Fix a memleak in fetch_ldap_pw
[Samba.git] / source / passdb / secrets.c
blob6efa82f5668c57c5bd898206def3abffed60464e
1 /*
2 Unix SMB/CIFS implementation.
3 Copyright (C) Andrew Tridgell 1992-2001
4 Copyright (C) Andrew Bartlett 2002
5 Copyright (C) Rafal Szczesniak 2002
6 Copyright (C) Tim Potter 2001
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 /* the Samba secrets database stores any generated, private information
23 such as the local SID and machine trust password */
25 #include "includes.h"
27 #undef DBGC_CLASS
28 #define DBGC_CLASS DBGC_PASSDB
30 static struct db_context *db_ctx;
32 /* Urrrg. global.... */
33 bool global_machine_password_needs_changing;
35 /**
36 * Use a TDB to store an incrementing random seed.
38 * Initialised to the current pid, the very first time Samba starts,
39 * and incremented by one each time it is needed.
41 * @note Not called by systems with a working /dev/urandom.
43 static void get_rand_seed(int *new_seed)
45 *new_seed = sys_getpid();
46 if (db_ctx) {
47 dbwrap_change_int32_atomic(db_ctx, "INFO/random_seed",
48 new_seed, 1);
52 /* open up the secrets database */
53 bool secrets_init(void)
55 char *fname = NULL;
56 unsigned char dummy;
58 if (db_ctx != NULL)
59 return True;
61 fname = talloc_asprintf(talloc_tos(), "%s/secrets.tdb",
62 lp_private_dir());
63 if (fname == NULL) {
64 return false;
67 db_ctx = db_open_trans(NULL, fname, 0,
68 TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
70 if (db_ctx == NULL) {
71 DEBUG(0,("Failed to open %s\n", fname));
72 TALLOC_FREE(fname);
73 return False;
76 TALLOC_FREE(fname);
78 /**
79 * Set a reseed function for the crypto random generator
81 * This avoids a problem where systems without /dev/urandom
82 * could send the same challenge to multiple clients
84 set_rand_reseed_callback(get_rand_seed);
86 /* Ensure that the reseed is done now, while we are root, etc */
87 generate_random_buffer(&dummy, sizeof(dummy));
89 return True;
92 struct db_context *secrets_db_ctx(void)
94 if (!secrets_init()) {
95 return NULL;
98 return db_ctx;
102 * close secrets.tdb
104 void secrets_shutdown(void)
106 TALLOC_FREE(db_ctx);
109 /* read a entry from the secrets database - the caller must free the result
110 if size is non-null then the size of the entry is put in there
112 void *secrets_fetch(const char *key, size_t *size)
114 TDB_DATA dbuf;
115 void *result;
117 if (!secrets_init()) {
118 return NULL;
121 if (db_ctx->fetch(db_ctx, talloc_tos(), string_tdb_data(key),
122 &dbuf) != 0) {
123 return NULL;
126 result = memdup(dbuf.dptr, dbuf.dsize);
127 if (result == NULL) {
128 return NULL;
130 TALLOC_FREE(dbuf.dptr);
132 if (size) {
133 *size = dbuf.dsize;
136 return result;
139 /* store a secrets entry
141 bool secrets_store(const char *key, const void *data, size_t size)
143 NTSTATUS status;
145 if (!secrets_init()) {
146 return false;
149 status = dbwrap_trans_store(db_ctx, string_tdb_data(key),
150 make_tdb_data((const uint8 *)data, size),
151 TDB_REPLACE);
152 return NT_STATUS_IS_OK(status);
156 /* delete a secets database entry
158 bool secrets_delete(const char *key)
160 NTSTATUS status;
161 if (!secrets_init()) {
162 return false;
165 status = dbwrap_trans_delete(db_ctx, string_tdb_data(key));
167 return NT_STATUS_IS_OK(status);
171 * Form a key for fetching the domain sid
173 * @param domain domain name
175 * @return keystring
177 static const char *domain_sid_keystr(const char *domain)
179 char *keystr;
181 keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
182 SECRETS_DOMAIN_SID, domain);
183 SMB_ASSERT(keystr != NULL);
184 return keystr;
187 bool secrets_store_domain_sid(const char *domain, const DOM_SID *sid)
189 bool ret;
191 ret = secrets_store(domain_sid_keystr(domain), sid, sizeof(DOM_SID));
193 /* Force a re-query, in case we modified our domain */
194 if (ret)
195 reset_global_sam_sid();
196 return ret;
199 bool secrets_fetch_domain_sid(const char *domain, DOM_SID *sid)
201 DOM_SID *dyn_sid;
202 size_t size = 0;
204 dyn_sid = (DOM_SID *)secrets_fetch(domain_sid_keystr(domain), &size);
206 if (dyn_sid == NULL)
207 return False;
209 if (size != sizeof(DOM_SID)) {
210 SAFE_FREE(dyn_sid);
211 return False;
214 *sid = *dyn_sid;
215 SAFE_FREE(dyn_sid);
216 return True;
219 bool secrets_store_domain_guid(const char *domain, struct GUID *guid)
221 fstring key;
223 slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain);
224 strupper_m(key);
225 return secrets_store(key, guid, sizeof(struct GUID));
228 bool secrets_fetch_domain_guid(const char *domain, struct GUID *guid)
230 struct GUID *dyn_guid;
231 fstring key;
232 size_t size = 0;
233 struct GUID new_guid;
235 slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain);
236 strupper_m(key);
237 dyn_guid = (struct GUID *)secrets_fetch(key, &size);
239 if (!dyn_guid) {
