diff options
author | Luke Leighton <lkcl@samba.org> | 1998-05-11 18:03:01 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 1998-05-11 18:03:01 +0000 |
commit | c760ebbf127796427c4602aae61952df938c6def (patch) | |
tree | 54a8ed20a06d3adfcd0976f5a2a79f96b6256a23 | |
parent | 69ace0760986a6e892cd5b25ca85930b65e38c45 (diff) | |
download | samba-c760ebbf127796427c4602aae61952df938c6def.tar.gz samba-c760ebbf127796427c4602aae61952df938c6def.tar.xz samba-c760ebbf127796427c4602aae61952df938c6def.zip |
password back-end database support
ldap.c :
- added getldap21pwent() function
passdb.c :
- getsam21pwent() no longer a stub: calls ldap21 or smb21
smbpass.c :
- added getsmb21pwent() function (he he :-)
lib/rpc/server/srv_samr.c :
- removed "specific" calls to ldap functions; replaced with
call to get_sampwd_entries instead (which is unfinished).
- rewrote get_user_info_21 function to call getsam21pwrid.
-rw-r--r-- | source/passdb/ldap.c | 31 | ||||
-rw-r--r-- | source/passdb/passdb.c | 13 | ||||
-rw-r--r-- | source/passdb/smbpass.c | 109 | ||||
-rw-r--r-- | source/rpc_server/srv_samr.c | 133 |
4 files changed, 168 insertions, 118 deletions
diff --git a/source/passdb/ldap.c b/source/passdb/ldap.c index 8547cf45cfc..7af8a1b9f10 100644 --- a/source/passdb/ldap.c +++ b/source/passdb/ldap.c @@ -496,12 +496,37 @@ void *startldappwent(BOOL update) *************************************************************************/ struct smb_passwd *getldappwent(void *vp) { + static struct smb_passwd user; + struct ldap_enum_info *ldap_vp = (struct ldap_enum_info *)vp; + + ldap_vp->entry = ldap_next_entry(ldap_vp->ldap_struct, ldap_vp->entry); + + if (ldap_vp->entry != NULL) + { + ldap_get_smb_passwd(ldap_vp->ldap_struct, ldap_vp->entry, &user); + return &user; + } + return NULL; +} + +/************************************************************************* + Routine to return the next entry in the ldap passwd list. + + do not call this function directly. use passdb.c instead. + *************************************************************************/ +struct sam_passwd *getldap21pwent(void *vp) +{ + static struct sam_passwd user; struct ldap_enum_info *ldap_vp = (struct ldap_enum_info *)vp; + ldap_vp->entry = ldap_next_entry(ldap_vp->ldap_struct, ldap_vp->entry); -/* - make_ldap_sam_user_info_21(ldap_struct, entry, &(pw_buf[(*num_entries)]) ); -*/ + + if (ldap_vp->entry != NULL) + { + ldap_get_sam_passwd(ldap_vp->ldap_struct, ldap_vp->entry, &user); + return &user; + } return NULL; } diff --git a/source/passdb/passdb.c b/source/passdb/passdb.c index 263bbe57cd0..5fa354b637d 100644 --- a/source/passdb/passdb.c +++ b/source/passdb/passdb.c @@ -87,16 +87,11 @@ struct smb_passwd *getsampwent(void *vp) *************************************************************************/ struct sam_passwd *getsam21pwent(void *vp) { -#if 0 #ifdef USE_LDAP return getldap21pwent(vp); #else return getsmb21pwent(vp); #endif /* USE_LDAP */ -#else - DEBUG(0,("getsam21pwent: under development\n")); - return NULL; -#endif } /************************************************************************* @@ -144,9 +139,9 @@ BOOL add_sam21pwd_entry(struct sam_passwd *newpwd) { #if 0 #ifdef USE_LDAP - return add_ldappwd_entry(newpwd); + return add_ldap21pwd_entry(newpwd); #else - return add_smbpwd_entry(newpwd); + return