diff options
Diffstat (limited to 'examples/pdb/mysql')
-rw-r--r-- | examples/pdb/mysql/ChangeLog | 41 | ||||
-rw-r--r-- | examples/pdb/mysql/Makefile.in | 33 | ||||
-rw-r--r-- | examples/pdb/mysql/README | 92 | ||||
-rw-r--r-- | examples/pdb/mysql/pdb_mysql.c | 983 |
4 files changed, 1149 insertions, 0 deletions
diff --git a/examples/pdb/mysql/ChangeLog b/examples/pdb/mysql/ChangeLog new file mode 100644 index 0000000000..5aeeb66268 --- /dev/null +++ b/examples/pdb/mysql/ChangeLog @@ -0,0 +1,41 @@ +** This file is now deprecated, use CVS' log featues ** + +2002-06-13 Jelmer Vernooij <jelmer@samba.org> + * Converted to using SID's like samba HEAD does now + * Fixed some FIXME's + +2002-05-28 Jelmer Vernooij <jelmer@samba.org> + * Updated docs, after some testing by Vance Lankhaar + +2002-05-25 Jelmer Vernooij <jelmer@samba.org> + * Added support for dynamic debug classes + * Fixed nt/lanman password support + * Released 1.2 + +2002-05-06 Jelmer Vernooij <jelmer@samba.org> + * Added support for multiple instances of pdb_mysql + * Added identifiers + * Updated documentation + * Released 1.1 + +2002-04-27 Jelmer Vernooij <jelmer@samba.org> + * Updated documentation + * Released 1.0! + +2002-04-27 Jelmer Vernooij <jelmer@samba.org> + * Added update/add sam account support + * Released 0.4 + +2002-04-13 Jelmer Vernooij <jelmer@samba.org> + * Support for multiple instances of pdb_mysql + * Released 0.3 + +2002-04-12 Jelmer Vernooij <jelmer@samba.org> + * Now using lp_parm_string to retrieve configuration values (instead of + our configuration files) + * Updated documentation + * Released 0.2 + +2002-04-10 Jelmer Vernooij <jelmer@samba.org> + * Released 0.1 + * Initial release. Not supporting adding and updating data of users diff --git a/examples/pdb/mysql/Makefile.in b/examples/pdb/mysql/Makefile.in new file mode 100644 index 0000000000..1da6ea789e --- /dev/null +++ b/examples/pdb/mysql/Makefile.in @@ -0,0 +1,33 @@ +PDB_OBJS = pdb_mysql.so +PDB_LDFLAGS = -lmysqlclient +MAKEFILE = Makefile.pdb + +include $(MAKEFILE) + +CC = @CC@ +LIBTOOL = libtool +CFLAGS = @CFLAGS@ $(PDB_CFLAGS) +CPPFLAGS = @CPPFLAGS@ $(PDB_CPPFLAGS) +LDFLAGS = @LDFLAGS@ $(PDB_LDFLAGS) +LDSHFLAGS = -shared +srcdir = @builddir@ +FLAGS = $(CFLAGS) -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I$(srcdir)/smbwrapper -I. $(CPPFLAGS) -I$(srcdir) + +# Default target + +default: $(PDB_OBJS) + +# Pattern rules + +%.so: %.lo + $(LIBTOOL) $(CC) $(LDSHFLAGS) $(LDFLAGS) -o $@ $< + +%.lo: %.c + $(LIBTOOL) $(CC) $(FLAGS) -c $< + +# Misc targets + +clean: + rm -rf .libs + rm -f core *~ *% *.bak \ + $(PDB_OBJS) $(PDB_OBJS:.so=.o) $(PDB_OBJS:.so=.lo) diff --git a/examples/pdb/mysql/README b/examples/pdb/mysql/README new file mode 100644 index 0000000000..e3cbcab8cf --- /dev/null +++ b/examples/pdb/mysql/README @@ -0,0 +1,92 @@ +PDB MySQL plugin for samba v1.1 +-- + +Building +========= +Before you can build the plugin, set the variable SAMBA_SRC in Makefile to the +path containing the samba sources. This is usually the 'source' directory in +the samba tarball or CVS. + +Next, type make, and then copy pdb_mysql.so to any location you want. I +strongly recommend installing it in $PREFIX/lib or /usr/lib/samba/ + +Configuring +============ +This plugin lacks some good documentation, but here is some short info: + +Add a the following to the 'passdb backend' variable in your smb.conf: + +passdb backend = [other-plugins] plugin:/location/to/pdb_mysql.so:identifier [other-plugins] + +The identifier can be any string you like, as long as it doesn't collide with +the identifiers of other plugins or other instances of pdb_mysql. If you +specify multiple pdb_mysql.so entries in 'passdb backend', you also need to +use different identifiers! + +Additional options can be given thru the smb.conf file in the [global] section. + +identifier:mysql host - host name, defaults to 'localhost' +identifier:mysql password +identifier:mysql user - defaults to 'samba' +identifier:mysql database - defaults to 'samba' +identifier:mysql port - defaults to 3306 +identifier:table - Name of the table containing users + +Names of the columns in this table(I've added column types those columns + should have first): +identifier:logon time column - int(9) +identifier:logoff time column - int(9) +identifier:kickoff