summaryrefslogtreecommitdiff
path: root/examples/pdb
diff options
context:
space:
mode:
Diffstat (limited to 'examples/pdb')
-rw-r--r--examples/pdb/mysql/ChangeLog41
-rw-r--r--examples/pdb/mysql/Makefile.in33
-rw-r--r--examples/pdb/mysql/README92
-rw-r--r--examples/pdb/mysql/pdb_mysql.c983
-rw-r--r--examples/pdb/xml/ChangeLog13
-rw-r--r--examples/pdb/xml/Makefile.in33
-rw-r--r--examples/pdb/xml/README14
-rw-r--r--examples/pdb/xml/TODO6
-rw-r--r--examples/pdb/xml/pdb_xml.c561
9 files changed, 1776 insertions, 0 deletions
diff --git a/examples/pdb/mysql/ChangeLog b/examples/pdb/mysql/ChangeLog
new file mode 100644
index 0000000000..5aeeb66268
--- /dev/null
+++ b/examples/pdb/mysql/ChangeLog
@@ -0,0 +1,41 @@
+** This file is now deprecated, use CVS' log featues **
+
+2002-06-13 Jelmer Vernooij <jelmer@samba.org>
+ * Converted to using SID's like samba HEAD does now
+ * Fixed some FIXME's
+
+2002-05-28 Jelmer Vernooij <jelmer@samba.org>
+ * Updated docs, after some testing by Vance Lankhaar
+
+2002-05-25 Jelmer Vernooij <jelmer@samba.org>
+ * Added support for dynamic debug classes
+ * Fixed nt/lanman password support
+ * Released 1.2
+
+2002-05-06 Jelmer Vernooij <jelmer@samba.org>
+ * Added support for multiple instances of pdb_mysql
+ * Added identifiers
+ * Updated documentation
+ * Released 1.1
+
+2002-04-27 Jelmer Vernooij <jelmer@samba.org>
+ * Updated documentation
+ * Released 1.0!
+
+2002-04-27 Jelmer Vernooij <jelmer@samba.org>
+ * Added update/add sam account support
+ * Released 0.4
+
+2002-04-13 Jelmer Vernooij <jelmer@samba.org>
+ * Support for multiple instances of pdb_mysql
+ * Released 0.3
+
+2002-04-12 Jelmer Vernooij <jelmer@samba.org>
+ * Now using lp_parm_string to retrieve configuration values (instead of
+ our configuration files)
+ * Updated documentation
+ * Released 0.2
+
+2002-04-10 Jelmer Vernooij <jelmer@samba.org>
+ * Released 0.1
+ * Initial release. Not supporting adding and updating data of users
diff --git a/examples/pdb/mysql/Makefile.in b/examples/pdb/mysql/Makefile.in
new file mode 100644
index 0000000000..1da6ea789e
--- /dev/null
+++ b/examples/pdb/mysql/Makefile.in
@@ -0,0 +1,33 @@
+PDB_OBJS = pdb_mysql.so
+PDB_LDFLAGS = -lmysqlclient
+MAKEFILE = Makefile.pdb
+
+include $(MAKEFILE)
+
+CC = @CC@
+LIBTOOL = libtool
+CFLAGS = @CFLAGS@ $(PDB_CFLAGS)
+CPPFLAGS = @CPPFLAGS@ $(PDB_CPPFLAGS)
+LDFLAGS = @LDFLAGS@ $(PDB_LDFLAGS)
+LDSHFLAGS = -shared
+srcdir = @builddir@
+FLAGS = $(CFLAGS) -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I$(srcdir)/smbwrapper -I. $(CPPFLAGS) -I$(srcdir)
+
+# Default target
+
+default: $(PDB_OBJS)
+
+# Pattern rules
+
+%.so: %.lo
+ $(LIBTOOL) $(CC) $(LDSHFLAGS) $(LDFLAGS) -o $@ $<
+
+%.lo: %.c
+ $(LIBTOOL) $(CC) $(FLAGS) -c $<
+
+# Misc targets
+
+clean:
+ rm -rf .libs
+ rm -f core *~ *% *.bak \
+ $(PDB_OBJS) $(PDB_OBJS:.so=.o) $(PDB_OBJS:.so=.lo)
diff --git a/examples/pdb/mysql/README b/examples/pdb/mysql/README
new file mode 100644
index 0000000000..e3cbcab8cf
--- /dev/null
+++ b/examples/pdb/mysql/README
@@ -0,0 +1,92 @@
+PDB MySQL plugin for samba v1.1
+--
+
+Building
+=========
+Before you can build the plugin, set the variable SAMBA_SRC in Makefile to the
+path containing the samba sources. This is usually the 'source' directory in
+the samba tarball or CVS.
+
+Next, type make, and then copy pdb_mysql.so to any location you want. I
+strongly recommend installing it in $PREFIX/lib or /usr/lib/samba/
+
+Configuring
+============
+This plugin lacks some good documentation, but here is some short info:
+
+Add a the following to the 'passdb backend' variable in your smb.conf:
+
+passdb backend = [other-plugins] plugin:/location/to/pdb_mysql.so:identifier [other-plugins]
+
+The identifier can be any string you like, as long as it doesn't collide with
+the identifiers of other plugins or other instances of pdb_mysql. If you
+specify multiple pdb_mysql.so entries in 'passdb backend', you also need to
+use different identifiers!
+
+Additional options can be given thru the smb.conf file in the [global] section.
+
+identifier:mysql host - host name, defaults to 'localhost'
+identifier:mysql password
+identifier:mysql user - defaults to 'samba'
+identifier:mysql database - defaults to 'samba'
+identifier:mysql port - defaults to 3306
+identifier:table - Name of the table containing users
+
+Names of the columns in this table(I've added column types those columns
+ should have first):
+identifier:logon time column - int(9)
+identifier:logoff time column - int(9)
+identifier:kickoff time column - int(9)
+identifier:pass last set time column - int(9)
+identifier:pass can change time column - int(9)
+identifier:pass must change time column - int(9)
+identifier:username column - varchar(255) - unix username
+identifier:domain column - varchar(255) - NT domain user is part of
+identifier:nt username column - varchar(255) - NT username
+identifier:fullname column - varchar(255) - Full name of user
+identifier:home dir column - varchar(255) - Unix homedir path
+identifier:dir drive column - varchar(2) - Directory drive path (eg: 'H:')
+identifier:logon script column - varchar(255) - Batch file to run on client side when logging on
+identifier:profile path column - varchar(255) - Path of profile
+identifier:acct desc column - varchar(255) - Some ASCII NT user data
+identifier:workstations column - varchar(255) - Workstations user can logon to (or NULL for all)
+identifier:unknown string column - varchar(255) - unknown string
+identifier:munged dial column - varchar(255) - ?
+identifier:uid column - int(9) - Unix user ID (uid)
+identifier:gid column - int(9) - Unix user group (gid)
+identifier:user sid column - varchar(255) - NT user SID
+identifier:group sid column - varchar(255) - NT group ID
+identifier:lanman pass column - varchar(255) - encrypted lanman password
+identifier:nt pass column - varchar(255) - encrypted nt passwd
+identifier:plaintext pass column - varchar(255) - plaintext password
+identifier:acct control column - int(9) - nt user data
+identifier:unknown 3 column - int(9) - unknown
+identifier:logon divs column - int(9) - ?
+identifier:hours len column - int(9) - ?
+identifier:unknown 5 column - int(9) - unknown
+identifier:unknown 6 column - int(9) - unknown
+
+Eventually, you can put a colon (:) after the name of each column, which
+should specify the column to update when updating the table. You can also
+specify nothing behind the colon - then the data from the field will not be
+updated.
+
+Using plaintext passwords or encrypted password
+===============================================
+I strongly discourage the use of plaintext passwords, however, you can use them:
+
+If you would like to use plaintext passwords, set 'identifier:lanman pass column' and 'identifier:nt pass column' to 'NULL' (without the quotes) and 'identifier:plaintext pass column' to the name of the column containing the plaintext passwords.
+
+If you use encrypted passwords, set the 'identifier:plaintext pass column' to 'NULL' (without the quotes). This is the default.
+
+Getting non-column data from the table
+======================================
+It is possible to have not all data in the database and making some 'constant'.
