2 Unix SMB/CIFS implementation.
3 Password and authentication handling
4 Copyright (C) Andrew Bartlett 2002
5 Copyright (C) Jelmer Vernooij 2002
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 #define DBGC_CLASS DBGC_PASSDB
27 static struct pdb_init_function_entry *backends = NULL;
29 static void lazy_initialize_passdb(void)
31 static BOOL initialized = False;
32 if(initialized)return;
37 static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name);
39 NTSTATUS smb_register_passdb(int version, const char *name, pdb_init_function init)
41 struct pdb_init_function_entry *entry = backends;
43 if(version != PASSDB_INTERFACE_VERSION) {
44 DEBUG(0,("Can't register passdb backend!\n"
45 "You tried to register a passdb module with PASSDB_INTERFACE_VERSION %d, "
46 "while this version of samba uses version %d\n",
47 version,PASSDB_INTERFACE_VERSION));
48 return NT_STATUS_OBJECT_TYPE_MISMATCH;
52 return NT_STATUS_INVALID_PARAMETER;
55 DEBUG(5,("Attempting to register passdb backend %s\n", name));
57 /* Check for duplicates */
58 if (pdb_find_backend_entry(name)) {
59 DEBUG(0,("There already is a passdb backend registered with the name %s!\n", name));
60 return NT_STATUS_OBJECT_NAME_COLLISION;
63 entry = smb_xmalloc(sizeof(struct pdb_init_function_entry));
64 entry->name = smb_xstrdup(name);
67 DLIST_ADD(backends, entry);
68 DEBUG(5,("Successfully added passdb backend '%s'\n", name));
72 static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
74 struct pdb_init_function_entry *entry = backends;
77 if (strcasecmp(entry->name, name) == 0) return entry;
84 static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update)
86 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
89 DEBUG(0, ("invalid pdb_context specified!\n"));
93 context->pwent_methods = context->pdb_methods;
95 if (!context->pwent_methods) {
96 /* No passdbs at all */
100 while (NT_STATUS_IS_ERR(ret = context->pwent_methods->setsampwent(context->pwent_methods, update))) {
101 context->pwent_methods = context->pwent_methods->next;
102 if (context->pwent_methods == NULL)
103 return NT_STATUS_UNSUCCESSFUL;
108 static void context_endsampwent(struct pdb_context *context)
111 DEBUG(0, ("invalid pdb_context specified!\n"));
115 if (context->pwent_methods && context->pwent_methods->endsampwent)
116 context->pwent_methods->endsampwent(context->pwent_methods);
118 /* So we won't get strange data when calling getsampwent now */
119 context->pwent_methods = NULL;
122 static NTSTATUS context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *user)
124 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
126 if ((!context) || (!context->pwent_methods)) {
127 DEBUG(0, ("invalid pdb_context specified!\n"));
130 /* Loop until we find something useful */
131 while (NT_STATUS_IS_ERR(ret = context->pwent_methods->getsampwent(context->pwent_methods, user))) {
133 context->pwent_methods->endsampwent(context->pwent_methods);
135 context->pwent_methods = context->pwent_methods->next;
137 /* All methods are checked now. There are no more entries */
138 if (context->pwent_methods == NULL)
141 context->pwent_methods->setsampwent(context->pwent_methods, False);
143 user->methods = context->pwent_methods;
147 static NTSTATUS context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const char *username)
149 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
151 struct pdb_methods *curmethods;
153 DEBUG(0, ("invalid pdb_context specified!\n"));
156 curmethods = context->pdb_methods;
158 if (NT_STATUS_IS_OK(ret = curmethods->getsampwnam(curmethods, sam_acct, username))) {
159 sam_acct->methods = curmethods;
162 curmethods = curmethods->next;
168 static NTSTATUS context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
170 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
172 struct pdb_methods *curmethods;
174 DEBUG(0, ("invalid pdb_context specified!\n"));
178 curmethods = context->pdb_methods;
181 if (NT_STATUS_IS_OK(ret = curmethods->getsampwsid(curmethods, sam_acct, sid))) {
182 sam_acct->methods = curmethods;
185 curmethods = curmethods->next;
191 static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
193 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
195 if ((!context) || (!context->pdb_methods)) {
196 DEBUG(0, ("invalid pdb_context specified!\n"));
200 /** @todo This is where a 're-read on add' should be done */
201 /* We now add a new account to the first database listed.
