pdb_samba_dsdb: implement pdb_samba_dsdb_enum_trusteddoms()
[bbaumbach/samba-autobuild/.git] / source3 / passdb / pdb_smbpasswd.c
1 /*
2  * Unix SMB/CIFS implementation. 
3  * SMB parameters and setup
4  * Copyright (C) Andrew Tridgell       1992-1998 
5  * Modified by Jeremy Allison          1995.
6  * Modified by Gerald (Jerry) Carter   2000-2001,2003
7  * Modified by Andrew Bartlett         2002.
8  * 
9  * This program is free software; you can redistribute it and/or modify it under
10  * the terms of the GNU General Public License as published by the Free
11  * Software Foundation; either version 3 of the License, or (at your option)
12  * any later version.
13  * 
14  * This program is distributed in the hope that it will be useful, but WITHOUT
15  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
16  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
17  * more details.
18  * 
19  * You should have received a copy of the GNU General Public License along with
20  * this program; if not, see <http://www.gnu.org/licenses/>.
21  */
22
23 #include "includes.h"
24 #include "passdb.h"
25 #include "system/passwd.h"
26 #include "system/filesys.h"
27 #include "../librpc/gen_ndr/samr.h"
28 #include "../libcli/security/security.h"
29 #include "passdb/pdb_smbpasswd.h"
30
31 #undef DBGC_CLASS
32 #define DBGC_CLASS DBGC_PASSDB
33
34 /* 
35    smb_passwd is analogous to sam_passwd used everywhere
36    else.  However, smb_passwd is limited to the information
37    stored by an smbpasswd entry 
38  */
39
40 struct smb_passwd
41 {
42         uint32_t smb_userid;      /* this is actually the unix uid_t */
43         const char *smb_name;     /* username string */
44
45         const unsigned char *smb_passwd;    /* Null if no password */
46         const unsigned char *smb_nt_passwd; /* Null if no password */
47
48         uint16_t acct_ctrl;             /* account info (ACB_xxxx bit-mask) */
49         time_t pass_last_set_time;    /* password last set time */
50 };
51
52 struct smbpasswd_privates
53 {
54         /* used for maintain locks on the smbpasswd file */
55         int     pw_file_lock_depth;
56
57         /* Global File pointer */
58         FILE    *pw_file;
59
60         /* formerly static variables */
61         struct smb_passwd pw_buf;
62         fstring user_name;
63         unsigned char smbpwd[16];
64         unsigned char smbntpwd[16];
65
66         /* retrive-once info */
67         const char *smbpasswd_file;
68 };
69
70 enum pwf_access_type { PWF_READ, PWF_UPDATE, PWF_CREATE };
71
72 static SIG_ATOMIC_T gotalarm;
73
74 /***************************************************************
75  Signal function to tell us we timed out.
76 ****************************************************************/
77
78 static void gotalarm_sig(int signum)
79 {
80         gotalarm = 1;
81 }
82
83 /***************************************************************
84  Lock or unlock a fd for a known lock type. Abandon after waitsecs 
85  seconds.
86 ****************************************************************/
87
88 static bool do_file_lock(int fd, int waitsecs, int type)
89 {
90         struct flock lock;
91         int             ret;
92         void (*oldsig_handler)(int);
93
94         gotalarm = 0;
95         oldsig_handler = CatchSignal(SIGALRM, gotalarm_sig);
96
97         lock.l_type = type;
98         lock.l_whence = SEEK_SET;
99         lock.l_start = 0;
100         lock.l_len = 1;
101         lock.l_pid = 0;
102
103         alarm(waitsecs);
104         /* Note we must *NOT* use sys_fcntl here ! JRA */
105         ret = fcntl(fd, F_SETLKW, &lock);
106         alarm(0);
107         CatchSignal(SIGALRM, oldsig_handler);
108
109         if (gotalarm && ret == -1) {
110                 DEBUG(0, ("do_file_lock: failed to %s file.\n",
111                         type == F_UNLCK ? "unlock" : "lock"));
112                 return False;
113         }
114
115         return (ret == 0);
116 }
117
118 /***************************************************************
119  Lock an fd. Abandon after waitsecs seconds.
120 ****************************************************************/
121
122 static bool pw_file_lock(int fd, int type, int secs, int *plock_depth)
123 {
124         if (fd < 0) {
125                 return False;
126         }
127
128         if(*plock_depth == 0) {
129                 if (!do_file_lock(fd, secs, type)) {
130                         DEBUG(10,("pw_file_lock: locking file failed, error = %s.\n",
131                                 strerror(errno)));
132                         return False;
133                 }
134         }
135
136         (*plock_depth)++;
137
138         return True;
139 }
140
141 /***************************************************************
142  Unlock an fd. Abandon after waitsecs seconds.
143 ****************************************************************/
144
145 static bool pw_file_unlock(int fd, int *plock_depth)
146 {
147         bool ret=True;
148
149         if (fd == 0 || *plock_depth == 0) {
150                 return True;
151         }
152
153         if(*plock_depth == 1) {
154                 ret = do_file_lock(fd, 5, F_UNLCK);
155         }
156
157         if (*plock_depth > 0) {
158                 (*plock_depth)--;
159         }
160
161         if(!ret) {
162                 DEBUG(10,("pw_file_unlock: unlocking file failed, error = %s.\n",
163                         strerror(errno)));
164         }
165         return ret;
166 }
167
168 /**************************************************************
169  Intialize a smb_passwd struct
170  *************************************************************/
171
172 static void pdb_init_smb(struct smb_passwd *user)
173 {
174         if (user == NULL) 
175                 return;
176         ZERO_STRUCTP (user);
177
178         user->pass_last_set_time = (time_t)0;
179 }
180
181 /***************************************************************
182  Internal fn to enumerate the smbpasswd list. Returns a void pointer
183  to ensure no modification outside this module. Checks for atomic
184  rename of smbpasswd file on update or create once the lock has
185  been granted to prevent race conditions. JRA.
186 ****************************************************************/
187
188 static FILE *startsmbfilepwent(const char *pfile, enum pwf_access_type type, int *lock_depth)
189 {
190         FILE *fp = NULL;
191         const char *open_mode = NULL;
192         int race_loop = 0;
193         int lock_type = F_RDLCK;
194
195         if (!*pfile) {
196                 DEBUG(0, ("startsmbfilepwent: No SMB password file set\n"));
197                 return (NULL);
198         }
199
200         switch(type) {
201                 case PWF_READ:
202                         open_mode = "rb";
203                         lock_type = F_RDLCK;
204                         break;
205                 case PWF_UPDATE:
206                         open_mode = "r+b";
207                         lock_type = F_WRLCK;
208                         break;
209                 case PWF_CREATE:
210                         /*
211                          * Ensure atomic file creation.
212                          */
213                         {
214                                 int i, fd = -1;
215
216                                 for(i = 0; i < 5; i++) {
217                                         if((fd = open(pfile, O_CREAT|O_TRUNC|O_EXCL|O_RDWR, 0600))!=-1) {
218                                                 break;
219                                         }
220                                         usleep(200); /* Spin, spin... */
221                                 }
222                                 if(fd == -1) {
223                                         DEBUG(0,("startsmbfilepwent_internal: too many race conditions \
224 creating file %s\n", pfile));
225                                         return NULL;
226                                 }
227                                 close(fd);
228                                 open_mode = "r+b";
229                                 lock_type = F_WRLCK;
230                                 break;
231                         }
232                 default:
233                         DEBUG(10, ("Invalid open mode: %d\n", type));
234                         return NULL;
235         }
236
237         for(race_loop = 0; race_loop < 5; race_loop++) {
238                 DEBUG(10, ("startsmbfilepwent_internal: opening file %s\n", pfile));
239
240                 if((fp = fopen(pfile, open_mode)) == NULL) {
241
242                         /*
243                          * If smbpasswd file doesn't exist, then create new one. This helps to avoid
244                          * confusing error msg when adding user account first time.
