-/*
+/*
Unix SMB/CIFS implementation.
Password and authentication handling
Copyright (C) Andrew Bartlett 2002
enum lsa_SidType *psid_name_use,
uid_t *uid, gid_t *gid);
-NTSTATUS smb_register_passdb(int version, const char *name, pdb_init_function init)
+NTSTATUS smb_register_passdb(int version, const char *name, pdb_init_function init)
{
struct pdb_init_function_entry *entry = NULL;
if(version != PASSDB_INTERFACE_VERSION) {
DEBUG(0,("Can't register passdb backend!\n"
"You tried to register a passdb module with PASSDB_INTERFACE_VERSION %d, "
- "while this version of samba uses version %d\n",
+ "while this version of samba uses version %d\n",
version,PASSDB_INTERFACE_VERSION));
return NT_STATUS_OBJECT_TYPE_MISMATCH;
}
entry = pdb_find_backend_entry(module_name);
/* Try to find a module that contains this module */
- if (!entry) {
+ if (!entry) {
DEBUG(2,("No builtin backend found, trying to load plugin\n"));
if(NT_STATUS_IS_OK(smb_probe_module("pdb", module_name)) && !(entry = pdb_find_backend_entry(module_name))) {
DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", module_name));
}
/* No such backend found */
- if(!entry) {
+ if(!entry) {
DEBUG(0,("No builtin nor plugin backend for %s found\n", module_name));
SAFE_FREE(module_name);
return NT_STATUS_INVALID_PARAMETER;
nt_status = entry->init(methods, module_location);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n",
+ DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n",
selected, nt_errstr(nt_status)));
SAFE_FREE(module_name);
return nt_status;
Return an already initialized pdb_methods structure
*******************************************************************/
-static struct pdb_methods *pdb_get_methods_reload( bool reload )
+static struct pdb_methods *pdb_get_methods_reload( bool reload )
{
static struct pdb_methods *pdb = NULL;
const char *backend = lp_passdb_backend();
*
* @return True on success, false on error.
*/
-bool pdb_getsampwnam(struct samu *sam_acct, const char *username)
+bool pdb_getsampwnam(struct samu *sam_acct, const char *username)
{
struct pdb_methods *pdb = pdb_get_methods();
struct samu *for_cache;
pwd = Get_Pwnam_alloc(talloc_tos(), guestname);
if (pwd == NULL) {
- DEBUG(0,("guest_user_info: Unable to locate guest account [%s]!\n",
+ DEBUG(0,("guest_user_info: Unable to locate guest account [%s]!\n",
guestname));
return False;
}
return NT_STATUS_NO_SUCH_USER;
}
- /* lowercase the username before creating the Unix account for
+ /* lowercase the username before creating the Unix account for
compatibility with previous Samba releases */
fstrcpy( name2, name );
if (!strlower_m( name2 )) {
* the unix side
*/
- /* always lower case the username before handing it off to
+ /* always lower case the username before handing it off to
external scripts */
fstrcpy( username, pdb_get_username(sam_acct) );
return status;
}
-NTSTATUS pdb_add_sam_account(struct samu *sam_acct)
+NTSTATUS pdb_add_sam_account(struct samu *sam_acct)
{
struct pdb_methods *pdb = pdb_get_methods();
return pdb->add_sam_account(pdb, sam_acct);
}
-NTSTATUS pdb_update_sam_account(struct samu *sam_acct)
+NTSTATUS pdb_update_sam_account(struct samu *sam_acct)
{
struct pdb_methods *pdb = pdb_get_methods();
return pdb->update_sam_account(pdb, sam_acct);
}
-NTSTATUS pdb_delete_sam_account(struct samu *sam_acct)
+NTSTATUS pdb_delete_sam_account(struct samu *sam_acct)
{
struct pdb_methods *pdb = pdb_get_methods();
const struct dom_sid *user_sid = pdb_get_user_sid(sam_acct);
struct pdb_methods *pdb = pdb_get_methods();
NTSTATUS result;
- result = pdb->enum_group_members(pdb, mem_ctx,
+ result = pdb->enum_group_members(pdb, mem_ctx,
sid, pp_member_rids, p_num_members);
/* special check for rid 513 */
return NT_STATUS_MEMBER_IN_GROUP;
}
- /*
+ /*
* ok, the group exist, the user exist, the user is not in the group,
* we can (finally) add it to the group !
*/
return NT_STATUS_MEMBER_NOT_IN_GROUP;
}
- /*
+ /*
* ok, the group exist, the user exist, the user is in the group,
* we can (finally) delete it from the group!
