2 Unix SMB/Netbios implementation.
4 Samba registry functions
5 Copyright (C) Andrew Tridgell 1992-1998
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 /* the Samba secrets database stores any generated, private information
23 such as the local SID and machine trust password */
27 static TDB_CONTEXT
*tdb
;
29 /* open up the secrets database */
30 BOOL
secrets_init(void)
36 pstrcpy(fname
, lp_private_dir());
37 pstrcat(fname
,"/secrets.tdb");
39 tdb
= tdb_open(fname
, 0, 0, O_RDWR
|O_CREAT
, 0600);
42 DEBUG(0,("Failed to open %s\n", fname
));
48 /* read a entry from the secrets database - the caller must free the result
49 if size is non-null then the size of the entry is put in there
51 void *secrets_fetch(char *key
, size_t *size
)
54 if (!tdb
) return False
;
56 kbuf
.dsize
= strlen(key
);
57 dbuf
= tdb_fetch(tdb
, kbuf
);
58 if (size
) *size
= dbuf
.dsize
;
62 /* store a secrets entry
64 BOOL
secrets_store(char *key
, void *data
, size_t size
)
67 if (!tdb
) return False
;
69 kbuf
.dsize
= strlen(key
);
72 return tdb_store(tdb
, kbuf
, dbuf
, TDB_REPLACE
) == 0;
76 /* delete a secets database entry
78 BOOL
secrets_delete(char *key
)
81 if (!tdb
) return False
;
83 kbuf
.dsize
= strlen(key
);
84 return tdb_delete(tdb
, kbuf
) == 0;
87 BOOL
secrets_store_domain_sid(char *domain
, DOM_SID
*sid
)
91 slprintf(key
, sizeof(key
)-1, "%s/%s", SECRETS_DOMAIN_SID
, domain
);
92 return secrets_store(key
, sid
, sizeof(DOM_SID
));
95 BOOL
secrets_fetch_domain_sid(char *domain
, DOM_SID
*sid
)
101 slprintf(key
, sizeof(key
)-1, "%s/%s", SECRETS_DOMAIN_SID
, domain
);
102 dos_to_unix(key
, True
); /* Convert key to unix-codepage */
103 dyn_sid
= (DOM_SID
*)secrets_fetch(key
, &size
);
108 if (size
!= sizeof(DOM_SID
))
120 /************************************************************************
121 form a key for fetching a domain trust password
122 ************************************************************************/
123 char *trust_keystr(char *domain
)
125 static fstring keystr
;
128 fstrcpy(dos_domain
, domain
);
129 unix_to_dos(dos_domain
, True
);
131 slprintf(keystr
,sizeof(keystr
)-1,"%s/%s",
132 SECRETS_MACHINE_ACCT_PASS
, dos_domain
);
137 /************************************************************************
138 Routine to get the trust account password for a domain.
139 The user of this function must have locked the trust password file.
140 ************************************************************************/
141 BOOL
secrets_fetch_trust_account_password(char *domain
, uint8 ret_pwd
[16],
142 time_t *pass_last_set_time
)
144 struct machine_acct_pass
*pass
;
147 if (!(pass
= secrets_fetch(trust_keystr(domain
), &size
)) ||
148 size
!= sizeof(*pass
))
151 if (pass_last_set_time
) *pass_last_set_time
= pass
->mod_time
;
152 memcpy(ret_pwd
, pass
->hash
, 16);
158 /************************************************************************
159 Routine to set the trust account password for a domain.
160 ************************************************************************/
161 BOOL
secrets_store_trust_account_password(char *domain
, uint8 new_pwd
[16])
163 struct machine_acct_pass pass
;
165 pass
.mod_time
= time(NULL
);
166 memcpy(pass
.hash
, new_pwd
, 16);
168 return secrets_store(trust_keystr(domain
), (void *)&pass
, sizeof(pass
));
171 /************************************************************************
172 Routine to delete the trust account password file for a domain.
173 ************************************************************************/
175 BOOL
trust_password_delete(char *domain
)
177 return secrets_delete(trust_keystr(domain
));