2 * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
3 * Copyright (C) Andrew Tridgell 1992-1998
4 * Copyright (C) Simo Sorce 2000
5 * Copyright (C) Gerald Carter 2000
7 * This program is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License as published by the Free
9 * Software Foundation; either version 2 of the License, or (at your option)
12 * This program is distributed in the hope that it will be useful, but WITHOUT
13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
17 * You should have received a copy of the GNU General Public License along with
18 * this program; if not, write to the Free Software Foundation, Inc., 675
19 * Mass Ave, Cambridge, MA 02139, USA.
26 #define TDB_FORMAT_STRING "ddddddfffPPfPPPPffddBBwdwdBdd"
27 #define USERPREFIX "USER_"
28 #define UIDPREFIX "UID_"
29 #define RIDPREFIX "RID_"
31 extern int DEBUGLEVEL;
32 extern pstring samlogon_user;
33 extern BOOL sam_logon_in_ssb;
38 TDB_CONTEXT *passwd_tdb;
42 static struct tdb_enum_info global_tdb_ent;
43 static SAM_ACCOUNT global_sam_pass;
45 /**********************************************************************
46 Intialize a SAM_ACCOUNT struct from a BYTE buffer of size len
47 *********************************************************************/
48 static BOOL init_sam_from_buffer (SAM_ACCOUNT *sampass, BYTE *buf,
51 static fstring username,
57 static pstring full_name,
63 static BYTE *lm_pw_ptr,
68 uint32 lmpwlen, ntpwlen, hourslen;
70 /* using static memory for strings */
71 /* you set it now or you will delete any fields retrieved by tdb_unpack */
72 pdb_set_mem_ownership(sampass, False);
75 /* unpack the buffer into variables */
76 len = tdb_unpack (buf, buflen, TDB_FORMAT_STRING,
78 &sampass->logoff_time,
79 &sampass->kickoff_time,
80 &sampass->pass_last_set_time,
81 &sampass->pass_can_change_time,
82 &sampass->pass_must_change_time,
101 &sampass->logon_divs,
103 &hourslen, &sampass->hours,
105 &sampass->unknown_6);
111 * We have to copy the password hashes into static memory
112 * and free the memory allocated by tdb_unpack. This is because
113 * the sampass->own_memory flag is for all pointer members.
114 * The remaining members are using static memory and so
115 * the password hashes must as well. --jerry
119 memcpy(lm_pw, lm_pw_ptr, 16);
124 memcpy(nt_pw, nt_pw_ptr, 16);
128 pdb_set_username (sampass, username);
129 pdb_set_domain (sampass, domain);
130 pdb_set_nt_username (sampass, nt_username);
131 pdb_set_fullname (sampass, full_name);
132 pdb_set_homedir (sampass, home_dir);
133 pdb_set_dir_drive (sampass, dir_drive);
134 pdb_set_logon_script (sampass, logon_script);
135 pdb_set_profile_path (sampass, profile_path);
136 pdb_set_acct_desc (sampass, acct_desc);
137 pdb_set_workstations (sampass, workstations);
138 pdb_set_munged_dial (sampass, munged_dial);
139 pdb_set_lanman_passwd(sampass, lm_pw);
140 pdb_set_nt_passwd (sampass, nt_pw);
145 /**********************************************************************
146 Intialize a BYTE buffer from a SAM_ACCOUNT struct
147 *********************************************************************/
148 static uint32 init_buffer_from_sam (BYTE **buf, SAM_ACCOUNT *sampass)
166 char null_pw[] = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
168 /* do we have a valid SAM_ACCOUNT pointer? */
175 fstrcpy(username, sampass->username);
176 fstrcpy(domain, sampass->domain);
177 fstrcpy(nt_username, sampass->nt_username);
178 fstrcpy(dir_drive, sampass->dir_drive);
179 fstrcpy(unknown_str, sampass->unknown_str);
180 fstrcpy(munged_dial, sampass->munged_dial);
