← Back to branch summary

~ubuntu-branches/ubuntu/gutsy/samba/gutsy-updates

« back to all changes in this revision

Viewing changes to source/passdb/pdb_tdb.c

  • Committer: Bazaar Package Importer
  • Author(s): Andrew Mitchell
  • Date: 2006-11-28 20:14:37 UTC
  • mfrom: (0.10.1 upstream)
  • Revision ID: james.westby@ubuntu.com-20061128201437-a6x4lzlhempazocp
Tags: 3.0.23d-1ubuntu1
* Merge from debian unstable.
* Drop python2.4-samba, replace with python-samba. Added Conflicts/Replaces
  on python2.4-samba
* Drop track-connection-dos.patch, ubuntu-winbind-panic.patch, 
  ubuntu-fix-ldap.patch, ubuntu-setlocale.patch, ubuntu-setlocale-fixes.patch
* Remaining Ubuntu changes:
  - Revert Debian's installation of mount.cifs and umount.cifs as suid
  - Comment out the default [homes] shares and add more verbose comments to
    explain what they do and how they work (closes: launchpad.net/27608)
  - Add a "valid users = %S" stanza to the commented-out [homes] section, to
    show users how to restrict access to \\server\username to only username.
  - Change the (commented-out) "printer admin" example to use "@lpadmin"
    instead of "@ntadmin", since the lpadmin group is used for spool admin.
  - Alter the panic-action script to encourage users to report their
    bugs in Ubuntu packages to Ubuntu, rather than reporting to Debian.
    Modify text to more closely match the Debian script
  - Munge our init script to deal with the fact that our implementation
    (or lack thereof) of log_daemon_msg and log_progress_msg differs
    from Debian's implementation of the same (Ubuntu #19691)
  - Kept ubuntu-auxsrc.patch: some auxilliary sources (undocumented in 
    previous changelogs)
  - Set default workgroup to MSHOME

Show diffs side-by-side

added added

removed removed

Lines of Context:
source/passdb/pdb_tdb.c
3
3
 * SMB parameters and setup
4
4
 * Copyright (C) Andrew Tridgell   1992-1998
5
5
 * Copyright (C) Simo Sorce        2000-2003
6
 
 * Copyright (C) Gerald Carter     2000
 
6
 * Copyright (C) Gerald Carter     2000-2006
7
7
 * Copyright (C) Jeremy Allison    2001
8
8
 * Copyright (C) Andrew Bartlett   2002
9
9
 * Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2005
38
38
 
39
39
#endif
40
40
 
41
 
#define TDBSAM_VERSION  2       /* Most recent TDBSAM version */
 
41
#define TDBSAM_VERSION  3       /* Most recent TDBSAM version */
42
42
#define TDBSAM_VERSION_STRING   "INFO/version"
43
43
#define PASSDB_FILE_NAME        "passdb.tdb"
44
44
#define USERPREFIX              "USER_"
45
45
#define RIDPREFIX               "RID_"
46
46
#define PRIVPREFIX              "PRIV_"
47
 
#define tdbsamver_t     int32
48
 
 
49
 
struct tdbsam_privates {
50
 
        TDB_CONTEXT     *passwd_tdb;
51
 
 
52
 
        /* retrive-once info */
53
 
        const char *tdbsam_location;
54
 
};
55
47
 
56
48
struct pwent_list {
57
49
        struct pwent_list *prev, *next;
58
50
        TDB_DATA key;
59
51
};
60
52
static struct pwent_list *tdbsam_pwent_list;
61
 
 
62
 
 
63
 
/**
64
 
 * Convert old TDBSAM to the latest version.
65
 
 * @param pdb_tdb A pointer to the opened TDBSAM file which must be converted. 
66
 
 *                This file must be opened with read/write access.
67
 
 * @param from Current version of the TDBSAM file.
68
 
 * @return True if the conversion has been successful, false otherwise. 
69
 
 **/
70
 
 
71
 
static BOOL tdbsam_convert(TDB_CONTEXT *pdb_tdb, tdbsamver_t from) 
72
 
{
73
 
        const char * vstring = TDBSAM_VERSION_STRING;
74
 
        SAM_ACCOUNT *user = NULL;
75
 
        const char *prefix = USERPREFIX;
 
53
static BOOL pwent_initialized;
 
54
 
 
55
/* GLOBAL TDB SAM CONTEXT */
 
56
 
 
57
static TDB_CONTEXT *tdbsam;
 
58
static int ref_count = 0;
 
59
static pstring tdbsam_filename;
 
60
 
 
61
/**********************************************************************
 
62
 Marshall/unmarshall struct samu structs.
 
63
 *********************************************************************/
 
64
 
 
65
#define TDB_FORMAT_STRING_V0       "ddddddBBBBBBBBBBBBddBBwdwdBwwd"
 
66
#define TDB_FORMAT_STRING_V1       "dddddddBBBBBBBBBBBBddBBwdwdBwwd"
 
67
#define TDB_FORMAT_STRING_V2       "dddddddBBBBBBBBBBBBddBBBwwdBwwd"
 
68
 
 
69
/*********************************************************************
 
70
*********************************************************************/
 
71
 
 
72
static BOOL init_sam_from_buffer_v0(struct samu *sampass, uint8 *buf, uint32 buflen)
 
73
{
 
74
 
 
75
        /* times are stored as 32bit integer
 
76
           take care on system with 64bit wide time_t
 
77
           --SSS */
 
78
        uint32  logon_time,
 
79
                logoff_time,
 
80
                kickoff_time,
 
81
                pass_last_set_time,
 
82
                pass_can_change_time,
 
83
                pass_must_change_time;
 
84
        char *username = NULL;
 
85
        char *domain = NULL;
 
86
        char *nt_username = NULL;
 
87
        char *dir_drive = NULL;
 
88
        char *unknown_str = NULL;
 
89
        char *munged_dial = NULL;
 
90
        char *fullname = NULL;
 
91
        char *homedir = NULL;
 
92
        char *logon_script = NULL;
 
93
        char *profile_path = NULL;
 
94
        char *acct_desc = NULL;
 
95
        char *workstations = NULL;
 
96
        uint32  username_len, domain_len, nt_username_len,
 
97
                dir_drive_len, unknown_str_len, munged_dial_len,
 
98
                fullname_len, homedir_len, logon_script_len,
 
99
                profile_path_len, acct_desc_len, workstations_len;
 
100
                
 
101
        uint32  user_rid, group_rid, remove_me, hours_len, unknown_6;
 
102
        uint16  acct_ctrl, logon_divs;
 
103
        uint16  bad_password_count, logon_count;
 
104
        uint8   *hours = NULL;
 
105
        uint8   *lm_pw_ptr = NULL, *nt_pw_ptr = NULL;
 
106
        uint32          len = 0;
 
107
        uint32          lm_pw_len, nt_pw_len, hourslen;
 
108
        BOOL ret = True;
 
109
        
 
110
        if(sampass == NULL || buf == NULL) {
 
111
                DEBUG(0, ("init_sam_from_buffer_v0: NULL parameters found!\n"));
 
112
                return False;
 
113
        }
 
114
 
 
115
/* TDB_FORMAT_STRING_V0       "ddddddBBBBBBBBBBBBddBBwdwdBwwd" */
 
116
 
 
117
        /* unpack the buffer into variables */
 
118
        len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V0,
 
119
                &logon_time,                                            /* d */
 
120
                &logoff_time,                                           /* d */
 
121
                &kickoff_time,                                          /* d */
 
122
                &pass_last_set_time,                                    /* d */
 
123
                &pass_can_change_time,                                  /* d */
 
124
                &pass_must_change_time,                                 /* d */
 
125
                &username_len, &username,                               /* B */
 
126
                &domain_len, &domain,                                   /* B */
 
127
                &nt_username_len, &nt_username,                         /* B */
 
128
                &fullname_len, &fullname,                               /* B */
 
129
                &homedir_len, &homedir,                                 /* B */
 
130
                &dir_drive_len, &dir_drive,                             /* B */
 
131
                &logon_script_len, &logon_script,                       /* B */
 
132
                &profile_path_len, &profile_path,                       /* B */
 
133
                &acct_desc_len, &acct_desc,                             /* B */
 
134
                &workstations_len, &workstations,                       /* B */
 
135
                &unknown_str_len, &unknown_str,                         /* B */
 
136
                &munged_dial_len, &munged_dial,                         /* B */
 
137
                &user_rid,                                              /* d */
 
138
                &group_rid,                                             /* d */
 
139
                &lm_pw_len, &lm_pw_ptr,                                 /* B */
 
140
                &nt_pw_len, &nt_pw_ptr,                                 /* B */
 
141
                &acct_ctrl,                                             /* w */
 
142
                &remove_me, /* remove on the next TDB_FORMAT upgarde */ /* d */
 
143
                &logon_divs,                                            /* w */
 
144
                &hours_len,                                             /* d */
 
145
                &hourslen, &hours,                                      /* B */
 
146
                &bad_password_count,                                    /* w */
 
147
                &logon_count,                                           /* w */
 
148
                &unknown_6);                                            /* d */
 
149
                
 
150
        if (len == (uint32) -1)  {
 
151
                ret = False;
 
152
                goto done;
 
153
        }
 
154
 
 
155
        pdb_set_logon_time(sampass, logon_time, PDB_SET);
 
156
        pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
 
157
        pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
 
158
        pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
 
159
        pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
 
160
        pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
 
161
 
 
162
        pdb_set_username(sampass, username, PDB_SET); 
 
163
        pdb_set_domain(sampass, domain, PDB_SET);
 
164
        pdb_set_nt_username(sampass, nt_username, PDB_SET);
 
165
        pdb_set_fullname(sampass, fullname, PDB_SET);
 
166
 
 
167
        if (homedir) {
 
168
                pdb_set_homedir(sampass, homedir, PDB_SET);
 
169
        }
 
170
        else {
 
171
                pdb_set_homedir(sampass, 
 
172
                        talloc_sub_basic(sampass, username, lp_logon_home()),
 
173
                        PDB_DEFAULT);
 
174
        }
 
175
 
 
176
        if (dir_drive)  
 
177
                pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
 
178
        else {
 
179
                pdb_set_dir_drive(sampass, 
 
180
                        talloc_sub_basic(sampass,  username, lp_logon_drive()),
 
181
                        PDB_DEFAULT);
 
182
        }
 
183
 
 
184
        if (logon_script) 
 
185
                pdb_set_logon_script(sampass, logon_script, PDB_SET);
 
186
        else {
 
187
                pdb_set_logon_script(sampass, 
 
188
                        talloc_sub_basic(sampass, username, lp_logon_script()),
 
189
                        PDB_DEFAULT);
 
190
        }
 
191
        
 
192
        if (profile_path) {     
 
193
                pdb_set_profile_path(sampass, profile_path, PDB_SET);
 
194
        } else {
 
195
                pdb_set_profile_path(sampass, 
 
196
                        talloc_sub_basic(sampass, username, lp_logon_path()),
 
197
                        PDB_DEFAULT);
 
198
        }
 
199
 
 
200
        pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
 
201
        pdb_set_workstations(sampass, workstations, PDB_SET);
 
202
        pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
 
203
 
 
204
        if (lm_pw_ptr && lm_pw_len == LM_HASH_LEN) {
 
205
                if (!pdb_set_lanman_passwd(sampass, lm_pw_ptr, PDB_SET)) {
 
206
                        ret = False;
 
