r9448: Work on reading the secrets tdb. Build tdbsam support by default.

(This used to be commit 9ea601c0a675767f8ea5f316c9355572dffbc4c0)

4 files changed, 545 insertions, 9 deletions

diff --git a/source4/lib/basic.mk b/source4/lib/basic.mk
index 4dd6a05d54..7b95632c70 100644
--- a/source4/lib/basic.mk
+++ b/source4/lib/basic.mk
@@ -35,15 +35,6 @@ INIT_OBJ_FILES = \
 # End SUBSYSTEM LIBCOMPRESION
 ################################################
 
-
-################################################
-# Start SUBSYSTEM LIBSAMBA3
-[SUBSYSTEM::LIBSAMBA3]
-INIT_OBJ_FILES = \
-		lib/samba3/smbpasswd.o
-# End SUBSYSTEM LIBSAMBA3
-################################################
-
 [SUBSYSTEM::PAM_ERRORS]
 OBJ_FILES = lib/pam_errors.o
 
diff --git a/source4/lib/samba3/secrets.c b/source4/lib/samba3/secrets.c
new file mode 100644
index 0000000000..ccd53c0398
--- /dev/null
+++ b/source4/lib/samba3/secrets.c
@@ -0,0 +1,542 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Copyright (C) Andrew Tridgell 1992-2001
+   Copyright (C) Andrew Bartlett      2002
+   Copyright (C) Rafal Szczesniak     2002
+   Copyright (C) Tim Potter           2001
+   Copyright (C) Jelmer Vernooij	  2005
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+/* the Samba secrets database stores any generated, private information
+   such as the local SID and machine trust password */
+
+#define SECRETS_DOMAIN_SID "SECRETS/SID"
+#define SECRETS_DOMAIN_GUID "SECRETS/DOMGUID"
+#define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW"
+#define SECRETS_MACHINE_ACCT_PASS "SECRETS/$MACHINE.ACC"
+#define SECRETS_DOMTRUST_ACCT_PASS "SECRETS/$DOMTRUST.ACC"
+#define SECRETS_MACHINE_PASSWORD "SECRETS/MACHINE_PASSWORD"
+#define SECRETS_MACHINE_LAST_CHANGE_TIME "SECRETS/MACHINE_LAST_CHANGE_TIME"
+#define SECRETS_MACHINE_SEC_CHANNEL_TYPE "SECRETS/MACHINE_SEC_CHANNEL_TYPE"
+#define SECRETS_AFS_KEYFILE "SECRETS/AFS_KEYFILE"
+#define SECRETS_AUTH_USER      "SECRETS/AUTH_USER"
+#define SECRETS_AUTH_DOMAIN      "SECRETS/AUTH_DOMAIN"
+#define SECRETS_AUTH_PASSWORD  "SECRETS/AUTH_PASSWORD"
+
+
+#include "includes.h"
+#include "tdb.h"
+#include "system/filesys.h"
+#include "librpc/gen_ndr/ndr_security.h"
+
+/* structure for storing machine account password
+   (ie. when samba server is member of a domain */
+struct machine_acct_pass {
+	uint8_t hash[16];
+	time_t mod_time;
+};
+
+#define SECRETS_AFS_MAXKEYS 8
+
+struct afs_key {
+	uint32_t kvno;
+	char key[8];
+};
+
+static TDB_CONTEXT *secrets_open(const char *fname)
+{
+	TDB_CONTEXT *tdb = tdb_open(fname, 0, TDB_DEFAULT, O_RDONLY, 0600);
+
+	if (!tdb) {
+		DEBUG(0,("Failed to open %s\n", fname));
+		return NULL;
+	}
+
+	return tdb;
+}
+
+/* read a entry from the secrets database - the caller must free the result
+   if size is non-null then the size of the entry is put in there
+ */
+static void *secrets_fetch(TDB_CONTEXT *tdb, const char *key, size_t *size)
+{
+	TDB_DATA kbuf, dbuf;
+	
+	kbuf.dptr = strdup(key);
+	kbuf.dsize = strlen(key);
+	dbuf = tdb_fetch(tdb, kbuf);
+	if (size)
+		*size = dbuf.dsize;
+	free(kbuf.dptr);
+	return dbuf.dptr;
+}
+
+static BOOL secrets_fetch_domain_sid(TDB_CONTEXT *tdb, const char *domain, struct dom_sid *sid)
+{
+	struct dom_sid *dyn_sid;
