Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

pdb_tdb.c@ 101

Visit:

Last change on this file since 101 was 1, checked in by Paul Smedley, 18 years ago
Initial code import
File size: 44.6 KB

Line
1	/*
2	* Unix SMB/CIFS implementation.
3	* SMB parameters and setup
4	* Copyright (C) Andrew Tridgell 1992-1998
5	* Copyright (C) Simo Sorce 2000-2003
6	* Copyright (C) Gerald Carter 2000-2006
7	* Copyright (C) Jeremy Allison 2001
8	* Copyright (C) Andrew Bartlett 2002
9	* Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2005
10	*
11	* This program is free software; you can redistribute it and/or modify it under
12	* the terms of the GNU General Public License as published by the Free
13	* Software Foundation; either version 2 of the License, or (at your option)
14	* any later version.
15	*
16	* This program is distributed in the hope that it will be useful, but WITHOUT
17	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
18	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
19	* more details.
20	*
21	* You should have received a copy of the GNU General Public License along with
22	* this program; if not, write to the Free Software Foundation, Inc., 675
23	* Mass Ave, Cambridge, MA 02139, USA.
24	*/
25
26	#include "includes.h"
27
28	#if 0 /* when made a module use this */
29
30	static int tdbsam_debug_level = DBGC_ALL;
31	#undef DBGC_CLASS
32	#define DBGC_CLASS tdbsam_debug_level
33
34	#else
35
36	#undef DBGC_CLASS
37	#define DBGC_CLASS DBGC_PASSDB
38
39	#endif
40
41	#define TDBSAM_VERSION 3 /* Most recent TDBSAM version */
42	#define TDBSAM_VERSION_STRING "INFO/version"
43	#define PASSDB_FILE_NAME "passdb.tdb"
44	#define USERPREFIX "USER_"
45	#define RIDPREFIX "RID_"
46	#define PRIVPREFIX "PRIV_"
47
48	struct pwent_list {
49	struct pwent_list prev, next;
50	TDB_DATA key;
51	};
52	static struct pwent_list *tdbsam_pwent_list;
53	static BOOL pwent_initialized;
54
55	/* GLOBAL TDB SAM CONTEXT */
56
57	static TDB_CONTEXT *tdbsam;
58	static int ref_count = 0;
59	static pstring tdbsam_filename;
60
61	/**********************************************************************
62	Marshall/unmarshall struct samu structs.
63	*********************************************************************/
64
65	#define TDB_FORMAT_STRING_V0 "ddddddBBBBBBBBBBBBddBBwdwdBwwd"
66	#define TDB_FORMAT_STRING_V1 "dddddddBBBBBBBBBBBBddBBwdwdBwwd"
67	#define TDB_FORMAT_STRING_V2 "dddddddBBBBBBBBBBBBddBBBwwdBwwd"
68
69	/*********************************************************************
70	*********************************************************************/
71
72	static BOOL init_sam_from_buffer_v0(struct samu sampass, uint8 buf, uint32 buflen)
73	{
74
75	/* times are stored as 32bit integer
76	take care on system with 64bit wide time_t
77	--SSS */
78	uint32 logon_time,
79	logoff_time,
80	kickoff_time,
81	pass_last_set_time,
82	pass_can_change_time,
83	pass_must_change_time;
84	char *username = NULL;
85	char *domain = NULL;
86	char *nt_username = NULL;
87	char *dir_drive = NULL;
88	char *unknown_str = NULL;
89	char *munged_dial = NULL;
90	char *fullname = NULL;
91	char *homedir = NULL;
92	char *logon_script = NULL;
93	char *profile_path = NULL;
94	char *acct_desc = NULL;
95	char *workstations = NULL;
96	uint32 username_len, domain_len, nt_username_len,
97	dir_drive_len, unknown_str_len, munged_dial_len,
98	fullname_len, homedir_len, logon_script_len,
99	profile_path_len, acct_desc_len, workstations_len;
100
101	uint32 user_rid, group_rid, remove_me, hours_len, unknown_6;
102	uint16 acct_ctrl, logon_divs;
103	uint16 bad_password_count, logon_count;
104	uint8 *hours = NULL;
105	uint8 lm_pw_ptr = NULL, nt_pw_ptr = NULL;
106	uint32 len = 0;
107	uint32 lm_pw_len, nt_pw_len, hourslen;
108	BOOL ret = True;
109
110	if(sampass == NULL \|\| buf == NULL) {
111	DEBUG(0, ("init_sam_from_buffer_v0: NULL parameters found!\n"));
112	return False;
113	}
114
115	/* TDB_FORMAT_STRING_V0 "ddddddBBBBBBBBBBBBddBBwdwdBwwd" */
116
117	/* unpack the buffer into variables */
118	len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V0,
119	&logon_time, /* d */
120	&logoff_time, /* d */
121	&kickoff_time, /* d */
122	&pass_last_set_time, /* d */
123	&pass_can_change_time, /* d */
124	&pass_must_change_time, /* d */
125	&username_len, &username, /* B */
126	&domain_len, &domain, /* B */
127	&nt_username_len, &nt_username, /* B */
128	&fullname_len, &fullname, /* B */
129	&homedir_len, &homedir, /* B */
130	&dir_drive_len, &dir_drive, /* B */
131	&logon_script_len, &logon_script, /* B */
132	&profile_path_len, &profile_path, /* B */
133	&acct_desc_len, &acct_desc, /* B */
134	&workstations_len, &workstations, /* B */
135	&unknown_str_len, &unknown_str, /* B */
136	&munged_dial_len, &munged_dial, /* B */
137	&user_rid, /* d */
138	&group_rid, /* d */
139	&lm_pw_len, &lm_pw_ptr, /* B */
140	&nt_pw_len, &nt_pw_ptr, /* B */
141	&acct_ctrl, /* w */
142	&remove_me, /* remove on the next TDB_FORMAT upgarde / / d */
143	&logon_divs, /* w */
144	&hours_len, /* d */
145	&hourslen, &hours, /* B */
146	&bad_password_count, /* w */
147	&logon_count, /* w */
148	&unknown_6); /* d */
149
150	if (len == (uint32) -1) {
151	ret = False;
152	goto done;
153	}
154
155	pdb_set_logon_time(sampass, logon_time, PDB_SET);
156	pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
157	pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
158	pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
159	pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
160	pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
161
162	pdb_set_username(sampass, username, PDB_SET);
163	pdb_set_domain(sampass, domain, PDB_SET);
164	pdb_set_nt_username(sampass, nt_username, PDB_SET);
165	pdb_set_fullname(sampass, fullname, PDB_SET);
166
167	if (homedir) {
168	pdb_set_homedir(sampass, homedir, PDB_SET);
169	}
170	else {
171	pdb_set_homedir(sampass,
172	talloc_sub_basic(sampass, username, domain,
173	lp_logon_home()),
174	PDB_DEFAULT);
175	}
176
177	if (dir_drive)
178	pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
179	else {
180	pdb_set_dir_drive(sampass,
181	talloc_sub_basic(sampass, username, domain,
182	lp_logon_drive()),
183	PDB_DEFAULT);
184	}
185
186	if (logon_script)
187	pdb_set_logon_script(sampass, logon_script, PDB_SET);
188	else {
189	pdb_set_logon_script(sampass,
