From 761cbd52f0cff6b864c506ec03c94039b6101ef9 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 15 Aug 2006 14:07:15 +0000 Subject: [PATCH] r17554: Cleanup --- source/Makefile.in | 10 +- source/groupdb/mapping.c | 981 ++++++++++------------ source/include/passdb.h | 8 +- source/include/smb.h | 5 - source/lib/talloc.c | 40 - source/lib/tdb_multikey.c | 588 ------------- source/passdb/lookup_sid.c | 4 +- source/passdb/passdb.c | 2 +- source/passdb/pdb_interface.c | 56 +- source/passdb/pdb_ldap.c | 4 +- source/rpc_server/srv_lsa_nt.c | 2 +- source/rpc_server/srv_samr_nt.c | 6 +- source/script/tests/test_smbtorture_s3.sh | 3 +- source/tdb/tdbutil.c | 12 +- source/tdb/tdbutil.h | 2 - source/torture/local-groupmap.c | 64 +- source/torture/local-multikey.c | 211 ----- source/torture/torture.c | 7 +- source/utils/net_groupmap.c | 85 +- source/utils/net_rpc_samsync.c | 10 +- source/utils/net_sam.c | 8 +- 21 files changed, 595 insertions(+), 1513 deletions(-) delete mode 100644 source/lib/tdb_multikey.c delete mode 100644 source/torture/local-multikey.c diff --git a/source/Makefile.in b/source/Makefile.in index 1f5a39d9dad..0ff5872063b 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -225,7 +225,7 @@ LIB_OBJ = $(VERSION_OBJ) lib/charcnv.o lib/debug.o lib/fault.o \ lib/md5.o lib/hmacmd5.o lib/arc4.o lib/iconv.o \ nsswitch/wb_client.o $(WBCOMMON_OBJ) \ lib/pam_errors.o intl/lang_tdb.o \ - lib/adt_tree.o lib/gencache.o $(TDB_OBJ) lib/tdb_multikey.o \ + lib/adt_tree.o lib/gencache.o $(TDB_OBJ) \ lib/module.o lib/events.o lib/ldap_escape.o @CHARSET_STATIC@ \ lib/secdesc.o lib/util_seaccess.o lib/secace.o lib/secacl.o @SOCKWRAP@ \ libads/krb5_errs.o lib/system_smbd.o lib/audit.o @@ -608,12 +608,10 @@ NMBLOOKUP_OBJ = utils/nmblookup.o $(PARAM_OBJ) $(LIBNMB_OBJ) $(RPC_PARSE_OBJ1) $ $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ) $(LIBSAMBA_OBJ) SMBTORTURE_OBJ1 = torture/torture.o torture/nbio.o torture/scanner.o torture/utable.o \ - torture/denytest.o torture/mangle_test.o \ - torture/local-multikey.o torture/local-groupmap.o + torture/denytest.o torture/mangle_test.o SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) $(PARAM_OBJ) \ - $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) \ - $(PASSDB_OBJ) $(GROUPDB_OBJ) $(SMBLDAP_OBJ) + $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) MASKTEST_OBJ = torture/masktest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) @@ -1015,7 +1013,7 @@ bin/nmblookup@EXEEXT@: $(NMBLOOKUP_OBJ) @BUILD_POPT@ bin/.dummy bin/smbtorture@EXEEXT@: $(SMBTORTURE_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) @PIE_LDFLAGS@ -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) + @$(CC) $(FLAGS) @PIE_LDFLAGS@ -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) bin/talloctort@EXEEXT@: $(TALLOCTORT_OBJ) bin/.dummy @echo Linking $@ diff --git a/source/groupdb/mapping.c b/source/groupdb/mapping.c index b617e345654..c701ef165dd 100644 --- a/source/groupdb/mapping.c +++ b/source/groupdb/mapping.c @@ -2,7 +2,7 @@ * Unix SMB/CIFS implementation. * RPC Pipe client / server routines * Copyright (C) Andrew Tridgell 1992-2000, - * Copyright (C) Jean Francois Micouleau 1998-2001. + * Copyright (C) Jean François Micouleau 1998-2001. * Copyright (C) Volker Lendecke 2006. * Copyright (C) Gerald Carter 2006. * @@ -27,7 +27,6 @@ static TDB_CONTEXT *tdb; /* used for driver files */ #define DATABASE_VERSION_V1 1 /* native byte format. */ #define DATABASE_VERSION_V2 2 /* le format. */ -#define DATABASE_VERSION_V3 3 /* Indexed format */ #define GROUP_PREFIX "UNIXGROUP/" @@ -38,243 +37,125 @@ static TDB_CONTEXT *tdb; /* used for driver files */ */ #define MEMBEROF_PREFIX "MEMBEROF/" -static BOOL pack_group_map(TALLOC_CTX *mem_ctx, const GROUP_MAP *map, - TDB_DATA *data) -{ - return tdb_pack_append(mem_ctx, &data->dptr, &data->dsize, "fddff", - sid_string_static(&map->sid), map->gid, - map->sid_name_use, map->nt_name, map->comment); -} - -static BOOL unpack_group_map(TDB_DATA data, GROUP_MAP *map) -{ - fstring sidstr; - - if (!tdb_unpack(data.dptr, data.dsize, "fddff", sidstr, &map->gid, - &map->sid_name_use, &map->nt_name, &map->comment)) { - DEBUG(0, ("tdb_unpack failed\n")); - return False; - } - if (!string_to_sid(&map->sid, sidstr)) { - DEBUG(0, ("sid_string %s invalid\n", sidstr)); - return False; - } - - return True; -} - -/* - * Calculate keys from the group mapping record - * - * We've got 3 keys: SID, Name (uppercased) and gid - */ - -#define KEYNUM_SID (0) -#define KEYNUM_NAME (1) -#define KEYNUM_GID (2) - -static char **group_mapping_keys(TALLOC_CTX *mem_ctx, TDB_DATA data, - void *private_data) -{ - char **result; - GROUP_MAP map; - GROUP_MAP *mapp = (GROUP_MAP *)private_data; - - if (mapp == NULL) { - if (!unpack_group_map(data, &map)) { - DEBUG(0, ("unpack_groupmap failed\n")); - return NULL; - } - mapp = ↦ - } - - result = TALLOC_ARRAY(mem_ctx, char *, 4); - if (result == NULL) { - DEBUG(0, ("talloc_array failed\n")); - return NULL; - } - - result[KEYNUM_SID] = talloc_strdup(result, - sid_string_static(&mapp->sid)); - result[KEYNUM_NAME] = talloc_strdup(result, mapp->nt_name); - result[KEYNUM_GID] = talloc_asprintf(result, "%d", (int)mapp->gid); - result[3] = NULL; - - if ((result[0] == NULL) || (result[1] == NULL) || - (result[2] == NULL)) { - DEBUG(0, ("talloc failed\n")); - TALLOC_FREE(result); - return NULL; - } - - /* name lookups are case insensitive, store the key in upper case */ - strupper_m(result[KEYNUM_NAME]); - - return result; -} - -static NTSTATUS upgrade_groupdb_to_v3(struct tdb_context *groupdb) -{ - TDB_DATA kbuf, newkey; - NTSTATUS status; - - for (kbuf = tdb_firstkey(groupdb); - kbuf.dptr; - newkey = tdb_nextkey(groupdb, kbuf), safe_free(kbuf.dptr), - kbuf=newkey) { - - fstring string_sid; - TDB_DATA data, newdata; - GROUP_MAP map; - int ret; - - if (strncmp(kbuf.dptr, GROUP_PREFIX, - strlen(GROUP_PREFIX)) != 0) { - continue; - } - - data = tdb_fetch(groupdb, kbuf); - if (!data.dptr) { - continue; - } - - fstrcpy(string_sid, kbuf.dptr+strlen(GROUP_PREFIX)); - - ret = tdb_unpack(data.dptr, data.dsize, "ddff", - &map.gid, &map.sid_name_use, &map.nt_name, - &map.comment); - SAFE_FREE(data.dptr); - - if ( ret == -1 ) { - DEBUG(3,("upgrade_groupdb_to_v3: tdb_unpack " - "failure\n")); - return NT_STATUS_INTERNAL_DB_CORRUPTION; - } - - if (!string_to_sid(&map.sid, string_sid)) { - DEBUG(3, ("Got invalid sid: %s\n", string_sid)); - return NT_STATUS_INTERNAL_DB_CORRUPTION; - } - - if (tdb_delete(groupdb, kbuf) < 0) { - status = map_ntstatus_from_tdb(groupdb); - DEBUG(3, ("tdb_delete failed: %s\n", - nt_errstr(status))); - return status; - } - - if (map.gid == -1) { - DEBUG(3, ("Deleting umapped group %s\n", map.nt_name)); - continue; - } - - ZERO_STRUCT(newdata); - - if (!pack_group_map(NULL, &map, &newdata)) { - DEBUG(0, ("pack_group_map_failed\n")); - return NT_STATUS_NO_MEMORY; - } - - status = tdb_add_keyed(groupdb, group_mapping_keys, - newdata, &map); - TALLOC_FREE(newdata.dptr); - - if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECTID_EXISTS)) { - DEBUG(0, ("mapping for gid %d / name %s maps to " - "multiple SIDs -- rejected\n", - map.gid, map.nt_name)); - return status; - } - - if (!NT_STATUS_IS_OK(status)) { - DEBUG(5, ("tdb_add_keyed failed: %s\n", - nt_errstr(status))); - return status; - } - } - - return NT_STATUS_OK; -} +static BOOL enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap, + size_t *p_num_entries, BOOL unix_only); +static BOOL group_map_remove(const DOM_SID *sid); /**************************************************************************** Open the group mapping tdb. ****************************************************************************/ -static NTSTATUS init_group_mapping(void) +static BOOL init_group_mapping(void) { const char *vstring = "INFO/version"; int32 vers_id; - NTSTATUS status; + GROUP_MAP *map_table = NULL; + size_t num_entries = 0; if (tdb) - return NT_STATUS_OK; + return True; - tdb = tdb_open_log(lock_path("group_mapping.tdb"), 0, TDB_DEFAULT, - O_RDWR|O_CREAT, 0600); + tdb = tdb_open_log(lock_path("group_mapping.