+	char *key;
+	size_t size;
+
+	asprintf(&key, "%s/%s", SECRETS_DOMAIN_SID, domain);
+	strupper_m(key);
+	dyn_sid = (struct dom_sid *)secrets_fetch(tdb, key, &size);
+	SAFE_FREE(key);
+
+	if (dyn_sid == NULL)
+		return False;
+
+	if (size != sizeof(struct dom_sid))
+	{ 
+		SAFE_FREE(dyn_sid);
+		return False;
+	}
+
+	*sid = *dyn_sid;
+	SAFE_FREE(dyn_sid);
+	return True;
+}
+
+static BOOL secrets_fetch_domain_guid(TDB_CONTEXT *tdb, const char *domain, struct GUID *guid)
+{
+	struct GUID *dyn_guid;
+	char *key;
+	size_t size;
+
+	asprintf(&key, "%s/%s", SECRETS_DOMAIN_GUID, domain);
+	strupper_m(key);
+	dyn_guid = (struct GUID *)secrets_fetch(tdb, key, &size);
+
+	if (!dyn_guid) {
+		return False;
+	}
+
+	if (size != sizeof(struct GUID))
+	{ 
+		DEBUG(1,("GUID size %d is wrong!\n", (int)size));
+		SAFE_FREE(dyn_guid);
+		return False;
+	}
+
+	*guid = *dyn_guid;
+	SAFE_FREE(dyn_guid);
+	return True;
+}
+
+/**
+ * Form a key for fetching the machine trust account password
+ *
+ * @param domain domain name
+ *
+ * @return stored password's key
+ **/
+static char *trust_keystr(const char *domain)
+{
+	char *keystr;
+
+	asprintf(&keystr, "%s/%s", SECRETS_MACHINE_ACCT_PASS, domain);
+	strupper_m(keystr);
+
+	return keystr;
+}
+
+/**
+ * Form a key for fetching a trusted domain password
+ *
+ * @param domain trusted domain name
+ *
+ * @return stored password's key
+ **/
+static char *trustdom_keystr(const char *domain)
+{
+	char *keystr;
+
+	asprintf(&keystr, "%s/%s", SECRETS_DOMTRUST_ACCT_PASS, domain);
+	strupper_m(keystr);
+		
+	return keystr;
+}
+
+/************************************************************************
+ Routine to get the trust account password for a domain.
+ The user of this function must have locked the trust password file using
+ the above secrets_lock_trust_account_password().
+************************************************************************/
+
+static BOOL secrets_fetch_trust_account_password(TDB_CONTEXT *tdb, 
+					  const char *domain, uint8_t ret_pwd[16],
+					  time_t *pass_last_set_time,
+					  uint32_t *channel)
+{
+	struct machine_acct_pass *pass;
+	char *plaintext;
+	size_t size;
+
+	plaintext = secrets_fetch_machine_password(tdb, domain, pass_last_set_time, 
+						   channel);
+	if (plaintext) {
+		DEBUG(4,("Using cleartext machine password\n"));
+		E_md4hash(plaintext, ret_pwd);
+		SAFE_FREE(plaintext);
+		return True;
+	}
+
+	if (!(pass = secrets_fetch(tdb, trust_keystr(domain), &size))) {
+		DEBUG(5, ("secrets_fetch failed!\n"));
+		return False;
+	}
+	
+	if (size != sizeof(*pass)) {
+		DEBUG(0, ("secrets were of incorrect size!\n"));
+		return False;
+	}
+
+	if (pass_last_set_time) *pass_last_set_time = pass->mod_time;
+	memcpy(ret_pwd, pass->hash, 16);
+	SAFE_FREE(pass);
+
+	if (channel) 
+		*channel = get_default_sec_channel();
+
+	return True;
+}
+
+/************************************************************************
+ Routine to get account password to trusted domain
+************************************************************************/
+
+static BOOL secrets_fetch_trusted_domain_password(TDB_CONTEXT *tdb, const char *domain, char** pwd, struct dom_sid **sid, time_t *pass_last_set_time)
+{
