diff options
Diffstat (limited to 'source/passdb/pdb_interface.c')
-rw-r--r-- | source/passdb/pdb_interface.c | 485 |
1 files changed, 11 insertions, 474 deletions
diff --git a/source/passdb/pdb_interface.c b/source/passdb/pdb_interface.c index 301dc101eb4..84d398ccd64 100644 --- a/source/passdb/pdb_interface.c +++ b/source/passdb/pdb_interface.c @@ -48,7 +48,7 @@ static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name); static void pdb_force_pw_initialization(SAM_ACCOUNT *pass) { - const uint8 *lm_pwd, *nt_pwd; + const char *lm_pwd, *nt_pwd; /* only reset a password if the last set time has been explicitly been set to zero. A default last set time @@ -233,7 +233,7 @@ static NTSTATUS context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sa static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct) { NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - const uint8 *lm_pw, *nt_pw; + const char *lm_pw, *nt_pw; uint16 acb_flags; if ((!context) || (!context->pdb_methods)) { @@ -262,7 +262,7 @@ static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct) { NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - const uint8 *lm_pw, *nt_pw; + const char *lm_pw, *nt_pw; uint16 acb_flags; if (!context) { @@ -643,12 +643,9 @@ static NTSTATUS context_enum_aliasmem(struct pdb_context *context, } static NTSTATUS context_enum_alias_memberships(struct pdb_context *context, - TALLOC_CTX *mem_ctx, - const DOM_SID *domain_sid, const DOM_SID *members, int num_members, - uint32 **alias_rids, - int *num_alias_rids) + DOM_SID **aliases, int *num) { NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; @@ -658,29 +655,8 @@ static NTSTATUS context_enum_alias_memberships(struct pdb_context *context, } return context->pdb_methods-> - enum_alias_memberships(context->pdb_methods, mem_ctx, - domain_sid, members, num_members, - alias_rids, num_alias_rids); -} - -static NTSTATUS context_lookup_rids(struct pdb_context *context, - TALLOC_CTX *mem_ctx, - const DOM_SID *domain_sid, - int num_rids, - uint32 *rids, - const char ***names, - uint32 **attrs) -{ - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - if ((!context) || (!context->pdb_methods)) { - DEBUG(0, ("invalid pdb_context specified!\n")); - return ret; - } - - return context->pdb_methods->lookup_rids(context->pdb_methods, - mem_ctx, domain_sid, num_rids, - rids, names, attrs); + enum_alias_memberships(context->pdb_methods, members, + num_members, aliases, num); } /****************************************************************** @@ -812,7 +788,6 @@ static NTSTATUS make_pdb_context(struct pdb_context **context) (*context)->pdb_del_aliasmem = context_del_aliasmem; (*context)->pdb_enum_aliasmem = context_enum_aliasmem; (*context)->pdb_enum_alias_memberships = context_enum_alias_memberships; - (*context)->pdb_lookup_rids = context_lookup_rids; (*context)->free_fn = free_pdb_context; @@ -1277,9 +1252,8 @@ BOOL pdb_enum_aliasmem(const DOM_SID *alias, members, num_members)); } -BOOL pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, - const DOM_SID *members, int num_members, - uint32 **alias_rids, int *num_alias_rids) +BOOL pdb_enum_alias_memberships(const DOM_SID *members, int num_members, + DOM_SID **aliases, int *num) { struct pdb_context *pdb_context = pdb_get_static_context(False); @@ -1288,28 +1262,9 @@ BOOL pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, } return NT_STATUS_IS_OK(pdb_context-> - pdb_enum_alias_memberships(pdb_context, mem_ctx, - domain_sid, - members, num_members, - alias_rids, - num_alias_rids)); -} - -NTSTATUS pdb_lookup_rids(TALLOC_CTX *mem_ctx, - const