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600); if (!tdb) { - DEBUG(0,("Failed to open group mapping database: %s\n", - strerror(errno))); - return map_nt_error_from_unix(errno); + DEBUG(0,("Failed to open group mapping database\n")); + return False; } - if (tdb_transaction_start(tdb) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("Could not start transaction: %s\n", - nt_errstr(status))); - tdb_close(tdb); - tdb = NULL; - return status; - } + /* handle a Samba upgrade */ + tdb_lock_bystring(tdb, vstring); /* Cope with byte-reversed older versions of the db. */ vers_id = tdb_fetch_int32(tdb, vstring); - - if (vers_id == DATABASE_VERSION_V3) { - if (tdb_transaction_cancel(tdb) < 0) { - smb_panic("tdb_cancel_transaction failed\n"); - } - return NT_STATUS_OK; + if ((vers_id == DATABASE_VERSION_V1) || (IREV(vers_id) == DATABASE_VERSION_V1)) { + /* Written on a bigendian machine with old fetch_int code. Save as le. */ + tdb_store_int32(tdb, vstring, DATABASE_VERSION_V2); + vers_id = DATABASE_VERSION_V2; } - if (vers_id < 0) { - tdb_store_int32(tdb, vstring, DATABASE_VERSION_V3); - } - - if ((vers_id == DATABASE_VERSION_V1) || - (IREV(vers_id) == DATABASE_VERSION_V1)) { - - /* Written on a bigendian machine with old fetch_int - * code. Save as le. */ + /* if its an unknown version we remove everthing in the db */ + + if (vers_id != DATABASE_VERSION_V2) { + tdb_traverse(tdb, tdb_traverse_delete_fn, NULL); tdb_store_int32(tdb, vstring, DATABASE_VERSION_V2); - vers_id = DATABASE_VERSION_V2; } - if (vers_id == DATABASE_VERSION_V2) { - status = upgrade_groupdb_to_v3(tdb); - if (!NT_STATUS_IS_OK(status)) { - goto fail; + tdb_unlock_bystring(tdb, vstring); + + /* cleanup any map entries with a gid == -1 */ + + if ( enum_group_mapping( NULL, SID_NAME_UNKNOWN, &map_table, &num_entries, False ) ) { + int i; + + for ( i=0; isid); - return NT_STATUS_OK; + len = tdb_pack(buf, sizeof(buf), "ddff", + map->gid, map->sid_name_use, map->nt_name, map->comment); + + if (len > sizeof(buf)) + return False; - fail: - if (tdb_transaction_cancel(tdb) < 0) { - smb_panic("tdb_cancel_transaction failed\n"); + slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid); + + kbuf.dsize = strlen(key)+1; + kbuf.dptr = key; + dbuf.dsize = len; + dbuf.dptr = buf; + if (tdb_store(tdb, kbuf, dbuf, flag) != 0) return False; + + return True; +} + +/**************************************************************************** +initialise first time the mapping list +****************************************************************************/ +NTSTATUS add_initial_entry(gid_t gid, const char *sid, enum SID_NAME_USE sid_name_use, const char *nt_name, const char *comment) +{ + GROUP_MAP map; + + if(!init_group_mapping()) { + DEBUG(0,("failed to initialize group mapping\n")); + return NT_STATUS_UNSUCCESSFUL; } - tdb_close(tdb); - tdb = NULL; + + map.gid=gid; + if (!string_to_sid(&map.sid, sid)) { + DEBUG(0, ("string_to_sid failed: %s", sid)); + return NT_STATUS_UNSUCCESSFUL; + } + + map.sid_name_use=sid_name_use; + fstrcpy(map.nt_name, nt_name); + fstrcpy(map.comment, comment); - return status; + return pdb_add_group_mapping_entry(&map); } /**************************************************************************** @@ -287,7 +168,7 @@ NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *pmap) const char *grpname, *dom, *name; uint32 rid; - if (NT_STATUS_IS_OK(pdb_getgrgid(&map, grp->gr_gid))) { + if (pdb_getgrgid(&map, grp->gr_gid)) { return NT_STATUS_GROUP_EXISTS; } @@ -339,172 +220,248 @@ NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *pmap) Return the sid and the type of the unix group. ****************************************************************************/ -static NTSTATUS get_group_map_from_sid(const DOM_SID *sid, GROUP_MAP *map) +static BOOL get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map) { - TDB_DATA data; - NTSTATUS status; - - status = init_group_mapping(); - if(!NT_STATUS_IS_OK(status)) { + TDB_DATA kbuf, dbuf; + pstring key; + fstring string_sid; + int ret = 0; + + if(!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); - return status; + return(False); } - status = tdb_find_keyed(NULL, tdb, KEYNUM_SID, sid_string_static(sid), - &data, NULL); - if (!NT_STATUS_IS_OK(status)) { - return status; - } + /* the key is the SID, retrieving is direct */ - status = unpack_group_map(data, map) ? - NT_STATUS_OK : NT_STATUS_INTERNAL_DB_CORRUPTION; + sid_to_string(string_sid, &sid); + slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid); - TALLOC_FREE(data.dptr); - return status; + kbuf.dptr = key; + kbuf.dsize = strlen(key)+1; + + dbuf = tdb_fetch(tdb, kbuf); + if (!dbuf.dptr) + return False; + + ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff", + &map->gid, &map->sid_name_use, &map->nt_name, &map->comment); + + SAFE_FREE(dbuf.dptr); + + if ( ret == -1 ) { + DEBUG(3,("get_group_map_from_sid: tdb_unpack failure\n")); + return False; + } + + sid_copy(&map->sid, &sid); + + return True; } /**************************************************************************** Return the sid and the type of the unix group. ****************************************************************************/ -static NTSTATUS get_group_map_from_gid(gid_t gid, GROUP_MAP *map) +static BOOL get_group_map_from_gid(gid_t gid, GROUP_MAP *map) { - TDB_DATA data; - NTSTATUS status; - char *gidstr; + TDB_DATA kbuf, dbuf, newkey; + fstring string_sid; + int ret; - status = init_group_mapping(); - if(!NT_STATUS_IS_OK(status)) { + if(!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); - return status; + return(False); } - if (asprintf(&gidstr, "%d", (int)gid) < 0) { - DEBUG(0, ("asprintf failed\n")); - return NT_STATUS_NO_MEMORY; - } + /* we need to enumerate the TDB to find the GID */ - status = tdb_find_keyed(NULL, tdb, KEYNUM_GID, gidstr, &data, NULL); - SAFE_FREE(gidstr); + for (kbuf = tdb_firstkey(tdb); + kbuf.dptr; + newkey = tdb_nextkey(tdb, kbuf), safe_free(kbuf.dptr), kbuf=newkey) { - if (!NT_STATUS_IS_OK(status)) { - return status; - } + if (strncmp(kbuf.dptr, GROUP_PREFIX, strlen(GROUP_PREFIX)) != 0) continue; + + dbuf = tdb_fetch(tdb, kbuf); + if (!dbuf.dptr) + continue; - status = unpack_group_map(data, map) ? - NT_STATUS_OK : NT_STATUS_INTERNAL_DB_CORRUPTION; + fstrcpy(string_sid, kbuf.dptr+strlen(GROUP_PREFIX)); - TALLOC_FREE(data.dptr); - return status; + string_to_sid(&map->sid, string_sid); + + ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff", + &map->gid, &map->sid_name_use, &map->nt_name, &map->comment); + + SAFE_FREE(dbuf.dptr); + + if ( ret == -1 ) { + DEBUG(3,("get_group_map_from_gid: tdb_unpack failure\n")); + return False; + } + + if (gid==map->gid) { + SAFE_FREE(kbuf.dptr); + return True; + } + } + + return False; } /**************************************************************************** Return the sid and the type of the unix group. ****************************************************************************/ -static NTSTATUS get_group_map_from_ntname(const char *name, GROUP_MAP *map) +static BOOL get_group_map_from_ntname(const char *name, GROUP_MAP *map) { - TDB_DATA data; - NTSTATUS status; - char *tmp; + TDB_DATA kbuf, dbuf, newkey; + fstring string_sid; + int ret; - status = init_group_mapping(); - if(!NT_STATUS_IS_OK(status)) { - DEBUG(0,("failed to initialize group mapping\n")); - return status; + if(!init_group_mapping()) { + DEBUG(0,("get_group_map_from_ntname:failed to initialize group mapping\n")); + return(False); } - tmp = SMB_STRDUP(name); - if (tmp == NULL) { - DEBUG(0, ("strdup failed\n")); - return NT_STATUS_NO_MEMORY; - } + /* we need to enumerate the TDB to find the name */ + + for (kbuf = tdb_firstkey(tdb); + kbuf.dptr; + newkey = tdb_nextkey(tdb, kbuf), safe_free(kbuf.dptr), kbuf=newkey) { + + if (strncmp(kbuf.dptr, GROUP_PREFIX, strlen(GROUP_PREFIX)) != 0) continue; + + dbuf = tdb_fetch(tdb, kbuf); + if (!dbuf.dptr) + continue; - /* - * The name is stored uppercase to make the search case insensitive - */ + fstrcpy(string_sid, kbuf.dptr+strlen(GROUP_PREFIX)); - strupper_m(tmp); + string_to_sid(&map->sid, string_sid); + + ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff", + &map->gid, &map->sid_name_use, &map->nt_name, &map->comment); - status = tdb_find_keyed(NULL, tdb, KEYNUM_NAME, tmp, &data, NULL); - SAFE_FREE(tmp); + SAFE_FREE(dbuf.dptr); + + if ( ret == -1 ) { + DEBUG(3,("get_group_map_from_ntname: tdb_unpack failure\n")); + return False; + } - if (!NT_STATUS_IS_OK(status)) { - return status; + if ( strequal(name, map->nt_name) ) { + SAFE_FREE(kbuf.dptr); + return True; + } } - status = unpack_group_map(data, map) ? - NT_STATUS_OK : NT_STATUS_INTERNAL_DB_CORRUPTION; + return False; +} + +/**************************************************************************** + Remove a group mapping entry. +****************************************************************************/ - TALLOC_FREE(data.dptr); - return status; +static BOOL group_map_remove(const DOM_SID *sid) +{ + TDB_DATA kbuf, dbuf; + pstring key; + fstring string_sid; + + if(!init_group_mapping()) { + DEBUG(0,("failed to initialize group mapping\n")); + return(False); + } + + /* the key is the SID, retrieving is direct */ + + sid_to_string(string_sid, sid); + slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid); + + kbuf.dptr = key; + kbuf.dsize = strlen(key)+1; + + dbuf = tdb_fetch(tdb, kbuf); + if (!dbuf.dptr) + return False; + + SAFE_FREE(dbuf.dptr); + + if(tdb_delete(tdb, kbuf) != TDB_SUCCESS) + return False; + + return True; } /**************************************************************************** Enumerate the group mapping. ****************************************************************************/ -static NTSTATUS enum_group_mapping(const DOM_SID *domsid, - enum SID_NAME_USE sid_name_use, - GROUP_MAP **pp_rmap, - size_t *p_num_entries, BOOL unix_only) +static BOOL enum_group_mapping(const DOM_SID *domsid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap, + size_t *p_num_entries, BOOL unix_only) { - struct tdb_keyed_iterator *iterator; - TDB_DATA dbuf; - NTSTATUS status; + TDB_DATA kbuf, dbuf, newkey; + fstring string_sid; + GROUP_MAP map; + GROUP_MAP *mapt; + int ret; + size_t entries=0; + DOM_SID grpsid; + uint32 rid; - status = init_group_mapping(); - if (!NT_STATUS_IS_OK(status)) { + if(!