {
 	return NT_STATUS_NO_SUCH_USER;
 }
 
-static NTSTATUS pdb_default_add_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
+static NTSTATUS pdb_default_add_sam_account (struct pdb_methods *methods, struct samu *newpwd)
 {
 	DEBUG(0,("this backend (%s) should not be listed as the first passdb backend! You can't add users to it.\n", methods->name));
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-static NTSTATUS pdb_default_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
+static NTSTATUS pdb_default_update_sam_account (struct pdb_methods *methods, struct samu *newpwd)
 {
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-static NTSTATUS pdb_default_delete_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *pwd)
+static NTSTATUS pdb_default_delete_sam_account (struct pdb_methods *methods, struct samu *pwd)
 {
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-static NTSTATUS pdb_default_rename_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *pwd, const char *newname)
+static NTSTATUS pdb_default_rename_sam_account (struct pdb_methods *methods, struct samu *pwd, const char *newname)
 {
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods, SAM_ACCOUNT *newpwd, BOOL success)
+static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods, struct samu *newpwd, BOOL success)
 {
 	return NT_STATUS_OK;
 }
@@ -1247,7 +1247,7 @@ static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-static NTSTATUS pdb_default_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT *user)
+static NTSTATUS pdb_default_getsampwent(struct pdb_methods *methods, struct samu *user)
 {
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -1276,7 +1276,7 @@ static NTSTATUS pdb_default_get_seq_num(struct pdb_methods *methods, time_t *seq
 static BOOL pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
 				   uint32 *rid)
 {
-	SAM_ACCOUNT *sampw = NULL;
+	struct samu *sampw = NULL;
 	struct passwd *unix_pw;
 	BOOL ret;
 	
@@ -1290,7 +1290,7 @@ static BOOL pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
 	
 	if ( !NT_STATUS_IS_OK(pdb_init_sam(&sampw)) ) {
 		DEBUG(0,("pdb_default_uid_to_rid: failed to allocate "
-			 "SAM_ACCOUNT object\n"));
+			 "struct samu object\n"));
 		return False;
 	}
 	
@@ -1302,7 +1302,7 @@ static BOOL pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
 	if (!ret) {
 		DEBUG(5, ("pdb_default_uid_to_rid: Did not find user "
 			  "%s (%d)\n", unix_pw->pw_name, uid));
-		pdb_free_sam(&sampw);
+		TALLOC_FREE(sampw);
 		return False;
 	}
 
@@ -1314,7 +1314,7 @@ static BOOL pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
 			  sid_string_static(pdb_get_user_sid(sampw))));
 	}
 
-	pdb_free_sam(&sampw);
+	TALLOC_FREE(sampw);
 	return ret;
 }
 
@@ -1491,7 +1491,7 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 
 NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
 					    TALLOC_CTX *mem_ctx,
-					    SAM_ACCOUNT *user,
+					    struct samu *user,
 					    DOM_SID **pp_sids,
 					    gid_t **pp_gids,
 					    size_t *p_num_groups)
@@ -1551,7 +1551,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 				  enum SID_NAME_USE *psid_name_use,
 				  union unid_t *unix_id)
 {
-	SAM_ACCOUNT *sam_account = NULL;
+	struct samu *sam_account = NULL;
 	GROUP_MAP map;
 	BOOL ret;
 	DOM_SID sid;
@@ -1578,7 +1578,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 		*name = talloc_strdup(mem_ctx, pdb_get_username(sam_account));
 		*psid_name_use = SID_NAME_USER;
 
-		pdb_free_sam(&sam_account);
+		TALLOC_FREE(sam_account);
 
 		if (unix_id == NULL) {
 			return True;
@@ -1591,7 +1591,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 		unix_id->uid = pw->pw_uid;
 		return True;
 	}
-	pdb_free_sam(&sam_account);
+	TALLOC_FREE(sam_account);
 	
 	ret = pdb_getgrsid(&map, sid);
 	unbecome_root();
@@ -1812,7 +1812,7 @@ static BOOL next_entry_users(struct pdb_search *s,
 			     struct samr_displayentry *entry)
 {
 	struct user_search *state = s->private_data;
-	SAM_ACCOUNT *user = NULL;
+	struct samu *user = NULL;
 	NTSTATUS status;
 
  next:
@@ -1823,13 +1823,13 @@ static BOOL next_entry_users(struct pdb_search *s,
 	}
 
 	if (!pdb_getsampwent(user)) {
-		pdb_free_sam(&user);
+		TALLOC_FREE(user);
 		return False;
 	}
 
  	if ((state->acct_flags != 0) &&
 	    ((pdb_get_acct_ctrl(user) & state->acct_flags) == 0)) {
-		pdb_free_sam(&user);
+		TALLOC_FREE(user);
 		goto next;
 	}
 
@@ -1838,7 +1838,7 @@ static BOOL next_entry_users(struct pdb_search *s,
 			  pdb_get_fullname(user), pdb_get_acct_desc(user),
 			  entry);
 
-	pdb_free_sam(&user);
+	TALLOC_FREE(user);
 	return True;
 }
 
-- 
cgit 


From cd559192633d78a9f06e239c6a448955f6ea0842 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Tue, 21 Feb 2006 14:34:11 +0000
Subject: r13590: * replace all pdb_init_sam[_talloc]() calls with samu_new() *
 replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix() (This used to
 be commit 6f1afa4acc93a07d0ee9940822d7715acaae634f)

---
 source3/passdb/pdb_interface.c | 38 +++++++++++++++++---------------------
 1 file changed, 17 insertions(+), 21 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7f85c4d7c4..294cd51348 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -285,7 +285,7 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
 BOOL guest_user_info( struct samu *user )
 {
 	struct passwd *pwd;
-	NTSTATUS ntstatus;
+	NTSTATUS result;
 	const char *guestname = lp_guestaccount();
 	
 	if ( !(pwd = getpwnam_alloc( NULL, guestname ) ) ) {
@@ -294,11 +294,11 @@ BOOL guest_user_info( struct samu *user )
 		return False;
 	}
 	
-	/* fill in from the users information */
-	
-	ntstatus = pdb_fill_sam_pw( user, pwd );
-	
-	return NT_STATUS_IS_OK(ntstatus);
+	result = samu_set_unix(user, pwd);
+
+	TALLOC_FREE( pwd );
+
+	return NT_STATUS_IS_OK( result );
 
 }
 
@@ -816,7 +816,6 @@ static NTSTATUS pdb_default_add_groupmem(struct pdb_methods *methods,
 	struct passwd *pwd;
 	const char *group_name;
 	uid_t uid;
-	NTSTATUS status;
 
 	sid_compose(&group_sid, get_global_sam_sid(), group_rid);
 	sid_compose(&member_sid, get_global_sam_sid(), member_rid);
@@ -832,8 +831,8 @@ static NTSTATUS pdb_default_add_groupmem(struct pdb_methods *methods,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	if (!NT_STATUS_IS_OK(status = pdb_init_sam(&account))) {
-		return status;
+	if ( !(account = samu_new( NULL )) ) {
+		return NT_STATUS_NO_MEMORY;
 	}
 
 	if (!pdb_getsampwsid(account, &member_sid) ||
@@ -884,7 +883,6 @@ static NTSTATUS pdb_default_del_groupmem(struct pdb_methods *methods,
 	struct passwd *pwd;
 	const char *group_name;
 	uid_t uid;
-	NTSTATUS status;
 
 	sid_compose(&group_sid, get_global_sam_sid(), group_rid);
 	sid_compose(&member_sid, get_global_sam_sid(), member_rid);
@@ -900,8 +898,8 @@ static NTSTATUS pdb_default_del_groupmem(struct pdb_methods *methods,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	if (!NT_STATUS_IS_OK(status = pdb_init_sam(&account))) {
-		return status;
+	if ( !(account = samu_new( NULL )) ) {
+		return NT_STATUS_NO_MEMORY;
 	}
 
 	if (!pdb_getsampwsid(account, &member_sid) ||
@@ -1288,12 +1286,11 @@ static BOOL pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
 		return False;
 	}
 	
-	if ( !NT_STATUS_IS_OK(pdb_init_sam(&sampw)) ) {
-		DEBUG(0,("pdb_default_uid_to_rid: failed to allocate "
-			 "struct samu object\n"));
+	if ( !(sampw = samu_new( NULL )) ) {
+		DEBUG(0,("pdb_default_uid_to_rid: samu_new() failed!\n"));
 		return False;
 	}
-	
+
 	become_root();
 	ret = NT_STATUS_IS_OK(
 		methods->getsampwnam(methods, sampw, unix_pw->pw_name ));
@@ -1565,7 +1562,8 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 	sid_append_rid(&sid, rid);
 	
 	/* see if the passdb can help us with the name of the user */
-	if (!NT_STATUS_IS_OK(pdb_init_sam(&sam_account))) {
+
+	if ( !(sam_account = samu_new( NULL )) ) {
 		return False;
 	}
 
@@ -1813,12 +1811,10 @@ static BOOL next_entry_users(struct pdb_search *s,
 {
 	struct user_search *state = s->private_data;
 	struct samu *user = NULL;
-	NTSTATUS status;
 
  next:
-	status = pdb_init_sam(&user);
-	if (!NT_STATUS_IS_OK(status)) {
-		DEBUG(0, ("Could not pdb_init_sam\n"));
+	if ( !(user = samu_new( NULL )) ) {
+		DEBUG(0, ("next_entry_users: samu_new() failed!\n"));
 		return False;
 	}
 
-- 
cgit 


From d95e13e68f3c7ac517a45877b351849ef4a99b93 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Fri, 24 Feb 2006 21:36:40 +0000
Subject: r13679: Commiting the rm_primary_group.patch posted on
 samba-technical

* ignore the primary group SID attribute from struct samu*
* generate the primary group SID strictlky from the Unix
  primary group when dealing with passdb users
* Fix memory leak in original patch caused by failing to free a
  talloc *
* add wrapper around samu_set_unix() to prevent exposing the create
  BOOL to callers.  Wrappers are samu_set_unix() and samu-allic_rid_unix()
(This used to be commit bcf269e2ec6630b78d909010fabd3b69dd6dda84)
---
 source3/passdb/pdb_interface.c | 31 +++++++++++++++++--------------
 1 file changed, 17 insertions(+), 14 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 294cd51348..2fa02cafd9 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -274,7 +274,9 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
 	}
 
 	pdb_force_pw_initialization( sam_acct );
-	pdb_copy_sam_account(sam_acct, &csamuser);
+	
+	if ( (csamuser = samu_new( NULL )) != NULL )
+		pdb_copy_sam_account(csamuser, sam_acct);
 
 	return True;
 }
@@ -294,12 +296,11 @@ BOOL guest_user_info( struct samu *user )
 		return False;
 	}
 	
-	result = samu_set_unix(user, pwd);
+	result = samu_set_unix(user, pwd );
 
 	TALLOC_FREE( pwd );
 
 	return NT_STATUS_IS_OK( result );
-
 }
 
 /**********************************************************************
@@ -327,7 +328,7 @@ BOOL pdb_getsampwsid(struct samu *sam_acct, const DOM_SID *sid)
 	/* check the cache first */
 	
 	if ( csamuser && sid_equal(sid, pdb_get_user_sid(csamuser) ) )
-		return pdb_copy_sam_account(csamuser, &sam_acct);
+		return pdb_copy_sam_account(sam_acct, csamuser);
 
 	return NT_STATUS_IS_OK(pdb->getsampwsid(pdb, sam_acct, sid));
 }
@@ -338,8 +339,9 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 {
 	struct samu *sam_pass = NULL;
 	NTSTATUS status;
+	struct passwd *pwd;
 
-	if (Get_Pwnam_alloc(tmp_ctx, name) == NULL) {
+	if ( !(pwd = Get_Pwnam_alloc(tmp_ctx, name)) ) {
 		pstring add_script;
 		int add_ret;
 
@@ -357,19 +359,21 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 
 		all_string_sub(add_script, "%u", name, sizeof(add_script));
 		add_ret = smbrun(add_script,NULL);
-		DEBUG(add_ret ? 0 : 3, ("_samr_create_user: Running the "
-					"command `%s' gave %d\n",
+		DEBUG(add_ret ? 0 : 3, ("_samr_create_user: Running the command `%s' gave %d\n",
 					add_script, add_ret));
+		flush_pwnam_cache();
+
+		pwd = Get_Pwnam_alloc(tmp_ctx, name);
 	}
 
-	/* implicit call to getpwnam() next.  we have a valid SID coming out
-	 * of this call */
+	/* we have a valid SID coming out of this call */
 
-	flush_pwnam_cache();
-	status = pdb_init_sam_new(&sam_pass, name);
+	status = samu_alloc_rid_unix( sam_pass, pwd );
+
+	TALLOC_FREE( pwd );
 
 	if (!NT_STATUS_IS_OK(status)) {
-		DEBUG(3, ("pdb_init_sam_new failed: %s\n", nt_errstr(status)));
+		DEBUG(3, ("pdb_default_create_user: failed to create a new user structure: %s\n", nt_errstr(status)));
 		return status;
 	}
 
@@ -379,8 +383,7 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 		return NT_STATUS_INTERNAL_ERROR;
 	}
 
-	/* Disable the account on creation, it does not have a reasonable
-	 * password yet. */
+	/* Disable the account on creation, it does not have a reasonable password yet. */
 
 	acb_info |= ACB_DISABLED;
 
-- 
cgit 


From 2ef2e01314536e28fd1766860e09b58c8fafa098 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 27 Feb 2006 02:03:53 +0000
Subject: r13704: Janitor for tpot. Jeremy ------------- Slightly smaller
 version of pdb_get_methods() patch.  Turns out that callers to
 initialize_password_db() use the reload parameter so this has turned in to a
 smaller cleanup than I thought. (This used to be commit
 7e243104eb57d656adf7b5a322fc8dde9e3c2868)

---
 source3/passdb/pdb_interface.c | 105 +++++++++++++++++++++--------------------
 1 file changed, 55 insertions(+), 50 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 2fa02cafd9..2b5c53534d 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -193,7 +193,7 @@ NTSTATUS make_pdb_method_name(struct pdb_methods **methods, const char *selected
  Return an already initialised pdn_methods structure
 *******************************************************************/
 
-static struct pdb_methods *pdb_get_methods( BOOL reload ) 
+static struct pdb_methods *pdb_get_methods_reload( BOOL reload ) 
 {
 	static struct pdb_methods *pdb = NULL;
 
@@ -213,13 +213,18 @@ static struct pdb_methods *pdb_get_methods( BOOL reload )
 	return pdb;
 }
 
+static struct pdb_methods *pdb_get_methods(void)
+{
+	return pdb_get_methods_reload(False);
+}
+
 /******************************************************************
  Backward compatibility functions for the original passdb interface
 *******************************************************************/
 
 BOOL pdb_setsampwent(BOOL update, uint16 acb_mask) 
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -230,7 +235,7 @@ BOOL pdb_setsampwent(BOOL update, uint16 acb_mask)
 
 void pdb_endsampwent(void) 
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return;
@@ -241,7 +246,7 @@ void pdb_endsampwent(void)
 
 BOOL pdb_getsampwent(struct samu *user) 
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -258,7 +263,7 @@ BOOL pdb_getsampwent(struct samu *user)
 
 BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username) 
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -311,7 +316,7 @@ BOOL pdb_getsampwsid(struct samu *sam_acct, const DOM_SID *sid)
 	struct pdb_methods *pdb;
 	uint32 rid;
 
-	if ( !(pdb = pdb_get_methods(False)) ) {
+	if ( !(pdb = pdb_get_methods()) ) {
 		return False;
 	}
 
@@ -399,7 +404,7 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 NTSTATUS pdb_create_user(TALLOC_CTX *mem_ctx, const char *name, uint32 flags,
 			 uint32 *rid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -452,7 +457,7 @@ static NTSTATUS pdb_default_delete_user(struct pdb_methods *methods,
 
 NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -463,7 +468,7 @@ NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
 
 NTSTATUS pdb_add_sam_account(struct samu *sam_acct) 
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -474,7 +479,7 @@ NTSTATUS pdb_add_sam_account(struct samu *sam_acct)
 
 NTSTATUS pdb_update_sam_account(struct samu *sam_acct) 
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -490,7 +495,7 @@ NTSTATUS pdb_update_sam_account(struct samu *sam_acct)
 
 NTSTATUS pdb_delete_sam_account(struct samu *sam_acct) 
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -506,7 +511,7 @@ NTSTATUS pdb_delete_sam_account(struct samu *sam_acct)
 
 NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
@@ -522,7 +527,7 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
 
 NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
@@ -533,7 +538,7 @@ NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
 
 BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -544,7 +549,7 @@ BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
 
 BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -555,7 +560,7 @@ BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
 
 BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -605,7 +610,7 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
 NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name,
 			      uint32 *rid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -664,7 +669,7 @@ static NTSTATUS pdb_default_delete_dom_group(struct pdb_methods *methods,
 
 NTSTATUS pdb_delete_dom_group(TALLOC_CTX *mem_ctx, uint32 rid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -675,7 +680,7 @@ NTSTATUS pdb_delete_dom_group(TALLOC_CTX *mem_ctx, uint32 rid)
 
 NTSTATUS pdb_add_group_mapping_entry(GROUP_MAP *map)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -686,7 +691,7 @@ NTSTATUS pdb_add_group_mapping_entry(GROUP_MAP *map)
 
 NTSTATUS pdb_update_group_mapping_entry(GROUP_MAP *map)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -697,7 +702,7 @@ NTSTATUS pdb_update_group_mapping_entry(GROUP_MAP *map)
 
 NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -709,7 +714,7 @@ NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
 BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
 			    size_t *p_num_entries, BOOL unix_only)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -724,7 +729,7 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
 				uint32 **pp_member_rids,
 				size_t *p_num_members)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -738,7 +743,7 @@ NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, struct samu *user,
 				    DOM_SID **pp_sids, gid_t **pp_gids,
 				    size_t *p_num_groups)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -771,7 +776,7 @@ static NTSTATUS pdb_default_set_unix_primary_group(struct pdb_methods *methods,
 
 NTSTATUS pdb_set_unix_primary_group(TALLOC_CTX *mem_ctx, struct samu *user)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -865,7 +870,7 @@ static NTSTATUS pdb_default_add_groupmem(struct pdb_methods *methods,
 NTSTATUS pdb_add_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
 			  uint32 member_rid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -932,7 +937,7 @@ static NTSTATUS pdb_default_del_groupmem(struct pdb_methods *methods,
 NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
 			  uint32 member_rid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -943,7 +948,7 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
 
 BOOL pdb_find_alias(const char *name, DOM_SID *sid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -955,7 +960,7 @@ BOOL pdb_find_alias(const char *name, DOM_SID *sid)
 
 NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
@@ -966,7 +971,7 @@ NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
 
 BOOL pdb_delete_alias(const DOM_SID *sid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -979,7 +984,7 @@ BOOL pdb_delete_alias(const DOM_SID *sid)
 
 BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -991,7 +996,7 @@ BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 
 BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -1003,7 +1008,7 @@ BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 
 NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -1014,7 +1019,7 @@ NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
 
 NTSTATUS pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -1026,7 +1031,7 @@ NTSTATUS pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
 NTSTATUS pdb_enum_aliasmem(const DOM_SID *alias,
 			   DOM_SID **pp_members, size_t *p_num_members)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
@@ -1042,7 +1047,7 @@ NTSTATUS pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx,
 				    uint32 **pp_alias_rids,
 				    size_t *p_num_alias_rids)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
@@ -1061,7 +1066,7 @@ NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid,
 			 const char **names,
 			 uint32 *attrs)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
@@ -1077,7 +1082,7 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 			  uint32 *rids,
 			  uint32 *attrs)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
@@ -1089,7 +1094,7 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 
 BOOL pdb_get_account_policy(int policy_index, uint32 *value)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -1100,7 +1105,7 @@ BOOL pdb_get_account_policy(int policy_index, uint32 *value)
 
