Changeset 745 for trunk/server/source3/passdb/pdb_ldap.c
- Timestamp:
- Nov 27, 2012, 4:43:17 PM (13 years ago)
- Location:
- trunk/server
- Files:
-
- 2 edited
-
. (modified) (1 prop)
-
source3/passdb/pdb_ldap.c (modified) (112 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/server
- Property svn:mergeinfo changed
/vendor/current merged: 581,587,591,594,597,600,615,618,740
- Property svn:mergeinfo changed
-
trunk/server/source3/passdb/pdb_ldap.c
r596 r745 45 45 46 46 #include "includes.h" 47 #include "passdb.h" 47 48 #include "../libcli/auth/libcli_auth.h" 49 #include "secrets.h" 50 #include "idmap_cache.h" 51 #include "../libcli/security/security.h" 52 #include "../lib/util/util_pw.h" 53 #include "lib/winbind_util.h" 48 54 49 55 #undef DBGC_CLASS … … 52 58 #include <lber.h> 53 59 #include <ldap.h> 54 55 /*56 * Work around versions of the LDAP client libs that don't have the OIDs57 * defined, or have them defined under the old name.58 * This functionality is really a factor of the server, not the client59 *60 */61 62 #if defined(LDAP_EXOP_X_MODIFY_PASSWD) && !defined(LDAP_EXOP_MODIFY_PASSWD)63 #define LDAP_EXOP_MODIFY_PASSWD LDAP_EXOP_X_MODIFY_PASSWD64 #elif !defined(LDAP_EXOP_MODIFY_PASSWD)65 #define LDAP_EXOP_MODIFY_PASSWD "1.3.6.1.4.1.4203.1.11.1"66 #endif67 68 #if defined(LDAP_EXOP_X_MODIFY_PASSWD_ID) && !defined(LDAP_EXOP_MODIFY_PASSWD_ID)69 #define LDAP_TAG_EXOP_MODIFY_PASSWD_ID LDAP_EXOP_X_MODIFY_PASSWD_ID70 #elif !defined(LDAP_EXOP_MODIFY_PASSWD_ID)71 #define LDAP_TAG_EXOP_MODIFY_PASSWD_ID ((ber_tag_t) 0x80U)72 #endif73 74 #if defined(LDAP_EXOP_X_MODIFY_PASSWD_NEW) && !defined(LDAP_EXOP_MODIFY_PASSWD_NEW)75 #define LDAP_TAG_EXOP_MODIFY_PASSWD_NEW LDAP_EXOP_X_MODIFY_PASSWD_NEW76 #elif !defined(LDAP_EXOP_MODIFY_PASSWD_NEW)77 #define LDAP_TAG_EXOP_MODIFY_PASSWD_NEW ((ber_tag_t) 0x82U)78 #endif79 60 80 61 … … 85 66 **********************************************************************/ 86 67 87 staticLDAP *priv2ld(struct ldapsam_privates *priv)68 LDAP *priv2ld(struct ldapsam_privates *priv) 88 69 { 89 70 return priv->smbldap_state->ldap_struct; … … 377 358 378 359 static int ldapsam_search_suffix_by_rid (struct ldapsam_privates *ldap_state, 379 uint32 rid, LDAPMessage ** result,360 uint32_t rid, LDAPMessage ** result, 380 361 const char **attr) 381 362 { … … 400 381 401 382 static int ldapsam_search_suffix_by_sid (struct ldapsam_privates *ldap_state, 402 const DOM_SID*sid, LDAPMessage ** result,383 const struct dom_sid *sid, LDAPMessage ** result, 403 384 const char **attr) 404 385 { … … 530 511 *workstations = NULL, 531 512 *munged_dial = NULL; 532 uint32 user_rid;513 uint32_t user_rid; 533 514 uint8 smblmpwd[LM_HASH_LEN], 534 515 smbntpwd[NT_HASH_LEN]; 535 516 bool use_samba_attrs = True; 536 uint32 acct_ctrl = 0;537 uint16 logon_divs;538 uint16 bad_password_count = 0,517 uint32_t acct_ctrl = 0; 518 uint16_t logon_divs; 519 uint16_t bad_password_count = 0, 539 520 logon_count = 0; 540 uint32 hours_len;521 uint32_t hours_len; 541 522 uint8 hours[MAX_HOURS_LEN]; 542 523 char *temp = NULL; 543 LOGIN_CACHE *cache_entry = NULL;544 uint32 pwHistLen;524 struct login_cache cache_entry; 525 uint32_t pwHistLen; 545 526 bool expand_explicit = lp_passdb_expand_explicit(); 546 527 bool ret = false; … … 605 586 LDAP_ATTR_USER_RID), 606 587 ctx))!=NULL) { 607 user_rid = (uint32 )atol(temp);588 user_rid = (uint32_t)atol(temp); 608 589 pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET); 609 590 } 610 591 } 611 592 612 if ( pdb_get_init_flags(sampass,PDB_USERSID) == PDB_DEFAULT) {593 if (IS_SAM_DEFAULT(sampass, PDB_USERSID)) { 613 594 DEBUG(1, ("init_sam_from_ldap: no %s or %s attribute found for this user %s\n", 614 595 get_userattr_key2string(ldap_state->schema_ver, … … 916 897 pwHistLen = MIN(pwHistLen, MAX_PW_HISTORY_LEN); 917 898 918 if ((pwhist = TALLOC_ARRAY(ctx, uint8,919 pwHistLen * PW_HISTORY_ENTRY_LEN)) ==920 NULL){899 pwhist = TALLOC_ARRAY(ctx, uint8, 900 pwHistLen * PW_HISTORY_ENTRY_LEN); 901 if (pwhist == NULL) { 921 902 DEBUG(0, ("init_sam_from_ldap: talloc failed!