240 if (lp_server_role() == ROLE_DOMAIN_PDC) {
241 smb_uuid_generate_random(&new_guid);
242 if (!secrets_store_domain_guid(domain, &new_guid))
243 return False;
244 dyn_guid = (struct GUID *)secrets_fetch(key, &size);
246 if (dyn_guid == NULL) {
247 return False;
251 if (size != sizeof(struct GUID)) {
252 DEBUG(1,("UUID size %d is wrong!\n", (int)size));
253 SAFE_FREE(dyn_guid);
254 return False;
257 *guid = *dyn_guid;
258 SAFE_FREE(dyn_guid);
259 return True;
263 * Form a key for fetching the machine trust account sec channel type
265 * @param domain domain name
267 * @return keystring
269 static const char *machine_sec_channel_type_keystr(const char *domain)
271 char *keystr;
273 keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
274 SECRETS_MACHINE_SEC_CHANNEL_TYPE,
275 domain);
276 SMB_ASSERT(keystr != NULL);
277 return keystr;
281 * Form a key for fetching the machine trust account last change time
283 * @param domain domain name
285 * @return keystring
287 static const char *machine_last_change_time_keystr(const char *domain)
289 char *keystr;
291 keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
292 SECRETS_MACHINE_LAST_CHANGE_TIME,
293 domain);
294 SMB_ASSERT(keystr != NULL);
295 return keystr;
300 * Form a key for fetching the machine trust account password
302 * @param domain domain name
304 * @return keystring
306 static const char *machine_password_keystr(const char *domain)
308 char *keystr;
310 keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
311 SECRETS_MACHINE_PASSWORD, domain);
312 SMB_ASSERT(keystr != NULL);
313 return keystr;
317 * Form a key for fetching the machine trust account password
319 * @param domain domain name
321 * @return stored password's key
323 static const char *trust_keystr(const char *domain)
325 char *keystr;
327 keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
328 SECRETS_MACHINE_ACCT_PASS, domain);
329 SMB_ASSERT(keystr != NULL);
330 return keystr;
334 * Form a key for fetching a trusted domain password
336 * @param domain trusted domain name
338 * @return stored password's key
340 static char *trustdom_keystr(const char *domain)
342 char *keystr;
344 keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
345 SECRETS_DOMTRUST_ACCT_PASS,
346 domain);
347 SMB_ASSERT(keystr != NULL);
348 return keystr;
351 /************************************************************************
352 Lock the trust password entry.
353 ************************************************************************/
355 void *secrets_get_trust_account_lock(TALLOC_CTX *mem_ctx, const char *domain)
357 if (!secrets_init()) {
358 return NULL;
361 return db_ctx->fetch_locked(
362 db_ctx, mem_ctx, string_term_tdb_data(trust_keystr(domain)));
365 /************************************************************************
366 Routine to get the default secure channel type for trust accounts
367 ************************************************************************/
369 uint32 get_default_sec_channel(void)
371 if (lp_server_role() == ROLE_DOMAIN_BDC ||
372 lp_server_role() == ROLE_DOMAIN_PDC) {
373 return SEC_CHAN_BDC;
374 } else {
375 return SEC_CHAN_WKSTA;
379 /************************************************************************
380 Routine to get the trust account password for a domain.
381 This only tries to get the legacy hashed version of the password.
382 The user of this function must have locked the trust password file using
383 the above secrets_lock_trust_account_password().
384 ************************************************************************/
386 bool secrets_fetch_trust_account_password_legacy(const char *domain,
387 uint8 ret_pwd[16],
388 time_t *pass_last_set_time,
389 uint32 *channel)
391 struct machine_acct_pass *pass;
392 size_t size = 0;
394 if (!(pass = (struct machine_acct_pass *)secrets_fetch(
395 trust_keystr(domain), &size))) {
396 DEBUG(5, ("secrets_fetch failed!\n"));
397 return False;
400 if (size != sizeof(*pass)) {
401 DEBUG(0, ("secrets were of incorrect size!\n"));
402 SAFE_FREE(pass);
403 return False;
406 if (pass_last_set_time) {
407 *pass_last_set_time = pass->mod_time;
409 memcpy(ret_pwd, pass->hash, 16);
411 if (channel) {
412 *channel = get_default_sec_channel();
415 /* Test if machine password has expired and needs to be changed */
416 if (lp_machine_password_timeout()) {
417 if (pass->mod_time > 0 && time(NULL) > (pass->mod_time +
418 (time_t)lp_machine_password_timeout())) {
419 global_machine_password_needs_changing = True;
423 SAFE_FREE(pass);
424 return True;
427 /************************************************************************
428 Routine to get the trust account password for a domain.
429 The user of this function must have locked the trust password file using
430 the above secrets_lock_trust_account_password().