245                          */
246                         if (errno == ENOENT) {
247                                 if ((fp = fopen(pfile, "a+")) != NULL) {
248                                         DEBUG(0, ("startsmbfilepwent_internal: file %s did not \
249 exist. File successfully created.\n", pfile));
250                                 } else {
251                                         DEBUG(0, ("startsmbfilepwent_internal: file %s did not \
252 exist. Couldn't create new one. Error was: %s",
253                                         pfile, strerror(errno)));
254                                         return NULL;
255                                 }
256                         } else {
257                                 DEBUG(0, ("startsmbfilepwent_internal: unable to open file %s. \
258 Error was: %s\n", pfile, strerror(errno)));
259                                 return NULL;
260                         }
261                 }
262
263                 if (!pw_file_lock(fileno(fp), lock_type, 5, lock_depth)) {
264                         DEBUG(0, ("startsmbfilepwent_internal: unable to lock file %s. \
265 Error was %s\n", pfile, strerror(errno) ));
266                         fclose(fp);
267                         return NULL;
268                 }
269
270                 /*
271                  * Only check for replacement races on update or create.
272                  * For read we don't mind if the data is one record out of date.
273                  */
274
275                 if(type == PWF_READ) {
276                         break;
277                 } else {
278                         SMB_STRUCT_STAT sbuf1, sbuf2;
279
280                         /*
281                          * Avoid the potential race condition between the open and the lock
282                          * by doing a stat on the filename and an fstat on the fd. If the
283                          * two inodes differ then someone did a rename between the open and
284                          * the lock. Back off and try the open again. Only do this 5 times to
285                          * prevent infinate loops. JRA.
286                          */
287
288                         if (sys_stat(pfile, &sbuf1, false) != 0) {
289                                 DEBUG(0, ("startsmbfilepwent_internal: unable to stat file %s. \
290 Error was %s\n", pfile, strerror(errno)));
291                                 pw_file_unlock(fileno(fp), lock_depth);
292                                 fclose(fp);
293                                 return NULL;
294                         }
295
296                         if (sys_fstat(fileno(fp), &sbuf2, false) != 0) {
297                                 DEBUG(0, ("startsmbfilepwent_internal: unable to fstat file %s. \
298 Error was %s\n", pfile, strerror(errno)));
299                                 pw_file_unlock(fileno(fp), lock_depth);
300                                 fclose(fp);
301                                 return NULL;
302                         }
303
304                         if( sbuf1.st_ex_ino == sbuf2.st_ex_ino) {
305                                 /* No race. */
306                                 break;
307                         }
308
309                         /*
310                          * Race occurred - back off and try again...
311                          */
312
313                         pw_file_unlock(fileno(fp), lock_depth);
314                         fclose(fp);
315                 }
316         }
317
318         if(race_loop == 5) {
319                 DEBUG(0, ("startsmbfilepwent_internal: too many race conditions opening file %s\n", pfile));
320                 return NULL;
321         }
322
323         /* Set a buffer to do more efficient reads */
324         setvbuf(fp, (char *)NULL, _IOFBF, 1024);
325
326         /* Make sure it is only rw by the owner */
327 #ifdef HAVE_FCHMOD
328         if(fchmod(fileno(fp), S_IRUSR|S_IWUSR) == -1) {
329 #else
330         if(chmod(pfile, S_IRUSR|S_IWUSR) == -1) {
331 #endif
332                 DEBUG(0, ("startsmbfilepwent_internal: failed to set 0600 permissions on password file %s. \
333 Error was %s\n.", pfile, strerror(errno) ));
334                 pw_file_unlock(fileno(fp), lock_depth);
335                 fclose(fp);
336                 return NULL;
337         }
338
339         /* We have a lock on the file. */
340         return fp;
341 }
342
343 /***************************************************************
344  End enumeration of the smbpasswd list.
345 ****************************************************************/
346
347 static void endsmbfilepwent(FILE *fp, int *lock_depth)
348 {
349         if (!fp) {
350                 return;
351         }
352
353         pw_file_unlock(fileno(fp), lock_depth);
354         fclose(fp);
355         DEBUG(7, ("endsmbfilepwent_internal: closed password file.\n"));
356 }
357
358 /*************************************************************************
359  Routine to return the next entry in the smbpasswd list.
360  *************************************************************************/
361
362 static struct smb_passwd *getsmbfilepwent(struct smbpasswd_privates *smbpasswd_state, FILE *fp)
363 {
364         /* Static buffers we will return. */
365         struct smb_passwd *pw_buf = &smbpasswd_state->pw_buf;
366         char  *user_name = smbpasswd_state->user_name;
367         unsigned char *smbpwd = smbpasswd_state->smbpwd;
368         unsigned char *smbntpwd = smbpasswd_state->smbntpwd;
369         char linebuf[256];
370         int c;
371         unsigned char *p;
372         long uidval;
373         size_t linebuf_len;
374         char *status;
375
376         if(fp == NULL) {
377                 DEBUG(0,("getsmbfilepwent: Bad password file pointer.\n"));
378                 return NULL;
379         }
380
381         pdb_init_smb(pw_buf);
382         pw_buf->acct_ctrl = ACB_NORMAL;  
383
384         /*
385          * Scan the file, a line at a time and check if the name matches.
386          */
387         status = linebuf;
388         while (status && !feof(fp)) {
389                 linebuf[0] = '\0';
390
391                 status = fgets(linebuf, 256, fp);
392                 if (status == NULL && ferror(fp)) {
393                         return NULL;
394                 }
395
396                 /*
397                  * Check if the string is terminated with a newline - if not
398                  * then we must keep reading and discard until we get one.
399                  */
400                 if ((linebuf_len = strlen(linebuf)) == 0) {
401                         continue;
402                 }
403
404                 if (linebuf[linebuf_len - 1] != '\n') {
405                         c = '\0';
406                         while (!ferror(fp) && !feof(fp)) {
407                                 c = fgetc(fp);
408                                 if (c == '\n') {
409                                         break;
410                                 }
411                         }
412                 } else {
413                         linebuf[linebuf_len - 1] = '\0';
414                 }
415
416 #ifdef DEBUG_PASSWORD
417                 DEBUG(100, ("getsmbfilepwent: got line |%s|\n", linebuf));
418 #endif
419                 if ((linebuf[0] == 0) && feof(fp)) {
420                         DEBUG(4, ("getsmbfilepwent: end of file reached\n"));
421                         break;
422                 }
423
424                 /*
425                  * The line we have should be of the form :-
426                  * 
427                  * username:uid:32hex bytes:[Account type]:LCT-12345678....other flags presently
428                  * ignored....
429                  * 
430                  * or,
431                  *
432                  * username:uid:32hex bytes:32hex bytes:[Account type]:LCT-12345678....ignored....
433                  *
434                  * if Windows NT compatible passwords are also present.
435                  * [Account type] is an ascii encoding of the type of account.
436                  * LCT-(8 hex digits) is the time_t value of the last change time.
437                  */
438
439                 if (linebuf[0] == '#' || linebuf[0] == '\0') {
440                         DEBUG(6, ("getsmbfilepwent: skipping comment or blank line\n"));
441                         continue;
442                 }
443                 p = (unsigned char *) strchr_m(linebuf, ':');
444                 if (p == NULL) {
445                         DEBUG(0, ("getsmbfilepwent: malformed password entry (no :)\n"));
446                         continue;
447                 }
448
449                 strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
450                 user_name[PTR_DIFF(p, linebuf)] = '\0';
451
452                 /* Get smb uid. */
453
454                 p++; /* Go past ':' */
455
456                 if(*p == '-') {
457                         DEBUG(0, ("getsmbfilepwent: user name %s has a negative uid.\n", user_name));
458                         continue;
459                 }
460
461                 if (!isdigit(*p)) {
462                         DEBUG(0, ("getsmbfilepwent: malformed password entry for user %s (uid not number)\n",
463                                 user_name));
464                         continue;
465                 }
466
467                 uidval = atoi((char *) p);
468
469                 while (*p && isdigit(*p)) {
470                         p++;
471                 }
472
473                 if (*p != ':') {
474                         DEBUG(0, ("getsmbfilepwent: malformed password entry for user %s (no : after uid)\n",
475                                 user_name));
476                         continue;
477                 }
478
479                 pw_buf->smb_name = user_name;
480                 pw_buf->smb_userid = uidval;
481
482                 /*
483                  * Now get the password value - this should be 32 hex digits
484                  * which are the ascii representations of a 16 byte string.