+
+For example, you can set 'identifier:fullname column' to :
+ CONCAT(First_name,' ',Sur_name)
+
+Or, set 'identifier:workstations column' to :
+ NULL
+
+See the MySQL documentation for more language constructs.
diff --git a/examples/pdb/mysql/pdb_mysql.c b/examples/pdb/mysql/pdb_mysql.c
new file mode 100644
index 0000000000..c7e9e781c3
--- /dev/null
+++ b/examples/pdb/mysql/pdb_mysql.c
@@ -0,0 +1,983 @@
+
+/*
+ * MySQL password backend for samba
+ * Copyright (C) Jelmer Vernooij 2002
+ *
+ * This program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 675
+ * Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#include "includes.h"
+#include <mysql/mysql.h>
+
+#define CONFIG_TABLE_DEFAULT "user"
+#define CONFIG_LOGON_TIME_DEFAULT "logon_time"
+#define CONFIG_LOGOFF_TIME_DEFAULT "logoff_time"
+#define CONFIG_KICKOFF_TIME_DEFAULT "kickoff_time"
+#define CONFIG_PASS_LAST_SET_TIME_DEFAULT "pass_last_set_time"
+#define CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT "pass_can_change_time"
+#define CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT "pass_must_change_time"
+#define CONFIG_USERNAME_DEFAULT "username"
+#define CONFIG_DOMAIN_DEFAULT "domain"
+#define CONFIG_NT_USERNAME_DEFAULT "nt_username"
+#define CONFIG_FULLNAME_DEFAULT "nt_fullname"
+#define CONFIG_HOME_DIR_DEFAULT "home_dir"
+#define CONFIG_DIR_DRIVE_DEFAULT "dir_drive"
+#define CONFIG_LOGON_SCRIPT_DEFAULT "logon_script"
+#define CONFIG_PROFILE_PATH_DEFAULT "profile_path"
+#define CONFIG_ACCT_DESC_DEFAULT "acct_desc"
+#define CONFIG_WORKSTATIONS_DEFAULT "workstations"
+#define CONFIG_UNKNOWN_STR_DEFAULT "unknown_str"
+#define CONFIG_MUNGED_DIAL_DEFAULT "munged_dial"
+#define CONFIG_UID_DEFAULT "uid"
+#define CONFIG_GID_DEFAULT "gid"
+#define CONFIG_USER_SID_DEFAULT "user_sid"
+#define CONFIG_GROUP_SID_DEFAULT "group_sid"
+#define CONFIG_LM_PW_DEFAULT "lm_pw"
+#define CONFIG_NT_PW_DEFAULT "nt_pw"
+#define CONFIG_PLAIN_PW_DEFAULT "NULL"
+#define CONFIG_ACCT_CTRL_DEFAULT "acct_ctrl"
+#define CONFIG_UNKNOWN_3_DEFAULT "unknown_3"
+#define CONFIG_LOGON_DIVS_DEFAULT "logon_divs"
+#define CONFIG_HOURS_LEN_DEFAULT "hours_len"
+#define CONFIG_UNKNOWN_5_DEFAULT "unknown_5"
+#define CONFIG_UNKNOWN_6_DEFAULT "unknown_6"
+#define CONFIG_HOST_DEFAULT "localhost"
+#define CONFIG_USER_DEFAULT "samba"
+#define CONFIG_PASS_DEFAULT ""
+#define CONFIG_PORT_DEFAULT "3306"
+#define CONFIG_DB_DEFAULT "samba"
+
+static int mysqlsam_debug_level = DBGC_ALL;
+
+#undef DBGC_CLASS
+#define DBGC_CLASS mysqlsam_debug_level
+
+PDB_MODULE_VERSIONING_MAGIC
+
+typedef struct pdb_mysql_data {
+ MYSQL *handle;
+ MYSQL_RES *pwent;
+ char *location;
+} pdb_mysql_data;
+
+/* Used to construct insert and update queries */
+
+typedef struct pdb_mysql_query {
+ char update;
+ TALLOC_CTX *mem_ctx;
+ char *part1;
+ char *part2;
+} pdb_mysql_query;
+
+#define SET_DATA(data,methods) { \
+ if(!methods){ \
+ DEBUG(0, ("invalid methods!\n")); \
+ return False; \
+ } \
+ data = (struct pdb_mysql_data *)methods->private_data; \
+ if(!data || !(data->handle)){ \
+ DEBUG(0, ("invalid handle!\n")); \
+ return False; \
+ } \
+}
+void
+pdb_mysql_int_field(struct pdb_methods *m,
+ struct pdb_mysql_query *q, char *name, int value)
+{
+ if (!name || strchr(name, '\''))
+ return; /* This field shouldn't be set by us */
+
+ if (q->update) {
+ q->part1 =
+ talloc_asprintf_append(q->mem_ctx, q->part1,
+ "%s = %d,", name, value);
+ } else {
+ q->part1 =
+ talloc_asprintf_append(q->mem_ctx, q->part1, "%s,", name);
+ q->part2 =
+ talloc_asprintf_append(q->mem_ctx, q->part2, "%d,", value);
+ }
+}
+
+static BOOL
+pdb_mysql_string_field(struct pdb_methods *methods,
+ struct pdb_mysql_query *q,
+ char *name, const char *value)
+{
+ char *esc_value;
+ struct pdb_mysql_data *data;
+
+ SET_DATA(data, methods);
+
+ if (!name || !value || !strcmp(value, "") || strchr(name, '\''))
+ return False; /* This field shouldn't be set by module */
+
+ esc_value = malloc(strlen(value) * 2 + 1);
+ mysql_real_escape_string(data->handle, esc_value, (char *) value,
+ strlen(value));
+
+ if (q->update) {
+ q->part1 =
+ talloc_asprintf_append(q->mem_ctx, q->part1,
+ "%s = '%s',", name, esc_value);
+ } else {
+ q->part1 =
+ talloc_asprintf_append(q->mem_ctx, q->part1, "%s,", name);
+ q->part2 =
+ talloc_asprintf_append(q->mem_ctx, q->part2, "'%s',",
+ esc_value);
+ }
+
+ SAFE_FREE(esc_value);
+
+ return True;
+}
+
+static char *
+config_value(pdb_mysql_data * data, char *name, char *default_value)
+{
+ if (lp_parm_string(NULL, data->location, name))
+ return lp_parm_string(NULL, data->location, name);
+
+ return default_value;
+}
+
+static char *
+config_value_write(pdb_mysql_data * data, char *name, char *default_value)
+{
+ char *v = config_value(data, name, NULL);
+ char *write;
+
+ if (!v)
+ return default_value;
+
+ write = strchr(v, ':');
+
+ /* Default to the same field as read field */
+ if (!write)
+ return v;
+
+ write++;
+
+ /* If the field is 0 chars long, we shouldn't write to it */
+ if (!strlen(write) || !strcmp(write, "NULL"))
+ return NULL;
+
+ /* Otherwise, use the additionally specified */
+ return write;
+}
+
+static const char *
+config_value_read(pdb_mysql_data * data, char *name, char *default_value)
+{
+ char *v = config_value(data, name, NULL);
+ char *write;
+
+ if (!v)
+ return default_value;
+
+ write = strchr(v, ':');
+
+ /* If no write is specified, there are no problems */
+ if (!write) {
+ if (strlen(v) == 0)
+ return "NULL";
+ return v;
+ }
+