*/
status = pdb->get_account_policy(pdb, type, value);
unbecome_root();
- return NT_STATUS_IS_OK(status);
+ return NT_STATUS_IS_OK(status);
}
bool pdb_set_account_policy(enum pdb_policy_type type, uint32_t value)
return NT_STATUS_IS_OK(pdb->get_seq_num(pdb, seq_num));
}
-/*
+/*
* Instead of passing down a gid or uid, this function sends down a pointer
- * to a unixid.
+ * to a unixid.
*
* This acts as an in-out variable so that the idmap functions can correctly
* receive ID_TYPE_BOTH, filling in cache details correctly rather than forcing
- * the cache to store ID_TYPE_UID or ID_TYPE_GID.
+ * the cache to store ID_TYPE_UID or ID_TYPE_GID.
*/
bool pdb_id_to_sid(struct unixid *id, struct dom_sid *sid)
{
return False;
}
- /* Attempt to get an unused RID (max tires is 250...yes that it is
+ /* Attempt to get an unused RID (max tires is 250...yes that it is
and arbitrary number I pulkled out of my head). -- jerry */
for ( i=0; allocated_rid==0 && i<250; i++ ) {
}
/***************************************************************
- Initialize the static context (at smbd startup etc).
+ Initialize the static context (at smbd startup etc).
If uninitialised, context will auto-init on first use.
***************************************************************/
struct passwd *pwd;
bool winbind_env;
bool ret = False;
-
+
*pp_uids = NULL;
*p_num = 0;
TALLOC_FREE(map);
- /* Windows will always map RID 513 to something. On a non-domain
+ /* Windows will always map RID 513 to something. On a non-domain
controller, this gets mapped to SERVER\None. */
if (uid || gid) {
return False;
}
- if (!NT_STATUS_IS_OK(methods->enum_group_mapping(methods, sid, type,
+ if (!NT_STATUS_IS_OK(methods->enum_group_mapping(methods, sid, type,
&state->groups, &state->num_groups,
True))) {
DEBUG(0, ("Could not enum groups\n"));
time_t *pass_last_set_time)
{
struct pdb_methods *pdb = pdb_get_methods();
- return pdb->get_trusteddom_pw(pdb, domain, pwd, sid,
+ return pdb->get_trusteddom_pw(pdb, domain, pwd, sid,
pass_last_set_time);
}
}
/*******************************************************************
- the defaults for trustdom methods:
+ the defaults for trustdom methods:
these simply call the original passdb/secrets.c actions,
to be replaced by pdb_ldap.
*******************************************************************/
static bool pdb_default_get_trusteddom_pw(struct pdb_methods *methods,
- const char *domain,
- char** pwd,
+ const char *domain,
+ char** pwd,
struct dom_sid *sid,
time_t *pass_last_set_time)
{
return NT_STATUS_NOT_IMPLEMENTED;
}
-static bool pdb_default_set_trusteddom_pw(struct pdb_methods *methods,
- const char* domain,
+static bool pdb_default_set_trusteddom_pw(struct pdb_methods *methods,
+ const char* domain,
const char* pwd,
const struct dom_sid *sid)
{
return secrets_store_trusted_domain_password(domain, pwd, sid);
}
-static bool pdb_default_del_trusteddom_pw(struct pdb_methods *methods,
+static bool pdb_default_del_trusteddom_pw(struct pdb_methods *methods,
const char *domain)
{
return trusted_domain_password_delete(domain);
}
static NTSTATUS pdb_default_enum_trusteddoms(struct pdb_methods *methods,
- TALLOC_CTX *mem_ctx,
+ TALLOC_CTX *mem_ctx,
uint32_t *num_domains,
struct trustdom_info ***domains)
{
/*******************************************************************
Create a pdb_methods structure and initialize it with the default
operations. In this way a passdb module can simply implement
- the functionality it cares about. However, normally this is done
+ the functionality it cares about. However, normally this is done
in groups of related functions.
*******************************************************************/
-NTSTATUS make_pdb_method( struct pdb_methods **methods )
+NTSTATUS make_pdb_method( struct pdb_methods **methods )
{
/* allocate memory for the structure as its own talloc CTX */
/*
- * Unix SMB/CIFS implementation.
+ * Unix SMB/CIFS implementation.
* SMB parameters and setup
- * Copyright (C) Andrew Tridgell 1992-1998
+ * Copyright (C) Andrew Tridgell 1992-1998
* Modified by Jeremy Allison 1995.