207
                        goto done;
 
208
                }
 
209
        }
 
210
 
 
211
        if (nt_pw_ptr && nt_pw_len == NT_HASH_LEN) {
 
212
                if (!pdb_set_nt_passwd(sampass, nt_pw_ptr, PDB_SET)) {
 
213
                        ret = False;
 
214
                        goto done;
 
215
                }
 
216
        }
 
217
 
 
218
        pdb_set_pw_history(sampass, NULL, 0, PDB_SET);
 
219
        pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
 
220
        pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET);
 
221
        pdb_set_hours_len(sampass, hours_len, PDB_SET);
 
222
        pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
 
223
        pdb_set_logon_count(sampass, logon_count, PDB_SET);
 
224
        pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
 
225
        pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
 
226
        pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
 
227
        pdb_set_hours(sampass, hours, PDB_SET);
 
228
 
 
229
done:
 
230
 
 
231
        SAFE_FREE(username);
 
232
        SAFE_FREE(domain);
 
233
        SAFE_FREE(nt_username);
 
234
        SAFE_FREE(fullname);
 
235
        SAFE_FREE(homedir);
 
236
        SAFE_FREE(dir_drive);
 
237
        SAFE_FREE(logon_script);
 
238
        SAFE_FREE(profile_path);
 
239
        SAFE_FREE(acct_desc);
 
240
        SAFE_FREE(workstations);
 
241
        SAFE_FREE(munged_dial);
 
242
        SAFE_FREE(unknown_str);
 
243
        SAFE_FREE(lm_pw_ptr);
 
244
        SAFE_FREE(nt_pw_ptr);
 
245
        SAFE_FREE(hours);
 
246
 
 
247
        return ret;
 
248
}
 
249
 
 
250
/*********************************************************************
 
251
*********************************************************************/
 
252
 
 
253
static BOOL init_sam_from_buffer_v1(struct samu *sampass, uint8 *buf, uint32 buflen)
 
254
{
 
255
 
 
256
        /* times are stored as 32bit integer
 
257
           take care on system with 64bit wide time_t
 
258
           --SSS */
 
259
        uint32  logon_time,
 
260
                logoff_time,
 
261
                kickoff_time,
 
262
                bad_password_time,
 
263
                pass_last_set_time,
 
264
                pass_can_change_time,
 
265
                pass_must_change_time;
 
266
        char *username = NULL;
 
267
        char *domain = NULL;
 
268
        char *nt_username = NULL;
 
269
        char *dir_drive = NULL;
 
270
        char *unknown_str = NULL;
 
271
        char *munged_dial = NULL;
 
272
        char *fullname = NULL;
 
273
        char *homedir = NULL;
 
274
        char *logon_script = NULL;
 
275
        char *profile_path = NULL;
 
276
        char *acct_desc = NULL;
 
277
        char *workstations = NULL;
 
278
        uint32  username_len, domain_len, nt_username_len,
 
279
                dir_drive_len, unknown_str_len, munged_dial_len,
 
280
                fullname_len, homedir_len, logon_script_len,
 
281
                profile_path_len, acct_desc_len, workstations_len;
 
282
                
 
283
        uint32  user_rid, group_rid, remove_me, hours_len, unknown_6;
 
284
        uint16  acct_ctrl, logon_divs;
 
285
        uint16  bad_password_count, logon_count;
 
286
        uint8   *hours = NULL;
 
287
        uint8   *lm_pw_ptr = NULL, *nt_pw_ptr = NULL;
 
288
        uint32          len = 0;
 
289
        uint32          lm_pw_len, nt_pw_len, hourslen;
 
290
        BOOL ret = True;
 
291
        
 
292
        if(sampass == NULL || buf == NULL) {
 
293
                DEBUG(0, ("init_sam_from_buffer_v1: NULL parameters found!\n"));
 
294
                return False;
 
295
        }
 
296
 
 
297
/* TDB_FORMAT_STRING_V1       "dddddddBBBBBBBBBBBBddBBwdwdBwwd" */
 
298
 
 
299
        /* unpack the buffer into variables */
 
300
        len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V1,
 
301
                &logon_time,                                            /* d */
 
302
                &logoff_time,                                           /* d */
 
303
                &kickoff_time,                                          /* d */
 
304
                /* Change from V0 is addition of bad_password_time field. */
 
305
                &bad_password_time,                                     /* d */
 
306
                &pass_last_set_time,                                    /* d */
 
307
                &pass_can_change_time,                                  /* d */
 
308
                &pass_must_change_time,                                 /* d */
 
309
                &username_len, &username,                               /* B */
 
310
                &domain_len, &domain,                                   /* B */
 
311
                &nt_username_len, &nt_username,                         /* B */
 
312
                &fullname_len, &fullname,                               /* B */
 
313
                &homedir_len, &homedir,                                 /* B */
 
314
                &dir_drive_len, &dir_drive,                             /* B */
 
315
                &logon_script_len, &logon_script,                       /* B */
 
316
                &profile_path_len, &profile_path,                       /* B */
 
317
                &acct_desc_len, &acct_desc,                             /* B */
 
318
                &workstations_len, &workstations,                       /* B */
 
319
                &unknown_str_len, &unknown_str,                         /* B */
 
320
                &munged_dial_len, &munged_dial,                         /* B */
 
321
                &user_rid,                                              /* d */
 
322
                &group_rid,                                             /* d */
 
323
                &lm_pw_len, &lm_pw_ptr,                                 /* B */
 
324
                &nt_pw_len, &nt_pw_ptr,                                 /* B */
 
325
                &acct_ctrl,                                             /* w */
 
326
                &remove_me,                                             /* d */
 
327
                &logon_divs,                                            /* w */
 
328
                &hours_len,                                             /* d */
 
329
                &hourslen, &hours,                                      /* B */
 
330
                &bad_password_count,                                    /* w */
 
331
                &logon_count,                                           /* w */
 
332
                &unknown_6);                                            /* d */
 
333
                
 
334
        if (len == (uint32) -1)  {
 
335
                ret = False;
 
336
                goto done;
 
337
        }
 
338
 
 
339
        pdb_set_logon_time(sampass, logon_time, PDB_SET);
 
340
        pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
 
341
        pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
 
342
 
 
343
        /* Change from V0 is addition of bad_password_time field. */
 
344
        pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET);
 
345
        pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
 
346
        pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
 
347
        pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
 
348
 
 
349
        pdb_set_username(sampass, username, PDB_SET); 
 
350
        pdb_set_domain(sampass, domain, PDB_SET);
 
351
        pdb_set_nt_username(sampass, nt_username, PDB_SET);
 
352
        pdb_set_fullname(sampass, fullname, PDB_SET);
 
353
 
 
354
        if (homedir) {
 
355
                pdb_set_homedir(sampass, homedir, PDB_SET);
 
356
        }
 
357
        else {
 
358
                pdb_set_homedir(sampass, 
 
359
                        talloc_sub_basic(sampass, username, lp_logon_home()),
 
360
                        PDB_DEFAULT);
 
361
        }
 
362
 
 
363
        if (dir_drive)  
 
364
                pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
 
365
        else {
 
366
                pdb_set_dir_drive(sampass, 
 
367
                        talloc_sub_basic(sampass,  username, lp_logon_drive()),
 
368
                        PDB_DEFAULT);
 
369
        }
 
370
 
 
371
        if (logon_script) 
 
372
                pdb_set_logon_script(sampass, logon_script, PDB_SET);
 
373
        else {
 
374
                pdb_set_logon_script(sampass, 
 
375
                        talloc_sub_basic(sampass, username, lp_logon_script()),
 
376
                        PDB_DEFAULT);
 
377
        }
 
378
        
 
379
        if (profile_path) {     
 
380
                pdb_set_profile_path(sampass, profile_path, PDB_SET);
 
381
        } else {
 
382
                pdb_set_profile_path(sampass, 
 
383
                        talloc_sub_basic(sampass, username, lp_logon_path()),
 
384
                        PDB_DEFAULT);
 
385
        }
 
386
 
 
387
        pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
 
388
        pdb_set_workstations(sampass, workstations, PDB_SET);
 
389
        pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
 
390
 
 
391
        if (lm_pw_ptr && lm_pw_len == LM_HASH_LEN) {
 
392
                if (!pdb_set_lanman_passwd(sampass, lm_pw_ptr, PDB_SET)) {
 
393
                        ret = False;
 
394
                        goto done;
 
395
                }
 
396
        }
 
397
 
 
398
        if (nt_pw_ptr && nt_pw_len == NT_HASH_LEN) {
 
399
                if (!pdb_set_nt_passwd(sampass, nt_pw_ptr, PDB_SET)) {
 
400
                        ret = False;
 
401
                        goto done;
 
402
                }
 
403
        }
 
404
 
 
405
        pdb_set_pw_history(sampass, NULL, 0, PDB_SET);
 
406
 
 
407
        pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
 
408
        pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET);
 
409
        pdb_set_hours_len(sampass, hours_len, PDB_SET);
 
410
        pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
 
411
        pdb_set_logon_count(sampass, logon_count, PDB_SET);
 
412
        pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
 
413
        pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
 
414
        pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
 
415
        pdb_set_hours(sampass, hours, PDB_SET);
 
416
 
 
417
done:
 
418
 
 
419
        SAFE_FREE(username);
 
420
        SAFE_FREE(domain);
 
421
        SAFE_FREE(nt_username);
 
422
        SAFE_FREE(fullname);
 
423
        SAFE_FREE(homedir);
 
424
        SAFE_FREE(dir_drive);
 
425
        SAFE_FREE(logon_script);
 
426
        SAFE_FREE(profile_path);
 
427
        SAFE_FREE(acct_desc);
 
428
        SAFE_FREE(workstations);
 
429
        SAFE_FREE(munged_dial);
 
430
        SAFE_FREE(unknown_str);
 
431
        SAFE_FREE(lm_pw_ptr);
 
432
        SAFE_FREE(nt_pw_ptr);
 
433
        SAFE_FREE(hours);
 
434
 
 
435
        return ret;
 
436
}
 
437
 
 
438
BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
 
439
{
 
440
 
 
441
        /* times are stored as 32bit integer
 
442
           take care on system with 64bit wide time_t
 
443
           --SSS */
 
444
        uint32  logon_time,
 
445
                logoff_time,
 
446
                kickoff_time,
 
447
                bad_password_time,
 
448
                pass_last_set_time,
 
449
                pass_can_change_time,
 
450
                pass_must_change_time;
 
451
        char *username = NULL;
 
452
        char *domain = NULL;
 
453
        char *nt_username = NULL;
 
454
        char *dir_drive = NULL;
 
455
        char *unknown_str = NULL;
 
456
        char *munged_dial = NULL;
 
457
        char *fullname = NULL;
 
458
        char *homedir = NULL;
 
459
        char *logon_script = NULL;
 
460
        char *profile_path = NULL;
 
461
        char *acct_desc = NULL;
 
462
        char *workstations = NULL;
 
463
        uint32  username_len, domain_len, nt_username_len,
 
464
                dir_drive_len, unknown_str_len, munged_dial_len,
 
465
                fullname_len, homedir_len, logon_script_len,
 
466
                profile_path_len, acct_desc_len, workstations_len;
 
467
                
 
468
        uint32  user_rid, group_rid, hours_len, unknown_6;
 
469
        uint16  acct_ctrl, logon_divs;
 
470
        uint16  bad_password_count, logon_count;
 