431 ************************************************************************/
433 bool secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16],
434 time_t *pass_last_set_time,
435 uint32 *channel)
437 char *plaintext;
439 plaintext = secrets_fetch_machine_password(domain, pass_last_set_time,
440 channel);
441 if (plaintext) {
442 DEBUG(4,("Using cleartext machine password\n"));
443 E_md4hash(plaintext, ret_pwd);
444 SAFE_FREE(plaintext);
445 return True;
448 return secrets_fetch_trust_account_password_legacy(domain, ret_pwd,
449 pass_last_set_time,
450 channel);
454 * Pack SID passed by pointer
456 * @param pack_buf pointer to buffer which is to be filled with packed data
457 * @param bufsize size of packing buffer
458 * @param sid pointer to sid to be packed
460 * @return length of the packed representation of the whole structure
462 static size_t tdb_sid_pack(uint8 *pack_buf, int bufsize, DOM_SID* sid)
464 int idx;
465 size_t len = 0;
466 uint8 *p = pack_buf;
467 int remaining_space = pack_buf ? bufsize : 0;
469 if (!sid) {
470 return -1;
473 len += tdb_pack(p, remaining_space, "bb", sid->sid_rev_num,
474 sid->num_auths);
475 if (pack_buf) {
476 p = pack_buf + len;
477 remaining_space = bufsize - len;
480 for (idx = 0; idx < 6; idx++) {
481 len += tdb_pack(p, remaining_space, "b",
482 sid->id_auth[idx]);
483 if (pack_buf) {
484 p = pack_buf + len;
485 remaining_space = bufsize - len;
489 for (idx = 0; idx < MAXSUBAUTHS; idx++) {
490 len += tdb_pack(p, remaining_space, "d",
491 sid->sub_auths[idx]);
492 if (pack_buf) {
493 p = pack_buf + len;
494 remaining_space = bufsize - len;
498 return len;
502 * Unpack SID into a pointer
504 * @param pack_buf pointer to buffer with packed representation
505 * @param bufsize size of the buffer
506 * @param sid pointer to sid structure to be filled with unpacked data
508 * @return size of structure unpacked from buffer
510 static size_t tdb_sid_unpack(uint8 *pack_buf, int bufsize, DOM_SID* sid)
512 int idx, len = 0;
514 if (!sid || !pack_buf) return -1;
516 len += tdb_unpack(pack_buf + len, bufsize - len, "bb",
517 &sid->sid_rev_num, &sid->num_auths);
519 for (idx = 0; idx < 6; idx++) {
520 len += tdb_unpack(pack_buf + len, bufsize - len, "b",
521 &sid->id_auth[idx]);
524 for (idx = 0; idx < MAXSUBAUTHS; idx++) {
525 len += tdb_unpack(pack_buf + len, bufsize - len, "d",
526 &sid->sub_auths[idx]);
529 return len;
533 * Pack TRUSTED_DOM_PASS passed by pointer
535 * @param pack_buf pointer to buffer which is to be filled with packed data
536 * @param bufsize size of the buffer
537 * @param pass pointer to trusted domain password to be packed
539 * @return length of the packed representation of the whole structure
541 static size_t tdb_trusted_dom_pass_pack(uint8 *pack_buf, int bufsize,
542 TRUSTED_DOM_PASS* pass)
544 int idx, len = 0;
545 uint8 *p = pack_buf;
546 int remaining_space = pack_buf ? bufsize : 0;
548 if (!pass) {
549 return -1;
552 /* packing unicode domain name and password */
553 len += tdb_pack(p, remaining_space, "d",
554 pass->uni_name_len);
555 if (pack_buf) {
556 p = pack_buf + len;
557 remaining_space = bufsize - len;
560 for (idx = 0; idx < 32; idx++) {
561 len += tdb_pack(p, remaining_space, "w",
562 pass->uni_name[idx]);
563 if (pack_buf) {
564 p = pack_buf + len;
565 remaining_space = bufsize - len;
569 len += tdb_pack(p, remaining_space, "dPd", pass->pass_len,
570 pass->pass, pass->mod_time);
571 if (pack_buf) {
572 p = pack_buf + len;
573 remaining_space = bufsize - len;
576 /* packing SID structure */
577 len += tdb_sid_pack(p, remaining_space, &pass->domain_sid);
578 if (pack_buf) {
579 p = pack_buf + len;
580 remaining_space = bufsize - len;
583 return len;
588 * Unpack TRUSTED_DOM_PASS passed by pointer
590 * @param pack_buf pointer to buffer with packed representation
591 * @param bufsize size of the buffer
592 * @param pass pointer to trusted domain password to be filled with unpacked data
594 * @return size of structure unpacked from buffer
596 static size_t tdb_trusted_dom_pass_unpack(uint8 *pack_buf, int bufsize,
597 TRUSTED_DOM_PASS* pass)
599 int idx, len = 0;
600 char *passp = NULL;
602 if (!pack_buf || !pass) return -1;
604 /* unpack unicode domain name and plaintext password */
605 len += tdb_unpack(pack_buf, bufsize - len, "d", &pass->uni_name_len);
607 for (idx = 0; idx < 32; idx++)
608 len += tdb_unpack(pack_buf + len, bufsize - len, "w",
609 &pass->uni_name[idx]);
611 len += tdb_unpack(pack_buf + len, bufsize - len, "dPd",
612 &pass->pass_len, &passp, &pass->mod_time);
613 if (passp) {
614 fstrcpy(pass->pass, passp);
616 SAFE_FREE(passp);
618 /* unpack domain sid */
619 len += tdb_sid_unpack(pack_buf + len, bufsize - len,
620 &pass->domain_sid);
622 return len;
625 /************************************************************************
626 Routine to get account password to trusted domain
