libcli/clideltree.o \
$(LIBRAW_OBJ)
-PASSDB_GET_SET_OBJ = passdb/pdb_get_set.o
-
-PASSDB_OBJ = $(PASSDB_GET_SET_OBJ) passdb/passdb.o passdb/pdb_interface.o \
- passdb/machine_sid.o passdb/pdb_smbpasswd.o \
- passdb/pdb_tdb.o passdb/pdb_ldap.o \
- passdb/pdb_unix.o passdb/pdb_guest.o passdb/util_sam_sid.o \
- passdb/pdb_compat.o passdb/pdb_nisplus.o
-
-PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o
-
-AUTH_OBJ = auth/auth.o auth/auth_sam.o \
- auth/auth_unix.o auth/auth_util.o \
- auth/auth_builtin.o auth/auth_compat.o auth/auth_ntlmssp.o \
- $(PLAINTEXT_AUTH_OBJ)
-
SMBD_OBJ_MAIN = smbd/server.o
SMB_OBJS = @SMB_OBJS@
SMB_LIBS = @SMB_LIBS@
+AUTH_OBJS = @AUTH_OBJS@
+AUTH_LIBS = @AUTH_LIBS@
+
+PASSDB_OBJS = @PASSDB_OBJS@
+PASSDB_LIBS = @PASSDB_LIBS@
+
NTVFS_OBJS = @NTVFS_OBJS@
NTVFS_LIBS = @NTVFS_LIBS@
lib/server_mutex.o \
smbd/build_options.o \
smbd/rewrite.o \
- $(DCERPC_OBJS) $(SMB_OBJS) $(NTVFS_OBJS) @SMBD_EXTRA_OBJS@
+ $(DCERPC_OBJS) $(SMB_OBJS) $(AUTH_OBJS) $(PASSDB_OBJS) $(NTVFS_OBJS) @SMBD_EXTRA_OBJS@
PROCESS_MODEL_OBJS = @PROCESS_MODEL_OBJS@
PROCESS_MODEL_LIBS = @PROCESS_MODEL_LIBS@
$(AUTH_OBJ) $(LIB_OBJ) $(POPT_LIB_OBJ) $(LIBSMB_OBJ)
SMBD_OBJS = $(SMBD_OBJ_MAIN) $(SMBD_OBJ_BASE) @BUILD_POPT@
-SMBD_LIBS = $(LIBS) $(PROCESS_MODEL_LIBS) $(DCERPC_LIBS) $(NTVFS_LIBS)
+SMBD_LIBS = $(LIBS) $(PROCESS_MODEL_LIBS) $(DCERPC_LIBS) $(AUTH_LIBS) $(PASSDB_LIBS) $(NTVFS_LIBS)
CLIENT_OBJ1 = client/client.o client/clitar.o libcli/raw/clirewrite.o
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
-/** List of various built-in authentication modules */
-
-static const struct auth_init_function_entry builtin_auth_init_functions[] = {
- { "guest", auth_init_guest },
-/* { "rhosts", auth_init_rhosts }, */
-/* { "hostsequiv", auth_init_hostsequiv }, */
- { "sam", auth_init_sam },
- { "samstrict", auth_init_samstrict },
- { "samstrict_dc", auth_init_samstrict_dc },
- { "unix", auth_init_unix },
-/* { "smbserver", auth_init_smbserver }, */
-/* { "ntdomain", auth_init_ntdomain }, */
-/* { "trustdomain", auth_init_trustdomain }, */
-/* { "winbind", auth_init_winbind }, */
-#ifdef DEVELOPER
- { "name_to_ntstatus", auth_init_name_to_ntstatus },
- { "fixed_challenge", auth_init_fixed_challenge },
-#endif
- { "plugin", auth_init_plugin },
- { NULL, NULL}
-};
-
/****************************************************************************
Try to get a challenge out of the various authentication modules.
Returns a const char of length 8 bytes.
