2 Unix SMB/CIFS implementation.
3 Password and authentication handling
4 Copyright (C) Andrew Bartlett 2002
5 Copyright (C) Jelmer Vernooij 2002
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 #define DBGC_CLASS DBGC_PASSDB
27 static struct pdb_init_function_entry *backends = NULL;
29 static void lazy_initialize_passdb(void)
31 static BOOL initialized = FALSE;
32 if(initialized)return;
37 BOOL smb_register_passdb(const char *name, pdb_init_function init, int version)
39 struct pdb_init_function_entry *entry = backends;
41 if(version != PASSDB_INTERFACE_VERSION)
44 DEBUG(5,("Attempting to register passdb backend %s\n", name));
46 /* Check for duplicates */
48 if(strcasecmp(name, entry->name) == 0) {
49 DEBUG(0,("There already is a passdb backend registered with the name %s!\n", name));
55 entry = smb_xmalloc(sizeof(struct pdb_init_function_entry));
56 entry->name = smb_xstrdup(name);
59 DLIST_ADD(backends, entry);
60 DEBUG(5,("Successfully added passdb backend '%s'\n", name));
64 struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
66 struct pdb_init_function_entry *entry = backends;
69 if (strequal(entry->name, name)) return entry;
76 static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update)
78 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
81 DEBUG(0, ("invalid pdb_context specified!\n"));
85 context->pwent_methods = context->pdb_methods;
87 if (!context->pwent_methods) {
88 /* No passdbs at all */
92 while (NT_STATUS_IS_ERR(ret = context->pwent_methods->setsampwent(context->pwent_methods, update))) {
93 context->pwent_methods = context->pwent_methods->next;
94 if (context->pwent_methods == NULL)
95 return NT_STATUS_UNSUCCESSFUL;
100 static void context_endsampwent(struct pdb_context *context)
103 DEBUG(0, ("invalid pdb_context specified!\n"));
107 if (context->pwent_methods && context->pwent_methods->endsampwent)
108 context->pwent_methods->endsampwent(context->pwent_methods);
110 /* So we won't get strange data when calling getsampwent now */
111 context->pwent_methods = NULL;
114 static NTSTATUS context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *user)
116 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
118 if ((!context) || (!context->pwent_methods)) {
119 DEBUG(0, ("invalid pdb_context specified!\n"));
122 /* Loop until we find something useful */
123 while (NT_STATUS_IS_ERR(ret = context->pwent_methods->getsampwent(context->pwent_methods, user))) {
125 context->pwent_methods->endsampwent(context->pwent_methods);
127 context->pwent_methods = context->pwent_methods->next;
129 /* All methods are checked now. There are no more entries */
130 if (context->pwent_methods == NULL)
133 context->pwent_methods->setsampwent(context->pwent_methods, False);
135 user->methods = context->pwent_methods;
139 static NTSTATUS context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const char *username)
141 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
143 struct pdb_methods *curmethods;
145 DEBUG(0, ("invalid pdb_context specified!\n"));
148 curmethods = context->pdb_methods;
150 if (NT_STATUS_IS_OK(ret = curmethods->getsampwnam(curmethods, sam_acct, username))) {
151 sam_acct->methods = curmethods;
154 curmethods = curmethods->next;
160 static NTSTATUS context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
162 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
164 struct pdb_methods *curmethods;
166 DEBUG(0, ("invalid pdb_context specified!\n"));
170 curmethods = context->pdb_methods;
173 if (NT_STATUS_IS_OK(ret = curmethods->getsampwsid(curmethods, sam_acct, sid))) {
174 sam_acct->methods = curmethods;
177 curmethods = curmethods->next;
183 static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
185 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
187 if ((!context) || (!context->pdb_methods)) {
188 DEBUG(0, ("invalid pdb_context specified!\n"));
192 /** @todo This is where a 're-read on add' should be done */
193 /* We now add a new account to the first database listed.