485                  * Get two at a time and put them into the password.
486                  */
487
488                 /* Skip the ':' */
489                 p++;
490
491                 if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
492                         DEBUG(0, ("getsmbfilepwent: malformed password entry for user %s (passwd too short)\n",
493                                 user_name ));
494                         continue;
495                 }
496
497                 if (p[32] != ':') {
498                         DEBUG(0, ("getsmbfilepwent: malformed password entry for user %s (no terminating :)\n",
499                                 user_name));
500                         continue;
501                 }
502
503                 if (strnequal((char *) p, "NO PASSWORD", 11)) {
504                         pw_buf->smb_passwd = NULL;
505                         pw_buf->acct_ctrl |= ACB_PWNOTREQ;
506                 } else {
507                         if (*p == '*' || *p == 'X') {
508                                 /* NULL LM password */
509                                 pw_buf->smb_passwd = NULL;
510                                 DEBUG(10, ("getsmbfilepwent: LM password for user %s invalidated\n", user_name));
511                         } else if (pdb_gethexpwd((char *)p, smbpwd)) {
512                                 pw_buf->smb_passwd = smbpwd;
513                         } else {
514                                 pw_buf->smb_passwd = NULL;
515                                 DEBUG(0, ("getsmbfilepwent: Malformed Lanman password entry for user %s \
516 (non hex chars)\n", user_name));
517                         }
518                 }
519
520                 /* 
521                  * Now check if the NT compatible password is
522                  * available.
523                  */
524                 pw_buf->smb_nt_passwd = NULL;
525                 p += 33; /* Move to the first character of the line after the lanman password. */
526                 if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) {
527                         if (*p != '*' && *p != 'X') {
528                                 if(pdb_gethexpwd((char *)p,smbntpwd)) {
529                                         pw_buf->smb_nt_passwd = smbntpwd;
530                                 }
531                         }
532                         p += 33; /* Move to the first character of the line after the NT password. */
533                 }
534
535                 DEBUG(5,("getsmbfilepwent: returning passwd entry for user %s, uid %ld\n",
536                         user_name, uidval));
537
538                 if (*p == '[') {
539                         unsigned char *end_p = (unsigned char *)strchr_m((char *)p, ']');
540                         pw_buf->acct_ctrl = pdb_decode_acct_ctrl((char*)p);
541
542                         /* Must have some account type set. */
543                         if(pw_buf->acct_ctrl == 0) {
544                                 pw_buf->acct_ctrl = ACB_NORMAL;
545                         }
546
547                         /* Now try and get the last change time. */
548                         if(end_p) {
549                                 p = end_p + 1;
550                         }
551                         if(*p == ':') {
552                                 p++;
553                                 if(*p && (strncasecmp_m((char *)p, "LCT-", 4)==0)) {
554                                         int i;
555                                         p += 4;
556                                         for(i = 0; i < 8; i++) {
557                                                 if(p[i] == '\0' || !isxdigit(p[i])) {
558                                                         break;
559                                                 }
560                                         }
561                                         if(i == 8) {
562                                                 /*
563                                                  * p points at 8 characters of hex digits - 
564                                                  * read into a time_t as the seconds since
565                                                  * 1970 that the password was last changed.
566                                                  */
567                                                 pw_buf->pass_last_set_time = (time_t)strtol((char *)p, NULL, 16);
568                                         }
569                                 }
570                         }
571                 } else {
572                         /* 'Old' style file. Fake up based on user name. */
573                         /*
574                          * Currently trust accounts are kept in the same
575                          * password file as 'normal accounts'. If this changes
576                          * we will have to fix this code. JRA.
577                          */
578                         if(pw_buf->smb_name[strlen(pw_buf->smb_name) - 1] == '$') {
579                                 pw_buf->acct_ctrl &= ~ACB_NORMAL;
580                                 pw_buf->acct_ctrl |= ACB_WSTRUST;
581                         }
582                 }
583
584                 return pw_buf;
585         }
586
587         DEBUG(5,("getsmbfilepwent: end of file reached.\n"));
588         return NULL;
589 }
590
591 /************************************************************************
592  Create a new smbpasswd entry - malloced space returned.
593 *************************************************************************/
594
595 static char *format_new_smbpasswd_entry(const struct smb_passwd *newpwd)
596 {
597         int new_entry_length;
598         char *new_entry;
599         char *p;
600
601         new_entry_length = strlen(newpwd->smb_name) + 1 + 15 + 1 + 32 + 1 + 32 + 1 + 
602                                 NEW_PW_FORMAT_SPACE_PADDED_LEN + 1 + 13 + 2;
603
604         if((new_entry = (char *)SMB_MALLOC( new_entry_length )) == NULL) {
605                 DEBUG(0, ("format_new_smbpasswd_entry: Malloc failed adding entry for user %s.\n",
606                         newpwd->smb_name ));
607                 return NULL;
608         }
609
610         slprintf(new_entry, new_entry_length - 1, "%s:%u:", newpwd->smb_name, (unsigned)newpwd->smb_userid);
611
612         p = new_entry+strlen(new_entry);
613         pdb_sethexpwd(p, newpwd->smb_passwd, newpwd->acct_ctrl);
614         p+=strlen(p);
615         *p = ':';
616         p++;
617
618         pdb_sethexpwd(p, newpwd->smb_nt_passwd, newpwd->acct_ctrl);
619         p+=strlen(p);
620         *p = ':';
621         p++;
622
623         /* Add the account encoding and the last change time. */
624         slprintf((char *)p, new_entry_length - 1 - (p - new_entry),  "%s:LCT-%08X:\n",
625                 pdb_encode_acct_ctrl(newpwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN),
626                 (uint32_t)newpwd->pass_last_set_time);
627
628         return new_entry;
629 }
630
631 /************************************************************************
632  Routine to add an entry to the smbpasswd file.
633 *************************************************************************/
634
635 static NTSTATUS add_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state,
636                                      struct smb_passwd *newpwd)
637 {
638         const char *pfile = smbpasswd_state->smbpasswd_file;
639         struct smb_passwd *pwd = NULL;
640         FILE *fp = NULL;
641         int wr_len;
642         int fd;
643         size_t new_entry_length;
644         char *new_entry;
645         off_t offpos;
646  
647         /* Open the smbpassword file - for update. */
648         fp = startsmbfilepwent(pfile, PWF_UPDATE, &smbpasswd_state->pw_file_lock_depth);
649
650         if (fp == NULL && errno == ENOENT) {
651                 /* Try again - create. */
652                 fp = startsmbfilepwent(pfile, PWF_CREATE, &smbpasswd_state->pw_file_lock_depth);
653         }
654
655         if (fp == NULL) {
656                 DEBUG(0, ("add_smbfilepwd_entry: unable to open file.\n"));
657                 return map_nt_error_from_unix(errno);
658         }
659
660         /*
661          * Scan the file, a line at a time and check if the name matches.
662          */
663
664         while ((pwd = getsmbfilepwent(smbpasswd_state, fp)) != NULL) {
665                 if (strequal(newpwd->smb_name, pwd->smb_name)) {
666                         DEBUG(0, ("add_smbfilepwd_entry: entry with name %s already exists\n", pwd->smb_name));
667                         endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth);
668                         return NT_STATUS_USER_EXISTS;
669                 }
670         }
671
672         /* Ok - entry doesn't exist. We can add it */
673
674         /* Create a new smb passwd entry and set it to the given password. */
675         /* 
676          * The add user write needs to be atomic - so get the fd from 
677          * the fp and do a raw write() call.