if (!NT_STATUS_IS_OK(nt_status = make_auth_context(auth_context)))
return nt_status;
- for (;*text_list; text_list++) {
+ for (;*text_list; text_list++) {
+ char *module_name = smb_xstrdup(*text_list);
+ char *module_params = NULL;
+ char *p;
+ const struct auth_operations *ops;
+
DEBUG(5,("make_auth_context_text_list: Attempting to find an auth method to match %s\n",
*text_list));
- for (i = 0; builtin_auth_init_functions[i].name; i++) {
- char *module_name = smb_xstrdup(*text_list);
- char *module_params = NULL;
- char *p;
-
- p = strchr(module_name, ':');
- if (p) {
- *p = 0;
- module_params = p+1;
- trim_string(module_params, " ", " ");
- }
- trim_string(module_name, " ", " ");
-
- if (strequal(builtin_auth_init_functions[i].name, module_name)) {
- DEBUG(5,("make_auth_context_text_list: Found auth method %s (at pos %d)\n", *text_list, i));
- if (NT_STATUS_IS_OK(builtin_auth_init_functions[i].init(*auth_context, module_params, &t))) {
- DEBUG(5,("make_auth_context_text_list: auth method %s has a valid init\n",
- *text_list));
- DLIST_ADD_END(list, t, auth_methods *);
- } else {
- DEBUG(0,("make_auth_context_text_list: auth method %s did not correctly init\n",
- *text_list));
- }
- break;
- }
+ p = strchr(module_name, ':');
+ if (p) {
+ *p = 0;
+ module_params = p+1;
+ trim_string(module_params, " ", " ");
+ }
+
+ trim_string(module_name, " ", " ");
+
+ ops = auth_backend_byname(module_name);
+ if (!ops) {
+ DEBUG(5,("make_auth_context_text_list: Found auth method %s (at pos %d)\n", *text_list, i));
SAFE_FREE(module_name);
+ break;
+ }
+
+ if (NT_STATUS_IS_OK(ops->init(*auth_context, module_params, &t))) {
+ DEBUG(5,("make_auth_context_text_list: auth method %s has a valid init\n",
+ *text_list));
+ DLIST_ADD_END(list, t, auth_methods *);
+ } else {
+ DEBUG(0,("make_auth_context_text_list: auth method %s did not correctly init\n",
+ *text_list));
}
+ SAFE_FREE(module_name);
}
(*auth_context)->auth_method_list = list;
return nt_status;
}
+/* the list of currently registered AUTH backends */
+static struct {
+ const struct auth_operations *ops;
+} *backends = NULL;
+static int num_backends;
+
+/*
+ register a AUTH backend.
+
+ The 'name' can be later used by other backends to find the operations
+ structure for this backend.
+*/
+static NTSTATUS auth_register(void *_ops)
+{
+ const struct auth_operations *ops = _ops;
+ struct auth_operations *new_ops;
+
+ if (auth_backend_byname(ops->name) != NULL) {
+ /* its already registered! */
+ DEBUG(0,("AUTH backend '%s' already registered\n",
+ ops->name));
+ return NT_STATUS_OBJECT_NAME_COLLISION;
+ }
+
+ backends = Realloc(backends, sizeof(backends[0]) * (num_backends+1));
+ if (!backends) {
+ smb_panic("out of memory in auth_register");
+ }
+
+ new_ops = smb_xmemdup(ops, sizeof(*ops));
+ new_ops->name = smb_xstrdup(ops->name);
+
+ backends[num_backends].ops = new_ops;
+
+ num_backends++;
+
+ DEBUG(3,("AUTH backend '%s' registered\n",
+ ops->name));
+
+ return NT_STATUS_OK;
+}
+
+/*
+ return the operations structure for a named backend of the specified type
+*/
+const struct auth_operations *auth_backend_byname(const char *name)
+{
+ int i;
+
+ for (i=0;i<num_backends;i++) {
+ if (strcmp(backends[i].ops->name, name) == 0) {
+ return backends[i].ops;
+ }
+ }
+
+ return NULL;
+}
+
+/*
+ return the AUTH interface version, and the size of some critical types
+ This can be used by backends to either detect compilation errors, or provide
+ multiple implementations for different smbd compilation options in one module
+*/
+const struct auth_critical_sizes *auth_interface_version(void)
+{
+ static const struct auth_critical_sizes critical_sizes = {
+ AUTH_INTERFACE_VERSION,
+ sizeof(struct auth_operations),
+ sizeof(struct auth_methods),
+ sizeof(struct auth_context),
+ sizeof(struct auth_ntlmssp_state),
+ sizeof(struct auth_usersupplied_info),
+ sizeof(struct auth_serversupplied_info),
+ sizeof(struct auth_str),
+ sizeof(struct auth_unistr)
+ };
+
+ return &critical_sizes;
+}
+
+/*
+ initialise the AUTH subsystem
+*/
+BOOL auth_init(void)
+{
+ NTSTATUS status;
+
+ status = register_subsystem("auth", auth_register);
+ if (!NT_STATUS_IS_OK(status)) {
+ return False;
+ }
+
+ /* FIXME: Perhaps panic if a basic backend, such as SAM, fails to initialise? */
+ static_init_auth;
+ DEBUG(3,("AUTH subsystem version %d initialised\n", AUTH_INTERFACE_VERSION));
+ return True;
+}
-#ifndef _SMBAUTH_H_
-#define _SMBAUTH_H_
/*
Unix SMB/CIFS implementation.
