search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
tevent: Set FD_CLOEXEC on epoll handle
[Samba.git] / source3 / passdb / secrets.c
blobd39390e8c652c6616a0528df44b3299bcf170c91
1 /*
2 Unix SMB/CIFS implementation.
3 Copyright (C) Andrew Tridgell 1992-2001
4 Copyright (C) Andrew Bartlett 2002
5 Copyright (C) Rafal Szczesniak 2002
6 Copyright (C) Tim Potter 2001
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 /* the Samba secrets database stores any generated, private information
23 such as the local SID and machine trust password */
24
25 #include "includes.h"
26 #include "system/filesys.h"
27 #include "passdb.h"
28 #include "../libcli/auth/libcli_auth.h"
29 #include "librpc/gen_ndr/ndr_secrets.h"
30 #include "secrets.h"
31 #include "dbwrap/dbwrap.h"
32 #include "dbwrap/dbwrap_open.h"
33 #include "../libcli/security/security.h"
34 #include "util_tdb.h"
35
36 #undef DBGC_CLASS
37 #define DBGC_CLASS DBGC_PASSDB
38
39 static struct db_context *db_ctx;
40
41 /**
42 * Use a TDB to store an incrementing random seed.
43 *
44 * Initialised to the current pid, the very first time Samba starts,
45 * and incremented by one each time it is needed.
46 *
47 * @note Not called by systems with a working /dev/urandom.
48 */
49 static void get_rand_seed(void *userdata, int *new_seed)
50 {
51 *new_seed = sys_getpid();
52 if (db_ctx) {
53 dbwrap_trans_change_int32_atomic(db_ctx, "INFO/random_seed",
54 new_seed, 1);
55 }
56 }
57
58 /* open up the secrets database */
59 bool secrets_init(void)
60 {
61 char *fname = NULL;
62 unsigned char dummy;
63
64 if (db_ctx != NULL)
65 return True;
66
67 fname = talloc_asprintf(talloc_tos(), "%s/secrets.tdb",
68 lp_private_dir());
69 if (fname == NULL) {
70 return false;
71 }
72
73 db_ctx = db_open(NULL, fname, 0,
74 TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
75
76 if (db_ctx == NULL) {
77 DEBUG(0,("Failed to open %s\n", fname));
78 TALLOC_FREE(fname);
79 return False;
80 }
81
82 TALLOC_FREE(fname);
83
84 /**
85 * Set a reseed function for the crypto random generator
86 *
87 * This avoids a problem where systems without /dev/urandom
88 * could send the same challenge to multiple clients
89 */
90 set_rand_reseed_callback(get_rand_seed, NULL);
91
92 /* Ensure that the reseed is done now, while we are root, etc */
93 generate_random_buffer(&dummy, sizeof(dummy));
94
95 return True;
96 }
97
98 struct db_context *secrets_db_ctx(void)
99 {
100 if (!secrets_init()) {
101 return NULL;
102 }
103
104 return db_ctx;
105 }
106
107 /*
108 * close secrets.tdb
109 */
110 void secrets_shutdown(void)
111 {
112 TALLOC_FREE(db_ctx);
113 }
114
115 /* read a entry from the secrets database - the caller must free the result
116 if size is non-null then the size of the entry is put in there
117 */
118 void *secrets_fetch(const char *key, size_t *size)
119 {
120 TDB_DATA dbuf;
121 void *result;
122
123 if (!secrets_init()) {
124 return NULL;
125 }
126
127 if (db_ctx->fetch(db_ctx, talloc_tos(), string_tdb_data(key),
128 &dbuf) != 0) {
129 return NULL;
130 }
131
132 result = memdup(dbuf.dptr, dbuf.dsize);
133 if (result == NULL) {
134 return NULL;
135 }
136 TALLOC_FREE(dbuf.dptr);
137
138 if (size) {
139 *size = dbuf.dsize;
140 }
141
142 return result;
143 }
144
145 /* store a secrets entry
146 */
147 bool secrets_store(const char *key, const void *data, size_t size)
148 {
149 NTSTATUS status;
150
151 if (!secrets_init()) {
152 return false;
153 }
154
155 status = dbwrap_trans_store(db_ctx, string_tdb_data(key),
156 make_tdb_data((const uint8 *)data, size),
157 TDB_REPLACE);
158 return NT_STATUS_IS_OK(status);
159 }
160
161
162 /* delete a secets database entry
163 */
164 bool secrets_delete(const char *key)
165 {
166 NTSTATUS status;