627 ************************************************************************/
629 bool secrets_fetch_trusted_domain_password(const char *domain, char** pwd,
630 DOM_SID *sid, time_t *pass_last_set_time)
632 struct trusted_dom_pass pass;
633 size_t size = 0;
635 /* unpacking structures */
636 uint8 *pass_buf;
637 int pass_len = 0;
639 ZERO_STRUCT(pass);
641 /* fetching trusted domain password structure */
642 if (!(pass_buf = (uint8 *)secrets_fetch(trustdom_keystr(domain),
643 &size))) {
644 DEBUG(5, ("secrets_fetch failed!\n"));
645 return False;
648 /* unpack trusted domain password */
649 pass_len = tdb_trusted_dom_pass_unpack(pass_buf, size, &pass);
650 SAFE_FREE(pass_buf);
652 if (pass_len != size) {
653 DEBUG(5, ("Invalid secrets size. Unpacked data doesn't match trusted_dom_pass structure.\n"));
654 return False;
657 /* the trust's password */
658 if (pwd) {
659 *pwd = SMB_STRDUP(pass.pass);
660 if (!*pwd) {
661 return False;
665 /* last change time */
666 if (pass_last_set_time) *pass_last_set_time = pass.mod_time;
668 /* domain sid */
669 if (sid != NULL) sid_copy(sid, &pass.domain_sid);
671 return True;
675 * Routine to store the password for trusted domain
677 * @param domain remote domain name
678 * @param pwd plain text password of trust relationship
679 * @param sid remote domain sid
681 * @return true if succeeded
684 bool secrets_store_trusted_domain_password(const char* domain, const char* pwd,
685 const DOM_SID *sid)
687 smb_ucs2_t *uni_dom_name;
688 bool ret;
690 /* packing structures */
691 uint8 *pass_buf = NULL;
692 int pass_len = 0;
694 struct trusted_dom_pass pass;
695 ZERO_STRUCT(pass);
697 if (push_ucs2_allocate(&uni_dom_name, domain) == (size_t)-1) {
698 DEBUG(0, ("Could not convert domain name %s to unicode\n",
699 domain));
700 return False;
703 strncpy_w(pass.uni_name, uni_dom_name, sizeof(pass.uni_name) - 1);
704 pass.uni_name_len = strlen_w(uni_dom_name)+1;
705 SAFE_FREE(uni_dom_name);
707 /* last change time */
708 pass.mod_time = time(NULL);
710 /* password of the trust */
711 pass.pass_len = strlen(pwd);
712 fstrcpy(pass.pass, pwd);
714 /* domain sid */
715 sid_copy(&pass.domain_sid, sid);
717 /* Calculate the length. */
718 pass_len = tdb_trusted_dom_pass_pack(NULL, 0, &pass);
719 pass_buf = SMB_MALLOC_ARRAY(uint8, pass_len);
720 if (!pass_buf) {
721 return false;
723 pass_len = tdb_trusted_dom_pass_pack(pass_buf, pass_len, &pass);
724 ret = secrets_store(trustdom_keystr(domain), (void *)pass_buf,
725 pass_len);
726 SAFE_FREE(pass_buf);
727 return ret;
730 /************************************************************************
731 Routine to delete the plaintext machine account password
732 ************************************************************************/
734 bool secrets_delete_machine_password(const char *domain)
736 return secrets_delete(machine_password_keystr(domain));
739 /************************************************************************
740 Routine to delete the plaintext machine account password, sec channel type and
741 last change time from secrets database
742 ************************************************************************/
744 bool secrets_delete_machine_password_ex(const char *domain)
746 if (!secrets_delete(machine_password_keystr(domain))) {
747 return false;
749 if (!secrets_delete(machine_sec_channel_type_keystr(domain))) {
750 return false;
752 return secrets_delete(machine_last_change_time_keystr(domain));
755 /************************************************************************
756 Routine to delete the domain sid
757 ************************************************************************/
759 bool secrets_delete_domain_sid(const char *domain)
761 return secrets_delete(domain_sid_keystr(domain));
764 /************************************************************************
765 Routine to set the plaintext machine account password for a realm
766 the password is assumed to be a null terminated ascii string
767 ************************************************************************/
769 bool secrets_store_machine_password(const char *pass, const char *domain, uint32 sec_channel)
771 bool ret;
772 uint32 last_change_time;
773 uint32 sec_channel_type;
775 ret = secrets_store(machine_password_keystr(domain), pass, strlen(pass)+1);
776 if (!ret)
777 return ret;
779 SIVAL(&last_change_time, 0, time(NULL));
780 ret = secrets_store(machine_last_change_time_keystr(domain), &last_change_time, sizeof(last_change_time));
782 SIVAL(&sec_channel_type, 0, sec_channel);
783 ret = secrets_store(machine_sec_channel_type_keystr(domain), &sec_channel_type, sizeof(sec_channel_type));
785 return ret;
788 /************************************************************************
789 Routine to fetch the plaintext machine account password for a realm
790 the password is assumed to be a null terminated ascii string.