+	struct trusted_dom_pass pass;
+	size_t size;
+	
+	/* unpacking structures */
+	char* pass_buf;
+	int pass_len = 0;
+
+	ZERO_STRUCT(pass);
+
+	/* fetching trusted domain password structure */
+	if (!(pass_buf = secrets_fetch(tdb, trustdom_keystr(domain), &size))) {
+		DEBUG(5, ("secrets_fetch failed!\n"));
+		return False;
+	}
+
+	/* unpack trusted domain password */
+	pass_len = tdb_trusted_dom_pass_unpack(pass_buf, size, &pass);
+	SAFE_FREE(pass_buf);
+
+	if (pass_len != size) {
+		DEBUG(5, ("Invalid secrets size. Unpacked data doesn't match trusted_dom_pass structure.\n"));
+		return False;
+	}
+			
+	/* the trust's password */	
+	if (pwd) {
+		*pwd = strdup(pass.pass);
+		if (!*pwd) {
+			return False;
+		}
+	}
+
+	/* last change time */
+	if (pass_last_set_time) *pass_last_set_time = pass.mod_time;
+
+	/* domain sid */
+	
+	*sid = dom_sid_dup(tdb, &pass.domain_sid);
+		
+	return True;
+}
+
+/************************************************************************
+ Routine to fetch the plaintext machine account password for a realm
+the password is assumed to be a null terminated ascii string
+************************************************************************/
+static char *secrets_fetch_machine_password(TDB_CONTEXT *tdb, const char *domain, 
+				     time_t *pass_last_set_time,
+				     uint32_t *channel)
+{
+	char *key = NULL;
+	char *ret;
+	asprintf(&key, "%s/%s", SECRETS_MACHINE_PASSWORD, domain);
+	strupper_m(key);
+	ret = (char *)secrets_fetch(tdb, key, NULL);
+	SAFE_FREE(key);
+	
+	if (pass_last_set_time) {
+		size_t size;
+		uint32_t *last_set_time;
+		asprintf(&key, "%s/%s", SECRETS_MACHINE_LAST_CHANGE_TIME, domain);
+		strupper_m(key);
+		last_set_time = secrets_fetch(tdb, key, &size);
+		if (last_set_time) {
+			*pass_last_set_time = IVAL(last_set_time,0);
+			SAFE_FREE(last_set_time);
+		} else {
+			*pass_last_set_time = 0;
+		}
+		SAFE_FREE(key);
+	}
+	
+	if (channel) {
+		size_t size;
+		uint32_t *channel_type;
+		asprintf(&key, "%s/%s", SECRETS_MACHINE_SEC_CHANNEL_TYPE, domain);
+		strupper_m(key);
+		channel_type = secrets_fetch(tdb, key, &size);
+		if (channel_type) {
+			*channel = IVAL(channel_type,0);
+			SAFE_FREE(channel_type);
+		} else {
+			*channel = get_default_sec_channel();
+		}
+		SAFE_FREE(key);
+	}
+	
+	return ret;
+}
+
+/*******************************************************************
+ find the ldap password
+******************************************************************/
+static BOOL fetch_ldap_pw(TDB_CONTEXT *tdb, const char *dn, char** pw)
+{
+	char *key = NULL;
+	size_t size;
+	
+	if (asprintf(&key, "%s/%s", SECRETS_LDAP_BIND_PW, dn) < 0) {
+		DEBUG(0, ("fetch_ldap_pw: asprintf failed!\n"));
+	}
+	
+	*pw=secrets_fetch(tdb, key, &size);
+	SAFE_FREE(key);
+
+	if (!size) {
+		return False;
+	}
+	
+	return True;
+}
+
+
+/**
+ * Get trusted domains info from secrets.tdb.
+ *
+ * The linked list is allocated on the supplied talloc context, caller gets to destroy
+ * when done.
+ *
+ * @param ctx Allocation context
+ * @param enum_ctx Starting index, eg. we can start fetching at third
+ *        or sixth trusted domain entry. Zero is the first index.
+ *        Value it is set to is the enum context for the next enumeration.