+ /* Otherwise, we have to cut the ':write_part' */
+ *write = '\0';
+ if (strlen(v) == 0)
+ return "NULL";
+
+ return v;
+}
+
+/* Wrapper for atol that returns 0 if 'a' points to NULL */
+static long
+xatol(char *a)
+{
+ long ret = 0;
+
+ if (a != NULL)
+ ret = atol(a);
+
+ return ret;
+}
+
+static BOOL
+row_to_sam_account(MYSQL_RES * r, SAM_ACCOUNT * u)
+{
+ MYSQL_ROW row;
+ pstring temp;
+ unsigned int num_fields;
+ unsigned long *lengths;
+ DOM_SID sid;
+
+ num_fields = mysql_num_fields(r);
+ row = mysql_fetch_row(r);
+ if (!row)
+ return False;
+
+ pdb_set_logon_time(u, xatol(row[0]), FALSE);
+ pdb_set_logoff_time(u, xatol(row[1]), FALSE);
+ pdb_set_kickoff_time(u, xatol(row[2]), FALSE);
+ pdb_set_pass_last_set_time(u, xatol(row[3]));
+ pdb_set_pass_can_change_time(u, xatol(row[4]), FALSE);
+ pdb_set_pass_must_change_time(u, xatol(row[5]), FALSE);
+ pdb_set_username(u, row[6]);
+ pdb_set_domain(u, row[7]);
+ pdb_set_nt_username(u, row[8]);
+ pdb_set_fullname(u, row[9]);
+ pdb_set_homedir(u, row[10], True);
+ pdb_set_dir_drive(u, row[11], True);
+ pdb_set_logon_script(u, row[12], True);
+ pdb_set_profile_path(u, row[13], True);
+ pdb_set_acct_desc(u, row[14]);
+ pdb_set_workstations(u, row[15]);
+ pdb_set_unknown_str(u, row[16]);
+ pdb_set_munged_dial(u, row[17]);
+
+ if (row[18])
+ pdb_set_uid(u, xatol(row[18]));
+ if (row[19])
+ pdb_set_gid(u, xatol(row[19]));
+
+ string_to_sid(&sid, row[20]);
+ pdb_set_user_sid(u, &sid);
+ string_to_sid(&sid, row[21]);
+ pdb_set_group_sid(u, &sid);
+
+ if (pdb_gethexpwd(row[22], temp))
+ pdb_set_lanman_passwd(u, temp);
+ if (pdb_gethexpwd(row[23], temp))
+ pdb_set_nt_passwd(u, temp);
+
+ /* Only use plaintext password storage when lanman and nt are
+ * NOT used */
+ if (!row[22] || !row[23])
+ pdb_set_plaintext_passwd(u, row[24]);
+
+ pdb_set_acct_ctrl(u, xatol(row[25]));
+ pdb_set_unknown_3(u, xatol(row[26]));
+ pdb_set_logon_divs(u, xatol(row[27]));
+ pdb_set_hours_len(u, xatol(row[28]));
+ pdb_set_unknown_5(u, xatol(row[29]));
+ pdb_set_unknown_6(u, xatol(row[30]));
+
+ return True;
+}
+
+static BOOL
+mysqlsam_setsampwent(struct pdb_methods *methods, BOOL update)
+{
+ struct pdb_mysql_data *data =
+ (struct pdb_mysql_data *) methods->private_data;
+ char *query;
+ int ret;
+
+ if (!data || !(data->handle)) {
+ DEBUG(0, ("invalid handle!\n"));
+ return False;
+ }
+
+ asprintf(&query,
+ "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s",
+ config_value_read(data, "logon time column",
+ CONFIG_LOGON_TIME_DEFAULT),
+ config_value_read(data, "logoff time column",
+ CONFIG_LOGOFF_TIME_DEFAULT),
+ config_value_read(data, "kickoff time column",
+ CONFIG_KICKOFF_TIME_DEFAULT),
+ config_value_read(data, "pass last set time column",
+ CONFIG_PASS_LAST_SET_TIME_DEFAULT),
+ config_value_read(data, "pass can change time column",
+ CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT),
+ config_value_read(data, "pass must change time column",
+ CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT),
+ config_value_read(data, "username column",
+ CONFIG_USERNAME_DEFAULT),
+ config_value_read(data, "domain column",
+ CONFIG_DOMAIN_DEFAULT),
+ config_value_read(data, "nt username column",
+ CONFIG_NT_USERNAME_DEFAULT),
+ config_value_read(data, "fullname column",
+ CONFIG_FULLNAME_DEFAULT),
+ config_value_read(data, "home dir column",
+ CONFIG_HOME_DIR_DEFAULT),
+ config_value_read(data, "dir drive column",
+ CONFIG_DIR_DRIVE_DEFAULT),
+ config_value_read(data, "logon script column",
+ CONFIG_LOGON_SCRIPT_DEFAULT),
+ config_value_read(data, "profile path column",
+ CONFIG_PROFILE_PATH_DEFAULT),
+ config_value_read(data, "acct desc column",
+ CONFIG_ACCT_DESC_DEFAULT),
+ config_value_read(data, "workstations column",
+ CONFIG_WORKSTATIONS_DEFAULT),
+ config_value_read(data, "unknown string column",
+ CONFIG_UNKNOWN_STR_DEFAULT),
+ config_value_read(data, "munged dial column",
+ CONFIG_MUNGED_DIAL_DEFAULT),
+ config_value_read(data, "uid column", CONFIG_UID_DEFAULT),
+ config_value_read(data, "gid column", CONFIG_GID_DEFAULT),
+ config_value_read(data, "user sid column",
+ CONFIG_USER_SID_DEFAULT),
+ config_value_read(data, "group sid column",
+ CONFIG_GROUP_SID_DEFAULT),
+ config_value_read(data, "lanman pass column",
+ CONFIG_LM_PW_DEFAULT),
+ config_value_read(data, "nt pass column",
+ CONFIG_NT_PW_DEFAULT),
+ config_value_read(data, "plain pass column",
+ CONFIG_PLAIN_PW_DEFAULT),
+ config_value_read(data, "acct ctrl column",
+ CONFIG_ACCT_CTRL_DEFAULT),
+ config_value_read(data, "unknown 3 column",
+ CONFIG_UNKNOWN_3_DEFAULT),
+ config_value_read(data, "logon divs column",
+ CONFIG_LOGON_DIVS_DEFAULT),
+ config_value_read(data, "hours len column",
+ CONFIG_HOURS_LEN_DEFAULT),
+ config_value_read(data, "unknown 5 column",
+ CONFIG_UNKNOWN_5_DEFAULT),
+ config_value_read(data, "unknown 6 column",
+ CONFIG_UNKNOWN_6_DEFAULT),
+ config_value(data, "table", CONFIG_TABLE_DEFAULT)
+ );
+
+ ret = mysql_query(data->handle, query);
+ SAFE_FREE(query);
+
+ if (ret) {
+ DEBUG(0,
+ ("Error executing query: %s\n", mysql_error(data->handle)));
+ return False;
+ }
+
+ data->pwent = mysql_store_result(data->handle);
+
+ if (data->pwent == NULL) {
+ DEBUG(0,
+ ("Error storing results: %s\n", mysql_error(data->handle)));
+ return False;
+ }
+
+ DEBUG(5,
+ ("mysqlsam_setsampwent succeeded(%d results)!\n",
+ mysql_num_fields(data->pwent)));
+
+ return True;
+}
+
+/***************************************************************
+ End enumeration of the passwd list.
