From 28555ec92e061aafb31a9b071caf00e44132c70f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 8 Jun 2000 17:50:19 +0000 Subject: include/smb.h: Removed NET_USER_3 struct from user struct. It doesn't belong there (yet) as there is no infrastructure for it. Replaced it with a dynamic array of group SIDs plus a user. passdb/passdb.c: Added setup_user_sids() function. This is where the lookup should be done, eventually calling winbind. smbd/password.c: Changed to call setup_user_sids(). Removed spurious DEBUG(0) statements. smbd/reply.c: Removed extra parameter to register_vuid(). Jeremy. (This used to be commit 425f4ad9a5e0e7d49620276100ade7a0cae47011) --- source3/smbd/password.c | 81 +++++++++++++++++-------------------------------- source3/smbd/reply.c | 4 +-- 2 files changed, 29 insertions(+), 56 deletions(-) (limited to 'source3/smbd') diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 5815bbd164..b8f5c5cf84 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -117,20 +117,27 @@ invalidate a uid ****************************************************************************/ void invalidate_vuid(uint16 vuid) { - user_struct *vuser = get_valid_user_struct(vuid); + user_struct *vuser = get_valid_user_struct(vuid); - if (vuser == NULL) return; + if (vuser == NULL) + return; - vuser->uid = (uid_t)-1; - vuser->gid = (gid_t)-1; + vuser->uid = (uid_t)-1; + vuser->gid = (gid_t)-1; - /* same number of igroups as groups */ - vuser->n_groups = 0; + ZERO_STRUCT(vuser->user_sid); - if (vuser->groups) - free((char *)vuser->groups); + /* same number of igroups as groups */ + vuser->n_groups = 0; - vuser->groups = NULL; + if (vuser->groups) + free((char *)vuser->groups); + + if (vuser->group_sids) + free((char *)vuser->group_sids); + + vuser->groups = NULL; + vuser->group_sids = NULL; } @@ -207,15 +214,14 @@ int setup_groups(char *user, char *domain, return 0; } - /**************************************************************************** -register a uid/name pair as being valid and that a valid password -has been given. vuid is biased by an offset. This allows us to -tell random client vuid's (normally zero) from valid vuids. + Register a uid/name pair as being valid and that a valid password + has been given. vuid is biased by an offset. This allows us to + tell random client vuid's (normally zero) from valid vuids. ****************************************************************************/ + uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, - char *domain,BOOL guest, - NET_USER_INFO_3 *usr) + char *domain,BOOL guest) { user_struct *vuser; struct passwd *pwfile; /* for getting real name from passwd file */ @@ -249,12 +255,11 @@ uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, sizeof(user_struct)* (num_validated_users+1)); - if (!validated_users) - { + if (!validated_users) { DEBUG(0,("Failed to realloc users struct!\n")); num_validated_users = 0; return UID_FIELD_INVALID; - } + } vuser = &validated_users[num_validated_users]; num_validated_users++; @@ -275,50 +280,20 @@ uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, &vuser->n_groups, &vuser->groups); - if (usr == NULL) - { - int i; - extern DOM_SID global_sam_sid; - - DEBUG(0,("vuser struct usr being filled in with trash, today\n")); - DEBUG(0,("this needs to be replaced with a proper surs impl.\n")); - DEBUG(0,("e.g. the one used in winbindd. in fact, all\n")); - DEBUG(0,("occurrences of pdb_xxx_to_xxx should be replaced\n")); - DEBUG(0,("as soon as possible.\n")); - vuser->usr.user_id = pdb_uid_to_user_rid(uid); - vuser->usr.group_id = pdb_gid_to_group_rid(gid); - vuser->usr.num_groups = vuser->n_groups; - for (i = 0; i < vuser->usr.num_groups; i++) - { - DOM_GID *ntgid = &vuser->usr.gids[i]; - ntgid->attr = 0x7; - ntgid->g_rid = pdb_gid_to_group_rid(vuser->groups[i]); - } - - /* this is possibly the worst thing to do, ever. it assumes */ - /* that all users of this system are in the local SAM database */ - /* however, because there is no code to do anything otherwise, */ - /* we have no choice */ - - init_dom_sid2(&vuser->usr.dom_sid, &global_sam_sid); - } - else - { - vuser->usr = *usr; - } - DEBUG(3,("uid %d registered to name %s\n",(int)uid,unix_name)); DEBUG(3, ("Clearing default real name\n")); fstrcpy(vuser->user.full_name, ""); if (lp_unix_realname()) { - if ((pwfile=sys_getpwnam(vuser->user.unix_name))!= NULL) - { + if ((pwfile=sys_getpwnam(vuser->user.unix_name))!= NULL) { DEBUG(3, ("User name: %s\tReal name: %s\n",vuser->user.unix_name,pwfile->pw_gecos)); fstrcpy(vuser->user.full_name, pwfile->pw_gecos); - } + } } + /* Map this uid into user and group SIDs. */ + setup_user_sids(vuser); + memset(&vuser->dc, '\0', sizeof(vuser->dc)); return (uint16)((num_validated_users - 1) + VUID_OFFSET); diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f9c0695a39..00a0ce3c4a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1001,9 +1001,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - DEBUG(0,("must call domain_client_validate() which returns a ")); - DEBUG(0,("NET_USER_INFO_3 structure to pass to register_vuid()")); - sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest, NULL); + sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest); SSVAL(outbuf,smb_uid,sess_vuid); SSVAL(inbuf,smb_uid,sess_vuid); -- cgit