471
        uint8   *hours = NULL;
 
472
        uint8   *lm_pw_ptr = NULL, *nt_pw_ptr = NULL, *nt_pw_hist_ptr = NULL;
 
473
        uint32          len = 0;
 
474
        uint32          lm_pw_len, nt_pw_len, nt_pw_hist_len, hourslen;
 
475
        uint32 pwHistLen = 0;
 
476
        BOOL ret = True;
 
477
        fstring tmpstring;
 
478
        BOOL expand_explicit = lp_passdb_expand_explicit();
 
479
        
 
480
        if(sampass == NULL || buf == NULL) {
 
481
                DEBUG(0, ("init_sam_from_buffer_v2: NULL parameters found!\n"));
 
482
                return False;
 
483
        }
 
484
                                                                        
 
485
/* TDB_FORMAT_STRING_V2       "dddddddBBBBBBBBBBBBddBBBwwdBwwd" */
 
486
 
 
487
        /* unpack the buffer into variables */
 
488
        len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V2,
 
489
                &logon_time,                                            /* d */
 
490
                &logoff_time,                                           /* d */
 
491
                &kickoff_time,                                          /* d */
 
492
                &bad_password_time,                                     /* d */
 
493
                &pass_last_set_time,                                    /* d */
 
494
                &pass_can_change_time,                                  /* d */
 
495
                &pass_must_change_time,                                 /* d */
 
496
                &username_len, &username,                               /* B */
 
497
                &domain_len, &domain,                                   /* B */
 
498
                &nt_username_len, &nt_username,                         /* B */
 
499
                &fullname_len, &fullname,                               /* B */
 
500
                &homedir_len, &homedir,                                 /* B */
 
501
                &dir_drive_len, &dir_drive,                             /* B */
 
502
                &logon_script_len, &logon_script,                       /* B */
 
503
                &profile_path_len, &profile_path,                       /* B */
 
504
                &acct_desc_len, &acct_desc,                             /* B */
 
505
                &workstations_len, &workstations,                       /* B */
 
506
                &unknown_str_len, &unknown_str,                         /* B */
 
507
                &munged_dial_len, &munged_dial,                         /* B */
 
508
                &user_rid,                                              /* d */
 
509
                &group_rid,                                             /* d */
 
510
                &lm_pw_len, &lm_pw_ptr,                                 /* B */
 
511
                &nt_pw_len, &nt_pw_ptr,                                 /* B */
 
512
                /* Change from V1 is addition of password history field. */
 
513
                &nt_pw_hist_len, &nt_pw_hist_ptr,                       /* B */
 
514
                &acct_ctrl,                                             /* w */
 
515
                /* Also "remove_me" field was removed. */
 
516
                &logon_divs,                                            /* w */
 
517
                &hours_len,                                             /* d */
 
518
                &hourslen, &hours,                                      /* B */
 
519
                &bad_password_count,                                    /* w */
 
520
                &logon_count,                                           /* w */
 
521
                &unknown_6);                                            /* d */
 
522
                
 
523
        if (len == (uint32) -1)  {
 
524
                ret = False;
 
525
                goto done;
 
526
        }
 
527
 
 
528
        pdb_set_logon_time(sampass, logon_time, PDB_SET);
 
529
        pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
 
530
        pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
 
531
        pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET);
 
532
        pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
 
533
        pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
 
534
        pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
 
535
 
 
536
        pdb_set_username(sampass, username, PDB_SET); 
 
537
        pdb_set_domain(sampass, domain, PDB_SET);
 
538
        pdb_set_nt_username(sampass, nt_username, PDB_SET);
 
539
        pdb_set_fullname(sampass, fullname, PDB_SET);
 
540
 
 
541
        if (homedir) {
 
542
                fstrcpy( tmpstring, homedir );
 
543
                if (expand_explicit) {
 
544
                        standard_sub_basic( username, tmpstring,
 
545
                                            sizeof(tmpstring) );
 
546
                }
 
547
                pdb_set_homedir(sampass, tmpstring, PDB_SET);
 
548
        }
 
549
        else {
 
550
                pdb_set_homedir(sampass, 
 
551
                        talloc_sub_basic(sampass, username, lp_logon_home()),
 
552
                        PDB_DEFAULT);
 
553
        }
 
554
 
 
555
        if (dir_drive)  
 
556
                pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
 
557
        else
 
558
                pdb_set_dir_drive(sampass, lp_logon_drive(), PDB_DEFAULT );
 
559
 
 
560
        if (logon_script) {
 
561
                fstrcpy( tmpstring, logon_script );
 
562
                if (expand_explicit) {
 
563
                        standard_sub_basic( username, tmpstring,
 
564
                                            sizeof(tmpstring) );
 
565
                }
 
566
                pdb_set_logon_script(sampass, tmpstring, PDB_SET);
 
567
        }
 
568
        else {
 
569
                pdb_set_logon_script(sampass, 
 
570
                        talloc_sub_basic(sampass, username, lp_logon_script()),
 
571
                        PDB_DEFAULT);
 
572
        }
 
573
        
 
574
        if (profile_path) {     
 
575
                fstrcpy( tmpstring, profile_path );
 
576
                if (expand_explicit) {
 
577
                        standard_sub_basic( username, tmpstring,
 
578
                                            sizeof(tmpstring) );
 
579
                }
 
580
                pdb_set_profile_path(sampass, tmpstring, PDB_SET);
 
581
        } 
 
582
        else {
 
583
                pdb_set_profile_path(sampass, 
 
584
                        talloc_sub_basic(sampass, username, lp_logon_path()),
 
585
                        PDB_DEFAULT);
 
586
        }
 
587
 
 
588
        pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
 
589
        pdb_set_workstations(sampass, workstations, PDB_SET);
 
590
        pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
 
591
 
 
592
        if (lm_pw_ptr && lm_pw_len == LM_HASH_LEN) {
 
593
                if (!pdb_set_lanman_passwd(sampass, lm_pw_ptr, PDB_SET)) {
 
594
                        ret = False;
 
595
                        goto done;
 
596
                }
 
597
        }
 
598
 
 
599
        if (nt_pw_ptr && nt_pw_len == NT_HASH_LEN) {
 
600
                if (!pdb_set_nt_passwd(sampass, nt_pw_ptr, PDB_SET)) {
 
601
                        ret = False;
 
602
                        goto done;
 
603
                }
 
604
        }
 
605
 
 
606
        /* Change from V1 is addition of password history field. */
 
607
        pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
 
608
        if (pwHistLen) {
 
609
                uint8 *pw_hist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN);
 
610
                if (!pw_hist) {
 
611
                        ret = False;
 
612
                        goto done;
 
613
                }
 
614
                memset(pw_hist, '\0', pwHistLen * PW_HISTORY_ENTRY_LEN);
 
615
                if (nt_pw_hist_ptr && nt_pw_hist_len) {
 
616
                        int i;
 
617
                        SMB_ASSERT((nt_pw_hist_len % PW_HISTORY_ENTRY_LEN) == 0);
 
618
                        nt_pw_hist_len /= PW_HISTORY_ENTRY_LEN;
 
619
                        for (i = 0; (i < pwHistLen) && (i < nt_pw_hist_len); i++) {
 
620
                                memcpy(&pw_hist[i*PW_HISTORY_ENTRY_LEN],
 
621
                                        &nt_pw_hist_ptr[i*PW_HISTORY_ENTRY_LEN],
 
622
                                        PW_HISTORY_ENTRY_LEN);
 
623
                        }
 
624
                }
 
625
                if (!pdb_set_pw_history(sampass, pw_hist, pwHistLen, PDB_SET)) {
 
626
                        SAFE_FREE(pw_hist);
 
627
                        ret = False;
 
628
                        goto done;
 
629
                }
 
630
                SAFE_FREE(pw_hist);
 
631
        } else {
 
632
                pdb_set_pw_history(sampass, NULL, 0, PDB_SET);
 
633
        }
 
634
 
 
635
        pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
 
636
        pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET);
 
637
        pdb_set_hours_len(sampass, hours_len, PDB_SET);
 
638
        pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
 
639
        pdb_set_logon_count(sampass, logon_count, PDB_SET);
 
640
        pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
 
641
        pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
 
642
        pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
 
643
        pdb_set_hours(sampass, hours, PDB_SET);
 
644
 
 
645
done:
 
646
 
 
647
        SAFE_FREE(username);
 
648
        SAFE_FREE(domain);
 
649
        SAFE_FREE(nt_username);
 
650
        SAFE_FREE(fullname);
 
651
        SAFE_FREE(homedir);
 
652
        SAFE_FREE(dir_drive);
 
653
        SAFE_FREE(logon_script);
 
654
        SAFE_FREE(profile_path);
 
655
        SAFE_FREE(acct_desc);
 
656
        SAFE_FREE(workstations);
 
657
        SAFE_FREE(munged_dial);
 
658
        SAFE_FREE(unknown_str);
 
659
        SAFE_FREE(lm_pw_ptr);
 
660
        SAFE_FREE(nt_pw_ptr);
 
661
        SAFE_FREE(nt_pw_hist_ptr);
 
662
        SAFE_FREE(hours);
 
663
 
 
664
        return ret;
 
665
}
 
666
 
 
667
 
 
668
/**********************************************************************
 
669
 Intialize a struct samu struct from a BYTE buffer of size len
 
670
 *********************************************************************/
 
671
 
 
672
static BOOL init_sam_from_buffer(struct samu *sampass, uint8 *buf, uint32 buflen)
 
673
{
 
674
        return init_sam_from_buffer_v3(sampass, buf, buflen);
 
675
}
 
676
 
 
677
/**********************************************************************
 
678
 Intialize a BYTE buffer from a struct samu struct
 
679
 *********************************************************************/
 
680
 
 
681
static uint32 init_buffer_from_sam (uint8 **buf, struct samu *sampass, BOOL size_only)
 
682
{
 
683
        return init_buffer_from_sam_v3(buf, sampass, size_only);
 
684
}
 
685
 
 
686
/**********************************************************************
 
687
 Intialize a BYTE buffer from a struct samu struct
 
688
 *********************************************************************/
 
689
 
 
690
static BOOL tdbsam_convert(int32 from) 
 
691
{
 
692
        const char      *vstring = TDBSAM_VERSION_STRING;
 
693
        const char      *prefix = USERPREFIX;
76
694
        TDB_DATA        data, key, old_key;
77
695
        uint8           *buf = NULL;
78
696
        BOOL            ret;
79
697
 
80
 
        if (pdb_tdb == NULL) {
81
 
                DEBUG(0,("tdbsam_convert: Bad TDB Context pointer.\n"));
82
 
                return False;
83
 
        }
84
 
 
85
698
        /* handle a Samba upgrade */
86
 
        tdb_lock_bystring(pdb_tdb, vstring, 0);
 
699
        tdb_lock_bystring(tdbsam, vstring);
87
700
        
88
 
        if (!NT_STATUS_IS_OK(pdb_init_sam(&user))) {
89
 
                DEBUG(0,("tdbsam_convert: cannot initialized a SAM_ACCOUNT.\n"));
90
 
                return False;
91
 
        }
92
 
 
93
701
        /* Enumerate all records and convert them */
94
 
        key = tdb_firstkey(pdb_tdb);
 
702
        key = tdb_firstkey(tdbsam);
95
703
 
96
704
        while (key.dptr) {
97
705
        
99
707
                while ((key.dsize != 0) && (strncmp(key.dptr, prefix, strlen (prefix)))) {
100
708
                        old_key = key;
101
709
                        /* increment to next in line */
102
 