678          */
679         fd = fileno(fp);
680
681         if((offpos = lseek(fd, 0, SEEK_END)) == -1) {
682                 NTSTATUS result = map_nt_error_from_unix(errno);
683                 DEBUG(0, ("add_smbfilepwd_entry(lseek): Failed to add entry for user %s to file %s. \
684 Error was %s\n", newpwd->smb_name, pfile, strerror(errno)));
685                 endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth);
686                 return result;
687         }
688
689         if((new_entry = format_new_smbpasswd_entry(newpwd)) == NULL) {
690                 DEBUG(0, ("add_smbfilepwd_entry(malloc): Failed to add entry for user %s to file %s. \
691 Error was %s\n", newpwd->smb_name, pfile, strerror(errno)));
692                 endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth);
693                 return NT_STATUS_NO_MEMORY;
694         }
695
696         new_entry_length = strlen(new_entry);
697
698 #ifdef DEBUG_PASSWORD
699         DEBUG(100, ("add_smbfilepwd_entry(%d): new_entry_len %d made line |%s|", 
700                         fd, (int)new_entry_length, new_entry));
701 #endif
702
703         if ((wr_len = write(fd, new_entry, new_entry_length)) != new_entry_length) {
704                 NTSTATUS result = map_nt_error_from_unix(errno);
705                 DEBUG(0, ("add_smbfilepwd_entry(write): %d Failed to add entry for user %s to file %s. \
706 Error was %s\n", wr_len, newpwd->smb_name, pfile, strerror(errno)));
707
708                 /* Remove the entry we just wrote. */
709                 if(ftruncate(fd, offpos) == -1) {
710                         DEBUG(0, ("add_smbfilepwd_entry: ERROR failed to ftruncate file %s. \
711 Error was %s. Password file may be corrupt ! Please examine by hand !\n", 
712                                 newpwd->smb_name, strerror(errno)));
713                 }
714
715                 endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth);
716                 free(new_entry);
717                 return result;
718         }
719
720         free(new_entry);
721         endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth);
722         return NT_STATUS_OK;
723 }
724
725 /************************************************************************
726  Routine to search the smbpasswd file for an entry matching the username.
727  and then modify its password entry. We can't use the startsmbpwent()/
728  getsmbpwent()/endsmbpwent() interfaces here as we depend on looking
729  in the actual file to decide how much room we have to write data.
730  override = False, normal
731  override = True, override XXXXXXXX'd out password or NO PASS
732 ************************************************************************/
733
734 static bool mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, const struct smb_passwd* pwd)
735 {
736         /* Static buffers we will return. */
737         fstring user_name;
738
739         char *status;
740 #define LINEBUF_SIZE 255
741         char linebuf[LINEBUF_SIZE + 1];
742         char readbuf[1024];
743         int c;
744         fstring ascii_p16;
745         fstring encode_bits;
746         unsigned char *p = NULL;
747         size_t linebuf_len = 0;
748         FILE *fp;
749         int lockfd;
750         const char *pfile = smbpasswd_state->smbpasswd_file;
751         bool found_entry = False;
752         bool got_pass_last_set_time = False;
753
754         off_t pwd_seekpos = 0;
755
756         int i;
757         int wr_len;
758         int fd;
759
760         if (!*pfile) {
761                 DEBUG(0, ("No SMB password file set\n"));
762                 return False;
763         }
764         DEBUG(10, ("mod_smbfilepwd_entry: opening file %s\n", pfile));
765
766         fp = fopen(pfile, "r+");
767
768         if (fp == NULL) {
769                 DEBUG(0, ("mod_smbfilepwd_entry: unable to open file %s\n", pfile));
770                 return False;
771         }
772         /* Set a buffer to do more efficient reads */
773         setvbuf(fp, readbuf, _IOFBF, sizeof(readbuf));
774
775         lockfd = fileno(fp);
776
777         if (!pw_file_lock(lockfd, F_WRLCK, 5, &smbpasswd_state->pw_file_lock_depth)) {
778                 DEBUG(0, ("mod_smbfilepwd_entry: unable to lock file %s\n", pfile));
779                 fclose(fp);
780                 return False;
781         }
782
783         /* Make sure it is only rw by the owner */
784         chmod(pfile, 0600);
785
786         /* We have a write lock on the file. */
787         /*
788          * Scan the file, a line at a time and check if the name matches.
789          */
790         status = linebuf;
791         while (status && !feof(fp)) {
792                 pwd_seekpos = ftell(fp);
793
794                 linebuf[0] = '\0';
795
796                 status = fgets(linebuf, LINEBUF_SIZE, fp);
797                 if (status == NULL && ferror(fp)) {
798                         pw_file_unlock(lockfd, &smbpasswd_state->pw_file_lock_depth);
799                         fclose(fp);
800                         return False;
801                 }
802
803                 /*
804                  * Check if the string is terminated with a newline - if not
805                  * then we must keep reading and discard until we get one.
806                  */
807                 linebuf_len = strlen(linebuf);
808                 if (linebuf[linebuf_len - 1] != '\n') {
809                         c = '\0';
810                         while (!ferror(fp) && !feof(fp)) {
811                                 c = fgetc(fp);
812                                 if (c == '\n') {
813                                         break;
814                                 }
815                         }
816                 } else {
817                         linebuf[linebuf_len - 1] = '\0';
818                 }
819
820 #ifdef DEBUG_PASSWORD
821                 DEBUG(100, ("mod_smbfilepwd_entry: got line |%s|\n", linebuf));
822 #endif
823
824                 if ((linebuf[0] == 0) && feof(fp)) {
825                         DEBUG(4, ("mod_smbfilepwd_entry: end of file reached\n"));
826                         break;
827                 }
828
829                 /*
830                  * The line we have should be of the form :-
831                  * 
832                  * username:uid:[32hex bytes]:....other flags presently
833                  * ignored....
834                  * 
835                  * or,
836                  *
837                  * username:uid:[32hex bytes]:[32hex bytes]:[attributes]:LCT-XXXXXXXX:...ignored.
838                  *
839                  * if Windows NT compatible passwords are also present.
840                  */
841
842                 if (linebuf[0] == '#' || linebuf[0] == '\0') {
843                         DEBUG(6, ("mod_smbfilepwd_entry: skipping comment or blank line\n"));
844                         continue;
845                 }
846
847                 p = (unsigned char *) strchr_m(linebuf, ':');
848
849                 if (p == NULL) {
850                         DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no :)\n"));
851                         continue;
852                 }
853
854                 strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
855                 user_name[PTR_DIFF(p, linebuf)] = '\0';
856                 if (strequal(user_name, pwd->smb_name)) {
857                         found_entry = True;
858                         break;
859                 }
860         }
861
862         if (!found_entry) {
863                 pw_file_unlock(lockfd, &smbpasswd_state->pw_file_lock_depth);
864                 fclose(fp);
865
866                 DEBUG(2, ("Cannot update entry for user %s, as they don't exist in the smbpasswd file!\n",
867                         pwd->smb_name));
868                 return False;
869         }
870
871         DEBUG(6, ("mod_smbfilepwd_entry: entry exists for user %s\n", pwd->smb_name));
872
873         /* User name matches - get uid and password */
874         p++; /* Go past ':' */
875
876         if (!isdigit(*p)) {
877                 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry for user %s (uid not number)\n",
878                         pwd->smb_name));
879                 pw_file_unlock(lockfd, &smbpasswd_state->pw_file_lock_depth);
880                 fclose(fp);
881                 return False;
882         }
883
884         while (*p && isdigit(*p)) {
885                 p++;
886         }
887         if (*p != ':') {
888                 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry for user %s (no : after uid)\n",
889                         pwd->smb_name));
890                 pw_file_unlock(lockfd, &smbpasswd_state->pw_file_lock_depth);
891                 fclose(fp);
892                 return False;
893         }
894
895         /*
896          * Now get the password value - this should be 32 hex digits
897          * which are the ascii representations of a 16 byte string.
898          * Get two at a time and put them into the password.
