static bool get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
{
TDB_DATA dbuf;
char *key;
int ret = 0;
/* the key is the SID, retrieving is direct */
key = group_mapping_key(talloc_tos(), &sid);
if (key == NULL) {
return false;
}
dbuf = dbwrap_fetch_bystring(db, key, key);
if (dbuf.dptr == NULL) {
TALLOC_FREE(key);
return false;
}
ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
&map->gid, &map->sid_name_use,
&map->nt_name, &map->comment);
TALLOC_FREE(key);
if ( ret == -1 ) {
DEBUG(3,("get_group_map_from_sid: tdb_unpack failure\n"));
return false;
}
sid_copy(&map->sid, &sid);
return true;
}
static int dbwrap_tool_fetch_hex(struct db_context *db,
const char *keyname,
const char *data)
{
TDB_DATA tdbdata;
DATA_BLOB datablob;
NTSTATUS status;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
char *hex_string;
int ret;
status = dbwrap_fetch_bystring(db, tmp_ctx, keyname, &tdbdata);
if (NT_STATUS_IS_OK(status)) {
datablob.data = tdbdata.dptr;
datablob.length = tdbdata.dsize;
hex_string = data_blob_hex_string_upper(tmp_ctx, &datablob);
if (hex_string == NULL) {
d_fprintf(stderr, "ERROR: could not get hex string "
"from data blob\n");
ret = -1;
} else {
d_printf("%s\n", hex_string);
ret = 0;
}
} else {
d_fprintf(stderr, "ERROR: could not fetch hex key '%s': "
"%s\n", nt_errstr(status), keyname);
ret = -1;
}
talloc_free(tmp_ctx);
return ret;
}
static bool get_privileges( const DOM_SID *sid, SE_PRIV *mask )
{
struct db_context *db = get_account_pol_db();
fstring tmp, keystr;
TDB_DATA data;
/* Fail if the admin has not enable privileges */
if ( !lp_enable_privileges() ) {
return False;
}
if ( db == NULL )
return False;
/* PRIV_<SID> (NULL terminated) as the key */
fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid));
data = dbwrap_fetch_bystring( db, talloc_tos(), keystr );
if ( !data.dptr ) {
DEBUG(3, ("get_privileges: No privileges assigned to SID "
"[%s]\n", sid_string_dbg(sid)));
return False;
}
SMB_ASSERT( data.dsize == sizeof( SE_PRIV ) );
se_priv_copy( mask, (SE_PRIV*)data.dptr );
TALLOC_FREE(data.dptr);
return True;
}
NTSTATUS printer_list_get_last_refresh(time_t *last_refresh)
{
struct db_context *db;
TDB_DATA data;
uint32_t time_h, time_l;
NTSTATUS status;
int ret;
db = get_printer_list_db();
if (db == NULL) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
ZERO_STRUCT(data);
status = dbwrap_fetch_bystring(db, talloc_tos(), PL_TIMESTAMP_KEY, &data);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to fetch record!\n"));
goto done;
}
ret = tdb_unpack(data.dptr, data.dsize,
PL_TSTAMP_FORMAT, &time_h, &time_l);
if (ret == -1) {
DEBUG(1, ("Failed to un pack printer data"));
status = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto done;
}
*last_refresh = (time_t)(((uint64_t)time_h << 32) + time_l);
status = NT_STATUS_OK;
done:
return status;
}
static NTSTATUS idmap_tdb_sid_to_id(struct idmap_domain *dom, struct id_map *map)
{
NTSTATUS ret;
TDB_DATA data;
char *keystr;
unsigned long rec_id = 0;
struct idmap_tdb_context *ctx;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
ctx = talloc_get_type(dom->private_data, struct idmap_tdb_context);