+ ****************************************************************/
+
+static void
+mysqlsam_endsampwent(struct pdb_methods *methods)
+{
+ struct pdb_mysql_data *data =
+ (struct pdb_mysql_data *) methods->private_data;
+
+ if (data == NULL) {
+ DEBUG(0, ("invalid handle!\n"));
+ return;
+ }
+
+ if (data->pwent != NULL)
+ mysql_free_result(data->pwent);
+
+ data->pwent = NULL;
+
+ DEBUG(5, ("mysql_endsampwent called\n"));
+}
+
+/*****************************************************************
+ Get one SAM_ACCOUNT from the list (next in line)
+ *****************************************************************/
+
+static BOOL
+mysqlsam_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT * user)
+{
+ struct pdb_mysql_data *data;
+
+ SET_DATA(data, methods);
+
+ if (data->pwent == NULL) {
+ DEBUG(0, ("invalid pwent\n"));
+ return False;
+ }
+
+ return row_to_sam_account(data->pwent, user);
+}
+
+BOOL
+mysqlsam_select_by_field(struct pdb_methods * methods, SAM_ACCOUNT * user,
+ const char *field, const char *sname)
+{
+ char *esc_sname;
+ char *query;
+ int ret;
+ MYSQL_RES *res;
+ struct pdb_mysql_data *data;
+
+ SET_DATA(data, methods);
+
+ esc_sname = malloc(strlen(sname) * 2 + 1);
+ if (!esc_sname) {
+ DEBUG(0, ("Not enough memory available!\n"));
+ return False;
+ }
+
+ DEBUG(5,
+ ("mysqlsam_select_by_field: getting data where %s = %s(nonescaped)\n",
+ field, sname));
+
+ /* Escape sname */
+ mysql_real_escape_string(data->handle, esc_sname, (char *) sname,
+ strlen(sname));
+
+ if (user == NULL) {
+ DEBUG(0, ("pdb_getsampwnam: SAM_ACCOUNT is NULL.\n"));
+ SAFE_FREE(esc_sname);
+ return False;
+ }
+
+ asprintf(&query,
+ "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s WHERE %s = '%s'",
+ config_value_read(data, "logon time column",
+ CONFIG_LOGON_TIME_DEFAULT),
+ config_value_read(data, "logoff time column",
+ CONFIG_LOGOFF_TIME_DEFAULT),
+ config_value_read(data, "kickoff time column",
+ CONFIG_KICKOFF_TIME_DEFAULT),
+ config_value_read(data, "pass last set time column",
+ CONFIG_PASS_LAST_SET_TIME_DEFAULT),
+ config_value_read(data, "pass can change time column",
+ CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT),
+ config_value_read(data, "pass must change time column",
+ CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT),
+ config_value_read(data, "username column",
+ CONFIG_USERNAME_DEFAULT),
+ config_value_read(data, "domain column",
+ CONFIG_DOMAIN_DEFAULT),
+ config_value_read(data, "nt username column",
+ CONFIG_NT_USERNAME_DEFAULT),
+ config_value_read(data, "fullname column",
+ CONFIG_FULLNAME_DEFAULT),
+ config_value_read(data, "home dir column",
+ CONFIG_HOME_DIR_DEFAULT),
+ config_value_read(data, "dir drive column",
+ CONFIG_DIR_DRIVE_DEFAULT),
+ config_value_read(data, "logon script column",
+ CONFIG_LOGON_SCRIPT_DEFAULT),
+ config_value_read(data, "profile path column",
+ CONFIG_PROFILE_PATH_DEFAULT),
+ config_value_read(data, "acct desc column",
+ CONFIG_ACCT_DESC_DEFAULT),
+ config_value_read(data, "workstations column",
+ CONFIG_WORKSTATIONS_DEFAULT),
+ config_value_read(data, "unknown string column",
+ CONFIG_UNKNOWN_STR_DEFAULT),
+ config_value_read(data, "munged dial column",
+ CONFIG_MUNGED_DIAL_DEFAULT),
+ config_value_read(data, "uid column", CONFIG_UID_DEFAULT),
+ config_value_read(data, "gid column", CONFIG_GID_DEFAULT),
+ config_value_read(data, "user sid column",
+ CONFIG_USER_SID_DEFAULT),
+ config_value_read(data, "group sid column",
+ CONFIG_GROUP_SID_DEFAULT),
+ config_value_read(data, "lanman pass column",
+ CONFIG_LM_PW_DEFAULT),
+ config_value_read(data, "nt pass column",
+ CONFIG_NT_PW_DEFAULT),
+ config_value_read(data, "plain pass column",
+ CONFIG_PLAIN_PW_DEFAULT),
+ config_value_read(data, "acct ctrl column",
+ CONFIG_ACCT_CTRL_DEFAULT),
+ config_value_read(data, "unknown 3 column",
+ CONFIG_UNKNOWN_3_DEFAULT),
+ config_value_read(data, "logon divs column",
+ CONFIG_LOGON_DIVS_DEFAULT),
+ config_value_read(data, "hours len column",
+ CONFIG_HOURS_LEN_DEFAULT),
+ config_value_read(data, "unknown 5 column",
+ CONFIG_UNKNOWN_5_DEFAULT),
+ config_value_read(data, "unknown 6 column",
+ CONFIG_UNKNOWN_6_DEFAULT),
+ config_value(data, "table", CONFIG_TABLE_DEFAULT), field,
+ esc_sname);
+
+ SAFE_FREE(esc_sname);
+
+ ret = mysql_query(data->handle, query);
+
+ SAFE_FREE(query);
+
+ if (ret) {
+ DEBUG(0,
+ ("Error while executing MySQL query: %s\n",
+ mysql_error(data->handle)));
+ return False;
+ }
+
+ res = mysql_store_result(data->handle);
+ if (res == NULL) {
+ DEBUG(0,
+ ("Error storing results: %s\n", mysql_error(data->handle)));
+ return False;
+ }
+
+ ret = row_to_sam_account(res, user);
+ mysql_free_result(res);
+
+ return ret;
+}
+
+/******************************************************************
+ Lookup a name in the SAM database
+ ******************************************************************/
+
+static BOOL
+mysqlsam_getsampwnam(struct pdb_methods *methods, SAM_ACCOUNT * user,
+ const char *sname)
+{
+ struct pdb_mysql_data *data;
+
+ SET_DATA(data, methods);
+
+ if (!sname) {
+ DEBUG(0, ("invalid name specified"));
+ return False;
+ }
+ return mysqlsam_select_by_field(methods, user,
+ config_value_read(data, "username column",
+ CONFIG_USERNAME_DEFAULT), sname);
+}
+
+
+/***************************************************************************
+ Search by sid
+ **************************************************************************/
+
+static BOOL
+mysqlsam_getsampwsid(struct pdb_methods *methods, SAM_ACCOUNT * user,
+ const DOM_SID * sid)
+{
+ BOOL ret = False;
+ struct pdb_mysql_data *data;
+ fstring sid_str;
+
+ SET_DATA(data, methods);
+
+ sid_to_string(sid_str, sid);
+
+ ret =
+ mysqlsam_select_by_field(methods, user,
+ config_value_read(data, "user sid column",
+ CONFIG_USER_SID_DEFAULT), sid_str);
+
+ return ret;
+}
+
+/***************************************************************************
+ Delete a SAM_ACCOUNT
+ ****************************************************************************/
+
+static BOOL
+mysqlsam_delete_sam_account(struct pdb_methods *methods,
+ SAM_ACCOUNT * sam_pass)
+{
+ const char *sname = pdb_get_username(sam_pass);
+ char *esc;
+ char *query;
+ int ret;
+ struct pdb_mysql_data *data;
+
+ SET_DATA(data, methods);
+
+ if (!methods) {
+ DEBUG(0, ("invalid methods!\n"));
+ return False;
+ }
+
+ data = (struct pdb_mysql_data *) methods->private_data;
+ if (!data || !(data->handle)) {
+ DEBUG(0, ("invalid handle!\n"));
+ return False;
+ }
+
+ if (!sname) {
+ DEBUG(0, ("invalid name specified\n"));
+ return False;
+ }
+
+ /* Escape sname */
+ esc = malloc(strlen(sname) * 2 + 1);