899          */
900         p++;
901
902         /* Record exact password position */
903         pwd_seekpos += PTR_DIFF(p, linebuf);
904
905         if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
906                 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry for user %s (passwd too short)\n",
907                         pwd->smb_name));
908                 pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
909                 fclose(fp);
910                 return (False);
911         }
912
913         if (p[32] != ':') {
914                 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry for user %s (no terminating :)\n",
915                         pwd->smb_name));
916                 pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
917                 fclose(fp);
918                 return False;
919         }
920
921         /* Now check if the NT compatible password is available. */
922         p += 33; /* Move to the first character of the line after the lanman password. */
923         if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
924                 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry for user %s (passwd too short)\n",
925                         pwd->smb_name));
926                 pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
927                 fclose(fp);
928                 return (False);
929         }
930
931         if (p[32] != ':') {
932                 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry for user %s (no terminating :)\n",
933                         pwd->smb_name));
934                 pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
935                 fclose(fp);
936                 return False;
937         }
938
939         /* 
940          * Now check if the account info and the password last
941          * change time is available.
942          */
943         p += 33; /* Move to the first character of the line after the NT password. */
944
945         if (*p == '[') {
946                 i = 0;
947                 encode_bits[i++] = *p++;
948                 while((linebuf_len > PTR_DIFF(p, linebuf)) && (*p != ']')) {
949                         encode_bits[i++] = *p++;
950                 }
951
952                 encode_bits[i++] = ']';
953                 encode_bits[i++] = '\0';
954
955                 if(i == NEW_PW_FORMAT_SPACE_PADDED_LEN) {
956                         /*
957                          * We are using a new format, space padded
958                          * acct ctrl field. Encode the given acct ctrl
959                          * bits into it.
960                          */
961                         fstrcpy(encode_bits, pdb_encode_acct_ctrl(pwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN));
962                 } else {
963                         DEBUG(0,("mod_smbfilepwd_entry:  Using old smbpasswd format for user %s. \
964 This is no longer supported.!\n", pwd->smb_name));
965                         DEBUG(0,("mod_smbfilepwd_entry:  No changes made, failing.!\n"));
966                         pw_file_unlock(lockfd, &smbpasswd_state->pw_file_lock_depth);
967                         fclose(fp);
968                         return False;
969                 }
970
971                 /* Go past the ']' */
972                 if(linebuf_len > PTR_DIFF(p, linebuf)) {
973                         p++;
974                 }
975
976                 if((linebuf_len > PTR_DIFF(p, linebuf)) && (*p == ':')) {
977                         p++;
978
979                         /* We should be pointing at the LCT entry. */
980                         if((linebuf_len > (PTR_DIFF(p, linebuf) + 13)) && (strncasecmp_m((char *)p, "LCT-", 4) == 0)) {
981                                 p += 4;
982                                 for(i = 0; i < 8; i++) {
983                                         if(p[i] == '\0' || !isxdigit(p[i])) {
984                                                 break;
985                                         }
986                                 }
987                                 if(i == 8) {
988                                         /*
989                                          * p points at 8 characters of hex digits -
990                                          * read into a time_t as the seconds since
991                                          * 1970 that the password was last changed.
992                                          */
993                                         got_pass_last_set_time = True;
994                                 } /* i == 8 */
995                         } /* *p && strncasecmp_m() */
996                 } /* p == ':' */
997         } /* p == '[' */
998
999         /* Entry is correctly formed. */
1000
1001         /* Create the 32 byte representation of the new p16 */
1002         pdb_sethexpwd(ascii_p16, pwd->smb_passwd, pwd->acct_ctrl);
1003
1004         /* Add on the NT md4 hash */
1005         ascii_p16[32] = ':';
1006         wr_len = 66;
1007         pdb_sethexpwd(ascii_p16+33, pwd->smb_nt_passwd, pwd->acct_ctrl);
1008         ascii_p16[65] = ':';
1009         ascii_p16[66] = '\0'; /* null-terminate the string so that strlen works */
1010
1011         /* Add on the account info bits and the time of last password change. */
1012         if(got_pass_last_set_time) {
1013                 slprintf(&ascii_p16[strlen(ascii_p16)], 
1014                         sizeof(ascii_p16)-(strlen(ascii_p16)+1),
1015                         "%s:LCT-%08X:", 
1016                         encode_bits, (uint32_t)pwd->pass_last_set_time );
1017                 wr_len = strlen(ascii_p16);
1018         }
1019
1020 #ifdef DEBUG_PASSWORD
1021         DEBUG(100,("mod_smbfilepwd_entry: "));
1022         dump_data(100, (uint8_t *)ascii_p16, wr_len);
1023 #endif
1024
1025         if(wr_len > LINEBUF_SIZE) {
1026                 DEBUG(0, ("mod_smbfilepwd_entry: line to write (%d) is too long.\n", wr_len+1));
1027                 pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
1028                 fclose(fp);
1029                 return (False);
1030         }
1031
1032         /*
1033          * Do an atomic write into the file at the position defined by
1034          * seekpos.
1035          */
1036
1037         /* The mod user write needs to be atomic - so get the fd from 
1038                 the fp and do a raw write() call.
1039          */
1040
1041         fd = fileno(fp);
1042
1043         if (lseek(fd, pwd_seekpos - 1, SEEK_SET) != pwd_seekpos - 1) {
1044                 DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile));
1045                 pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
1046                 fclose(fp);
1047                 return False;
1048         }
1049
1050         /* Sanity check - ensure the areas we are writing are framed by ':' */
1051         if (read(fd, linebuf, wr_len+1) != wr_len+1) {
1052                 DEBUG(0, ("mod_smbfilepwd_entry: read fail on file %s.\n", pfile));
1053                 pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
1054                 fclose(fp);
1055                 return False;
1056         }
1057
1058         if ((linebuf[0] != ':') || (linebuf[wr_len] != ':'))    {
1059                 DEBUG(0, ("mod_smbfilepwd_entry: check on passwd file %s failed.\n", pfile));
1060                 pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
1061                 fclose(fp);
1062                 return False;
1063         }
1064  
1065         if (lseek(fd, pwd_seekpos, SEEK_SET) != pwd_seekpos) {
1066                 DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile));
1067                 pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
1068                 fclose(fp);
1069                 return False;
1070         }
1071
1072         if (write(fd, ascii_p16, wr_len) != wr_len) {
1073                 DEBUG(0, ("mod_smbfilepwd_entry: write failed in passwd file %s\n", pfile));
1074                 pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
1075                 fclose(fp);
1076                 return False;
1077         }
1078
1079         pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
1080         fclose(fp);
1081         return True;
1082 }
1083
1084 /************************************************************************
1085  Routine to delete an entry in the smbpasswd file by name.
1086 *************************************************************************/
1087
1088 static bool del_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, const char *name)
1089 {
1090         const char *pfile = smbpasswd_state->smbpasswd_file;
1091         char *pfile2 = NULL;
1092         struct smb_passwd *pwd = NULL;
1093         FILE *fp = NULL;
1094         FILE *fp_write = NULL;
1095         int pfile2_lockdepth = 0;
1096
1097         pfile2 = talloc_asprintf(talloc_tos(),
1098                         "%s.%u",
1099                         pfile, (unsigned)getpid());
1100         if (!pfile2) {
1101                 return false;
1102         }
1103
1104         /*
1105          * Open the smbpassword file - for update. It needs to be update
1106          * as we need any other processes to wait until we have replaced
1107          * it.
1108          */
1109
1110         if((fp = startsmbfilepwent(pfile, PWF_UPDATE, &smbpasswd_state->pw_file_lock_depth)) == NULL) {
1111                 DEBUG(0, ("del_smbfilepwd_entry: unable to open file %s.\n", pfile));
1112                 return False;
1113         }
1114
1115         /*
1116          * Create the replacement password file.
1117          */
1118         if((fp_write = startsmbfilepwent(pfile2, PWF_CREATE, &pfile2_lockdepth)) == NULL) {
1119                 DEBUG(0, ("del_smbfilepwd_entry: unable to open file %s.\n", pfile));
1120                 endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth);
1121                 return False;
1122         }
1123
1124         /*
1125          * Scan the file, a line at a time and check if the name matches.
