search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3: use monotonic clock for time deltas in namequery functions
[Samba/gebeck_regimport.git] / source3 / passdb / secrets.c
blob1bb0e25cf77a84c71d1bc055da208ca97c9952cb
1 /*
2 Unix SMB/CIFS implementation.
3 Copyright (C) Andrew Tridgell 1992-2001
4 Copyright (C) Andrew Bartlett 2002
5 Copyright (C) Rafal Szczesniak 2002
6 Copyright (C) Tim Potter 2001
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 /* the Samba secrets database stores any generated, private information
23 such as the local SID and machine trust password */
24
25 #include "includes.h"
26 #include "../libcli/auth/libcli_auth.h"
27 #include "librpc/gen_ndr/ndr_secrets.h"
28 #include "secrets.h"
29 #include "dbwrap.h"
30
31 #undef DBGC_CLASS
32 #define DBGC_CLASS DBGC_PASSDB
33
34 static struct db_context *db_ctx;
35
36 /**
37 * Use a TDB to store an incrementing random seed.
38 *
39 * Initialised to the current pid, the very first time Samba starts,
40 * and incremented by one each time it is needed.
41 *
42 * @note Not called by systems with a working /dev/urandom.
43 */
44 static void get_rand_seed(void *userdata, int *new_seed)
45 {
46 *new_seed = sys_getpid();
47 if (db_ctx) {
48 dbwrap_trans_change_int32_atomic(db_ctx, "INFO/random_seed",
49 new_seed, 1);
50 }
51 }
52
53 /* open up the secrets database */
54 bool secrets_init(void)
55 {
56 char *fname = NULL;
57 unsigned char dummy;
58
59 if (db_ctx != NULL)
60 return True;
61
62 fname = talloc_asprintf(talloc_tos(), "%s/secrets.tdb",
63 lp_private_dir());
64 if (fname == NULL) {
65 return false;
66 }
67
68 db_ctx = db_open(NULL, fname, 0,
69 TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
70
71 if (db_ctx == NULL) {
72 DEBUG(0,("Failed to open %s\n", fname));
73 TALLOC_FREE(fname);
74 return False;
75 }
76
77 TALLOC_FREE(fname);
78
79 /**
80 * Set a reseed function for the crypto random generator
81 *
82 * This avoids a problem where systems without /dev/urandom
83 * could send the same challenge to multiple clients
84 */
85 set_rand_reseed_callback(get_rand_seed, NULL);
86
87 /* Ensure that the reseed is done now, while we are root, etc */
88 generate_random_buffer(&dummy, sizeof(dummy));
89
90 return True;
91 }
92
93 struct db_context *secrets_db_ctx(void)
94 {
95 if (!secrets_init()) {
96 return NULL;
97 }
98
99 return db_ctx;
100 }
101
102 /*
103 * close secrets.tdb
104 */
105 void secrets_shutdown(void)
106 {
107 TALLOC_FREE(db_ctx);
108 }
109
110 /* read a entry from the secrets database - the caller must free the result
111 if size is non-null then the size of the entry is put in there
112 */
113 void *secrets_fetch(const char *key, size_t *size)
114 {
115 TDB_DATA dbuf;
116 void *result;
117
118 if (!secrets_init()) {
119 return NULL;
120 }
121
122 if (db_ctx->fetch(db_ctx, talloc_tos(), string_tdb_data(key),
123 &dbuf) != 0) {
124 return NULL;
125 }
126
127 result = memdup(dbuf.dptr, dbuf.dsize);
128 if (result == NULL) {
129 return NULL;
130 }
131 TALLOC_FREE(dbuf.dptr);
132
133 if (size) {
134 *size = dbuf.dsize;
135 }
136
137 return result;
138 }
139
140 /* store a secrets entry
141 */
142 bool secrets_store(const char *key, const void *data, size_t size)
143 {
144 NTSTATUS status;
145
146 if (!secrets_init()) {
147 return false;
148 }
149
150 status = dbwrap_trans_store(db_ctx, string_tdb_data(key),
151 make_tdb_data((const uint8 *)data, size),
152 TDB_REPLACE);
153 return NT_STATUS_IS_OK(status);
154 }
155
156
157 /* delete a secets database entry
158 */
159 bool secrets_delete(const char *key)
160 {
161 NTSTATUS status;
162 if (!secrets_init()) {
163 return false;
164 }
165
166 status = dbwrap_trans_delete(db_ctx, string_tdb_data(key));
167
168 return NT_STATUS_IS_OK(status);
169 }
170
171 bool secrets_store_local_schannel_key(uint8_t schannel_key[16])
172 {
173 return secrets_store(SECRETS_LOCAL_SCHANNEL_KEY, schannel_key, 16);
174 }
175
