From 2b2b0f7119fe043f61259579ce70e782f5f9ec5f Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 28 Aug 2002 04:54:43 +0000 Subject: Put in intermediate version of new SAM system. It's not stable yet, code might be ugly, etc - please don't blame me for anything but instead try to fix the code :-). Compiling of the new sam system can be enabled with the configure option --with-sam Removing passdb/passgrp.c as it's unused fix typo in utils/testparm.c (This used to be commit 4b7de5ee236c043e6169f137992baf09a95c6f2c) --- source3/sam/account.c | 301 +++++++++++++ source3/sam/get_set_domain.c | 263 +++++++++++ source3/sam/get_set_group.c | 123 ++++++ source3/sam/get_set_user.c | 903 +++++++++++++++++++++++++++++++++++++ source3/sam/interface.c | 1001 ++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 2591 insertions(+) create mode 100644 source3/sam/account.c create mode 100644 source3/sam/get_set_domain.c create mode 100644 source3/sam/get_set_group.c create mode 100644 source3/sam/get_set_user.c create mode 100644 source3/sam/interface.c (limited to 'source3/sam') diff --git a/source3/sam/account.c b/source3/sam/account.c new file mode 100644 index 0000000000..1fec9966f6 --- /dev/null +++ b/source3/sam/account.c @@ -0,0 +1,301 @@ +/* + Unix SMB/CIFS implementation. + Password and authentication handling + Copyright (C) Jeremy Allison 1996-2001 + Copyright (C) Luke Kenneth Casson Leighton 1996-1998 + Copyright (C) Gerald (Jerry) Carter 2000-2001 + Copyright (C) Andrew Bartlett 2001-2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_PASSDB + +/************************************************************ + Fill the SAM_USER_HANDLE with default values. + ***********************************************************/ + +static void sam_fill_default_user(SAM_USER_HANDLE *user) +{ + ZERO_STRUCT(user->private); /* Don't touch the talloc context */ + + /* Don't change these timestamp settings without a good reason. + They are important for NT member server compatibility. */ + + user->private.init_flag = FLAG_SAM_UNINIT; + + /* FIXME: We should actually call get_nt_time_max() or sthng + * here */ + unix_to_nt_time(&(user->private.logoff_time),get_time_t_max()); + unix_to_nt_time(&(user->private.kickoff_time),get_time_t_max()); + unix_to_nt_time(&(user->private.pass_must_change_time),get_time_t_max()); + user->private.unknown_1 = 0x00ffffff; /* don't know */ + user->private.logon_divs = 168; /* hours per week */ + user->private.hours_len = 21; /* 21 times 8 bits = 168 */ + memset(user->private.hours, 0xff, user->private.hours_len); /* available at all hours */ + user->private.unknown_2 = 0x00000000; /* don't know */ + user->private.unknown_3 = 0x000004ec; /* don't know */ +} + +static void destroy_sam_talloc(SAM_USER_HANDLE **user) +{ + if (*user) { + talloc_destroy((*user)->mem_ctx); + *user = NULL; + } +} + + +/********************************************************************** + Alloc memory and initialises a SAM_USER_HANDLE on supplied mem_ctx. +***********************************************************************/ + +NTSTATUS sam_init_user_talloc(TALLOC_CTX *mem_ctx, SAM_USER_HANDLE **user) +{ + SMB_ASSERT(*user != NULL); + + if (!mem_ctx) { + DEBUG(0,("sam_init_user_talloc: mem_ctx was NULL!\n")); + return NT_STATUS_UNSUCCESSFUL; + } + + *user=(SAM_USER_HANDLE *)talloc(mem_ctx, sizeof(SAM_USER_HANDLE)); + + if (*user==NULL) { + DEBUG(0,("sam_init_user_talloc: error while allocating memory\n")); + return NT_STATUS_NO_MEMORY; + } + + (*user)->mem_ctx = mem_ctx; + + (*user)->free_fn = NULL; + + sam_fill_default_user(*user); + + return NT_STATUS_OK; +} + + +/************************************************************* + Alloc memory and initialises a struct sam_passwd. + ************************************************************/ + +NTSTATUS sam_init_user(SAM_USER_HANDLE **user) +{ + TALLOC_CTX *mem_ctx; + NTSTATUS nt_status; + + mem_ctx = talloc_init_named("passdb internal SAM_USER_HANDLE allocation"); + + if (!mem_ctx) { + DEBUG(0,("sam_init_user: error while doing talloc_init()\n")); + return NT_STATUS_NO_MEMORY; + } + + if (!NT_STATUS_IS_OK(nt_status = sam_init_user_talloc(mem_ctx, user))) { + talloc_destroy(mem_ctx); + return nt_status; + } + + (*user)->free_fn = destroy_sam_talloc; + + return NT_STATUS_OK; +} + +/** + * Free the contets of the SAM_USER_HANDLE, but not the structure. + * + * Also wipes the LM and NT hashes and plaintext passwrod from + * memory. + * + * @param user SAM_USER_HANDLE to free members of. + **/ + +static void sam_free_user_contents(SAM_USER_HANDLE *user) +{ + + /* Kill off sensitive data. Free()ed by the + talloc mechinism */ + + data_blob_clear_free(&(user->private.lm_pw)); + data_blob_clear_free(&(user->private.nt_pw)); + data_blob_clear_free(&(user->private.plaintext_pw)); +} + + +/************************************************************ + Reset the SAM_USER_HANDLE and free the NT/LM hashes. + ***********************************************************/ + +NTSTATUS sam_reset_sam(SAM_USER_HANDLE *user) +{ + SMB_ASSERT(user != NULL); + + sam_free_user_contents(user); + + sam_fill_default_user(user); + + return NT_STATUS_OK; +} + + +/************************************************************ + Free the SAM_USER_HANDLE and the member pointers. + ***********************************************************/ + +NTSTATUS sam_free_user(SAM_USER_HANDLE **user) +{ + SMB_ASSERT(*user != NULL); + + sam_free_user_contents(*user); + + if ((*user)->free_fn) { + (*user)->free_fn(user); + } + + return NT_STATUS_OK; +} + + +/********************************************************** + Encode the account control bits into a string. + length = length of string to encode into (including terminating + null). length *MUST BE MORE THAN 2* ! + **********************************************************/ + +char *sam_encode_acct_ctrl(uint16 acct_ctrl, size_t length) +{ + static fstring acct_str; + size_t i = 0; + + acct_str[i++] = '['; + + if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N'; + if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D'; + if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H'; + if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T'; + if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U'; + if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M'; + if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W'; + if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S'; + if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L'; + if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X'; + if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I'; + + for ( ; i < length - 2 ; i++ ) + acct_str[i] = ' '; + + i = length - 2; + acct_str[i++] = ']'; + acct_str[i++] = '\0'; + + return acct_str; +} + +/********************************************************** + Decode the account control bits from a string. + **********************************************************/ + +uint16 sam_decode_acct_ctrl(const char *p) +{ + uint16 acct_ctrl = 0; + BOOL finished = False; + + /* + * Check if the account type bits have been encoded after the + * NT password (in the form [NDHTUWSLXI]). + */ + + if (*p != '[') + return 0; + + for (p++; *p && !finished; p++) { + switch (*p) { + case 'N': { acct_ctrl |= ACB_PWNOTREQ ; break; /* 'N'o password. */ } + case 'D': { acct_ctrl |= ACB_DISABLED ; break; /* 'D'isabled. */ } + case 'H': { acct_ctrl |= ACB_HOMDIRREQ; break; /* 'H'omedir required. */ } + case 'T': { acct_ctrl |= ACB_TEMPDUP ; break; /* 'T'emp account. */ } + case 'U': { acct_ctrl |= ACB_NORMAL ; break; /* 'U'ser account (normal). */ } + case 'M': { acct_ctrl |= ACB_MNS ; break; /* 'M'NS logon user account. What is this ? */ } + case 'W': { acct_ctrl |= ACB_WSTRUST ; break; /* 'W'orkstation account. */ } + case 'S': { acct_ctrl |= ACB_SVRTRUST ; break; /* 'S'erver account. */ } + case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ } + case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ } + case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ } + case ' ': { break; } + case ':': + case '\n': + case '\0': + case ']': + default: { finished = True; } + } + } + + return acct_ctrl; +} + +/************************************************************* + Routine to set 32 hex password characters from a 16 byte array. +**************************************************************/ + +void sam_sethexpwd(char *p, const unsigned char *pwd, uint16 acct_ctrl) +{ + if (pwd != NULL) { + int i; + for (i = 0; i < 16; i++) + slprintf(&p[i*2], 3, "%02X", pwd[i]); + } else { + if (acct_ctrl & ACB_PWNOTREQ) + safe_strcpy(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 33); + else + safe_strcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 33); + } +} + +/************************************************************* + Routine to get the 32 hex characters and turn them + into a 16 byte array. +**************************************************************/ + +BOOL sam_gethexpwd(const char *p, unsigned char *pwd) +{ + int i; + unsigned char lonybble, hinybble; + char *hexchars = "0123456789ABCDEF"; + char *p1, *p2; + + if (!p) + return (False); + + for (i = 0; i < 32; i += 2) { + hinybble = toupper(p[i]); + lonybble = toupper(p[i + 1]); + + p1 = strchr(hexchars, hinybble); + p2 = strchr(hexchars, lonybble); + + if (!p1 || !p2) + return (False); + + hinybble = PTR_DIFF(p1, hexchars); + lonybble = PTR_DIFF(p2, hexchars); + + pwd[i / 2] = (hinybble << 4) | lonybble; + } + return (True); +} diff --git a/source3/sam/get_set_domain.c b/source3/sam/get_set_domain.c new file mode 100644 index 0000000000..49a63f9fae --- /dev/null +++ b/source3/sam/get_set_domain.c @@ -0,0 +1,263 @@ +/* + Unix SMB/CIFS implementation. + SAM_DOMAIN access routines + Copyright (C) Luke Kenneth Casson Leighton 1996-1998 + Copyright (C) Andrew Bartlett 2002 + Copyright (C) Stefan (metze) Metzmacher 2002 + Copyright (C) Jelmer Vernooij 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_SAM + +NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, DOM_SID **sid) +{ + if (!domain || !sid) return NT_STATUS_UNSUCCESSFUL; + + *sid = &domain->private.sid; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_num_users(SAM_DOMAIN_HANDLE *domain, uint32 *num_users) +{ + if (!domain || !num_users)return NT_STATUS_UNSUCCESSFUL; + + *num_users = domain->private.num_users; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups) +{ + if (!domain || !num_groups)return NT_STATUS_UNSUCCESSFUL; + + *num_groups = domain->private.num_groups; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases) +{ + if (!domain || !num_aliases)return NT_STATUS_UNSUCCESSFUL; + + *num_aliases = domain->private.num_aliases; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_name(SAM_DOMAIN_HANDLE *domain, char **domain_name) +{ + if (!domain || !domain_name)return NT_STATUS_UNSUCCESSFUL; + + *domain_name = domain->private.name; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, char *domain_name) +{ + if (!domain)return NT_STATUS_UNSUCCESSFUL; + + domain->private.name = talloc_strdup(domain->mem_ctx, domain_name); + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name) +{ + if (!domain || !server_name)return NT_STATUS_UNSUCCESSFUL; + + *server_name = domain->private.servername; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, char *server_name) +{ + if (!domain)return NT_STATUS_UNSUCCESSFUL; + + domain->private.servername = talloc_strdup(domain->mem_ctx, server_name); + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage) +{ + if (!domain || !max_passwordage)return NT_STATUS_UNSUCCESSFUL; + + *max_passwordage = domain->private.max_passwordage; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage) +{ + if (!domain || !min_passwordage)return NT_STATUS_UNSUCCESSFUL; + + *min_passwordage = domain->private.min_passwordage; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration) +{ + if (!domain || !lockout_duration)return NT_STATUS_UNSUCCESSFUL; + + *lockout_duration = domain->private.lockout_duration; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count) +{ + if (!domain || !reset_lockout_count)return NT_STATUS_UNSUCCESSFUL; + + *reset_lockout_count = domain->private.reset_count; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength) +{ + if (!domain || !min_passwordlength)return NT_STATUS_UNSUCCESSFUL; + + *min_passwordlength = domain->private.min_passwordlength; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 *password_history) +{ + if (!domain || !password_history)return NT_STATUS_UNSUCCESSFUL; + + *password_history = domain->private.password_history; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count) +{ + if (!domain || !lockout_count)return NT_STATUS_UNSUCCESSFUL; + + *lockout_count = domain->private.lockout_count; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff) +{ + if (!domain || !force_logoff)return NT_STATUS_UNSUCCESSFUL; + + *force_logoff = domain->private.force_logoff; + + return NT_STATUS_OK; +} + + +NTSTATUS sam_get_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange) +{ + if (!domain || !login_pwdchange)return NT_STATUS_UNSUCCESSFUL; + + *login_pwdchange = domain->private.login_pwdchange; + + return NT_STATUS_OK; +} + +/* Set */ + +NTSTATUS sam_set_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME max_passwordage) +{ + if (!domain)return NT_STATUS_UNSUCCESSFUL; + + domain->private.max_passwordage = max_passwordage; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME min_passwordage) +{ + if (!domain)return NT_STATUS_UNSUCCESSFUL; + + domain->private.min_passwordage = min_passwordage; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME lockout_duration) +{ + if (!domain)return NT_STATUS_UNSUCCESSFUL; + + domain->private.lockout_duration = lockout_duration; + + return NT_STATUS_OK; +} +NTSTATUS sam_set_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME reset_lockout_count) +{ + if (!domain)return NT_STATUS_UNSUCCESSFUL; + + domain->private.reset_count = reset_lockout_count; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 min_passwordlength) +{ + if (!domain)return NT_STATUS_UNSUCCESSFUL; + + domain->private.min_passwordlength = min_passwordlength; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 password_history) +{ + if (!domain) return NT_STATUS_UNSUCCESSFUL; + + domain->private.password_history = password_history; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 lockout_count) +{ + if (!domain)return NT_STATUS_UNSUCCESSFUL; + + domain->private.lockout_count = lockout_count; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL force_logoff) +{ + if (!domain)return NT_STATUS_UNSUCCESSFUL; + + domain->private.force_logoff = force_logoff; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL login_pwdchange) +{ + if (!domain) return NT_STATUS_UNSUCCESSFUL; + + domain->private.login_pwdchange = login_pwdchange; + + return NT_STATUS_OK; +} diff --git a/source3/sam/get_set_group.c b/source3/sam/get_set_group.c new file mode 100644 index 0000000000..51f91ada82 --- /dev/null +++ b/source3/sam/get_set_group.c @@ -0,0 +1,123 @@ +/* + Unix SMB/CIFS implementation. + SAM_USER_HANDLE access routines + Copyright (C) Andrew Bartlett 2002 + Copyright (C) Stefan (metze) Metzmacher 2002 + Copyright (C) Jelmer Vernooij 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_SAM + +/* sam group get functions */ + +NTSTATUS sam_get_group_sid(const SAM_GROUP_HANDLE *group, DOM_SID **sid) +{ + if (!group || !sid) return NT_STATUS_UNSUCCESSFUL; + + *sid = &group->private.sid; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_group_typ(const SAM_GROUP_HANDLE *group, uint32 *typ) +{ + if (!group || !typ) return NT_STATUS_UNSUCCESSFUL; + + *typ = group->private.flags; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_group_name(const SAM_GROUP_HANDLE *group, char **group_name) +{ + if (!group) return NT_STATUS_UNSUCCESSFUL; + + *group_name = group->private.name; + + return NT_STATUS_OK; + +} +NTSTATUS sam_get_group_comment(const SAM_GROUP_HANDLE *group, char **comment) +{ + if (!group) return NT_STATUS_UNSUCCESSFUL; + + *comment = group->private.comment; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_group_priv_set(const SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set) +{ + if (!group) return NT_STATUS_UNSUCCESSFUL; + + *priv_set = group->private.privileges; + + return NT_STATUS_OK; +} + +/* sam group set functions */ + +NTSTATUS sam_set_group_sid(SAM_GROUP_HANDLE *group, DOM_SID *sid) +{ + if (!group) return NT_STATUS_UNSUCCESSFUL; + + if (!sid) ZERO_STRUCT(group->private.sid); + else sid_copy(&(group->private.sid), sid); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_group_typ(SAM_GROUP_HANDLE *group, uint32 typ) +{ + if (!group) return NT_STATUS_UNSUCCESSFUL; + + group->private.flags = typ; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_group_name(SAM_GROUP_HANDLE *group, char *group_name) +{ + if (!group) return NT_STATUS_UNSUCCESSFUL; + + group->private.name = talloc_strdup(group->mem_ctx, group_name); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_group_comment(SAM_GROUP_HANDLE *group, char *comment) +{ + if (!group) return NT_STATUS_UNSUCCESSFUL; + + group->private.comment = talloc_strdup(group->mem_ctx, comment); + + return NT_STATUS_OK; + +} + +NTSTATUS sam_set_group_priv_set(SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set) +{ + if (!group) return NT_STATUS_UNSUCCESSFUL; + + if (!priv_set) ZERO_STRUCT(group->private.privileges); + else memcpy(&(group->private.privileges), priv_set, sizeof(PRIVILEGE_SET)); + + return NT_STATUS_OK; +} diff --git a/source3/sam/get_set_user.c b/source3/sam/get_set_user.c new file mode 100644 index 0000000000..e58afe6880 --- /dev/null +++ b/source3/sam/get_set_user.c @@ -0,0 +1,903 @@ +/* + Unix SMB/CIFS implementation. + SAM_USER_HANDLE access routines + Copyright (C) Andrew Bartlett 2002 + Copyright (C) Stefan (metze) Metzmacher 2002 + Copyright (C) Jelmer Vernooij 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_SAM + +NTSTATUS sam_get_user_domain_sid (const SAM_USER_HANDLE *sampass, DOM_SID **sid) +{ + NTSTATUS status; + SAM_DOMAIN_HANDLE *domain; + if (!sampass || !sid) return NT_STATUS_UNSUCCESSFUL; + + if (!NT_STATUS_IS_OK(status = sam_get_user_domain(sampass, &domain))){ + DEBUG(0, ("sam_get_user_domain_sid: Can't get domain for user\n")); + return status; + } + + return sam_get_domain_sid(domain, sid); +} + +NTSTATUS sam_get_user_domain_name (const SAM_USER_HANDLE *sampass, char **domain_name) +{ + NTSTATUS status; + SAM_DOMAIN_HANDLE *domain; + if (!sampass || !domain_name) return NT_STATUS_UNSUCCESSFUL; + + if (!NT_STATUS_IS_OK(status = sam_get_user_domain(sampass, &domain))){ + DEBUG(0, ("sam_get_user_domain_name: Can't get domain for user\n")); + return status; + } + + return sam_get_domain_name(domain, domain_name); +} + +NTSTATUS sam_get_user_acct_ctrl (const SAM_USER_HANDLE *sampass, uint16 *acct_ctrl) +{ + if(!sampass || !acct_ctrl)return NT_STATUS_UNSUCCESSFUL; + + *acct_ctrl = sampass->private.acct_ctrl; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_logon_time (const SAM_USER_HANDLE *sampass, NTTIME *logon_time) +{ + if(!sampass || !logon_time)return NT_STATUS_UNSUCCESSFUL; + + *logon_time = sampass->private.logon_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_logoff_time (const SAM_USER_HANDLE *sampass, NTTIME *logoff_time) +{ + if(!sampass || !logoff_time)return NT_STATUS_UNSUCCESSFUL; + + *logoff_time = sampass->private.logoff_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_kickoff_time (const SAM_USER_HANDLE *sampass, NTTIME *kickoff_time) +{ + if (!sampass || !kickoff_time)return NT_STATUS_UNSUCCESSFUL; + + *kickoff_time = sampass->private.kickoff_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_pass_last_set_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_last_set_time) +{ + if (!sampass || !pass_last_set_time)return NT_STATUS_UNSUCCESSFUL; + + *pass_last_set_time = sampass->private.pass_last_set_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_pass_can_change_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_can_change_time) +{ + if (!sampass || !pass_can_change_time)return NT_STATUS_UNSUCCESSFUL; + + *pass_can_change_time = sampass->private.pass_can_change_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_pass_must_change_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_must_change_time) +{ + if (!sampass || !pass_must_change_time)return NT_STATUS_UNSUCCESSFUL; + + *pass_must_change_time = sampass->private.pass_must_change_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_logon_divs (const SAM_USER_HANDLE *sampass, uint16 *logon_divs) +{ + if (!sampass || !logon_divs)return NT_STATUS_UNSUCCESSFUL; + + *logon_divs = sampass->private.logon_divs; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_hours_len (const SAM_USER_HANDLE *sampass, uint32 *hours_len) +{ + if (!sampass || !hours_len)return NT_STATUS_UNSUCCESSFUL; + + *hours_len = sampass->private.hours_len; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_hours (const SAM_USER_HANDLE *sampass, uint8 **hours) +{ + if (!sampass || !hours)return NT_STATUS_UNSUCCESSFUL; + + *hours = sampass->private.hours; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_nt_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB *nt_pwd) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + SMB_ASSERT((!sampass->private.nt_pw.data) + || sampass->private.nt_pw.length == NT_HASH_LEN); + + *nt_pwd = sampass->private.nt_pw; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_lm_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB *lm_pwd) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + SMB_ASSERT((!sampass->private.lm_pw.data) + || sampass->private.lm_pw.length == LM_HASH_LEN); + + *lm_pwd = sampass->private.lm_pw; + + return NT_STATUS_OK; +} + +/* Return the plaintext password if known. Most of the time + it isn't, so don't assume anything magic about this function. + + Used to pass the plaintext to sam backends that might + want to store more than just the NTLM hashes. +*/ + +NTSTATUS sam_get_user_plaintext_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB **plain_pwd) +{ + if (!sampass || !plain_pwd)return NT_STATUS_UNSUCCESSFUL; + + *plain_pwd = &(sampass->private.plaintext_pw); + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_sid(const SAM_USER_HANDLE *sampass, DOM_SID **sid) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *sid = &(sampass->private.user_sid); + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_pgroup(const SAM_USER_HANDLE *sampass, DOM_SID **sid) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *sid = &(sampass->private.group_sid); + + return NT_STATUS_OK; +} + +/** + * Get flags showing what is initalised in the SAM_USER_HANDLE + * @param sampass the SAM_USER_HANDLE in question + * @return the flags indicating the members initialised in the struct. + **/ + +NTSTATUS sam_get_user_init_flag (const SAM_USER_HANDLE *sampass, uint32 *initflag) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *initflag = sampass->private.init_flag; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_name (const SAM_USER_HANDLE *sampass, char **username) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *username = sampass->private.username; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_domain (const SAM_USER_HANDLE *sampass, SAM_DOMAIN_HANDLE **domain) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *domain = sampass->private.domain; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_fullname (const SAM_USER_HANDLE *sampass, char **fullname) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *fullname = sampass->private.full_name; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_homedir (const SAM_USER_HANDLE *sampass, char **homedir) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *homedir = sampass->private.home_dir; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_unix_home_dir (const SAM_USER_HANDLE *sampass, char **uhomedir) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *uhomedir = sampass->private.unix_home_dir; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_dir_drive (const SAM_USER_HANDLE *sampass, char **dirdrive) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *dirdrive = sampass->private.dir_drive; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_logon_script (const SAM_USER_HANDLE *sampass, char **logon_script) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *logon_script = sampass->private.logon_script; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_profile_path (const SAM_USER_HANDLE *sampass, char **profile_path) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *profile_path = sampass->private.profile_path; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_description (const SAM_USER_HANDLE *sampass, char **description) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *description = sampass->private.acct_desc; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_workstations (const SAM_USER_HANDLE *sampass, char **workstations) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *workstations = sampass->private.workstations; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_unknown_str (const SAM_USER_HANDLE *sampass, char **unknown_str) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *unknown_str = sampass->private.unknown_str; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_munged_dial (const SAM_USER_HANDLE *sampass, char **munged_dial) +{ + if (!sampass)return NT_STATUS_UNSUCCESSFUL; + + *munged_dial = sampass->private.munged_dial; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_unknown_1 (const SAM_USER_HANDLE *sampass, uint32 *unknown1) +{ + if (!sampass || !unknown1)return NT_STATUS_UNSUCCESSFUL; + + *unknown1 = sampass->private.unknown_1; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_unknown_2 (const SAM_USER_HANDLE *sampass, uint32 *unknown2) +{ + if (!sampass || !unknown2)return NT_STATUS_UNSUCCESSFUL; + + *unknown2 = sampass->private.unknown_2; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_user_unknown_3 (const SAM_USER_HANDLE *sampass, uint32 *unknown3) +{ + if (!sampass || !unknown3)return NT_STATUS_UNSUCCESSFUL; + + *unknown3 = sampass->private.unknown_3; + + return NT_STATUS_OK; +} + +/********************************************************************* + Collection of set...() functions for SAM_USER_HANDLE_INFO. + ********************************************************************/ + +NTSTATUS sam_set_user_acct_ctrl (SAM_USER_HANDLE *sampass, uint16 flags) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.acct_ctrl = flags; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_logon_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.logon_time = mytime; + + if (store) + sam_set_user_init_flag(sampass, FLAG_SAM_LOGONTIME); + + return NT_STATUS_UNSUCCESSFUL; +} + +NTSTATUS sam_set_user_logoff_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.logoff_time = mytime; + + if (store) + sam_set_user_init_flag(sampass, FLAG_SAM_LOGOFFTIME); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_kickoff_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.kickoff_time = mytime; + + if (store) + sam_set_user_init_flag(sampass, FLAG_SAM_KICKOFFTIME); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_pass_can_change_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.pass_can_change_time = mytime; + + if (store) + sam_set_user_init_flag(sampass, FLAG_SAM_CANCHANGETIME); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_pass_must_change_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.pass_must_change_time = mytime; + + if (store) + sam_set_user_init_flag(sampass, FLAG_SAM_MUSTCHANGETIME); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_pass_last_set_time (SAM_USER_HANDLE *sampass, NTTIME mytime) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.pass_last_set_time = mytime; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_hours_len (SAM_USER_HANDLE *sampass, uint32 len) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.hours_len = len; + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_logon_divs (SAM_USER_HANDLE *sampass, uint16 hours) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.logon_divs = hours; + return NT_STATUS_OK; +} + +/** + * Set flags showing what is initalised in the SAM_USER_HANDLE + * @param sampass the SAM_USER_HANDLE in question + * @param flag The *new* flag to be set. Old flags preserved + * this flag is only added. + **/ + +NTSTATUS sam_set_user_init_flag (SAM_USER_HANDLE *sampass, uint32 flag) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.init_flag |= flag; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_sid (SAM_USER_HANDLE *sampass, DOM_SID *u_sid) +{ + if (!sampass || !u_sid) + return NT_STATUS_UNSUCCESSFUL; + + sid_copy(&sampass->private.user_sid, u_sid); + + DEBUG(10, ("sam_set_user_sid: setting user sid %s\n", + sid_string_static(&sampass->private.user_sid))); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_sid_from_string (SAM_USER_HANDLE *sampass, fstring u_sid) +{ + DOM_SID new_sid; + if (!sampass || !u_sid) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_user_sid_from_string: setting user sid %s\n", + u_sid)); + + if (!string_to_sid(&new_sid, u_sid)) { + DEBUG(1, ("sam_set_user_sid_from_string: %s isn't a valid SID!\n", u_sid)); + return NT_STATUS_UNSUCCESSFUL; + } + + if (!NT_STATUS_IS_OK(sam_set_user_sid(sampass, &new_sid))) { + DEBUG(1, ("sam_set_user_sid_from_string: could not set sid %s on SAM_USER_HANDLE!\n", u_sid)); + return NT_STATUS_UNSUCCESSFUL; + } + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_pgroup_sid (SAM_USER_HANDLE *sampass, DOM_SID *g_sid) +{ + if (!sampass || !g_sid) + return NT_STATUS_UNSUCCESSFUL; + + sid_copy(&sampass->private.group_sid, g_sid); + + DEBUG(10, ("sam_set_group_sid: setting group sid %s\n", + sid_string_static(&sampass->private.group_sid))); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_pgroup_string (SAM_USER_HANDLE *sampass, fstring g_sid) +{ + DOM_SID new_sid; + if (!sampass || !g_sid) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_group_sid_from_string: setting group sid %s\n", + g_sid)); + + if (!string_to_sid(&new_sid, g_sid)) { + DEBUG(1, ("sam_set_group_sid_from_string: %s isn't a valid SID!\n", g_sid)); + return NT_STATUS_UNSUCCESSFUL; + } + + if (!NT_STATUS_IS_OK(sam_set_user_pgroup_sid(sampass, &new_sid))) { + DEBUG(1, ("sam_set_group_sid_from_string: could not set sid %s on SAM_USER_HANDLE!\n", g_sid)); + return NT_STATUS_UNSUCCESSFUL; + } + return NT_STATUS_OK; +} + +/********************************************************************* + Set the domain name. + ********************************************************************/ + +NTSTATUS sam_set_user_domain(SAM_USER_HANDLE *sampass, SAM_DOMAIN_HANDLE *domain) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.domain = domain; + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's NT name. + ********************************************************************/ + +NTSTATUS sam_set_user_username(SAM_USER_HANDLE *sampass, const char *nt_username) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_user_username: setting nt username %s, was %s\n", nt_username, sampass->private.username)); + + sampass->private.username = talloc_strdup(sampass->mem_ctx, nt_username); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's full name. + ********************************************************************/ + +NTSTATUS sam_set_user_fullname(SAM_USER_HANDLE *sampass, const char *full_name) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_user_fullname: setting full name %s, was %s\n", full_name, sampass->private.full_name)); + + sampass->private.full_name = talloc_strdup(sampass->mem_ctx, full_name); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's logon script. + ********************************************************************/ + +NTSTATUS sam_set_user_logon_script(SAM_USER_HANDLE *sampass, const char *logon_script, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_logon_script: from %s to %s\n", logon_script, sampass->private.logon_script)); + + sampass->private.logon_script = talloc_strdup(sampass->mem_ctx, logon_script); + + sam_set_user_init_flag(sampass, FLAG_SAM_LOGONSCRIPT); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's profile path. + ********************************************************************/ + +NTSTATUS sam_set_user_profile_path (SAM_USER_HANDLE *sampass, const char *profile_path, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_profile_path: setting profile path %s, was %s\n", profile_path, sampass->private.profile_path)); + + sampass->private.profile_path = talloc_strdup(sampass->mem_ctx, profile_path); + + if (store) { + DEBUG(10, ("sam_set_profile_path: setting profile path sam flag!\n")); + sam_set_user_init_flag(sampass, FLAG_SAM_PROFILE); + } + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's directory drive. + ********************************************************************/ + +NTSTATUS sam_set_user_dir_drive (SAM_USER_HANDLE *sampass, const char *dir_drive, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_dir_drive: setting dir drive %s, was %s\n", dir_drive, + sampass->private.dir_drive)); + + sampass->private.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive); + + if (store) { + DEBUG(10, ("sam_set_dir_drive: setting dir drive sam flag!\n")); + sam_set_user_init_flag(sampass, FLAG_SAM_DRIVE); + } + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's home directory. + ********************************************************************/ + +NTSTATUS sam_set_user_homedir (SAM_USER_HANDLE *sampass, const char *home_dir, BOOL store) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_homedir: setting home dir %s, was %s\n", home_dir, + sampass->private.home_dir)); + + sampass->private.home_dir = talloc_strdup(sampass->mem_ctx, home_dir); + + if (store) { + DEBUG(10, ("sam_set_homedir: setting home dir sam flag!