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); - return status; + return(False); } *p_num_entries=0; *pp_rmap=NULL; - iterator = tdb_enum_keyed(NULL, tdb); - if (iterator == NULL) { - DEBUG(0, ("tdb_enum_keyed failed\n")); - return NT_STATUS_NO_MEMORY; - } - - while (tdb_next_keyed(iterator, &dbuf)) { + for (kbuf = tdb_firstkey(tdb); + kbuf.dptr; + newkey = tdb_nextkey(tdb, kbuf), safe_free(kbuf.dptr), kbuf=newkey) { - GROUP_MAP map; - DOM_SID grpsid; - uint32 rid; + if (strncmp(kbuf.dptr, GROUP_PREFIX, strlen(GROUP_PREFIX)) != 0) + continue; - if (!unpack_group_map(dbuf, &map)) { - DEBUG(5, ("Got invalid group mapping entry\n")); - TALLOC_FREE(dbuf.dptr); + dbuf = tdb_fetch(tdb, kbuf); + if (!dbuf.dptr) continue; - } + + fstrcpy(string_sid, kbuf.dptr+strlen(GROUP_PREFIX)); + + ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff", + &map.gid, &map.sid_name_use, &map.nt_name, &map.comment); SAFE_FREE(dbuf.dptr); + if ( ret == -1 ) { + DEBUG(3,("enum_group_mapping: tdb_unpack failure\n")); + continue; + } + /* list only the type or everything if UNKNOWN */ - if (sid_name_use!=SID_NAME_UNKNOWN && - sid_name_use!=map.sid_name_use) { - DEBUG(11,("enum_group_mapping: group %s is not of the " - "requested type\n", map.nt_name)); + if (sid_name_use!=SID_NAME_UNKNOWN && sid_name_use!=map.sid_name_use) { + DEBUG(11,("enum_group_mapping: group %s is not of the requested type\n", map.nt_name)); continue; } if (unix_only==ENUM_ONLY_MAPPED && map.gid==-1) { - DEBUG(11,("enum_group_mapping: group %s is non " - "mapped\n", map.nt_name)); + DEBUG(11,("enum_group_mapping: group %s is non mapped\n", map.nt_name)); continue; } - sid_copy( &grpsid, &map.sid ); + string_to_sid(&grpsid, string_sid); + sid_copy( &map.sid, &grpsid ); + sid_split_rid( &grpsid, &rid ); /* Only check the domain if we were given one */ if ( domsid && !sid_equal( domsid, &grpsid ) ) { - DEBUG(11,("enum_group_mapping: group %s is not in " - "domain %s\n", sid_string_static(&map.sid), - sid_string_static(domsid))); + DEBUG(11,("enum_group_mapping: group %s is not in domain %s\n", + string_sid, sid_string_static(domsid))); continue; } @@ -512,14 +469,27 @@ static NTSTATUS enum_group_mapping(const DOM_SID *domsid, "type %s\n", map.nt_name, sid_type_lookup(map.sid_name_use))); - ADD_TO_ARRAY(NULL, GROUP_MAP, map, pp_rmap, p_num_entries); - if (*pp_rmap == NULL) { - DEBUG(0, ("ADD_TO_ARRAY failed\n")); - return NT_STATUS_NO_MEMORY; + (*pp_rmap) = SMB_REALLOC_ARRAY((*pp_rmap), GROUP_MAP, entries+1); + if (!(*pp_rmap)) { + DEBUG(0,("enum_group_mapping: Unable to enlarge group map!\n")); + return False; } + + mapt = (*pp_rmap); + + mapt[entries].gid = map.gid; + sid_copy( &mapt[entries].sid, &map.sid); + mapt[entries].sid_name_use = map.sid_name_use; + fstrcpy(mapt[entries].nt_name, map.nt_name); + fstrcpy(mapt[entries].comment, map.comment); + + entries++; + } - return NT_STATUS_OK; + *p_num_entries=entries; + + return True; } /* This operation happens on session setup, so it should better be fast. We @@ -532,7 +502,7 @@ static NTSTATUS one_alias_membership(const DOM_SID *member, TDB_DATA kbuf, dbuf; const char *p; - if (!NT_STATUS_IS_OK(init_group_mapping())) { + if (!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); return NT_STATUS_ACCESS_DENIED; } @@ -611,41 +581,22 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member) pstring key; fstring string_sid; char *new_memberstring; - NTSTATUS status; + int result; - status = init_group_mapping(); - if(!NT_STATUS_IS_OK(status)) { + if(!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); - return status; - } - - if (tdb_transaction_start(tdb) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("Could not start transaction: %s\n", - nt_errstr(status))); - return status; - } - - status = get_group_map_from_sid(alias, &map); - - if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) { - status = NT_STATUS_NO_SUCH_ALIAS; + return NT_STATUS_ACCESS_DENIED; } - if (!NT_STATUS_IS_OK(status)) { - goto fail; - } + if (!get_group_map_from_sid(*alias, &map)) + return NT_STATUS_NO_SUCH_ALIAS; if ( (map.sid_name_use != SID_NAME_ALIAS) && - (map.sid_name_use != SID_NAME_WKN_GRP) ) { - status = NT_STATUS_NO_SUCH_ALIAS; - goto fail; - } + (map.sid_name_use != SID_NAME_WKN_GRP) ) + return NT_STATUS_NO_SUCH_ALIAS; - if (is_aliasmem(alias, member)) { - status = NT_STATUS_MEMBER_IN_ALIAS; - goto fail; - } + if (is_aliasmem(alias, member)) + return NT_STATUS_MEMBER_IN_ALIAS; sid_to_string(string_sid, member); slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX, string_sid); @@ -664,38 +615,18 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member) new_memberstring = SMB_STRDUP(string_sid); } - if (new_memberstring == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } + if (new_memberstring == NULL) + return NT_STATUS_NO_MEMORY; SAFE_FREE(dbuf.dptr); dbuf.dsize = strlen(new_memberstring)+1; dbuf.dptr = new_memberstring; - if (tdb_store(tdb, kbuf, dbuf, 0) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("tdb_store failed: %s\n", nt_errstr(status))); - SAFE_FREE(new_memberstring); - goto fail; - } + result = tdb_store(tdb, kbuf, dbuf, 0); SAFE_FREE(new_memberstring); - if (tdb_transaction_commit(tdb) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("tdb_transaction_commit failed: %s\n", - nt_errstr(status))); - goto fail; - } - - return NT_STATUS_OK; - - fail: - if (tdb_transaction_cancel(tdb) < 0) { - smb_panic("tdb_cancel_transaction failed\n"); - } - return status; + return (result == 0 ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED); } struct aliasmem_closure { @@ -750,18 +681,17 @@ static int collect_aliasmem(TDB_CONTEXT *tdb_ctx, TDB_DATA key, TDB_DATA data, return 0; } -static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, - size_t *num) +static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num) { GROUP_MAP map; struct aliasmem_closure closure; - if(!NT_STATUS_IS_OK(init_group_mapping())) { + if(!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); return NT_STATUS_ACCESS_DENIED; } - if (!NT_STATUS_IS_OK(get_group_map_from_sid(alias, &map))) + if (!get_group_map_from_sid(*alias, &map)) return NT_STATUS_NO_SUCH_ALIAS; if ( (map.sid_name_use != SID_NAME_ALIAS) && @@ -781,33 +711,19 @@ static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member) { - NTSTATUS status; - DOM_SID *sids = NULL; + NTSTATUS result; + DOM_SID *sids; size_t i, num; BOOL found = False; - char *member_string = NULL; + char *member_string; TDB_DATA kbuf, dbuf; pstring key; fstring sid_string; - status = init_group_mapping(); - if(!NT_STATUS_IS_OK(status)) { - DEBUG(0,("failed to initialize group mapping\n")); - return status; - } - - if (tdb_transaction_start(tdb) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("Could not start transaction: %s\n", - nt_errstr(status))); - return status; - } - - status = alias_memberships(member, 1, &sids, &num); + result = alias_memberships(member, 1, &sids, &num); - if (!NT_STATUS_IS_OK(status)) { - goto fail; - } + if (!NT_STATUS_IS_OK(result)) + return result; for (i=0; int_name, "None" ); fstrcpy( map->comment, "Ordinary Users" ); - sid_copy( &map->sid, sid ); + sid_copy( &map->sid, &sid ); map->sid_name_use = SID_NAME_DOM_GRP; - return NT_STATUS_OK; + return True; } - return status; + return False; } DEBUG(10, ("get_domain_group_from_sid: SID found in the TDB\n")); /* if it's not a domain group, continue */ if (map->sid_name_use!