summaryrefslogtreecommitdiffstats
path: root/source3/passdb
diff options
context:
space:
mode:
Diffstat (limited to 'source3/passdb')
-rw-r--r--source3/passdb/passdb.c14
-rw-r--r--source3/passdb/pdb_interface.c44
-rw-r--r--source3/passdb/pdb_ldap.c20
-rw-r--r--source3/passdb/pdb_smbpasswd.c21
-rw-r--r--source3/passdb/pdb_tdb.c109
5 files changed, 179 insertions, 29 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 191844a454..c53b300198 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -432,28 +432,28 @@ BOOL pdb_name_to_rid(const char *user_name, uint32 *u_rid, uint32 *g_rid)
Converts NT user RID to a UNIX uid.
********************************************************************/
-uid_t pdb_user_rid_to_uid(uint32 user_rid)
+uid_t fallback_pdb_user_rid_to_uid(uint32 user_rid)
{
return (uid_t)(((user_rid & (~USER_RID_TYPE))- 1000)/RID_MULTIPLIER);
}
/*******************************************************************
- Converts NT group RID to a UNIX gid.
+ converts UNIX uid to an NT User RID.
********************************************************************/
-gid_t pdb_group_rid_to_gid(uint32 group_rid)
+uint32 fallback_pdb_uid_to_user_rid(uid_t uid)
{
- return (gid_t)(((group_rid & (~GROUP_RID_TYPE))- 1000)/RID_MULTIPLIER);
+ return (((((uint32)uid)*RID_MULTIPLIER) + 1000) | USER_RID_TYPE);
}
/*******************************************************************
- converts UNIX uid to an NT User RID.
+ Converts NT group RID to a UNIX gid.
********************************************************************/
-uint32 pdb_uid_to_user_rid(uid_t uid)
+gid_t pdb_group_rid_to_gid(uint32 group_rid)
{
- return (((((uint32)uid)*RID_MULTIPLIER) + 1000) | USER_RID_TYPE);
+ return (gid_t)(((group_rid & (~GROUP_RID_TYPE))- 1000)/RID_MULTIPLIER);
}
/*******************************************************************
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 29f08cf46c..2fc04bc3b5 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -121,6 +121,26 @@ static BOOL context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT
return context->pdb_selected->delete_sam_account(context, sam_acct);
}
+static uint32 context_uid_to_user_rid(struct pdb_context *context, uid_t uid)
+{
+ if ((!context) || (!context->pdb_selected)) {
+ DEBUG(0, ("invalid pdb_context specified!\n"));
+ return False;
+ }
+
+ return context->pdb_selected->uid_to_user_rid(context, uid);
+}
+
+static uid_t context_user_rid_to_uid(struct pdb_context *context, uint32 rid)
+{
+ if ((!context) || (!context->pdb_selected)) {
+ DEBUG(0, ("invalid pdb_context specified!\n"));
+ return False;
+ }
+
+ return context->pdb_selected->user_rid_to_uid(context, rid);
+}
+
static void free_pdb_context(struct pdb_context **context)
{
if (((*context)->pdb_selected) && ((*context)->pdb_selected->free_private_data)) {
@@ -164,6 +184,8 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
(*context)->pdb_add_sam_account = context_add_sam_account;
(*context)->pdb_update_sam_account = context_update_sam_account;
(*context)->pdb_delete_sam_account = context_delete_sam_account;
+ (*context)->pdb_uid_to_user_rid = context_uid_to_user_rid;
+ (*context)->pdb_user_rid_to_uid = context_user_rid_to_uid;
(*context)->free_fn = free_pdb_context;
@@ -347,6 +369,28 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
return pdb_context->pdb_delete_sam_account(pdb_context, sam_acct);
}
+uid_t pdb_user_rid_to_uid(uint32 rid)
+{
+ struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+ if (!pdb_context) {
+ return False;
+ }
+
+ return pdb_context->pdb_user_rid_to_uid(pdb_context, rid);
+}
+
+uint32 pdb_uid_to_user_rid(uid_t uid)
+{
+ struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+ if (!pdb_context) {
+ return False;
+ }
+
+ return pdb_context->pdb_uid_to_user_rid(pdb_context, uid);
+}
+
#endif /* !defined(WITH_NISPLUS_SAM) */
/***************************************************************
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 7dae485394..4b4ff77eee 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -1145,6 +1145,24 @@ static BOOL ldapsam_getsampwrid(struct pdb_context *context, SAM_ACCOUNT * user,
}
/**********************************************************************
+ get rid by uid
+*********************************************************************/
+
+static uint32 ldapsam_uid_to_user_rid(struct pdb_context *context, uid_t uid)
+{
+ return fallback_pdb_uid_to_user_rid(uid);
+}
+
+/**********************************************************************
+ get uid by rid
+*********************************************************************/
