Fix bug #7072 - Accounts can't be unlocked from ldap.
[ira/wip.git] / source3 / passdb / login_cache.c
1 /* 
2    Unix SMB/CIFS implementation.
3    struct samu local cache for 
4    Copyright (C) Jim McDonough (jmcd@us.ibm.com) 2004.
5       
6    This program is free software; you can redistribute it and/or modify
7    it under the terms of the GNU General Public License as published by
8    the Free Software Foundation; either version 3 of the License, or
9    (at your option) any later version.
10    
11    This program is distributed in the hope that it will be useful,
12    but WITHOUT ANY WARRANTY; without even the implied warranty of
13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14    GNU General Public License for more details.
15    
16    You should have received a copy of the GNU General Public License
17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21
22 #undef DBGC_CLASS
23 #define DBGC_CLASS DBGC_PASSDB
24
25 #define LOGIN_CACHE_FILE "login_cache.tdb"
26
27 #define SAM_CACHE_FORMAT "dwwd"
28
29 static TDB_CONTEXT *cache;
30
31 bool login_cache_init(void)
32 {
33         char* cache_fname = NULL;
34         
35         /* skip file open if it's already opened */
36         if (cache) return True;
37
38         cache_fname = cache_path(LOGIN_CACHE_FILE);
39         if (cache_fname == NULL) {
40                 DEBUG(0, ("Filename allocation failed.\n"));
41                 return False;
42         }
43
44         DEBUG(5, ("Opening cache file at %s\n", cache_fname));
45
46         cache = tdb_open_log(cache_fname, 0, TDB_DEFAULT,
47                              O_RDWR|O_CREAT, 0644);
48
49         if (!cache)
50                 DEBUG(5, ("Attempt to open %s failed.\n", cache_fname));
51
52         TALLOC_FREE(cache_fname);
53
54         return (cache ? True : False);
55 }
56
57 bool login_cache_shutdown(void)
58 {
59         /* tdb_close routine returns -1 on error */
60         if (!cache) return False;
61         DEBUG(5, ("Closing cache file\n"));
62         return tdb_close(cache) != -1;
63 }
64
65 /* if we can't read the cache, oh well, no need to return anything */
66 LOGIN_CACHE * login_cache_read(struct samu *sampass)
67 {
68         char *keystr;
69         TDB_DATA databuf;
70         LOGIN_CACHE *entry;
71         uint32_t entry_timestamp = 0, bad_password_time = 0;
72
73         if (!login_cache_init())
74                 return NULL;
75
76         if (pdb_get_nt_username(sampass) == NULL) {
77                 return NULL;
78         }
79
80         keystr = SMB_STRDUP(pdb_get_nt_username(sampass));
81         if (!keystr || !keystr[0]) {
82                 SAFE_FREE(keystr);
83                 return NULL;
84         }
85
86         DEBUG(7, ("Looking up login cache for user %s\n",
87                   keystr));
88         databuf = tdb_fetch_bystring(cache, keystr);
89         SAFE_FREE(keystr);
90
91         if (!(entry = SMB_MALLOC_P(LOGIN_CACHE))) {
92                 DEBUG(1, ("Unable to allocate cache entry buffer!\n"));
93                 SAFE_FREE(databuf.dptr);
94                 return NULL;
95         }
96         ZERO_STRUCTP(entry);
97
98         if (tdb_unpack (databuf.dptr, databuf.dsize, SAM_CACHE_FORMAT,
99                         &entry->entry_timestamp, &entry->acct_ctrl, 
100                         &entry->bad_password_count,
101                         &bad_password_time) == -1) {
102                 DEBUG(7, ("No cache entry found\n"));
103                 SAFE_FREE(entry);
104                 SAFE_FREE(databuf.dptr);
105                 return NULL;
106         }
107
108         /* Deal with possible 64-bit time_t. */
109         entry->entry_timestamp = (time_t)entry_timestamp;
110         entry->bad_password_time = (time_t)bad_password_time;
111
112         SAFE_FREE(databuf.dptr);
113
114         DEBUG(5, ("Found login cache entry: timestamp %12u, flags 0x%x, count %d, time %12u\n",
115                   (unsigned int)entry->entry_timestamp, entry->acct_ctrl, 
116                   entry->bad_password_count, (unsigned int)entry->bad_password_time));
117         return entry;
118 }
119
120 bool login_cache_write(const struct samu *sampass, LOGIN_CACHE entry)
121 {
122         char *keystr;
123         TDB_DATA databuf;
124         bool ret;
125         uint32_t entry_timestamp;
126         uint32_t bad_password_time = (uint32_t)entry.bad_password_time;
127
128         if (!login_cache_init())
129                 return False;
130
131         if (pdb_get_nt_username(sampass) == NULL) {
132                 return False;
133         }
134
135         keystr = SMB_STRDUP(pdb_get_nt_username(sampass));
136         if (!keystr || !keystr[0]) {
137                 SAFE_FREE(keystr);
138                 return False;
139         }
140
141         entry_timestamp = (uint32_t)time(NULL);
142
143         databuf.dsize = 
144                 tdb_pack(NULL, 0, SAM_CACHE_FORMAT,
145                          entry_timestamp,
146                          entry.acct_ctrl,
147                          entry.bad_password_count,
148                          bad_password_time);
149         databuf.dptr = SMB_MALLOC_ARRAY(uint8, databuf.dsize);
150         if (!databuf.dptr) {
151                 SAFE_FREE(keystr);
152                 return False;
153         }
154                          
155         if (tdb_pack(databuf.dptr, databuf.dsize, SAM_CACHE_FORMAT,
156                          entry_timestamp,
157                          entry.acct_ctrl,
158                          entry.bad_password_count,
159                          bad_password_time)
160             != databuf.dsize) {
161                 SAFE_FREE(keystr);
162                 SAFE_FREE(databuf.dptr);
163                 return False;
164         }
165
166         ret = tdb_store_bystring(cache, keystr, databuf, 0);
167         SAFE_FREE(keystr);
168         SAFE_FREE(databuf.dptr);
169         return ret == 0;
170 }
171
172 bool login_cache_delentry(const struct samu *sampass)
173 {
174         int ret;
175         char *keystr;
176         
177         if (!login_cache_init()) 
178                 return False;   
179
180         if (pdb_get_nt_username(sampass) == NULL) {
181                 return False;
182         }
183
184         keystr = SMB_STRDUP(pdb_get_nt_username(sampass));
185         if (!keystr || !keystr[0]) {
186                 SAFE_FREE(keystr);
187                 return False;
188         }
189
190         DEBUG(9, ("About to delete entry for %s\n", keystr));
191         ret = tdb_delete_bystring(cache, keystr);
192         DEBUG(9, ("tdb_delete returned %d\n", ret));
193         
194         SAFE_FREE(keystr);
195         return ret == 0;
196 }