Standardised Authentication types
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#ifndef _SAMBA_AUTH_H
+#define _SAMBA_AUTH_H
+
+/* modules can use the following to determine if the interface has changed
+ * please increment the version number after each interface change
+ * with a comment and maybe update struct auth_critical_sizes.
+ */
+/* version 1 - version from samba 3.0 - metze */
+/* version 2 - initial samba4 version - metze */
+#define AUTH_INTERFACE_VERSION 2
+
/* AUTH_STR - string */
-typedef struct normal_string
+typedef struct auth_str
{
int len;
char *str;
} AUTH_STR;
/* AUTH_UNISTR - unicode string or buffer */
-typedef struct unicode_string
+typedef struct auth_unistr
{
int len;
uchar *unistr;
typedef struct auth_usersupplied_info
{
-
DATA_BLOB lm_resp;
DATA_BLOB nt_resp;
DATA_BLOB plaintext_password;
AUTH_STR internal_username; /* username after mapping */
AUTH_STR smb_name; /* username before mapping */
AUTH_STR wksta_name; /* workstation name (netbios calling name) unicode string */
-
} auth_usersupplied_info;
#define SAM_FILL_NAME 0x01
SAM_ACCOUNT *sam_account;
void *pam_handle;
-
} auth_serversupplied_info;
struct auth_context {
void *my_private_data,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
- auth_serversupplied_info **server_info);
+ struct auth_serversupplied_info **server_info);
DATA_BLOB (*get_chal)(const struct auth_context *auth_context,
void **my_private_data,
/* Function to send a keepalive message on the above structure */
void (*send_keepalive)(void **private_data);
-
} auth_methods;
-typedef NTSTATUS (*auth_init_function)(struct auth_context *, const char *, struct auth_methods **);
-
-struct auth_init_function_entry {
- const char *name;
- /* Function to create a member of the authmethods list */
-
- auth_init_function init;
-};
-
typedef struct auth_ntlmssp_state
{
TALLOC_CTX *mem_ctx;
struct ntlmssp_state *ntlmssp_state;
} AUTH_NTLMSSP_STATE;
-#endif /* _SMBAUTH_H_ */
+#define auth_ops __XXX_ERROR_BLA
+struct auth_operations {
+ /* the name of the backend */
+ const char *name;
+
+ /* Function to create a member of the authmethods list */
+ NTSTATUS (*init)(struct auth_context *, const char *, struct auth_methods **);
+};
+
+/* this structure is used by backends to determine the size of some critical types */
+struct auth_critical_sizes {
+ int interface_version;
+ int sizeof_auth_operations;
+ int sizeof_auth_methods;
+ int sizeof_auth_context;
+ int sizeof_auth_ntlmssp_state;
+ int sizeof_auth_usersupplied_info;
+ int sizeof_auth_serversupplied_info;
+ int sizeof_auth_str;
+ int sizeof_auth_unistr;
+};
+
+#endif /* _SAMBA_AUTH_H */
/* Guest modules initialisation */
-NTSTATUS auth_init_guest(struct auth_context *auth_context, const char *options, auth_methods **auth_method)
+static NTSTATUS auth_init_guest(struct auth_context *auth_context, const char *options, auth_methods **auth_method)
{
if (!make_auth_methods(auth_context, auth_method))
return NT_STATUS_NO_MEMORY;
/** Module initailisation function */
-NTSTATUS auth_init_name_to_ntstatus(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
+static NTSTATUS auth_init_name_to_ntstatus(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
{
if (!make_auth_methods(auth_context, auth_method))
return NT_STATUS_NO_MEMORY;
/** Module initailisation function */
-NTSTATUS auth_init_fixed_challenge(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
+static NTSTATUS auth_init_fixed_challenge(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
{
if (!make_auth_methods(auth_context, auth_method))
return NT_STATUS_NO_MEMORY;
return NT_STATUS_OK;
}
-/**
- * Outsorce an auth module to an external loadable .so
- *
- * Only works on systems with dlopen() etc.