167 if (!secrets_init()) {
168 return false;
169 }
170
171 status = dbwrap_trans_delete(db_ctx, string_tdb_data(key));
172
173 return NT_STATUS_IS_OK(status);
174 }
175
176 /**
177 * Form a key for fetching a trusted domain password
178 *
179 * @param domain trusted domain name
180 *
181 * @return stored password's key
182 **/
183 static char *trustdom_keystr(const char *domain)
184 {
185 char *keystr;
186
187 keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
188 SECRETS_DOMTRUST_ACCT_PASS,
189 domain);
190 SMB_ASSERT(keystr != NULL);
191 return keystr;
192 }
193
194 /************************************************************************
195 Routine to get account password to trusted domain
196 ************************************************************************/
197
198 bool secrets_fetch_trusted_domain_password(const char *domain, char** pwd,
199 struct dom_sid *sid, time_t *pass_last_set_time)
200 {
201 struct TRUSTED_DOM_PASS pass;
202 enum ndr_err_code ndr_err;
203
204 /* unpacking structures */
205 DATA_BLOB blob;
206
207 /* fetching trusted domain password structure */
208 if (!(blob.data = (uint8_t *)secrets_fetch(trustdom_keystr(domain),
209 &blob.length))) {
210 DEBUG(5, ("secrets_fetch failed!\n"));
211 return False;
212 }
213
214 /* unpack trusted domain password */
215 ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &pass,
216 (ndr_pull_flags_fn_t)ndr_pull_TRUSTED_DOM_PASS);
217
218 SAFE_FREE(blob.data);
219
220 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
221 return false;
222 }
223
224
225 /* the trust's password */
226 if (pwd) {
227 *pwd = SMB_STRDUP(pass.pass);
228 if (!*pwd) {
229 return False;
230 }
231 }
232
233 /* last change time */
234 if (pass_last_set_time) *pass_last_set_time = pass.mod_time;
235
236 /* domain sid */
237 if (sid != NULL) sid_copy(sid, &pass.domain_sid);
238
239 return True;
240 }
241
242 /**
243 * Routine to store the password for trusted domain
244 *
245 * @param domain remote domain name
246 * @param pwd plain text password of trust relationship
247 * @param sid remote domain sid
248 *
249 * @return true if succeeded
250 **/
251
252 bool secrets_store_trusted_domain_password(const char* domain, const char* pwd,
253 const struct dom_sid *sid)
254 {
255 bool ret;
256
257 /* packing structures */
258 DATA_BLOB blob;
259 enum ndr_err_code ndr_err;
260 struct TRUSTED_DOM_PASS pass;
261 ZERO_STRUCT(pass);
262
263 pass.uni_name = domain;
264 pass.uni_name_len = strlen(domain)+1;
265
266 /* last change time */
267 pass.mod_time = time(NULL);
268
269 /* password of the trust */
270 pass.pass_len = strlen(pwd);
271 pass.pass = pwd;
272
273 /* domain sid */
274 sid_copy(&pass.domain_sid, sid);
275
276 ndr_err = ndr_push_struct_blob(&blob, talloc_tos(), &pass,
277 (ndr_push_flags_fn_t)ndr_push_TRUSTED_DOM_PASS);
278 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
279 return false;
280 }
281
282 ret = secrets_store(trustdom_keystr(domain), blob.data, blob.length);
283
284 data_blob_free(&blob);
285
286 return ret;
287 }
288
289 /************************************************************************
290 Routine to delete the password for trusted domain
291 ************************************************************************/
292
293 bool trusted_domain_password_delete(const char *domain)
294 {
295 return secrets_delete(trustdom_keystr(domain));
296 }
297
298 bool secrets_store_ldap_pw(const char* dn, char* pw)
299 {
300 char *key = NULL;
301 bool ret;
302
303 if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, dn) < 0) {
304 DEBUG(0, ("secrets_store_ldap_pw: asprintf failed!\n"));
305 return False;
306 }
307
308 ret = secrets_store(key, pw, strlen(pw)+1);
309
310 SAFE_FREE(key);
311 return ret;