\n")); + sam_set_user_init_flag(sampass, FLAG_SAM_SMBHOME); + } + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's unix home directory. + ********************************************************************/ + +NTSTATUS sam_set_user_unix_homedir (SAM_USER_HANDLE *sampass, const char *unix_home_dir) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_unix_homedir: setting home dir %s, was %s\n", unix_home_dir, + sampass->private.unix_home_dir)); + + sampass->private.unix_home_dir = talloc_strdup(sampass->mem_ctx, unix_home_dir); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's account description. + ********************************************************************/ + +NTSTATUS sam_set_user_acct_desc (SAM_USER_HANDLE *sampass, const char *acct_desc) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's workstation allowed list. + ********************************************************************/ + +NTSTATUS sam_set_user_workstations (SAM_USER_HANDLE *sampass, const char *workstations) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_workstations: setting workstations %s, was %s\n", workstations, + sampass->private.workstations)); + + sampass->private.workstations = talloc_strdup(sampass->mem_ctx, workstations); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's 'unknown_str', whatever the heck this actually is... + ********************************************************************/ + +NTSTATUS sam_set_user_unknown_str (SAM_USER_HANDLE *sampass, const char *unknown_str) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's dial string. + ********************************************************************/ + +NTSTATUS sam_set_user_munged_dial (SAM_USER_HANDLE *sampass, const char *munged_dial) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial); + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's NT hash. + ********************************************************************/ + +NTSTATUS sam_set_user_nt_pwd (SAM_USER_HANDLE *sampass, DATA_BLOB data) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.nt_pw = data; + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's LM hash. + ********************************************************************/ + +NTSTATUS sam_set_user_lm_pwd (SAM_USER_HANDLE *sampass, DATA_BLOB data) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.lm_pw = data; + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's plaintext password only (base procedure, see helper + below) + ********************************************************************/ + +NTSTATUS sam_set_user_plaintext_pw_only (SAM_USER_HANDLE *sampass, DATA_BLOB data) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.plaintext_pw = data; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_unknown_1 (SAM_USER_HANDLE *sampass, uint32 unkn) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.unknown_1 = unkn; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_unknown_2 (SAM_USER_HANDLE *sampass, uint32 unkn) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.unknown_2 = unkn; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_unknown_3 (SAM_USER_HANDLE *sampass, uint32 unkn) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.unknown_3 = unkn; + return NT_STATUS_OK; +} + +NTSTATUS sam_set_user_hours (SAM_USER_HANDLE *sampass, const uint8 *hours) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + if (!hours) { + memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN); + return NT_STATUS_OK; + } + + memcpy (sampass->private.hours, hours, MAX_HOURS_LEN); + + return NT_STATUS_OK; +} + +/* Helpful interfaces to the above */ + +/********************************************************************* + Sets the last changed times and must change times for a normal + password change. + ********************************************************************/ + +NTSTATUS sam_set_user_pass_changed_now (SAM_USER_HANDLE *sampass) +{ + uint32 expire; + NTTIME temptime; + + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + unix_to_nt_time(&temptime, time(NULL)); + if (!NT_STATUS_IS_OK(sam_set_user_pass_last_set_time (sampass, temptime))) + return NT_STATUS_UNSUCCESSFUL; + + if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire) + || (expire==(uint32)-1)) { + + get_nttime_max(&temptime); + if (!NT_STATUS_IS_OK(sam_set_user_pass_must_change_time (sampass, temptime, False))) + return NT_STATUS_UNSUCCESSFUL; + + } else { + /* FIXME: Add expire to temptime */ + + if (!NT_STATUS_IS_OK(sam_get_user_pass_last_set_time(sampass,&temptime)) || !NT_STATUS_IS_OK(sam_set_user_pass_must_change_time (sampass, temptime,True))) + return NT_STATUS_UNSUCCESSFUL; + } + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the user's PLAINTEXT password. Used as an interface to the above. + Also sets the last change time to NOW. + ********************************************************************/ + +NTSTATUS sam_set_plaintext_passwd (SAM_USER_HANDLE *sampass, const char *plaintext) +{ + DATA_BLOB data; + uchar new_lanman_p16[16]; + uchar new_nt_p16[16]; + + if (!sampass || !plaintext) + return NT_STATUS_UNSUCCESSFUL; + + nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16); + + data = data_blob(new_nt_p16, 16); + if (!NT_STATUS_IS_OK(sam_set_user_nt_pwd (sampass, data))) + return NT_STATUS_UNSUCCESSFUL; + + data = data_blob(new_lanman_p16, 16); + + if (!NT_STATUS_IS_OK(sam_set_user_lm_pwd (sampass, data))) + return NT_STATUS_UNSUCCESSFUL; + + if (!NT_STATUS_IS_OK(sam_set_user_pass_changed_now (sampass))) + return NT_STATUS_UNSUCCESSFUL; + + return NT_STATUS_OK; +} + diff --git a/source3/sam/interface.c b/source3/sam/interface.c new file mode 100644 index 0000000000..6adf213d27 --- /dev/null +++ b/source3/sam/interface.c @@ -0,0 +1,1001 @@ +/* + Unix SMB/CIFS implementation. + Password and authentication handling + Copyright (C) Andrew Bartlett 2002 + Copyright (C) Jelmer Vernooij 2002 + Copyright (C) Stefan (metze) Metzmacher 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_SAM + +/** List of various built-in sam modules */ + +const struct sam_init_function_entry builtin_sam_init_functions[] = { + { NULL, NULL} +}; + +/* FIXME: wrapper functions : context_* */ + +/****************************************************************** + context_sam_* functions are used to link the external SAM interface + with the internal backends. These functions lookup the appropriate + backends for the domain and pass on to the function in sam_methods + in the selected backend + *******************************************************************/ + +NTSTATUS sam_get_methods_by_sid(const struct sam_context *context, struct sam_methods **sam_method, const DOM_SID *domainsid) +{ + struct sam_methods *tmp_methods; + + DEBUG(5,("sam_get_methods_by_sid: %d\n", __LINE__)); + + if ((!context) || (!context->methods)) + { + DEBUG(2,("sam_get_methods_by_sid: invalid sam_context specified!\n")); + return NT_STATUS_INVALID_PARAMETER; + } + + tmp_methods = context->methods; + + while (tmp_methods) + { + if (sid_equal(domainsid, &tmp_methods->domain->private.sid)) + { + (*sam_method) = tmp_methods; + return NT_STATUS_OK; + } + tmp_methods = tmp_methods->next; + } + + DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", sid_string_static(domainsid))); + + return NT_STATUS_NO_SUCH_DOMAIN; +} + +NTSTATUS sam_get_methods_by_name(const struct sam_context *context, struct sam_methods **sam_method, const char *domainname) +{ + struct sam_methods *tmp_methods; + + DEBUG(5,("sam_get_methods_by_name: %d\n", __LINE__)); + + if ((!context) || (!context->methods)) + { + DEBUG(2,("sam_get_methods_by_sid: invalid sam_context specified!\n")); + return NT_STATUS_INVALID_PARAMETER; + } + + tmp_methods = context->methods; + + while (tmp_methods) + { + if (strcmp(domainname, tmp_methods->domain->private.name)) + { + (*sam_method) = tmp_methods; + return NT_STATUS_OK; + } + tmp_methods = tmp_methods->next; + } + + DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", domainname)); + + return NT_STATUS_NO_SUCH_DOMAIN; +} + +NTSTATUS context_sam_get_sec_desc(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd) +{ + struct sam_methods *tmp_methods; +// DOM_SID *domainsid; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_get_sec_desc: %d\n", __LINE__)); + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_get_sec_desc) { + DEBUG(3, ("context_sam_get_sec_desc: sam_methods of the domain did not specify sam_get_sec_desc\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_sec_desc(tmp_methods, access_token, sid, sd))) { + DEBUG(4,("context_sam_get_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_set_sec_desc(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd) +{ + struct sam_methods *tmp_methods; +// DOM_SID *domainsid; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_set_sec_desc: %d\n", __LINE__)); + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_set_sec_desc) { + DEBUG(3, ("context_sam_set_sec_desc: sam_methods of the domain did not specify sam_set_sec_desc\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_set_sec_desc(tmp_methods, access_token, sid, sd))) { + DEBUG(4,("context_sam_set_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + + +NTSTATUS context_sam_lookup_name(const struct sam_context *context, const NT_USER_TOKEN *access_token, const char *domain, const char *name, DOM_SID **sid, uint32 *type) +{ + struct sam_methods *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_lookup_name: %d\n", __LINE__)); + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { + DEBUG(4,("sam_get_methods_by_name failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_lookup_name) { + DEBUG(3, ("context_sam_lookup_name: sam_methods of the domain did not specify sam_lookup_name\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_name(tmp_methods, access_token, name, sid, type))) { + DEBUG(4,("context_sam_lookup_name for %s\\%s in backend %s failed\n", + tmp_methods->domain->private.name, name, tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_lookup_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, char **name, uint32 *type) +{ + struct sam_methods *tmp_methods; + uint32 rid; + NTSTATUS nt_status; + DOM_SID domainsid; + + DEBUG(5,("context_sam_lookup_sid: %d\n", __LINE__)); + + sid_copy(&domainsid, sid); + if (!sid_split_rid(&domainsid, &rid)) { + DEBUG(3,("context_sam_lookup_sid: failed to split the sid\n")); + return NT_STATUS_INVALID_SID; + } + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_lookup_sid) { + DEBUG(3, ("context_sam_lookup_sid: sam_methods of the domain did not specify sam_lookup_sid\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_sid(tmp_methods, access_token, sid, name, type))) { + DEBUG(4,("context_sam_lookup_name for %s in backend %s failed\n", + sid_string_static(sid), tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + + +NTSTATUS context_sam_update_domain(const struct sam_context *context, const SAM_DOMAIN_HANDLE *domain) +{ + return NT_STATUS_NOT_IMPLEMENTED; +} + +NTSTATUS context_sam_enum_domains(const struct sam_context *context, const NT_USER_TOKEN *access_token, int32 *domain_count, DOM_SID **domains, char ***domain_names) +{ + struct sam_methods *tmp_methods; + NTSTATUS nt_status; + + SEC_DESC *sd; + size_t sd_size; + uint32 acc_granted; + int i = 0; + + DEBUG(5,("context_sam_enum_domains: %d\n", __LINE__)); + + if ((!context)|| (!context->methods)) { + DEBUG(2,("context_sam_enum_domains: invalid sam_context specified!\n")); + return NT_STATUS_INVALID_PARAMETER; + } + + if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { + DEBUG(4,("samr_make_sam_obj_sd failed\n")); + return nt_status; + } + + if (!se_access_check(sd, access_token, SAMR_ACCESS_ENUM_DOMAINS, &acc_granted, &nt_status)) { + DEBUG(3,("context_sam_enum_domains: ACCESS DENIED\n")); + return nt_status; + } + + tmp_methods= context->methods; + + while (tmp_methods) + { + (*domain_count)++; + tmp_methods= tmp_methods->next; + } + + DEBUG(6,("context_sam_enum_domains: enumerating %d domains\n", (*domain_count))); + + tmp_methods = context->methods; + + if (((*domains) = malloc( sizeof(DOM_SID) * (*domain_count))) == NULL) { + DEBUG(0,("context_sam_enum_domains: Out of memory allocating domain list\n")); + return NT_STATUS_NO_MEMORY; + } + + if (((*domain_names) = malloc( sizeof(char*) * (*domain_count))) == NULL) { + DEBUG(0,("context_sam_enum_domains: Out of memory allocating domain list\n")); + SAFE_FREE((*domains)); + return NT_STATUS_NO_MEMORY; + } + + while (tmp_methods) + { + + DEBUGADD(7,(" [%d] %s: %s\n", i, tmp_methods->domain->private.name, sid_string_static(&tmp_methods->domain->private.sid))); + sid_copy(domains[i],&tmp_methods->domain->private.sid); + if(asprintf(&(*domain_names[i]),"%s",tmp_methods->domain->private.name) < 0) { + DEBUG(0,("context_sam_enum_domains: asprintf failed")); + SAFE_FREE((*domains)); + SAFE_FREE((*domain_names)); + return NT_STATUS_NO_MEMORY; + } + + i++; + tmp_methods= tmp_methods->next; + + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_lookup_domain(const struct sam_context *context, const NT_USER_TOKEN *access_token, const char *domain, DOM_SID **domainsid) +{ + struct sam_methods *tmp_methods; + NTSTATUS nt_status; + + SEC_DESC *sd; + size_t sd_size; + uint32 acc_granted; + + DEBUG(5,("context_sam_lookup_domain: %d\n", __LINE__)); + + if ((!context)|| (!context->methods)) { + DEBUG(2,("context_sam_lookup_domain: invalid sam_context specified!\n")); + return NT_STATUS_INVALID_PARAMETER; + } + + if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { + DEBUG(4,("samr_make_sam_obj_sd failed\n")); + return nt_status; + } + + if (!se_access_check(sd, access_token, SAMR_ACCESS_OPEN_DOMAIN, &acc_granted, &nt_status)) { + DEBUG(3,("context_sam_lookup_domain: ACCESS DENIED\n")); + return nt_status; + } + + tmp_methods= context->methods; + + while (tmp_methods) + { + if (strcmp(domain, tmp_methods->domain->private.name) == 0) { + sid_copy((*domainsid), &tmp_methods->domain->private.sid); + return NT_STATUS_OK; + } + tmp_methods= tmp_methods->next; + } + + return NT_STATUS_NO_SUCH_DOMAIN; +} + + +NTSTATUS context_sam_get_domain_by_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain) +{ + struct sam_methods *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_get_domain_by_sid: %d\n", __LINE__)); + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_get_domain_handle) { + DEBUG(3, ("context_sam_get_domain_by_sid: sam_methods of the domain did not specify sam_get_domain_handle\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_domain_handle(tmp_methods, access_token, access_desired, domain))) { + DEBUG(4,("context_sam_get_domain_by_sid for %s in backend %s failed\n", + sid_string_static(domainsid), tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_create_user(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, DOM_SID *domainsid, SAM_USER_HANDLE **user) +{ + struct sam_methods *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_create_user: %d\n", __LINE__)); + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_create_user) { + DEBUG(3, ("context_sam_create_user: sam_methods of the domain did not specify sam_create_user\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_user(tmp_methods, access_token, access_desired, user))) { + DEBUG(4,("context_sam_create_user in backend %s failed\n", + tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_add_user(const struct sam_context *context, const SAM_USER_HANDLE *user) +{ + DOM_SID domainsid; + DOM_SID *usersid; + struct sam_methods *tmp_methods; + uint32 rid; + NTSTATUS status; + + if (!NT_STATUS_IS_OK(status = sam_get_user_sid(user, &usersid))) { + DEBUG(0,("Can't get user SID\n")); + return status; + } + + sid_copy(&domainsid, usersid); + if (!sid_split_rid(&domainsid, &rid)) { + DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n")); + return NT_STATUS_INVALID_SID; + } + + if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return status; + } + + if (!tmp_methods->sam_add_user) { + DEBUG(3, ("context_sam_add_user: sam_methods of the domain did not specify sam_add_user\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(status = tmp_methods->sam_add_user(tmp_methods, user))){ + DEBUG(4,("context_sam_add_user in backend %s failed\n", + tmp_methods->backendname)); + return status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_update_user(const struct sam_context *context, const SAM_USER_HANDLE *user) +{ + DOM_SID domainsid; + struct sam_methods *tmp_methods; + DOM_SID *usersid; + uint32 rid; + NTSTATUS status; + + if (!NT_STATUS_IS_OK(status = sam_get_user_sid(user, &usersid))) { + DEBUG(0,("Can't get user SID\n")); + return status; + } + + sid_copy(&domainsid, usersid); + if (!sid_split_rid(&domainsid, &rid)) { + DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n")); + return NT_STATUS_INVALID_SID; + } + + if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return status; + } + + if (!tmp_methods->sam_update_user) { + DEBUG(3, ("context_sam_update_user: sam_methods of the domain did not specify sam_update_user\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(status = tmp_methods->sam_update_user(tmp_methods, user))){ + DEBUG(4,("context_sam_update_user in backend %s failed\n", + tmp_methods->backendname)); + return status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_delete_user(const struct sam_context *context, SAM_USER_HANDLE *user) +{ + DOM_SID domainsid; + struct sam_methods *tmp_methods; + DOM_SID *usersid; + uint32 rid; + NTSTATUS status; + + if (!NT_STATUS_IS_OK(status = sam_get_user_sid(user, &usersid))) { + DEBUG(0,("Can't get user SID\n")); + return status; + } + + sid_copy(&domainsid, usersid); + if (!sid_split_rid(&domainsid, &rid)) { + DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n")); + return NT_STATUS_INVALID_SID; + } + + if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return status; + } + + if (!tmp_methods->sam_delete_user) { + DEBUG(3, ("context_sam_delete_user: sam_methods of the domain did not specify sam_delete_user\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(status = tmp_methods->sam_delete_user(tmp_methods, user))){ + DEBUG(4,("context_sam_delete_user in backend %s failed\n", + tmp_methods->backendname)); + return status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_enum_users(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, int32 *user_count, SAM_USER_ENUM **users) +{ + struct sam_methods *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_enum_users: %d\n", __LINE__)); + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_enum_users) { + DEBUG(3, ("context_sam_enum_users: sam_methods of the domain did not specify sam_enum_users\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_users(tmp_methods, access_token, user_count, users))) { + DEBUG(4,("context_sam_enum_users for domain %s in backend %s failed\n", + tmp_methods->domain->private.name, tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + + +NTSTATUS context_sam_get_user_by_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *usersid, SAM_USER_HANDLE **user) +{ + struct sam_methods *tmp_methods; + uint32 rid; + DOM_SID domainsid; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_get_user_by_sid: %d\n", __LINE__)); + + sid_copy(&domainsid, usersid); + if (!sid_split_rid(&domainsid, &rid)) { + DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n")); + return NT_STATUS_INVALID_SID; + } + + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_get_user_by_sid) { + DEBUG(3, ("context_sam_get_user_by_sid: sam_methods of the domain did not specify sam_get_user_by_sid\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_user_by_sid(tmp_methods, access_token, access_desired, usersid, user))) { + DEBUG(4,("context_sam_get_user_by_sid for %s in backend %s failed\n", + sid_string_static(usersid), tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_get_user_by_name(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_USER_HANDLE **user) +{ + struct sam_methods *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_get_user_by_name: %d\n", __LINE__)); + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { + DEBUG(4,("sam_get_methods_by_name failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_get_user_by_name) { + DEBUG(3, ("context_sam_get_user_by_name: sam_methods of the domain did not specify sam_get_user_by_name\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_user_by_name(tmp_methods, access_token, access_desired, name, user))) { + DEBUG(4,("context_sam_get_user_by_name for %s\\%s in backend %s failed\n", + domain, name, tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_create_group(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const uint32 type, DOM_SID *sid, SAM_GROUP_HANDLE **group) +{ + struct sam_methods *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_create_group: %d\n", __LINE__)); + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_create_group) { + DEBUG(3, ("context_sam_create_group: sam_methods of the domain did not specify sam_create_group\n")); + return NT_STATUS_UNSUCCESSFUL; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_group(tmp_methods, access_token, access_desired, type, group))) { + DEBUG(4,("context_sam_create_group in backend %s failed\n", + tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_add_group(const struct sam_context *context, const SAM_GROUP_HANDLE *group) +{ + DOM_SID domainsid; + DOM_SID *groupsid; + struct sam_methods *tmp_methods; + uint32 rid; + NTSTATUS status; + + if (!NT_STATUS_IS_OK(status = sam_get_group_sid(group, &groupsid))) { + DEBUG(0,("Can't get group SID\n")); + return status; + } + + sid_copy(&domainsid, groupsid); + if (!sid_split_rid(&domainsid, &rid)) { + DEBUG(3,("context_sam_get_group_by_sid: failed to split the sid\n")); + return NT_STATUS_INVALID_SID; + } + + if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return status; + } + + if (!tmp_methods->sam_add_group) { + DEBUG(3, ("context_sam_add_group: sam_methods of the domain did not specify sam_add_group\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(status = tmp_methods->sam_add_group(tmp_methods, group))){ + DEBUG(4,("context_sam_add_group in backend %s failed\n", + tmp_methods->backendname)); + return status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_update_group(const struct sam_context *context, const DOM_SID *domainsid, const SAM_GROUP_HANDLE *group) +{ + DOM_SID domainsid; + DOM_SID *groupsid; + struct sam_methods *tmp_methods; + uint32 rid; + NTSTATUS status; + + if (!NT_STATUS_IS_OK(status = sam_get_group_sid(group, &groupsid))) { + DEBUG(0,("Can't get group SID\n")); + return status; + } + + sid_copy(&domainsid, groupsid); + if (!sid_split_rid(&domainsid, &rid)) { + DEBUG(3,("context_sam_get_group_by_sid: failed to split the sid\n")); + return NT_STATUS_INVALID_SID; + } + + if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return status; + } + + if (!tmp_methods->sam_update_group) { + DEBUG(3, ("context_sam_update_group: sam_methods of the domain did not specify sam_update_group\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(status = tmp_methods->sam_update_group(tmp_methods, group))){ + DEBUG(4,("context_sam_update_group in backend %s failed\n", + tmp_methods->backendname)); + return status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_delete_group(const struct sam_context *context, SAM_GROUP_HANDLE **groupsid) +{ + DOM_SID domainsid; + struct sam_methods *tmp_methods; + DOM_SID *groupsid; + uint32 rid; + NTSTATUS status; + + if (!NT_STATUS_IS_OK(status = sam_get_group_sid(group, &groupsid))) { + DEBUG(0,("Can't get group SID\n")); + return status; + } + + sid_copy(&domainsid, groupsid); + if (!sid_split_rid(&domainsid, &rid)) { + DEBUG(3,("context_sam_get_group_by_sid: failed to split the sid\n")); + return NT_STATUS_INVALID_SID; + } + + if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return status; + } + + if (!tmp_methods->sam_delete_group) { + DEBUG(3, ("context_sam_delete_group: sam_methods of the domain did not specify sam_delete_group\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(status = tmp_methods->sam_delete_group(tmp_methods, group))){ + DEBUG(4,("context_sam_delete_group in backend %s failed\n", + tmp_methods->backendname)); + return status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_enum_groups(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, const uint32 type, uint32 *groups_count, SAM_GROUP_ENUM **groups) +{ + struct sam_methods *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_enum_groups: %d\n", __LINE__)); + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_enum_users) { + DEBUG(3, ("context_sam_enum_groups: sam_methods of the domain did not specify sam_enum_groups\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groups(tmp_methods, access_token, type, groups_count, groups))) { + DEBUG(4,("context_sam_enum_groups for domain %s in backend %s failed\n", + tmp_methods->domain->private.name, tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_get_group_by_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) +{ + struct sam_methods *tmp_methods; + uint32 rid; + NTSTATUS nt_status; + DOM_SID domainsid; + + DEBUG(5,("context_sam_get_group_by_sid: %d\n", __LINE__)); + + sid_copy(&domainsid, groupsid); + if (!sid_split_rid(&domainsid, &rid)) { + DEBUG(3,("context_sam_get_group_by_sid: failed to split the sid\n")); + return NT_STATUS_INVALID_SID; + } + + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + DEBUG(4,("sam_get_methods_by_sid failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_get_group_by_sid) { + DEBUG(3, ("context_sam_get_group_by_sid: sam_methods of the domain did not specify sam_get_group_by_sid\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_sid(tmp_methods, access_token, access_desired, groupsid, group))) { + DEBUG(4,("context_sam_get_group_by_sid for %s in backend %s failed\n", + sid_string_static(groupsid), tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_get_group_by_name(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group) +{ + struct sam_methods *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_get_group_by_name: %d\n", __LINE__)); + + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { + DEBUG(4,("sam_get_methods_by_name failed\n")); + return nt_status; + } + + if (!tmp_methods->sam_get_group_by_name) { + DEBUG(3, ("context_sam_get_group_by_name: sam_methods of the domain did not specify sam_get_group_by_name\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_name(tmp_methods, access_token, access_desired, name, group))) { + DEBUG(4,("context_sam_get_group_by_name for %s\\%s in backend %s failed\n", + domain, name, tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; +} + +NTSTATUS context_sam_add_member_to_group(const struct sam_context *context, SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member) +{ + return NT_STATUS_NOT_IMPLEMENTED; +} +NTSTATUS context_sam_delete_member_from_group(const struct sam_context *context, SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member) +{ + return NT_STATUS_NOT_IMPLEMENTED; +} + +NTSTATUS context_sam_enum_groupmembers(const struct sam_context *context, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) +{ + return NT_STATUS_NOT_IMPLEMENTED; +} + +NTSTATUS context_sam_get_groups_of_user(const struct sam_context *context, const SAM_USER_HANDLE *user, const uint32 type, uint32 *group_count, SAM_GROUP_ENUM **groups) +{ + return NT_STATUS_NOT_IMPLEMENTED; +} + + +/****************************************************************** + Free and cleanup a sam context, any associated data and anything + that the attached modules might have associated. + *******************************************************************/ + +void free_sam_context(struct sam_context **context) +{ + struct sam_methods *sam_selected = (*context)->methods; + + while (sam_selected){ + if (sam_selected->free_private_data) { + sam_selected->free_private_data(&(sam_selected->private_data)); + } + sam_selected = sam_selected->next; + } + + talloc_destroy((*context)->mem_ctx); + *context = NULL; +} + +/****************************************************************** + Make a sam_methods from scratch + *******************************************************************/ + +NTSTATUS make_sam_context_list(struct sam_context **context, char **selected) +{ + int i = 0; + struct sam_methods *curmethods, *tmpmethods; + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + + if (!NT_STATUS_IS_OK(nt_status = make_sam_context(context))) { + return nt_status; + } + while (selected[i]){ + /* Try to initialise sam */ + DEBUG(5,("Trying to load: %s\n", selected[i])); + if (!NT_STATUS_IS_OK(nt_status = make_sam_methods_name(&curmethods, *context, selected[i]))) { + DEBUG(1, ("Loading %s failed!\n", selected[i])); + free_sam_context(context); + return nt_status; + } + curmethods->parent = *context; + DLIST_ADD_END((*context)->methods, curmethods, tmpmethods); + i++; + } + return NT_STATUS_OK; +} + +NTSTATUS make_sam_methods_name(struct sam_methods **methods, struct sam_context *context, const char *selected) +{ + char *module_name = smb_xstrdup(selected); + char *module_location = NULL, *p; + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + int i; + + p = strchr(module_name, ':'); + + if (p) { + *p = 0; + module_location = p+1; + trim_string(module_location, " ", " "); + } + + trim_string(module_name, " ", " "); + + DEBUG(5,("Attempting to find an sam backend to match %s (%s)\n", selected, module_name)); + for (i = 0; builtin_sam_init_functions[i].name; i++) + { + if (strequal(builtin_sam_init_functions[i].name, module_name)) + { + DEBUG(5,("Found sam backend %s (at pos %d)\n", module_name, i)); + nt_status = builtin_sam_init_functions[i].init(context, methods, module_location); + if (NT_STATUS_IS_OK(nt_status)) { + DEBUG(5,("sam backend %s has a valid init\n", selected)); + } else { + DEBUG(0,("sam backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status))); + } + SAFE_FREE(module_name); + return nt_status; + break; /* unreached */ + } + } + + /* No such backend found */ + SAFE_FREE(module_name); + return NT_STATUS_INVALID_PARAMETER; +} + +/****************************************************************** + Make a sam_context from scratch. + *******************************************************************/ + +NTSTATUS make_sam_context(struct sam_context **context) +{ + TALLOC_CTX *mem_ctx; + + mem_ctx = talloc_init_named("sam_context internal allocation context"); + + if (!mem_ctx) { + DEBUG(0, ("make_sam_context: talloc init failed!\n")); + return NT_STATUS_NO_MEMORY; + } + + *context = talloc(mem_ctx, sizeof(**context)); + if (!*context) { + DEBUG(0, ("make_sam_context: talloc failed!\n")); + return NT_STATUS_NO_MEMORY; + } + + ZERO_STRUCTP(*context); + + (*context)->mem_ctx = mem_ctx; + + /* FIXME */ + + (*context)->free_fn = free_sam_context; + + return NT_STATUS_OK; +} + + +/****************************************************************** + Return an already initialised sam_context, to facilitate backward + compatibility (see functions below). + *******************************************************************/ + +struct sam_context *sam_get_static_context(BOOL reload) +{ + static struct sam_context *sam_context = NULL; + + if ((sam_context) && (reload)) { + sam_context->free_fn(&sam_context); + if (!NT_STATUS_IS_OK(make_sam_context_list(&sam_context, lp_sam_backend()))) { + return NULL; + } + } + + if (!sam_context) { + if (!NT_STATUS_IS_OK(make_sam_context_list(&sam_context, lp_sam_backend()))) { + return NULL; + } + } + + return sam_context; +} + +/*************************************************************** + Initialize the static context (at smbd startup etc). + + If uninitialised, context will auto-init on first use. + ***************************************************************/ + +BOOL initialize_sam(BOOL reload) +{ + return (sam_get_static_context(reload) != NULL); +} + + +NTSTATUS make_sam_methods(TALLOC_CTX *mem_ctx, SAM_METHODS **methods) +{ + *methods = talloc(mem_ctx, sizeof(struct sam_methods)); + + if (!*methods) { + return NT_STATUS_NO_MEMORY; + } + + ZERO_STRUCTP(*methods); + + return NT_STATUS_OK; +} -- cgit From bbbf21310f809bd948202840d27c34b6bebe94e3 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 28 Aug 2002 05:55:08 +0000 Subject: Code style + typo fixes Added Kai Krüger to copyrightholders of interface.c (This used to be commit 067ae5f81076611a0042eb064afdffa5e37f93e9) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- source3/sam/account.c | 4 +-- source3/sam/get_set_domain.c | 46 ++++++++++++++++---------------- source3/sam/get_set_user.c | 62 ++++++++++++++++++++++---------------------- source3/sam/interface.c | 1 + 4 files changed, 57 insertions(+), 56 deletions(-) (limited to 'source3/sam') diff --git a/source3/sam/account.c b/source3/sam/account.c index 1fec9966f6..9953ba956c 100644 --- a/source3/sam/account.c +++ b/source3/sam/account.c @@ -118,9 +118,9 @@ NTSTATUS sam_init_user(SAM_USER_HANDLE **user) } /** - * Free the contets of the SAM_USER_HANDLE, but not the structure. + * Free the contents of the SAM_USER_HANDLE, but not the structure. * - * Also wipes the LM and NT hashes and plaintext passwrod from + * Also wipes the LM and NT hashes and plaintext password from * memory. * * @param user SAM_USER_HANDLE to free members of. diff --git a/source3/sam/get_set_domain.c b/source3/sam/get_set_domain.c index 49a63f9fae..e9e61119cd 100644 --- a/source3/sam/get_set_domain.c +++ b/source3/sam/get_set_domain.c @@ -37,7 +37,7 @@ NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, DOM_SID **sid) NTSTATUS sam_get_domain_num_users(SAM_DOMAIN_HANDLE *domain, uint32 *num_users) { - if (!domain || !num_users)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !num_users) return NT_STATUS_UNSUCCESSFUL; *num_users = domain->private.num_users; @@ -46,7 +46,7 @@ NTSTATUS sam_get_domain_num_users(SAM_DOMAIN_HANDLE *domain, uint32 *num_users) NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups) { - if (!domain || !num_groups)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !num_groups) return NT_STATUS_UNSUCCESSFUL; *num_groups = domain->private.num_groups; @@ -55,7 +55,7 @@ NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases) { - if (!domain || !num_aliases)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !num_aliases) return NT_STATUS_UNSUCCESSFUL; *num_aliases = domain->private.num_aliases; @@ -64,7 +64,7 @@ NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_alias NTSTATUS sam_get_domain_name(SAM_DOMAIN_HANDLE *domain, char **domain_name) { - if (!domain || !domain_name)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !domain_name) return NT_STATUS_UNSUCCESSFUL; *domain_name = domain->private.name; @@ -73,7 +73,7 @@ NTSTATUS sam_get_domain_name(SAM_DOMAIN_HANDLE *domain, char **domain_name) NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, char *domain_name) { - if (!domain)return NT_STATUS_UNSUCCESSFUL; + if (!domain) return NT_STATUS_UNSUCCESSFUL; domain->private.name = talloc_strdup(domain->mem_ctx, domain_name); @@ -82,7 +82,7 @@ NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, char *domain_name) NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name) { - if (!domain || !server_name)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !server_name) return NT_STATUS_UNSUCCESSFUL; *server_name = domain->private.servername; @@ -91,7 +91,7 @@ NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name) NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, char *server_name) { - if (!domain)return NT_STATUS_UNSUCCESSFUL; + if (!domain) return NT_STATUS_UNSUCCESSFUL; domain->private.servername = talloc_strdup(domain->mem_ctx, server_name); @@ -100,7 +100,7 @@ NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, char *server_name) NTSTATUS sam_get_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage) { - if (!domain || !max_passwordage)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !max_passwordage) return NT_STATUS_UNSUCCESSFUL; *max_passwordage = domain->private.max_passwordage; @@ -109,7 +109,7 @@ NTSTATUS sam_get_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwo NTSTATUS sam_get_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage) { - if (!domain || !min_passwordage)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !min_passwordage) return NT_STATUS_UNSUCCESSFUL; *min_passwordage = domain->private.min_passwordage; @@ -118,7 +118,7 @@ NTSTATUS sam_get_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwo NTSTATUS sam_get_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration) { - if (!domain || !lockout_duration)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !lockout_duration) return NT_STATUS_UNSUCCESSFUL; *lockout_duration = domain->private.lockout_duration; @@ -127,7 +127,7 @@ NTSTATUS sam_get_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lock NTSTATUS sam_get_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count) { - if (!domain || !reset_lockout_count)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !reset_lockout_count) return NT_STATUS_UNSUCCESSFUL; *reset_lockout_count = domain->private.reset_count; @@ -136,7 +136,7 @@ NTSTATUS sam_get_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_loc NTSTATUS sam_get_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength) { - if (!domain || !min_passwordlength)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !min_passwordlength) return NT_STATUS_UNSUCCESSFUL; *min_passwordlength = domain->private.min_passwordlength; @@ -145,7 +145,7 @@ NTSTATUS sam_get_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_pas NTSTATUS sam_get_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 *password_history) { - if (!domain || !password_history)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !password_history) return NT_STATUS_UNSUCCESSFUL; *password_history = domain->private.password_history; @@ -154,7 +154,7 @@ NTSTATUS sam_get_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 *password_ NTSTATUS sam_get_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count) { - if (!domain || !lockout_count)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !lockout_count) return NT_STATUS_UNSUCCESSFUL; *lockout_count = domain->private.lockout_count; @@ -163,7 +163,7 @@ NTSTATUS sam_get_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout NTSTATUS sam_get_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff) { - if (!domain || !force_logoff)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !force_logoff) return NT_STATUS_UNSUCCESSFUL; *force_logoff = domain->private.force_logoff; @@ -173,7 +173,7 @@ NTSTATUS sam_get_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logo NTSTATUS sam_get_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange) { - if (!domain || !login_pwdchange)return NT_STATUS_UNSUCCESSFUL; + if (!domain || !login_pwdchange) return NT_STATUS_UNSUCCESSFUL; *login_pwdchange = domain->private.login_pwdchange; @@ -184,7 +184,7 @@ NTSTATUS sam_get_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_p NTSTATUS sam_set_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME max_passwordage) { - if (!domain)return NT_STATUS_UNSUCCESSFUL; + if (!domain) return NT_STATUS_UNSUCCESSFUL; domain->private.max_passwordage = max_passwordage; @@ -193,7 +193,7 @@ NTSTATUS sam_set_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME max_passwor NTSTATUS sam_set_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME min_passwordage) { - if (!domain)return NT_STATUS_UNSUCCESSFUL; + if (!domain) return NT_STATUS_UNSUCCESSFUL; domain->private.min_passwordage = min_passwordage; @@ -202,7 +202,7 @@ NTSTATUS sam_set_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME min_passwor NTSTATUS sam_set_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME lockout_duration) { - if (!domain)return NT_STATUS_UNSUCCESSFUL; + if (!domain) return