- **/
-
-/* Plugin modules initialisation */
-
-NTSTATUS auth_init_plugin(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
+NTSTATUS auth_builtin_init(void)
{
- void * dl_handle;
- char *plugin_param, *plugin_name, *p;
- auth_init_function plugin_init;
-
- if (param == NULL) {
- DEBUG(0, ("auth_init_plugin: The plugin module needs an argument!\n"));
- return NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS ret;
+ struct auth_operations ops;
+
+ ops.name = "guest";
+ ops.init = auth_init_guest;
+ ret = register_backend("auth", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' auth backend!\n",
+ ops.name));
+ return ret;
}
- plugin_name = smb_xstrdup(param);
- p = strchr(plugin_name, ':');
- if (p) {
- *p = 0;
- plugin_param = p+1;
- trim_string(plugin_param, " ", " ");
- } else plugin_param = NULL;
-
- trim_string(plugin_name, " ", " ");
-
- DEBUG(5, ("auth_init_plugin: Trying to load auth plugin %s\n", plugin_name));
- dl_handle = sys_dlopen(plugin_name, RTLD_NOW );
- if (!dl_handle) {
- DEBUG(0, ("auth_init_plugin: Failed to load auth plugin %s using sys_dlopen (%s)\n",
- plugin_name, sys_dlerror()));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- plugin_init = (auth_init_function)sys_dlsym(dl_handle, "auth_init");
- if (!plugin_init){
- DEBUG(0, ("Failed to find function 'auth_init' using sys_dlsym in sam plugin %s (%s)\n",
- plugin_name, sys_dlerror()));
- return NT_STATUS_UNSUCCESSFUL;
+#ifdef DEVELOPER
+ ops.name = "name_to_ntstatus";
+ ops.init = auth_init_name_to_ntstatus;
+ ret = register_backend("auth", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' auth backend!\n",
+ ops.name));
+ return ret;
}
- DEBUG(5, ("Starting sam plugin %s with paramater %s\n", plugin_name, plugin_param?plugin_param:"(null)"));
- return plugin_init(auth_context, plugin_param, auth_method);
+ ops.name = "fixed_challenge";
+ ops.init = auth_init_fixed_challenge;
+ ret = register_backend("auth", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' auth backend!\n",
+ ops.name));
+ return ret;
+ }
+#endif /* DEVELOPER */
+ return ret;
}
}
/* module initialisation */
-NTSTATUS auth_init_sam(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
+static NTSTATUS auth_init_sam(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
{
if (!make_auth_methods(auth_context, auth_method)) {
return NT_STATUS_NO_MEMORY;
}
/* module initialisation */
-NTSTATUS auth_init_samstrict(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
+static NTSTATUS auth_init_samstrict(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
{
if (!make_auth_methods(auth_context, auth_method)) {
return NT_STATUS_NO_MEMORY;
}
/* module initialisation */
-NTSTATUS auth_init_samstrict_dc(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
+static NTSTATUS auth_init_samstrict_dc(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
{
if (!make_auth_methods(auth_context, auth_method)) {
return NT_STATUS_NO_MEMORY;
(*auth_method)->name = "samstrict_dc";
return NT_STATUS_OK;
}
+
+NTSTATUS auth_sam_init(void)
+{
+ NTSTATUS ret;
+ struct auth_operations ops;
+
+ ops.name = "sam";
+ ops.init = auth_init_sam;
+ ret = register_backend("auth", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' auth backend!\n",
+ ops.name));
+ return ret;
+ }
+
+ ops.name = "samstrict";
+ ops.init = auth_init_samstrict;
+ ret = register_backend("auth", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' auth backend!\n",
+ ops.name));
+ return ret;
+ }
+
+ ops.name = "samstrict_dc";
+ ops.init = auth_init_samstrict_dc;
+ ret = register_backend("auth", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' auth backend!\n",
+ ops.name));
+ return ret;
+ }
+
+ return ret;
+}
}
/* module initialisation */
-NTSTATUS auth_init_unix(struct auth_context *auth_context, const char* param, auth_methods **auth_method)
+static NTSTATUS auth_init_unix(struct auth_context *auth_context, const char* param, auth_methods **auth_method)
{
if (!make_auth_methods(auth_context, auth_method)) {