791 ************************************************************************/
793 char *secrets_fetch_machine_password(const char *domain,
794 time_t *pass_last_set_time,
795 uint32 *channel)
797 char *ret;
798 ret = (char *)secrets_fetch(machine_password_keystr(domain), NULL);
800 if (pass_last_set_time) {
801 size_t size;
802 uint32 *last_set_time;
803 last_set_time = (unsigned int *)secrets_fetch(machine_last_change_time_keystr(domain), &size);
804 if (last_set_time) {
805 *pass_last_set_time = IVAL(last_set_time,0);
806 SAFE_FREE(last_set_time);
807 } else {
808 *pass_last_set_time = 0;
812 if (channel) {
813 size_t size;
814 uint32 *channel_type;
815 channel_type = (unsigned int *)secrets_fetch(machine_sec_channel_type_keystr(domain), &size);
816 if (channel_type) {
817 *channel = IVAL(channel_type,0);
818 SAFE_FREE(channel_type);
819 } else {
820 *channel = get_default_sec_channel();
824 return ret;
827 /************************************************************************
828 Routine to delete the password for trusted domain
829 ************************************************************************/
831 bool trusted_domain_password_delete(const char *domain)
833 return secrets_delete(trustdom_keystr(domain));
836 bool secrets_store_ldap_pw(const char* dn, char* pw)
838 char *key = NULL;
839 bool ret;
841 if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, dn) < 0) {
842 DEBUG(0, ("secrets_store_ldap_pw: asprintf failed!\n"));
843 return False;
846 ret = secrets_store(key, pw, strlen(pw)+1);
848 SAFE_FREE(key);
849 return ret;
852 /*******************************************************************
853 Find the ldap password.
854 ******************************************************************/
856 bool fetch_ldap_pw(char **dn, char** pw)
858 char *key = NULL;
859 size_t size = 0;
861 *dn = smb_xstrdup(lp_ldap_admin_dn());
863 if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, *dn) < 0) {
864 SAFE_FREE(*dn);
865 DEBUG(0, ("fetch_ldap_pw: asprintf failed!\n"));
868 *pw=(char *)secrets_fetch(key, &size);
869 SAFE_FREE(key);
871 if (!size) {
872 /* Upgrade 2.2 style entry */
873 char *p;
874 char* old_style_key = SMB_STRDUP(*dn);
875 char *data;
876 fstring old_style_pw;
878 if (!old_style_key) {
879 DEBUG(0, ("fetch_ldap_pw: strdup failed!\n"));
880 return False;
883 for (p=old_style_key; *p; p++)
884 if (*p == ',') *p = '/';
886 data=(char *)secrets_fetch(old_style_key, &size);
887 if ((data == NULL) || (size < sizeof(old_style_pw))) {
888 DEBUG(0,("fetch_ldap_pw: neither ldap secret retrieved!\n"));
889 SAFE_FREE(old_style_key);
890 SAFE_FREE(*dn);
891 SAFE_FREE(data);
892 return False;
895 size = MIN(size, sizeof(fstring)-1);
896 strncpy(old_style_pw, data, size);
897 old_style_pw[size] = 0;
899 SAFE_FREE(data);
901 if (!secrets_store_ldap_pw(*dn, old_style_pw)) {
902 DEBUG(0,("fetch_ldap_pw: ldap secret could not be upgraded!\n"));
903 SAFE_FREE(old_style_key);
904 SAFE_FREE(*dn);
905 return False;
907 if (!secrets_delete(old_style_key)) {
908 DEBUG(0,("fetch_ldap_pw: old ldap secret could not be deleted!\n"));
911 SAFE_FREE(old_style_key);
913 *pw = smb_xstrdup(old_style_pw);
916 return True;
920 * Get trusted domains info from secrets.tdb.