NT_STATUS_UNSUCCESSFUL; domain->private.lockout_duration = lockout_duration; @@ -210,7 +210,7 @@ NTSTATUS sam_set_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME locko } NTSTATUS sam_set_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME reset_lockout_count) { - if (!domain)return NT_STATUS_UNSUCCESSFUL; + if (!domain) return NT_STATUS_UNSUCCESSFUL; domain->private.reset_count = reset_lockout_count; @@ -219,7 +219,7 @@ NTSTATUS sam_set_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME reset_lock NTSTATUS sam_set_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 min_passwordlength) { - if (!domain)return NT_STATUS_UNSUCCESSFUL; + if (!domain) return NT_STATUS_UNSUCCESSFUL; domain->private.min_passwordlength = min_passwordlength; @@ -237,7 +237,7 @@ NTSTATUS sam_set_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 password_h NTSTATUS sam_set_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 lockout_count) { - if (!domain)return NT_STATUS_UNSUCCESSFUL; + if (!domain) return NT_STATUS_UNSUCCESSFUL; domain->private.lockout_count = lockout_count; @@ -246,7 +246,7 @@ NTSTATUS sam_set_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 lockout_ NTSTATUS sam_set_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL force_logoff) { - if (!domain)return NT_STATUS_UNSUCCESSFUL; + if (!domain) return NT_STATUS_UNSUCCESSFUL; domain->private.force_logoff = force_logoff; diff --git a/source3/sam/get_set_user.c b/source3/sam/get_set_user.c index e58afe6880..753567ac06 100644 --- a/source3/sam/get_set_user.c +++ b/source3/sam/get_set_user.c @@ -55,7 +55,7 @@ NTSTATUS sam_get_user_domain_name (const SAM_USER_HANDLE *sampass, char **domain NTSTATUS sam_get_user_acct_ctrl (const SAM_USER_HANDLE *sampass, uint16 *acct_ctrl) { - if(!sampass || !acct_ctrl)return NT_STATUS_UNSUCCESSFUL; + if(!sampass || !acct_ctrl) return NT_STATUS_UNSUCCESSFUL; *acct_ctrl = sampass->private.acct_ctrl; @@ -64,7 +64,7 @@ NTSTATUS sam_get_user_acct_ctrl (const SAM_USER_HANDLE *sampass, uint16 *acct_ct NTSTATUS sam_get_user_logon_time (const SAM_USER_HANDLE *sampass, NTTIME *logon_time) { - if(!sampass || !logon_time)return NT_STATUS_UNSUCCESSFUL; + if(!sampass || !logon_time) return NT_STATUS_UNSUCCESSFUL; *logon_time = sampass->private.logon_time; @@ -73,7 +73,7 @@ NTSTATUS sam_get_user_logon_time (const SAM_USER_HANDLE *sampass, NTTIME *logon_ NTSTATUS sam_get_user_logoff_time (const SAM_USER_HANDLE *sampass, NTTIME *logoff_time) { - if(!sampass || !logoff_time)return NT_STATUS_UNSUCCESSFUL; + if(!sampass || !logoff_time) return NT_STATUS_UNSUCCESSFUL; *logoff_time = sampass->private.logoff_time; @@ -82,7 +82,7 @@ NTSTATUS sam_get_user_logoff_time (const SAM_USER_HANDLE *sampass, NTTIME *logof NTSTATUS sam_get_user_kickoff_time (const SAM_USER_HANDLE *sampass, NTTIME *kickoff_time) { - if (!sampass || !kickoff_time)return NT_STATUS_UNSUCCESSFUL; + if (!sampass || !kickoff_time) return NT_STATUS_UNSUCCESSFUL; *kickoff_time = sampass->private.kickoff_time; @@ -91,7 +91,7 @@ NTSTATUS sam_get_user_kickoff_time (const SAM_USER_HANDLE *sampass, NTTIME *kick NTSTATUS sam_get_user_pass_last_set_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_last_set_time) { - if (!sampass || !pass_last_set_time)return NT_STATUS_UNSUCCESSFUL; + if (!sampass || !pass_last_set_time) return NT_STATUS_UNSUCCESSFUL; *pass_last_set_time = sampass->private.pass_last_set_time; @@ -100,7 +100,7 @@ NTSTATUS sam_get_user_pass_last_set_time (const SAM_USER_HANDLE *sampass, NTTIME NTSTATUS sam_get_user_pass_can_change_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_can_change_time) { - if (!sampass || !pass_can_change_time)return NT_STATUS_UNSUCCESSFUL; + if (!sampass || !pass_can_change_time) return NT_STATUS_UNSUCCESSFUL; *pass_can_change_time = sampass->private.pass_can_change_time; @@ -109,7 +109,7 @@ NTSTATUS sam_get_user_pass_can_change_time (const SAM_USER_HANDLE *sampass, NTTI NTSTATUS sam_get_user_pass_must_change_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_must_change_time) { - if (!sampass || !pass_must_change_time)return NT_STATUS_UNSUCCESSFUL; + if (!sampass || !pass_must_change_time) return NT_STATUS_UNSUCCESSFUL; *pass_must_change_time = sampass->private.pass_must_change_time; @@ -118,7 +118,7 @@ NTSTATUS sam_get_user_pass_must_change_time (const SAM_USER_HANDLE *sampass, NTT NTSTATUS sam_get_user_logon_divs (const SAM_USER_HANDLE *sampass, uint16 *logon_divs) { - if (!sampass || !logon_divs)return NT_STATUS_UNSUCCESSFUL; + if (!sampass || !logon_divs) return NT_STATUS_UNSUCCESSFUL; *logon_divs = sampass->private.logon_divs; @@ -127,7 +127,7 @@ NTSTATUS sam_get_user_logon_divs (const SAM_USER_HANDLE *sampass, uint16 *logon_ NTSTATUS sam_get_user_hours_len (const SAM_USER_HANDLE *sampass, uint32 *hours_len) { - if (!sampass || !hours_len)return NT_STATUS_UNSUCCESSFUL; + if (!sampass || !hours_len) return NT_STATUS_UNSUCCESSFUL; *hours_len = sampass->private.hours_len; @@ -136,7 +136,7 @@ NTSTATUS sam_get_user_hours_len (const SAM_USER_HANDLE *sampass, uint32 *hours_l NTSTATUS sam_get_user_hours (const SAM_USER_HANDLE *sampass, uint8 **hours) { - if (!sampass || !hours)return NT_STATUS_UNSUCCESSFUL; + if (!sampass || !hours) return NT_STATUS_UNSUCCESSFUL; *hours = sampass->private.hours; @@ -145,7 +145,7 @@ NTSTATUS sam_get_user_hours (const SAM_USER_HANDLE *sampass, uint8 **hours) NTSTATUS sam_get_user_nt_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB *nt_pwd) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; SMB_ASSERT((!sampass->private.nt_pw.data) || sampass->private.nt_pw.length == NT_HASH_LEN); @@ -157,7 +157,7 @@ NTSTATUS sam_get_user_nt_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB *nt_pwd) NTSTATUS sam_get_user_lm_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB *lm_pwd) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; SMB_ASSERT((!sampass->private.lm_pw.data) || sampass->private.lm_pw.length == LM_HASH_LEN); @@ -176,7 +176,7 @@ NTSTATUS sam_get_user_lm_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB *lm_pwd) NTSTATUS sam_get_user_plaintext_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB **plain_pwd) { - if (!sampass || !plain_pwd)return NT_STATUS_UNSUCCESSFUL; + if (!sampass || !plain_pwd) return NT_STATUS_UNSUCCESSFUL; *plain_pwd = &(sampass->private.plaintext_pw); @@ -185,7 +185,7 @@ NTSTATUS sam_get_user_plaintext_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB * NTSTATUS sam_get_user_sid(const SAM_USER_HANDLE *sampass, DOM_SID **sid) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *sid = &(sampass->private.user_sid); @@ -194,7 +194,7 @@ NTSTATUS sam_get_user_sid(const SAM_USER_HANDLE *sampass, DOM_SID **sid) NTSTATUS sam_get_user_pgroup(const SAM_USER_HANDLE *sampass, DOM_SID **sid) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *sid = &(sampass->private.group_sid); @@ -209,7 +209,7 @@ NTSTATUS sam_get_user_pgroup(const SAM_USER_HANDLE *sampass, DOM_SID **sid) NTSTATUS sam_get_user_init_flag (const SAM_USER_HANDLE *sampass, uint32 *initflag) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *initflag = sampass->private.init_flag; @@ -218,7 +218,7 @@ NTSTATUS sam_get_user_init_flag (const SAM_USER_HANDLE *sampass, uint32 *initfla NTSTATUS sam_get_user_name (const SAM_USER_HANDLE *sampass, char **username) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *username = sampass->private.username; @@ -227,7 +227,7 @@ NTSTATUS sam_get_user_name (const SAM_USER_HANDLE *sampass, char **username) NTSTATUS sam_get_user_domain (const SAM_USER_HANDLE *sampass, SAM_DOMAIN_HANDLE **domain) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *domain = sampass->private.domain; @@ -236,7 +236,7 @@ NTSTATUS sam_get_user_domain (const SAM_USER_HANDLE *sampass, SAM_DOMAIN_HANDLE NTSTATUS sam_get_user_fullname (const SAM_USER_HANDLE *sampass, char **fullname) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *fullname = sampass->private.full_name; @@ -245,7 +245,7 @@ NTSTATUS sam_get_user_fullname (const SAM_USER_HANDLE *sampass, char **fullname) NTSTATUS sam_get_user_homedir (const SAM_USER_HANDLE *sampass, char **homedir) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *homedir = sampass->private.home_dir; @@ -254,7 +254,7 @@ NTSTATUS sam_get_user_homedir (const SAM_USER_HANDLE *sampass, char **homedir) NTSTATUS sam_get_user_unix_home_dir (const SAM_USER_HANDLE *sampass, char **uhomedir) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *uhomedir = sampass->private.unix_home_dir; @@ -263,7 +263,7 @@ NTSTATUS sam_get_user_unix_home_dir (const SAM_USER_HANDLE *sampass, char **uhom NTSTATUS sam_get_user_dir_drive (const SAM_USER_HANDLE *sampass, char **dirdrive) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *dirdrive = sampass->private.dir_drive; @@ -272,7 +272,7 @@ NTSTATUS sam_get_user_dir_drive (const SAM_USER_HANDLE *sampass, char **dirdrive NTSTATUS sam_get_user_logon_script (const SAM_USER_HANDLE *sampass, char **logon_script) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *logon_script = sampass->private.logon_script; @@ -281,7 +281,7 @@ NTSTATUS sam_get_user_logon_script (const SAM_USER_HANDLE *sampass, char **logon NTSTATUS sam_get_user_profile_path (const SAM_USER_HANDLE *sampass, char **profile_path) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *profile_path = sampass->private.profile_path; @@ -290,7 +290,7 @@ NTSTATUS sam_get_user_profile_path (const SAM_USER_HANDLE *sampass, char **profi NTSTATUS sam_get_user_description (const SAM_USER_HANDLE *sampass, char **description) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *description = sampass->private.acct_desc; @@ -299,7 +299,7 @@ NTSTATUS sam_get_user_description (const SAM_USER_HANDLE *sampass, char **descri NTSTATUS sam_get_user_workstations (const SAM_USER_HANDLE *sampass, char **workstations) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *workstations = sampass->private.workstations; @@ -308,7 +308,7 @@ NTSTATUS sam_get_user_workstations (const SAM_USER_HANDLE *sampass, char **works NTSTATUS sam_get_user_unknown_str (const SAM_USER_HANDLE *sampass, char **unknown_str) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *unknown_str = sampass->private.unknown_str; @@ -317,7 +317,7 @@ NTSTATUS sam_get_user_unknown_str (const SAM_USER_HANDLE *sampass, char **unknow NTSTATUS sam_get_user_munged_dial (const SAM_USER_HANDLE *sampass, char **munged_dial) { - if (!sampass)return NT_STATUS_UNSUCCESSFUL; + if (!sampass) return NT_STATUS_UNSUCCESSFUL; *munged_dial = sampass->private.munged_dial; @@ -326,7 +326,7 @@ NTSTATUS sam_get_user_munged_dial (const SAM_USER_HANDLE *sampass, char **munged NTSTATUS sam_get_user_unknown_1 (const SAM_USER_HANDLE *sampass, uint32 *unknown1) { - if (!sampass || !unknown1)return NT_STATUS_UNSUCCESSFUL; + if (!sampass || !unknown1) return NT_STATUS_UNSUCCESSFUL; *unknown1 = sampass->private.unknown_1; @@ -335,7 +335,7 @@ NTSTATUS sam_get_user_unknown_1 (const SAM_USER_HANDLE *sampass, uint32 *unknown NTSTATUS sam_get_user_unknown_2 (const SAM_USER_HANDLE *sampass, uint32 *unknown2) { - if (!sampass || !unknown2)return NT_STATUS_UNSUCCESSFUL; + if (!sampass || !unknown2) return NT_STATUS_UNSUCCESSFUL; *unknown2 = sampass->private.unknown_2; @@ -344,7 +344,7 @@ NTSTATUS sam_get_user_unknown_2 (const SAM_USER_HANDLE *sampass, uint32 *unknown NTSTATUS sam_get_user_unknown_3 (const SAM_USER_HANDLE *sampass, uint32 *unknown3) { - if (!sampass || !unknown3)return NT_STATUS_UNSUCCESSFUL; + if (!sampass || !unknown3) return NT_STATUS_UNSUCCESSFUL; *unknown3 = sampass->private.unknown_3; diff --git a/source3/sam/interface.c b/source3/sam/interface.c index 6adf213d27..e4d4868b1e 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -4,6 +4,7 @@ Copyright (C) Andrew Bartlett 2002 Copyright (C) Jelmer Vernooij 2002 Copyright (C) Stefan (metze) Metzmacher 2002 + Copyright (C) Kai Krüger 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by -- cgit From 97a957107df5ba730dd6e121b7ce3e3287d0a14e Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 28 Aug 2002 07:51:07 +0000 Subject: Silly of me to only test this with --with-sam and not without. Doh! (This used to be commit 6395c34f2f981d59b761d8615851a8fd54c1c304) --- source3/sam/account.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/sam') diff --git a/source3/sam/account.c b/source3/sam/account.c index 9953ba956c..04be8ef162 100644 --- a/source3/sam/account.c +++ b/source3/sam/account.c @@ -24,7 +24,7 @@ #include "includes.h" #undef DBGC_CLASS -#define DBGC_CLASS DBGC_PASSDB +#define DBGC_CLASS DBGC_SAM /************************************************************ Fill the SAM_USER_HANDLE with default values. -- cgit From fe518a828b36a505772682e4d125cc5559dbeef6 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 29 Aug 2002 07:19:05 +0000 Subject: Put in patch from metze (Stefan Metzmacher) to: - Rename user -> account - Add sam_* functions (api.c) - Several small fixes (This used to be commit eafcc387045f4f265631a952297caf3f6db779d8) --- source3/sam/account.c | 104 ++--- source3/sam/api.c | 311 +++++++++++++++ source3/sam/get_set_account.c | 906 ++++++++++++++++++++++++++++++++++++++++++ source3/sam/get_set_domain.c | 45 ++- source3/sam/get_set_group.c | 2 +- source3/sam/get_set_user.c | 903 ----------------------------------------- source3/sam/interface.c | 345 ++++++++-------- 7 files changed, 1468 insertions(+), 1148 deletions(-) create mode 100644 source3/sam/api.c create mode 100644 source3/sam/get_set_account.c delete mode 100644 source3/sam/get_set_user.c (limited to 'source3/sam') diff --git a/source3/sam/account.c b/source3/sam/account.c index 04be8ef162..4d6916c9d8 100644 --- a/source3/sam/account.c +++ b/source3/sam/account.c @@ -27,65 +27,70 @@ #define DBGC_CLASS DBGC_SAM /************************************************************ - Fill the SAM_USER_HANDLE with default values. + Fill the SAM_ACCOUNT_HANDLE with default values. ***********************************************************/ -static void sam_fill_default_user(SAM_USER_HANDLE *user) +static void sam_fill_default_account(SAM_ACCOUNT_HANDLE *account) { - ZERO_STRUCT(user->private); /* Don't touch the talloc context */ + ZERO_STRUCT(account->private); /* Don't touch the talloc context */ /* Don't change these timestamp settings without a good reason. They are important for NT member server compatibility. */ - user->private.init_flag = FLAG_SAM_UNINIT; + account->private.init_flag = FLAG_SAM_UNINIT; /* FIXME: We should actually call get_nt_time_max() or sthng * here */ - unix_to_nt_time(&(user->private.logoff_time),get_time_t_max()); - unix_to_nt_time(&(user->private.kickoff_time),get_time_t_max()); - unix_to_nt_time(&(user->private.pass_must_change_time),get_time_t_max()); - user->private.unknown_1 = 0x00ffffff; /* don't know */ - user->private.logon_divs = 168; /* hours per week */ - user->private.hours_len = 21; /* 21 times 8 bits = 168 */ - memset(user->private.hours, 0xff, user->private.hours_len); /* available at all hours */ - user->private.unknown_2 = 0x00000000; /* don't know */ - user->private.unknown_3 = 0x000004ec; /* don't know */ + unix_to_nt_time(&(account->private.logoff_time),get_time_t_max()); + unix_to_nt_time(&(account->private.kickoff_time),get_time_t_max()); + unix_to_nt_time(&(account->private.pass_must_change_time),get_time_t_max()); + account->private.unknown_1 = 0x00ffffff; /* don't know */ + account->private.logon_divs = 168; /* hours per week */ + account->private.hours_len = 21; /* 21 times 8 bits = 168 */ + memset(account->private.hours, 0xff, account->private.hours_len); /* available at all hours */ + account->private.unknown_2 = 0x00000000; /* don't know */ + account->private.unknown_3 = 0x000004ec; /* don't know */ } -static void destroy_sam_talloc(SAM_USER_HANDLE **user) +static void destroy_sam_talloc(SAM_ACCOUNT_HANDLE **account) { - if (*user) { - talloc_destroy((*user)->mem_ctx); - *user = NULL; + if (*account) { + data_blob_clear_free(&((*account)->private.lm_pw)); + data_blob_clear_free(&((*account)->private.nt_pw)); + if((*account)->private.plaintext_pw!=NULL) + memset((*account)->private.plaintext_pw,'\0',strlen((*account)->private.plaintext_pw)); + + talloc_destroy((*account)->mem_ctx); + *account = NULL; } } /********************************************************************** - Alloc memory and initialises a SAM_USER_HANDLE on supplied mem_ctx. + Alloc memory and initialises a SAM_ACCOUNT_HANDLE on supplied mem_ctx. ***********************************************************************/ -NTSTATUS sam_init_user_talloc(TALLOC_CTX *mem_ctx, SAM_USER_HANDLE **user) +NTSTATUS sam_init_account_talloc(TALLOC_CTX *mem_ctx, SAM_ACCOUNT_HANDLE **account) { - SMB_ASSERT(*user != NULL); + SMB_ASSERT(*account != NULL); if (!mem_ctx) { - DEBUG(0,("sam_init_user_talloc: mem_ctx was NULL!\n")); + DEBUG(0,("sam_init_account_talloc: mem_ctx was NULL!\n")); return NT_STATUS_UNSUCCESSFUL; } - *user=(SAM_USER_HANDLE *)talloc(mem_ctx, sizeof(SAM_USER_HANDLE)); + *account=(SAM_ACCOUNT_HANDLE *)talloc(mem_ctx, sizeof(SAM_ACCOUNT_HANDLE)); - if (*user==NULL) { - DEBUG(0,("sam_init_user_talloc: error while allocating memory\n")); + if (*account==NULL) { + DEBUG(0,("sam_init_account_talloc: error while allocating memory\n")); return NT_STATUS_NO_MEMORY; } - (*user)->mem_ctx = mem_ctx; + (*account)->mem_ctx = mem_ctx; - (*user)->free_fn = NULL; + (*account)->free_fn = NULL; - sam_fill_default_user(*user); + sam_fill_default_account(*account); return NT_STATUS_OK; } @@ -95,77 +100,78 @@ NTSTATUS sam_init_user_talloc(TALLOC_CTX *mem_ctx, SAM_USER_HANDLE **user) Alloc memory and initialises a struct sam_passwd. ************************************************************/ -NTSTATUS sam_init_user(SAM_USER_HANDLE **user) +NTSTATUS sam_init_account(SAM_ACCOUNT_HANDLE **account) { TALLOC_CTX *mem_ctx; NTSTATUS nt_status; - mem_ctx = talloc_init_named("passdb internal SAM_USER_HANDLE allocation"); + mem_ctx = talloc_init_named("passdb internal SAM_ACCOUNT_HANDLE allocation"); if (!mem_ctx) { - DEBUG(0,("sam_init_user: error while doing talloc_init()\n")); + DEBUG(0,("sam_init_account: error while doing talloc_init()\n")); return NT_STATUS_NO_MEMORY; } - if (!NT_STATUS_IS_OK(nt_status = sam_init_user_talloc(mem_ctx, user))) { + if (!NT_STATUS_IS_OK(nt_status = sam_init_account_talloc(mem_ctx, account))) { talloc_destroy(mem_ctx); return nt_status; } - (*user)->free_fn = destroy_sam_talloc; + (*account)->free_fn = destroy_sam_talloc; return NT_STATUS_OK; } /** - * Free the contents of the SAM_USER_HANDLE, but not the structure. + * Free the contents of the SAM_ACCOUNT_HANDLE, but not the structure. * * Also wipes the LM and NT hashes and plaintext password from * memory. * - * @param user SAM_USER_HANDLE to free members of. + * @param account SAM_ACCOUNT_HANDLE to free members of. **/ -static void sam_free_user_contents(SAM_USER_HANDLE *user) +static void sam_free_account_contents(SAM_ACCOUNT_HANDLE *account) { /* Kill off sensitive data. Free()ed by the talloc mechinism */ - data_blob_clear_free(&(user->private.lm_pw)); - data_blob_clear_free(&(user->private.nt_pw)); - data_blob_clear_free(&(user->private.plaintext_pw)); + data_blob_clear_free(&(account->private.lm_pw)); + data_blob_clear_free(&(account->private.nt_pw)); + if (account->private.plaintext_pw) + memset(account->private.plaintext_pw,'\0',strlen(account->private.plaintext_pw)); } /************************************************************ - Reset the SAM_USER_HANDLE and free the NT/LM hashes. + Reset the SAM_ACCOUNT_HANDLE and free the NT/LM hashes. ***********************************************************/ -NTSTATUS sam_reset_sam(SAM_USER_HANDLE *user) +NTSTATUS sam_reset_sam(SAM_ACCOUNT_HANDLE *account) { - SMB_ASSERT(user != NULL); + SMB_ASSERT(account != NULL); - sam_free_user_contents(user); + sam_free_account_contents(account); - sam_fill_default_user(user); + sam_fill_default_account(account); return NT_STATUS_OK; } /************************************************************ - Free the SAM_USER_HANDLE and the member pointers. + Free the SAM_ACCOUNT_HANDLE and the member pointers. ***********************************************************/ -NTSTATUS sam_free_user(SAM_USER_HANDLE **user) +NTSTATUS sam_free_account(SAM_ACCOUNT_HANDLE **account) { - SMB_ASSERT(*user != NULL); + SMB_ASSERT(*account != NULL); - sam_free_user_contents(*user); + sam_free_account_contents(*account); - if ((*user)->free_fn) { - (*user)->free_fn(user); + if ((*account)->free_fn) { + (*account)->free_fn(account); } return NT_STATUS_OK; diff --git a/source3/sam/api.c b/source3/sam/api.c new file mode 100644 index 0000000000..a941dcb0b9 --- /dev/null +++ b/source3/sam/api.c @@ -0,0 +1,311 @@ +/* + Unix SMB/CIFS implementation. + SAM interface API. + + Copyright (C) Stefan (metze) Metzmacher 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_SAM + +/* this function should be used by the rest of SAMBA --metze */ + +/* General API */ + +NTSTATUS sam_get_sec_desc(const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_get_sec_desc(sam_context, access_token, sid, sd); +} + +NTSTATUS sam_set_sec_desc(const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_set_sec_desc(sam_context, access_token, sid, sd); +} + +NTSTATUS sam_lookup_sid(const NT_USER_TOKEN *access_token, const DOM_SID *sid, char **name, uint32 *type) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_lookup_sid(sam_context, access_token, sid, name, type); +} + +NTSTATUS sam_lookup_name(const NT_USER_TOKEN *access_token, const char *domain, const char *name, DOM_SID **sid, uint32 *type) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_lookup_name(sam_context, access_token, domain, name, sid, type); +} + +/* Domain API */ + +NTSTATUS sam_update_domain(const SAM_DOMAIN_HANDLE *domain) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_update_domain(sam_context, domain); +} + +NTSTATUS sam_enum_domains(const NT_USER_TOKEN *access_token, int32 *domain_count, DOM_SID **domains, char **domain_names) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_enum_domains(sam_context, access_token, domain_count, domains, domain_names); +} + +NTSTATUS sam_lookup_domain(const NT_USER_TOKEN * access_token, const char *domain, DOM_SID **domainsid) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_lookup_domain(sam_context, access_token, domain, domainsid); +} + +NTSTATUS sam_get_domain_by_sid(const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_get_domain_by_sid(sam_context, access_token, access_desired, domainsid, domain); +} + +/* Account API */ + +NTSTATUS sam_create_account(const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, SAM_ACCOUNT_HANDLE **account) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_create_account(sam_context, access_token, access_desired, domainsid, account); +} + +NTSTATUS sam_add_account(const DOM_SID *domainsid, const SAM_ACCOUNT_HANDLE *account) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_add_account(sam_context, domainsid, account); +} + +NTSTATUS sam_update_account(const SAM_ACCOUNT_HANDLE *account) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_update_account(sam_context, account); +} + +NTSTATUS sam_delete_account(const SAM_ACCOUNT_HANDLE *account) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_delete_account(sam_context, account); +} + +NTSTATUS sam_enum_accounts(const NT_USER_TOKEN *access_token, const DOM_SID *domain, int32 *account_count, SAM_ACCOUNT_ENUM **accounts) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_enum_accounts(sam_context, access_token, domain, account_count, accounts); +} + +NTSTATUS sam_get_account_by_sid(const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_get_account_by_sid(sam_context, access_token, access_desired, accountsid, account); +} + +NTSTATUS sam_get_account_by_name(const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_ACCOUNT_HANDLE **account) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_get_account_by_name(sam_context, access_token, access_desired, domain, name, account); +} + +/* Group API */ + +NTSTATUS sam_add_group(const DOM_SID *domainsid, const SAM_GROUP_HANDLE *group) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_add_group(sam_context, domainsid, group); +} + +NTSTATUS sam_update_group(const SAM_GROUP_HANDLE *group) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_update_group(sam_context, group); +} + +NTSTATUS sam_delete_group(const SAM_GROUP_HANDLE *group) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_delete_group(sam_context, group); +} + +NTSTATUS sam_enum_groups(const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, const uint32 type, uint32 *groups_count, SAM_GROUP_ENUM **groups) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_enum_groups(sam_context, access_token, domainsid, type, groups_count, groups); +} + +NTSTATUS sam_get_group_by_sid(const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_get_group_by_sid(sam_context, access_token, access_desired, groupsid, group); +} + +NTSTATUS sam_get_group_by_name(const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_get_group_by_name(sam_context, access_token, access_desired, domain, name, group); +} + +NTSTATUS sam_add_member_to_group(const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_add_member_to_group(sam_context, group, member); +} + +NTSTATUS sam_delete_member_from_group(const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_delete_member_from_group(sam_context, group, member); +} + +NTSTATUS sam_enum_groupmembers(const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_enum_groupmembers(sam_context, group, members_count, members); +} + +NTSTATUS sam_get_groups_of_account(const SAM_ACCOUNT_HANDLE *account, const uint32 type, uint32 *group_count, SAM_GROUP_ENUM **groups) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_get_groups_of_account(sam_context, account, type, group_count, groups); +} + diff --git a/source3/sam/get_set_account.c b/source3/sam/get_set_account.c new file mode 100644 index 0000000000..b0104fa1c3 --- /dev/null +++ b/source3/sam/get_set_account.c @@ -0,0 +1,906 @@ +/* + Unix SMB/CIFS implementation. + SAM_ACCOUNT_HANDLE access routines + Copyright (C) Andrew Bartlett 2002 + Copyright (C) Stefan (metze) Metzmacher 2002 + Copyright (C) Jelmer Vernooij 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_SAM + +NTSTATUS sam_get_account_domain_sid(const SAM_ACCOUNT_HANDLE *sampass, DOM_SID **sid) +{ + NTSTATUS status; + SAM_DOMAIN_HANDLE *domain; + if (!sampass || !sid) return NT_STATUS_UNSUCCESSFUL; + + if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){ + DEBUG(0, ("sam_get_account_domain_sid: Can't get domain for account\n")); + return status; + } + + return sam_get_domain_sid(domain, sid); +} + +NTSTATUS sam_get_account_domain_name(const SAM_ACCOUNT_HANDLE *sampass, char **domain_name) +{ + NTSTATUS status; + SAM_DOMAIN_HANDLE *domain; + if (!sampass || !domain_name) return NT_STATUS_UNSUCCESSFUL; + + if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){ + DEBUG(0, ("sam_get_account_domain_name: Can't get domain for account\n")); + return status; + } + + return sam_get_domain_name(domain, domain_name); +} + +NTSTATUS sam_get_account_acct_ctrl(const SAM_ACCOUNT_HANDLE *sampass, uint16 *acct_ctrl) +{ + if(!sampass || !acct_ctrl) return NT_STATUS_UNSUCCESSFUL; + + *acct_ctrl = sampass->private.acct_ctrl; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_logon_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logon_time) +{ + if(!sampass || !logon_time) return NT_STATUS_UNSUCCESSFUL; + + *logon_time = sampass->private.logon_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_logoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logoff_time) +{ + if(!sampass || !logoff_time) return NT_STATUS_UNSUCCESSFUL; + + *logoff_time = sampass->private.logoff_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_kickoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *kickoff_time) +{ + if (!sampass || !kickoff_time) return NT_STATUS_UNSUCCESSFUL; + + *kickoff_time = sampass->private.kickoff_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_pass_last_set_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_last_set_time) +{ + if (!sampass || !pass_last_set_time) return NT_STATUS_UNSUCCESSFUL; + + *pass_last_set_time = sampass->private.pass_last_set_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_pass_can_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_can_change_time) +{ + if (!sampass || !pass_can_change_time) return NT_STATUS_UNSUCCESSFUL; + + *pass_can_change_time = sampass->private.pass_can_change_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_pass_must_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_must_change_time) +{ + if (!sampass || !pass_must_change_time) return NT_STATUS_UNSUCCESSFUL; + + *pass_must_change_time = sampass->private.pass_must_change_time; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_logon_divs(const SAM_ACCOUNT_HANDLE *sampass, uint16 *logon_divs) +{ + if (!sampass || !logon_divs) return NT_STATUS_UNSUCCESSFUL; + + *logon_divs = sampass->private.logon_divs; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_hours_len(const SAM_ACCOUNT_HANDLE *sampass, uint32 *hours_len) +{ + if (!sampass || !hours_len) return NT_STATUS_UNSUCCESSFUL; + + *hours_len = sampass->private.hours_len; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_hours(const SAM_ACCOUNT_HANDLE *sampass, uint8 **hours) +{ + if (!sampass || !hours) return NT_STATUS_UNSUCCESSFUL; + + *hours = sampass->private.hours; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_nt_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *nt_pwd) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + SMB_ASSERT((!sampass->private.nt_pw.data) + || sampass->private.nt_pw.length == NT_HASH_LEN); + + *nt_pwd = sampass->private.nt_pw; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_lm_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *lm_pwd) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + SMB_ASSERT((!sampass->private.lm_pw.data) + || sampass->private.lm_pw.length == LM_HASH_LEN); + + *lm_pwd = sampass->private.lm_pw; + + return NT_STATUS_OK; +} + +/* Return the plaintext password if known. Most of the time + it isn't, so don't assume anything magic about this function. + + Used to pass the plaintext to sam backends that might + want to store more than just the NTLM hashes. +*/ + +NTSTATUS sam_get_account_plaintext_pwd(const SAM_ACCOUNT_HANDLE *sampass, char **plain_pwd) +{ + if (!sampass || !plain_pwd) return NT_STATUS_UNSUCCESSFUL; + + *plain_pwd = sampass->private.plaintext_pw; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_sid(const SAM_ACCOUNT_HANDLE *sampass, DOM_SID **sid) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *sid = &(sampass->private.account_sid); + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_pgroup(const SAM_ACCOUNT_HANDLE *sampass, DOM_SID **sid) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *sid = &(sampass->private.group_sid); + + return NT_STATUS_OK; +} + +/** + * Get flags showing what is initalised in the SAM_ACCOUNT_HANDLE + * @param sampass the SAM_ACCOUNT_HANDLE in question + * @return the flags indicating the members initialised in the struct. + **/ + +NTSTATUS sam_get_account_init_flag(const SAM_ACCOUNT_HANDLE *sampass, uint32 *initflag) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *initflag = sampass->private.init_flag; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_name(const SAM_ACCOUNT_HANDLE *sampass, char **account_name) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *account_name = sampass->private.account_name; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_domain(const SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE **domain) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *domain = sampass->private.domain; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_fullname(const SAM_ACCOUNT_HANDLE *sampass, char **fullname) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *fullname = sampass->private.full_name; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_homedir(const SAM_ACCOUNT_HANDLE *sampass, char **homedir) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *homedir = sampass->private.home_dir; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_unix_home_dir(const SAM_ACCOUNT_HANDLE *sampass, char **uhomedir) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *uhomedir = sampass->private.unix_home_dir; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_dir_drive(const SAM_ACCOUNT_HANDLE *sampass, char **dirdrive) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *dirdrive = sampass->private.dir_drive; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_logon_script(const SAM_ACCOUNT_HANDLE *sampass, char **logon_script) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *logon_script = sampass->private.logon_script; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_profile_path(const SAM_ACCOUNT_HANDLE *sampass, char **profile_path) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *profile_path = sampass->private.profile_path; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_description(const SAM_ACCOUNT_HANDLE *sampass, char **description) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *description = sampass->private.acct_desc; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_workstations(const SAM_ACCOUNT_HANDLE *sampass, char **workstations) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *workstations = sampass->private.workstations; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_unknown_str(const SAM_ACCOUNT_HANDLE *sampass, char **unknown_str) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *unknown_str = sampass->private.unknown_str; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_munged_dial(const SAM_ACCOUNT_HANDLE *sampass, char **munged_dial) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + *munged_dial = sampass->private.munged_dial; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_unknown_1(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown1) +{ + if (!sampass || !unknown1) return NT_STATUS_UNSUCCESSFUL; + + *unknown1 = sampass->private.unknown_1; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_unknown_2(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown2) +{ + if (!sampass || !unknown2) return NT_STATUS_UNSUCCESSFUL; + + *unknown2 = sampass->private.unknown_2; + + return NT_STATUS_OK; +} + +NTSTATUS sam_get_account_unknown_3(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown3) +{ + if (!sampass || !unknown3) return NT_STATUS_UNSUCCESSFUL; + + *unknown3 = sampass->private.unknown_3; + + return NT_STATUS_OK; +} + +/********************************************************************* + Collection of set...() functions for SAM_ACCOUNT_HANDLE_INFO. + ********************************************************************/ + +NTSTATUS sam_set_account_acct_ctrl(SAM_ACCOUNT_HANDLE *sampass, uint16 flags) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.acct_ctrl = flags; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_logon_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.logon_time = mytime; + + if (store) + sam_set_account_init_flag(sampass, FLAG_SAM_LOGONTIME); + + return NT_STATUS_UNSUCCESSFUL; +} + +NTSTATUS sam_set_account_logoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.logoff_time = mytime; + + if (store) + sam_set_account_init_flag(sampass, FLAG_SAM_LOGOFFTIME); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_kickoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.kickoff_time = mytime; + + if (store) + sam_set_account_init_flag(sampass, FLAG_SAM_KICKOFFTIME); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_pass_can_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.pass_can_change_time = mytime; + + if (store) + sam_set_account_init_flag(sampass, FLAG_SAM_CANCHANGETIME); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_pass_must_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.pass_must_change_time = mytime; + + if (store) + sam_set_account_init_flag(sampass, FLAG_SAM_MUSTCHANGETIME); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_pass_last_set_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.pass_last_set_time = mytime; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_hours_len(SAM_ACCOUNT_HANDLE *sampass, uint32 len) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.hours_len = len; + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_logon_divs(SAM_ACCOUNT_HANDLE *sampass, uint16 hours) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.logon_divs = hours; + return NT_STATUS_OK; +} + +/** + * Set flags showing what is initalised in the SAM_ACCOUNT_HANDLE + * @param sampass the SAM_ACCOUNT_HANDLE in question + * @param flag The *new* flag to be set. Old flags preserved + * this flag is only added. + **/ + +NTSTATUS sam_set_account_init_flag(SAM_ACCOUNT_HANDLE *sampass, uint32 flag) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.init_flag |= flag; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_sid(SAM_ACCOUNT_HANDLE *sampass, DOM_SID *u_sid) +{ + if (!sampass || !u_sid) + return NT_STATUS_UNSUCCESSFUL; + + sid_copy(&sampass->private.account_sid, u_sid); + + DEBUG(10, ("sam_set_account_sid: setting account sid %s\n", + sid_string_static(&sampass->private.account_sid))); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_sid_from_string(SAM_ACCOUNT_HANDLE *sampass, fstring u_sid) +{ + DOM_SID new_sid; + if (!sampass || !u_sid) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_account_sid_from_string: setting account sid %s\n", + u_sid)); + + if (!string_to_sid(&new_sid, u_sid)) { + DEBUG(1, ("sam_set_account_sid_from_string: %s isn't a valid SID!