196 return context->pdb_methods->add_sam_account(context->pdb_methods, sam_acct);
199 static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
201 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
204 DEBUG(0, ("invalid pdb_context specified!\n"));
208 if (!sam_acct || !sam_acct->methods){
209 DEBUG(0, ("invalid sam_acct specified\n"));
213 /** @todo This is where a 're-read on update' should be done */
215 return sam_acct->methods->update_sam_account(sam_acct->methods, sam_acct);
218 static NTSTATUS context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
220 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
222 struct pdb_methods *pdb_selected;
224 DEBUG(0, ("invalid pdb_context specified!\n"));
228 if (!sam_acct->methods){
229 pdb_selected = context->pdb_methods;
230 /* There's no passdb backend specified for this account.
231 * Try to delete it in every passdb available
232 * Needed to delete accounts in smbpasswd that are not
235 while (pdb_selected){
236 if (NT_STATUS_IS_OK(ret = pdb_selected->delete_sam_account(pdb_selected, sam_acct))) {
239 pdb_selected = pdb_selected->next;
244 if (!sam_acct->methods->delete_sam_account){
245 DEBUG(0,("invalid sam_acct->methods->delete_sam_account\n"));
249 return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
252 static NTSTATUS context_getgrsid(struct pdb_context *context,
253 GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
255 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
257 struct pdb_methods *curmethods;
259 DEBUG(0, ("invalid pdb_context specified!\n"));
262 curmethods = context->pdb_methods;
264 ret = curmethods->getgrsid(curmethods, map, sid, with_priv);
265 if (NT_STATUS_IS_OK(ret)) {
266 map->methods = curmethods;
269 curmethods = curmethods->next;
275 static NTSTATUS context_getgrgid(struct pdb_context *context,
276 GROUP_MAP *map, gid_t gid, BOOL with_priv)
278 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
280 struct pdb_methods *curmethods;
282 DEBUG(0, ("invalid pdb_context specified!\n"));
285 curmethods = context->pdb_methods;
287 ret = curmethods->getgrgid(curmethods, map, gid, with_priv);
288 if (NT_STATUS_IS_OK(ret)) {
289 map->methods = curmethods;
292 curmethods = curmethods->next;
298 static NTSTATUS context_getgrnam(struct pdb_context *context,
299 GROUP_MAP *map, char *name, BOOL with_priv)
301 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
303 struct pdb_methods *curmethods;
305 DEBUG(0, ("invalid pdb_context specified!\n"));
308 curmethods = context->pdb_methods;
310 ret = curmethods->getgrnam(curmethods, map, name, with_priv);
311 if (NT_STATUS_IS_OK(ret)) {
312 map->methods = curmethods;
315 curmethods = curmethods->next;
321 static NTSTATUS context_add_group_mapping_entry(struct pdb_context *context,
324 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
326 if ((!context) || (!context->pdb_methods)) {
327 DEBUG(0, ("invalid pdb_context specified!\n"));
331 return context->pdb_methods->add_group_mapping_entry(context->pdb_methods,
335 static NTSTATUS context_update_group_mapping_entry(struct pdb_context *context,
338 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
340 if ((!context) || (!context->pdb_methods)) {
341 DEBUG(0, ("invalid pdb_context specified!\n"));
346 pdb_methods->update_group_mapping_entry(context->pdb_methods, map);
349 static NTSTATUS context_delete_group_mapping_entry(struct pdb_context *context,
352 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
354 if ((!context) || (!context->pdb_methods)) {
355 DEBUG(0, ("invalid pdb_context specified!\n"));
360 pdb_methods->delete_group_mapping_entry(context->pdb_methods, sid);
363 static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
364 enum SID_NAME_USE sid_name_use,
365 GROUP_MAP **rmap, int *num_entries,
366 BOOL unix_only, BOOL with_priv)
368 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
370 if ((!context) || (!context->pdb_methods)) {
371 DEBUG(0, ("invalid pdb_context specified!\n"));
375 return context->pdb_methods->enum_group_mapping(context->pdb_methods,
377 num_entries, unix_only,
381 /******************************************************************
382 Free and cleanup a pdb context, any associated data and anything
383 that the attached modules might have associated.
