Commit the auth associated changes I missed from the last commit.
[ira/wip.git] / source3 / passdb / pdb_get_set.c
1 /* 
2    Unix SMB/Netbios implementation.
3    Version 3.0
4    SAM_ACCOUNT access routines
5    Copyright (C) Jeremy Allison                 1996-2001
6    Copyright (C) Luke Kenneth Casson Leighton   1996-1998
7    Copyright (C) Gerald (Jerry) Carter          2000-2001
8    Copyright (C) Andrew Bartlett                2001-2002
9       
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 2 of the License, or
13    (at your option) any later version.
14    
15    This program is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19    
20    You should have received a copy of the GNU General Public License
21    along with this program; if not, write to the Free Software
22    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 */
24
25 #include "includes.h"
26
27 /**
28  * @todo Redefine this to NULL, but this changes the API becouse
29  *       much of samba assumes that the pdb_get...() funtions 
30  *       return pstrings.  (ie not null-pointers).
31  *       See also pdb_fill_default_sam().
32  */
33
34 #define PDB_NOT_QUITE_NULL ""
35
36 /*********************************************************************
37  Collection of get...() functions for SAM_ACCOUNT_INFO.
38  ********************************************************************/
39
40 uint16 pdb_get_acct_ctrl (const SAM_ACCOUNT *sampass)
41 {
42         if (sampass)
43                 return (sampass->private.acct_ctrl);
44         else
45                 return (ACB_DISABLED);
46 }
47
48 time_t pdb_get_logon_time (const SAM_ACCOUNT *sampass)
49 {
50         if (sampass)
51                 return (sampass->private.logon_time);
52         else
53                 return (0);
54 }
55
56 time_t pdb_get_logoff_time (const SAM_ACCOUNT *sampass)
57 {
58         if (sampass)
59                 return (sampass->private.logoff_time);
60         else
61                 return (-1);
62 }
63
64 time_t pdb_get_kickoff_time (const SAM_ACCOUNT *sampass)
65 {
66         if (sampass)
67                 return (sampass->private.kickoff_time);
68         else
69                 return (-1);
70 }
71
72 time_t pdb_get_pass_last_set_time (const SAM_ACCOUNT *sampass)
73 {
74         if (sampass)
75                 return (sampass->private.pass_last_set_time);
76         else
77                 return (-1);
78 }
79
80 time_t pdb_get_pass_can_change_time (const SAM_ACCOUNT *sampass)
81 {
82         if (sampass)
83                 return (sampass->private.pass_can_change_time);
84         else
85                 return (-1);
86 }
87
88 time_t pdb_get_pass_must_change_time (const SAM_ACCOUNT *sampass)
89 {
90         if (sampass)
91                 return (sampass->private.pass_must_change_time);
92         else
93                 return (-1);
94 }
95
96 uint16 pdb_get_logon_divs (const SAM_ACCOUNT *sampass)
97 {
98         if (sampass)
99                 return (sampass->private.logon_divs);
100         else
101                 return (-1);
102 }
103
104 uint32 pdb_get_hours_len (const SAM_ACCOUNT *sampass)
105 {
106         if (sampass)
107                 return (sampass->private.hours_len);
108         else
109                 return (-1);
110 }
111
112 const uint8* pdb_get_hours (const SAM_ACCOUNT *sampass)
113 {
114         if (sampass)
115                 return (sampass->private.hours);
116         else
117                 return (NULL);
118 }
119
120 const uint8* pdb_get_nt_passwd (const SAM_ACCOUNT *sampass)
121 {
122         if (sampass) {
123                 SMB_ASSERT((!sampass->private.nt_pw.data) 
124                            || sampass->private.nt_pw.length == NT_HASH_LEN);
125                 return ((uint8*)sampass->private.nt_pw.data);
126         }
127         else
128                 return (NULL);
129 }
130
131 const uint8* pdb_get_lanman_passwd (const SAM_ACCOUNT *sampass)
132 {
133         if (sampass) {
134                 SMB_ASSERT((!sampass->private.lm_pw.data) 
135                            || sampass->private.lm_pw.length == LM_HASH_LEN);
136                 return ((uint8*)sampass->private.lm_pw.data);
137         }
138         else
139                 return (NULL);
140 }
141
142 uint32 pdb_get_user_rid (const SAM_ACCOUNT *sampass)
143 {
144         if (sampass)
145                 return (sampass->private.user_rid);
146         else
147                 return (-1);
148 }
149
150 uint32 pdb_get_group_rid (const SAM_ACCOUNT *sampass)
151 {
152         if (sampass)
153                 return (sampass->private.group_rid);
154         else
155                 return (-1);
156 }
157
158 /**
159  * Get flags showing what is initalised in the SAM_ACCOUNT
160  * @param sampass the SAM_ACCOUNT in question
161  * @return the flags indicating the members initialised in the struct.