 BOOL pdb_set_account_policy(int policy_index, uint32 value)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -1111,7 +1116,7 @@ BOOL pdb_set_account_policy(int policy_index, uint32 value)
 
 BOOL pdb_get_seq_num(time_t *seq_num)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -1122,7 +1127,7 @@ BOOL pdb_get_seq_num(time_t *seq_num)
 
 BOOL pdb_uid_to_rid(uid_t uid, uint32 *rid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -1133,7 +1138,7 @@ BOOL pdb_uid_to_rid(uid_t uid, uint32 *rid)
 
 BOOL pdb_gid_to_sid(gid_t gid, DOM_SID *sid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -1145,7 +1150,7 @@ BOOL pdb_gid_to_sid(gid_t gid, DOM_SID *sid)
 BOOL pdb_sid_to_id(const DOM_SID *sid, union unid_t *id,
 		   enum SID_NAME_USE *type)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -1156,7 +1161,7 @@ BOOL pdb_sid_to_id(const DOM_SID *sid, union unid_t *id,
 
 BOOL pdb_rid_algorithm(void)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -1167,7 +1172,7 @@ BOOL pdb_rid_algorithm(void)
 
 BOOL pdb_new_rid(uint32 *rid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 
 	if ( !pdb ) {
 		return False;
@@ -1199,7 +1204,7 @@ BOOL pdb_new_rid(uint32 *rid)
 
 BOOL initialize_password_db(BOOL reload)
 {	
-	return (pdb_get_methods(reload) != NULL);
+	return (pdb_get_methods_reload(reload) != NULL);
 }
 
 
@@ -1982,7 +1987,7 @@ static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
 
 struct pdb_search *pdb_search_users(uint16 acct_flags)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 	struct pdb_search *result;
 
 	if (pdb == NULL) return NULL;
@@ -1999,7 +2004,7 @@ struct pdb_search *pdb_search_users(uint16 acct_flags)
 
 struct pdb_search *pdb_search_groups(void)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 	struct pdb_search *result;
 
 	if (pdb == NULL) return NULL;
@@ -2016,7 +2021,7 @@ struct pdb_search *pdb_search_groups(void)
 
 struct pdb_search *pdb_search_aliases(const DOM_SID *sid)
 {
-	struct pdb_methods *pdb = pdb_get_methods(False);
+	struct pdb_methods *pdb = pdb_get_methods();
 	struct pdb_search *result;
 
 	if (pdb == NULL) return NULL;
-- 
cgit 


From e54786b53543b4667288c64abb55478fddd95061 Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Mon, 27 Feb 2006 10:32:45 +0000
Subject: r13711: * Correctly handle acb_info/acct_flags as uint32 not as
 uint16. * Fix a couple of related parsing issues. * in the info3 reply in a
 samlogon, return the ACB-flags (instead of   returning zero)

Guenther
(This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
---
 source3/passdb/pdb_interface.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 2b5c53534d..c49e032389 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1248,7 +1248,7 @@ static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods,
 	return NT_STATUS_OK;
 }
 
-static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint16 acb_mask)
+static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint32 acb_mask)
 {
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -1854,7 +1854,7 @@ static void search_end_users(struct pdb_search *search)
 
 static BOOL pdb_default_search_users(struct pdb_methods *methods,
 				     struct pdb_search *search,
-				     uint16 acct_flags)
+				     uint32 acct_flags)
 {
 	struct user_search *state;
 
@@ -1985,7 +1985,7 @@ static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
 	return (search->num_entries > idx) ? &search->cache[idx] : NULL;
 }
 
-struct pdb_search *pdb_search_users(uint16 acct_flags)
+struct pdb_search *pdb_search_users(uint32 acct_flags)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	struct pdb_search *result;
-- 
cgit 


From ded57f29b3e116badb576990155964c56151c5f9 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Mon, 27 Feb 2006 21:19:58 +0000
Subject: r13727: Fix a segfault (This used to be commit
 76c100834d125b889d29d0fc38934bed4cc77e19)

---
 source3/passdb/pdb_interface.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index c49e032389..d40c6d2c6e 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -342,10 +342,14 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 					TALLOC_CTX *tmp_ctx, const char *name,
 					uint32 acb_info, uint32 *rid)
 {
-	struct samu *sam_pass = NULL;
+	struct samu *sam_pass;
 	NTSTATUS status;
 	struct passwd *pwd;
 
+	if ((sam_pass = TALLOC_ZERO_P(tmp_ctx, struct samu)) == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
 	if ( !(pwd = Get_Pwnam_alloc(tmp_ctx, name)) ) {
 		pstring add_script;
 		int add_ret;
-- 
cgit 


From a8325d28d21f8a11454ea8e3392bc73824c14902 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Tue, 28 Feb 2006 13:53:16 +0000
Subject: r13756: use samu_new() rather than calling talloc() directly. (This
 used to be commit c13af58f6322104a45d0e620cc26f522a47af2ab)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index d40c6d2c6e..8645c12bce 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -346,7 +346,7 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 	NTSTATUS status;
 	struct passwd *pwd;
 
-	if ((sam_pass = TALLOC_ZERO_P(tmp_ctx, struct samu)) == NULL) {
+	if ((sam_pass = samu_new(tmp_ctx)) == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
-- 
cgit 


From 0ce53f8ba5110381ad6f910abe581a69019135b8 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Wed, 15 Mar 2006 00:10:38 +0000
Subject: r14403: * modifies create_local_nt_token() to create a
 BUILTIN\Administrators   group IFF sid_to_gid(S-1-5-32-544) fails and
 'winbind nested groups = yes'

* Add a SID domain to the group mapping enumeration passdb call
  to fix the checks for local and builtin groups.  The SID can be
  NULL if you want the old semantics for internal maintenance.
  I only updated the tdb group mapping code.

* remove any group mapping from the tdb that have a
  gid of -1 for better consistency with pdb_ldap.c.
  The fixes the problem with calling add_group_map() in
  the tdb code for unmapped groups which might have had
  a record present.

* Ensure that we distinguish between groups in the
  BUILTIN and local machine domains via getgrnam()
  Other wise BUILTIN\Administrators & SERVER\Administrators
  would resolve to the same gid.

* Doesn't strip the global_sam_name() from groups in the
  local machine's domain (this is required to work with
  'winbind default domain' code)

Still todo.

* Fix fallback Administrators membership for root and domain Admins
  if nested groups = no or winbindd is not running

* issues with "su - user -c 'groups'" command

* There are a few outstanding issues with BUILTIN\Users that
  Windows apparently tends to assume.  I worked around this
  presently with a manual group mapping but I do not think
  this is a good solution.  So I'll probably add some similar
  as I did for Administrators.
(This used to be commit 612979476aef62e8e8eef632fa6be7d30282bb83)
---
 source3/passdb/pdb_interface.c | 21 +++++++--------------
 1 file changed, 7 insertions(+), 14 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 8645c12bce..4061e7b5db 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -715,7 +715,7 @@ NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
 	return pdb->delete_group_mapping_entry(pdb, sid);
 }
 
-BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
+BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
 			    size_t *p_num_entries, BOOL unix_only)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
@@ -724,7 +724,7 @@ BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid_name_use,
+	return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid, sid_name_use,
 		pp_rmap, p_num_entries, unix_only));
 }
 
@@ -1631,7 +1631,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 	
 	if ( rid == DOMAIN_GROUP_RID_USERS ) {
 		*name = talloc_strdup(mem_ctx, "None" );
-		*psid_name_use = IS_DC ? SID_NAME_DOM_GRP : SID_NAME_ALIAS;
+		*psid_name_use = SID_NAME_DOM_GRP;
 		
 		return True;
 	}
@@ -1919,7 +1919,7 @@ static void search_end_groups(struct pdb_search *search)
 }
 
 static BOOL pdb_search_grouptype(struct pdb_search *search,
-				 enum SID_NAME_USE type)
+				 const DOM_SID *sid, enum SID_NAME_USE type)
 {
 	struct group_search *state;
 
@@ -1929,7 +1929,7 @@ static BOOL pdb_search_grouptype(struct pdb_search *search,
 		return False;
 	}
 
-	if (!pdb_enum_group_mapping(type, &state->groups, &state->num_groups,
+	if (!pdb_enum_group_mapping(sid, type, &state->groups, &state->num_groups,
 				    True)) {
 		DEBUG(0, ("Could not enum groups\n"));
 		return False;
@@ -1945,7 +1945,7 @@ static BOOL pdb_search_grouptype(struct pdb_search *search,
 static BOOL pdb_default_search_groups(struct pdb_methods *methods,
 				      struct pdb_search *search)
 {
-	return pdb_search_grouptype(search, SID_NAME_DOM_GRP);
+	return pdb_search_grouptype(search, get_global_sam_sid(), SID_NAME_DOM_GRP);
 }
 
 static BOOL pdb_default_search_aliases(struct pdb_methods *methods,
@@ -1953,14 +1953,7 @@ static BOOL pdb_default_search_aliases(struct pdb_methods *methods,
 				       const DOM_SID *sid)
 {
 
-	if (sid_equal(sid, get_global_sam_sid()))
-		return pdb_search_grouptype(search, SID_NAME_ALIAS);
-
-	if (sid_equal(sid, &global_sid_Builtin))
-		return pdb_search_grouptype(search, SID_NAME_WKN_GRP);
-
-	DEBUG(3, ("unknown domain sid: %s\n", sid_string_static(sid)));
-	return False;
+	return pdb_search_grouptype(search, sid, SID_NAME_ALIAS);
 }
 
 static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
-- 
cgit 


From 41a0da4cfc3e0bb37b81ea22fc2eb15aa89298e1 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Wed, 15 Mar 2006 17:40:28 +0000
Subject: r14457: Add a few more special cases for RID 513 in the samr code.
 Now that I know what all the requirements for this group are I can generalize
 the code some more and make it cleaner. But at least this is working with
 lusrmgr.msc on XP and 2k now. (This used to be commit
 d2c1842978cd50485849bfc4fb6d94767d96cab0)

---
 source3/passdb/pdb_interface.c | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 4061e7b5db..82890fee2d 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -734,13 +734,31 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
 				size_t *p_num_members)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
+	NTSTATUS result;
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return pdb->enum_group_members(pdb, mem_ctx, sid, 
-						   pp_member_rids, p_num_members);
+	result = pdb->enum_group_members(pdb, mem_ctx, 
+			sid, pp_member_rids, p_num_members);
+		
+	/* special check for rid 513 */
+		
+	if ( !NT_STATUS_IS_OK( result ) ) {
+		uint32 rid;
+		
+		sid_peek_rid( sid, &rid );
+		
+		if ( rid == DOMAIN_GROUP_RID_USERS ) {
+			*p_num_members = 0;
+			*pp_member_rids = NULL;
+			
+			return NT_STATUS_OK;
+		}
+	}
+	
+	return result;
 }
 
 NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, struct samu *user,
-- 
cgit 


From 5aa66fd0393318586edb5ee17e5cad2236aa5c8b Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Mon, 20 Mar 2006 10:18:23 +0000
Subject: r14577: BUG Fixes:

* Add back in the import/export support to pdbedit
* Fix segv in pam_smbpass
* Cleanup some error paths in pdb_tdb and pdb_interface
(This used to be commit df53d64910fbb96eb810102e986b3c337d54c463)
---
 source3/passdb/pdb_interface.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 82890fee2d..7ff0214c72 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -273,15 +273,15 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
 		return False;
 	}
 
-	if (csamuser != NULL) {
+	if ( csamuser ) {
 		TALLOC_FREE(csamuser);
-		csamuser = NULL;
 	}
 
 	pdb_force_pw_initialization( sam_acct );
 	
-	if ( (csamuser = samu_new( NULL )) != NULL )
+	if ( (csamuser = samu_new( NULL )) != NULL ) {
 		pdb_copy_sam_account(csamuser, sam_acct);
+	}
 
 	return True;
 }
-- 
cgit 


From 1839b4be14e905428257eb999def184d73dcf08f Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Wed, 22 Mar 2006 08:04:13 +0000
Subject: r14634: Many bug fixes thanks to train rides and overnight stays in
 airports

* Finally fix parsing idmap uid/gid ranges not to break with spaces
  surrounding the '-'
* Allow local groups to renamed by adding info level 2 to
  _samr_set_aliasinfo()
* Fix parsing bug in _samr_del_dom_alias() reply
* Prevent root from being deleted via Samba
* Prevent builting groups from being renamed or deleted
* Fix bug in pdb_tdb that broke renaming user accounts
* Make sure winbindd is running when trying to create the Administrators
  and Users BUILTIN groups automatically from smbd (and not just check the
  winbind nexted groups parameter value).
* Have the top level rid allocator verify that the RID it is about to
  grant is not already assigned in our own SAM (retries up to 250 times).
  This fixes passdb with existing SIDs assigned to users from the RID algorithm
  but not monotonically allocating the RIDs from passdb.
(This used to be commit db1162241f79c2af8afb7d8c26e8ed1c4a4b476f)
---
 source3/passdb/pdb_interface.c | 86 +++++++++++++++++++++++++++++++++++++-----
 1 file changed, 77 insertions(+), 9 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7ff0214c72..5fdc8ac819 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -426,6 +426,13 @@ static int smb_delete_user(const char *unix_user)
 	pstring del_script;
 	int ret;
 
+	/* safety check */
+
+	if ( strequal( unix_user, "root" ) ) {
+		DEBUG(0,("smb_delete_user: Refusing to delete local system root account!\n"));
+		return -1;
+	}
+
 	pstrcpy(del_script, lp_deluser_script());
 	if (! *del_script)
 		return -1;
@@ -462,11 +469,22 @@ static NTSTATUS pdb_default_delete_user(struct pdb_methods *methods,
 NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
+	uid_t uid = -1;
 
 	if ( !pdb ) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
+	/* sanity check to make sure we don't delete root */
+
+	if ( !sid_to_uid( pdb_get_user_sid(sam_acct), &uid ) ) {
+		return NT_STATUS_NO_SUCH_USER;
+	}
+
+	if ( uid == 0 ) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
 	return pdb->delete_user(pdb, mem_ctx, sam_acct);
 }
 
@@ -516,6 +534,7 @@ NTSTATUS pdb_delete_sam_account(struct samu *sam_acct)
 NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
+	uid_t uid;
 
 	if ( !pdb ) {
 		return NT_STATUS_NOT_IMPLEMENTED;
@@ -526,6 +545,16 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
 		csamuser = NULL;
 	}
 
+	/* sanity check to make sure we don't rename root */
+
+	if ( !sid_to_uid( pdb_get_user_sid(oldname), &uid ) ) {
+		return NT_STATUS_NO_SUCH_USER;
+	}
+
+	if ( uid == 0 ) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
 	return pdb->rename_sam_account(pdb, oldname, newname);
 }
 
@@ -976,8 +1005,7 @@ BOOL pdb_find_alias(const char *name, DOM_SID *sid)
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb->find_alias(pdb,
-							     name, sid));
+	return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
 }
 
 NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
@@ -999,8 +1027,7 @@ BOOL pdb_delete_alias(const DOM_SID *sid)
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb->delete_alias(pdb,
-							     sid));
+	return NT_STATUS_IS_OK(pdb->delete_alias(pdb, sid));
 							    
 }
 
@@ -1012,8 +1039,7 @@ BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb->get_aliasinfo(pdb, sid,
-							      info));
+	return NT_STATUS_IS_OK(pdb->get_aliasinfo(pdb, sid, info));
 }
 
 BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
@@ -1024,8 +1050,7 @@ BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 		return False;
 	}
 
-	return NT_STATUS_IS_OK(pdb->set_aliasinfo(pdb, sid,
-							      info));
+	return NT_STATUS_IS_OK(pdb->set_aliasinfo(pdb, sid, info));
 }
 
 NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
@@ -1192,9 +1217,21 @@ BOOL pdb_rid_algorithm(void)
 	return pdb->rid_algorithm(pdb);
 }
 
+/********************************************************************
+ Allocate a new RID from the passdb backend.  Verify that it is free
+ by calling lookup_global_sam_rid() to verify that the RID is not
+ in use.  This handles servers that have existing users or groups
+ with add RIDs (assigned from previous algorithmic mappings)
+********************************************************************/
+
 BOOL pdb_new_rid(uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
+	const char *name = NULL;
+	enum SID_NAME_USE type;
+	uint32 allocated_rid = 0;
+	int i;
+	TALLOC_CTX *ctx;
 
 	if ( !pdb ) {
 		return False;
@@ -1215,7 +1252,38 @@ BOOL pdb_new_rid(uint32 *rid)
 		return False;
 	}
 
-	return pdb->new_rid(pdb, rid);
+	if ( (ctx = talloc_init("pdb_new_rid")) == NULL ) {
+		DEBUG(0,("pdb_new_rid: Talloc initialization failure\n"));
+		return False;
+	}
+
+	/* Attempt to get an unused RID (max tires is 250...yes that it is 
+	   and arbitrary number I pulkled out of my head).   -- jerry */
+
+	for ( i=0; allocated_rid==0 && i<250; i++ ) {
+		/* get a new RID */
+
+		if ( !pdb->new_rid(pdb, &allocated_rid) ) {
+			return False;
+		}
+
+		/* validate that the RID is not in use */
+
+		if ( lookup_global_sam_rid( ctx, allocated_rid, &name, &type, NULL ) ) {
+			allocated_rid = 0;
+		}
+	}
+
+	TALLOC_FREE( ctx );
+
+	if ( allocated_rid == 0 ) {
+		DEBUG(0,("pdb_new_rid: Failed to find unused RID\n"));
+		return False;
+	}
+
+	*rid = allocated_rid;
+
+	return True;
 }
 
 /***************************************************************
-- 
cgit 


From ac2b7c0d93eb30e026c56b01a4a7a470ed3d77e7 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Fri, 24 Mar 2006 19:12:04 +0000
Subject: r14696: make pdb_find_backend_entry public (for use by an external
 "multi" pdb backend) (This used to be commit
 c149421ef7aca8763e21e6c7d467e94944c30e8b)

---
 source3/passdb/pdb_interface.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 5fdc8ac819..bd58dba702 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -40,7 +40,6 @@ static void lazy_initialize_passdb(void)
 	initialized = True;
 }
 
-static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name);
 static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 				  const char **name,
 				  enum SID_NAME_USE *psid_name_use,
@@ -116,7 +115,7 @@ NTSTATUS smb_register_passdb(int version, const char *name, pdb_init_function in
 	return NT_STATUS_OK;
 }
 
-static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
+struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
 {
 	struct pdb_init_function_entry *entry = backends;
 
@@ -1314,7 +1313,6 @@ static NTSTATUS pdb_default_getsampwsid(struct pdb_methods *my_methods, struct s
 
 static NTSTATUS pdb_default_add_sam_account (struct pdb_methods *methods, struct samu *newpwd)
 {
-	DEBUG(0,("this backend (%s) should not be listed as the first passdb backend! You can't add users to it.\n", methods->name));
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-- 
cgit 


From 6c9eaa6880897aabbc56ad3d7bd73dfc69f926f9 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Sun, 2 Apr 2006 06:25:11 +0000
Subject: r14855: Various fixes:

* depreacte 'acl group control' after discussion with Jeremy
  and implement functionality as part of 'dos filemode'
* fix winbindd on a non-member server to expand local groups
* prevent code previously only used by smbd from blindly
  turning _NO_WINBINDD back on
(This used to be commit 4ab372f4cab22225716b5c9a9a08f0c1dbc9928d)
---
 source3/passdb/pdb_interface.c | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index bd58dba702..88cf387838 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1501,16 +1501,20 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 	struct group *grp;
 	char **gr;
 	struct passwd *pwd;
+	char *winbindd_env;
  
 	*pp_uids = NULL;
 	*p_num = 0;
 
 	/* We only look at our own sam, so don't care about imported stuff */
 
-	winbind_off();
+	winbindd_env = getenv(WINBINDD_DONT_ENV);
+	winbind_putenv("0");
 
 	if ((grp = getgrgid(gid)) == NULL) {
-		winbind_on();
+		/* allow winbindd lookups */
+		winbind_putenv( winbindd_env ? winbindd_env : "1" );
+
 		return False;
 	}
 
@@ -1535,7 +1539,8 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 		add_uid_to_array_unique(mem_ctx, pw->pw_uid, pp_uids, p_num);
 	}
 
-	winbind_on();
+	/* allow winbindd lookups */
+	winbind_putenv( winbindd_env ? winbindd_env : "1" );
 
 	return True;
 }
@@ -1595,15 +1600,9 @@ NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
 	const char *username = pdb_get_username(user);
 	
 
-#if 0
 	/* Ignore the primary group SID.  Honor the real Unix primary group.
 	   The primary group SID is only of real use to Windows clients */
 	   
-	if (!sid_to_gid(pdb_get_group_sid(user), &gid)) {
-		DEBUG(10, ("sid_to_gid failed\n"));
-		return NT_STATUS_NO_SUCH_USER;
-	}
-#else
 	if ( !(pw = getpwnam_alloc(mem_ctx, username)) ) {
 		return NT_STATUS_NO_SUCH_USER;
 	}
@@ -1611,7 +1610,6 @@ NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
 	gid = pw->pw_gid;
 	
 	TALLOC_FREE( pw );
-#endif
 
 	if (!getgroups_unix_user(mem_ctx, username, gid, pp_gids, p_num_groups)) {
 		return NT_STATUS_NO_SUCH_USER;
-- 
cgit 


From e4998337e75c5e9debe914ff4eb2c0b0fa97c156 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Sun, 2 Apr 2006 19:45:42 +0000
Subject: r14868: I will not write code when changing to Daylight Savings Time.
 I will not write code when changing to Daylight Savings Time. I will not
 write code when changing to Daylight Savings Time. I will not write code when
 changing to Daylight Savings Time. I will not write code when changing to
 Daylight Savings Time. I will not write code when changing to Daylight
 Savings Time. I will not write code when changing to Daylight Savings Time. I
 will not write code when changing to Daylight Savings Time. I will not write
 code when changing to Daylight Savings Time.