384 *******************************************************************/
386 static void free_pdb_context(struct pdb_context **context)
388 struct pdb_methods *pdb_selected = (*context)->pdb_methods;
390 while (pdb_selected){
391 if(pdb_selected->free_private_data)
392 pdb_selected->free_private_data(&(pdb_selected->private_data));
393 pdb_selected = pdb_selected->next;
396 talloc_destroy((*context)->mem_ctx);
400 /******************************************************************
401 Make a pdb_methods from scratch
402 *******************************************************************/
404 static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_context *context, const char *selected)
406 char *module_name = smb_xstrdup(selected);
407 char *module_location = NULL, *p;
408 struct pdb_init_function_entry *entry;
409 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
411 lazy_initialize_passdb();
413 p = strchr(module_name, ':');
417 module_location = p+1;
418 trim_string(module_location, " ", " ");
421 trim_string(module_name, " ", " ");
424 DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
426 entry = pdb_find_backend_entry(module_name);
428 /* Try to find a module that contains this module */
430 DEBUG(2,("No builtin backend found, trying to load plugin\n"));
431 if(smb_probe_module("passdb", module_name) && !(entry = pdb_find_backend_entry(module_name))) {
432 DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", module_name));
433 SAFE_FREE(module_name);
434 return NT_STATUS_UNSUCCESSFUL;
438 /* No such backend found */
440 DEBUG(0,("No builtin nor plugin backend for %s found\n", module_name));
441 SAFE_FREE(module_name);
442 return NT_STATUS_INVALID_PARAMETER;
445 DEBUG(5,("Found pdb backend %s\n", module_name));
446 nt_status = entry->init(context, methods, module_location);
447 if (NT_STATUS_IS_OK(nt_status)) {
448 DEBUG(5,("pdb backend %s has a valid init\n", selected));
450 DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
452 SAFE_FREE(module_name);
456 /******************************************************************
457 Make a pdb_context from scratch.
458 *******************************************************************/
460 static NTSTATUS make_pdb_context(struct pdb_context **context)
464 mem_ctx = talloc_init("pdb_context internal allocation context");
467 DEBUG(0, ("make_pdb_context: talloc init failed!\n"));
468 return NT_STATUS_NO_MEMORY;
471 *context = talloc(mem_ctx, sizeof(**context));
473 DEBUG(0, ("make_pdb_context: talloc failed!\n"));
474 return NT_STATUS_NO_MEMORY;
477 ZERO_STRUCTP(*context);
479 (*context)->mem_ctx = mem_ctx;
481 (*context)->pdb_setsampwent = context_setsampwent;
482 (*context)->pdb_endsampwent = context_endsampwent;
483 (*context)->pdb_getsampwent = context_getsampwent;
484 (*context)->pdb_getsampwnam = context_getsampwnam;
485 (*context)->pdb_getsampwsid = context_getsampwsid;
486 (*context)->pdb_add_sam_account = context_add_sam_account;
487 (*context)->pdb_update_sam_account = context_update_sam_account;
488 (*context)->pdb_delete_sam_account = context_delete_sam_account;
489 (*context)->pdb_getgrsid = context_getgrsid;
490 (*context)->pdb_getgrgid = context_getgrgid;
491 (*context)->pdb_getgrnam = context_getgrnam;
492 (*context)->pdb_add_group_mapping_entry = context_add_group_mapping_entry;
493 (*context)->pdb_update_group_mapping_entry = context_update_group_mapping_entry;
494 (*context)->pdb_delete_group_mapping_entry = context_delete_group_mapping_entry;
495 (*context)->pdb_enum_group_mapping = context_enum_group_mapping;
497 (*context)->free_fn = free_pdb_context;
503 /******************************************************************
504 Make a pdb_context, given an array of strings
505 *******************************************************************/
507 NTSTATUS make_pdb_context_list(struct pdb_context **context, const char **selected)
510 struct pdb_methods *curmethods, *tmpmethods;
511 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
513 if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context))) {
518 /* Try to initialise pdb */
519 DEBUG(5,("Trying to load: %s\n", selected[i]));
520 if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods_name(&curmethods, *context, selected[i]))) {
521 DEBUG(1, ("Loading %s failed!\n", selected[i]));
522 free_pdb_context(context);
525 curmethods->parent = *context;
