source: vendor/3.5.7/source3/libsmb/samlogon_cache.c

Last change on this file was 414, checked in by Herwig Bauernfeind, 16 years ago

Samba 3.5.0: Initial import
File size: 7.5 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 Net_sam_logon info3 helpers
4 Copyright (C) Alexander Bokovoy 2002.
5 Copyright (C) Andrew Bartlett 2002.
6 Copyright (C) Gerald Carter 2003.
7 Copyright (C) Tim Potter 2003.
8 Copyright (C) Guenther Deschner 2008.
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
22*/
23
24#include "includes.h"
25#include "librpc/gen_ndr/ndr_krb5pac.h"
26
27#define NETSAMLOGON_TDB "netsamlogon_cache.tdb"
28
29static TDB_CONTEXT *netsamlogon_tdb = NULL;
30
31/***********************************************************************
32 open the tdb
33 ***********************************************************************/
34
35bool netsamlogon_cache_init(void)
36{
37 bool first_try = true;
38 const char *path = NULL;
39 int ret;
40 struct tdb_context *tdb;
41
42 if (netsamlogon_tdb) {
43 return true;
44 }
45
46 path = cache_path(NETSAMLOGON_TDB);
47again:
48 tdb = tdb_open_log(path, 0, TDB_DEFAULT,
49 O_RDWR | O_CREAT, 0600);
50 if (tdb == NULL) {
51 DEBUG(0,("tdb_open_log('%s') - failed\n", path));
52 goto clear;
53 }
54
55 ret = tdb_check(tdb, NULL, NULL);
56 if (ret != 0) {
57 tdb_close(tdb);
58 DEBUG(0,("tdb_check('%s') - failed\n", path));
59 goto clear;
60 }
61
62 netsamlogon_tdb = tdb;
63 return true;
64
65clear:
66 if (!first_try) {
67 return false;
68 }
69 first_try = false;
70
71 DEBUG(0,("retry after CLEAR_IF_FIRST for '%s'\n", path));
72 tdb = tdb_open_log(path, 0, TDB_CLEAR_IF_FIRST,
73 O_RDWR | O_CREAT, 0600);
74 if (tdb) {
75 tdb_close(tdb);
76 goto again;
77 }
78 DEBUG(0,("tdb_open_log(%s) with CLEAR_IF_FIRST - failed\n", path));
79
80 return false;
81}
82
83
84/***********************************************************************
85 Shutdown samlogon_cache database
86***********************************************************************/
87
88bool netsamlogon_cache_shutdown(void)
89{
90 if (netsamlogon_tdb) {
91 return (tdb_close(netsamlogon_tdb) == 0);
92 }
93
94 return true;
95}
96
97/***********************************************************************
98 Clear cache getpwnam and getgroups entries from the winbindd cache
99***********************************************************************/
100
101void netsamlogon_clear_cached_user(struct netr_SamInfo3 *info3)
102{
103 DOM_SID user_sid;
104 fstring keystr, tmp;
105
106 if (!info3) {
107 return;
108 }
109
110 if (!netsamlogon_cache_init()) {
111 DEBUG(0,("netsamlogon_clear_cached_user: cannot open "
112 "%s for write!\n",
113 NETSAMLOGON_TDB));
114 return;
115 }
116 sid_copy(&user_sid, info3->base.domain_sid);
117 sid_append_rid(&user_sid, info3->base.rid);
118
119 /* Prepare key as DOMAIN-SID/USER-RID string */
120 slprintf(keystr, sizeof(keystr), "%s", sid_to_fstring(tmp, &user_sid));
121
122 DEBUG(10,("netsamlogon_clear_cached_user: SID [%s]\n", keystr));
123
124 tdb_delete_bystring(netsamlogon_tdb, keystr);
125}
126
127/***********************************************************************
128 Store a netr_SamInfo3 structure in a tdb for later user
129 username should be in UTF-8 format
130***********************************************************************/
131
132bool netsamlogon_cache_store(const char *username, struct netr_SamInfo3 *info3)
133{
134 TDB_DATA data;
135 fstring keystr, tmp;
136 bool result = false;
137 DOM_SID user_sid;
138 time_t t = time(NULL);
139 TALLOC_CTX *mem_ctx;
140 DATA_BLOB blob;
141 enum ndr_err_code ndr_err;
142 struct netsamlogoncache_entry r;
143
144 if (!info3) {
145 return false;
146 }
147
148 if (!netsamlogon_cache_init()) {
149 DEBUG(0,("netsamlogon_cache_store: cannot open %s for write!\n",
150 NETSAMLOGON_TDB));
151 return false;
152 }
153
154 sid_copy(&user_sid, info3->base.domain_sid);
155 sid_append_rid(&user_sid, info3->base.rid);
156
157 /* Prepare key as DOMAIN-SID/USER-RID string */