* Modified by Gerald (Jerry) Carter 2000-2001,2003
* Modified by Andrew Bartlett 2002.
- *
+ *
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at your option)
* any later version.
- *
+ *
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
- *
+ *
* You should have received a copy of the GNU General Public License along with
* this program; if not, see <http://www.gnu.org/licenses/>.
*/
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_PASSDB
-/*
+/*
smb_passwd is analogous to sam_passwd used everywhere
else. However, smb_passwd is limited to the information
- stored by an smbpasswd entry
+ stored by an smbpasswd entry
*/
struct smb_passwd
}
/***************************************************************
- Lock or unlock a fd for a known lock type. Abandon after waitsecs
+ Lock or unlock a fd for a known lock type. Abandon after waitsecs
seconds.
****************************************************************/
static void pdb_init_smb(struct smb_passwd *user)
{
- if (user == NULL)
+ if (user == NULL)
return;
ZERO_STRUCTP (user);
}
pdb_init_smb(pw_buf);
- pw_buf->acct_ctrl = ACB_NORMAL;
+ pw_buf->acct_ctrl = ACB_NORMAL;
/*
* Scan the file, a line at a time and check if the name matches.
/*
* The line we have should be of the form :-
- *
+ *
* username:uid:32hex bytes:[Account type]:LCT-12345678....other flags presently
* ignored....
- *
+ *
* or,
*
* username:uid:32hex bytes:32hex bytes:[Account type]:LCT-12345678....ignored....
}
}
- /*
+ /*
* Now check if the NT compatible password is
* available.
*/
}
if(i == 8) {
/*
- * p points at 8 characters of hex digits -
+ * p points at 8 characters of hex digits -
* read into a time_t as the seconds since
* 1970 that the password was last changed.
*/
char *new_entry;
char *p;
- new_entry_length = strlen(newpwd->smb_name) + 1 + 15 + 1 + 32 + 1 + 32 + 1 +
+ new_entry_length = strlen(newpwd->smb_name) + 1 + 15 + 1 + 32 + 1 + 32 + 1 +
NEW_PW_FORMAT_SPACE_PADDED_LEN + 1 + 13 + 2;
if((new_entry = (char *)SMB_MALLOC( new_entry_length )) == NULL) {
size_t new_entry_length;
char *new_entry;
off_t offpos;
-
+
/* Open the smbpassword file - for update. */
fp = startsmbfilepwent(pfile, PWF_UPDATE, &smbpasswd_state->pw_file_lock_depth);
/* Ok - entry doesn't exist. We can add it */
/* Create a new smb passwd entry and set it to the given password. */
- /*
- * The add user write needs to be atomic - so get the fd from
+ /*
+ * The add user write needs to be atomic - so get the fd from
* the fp and do a raw write() call.
*/
fd = fileno(fp);
new_entry_length = strlen(new_entry);
#ifdef DEBUG_PASSWORD
- DEBUG(100, ("add_smbfilepwd_entry(%d): new_entry_len %d made line |%s|",
+ DEBUG(100, ("add_smbfilepwd_entry(%d): new_entry_len %d made line |%s|",
fd, (int)new_entry_length, new_entry));
#endif
/* Remove the entry we just wrote. */
if(ftruncate(fd, offpos) == -1) {
DEBUG(0, ("add_smbfilepwd_entry: ERROR failed to ftruncate file %s. \
-Error was %s. Password file may be corrupt ! Please examine by hand !\n",
+Error was %s. Password file may be corrupt ! Please examine by hand !\n",
newpwd->smb_name, strerror(errno)));
}
/*
* The line we have should be of the form :-
- *
+ *
* username:uid:[32hex bytes]:....other flags presently
* ignored....
- *
+ *
* or,
*
* username:uid:[32hex bytes]:[32hex bytes]:[attributes]:LCT-XXXXXXXX:...ignored.
return False;
}
- /*
+ /*
* Now check if the account info and the password last
* change time is available.
*/
/* Add on the account info bits and the time of last password change. */
if(got_pass_last_set_time) {
- slprintf(&ascii_p16[strlen(ascii_p16)],
+ slprintf(&ascii_p16[strlen(ascii_p16)],
sizeof(ascii_p16)-(strlen(ascii_p16)+1),
- "%s:LCT-%08X:",
+ "%s:LCT-%08X:",
encode_bits, (uint32_t)pwd->pass_last_set_time );
wr_len = strlen(ascii_p16);
}
* seekpos.
*/
- /* The mod user write needs to be atomic - so get the fd from
+ /* The mod user write needs to be atomic - so get the fd from
the fp and do a raw write() call.