526 DLIST_ADD_END((*context)->pdb_methods, curmethods, tmpmethods);
533 /******************************************************************
534 Make a pdb_context, given a text string.
535 *******************************************************************/
537 NTSTATUS make_pdb_context_string(struct pdb_context **context, const char *selected)
540 char **newsel = str_list_make(selected, NULL);
541 ret = make_pdb_context_list(context, (const char **)newsel);
542 str_list_free(&newsel);
546 /******************************************************************
547 Return an already initialised pdb_context, to facilitate backward
548 compatibility (see functions below).
549 *******************************************************************/
551 static struct pdb_context *pdb_get_static_context(BOOL reload)
553 static struct pdb_context *pdb_context = NULL;
555 if ((pdb_context) && (reload)) {
556 pdb_context->free_fn(&pdb_context);
557 if (NT_STATUS_IS_ERR(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
563 if (NT_STATUS_IS_ERR(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
571 /******************************************************************
572 Backward compatibility functions for the original passdb interface
573 *******************************************************************/
575 BOOL pdb_setsampwent(BOOL update)
577 struct pdb_context *pdb_context = pdb_get_static_context(False);
583 return NT_STATUS_IS_OK(pdb_context->pdb_setsampwent(pdb_context, update));
586 void pdb_endsampwent(void)
588 struct pdb_context *pdb_context = pdb_get_static_context(False);
594 pdb_context->pdb_endsampwent(pdb_context);
597 BOOL pdb_getsampwent(SAM_ACCOUNT *user)
599 struct pdb_context *pdb_context = pdb_get_static_context(False);
605 return NT_STATUS_IS_OK(pdb_context->pdb_getsampwent(pdb_context, user));
608 BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username)
610 struct pdb_context *pdb_context = pdb_get_static_context(False);
616 return NT_STATUS_IS_OK(pdb_context->pdb_getsampwnam(pdb_context, sam_acct, username));
619 BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
621 struct pdb_context *pdb_context = pdb_get_static_context(False);
627 return NT_STATUS_IS_OK(pdb_context->pdb_getsampwsid(pdb_context, sam_acct, sid));
630 BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct)
632 struct pdb_context *pdb_context = pdb_get_static_context(False);
638 return NT_STATUS_IS_OK(pdb_context->pdb_add_sam_account(pdb_context, sam_acct));
641 BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
643 struct pdb_context *pdb_context = pdb_get_static_context(False);
649 return NT_STATUS_IS_OK(pdb_context->pdb_update_sam_account(pdb_context, sam_acct));
652 BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
654 struct pdb_context *pdb_context = pdb_get_static_context(False);
660 return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
663 BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
665 struct pdb_context *pdb_context = pdb_get_static_context(False);
671 return NT_STATUS_IS_OK(pdb_context->
672 pdb_getgrsid(pdb_context, map, sid, with_priv));
675 BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid, BOOL with_priv)
677 struct pdb_context *pdb_context = pdb_get_static_context(False);
683 return NT_STATUS_IS_OK(pdb_context->
684 pdb_getgrgid(pdb_context, map, gid, with_priv));
687 BOOL pdb_getgrnam(GROUP_MAP *map, char *name, BOOL with_priv)
689 struct pdb_context *pdb_context = pdb_get_static_context(False);
695 return NT_STATUS_IS_OK(pdb_context->
696 pdb_getgrnam(pdb_context, map, name, with_priv));
699 BOOL pdb_add_group_mapping_entry(GROUP_MAP *map)
701 struct pdb_context *pdb_context = pdb_get_static_context(False);
707 return NT_STATUS_IS_OK(pdb_context->
708 pdb_add_group_mapping_entry(pdb_context, map));
711 BOOL pdb_update_group_mapping_entry(GROUP_MAP *map)
713 struct pdb_context *pdb_context = pdb_get_static_context(False);
719 return NT_STATUS_IS_OK(pdb_context->
720 pdb_update_group_mapping_entry(pdb_context, map));
723 BOOL pdb_delete_group_mapping_entry(DOM_SID sid)
725 struct pdb_context *pdb_context = pdb_get_static_context(False);
731 return NT_STATUS_IS_OK(pdb_context->
732 pdb_delete_group_mapping_entry(pdb_context, sid));
735 BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
736 int *num_entries, BOOL unix_only, BOOL with_priv)
738 struct pdb_context *pdb_context = pdb_get_static_context(False);