+
+static uid_t ldapsam_user_rid_to_uid(struct pdb_context *context, uint32 rid)
+{
+ return fallback_pdb_user_rid_to_uid(rid);
+}
+
+/**********************************************************************
Delete entry from LDAP for username
*********************************************************************/
static BOOL ldapsam_delete_sam_account(struct pdb_context *context, const SAM_ACCOUNT * sam_acct)
@@ -1409,6 +1427,8 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co
(*pdb_method)->add_sam_account = ldapsam_add_sam_account;
(*pdb_method)->update_sam_account = ldapsam_update_sam_account;
(*pdb_method)->delete_sam_account = ldapsam_delete_sam_account;
+ (*pdb_method)->uid_to_user_rid = ldapsam_uid_to_user_rid;
+ (*pdb_method)->user_rid_to_uid = ldapsam_user_rid_to_uid;
/* TODO: Setup private data and free */
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index 78c1a91d48..94bab7598e 100644
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -1513,6 +1513,25 @@ static BOOL smbpasswd_getsampwrid(struct pdb_context *context, SAM_ACCOUNT *sam_
return True;
}
+/**********************************************************************
+ get rid by uid
+*********************************************************************/
+
+static uint32 smbpasswd_uid_to_rid(struct pdb_context *context, uid_t uid)
+{
+ return fallback_pdb_uid_to_user_rid(uid);
+}
+
+/**********************************************************************
+ get uid by rid
+*********************************************************************/
+
+static uid_t smbpasswd_rid_to_uid(struct pdb_context *context, uint32 rid)
+{
+ return fallback_pdb_user_rid_to_uid(rid);
+}
+
+
static BOOL smbpasswd_add_sam_account(struct pdb_context *context, const SAM_ACCOUNT *sampass)
{
struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)context->pdb_selected->private_data;
@@ -1586,6 +1605,8 @@ NTSTATUS pdb_init_smbpasswd(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method,
(*pdb_method)->add_sam_account = smbpasswd_add_sam_account;
(*pdb_method)->update_sam_account = smbpasswd_update_sam_account;
(*pdb_method)->delete_sam_account = smbpasswd_delete_sam_account;
+ (*pdb_method)->uid_to_user_rid = smbpasswd_uid_to_rid;
+ (*pdb_method)->user_rid_to_uid = smbpasswd_rid_to_uid;
/* Setup private data and free function */
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index 40ba8dd475..86089cfd69 100644
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -32,6 +32,8 @@
#define USERPREFIX "USER_"
#define RIDPREFIX "RID_"
+#define BASE_RID 0x200
+
struct tdbsam_privates {
TDB_CONTEXT *passwd_tdb;
TDB_DATA key;
@@ -253,8 +255,8 @@ done:
/**********************************************************************
Intialize a BYTE buffer from a SAM_ACCOUNT struct
*********************************************************************/
-static uint32 init_buffer_from_sam (struct tdbsam_privates *tdb_state, uint8 **buf,
- const SAM_ACCOUNT *sampass, uint32 user_rid, uint32 group_rid)
+static uint32 init_buffer_from_sam (struct tdbsam_privates *tdb_state,
+ uint8 **buf, const SAM_ACCOUNT *sampass)
{
size_t len, buflen;
@@ -267,6 +269,9 @@ static uint32 init_buffer_from_sam (struct tdbsam_privates *tdb_state, uint8 **b
pass_last_set_time,
pass_can_change_time,
pass_must_change_time;
+
+ uint32 user_rid, group_rid;
+
const char *username;
const char *domain;
const char *nt_username;
@@ -305,6 +310,8 @@ static uint32 init_buffer_from_sam (struct tdbsam_privates *tdb_state, uint8 **b
pass_must_change_time = (uint32)pdb_get_pass_must_change_time(sampass);
pass_last_set_time = (uint32)pdb_get_pass_last_set_time(sampass);
+ user_rid = pdb_get_user_rid(sampass);
+ group_rid = pdb_get_group_rid(sampass);
username = pdb_get_username(sampass);
if (username) username_len = strlen(username) +1;
@@ -641,6 +648,56 @@ static BOOL tdbsam_getsampwrid (struct pdb_context *context, SAM_ACCOUNT *user,
}
/***************************************************************************
+ Search by rid and give back the uid!
+ **************************************************************************/
+
+uid_t tdbsam_rid_to_uid (struct pdb_context *context, uint32 rid)
+{
+ uid_t ret;
+ SAM_ACCOUNT *sa;
+
+ if (!NT_STATUS_IS_OK(pdb_init_sam(&sa))) return -1;
+ if (!tdbsam_getsampwrid (context, sa, rid)) {
+ ret = -1;
+ goto done;
+ }
+ else {
+ ret = pdb_get_uid(sa);
+ }
+done:
+ pdb_free_sam(&sa);
+ return ret;
+}
+
+/***************************************************************************
+ Search by uid and give back the rid!