\n")); 922 903 goto fn_exit; … … 986 967 ctx); 987 968 if (temp) { 988 bad_password_count = (uint32 ) atol(temp);969 bad_password_count = (uint32_t) atol(temp); 989 970 pdb_set_bad_password_count(sampass, 990 971 bad_password_count, PDB_SET); … … 1010 991 ctx); 1011 992 if (temp) { 1012 logon_count = (uint32 ) atol(temp);993 logon_count = (uint32_t) atol(temp); 1013 994 pdb_set_logon_count(sampass, logon_count, PDB_SET); 1014 995 } … … 1025 1006 pdb_gethexhours(temp, hours); 1026 1007 memset((char *)temp, '\0', strlen(temp) +1); 1027 pdb_set_hours(sampass, hours, PDB_SET);1008 pdb_set_hours(sampass, hours, hours_len, PDB_SET); 1028 1009 ZERO_STRUCT(hours); 1029 1010 } … … 1033 1014 bool have_uid = false; 1034 1015 bool have_gid = false; 1035 DOM_SIDmapped_gsid;1036 const DOM_SID*primary_gsid;1016 struct dom_sid mapped_gsid; 1017 const struct dom_sid *primary_gsid; 1037 1018 1038 1019 ZERO_STRUCT(unix_pw); … … 1105 1086 gid_to_sid(&mapped_gsid, sampass->unix_pw->pw_gid); 1106 1087 primary_gsid = pdb_get_group_sid(sampass); 1107 if (primary_gsid && sid_equal(primary_gsid, &mapped_gsid)) {1088 if (primary_gsid && dom_sid_equal(primary_gsid, &mapped_gsid)) { 1108 1089 store_gid_sid_cache(primary_gsid, 1109 1090 sampass->unix_pw->pw_gid); … … 1121 1102 1122 1103 /* see if we have newer updates */ 1123 if (! (cache_entry = login_cache_read(sampass))) {1104 if (!login_cache_read(sampass, &cache_entry)) { 1124 1105 DEBUG (9, ("No cache entry, bad count = %u, bad time = %u\n", 1125 1106 (unsigned int)pdb_get_bad_password_count(sampass), … … 1131 1112 DEBUG(7, ("ldap time is %u, cache time is %u, bad time = %u\n", 1132 1113 (unsigned int)ldap_entry_time, 1133 (unsigned int)cache_entry ->entry_timestamp,1134 (unsigned int)cache_entry ->bad_password_time));1135 1136 if (ldap_entry_time > cache_entry ->entry_timestamp) {1114 (unsigned int)cache_entry.entry_timestamp, 1115 (unsigned int)cache_entry.bad_password_time)); 1116 1117 if (ldap_entry_time > cache_entry.entry_timestamp) { 1137 1118 /* cache is older than directory , so 1138 1119 we need to delete the entry but allow the … … 1143 1124 pdb_set_acct_ctrl(sampass, 1144 1125 pdb_get_acct_ctrl(sampass) | 1145 (cache_entry ->acct_ctrl & ACB_AUTOLOCK),1126 (cache_entry.acct_ctrl & ACB_AUTOLOCK), 1146 1127 PDB_SET); 1147 1128 pdb_set_bad_password_count(sampass, 1148 cache_entry ->bad_password_count,1129 cache_entry.bad_password_count, 1149 1130 PDB_SET); 1150 1131 pdb_set_bad_password_time(sampass, 1151 cache_entry ->bad_password_time,1132 cache_entry.bad_password_time, 1152 1133 PDB_SET); 1153 1134 } … … 1158 1139 1159 1140 TALLOC_FREE(ctx); 1160 SAFE_FREE(cache_entry);1161 1141 return ret; 1162 1142 } … … 1174 1154 { 1175 1155 char *temp = NULL; 1176 uint32 rid;1156 uint32_t rid; 1177 1157 1178 1158 if (mods == NULL || sampass == NULL) { … … 1203 1183 if (need_update(sampass, PDB_USERSID)) { 1204 1184 fstring sid_string; 1205 const DOM_SID*user_sid = pdb_get_user_sid(sampass);1185 const struct dom_sid *user_sid = pdb_get_user_sid(sampass); 1206 1186 1207 1187 switch ( ldap_state->schema_ver ) { … … 1240 1220 if (need_update(sampass, PDB_GROUPSID)) { 1241 1221 fstring sid_string; 1242 const DOM_SID*group_sid = pdb_get_group_sid(sampass);1222 const struct dom_sid *group_sid = pdb_get_group_sid(sampass); 1243 1223 1244 1224 switch ( ldap_state->schema_ver ) { … … 1398 1378 if (need_update(sampass, PDB_PWHISTORY)) { 1399 1379 char *pwstr = NULL; 1400 uint32 pwHistLen = 0;1380 uint32_t pwHistLen = 0; 1401 1381 pdb_get_account_policy(PDB_POLICY_PASSWORD_HISTORY, &pwHistLen); 1402 1382 … … 1411 1391 } else { 1412 1392 int i; 1413 uint32 currHistLen = 0;1393 uint32_t currHistLen = 0; 1414 1394 const uint8 *pwhist = pdb_get_pw_history(sampass, &currHistLen); 1415 1395 if (pwhist != NULL) { … … 1473 1453 if (need_update(sampass, PDB_BAD_PASSWORD_COUNT)) /* && 1474 1454 need_update(sampass, PDB_BAD_PASSWORD_TIME)) */ { 1475 uint16 badcount = pdb_get_bad_password_count(sampass);1455 uint16_t badcount = pdb_get_bad_password_count(sampass); 1476 1456 time_t badtime = pdb_get_bad_password_time(sampass); 1477 uint32 pol;1457 uint32_t pol; 1478 1458 pdb_get_account_policy(PDB_POLICY_BAD_ATTEMPT_LOCKOUT, &pol); 