162  **/
163  
164 uint32 pdb_get_init_flag (SAM_ACCOUNT *sampass)
165 {
166         if (sampass)
167                 return sampass->private.init_flag;
168         else 
169                 return FLAG_SAM_UNINIT;
170 }
171
172 uid_t pdb_get_uid (const SAM_ACCOUNT *sampass)
173 {
174         if (sampass)
175                 return (sampass->private.uid);
176         else
177                 return (-1);
178 }
179
180 gid_t pdb_get_gid (const SAM_ACCOUNT *sampass)
181 {
182         if (sampass)
183                 return (sampass->private.gid);
184         else
185                 return (-1);
186 }
187
188 const char* pdb_get_username (const SAM_ACCOUNT *sampass)
189 {
190         if (sampass)
191                 return (sampass->private.username);
192         else
193                 return (NULL);
194 }
195
196 const char* pdb_get_domain (const SAM_ACCOUNT *sampass)
197 {
198         if (sampass)
199                 return (sampass->private.domain);
200         else
201                 return (NULL);
202 }
203
204 const char* pdb_get_nt_username (const SAM_ACCOUNT *sampass)
205 {
206         if (sampass)
207                 return (sampass->private.nt_username);
208         else
209                 return (NULL);
210 }
211
212 const char* pdb_get_fullname (const SAM_ACCOUNT *sampass)
213 {
214         if (sampass)
215                 return (sampass->private.full_name);
216         else
217                 return (NULL);
218 }
219
220 const char* pdb_get_homedir (const SAM_ACCOUNT *sampass)
221 {
222         if (sampass)
223                 return (sampass->private.home_dir);
224         else
225                 return (NULL);
226 }
227
228 const char* pdb_get_dirdrive (const SAM_ACCOUNT *sampass)
229 {
230         if (sampass)
231                 return (sampass->private.dir_drive);
232         else
233                 return (NULL);
234 }
235
236 const char* pdb_get_logon_script (const SAM_ACCOUNT *sampass)
237 {
238         if (sampass)
239                 return (sampass->private.logon_script);
240         else
241                 return (NULL);
242 }
243
244 const char* pdb_get_profile_path (const SAM_ACCOUNT *sampass)
245 {
246         if (sampass)
247                 return (sampass->private.profile_path);
248         else
249                 return (NULL);
250 }
251
252 const char* pdb_get_acct_desc (const SAM_ACCOUNT *sampass)
253 {
254         if (sampass)
255                 return (sampass->private.acct_desc);
256         else
257                 return (NULL);
258 }
259
260 const char* pdb_get_workstations (const SAM_ACCOUNT *sampass)
261 {
262         if (sampass)
263                 return (sampass->private.workstations);
264         else
265                 return (NULL);
266 }
267
268 const char* pdb_get_unknown_str (const SAM_ACCOUNT *sampass)
269 {
270         if (sampass)
271                 return (sampass->private.unknown_str);
272         else
273                 return (NULL);
274 }
275
276 const char* pdb_get_munged_dial (const SAM_ACCOUNT *sampass)
277 {
278         if (sampass)
279                 return (sampass->private.munged_dial);
280         else
281                 return (NULL);
282 }
283
284 uint32 pdb_get_unknown3 (const SAM_ACCOUNT *sampass)
285 {
286         if (sampass)
287                 return (sampass->private.unknown_3);
288         else
289                 return (-1);
290 }
291
292 uint32 pdb_get_unknown5 (const SAM_ACCOUNT *sampass)
293 {
294         if (sampass)
295                 return (sampass->private.unknown_5);
296         else
297                 return (-1);
298 }
299
300 uint32 pdb_get_unknown6 (const SAM_ACCOUNT *sampass)
301 {
302         if (sampass)
303                 return (sampass->private.unknown_6);
304         else
305                 return (-1);
