search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
lib/crypto: sync AES_cfb8_encrypt() from heimdal
[Samba.git] / source3 / passdb / secrets.c
blob7071fd9b9b06ea08a2fc7c5d2dfa600769ddb52f
1 /*
2 Unix SMB/CIFS implementation.
3 Copyright (C) Andrew Tridgell 1992-2001
4 Copyright (C) Andrew Bartlett 2002
5 Copyright (C) Rafal Szczesniak 2002
6 Copyright (C) Tim Potter 2001
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 /* the Samba secrets database stores any generated, private information
23 such as the local SID and machine trust password */
24
25 #include "includes.h"
26 #include "system/filesys.h"
27 #include "../libcli/auth/libcli_auth.h"
28 #include "librpc/gen_ndr/ndr_secrets.h"
29 #include "secrets.h"
30 #include "dbwrap/dbwrap.h"
31 #include "dbwrap/dbwrap_open.h"
32 #include "../libcli/security/security.h"
33 #include "util_tdb.h"
34
35 #undef DBGC_CLASS
36 #define DBGC_CLASS DBGC_PASSDB
37
38 static struct db_context *db_ctx;
39
40 /**
41 * Use a TDB to store an incrementing random seed.
42 *
43 * Initialised to the current pid, the very first time Samba starts,
44 * and incremented by one each time it is needed.
45 *
46 * @note Not called by systems with a working /dev/urandom.
47 */
48 static void get_rand_seed(void *userdata, int *new_seed)
49 {
50 *new_seed = getpid();
51 if (db_ctx) {
52 dbwrap_trans_change_int32_atomic_bystring(
53 db_ctx, "INFO/random_seed", new_seed, 1);
54 }
55 }
56
57 /* open up the secrets database with specified private_dir path */
58 bool secrets_init_path(const char *private_dir)
59 {
60 char *fname = NULL;
61 unsigned char dummy;
62 TALLOC_CTX *frame;
63
64 if (db_ctx != NULL) {
65 return True;
66 }
67
68 if (private_dir == NULL) {
69 return False;
70 }
71
72 frame = talloc_stackframe();
73 fname = talloc_asprintf(frame, "%s/secrets.tdb", private_dir);
74 if (fname == NULL) {
75 TALLOC_FREE(frame);
76 return False;
77 }
78
79 db_ctx = db_open(NULL, fname, 0,
80 TDB_DEFAULT, O_RDWR|O_CREAT, 0600,
81 DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE);
82
83 if (db_ctx == NULL) {
84 DEBUG(0,("Failed to open %s\n", fname));
85 TALLOC_FREE(frame);
86 return False;
87 }
88
89 /**
90 * Set a reseed function for the crypto random generator
91 *
92 * This avoids a problem where systems without /dev/urandom
93 * could send the same challenge to multiple clients
94 */
95 set_rand_reseed_callback(get_rand_seed, NULL);
96
97 /* Ensure that the reseed is done now, while we are root, etc */
98 generate_random_buffer(&dummy, sizeof(dummy));
99
100 TALLOC_FREE(frame);
101 return True;
102 }
103
104 /* open up the secrets database */
105 bool secrets_init(void)
106 {
107 return secrets_init_path(lp_private_dir());
108 }
109
110 struct db_context *secrets_db_ctx(void)
111 {
112 if (!secrets_init()) {
113 return NULL;
114 }
115
116 return db_ctx;
117 }
118
119 /*
120 * close secrets.tdb
121 */
122 void secrets_shutdown(void)
123 {
124 TALLOC_FREE(db_ctx);
125 }
126
127 /* read a entry from the secrets database - the caller must free the result
128 if size is non-null then the size of the entry is put in there
129 */
130 void *secrets_fetch(const char *key, size_t *size)
131 {
132 TDB_DATA dbuf;
133 void *result;
134 NTSTATUS status;