+ * @param num_domains Number of domain entries to fetch at one call
+ * @param domains Pointer to array of trusted domain structs to be filled up
+ *
+ * @return nt status code of rpc response
+ **/ 
+
+static NTSTATUS secrets_get_trusted_domains(TDB_CONTEXT *tdb, TALLOC_CTX* ctx, int* enum_ctx, unsigned int max_num_domains,
+                                     int *num_domains, struct samba3_trustdom ***domains)
+{
+	TDB_LIST_NODE *keys, *k;
+	struct samba3_trustdom *dom = NULL;
+	char *pattern;
+	unsigned int start_idx;
+	uint32_t idx = 0;
+	size_t size, packed_size = 0;
+	fstring dom_name;
+	char *packed_pass;
+	struct trusted_dom_pass *pass = talloc(ctx, struct trusted_dom_pass);
+	NTSTATUS status;
+
+	if (!secrets_init()) return NT_STATUS_ACCESS_DENIED;
+	
+	if (!pass) {
+		DEBUG(0, ("talloc_zero failed!\n"));
+		return NT_STATUS_NO_MEMORY;
+	}
+				
+	*num_domains = 0;
+	start_idx = *enum_ctx;
+
+	/* generate searching pattern */
+	if (!(pattern = talloc_asprintf(ctx, "%s/*", SECRETS_DOMTRUST_ACCT_PASS))) {
+		DEBUG(0, ("secrets_get_trusted_domains: talloc_asprintf() failed!\n"));
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	DEBUG(5, ("secrets_get_trusted_domains: looking for %d domains, starting at index %d\n", 
+		  max_num_domains, *enum_ctx));
+
+	*domains = talloc_zero_array(ctx, struct samba3_trustdom *, max_num_domains);
+
+	/* fetching trusted domains' data and collecting them in a list */
+	keys = tdb_search_keys(tdb, pattern);
+
+	/* 
+	 * if there's no keys returned ie. no trusted domain,
+	 * return "no more entries" code
+	 */
+	status = NT_STATUS_NO_MORE_ENTRIES;
+
+	/* searching for keys in secrets db -- way to go ... */
+	for (k = keys; k; k = k->next) {
+		char *secrets_key;
+		
+		/* important: ensure null-termination of the key string */
+		secrets_key = strndup(k->node_key.dptr, k->node_key.dsize);
+		if (!secrets_key) {
+			DEBUG(0, ("strndup failed!\n"));
+			return NT_STATUS_NO_MEMORY;
+		}
+
+		packed_pass = secrets_fetch(tdb, secrets_key, &size);
+		packed_size = tdb_trusted_dom_pass_unpack(packed_pass, size, pass);
+		/* packed representation isn't needed anymore */
+		SAFE_FREE(packed_pass);
+		
+		if (size != packed_size) {
+			DEBUG(2, ("Secrets record %s is invalid!\n", secrets_key));
+			continue;
+		}
+		
+		pull_ucs2_fstring(dom_name, pass->uni_name);
+		DEBUG(18, ("Fetched secret record num %d.\nDomain name: %s, SID: %s\n",
+			   idx, dom_name, sid_string_static(&pass->domain_sid)));
+
+		SAFE_FREE(secrets_key);
+
+		if (idx >= start_idx && idx < start_idx + max_num_domains) {
+			dom = talloc(ctx, struct samba3_trustdom);
+			if (!dom) {
+				/* free returned tdb record */
+				return NT_STATUS_NO_MEMORY;
+			}
+			
+			/* copy domain sid */
+			SMB_ASSERT(sizeof(dom->sid) == sizeof(pass->domain_sid));
+			memcpy(&(dom->sid), &(pass->domain_sid), sizeof(dom->sid));
+			
+			/* copy unicode domain name */
+			dom->name = talloc_memdup(ctx, pass->uni_name,
+						  (strlen_w(pass->uni_name) + 1) * sizeof(smb_ucs2_t));
+			
+			(*domains)[idx - start_idx] = dom;
+			
+			DEBUG(18, ("Secret record is in required range.\n \
+				   start_idx = %d, max_num_domains = %d. Added to returned array.\n",
+				   start_idx, max_num_domains));
+
+			*enum_ctx = idx + 1;
+			(*num_domains)++;
+		
+			/* set proper status code to return */
+			if (k->next) {
+				/* there are yet some entries to enumerate */
+				status = STATUS_MORE_ENTRIES;
+			} else {
+				/* this is the last entry in the whole enumeration */
+				status = NT_STATUS_OK;
+			}
+		} else {
