svn commit: samba r17451 - in branches/SAMBA_3_0/source: groupdb include passdb rpc_server utils
Author: vlendec
Date: 2006-08-08 08:26:40 + (Tue, 08 Aug 2006)
New Revision: 17451
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17451
Log:
Change pdb_getgrsid not to take a DOM_SID but a const DOM_SID * as an
argument.
Volker
Modified:
branches/SAMBA_3_0/source/groupdb/mapping.c
branches/SAMBA_3_0/source/include/passdb.h
branches/SAMBA_3_0/source/passdb/lookup_sid.c
branches/SAMBA_3_0/source/passdb/pdb_interface.c
branches/SAMBA_3_0/source/passdb/pdb_ldap.c
branches/SAMBA_3_0/source/rpc_server/srv_lsa_nt.c
branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
branches/SAMBA_3_0/source/utils/net_groupmap.c
branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
branches/SAMBA_3_0/source/utils/net_sam.c
Changeset:
Modified: branches/SAMBA_3_0/source/groupdb/mapping.c
===
--- branches/SAMBA_3_0/source/groupdb/mapping.c 2006-08-07 20:43:06 UTC (rev
17450)
+++ branches/SAMBA_3_0/source/groupdb/mapping.c 2006-08-08 08:26:40 UTC (rev
17451)
@@ -220,7 +220,7 @@
Return the sid and the type of the unix group.
/
-static BOOL get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
+static BOOL get_group_map_from_sid(const DOM_SID *sid, GROUP_MAP *map)
{
TDB_DATA kbuf, dbuf;
pstring key;
@@ -234,7 +234,7 @@
/* the key is the SID, retrieving is direct */
- sid_to_string(string_sid, sid);
+ sid_to_string(string_sid, sid);
slprintf(key, sizeof(key), %s%s, GROUP_PREFIX, string_sid);
kbuf.dptr = key;
@@ -254,7 +254,7 @@
return False;
}
- sid_copy(map-sid, sid);
+ sid_copy(map-sid, sid);
return True;
}
@@ -588,7 +588,7 @@
return NT_STATUS_ACCESS_DENIED;
}
- if (!get_group_map_from_sid(*alias, map))
+ if (!get_group_map_from_sid(alias, map))
return NT_STATUS_NO_SUCH_ALIAS;
if ( (map.sid_name_use != SID_NAME_ALIAS)
@@ -691,7 +691,7 @@
return NT_STATUS_ACCESS_DENIED;
}
- if (!get_group_map_from_sid(*alias, map))
+ if (!get_group_map_from_sid(alias, map))
return NT_STATUS_NO_SUCH_ALIAS;
if ( (map.sid_name_use != SID_NAME_ALIAS)
@@ -796,7 +796,7 @@
/* get a domain group from it's SID */
-BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map)
+BOOL get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map)
{
struct group *grp;
BOOL ret;
@@ -819,12 +819,12 @@
if ( !ret ) {
uint32 rid;
- sid_peek_rid( sid, rid );
+ sid_peek_rid( sid, rid );
if ( rid == DOMAIN_GROUP_RID_USERS ) {
fstrcpy( map-nt_name, None );
fstrcpy( map-comment, Ordinary Users );
- sid_copy( map-sid, sid );
+ sid_copy( map-sid, sid );
map-sid_name_use = SID_NAME_DOM_GRP;
return True;
@@ -998,7 +998,7 @@
NTSTATUS pdb_default_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
-DOM_SID sid)
+ const DOM_SID *sid)
{
return get_group_map_from_sid(sid, map) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
@@ -1138,7 +1138,7 @@
{
GROUP_MAP map;
- if (!pdb_getgrsid(map, *sid))
+ if (!pdb_getgrsid(map, sid))
return NT_STATUS_NO_SUCH_ALIAS;
if ((map.sid_name_use != SID_NAME_ALIAS)
@@ -1161,7 +1161,7 @@
{
GROUP_MAP map;
- if (!pdb_getgrsid(map, *sid))
+ if (!pdb_getgrsid(map, sid))
return NT_STATUS_NO_SUCH_ALIAS;
fstrcpy(map.nt_name, info-acct_name);
@@ -1285,7 +1285,7 @@
BOOL res;
become_root();
- res = get_domain_group_from_sid(*sid, map);
+ res = get_domain_group_from_sid(sid, map);
unbecome_root();
if (!res)
@@ -1301,7 +1301,7 @@
{
GROUP_MAP map;
- if (!get_domain_group_from_sid(*sid, map))
+ if (!get_domain_group_from_sid(sid, map))
return False;
fstrcpy(map.nt_name, info-acct_name);
Modified: branches/SAMBA_3_0/source/include/passdb.h
===
--- branches/SAMBA_3_0/source/include/passdb.h 2006-08-07 20:43:06 UTC (rev
17450)
+++ branches/SAMBA_3_0/source/include/passdb.h 2006-08-08 08:26:40 UTC (rev
17451)
@@ -244,7 +244,7 @@
* enum SID_NAME_USE rather than uint32.
*/
-#define PASSDB_INTERFACE_VERSION 14
+#define PASSDB_INTERFACE_VERSION 15
struct pdb_methods
{
@@ -277,7 +277,8 @@
NTSTATUS (*update_login_attempts)(struct pdb_methods *methods, struct
samu *sam_acct,
svn commit: samba r17453 - in branches: SAMBA_3_0/source/include SAMBA_3_0/source/rpc_client SAMBA_3_0/source/rpc_parse SAMBA_3_0/source/rpc_server SAMBA_3_0/source/rpcclient SAMBA_3_0/source/smbd SAM
Author: gd
Date: 2006-08-08 11:00:16 + (Tue, 08 Aug 2006)
New Revision: 17453
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17453
Log:
Fix msdfs RPC management (this broke with the autogenerated dfs rpcs).