time column - int(9) +identifier:pass last set time column - int(9) +identifier:pass can change time column - int(9) +identifier:pass must change time column - int(9) +identifier:username column - varchar(255) - unix username +identifier:domain column - varchar(255) - NT domain user is part of +identifier:nt username column - varchar(255) - NT username +identifier:fullname column - varchar(255) - Full name of user +identifier:home dir column - varchar(255) - Unix homedir path +identifier:dir drive column - varchar(2) - Directory drive path (eg: 'H:') +identifier:logon script column - varchar(255) - Batch file to run on client side when logging on +identifier:profile path column - varchar(255) - Path of profile +identifier:acct desc column - varchar(255) - Some ASCII NT user data +identifier:workstations column - varchar(255) - Workstations user can logon to (or NULL for all) +identifier:unknown string column - varchar(255) - unknown string +identifier:munged dial column - varchar(255) - ? +identifier:uid column - int(9) - Unix user ID (uid) +identifier:gid column - int(9) - Unix user group (gid) +identifier:user sid column - varchar(255) - NT user SID +identifier:group sid column - varchar(255) - NT group ID +identifier:lanman pass column - varchar(255) - encrypted lanman password +identifier:nt pass column - varchar(255) - encrypted nt passwd +identifier:plaintext pass column - varchar(255) - plaintext password +identifier:acct control column - int(9) - nt user data +identifier:unknown 3 column - int(9) - unknown +identifier:logon divs column - int(9) - ? +identifier:hours len column - int(9) - ? +identifier:unknown 5 column - int(9) - unknown +identifier:unknown 6 column - int(9) - unknown + +Eventually, you can put a colon (:) after the name of each column, which +should specify the column to update when updating the table. You can also +specify nothing behind the colon - then the data from the field will not be +updated. + +Using plaintext passwords or encrypted password +=============================================== +I strongly discourage the use of plaintext passwords, however, you can use them: + +If you would like to use plaintext passwords, set 'identifier:lanman pass column' and 'identifier:nt pass column' to 'NULL' (without the quotes) and 'identifier:plaintext pass column' to the name of the column containing the plaintext passwords. + +If you use encrypted passwords, set the 'identifier:plaintext pass column' to 'NULL' (without the quotes). This is the default. + +Getting non-column data from the table +====================================== +It is possible to have not all data in the database and making some 'constant'. + +For example, you can set 'identifier:fullname column' to : + CONCAT(First_name,' ',Sur_name) + +Or, set 'identifier:workstations column' to : + NULL + +See the MySQL documentation for more language constructs. diff --git a/examples/pdb/mysql/pdb_mysql.c b/examples/pdb/mysql/pdb_mysql.c new file mode 100644 index 0000000000..c7e9e781c3 --- /dev/null +++ b/examples/pdb/mysql/pdb_mysql.c @@ -0,0 +1,983 @@ + +/* + * MySQL password backend for samba + * Copyright (C) Jelmer Vernooij 2002 + * + * This program is free software; you can redistribute it and/or modify it under + * the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 675 + * Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "includes.h" +#include <mysql/mysql.h> + +#define CONFIG_TABLE_DEFAULT "user" +#define CONFIG_LOGON_TIME_DEFAULT "logon_time" +#define CONFIG_LOGOFF_TIME_DEFAULT "logoff_time" +#define CONFIG_KICKOFF_TIME_DEFAULT "kickoff_time" +#define CONFIG_PASS_LAST_SET_TIME_DEFAULT "pass_last_set_time" +#define CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT "pass_can_change_time" +#define CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT "pass_must_change_time" +#define CONFIG_USERNAME_DEFAULT "username" +#define CONFIG_DOMAIN_DEFAULT "domain" +#define CONFIG_NT_USERNAME_DEFAULT "nt_username" +#define CONFIG_FULLNAME_DEFAULT "nt_fullname" +#define CONFIG_HOME_DIR_DEFAULT "home_dir" +#define CONFIG_DIR_DRIVE_DEFAULT "dir_drive" +#define CONFIG_LOGON_SCRIPT_DEFAULT "logon_script" +#define CONFIG_PROFILE_PATH_DEFAULT "profile_path" +#define CONFIG_ACCT_DESC_DEFAULT "acct_desc" +#define CONFIG_WORKSTATIONS_DEFAULT "workstations" +#define CONFIG_UNKNOWN_STR_DEFAULT "unknown_str" +#define CONFIG_MUNGED_DIAL_DEFAULT "munged_dial" +#define CONFIG_UID_DEFAULT "uid" +#define CONFIG_GID_DEFAULT "gid" +#define CONFIG_USER_SID_DEFAULT "user_sid" +#define CONFIG_GROUP_SID_DEFAULT "group_sid" +#define CONFIG_LM_PW_DEFAULT "lm_pw" +#define CONFIG_NT_PW_DEFAULT "nt_pw" +#define CONFIG_PLAIN_PW_DEFAULT "NULL" +#define CONFIG_ACCT_CTRL_DEFAULT "acct_ctrl" +#define CONFIG_UNKNOWN_3_DEFAULT "unknown_3" +#define CONFIG_LOGON_DIVS_DEFAULT "logon_divs" +#define CONFIG_HOURS_LEN_DEFAULT "hours_len" +#define CONFIG_UNKNOWN_5_DEFAULT "unknown_5" +#define CONFIG_UNKNOWN_6_DEFAULT "unknown_6" +#define CONFIG_HOST_DEFAULT "localhost" +#define CONFIG_USER_DEFAULT "samba" +#define CONFIG_PASS_DEFAULT "" +#define CONFIG_PORT_DEFAULT "3306" +#define CONFIG_DB_DEFAULT "samba" + +static int mysqlsam_debug_level = DBGC_ALL; + +#undef DBGC_CLASS +#define DBGC_CLASS mysqlsam_debug_level + +PDB_MODULE_VERSIONING_MAGIC + +typedef struct pdb_mysql_data { + MYSQL *handle; + MYSQL_RES *pwent; + char *location; +} pdb_mysql_data; + +/* Used to construct insert and update queries */ + +typedef struct pdb_mysql_query { + char update; + TALLOC_CTX *mem_ctx; + char *part1; + char *part2; +} pdb_mysql_query; + +#define SET_DATA(data,methods) { \ + if(!methods){ \ + DEBUG(0, ("invalid methods!\n")); \ + return False; \ + } \ + data = (struct pdb_mysql_data *)methods->private_data; \ + if(!data || !(data->handle)){ \ + DEBUG(0, ("invalid handle!\n")); \ + return False; \ + } \ +} +void +pdb_mysql_int_field(struct pdb_methods *m, + struct pdb_mysql_query *q, char *name, int value) +{ + if (!name || strchr(name, '\'')) + return; /* This field shouldn't be set by us */ + + if (q->update) { + q->part1 = + talloc_asprintf_append(q->mem_ctx, q->part1, + "%s = %d,", name, value); + } else { + q->part1 = + talloc_asprintf_append(q->mem_ctx, q->part1, "%s,", name); + q->part2 = + talloc_asprintf_append(q->mem_ctx, q->part2, "%d,", value); + } +} + +static BOOL +pdb_mysql_string_field(struct pdb_methods *methods, + struct pdb_mysql_query *q, + char *name, const char *value) +{ + char *esc_value; + struct pdb_mysql_data *data; + + SET_DATA(data, methods); + + if (!name || !value || !strcmp(value, "") || strchr(name, '\'')) + return False; /* This field shouldn't be set by module */ + + esc_value = malloc(strlen(value) * 2 + 1); + mysql_real_escape_string(data->handle, esc_value, (char *) value, + strlen(value)); + + if (q->update) { + q->part1 = + talloc_asprintf_append(q->mem_ctx, q->part1, + "%s = '%s',", name, esc_value); + } else { + q->part1 = + talloc_asprintf_append(q->mem_ctx, q->part1, "%s,", name); + q->part2 = + talloc_asprintf_append(q->mem_ctx, q->part2, "'%s',", + esc_value); + } + + SAFE_FREE(esc_value); + + return True; +} + +static char * +config_value(pdb_mysql_data * data, char *name, char *default_value) +{ + if (lp_parm_string(NULL, data->location, name)) + return lp_parm_string(NULL, data->location, name); + + return default_value; +} + +static char * +config_value_write(pdb_mysql_data * data, char *name, char *default_value) +{ + char *v = config_value(data, name, NULL); + char *write; + + if (!v) + return default_value; + + write = strchr(v, ':'); + + /* Default to the same field as read field */ + if (!write) + return v; + + write++; + + /* If the field is 0 chars long, we shouldn't write to it */ + if (!strlen(write) || !strcmp(write, "NULL")) + return NULL; + + /* Otherwise, use the additionally specified */ + return write; +} + +static const char * +config_value_read(pdb_mysql_data * data, char *name, char *default_value) +{ + char *v = config_value(data, name, NULL); + char *write; + + if (!v) + return default_value; + + write = strchr(v, ':'); + + /* If no write is specified, there are no problems */ + if (!write) { + if (strlen(v) == 0) + return "NULL"; + return v; + } + + /* Otherwise, we have to cut the ':write_part' */ + *write = '\0'; + if (strlen(v) == 0) + return "NULL"; + + return v; +} + +/* Wrapper for atol that returns 0 if 'a' points to NULL */ +static long +xatol(char *a) +{ + long ret = 0; + + if (a != NULL) + ret = atol(a); + + return ret; +} + +static BOOL +row_to_sam_account(MYSQL_RES * r, SAM_ACCOUNT * u) +{ + MYSQL_ROW row; + pstring temp; + unsigned int