...

Fix my brain dead inverted logic for turning winbindd on and off
when run on a DC or when calling pdb functions from within winbindd.
(This used to be commit 021b3dc2db9fb422ede4657a1f27ef7ef2d22cee)
---
 source3/passdb/pdb_interface.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 88cf387838..b6e635cca1 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1509,11 +1509,13 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 	/* We only look at our own sam, so don't care about imported stuff */
 
 	winbindd_env = getenv(WINBINDD_DONT_ENV);
-	winbind_putenv("0");
+	winbind_off();
 
 	if ((grp = getgrgid(gid)) == NULL) {
-		/* allow winbindd lookups */
-		winbind_putenv( winbindd_env ? winbindd_env : "1" );
+		/* allow winbindd lookups, but only if they weren't already disabled */
+		if ( !(winbindd_env && strequal(winbindd_env, "1")) ) {
+			winbind_on();
+		}
 
 		return False;
 	}
@@ -1539,8 +1541,11 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 		add_uid_to_array_unique(mem_ctx, pw->pw_uid, pp_uids, p_num);
 	}
 
-	/* allow winbindd lookups */
-	winbind_putenv( winbindd_env ? winbindd_env : "1" );
+	/* allow winbindd lookups, but only if they weren't already disabled */
+
+	if ( !(winbindd_env && strequal(winbindd_env, "1")) ) {
+		winbind_on();
+	}
 
 	return True;
 }
-- 
cgit 


From 4cde26cfc9be73785ac78aa962e68ccccd7cf90d Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sun, 9 Apr 2006 10:17:43 +0000
Subject: r15009: Add a check for NULL (This used to be commit
 0a7d4f1ab109f57f5b5f4c1e83ad346b13b50778)

---
 source3/passdb/pdb_interface.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index b6e635cca1..b3522e33a7 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1767,6 +1767,9 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 
 		if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i],
 					  NULL)) {
+			if (name == NULL) {
+				return NT_STATUS_NO_MEMORY;
+			}
 			names[i] = name;
 			DEBUG(5,("lookup_rids: %s:%d\n", names[i], attrs[i]));
 			have_mapped = True;
-- 
cgit 


From 31693197bee0d71e83418c0fb72685fd848e358f Mon Sep 17 00:00:00 2001
From: Paul Green <paulg@samba.org>
Date: Wed, 26 Apr 2006 15:41:25 +0000
Subject: r15283: Oh yeah. The build farm doesn't do much with head.  OK, here
 is the patch to SAMBA_3_0 to declare prototypes for the initialization
 functions.  These are the same changes I just made to head.  --paulg (This
 used to be commit 17774387ad879b6a72dd1cf406326318add31b04)

---
 source3/passdb/pdb_interface.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index b3522e33a7..393b60516c 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -30,6 +30,8 @@
 
 static struct samu *csamuser = NULL;
 
+static_decl_pdb;
+
 static struct pdb_init_function_entry *backends = NULL;
 
 static void lazy_initialize_passdb(void)
-- 
cgit 


From f9147c4e408d316d194c4e367dfccbf433cb8ec9 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Thu, 15 Jun 2006 01:54:09 +0000
Subject: r16241: Fix Klocwork #106 and others like it. Make 2 important
 changes. pdb_get_methods() returning NULL is a *fatal* error. Don't try and
 cope with it just call smb_panic. This removes a *lot* of pointless "if
 (!pdb)" handling code. Secondly, ensure that if samu_init() fails we *always*
 back out of a function. That way we are never in a situation where the
 pdb_XXX() functions need to start with a "if (sampass)" test - this was just
 bad design, not defensive programming. Jeremy. (This used to be commit
 a0d368197d6ae6777b7c2c3c6e970ab8ae7ca2ae)

---
 source3/passdb/pdb_interface.c | 259 +++++------------------------------------
 1 file changed, 27 insertions(+), 232 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 393b60516c..94adebe232 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -37,7 +37,9 @@ static struct pdb_init_function_entry *backends = NULL;
 static void lazy_initialize_passdb(void)
 {
 	static BOOL initialized = False;
-	if(initialized)return;
+	if(initialized) {
+		return;
+	}
 	static_init_pdb;
 	initialized = True;
 }
@@ -201,13 +203,19 @@ static struct pdb_methods *pdb_get_methods_reload( BOOL reload )
 	if ( pdb && reload ) {
 		pdb->free_private_data( &(pdb->private_data) );
 		if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
-			return NULL;
+			pstring msg;
+			slprintf(msg, sizeof(msg)-1, "pdb_get_methods_reload: failed to get pdb methods for backend %s\n",
+				lp_passdb_backend() );
+			smb_panic(msg);
 		}
 	}
 
 	if ( !pdb ) {
 		if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
-			return NULL;
+			pstring msg;
+			slprintf(msg, sizeof(msg)-1, "pdb_get_methods_reload: failed to get pdb methods for backend %s\n",
+				lp_passdb_backend() );
+			smb_panic(msg);
 		}
 	}
 
@@ -226,22 +234,12 @@ static struct pdb_methods *pdb_get_methods(void)
 BOOL pdb_setsampwent(BOOL update, uint16 acb_mask) 
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb->setsampwent(pdb, update, acb_mask));
 }
 
 void pdb_endsampwent(void) 
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return;
-	}
-
 	pdb->endsampwent(pdb);
 }
 
@@ -249,16 +247,10 @@ BOOL pdb_getsampwent(struct samu *user)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 
-	if ( !pdb ) {
-		return False;
-	}
-
 	if ( !NT_STATUS_IS_OK(pdb->getsampwent(pdb, user) ) ) {
 		return False;
 	}
-
 	pdb_force_pw_initialization( user );
-
 	return True;
 }
 
@@ -266,10 +258,6 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 
-	if ( !pdb ) {
-		return False;
-	}
-
 	if (!NT_STATUS_IS_OK(pdb->getsampwnam(pdb, sam_acct, username))) {
 		return False;
 	}
@@ -280,8 +268,14 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
 
 	pdb_force_pw_initialization( sam_acct );
 	
-	if ( (csamuser = samu_new( NULL )) != NULL ) {
-		pdb_copy_sam_account(csamuser, sam_acct);
+	csamuser = samu_new( NULL );
+	if (!csamuser) {
+		return False;
+	}
+
+	if (!pdb_copy_sam_account(csamuser, sam_acct)) {
+		TALLOC_FREE(csamuser);
+		return False;
 	}
 
 	return True;
@@ -314,13 +308,9 @@ BOOL guest_user_info( struct samu *user )
 
 BOOL pdb_getsampwsid(struct samu *sam_acct, const DOM_SID *sid) 
 {
-	struct pdb_methods *pdb;
+	struct pdb_methods *pdb = pdb_get_methods();
 	uint32 rid;
 
-	if ( !(pdb = pdb_get_methods()) ) {
-		return False;
-	}
-
 	/* hard code the Guest RID of 501 */
 
 	if ( !sid_peek_check_rid( get_global_sam_sid(), sid, &rid ) )
@@ -410,11 +400,6 @@ NTSTATUS pdb_create_user(TALLOC_CTX *mem_ctx, const char *name, uint32 flags,
 			 uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->create_user(pdb, mem_ctx, name, flags, rid);
 }
 
@@ -472,10 +457,6 @@ NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
 	struct pdb_methods *pdb = pdb_get_methods();
 	uid_t uid = -1;
 
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	/* sanity check to make sure we don't delete root */
 
 	if ( !sid_to_uid( pdb_get_user_sid(sam_acct), &uid ) ) {
@@ -492,11 +473,6 @@ NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
 NTSTATUS pdb_add_sam_account(struct samu *sam_acct) 
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-	
 	return pdb->add_sam_account(pdb, sam_acct);
 }
 
@@ -504,10 +480,6 @@ NTSTATUS pdb_update_sam_account(struct samu *sam_acct)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	if (csamuser != NULL) {
 		TALLOC_FREE(csamuser);
 		csamuser = NULL;
@@ -520,10 +492,6 @@ NTSTATUS pdb_delete_sam_account(struct samu *sam_acct)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	if (csamuser != NULL) {
 		TALLOC_FREE(csamuser);
 		csamuser = NULL;
@@ -537,10 +505,6 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
 	struct pdb_methods *pdb = pdb_get_methods();
 	uid_t uid;
 
-	if ( !pdb ) {
-		return NT_STATUS_NOT_IMPLEMENTED;
-	}
-
 	if (csamuser != NULL) {
 		TALLOC_FREE(csamuser);
 		csamuser = NULL;
@@ -562,44 +526,24 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
 NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_NOT_IMPLEMENTED;
-	}
-
 	return pdb->update_login_attempts(pdb, sam_acct, success);
 }
 
 BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
 }
 
 BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid));
 }
 
 BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name));
 }
 
@@ -645,11 +589,6 @@ NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name,
 			      uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->create_dom_group(pdb, mem_ctx, name, rid);
 }
 
@@ -704,44 +643,24 @@ static NTSTATUS pdb_default_delete_dom_group(struct pdb_methods *methods,
 NTSTATUS pdb_delete_dom_group(TALLOC_CTX *mem_ctx, uint32 rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->delete_dom_group(pdb, mem_ctx, rid);
 }
 
 NTSTATUS pdb_add_group_mapping_entry(GROUP_MAP *map)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->add_group_mapping_entry(pdb, map);
 }
 
 NTSTATUS pdb_update_group_mapping_entry(GROUP_MAP *map)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->update_group_mapping_entry(pdb, map);
 }
 
 NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->delete_group_mapping_entry(pdb, sid);
 }
 
@@ -749,11 +668,6 @@ BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use,
 			    size_t *p_num_entries, BOOL unix_only)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid, sid_name_use,
 		pp_rmap, p_num_entries, unix_only));
 }
@@ -766,10 +680,6 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
 	struct pdb_methods *pdb = pdb_get_methods();
 	NTSTATUS result;
 
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	result = pdb->enum_group_members(pdb, mem_ctx, 
 			sid, pp_member_rids, p_num_members);
 		
@@ -796,11 +706,6 @@ NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, struct samu *user,
 				    size_t *p_num_groups)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->enum_group_memberships(
 		pdb, mem_ctx, user,
 		pp_sids, pp_gids, p_num_groups);
@@ -829,11 +734,6 @@ static NTSTATUS pdb_default_set_unix_primary_group(struct pdb_methods *methods,
 NTSTATUS pdb_set_unix_primary_group(TALLOC_CTX *mem_ctx, struct samu *user)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->set_unix_primary_group(pdb, mem_ctx, user);
 }
 
@@ -923,11 +823,6 @@ NTSTATUS pdb_add_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
 			  uint32 member_rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->add_groupmem(pdb, mem_ctx, group_rid, member_rid);
 }
 
@@ -990,44 +885,24 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
 			  uint32 member_rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
 }
 
 BOOL pdb_find_alias(const char *name, DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
 }
 
 NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_NOT_IMPLEMENTED;
-	}
-
 	return pdb->create_alias(pdb, name, rid);
 }
 
 BOOL pdb_delete_alias(const DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb->delete_alias(pdb, sid));
 							    
 }
@@ -1035,44 +910,24 @@ BOOL pdb_delete_alias(const DOM_SID *sid)
 BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb->get_aliasinfo(pdb, sid, info));
 }
 
 BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb->set_aliasinfo(pdb, sid, info));
 }
 
 NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->add_aliasmem(pdb, alias, member);
 }
 
 NTSTATUS pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
 	return pdb->del_aliasmem(pdb, alias, member);
 }
 
@@ -1080,13 +935,7 @@ NTSTATUS pdb_enum_aliasmem(const DOM_SID *alias,
 			   DOM_SID **pp_members, size_t *p_num_members)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
-	return pdb->enum_aliasmem(pdb, alias,
-					      pp_members, p_num_members);
+	return pdb->enum_aliasmem(pdb, alias, pp_members, p_num_members);
 }
 
 NTSTATUS pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx,
@@ -1096,11 +945,6 @@ NTSTATUS pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx,
 				    size_t *p_num_alias_rids)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_NOT_IMPLEMENTED;
-	}
-
 	return pdb->enum_alias_memberships(pdb, mem_ctx,
 						       domain_sid,
 						       members, num_members,
@@ -1115,11 +959,6 @@ NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid,
 			 uint32 *attrs)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_NOT_IMPLEMENTED;
-	}
-
 	return pdb->lookup_rids(pdb, domain_sid,
 					    num_rids, rids, names, attrs);
 }
@@ -1131,11 +970,6 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 			  uint32 *attrs)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return NT_STATUS_NOT_IMPLEMENTED;
-	}
-
 	return pdb->lookup_names(pdb, domain_sid,
 					     num_names, names, rids, attrs);
 }
@@ -1143,55 +977,30 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 BOOL pdb_get_account_policy(int policy_index, uint32 *value)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb->get_account_policy(pdb, policy_index, value));
 }
 
 BOOL pdb_set_account_policy(int policy_index, uint32 value)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb->set_account_policy(pdb, policy_index, value));
 }
 
 BOOL pdb_get_seq_num(time_t *seq_num)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return NT_STATUS_IS_OK(pdb->get_seq_num(pdb, seq_num));
 }
 
 BOOL pdb_uid_to_rid(uid_t uid, uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return pdb->uid_to_rid(pdb, uid, rid);
 }
 
 BOOL pdb_gid_to_sid(gid_t gid, DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return pdb->gid_to_sid(pdb, gid, sid);
 }
 
@@ -1199,22 +1008,12 @@ BOOL pdb_sid_to_id(const DOM_SID *sid, union unid_t *id,
 		   enum SID_NAME_USE *type)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return pdb->sid_to_id(pdb, sid, id, type);
 }
 
 BOOL pdb_rid_algorithm(void)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !pdb ) {
-		return False;
-	}
-
 	return pdb->rid_algorithm(pdb);
 }
 
@@ -1234,10 +1033,6 @@ BOOL pdb_new_rid(uint32 *rid)
 	int i;
 	TALLOC_CTX *ctx;
 
-	if ( !pdb ) {
-		return False;
-	}
-
 	if (pdb_rid_algorithm()) {
 		DEBUG(0, ("Trying to allocate a RID when algorithmic RIDs "
 			  "are active\n"));
@@ -2079,10 +1874,10 @@ struct pdb_search *pdb_search_users(uint32 acct_flags)
 	struct pdb_methods *pdb = pdb_get_methods();
 	struct pdb_search *result;
 
-	if (pdb == NULL) return NULL;
-
 	result = pdb_search_init(PDB_USER_SEARCH);
-	if (result == NULL) return NULL;
+	if (result == NULL) {
+		return NULL;
+	}
 
 	if (!pdb->search_users(pdb, result, acct_flags)) {
 		talloc_destroy(result->mem_ctx);
@@ -2096,10 +1891,10 @@ struct pdb_search *pdb_search_groups(void)
 	struct pdb_methods *pdb = pdb_get_methods();
 	struct pdb_search *result;
 
-	if (pdb == NULL) return NULL;
-
 	result = pdb_search_init(PDB_GROUP_SEARCH);
-	if (result == NULL) return NULL;
+	if (result == NULL) {
+		 return NULL;
+	}
 
 	if (!pdb->search_groups(pdb, result)) {
 		talloc_destroy(result->mem_ctx);
-- 
cgit 


From 684dd7f2cf7af20e700167356abc77ad2bc38729 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 20 Jun 2006 01:03:04 +0000
Subject: r16383: Klocwork #1086. No null deref. Jeremy. (This used to be
 commit 7b68a2acfc583d1559c02461cab13419185bcd74)

---
 source3/passdb/pdb_interface.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 94adebe232..5d70c2c122 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1470,6 +1470,11 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 
 		unbecome_root();		/* -----> EXIT BECOME_ROOT() */
 		*name = talloc_strdup(mem_ctx, pdb_get_username(sam_account));
+		if (!*name) {
+			TALLOC_FREE(sam_account);
+			return False;
+		}
+
 		*psid_name_use = SID_NAME_USER;
 
 		TALLOC_FREE(sam_account);
-- 
cgit 


From 6c94466d7b0976925e031f815e72c59612ebab43 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 28 Jun 2006 17:56:10 +0000
Subject: r16628: Fix bug #3880, reported by jason@ncac.gwu.edu by ensuring we
 return the correct enum for sid type, not a uint32. Jeremy. (This used to be
 commit 98a5e20ff4ceacda65dcc0ce5498ed4ffde520f8)

---
 source3/passdb/pdb_interface.c | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 5d70c2c122..a0310d0c71 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -956,22 +956,20 @@ NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid,
 			 int num_rids,
 			 uint32 *rids,
 			 const char **names,
-			 uint32 *attrs)
+			 enum SID_NAME_USE *attrs)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return pdb->lookup_rids(pdb, domain_sid,
-					    num_rids, rids, names, attrs);
+	return pdb->lookup_rids(pdb, domain_sid, num_rids, rids, names, attrs);
 }
 
 NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 			  int num_names,
 			  const char **names,
 			  uint32 *rids,
-			  uint32 *attrs)
+			  enum SID_NAME_USE *attrs)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return pdb->lookup_names(pdb, domain_sid,
-					     num_names, names, rids, attrs);
+	return pdb->lookup_names(pdb, domain_sid, num_names, names, rids, attrs);
 }
 
 BOOL pdb_get_account_policy(int policy_index, uint32 *value)
@@ -1533,7 +1531,7 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 				 int num_rids,
 				 uint32 *rids,
 				 const char **names,
-				 uint32 *attrs)
+				 enum SID_NAME_USE *attrs)
 {
 	int i;
 	NTSTATUS result;
@@ -1596,7 +1594,7 @@ NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
 				  int num_names,
 				  const char **names,
 				  uint32 *rids,
-				  uint32 *attrs)
+				  enum SID_NAME_USE *attrs)
 {
 	int i;
 	NTSTATUS result;
-- 
cgit 


From fbdcf2663b56007a438ac4f0d8d82436b1bfe688 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 11 Jul 2006 18:01:26 +0000
Subject: r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need to do the upper
 layer directories but this is what everyone is waiting for....

Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
---
 source3/passdb/pdb_interface.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index a0310d0c71..20aa72d24e 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -361,6 +361,15 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 		add_ret = smbrun(add_script,NULL);
 		DEBUG(add_ret ? 0 : 3, ("_samr_create_user: Running the command `%s' gave %d\n",
 					add_script, add_ret));
+
+#ifdef ENABLE_BUILD_FARM_HACKS
+		if (add_ret != 0) {
+			DEBUG(1, ("Creating a faked user %s for build farm "
+				  "purposes", name));
+			faked_create_user(name);
+		}
+#endif
+
 		flush_pwnam_cache();
 
 		pwd = Get_Pwnam_alloc(tmp_ctx, name);
@@ -1711,7 +1720,7 @@ struct user_search {
 static BOOL next_entry_users(struct pdb_search *s,
 			     struct samr_displayentry *entry)
 {
-	struct user_search *state = s->private_data;
+	struct user_search *state = (struct user_search *)s->private_data;
 	struct samu *user = NULL;
 
  next:
@@ -1786,7 +1795,7 @@ struct group_search {
 static BOOL next_entry_groups(struct pdb_search *s,
 			      struct samr_displayentry *entry)
 {
-	struct group_search *state = s->private_data;
+	struct group_search *state = (struct group_search *)s->private_data;
 	uint32 rid;
 	GROUP_MAP *map = &state->groups[state->current_group];
 
@@ -1804,7 +1813,8 @@ static BOOL next_entry_groups(struct pdb_search *s,
 
 static void search_end_groups(struct pdb_search *search)
 {
-	struct group_search *state = search->private_data;
+	struct group_search *state =
+		(struct group_search *)search->private_data;
 	SAFE_FREE(state->groups);
 }
 
-- 
cgit 


From 9f6fb43eeefb18578040a0f3b5af941460ec5ca9 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Wed, 19 Jul 2006 20:59:04 +0000
Subject: r17150: MMC User & group plugins fixes:

* Make sure to lower case all usernames before
  calling the create, delete, or rename hooks.
* Preserve case for usernames in passdb
* Flush the getpwnam cache after renaming a user
* Add become/unbecome root block in _samr_delete_dom_user()
  when trying to verify the account's existence.
(This used to be commit bbe11b7a950e7d85001f042bbd1ea3bf33ecda7b)
---
 source3/passdb/pdb_interface.c | 29 ++++++++++++++++++++++++++---
 1 file changed, 26 insertions(+), 3 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 20aa72d24e..7f2a8f25b3 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -344,6 +344,7 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 	if ( !(pwd = Get_Pwnam_alloc(tmp_ctx, name)) ) {
 		pstring add_script;
 		int add_ret;
+		fstring name2;
 
 		if ((acb_info & ACB_NORMAL) && name[strlen(name)-1] != '$') {
 			pstrcpy(add_script, lp_adduser_script());
@@ -357,7 +358,11 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 			return NT_STATUS_NO_SUCH_USER;
 		}
 
-		all_string_sub(add_script, "%u", name, sizeof(add_script));
+		/* lowercase the username before creating the Unix account for 
+		   compatibility with previous Samba releases */
+		fstrcpy( name2, name );
+		strlower_m( name2 );
+		all_string_sub(add_script, "%u", name2, sizeof(add_script));
 		add_ret = smbrun(add_script,NULL);
 		DEBUG(add_ret ? 0 : 3, ("_samr_create_user: Running the command `%s' gave %d\n",
 					add_script, add_ret));
@@ -392,6 +397,10 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 		return NT_STATUS_INTERNAL_ERROR;
 	}
 
+	/* Use the username case specified in the original request */
+
+	pdb_set_username( sam_pass, name, PDB_SET );
+
 	/* Disable the account on creation, it does not have a reasonable password yet. */
 
 	acb_info |= ACB_DISABLED;
@@ -444,6 +453,7 @@ static NTSTATUS pdb_default_delete_user(struct pdb_methods *methods,
 					struct samu *sam_acct)
 {
 	NTSTATUS status;
+	fstring username;
 
 	status = pdb_delete_sam_account(sam_acct);
 	if (!NT_STATUS_IS_OK(status)) {
@@ -456,7 +466,14 @@ static NTSTATUS pdb_default_delete_user(struct pdb_methods *methods,
 	 * not necessary present and maybe the sysadmin doesn't want to delete
 	 * the unix side
 	 */
-	smb_delete_user( pdb_get_username(sam_acct) );
+
+	/* always lower case the username before handing it off to 
+	   external scripts */
+
+	fstrcpy( username, pdb_get_username(sam_acct) );
+	strlower_m( username );
+
+	smb_delete_user( username );
 	
 	return status;
 }
@@ -513,6 +530,7 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	uid_t uid;
+	NTSTATUS status;
 
 	if (csamuser != NULL) {
 		TALLOC_FREE(csamuser);
@@ -529,7 +547,12 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
-	return pdb->rename_sam_account(pdb, oldname, newname);
+	status = pdb->rename_sam_account(pdb, oldname, newname);
+
+	/* always flush the cache here just to be safe */
+	flush_pwnam_cache();
+
+	return status;
 }
 
 NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
-- 
cgit 


From ff7c0a7c357ab8a0ff9de6d18988933e0b398780 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Tue, 8 Aug 2006 08:26:40 +0000
Subject: r17451: Change pdb_getgrsid not to take a DOM_SID but a const DOM_SID
 * as an argument.

Volker
(This used to be commit 873a5a1211d185fd50e7167d88cbc869f70dfd3f)
---
 source3/passdb/pdb_interface.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7f2a8f25b3..4e30f92acf 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -561,7 +561,7 @@ NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
 	return pdb->update_login_attempts(pdb, sam_acct, success);
 }
 
-BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
+BOOL pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
@@ -636,7 +636,7 @@ static NTSTATUS pdb_default_delete_dom_group(struct pdb_methods *methods,
 
 	sid_compose(&group_sid, get_global_sam_sid(), rid);
 
-	if (!get_domain_group_from_sid(group_sid, &map)) {
+	if (!get_domain_group_from_sid(&group_sid, &map)) {
 		DEBUG(10, ("Could not find group for rid %d\n", rid));
 		return NT_STATUS_NO_SUCH_GROUP;
 	}
@@ -812,7 +812,7 @@ static NTSTATUS pdb_default_add_groupmem(struct pdb_methods *methods,
 	sid_compose(&group_sid, get_global_sam_sid(), group_rid);
 	sid_compose(&member_sid, get_global_sam_sid(), member_rid);
 
-	if (!get_domain_group_from_sid(group_sid, &map) ||
+	if (!get_domain_group_from_sid(&group_sid, &map) ||
 	    (map.gid == (gid_t)-1) ||
 	    ((grp = getgrgid(map.gid)) == NULL)) {
 		return NT_STATUS_NO_SUCH_GROUP;
@@ -874,7 +874,7 @@ static NTSTATUS pdb_default_del_groupmem(struct pdb_methods *methods,
 	sid_compose(&group_sid, get_global_sam_sid(), group_rid);
 	sid_compose(&member_sid, get_global_sam_sid(), member_rid);
 
-	if (!get_domain_group_from_sid(group_sid, &map) ||
+	if (!get_domain_group_from_sid(&group_sid, &map) ||
 	    (map.gid == (gid_t)-1) ||
 	    ((grp = getgrgid(map.gid)) == NULL)) {
 		return NT_STATUS_NO_SUCH_GROUP;
@@ -1276,7 +1276,7 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
 	if (sid_peek_check_rid(&global_sid_Builtin, sid, &rid)) {
 		/* Here we only have aliases */
 		GROUP_MAP map;
-		if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, *sid))) {
+		if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, sid))) {
 			DEBUG(10, ("Could not find map for sid %s\n",
 				   sid_string_static(sid)));
 			goto done;
@@ -1522,7 +1522,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 	}
 	TALLOC_FREE(sam_account);
 	
-	ret = pdb_getgrsid(&map, sid);
+	ret = pdb_getgrsid(&map, &sid);
 	unbecome_root();
 	/* END BECOME_ROOT BLOCK */
   
-- 
cgit 


From e1e62d89999629d41cc2b66b12eb37ce190d5db0 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Tue, 8 Aug 2006 19:29:34 +0000
Subject: r17463: A bit of cleanup work:

Remove some unused code: pdb_find_alias is not used anymore, and nobody I
think has ever used the pdb_nop operations for group mapping. smbpasswd and
tdb use the default ones and ldap has its own.

Make the functions pdb_getgr* return NTSTATUS instead of BOOL. Nobody right
now really makes use of it, but it feels wrong to throw away information so
early.

Volker
(This used to be commit f9856f6490fe44fdba97ea86062237d8c74d4bdc)
---
 source3/passdb/pdb_interface.c | 21 +++++++--------------
 1 file changed, 7 insertions(+), 14 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 4e30f92acf..6a9d072fbb 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -561,22 +561,22 @@ NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
 	return pdb->update_login_attempts(pdb, sam_acct, success);
 }
 
-BOOL pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid)
+NTSTATUS pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
+	return pdb->getgrsid(pdb, map, sid);
 }
 
-BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
+NTSTATUS pdb_getgrgid(GROUP_MAP *map, gid_t gid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid));
+	return pdb->getgrgid(pdb, map, gid);
 }
 
-BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
+NTSTATUS pdb_getgrnam(GROUP_MAP *map, const char *name)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name));
+	return pdb->getgrnam(pdb, map, name);
 }
 
 static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
@@ -920,12 +920,6 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
 	return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
 }
 
-BOOL pdb_find_alias(const char *name, DOM_SID *sid)
-{
-	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
-}
-
 NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
@@ -1522,7 +1516,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 	}
 	TALLOC_FREE(sam_account);
 	
-	ret = pdb_getgrsid(&map, &sid);
+	ret = NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid));
 	unbecome_root();
 	/* END BECOME_ROOT BLOCK */
   
@@ -2032,7 +2026,6 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
 	(*methods)->set_unix_primary_group = pdb_default_set_unix_primary_group;
 	(*methods)->add_groupmem = pdb_default_add_groupmem;
 	(*methods)->del_groupmem = pdb_default_del_groupmem;
-	(*methods)->find_alias = pdb_default_find_alias;
 	(*methods)->create_alias = pdb_default_create_alias;
 	(*methods)->delete_alias = pdb_default_delete_alias;
 	(*methods)->get_aliasinfo = pdb_default_get_aliasinfo;
-- 
cgit 


From d802774e02ed4a68d61b9fa3b95164221dd50112 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Tue, 8 Aug 2006 20:50:35 +0000
Subject: r17465: Get rid of add_initial_entry. In the two places it was called
 in it seemed a bit pointless to me.

Volker
(This used to be commit 244b25ae49d3c635fc54498dbee29f5b649ea1fa)
---
 source3/passdb/pdb_interface.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 6a9d072fbb..8d287cf2ec 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -584,7 +584,7 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
 					     const char *name,
 					     uint32 *rid)
 {
-	DOM_SID group_sid;
+	GROUP_MAP map;
 	struct group *grp;
 
 	grp = getgrnam(name);
@@ -611,10 +611,12 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
 		}
 	}
 
-	sid_compose(&group_sid, get_global_sam_sid(), *rid);
-		
-	return add_initial_entry(grp->gr_gid, sid_string_static(&group_sid),
-				 SID_NAME_DOM_GRP, name, NULL);
+	map.gid = grp->gr_gid;
+	map.sid_name_use = SID_NAME_DOM_GRP;
+	sid_compose(&map.sid, get_global_sam_sid(), *rid);
+	fstrcpy(map.nt_name, name);
+	map.comment[0] = '\0';
+	return pdb_add_group_mapping_entry(&map);
 }
 
 NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name,
-- 
cgit 


From 76362d0d33892df39c0a370f1f64c8581daaf166 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Wed, 9 Aug 2006 15:25:26 +0000
Subject: r17468: To minimize the diff later on, pre-commit some changes
 independently: Change internal mapping.c functions to return NTSTATUS instead
 of BOOL.

Volker
(This used to be commit 4ebfc30a28a6f48613098176c5acdfdafbd2941a)
---
 source3/passdb/pdb_interface.c | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 8d287cf2ec..7bc78af36b 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -638,7 +638,7 @@ static NTSTATUS pdb_default_delete_dom_group(struct pdb_methods *methods,
 
 	sid_compose(&group_sid, get_global_sam_sid(), rid);
 
-	if (!get_domain_group_from_sid(&group_sid, &map)) {
+	if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map))) {
 		DEBUG(10, ("Could not find group for rid %d\n", rid));
 		return NT_STATUS_NO_SUCH_GROUP;
 	}
@@ -698,12 +698,14 @@ NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
 	return pdb->delete_group_mapping_entry(pdb, sid);
 }
 
-BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
-			    size_t *p_num_entries, BOOL unix_only)
+NTSTATUS pdb_enum_group_mapping(const DOM_SID *sid,
+				enum SID_NAME_USE sid_name_use,
+				GROUP_MAP **pp_rmap,
+				size_t *p_num_entries, BOOL unix_only)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid, sid_name_use,
-		pp_rmap, p_num_entries, unix_only));
+	return pdb->enum_group_mapping(pdb, sid, sid_name_use,
+				       pp_rmap, p_num_entries, unix_only);
 }
 
 NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
@@ -814,7 +816,7 @@ static NTSTATUS pdb_default_add_groupmem(struct pdb_methods *methods,
 	sid_compose(&group_sid, get_global_sam_sid(), group_rid);
 	sid_compose(&member_sid, get_global_sam_sid(), member_rid);
 
-	if (!get_domain_group_from_sid(&group_sid, &map) ||
+	if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)) ||
 	    (map.gid == (gid_t)-1) ||
 	    ((grp = getgrgid(map.gid)) == NULL)) {
 		return NT_STATUS_NO_SUCH_GROUP;
@@ -876,7 +878,7 @@ static NTSTATUS pdb_default_del_groupmem(struct pdb_methods *methods,
 	sid_compose(&group_sid, get_global_sam_sid(), group_rid);
 	sid_compose(&member_sid, get_global_sam_sid(), member_rid);
 
-	if (!get_domain_group_from_sid(&group_sid, &map) ||
+	if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)) ||
 	    (map.gid == (gid_t)-1) ||
 	    ((grp = getgrgid(map.gid)) == NULL)) {
 		return NT_STATUS_NO_SUCH_GROUP;
@@ -1848,8 +1850,9 @@ static BOOL pdb_search_grouptype(struct pdb_search *search,
 		return False;
 	}
 
-	if (!pdb_enum_group_mapping(sid, type, &state->groups, &state->num_groups,
-				    True)) {
+	if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(sid, type, &state->groups,
+						    &state->num_groups,
+						    True))) {
 		DEBUG(0, ("Could not enum groups\n"));
 		return False;
 	}
-- 
cgit 


From 03e3cd1d5a005ad5fd2bc97f9863abf675efd09f Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Tue, 15 Aug 2006 14:07:15 +0000
Subject: r17554: Cleanup (This used to be commit
 761cbd52f0cff6b864c506ec03c94039b6101ef9)

---
 source3/passdb/pdb_interface.c | 56 ++++++++++++++++++++++--------------------
 1 file changed, 29 insertions(+), 27 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7bc78af36b..7f2a8f25b3 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -561,22 +561,22 @@ NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
 	return pdb->update_login_attempts(pdb, sam_acct, success);
 }
 
-NTSTATUS pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid)
+BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return pdb->getgrsid(pdb, map, sid);
+	return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
 }
 
-NTSTATUS pdb_getgrgid(GROUP_MAP *map, gid_t gid)
+BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return pdb->getgrgid(pdb, map, gid);
+	return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid));
 }
 
-NTSTATUS pdb_getgrnam(GROUP_MAP *map, const char *name)
+BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return pdb->getgrnam(pdb, map, name);
+	return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name));
 }
 
 static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
@@ -584,7 +584,7 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
 					     const char *name,
 					     uint32 *rid)
 {
-	GROUP_MAP map;
+	DOM_SID group_sid;
 	struct group *grp;
 
 	grp = getgrnam(name);
@@ -611,12 +611,10 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
 		}
 	}
 
-	map.gid = grp->gr_gid;
-	map.sid_name_use = SID_NAME_DOM_GRP;
-	sid_compose(&map.sid, get_global_sam_sid(), *rid);
-	fstrcpy(map.nt_name, name);
-	map.comment[0] = '\0';
-	return pdb_add_group_mapping_entry(&map);
+	sid_compose(&group_sid, get_global_sam_sid(), *rid);
+		
+	return add_initial_entry(grp->gr_gid, sid_string_static(&group_sid),
+				 SID_NAME_DOM_GRP, name, NULL);
 }
 
 NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name,
@@ -638,7 +636,7 @@ static NTSTATUS pdb_default_delete_dom_group(struct pdb_methods *methods,
 
 	sid_compose(&group_sid, get_global_sam_sid(), rid);
 
-	if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map))) {
+	if (!get_domain_group_from_sid(group_sid, &map)) {
 		DEBUG(10, ("Could not find group for rid %d\n", rid));
 		return NT_STATUS_NO_SUCH_GROUP;
 	}
@@ -698,14 +696,12 @@ NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
 	return pdb->delete_group_mapping_entry(pdb, sid);
 }
 
-NTSTATUS pdb_enum_group_mapping(const DOM_SID *sid,
-				enum SID_NAME_USE sid_name_use,
-				GROUP_MAP **pp_rmap,
-				size_t *p_num_entries, BOOL unix_only)
+BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
+			    size_t *p_num_entries, BOOL unix_only)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return pdb->enum_group_mapping(pdb, sid, sid_name_use,
-				       pp_rmap, p_num_entries, unix_only);
+	return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid, sid_name_use,
+		pp_rmap, p_num_entries, unix_only));
 }
 
 NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
@@ -816,7 +812,7 @@ static NTSTATUS pdb_default_add_groupmem(struct pdb_methods *methods,
 	sid_compose(&group_sid, get_global_sam_sid(), group_rid);
 	sid_compose(&member_sid, get_global_sam_sid(), member_rid);
 