add_smb21pwd_entry(newpwd); #endif /* USE_LDAP */ #else DEBUG(0,("add_sam21pwd_entry() - under development\n")); @@ -183,9 +178,9 @@ BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override) { #if 0 #ifdef USE_LDAP - return mod_ldappwd_entry(pwd, override); + return mod_ldap21pwd_entry(pwd, override); #else - return mod_smbpwd_entry(pwd, override); + return mod_smb21pwd_entry(pwd, override); #endif /* USE_LDAP */ #else DEBUG(0,("mod_sam21pwd_entry() - under development\n")); diff --git a/source/passdb/smbpass.c b/source/passdb/smbpass.c index 3f6ce8aaefd..9c0b276074e 100644 --- a/source/passdb/smbpass.c +++ b/source/passdb/smbpass.c @@ -20,6 +20,8 @@ #include "includes.h" extern int DEBUGLEVEL; +extern pstring samlogon_user; +extern BOOL sam_logon_in_ssb; static int gotalarm; static char s_readbuf[16 * 1024]; @@ -154,7 +156,6 @@ void *startsmbpwent(BOOL update) /*************************************************************** End enumeration of the smbpasswd list. ****************************************************************/ - void endsmbpwent(void *vp) { FILE *fp = (FILE *)vp; @@ -166,6 +167,112 @@ void endsmbpwent(void *vp) /************************************************************************* Routine to return the next entry in the smbpasswd list. + this function is a nice, messy combination of reading: + - the smbpasswd file + - the unix password database + - smb.conf options (not done at present). + + do not call this function directly. use passdb.c instead. + + *************************************************************************/ +struct sam_passwd *getsmb21pwent(void *vp) +{ + struct smb_passwd *pw_buf = getsmbpwent(vp); + static struct sam_passwd user; + struct passwd *pwfile; + + static pstring full_name; + static pstring home_dir; + static pstring home_drive; + static pstring logon_script; + static pstring profile_path; + static pstring acct_desc; + static pstring workstations; + + if (pw_buf == NULL) return NULL; + + pwfile = getpwnam(pw_buf->smb_name); + if (pwfile == NULL) return NULL; + + bzero(&user, sizeof(user)); + + pstrcpy(samlogon_user, pw_buf->smb_name); + + if (samlogon_user[strlen(samlogon_user)-1] != '$') + { + /* XXXX hack to get standard_sub_basic() to use sam logon username */ + /* possibly a better way would be to do a become_user() call */ + sam_logon_in_ssb = True; + + user.smb_userid = pw_buf->smb_userid; + user.smb_grpid = pwfile->pw_gid; + + user.user_rid = uid_to_user_rid (user.smb_userid); + user.group_rid = gid_to_group_rid(user.smb_grpid ); + + pstrcpy(full_name , pwfile->pw_gecos ); + pstrcpy(logon_script , lp_logon_script ()); + pstrcpy(profile_path , lp_logon_path ()); + pstrcpy(home_drive , lp_logon_drive ()); + pstrcpy(home_dir , lp_logon_home ()); + pstrcpy(acct_desc , ""); + pstrcpy(workstations , lp_domain_workstations()); + + sam_logon_in_ssb = False; + } + else + { + user.smb_userid = pw_buf->smb_userid; + user.smb_grpid = pwfile->pw_gid; + + user.user_rid = uid_to_user_rid (user.smb_userid); + user.group_rid = DOMAIN_GROUP_RID_USERS; /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */ + + pstrcpy(full_name , ""); + pstrcpy(logon_script , ""); + pstrcpy(profile_path , ""); + pstrcpy(home_drive , ""); + pstrcpy(home_dir , ""); + pstrcpy(acct_desc , ""); + pstrcpy(workstations , ""); + } + + user.logon_time = (time_t)-1; + user.logoff_time = (time_t)-1; + user.kickoff_time = (time_t)-1; + user.pass_last_set_time = pw_buf->pass_last_set_time; + user.pass_can_change_time = (time_t)-1; + user.pass_must_change_time = (time_t)-1; + + user.smb_name = pw_buf->smb_name; + user.full_name = full_name; + user.home_dir = home_dir; + user.dir_drive = home_drive; + user.logon_script = logon_script; + user.profile_path = profile_path; + user.acct_desc = acct_desc; + user.workstations = workstations; + + user.unknown_str = NULL; /* don't know, yet! */ + user.munged_dial = NULL; /* "munged" dial-back telephone number */ + + user.smb_nt_passwd = pw_buf->smb_nt_passwd; + user.smb_passwd = pw_buf->smb_passwd; + + user.acct_ctrl = pw_buf->acct_ctrl; + + user.unknown_3 = 0xffffff; /* don't know */ + user.logon_divs = 168; /* hours per week */ + user.hours_len = 21; /* 21 times 8 bits = 168 */ + memset(user.hours, 0xff, user.hours_len); /* available at all hours */ + user.unknown_5 = 0x00020000; /* don't know */ + user.unknown_5 = 0x000004ec; /* don't know */ + + return &user; +} + +/************************************************************************* + Routine to return the next entry in the smbpasswd list. do not call this function directly. use passdb.c instead. diff --git a/source/rpc_server/srv_samr.c b/source/rpc_server/srv_samr.c index c8c483ac315..20cdc30babe 100644 --- a/source/rpc_server/srv_samr.c +++ b/source/rpc_server/srv_samr.c @@ -463,13 +463,9 @@ static void samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u, DEBUG(5,("samr_reply_query_dispinfo: %d\n", __LINE__)); -#ifndef USE_LDAP become_root(True); - got_pwds = get_sampwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, 0); - unbecome_root(True); -#endif /* USE_LDAP */ switch (q_u->switch_level) { @@ -478,14 +474,6 @@ static void samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u, /* query disp info is for users */ switch_level = 0x1; -#ifdef USE_LDAP - got_pwds = get_ldap_entries(pass, - &total_entries, - &num_entries, - MAX_SAM_ENTRIES, - 0, - switch_level); -#endif /* USE_DLAP */ make_sam_info_1(&info1, ACB_NORMAL, q_u->start_idx, num_entries, pass); @@ -497,14 +485,6 @@ static void samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u, { /* query disp info is for servers */ switch_level = 0x2; -#ifdef USE_LDAP - got_pwds = get_ldap_entries(pass, - &total_entries, - &num_entries, - MAX_SAM_ENTRIES, - 0, - switch_level); -#endif /* USE_LDAP */ make_sam_info_2(&info2, ACB_WSTRUST, q_u->start_idx, num_entries, pass); @@ -876,87 +856,34 @@ static void api_samr_open_user( int uid, prs_struct *data, prs_struct *rdata) static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid) { NTTIME dummy_time; - - pstring logon_script; - pstring profile_path; - pstring home_drive; - pstring home_dir; - pstring description; - pstring workstations; - pstring full_name; - pstring munged_dialin; - pstring unknown_str; - - uint32 r_uid; - uint32 r_gid; + struct sam_passwd *sam_pass; LOGON_HRS hrs; int i; - struct smb_passwd *smb_pass; - become_root(True); - smb_pass = getsampwuid(rid); + sam_pass = getsam21pwrid(rid); unbecome_root(True); - if (smb_pass == NULL) + if (sam_pass == NULL) { return False; } - DEBUG(3,("User:[%s]\n", smb_pass->smb_name)); + DEBUG(3,("User:[%s]\n", sam_pass->smb_name)); dummy_time.low = 0xffffffff; dummy_time.high = 0x7fffffff; - pstrcpy(samlogon_user, smb_pass->smb_name); - - if (samlogon_user[strlen(samlogon_user)-1] != '$') - { - if (!name_to_rid(samlogon_user, &r_uid, &r_gid)) - { - return False; - } - - /* XXXX hack to get standard_sub_basic() to use sam logon username */ - /* possibly a better way would be to do a become_user() call */ - sam_logon_in_ssb = True; - - pstrcpy(full_name , "<Full Name>"); - pstrcpy(logon_script , lp_logon_script ()); - pstrcpy(profile_path , lp_logon_path ()); - pstrcpy(home_drive , lp_logon_drive ()); - pstrcpy(home_dir , lp_logon_home ()); - pstrcpy(description , "<Description>"); - pstrcpy(workstations , ""); - pstrcpy(unknown_str , ""); - pstrcpy(munged_dialin, ""); - - sam_logon_in_ssb = False; - } - else - { - r_uid = smb_pass->smb_userid; - r_gid = DOMAIN_GROUP_RID_USERS; - - pstrcpy(samlogon_user, smb_pass->smb_name); - - pstrcpy(full_name , ""); - pstrcpy(logon_script , ""); - pstrcpy(profile_path , ""); - pstrcpy(home_drive , ""); - pstrcpy(home_dir , ""); - pstrcpy(description , ""); - pstrcpy(workstations , ""); - pstrcpy(unknown_str , ""); - pstrcpy(munged_dialin, ""); - } + DEBUG(0,("get_user_info_21 - TODO: convert unix times to NTTIMEs\n")); - hrs.len = 21; + /* create a LOGON_HRS structure */ + hrs.len = sam_pass->hours_len; for (i = 0; i < hrs.len; i++) { - hrs.hours[i] = 0xff; + hrs.hours[i] = sam_pass->hours[i]; } + make_sam_user_info21(id21, &dummy_time, /* logon_time */ @@ -966,26 +893,26 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid) &dummy_time, /* pass_can_change_time */ &dummy_time, /* pass_must_change_time */ - samlogon_user, /* user_name */ - full_name, /* full_name */ - home_dir, /* home_dir */ - home_drive, /* dir_drive */ - logon_script, /* logon_script */ - profile_path, /* profile_path */ - description, /* description */ - workstations, /* workstations user can log in from */ - unknown_str, /* don't know, yet */ - munged_dialin, /* dialin info. contains dialin path and tel no */ - - r_uid, /* RID user_id */ - r_gid, /* RID group_id */ - smb_pass->acct_ctrl, - - 0x00ffffff, /* unknown_3 */ - 168, /* divisions per week */ + sam_pass->smb_name, /* user_name */ + sam_pass->full_name, /* full_name */ + sam_pass->home_dir, /* home_dir */ + sam_pass->dir_drive, /* dir_drive */ + sam_pass->logon_script, /* logon_script */ + sam_pass->profile_path, /* profile_path */ + sam_pass->acct_desc, /* description */ + sam_pass->workstations, /* workstations user can log in from */ + sam_pass->unknown_str, /* don't know, yet */ + sam_pass->munged_dial, /* dialin info. contains dialin path and tel no */ + + sam_pass->user_rid, /* RID user_id */ + sam_pass->group_rid, /* RID group_id */ + sam_pass->acct_ctrl, + + sam_pass->unknown_3, /* unknown_3 */ + sam_pass->logon_divs, /* divisions per week */ &hrs, /* logon hours */ - 0x00020000, - 0x000004ec); + sam_pass->unknown_5, + sam_pass->unknown_6); return True; } @@ -1044,11 +971,7 @@ static void samr_reply_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u, case 21: { info = (void*)&id21; -#ifdef USE_LDAP - status = ldap_get_user_info_21(&id21, rid) ? 0 : NT_STATUS_NO_SUCH_USER; -#else /* USE_LDAP */ status = get_user_info_21(&id21, rid) ? 0 : NT_STATUS_NO_SUCH_USER; -#endif /* USE_LDAP */ break; } |