num_fields; + unsigned long *lengths; + DOM_SID sid; + + num_fields = mysql_num_fields(r); + row = mysql_fetch_row(r); + if (!row) + return False; + + pdb_set_logon_time(u, xatol(row[0]), FALSE); + pdb_set_logoff_time(u, xatol(row[1]), FALSE); + pdb_set_kickoff_time(u, xatol(row[2]), FALSE); + pdb_set_pass_last_set_time(u, xatol(row[3])); + pdb_set_pass_can_change_time(u, xatol(row[4]), FALSE); + pdb_set_pass_must_change_time(u, xatol(row[5]), FALSE); + pdb_set_username(u, row[6]); + pdb_set_domain(u, row[7]); + pdb_set_nt_username(u, row[8]); + pdb_set_fullname(u, row[9]); + pdb_set_homedir(u, row[10], True); + pdb_set_dir_drive(u, row[11], True); + pdb_set_logon_script(u, row[12], True); + pdb_set_profile_path(u, row[13], True); + pdb_set_acct_desc(u, row[14]); + pdb_set_workstations(u, row[15]); + pdb_set_unknown_str(u, row[16]); + pdb_set_munged_dial(u, row[17]); + + if (row[18]) + pdb_set_uid(u, xatol(row[18])); + if (row[19]) + pdb_set_gid(u, xatol(row[19])); + + string_to_sid(&sid, row[20]); + pdb_set_user_sid(u, &sid); + string_to_sid(&sid, row[21]); + pdb_set_group_sid(u, &sid); + + if (pdb_gethexpwd(row[22], temp)) + pdb_set_lanman_passwd(u, temp); + if (pdb_gethexpwd(row[23], temp)) + pdb_set_nt_passwd(u, temp); + + /* Only use plaintext password storage when lanman and nt are + * NOT used */ + if (!row[22] || !row[23]) + pdb_set_plaintext_passwd(u, row[24]); + + pdb_set_acct_ctrl(u, xatol(row[25])); + pdb_set_unknown_3(u, xatol(row[26])); + pdb_set_logon_divs(u, xatol(row[27])); + pdb_set_hours_len(u, xatol(row[28])); + pdb_set_unknown_5(u, xatol(row[29])); + pdb_set_unknown_6(u, xatol(row[30])); + + return True; +} + +static BOOL +mysqlsam_setsampwent(struct pdb_methods *methods, BOOL update) +{ + struct pdb_mysql_data *data = + (struct pdb_mysql_data *) methods->private_data; + char *query; + int ret; + + if (!data || !(data->handle)) { + DEBUG(0, ("invalid handle!\n")); + return False; + } + + asprintf(&query, + "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s", + config_value_read(data, "logon time column", + CONFIG_LOGON_TIME_DEFAULT), + config_value_read(data, "logoff time column", + CONFIG_LOGOFF_TIME_DEFAULT), + config_value_read(data, "kickoff time column", + CONFIG_KICKOFF_TIME_DEFAULT), + config_value_read(data, "pass last set time column", + CONFIG_PASS_LAST_SET_TIME_DEFAULT), + config_value_read(data, "pass can change time column", + CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT), + config_value_read(data, "pass must change time column", + CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT), + config_value_read(data, "username column", + CONFIG_USERNAME_DEFAULT), + config_value_read(data, "domain column", + CONFIG_DOMAIN_DEFAULT), + config_value_read(data, "nt username column", + CONFIG_NT_USERNAME_DEFAULT), + config_value_read(data, "fullname column", + CONFIG_FULLNAME_DEFAULT), + config_value_read(data, "home dir column", + CONFIG_HOME_DIR_DEFAULT), + config_value_read(data, "dir drive column", + CONFIG_DIR_DRIVE_DEFAULT), + config_value_read(data, "logon script column", + CONFIG_LOGON_SCRIPT_DEFAULT), + config_value_read(data, "profile path column", + CONFIG_PROFILE_PATH_DEFAULT), + config_value_read(data, "acct desc column", + CONFIG_ACCT_DESC_DEFAULT), + config_value_read(data, "workstations column", + CONFIG_WORKSTATIONS_DEFAULT), + config_value_read(data, "unknown string column", + CONFIG_UNKNOWN_STR_DEFAULT), + config_value_read(data, "munged dial column", + CONFIG_MUNGED_DIAL_DEFAULT), + config_value_read(data, "uid column", CONFIG_UID_DEFAULT), + config_value_read(data, "gid column", CONFIG_GID_DEFAULT), + config_value_read(data, "user sid column", + CONFIG_USER_SID_DEFAULT), + config_value_read(data, "group sid column", + CONFIG_GROUP_SID_DEFAULT), + config_value_read(data, "lanman pass column", + CONFIG_LM_PW_DEFAULT), + config_value_read(data, "nt pass column", + CONFIG_NT_PW_DEFAULT), + config_value_read(data, "plain pass column", + CONFIG_PLAIN_PW_DEFAULT), + config_value_read(data, "acct ctrl column", + CONFIG_ACCT_CTRL_DEFAULT), + config_value_read(data, "unknown 3 column", + CONFIG_UNKNOWN_3_DEFAULT), + config_value_read(data, "logon divs column", + CONFIG_LOGON_DIVS_DEFAULT), + config_value_read(data, "hours len column", + CONFIG_HOURS_LEN_DEFAULT), + config_value_read(data, "unknown 5 column", + CONFIG_UNKNOWN_5_DEFAULT), + config_value_read(data, "unknown 6 column", + CONFIG_UNKNOWN_6_DEFAULT), + config_value(data, "table", CONFIG_TABLE_DEFAULT) + ); + + ret = mysql_query(data->handle, query); + SAFE_FREE(query); + + if (ret) { + DEBUG(0, + ("Error executing query: %s\n", mysql_error(data->handle))); + return False; + } + + data->pwent = mysql_store_result(data->handle); + + if (data->pwent == NULL) { + DEBUG(0, + ("Error storing results: %s\n", mysql_error(data->handle))); + return False; + } + + DEBUG(5, + ("mysqlsam_setsampwent succeeded(%d results)!