return NT_STATUS_NO_MEMORY;
return NT_STATUS_OK;
}
+NTSTATUS auth_unix_init(void)
+{
+ NTSTATUS ret;
+ struct auth_operations ops;
+
+ ops.name = "unix";
+ ops.init = auth_init_unix;
+ ret = register_backend("auth", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' auth backend!\n",
+ ops.name));
+ return ret;
+ }
+
+ return ret;
+}
--- /dev/null
+dnl # AUTH Server subsystem
+
+SMB_MODULE(auth_sam,AUTH,STATIC,[auth/auth_sam.o])
+SMB_MODULE(auth_builtin,AUTH,STATIC,[auth/auth_builtin.o])
+SMB_MODULE(auth_unix,AUTH,STATIC,[auth/auth_unix.o])
+
+SMB_SUBSYSTEM(AUTH,auth/auth.o,
+ [auth/auth_ntlmssp.o auth/auth_util.o auth/pampass.o auth/pass_check.o auth/auth_compat.o],
+ auth/auth_public_proto.h)
AC_SUBST(SMBD_EXTRA_LIBS)
sinclude(libads/config.m4)
-sinclude(passdb/config.m4)
###############################################
# test for where we get crypt() from
sinclude(lib/iconv.m4)
sinclude(smbd/process_model.m4)
sinclude(smb_server/config.m4)
+sinclude(auth/config.m4)
+sinclude(passdb/config.m4)
sinclude(ntvfs/config.m4)
sinclude(rpc_server/config.m4)
BOOL admin_user;
/* the NTVFS operations - see source/ntvfs/ and include/ntvfs.h for details */
- struct ntvfs_ops *ntvfs_ops;
+ const struct ntvfs_ops *ntvfs_ops;
/* the reported filesystem type */
char *fs_type;
struct event_context *events;
/* process model specific operations */
- struct model_ops *model_ops;
+ const struct model_ops *model_ops;
};
#include "libcli/auth/ntlmssp.h"
-#include "auth.h"
-#include "passdb.h"
+#include "auth/auth.h"
+#include "passdb/passdb.h"
#include "module.h"
if test x"$ac_cv_lib_ext_ldap_ldap_init" = x"yes" -a x"$ac_cv_func_ext_ldap_domain2hostlist" = x"yes"; then
AC_DEFINE(HAVE_LDAP,1,[Whether ldap is available])
- SMB_MODULE_DEFAULT(STATIC,pdb_ldap)
with_ldap_support=yes
AC_MSG_CHECKING(whether LDAP support is used)
AC_MSG_RESULT(yes)
* can be more than one backend with the same name, as long as they
* have different typesx */
static struct {
- struct ntvfs_ops *ops;
+ const struct ntvfs_ops *ops;
} *backends = NULL;
static int num_backends;
*/
static NTSTATUS ntvfs_register(void *_ops)
{
- struct ntvfs_ops *ops = _ops;
+ const struct ntvfs_ops *ops = _ops;
+ struct ntvfs_ops *new_ops;
if (ntvfs_backend_byname(ops->name, ops->type) != NULL) {
/* its already registered! */
smb_panic("out of memory in ntvfs_register");
}
- backends[num_backends].ops = smb_xmemdup(ops, sizeof(*ops));
- backends[num_backends].ops->name = smb_xstrdup(ops->name);
+ new_ops = smb_xmemdup(ops, sizeof(*ops));
+ new_ops->name = smb_xstrdup(ops->name);
+
+ backends[num_backends].ops = new_ops;
num_backends++;
/*
return the operations structure for a named backend of the specified type
*/
-struct ntvfs_ops *ntvfs_backend_byname(const char *name, enum ntvfs_type type)
+const struct ntvfs_ops *ntvfs_backend_byname(const char *name, enum ntvfs_type type)
{
int i;
+dnl # PASSDB Server subsystem
+
+SMB_MODULE(pdb_smbpasswd,PASSDB,STATIC,[passdb/pdb_smbpasswd.o])
+SMB_MODULE(pdb_tdb,PASSDB,NOT,[passdb/pdb_tdb.o])
+SMB_MODULE(pdb_guest,PASSDB,STATIC,[passdb/pdb_guest.o])
+SMB_MODULE(pdb_unix,PASSDB,STATIC,[passdb/pdb_unix.o])
+
+if test x"$with_ldap_support" = x"yes"; then
+ SMB_MODULE_DEFAULT(STATIC,pdb_ldap)
+fi
+SMB_MODULE(pdb_ldap,PASSDB,NOT,[passdb/pdb_ldap.o],[],[$LDAP_LIBS])
+
+SMB_SUBSYSTEM(PASSDB,passdb/pdb_interface.o,
+ [passdb/passdb.o passdb/machine_sid.o passdb/util_sam_sid.o passdb/pdb_get_set.o passdb/pdb_compat.o],
+ passdb/passdb_public_proto.h)
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-#ifndef _PASSDB_H
-#define _PASSDB_H
-
-
-/*****************************************************************
- Functions to be implemented by the new (v2) passdb API
-****************************************************************/
+#ifndef _SAMBA_PASSDB_H
+#define _SAMBA_PASSDB_H
/*
* This next constant specifies the version number of the PASSDB interface
- * this SAMBA will load. Increment this if *ANY* changes are made to the interface.