923 struct list_trusted_domains_state {
924 uint32 num_domains;
925 struct trustdom_info **domains;
928 static int list_trusted_domain(struct db_record *rec, void *private_data)
930 const size_t prefix_len = strlen(SECRETS_DOMTRUST_ACCT_PASS);
931 size_t packed_size = 0;
932 struct trusted_dom_pass pass;
933 struct trustdom_info *dom_info;
935 struct list_trusted_domains_state *state =
936 (struct list_trusted_domains_state *)private_data;
938 if ((rec->key.dsize < prefix_len)
939 || (strncmp((char *)rec->key.dptr, SECRETS_DOMTRUST_ACCT_PASS,
940 prefix_len) != 0)) {
941 return 0;
944 packed_size = tdb_trusted_dom_pass_unpack(
945 rec->value.dptr, rec->value.dsize, &pass);
947 if (rec->value.dsize != packed_size) {
948 DEBUG(2, ("Secrets record is invalid!\n"));
949 return 0;
952 if (pass.domain_sid.num_auths != 4) {
953 DEBUG(0, ("SID %s is not a domain sid, has %d "
954 "auths instead of 4\n",
955 sid_string_dbg(&pass.domain_sid),
956 pass.domain_sid.num_auths));
957 return 0;
960 if (!(dom_info = TALLOC_P(state->domains, struct trustdom_info))) {
961 DEBUG(0, ("talloc failed\n"));
962 return 0;
965 if (pull_ucs2_talloc(dom_info, &dom_info->name,
966 pass.uni_name) == (size_t)-1) {
967 DEBUG(2, ("pull_ucs2_talloc failed\n"));
968 TALLOC_FREE(dom_info);
969 return 0;
972 sid_copy(&dom_info->sid, &pass.domain_sid);
974 ADD_TO_ARRAY(state->domains, struct trustdom_info *, dom_info,
975 &state->domains, &state->num_domains);
977 if (state->domains == NULL) {
978 state->num_domains = 0;
979 return -1;
981 return 0;
984 NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains,
985 struct trustdom_info ***domains)
987 struct list_trusted_domains_state state;
989 secrets_init();
991 if (db_ctx == NULL) {
992 return NT_STATUS_ACCESS_DENIED;
995 state.num_domains = 0;
998 * Make sure that a talloc context for the trustdom_info structs
999 * exists
1002 if (!(state.domains = TALLOC_ARRAY(
1003 mem_ctx, struct trustdom_info *, 1))) {
1004 return NT_STATUS_NO_MEMORY;
1007 db_ctx->traverse_read(db_ctx, list_trusted_domain, (void *)&state);
1009 *num_domains = state.num_domains;
1010 *domains = state.domains;
1011 return NT_STATUS_OK;
1014 /*******************************************************************************
1015 Store a complete AFS keyfile into secrets.tdb.
1016 *******************************************************************************/
1018 bool secrets_store_afs_keyfile(const char *cell, const struct afs_keyfile *keyfile)
1020 fstring key;
1022 if ((cell == NULL) || (keyfile == NULL))
1023 return False;
1025 if (ntohl(keyfile->nkeys) > SECRETS_AFS_MAXKEYS)
1026 return False;
1028 slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_AFS_KEYFILE, cell);
1029 return secrets_store(key, keyfile, sizeof(struct afs_keyfile));
1032 /*******************************************************************************
1033 Fetch the current (highest) AFS key from secrets.tdb
1034 *******************************************************************************/
1035 bool secrets_fetch_afs_key(const char *cell, struct afs_key *result)
1037 fstring key;
1038 struct afs_keyfile *keyfile;
1039 size_t size = 0;
1040 uint32 i;
1042 slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_AFS_KEYFILE, cell);
1044 keyfile = (struct afs_keyfile *)secrets_fetch(key, &size);
1046 if (keyfile == NULL)
1047 return False;
1049 if (size != sizeof(struct afs_keyfile)) {
1050 SAFE_FREE(keyfile);
1051 return False;
1054 i = ntohl(keyfile->nkeys);
1056 if (i > SECRETS_AFS_MAXKEYS) {
1057 SAFE_FREE(keyfile);
1058 return False;
1061 *result = keyfile->entry[i-1];
1063 result->kvno = ntohl(result->kvno);
1065 SAFE_FREE(keyfile);
1067 return True;
1070 /******************************************************************************
1071 When kerberos is not available, choose between anonymous or
1072 authenticated connections.