176 bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16])
177 {
178 size_t size = 0;
179 uint8_t *key;
180
181 key = (uint8_t *)secrets_fetch(SECRETS_LOCAL_SCHANNEL_KEY, &size);
182 if (key == NULL) {
183 return false;
184 }
185
186 if (size != 16) {
187 SAFE_FREE(key);
188 return false;
189 }
190
191 memcpy(schannel_key, key, 16);
192 SAFE_FREE(key);
193 return true;
194 }
195
196 /**
197 * Form a key for fetching a trusted domain password
198 *
199 * @param domain trusted domain name
200 *
201 * @return stored password's key
202 **/
203 static char *trustdom_keystr(const char *domain)
204 {
205 char *keystr;
206
207 keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
208 SECRETS_DOMTRUST_ACCT_PASS,
209 domain);
210 SMB_ASSERT(keystr != NULL);
211 return keystr;
212 }
213
214 /************************************************************************
215 Routine to get account password to trusted domain
216 ************************************************************************/
217
218 bool secrets_fetch_trusted_domain_password(const char *domain, char** pwd,
219 struct dom_sid *sid, time_t *pass_last_set_time)
220 {
221 struct TRUSTED_DOM_PASS pass;
222 enum ndr_err_code ndr_err;
223
224 /* unpacking structures */
225 DATA_BLOB blob;
226
227 /* fetching trusted domain password structure */
228 if (!(blob.data = (uint8_t *)secrets_fetch(trustdom_keystr(domain),
229 &blob.length))) {
230 DEBUG(5, ("secrets_fetch failed!\n"));
231 return False;
232 }
233
234 /* unpack trusted domain password */
235 ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &pass,
236 (ndr_pull_flags_fn_t)ndr_pull_TRUSTED_DOM_PASS);
237 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
238 return false;
239 }
240
241 SAFE_FREE(blob.data);
242
243 /* the trust's password */
244 if (pwd) {
245 *pwd = SMB_STRDUP(pass.pass);
246 if (!*pwd) {
247 return False;
248 }
249 }
250
251 /* last change time */
252 if (pass_last_set_time) *pass_last_set_time = pass.mod_time;
253
254 /* domain sid */
255 if (sid != NULL) sid_copy(sid, &pass.domain_sid);
256
257 return True;
258 }
259
260 /**
261 * Routine to store the password for trusted domain
262 *
263 * @param domain remote domain name
264 * @param pwd plain text password of trust relationship
265 * @param sid remote domain sid
266 *
267 * @return true if succeeded
268 **/
269
270 bool secrets_store_trusted_domain_password(const char* domain, const char* pwd,
271 const struct dom_sid *sid)
272 {
273 bool ret;
274
275 /* packing structures */
276 DATA_BLOB blob;
277 enum ndr_err_code ndr_err;
278 struct TRUSTED_DOM_PASS pass;
279 ZERO_STRUCT(pass);
280
281 pass.uni_name = domain;
282 pass.uni_name_len = strlen(domain)+1;
283
284 /* last change time */
285 pass.mod_time = time(NULL);
286
287 /* password of the trust */
288 pass.pass_len = strlen(pwd);
289 pass.pass = pwd;
290
291 /* domain sid */
292 sid_copy(&pass.domain_sid, sid);
293
294 ndr_err = ndr_push_struct_blob(&blob, talloc_tos(), &pass,
295 (ndr_push_flags_fn_t)ndr_push_TRUSTED_DOM_PASS);
296 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
297 return false;
298 }
299
300 ret = secrets_store(trustdom_keystr(domain), blob.data, blob.length);
301
302 data_blob_free(&blob);
303
304 return ret;
305 }
306
307 /************************************************************************
308 Routine to delete the password for trusted domain
309 ************************************************************************/
310
311 bool trusted_domain_password_delete(const char *domain)
312 {
313 return secrets_delete(trustdom_keystr(domain));
314 }
315
316 bool secrets_store_ldap_pw(const char* dn, char* pw)
317 {
318 char *key = NULL;
319 bool ret;
320
321 if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, dn) < 0) {
322 DEBUG(0, ("secrets_store_ldap_pw: asprintf failed!\n"));
323 return False;
324 }
325
326 ret = secrets_store(key, pw, strlen(pw)+1);
327
328 SAFE_FREE(key);
329 return ret;