* Remove unknown from dfs_Enum (samba4 dfs IDL updates to follow).
* When encountering an unsupported infolevel the rpc server must reply
with a dfs_info_0 structure and WERR_OK (observed from w2k3 when talking
to nt4).
Guenther
Modified:
branches/SAMBA_3_0/source/include/msdfs.h
branches/SAMBA_3_0/source/include/rpc_dfs.h
branches/SAMBA_3_0/source/rpc_client/cli_dfs.c
branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c
branches/SAMBA_3_0/source/rpc_server/srv_dfs_nt.c
branches/SAMBA_3_0/source/rpcclient/cmd_dfs.c
branches/SAMBA_3_0/source/smbd/msdfs.c
branches/SAMBA_3_0_23/source/include/msdfs.h
branches/SAMBA_3_0_23/source/include/rpc_dfs.h
branches/SAMBA_3_0_23/source/rpc_client/cli_dfs.c
branches/SAMBA_3_0_23/source/rpc_parse/parse_dfs.c
branches/SAMBA_3_0_23/source/rpc_server/srv_dfs_nt.c
branches/SAMBA_3_0_23/source/rpcclient/cmd_dfs.c
branches/SAMBA_3_0_23/source/smbd/msdfs.c
Changeset:
Modified: branches/SAMBA_3_0/source/include/msdfs.h
===
--- branches/SAMBA_3_0/source/include/msdfs.h 2006-08-08 09:56:38 UTC (rev
17452)
+++ branches/SAMBA_3_0/source/include/msdfs.h 2006-08-08 11:00:16 UTC (rev
17453)
@@ -53,6 +53,7 @@
struct junction_map {
pstring service_name;
pstring volume_name;
+ pstring comment;
int referral_count;
struct referral* referral_list;
};
Modified: branches/SAMBA_3_0/source/include/rpc_dfs.h
===
--- branches/SAMBA_3_0/source/include/rpc_dfs.h 2006-08-08 09:56:38 UTC (rev
17452)
+++ branches/SAMBA_3_0/source/include/rpc_dfs.h 2006-08-08 11:00:16 UTC (rev
17453)
@@ -243,8 +243,6 @@
uint32 bufsize;
uint32 ptr0_info;
NETDFS_DFS_ENUMSTRUCT info;
- uint32 ptr0_unknown;
- uint32 unknown;
uint32 ptr0_total;
uint32 total;
} NETDFS_Q_DFS_ENUM;
Modified: branches/SAMBA_3_0/source/rpc_client/cli_dfs.c
===
--- branches/SAMBA_3_0/source/rpc_client/cli_dfs.c 2006-08-08 09:56:38 UTC
(rev 17452)
+++ branches/SAMBA_3_0/source/rpc_client/cli_dfs.c 2006-08-08 11:00:16 UTC
(rev 17453)
@@ -142,7 +142,7 @@
return werror_to_ntstatus(r.status);
}
-NTSTATUS rpccli_dfs_Enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
uint32 level, uint32 bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *unknown,
uint32 *total)
+NTSTATUS rpccli_dfs_Enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
uint32 level, uint32 bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *total)
{
prs_struct qbuf, rbuf;
NETDFS_Q_DFS_ENUM q;
@@ -153,7 +153,7 @@
/* Marshall data and send request */
- if (!init_netdfs_q_dfs_Enum(q, level, bufsize, info, unknown, total))
+ if (!init_netdfs_q_dfs_Enum(q, level, bufsize, info, total))
return NT_STATUS_INVALID_PARAMETER;
CLI_DO_RPC(cli, mem_ctx, PI_NETDFS, DFS_ENUM,
Modified: branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c
===
--- branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c 2006-08-08 09:56:38 UTC
(rev 17452)
+++ branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c 2006-08-08 11:00:16 UTC
(rev 17453)
@@ -1862,7 +1862,7 @@
return True;
}
-BOOL init_netdfs_q_dfs_Enum(NETDFS_Q_DFS_ENUM *v, uint32 level, uint32
bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *unknown, uint32 *total)
+BOOL init_netdfs_q_dfs_Enum(NETDFS_Q_DFS_ENUM *v, uint32 level, uint32
bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *total)
{
DEBUG(5,(init_netdfs_q_dfs_Enum\n));
@@ -1877,13 +1877,6 @@
v-ptr0_info = 0;
}
- if (unknown) {
- v-ptr0_unknown = 1;
- v-unknown = *unknown;
- } else {
- v-ptr0_unknown = 0;
- }
-
if (total) {
v-ptr0_total = 1;
v-total = *total;
@@ -1920,17 +1913,6 @@
if (!prs_align_custom(ps, 4))
return False;
- if (!prs_uint32(ptr0_unknown, ps, depth, v-ptr0_unknown))
- return False;
-
- if (v-ptr0_unknown) {
- if (!prs_uint32(unknown, ps, depth, v-unknown))
- return False;
- }
-
- if (!prs_align_custom(ps, 4))
- return False;
-
if (!prs_uint32(ptr0_total, ps, depth, v-ptr0_total))
return False;
Modified: branches/SAMBA_3_0/source/rpc_server/srv_dfs_nt.c
===
---
svn commit: samba r17454 - in branches/SAMBA_3_0/source: include rpc_client rpc_parse rpcclient
Author: gd
Date: 2006-08-08 11:45:57 + (Tue, 08 Aug 2006)
New Revision: 17454
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17454
Log:
Adding dfs_EnumEx for rpcclient (Samba4 IDL to follow).