+ if (!esc) {
+ DEBUG(0, ("Can't allocate memory to store escaped name\n"));
+ return False;
+ }
+ mysql_real_escape_string(data->handle, esc, (char *) sname,
+ strlen(sname));
+
+ asprintf(&query, "DELETE FROM %s WHERE %s = '%s'",
+ config_value(data, "table", CONFIG_TABLE_DEFAULT),
+ config_value_read(data, "username column",
+ CONFIG_USERNAME_DEFAULT), esc);
+
+ SAFE_FREE(esc);
+
+ ret = mysql_query(data->handle, query);
+
+ SAFE_FREE(query);
+
+ if (ret) {
+ DEBUG(0,
+ ("Error while executing query: %s\n",
+ mysql_error(data->handle)));
+ return False;
+ }
+
+ DEBUG(5, ("User '%s' deleted\n", sname));
+ return True;
+}
+
+static BOOL
+mysqlsam_replace_sam_account(struct pdb_methods *methods,
+ const SAM_ACCOUNT * newpwd, char isupdate)
+{
+ pstring temp;
+ uint32 store = pdb_get_init_flag(newpwd);
+ struct pdb_mysql_data *data;
+ pdb_mysql_query query;
+ fstring sid_str;
+
+ if (!methods) {
+ DEBUG(0, ("invalid methods!\n"));
+ return False;
+ }
+
+ data = (struct pdb_mysql_data *) methods->private_data;
+ if (data == NULL || data->handle == NULL) {
+ DEBUG(0, ("invalid handle!\n"));
+ return False;
+ }
+ query.update = isupdate;
+
+ /* I know this is somewhat overkill but only the talloc
+ * functions have asprint_append and the 'normal' asprintf
+ * is a GNU extension */
+ query.mem_ctx = talloc_init();
+ query.part2 = talloc_asprintf(query.mem_ctx, "%s", "");
+ if (query.update) {
+ query.part1 =
+ talloc_asprintf(query.mem_ctx, "UPDATE %s SET ",
+ config_value(data, "table",
+ CONFIG_TABLE_DEFAULT));
+ } else {
+ query.part1 =
+ talloc_asprintf(query.mem_ctx, "INSERT INTO %s (",
+ config_value(data, "table",
+ CONFIG_TABLE_DEFAULT));
+ }
+
+ pdb_mysql_int_field(methods, &query,
+ config_value_write(data, "acct ctrl column",
+ CONFIG_ACCT_CTRL_DEFAULT),
+ pdb_get_acct_ctrl(newpwd));
+
+ if (store & FLAG_SAM_LOGONTIME) {
+ pdb_mysql_int_field(methods, &query,
+ config_value_write(data,
+ "logon time column",
+ CONFIG_LOGON_TIME_DEFAULT),
+ pdb_get_logon_time(newpwd));
+ }
+
+ if (store & FLAG_SAM_LOGOFFTIME) {
+ pdb_mysql_int_field(methods, &query,
+ config_value_write(data,
+ "logoff time column",
+ CONFIG_LOGOFF_TIME_DEFAULT),
+ pdb_get_logoff_time(newpwd));
+ }
+
+ if (store & FLAG_SAM_KICKOFFTIME) {
+ pdb_mysql_int_field(methods, &query,
+ config_value_write(data,
+ "kickoff time column",
+ CONFIG_KICKOFF_TIME_DEFAULT),
+ pdb_get_kickoff_time(newpwd));
+ }
+
+ if (store & FLAG_SAM_CANCHANGETIME) {
+ pdb_mysql_int_field(methods, &query,
+ config_value_write(data,
+ "pass can change time column",
+ CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT),
+ pdb_get_pass_can_change_time(newpwd));
+ }
+
+ if (store & FLAG_SAM_MUSTCHANGETIME) {
+ pdb_mysql_int_field(methods, &query,
+ config_value_write(data,
+ "pass must change time column",
+ CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT),
+ pdb_get_pass_must_change_time(newpwd));
+ }
+
+ if (pdb_get_pass_last_set_time(newpwd)) {
+ pdb_mysql_int_field(methods, &query,
+ config_value_write(data,
+ "pass must change time column",
+ CONFIG_PASS_LAST_SET_TIME_DEFAULT),
+ pdb_get_pass_last_set_time(newpwd));
+ }
+
+ if (pdb_get_hours_len(newpwd)) {
+ pdb_mysql_int_field(methods, &query,
+ config_value_write(data,
+ "hours len column",
+ CONFIG_HOURS_LEN_DEFAULT),
+ pdb_get_hours_len(newpwd));
+ }
+
+ if (pdb_get_logon_divs(newpwd)) {
+ pdb_mysql_int_field(methods, &query,
+ config_value_write(data,
+ "logon divs column",
+ CONFIG_LOGON_DIVS_DEFAULT),
+ pdb_get_logon_divs(newpwd));
+ }
+
+ if (store & FLAG_SAM_UID) {
+ pdb_mysql_int_field(methods, &query,
+ config_value_write(data, "uid column",
+ CONFIG_UID_DEFAULT),
+ pdb_get_uid(newpwd));
+ }
+
+ if (store & FLAG_SAM_GID) {
+ pdb_mysql_int_field(methods, &query,
+ config_value_write(data, "gid column",
+ CONFIG_GID_DEFAULT),
+ pdb_get_gid(newpwd));
+ }
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data, "user sid column",
+ CONFIG_USER_SID_DEFAULT),
+ sid_to_string(sid_str, (DOM_SID *)
+ pdb_get_user_sid(newpwd)));
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data, "group sid column",
+ CONFIG_GROUP_SID_DEFAULT),
+ sid_to_string(sid_str, (DOM_SID *)
+ pdb_get_group_sid(newpwd)));
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data, "username column",
+ CONFIG_USERNAME_DEFAULT),
+ pdb_get_username(newpwd));
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data, "domain column",
+ CONFIG_DOMAIN_DEFAULT),
+ pdb_get_domain(newpwd));
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data,
+ "nt username column",
+ CONFIG_NT_USERNAME_DEFAULT),
+ pdb_get_nt_username(newpwd));
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data, "fullname column",
+ CONFIG_FULLNAME_DEFAULT),
+ pdb_get_fullname(newpwd));
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data,
+ "logon script column",
+ CONFIG_LOGON_SCRIPT_DEFAULT),
+ pdb_get_logon_script(newpwd));
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data,
+ "profile path column",
+ CONFIG_PROFILE_PATH_DEFAULT),
+ pdb_get_profile_path(newpwd));
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data, "dir drive column",
+ CONFIG_DIR_DRIVE_DEFAULT),
+ pdb_get_dir_drive(newpwd));
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data, "home dir column",
+ CONFIG_HOME_DIR_DEFAULT),
+ pdb_get_homedir(newpwd));
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data,
+ "workstations column",
+ CONFIG_WORKSTATIONS_DEFAULT),
+ pdb_get_workstations(newpwd));
+
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data,
+ "unknown string column",
+ CONFIG_UNKNOWN_STR_DEFAULT),
+ pdb_get_workstations(newpwd));
+
+ pdb_sethexpwd(temp, pdb_get_lanman_passwd(newpwd),
+ pdb_get_acct_ctrl(newpwd));
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data,
+ "lanman pass column",
+ CONFIG_LM_PW_DEFAULT), temp);
+
+ pdb_sethexpwd(temp, pdb_get_nt_passwd(newpwd),
+ pdb_get_acct_ctrl(newpwd));
+ pdb_mysql_string_field(methods, &query,
+ config_value_write(data, "nt pass column",
+ CONFIG_NT_PW_DEFAULT), temp);
+
+ if (query.update) {
+ query.part1[strlen(query.part1) - 1] = '\0';
+ query.part1 =
+ talloc_asprintf_append(query.mem_ctx, query.part1,
+ " WHERE %s = '%s'",
+ config_value_read(data,
+ "user sid column",
+ CONFIG_USER_SID_DEFAULT),
+ sid_to_string(sid_str, (DOM_SID *)
+ pdb_get_user_sid
+ (newpwd)));
+ } else {
+ query.part2[strlen(query.part2) - 1] = ')';
+ query.part1[strlen(query.part1) - 1] = ')';
+ query.part1 =
+ talloc_asprintf_append(query.mem_ctx, query.part1,
+ " VALUES (%s", query.part2);
+ }
+
+ DEBUG(0, ("%s\n", query.part1));
+ /* Execute the query */
+ if (mysql_query(data->handle, query.part1)) {