190	talloc_sub_basic(sampass, username, domain,
191	lp_logon_script()),
192	PDB_DEFAULT);
193	}
194
195	if (profile_path) {
196	pdb_set_profile_path(sampass, profile_path, PDB_SET);
197	} else {
198	pdb_set_profile_path(sampass,
199	talloc_sub_basic(sampass, username, domain,
200	lp_logon_path()),
201	PDB_DEFAULT);
202	}
203
204	pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
205	pdb_set_workstations(sampass, workstations, PDB_SET);
206	pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
207
208	if (lm_pw_ptr && lm_pw_len == LM_HASH_LEN) {
209	if (!pdb_set_lanman_passwd(sampass, lm_pw_ptr, PDB_SET)) {
210	ret = False;
211	goto done;
212	}
213	}
214
215	if (nt_pw_ptr && nt_pw_len == NT_HASH_LEN) {
216	if (!pdb_set_nt_passwd(sampass, nt_pw_ptr, PDB_SET)) {
217	ret = False;
218	goto done;
219	}
220	}
221
222	pdb_set_pw_history(sampass, NULL, 0, PDB_SET);
223	pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
224	pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET);
225	pdb_set_hours_len(sampass, hours_len, PDB_SET);
226	pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
227	pdb_set_logon_count(sampass, logon_count, PDB_SET);
228	pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
229	pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
230	pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
231	pdb_set_hours(sampass, hours, PDB_SET);
232
233	done:
234
235	SAFE_FREE(username);
236	SAFE_FREE(domain);
237	SAFE_FREE(nt_username);
238	SAFE_FREE(fullname);
239	SAFE_FREE(homedir);
240	SAFE_FREE(dir_drive);
241	SAFE_FREE(logon_script);
242	SAFE_FREE(profile_path);
243	SAFE_FREE(acct_desc);
244	SAFE_FREE(workstations);
245	SAFE_FREE(munged_dial);
246	SAFE_FREE(unknown_str);
247	SAFE_FREE(lm_pw_ptr);
248	SAFE_FREE(nt_pw_ptr);
249	SAFE_FREE(hours);
250
251	return ret;
252	}
253
254	/*********************************************************************
255	*********************************************************************/
256
257	static BOOL init_sam_from_buffer_v1(struct samu sampass, uint8 buf, uint32 buflen)
258	{
259
260	/* times are stored as 32bit integer
261	take care on system with 64bit wide time_t
262	--SSS */
263	uint32 logon_time,
264	logoff_time,
265	kickoff_time,
266	bad_password_time,
267	pass_last_set_time,
268	pass_can_change_time,
269	pass_must_change_time;
270	char *username = NULL;
271	char *domain = NULL;
272	char *nt_username = NULL;
273	char *dir_drive = NULL;
274	char *unknown_str = NULL;
275	char *munged_dial = NULL;
276	char *fullname = NULL;
277	char *homedir = NULL;
278	char *logon_script = NULL;
279	char *profile_path = NULL;
280	char *acct_desc = NULL;
281	char *workstations = NULL;
282	uint32 username_len, domain_len, nt_username_len,
283	dir_drive_len, unknown_str_len, munged_dial_len,
284	fullname_len, homedir_len, logon_script_len,
285	profile_path_len, acct_desc_len, workstations_len;
286
287	uint32 user_rid, group_rid, remove_me, hours_len, unknown_6;
288	uint16 acct_ctrl, logon_divs;
289	uint16 bad_password_count, logon_count;
290	uint8 *hours = NULL;
291	uint8 lm_pw_ptr = NULL, nt_pw_ptr = NULL;
292	uint32 len = 0;
293	uint32 lm_pw_len, nt_pw_len, hourslen;
294	BOOL ret = True;
295
296	if(sampass == NULL \|\| buf == NULL) {
297	DEBUG(0, ("init_sam_from_buffer_v1: NULL parameters found!\n"));
298	return False;
299	}
300
301	/* TDB_FORMAT_STRING_V1 "dddddddBBBBBBBBBBBBddBBwdwdBwwd" */
302
303	/* unpack the buffer into variables */
304	len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V1,
305	&logon_time, /* d */
306	&logoff_time, /* d */
307	&kickoff_time, /* d */
308	/* Change from V0 is addition of bad_password_time field. */
309	&bad_password_time, /* d */
310	&pass_last_set_time, /* d */
311	&pass_can_change_time, /* d */
312	&pass_must_change_time, /* d */
313	&username_len, &username, /* B */
314	&domain_len, &domain, /* B */
315	&nt_username_len, &nt_username, /* B */
316	&fullname_len, &fullname, /* B */
317	&homedir_len, &homedir, /* B */
318	&dir_drive_len, &dir_drive, /* B */
319	&logon_script_len, &logon_script, /* B */
320	&profile_path_len, &profile_path, /* B */
321	&acct_desc_len, &acct_desc, /* B */
322	&workstations_len, &workstations, /* B */
323	&unknown_str_len, &unknown_str, /* B */
324	&munged_dial_len, &munged_dial, /* B */
325	&user_rid, /* d */
326	&group_rid, /* d */
327	&lm_pw_len, &lm_pw_ptr, /* B */
328	&nt_pw_len, &nt_pw_ptr, /* B */
329	&acct_ctrl, /* w */
330	&remove_me, /* d */
331	&logon_divs, /* w */
332	&hours_len, /* d */
333	&hourslen, &hours, /* B */
334	&bad_password_count, /* w */
335	&logon_count, /* w */
336	&unknown_6); /* d */
337
338	if (len == (uint32) -1) {
339	ret = False;
340	goto done;
341	}
342
343	pdb_set_logon_time(sampass, logon_time, PDB_SET);
344	pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
345	pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
346
347	/* Change from V0 is addition of bad_password_time field. */
348	pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET);
349	pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
350	pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
351	pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
352
353	pdb_set_username(sampass, username, PDB_SET);
354	pdb_set_domain(sampass, domain, PDB_SET);
355	pdb_set_nt_username(sampass, nt_username, PDB_SET);
356	pdb_set_fullname(sampass, fullname, PDB_SET);
357
358	if (homedir) {
359	pdb_set_homedir(sampass, homedir, PDB_SET);
360	}
361	else {
362	pdb_set_homedir(sampass,
363	talloc_sub_basic(sampass, username, domain,
364	lp_logon_home()),
365	PDB_DEFAULT);
366	}
367
368	if (dir_drive)
369	pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
370	else {
371	pdb_set_dir_drive(sampass,
372	talloc_sub_basic(sampass, username, domain,
373	lp_logon_drive()),
374	PDB_DEFAULT);
375	}
376
377	if (logon_script)
378	pdb_set_logon_script(sampass, logon_script, PDB_SET);
379	else {
380	pdb_set_logon_script(sampass,
381	talloc_sub_basic(sampass, username, domain,
382	lp_logon_script()),
383	PDB_DEFAULT);
384	}
385
386	if (profile_path) {
387	pdb_set_profile_path(sampass, profile_path, PDB_SET);
388	} else {
389	pdb_set_profile_path(sampass,
390	talloc_sub_basic(sampass, username, domain,
391	lp_logon_path()),
392	PDB_DEFAULT);
393	}
394