Guenther
Modified:
branches/SAMBA_3_0/source/include/rpc_dfs.h
branches/SAMBA_3_0/source/rpc_client/cli_dfs.c
branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c
branches/SAMBA_3_0/source/rpcclient/cmd_dfs.c
Changeset:
Modified: branches/SAMBA_3_0/source/include/rpc_dfs.h
===
--- branches/SAMBA_3_0/source/include/rpc_dfs.h 2006-08-08 11:00:16 UTC (rev
17453)
+++ branches/SAMBA_3_0/source/include/rpc_dfs.h 2006-08-08 11:45:57 UTC (rev
17454)
@@ -376,10 +376,21 @@
} NETDFS_R_DFS_REMOVE2;
typedef struct netdfs_q_dfs_EnumEx {
- uint32 dummy;
+ uint32 ptr0_dfs_name;
+ UNISTR2 dfs_name;
+ uint32 level;
+ uint32 bufsize;
+ uint32 ptr0_info;
+ NETDFS_DFS_ENUMSTRUCT info;
+ uint32 ptr0_total;
+ uint32 total;
} NETDFS_Q_DFS_ENUMEX;
typedef struct netdfs_r_dfs_EnumEx {
+ uint32 ptr0_info;
+ NETDFS_DFS_ENUMSTRUCT info;
+ uint32 ptr0_total;
+ uint32 total;
WERROR status;
} NETDFS_R_DFS_ENUMEX;
Modified: branches/SAMBA_3_0/source/rpc_client/cli_dfs.c
===
--- branches/SAMBA_3_0/source/rpc_client/cli_dfs.c 2006-08-08 11:00:16 UTC
(rev 17453)
+++ branches/SAMBA_3_0/source/rpc_client/cli_dfs.c 2006-08-08 11:45:57 UTC
(rev 17454)
@@ -576,7 +576,7 @@
return werror_to_ntstatus(r.status);
}
-NTSTATUS rpccli_dfs_EnumEx(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx)
+NTSTATUS rpccli_dfs_EnumEx(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
uint32 level, uint32 bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *total, const
char *dfs_name)
{
prs_struct qbuf, rbuf;
NETDFS_Q_DFS_ENUMEX q;
@@ -587,7 +587,7 @@
/* Marshall data and send request */
- if (!init_netdfs_q_dfs_EnumEx(q))
+ if (!init_netdfs_q_dfs_EnumEx(q, level, bufsize, info, total,
dfs_name))
return NT_STATUS_INVALID_PARAMETER;
CLI_DO_RPC(cli, mem_ctx, PI_NETDFS, DFS_ENUMEX,
Modified: branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c
===
--- branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c 2006-08-08 11:00:16 UTC
(rev 17453)
+++ branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c 2006-08-08 11:45:57 UTC
(rev 17454)
@@ -2569,10 +2569,33 @@
return True;
}
-BOOL init_netdfs_q_dfs_EnumEx(NETDFS_Q_DFS_ENUMEX *v)
+BOOL init_netdfs_q_dfs_EnumEx(NETDFS_Q_DFS_ENUMEX *v, uint32 level, uint32
bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *total, const char *dfs_name)
{
DEBUG(5,(init_netdfs_q_dfs_EnumEx\n));
+
+ if (!dfs_name)
+ return False;
+ init_unistr2(v-dfs_name, dfs_name, UNI_FLAGS_NONE|UNI_STR_TERMINATE);
+
+ v-level = level;
+
+ v-bufsize = bufsize;
+
+ if (info) {
+ v-ptr0_info = 1;
+ v-info = *info;
+ } else {
+ v-ptr0_info = 0;
+ }
+
+ if (total) {
+ v-ptr0_total = 1;
+ v-total = *total;
+ } else {
+ v-ptr0_total = 0;
+ }
+
return True;
}
@@ -2583,6 +2606,42 @@
prs_debug(ps, depth, desc, netdfs_io_q_dfs_EnumEx);
depth++;
+ if (!prs_align_custom(ps, 4))
+ return False;
+
+ if (!smb_io_unistr2(dfs_name, v-dfs_name, 1, ps, depth))
+ return False;
+
+ if (!prs_align_custom(ps, 4))
+ return False;
+
+ if (!prs_uint32(level, ps, depth, v-level))
+ return False;
+
+ if (!prs_uint32(bufsize, ps, depth, v-bufsize))
+ return False;
+
+ if (!prs_uint32(ptr0_info, ps, depth, v-ptr0_info))
+ return False;
+
+ if (v-ptr0_info) {
+ if (!netdfs_io_dfs_EnumStruct_p(info, v-info, ps, depth))
+ return False;
+ if (!netdfs_io_dfs_EnumStruct_d(info, v-info, ps, depth))
+ return False;
+ }
+
+ if (!prs_align_custom(ps, 4))
+ return False;
+
+ if (!prs_uint32(ptr0_total, ps, depth, v-ptr0_total))
+ return False;
+
+ if (v-ptr0_total) {
+ if (!prs_uint32(total, ps, depth, v-total))
+ return False;
+ }
+
return True;
}
@@ -2602,10 +2661,39 @@
prs_debug(ps, depth, desc, netdfs_io_r_dfs_EnumEx);
depth++;
+ if (!prs_uint32(ptr0_info, ps, depth, v-ptr0_info))
+ return False;
+
+ if
svn commit: samba r17455 - in tags: .
Author: jerry Date: 2006-08-08 12:42:43 + (Tue, 08 Aug 2006) New Revision: 17455 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17455 Log: tagging 3.0.23b Added: tags/release-3-0-23b/ Changeset: Copied: tags/release-3-0-23b (from rev 17454, branches/SAMBA_3_0_RELEASE)
svn commit: samba-docs r981 - in tags: .
Author: jerry Date: 2006-08-08 12:42:43 + (Tue, 08 Aug 2006) New Revision: 981 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=981 Log: tagging 3.0.23b Added: tags/release-3-0-23b/ Changeset: Copied: tags/release-3-0-23b (from rev 980, trunk)
svn commit: samba r17456 - in branches/SAMBA_3_0_RELEASE: .