+			DEBUG(18, ("Secret is outside the required range.\n \
+				   start_idx = %d, max_num_domains = %d. Not added to returned array\n",
+				   start_idx, max_num_domains));
+		}
+		
+		idx++;		
+	}
+	
+	DEBUG(5, ("secrets_get_trusted_domains: got %d domains\n", *num_domains));
+
+	/* free the results of searching the keys */
+	tdb_search_list_free(keys);
+
+	return status;
+}
+
+/*******************************************************************************
+ Fetch the current (highest) AFS key from secrets.tdb
+*******************************************************************************/
+static BOOL secrets_fetch_afs_key(TDB_CONTEXT *tdb, const char *cell, struct afs_key *result)
+{
+	fstring key;
+	struct afs_keyfile *keyfile;
+	size_t size;
+	uint32_t i;
+
+	slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_AFS_KEYFILE, cell);
+
+	keyfile = (struct afs_keyfile *)secrets_fetch(tdb, key, &size);
+
+	if (keyfile == NULL)
+		return False;
+
+	if (size != sizeof(struct afs_keyfile)) {
+		SAFE_FREE(keyfile);
+		return False;
+	}
+
+	i = ntohl(keyfile->nkeys);
+
+	if (i > SECRETS_AFS_MAXKEYS) {
+		SAFE_FREE(keyfile);
+		return False;
+	}
+
+	*result = keyfile->entry[i-1];
+
+	result->kvno = ntohl(result->kvno);
+
+	return True;
+}
+
+/******************************************************************************
+  When kerberos is not available, choose between anonymous or
+  authenticated connections.  
+
+  We need to use an authenticated connection if DCs have the
+  RestrictAnonymous registry entry set > 0, or the "Additional
+  restrictions for anonymous connections" set in the win2k Local
+  Security Policy.
+
+  Caller to free() result in domain, username, password
+*******************************************************************************/
+static void secrets_fetch_ipc_userpass(TDB_CONTEXT *tdb, char **username, char **domain, char **password)
+{
+	*username = secrets_fetch(tdb, SECRETS_AUTH_USER, NULL);
+	*domain = secrets_fetch(tdb, SECRETS_AUTH_DOMAIN, NULL);
+	*password = secrets_fetch(tdb, SECRETS_AUTH_PASSWORD, NULL);
+	
+	if (*username && **username) {
+
+		if (!*domain || !**domain)
+			*domain = smb_xstrdup(lp_workgroup());
+		
+		if (!*password || !**password)
+			*password = smb_xstrdup("");
+
+		DEBUG(3, ("IPC$ connections done by user %s\\%s\n", 
+			  *domain, *username));
+
+	} else {
+		DEBUG(3, ("IPC$ connections done anonymously\n"));
+		*username = smb_xstrdup("");
+		*domain = smb_xstrdup("");
+		*password = smb_xstrdup("");
+	}
+}
diff --git a/source4/lib/tdb/include/tdbutil.h b/source4/lib/tdb/include/tdbutil.h
index fb9e5cf48f..0d86ddc993 100644
--- a/source4/lib/tdb/include/tdbutil.h
+++ b/source4/lib/tdb/include/tdbutil.h
@@ -43,5 +43,7 @@ int tdb_traverse_delete_fn(TDB_CONTEXT *the_tdb, TDB_DATA key, TDB_DATA dbuf,
                      void *state);
 int tdb_store_bystring(TDB_CONTEXT *tdb, const char *keystr, TDB_DATA data, int flags);
 TDB_DATA tdb_fetch_bystring(TDB_CONTEXT *tdb, const char *keystr);
+int tdb_unpack(TDB_CONTEXT *tdb, char *buf, int bufsize, const char *fmt, ...);
+size_t tdb_pack(TDB_CONTEXT *tdb, char *buf, int bufsize, const char *fmt, ...);
 
 #endif /* __TDBUTIL_H__ */
diff --git a/source4/main.mk b/source4/main.mk
index 3054b05c06..47046825c1 100644
--- a/source4/main.mk
+++ b/source4/main.mk
@@ -9,6 +9,7 @@ include libnet/config.mk
 include auth/config.mk
 include nsswitch/config.mk
 include lib/basic.mk
+include lib/samba3/config.mk
 include lib/socket/config.mk
 include lib/charset/config.mk
 include lib/ldb/config.mk