395	pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
396	pdb_set_workstations(sampass, workstations, PDB_SET);
397	pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
398
399	if (lm_pw_ptr && lm_pw_len == LM_HASH_LEN) {
400	if (!pdb_set_lanman_passwd(sampass, lm_pw_ptr, PDB_SET)) {
401	ret = False;
402	goto done;
403	}
404	}
405
406	if (nt_pw_ptr && nt_pw_len == NT_HASH_LEN) {
407	if (!pdb_set_nt_passwd(sampass, nt_pw_ptr, PDB_SET)) {
408	ret = False;
409	goto done;
410	}
411	}
412
413	pdb_set_pw_history(sampass, NULL, 0, PDB_SET);
414
415	pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
416	pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET);
417	pdb_set_hours_len(sampass, hours_len, PDB_SET);
418	pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
419	pdb_set_logon_count(sampass, logon_count, PDB_SET);
420	pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
421	pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
422	pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
423	pdb_set_hours(sampass, hours, PDB_SET);
424
425	done:
426
427	SAFE_FREE(username);
428	SAFE_FREE(domain);
429	SAFE_FREE(nt_username);
430	SAFE_FREE(fullname);
431	SAFE_FREE(homedir);
432	SAFE_FREE(dir_drive);
433	SAFE_FREE(logon_script);
434	SAFE_FREE(profile_path);
435	SAFE_FREE(acct_desc);
436	SAFE_FREE(workstations);
437	SAFE_FREE(munged_dial);
438	SAFE_FREE(unknown_str);
439	SAFE_FREE(lm_pw_ptr);
440	SAFE_FREE(nt_pw_ptr);
441	SAFE_FREE(hours);
442
443	return ret;
444	}
445
446	BOOL init_sam_from_buffer_v2(struct samu sampass, uint8 buf, uint32 buflen)
447	{
448
449	/* times are stored as 32bit integer
450	take care on system with 64bit wide time_t
451	--SSS */
452	uint32 logon_time,
453	logoff_time,
454	kickoff_time,
455	bad_password_time,
456	pass_last_set_time,
457	pass_can_change_time,
458	pass_must_change_time;
459	char *username = NULL;
460	char *domain = NULL;
461	char *nt_username = NULL;
462	char *dir_drive = NULL;
463	char *unknown_str = NULL;
464	char *munged_dial = NULL;
465	char *fullname = NULL;
466	char *homedir = NULL;
467	char *logon_script = NULL;
468	char *profile_path = NULL;
469	char *acct_desc = NULL;
470	char *workstations = NULL;
471	uint32 username_len, domain_len, nt_username_len,
472	dir_drive_len, unknown_str_len, munged_dial_len,
473	fullname_len, homedir_len, logon_script_len,
474	profile_path_len, acct_desc_len, workstations_len;
475
476	uint32 user_rid, group_rid, hours_len, unknown_6;
477	uint16 acct_ctrl, logon_divs;
478	uint16 bad_password_count, logon_count;
479	uint8 *hours = NULL;
480	uint8 lm_pw_ptr = NULL, nt_pw_ptr = NULL, *nt_pw_hist_ptr = NULL;
481	uint32 len = 0;
482	uint32 lm_pw_len, nt_pw_len, nt_pw_hist_len, hourslen;
483	uint32 pwHistLen = 0;
484	BOOL ret = True;
485	fstring tmpstring;
486	BOOL expand_explicit = lp_passdb_expand_explicit();
487
488	if(sampass == NULL \|\| buf == NULL) {
489	DEBUG(0, ("init_sam_from_buffer_v2: NULL parameters found!\n"));
490	return False;
491	}
492
493	/* TDB_FORMAT_STRING_V2 "dddddddBBBBBBBBBBBBddBBBwwdBwwd" */
494
495	/* unpack the buffer into variables */
496	len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V2,
497	&logon_time, /* d */
498	&logoff_time, /* d */
499	&kickoff_time, /* d */
500	&bad_password_time, /* d */
501	&pass_last_set_time, /* d */
502	&pass_can_change_time, /* d */
503	&pass_must_change_time, /* d */
504	&username_len, &username, /* B */
505	&domain_len, &domain, /* B */
506	&nt_username_len, &nt_username, /* B */
507	&fullname_len, &fullname, /* B */
508	&homedir_len, &homedir, /* B */
509	&dir_drive_len, &dir_drive, /* B */
510	&logon_script_len, &logon_script, /* B */
511	&profile_path_len, &profile_path, /* B */
512	&acct_desc_len, &acct_desc, /* B */
513	&workstations_len, &workstations, /* B */
514	&unknown_str_len, &unknown_str, /* B */
515	&munged_dial_len, &munged_dial, /* B */
516	&user_rid, /* d */
517	&group_rid, /* d */
518	&lm_pw_len, &lm_pw_ptr, /* B */
519	&nt_pw_len, &nt_pw_ptr, /* B */
520	/* Change from V1 is addition of password history field. */
521	&nt_pw_hist_len, &nt_pw_hist_ptr, /* B */
522	&acct_ctrl, /* w */
523	/* Also "remove_me" field was removed. */
524	&logon_divs, /* w */
525	&hours_len, /* d */
526	&hourslen, &hours, /* B */
527	&bad_password_count, /* w */
528	&logon_count, /* w */
529	&unknown_6); /* d */
530
531	if (len == (uint32) -1) {
532	ret = False;
533	goto done;
534	}
535
536	pdb_set_logon_time(sampass, logon_time, PDB_SET);
537	pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
538	pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
539	pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET);
540	pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
541	pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
542	pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
543
544	pdb_set_username(sampass, username, PDB_SET);
545	pdb_set_domain(sampass, domain, PDB_SET);
546	pdb_set_nt_username(sampass, nt_username, PDB_SET);
547	pdb_set_fullname(sampass, fullname, PDB_SET);
548
549	if (homedir) {
550	fstrcpy( tmpstring, homedir );
551	if (expand_explicit) {
552	standard_sub_basic( username, domain, tmpstring,
553	sizeof(tmpstring) );
554	}
555	pdb_set_homedir(sampass, tmpstring, PDB_SET);
556	}
557	else {
558	pdb_set_homedir(sampass,
559	talloc_sub_basic(sampass, username, domain,
560	lp_logon_home()),
561	PDB_DEFAULT);
562	}
563
564	if (dir_drive)
565	pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
566	else
567	pdb_set_dir_drive(sampass, lp_logon_drive(), PDB_DEFAULT );
568
569	if (logon_script) {
570	fstrcpy( tmpstring, logon_script );
571	if (expand_explicit) {
572	standard_sub_basic( username, domain, tmpstring,
573	sizeof(tmpstring) );
574	}
575	pdb_set_logon_script(sampass, tmpstring, PDB_SET);
576	}
577	else {
578	pdb_set_logon_script(sampass,
579	talloc_sub_basic(sampass, username, domain,
580	lp_logon_script()),
581	PDB_DEFAULT);
582	}
583
584	if (profile_path) {
585	fstrcpy( tmpstring, profile_path );
586	if (expand_explicit) {
587	standard_sub_basic( username, domain, tmpstring,
588	sizeof(tmpstring) );
589	}
590	pdb_set_profile_path(sampass, tmpstring, PDB_SET);
591	}
592	else {
593	pdb_set_profile_path(sampass,
594	talloc_sub_basic(sampass, username, domain,
595	lp_logon_path()),
596	PDB_DEFAULT);
597	}
598