                        key = tdb_nextkey(pdb_tdb, key);
 
710
                        key = tdb_nextkey(tdbsam, key);
103
711
                        SAFE_FREE(old_key.dptr);
104
712
                }
105
713
        
106
714
                if (key.dptr) {
107
 
                        
 
715
                        struct samu *user = NULL;
 
716
 
108
717
                        /* read from tdbsam */
109
 
                        data = tdb_fetch(pdb_tdb, key);
 
718
                        data = tdb_fetch(tdbsam, key);
110
719
                        if (!data.dptr) {
111
720
                                DEBUG(0,("tdbsam_convert: database entry not found: %s.\n",key.dptr));
112
721
                                return False;
113
722
                        }
114
723
        
115
 
                        if (!NT_STATUS_IS_OK(pdb_reset_sam(user))) {
116
 
                                DEBUG(0,("tdbsam_convert: cannot reset SAM_ACCOUNT.\n"));
117
 
                                SAFE_FREE(data.dptr);
118
 
                                return False;
119
 
                        }
120
 
                        
121
724
                        /* unpack the buffer from the former format */
 
725
                        if ( !(user = samu_new( NULL )) ) {
 
726
                                DEBUG(0,("tdbsam_convert: samu_new() failed!\n"));
 
727
                                SAFE_FREE( data.dptr );
 
728
                                return False;
 
729
                        }
122
730
                        DEBUG(10,("tdbsam_convert: Try unpacking a record with (key:%s) (version:%d)\n", key.dptr, from));
123
731
                        switch (from) {
124
732
                                case 0:
130
738
                                case 2:
131
739
                                        ret = init_sam_from_buffer_v2(user, (uint8 *)data.dptr, data.dsize);
132
740
                                        break;
 
741
                                case 3:
 
742
                                        ret = init_sam_from_buffer_v3(user, (uint8 *)data.dptr, data.dsize);
 
743
                                        break;
133
744
                                default:
134
745
                                        /* unknown tdbsam version */
135
746
                                        ret = False;
136
747
                        }
137
748
                        if (!ret) {
138
 
                                DEBUG(0,("tdbsam_convert: Bad SAM_ACCOUNT entry returned from TDB (key:%s) (version:%d)\n", key.dptr, from));
 
749
                                DEBUG(0,("tdbsam_convert: Bad struct samu entry returned from TDB (key:%s) (version:%d)\n", key.dptr, from));
139
750
                                SAFE_FREE(data.dptr);
 
751
                                TALLOC_FREE(user );
140
752
                                return False;
141
753
                        }
142
754
        
144
756
                        SAFE_FREE(data.dptr);
145
757
 
146
758
                        /* pack from the buffer into the new format */
 
759
                        
147
760
                        DEBUG(10,("tdbsam_convert: Try packing a record (key:%s) (version:%d)\n", key.dptr, from));
148
 
                        if ((data.dsize=init_buffer_from_sam (&buf, user, False)) == -1) {
149
 
                                DEBUG(0,("tdbsam_convert: cannot pack the SAM_ACCOUNT into the new format\n"));
150
 
                                SAFE_FREE(data.dptr);
 
761
                        data.dsize = init_buffer_from_sam (&buf, user, False);
 
762
                        TALLOC_FREE(user );
 
763
                        
 
764
                        if ( data.dsize == -1 ) {
 
765
                                DEBUG(0,("tdbsam_convert: cannot pack the struct samu into the new format\n"));
151
766
                                return False;
152
767
                        }
153
768
                        data.dptr = (char *)buf;
154
769
                        
155
770
                        /* Store the buffer inside the TDBSAM */
156
 
                        if (tdb_store(pdb_tdb, key, data, TDB_MODIFY) != TDB_SUCCESS) {
157
 
                                DEBUG(0,("tdbsam_convert: cannot store the SAM_ACCOUNT (key:%s) in new format\n",key.dptr));
 
771
                        if (tdb_store(tdbsam, key, data, TDB_MODIFY) != TDB_SUCCESS) {
 
772
                                DEBUG(0,("tdbsam_convert: cannot store the struct samu (key:%s) in new format\n",key.dptr));
158
773
                                SAFE_FREE(data.dptr);
159
774
                                return False;
160
775
                        }
163
778
                        
164
779
                        /* increment to next in line */
165
780
                        old_key = key;
166
 
                        key = tdb_nextkey(pdb_tdb, key);
 
781
                        key = tdb_nextkey(tdbsam, key);
167
782
                        SAFE_FREE(old_key.dptr);
168
783
                }
169
784
                
170
785
        }
171
786
 
172
 
        pdb_free_sam(&user);
173
787
        
174
788
        /* upgrade finished */
175
 
        tdb_store_int32(pdb_tdb, vstring, TDBSAM_VERSION);
176
 
        tdb_unlock_bystring(pdb_tdb, vstring);
 
789
        tdb_store_int32(tdbsam, vstring, TDBSAM_VERSION);
 
790
        tdb_unlock_bystring(tdbsam, vstring);
177
791
 
178
792
        return(True);   
179
793
}
180
794
 
181
 
/**
182
 
 * Open the TDB passwd database, check version and convert it if needed.
183
 
 * @param name filename of the tdbsam file.
184
 
 * @param open_flags file access mode.
185
 
 * @return a TDB_CONTEXT handle on the tdbsam file.
186
 
 **/
 
795
/*********************************************************************
 
796
 Open the tdbsam file based on the absolute path specified.
 
797
 Uses a reference count to allow multiple open calls.
 
798
*********************************************************************/
187
799
 
188
 
static TDB_CONTEXT * tdbsam_tdbopen (const char *name, int open_flags)
 
800
static BOOL tdbsam_open( const char *name )
189
801
{
190
 
        TDB_CONTEXT     *pdb_tdb;
191
 
        tdbsamver_t     version;
192
 
        
193
 
        /* Try to open tdb passwd */
194
 
        if (!(pdb_tdb = tdb_open_log(name, 0, TDB_DEFAULT, 
195
 
                                     open_flags, 0600))) {
196
 
                DEBUG(0, ("Unable to open/create TDB passwd\n"));
197
 
                return NULL;
198
 
        }
 
802
        int32   version;
 
803
        
 
804
        /* check if we are already open */
 
805
        
 
806
        if ( tdbsam ) {
 
807
                ref_count++;
 
808
                DEBUG(8,("tdbsam_open: Incrementing open reference count.  Ref count is now %d\n", 
 
809
                        ref_count));
 
810
                return True;
 
811
        }
 
812
        
 
813
        SMB_ASSERT( ref_count == 0 );
 
814
        
 
815
        /* Try to open tdb passwd.  Create a new one if necessary */
 
816
        
 
817
        if (!(tdbsam = tdb_open_log(name, 0, TDB_DEFAULT, O_CREAT|O_RDWR, 0600))) {
 
818
                DEBUG(0, ("tdbsam_open: Failed to open/create TDB passwd [%s]\n", name));
 
819
                return False;
 
820
        }
 
821
 
 
822
        /* set the initial reference count - must be done before tdbsam_convert
 
823
           as that calls tdbsam_open()/tdbsam_close(). */
 
824
 
 
825
        ref_count = 1;
199
826
 
200
827
        /* Check the version */
201
 
        version = (tdbsamver_t) tdb_fetch_int32(pdb_tdb, 
202
 
                                                TDBSAM_VERSION_STRING);
203
 
        if (version == -1)
 
828
        version = tdb_fetch_int32( tdbsam, TDBSAM_VERSION_STRING );
 
829
        
 
830
        if (version == -1) {
204
831
                version = 0;    /* Version not found, assume version 0 */
 
832
        }
205
833
        
206
834
        /* Compare the version */
207
835
        if (version > TDBSAM_VERSION) {
208
836
                /* Version more recent than the latest known */ 
209
 
                DEBUG(0, ("TDBSAM version unknown: %d\n", version));
210
 
                tdb_close(pdb_tdb);
211
 
                pdb_tdb = NULL;
 
837
                DEBUG(0, ("tdbsam_open: unknown version => %d\n", version));
 
838
                tdb_close( tdbsam );
 
839
                ref_count = 0;
 
840
                return False;
212
841
        } 
213
 
        else if (version < TDBSAM_VERSION) {
214
 
                /* Older version, must be converted */
215
 
                DEBUG(1, ("TDBSAM version too old (%d), trying to convert it.\n", version));
216
 
                
217
 
                /* Reopen the pdb file with read-write access if needed */
218
 
                if (!(open_flags & O_RDWR)) {
219
 
                        DEBUG(10, ("tdbsam_tdbopen: TDB file opened with read only access, reopen it with read-write access.\n"));
220
 
                        tdb_close(pdb_tdb);
221
 
                        pdb_tdb = tdb_open_log(name, 0, TDB_DEFAULT, (open_flags & 07777770) | O_RDWR, 0600);
222
 
                }
223
 
                
224
 
                /* Convert */
225
 
                if (!tdbsam_convert(pdb_tdb, version)){
226
 
                        DEBUG(0, ("tdbsam_tdbopen: Error when trying to convert tdbsam: %s\n",name));
227
 
                        tdb_close(pdb_tdb);
228
 
                        pdb_tdb = NULL;
229
 
                } else {
230
 
                        DEBUG(1, ("TDBSAM converted successfully.\n"));
231
 
                }
232
 
 
233
 
                /* Reopen the pdb file as it must be */
234
 
                if (!(open_flags & O_RDWR)) {
235
 
                        tdb_close(pdb_tdb);
236
 
                        pdb_tdb = tdb_open_log(name, 0, TDB_DEFAULT, open_flags, 0600);
237
 
                }
 
842
        
 
843
        
 
844
        if ( version < TDBSAM_VERSION ) {       
 
845
                DEBUG(1, ("tdbsam_open: Converting version %d database to version %d.\n", 
 
846
                        version, TDBSAM_VERSION));
 
847
                
 
848
                if ( !tdbsam_convert(version) ) {
 
849
                        DEBUG(0, ("tdbsam_open: Error when trying to convert tdbsam [%s]\n",name));
 
850
                        tdb_close(tdbsam);
 
851
                        ref_count = 0;
 
852
                        return False;
 
853
                }
 
854
                        
 
855
                DEBUG(3, ("TDBSAM converted successfully.\n"));
238
856
        }
239
857
        
240
 
        return pdb_tdb;
 
858
        DEBUG(4,("tdbsam_open: successfully opened %s\n", name ));      
 
859
        
 
860
        return True;
241
861
}
242
862
 
243
 
/*****************************************************************************
244
 
 Utility functions to close the tdb sam database
245
 
 ****************************************************************************/
 
863
/****************************************************************************
 
864
 wrapper atound tdb_close() to handle the reference count
 
865
****************************************************************************/
246
866
 
247
 
static void tdbsam_tdbclose ( struct tdbsam_privates *state )
 
867
void tdbsam_close( void )
248
868
{
249
 
        if ( !state )
250
 
                return;
251
 
                
252
 
        if ( state->passwd_tdb ) {
253
 
                tdb_close( state->passwd_tdb );
254
 
                state->passwd_tdb = NULL;
 
869
        ref_count--;
 
870
        
 
871
        DEBUG(8,("tdbsam_close: Reference count is now %d.\n", ref_count));
 
872
 
 
873
        SMB_ASSERT(ref_count >= 0 );
 
874
        
 
875
        if ( ref_count == 0 ) {
 
876
                tdb_close( tdbsam );
 