1126          */
1127
1128         while ((pwd = getsmbfilepwent(smbpasswd_state, fp)) != NULL) {
1129                 char *new_entry;
1130                 size_t new_entry_length;
1131
1132                 if (strequal(name, pwd->smb_name)) {
1133                         DEBUG(10, ("del_smbfilepwd_entry: found entry with "
1134                                    "name %s - deleting it.\n", name));
1135                         continue;
1136                 }
1137
1138                 /*
1139                  * We need to copy the entry out into the second file.
1140                  */
1141
1142                 if((new_entry = format_new_smbpasswd_entry(pwd)) == NULL) {
1143                         DEBUG(0, ("del_smbfilepwd_entry(malloc): Failed to copy entry for user %s to file %s. \
1144 Error was %s\n", pwd->smb_name, pfile2, strerror(errno)));
1145                         unlink(pfile2);
1146                         endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth);
1147                         endsmbfilepwent(fp_write, &pfile2_lockdepth);
1148                         return False;
1149                 }
1150
1151                 new_entry_length = strlen(new_entry);
1152
1153                 if(fwrite(new_entry, 1, new_entry_length, fp_write) != new_entry_length) {
1154                         DEBUG(0, ("del_smbfilepwd_entry(write): Failed to copy entry for user %s to file %s. \
1155 Error was %s\n", pwd->smb_name, pfile2, strerror(errno)));
1156                         unlink(pfile2);
1157                         endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth);
1158                         endsmbfilepwent(fp_write, &pfile2_lockdepth);
1159                         free(new_entry);
1160                         return False;
1161                 }
1162
1163                 free(new_entry);
1164         }
1165
1166         /*
1167          * Ensure pfile2 is flushed before rename.
1168          */
1169
1170         if(fflush(fp_write) != 0) {
1171                 DEBUG(0, ("del_smbfilepwd_entry: Failed to flush file %s. Error was %s\n", pfile2, strerror(errno)));
1172                 endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth);
1173                 endsmbfilepwent(fp_write,&pfile2_lockdepth);
1174                 return False;
1175         }
1176
1177         /*
1178          * Do an atomic rename - then release the locks.
1179          */
1180
1181         if(rename(pfile2,pfile) != 0) {
1182                 unlink(pfile2);
1183         }
1184
1185         endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth);
1186         endsmbfilepwent(fp_write,&pfile2_lockdepth);
1187         return True;
1188 }
1189
1190 /*********************************************************************
1191  Create a smb_passwd struct from a struct samu.
1192  We will not allocate any new memory.  The smb_passwd struct
1193  should only stay around as long as the struct samu does.
1194  ********************************************************************/
1195
1196 static bool build_smb_pass (struct smb_passwd *smb_pw, const struct samu *sampass)
1197 {
1198         uint32_t rid;
1199
1200         if (sampass == NULL) 
1201                 return False;
1202         ZERO_STRUCTP(smb_pw);
1203
1204         if (!IS_SAM_DEFAULT(sampass, PDB_USERSID)) {
1205                 rid = pdb_get_user_rid(sampass);
1206
1207                 /* If the user specified a RID, make sure its able to be both stored and retreived */
1208                 if (rid == DOMAIN_RID_GUEST) {
1209                         struct passwd *passwd = Get_Pwnam_alloc(NULL, lp_guest_account());
1210                         if (!passwd) {
1211                                 DEBUG(0, ("Could not find guest account via Get_Pwnam_alloc()! (%s)\n", lp_guest_account()));
1212                                 return False;
1213                         }
1214                         smb_pw->smb_userid=passwd->pw_uid;
1215                         TALLOC_FREE(passwd);
1216                 } else if (algorithmic_pdb_rid_is_user(rid)) {
1217                         smb_pw->smb_userid=algorithmic_pdb_user_rid_to_uid(rid);
1218                 } else {
1219                         DEBUG(0,("build_sam_pass: Failing attempt to store user with non-uid based user RID. \n"));
1220                         return False;
1221                 }
1222         }
1223
1224         smb_pw->smb_name=(const char*)pdb_get_username(sampass);
1225
1226         smb_pw->smb_passwd=pdb_get_lanman_passwd(sampass);
1227         smb_pw->smb_nt_passwd=pdb_get_nt_passwd(sampass);
1228
1229         smb_pw->acct_ctrl=pdb_get_acct_ctrl(sampass);
1230         smb_pw->pass_last_set_time=pdb_get_pass_last_set_time(sampass);
1231
1232         return True;
1233 }       
1234
1235 /*********************************************************************
1236  Create a struct samu from a smb_passwd struct
1237  ********************************************************************/
1238
1239 static bool build_sam_account(struct smbpasswd_privates *smbpasswd_state, 
1240                               struct samu *sam_pass, const struct smb_passwd *pw_buf)
1241 {
1242         struct passwd *pwfile;
1243
1244         if ( !sam_pass ) {
1245                 DEBUG(5,("build_sam_account: struct samu is NULL\n"));
1246                 return False;
1247         }
1248
1249         /* verify the user account exists */
1250
1251         if ( !(pwfile = Get_Pwnam_alloc(NULL, pw_buf->smb_name )) ) {
1252                 DEBUG(0,("build_sam_account: smbpasswd database is corrupt!  username %s with uid "
1253                 "%u is not in unix passwd database!\n", pw_buf->smb_name, pw_buf->smb_userid));
1254                         return False;
1255         }
1256
1257         if ( !NT_STATUS_IS_OK( samu_set_unix(sam_pass, pwfile )) )
1258                 return False;
1259
1260         TALLOC_FREE(pwfile);
1261
1262         /* set remaining fields */
1263
1264         if (!pdb_set_nt_passwd (sam_pass, pw_buf->smb_nt_passwd, PDB_SET))
1265                 return False;
1266         if (!pdb_set_lanman_passwd (sam_pass, pw_buf->smb_passwd, PDB_SET))
1267                 return False;
1268         pdb_set_acct_ctrl (sam_pass, pw_buf->acct_ctrl, PDB_SET);
1269         pdb_set_pass_last_set_time (sam_pass, pw_buf->pass_last_set_time, PDB_SET);
1270         pdb_set_pass_can_change_time (sam_pass, pw_buf->pass_last_set_time, PDB_SET);
1271
1272         return True;
1273 }
1274
1275 /*****************************************************************
1276  Functions to be implemented by the new passdb API 
1277  ****************************************************************/
1278
1279 /****************************************************************
1280  Search smbpasswd file by iterating over the entries.  Do not
1281  call getpwnam() for unix account information until we have found
1282  the correct entry
1283  ***************************************************************/
1284
1285 static NTSTATUS smbpasswd_getsampwnam(struct pdb_methods *my_methods, 
1286                                   struct samu *sam_acct, const char *username)
1287 {
1288         NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
1289         struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)my_methods->private_data;
1290         struct smb_passwd *smb_pw;
1291         FILE *fp = NULL;
1292
1293         DEBUG(10, ("getsampwnam (smbpasswd): search by name: %s\n", username));
1294
1295         /* startsmbfilepwent() is used here as we don't want to lookup
1296            the UNIX account in the local system password file until
1297            we have a match.  */
1298         fp = startsmbfilepwent(smbpasswd_state->smbpasswd_file, PWF_READ, &(smbpasswd_state->pw_file_lock_depth));
1299
1300         if (fp == NULL) {
1301                 DEBUG(0, ("Unable to open passdb database.\n"));
1302                 return nt_status;
1303         }
1304
1305         while ( ((smb_pw=getsmbfilepwent(smbpasswd_state, fp)) != NULL)&& (!strequal(smb_pw->smb_name, username)) )
1306                 /* do nothing....another loop */ ;
1307
1308         endsmbfilepwent(fp, &(smbpasswd_state->pw_file_lock_depth));
1309
1310