599	pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
600	pdb_set_workstations(sampass, workstations, PDB_SET);
601	pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
602
603	if (lm_pw_ptr && lm_pw_len == LM_HASH_LEN) {
604	if (!pdb_set_lanman_passwd(sampass, lm_pw_ptr, PDB_SET)) {
605	ret = False;
606	goto done;
607	}
608	}
609
610	if (nt_pw_ptr && nt_pw_len == NT_HASH_LEN) {
611	if (!pdb_set_nt_passwd(sampass, nt_pw_ptr, PDB_SET)) {
612	ret = False;
613	goto done;
614	}
615	}
616
617	/* Change from V1 is addition of password history field. */
618	pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
619	if (pwHistLen) {
620	uint8 pw_hist = SMB_MALLOC_ARRAY(uint8, pwHistLen PW_HISTORY_ENTRY_LEN);
621	if (!pw_hist) {
622	ret = False;
623	goto done;
624	}
625	memset(pw_hist, '\0', pwHistLen * PW_HISTORY_ENTRY_LEN);
626	if (nt_pw_hist_ptr && nt_pw_hist_len) {
627	int i;
628	SMB_ASSERT((nt_pw_hist_len % PW_HISTORY_ENTRY_LEN) == 0);
629	nt_pw_hist_len /= PW_HISTORY_ENTRY_LEN;
630	for (i = 0; (i < pwHistLen) && (i < nt_pw_hist_len); i++) {
631	memcpy(&pw_hist[i*PW_HISTORY_ENTRY_LEN],
632	&nt_pw_hist_ptr[i*PW_HISTORY_ENTRY_LEN],
633	PW_HISTORY_ENTRY_LEN);
634	}
635	}
636	if (!pdb_set_pw_history(sampass, pw_hist, pwHistLen, PDB_SET)) {
637	SAFE_FREE(pw_hist);
638	ret = False;
639	goto done;
640	}
641	SAFE_FREE(pw_hist);
642	} else {
643	pdb_set_pw_history(sampass, NULL, 0, PDB_SET);
644	}
645
646	pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
647	pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET);
648	pdb_set_hours_len(sampass, hours_len, PDB_SET);
649	pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
650	pdb_set_logon_count(sampass, logon_count, PDB_SET);
651	pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
652	pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
653	pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
654	pdb_set_hours(sampass, hours, PDB_SET);
655
656	done:
657
658	SAFE_FREE(username);
659	SAFE_FREE(domain);
660	SAFE_FREE(nt_username);
661	SAFE_FREE(fullname);
662	SAFE_FREE(homedir);
663	SAFE_FREE(dir_drive);
664	SAFE_FREE(logon_script);
665	SAFE_FREE(profile_path);
666	SAFE_FREE(acct_desc);
667	SAFE_FREE(workstations);
668	SAFE_FREE(munged_dial);
669	SAFE_FREE(unknown_str);
670	SAFE_FREE(lm_pw_ptr);
671	SAFE_FREE(nt_pw_ptr);
672	SAFE_FREE(nt_pw_hist_ptr);
673	SAFE_FREE(hours);
674
675	return ret;
676	}
677
678
679	/**********************************************************************
680	Intialize a struct samu struct from a BYTE buffer of size len
681	*********************************************************************/
682
683	static BOOL init_sam_from_buffer(struct samu sampass, uint8 buf, uint32 buflen)
684	{
685	return init_sam_from_buffer_v3(sampass, buf, buflen);
686	}
687
688	/**********************************************************************
689	Intialize a BYTE buffer from a struct samu struct
690	*********************************************************************/
691
692	static uint32 init_buffer_from_sam (uint8 *buf, struct samu sampass, BOOL size_only)
693	{
694	return init_buffer_from_sam_v3(buf, sampass, size_only);
695	}
696
697	/**********************************************************************
698	Intialize a BYTE buffer from a struct samu struct
699	*********************************************************************/
700
701	static BOOL tdbsam_convert(int32 from)
702	{
703	const char *vstring = TDBSAM_VERSION_STRING;
704	const char *prefix = USERPREFIX;
705	TDB_DATA data, key, old_key;
706	uint8 *buf = NULL;
707	BOOL ret;
708
709	/* handle a Samba upgrade */
710	tdb_lock_bystring(tdbsam, vstring);
711
712	/* Enumerate all records and convert them */
713	key = tdb_firstkey(tdbsam);
714
715	while (key.dptr) {
716
717	/* skip all non-USER entries (eg. RIDs) */
718	while ((key.dsize != 0) && (strncmp(key.dptr, prefix, strlen (prefix)))) {
719	old_key = key;
720	/* increment to next in line */
721	key = tdb_nextkey(tdbsam, key);
722	SAFE_FREE(old_key.dptr);
723	}
724
725	if (key.dptr) {
726	struct samu *user = NULL;
727
728	/* read from tdbsam */
729	data = tdb_fetch(tdbsam, key);
730	if (!data.dptr) {
731	DEBUG(0,("tdbsam_convert: database entry not found: %s.\n",key.dptr));
732	return False;
733	}
734
735	/* unpack the buffer from the former format */
736	if ( !(user = samu_new( NULL )) ) {
737	DEBUG(0,("tdbsam_convert: samu_new() failed!\n"));
738	SAFE_FREE( data.dptr );
739	return False;
740	}
741	DEBUG(10,("tdbsam_convert: Try unpacking a record with (key:%s) (version:%d)\n", key.dptr, from));
742	switch (from) {
743	case 0:
744	ret = init_sam_from_buffer_v0(user, (uint8 *)data.dptr, data.dsize);
745	break;
746	case 1:
747	ret = init_sam_from_buffer_v1(user, (uint8 *)data.dptr, data.dsize);
748	break;
749	case 2:
750	ret = init_sam_from_buffer_v2(user, (uint8 *)data.dptr, data.dsize);
751	break;
752	case 3:
753	ret = init_sam_from_buffer_v3(user, (uint8 *)data.dptr, data.dsize);
754	break;
755	default:
756	/* unknown tdbsam version */
757	ret = False;
758	}
759	if (!ret) {
760	DEBUG(0,("tdbsam_convert: Bad struct samu entry returned from TDB (key:%s) (version:%d)\n", key.dptr, from));
761	SAFE_FREE(data.dptr);
762	TALLOC_FREE(user );
763	return False;
764	}
765
766	/* We're finished with the old data. */
767	SAFE_FREE(data.dptr);
768
769	/* pack from the buffer into the new format */
770
771	DEBUG(10,("tdbsam_convert: Try packing a record (key:%s) (version:%d)\n", key.dptr, from));
772	data.dsize = init_buffer_from_sam (&buf, user, False);
773	TALLOC_FREE(user );
774
775	if ( data.dsize == -1 ) {
776	DEBUG(0,("tdbsam_convert: cannot pack the struct samu into the new format\n"));
777	return False;
778	}
779	data.dptr = (char *)buf;
780
781	/* Store the buffer inside the TDBSAM */
782	if (tdb_store(tdbsam, key, data, TDB_MODIFY) != TDB_SUCCESS) {
783	DEBUG(0,("tdbsam_convert: cannot store the struct samu (key:%s) in new format\n",key.dptr));
784	SAFE_FREE(data.dptr);
785	return False;
786	}
787
788	SAFE_FREE(data.dptr);
789
790	/* increment to next in line */
791	old_key = key;
792	key = tdb_nextkey(tdbsam, key);
793	SAFE_FREE(old_key.dptr);
794	}
795
796	}
797
798
799	/* upgrade finished */
800	tdb_store_int32(tdbsam, vstring, TDBSAM_VERSION);
801	tdb_unlock_bystring(tdbsam, vstring);
802
803	return(True);
