search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
sync with HEAD
[Samba.git] / source / passdb / pdb_interface.c
bloba94b8b8992a5c8dab7363cafd45d3094b63f8a2e
1 /*
2 Unix SMB/CIFS implementation.
3 Password and authentication handling
4 Copyright (C) Andrew Bartlett 2002
5 Copyright (C) Jelmer Vernooij 2002
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
21
22 #include "includes.h"
23
24 #undef DBGC_CLASS
25 #define DBGC_CLASS DBGC_PASSDB
26
27 /** List of various built-in passdb modules */
28
29 const struct pdb_init_function_entry builtin_pdb_init_functions[] = {
30 { "smbpasswd", pdb_init_smbpasswd },
31 { "smbpasswd_nua", pdb_init_smbpasswd_nua },
32 { "tdbsam", pdb_init_tdbsam },
33 { "tdbsam_nua", pdb_init_tdbsam_nua },
34 { "ldapsam", pdb_init_ldapsam },
35 { "ldapsam_nua", pdb_init_ldapsam_nua },
36 { "unixsam", pdb_init_unixsam },
37 { "nisplussam", pdb_init_nisplussam },
38 { "plugin", pdb_init_plugin },
39 { NULL, NULL}
40 };
41
42 static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update)
43 {
44 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
45
46 if (!context) {
47 DEBUG(0, ("invalid pdb_context specified!\n"));
48 return ret;
49 }
50
51 context->pwent_methods = context->pdb_methods;
52
53 if (!context->pwent_methods) {
54 /* No passdbs at all */
55 return ret;
56 }
57
58 while (NT_STATUS_IS_ERR(ret = context->pwent_methods->setsampwent(context->pwent_methods, update))) {
59 context->pwent_methods = context->pwent_methods->next;
60 if (context->pwent_methods == NULL)
61 return NT_STATUS_UNSUCCESSFUL;
62 }
63 return ret;
64 }
65
66 static void context_endsampwent(struct pdb_context *context)
67 {
68 if ((!context)){
69 DEBUG(0, ("invalid pdb_context specified!\n"));
70 return;
71 }
72
73 if (context->pwent_methods && context->pwent_methods->endsampwent)
74 context->pwent_methods->endsampwent(context->pwent_methods);
75
76 /* So we won't get strange data when calling getsampwent now */
77 context->pwent_methods = NULL;
78 }
79
80 static NTSTATUS context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *user)
81 {
82 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
83
84 if ((!context) || (!context->pwent_methods)) {
85 DEBUG(0, ("invalid pdb_context specified!\n"));
86 return ret;
87 }
88 /* Loop until we find something useful */
89 while (NT_STATUS_IS_ERR(ret = context->pwent_methods->getsampwent(context->pwent_methods, user))) {
90
91 context->pwent_methods->endsampwent(context->pwent_methods);
92
93 context->pwent_methods = context->pwent_methods->next;
94
95 /* All methods are checked now. There are no more entries */
96 if (context->pwent_methods == NULL)
97 return ret;
98
99 context->pwent_methods->setsampwent(context->pwent_methods, False);
100 }
101 user->methods = context->pwent_methods;
102 return ret;
103 }
104
105 static NTSTATUS context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const char *username)
106 {
107 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
108
109 struct pdb_methods *curmethods;
110 if ((!context)) {
111 DEBUG(0, ("invalid pdb_context specified!\n"));
112 return ret;
113 }
114 curmethods = context->pdb_methods;
115 while (curmethods){
116 if (NT_STATUS_IS_OK(ret = curmethods->getsampwnam(curmethods, sam_acct, username))) {
117 sam_acct->methods = curmethods;
118 return ret;
119 }
120 curmethods = curmethods->next;
121 }
122
123 return ret;
124 }
125
126 static NTSTATUS context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
127 {
128 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
129
130 struct pdb_methods *curmethods;
131 if ((!context)) {
132 DEBUG(0, ("invalid pdb_context specified!\n"));
133 return ret;
134 }
135
136 curmethods = context->pdb_methods;
137
138 while (curmethods){
139 if (NT_STATUS_IS_OK(ret = curmethods->getsampwsid(curmethods, sam_acct, sid))) {
140 sam_acct->methods = curmethods;
141 return ret;
142 }
143 curmethods = curmethods->next;
144 }
145
146 return ret;
147 }
148
149 static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
150 {
151 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
152
153 if ((!context) || (!context->pdb_methods)) {
154 DEBUG(0, ("invalid pdb_context specified!\n"));
155 return ret;
156 }
157
158 /** @todo This is where a 're-read on add' should be done */
159 /* We now add a new account to the first database listed.