312 }
313
314 /*******************************************************************
315 Find the ldap password.
316 ******************************************************************/
317
318 bool fetch_ldap_pw(char **dn, char** pw)
319 {
320 char *key = NULL;
321 size_t size = 0;
322
323 *dn = smb_xstrdup(lp_ldap_admin_dn());
324
325 if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, *dn) < 0) {
326 SAFE_FREE(*dn);
327 DEBUG(0, ("fetch_ldap_pw: asprintf failed!\n"));
328 return false;
329 }
330
331 *pw=(char *)secrets_fetch(key, &size);
332 SAFE_FREE(key);
333
334 if (!size) {
335 /* Upgrade 2.2 style entry */
336 char *p;
337 char* old_style_key = SMB_STRDUP(*dn);
338 char *data;
339 fstring old_style_pw;
340
341 if (!old_style_key) {
342 DEBUG(0, ("fetch_ldap_pw: strdup failed!\n"));
343 return False;
344 }
345
346 for (p=old_style_key; *p; p++)
347 if (*p == ',') *p = '/';
348
349 data=(char *)secrets_fetch(old_style_key, &size);
350 if ((data == NULL) || (size < sizeof(old_style_pw))) {
351 DEBUG(0,("fetch_ldap_pw: neither ldap secret retrieved!\n"));
352 SAFE_FREE(old_style_key);
353 SAFE_FREE(*dn);
354 SAFE_FREE(data);
355 return False;
356 }
357
358 size = MIN(size, sizeof(fstring)-1);
359 strncpy(old_style_pw, data, size);
360 old_style_pw[size] = 0;
361
362 SAFE_FREE(data);
363
364 if (!secrets_store_ldap_pw(*dn, old_style_pw)) {
365 DEBUG(0,("fetch_ldap_pw: ldap secret could not be upgraded!\n"));
366 SAFE_FREE(old_style_key);
367 SAFE_FREE(*dn);
368 return False;
369 }
370 if (!secrets_delete(old_style_key)) {
371 DEBUG(0,("fetch_ldap_pw: old ldap secret could not be deleted!\n"));
372 }
373
374 SAFE_FREE(old_style_key);
375
376 *pw = smb_xstrdup(old_style_pw);
377 }
378
379 return True;
380 }
381
382 /**
383 * Get trusted domains info from secrets.tdb.
384 **/
385
386 struct list_trusted_domains_state {
387 uint32 num_domains;
388 struct trustdom_info **domains;
389 };
390
391 static int list_trusted_domain(struct db_record *rec, void *private_data)
392 {
393 const size_t prefix_len = strlen(SECRETS_DOMTRUST_ACCT_PASS);
394 struct TRUSTED_DOM_PASS pass;
395 enum ndr_err_code ndr_err;
396 DATA_BLOB blob;
397 struct trustdom_info *dom_info;
398
399 struct list_trusted_domains_state *state =
400 (struct list_trusted_domains_state *)private_data;
401
402 if ((rec->key.dsize < prefix_len)
403 || (strncmp((char *)rec->key.dptr, SECRETS_DOMTRUST_ACCT_PASS,
404 prefix_len) != 0)) {
405 return 0;
406 }
407
408 blob = data_blob_const(rec->value.dptr, rec->value.dsize);
409
410 ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &pass,
411 (ndr_pull_flags_fn_t)ndr_pull_TRUSTED_DOM_PASS);
412 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
413 return false;
414 }
415
416 if (pass.domain_sid.num_auths != 4) {
417 DEBUG(0, ("SID %s is not a domain sid, has %d "
418 "auths instead of 4\n",
419 sid_string_dbg(&pass.domain_sid),
420 pass.domain_sid.num_auths));
421 return 0;
422 }
423
424 if (!(dom_info = talloc(state->domains, struct trustdom_info))) {
425 DEBUG(0, ("talloc failed\n"));
426 return 0;
427 }
428
429 dom_info->name = talloc_strdup(dom_info, pass.uni_name);
430 if (!dom_info->name) {
431 TALLOC_FREE(dom_info);
432 return 0;
433 }
434
435 sid_copy(&dom_info->sid, &pass.domain_sid);
436
437 ADD_TO_ARRAY(state->domains, struct trustdom_info *, dom_info,
438 &state->domains, &state->num_domains);
439
440 if (state->domains == NULL) {
441 state->num_domains = 0;
442 return -1;
443 }
444 return 0;
445 }
446
447 NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains,
448 struct trustdom_info ***domains)
449 {
450 struct list_trusted_domains_state state;
451
452 if (!secrets_init()) {
453 return NT_STATUS_ACCESS_DENIED;
454 }
455
456 state.num_domains = 0;
457
458 /*
459 * Make sure that a talloc context for the trustdom_info structs
460 * exists
461 */
462
463 if (!(state.domains = talloc_array(
464 mem_ctx, struct trustdom_info *, 1))) {
465 return NT_STATUS_NO_MEMORY;
466 }
467
468 db_ctx->traverse_read(db_ctx, list_trusted_domain, (void *)&state);
469
470 *num_domains = state.num_domains;
471 *domains = state.domains;
472 return NT_STATUS_OK;
473 }
474
475 /*******************************************************************************