182 pstrcpy(full_name, sampass->full_name);
183 pstrcpy(home_dir, sampass->home_dir);
184 pstrcpy(logon_script, sampass->logon_script);
185 pstrcpy(profile_path, sampass->profile_path);
186 pstrcpy(acct_desc, sampass->acct_desc);
187 pstrcpy(workstations, sampass->workstations);
190 memcpy(lm_pw, sampass->lm_pw, 16);
192 pdb_gethexpwd (null_pw, lm_pw);
195 memcpy(nt_pw, sampass->nt_pw, 16);
197 pdb_gethexpwd (null_pw, nt_pw);
200 /* one time to get the size needed */
201 len = tdb_pack(NULL, 0, TDB_FORMAT_STRING,
203 sampass->logoff_time,
204 sampass->kickoff_time,
205 sampass->pass_last_set_time,
206 sampass->pass_can_change_time,
207 sampass->pass_must_change_time,
228 MAX_HOURS_LEN, sampass->hours,
233 /* malloc the space needed */
234 if ( (*buf=(BYTE*)malloc(len)) == NULL)
236 DEBUG(0,("init_buffer_from_sam: Unable to malloc() memory for buffer!\n"));
240 /* now for the real call to tdb_pack() */
241 /* one time to get the size needed */
242 buflen = tdb_pack(*buf, len, TDB_FORMAT_STRING,
244 sampass->logoff_time,
245 sampass->kickoff_time,
246 sampass->pass_last_set_time,
247 sampass->pass_can_change_time,
248 sampass->pass_must_change_time,
269 MAX_HOURS_LEN, sampass->hours,
274 /* check to make sure we got it correct */
285 /***************************************************************
286 Open the TDB account SAM fo renumeration.
287 ****************************************************************/
288 BOOL pdb_setsampwent(BOOL update)
292 pstrcpy (tdbfile, lp_private_dir());
293 pstrcat (tdbfile, "/passdb.tdb");
295 /* Open tdb passwd */
296 if (!(global_tdb_ent.passwd_tdb = tdb_open(tdbfile, 0, 0, update ? O_RDWR : O_RDONLY, 0600)))
298 DEBUG(0, ("Unable to open TDB passwd, trying create new!\n"));
299 if (!(global_tdb_ent.passwd_tdb = tdb_open(tdbfile, 0, 0, O_RDWR | O_CREAT | O_EXCL, 0600)))
301 DEBUG(0, ("Unable to create TDB passwd (passdb.tdb) !!!"));
306 global_tdb_ent.key = tdb_firstkey(global_tdb_ent.passwd_tdb);
311 /***************************************************************
312 End enumeration of the TDB passwd list.
313 ****************************************************************/
314 void pdb_endsampwent(void)
316 if (global_tdb_ent.passwd_tdb)
318 tdb_close(global_tdb_ent.passwd_tdb);
319 global_tdb_ent.passwd_tdb = NULL;
322 DEBUG(7, ("endtdbpwent: closed password file.\n"));
326 /*****************************************************************
327 Get one SAM_ACCOUNT from the TDB (next in line)
328 *****************************************************************/
329 SAM_ACCOUNT* pdb_getsampwent(void)
334 /* do we have an valid interation pointer? */
335 if(global_tdb_ent.passwd_tdb == NULL)
337 DEBUG(0,("pdb_get_sampwent: Bad TDB Context pointer.\n"));
341 data = tdb_fetch (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
344 DEBUG(5,("pdb_getsampwent: database entry not found.\n"));
348 /* unpack the buffer */
349 pdb_clear_sam (&global_sam_pass);
350 if (!init_sam_from_buffer (&global_sam_pass, data.dptr, data.dsize))
352 DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
356 /* validate the account and fill in UNIX uid and gid. sys_getpwnam()
357 is used instaed of Get_Pwnam() as we do not need to try case
359 if ((pw=sys_getpwnam(pdb_get_username(&global_sam_pass))) == NULL)
361 DEBUG(0,("pdb_getsampwent: getpwnam(%s) return NULL. User does not exist!\n",
362 pdb_get_username(&global_sam_pass)));
366 pdb_set_uid (&global_sam_pass, pw->pw_uid);
367 pdb_set_gid (&global_sam_pass, pw->pw_gid);
369 /* increment to next in line */