1074 We need to use an authenticated connection if DCs have the
1075 RestrictAnonymous registry entry set > 0, or the "Additional
1076 restrictions for anonymous connections" set in the win2k Local
1077 Security Policy.
1079 Caller to free() result in domain, username, password
1080 *******************************************************************************/
1081 void secrets_fetch_ipc_userpass(char **username, char **domain, char **password)
1083 *username = (char *)secrets_fetch(SECRETS_AUTH_USER, NULL);
1084 *domain = (char *)secrets_fetch(SECRETS_AUTH_DOMAIN, NULL);
1085 *password = (char *)secrets_fetch(SECRETS_AUTH_PASSWORD, NULL);
1087 if (*username && **username) {
1089 if (!*domain || !**domain)
1090 *domain = smb_xstrdup(lp_workgroup());
1092 if (!*password || !**password)
1093 *password = smb_xstrdup("");
1095 DEBUG(3, ("IPC$ connections done by user %s\\%s\n",
1096 *domain, *username));
1098 } else {
1099 DEBUG(3, ("IPC$ connections done anonymously\n"));
1100 *username = smb_xstrdup("");
1101 *domain = smb_xstrdup("");
1102 *password = smb_xstrdup("");
1106 /******************************************************************************
1107 Open or create the schannel session store tdb.
1108 *******************************************************************************/
1110 static TDB_CONTEXT *open_schannel_session_store(TALLOC_CTX *mem_ctx)
1112 TDB_DATA vers;
1113 uint32 ver;
1114 TDB_CONTEXT *tdb_sc = NULL;
1115 char *fname = talloc_asprintf(mem_ctx, "%s/schannel_store.tdb", lp_private_dir());
1117 if (!fname) {
1118 return NULL;
1121 tdb_sc = tdb_open_log(fname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
1123 if (!tdb_sc) {
1124 DEBUG(0,("open_schannel_session_store: Failed to open %s\n", fname));
1125 TALLOC_FREE(fname);
1126 return NULL;
1129 vers = tdb_fetch_bystring(tdb_sc, "SCHANNEL_STORE_VERSION");
1130 if (vers.dptr == NULL) {
1131 /* First opener, no version. */
1132 SIVAL(&ver,0,1);
1133 vers.dptr = (uint8 *)&ver;
1134 vers.dsize = 4;
1135 tdb_store_bystring(tdb_sc, "SCHANNEL_STORE_VERSION", vers, TDB_REPLACE);
1136 vers.dptr = NULL;
1137 } else if (vers.dsize == 4) {
1138 ver = IVAL(vers.dptr,0);
1139 if (ver != 1) {
1140 tdb_close(tdb_sc);
1141 tdb_sc = NULL;
1142 DEBUG(0,("open_schannel_session_store: wrong version number %d in %s\n",
1143 (int)ver, fname ));
1145 } else {
1146 tdb_close(tdb_sc);
1147 tdb_sc = NULL;
1148 DEBUG(0,("open_schannel_session_store: wrong version number size %d in %s\n",
1149 (int)vers.dsize, fname ));
1152 SAFE_FREE(vers.dptr);
1153 TALLOC_FREE(fname);
1155 return tdb_sc;
1158 /******************************************************************************
1159 Store the schannel state after an AUTH2 call.
1160 Note we must be root here.
1161 *******************************************************************************/
1163 bool secrets_store_schannel_session_info(TALLOC_CTX *mem_ctx,
1164 const char *remote_machine,
1165 const struct dcinfo *pdc)
1167 TDB_CONTEXT *tdb_sc = NULL;
1168 TDB_DATA value;
1169 bool ret;
1170 char *keystr = talloc_asprintf_strupper_m(mem_ctx, "%s/%s",
1171 SECRETS_SCHANNEL_STATE,
1172 remote_machine);
1173 if (!keystr) {
1174 return False;
1177 /* Work out how large the record is. */
1178 value.dsize = tdb_pack(NULL, 0, "dBBBBBfff",
1179 pdc->sequence,
1180 8, pdc->seed_chal.data,
1181 8, pdc->clnt_chal.data,
1182 8, pdc->srv_chal.data,
1183 16, pdc->sess_key,
1184 16, pdc->mach_pw,
1185 pdc->mach_acct,
1186 pdc->remote_machine,
1187 pdc->domain);
1189 value.dptr = TALLOC_ARRAY(mem_ctx, uint8, value.dsize);
1190 if (!value.dptr) {
1191 TALLOC_FREE(keystr);
1192 return False;
1195 value.dsize = tdb_pack(value.dptr, value.dsize, "dBBBBBfff",
1196 pdc->sequence,
1197 8, pdc->seed_chal.data,
1198 8, pdc->clnt_chal.data,
1199 8, pdc->srv_chal.data,
1200 16, pdc->sess_key,
1201 16, pdc->mach_pw,
1202 pdc->mach_acct,
1203 pdc->remote_machine,
1204 pdc->domain);
1206 tdb_sc = open_schannel_session_store(mem_ctx);
1207 if (!tdb_sc) {
1208 TALLOC_FREE(keystr);
1209 TALLOC_FREE(value.dptr);
1210 return False;
1213 ret = (tdb_store_bystring(tdb_sc, keystr, value, TDB_REPLACE) == 0 ? True : False);
1215 DEBUG(3,("secrets_store_schannel_session_info: stored schannel info with key %s\n",
1216 keystr ));
1218 tdb_close(tdb_sc);
1219 TALLOC_FREE(keystr);
1220 TALLOC_FREE(value.dptr);
1221 return ret;
1224 /******************************************************************************