*/
fclose(fp);
return False;
}
-
+
if (lseek(fd, pwd_seekpos, SEEK_SET) != pwd_seekpos) {
DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile));
pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
{
uint32_t rid;
- if (sampass == NULL)
+ if (sampass == NULL)
return False;
ZERO_STRUCTP(smb_pw);
smb_pw->pass_last_set_time=pdb_get_pass_last_set_time(sampass);
return True;
-}
+}
/*********************************************************************
Create a struct samu from a smb_passwd struct
********************************************************************/
-static bool build_sam_account(struct smbpasswd_privates *smbpasswd_state,
+static bool build_sam_account(struct smbpasswd_privates *smbpasswd_state,
struct samu *sam_pass, const struct smb_passwd *pw_buf)
{
struct passwd *pwfile;
}
/*****************************************************************
- Functions to be implemented by the new passdb API
+ Functions to be implemented by the new passdb API
****************************************************************/
/****************************************************************
the correct entry
***************************************************************/
-static NTSTATUS smbpasswd_getsampwnam(struct pdb_methods *my_methods,
+static NTSTATUS smbpasswd_getsampwnam(struct pdb_methods *my_methods,
struct samu *sam_acct, const char *username)
{
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
return NT_STATUS_UNSUCCESSFUL;
}
-static NTSTATUS smbpasswd_rename_sam_account (struct pdb_methods *my_methods,
+static NTSTATUS smbpasswd_rename_sam_account (struct pdb_methods *my_methods,
struct samu *old_acct,
const char *newname)
{
return NT_STATUS_NO_MEMORY;
}
- if ( !pdb_copy_sam_account( new_acct, old_acct )
- || !pdb_set_username(new_acct, newname, PDB_CHANGED))
+ if ( !pdb_copy_sam_account( new_acct, old_acct )
+ || !pdb_set_username(new_acct, newname, PDB_CHANGED))
{
goto done;
}
if (new_acct)
TALLOC_FREE(new_acct);
- return (ret);
+ return (ret);
}
static uint32_t smbpasswd_capabilities(struct pdb_methods *methods)
return 0;
}
-static void free_private_data(void **vp)
+static void free_private_data(void **vp)
{
struct smbpasswd_privates **privates = (struct smbpasswd_privates**)vp;
return NT_STATUS_OK;
}
-NTSTATUS pdb_smbpasswd_init(TALLOC_CTX *ctx)
+NTSTATUS pdb_smbpasswd_init(TALLOC_CTX *ctx)
{
return smb_register_passdb(PASSDB_INTERFACE_VERSION, "smbpasswd", pdb_init_smbpasswd);
}
/*
- * Unix SMB/CIFS implementation.
+ * Unix SMB/CIFS implementation.
* SMB parameters and setup
* Copyright (C) Andrew Tridgell 1992-1998
* Copyright (C) Simo Sorce 2000-2003
* Copyright (C) Jeremy Allison 2001-2009
* Copyright (C) Andrew Bartlett 2002
* Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2005
- *
+ *
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at your option)
* any later version.
- *
+ *
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
- *
+ *
* You should have received a copy of the GNU General Public License along with
* this program; if not, see <http://www.gnu.org/licenses/>.
*/
/***************************************************************************
Update the TDB SAM account record only
- Assumes that the tdbsam is already open
+ Assumes that the tdbsam is already open
****************************************************************************/
static bool tdb_update_samacct_only( struct samu* newpwd, int flag )
{
/* Now take care of the case where the RID changed. We need
* to delete the old RID key and add the new. */
- if (flag == TDB_MODIFY && newrid != oldrid) {
+ if (flag == TDB_MODIFY && newrid != oldrid) {
fstring keystr;
/* Delete old RID key */
{
if ( !tdb_update_sam(my_methods, newpwd, TDB_MODIFY) )
return NT_STATUS_UNSUCCESSFUL;
-
+
return NT_STATUS_OK;
}
{
if ( !tdb_update_sam(my_methods, newpwd, TDB_INSERT) )
return NT_STATUS_UNSUCCESSFUL;
-
+
return NT_STATUS_OK;
}
*/
DEBUG(0, ("transaction_commit failed\n"));
TALLOC_FREE(new_acct);
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
TALLOC_FREE(new_acct );
TALLOC_FREE(new_acct);
- return NT_STATUS_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
}
static uint32_t tdbsam_capabilities(struct pdb_methods *methods)
projects / thirdparty / samba.git / commitdiff