Author: jerry Date: 2006-08-08 12:43:39 + (Tue, 08 Aug 2006) New Revision: 17456 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17456 Log: fix typo in release notes Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt Changeset: Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt === --- branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2006-08-08 12:42:43 UTC (rev 17455) +++ branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2006-08-08 12:43:39 UTC (rev 17456) @@ -31,7 +31,7 @@ The reason for this change is that smbd has transitioned from access checks based on string comparisons to token based -authorization. All names are resolved to a SID and they verified +authorization. All names are resolved to a SID and then verified against the logged on user's NT user token. Local names will resolve to a local SID, while qualified domain names will resolve to the appropriate domain SID.
svn commit: samba-web r1025 - in trunk: . history patches
Author: jerry Date: 2006-08-08 12:47:59 + (Tue, 08 Aug 2006) New Revision: 1025 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1025 Log: 3.0.23b release Added: trunk/history/samba-3.0.23b.html trunk/patches/series-3.0.23b Modified: trunk/header_columns.html trunk/index.html Changeset: Sorry, the patch is too large (7113 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1025
svn commit: samba r17457 - in branches/SAMBA_3_0/source: . include lib script/tests torture
Author: vlendec Date: 2006-08-08 13:54:43 + (Tue, 08 Aug 2006) New Revision: 17457 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17457 Log: Add a test to do some operations on group mapping. Volker Added: branches/SAMBA_3_0/source/torture/local-groupmap.c branches/SAMBA_3_0/source/torture/local-multikey.c Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/include/smb.h branches/SAMBA_3_0/source/lib/tdb_multikey.c branches/SAMBA_3_0/source/script/tests/test_smbtorture_s3.sh branches/SAMBA_3_0/source/torture/torture.c Changeset: Sorry, the patch is too large (913 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17457
svn commit: samba r17458 - in branches/SAMBA_3_0_23/source/sam: .
Author: gd
Date: 2006-08-08 15:32:15 + (Tue, 08 Aug 2006)
New Revision: 17458
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17458
Log:
Fix idmap_ad.
(align with changed idmap_methods interface)
Guenther
Modified:
branches/SAMBA_3_0_23/source/sam/idmap_ad.c
Changeset:
Modified: branches/SAMBA_3_0_23/source/sam/idmap_ad.c
===
--- branches/SAMBA_3_0_23/source/sam/idmap_ad.c 2006-08-08 13:54:43 UTC (rev
17457)
+++ branches/SAMBA_3_0_23/source/sam/idmap_ad.c 2006-08-08 15:32:15 UTC (rev
17458)
@@ -139,12 +139,12 @@
}
/* no op */
-static NTSTATUS ad_idmap_init(const char *uri)
+static NTSTATUS ad_idmap_init(char *uri)
{
return NT_STATUS_OK;
}
-static NTSTATUS ad_idmap_get_sid_from_id(DOM_SID *sid, unid_t unid, int
id_type, int flags)
+static NTSTATUS ad_idmap_get_sid_from_id(DOM_SID *sid, unid_t unid, int
id_type)
{
ADS_STATUS rc;
NTSTATUS status = NT_STATUS_NONE_MAPPED;
svn commit: samba r17459 - in branches/SAMBA_3_0/source/nsswitch: .
Author: idra
Date: 2006-08-08 15:33:09 + (Tue, 08 Aug 2006)
New Revision: 17459
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17459
Log:
As by Jerry's word commit this without his review.
This patch add some missing async functions to
solve UID/GID - SID requests not just out of the cache,
but down the remote idmap if necessary.
This patch solves the problem of servers not showing users/groups names
for allocated UID/GIDs when joined to a group of servers that share a
prepopulated idmap backend.
Also correctly resolve UID/GIDs to SIDs when looking ACLs from the
windows security tab on teh same situation.
Simo.
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_async.c
branches/SAMBA_3_0/source/nsswitch/winbindd_dual.c
branches/SAMBA_3_0/source/nsswitch/winbindd_group.c
branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h
branches/SAMBA_3_0/source/nsswitch/winbindd_sid.c
branches/SAMBA_3_0/source/nsswitch/winbindd_user.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_async.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_async.c 2006-08-08 15:32:15 UTC
(rev 17458)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_async.c 2006-08-08 15:33:09 UTC
(rev 17459)
@@ -1524,3 +1524,113 @@
do_async_domain(mem_ctx, domain, request, query_user_recv,
(void *)cont, private_data);
}
+
+/* The following uid2sid/gid2sid functions has been contributed by
+ * Keith Reynolds [EMAIL PROTECTED] */
+
+static void winbindd_uid2sid_recv(TALLOC_CTX *mem_ctx, BOOL success,
+ struct winbindd_response *response,
+ void *c, void *private_data)
+{
+ void (*cont)(void *priv, BOOL succ, const char *sid) = c;
+
+ if (!success) {
+ DEBUG(5, (Could not trigger uid2sid\n));
+ cont(private_data, False, NULL);
+ return;
+ }
+
+ if (response-result != WINBINDD_OK) {
+ DEBUG(5, (uid2sid returned an error\n));
+ cont(private_data, False, NULL);
+ return;
+ }
+
+ cont(private_data, True, response-data.sid.sid);
+}
+
+void winbindd_uid2sid_async(TALLOC_CTX *mem_ctx, uid_t uid,
+ void (*cont)(void *private_data, BOOL success,
const char *sid),
+ void *private_data)
+{
+ struct winbindd_request request;
+
+ ZERO_STRUCT(request);
+ request.cmd = WINBINDD_DUAL_UID2SID;
+ request.data.uid = uid;
+ do_async(mem_ctx, idmap_child(), request, winbindd_uid2sid_recv, cont,
private_data);
+}
+
+enum winbindd_result winbindd_dual_uid2sid(struct winbindd_domain *domain,
+ struct winbindd_cli_state *state)
+{
+ DOM_SID sid;
+ NTSTATUS result;
+