306 }
307
308 /*********************************************************************
309  Collection of set...() functions for SAM_ACCOUNT_INFO.
310  ********************************************************************/
311
312 BOOL pdb_set_acct_ctrl (SAM_ACCOUNT *sampass, uint16 flags)
313 {
314         if (!sampass)
315                 return False;
316                 
317         if (sampass) {
318                 sampass->private.acct_ctrl = flags;
319                 return True;
320         }
321         
322         return False;
323 }
324
325 BOOL pdb_set_logon_time (SAM_ACCOUNT *sampass, time_t mytime)
326 {
327         if (!sampass)
328                 return False;
329
330         sampass->private.logon_time = mytime;
331         return True;
332 }
333
334 BOOL pdb_set_logoff_time (SAM_ACCOUNT *sampass, time_t mytime)
335 {
336         if (!sampass)
337                 return False;
338
339         sampass->private.logoff_time = mytime;
340         return True;
341 }
342
343 BOOL pdb_set_kickoff_time (SAM_ACCOUNT *sampass, time_t mytime)
344 {
345         if (!sampass)
346                 return False;
347
348         sampass->private.kickoff_time = mytime;
349         return True;
350 }
351
352 BOOL pdb_set_pass_can_change_time (SAM_ACCOUNT *sampass, time_t mytime)
353 {
354         if (!sampass)
355                 return False;
356
357         sampass->private.pass_can_change_time = mytime;
358         return True;
359 }
360
361 BOOL pdb_set_pass_must_change_time (SAM_ACCOUNT *sampass, time_t mytime)
362 {
363         if (!sampass)
364                 return False;
365
366         sampass->private.pass_must_change_time = mytime;
367         return True;
368 }
369
370 BOOL pdb_set_pass_last_set_time (SAM_ACCOUNT *sampass, time_t mytime)
371 {
372         if (!sampass)
373                 return False;
374
375         sampass->private.pass_last_set_time = mytime;
376         return True;
377 }
378
379 BOOL pdb_set_hours_len (SAM_ACCOUNT *sampass, uint32 len)
380 {
381         if (!sampass)
382                 return False;
383
384         sampass->private.hours_len = len;
385         return True;
386 }
387
388 BOOL pdb_set_logon_divs (SAM_ACCOUNT *sampass, uint16 hours)
389 {
390         if (!sampass)
391                 return False;
392
393         sampass->private.logon_divs = hours;
394         return True;
395 }
396
397 /**
398  * Set flags showing what is initalised in the SAM_ACCOUNT
399  * @param sampass the SAM_ACCOUNT in question
400  * @param flag The *new* flag to be set.  Old flags preserved
401  *             this flag is only added.  