330 }
331
332 /*******************************************************************
333 Find the ldap password.
334 ******************************************************************/
335
336 bool fetch_ldap_pw(char **dn, char** pw)
337 {
338 char *key = NULL;
339 size_t size = 0;
340
341 *dn = smb_xstrdup(lp_ldap_admin_dn());
342
343 if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, *dn) < 0) {
344 SAFE_FREE(*dn);
345 DEBUG(0, ("fetch_ldap_pw: asprintf failed!\n"));
346 return false;
347 }
348
349 *pw=(char *)secrets_fetch(key, &size);
350 SAFE_FREE(key);
351
352 if (!size) {
353 /* Upgrade 2.2 style entry */
354 char *p;
355 char* old_style_key = SMB_STRDUP(*dn);
356 char *data;
357 fstring old_style_pw;
358
359 if (!old_style_key) {
360 DEBUG(0, ("fetch_ldap_pw: strdup failed!\n"));
361 return False;
362 }
363
364 for (p=old_style_key; *p; p++)
365 if (*p == ',') *p = '/';
366
367 data=(char *)secrets_fetch(old_style_key, &size);
368 if ((data == NULL) || (size < sizeof(old_style_pw))) {
369 DEBUG(0,("fetch_ldap_pw: neither ldap secret retrieved!\n"));
370 SAFE_FREE(old_style_key);
371 SAFE_FREE(*dn);
372 SAFE_FREE(data);
373 return False;
374 }
375
376 size = MIN(size, sizeof(fstring)-1);
377 strncpy(old_style_pw, data, size);
378 old_style_pw[size] = 0;
379
380 SAFE_FREE(data);
381
382 if (!secrets_store_ldap_pw(*dn, old_style_pw)) {
383 DEBUG(0,("fetch_ldap_pw: ldap secret could not be upgraded!\n"));
384 SAFE_FREE(old_style_key);
385 SAFE_FREE(*dn);
386 return False;
387 }
388 if (!secrets_delete(old_style_key)) {
389 DEBUG(0,("fetch_ldap_pw: old ldap secret could not be deleted!\n"));
390 }
391
392 SAFE_FREE(old_style_key);
393
394 *pw = smb_xstrdup(old_style_pw);
395 }
396
397 return True;
398 }
399
400 /**
401 * Get trusted domains info from secrets.tdb.
402 **/
403
404 struct list_trusted_domains_state {
405 uint32 num_domains;
406 struct trustdom_info **domains;
407 };
408
409 static int list_trusted_domain(struct db_record *rec, void *private_data)
410 {
411 const size_t prefix_len = strlen(SECRETS_DOMTRUST_ACCT_PASS);
412 struct TRUSTED_DOM_PASS pass;
413 enum ndr_err_code ndr_err;
414 DATA_BLOB blob;
415 struct trustdom_info *dom_info;
416
417 struct list_trusted_domains_state *state =
418 (struct list_trusted_domains_state *)private_data;
419
420 if ((rec->key.dsize < prefix_len)
421 || (strncmp((char *)rec->key.dptr, SECRETS_DOMTRUST_ACCT_PASS,
422 prefix_len) != 0)) {
423 return 0;
424 }
425
426 blob = data_blob_const(rec->value.dptr, rec->value.dsize);
427
428 ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &pass,
429 (ndr_pull_flags_fn_t)ndr_pull_TRUSTED_DOM_PASS);
430 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
431 return false;
432 }
433
434 if (pass.domain_sid.num_auths != 4) {
435 DEBUG(0, ("SID %s is not a domain sid, has %d "
436 "auths instead of 4\n",
437 sid_string_dbg(&pass.domain_sid),
438 pass.domain_sid.num_auths));
439 return 0;
440 }
441
442 if (!(dom_info = TALLOC_P(state->domains, struct trustdom_info))) {
443 DEBUG(0, ("talloc failed\n"));
444 return 0;
445 }
446
447 dom_info->name = talloc_strdup(dom_info, pass.uni_name);
448 if (!dom_info->name) {
449 TALLOC_FREE(dom_info);
450 return 0;
451 }
452
453 sid_copy(&dom_info->sid, &pass.domain_sid);
454
455 ADD_TO_ARRAY(state->domains, struct trustdom_info *, dom_info,
456 &state->domains, &state->num_domains);
457
458 if (state->domains == NULL) {
459 state->num_domains = 0;
460 return -1;
461 }
462 return 0;
463 }
464
465 NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains,
466 struct trustdom_info ***domains)
467 {
468 struct list_trusted_domains_state state;
469
470 secrets_init();
471
472 if (db_ctx == NULL) {
473 return NT_STATUS_ACCESS_DENIED;
474 }
475
476 state.num_domains = 0;
477
478 /*
479 * Make sure that a talloc context for the trustdom_info structs
480 * exists
481 */
482
483 if (!(state.domains = TALLOC_ARRAY(
484 mem_ctx, struct trustdom_info *, 1))) {
485 return NT_STATUS_NO_MEMORY;
486 }
487
488 db_ctx->traverse_read(db_ctx, list_trusted_domain, (void *)&state);
489
490 *num_domains = state.num_domains;
491 *domains = state.domains;
492 return NT_STATUS_OK;
493 }
494
495 /*******************************************************************************