+ DEBUG(3,([%5lu]: uid to sid %lu\n,
+(unsigned long)state-pid,
+(unsigned long) state-request.data.uid));
+
+ /* Find sid for this uid and return it, possibly ask the slow remote
idmap */
+ result = idmap_uid_to_sid(sid, state-request.data.uid,
IDMAP_FLAG_NONE);
+
+ if (NT_STATUS_IS_OK(result)) {
+ sid_to_string(state-response.data.sid.sid, sid);
+ state-response.data.sid.type = SID_NAME_USER;
+ return WINBINDD_OK;
+ }
+
+ return WINBINDD_ERROR;
+}
+
+static void winbindd_gid2sid_recv(TALLOC_CTX *mem_ctx, BOOL success,
+ struct winbindd_response *response,
+ void *c, void *private_data)
+{
+ void (*cont)(void *priv, BOOL succ, const char *sid) = c;
+
+ if (!success) {
+ DEBUG(5, (Could not trigger gid2sid\n));
+ cont(private_data, False, NULL);
+ return;
+ }
+
+ cont(private_data, True, response-data.sid.sid);
+}
+
+void winbindd_gid2sid_async(TALLOC_CTX *mem_ctx, gid_t gid,
+ void (*cont)(void *private_data, BOOL success,
const char *sid),
+ void *private_data)
+{
+ struct winbindd_request request;
+
+ ZERO_STRUCT(request);
+ request.cmd = WINBINDD_DUAL_GID2SID;
+ request.data.gid = gid;
+ do_async(mem_ctx, idmap_child(), request, winbindd_gid2sid_recv, cont,
private_data);
+}
+
+enum winbindd_result winbindd_dual_gid2sid(struct winbindd_domain *domain,
+ struct winbindd_cli_state *state)
+{
+ DOM_SID sid;
+ NTSTATUS result;
+
+ DEBUG(3,([%5lu]: gid %lu to sid\n,
+ (unsigned long)state-pid,
+ (unsigned long) state-request.data.gid));
+
+ /* Find sid for this gid and return it, possibly ask the slow remote
idmap */
+ result = idmap_gid_to_sid(sid, state-request.data.gid,
IDMAP_FLAG_NONE);
+
+ if
svn commit: samba r17460 - in branches/SAMBA_3_0/source/tdb: .
Author: vlendec Date: 2006-08-08 16:08:22 + (Tue, 08 Aug 2006) New Revision: 17460 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17460 Log: First step at fixing the build breakage with the groupmapping test. On Linux, F_RDLCK is defined to 0, for example NetBSD has it at 1. Still does not work fully though. Still investigating. This might also be interesting to Samba4. Volker Modified: branches/SAMBA_3_0/source/tdb/traverse.c Changeset: Modified: branches/SAMBA_3_0/source/tdb/traverse.c === --- branches/SAMBA_3_0/source/tdb/traverse.c2006-08-08 15:33:09 UTC (rev 17459) +++ branches/SAMBA_3_0/source/tdb/traverse.c2006-08-08 16:08:22 UTC (rev 17460) @@ -261,6 +261,7 @@ if (tdb_unlock_record(tdb, tdb-travlocks.off) != 0) return tdb_null; tdb-travlocks.off = tdb-travlocks.hash = 0; + tdb-travlocks.lock_rw = F_RDLCK; if (tdb_next_lock(tdb, tdb-travlocks, rec) = 0) return tdb_null;
svn commit: samba r17461 - in branches/SAMBA_3_0/source/nsswitch: .
Author: jra
Date: 2006-08-08 17:34:51 + (Tue, 08 Aug 2006)
New Revision: 17461
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17461
Log:
Ensure we never save a NULL SID mapping. || should be .
Found by Whitfield school.
Jeremy.
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-08-08 16:08:22 UTC
(rev 17460)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-08-08 17:34:51 UTC
(rev 17461)
@@ -1241,7 +1241,7 @@
status = domain-backend-name_to_sid(domain, mem_ctx, domain_name,
name, sid, type);
/* and save it */
- if (domain-online || !is_null_sid(sid)) {
+ if (domain-online !is_null_sid(sid)) {
wcache_save_name_to_sid(domain, status, domain_name, name, sid,
*type);
}
svn commit: samba r17462 - in branches/SAMBA_3_0/source/nsswitch: .
Author: idra
Date: 2006-08-08 18:38:33 + (Tue, 08 Aug 2006)
New Revision: 17462
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17462
Log:
Fix a cutpaste bug that caused us to return a null SID on some error conditions
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_async.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_async.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_async.c 2006-08-08 17:34:51 UTC
(rev 17461)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_async.c 2006-08-08 18:38:33 UTC
(rev 17462)
@@ -1595,6 +1595,12 @@
return;
}
+ if (response-result != WINBINDD_OK) {
+ DEBUG(5, (gid2sid returned an error\n));
+ cont(private_data, False, NULL);
+ return;
+ }
+
cont(private_data, True, response-data.sid.sid);
}
svn commit: samba-docs r982 - in trunk/smbdotconf/security: .
Author: sfrench Date: 2006-08-08 19:04:38 + (Tue, 08 Aug 2006) New Revision: 982 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=982 Log: Fix multiple typos/spelling mistakes Modified: trunk/smbdotconf/security/security.xml Changeset: Modified: trunk/smbdotconf/security/security.xml === --- trunk/smbdotconf/security/security.xml 2006-08-08 12:42:43 UTC (rev 981) +++ trunk/smbdotconf/security/security.xml 2006-08-08 19:04:38 UTC (rev 982) @@ -201,13 +201,13 @@ /para noteparaThis mode of operation has -significant pitfalls, due to the fact that is activly initiates a -man-in-the-middle attack on the remote SMB server. In particular, +significant pitfalls since it is more vulnerable to +man-in-the-middle attacks and server impersonation. In particular, this mode of operation can cause significant resource consuption on the PDC, as it must maintain an active connection for the duration of the user's session. Furthermore, if this connection is lost, -there is no way to reestablish it, and futher authenticaions to the -Samba server may fail. (From a single client, till it disconnects). +there is no way to reestablish it, and futher authentications to the +Samba server may fail (from a single client, till it disconnects). /para/note noteparaFrom the client's point of
svn commit: samba r17464 - in branches/SAMBA_3_0/source/nsswitch: .