877
                tdbsam = NULL;
255
878
        }
256
879
        
257
880
        return;
258
 
                
259
881
}
260
882
 
261
883
/****************************************************************************
280
902
                /* save a copy of the key */
281
903
                
282
904
                ptr->key.dptr = memdup( key.dptr, key.dsize );
 
905
                if (!ptr->key.dptr) {
 
906
                        DEBUG(0,("tdbsam_traverse_setpwent: memdup failed\n"));
 
907
                        /* just return 0 and let the traversal continue */
 
908
                        SAFE_FREE(ptr);
 
909
                        return 0;
 
910
                }
 
911
 
283
912
                ptr->key.dsize = key.dsize;
284
913
                
285
914
                DLIST_ADD( tdbsam_pwent_list, ptr );
286
915
        
287
916
        }
288
917
        
289
 
        
290
918
        return 0;
291
919
}
292
920
 
295
923
 Save a list of user keys for iteration.
296
924
****************************************************************/
297
925
 
298
 
static NTSTATUS tdbsam_setsampwent(struct pdb_methods *my_methods, BOOL update, uint16 acb_mask)
 
926
static NTSTATUS tdbsam_setsampwent(struct pdb_methods *my_methods, BOOL update, uint32 acb_mask)
299
927
{
300
 
        uint32 flags = update ? (O_RDWR|O_CREAT) : O_RDONLY;
301
 
        
302
 
        struct tdbsam_privates *tdb_state = (struct tdbsam_privates *)my_methods->private_data;
303
 
        
304
 
        if ( !(tdb_state->passwd_tdb = tdbsam_tdbopen(tdb_state->tdbsam_location, flags )) ) 
305
 
                return NT_STATUS_UNSUCCESSFUL;
306
 
 
307
 
        tdb_traverse( tdb_state->passwd_tdb, tdbsam_traverse_setpwent, NULL );
308
 
        
 
928
        if ( !tdbsam_open( tdbsam_filename ) ) {
 
929
                DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
 
930
                return NT_STATUS_ACCESS_DENIED;
 
931
        }
 
932
 
 
933
        tdb_traverse( tdbsam, tdbsam_traverse_setpwent, NULL );
 
934
        pwent_initialized = True;
 
935
 
309
936
        return NT_STATUS_OK;
310
937
}
311
938
 
316
943
 
317
944
static void tdbsam_endsampwent(struct pdb_methods *my_methods)
318
945
{
319
 
        struct tdbsam_privates *tdb_state = (struct tdbsam_privates *)my_methods->private_data;
320
946
        struct pwent_list *ptr, *ptr_next;
321
947
        
322
 
        tdbsam_tdbclose( tdb_state );
 
948
        /* close the tdb only if we have a valid pwent state */
 
949
        
 
950
        if ( pwent_initialized ) {
 
951
                DEBUG(7, ("endtdbpwent: closed sam database.\n"));
 
952
                tdbsam_close();
 
953
        }
323
954
        
324
955
        /* clear out any remaining entries in the list */
325
956
        
328
959
                DLIST_REMOVE( tdbsam_pwent_list, ptr );
329
960
                SAFE_FREE( ptr->key.dptr);
330
961
                SAFE_FREE( ptr );
331
 
        }
 
962
        }       
332
963
        
333
 
        DEBUG(7, ("endtdbpwent: closed sam database.\n"));
 
964
        pwent_initialized = False;
334
965
}
335
966
 
336
967
/*****************************************************************
337
 
 Get one SAM_ACCOUNT from the TDB (next in line)
 
968
 Get one struct samu from the TDB (next in line)
338
969
*****************************************************************/
339
970
 
340
 
static NTSTATUS tdbsam_getsampwent(struct pdb_methods *my_methods, SAM_ACCOUNT *user)
 
971
static NTSTATUS tdbsam_getsampwent(struct pdb_methods *my_methods, struct samu *user)
341
972
{
342
973
        NTSTATUS                nt_status = NT_STATUS_UNSUCCESSFUL;
343
 
        struct tdbsam_privates *tdb_state = (struct tdbsam_privates *)my_methods->private_data;
344
974
        TDB_DATA                data;
345
975
        struct pwent_list       *pkey;
346
976
 
347
977
        if ( !user ) {
348
 
                DEBUG(0,("tdbsam_getsampwent: SAM_ACCOUNT is NULL.\n"));
 
978
                DEBUG(0,("tdbsam_getsampwent: struct samu is NULL.\n"));
349
979
                return nt_status;
350
980
        }
351
981
 
352
982
        if ( !tdbsam_pwent_list ) {
353
983
                DEBUG(4,("tdbsam_getsampwent: end of list\n"));
354
 
                tdbsam_tdbclose( tdb_state );
355
984
                return nt_status;
356
985
        }
357
986
        
358
 
        if ( !tdb_state->passwd_tdb ) {
359
 
                if ( !(tdb_state->passwd_tdb = tdbsam_tdbopen(tdb_state->tdbsam_location, O_RDONLY)) )
360
 
                        return nt_status;
361
 
        }
362
 
 
363
987
        /* pull the next entry */
364
988
                
365
989
        pkey = tdbsam_pwent_list;
366
990
        DLIST_REMOVE( tdbsam_pwent_list, pkey );
367
991
        
368
 
        data = tdb_fetch(tdb_state->passwd_tdb, pkey->key);
 
992
        data = tdb_fetch(tdbsam, pkey->key);
369
993
 
370
994
        SAFE_FREE( pkey->key.dptr);
371
995
        SAFE_FREE( pkey);
372
996
        
373
 
        if (!data.dptr) {
 
997
        if ( !data.dptr ) {
374
998
                DEBUG(5,("pdb_getsampwent: database entry not found.  Was the user deleted?\n"));
375
999
                return nt_status;
376
1000
        }
377
1001
  
378
 
        if (!init_sam_from_buffer(user, (unsigned char *)data.dptr, data.dsize)) {
379
 
                DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
 
1002
        if ( !init_sam_from_buffer(user, (unsigned char *)data.dptr, data.dsize) ) {
 
1003
                DEBUG(0,("pdb_getsampwent: Bad struct samu entry returned from TDB!\n"));
380
1004
        }
381
1005
        
382
1006
        SAFE_FREE( data.dptr );
383
 
        
384
1007
 
385
1008
        return NT_STATUS_OK;
386
1009
}
389
1012
 Lookup a name in the SAM TDB
390
1013
******************************************************************/
391
1014
 
392
 
static NTSTATUS tdbsam_getsampwnam (struct pdb_methods *my_methods, SAM_ACCOUNT *user, const char *sname)
 
1015
static NTSTATUS tdbsam_getsampwnam (struct pdb_methods *my_methods, struct samu *user, const char *sname)
393
1016
{
394
 
        NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
395
 
        struct tdbsam_privates *tdb_state = (struct tdbsam_privates *)my_methods->private_data;
396
 
        TDB_CONTEXT     *pwd_tdb;
397
1017
        TDB_DATA        data, key;
398
1018
        fstring         keystr;
399
1019
        fstring         name;
400
1020
 
401
1021
        if ( !user ) {
402
 
                DEBUG(0,("pdb_getsampwnam: SAM_ACCOUNT is NULL.\n"));
403
 
                return nt_status;
 
1022
                DEBUG(0,("pdb_getsampwnam: struct samu is NULL.\n"));
 
1023
                return NT_STATUS_NO_MEMORY;
404
1024
        }
405
1025
 
406
1026
        /* Data is stored in all lower-case */
412
1032
        key.dptr = keystr;
413
1033
        key.dsize = strlen(keystr) + 1;
414
1034
 
415
 
        /* open the accounts TDB */
416
 
        if (!(pwd_tdb = tdbsam_tdbopen(tdb_state->tdbsam_location, O_RDONLY))) {
417
 
        
418
 
                if (errno == ENOENT) {
419
 
                        /*
420
 
                         * TDB file doesn't exist, so try to create new one. This is useful to avoid
421
 
                         * confusing error msg when adding user account first time
422
 
                         */
423
 
                        if (!(pwd_tdb = tdbsam_tdbopen(tdb_state->tdbsam_location, O_CREAT ))) {
424
 
                                DEBUG(0, ("pdb_getsampwnam: TDB passwd (%s) did not exist. File successfully created.\n",
425
 
                                          tdb_state->tdbsam_location));
426
 
                                tdb_close(pwd_tdb);
427
 
                        } else {
428
 
                                DEBUG(0, ("pdb_getsampwnam: TDB passwd (%s) does not exist. Couldn't create new one. Error was: %s\n",
429
 
                                          tdb_state->tdbsam_location, strerror(errno)));
430
 
                        }
431
 
                        
432
 
                        /* requested user isn't there anyway */
433
 
                        nt_status = NT_STATUS_NO_SUCH_USER;
434
 
                        return nt_status;
435
 
                }
436
 
                DEBUG(0, ("pdb_getsampwnam: Unable to open TDB passwd (%s)!\n", tdb_state->tdbsam_location));
437
 
                return nt_status;
 
1035
        /* open the database */
 
1036
                
 
1037
        if ( !tdbsam_open( tdbsam_filename ) ) {
 
1038
                DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
 
1039
                return NT_STATUS_ACCESS_DENIED;
438
1040
        }
439
 
 
 
1041
        
440
1042
        /* get the record */
441
 
        data = tdb_fetch(pwd_tdb, key);
 
1043
        
 
1044
        data = tdb_fetch(tdbsam, key);
442
1045
        if (!data.dptr) {
443
1046
                DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n"));
444
 
                DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
 
1047
                DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam)));
445
1048
                DEBUGADD(5, (" Key: %s\n", keystr));
446
 
                tdb_close(pwd_tdb);
447
 
                return nt_status;
 
1049
                tdbsam_close();
 
1050
                return NT_STATUS_NO_SUCH_USER;
448
1051
        }
449
1052
  
450
1053
        /* unpack the buffer */
 
1054
        
451
1055
        if (!init_sam_from_buffer(user, (unsigned char *)data.dptr, data.dsize)) {
452
 
                DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
 
1056
                DEBUG(0,("pdb_getsampwent: Bad struct samu entry returned from TDB!\n"));
453
1057
                SAFE_FREE(data.dptr);
454
 
                tdb_close(pwd_tdb);
455
 
                return nt_status;
 
1058
                tdbsam_close();
 
1059
                return NT_STATUS_NO_MEMORY;
456
1060
        }
 
1061
        
 
1062
        /* success */
 
1063
        
457
1064
        SAFE_FREE(data.dptr);
458
 
 
459
 
        /* no further use for database, close it now */
460
 
        tdb_close(pwd_tdb);
 
1065
        tdbsam_close();
461
1066
        
462
1067
        return NT_STATUS_OK;
463
1068
}
466
1071
 Search by rid
467
1072
 **************************************************************************/
468
1073
 
469
 
static NTSTATUS tdbsam_getsampwrid (struct pdb_methods *my_methods, SAM_ACCOUNT *user, uint32 rid)
 
1074
static NTSTATUS tdbsam_getsampwrid (struct pdb_methods *my_methods, struct samu *user, uint32 rid)
470
1075
{
471
 
        NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
472
 
        struct tdbsam_privates *tdb_state = (struct tdbsam_privates *)my_methods->private_data;
473
 
        TDB_CONTEXT             *pwd_tdb;
 