160 * Should we? */
161
162 return context->pdb_methods->add_sam_account(context->pdb_methods, sam_acct);
163 }
164
165 static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
166 {
167 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
168
169 if (!context) {
170 DEBUG(0, ("invalid pdb_context specified!\n"));
171 return ret;
172 }
173
174 if (!sam_acct || !sam_acct->methods){
175 DEBUG(0, ("invalid sam_acct specified\n"));
176 return ret;
177 }
178
179 /** @todo This is where a 're-read on update' should be done */
180
181 return sam_acct->methods->update_sam_account(sam_acct->methods, sam_acct);
182 }
183
184 static NTSTATUS context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
185 {
186 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
187
188 struct pdb_methods *pdb_selected;
189 if (!context) {
190 DEBUG(0, ("invalid pdb_context specified!\n"));
191 return ret;
192 }
193
194 if (!sam_acct->methods){
195 pdb_selected = context->pdb_methods;
196 /* There's no passdb backend specified for this account.
197 * Try to delete it in every passdb available
198 * Needed to delete accounts in smbpasswd that are not
199 * in /etc/passwd.
200 */
201 while (pdb_selected){
202 if (NT_STATUS_IS_OK(ret = pdb_selected->delete_sam_account(pdb_selected, sam_acct))) {
203 return ret;
204 }
205 pdb_selected = pdb_selected->next;
206 }
207 return ret;
208 }
209
210 if (!sam_acct->methods->delete_sam_account){
211 DEBUG(0,("invalid sam_acct->methods->delete_sam_account\n"));
212 return ret;
213 }
214
215 return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
216 }
217
218 /******************************************************************
219 Free and cleanup a pdb context, any associated data and anything
220 that the attached modules might have associated.
221 *******************************************************************/
222
223 static void free_pdb_context(struct pdb_context **context)
224 {
225 struct pdb_methods *pdb_selected = (*context)->pdb_methods;
226
227 while (pdb_selected){
228 pdb_selected->free_private_data(&(pdb_selected->private_data));
229 pdb_selected = pdb_selected->next;
230 }
231
232 talloc_destroy((*context)->mem_ctx);
233 *context = NULL;
234 }
235
236 /******************************************************************
237 Make a pdb_methods from scratch
238 *******************************************************************/
239
240 static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_context *context, const char *selected)
241 {
242 char *module_name = smb_xstrdup(selected);
243 char *module_location = NULL, *p;
244 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
245 int i;
246
247 p = strchr(module_name, ':');
248
249 if (p) {
250 *p = 0;
251 module_location = p+1;
252 trim_string(module_location, " ", " ");
253 }
254
255 trim_string(module_name, " ", " ");
256
257 DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
258 for (i = 0; builtin_pdb_init_functions[i].name; i++)
259 {
260 if (strequal(builtin_pdb_init_functions[i].name, module_name))
261 {
262 DEBUG(5,("Found pdb backend %s (at pos %d)\n", module_name, i));
263 nt_status = builtin_pdb_init_functions[i].init(context, methods, module_location);
264 if (NT_STATUS_IS_OK(nt_status)) {
265 DEBUG(5,("pdb backend %s has a valid init\n", selected));
266 } else {
267 DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
268 }
269 SAFE_FREE(module_name);
270 return nt_status;
271 break; /* unreached */
272 }
273 }
274
275 /* No such backend found */
276 SAFE_FREE(module_name);
277 return NT_STATUS_INVALID_PARAMETER;
278 }
279
280 /******************************************************************
281 Make a pdb_context from scratch.
282 *******************************************************************/
283
284 static NTSTATUS make_pdb_context(struct pdb_context **context)
285 {
286 TALLOC_CTX *mem_ctx;
287
288 mem_ctx = talloc_init_named("pdb_context internal allocation context");
289
290 if (!mem_ctx) {
291 DEBUG(0, ("make_pdb_context: talloc init failed!\n"));
292 return NT_STATUS_NO_MEMORY;
293 }
294
295 *context = talloc(mem_ctx, sizeof(**context));
296 if (!*context) {
297 DEBUG(0, ("make_pdb_context: talloc failed!\n"));
298 return NT_STATUS_NO_MEMORY;
299 }
300
301 ZERO_STRUCTP(*context);
302
303 (*context)->mem_ctx = mem_ctx;
304
305 (*context)->pdb_setsampwent = context_setsampwent;
306 (*context)->pdb_endsampwent = context_endsampwent;
307 (*context)->pdb_getsampwent = context_getsampwent;
308 (*context)->pdb_getsampwnam = context_getsampwnam;
309 (*context)->pdb_getsampwsid = context_getsampwsid;
310 (*context)->pdb_add_sam_account = context_add_sam_account;
311 (*context)->pdb_update_sam_account = context_update_sam_account;
312 (*context)->pdb_delete_sam_account = context_delete_sam_account;
313
314 (*context)->free_fn = free_pdb_context;
315
316 return NT_STATUS_OK;
317 }
318
319
320 /******************************************************************
321 Make a pdb_context, given an array of strings
322 *******************************************************************/
323
324 NTSTATUS make_pdb_context_list(struct pdb_context **context, char **selected)
325 {
326 int i = 0;
327 struct pdb_methods *curmethods, *tmpmethods;
328 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
329
330 if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context))) {
331 return nt_status;
332 }
333
334 while (selected[i]){
335 /* Try to initialise pdb */
336 DEBUG(5,("Trying to load: %s\n", selected[i]));
337 if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods_name(&curmethods, *context, selected[i]))) {
338 DEBUG(1, ("Loading %s failed!\n", selected[i]));
339 free_pdb_context(context);
340 return nt_status;
341 }
342 curmethods->parent = *context;
343 DLIST_ADD_END((*context)->pdb_methods, curmethods, tmpmethods);
344 i++;
345 }
346
347 return NT_STATUS_OK;