+ * this SAMBA will load. Increment this with a comment if *ANY* changes are made
+ * to the interface and maybe update struct auth_critical_sizes
*/
-
+/* version 2 - init versioning of the interface - metze */
+/* version 3 - value states of SAM_ACCOUNT entries - metze */
+/* version 4 - add group mapping api - vlendec */
#define PASSDB_INTERFACE_VERSION 4
-typedef struct pdb_context
+typedef struct pdb_context
{
struct pdb_methods *pdb_methods;
struct pdb_methods *pwent_methods;
} PDB_METHODS;
-typedef NTSTATUS (*pdb_init_function)(struct pdb_context *,
- struct pdb_methods **,
- const char *);
-
-struct pdb_init_function_entry {
+struct passdb_ops {
+ /* the name of the backend */
const char *name;
+
/* Function to create a member of the pdb_methods list */
- pdb_init_function init;
- struct pdb_init_function_entry *prev, *next;
+ NTSTATUS (*init)(struct pdb_context *, struct pdb_methods **, const char *);
+};
+
+/* this structure is used by modules to determine the size of some critical types */
+struct passdb_critical_sizes {
+ int interface_version;
+ int sizeof_passdb_ops;
+ int sizeof_pdb_methods;
+ int sizeof_pdb_context;
+ int sizeof_SAM_ACCOUNT;
};
-#endif /* _PASSDB_H */
+#endif /* _SAMBA_PASSDB_H */
return guestsam_getsampwrid(my_methods, user, rid);
}
-NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+static NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
/* There's not very much to initialise here */
return NT_STATUS_OK;
}
+
+NTSTATUS pdb_guest_init(void)
+{
+ NTSTATUS ret;
+ struct passdb_ops ops;
+
+ ZERO_STRUCT(ops);
+
+ /* fill in our name */
+ ops.name = "guestsam";
+ /* fill in all the operations */
+ ops.init = pdb_init_guestsam;
+
+ /* register ourselves with the PASSDB subsystem. */
+ ret = register_backend("passdb", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' PASSDB backend!\n",
+ ops.name));
+ return ret;
+ }
+
+ /* fill in our name */
+ ops.name = "guest";
+ /* fill in all the operations */
+ ops.init = pdb_init_guestsam;
+
+ /* register ourselves with the PASSDB subsystem. */
+ ret = register_backend("passdb", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' PASSDB backend!\n",
+ ops.name));
+ return ret;
+ }
+
+ return ret;
+}
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_PASSDB
-/** List of various built-in passdb modules */
-static const struct {
- const char *name;
- /* Function to create a member of the pdb_methods list */
- pdb_init_function init;
-} builtin_pdb_init_functions[] = {
- { "smbpasswd", pdb_init_smbpasswd },
- { "smbpasswd_nua", pdb_init_smbpasswd_nua },
- { "tdbsam", pdb_init_tdbsam },
- { "tdbsam_nua", pdb_init_tdbsam_nua },
- { "ldapsam", pdb_init_ldapsam },
- { "ldapsam_nua", pdb_init_ldapsam_nua },
- { "unixsam", pdb_init_unixsam },
- { "guest", pdb_init_guestsam },
- { "nisplussam", pdb_init_nisplussam },
- { NULL, NULL}
-};
-
-static struct pdb_init_function_entry *backends;
-static void lazy_initialize_passdb(void);
-
-static void lazy_initialize_passdb()
+/* the list of currently registered AUTH backends */
+static struct {
+ const struct passdb_ops *ops;
+} *backends = NULL;
+static int num_backends;
+
+/*
+ register a AUTH backend.
+
+ The 'name' can be later used by other backends to find the operations
+ structure for this backend.
+*/
+static NTSTATUS passdb_register(void *_ops)
{
- int i;
- static BOOL initialised = False;
+ const struct passdb_ops *ops = _ops;
+ struct passdb_ops *new_ops;
- if(!initialised) {
- initialised = True;
+ if (passdb_backend_byname(ops->name) != NULL) {
+ /* its already registered! */
+ DEBUG(0,("PASSDB backend '%s' already registered\n",
+ ops->name));
+ return NT_STATUS_OBJECT_NAME_COLLISION;
+ }
- for(i = 0; builtin_pdb_init_functions[i].name; i++) {
- smb_register_passdb(builtin_pdb_init_functions[i].name, builtin_pdb_init_functions[i].init, PASSDB_INTERFACE_VERSION);
- }
+ backends = Realloc(backends, sizeof(backends[0]) * (num_backends+1));
+ if (!backends) {
+ smb_panic("out of memory in passdb_register");
}
-}
-BOOL smb_register_passdb(const char *name, pdb_init_function init, int version)
-{
- struct pdb_init_function_entry *entry = backends;
+ new_ops = smb_xmemdup(ops, sizeof(*ops));
+ new_ops->name = smb_xstrdup(ops->name);
- if(version != PASSDB_INTERFACE_VERSION)
- return False;
+ backends[num_backends].ops = new_ops;
+
+ num_backends++;
- DEBUG(5,("Attempting to register passdb backend %s\n", name));
+ DEBUG(3,("PASSDB backend '%s' registered\n",
+ ops->name));
+
+ return NT_STATUS_OK;
+}
- /* Check for duplicates */
