r9762: Add support for reading good old smbpasswd files

Fix password support
Make base64 decode/encode functions available to EJS
(This used to be commit 1376a1fe44cd6b01709819095a711c14626b1d3e)

3 files changed, 99 insertions, 25 deletions

diff --git a/source4/scripting/ejs/smbcalls_ldb.c b/source4/scripting/ejs/smbcalls_ldb.c
index aaed14dd8c..662da0d971 100644
--- a/source4/scripting/ejs/smbcalls_ldb.c
+++ b/source4/scripting/ejs/smbcalls_ldb.c
@@ -4,6 +4,7 @@
    provide hooks into smbd C calls from ejs scripts
 
    Copyright (C) Andrew Tridgell 2005
+   Copyright (C) Jelmer Vernooij 2005
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -247,6 +248,64 @@ static int ejs_ldbErrstring(MprVarHandle eid, int argc, struct MprVar **argv)
 	return 0;
 }
 
+/* 
+   base64 encode 
+   usage: 
+    dataout = ldb.encode(datain)
+ */
+static int ejs_base64encode(MprVarHandle eid, int argc, struct MprVar **argv)
+{
+	char *ret;
+	DATA_BLOB *blob;
+
+	if (argc != 1) {
+		ejsSetErrorMsg(eid, "ldb.base64encode invalid argument count");
+		return -1;
+	}
+
+	blob = mprToDataBlob(argv[0]);
+	ret = ldb_base64_encode(mprMemCtx(), (char *)blob->data, blob->length);
+
+	if (!ret) {
+		mpr_Return(eid, mprCreateUndefinedVar());
+	} else {
+		mpr_Return(eid, mprString(ret));
+	}
+
+	talloc_free(ret);
+
+	return 0;
+}
+
+/* 
+   base64 decode
+   usage:
+     dataout = ldb.decode(datain)
+ */
+static int ejs_base64decode(MprVarHandle eid, int argc, struct MprVar **argv)
+{
+	char *tmp;
+	int ret;
+	
+	if (argc != 1) {
+		ejsSetErrorMsg(eid, "ldb.base64encode invalid argument count");
+		return -1;
+	}
+
+	tmp = talloc_strdup(mprMemCtx(), mprToString(argv[0]));
+	ret = ldb_base64_decode(tmp);
+	if (ret == -1) {
+		mpr_Return(eid, mprCreateUndefinedVar());
+	} else {
+		mpr_Return(eid, mprData((uint8_t *)tmp, ret));
+	}
+
+	talloc_free(tmp);
+
+	return 0;
+}
+  
+
 /*
   perform an ldb modify
 
@@ -312,6 +371,8 @@ static int ejs_ldb_init(MprVarHandle eid, int argc, struct MprVar **argv)
 	mprSetCFunction(ldb, "del", ejs_ldbDelete);
 	mprSetCFunction(ldb, "rename", ejs_ldbRename);
 	mprSetCFunction(ldb, "errstring", ejs_ldbErrstring);
+	mprSetCFunction(ldb, "encode", ejs_base64encode);
+	mprSetCFunction(ldb, "decode", ejs_base64decode);
 	mprSetVar(ldb, "SCOPE_BASE", mprCreateNumberVar(LDB_SCOPE_BASE));
 	mprSetVar(ldb, "SCOPE_ONE", mprCreateNumberVar(LDB_SCOPE_ONELEVEL));
 	mprSetVar(ldb, "SCOPE_SUBTREE", mprCreateNumberVar(LDB_SCOPE_SUBTREE));
diff --git a/source4/scripting/ejs/smbcalls_samba3.c b/source4/scripting/ejs/smbcalls_samba3.c
index e6f6481060..eb37168bc8 100644
--- a/source4/scripting/ejs/smbcalls_samba3.c
+++ b/source4/scripting/ejs/smbcalls_samba3.c
@@ -343,8 +343,8 @@ static struct MprVar mprSamAccounts(struct samba3 *samba3)
 		mprSetVar(&m, "profile_path", mprString(a->profile_path));
 		mprSetVar(&m, "acct_desc", mprString(a->acct_desc));
 		mprSetVar(&m, "workstations", mprString(a->workstations));
-
-		/* FIXME: lm_pw_ptr, nt_pw_ptr */
+		mprSetVar(&m, "lm_pw", mprData(a->lm_pw.hash, 16));
+		mprSetVar(&m, "nt_pw", mprData(a->nt_pw.hash, 16));
 