804	}
805
806	/*********************************************************************
807	Open the tdbsam file based on the absolute path specified.
808	Uses a reference count to allow multiple open calls.
809	*********************************************************************/
810
811	static BOOL tdbsam_open( const char *name )
812	{
813	int32 version;
814
815	/* check if we are already open */
816
817	if ( tdbsam ) {
818	ref_count++;
819	DEBUG(8,("tdbsam_open: Incrementing open reference count. Ref count is now %d\n",
820	ref_count));
821	return True;
822	}
823
824	SMB_ASSERT( ref_count == 0 );
825
826	/* Try to open tdb passwd. Create a new one if necessary */
827
828	if (!(tdbsam = tdb_open_log(name, 0, TDB_DEFAULT, O_CREAT\|O_RDWR, 0600))) {
829	DEBUG(0, ("tdbsam_open: Failed to open/create TDB passwd [%s]\n", name));
830	return False;
831	}
832
833	/* set the initial reference count - must be done before tdbsam_convert
834	as that calls tdbsam_open()/tdbsam_close(). */
835
836	ref_count = 1;
837
838	/* Check the version */
839	version = tdb_fetch_int32( tdbsam, TDBSAM_VERSION_STRING );
840
841	if (version == -1) {
842	version = 0; /* Version not found, assume version 0 */
843	}
844
845	/* Compare the version */
846	if (version > TDBSAM_VERSION) {
847	/* Version more recent than the latest known */
848	DEBUG(0, ("tdbsam_open: unknown version => %d\n", version));
849	tdb_close( tdbsam );
850	ref_count = 0;
851	return False;
852	}
853
854
855	if ( version < TDBSAM_VERSION ) {
856	DEBUG(1, ("tdbsam_open: Converting version %d database to version %d.\n",
857	version, TDBSAM_VERSION));
858
859	if ( !tdbsam_convert(version) ) {
860	DEBUG(0, ("tdbsam_open: Error when trying to convert tdbsam [%s]\n",name));
861	tdb_close(tdbsam);
862	ref_count = 0;
863	return False;
864	}
865
866	DEBUG(3, ("TDBSAM converted successfully.\n"));
867	}
868
869	DEBUG(4,("tdbsam_open: successfully opened %s\n", name ));
870
871	return True;
872	}
873
874	/****************************************************************************
875	wrapper atound tdb_close() to handle the reference count
876	****************************************************************************/
877
878	void tdbsam_close( void )
879	{
880	ref_count--;
881
882	DEBUG(8,("tdbsam_close: Reference count is now %d.\n", ref_count));
883
884	SMB_ASSERT(ref_count >= 0 );
885
886	if ( ref_count == 0 ) {
887	tdb_close( tdbsam );
888	tdbsam = NULL;
889	}
890
891	return;
892	}
893
894	/****************************************************************************
895	creates a list of user keys
896	****************************************************************************/
897
898	static int tdbsam_traverse_setpwent(TDB_CONTEXT t, TDB_DATA key, TDB_DATA data, void state)
899	{
900	const char *prefix = USERPREFIX;
901	int prefixlen = strlen (prefix);
902	struct pwent_list *ptr;
903
904	if ( strncmp(key.dptr, prefix, prefixlen) == 0 ) {
905	if ( !(ptr=SMB_MALLOC_P(struct pwent_list)) ) {
906	DEBUG(0,("tdbsam_traverse_setpwent: Failed to malloc new entry for list\n"));
907
908	/* just return 0 and let the traversal continue */
909	return 0;
910	}
911	ZERO_STRUCTP(ptr);
912
913	/* save a copy of the key */
914
915	ptr->key.dptr = (char *)memdup( key.dptr, key.dsize );
916	if (!ptr->key.dptr) {
917	DEBUG(0,("tdbsam_traverse_setpwent: memdup failed\n"));
918	/* just return 0 and let the traversal continue */
919	SAFE_FREE(ptr);
920	return 0;
921	}
922
923	ptr->key.dsize = key.dsize;
924
925	DLIST_ADD( tdbsam_pwent_list, ptr );
926
927	}
928
929	return 0;
930	}
931
932	/***************************************************************
933	Open the TDB passwd database for SAM account enumeration.
934	Save a list of user keys for iteration.
935	****************************************************************/
936
937	static NTSTATUS tdbsam_setsampwent(struct pdb_methods *my_methods, BOOL update, uint32 acb_mask)
938	{
939	if ( !tdbsam_open( tdbsam_filename ) ) {
940	DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
941	return NT_STATUS_ACCESS_DENIED;
942	}
943
944	tdb_traverse( tdbsam, tdbsam_traverse_setpwent, NULL );
945	pwent_initialized = True;
946
947	return NT_STATUS_OK;
948	}
949
950
951	/***************************************************************
952	End enumeration of the TDB passwd list.
953	****************************************************************/
954
955	static void tdbsam_endsampwent(struct pdb_methods *my_methods)
956	{
957	struct pwent_list ptr, ptr_next;
958
959	/* close the tdb only if we have a valid pwent state */
960
961	if ( pwent_initialized ) {
962	DEBUG(7, ("endtdbpwent: closed sam database.\n"));
963	tdbsam_close();
964	}
965
966	/* clear out any remaining entries in the list */
967
968	for ( ptr=tdbsam_pwent_list; ptr; ptr = ptr_next ) {
969	ptr_next = ptr->next;
970	DLIST_REMOVE( tdbsam_pwent_list, ptr );
971	SAFE_FREE( ptr->key.dptr);
972	SAFE_FREE( ptr );
973	}
974
975	pwent_initialized = False;
976	}
977
978	/*****************************************************************
979	Get one struct samu from the TDB (next in line)
980	*****************************************************************/
981
982	static NTSTATUS tdbsam_getsampwent(struct pdb_methods my_methods, struct samu user)
983	{
984	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
985	TDB_DATA data;
986	struct pwent_list *pkey;
987
988	if ( !user ) {
989	DEBUG(0,("tdbsam_getsampwent: struct samu is NULL.\n"));
990	return nt_status;
991	}
992
993	if ( !tdbsam_pwent_list ) {
994	DEBUG(4,("tdbsam_getsampwent: end of list\n"));
995	return nt_status;
996	}
997
998	/* pull the next entry */
999
1000	pkey = tdbsam_pwent_list;
1001	DLIST_REMOVE( tdbsam_pwent_list, pkey );
1002
1003	data = tdb_fetch(tdbsam, pkey->key);
1004
1005	SAFE_FREE( pkey->key.dptr);
1006	SAFE_FREE( pkey);
1007
1008	if ( !data.dptr ) {
1009	DEBUG(5,("pdb_getsampwent: database entry not found. Was the user deleted?\n"));
1010	return nt_status;
1011	}
1012
1013	if ( !init_sam_from_buffer(user, (unsigned char *)data.dptr, data.dsize) ) {
1014	DEBUG(0,("pdb_getsampwent: Bad struct samu entry returned from TDB!\n"));
1015	}
1016
1017	SAFE_FREE( data.dptr );
1018
1019	return NT_STATUS_OK;
1020	}
1021
1022	/******************************************************************
1023	Lookup a name in the SAM TDB
1024	******************************************************************/
1025
1026	static NTSTATUS tdbsam_getsampwnam (struct pdb_methods my_methods, struct samu user, const char *sname)
1027	{
1028	TDB_DATA data, key;
1029	fstring keystr;
1030	fstring name;
1031
1032	if ( !user ) {
1033	DEBUG(0,("pdb_getsampwnam: struct samu is NULL.\n"));
1034	return NT_STATUS_NO_MEMORY;
1035	}
1036
1037	/* Data is stored in all lower-case */
1038	fstrcpy(name, sname);
1039	strlower_m(name);
1040
1041	/* set search key */