+ DEBUG(0,
+ ("Error executing %s, %s\n", query.part1,
+ mysql_error(data->handle)));
+ return False;
+ }
+ talloc_destroy(query.mem_ctx);
+ return True;
+}
+
+static BOOL
+mysqlsam_add_sam_account(struct pdb_methods *methods, SAM_ACCOUNT * newpwd)
+{
+ return mysqlsam_replace_sam_account(methods, newpwd, 0);
+}
+
+static BOOL
+mysqlsam_update_sam_account(struct pdb_methods *methods,
+ SAM_ACCOUNT * newpwd)
+{
+ return mysqlsam_replace_sam_account(methods, newpwd, 1);
+}
+
+NTSTATUS
+pdb_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method,
+ char *location)
+{
+ NTSTATUS nt_status;
+ struct pdb_mysql_data *data;
+
+ mysqlsam_debug_level = debug_add_class("mysqlsam");
+ if (mysqlsam_debug_level == -1) {
+ mysqlsam_debug_level = DBGC_ALL;
+ DEBUG(0,
+ ("mysqlsam: Couldn't register custom debugging class!\n"));
+ }
+
+ if (!pdb_context) {
+ DEBUG(0, ("invalid pdb_methods specified\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ if (!NT_STATUS_IS_OK
+ (nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
+ return nt_status;
+ }
+
+ (*pdb_method)->name = "mysqlsam";
+
+ (*pdb_method)->setsampwent = mysqlsam_setsampwent;
+ (*pdb_method)->endsampwent = mysqlsam_endsampwent;
+ (*pdb_method)->getsampwent = mysqlsam_getsampwent;
+ (*pdb_method)->getsampwnam = mysqlsam_getsampwnam;
+ (*pdb_method)->getsampwsid = mysqlsam_getsampwsid;
+ (*pdb_method)->add_sam_account = mysqlsam_add_sam_account;
+ (*pdb_method)->update_sam_account = mysqlsam_update_sam_account;
+ (*pdb_method)->delete_sam_account = mysqlsam_delete_sam_account;
+
+ data = talloc(pdb_context->mem_ctx, sizeof(struct pdb_mysql_data));
+ (*pdb_method)->private_data = data;
+ data->handle = NULL;
+ data->pwent = NULL;
+
+ if (!location) {
+ DEBUG(0, ("No identifier specified. See README for details\n"));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ data->location = smb_xstrdup(location);
+
+ DEBUG(1,
+ ("Connecting to database server, host: %s, user: %s, password: %s, database: %s, port: %d\n",
+ config_value(data, "mysql host", CONFIG_HOST_DEFAULT),
+ config_value(data, "mysql user", CONFIG_USER_DEFAULT),
+ config_value(data, "mysql password", CONFIG_PASS_DEFAULT),
+ config_value(data, "mysql database", CONFIG_DB_DEFAULT),
+ xatol(config_value(data, "mysql port", CONFIG_PORT_DEFAULT))));
+
+ /* Do the mysql initialization */
+ data->handle = mysql_init(NULL);
+ if (!data->handle) {
+ DEBUG(0, ("Failed to connect to server\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ /* Process correct entry in $HOME/.my.conf */
+ if (!mysql_real_connect(data->handle,
+ config_value(data, "mysql host", CONFIG_HOST_DEFAULT),
+ config_value(data, "mysql user", CONFIG_USER_DEFAULT),
+ config_value(data, "mysql password", CONFIG_PASS_DEFAULT),
+ config_value(data, "mysql database", CONFIG_DB_DEFAULT),
+ xatol(config_value (data, "mysql port", CONFIG_PORT_DEFAULT)),
+ NULL, 0)) {
+ DEBUG(0,
+ ("Failed to connect to mysql database: error: %s\n",
+ mysql_error(data->handle)));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ DEBUG(5, ("Connected to mysql db\n"));
+
+ return NT_STATUS_OK;
+}
diff --git a/examples/pdb/xml/ChangeLog b/examples/pdb/xml/ChangeLog
new file mode 100644
index 0000000000..e44fa3bd30
--- /dev/null
+++ b/examples/pdb/xml/ChangeLog
@@ -0,0 +1,13 @@
+** This file is now deprecated - use CVS' log features **
+
+2002-06-13 Jelmer Vernooij <jelmer@samba.org>
+ * Use SID's instead of RID's (just like samba-HEAD CVS)
+ * Released 1.1
+
+2002-05-26 Jelmer Vernooij <jelmer@samba.org>
+ * Update read support (didn't support all elements yet)
+ * Released 1.0
+
+2002-05-26 Jelmer Vernooij <jelmer@samba.org>
+ * Initial release
+ * Released 0.5
diff --git a/examples/pdb/xml/Makefile.in b/examples/pdb/xml/Makefile.in
new file mode 100644
index 0000000000..87d4546972
--- /dev/null
+++ b/examples/pdb/xml/Makefile.in
@@ -0,0 +1,33 @@
+PDB_OBJS = pdb_xml.so
+PDB_CFLAGS = `xml2-config --cflags`
+PDB_LDFLAGS = `xml2-config --libs`
+
+include $(MAKEFILE)
+
+CC = @CC@
+LIBTOOL = libtool
+CFLAGS = @CFLAGS@ $(PDB_CFLAGS)
+CPPFLAGS = @CPPFLAGS@ $(PDB_CPPFLAGS)
+LDFLAGS = @LDFLAGS@ $(PDB_LDFLAGS)
+LDSHFLAGS = -shared
+srcdir = @builddir@
+FLAGS = $(CFLAGS) -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I$(srcdir)/smbwrapper -I. $(CPPFLAGS) -I$(srcdir)
+
+# Default target
+
+default: $(PDB_OBJS)
+
+# Pattern rules
+
+%.so: %.lo
+ $(LIBTOOL) $(CC) $(LDSHFLAGS) $(LDFLAGS) -o $@ $<
+
+%.lo: %.c
+ $(LIBTOOL) $(CC) $(FLAGS) -c $<
+
+# Misc targets
+
+clean:
+ rm -rf .libs
+ rm -f core *~ *% *.bak \
+ $(PDB_OBJS) $(PDB_OBJS:.so=.o) $(PDB_OBJS:.so=.lo)
diff --git a/examples/pdb/xml/README b/examples/pdb/xml/README
new file mode 100644
index 0000000000..afb08fdb4f
--- /dev/null
+++ b/examples/pdb/xml/README
@@ -0,0 +1,14 @@
+Readme for samba pdb xml 0.5
+--
+This module requires libxml2 to be installed.
+
+The usage of pdb_xml is pretty straightforward. To export data, use:
+
+pdbedit -e plugin:/usr/lib/samba/pdb_xml.so:filename
+
+(where filename is the name of the file to put the data in)
+To import data, use:
+
+pdbedit -i plugin:/usr/lib/samba/pdb_xml.so:filename -e <current-pdb>
+
+Where filename is the name to read the data from and <current-pdb> to put it in.
diff --git a/examples/pdb/xml/TODO b/examples/pdb/xml/TODO
new file mode 100644
index 0000000000..3947bb68be
--- /dev/null
+++ b/examples/pdb/xml/TODO
@@ -0,0 +1,6 @@
+- Be faster. Don't rewrite the whole file when adding a user, but store
+ it in the memory and save it when exiting. Requires changes to samba source.
+ Gives the ability to read/write to standard input/output
+- Do locking!
+- Better names!
+- Support stdin ?
diff --git a/examples/pdb/xml/pdb_xml.c b/examples/pdb/xml/pdb_xml.c
new file mode 100644
index 0000000000..f237a7da9d
--- /dev/null
+++ b/examples/pdb/xml/pdb_xml.c
@@ -0,0 +1,561 @@
+
+/*
+ * XML password backend for samba
+ * Copyright (C) Jelmer Vernooij 2002
+ * Some parts based on the libxml gjobread example by Daniel Veillard
+ *
+ * This program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 675
+ * Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+/* FIXME: Support stdin input by using '-' */
+
+#define XML_URL "http://www.samba.org/ns"
+
+#include "includes.h"
+
+#include <libxml/xmlmemory.h>
+#include <libxml/parser.h>
+
+static int xmlsam_debug_level = DBGC_ALL;
+
+#undef DBGC_CLASS
+#define DBGC_CLASS xmlsam_debug_level
+
+PDB_MODULE_VERSIONING_MAGIC
+
+static char * iota(int a) {
+ static char tmp[10];
+
+ snprintf(tmp, 9, "%d", a);
+ return tmp;
+}
+
+BOOL
+parsePass(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u)