1479 1459 … … 1512 1492 login_cache_delentry(sampass); 1513 1493 } else { 1514 LOGIN_CACHEcache_entry;1494 struct login_cache cache_entry; 1515 1495 1516 1496 cache_entry.entry_timestamp = time(NULL); … … 1520 1500 1521 1501 DEBUG(7, ("Updating bad password count and time in login cache\n")); 1522 login_cache_write(sampass, cache_entry);1502 login_cache_write(sampass, &cache_entry); 1523 1503 } 1524 1504 } … … 1626 1606 1627 1607 static int ldapsam_get_ldap_user_by_sid(struct ldapsam_privates *ldap_state, 1628 const DOM_SID *sid, LDAPMessage **result)1608 const struct dom_sid *sid, LDAPMessage **result) 1629 1609 { 1630 1610 int rc = -1; 1631 1611 const char ** attr_list; 1632 uint32 rid;1612 uint32_t rid; 1633 1613 1634 1614 switch ( ldap_state->schema_ver ) { … … 1676 1656 *********************************************************************/ 1677 1657 1678 static NTSTATUS ldapsam_getsampwsid(struct pdb_methods *my_methods, struct samu * user, const DOM_SID*sid)1658 static NTSTATUS ldapsam_getsampwsid(struct pdb_methods *my_methods, struct samu * user, const struct dom_sid *sid) 1679 1659 { 1680 1660 struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; … … 1737 1717 if (!newpwd || !dn) { 1738 1718 return NT_STATUS_INVALID_PARAMETER; 1739 }1740 1741 if (!mods) {1742 DEBUG(5,("ldapsam_modify_entry: mods is empty: nothing to modify\n"));1743 /* may be password change below however */1744 } else {1745 switch(ldap_op) {1746 case LDAP_MOD_ADD:1747 if (ldap_state->is_nds_ldap) {1748 smbldap_set_mod(&mods, LDAP_MOD_ADD,1749 "objectclass",1750 "inetOrgPerson");1751 } else {1752 smbldap_set_mod(&mods, LDAP_MOD_ADD,1753 "objectclass",1754 LDAP_OBJ_ACCOUNT);1755 }1756 rc = smbldap_add(ldap_state->smbldap_state,1757 dn, mods);1758 break;1759 case LDAP_MOD_REPLACE:1760 rc = smbldap_modify(ldap_state->smbldap_state,1761 dn ,mods);1762 break;1763 default:1764 DEBUG(0,("ldapsam_modify_entry: Wrong LDAP operation type: %d!\n",1765 ldap_op));1766 return NT_STATUS_INVALID_PARAMETER;1767 }1768 1769 if (rc!=LDAP_SUCCESS) {1770 return NT_STATUS_UNSUCCESSFUL;1771 }1772 1719 } 1773 1720 … … 1897 1844 ber_bvfree(bv); 1898 1845 } 1846 1847 if (!mods) { 1848 DEBUG(5,("ldapsam_modify_entry: mods is empty: nothing to modify\n")); 1849 /* may be password change below however */ 1850 } else { 1851 switch(ldap_op) { 1852 case LDAP_MOD_ADD: 1853 if (ldap_state->is_nds_ldap) { 1854 smbldap_set_mod(&mods, LDAP_MOD_ADD, 1855 "objectclass", 1856 "inetOrgPerson"); 1857 } else { 1858 smbldap_set_mod(&mods, LDAP_MOD_ADD, 1859 "objectclass", 1860 LDAP_OBJ_ACCOUNT); 1861 } 1862 rc = smbldap_add(ldap_state->smbldap_state, 1863 dn, mods); 1864 break; 1865 case LDAP_MOD_REPLACE: 1866 rc = smbldap_modify(ldap_state->smbldap_state, 1867 dn ,mods); 1868 break; 1869 default: 1870 DEBUG(0,("ldapsam_modify_entry: Wrong LDAP operation type: %d!\n", 1871 ldap_op)); 1872 return NT_STATUS_INVALID_PARAMETER; 1873 } 1874 1875 if (rc!=LDAP_SUCCESS) { 1876 return NT_STATUS_UNSUCCESSFUL; 1877 } 1878 } 1879 1899 1880 return NT_STATUS_OK; 1900 1881 } … … 2070 2051 static NTSTATUS ldapsam_del_groupmem(struct pdb_methods *my_methods, 2071 2052 TALLOC_CTX *tmp_ctx, 2072 uint32 group_rid,2073 uint32 member_rid);2053 uint32_t group_rid, 2054 uint32_t member_rid); 2074 2055 2075 2056 static NTSTATUS ldapsam_enum_group_memberships(struct pdb_methods *methods, 2076 2057 TALLOC_CTX *mem_ctx, 2077 2058 struct samu *user, 2078 DOM_SID**pp_sids,2059 struct dom_sid **pp_sids, 2079 2060 gid_t **pp_gids, 2080 size_t *p_num_groups);2061 uint32_t *p_num_groups); 2081 2062 2082 2063 static NTSTATUS ldapsam_rename_sam_account(struct pdb_methods *my_methods, … … 2177 2158 LDAPMod **mods = NULL; 2178 2159 int ldap_op = LDAP_MOD_REPLACE; 2179 uint32 num_result;2160 uint32_t num_result; 2180 2161 const char **attr_list; 2181 2162 char *escape_user = NULL; 2182 2163 const char *username = pdb_get_username(newpwd); 2183 const DOM_SID*sid = pdb_get_user_sid(newpwd);2164 const struct dom_sid *sid = pdb_get_user_sid(newpwd); 2184 2165 char *filter = NULL; 2185 2166 char *dn = NULL; … … 2594 2575 2595 2576 static NTSTATUS ldapsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map, 2596 DOM_SIDsid)2577 struct dom_sid sid) 2597 2578 { 2598 2579 char *filter = NULL; … … 2664 2645 static bool ldapsam_extract_rid_from_entry(LDAP *ldap_struct, 2665 2646 LDAPMessage *entry, 2666 const DOM_SID*domain_sid,2667 uint32 *rid)2647 const struct dom_sid *domain_sid, 2648 uint32_t *rid) 2668 2649 { 2669 2650 fstring str; 2670 DOM_SIDsid;2651 struct dom_sid sid; 2671 2652 2672 2653 if (!smbldap_get_single_attribute(ldap_struct, entry, "sambaSID", … … 2681 2662 } 2682 2663 2683 if ( sid_compare_domain(&sid, domain_sid) != 0) {2664 if (dom_sid_compare_domain(&sid, domain_sid) != 0) { 2684 2665 DEBUG(10, ("SID %s is not in expected domain %s\n", 2685 2666 str, sid_string_dbg(domain_sid))); … … 2697 2678 static NTSTATUS ldapsam_enum_group_members(struct pdb_methods *methods, 2698 2679 TALLOC_CTX *mem_ctx, 2699 const DOM_SID*group,2700 uint32 **pp_member_rids,2680 const struct dom_sid *group, 2681 uint32_t **pp_member_rids, 2701 2682 size_t *p_num_members) 2702 2683 { … … 2815 2796 { 2816 2797 char *sidstr; 2817 DOM_SIDsid;2818 uint32 rid;2798 struct dom_sid sid; 2799 uint32_t rid; 2819 2800 2820 2801 sidstr = smbldap_talloc_single_attribute(conn->ldap_struct, … … 2867 2848 entry = ldap_next_entry(conn->ldap_struct, entry)) 2868 2849 { 2869 uint32 rid;2850 uint32_t rid; 2870 2851 2871 2852 if (!ldapsam_extract_rid_from_entry(conn->ldap_struct, … … 2898 2879 TALLOC_CTX *mem_ctx, 2899 2880 struct samu *user, 2900 DOM_SID**pp_sids,2881 struct dom_sid **pp_sids, 2901 2882 gid_t **pp_gids, 2902 size_t *p_num_groups)2883 uint32_t *p_num_groups) 2903 2884 { 2904 2885 struct ldapsam_privates *ldap_state = … … 2912 2893 LDAPMessage *entry; 2913 2894 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; 2914 size_t num_sids, num_gids; 2895 uint32_t num_sids; 2896 uint32_t num_gids; 2915 2897 char *gidstr; 2916 2898 gid_t primary_gid = -1; … … 3015 2997 { 3016 2998 fstring str; 3017 DOM_SIDsid;2999 struct dom_sid sid; 3018 3000 gid_t gid; 3019 3001 char *end; … … 3053 3035 } 3054 3036 3055 if ( sid_compare(&global_sid_NULL, &(*pp_sids)[0]) == 0) {3037 if (dom_sid_compare(&global_sid_NULL, &(*pp_sids)[0]) == 0) { 3056 3038 DEBUG(3, ("primary group of [%s] not found\n", 3057 3039 pdb_get_username(user))); … … 3140 3122 NTSTATUS result; 3141 3123 3142 DOM_SIDsid;3124 struct dom_sid sid; 3143 3125 3144 3126 int rc; … … 3345 3327 3346 3328 static NTSTATUS ldapsam_delete_group_mapping_entry(struct pdb_methods *methods, 3347 DOM_SIDsid)3329 struct dom_sid sid) 3348 3330 { 3349 3331 struct ldapsam_privates *priv = … … 3508 3490 3509 3491 static NTSTATUS ldapsam_enum_group_mapping(struct pdb_methods *methods, 3510 const DOM_SID*domsid, enum lsa_SidType sid_name_use,3492 const struct dom_sid *domsid, enum lsa_SidType sid_name_use, 3511 3493 GROUP_MAP **pp_rmap, 3512 3494 size_t *p_num_entries, 3513 3495 bool unix_only) 3514 3496 { 3515 GROUP_MAP map ;3497 GROUP_MAP map = { 0, }; 3516 3498 size_t entries = 0; 3517 3499 … … 3558 3540 3559 3541 static NTSTATUS ldapsam_modify_aliasmem(struct pdb_methods *methods, 3560 const DOM_SID*alias,3561 const DOM_SID*member,3542 const struct dom_sid *alias, 3543 const struct dom_sid *member, 3562 3544 int modop) 3563 3545 { … … 3663 3645 3664 3646 static NTSTATUS ldapsam_add_aliasmem(struct pdb_methods *methods, 3665 const DOM_SID*alias,3666 const DOM_SID*member)3647 const struct dom_sid *alias, 3648 const struct dom_sid *member) 3667 3649 { 3668 3650 return ldapsam_modify_aliasmem(methods, alias, member, LDAP_MOD_ADD); … … 3670 3652 3671 3653 static NTSTATUS ldapsam_del_aliasmem(struct pdb_methods *methods, 3672 const DOM_SID*alias,3673 const DOM_SID*member)3654 const struct dom_sid *alias, 3655 const struct dom_sid *member) 3674 3656 { 3675 3657 return ldapsam_modify_aliasmem(methods, alias, member, … … 3678 3660 3679 3661 static NTSTATUS ldapsam_enum_aliasmem(struct pdb_methods *methods, 3680 const DOM_SID*alias,3662 const struct dom_sid *alias, 3681 3663 TALLOC_CTX *mem_ctx, 3682 DOM_SID**pp_members,3664 struct dom_sid **pp_members, 3683 3665 size_t *p_num_members) 3684 3666 { … … 