keystr = sid_string_talloc(tmp_ctx, map->sid);
if (keystr == NULL) {
DEBUG(0, ("Out of memory!\n"));
ret = NT_STATUS_NO_MEMORY;
goto done;
}
DEBUG(10,("Fetching record %s\n", keystr));
/* Check if sid is present in database */
ret = dbwrap_fetch_bystring(ctx->db, tmp_ctx, keystr, &data);
if (!NT_STATUS_IS_OK(ret)) {
DEBUG(10,("Record %s not found\n", keystr));
ret = NT_STATUS_NONE_MAPPED;
goto done;
}
/* What type of record is this ? */
if (sscanf((const char *)data.dptr, "UID %lu", &rec_id) == 1) { /* Try a UID record. */
map->xid.id = rec_id;
map->xid.type = ID_TYPE_UID;
DEBUG(10,("Found uid record %s -> %s \n", keystr, (const char *)data.dptr ));
ret = NT_STATUS_OK;
} else if (sscanf((const char *)data.dptr, "GID %lu", &rec_id) == 1) { /* Try a GID record. */
map->xid.id = rec_id;
map->xid.type = ID_TYPE_GID;
DEBUG(10,("Found gid record %s -> %s \n", keystr, (const char *)data.dptr ));
ret = NT_STATUS_OK;
} else { /* Unknown record type ! */
DEBUG(2, ("Found INVALID record %s -> %s\n", keystr, (const char *)data.dptr));
ret = NT_STATUS_INTERNAL_DB_ERROR;
goto done;
}
/* apply filters before returning result */
if (!idmap_unix_id_is_in_range(map->xid.id, dom)) {
DEBUG(5, ("Requested id (%u) out of range (%u - %u). Filtered!\n",
map->xid.id, dom->low_id, dom->high_id));
ret = NT_STATUS_NONE_MAPPED;
}
done:
talloc_free(tmp_ctx);
return ret;
}
static NTSTATUS tdbsam_getsampwnam (struct pdb_methods *my_methods,
struct samu *user, const char *sname)
{
TDB_DATA data;
fstring keystr;
fstring name;
NTSTATUS status;
if ( !user ) {
DEBUG(0,("pdb_getsampwnam: struct samu is NULL.\n"));
return NT_STATUS_NO_MEMORY;
}
/* Data is stored in all lower-case */
fstrcpy(name, sname);
if (!strlower_m(name)) {
return NT_STATUS_INVALID_PARAMETER;
}
/* set search key */
fstr_sprintf(keystr, "%s%s", USERPREFIX, name);
/* open the database */
if ( !tdbsam_open( tdbsam_filename ) ) {
DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
return NT_STATUS_ACCESS_DENIED;
}
/* get the record */
status = dbwrap_fetch_bystring(db_sam, talloc_tos(), keystr, &data);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n"));
DEBUGADD(5, (" Key: %s\n", keystr));
return NT_STATUS_NO_SUCH_USER;
}
if (data.dsize == 0) {
DEBUG(5, ("%s: Got 0-sized record for key %s\n", __func__,
keystr));
return NT_STATUS_NO_SUCH_USER;
}
/* unpack the buffer */
if (!init_samu_from_buffer(user, SAMU_BUFFER_LATEST, data.dptr, data.dsize)) {
DEBUG(0,("pdb_getsampwent: Bad struct samu entry returned from TDB!\n"));
TALLOC_FREE(data.dptr);
return NT_STATUS_NO_MEMORY;
}
/* success */
TALLOC_FREE(data.dptr);
return NT_STATUS_OK;
}
struct security_descriptor *get_share_security( TALLOC_CTX *ctx, const char *servicename,
size_t *psize)
{
char *key;
struct security_descriptor *psd = NULL;
TDB_DATA data;
char *c_servicename = canonicalize_servicename(talloc_tos(), servicename);
NTSTATUS status;
if (!c_servicename) {
return NULL;
}
if (!share_info_db_init()) {
TALLOC_FREE(c_servicename);
return NULL;
}
if (!(key = talloc_asprintf(ctx, SHARE_SECURITY_DB_KEY_PREFIX_STR "%s", c_servicename))) {
TALLOC_FREE(c_servicename);