+{
+ pstring temp;
+
+ cur = cur->xmlChildrenNode;
+ while (cur != NULL) {
+ if (strcmp(cur->name, "crypt"))
+ DEBUG(0, ("Unknown element %s\n", cur->name));
+ else {
+ if (!strcmp(xmlGetProp(cur, "type"), "nt")
+ &&
+ pdb_gethexpwd(xmlNodeListGetString
+ (doc, cur->xmlChildrenNode, 1), temp))
+ pdb_set_nt_passwd(u, temp);
+ else if (!strcmp(xmlGetProp(cur, "type"), "lanman")
+ &&
+ pdb_gethexpwd(xmlNodeListGetString
+ (doc, cur->xmlChildrenNode, 1), temp))
+ pdb_set_lanman_passwd(u, temp);
+ else
+ DEBUG(0,
+ ("Unknown crypt type: %s\n",
+ xmlGetProp(cur, "type")));
+ }
+ cur = cur->next;
+ }
+ return True;
+}
+
+BOOL
+parseUser(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u)
+{
+ char *tmp;
+ DOM_SID sid;
+
+ tmp = xmlGetProp(cur, "sid");
+ if (tmp){
+ string_to_sid(&sid, tmp);
+ pdb_set_user_sid(u, &sid);
+ }
+ tmp = xmlGetProp(cur, "uid");
+ if (tmp)
+ pdb_set_uid(u, atol(tmp));
+ pdb_set_username(u, xmlGetProp(cur, "name"));
+ /* We don't care what the top level element name is */
+ cur = cur->xmlChildrenNode;
+ while (cur != NULL) {
+ if ((!strcmp(cur->name, "group")) && (cur->ns == ns)) {
+ tmp = xmlGetProp(cur, "gid");
+ if (tmp)
+ pdb_set_gid(u, atol(tmp));
+ tmp = xmlGetProp(cur, "sid");
+ if (tmp){
+ string_to_sid(&sid, tmp);
+ pdb_set_group_sid(u, &sid);
+ }
+ }
+
+ else if ((!strcmp(cur->name, "domain")) && (cur->ns == ns))
+ pdb_set_domain(u,
+ xmlNodeListGetString(doc, cur->xmlChildrenNode,
+ 1));
+
+ else if (!strcmp(cur->name, "fullname") && cur->ns == ns)
+ pdb_set_fullname(u,
+ xmlNodeListGetString(doc,
+ cur->xmlChildrenNode,
+ 1));
+
+ else if (!strcmp(cur->name, "nt_username") && cur->ns == ns)
+ pdb_set_nt_username(u,
+ xmlNodeListGetString(doc,
+ cur->xmlChildrenNode,
+ 1));
+
+ else if (!strcmp(cur->name, "logon_script") && cur->ns == ns)
+ pdb_set_logon_script(u,
+ xmlNodeListGetString(doc,
+ cur->xmlChildrenNode,
+ 1), True);
+
+ else if (!strcmp(cur->name, "profile_path") && cur->ns == ns)
+ pdb_set_profile_path(u,
+ xmlNodeListGetString(doc,
+ cur->xmlChildrenNode,
+ 1), True);
+
+ else if (!strcmp(cur->name, "logon_time") && cur->ns == ns)
+ pdb_set_logon_time(u,
+ atol(xmlNodeListGetString
+ (doc, cur->xmlChildrenNode, 1)), True);
+
+ else if (!strcmp(cur->name, "logoff_time") && cur->ns == ns)
+ pdb_set_logoff_time(u,
+ atol(xmlNodeListGetString
+ (doc, cur->xmlChildrenNode, 1)),
+ True);
+
+ else if (!strcmp(cur->name, "kickoff_time") && cur->ns == ns)
+ pdb_set_kickoff_time(u,
+ atol(xmlNodeListGetString
+ (doc, cur->xmlChildrenNode, 1)),
+ True);
+
+ else if (!strcmp(cur->name, "logon_divs") && cur->ns == ns)
+ pdb_set_logon_divs(u,
+ atol(xmlNodeListGetString
+ (doc, cur->xmlChildrenNode, 1)));
+
+ else if (!strcmp(cur->name, "hours_len") && cur->ns == ns)
+ pdb_set_hours_len(u,
+ atol(xmlNodeListGetString
+ (doc, cur->xmlChildrenNode, 1)));
+
+ else if (!strcmp(cur->name, "unknown_3") && cur->ns == ns)
+ pdb_set_unknown_3(u,
+ atol(xmlNodeListGetString
+ (doc, cur->xmlChildrenNode, 1)));
+
+ else if (!strcmp(cur->name, "unknown_5") && cur->ns == ns)
+ pdb_set_unknown_5(u,
+ atol(xmlNodeListGetString
+ (doc, cur->xmlChildrenNode, 1)));
+
+ else if (!strcmp(cur->name, "unknown_6") && cur->ns == ns)
+ pdb_set_unknown_6(u,
+ atol(xmlNodeListGetString
+ (doc, cur->xmlChildrenNode, 1)));
+
+ else if (!strcmp(cur->name, "homedir") && cur->ns == ns)
+ pdb_set_homedir(u,
+ xmlNodeListGetString(doc, cur->xmlChildrenNode,
+ 1), True);
+
+ else if (!strcmp(cur->name, "unknown_str") && cur->ns == ns)
+ pdb_set_unknown_str(u,
+ xmlNodeListGetString(doc,
+ cur->xmlChildrenNode,
+ 1));
+
+ else if (!strcmp(cur->name, "dir_drive") && cur->ns == ns)
+ pdb_set_dir_drive(u,
+ xmlNodeListGetString(doc,
+ cur->xmlChildrenNode,
+ 1), True);
+
+ else if (!strcmp(cur->name, "munged_dial") && cur->ns == ns)
+ pdb_set_munged_dial(u,
+ xmlNodeListGetString(doc,
+ cur->xmlChildrenNode,
+ 1));
+
+ else if (!strcmp(cur->name, "acct_desc") && cur->ns == ns)
+ pdb_set_acct_desc(u,
+ xmlNodeListGetString(doc,
+ cur->xmlChildrenNode,
+ 1));
+
+ else if (!strcmp(cur->name, "acct_ctrl") && cur->ns == ns)
+ pdb_set_acct_ctrl(u,
+ atol(xmlNodeListGetString
+ (doc, cur->xmlChildrenNode, 1)));
+
+ else if (!strcmp(cur->name, "workstations") && cur->ns == ns)
+ pdb_set_workstations(u,
+ xmlNodeListGetString(doc,
+ cur->xmlChildrenNode,
+ 1));
+
+ else if ((!strcmp(cur->name, "password")) && (cur->ns == ns)) {
+ tmp = xmlGetProp(cur, "last_set");
+ if (tmp)
+ pdb_set_pass_last_set_time(u, atol(tmp));
+ tmp = xmlGetProp(cur, "must_change");
+ if (tmp)
+ pdb_set_pass_must_change_time(u, atol(tmp), True);
+ tmp = xmlGetProp(cur, "can_change");
+ if (tmp)
+ pdb_set_pass_can_change_time(u, atol(tmp), True);
+ parsePass(doc, ns, cur, u);
+ }
+
+ else
+ DEBUG(0, ("Unknown element %s\n", cur->name));
+ cur = cur->next;
+ }
+
+ return True;
+}
+
+typedef struct pdb_xml {
+ char *location;
+ char written;
+ xmlDocPtr doc;
+ xmlNodePtr users;
+ xmlNodePtr pwent;
+ xmlNsPtr ns;
+} pdb_xml;
+
+xmlNodePtr
+parseSambaXMLFile(struct pdb_xml *data)
+{
+ xmlNodePtr cur;
+
+ data->doc = xmlParseFile(data->location);
+ if (data->doc == NULL)
+ return NULL;
+
+ cur = xmlDocGetRootElement(data->doc);
+ if (!cur) {
+ DEBUG(0, ("empty document\n"));
+ xmlFreeDoc(data->doc);
+ return NULL;
+ }
+ data->ns = xmlSearchNsByHref(data->doc, cur, XML_URL);
+ if (!data->ns) {
+ DEBUG(0,
+ ("document of the wrong type, samba user namespace not found\n"));
+ xmlFreeDoc(data->doc);
+ return NULL;
+ }
+ if (strcmp(cur->name, "samba")) {
+ DEBUG(0, ("document of the wrong type, root node != samba"));
+ xmlFreeDoc(data->doc);
+ return NULL;
+ }
+
+ cur = cur->xmlChildrenNode;
+ while (cur && xmlIsBlankNode(cur)) {
+ cur = cur->next;
+ }
+ if (!cur)
+ return NULL;
+ if ((strcmp(cur->name, "users")) || (cur->ns != data->ns)) {
+ DEBUG(0, ("document of the wrong type, was '%s', users expected",
+ cur->name));
+ DEBUG(0, ("xmlDocDump follows\n"));
+ xmlDocDump(stderr, data->doc);
+ DEBUG(0, ("xmlDocDump finished\n"));
+ xmlFreeDoc(data->doc);
+ return NULL;
+ }
+ data->users = cur;
+ cur = cur->xmlChildrenNode;
+ return cur;
+}
+
+static BOOL
+xmlsam_setsampwent(struct pdb_methods *methods, BOOL update)
+{
+ pdb_xml *data;
+
+ if (!methods) {
+ DEBUG(0, ("Invalid methods\n"));
+ return False;
+ }
+ data = (pdb_xml *) methods->private_data;
+ if (!data) {
+ DEBUG(0, ("Invalid pdb_xml_data\n"));
+ return False;
+ }
+ data->pwent = parseSambaXMLFile(data);
+ if (!data->pwent)
+ return False;
+ return True;
+}
+
+/***************************************************************
+ End enumeration of the passwd list.