3691 3673 int i; 3692 3674 char *filter = NULL; 3693 size_t num_members = 0;3675 uint32_t num_members = 0; 3694 3676 enum lsa_SidType type = SID_NAME_USE_NONE; 3695 3677 fstring tmp; … … 3766 3748 3767 3749 for (i=0; i<count; i++) { 3768 DOM_SIDmember;3750 struct dom_sid member; 3769 3751 NTSTATUS status; 3770 3752 … … 3790 3772 static NTSTATUS ldapsam_alias_memberships(struct pdb_methods *methods, 3791 3773 TALLOC_CTX *mem_ctx, 3792 const DOM_SID*domain_sid,3793 const DOM_SID*members,3774 const struct dom_sid *domain_sid, 3775 const struct dom_sid *members, 3794 3776 size_t num_members, 3795 uint32 **pp_alias_rids,3777 uint32_t **pp_alias_rids, 3796 3778 size_t *p_num_alias_rids) 3797 3779 { … … 3871 3853 { 3872 3854 fstring sid_str; 3873 DOM_SIDsid;3874 uint32 rid;3855 struct dom_sid sid; 3856 uint32_t rid; 3875 3857 3876 3858 if (!smbldap_get_single_attribute(ldap_struct, entry, … … 3909 3891 static NTSTATUS ldapsam_set_account_policy_in_ldap(struct pdb_methods *methods, 3910 3892 enum pdb_policy_type type, 3911 uint32 value)3893 uint32_t value) 3912 3894 { 3913 3895 NTSTATUS ntstatus = NT_STATUS_UNSUCCESSFUL; … … 3965 3947 static NTSTATUS ldapsam_get_account_policy_from_ldap(struct pdb_methods *methods, 3966 3948 enum pdb_policy_type type, 3967 uint32 *value)3949 uint32_t *value) 3968 3950 { 3969 3951 NTSTATUS ntstatus = NT_STATUS_UNSUCCESSFUL; … … 3997 3979 attrs[1] = NULL; 3998 3980 3999 filter = talloc_asprintf( NULL, "(objectClass=%s)", LDAP_OBJ_DOMINFO);3981 filter = talloc_asprintf(talloc_tos(), "(objectClass=%s)", LDAP_OBJ_DOMINFO); 4000 3982 if (filter == NULL) { 4001 3983 return NT_STATUS_NO_MEMORY; … … 4004 3986 LDAP_SCOPE_BASE, filter, attrs, 0, 4005 3987 &result); 4006 3988 TALLOC_FREE(filter); 4007 3989 if (rc != LDAP_SUCCESS) { 4008 3990 return ntstatus; … … 4024 4006 } 4025 4007 4026 *value = (uint32 )atol(vals[0]);4008 *value = (uint32_t)atol(vals[0]); 4027 4009 4028 4010 ntstatus = NT_STATUS_OK; … … 4100 4082 4101 4083 static NTSTATUS ldapsam_lookup_rids(struct pdb_methods *methods, 4102 const DOM_SID*domain_sid,4084 const struct dom_sid *domain_sid, 4103 4085 int num_rids, 4104 uint32 *rids,4086 uint32_t *rids, 4105 4087 const char **names, 4106 4088 enum lsa_SidType *attrs) … … 4143 4125 4144 4126 for (i=0; i<num_rids; i++) { 4145 DOM_SIDsid;4127 struct dom_sid sid; 4146 4128 sid_compose(&sid, domain_sid, rids[i]); 4147 4129 allsids = talloc_asprintf_append_buffer( … … 4183 4165 entry != NULL; 4184 4166 entry = ldap_next_entry(ld, entry)) { 4185 uint32 rid;4167 uint32_t rid; 4186 4168 int rid_index; 4187 4169 const char *name; … … 4257 4239 entry = ldap_next_entry(ld, entry)) 4258 4240 { 4259 uint32 rid;4241 uint32_t rid; 4260 4242 int rid_index; 4261 4243 const char *attr; … … 4348 4330 } 4349 4331 4350 const char **talloc_attrs(TALLOC_CTX *mem_ctx, ...)4332 static const char **talloc_attrs(TALLOC_CTX *mem_ctx, ...) 4351 4333 { 4352 4334 int i, num = 0; … … 4381 4363 struct smbldap_state *connection; 4382 4364 4383 uint32 acct_flags;4384 uint16 group_type;4365 uint32_t acct_flags; 4366 uint16_t group_type; 4385 4367 4386 4368 const char *base; … … 4557 4539 char **vals; 4558 4540 size_t converted_size; 4559 DOM_SIDsid;4560 uint32 acct_flags;4541 struct dom_sid sid; 4542 uint32_t acct_flags; 4561 4543 4562 4544 vals = ldap_get_values(ld, entry, "sambaAcctFlags"); … … 4650 4632 static bool ldapsam_search_users(struct pdb_methods *methods, 4651 4633 struct pdb_search *search, 4652 uint32 acct_flags)4634 uint32_t acct_flags) 4653 4635 { 4654 4636 struct ldapsam_privates *ldap_state = … … 4703 4685 char **vals; 4704 4686 size_t converted_size; 4705 DOM_SIDsid;4706 uint16 group_type;4687 struct dom_sid sid; 4688 uint16_t group_type; 4707 4689 4708 4690 result->account_name = ""; … … 4811 4793 4812 4794 default: 4813 DEBUG(0,("unk own group type: %d\n", group_type));4795 DEBUG(0,("unknown group type: %d\n", group_type)); 4814 4796 return False; 4815 4797 } … … 4822 4804 static bool ldapsam_search_grouptype(struct pdb_methods *methods, 4823 4805 struct pdb_search *search, 4824 const DOM_SID*sid,4806 const struct dom_sid *sid, 4825 4807 enum