1076
        NTSTATUS                nt_status = NT_STATUS_UNSUCCESSFUL;
474
1077
        TDB_DATA                data, key;
475
1078
        fstring                 keystr;
476
1079
        fstring                 name;
477
 
        
478
 
        if (user==NULL) {
479
 
                DEBUG(0,("pdb_getsampwrid: SAM_ACCOUNT is NULL.\n"));
 
1080
 
 
1081
        if ( !user ) {
 
1082
                DEBUG(0,("pdb_getsampwrid: struct samu is NULL.\n"));
480
1083
                return nt_status;
481
1084
        }
482
 
 
 
1085
        
483
1086
        /* set search key */
 
1087
        
484
1088
        slprintf(keystr, sizeof(keystr)-1, "%s%.8x", RIDPREFIX, rid);
485
1089
        key.dptr = keystr;
486
1090
        key.dsize = strlen (keystr) + 1;
487
1091
 
488
 
        /* open the accounts TDB */
489
 
        if (!(pwd_tdb = tdbsam_tdbopen(tdb_state->tdbsam_location, O_RDONLY))) {
490
 
                DEBUG(0, ("pdb_getsampwrid: Unable to open TDB rid database!\n"));
491
 
                return nt_status;
 
1092
        /* open the database */
 
1093
                
 
1094
        if ( !tdbsam_open( tdbsam_filename ) ) {
 
1095
                DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
 
1096
                return NT_STATUS_ACCESS_DENIED;
492
1097
        }
493
1098
 
494
1099
        /* get the record */
495
 
        data = tdb_fetch (pwd_tdb, key);
 
1100
        
 
1101
        data = tdb_fetch (tdbsam, key);
496
1102
        if (!data.dptr) {
497
1103
                DEBUG(5,("pdb_getsampwrid (TDB): error looking up RID %d by key %s.\n", rid, keystr));
498
 
                DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
499
 
                tdb_close (pwd_tdb);
500
 
                return nt_status;
 
1104
                DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam)));
 
1105
                nt_status = NT_STATUS_UNSUCCESSFUL;
 
1106
                goto done;
501
1107
        }
502
1108
 
503
 
 
504
1109
        fstrcpy(name, data.dptr);
505
1110
        SAFE_FREE(data.dptr);
506
1111
        
507
 
        tdb_close (pwd_tdb);
 
1112
        nt_status = tdbsam_getsampwnam (my_methods, user, name);
 
1113
 
 
1114
 done:
 
1115
        /* cleanup */
508
1116
        
509
 
        return tdbsam_getsampwnam (my_methods, user, name);
 
1117
        tdbsam_close();
 
1118
                
 
1119
        return nt_status;
510
1120
}
511
1121
 
512
 
static NTSTATUS tdbsam_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT * user, const DOM_SID *sid)
 
1122
static NTSTATUS tdbsam_getsampwsid(struct pdb_methods *my_methods, struct samu * user, const DOM_SID *sid)
513
1123
{
514
1124
        uint32 rid;
515
 
        if (!sid_peek_check_rid(get_global_sam_sid(), sid, &rid))
 
1125
        
 
1126
        if ( !sid_peek_check_rid(get_global_sam_sid(), sid, &rid) )
516
1127
                return NT_STATUS_UNSUCCESSFUL;
 
1128
 
517
1129
        return tdbsam_getsampwrid(my_methods, user, rid);
518
1130
}
519
1131
 
520
 
static BOOL tdb_delete_samacct_only(TDB_CONTEXT *pwd_tdb,
521
 
                                    struct pdb_methods *my_methods,
522
 
                                    SAM_ACCOUNT *sam_pass)
 
1132
static BOOL tdb_delete_samacct_only( struct samu *sam_pass )
523
1133
{
524
1134
        TDB_DATA        key;
525
1135
        fstring         keystr;
529
1139
        strlower_m(name);
530
1140
        
531
1141
        /* set the search key */
 
1142
        
532
1143
        slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name);
533
1144
        key.dptr = keystr;
534
1145
        key.dsize = strlen (keystr) + 1;
535
1146
        
536
1147
        /* it's outaa here!  8^) */
537
 
        if (tdb_delete(pwd_tdb, key) != TDB_SUCCESS) {
 
1148
        
 
1149
        if (tdb_delete(tdbsam, key) != TDB_SUCCESS) {
538
1150
                DEBUG(5, ("Error deleting entry from tdb passwd database!\n"));
539
 
                DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
540
 
                tdb_close(pwd_tdb); 
 
1151
                DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam)));
541
1152
                return False;
542
1153
        }
 
1154
        
543
1155
        return True;
544
1156
}
545
1157
 
546
1158
/***************************************************************************
547
 
 Delete a SAM_ACCOUNT
 
1159
 Delete a struct samu records for the username and RID key
548
1160
****************************************************************************/
549
1161
 
550
 
static NTSTATUS tdbsam_delete_sam_account(struct pdb_methods *my_methods, SAM_ACCOUNT *sam_pass)
 
1162
static NTSTATUS tdbsam_delete_sam_account(struct pdb_methods *my_methods, struct samu *sam_pass)
551
1163
{
552
 
        NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
553
 
        struct tdbsam_privates *tdb_state = (struct tdbsam_privates *)my_methods->private_data;
554
 
        TDB_CONTEXT     *pwd_tdb;
 
1164
        NTSTATUS        nt_status = NT_STATUS_UNSUCCESSFUL;
555
1165
        TDB_DATA        key;
556
1166
        fstring         keystr;
557
1167
        uint32          rid;
558
1168
        fstring         name;
559
1169
        
 
1170
        /* open the database */
 
1171
                
 
1172
        if ( !tdbsam_open( tdbsam_filename ) ) {
 
1173
                DEBUG(0,("tdbsam_delete_sam_account: failed to open %s!\n",
 
1174
                         tdbsam_filename));
 
1175
                return NT_STATUS_ACCESS_DENIED;
 
1176
        }
 
1177
 
560
1178
        fstrcpy(name, pdb_get_username(sam_pass));
561
1179
        strlower_m(name);
562
1180
        
563
 
        /* open the TDB */
564
 
        if (!(pwd_tdb = tdbsam_tdbopen(tdb_state->tdbsam_location, O_RDWR))) {
565
 
                DEBUG(0, ("Unable to open TDB passwd!"));
566
 
                return nt_status;
567
 
        }
568
 
  
569
1181
        /* set the search key */
 
1182
 
570
1183
        slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name);
571
1184
        key.dptr = keystr;
572
1185
        key.dsize = strlen (keystr) + 1;
574
1187
        rid = pdb_get_user_rid(sam_pass);
575
1188
 
576
1189
        /* it's outaa here!  8^) */
577
 
        if (tdb_delete(pwd_tdb, key) != TDB_SUCCESS) {
 
1190
 
 
1191
        if ( tdb_delete(tdbsam, key) != TDB_SUCCESS ) {
578
1192
                DEBUG(5, ("Error deleting entry from tdb passwd database!\n"));
579
 
                DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
580
 
                tdb_close(pwd_tdb); 
581
 
                return nt_status;
582
 
        }       
583
 
 
584
 
        /* delete also the RID key */
 
1193
                DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam)));
 
1194
                nt_status = NT_STATUS_UNSUCCESSFUL;
 
1195
                goto done;
 
1196
        }
585
1197
 
586
1198
        /* set the search key */
 
1199
        
587
1200
        slprintf(keystr, sizeof(keystr)-1, "%s%.8x", RIDPREFIX, rid);
588
1201
        key.dptr = keystr;
589
1202
        key.dsize = strlen (keystr) + 1;
590
1203
 
591
1204
        /* it's outaa here!  8^) */
592
 
        if (tdb_delete(pwd_tdb, key) != TDB_SUCCESS) {
 
1205
        
 
1206
        if ( tdb_delete(tdbsam, key) != TDB_SUCCESS ) {
593
1207
                DEBUG(5, ("Error deleting entry from tdb rid database!\n"));
594
 
                DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
595
 
                tdb_close(pwd_tdb); 
596
 
                return nt_status;
 
1208
                DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam)));
 
1209
                nt_status = NT_STATUS_UNSUCCESSFUL;
 
1210
                goto done;
597
1211
        }
598
 
        
599
 
        tdb_close(pwd_tdb);
600
 
        
601
 
        return NT_STATUS_OK;
 
1212
 
 
1213
        nt_status = NT_STATUS_OK;
 
1214
        
 
1215
 done:
 
1216
        tdbsam_close();
 
1217
        
 
1218
        return nt_status;
602
1219
}
603
1220
 
604
1221
 
605
1222
/***************************************************************************
606
1223
 Update the TDB SAM account record only
 
1224
 Assumes that the tdbsam is already open 
607
1225
****************************************************************************/
608
 
static BOOL tdb_update_samacct_only(TDB_CONTEXT *pwd_tdb, 
609
 
                                    struct pdb_methods *my_methods, 
610
 
                                    SAM_ACCOUNT* newpwd, int flag)
 
1226
static BOOL tdb_update_samacct_only( struct samu* newpwd, int flag )
611
1227
{
612
1228
        TDB_DATA        key, data;
613
1229
        uint8           *buf = NULL;
615
1231
        fstring         name;
616
1232
        BOOL            ret = True;
617
1233
 
618
 
        /* copy the SAM_ACCOUNT struct into a BYTE buffer for storage */
619
 
        if ((data.dsize=init_buffer_from_sam (&buf, newpwd, False)) == -1) {
620
 
                DEBUG(0,("tdb_update_sam: ERROR - Unable to copy SAM_ACCOUNT info BYTE buffer!\n"));
 
1234
        /* copy the struct samu struct into a BYTE buffer for storage */
 
1235
        
 
1236
        if ( (data.dsize=init_buffer_from_sam (&buf, newpwd, False)) == -1 ) {
 
1237
                DEBUG(0,("tdb_update_sam: ERROR - Unable to copy struct samu info BYTE buffer!\n"));
621
1238
                ret = False;
622
1239
                goto done;
623
1240
        }
636
1253
        key.dsize = strlen(keystr) + 1;
637
1254
 
638
1255
        /* add the account */
639
 
        if (tdb_store(pwd_tdb, key, data, flag) != TDB_SUCCESS) {
 
1256
        
 
1257
        if ( tdb_store(tdbsam, key, data, flag) != TDB_SUCCESS ) {
640
1258
                DEBUG(0, ("Unable to modify passwd TDB!"));
641
 
                DEBUGADD(0, (" Error: %s", tdb_errorstr(pwd_tdb)));
 
1259
                DEBUGADD(0, (" Error: %s", tdb_errorstr(tdbsam)));
642
1260
                DEBUGADD(0, (" occured while storing the main record (%s)\n",
643
1261
                             keystr));
644
1262
                ret = False;
649
1267
        /* cleanup */
650
1268
        SAFE_FREE(buf);
651
1269
        
652
 
        return (ret);
 
1270
        return ret;
653
1271
}
654
1272
 
655
1273
/***************************************************************************
656
1274
 Update the TDB SAM RID record only
 
1275
 Assumes that the tdbsam is already open 
657
1276
****************************************************************************/
658
 
static BOOL tdb_update_ridrec_only(TDB_CONTEXT *pwd_tdb, 
659
 
                                   struct pdb_methods *my_methods, 
660
 
                                   SAM_ACCOUNT* newpwd, int flag)
 