\n", + mysql_num_fields(data->pwent))); + + return True; +} + +/*************************************************************** + End enumeration of the passwd list. + ****************************************************************/ + +static void +mysqlsam_endsampwent(struct pdb_methods *methods) +{ + struct pdb_mysql_data *data = + (struct pdb_mysql_data *) methods->private_data; + + if (data == NULL) { + DEBUG(0, ("invalid handle!\n")); + return; + } + + if (data->pwent != NULL) + mysql_free_result(data->pwent); + + data->pwent = NULL; + + DEBUG(5, ("mysql_endsampwent called\n")); +} + +/***************************************************************** + Get one SAM_ACCOUNT from the list (next in line) + *****************************************************************/ + +static BOOL +mysqlsam_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT * user) +{ + struct pdb_mysql_data *data; + + SET_DATA(data, methods); + + if (data->pwent == NULL) { + DEBUG(0, ("invalid pwent\n")); + return False; + } + + return row_to_sam_account(data->pwent, user); +} + +BOOL +mysqlsam_select_by_field(struct pdb_methods * methods, SAM_ACCOUNT * user, + const char *field, const char *sname) +{ + char *esc_sname; + char *query; + int ret; + MYSQL_RES *res; + struct pdb_mysql_data *data; + + SET_DATA(data, methods); + + esc_sname = malloc(strlen(sname) * 2 + 1); + if (!esc_sname) { + DEBUG(0, ("Not enough memory available!\n")); + return False; + } + + DEBUG(5, + ("mysqlsam_select_by_field: getting data where %s = %s(nonescaped)\n", + field, sname)); + + /* Escape sname */ + mysql_real_escape_string(data->handle, esc_sname, (char *) sname, + strlen(sname)); + + if (user == NULL) { + DEBUG(0, ("pdb_getsampwnam: SAM_ACCOUNT is NULL.\n")); + SAFE_FREE(esc_sname); + return False; + } + + asprintf(&query, + "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s WHERE %s = '%s'", + config_value_read(data, "logon time column", + CONFIG_LOGON_TIME_DEFAULT), + config_value_read(data, "logoff time column", + CONFIG_LOGOFF_TIME_DEFAULT), + config_value_read(data, "kickoff time column", + CONFIG_KICKOFF_TIME_DEFAULT), + config_value_read(data, "pass last set time column", + CONFIG_PASS_LAST_SET_TIME_DEFAULT), + config_value_read(data, "pass can change time column", + CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT), + config_value_read(data, "pass must change time column", + CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT), + config_value_read(data, "username column", + CONFIG_USERNAME_DEFAULT), + config_value_read(data, "domain column", + CONFIG_DOMAIN_DEFAULT), + config_value_read(data, "nt username column", + CONFIG_NT_USERNAME_DEFAULT), + config_value_read(data, "fullname column", + CONFIG_FULLNAME_DEFAULT), + config_value_read(data, "home dir column", + CONFIG_HOME_DIR_DEFAULT), + config_value_read(data, "dir drive column", + CONFIG_DIR_DRIVE_DEFAULT), + config_value_read(data, "logon script column", + CONFIG_LOGON_SCRIPT_DEFAULT), + config_value_read(data, "profile path column", + CONFIG_PROFILE_PATH_DEFAULT), + config_value_read(data, "acct desc column", + CONFIG_ACCT_DESC_DEFAULT), + config_value_read(data, "workstations column", + CONFIG_WORKSTATIONS_DEFAULT), + config_value_read(data, "unknown string column", + CONFIG_UNKNOWN_STR_DEFAULT), + config_value_read(data, "munged dial column", + CONFIG_MUNGED_DIAL_DEFAULT), + config_value_read(data, "uid column", CONFIG_UID_DEFAULT), + config_value_read(data, "gid column", CONFIG_GID_DEFAULT), + config_value_read(data, "user sid column", + CONFIG_USER_SID_DEFAULT), + config_value_read(data, "group sid column", + CONFIG_GROUP_SID_DEFAULT), + config_value_read(data, "lanman pass