+ **************************************************************************/
+
+uint32 tdbsam_uid_to_rid (struct pdb_context *context, uid_t uid)
+{
+ uint32 ret;
+ char *name;
+ struct passwd *pw;
+ SAM_ACCOUNT *sa;
+
+ if (!NT_STATUS_IS_OK(pdb_init_sam(&sa))) return 0;
+ pw = getpwuid(uid);
+ if (!pw) return 0;
+ name = strdup(pw->pw_name);
+ if (!tdbsam_getsampwnam (context, sa, name)) {
+ ret = 0;
+ goto done;
+ }
+ else {
+ ret = pdb_get_user_rid(sa);
+ }
+done:
+ SAFE_FREE(name);
+ pdb_free_sam(&sa);
+ return ret;
+}
+
+/***************************************************************************
Delete a SAM_ACCOUNT
****************************************************************************/
@@ -709,9 +766,8 @@ static BOOL tdb_update_sam(struct pdb_context *context, const SAM_ACCOUNT* newpw
fstring keystr;
fstring name;
BOOL ret = True;
- uint32 user_rid;
- uint32 group_rid;
- int32 tdb_ret;
+ uint32 user_rid;
+ int32 tdb_ret;
/* invalidate the existing TDB iterator if it is open */
if (tdb_state->passwd_tdb) {
@@ -727,35 +783,42 @@ static BOOL tdb_update_sam(struct pdb_context *context, const SAM_ACCOUNT* newpw
return False;
}
- /* if we don't have a RID, then make them up. */
- if (!(user_rid = pdb_get_user_rid(newpwd))) {
- if (!tdb_state->permit_non_unix_accounts) {
- DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a RID\n",pdb_get_username(newpwd)));
- ret = False;
- goto done;
- } else {
- user_rid = tdb_state->low_nua_rid;
- tdb_ret = tdb_change_int32_atomic(pwd_tdb, "NUA_NEXT_RID", &user_rid, RID_MULTIPLIER);
+ /* if flag == TDB_INSERT then make up a new RID else throw an error. */
+ if (!pdb_get_user_rid(newpwd)) {
+ if (flag & TDB_INSERT) {
+ user_rid = BASE_RID;
+ tdb_ret = tdb_change_int32_atomic(pwd_tdb, "RID_COUNTER", &user_rid, RID_MULTIPLIER);
if (tdb_ret == -1) {
ret = False;
goto done;
}
+ pdb_set_user_rid(newpwd, user_rid);
+ } else {
+ DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a RID\n",pdb_get_username(newpwd)));
+ ret = False;
+ goto done;
}
}
- if (!(group_rid = pdb_get_group_rid(newpwd))) {
- if (!tdb_state->permit_non_unix_accounts) {
+ if (!pdb_get_group_rid(newpwd)) {
+ if (flag & TDB_INSERT) {
+ if (!tdb_state->permit_non_unix_accounts) {
+ DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a primary group RID\n",pdb_get_username(newpwd)));
+ ret = False;
+ goto done;
+ } else {
+ /* This seems like a good default choice for non-unix users */
+ pdb_set_group_rid(newpwd, DOMAIN_GROUP_RID_USERS);
+ }
+ } else {
DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a primary group RID\n",pdb_get_username(newpwd)));
ret = False;
goto done;
- } else {
- /* This seems like a good default choice for non-unix users */
- group_rid = DOMAIN_GROUP_RID_USERS;
}
}
/* copy the SAM_ACCOUNT struct into a BYTE buffer for storage */
- if ((data.dsize=init_buffer_from_sam (tdb_state, &buf, newpwd, user_rid, group_rid)) == -1) {
+ if ((data.dsize=init_buffer_from_sam (tdb_state, &buf, newpwd)) == -1) {
DEBUG(0,("tdb_update_sam: ERROR - Unable to copy SAM_ACCOUNT info BYTE buffer!\n"));
ret = False;
goto done;
@@ -853,6 +916,8 @@ NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, con
(*pdb_method)->add_sam_account = tdbsam_add_sam_account;
(*pdb_method)->update_sam_account = tdbsam_update_sam_account;
(*pdb_method)->delete_sam_account = tdbsam_delete_sam_account;
+ (*pdb_method)->uid_to_user_rid = tdbsam_uid_to_rid;
+ (*pdb_method)->user_rid_to_uid = tdbsam_rid_to_uid;
tdb_state = talloc_zero(pdb_context->mem_ctx, sizeof(struct tdbsam_privates));
@@ -899,9 +964,9 @@ NTSTATUS pdb_init_tdbsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method,
return NT_STATUS_UNSUCCESSFUL;
}
- tdb_state->low_nua_rid=pdb_uid_to_user_rid(low_nua_uid);
+ tdb_state->low_nua_rid=fallback_pdb_uid_to_user_rid(low_nua_uid);
- tdb_state->high_nua_rid=pdb_uid_to_user_rid(high_nua_uid);
+ tdb_state->high_nua_rid=fallback_pdb_uid_to_user_rid(high_nua_uid);
return NT_STATUS_OK;
}