204 return context->pdb_methods->add_sam_account(context->pdb_methods, sam_acct);
207 static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
209 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
212 DEBUG(0, ("invalid pdb_context specified!\n"));
216 if (!sam_acct || !sam_acct->methods){
217 DEBUG(0, ("invalid sam_acct specified\n"));
221 /** @todo This is where a 're-read on update' should be done */
223 return sam_acct->methods->update_sam_account(sam_acct->methods, sam_acct);
226 static NTSTATUS context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
228 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
230 struct pdb_methods *pdb_selected;
232 DEBUG(0, ("invalid pdb_context specified!\n"));
236 if (!sam_acct->methods){
237 pdb_selected = context->pdb_methods;
238 /* There's no passdb backend specified for this account.
239 * Try to delete it in every passdb available
240 * Needed to delete accounts in smbpasswd that are not
243 while (pdb_selected){
244 if (NT_STATUS_IS_OK(ret = pdb_selected->delete_sam_account(pdb_selected, sam_acct))) {
247 pdb_selected = pdb_selected->next;
252 if (!sam_acct->methods->delete_sam_account){
253 DEBUG(0,("invalid sam_acct->methods->delete_sam_account\n"));
257 return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
260 static NTSTATUS context_getgrsid(struct pdb_context *context,
261 GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
263 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
265 struct pdb_methods *curmethods;
267 DEBUG(0, ("invalid pdb_context specified!\n"));
270 curmethods = context->pdb_methods;
272 ret = curmethods->getgrsid(curmethods, map, sid, with_priv);
273 if (NT_STATUS_IS_OK(ret)) {
274 map->methods = curmethods;
277 curmethods = curmethods->next;
283 static NTSTATUS context_getgrgid(struct pdb_context *context,
284 GROUP_MAP *map, gid_t gid, BOOL with_priv)
286 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
288 struct pdb_methods *curmethods;
290 DEBUG(0, ("invalid pdb_context specified!\n"));
293 curmethods = context->pdb_methods;
295 ret = curmethods->getgrgid(curmethods, map, gid, with_priv);
296 if (NT_STATUS_IS_OK(ret)) {
297 map->methods = curmethods;
300 curmethods = curmethods->next;
306 static NTSTATUS context_getgrnam(struct pdb_context *context,
307 GROUP_MAP *map, char *name, BOOL with_priv)
309 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
311 struct pdb_methods *curmethods;
313 DEBUG(0, ("invalid pdb_context specified!\n"));
316 curmethods = context->pdb_methods;
318 ret = curmethods->getgrnam(curmethods, map, name, with_priv);
319 if (NT_STATUS_IS_OK(ret)) {
320 map->methods = curmethods;
323 curmethods = curmethods->next;
329 static NTSTATUS context_add_group_mapping_entry(struct pdb_context *context,
332 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
334 if ((!context) || (!context->pdb_methods)) {
335 DEBUG(0, ("invalid pdb_context specified!\n"));
339 return context->pdb_methods->add_group_mapping_entry(context->pdb_methods,
343 static NTSTATUS context_update_group_mapping_entry(struct pdb_context *context,
346 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
348 if ((!context) || (!context->pdb_methods)) {
349 DEBUG(0, ("invalid pdb_context specified!\n"));
354 pdb_methods->update_group_mapping_entry(context->pdb_methods, map);
357 static NTSTATUS context_delete_group_mapping_entry(struct pdb_context *context,
360 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
362 if ((!context) || (!context->pdb_methods)) {
363 DEBUG(0, ("invalid pdb_context specified!\n"));
368 pdb_methods->delete_group_mapping_entry(context->pdb_methods, sid);
371 static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
372 enum SID_NAME_USE sid_name_use,
373 GROUP_MAP **rmap, int *num_entries,
374 BOOL unix_only, BOOL with_priv)
376 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
378 if ((!context) || (!context->pdb_methods)) {
379 DEBUG(0, ("invalid pdb_context specified!\n"));
383 return context->pdb_methods->enum_group_mapping(context->pdb_methods,
385 num_entries, unix_only,
389 /******************************************************************
390 Free and cleanup a pdb context, any associated data and anything
391 that the attached modules might have associated.