\n", u_sid)); + return NT_STATUS_UNSUCCESSFUL; + } + + if (!NT_STATUS_IS_OK(sam_set_account_sid(sampass, &new_sid))) { + DEBUG(1, ("sam_set_account_sid_from_string: could not set sid %s on SAM_ACCOUNT_HANDLE!\n", u_sid)); + return NT_STATUS_UNSUCCESSFUL; + } + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_pgroup_sid(SAM_ACCOUNT_HANDLE *sampass, DOM_SID *g_sid) +{ + if (!sampass || !g_sid) + return NT_STATUS_UNSUCCESSFUL; + + sid_copy(&sampass->private.group_sid, g_sid); + + DEBUG(10, ("sam_set_group_sid: setting group sid %s\n", + sid_string_static(&sampass->private.group_sid))); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_pgroup_string(SAM_ACCOUNT_HANDLE *sampass, fstring g_sid) +{ + DOM_SID new_sid; + if (!sampass || !g_sid) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_group_sid_from_string: setting group sid %s\n", + g_sid)); + + if (!string_to_sid(&new_sid, g_sid)) { + DEBUG(1, ("sam_set_group_sid_from_string: %s isn't a valid SID!\n", g_sid)); + return NT_STATUS_UNSUCCESSFUL; + } + + if (!NT_STATUS_IS_OK(sam_set_account_pgroup_sid(sampass, &new_sid))) { + DEBUG(1, ("sam_set_group_sid_from_string: could not set sid %s on SAM_ACCOUNT_HANDLE!\n", g_sid)); + return NT_STATUS_UNSUCCESSFUL; + } + return NT_STATUS_OK; +} + +/********************************************************************* + Set the domain name. + ********************************************************************/ + +NTSTATUS sam_set_account_domain(SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE *domain) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.domain = domain; + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's NT name. + ********************************************************************/ + +NTSTATUS sam_set_account_name(SAM_ACCOUNT_HANDLE *sampass, const char *account_name) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_account_name: setting nt account_name %s, was %s\n", account_name, sampass->private.account_name)); + + sampass->private.account_name = talloc_strdup(sampass->mem_ctx, account_name); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's full name. + ********************************************************************/ + +NTSTATUS sam_set_account_fullname(SAM_ACCOUNT_HANDLE *sampass, const char *full_name) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_account_fullname: setting full name %s, was %s\n", full_name, sampass->private.full_name)); + + sampass->private.full_name = talloc_strdup(sampass->mem_ctx, full_name); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's logon script. + ********************************************************************/ + +NTSTATUS sam_set_account_logon_script(SAM_ACCOUNT_HANDLE *sampass, const char *logon_script, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_logon_script: from %s to %s\n", logon_script, sampass->private.logon_script)); + + sampass->private.logon_script = talloc_strdup(sampass->mem_ctx, logon_script); + + sam_set_account_init_flag(sampass, FLAG_SAM_LOGONSCRIPT); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's profile path. + ********************************************************************/ + +NTSTATUS sam_set_account_profile_path(SAM_ACCOUNT_HANDLE *sampass, const char *profile_path, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_profile_path: setting profile path %s, was %s\n", profile_path, sampass->private.profile_path)); + + sampass->private.profile_path = talloc_strdup(sampass->mem_ctx, profile_path); + + if (store) { + DEBUG(10, ("sam_set_profile_path: setting profile path sam flag!\n")); + sam_set_account_init_flag(sampass, FLAG_SAM_PROFILE); + } + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's directory drive. + ********************************************************************/ + +NTSTATUS sam_set_account_dir_drive(SAM_ACCOUNT_HANDLE *sampass, const char *dir_drive, BOOL store) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_dir_drive: setting dir drive %s, was %s\n", dir_drive, + sampass->private.dir_drive)); + + sampass->private.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive); + + if (store) { + DEBUG(10, ("sam_set_dir_drive: setting dir drive sam flag!\n")); + sam_set_account_init_flag(sampass, FLAG_SAM_DRIVE); + } + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's home directory. + ********************************************************************/ + +NTSTATUS sam_set_account_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *home_dir, BOOL store) +{ + if (!sampass) return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_homedir: setting home dir %s, was %s\n", home_dir, + sampass->private.home_dir)); + + sampass->private.home_dir = talloc_strdup(sampass->mem_ctx, home_dir); + + if (store) { + DEBUG(10, ("sam_set_homedir: setting home dir sam flag!\n")); + sam_set_account_init_flag(sampass, FLAG_SAM_SMBHOME); + } + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's unix home directory. + ********************************************************************/ + +NTSTATUS sam_set_account_unix_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *unix_home_dir) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_unix_homedir: setting home dir %s, was %s\n", unix_home_dir, + sampass->private.unix_home_dir)); + + sampass->private.unix_home_dir = talloc_strdup(sampass->mem_ctx, unix_home_dir); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's account description. + ********************************************************************/ + +NTSTATUS sam_set_account_acct_desc(SAM_ACCOUNT_HANDLE *sampass, const char *acct_desc) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's workstation allowed list. + ********************************************************************/ + +NTSTATUS sam_set_account_workstations(SAM_ACCOUNT_HANDLE *sampass, const char *workstations) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10, ("sam_set_workstations: setting workstations %s, was %s\n", workstations, + sampass->private.workstations)); + + sampass->private.workstations = talloc_strdup(sampass->mem_ctx, workstations); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's 'unknown_str', whatever the heck this actually is... + ********************************************************************/ + +NTSTATUS sam_set_account_unknown_str(SAM_ACCOUNT_HANDLE *sampass, const char *unknown_str) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str); + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's dial string. + ********************************************************************/ + +NTSTATUS sam_set_account_munged_dial(SAM_ACCOUNT_HANDLE *sampass, const char *munged_dial) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial); + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's NT hash. + ********************************************************************/ + +NTSTATUS sam_set_account_nt_pwd(SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB data) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.nt_pw = data; + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's LM hash. + ********************************************************************/ + +NTSTATUS sam_set_account_lm_pwd(SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB data) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.lm_pw = data; + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's plaintext password only (base procedure, see helper + below) + ********************************************************************/ + +NTSTATUS sam_set_account_plaintext_pwd(SAM_ACCOUNT_HANDLE *sampass, const char *plain_pwd) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.plaintext_pw = talloc_strdup(sampass->mem_ctx, plain_pwd); + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_unknown_1(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.unknown_1 = unkn; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_unknown_2(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.unknown_2 = unkn; + + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_unknown_3(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + sampass->private.unknown_3 = unkn; + return NT_STATUS_OK; +} + +NTSTATUS sam_set_account_hours(SAM_ACCOUNT_HANDLE *sampass, const uint8 *hours) +{ + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + if (!hours) { + memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN); + return NT_STATUS_OK; + } + + memcpy(sampass->private.hours, hours, MAX_HOURS_LEN); + + return NT_STATUS_OK; +} + +/* Helpful interfaces to the above */ + +/********************************************************************* + Sets the last changed times and must change times for a normal + password change. + ********************************************************************/ + +NTSTATUS sam_set_account_pass_changed_now(SAM_ACCOUNT_HANDLE *sampass) +{ + uint32 expire; + NTTIME temptime; + + if (!sampass) + return NT_STATUS_UNSUCCESSFUL; + + unix_to_nt_time(&temptime, time(NULL)); + if (!NT_STATUS_IS_OK(sam_set_account_pass_last_set_time(sampass, temptime))) + return NT_STATUS_UNSUCCESSFUL; + + if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire) + || (expire==(uint32)-1)) { + + get_nttime_max(&temptime); + if (!NT_STATUS_IS_OK(sam_set_account_pass_must_change_time(sampass, temptime, False))) + return NT_STATUS_UNSUCCESSFUL; + + } else { + /* FIXME: Add expire to temptime */ + + if (!NT_STATUS_IS_OK(sam_get_account_pass_last_set_time(sampass,&temptime)) || !NT_STATUS_IS_OK(sam_set_account_pass_must_change_time(sampass, temptime,True))) + return NT_STATUS_UNSUCCESSFUL; + } + + return NT_STATUS_OK; +} + +/********************************************************************* + Set the account's PLAINTEXT password. Used as an interface to the above. + Also sets the last change time to NOW. + ********************************************************************/ + +NTSTATUS sam_set_account_passwd(SAM_ACCOUNT_HANDLE *sampass, const char *plaintext) +{ + DATA_BLOB data; + uchar new_lanman_p16[16]; + uchar new_nt_p16[16]; + + if (!sampass || !plaintext) + return NT_STATUS_UNSUCCESSFUL; + + nt_lm_owf_gen(plaintext, new_nt_p16, new_lanman_p16); + + data = data_blob(new_nt_p16, 16); + if (!NT_STATUS_IS_OK(sam_set_account_nt_pwd(sampass, data))) + return NT_STATUS_UNSUCCESSFUL; + + data = data_blob(new_lanman_p16, 16); + + if (!NT_STATUS_IS_OK(sam_set_account_lm_pwd(sampass, data))) + return NT_STATUS_UNSUCCESSFUL; + + if (!NT_STATUS_IS_OK(sam_set_account_plaintext_pwd(sampass, plaintext))) + return NT_STATUS_UNSUCCESSFUL; + + if (!NT_STATUS_IS_OK(sam_set_account_pass_changed_now(sampass))) + return NT_STATUS_UNSUCCESSFUL; + + return NT_STATUS_OK; +} + diff --git a/source3/sam/get_set_domain.c b/source3/sam/get_set_domain.c index e9e61119cd..9e4d41a49e 100644 --- a/source3/sam/get_set_domain.c +++ b/source3/sam/get_set_domain.c @@ -30,16 +30,16 @@ NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, DOM_SID **sid) { if (!domain || !sid) return NT_STATUS_UNSUCCESSFUL; - *sid = &domain->private.sid; + *sid = &(domain->private.sid); return NT_STATUS_OK; } -NTSTATUS sam_get_domain_num_users(SAM_DOMAIN_HANDLE *domain, uint32 *num_users) +NTSTATUS sam_get_domain_num_accounts(SAM_DOMAIN_HANDLE *domain, uint32 *num_accounts) { - if (!domain || !num_users) return NT_STATUS_UNSUCCESSFUL; + if (!domain || !num_accounts) return NT_STATUS_UNSUCCESSFUL; - *num_users = domain->private.num_users; + *num_accounts = domain->private.num_accounts; return NT_STATUS_OK; } @@ -71,15 +71,6 @@ NTSTATUS sam_get_domain_name(SAM_DOMAIN_HANDLE *domain, char **domain_name) return NT_STATUS_OK; } -NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, char *domain_name) -{ - if (!domain) return NT_STATUS_UNSUCCESSFUL; - - domain->private.name = talloc_strdup(domain->mem_ctx, domain_name); - - return NT_STATUS_OK; -} - NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name) { if (!domain || !server_name) return NT_STATUS_UNSUCCESSFUL; @@ -89,15 +80,6 @@ NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name) return NT_STATUS_OK; } -NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, char *server_name) -{ - if (!domain) return NT_STATUS_UNSUCCESSFUL; - - domain->private.servername = talloc_strdup(domain->mem_ctx, server_name); - - return NT_STATUS_OK; -} - NTSTATUS sam_get_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage) { if (!domain || !max_passwordage) return NT_STATUS_UNSUCCESSFUL; @@ -182,6 +164,16 @@ NTSTATUS sam_get_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_p /* Set */ +NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, char *domain_name) +{ + if (!domain) return NT_STATUS_UNSUCCESSFUL; + + domain->private.name = talloc_strdup(domain->mem_ctx, domain_name); + + return NT_STATUS_OK; +} + + NTSTATUS sam_set_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME max_passwordage) { if (!domain) return NT_STATUS_UNSUCCESSFUL; @@ -261,3 +253,12 @@ NTSTATUS sam_set_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL login_pw return NT_STATUS_OK; } + +NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, char *server_name) +{ + if (!domain) return NT_STATUS_UNSUCCESSFUL; + + domain->private.servername = talloc_strdup(domain->mem_ctx, server_name); + + return NT_STATUS_OK; +} diff --git a/source3/sam/get_set_group.c b/source3/sam/get_set_group.c index 51f91ada82..dac5ffca9f 100644 --- a/source3/sam/get_set_group.c +++ b/source3/sam/get_set_group.c @@ -31,7 +31,7 @@ NTSTATUS sam_get_group_sid(const SAM_GROUP_HANDLE *group, DOM_SID **sid) { if (!group || !sid) return NT_STATUS_UNSUCCESSFUL; - *sid = &group->private.sid; + *sid = &(group->private.sid); return NT_STATUS_OK; } diff --git a/source3/sam/get_set_user.c b/source3/sam/get_set_user.c deleted file mode 100644 index 753567ac06..0000000000 --- a/source3/sam/get_set_user.c +++ /dev/null @@ -1,903 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SAM_USER_HANDLE access routines - Copyright (C) Andrew Bartlett 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Jelmer Vernooij 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_SAM - -NTSTATUS sam_get_user_domain_sid (const SAM_USER_HANDLE *sampass, DOM_SID **sid) -{ - NTSTATUS status; - SAM_DOMAIN_HANDLE *domain; - if (!sampass || !sid) return NT_STATUS_UNSUCCESSFUL; - - if (!NT_STATUS_IS_OK(status = sam_get_user_domain(sampass, &domain))){ - DEBUG(0, ("sam_get_user_domain_sid: Can't get domain for user\n")); - return status; - } - - return sam_get_domain_sid(domain, sid); -} - -NTSTATUS sam_get_user_domain_name (const SAM_USER_HANDLE *sampass, char **domain_name) -{ - NTSTATUS status; - SAM_DOMAIN_HANDLE *domain; - if (!sampass || !domain_name) return NT_STATUS_UNSUCCESSFUL; - - if (!NT_STATUS_IS_OK(status = sam_get_user_domain(sampass, &domain))){ - DEBUG(0, ("sam_get_user_domain_name: Can't get domain for user\n")); - return status; - } - - return sam_get_domain_name(domain, domain_name); -} - -NTSTATUS sam_get_user_acct_ctrl (const SAM_USER_HANDLE *sampass, uint16 *acct_ctrl) -{ - if(!sampass || !acct_ctrl) return NT_STATUS_UNSUCCESSFUL; - - *acct_ctrl = sampass->private.acct_ctrl; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_logon_time (const SAM_USER_HANDLE *sampass, NTTIME *logon_time) -{ - if(!sampass || !logon_time) return NT_STATUS_UNSUCCESSFUL; - - *logon_time = sampass->private.logon_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_logoff_time (const SAM_USER_HANDLE *sampass, NTTIME *logoff_time) -{ - if(!sampass || !logoff_time) return NT_STATUS_UNSUCCESSFUL; - - *logoff_time = sampass->private.logoff_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_kickoff_time (const SAM_USER_HANDLE *sampass, NTTIME *kickoff_time) -{ - if (!sampass || !kickoff_time) return NT_STATUS_UNSUCCESSFUL; - - *kickoff_time = sampass->private.kickoff_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_pass_last_set_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_last_set_time) -{ - if (!sampass || !pass_last_set_time) return NT_STATUS_UNSUCCESSFUL; - - *pass_last_set_time = sampass->private.pass_last_set_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_pass_can_change_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_can_change_time) -{ - if (!sampass || !pass_can_change_time) return NT_STATUS_UNSUCCESSFUL; - - *pass_can_change_time = sampass->private.pass_can_change_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_pass_must_change_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_must_change_time) -{ - if (!sampass || !pass_must_change_time) return NT_STATUS_UNSUCCESSFUL; - - *pass_must_change_time = sampass->private.pass_must_change_time; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_logon_divs (const SAM_USER_HANDLE *sampass, uint16 *logon_divs) -{ - if (!sampass || !logon_divs) return NT_STATUS_UNSUCCESSFUL; - - *logon_divs = sampass->private.logon_divs; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_hours_len (const SAM_USER_HANDLE *sampass, uint32 *hours_len) -{ - if (!sampass || !hours_len) return NT_STATUS_UNSUCCESSFUL; - - *hours_len = sampass->private.hours_len; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_hours (const SAM_USER_HANDLE *sampass, uint8 **hours) -{ - if (!sampass || !hours) return NT_STATUS_UNSUCCESSFUL; - - *hours = sampass->private.hours; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_nt_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB *nt_pwd) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - SMB_ASSERT((!sampass->private.nt_pw.data) - || sampass->private.nt_pw.length == NT_HASH_LEN); - - *nt_pwd = sampass->private.nt_pw; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_lm_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB *lm_pwd) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - SMB_ASSERT((!sampass->private.lm_pw.data) - || sampass->private.lm_pw.length == LM_HASH_LEN); - - *lm_pwd = sampass->private.lm_pw; - - return NT_STATUS_OK; -} - -/* Return the plaintext password if known. Most of the time - it isn't, so don't assume anything magic about this function. - - Used to pass the plaintext to sam backends that might - want to store more than just the NTLM hashes. -*/ - -NTSTATUS sam_get_user_plaintext_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB **plain_pwd) -{ - if (!sampass || !plain_pwd) return NT_STATUS_UNSUCCESSFUL; - - *plain_pwd = &(sampass->private.plaintext_pw); - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_sid(const SAM_USER_HANDLE *sampass, DOM_SID **sid) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *sid = &(sampass->private.user_sid); - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_pgroup(const SAM_USER_HANDLE *sampass, DOM_SID **sid) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *sid = &(sampass->private.group_sid); - - return NT_STATUS_OK; -} - -/** - * Get flags showing what is initalised in the SAM_USER_HANDLE - * @param sampass the SAM_USER_HANDLE in question - * @return the flags indicating the members initialised in the struct. - **/ - -NTSTATUS sam_get_user_init_flag (const SAM_USER_HANDLE *sampass, uint32 *initflag) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *initflag = sampass->private.init_flag; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_name (const SAM_USER_HANDLE *sampass, char **username) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *username = sampass->private.username; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_domain (const SAM_USER_HANDLE *sampass, SAM_DOMAIN_HANDLE **domain) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *domain = sampass->private.domain; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_fullname (const SAM_USER_HANDLE *sampass, char **fullname) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *fullname = sampass->private.full_name; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_homedir (const SAM_USER_HANDLE *sampass, char **homedir) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *homedir = sampass->private.home_dir; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_unix_home_dir (const SAM_USER_HANDLE *sampass, char **uhomedir) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *uhomedir = sampass->private.unix_home_dir; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_dir_drive (const SAM_USER_HANDLE *sampass, char **dirdrive) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *dirdrive = sampass->private.dir_drive; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_logon_script (const SAM_USER_HANDLE *sampass, char **logon_script) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *logon_script = sampass->private.logon_script; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_profile_path (const SAM_USER_HANDLE *sampass, char **profile_path) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *profile_path = sampass->private.profile_path; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_description (const SAM_USER_HANDLE *sampass, char **description) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *description = sampass->private.acct_desc; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_workstations (const SAM_USER_HANDLE *sampass, char **workstations) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *workstations = sampass->private.workstations; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_unknown_str (const SAM_USER_HANDLE *sampass, char **unknown_str) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *unknown_str = sampass->private.unknown_str; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_munged_dial (const SAM_USER_HANDLE *sampass, char **munged_dial) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - *munged_dial = sampass->private.munged_dial; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_unknown_1 (const SAM_USER_HANDLE *sampass, uint32 *unknown1) -{ - if (!sampass || !unknown1) return NT_STATUS_UNSUCCESSFUL; - - *unknown1 = sampass->private.unknown_1; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_unknown_2 (const SAM_USER_HANDLE *sampass, uint32 *unknown2) -{ - if (!sampass || !unknown2) return NT_STATUS_UNSUCCESSFUL; - - *unknown2 = sampass->private.unknown_2; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_user_unknown_3 (const SAM_USER_HANDLE *sampass, uint32 *unknown3) -{ - if (!sampass || !unknown3) return NT_STATUS_UNSUCCESSFUL; - - *unknown3 = sampass->private.unknown_3; - - return NT_STATUS_OK; -} - -/********************************************************************* - Collection of set...() functions for SAM_USER_HANDLE_INFO. - ********************************************************************/ - -NTSTATUS sam_set_user_acct_ctrl (SAM_USER_HANDLE *sampass, uint16 flags) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.acct_ctrl = flags; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_logon_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.logon_time = mytime; - - if (store) - sam_set_user_init_flag(sampass, FLAG_SAM_LOGONTIME); - - return NT_STATUS_UNSUCCESSFUL; -} - -NTSTATUS sam_set_user_logoff_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.logoff_time = mytime; - - if (store) - sam_set_user_init_flag(sampass, FLAG_SAM_LOGOFFTIME); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_kickoff_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.kickoff_time = mytime; - - if (store) - sam_set_user_init_flag(sampass, FLAG_SAM_KICKOFFTIME); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_pass_can_change_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.pass_can_change_time = mytime; - - if (store) - sam_set_user_init_flag(sampass, FLAG_SAM_CANCHANGETIME); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_pass_must_change_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.pass_must_change_time = mytime; - - if (store) - sam_set_user_init_flag(sampass, FLAG_SAM_MUSTCHANGETIME); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_pass_last_set_time (SAM_USER_HANDLE *sampass, NTTIME mytime) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.pass_last_set_time = mytime; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_hours_len (SAM_USER_HANDLE *sampass, uint32 len) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.hours_len = len; - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_logon_divs (SAM_USER_HANDLE *sampass, uint16 hours) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.logon_divs = hours; - return NT_STATUS_OK; -} - -/** - * Set flags showing what is initalised in the SAM_USER_HANDLE - * @param sampass the SAM_USER_HANDLE in question - * @param flag The *new* flag to be set. Old flags preserved - * this flag is only added. - **/ - -NTSTATUS sam_set_user_init_flag (SAM_USER_HANDLE *sampass, uint32 flag) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.init_flag |= flag; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_sid (SAM_USER_HANDLE *sampass, DOM_SID *u_sid) -{ - if (!sampass || !u_sid) - return NT_STATUS_UNSUCCESSFUL; - - sid_copy(&sampass->private.user_sid, u_sid); - - DEBUG(10, ("sam_set_user_sid: setting user sid %s\n", - sid_string_static(&sampass->private.user_sid))); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_sid_from_string (SAM_USER_HANDLE *sampass, fstring u_sid) -{ - DOM_SID new_sid; - if (!sampass || !u_sid) - return NT_STATUS_UNSUCCESSFUL; - - DEBUG(10, ("sam_set_user_sid_from_string: setting user sid %s\n", - u_sid)); - - if (!string_to_sid(&new_sid, u_sid)) { - DEBUG(1, ("sam_set_user_sid_from_string: %s isn't a valid SID!\n", u_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!NT_STATUS_IS_OK(sam_set_user_sid(sampass, &new_sid))) { - DEBUG(1, ("sam_set_user_sid_from_string: could not set sid %s on SAM_USER_HANDLE!\n", u_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_pgroup_sid (SAM_USER_HANDLE *sampass, DOM_SID *g_sid) -{ - if (!sampass || !g_sid) - return NT_STATUS_UNSUCCESSFUL; - - sid_copy(&sampass->private.group_sid, g_sid); - - DEBUG(10, ("sam_set_group_sid: setting group sid %s\n", - sid_string_static(&sampass->private.group_sid))); - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_pgroup_string (SAM_USER_HANDLE *sampass, fstring g_sid) -{ - DOM_SID new_sid; - if (!sampass || !g_sid) - return NT_STATUS_UNSUCCESSFUL; - - DEBUG(10, ("sam_set_group_sid_from_string: setting group sid %s\n", - g_sid)); - - if (!string_to_sid(&new_sid, g_sid)) { - DEBUG(1, ("sam_set_group_sid_from_string: %s isn't a valid SID!\n", g_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - - if (!NT_STATUS_IS_OK(sam_set_user_pgroup_sid(sampass, &new_sid))) { - DEBUG(1, ("sam_set_group_sid_from_string: could not set sid %s on SAM_USER_HANDLE!\n", g_sid)); - return NT_STATUS_UNSUCCESSFUL; - } - return NT_STATUS_OK; -} - -/********************************************************************* - Set the domain name. - ********************************************************************/ - -NTSTATUS sam_set_user_domain(SAM_USER_HANDLE *sampass, SAM_DOMAIN_HANDLE *domain) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.domain = domain; - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's NT name. - ********************************************************************/ - -NTSTATUS sam_set_user_username(SAM_USER_HANDLE *sampass, const char *nt_username) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - DEBUG(10, ("sam_set_user_username: setting nt username %s, was %s\n", nt_username, sampass->private.username)); - - sampass->private.username = talloc_strdup(sampass->mem_ctx, nt_username); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's full name. - ********************************************************************/ - -NTSTATUS sam_set_user_fullname(SAM_USER_HANDLE *sampass, const char *full_name) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - DEBUG(10, ("sam_set_user_fullname: setting full name %s, was %s\n", full_name, sampass->private.full_name)); - - sampass->private.full_name = talloc_strdup(sampass->mem_ctx, full_name); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's logon script. - ********************************************************************/ - -NTSTATUS sam_set_user_logon_script(SAM_USER_HANDLE *sampass, const char *logon_script, BOOL store) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - DEBUG(10, ("sam_set_logon_script: from %s to %s\n", logon_script, sampass->private.logon_script)); - - sampass->private.logon_script = talloc_strdup(sampass->mem_ctx, logon_script); - - sam_set_user_init_flag(sampass, FLAG_SAM_LOGONSCRIPT); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's profile path. - ********************************************************************/ - -NTSTATUS sam_set_user_profile_path (SAM_USER_HANDLE *sampass, const char *profile_path, BOOL store) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - DEBUG(10, ("sam_set_profile_path: setting profile path %s, was %s\n", profile_path, sampass->private.profile_path)); - - sampass->private.profile_path = talloc_strdup(sampass->mem_ctx, profile_path); - - if (store) { - DEBUG(10, ("sam_set_profile_path: setting profile path sam flag!\n")); - sam_set_user_init_flag(sampass, FLAG_SAM_PROFILE); - } - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's directory drive. - ********************************************************************/ - -NTSTATUS sam_set_user_dir_drive (SAM_USER_HANDLE *sampass, const char *dir_drive, BOOL store) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - DEBUG(10, ("sam_set_dir_drive: setting dir drive %s, was %s\n", dir_drive, - sampass->private.dir_drive)); - - sampass->private.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive); - - if (store) { - DEBUG(10, ("sam_set_dir_drive: setting dir drive sam flag!\n")); - sam_set_user_init_flag(sampass, FLAG_SAM_DRIVE); - } - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's home directory. - ********************************************************************/ - -NTSTATUS sam_set_user_homedir (SAM_USER_HANDLE *sampass, const char *home_dir, BOOL store) -{ - if (!sampass) return NT_STATUS_UNSUCCESSFUL; - - DEBUG(10, ("sam_set_homedir: setting home dir %s, was %s\n", home_dir, - sampass->private.home_dir)); - - sampass->private.home_dir = talloc_strdup(sampass->mem_ctx, home_dir); - - if (store) { - DEBUG(10, ("sam_set_homedir: setting home dir sam flag!\n")); - sam_set_user_init_flag(sampass, FLAG_SAM_SMBHOME); - } - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's unix home directory. - ********************************************************************/ - -NTSTATUS sam_set_user_unix_homedir (SAM_USER_HANDLE *sampass, const char *unix_home_dir) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - DEBUG(10, ("sam_set_unix_homedir: setting home dir %s, was %s\n", unix_home_dir, - sampass->private.unix_home_dir)); - - sampass->private.unix_home_dir = talloc_strdup(sampass->mem_ctx, unix_home_dir); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's account description. - ********************************************************************/ - -NTSTATUS sam_set_user_acct_desc (SAM_USER_HANDLE *sampass, const char *acct_desc) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's workstation allowed list. - ********************************************************************/ - -NTSTATUS sam_set_user_workstations (SAM_USER_HANDLE *sampass, const char *workstations) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - DEBUG(10, ("sam_set_workstations: setting workstations %s, was %s\n", workstations, - sampass->private.workstations)); - - sampass->private.workstations = talloc_strdup(sampass->mem_ctx, workstations); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's 'unknown_str', whatever the heck this actually is... - ********************************************************************/ - -NTSTATUS sam_set_user_unknown_str (SAM_USER_HANDLE *sampass, const char *unknown_str) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str); - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's dial string. - ********************************************************************/ - -NTSTATUS sam_set_user_munged_dial (SAM_USER_HANDLE *sampass, const char *munged_dial) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial); - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's NT hash. - ********************************************************************/ - -NTSTATUS sam_set_user_nt_pwd (SAM_USER_HANDLE *sampass, DATA_BLOB data) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.nt_pw = data; - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's LM hash. - ********************************************************************/ - -NTSTATUS sam_set_user_lm_pwd (SAM_USER_HANDLE *sampass, DATA_BLOB data) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.lm_pw = data; - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's plaintext password only (base procedure, see helper - below) - ********************************************************************/ - -NTSTATUS sam_set_user_plaintext_pw_only (SAM_USER_HANDLE *sampass, DATA_BLOB data) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.plaintext_pw = data; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_unknown_1 (SAM_USER_HANDLE *sampass, uint32 unkn) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.unknown_1 = unkn; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_unknown_2 (SAM_USER_HANDLE *sampass, uint32 unkn) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.unknown_2 = unkn; - - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_unknown_3 (SAM_USER_HANDLE *sampass, uint32 unkn) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - sampass->private.unknown_3 = unkn; - return NT_STATUS_OK; -} - -NTSTATUS sam_set_user_hours (SAM_USER_HANDLE *sampass, const uint8 *hours) -{ - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - if (!hours) { - memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN); - return NT_STATUS_OK; - } - - memcpy (sampass->private.hours, hours, MAX_HOURS_LEN); - - return NT_STATUS_OK; -} - -/* Helpful interfaces to the above */ - -/********************************************************************* - Sets the last changed times and must change times for a normal - password change. - ********************************************************************/ - -NTSTATUS sam_set_user_pass_changed_now (SAM_USER_HANDLE *sampass) -{ - uint32 expire; - NTTIME temptime; - - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; - - unix_to_nt_time(&temptime, time(NULL)); - if (!NT_STATUS_IS_OK(sam_set_user_pass_last_set_time (sampass, temptime))) - return NT_STATUS_UNSUCCESSFUL; - - if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire) - || (expire==(uint32)-1)) { - - get_nttime_max(&temptime); - if (!NT_STATUS_IS_OK(sam_set_user_pass_must_change_time (sampass, temptime, False))) - return NT_STATUS_UNSUCCESSFUL; - - } else { - /* FIXME: Add expire to temptime */ - - if (!NT_STATUS_IS_OK(sam_get_user_pass_last_set_time(sampass,&temptime)) || !NT_STATUS_IS_OK(sam_set_user_pass_must_change_time (sampass, temptime,True))) - return NT_STATUS_UNSUCCESSFUL; - } - - return NT_STATUS_OK; -} - -/********************************************************************* - Set the user's PLAINTEXT password. Used as an interface to the above. - Also sets the last change time to NOW. - ********************************************************************/ - -NTSTATUS sam_set_plaintext_passwd (SAM_USER_HANDLE *sampass, const char *plaintext) -{ - DATA_BLOB data; - uchar new_lanman_p16[16]; - uchar new_nt_p16[16]; - - if (!sampass || !plaintext) - return NT_STATUS_UNSUCCESSFUL; - - nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16); - - data = data_blob(new_nt_p16, 16); - if (!NT_STATUS_IS_OK(sam_set_user_nt_pwd (sampass, data))) - return NT_STATUS_UNSUCCESSFUL; - - data = data_blob(new_lanman_p16, 16); - - if (!NT_STATUS_IS_OK(sam_set_user_lm_pwd (sampass, data))) - return NT_STATUS_UNSUCCESSFUL; - - if (!NT_STATUS_IS_OK(sam_set_user_pass_changed_now (sampass))) - return NT_STATUS_UNSUCCESSFUL; - - return NT_STATUS_OK; -} - diff --git a/source3/sam/interface.c b/source3/sam/interface.c index e4d4868b1e..3d886d7281 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -3,8 +3,8 @@ Password and