DEBUG(0, ("talloc_asprintf failed\n"));
return NULL;
}
TALLOC_FREE(c_servicename);
status = dbwrap_fetch_bystring(share_db, talloc_tos(), key, &data);
TALLOC_FREE(key);
if (!NT_STATUS_IS_OK(status)) {
return get_share_security_default(ctx, psize,
SEC_RIGHTS_DIR_ALL);
}
status = unmarshall_sec_desc(ctx, data.dptr, data.dsize, &psd);
TALLOC_FREE(data.dptr);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("unmarshall_sec_desc failed: %s\n",
nt_errstr(status)));
return get_share_security_default(ctx, psize,
SEC_RIGHTS_DIR_ALL);
}
if (psd) {
*psize = ndr_size_security_descriptor(psd, 0);
} else {
return get_share_security_default(ctx, psize,
SEC_RIGHTS_DIR_ALL);
}
return psd;
}
TDB_DATA dbwrap_fetch_bystring_upper(struct db_context *db, TALLOC_CTX *mem_ctx,
const char *key)
{
char *key_upper;
TDB_DATA result;
key_upper = talloc_strdup_upper(talloc_tos(), key);
if (key_upper == NULL) {
return make_tdb_data(NULL, 0);
}
result = dbwrap_fetch_bystring(db, mem_ctx, key_upper);
talloc_free(key_upper);
return result;
}
NTSTATUS dbwrap_fetch_bystring_upper(struct db_context *db, TALLOC_CTX *mem_ctx,
const char *key, TDB_DATA *value)
{
char *key_upper;
NTSTATUS status;
key_upper = talloc_strdup_upper(talloc_tos(), key);
if (key_upper == NULL) {
return NT_STATUS_NO_MEMORY;
}
status = dbwrap_fetch_bystring(db, mem_ctx, key_upper, value);
talloc_free(key_upper);
return status;
}
static bool get_group_map_from_sid(struct dom_sid sid, GROUP_MAP *map)
{
TDB_DATA dbuf;
char *key;
int ret = 0;
NTSTATUS status;
fstring nt_name;
fstring comment;
/* the key is the SID, retrieving is direct */
key = group_mapping_key(talloc_tos(), &sid);
if (key == NULL) {
return false;
}
status = dbwrap_fetch_bystring(db, key, key, &dbuf);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(key);
return false;
}
ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
&map->gid, &map->sid_name_use,
&nt_name, &comment);
TALLOC_FREE(key);
if ( ret == -1 ) {
DEBUG(3,("get_group_map_from_sid: tdb_unpack failure\n"));
return false;
}
sid_copy(&map->sid, &sid);
map->nt_name = talloc_strdup(map, nt_name);
if (!map->nt_name) {
return false;
}
map->comment = talloc_strdup(map, comment);
if (!map->comment) {
return false;
}
return true;
}
static NTSTATUS idmap_tdb_common_set_mapping_action(struct db_context *db,
void *private_data)
{
TDB_DATA data;
NTSTATUS ret;
struct idmap_tdb_common_set_mapping_context *state;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
state = (struct idmap_tdb_common_set_mapping_context *)private_data;
DEBUG(10, ("Storing %s <-> %s map\n", state->ksidstr, state->kidstr));
/* check whether sid mapping is already present in db */
ret = dbwrap_fetch_bystring(db, tmp_ctx, state->ksidstr, &data);
if (NT_STATUS_IS_OK(ret)) {
ret = NT_STATUS_OBJECT_NAME_COLLISION;
goto done;
}
ret = dbwrap_store_bystring(db, state->ksidstr,
string_term_tdb_data(state->kidstr),
TDB_INSERT);
if (!NT_STATUS_IS_OK(ret)) {
DEBUG(0, ("Error storing SID -> ID: %s\n", nt_errstr(ret)));
goto done;
}
ret = dbwrap_store_bystring(db, state->kidstr,
string_term_tdb_data(state->ksidstr),
TDB_INSERT);
if (!NT_STATUS_IS_OK(ret)) {