135
136 if (!secrets_init()) {
137 return NULL;
138 }
139
140 status = dbwrap_fetch(db_ctx, talloc_tos(), string_tdb_data(key),
141 &dbuf);
142 if (!NT_STATUS_IS_OK(status)) {
143 return NULL;
144 }
145
146 result = smb_memdup(dbuf.dptr, dbuf.dsize);
147 if (result == NULL) {
148 return NULL;
149 }
150 TALLOC_FREE(dbuf.dptr);
151
152 if (size) {
153 *size = dbuf.dsize;
154 }
155
156 return result;
157 }
158
159 /* store a secrets entry
160 */
161 bool secrets_store(const char *key, const void *data, size_t size)
162 {
163 NTSTATUS status;
164
165 if (!secrets_init()) {
166 return false;
167 }
168
169 status = dbwrap_trans_store(db_ctx, string_tdb_data(key),
170 make_tdb_data((const uint8_t *)data, size),
171 TDB_REPLACE);
172 return NT_STATUS_IS_OK(status);
173 }
174
175
176 /* delete a secets database entry
177 */
178 bool secrets_delete(const char *key)
179 {
180 NTSTATUS status;
181 if (!secrets_init()) {
182 return false;
183 }
184
185 status = dbwrap_trans_delete(db_ctx, string_tdb_data(key));
186
187 return NT_STATUS_IS_OK(status);
188 }
189
190 /**
191 * Form a key for fetching a trusted domain password
192 *
193 * @param domain trusted domain name
194 *
195 * @return stored password's key
196 **/
197 static char *trustdom_keystr(const char *domain)
198 {
199 char *keystr;
200
201 keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
202 SECRETS_DOMTRUST_ACCT_PASS,
203 domain);
204 SMB_ASSERT(keystr != NULL);
205 return keystr;
206 }
207
208 /************************************************************************
209 Routine to get account password to trusted domain
210 ************************************************************************/
211
212 bool secrets_fetch_trusted_domain_password(const char *domain, char** pwd,
213 struct dom_sid *sid, time_t *pass_last_set_time)
214 {
215 struct TRUSTED_DOM_PASS pass;
216 enum ndr_err_code ndr_err;
217
218 /* unpacking structures */
219 DATA_BLOB blob;
220
221 /* fetching trusted domain password structure */
222 if (!(blob.data = (uint8_t *)secrets_fetch(trustdom_keystr(domain),
223 &blob.length))) {
224 DEBUG(5, ("secrets_fetch failed!\n"));
225 return False;
226 }
227
228 /* unpack trusted domain password */
229 ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &pass,
230 (ndr_pull_flags_fn_t)ndr_pull_TRUSTED_DOM_PASS);
231
232 SAFE_FREE(blob.data);
233
234 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
235 return false;
236 }
237
238
239 /* the trust's password */
240 if (pwd) {
241 *pwd = SMB_STRDUP(pass.pass);
242 if (!*pwd) {
243 return False;
244 }
245 }
246
247 /* last change time */
248 if (pass_last_set_time) *pass_last_set_time = pass.mod_time;
249
250 /* domain sid */
251 if (sid != NULL) sid_copy(sid, &pass.domain_sid);
252
253 return True;
254 }
255
256 /**
257 * Routine to store the password for trusted domain
258 *
259 * @param domain remote domain name
260 * @param pwd plain text password of trust relationship
261 * @param sid remote domain sid
262 *
263 * @return true if succeeded
264 **/
265
266 bool secrets_store_trusted_domain_password(const char* domain, const char* pwd,
267 const struct dom_sid *sid)
268 {
269 bool ret;
270
271 /* packing structures */
272 DATA_BLOB blob;
273 enum ndr_err_code ndr_err;