370 global_tdb_ent.key = tdb_nextkey (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
372 return (&global_sam_pass);
375 /******************************************************************
376 Lookup a name in the SAM TDB
377 ******************************************************************/
378 SAM_ACCOUNT* pdb_getsampwnam (char *sname)
380 TDB_CONTEXT *pwd_tdb;
387 fstrcpy (name, sname);
389 pstrcpy (tdbfile, lp_private_dir());
390 pstrcat (tdbfile, "/passdb.tdb");
393 slprintf(keystr, sizeof(keystr), "%s%s", USERPREFIX, name);
395 key.dsize = strlen (keystr) + 1;
397 /* open the accounts TDB */
398 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDONLY, 0600)))
400 DEBUG(0, ("pdb_getsampwnam: Unable to open TDB passwd!\n"));
405 data = tdb_fetch (pwd_tdb, key);
408 DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n"));
409 DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
414 /* unpack the buffer */
415 pdb_clear_sam (&global_sam_pass);
416 if (!init_sam_from_buffer (&global_sam_pass, data.dptr, data.dsize))
418 DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
422 /* validate the account and fill in UNIX uid and gid. sys_getpwnam()
423 is used instaed of Get_Pwnam() as we do not need to try case
425 if ((pw=sys_getpwnam(pdb_get_username(&global_sam_pass))) == NULL)
427 DEBUG(0,("pdb_getsampwent: getpwnam(%s) return NULL. User does not exist!\n",
428 pdb_get_username(&global_sam_pass)));
432 pdb_set_uid (&global_sam_pass, pw->pw_uid);
433 pdb_set_gid (&global_sam_pass, pw->pw_gid);
438 return (&global_sam_pass);
441 /***************************************************************************
444 I now know what the 'T' stands for in TDB :-( This is an unacceptable
445 solution. We need multiple indexes and transactional support. I'm
446 including this implementation only as an example.
447 **************************************************************************/
448 SAM_ACCOUNT* pdb_getsampwuid (uid_t uid)
450 SAM_ACCOUNT *pw = NULL;
451 TDB_CONTEXT *pwd_tdb;
457 pstrcpy (tdbfile, lp_private_dir());
458 pstrcat (tdbfile, "/uiddb.tdb");
461 slprintf(keystr, sizeof(keystr), "%s%.5u", UIDPREFIX, uid);
463 key.dsize = strlen (keystr) + 1;
465 /* open the accounts TDB */
466 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDONLY, 0600)))
468 DEBUG(0, ("pdb_getsampwuid: Unable to open TDB uid database!\n"));
473 data = tdb_fetch (pwd_tdb, key);
476 DEBUG(5,("pdb_getsampwuid (TDB): error fetching database.\n"));
477 DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
482 fstrcpy (name, data.dptr);
486 pw = pdb_getsampwnam (name);
491 /***************************************************************************
493 **************************************************************************/
494 SAM_ACCOUNT* pdb_getsampwrid (uint32 rid)
496 SAM_ACCOUNT *pw = NULL;
497 TDB_CONTEXT *pwd_tdb;
503 pstrcpy (tdbfile, lp_private_dir());
504 pstrcat (tdbfile, "/riddb.tdb");
507 slprintf(keystr, sizeof(keystr), "%s%.8x", RIDPREFIX, rid);
509 key.dsize = strlen (keystr) + 1;
511 /* open the accounts TDB */
512 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDONLY, 0600)))
514 DEBUG(0, ("pdb_getsampwrid: Unable to open TDB rid database!\n"));
519 data = tdb_fetch (pwd_tdb, key);
522 DEBUG(5,("pdb_getsampwrid (TDB): error fetching database.\n"));
523 DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
528 fstrcpy (name, data.dptr);
532 pw = pdb_getsampwnam (name);
539 /***************************************************************************
