|
|
|
1 |
/* |
2 |
* Samba LDB module univention_machine_secret |
3 |
* sample LDB Module for storing /tmp/machine.secret |
4 |
* |
5 |
* Copyright 2011-2012 Univention GmbH |
6 |
* |
7 |
* http://www.univention.de/ |
8 |
* |
9 |
* All rights reserved. |
10 |
* |
11 |
* The source code of this program is made available |
12 |
* under the terms of the GNU Affero General Public License version 3 |
13 |
* (GNU AGPL V3) as published by the Free Software Foundation. |
14 |
* |
15 |
* Binary versions of this program provided by Univention to you as |
16 |
* well as other copyrighted, protected or trademarked materials like |
17 |
* Logos, graphics, fonts, specific documentations and configurations, |
18 |
* cryptographic keys etc. are subject to a license agreement between |
19 |
* you and Univention and not subject to the GNU AGPL V3. |
20 |
* |
21 |
* In the case you use this program under the terms of the GNU AGPL V3, |
22 |
* the program is provided in the hope that it will be useful, |
23 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
24 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
25 |
* GNU Affero General Public License for more details. |
26 |
* |
27 |
* You should have received a copy of the GNU Affero General Public |
28 |
* License with the Debian GNU/Linux or Univention distribution in file |
29 |
* /usr/share/common-licenses/AGPL-3; if not, see |
30 |
* <http://www.gnu.org/licenses/>. |
31 |
*/ |
32 |
|
33 |
/* univention_machine_secret was derived from the tests/sample_module |
34 |
|
35 |
Unix SMB/CIFS implementation. |
36 |
Samba utility functions |
37 |
Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007 |
38 |
|
39 |
** NOTE! The following LGPL license applies to the ldb |
40 |
** library. This does NOT imply that all of Samba is released |
41 |
** under the LGPL |
42 |
|
43 |
This library is free software; you can redistribute it and/or |
44 |
modify it under the terms of the GNU Lesser General Public |
45 |
License as published by the Free Software Foundation; either |
46 |
version 3 of the License, or (at your option) any later version. |
47 |
|
48 |
This library is distributed in the hope that it will be useful, |
49 |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
50 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
51 |
Lesser General Public License for more details. |
52 |
|
53 |
You should have received a copy of the GNU Lesser General Public |
54 |
License along with this library; if not, see <http://www.gnu.org/licenses/>. |
55 |
*/ |
56 |
|
57 |
#include "ldb_module.h" |
58 |
#include <unistd.h> |
59 |
#include <fcntl.h> |
60 |
|
61 |
static int univention_machine_secret_add(struct ldb_module *module, struct ldb_request *req) |
62 |
{ |
63 |
struct ldb_message_element *attribute; |
64 |
struct ldb_context *ldb; |
65 |
TALLOC_CTX *tmp_ctx; |
66 |
char hostname[256]; |
67 |
struct ldb_result *res = NULL; |
68 |
int fd; |
69 |
int ret; |
70 |
ldb = ldb_module_get_ctx(module); |
71 |
ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_add\n")); |
72 |
|
73 |
ret = ldb_next_request(module, req); |
74 |
|
75 |
if ( ret == LDB_SUCCESS ) { |
76 |
attribute = ldb_msg_find_element(req->op.add.message, "secret"); |
77 |
if (attribute) { |
78 |
ldb = ldb_module_get_ctx(module); |
79 |
tmp_ctx = talloc_new(module); |
80 |
hostname[255] = '\0'; |
81 |
gethostname(hostname, 255); |
82 |
static const char * const attrs[] = { "dn", NULL }; |
83 |
ret = ldb_search(ldb, tmp_ctx, &res, req->op.mod.message->dn, LDB_SCOPE_BASE, attrs, "samAccountName=%s$", hostname); |
84 |
if ( ret == LDB_SUCCESS && attribute->num_values == 1 ) { |
85 |
ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_add: secret modified: %s\n", (const char *)attribute->values[0].data)); |
86 |
fd = open("/tmp/machine.secret", O_WRONLY |O_CREAT |O_TRUNC); |
87 |
if (fd != -1) { |
88 |
write(fd, (const char *)attribute->values[0].data, attribute->values[0].length); |
89 |
close(fd); |
90 |
} else { |
91 |
ldb_debug(ldb, LDB_DEBUG_ERROR, ("LDB_univention_machine_secret: error opening file /tmp/machine.secret\n")); |
92 |
} |
93 |
} |
94 |
talloc_free(tmp_ctx); |
95 |
} |
96 |
} |
97 |
|
98 |
return ret; |
99 |
} |
100 |
|
101 |
static int univention_machine_secret_modify(struct ldb_module *module, struct ldb_request *req) |
102 |
{ |
103 |
struct ldb_message_element *attribute; |
104 |
struct ldb_context *ldb; |
105 |
TALLOC_CTX *tmp_ctx; |
106 |
char hostname[256]; |
107 |
struct ldb_result *res = NULL; |
108 |
int fd; |
109 |
int ret; |
110 |
ldb = ldb_module_get_ctx(module); |
111 |
ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_modify\n")); |
112 |
|
113 |
ret = ldb_next_request(module, req); |
114 |
|
115 |
if ( ret == LDB_SUCCESS ) { |
116 |
attribute = ldb_msg_find_element(req->op.mod.message, "secret"); |
117 |
if (attribute) { |
118 |
ldb = ldb_module_get_ctx(module); |
119 |
tmp_ctx = talloc_new(module); |
120 |
hostname[255] = '\0'; |
121 |
gethostname(hostname, 255); |
122 |
static const char * const attrs[] = { "dn", NULL }; |
123 |
ret = ldb_search(ldb, tmp_ctx, &res, req->op.mod.message->dn, LDB_SCOPE_BASE, attrs, "samAccountName=%s$", hostname); |
124 |
if ( ret == LDB_SUCCESS && attribute->num_values == 1 ) { |
125 |
ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_modify: secret modified: %s\n", (const char *)attribute->values[0].data)); |
126 |
fd = open("/tmp/machine.secret", O_WRONLY |O_CREAT |O_TRUNC); |
127 |
if (fd != -1) { |
128 |
write(fd, (const char *)attribute->values[0].data, attribute->values[0].length); |
129 |
close(fd); |
130 |
} else { |
131 |
ldb_debug(ldb, LDB_DEBUG_ERROR, ("LDB_univention_machine_secret: error opening file /tmp/machine.secret\n")); |
132 |
} |
133 |
} |
134 |
talloc_free(tmp_ctx); |
135 |
} |
136 |
} |
137 |
|
138 |
return ret; |
139 |
} |
140 |
|
141 |
static struct ldb_module_ops ldb_univention_machine_secret_module_ops = { |
142 |
.name = "univention_machine_secret", |
143 |
.add = univention_machine_secret_add, |
144 |
.modify = univention_machine_secret_modify, |
145 |
}; |
146 |
|
147 |
int ldb_univention_machine_secret_init(const char *version) |
148 |
{ |
149 |
LDB_MODULE_CHECK_VERSION(version); |
150 |
return ldb_register_module(&ldb_univention_machine_secret_module_ops); |
151 |
} |