1225 Restore the schannel state on a client reconnect.
1226 Note we must be root here.
1227 *******************************************************************************/
1229 bool secrets_restore_schannel_session_info(TALLOC_CTX *mem_ctx,
1230 const char *remote_machine,
1231 struct dcinfo **ppdc)
1233 TDB_CONTEXT *tdb_sc = NULL;
1234 TDB_DATA value;
1235 unsigned char *pseed_chal = NULL;
1236 unsigned char *pclnt_chal = NULL;
1237 unsigned char *psrv_chal = NULL;
1238 unsigned char *psess_key = NULL;
1239 unsigned char *pmach_pw = NULL;
1240 uint32 l1, l2, l3, l4, l5;
1241 int ret;
1242 struct dcinfo *pdc = NULL;
1243 char *keystr = talloc_asprintf_strupper_m(mem_ctx, "%s/%s",
1244 SECRETS_SCHANNEL_STATE,
1245 remote_machine);
1247 *ppdc = NULL;
1249 if (!keystr) {
1250 return False;
1253 tdb_sc = open_schannel_session_store(mem_ctx);
1254 if (!tdb_sc) {
1255 TALLOC_FREE(keystr);
1256 return False;
1259 value = tdb_fetch_bystring(tdb_sc, keystr);
1260 if (!value.dptr) {
1261 DEBUG(0,("secrets_restore_schannel_session_info: Failed to find entry with key %s\n",
1262 keystr ));
1263 tdb_close(tdb_sc);
1264 return False;
1267 pdc = TALLOC_ZERO_P(mem_ctx, struct dcinfo);
1269 /* Retrieve the record. */
1270 ret = tdb_unpack(value.dptr, value.dsize, "dBBBBBfff",
1271 &pdc->sequence,
1272 &l1, &pseed_chal,
1273 &l2, &pclnt_chal,
1274 &l3, &psrv_chal,
1275 &l4, &psess_key,
1276 &l5, &pmach_pw,
1277 &pdc->mach_acct,
1278 &pdc->remote_machine,
1279 &pdc->domain);
1281 if (ret == -1 || l1 != 8 || l2 != 8 || l3 != 8 || l4 != 16 || l5 != 16) {
1282 /* Bad record - delete it. */
1283 tdb_delete_bystring(tdb_sc, keystr);
1284 tdb_close(tdb_sc);
1285 TALLOC_FREE(keystr);
1286 TALLOC_FREE(pdc);
1287 SAFE_FREE(pseed_chal);
1288 SAFE_FREE(pclnt_chal);
1289 SAFE_FREE(psrv_chal);
1290 SAFE_FREE(psess_key);
1291 SAFE_FREE(pmach_pw);
1292 SAFE_FREE(value.dptr);
1293 return False;
1296 tdb_close(tdb_sc);
1298 memcpy(pdc->seed_chal.data, pseed_chal, 8);
1299 memcpy(pdc->clnt_chal.data, pclnt_chal, 8);
1300 memcpy(pdc->srv_chal.data, psrv_chal, 8);
1301 memcpy(pdc->sess_key, psess_key, 16);
1302 memcpy(pdc->mach_pw, pmach_pw, 16);
1304 /* We know these are true so didn't bother to store them. */
1305 pdc->challenge_sent = True;
1306 pdc->authenticated = True;
1308 DEBUG(3,("secrets_restore_schannel_session_info: restored schannel info key %s\n",
1309 keystr ));
1311 SAFE_FREE(pseed_chal);
1312 SAFE_FREE(pclnt_chal);
1313 SAFE_FREE(psrv_chal);
1314 SAFE_FREE(psess_key);
1315 SAFE_FREE(pmach_pw);
1317 TALLOC_FREE(keystr);
1318 SAFE_FREE(value.dptr);
1320 *ppdc = pdc;
1322 return True;
1325 bool secrets_store_generic(const char *owner, const char *key, const char *secret)
1327 char *tdbkey = NULL;
1328 bool ret;
1330 if (asprintf(&tdbkey, "SECRETS/GENERIC/%s/%s", owner, key) < 0) {
1331 DEBUG(0, ("asprintf failed!\n"));
1332 return False;
1335 ret = secrets_store(tdbkey, secret, strlen(secret)+1);
1337 SAFE_FREE(tdbkey);
1338 return ret;
1341 /*******************************************************************
1342 Find the ldap password.
1343 ******************************************************************/
1345 char *secrets_fetch_generic(const char *owner, const char *key)
1347 char *secret = NULL;
1348 char *tdbkey = NULL;
1350 if (( ! owner) || ( ! key)) {
1351 DEBUG(1, ("Invalid Paramters"));
1352 return NULL;
1355 if (asprintf(&tdbkey, "SECRETS/GENERIC/%s/%s", owner, key) < 0) {
1356 DEBUG(0, ("Out of memory!\n"));
1357 return NULL;
1360 secret = (char *)secrets_fetch(tdbkey, NULL);
1361 SAFE_FREE(tdbkey);
1363 return secret;