392 *******************************************************************/
394 static void free_pdb_context(struct pdb_context **context)
396 struct pdb_methods *pdb_selected = (*context)->pdb_methods;
398 while (pdb_selected){
399 if(pdb_selected->free_private_data)
400 pdb_selected->free_private_data(&(pdb_selected->private_data));
401 pdb_selected = pdb_selected->next;
404 talloc_destroy((*context)->mem_ctx);
408 /******************************************************************
409 Make a pdb_methods from scratch
410 *******************************************************************/
412 static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_context *context, const char *selected)
414 char *module_name = smb_xstrdup(selected);
415 char *module_location = NULL, *p;
416 struct pdb_init_function_entry *entry;
417 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
419 lazy_initialize_passdb();
421 p = strchr(module_name, ':');
425 module_location = p+1;
426 trim_string(module_location, " ", " ");
429 trim_string(module_name, " ", " ");
432 DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
434 entry = pdb_find_backend_entry(module_name);
436 /* Try to find a module that contains this module */
438 DEBUG(2,("No builtin backend found, trying to load plugin\n"));
439 if(NT_STATUS_IS_OK(smb_probe_module("pdb", module_name)) && !(entry = pdb_find_backend_entry(module_name))) {
440 DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", module_name));
441 SAFE_FREE(module_name);
442 return NT_STATUS_UNSUCCESSFUL;
446 /* No such backend found */
448 DEBUG(0,("No builtin nor plugin backend for %s found\n", module_name));
449 SAFE_FREE(module_name);
450 return NT_STATUS_INVALID_PARAMETER;
453 DEBUG(5,("Found pdb backend %s\n", module_name));
454 nt_status = entry->init(context, methods, module_location);
455 if (NT_STATUS_IS_OK(nt_status)) {
456 DEBUG(5,("pdb backend %s has a valid init\n", selected));
458 DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
460 SAFE_FREE(module_name);
464 /******************************************************************
465 Make a pdb_context from scratch.
466 *******************************************************************/
468 static NTSTATUS make_pdb_context(struct pdb_context **context)
472 mem_ctx = talloc_init("pdb_context internal allocation context");
475 DEBUG(0, ("make_pdb_context: talloc init failed!\n"));
476 return NT_STATUS_NO_MEMORY;
479 *context = talloc(mem_ctx, sizeof(**context));
481 DEBUG(0, ("make_pdb_context: talloc failed!\n"));
482 return NT_STATUS_NO_MEMORY;
485 ZERO_STRUCTP(*context);
487 (*context)->mem_ctx = mem_ctx;
489 (*context)->pdb_setsampwent = context_setsampwent;
490 (*context)->pdb_endsampwent = context_endsampwent;
491 (*context)->pdb_getsampwent = context_getsampwent;
492 (*context)->pdb_getsampwnam = context_getsampwnam;
493 (*context)->pdb_getsampwsid = context_getsampwsid;
494 (*context)->pdb_add_sam_account = context_add_sam_account;
495 (*context)->pdb_update_sam_account = context_update_sam_account;
496 (*context)->pdb_delete_sam_account = context_delete_sam_account;
497 (*context)->pdb_getgrsid = context_getgrsid;
498 (*context)->pdb_getgrgid = context_getgrgid;
499 (*context)->pdb_getgrnam = context_getgrnam;
500 (*context)->pdb_add_group_mapping_entry = context_add_group_mapping_entry;
501 (*context)->pdb_update_group_mapping_entry = context_update_group_mapping_entry;
502 (*context)->pdb_delete_group_mapping_entry = context_delete_group_mapping_entry;
503 (*context)->pdb_enum_group_mapping = context_enum_group_mapping;
505 (*context)->free_fn = free_pdb_context;
511 /******************************************************************
512 Make a pdb_context, given an array of strings
513 *******************************************************************/
515 NTSTATUS make_pdb_context_list(struct pdb_context **context, const char **selected)
518 struct pdb_methods *curmethods, *tmpmethods;
519 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
521 if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context))) {
526 /* Try to initialise pdb */
527 DEBUG(5,("Trying to load: %s\n", selected[i]));
528 if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods_name(&curmethods, *context, selected[i]))) {
529 DEBUG(1, ("Loading %s failed!\n", selected[i]));
530 free_pdb_context(context);
533 curmethods->parent = *context;