column", + CONFIG_LM_PW_DEFAULT), + config_value_read(data, "nt pass column", + CONFIG_NT_PW_DEFAULT), + config_value_read(data, "plain pass column", + CONFIG_PLAIN_PW_DEFAULT), + config_value_read(data, "acct ctrl column", + CONFIG_ACCT_CTRL_DEFAULT), + config_value_read(data, "unknown 3 column", + CONFIG_UNKNOWN_3_DEFAULT), + config_value_read(data, "logon divs column", + CONFIG_LOGON_DIVS_DEFAULT), + config_value_read(data, "hours len column", + CONFIG_HOURS_LEN_DEFAULT), + config_value_read(data, "unknown 5 column", + CONFIG_UNKNOWN_5_DEFAULT), + config_value_read(data, "unknown 6 column", + CONFIG_UNKNOWN_6_DEFAULT), + config_value(data, "table", CONFIG_TABLE_DEFAULT), field, + esc_sname); + + SAFE_FREE(esc_sname); + + ret = mysql_query(data->handle, query); + + SAFE_FREE(query); + + if (ret) { + DEBUG(0, + ("Error while executing MySQL query: %s\n", + mysql_error(data->handle))); + return False; + } + + res = mysql_store_result(data->handle); + if (res == NULL) { + DEBUG(0, + ("Error storing results: %s\n", mysql_error(data->handle))); + return False; + } + + ret = row_to_sam_account(res, user); + mysql_free_result(res); + + return ret; +} + +/****************************************************************** + Lookup a name in the SAM database + ******************************************************************/ + +static BOOL +mysqlsam_getsampwnam(struct pdb_methods *methods, SAM_ACCOUNT * user, + const char *sname) +{ + struct pdb_mysql_data *data; + + SET_DATA(data, methods); + + if (!sname) { + DEBUG(0, ("invalid name specified")); + return False; + } + return mysqlsam_select_by_field(methods, user, + config_value_read(data, "username column", + CONFIG_USERNAME_DEFAULT), sname); +} + + +/*************************************************************************** + Search by sid + **************************************************************************/ + +static BOOL +mysqlsam_getsampwsid(struct pdb_methods *methods, SAM_ACCOUNT * user, + const DOM_SID * sid) +{ + BOOL ret = False; + struct pdb_mysql_data *data; + fstring sid_str; + + SET_DATA(data, methods); + + sid_to_string(sid_str, sid); + + ret = + mysqlsam_select_by_field(methods, user, + config_value_read(data, "user sid column", + CONFIG_USER_SID_DEFAULT), sid_str); + + return ret; +} + +/*************************************************************************** + Delete a SAM_ACCOUNT + ****************************************************************************/ + +static BOOL +mysqlsam_delete_sam_account(struct pdb_methods *methods, + SAM_ACCOUNT * sam_pass) +{ + const char *sname = pdb_get_username(sam_pass); + char *esc; + char *query; + int ret; + struct pdb_mysql_data *data; + + SET_DATA(data, methods); + + if (!methods) { + DEBUG(0, ("invalid methods!\n")); + return False; + } + + data = (struct pdb_mysql_data *) methods->private_data; + if (!data || !(data->handle)) { + DEBUG(0, ("invalid handle!\n")); + return False; + } + + if (!sname) { + DEBUG(0, ("invalid name specified\n")); + return False; + } + + /* Escape sname */ + esc = malloc(strlen(sname) * 2 + 1); + if (!esc) { + DEBUG(0, ("Can't allocate memory to store escaped name\n")); + return False; + } + mysql_real_escape_string(data->handle, esc, (char *) sname, + strlen(sname)); + + asprintf(&query, "DELETE FROM %s WHERE %s = '%s'", + config_value(data, "table", CONFIG_TABLE_DEFAULT), + config_value_read(data, "username column", + CONFIG_USERNAME_DEFAULT), esc); + + SAFE_FREE(esc); + + ret = mysql_query(data->handle, query); + + SAFE_FREE(query); + + if (ret) { + DEBUG(0, + ("Error while executing query: %s\n", + mysql_error(data->handle))); + return False; + } + + DEBUG(5, ("User '%s' deleted\n", sname)); + return True; +} + +static BOOL +mysqlsam_replace_sam_account(struct pdb_methods *methods, + const SAM_ACCOUNT * newpwd, char isupdate) +{ + pstring temp; + uint32 store = pdb_get_init_flag(newpwd); + struct pdb_mysql_data *data; + pdb_mysql_query query; + fstring sid_str; + + if (!methods) { + DEBUG(0, ("invalid methods!\n")); + return False; + } + + data = (struct pdb_mysql_data *) methods->private_data; + if (data == NULL || data->handle == NULL) { + DEBUG(0, ("invalid handle!