402  **/
403  
404 BOOL pdb_set_init_flag (SAM_ACCOUNT *sampass, uint32 flag)
405 {
406         if (!sampass)
407                 return False;
408
409         sampass->private.init_flag |= flag;
410
411         return True;
412 }
413
414 BOOL pdb_set_uid (SAM_ACCOUNT *sampass, const uid_t uid)
415 {
416         if (!sampass)
417                 return False;
418         
419         DEBUG(10, ("pdb_set_uid: setting uid %d, was %d\n", 
420                    (int)uid, (int)sampass->private.uid));
421  
422         sampass->private.uid = uid;
423         pdb_set_init_flag(sampass, FLAG_SAM_UID); 
424
425         return True;
426
427 }
428
429 BOOL pdb_set_gid (SAM_ACCOUNT *sampass, const gid_t gid)
430 {
431         if (!sampass)
432                 return False;
433                 
434         DEBUG(10, ("pdb_set_gid: setting gid %d, was %d\n", 
435                    (int)gid, (int)sampass->private.gid));
436  
437         sampass->private.gid = gid; 
438         pdb_set_init_flag(sampass, FLAG_SAM_GID); 
439
440         return True;
441
442 }
443
444 BOOL pdb_set_user_rid (SAM_ACCOUNT *sampass, uint32 rid)
445 {
446         if (!sampass)
447                 return False;
448
449         DEBUG(10, ("pdb_set_rid: setting user rid %d, was %d\n", 
450                    rid, sampass->private.user_rid));
451  
452         sampass->private.user_rid = rid;
453         return True;
454 }
455
456 BOOL pdb_set_group_rid (SAM_ACCOUNT *sampass, uint32 grid)
457 {
458         if (!sampass)
459                 return False;
460
461         DEBUG(10, ("pdb_set_group_rid: setting group rid %d, was %d\n", 
462                    grid, sampass->private.group_rid));
463  
464         sampass->private.group_rid = grid;
465         return True;
466 }
467
468 /*********************************************************************
469  Set the user's UNIX name.
470  ********************************************************************/
471
472 BOOL pdb_set_username(SAM_ACCOUNT *sampass, const char *username)
473 {       
474         if (!sampass)
475                 return False;
476
477         DEBUG(10, ("pdb_set_username: setting username %s, was %s\n", 
478                    username, sampass->private.username));
479  
480         if (username) { 
481                 sampass->private.username = talloc_strdup(sampass->mem_ctx, username);
482         } else {
483                 sampass->private.username = PDB_NOT_QUITE_NULL;
484         }
485
486         return True;
487 }
488
489 /*********************************************************************
490  Set the domain name.
491  ********************************************************************/
492
493 BOOL pdb_set_domain(SAM_ACCOUNT *sampass, const char *domain)
494 {       
495         if (!sampass)
496                 return False;
497
498         DEBUG(10, ("pdb_set_domain: setting domain %s, was %s\n", 
499                    domain, sampass->private.domain));
500  
501         if (domain) { 
502                 sampass->private.domain = talloc_strdup(sampass->mem_ctx, domain);
503         } else {
504                 sampass->private.domain = PDB_NOT_QUITE_NULL;
505         }
506
507         return True;
508 }
509
510 /*********************************************************************
511  Set the user's NT name.
512  ********************************************************************/
513
514 BOOL pdb_set_nt_username(SAM_ACCOUNT *sampass, const char *nt_username)
515 {
516         if (!sampass)
517                 return False;
518
519         DEBUG(10, ("pdb_set_nt_username: setting nt username %s, was %s\n", 
520                    nt_username, sampass->private.nt_username));
521  
522         if (nt_username) { 
523                 sampass->private.nt_username = talloc_strdup(sampass->mem_ctx, nt_username);
524         } else {
525                 sampass->private.nt_username = PDB_NOT_QUITE_NULL;
526         }
527
528         return True;
529 }
530
531 /*********************************************************************
532  Set the user's full name.
533  ********************************************************************/
534
535 BOOL pdb_set_fullname(SAM_ACCOUNT *sampass, const char *full_name)
536 {
537         if (!sampass)
538                 return False;
539
540         DEBUG(10, ("pdb_set_full_name: setting full name %s, was %s\n", 
541                    full_name, sampass->private.full_name));
542         
543         if (full_name) { 
544                 sampass->private.full_name = talloc_strdup(sampass->mem_ctx, full_name);
545         } else {
546                 sampass->private.full_name = PDB_NOT_QUITE_NULL;
547         }
548
549         return True;