1042	slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name);
1043	key.dptr = keystr;
1044	key.dsize = strlen(keystr) + 1;
1045
1046	/* open the database */
1047
1048	if ( !tdbsam_open( tdbsam_filename ) ) {
1049	DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
1050	return NT_STATUS_ACCESS_DENIED;
1051	}
1052
1053	/* get the record */
1054
1055	data = tdb_fetch(tdbsam, key);
1056	if (!data.dptr) {
1057	DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n"));
1058	DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam)));
1059	DEBUGADD(5, (" Key: %s\n", keystr));
1060	tdbsam_close();
1061	return NT_STATUS_NO_SUCH_USER;
1062	}
1063
1064	/* unpack the buffer */
1065
1066	if (!init_sam_from_buffer(user, (unsigned char *)data.dptr, data.dsize)) {
1067	DEBUG(0,("pdb_getsampwent: Bad struct samu entry returned from TDB!\n"));
1068	SAFE_FREE(data.dptr);
1069	tdbsam_close();
1070	return NT_STATUS_NO_MEMORY;
1071	}
1072
1073	/* success */
1074
1075	SAFE_FREE(data.dptr);
1076	tdbsam_close();
1077
1078	return NT_STATUS_OK;
1079	}
1080
1081	/***************************************************************************
1082	Search by rid
1083	**************************************************************************/
1084
1085	static NTSTATUS tdbsam_getsampwrid (struct pdb_methods my_methods, struct samu user, uint32 rid)
1086	{
1087	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
1088	TDB_DATA data, key;
1089	fstring keystr;
1090	fstring name;
1091
1092	if ( !user ) {
1093	DEBUG(0,("pdb_getsampwrid: struct samu is NULL.\n"));
1094	return nt_status;
1095	}
1096
1097	/* set search key */
1098
1099	slprintf(keystr, sizeof(keystr)-1, "%s%.8x", RIDPREFIX, rid);
1100	key.dptr = keystr;
1101	key.dsize = strlen (keystr) + 1;
1102
1103	/* open the database */
1104
1105	if ( !tdbsam_open( tdbsam_filename ) ) {
1106	DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
1107	return NT_STATUS_ACCESS_DENIED;
1108	}
1109
1110	/* get the record */
1111
1112	data = tdb_fetch (tdbsam, key);
1113	if (!data.dptr) {
1114	DEBUG(5,("pdb_getsampwrid (TDB): error looking up RID %d by key %s.\n", rid, keystr));
1115	DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam)));
1116	nt_status = NT_STATUS_UNSUCCESSFUL;
1117	goto done;
1118	}
1119
1120	fstrcpy(name, data.dptr);
1121	SAFE_FREE(data.dptr);
1122
1123	nt_status = tdbsam_getsampwnam (my_methods, user, name);
1124
1125	done:
1126	/* cleanup */
1127
1128	tdbsam_close();
1129
1130	return nt_status;
1131	}
1132
1133	static NTSTATUS tdbsam_getsampwsid(struct pdb_methods my_methods, struct samu user, const DOM_SID *sid)
1134	{
1135	uint32 rid;
1136
1137	if ( !sid_peek_check_rid(get_global_sam_sid(), sid, &rid) )
1138	return NT_STATUS_UNSUCCESSFUL;
1139
1140	return tdbsam_getsampwrid(my_methods, user, rid);
1141	}
1142
1143	static BOOL tdb_delete_samacct_only( struct samu *sam_pass )
1144	{
1145	TDB_DATA key;
1146	fstring keystr;
1147	fstring name;
1148
1149	fstrcpy(name, pdb_get_username(sam_pass));
1150	strlower_m(name);
1151
1152	/* set the search key */
1153
1154	slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name);
1155	key.dptr = keystr;
1156	key.dsize = strlen (keystr) + 1;
1157
1158	/* it's outaa here! 8^) */
1159
1160	if (tdb_delete(tdbsam, key) != TDB_SUCCESS) {
1161	DEBUG(5, ("Error deleting entry from tdb passwd database!\n"));
1162	DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam)));
1163	return False;
1164	}
1165
1166	return True;
1167	}
1168
1169	/***************************************************************************
1170	Delete a struct samu records for the username and RID key
1171	****************************************************************************/
1172
1173	static NTSTATUS tdbsam_delete_sam_account(struct pdb_methods my_methods, struct samu sam_pass)
1174	{
1175	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
1176	TDB_DATA key;
1177	fstring keystr;
1178	uint32 rid;
1179	fstring name;
1180
1181	/* open the database */
1182
1183	if ( !tdbsam_open( tdbsam_filename ) ) {
1184	DEBUG(0,("tdbsam_delete_sam_account: failed to open %s!\n",
1185	tdbsam_filename));
1186	return NT_STATUS_ACCESS_DENIED;
1187	}
1188
1189	fstrcpy(name, pdb_get_username(sam_pass));
1190	strlower_m(name);
1191
1192	/* set the search key */
1193
1194	slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name);
1195	key.dptr = keystr;
1196	key.dsize = strlen (keystr) + 1;
1197
1198	rid = pdb_get_user_rid(sam_pass);
1199
1200	/* it's outaa here! 8^) */
1201
1202	if ( tdb_delete(tdbsam, key) != TDB_SUCCESS ) {
1203	DEBUG(5, ("Error deleting entry from tdb passwd database!\n"));
1204	DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam)));
1205	nt_status = NT_STATUS_UNSUCCESSFUL;
1206	goto done;
1207	}
1208
1209	/* set the search key */
1210
1211	slprintf(keystr, sizeof(keystr)-1, "%s%.8x", RIDPREFIX, rid);
1212	key.dptr = keystr;
1213	key.dsize = strlen (keystr) + 1;
1214
1215	/* it's outaa here! 8^) */
1216
1217	if ( tdb_delete(tdbsam, key) != TDB_SUCCESS ) {
1218	DEBUG(5, ("Error deleting entry from tdb rid database!\n"));
1219	DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam)));
1220	nt_status = NT_STATUS_UNSUCCESSFUL;
1221	goto done;
1222	}
1223
1224	nt_status = NT_STATUS_OK;
1225
1226	done:
1227	tdbsam_close();
1228
1229	return nt_status;
1230	}
1231
1232
1233	/***************************************************************************
1234	Update the TDB SAM account record only
1235	Assumes that the tdbsam is already open
1236	****************************************************************************/
1237	static BOOL tdb_update_samacct_only( struct samu* newpwd, int flag )
1238	{
1239	TDB_DATA key, data;
1240	uint8 *buf = NULL;
1241	fstring keystr;
1242	fstring name;
1243	BOOL ret = True;
1244
1245	/* copy the struct samu struct into a BYTE buffer for storage */
1246
1247	if ( (data.dsize=init_buffer_from_sam (&buf, newpwd, False)) == -1 ) {
1248	DEBUG(0,("tdb_update_sam: ERROR - Unable to copy struct samu info BYTE buffer!\n"));
1249	ret = False;
1250	goto done;
1251	}
1252	data.dptr = (char *)buf;
1253
1254	fstrcpy(name, pdb_get_username(newpwd));
1255	strlower_m(name);
1256
1257	DEBUG(5, ("Storing %saccount %s with RID %d\n",
1258	flag == TDB_INSERT ? "(new) " : "", name,
1259	pdb_get_user_rid(newpwd)));
1260
1261	/* setup the USER index key */
1262	slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name);
1263	key.dptr = keystr;
1264	key.dsize = strlen(keystr) + 1;
1265
1266	/* add the account */
1267
1268	if ( tdb_store(tdbsam, key, data, flag) != TDB_SUCCESS ) {
1269	DEBUG(0, ("Unable to modify passwd TDB!"));
1270	DEBUGADD(0, (" Error: %s", tdb_errorstr(tdbsam)));
1271	DEBUGADD(0, (" occured while storing the main record (%s)\n",
1272	keystr));
1273	ret = False;
1274	goto done;
1275	}
1276
1277	done:
1278	/* cleanup */
1279	SAFE_FREE(buf);
1280
1281	return ret;