476 Store a complete AFS keyfile into secrets.tdb.
477 *******************************************************************************/
478
479 bool secrets_store_afs_keyfile(const char *cell, const struct afs_keyfile *keyfile)
480 {
481 fstring key;
482
483 if ((cell == NULL) || (keyfile == NULL))
484 return False;
485
486 if (ntohl(keyfile->nkeys) > SECRETS_AFS_MAXKEYS)
487 return False;
488
489 slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_AFS_KEYFILE, cell);
490 return secrets_store(key, keyfile, sizeof(struct afs_keyfile));
491 }
492
493 /*******************************************************************************
494 Fetch the current (highest) AFS key from secrets.tdb
495 *******************************************************************************/
496 bool secrets_fetch_afs_key(const char *cell, struct afs_key *result)
497 {
498 fstring key;
499 struct afs_keyfile *keyfile;
500 size_t size = 0;
501 uint32 i;
502
503 slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_AFS_KEYFILE, cell);
504
505 keyfile = (struct afs_keyfile *)secrets_fetch(key, &size);
506
507 if (keyfile == NULL)
508 return False;
509
510 if (size != sizeof(struct afs_keyfile)) {
511 SAFE_FREE(keyfile);
512 return False;
513 }
514
515 i = ntohl(keyfile->nkeys);
516
517 if (i > SECRETS_AFS_MAXKEYS) {
518 SAFE_FREE(keyfile);
519 return False;
520 }
521
522 *result = keyfile->entry[i-1];
523
524 result->kvno = ntohl(result->kvno);
525
526 SAFE_FREE(keyfile);
527
528 return True;
529 }
530
531 /******************************************************************************
532 When kerberos is not available, choose between anonymous or
533 authenticated connections.
534
535 We need to use an authenticated connection if DCs have the
536 RestrictAnonymous registry entry set > 0, or the "Additional
537 restrictions for anonymous connections" set in the win2k Local
538 Security Policy.
539
540 Caller to free() result in domain, username, password
541 *******************************************************************************/
542 void secrets_fetch_ipc_userpass(char **username, char **domain, char **password)
543 {
544 *username = (char *)secrets_fetch(SECRETS_AUTH_USER, NULL);
545 *domain = (char *)secrets_fetch(SECRETS_AUTH_DOMAIN, NULL);
546 *password = (char *)secrets_fetch(SECRETS_AUTH_PASSWORD, NULL);
547
548 if (*username && **username) {
549
550 if (!*domain || !**domain)
551 *domain = smb_xstrdup(lp_workgroup());
552
553 if (!*password || !**password)
554 *password = smb_xstrdup("");
555
556 DEBUG(3, ("IPC$ connections done by user %s\\%s\n",
557 *domain, *username));
558
559 } else {
560 DEBUG(3, ("IPC$ connections done anonymously\n"));
561 *username = smb_xstrdup("");
562 *domain = smb_xstrdup("");
563 *password = smb_xstrdup("");
564 }
565 }
566
567 bool secrets_store_generic(const char *owner, const char *key, const char *secret)
568 {
569 char *tdbkey = NULL;
570 bool ret;
571
572 if (asprintf(&tdbkey, "SECRETS/GENERIC/%s/%s", owner, key) < 0) {
573 DEBUG(0, ("asprintf failed!\n"));
574 return False;
575 }
576
577 ret = secrets_store(tdbkey, secret, strlen(secret)+1);
578
579 SAFE_FREE(tdbkey);
580 return ret;
581 }
582
583 bool secrets_delete_generic(const char *owner, const char *key)
584 {
585 char *tdbkey = NULL;
586 bool ret;
587
588 if (asprintf(&tdbkey, "SECRETS/GENERIC/%s/%s", owner, key) < 0) {
589 DEBUG(0, ("asprintf failed!\n"));
590 return False;
591 }
592
593 ret = secrets_delete(tdbkey);
594
595 SAFE_FREE(tdbkey);
596 return ret;
597 }
598
599 /*******************************************************************
600 Find the ldap password.
601 ******************************************************************/
602
603 char *secrets_fetch_generic(const char *owner, const char *key)
604 {
605 char *secret = NULL;
606 char *tdbkey = NULL;
607
608 if (( ! owner) || ( ! key)) {
609 DEBUG(1, ("Invalid Parameters"));
610 return NULL;
611 }
612
613 if (asprintf(&tdbkey, "SECRETS/GENERIC/%s/%s", owner, key) < 0) {
614 DEBUG(0, ("Out of memory!\n"));
615 return NULL;
616 }
617
618 secret = (char *)secrets_fetch(tdbkey, NULL);
619 SAFE_FREE(tdbkey);
620
621 return secret;
622 }
623
Samba GIT mirror