search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
sync with the sec_desc parsing fix from APP_HEAD. I will probably need
[Samba.git] / source / passdb / pdb_interface.c
blob3b0f54b2b3ac037d3126d969fefc30436fe18639
1 /*
2 Unix SMB/CIFS implementation.
3 Password and authentication handling
4 Copyright (C) Andrew Bartlett 2002
5 Copyright (C) Jelmer Vernooij 2002
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
21
22 #include "includes.h"
23
24 #undef DBGC_CLASS
25 #define DBGC_CLASS DBGC_PASSDB
26
27 /** List of various built-in passdb modules */
28
29 const struct pdb_init_function_entry builtin_pdb_init_functions[] = {
30 { "smbpasswd", pdb_init_smbpasswd },
31 { "smbpasswd_nua", pdb_init_smbpasswd_nua },
32 { "tdbsam", pdb_init_tdbsam },
33 { "tdbsam_nua", pdb_init_tdbsam_nua },
34 { "ldapsam", pdb_init_ldapsam },
35 { "ldapsam_nua", pdb_init_ldapsam_nua },
36 { "unixsam", pdb_init_unixsam },
37 { "plugin", pdb_init_plugin },
38 { NULL, NULL}
39 };
40
41 static BOOL context_setsampwent(struct pdb_context *context, BOOL update)
42 {
43 if ((!context) || (!context->pdb_methods) || (!context->pdb_methods->setsampwent)) {
44 DEBUG(0, ("invalid pdb_context specified!\n"));
45 return False;
46 }
47
48 context->pwent_methods = context->pdb_methods;
49
50 if (!context->pwent_methods) {
51 /* No passdbs at all */
52 return True;
53 }
54
55 while (!(context->pwent_methods->setsampwent(context->pwent_methods, update))) {
56 context->pwent_methods = context->pwent_methods->next;
57 if (context->pwent_methods == NULL)
58 return False;
59 }
60 return True;
61 }
62
63 static void context_endsampwent(struct pdb_context *context)
64 {
65 if ((!context)){
66 DEBUG(0, ("invalid pdb_context specified!\n"));
67 return;
68 }
69
70 if (context->pwent_methods && context->pwent_methods->endsampwent)
71 context->pwent_methods->endsampwent(context->pwent_methods);
72
73 /* So we won't get strange data when calling getsampwent now */
74 context->pwent_methods = NULL;
75 }
76
77 static BOOL context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *user)
78 {
79 if ((!context) || (!context->pwent_methods)) {
80 DEBUG(0, ("invalid pdb_context specified!\n"));
81 return False;
82 }
83 /* Loop until we find something useful */
84 while ((!context->pwent_methods->getsampwent) ||
85 context->pwent_methods->getsampwent(context->pwent_methods, user) == False){
86
87 if (context->pwent_methods->endsampwent)
88 context->pwent_methods->endsampwent(context->pwent_methods);
89
90 context->pwent_methods = context->pwent_methods->next;
91
92 /* All methods are checked now. There are no more entries */
93 if (context->pwent_methods == NULL)
94 return False;
95
96 if (!context->pwent_methods->setsampwent){
97 DEBUG(5, ("next backend does not implment setsampwent\n"));
98 return False;
99 }
100
101 context->pwent_methods->setsampwent(context->pwent_methods, False);
102 }
103 user->methods = context->pwent_methods;
104 return True;
105 }
106
107 static BOOL context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const char *username)
108 {
109 struct pdb_methods *curmethods;
110 if ((!context)) {
111 DEBUG(0, ("invalid pdb_context specified!\n"));
112 return False;
113 }
114 curmethods = context->pdb_methods;
115 while (curmethods){
116 if (curmethods->getsampwnam && curmethods->getsampwnam(curmethods, sam_acct, username) == True){
117 sam_acct->methods = curmethods;
118 return True;
119 }
120 curmethods = curmethods->next;
121 }
122
123 return False;
124 }
125
126 static BOOL context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, DOM_SID *sid)
127 {
128 struct pdb_methods *curmethods;
129 if ((!context)) {
130 DEBUG(0, ("invalid pdb_context specified!\n"));
131 return False;
132 }
133
134 curmethods = context->pdb_methods;
135
136 while (curmethods){
137 if (curmethods->getsampwsid && curmethods->getsampwsid(curmethods, sam_acct, sid) == True){
138 sam_acct->methods = curmethods;
139 return True;
140 }
141 curmethods = curmethods->next;
142 }
143
144 return False;
145 }
146
147 static BOOL context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
148 {
149 if ((!context) || (!context->pdb_methods) || (!context->pdb_methods->add_sam_account)) {
150 DEBUG(0, ("invalid pdb_context specified!\n"));
151 return False;
152 }
153
154 /** @todo This is where a 're-read on add' should be done */
155 /* We now add a new account to the first database listed.