- while(entry) {
- if(strcasecmp(name, entry->name) == 0) {
- DEBUG(0,("There already is a passdb backend registered with the name %s!\n", name));
- return False;
+/*
+ return the operations structure for a named backend of the specified type
+*/
+const struct passdb_ops *passdb_backend_byname(const char *name)
+{
+ int i;
+
+ for (i=0;i<num_backends;i++) {
+ if (strcmp(backends[i].ops->name, name) == 0) {
+ return backends[i].ops;
}
- entry = entry->next;
}
- entry = smb_xmalloc(sizeof(struct pdb_init_function_entry));
- entry->name = name;
- entry->init = init;
+ return NULL;
+}
- DLIST_ADD(backends, entry);
- DEBUG(5,("Successfully added passdb backend '%s'\n", name));
- return True;
+/*
+ return the PASSDB interface version, and the size of some critical types
+ This can be used by backends to either detect compilation errors, or provide
+ multiple implementations for different smbd compilation options in one module
+*/
+const struct passdb_critical_sizes *passdb_interface_version(void)
+{
+ static const struct passdb_critical_sizes critical_sizes = {
+ PASSDB_INTERFACE_VERSION,
+ sizeof(struct passdb_ops),
+ sizeof(struct pdb_methods),
+ sizeof(struct pdb_context),
+ sizeof(SAM_ACCOUNT)
+ };
+
+ return &critical_sizes;
}
-struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
+/*
+ initialise the PASSDB subsystem
+*/
+BOOL passdb_init(void)
{
- struct pdb_init_function_entry *entry = backends;
+ NTSTATUS status;
- while(entry) {
- if (strequal(entry->name, name)) return entry;
- entry = entry->next;
+ status = register_subsystem("passdb", passdb_register);
+ if (!NT_STATUS_IS_OK(status)) {
+ return False;
}
- return NULL;
+ /* FIXME: Perhaps panic if a basic backend, such as SAM, fails to initialise? */
+ static_init_passdb;
+
+ DEBUG(3,("PASSDB subsystem version %d initialised\n", PASSDB_INTERFACE_VERSION));
+ return True;
}
static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update)
static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_context *context, const char *selected)
{
char *module_name = smb_xstrdup(selected);
- char *module_location = NULL, *p;
- struct pdb_init_function_entry *entry;
+ char *module_param = NULL, *p;
+ const struct passdb_ops *ops;
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
- lazy_initialize_passdb();
-
p = strchr(module_name, ':');
if (p) {
*p = 0;
- module_location = p+1;
- trim_string(module_location, " ", " ");
+ module_param = p+1;
+ trim_string(module_param, " ", " ");
}
trim_string(module_name, " ", " ");
DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
- entry = pdb_find_backend_entry(module_name);
-
+ ops = passdb_backend_byname(module_name);
/* No such backend found */
- if(!entry) {
+ if(!ops) {
SAFE_FREE(module_name);
return NT_STATUS_INVALID_PARAMETER;
}
-
- DEBUG(5,("Found pdb backend %s\n", module_name));
- nt_status = entry->init(context, methods, module_location);
+ DEBUG(5,("Found PASSDB backend %s\n", module_name));
+ nt_status = ops->init(context, methods, module_param);
if (NT_STATUS_IS_OK(nt_status)) {
- DEBUG(5,("pdb backend %s has a valid init\n", selected));
+ DEBUG(5,("PASSDB backend %s has a valid init\n", selected));
} else {
- DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
+ DEBUG(0,("PASSDB backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
}
SAFE_FREE(module_name);
return nt_status;
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_PASSDB
-#ifdef HAVE_LDAP
/* TODO:
* persistent connections: if using NSS LDAP, many connections are made
* however, using only one within Samba would be nice
/* No need to free any further, as it is talloc()ed */
}
-NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+static NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
struct ldapsam_privates *ldap_state;
return NT_STATUS_OK;
}
-NTSTATUS pdb_init_ldapsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+static NTSTATUS pdb_init_ldapsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
struct ldapsam_privates *ldap_state;
return NT_STATUS_OK;
}
-
-#else
-
-NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+NTSTATUS pdb_ldap_init(void)
{
- DEBUG(0, ("ldap not detected at configure time, ldapsam not availalble!\n"));
- return NT_STATUS_UNSUCCESSFUL;
-}
+ NTSTATUS ret;
+ struct passdb_ops ops;
+
+ /* fill in our name */
+ ops.name = "ldapsam";
+ /* fill in all the operations */
+ ops.init = pdb_init_ldapsam;
+
+ /* register ourselves with the PASSDB subsystem. */
+ ret = register_backend("passdb", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' PASSDB backend!\n",