Author: jra
Date: 2006-08-08 20:35:17 + (Tue, 08 Aug 2006)
New Revision: 17464
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17464
Log:
Ensure we use a hash16 data type, not a string,
for storing offline hashes.
Jeremy.
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-08-08 19:29:34 UTC
(rev 17463)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-08-08 20:35:17 UTC
(rev 17464)
@@ -269,9 +269,40 @@
return ret;
}
-/* pull a string from a cache entry, using the supplied
+/* pull a hash16 from a cache entry, using the supplied
talloc context
*/
+static char *centry_hash16(struct cache_entry *centry, TALLOC_CTX *mem_ctx)
+{
+ uint32 len;
+ char *ret;
+
+ len = centry_uint8(centry);
+
+ if (len != 16) {
+ DEBUG(0,(centry corruption? hash len (%u) != 16\n,
+ len ));
+ smb_panic(centry_hash16);
+ }
+
+ if (centry-len - centry-ofs 16) {
+ DEBUG(0,(centry corruption? needed 16 bytes, have %d\n,
+centry-len - centry-ofs));
+ smb_panic(centry_hash16);
+ }
+
+ ret = TALLOC_ARRAY(mem_ctx, char, 16);
+ if (!ret) {
+ smb_panic(centry_hash out of memory\n);
+ }
+ memcpy(ret,centry-data + centry-ofs, 16);
+ centry-ofs += 16;
+ return ret;
+}
+
+/* pull a sid from a cache entry, using the supplied
+ talloc context
+*/
static BOOL centry_sid(struct cache_entry *centry, TALLOC_CTX *mem_ctx,
DOM_SID *sid)
{
char *sid_string;
@@ -630,6 +661,17 @@
centry-ofs += len;
}
+/*
+ push a 16 byte hash into a centry - treat as 16 byte string.
+ */
+static void centry_put_hash16(struct cache_entry *centry, const uint8 val[16])
+{
+ centry_put_uint8(centry, 16);
+ centry_expand(centry, 16);
+ memcpy(centry-data + centry-ofs, val, 16);
+ centry-ofs += 16;
+}
+
static void centry_put_sid(struct cache_entry *centry, const DOM_SID *sid)
{
fstring sid_string;
@@ -865,7 +907,7 @@
}
t = centry_time(centry);
- *cached_nt_pass = (const uint8 *)centry_string(centry, mem_ctx);
+ *cached_nt_pass = (const uint8 *)centry_hash16(centry, mem_ctx);
#if DEBUG_PASSWORD
dump_data(100, (const char *)cached_nt_pass, NT_HASH_LEN);
@@ -906,7 +948,7 @@
#endif
centry_put_time(centry, time(NULL));
- centry_put_string(centry, (const char *)nt_pass);
+ centry_put_hash16(centry, nt_pass);
centry_end(centry, CRED/%s, sid_to_string(sid_string, sid));
DEBUG(10,(wcache_save_creds: %s\n, sid_string));
svn commit: samba r17465 - in branches/SAMBA_3_0/source: groupdb passdb utils
Author: vlendec
Date: 2006-08-08 20:50:35 + (Tue, 08 Aug 2006)
New Revision: 17465
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17465
Log:
Get rid of add_initial_entry. In the two places it was called in it seemed a
bit pointless to me.
Volker
Modified:
branches/SAMBA_3_0/source/groupdb/mapping.c
branches/SAMBA_3_0/source/passdb/pdb_interface.c
branches/SAMBA_3_0/source/utils/net_groupmap.c
Changeset:
Modified: branches/SAMBA_3_0/source/groupdb/mapping.c
===
--- branches/SAMBA_3_0/source/groupdb/mapping.c 2006-08-08 20:35:17 UTC (rev
17464)
+++ branches/SAMBA_3_0/source/groupdb/mapping.c 2006-08-08 20:50:35 UTC (rev
17465)
@@ -134,31 +134,6 @@
}
/
-initialise first time the mapping list
-/
-NTSTATUS add_initial_entry(gid_t gid, const char *sid, enum SID_NAME_USE
sid_name_use, const char *nt_name, const char *comment)
-{
- GROUP_MAP map;
-
- if(!init_group_mapping()) {
- DEBUG(0,(failed to initialize group mapping\n));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- map.gid=gid;
- if (!string_to_sid(map.sid, sid)) {
- DEBUG(0, (string_to_sid failed: %s, sid));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- map.sid_name_use=sid_name_use;
- fstrcpy(map.nt_name, nt_name);
- fstrcpy(map.comment, comment);
-
- return pdb_add_group_mapping_entry(map);
-}
-
-/
Map a unix group to a newly created mapping
/
NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *pmap)
Modified: branches/SAMBA_3_0/source/passdb/pdb_interface.c
===
--- branches/SAMBA_3_0/source/passdb/pdb_interface.c2006-08-08 20:35:17 UTC
(rev 17464)
+++ branches/SAMBA_3_0/source/passdb/pdb_interface.c2006-08-08 20:50:35 UTC
(rev 17465)
@@ -584,7 +584,7 @@
const char *name,
uint32 *rid)
{
- DOM_SID group_sid;
+ GROUP_MAP map;
struct group *grp;
grp = getgrnam(name);
@@ -611,10 +611,12 @@
}
}
- sid_compose(group_sid, get_global_sam_sid(), *rid);
-
- return add_initial_entry(grp-gr_gid, sid_string_static(group_sid),
-SID_NAME_DOM_GRP, name, NULL);
+ map.gid = grp-gr_gid;
+ map.sid_name_use = SID_NAME_DOM_GRP;
+ sid_compose(map.sid, get_global_sam_sid(), *rid);
+ fstrcpy(map.nt_name, name);
+ map.comment[0] = '\0';
+ return pdb_add_group_mapping_entry(map);
}
NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name,
Modified: branches/SAMBA_3_0/source/utils/net_groupmap.c