DOM_SID *domain_sid, - int num_rids, - uint32 *rids, - const char ***names, - uint32 **attrs) -{ - struct pdb_context *pdb_context = pdb_get_static_context(False); - - if (!pdb_context) { - return NT_STATUS_NOT_IMPLEMENTED; - } - - return pdb_context->pdb_lookup_rids(pdb_context, mem_ctx, domain_sid, - num_rids, rids, names, attrs); + pdb_enum_alias_memberships(pdb_context, members, + num_members, + aliases, num)); } /*************************************************************** @@ -1484,65 +1439,6 @@ NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods, return NT_STATUS_OK; } -NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods, - TALLOC_CTX *mem_ctx, - const DOM_SID *domain_sid, - int num_rids, - uint32 *rids, - const char ***names, - uint32 **attrs) -{ - int i; - NTSTATUS result; - BOOL have_mapped = False; - BOOL have_unmapped = False; - - (*names) = TALLOC_ZERO_ARRAY(mem_ctx, const char *, num_rids); - (*attrs) = TALLOC_ZERO_ARRAY(mem_ctx, uint32, num_rids); - - if ((num_rids != 0) && (((*names) == NULL) || ((*attrs) == NULL))) - return NT_STATUS_NO_MEMORY; - - if (!sid_equal(domain_sid, get_global_sam_sid())) { - /* TODO: Sooner or later we need to look up BUILTIN rids as - * well. -- vl */ - goto done; - } - - for (i = 0; i < num_rids; i++) { - fstring tmpname; - fstring domname; - DOM_SID sid; - enum SID_NAME_USE type; - - (*attrs)[i] = SID_NAME_UNKNOWN; - - sid_copy(&sid, domain_sid); - sid_append_rid(&sid, rids[i]); - - if (lookup_sid(&sid, domname, tmpname, &type)) { - (*attrs)[i] = (uint32)type; - (*names)[i] = talloc_strdup(mem_ctx, tmpname); - if ((*names)[i] == NULL) - return NT_STATUS_NO_MEMORY; - DEBUG(5,("lookup_rids: %s:%d\n", (*names)[i], - (*attrs)[i])); - have_mapped = True; - } else { - have_unmapped = True; - } - } - - done: - - result = NT_STATUS_NONE_MAPPED; - - if (have_mapped) - result = have_unmapped ? STATUS_SOME_UNMAPPED : NT_STATUS_OK; - - return result; -} - NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) { *methods = TALLOC_P(mem_ctx, struct pdb_methods); @@ -1582,365 +1478,6 @@ NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods) (*methods)->del_aliasmem = pdb_default_del_aliasmem; (*methods)->enum_aliasmem = pdb_default_enum_aliasmem; (*methods)->enum_alias_memberships = pdb_default_alias_memberships; - (*methods)->lookup_rids = pdb_default_lookup_rids; return NT_STATUS_OK; } - -struct pdb_search *pdb_search_users(uint16 acct_flags); -struct pdb_search *pdb_search_groups(void); -struct pdb_search *pdb_search_aliases(const DOM_SID *sid); -uint32 pdb_search_entries(struct pdb_search *search, uint32 start_idx, uint32 max_entries, struct samr_displayentry **result); -void pdb_search_destroy(struct pdb_search *search); - -static struct pdb_search *pdb_search_init(enum pdb_search_type type) -{ - TALLOC_CTX *mem_ctx; - struct pdb_search *result; - - mem_ctx = talloc_init("pdb_search"); - if (mem_ctx == NULL) { - DEBUG(0, ("talloc_init failed\n")); - return NULL; - } - - result = TALLOC_P(mem_ctx, struct pdb_search); - if (result == NULL) { - DEBUG(0, ("talloc failed\n")); - return NULL; - } - - result->mem_ctx = mem_ctx; - result->type = type; - result->cache = NULL; - result->cache_size = 0; - result->search_ended = False; - - return result; -} - -static void fill_displayentry(TALLOC_CTX *mem_ctx, uint32 rid, - uint16 acct_flags, - const char *account_name, - const char *fullname, - const char *description, - struct samr_displayentry *entry) -{ - entry->rid = rid; - entry->acct_flags = acct_flags; - - if (account_name != NULL) - entry->account_name = talloc_strdup(mem_ctx, account_name); - - if (fullname != NULL) - entry->fullname = talloc_strdup(mem_ctx, fullname); - - if (description != NULL) - entry->description = talloc_strdup(mem_ctx, description); -} - -static BOOL user_search_in_progress = False; -struct user_search { - uint16 acct_flags; -}; - -struct pdb_search *pdb_search_users(uint16 acct_flags) -{ - struct pdb_search *result; - struct user_search *state; - - if (user_search_in_progress) { - DEBUG(1, ("user search in progress\n")); - return NULL; - } - - if (!pdb_setsampwent(False, acct_flags)) - return NULL; - - user_search_in_progress = True; - - result = pdb_search_init(PDB_USER_SEARCH); - if (result == NULL) - return NULL; - - state = TALLOC_P(result->mem_ctx, struct user_search); - if (state == NULL) { - DEBUG(0, ("talloc failed\n")); - talloc_destroy(result->mem_ctx); - return NULL; - } - - state->acct_flags = acct_flags; - - result->private = state; - return result; -} - -static BOOL pdb_search_entry_users(struct pdb_search *s, TALLOC_CTX *mem_ctx, - struct samr_displayentry *entry) -{ - struct user_search *state = s->private; - SAM_ACCOUNT *user = NULL; - NTSTATUS status; - - next: - status = pdb_init_sam(&user); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("Could not pdb_init_sam\n")); - return False; - } - - if (!pdb_getsampwent(user)) { - pdb_free_sam(&user); - return False; - } - - if ((state->acct_flags != 0) && - ((pdb_get_acct_ctrl(user) & state->acct_flags) == 0)) { - pdb_free_sam(&user); - goto next; - } - - fill_displayentry(mem_ctx, pdb_get_user_rid(user), - pdb_get_acct_ctrl(user), pdb_get_username(user), - pdb_get_fullname(user), pdb_get_acct_desc(user), - entry); - - pdb_free_sam(&user); - return True; -} - -static void pdb_search_end_users(struct pdb_search *search) -{ - pdb_endsampwent(); - user_search_in_progress = False; -} - -struct group_search { - GROUP_MAP *groups; - int num_groups, current_group; -}; - -struct pdb_search *pdb_search_groups(void) -{ - struct pdb_search *result; - struct group_search *state; - - result = pdb_search_init(PDB_GROUP_SEARCH); - if (result == NULL) - return NULL; - - state = TALLOC_P(result->mem_ctx, struct group_search); - if (state == NULL) { - DEBUG(0, ("talloc failed\n")); - talloc_destroy(result->mem_ctx); - return NULL; - } - - if (!pdb_enum_group_mapping(SID_NAME_DOM_GRP, &state->groups, - &state->num_groups, True)) { - DEBUG(0, ("Could not enum groups\n")); - talloc_destroy(result->mem_ctx); - return NULL; - } - - state->current_group = 0; - result->private = state; - return result; -} - -static BOOL pdb_search_entry_group(struct pdb_search *s, TALLOC_CTX *mem_ctx, - struct samr_displayentry *entry) -{ - struct group_search *state = s->private; - uint32 rid; - GROUP_MAP *map = &state->groups[state->current_group]; - - if (state->current_group == state->num_groups) - return False; - - sid_peek_rid(&map->sid, &rid); - - fill_displayentry(mem_ctx, rid, 0, map->nt_name, NULL, map->comment, - entry); - - state->current_group += 1; - return True; -} - -static void pdb_search_end_groups(struct pdb_search *search) -{ - struct group_search *state = search->private; - SAFE_FREE(state->groups); -} - -struct alias_search { - GROUP_MAP *aliases; - int num_aliases, current_alias; -}; - -struct pdb_search *pdb_search_aliases(const DOM_SID *sid) -{ - struct pdb_search *result; - struct alias_search *state; - enum SID_NAME_USE type = SID_NAME_UNKNOWN; - DOM_SID builtin_sid; - - if (sid_equal(sid, get_global_sam_sid())) - type = SID_NAME_ALIAS; - - string_to_sid(&builtin_sid, "S-1-5-32"); - - if (sid_equal(sid, &builtin_sid)) - type = SID_NAME_WKN_GRP; - - if (type == SID_NAME_UNKNOWN) { - DEBUG(3, ("unknown domain sid: %s\n", sid_string_static(sid))); - return NULL; - } - - result = pdb_search_init(PDB_ALIAS_SEARCH); - if (result == NULL) - return NULL; - - state = TALLOC_P(result->mem_ctx, struct alias_search); - if (state == NULL) { - DEBUG(0, ("talloc failed\n")); - talloc_destroy(result->mem_ctx); - return NULL; - } - - if (!pdb_enum_group_mapping(type, &state->aliases, - &state->num_aliases, False)) { - DEBUG(0, ("Could not enum aliases\n")); - talloc_destroy(result->mem_ctx); - return NULL; - } - - state->current_alias = 0; - result->private = state; - return result; -} - -static BOOL pdb_search_entry_alias(struct pdb_search *s, TALLOC_CTX *mem_ctx, - struct samr_displayentry *entry) -{ - struct alias_search *state = s->private; - uint32 rid; - GROUP_MAP *map = &state->aliases[state->current_alias]; - - if (state->current_alias == state->num_aliases) - return False; - - sid_peek_rid(&map->sid, &rid); - - fill_displayentry(mem_ctx, rid, 0, map->nt_name, NULL, map->comment, - entry); - - state->current_alias += 1; - return True; -} - -static void pdb_search_end_aliases(struct pdb_search *search) -{ - struct alias_search *state = search->private; - SAFE_FREE(state->aliases); -} - -static BOOL pdb_search_entry(struct pdb_search *search, TALLOC_CTX *mem_ctx, - struct samr_displayentry *entry) -{ - BOOL result = False; - switch (search->type) { - case PDB_USER_SEARCH: - result = pdb_search_entry_users(search, mem_ctx, entry); - break; - case PDB_GROUP_SEARCH: - result = pdb_search_entry_group(search, mem_ctx, entry); - break; - case PDB_ALIAS_SEARCH: - result = pdb_search_entry_alias(search, mem_ctx, entry); - break; - default: - DEBUG(0, ("unknown search type: %d\n", search->type)); - break; - } - return result; -} - -static void pdb_search_end(struct pdb_search *search) -{ - switch (search->type) { - case PDB_USER_SEARCH: - pdb_search_end_users(search); - break; - case PDB_GROUP_SEARCH: - pdb_search_end_groups(search); - break; - case PDB_ALIAS_SEARCH: - pdb_search_end_aliases(search); - break; - default: - DEBUG(0, ("unknown search type: %d\n", search->type)); - break; - } -} - -static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search, - uint32 idx) -{ - if (idx < search->cache_size) - return &search->cache[idx]; - - if (search->search_ended) - return NULL; - - while (idx >= search->cache_size) { - struct samr_displayentry entry; - - if (!pdb_search_entry(search, search->mem_ctx, &entry)) { - pdb_search_end(search); - search->search_ended = True; - break; - } - - ADD_TO_ARRAY(search->mem_ctx, struct samr_displayentry, - entry, &search->cache, &search->cache_size); - } - - return (search->cache_size > idx) ? &search->cache[idx] : NULL; -} - -uint32 pdb_search_entries(struct pdb_search *search, - uint32 start_idx, uint32 max_entries, - struct samr_displayentry **result) -{ - struct samr_displayentry *end_entry; - uint32 end_idx = start_idx+max_entries-1; - - /* The first entry needs to be searched after the last. Otherwise the - * first entry might have moved due to a realloc during the search for - * the last entry. */ - - end_entry = pdb_search_getentry(search, end_idx); - *result = pdb_search_getentry(search, start_idx); - - if (end_entry != NULL) - return max_entries; - - if (start_idx >= search->cache_size) - return 0; - - return search->cache_size - start_idx; -} - -void pdb_search_destroy(struct pdb_search *search) -{ - if (search == NULL) - return; - - if (!search->search_ended) - pdb_search_end(search); - - talloc_destroy(search->mem_ctx); -} |