348 }
349
350 /******************************************************************
351 Make a pdb_context, given a text string.
352 *******************************************************************/
353
354 NTSTATUS make_pdb_context_string(struct pdb_context **context, const char *selected)
355 {
356 NTSTATUS ret;
357 char **newsel = str_list_make(selected, NULL);
358 ret = make_pdb_context_list(context, newsel);
359 str_list_free(&newsel);
360 return ret;
361 }
362
363 /******************************************************************
364 Return an already initialised pdb_context, to facilitate backward
365 compatibility (see functions below).
366 *******************************************************************/
367
368 static struct pdb_context *pdb_get_static_context(BOOL reload)
369 {
370 static struct pdb_context *pdb_context = NULL;
371
372 if ((pdb_context) && (reload)) {
373 pdb_context->free_fn(&pdb_context);
374 if (NT_STATUS_IS_ERR(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
375 return NULL;
376 }
377 }
378
379 if (!pdb_context) {
380 if (NT_STATUS_IS_ERR(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
381 return NULL;
382 }
383 }
384
385 return pdb_context;
386 }
387
388 #if !defined(WITH_NISPLUS_SAM)
389
390 /******************************************************************
391 Backward compatibility functions for the original passdb interface
392 *******************************************************************/
393
394 BOOL pdb_setsampwent(BOOL update)
395 {
396 struct pdb_context *pdb_context = pdb_get_static_context(False);
397
398 if (!pdb_context) {
399 return False;
400 }
401
402 return NT_STATUS_IS_OK(pdb_context->pdb_setsampwent(pdb_context, update));
403 }
404
405 void pdb_endsampwent(void)
406 {
407 struct pdb_context *pdb_context = pdb_get_static_context(False);
408
409 if (!pdb_context) {
410 return;
411 }
412
413 pdb_context->pdb_endsampwent(pdb_context);
414 }
415
416 BOOL pdb_getsampwent(SAM_ACCOUNT *user)
417 {
418 struct pdb_context *pdb_context = pdb_get_static_context(False);
419
420 if (!pdb_context) {
421 return False;
422 }
423
424 return NT_STATUS_IS_OK(pdb_context->pdb_getsampwent(pdb_context, user));
425 }
426
427 BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username)
428 {
429 struct pdb_context *pdb_context = pdb_get_static_context(False);
430
431 if (!pdb_context) {
432 return False;
433 }
434
435 return NT_STATUS_IS_OK(pdb_context->pdb_getsampwnam(pdb_context, sam_acct, username));
436 }
437
438 BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
439 {
440 struct pdb_context *pdb_context = pdb_get_static_context(False);
441
442 if (!pdb_context) {
443 return False;
444 }
445
446 return NT_STATUS_IS_OK(pdb_context->pdb_getsampwsid(pdb_context, sam_acct, sid));
447 }
448
449 BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct)
450 {
451 struct pdb_context *pdb_context = pdb_get_static_context(False);
452
453 if (!pdb_context) {
454 return False;
455 }
456
457 return NT_STATUS_IS_OK(pdb_context->pdb_add_sam_account(pdb_context, sam_acct));
458 }
459
460 BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
461 {
462 struct pdb_context *pdb_context = pdb_get_static_context(False);
463
464 if (!pdb_context) {
465 return False;
466 }
467
468 return NT_STATUS_IS_OK(pdb_context->pdb_update_sam_account(pdb_context, sam_acct));
469 }
470
471 BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
472 {
473 struct pdb_context *pdb_context = pdb_get_static_context(False);
474
475 if (!pdb_context) {
476 return False;
477 }
478
479 return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
480 }
481
482 #endif /* !defined(WITH_NISPLUS_SAM) */
483
484 /***************************************************************
485 Initialize the static context (at smbd startup etc).
486
487 If uninitialised, context will auto-init on first use.
488 ***************************************************************/
489
490 BOOL initialize_password_db(BOOL reload)
491 {
492 return (pdb_get_static_context(reload) != NULL);
493 }
494
495
496 NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
497 {
498 *methods = talloc(mem_ctx, sizeof(struct pdb_methods));
499
500 if (!*methods) {
501 return NT_STATUS_NO_MEMORY;
502 }
503
504 ZERO_STRUCTP(*methods);
505
506 return NT_STATUS_OK;
507 }
Samba GIT mirror