=SID_NAME_DOM_GRP) { - return NT_STATUS_OBJECT_TYPE_MISMATCH; + return False; } DEBUG(10, ("get_domain_group_from_sid: SID is a domain group\n")); if (map->gid==-1) { - return NT_STATUS_NOT_FOUND; + return False; } - DEBUG(10, ("get_domain_group_from_sid: SID is mapped to gid:%lu\n", - (unsigned long)map->gid)); + DEBUG(10, ("get_domain_group_from_sid: SID is mapped to gid:%lu\n",(unsigned long)map->gid)); grp = getgrgid(map->gid); if ( !grp ) { - DEBUG(10, ("get_domain_group_from_sid: gid DOESN'T exist in " - "UNIX security\n")); - return NT_STATUS_NOT_FOUND; + DEBUG(10, ("get_domain_group_from_sid: gid DOESN'T exist in UNIX security\n")); + return False; } - DEBUG(10, ("get_domain_group_from_sid: gid exists in UNIX " - "security\n")); + DEBUG(10, ("get_domain_group_from_sid: gid exists in UNIX security\n")); - return NT_STATUS_OK; + return True; } /**************************************************************************** @@ -1117,114 +998,70 @@ int smb_delete_user_group(const char *unix_group, const char *unix_user) NTSTATUS pdb_default_getgrsid(struct pdb_methods *methods, GROUP_MAP *map, - const DOM_SID *sid) + DOM_SID sid) { - return get_group_map_from_sid(sid, map); + return get_group_map_from_sid(sid, map) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } NTSTATUS pdb_default_getgrgid(struct pdb_methods *methods, GROUP_MAP *map, gid_t gid) { - return get_group_map_from_gid(gid, map); + return get_group_map_from_gid(gid, map) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } NTSTATUS pdb_default_getgrnam(struct pdb_methods *methods, GROUP_MAP *map, const char *name) { - return get_group_map_from_ntname(name, map); + return get_group_map_from_ntname(name, map) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } NTSTATUS pdb_default_add_group_mapping_entry(struct pdb_methods *methods, - GROUP_MAP *map) + GROUP_MAP *map) { - TDB_DATA data; - NTSTATUS status; - - status = init_group_mapping(); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(0,("failed to initialize group mapping\n")); - return status; - } - - ZERO_STRUCT(data); - if (!pack_group_map(NULL, map, &data)) { - DEBUG(0, ("pack_group_map failed\n")); - return NT_STATUS_NO_MEMORY; - } - - status = tdb_add_keyed(tdb, group_mapping_keys, data, map); - TALLOC_FREE(data.dptr); - - return status; + return add_mapping_entry(map, TDB_INSERT) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } NTSTATUS pdb_default_update_group_mapping_entry(struct pdb_methods *methods, - GROUP_MAP *map) + GROUP_MAP *map) { - TDB_DATA data; - char *primary_key; - NTSTATUS status; - - status = tdb_find_keyed(NULL, tdb, KEYNUM_SID, - sid_string_static(&map->sid), - &data, &primary_key); - if (!NT_STATUS_IS_OK(status)) { - return status; - } - - TALLOC_FREE(data.dptr); - ZERO_STRUCT(data); - - if (!pack_group_map(NULL, map, &data)) { - DEBUG(0, ("pack_group_map failed\n")); - SAFE_FREE(primary_key); - return NT_STATUS_NO_MEMORY; - } - - status = tdb_update_keyed(tdb, primary_key, group_mapping_keys, - data, NULL); - TALLOC_FREE(data.dptr); - TALLOC_FREE(primary_key); - return status; + return add_mapping_entry(map, TDB_REPLACE) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } NTSTATUS pdb_default_delete_group_mapping_entry(struct pdb_methods *methods, - DOM_SID sid) + DOM_SID sid) { - TDB_DATA data; - char *primary_key; - NTSTATUS status; - GROUP_MAP map; - - status = tdb_find_keyed(NULL, tdb, KEYNUM_SID, sid_string_static(&sid), - &data, &primary_key); - if (!NT_STATUS_IS_OK(status)) { - return status; - } + return group_map_remove(&sid) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; +} - if (!unpack_group_map(data, &map)) { - DEBUG(0, ("unpack_group_map failed\n")); - TALLOC_FREE(data.dptr); - return NT_STATUS_INTERNAL_DB_CORRUPTION; - } +NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods, + const DOM_SID *sid, enum SID_NAME_USE sid_name_use, + GROUP_MAP **pp_rmap, size_t *p_num_entries, + BOOL unix_only) +{ + return enum_group_mapping(sid, sid_name_use, pp_rmap, p_num_entries, unix_only) ? + NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; +} - TALLOC_FREE(data.dptr); +NTSTATUS pdb_default_find_alias(struct pdb_methods *methods, + const char *name, DOM_SID *sid) +{ + GROUP_MAP map; - status = tdb_del_keyed(tdb, group_mapping_keys, primary_key, &map); + if (!pdb_getgrnam(&map, name)) + return NT_STATUS_NO_SUCH_ALIAS; - TALLOC_FREE(primary_key); - return status; -} + if ((map.sid_name_use != SID_NAME_WKN_GRP) && + (map.sid_name_use != SID_NAME_ALIAS)) + return NT_STATUS_OBJECT_TYPE_MISMATCH; -NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods, - const DOM_SID *sid, - enum SID_NAME_USE sid_name_use, - GROUP_MAP **pp_rmap, - size_t *p_num_entries, - BOOL unix_only) -{ - return enum_group_mapping(sid, sid_name_use, pp_rmap, p_num_entries, - unix_only); + sid_copy(sid, &map.sid); + return NT_STATUS_OK; } NTSTATUS pdb_default_create_alias(struct pdb_methods *methods, @@ -1301,7 +1138,7 @@ NTSTATUS pdb_default_get_aliasinfo(struct pdb_methods *methods, { GROUP_MAP map; - if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, sid))) + if (!pdb_getgrsid(&map, *sid)) return NT_STATUS_NO_SUCH_ALIAS; if ((map.sid_name_use != SID_NAME_ALIAS) && @@ -1324,7 +1161,7 @@ NTSTATUS pdb_default_set_aliasinfo(struct pdb_methods *methods, { GROUP_MAP map; - if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, sid))) + if (!pdb_getgrsid(&map, *sid)) return NT_STATUS_NO_SUCH_ALIAS; fstrcpy(map.nt_name, info->acct_name); @@ -1391,6 +1228,88 @@ NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods, return NT_STATUS_OK; } +/********************************************************************** + no ops for passdb backends that don't implement group mapping + *********************************************************************/ + +NTSTATUS pdb_nop_getgrsid(struct pdb_methods *methods, GROUP_MAP *map, + DOM_SID sid) +{ + return NT_STATUS_UNSUCCESSFUL; +} + +NTSTATUS pdb_nop_getgrgid(struct pdb_methods *methods, GROUP_MAP *map, + gid_t gid) +{ + return NT_STATUS_UNSUCCESSFUL; +} + +NTSTATUS pdb_nop_getgrnam(struct pdb_methods *methods, GROUP_MAP *map, + const char *name) +{ + return NT_STATUS_UNSUCCESSFUL; +} + +NTSTATUS pdb_nop_add_group_mapping_entry(struct pdb_methods *methods, + GROUP_MAP *map) +{ + return NT_STATUS_UNSUCCESSFUL; +} + +NTSTATUS pdb_nop_update_group_mapping_entry(struct pdb_methods *methods, + GROUP_MAP *map) +{ + return NT_STATUS_UNSUCCESSFUL; +} + +NTSTATUS pdb_nop_delete_group_mapping_entry(struct pdb_methods *methods, + DOM_SID sid) +{ + return NT_STATUS_UNSUCCESSFUL; +} + +NTSTATUS pdb_nop_enum_group_mapping(struct pdb_methods *methods, + enum SID_NAME_USE sid_name_use, + GROUP_MAP **rmap, size_t *num_entries, + BOOL unix_only) +{ + return NT_STATUS_UNSUCCESSFUL; +} + +/**************************************************************************** + These need to be redirected through pdb_interface.c +****************************************************************************/ +BOOL pdb_get_dom_grp_info(const DOM_SID *sid, struct acct_info *info) +{ + GROUP_MAP map; + BOOL res; + + become_root(); + res = get_domain_group_from_sid(*sid, &map); + unbecome_root(); + + if (!res) + return False; + + fstrcpy(info->acct_name, map.nt_name); + fstrcpy(info->acct_desc, map.comment); + sid_peek_rid(sid, &info->rid); + return True; +} + +BOOL pdb_set_dom_grp_info(const DOM_SID *sid, const struct acct_info *info) +{ + GROUP_MAP map; + + if (!get_domain_group_from_sid(*sid, &map)) + return False; + + fstrcpy(map.nt_name, info->acct_name); + fstrcpy(map.comment, info->acct_desc); + + return NT_STATUS_IS_OK(pdb_update_group_mapping_entry(&map)); +} + /******************************************************************** Really just intended to be called by smbd ********************************************************************/ diff --git a/source/include/passdb.h b/source/include/passdb.h index d8d0a54c3c2..35bb93aa31c 100644 --- a/source/include/passdb.h +++ b/source/include/passdb.h @@ -244,7 +244,7 @@ struct pdb_search { * enum SID_NAME_USE rather than uint32. */ -#define PASSDB_INTERFACE_VERSION 15 +#define PASSDB_INTERFACE_VERSION 14 struct pdb_methods { @@ -277,8 +277,7 @@ struct pdb_methods NTSTATUS (*update_login_attempts)(struct pdb_methods *methods, struct samu *sam_acct, BOOL success); - NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map, - const DOM_SID *sid); + NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map, DOM_SID