534 DLIST_ADD_END((*context)->pdb_methods, curmethods, tmpmethods);
541 /******************************************************************
542 Make a pdb_context, given a text string.
543 *******************************************************************/
545 NTSTATUS make_pdb_context_string(struct pdb_context **context, const char *selected)
548 char **newsel = str_list_make(selected, NULL);
549 ret = make_pdb_context_list(context, (const char **)newsel);
550 str_list_free(&newsel);
554 /******************************************************************
555 Return an already initialised pdb_context, to facilitate backward
556 compatibility (see functions below).
557 *******************************************************************/
559 static struct pdb_context *pdb_get_static_context(BOOL reload)
561 static struct pdb_context *pdb_context = NULL;
563 if ((pdb_context) && (reload)) {
564 pdb_context->free_fn(&pdb_context);
565 if (NT_STATUS_IS_ERR(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
571 if (NT_STATUS_IS_ERR(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
579 /******************************************************************
580 Backward compatibility functions for the original passdb interface
581 *******************************************************************/
583 BOOL pdb_setsampwent(BOOL update)
585 struct pdb_context *pdb_context = pdb_get_static_context(False);
591 return NT_STATUS_IS_OK(pdb_context->pdb_setsampwent(pdb_context, update));
594 void pdb_endsampwent(void)
596 struct pdb_context *pdb_context = pdb_get_static_context(False);
602 pdb_context->pdb_endsampwent(pdb_context);
605 BOOL pdb_getsampwent(SAM_ACCOUNT *user)
607 struct pdb_context *pdb_context = pdb_get_static_context(False);
613 return NT_STATUS_IS_OK(pdb_context->pdb_getsampwent(pdb_context, user));
616 BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username)
618 struct pdb_context *pdb_context = pdb_get_static_context(False);
624 return NT_STATUS_IS_OK(pdb_context->pdb_getsampwnam(pdb_context, sam_acct, username));
627 BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
629 struct pdb_context *pdb_context = pdb_get_static_context(False);
635 return NT_STATUS_IS_OK(pdb_context->pdb_getsampwsid(pdb_context, sam_acct, sid));
638 BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct)
640 struct pdb_context *pdb_context = pdb_get_static_context(False);
646 return NT_STATUS_IS_OK(pdb_context->pdb_add_sam_account(pdb_context, sam_acct));
649 BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
651 struct pdb_context *pdb_context = pdb_get_static_context(False);
657 return NT_STATUS_IS_OK(pdb_context->pdb_update_sam_account(pdb_context, sam_acct));
660 BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
662 struct pdb_context *pdb_context = pdb_get_static_context(False);
668 return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
671 BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
673 struct pdb_context *pdb_context = pdb_get_static_context(False);
679 return NT_STATUS_IS_OK(pdb_context->
680 pdb_getgrsid(pdb_context, map, sid, with_priv));
683 BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid, BOOL with_priv)
685 struct pdb_context *pdb_context = pdb_get_static_context(False);
691 return NT_STATUS_IS_OK(pdb_context->
692 pdb_getgrgid(pdb_context, map, gid, with_priv));
695 BOOL pdb_getgrnam(GROUP_MAP *map, char *name, BOOL with_priv)
697 struct pdb_context *pdb_context = pdb_get_static_context(False);
703 return NT_STATUS_IS_OK(pdb_context->
704 pdb_getgrnam(pdb_context, map, name, with_priv));
707 BOOL pdb_add_group_mapping_entry(GROUP_MAP *map)
709 struct pdb_context *pdb_context = pdb_get_static_context(False);