156 * Should we? */
157
158 return context->pdb_methods->add_sam_account(context->pdb_methods, sam_acct);
159 }
160
161 static BOOL context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
162 {
163 if (!context) {
164 DEBUG(0, ("invalid pdb_context specified!\n"));
165 return False;
166 }
167
168 if (!sam_acct || !sam_acct->methods){
169 DEBUG(0, ("invalid sam_acct specified\n"));
170 return False;
171 }
172
173 if (!sam_acct->methods->update_sam_account){
174 DEBUG(0, ("invalid sam_acct->methods\n"));
175 return False;
176 }
177
178 /** @todo This is where a 're-read on update' should be done */
179
180 return sam_acct->methods->update_sam_account(sam_acct->methods, sam_acct);
181 }
182
183 static BOOL context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
184 {
185 struct pdb_methods *pdb_selected;
186 if (!context) {
187 DEBUG(0, ("invalid pdb_context specified!\n"));
188 return False;
189 }
190
191 if (!sam_acct->methods){
192 pdb_selected = context->pdb_methods;
193 /* There's no passdb backend specified for this account.
194 * Try to delete it in every passdb available
195 * Needed to delete accounts in smbpasswd that are not
196 * in /etc/passwd.
197 */
198 while (pdb_selected){
199 if (pdb_selected->delete_sam_account && pdb_selected->delete_sam_account(pdb_selected, sam_acct)){
200 return True;
201 }
202 pdb_selected = pdb_selected->next;
203 }
204 return False;
205 }
206
207 if (!sam_acct->methods->delete_sam_account){
208 DEBUG(0,("invalid sam_acct->methods->delete_sam_account\n"));
209 return False;
210 }
211
212 return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
213 }
214
215 /******************************************************************
216 Free and cleanup a pdb context, any associated data and anything
217 that the attached modules might have associated.
218 *******************************************************************/
219
220 static void free_pdb_context(struct pdb_context **context)
221 {
222 struct pdb_methods *pdb_selected = (*context)->pdb_methods;
223
224 while (pdb_selected){
225 if (pdb_selected->free_private_data) {
226 pdb_selected->free_private_data(&(pdb_selected->private_data));
227 }
228 pdb_selected = pdb_selected->next;
229 }
230
231 talloc_destroy((*context)->mem_ctx);
232 *context = NULL;
233 }
234
235 /******************************************************************
236 Make a pdb_methods from scratch
237 *******************************************************************/
238
239 static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_context *context, const char *selected)
240 {
241 char *module_name = smb_xstrdup(selected);
242 char *module_location = NULL, *p;
243 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
244 int i;
245
246 p = strchr(module_name, ':');
247
248 if (p) {
249 *p = 0;
250 module_location = p+1;
251 trim_string(module_location, " ", " ");
252 }
253
254 trim_string(module_name, " ", " ");
255
256 DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
257 for (i = 0; builtin_pdb_init_functions[i].name; i++)
258 {
259 if (strequal(builtin_pdb_init_functions[i].name, module_name))
260 {
261 DEBUG(5,("Found pdb backend %s (at pos %d)\n", module_name, i));
262 nt_status = builtin_pdb_init_functions[i].init(context, methods, module_location);
263 if (NT_STATUS_IS_OK(nt_status)) {
264 DEBUG(5,("pdb backend %s has a valid init\n", selected));
265 } else {
266 DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
267 }
268 SAFE_FREE(module_name);
269 return nt_status;
270 break; /* unreached */
271 }
272 }
273
274 /* No such backend found */
275 SAFE_FREE(module_name);
276 return NT_STATUS_INVALID_PARAMETER;
277 }
278
279 /******************************************************************
280 Make a pdb_context from scratch.
281 *******************************************************************/
282
283 static NTSTATUS make_pdb_context(struct pdb_context **context)
284 {
285 TALLOC_CTX *mem_ctx;
286
287 mem_ctx = talloc_init_named("pdb_context internal allocation context");
288
289 if (!mem_ctx) {
290 DEBUG(0, ("make_pdb_context: talloc init failed!\n"));
291 return NT_STATUS_NO_MEMORY;
292 }
293
294 *context = talloc(mem_ctx, sizeof(**context));
295 if (!*context) {
296 DEBUG(0, ("make_pdb_context: talloc failed!\n"));
297 return NT_STATUS_NO_MEMORY;
298 }
299
300 ZERO_STRUCTP(*context);
301
302 (*context)->mem_ctx = mem_ctx;
303
304 (*context)->pdb_setsampwent = context_setsampwent;
305 (*context)->pdb_endsampwent = context_endsampwent;
306 (*context)->pdb_getsampwent = context_getsampwent;
307 (*context)->pdb_getsampwnam = context_getsampwnam;
308 (*context)->pdb_getsampwsid = context_getsampwsid;
309 (*context)->pdb_add_sam_account = context_add_sam_account;
310 (*context)->pdb_update_sam_account = context_update_sam_account;
311 (*context)->pdb_delete_sam_account = context_delete_sam_account;
312
313 (*context)->free_fn = free_pdb_context;
314
315 return NT_STATUS_OK;
316 }
317
318
319 /******************************************************************
320 Make a pdb_context, given an array of strings
321 *******************************************************************/
322
323 NTSTATUS make_pdb_context_list(struct pdb_context **context, char **selected)
324 {
325 int i = 0;
326 struct pdb_methods *curmethods, *tmpmethods;
327 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
328
329 if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context))) {
330 return nt_status;
331 }
332
333 while (selected[i]){
334 /* Try to initialise pdb */
335 DEBUG(5,("Trying to load: %s\n", selected[i]));
336 if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods_name(&curmethods, *context, selected[i]))) {
337 DEBUG(1, ("Loading %s failed!\n", selected[i]));
338 free_pdb_context(context);
339 return nt_status;
340 }
341 curmethods->parent = *context;
342 DLIST_ADD_END((*context)->pdb_methods, curmethods, tmpmethods);
343 i++;
344 }
345
346 return NT_STATUS_OK;