authentication handling Copyright (C) Andrew Bartlett 2002 Copyright (C) Jelmer Vernooij 2002 - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Kai Krüger 2002 + Copyright (C) Stefan (metze) Metzmacher 2002 + Copyright (C) Kai Krüger 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -29,6 +29,7 @@ /** List of various built-in sam modules */ const struct sam_init_function_entry builtin_sam_init_functions[] = { + { "plugin", sam_init_plugin }, { NULL, NULL} }; @@ -41,9 +42,9 @@ const struct sam_init_function_entry builtin_sam_init_functions[] = { in the selected backend *******************************************************************/ -NTSTATUS sam_get_methods_by_sid(const struct sam_context *context, struct sam_methods **sam_method, const DOM_SID *domainsid) +NTSTATUS sam_get_methods_by_sid(const SAM_CONTEXT *context, SAM_METHODS **sam_method, const DOM_SID *domainsid) { - struct sam_methods *tmp_methods; + SAM_METHODS *tmp_methods; DEBUG(5,("sam_get_methods_by_sid: %d\n", __LINE__)); @@ -57,7 +58,7 @@ NTSTATUS sam_get_methods_by_sid(const struct sam_context *context, struct sam_me while (tmp_methods) { - if (sid_equal(domainsid, &tmp_methods->domain->private.sid)) + if (sid_equal(domainsid, &(tmp_methods->domain->private.sid))) { (*sam_method) = tmp_methods; return NT_STATUS_OK; @@ -70,9 +71,9 @@ NTSTATUS sam_get_methods_by_sid(const struct sam_context *context, struct sam_me return NT_STATUS_NO_SUCH_DOMAIN; } -NTSTATUS sam_get_methods_by_name(const struct sam_context *context, struct sam_methods **sam_method, const char *domainname) +NTSTATUS sam_get_methods_by_name(const SAM_CONTEXT *context, SAM_METHODS **sam_method, const char *domainname) { - struct sam_methods *tmp_methods; + SAM_METHODS *tmp_methods; DEBUG(5,("sam_get_methods_by_name: %d\n", __LINE__)); @@ -99,11 +100,10 @@ NTSTATUS sam_get_methods_by_name(const struct sam_context *context, struct sam_m return NT_STATUS_NO_SUCH_DOMAIN; } -NTSTATUS context_sam_get_sec_desc(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd) +NTSTATUS context_sam_get_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd) { - struct sam_methods *tmp_methods; -// DOM_SID *domainsid; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; DEBUG(5,("context_sam_get_sec_desc: %d\n", __LINE__)); @@ -125,11 +125,10 @@ NTSTATUS context_sam_get_sec_desc(const struct sam_context *context, const NT_US return NT_STATUS_OK; } -NTSTATUS context_sam_set_sec_desc(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd) +NTSTATUS context_sam_set_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd) { - struct sam_methods *tmp_methods; -// DOM_SID *domainsid; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; DEBUG(5,("context_sam_set_sec_desc: %d\n", __LINE__)); @@ -152,10 +151,10 @@ NTSTATUS context_sam_set_sec_desc(const struct sam_context *context, const NT_US } -NTSTATUS context_sam_lookup_name(const struct sam_context *context, const NT_USER_TOKEN *access_token, const char *domain, const char *name, DOM_SID **sid, uint32 *type) +NTSTATUS context_sam_lookup_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const char *domain, const char *name, DOM_SID **sid, uint32 *type) { - struct sam_methods *tmp_methods; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; DEBUG(5,("context_sam_lookup_name: %d\n", __LINE__)); @@ -178,12 +177,12 @@ NTSTATUS context_sam_lookup_name(const struct sam_context *context, const NT_USE return NT_STATUS_OK; } -NTSTATUS context_sam_lookup_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, char **name, uint32 *type) +NTSTATUS context_sam_lookup_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, char **name, uint32 *type) { - struct sam_methods *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - DOM_SID domainsid; + SAM_METHODS *tmp_methods; + uint32 rid; + NTSTATUS nt_status; + DOM_SID domainsid; DEBUG(5,("context_sam_lookup_sid: %d\n", __LINE__)); @@ -213,20 +212,20 @@ NTSTATUS context_sam_lookup_sid(const struct sam_context *context, const NT_USER } -NTSTATUS context_sam_update_domain(const struct sam_context *context, const SAM_DOMAIN_HANDLE *domain) +NTSTATUS context_sam_update_domain(const SAM_CONTEXT *context, const SAM_DOMAIN_HANDLE *domain) { return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS context_sam_enum_domains(const struct sam_context *context, const NT_USER_TOKEN *access_token, int32 *domain_count, DOM_SID **domains, char ***domain_names) +NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, int32 *domain_count, DOM_SID **domains, char ***domain_names) { - struct sam_methods *tmp_methods; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; - SEC_DESC *sd; - size_t sd_size; - uint32 acc_granted; - int i = 0; + SEC_DESC *sd; + size_t sd_size; + uint32 acc_granted; + int i = 0; DEBUG(5,("context_sam_enum_domains: %d\n", __LINE__)); @@ -288,14 +287,14 @@ NTSTATUS context_sam_enum_domains(const struct sam_context *context, const NT_US return NT_STATUS_OK; } -NTSTATUS context_sam_lookup_domain(const struct sam_context *context, const NT_USER_TOKEN *access_token, const char *domain, DOM_SID **domainsid) +NTSTATUS context_sam_lookup_domain(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const char *domain, DOM_SID **domainsid) { - struct sam_methods *tmp_methods; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; - SEC_DESC *sd; - size_t sd_size; - uint32 acc_granted; + SEC_DESC *sd; + size_t sd_size; + uint32 acc_granted; DEBUG(5,("context_sam_lookup_domain: %d\n", __LINE__)); @@ -329,10 +328,10 @@ NTSTATUS context_sam_lookup_domain(const struct sam_context *context, const NT_U } -NTSTATUS context_sam_get_domain_by_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain) +NTSTATUS context_sam_get_domain_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain) { - struct sam_methods *tmp_methods; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; DEBUG(5,("context_sam_get_domain_by_sid: %d\n", __LINE__)); @@ -355,25 +354,25 @@ NTSTATUS context_sam_get_domain_by_sid(const struct sam_context *context, const return NT_STATUS_OK; } -NTSTATUS context_sam_create_user(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, DOM_SID *domainsid, SAM_USER_HANDLE **user) +NTSTATUS context_sam_create_account(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, DOM_SID *domainsid, SAM_ACCOUNT_HANDLE **account) { - struct sam_methods *tmp_methods; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; - DEBUG(5,("context_sam_create_user: %d\n", __LINE__)); + DEBUG(5,("context_sam_create_account: %d\n", __LINE__)); if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { DEBUG(4,("sam_get_methods_by_sid failed\n")); return nt_status; } - if (!tmp_methods->sam_create_user) { - DEBUG(3, ("context_sam_create_user: sam_methods of the domain did not specify sam_create_user\n")); + if (!tmp_methods->sam_create_account) { + DEBUG(3, ("context_sam_create_account: sam_methods of the domain did not specify sam_create_account\n")); return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_user(tmp_methods, access_token, access_desired, user))) { - DEBUG(4,("context_sam_create_user in backend %s failed\n", + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_account(tmp_methods, access_token, access_desired, account))) { + DEBUG(4,("context_sam_create_account in backend %s failed\n", tmp_methods->backendname)); return nt_status; } @@ -381,139 +380,139 @@ NTSTATUS context_sam_create_user(const struct sam_context *context, const NT_USE return NT_STATUS_OK; } -NTSTATUS context_sam_add_user(const struct sam_context *context, const SAM_USER_HANDLE *user) +NTSTATUS context_sam_add_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) { DOM_SID domainsid; - DOM_SID *usersid; - struct sam_methods *tmp_methods; + DOM_SID *accountsid; + SAM_METHODS *tmp_methods; uint32 rid; - NTSTATUS status; + NTSTATUS nt_status; - if (!NT_STATUS_IS_OK(status = sam_get_user_sid(user, &usersid))) { - DEBUG(0,("Can't get user SID\n")); - return status; + if (!NT_STATUS_IS_OK(nt_status = sam_get_account_sid(account, &accountsid))) { + DEBUG(0,("Can't get account SID\n")); + return nt_status; } - sid_copy(&domainsid, usersid); + sid_copy(&domainsid, accountsid); if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n")); + DEBUG(3,("context_sam_get_account_by_sid: failed to split the sid\n")); return NT_STATUS_INVALID_SID; } - if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { DEBUG(4,("sam_get_methods_by_sid failed\n")); - return status; + return nt_status; } - if (!tmp_methods->sam_add_user) { - DEBUG(3, ("context_sam_add_user: sam_methods of the domain did not specify sam_add_user\n")); + if (!tmp_methods->sam_add_account) { + DEBUG(3, ("context_sam_add_account: sam_methods of the domain did not specify sam_add_account\n")); return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(status = tmp_methods->sam_add_user(tmp_methods, user))){ - DEBUG(4,("context_sam_add_user in backend %s failed\n", + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_account(tmp_methods, account))){ + DEBUG(4,("context_sam_add_account in backend %s failed\n", tmp_methods->backendname)); - return status; + return nt_status; } return NT_STATUS_OK; } -NTSTATUS context_sam_update_user(const struct sam_context *context, const SAM_USER_HANDLE *user) +NTSTATUS context_sam_update_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) { DOM_SID domainsid; - struct sam_methods *tmp_methods; - DOM_SID *usersid; + SAM_METHODS *tmp_methods; + DOM_SID *accountsid; uint32 rid; - NTSTATUS status; + NTSTATUS nt_status; - if (!NT_STATUS_IS_OK(status = sam_get_user_sid(user, &usersid))) { - DEBUG(0,("Can't get user SID\n")); - return status; + if (!NT_STATUS_IS_OK(nt_status = sam_get_account_sid(account, &accountsid))) { + DEBUG(0,("Can't get account SID\n")); + return nt_status; } - sid_copy(&domainsid, usersid); + sid_copy(&domainsid, accountsid); if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n")); + DEBUG(3,("context_sam_get_account_by_sid: failed to split the sid\n")); return NT_STATUS_INVALID_SID; } - if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { DEBUG(4,("sam_get_methods_by_sid failed\n")); - return status; + return nt_status; } - if (!tmp_methods->sam_update_user) { - DEBUG(3, ("context_sam_update_user: sam_methods of the domain did not specify sam_update_user\n")); + if (!tmp_methods->sam_update_account) { + DEBUG(3, ("context_sam_update_account: sam_methods of the domain did not specify sam_update_account\n")); return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(status = tmp_methods->sam_update_user(tmp_methods, user))){ - DEBUG(4,("context_sam_update_user in backend %s failed\n", + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_account(tmp_methods, account))){ + DEBUG(4,("context_sam_update_account in backend %s failed\n", tmp_methods->backendname)); - return status; + return nt_status; } return NT_STATUS_OK; } -NTSTATUS context_sam_delete_user(const struct sam_context *context, SAM_USER_HANDLE *user) +NTSTATUS context_sam_delete_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) { DOM_SID domainsid; - struct sam_methods *tmp_methods; - DOM_SID *usersid; + SAM_METHODS *tmp_methods; + DOM_SID *accountsid; uint32 rid; - NTSTATUS status; + NTSTATUS nt_status; - if (!NT_STATUS_IS_OK(status = sam_get_user_sid(user, &usersid))) { - DEBUG(0,("Can't get user SID\n")); - return status; + if (!NT_STATUS_IS_OK(nt_status = sam_get_account_sid(account, &accountsid))) { + DEBUG(0,("Can't get account SID\n")); + return nt_status; } - sid_copy(&domainsid, usersid); + sid_copy(&domainsid, accountsid); if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n")); + DEBUG(3,("context_sam_get_account_by_sid: failed to split the sid\n")); return NT_STATUS_INVALID_SID; } - if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { DEBUG(4,("sam_get_methods_by_sid failed\n")); - return status; + return nt_status; } - if (!tmp_methods->sam_delete_user) { - DEBUG(3, ("context_sam_delete_user: sam_methods of the domain did not specify sam_delete_user\n")); + if (!tmp_methods->sam_delete_account) { + DEBUG(3, ("context_sam_delete_account: sam_methods of the domain did not specify sam_delete_account\n")); return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(status = tmp_methods->sam_delete_user(tmp_methods, user))){ - DEBUG(4,("context_sam_delete_user in backend %s failed\n", + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_account(tmp_methods, account))){ + DEBUG(4,("context_sam_delete_account in backend %s failed\n", tmp_methods->backendname)); - return status; + return nt_status; } return NT_STATUS_OK; } -NTSTATUS context_sam_enum_users(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, int32 *user_count, SAM_USER_ENUM **users) +NTSTATUS context_sam_enum_accounts(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, int32 *account_count, SAM_ACCOUNT_ENUM **accounts) { - struct sam_methods *tmp_methods; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; - DEBUG(5,("context_sam_enum_users: %d\n", __LINE__)); + DEBUG(5,("context_sam_enum_accounts: %d\n", __LINE__)); if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { DEBUG(4,("sam_get_methods_by_sid failed\n")); return nt_status; } - if (!tmp_methods->sam_enum_users) { - DEBUG(3, ("context_sam_enum_users: sam_methods of the domain did not specify sam_enum_users\n")); + if (!tmp_methods->sam_enum_accounts) { + DEBUG(3, ("context_sam_enum_accounts: sam_methods of the domain did not specify sam_enum_accounts\n")); return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_users(tmp_methods, access_token, user_count, users))) { - DEBUG(4,("context_sam_enum_users for domain %s in backend %s failed\n", + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_accounts(tmp_methods, access_token, account_count, accounts))) { + DEBUG(4,("context_sam_enum_accounts for domain %s in backend %s failed\n", tmp_methods->domain->private.name, tmp_methods->backendname)); return nt_status; } @@ -522,18 +521,18 @@ NTSTATUS context_sam_enum_users(const struct sam_context *context, const NT_USER } -NTSTATUS context_sam_get_user_by_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *usersid, SAM_USER_HANDLE **user) +NTSTATUS context_sam_get_account_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) { - struct sam_methods *tmp_methods; - uint32 rid; - DOM_SID domainsid; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + uint32 rid; + DOM_SID domainsid; + NTSTATUS nt_status; - DEBUG(5,("context_sam_get_user_by_sid: %d\n", __LINE__)); + DEBUG(5,("context_sam_get_account_by_sid: %d\n", __LINE__)); - sid_copy(&domainsid, usersid); + sid_copy(&domainsid, accountsid); if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n")); + DEBUG(3,("context_sam_get_account_by_sid: failed to split the sid\n")); return NT_STATUS_INVALID_SID; } @@ -543,39 +542,39 @@ NTSTATUS context_sam_get_user_by_sid(const struct sam_context *context, const NT return nt_status; } - if (!tmp_methods->sam_get_user_by_sid) { - DEBUG(3, ("context_sam_get_user_by_sid: sam_methods of the domain did not specify sam_get_user_by_sid\n")); + if (!tmp_methods->sam_get_account_by_sid) { + DEBUG(3, ("context_sam_get_account_by_sid: sam_methods of the domain did not specify sam_get_account_by_sid\n")); return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_user_by_sid(tmp_methods, access_token, access_desired, usersid, user))) { - DEBUG(4,("context_sam_get_user_by_sid for %s in backend %s failed\n", - sid_string_static(usersid), tmp_methods->backendname)); + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_sid(tmp_methods, access_token, access_desired, accountsid, account))) { + DEBUG(4,("context_sam_get_account_by_sid for %s in backend %s failed\n", + sid_string_static(accountsid), tmp_methods->backendname)); return nt_status; } return NT_STATUS_OK; } -NTSTATUS context_sam_get_user_by_name(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_USER_HANDLE **user) +NTSTATUS context_sam_get_account_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_ACCOUNT_HANDLE **account) { - struct sam_methods *tmp_methods; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; - DEBUG(5,("context_sam_get_user_by_name: %d\n", __LINE__)); + DEBUG(5,("context_sam_get_account_by_name: %d\n", __LINE__)); if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) { DEBUG(4,("sam_get_methods_by_name failed\n")); return nt_status; } - if (!tmp_methods->sam_get_user_by_name) { - DEBUG(3, ("context_sam_get_user_by_name: sam_methods of the domain did not specify sam_get_user_by_name\n")); + if (!tmp_methods->sam_get_account_by_name) { + DEBUG(3, ("context_sam_get_account_by_name: sam_methods of the domain did not specify sam_get_account_by_name\n")); return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_user_by_name(tmp_methods, access_token, access_desired, name, user))) { - DEBUG(4,("context_sam_get_user_by_name for %s\\%s in backend %s failed\n", + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_name(tmp_methods, access_token, access_desired, name, account))) { + DEBUG(4,("context_sam_get_account_by_name for %s\\%s in backend %s failed\n", domain, name, tmp_methods->backendname)); return nt_status; } @@ -583,10 +582,10 @@ NTSTATUS context_sam_get_user_by_name(const struct sam_context *context, const N return NT_STATUS_OK; } -NTSTATUS context_sam_create_group(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const uint32 type, DOM_SID *sid, SAM_GROUP_HANDLE **group) +NTSTATUS context_sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const uint32 type, DOM_SID *sid, SAM_GROUP_HANDLE **group) { - struct sam_methods *tmp_methods; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; DEBUG(5,("context_sam_create_group: %d\n", __LINE__)); @@ -609,17 +608,17 @@ NTSTATUS context_sam_create_group(const struct sam_context *context, const NT_US return NT_STATUS_OK; } -NTSTATUS context_sam_add_group(const struct sam_context *context, const SAM_GROUP_HANDLE *group) +NTSTATUS context_sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) { DOM_SID domainsid; DOM_SID *groupsid; - struct sam_methods *tmp_methods; + SAM_METHODS *tmp_methods; uint32 rid; - NTSTATUS status; + NTSTATUS nt_status; - if (!NT_STATUS_IS_OK(status = sam_get_group_sid(group, &groupsid))) { + if (!NT_STATUS_IS_OK(nt_status = sam_get_group_sid(group, &groupsid))) { DEBUG(0,("Can't get group SID\n")); - return status; + return nt_status; } sid_copy(&domainsid, groupsid); @@ -628,9 +627,9 @@ NTSTATUS context_sam_add_group(const struct sam_context *context, const SAM_GROU return NT_STATUS_INVALID_SID; } - if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { DEBUG(4,("sam_get_methods_by_sid failed\n")); - return status; + return nt_status; } if (!tmp_methods->sam_add_group) { @@ -638,16 +637,16 @@ NTSTATUS context_sam_add_group(const struct sam_context *context, const SAM_GROU return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(status = tmp_methods->sam_add_group(tmp_methods, group))){ + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_group(tmp_methods, group))){ DEBUG(4,("context_sam_add_group in backend %s failed\n", tmp_methods->backendname)); - return status; + return nt_status; } return NT_STATUS_OK; } -NTSTATUS context_sam_update_group(const struct sam_context *context, const DOM_SID *domainsid, const SAM_GROUP_HANDLE *group) +NTSTATUS context_sam_update_group(const SAM_CONTEXT *context, const DOM_SID *domainsid, const SAM_GROUP_HANDLE *group) { DOM_SID domainsid; DOM_SID *groupsid; @@ -676,26 +675,26 @@ NTSTATUS context_sam_update_group(const struct sam_context *context, const DOM_S return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(status = tmp_methods->sam_update_group(tmp_methods, group))){ + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_group(tmp_methods, group))){ DEBUG(4,("context_sam_update_group in backend %s failed\n", tmp_methods->backendname)); - return status; + return nt_status; } return NT_STATUS_OK; } -NTSTATUS context_sam_delete_group(const struct sam_context *context, SAM_GROUP_HANDLE **groupsid) +NTSTATUS context_sam_delete_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) { DOM_SID domainsid; - struct sam_methods *tmp_methods; + SAM_METHODS *tmp_methods; DOM_SID *groupsid; uint32 rid; - NTSTATUS status; + NTSTATUS nt_status; - if (!NT_STATUS_IS_OK(status = sam_get_group_sid(group, &groupsid))) { + if (!NT_STATUS_IS_OK(nt_status = sam_get_group_sid(group, &groupsid))) { DEBUG(0,("Can't get group SID\n")); - return status; + return nt_status; } sid_copy(&domainsid, groupsid); @@ -704,9 +703,9 @@ NTSTATUS context_sam_delete_group(const struct sam_context *context, SAM_GROUP_H return NT_STATUS_INVALID_SID; } - if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { DEBUG(4,("sam_get_methods_by_sid failed\n")); - return status; + return nt_status; } if (!tmp_methods->sam_delete_group) { @@ -714,19 +713,19 @@ NTSTATUS context_sam_delete_group(const struct sam_context *context, SAM_GROUP_H return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(status = tmp_methods->sam_delete_group(tmp_methods, group))){ + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_group(tmp_methods, group))){ DEBUG(4,("context_sam_delete_group in backend %s failed\n", tmp_methods->backendname)); - return status; + return nt_status; } return NT_STATUS_OK; } -NTSTATUS context_sam_enum_groups(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, const uint32 type, uint32 *groups_count, SAM_GROUP_ENUM **groups) +NTSTATUS context_sam_enum_groups(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, const uint32 type, uint32 *groups_count, SAM_GROUP_ENUM **groups) { - struct sam_methods *tmp_methods; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; DEBUG(5,("context_sam_enum_groups: %d\n", __LINE__)); @@ -735,7 +734,7 @@ NTSTATUS context_sam_enum_groups(const struct sam_context *context, const NT_USE return nt_status; } - if (!tmp_methods->sam_enum_users) { + if (!tmp_methods->sam_enum_accounts) { DEBUG(3, ("context_sam_enum_groups: sam_methods of the domain did not specify sam_enum_groups\n")); return NT_STATUS_NOT_IMPLEMENTED; } @@ -749,12 +748,12 @@ NTSTATUS context_sam_enum_groups(const struct sam_context *context, const NT_USE return NT_STATUS_OK; } -NTSTATUS context_sam_get_group_by_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) +NTSTATUS context_sam_get_group_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) { - struct sam_methods *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - DOM_SID domainsid; + SAM_METHODS *tmp_methods; + uint32 rid; + NTSTATUS nt_status; + DOM_SID domainsid; DEBUG(5,("context_sam_get_group_by_sid: %d\n", __LINE__)); @@ -784,10 +783,10 @@ NTSTATUS context_sam_get_group_by_sid(const struct sam_context *context, const N return NT_STATUS_OK; } -NTSTATUS context_sam_get_group_by_name(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group) +NTSTATUS context_sam_get_group_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group) { - struct sam_methods *tmp_methods; - NTSTATUS nt_status; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; DEBUG(5,("context_sam_get_group_by_name: %d\n", __LINE__)); @@ -810,21 +809,21 @@ NTSTATUS context_sam_get_group_by_name(const struct sam_context *context, const return NT_STATUS_OK; } -NTSTATUS context_sam_add_member_to_group(const struct sam_context *context, SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member) +NTSTATUS context_sam_add_member_to_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) { return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS context_sam_delete_member_from_group(const struct sam_context *context, SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member) +NTSTATUS context_sam_delete_member_from_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) { return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS context_sam_enum_groupmembers(const struct sam_context *context, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) +NTSTATUS context_sam_enum_groupmembers(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) { return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS context_sam_get_groups_of_user(const struct sam_context *context, const SAM_USER_HANDLE *user, const uint32 type, uint32 *group_count, SAM_GROUP_ENUM **groups) +NTSTATUS context_sam_get_groups_of_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account, const uint32 type, uint32 *group_count, SAM_GROUP_ENUM **groups) { return NT_STATUS_NOT_IMPLEMENTED; } @@ -835,9 +834,9 @@ NTSTATUS context_sam_get_groups_of_user(const struct sam_context *context, const that the attached modules might have associated. *******************************************************************/ -void free_sam_context(struct sam_context **context) +void free_sam_context(SAM_CONTEXT **context) { - struct sam_methods *sam_selected = (*context)->methods; + SAM_METHODS *sam_selected = (*context)->methods; while (sam_selected){ if (sam_selected->free_private_data) { @@ -854,10 +853,10 @@ void free_sam_context(struct sam_context **context) Make a sam_methods from scratch *******************************************************************/ -NTSTATUS make_sam_context_list(struct sam_context **context, char **selected) +NTSTATUS make_sam_context_list(SAM_CONTEXT **context, char **selected) { int i = 0; - struct sam_methods *curmethods, *tmpmethods; + SAM_METHODS *curmethods, *tmpmethods; NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; if (!NT_STATUS_IS_OK(nt_status = make_sam_context(context))) { @@ -878,7 +877,7 @@ NTSTATUS make_sam_context_list(struct sam_context **context, char **selected) return NT_STATUS_OK; } -NTSTATUS make_sam_methods_name(struct sam_methods **methods, struct sam_context *context, const char *selected) +NTSTATUS make_sam_methods_name(SAM_METHODS **methods, SAM_CONTEXT *context, const char *selected) { char *module_name = smb_xstrdup(selected); char *module_location = NULL, *p; @@ -922,7 +921,7 @@ NTSTATUS make_sam_methods_name(struct sam_methods **methods, struct sam_context Make a sam_context from scratch. *******************************************************************/ -NTSTATUS make_sam_context(struct sam_context **context) +NTSTATUS make_sam_context(SAM_CONTEXT **context) { TALLOC_CTX *mem_ctx; @@ -958,7 +957,7 @@ NTSTATUS make_sam_context(struct sam_context **context) struct sam_context *sam_get_static_context(BOOL reload) { - static struct sam_context *sam_context = NULL; + static SAM_CONTEXT *sam_context = NULL; if ((sam_context) && (reload)) { sam_context->free_fn(&sam_context); @@ -990,7 +989,7 @@ BOOL initialize_sam(BOOL reload) NTSTATUS make_sam_methods(TALLOC_CTX *mem_ctx, SAM_METHODS **methods) { - *methods = talloc(mem_ctx, sizeof(struct sam_methods)); + *methods = talloc(mem_ctx, sizeof(SAM_METHODS)); if (!*methods) { return NT_STATUS_NO_MEMORY; -- cgit From 7a8b82f2cecb9e4022fc19748cdb370bbac936fb Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 29 Aug 2002 07:22:52 +0000 Subject: Add new files to Makefile + typo fix (This used to be commit b742d068b889e861599333281e825e45cc8d13a2) --- source3/sam/account.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/sam') diff --git a/source3/sam/account.c b/source3/sam/account.c index 4d6916c9d8..9144c23844 100644 --- a/source3/sam/account.c +++ b/source3/sam/account.c @@ -105,7 +105,7 @@ NTSTATUS sam_init_account(SAM_ACCOUNT_HANDLE **account) TALLOC_CTX *mem_ctx; NTSTATUS nt_status; - mem_ctx = talloc_init_named("passdb internal SAM_ACCOUNT_HANDLE allocation"); + mem_ctx = talloc_init_named("sam internal SAM_ACCOUNT_HANDLE allocation"); if (!mem_ctx) { DEBUG(0,("sam_init_account: error while doing talloc_init()\n")); -- cgit From d1052ec97909194d00ec301f43fe10ab65b81eda Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 29 Aug 2002 07:35:18 +0000 Subject: Add plugin support for the sam system from metze (based on passdb code) (This used to be commit 61626340e506d32a6560a162005b43f10445fbb9) --- source3/sam/sam_plugin.c | 79 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 source3/sam/sam_plugin.c (limited to 'source3/sam') diff --git a/source3/sam/sam_plugin.c b/source3/sam/sam_plugin.c new file mode 100644 index 0000000000..56f8260544 --- /dev/null +++ b/source3/sam/sam_plugin.c @@ -0,0 +1,79 @@ +/* + Unix SMB/CIFS implementation. + Loadable san module interface. + Copyright (C) Jelmer Vernooij 2002 + Copyright (C) Andrew Bartlett 2002 + Copyright (C) Stefan (metze) Metzmacher 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_SAM + +NTSTATUS sam_init_plugin(SAM_CONTEXT *sam_context, SAM_METHODS **sam_method, const char *location) +{ + void * dl_handle; + char *plugin_location, *plugin_name, *p; + sam_init_function plugin_init; + int (*plugin_version)(void); + + if (location == NULL) { + DEBUG(0, ("The plugin module needs an argument!\n")); + return NT_STATUS_UNSUCCESSFUL; + } + + plugin_name = smb_xstrdup(location); + p = strchr(plugin_name, ':'); + if (p) { + *p = 0; + plugin_location = p+1; + trim_string(plugin_location, " ", " "); + } else plugin_location = NULL; + trim_string(plugin_name, " ", " "); + + DEBUG(5, ("Trying to load sam plugin %s\n", plugin_name)); + dl_handle = sys_dlopen(plugin_name, RTLD_NOW); + if (!dl_handle) { + DEBUG(0, ("Failed to load sam plugin %s using sys_dlopen (%s)\n", plugin_name, sys_dlerror())); + return NT_STATUS_UNSUCCESSFUL; + } + + plugin_version = sys_dlsym(dl_handle, "sam_version"); + if (!plugin_version) { + sys_dlclose(dl_handle); + DEBUG(0, ("Failed to find function 'sam_version' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror())); + return NT_STATUS_UNSUCCESSFUL; + } + + if (plugin_version()!=SAM_INTERFACE_VERSION) { + sys_dlclose(dl_handle); + DEBUG(0, ("Wrong SAM_INTERFACE_VERSION! sam plugin has version %d and version %d is needed! Please update!\n", + plugin_version(),SAM_INTERFACE_VERSION)); + return NT_STATUS_UNSUCCESSFUL; + } + + plugin_init = sys_dlsym(dl_handle, "sam_init"); + if (!plugin_init) { + sys_dlclose(dl_handle); + DEBUG(0, ("Failed to find function 'sam_init' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror())); + return NT_STATUS_UNSUCCESSFUL; + } + + DEBUG(5, ("Starting sam plugin %s with location %s\n", plugin_name, plugin_location)); + return plugin_init(sam_context, sam_method, plugin_location); +} -- cgit From 558297b703fc29feb6e6fac205570f24b33d8b37 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 29 Aug 2002 09:20:49 +0000 Subject: small fixes make lp_sam_backend() a list (This used to be commit 06eb3138ab14ff450bbc44f5fa539867ce67a7dd) --- source3/sam/get_set_domain.c | 1 - source3/sam/interface.c | 12 ++++++------ 2 files changed, 6 insertions(+), 7 deletions(-) (limited to 'source3/sam') diff --git a/source3/sam/get_set_domain.c b/source3/sam/get_set_domain.c index 9e4d41a49e..8ca876524a 100644 --- a/source3/sam/get_set_domain.c +++ b/source3/sam/get_set_domain.c @@ -1,7 +1,6 @@ /* Unix SMB/CIFS implementation. SAM_DOMAIN access routines - Copyright (C) Luke Kenneth Casson Leighton 1996-1998 Copyright (C) Andrew Bartlett 2002 Copyright (C) Stefan (metze) Metzmacher 2002 Copyright (C) Jelmer Vernooij 2002 diff --git a/source3/sam/interface.c b/source3/sam/interface.c index 3d886d7281..ef2a4d5f8a 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -646,17 +646,17 @@ NTSTATUS context_sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDL return NT_STATUS_OK; } -NTSTATUS context_sam_update_group(const SAM_CONTEXT *context, const DOM_SID *domainsid, const SAM_GROUP_HANDLE *group) +NTSTATUS context_sam_update_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) { DOM_SID domainsid; DOM_SID *groupsid; struct sam_methods *tmp_methods; uint32 rid; - NTSTATUS status; + NTSTATUS nt_status; - if (!NT_STATUS_IS_OK(status = sam_get_group_sid(group, &groupsid))) { + if (!NT_STATUS_IS_OK(nt_status = sam_get_group_sid(group, &groupsid))) { DEBUG(0,("Can't get group SID\n")); - return status; + return nt_status; } sid_copy(&domainsid, groupsid); @@ -665,9 +665,9 @@ NTSTATUS context_sam_update_group(const SAM_CONTEXT *context, const DOM_SID *dom return NT_STATUS_INVALID_SID; } - if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { DEBUG(4,("sam_get_methods_by_sid failed\n")); - return status; + return nt_status; } if (!tmp_methods->sam_update_group) { -- cgit From 337693457aedc14d611f041b457ef9e5571684c6 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 29 Aug 2002 09:42:36 +0000 Subject: Several compiler warning fixes + fix dependencies samtest (This used to be commit b813761126249c3c0c0e38d2a3306d1d0c33c4eb) --- source3/sam/sam_plugin.