1277
static BOOL tdb_update_ridrec_only( struct samu* newpwd, int flag )
661
1278
{
662
1279
        TDB_DATA        key, data;
663
1280
        fstring         keystr;
671
1288
        data.dptr = name;
672
1289
 
673
1290
        /* setup the RID index key */
674
 
        slprintf(keystr, sizeof(keystr)-1, "%s%.8x", RIDPREFIX, 
675
 
                 pdb_get_user_rid(newpwd));
 
1291
        slprintf(keystr, sizeof(keystr)-1, "%s%.8x", RIDPREFIX,  pdb_get_user_rid(newpwd));
676
1292
        key.dptr = keystr;
677
1293
        key.dsize = strlen (keystr) + 1;
678
1294
        
679
1295
        /* add the reference */
680
 
        if (tdb_store(pwd_tdb, key, data, flag) != TDB_SUCCESS) {
 
1296
        if (tdb_store(tdbsam, key, data, flag) != TDB_SUCCESS) {
681
1297
                DEBUG(0, ("Unable to modify TDB passwd !"));
682
 
                DEBUGADD(0, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
 
1298
                DEBUGADD(0, (" Error: %s\n", tdb_errorstr(tdbsam)));
683
1299
                DEBUGADD(0, (" occured while storing the RID index (%s)\n", keystr));
684
1300
                return False;
685
1301
        }
692
1308
 Update the TDB SAM
693
1309
****************************************************************************/
694
1310
 
695
 
static BOOL tdb_update_sam(struct pdb_methods *my_methods, SAM_ACCOUNT* newpwd, int flag)
 
1311
static BOOL tdb_update_sam(struct pdb_methods *my_methods, struct samu* newpwd, int flag)
696
1312
{
697
 
        struct tdbsam_privates *tdb_state = (struct tdbsam_privates *)my_methods->private_data;
698
 
        TDB_CONTEXT     *pwd_tdb = NULL;
699
 
        BOOL            ret = True;
700
 
        uint32          user_rid;
 
1313
        BOOL            result = True;
701
1314
 
702
1315
        /* invalidate the existing TDB iterator if it is open */
703
1316
        
704
 
        if (tdb_state->passwd_tdb) {
705
 
                tdb_close(tdb_state->passwd_tdb);
706
 
                tdb_state->passwd_tdb = NULL;
707
 
        }
708
 
 
709
 
        /* open the account TDB passwd*/
710
 
        
711
 
        pwd_tdb = tdbsam_tdbopen(tdb_state->tdbsam_location, O_RDWR | O_CREAT);
712
 
        
713
 
        if (!pwd_tdb) {
714
 
                DEBUG(0, ("tdb_update_sam: Unable to open TDB passwd (%s)!\n", 
715
 
                        tdb_state->tdbsam_location));
716
 
                return False;
717
 
        }
718
 
 
719
 
        if (!pdb_get_group_rid(newpwd)) {
720
 
                DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a primary group RID\n",
721
 
                        pdb_get_username(newpwd)));
722
 
                ret = False;
723
 
                goto done;
724
 
        }
725
 
 
726
 
        if ( !(user_rid = pdb_get_user_rid(newpwd)) ) {
727
 
                DEBUG(0,("tdb_update_sam: SAM_ACCOUNT (%s) with no RID!\n", pdb_get_username(newpwd)));
728
 
                ret = False;
729
 
                goto done;
730
 
        }
731
 
 
732
 
        if (!tdb_update_samacct_only(pwd_tdb, my_methods, newpwd, flag) ||
733
 
            !tdb_update_ridrec_only(pwd_tdb, my_methods, newpwd, flag)) {
734
 
                ret = False;
735
 
                goto done;
736
 
        }
737
 
 
738
 
done:   
 
1317
        tdbsam_endsampwent( my_methods );
 
1318
        
 
1319
#if 0 
 
1320
        if ( !pdb_get_group_rid(newpwd) ) {
 
1321
                DEBUG (0,("tdb_update_sam: Failing to store a struct samu for [%s] "
 
1322
                        "without a primary group RID\n", pdb_get_username(newpwd)));
 
1323
                return False;
 
1324
        }
 
1325
#endif
 
1326
 
 
1327
        if (!pdb_get_user_rid(newpwd)) {
 
1328
                DEBUG(0,("tdb_update_sam: struct samu (%s) with no RID!\n", pdb_get_username(newpwd)));
 
1329
                return False;
 
1330
        }
 
1331
 
 
1332
        /* open the database */
 
1333
                
 
1334
        if ( !tdbsam_open( tdbsam_filename ) ) {
 
1335
                DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
 
1336
                return False;
 
1337
        }
 
1338
        
 
1339
        if ( !tdb_update_samacct_only(newpwd, flag) || !tdb_update_ridrec_only(newpwd, flag)) {
 
1340
                result = False;
 
1341
        }
 
1342
 
739
1343
        /* cleanup */
740
 
        tdb_close (pwd_tdb);
741
 
        
742
 
        return (ret);   
743
 
}
744
 
 
745
 
/***************************************************************************
746
 
 Modifies an existing SAM_ACCOUNT
747
 
****************************************************************************/
748
 
 
749
 
static NTSTATUS tdbsam_update_sam_account (struct pdb_methods *my_methods, SAM_ACCOUNT *newpwd)
750
 
{
751
 
        if (tdb_update_sam(my_methods, newpwd, TDB_MODIFY))
752
 
                return NT_STATUS_OK;
753
 
        else
754
 
                return NT_STATUS_UNSUCCESSFUL;
755
 
}
756
 
 
757
 
/***************************************************************************
758
 
 Adds an existing SAM_ACCOUNT
759
 
****************************************************************************/
760
 
 
761
 
static NTSTATUS tdbsam_add_sam_account (struct pdb_methods *my_methods, SAM_ACCOUNT *newpwd)
762
 
{
763
 
        if (tdb_update_sam(my_methods, newpwd, TDB_INSERT))
764
 
                return NT_STATUS_OK;
765
 
        else
766
 
                return NT_STATUS_UNSUCCESSFUL;
767
 
}
768
 
 
769
 
/***************************************************************************
770
 
 Renames a SAM_ACCOUNT
 
1344
 
 
1345
        tdbsam_close();
 
1346
        
 
1347
        return result;  
 
1348
}
 
1349
 
 
1350
/***************************************************************************
 
1351
 Modifies an existing struct samu
 
1352
****************************************************************************/
 
1353
 
 
1354
static NTSTATUS tdbsam_update_sam_account (struct pdb_methods *my_methods, struct samu *newpwd)
 
1355
{
 
1356
        if ( !tdb_update_sam(my_methods, newpwd, TDB_MODIFY) )
 
1357
                return NT_STATUS_UNSUCCESSFUL;
 
1358
        
 
1359
        return NT_STATUS_OK;
 
1360
}
 
1361
 
 
1362
/***************************************************************************
 
1363
 Adds an existing struct samu
 
1364
****************************************************************************/
 
1365
 
 
1366
static NTSTATUS tdbsam_add_sam_account (struct pdb_methods *my_methods, struct samu *newpwd)
 
1367
{
 
1368
        if ( !tdb_update_sam(my_methods, newpwd, TDB_INSERT) )
 
1369
                return NT_STATUS_UNSUCCESSFUL;
 
1370
                
 
1371
        return NT_STATUS_OK;
 
1372
}
 
1373
 
 
1374
/***************************************************************************
 
1375
 Renames a struct samu
771
1376
 - check for the posix user/rename user script
772
1377
 - Add and lock the new user record
773
1378
 - rename the posix user
776
1381
 - unlock the new user record
777
1382
***************************************************************************/
778
1383
static NTSTATUS tdbsam_rename_sam_account(struct pdb_methods *my_methods,
779
 
                                          SAM_ACCOUNT *old_acct, 
 
1384
                                          struct samu *old_acct, 
780
1385
                                          const char *newname)
781
1386
{
782
 
        struct tdbsam_privates *tdb_state = 
783
 
                (struct tdbsam_privates *)my_methods->private_data;
784
 
        SAM_ACCOUNT *new_acct = NULL;
785
 
        pstring rename_script;
786
 
        TDB_CONTEXT     *pwd_tdb = NULL;
787
 
        NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
788
 
        BOOL interim_account = False;
789
 
 
790
 
        if (!*(lp_renameuser_script()))
791
 
                goto done;
792
 
 
793
 
        if (!pdb_copy_sam_account(old_acct, &new_acct) ||
794
 
            !pdb_set_username(new_acct, newname, PDB_CHANGED))
795
 
                goto done;
 
1387
        struct samu      *new_acct = NULL;
 
1388
        pstring          rename_script;
 
1389
        BOOL             interim_account = False;
 
1390
        int              rename_ret;
 
1391
        fstring          oldname_lower;
 
1392
        fstring          newname_lower;
 
1393
 
 
1394
        /* can't do anything without an external script */
 
1395
        
 
1396
        pstrcpy(rename_script, lp_renameuser_script() );
 
1397
        if ( ! *rename_script ) {
 
1398
                return NT_STATUS_ACCESS_DENIED;
 
1399
        }
796
1400
 
797
1401
        /* invalidate the existing TDB iterator if it is open */
798
1402
        
799
 
        if (tdb_state->passwd_tdb) {
800
 
                tdb_close(tdb_state->passwd_tdb);
801
 
                tdb_state->passwd_tdb = NULL;
802
 
        }
803
 
 
804
 
        /* open the account TDB passwd */
805
 
        
806
 
        pwd_tdb = tdbsam_tdbopen(tdb_state->tdbsam_location, O_RDWR | O_CREAT);
807
 
        
808
 
        if (!pwd_tdb) {
809
 
                DEBUG(0, ("tdb_update_sam: Unable to open TDB passwd (%s)!\n", 
810
 
                        tdb_state->tdbsam_location));
811
 
                goto done;
 
1403
        tdbsam_endsampwent( my_methods );
 
1404
 
 
1405
        if ( !(new_acct = samu_new( NULL )) ) {
 
1406
                return NT_STATUS_NO_MEMORY;
 
1407
        }
 
1408
        
 
1409
        if ( !pdb_copy_sam_account(new_acct, old_acct) 
 
1410
                || !pdb_set_username(new_acct, newname, PDB_CHANGED)) 
 
1411
        {
 
1412
                TALLOC_FREE(new_acct );
 
1413
                return NT_STATUS_NO_MEMORY;
 
1414
        }
 
1415
 
 
1416
        /* open the database */
 
1417
                
 
1418
        if ( !tdbsam_open( tdbsam_filename ) ) {
 
1419
                DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
 
1420
                TALLOC_FREE(new_acct );
 
1421
                return NT_STATUS_ACCESS_DENIED;
812
1422
        }
813
1423
 
814
1424
        /* add the new account and lock it */
815
 
        if (!tdb_update_samacct_only(pwd_tdb, my_methods, new_acct, 
816
 
                                     TDB_INSERT))
 
1425
        
 
1426
        if ( !tdb_update_samacct_only(new_acct, TDB_INSERT) ) {
817
1427
                goto done;
 