===
--- branches/SAMBA_3_0/source/utils/net_groupmap.c 2006-08-08 20:35:17 UTC
(rev 17464)
+++ branches/SAMBA_3_0/source/utils/net_groupmap.c 2006-08-08 20:50:35 UTC
(rev 17465)
@@ -182,16 +182,12 @@
static int net_groupmap_add(int argc, const char **argv)
{
- DOM_SID sid;
- fstring ntgroup = ;
fstring unixgrp = ;
fstring string_sid = ;
fstring type = ;
- fstring ntcomment = ;
- enum SID_NAME_USE sid_type = SID_NAME_DOM_GRP;
uint32 rid = 0;
- gid_t gid;
int i;
+ GROUP_MAP map;
/* get the options */
for ( i=0; iargc; i++ ) {
@@ -210,8 +206,8 @@
}
}
else if ( !StrnCaseCmp(argv[i], ntgroup, strlen(ntgroup)) )
{
- fstrcpy( ntgroup, get_string_param( argv[i] ) );
- if ( !ntgroup[0] ) {
+ fstrcpy( map.nt_name, get_string_param( argv[i] ) );
+ if ( !map.nt_name[0] ) {
d_fprintf(stderr, must supply a name\n);
return -1;
}
@@ -221,11 +217,16 @@
if ( !string_sid[0] ) {
d_fprintf(stderr, must supply a SID\n);
return -1;
- }
+ }
+ if (!string_to_sid(map.sid, string_sid)) {
+ d_fprintf(stderr, %s is not a valid SID\n,
+ string_sid);
+ return -1;
+ }
}
else if (
Build status as of Wed Aug 9 00:00:01 2006
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2006-08-08 00:00:03.0 + +++ /home/build/master/cache/broken_results.txt 2006-08-09 00:00:08.0 + @@ -1,18 +1,18 @@ -Build status as of Tue Aug 8 00:00:02 2006 +Build status as of Wed Aug 9 00:00:01 2006 Build counts: Tree Total Broken Panic SOC 0 0 0 ccache 24 4 0 -distcc 24 2 0 +distcc 25 2 0 lorikeet-heimdal 0 0 0 -ppp 15 0 0 +ppp 14 0 0 rsync24 0 0 samba0 0 0 samba-docs 0 0 0 -samba4 36 22 2 -samba_3_035 6 0 +samba4 36 24 2 +samba_3_034 10 0 smb-build22 22 0 -talloc 27 10 0 -tdb 18 8 0 +talloc 27 11 0 +tdb 18 6 0
svn commit: samba-web r1026 - in trunk: . devel history
Author: deryck Date: 2006-08-09 00:14:52 + (Wed, 09 Aug 2006) New Revision: 1026 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1026 Log: Move old release announcement to history. Update latest release links through out. Modified: trunk/devel/index.html trunk/history/index.html trunk/index.html Changeset: Modified: trunk/devel/index.html === --- trunk/devel/index.html 2006-08-08 12:47:59 UTC (rev 1025) +++ trunk/devel/index.html 2006-08-09 00:14:52 UTC (rev 1026) @@ -14,8 +14,8 @@ pAs of 4 April 2004, the Samba Team converted from CVS to Subversion for maintaining the Samba source code. All current development is done in a Subversion repository. All older code is in the original CVS tree; this would include 2.2.x versions of Samba, which are no longer in active development./p -pThe latest production release is emSamba 3.0.23a/em (a -href=/samba/history/samba-3.0.23a.htmlrelease notes/a and a +pThe latest production release is emSamba 3.0.23b/em (a +href=/samba/history/samba-3.0.23b.htmlrelease notes/a and a href=/samba/download/download/a)./p pOngoing future research is being done for Samba 4.0 Modified: trunk/history/index.html === --- trunk/history/index.html2006-08-08 12:47:59 UTC (rev 1025) +++ trunk/history/index.html2006-08-09 00:14:52 UTC (rev 1026) @@ -6,8 +6,8 @@ div class=latest ul - liLatest Release mdash; a href=/samba/#latestSamba 3.0.23a/a/li - liCurrent Stable Release mdash; a href=/samba/#latestSamba 3.0.23a/a/li + liLatest Release mdash; a href=/samba/#latestSamba 3.0.23b/a/li + liCurrent Stable Release mdash; a href=/samba/#latestSamba 3.0.23b/a/li !-- Second link will point to #stable on this page when current release is a development release -- /ul /div @@ -16,7 +16,26 @@ h2Previous Release Announcments/h2 +h4a21 Jul 2006/a/h4 +p class=headlineSamba 3.0.23a Available for Download/p +pThe Samba Team is pleased to announce the general availability of Samba 3.0.23a. +This is the latest stable release of Samba. This is the version +that production Samba servers should be running for all current +bug-fixes. Please read the changes in the +a href=http://www.samba.org/samba/history/samba-3.0.23a.html;Release Notes/a +for details on new features and difference in behavior +from previous releases./p + +pThe a href=/samba/ftp/samba-3.0.23a.tar.gzSamba 3.0.23a +source code/a can be downloaded now. The a +href=/samba/ftp/samba-3.0.23a.tar.ascGnuPG +signature for the emun/emcompressed tarball/a is also +available. Precompiled packages are available in the +a href=/samba/ftp/Binary_Packages/Binary_Packages +download area/a./p + + h4a10 Jul 2006/a/h4 p class=headlineSamba 3.0.23 Available for Download/p @@ -271,35 +290,4 @@ Packages for other platforms will be available shortly./p -h4a30 Dec 2005/a/h4 -p class=headlineSamba 3.0.21a Available for Download/p - -pThis is the latest stable release of Samba. This is the version -that production Samba servers