+ ops.name));
+ return ret;
+ }
-NTSTATUS pdb_init_ldapsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
-{
- DEBUG(0, ("ldap not dectected at configure time, ldapsam_nua not available!\n"));
- return NT_STATUS_UNSUCCESSFUL;
-}
+ /* fill in our name */
+ ops.name = "ldapsam_nua";
+ /* fill in all the operations */
+ ops.init = pdb_init_ldapsam_nua;
+ /* register ourselves with the PASSDB subsystem. */
+ ret = register_backend("passdb", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' PASSDB backend!\n",
+ ops.name));
+ return ret;
+ }
-#endif
+ return ret;
+}
}
-NTSTATUS pdb_init_smbpasswd(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+static NTSTATUS pdb_init_smbpasswd(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
struct smbpasswd_privates *privates;
return NT_STATUS_OK;
}
-NTSTATUS pdb_init_smbpasswd_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+static NTSTATUS pdb_init_smbpasswd_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
struct smbpasswd_privates *privates;
return NT_STATUS_OK;
}
+
+NTSTATUS pdb_smbpasswd_init(void)
+{
+ NTSTATUS ret;
+ struct passdb_ops ops;
+
+ /* fill in our name */
+ ops.name = "smbpasswd";
+ /* fill in all the operations */
+ ops.init = pdb_init_smbpasswd;
+
+ /* register ourselves with the PASSDB subsystem. */
+ ret = register_backend("passdb", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' PASSDB backend!\n",
+ ops.name));
+ return ret;
+ }
+
+ /* fill in our name */
+ ops.name = "smbpasswd_nua";
+ /* fill in all the operations */
+ ops.init = pdb_init_smbpasswd_nua;
+
+ /* register ourselves with the PASSDB subsystem. */
+ ret = register_backend("passdb", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' PASSDB backend!\n",
+ ops.name));
+ return ret;
+ }
+
+ return ret;
+}
#endif
-#ifdef WITH_TDB_SAM
-
#define PDB_VERSION "20010830"
#define PASSDB_FILE_NAME "passdb.tdb"
#define TDB_FORMAT_STRING "ddddddBBBBBBBBBBBBddBBwdwdBdd"
}
-NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+static NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
struct tdbsam_privates *tdb_state;
return NT_STATUS_OK;
}
-NTSTATUS pdb_init_tdbsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+static NTSTATUS pdb_init_tdbsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
struct tdbsam_privates *tdb_state;
return NT_STATUS_OK;
}
+NTSTATUS pdb_tdb_init(void)
+{
+ NTSTATUS ret;
+ struct passdb_ops ops;
-#else
+ /* fill in our name */
+ ops.name = "tdbsam";
+ /* fill in all the operations */
+ ops.init = pdb_init_tdbsam;
-NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
-{
- DEBUG(0, ("tdbsam not compiled in!\n"));
- return NT_STATUS_UNSUCCESSFUL;
-}
+ /* register ourselves with the PASSDB subsystem. */
+ ret = register_backend("passdb", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' PASSDB backend!\n",
+ ops.name));
+ return ret;
+ }
-NTSTATUS pdb_init_tdbsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
-{
- DEBUG(0, ("tdbsam_nua not compiled in!\n"));
- return NT_STATUS_UNSUCCESSFUL;
-}
+ /* fill in our name */
+ ops.name = "tdbsam_nua";
+ /* fill in all the operations */
+ ops.init = pdb_init_tdbsam_nua;
+ /* register ourselves with the PASSDB subsystem. */
+ ret = register_backend("passdb", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' PASSDB backend!\n",
+ ops.name));
+ return ret;
+ }
-#endif
+ return ret;
+}
return unixsam_getsampwrid(my_methods, user, rid);
}
-NTSTATUS pdb_init_unixsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+static NTSTATUS pdb_init_unixsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
/* There's not very much to initialise here */
return NT_STATUS_OK;
}
+
+NTSTATUS pdb_unix_init(void)
+{
+ NTSTATUS ret;
+ struct passdb_ops ops;
+
+ /* fill in our name */
+ ops.name = "unixsam";
+ /* fill in all the operations */
+ ops.init = pdb_init_unixsam;
+
+ /* register ourselves with the PASSDB subsystem. */
+ ret = register_backend("passdb", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' PASSDB backend!\n",
+ ops.name));
+ return ret;
+ }
+
+ return ret;
+}
if (!init_registry())
exit(1);
- if(!initialize_password_db(False))
- exit(1);
-
/* possibly reload the services file. */
reload_services(NULL, True);
if (!init_change_notify())
exit(1);
+ /* Setup the AUTH subsystem */
+ if (!auth_init())
+ exit(1);
+
+ /* Setup the PASSDB subsystem */
+ if (!passdb_init())
+ exit(1);
+ if(!initialize_password_db(False))
+ exit(1);
+
/* Setup the NTVFS subsystem */
if (!ntvfs_init())
exit(1);
git.samba.org / samba.git / commitdiff