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/sam') diff --git a/source3/sam/sam_plugin.c b/source3/sam/sam_plugin.c index 56f8260544..c32acf3d3c 100644 --- a/source3/sam/sam_plugin.c +++ b/source3/sam/sam_plugin.c @@ -25,7 +25,7 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_SAM -NTSTATUS sam_init_plugin(SAM_CONTEXT *sam_context, SAM_METHODS **sam_method, const char *location) +NTSTATUS sam_init_plugin(const SAM_CONTEXT *sam_context, SAM_METHODS **sam_method, const char *location) { void * dl_handle; char *plugin_location, *plugin_name, *p; -- cgit From 68defac58da3f927cd8fb1405f3c648b7dec7f82 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 6 Sep 2002 12:57:12 +0000 Subject: This commit includes part of the patch from metze posted to the list, and a few of my own changes. In particular: I've added a SAM_ASSERT macro. This expands to either SMB_ASSERT() (which should help us track down bugs) or a return of NT_STATUS_CHECK_FAIL. Metze's changes are mostly to bring the code into line with current discussions on things like adding users/groups, flags etc. I've adjusted a fair bit of the 'const' in the SAM stuff. Const is currently used only for pointers, not for local variables or non-pointer paramters. The benifits and reasons for extending this further need discussion on samba-technical. Also, some of the 'context' paramters should not be const, to allow backend modules to do fancy caching etc in them. Andrew Bartlett (This used to be commit e13bc432628a6131be082caedc75cd8a3d206e5a) --- source3/sam/api.c | 27 ++++-- source3/sam/get_set_account.c | 192 +++++++++++++++++------------------------- source3/sam/get_set_domain.c | 62 +++++++------- source3/sam/get_set_group.c | 69 ++++++--------- source3/sam/interface.c | 58 ++++++------- 5 files changed, 179 insertions(+), 229 deletions(-) (limited to 'source3/sam') diff --git a/source3/sam/api.c b/source3/sam/api.c index a941dcb0b9..5d850becce 100644 --- a/source3/sam/api.c +++ b/source3/sam/api.c @@ -120,7 +120,7 @@ NTSTATUS sam_get_domain_by_sid(const NT_USER_TOKEN *access_token, const uint32 a /* Account API */ -NTSTATUS sam_create_account(const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, SAM_ACCOUNT_HANDLE **account) +NTSTATUS sam_create_account(const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) { SAM_CONTEXT *sam_context = sam_get_static_context(False); @@ -128,7 +128,7 @@ NTSTATUS sam_create_account(const NT_USER_TOKEN *access_token, const uint32 acce return NT_STATUS_UNSUCCESSFUL; } - return sam_context->sam_create_account(sam_context, access_token, access_desired, domainsid, account); + return sam_context->sam_create_account(sam_context, access_token, access_desired, domainsid, account_name, acct_ctrl, account); } NTSTATUS sam_add_account(const DOM_SID *domainsid, const SAM_ACCOUNT_HANDLE *account) @@ -164,7 +164,7 @@ NTSTATUS sam_delete_account(const SAM_ACCOUNT_HANDLE *account) return sam_context->sam_delete_account(sam_context, account); } -NTSTATUS sam_enum_accounts(const NT_USER_TOKEN *access_token, const DOM_SID *domain, int32 *account_count, SAM_ACCOUNT_ENUM **accounts) +NTSTATUS sam_enum_accounts(const NT_USER_TOKEN *access_token, const DOM_SID *domain, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts) { SAM_CONTEXT *sam_context = sam_get_static_context(False); @@ -172,7 +172,7 @@ NTSTATUS sam_enum_accounts(const NT_USER_TOKEN *access_token, const DOM_SID *dom return NT_STATUS_UNSUCCESSFUL; } - return sam_context->sam_enum_accounts(sam_context, access_token, domain, account_count, accounts); + return sam_context->sam_enum_accounts(sam_context, access_token, domain, acct_ctrl, account_count, accounts); } NTSTATUS sam_get_account_by_sid(const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) @@ -199,6 +199,17 @@ NTSTATUS sam_get_account_by_name(const NT_USER_TOKEN *access_token, const uint32 /* Group API */ +NTSTATUS sam_create_group(const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) +{ + SAM_CONTEXT *sam_context = sam_get_static_context(False); + + if (!sam_context) { + return NT_STATUS_UNSUCCESSFUL; + } + + return sam_context->sam_create_group(sam_context, access_token, access_desired, domainsid, group_name, group_ctrl, group); +} + NTSTATUS sam_add_group(const DOM_SID *domainsid, const SAM_GROUP_HANDLE *group) { SAM_CONTEXT *sam_context = sam_get_static_context(False); @@ -232,7 +243,7 @@ NTSTATUS sam_delete_group(const SAM_GROUP_HANDLE *group) return sam_context->sam_delete_group(sam_context, group); } -NTSTATUS sam_enum_groups(const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, const uint32 type, uint32 *groups_count, SAM_GROUP_ENUM **groups) +NTSTATUS sam_enum_groups(const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups) { SAM_CONTEXT *sam_context = sam_get_static_context(False); @@ -240,7 +251,7 @@ NTSTATUS sam_enum_groups(const NT_USER_TOKEN *access_token, const DOM_SID *domai return NT_STATUS_UNSUCCESSFUL; } - return sam_context->sam_enum_groups(sam_context, access_token, domainsid, type, groups_count, groups); + return sam_context->sam_enum_groups(sam_context, access_token, domainsid, group_ctrl, groups_count, groups); } NTSTATUS sam_get_group_by_sid(const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) @@ -298,7 +309,7 @@ NTSTATUS sam_enum_groupmembers(const SAM_GROUP_HANDLE *group, uint32 *members_co return sam_context->sam_enum_groupmembers(sam_context, group, members_count, members); } -NTSTATUS sam_get_groups_of_account(const SAM_ACCOUNT_HANDLE *account, const uint32 type, uint32 *group_count, SAM_GROUP_ENUM **groups) +NTSTATUS sam_get_groups_of_sid(const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) { SAM_CONTEXT *sam_context = sam_get_static_context(False); @@ -306,6 +317,6 @@ NTSTATUS sam_get_groups_of_account(const SAM_ACCOUNT_HANDLE *account, const uint return NT_STATUS_UNSUCCESSFUL; } - return sam_context->sam_get_groups_of_account(sam_context, account, type, group_count, groups); + return sam_context->sam_get_groups_of_sid(sam_context, access_token, sids, group_ctrl, group_count, groups); } diff --git a/source3/sam/get_set_account.c b/source3/sam/get_set_account.c index b0104fa1c3..7bbfe39e14 100644 --- a/source3/sam/get_set_account.c +++ b/source3/sam/get_set_account.c @@ -25,11 +25,11 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_SAM -NTSTATUS sam_get_account_domain_sid(const SAM_ACCOUNT_HANDLE *sampass, DOM_SID **sid) +NTSTATUS sam_get_account_domain_sid(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid) { NTSTATUS status; SAM_DOMAIN_HANDLE *domain; - if (!sampass || !sid) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(!sampass || !sid); if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){ DEBUG(0, ("sam_get_account_domain_sid: Can't get domain for account\n")); @@ -39,11 +39,11 @@ NTSTATUS sam_get_account_domain_sid(const SAM_ACCOUNT_HANDLE *sampass, DOM_SID * return sam_get_domain_sid(domain, sid); } -NTSTATUS sam_get_account_domain_name(const SAM_ACCOUNT_HANDLE *sampass, char **domain_name) +NTSTATUS sam_get_account_domain_name(const SAM_ACCOUNT_HANDLE *sampass, const char **domain_name) { NTSTATUS status; SAM_DOMAIN_HANDLE *domain; - if (!sampass || !domain_name) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && domain_name); if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){ DEBUG(0, ("sam_get_account_domain_name: Can't get domain for account\n")); @@ -55,7 +55,7 @@ NTSTATUS sam_get_account_domain_name(const SAM_ACCOUNT_HANDLE *sampass, char **d NTSTATUS sam_get_account_acct_ctrl(const SAM_ACCOUNT_HANDLE *sampass, uint16 *acct_ctrl) { - if(!sampass || !acct_ctrl) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && acct_ctrl); *acct_ctrl = sampass->private.acct_ctrl; @@ -64,7 +64,7 @@ NTSTATUS sam_get_account_acct_ctrl(const SAM_ACCOUNT_HANDLE *sampass, uint16 *ac NTSTATUS sam_get_account_logon_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logon_time) { - if(!sampass || !logon_time) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && logon_time) ; *logon_time = sampass->private.logon_time; @@ -73,7 +73,7 @@ NTSTATUS sam_get_account_logon_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *l NTSTATUS sam_get_account_logoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logoff_time) { - if(!sampass || !logoff_time) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && logoff_time) ; *logoff_time = sampass->private.logoff_time; @@ -82,7 +82,7 @@ NTSTATUS sam_get_account_logoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME * NTSTATUS sam_get_account_kickoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *kickoff_time) { - if (!sampass || !kickoff_time) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && kickoff_time); *kickoff_time = sampass->private.kickoff_time; @@ -91,7 +91,7 @@ NTSTATUS sam_get_account_kickoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME NTSTATUS sam_get_account_pass_last_set_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_last_set_time) { - if (!sampass || !pass_last_set_time) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && pass_last_set_time); *pass_last_set_time = sampass->private.pass_last_set_time; @@ -100,7 +100,7 @@ NTSTATUS sam_get_account_pass_last_set_time(const SAM_ACCOUNT_HANDLE *sampass, N NTSTATUS sam_get_account_pass_can_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_can_change_time) { - if (!sampass || !pass_can_change_time) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && pass_can_change_time); *pass_can_change_time = sampass->private.pass_can_change_time; @@ -109,7 +109,7 @@ NTSTATUS sam_get_account_pass_can_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTSTATUS sam_get_account_pass_must_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_must_change_time) { - if (!sampass || !pass_must_change_time) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && pass_must_change_time); *pass_must_change_time = sampass->private.pass_must_change_time; @@ -118,7 +118,7 @@ NTSTATUS sam_get_account_pass_must_change_time(const SAM_ACCOUNT_HANDLE *sampass NTSTATUS sam_get_account_logon_divs(const SAM_ACCOUNT_HANDLE *sampass, uint16 *logon_divs) { - if (!sampass || !logon_divs) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && logon_divs); *logon_divs = sampass->private.logon_divs; @@ -127,16 +127,16 @@ NTSTATUS sam_get_account_logon_divs(const SAM_ACCOUNT_HANDLE *sampass, uint16 *l NTSTATUS sam_get_account_hours_len(const SAM_ACCOUNT_HANDLE *sampass, uint32 *hours_len) { - if (!sampass || !hours_len) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && hours_len); *hours_len = sampass->private.hours_len; return NT_STATUS_OK; } -NTSTATUS sam_get_account_hours(const SAM_ACCOUNT_HANDLE *sampass, uint8 **hours) +NTSTATUS sam_get_account_hours(const SAM_ACCOUNT_HANDLE *sampass, const uint8 **hours) { - if (!sampass || !hours) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && hours); *hours = sampass->private.hours; @@ -145,7 +145,7 @@ NTSTATUS sam_get_account_hours(const SAM_ACCOUNT_HANDLE *sampass, uint8 **hours) NTSTATUS sam_get_account_nt_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *nt_pwd) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); SMB_ASSERT((!sampass->private.nt_pw.data) || sampass->private.nt_pw.length == NT_HASH_LEN); @@ -157,7 +157,7 @@ NTSTATUS sam_get_account_nt_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *nt NTSTATUS sam_get_account_lm_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *lm_pwd) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); SMB_ASSERT((!sampass->private.lm_pw.data) || sampass->private.lm_pw.length == LM_HASH_LEN); @@ -176,25 +176,25 @@ NTSTATUS sam_get_account_lm_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *lm NTSTATUS sam_get_account_plaintext_pwd(const SAM_ACCOUNT_HANDLE *sampass, char **plain_pwd) { - if (!sampass || !plain_pwd) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && plain_pwd); *plain_pwd = sampass->private.plaintext_pw; return NT_STATUS_OK; } -NTSTATUS sam_get_account_sid(const SAM_ACCOUNT_HANDLE *sampass, DOM_SID **sid) +NTSTATUS sam_get_account_sid(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *sid = &(sampass->private.account_sid); return NT_STATUS_OK; } -NTSTATUS sam_get_account_pgroup(const SAM_ACCOUNT_HANDLE *sampass, DOM_SID **sid) +NTSTATUS sam_get_account_pgroup(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *sid = &(sampass->private.group_sid); @@ -209,7 +209,7 @@ NTSTATUS sam_get_account_pgroup(const SAM_ACCOUNT_HANDLE *sampass, DOM_SID **sid NTSTATUS sam_get_account_init_flag(const SAM_ACCOUNT_HANDLE *sampass, uint32 *initflag) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *initflag = sampass->private.init_flag; @@ -218,7 +218,7 @@ NTSTATUS sam_get_account_init_flag(const SAM_ACCOUNT_HANDLE *sampass, uint32 *in NTSTATUS sam_get_account_name(const SAM_ACCOUNT_HANDLE *sampass, char **account_name) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *account_name = sampass->private.account_name; @@ -227,7 +227,7 @@ NTSTATUS sam_get_account_name(const SAM_ACCOUNT_HANDLE *sampass, char **account_ NTSTATUS sam_get_account_domain(const SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE **domain) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *domain = sampass->private.domain; @@ -236,7 +236,7 @@ NTSTATUS sam_get_account_domain(const SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HA NTSTATUS sam_get_account_fullname(const SAM_ACCOUNT_HANDLE *sampass, char **fullname) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *fullname = sampass->private.full_name; @@ -245,7 +245,7 @@ NTSTATUS sam_get_account_fullname(const SAM_ACCOUNT_HANDLE *sampass, char **full NTSTATUS sam_get_account_homedir(const SAM_ACCOUNT_HANDLE *sampass, char **homedir) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *homedir = sampass->private.home_dir; @@ -254,7 +254,7 @@ NTSTATUS sam_get_account_homedir(const SAM_ACCOUNT_HANDLE *sampass, char **homed NTSTATUS sam_get_account_unix_home_dir(const SAM_ACCOUNT_HANDLE *sampass, char **uhomedir) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *uhomedir = sampass->private.unix_home_dir; @@ -263,7 +263,7 @@ NTSTATUS sam_get_account_unix_home_dir(const SAM_ACCOUNT_HANDLE *sampass, char * NTSTATUS sam_get_account_dir_drive(const SAM_ACCOUNT_HANDLE *sampass, char **dirdrive) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *dirdrive = sampass->private.dir_drive; @@ -272,7 +272,7 @@ NTSTATUS sam_get_account_dir_drive(const SAM_ACCOUNT_HANDLE *sampass, char **dir NTSTATUS sam_get_account_logon_script(const SAM_ACCOUNT_HANDLE *sampass, char **logon_script) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *logon_script = sampass->private.logon_script; @@ -281,7 +281,7 @@ NTSTATUS sam_get_account_logon_script(const SAM_ACCOUNT_HANDLE *sampass, char ** NTSTATUS sam_get_account_profile_path(const SAM_ACCOUNT_HANDLE *sampass, char **profile_path) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *profile_path = sampass->private.profile_path; @@ -290,7 +290,7 @@ NTSTATUS sam_get_account_profile_path(const SAM_ACCOUNT_HANDLE *sampass, char ** NTSTATUS sam_get_account_description(const SAM_ACCOUNT_HANDLE *sampass, char **description) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *description = sampass->private.acct_desc; @@ -299,7 +299,7 @@ NTSTATUS sam_get_account_description(const SAM_ACCOUNT_HANDLE *sampass, char **d NTSTATUS sam_get_account_workstations(const SAM_ACCOUNT_HANDLE *sampass, char **workstations) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *workstations = sampass->private.workstations; @@ -308,7 +308,7 @@ NTSTATUS sam_get_account_workstations(const SAM_ACCOUNT_HANDLE *sampass, char ** NTSTATUS sam_get_account_unknown_str(const SAM_ACCOUNT_HANDLE *sampass, char **unknown_str) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *unknown_str = sampass->private.unknown_str; @@ -317,7 +317,7 @@ NTSTATUS sam_get_account_unknown_str(const SAM_ACCOUNT_HANDLE *sampass, char **u NTSTATUS sam_get_account_munged_dial(const SAM_ACCOUNT_HANDLE *sampass, char **munged_dial) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); *munged_dial = sampass->private.munged_dial; @@ -326,7 +326,7 @@ NTSTATUS sam_get_account_munged_dial(const SAM_ACCOUNT_HANDLE *sampass, char **m NTSTATUS sam_get_account_unknown_1(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown1) { - if (!sampass || !unknown1) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && unknown1); *unknown1 = sampass->private.unknown_1; @@ -335,7 +335,7 @@ NTSTATUS sam_get_account_unknown_1(const SAM_ACCOUNT_HANDLE *sampass, uint32 *un NTSTATUS sam_get_account_unknown_2(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown2) { - if (!sampass || !unknown2) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && unknown2); *unknown2 = sampass->private.unknown_2; @@ -344,7 +344,7 @@ NTSTATUS sam_get_account_unknown_2(const SAM_ACCOUNT_HANDLE *sampass, uint32 *un NTSTATUS sam_get_account_unknown_3(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown3) { - if (!sampass || !unknown3) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && unknown3); *unknown3 = sampass->private.unknown_3; @@ -357,8 +357,7 @@ NTSTATUS sam_get_account_unknown_3(const SAM_ACCOUNT_HANDLE *sampass, uint32 *un NTSTATUS sam_set_account_acct_ctrl(SAM_ACCOUNT_HANDLE *sampass, uint16 flags) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.acct_ctrl = flags; @@ -367,8 +366,7 @@ NTSTATUS sam_set_account_acct_ctrl(SAM_ACCOUNT_HANDLE *sampass, uint16 flags) NTSTATUS sam_set_account_logon_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.logon_time = mytime; @@ -380,8 +378,7 @@ NTSTATUS sam_set_account_logon_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, NTSTATUS sam_set_account_logoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.logoff_time = mytime; @@ -393,8 +390,7 @@ NTSTATUS sam_set_account_logoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, NTSTATUS sam_set_account_kickoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.kickoff_time = mytime; @@ -406,8 +402,7 @@ NTSTATUS sam_set_account_kickoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime NTSTATUS sam_set_account_pass_can_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.pass_can_change_time = mytime; @@ -419,8 +414,7 @@ NTSTATUS sam_set_account_pass_can_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIM NTSTATUS sam_set_account_pass_must_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.pass_must_change_time = mytime; @@ -432,8 +426,7 @@ NTSTATUS sam_set_account_pass_must_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTI NTSTATUS sam_set_account_pass_last_set_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.pass_last_set_time = mytime; @@ -442,8 +435,7 @@ NTSTATUS sam_set_account_pass_last_set_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME NTSTATUS sam_set_account_hours_len(SAM_ACCOUNT_HANDLE *sampass, uint32 len) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.hours_len = len; return NT_STATUS_OK; @@ -451,8 +443,7 @@ NTSTATUS sam_set_account_hours_len(SAM_ACCOUNT_HANDLE *sampass, uint32 len) NTSTATUS sam_set_account_logon_divs(SAM_ACCOUNT_HANDLE *sampass, uint16 hours) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.logon_divs = hours; return NT_STATUS_OK; @@ -467,18 +458,16 @@ NTSTATUS sam_set_account_logon_divs(SAM_ACCOUNT_HANDLE *sampass, uint16 hours) NTSTATUS sam_set_account_init_flag(SAM_ACCOUNT_HANDLE *sampass, uint32 flag) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.init_flag |= flag; return NT_STATUS_OK; } -NTSTATUS sam_set_account_sid(SAM_ACCOUNT_HANDLE *sampass, DOM_SID *u_sid) +NTSTATUS sam_set_account_sid(SAM_ACCOUNT_HANDLE *sampass, const DOM_SID *u_sid) { - if (!sampass || !u_sid) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && u_sid); sid_copy(&sampass->private.account_sid, u_sid); @@ -488,11 +477,10 @@ NTSTATUS sam_set_account_sid(SAM_ACCOUNT_HANDLE *sampass, DOM_SID *u_sid) return NT_STATUS_OK; } -NTSTATUS sam_set_account_sid_from_string(SAM_ACCOUNT_HANDLE *sampass, fstring u_sid) +NTSTATUS sam_set_account_sid_from_string(SAM_ACCOUNT_HANDLE *sampass, const char *u_sid) { DOM_SID new_sid; - if (!sampass || !u_sid) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && u_sid); DEBUG(10, ("sam_set_account_sid_from_string: setting account sid %s\n", u_sid)); @@ -510,10 +498,9 @@ NTSTATUS sam_set_account_sid_from_string(SAM_ACCOUNT_HANDLE *sampass, fstring u_ return NT_STATUS_OK; } -NTSTATUS sam_set_account_pgroup_sid(SAM_ACCOUNT_HANDLE *sampass, DOM_SID *g_sid) +NTSTATUS sam_set_account_pgroup_sid(SAM_ACCOUNT_HANDLE *sampass, const DOM_SID *g_sid) { - if (!sampass || !g_sid) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && g_sid); sid_copy(&sampass->private.group_sid, g_sid); @@ -523,11 +510,10 @@ NTSTATUS sam_set_account_pgroup_sid(SAM_ACCOUNT_HANDLE *sampass, DOM_SID *g_sid) return NT_STATUS_OK; } -NTSTATUS sam_set_account_pgroup_string(SAM_ACCOUNT_HANDLE *sampass, fstring g_sid) +NTSTATUS sam_set_account_pgroup_string(SAM_ACCOUNT_HANDLE *sampass, const char *g_sid) { DOM_SID new_sid; - if (!sampass || !g_sid) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && g_sid); DEBUG(10, ("sam_set_group_sid_from_string: setting group sid %s\n", g_sid)); @@ -550,8 +536,7 @@ NTSTATUS sam_set_account_pgroup_string(SAM_ACCOUNT_HANDLE *sampass, fstring g_si NTSTATUS sam_set_account_domain(SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE *domain) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.domain = domain; @@ -564,8 +549,7 @@ NTSTATUS sam_set_account_domain(SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE * NTSTATUS sam_set_account_name(SAM_ACCOUNT_HANDLE *sampass, const char *account_name) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); DEBUG(10, ("sam_set_account_name: setting nt account_name %s, was %s\n", account_name, sampass->private.account_name)); @@ -580,8 +564,7 @@ NTSTATUS sam_set_account_name(SAM_ACCOUNT_HANDLE *sampass, const char *account_n NTSTATUS sam_set_account_fullname(SAM_ACCOUNT_HANDLE *sampass, const char *full_name) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); DEBUG(10, ("sam_set_account_fullname: setting full name %s, was %s\n", full_name, sampass->private.full_name)); @@ -596,8 +579,7 @@ NTSTATUS sam_set_account_fullname(SAM_ACCOUNT_HANDLE *sampass, const char *full_ NTSTATUS sam_set_account_logon_script(SAM_ACCOUNT_HANDLE *sampass, const char *logon_script, BOOL store) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); DEBUG(10, ("sam_set_logon_script: from %s to %s\n", logon_script, sampass->private.logon_script)); @@ -614,8 +596,7 @@ NTSTATUS sam_set_account_logon_script(SAM_ACCOUNT_HANDLE *sampass, const char *l NTSTATUS sam_set_account_profile_path(SAM_ACCOUNT_HANDLE *sampass, const char *profile_path, BOOL store) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); DEBUG(10, ("sam_set_profile_path: setting profile path %s, was %s\n", profile_path, sampass->private.profile_path)); @@ -635,8 +616,7 @@ NTSTATUS sam_set_account_profile_path(SAM_ACCOUNT_HANDLE *sampass, const char *p NTSTATUS sam_set_account_dir_drive(SAM_ACCOUNT_HANDLE *sampass, const char *dir_drive, BOOL store) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); DEBUG(10, ("sam_set_dir_drive: setting dir drive %s, was %s\n", dir_drive, sampass->private.dir_drive)); @@ -657,7 +637,7 @@ NTSTATUS sam_set_account_dir_drive(SAM_ACCOUNT_HANDLE *sampass, const char *dir_ NTSTATUS sam_set_account_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *home_dir, BOOL store) { - if (!sampass) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); DEBUG(10, ("sam_set_homedir: setting home dir %s, was %s\n", home_dir, sampass->private.home_dir)); @@ -678,8 +658,7 @@ NTSTATUS sam_set_account_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *home_d NTSTATUS sam_set_account_unix_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *unix_home_dir) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); DEBUG(10, ("sam_set_unix_homedir: setting home dir %s, was %s\n", unix_home_dir, sampass->private.unix_home_dir)); @@ -695,8 +674,7 @@ NTSTATUS sam_set_account_unix_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *u NTSTATUS sam_set_account_acct_desc(SAM_ACCOUNT_HANDLE *sampass, const char *acct_desc) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc); @@ -709,8 +687,7 @@ NTSTATUS sam_set_account_acct_desc(SAM_ACCOUNT_HANDLE *sampass, const char *acct NTSTATUS sam_set_account_workstations(SAM_ACCOUNT_HANDLE *sampass, const char *workstations) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); DEBUG(10, ("sam_set_workstations: setting workstations %s, was %s\n", workstations, sampass->private.workstations)); @@ -726,8 +703,7 @@ NTSTATUS sam_set_account_workstations(SAM_ACCOUNT_HANDLE *sampass, const char *w NTSTATUS sam_set_account_unknown_str(SAM_ACCOUNT_HANDLE *sampass, const char *unknown_str) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str); @@ -740,8 +716,7 @@ NTSTATUS sam_set_account_unknown_str(SAM_ACCOUNT_HANDLE *sampass, const char *un NTSTATUS sam_set_account_munged_dial(SAM_ACCOUNT_HANDLE *sampass, const char *munged_dial) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial); return NT_STATUS_OK; @@ -751,10 +726,9 @@ NTSTATUS sam_set_account_munged_dial(SAM_ACCOUNT_HANDLE *sampass, const char *mu Set the account's NT hash. ********************************************************************/ -NTSTATUS sam_set_account_nt_pwd(SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB data) +NTSTATUS sam_set_account_nt_pwd(SAM_ACCOUNT_HANDLE *sampass, const DATA_BLOB data) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.nt_pw = data; @@ -765,10 +739,9 @@ NTSTATUS sam_set_account_nt_pwd(SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB data) Set the account's LM hash. ********************************************************************/ -NTSTATUS sam_set_account_lm_pwd(SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB data) +NTSTATUS sam_set_account_lm_pwd(SAM_ACCOUNT_HANDLE *sampass, const DATA_BLOB data) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.lm_pw = data; @@ -782,8 +755,7 @@ NTSTATUS sam_set_account_lm_pwd(SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB data) NTSTATUS sam_set_account_plaintext_pwd(SAM_ACCOUNT_HANDLE *sampass, const char *plain_pwd) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.plaintext_pw = talloc_strdup(sampass->mem_ctx, plain_pwd); @@ -792,8 +764,7 @@ NTSTATUS sam_set_account_plaintext_pwd(SAM_ACCOUNT_HANDLE *sampass, const char * NTSTATUS sam_set_account_unknown_1(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.unknown_1 = unkn; @@ -802,8 +773,7 @@ NTSTATUS sam_set_account_unknown_1(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) NTSTATUS sam_set_account_unknown_2(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.unknown_2 = unkn; @@ -812,8 +782,7 @@ NTSTATUS sam_set_account_unknown_2(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) NTSTATUS sam_set_account_unknown_3(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); sampass->private.unknown_3 = unkn; return NT_STATUS_OK; @@ -821,8 +790,7 @@ NTSTATUS sam_set_account_unknown_3(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn) NTSTATUS sam_set_account_hours(SAM_ACCOUNT_HANDLE *sampass, const uint8 *hours) { - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); if (!hours) { memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN); @@ -846,8 +814,7 @@ NTSTATUS sam_set_account_pass_changed_now(SAM_ACCOUNT_HANDLE *sampass) uint32 expire; NTTIME temptime; - if (!sampass) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass); unix_to_nt_time(&temptime, time(NULL)); if (!NT_STATUS_IS_OK(sam_set_account_pass_last_set_time(sampass, temptime))) @@ -881,8 +848,7 @@ NTSTATUS sam_set_account_passwd(SAM_ACCOUNT_HANDLE *sampass, const char *plainte uchar new_lanman_p16[16]; uchar new_nt_p16[16]; - if (!sampass || !plaintext) - return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(sampass && plaintext); nt_lm_owf_gen(plaintext, new_nt_p16, new_lanman_p16); diff --git a/source3/sam/get_set_domain.c b/source3/sam/get_set_domain.c index 8ca876524a..c70a4a3f09 100644 --- a/source3/sam/get_set_domain.c +++ b/source3/sam/get_set_domain.c @@ -25,9 +25,9 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_SAM -NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, DOM_SID **sid) +NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, const DOM_SID **sid) { - if (!domain || !sid) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&sid); *sid = &(domain->private.sid); @@ -36,7 +36,7 @@ NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, DOM_SID **sid) NTSTATUS sam_get_domain_num_accounts(SAM_DOMAIN_HANDLE *domain, uint32 *num_accounts) { - if (!domain || !num_accounts) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&num_accounts); *num_accounts = domain->private.num_accounts; @@ -45,7 +45,7 @@ NTSTATUS sam_get_domain_num_accounts(SAM_DOMAIN_HANDLE *domain, uint32 *num_acco NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups) { - if (!domain || !num_groups) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&num_groups); *num_groups = domain->private.num_groups; @@ -54,25 +54,25 @@ NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases) { - if (!domain || !num_aliases) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&num_aliases); *num_aliases = domain->private.num_aliases; return NT_STATUS_OK; } -NTSTATUS sam_get_domain_name(SAM_DOMAIN_HANDLE *domain, char **domain_name) +NTSTATUS sam_get_domain_name(SAM_DOMAIN_HANDLE *domain, const char **domain_name) { - if (!domain || !domain_name) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&domain_name); *domain_name = domain->private.name; return NT_STATUS_OK; } -NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name) +NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, const char **server_name) { - if (!domain || !server_name) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&server_name); *server_name = domain->private.servername; @@ -81,7 +81,7 @@ NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name) NTSTATUS sam_get_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage) { - if (!domain || !max_passwordage) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&max_passwordage); *max_passwordage = domain->private.max_passwordage; @@ -90,7 +90,7 @@ NTSTATUS sam_get_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwo NTSTATUS sam_get_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage) { - if (!domain || !min_passwordage) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&min_passwordage); *min_passwordage = domain->private.min_passwordage; @@ -99,7 +99,7 @@ NTSTATUS sam_get_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwo NTSTATUS sam_get_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration) { - if (!domain || !lockout_duration) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&lockout_duration); *lockout_duration = domain->private.lockout_duration; @@ -108,7 +108,7 @@ NTSTATUS sam_get_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lock NTSTATUS sam_get_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count) { - if (!domain || !reset_lockout_count) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&reset_lockout_count); *reset_lockout_count = domain->private.reset_count; @@ -117,7 +117,7 @@ NTSTATUS sam_get_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_loc NTSTATUS sam_get_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength) { - if (!domain || !min_passwordlength) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&min_passwordlength); *min_passwordlength = domain->private.min_passwordlength; @@ -126,7 +126,7 @@ NTSTATUS sam_get_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_pas NTSTATUS sam_get_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 *password_history) { - if (!domain || !password_history) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&password_history); *password_history = domain->private.password_history; @@ -135,7 +135,7 @@ NTSTATUS sam_get_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 *password_ NTSTATUS sam_get_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count) { - if (!domain || !lockout_count) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&lockout_count); *lockout_count = domain->private.lockout_count; @@ -144,7 +144,7 @@ NTSTATUS sam_get_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout NTSTATUS sam_get_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff) { - if (!domain || !force_logoff) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain &&force_logoff); *force_logoff = domain->private.force_logoff; @@ -154,7 +154,7 @@ NTSTATUS sam_get_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logo NTSTATUS sam_get_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange) { - if (!domain || !login_pwdchange) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain && login_pwdchange); *login_pwdchange = domain->private.login_pwdchange; @@ -163,9 +163,9 @@ NTSTATUS sam_get_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_p /* Set */ -NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, char *domain_name) +NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, const char *domain_name) { - if (!domain) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain); domain->private.name = talloc_strdup(domain->mem_ctx, domain_name); @@ -175,7 +175,7 @@ NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, char *domain_name) NTSTATUS sam_set_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME max_passwordage) { - if (!domain) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain); domain->private.max_passwordage = max_passwordage; @@ -184,7 +184,7 @@ NTSTATUS sam_set_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME max_passwor NTSTATUS sam_set_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME min_passwordage) { - if (!domain) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain); domain->private.min_passwordage = min_passwordage; @@ -193,7 +193,7 @@ NTSTATUS sam_set_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME min_passwor NTSTATUS sam_set_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME lockout_duration) { - if (!domain) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain); domain->private.lockout_duration = lockout_duration; @@ -201,7 +201,7 @@ NTSTATUS sam_set_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME locko } NTSTATUS sam_set_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME reset_lockout_count) { - if (!domain) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain); domain->private.reset_count = reset_lockout_count; @@ -210,7 +210,7 @@ NTSTATUS sam_set_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME reset_lock NTSTATUS sam_set_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 min_passwordlength) { - if (!domain) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain); domain->private.min_passwordlength = min_passwordlength; @@ -219,7 +219,7 @@ NTSTATUS sam_set_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 min_pass NTSTATUS sam_set_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 password_history) { - if (!domain) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain); domain->private.password_history = password_history; @@ -228,7 +228,7 @@ NTSTATUS sam_set_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 password_h NTSTATUS sam_set_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 lockout_count) { - if (!domain) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain); domain->private.lockout_count = lockout_count; @@ -237,7 +237,7 @@ NTSTATUS sam_set_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 lockout_ NTSTATUS sam_set_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL force_logoff) { - if (!domain) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain); domain->private.force_logoff = force_logoff; @@ -246,16 +246,16 @@ NTSTATUS sam_set_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL force_logof NTSTATUS sam_set_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL login_pwdchange) { - if (!domain) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain); domain->private.login_pwdchange = login_pwdchange; return NT_STATUS_OK; } -NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, char *server_name) +NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, const char *server_name) { - if (!domain) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(domain); domain->private.servername = talloc_strdup(domain->mem_ctx, server_name); diff --git a/source3/sam/get_set_group.c b/source3/sam/get_set_group.c index dac5ffca9f..11ea9258a7 100644 --- a/source3/sam/get_set_group.c +++ b/source3/sam/get_set_group.c @@ -27,97 +27,80 @@ /* sam group get functions */ -NTSTATUS sam_get_group_sid(const SAM_GROUP_HANDLE *group, DOM_SID **sid) +NTSTATUS sam_get_group_sid(const SAM_GROUP_HANDLE *group, const DOM_SID **sid) { - if (!group || !sid) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(group && sid); *sid = &(group->private.sid); return NT_STATUS_OK; } -NTSTATUS sam_get_group_typ(const SAM_GROUP_HANDLE *group, uint32 *typ) +NTSTATUS sam_get_group_ctrl(const SAM_GROUP_HANDLE *group, uint32 *group_ctrl) { - if (!group || !typ) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(group && group_ctrl); - *typ = group->private.flags; + *group_ctrl = group->private.group_ctrl; return NT_STATUS_OK; } -NTSTATUS sam_get_group_name(const SAM_GROUP_HANDLE *group, char **group_name) +NTSTATUS sam_get_group_name(const SAM_GROUP_HANDLE *group, const char **group_name) { - if (!group) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(group); - *group_name = group->private.name; + *group_name = group->private.group_name; return NT_STATUS_OK; } -NTSTATUS sam_get_group_comment(const SAM_GROUP_HANDLE *group, char **comment) +NTSTATUS sam_get_group_comment(const SAM_GROUP_HANDLE *group, const char **group_desc) { - if (!group) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(group); - *comment = group->private.comment; - - return NT_STATUS_OK; -} - -NTSTATUS sam_get_group_priv_set(const SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set) -{ - if (!group) return NT_STATUS_UNSUCCESSFUL; - - *priv_set = group->private.privileges; + *group_desc = group->private.group_desc; return NT_STATUS_OK; } /* sam group set functions */ -NTSTATUS sam_set_group_sid(SAM_GROUP_HANDLE *group, DOM_SID *sid) +NTSTATUS sam_set_group_sid(SAM_GROUP_HANDLE *group, const DOM_SID *sid) { - if (!group) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(group); - if (!sid) ZERO_STRUCT(group->private.sid); - else sid_copy(&(group->private.sid), sid); + if (!sid) + ZERO_STRUCT(group->private.sid); + else + sid_copy(&(group->private.sid), sid); return NT_STATUS_OK; } -NTSTATUS sam_set_group_typ(SAM_GROUP_HANDLE *group, uint32 typ) +NTSTATUS sam_set_group_group_ctrl(SAM_GROUP_HANDLE *group, uint32 group_ctrl) { - if (!group) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(group); - group->private.flags = typ; + group->private.group_ctrl = group_ctrl; return NT_STATUS_OK; } -NTSTATUS sam_set_group_name(SAM_GROUP_HANDLE *group, char *group_name) +NTSTATUS sam_set_group_name(SAM_GROUP_HANDLE *group, const char *group_name) { - if (!group) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(group); - group->private.name = talloc_strdup(group->mem_ctx, group_name); + group->private.group_name = talloc_strdup(group->mem_ctx, group_name); return NT_STATUS_OK; } -NTSTATUS sam_set_group_comment(SAM_GROUP_HANDLE *group, char *comment) +NTSTATUS sam_set_group_description(SAM_GROUP_HANDLE *group, const char *group_desc) { - if (!group) return NT_STATUS_UNSUCCESSFUL; + SAM_ASSERT(group); - group->private.comment = talloc_strdup(group->mem_ctx, comment); + group->private.group_desc = talloc_strdup(group->mem_ctx, group_desc); return NT_STATUS_OK; } - -NTSTATUS sam_set_group_priv_set(SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set) -{ - if (!group) return NT_STATUS_UNSUCCESSFUL; - - if (!priv_set) ZERO_STRUCT(group->private.privileges); - else memcpy(&(group->private.privileges), priv_set, sizeof(PRIVILEGE_SET)); - - return NT_STATUS_OK; -} diff --git a/source3/sam/interface.c b/source3/sam/interface.c index ef2a4d5f8a..9ba273e6f3 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -48,11 +48,8 @@ NTSTATUS sam_get_methods_by_sid(const SAM_CONTEXT *context, SAM_METHODS **sam_me DEBUG(5,("sam_get_methods_by_sid: %d\n", __LINE__)); - if ((!context) || (!context->methods)) - { - DEBUG(2,("sam_get_methods_by_sid: invalid sam_context specified!\n")); - return NT_STATUS_INVALID_PARAMETER; - } + /* invalid sam_context specified */ + SAM_ASSERT(context && context->methods) tmp_methods = context->methods; @@ -77,11 +74,8 @@ NTSTATUS sam_get_methods_by_name(const SAM_CONTEXT *context, SAM_METHODS **sam_m DEBUG(5,("sam_get_methods_by_name: %d\n", __LINE__)); - if ((!context) || (!context->methods)) - { - DEBUG(2,("sam_get_methods_by_sid: invalid sam_context specified!\n")); - return NT_STATUS_INVALID_PARAMETER; - } + /* invalid sam_context specified */ + SAM_ASSERT(context && context->methods) tmp_methods = context->methods; @@ -229,10 +223,8 @@ NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKE DEBUG(5,("context_sam_enum_domains: %d\n", __LINE__)); - if ((!context)|| (!context->methods)) { - DEBUG(2,("context_sam_enum_domains: invalid sam_context specified!