550 }
551
552 /*********************************************************************
553  Set the user's logon script.
554  ********************************************************************/
555
556 BOOL pdb_set_logon_script(SAM_ACCOUNT *sampass, const char *logon_script, BOOL store)
557 {
558         if (!sampass)
559                 return False;
560
561         DEBUG(10, ("pdb_set_logon_script: setting logon script (store:%d) %s, was %s\n", 
562                    store, logon_script, sampass->private.logon_script));
563  
564         if (logon_script) { 
565                 sampass->private.logon_script = talloc_strdup(sampass->mem_ctx, logon_script);
566         } else {
567                 sampass->private.logon_script = PDB_NOT_QUITE_NULL;
568         }
569         
570         if (store)
571                 pdb_set_init_flag(sampass, FLAG_SAM_LOGONSCRIPT); 
572
573         return True;
574 }
575
576 /*********************************************************************
577  Set the user's profile path.
578  ********************************************************************/
579
580 BOOL pdb_set_profile_path (SAM_ACCOUNT *sampass, const char *profile_path, BOOL store)
581 {
582         if (!sampass)
583                 return False;
584
585         DEBUG(10, ("pdb_set_profile_path: setting profile path (store:%d) %s, was %s\n", 
586                    store, profile_path, sampass->private.profile_path));
587  
588         if (profile_path) { 
589                 sampass->private.profile_path = talloc_strdup(sampass->mem_ctx, profile_path);
590         } else {
591                 sampass->private.profile_path = PDB_NOT_QUITE_NULL;
592         }
593
594         if (store)
595                 pdb_set_init_flag(sampass, FLAG_SAM_PROFILE);
596
597         return True;
598 }
599
600 /*********************************************************************
601  Set the user's directory drive.
602  ********************************************************************/
603
604 BOOL pdb_set_dir_drive (SAM_ACCOUNT *sampass, const char *dir_drive, BOOL store)
605 {
606         if (!sampass)
607                 return False;
608
609         if (dir_drive) { 
610                 sampass->private.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive);
611         } else {
612                 sampass->private.dir_drive = PDB_NOT_QUITE_NULL;
613         }
614         
615         if (store)
616                 pdb_set_init_flag(sampass, FLAG_SAM_DRIVE);
617
618         return True;
619 }
620
621 /*********************************************************************
622  Set the user's home directory.
623  ********************************************************************/
624
625 BOOL pdb_set_homedir (SAM_ACCOUNT *sampass, const char *home_dir, BOOL store)
626 {
627         if (!sampass)
628                 return False;
629
630         if (home_dir) { 
631                 sampass->private.home_dir = talloc_strdup(sampass->mem_ctx, home_dir);
632         } else {
633                 sampass->private.home_dir = PDB_NOT_QUITE_NULL;
634         }
635
636         if (store)
637                 pdb_set_init_flag(sampass, FLAG_SAM_SMBHOME);
638
639         return True;
640 }
641
642 /*********************************************************************
643  Set the user's account description.
644  ********************************************************************/
645
646 BOOL pdb_set_acct_desc (SAM_ACCOUNT *sampass, const char *acct_desc)
647 {
648         if (!sampass)
649                 return False;
650
651         if (acct_desc) { 
652                 sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc);
653         } else {
654                 sampass->private.acct_desc = PDB_NOT_QUITE_NULL;
655         }
656
657         return True;
658 }
659
660 /*********************************************************************
661  Set the user's workstation allowed list.
662  ********************************************************************/
663
664 BOOL pdb_set_workstations (SAM_ACCOUNT *sampass, const char *workstations)
665 {
666         if (!sampass)
667                 return False;
668
669         if (workstations) { 
670                 sampass->private.workstations = talloc_strdup(sampass->mem_ctx, workstations);
671         } else {
672                 sampass->private.workstations = PDB_NOT_QUITE_NULL;
673         }
674
675         return True;
676 }
677
678 /*********************************************************************
679  Set the user's 'unknown_str', whatever the heck this actually is...
680  ********************************************************************/
681
682 BOOL pdb_set_unknown_str (SAM_ACCOUNT *sampass, const char *unknown_str)
683 {
684         if (!sampass)
685                 return False;
686
687         if (unknown_str) { 
688                 sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str);
689         } else {
690                 sampass->private.unknown_str = PDB_NOT_QUITE_NULL;
691         }
692
693         return True;