744 return NT_STATUS_IS_OK(pdb_context->
745 pdb_enum_group_mapping(pdb_context, sid_name_use,
746 rmap, num_entries, unix_only,
750 /***************************************************************
751 Initialize the static context (at smbd startup etc).
753 If uninitialised, context will auto-init on first use.
754 ***************************************************************/
756 BOOL initialize_password_db(BOOL reload)
758 return (pdb_get_static_context(reload) != NULL);
762 /***************************************************************************
763 Default implementations of some functions.
764 ****************************************************************************/
766 static NTSTATUS pdb_default_getsampwnam (struct pdb_methods *methods, SAM_ACCOUNT *user, const char *sname)
768 return NT_STATUS_NO_SUCH_USER;
771 static NTSTATUS pdb_default_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT * user, const DOM_SID *sid)
773 return NT_STATUS_NO_SUCH_USER;
776 static NTSTATUS pdb_default_add_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
778 DEBUG(0,("this backend (%s) should not be listed as the first passdb backend! You can't add users to it.\n", methods->name));
779 return NT_STATUS_NOT_IMPLEMENTED;
782 static NTSTATUS pdb_default_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
784 return NT_STATUS_NOT_IMPLEMENTED;
787 static NTSTATUS pdb_default_delete_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *pwd)
789 return NT_STATUS_NOT_IMPLEMENTED;
792 static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update)
794 return NT_STATUS_NOT_IMPLEMENTED;
797 static NTSTATUS pdb_default_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT *user)
799 return NT_STATUS_NOT_IMPLEMENTED;
802 static void pdb_default_endsampwent(struct pdb_methods *methods)
804 return; /* NT_STATUS_NOT_IMPLEMENTED; */
807 NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
809 *methods = talloc(mem_ctx, sizeof(struct pdb_methods));
812 return NT_STATUS_NO_MEMORY;
815 ZERO_STRUCTP(*methods);
817 (*methods)->setsampwent = pdb_default_setsampwent;
818 (*methods)->endsampwent = pdb_default_endsampwent;
819 (*methods)->getsampwent = pdb_default_getsampwent;
820 (*methods)->getsampwnam = pdb_default_getsampwnam;
821 (*methods)->getsampwsid = pdb_default_getsampwsid;
822 (*methods)->add_sam_account = pdb_default_add_sam_account;
823 (*methods)->update_sam_account = pdb_default_update_sam_account;
824 (*methods)->delete_sam_account = pdb_default_delete_sam_account;
826 (*methods)->getgrsid = pdb_default_getgrsid;
827 (*methods)->getgrgid = pdb_default_getgrgid;
828 (*methods)->getgrnam = pdb_default_getgrnam;
829 (*methods)->add_group_mapping_entry = pdb_default_add_group_mapping_entry;
830 (*methods)->update_group_mapping_entry = pdb_default_update_group_mapping_entry;
831 (*methods)->delete_group_mapping_entry = pdb_default_delete_group_mapping_entry;
832 (*methods)->enum_group_mapping = pdb_default_enum_group_mapping;
git.samba.org / ira / wip.git / blob