\n")); - return NT_STATUS_INVALID_PARAMETER; - } + /* invalid sam_context specified */ + SAM_ASSERT(context && context->methods) if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { DEBUG(4,("samr_make_sam_obj_sd failed\n")); @@ -298,10 +290,8 @@ NTSTATUS context_sam_lookup_domain(const SAM_CONTEXT *context, const NT_USER_TOK DEBUG(5,("context_sam_lookup_domain: %d\n", __LINE__)); - if ((!context)|| (!context->methods)) { - DEBUG(2,("context_sam_lookup_domain: invalid sam_context specified!\n")); - return NT_STATUS_INVALID_PARAMETER; - } + /* invalid sam_context specified */ + SAM_ASSERT(context && context->methods) if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { DEBUG(4,("samr_make_sam_obj_sd failed\n")); @@ -354,7 +344,7 @@ NTSTATUS context_sam_get_domain_by_sid(const SAM_CONTEXT *context, const NT_USER return NT_STATUS_OK; } -NTSTATUS context_sam_create_account(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, DOM_SID *domainsid, SAM_ACCOUNT_HANDLE **account) +NTSTATUS context_sam_create_account(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) { SAM_METHODS *tmp_methods; NTSTATUS nt_status; @@ -371,7 +361,7 @@ NTSTATUS context_sam_create_account(const SAM_CONTEXT *context, const NT_USER_TO return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_account(tmp_methods, access_token, access_desired, account))) { + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_account(tmp_methods, access_token, access_desired, account_name, acct_ctrl, account))) { DEBUG(4,("context_sam_create_account in backend %s failed\n", tmp_methods->backendname)); return nt_status; @@ -383,7 +373,7 @@ NTSTATUS context_sam_create_account(const SAM_CONTEXT *context, const NT_USER_TO NTSTATUS context_sam_add_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) { DOM_SID domainsid; - DOM_SID *accountsid; + const DOM_SID *accountsid; SAM_METHODS *tmp_methods; uint32 rid; NTSTATUS nt_status; @@ -422,7 +412,7 @@ NTSTATUS context_sam_update_account(const SAM_CONTEXT *context, const SAM_ACCOUN { DOM_SID domainsid; SAM_METHODS *tmp_methods; - DOM_SID *accountsid; + const DOM_SID *accountsid; uint32 rid; NTSTATUS nt_status; @@ -460,7 +450,7 @@ NTSTATUS context_sam_delete_account(const SAM_CONTEXT *context, const SAM_ACCOUN { DOM_SID domainsid; SAM_METHODS *tmp_methods; - DOM_SID *accountsid; + const DOM_SID *accountsid; uint32 rid; NTSTATUS nt_status; @@ -494,7 +484,7 @@ NTSTATUS context_sam_delete_account(const SAM_CONTEXT *context, const SAM_ACCOUN return NT_STATUS_OK; } -NTSTATUS context_sam_enum_accounts(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, int32 *account_count, SAM_ACCOUNT_ENUM **accounts) +NTSTATUS context_sam_enum_accounts(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, uint16 acct_ctrl, int32 *account_count, SAM_ACCOUNT_ENUM **accounts) { SAM_METHODS *tmp_methods; NTSTATUS nt_status; @@ -511,7 +501,7 @@ NTSTATUS context_sam_enum_accounts(const SAM_CONTEXT *context, const NT_USER_TOK return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_accounts(tmp_methods, access_token, account_count, accounts))) { + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_accounts(tmp_methods, access_token, acct_ctrl, account_count, accounts))) { DEBUG(4,("context_sam_enum_accounts for domain %s in backend %s failed\n", tmp_methods->domain->private.name, tmp_methods->backendname)); return nt_status; @@ -582,14 +572,14 @@ NTSTATUS context_sam_get_account_by_name(const SAM_CONTEXT *context, const NT_US return NT_STATUS_OK; } -NTSTATUS context_sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const uint32 type, DOM_SID *sid, SAM_GROUP_HANDLE **group) +NTSTATUS context_sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) { SAM_METHODS *tmp_methods; NTSTATUS nt_status; DEBUG(5,("context_sam_create_group: %d\n", __LINE__)); - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) { + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) { DEBUG(4,("sam_get_methods_by_sid failed\n")); return nt_status; } @@ -599,7 +589,7 @@ NTSTATUS context_sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKE return NT_STATUS_UNSUCCESSFUL; } - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_group(tmp_methods, access_token, access_desired, type, group))) { + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_group(tmp_methods, access_token, access_desired, group_name, group_ctrl, group))) { DEBUG(4,("context_sam_create_group in backend %s failed\n", tmp_methods->backendname)); return nt_status; @@ -611,7 +601,7 @@ NTSTATUS context_sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKE NTSTATUS context_sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) { DOM_SID domainsid; - DOM_SID *groupsid; + const DOM_SID *groupsid; SAM_METHODS *tmp_methods; uint32 rid; NTSTATUS nt_status; @@ -649,7 +639,7 @@ NTSTATUS context_sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDL NTSTATUS context_sam_update_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) { DOM_SID domainsid; - DOM_SID *groupsid; + const DOM_SID *groupsid; struct sam_methods *tmp_methods; uint32 rid; NTSTATUS nt_status; @@ -688,7 +678,7 @@ NTSTATUS context_sam_delete_group(const SAM_CONTEXT *context, const SAM_GROUP_HA { DOM_SID domainsid; SAM_METHODS *tmp_methods; - DOM_SID *groupsid; + const DOM_SID *groupsid; uint32 rid; NTSTATUS nt_status; @@ -722,7 +712,7 @@ NTSTATUS context_sam_delete_group(const SAM_CONTEXT *context, const SAM_GROUP_HA return NT_STATUS_OK; } -NTSTATUS context_sam_enum_groups(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, const uint32 type, uint32 *groups_count, SAM_GROUP_ENUM **groups) +NTSTATUS context_sam_enum_groups(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups) { SAM_METHODS *tmp_methods; NTSTATUS nt_status; @@ -739,7 +729,7 @@ NTSTATUS context_sam_enum_groups(const SAM_CONTEXT *context, const NT_USER_TOKEN return NT_STATUS_NOT_IMPLEMENTED; } - if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groups(tmp_methods, access_token, type, groups_count, groups))) { + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groups(tmp_methods, access_token, group_ctrl, groups_count, groups))) { DEBUG(4,("context_sam_enum_groups for domain %s in backend %s failed\n", tmp_methods->domain->private.name, tmp_methods->backendname)); return nt_status; @@ -823,7 +813,7 @@ NTSTATUS context_sam_enum_groupmembers(const SAM_CONTEXT *context, const SAM_GRO return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS context_sam_get_groups_of_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account, const uint32 type, uint32 *group_count, SAM_GROUP_ENUM **groups) +NTSTATUS context_sam_get_groups_of_sid(const SAM_CONTEXT *context, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) { return NT_STATUS_NOT_IMPLEMENTED; } -- cgit From 6c8e4faba19b78b8147ca9274ce65551ec27cba5 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 6 Sep 2002 13:00:37 +0000 Subject: Updates to sam_skel from metze, add sam/group.c and add a DEBUG() to the SAM_ASSERT if we are not going to crash. (This used to be commit f91fcb166107e45ffb3de95a3da65c79992341eb) --- source3/sam/group.c | 193 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 193 insertions(+) create mode 100644 source3/sam/group.c (limited to 'source3/sam') diff --git a/source3/sam/group.c b/source3/sam/group.c new file mode 100644 index 0000000000..7e4bcc1425 --- /dev/null +++ b/source3/sam/group.c @@ -0,0 +1,193 @@ +/* + Unix SMB/CIFS implementation. + SAM_GROUP_HANDLE /SAM_GROUP_ENUM helpers + + Copyright (C) Stefan (metze) Metzmacher 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_SAM + +/************************************************************ + Fill the SAM_GROUP_HANDLE with default values. + ***********************************************************/ + +static void sam_fill_default_group(SAM_GROUP_HANDLE *group) +{ + ZERO_STRUCT(group->private); /* Don't touch the talloc context */ + +} + +static void destroy_sam_group_handle_talloc(SAM_GROUP_HANDLE **group) +{ + if (*group) { + + talloc_destroy((*group)->mem_ctx); + *group = NULL; + } +} + + +/********************************************************************** + Alloc memory and initialises a SAM_GROUP_HANDLE on supplied mem_ctx. +***********************************************************************/ + +NTSTATUS sam_init_group_talloc(TALLOC_CTX *mem_ctx, SAM_GROUP_HANDLE **group) +{ + SMB_ASSERT(*group != NULL); + + if (!mem_ctx) { + DEBUG(0,("sam_init_group_talloc: mem_ctx was NULL!\n")); + return NT_STATUS_UNSUCCESSFUL; + } + + *group=(SAM_GROUP_HANDLE *)talloc(mem_ctx, sizeof(SAM_GROUP_HANDLE)); + + if (*group==NULL) { + DEBUG(0,("sam_init_group_talloc: error while allocating memory\n")); + return NT_STATUS_NO_MEMORY; + } + + (*group)->mem_ctx = mem_ctx; + + (*group)->free_fn = NULL; + + sam_fill_default_group(*group); + + return NT_STATUS_OK; +} + + +/************************************************************* + Alloc memory and initialises a struct SAM_GROUP_HANDLE. + ************************************************************/ + +NTSTATUS sam_init_group(SAM_GROUP_HANDLE **group) +{ + TALLOC_CTX *mem_ctx; + NTSTATUS nt_status; + + mem_ctx = talloc_init_named("sam internal SAM_GROUP_HANDLE allocation"); + + if (!mem_ctx) { + DEBUG(0,("sam_init_group: error while doing talloc_init()\n")); + return NT_STATUS_NO_MEMORY; + } + + if (!NT_STATUS_IS_OK(nt_status = sam_init_group_talloc(mem_ctx, group))) { + talloc_destroy(mem_ctx); + return nt_status; + } + + (*group)->free_fn = destroy_sam_group_handle_talloc; + + return NT_STATUS_OK; +} + + +/************************************************************ + Reset the SAM_GROUP_HANDLE. + ***********************************************************/ + +NTSTATUS sam_reset_group(SAM_GROUP_HANDLE *group) +{ + SMB_ASSERT(group != NULL); + + sam_fill_default_group(group); + + return NT_STATUS_OK; +} + + +/************************************************************ + Free the SAM_GROUP_HANDLE and the member pointers. + ***********************************************************/ + +NTSTATUS sam_free_group(SAM_ACCOUNT_HANDLE **group) +{ + SMB_ASSERT(*group != NULL); + + if ((*group)->free_fn) { + (*group)->free_fn(group); + } + + return NT_STATUS_OK; +} + + +/********************************************************** + Encode the group control bits into a string. + length = length of string to encode into (including terminating + null). length *MUST BE MORE THAN 2* ! + **********************************************************/ + +char *sam_encode_acct_ctrl(uint16 group_ctrl, size_t length) +{ + static fstring group_str; + size_t i = 0; + + group_str[i++] = '['; + + if (group_ctrl & GCB_LOCAL_GROUP ) group_str[i++] = 'L'; + if (group_ctrl & GCB_GLOBAL_GROUP ) group_str[i++] = 'G'; + + for ( ; i < length - 2 ; i++ ) + group_str[i] = ' '; + + i = length - 2; + group_str[i++] = ']'; + group_str[i++] = '\0'; + + return group_str; +} + +/********************************************************** + Decode the group control bits from a string. + **********************************************************/ + +uint16 sam_decode_group_ctrl(const char *p) +{ + uint16 group_ctrl = 0; + BOOL finished = False; + + /* + * Check if the account type bits have been encoded after the + * NT password (in the form [NDHTUWSLXI]). + */ + + if (*p != '[') + return 0; + + for (p++; *p && !finished; p++) { + switch (*p) { + case 'L': { group_ctrl |= GCB_LOCAL_GROUP; break; /* 'L'ocal Aliases Group. */ } + case 'G': { group_ctrl |= GCB_GLOBAL_GROUP; break; /* 'G'lobal Domain Group. */ } + + case ' ': { break; } + case ':': + case '\n': + case '\0': + case ']': + default: { finished = True; } + } + } + + return group_ctrl; +} + -- cgit From 29e092d4e0f5ee7deb225d2c34262a4792eac962 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 6 Sep 2002 13:17:55 +0000 Subject: Get our consts back in line with current norms - only for pointer protection. Debate about extending this policy welcomed on samba-technical. Andrew Bartlett (This used to be commit 5f59abb410110c22b6fffd7502443b5259d12e5a) --- source3/sam/interface.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'source3/sam') diff --git a/source3/sam/interface.c b/source3/sam/interface.c index 9ba273e6f3..efc1f10f29 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -318,7 +318,7 @@ NTSTATUS context_sam_lookup_domain(const SAM_CONTEXT *context, const NT_USER_TOK } -NTSTATUS context_sam_get_domain_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain) +NTSTATUS context_sam_get_domain_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain) { SAM_METHODS *tmp_methods; NTSTATUS nt_status; @@ -344,7 +344,7 @@ NTSTATUS context_sam_get_domain_by_sid(const SAM_CONTEXT *context, const NT_USER return NT_STATUS_OK; } -NTSTATUS context_sam_create_account(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) +NTSTATUS context_sam_create_account(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account) { SAM_METHODS *tmp_methods; NTSTATUS nt_status; @@ -511,7 +511,7 @@ NTSTATUS context_sam_enum_accounts(const SAM_CONTEXT *context, const NT_USER_TOK } -NTSTATUS context_sam_get_account_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) +NTSTATUS context_sam_get_account_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account) { SAM_METHODS *tmp_methods; uint32 rid; @@ -546,7 +546,7 @@ NTSTATUS context_sam_get_account_by_sid(const SAM_CONTEXT *context, const NT_USE return NT_STATUS_OK; } -NTSTATUS context_sam_get_account_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_ACCOUNT_HANDLE **account) +NTSTATUS context_sam_get_account_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *domain, const char *name, SAM_ACCOUNT_HANDLE **account) { SAM_METHODS *tmp_methods; NTSTATUS nt_status; @@ -572,7 +572,7 @@ NTSTATUS context_sam_get_account_by_name(const SAM_CONTEXT *context, const NT_US return NT_STATUS_OK; } -NTSTATUS context_sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) +NTSTATUS context_sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *domainsid, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group) { SAM_METHODS *tmp_methods; NTSTATUS nt_status; @@ -738,7 +738,7 @@ NTSTATUS context_sam_enum_groups(const SAM_CONTEXT *context, const NT_USER_TOKEN return NT_STATUS_OK; } -NTSTATUS context_sam_get_group_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) +NTSTATUS context_sam_get_group_by_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group) { SAM_METHODS *tmp_methods; uint32 rid; @@ -773,7 +773,7 @@ NTSTATUS context_sam_get_group_by_sid(const SAM_CONTEXT *context, const NT_USER_ return NT_STATUS_OK; } -NTSTATUS context_sam_get_group_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group) +NTSTATUS context_sam_get_group_by_name(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group) { SAM_METHODS *tmp_methods; NTSTATUS nt_status; -- cgit From 94d6c0e8952ce220d2ca3ef4f97e10517595fcbf Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 6 Sep 2002 13:21:54 +0000 Subject: Fix some missing ; on the end of our SAM_ASSERT()... (This used to be commit 4d642e1fa4ed454a421a9f219a8cdecddb57fd31) --- source3/sam/interface.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/sam') diff --git a/source3/sam/interface.c b/source3/sam/interface.c index efc1f10f29..cd2f2361f3 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -49,7 +49,7 @@ NTSTATUS sam_get_methods_by_sid(const SAM_CONTEXT *context, SAM_METHODS **sam_me DEBUG(5,("sam_get_methods_by_sid: %d\n", __LINE__)); /* invalid sam_context specified */ - SAM_ASSERT(context && context->methods) + SAM_ASSERT(context && context->methods); tmp_methods = context->methods; @@ -75,7 +75,7 @@ NTSTATUS sam_get_methods_by_name(const SAM_CONTEXT *context, SAM_METHODS **sam_m DEBUG(5,("sam_get_methods_by_name: %d\n", __LINE__)); /* invalid sam_context specified */ - SAM_ASSERT(context && context->methods) + SAM_ASSERT(context && context->methods); tmp_methods = context->methods; @@ -224,7 +224,7 @@ NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKE DEBUG(5,("context_sam_enum_domains: %d\n", __LINE__)); /* invalid sam_context specified */ - SAM_ASSERT(context && context->methods) + SAM_ASSERT(context && context->methods); if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { DEBUG(4,("samr_make_sam_obj_sd failed\n")); @@ -291,7 +291,7 @@ NTSTATUS context_sam_lookup_domain(const SAM_CONTEXT *context, const NT_USER_TOK DEBUG(5,("context_sam_lookup_domain: %d\n", __LINE__)); /* invalid sam_context specified */ - SAM_ASSERT(context && context->methods) + SAM_ASSERT(context && context->methods); if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) { DEBUG(4,("samr_make_sam_obj_sd failed\n")); -- cgit From 8a5abe4dbee59dd53a9a2b842698ac6cb587a104 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sun, 8 Sep 2002 14:58:23 +0000 Subject: Patch from Stefan (metze) Metzmacher with more updates for the SAM subsystem (This used to be commit 56cb03bfc68727384df46bde6df03950f7cdfcf9) --- source3/sam/interface.c | 557 ++++++++++++++++++++++++++++++++--------------- source3/sam/sam_plugin.c | 20 +- 2 files changed, 397 insertions(+), 180 deletions(-) (limited to 'source3/sam') diff --git a/source3/sam/interface.c b/source3/sam/interface.c index cd2f2361f3..a10b34200d 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -26,6 +26,8 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_SAM +extern DOM_SID global_sid_Builtin; + /** List of various built-in sam modules */ const struct sam_init_function_entry builtin_sam_init_functions[] = { @@ -33,8 +35,6 @@ const struct sam_init_function_entry builtin_sam_init_functions[] = { { NULL, NULL} }; -/* FIXME: wrapper functions : context_* */ - /****************************************************************** context_sam_* functions are used to link the external SAM interface with the internal backends. These functions lookup the appropriate @@ -53,8 +53,7 @@ NTSTATUS sam_get_methods_by_sid(const SAM_CONTEXT *context, SAM_METHODS **sam_me tmp_methods = context->methods; - while (tmp_methods) - { + while (tmp_methods) { if (sid_equal(domainsid, &(tmp_methods->domain->private.sid))) { (*sam_method) = tmp_methods; @@ -79,8 +78,7 @@ NTSTATUS sam_get_methods_by_name(const SAM_CONTEXT *context, SAM_METHODS **sam_m tmp_methods = context->methods; - while (tmp_methods) - { + while (tmp_methods) { if (strcmp(domainname, tmp_methods->domain->private.name)) { (*sam_method) = tmp_methods; @@ -112,7 +110,7 @@ NTSTATUS context_sam_get_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKE } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_sec_desc(tmp_methods, access_token, sid, sd))) { - DEBUG(4,("context_sam_get_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); + DEBUG(4,("sam_get_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); return nt_status; } @@ -125,7 +123,7 @@ NTSTATUS context_sam_set_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKE NTSTATUS nt_status; DEBUG(5,("context_sam_set_sec_desc: %d\n", __LINE__)); - + if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) { DEBUG(4,("sam_get_methods_by_sid failed\n")); return nt_status; @@ -137,7 +135,7 @@ NTSTATUS context_sam_set_sec_desc(const SAM_CONTEXT *context, const NT_USER_TOKE } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_set_sec_desc(tmp_methods, access_token, sid, sd))) { - DEBUG(4,("context_sam_set_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); + DEBUG(4,("sam_set_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); return nt_status; } @@ -163,7 +161,7 @@ NTSTATUS context_sam_lookup_name(const SAM_CONTEXT *context, const NT_USER_TOKEN } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_name(tmp_methods, access_token, name, sid, type))) { - DEBUG(4,("context_sam_lookup_name for %s\\%s in backend %s failed\n", + DEBUG(4,("sam_lookup_name for %s\\%s in backend %s failed\n", tmp_methods->domain->private.name, name, tmp_methods->backendname)); return nt_status; } @@ -197,7 +195,7 @@ NTSTATUS context_sam_lookup_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_sid(tmp_methods, access_token, sid, name, type))) { - DEBUG(4,("context_sam_lookup_name for %s in backend %s failed\n", + DEBUG(4,("sam_lookup_name for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname)); return nt_status; } @@ -208,13 +206,34 @@ NTSTATUS context_sam_lookup_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN NTSTATUS context_sam_update_domain(const SAM_CONTEXT *context, const SAM_DOMAIN_HANDLE *domain) { - return NT_STATUS_NOT_IMPLEMENTED; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_update_domain: %d\n", __LINE__)); + + /* invalid domain specified */ + SAM_ASSERT(domain && domain->current_sam_methods); + + tmp_methods = domain->current_sam_methods; + + if (!tmp_methods->sam_update_domain) { + DEBUG(3, ("context_sam_update_domain: sam_methods of the domain did not specify sam_update_domain\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_domain(tmp_methods, domain))){ + DEBUG(4,("sam_update_domain in backend %s failed\n", + tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; } NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, int32 *domain_count, DOM_SID **domains, char ***domain_names) { SAM_METHODS *tmp_methods; - NTSTATUS nt_status; + NTSTATUS nt_status; SEC_DESC *sd; size_t sd_size; @@ -238,8 +257,7 @@ NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKE tmp_methods= context->methods; - while (tmp_methods) - { + while (tmp_methods) { (*domain_count)++; tmp_methods= tmp_methods->next; } @@ -259,9 +277,7 @@ NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKE return NT_STATUS_NO_MEMORY; } - while (tmp_methods) - { - + while (tmp_methods) { DEBUGADD(7,(" [%d] %s: %s\n", i, tmp_methods->domain->private.name, sid_string_static(&tmp_methods->domain->private.sid))); sid_copy(domains[i],&tmp_methods->domain->private.sid); if(asprintf(&(*domain_names[i]),"%s",tmp_methods->domain->private.name) < 0) { @@ -273,7 +289,6 @@ NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKE i++; tmp_methods= tmp_methods->next; - } return NT_STATUS_OK; @@ -305,8 +320,7 @@ NTSTATUS context_sam_lookup_domain(const SAM_CONTEXT *context, const NT_USER_TOK tmp_methods= context->methods; - while (tmp_methods) - { + while (tmp_methods) { if (strcmp(domain, tmp_methods->domain->private.name) == 0) { sid_copy((*domainsid), &tmp_methods->domain->private.sid); return NT_STATUS_OK; @@ -336,7 +350,7 @@ NTSTATUS context_sam_get_domain_by_sid(const SAM_CONTEXT *context, const NT_USER } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_domain_handle(tmp_methods, access_token, access_desired, domain))) { - DEBUG(4,("context_sam_get_domain_by_sid for %s in backend %s failed\n", + DEBUG(4,("sam_get_domain_handle for %s in backend %s failed\n", sid_string_static(domainsid), tmp_methods->backendname)); return nt_status; } @@ -362,7 +376,7 @@ NTSTATUS context_sam_create_account(const SAM_CONTEXT *context, const NT_USER_TO } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_account(tmp_methods, access_token, access_desired, account_name, acct_ctrl, account))) { - DEBUG(4,("context_sam_create_account in backend %s failed\n", + DEBUG(4,("sam_create_account in backend %s failed\n", tmp_methods->backendname)); return nt_status; } @@ -377,6 +391,8 @@ NTSTATUS context_sam_add_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_H SAM_METHODS *tmp_methods; uint32 rid; NTSTATUS nt_status; + + DEBUG(5,("context_sam_add_account: %d\n", __LINE__)); if (!NT_STATUS_IS_OK(nt_status = sam_get_account_sid(account, &accountsid))) { DEBUG(0,("Can't get account SID\n")); @@ -400,7 +416,7 @@ NTSTATUS context_sam_add_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_H } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_account(tmp_methods, account))){ - DEBUG(4,("context_sam_add_account in backend %s failed\n", + DEBUG(4,("sam_add_account in backend %s failed\n", tmp_methods->backendname)); return nt_status; } @@ -410,35 +426,23 @@ NTSTATUS context_sam_add_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_H NTSTATUS context_sam_update_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) { - DOM_SID domainsid; - SAM_METHODS *tmp_methods; - const DOM_SID *accountsid; - uint32 rid; - NTSTATUS nt_status; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_account_sid(account, &accountsid))) { - DEBUG(0,("Can't get account SID\n")); - return nt_status; - } - - sid_copy(&domainsid, accountsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("context_sam_get_account_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; + DEBUG(5,("context_sam_update_account: %d\n", __LINE__)); + + /* invalid account specified */ + SAM_ASSERT(account && account->current_sam_methods); + + tmp_methods = account->current_sam_methods; + if (!tmp_methods->sam_update_account) { DEBUG(3, ("context_sam_update_account: sam_methods of the domain did not specify sam_update_account\n")); return NT_STATUS_NOT_IMPLEMENTED; } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_account(tmp_methods, account))){ - DEBUG(4,("context_sam_update_account in backend %s failed\n", + DEBUG(4,("sam_update_account in backend %s failed\n", tmp_methods->backendname)); return nt_status; } @@ -448,27 +452,15 @@ NTSTATUS context_sam_update_account(const SAM_CONTEXT *context, const SAM_ACCOUN NTSTATUS context_sam_delete_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) { - DOM_SID domainsid; - SAM_METHODS *tmp_methods; - const DOM_SID *accountsid; - uint32 rid; - NTSTATUS nt_status; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_account_sid(account, &accountsid))) { - DEBUG(0,("Can't get account SID\n")); - return nt_status; - } - - sid_copy(&domainsid, accountsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("context_sam_get_account_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_delete_account: %d\n", __LINE__)); + + /* invalid account specified */ + SAM_ASSERT(account && account->current_sam_methods); + + tmp_methods = account->current_sam_methods; if (!tmp_methods->sam_delete_account) { DEBUG(3, ("context_sam_delete_account: sam_methods of the domain did not specify sam_delete_account\n")); @@ -476,7 +468,7 @@ NTSTATUS context_sam_delete_account(const SAM_CONTEXT *context, const SAM_ACCOUN } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_account(tmp_methods, account))){ - DEBUG(4,("context_sam_delete_account in backend %s failed\n", + DEBUG(4,("sam_delete_account in backend %s failed\n", tmp_methods->backendname)); return nt_status; } @@ -502,7 +494,7 @@ NTSTATUS context_sam_enum_accounts(const SAM_CONTEXT *context, const NT_USER_TOK } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_accounts(tmp_methods, access_token, acct_ctrl, account_count, accounts))) { - DEBUG(4,("context_sam_enum_accounts for domain %s in backend %s failed\n", + DEBUG(4,("sam_enum_accounts for domain %s in backend %s failed\n", tmp_methods->domain->private.name, tmp_methods->backendname)); return nt_status; } @@ -538,7 +530,7 @@ NTSTATUS context_sam_get_account_by_sid(const SAM_CONTEXT *context, const NT_USE } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_sid(tmp_methods, access_token, access_desired, accountsid, account))) { - DEBUG(4,("context_sam_get_account_by_sid for %s in backend %s failed\n", + DEBUG(4,("sam_get_account_by_sid for %s in backend %s failed\n", sid_string_static(accountsid), tmp_methods->backendname)); return nt_status; } @@ -564,7 +556,7 @@ NTSTATUS context_sam_get_account_by_name(const SAM_CONTEXT *context, const NT_US } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_account_by_name(tmp_methods, access_token, access_desired, name, account))) { - DEBUG(4,("context_sam_get_account_by_name for %s\\%s in backend %s failed\n", + DEBUG(4,("sam_get_account_by_name for %s\\%s in backend %s failed\n", domain, name, tmp_methods->backendname)); return nt_status; } @@ -590,7 +582,7 @@ NTSTATUS context_sam_create_group(const SAM_CONTEXT *context, const NT_USER_TOKE } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_group(tmp_methods, access_token, access_desired, group_name, group_ctrl, group))) { - DEBUG(4,("context_sam_create_group in backend %s failed\n", + DEBUG(4,("sam_create_group in backend %s failed\n", tmp_methods->backendname)); return nt_status; } @@ -605,6 +597,8 @@ NTSTATUS context_sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDL SAM_METHODS *tmp_methods; uint32 rid; NTSTATUS nt_status; + + DEBUG(5,("context_sam_add_group: %d\n", __LINE__)); if (!NT_STATUS_IS_OK(nt_status = sam_get_group_sid(group, &groupsid))) { DEBUG(0,("Can't get group SID\n")); @@ -628,7 +622,7 @@ NTSTATUS context_sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDL } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_group(tmp_methods, group))){ - DEBUG(4,("context_sam_add_group in backend %s failed\n", + DEBUG(4,("sam_add_group in backend %s failed\n", tmp_methods->backendname)); return nt_status; } @@ -638,35 +632,23 @@ NTSTATUS context_sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDL NTSTATUS context_sam_update_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) { - DOM_SID domainsid; - const DOM_SID *groupsid; - struct sam_methods *tmp_methods; - uint32 rid; - NTSTATUS nt_status; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_group_sid(group, &groupsid))) { - DEBUG(0,("Can't get group SID\n")); - return nt_status; - } - - sid_copy(&domainsid, groupsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("context_sam_get_group_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } - + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_update_group: %d\n", __LINE__)); + + /* invalid group specified */ + SAM_ASSERT(group && group->current_sam_methods); + + tmp_methods = group->current_sam_methods; + if (!tmp_methods->sam_update_group) { DEBUG(3, ("context_sam_update_group: sam_methods of the domain did not specify sam_update_group\n")); return NT_STATUS_NOT_IMPLEMENTED; } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_update_group(tmp_methods, group))){ - DEBUG(4,("context_sam_update_group in backend %s failed\n", + DEBUG(4,("sam_update_group in backend %s failed\n", tmp_methods->backendname)); return nt_status; } @@ -676,27 +658,15 @@ NTSTATUS context_sam_update_group(const SAM_CONTEXT *context, const SAM_GROUP_HA NTSTATUS context_sam_delete_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) { - DOM_SID domainsid; - SAM_METHODS *tmp_methods; - const DOM_SID *groupsid; - uint32 rid; - NTSTATUS nt_status; - - if (!NT_STATUS_IS_OK(nt_status = sam_get_group_sid(group, &groupsid))) { - DEBUG(0,("Can't get group SID\n")); - return nt_status; - } - - sid_copy(&domainsid, groupsid); - if (!sid_split_rid(&domainsid, &rid)) { - DEBUG(3,("context_sam_get_group_by_sid: failed to split the sid\n")); - return NT_STATUS_INVALID_SID; - } - - if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) { - DEBUG(4,("sam_get_methods_by_sid failed\n")); - return nt_status; - } + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; + + DEBUG(5,("context_sam_delete_group: %d\n", __LINE__)); + + /* invalid group specified */ + SAM_ASSERT(group && group->current_sam_methods); + + tmp_methods = group->current_sam_methods; if (!tmp_methods->sam_delete_group) { DEBUG(3, ("context_sam_delete_group: sam_methods of the domain did not specify sam_delete_group\n")); @@ -704,7 +674,7 @@ NTSTATUS context_sam_delete_group(const SAM_CONTEXT *context, const SAM_GROUP_HA } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_group(tmp_methods, group))){ - DEBUG(4,("context_sam_delete_group in backend %s failed\n", + DEBUG(4,("sam_delete_group in backend %s failed\n", tmp_methods->backendname)); return nt_status; } @@ -730,7 +700,7 @@ NTSTATUS context_sam_enum_groups(const SAM_CONTEXT *context, const NT_USER_TOKEN } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groups(tmp_methods, access_token, group_ctrl, groups_count, groups))) { - DEBUG(4,("context_sam_enum_groups for domain %s in backend %s failed\n", + DEBUG(4,("sam_enum_groups for domain %s in backend %s failed\n", tmp_methods->domain->private.name, tmp_methods->backendname)); return nt_status; } @@ -765,7 +735,7 @@ NTSTATUS context_sam_get_group_by_sid(const SAM_CONTEXT *context, const NT_USER_ } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_sid(tmp_methods, access_token, access_desired, groupsid, group))) { - DEBUG(4,("context_sam_get_group_by_sid for %s in backend %s failed\n", + DEBUG(4,("sam_get_group_by_sid for %s in backend %s failed\n", sid_string_static(groupsid), tmp_methods->backendname)); return nt_status; } @@ -791,7 +761,7 @@ NTSTATUS context_sam_get_group_by_name(const SAM_CONTEXT *context, const NT_USER } if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_name(tmp_methods, access_token, access_desired, name, group))) { - DEBUG(4,("context_sam_get_group_by_name for %s\\%s in backend %s failed\n", + DEBUG(4,("sam_get_group_by_name for %s\\%s in backend %s failed\n", domain, name, tmp_methods->backendname)); return nt_status; } @@ -801,21 +771,120 @@ NTSTATUS context_sam_get_group_by_name(const SAM_CONTEXT *context, const NT_USER NTSTATUS context_sam_add_member_to_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) { - return NT_STATUS_NOT_IMPLEMENTED; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; + + + /* invalid group or member specified */ + SAM_ASSERT(group && group->current_sam_methods && member); + + tmp_methods = group->current_sam_methods; + + if (!tmp_methods->sam_add_member_to_group) { + DEBUG(3, ("context_sam_add_member_to_group: sam_methods of the domain did not specify sam_add_member_to_group\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_add_member_to_group(tmp_methods, group, member))) { + DEBUG(4,("sam_add_member_to_group in backend %s failed\n", tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; + } + NTSTATUS context_sam_delete_member_from_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) { - return NT_STATUS_NOT_IMPLEMENTED; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; + + /* invalid group or member specified */ + SAM_ASSERT(group && group->current_sam_methods &&member); + + tmp_methods = group->current_sam_methods; + + if (!tmp_methods->sam_delete_member_from_group) { + DEBUG(3, ("context_sam_delete_member_from_group: sam_methods of the domain did not specify sam_delete_member_from_group\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_delete_member_from_group(tmp_methods, group, member))) { + DEBUG(4,("sam_delete_member_from_group in backend %s failed\n", tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; } NTSTATUS context_sam_enum_groupmembers(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) { - return NT_STATUS_NOT_IMPLEMENTED; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; + + /* invalid group specified */ + SAM_ASSERT(group && group->current_sam_methods); + + tmp_methods = group->current_sam_methods; + + if (!tmp_methods->sam_enum_groupmembers) { + DEBUG(3, ("context_sam_enum_groupmembers: sam_methods of the domain did not specify sam_enum_group_members\n")); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groupmembers(tmp_methods, group, members_count, members))) { + DEBUG(4,("sam_enum_groupmembers in backend %s failed\n", tmp_methods->backendname)); + return nt_status; + } + + return NT_STATUS_OK; } -NTSTATUS context_sam_get_groups_of_sid(const SAM_CONTEXT *context, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) +NTSTATUS context_sam_get_groups_of_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups) { - return NT_STATUS_NOT_IMPLEMENTED; + SAM_METHODS *tmp_methods; + NTSTATUS nt_status; + + uint32 tmp_group_count; + SAM_GROUP_ENUM *tmp_groups; + + DEBUG(5,("context_sam_get_groups_of_sid: %d\n", __LINE__)); + + /* invalid sam_context specified */ + SAM_ASSERT(context && context->methods); + + *group_count = 0; + + *groups = NULL; + + tmp_methods= context->methods; + + while (tmp_methods) { + DEBUG(5,("getting groups from domain \n")); + if (!tmp_methods->sam_get_groups_of_sid) { + DEBUG(3, ("context_sam_get_groups_of_sid: sam_methods of domain did not specify sam_get_groups_of_sid\n")); + SAFE_FREE(*groups); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_groups_of_sid(tmp_methods, access_token, sids, group_ctrl, &tmp_group_count, &tmp_groups))) { + DEBUG(4,("sam_get_groups_of_sid in backend %s failed\n", tmp_methods->backendname)); + SAFE_FREE(*groups); + return nt_status; + } + + *groups = Realloc(*groups, ((*group_count) + tmp_group_count) * sizeof(SAM_GROUP_ENUM)); + + memcpy(&(*groups)[*group_count], tmp_groups, tmp_group_count); + + SAFE_FREE(tmp_groups); + + *group_count += tmp_group_count; + + tmp_methods = tmp_methods->next; + } + + return NT_STATUS_OK; } @@ -828,7 +897,7 @@ void free_sam_context(SAM_CONTEXT **context) { SAM_METHODS *sam_selected = (*context)->methods; - while (sam_selected){ + while (sam_selected) { if (sam_selected->free_private_data) { sam_selected->free_private_data(&(sam_selected->private_data)); } @@ -842,71 +911,217 @@ void free_sam_context(SAM_CONTEXT **context) /****************************************************************** Make a sam_methods from scratch *******************************************************************/ - -NTSTATUS make_sam_context_list(SAM_CONTEXT **context, char **selected) + +static NTSTATUS make_backend_entry(SAM_BACKEND_ENTRY *backend_entry, char *sam_backend_string) { - int i = 0; - SAM_METHODS *curmethods, *tmpmethods; - NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + char *tmp = NULL; + char *tmp_string = sam_backend_string; + + DEBUG(5,("make_backend_entry: %d\n", __LINE__)); + + SAM_ASSERT(sam_backend_string && backend_entry); + + backend_entry->module_name = sam_backend_string; + + DEBUG(5,("makeing backend_entry for %s\n", backend_entry->module_name)); + + if ((tmp = strchr(tmp_string, '|')) != NULL) { + DEBUGADD(20,("a domain name has been specified\n")); + *tmp = 0; + backend_entry->domain_name = tmp + 1; + tmp_string = tmp + 1; + } + + if ((tmp = strchr(tmp_string, ':')) != NULL) { + DEBUG(20,("options for the backend have been specified\n")); + *tmp = 0; + backend_entry->module_params = tmp + 1; + tmp_string = tmp + 1; + } + + if (backend_entry->domain_name == NULL) { + DEBUG(10,("make_backend_entry: no domain was specified for sam module %s. Useing default domain %s\n", + backend_entry->module_name, lp_workgroup())); + backend_entry->domain_name = lp_workgroup(); + } + + if ((backend_entry->domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID))) == NULL) { + DEBUG(0,("make_backend_entry: failed to malloc domain_sid\n")); + return NT_STATUS_NO_MEMORY; + } + + DEBUG(10,("looking up sid for domain %s\n", backend_entry->domain_name)); + + if (!secrets_fetch_domain_sid(backend_entry->domain_name, backend_entry->domain_sid)) { + DEBUG(2,("make_backend_entry: There is no SID stored for domain %s. Creating a new one.