496 Store a complete AFS keyfile into secrets.tdb.
497 *******************************************************************************/
498
499 bool secrets_store_afs_keyfile(const char *cell, const struct afs_keyfile *keyfile)
500 {
501 fstring key;
502
503 if ((cell == NULL) || (keyfile == NULL))
504 return False;
505
506 if (ntohl(keyfile->nkeys) > SECRETS_AFS_MAXKEYS)
507 return False;
508
509 slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_AFS_KEYFILE, cell);
510 return secrets_store(key, keyfile, sizeof(struct afs_keyfile));
511 }
512
513 /*******************************************************************************
514 Fetch the current (highest) AFS key from secrets.tdb
515 *******************************************************************************/
516 bool secrets_fetch_afs_key(const char *cell, struct afs_key *result)
517 {
518 fstring key;
519 struct afs_keyfile *keyfile;
520 size_t size = 0;
521 uint32 i;
522
523 slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_AFS_KEYFILE, cell);
524
525 keyfile = (struct afs_keyfile *)secrets_fetch(key, &size);
526
527 if (keyfile == NULL)
528 return False;
529
530 if (size != sizeof(struct afs_keyfile)) {
531 SAFE_FREE(keyfile);
532 return False;
533 }
534
535 i = ntohl(keyfile->nkeys);
536
537 if (i > SECRETS_AFS_MAXKEYS) {
538 SAFE_FREE(keyfile);
539 return False;
540 }
541
542 *result = keyfile->entry[i-1];
543
544 result->kvno = ntohl(result->kvno);
545
546 SAFE_FREE(keyfile);
547
548 return True;
549 }
550
551 /******************************************************************************
552 When kerberos is not available, choose between anonymous or
553 authenticated connections.
554
555 We need to use an authenticated connection if DCs have the
556 RestrictAnonymous registry entry set > 0, or the "Additional
557 restrictions for anonymous connections" set in the win2k Local
558 Security Policy.
559
560 Caller to free() result in domain, username, password
561 *******************************************************************************/
562 void secrets_fetch_ipc_userpass(char **username, char **domain, char **password)
563 {
564 *username = (char *)secrets_fetch(SECRETS_AUTH_USER, NULL);
565 *domain = (char *)secrets_fetch(SECRETS_AUTH_DOMAIN, NULL);
566 *password = (char *)secrets_fetch(SECRETS_AUTH_PASSWORD, NULL);
567
568 if (*username && **username) {
569
570 if (!*domain || !**domain)
571 *domain = smb_xstrdup(lp_workgroup());
572
573 if (!*password || !**password)
574 *password = smb_xstrdup("");
575
576 DEBUG(3, ("IPC$ connections done by user %s\\%s\n",
577 *domain, *username));
578
579 } else {
580 DEBUG(3, ("IPC$ connections done anonymously\n"));
581 *username = smb_xstrdup("");
582 *domain = smb_xstrdup("");
583 *password = smb_xstrdup("");
584 }
585 }
586
587 bool secrets_store_generic(const char *owner, const char *key, const char *secret)
588 {
589 char *tdbkey = NULL;
590 bool ret;
591
592 if (asprintf(&tdbkey, "SECRETS/GENERIC/%s/%s", owner, key) < 0) {
593 DEBUG(0, ("asprintf failed!\n"));
594 return False;
595 }
596
597 ret = secrets_store(tdbkey, secret, strlen(secret)+1);
598
599 SAFE_FREE(tdbkey);
600 return ret;
601 }
602
603 bool secrets_delete_generic(const char *owner, const char *key)
604 {
605 char *tdbkey = NULL;
606 bool ret;
607
608 if (asprintf(&tdbkey, "SECRETS/GENERIC/%s/%s", owner, key) < 0) {
609 DEBUG(0, ("asprintf failed!\n"));
610 return False;
611 }
612
613 ret = secrets_delete(tdbkey);
614
615 SAFE_FREE(tdbkey);
616 return ret;
617 }
618
619 /*******************************************************************
620 Find the ldap password.
621 ******************************************************************/
622
623 char *secrets_fetch_generic(const char *owner, const char *key)
624 {
625 char *secret = NULL;
626 char *tdbkey = NULL;
627
628 if (( ! owner) || ( ! key)) {
629 DEBUG(1, ("Invalid Parameters"));
630 return NULL;
631 }
632
633 if (asprintf(&tdbkey, "SECRETS/GENERIC/%s/%s", owner, key) < 0) {
634 DEBUG(0, ("Out of memory!\n"));
635 return NULL;
636 }
637
638 secret = (char *)secrets_fetch(tdbkey, NULL);
639 SAFE_FREE(tdbkey);
640
641 return secret;
642 }
643
reg import