1282	}
1283
1284	/***************************************************************************
1285	Update the TDB SAM RID record only
1286	Assumes that the tdbsam is already open
1287	****************************************************************************/
1288	static BOOL tdb_update_ridrec_only( struct samu* newpwd, int flag )
1289	{
1290	TDB_DATA key, data;
1291	fstring keystr;
1292	fstring name;
1293
1294	fstrcpy(name, pdb_get_username(newpwd));
1295	strlower_m(name);
1296
1297	/* setup RID data */
1298	data.dsize = strlen(name) + 1;
1299	data.dptr = name;
1300
1301	/* setup the RID index key */
1302	slprintf(keystr, sizeof(keystr)-1, "%s%.8x", RIDPREFIX, pdb_get_user_rid(newpwd));
1303	key.dptr = keystr;
1304	key.dsize = strlen (keystr) + 1;
1305
1306	/* add the reference */
1307	if (tdb_store(tdbsam, key, data, flag) != TDB_SUCCESS) {
1308	DEBUG(0, ("Unable to modify TDB passwd !"));
1309	DEBUGADD(0, (" Error: %s\n", tdb_errorstr(tdbsam)));
1310	DEBUGADD(0, (" occured while storing the RID index (%s)\n", keystr));
1311	return False;
1312	}
1313
1314	return True;
1315
1316	}
1317
1318	/***************************************************************************
1319	Update the TDB SAM
1320	****************************************************************************/
1321
1322	static BOOL tdb_update_sam(struct pdb_methods my_methods, struct samu newpwd, int flag)
1323	{
1324	BOOL result = True;
1325
1326	/* invalidate the existing TDB iterator if it is open */
1327
1328	tdbsam_endsampwent( my_methods );
1329
1330	#if 0
1331	if ( !pdb_get_group_rid(newpwd) ) {
1332	DEBUG (0,("tdb_update_sam: Failing to store a struct samu for [%s] "
1333	"without a primary group RID\n", pdb_get_username(newpwd)));
1334	return False;
1335	}
1336	#endif
1337
1338	if (!pdb_get_user_rid(newpwd)) {
1339	DEBUG(0,("tdb_update_sam: struct samu (%s) with no RID!\n", pdb_get_username(newpwd)));
1340	return False;
1341	}
1342
1343	/* open the database */
1344
1345	if ( !tdbsam_open( tdbsam_filename ) ) {
1346	DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
1347	return False;
1348	}
1349
1350	if ( !tdb_update_samacct_only(newpwd, flag) \|\| !tdb_update_ridrec_only(newpwd, flag)) {
1351	result = False;
1352	}
1353
1354	/* cleanup */
1355
1356	tdbsam_close();
1357
1358	return result;
1359	}
1360
1361	/***************************************************************************
1362	Modifies an existing struct samu
1363	****************************************************************************/
1364
1365	static NTSTATUS tdbsam_update_sam_account (struct pdb_methods my_methods, struct samu newpwd)
1366	{
1367	if ( !tdb_update_sam(my_methods, newpwd, TDB_MODIFY) )
1368	return NT_STATUS_UNSUCCESSFUL;
1369
1370	return NT_STATUS_OK;
1371	}
1372
1373	/***************************************************************************
1374	Adds an existing struct samu
1375	****************************************************************************/
1376
1377	static NTSTATUS tdbsam_add_sam_account (struct pdb_methods my_methods, struct samu newpwd)
1378	{
1379	if ( !tdb_update_sam(my_methods, newpwd, TDB_INSERT) )
1380	return NT_STATUS_UNSUCCESSFUL;
1381
1382	return NT_STATUS_OK;
1383	}
1384
1385	/***************************************************************************
1386	Renames a struct samu
1387	- check for the posix user/rename user script
1388	- Add and lock the new user record
1389	- rename the posix user
1390	- rewrite the rid->username record
1391	- delete the old user
1392	- unlock the new user record
1393	***************************************************************************/
1394	static NTSTATUS tdbsam_rename_sam_account(struct pdb_methods *my_methods,
1395	struct samu *old_acct,
1396	const char *newname)
1397	{
1398	struct samu *new_acct = NULL;
1399	pstring rename_script;
1400	BOOL interim_account = False;
1401	int rename_ret;
1402	fstring oldname_lower;
1403	fstring newname_lower;
1404
1405	/* can't do anything without an external script */
1406
1407	pstrcpy(rename_script, lp_renameuser_script() );
1408	if ( ! *rename_script ) {
1409	return NT_STATUS_ACCESS_DENIED;
1410	}
1411
1412	/* invalidate the existing TDB iterator if it is open */
1413
1414	tdbsam_endsampwent( my_methods );
1415
1416	if ( !(new_acct = samu_new( NULL )) ) {
1417	return NT_STATUS_NO_MEMORY;
1418	}
1419
1420	if ( !pdb_copy_sam_account(new_acct, old_acct)
1421	\|\| !pdb_set_username(new_acct, newname, PDB_CHANGED))
1422	{
1423	TALLOC_FREE(new_acct );
1424	return NT_STATUS_NO_MEMORY;
1425	}
1426
1427	/* open the database */
1428
1429	if ( !tdbsam_open( tdbsam_filename ) ) {
1430	DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
1431	TALLOC_FREE(new_acct );
1432	return NT_STATUS_ACCESS_DENIED;
1433	}
1434
1435	/* add the new account and lock it */
1436
1437	if ( !tdb_update_samacct_only(new_acct, TDB_INSERT) ) {
1438	goto done;
1439	}
1440
1441	interim_account = True;
1442
1443	if ( tdb_lock_bystring_with_timeout(tdbsam, newname, 30) == -1 ) {
1444	goto done;
1445	}
1446
1447	/* Rename the posix user. Follow the semantics of _samr_create_user()
1448	so that we lower case the posix name but preserve the case in passdb */
1449
1450	fstrcpy( oldname_lower, pdb_get_username(old_acct) );
1451	strlower_m( oldname_lower );
1452
1453	fstrcpy( newname_lower, newname );
1454	strlower_m( newname_lower );
1455
1456	string_sub2(rename_script, "%unew", newname_lower, sizeof(pstring),
1457	True, False, True);
1458	string_sub2(rename_script, "%uold", oldname_lower, sizeof(pstring),
1459	True, False, True);
1460	rename_ret = smbrun(rename_script, NULL);
1461
1462	DEBUG(rename_ret ? 0 : 3,("Running the command `%s' gave %d\n", rename_script, rename_ret));
1463
1464	if (rename_ret == 0) {
1465	smb_nscd_flush_user_cache();
1466	}
1467
1468	if (rename_ret) {
1469	goto done;
1470	}
1471
1472	/* rewrite the rid->username record */
1473
1474	if ( !tdb_update_ridrec_only( new_acct, TDB_MODIFY) ) {
1475	goto done;
1476	}
1477	interim_account = False;
1478	tdb_unlock_bystring( tdbsam, newname );
1479
1480	tdb_delete_samacct_only( old_acct );
1481
1482	tdbsam_close();
1483
1484	TALLOC_FREE(new_acct );
1485	return NT_STATUS_OK;
1486
1487	done:
1488	/* cleanup */
1489	if (interim_account) {
1490	tdb_unlock_bystring(tdbsam, newname);
1491	tdb_delete_samacct_only(new_acct);
1492	}
1493
1494	tdbsam_close();
1495
1496	if (new_acct)
1497	TALLOC_FREE(new_acct);
1498
1499	return NT_STATUS_ACCESS_DENIED;
1500	}
1501
1502	static BOOL tdbsam_rid_algorithm(struct pdb_methods *methods)
1503	{
1504	return False;
1505	}
1506
1507	/*
1508	* Historically, winbind was responsible for allocating RIDs, so the next RID
1509	* value was stored in winbindd_idmap.tdb. It has been moved to passdb now,
1510	* but for compatibility reasons we still keep the the next RID counter in
1511	* winbindd_idmap.tdb.