541 ****************************************************************************/
542 BOOL pdb_delete_sam_account(char *sname)
544 struct passwd *pwd = NULL;
545 TDB_CONTEXT *pwd_tdb;
553 fstrcpy (name, sname);
556 pstrcpy (tdbfile, lp_private_dir());
557 pstrcat (tdbfile, "/passdb.tdb");
560 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDWR, 0600)))
562 DEBUG(0, ("Unable to open TDB passwd!"));
566 /* set the search key */
567 slprintf(keystr, sizeof(keystr), "%s%s", USERPREFIX, name);
569 key.dsize = strlen (keystr) + 1;
572 data = tdb_fetch (pwd_tdb, key);
575 DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n"));
576 DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
581 /* unpack the buffer */
582 pdb_clear_sam (&global_sam_pass);
583 if (!init_sam_from_buffer (&global_sam_pass, data.dptr, data.dsize))
585 DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
589 pwd = sys_getpwnam(global_sam_pass.username);
591 rid = pdb_uid_to_user_rid (uid);
593 /* it's outaa here! 8^) */
594 if (tdb_delete(pwd_tdb, key) != TDB_SUCCESS)
596 DEBUG(5, ("Error deleting entry from tdb passwd database!\n"));
597 DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
603 pstrcpy (tdbfile, lp_private_dir());
604 pstrcat (tdbfile, "/uiddb.tdb");
606 /* open the UID TDB */
607 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDWR, 0600)))
609 DEBUG(0, ("Unable to open TDB uid file!"));
613 /* set the search key */
614 slprintf(keystr, sizeof(keystr), "%s%.5u", UIDPREFIX, uid);
616 key.dsize = strlen (keystr) + 1;
618 /* it's outaa here! 8^) */
619 if (tdb_delete(pwd_tdb, key) != TDB_SUCCESS)
621 DEBUG(5, ("Error deleting entry from tdb uid database!\n"));
622 DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
629 pstrcpy (tdbfile, lp_private_dir());
630 pstrcat (tdbfile, "/riddb.tdb");
632 /* open the RID TDB */
633 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDWR, 0600)))
635 DEBUG(0, ("Unable to open TDB rid file!"));
639 /* set the search key */
640 slprintf(keystr, sizeof(keystr), "%s%.8x", UIDPREFIX, rid);
642 key.dsize = strlen (keystr) + 1;
644 /* it's outaa here! 8^) */
645 if (tdb_delete(pwd_tdb, key) != TDB_SUCCESS)
647 DEBUG(5, ("Error deleting entry from tdb rid database!\n"));
648 DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
658 /***************************************************************************
660 ****************************************************************************/
661 static BOOL tdb_update_sam(SAM_ACCOUNT* newpwd, BOOL override, int flag)
663 TDB_CONTEXT *pwd_tdb;
671 pstrcpy (tdbfile, lp_private_dir());
672 pstrcat (tdbfile, "/passdb.tdb");
674 if ( (!newpwd->uid) || (!newpwd->gid) )
675 DEBUG (0,("tdb_update_sam: Storing a SAM_ACCOUNT for [%s] with uid %d and gid %d!\n",
676 newpwd->username, newpwd->uid, newpwd->gid));
678 /* if we don't have a RID, then generate one */
679 if (!newpwd->user_rid)
680 pdb_set_user_rid (newpwd, pdb_uid_to_user_rid (newpwd->uid));
681 if (!newpwd->group_rid)
682 pdb_set_group_rid (newpwd, pdb_gid_to_group_rid (newpwd->gid));
684 /* copy the SAM_ACCOUNT struct into a BYTE buffer for storage */
685 if ((data.dsize=init_buffer_from_sam (&buf, newpwd)) == -1)
687 DEBUG(0,("tdb_update_sam: ERROR - Unable to copy SAM_ACCOUNT info BYTE buffer!\n"));
692 fstrcpy (name, pdb_get_username(newpwd));
695 /* setup the USER index key */
696 slprintf(keystr, sizeof(keystr), "%s%s", USERPREFIX, name);
698 key.dsize = strlen (keystr) + 1;
700 /* invalidate the existing TDB iterator if it is open */
701 if (global_tdb_ent.passwd_tdb)