694 }
695
696 /*********************************************************************
697  Set the user's dial string.
698  ********************************************************************/
699
700 BOOL pdb_set_munged_dial (SAM_ACCOUNT *sampass, const char *munged_dial)
701 {
702         if (!sampass)
703                 return False;
704         if (munged_dial) { 
705                 sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial);
706         } else {
707                 sampass->private.munged_dial = PDB_NOT_QUITE_NULL;
708         }
709
710         return True;
711 }
712
713 /*********************************************************************
714  Set the user's NT hash.
715  ********************************************************************/
716
717 BOOL pdb_set_nt_passwd (SAM_ACCOUNT *sampass, const uint8 *pwd)
718 {
719         if (!sampass)
720                 return False;
721
722         data_blob_clear_free(&sampass->private.nt_pw);
723         
724         sampass->private.nt_pw = data_blob(pwd, NT_HASH_LEN);
725
726         return True;
727 }
728
729 /*********************************************************************
730  Set the user's LM hash.
731  ********************************************************************/
732
733 BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, const uint8 *pwd)
734 {
735         if (!sampass)
736                 return False;
737
738         data_blob_clear_free(&sampass->private.lm_pw);
739         
740         sampass->private.lm_pw = data_blob(pwd, LM_HASH_LEN);
741
742         return True;
743 }
744
745 BOOL pdb_set_unknown_3 (SAM_ACCOUNT *sampass, uint32 unkn)
746 {
747         if (!sampass)
748                 return False;
749
750         sampass->private.unknown_3 = unkn;
751         return True;
752 }
753
754 BOOL pdb_set_unknown_5 (SAM_ACCOUNT *sampass, uint32 unkn)
755 {
756         if (!sampass)
757                 return False;
758
759         sampass->private.unknown_5 = unkn;
760         return True;
761 }
762
763 BOOL pdb_set_unknown_6 (SAM_ACCOUNT *sampass, uint32 unkn)
764 {
765         if (!sampass)
766                 return False;
767
768         sampass->private.unknown_6 = unkn;
769         return True;
770 }
771
772 BOOL pdb_set_hours (SAM_ACCOUNT *sampass, const uint8 *hours)
773 {
774         if (!sampass)
775                 return False;
776
777         if (!hours) {
778                 memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN);
779                 return True;
780         }
781         
782         memcpy (sampass->private.hours, hours, MAX_HOURS_LEN);
783
784         return True;
785 }
786
787
788 /* Helpful interfaces to the above */
789
790 /*********************************************************************
791  Sets the last changed times and must change times for a normal
792  password change.
793  ********************************************************************/
794
795 BOOL pdb_set_pass_changed_now (SAM_ACCOUNT *sampass)
796 {
797         uint32 expire;
798
799         if (!sampass)
800                 return False;
801         
802         if (!pdb_set_pass_last_set_time (sampass, time(NULL)))
803                 return False;
804
805         account_policy_get(AP_MAX_PASSWORD_AGE, &expire);
806
807         if (expire==(uint32)-1) {
808                 if (!pdb_set_pass_must_change_time (sampass, 0))
809                         return False;
810         } else {
811                 if (!pdb_set_pass_must_change_time (sampass, 
812                                             pdb_get_pass_last_set_time(sampass)
813                                             + expire))
814                         return False;
815         }
816         
817         return True;
818 }
819
820 /*********************************************************************
821  Set the user's PLAINTEXT password.  Used as an interface to the above.
822  Also sets the last change time to NOW.
823  ********************************************************************/
824
825 BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, const char *plaintext)
826 {
827         uchar new_lanman_p16[16];
828         uchar new_nt_p16[16];
829
830         if (!sampass || !plaintext)
831                 return False;
832         
833         nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16);
834
835         if (!pdb_set_nt_passwd (sampass, new_nt_p16)) 
836                 return False;
837
838         if (!pdb_set_lanman_passwd (sampass, new_lanman_p16)) 
839                 return False;
840         
841         if (!pdb_set_pass_changed_now (sampass))
842                 return False;
843
844         return True;
845 }
846