1512	*/
1513
1514	/*****************************************************************************
1515	Initialise idmap database. For now (Dec 2005) this is a copy of the code in
1516	sam/idmap_tdb.c. Maybe at a later stage we can remove that capability from
1517	winbind completely and store the RID counter in passdb.tdb.
1518
1519	Dont' fully initialize with the HWM values, if it's new, we're only
1520	interested in the RID counter.
1521	*****************************************************************************/
1522
1523	static BOOL init_idmap_tdb(TDB_CONTEXT *tdb)
1524	{
1525	int32 version;
1526
1527	if (tdb_lock_bystring(tdb, "IDMAP_VERSION") != 0) {
1528	DEBUG(0, ("Could not lock IDMAP_VERSION\n"));
1529	return False;
1530	}
1531
1532	version = tdb_fetch_int32(tdb, "IDMAP_VERSION");
1533
1534	if (version == -1) {
1535	/* No key found, must be a new db */
1536	if (tdb_store_int32(tdb, "IDMAP_VERSION",
1537	IDMAP_VERSION) != 0) {
1538	DEBUG(0, ("Could not store IDMAP_VERSION\n"));
1539	tdb_unlock_bystring(tdb, "IDMAP_VERSION");
1540	return False;
1541	}
1542	version = IDMAP_VERSION;
1543	}
1544
1545	if (version != IDMAP_VERSION) {
1546	DEBUG(0, ("Expected IDMAP_VERSION=%d, found %d. Please "
1547	"start winbind once\n", IDMAP_VERSION, version));
1548	tdb_unlock_bystring(tdb, "IDMAP_VERSION");
1549	return False;
1550	}
1551
1552	tdb_unlock_bystring(tdb, "IDMAP_VERSION");
1553	return True;
1554	}
1555
1556	static BOOL tdbsam_new_rid(struct pdb_methods methods, uint32 prid)
1557	{
1558	TDB_CONTEXT *tdb;
1559	uint32 rid;
1560	BOOL ret = False;
1561
1562	tdb = tdb_open_log(lock_path("winbindd_idmap.tdb"), 0,
1563	TDB_DEFAULT, O_RDWR \| O_CREAT, 0644);
1564
1565	if (tdb == NULL) {
1566	DEBUG(1, ("Could not open idmap: %s\n", strerror(errno)));
1567	goto done;
1568	}
1569
1570	if (!init_idmap_tdb(tdb)) {
1571	DEBUG(1, ("Could not init idmap\n"));
1572	goto done;
1573	}
1574
1575	rid = BASE_RID; /* Default if not set */
1576
1577	if (!tdb_change_uint32_atomic(tdb, "RID_COUNTER", &rid, 1)) {
1578	DEBUG(3, ("tdbsam_new_rid: Failed to increase RID_COUNTER\n"));
1579	goto done;
1580	}
1581
1582	*prid = rid;
1583	ret = True;
1584
1585	done:
1586	if ((tdb != NULL) && (tdb_close(tdb) != 0)) {
1587	smb_panic("tdb_close(idmap_tdb) failed\n");
1588	}
1589
1590	return ret;
1591	}
1592
1593	/*********************************************************************
1594	Initialize the tdb sam backend. Setup the dispath table of methods,
1595	open the tdb, etc...
1596	*********************************************************************/
1597
1598	static NTSTATUS pdb_init_tdbsam(struct pdb_methods *pdb_method, const char location)
1599	{
1600	NTSTATUS nt_status;
1601	pstring tdbfile;
1602	const char *pfile = location;
1603
1604	if (!NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method ))) {
1605	return nt_status;
1606	}
1607
1608	(*pdb_method)->name = "tdbsam";
1609
1610	(*pdb_method)->setsampwent = tdbsam_setsampwent;
1611	(*pdb_method)->endsampwent = tdbsam_endsampwent;
1612	(*pdb_method)->getsampwent = tdbsam_getsampwent;
1613	(*pdb_method)->getsampwnam = tdbsam_getsampwnam;
1614	(*pdb_method)->getsampwsid = tdbsam_getsampwsid;
1615	(*pdb_method)->add_sam_account = tdbsam_add_sam_account;
1616	(*pdb_method)->update_sam_account = tdbsam_update_sam_account;
1617	(*pdb_method)->delete_sam_account = tdbsam_delete_sam_account;
1618	(*pdb_method)->rename_sam_account = tdbsam_rename_sam_account;
1619
1620	(*pdb_method)->rid_algorithm = tdbsam_rid_algorithm;
1621	(*pdb_method)->new_rid = tdbsam_new_rid;
1622
1623	/* save the path for later */
1624
1625	if ( !location ) {
1626	pstr_sprintf( tdbfile, "%s/%s", lp_private_dir(), PASSDB_FILE_NAME );
1627	pfile = tdbfile;
1628	}
1629	pstrcpy( tdbsam_filename, pfile );
1630
1631	/* no private data */
1632
1633	(*pdb_method)->private_data = NULL;
1634	(*pdb_method)->free_private_data = NULL;
1635
1636	return NT_STATUS_OK;
1637	}
1638
1639	NTSTATUS pdb_tdbsam_init(void)
1640	{
1641	return smb_register_passdb(PASSDB_INTERFACE_VERSION, "tdbsam", pdb_init_tdbsam);
1642	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk-3.0/source/passdb/pdb_tdb.c@ 101

Download in other formats: