関数 | |
static BOOL | read_sid_from_file (const char *fname, DOM_SID *sid) |
static void | generate_random_sid (DOM_SID *sid) |
static DOM_SID * | pdb_generate_sam_sid (void) |
DOM_SID * | get_global_sam_sid (void) |
void | reset_global_sam_sid (void) |
Force get_global_sam_sid to requery the backends | |
BOOL | sid_check_is_domain (const DOM_SID *sid) |
BOOL | sid_check_is_in_our_domain (const DOM_SID *sid) |
変数 | |
static DOM_SID * | global_sam_sid = NULL |
machine_sid.c の 39 行で定義されています。
参照先 file_lines_free()・file_lines_load()・string_to_sid().
00040 { 00041 char **lines; 00042 int numlines; 00043 BOOL ret; 00044 00045 lines = file_lines_load(fname, &numlines,0); 00046 00047 if (!lines || numlines < 1) { 00048 if (lines) file_lines_free(lines); 00049 return False; 00050 } 00051 00052 ret = string_to_sid(sid, lines[0]); 00053 file_lines_free(lines); 00054 return ret; 00055 }
static void generate_random_sid | ( | DOM_SID * | sid | ) | [static] |
machine_sid.c の 60 行で定義されています。
00061 { 00062 int i; 00063 uchar raw_sid_data[12]; 00064 00065 memset((char *)sid, '\0', sizeof(*sid)); 00066 sid->sid_rev_num = 1; 00067 sid->id_auth[5] = 5; 00068 sid->num_auths = 0; 00069 sid->sub_auths[sid->num_auths++] = 21; 00070 00071 generate_random_buffer(raw_sid_data, 12); 00072 for (i = 0; i < 3; i++) 00073 sid->sub_auths[sid->num_auths++] = IVAL(raw_sid_data, i*4); 00074 }
static DOM_SID* pdb_generate_sam_sid | ( | void | ) | [static] |
machine_sid.c の 80 行で定義されています。
参照先 asprintf()・domain_sid・generate_random_sid()・global_myname・lp_workgroup()・read_sid_from_file()・secrets_fetch_domain_sid()・secrets_store_domain_sid()・sid_copy()・sid_equal().
参照元 get_global_sam_sid().
00081 { 00082 DOM_SID domain_sid; 00083 char *fname = NULL; 00084 DOM_SID *sam_sid; 00085 00086 if(!(sam_sid=SMB_MALLOC_P(DOM_SID))) 00087 return NULL; 00088 00089 if ( IS_DC ) { 00090 if (secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) { 00091 sid_copy(sam_sid, &domain_sid); 00092 return sam_sid; 00093 } 00094 } 00095 00096 if (secrets_fetch_domain_sid(global_myname(), sam_sid)) { 00097 00098 /* We got our sid. If not a pdc/bdc, we're done. */ 00099 if ( !IS_DC ) 00100 return sam_sid; 00101 00102 if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) { 00103 00104 /* No domain sid and we're a pdc/bdc. Store it */ 00105 00106 if (!secrets_store_domain_sid(lp_workgroup(), sam_sid)) { 00107 DEBUG(0,("pdb_generate_sam_sid: Can't store domain SID as a pdc/bdc.\n")); 00108 SAFE_FREE(sam_sid); 00109 return NULL; 00110 } 00111 return sam_sid; 00112 } 00113 00114 if (!sid_equal(&domain_sid, sam_sid)) { 00115 00116 /* Domain name sid doesn't match global sam sid. Re-store domain sid as 'local' sid. */ 00117 00118 DEBUG(0,("pdb_generate_sam_sid: Mismatched SIDs as a pdc/bdc.\n")); 00119 if (!secrets_store_domain_sid(global_myname(), &domain_sid)) { 00120 DEBUG(0,("pdb_generate_sam_sid: Can't re-store domain SID for local sid as PDC/BDC.\n")); 00121 SAFE_FREE(sam_sid); 00122 return NULL; 00123 } 00124 return sam_sid; 00125 } 00126 00127 return sam_sid; 00128 00129 } 00130 00131 /* check for an old MACHINE.SID file for backwards compatibility */ 00132 asprintf(&fname, "%s/MACHINE.SID", lp_private_dir()); 00133 00134 if (read_sid_from_file(fname, sam_sid)) { 00135 /* remember it for future reference and unlink the old MACHINE.SID */ 00136 if (!secrets_store_domain_sid(global_myname(), sam_sid)) { 00137 DEBUG(0,("pdb_generate_sam_sid: Failed to store SID from file.\n")); 00138 SAFE_FREE(fname); 00139 SAFE_FREE(sam_sid); 00140 return NULL; 00141 } 00142 unlink(fname); 00143 if ( !IS_DC ) { 00144 if (!secrets_store_domain_sid(lp_workgroup(), sam_sid)) { 00145 DEBUG(0,("pdb_generate_sam_sid: Failed to store domain SID from file.\n")); 00146 SAFE_FREE(fname); 00147 SAFE_FREE(sam_sid); 00148 return NULL; 00149 } 00150 } 00151 00152 /* Stored the old sid from MACHINE.SID successfully.*/ 00153 SAFE_FREE(fname); 00154 return sam_sid; 00155 } 00156 00157 SAFE_FREE(fname); 00158 00159 /* we don't have the SID in secrets.tdb, we will need to 00160 generate one and save it */ 00161 generate_random_sid(sam_sid); 00162 00163 if (!secrets_store_domain_sid(global_myname(), sam_sid)) { 00164 DEBUG(0,("pdb_generate_sam_sid: Failed to store generated machine SID.\n")); 00165 SAFE_FREE(sam_sid); 00166 return NULL; 00167 } 00168 if ( IS_DC ) { 00169 if (!secrets_store_domain_sid(lp_workgroup(), sam_sid)) { 00170 DEBUG(0,("pdb_generate_sam_sid: Failed to store generated domain SID.\n")); 00171 SAFE_FREE(sam_sid); 00172 return NULL; 00173 } 00174 } 00175 00176 return sam_sid; 00177 }
DOM_SID* get_global_sam_sid | ( | void | ) |
machine_sid.c の 180 行で定義されています。
参照先 global_sam_sid・pdb_generate_sam_sid()・smb_panic().
参照元 _lsa_open_policy()・_lsa_open_policy2()・_lsa_query_info()・_lsa_query_info2()・_samr_add_groupmem()・_samr_create_dom_alias()・_samr_create_dom_group()・_samr_create_user()・_samr_del_groupmem()・_samr_delete_dom_group()・_samr_open_group()・_samr_query_sec_obj()・_samr_query_usergroups()・_samr_remove_sid_foreign_domain()・add_builtin_administrators()・add_new_domain_info()・construct_default_printer_sdb()・export_groups()・fetch_account_info()・fetch_group_info()・fetch_group_mem_info()・get_maxrid()・get_samr_dispinfo_by_sid()・idmap_can_map()・init_domain_list()・ldapgroup2displayentry()・ldapsam_change_groupmem()・ldapsam_create_dom_group()・ldapsam_create_user()・ldapsam_delete_dom_group()・ldapsam_search_groups()・ldapuser2displayentry()・legacy_sid_to_gid()・legacy_sid_to_uid()・legacy_uid_to_sid()・lookup_global_sam_rid()・lookup_name()・lsa_get_generic_sd()・main()・make_new_server_info_guest()・make_samr_object_sd()・map_unix_group()・net_getdomainsid()・net_getlocalsid()・net_groupmap_add()・net_groupmap_memberships()・net_groupmap_set()・net_sam_list_localgroups()・net_sam_provision()・new_machine()・new_user()・nt_token_check_domain_rid()・pdb_default_add_groupmem()・pdb_default_create_alias()・pdb_default_create_dom_group()・pdb_default_create_user()・pdb_default_del_groupmem()・pdb_default_delete_dom_group()・pdb_default_search_groups()・pdb_default_sid_to_id()・pdb_default_uid_to_rid()・pdb_get_group_rid()・pdb_get_group_sid()・pdb_get_user_rid()・pdb_getsampwsid()・pdb_init_ldapsam()・pdb_init_ldapsam_compat()・pdb_set_group_sid()・pdb_set_group_sid_from_rid()・pdb_set_user_sid_from_rid()・process_root()・rpc_vampire_internals()・samu_set_unix_internal()・set_user_info()・sid_check_is_domain()・sid_check_is_in_our_domain()・tdbsam_getsampwsid().
00181 { 00182 if (global_sam_sid != NULL) 00183 return global_sam_sid; 00184 00185 /* memory for global_sam_sid is allocated in 00186 pdb_generate_sam_sid() as needed */ 00187 00188 if (!(global_sam_sid = pdb_generate_sam_sid())) { 00189 smb_panic("Could not generate a machine SID\n"); 00190 } 00191 00192 return global_sam_sid; 00193 }
void reset_global_sam_sid | ( | void | ) |
Force get_global_sam_sid to requery the backends
machine_sid.c の 198 行で定義されています。
参照先 global_sam_sid.
参照元 secrets_store_domain_sid().
00199 { 00200 SAFE_FREE(global_sam_sid); 00201 }
machine_sid.c の 207 行で定義されています。
参照先 get_global_sam_sid()・sid_equal().
参照元 _samr_open_domain()・_samr_query_useraliases()・check_dom_sid_to_level()・get_samr_dispinfo_by_sid()・is_internal_domain()・ldapsam_lookup_rids()・lookup_as_domain()・lookup_rids()・pdb_default_lookup_names()・pdb_default_lookup_rids().
00208 { 00209 return sid_equal(sid, get_global_sam_sid()); 00210 }
machine_sid.c の 216 行で定義されています。
参照先 get_global_sam_sid()・sid_copy()・sid_equal()・sid_split_rid().
参照元 _samr_delete_dom_alias()・_samr_delete_dom_user()・_samr_get_usrdom_pwinfo()・_samr_query_groupmem()・_samr_query_sec_obj()・_samr_query_usergroups()・_samr_query_userinfo()・create_token_from_username()・get_samr_dispinfo_by_sid()・gettoken_recvdomgroups()・is_in_internal_domain()・ldapsam_enum_aliasmem()・ldapsam_modify_aliasmem()・lookup_global_sam_name()・net_groupmap_cleanup()・pdb_default_enum_group_members()・sam_lookup_groupmem()・sam_query_user()・sid_to_name().
00217 { 00218 DOM_SID dom_sid; 00219 uint32 rid; 00220 00221 sid_copy(&dom_sid, sid); 00222 sid_split_rid(&dom_sid, &rid); 00223 00224 return sid_equal(&dom_sid, get_global_sam_sid()); 00225 }
DOM_SID* global_sam_sid = NULL [static] |