DEBUG(0, ("Error storing ID -> SID: %s\n", nt_errstr(ret)));
/* try to remove the previous stored SID -> ID map */
dbwrap_delete_bystring(db, state->ksidstr);
goto done;
}
DEBUG(10, ("Stored %s <-> %s\n", state->ksidstr, state->kidstr));
done:
talloc_free(tmp_ctx);
return ret;
}
static NTSTATUS one_alias_membership(const struct dom_sid *member,
struct dom_sid **sids, size_t *num)
{
fstring tmp;
fstring key;
char *string_sid;
TDB_DATA dbuf;
const char *p;
NTSTATUS status = NT_STATUS_OK;
TALLOC_CTX *frame = talloc_stackframe();
slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX,
sid_to_fstring(tmp, member));
dbuf = dbwrap_fetch_bystring(db, frame, key);
if (dbuf.dptr == NULL) {
TALLOC_FREE(frame);
return NT_STATUS_OK;
}
p = (const char *)dbuf.dptr;
while (next_token_talloc(frame, &p, &string_sid, " ")) {
struct dom_sid alias;
uint32_t num_sids;
if (!string_to_sid(&alias, string_sid))
continue;
num_sids = *num;
status= add_sid_to_array_unique(NULL, &alias, sids, &num_sids);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
*num = num_sids;
}
done:
TALLOC_FREE(frame);
return status;
}
SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename,
size_t *psize)
{
char *key;
SEC_DESC *psd = NULL;
TDB_DATA data;
NTSTATUS status;
if (!share_info_db_init()) {
return NULL;
}
if (!(key = talloc_asprintf(ctx, "SECDESC/%s", servicename))) {
DEBUG(0, ("talloc_asprintf failed\n"));
return NULL;
}
data = dbwrap_fetch_bystring(share_db, talloc_tos(), key);
TALLOC_FREE(key);
if (data.dptr == NULL) {
return get_share_security_default(ctx, psize,
GENERIC_ALL_ACCESS);
}
status = unmarshall_sec_desc(ctx, data.dptr, data.dsize, &psd);
TALLOC_FREE(data.dptr);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("unmarshall_sec_desc failed: %s\n",
nt_errstr(status)));
return NULL;
}
if (psd)
*psize = ndr_size_security_descriptor(psd, NULL, 0);
return psd;
}
static int dbwrap_tool_fetch_string(struct db_context *db,
const char *keyname,
const char *data)
{
TDB_DATA tdbdata;
NTSTATUS status;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
int ret;
status = dbwrap_fetch_bystring(db, tmp_ctx, keyname, &tdbdata);
if (NT_STATUS_IS_OK(status)) {
d_printf("%-*.*s\n", (int)tdbdata.dsize, (int)tdbdata.dsize,
tdbdata.dptr);
ret = 0;
} else {
d_fprintf(stderr, "ERROR: could not fetch string key '%s': "
"%s\n", nt_errstr(status), keyname);
ret = -1;
}
talloc_free(tmp_ctx);
return ret;
}
/*
load the notify array
*/
static NTSTATUS notify_load(struct notify_context *notify)
{
TDB_DATA dbuf;
DATA_BLOB blob;
enum ndr_err_code ndr_err;
int seqnum;
NTSTATUS status;
seqnum = dbwrap_get_seqnum(notify->db);
if (seqnum == notify->seqnum && notify->array != NULL) {
return NT_STATUS_OK;
}
notify->seqnum = seqnum;
talloc_free(notify->array);
notify->array = talloc_zero(notify, struct notify_array);
NT_STATUS_HAVE_NO_MEMORY(notify->array);
status = dbwrap_fetch_bystring(notify->db, notify, NOTIFY_KEY, &dbuf);
if (!NT_STATUS_IS_OK(status)) {
return NT_STATUS_OK;
}
blob.data = dbuf.dptr;
blob.length = dbuf.dsize;
ndr_err = ndr_pull_struct_blob(&blob, notify->array, notify->array,
(ndr_pull_flags_fn_t)ndr_pull_notify_array);