should be running for all current -bug-fixes. This release is to address a bug in the oplock code -which may cause clients to stall when multiple users are accessing -a share concurrently (a href=https://bugzilla.samba.org/bug/3349;BUG 3349/a). -Please read the a -href=/samba/history/samba-3.0.21a.htmlchanges in this release/a./p - -pThe a href=/samba/ftp/samba-3.0.21a.tar.gzSamba 3.0.21a -source code/a can be downloaded now. The a -href=/samba/ftp/samba-3.0.21a.tar.ascGnuPG -signature for the emun/emcompressed tarball/a is also available. -If you prefer to download just the diff from 3.0.21 to 3.0.21a, the -a href=/samba/ftp/patch-3.0.21-3.0.21a.diffs.gzpatch file/a -(a href=/samba/ftp/patch-3.0.21-3.0.21a.diffs.ascgpg signature/a) is also available. -The single patch for Samba 3.0.21 is available from -a href=http://www.samba.org/samba/patches/;the patches page/a. -Precompiled packages for Fedora Core 4, RedHat 9, AIX, and Solaris are available in the -a href=/samba/ftp/Binary_Packages/Binary_Packages download area/a. -Packages for other platforms will be available shortly./p - -pSamba 3.0.21a is also available via BitTorrent -(a href=http://torrent.samba.org/samba/ftp/samba-3.0.21a.tar.gz.torrent;samba-3.0.21a.tar.gz.torrent/a). -Note that when downloading via BitTorrent, you are encouraged -to verify the resulting uncompressed tarball's -a href=/samba/ftp/samba-3.0.21a.tar.ascGPG signature/a./p - - !--#include virtual=footer_history.html -- Modified: trunk/index.html === --- trunk/index.html2006-08-08 12:47:59 UTC (rev 1025) +++ trunk/index.html2006-08-09 00:14:52 UTC (rev 1026) @@ -15,7 +15,7 @@ h2Current Release/h2 -h4a name=latest7 Aug 2006/a/h4 +h4a name=latest8 Aug 2006/a/h4
svn commit: samba r17466 - in branches/SAMBA_3_0_23/source/nsswitch: .
Author: jra
Date: 2006-08-09 02:21:04 + (Wed, 09 Aug 2006)
New Revision: 17466
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17466
Log:
Merge over winbindd critical fixes :
Ensure we never save a NULL SID mapping. || should be .
Found by Whitfield school.
Ensure we use a hash16 data type, not a string,
for storing offline hashes.
Jeremy.
Modified:
branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c
Changeset:
Modified: branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c
===
--- branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c 2006-08-08
20:50:35 UTC (rev 17465)
+++ branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c 2006-08-09
02:21:04 UTC (rev 17466)
@@ -269,9 +269,40 @@
return ret;
}
-/* pull a string from a cache entry, using the supplied
+/* pull a hash16 from a cache entry, using the supplied
talloc context
*/
+static char *centry_hash16(struct cache_entry *centry, TALLOC_CTX *mem_ctx)
+{
+ uint32 len;
+ char *ret;
+
+ len = centry_uint8(centry);
+
+ if (len != 16) {
+ DEBUG(0,(centry corruption? hash len (%u) != 16\n,
+ len ));
+ smb_panic(centry_hash16);
+ }
+
+ if (centry-len - centry-ofs 16) {
+ DEBUG(0,(centry corruption? needed 16 bytes, have %d\n,
+centry-len - centry-ofs));
+ smb_panic(centry_hash16);
+ }
+
+ ret = TALLOC_ARRAY(mem_ctx, char, 16);
+ if (!ret) {
+ smb_panic(centry_hash out of memory\n);
+ }
+ memcpy(ret,centry-data + centry-ofs, 16);
+ centry-ofs += 16;
+ return ret;
+}
+
+/* pull a sid from a cache entry, using the supplied
+ talloc context
+*/
static BOOL centry_sid(struct cache_entry *centry, TALLOC_CTX *mem_ctx,
DOM_SID *sid)
{
char *sid_string;
@@ -629,6 +660,17 @@
centry-ofs += len;
}
+/*
+ push a 16 byte hash into a centry - treat as 16 byte string.
+ */
+static void centry_put_hash16(struct cache_entry *centry, const uint8 val[16])
+{
+ centry_put_uint8(centry, 16);
+ centry_expand(centry, 16);
+ memcpy(centry-data + centry-ofs, val, 16);
+ centry-ofs += 16;
+}
+
static void centry_put_sid(struct cache_entry *centry, const DOM_SID *sid)
{
fstring sid_string;
@@ -864,7 +906,7 @@
}
t = centry_time(centry);
- *cached_nt_pass = (const uint8 *)centry_string(centry, mem_ctx);
+ *cached_nt_pass = (const uint8 *)centry_hash16(centry, mem_ctx);
#if DEBUG_PASSWORD
dump_data(100, (const char *)cached_nt_pass, NT_HASH_LEN);
@@ -905,7 +947,7 @@
#endif
centry_put_time(centry, time(NULL));
- centry_put_string(centry, (const char *)nt_pass);
+ centry_put_hash16(centry, nt_pass);
centry_end(centry, CRED/%s, sid_to_string(sid_string, sid));
DEBUG(10,(wcache_save_creds: %s\n, sid_string));
@@ -1240,7 +1282,7 @@
status = domain-backend-name_to_sid(domain, mem_ctx, domain_name,
name, sid, type);
/* and save it */
- if (domain-online || !is_null_sid(sid)) {
+ if (domain-online !is_null_sid(sid)) {
wcache_save_name_to_sid(domain, status, domain_name, name, sid,
*type);
}