\n")); + return False; + } + query.update = isupdate; + + /* I know this is somewhat overkill but only the talloc + * functions have asprint_append and the 'normal' asprintf + * is a GNU extension */ + query.mem_ctx = talloc_init(); + query.part2 = talloc_asprintf(query.mem_ctx, "%s", ""); + if (query.update) { + query.part1 = + talloc_asprintf(query.mem_ctx, "UPDATE %s SET ", + config_value(data, "table", + CONFIG_TABLE_DEFAULT)); + } else { + query.part1 = + talloc_asprintf(query.mem_ctx, "INSERT INTO %s (", + config_value(data, "table", + CONFIG_TABLE_DEFAULT)); + } + + pdb_mysql_int_field(methods, &query, + config_value_write(data, "acct ctrl column", + CONFIG_ACCT_CTRL_DEFAULT), + pdb_get_acct_ctrl(newpwd)); + + if (store & FLAG_SAM_LOGONTIME) { + pdb_mysql_int_field(methods, &query, + config_value_write(data, + "logon time column", + CONFIG_LOGON_TIME_DEFAULT), + pdb_get_logon_time(newpwd)); + } + + if (store & FLAG_SAM_LOGOFFTIME) { + pdb_mysql_int_field(methods, &query, + config_value_write(data, + "logoff time column", + CONFIG_LOGOFF_TIME_DEFAULT), + pdb_get_logoff_time(newpwd)); + } + + if (store & FLAG_SAM_KICKOFFTIME) { + pdb_mysql_int_field(methods, &query, + config_value_write(data, + "kickoff time column", + CONFIG_KICKOFF_TIME_DEFAULT), + pdb_get_kickoff_time(newpwd)); + } + + if (store & FLAG_SAM_CANCHANGETIME) { + pdb_mysql_int_field(methods, &query, + config_value_write(data, + "pass can change time column", + CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT), + pdb_get_pass_can_change_time(newpwd)); + } + + if (store & FLAG_SAM_MUSTCHANGETIME) { + pdb_mysql_int_field(methods, &query, + config_value_write(data, + "pass must change time column", + CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT), + pdb_get_pass_must_change_time(newpwd)); + } + + if (pdb_get_pass_last_set_time(newpwd)) { + pdb_mysql_int_field(methods, &query, + config_value_write(data, + "pass must change time column", + CONFIG_PASS_LAST_SET_TIME_DEFAULT), + pdb_get_pass_last_set_time(newpwd)); + } + + if (pdb_get_hours_len(newpwd)) { + pdb_mysql_int_field(methods, &query, + config_value_write(data, + "hours len column", + CONFIG_HOURS_LEN_DEFAULT), + pdb_get_hours_len(newpwd)); + } + + if (pdb_get_logon_divs(newpwd)) { + pdb_mysql_int_field(methods, &query, + config_value_write(data, + "logon divs column", + CONFIG_LOGON_DIVS_DEFAULT), + pdb_get_logon_divs(newpwd)); + } + + if (store & FLAG_SAM_UID) { + pdb_mysql_int_field(methods, &query, + config_value_write(data, "uid column", + CONFIG_UID_DEFAULT), + pdb_get_uid(newpwd)); + } + + if (store & FLAG_SAM_GID) { + pdb_mysql_int_field(methods, &query, + config_value_write(data, "gid column", + CONFIG_GID_DEFAULT), + pdb_get_gid(newpwd)); + } + + pdb_mysql_string_field(methods, &query, + config_value_write(data, "user sid column", + CONFIG_USER_SID_DEFAULT), + sid_to_string(sid_str, (DOM_SID *) + pdb_get_user_sid(newpwd))); + + pdb_mysql_string_field(methods, &query, + config_value_write(data, "group sid column", + CONFIG_GROUP_SID_DEFAULT), + sid_to_string(sid_str, (DOM_SID *) + pdb_get_group_sid(newpwd))); + + pdb_mysql_string_field(methods, &query, + config_value_write(data, "username column", + CONFIG_USERNAME_DEFAULT), + pdb_get_username(newpwd)); + + pdb_mysql_string_field(methods, &query, + config_value_write(data, "domain column", + CONFIG_DOMAIN_DEFAULT), + pdb_get_domain(newpwd)); + + pdb_mysql_string_field(methods, &query, + config_value_write(data, + "nt username column", + CONFIG_NT_USERNAME_DEFAULT), + pdb_get_nt_username(newpwd)); + + pdb_mysql_string_field(methods, &query, + config_value_write(data, "fullname column", + CONFIG_FULLNAME_DEFAULT), + pdb_get_fullname(newpwd)); + + pdb_mysql_string_field(methods, &query, + config_value_write(data, + "logon script column", + CONFIG_LOGON_SCRIPT_DEFAULT), + pdb_get_logon_script(newpwd)); + + pdb_mysql_string_field(methods, &query, + config_value_write(data, + "profile path column", + CONFIG_PROFILE_PATH_DEFAULT), + pdb_get_profile_path(newpwd)); + + pdb_mysql_string_field(methods, &query, + config_value_write(data, "dir drive column", + CONFIG_DIR_DRIVE_DEFAULT), + pdb_get_dir_drive(newpwd)); + + pdb_mysql_string_field(methods, &query, + config_value_write(data, "home dir column", + CONFIG_HOME_DIR_DEFAULT), + pdb_get_homedir(newpwd)); + + pdb_mysql_string_field(methods, &query, + config_value_write(data, + "workstations