talloc_free(dbuf.dptr);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return ndr_map_error2ntstatus(ndr_err);
}
return NT_STATUS_OK;
}
static NTSTATUS tdbsam_getsampwrid (struct pdb_methods *my_methods,
struct samu *user, uint32_t rid)
{
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
TDB_DATA data;
fstring keystr;
fstring name;
if ( !user ) {
DEBUG(0,("pdb_getsampwrid: struct samu is NULL.\n"));
return nt_status;
}
/* set search key */
fstr_sprintf(keystr, "%s%.8x", RIDPREFIX, rid);
/* open the database */
if ( !tdbsam_open( tdbsam_filename ) ) {
DEBUG(0,("tdbsam_getsampwrid: failed to open %s!\n", tdbsam_filename));
return NT_STATUS_ACCESS_DENIED;
}
/* get the record */
nt_status = dbwrap_fetch_bystring(db_sam, talloc_tos(), keystr, &data);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(5,("pdb_getsampwrid (TDB): error looking up RID %d by key %s.\n", rid, keystr));
return nt_status;
}
fstrcpy(name, (const char *)data.dptr);
TALLOC_FREE(data.dptr);
return tdbsam_getsampwnam (my_methods, user, name);
}
NTSTATUS dbwrap_fetch_uint32_bystring(struct db_context *db,
const char *keystr, uint32_t *val)
{
TDB_DATA dbuf;
NTSTATUS status;
if (val == NULL) {
return NT_STATUS_INVALID_PARAMETER;
}
status = dbwrap_fetch_bystring(db, talloc_tos(), keystr, &dbuf);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if ((dbuf.dptr == NULL) || (dbuf.dsize != sizeof(uint32_t))) {
TALLOC_FREE(dbuf.dptr);
return NT_STATUS_NOT_FOUND;
}
*val = IVAL(dbuf.dptr, 0);
TALLOC_FREE(dbuf.dptr);
return NT_STATUS_OK;
}
static NTSTATUS idmap_tdb_id_to_sid(struct idmap_domain *dom, struct id_map *map)
{
NTSTATUS ret;
TDB_DATA data;
char *keystr;
struct idmap_tdb_context *ctx;
if (!dom || !map) {
return NT_STATUS_INVALID_PARAMETER;
}
ctx = talloc_get_type(dom->private_data, struct idmap_tdb_context);
/* apply filters before checking */
if (!idmap_unix_id_is_in_range(map->xid.id, dom)) {
DEBUG(5, ("Requested id (%u) out of range (%u - %u). Filtered!\n",
map->xid.id, dom->low_id, dom->high_id));
return NT_STATUS_NONE_MAPPED;
}
switch (map->xid.type) {
case ID_TYPE_UID:
keystr = talloc_asprintf(ctx, "UID %lu", (unsigned long)map->xid.id);
break;
case ID_TYPE_GID:
keystr = talloc_asprintf(ctx, "GID %lu", (unsigned long)map->xid.id);
break;
default:
DEBUG(2, ("INVALID unix ID type: 0x02%x\n", map->xid.type));
return NT_STATUS_INVALID_PARAMETER;
}
/* final SAFE_FREE safe */
data.dptr = NULL;
if (keystr == NULL) {
DEBUG(0, ("Out of memory!\n"));
ret = NT_STATUS_NO_MEMORY;
goto done;
}
DEBUG(10,("Fetching record %s\n", keystr));
/* Check if the mapping exists */
ret = dbwrap_fetch_bystring(ctx->db, NULL, keystr, &data);
if (!NT_STATUS_IS_OK(ret)) {
DEBUG(10,("Record %s not found\n", keystr));
ret = NT_STATUS_NONE_MAPPED;
goto done;
}
if (!string_to_sid(map->sid, (const char *)data.dptr)) {
DEBUG(10,("INVALID SID (%s) in record %s\n",
(const char *)data.dptr, keystr));
ret = NT_STATUS_INTERNAL_DB_ERROR;
goto done;
}
DEBUG(10,("Found record %s -> %s\n", keystr, (const char *)data.dptr));
ret = NT_STATUS_OK;
done:
talloc_free(data.dptr);
talloc_free(keystr);
return ret;
}