347 }
348
349 /******************************************************************
350 Make a pdb_context, given a text string.
351 *******************************************************************/
352
353 NTSTATUS make_pdb_context_string(struct pdb_context **context, const char *selected)
354 {
355 NTSTATUS ret;
356 char **newsel = str_list_make(selected);
357 ret = make_pdb_context_list(context, newsel);
358 str_list_free(&newsel);
359 return ret;
360 }
361
362 /******************************************************************
363 Return an already initialised pdb_context, to facilitate backward
364 compatibility (see functions below).
365 *******************************************************************/
366
367 static struct pdb_context *pdb_get_static_context(BOOL reload)
368 {
369 static struct pdb_context *pdb_context = NULL;
370
371 if ((pdb_context) && (reload)) {
372 pdb_context->free_fn(&pdb_context);
373 if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
374 return NULL;
375 }
376 }
377
378 if (!pdb_context) {
379 if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
380 return NULL;
381 }
382 }
383
384 return pdb_context;
385 }
386
387 #if !defined(WITH_NISPLUS_SAM)
388
389 /******************************************************************
390 Backward compatibility functions for the original passdb interface
391 *******************************************************************/
392
393 BOOL pdb_setsampwent(BOOL update)
394 {
395 struct pdb_context *pdb_context = pdb_get_static_context(False);
396
397 if (!pdb_context) {
398 return False;
399 }
400
401 return pdb_context->pdb_setsampwent(pdb_context, update);
402 }
403
404 void pdb_endsampwent(void)
405 {
406 struct pdb_context *pdb_context = pdb_get_static_context(False);
407
408 if (!pdb_context) {
409 return;
410 }
411
412 pdb_context->pdb_endsampwent(pdb_context);
413 }
414
415 BOOL pdb_getsampwent(SAM_ACCOUNT *user)
416 {
417 struct pdb_context *pdb_context = pdb_get_static_context(False);
418
419 if (!pdb_context) {
420 return False;
421 }
422
423 return pdb_context->pdb_getsampwent(pdb_context, user);
424 }
425
426 BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username)
427 {
428 struct pdb_context *pdb_context = pdb_get_static_context(False);
429
430 if (!pdb_context) {
431 return False;
432 }
433
434 return pdb_context->pdb_getsampwnam(pdb_context, sam_acct, username);
435 }
436
437 BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, DOM_SID *sid)
438 {
439 struct pdb_context *pdb_context = pdb_get_static_context(False);
440
441 if (!pdb_context) {
442 return False;
443 }
444
445 return pdb_context->pdb_getsampwsid(pdb_context, sam_acct, sid);
446 }
447
448 BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct)
449 {
450 struct pdb_context *pdb_context = pdb_get_static_context(False);
451
452 if (!pdb_context) {
453 return False;
454 }
455
456 return pdb_context->pdb_add_sam_account(pdb_context, sam_acct);
457 }
458
459 BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
460 {
461 struct pdb_context *pdb_context = pdb_get_static_context(False);
462
463 if (!pdb_context) {
464 return False;
465 }
466
467 return pdb_context->pdb_update_sam_account(pdb_context, sam_acct);
468 }
469
470 BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
471 {
472 struct pdb_context *pdb_context = pdb_get_static_context(False);
473
474 if (!pdb_context) {
475 return False;
476 }
477
478 return pdb_context->pdb_delete_sam_account(pdb_context, sam_acct);
479 }
480
481 #endif /* !defined(WITH_NISPLUS_SAM) */
482
483 /***************************************************************
484 Initialize the static context (at smbd startup etc).
485
486 If uninitialised, context will auto-init on first use.
487 ***************************************************************/
488
489 BOOL initialize_password_db(BOOL reload)
490 {
491 return (pdb_get_static_context(reload) != NULL);
492 }
493
494
495 NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
496 {
497 *methods = talloc(mem_ctx, sizeof(struct pdb_methods));
498
499 if (!*methods) {
500 return NT_STATUS_NO_MEMORY;
501 }
502
503 ZERO_STRUCTP(*methods);
504
505 return NT_STATUS_OK;
506 }
Samba GIT mirror