+ ****************************************************************/
+
+static void
+xmlsam_endsampwent(struct pdb_methods *methods)
+{
+ pdb_xml *data;
+
+ if (!methods) {
+ DEBUG(0, ("Invalid methods\n"));
+ return;
+ }
+
+ data = (pdb_xml *) methods->private_data;
+
+ if (!data) {
+ DEBUG(0, ("Invalid pdb_xml_data\n"));
+ return;
+ }
+
+ xmlFreeDoc(data->doc);
+ data->doc = NULL;
+ data->pwent = NULL;
+}
+
+/*****************************************************************
+ Get one SAM_ACCOUNT from the list (next in line)
+ *****************************************************************/
+
+static BOOL
+xmlsam_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT * user)
+{
+ pdb_xml *data;
+
+ if (!methods) {
+ DEBUG(0, ("Invalid methods\n"));
+ return False;
+ }
+ data = (pdb_xml *) methods->private_data;
+
+ if (!data) {
+ DEBUG(0, ("Invalid pdb_xml_data\n"));
+ return False;
+ }
+
+ while (data->pwent) {
+ if ((!strcmp(data->pwent->name, "user")) &&
+ (data->pwent->ns == data->ns)) {
+
+ parseUser(data->doc, data->ns, data->pwent, user);
+ data->pwent = data->pwent->next;
+ return True;
+ }
+ data->pwent = data->pwent->next;
+ }
+ return False;
+}
+
+/***************************************************************************
+ Adds an existing SAM_ACCOUNT
+ ****************************************************************************/
+
+static BOOL
+xmlsam_add_sam_account(struct pdb_methods *methods, SAM_ACCOUNT * u)
+{
+ pstring temp;
+ fstring sid_str;
+ xmlNodePtr cur, user, pass, root;
+ pdb_xml *data;
+ uint32 store = pdb_get_init_flag(u);
+
+ DEBUG(10, ("xmlsam_add_sam_account called!\n"));
+
+ if (!methods) {
+ DEBUG(0, ("Invalid methods\n"));
+ return False;
+ }
+
+ data = (pdb_xml *) methods->private_data;
+ if (!data) {
+ DEBUG(0, ("Invalid pdb_xml_data\n"));
+ return False;
+ }
+
+ /* Create a new document if we can't open the current one */
+ if (!parseSambaXMLFile(data)) {
+ DEBUG(0, ("Can't load current XML file, creating a new one\n"));
+ data->doc = xmlNewDoc(XML_DEFAULT_VERSION);
+ root = xmlNewDocNode(data->doc, NULL, "samba", NULL);
+ cur = xmlDocSetRootElement(data->doc, root);
+ data->ns = xmlNewNs(root, XML_URL, "samba");
+ data->users = xmlNewChild(root, data->ns, "users", NULL);
+ }
+
+ user = xmlNewChild(data->users, data->ns, "user", NULL);
+ xmlNewProp(user, "sid",
+ sid_to_string(sid_str, pdb_get_user_sid(u)));
+ if (store & FLAG_SAM_UID)
+ xmlNewProp(user, "uid", iota(pdb_get_uid(u)));
+
+ if (pdb_get_username(u) && strcmp(pdb_get_username(u), ""))
+ xmlNewProp(user, "name", pdb_get_username(u));
+
+ cur = xmlNewChild(user, data->ns, "group", NULL);
+
+ xmlNewProp(cur, "sid",
+ sid_to_string(sid_str, pdb_get_group_sid(u)));
+ if (store & FLAG_SAM_GID)
+ xmlNewProp(cur, "gid", iota(pdb_get_gid(u)));
+
+ if (store & FLAG_SAM_LOGONTIME)
+ xmlNewChild(user, data->ns, "login_time",
+ iota(pdb_get_logon_time(u)));
+
+ if (store & FLAG_SAM_LOGOFFTIME)
+ xmlNewChild(user, data->ns, "logoff_time",
+ iota(pdb_get_logoff_time(u)));
+
+ if (store & FLAG_SAM_KICKOFFTIME)
+ xmlNewChild(user, data->ns, "kickoff_time",
+ iota(pdb_get_kickoff_time(u)));
+
+ if (pdb_get_domain(u) && strcmp(pdb_get_domain(u), ""))
+ xmlNewChild(user, data->ns, "domain", pdb_get_domain(u));
+
+ if (pdb_get_nt_username(u) && strcmp(pdb_get_nt_username(u), ""))
+ xmlNewChild(user, data->ns, "nt_username", pdb_get_nt_username(u));
+
+ if (pdb_get_fullname(u) && strcmp(pdb_get_fullname(u), ""))
+ xmlNewChild(user, data->ns, "fullname", pdb_get_fullname(u));
+
+ if (pdb_get_homedir(u) && strcmp(pdb_get_homedir(u), ""))
+ xmlNewChild(user, data->ns, "homedir", pdb_get_homedir(u));
+
+ if (pdb_get_dir_drive(u) && strcmp(pdb_get_dir_drive(u), ""))
+ xmlNewChild(user, data->ns, "dir_drive", pdb_get_dir_drive(u));
+
+ if (pdb_get_logon_script(u) && strcmp(pdb_get_logon_script(u), ""))
+ xmlNewChild(user, data->ns, "logon_script",
+ pdb_get_logon_script(u));
+
+ if (pdb_get_profile_path(u) && strcmp(pdb_get_profile_path(u), ""))
+ xmlNewChild(user, data->ns, "profile_path",
+ pdb_get_profile_path(u));
+
+ if (pdb_get_acct_desc(u) && strcmp(pdb_get_acct_desc(u), ""))
+ xmlNewChild(user, data->ns, "acct_desc", pdb_get_acct_desc(u));
+
+ if (pdb_get_workstations(u) && strcmp(pdb_get_workstations(u), ""))
+ xmlNewChild(user, data->ns, "workstations",
+ pdb_get_workstations(u));
+
+ if (pdb_get_unknown_str(u) && strcmp(pdb_get_unknown_str(u), ""))
+ xmlNewChild(user, data->ns, "unknown_str", pdb_get_unknown_str(u));
+
+ if (pdb_get_munged_dial(u) && strcmp(pdb_get_munged_dial(u), ""))
+ xmlNewChild(user, data->ns, "munged_dial", pdb_get_munged_dial(u));
+
+
+ /* Password stuff */
+ pass = xmlNewChild(user, data->ns, "password", NULL);
+ if (pdb_get_pass_last_set_time(u))
+ xmlNewProp(pass, "last_set", iota(pdb_get_pass_last_set_time(u)));
+ if (store & FLAG_SAM_CANCHANGETIME)
+ xmlNewProp(pass, "can_change",
+ iota(pdb_get_pass_can_change_time(u)));
+
+ if (store & FLAG_SAM_MUSTCHANGETIME)
+ xmlNewProp(pass, "must_change",
+ iota(pdb_get_pass_must_change_time(u)));
+
+
+ if (pdb_get_lanman_passwd(u)) {
+ pdb_sethexpwd(temp, pdb_get_lanman_passwd(u),
+ pdb_get_acct_ctrl(u));
+ cur = xmlNewChild(pass, data->ns, "crypt", temp);
+ xmlNewProp(cur, "type", "lanman");
+ }
+
+ if (pdb_get_nt_passwd(u)) {
+ pdb_sethexpwd(temp, pdb_get_nt_passwd(u), pdb_get_acct_ctrl(u));
+ cur = xmlNewChild(pass, data->ns, "crypt", temp);
+ xmlNewProp(cur, "type", "nt");
+ }
+
+ xmlNewChild(user, data->ns, "acct_ctrl", iota(pdb_get_acct_ctrl(u)));
+ xmlNewChild(user, data->ns, "unknown_3", iota(pdb_get_unknown3(u)));
+
+ if (pdb_get_logon_divs(u))
+ xmlNewChild(user, data->ns, "logon_divs",
+ iota(pdb_get_logon_divs(u)));
+
+ if (pdb_get_hours_len(u))
+ xmlNewChild(user, data->ns, "hours_len",
+ iota(pdb_get_hours_len(u)));
+
+ xmlNewChild(user, data->ns, "unknown_5", iota(pdb_get_unknown5(u)));
+ xmlNewChild(user, data->ns, "unknown_6", iota(pdb_get_unknown6(u)));
+ xmlSaveFile(data->location, data->doc);
+
+ return True;
+}
+
+NTSTATUS
+pdb_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method,
+ const char *location)
+{
+ NTSTATUS nt_status;
+ pdb_xml *data;
+
+ xmlsam_debug_level = debug_add_class("xmlsam");
+ if (xmlsam_debug_level == -1) {
+ xmlsam_debug_level = DBGC_ALL;
+ DEBUG(0, ("xmlsam: Couldn't register custom debugging class!\n"));
+ }
+
+ if (!pdb_context) {
+ DEBUG(0, ("invalid pdb_methods specified\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ if (!NT_STATUS_IS_OK
+ (nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
+ return nt_status;
+ }
+
+ (*pdb_method)->name = "xmlsam";
+
+ (*pdb_method)->setsampwent = xmlsam_setsampwent;
+ (*pdb_method)->endsampwent = xmlsam_endsampwent;
+ (*pdb_method)->getsampwent = xmlsam_getsampwent;
+ (*pdb_method)->add_sam_account = xmlsam_add_sam_account;
+ (*pdb_method)->getsampwnam = NULL;
+ (*pdb_method)->getsampwsid = NULL;
+ (*pdb_method)->update_sam_account = NULL;
+ (*pdb_method)->delete_sam_account = NULL;
+
+ data = talloc(pdb_context->mem_ctx, sizeof(pdb_xml));
+ data->location =
+ (location ? talloc_strdup(pdb_context->mem_ctx, location) : "-");
+ data->pwent = NULL;
+ data->written = 0;
+ (*pdb_method)->private_data = data;
+
+ LIBXML_TEST_VERSION xmlKeepBlanksDefault(0);
+
+ return NT_STATUS_OK;
+}