 		mprAddArray(&mpv, i, m);
 	}
diff --git a/source4/scripting/libjs/upgrade.js b/source4/scripting/libjs/upgrade.js
index 682721e931..dbf1c0f2c3 100644
--- a/source4/scripting/libjs/upgrade.js
+++ b/source4/scripting/libjs/upgrade.js
@@ -101,6 +101,7 @@ samba3RefuseMachinePwdChange: %d
 
 function upgrade_sam_account(acc,domaindn)
 {
+	var ldb = ldb_init();
 	var ldif = sprintf(
 "dn: cn=%s,%s
 objectClass: top
@@ -115,6 +116,8 @@ description: %s
 primaryGroupID: %d
 badPwdcount: %d
 logonCount: %d
+ntPwdHash:: %s
+lmPwdHash:: %s
 samba3Domain: %s
 samba3DirDrive: %s
 samba3MungedDial: %s
@@ -133,9 +136,8 @@ samba3Rid: %d
 acc.fullname, acc.acct_desc, acc.group_rid, acc.bad_password_count, acc.logon_count,
 acc.domain, acc.dir_drive, acc.munged_dial, acc.homedir, acc.logon_script, 
 acc.profile_path, acc.workstations, acc.kickoff_time, acc.bad_password_time, 
-acc.pass_last_set_time, acc.pass_can_change_time, acc.pass_must_change_time, acc.user_rid); 
-
-		/* FIXME: Passwords */
+acc.pass_last_set_time, acc.pass_can_change_time, acc.pass_must_change_time, acc.user_rid,
+	ldb.encode(acc.lm_pw), ldb.encode(acc.nt_pw)); 
 
 	return ldif;
 }
@@ -295,9 +297,6 @@ var keep = new Array(
 	"obey pam restrictions",
 	"password server",
 	"smb passwd file",
-	"sam database",
-	"spoolss database",
-	"wins database",
 	"private dir",
 	"passwd chat",
 	"password level",
@@ -313,17 +312,6 @@ var keep = new Array(
 	"debuglevel",
 	"log file",
 	"smb ports",
-	"nbt port",
-	"dgram port",
-	"cldap port",
-	"krb5 port",
-	"web port",
-	"tls enabled",
-	"tls keyfile",
-	"tls certfile",
-	"tls cafile",
-	"tls crlfile",
-	"swat directory",
 	"large readwrite",
 	"max protocol",
 	"min protocol",
@@ -344,12 +332,10 @@ var keep = new Array(
 	"use spnego",
 	"server signing",
 	"client signing",
-	"rpc big endian",
 	"max connections",
 	"paranoid server security",
 	"socket options",
 	"strict sync",
-	"case insensitive filesystem",
 	"max print jobs",
 	"printable",
 	"print ok",
@@ -375,10 +361,7 @@ var keep = new Array(
 	"lock dir",
 	"lock directory",
 	"pid directory",
-	"js include",
-	"setup directory",
 	"socket address",
-	"-valid",
 	"copy",
 	"include",
 	"available",
@@ -394,6 +377,23 @@ function upgrade_smbconf(samba3)
 	//FIXME
 }
 
+function save_smbconf(path,smbconf)
+{
+	var data = "
+# Generated by upgrade.js";
+
+	for (var i in smbconf.shares) {
+		var s = smbconf.shares[i];
+		data = data + "\n[" + s.name + "]\n";
+		for (var j in s.parameters) {
+			var p = s.parameters[j];
+			data = data + "\t" + p.name + " = " + p + "\n";
+		}
+	}
+	
+	sys.file_save(path,data);
+}
+
 function upgrade(subobj, samba3, message)
 {
 	var samdb = ldb_init();
@@ -405,7 +405,20 @@ function upgrade(subobj, samba3, message)
 	ok = samdb.modify(ldif);
 	assert(ok);
 
-	// FIXME: Enable samba3sam module if original passdb backend was ldap
+	var ldapurl = undefined;
+
+	// FIXME: figure out ldapurl
+
+	// Enable samba3sam module if original passdb backend was ldap
+	if (ldapurl != undefined) {
+		var ldif = sprintf("
+dn: @MAP=samba3sam
+@MAP_URL: %s", ldapurl);
+		samdb.add(ldif);
+
+		samdb.modify("dn: @MODULES
+@LIST: samldb,timestamps,objectguid,rdn_name");
+	}
 
 	message("Importing users\n");
 	for (var i in samba3.samaccounts) {