1428
        }
 
1429
        
818
1430
        interim_account = True;
819
1431
 
820
 
        if (tdb_lock_bystring(pwd_tdb, newname, 30) == -1) {
821
 
                goto done;
822
 
        }
823
 
 
824
 
        /* rename the posix user */
825
 
        pstrcpy(rename_script, lp_renameuser_script());
826
 
 
827
 
        if (*rename_script) {
828
 
                int rename_ret;
829
 
 
830
 
                pstring_sub(rename_script, "%unew", newname);
831
 
                pstring_sub(rename_script, "%uold", 
832
 
                            pdb_get_username(old_acct));
833
 
                rename_ret = smbrun(rename_script, NULL);
834
 
 
835
 
                DEBUG(rename_ret ? 0 : 3,("Running the command `%s' gave %d\n", rename_script, rename_ret));
836
 
 
837
 
                if (rename_ret) 
838
 
                        goto done; 
839
 
        } else {
840
 
                goto done;
 
1432
        if ( tdb_lock_bystring_with_timeout(tdbsam, newname, 30) == -1 ) {
 
1433
                goto done;
 
1434
        }
 
1435
 
 
1436
        /* Rename the posix user.  Follow the semantics of _samr_create_user()
 
1437
           so that we lower case the posix name but preserve the case in passdb */
 
1438
 
 
1439
        fstrcpy( oldname_lower, pdb_get_username(old_acct) );
 
1440
        strlower_m( oldname_lower );
 
1441
 
 
1442
        fstrcpy( newname_lower, newname );
 
1443
        strlower_m( newname_lower );
 
1444
 
 
1445
        string_sub2(rename_script, "%unew", newname_lower, sizeof(pstring), 
 
1446
                True, False, True);
 
1447
        string_sub2(rename_script, "%uold", oldname_lower, sizeof(pstring), 
 
1448
                True, False, True);
 
1449
        rename_ret = smbrun(rename_script, NULL);
 
1450
 
 
1451
        DEBUG(rename_ret ? 0 : 3,("Running the command `%s' gave %d\n", rename_script, rename_ret));
 
1452
 
 
1453
        if (rename_ret == 0) {
 
1454
                smb_nscd_flush_user_cache();
 
1455
        }
 
1456
 
 
1457
        if (rename_ret) {
 
1458
                goto done; 
841
1459
        }
842
1460
 
843
1461
        /* rewrite the rid->username record */
844
 
        if (!tdb_update_ridrec_only(pwd_tdb, my_methods, new_acct, TDB_MODIFY))
 
1462
        
 
1463
        if ( !tdb_update_ridrec_only( new_acct, TDB_MODIFY) ) {
845
1464
                goto done;
 
1465
        }
846
1466
        interim_account = False;
847
 
        tdb_unlock_bystring(pwd_tdb, newname);
848
 
 
849
 
        tdb_delete_samacct_only(pwd_tdb, my_methods, old_acct);
850
 
 
851
 
        ret = NT_STATUS_OK;
852
 
 
 
1467
        tdb_unlock_bystring( tdbsam, newname );
 
1468
 
 
1469
        tdb_delete_samacct_only( old_acct );
 
1470
        
 
1471
        tdbsam_close();
 
1472
        
 
1473
        TALLOC_FREE(new_acct );
 
1474
        return NT_STATUS_OK;
853
1475
 
854
1476
done:   
855
1477
        /* cleanup */
856
1478
        if (interim_account) {
857
 
                tdb_unlock_bystring(pwd_tdb, newname);
858
 
                tdb_delete_samacct_only(pwd_tdb, my_methods, new_acct);
 
1479
                tdb_unlock_bystring(tdbsam, newname);
 
1480
                tdb_delete_samacct_only(new_acct);
859
1481
        }
860
 
        if (pwd_tdb)
861
 
                tdb_close (pwd_tdb);
 
1482
        
 
1483
        tdbsam_close();
 
1484
        
862
1485
        if (new_acct)
863
 
                pdb_free_sam(&new_acct);
864
 
        
865
 
        return (ret);   
866
 
}
867
 
        
868
 
static void free_private_data(void **vp) 
869
 
{
870
 
        struct tdbsam_privates **tdb_state = (struct tdbsam_privates **)vp;
871
 
        tdbsam_tdbclose(*tdb_state);
872
 
        *tdb_state = NULL;
873
 
 
874
 
        /* No need to free any further, as it is talloc()ed */
875
 
}
876
 
 
877
 
 
878
 
 
879
 
 
880
 
/**
881
 
 * Init tdbsam backend
882
 
 *
883
 
 * @param pdb_context initialised passdb context
884
 
 * @param pdb_method backend methods structure to be filled with function pointers
885
 
 * @param location the backend tdb file location
886
 
 *
887
 
 * @return nt_status code
888
 
 **/
889
 
 
890
 
static NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
 
1486
                TALLOC_FREE(new_acct);
 
1487
        
 
1488
        return NT_STATUS_ACCESS_DENIED; 
 
1489
}
 
1490
 
 
1491
static BOOL tdbsam_rid_algorithm(struct pdb_methods *methods)
 
1492
{
 
1493
        return False;
 
1494
}
 
1495
 
 
1496
/*
 
1497
 * Historically, winbind was responsible for allocating RIDs, so the next RID
 
1498
 * value was stored in winbindd_idmap.tdb. It has been moved to passdb now,
 
1499
 * but for compatibility reasons we still keep the the next RID counter in
 
1500
 * winbindd_idmap.tdb.
 
1501
 */
 
1502
 
 
1503
/*****************************************************************************
 
1504
 Initialise idmap database. For now (Dec 2005) this is a copy of the code in
 
1505
 sam/idmap_tdb.c. Maybe at a later stage we can remove that capability from
 
1506
 winbind completely and store the RID counter in passdb.tdb.
 
1507
 
 
1508
 Dont' fully initialize with the HWM values, if it's new, we're only
 
1509
 interested in the RID counter.
 
1510
*****************************************************************************/
 
1511
 
 
1512
static BOOL init_idmap_tdb(TDB_CONTEXT *tdb)
 
1513
{
 
1514
        int32 version;
 
1515
 
 
1516
        if (tdb_lock_bystring(tdb, "IDMAP_VERSION") != 0) {
 
1517
                DEBUG(0, ("Could not lock IDMAP_VERSION\n"));
 
1518
                return False;
 
1519
        }
 
1520
 
 
1521
        version = tdb_fetch_int32(tdb, "IDMAP_VERSION");
 
1522
 
 
1523
        if (version == -1) {
 
1524
                /* No key found, must be a new db */
 
1525
                if (tdb_store_int32(tdb, "IDMAP_VERSION",
 
1526
                                    IDMAP_VERSION) != 0) {
 
1527
                        DEBUG(0, ("Could not store IDMAP_VERSION\n"));
 
1528
                        tdb_unlock_bystring(tdb, "IDMAP_VERSION");
 
1529
                        return False;
 
1530
                }
 
1531
                version = IDMAP_VERSION;
 
1532
        }
 
1533
 
 
1534
        if (version != IDMAP_VERSION) {
 
1535
                DEBUG(0, ("Expected IDMAP_VERSION=%d, found %d. Please "
 
1536
                          "start winbind once\n", IDMAP_VERSION, version));
 
1537
                tdb_unlock_bystring(tdb, "IDMAP_VERSION");
 
1538
                return False;
 
1539
        }
 
1540
 
 
1541
        tdb_unlock_bystring(tdb, "IDMAP_VERSION");
 
1542
        return True;
 
1543
}
 
1544
 
 
1545
static BOOL tdbsam_new_rid(struct pdb_methods *methods, uint32 *prid)
 
1546
{
 
1547
        TDB_CONTEXT *tdb;
 
1548
        uint32 rid;
 
1549
        BOOL ret = False;
 
1550
 
 
1551
        tdb = tdb_open_log(lock_path("winbindd_idmap.tdb"), 0,
 
1552
                           TDB_DEFAULT, O_RDWR | O_CREAT, 0644);
 
1553
 
 
1554
        if (tdb == NULL) {
 
1555
                DEBUG(1, ("Could not open idmap: %s\n", strerror(errno)));
 
1556
                goto done;
 
1557
        }
 
1558
 
 
1559
        if (!init_idmap_tdb(tdb)) {
 
1560
                DEBUG(1, ("Could not init idmap\n"));
 
1561
                goto done;
 
1562
        }
 
1563
 
 
1564
        rid = BASE_RID;         /* Default if not set */
 
1565
 
 
1566
        if (!tdb_change_uint32_atomic(tdb, "RID_COUNTER", &rid, 1)) {
 
1567
                DEBUG(3, ("tdbsam_new_rid: Failed to increase RID_COUNTER\n"));
 
1568
                goto done;
 
1569
        }
 
1570
 
 
1571
        *prid = rid;
 
1572
        ret = True;
 
1573
 
 
1574
 done:
 
1575
        if ((tdb != NULL) && (tdb_close(tdb) != 0)) {
 
1576
                smb_panic("tdb_close(idmap_tdb) failed\n");
 
1577
        }
 
1578
 
 
1579
        return ret;
 
1580
}
 
1581
 
 
1582
/*********************************************************************
 
1583
 Initialize the tdb sam backend.  Setup the dispath table of methods,
 
1584
 open the tdb, etc...
 
1585
*********************************************************************/
 
1586
 
 
1587
static NTSTATUS pdb_init_tdbsam(struct pdb_methods **pdb_method, const char *location)
891
1588
{
892
1589
        NTSTATUS nt_status;
893
 
        struct tdbsam_privates *tdb_state;
 
1590
        pstring tdbfile;
 
1591
        const char *pfile = location;
894
1592
 
895
 
        if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
 
1593
        if (!NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method ))) {
896
1594
                return nt_status;
897
1595
        }
898
1596
 
908
1606
        (*pdb_method)->delete_sam_account = tdbsam_delete_sam_account;
909
1607
        (*pdb_method)->rename_sam_account = tdbsam_rename_sam_account;
910
1608
 
911
 
        tdb_state = TALLOC_ZERO_P(pdb_context->mem_ctx, struct tdbsam_privates);
912
 
 
913
 
        if (!tdb_state) {
914
 
                DEBUG(0, ("talloc() failed for tdbsam private_data!\n"));
915
 
                return NT_STATUS_NO_MEMORY;
916
 
        }
917
 
 
918
 
        if (location) {
919
 
                tdb_state->tdbsam_location = talloc_strdup(pdb_context->mem_ctx, location);
920
 
        } else {
921
 
                pstring tdbfile;
922
 
                get_private_directory(tdbfile);
923
 
                pstrcat(tdbfile, "/");
924
 
                pstrcat(tdbfile, PASSDB_FILE_NAME);
925
 
                tdb_state->tdbsam_location = talloc_strdup(pdb_context->mem_ctx, tdbfile);
926
 
        }
927
 
 
928
 
        (*pdb_method)->private_data = tdb_state;
929
 
 
930
 
        (*pdb_method)->free_private_data = free_private_data;
 
1609
        (*pdb_method)->rid_algorithm = tdbsam_rid_algorithm;
 
1610
        (*pdb_method)->new_rid = tdbsam_new_rid;
 
1611
 
 
1612
        /* save the path for later */
 
1613
                           
 
1614
        if ( !location ) {
 
1615
                pstr_sprintf( tdbfile, "%s/%s", lp_private_dir(), PASSDB_FILE_NAME );
 
1616
                pfile = tdbfile;
 
1617
        }
 
1618
        pstrcpy( tdbsam_filename, pfile );
 
1619
 
 
1620
        /* no private data */
 
1621
        
 
1622
        (*pdb_method)->private_data      = NULL;
 
1623
        (*pdb_method)->free_private_data = NULL;
931
1624
 
932
1625
        return NT_STATUS_OK;
933
1626
}