column", + CONFIG_WORKSTATIONS_DEFAULT), + pdb_get_workstations(newpwd)); + + pdb_mysql_string_field(methods, &query, + config_value_write(data, + "unknown string column", + CONFIG_UNKNOWN_STR_DEFAULT), + pdb_get_workstations(newpwd)); + + pdb_sethexpwd(temp, pdb_get_lanman_passwd(newpwd), + pdb_get_acct_ctrl(newpwd)); + pdb_mysql_string_field(methods, &query, + config_value_write(data, + "lanman pass column", + CONFIG_LM_PW_DEFAULT), temp); + + pdb_sethexpwd(temp, pdb_get_nt_passwd(newpwd), + pdb_get_acct_ctrl(newpwd)); + pdb_mysql_string_field(methods, &query, + config_value_write(data, "nt pass column", + CONFIG_NT_PW_DEFAULT), temp); + + if (query.update) { + query.part1[strlen(query.part1) - 1] = '\0'; + query.part1 = + talloc_asprintf_append(query.mem_ctx, query.part1, + " WHERE %s = '%s'", + config_value_read(data, + "user sid column", + CONFIG_USER_SID_DEFAULT), + sid_to_string(sid_str, (DOM_SID *) + pdb_get_user_sid + (newpwd))); + } else { + query.part2[strlen(query.part2) - 1] = ')'; + query.part1[strlen(query.part1) - 1] = ')'; + query.part1 = + talloc_asprintf_append(query.mem_ctx, query.part1, + " VALUES (%s", query.part2); + } + + DEBUG(0, ("%s\n", query.part1)); + /* Execute the query */ + if (mysql_query(data->handle, query.part1)) { + DEBUG(0, + ("Error executing %s, %s\n", query.part1, + mysql_error(data->handle))); + return False; + } + talloc_destroy(query.mem_ctx); + return True; +} + +static BOOL +mysqlsam_add_sam_account(struct pdb_methods *methods, SAM_ACCOUNT * newpwd) +{ + return mysqlsam_replace_sam_account(methods, newpwd, 0); +} + +static BOOL +mysqlsam_update_sam_account(struct pdb_methods *methods, + SAM_ACCOUNT * newpwd) +{ + return mysqlsam_replace_sam_account(methods, newpwd, 1); +} + +NTSTATUS +pdb_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method, + char *location) +{ + NTSTATUS nt_status; + struct pdb_mysql_data *data; + + mysqlsam_debug_level = debug_add_class("mysqlsam"); + if (mysqlsam_debug_level == -1) { + mysqlsam_debug_level = DBGC_ALL; + DEBUG(0, + ("mysqlsam: Couldn't register custom debugging class!\n")); + } + + if (!pdb_context) { + DEBUG(0, ("invalid pdb_methods specified\n")); + return NT_STATUS_UNSUCCESSFUL; + } + + if (!NT_STATUS_IS_OK + (nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) { + return nt_status; + } + + (*pdb_method)->name = "mysqlsam"; + + (*pdb_method)->setsampwent = mysqlsam_setsampwent; + (*pdb_method)->endsampwent = mysqlsam_endsampwent; + (*pdb_method)->getsampwent = mysqlsam_getsampwent; + (*pdb_method)->getsampwnam = mysqlsam_getsampwnam; + (*pdb_method)->getsampwsid = mysqlsam_getsampwsid; + (*pdb_method)->add_sam_account = mysqlsam_add_sam_account; + (*pdb_method)->update_sam_account = mysqlsam_update_sam_account; + (*pdb_method)->delete_sam_account = mysqlsam_delete_sam_account; + + data = talloc(pdb_context->mem_ctx, sizeof(struct pdb_mysql_data)); + (*pdb_method)->private_data = data; + data->handle = NULL; + data->pwent = NULL; + + if (!location) { + DEBUG(0, ("No identifier specified. See README for details\n")); + return NT_STATUS_INVALID_PARAMETER; + } + + data->location = smb_xstrdup(location); + + DEBUG(1, + ("Connecting to database server, host: %s, user: %s, password: %s, database: %s, port: %d\n", + config_value(data, "mysql host", CONFIG_HOST_DEFAULT), + config_value(data, "mysql user", CONFIG_USER_DEFAULT), + config_value(data, "mysql password", CONFIG_PASS_DEFAULT), + config_value(data, "mysql database", CONFIG_DB_DEFAULT), + xatol(config_value(data, "mysql port", CONFIG_PORT_DEFAULT)))); + + /* Do the mysql initialization */ + data->handle = mysql_init(NULL); + if (!data->handle) { + DEBUG(0, ("Failed to connect to server\n")); + return NT_STATUS_UNSUCCESSFUL; + } + /* Process correct entry in $HOME/.my.conf */ + if (!mysql_real_connect(data->handle, + config_value(data, "mysql host", CONFIG_HOST_DEFAULT), + config_value(data, "mysql user", CONFIG_USER_DEFAULT), + config_value(data, "mysql password", CONFIG_PASS_DEFAULT), + config_value(data, "mysql database", CONFIG_DB_DEFAULT), + xatol(config_value (data, "mysql port", CONFIG_PORT_DEFAULT)), + NULL, 0)) { + DEBUG(0, + ("Failed to connect to mysql database: error: %s\n", + mysql_error(data->handle))); + return NT_STATUS_UNSUCCESSFUL; + } + + DEBUG(5, ("Connected to mysql db\n")); + + return NT_STATUS_OK; +} |