715 return NT_STATUS_IS_OK(pdb_context->
716 pdb_add_group_mapping_entry(pdb_context, map));
719 BOOL pdb_update_group_mapping_entry(GROUP_MAP *map)
721 struct pdb_context *pdb_context = pdb_get_static_context(False);
727 return NT_STATUS_IS_OK(pdb_context->
728 pdb_update_group_mapping_entry(pdb_context, map));
731 BOOL pdb_delete_group_mapping_entry(DOM_SID sid)
733 struct pdb_context *pdb_context = pdb_get_static_context(False);
739 return NT_STATUS_IS_OK(pdb_context->
740 pdb_delete_group_mapping_entry(pdb_context, sid));
743 BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
744 int *num_entries, BOOL unix_only, BOOL with_priv)
746 struct pdb_context *pdb_context = pdb_get_static_context(False);
752 return NT_STATUS_IS_OK(pdb_context->
753 pdb_enum_group_mapping(pdb_context, sid_name_use,
754 rmap, num_entries, unix_only,
758 /***************************************************************
759 Initialize the static context (at smbd startup etc).
761 If uninitialised, context will auto-init on first use.
762 ***************************************************************/
764 BOOL initialize_password_db(BOOL reload)
766 return (pdb_get_static_context(reload) != NULL);
770 /***************************************************************************
771 Default implementations of some functions.
772 ****************************************************************************/
774 static NTSTATUS pdb_default_getsampwnam (struct pdb_methods *methods, SAM_ACCOUNT *user, const char *sname)
776 return NT_STATUS_NO_SUCH_USER;
779 static NTSTATUS pdb_default_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT * user, const DOM_SID *sid)
781 return NT_STATUS_NO_SUCH_USER;
784 static NTSTATUS pdb_default_add_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
786 DEBUG(0,("this backend (%s) should not be listed as the first passdb backend! You can't add users to it.\n", methods->name));
787 return NT_STATUS_NOT_IMPLEMENTED;
790 static NTSTATUS pdb_default_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
792 return NT_STATUS_NOT_IMPLEMENTED;
795 static NTSTATUS pdb_default_delete_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *pwd)
797 return NT_STATUS_NOT_IMPLEMENTED;
800 static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update)
802 return NT_STATUS_NOT_IMPLEMENTED;
805 static NTSTATUS pdb_default_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT *user)
807 return NT_STATUS_NOT_IMPLEMENTED;
810 static void pdb_default_endsampwent(struct pdb_methods *methods)
812 return; /* NT_STATUS_NOT_IMPLEMENTED; */
815 NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
817 *methods = talloc(mem_ctx, sizeof(struct pdb_methods));
820 return NT_STATUS_NO_MEMORY;
823 ZERO_STRUCTP(*methods);
825 (*methods)->setsampwent = pdb_default_setsampwent;
826 (*methods)->endsampwent = pdb_default_endsampwent;
827 (*methods)->getsampwent = pdb_default_getsampwent;
828 (*methods)->getsampwnam = pdb_default_getsampwnam;
829 (*methods)->getsampwsid = pdb_default_getsampwsid;
830 (*methods)->add_sam_account = pdb_default_add_sam_account;
831 (*methods)->update_sam_account = pdb_default_update_sam_account;
832 (*methods)->delete_sam_account = pdb_default_delete_sam_account;
834 (*methods)->getgrsid = pdb_default_getgrsid;
835 (*methods)->getgrgid = pdb_default_getgrgid;
836 (*methods)->getgrnam = pdb_default_getgrnam;
837 (*methods)->add_group_mapping_entry = pdb_default_add_group_mapping_entry;
838 (*methods)->update_group_mapping_entry = pdb_default_update_group_mapping_entry;
839 (*methods)->delete_group_mapping_entry = pdb_default_delete_group_mapping_entry;
840 (*methods)->enum_group_mapping = pdb_default_enum_group_mapping;
git.samba.org / jra / samba / .git / blob