lsa_SidType type) 4826 4808 { … … 4874 4856 static bool ldapsam_search_aliases(struct pdb_methods *methods, 4875 4857 struct pdb_search *search, 4876 const DOM_SID*sid)4858 const struct dom_sid *sid) 4877 4859 { 4878 4860 return ldapsam_search_grouptype(methods, search, sid, SID_NAME_ALIAS); … … 4885 4867 4886 4868 static NTSTATUS ldapsam_get_new_rid(struct ldapsam_privates *priv, 4887 uint32 *rid)4869 uint32_t *rid) 4888 4870 { 4889 4871 struct smbldap_state *smbldap_state = priv->smbldap_state; … … 4895 4877 char *value; 4896 4878 int rc; 4897 uint32 nextRid = 0;4879 uint32_t nextRid = 0; 4898 4880 const char *dn; 4899 4881 … … 4932 4914 "sambaNextRid", mem_ctx); 4933 4915 if (value != NULL) { 4934 uint32 tmp = (uint32)strtoul(value, NULL, 10);4916 uint32_t tmp = (uint32_t)strtoul(value, NULL, 10); 4935 4917 nextRid = MAX(nextRid, tmp); 4936 4918 } … … 4939 4921 "sambaNextUserRid", mem_ctx); 4940 4922 if (value != NULL) { 4941 uint32 tmp = (uint32)strtoul(value, NULL, 10);4923 uint32_t tmp = (uint32_t)strtoul(value, NULL, 10); 4942 4924 nextRid = MAX(nextRid, tmp); 4943 4925 } … … 4946 4928 "sambaNextGroupRid", mem_ctx); 4947 4929 if (value != NULL) { 4948 uint32 tmp = (uint32)strtoul(value, NULL, 10);4930 uint32_t tmp = (uint32_t)strtoul(value, NULL, 10); 4949 4931 nextRid = MAX(nextRid, tmp); 4950 4932 } … … 4981 4963 } 4982 4964 4983 static NTSTATUS ldapsam_new_rid_internal(struct pdb_methods *methods, uint32 *rid)4965 static NTSTATUS ldapsam_new_rid_internal(struct pdb_methods *methods, uint32_t *rid) 4984 4966 { 4985 4967 int i; … … 5003 4985 } 5004 4986 5005 static bool ldapsam_new_rid(struct pdb_methods *methods, uint32 *rid)4987 static bool ldapsam_new_rid(struct pdb_methods *methods, uint32_t *rid) 5006 4988 { 5007 4989 NTSTATUS result = ldapsam_new_rid_internal(methods, rid); … … 5010 4992 5011 4993 static bool ldapsam_sid_to_id(struct pdb_methods *methods, 5012 const DOM_SID*sid,4994 const struct dom_sid *sid, 5013 4995 union unid_t *id, enum lsa_SidType *type) 5014 4996 { … … 5107 5089 */ 5108 5090 static bool ldapsam_uid_to_sid(struct pdb_methods *methods, uid_t uid, 5109 DOM_SID*sid)5091 struct dom_sid *sid) 5110 5092 { 5111 5093 struct ldapsam_privates *priv = … … 5117 5099 bool ret = false; 5118 5100 char *user_sid_string; 5119 DOM_SID *user_sid;5101 struct dom_sid user_sid; 5120 5102 int rc; 5121 5103 TALLOC_CTX *tmp_ctx = talloc_stackframe(); … … 5156 5138 } 5157 5139 5158 user_sid = string_sid_talloc(tmp_ctx, user_sid_string); 5159 if (user_sid == NULL) { 5140 if (!string_to_sid(&user_sid, user_sid_string)) { 5160 5141 DEBUG(3, ("Error calling sid_string_talloc for sid '%s'\n", 5161 5142 user_sid_string)); … … 5163 5144 } 5164 5145 5165 sid_copy(sid, user_sid);5146 sid_copy(sid, &user_sid); 5166 5147 5167 5148 store_uid_sid_cache(sid, uid); … … 5180 5161 */ 5181 5162 static bool ldapsam_gid_to_sid(struct pdb_methods *methods, gid_t gid, 5182 DOM_SID*sid)5163 struct dom_sid *sid) 5183 5164 { 5184 5165 struct ldapsam_privates *priv = … … 5190 5171 bool ret = false; 5191 5172 char *group_sid_string; 5192 DOM_SIDgroup_sid;5173 struct dom_sid group_sid; 5193 5174 int rc; 5194 5175 TALLOC_CTX *tmp_ctx = talloc_stackframe(); … … 5262 5243 static NTSTATUS ldapsam_create_user(struct pdb_methods *my_methods, 5263 5244 TALLOC_CTX *tmp_ctx, const char *name, 5264 uint32 acb_info, uint32*rid)5245 uint32_t acb_info, uint32_t *rid) 5265 5246 { 5266 5247 struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; 5267 5248 LDAPMessage *entry = NULL; 5268 5249 LDAPMessage *result = NULL; 5269 uint32 num_result;5250 uint32_t num_result; 5270 5251 bool is_machine = False; 5271 5252 bool add_posix = False; … … 5279 5260 char *shell; 5280 5261 const char *dn = NULL; 5281 DOM_SIDgroup_sid;5282 DOM_SIDuser_sid;5262 struct dom_sid group_sid; 5263 struct dom_sid user_sid; 5283 5264 gid_t gid = -1; 5284 5265 uid_t uid = -1; … … 5387 5368 } 5388 5369 5389 if (!init_ldap_from_sam(ldap_state, NULL, &mods, user, element_is_set_or_changed)) {5370 if (!init_ldap_from_sam(ldap_state, entry, &mods, user, element_is_set_or_changed)) { 5390 5371 DEBUG(1,("ldapsam_create_user: Unable to fill user structs\n")); 5391 5372 return NT_STATUS_UNSUCCESSFUL; … … 5403 5384 5404 5385 /* retrieve the Domain Users group gid */ 5405 if (!sid_compose(&group_sid, get_global_sam_sid(), DOMAIN_ GROUP_RID_USERS) ||5386 if (!sid_compose(&group_sid, get_global_sam_sid(), DOMAIN_RID_USERS) || 5406 5387 !sid_to_gid(&group_sid, &gid)) { 5407 5388 DEBUG (0, ("ldapsam_create_user: Unable to get the Domain Users gid: bailing out!