\n", + backend_entry->domain_name)); + /* FIXME */ + ZERO_STRUCTP(backend_entry->domain_sid); + } + + DEBUG(5,("make_backend_entry: module name: %s, module parameters: %s, domain name: %s, domain sid: %s\n", + backend_entry->module_name, backend_entry->module_params, backend_entry->domain_name, sid_string_static(backend_entry->domain_sid))); + + return NT_STATUS_OK; +} - if (!NT_STATUS_IS_OK(nt_status = make_sam_context(context))) { - return nt_status; - } - while (selected[i]){ - /* Try to initialise sam */ - DEBUG(5,("Trying to load: %s\n", selected[i])); - if (!NT_STATUS_IS_OK(nt_status = make_sam_methods_name(&curmethods, *context, selected[i]))) { - DEBUG(1, ("Loading %s failed!\n", selected[i])); - free_sam_context(context); - return nt_status; +static NTSTATUS check_correct_backend_entries(SAM_BACKEND_ENTRY **backend_entries, int *nBackends) +{ + BOOL has_builtin = False; + BOOL has_workgroup = False; + DOM_SID *global_sam_sid = get_global_sam_sid(); /* lp_workgroup doesn't play nicely with multiple domains */ + int increase_by = 0; + int i, j; + + DEBUG(5,("check_correct_backend_entries: %d\n", __LINE__)); + + for (i = 0; i < *nBackends; i++) { + if (sid_equal((*backend_entries)[i].domain_sid, &global_sid_Builtin)) { + DEBUG(20,("check_correct_backend_entries: smb.conf specified BUILTIN domain\n")); + has_builtin = True; } - curmethods->parent = *context; - DLIST_ADD_END((*context)->methods, curmethods, tmpmethods); - i++; - } - return NT_STATUS_OK; + if (sid_equal((*backend_entries)[i].domain_sid, global_sam_sid)) { + DEBUG(20,("check_correct_backend_entries: smb.conf specified main domain\n")); + has_workgroup = True; + } + for (j = i + 1; j < *nBackends; j++) { + if (sid_equal((*backend_entries)[i].domain_sid, (*backend_entries)[j].domain_sid)) { + DEBUG(2,("two backend modules claim the same domain %s", + sid_string_static((*backend_entries)[j].domain_sid))); + return NT_STATUS_INVALID_PARAMETER; + } + } + } + + if (!has_workgroup) increase_by++; + if (!has_builtin) increase_by++; + + if (increase_by > 0) { + *nBackends += increase_by; + + (*backend_entries) = (SAM_BACKEND_ENTRY *)realloc((*backend_entries), sizeof(SAM_BACKEND_ENTRY) * (*nBackends)); + if (!has_workgroup) { + /* should be replaced by the default sam module */ + DEBUG(4,("There was no backend specified for domain %s useing plugin\n", + lp_workgroup())); + (*backend_entries)[i].module_name = "plugin"; + (*backend_entries)[i].module_params = NULL; + (*backend_entries)[i].domain_name = lp_workgroup(); + (*backend_entries)[i].domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); + sid_copy((*backend_entries)[i].domain_sid, global_sam_sid); + i++; + } + if (!has_builtin) { + /* should be replaced by the default sam module */ + DEBUG(4,("There was no backend specified for domain BUILTIN useing plugin\n")); + (*backend_entries)[i].module_name = "plugin"; + (*backend_entries)[i].module_params = NULL; + (*backend_entries)[i].domain_name = "BUILTIN"; + (*backend_entries)[i].domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); + sid_copy((*backend_entries)[i].domain_sid, &global_sid_Builtin); + i++; + } + } + + return NT_STATUS_OK; } -NTSTATUS make_sam_methods_name(SAM_METHODS **methods, SAM_CONTEXT *context, const char *selected) +static NTSTATUS make_sam_methods_backend_entry(SAM_CONTEXT *context, SAM_METHODS **methods, SAM_BACKEND_ENTRY *backend_entry) { - char *module_name = smb_xstrdup(selected); - char *module_location = NULL, *p; NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; int i; + + DEBUG(5,("make_sam_methods_backend_entry: %d\n", __LINE__)); - p = strchr(module_name, ':'); - - if (p) { - *p = 0; - module_location = p+1; - trim_string(module_location, " ", " "); - } - - trim_string(module_name, " ", " "); - DEBUG(5,("Attempting to find an sam backend to match %s (%s)\n", selected, module_name)); - for (i = 0; builtin_sam_init_functions[i].name; i++) + DEBUG(5,("Attempting to find sam backend %s\n", backend_entry->module_name)); + for (i = 0; builtin_sam_init_functions[i].module_name; i++) { - if (strequal(builtin_sam_init_functions[i].name, module_name)) + if (strequal(builtin_sam_init_functions[i].module_name, backend_entry->module_name)) { - DEBUG(5,("Found sam backend %s (at pos %d)\n", module_name, i)); - nt_status = builtin_sam_init_functions[i].init(context, methods, module_location); + DEBUG(5,("Found sam backend %s (at pos %d)\n", backend_entry->module_name, i)); + DEBUGADD(5,("initialising it with options=%s for domain %s\n", backend_entry->module_params, sid_string_static(backend_entry->domain_sid))); + nt_status = builtin_sam_init_functions[i].init(context, methods, backend_entry->domain_sid, backend_entry->module_params); if (NT_STATUS_IS_OK(nt_status)) { - DEBUG(5,("sam backend %s has a valid init\n", selected)); + DEBUG(5,("sam backend %s has a valid init\n", backend_entry->module_name)); } else { - DEBUG(0,("sam backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status))); + DEBUG(2,("sam backend %s did not correctly init (error was %s)\n", + backend_entry->module_name, nt_errstr(nt_status))); } - SAFE_FREE(module_name); return nt_status; break; /* unreached */ } } + + DEBUG(2,("could not find backend %s\n", backend_entry->module_name)); - /* No such backend found */ - SAFE_FREE(module_name); return NT_STATUS_INVALID_PARAMETER; } + +NTSTATUS make_sam_context_list(SAM_CONTEXT **context, char **sam_backends_param) +{ + int i = 0, j = 0; + SAM_METHODS *curmethods, *tmpmethods; + int nBackends = 0; + SAM_BACKEND_ENTRY *backends = NULL; + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + + DEBUG(5,("make_sam_context_from_conf: %d\n", __LINE__)); + + if (!NT_STATUS_IS_OK(nt_status = make_sam_context(context))) { + DEBUG(4,("make_sam_context failed\n")); + return nt_status; + } + + while (sam_backends_param[nBackends]) + nBackends++; + + DEBUG(6,("There are %d domains listed with there backends\n", nBackends)); + + if ((backends = (SAM_BACKEND_ENTRY *)malloc(sizeof(SAM_BACKEND_ENTRY)*nBackends)) == NULL) { + DEBUG(0,("make_sam_context_list: failed to allocate backends\n")); + return NT_STATUS_NO_MEMORY; + } + ZERO_STRUCTP(backends); + + for (i = 0; i < nBackends; i++) { + DEBUG(8,("processing %s\n",sam_backends_param[i])); + if (!NT_STATUS_IS_OK(nt_status = make_backend_entry(&backends[i], sam_backends_param[i]))) { + DEBUG(4,("make_backend_entry failed\n")); + for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); + SAFE_FREE(backends); + free_sam_context(context); + return nt_status; + } + } + + if (!NT_STATUS_IS_OK(nt_status = check_correct_backend_entries(&backends, &nBackends))) { + DEBUG(4,("check_correct_backend_entries failed\n")); + for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); + SAFE_FREE(backends); + free_sam_context(context); + return nt_status; + } + + for (i = 0; i < nBackends; i++) { + if (!NT_STATUS_IS_OK(nt_status = make_sam_methods_backend_entry(*context, &curmethods, &backends[i]))) { + DEBUG(4,("make_sam_methods_backend_entry failed\n")); + for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); + SAFE_FREE(backends); + free_sam_context(context); + return nt_status; + } + curmethods->parent = *context; + DLIST_ADD_END((*context)->methods, curmethods, tmpmethods); + } + + for (i = 0; i < nBackends; i++) SAFE_FREE(backends[i].domain_sid); + + SAFE_FREE(backends); + return NT_STATUS_OK; +} + /****************************************************************** Make a sam_context from scratch. *******************************************************************/ @@ -952,12 +1167,14 @@ struct sam_context *sam_get_static_context(BOOL reload) if ((sam_context) && (reload)) { sam_context->free_fn(&sam_context); if (!NT_STATUS_IS_OK(make_sam_context_list(&sam_context, lp_sam_backend()))) { + DEBUG(4,("make_sam_context_list failed\n")); return NULL; } } if (!sam_context) { if (!NT_STATUS_IS_OK(make_sam_context_list(&sam_context, lp_sam_backend()))) { + DEBUG(4,("make_sam_context_list failed\n")); return NULL; } } @@ -977,7 +1194,7 @@ BOOL initialize_sam(BOOL reload) } -NTSTATUS make_sam_methods(TALLOC_CTX *mem_ctx, SAM_METHODS **methods) +NTSTATUS make_sam_methods(TALLOC_CTX *mem_ctx, SAM_METHODS **methods) { *methods = talloc(mem_ctx, sizeof(SAM_METHODS)); diff --git a/source3/sam/sam_plugin.c b/source3/sam/sam_plugin.c index c32acf3d3c..9d2ee937ef 100644 --- a/source3/sam/sam_plugin.c +++ b/source3/sam/sam_plugin.c @@ -25,25 +25,25 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_SAM -NTSTATUS sam_init_plugin(const SAM_CONTEXT *sam_context, SAM_METHODS **sam_method, const char *location) +NTSTATUS sam_init_plugin(const SAM_CONTEXT *sam_context, SAM_METHODS **sam_method, const DOM_SID *domain, const char *module_params) { - void * dl_handle; - char *plugin_location, *plugin_name, *p; + void *dl_handle; + char *plugin_params, *plugin_name, *p; sam_init_function plugin_init; int (*plugin_version)(void); - if (location == NULL) { + if (module_params == NULL) { DEBUG(0, ("The plugin module needs an argument!\n")); return NT_STATUS_UNSUCCESSFUL; } - plugin_name = smb_xstrdup(location); + plugin_name = smb_xstrdup(module_params); p = strchr(plugin_name, ':'); if (p) { *p = 0; - plugin_location = p+1; - trim_string(plugin_location, " ", " "); - } else plugin_location = NULL; + plugin_params = p+1; + trim_string(plugin_params, " ", " "); + } else plugin_params = NULL; trim_string(plugin_name, " ", " "); DEBUG(5, ("Trying to load sam plugin %s\n", plugin_name)); @@ -74,6 +74,6 @@ NTSTATUS sam_init_plugin(const SAM_CONTEXT *sam_context, SAM_METHODS **sam_metho return NT_STATUS_UNSUCCESSFUL; } - DEBUG(5, ("Starting sam plugin %s with location %s\n", plugin_name, plugin_location)); - return plugin_init(sam_context, sam_method, plugin_location); + DEBUG(5, ("Starting sam plugin %s with parameters %s for domain %s\n", plugin_name, plugin_params, sid_string_static(domain))); + return plugin_init(sam_context, sam_method, domain, plugin_params); } -- cgit From 1244410cc4d48e3d68dad2c979a9ad2a2f70989e Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 19 Sep 2002 15:39:00 +0000 Subject: Merge in first command for 'samtest' Fix small bug in sam/interface.c Make sam backend to default to a define (This used to be commit 60ab55fedf03a0b505b0b73527e031124a46304e) --- source3/sam/interface.c | 33 ++++++++++++++++----------------- 1 file changed, 16 insertions(+), 17 deletions(-) (limited to 'source3/sam') diff --git a/source3/sam/interface.c b/source3/sam/interface.c index a10b34200d..17df276aed 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -206,7 +206,7 @@ NTSTATUS context_sam_lookup_sid(const SAM_CONTEXT *context, const NT_USER_TOKEN NTSTATUS context_sam_update_domain(const SAM_CONTEXT *context, const SAM_DOMAIN_HANDLE *domain) { - SAM_METHODS *tmp_methods; + const SAM_METHODS *tmp_methods; NTSTATUS nt_status; DEBUG(5,("context_sam_update_domain: %d\n", __LINE__)); @@ -426,7 +426,7 @@ NTSTATUS context_sam_add_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_H NTSTATUS context_sam_update_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) { - SAM_METHODS *tmp_methods; + const SAM_METHODS *tmp_methods; NTSTATUS nt_status; DEBUG(5,("context_sam_update_account: %d\n", __LINE__)); @@ -452,7 +452,7 @@ NTSTATUS context_sam_update_account(const SAM_CONTEXT *context, const SAM_ACCOUN NTSTATUS context_sam_delete_account(const SAM_CONTEXT *context, const SAM_ACCOUNT_HANDLE *account) { - SAM_METHODS *tmp_methods; + const SAM_METHODS *tmp_methods; NTSTATUS nt_status; DEBUG(5,("context_sam_delete_account: %d\n", __LINE__)); @@ -632,7 +632,7 @@ NTSTATUS context_sam_add_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDL NTSTATUS context_sam_update_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) { - SAM_METHODS *tmp_methods; + const SAM_METHODS *tmp_methods; NTSTATUS nt_status; DEBUG(5,("context_sam_update_group: %d\n", __LINE__)); @@ -658,7 +658,7 @@ NTSTATUS context_sam_update_group(const SAM_CONTEXT *context, const SAM_GROUP_HA NTSTATUS context_sam_delete_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group) { - SAM_METHODS *tmp_methods; + const SAM_METHODS *tmp_methods; NTSTATUS nt_status; DEBUG(5,("context_sam_delete_group: %d\n", __LINE__)); @@ -771,7 +771,7 @@ NTSTATUS context_sam_get_group_by_name(const SAM_CONTEXT *context, const NT_USER NTSTATUS context_sam_add_member_to_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) { - SAM_METHODS *tmp_methods; + const SAM_METHODS *tmp_methods; NTSTATUS nt_status; @@ -796,7 +796,7 @@ NTSTATUS context_sam_add_member_to_group(const SAM_CONTEXT *context, const SAM_G NTSTATUS context_sam_delete_member_from_group(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member) { - SAM_METHODS *tmp_methods; + const SAM_METHODS *tmp_methods; NTSTATUS nt_status; /* invalid group or member specified */ @@ -819,7 +819,7 @@ NTSTATUS context_sam_delete_member_from_group(const SAM_CONTEXT *context, const NTSTATUS context_sam_enum_groupmembers(const SAM_CONTEXT *context, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members) { - SAM_METHODS *tmp_methods; + const SAM_METHODS *tmp_methods; NTSTATUS nt_status; /* invalid group specified */ @@ -986,7 +986,7 @@ static NTSTATUS check_correct_backend_entries(SAM_BACKEND_ENTRY **backend_entrie } for (j = i + 1; j < *nBackends; j++) { if (sid_equal((*backend_entries)[i].domain_sid, (*backend_entries)[j].domain_sid)) { - DEBUG(2,("two backend modules claim the same domain %s", + DEBUG(0,("two backend modules claim the same domain %s\n", sid_string_static((*backend_entries)[j].domain_sid))); return NT_STATUS_INVALID_PARAMETER; } @@ -999,12 +999,11 @@ static NTSTATUS check_correct_backend_entries(SAM_BACKEND_ENTRY **backend_entrie if (increase_by > 0) { *nBackends += increase_by; - (*backend_entries) = (SAM_BACKEND_ENTRY *)realloc((*backend_entries), sizeof(SAM_BACKEND_ENTRY) * (*nBackends)); + (*backend_entries) = (SAM_BACKEND_ENTRY *)realloc((*backend_entries), sizeof(SAM_BACKEND_ENTRY) * (*nBackends+1)); if (!has_workgroup) { - /* should be replaced by the default sam module */ - DEBUG(4,("There was no backend specified for domain %s useing plugin\n", - lp_workgroup())); - (*backend_entries)[i].module_name = "plugin"; + DEBUG(4,("There was no backend specified for domain %s; using %s\n", + lp_workgroup(), SAM_DEFAULT_BACKEND)); + (*backend_entries)[i].module_name = SAM_DEFAULT_BACKEND; (*backend_entries)[i].module_params = NULL; (*backend_entries)[i].domain_name = lp_workgroup(); (*backend_entries)[i].domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); @@ -1012,9 +1011,9 @@ static NTSTATUS check_correct_backend_entries(SAM_BACKEND_ENTRY **backend_entrie i++; } if (!has_builtin) { - /* should be replaced by the default sam module */ - DEBUG(4,("There was no backend specified for domain BUILTIN useing plugin\n")); - (*backend_entries)[i].module_name = "plugin"; + DEBUG(4,("There was no backend specified for domain BUILTIN; using %s\n", + SAM_DEFAULT_BACKEND)); + (*backend_entries)[i].module_name = SAM_DEFAULT_BACKEND; (*backend_entries)[i].module_params = NULL; (*backend_entries)[i].domain_name = "BUILTIN"; (*backend_entries)[i].domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); -- cgit From 8322448c40ed7191b0669f885fde39d4ca89d341 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 19 Sep 2002 17:40:55 +0000 Subject: Move functionality to check whether entries for lp_workgroup() and "BUILTIN" exist and add them if necessary from check_correct_backend_entries into sam_context_check_default_backends. The reason for this is that we don't always want to have BUILTIN and lp_workgroup() in a sam_context, for example when doing sam2sam. check_correct_backend_entries has been renamed to 'check_duplicate_backend_entries' since that's what it currently does. The sam_context_check_default_backends() function is only called by sam_get_static_context(BOOL reload) currently currently. (This used to be commit 2fe72652ee468bf5e1f8f151215f45b10f4c8a28) --- source3/sam/api.c | 4 +- source3/sam/interface.c | 163 ++++++++++++++++++++++++++++-------------------- 2 files changed, 98 insertions(+), 69 deletions(-) (limited to 'source3/sam') diff --git a/source3/sam/api.c b/source3/sam/api.c index 5d850becce..fb2f015e95 100644 --- a/source3/sam/api.c +++ b/source3/sam/api.c @@ -1,7 +1,7 @@ /* Unix SMB/CIFS implementation. SAM interface API. - + Copyright (C) Stefan (metze) Metzmacher 2002 This program is free software; you can redistribute it and/or modify @@ -24,7 +24,7 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_SAM -/* this function should be used by the rest of SAMBA --metze */ +/* these functions should be used by the rest of SAMBA --metze */ /* General API */ diff --git a/source3/sam/interface.c b/source3/sam/interface.c index 17df276aed..6668e3848d 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -965,65 +965,9 @@ static NTSTATUS make_backend_entry(SAM_BACKEND_ENTRY *backend_entry, char *sam_b return NT_STATUS_OK; } -static NTSTATUS check_correct_backend_entries(SAM_BACKEND_ENTRY **backend_entries, int *nBackends) -{ - BOOL has_builtin = False; - BOOL has_workgroup = False; - DOM_SID *global_sam_sid = get_global_sam_sid(); /* lp_workgroup doesn't play nicely with multiple domains */ - int increase_by = 0; - int i, j; - - DEBUG(5,("check_correct_backend_entries: %d\n", __LINE__)); - - for (i = 0; i < *nBackends; i++) { - if (sid_equal((*backend_entries)[i].domain_sid, &global_sid_Builtin)) { - DEBUG(20,("check_correct_backend_entries: smb.conf specified BUILTIN domain\n")); - has_builtin = True; - } - if (sid_equal((*backend_entries)[i].domain_sid, global_sam_sid)) { - DEBUG(20,("check_correct_backend_entries: smb.conf specified main domain\n")); - has_workgroup = True; - } - for (j = i + 1; j < *nBackends; j++) { - if (sid_equal((*backend_entries)[i].domain_sid, (*backend_entries)[j].domain_sid)) { - DEBUG(0,("two backend modules claim the same domain %s\n", - sid_string_static((*backend_entries)[j].domain_sid))); - return NT_STATUS_INVALID_PARAMETER; - } - } - } - - if (!has_workgroup) increase_by++; - if (!has_builtin) increase_by++; - - if (increase_by > 0) { - *nBackends += increase_by; - - (*backend_entries) = (SAM_BACKEND_ENTRY *)realloc((*backend_entries), sizeof(SAM_BACKEND_ENTRY) * (*nBackends+1)); - if (!has_workgroup) { - DEBUG(4,("There was no backend specified for domain %s; using %s\n", - lp_workgroup(), SAM_DEFAULT_BACKEND)); - (*backend_entries)[i].module_name = SAM_DEFAULT_BACKEND; - (*backend_entries)[i].module_params = NULL; - (*backend_entries)[i].domain_name = lp_workgroup(); - (*backend_entries)[i].domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); - sid_copy((*backend_entries)[i].domain_sid, global_sam_sid); - i++; - } - if (!has_builtin) { - DEBUG(4,("There was no backend specified for domain BUILTIN; using %s\n", - SAM_DEFAULT_BACKEND)); - (*backend_entries)[i].module_name = SAM_DEFAULT_BACKEND; - (*backend_entries)[i].module_params = NULL; - (*backend_entries)[i].domain_name = "BUILTIN"; - (*backend_entries)[i].domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); - sid_copy((*backend_entries)[i].domain_sid, &global_sid_Builtin); - i++; - } - } - - return NT_STATUS_OK; -} +/****************************************************************** + create sam_methods struct based on sam_backend_entry + *****************************************************************/ static NTSTATUS make_sam_methods_backend_entry(SAM_CONTEXT *context, SAM_METHODS **methods, SAM_BACKEND_ENTRY *backend_entry) { @@ -1048,7 +992,6 @@ static NTSTATUS make_sam_methods_backend_entry(SAM_CONTEXT *context, SAM_METHODS backend_entry->module_name, nt_errstr(nt_status))); } return nt_status; - break; /* unreached */ } } @@ -1057,6 +1000,90 @@ static NTSTATUS make_sam_methods_backend_entry(SAM_CONTEXT *context, SAM_METHODS return NT_STATUS_INVALID_PARAMETER; } +static NTSTATUS sam_context_check_default_backends(SAM_CONTEXT *context) +{ + SAM_BACKEND_ENTRY entry; + DOM_SID *global_sam_sid = get_global_sam_sid(); /* lp_workgroup doesn't play nicely with multiple domains */ + SAM_METHODS *methods, *tmpmethods; + NTSTATUS ntstatus; + + DEBUG(5,("sam_context_check_default_backends: %d\n", __LINE__)); + + /* Make sure domain lp_workgroup() is available */ + + ntstatus = sam_get_methods_by_sid(context, &methods, &global_sid_Builtin); + + if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_NO_SUCH_DOMAIN)) { + DEBUG(4,("There was no backend specified for domain %s; using %s\n", + lp_workgroup(), SAM_DEFAULT_BACKEND)); + + SAM_ASSERT(global_sam_sid); + + entry.module_name = SAM_DEFAULT_BACKEND; + entry.module_params = NULL; + entry.domain_name = lp_workgroup(); + entry.domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); + sid_copy(entry.domain_sid, global_sam_sid); + + if (!NT_STATUS_IS_OK(ntstatus = make_sam_methods_backend_entry(context, &methods, &entry))) { + DEBUG(4,("make_sam_methods_backend_entry failed\n")); + return ntstatus; + } + + methods->parent = context; + DLIST_ADD_END(context->methods, methods, tmpmethods); + + } else if (!NT_STATUS_IS_OK(ntstatus)) { + DEBUG(2, ("sam_get_methods_by_sid failed for %s\n", lp_workgroup())); + return ntstatus; + } + + /* Make sure the BUILTIN domain is available */ + + ntstatus = sam_get_methods_by_sid(context, &methods, global_sam_sid); + + if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_NO_SUCH_DOMAIN)) { + DEBUG(4,("There was no backend specified for domain BUILTIN; using %s\n", + SAM_DEFAULT_BACKEND)); + entry.module_name = SAM_DEFAULT_BACKEND; + entry.module_params = NULL; + entry.domain_name = "BUILTIN"; + entry.domain_sid = (DOM_SID *)malloc(sizeof(DOM_SID)); + sid_copy(entry.domain_sid, &global_sid_Builtin); + + if (!NT_STATUS_IS_OK(ntstatus = make_sam_methods_backend_entry(context, &methods, &entry))) { + DEBUG(4,("make_sam_methods_backend_entry failed\n")); + return ntstatus; + } + + methods->parent = context; + DLIST_ADD_END(context->methods, methods, tmpmethods); + } else if (!NT_STATUS_IS_OK(ntstatus)) { + DEBUG(2, ("sam_get_methods_by_sid failed for BUILTIN\n")); + return ntstatus; + } + + return NT_STATUS_OK; +} + +static NTSTATUS check_duplicate_backend_entries(SAM_BACKEND_ENTRY **backend_entries, int *nBackends) +{ + int i, j; + + DEBUG(5,("check_duplicate_backend_entries: %d\n", __LINE__)); + + for (i = 0; i < *nBackends; i++) { + for (j = i + 1; j < *nBackends; j++) { + if (sid_equal((*backend_entries)[i].domain_sid, (*backend_entries)[j].domain_sid)) { + DEBUG(0,("two backend modules claim the same domain %s\n", + sid_string_static((*backend_entries)[j].domain_sid))); + return NT_STATUS_INVALID_PARAMETER; + } + } + } + + return NT_STATUS_OK; +} NTSTATUS make_sam_context_list(SAM_CONTEXT **context, char **sam_backends_param) { @@ -1095,8 +1122,8 @@ NTSTATUS make_sam_context_list(SAM_CONTEXT **context, char **sam_backends_param) } } - if (!NT_STATUS_IS_OK(nt_status = check_correct_backend_entries(&backends, &nBackends))) { - DEBUG(4,("check_correct_backend_entries failed\n")); + if (!NT_STATUS_IS_OK(nt_status = check_duplicate_backend_entries(&backends, &nBackends))) { + DEBUG(4,("check_duplicate_backend_entries failed\n")); for (j = 0; j < nBackends; j++) SAFE_FREE(backends[j].domain_sid); SAFE_FREE(backends); free_sam_context(context); @@ -1153,7 +1180,6 @@ NTSTATUS make_sam_context(SAM_CONTEXT **context) return NT_STATUS_OK; } - /****************************************************************** Return an already initialised sam_context, to facilitate backward compatibility (see functions below). @@ -1165,10 +1191,7 @@ struct sam_context *sam_get_static_context(BOOL reload) if ((sam_context) && (reload)) { sam_context->free_fn(&sam_context); - if (!NT_STATUS_IS_OK(make_sam_context_list(&sam_context, lp_sam_backend()))) { - DEBUG(4,("make_sam_context_list failed\n")); - return NULL; - } + sam_context = NULL; } if (!sam_context) { @@ -1176,6 +1199,12 @@ struct sam_context *sam_get_static_context(BOOL reload) DEBUG(4,("make_sam_context_list failed\n")); return NULL; } + + /* Make sure the required domains (default domain, builtin) are available */ + if (!NT_STATUS_IS_OK(sam_context_check_default_backends(sam_context))) { + DEBUG(4,("sam_context_check_default_backends failed\n")); + return NULL; + } } return sam_context; -- cgit From 2cd64003e3b127ca5a204b801155fcb4a7447a48 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 24 Sep 2002 20:18:39 +0000 Subject: - Don't put pointer to sam_domain_handle in sam_methods but single domainsid and domainname - Allocate sam_methods, set domain_sid, domain_name and backend_name in make_sam_methods_backend_entry instead of in the backend - Remove sam_context and domain_sid pointers from the sam_init_function - we don't need those arguments anymore since they're available in sam_methods as well (This used to be commit 50d2527eed0eb26c16f2f7e28badbf08d771380e) --- source3/sam/interface.c | 39 +++++++++++++++++++++++---------------- source3/sam/sam_plugin.c | 6 +++--- 2 files changed, 26 insertions(+), 19 deletions(-) (limited to 'source3/sam') diff --git a/source3/sam/interface.c b/source3/sam/interface.c index 6668e3848d..6e6902ab3c 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -54,7 +54,7 @@ NTSTATUS sam_get_methods_by_sid(const SAM_CONTEXT *context, SAM_METHODS **sam_me tmp_methods = context->methods; while (tmp_methods) { - if (sid_equal(domainsid, &(tmp_methods->domain->private.sid))) + if (sid_equal(domainsid, &(tmp_methods->domain_sid))) { (*sam_method) = tmp_methods; return NT_STATUS_OK; @@ -79,7 +79,7 @@ NTSTATUS sam_get_methods_by_name(const SAM_CONTEXT *context, SAM_METHODS **sam_m tmp_methods = context->methods; while (tmp_methods) { - if (strcmp(domainname, tmp_methods->domain->private.name)) + if (strcmp(domainname, tmp_methods->domain_name)) { (*sam_method) = tmp_methods; return NT_STATUS_OK; @@ -162,7 +162,7 @@ NTSTATUS context_sam_lookup_name(const SAM_CONTEXT *context, const NT_USER_TOKEN if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_name(tmp_methods, access_token, name, sid, type))) { DEBUG(4,("sam_lookup_name for %s\\%s in backend %s failed\n", - tmp_methods->domain->private.name, name, tmp_methods->backendname)); + tmp_methods->domain_name, name, tmp_methods->backendname)); return nt_status; } @@ -278,9 +278,9 @@ NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKE } while (tmp_methods) { - DEBUGADD(7,(" [%d] %s: %s\n", i, tmp_methods->domain->private.name, sid_string_static(&tmp_methods->domain->private.sid))); - sid_copy(domains[i],&tmp_methods->domain->private.sid); - if(asprintf(&(*domain_names[i]),"%s",tmp_methods->domain->private.name) < 0) { + DEBUGADD(7,(" [%d] %s: %s\n", i, tmp_methods->domain_name, sid_string_static(&tmp_methods->domain_sid))); + sid_copy(domains[i],&tmp_methods->domain_sid); + if(asprintf(&(*domain_names[i]),"%s",tmp_methods->domain_name) < 0) { DEBUG(0,("context_sam_enum_domains: asprintf failed")); SAFE_FREE((*domains)); SAFE_FREE((*domain_names)); @@ -321,8 +321,8 @@ NTSTATUS context_sam_lookup_domain(const SAM_CONTEXT *context, const NT_USER_TOK tmp_methods= context->methods; while (tmp_methods) { - if (strcmp(domain, tmp_methods->domain->private.name) == 0) { - sid_copy((*domainsid), &tmp_methods->domain->private.sid); + if (strcmp(domain, tmp_methods->domain_name) == 0) { + sid_copy((*domainsid), &tmp_methods->domain_sid); return NT_STATUS_OK; } tmp_methods= tmp_methods->next; @@ -495,7 +495,7 @@ NTSTATUS context_sam_enum_accounts(const SAM_CONTEXT *context, const NT_USER_TOK if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_accounts(tmp_methods, access_token, acct_ctrl, account_count, accounts))) { DEBUG(4,("sam_enum_accounts for domain %s in backend %s failed\n", - tmp_methods->domain->private.name, tmp_methods->backendname)); + tmp_methods->domain_name, tmp_methods->backendname)); return nt_status; } @@ -701,7 +701,7 @@ NTSTATUS context_sam_enum_groups(const SAM_CONTEXT *context, const NT_USER_TOKEN if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groups(tmp_methods, access_token, group_ctrl, groups_count, groups))) { DEBUG(4,("sam_enum_groups for domain %s in backend %s failed\n", - tmp_methods->domain->private.name, tmp_methods->backendname)); + tmp_methods->domain_name, tmp_methods->backendname)); return nt_status; } @@ -969,13 +969,23 @@ static NTSTATUS make_backend_entry(SAM_BACKEND_ENTRY *backend_entry, char *sam_b create sam_methods struct based on sam_backend_entry *****************************************************************/ -static NTSTATUS make_sam_methods_backend_entry(SAM_CONTEXT *context, SAM_METHODS **methods, SAM_BACKEND_ENTRY *backend_entry) +static NTSTATUS make_sam_methods_backend_entry(SAM_CONTEXT *context, SAM_METHODS **methods_ptr, SAM_BACKEND_ENTRY *backend_entry) { NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + SAM_METHODS *methods; int i; - + DEBUG(5,("make_sam_methods_backend_entry: %d\n", __LINE__)); + if (!NT_STATUS_IS_OK(nt_status = make_sam_methods(context->mem_ctx, methods_ptr))) { + return nt_status; + } + + methods = *methods_ptr; + methods->backendname = talloc_strdup(context->mem_ctx, backend_entry->module_name); + methods->domain_name = talloc_strdup(context->mem_ctx, backend_entry->domain_name); + sid_copy(&methods->domain_sid, backend_entry->domain_sid); + methods->parent = context; DEBUG(5,("Attempting to find sam backend %s\n", backend_entry->module_name)); for (i = 0; builtin_sam_init_functions[i].module_name; i++) @@ -984,7 +994,7 @@ static NTSTATUS make_sam_methods_backend_entry(SAM_CONTEXT *context, SAM_METHODS { DEBUG(5,("Found sam backend %s (at pos %d)\n", backend_entry->module_name, i)); DEBUGADD(5,("initialising it with options=%s for domain %s\n", backend_entry->module_params, sid_string_static(backend_entry->domain_sid))); - nt_status = builtin_sam_init_functions[i].init(context, methods, backend_entry->domain_sid, backend_entry->module_params); + nt_status = builtin_sam_init_functions[i].init(methods, backend_entry->module_params); if (NT_STATUS_IS_OK(nt_status)) { DEBUG(5,("sam backend %s has a valid init\n", backend_entry->module_name)); } else { @@ -1030,7 +1040,6 @@ static NTSTATUS sam_context_check_default_backends(SAM_CONTEXT *context) return ntstatus; } - methods->parent = context; DLIST_ADD_END(context->methods, methods, tmpmethods); } else if (!NT_STATUS_IS_OK(ntstatus)) { @@ -1056,7 +1065,6 @@ static NTSTATUS sam_context_check_default_backends(SAM_CONTEXT *context) return ntstatus; } - methods->parent = context; DLIST_ADD_END(context->methods, methods, tmpmethods); } else if (!NT_STATUS_IS_OK(ntstatus)) { DEBUG(2, ("sam_get_methods_by_sid failed for BUILTIN\n")); @@ -1138,7 +1146,6 @@ NTSTATUS make_sam_context_list(SAM_CONTEXT **context, char **sam_backends_param) free_sam_context(context); return nt_status; } - curmethods->parent = *context; DLIST_ADD_END((*context)->methods, curmethods, tmpmethods); } diff --git a/source3/sam/sam_plugin.c b/source3/sam/sam_plugin.c index 9d2ee937ef..fd26c4b8d3 100644 --- a/source3/sam/sam_plugin.c +++ b/source3/sam/sam_plugin.c @@ -25,7 +25,7 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_SAM -NTSTATUS sam_init_plugin(const SAM_CONTEXT *sam_context, SAM_METHODS **sam_method, const DOM_SID *domain, const char *module_params) +NTSTATUS sam_init_plugin(SAM_METHODS *sam_methods, const char *module_params) { void *dl_handle; char *plugin_params, *plugin_name, *p; @@ -74,6 +74,6 @@ NTSTATUS sam_init_plugin(const SAM_CONTEXT *sam_context, SAM_METHODS **sam_metho return NT_STATUS_UNSUCCESSFUL; } - DEBUG(5, ("Starting sam plugin %s with parameters %s for domain %s\n", plugin_name, plugin_params, sid_string_static(domain))); - return plugin_init(sam_context, sam_method, domain, plugin_params); + DEBUG(5, ("Starting sam plugin %s with parameters %s for domain %s\n", plugin_name, plugin_params, sam_methods->domain_name)); + return plugin_init(sam_methods, plugin_params); } -- cgit From 529848e988fb28b54303408f31e21051ae0b94a6 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 24 Sep 2002 21:18:22 +0000 Subject: Fix bug in get_methods_by_name Fix bug in enum_domains Add samtest commands: - lookup_sid - lookup_name - enum_domains - lookup_domain (This used to be commit 0c01219850e5d9b77b3b2c0b4b87aa3c82e3292b) --- source3/sam/interface.c | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) (limited to 'source3/sam') diff --git a/source3/sam/interface.c b/source3/sam/interface.c index 6e6902ab3c..e129604ca3 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -79,7 +79,7 @@ NTSTATUS sam_get_methods_by_name(const SAM_CONTEXT *context, SAM_METHODS **sam_m tmp_methods = context->methods; while (tmp_methods) { - if (strcmp(domainname, tmp_methods->domain_name)) + if (!strcmp(domainname, tmp_methods->domain_name)) { (*sam_method) = tmp_methods; return NT_STATUS_OK; @@ -256,6 +256,7 @@ NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKE } tmp_methods= context->methods; + *domain_count = 0; while (tmp_methods) { (*domain_count)++; @@ -264,15 +265,19 @@ NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKE DEBUG(6,("context_sam_enum_domains: enumerating %d domains\n", (*domain_count))); + if (*domain_count == 0) { + return NT_STATUS_OK; + } + tmp_methods = context->methods; if (((*domains) = malloc( sizeof(DOM_SID) * (*domain_count))) == NULL) { - DEBUG(0,("context_sam_enum_domains: Out of memory allocating domain list\n")); + DEBUG(0,("context_sam_enum_domains: Out of memory allocating domain SID list\n")); return NT_STATUS_NO_MEMORY; } if (((*domain_names) = malloc( sizeof(char*) * (*domain_count))) == NULL) { - DEBUG(0,("context_sam_enum_domains: Out of memory allocating domain list\n")); + DEBUG(0,("context_sam_enum_domains: Out of memory allocating domain name list\n")); SAFE_FREE((*domains)); return NT_STATUS_NO_MEMORY; } @@ -280,13 +285,7 @@ NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKE while (tmp_methods) { DEBUGADD(7,(" [%d] %s: %s\n", i, tmp_methods->domain_name, sid_string_static(&tmp_methods->domain_sid))); sid_copy(domains[i],&tmp_methods->domain_sid); - if(asprintf(&(*domain_names[i]),"%s",tmp_methods->domain_name) < 0) { - DEBUG(0,("context_sam_enum_domains: asprintf failed")); - SAFE_FREE((*domains)); - SAFE_FREE((*domain_names)); - return NT_STATUS_NO_MEMORY; - } - + *domain_names[i] = smb_xstrdup(tmp_methods->domain_name); i++; tmp_methods= tmp_methods->next; } -- cgit From a3eb2684c307e1000104266a71d5fafbc97ab3be Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 24 Sep 2002 21:29:33 +0000 Subject: enum_domains shouldn't crash when there are no domains available (This used to be commit d312e1c2b44905af87c4d550975eee78dbf2edee) --- source3/sam/interface.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'source3/sam') diff --git a/source3/sam/interface.c b/source3/sam/interface.c index e129604ca3..bb7b88b240 100644 --- a/source3/sam/interface.c +++ b/source3/sam/interface.c @@ -265,10 +265,6 @@ NTSTATUS context_sam_enum_domains(const SAM_CONTEXT *context, const NT_USER_TOKE DEBUG(6,("context_sam_enum_domains: enumerating %d domains\n", (*domain_count))); - if (*domain_count == 0) { - return NT_STATUS_OK; - } - tmp_methods = context->methods; if (((*domains) = malloc( sizeof(DOM_SID) * (*domain_count))) == NULL) { -- cgit