1311         /* did we locate the username in smbpasswd  */
1312         if (smb_pw == NULL)
1313                 return nt_status;
1314
1315         DEBUG(10, ("getsampwnam (smbpasswd): found by name: %s\n", smb_pw->smb_name));
1316
1317         if (!sam_acct) {
1318                 DEBUG(10,("getsampwnam (smbpasswd): struct samu is NULL\n"));
1319                 return nt_status;
1320         }
1321
1322         /* now build the struct samu */
1323         if (!build_sam_account(smbpasswd_state, sam_acct, smb_pw))
1324                 return nt_status;
1325
1326         /* success */
1327         return NT_STATUS_OK;
1328 }
1329
1330 static NTSTATUS smbpasswd_getsampwsid(struct pdb_methods *my_methods, struct samu *sam_acct, const struct dom_sid *sid)
1331 {
1332         NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
1333         struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)my_methods->private_data;
1334         struct smb_passwd *smb_pw;
1335         FILE *fp = NULL;
1336         uint32_t rid;
1337
1338         DEBUG(10, ("smbpasswd_getsampwrid: search by sid: %s\n",
1339                    sid_string_dbg(sid)));
1340
1341         if (!sid_peek_check_rid(get_global_sam_sid(), sid, &rid))
1342                 return NT_STATUS_UNSUCCESSFUL;
1343
1344         /* More special case 'guest account' hacks... */
1345         if (rid == DOMAIN_RID_GUEST) {
1346                 const char *guest_account = lp_guest_account();
1347                 if (!(guest_account && *guest_account)) {
1348                         DEBUG(1, ("Guest account not specfied!\n"));
1349                         return nt_status;
1350                 }
1351                 return smbpasswd_getsampwnam(my_methods, sam_acct, guest_account);
1352         }
1353
1354         /* Open the sam password file - not for update. */
1355         fp = startsmbfilepwent(smbpasswd_state->smbpasswd_file, PWF_READ, &(smbpasswd_state->pw_file_lock_depth));
1356
1357         if (fp == NULL) {
1358                 DEBUG(0, ("Unable to open passdb database.\n"));
1359                 return nt_status;
1360         }
1361
1362         while ( ((smb_pw=getsmbfilepwent(smbpasswd_state, fp)) != NULL) && (algorithmic_pdb_uid_to_user_rid(smb_pw->smb_userid) != rid) )
1363                 /* do nothing */ ;
1364
1365         endsmbfilepwent(fp, &(smbpasswd_state->pw_file_lock_depth));
1366
1367
1368         /* did we locate the username in smbpasswd  */
1369         if (smb_pw == NULL)
1370                 return nt_status;
1371
1372         DEBUG(10, ("getsampwrid (smbpasswd): found by name: %s\n", smb_pw->smb_name));
1373
1374         if (!sam_acct) {
1375                 DEBUG(10,("getsampwrid: (smbpasswd) struct samu is NULL\n"));
1376                 return nt_status;
1377         }
1378
1379         /* now build the struct samu */
1380         if (!build_sam_account (smbpasswd_state, sam_acct, smb_pw))
1381                 return nt_status;
1382
1383         /* build_sam_account might change the SID on us, if the name was for the guest account */
1384         if (NT_STATUS_IS_OK(nt_status) && !dom_sid_equal(pdb_get_user_sid(sam_acct), sid)) {
1385                 DEBUG(1, ("looking for user with sid %s instead returned %s "
1386                           "for account %s!?!\n", sid_string_dbg(sid),
1387                           sid_string_dbg(pdb_get_user_sid(sam_acct)),
1388                           pdb_get_username(sam_acct)));
1389                 return NT_STATUS_NO_SUCH_USER;
1390         }
1391
1392         /* success */
1393         return NT_STATUS_OK;
1394 }
1395
1396 static NTSTATUS smbpasswd_add_sam_account(struct pdb_methods *my_methods, struct samu *sampass)
1397 {
1398         struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)my_methods->private_data;
1399         struct smb_passwd smb_pw;
1400
1401         /* convert the struct samu */
1402         if (!build_smb_pass(&smb_pw, sampass)) {
1403                 return NT_STATUS_UNSUCCESSFUL;
1404         }
1405
1406         /* add the entry */
1407         return add_smbfilepwd_entry(smbpasswd_state, &smb_pw);
1408 }
1409
1410 static NTSTATUS smbpasswd_update_sam_account(struct pdb_methods *my_methods, struct samu *sampass)
1411 {
1412         struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)my_methods->private_data;
1413         struct smb_passwd smb_pw;
1414
1415         /* convert the struct samu */
1416         if (!build_smb_pass(&smb_pw, sampass)) {
1417                 DEBUG(0, ("smbpasswd_update_sam_account: build_smb_pass failed!\n"));
1418                 return NT_STATUS_UNSUCCESSFUL;
1419         }
1420
1421         /* update the entry */
1422         if(!mod_smbfilepwd_entry(smbpasswd_state, &smb_pw)) {
1423                 DEBUG(0, ("smbpasswd_update_sam_account: mod_smbfilepwd_entry failed!\n"));
1424                 return NT_STATUS_UNSUCCESSFUL;
1425         }
1426
1427         return NT_STATUS_OK;
1428 }
1429
1430 static NTSTATUS smbpasswd_delete_sam_account (struct pdb_methods *my_methods, struct samu *sampass)
1431 {
1432         struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)my_methods->private_data;
1433
1434         const char *username = pdb_get_username(sampass);
1435
1436         if (del_smbfilepwd_entry(smbpasswd_state, username))
1437                 return NT_STATUS_OK;
1438
1439         return NT_STATUS_UNSUCCESSFUL;
1440 }
1441
1442 static NTSTATUS smbpasswd_rename_sam_account (struct pdb_methods *my_methods, 
1443                                               struct samu *old_acct,
1444                                               const char *newname)
1445 {
1446         char *rename_script = NULL;
1447         struct samu *new_acct = NULL;
1448         bool interim_account = False;
1449         TALLOC_CTX *ctx = talloc_tos();
1450         NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
1451
1452         if (!*(lp_rename_user_script(talloc_tos())))
1453                 goto done;
1454
1455         if ( !(new_acct = samu_new( NULL )) ) {
1456                 return NT_STATUS_NO_MEMORY;
1457         }
1458
1459         if ( !pdb_copy_sam_account( new_acct, old_acct ) 
1460                 || !pdb_set_username(new_acct, newname, PDB_CHANGED)) 
1461         {
1462                 goto done;
1463         }
1464
1465         ret = smbpasswd_add_sam_account(my_methods, new_acct);
1466         if (!NT_STATUS_IS_OK(ret))
1467                 goto done;
1468
1469         interim_account = True;
1470
1471         /* rename the posix user */
1472         rename_script = lp_rename_user_script(ctx);
1473         if (!rename_script) {
1474                 ret = NT_STATUS_NO_MEMORY;
1475                 goto done;
1476         }
1477
1478         if (*rename_script) {
1479                 int rename_ret;
1480
1481                 rename_script = talloc_string_sub2(ctx,
1482                                         rename_script,
1483                                         "%unew",
1484                                         newname,
1485                                         true,
1486                                         false,
1487                                         true);
1488                 if (!rename_script) {
1489                         ret = NT_STATUS_NO_MEMORY;
1490                         goto done;
1491                 }
1492                 rename_script = talloc_string_sub2(ctx,
1493                                         rename_script,
1494                                         "%uold",
1495                                         pdb_get_username(old_acct),
1496                                         true,
1497                                         false,
1498                                         true);
1499                 if (!rename_script) {
1500                         ret = NT_STATUS_NO_MEMORY;
1501                         goto done;
1502                 }
1503
1504                 rename_ret = smbrun(rename_script, NULL, NULL);
1505
1506                 DEBUG(rename_ret ? 0 : 3,("Running the command `%s' gave %d\n", rename_script, rename_ret));
1507
1508                 if (rename_ret == 0) {
1509                         smb_nscd_flush_user_cache();
1510                 }
1511