-	if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)) ||
+	if (!get_domain_group_from_sid(group_sid, &map) ||
 	    (map.gid == (gid_t)-1) ||
 	    ((grp = getgrgid(map.gid)) == NULL)) {
 		return NT_STATUS_NO_SUCH_GROUP;
@@ -878,7 +874,7 @@ static NTSTATUS pdb_default_del_groupmem(struct pdb_methods *methods,
 	sid_compose(&group_sid, get_global_sam_sid(), group_rid);
 	sid_compose(&member_sid, get_global_sam_sid(), member_rid);
 
-	if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)) ||
+	if (!get_domain_group_from_sid(group_sid, &map) ||
 	    (map.gid == (gid_t)-1) ||
 	    ((grp = getgrgid(map.gid)) == NULL)) {
 		return NT_STATUS_NO_SUCH_GROUP;
@@ -924,6 +920,12 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
 	return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
 }
 
+BOOL pdb_find_alias(const char *name, DOM_SID *sid)
+{
+	struct pdb_methods *pdb = pdb_get_methods();
+	return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
+}
+
 NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
@@ -1274,7 +1276,7 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
 	if (sid_peek_check_rid(&global_sid_Builtin, sid, &rid)) {
 		/* Here we only have aliases */
 		GROUP_MAP map;
-		if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, sid))) {
+		if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, *sid))) {
 			DEBUG(10, ("Could not find map for sid %s\n",
 				   sid_string_static(sid)));
 			goto done;
@@ -1520,7 +1522,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 	}
 	TALLOC_FREE(sam_account);
 	
-	ret = NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid));
+	ret = pdb_getgrsid(&map, sid);
 	unbecome_root();
 	/* END BECOME_ROOT BLOCK */
   
@@ -1850,9 +1852,8 @@ static BOOL pdb_search_grouptype(struct pdb_search *search,
 		return False;
 	}
 
-	if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(sid, type, &state->groups,
-						    &state->num_groups,
-						    True))) {
+	if (!pdb_enum_group_mapping(sid, type, &state->groups, &state->num_groups,
+				    True)) {
 		DEBUG(0, ("Could not enum groups\n"));
 		return False;
 	}
@@ -2031,6 +2032,7 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
 	(*methods)->set_unix_primary_group = pdb_default_set_unix_primary_group;
 	(*methods)->add_groupmem = pdb_default_add_groupmem;
 	(*methods)->del_groupmem = pdb_default_del_groupmem;
+	(*methods)->find_alias = pdb_default_find_alias;
 	(*methods)->create_alias = pdb_default_create_alias;
 	(*methods)->delete_alias = pdb_default_delete_alias;
 	(*methods)->get_aliasinfo = pdb_default_get_aliasinfo;
-- 
cgit 


From c9f9c6505091aa1bf469c06c779040689c0737f7 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Mon, 21 Aug 2006 20:04:01 +0000
Subject: r17669: Remove RID algorithm support from unmapped users and groups
 when using smbpasswd (This used to be commit
 dde552336c732ddd6076a6a32575a37cb51aa94c)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7f2a8f25b3..4baddb3a93 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -604,7 +604,7 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
 	}
 
 	if (pdb_rid_algorithm()) {
-		*rid = pdb_gid_to_group_rid( grp->gr_gid );
+		*rid = algorithmic_pdb_gid_to_group_rid( grp->gr_gid );
 	} else {
 		if (!pdb_new_rid(rid)) {
 			return NT_STATUS_ACCESS_DENIED;
-- 
cgit 


From b9142f20dfb59055e05fa52c5414fb7c1877c556 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Fri, 25 Aug 2006 14:25:06 +0000
Subject: r17831: Attempt to fix the build farm: 0x7fffffffffffffff needs
 special casing too I think. This broke 'make test' because the newly created
 user was set to be kicked off Mi, 22 Jan 1975 23:55:33 CET (unix time
 159663333) with the setuserinfo21 call.

I'm not 100% sure that 0x7ff... means max time as I do it here, I vaguely
remember it to mean "don't touch".

Does anybody know that for sure?

Jeremy, please check this.

Thanks,

Volker
(This used to be commit 872d1299ebffb7b7d696013fc676820f1fa1777c)
---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 4baddb3a93..a42f8325f6 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -370,7 +370,7 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 #ifdef ENABLE_BUILD_FARM_HACKS
 		if (add_ret != 0) {
 			DEBUG(1, ("Creating a faked user %s for build farm "
-				  "purposes", name));
+				  "purposes\n", name));
 			faked_create_user(name);
 		}
 #endif
-- 
cgit 


From 2b27c93a9a8471693d7dcb5fdbe8afe65b22ff66 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Fri, 8 Sep 2006 14:28:06 +0000
Subject: r18271: Big change:

* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
  gen_ndr/ndr_security.c in SAMBA_4_0

The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
(This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
---
 source3/passdb/pdb_interface.c | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index a42f8325f6..cc05d97468 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -46,7 +46,7 @@ static void lazy_initialize_passdb(void)
 
 static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 				  const char **name,
-				  enum SID_NAME_USE *psid_name_use,
+				  enum lsa_SidType *psid_name_use,
 				  union unid_t *unix_id);
 /*******************************************************************
  Clean up uninitialised passwords.  The only way to tell 
@@ -696,7 +696,7 @@ NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
 	return pdb->delete_group_mapping_entry(pdb, sid);
 }
 
-BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap,
+BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap,
 			    size_t *p_num_entries, BOOL unix_only)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
@@ -988,7 +988,7 @@ NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid,
 			 int num_rids,
 			 uint32 *rids,
 			 const char **names,
-			 enum SID_NAME_USE *attrs)
+			 enum lsa_SidType *attrs)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->lookup_rids(pdb, domain_sid, num_rids, rids, names, attrs);
@@ -998,7 +998,7 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 			  int num_names,
 			  const char **names,
 			  uint32 *rids,
-			  enum SID_NAME_USE *attrs)
+			  enum lsa_SidType *attrs)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->lookup_names(pdb, domain_sid, num_names, names, rids, attrs);
@@ -1035,7 +1035,7 @@ BOOL pdb_gid_to_sid(gid_t gid, DOM_SID *sid)
 }
 
 BOOL pdb_sid_to_id(const DOM_SID *sid, union unid_t *id,
-		   enum SID_NAME_USE *type)
+		   enum lsa_SidType *type)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->sid_to_id(pdb, sid, id, type);
@@ -1058,7 +1058,7 @@ BOOL pdb_new_rid(uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	const char *name = NULL;
-	enum SID_NAME_USE type;
+	enum lsa_SidType type;
 	uint32 allocated_rid = 0;
 	int i;
 	TALLOC_CTX *ctx;
@@ -1253,7 +1253,7 @@ static BOOL pdb_default_gid_to_sid(struct pdb_methods *methods, gid_t gid,
 
 static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
 				  const DOM_SID *sid,
-				  union unid_t *id, enum SID_NAME_USE *type)
+				  union unid_t *id, enum lsa_SidType *type)
 {
 	TALLOC_CTX *mem_ctx;
 	BOOL ret = False;
@@ -1471,7 +1471,7 @@ NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
 
 static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 				  const char **name,
-				  enum SID_NAME_USE *psid_name_use,
+				  enum lsa_SidType *psid_name_use,
 				  union unid_t *unix_id)
 {
 	struct samu *sam_account = NULL;
@@ -1563,7 +1563,7 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 				 int num_rids,
 				 uint32 *rids,
 				 const char **names,
-				 enum SID_NAME_USE *attrs)
+				 enum lsa_SidType *attrs)
 {
 	int i;
 	NTSTATUS result;
@@ -1626,7 +1626,7 @@ NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
 				  int num_names,
 				  const char **names,
 				  uint32 *rids,
-				  enum SID_NAME_USE *attrs)
+				  enum lsa_SidType *attrs)
 {
 	int i;
 	NTSTATUS result;
@@ -1842,7 +1842,7 @@ static void search_end_groups(struct pdb_search *search)
 }
 
 static BOOL pdb_search_grouptype(struct pdb_search *search,
-				 const DOM_SID *sid, enum SID_NAME_USE type)
+				 const DOM_SID *sid, enum lsa_SidType type)
 {
 	struct group_search *state;
 
-- 
cgit 


From a3e1f7e44d2d6a5ef801badc189b3dcf19dc72d9 Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Wed, 20 Sep 2006 00:15:50 +0000
Subject: r18703: Fix the annoying effect that happens when nscd is running:

We usually do not get the results from user/group script modifications
immediately. A lot of users do add nscd restart/refresh commands into
their scripts to workaround that while we could flush the nscd caches
directly using libnscd.

Guenther
(This used to be commit 7db6ce295afbedfada7b207ad56566d2195a0d21)
---
 source3/passdb/pdb_interface.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index cc05d97468..7252ea4c8c 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -366,6 +366,9 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 		add_ret = smbrun(add_script,NULL);
 		DEBUG(add_ret ? 0 : 3, ("_samr_create_user: Running the command `%s' gave %d\n",
 					add_script, add_ret));
+		if (add_ret == 0) {
+			smb_nscd_flush_user_cache();
+		}
 
 #ifdef ENABLE_BUILD_FARM_HACKS
 		if (add_ret != 0) {
@@ -443,6 +446,9 @@ static int smb_delete_user(const char *unix_user)
 	all_string_sub(del_script, "%u", unix_user, sizeof(del_script));
 	ret = smbrun(del_script,NULL);
 	flush_pwnam_cache();
+	if (ret == 0) {
+		smb_nscd_flush_user_cache();
+	}
 	DEBUG(ret ? 0 : 3,("smb_delete_user: Running the command `%s' gave %d\n",del_script,ret));
 
 	return ret;
-- 
cgit 


From dc1f0804dd8177d3c3a0b2db993855d5679e9565 Mon Sep 17 00:00:00 2001
From: Jim McDonough <jmcd@samba.org>
Date: Tue, 3 Oct 2006 17:14:18 +0000
Subject: r19058: Implement "user cannot change password", and complete "user
 must change password at next logon" code.  The "password last set time" of
 zero now means "user must change password", because that's how windows seems
 to use it.  The "can change" and "must change" times are now calculated based
 on the "last set" time and policies.

We use the "can change" field now to indicate that a user cannot change
a password by putting MAX_TIME_T in it (so long as "last set" time isn't
zero).  Based on this, we set the password-can-change bit in the
faked secdesc.
(This used to be commit 21abbeaee9b7f7cff1d34d048463c30cda44a2e3)
---
 source3/passdb/pdb_interface.c | 41 +----------------------------------------
 1 file changed, 1 insertion(+), 40 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7252ea4c8c..73f538214d 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -48,43 +48,6 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 				  const char **name,
 				  enum lsa_SidType *psid_name_use,
 				  union unid_t *unix_id);
-/*******************************************************************
- Clean up uninitialised passwords.  The only way to tell 
- that these values are not 'real' is that they do not
- have a valid last set time.  Instead, the value is fixed at 0. 
- Therefore we use that as the key for 'is this a valid password'.
- However, it is perfectly valid to have a 'default' last change
- time, such LDAP with a missing attribute would produce.
-********************************************************************/
-
-static void pdb_force_pw_initialization(struct samu *pass) 
-{
-	const uint8 *lm_pwd, *nt_pwd;
-	
-	/* only reset a password if the last set time has been 
-	   explicitly been set to zero.  A default last set time 
-	   is ignored */
-
-	if ( (pdb_get_init_flags(pass, PDB_PASSLASTSET) != PDB_DEFAULT) 
-		&& (pdb_get_pass_last_set_time(pass) == 0) ) 
-	{
-		
-		if (pdb_get_init_flags(pass, PDB_LMPASSWD) != PDB_DEFAULT) 
-		{
-			lm_pwd = pdb_get_lanman_passwd(pass);
-			if (lm_pwd) 
-				pdb_set_lanman_passwd(pass, NULL, PDB_CHANGED);
-		}
-		if (pdb_get_init_flags(pass, PDB_NTPASSWD) != PDB_DEFAULT) 
-		{
-			nt_pwd = pdb_get_nt_passwd(pass);
-			if (nt_pwd) 
-				pdb_set_nt_passwd(pass, NULL, PDB_CHANGED);
-		}
-	}
-
-	return;
-}
 
 NTSTATUS smb_register_passdb(int version, const char *name, pdb_init_function init) 
 {
@@ -250,7 +213,7 @@ BOOL pdb_getsampwent(struct samu *user)
 	if ( !NT_STATUS_IS_OK(pdb->getsampwent(pdb, user) ) ) {
 		return False;
 	}
-	pdb_force_pw_initialization( user );
+
 	return True;
 }
 
@@ -266,8 +229,6 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
 		TALLOC_FREE(csamuser);
 	}
 
-	pdb_force_pw_initialization( sam_acct );
-	
 	csamuser = samu_new( NULL );
 	if (!csamuser) {
 		return False;
-- 
cgit 


From 2145eff91d5b7e16ee486b410181f4b849a3fb9e Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Thu, 19 Oct 2006 22:34:58 +0000
Subject: r19419: BUG 4109: Patch from Timur Bakeyev.  Fix bug causing smbd to
 turn off winbindd and fail to disable the _NO_WINBIND environment. (This used
 to be commit a6366b40b3967853c20ca5399021108f09ffd505)

---
 source3/passdb/pdb_interface.c | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 73f538214d..607a8b91d3 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1295,27 +1295,25 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 	struct group *grp;
 	char **gr;
 	struct passwd *pwd;
-	char *winbindd_env;
+	BOOL winbind_env;
  
 	*pp_uids = NULL;
 	*p_num = 0;
 
 	/* We only look at our own sam, so don't care about imported stuff */
-
-	winbindd_env = getenv(WINBINDD_DONT_ENV);
+	winbind_env = winbind_env_set();
 	winbind_off();
 
 	if ((grp = getgrgid(gid)) == NULL) {
 		/* allow winbindd lookups, but only if they weren't already disabled */
-		if ( !(winbindd_env && strequal(winbindd_env, "1")) ) {
+		if (!winbind_env) {
 			winbind_on();
 		}
-
+		
 		return False;
 	}
 
 	/* Primary group members */
-
 	setpwent();
 	while ((pwd = getpwent()) != NULL) {
 		if (pwd->pw_gid == gid) {
@@ -1326,7 +1324,6 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 	endpwent();
 
 	/* Secondary group members */
-
 	for (gr = grp->gr_mem; (*gr != NULL) && ((*gr)[0] != '\0'); gr += 1) {
 		struct passwd *pw = getpwnam(*gr);
 
@@ -1336,11 +1333,10 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 	}
 
 	/* allow winbindd lookups, but only if they weren't already disabled */
-
-	if ( !(winbindd_env && strequal(winbindd_env, "1")) ) {
+	if (!winbind_env) {
 		winbind_on();
 	}
-
+	
 	return True;
 }
 
-- 
cgit 


From 63609fbb04d2ce620338b4b79e7c1abf39f08ef8 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Sat, 9 Dec 2006 02:58:18 +0000
Subject: r20090: Fix a class of bugs found by James Peach. Ensure we never mix
 malloc and talloc'ed contexts in the add_XX_to_array() and
 add_XX_to_array_unique() calls. Ensure that these calls always return False
 on out of memory, True otherwise and always check them. Ensure that the
 relevent parts of the conn struct and the nt_user_tokens are TALLOC_DESTROYED
 not SAFE_FREE'd. James - this should fix your crash bug in both branches.
 Jeremy. (This used to be commit 0ffca7559e07500bd09a64b775e230d448ce5c24)

---
 source3/passdb/pdb_interface.c | 30 ++++++++++++++++++------------
 1 file changed, 18 insertions(+), 12 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 607a8b91d3..b84b0bfaff 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1271,23 +1271,24 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
 	return ret;
 }
 
-static void add_uid_to_array_unique(TALLOC_CTX *mem_ctx,
+static BOOL add_uid_to_array_unique(TALLOC_CTX *mem_ctx,
 				    uid_t uid, uid_t **pp_uids, size_t *p_num)
 {
 	size_t i;
 
 	for (i=0; i<*p_num; i++) {
 		if ((*pp_uids)[i] == uid)
-			return;
+			return True;
 	}
 	
 	*pp_uids = TALLOC_REALLOC_ARRAY(mem_ctx, *pp_uids, uid_t, *p_num+1);
 
 	if (*pp_uids == NULL)
-		return;
+		return False;
 
 	(*pp_uids)[*p_num] = uid;
 	*p_num += 1;
+	return True;
 }
 
 static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size_t *p_num)
@@ -1296,6 +1297,7 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 	char **gr;
 	struct passwd *pwd;
 	BOOL winbind_env;
+	BOOL ret = False;
  
 	*pp_uids = NULL;
 	*p_num = 0;
@@ -1306,19 +1308,17 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 
 	if ((grp = getgrgid(gid)) == NULL) {
 		/* allow winbindd lookups, but only if they weren't already disabled */
-		if (!winbind_env) {
-			winbind_on();
-		}
-		
-		return False;
+		goto done;
 	}
 
 	/* Primary group members */
 	setpwent();
 	while ((pwd = getpwent()) != NULL) {
 		if (pwd->pw_gid == gid) {
-			add_uid_to_array_unique(mem_ctx, pwd->pw_uid,
-						pp_uids, p_num);
+			if (!add_uid_to_array_unique(mem_ctx, pwd->pw_uid,
+						pp_uids, p_num)) {
+				goto done;
+			}
 		}
 	}
 	endpwent();
@@ -1329,15 +1329,21 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 
 		if (pw == NULL)
 			continue;
-		add_uid_to_array_unique(mem_ctx, pw->pw_uid, pp_uids, p_num);
+		if (!add_uid_to_array_unique(mem_ctx, pw->pw_uid, pp_uids, p_num)) {
+			goto done;
+		}
 	}
 
+	ret = True;
+
+  done:
+
 	/* allow winbindd lookups, but only if they weren't already disabled */
 	if (!winbind_env) {
 		winbind_on();
 	}
 	
-	return True;
+	return ret;
 }
 
 NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
-- 
cgit 


From 4225f9a4bd5eece4d57820bbabb7b882610aa7cc Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Tue, 12 Dec 2006 14:52:13 +0000
Subject: r20116: Start merging in the work done to create the new idmap
 subsystem.

Simo.
(This used to be commit 50cd8bffeeed2cac755f75fc3d76fe41c451976b)
---
 source3/passdb/pdb_interface.c | 35 +++++++++++++++++++++++++++++------
 1 file changed, 29 insertions(+), 6 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index b84b0bfaff..478d1ac036 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -995,6 +995,12 @@ BOOL pdb_uid_to_rid(uid_t uid, uint32 *rid)
 	return pdb->uid_to_rid(pdb, uid, rid);
 }
 
+BOOL pdb_uid_to_sid(uid_t uid, DOM_SID *sid)
+{
+	struct pdb_methods *pdb = pdb_get_methods();
+	return pdb->uid_to_sid(pdb, uid, sid);
+}
+
 BOOL pdb_gid_to_sid(gid_t gid, DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
@@ -1161,8 +1167,8 @@ static NTSTATUS pdb_default_get_seq_num(struct pdb_methods *methods, time_t *seq
 	return NT_STATUS_OK;
 }
 
-static BOOL pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
-				   uint32 *rid)
+static BOOL pdb_default_uid_to_sid(struct pdb_methods *methods, uid_t uid,
+				   DOM_SID *sid)
 {
 	struct samu *sampw = NULL;
 	struct passwd *unix_pw;
@@ -1193,15 +1199,31 @@ static BOOL pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
 		return False;
 	}
 
-	ret = sid_peek_check_rid(get_global_sam_sid(),
-				 pdb_get_user_sid(sampw), rid);
+	sid_copy(sid, pdb_get_user_sid(sampw));
+
+	TALLOC_FREE(sampw);
+
+	return True;
+}
+
+static BOOL pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
+				   uint32 *rid)
+{
+	DOM_SID sid;
+	BOOL ret;
+
+	ret = pdb_default_uid_to_sid(methods, uid, &sid);
+	if (!ret) {
+		return ret;
+	}
+	
+	ret = sid_peek_check_rid(get_global_sam_sid(), &sid, rid);
 
 	if (!ret) {
 		DEBUG(1, ("Could not peek rid out of sid %s\n",
-			  sid_string_static(pdb_get_user_sid(sampw))));
+			  sid_string_static(&sid)));
 	}
 
-	TALLOC_FREE(sampw);
 	return ret;
 }
 
@@ -2015,6 +2037,7 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
 	(*methods)->set_account_policy = pdb_default_set_account_policy;
 	(*methods)->get_seq_num = pdb_default_get_seq_num;
 	(*methods)->uid_to_rid = pdb_default_uid_to_rid;
+	(*methods)->uid_to_sid = pdb_default_uid_to_sid;
 	(*methods)->gid_to_sid = pdb_default_gid_to_sid;
 	(*methods)->sid_to_id = pdb_default_sid_to_id;
 
-- 
cgit 


From dbea3a2b6fa317b6854eb2ba4a5ef5e1253c3180 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Fri, 12 Jan 2007 14:16:30 +0000
Subject: r20707: Clean up pdb_interface.c a bit -- patch from Michael Adam
 <ma@sernet.de> (This used to be commit
 d78c18a9fa494a2b3ef48db0abd987c740556e50)

---
 source3/passdb/pdb_interface.c | 61 ++++++++++++++++++++++++++----------------
 1 file changed, 38 insertions(+), 23 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 478d1ac036..f7990f2939 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -961,6 +961,18 @@ NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid,
 	return pdb->lookup_rids(pdb, domain_sid, num_rids, rids, names, attrs);
 }
 
+/* 
+ * NOTE: pdb_lookup_names is currently (2007-01-12) not used anywhere 
+ *       in the samba code.
+ *       Unlike _lsa_lookup_sids and _samr_lookup_rids, which eventually 
+ *       also ask pdb_lookup_rids, thus looking up a bunch of rids at a time, 
+ *       the pdb_ calls _lsa_lookup_names and _samr_lookup_names come
+ *       down to are pdb_getsampwnam and pdb_getgrnam instead of
+ *       pdb_lookup_names.
+ *       But in principle, it the call belongs to the API and might get
+ *       used in this context some day. 
+ */
+#if 0
 NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 			  int num_names,
 			  const char **names,
@@ -970,6 +982,7 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->lookup_names(pdb, domain_sid, num_names, names, rids, attrs);
 }
+#endif
 
 BOOL pdb_get_account_policy(int policy_index, uint32 *value)
 {
@@ -1368,11 +1381,11 @@ static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 	return ret;
 }
 
-NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
-					TALLOC_CTX *mem_ctx,
-					const DOM_SID *group,
-					uint32 **pp_member_rids,
-					size_t *p_num_members)
+static NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
+					       TALLOC_CTX *mem_ctx,
+					       const DOM_SID *group,
+					       uint32 **pp_member_rids,
+					       size_t *p_num_members)
 {
 	gid_t gid;
 	uid_t *uids;
@@ -1410,12 +1423,12 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods,
 	return NT_STATUS_OK;
 }
 
-NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
-					    TALLOC_CTX *mem_ctx,
-					    struct samu *user,
-					    DOM_SID **pp_sids,
-					    gid_t **pp_gids,
-					    size_t *p_num_groups)
+static NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
+						   TALLOC_CTX *mem_ctx,
+						   struct samu *user,
+						   DOM_SID **pp_sids,
+						   gid_t **pp_gids,
+						   size_t *p_num_groups)
 {
 	size_t i;
 	gid_t gid;
@@ -1549,12 +1562,12 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 	return False;
 }
 
-NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
-				 const DOM_SID *domain_sid,
-				 int num_rids,
-				 uint32 *rids,
-				 const char **names,
-				 enum lsa_SidType *attrs)
+static NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
+					const DOM_SID *domain_sid,
+					int num_rids,
+					uint32 *rids,
+					const char **names,
+					enum lsa_SidType *attrs)
 {
 	int i;
 	NTSTATUS result;
@@ -1612,12 +1625,13 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 	return result;
 }
 
-NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
-				  const DOM_SID *domain_sid,
-				  int num_names,
-				  const char **names,
-				  uint32 *rids,
-				  enum lsa_SidType *attrs)
+#if 0
+static NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
+					 const DOM_SID *domain_sid,
+					 int num_names,
+					 const char **names,
+					 uint32 *rids,
+					 enum lsa_SidType *attrs)
 {
 	int i;
 	NTSTATUS result;
@@ -1668,6 +1682,7 @@ NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
 
 	return result;
 }
+#endif
 
 static struct pdb_search *pdb_search_init(enum pdb_search_type type)
 {
-- 
cgit 


From b906886e9e9739877fef4c381c46a9a9d61859ba Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Tue, 16 Jan 2007 08:17:26 +0000
Subject: r20824: Send access to the trusted domain passwords through the pdb
 backend, so that in the next step we can store them in LDAP to be replicated
 across DCs.

Thanks to Michael Adam <ma@sernet.de>

Volker
(This used to be commit 3c879745cfc39be6128b63a88ecdbfa3d9ce6c2d)
---
 source3/passdb/pdb_interface.c | 76 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index f7990f2939..36536e5fea 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1996,6 +1996,77 @@ void pdb_search_destroy(struct pdb_search *search)
 	talloc_destroy(search->mem_ctx);
 }
 
+/*******************************************************************
+ trustodm methods
+ *******************************************************************/
+
+BOOL pdb_get_trusteddom_pw(const char *domain, char** pwd, DOM_SID *sid, 
+			   time_t *pass_last_set_time)
+{
+	struct pdb_methods *pdb = pdb_get_methods();
+	return pdb->get_trusteddom_pw(pdb, domain, pwd, sid, 
+			pass_last_set_time);
+}
+
+BOOL pdb_set_trusteddom_pw(const char* domain, const char* pwd,
+			   const DOM_SID *sid)
+{
+	struct pdb_methods *pdb = pdb_get_methods();
+	return pdb->set_trusteddom_pw(pdb, domain, pwd, sid);
+}
+
+BOOL pdb_del_trusteddom_pw(const char *domain)
+{
+	struct pdb_methods *pdb = pdb_get_methods();
+	return pdb->del_trusteddom_pw(pdb, domain);
+}
+
+NTSTATUS pdb_enum_trusteddoms(TALLOC_CTX *mem_ctx, uint32 *num_domains,
+			      struct trustdom_info ***domains)
+{
+	struct pdb_methods *pdb = pdb_get_methods();
+	return pdb->enum_trusteddoms(pdb, mem_ctx, num_domains, domains);
+}
+
+/*******************************************************************
+ the defaults for trustdom methods: 
+ these simply call the original passdb/secrets.c actions,
+ to be replaced by pdb_ldap.
+ *******************************************************************/
+
+static BOOL pdb_default_get_trusteddom_pw(struct pdb_methods *methods,
+					  const char *domain, 
+					  char** pwd, 
+					  DOM_SID *sid, 
+	        	 		  time_t *pass_last_set_time)
+{
+	return secrets_fetch_trusted_domain_password(domain, pwd,
+				sid, pass_last_set_time);
+
+}
+
+static BOOL pdb_default_set_trusteddom_pw(struct pdb_methods *methods, 
+					  const char* domain, 
+					  const char* pwd,
+	        	  		  const DOM_SID *sid)
+{
+	return secrets_store_trusted_domain_password(domain, pwd, sid);
+}
+
+static BOOL pdb_default_del_trusteddom_pw(struct pdb_methods *methods, 
+					  const char *domain)
+{
+	return trusted_domain_password_delete(domain);
+}
+
+static NTSTATUS pdb_default_enum_trusteddoms(struct pdb_methods *methods,
+					     TALLOC_CTX *mem_ctx, 
+					     uint32 *num_domains,
+					     struct trustdom_info ***domains)
+{
+	return secrets_trusted_domains(mem_ctx, num_domains, domains);
+}
+
 /*******************************************************************
  Create a pdb_methods structure and initialize it with the default
  operations.  In this way a passdb module can simply implement
@@ -2060,5 +2131,10 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
 	(*methods)->search_groups = pdb_default_search_groups;
 	(*methods)->search_aliases = pdb_default_search_aliases;
 
+	(*methods)->get_trusteddom_pw = pdb_default_get_trusteddom_pw;
+	(*methods)->set_trusteddom_pw = pdb_default_set_trusteddom_pw;
+	(*methods)->del_trusteddom_pw = pdb_default_del_trusteddom_pw;
+	(*methods)->enum_trusteddoms  = pdb_default_enum_trusteddoms;
+
 	return NT_STATUS_OK;
 }
-- 
cgit 


From 2b52e35770270959d5029fa84932d436652c7193 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Thu, 22 Feb 2007 20:52:27 +0000
Subject: r21507: Fix some "cannot access LDAP when no root" bugs. The two
 culprits were

* pdb_get_account_policy()
* pdb_get_group_sid()
(This used to be commit 6a69caf6907fad01b13aa4358ce5c62506f98495)
---
 source3/passdb/pdb_interface.c | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 36536e5fea..ce8b46eb0f 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -987,13 +987,25 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 BOOL pdb_get_account_policy(int policy_index, uint32 *value)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->get_account_policy(pdb, policy_index, value));
+	NTSTATUS status;
+	
+	become_root();
+	status = pdb->get_account_policy(pdb, policy_index, value);
+	unbecome_root();
+	
+	return NT_STATUS_IS_OK(status);	
 }
 
 BOOL pdb_set_account_policy(int policy_index, uint32 value)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->set_account_policy(pdb, policy_index, value));
+	NTSTATUS status;
+
+	become_root();
+	status = pdb->set_account_policy(pdb, policy_index, value);
+	unbecome_root();
+
+	return NT_STATUS_IS_OK(status);
 }
 
 BOOL pdb_get_seq_num(time_t *seq_num)
-- 
cgit 


From 0d91334fe799f6b50a8265f9dc097411c3a29e18 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sun, 11 Mar 2007 16:49:16 +0000
Subject: r21784: Replace smb_register_idle_event() with event_add_timed().
 This fixes winbind who did not run the idle events to drop ldap connections.

Volker
(This used to be commit af3308ce5a21220ff4c510de356dbaa6cf9ff997)
---
 source3/passdb/pdb_interface.c | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index ce8b46eb0f..976dfc1d08 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -94,6 +94,23 @@ struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
 	return NULL;
 }
 
+/*
+ * The event context for the passdb backend. I know this is a bad hack and yet
+ * another static variable, but our pdb API is a global thing per
+ * definition. The first use for this is the LDAP idle function, more might be
+ * added later.
+ *
+ * I don't feel too bad about this static variable, it replaces the
+ * smb_idle_event_list that used to exist in lib/module.c.  -- VL
+ */
+
+static struct event_context *pdb_event_ctx;
+
+struct event_context *pdb_get_event_context(void)
+{
+	return pdb_event_ctx;
+}
+
 /******************************************************************
   Make a pdb_methods from scratch
  *******************************************************************/
@@ -1116,8 +1133,9 @@ BOOL pdb_new_rid(uint32 *rid)
   If uninitialised, context will auto-init on first use.
  ***************************************************************/
 
-BOOL initialize_password_db(BOOL reload)
-{	
+BOOL initialize_password_db(BOOL reload, struct event_context *event_ctx)
+{
+	pdb_event_ctx = event_ctx;
 	return (pdb_get_methods_reload(reload) != NULL);
 }
 
-- 
cgit 


From b4f19aea18fd6406c56b00c1410ef842720ca4d2 Mon Sep 17 00:00:00 2001
From: James Peach <jpeach@samba.org>
Date: Tue, 20 Mar 2007 00:13:42 +0000
Subject: r21881: Make sure we are very specific when testing whether a backand
 can handle a particular SID. Make sure that the passdb backend will accept
 the same set range of local SIDs that the idmap system sends it.

Simo, Jerry - this is a 3_0_25 candidate. Can you please review?
(This used to be commit 86a70adb6a2d277f235857451bbee7d530d15310)
---
 source3/passdb/pdb_interface.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 976dfc1d08..e0b9086f9c 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1305,7 +1305,8 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
 		goto done;
 	}
 
-	if (sid_peek_check_rid(&global_sid_Builtin, sid, &rid)) {
+	if (sid_check_is_in_builtin(sid) ||
+	    sid_check_is_in_wellknown_domain(sid)) {
 		/* Here we only have aliases */
 		GROUP_MAP map;
 		if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, *sid))) {
-- 
cgit 


From 3bdd0e3650abf95dfb4ba133aa9f47f5f1088f8c Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Wed, 4 Apr 2007 02:57:01 +0000
Subject: r22066: Ensure that winbind can resolve SIDs in the S-1-22-{1,2}
 domain to a uid.gid using the idmap_passdb backend. (This used to be commit
 fc1aeee52d8cb6c8d5d306dbbec18127bd2674bc)

---
 source3/passdb/pdb_interface.c | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index e0b9086f9c..387e3fecde 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1305,6 +1305,26 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
 		goto done;
 	}
 
+	/* check for "Unix User" */
+
+	if ( sid_peek_check_rid(&global_sid_Unix_Users, sid, &rid) ) {
+		id->uid = rid;
+		*type = SID_NAME_USER;
+		ret = True;		
+		goto done;		
+	}
+	
+	/* check for "Unix User" */
+
+	if ( sid_peek_check_rid(&global_sid_Unix_Groups, sid, &rid) ) {
+		id->gid = rid;
+		*type = SID_NAME_ALIAS;
+		ret = True;		
+		goto done;		
+	}
+	
+	/* BUILTIN */
+
 	if (sid_check_is_in_builtin(sid) ||
 	    sid_check_is_in_wellknown_domain(sid)) {
 		/* Here we only have aliases */
@@ -1328,7 +1348,7 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
 		goto done;
 	}
 
-	DEBUG(5, ("Sid %s is neither ours nor builtin, don't know it\n",
+	DEBUG(5, ("Sid %s is neither ours, a Unix SID, nor builtin\n",
 		  sid_string_static(sid)));
 
  done:
-- 
cgit 


From 16ae8eff937c1344192a3afa84ff1eb14de5d46d Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Wed, 9 May 2007 11:39:55 +0000
Subject: r22766: Merge from 3_0:

r22412 | obnox | 2007-04-20 14:23:36 +0200 (Fr, 20 Apr 2007) | 5 lines

Add a "deletelocalgroup" subcommand to net sam.

Thanks to Karolin Seeger <ks@sernet.de>.
(This used to be commit fb6ac8a5b247a961963a9b6a95cd6608c5b53d09)
---
 source3/passdb/pdb_interface.c | 19 ++++++-------------
 1 file changed, 6 insertions(+), 13 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 387e3fecde..a46ebf5a94 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -904,35 +904,28 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
 	return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
 }
 
-BOOL pdb_find_alias(const char *name, DOM_SID *sid)
-{
-	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
-}
-
 NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->create_alias(pdb, name, rid);
 }
 
-BOOL pdb_delete_alias(const DOM_SID *sid)
+NTSTATUS pdb_delete_alias(const DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->delete_alias(pdb, sid));
-							    
+	return pdb->delete_alias(pdb, sid);
 }
 
-BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
+NTSTATUS pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->get_aliasinfo(pdb, sid, info));
+	return pdb->get_aliasinfo(pdb, sid, info);
 }
 
-BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
+NTSTATUS pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->set_aliasinfo(pdb, sid, info));
+	return pdb->set_aliasinfo(pdb, sid, info);
 }
 
 NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
-- 
cgit 


From a0f9db7a169886914b4e5323c61e127011a2d16b Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Wed, 9 May 2007 11:40:48 +0000
Subject: r22767: Argl. Typed in 'svn ci' in the wrong branch. Revert. (This
 used to be commit 2c5b951eba509e826a29775db992aca474476484)

---
 source3/passdb/pdb_interface.c | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index a46ebf5a94..387e3fecde 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -904,28 +904,35 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
 	return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
 }
 
+BOOL pdb_find_alias(const char *name, DOM_SID *sid)
+{
+	struct pdb_methods *pdb = pdb_get_methods();
+	return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
+}
+
 NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->create_alias(pdb, name, rid);
 }
 
-NTSTATUS pdb_delete_alias(const DOM_SID *sid)
+BOOL pdb_delete_alias(const DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return pdb->delete_alias(pdb, sid);
+	return NT_STATUS_IS_OK(pdb->delete_alias(pdb, sid));
+							    
 }
 
-NTSTATUS pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
+BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return pdb->get_aliasinfo(pdb, sid, info);
+	return NT_STATUS_IS_OK(pdb->get_aliasinfo(pdb, sid, info));
 }
 
-NTSTATUS pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
+BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return pdb->set_aliasinfo(pdb, sid, info);
+	return NT_STATUS_IS_OK(pdb->set_aliasinfo(pdb, sid, info));
 }
 
 NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
-- 
cgit 


From 9e30a76c04d0da0bc14f7a0605db7ad51e5cfcd9 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Fri, 11 May 2007 08:46:54 +0000
Subject: r22786: Some cleanup by Karolin Seeger: Remove unused pdb_find_alias,
 and change return values of some alias-releated pdb functions from BOOL to
 NTSTATUS

Thanks :-)
(This used to be commit 590d2164b3a33250410338771e160f6ebd1aa89d)
---
 source3/passdb/pdb_interface.c | 20 ++++++--------------
 1 file changed, 6 insertions(+), 14 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 387e3fecde..819e98b38b 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -904,35 +904,28 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
 	return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
 }
 
-BOOL pdb_find_alias(const char *name, DOM_SID *sid)
-{
-	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
-}
-
 NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->create_alias(pdb, name, rid);
 }
 
-BOOL pdb_delete_alias(const DOM_SID *sid)
+NTSTATUS pdb_delete_alias(const DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->delete_alias(pdb, sid));
-							    
+	return pdb->delete_alias(pdb, sid);
 }
 
-BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
+NTSTATUS pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->get_aliasinfo(pdb, sid, info));
+	return pdb->get_aliasinfo(pdb, sid, info);
 }
 
-BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
+NTSTATUS pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->set_aliasinfo(pdb, sid, info));
+	return pdb->set_aliasinfo(pdb, sid, info);
 }
 
 NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
@@ -2160,7 +2153,6 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
 	(*methods)->set_unix_primary_group = pdb_default_set_unix_primary_group;
 	(*methods)->add_groupmem = pdb_default_add_groupmem;
 	(*methods)->del_groupmem = pdb_default_del_groupmem;
-	(*methods)->find_alias = pdb_default_find_alias;
 	(*methods)->create_alias = pdb_default_create_alias;
 	(*methods)->delete_alias = pdb_default_delete_alias;
 	(*methods)->get_aliasinfo = pdb_default_get_aliasinfo;
-- 
cgit 


From 53719c6d7d155e6e61ee67341cbc058a3fa52295 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Mon, 21 May 2007 19:12:14 +0000
Subject: r23046: Few missing merges from cleaning out the Centeris winbindd
 tree. Nothing of major interest.  Will fix a few problems with one way
 trusts. (This used to be commit 3d48a7e72d9268fd495e0ca4b6e73bed5bb57214)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 819e98b38b..7f0555c991 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1307,7 +1307,7 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
 		goto done;		
 	}
 	
-	/* check for "Unix User" */
+	/* check for "Unix Group" */
 
 	if ( sid_peek_check_rid(&global_sid_Unix_Groups, sid, &rid) ) {
 		id->gid = rid;
-- 
cgit 


From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 9 Jul 2007 19:25:36 +0000
Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to
 be commit 407e6e695b8366369b7c76af1ff76869b45347b3)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 7f0555c991..832029b22f 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -8,7 +8,7 @@
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2 of the License, or
+   the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
 
    This program is distributed in the hope that it will be useful,
-- 
cgit 


From 5e54558c6dea67b56bbfaba5698f3a434d3dffb6 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Tue, 10 Jul 2007 00:52:41 +0000
Subject: r23784: use the GPLv3 boilerplate as recommended by the FSF and the
 license text (This used to be commit
 b0132e94fc5fef936aa766fb99a306b3628e9f07)

---
 source3/passdb/pdb_interface.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 832029b22f..16cd039572 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -17,8 +17,7 @@
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
 #include "includes.h"
-- 
cgit 


From 99b031e190f68d976aa44bfb867f13e929a296f3 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Fri, 28 Sep 2007 03:56:12 +0000
Subject: r25401: BUG 4982: Don't delete lanman hashes on invalid logins when
 using the "lanman auth = no".  Tested by Guenter Kukkukk. (This used to be
 commit 611fdd95a583ebd22ffa17e2f39c5a1bb0936c63)

---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 16cd039572..f038522eed 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1168,7 +1168,7 @@ static NTSTATUS pdb_default_rename_sam_account (struct pdb_methods *methods, str
 
 static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods, struct samu *newpwd, BOOL success)
 {
-	return NT_STATUS_OK;
+	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
 static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint32 acb_mask)
-- 
cgit 


From 30191d1a5704ad2b158386b511558972d539ce47 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Thu, 18 Oct 2007 17:40:25 -0700
Subject: RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in
 various places whilst doing this (places that assumed BOOL == int). I also
 need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to
 be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)

---
 source3/passdb/pdb_interface.c | 114 ++++++++++++++++++++---------------------
 1 file changed, 57 insertions(+), 57 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index f038522eed..0347ea8e56 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -35,7 +35,7 @@ static struct pdb_init_function_entry *backends = NULL;
 
 static void lazy_initialize_passdb(void)
 {
-	static BOOL initialized = False;
+	static bool initialized = False;
 	if(initialized) {
 		return;
 	}
@@ -43,7 +43,7 @@ static void lazy_initialize_passdb(void)
 	initialized = True;
 }
 
-static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
+static bool lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 				  const char **name,
 				  enum lsa_SidType *psid_name_use,
 				  union unid_t *unix_id);
@@ -175,7 +175,7 @@ NTSTATUS make_pdb_method_name(struct pdb_methods **methods, const char *selected
  Return an already initialised pdn_methods structure
 *******************************************************************/
 
-static struct pdb_methods *pdb_get_methods_reload( BOOL reload ) 
+static struct pdb_methods *pdb_get_methods_reload( bool reload ) 
 {
 	static struct pdb_methods *pdb = NULL;
 
@@ -210,7 +210,7 @@ static struct pdb_methods *pdb_get_methods(void)
  Backward compatibility functions for the original passdb interface
 *******************************************************************/
 
-BOOL pdb_setsampwent(BOOL update, uint16 acb_mask) 
+bool pdb_setsampwent(bool update, uint16 acb_mask) 
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return NT_STATUS_IS_OK(pdb->setsampwent(pdb, update, acb_mask));
@@ -222,7 +222,7 @@ void pdb_endsampwent(void)
 	pdb->endsampwent(pdb);
 }
 
-BOOL pdb_getsampwent(struct samu *user) 
+bool pdb_getsampwent(struct samu *user) 
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 
@@ -233,7 +233,7 @@ BOOL pdb_getsampwent(struct samu *user)
 	return True;
 }
 
-BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username) 
+bool pdb_getsampwnam(struct samu *sam_acct, const char *username) 
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 
@@ -261,7 +261,7 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
 /**********************************************************************
 **********************************************************************/
 
-BOOL guest_user_info( struct samu *user )
+bool guest_user_info( struct samu *user )
 {
 	struct passwd *pwd;
 	NTSTATUS result;
@@ -283,7 +283,7 @@ BOOL guest_user_info( struct samu *user )
 /**********************************************************************
 **********************************************************************/
 
-BOOL pdb_getsampwsid(struct samu *sam_acct, const DOM_SID *sid) 
+bool pdb_getsampwsid(struct samu *sam_acct, const DOM_SID *sid) 
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	uint32 rid;
@@ -538,25 +538,25 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
 	return status;
 }
 
-NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
+NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, bool success)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->update_login_attempts(pdb, sam_acct, success);
 }
 
-BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
+bool pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
 }
 
-BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
+bool pdb_getgrgid(GROUP_MAP *map, gid_t gid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid));
 }
 
-BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
+bool pdb_getgrnam(GROUP_MAP *map, const char *name)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name));
@@ -679,8 +679,8 @@ NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
 	return pdb->delete_group_mapping_entry(pdb, sid);
 }
 
-BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap,
-			    size_t *p_num_entries, BOOL unix_only)
+bool pdb_enum_group_mapping(const DOM_SID *sid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap,
+			    size_t *p_num_entries, bool unix_only)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid, sid_name_use,
@@ -758,7 +758,7 @@ NTSTATUS pdb_set_unix_primary_group(TALLOC_CTX *mem_ctx, struct samu *user)
  * fulfil.
  */
 
-static BOOL pdb_user_in_group(TALLOC_CTX *mem_ctx, struct samu *account,
+static bool pdb_user_in_group(TALLOC_CTX *mem_ctx, struct samu *account,
 			      const DOM_SID *group_sid)
 {
 	DOM_SID *sids;
@@ -993,7 +993,7 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 }
 #endif
 
-BOOL pdb_get_account_policy(int policy_index, uint32 *value)
+bool pdb_get_account_policy(int policy_index, uint32 *value)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	NTSTATUS status;
@@ -1005,7 +1005,7 @@ BOOL pdb_get_account_policy(int policy_index, uint32 *value)
 	return NT_STATUS_IS_OK(status);	
 }
 
-BOOL pdb_set_account_policy(int policy_index, uint32 value)
+bool pdb_set_account_policy(int policy_index, uint32 value)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	NTSTATUS status;
@@ -1017,38 +1017,38 @@ BOOL pdb_set_account_policy(int policy_index, uint32 value)
 	return NT_STATUS_IS_OK(status);
 }
 
-BOOL pdb_get_seq_num(time_t *seq_num)
+bool pdb_get_seq_num(time_t *seq_num)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return NT_STATUS_IS_OK(pdb->get_seq_num(pdb, seq_num));
 }
 
-BOOL pdb_uid_to_rid(uid_t uid, uint32 *rid)
+bool pdb_uid_to_rid(uid_t uid, uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->uid_to_rid(pdb, uid, rid);
 }
 
-BOOL pdb_uid_to_sid(uid_t uid, DOM_SID *sid)
+bool pdb_uid_to_sid(uid_t uid, DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->uid_to_sid(pdb, uid, sid);
 }
 
-BOOL pdb_gid_to_sid(gid_t gid, DOM_SID *sid)
+bool pdb_gid_to_sid(gid_t gid, DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->gid_to_sid(pdb, gid, sid);
 }
 
-BOOL pdb_sid_to_id(const DOM_SID *sid, union unid_t *id,
+bool pdb_sid_to_id(const DOM_SID *sid, union unid_t *id,
 		   enum lsa_SidType *type)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->sid_to_id(pdb, sid, id, type);
 }
 
-BOOL pdb_rid_algorithm(void)
+bool pdb_rid_algorithm(void)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->rid_algorithm(pdb);
@@ -1061,7 +1061,7 @@ BOOL pdb_rid_algorithm(void)
  with add RIDs (assigned from previous algorithmic mappings)
 ********************************************************************/
 
-BOOL pdb_new_rid(uint32 *rid)
+bool pdb_new_rid(uint32 *rid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	const char *name = NULL;
@@ -1125,7 +1125,7 @@ BOOL pdb_new_rid(uint32 *rid)
   If uninitialised, context will auto-init on first use.
  ***************************************************************/
 
-BOOL initialize_password_db(BOOL reload, struct event_context *event_ctx)
+bool initialize_password_db(bool reload, struct event_context *event_ctx)
 {
 	pdb_event_ctx = event_ctx;
 	return (pdb_get_methods_reload(reload) != NULL);
@@ -1166,12 +1166,12 @@ static NTSTATUS pdb_default_rename_sam_account (struct pdb_methods *methods, str
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods, struct samu *newpwd, BOOL success)
+static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods, struct samu *newpwd, bool success)
 {
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint32 acb_mask)
+static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, bool update, uint32 acb_mask)
 {
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -1202,12 +1202,12 @@ static NTSTATUS pdb_default_get_seq_num(struct pdb_methods *methods, time_t *seq
 	return NT_STATUS_OK;
 }
 
-static BOOL pdb_default_uid_to_sid(struct pdb_methods *methods, uid_t uid,
+static bool pdb_default_uid_to_sid(struct pdb_methods *methods, uid_t uid,
 				   DOM_SID *sid)
 {
 	struct samu *sampw = NULL;
 	struct passwd *unix_pw;
-	BOOL ret;
+	bool ret;
 	
 	unix_pw = sys_getpwuid( uid );
 
@@ -1241,11 +1241,11 @@ static BOOL pdb_default_uid_to_sid(struct pdb_methods *methods, uid_t uid,
 	return True;
 }
 
-static BOOL pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
+static bool pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
 				   uint32 *rid)
 {
 	DOM_SID sid;
-	BOOL ret;
+	bool ret;
 
 	ret = pdb_default_uid_to_sid(methods, uid, &sid);
 	if (!ret) {
@@ -1262,7 +1262,7 @@ static BOOL pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
 	return ret;
 }
 
-static BOOL pdb_default_gid_to_sid(struct pdb_methods *methods, gid_t gid,
+static bool pdb_default_gid_to_sid(struct pdb_methods *methods, gid_t gid,
 				   DOM_SID *sid)
 {
 	GROUP_MAP map;
@@ -1275,12 +1275,12 @@ static BOOL pdb_default_gid_to_sid(struct pdb_methods *methods, gid_t gid,
 	return True;
 }
 
-static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
+static bool pdb_default_sid_to_id(struct pdb_methods *methods,
 				  const DOM_SID *sid,
 				  union unid_t *id, enum lsa_SidType *type)
 {
 	TALLOC_CTX *mem_ctx;
-	BOOL ret = False;
+	bool ret = False;
 	const char *name;
 	uint32 rid;
 
@@ -1349,7 +1349,7 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods,
 	return ret;
 }
 
-static BOOL add_uid_to_array_unique(TALLOC_CTX *mem_ctx,
+static bool add_uid_to_array_unique(TALLOC_CTX *mem_ctx,
 				    uid_t uid, uid_t **pp_uids, size_t *p_num)
 {
 	size_t i;
@@ -1369,13 +1369,13 @@ static BOOL add_uid_to_array_unique(TALLOC_CTX *mem_ctx,
 	return True;
 }
 
-static BOOL get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size_t *p_num)
+static bool get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size_t *p_num)
 {
 	struct group *grp;
 	char **gr;
 	struct passwd *pwd;
-	BOOL winbind_env;
-	BOOL ret = False;
+	bool winbind_env;
+	bool ret = False;
  
 	*pp_uids = NULL;
 	*p_num = 0;
@@ -1516,14 +1516,14 @@ static NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
  Look up a rid in the SAM we're responsible for (i.e. passdb)
  ********************************************************************/
 
-static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
+static bool lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 				  const char **name,
 				  enum lsa_SidType *psid_name_use,
 				  union unid_t *unix_id)
 {
 	struct samu *sam_account = NULL;
 	GROUP_MAP map;
-	BOOL ret;
+	bool ret;
 	DOM_SID sid;
 
 	*psid_name_use = SID_NAME_UNKNOWN;
@@ -1614,8 +1614,8 @@ static NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
 {
 	int i;
 	NTSTATUS result;
-	BOOL have_mapped = False;
-	BOOL have_unmapped = False;
+	bool have_mapped = False;
+	bool have_unmapped = False;
 
 	if (sid_check_is_builtin(domain_sid)) {
 
@@ -1678,8 +1678,8 @@ static NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
 {
 	int i;
 	NTSTATUS result;
-	BOOL have_mapped = False;
-	BOOL have_unmapped = False;
+	bool have_mapped = False;
+	bool have_unmapped = False;
 
 	if (sid_check_is_builtin(domain_sid)) {
 
@@ -1784,12 +1784,12 @@ static void fill_displayentry(TALLOC_CTX *mem_ctx, uint32 rid,
 		entry->description = "";
 }
 
-static BOOL user_search_in_progress = False;
+static bool user_search_in_progress = False;
 struct user_search {
 	uint16 acct_flags;
 };
 
-static BOOL next_entry_users(struct pdb_search *s,
+static bool next_entry_users(struct pdb_search *s,
 			     struct samr_displayentry *entry)
 {
 	struct user_search *state = (struct user_search *)s->private_data;
@@ -1827,7 +1827,7 @@ static void search_end_users(struct pdb_search *search)
 	user_search_in_progress = False;
 }
 
-static BOOL pdb_default_search_users(struct pdb_methods *methods,
+static bool pdb_default_search_users(struct pdb_methods *methods,
 				     struct pdb_search *search,
 				     uint32 acct_flags)
 {
@@ -1864,7 +1864,7 @@ struct group_search {
 	size_t num_groups, current_group;
 };
 
-static BOOL next_entry_groups(struct pdb_search *s,
+static bool next_entry_groups(struct pdb_search *s,
 			      struct samr_displayentry *entry)
 {
 	struct group_search *state = (struct group_search *)s->private_data;
@@ -1890,7 +1890,7 @@ static void search_end_groups(struct pdb_search *search)
 	SAFE_FREE(state->groups);
 }
 
-static BOOL pdb_search_grouptype(struct pdb_search *search,
+static bool pdb_search_grouptype(struct pdb_search *search,
 				 const DOM_SID *sid, enum lsa_SidType type)
 {
 	struct group_search *state;
@@ -1914,13 +1914,13 @@ static BOOL pdb_search_grouptype(struct pdb_search *search,
 	return True;
 }
 
-static BOOL pdb_default_search_groups(struct pdb_methods *methods,
+static bool pdb_default_search_groups(struct pdb_methods *methods,
 				      struct pdb_search *search)
 {
 	return pdb_search_grouptype(search, get_global_sam_sid(), SID_NAME_DOM_GRP);
 }
 
-static BOOL pdb_default_search_aliases(struct pdb_methods *methods,
+static bool pdb_default_search_aliases(struct pdb_methods *methods,
 				       struct pdb_search *search,
 				       const DOM_SID *sid)
 {
@@ -2043,7 +2043,7 @@ void pdb_search_destroy(struct pdb_search *search)
  trustodm methods
  *******************************************************************/
 
-BOOL pdb_get_trusteddom_pw(const char *domain, char** pwd, DOM_SID *sid, 
+bool pdb_get_trusteddom_pw(const char *domain, char** pwd, DOM_SID *sid, 
 			   time_t *pass_last_set_time)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
@@ -2051,14 +2051,14 @@ BOOL pdb_get_trusteddom_pw(const char *domain, char** pwd, DOM_SID *sid,
 			pass_last_set_time);
 }
 
-BOOL pdb_set_trusteddom_pw(const char* domain, const char* pwd,
+bool pdb_set_trusteddom_pw(const char* domain, const char* pwd,
 			   const DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->set_trusteddom_pw(pdb, domain, pwd, sid);
 }
 
-BOOL pdb_del_trusteddom_pw(const char *domain)
+bool pdb_del_trusteddom_pw(const char *domain)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	return pdb->del_trusteddom_pw(pdb, domain);
@@ -2077,7 +2077,7 @@ NTSTATUS pdb_enum_trusteddoms(TALLOC_CTX *mem_ctx, uint32 *num_domains,
  to be replaced by pdb_ldap.
  *******************************************************************/
 
-static BOOL pdb_default_get_trusteddom_pw(struct pdb_methods *methods,
+static bool pdb_default_get_trusteddom_pw(struct pdb_methods *methods,
 					  const char *domain, 
 					  char** pwd, 
 					  DOM_SID *sid, 
@@ -2088,7 +2088,7 @@ static BOOL pdb_default_get_trusteddom_pw(struct pdb_methods *methods,
 
 }
 
-static BOOL pdb_default_set_trusteddom_pw(struct pdb_methods *methods, 
+static bool pdb_default_set_trusteddom_pw(struct pdb_methods *methods, 
 					  const char* domain, 
 					  const char* pwd,
 	        	  		  const DOM_SID *sid)
@@ -2096,7 +2096,7 @@ static BOOL pdb_default_set_trusteddom_pw(struct pdb_methods *methods,
 	return secrets_store_trusted_domain_password(domain, pwd, sid);
 }
 
-static BOOL pdb_default_del_trusteddom_pw(struct pdb_methods *methods, 
+static bool pdb_default_del_trusteddom_pw(struct pdb_methods *methods, 
 					  const char *domain)
 {
 	return trusted_domain_password_delete(domain);
-- 
cgit 


From fdc27be1be4cb82a3db97ba6f519f4ce78c3bf92 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 18 Oct 2007 17:13:01 +0200
Subject: remove faked_create_user() BUILD_FARM hack as we have nss_wrapper now

metze
(This used to be commit fc98c1904865608509a01911afa46de74873ef41)
---
 source3/passdb/pdb_interface.c | 8 --------
 1 file changed, 8 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 0347ea8e56..c55d325080 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -347,14 +347,6 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 			smb_nscd_flush_user_cache();
 		}
 
-#ifdef ENABLE_BUILD_FARM_HACKS
-		if (add_ret != 0) {
-			DEBUG(1, ("Creating a faked user %s for build farm "
-				  "purposes\n", name));
-			faked_create_user(name);
-		}
-#endif
-
 		flush_pwnam_cache();
 
 		pwd = Get_Pwnam_alloc(tmp_ctx, name);
-- 
cgit 


From 66298d808034bb606478ff66aa156bda4e7e3f2a Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 20 Nov 2007 17:18:16 -0800
Subject: More pstring elimination. Jeremy. (This used to be commit
 15074de938539e7a9c527d9a6d81792adc2ac3d0)

---
 source3/passdb/pdb_interface.c | 47 ++++++++++++++++++++++++++++--------------
 1 file changed, 32 insertions(+), 15 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index c55d325080..0159932e34 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -182,18 +182,20 @@ static struct pdb_methods *pdb_get_methods_reload( bool reload )
 	if ( pdb && reload ) {
 		pdb->free_private_data( &(pdb->private_data) );
 		if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
-			pstring msg;
-			slprintf(msg, sizeof(msg)-1, "pdb_get_methods_reload: failed to get pdb methods for backend %s\n",
-				lp_passdb_backend() );
+			char *msg = NULL;
+			asprintf(&msg, "pdb_get_methods_reload: "
+				"failed to get pdb methods for backend %s\n",
+				lp_passdb_backend());
 			smb_panic(msg);
 		}
 	}
 
 	if ( !pdb ) {
 		if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
-			pstring msg;
-			slprintf(msg, sizeof(msg)-1, "pdb_get_methods_reload: failed to get pdb methods for backend %s\n",
-				lp_passdb_backend() );
+			char *msg = NULL;
+			asprintf(&msg, "pdb_get_methods_reload: "
+				"failed to get pdb methods for backend %s\n",
+				lp_passdb_backend());
 			smb_panic(msg);
 		}
 	}
@@ -319,17 +321,19 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 	}
 
 	if ( !(pwd = Get_Pwnam_alloc(tmp_ctx, name)) ) {
-		pstring add_script;
+		char *add_script = NULL;
 		int add_ret;
 		fstring name2;
 
 		if ((acb_info & ACB_NORMAL) && name[strlen(name)-1] != '$') {
-			pstrcpy(add_script, lp_adduser_script());
+			add_script = talloc_strdup(tmp_ctx,
+					lp_adduser_script());
 		} else {
-			pstrcpy(add_script, lp_addmachine_script());
+			add_script = talloc_strdup(tmp_ctx,
+					lp_addmachine_script());
 		}
 