158 slprintf(keystr, sizeof(keystr), "%s", sid_to_fstring(tmp, &user_sid));
159
160 DEBUG(10,("netsamlogon_cache_store: SID [%s]\n", keystr));
161
162 /* Prepare data */
163
164 if (!(mem_ctx = TALLOC_P( NULL, int))) {
165 DEBUG(0,("netsamlogon_cache_store: talloc() failed!\n"));
166 return false;
167 }
168
169 /* only Samba fills in the username, not sure why NT doesn't */
170 /* so we fill it in since winbindd_getpwnam() makes use of it */
171
172 if (!info3->base.account_name.string) {
173 info3->base.account_name.string = talloc_strdup(info3, username);
174 }
175
176 r.timestamp = t;
177 r.info3 = *info3;
178
179 if (DEBUGLEVEL >= 10) {
180 NDR_PRINT_DEBUG(netsamlogoncache_entry, &r);
181 }
182
183 ndr_err = ndr_push_struct_blob(&blob, mem_ctx, NULL, &r,
184 (ndr_push_flags_fn_t)ndr_push_netsamlogoncache_entry);
185 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
186 DEBUG(0,("netsamlogon_cache_store: failed to push entry to cache\n"));
187 TALLOC_FREE(mem_ctx);
188 return false;
189 }
190
191 data.dsize = blob.length;
192 data.dptr = blob.data;
193
194 if (tdb_store_bystring(netsamlogon_tdb, keystr, data, TDB_REPLACE) != -1) {
195 result = true;
196 }
197
198 TALLOC_FREE(mem_ctx);
199
200 return result;
201}
202
203/***********************************************************************
204 Retrieves a netr_SamInfo3 structure from a tdb. Caller must
205 free the user_info struct (malloc()'d memory)
206***********************************************************************/
207
208struct netr_SamInfo3 *netsamlogon_cache_get(TALLOC_CTX *mem_ctx, const DOM_SID *user_sid)
209{
210 struct netr_SamInfo3 *info3 = NULL;
211 TDB_DATA data;
212 fstring keystr, tmp;
213 enum ndr_err_code ndr_err;
214 DATA_BLOB blob;
215 struct netsamlogoncache_entry r;
216
217 if (!netsamlogon_cache_init()) {
218 DEBUG(0,("netsamlogon_cache_get: cannot open %s for write!\n",
219 NETSAMLOGON_TDB));
220 return false;
221 }
222
223 /* Prepare key as DOMAIN-SID/USER-RID string */
224 slprintf(keystr, sizeof(keystr), "%s", sid_to_fstring(tmp, user_sid));
225 DEBUG(10,("netsamlogon_cache_get: SID [%s]\n", keystr));
226 data = tdb_fetch_bystring( netsamlogon_tdb, keystr );
227
228 if (!data.dptr) {
229 return NULL;
230 }
231
232 info3 = TALLOC_ZERO_P(mem_ctx, struct netr_SamInfo3);
233 if (!info3) {
234 goto done;
235 }
236
237 blob = data_blob_const(data.dptr, data.dsize);
238
239 ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, NULL, &r,
240 (ndr_pull_flags_fn_t)ndr_pull_netsamlogoncache_entry);
241
242 if (DEBUGLEVEL >= 10) {
243 NDR_PRINT_DEBUG(netsamlogoncache_entry, &r);
244 }
245
246 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
247 DEBUG(0,("netsamlogon_cache_get: failed to pull entry from cache\n"));
248 tdb_delete(netsamlogon_tdb, data);
249 TALLOC_FREE(info3);
250 goto done;
251 }
252
253 info3 = (struct netr_SamInfo3 *)talloc_memdup(mem_ctx, &r.info3,
254 sizeof(r.info3));
255
256 done:
257 SAFE_FREE(data.dptr);
258
259 return info3;
260
261#if 0 /* The netsamlogon cache needs to hang around. Something about
262 this feels wrong, but it is the only way we can get all of the
263 groups. The old universal groups cache didn't expire either.
264 --jerry */
265 {
266 time_t now = time(NULL);
267 uint32 time_diff;
268
269 /* is the entry expired? */
270 time_diff = now - t;
271
272 if ( (time_diff < 0 ) || (time_diff > lp_winbind_cache_time()) ) {
273 DEBUG(10,("netsamlogon_cache_get: cache entry expired \n"));
274 tdb_delete( netsamlogon_tdb, key );
275 TALLOC_FREE( user );
276 }
277 }
278#endif
279}
280
281bool netsamlogon_cache_have(const DOM_SID *user_sid)
282{
283 TALLOC_CTX *mem_ctx = talloc_init("netsamlogon_cache_have");
284 struct netr_SamInfo3 *info3 = NULL;
285 bool result;
286
287 if (!mem_ctx)
288 return False;
289
290 info3 = netsamlogon_cache_get(mem_ctx, user_sid);
291
292 result = (info3 != NULL);
293
294 talloc_destroy(mem_ctx);
295
296 return result;
297}
Note: See TracBrowser for help on using the repository browser.