diff options
34 files changed, 848 insertions, 555 deletions
diff --git a/source/configure.in b/source/configure.in index 5f7a862eee2..77bff2af771 100644 --- a/source/configure.in +++ b/source/configure.in @@ -590,7 +590,7 @@ AC_SUBST(DYNEXP) dnl Add modules that have to be built by default here dnl These have to be built static: -default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_winreg rpc_initshutdown rpc_lsa_ds rpc_wkssvc rpc_svcctl rpc_ntsvcs rpc_net rpc_netdfs rpc_srvsvc rpc_spoolss rpc_eventlog rpc_unixinfo auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin vfs_default" +default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_reg rpc_shutdown rpc_lsa_ds rpc_wkssvc rpc_svcctl rpc_ntsvcs rpc_net rpc_netdfs rpc_srvsvc rpc_spoolss rpc_eventlog rpc_unixinfo auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin" dnl These are preferably build shared, and static if dlopen() is not available default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy charset_CP850 charset_CP437 auth_script" diff --git a/source/include/passdb.h b/source/include/passdb.h index 432976412db..53e97e674c0 100644 --- a/source/include/passdb.h +++ b/source/include/passdb.h @@ -34,8 +34,8 @@ #define ACCT_FULL_NAME 0x00000002 #define ACCT_RID 0x00000004 #define ACCT_PRIMARY_GID 0x00000008 -#define ACCT_ADMIN_DESC 0x00000010 -#define ACCT_DESCRIPTION 0x00000020 +#define ACCT_DESCRIPTION 0x00000010 +#define ACCT_COMMENT 0x00000020 #define ACCT_HOME_DIR 0x00000040 #define ACCT_HOME_DRIVE 0x00000080 #define ACCT_LOGON_SCRIPT 0x00000100 @@ -90,7 +90,7 @@ enum pdb_elements { PDB_UNIXHOMEDIR, PDB_ACCTDESC, PDB_WORKSTATIONS, - PDB_UNKNOWNSTR, + PDB_COMMENT, PDB_MUNGEDDIAL, PDB_HOURS, PDB_FIELDS_PRESENT, @@ -160,7 +160,7 @@ struct samu { const char *profile_path; /* profile path string */ const char *acct_desc; /* user description string */ const char *workstations; /* login from workstations string */ - const char *unknown_str; /* don't know what this is, yet. */ + const char *comment; const char *munged_dial; /* munged path name and dial-back tel number */ DOM_SID user_sid; diff --git a/source/include/rpc_samr.h b/source/include/rpc_samr.h index 910ccee1135..ad605691791 100644 --- a/source/include/rpc_samr.h +++ b/source/include/rpc_samr.h @@ -4,7 +4,7 @@ Copyright (C) Andrew Tridgell 1992-2000 Copyright (C) Luke Kenneth Casson Leighton 1996-2000 Copyright (C) Paul Ashton 1997-2000 - Copyright (C) Jean François Micouleau 1998-2001 + Copyright (C) Jean François Micouleau 1998-2001 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002 @@ -121,7 +121,7 @@ SamrTestPrivateFunctionsUser #define SAMR_QUERY_USERGROUPS 0x27 #define SAMR_QUERY_DISPINFO 0x28 -#define SAMR_UNKNOWN_29 0x29 +#define SAMR_GET_DISPENUM_INDEX 0x29 #define SAMR_UNKNOWN_2a 0x2a #define SAMR_UNKNOWN_2b 0x2b #define SAMR_GET_USRDOM_PWINFO 0x2c @@ -174,7 +174,7 @@ typedef struct sam_user_info_23 UNIHDR hdr_profile_path; /* profile path unicode string header */ UNIHDR hdr_acct_desc ; /* user description */ UNIHDR hdr_workstations; /* comma-separated workstations user can log in from */ - UNIHDR hdr_unknown_str ; /* don't know what this is, yet. */ + UNIHDR hdr_comment; UNIHDR hdr_munged_dial ; /* munged path name and dial-back tel number */ uint8 lm_pwd[16]; /* lm user passwords */ @@ -211,7 +211,7 @@ typedef struct sam_user_info_23 UNISTR2 uni_profile_path; /* profile path unicode string */ UNISTR2 uni_acct_desc ; /* user description unicode string */ UNISTR2 uni_workstations; /* login from workstations unicode string */ - UNISTR2 uni_unknown_str ; /* don't know what this is, yet. */ + UNISTR2 uni_comment; UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel no */ LOGON_HRS logon_hrs; @@ -222,7 +222,7 @@ typedef struct sam_user_info_23 typedef struct sam_user_info_24 { uint8 pass[516]; - uint16 pw_len; + uint8 pw_len; } SAM_USER_INFO_24; /* @@ -250,7 +250,7 @@ typedef struct sam_user_info_25 UNIHDR hdr_profile_path; /* profile path unicode string header */ UNIHDR hdr_acct_desc ; /* user description */ UNIHDR hdr_workstations; /* comma-separated workstations user can log in from */ - UNIHDR hdr_unknown_str ; /* don't know what this is, yet. */ + UNIHDR hdr_comment; UNIHDR hdr_munged_dial ; /* munged path name and dial-back tel number */ uint8 lm_pwd[16]; /* lm user passwords */ @@ -274,7 +274,7 @@ typedef struct sam_user_info_25 UNISTR2 uni_profile_path; /* profile path unicode string */ UNISTR2 uni_acct_desc ; /* user description unicode string */ UNISTR2 uni_workstations; /* login from workstations unicode string */ - UNISTR2 uni_unknown_str ; /* don't know what this is, yet. */ + UNISTR2 uni_comment; UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel no */ } SAM_USER_INFO_25; @@ -304,7 +304,7 @@ typedef struct sam_user_info_21 UNIHDR hdr_profile_path; /* profile path unicode string header */ UNIHDR hdr_acct_desc ; /* user description */ UNIHDR hdr_workstations; /* comma-separated workstations user can log in from */ - UNIHDR hdr_unknown_str ; /* don't know what this is, yet. */ + UNIHDR hdr_comment; UNIHDR hdr_munged_dial ; /* munged path name and dial-back tel number */ uint8 lm_pwd[16]; /* lm user passwords */ @@ -340,7 +340,7 @@ typedef struct sam_user_info_21 UNISTR2 uni_profile_path; /* profile path unicode string */ UNISTR2 uni_acct_desc ; /* user description unicode string */ UNISTR2 uni_workstations; /* login from workstations unicode string */ - UNISTR2 uni_unknown_str ; /* don't know what this is, yet. */ + UNISTR2 uni_comment; UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel number */ LOGON_HRS logon_hrs; @@ -1047,6 +1047,22 @@ typedef struct r_samr_query_dispinfo_info } SAMR_R_QUERY_DISPINFO; +/* SAMR_Q_GET_DISPENUM_INDEX */ +typedef struct q_samr_get_dispenum_index +{ + POLICY_HND domain_pol; + uint16 switch_level; + LSA_STRING name; + +} SAMR_Q_GET_DISPENUM_INDEX; + +/* SAMR_R_GET_DISPENUM_INDEX */ +typedef struct r_samr_get_dispenum_index +{ + uint32 idx; + NTSTATUS status; + +} SAMR_R_GET_DISPENUM_INDEX; /* SAMR_Q_DELETE_DOM_GROUP - delete domain group */ typedef struct q_samr_delete_dom_group_info diff --git a/source/include/rpc_spoolss.h b/source/include/rpc_spoolss.h index 681dcd73d42..069d2b3bf74 100755 --- a/source/include/rpc_spoolss.h +++ b/source/include/rpc_spoolss.h @@ -984,6 +984,12 @@ typedef struct printer_info_5 } PRINTER_INFO_5; +typedef struct printer_info_6 +{ + uint32 status; +} +PRINTER_INFO_6; + #define SPOOL_DS_PUBLISH 1 #define SPOOL_DS_UPDATE 2 #define SPOOL_DS_UNPUBLISH 4 @@ -1556,7 +1562,7 @@ typedef struct { uint32 previousnames_len; uint32 previousnames_ptr; NTTIME driverdate; - UINT64_S driverversion; + uint64 driverversion; uint32 dummy4; uint32 mfgname_ptr; uint32 oemurl_ptr; diff --git a/source/nsswitch/winbindd_wins.c b/source/nsswitch/winbindd_wins.c index 2cb835b3733..844099aabda 100644 --- a/source/nsswitch/winbindd_wins.c +++ b/source/nsswitch/winbindd_wins.c @@ -95,7 +95,7 @@ static struct in_addr *lookup_byname_backend(const char *name, int *count) /* always try with wins first */ if (resolve_wins(name,0x20,&ret,count)) { - if ( count == 0 ) + if ( *count == 0 ) return NULL; if ( (return_ip = SMB_MALLOC_ARRAY(struct in_addr, *count)) == NULL ) { free( ret ); diff --git a/source/passdb/login_cache.c b/source/passdb/login_cache.c index 9a19dcf437a..7fd3b47826f 100644 --- a/source/passdb/login_cache.c +++ b/source/passdb/login_cache.c @@ -140,7 +140,7 @@ BOOL login_cache_write(const struct samu *sampass, LOGIN_CACHE entry) entry.acct_ctrl, entry.bad_password_count, entry.bad_password_time); - databuf.dptr = SMB_MALLOC(databuf.dsize); + databuf.dptr = SMB_MALLOC_ARRAY(char, databuf.dsize); if (!databuf.dptr) { SAFE_FREE(keybuf.dptr); return False; diff --git a/source/passdb/lookup_sid.c b/source/passdb/lookup_sid.c index 2778b1ce52d..d41a7f0aced 100644 --- a/source/passdb/lookup_sid.c +++ b/source/passdb/lookup_sid.c @@ -65,6 +65,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, if ((domain == NULL) || (name == NULL)) { DEBUG(0, ("talloc failed\n")); + TALLOC_FREE(tmp_ctx); return False; } @@ -76,7 +77,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, sid_append_rid(&sid, rid); goto ok; } - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } if (strequal(domain, builtin_domain_name())) { @@ -88,7 +90,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, type = SID_NAME_ALIAS; goto ok; } - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } /* Try the explicit winbind lookup first, don't let it guess the @@ -104,7 +107,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, type = SID_NAME_USER; goto ok; } - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } if (strequal(domain, unix_groups_domain_name())) { @@ -112,11 +116,13 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, type = SID_NAME_DOM_GRP; goto ok; } - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } if ((domain[0] == '\0') && (!(flags & LOOKUP_NAME_ISOLATED))) { - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } /* Now the guesswork begins, we haven't been given an explicit @@ -146,7 +152,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, if (strequal(name, get_global_sam_name())) { if (!secrets_fetch_domain_sid(name, &sid)) { DEBUG(3, ("Could not fetch my SID\n")); - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } /* Swap domain and name */ tmp = name; name = domain; domain = tmp; @@ -159,7 +166,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, if (!IS_DC && strequal(name, lp_workgroup())) { if (!secrets_fetch_domain_sid(name, &sid)) { DEBUG(3, ("Could not fetch the domain SID\n")); - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } /* Swap domain and name */ tmp = name; name = domain; domain = tmp; @@ -203,7 +211,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, /* Now our local possibilities are exhausted. */ if (!(flags & LOOKUP_NAME_REMOTE)) { - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } /* If we are not a DC, we have to ask in our primary domain. Let @@ -243,7 +252,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, (domain_type != SID_NAME_DOMAIN)) { DEBUG(2, ("winbind could not find the domain's name " "it just looked up for us\n")); - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } goto ok; } @@ -265,7 +275,10 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, goto ok; } - failed: + /* + * Ok, all possibilities tried. Fail. + */ + TALLOC_FREE(tmp_ctx); return False; @@ -276,14 +289,26 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, return False; } - if (ret_name != NULL) { - *ret_name = talloc_steal(mem_ctx, name); + /* + * Hand over the results to the talloc context we've been given. + */ + + if ((ret_name != NULL) && + !(*ret_name = talloc_strdup(mem_ctx, name))) { + DEBUG(0, ("talloc failed\n")); + TALLOC_FREE(tmp_ctx); + return False; } if (ret_domain != NULL) { - char *tmp_dom = talloc_strdup(tmp_ctx, domain); + char *tmp_dom; + if (!(tmp_dom = talloc_strdup(mem_ctx, domain))) { + DEBUG(0, ("talloc failed\n")); + TALLOC_FREE(tmp_ctx); + return False; + } strupper_m(tmp_dom); - *ret_domain = talloc_steal(mem_ctx, tmp_dom); + *ret_domain = tmp_dom; } if (ret_sid != NULL) { @@ -650,18 +675,17 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, int i, j; - tmp_ctx = talloc_new(mem_ctx); - if (tmp_ctx == NULL) { + if (!(tmp_ctx = talloc_new(mem_ctx))) { DEBUG(0, ("talloc_new failed\n")); return NT_STATUS_NO_MEMORY; } - name_infos = TALLOC_ARRAY(tmp_ctx, struct lsa_name_info, num_sids); - dom_infos = TALLOC_ZERO_ARRAY(tmp_ctx, struct lsa_dom_info, + name_infos = TALLOC_ARRAY(mem_ctx, struct lsa_name_info, num_sids); + dom_infos = TALLOC_ZERO_ARRAY(mem_ctx, struct lsa_dom_info, MAX_REF_DOMAINS); if ((name_infos == NULL) || (dom_infos == NULL)) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } /* First build up the data structures: @@ -696,7 +720,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, */ if (domain_name == NULL) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } name_infos[i].rid = 0; @@ -710,14 +734,14 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, name_infos, builtin_domain_name()); if (name_infos[i].name == NULL) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } } } else { /* This is a normal SID with rid component */ if (!sid_split_rid(&sid, &rid)) { result = NT_STATUS_INVALID_PARAMETER; - goto done; + goto fail; } } @@ -740,7 +764,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, if (j == MAX_REF_DOMAINS) { /* TODO: What's the right error message here? */ result = NT_STATUS_NONE_MAPPED; - goto done; + goto fail; } if (!dom_infos[j].valid) { @@ -753,7 +777,11 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, /* This name was being found above in the case * when we found a domain SID */ dom_infos[j].name = - talloc_steal(dom_infos, domain_name); + talloc_strdup(dom_infos, domain_name); + if (dom_infos[j].name == NULL) { + result = NT_STATUS_NO_MEMORY; + goto fail; + } } else { /* lookup_rids will take care of this */ dom_infos[j].name = NULL; @@ -770,7 +798,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, if (dom_infos[j].idxs == NULL) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } } } @@ -779,6 +807,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, for (i=0; i<MAX_REF_DOMAINS; i++) { uint32_t *rids; + const char *domain_name = NULL; const char **names; enum SID_NAME_USE *types; struct lsa_dom_info *dom = &dom_infos[i]; @@ -788,11 +817,9 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, break; } - rids = TALLOC_ARRAY(tmp_ctx, uint32, dom->num_idxs); - - if (rids == NULL) { + if (!(rids = TALLOC_ARRAY(tmp_ctx, uint32, dom->num_idxs))) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } for (j=0; j<dom->num_idxs; j++) { @@ -800,31 +827,40 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, } if (!lookup_rids(tmp_ctx, &dom->sid, - dom->num_idxs, rids, &dom->name, + dom->num_idxs, rids, &domain_name, &names, &types)) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } - talloc_steal(dom_infos, dom->name); + if (!(dom->name = talloc_strdup(dom_infos, domain_name))) { + result = NT_STATUS_NO_MEMORY; + goto fail; + } for (j=0; j<dom->num_idxs; j++) { int idx = dom->idxs[j]; name_infos[idx].type = types[j]; if (types[j] != SID_NAME_UNKNOWN) { name_infos[idx].name = - talloc_steal(name_infos, names[j]); + talloc_strdup(name_infos, names[j]); + if (name_infos[idx].name == NULL) { + result = NT_STATUS_NO_MEMORY; + goto fail; + } } else { name_infos[idx].name = NULL; } } } - *ret_domains = talloc_steal(mem_ctx, dom_infos); - *ret_names = talloc_steal(mem_ctx, name_infos); - result = NT_STATUS_OK; + *ret_domains = dom_infos; + *ret_names = name_infos; + return NT_STATUS_OK; - done: + fail: + TALLOC_FREE(dom_infos); + TALLOC_FREE(name_infos); TALLOC_FREE(tmp_ctx); return result; } @@ -842,9 +878,7 @@ BOOL lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, TALLOC_CTX *tmp_ctx; BOOL ret = False; - tmp_ctx = talloc_new(mem_ctx); - - if (tmp_ctx == NULL) { + if (!(tmp_ctx = talloc_new(mem_ctx))) { DEBUG(0, ("talloc_new failed\n")); return False; } @@ -858,12 +892,14 @@ BOOL lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, goto done; } - if (ret_domain != NULL) { - *ret_domain = talloc_steal(mem_ctx, domain->name); + if ((ret_domain != NULL) && + !(*ret_domain = talloc_strdup(mem_ctx, domain->name))) { + goto done; } - if (ret_name != NULL) { - *ret_name = talloc_steal(mem_ctx, name->name); + if ((ret_name != NULL) && + !(*ret_name = talloc_strdup(mem_ctx, name->name))) { + goto done; } if (ret_type != NULL) { diff --git a/source/passdb/passdb.c b/source/passdb/passdb.c index 47b6b958000..8229139093a 100644 --- a/source/passdb/passdb.c +++ b/source/passdb/passdb.c @@ -50,10 +50,8 @@ const char *my_sam_name(void) /********************************************************************** ***********************************************************************/ -static int samu_destroy(void *p) +static int samu_destroy(struct samu *user) { - struct samu *user = p; - data_blob_clear_free( &user->lm_pw ); data_blob_clear_free( &user->nt_pw ); @@ -111,7 +109,7 @@ struct samu *samu_new( TALLOC_CTX *ctx ) user->profile_path = ""; user->acct_desc = ""; user->workstations = ""; - user->unknown_str = ""; + user->comment = ""; user->munged_dial = ""; user->plaintext_pw = NULL; @@ -996,7 +994,7 @@ BOOL init_sam_from_buffer_v3(struct samu *sampass, uint8 *buf, uint32 buflen) pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen); if (pwHistLen) { - uint8 *pw_hist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN); + uint8 *pw_hist = (uint8 *)SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN); if (!pw_hist) { ret = False; goto done; @@ -1023,7 +1021,6 @@ BOOL init_sam_from_buffer_v3(struct samu *sampass, uint8 *buf, uint32 buflen) } pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET); - pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET); pdb_set_hours_len(sampass, hours_len, PDB_SET); pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET); pdb_set_logon_count(sampass, logon_count, PDB_SET); @@ -1107,7 +1104,7 @@ uint32 init_buffer_from_sam_v3 (uint8 **buf, struct samu *sampass, BOOL size_onl logoff_time = (uint32)pdb_get_logoff_time(sampass); kickoff_time = (uint32)pdb_get_kickoff_time(sampass); bad_password_time = (uint32)pdb_get_bad_password_time(sampass); - pass_can_change_time = (uint32)pdb_get_pass_can_change_time(sampass); + pass_can_change_time = (uint32)pdb_get_pass_can_change_time_noncalc(sampass); pass_must_change_time = (uint32)pdb_get_pass_must_change_time(sampass); pass_last_set_time = (uint32)pdb_get_pass_last_set_time(sampass); diff --git a/source/passdb/pdb_get_set.c b/source/passdb/pdb_get_set.c index f1b1a7673ca..0b58fe09efa 100644 --- a/source/passdb/pdb_get_set.c +++ b/source/passdb/pdb_get_set.c @@ -72,12 +72,59 @@ time_t pdb_get_pass_last_set_time(const struct samu *sampass) time_t pdb_get_pass_can_change_time(const struct samu *sampass) { + uint32 allow; + + /* if the last set time is zero, it means the user cannot + change their password, and this time must be zero. jmcd + */ + if (sampass->pass_last_set_time == 0) + return (time_t) 0; + + /* if the time is max, and the field has been changed, + we're trying to update this real value from the sampass + to indicate that the user cannot change their password. jmcd + */ + if (sampass->pass_can_change_time == get_time_t_max() && + pdb_get_init_flags(sampass, PDB_CANCHANGETIME) == PDB_CHANGED) + return sampass->pass_can_change_time; + + if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &allow)) + allow = 0; + + /* in normal cases, just calculate it from policy */ + return sampass->pass_last_set_time + allow; +} + +/* we need this for loading from the backend, so that we don't overwrite + non-changed max times, otherwise the pass_can_change checking won't work */ +time_t pdb_get_pass_can_change_time_noncalc(const struct samu *sampass) +{ return sampass->pass_can_change_time; } time_t pdb_get_pass_must_change_time(const struct samu *sampass) { - return sampass->pass_must_change_time; + uint32 expire; + + if (sampass->pass_last_set_time == 0) + return (time_t) 0; + + if (sampass->acct_ctrl & ACB_PWNOEXP) + return get_time_t_max(); + + if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire) + || expire == (uint32)-1 || expire == 0) + return get_time_t_max(); + + return sampass->pass_last_set_time + expire; +} + +BOOL pdb_get_pass_can_change(const struct samu *sampass) +{ + if (sampass->pass_can_change_time == get_time_t_max() && + sampass->pass_last_set_time != 0) + return False; + return True; } uint16 pdb_get_logon_divs(const struct samu *sampass) @@ -288,9 +335,9 @@ const char *pdb_get_workstations(const struct samu *sampass) return sampass->workstations; } -const char *pdb_get_unknown_str(const struct samu *sampass) +const char *pdb_get_comment(const struct samu *sampass) { - return sampass->unknown_str; + return sampass->comment; } const char *pdb_get_munged_dial(const struct samu *sampass) @@ -752,23 +799,22 @@ BOOL pdb_set_workstations(struct samu *sampass, const char *workstations, enum p } /********************************************************************* - Set the user's 'unknown_str', whatever the heck this actually is... ********************************************************************/ -BOOL pdb_set_unknown_str(struct samu *sampass, const char *unknown_str, enum pdb_value_state flag) +BOOL pdb_set_comment(struct samu *sampass, const char *comment, enum pdb_value_state flag) { - if (unknown_str) { - sampass->unknown_str = talloc_strdup(sampass, unknown_str); + if (comment) { + sampass->comment = talloc_strdup(sampass, comment); - if (!sampass->unknown_str) { - DEBUG(0, ("pdb_set_unknown_str: talloc_strdup() failed!\n")); + if (!sampass->comment) { + DEBUG(0, ("pdb_set_comment: talloc_strdup() failed!\n")); return False; } } else { - sampass->unknown_str = PDB_NOT_QUITE_NULL; + sampass->comment = PDB_NOT_QUITE_NULL; } - return pdb_set_init_flags(sampass, PDB_UNKNOWNSTR, flag); + return pdb_set_init_flags(sampass, PDB_COMMENT, flag); } /********************************************************************* @@ -925,42 +971,13 @@ BOOL pdb_set_backend_private_data(struct samu *sampass, void *private_data, /* Helpful interfaces to the above */ -/********************************************************************* - Sets the last changed times and must change times for a normal - password change. - ********************************************************************/ - -BOOL pdb_set_pass_changed_now(struct samu *sampass) +BOOL pdb_set_pass_can_change(struct samu *sampass, BOOL canchange) { - uint32 expire; - uint32 min_age; - - if (!pdb_set_pass_last_set_time (sampass, time(NULL), PDB_CHANGED)) - return False; - - if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire) - || (expire==(uint32)-1) || (expire == 0)) { - if (!pdb_set_pass_must_change_time (sampass, get_time_t_max(), PDB_CHANGED)) - return False; - } else { - if (!pdb_set_pass_must_change_time (sampass, - pdb_get_pass_last_set_time(sampass) - + expire, PDB_CHANGED)) - return False; + return pdb_set_pass_can_change_time(sampass, + canchange ? 0 : get_time_t_max(), + PDB_CHANGED); } - if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &min_age) - || (min_age==(uint32)-1)) { - if (!pdb_set_pass_can_change_time (sampass, 0, PDB_CHANGED)) - return False; - } else { - if (!pdb_set_pass_can_change_time (sampass, - pdb_get_pass_last_set_time(sampass) - + min_age, PDB_CHANGED)) - return False; - } - return True; -} /********************************************************************* Set the user's PLAINTEXT password. Used as an interface to the above. @@ -997,7 +1014,7 @@ BOOL pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext) if (!pdb_set_plaintext_pw_only (sampass, plaintext, PDB_CHANGED)) return False; - if (!pdb_set_pass_changed_now (sampass)) + if (!pdb_set_pass_last_set_time (sampass, time(NULL), PDB_CHANGED)) return False; /* Store the password history. */ @@ -1021,7 +1038,7 @@ BOOL pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext) if (current_history_len < pwHistLen) { /* Ensure we have space for the needed history. */ - uchar *new_history = TALLOC(sampass, + uchar *new_history = (uchar *)TALLOC(sampass, pwHistLen*PW_HISTORY_ENTRY_LEN); if (!new_history) { return False; diff --git a/source/passdb/pdb_interface.c b/source/passdb/pdb_interface.c index 8fefd989114..ffe4713866f 100644 --- a/source/passdb/pdb_interface.c +++ b/source/passdb/pdb_interface.c @@ -48,43 +48,6 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid, const char **name, enum SID_NAME_USE *psid_name_use, union unid_t *unix_id); -/******************************************************************* - Clean up uninitialised passwords. The only way to tell - that these values are not 'real' is that they do not - have a valid last set time. Instead, the value is fixed at 0. - Therefore we use that as the key for 'is this a valid password'. - However, it is perfectly valid to have a 'default' last change - time, such LDAP with a missing attribute would produce. -********************************************************************/ - -static void pdb_force_pw_initialization(struct samu *pass) -{ - const uint8 *lm_pwd, *nt_pwd; - - /* only reset a password if the last set time has been - explicitly been set to zero. A default last set time - is ignored */ - - if ( (pdb_get_init_flags(pass, PDB_PASSLASTSET) != PDB_DEFAULT) - && (pdb_get_pass_last_set_time(pass) == 0) ) - { - - if (pdb_get_init_flags(pass, PDB_LMPASSWD) != PDB_DEFAULT) - { - lm_pwd = pdb_get_lanman_passwd(pass); - if (lm_pwd) - pdb_set_lanman_passwd(pass, NULL, PDB_CHANGED); - } - if (pdb_get_init_flags(pass, PDB_NTPASSWD) != PDB_DEFAULT) - { - nt_pwd = pdb_get_nt_passwd(pass); - if (nt_pwd) - pdb_set_nt_passwd(pass, NULL, PDB_CHANGED); - } - } - - return; -} NTSTATUS smb_register_passdb(int version, const char *name, pdb_init_function init) { @@ -250,7 +213,7 @@ BOOL pdb_getsampwent(struct samu *user) if ( !NT_STATUS_IS_OK(pdb->getsampwent(pdb, user) ) ) { return False; } - pdb_force_pw_initialization( user ); + return True; } @@ -266,8 +229,6 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username) TALLOC_FREE(csamuser); } - pdb_force_pw_initialization( sam_acct ); - csamuser = samu_new( NULL ); if (!csamuser) { return False; @@ -369,6 +330,15 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods, if (add_ret == 0) { smb_nscd_flush_user_cache(); } + +#ifdef ENABLE_BUILD_FARM_HACKS + if (add_ret != 0) { + DEBUG(1, ("Creating a faked user %s for build farm " + "purposes\n", name)); + faked_create_user(name); + } +#endif + flush_pwnam_cache(); pwd = Get_Pwnam_alloc(tmp_ctx, name); @@ -988,8 +958,7 @@ NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid, uint32 *attrs) { struct pdb_methods *pdb = pdb_get_methods(); - return pdb->lookup_rids(pdb, domain_sid, - num_rids, rids, names, attrs); + return pdb->lookup_rids(pdb, domain_sid, num_rids, rids, names, attrs); } NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid, @@ -999,8 +968,7 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid, uint32 *attrs) { struct pdb_methods *pdb = pdb_get_methods(); - return pdb->lookup_names(pdb, domain_sid, - num_names, names, rids, attrs); + return pdb->lookup_names(pdb, domain_sid, num_names, names, rids, attrs); } BOOL pdb_get_account_policy(int policy_index, uint32 *value) @@ -1738,7 +1706,7 @@ struct user_search { static BOOL next_entry_users(struct pdb_search *s, struct samr_displayentry *entry) { - struct user_search *state = s->private_data; + struct user_search *state = (struct user_search *)s->private_data; struct samu *user = NULL; next: @@ -1813,7 +1781,7 @@ struct group_search { static BOOL next_entry_groups(struct pdb_search *s, struct samr_displayentry *entry) { - struct group_search *state = s->private_data; + struct group_search *state = (struct group_search *)s->private_data; uint32 rid; GROUP_MAP *map = &state->groups[state->current_group]; @@ -1831,7 +1799,8 @@ static BOOL next_entry_groups(struct pdb_search *s, static void search_end_groups(struct pdb_search *search) { - struct group_search *state = search->private_data; + struct group_search *state = + (struct group_search *)search->private_data; SAFE_FREE(state->groups); } diff --git a/source/passdb/pdb_tdb.c b/source/passdb/pdb_tdb.c index 262e68eb007..873850bfa97 100644 --- a/source/passdb/pdb_tdb.c +++ b/source/passdb/pdb_tdb.c @@ -606,7 +606,7 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen) /* Change from V1 is addition of password history field. */ pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen); if (pwHistLen) { - uint8 *pw_hist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN); + uint8 *pw_hist = SMB_MALLOC_ARRAY(uint8, pwHistLen * PW_HISTORY_ENTRY_LEN); if (!pw_hist) { ret = False; goto done; @@ -901,7 +901,7 @@ static int tdbsam_traverse_setpwent(TDB_CONTEXT *t, TDB_DATA key, TDB_DATA data, /* save a copy of the key */ - ptr->key.dptr = memdup( key.dptr, key.dsize ); + ptr->key.dptr = (char *)memdup( key.dptr, key.dsize ); if (!ptr->key.dptr) { DEBUG(0,("tdbsam_traverse_setpwent: memdup failed\n")); /* just return 0 and let the traversal continue */ diff --git a/source/passdb/secrets.c b/source/passdb/secrets.c index 04d6da2814a..0a147c30dcc 100644 --- a/source/passdb/secrets.c +++ b/source/passdb/secrets.c @@ -104,7 +104,8 @@ BOOL secrets_store(const char *key, const void *data, size_t size) secrets_init(); if (!tdb) return False; - return tdb_store(tdb, string_tdb_data(key), make_tdb_data(data, size), + return tdb_trans_store(tdb, string_tdb_data(key), + make_tdb_data((const char *)data, size), TDB_REPLACE) == 0; } @@ -288,7 +289,8 @@ BOOL secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16], return True; } - if (!(pass = secrets_fetch(trust_keystr(domain), &size))) { + if (!(pass = (struct machine_acct_pass *)secrets_fetch( + trust_keystr(domain), &size))) { DEBUG(5, ("secrets_fetch failed!\n")); return False; } @@ -319,6 +321,136 @@ BOOL secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16], return True; } +/** + * Pack SID passed by pointer + * + * @param pack_buf pointer to buffer which is to be filled with packed data + * @param bufsize size of packing buffer + * @param sid pointer to sid to be packed + * + * @return length of the packed representation of the whole structure + **/ +static size_t tdb_sid_pack(char* pack_buf, int bufsize, DOM_SID* sid) +{ + int idx; + size_t len = 0; + + if (!sid || !pack_buf) return -1; + + len += tdb_pack(pack_buf + len, bufsize - len, "bb", sid->sid_rev_num, + sid->num_auths); + + for (idx = 0; idx < 6; idx++) { + len += tdb_pack(pack_buf + len, bufsize - len, "b", + sid->id_auth[idx]); + } + + for (idx = 0; idx < MAXSUBAUTHS; idx++) { + len += tdb_pack(pack_buf + len, bufsize - len, "d", + sid->sub_auths[idx]); + } + + return len; +} + +/** + * Unpack SID into a pointer + * + * @param pack_buf pointer to buffer with packed representation + * @param bufsize size of the buffer + * @param sid pointer to sid structure to be filled with unpacked data + * + * @return size of structure unpacked from buffer + **/ +static size_t tdb_sid_unpack(char* pack_buf, int bufsize, DOM_SID* sid) +{ + int idx, len = 0; + + if (!sid || !pack_buf) return -1; + + len += tdb_unpack(pack_buf + len, bufsize - len, "bb", + &sid->sid_rev_num, &sid->num_auths); + + for (idx = 0; idx < 6; idx++) { + len += tdb_unpack(pack_buf + len, bufsize - len, "b", + &sid->id_auth[idx]); + } + + for (idx = 0; idx < MAXSUBAUTHS; idx++) { + len += tdb_unpack(pack_buf + len, bufsize - len, "d", + &sid->sub_auths[idx]); + } + + return len; +} + +/** + * Pack TRUSTED_DOM_PASS passed by pointer + * + * @param pack_buf pointer to buffer which is to be filled with packed data + * @param bufsize size of the buffer + * @param pass pointer to trusted domain password to be packed + * + * @return length of the packed representation of the whole structure + **/ +static size_t tdb_trusted_dom_pass_pack(char* pack_buf, int bufsize, + TRUSTED_DOM_PASS* pass) +{ + int idx, len = 0; + + if (!pack_buf || !pass) return -1; + + /* packing unicode domain name and password */ + len += tdb_pack(pack_buf + len, bufsize - len, "d", + pass->uni_name_len); + + for (idx = 0; idx < 32; idx++) + len += tdb_pack(pack_buf + len, bufsize - len, "w", + pass->uni_name[idx]); + + len += tdb_pack(pack_buf + len, bufsize - len, "dPd", pass->pass_len, + pass->pass, pass->mod_time); + + /* packing SID structure */ + len += tdb_sid_pack(pack_buf + len, bufsize - len, &pass->domain_sid); + + return len; +} + + +/** + * Unpack TRUSTED_DOM_PASS passed by pointer + * + * @param pack_buf pointer to buffer with packed representation + * @param bufsize size of the buffer + * @param pass pointer to trusted domain password to be filled with unpacked data + * + * @return size of structure unpacked from buffer + **/ +size_t tdb_trusted_dom_pass_unpack(char* pack_buf, int bufsize, + TRUSTED_DOM_PASS* pass) +{ + int idx, len = 0; + + if (!pack_buf || !pass) return -1; + + /* unpack unicode domain name and plaintext password */ + len += tdb_unpack(pack_buf, bufsize - len, "d", &pass->uni_name_len); + + for (idx = 0; idx < 32; idx++) + len += tdb_unpack(pack_buf + len, bufsize - len, "w", + &pass->uni_name[idx]); + + len += tdb_unpack(pack_buf + len, bufsize - len, "dPd", + &pass->pass_len, &pass->pass, &pass->mod_time); + + /* unpack domain sid */ + len += tdb_sid_unpack(pack_buf + len, bufsize - len, + &pass->domain_sid); + + return len; +} + /************************************************************************ Routine to get account password to trusted domain ************************************************************************/ @@ -336,7 +468,8 @@ BOOL secrets_fetch_trusted_domain_password(const char *domain, char** pwd, ZERO_STRUCT(pass); /* fetching trusted domain password structure */ - if (!(pass_buf = secrets_fetch(trustdom_keystr(domain), &size))) { + if (!(pass_buf = (char *)secrets_fetch(trustdom_keystr(domain), + &size))) { DEBUG(5, ("secrets_fetch failed!\n")); return False; } @@ -494,7 +627,7 @@ char *secrets_fetch_machine_password(const char *domain, uint32 *last_set_time; asprintf(&key, "%s/%s", SECRETS_MACHINE_LAST_CHANGE_TIME, domain); strupper_m(key); - last_set_time = secrets_fetch(key, &size); + last_set_time = (unsigned int *)secrets_fetch(key, &size); if (last_set_time) { *pass_last_set_time = IVAL(last_set_time,0); SAFE_FREE(last_set_time); @@ -509,7 +642,7 @@ char *secrets_fetch_machine_password(const char *domain, uint32 *channel_type; asprintf(&key, "%s/%s", SECRETS_MACHINE_SEC_CHANNEL_TYPE, domain); strupper_m(key); - channel_type = secrets_fetch(key, &size); + channel_type = (unsigned int *)secrets_fetch(key, &size); if (channel_type) { *channel = IVAL(channel_type,0); SAFE_FREE(channel_type); @@ -613,7 +746,7 @@ BOOL fetch_ldap_pw(char **dn, char** pw) DEBUG(0, ("fetch_ldap_pw: asprintf failed!\n")); } - *pw=secrets_fetch(key, &size); + *pw=(char *)secrets_fetch(key, &size); SAFE_FREE(key); if (!size) { @@ -631,7 +764,7 @@ BOOL fetch_ldap_pw(char **dn, char** pw) for (p=old_style_key; *p; p++) if (*p == ',') *p = '/'; - data=secrets_fetch(old_style_key, &size); + data=(char *)secrets_fetch(old_style_key, &size); if (!size && size < sizeof(old_style_pw)) { DEBUG(0,("fetch_ldap_pw: neither ldap secret retrieved!\n")); SAFE_FREE(old_style_key); @@ -672,20 +805,35 @@ NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains, { TDB_LIST_NODE *keys, *k; char *pattern; + TALLOC_CTX *tmp_ctx; + + if (!(tmp_ctx = talloc_new(mem_ctx))) { + return NT_STATUS_NO_MEMORY; + } if (!secrets_init()) return NT_STATUS_ACCESS_DENIED; /* generate searching pattern */ - pattern = talloc_asprintf(mem_ctx, "%s/*", SECRETS_DOMTRUST_ACCT_PASS); + pattern = talloc_asprintf(tmp_ctx, "%s/*", SECRETS_DOMTRUST_ACCT_PASS); if (pattern == NULL) { DEBUG(0, ("secrets_trusted_domains: talloc_asprintf() " "failed!\n")); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } - *domains = NULL; *num_domains = 0; + /* + * Make sure that a talloc context for the trustdom_info structs + * exists + */ + + if (!(*domains = TALLOC_ARRAY(mem_ctx, struct trustdom_info *, 1))) { + TALLOC_FREE(tmp_ctx); + return NT_STATUS_NO_MEMORY; + } + /* fetching trusted domains' data and collecting them in a list */ keys = tdb_search_keys(tdb, pattern); @@ -698,16 +846,17 @@ NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains, struct trustdom_info *dom_info; /* important: ensure null-termination of the key string */ - secrets_key = talloc_strndup(mem_ctx, + secrets_key = talloc_strndup(tmp_ctx, k->node_key.dptr, k->node_key.dsize); if (!secrets_key) { DEBUG(0, ("strndup failed!\n")); tdb_search_list_free(keys); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } - packed_pass = secrets_fetch(secrets_key, &size); + packed_pass = (char *)secrets_fetch(secrets_key, &size); packed_size = tdb_trusted_dom_pass_unpack(packed_pass, size, &pass); /* packed representation isn't needed anymore */ @@ -727,30 +876,31 @@ NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains, continue; } - dom_info = TALLOC_P(mem_ctx, struct trustdom_info); - if (dom_info == NULL) { + if (!(dom_info = TALLOC_P(*domains, struct trustdom_info))) { DEBUG(0, ("talloc failed\n")); tdb_search_list_free(keys); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } - if (pull_ucs2_talloc(mem_ctx, &dom_info->name, + if (pull_ucs2_talloc(dom_info, &dom_info->name, pass.uni_name) == (size_t)-1) { DEBUG(2, ("pull_ucs2_talloc failed\n")); tdb_search_list_free(keys); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } sid_copy(&dom_info->sid, &pass.domain_sid); - ADD_TO_ARRAY(mem_ctx, struct trustdom_info *, dom_info, + ADD_TO_ARRAY(*domains, struct trustdom_info *, dom_info, domains, num_domains); if (*domains == NULL) { tdb_search_list_free(keys); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } - talloc_steal(*domains, dom_info); } DEBUG(5, ("secrets_get_trusted_domains: got %d domains\n", @@ -758,6 +908,7 @@ NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains, /* free the results of searching the keys */ tdb_search_list_free(keys); + TALLOC_FREE(tmp_ctx); return NT_STATUS_OK; } @@ -858,9 +1009,9 @@ BOOL secrets_fetch_afs_key(const char *cell, struct afs_key *result) *******************************************************************************/ void secrets_fetch_ipc_userpass(char **username, char **domain, char **password) { - *username = secrets_fetch(SECRETS_AUTH_USER, NULL); - *domain = secrets_fetch(SECRETS_AUTH_DOMAIN, NULL); - *password = secrets_fetch(SECRETS_AUTH_PASSWORD, NULL); + *username = (char *)secrets_fetch(SECRETS_AUTH_USER, NULL); + *domain = (char *)secrets_fetch(SECRETS_AUTH_DOMAIN, NULL); + *password = (char *)secrets_fetch(SECRETS_AUTH_PASSWORD, NULL); if (*username && **username) { @@ -965,7 +1116,7 @@ BOOL secrets_store_schannel_session_info(TALLOC_CTX *mem_ctx, pdc->remote_machine, pdc->domain); - value.dptr = TALLOC(mem_ctx, value.dsize); + value.dptr = (char *)TALLOC(mem_ctx, value.dsize); if (!value.dptr) { TALLOC_FREE(keystr); return False; diff --git a/source/popt/findme.c b/source/popt/findme.c index a950e50018b..b28981ba1f4 100644 --- a/source/popt/findme.c +++ b/source/popt/findme.c @@ -22,8 +22,8 @@ const char * findProgramPath(const char * argv0) { if (path == NULL) return NULL; - start = pathbuf = alloca(strlen(path) + 1); - buf = malloc(strlen(path) + strlen(argv0) + sizeof("/")); + start = pathbuf = (char *)alloca(strlen(path) + 1); + buf = (char *)malloc(strlen(path) + strlen(argv0) + sizeof("/")); if (buf == NULL) return NULL; /* XXX can't happen */ strcpy(pathbuf, path); diff --git a/source/popt/popt.c b/source/popt/popt.c index ce3687fb64e..d9e8411b9f2 100644 --- a/source/popt/popt.c +++ b/source/popt/popt.c @@ -51,7 +51,7 @@ static char * strerror(int errno) { void poptSetExecPath(poptContext con, const char * path, int allowAbsolute) { - con->execPath = _free(con->execPath); + con->execPath = (const char *)_free(con->execPath); con->execPath = xstrdup(path); con->execAbsolute = allowAbsolute; /*@-nullstate@*/ /* LCL: con->execPath can be NULL? */ @@ -68,7 +68,7 @@ static void invokeCallbacksPRE(poptContext con, const struct poptOption * opt) if (opt->arg == NULL) continue; /* XXX program error. */ if ((opt->argInfo & POPT_ARG_MASK) == POPT_ARG_INCLUDE_TABLE) { /* Recurse on included sub-tables. */ - invokeCallbacksPRE(con, opt->arg); + invokeCallbacksPRE(con, (const struct poptOption *)opt->arg); } else if ((opt->argInfo & POPT_ARG_MASK) == POPT_ARG_CALLBACK && (opt->argInfo & POPT_CBFLAG_PRE)) { /*@-castfcnptr@*/ @@ -91,7 +91,7 @@ static void invokeCallbacksPOST(poptContext con, const struct poptOption * opt) if (opt->arg == NULL) continue; /* XXX program error. */ if ((opt->argInfo & POPT_ARG_MASK) == POPT_ARG_INCLUDE_TABLE) { /* Recurse on included sub-tables. */ - invokeCallbacksPOST(con, opt->arg); + invokeCallbacksPOST(con, (const struct poptOption *)opt->arg); } else if ((opt->argInfo & POPT_ARG_MASK) == POPT_ARG_CALLBACK && (opt->argInfo & POPT_CBFLAG_POST)) { /*@-castfcnptr@*/ @@ -119,7 +119,8 @@ static void invokeCallbacksOPTION(poptContext con, if ((opt->argInfo & POPT_ARG_MASK) == POPT_ARG_INCLUDE_TABLE) { /* Recurse on included sub-tables. */ if (opt->arg != NULL) /* XXX program error */ - invokeCallbacksOPTION(con, opt->arg, myOpt, myData, shorty); + invokeCallbacksOPTION(con, (const struct poptOption *)opt->arg, + myOpt, myData, shorty); } else if ((opt->argInfo & POPT_ARG_MASK) == POPT_ARG_CALLBACK && !(opt->argInfo & POPT_CBFLAG_SKIPOPTION)) { /* Save callback info. */ @@ -153,7 +154,7 @@ static void invokeCallbacksOPTION(poptContext con, poptContext poptGetContext(const char * name, int argc, const char ** argv, const struct poptOption * options, int flags) { - poptContext con = malloc(sizeof(*con)); + poptContext con = (poptContext)malloc(sizeof(*con)); if (con == NULL) return NULL; /* XXX can't happen */ memset(con, 0, sizeof(*con)); @@ -168,7 +169,8 @@ poptContext poptGetContext(const char * name, int argc, const char ** argv, if (!(flags & POPT_CONTEXT_KEEP_FIRST)) con->os->next = 1; /* skip argv[0] */ - con->leftovers = calloc( (argc + 1), sizeof(*con->leftovers) ); + con->leftovers = (const char **)calloc( (argc + 1), + sizeof(*con->leftovers) ); /*@-dependenttrans -assignexpose@*/ /* FIX: W2DO? */ con->options = options; /*@=dependenttrans =assignexpose@*/ @@ -178,7 +180,8 @@ poptContext poptGetContext(const char * name, int argc, const char ** argv, con->execs = NULL; con->numExecs = 0; con->finalArgvAlloced = argc * 2; - con->finalArgv = calloc( con->finalArgvAlloced, sizeof(*con->finalArgv) ); + con->finalArgv = (const char **)calloc( con->finalArgvAlloced, + sizeof(*con->finalArgv) ); con->execAbsolute = 1; con->arg_strip = NULL; @@ -186,7 +189,7 @@ poptContext poptGetContext(const char * name, int argc, const char ** argv, con->flags |= POPT_CONTEXT_POSIXMEHARDER; if (name) { - char * t = malloc(strlen(name) + 1); + char * t = (char *)malloc(strlen(name) + 1); if (t) con->appName = strcpy(t, name); } @@ -202,9 +205,9 @@ static void cleanOSE(/*@special@*/ struct optionStackEntry *os) /*@releases os->nextArg, os->argv, os->argb @*/ /*@modifies os @*/ { - os->nextArg = _free(os->nextArg); - os->argv = _free(os->argv); - os->argb = PBM_FREE(os->argb); + os->nextArg = (const char *)_free(os->nextArg); + os->argv = (const char **)_free(os->argv); + os->argb = (pbm_set *)PBM_FREE(os->argb); } /*@-boundswrite@*/ @@ -216,7 +219,7 @@ void poptResetContext(poptContext con) while (con->os > con->optionStack) { cleanOSE(con->os--); } - con->os->argb = PBM_FREE(con->os->argb); + con->os->argb = (pbm_set *)PBM_FREE(con->os->argb); con->os->currAlias = NULL; con->os->nextCharArg = NULL; con->os->nextArg = NULL; @@ -230,12 +233,12 @@ void poptResetContext(poptContext con) if (con->finalArgv != NULL) for (i = 0; i < con->finalArgvCount; i++) { /*@-unqualifiedtrans@*/ /* FIX: typedef double indirection. */ - con->finalArgv[i] = _free(con->finalArgv[i]); + con->finalArgv[i] = (const char *)_free(con->finalArgv[i]); /*@=unqualifiedtrans@*/ } con->finalArgvCount = 0; - con->arg_strip = PBM_FREE(con->arg_strip); + con->arg_strip = ( pbm_set *)PBM_FREE(con->arg_strip); /*@-nullstate@*/ /* FIX: con->finalArgv != NULL */ return; /*@=nullstate@*/ @@ -280,13 +283,13 @@ static int handleExec(/*@special@*/ poptContext con, time 'round */ if ((con->finalArgvCount + 1) >= (con->finalArgvAlloced)) { con->finalArgvAlloced += 10; - con->finalArgv = realloc(con->finalArgv, + con->finalArgv = (const char **)realloc(con->finalArgv, sizeof(*con->finalArgv) * con->finalArgvAlloced); } i = con->finalArgvCount++; if (con->finalArgv != NULL) /* XXX can't happen */ - { char *s = malloc((longName ? strlen(longName) : 0) + 3); + { char *s = (char *)malloc((longName ? strlen(longName) : 0) + 3); if (s != NULL) { /* XXX can't happen */ if (longName) sprintf(s, "--%s", longName); @@ -375,12 +378,13 @@ static int execCommand(poptContext con) (!con->execAbsolute && strchr(item->argv[0], '/'))) return POPT_ERROR_NOARG; - argv = malloc(sizeof(*argv) * - (6 + item->argc + con->numLeftovers + con->finalArgvCount)); + argv = (const char **)malloc( + sizeof(*argv) * (6 + item->argc + con->numLeftovers + con->finalArgvCount)); if (argv == NULL) return POPT_ERROR_MALLOC; /* XXX can't happen */ if (!strchr(item->argv[0], '/') && con->execPath) { - char *s = alloca(strlen(con->execPath) + strlen(item->argv[0]) + sizeof("/")); + char *s = (char *)alloca( + strlen(con->execPath) + strlen(item->argv[0]) + sizeof("/")); sprintf(s, "%s/%s", con->execPath, item->argv[0]); argv[argc] = s; } else { @@ -443,8 +447,12 @@ if (_popt_debug) #endif rc = execvp(argv[0], (char *const *)argv); - - return POPT_ERROR_ERRNO; + /* notreached */ + if (rc) { + return POPT_ERROR_ERRNO; + } + + return 0; } /*@=bounds =boundswrite @*/ @@ -470,7 +478,8 @@ findOption(const struct poptOption * opt, /*@null@*/ const char * longName, /* Recurse on included sub-tables. */ if (opt->arg == NULL) continue; /* XXX program error */ - opt2 = findOption(opt->arg, longName, shortName, callback, + opt2 = findOption((const struct poptOption *)opt->arg, longName, + shortName, callback, callbackData, singleDash); if (opt2 == NULL) continue; /* Sub-table data will be inheirited if no data yet. */ @@ -542,7 +551,7 @@ static const char * findNextArg(/*@special@*/ poptContext con, /*@innercontinue@*/ continue; arg = os->argv[i]; if (delete_arg) { - if (os->argb == NULL) os->argb = PBM_ALLOC(os->argc); + if (os->argb == NULL) os->argb = (pbm_set *)PBM_ALLOC(os->argc); if (os->argb != NULL) /* XXX can't happen */ PBM_SET(i, os->argb); } @@ -567,7 +576,7 @@ expandNextArg(/*@special@*/ poptContext con, const char * s) size_t tn = strlen(s) + 1; char c; - te = t = malloc(tn);; + te = t = (char *)malloc(tn);; if (t == NULL) return NULL; /* XXX can't happen */ while ((c = *s++) != '\0') { switch (c) { @@ -589,7 +598,7 @@ expandNextArg(/*@special@*/ poptContext con, const char * s) alen = strlen(a); tn += alen; *te = '\0'; - t = realloc(t, tn); + t = (char *)realloc(t, tn); te = t + strlen(t); strncpy(te, a, alen); te += alen; continue; @@ -600,7 +609,7 @@ expandNextArg(/*@special@*/ poptContext con, const char * s) *te++ = c; } *te = '\0'; - t = realloc(t, strlen(t) + 1); /* XXX memory leak, hard to plug */ + t = (char *)realloc(t, strlen(t) + 1); /* XXX memory leak, hard to plug */ return t; } /*@=boundswrite@*/ @@ -612,7 +621,7 @@ static void poptStripArg(/*@special@*/ poptContext con, int which) { /*@-sizeoftype@*/ if (con->arg_strip == NULL) - con->arg_strip = PBM_ALLOC(con->optionStack[0].argc); + con->arg_strip = (pbm_set *)PBM_ALLOC(con->optionStack[0].argc); if (con->arg_strip != NULL) /* XXX can't happen */ PBM_SET(which, con->arg_strip); /*@=sizeoftype@*/ @@ -738,7 +747,8 @@ int poptGetNextOpt(poptContext con) /* Make a copy we can hack at */ localOptString = optString = - strcpy(alloca(strlen(origOptString) + 1), origOptString); + strcpy((char *)alloca(strlen(origOptString) + 1), + origOptString); if (optString[0] == '\0') return POPT_ERROR_BADOPT; @@ -831,7 +841,7 @@ int poptGetNextOpt(poptContext con) return POPT_ERROR_BADOPERATION; } } else if ((opt->argInfo & POPT_ARG_MASK) != POPT_ARG_NONE) { - con->os->nextArg = _free(con->os->nextArg); + con->os->nextArg = (const char *)_free(con->os->nextArg); /*@-usedef@*/ /* FIX: W2DO? */ if (longArg) { /*@=usedef@*/ @@ -956,12 +966,13 @@ int poptGetNextOpt(poptContext con) if ((con->finalArgvCount + 2) >= (con->finalArgvAlloced)) { con->finalArgvAlloced += 10; - con->finalArgv = realloc(con->finalArgv, + con->finalArgv = (const char **)realloc(con->finalArgv, sizeof(*con->finalArgv) * con->finalArgvAlloced); } if (con->finalArgv != NULL) - { char *s = malloc((opt->longName ? strlen(opt->longName) : 0) + 3); + { char *s = (char *)malloc( + (opt->longName ? strlen(opt->longName) : 0) + 3); if (s != NULL) { /* XXX can't happen */ if (opt->longName) sprintf(s, "%s%s", @@ -1042,47 +1053,47 @@ poptContext poptFreeContext(poptContext con) if (con == NULL) return con; poptResetContext(con); - con->os->argb = _free(con->os->argb); + con->os->argb = (pbm_set *)_free(con->os->argb); if (con->aliases != NULL) for (i = 0; i < con->numAliases; i++) { item = con->aliases + i; /*@-modobserver -observertrans -dependenttrans@*/ - item->option.longName = _free(item->option.longName); - item->option.descrip = _free(item->option.descrip); - item->option.argDescrip = _free(item->option.argDescrip); + item->option.longName = (const char *)_free(item->option.longName); + item->option.descrip = (const char *)_free(item->option.descrip); + item->option.argDescrip = (const char *)_free(item->option.argDescrip); /*@=modobserver =observertrans =dependenttrans@*/ - item->argv = _free(item->argv); + item->argv = (const char **)_free(item->argv); } - con->aliases = _free(con->aliases); + con->aliases = (poptItem)_free(con->aliases); if (con->execs != NULL) for (i = 0; i < con->numExecs; i++) { item = con->execs + i; /*@-modobserver -observertrans -dependenttrans@*/ - item->option.longName = _free(item->option.longName); - item->option.descrip = _free(item->option.descrip); - item->option.argDescrip = _free(item->option.argDescrip); + item->option.longName = (const char *)_free(item->option.longName); + item->option.descrip = (const char *)_free(item->option.descrip); + item->option.argDescrip = (const char *)_free(item->option.argDescrip); /*@=modobserver =observertrans =dependenttrans@*/ - item->argv = _free(item->argv); + item->argv = (const char **)_free(item->argv); } - con->execs = _free(con->execs); - - con->leftovers = _free(con->leftovers); - con->finalArgv = _free(con->finalArgv); - con->appName = _free(con->appName); - con->otherHelp = _free(con->otherHelp); - con->execPath = _free(con->execPath); - con->arg_strip = PBM_FREE(con->arg_strip); + con->execs = (poptItem)_free(con->execs); + + con->leftovers = (const char **)_free(con->leftovers); + con->finalArgv = (const char **)_free(con->finalArgv); + con->appName = (const char *)_free(con->appName); + con->otherHelp = (const char *)_free(con->otherHelp); + con->execPath = (const char *)_free(con->execPath); + con->arg_strip = (pbm_set *)PBM_FREE(con->arg_strip); - con = _free(con); + con = (poptContext)_free(con); return con; } int poptAddAlias(poptContext con, struct poptAlias alias, /*@unused@*/ int flags) { - poptItem item = alloca(sizeof(*item)); + poptItem item = (poptItem)alloca(sizeof(*item)); memset(item, 0, sizeof(*item)); item->option.longName = alias.longName; item->option.shortName = alias.shortName; @@ -1117,7 +1128,7 @@ int poptAddItem(poptContext con, poptItem newItem, int flags) /*@notreached@*/ break; } - *items = realloc((*items), ((*nitems) + 1) * sizeof(**items)); + *items = (poptItem)realloc((*items), ((*nitems) + 1) * sizeof(**items)); if ((*items) == NULL) return 1; diff --git a/source/printing/nt_printing.c b/source/printing/nt_printing.c index 9395275f8ac..8026ee3e8a0 100644 --- a/source/printing/nt_printing.c +++ b/source/printing/nt_printing.c @@ -738,6 +738,9 @@ uint32 get_c_setprinter(void) int get_builtin_ntforms(nt_forms_struct **list) { *list = (nt_forms_struct *)memdup(&default_forms[0], sizeof(default_forms)); + if (!*list) { + return 0; + } return sizeof(default_forms) / sizeof(default_forms[0]); } @@ -1112,7 +1115,7 @@ static int get_file_version(files_struct *fsp, char *fname,uint32 *major, uint32 goto error_exit; SAFE_FREE(buf); - if ((buf=SMB_MALLOC(section_bytes)) == NULL) { + if ((buf=(char *)SMB_MALLOC(section_bytes)) == NULL) { DEBUG(0,("get_file_version: PE file [%s] version malloc failed bytes = %d\n", fname, section_bytes)); goto error_exit; @@ -1172,7 +1175,7 @@ static int get_file_version(files_struct *fsp, char *fname,uint32 *major, uint32 /* Allocate a bit more space to speed up things */ SAFE_FREE(buf); - if ((buf=SMB_MALLOC(VS_NE_BUF_SIZE)) == NULL) { + if ((buf=(char *)SMB_MALLOC(VS_NE_BUF_SIZE)) == NULL) { DEBUG(0,("get_file_version: NE file [%s] malloc failed bytes = %d\n", fname, PE_HEADER_SIZE)); goto error_exit; @@ -2077,7 +2080,11 @@ static WERROR get_a_printer_driver_3_default(NT_PRINTER_DRIVER_INFO_LEVEL_3 **in memset(info.dependentfiles, '\0', 2*sizeof(fstring)); fstrcpy(info.dependentfiles[0], ""); - *info_ptr = memdup(&info, sizeof(info)); + *info_ptr = (NT_PRINTER_DRIVER_INFO_LEVEL_3 *)memdup(&info, sizeof(info)); + if (!*info_ptr) { + SAFE_FREE(info.dependentfiles); + return WERR_NOMEM; + } return WERR_OK; } @@ -2152,6 +2159,10 @@ static WERROR get_a_printer_driver_3(NT_PRINTER_DRIVER_INFO_LEVEL_3 **info_ptr, } *info_ptr = (NT_PRINTER_DRIVER_INFO_LEVEL_3 *)memdup(&driver, sizeof(driver)); + if (!*info_ptr) { + SAFE_FREE(driver.dependentfiles); + return WERR_NOMEM; + } return WERR_OK; } @@ -2541,7 +2552,7 @@ NT_DEVICEMODE *dup_nt_devicemode(NT_DEVICEMODE *nt_devicemode) new_nt_devicemode->nt_dev_private = NULL; if (nt_devicemode->nt_dev_private != NULL) { - if ((new_nt_devicemode->nt_dev_private = memdup(nt_devicemode->nt_dev_private, nt_devicemode->driverextra)) == NULL) { + if ((new_nt_devicemode->nt_dev_private = (uint8 *)memdup(nt_devicemode->nt_dev_private, nt_devicemode->driverextra)) == NULL) { SAFE_FREE(new_nt_devicemode); DEBUG(0,("dup_nt_devicemode: malloc fail.\n")); return NULL; @@ -2652,6 +2663,10 @@ int unpack_devicemode(NT_DEVICEMODE **nt_devmode, char *buf, int buflen) } *nt_devmode = (NT_DEVICEMODE *)memdup(&devmode, sizeof(devmode)); + if (!*nt_devmode) { + SAFE_FREE(devmode.nt_dev_private); + return -1; + } DEBUG(8,("Unpacked devicemode [%s](%s)\n", devmode.devicename, devmode.formname)); if (devmode.nt_dev_private) @@ -3004,7 +3019,7 @@ static WERROR nt_printer_publish_ads(ADS_STRUCT *ads, NT_PRINTER_INFO_LEVEL *printer) { ADS_STATUS ads_rc; - void *res; + LDAPMessage *res; char *prt_dn = NULL, *srv_dn, *srv_cn_0; char *srv_dn_utf8, **srv_cn_utf8; TALLOC_CTX *ctx; @@ -3021,7 +3036,7 @@ static WERROR nt_printer_publish_ads(ADS_STRUCT *ads, /* We use ldap_get_dn here as we need the answer * in utf8 to call ldap_explode_dn(). JRA. */ - srv_dn_utf8 = ldap_get_dn(ads->ld, res); + srv_dn_utf8 = ldap_get_dn((LDAP *)ads->ld, (LDAPMessage *)res); if (!srv_dn_utf8) { ads_destroy(&ads); return WERR_SERVER_UNAVAILABLE; @@ -3103,7 +3118,7 @@ static WERROR nt_printer_unpublish_ads(ADS_STRUCT *ads, NT_PRINTER_INFO_LEVEL *printer) { ADS_STATUS ads_rc; - void *res; + LDAPMessage *res; char *prt_dn = NULL; DEBUG(5, ("unpublishing printer %s\n", printer->info_2->printername)); diff --git a/source/printing/print_cups.c b/source/printing/print_cups.c index afa301bbea1..a5518764897 100644 --- a/source/printing/print_cups.c +++ b/source/printing/print_cups.c @@ -40,16 +40,38 @@ cups_passwd_cb(const char *prompt) /* I - Prompt */ return (NULL); } -static const char *cups_server(void) +static http_t *cups_connect(void) { - if ((lp_cups_server() != NULL) && (strlen(lp_cups_server()) > 0)) { - DEBUG(10, ("cups server explicitly set to %s\n", - lp_cups_server())); - return lp_cups_server(); + http_t *http; + char *server, *p; + int port; + + if (lp_cups_server() != NULL && strlen(lp_cups_server()) > 0) { + server = smb_xstrdup(lp_cups_server()); + } else { + server = smb_xstrdup(cupsServer()); + } + + p = strchr(server, ':'); + if (p) { + port = atoi(p+1); + *p = '\0'; + } else { + port = ippPort(); + } + + DEBUG(10, ("connecting to cups server %s:%d\n", + server, port)); + + if ((http = httpConnect(server, port)) == NULL) { + DEBUG(0,("Unable to connect to CUPS server %s:%d - %s\n", + server, port, strerror(errno))); + SAFE_FREE(server); + return NULL; } - DEBUG(10, ("cups server left to default %s\n", cupsServer())); - return cupsServer(); + SAFE_FREE(server); + return http; } BOOL cups_cache_reload(void) @@ -80,9 +102,7 @@ BOOL cups_cache_reload(void) * Try to connect to the server... */ - if ((http = httpConnect(cups_server(), ippPort())) == NULL) { - DEBUG(0,("Unable to connect to CUPS server %s - %s\n", - cups_server(), strerror(errno))); + if ((http = cups_connect()) == NULL) { goto out; } @@ -287,9 +307,7 @@ static int cups_job_delete(const char *sharename, const char *lprm_command, stru * Try to connect to the server... */ - if ((http = httpConnect(cups_server(), ippPort())) == NULL) { - DEBUG(0,("Unable to connect to CUPS server %s - %s\n", - cups_server(), strerror(errno))); + if ((http = cups_connect()) == NULL) { goto out; } @@ -379,9 +397,7 @@ static int cups_job_pause(int snum, struct printjob *pjob) * Try to connect to the server... */ - if ((http = httpConnect(cups_server(), ippPort())) == NULL) { - DEBUG(0,("Unable to connect to CUPS server %s - %s\n", - cups_server(), strerror(errno))); + if ((http = cups_connect()) == NULL) { goto out; } @@ -471,9 +487,7 @@ static int cups_job_resume(int snum, struct printjob *pjob) * Try to connect to the server... */ - if ((http = httpConnect(cups_server(), ippPort())) == NULL) { - DEBUG(0,("Unable to connect to CUPS server %s - %s\n", - cups_server(), strerror(errno))); + if ((http = cups_connect()) == NULL) { goto out; } @@ -566,9 +580,7 @@ static int cups_job_submit(int snum, struct printjob *pjob) * Try to connect to the server... */ - if ((http = httpConnect(cups_server(), ippPort())) == NULL) { - DEBUG(0,("Unable to connect to CUPS server %s - %s\n", - cups_server(), strerror(errno))); + if ((http = cups_connect()) == NULL) { goto out; } @@ -732,9 +744,7 @@ static int cups_queue_get(const char *sharename, * Try to connect to the server... */ - if ((http = httpConnect(cups_server(), ippPort())) == NULL) { - DEBUG(0,("Unable to connect to CUPS server %s - %s\n", - cups_server(), strerror(errno))); + if ((http = cups_connect()) == NULL) { goto out; } @@ -1017,9 +1027,7 @@ static int cups_queue_pause(int snum) * Try to connect to the server... */ - if ((http = httpConnect(cups_server(), ippPort())) == NULL) { - DEBUG(0,("Unable to connect to CUPS server %s - %s\n", - cups_server(), strerror(errno))); + if ((http = cups_connect()) == NULL) { goto out; } @@ -1111,9 +1119,7 @@ static int cups_queue_resume(int snum) * Try to connect to the server... */ - if ((http = httpConnect(cups_server(), ippPort())) == NULL) { - DEBUG(0,("Unable to connect to CUPS server %s - %s\n", - cups_server(), strerror(errno))); + if ((http = cups_connect()) == NULL) { goto out; } diff --git a/source/printing/print_iprint.c b/source/printing/print_iprint.c index 04b096a8a5b..3eb231c2eba 100644 --- a/source/printing/print_iprint.c +++ b/source/printing/print_iprint.c @@ -92,7 +92,7 @@ static int iprint_get_server_version(http_t *http, char* serviceUri) request = ippNew(); - request->request.op.operation_id = OPERATION_NOVELL_MGMT; + request->request.op.operation_id = (ipp_op_t)OPERATION_NOVELL_MGMT; request->request.op.request_id = 1; language = cupsLangDefault(); @@ -343,7 +343,8 @@ BOOL iprint_cache_reload(void) request = ippNew(); - request->request.op.operation_id = OPERATION_NOVELL_LIST_PRINTERS; + request->request.op.operation_id = + (ipp_op_t)OPERATION_NOVELL_LIST_PRINTERS; request->request.op.request_id = 1; language = cupsLangDefault(); diff --git a/source/registry/reg_cachehook.c b/source/registry/reg_cachehook.c index 32885be8e2e..ae8420776ac 100644 --- a/source/registry/reg_cachehook.c +++ b/source/registry/reg_cachehook.c @@ -79,7 +79,7 @@ REGISTRY_HOOK* reghook_cache_find( const char *keyname ) /* prepend the string with a '\' character */ len = strlen( keyname ); - if ( !(key = SMB_MALLOC( len + 2 )) ) { + if ( !(key = (char *)SMB_MALLOC( len + 2 )) ) { DEBUG(0,("reghook_cache_find: malloc failed for string [%s] !?!?!\n", keyname)); return NULL; @@ -94,7 +94,7 @@ REGISTRY_HOOK* reghook_cache_find( const char *keyname ) DEBUG(10,("reghook_cache_find: Searching for keyname [%s]\n", key)); - hook = pathtree_find( cache_tree, key ) ; + hook = (REGISTRY_HOOK *)pathtree_find( cache_tree, key ) ; SAFE_FREE( key ); diff --git a/source/registry/reg_db.c b/source/registry/reg_db.c index 5484c238b60..b05e4957b8b 100644 --- a/source/registry/reg_db.c +++ b/source/registry/reg_db.c @@ -229,7 +229,7 @@ BOOL regdb_init( void ) /* always setup the necessary keys and values */ if ( !init_registry_data() ) { - DEBUG(0,("init_registry: Failed to initiailize data in registry!\n")); + DEBUG(0,("init_registry: Failed to initialize data in registry!\n")); return False; } @@ -313,7 +313,9 @@ static BOOL regdb_store_keys_internal( const char *key, REGSUBKEY_CTR *ctr ) /* allocate some initial memory */ - buffer = SMB_MALLOC(sizeof(pstring)); + if (!(buffer = (char *)SMB_MALLOC(sizeof(pstring)))) { + return False; + } buflen = sizeof(pstring); len = 0; @@ -327,7 +329,7 @@ static BOOL regdb_store_keys_internal( const char *key, REGSUBKEY_CTR *ctr ) len += tdb_pack( buffer+len, buflen-len, "f", regsubkey_ctr_specific_key(ctr, i) ); if ( len > buflen ) { /* allocate some extra space */ - if ((buffer = SMB_REALLOC( buffer, len*2 )) == NULL) { + if ((buffer = (char *)SMB_REALLOC( buffer, len*2 )) == NULL) { DEBUG(0,("regdb_store_keys: Failed to realloc memory of size [%d]\n", len*2)); ret = False; goto done; diff --git a/source/registry/reg_frontend.c b/source/registry/reg_frontend.c index d5a9d45e8c4..ed49cc998c7 100644 --- a/source/registry/reg_frontend.c +++ b/source/registry/reg_frontend.c @@ -368,9 +368,11 @@ WERROR regkey_open_internal( REGISTRY_KEY **regkey, const char *path, /* initialization */ keyinfo->type = REG_KEY_GENERIC; - keyinfo->name = talloc_strdup( keyinfo, path ); - - + if (!(keyinfo->name = talloc_strdup(keyinfo, path))) { + result = WERR_NOMEM; + goto done; + } + /* Tag this as a Performance Counter Key */ if( StrnCaseCmp(path, KEY_HKPD, strlen(KEY_HKPD)) == 0 ) diff --git a/source/registry/reg_objects.c b/source/registry/reg_objects.c index ecad94f1d6c..83fd85658fb 100644 --- a/source/registry/reg_objects.c +++ b/source/registry/reg_objects.c @@ -181,7 +181,8 @@ REGISTRY_VALUE* dup_registry_value( REGISTRY_VALUE *val ) if ( val->data_p && val->size ) { - if ( !(copy->data_p = memdup( val->data_p, val->size )) ) { + if ( !(copy->data_p = (uint8 *)memdup( val->data_p, + val->size )) ) { DEBUG(0,("dup_registry_value: memdup() failed for [%d] bytes!\n", val->size)); SAFE_FREE( copy ); @@ -307,7 +308,8 @@ int regval_ctr_addvalue( REGVAL_CTR *ctr, const char *name, uint16 type, fstrcpy( ctr->values[ctr->num_values]->valuename, name ); ctr->values[ctr->num_values]->type = type; - ctr->values[ctr->num_values]->data_p = TALLOC_MEMDUP( ctr, data_p, size ); + ctr->values[ctr->num_values]->data_p = (uint8 *)TALLOC_MEMDUP( + ctr, data_p, size ); ctr->values[ctr->num_values]->size = size; ctr->num_values++; @@ -346,7 +348,8 @@ int regval_ctr_copyvalue( REGVAL_CTR *ctr, REGISTRY_VALUE *val ) fstrcpy( ctr->values[ctr->num_values]->valuename, val->valuename ); ctr->values[ctr->num_values]->type = val->type; - ctr->values[ctr->num_values]->data_p = TALLOC_MEMDUP( ctr, val->data_p, val->size ); + ctr->values[ctr->num_values]->data_p = (uint8 *)TALLOC_MEMDUP( + ctr, val->data_p, val->size ); ctr->values[ctr->num_values]->size = val->size; ctr->num_values++; } diff --git a/source/registry/reg_perfcount.c b/source/registry/reg_perfcount.c index 04a99c3af69..febae62ad01 100644 --- a/source/registry/reg_perfcount.c +++ b/source/registry/reg_perfcount.c @@ -177,7 +177,7 @@ static uint32 _reg_perfcount_multi_sz_from_tdb(TDB_CONTEXT *tdb, } /* First encode the name_index */ working_size = (kbuf.dsize + 1)*sizeof(uint16); - buf1 = SMB_REALLOC(buf1, buffer_size + working_size); + buf1 = (char *)SMB_REALLOC(buf1, buffer_size + working_size); if(!buf1) { buffer_size = 0; return buffer_size; @@ -187,7 +187,7 @@ static uint32 _reg_perfcount_multi_sz_from_tdb(TDB_CONTEXT *tdb, buffer_size += working_size; /* Now encode the actual name */ working_size = (dbuf.dsize + 1)*sizeof(uint16); - buf1 = SMB_REALLOC(buf1, buffer_size + working_size); + buf1 = (char *)SMB_REALLOC(buf1, buffer_size + working_size); if(!buf1) { buffer_size = 0; return buffer_size; @@ -234,7 +234,7 @@ uint32 reg_perfcount_get_counter_help(uint32 base_index, char **retbuf) /* Now terminate the MULTI_SZ with a double unicode NULL */ buf1 = *retbuf; - buf1 = SMB_REALLOC(buf1, buffer_size + 2); + buf1 = (char *)SMB_REALLOC(buf1, buffer_size + 2); if(!buf1) { buffer_size = 0; } else { @@ -279,7 +279,7 @@ uint32 reg_perfcount_get_counter_names(uint32 base_index, char **retbuf) /* Now terminate the MULTI_SZ with a double unicode NULL */ buf1 = *retbuf; - buf1 = SMB_REALLOC(buf1, buffer_size + 2); + buf1 = (char *)SMB_REALLOC(buf1, buffer_size + 2); if(!buf1) { buffer_size = 0; } else { @@ -372,7 +372,7 @@ static BOOL _reg_perfcount_add_object(PERF_DATA_BLOCK *block, TDB_CONTEXT *names) { int i; - BOOL success = False; + BOOL success = True; PERF_OBJECT_TYPE *obj; block->objects = (PERF_OBJECT_TYPE *)TALLOC_REALLOC_ARRAY(ps->mem_ctx, @@ -397,12 +397,11 @@ static BOOL _reg_perfcount_add_object(PERF_DATA_BLOCK *block, block->objects[block->NumObjectTypes].DetailLevel = PERF_DETAIL_NOVICE; block->NumObjectTypes+=1; - for(i = 0; i < (int)obj->NumInstances; i++) - { + for(i = 0; i < (int)obj->NumInstances; i++) { success = _reg_perfcount_add_instance(obj, ps, i, names); } - return True; + return success; } /********************************************************************* @@ -608,7 +607,7 @@ static BOOL _reg_perfcount_add_counter(PERF_DATA_BLOCK *block, char *begin, *end, *start, *stop; int parent; PERF_OBJECT_TYPE *obj; - BOOL success = False; + BOOL success = True; char buf[PERFCOUNT_MAX_LEN]; obj = NULL; @@ -620,8 +619,7 @@ static BOOL _reg_perfcount_add_counter(PERF_DATA_BLOCK *block, return False; start = begin+1; - while(start < end) - { + while(start < end) { stop = index(start, ','); if(stop == NULL) stop = end; @@ -629,8 +627,7 @@ static BOOL _reg_perfcount_add_counter(PERF_DATA_BLOCK *block, parent = atoi(start); obj = _reg_perfcount_find_obj(block, parent); - if(obj == NULL) - { + if(obj == NULL) { /* At this point we require that the parent object exist. This can probably be handled better at some later time */ DEBUG(3, ("_reg_perfcount_add_counter: Could not find parent object [%d] for counter [%d].\n", @@ -657,7 +654,7 @@ static BOOL _reg_perfcount_add_counter(PERF_DATA_BLOCK *block, that the required instances are not there yet, so change NumInstances from PERF_NO_INSTANCES to 0 */ - return True; + return success; } /********************************************************************* @@ -755,13 +752,9 @@ BOOL _reg_perfcount_add_instance(PERF_OBJECT_TYPE *obj, int instInd, TDB_CONTEXT *names) { - BOOL success; PERF_INSTANCE_DEFINITION *inst; - success = False; - - if(obj->instances == NULL) - { + if(obj->instances == NULL) { obj->instances = TALLOC_REALLOC_ARRAY(ps->mem_ctx, obj->instances, PERF_INSTANCE_DEFINITION, @@ -772,9 +765,7 @@ BOOL _reg_perfcount_add_instance(PERF_OBJECT_TYPE *obj, memset(&(obj->instances[instInd]), 0, sizeof(PERF_INSTANCE_DEFINITION)); inst = &(obj->instances[instInd]); - success = _reg_perfcount_get_instance_info(inst, ps, instInd, obj, names); - - return True; + return _reg_perfcount_get_instance_info(inst, ps, instInd, obj, names); } /********************************************************************* diff --git a/source/registry/reg_printing.c b/source/registry/reg_printing.c index 3ecff3d6964..d8c25d802d3 100644 --- a/source/registry/reg_printing.c +++ b/source/registry/reg_printing.c @@ -382,7 +382,6 @@ static void fill_in_printer_values( NT_PRINTER_INFO_LEVEL_2 *info2, REGVAL_CTR * UNISTR2 data; char *p; uint32 printer_status = PRINTER_STATUS_OK; - int snum; regval_ctr_addvalue( values, "Attributes", REG_DWORD, (char*)&info2->attributes, sizeof(info2->attributes) ); regval_ctr_addvalue( values, "Priority", REG_DWORD, (char*)&info2->priority, sizeof(info2->attributes) ); @@ -438,8 +437,7 @@ static void fill_in_printer_values( NT_PRINTER_INFO_LEVEL_2 *info2, REGVAL_CTR * /* stream the device mode */ - snum = lp_servicenumber(info2->sharename); - if ( (devmode = construct_dev_mode( snum )) != NULL ) { + if ( (devmode = construct_dev_mode( info2->sharename )) != NULL ) { if ( spoolss_io_devmode( "devmode", &prs, 0, devmode ) ) { offset = prs_offset( &prs ); regval_ctr_addvalue( values, "Default Devmode", REG_BINARY, prs_data_p(&prs), offset ); @@ -924,7 +922,7 @@ static void fill_in_driver_values( NT_PRINTER_DRIVER_INFO_LEVEL_3 *info3, REGVAL length = strlen(filename); - buffer = SMB_REALLOC( buffer, buffer_size + (length + 1)*sizeof(uint16) ); + buffer = (char *)SMB_REALLOC( buffer, buffer_size + (length + 1)*sizeof(uint16) ); if ( !buffer ) { break; } @@ -937,7 +935,7 @@ static void fill_in_driver_values( NT_PRINTER_DRIVER_INFO_LEVEL_3 *info3, REGVAL /* terminated by double NULL. Add the final one here */ - buffer = SMB_REALLOC( buffer, buffer_size + 2 ); + buffer = (char *)SMB_REALLOC( buffer, buffer_size + 2 ); if ( !buffer ) { buffer_size = 0; } else { diff --git a/source/registry/regfio.c b/source/registry/regfio.c index f164d4e19d4..f2e95da8898 100644 --- a/source/registry/regfio.c +++ b/source/registry/regfio.c @@ -1646,7 +1646,9 @@ static BOOL create_vk_record( REGF_FILE *file, REGF_VK_REC *vk, REGISTRY_VALUE * if ( vk->data_size > sizeof(uint32) ) { uint32 data_size = ( (vk->data_size+sizeof(uint32)) & 0xfffffff8 ) + 8; - vk->data = TALLOC_MEMDUP( file->mem_ctx, regval_data_p(value), vk->data_size ); + vk->data = (uint8 *)TALLOC_MEMDUP( file->mem_ctx, + regval_data_p(value), + vk->data_size ); if (vk->data == NULL) { return False; } @@ -1746,7 +1748,6 @@ static int hashrec_cmp( REGF_HASH_REC *h1, REGF_HASH_REC *h2 ) if ( sec_desc ) { uint32 sk_size = sk_record_data_size( sec_desc ); REGF_HBIN *sk_hbin; - REGF_SK_REC *tmp = NULL; /* search for it in the existing list of sd's */ @@ -1775,7 +1776,7 @@ static int hashrec_cmp( REGF_HASH_REC *h1, REGF_HASH_REC *h2 ) /* size value must be self-inclusive */ nk->sec_desc->size = sec_desc_size(sec_desc) + sizeof(uint32); - DLIST_ADD_END( file->sec_desc_list, nk->sec_desc, tmp ); + DLIST_ADD_END( file->sec_desc_list, nk->sec_desc, REGF_SK_REC *); /* update the offsets for us and the previous sd in the list. if this is the first record, then just set the next and prev diff --git a/source/rpc_parse/parse_buffer.c b/source/rpc_parse/parse_buffer.c index 21dddfa3cf5..5643189afea 100644 --- a/source/rpc_parse/parse_buffer.c +++ b/source/rpc_parse/parse_buffer.c @@ -319,7 +319,8 @@ BOOL smb_io_relarraystr(const char *desc, RPC_BUFFER *buffer, int depth, uint16 /* Yes this should be malloc not talloc. Don't change. */ - chaine.buffer = SMB_MALLOC((q-p+1)*sizeof(uint16)); + chaine.buffer = (uint16 *) + SMB_MALLOC((q-p+1)*sizeof(uint16)); if (chaine.buffer == NULL) return False; diff --git a/source/rpc_parse/parse_eventlog.c b/source/rpc_parse/parse_eventlog.c index 4aff9734eed..addf433feb8 100644 --- a/source/rpc_parse/parse_eventlog.c +++ b/source/rpc_parse/parse_eventlog.c @@ -54,7 +54,7 @@ BOOL eventlog_io_q_open_eventlog(const char *desc, EVENTLOG_Q_OPEN_EVENTLOG *q_u if(!prs_align(ps)) return False; - if ( !prs_pointer("", ps, depth, (void**)&q_u->unknown0, sizeof(EVENTLOG_OPEN_UNKNOWN0), (PRS_POINTER_CAST)prs_ev_open_unknown0)) + if ( !prs_pointer("", ps, depth, (void*)&q_u->unknown0, sizeof(EVENTLOG_OPEN_UNKNOWN0), (PRS_POINTER_CAST)prs_ev_open_unknown0)) return False; if ( !prs_unistr4("logname", ps, depth, &q_u->logname) ) diff --git a/source/rpc_parse/parse_samr.c b/source/rpc_parse/parse_samr.c index 0bde3da26c8..fd7a4040b67 100644 --- a/source/rpc_parse/parse_samr.c +++ b/source/rpc_parse/parse_samr.c @@ -511,12 +511,10 @@ void init_unk_info1(SAM_UNK_INFO_1 *u_1, uint16 min_pass_len, uint16 pass_hist, u_1->password_properties = password_properties; /* password never expire */ - u_1->expire.high = nt_expire.high; - u_1->expire.low = nt_expire.low; + u_1->expire = nt_expire; /* can change the password now */ - u_1->min_passwordage.high = nt_min_age.high; - u_1->min_passwordage.low = nt_min_age.low; + u_1->min_passwordage = nt_min_age; } @@ -555,12 +553,9 @@ void init_unk_info2(SAM_UNK_INFO_2 * u_2, const char *comment, const char *domain, const char *server, uint32 seq_num, uint32 num_users, uint32 num_groups, uint32 num_alias, NTTIME nt_logout, uint32 server_role) { - u_2->logout.low = nt_logout.low; - u_2->logout.high = nt_logout.high; - - u_2->seq_num.low = seq_num; - u_2->seq_num.high = 0x00000000; + u_2->logout = nt_logout; + u_2->seq_num = seq_num; u_2->unknown_4 = 0x00000001; u_2->server_role = server_role; @@ -635,8 +630,7 @@ inits a structure. void init_unk_info3(SAM_UNK_INFO_3 *u_3, NTTIME nt_logout) { - u_3->logout.low = nt_logout.low; - u_3->logout.high = nt_logout.high; + u_3->logout = nt_logout; } /******************************************************************* @@ -789,8 +783,7 @@ inits a structure. void init_unk_info8(SAM_UNK_INFO_8 * u_8, uint32 seq_num) { unix_to_nt_time(&u_8->domain_create_time, 0); - u_8->seq_num.low = seq_num; - u_8->seq_num.high = 0x0000; + u_8->seq_num = seq_num; } /******************************************************************* @@ -849,10 +842,8 @@ inits a structure. void init_unk_info12(SAM_UNK_INFO_12 * u_12, NTTIME nt_lock_duration, NTTIME nt_reset_time, uint16 lockout) { - u_12->duration.low = nt_lock_duration.low; - u_12->duration.high = nt_lock_duration.high; - u_12->reset_count.low = nt_reset_time.low; - u_12->reset_count.high = nt_reset_time.high; + u_12->duration = nt_lock_duration; + u_12->reset_count = nt_reset_time; u_12->bad_attempt_lockout = lockout; } @@ -887,8 +878,7 @@ inits a structure. void init_unk_info13(SAM_UNK_INFO_13 * u_13, uint32 seq_num) { unix_to_nt_time(&u_13->domain_create_time, 0); - u_13->seq_num.low = seq_num; - u_13->seq_num.high = 0x0000; + u_13->seq_num = seq_num; u_13->unknown1 = 0; u_13->unknown2 = 0; } @@ -3854,7 +3844,7 @@ BOOL samr_io_r_query_aliasinfo(const char *desc, SAMR_R_QUERY_ALIASINFO *out, if(!prs_align(ps)) return False; - if ( !prs_pointer("alias", ps, depth, (void**)&out->ctr, sizeof(ALIAS_INFO_CTR), (PRS_POINTER_CAST)samr_alias_info_ctr)) + if ( !prs_pointer("alias", ps, depth, (void*)&out->ctr, sizeof(ALIAS_INFO_CTR), (PRS_POINTER_CAST)samr_alias_info_ctr)) return False; if(!prs_align(ps)) return False; @@ -4896,7 +4886,7 @@ inits a SAMR_R_LOOKUP_NAMES structure. NTSTATUS init_samr_r_lookup_names(TALLOC_CTX *ctx, SAMR_R_LOOKUP_NAMES * r_u, uint32 num_rids, - uint32 *rid, uint32 *type, + uint32 *rid, enum SID_NAME_USE *type, NTSTATUS status) { DEBUG(5, ("init_samr_r_lookup_names\n")); @@ -5587,7 +5577,8 @@ static BOOL sam_io_user_info17(const char *desc, SAM_USER_INFO_17 * usr, init_sam_user_infoa *************************************************************************/ -void init_sam_user_info24(SAM_USER_INFO_24 * usr, char newpass[516], uint16 pw_len) +void init_sam_user_info24(SAM_USER_INFO_24 * usr, char newpass[516], + uint8 pw_len) { DEBUG(10, ("init_sam_user_info24:\n")); memcpy(usr->pass, newpass, sizeof(usr->pass)); @@ -5615,10 +5606,10 @@ static BOOL sam_io_user_info24(const char *desc, SAM_USER_INFO_24 * usr, return False; if (MARSHALLING(ps) && (usr->pw_len != 0)) { - if (!prs_uint16("pw_len", ps, depth, &usr->pw_len)) + if (!prs_uint8("pw_len", ps, depth, &usr->pw_len)) return False; } else if (UNMARSHALLING(ps)) { - if (!prs_uint16("pw_len", ps, depth, &usr->pw_len)) + if (!prs_uint8("pw_len", ps, depth, &usr->pw_len)) return False; } @@ -5741,8 +5732,8 @@ void init_sam_user_info23W(SAM_USER_INFO_23 * usr, NTTIME * logon_time, /* all z copy_unistr2(&usr->uni_workstations, wkstas); init_uni_hdr(&usr->hdr_workstations, &usr->uni_workstations); - copy_unistr2(&usr->uni_unknown_str, unk_str); - init_uni_hdr(&usr->hdr_unknown_str, &usr->uni_unknown_str); + copy_unistr2(&usr->uni_comment, unk_str); + init_uni_hdr(&usr->hdr_comment, &usr->uni_comment); copy_unistr2(&usr->uni_munged_dial, mung_dial); init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial); @@ -5835,8 +5826,8 @@ void init_sam_user_info23A(SAM_USER_INFO_23 * usr, NTTIME * logon_time, /* all z init_unistr2(&usr->uni_workstations, wkstas, UNI_FLAGS_NONE); init_uni_hdr(&usr->hdr_workstations, &usr->uni_workstations); - init_unistr2(&usr->uni_unknown_str, unk_str, UNI_FLAGS_NONE); - init_uni_hdr(&usr->hdr_unknown_str, &usr->uni_unknown_str); + init_unistr2(&usr->uni_comment, unk_str, UNI_FLAGS_NONE); + init_uni_hdr(&usr->hdr_comment, &usr->uni_comment); init_unistr2_from_datablob(&usr->uni_munged_dial, &blob); init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial); @@ -5895,7 +5886,7 @@ static BOOL sam_io_user_info23(const char *desc, SAM_USER_INFO_23 * usr, return False; if(!smb_io_unihdr("hdr_workstations", &usr->hdr_workstations, ps, depth)) /* wkstas user can log on from */ return False; - if(!smb_io_unihdr("hdr_unknown_str ", &usr->hdr_unknown_str, ps, depth)) /* unknown string */ + if(!smb_io_unihdr("hdr_comment ", &usr->hdr_comment, ps, depth)) /* unknown string */ return False; if(!smb_io_unihdr("hdr_munged_dial ", &usr->hdr_munged_dial, ps, depth)) /* wkstas user can log on from */ return False; @@ -5963,7 +5954,7 @@ static BOOL sam_io_user_info23(const char *desc, SAM_USER_INFO_23 * usr, if(!smb_io_unistr2("uni_workstations", &usr->uni_workstations, usr->hdr_workstations.buffer, ps, depth)) /* worksations user can log on from */ return False; - if(!smb_io_unistr2("uni_unknown_str ", &usr->uni_unknown_str, usr->hdr_unknown_str.buffer, ps, depth)) /* unknown string */ + if(!smb_io_unistr2("uni_comment ", &usr->uni_comment, usr->hdr_comment.buffer, ps, depth)) /* unknown string */ return False; if(!smb_io_unistr2("uni_munged_dial ", &usr->uni_munged_dial, usr->hdr_munged_dial.buffer, ps, depth)) @@ -6025,7 +6016,7 @@ static BOOL sam_io_user_info25(const char *desc, SAM_USER_INFO_25 * usr, prs_str return False; if(!smb_io_unihdr("hdr_workstations", &usr->hdr_workstations, ps, depth)) /* wkstas user can log on from */ return False; - if(!smb_io_unihdr("hdr_unknown_str ", &usr->hdr_unknown_str, ps, depth)) /* unknown string */ + if(!smb_io_unihdr("hdr_comment ", &usr->hdr_comment, ps, depth)) /* unknown string */ return False; if(!smb_io_unihdr("hdr_munged_dial ", &usr->hdr_munged_dial, ps, depth)) /* wkstas user can log on from */ return False; @@ -6076,7 +6067,7 @@ static BOOL sam_io_user_info25(const char *desc, SAM_USER_INFO_25 * usr, prs_str if(!smb_io_unistr2("uni_workstations", &usr->uni_workstations, usr->hdr_workstations.buffer, ps, depth)) /* worksations user can log on from */ return False; - if(!smb_io_unistr2("uni_unknown_str ", &usr->uni_unknown_str, usr->hdr_unknown_str.buffer, ps, depth)) /* unknown string */ + if(!smb_io_unistr2("uni_comment ", &usr->uni_comment, usr->hdr_comment.buffer, ps, depth)) /* unknown string */ return False; if(!smb_io_unistr2("uni_munged_dial ", &usr->uni_munged_dial, usr->hdr_munged_dial.buffer, ps, depth)) @@ -6182,8 +6173,8 @@ void init_sam_user_info21W(SAM_USER_INFO_21 * usr, copy_unistr2(&usr->uni_workstations, wkstas); init_uni_hdr(&usr->hdr_workstations, &usr->uni_workstations); - copy_unistr2(&usr->uni_unknown_str, unk_str); - init_uni_hdr(&usr->hdr_unknown_str, &usr->uni_unknown_str); + copy_unistr2(&usr->uni_comment, unk_str); + init_uni_hdr(&usr->hdr_comment, &usr->uni_comment); copy_unistr2(&usr->uni_munged_dial, mung_dial); init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial); @@ -6208,6 +6199,7 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, struct samu *pw, DOM_SID * pass_last_set_time, pass_can_change_time, pass_must_change_time; + time_t must_change_time; const char* user_name = pdb_get_username(pw); const char* full_name = pdb_get_fullname(pw); const char* home_dir = pdb_get_homedir(pw); @@ -6232,12 +6224,16 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, struct samu *pw, DOM_SID * } /* Create NTTIME structs */ - unix_to_nt_time (&logon_time, pdb_get_logon_time(pw)); - unix_to_nt_time (&logoff_time, pdb_get_logoff_time(pw)); + unix_to_nt_time (&logon_time, pdb_get_logon_time(pw)); + unix_to_nt_time (&logoff_time, pdb_get_logoff_time(pw)); unix_to_nt_time (&kickoff_time, pdb_get_kickoff_time(pw)); - unix_to_nt_time (&pass_last_set_time, pdb_get_pass_last_set_time(pw)); - unix_to_nt_time (&pass_can_change_time, pdb_get_pass_can_change_time(pw)); - unix_to_nt_time (&pass_must_change_time,pdb_get_pass_must_change_time(pw)); + unix_to_nt_time (&pass_last_set_time, pdb_get_pass_last_set_time(pw)); + unix_to_nt_time (&pass_can_change_time,pdb_get_pass_can_change_time(pw)); + must_change_time = pdb_get_pass_must_change_time(pw); + if (must_change_time == get_time_t_max()) + unix_to_nt_time_abs(&pass_must_change_time, must_change_time); + else + unix_to_nt_time(&pass_must_change_time, must_change_time); /* structure assignment */ usr->logon_time = logon_time; @@ -6331,8 +6327,8 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, struct samu *pw, DOM_SID * init_unistr2(&usr->uni_workstations, workstations, UNI_STR_TERMINATE); init_uni_hdr(&usr->hdr_workstations, &usr->uni_workstations); - init_unistr2(&usr->uni_unknown_str, NULL, UNI_STR_TERMINATE); - init_uni_hdr(&usr->hdr_unknown_str, &usr->uni_unknown_str); + init_unistr2(&usr->uni_comment, NULL, UNI_STR_TERMINATE); + init_uni_hdr(&usr->hdr_comment, &usr->uni_comment); init_unistr2_from_datablob(&usr->uni_munged_dial, &munged_dial_blob); init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial); @@ -6398,7 +6394,7 @@ static BOOL sam_io_user_info21(const char *desc, SAM_USER_INFO_21 * usr, return False; if(!smb_io_unihdr("hdr_workstations", &usr->hdr_workstations, ps, depth)) /* wkstas user can log on from */ return False; - if(!smb_io_unihdr("hdr_unknown_str ", &usr->hdr_unknown_str, ps, depth)) /* unknown string */ + if(!smb_io_unihdr("hdr_comment ", &usr->hdr_comment, ps, depth)) /* unknown string */ return False; if(!smb_io_unihdr("hdr_munged_dial ", &usr->hdr_munged_dial, ps, depth)) /* wkstas user can log on from */ return False; @@ -6438,25 +6434,25 @@ static BOOL sam_io_user_info21(const char *desc, SAM_USER_INFO_21 * usr, /* here begins pointed-to data */ - if(!smb_io_unistr2("uni_user_name ", &usr->uni_user_name,usr->hdr_user_name.buffer, ps, depth)) /* username unicode string */ + if(!smb_io_unistr2("uni_user_name ", &usr->uni_user_name,usr->hdr_user_name.buffer, ps, depth)) return False; - if(!smb_io_unistr2("uni_full_name ", &usr->uni_full_name, usr->hdr_full_name.buffer, ps, depth)) /* user's full name unicode string */ + if(!smb_io_unistr2("uni_full_name ", &usr->uni_full_name, usr->hdr_full_name.buffer, ps, depth)) return False; - if(!smb_io_unistr2("uni_home_dir ", &usr->uni_home_dir, usr->hdr_home_dir.buffer, ps, depth)) /* home directory unicode string */ + if(!smb_io_unistr2("uni_home_dir ", &usr->uni_home_dir, usr->hdr_home_dir.buffer, ps, depth)) return False; - if(!smb_io_unistr2("uni_dir_drive ", &usr->uni_dir_drive, usr->hdr_dir_drive.buffer, ps, depth)) /* home directory drive unicode string */ + if(!smb_io_unistr2("uni_dir_drive ", &usr->uni_dir_drive, usr->hdr_dir_drive.buffer, ps, depth)) return False; - if(!smb_io_unistr2("uni_logon_script", &usr->uni_logon_script, usr->hdr_logon_script.buffer, ps, depth)) /* logon script unicode string */ + if(!smb_io_unistr2("uni_logon_script", &usr->uni_logon_script, usr->hdr_logon_script.buffer, ps, depth)) return False; - if(!smb_io_unistr2("uni_profile_path", &usr->uni_profile_path, usr->hdr_profile_path.buffer, ps, depth)) /* profile path unicode string */ + if(!smb_io_unistr2("uni_profile_path", &usr->uni_profile_path, usr->hdr_profile_path.buffer, ps, depth)) return False; - if(!smb_io_unistr2("uni_acct_desc ", &usr->uni_acct_desc, usr->hdr_acct_desc.buffer, ps, depth)) /* user desc unicode string */ + if(!smb_io_unistr2("uni_acct_desc ", &usr->uni_acct_desc, usr->hdr_acct_desc.buffer, ps, depth)) return False; - if(!smb_io_unistr2("uni_workstations", &usr->uni_workstations, usr->hdr_workstations.buffer, ps, depth)) /* worksations user can log on from */ + if(!smb_io_unistr2("uni_workstations", &usr->uni_workstations, usr->hdr_workstations.buffer, ps, depth)) return False; - if(!smb_io_unistr2("uni_unknown_str ", &usr->uni_unknown_str, usr->hdr_unknown_str.buffer, ps, depth)) /* unknown string */ + if(!smb_io_unistr2("uni_comment", &usr->uni_comment, usr->hdr_comment.buffer, ps, depth)) return False; - if(!smb_io_unistr2("uni_munged_dial ", &usr->uni_munged_dial,usr->hdr_munged_dial.buffer, ps, depth)) /* worksations user can log on from */ + if(!smb_io_unistr2("uni_munged_dial ", &usr->uni_munged_dial,usr->hdr_munged_dial.buffer, ps, depth)) return False; /* ok, this is only guess-work (as usual) */ diff --git a/source/rpc_parse/parse_spoolss.c b/source/rpc_parse/parse_spoolss.c index 2884883e893..1001ba21907 100644 --- a/source/rpc_parse/parse_spoolss.c +++ b/source/rpc_parse/parse_spoolss.c @@ -606,7 +606,7 @@ static BOOL spool_io_user_level(const char *desc, SPOOL_USER_CTR *q_u, prs_struc switch ( q_u->level ) { case 1: - if ( !prs_pointer( "" , ps, depth, (void**)&q_u->user.user1, + if ( !prs_pointer( "" , ps, depth, (void*)&q_u->user.user1, sizeof(SPOOL_USER_1), (PRS_POINTER_CAST)spool_io_user_level_1 )) { return False; @@ -2452,6 +2452,24 @@ BOOL smb_io_printer_info_5(const char *desc, RPC_BUFFER *buffer, PRINTER_INFO_5 } /******************************************************************* + Parse a PRINTER_INFO_6 structure. +********************************************************************/ + +BOOL smb_io_printer_info_6(const char *desc, RPC_BUFFER *buffer, + PRINTER_INFO_6 *info, int depth) +{ + prs_struct *ps=&buffer->prs; + + prs_debug(ps, depth, desc, "smb_io_printer_info_6"); + depth++; + + if (!prs_uint32("status", ps, depth, &info->status)) + return False; + + return True; +} + +/******************************************************************* Parse a PRINTER_INFO_7 structure. ********************************************************************/ @@ -2643,9 +2661,7 @@ BOOL smb_io_printer_driver_info_6(const char *desc, RPC_BUFFER *buffer, DRIVER_I if (!smb_io_relarraystr("previousdrivernames", buffer, depth, &info->previousdrivernames)) return False; - if (!prs_uint32("date.low", ps, depth, &info->driver_date.low)) - return False; - if (!prs_uint32("date.high", ps, depth, &info->driver_date.high)) + if (!prs_uint64("date", ps, depth, &info->driver_date)) return False; if (!prs_uint32("padding", ps, depth, &info->padding)) @@ -3112,6 +3128,14 @@ uint32 spoolss_size_printer_info_5(PRINTER_INFO_5 *info) return size; } +/******************************************************************* +return the size required by a struct in the stream +********************************************************************/ + +uint32 spoolss_size_printer_info_6(PRINTER_INFO_6 *info) +{ + return sizeof(uint32); +} /******************************************************************* return the size required by a struct in the stream @@ -3777,10 +3801,8 @@ BOOL make_spoolss_q_setprinter(TALLOC_CTX *mem_ctx, SPOOL_Q_SETPRINTER *q_u, q_u->secdesc_ctr = SMB_MALLOC_P(SEC_DESC_BUF); if (!q_u->secdesc_ctr) return False; - q_u->secdesc_ctr->ptr = (secdesc != NULL) ? 1: 0; - q_u->secdesc_ctr->max_len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0; - q_u->secdesc_ctr->len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0; - q_u->secdesc_ctr->sec = secdesc; + q_u->secdesc_ctr->sd = secdesc; + q_u->secdesc_ctr->sd_size = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0; q_u->devmode_ctr.devmode_ptr = (devmode != NULL) ? 1 : 0; q_u->devmode_ctr.size = (devmode != NULL) ? sizeof(DEVICEMODE) + (3*sizeof(uint32)) : 0; @@ -3801,10 +3823,8 @@ BOOL make_spoolss_q_setprinter(TALLOC_CTX *mem_ctx, SPOOL_Q_SETPRINTER *q_u, q_u->secdesc_ctr = SMB_MALLOC_P(SEC_DESC_BUF); if (!q_u->secdesc_ctr) return False; - q_u->secdesc_ctr->ptr = (secdesc != NULL) ? 1: 0; - q_u->secdesc_ctr->max_len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0; - q_u->secdesc_ctr->len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0; - q_u->secdesc_ctr->sec = secdesc; + q_u->secdesc_ctr->sd_size = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0; + q_u->secdesc_ctr->sd = secdesc; break; case 7: @@ -6269,6 +6289,11 @@ void free_printer_info_5(PRINTER_INFO_5 *printer) SAFE_FREE(printer); } +void free_printer_info_6(PRINTER_INFO_6 *printer) +{ + SAFE_FREE(printer); +} + void free_printer_info_7(PRINTER_INFO_7 *printer) { SAFE_FREE(printer); diff --git a/source/rpc_server/srv_netlog_nt.c b/source/rpc_server/srv_netlog_nt.c index 6603d2f1d44..b8c776964e9 100644 --- a/source/rpc_server/srv_netlog_nt.c +++ b/source/rpc_server/srv_netlog_nt.c @@ -623,7 +623,7 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET * return NT_STATUS_NO_MEMORY; } - if (!pdb_set_pass_changed_now(sampass)) { + if (!pdb_set_pass_last_set_time(sampass, time(NULL), PDB_CHANGED)) { TALLOC_FREE(sampass); /* Not quite sure what this one qualifies as, but this will do */ return NT_STATUS_UNSUCCESSFUL; diff --git a/source/rpc_server/srv_samr_nt.c b/source/rpc_server/srv_samr_nt.c index b8d4f072aee..900da112944 100644 --- a/source/rpc_server/srv_samr_nt.c +++ b/source/rpc_server/srv_samr_nt.c @@ -40,6 +40,8 @@ ( READ_CONTROL_ACCESS | \ SA_RIGHT_USER_CHANGE_PASSWORD | \ SA_RIGHT_USER_SET_LOC_COM ) +#define SAMR_USR_RIGHTS_CANT_WRITE_PW \ + ( READ_CONTROL_ACCESS | SA_RIGHT_USER_SET_LOC_COM ) #define DISP_INFO_CACHE_TIMEOUT 10 @@ -90,6 +92,11 @@ static struct generic_mapping usr_generic_mapping = { GENERIC_RIGHTS_USER_WRITE, GENERIC_RIGHTS_USER_EXECUTE, GENERIC_RIGHTS_USER_ALL_ACCESS}; +static struct generic_mapping usr_nopwchange_generic_mapping = { + GENERIC_RIGHTS_USER_READ, + GENERIC_RIGHTS_USER_WRITE, + GENERIC_RIGHTS_USER_EXECUTE & ~SA_RIGHT_USER_CHANGE_PASSWORD, + GENERIC_RIGHTS_USER_ALL_ACCESS}; static struct generic_mapping grp_generic_mapping = { GENERIC_RIGHTS_GROUP_READ, GENERIC_RIGHTS_GROUP_WRITE, @@ -657,16 +664,6 @@ NTSTATUS _samr_get_usrdom_pwinfo(pipes_struct *p, SAMR_Q_GET_USRDOM_PWINFO *q_u, } /******************************************************************* - _samr_set_sec_obj - ********************************************************************/ - -NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_SEC_OBJ *r_u) -{ - DEBUG(0,("_samr_set_sec_obj: Not yet implemented!\n")); - return NT_STATUS_NOT_IMPLEMENTED; -} - -/******************************************************************* ********************************************************************/ static BOOL get_lsa_policy_samr_sid( pipes_struct *p, POLICY_HND *pol, @@ -692,6 +689,97 @@ static BOOL get_lsa_policy_samr_sid( pipes_struct *p, POLICY_HND *pol, } /******************************************************************* + _samr_set_sec_obj + ********************************************************************/ + +NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_SEC_OBJ *r_u) +{ + DOM_SID pol_sid; + uint32 acc_granted, i; + SEC_ACL *dacl; + BOOL ret; + struct samu *sampass=NULL; + NTSTATUS status; + + r_u->status = NT_STATUS_OK; + + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL)) + return NT_STATUS_INVALID_HANDLE; + + if (!(sampass = samu_new( p->mem_ctx))) { + DEBUG(0,("No memory!\n")); + return NT_STATUS_NO_MEMORY; + } + + /* get the user record */ + become_root(); + ret = pdb_getsampwsid(sampass, &pol_sid); + unbecome_root(); + + if (!ret) { + DEBUG(4, ("User %s not found\n", sid_string_static(&pol_sid))); + TALLOC_FREE(sampass); + return NT_STATUS_INVALID_HANDLE; + } + + dacl = q_u->buf->sec->dacl; + for (i=0; i < dacl->num_aces; i++) { + if (sid_equal(&pol_sid, &dacl->ace[i].trustee)) { + ret = pdb_set_pass_can_change(sampass, + (dacl->ace[i].info.mask & + SA_RIGHT_USER_CHANGE_PASSWORD) ? + True: False); + break; + } + } + + if (!ret) { + TALLOC_FREE(sampass); + return NT_STATUS_ACCESS_DENIED; + } + + status = pdb_update_sam_account(sampass); + + TALLOC_FREE(sampass); + + return status; +} + +/******************************************************************* + build correct perms based on policies and password times for _samr_query_sec_obj +*******************************************************************/ +static BOOL check_change_pw_access(TALLOC_CTX *mem_ctx, DOM_SID *user_sid) +{ + struct samu *sampass=NULL; + BOOL ret; + + if ( !(sampass = samu_new( mem_ctx )) ) { + DEBUG(0,("No memory!\n")); + return False; + } + + become_root(); + ret = pdb_getsampwsid(sampass, user_sid); + unbecome_root(); + + if (ret == False) { + DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); + TALLOC_FREE(sampass); + return False; + } + + DEBUG(3,("User:[%s]\n", pdb_get_username(sampass) )); + + if (pdb_get_pass_can_change(sampass)) { + TALLOC_FREE(sampass); + return True; + } + TALLOC_FREE(sampass); + return False; +} + + +/******************************************************************* _samr_query_sec_obj ********************************************************************/ @@ -731,7 +819,13 @@ NTSTATUS _samr_query_sec_obj(pipes_struct *p, SAMR_Q_QUERY_SEC_OBJ *q_u, SAMR_R_ /* TODO: different SDs have to be generated for aliases groups and users. Currently all three get a default user SD */ DEBUG(10,("_samr_query_sec_obj: querying security on Object with SID: %s\n", sid_to_string(str_sid, &pol_sid))); - r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &pol_sid, SAMR_USR_RIGHTS_WRITE_PW); + if (check_change_pw_access(p->mem_ctx, &pol_sid)) { + r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, + &pol_sid, SAMR_USR_RIGHTS_WRITE_PW); + } else { + r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_nopwchange_generic_mapping, + &pol_sid, SAMR_USR_RIGHTS_CANT_WRITE_PW); + } } else { return NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -1435,7 +1529,7 @@ NTSTATUS _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LO } } - init_samr_r_lookup_names(p->mem_ctx, r_u, num_rids, rid, (uint32 *)type, r_u->status); + init_samr_r_lookup_names(p->mem_ctx, r_u, num_rids, rid, type, r_u->status); DEBUG(5,("_samr_lookup_names: %d\n", __LINE__)); @@ -1618,12 +1712,14 @@ static BOOL make_samr_lookup_rids(TALLOC_CTX *ctx, uint32 num_names, NTSTATUS _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOKUP_RIDS *r_u) { const char **names; - uint32 *attrs = NULL; + enum SID_NAME_USE *attrs = NULL; + uint32 *wire_attrs = NULL; UNIHDR *hdr_name = NULL; UNISTR2 *uni_name = NULL; DOM_SID pol_sid; int num_rids = q_u->num_rids1; uint32 acc_granted; + int i; r_u->status = NT_STATUS_OK; @@ -1640,9 +1736,10 @@ NTSTATUS _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOK } names = TALLOC_ZERO_ARRAY(p->mem_ctx, const char *, num_rids); - attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_rids); + attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, enum SID_NAME_USE, num_rids); + wire_attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_rids); - if ((num_rids != 0) && ((names == NULL) || (attrs == NULL))) + if ((num_rids != 0) && ((names == NULL) || (attrs == NULL) || (wire_attrs==NULL))) return NT_STATUS_NO_MEMORY; become_root(); /* lookup_sid can require root privs */ @@ -1658,7 +1755,12 @@ NTSTATUS _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOK &hdr_name, &uni_name)) return NT_STATUS_NO_MEMORY; - init_samr_r_lookup_rids(r_u, num_rids, hdr_name, uni_name, attrs); + /* Convert from enum SID_NAME_USE to uint32 for wire format. */ + for (i = 0; i < num_rids; i++) { + wire_attrs[i] = (uint32)attrs[i]; + } + + init_samr_r_lookup_rids(r_u, num_rids, hdr_name, uni_name, wire_attrs); DEBUG(5,("_samr_lookup_rids: %d\n", __LINE__)); @@ -2498,7 +2600,8 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, } DEBUG(5, ("_samr_create_user: %s can add this account : %s\n", - p->pipe_user_name, can_add_account ? "True":"False" )); + uidtoname(p->pipe_user.ut.uid), + can_add_account ? "True":"False" )); /********** BEGIN Admin BLOCK **********/ @@ -3047,7 +3150,7 @@ static BOOL set_user_info_18(SAM_USER_INFO_18 *id18, struct samu *pwd) TALLOC_FREE(pwd); return False; } - if (!pdb_set_pass_changed_now (pwd)) { + if (!pdb_set_pass_last_set_time (pwd, time(NULL), PDB_CHANGED)) { TALLOC_FREE(pwd); return False; } @@ -3100,9 +3203,11 @@ static NTSTATUS set_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, } /* we need to separately check for an account rename first */ + if (rpcstr_pull(new_name, id21->uni_user_name.buffer, - sizeof(new_name), id21->uni_user_name.uni_str_len*2, 0) && - (!strequal(new_name, pdb_get_username(pwd)))) { + sizeof(new_name), id21->uni_user_name.uni_str_len*2, 0) + && (!strequal(new_name, pdb_get_username(pwd)))) + { /* check to see if the new username already exists. Note: we can't reliably lock all backends, so there is potentially the @@ -3327,11 +3432,18 @@ static NTSTATUS set_user_info_25(TALLOC_CTX *mem_ctx, SAM_USER_INFO_25 *id25, copy_id25_to_sam_passwd(pwd, id25); + /* write the change out */ + if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) { + TALLOC_FREE(pwd); + return status; + } + /* - * The funny part about the previous two calls is - * that pwd still has the password hashes from the - * passdb entry. These have not been updated from - * id21. I don't know if they need to be set. --jerry + * We need to "pdb_update_sam_account" before the unix primary group + * is set, because the idealx scripts would also change the + * sambaPrimaryGroupSid using the ldap replace method. pdb_ldap uses + * the delete explicit / add explicit, which would then fail to find + * the previous primaryGroupSid value. */ if ( IS_SAM_CHANGED(pwd, PDB_GROUPSID) ) { @@ -3341,16 +3453,6 @@ static NTSTATUS set_user_info_25(TALLOC_CTX *mem_ctx, SAM_USER_INFO_25 *id25, } } - /* Don't worry about writing out the user account since the - primary group SID is generated solely from the user's Unix - primary group. */ - - /* write the change out */ - if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) { - TALLOC_FREE(pwd); - return status; - } - /* WARNING: No TALLOC_FREE(pwd), we are about to set the password * hereafter! */ @@ -3440,7 +3542,8 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE } DEBUG(5, ("_samr_set_userinfo: %s does%s possess sufficient rights\n", - p->pipe_user_name, has_enough_rights ? "" : " not")); + uidtoname(p->pipe_user.ut.uid), + has_enough_rights ? "" : " not")); /* ================ BEGIN SeMachineAccountPrivilege BLOCK ================ */ @@ -3598,7 +3701,8 @@ NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_ } DEBUG(5, ("_samr_set_userinfo2: %s does%s possess sufficient rights\n", - p->pipe_user_name, has_enough_rights ? "" : " not")); + uidtoname(p->pipe_user.ut.uid), + has_enough_rights ? "" : " not")); /* ================ BEGIN SeMachineAccountPrivilege BLOCK ================ */ @@ -4601,6 +4705,10 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_ switch (ctr->level) { case 2: + { + fstring group_name, acct_name; + NTSTATUS status; + /* We currently do not support renaming groups in the the BUILTIN domain. Refer to util_builtin.c to understand why. The eventually needs to be fixed to be like Windows @@ -4610,13 +4718,31 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_ return NT_STATUS_SPECIAL_ACCOUNT; } - if ( ctr->alias.info2.name.string ) { - unistr2_to_ascii( info.acct_name, ctr->alias.info2.name.string, - sizeof(info.acct_name)-1 ); - } - else - fstrcpy( info.acct_name, "" ); + /* There has to be a valid name (and it has to be different) */ + + if ( !ctr->alias.info2.name.string ) + return NT_STATUS_INVALID_PARAMETER; + + unistr2_to_ascii( acct_name, ctr->alias.info2.name.string, + sizeof(acct_name)-1 ); + + /* If the name is the same just reply "ok". Yes this + doesn't allow you to change the case of a group name. */ + + if ( strequal( acct_name, info.acct_name ) ) + return NT_STATUS_OK; + + fstrcpy( info.acct_name, acct_name ); + + /* make sure the name doesn't already exist as a user + or local group */ + + fstr_sprintf( group_name, "%s\\%s", global_myname(), info.acct_name ); + status = can_create( p->mem_ctx, group_name ); + if ( !NT_STATUS_IS_OK( status ) ) + return status; break; + } case 3: if ( ctr->alias.info3.description.string ) { unistr2_to_ascii( info.acct_desc, diff --git a/source/rpc_server/srv_samr_util.c b/source/rpc_server/srv_samr_util.c index 2b65eb210fd..216b9f255d9 100644 --- a/source/rpc_server/srv_samr_util.c +++ b/source/rpc_server/srv_samr_util.c @@ -99,14 +99,6 @@ void copy_id21_to_sam_passwd(struct samu *to, SAM_USER_INFO_21 *from) pdb_set_kickoff_time(to, unix_time , PDB_CHANGED); } - if (from->fields_present & ACCT_ALLOW_PWD_CHANGE) { - unix_time=nt_time_to_unix(&from->pass_can_change_time); - stored_time = pdb_get_pass_can_change_time(to); - DEBUG(10,("INFO_21 PASS_CAN_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED); - } - if (from->fields_present & ACCT_LAST_PWD_CHANGE) { unix_time=nt_time_to_unix(&from->pass_last_set_time); stored_time = pdb_get_pass_last_set_time(to); @@ -115,14 +107,6 @@ void copy_id21_to_sam_passwd(struct samu *to, SAM_USER_INFO_21 *from) pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED); } - if (from->fields_present & ACCT_FORCE_PWD_CHANGE) { - unix_time=nt_time_to_unix(&from->pass_must_change_time); - stored_time=pdb_get_pass_must_change_time(to); - DEBUG(10,("INFO_21 PASS_MUST_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_must_change_time(to, unix_time, PDB_CHANGED); - } - if ((from->fields_present & ACCT_USERNAME) && (from->hdr_user_name.buffer)) { old_string = pdb_get_username(to); @@ -195,14 +179,13 @@ void copy_id21_to_sam_passwd(struct samu *to, SAM_USER_INFO_21 *from) pdb_set_workstations(to , new_string, PDB_CHANGED); } - /* is this right? */ - if ((from->fields_present & ACCT_ADMIN_DESC) && - (from->hdr_unknown_str.buffer)) { - old_string = pdb_get_unknown_str(to); - new_string = unistr2_static(&from->uni_unknown_str); - DEBUG(10,("INFO_21 UNI_UNKNOWN_STR: %s -> %s\n",old_string, new_string)); + if ((from->fields_present & ACCT_COMMENT) && + (from->hdr_comment.buffer)) { + old_string = pdb_get_comment(to); + new_string = unistr2_static(&from->uni_comment); + DEBUG(10,("INFO_21 UNI_COMMENT: %s -> %s\n",old_string, new_string)); if (STRING_CHANGED) - pdb_set_unknown_str(to , new_string, PDB_CHANGED); + pdb_set_comment(to, new_string, PDB_CHANGED); } if ((from->fields_present & ACCT_CALLBACK) && @@ -284,26 +267,16 @@ void copy_id21_to_sam_passwd(struct samu *to, SAM_USER_INFO_21 *from) } } + /* If the must change flag is set, the last set time goes to zero. + the must change and can change fields also do, but they are + calculated from policy, not set from the wire */ + + if (from->fields_present & ACCT_EXPIRED_FLAG) { DEBUG(10,("INFO_21 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n",from->passmustchange)); if (from->passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) { - pdb_set_pass_must_change_time(to,0, PDB_CHANGED); + pdb_set_pass_last_set_time(to, 0, PDB_CHANGED); } else { - uint32 expire; - time_t new_time; - if (pdb_get_pass_must_change_time(to) == 0) { - if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire) - || expire == (uint32)-1) { - new_time = get_time_t_max(); - } else { - time_t old_time = pdb_get_pass_last_set_time(to); - new_time = old_time + expire; - if ((new_time) < time(0)) { - new_time = time(0) + expire; - } - } - if (!pdb_set_pass_must_change_time (to, new_time, PDB_CHANGED)) { - DEBUG (0, ("pdb_set_pass_must_change_time failed!\n")); - } + pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED); } } @@ -348,14 +321,6 @@ void copy_id23_to_sam_passwd(struct samu *to, SAM_USER_INFO_23 *from) pdb_set_kickoff_time(to, unix_time , PDB_CHANGED); } - if (from->fields_present & ACCT_ALLOW_PWD_CHANGE) { - unix_time=nt_time_to_unix(&from->pass_can_change_time); - stored_time = pdb_get_pass_can_change_time(to); - DEBUG(10,("INFO_23 PASS_CAN_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED); - } - if (from->fields_present & ACCT_LAST_PWD_CHANGE) { unix_time=nt_time_to_unix(&from->pass_last_set_time); stored_time = pdb_get_pass_last_set_time(to); @@ -364,14 +329,6 @@ void copy_id23_to_sam_passwd(struct samu *to, SAM_USER_INFO_23 *from) pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED); } - if (from->fields_present & ACCT_FORCE_PWD_CHANGE) { - unix_time=nt_time_to_unix(&from->pass_must_change_time); - stored_time=pdb_get_pass_must_change_time(to); - DEBUG(10,("INFO_23 PASS_MUST_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_must_change_time(to, unix_time, PDB_CHANGED); - } - /* Backend should check this for sanity */ if ((from->fields_present & ACCT_USERNAME) && (from->hdr_user_name.buffer)) { @@ -445,14 +402,13 @@ void copy_id23_to_sam_passwd(struct samu *to, SAM_USER_INFO_23 *from) pdb_set_workstations(to , new_string, PDB_CHANGED); } - /* is this right? */ - if ((from->fields_present & ACCT_ADMIN_DESC) && - (from->hdr_unknown_str.buffer)) { - old_string = pdb_get_unknown_str(to); - new_string = unistr2_static(&from->uni_unknown_str); + if ((from->fields_present & ACCT_COMMENT) && + (from->hdr_comment.buffer)) { + old_string = pdb_get_comment(to); + new_string = unistr2_static(&from->uni_comment); DEBUG(10,("INFO_23 UNI_UNKNOWN_STR: %s -> %s\n",old_string, new_string)); if (STRING_CHANGED) - pdb_set_unknown_str(to , new_string, PDB_CHANGED); + pdb_set_comment(to , new_string, PDB_CHANGED); } if ((from->fields_present & ACCT_CALLBACK) && @@ -524,26 +480,16 @@ void copy_id23_to_sam_passwd(struct samu *to, SAM_USER_INFO_23 *from) } } + /* If the must change flag is set, the last set time goes to zero. + the must change and can change fields also do, but they are + calculated from policy, not set from the wire */ + + if (from->fields_present & ACCT_EXPIRED_FLAG) { DEBUG(10,("INFO_23 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n",from->passmustchange)); if (from->passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) { - pdb_set_pass_must_change_time(to,0, PDB_CHANGED); + pdb_set_pass_last_set_time(to, 0, PDB_CHANGED); } else { - uint32 expire; - time_t new_time; - if (pdb_get_pass_must_change_time(to) == 0) { - if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire) - || expire == (uint32)-1) { - new_time = get_time_t_max(); - } else { - time_t old_time = pdb_get_pass_last_set_time(to); - new_time = old_time + expire; - if ((new_time) < time(0)) { - new_time = time(0) + expire; - } - } - if (!pdb_set_pass_must_change_time (to, new_time, PDB_CHANGED)) { - DEBUG (0, ("pdb_set_pass_must_change_time failed!\n")); - } + pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED); } } @@ -587,14 +533,6 @@ void copy_id25_to_sam_passwd(struct samu *to, SAM_USER_INFO_25 *from) pdb_set_kickoff_time(to, unix_time , PDB_CHANGED); } - if (from->fields_present & ACCT_ALLOW_PWD_CHANGE) { - unix_time=nt_time_to_unix(&from->pass_can_change_time); - stored_time = pdb_get_pass_can_change_time(to); - DEBUG(10,("INFO_25 PASS_CAN_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED); - } - if (from->fields_present & ACCT_LAST_PWD_CHANGE) { unix_time=nt_time_to_unix(&from->pass_last_set_time); stored_time = pdb_get_pass_last_set_time(to); @@ -603,14 +541,6 @@ void copy_id25_to_sam_passwd(struct samu *to, SAM_USER_INFO_25 *from) pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED); } - if (from->fields_present & ACCT_FORCE_PWD_CHANGE) { - unix_time=nt_time_to_unix(&from->pass_must_change_time); - stored_time=pdb_get_pass_must_change_time(to); - DEBUG(10,("INFO_25 PASS_MUST_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_must_change_time(to, unix_time, PDB_CHANGED); - } - if ((from->fields_present & ACCT_USERNAME) && (from->hdr_user_name.buffer)) { old_string = pdb_get_username(to); @@ -683,14 +613,13 @@ void copy_id25_to_sam_passwd(struct samu *to, SAM_USER_INFO_25 *from) pdb_set_workstations(to , new_string, PDB_CHANGED); } - /* is this right? */ - if ((from->fields_present & ACCT_ADMIN_DESC) && - (from->hdr_unknown_str.buffer)) { - old_string = pdb_get_unknown_str(to); - new_string = unistr2_static(&from->uni_unknown_str); + if ((from->fields_present & ACCT_COMMENT) && + (from->hdr_comment.buffer)) { + old_string = pdb_get_comment(to); + new_string = unistr2_static(&from->uni_comment); DEBUG(10,("INFO_25 UNI_UNKNOWN_STR: %s -> %s\n",old_string, new_string)); if (STRING_CHANGED) - pdb_set_unknown_str(to , new_string, PDB_CHANGED); + pdb_set_comment(to , new_string, PDB_CHANGED); } if ((from->fields_present & ACCT_CALLBACK) && diff --git a/source/rpc_server/srv_svcctl_nt.c b/source/rpc_server/srv_svcctl_nt.c index 6062dcee5ce..e202ec68b3f 100644 --- a/source/rpc_server/srv_svcctl_nt.c +++ b/source/rpc_server/srv_svcctl_nt.c @@ -302,7 +302,7 @@ WERROR _svcctl_open_service(pipes_struct *p, SVCCTL_Q_OPEN_SERVICE *q_u, SVCCTL_ return WERR_BADFID; /* perform access checks. Use the root token in order to ensure that we - retreive the security descriptor */ + retrieve the security descriptor */ if ( !(sec_desc = svcctl_get_secdesc( p->mem_ctx, service, get_root_nt_token() )) ) return WERR_NOMEM; diff --git a/source/services/svc_winreg.c b/source/services/svc_winreg.c index 1bccee246e2..8fa49d3c3b4 100644 --- a/source/services/svc_winreg.c +++ b/source/services/svc_winreg.c @@ -46,6 +46,7 @@ static WERROR winreg_status( const char *service, SERVICE_STATUS *service_status ZERO_STRUCTP( service_status ); service_status->type = 0x20; + service_status->controls_accepted = SVCCTL_ACCEPT_NONE; service_status->state = SVCCTL_RUNNING; return WERR_OK; diff --git a/source/smbd/chgpasswd.c b/source/smbd/chgpasswd.c index cd847240ddb..7c6886b81c9 100644 --- a/source/smbd/chgpasswd.c +++ b/source/smbd/chgpasswd.c @@ -689,7 +689,7 @@ BOOL change_lanman_password(struct samu *sampass, uchar *pass2) return False; /* We lose the NT hash. Sorry. */ } - if (!pdb_set_pass_changed_now (sampass)) { + if (!pdb_set_pass_last_set_time (sampass, time(NULL), PDB_CHANGED)) { TALLOC_FREE(sampass); /* Not quite sure what this one qualifies as, but this will do */ return False; @@ -1018,41 +1018,34 @@ static BOOL check_passwd_history(struct samu *sampass, const char *plaintext) NTSTATUS change_oem_password(struct samu *hnd, char *old_passwd, char *new_passwd, BOOL as_root, uint32 *samr_reject_reason) { - uint32 min_len, min_age; + uint32 min_len; struct passwd *pass = NULL; const char *username = pdb_get_username(hnd); - time_t last_change_time = pdb_get_pass_last_set_time(hnd); time_t can_change_time = pdb_get_pass_can_change_time(hnd); if (samr_reject_reason) { *samr_reject_reason = Undefined; } - if (pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &min_age)) { - /* - * Windows calculates the minimum password age check - * dynamically, it basically ignores the pwdcanchange - * timestamp. Do likewise. - */ - if (last_change_time + min_age > time(NULL)) { - DEBUG(1, ("user %s cannot change password now, must " - "wait until %s\n", username, - http_timestring(last_change_time+min_age))); - if (samr_reject_reason) { - *samr_reject_reason = REJECT_REASON_OTHER; - } - return NT_STATUS_ACCOUNT_RESTRICTION; + /* check to see if the secdesc has previously been set to disallow */ + if (!pdb_get_pass_can_change(hnd)) { + DEBUG(1, ("user %s does not have permissions to change password\n", username)); + if (samr_reject_reason) { + *samr_reject_reason = REJECT_REASON_OTHER; } - } else { - if ((can_change_time != 0) && (time(NULL) < can_change_time)) { - DEBUG(1, ("user %s cannot change password now, must " - "wait until %s\n", username, - http_timestring(can_change_time))); - if (samr_reject_reason) { - *samr_reject_reason = REJECT_REASON_OTHER; - } - return NT_STATUS_ACCOUNT_RESTRICTION; + return NT_STATUS_ACCOUNT_RESTRICTION; + } + + /* removed calculation here, becuase passdb now calculates + based on policy. jmcd */ + if ((can_change_time != 0) && (time(NULL) < can_change_time)) { + DEBUG(1, ("user %s cannot change password now, must " + "wait until %s\n", username, + http_timestring(can_change_time))); + if (samr_reject_reason) { + *samr_reject_reason = REJECT_REASON_OTHER; } + return NT_STATUS_ACCOUNT_RESTRICTION; } if (pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &min_len) && (str_charnum(new_passwd) < min_len)) { |