sid); NTSTATUS (*getgrgid)(struct pdb_methods *methods, GROUP_MAP *map, gid_t gid); @@ -329,6 +328,9 @@ struct pdb_methods TALLOC_CTX *mem_ctx, uint32 group_rid, uint32 member_rid); + NTSTATUS (*find_alias)(struct pdb_methods *methods, + const char *name, DOM_SID *sid); + NTSTATUS (*create_alias)(struct pdb_methods *methods, const char *name, uint32 *rid); diff --git a/source/include/smb.h b/source/include/smb.h index c80c029f3e1..1a55bef4287 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -1853,9 +1853,4 @@ enum usershare_err { /* Different reasons for closing a file. */ enum file_close_type {NORMAL_CLOSE=0,SHUTDOWN_CLOSE,ERROR_CLOSE}; -struct tdb_keyed_iterator { - struct tdb_context *tdb; - TDB_DATA key; -}; - #endif /* _SMB_H */ diff --git a/source/lib/talloc.c b/source/lib/talloc.c index 35c4ddaf31e..0e223e8bbeb 100644 --- a/source/lib/talloc.c +++ b/source/lib/talloc.c @@ -1136,46 +1136,6 @@ char *talloc_asprintf(const void *t, const char *fmt, ...) return ret; } -int talloc_vasprintf_len(const void *t, char **res, const char *fmt, - va_list ap) -{ - int len; - va_list ap2; - char c; - - VA_COPY(ap2, ap); - - /* this call looks strange, but it makes it work on older solaris boxes */ - if ((len = vsnprintf(&c, 1, fmt, ap2)) < 0) { - return len; - } - - *res = (char *)_talloc(t, len+1); - if (*res) { - VA_COPY(ap2, ap); - vsnprintf(*res, len+1, fmt, ap2); - talloc_set_name_const(*res, *res); - } - - return len; -} - - -/* - Perform string formatting, and return a pointer to newly allocated - memory holding the result, inside a memory pool. - */ -int talloc_asprintf_len(const void *t, char **res, const char *fmt, ...) -{ - va_list ap; - int len; - - va_start(ap, fmt); - len = talloc_vasprintf_len(t, res, fmt, ap); - va_end(ap); - return len; -} - /** * Realloc @p s to append the formatted result of @p fmt and @p ap, diff --git a/source/lib/tdb_multikey.c b/source/lib/tdb_multikey.c deleted file mode 100644 index 7a4c8e1d5cc..00000000000 --- a/source/lib/tdb_multikey.c +++ /dev/null @@ -1,588 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * TDB multi-key wrapper - * Copyright (C) Volker Lendecke 2006 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - */ - -#include "includes.h" - -static struct { enum TDB_ERROR t; NTSTATUS n; } tdb_to_ntstatus_map[] = { - { TDB_ERR_CORRUPT, NT_STATUS_INTERNAL_DB_CORRUPTION }, - { TDB_ERR_IO, NT_STATUS_UNEXPECTED_IO_ERROR }, - { TDB_ERR_LOCK, NT_STATUS_FILE_LOCK_CONFLICT }, - { TDB_ERR_OOM, NT_STATUS_NO_MEMORY }, - { TDB_ERR_EXISTS, NT_STATUS_OBJECTID_EXISTS }, - { TDB_ERR_NOLOCK, NT_STATUS_NOT_LOCKED }, - { TDB_ERR_LOCK_TIMEOUT, NT_STATUS_IO_TIMEOUT }, - { TDB_ERR_NOEXIST, NT_STATUS_NOT_FOUND }, - { TDB_ERR_EINVAL, NT_STATUS_INVALID_PARAMETER }, - { TDB_ERR_RDONLY, NT_STATUS_ACCESS_DENIED }, - { 0, NT_STATUS_OK }, -}; - -NTSTATUS map_ntstatus_from_tdb(struct tdb_context *t) -{ - enum TDB_ERROR err = tdb_error(t); - int i = 0; - - while (tdb_to_ntstatus_map[i].t != 0) { - if (tdb_to_ntstatus_map[i].t == err) { - return tdb_to_ntstatus_map[i].n; - } - i += 1; - } - - return NT_STATUS_INTERNAL_ERROR; -} - -#define KEY_VERSION (1) -#define PRIMARY_KEY_LENGTH (24) - -/* - * Check that the keying version is acceptable. Change operations are very - * expensive under transactions anyway, so we do this upon every change to - * avoid damage when someone changes the key format while we have the db open. - * - * To be called only within a transaction, we don't do locking here. - */ - -static BOOL tdb_check_keyversion(struct tdb_context *tdb) -{ - const char *versionkey = "KEYVERSION"; - TDB_DATA key, data; - NTSTATUS status; - unsigned long version; - char *endptr; - - key.dptr = CONST_DISCARD(char *, versionkey); - key.dsize = strlen(versionkey)+1; - - data = tdb_fetch(tdb, key); - if (data.dptr == NULL) { - char *vstr; - int res; - - asprintf(&vstr, "%d", KEY_VERSION); - if (vstr == NULL) { - DEBUG(0, ("asprintf failed\n")); - return False; - } - data.dptr = vstr; - data.dsize = strlen(vstr)+1; - - res = tdb_store(tdb, key, data, TDB_INSERT); - SAFE_FREE(vstr); - - if (res < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("Could not store key: %s\n", - nt_errstr(status))); - return False; - } - - return True; - } - - /* - * We have a key, check it - */ - - SMB_ASSERT(data.dsize > 0); - if (data.dptr[data.dsize-1] != '\0') { - DEBUG(1, ("Key field not NUL terminated\n")); - SAFE_FREE(data.dptr); - return False; - } - - version = strtoul(data.dptr, &endptr, 10); - if (endptr != data.dptr+data.dsize-1) { - DEBUG(1, ("Invalid version string\n")); - SAFE_FREE(data.dptr); - return False; - } - SAFE_FREE(data.dptr); - - if (version != KEY_VERSION) { - DEBUG(1, ("Wrong key version: %ld, expected %d\n", - version, KEY_VERSION)); - return False; - } - - return True; -} - -/* - * Find a record according to a key and value expected in that key. The - * primary_key is returned for later reference in tdb_idx_update or - * tdb_idx_delete. - */ - -NTSTATUS tdb_find_keyed(TALLOC_CTX *ctx, struct tdb_context *tdb, - int keynumber, const char *value, - TDB_DATA *result, char **primary_key) -{ - TDB_DATA key, prim, data; - NTSTATUS status; - - prim.dptr = data.dptr = NULL; - - key.dsize = talloc_asprintf_len(ctx, &key.dptr, "KEY/%d/%s", keynumber, - value); - if (key.dptr == NULL) { - DEBUG(0, ("talloc_asprintf failed\n")); - status = NT_STATUS_NO_MEMORY; - goto fail; - } - key.dsize += 1; - - prim = tdb_fetch(tdb, key); - if (prim.dptr == NULL) { - status = NT_STATUS_NOT_FOUND; - goto fail; - } - - data = tdb_fetch(tdb, prim); - if (data.dptr == NULL) { - DEBUG(1, ("Did not find record %s for key %s\n", - prim.dptr, key.dptr)); - status = NT_STATUS_NOT_FOUND; - goto fail; - } - - if (primary_key != NULL) { - *primary_key = talloc_strndup(ctx, prim.dptr, prim.dsize); - if (*primary_key == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - } - - /* - * The following copy will be removed when tdb_fetch takes a - * TALLOC_CTX as parameter. - */ - - result->dptr = (char *)talloc_memdup(ctx, data.dptr, data.dsize); - if (result->dptr == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - result->dsize = data.dsize; - - status = NT_STATUS_OK; - - fail: - TALLOC_FREE(key.dptr); - SAFE_FREE(prim.dptr); - SAFE_FREE(data.dptr); - return status; -} - -/* - * Store all the key entries for a data entry. Best called within a tdb - * transaction. - */ - -static NTSTATUS set_keys(struct tdb_context *tdb, - char **(*getkeys)(TALLOC_CTX *mem_ctx, TDB_DATA data, - void *private_data), - TDB_DATA primary_key, TDB_DATA user_data, - void *private_data) -{ - int i; - char **keys = getkeys(NULL, user_data, private_data); - - if (keys == NULL) { - DEBUG(5, ("Could not get keys\n")); - return NT_STATUS_NO_MEMORY; - } - - for (i=0; keys[i] != NULL; i++) { - NTSTATUS status; - TDB_DATA key; - - key.dsize = talloc_asprintf_len(keys, &key.dptr, "KEY/%d/%s", - i, keys[i]); - if (key.dptr == NULL) { - DEBUG(0, ("talloc_asprintf failed\n")); - TALLOC_FREE(keys); - return NT_STATUS_NO_MEMORY; - } - key.dsize += 1; - - if (tdb_store(tdb, key, primary_key, TDB_INSERT) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("Could not store key %d: %s\n", i, - nt_errstr(status))); - TALLOC_FREE(keys); - return status; - } - } - - TALLOC_FREE(keys); - return NT_STATUS_OK; -} - -/* - * Delete all the key entries for a data entry. Best called within a tdb - * transaction. - */ - -static NTSTATUS del_keys(struct tdb_context *tdb, - char **(*getkeys)(TALLOC_CTX *mem_ctx, TDB_DATA data, - void *private_data), - TDB_DATA primary_key, void *private_data) -{ - TDB_DATA data; - int i; - char **keys; - - /* - * We need the data record to be able to fetch all the keys, so pull - * the user data - */ - - data = tdb_fetch(tdb, primary_key); - if (data.dptr == NULL) { - DEBUG(5, ("Could not find record for key %s\n", - primary_key.dptr)); - return NT_STATUS_NOT_FOUND; - } - - keys = getkeys(NULL, data, private_data); - if (keys == NULL) { - DEBUG(5, ("Could not get keys\n")); - return NT_STATUS_NO_MEMORY; - } - - SAFE_FREE(data.dptr); - - for (i=0; keys[i] != NULL; i++) { - NTSTATUS status; - TDB_DATA key; - - key.dsize = talloc_asprintf_len(keys, &key.dptr, "KEY/%d/%s", - i, keys[i]); - if (key.dptr == NULL) { - DEBUG(0, ("talloc_asprintf failed\n")); - TALLOC_FREE(keys); - return NT_STATUS_NO_MEMORY; - } - key.dsize += 1; - - if (tdb_delete(tdb, key) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("Could not delete key %d: %s\n", i, - nt_errstr(status))); - TALLOC_FREE(keys); - return status; - } - } - - TALLOC_FREE(keys); - return NT_STATUS_OK; -} - -/* - * Generate a unique primary key - */ - -static TDB_DATA new_primary_key(struct tdb_context *tdb) -{ - TDB_DATA key; - int i; - - /* - * Generate a new primary key, the for loop is for the very unlikely - * collisions. - */ - - for (i=0; i<20; i++) { - TDB_DATA data; - asprintf(&key.dptr, "KEYPRIM/%s", generate_random_str(16)); - if (key.dptr == NULL) { - DEBUG(0, ("talloc_asprintf failed\n")); - return key; - } - -#ifdef DEVELOPER - SMB_ASSERT(strlen(key.dptr) == PRIMARY_KEY_LENGTH); -#endif - key.dsize = PRIMARY_KEY_LENGTH+1; - - data = tdb_fetch(tdb, key); - if (data.dptr == NULL) { - return key; - } - SAFE_FREE(key.dptr); - SAFE_FREE(data.dptr); - } - - DEBUG(0, ("Did not find a unique key string!