703 tdb_close(global_tdb_ent.passwd_tdb);
704 global_tdb_ent.passwd_tdb = NULL;
707 /* open the account TDB passwd*/
708 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDWR, 0600)))
710 DEBUG(0, ("tdb_update_sam: Unable to open TDB passwd!\n"));
711 if (flag == TDB_INSERT)
713 DEBUG(0, ("Unable to open TDB passwd, trying create new!\n"));
714 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDWR | O_CREAT | O_EXCL, 0600)))
716 DEBUG(0, ("Unable to create TDB passwd (passdb.tdb) !!!\n"));
723 /* add the account */
724 if (tdb_store(pwd_tdb, key, data, flag) != TDB_SUCCESS)
726 DEBUG(0, ("Unable to modify TDB passwd!"));
727 DEBUGADD(0, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
735 /* setup UID/RID data */
736 data.dsize = sizeof(fstring);
739 pstrcpy (tdbfile, lp_private_dir());
740 pstrcat (tdbfile, "/uiddb.tdb");
742 /* setup the UID index key */
743 slprintf(keystr, sizeof(keystr), "%s%.5u", UIDPREFIX, pdb_get_uid(newpwd));
745 key.dsize = strlen (keystr) + 1;
747 /* open the account TDB uid file*/
748 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDWR, 0600)))
750 DEBUG(0, ("tdb_update_sam: Unable to open TDB uid database!\n"));
752 DEBUG(0, ("WARNING: uid database missing and passdb exist, check references integrity!\n"));
753 if (flag == TDB_INSERT)
755 DEBUG(0, ("Unable to open TDB uid file, trying create new!\n"));
756 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDWR | O_CREAT | O_EXCL, 0600)))
758 DEBUG(0, ("Unable to create TDB uid (uiddb.tdb) !!!\n"));
764 /* add the reference */
765 if (tdb_store(pwd_tdb, key, data, flag) != TDB_SUCCESS)
767 DEBUG(0, ("Unable to modify TDB uid database!"));
768 DEBUGADD(0, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
769 /* tdb_close (pwd_tdb);
776 pstrcpy (tdbfile, lp_private_dir());
777 pstrcat (tdbfile, "/riddb.tdb");
779 /* setup the RID index key */
780 slprintf(keystr, sizeof(keystr), "%s%.8x", UIDPREFIX, pdb_get_user_rid(newpwd));
782 key.dsize = strlen (keystr) + 1;
784 /* open the account TDB rid file*/
785 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDWR, 0600)))
787 DEBUG(0, ("tdb_update_sam: Unable to open TDB rid database!\n"));
789 DEBUG(0, ("WARNING: rid database missing and passdb exist, check references integrity!\n"));
790 if (flag == TDB_INSERT)
792 DEBUG(0, ("Unable to open TDB rid file, trying create new!\n"));
793 if (!(pwd_tdb = tdb_open(tdbfile, 0, 0, O_RDWR | O_CREAT | O_EXCL, 0600)))
795 DEBUG(0, ("Unable to create TDB rid (riddb.tdb) !!!\n"));
801 /* add the reference */
802 if (tdb_store(pwd_tdb, key, data, flag) != TDB_SUCCESS)
804 DEBUG(0, ("Unable to modify TDB rid database!"));
805 DEBUGADD(0, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
806 /* tdb_close (pwd_tdb);
816 /***************************************************************************
817 Modifies an existing SAM_ACCOUNT
818 ****************************************************************************/
819 BOOL pdb_update_sam_account (SAM_ACCOUNT *newpwd, BOOL override)
821 return (tdb_update_sam(newpwd, override, TDB_MODIFY));
824 /***************************************************************************
825 Adds an existing SAM_ACCOUNT
826 ****************************************************************************/
827 BOOL pdb_add_sam_account (SAM_ACCOUNT *newpwd)
829 return (tdb_update_sam(newpwd, True, TDB_INSERT));
834 /* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
835 void samtdb_dummy_function(void) { } /* stop some compilers complaining */
836 #endif /* WITH_TDBPWD */