274 struct TRUSTED_DOM_PASS pass;
275 ZERO_STRUCT(pass);
276
277 pass.uni_name = domain;
278 pass.uni_name_len = strlen(domain)+1;
279
280 /* last change time */
281 pass.mod_time = time(NULL);
282
283 /* password of the trust */
284 pass.pass_len = strlen(pwd);
285 pass.pass = pwd;
286
287 /* domain sid */
288 sid_copy(&pass.domain_sid, sid);
289
290 ndr_err = ndr_push_struct_blob(&blob, talloc_tos(), &pass,
291 (ndr_push_flags_fn_t)ndr_push_TRUSTED_DOM_PASS);
292 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
293 return false;
294 }
295
296 ret = secrets_store(trustdom_keystr(domain), blob.data, blob.length);
297
298 data_blob_free(&blob);
299
300 return ret;
301 }
302
303 /************************************************************************
304 Routine to delete the password for trusted domain
305 ************************************************************************/
306
307 bool trusted_domain_password_delete(const char *domain)
308 {
309 return secrets_delete(trustdom_keystr(domain));
310 }
311
312 bool secrets_store_ldap_pw(const char* dn, char* pw)
313 {
314 char *key = NULL;
315 bool ret;
316
317 if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, dn) < 0) {
318 DEBUG(0, ("secrets_store_ldap_pw: asprintf failed!\n"));
319 return False;
320 }
321
322 ret = secrets_store(key, pw, strlen(pw)+1);
323
324 SAFE_FREE(key);
325 return ret;
326 }
327
328 /*******************************************************************
329 Find the ldap password.
330 ******************************************************************/
331
332 bool fetch_ldap_pw(char **dn, char** pw)
333 {
334 char *key = NULL;
335 size_t size = 0;
336
337 *dn = smb_xstrdup(lp_ldap_admin_dn(talloc_tos()));
338
339 if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, *dn) < 0) {
340 SAFE_FREE(*dn);
341 DEBUG(0, ("fetch_ldap_pw: asprintf failed!\n"));
342 return false;
343 }
344
345 *pw=(char *)secrets_fetch(key, &size);
346 SAFE_FREE(key);
347
348 if (!size) {
349 /* Upgrade 2.2 style entry */
350 char *p;
351 char* old_style_key = SMB_STRDUP(*dn);
352 char *data;
353 fstring old_style_pw;
354
355 if (!old_style_key) {
356 DEBUG(0, ("fetch_ldap_pw: strdup failed!\n"));
357 return False;
358 }
359
360 for (p=old_style_key; *p; p++)
361 if (*p == ',') *p = '/';
362
363 data=(char *)secrets_fetch(old_style_key, &size);
364 if ((data == NULL) || (size < sizeof(old_style_pw))) {
365 DEBUG(0,("fetch_ldap_pw: neither ldap secret retrieved!\n"));
366 SAFE_FREE(old_style_key);
367 SAFE_FREE(*dn);
368 SAFE_FREE(data);
369 return False;
370 }
371
372 size = MIN(size, sizeof(fstring)-1);
373 strncpy(old_style_pw, data, size);
374 old_style_pw[size] = 0;
375
376 SAFE_FREE(data);
377
378 if (!secrets_store_ldap_pw(*dn, old_style_pw)) {
379 DEBUG(0,("fetch_ldap_pw: ldap secret could not be upgraded!\n"));
380 SAFE_FREE(old_style_key);
381 SAFE_FREE(*dn);
382 return False;
383 }
384 if (!secrets_delete(old_style_key)) {
385 DEBUG(0,("fetch_ldap_pw: old ldap secret could not be deleted!\n"));
386 }
387
388 SAFE_FREE(old_style_key);
389
390 *pw = smb_xstrdup(old_style_pw);
391 }
392
393 return True;
394 }
395
396 /*******************************************************************************