\n")); - key.dptr = NULL; - key.dsize = 0; - return key; -} - -/* - * Add a new record to the database - */ - -NTSTATUS tdb_add_keyed(struct tdb_context *tdb, - char **(*getkeys)(TALLOC_CTX *mem_ctx, TDB_DATA data, - void *private_data), - TDB_DATA data, void *private_data) -{ - NTSTATUS status = NT_STATUS_OK; - TDB_DATA key; - - key.dptr = NULL; - - if (tdb_transaction_start(tdb) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("Could not start transaction: %s\n", - nt_errstr(status))); - return status; - } - - if (!tdb_check_keyversion(tdb)) { - status = NT_STATUS_INTERNAL_DB_CORRUPTION; - goto fail; - } - - key = new_primary_key(tdb); - if (key.dptr == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - - if (tdb_store(tdb, key, data, TDB_INSERT) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("Could not store record: %s\n", nt_errstr(status))); - goto fail; - } - - status = set_keys(tdb, getkeys, key, data, private_data); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(5, ("set_keys failed: %s\n", nt_errstr(status))); - goto fail; - } - - if (tdb_transaction_commit(tdb) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("tdb_transaction_commit failed: %s\n", - nt_errstr(status))); - goto fail; - } - - SAFE_FREE(key.dptr); - return NT_STATUS_OK; - - fail: - if (tdb_transaction_cancel(tdb) < 0) { - smb_panic("tdb_cancel_transaction failed\n"); - } - - SAFE_FREE(key.dptr); - return status; -} - -/* - * Delete a record from the database, given its primary key - */ - -NTSTATUS tdb_del_keyed(struct tdb_context *tdb, - char **(*getkeys)(TALLOC_CTX *mem_ctx, TDB_DATA data, - void *private_data), - const char *primary_key, void *private_data) -{ - NTSTATUS status = NT_STATUS_OK; - TDB_DATA key; - - if ((primary_key == NULL) || - (strlen(primary_key) != PRIMARY_KEY_LENGTH) || - (strncmp(primary_key, "KEYPRIM/", 7) != 0)) { - return NT_STATUS_INVALID_PARAMETER; - } - - if (tdb_transaction_start(tdb) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("Could not start transaction: %s\n", - nt_errstr(status))); - return status; - } - - if (!tdb_check_keyversion(tdb)) { - status = NT_STATUS_INTERNAL_DB_CORRUPTION; - goto fail; - } - - key.dptr = CONST_DISCARD(char *, primary_key); - key.dsize = PRIMARY_KEY_LENGTH+1; - - status = del_keys(tdb, getkeys, key, private_data); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("del_keys failed: %s\n", nt_errstr(status))); - goto fail; - } - - if (tdb_delete(tdb, key) < 0) { - DEBUG(5, ("Could not delete record %s\n", primary_key)); - status = NT_STATUS_INTERNAL_DB_CORRUPTION; - goto fail; - } - - if (tdb_transaction_commit(tdb) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("tdb_transaction_commit failed: %s\n", - nt_errstr(status))); - goto fail; - } - - return NT_STATUS_OK; - - fail: - if (tdb_transaction_cancel(tdb) < 0) { - smb_panic("tdb_cancel_transaction failed\n"); - } - - return status; -} - -/* - * Update a record that has previously been fetched and then changed. - */ - -NTSTATUS tdb_update_keyed(struct tdb_context *tdb, const char *primary_key, - char **(*getkeys)(TALLOC_CTX *mem_ctx, - TDB_DATA data, void *private_data), - TDB_DATA data, void *private_data) -{ - NTSTATUS status = NT_STATUS_OK; - TDB_DATA key; - - if ((primary_key == NULL) || - (strlen(primary_key) != PRIMARY_KEY_LENGTH) || - (strncmp(primary_key, "KEYPRIM/", 8) != 0)) { - return NT_STATUS_INVALID_PARAMETER; - } - - if (tdb_transaction_start(tdb) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("Could not start transaction: %s\n", - nt_errstr(status))); - return status; - } - - if (!tdb_check_keyversion(tdb)) { - status = NT_STATUS_INTERNAL_DB_CORRUPTION; - goto fail; - } - - key.dptr = CONST_DISCARD(char *, primary_key); - key.dsize = PRIMARY_KEY_LENGTH+1; - - status = del_keys(tdb, getkeys, key, private_data); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(5, ("del_keys failed: %s\n", nt_errstr(status))); - goto fail; - } - - if (tdb_store(tdb, key, data, TDB_REPLACE) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("Could not store new record: %s\n", - nt_errstr(status))); - goto fail; - } - - status = set_keys(tdb, getkeys, key, data, private_data); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(5, ("set_keys failed: %s\n", nt_errstr(status))); - goto fail; - } - - if (tdb_transaction_commit(tdb) < 0) { - status = map_ntstatus_from_tdb(tdb); - DEBUG(5, ("tdb_transaction_commit failed: %s\n", - nt_errstr(status))); - goto fail; - } - - return NT_STATUS_OK; - - fail: - if (tdb_transaction_cancel(tdb) < 0) { - smb_panic("tdb_cancel_transaction failed\n"); - } - - return status; -} - -static int iterator_destructor(void *p) -{ - struct tdb_keyed_iterator *i = (struct tdb_keyed_iterator *)p; - SAFE_FREE(i->key.dptr); - return 0; -} - -struct tdb_keyed_iterator *tdb_enum_keyed(TALLOC_CTX *mem_ctx, - struct tdb_context *tdb) -{ - struct tdb_keyed_iterator *result = TALLOC_P( - mem_ctx, struct tdb_keyed_iterator); - - if (result == NULL) { - DEBUG(0, ("talloc failed\n")); - return result; - } - - result->tdb = tdb; - result->key = tdb_firstkey(tdb); - talloc_set_destructor(result, iterator_destructor); - return result; -} - -BOOL tdb_next_keyed(struct tdb_keyed_iterator *it, TDB_DATA *data) -{ - if (it->key.dptr == NULL) { - return False; - } - - while (True) { - TDB_DATA tmp; - - if ((it->key.dsize == PRIMARY_KEY_LENGTH+1) && - (strncmp(it->key.dptr, "KEYPRIM/", 8) == 0)) { - - *data = tdb_fetch(it->tdb, it->key); - - tmp = tdb_nextkey(it->tdb, it->key); - SAFE_FREE(it->key.dptr); - it->key = tmp; - - return (data->dptr != NULL); - } - - tmp = tdb_nextkey(it->tdb, it->key); - SAFE_FREE(it->key.dptr); - it->key = tmp; - - if (it->key.dptr == NULL) { - return False; - } - } -} diff --git a/source/passdb/lookup_sid.c b/source/passdb/lookup_sid.c index acfccfdd268..f612cff092a 100644 --- a/source/passdb/lookup_sid.c +++ b/source/passdb/lookup_sid.c @@ -142,7 +142,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, GROUP_MAP map; - if (NT_STATUS_IS_OK(pdb_getgrgid(&map, grp->gr_gid))) { + if (pdb_getgrgid(&map, grp->gr_gid)) { /* The hack gets worse. Handle the case where we have * 'force group = +unixgroup' but "unixgroup" has a * group mapping */ @@ -1352,7 +1352,7 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid) if ((sid_check_is_in_builtin(psid) || sid_check_is_in_wellknown_domain(psid))) { - if (NT_STATUS_IS_OK(pdb_getgrsid(&map, psid))) { + if (pdb_getgrsid(&map, *psid)) { *pgid = map.gid; goto done; } diff --git a/source/passdb/passdb.c b/source/passdb/passdb.c index ab8844f5997..f74b1fbe3ba 100644 --- a/source/passdb/passdb.c +++ b/source/passdb/passdb.c @@ -604,7 +604,7 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid, */ become_root(); - ret = NT_STATUS_IS_OK(pdb_getgrnam(&map, user)); + ret = pdb_getgrnam(&map, user); unbecome_root(); if (!ret) { diff --git a/source/passdb/pdb_interface.c b/source/passdb/pdb_interface.c index 7bc78af36b5..7f2a8f25b3d 100644 --- a/source/passdb/pdb_interface.c +++ b/source/passdb/pdb_interface.c @@ -561,22 +561,22 @@ NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success) return pdb->update_login_attempts(pdb, sam_acct, success); } -NTSTATUS pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid) +BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid) { struct pdb_methods *pdb = pdb_get_methods(); - return pdb->getgrsid(pdb, map, sid); + return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid)); } -NTSTATUS pdb_getgrgid(GROUP_MAP *map, gid_t gid) +BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid) { struct pdb_methods *pdb = pdb_get_methods(); - return pdb->getgrgid(pdb, map, gid); + return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid)); } -NTSTATUS pdb_getgrnam(GROUP_MAP *map, const char *name) +BOOL pdb_getgrnam(GROUP_MAP *map, const char *name) { struct pdb_methods *pdb = pdb_get_methods(); - return pdb->getgrnam(pdb, map, name); + return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name)); } static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods, @@ -584,7 +584,7 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods, const char *name, uint32 *rid) { - GROUP_MAP map; + DOM_SID group_sid; struct group *grp; grp = getgrnam(name); @@ -611,12 +611,10 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods, } } - map.gid = grp->gr_gid; - map.sid_name_use = SID_NAME_DOM_GRP; - sid_compose(&map.sid, get_global_sam_sid(), *rid); - fstrcpy(map.nt_name, name); - map.comment[0] = '\0'; - return pdb_add_group_mapping_entry(&map); + sid_compose(&group_sid, get_global_sam_sid(), *rid); + + return add_initial_entry(grp->gr_gid, sid_string_static(&group_sid), + SID_NAME_DOM_GRP, name, NULL); } NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name, @@ -638,7 +636,7 @@ static NTSTATUS pdb_default_delete_dom_group(struct pdb_methods *methods, sid_compose(&group_sid, get_global_sam_sid(), rid); - if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map))) { + if (!get_domain_group_from_sid(group_sid, &map)) { DEBUG(10, ("Could not find group for rid %d\n", rid)); return NT_STATUS_NO_SUCH_GROUP; } @@ -698,14 +696,12 @@ NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid) return pdb->delete_group_mapping_entry(pdb, sid); } -NTSTATUS pdb_enum_group_mapping(const DOM_SID *sid, - enum SID_NAME_USE sid_name_use, - GROUP_MAP **pp_rmap, - size_t *p_num_entries, BOOL unix_only) +BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use, GROUP_MAP **pp_rmap, + size_t *p_num_entries, BOOL unix_only) { struct pdb_methods *pdb = pdb_get_methods(); - return pdb->enum_group_mapping(pdb, sid, sid_name_use, - pp_rmap, p_num_entries, unix_only); + return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid, sid_name_use, + pp_rmap, p_num_entries, unix_only)); } NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx, @@ -816,7 +812,7 @@ static NTSTATUS pdb_default_add_groupmem(struct pdb_methods *methods, sid_compose(&group_sid, get_global_sam_sid(), group_rid); sid_compose(&member_sid, get_global_sam_sid(), member_rid); - if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)) || + if (!get_domain_group_from_sid(group_sid, &map) || (map.gid == (gid_t)-1) || ((grp = getgrgid(map.gid)) == NULL)) { return NT_STATUS_NO_SUCH_GROUP; @@ -878,7 +874,7 @@ static NTSTATUS pdb_default_del_groupmem(struct pdb_methods *methods, sid_compose(&group_sid, get_global_sam_sid(), group_rid); sid_compose(&member_sid, get_global_sam_sid(), member_rid); - if (!NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)) || + if (!get_domain_group_from_sid(group_sid, &map) || (map.gid == (gid_t)-1) || ((grp = getgrgid(map.gid)) == NULL)) { return NT_STATUS_NO_SUCH_GROUP; @@ -924,6 +920,12 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid, return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid); } +BOOL pdb_find_alias(const char *name, DOM_SID *sid) +{ + struct pdb_methods *pdb = pdb_get_methods(); + return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid)); +} + NTSTATUS pdb_create_alias(const char *name, uint32 *rid) { struct pdb_methods *pdb = pdb_get_methods(); @@ -1274,7 +1276,7 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods, if (sid_peek_check_rid(&global_sid_Builtin, sid, &rid)) { /* Here we only have aliases */ GROUP_MAP map; - if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, sid))) { + if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, *sid))) { DEBUG(10, ("Could not find map for sid %s\n", sid_string_static(sid))); goto done; @@ -1520,7 +1522,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid, } TALLOC_FREE(sam_account); - ret = NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid)); + ret = pdb_getgrsid(&map, sid); unbecome_root(); /* END BECOME_ROOT BLOCK */ @@ -1850,9 +1852,8 @@ static BOOL pdb_search_grouptype(struct pdb_search *search, return False; } - if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(sid, type, &state->groups, - &state->num_groups, - True))) { + if (!pdb_enum_group_mapping(sid, type, &state->groups, &state->num_groups, + True)) { DEBUG(0, ("Could not enum groups\n")); return False; } @@ -2031,6 +2032,7 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods ) (*methods)->set_unix_primary_group = pdb_default_set_unix_primary_group; (*methods)->add_groupmem = pdb_default_add_groupmem; (*methods)->del_groupmem = pdb_default_del_groupmem; + (*methods)->find_alias = pdb_default_find_alias; (*methods)->create_alias = pdb_default_create_alias; (*methods)->delete_alias = pdb_default_delete_alias; (*methods)->get_aliasinfo = pdb_default_get_aliasinfo; diff --git a/source/passdb/pdb_ldap.c b/source/passdb/pdb_ldap.c index 3e9f321ce22..afc95fe90f1 100644 --- a/source/passdb/pdb_ldap.c +++ b/source/passdb/pdb_ldap.c @@ -2245,14 +2245,14 @@ static NTSTATUS ldapsam_getgroup(struct pdb_methods *methods, *********************************************************************/ static NTSTATUS ldapsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map, - const DOM_SID *sid) + DOM_SID sid) { pstring filter; pstr_sprintf(filter, "(&(objectClass=%s)(%s=%s))", LDAP_OBJ_GROUPMAP, get_attr_key2string(groupmap_attr_list, LDAP_ATTR_GROUP_SID), - sid_string_static(sid)); + sid_string_static(&sid)); return ldapsam_getgroup(methods, filter, map); } diff --git a/source/rpc_server/srv_lsa_nt.c b/source/rpc_server/srv_lsa_nt.c index adccc762751..41df8704143 100644 --- a/source/rpc_server/srv_lsa_nt.c +++ b/source/rpc_server/srv_lsa_nt.c @@ -1730,7 +1730,7 @@ NTSTATUS _lsa_setsystemaccount(pipes_struct *p, LSA_Q_SETSYSTEMACCOUNT *q_u, LSA if ( !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) ) return NT_STATUS_ACCESS_DENIED; - if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &info->sid))) + if (!pdb_getgrsid(&map, info->sid)) return NT_STATUS_NO_SUCH_GROUP; return pdb_update_group_mapping_entry(&map); diff --git a/source/rpc_server/srv_samr_nt.c b/source/rpc_server/srv_samr_nt.c index a70a49652e4..31e434cbfb1 100644 --- a/source/rpc_server/srv_samr_nt.c +++ b/source/rpc_server/srv_samr_nt.c @@ -4438,7 +4438,7 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM } become_root(); - ret = NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)); + ret = get_domain_group_from_sid(group_sid, &map); unbecome_root(); if (!ret) return NT_STATUS_INVALID_HANDLE; @@ -4535,7 +4535,7 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_ } become_root(); - result = NT_STATUS_IS_OK(get_domain_group_from_sid(&group_sid, &map)); + result = get_domain_group_from_sid(group_sid, &map); unbecome_root(); if (!result) return NT_STATUS_NO_SUCH_GROUP; @@ -4754,7 +4754,7 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G /* check if that group really exists */ become_root(); - ret = NT_STATUS_IS_OK(get_domain_group_from_sid(&info->sid, &map)); + ret = get_domain_group_from_sid(info->sid, &map); unbecome_root(); if (!ret) return NT_STATUS_NO_SUCH_GROUP; diff --git a/source/script/tests/test_smbtorture_s3.sh b/source/script/tests/test_smbtorture_s3.sh index 2ee2584b229..842d914ecff 100755 --- a/source/script/tests/test_smbtorture_s3.sh +++ b/source/script/tests/test_smbtorture_s3.sh @@ -25,7 +25,6 @@ tests="$tests OPLOCK1 OPLOCK2 OPLOCK3" tests="$tests DIR DIR1 TCON TCONDEV RW1 RW2 RW3" tests="$tests OPEN XCOPY RENAME DELETE PROPERTIES W2K" tests="$tests PIPE_NUMBER TCON2 IOCTL CHKPATH FDSESS LOCAL-SUBSTITUTE" -tests="$tests LOCAL-MULTIKEY LOCAL-GROUPMAP" skipped1="RANDOMIPC NEGNOWAIT NBENCH ERRMAPEXTRACT TRANS2SCAN NTTRANSSCAN" skipped2="DENY1 DENY2 OPENATTR CASETABLE EATEST" @@ -42,7 +41,7 @@ for t in $tests; do fi start="" name="$t" - testit "$name" $VALGRIND $SRCDIR/bin/smbtorture $ADDARGS $unc -U"$username"%"$password" -S "$CONFFILE" $t || failed=`expr $failed + 1` + testit "$name" $VALGRIND $SRCDIR/bin/smbtorture $ADDARGS $unc -U"$username"%"$password" $t || failed=`expr $failed + 1` done testok $0 $failed diff --git a/source/tdb/tdbutil.c b/source/tdb/tdbutil.c index 21d593a26a9..b946f856aad 100644 --- a/source/tdb/tdbutil.c +++ b/source/tdb/tdbutil.c @@ -505,10 +505,9 @@ size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...) return result; } -BOOL tdb_pack_append(void *_mem_ctx, char **buf, size_t *len, +BOOL tdb_pack_append(TALLOC_CTX *mem_ctx, uint8 **buf, size_t *len, const char *fmt, ...) { - TALLOC_CTX *mem_ctx = (void *)_mem_ctx; va_list ap; size_t len1, len2; @@ -516,8 +515,13 @@ BOOL tdb_pack_append(void *_mem_ctx, char **buf, size_t *len, len1 = tdb_pack_va(NULL, 0, fmt, ap); va_end(ap); - *buf = TALLOC_REALLOC_ARRAY(mem_ctx, *buf, char, - (*len) + len1); + if (mem_ctx != NULL) { + *buf = TALLOC_REALLOC_ARRAY(mem_ctx, *buf, uint8, + (*len) + len1); + } else { + *buf = SMB_REALLOC_ARRAY(*buf, uint8, (*len) + len1); + } + if (*buf == NULL) { return False; } diff --git a/source/tdb/tdbutil.h b/source/tdb/tdbutil.h index 60107adacbb..44351619f45 100644 --- a/source/tdb/tdbutil.h +++ b/source/tdb/tdbutil.h @@ -54,8 +54,6 @@ struct tdb_context *tdb_open_log(const char *name, int hash_size, int tdb_flags, int open_flags, mode_t mode); int tdb_unpack(char *buf, int bufsize, const char *fmt, ...); size_t tdb_pack(char *buf, int bufsize, const char *fmt, ...); -BOOL tdb_pack_append(void *_mem_ctx, char **buf, size_t *len, - const char *fmt, ...); TDB_DATA make_tdb_data(const char *dptr, size_t dsize); TDB_DATA string_tdb_data(const char *string); int tdb_trans_store(struct tdb_context *tdb, TDB_DATA key, TDB_DATA dbuf, diff --git a/source/torture/local-groupmap.c b/source/torture/local-groupmap.c index 007d107e123..bd6f060e71b 100644 --- a/source/torture/local-groupmap.c +++ b/source/torture/local-groupmap.c @@ -151,6 +151,8 @@ static BOOL groupmap_diff(const GROUP_MAP *m1, const GROUP_MAP *m2) (strcmp(m1->comment, m2->comment) != 0)); } +#undef GROUPDB_V3 + BOOL run_local_groupmap(int dummy) { TALLOC_CTX *mem_ctx; @@ -166,6 +168,7 @@ BOOL run_local_groupmap(int dummy) return False; } +#ifdef GROUPDB_V3 status = create_v2_db(True); if (!NT_STATUS_IS_OK(status)) { goto fail; @@ -173,12 +176,13 @@ BOOL run_local_groupmap(int dummy) { GROUP_MAP map; - if (NT_STATUS_IS_OK(pdb_getgrgid(&map, 10001))) { + if (pdb_getgrgid(&map, 10001)) { d_fprintf(stderr, "(%s) upgrading an invalid group db " "worked\n", __location__); goto fail; } } +#endif status = create_v2_db(False); if (!NT_STATUS_IS_OK(status)) { @@ -187,9 +191,8 @@ BOOL run_local_groupmap(int dummy) /* This tests upgrading the database, as well as listing */ - if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, - &maps, &num_maps, - False))) { + if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &maps, &num_maps, + False)) { d_fprintf(stderr, "(%s) pdb_enum_group_mapping failed\n", __location__); goto fail; @@ -209,18 +212,16 @@ BOOL run_local_groupmap(int dummy) string_to_sid(&sid, "S-1-5-32-545"); ZERO_STRUCT(map); - status = pdb_getgrsid(&map, &sid); - if (!NT_STATUS_IS_OK(status)) { - d_fprintf(stderr, "(%s) pdb_getgrsid failed: %s\n", - __location__, nt_errstr(status)); + if (!pdb_getgrsid(&map, &sid)) { + d_fprintf(stderr, "(%s) pdb_getgrsid failed\n", + __location__); goto fail; } ZERO_STRUCT(map1); - status = pdb_getgrgid(&map1, map.gid); - if (!NT_STATUS_IS_OK(status)) { - d_fprintf(stderr, "(%s) pdb_getgrgid failed: %s\n", - __location__, nt_errstr(status)); + if (!pdb_getgrgid(&map1, map.gid)) { + d_fprintf(stderr, "(%s) pdb_getgrgid failed\n", + __location__); goto fail; } @@ -231,10 +232,9 @@ BOOL run_local_groupmap(int dummy) } ZERO_STRUCT(map1); - status = pdb_getgrnam(&map1, map.nt_name); - if (!NT_STATUS_IS_OK(status)) { - d_fprintf(stderr, "(%s) pdb_getgrnam failed: %s\n", - __location__, nt_errstr(status)); + if (!pdb_getgrnam(&map1, map.nt_name)) { + d_fprintf(stderr, "(%s) pdb_getgrnam failed\n", + __location__); goto fail; } @@ -252,31 +252,34 @@ BOOL run_local_groupmap(int dummy) GROUP_MAP map, map1; string_to_sid(&sid, "S-1-5-32-545"); - status = pdb_getgrsid(&map, &sid); - if (!NT_STATUS_IS_OK(status)) { - d_fprintf(stderr, "(%s) did not find S-1-5-32-545: " - "%s\n", __location__, nt_errstr(status)); + if (!pdb_getgrsid(&map, &sid)) { + d_fprintf(stderr, "(%s) did not find S-1-5-32-545\n", + __location__); goto fail; } status = pdb_delete_group_mapping_entry(sid); CHECK_STATUS(status, NT_STATUS_OK); status = pdb_delete_group_mapping_entry(sid); +#ifdef GROUPDB_V3 CHECK_STATUS(status, NT_STATUS_NOT_FOUND); +#else + CHECK_STATUS(status, NT_STATUS_UNSUCCESSFUL); +#endif - if (NT_STATUS_IS_OK(pdb_getgrsid(&map1, &sid))) { + if (pdb_getgrsid(&map1, &sid)) { d_fprintf(stderr, "(%s) getgrsid found deleted " "entry\n", __location__); goto fail; } - if (NT_STATUS_IS_OK(pdb_getgrgid(&map1, map.gid))) { + if (pdb_getgrgid(&map1, map.gid)) { d_fprintf(stderr, "(%s) getgrgid found deleted " "entry\n", __location__); goto fail; } - if (NT_STATUS_IS_OK(pdb_getgrnam(&map1, map.nt_name))) { + if (pdb_getgrnam(&map1, map.nt_name)) { d_fprintf(stderr, "(%s) getgrnam found deleted " "entry\n", __location__); goto fail; @@ -292,10 +295,9 @@ BOOL run_local_groupmap(int dummy) GROUP_MAP map, map1; string_to_sid(&sid, "S-1-5-32-544"); - status = pdb_getgrsid(&map, &sid); - if (!NT_STATUS_IS_OK(status)) { - d_fprintf(stderr, "(%s) did not find S-1-5-32-544: " - "%s\n", __location__, nt_errstr(status)); + if (!pdb_getgrsid(&map, &sid)) { + d_fprintf(stderr, "(%s) did not find S-1-5-32-544\n", + __location__); goto fail; } @@ -305,7 +307,7 @@ BOOL run_local_groupmap(int dummy) status = pdb_update_group_mapping_entry(&map); CHECK_STATUS(status, NT_STATUS_OK); - if (NT_STATUS_IS_OK(pdb_getgrgid(&map1, oldgid))) { + if (pdb_getgrgid(&map1, oldgid)) { d_fprintf(stderr, "(%s) getgrgid found outdated " "entry\n", __location__); goto fail; @@ -315,12 +317,16 @@ BOOL run_local_groupmap(int dummy) map.gid = 1000; status = pdb_update_group_mapping_entry(&map); +#ifdef GROUPDB_V3 CHECK_STATUS(status, NT_STATUS_OBJECTID_EXISTS); - if (!NT_STATUS_IS_OK(pdb_getgrgid(&map1, 4711))) { + if (!pdb_getgrgid(&map1, 4711)) { d_fprintf(stderr, "(%s) update_group changed entry " "upon failure\n", __location__); goto fail; } +#else + CHECK_STATUS(status, NT_STATUS_OK); +#endif } ret = True; diff --git a/source/torture/local-multikey.c b/source/torture/local-multikey.c deleted file mode 100644 index 83de2f0b400..00000000000 --- a/source/torture/local-multikey.c +++ /dev/null @@ -1,211 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Run some local tests on the local tdb multikey wrapper - Copyright (C) Volker Lendecke 2006 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -static char **key_fn(TALLOC_CTX *mem_ctx, TDB_DATA data, - void *private_data) -{ - fstring key, value; - char **result; - - result = TALLOC_ARRAY(mem_ctx, char *, 3); - if (result == NULL) { - return NULL; - } - - if (tdb_unpack(data.dptr, data.dsize, "ff", key, value) < 0) { - d_fprintf(stderr, "tdb_unpack failed\n"); - TALLOC_FREE(result); - return NULL; - } - result[0] = talloc_strdup(result, key); - result[1] = talloc_strdup(result, value); - result[2] = NULL; - - if ((result[0] == NULL) || (result[1] == NULL)) { - d_fprintf(stderr, "talloc_strdup failed\n"); - TALLOC_FREE(result); - return NULL; - } - - return result; -} - -static NTSTATUS multikey_add(struct tdb_context *tdb, const char *key, - const char *value) -{ - NTSTATUS status; - TDB_DATA data; - - data.dptr = NULL; - data.dsize = 0; - - if (!tdb_pack_append(NULL, &data.dptr, &data.dsize, - "ff", key, value)) { - return NT_STATUS_NO_MEMORY; - } - - status = tdb_add_keyed(tdb, key_fn, data, NULL); - TALLOC_FREE(data.dptr); - return status; -} - -#define CHECK_STATUS(_status, _expected) do { \ - if (!NT_STATUS_EQUAL(_status, _expected)) { \ - printf("(%d) Incorrect status %s - should be %s\n", \ - __LINE__, nt_errstr(status), nt_errstr(_expected)); \ - ret = False; \ - goto fail; \ - }} while (0) - -#define NUM_ELEMENTS (50) - -BOOL run_local_multikey(int dummy) -{ - TALLOC_CTX *mem_ctx; - char *prim; - const char *tdbname = "multi_key_test.tdb"; - struct tdb_context *tdb = NULL; - NTSTATUS status; - BOOL ret = False; - TDB_DATA data; - int i; - fstring key,value; - - unlink(tdbname); - - mem_ctx = talloc_init("run_local_multikey"); - if (mem_ctx == NULL) { - d_fprintf(stderr, "talloc_init failed\n"); - return False; - } - - tdb = tdb_open(tdbname, 0, 0, O_CREAT|O_RDWR, 0644); - if (tdb == NULL) { - d_fprintf(stderr, "tdb_open failed: %s\n", strerror(errno)); - goto fail; - } - - for (i=0; i 1000) { - d_printf("tdb_next_keyed overrun\n"); - goto fail; - } - } - - if (i != NUM_ELEMENTS) { - d_printf("counted %d, elements, expected %d\n", - i, NUM_ELEMENTS); - goto fail; - } - } - - status = multikey_add(tdb, "KEY35", "FOOO"); - CHECK_STATUS(status, NT_STATUS_OBJECTID_EXISTS); - status = multikey_add(tdb, "KEY42", "VAL45"); - CHECK_STATUS(status, NT_STATUS_OBJECTID_EXISTS); - status = multikey_add(tdb, "FOO", "VAL45"); - CHECK_STATUS(status, NT_STATUS_OBJECTID_EXISTS); - - for (i=0; ipw_gid))) { + if (!pdb_getgrgid(&gmap, pwd->pw_gid)) { LDAPMod **mods = NULL; char *dn; char *uname; -- 2.34.1