\n")); … … 5534 5515 struct dom_sid *sids = NULL; 5535 5516 gid_t *gids = NULL; 5536 size_t num_groups = 0;5517 uint32_t num_groups = 0; 5537 5518 int i; 5538 5519 uint32_t user_rid = pdb_get_user_rid(sam_acct); … … 5584 5565 TALLOC_CTX *tmp_ctx, 5585 5566 const char *name, 5586 uint32 *rid)5567 uint32_t *rid) 5587 5568 { 5588 5569 struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; … … 5590 5571 LDAPMessage *entry = NULL; 5591 5572 LDAPMessage *result = NULL; 5592 uint32 num_result;5573 uint32_t num_result; 5593 5574 bool is_new_entry = False; 5594 5575 LDAPMod **mods = NULL; … … 5599 5580 char *gidstr; 5600 5581 const char *dn = NULL; 5601 DOM_SIDgroup_sid;5582 struct dom_sid group_sid; 5602 5583 gid_t gid = -1; 5603 5584 int rc; … … 5656 5637 5657 5638 if (num_result == 0) { 5639 is_new_entry = true; 5640 } 5641 5642 if (!NT_STATUS_IS_OK((ret = ldapsam_new_rid_internal(my_methods, rid)))) { 5643 DEBUG(1, ("ldapsam_create_group: Could not allocate a new RID\n")); 5644 return ret; 5645 } 5646 5647 sid_compose(&group_sid, get_global_sam_sid(), *rid); 5648 5649 groupsidstr = talloc_strdup(tmp_ctx, sid_string_talloc(tmp_ctx, 5650 &group_sid)); 5651 grouptype = talloc_asprintf(tmp_ctx, "%d", SID_NAME_DOM_GRP); 5652 5653 if (!groupsidstr || !grouptype) { 5654 DEBUG(0,("ldapsam_create_group: Out of memory!\n")); 5655 return NT_STATUS_NO_MEMORY; 5656 } 5657 5658 smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_GROUPMAP); 5659 smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaSid", groupsidstr); 5660 smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaGroupType", grouptype); 5661 smbldap_set_mod(&mods, LDAP_MOD_ADD, "displayName", name); 5662 5663 if (is_new_entry) { 5658 5664 char *escape_name; 5659 5665 5660 5666 DEBUG(3,("ldapsam_create_user: Creating new posix group\n")); 5661 5662 is_new_entry = True;5663 5667 5664 5668 /* lets allocate a new groupid for this group */ … … 5690 5694 } 5691 5695 5692 if (!NT_STATUS_IS_OK((ret = ldapsam_new_rid_internal(my_methods, rid)))) {5693 DEBUG(1, ("ldapsam_create_group: Could not allocate a new RID\n"));5694 return ret;5695 }5696 5697 sid_compose(&group_sid, get_global_sam_sid(), *rid);5698 5699 groupsidstr = talloc_strdup(tmp_ctx, sid_string_talloc(tmp_ctx,5700 &group_sid));5701 grouptype = talloc_asprintf(tmp_ctx, "%d", SID_NAME_DOM_GRP);5702 5703 if (!groupsidstr || !grouptype) {5704 DEBUG(0,("ldapsam_create_group: Out of memory!\n"));5705 return NT_STATUS_NO_MEMORY;5706 }5707 5708 smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_GROUPMAP);5709 smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaSid", groupsidstr);5710 smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaGroupType", grouptype);5711 smbldap_set_mod(&mods, LDAP_MOD_ADD, "displayName", name);5712 5696 talloc_autofree_ldapmod(tmp_ctx, mods); 5713 5697 … … 5736 5720 } 5737 5721 5738 static NTSTATUS ldapsam_delete_dom_group(struct pdb_methods *my_methods, TALLOC_CTX *tmp_ctx, uint32 rid)5722 static NTSTATUS ldapsam_delete_dom_group(struct pdb_methods *my_methods, TALLOC_CTX *tmp_ctx, uint32_t rid) 5739 5723 { 5740 5724 struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; … … 5745 5729 char *gidstr; 5746 5730 char *filter; 5747 DOM_SIDgroup_sid;5731 struct dom_sid group_sid; 5748 5732 int rc; 5749 5733 … … 5832 5816 static NTSTATUS ldapsam_change_groupmem(struct pdb_methods *my_methods, 5833 5817 TALLOC_CTX *tmp_ctx, 5834 uint32 group_rid,5835 uint32 member_rid,5818 uint32_t group_rid, 5819 uint32_t member_rid, 5836 5820 int modop) 5837 5821 { … … 5839 5823 LDAPMessage *entry = NULL; 5840 5824 LDAPMessage *result = NULL; 5841 uint32 num_result;5825 uint32_t num_result; 5842 5826 