397 Store a complete AFS keyfile into secrets.tdb.
398 *******************************************************************************/
399
400 bool secrets_store_afs_keyfile(const char *cell, const struct afs_keyfile *keyfile)
401 {
402 fstring key;
403
404 if ((cell == NULL) || (keyfile == NULL))
405 return False;
406
407 if (ntohl(keyfile->nkeys) > SECRETS_AFS_MAXKEYS)
408 return False;
409
410 slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_AFS_KEYFILE, cell);
411 return secrets_store(key, keyfile, sizeof(struct afs_keyfile));
412 }
413
414 /*******************************************************************************
415 Fetch the current (highest) AFS key from secrets.tdb
416 *******************************************************************************/
417 bool secrets_fetch_afs_key(const char *cell, struct afs_key *result)
418 {
419 fstring key;
420 struct afs_keyfile *keyfile;
421 size_t size = 0;
422 uint32_t i;
423
424 slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_AFS_KEYFILE, cell);
425
426 keyfile = (struct afs_keyfile *)secrets_fetch(key, &size);
427
428 if (keyfile == NULL)
429 return False;
430
431 if (size != sizeof(struct afs_keyfile)) {
432 SAFE_FREE(keyfile);
433 return False;
434 }
435
436 i = ntohl(keyfile->nkeys);
437
438 if (i > SECRETS_AFS_MAXKEYS) {
439 SAFE_FREE(keyfile);
440 return False;
441 }
442
443 *result = keyfile->entry[i-1];
444
445 result->kvno = ntohl(result->kvno);
446
447 SAFE_FREE(keyfile);
448
449 return True;
450 }
451
452 /******************************************************************************
453 When kerberos is not available, choose between anonymous or
454 authenticated connections.
455
456 We need to use an authenticated connection if DCs have the
457 RestrictAnonymous registry entry set > 0, or the "Additional
458 restrictions for anonymous connections" set in the win2k Local
459 Security Policy.
460
461 Caller to free() result in domain, username, password
462 *******************************************************************************/
463 void secrets_fetch_ipc_userpass(char **username, char **domain, char **password)
464 {
465 *username = (char *)secrets_fetch(SECRETS_AUTH_USER, NULL);
466 *domain = (char *)secrets_fetch(SECRETS_AUTH_DOMAIN, NULL);
467 *password = (char *)secrets_fetch(SECRETS_AUTH_PASSWORD, NULL);
468
469 if (*username && **username) {
470
471 if (!*domain || !**domain)
472 *domain = smb_xstrdup(lp_workgroup());
473
474 if (!*password || !**password)
475 *password = smb_xstrdup("");
476
477 DEBUG(3, ("IPC$ connections done by user %s\\%s\n",
478 *domain, *username));
479
480 } else {
481 DEBUG(3, ("IPC$ connections done anonymously\n"));
482 *username = smb_xstrdup("");
483 *domain = smb_xstrdup("");
484 *password = smb_xstrdup("");
485 }
486 }
487
488 bool secrets_store_generic(const char *owner, const char *key, const char *secret)
489 {
490 char *tdbkey = NULL;
491 bool ret;
492
493 if (asprintf(&tdbkey, "SECRETS/GENERIC/%s/%s", owner, key) < 0) {
494 DEBUG(0, ("asprintf failed!\n"));
495 return False;
496 }
497
498 ret = secrets_store(tdbkey, secret, strlen(secret)+1);
499
500 SAFE_FREE(tdbkey);
501 return ret;
502 }
503
504 /*******************************************************************
505 Find the ldap password.
506 ******************************************************************/
507
508 char *secrets_fetch_generic(const char *owner, const char *key)
509 {
510 char *secret = NULL;
511 char *tdbkey = NULL;
512
513 if (( ! owner) || ( ! key)) {
514 DEBUG(1, ("Invalid Parameters"));
515 return NULL;
516 }
517
518 if (asprintf(&tdbkey, "SECRETS/GENERIC/%s/%s", owner, key) < 0) {
519 DEBUG(0, ("Out of memory!\n"));
520 return NULL;
521 }
522
523 secret = (char *)secrets_fetch(tdbkey, NULL);
524 SAFE_FREE(tdbkey);
525
526 return secret;
527 }
528
Samba GIT mirror