-		if (add_script[0] == '\0') {
+		if (!add_script || add_script[0] == '\0') {
 			DEBUG(3, ("Could not find user %s and no add script "
 				  "defined\n", name));
 			return NT_STATUS_NO_SUCH_USER;
@@ -339,7 +343,13 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
 		   compatibility with previous Samba releases */
 		fstrcpy( name2, name );
 		strlower_m( name2 );
-		all_string_sub(add_script, "%u", name2, sizeof(add_script));
+		add_script = talloc_all_string_sub(tmp_ctx,
+					add_script,
+					"%u",
+					name2);
+		if (!add_script) {
+			return NT_STATUS_NO_MEMORY;
+		}
 		add_ret = smbrun(add_script,NULL);
 		DEBUG(add_ret ? 0 : 3, ("_samr_create_user: Running the command `%s' gave %d\n",
 					add_script, add_ret));
@@ -399,7 +409,7 @@ NTSTATUS pdb_create_user(TALLOC_CTX *mem_ctx, const char *name, uint32 flags,
 
 static int smb_delete_user(const char *unix_user)
 {
-	pstring del_script;
+	char *del_script = NULL;
 	int ret;
 
 	/* safety check */
@@ -409,10 +419,17 @@ static int smb_delete_user(const char *unix_user)
 		return -1;
 	}
 
-	pstrcpy(del_script, lp_deluser_script());
-	if (! *del_script)
+	del_script = talloc_strdup(talloc_tos(), lp_deluser_script());
+	if (!del_script || !*del_script) {
+		return -1;
+	}
+	del_script = talloc_all_string_sub(talloc_tos(),
+				del_script,
+				"%u",
+				unix_user);
+	if (!del_script) {
 		return -1;
-	all_string_sub(del_script, "%u", unix_user, sizeof(del_script));
+	}
 	ret = smbrun(del_script,NULL);
 	flush_pwnam_cache();
 	if (ret == 0) {
-- 
cgit 


From 900288a2b86abd247f9eb4cd15dc5617a17cfef1 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Sat, 15 Dec 2007 21:11:36 +0100
Subject: Replace sid_string_static by sid_string_dbg in DEBUGs (This used to
 be commit bb35e794ec129805e874ceba882bcc1e84791a09)

---
 source3/passdb/pdb_interface.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 0159932e34..d455b7636c 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1265,7 +1265,7 @@ static bool pdb_default_uid_to_rid(struct pdb_methods *methods, uid_t uid,
 
 	if (!ret) {
 		DEBUG(1, ("Could not peek rid out of sid %s\n",
-			  sid_string_static(&sid)));
+			  sid_string_dbg(&sid)));
 	}
 
 	return ret;
@@ -1332,13 +1332,13 @@ static bool pdb_default_sid_to_id(struct pdb_methods *methods,
 		GROUP_MAP map;
 		if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, *sid))) {
 			DEBUG(10, ("Could not find map for sid %s\n",
-				   sid_string_static(sid)));
+				   sid_string_dbg(sid)));
 			goto done;
 		}
 		if ((map.sid_name_use != SID_NAME_ALIAS) &&
 		    (map.sid_name_use != SID_NAME_WKN_GRP)) {
 			DEBUG(10, ("Map for sid %s is a %s, expected an "
-				   "alias\n", sid_string_static(sid),
+				   "alias\n", sid_string_dbg(sid),
 				   sid_type_lookup(map.sid_name_use)));
 			goto done;
 		}
@@ -1350,7 +1350,7 @@ static bool pdb_default_sid_to_id(struct pdb_methods *methods,
 	}
 
 	DEBUG(5, ("Sid %s is neither ours, a Unix SID, nor builtin\n",
-		  sid_string_static(sid)));
+		  sid_string_dbg(sid)));
 
  done:
 
-- 
cgit 


From 14ef4cdec1ab6be55c97d0f32780cbddbcdde218 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Sat, 15 Dec 2007 22:00:39 +0100
Subject: Replace sid_string_static with sid_to_string

This adds 28 fstrings on the stack, but I think an fstring on the stack is
still far better than a static one.
(This used to be commit c7c885078be8fd3024c186044ac28275d7609679)
---
 source3/passdb/pdb_interface.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index d455b7636c..6a75732de7 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -578,6 +578,7 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
 {
 	DOM_SID group_sid;
 	struct group *grp;
+	fstring tmp;
 
 	grp = getgrnam(name);
 
@@ -605,7 +606,7 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
 
 	sid_compose(&group_sid, get_global_sam_sid(), *rid);
 		
-	return add_initial_entry(grp->gr_gid, sid_string_static(&group_sid),
+	return add_initial_entry(grp->gr_gid, sid_to_string(tmp, &group_sid),
 				 SID_NAME_DOM_GRP, name, NULL);
 }
 
-- 
cgit 


From 2e07c2ade89f4ff281c61f74cb88e09990cf5f46 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Sat, 15 Dec 2007 22:47:30 +0100
Subject: s/sid_to_string/sid_to_fstring/

least surprise for callers
(This used to be commit eb523ba77697346a365589101aac379febecd546)
---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 6a75732de7..ed6a91cb2b 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -606,7 +606,7 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
 
 	sid_compose(&group_sid, get_global_sam_sid(), *rid);
 		
-	return add_initial_entry(grp->gr_gid, sid_to_string(tmp, &group_sid),
+	return add_initial_entry(grp->gr_gid, sid_to_fstring(tmp, &group_sid),
 				 SID_NAME_DOM_GRP, name, NULL);
 }
 
-- 
cgit 


From e518e19bc0000019f131354f55e9f5b55f6a2c5e Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Wed, 19 Dec 2007 15:02:59 +0100
Subject: Remove Get_Pwnam and its associated static variable

All callers are replaced by Get_Pwnam_alloc
(This used to be commit 735f59315497113aebadcf9ad387e3dbfffa284a)
---
 source3/passdb/pdb_interface.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index ed6a91cb2b..198960550b 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1570,11 +1570,12 @@ static bool lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
 			return True;
 		}
 
-		pw = Get_Pwnam(*name);
+		pw = Get_Pwnam_alloc(talloc_tos(), *name);
 		if (pw == NULL) {
 			return False;
 		}
 		unix_id->uid = pw->pw_uid;
+		TALLOC_FREE(pw);
 		return True;
 	}
 	TALLOC_FREE(sam_account);
-- 
cgit 


From e70c97ef85b309d6e005c07e16a003725d21ffc8 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Wed, 26 Dec 2007 17:58:55 +0100
Subject: Remove the sampwent interface (This used to be commit
 9e80b969fb40766de2c9b1a05d16bf4d4c6e46f7)

---
 source3/passdb/pdb_interface.c | 123 +----------------------------------------
 1 file changed, 1 insertion(+), 122 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 198960550b..2102b579ec 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -208,33 +208,6 @@ static struct pdb_methods *pdb_get_methods(void)
 	return pdb_get_methods_reload(False);
 }
 
-/******************************************************************
- Backward compatibility functions for the original passdb interface
-*******************************************************************/
-
-bool pdb_setsampwent(bool update, uint16 acb_mask) 
-{
-	struct pdb_methods *pdb = pdb_get_methods();
-	return NT_STATUS_IS_OK(pdb->setsampwent(pdb, update, acb_mask));
-}
-
-void pdb_endsampwent(void) 
-{
-	struct pdb_methods *pdb = pdb_get_methods();
-	pdb->endsampwent(pdb);
-}
-
-bool pdb_getsampwent(struct samu *user) 
-{
-	struct pdb_methods *pdb = pdb_get_methods();
-
-	if ( !NT_STATUS_IS_OK(pdb->getsampwent(pdb, user) ) ) {
-		return False;
-	}
-
-	return True;
-}
-
 bool pdb_getsampwnam(struct samu *sam_acct, const char *username) 
 {
 	struct pdb_methods *pdb = pdb_get_methods();
@@ -1181,21 +1154,6 @@ static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods,
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, bool update, uint32 acb_mask)
-{
-	return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS pdb_default_getsampwent(struct pdb_methods *methods, struct samu *user)
-{
-	return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static void pdb_default_endsampwent(struct pdb_methods *methods)
-{
-	return; /* NT_STATUS_NOT_IMPLEMENTED; */
-}
-
 static NTSTATUS pdb_default_get_account_policy(struct pdb_methods *methods, int policy_index, uint32 *value)
 {
 	return account_policy_get(policy_index, value) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
@@ -1738,7 +1696,7 @@ static NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
 }
 #endif
 
-static struct pdb_search *pdb_search_init(enum pdb_search_type type)
+struct pdb_search *pdb_search_init(enum pdb_search_type type)
 {
 	TALLOC_CTX *mem_ctx;
 	struct pdb_search *result;
@@ -1795,81 +1753,6 @@ static void fill_displayentry(TALLOC_CTX *mem_ctx, uint32 rid,
 		entry->description = "";
 }
 
-static bool user_search_in_progress = False;
-struct user_search {
-	uint16 acct_flags;
-};
-
-static bool next_entry_users(struct pdb_search *s,
-			     struct samr_displayentry *entry)
-{
-	struct user_search *state = (struct user_search *)s->private_data;
-	struct samu *user = NULL;
-
- next:
-	if ( !(user = samu_new( NULL )) ) {
-		DEBUG(0, ("next_entry_users: samu_new() failed!\n"));
-		return False;
-	}
-
-	if (!pdb_getsampwent(user)) {
-		TALLOC_FREE(user);
-		return False;
-	}
-
- 	if ((state->acct_flags != 0) &&
-	    ((pdb_get_acct_ctrl(user) & state->acct_flags) == 0)) {
-		TALLOC_FREE(user);
-		goto next;
-	}
-
-	fill_displayentry(s->mem_ctx, pdb_get_user_rid(user),
-			  pdb_get_acct_ctrl(user), pdb_get_username(user),
-			  pdb_get_fullname(user), pdb_get_acct_desc(user),
-			  entry);
-
-	TALLOC_FREE(user);
-	return True;
-}
-
-static void search_end_users(struct pdb_search *search)
-{
-	pdb_endsampwent();
-	user_search_in_progress = False;
-}
-
-static bool pdb_default_search_users(struct pdb_methods *methods,
-				     struct pdb_search *search,
-				     uint32 acct_flags)
-{
-	struct user_search *state;
-
-	if (user_search_in_progress) {
-		DEBUG(1, ("user search in progress\n"));
-		return False;
-	}
-
-	if (!pdb_setsampwent(False, acct_flags)) {
-		DEBUG(5, ("Could not start search\n"));
-		return False;
-	}
-
-	user_search_in_progress = True;
-
-	state = TALLOC_P(search->mem_ctx, struct user_search);
-	if (state == NULL) {
-		DEBUG(0, ("talloc failed\n"));
-		return False;
-	}
-
-	state->acct_flags = acct_flags;
-
-	search->private_data = state;
-	search->next_entry = next_entry_users;
-	search->search_end = search_end_users;
-	return True;
-}
-
 struct group_search {
 	GROUP_MAP *groups;
 	size_t num_groups, current_group;
@@ -2136,9 +2019,6 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	(*methods)->setsampwent = pdb_default_setsampwent;
-	(*methods)->endsampwent = pdb_default_endsampwent;
-	(*methods)->getsampwent = pdb_default_getsampwent;
 	(*methods)->getsampwnam = pdb_default_getsampwnam;
 	(*methods)->getsampwsid = pdb_default_getsampwsid;
 	(*methods)->create_user = pdb_default_create_user;
@@ -2180,7 +2060,6 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
 	(*methods)->gid_to_sid = pdb_default_gid_to_sid;
 	(*methods)->sid_to_id = pdb_default_sid_to_id;
 
-	(*methods)->search_users = pdb_default_search_users;
 	(*methods)->search_groups = pdb_default_search_groups;
 	(*methods)->search_aliases = pdb_default_search_aliases;
 
-- 
cgit 


From 3c99b7773ef62d13a7e3611be0603a5807315d9d Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Fri, 28 Dec 2007 13:13:29 +0100
Subject: Convert csamuser to memcache (This used to be commit
 476d3abf9c6142d99822212141fc3d843aca4798)

---
 source3/passdb/pdb_interface.c | 53 +++++++++++++++++++++---------------------
 1 file changed, 26 insertions(+), 27 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 2102b579ec..0ab45bafc3 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -25,10 +25,6 @@
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
 
-/* Cache of latest SAM lookup query */
-
-static struct samu *csamuser = NULL;
-
 static_decl_pdb;
 
 static struct pdb_init_function_entry *backends = NULL;
@@ -211,25 +207,29 @@ static struct pdb_methods *pdb_get_methods(void)
 bool pdb_getsampwnam(struct samu *sam_acct, const char *username) 
 {
 	struct pdb_methods *pdb = pdb_get_methods();
+	struct samu *cache_copy;
+	const struct dom_sid *user_sid;
 
 	if (!NT_STATUS_IS_OK(pdb->getsampwnam(pdb, sam_acct, username))) {
 		return False;
 	}
 
-	if ( csamuser ) {
-		TALLOC_FREE(csamuser);
-	}
-
-	csamuser = samu_new( NULL );
-	if (!csamuser) {
+	cache_copy = samu_new(NULL);
+	if (cache_copy == NULL) {
 		return False;
 	}
 
-	if (!pdb_copy_sam_account(csamuser, sam_acct)) {
-		TALLOC_FREE(csamuser);
+	if (!pdb_copy_sam_account(cache_copy, sam_acct)) {
+		TALLOC_FREE(cache_copy);
 		return False;
 	}
 
+	user_sid = pdb_get_user_sid(cache_copy);
+
+	memcache_add_talloc(NULL, PDB_GETPWSID_CACHE,
+			    data_blob_const(user_sid, sizeof(*user_sid)),
+			    cache_copy);
+
 	return True;
 }
 
@@ -262,6 +262,7 @@ bool pdb_getsampwsid(struct samu *sam_acct, const DOM_SID *sid)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	uint32 rid;
+	void *cache_data;
 
 	/* hard code the Guest RID of 501 */
 
@@ -274,9 +275,16 @@ bool pdb_getsampwsid(struct samu *sam_acct, const DOM_SID *sid)
 	}
 	
 	/* check the cache first */
-	
-	if ( csamuser && sid_equal(sid, pdb_get_user_sid(csamuser) ) )
-		return pdb_copy_sam_account(sam_acct, csamuser);
+
+	cache_data = memcache_lookup_talloc(
+		NULL, PDB_GETPWSID_CACHE, data_blob_const(sid, sizeof(*sid)));
+
+	if (cache_data != NULL) {
+		struct samu *cache_copy = talloc_get_type_abort(
+			cache_data, struct samu);
+
+		return pdb_copy_sam_account(sam_acct, cache_copy);
+	}
 
 	return NT_STATUS_IS_OK(pdb->getsampwsid(pdb, sam_acct, sid));
 }
@@ -471,10 +479,7 @@ NTSTATUS pdb_update_sam_account(struct samu *sam_acct)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 
-	if (csamuser != NULL) {
-		TALLOC_FREE(csamuser);
-		csamuser = NULL;
-	}
+	memcache_flush(NULL, PDB_GETPWSID_CACHE);
 
 	return pdb->update_sam_account(pdb, sam_acct);
 }
@@ -483,10 +488,7 @@ NTSTATUS pdb_delete_sam_account(struct samu *sam_acct)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 
-	if (csamuser != NULL) {
-		TALLOC_FREE(csamuser);
-		csamuser = NULL;
-	}
+	memcache_flush(NULL, PDB_GETPWSID_CACHE);
 
 	return pdb->delete_sam_account(pdb, sam_acct);
 }
@@ -497,10 +499,7 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
 	uid_t uid;
 	NTSTATUS status;
 
-	if (csamuser != NULL) {
-		TALLOC_FREE(csamuser);
-		csamuser = NULL;
-	}
+	memcache_flush(NULL, PDB_GETPWSID_CACHE);
 
 	/* sanity check to make sure we don't rename root */
 
-- 
cgit 


From 932ec38a87f63cf724f3127480bb8b2b9930d68b Mon Sep 17 00:00:00 2001
From: Karolin Seeger <kseeger@samba.org>
Date: Fri, 8 Feb 2008 09:52:05 +0100
Subject: Fix typo.

Karolin
(This used to be commit 53b83bb53ff02878748fada589fd2faf3520d260)
---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 0ab45bafc3..fbba8bcaee 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -168,7 +168,7 @@ NTSTATUS make_pdb_method_name(struct pdb_methods **methods, const char *selected
 }
 
 /******************************************************************
- Return an already initialised pdn_methods structure
+ Return an already initialized pdb_methods structure
 *******************************************************************/
 
 static struct pdb_methods *pdb_get_methods_reload( bool reload ) 
-- 
cgit 


From cedfcaec0c36b58a88eaaa60283a807e0a8a71fc Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 11 Feb 2008 18:35:58 +0100
Subject: nsswitch: convert winbind_env_set(), winbind_on() and winbind_off()
 into macros

metze
(This used to be commit 5f623f54a919cc687d0ff16c16038c05a501008d)
---
 source3/passdb/pdb_interface.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index fbba8bcaee..cd34c89bfc 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1349,7 +1349,7 @@ static bool get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 
 	/* We only look at our own sam, so don't care about imported stuff */
 	winbind_env = winbind_env_set();
-	winbind_off();
+	(void)winbind_off();
 
 	if ((grp = getgrgid(gid)) == NULL) {
 		/* allow winbindd lookups, but only if they weren't already disabled */
@@ -1385,7 +1385,7 @@ static bool get_memberuids(TALLOC_CTX *mem_ctx, gid_t gid, uid_t **pp_uids, size
 
 	/* allow winbindd lookups, but only if they weren't already disabled */
 	if (!winbind_env) {
-		winbind_on();
+		(void)winbind_on();
 	}
 	
 	return ret;
-- 
cgit 


From 669afbc291233e83d21ef7e2e176afee934a4463 Mon Sep 17 00:00:00 2001
From: Karolin Seeger <kseeger@samba.org>
Date: Tue, 29 Jul 2008 12:05:40 +0200
Subject: pdb_interface: Fix typo in debug message.

Karolin
(This used to be commit e04da654c0db6b0fb2e2ce9754e5eba80751c14c)
---
 source3/passdb/pdb_interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source3/passdb/pdb_interface.c')

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index cd34c89bfc..2a1024cc56 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -130,7 +130,7 @@ NTSTATUS make_pdb_method_name(struct pdb_methods **methods, const char *selected
 	trim_char(module_name, ' ', ' ');
 
 
-	DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
+	DEBUG(5,("Attempting to find a passdb backend to match %s (%s)\n", selected, module_name));
 
 	entry = pdb_find_backend_entry(module_name);
 	
-- 
cgit