1512                 if (rename_ret)
1513                         goto done;
1514         } else {
1515                 goto done;
1516         }
1517
1518         smbpasswd_delete_sam_account(my_methods, old_acct);
1519         interim_account = False;
1520
1521 done:
1522         /* cleanup */
1523         if (interim_account)
1524                 smbpasswd_delete_sam_account(my_methods, new_acct);
1525
1526         if (new_acct)
1527                 TALLOC_FREE(new_acct);
1528
1529         return (ret);   
1530 }
1531
1532 static uint32_t smbpasswd_capabilities(struct pdb_methods *methods)
1533 {
1534         return 0;
1535 }
1536
1537 static void free_private_data(void **vp) 
1538 {
1539         struct smbpasswd_privates **privates = (struct smbpasswd_privates**)vp;
1540
1541         endsmbfilepwent((*privates)->pw_file, &((*privates)->pw_file_lock_depth));
1542
1543         *privates = NULL;
1544         /* No need to free any further, as it is talloc()ed */
1545 }
1546
1547 struct smbpasswd_search_state {
1548         uint32_t acct_flags;
1549
1550         struct samr_displayentry *entries;
1551         uint32_t num_entries;
1552         ssize_t array_size;
1553         uint32_t current;
1554 };
1555
1556 static void smbpasswd_search_end(struct pdb_search *search)
1557 {
1558         struct smbpasswd_search_state *state = talloc_get_type_abort(
1559                 search->private_data, struct smbpasswd_search_state);
1560         TALLOC_FREE(state);
1561 }
1562
1563 static bool smbpasswd_search_next_entry(struct pdb_search *search,
1564                                         struct samr_displayentry *entry)
1565 {
1566         struct smbpasswd_search_state *state = talloc_get_type_abort(
1567                 search->private_data, struct smbpasswd_search_state);
1568
1569         if (state->current == state->num_entries) {
1570                 return false;
1571         }
1572
1573         entry->idx = state->entries[state->current].idx;
1574         entry->rid = state->entries[state->current].rid;
1575         entry->acct_flags = state->entries[state->current].acct_flags;
1576
1577         entry->account_name = talloc_strdup(
1578                 search, state->entries[state->current].account_name);
1579         entry->fullname = talloc_strdup(
1580                 search, state->entries[state->current].fullname);
1581         entry->description = talloc_strdup(
1582                 search, state->entries[state->current].description);
1583
1584         if ((entry->account_name == NULL) || (entry->fullname == NULL)
1585             || (entry->description == NULL)) {
1586                 DEBUG(0, ("talloc_strdup failed\n"));
1587                 return false;
1588         }
1589
1590         state->current += 1;
1591         return true;
1592 }
1593
1594 static bool smbpasswd_search_users(struct pdb_methods *methods,
1595                                    struct pdb_search *search,
1596                                    uint32_t acct_flags)
1597 {
1598         struct smbpasswd_privates *smbpasswd_state =
1599                 (struct smbpasswd_privates*)methods->private_data;
1600
1601         struct smbpasswd_search_state *search_state;
1602         struct smb_passwd *pwd;
1603         FILE *fp;
1604
1605         search_state = talloc_zero(search, struct smbpasswd_search_state);
1606         if (search_state == NULL) {
1607                 DEBUG(0, ("talloc failed\n"));
1608                 return false;
1609         }
1610         search_state->acct_flags = acct_flags;
1611
1612         fp = startsmbfilepwent(smbpasswd_state->smbpasswd_file, PWF_READ,
1613                                &smbpasswd_state->pw_file_lock_depth);
1614
1615         if (fp == NULL) {
1616                 DEBUG(10, ("Unable to open smbpasswd file.\n"));
1617                 TALLOC_FREE(search_state);
1618                 return false;
1619         }
1620
1621         while ((pwd = getsmbfilepwent(smbpasswd_state, fp)) != NULL) {
1622                 struct samr_displayentry entry;
1623                 struct samu *user;
1624
1625                 if ((acct_flags != 0)
1626                     && ((acct_flags & pwd->acct_ctrl) == 0)) {
1627                         continue;
1628                 }
1629
1630                 user = samu_new(talloc_tos());
1631                 if (user == NULL) {
1632                         DEBUG(0, ("samu_new failed\n"));
1633                         break;
1634                 }
1635
1636                 if (!build_sam_account(smbpasswd_state, user, pwd)) {
1637                         /* Already got debug msgs... */
1638                         break;
1639                 }
1640
1641                 ZERO_STRUCT(entry);
1642
1643                 entry.acct_flags = pdb_get_acct_ctrl(user);
1644                 sid_peek_rid(pdb_get_user_sid(user), &entry.rid);
1645                 entry.account_name = talloc_strdup(
1646                         search_state, pdb_get_username(user));
1647                 entry.fullname = talloc_strdup(
1648                         search_state, pdb_get_fullname(user));
1649                 entry.description = talloc_strdup(
1650                         search_state, pdb_get_acct_desc(user));
1651
1652                 TALLOC_FREE(user);
1653
1654                 if ((entry.account_name == NULL) || (entry.fullname == NULL)
1655                     || (entry.description == NULL)) {
1656                         DEBUG(0, ("talloc_strdup failed\n"));
1657                         break;
1658                 }
1659
1660                 ADD_TO_LARGE_ARRAY(search_state, struct samr_displayentry,
1661                                    entry, &search_state->entries,
1662                                    &search_state->num_entries,
1663                                    &search_state->array_size);
1664         }
1665
1666         endsmbfilepwent(fp, &(smbpasswd_state->pw_file_lock_depth));
1667
1668         search->private_data = search_state;
1669         search->next_entry = smbpasswd_search_next_entry;
1670         search->search_end = smbpasswd_search_end;
1671
1672         return true;
1673 }
1674
1675 static NTSTATUS pdb_init_smbpasswd( struct pdb_methods **pdb_method, const char *location )
1676 {
1677         NTSTATUS nt_status;
1678         struct smbpasswd_privates *privates;
1679
1680         if ( !NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method )) ) {
1681                 return nt_status;
1682         }
1683
1684         (*pdb_method)->name = "smbpasswd";
1685
1686         (*pdb_method)->getsampwnam = smbpasswd_getsampwnam;
1687         (*pdb_method)->getsampwsid = smbpasswd_getsampwsid;
1688         (*pdb_method)->add_sam_account = smbpasswd_add_sam_account;
1689         (*pdb_method)->update_sam_account = smbpasswd_update_sam_account;
1690         (*pdb_method)->delete_sam_account = smbpasswd_delete_sam_account;
1691         (*pdb_method)->rename_sam_account = smbpasswd_rename_sam_account;
1692         (*pdb_method)->search_users = smbpasswd_search_users;
1693
1694         (*pdb_method)->capabilities = smbpasswd_capabilities;
1695
1696         /* Setup private data and free function */
1697
1698         if ( !(privates = talloc_zero( *pdb_method, struct smbpasswd_privates )) ) {
1699                 DEBUG(0, ("talloc() failed for smbpasswd private_data!\n"));
1700                 return NT_STATUS_NO_MEMORY;
1701         }
1702
1703         /* Store some config details */
1704
1705         if (location) {
1706                 privates->smbpasswd_file = talloc_strdup(*pdb_method, location);
1707         } else {
1708                 privates->smbpasswd_file = talloc_strdup(*pdb_method, lp_smb_passwd_file());
1709         }
1710
1711         if (!privates->smbpasswd_file) {
1712                 DEBUG(0, ("talloc_strdp() failed for storing smbpasswd location!\n"));
1713                 return NT_STATUS_NO_MEMORY;
1714         }
1715
1716         (*pdb_method)->private_data = privates;
1717
1718         (*pdb_method)->free_private_data = free_private_data;
1719
1720         return NT_STATUS_OK;
1721 }
1722
1723 NTSTATUS pdb_smbpasswd_init(TALLOC_CTX *ctx) 
1724 {
1725         return smb_register_passdb(PASSDB_INTERFACE_VERSION, "smbpasswd", pdb_init_smbpasswd);
1726 }