LDAPMod **mods = NULL; 5843 5827 char *filter; 5844 5828 char *uidstr; 5845 5829 const char *dn = NULL; 5846 DOM_SIDgroup_sid;5847 DOM_SIDmember_sid;5830 struct dom_sid group_sid; 5831 struct dom_sid member_sid; 5848 5832 int rc; 5849 5833 … … 5994 5978 static NTSTATUS ldapsam_add_groupmem(struct pdb_methods *my_methods, 5995 5979 TALLOC_CTX *tmp_ctx, 5996 uint32 group_rid,5997 uint32 member_rid)5980 uint32_t group_rid, 5981 uint32_t member_rid) 5998 5982 { 5999 5983 return ldapsam_change_groupmem(my_methods, tmp_ctx, group_rid, member_rid, LDAP_MOD_ADD); … … 6001 5985 static NTSTATUS ldapsam_del_groupmem(struct pdb_methods *my_methods, 6002 5986 TALLOC_CTX *tmp_ctx, 6003 uint32 group_rid,6004 uint32 member_rid)5987 uint32_t group_rid, 5988 uint32_t member_rid) 6005 5989 { 6006 5990 return ldapsam_change_groupmem(my_methods, tmp_ctx, group_rid, member_rid, LDAP_MOD_DELETE); … … 6014 5998 LDAPMessage *entry = NULL; 6015 5999 LDAPMessage *result = NULL; 6016 uint32 num_result;6000 uint32_t num_result; 6017 6001 LDAPMod **mods = NULL; 6018 6002 char *filter; … … 6129 6113 LDAPMessage *result = NULL; 6130 6114 char *trusted_dn; 6131 uint32 num_result;6115 uint32_t num_result; 6132 6116 6133 6117 filter = talloc_asprintf(talloc_tos(), … … 6179 6163 const char *domain, 6180 6164 char** pwd, 6181 DOM_SID*sid,6165 struct dom_sid *sid, 6182 6166 time_t *pass_last_set_time) 6183 6167 { … … 6223 6207 if (sid != NULL) { 6224 6208 char *sid_str; 6225 DOM_SID *dom_sid;6209 struct dom_sid dom_sid; 6226 6210 sid_str = smbldap_talloc_single_attribute(priv2ld(ldap_state), 6227 6211 entry, "sambaSID", … … 6230 6214 return False; 6231 6215 } 6232 dom_sid = string_sid_talloc(talloc_tos(), sid_str); 6233 if (dom_sid == NULL) { 6216 if (!string_to_sid(&dom_sid, sid_str)) { 6234 6217 return False; 6235 6218 } 6236 sid_copy(sid, dom_sid);6219 sid_copy(sid, &dom_sid); 6237 6220 } 6238 6221 … … 6243 6226 const char* domain, 6244 6227 const char* pwd, 6245 const DOM_SID*sid)6228 const struct dom_sid *sid) 6246 6229 { 6247 6230 struct ldapsam_privates *ldap_state = … … 6341 6324 static NTSTATUS ldapsam_enum_trusteddoms(struct pdb_methods *methods, 6342 6325 TALLOC_CTX *mem_ctx, 6343 uint32 *num_domains,6326 uint32_t *num_domains, 6344 6327 struct trustdom_info ***domains) 6345 6328 { … … 6558 6541 NTSTATUS nt_status; 6559 6542 struct ldapsam_privates *ldap_state = NULL; 6560 uint32 alg_rid_base;6543 uint32_t alg_rid_base; 6561 6544 char *alg_rid_base_string = NULL; 6562 6545 LDAPMessage *result = NULL; 6563 6546 LDAPMessage *entry = NULL; 6564 DOM_SIDldap_domain_sid;6565 DOM_SIDsecrets_domain_sid;6547 struct dom_sid ldap_domain_sid; 6548 struct dom_sid secrets_domain_sid; 6566 6549 char *domain_sid_string = NULL; 6567 6550 char *dn = NULL; … … 6570 6553 trim_char( uri, '\"', '\"' ); 6571 6554 nt_status = pdb_init_ldapsam_common(pdb_method, uri); 6572 if (uri) { 6573 TALLOC_FREE(uri); 6574 } 6555 6556 TALLOC_FREE(uri); 6575 6557 6576 6558 if (!NT_STATUS_IS_OK(nt_status)) { … … 6622 6604 DEBUGADD(2, ("pdb_init_ldapsam: Continuing on regardless, " 6623 6605 "will be unable to allocate new users/groups, " 6624 "and will risk BDCs having inconsist ant SIDs\n"));6606 "and will risk BDCs having inconsistent SIDs\n")); 6625 6607 sid_copy(&ldap_state->domain_sid, get_global_sam_sid()); 6626 6608 return NT_STATUS_OK; … … 6666 6648 found_sid = secrets_fetch_domain_sid(ldap_state->domain_name, 6667 6649 &secrets_domain_sid); 6668 if (!found_sid || ! sid_equal(&secrets_domain_sid,6650 if (!found_sid || !dom_sid_equal(&secrets_domain_sid, 6669 6651 &ldap_domain_sid)) { 6670 6652 DEBUG(1, ("pdb_init_ldapsam: Resetting SID for domain " … … 6691 6673 talloc_tos()); 6692 6674 if (alg_rid_base_string) { 6693 alg_rid_base = (uint32 )atol(alg_rid_base_string);6675 alg_rid_base = (uint32_t)atol(alg_rid_base_string); 6694 6676 if (alg_rid_base != algorithmic_rid_base()) { 6695 6677 DEBUG(0, ("The value of 'algorithmic RID base' has " … … 6719 6701 pdb_nds_init(); 6720 6702 6703 pdb_ipa_init(); 6704 6721 6705 return NT_STATUS_OK; 6722 6706 }
Note:
See TracChangeset
for help on using the changeset viewer.
