diff options
| author | Luke Leighton <lkcl@samba.org> | 2000-03-21 21:08:07 +0000 |
|---|---|---|
| committer | Luke Leighton <lkcl@samba.org> | 2000-03-21 21:08:07 +0000 |
| commit | 96717211edcc389daa4494907251ffb79ffa56d9 (patch) | |
| tree | f2add2f7d7009299897a7dadfcaeb42bd4cf93b3 | |
| parent | 171222ce22595743a052e5c3d4428ce916d7c345 (diff) | |
| download | samba-96717211edcc389daa4494907251ffb79ffa56d9.tar.gz | |
indent update to make t easier to see setuid mods in TNG. some
code from these modules i had to leave out (nothing to do withj setuid)
| -rw-r--r-- | source/.indent.pro | 14 | ||||
| -rw-r--r-- | source/auth/pass_check.c | 825 | ||||
| -rw-r--r-- | source/passdb/pass_check.c | 825 | ||||
| -rw-r--r-- | source/rpcclient/rpcclient.c | 2 | ||||
| -rw-r--r-- | source/smbd/chgpasswd.c | 1013 |
5 files changed, 1492 insertions, 1187 deletions
diff --git a/source/.indent.pro b/source/.indent.pro new file mode 100644 index 00000000000..43948ca263d --- /dev/null +++ b/source/.indent.pro @@ -0,0 +1,14 @@ +-cli8 -cbi0 -bli0 -bl -i8 -npsl -npcs -bbo -ncs -hnl +-T BOOL +-T pstring +-T fstring +-T tdb_len +-T tdb_off +-T uint32 +-T uint16 +-T uint8 +-T LDAPDB +-T PLDAPDB +-T POLICY_HND +-T UNISTR2 +-T DOM_SID diff --git a/source/auth/pass_check.c b/source/auth/pass_check.c index 11ce0d754e8..c3e56697476 100644 --- a/source/auth/pass_check.c +++ b/source/auth/pass_check.c @@ -27,9 +27,9 @@ extern int DEBUGLEVEL; /* these are kept here to keep the string_combinations function simple */ -static char this_user[100]=""; -static char this_salt[100]=""; -static char this_crypted[100]=""; +static char this_user[100] = ""; +static char this_salt[100] = ""; +static char this_crypted[100] = ""; #ifdef WITH_PAM @@ -49,88 +49,94 @@ static char *PAM_password; * Here we assume (for now, at least) that echo on means login name, and * echo off means password. */ -static int PAM_conv (int num_msg, - const struct pam_message **msg, - struct pam_response **resp, - void *appdata_ptr) { - int replies = 0; - struct pam_response *reply = NULL; - - #define COPY_STRING(s) (s) ? strdup(s) : NULL - - reply = malloc(sizeof(struct pam_response) * num_msg); - if (!reply) return PAM_CONV_ERR; - - for (replies = 0; replies < num_msg; replies++) { - switch (msg[replies]->msg_style) { - case PAM_PROMPT_ECHO_ON: - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = COPY_STRING(PAM_username); - /* PAM frees resp */ - break; - case PAM_PROMPT_ECHO_OFF: - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = COPY_STRING(PAM_password); - /* PAM frees resp */ - break; - case PAM_TEXT_INFO: - /* fall through */ - case PAM_ERROR_MSG: - /* ignore it... */ - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = NULL; - break; - default: - /* Must be an error of some sort... */ - free (reply); - return PAM_CONV_ERR; - } - } - if (reply) *resp = reply; - return PAM_SUCCESS; +static int PAM_conv(int num_msg, + const struct pam_message **msg, + struct pam_response **resp, void *appdata_ptr) +{ + int replies = 0; + struct pam_response *reply = NULL; + +#define COPY_STRING(s) (s) ? strdup(s) : NULL + + reply = malloc(sizeof(struct pam_response) * num_msg); + if (!reply) + return PAM_CONV_ERR; + + for (replies = 0; replies < num_msg; replies++) + { + switch (msg[replies]->msg_style) + { + case PAM_PROMPT_ECHO_ON: + reply[replies].resp_retcode = PAM_SUCCESS; + reply[replies].resp = + COPY_STRING(PAM_username); + /* PAM frees resp */ + break; + case PAM_PROMPT_ECHO_OFF: + reply[replies].resp_retcode = PAM_SUCCESS; + reply[replies].resp = + COPY_STRING(PAM_password); + /* PAM frees resp */ + break; + case PAM_TEXT_INFO: + /* fall through */ + case PAM_ERROR_MSG: + /* ignore it... */ + reply[replies].resp_retcode = PAM_SUCCESS; + reply[replies].resp = NULL; + break; + default: + /* Must be an error of some sort... */ + free(reply); + return PAM_CONV_ERR; + } + } + if (reply) + *resp = reply; + return PAM_SUCCESS; } static struct pam_conv PAM_conversation = { - &PAM_conv, - NULL + &PAM_conv, + NULL }; -static BOOL pam_auth(char *user,char *password) +static BOOL pam_auth(char *user, char *password) { - pam_handle_t *pamh; - int pam_error; - - /* Now use PAM to do authentication. For now, we won't worry about - * session logging, only authentication. Bail out if there are any - * errors. Since this is a limited protocol, and an even more limited - * function within a server speaking this protocol, we can't be as - * verbose as would otherwise make sense. - * Query: should we be using PAM_SILENT to shut PAM up? - */ - #define PAM_BAIL if (pam_error != PAM_SUCCESS) { \ + pam_handle_t *pamh; + int pam_error; + + /* Now use PAM to do authentication. For now, we won't worry about + * session logging, only authentication. Bail out if there are any + * errors. Since this is a limited protocol, and an even more limited + * function within a server speaking this protocol, we can't be as + * verbose as would otherwise make sense. + * Query: should we be using PAM_SILENT to shut PAM up? + */ +#define PAM_BAIL if (pam_error != PAM_SUCCESS) { \ pam_end(pamh, 0); return False; \ } - PAM_password = password; - PAM_username = user; - pam_error = pam_start("samba", user, &PAM_conversation, &pamh); - PAM_BAIL; + PAM_password = password; + PAM_username = user; + pam_error = pam_start("samba", user, &PAM_conversation, &pamh); + PAM_BAIL; /* Setting PAM_SILENT stops generation of error messages to syslog * to enable debugging on Red Hat Linux set: * /etc/pam.d/samba: * auth required /lib/security/pam_pwdb.so nullok shadow audit * _OR_ change PAM_SILENT to 0 to force detailed reporting (logging) */ - pam_error = pam_authenticate(pamh, PAM_SILENT); - PAM_BAIL; - /* It is not clear to me that account management is the right thing - * to do, but it is not clear that it isn't, either. This can be - * removed if no account management should be done. Alternately, - * put a pam_allow.so entry in /etc/pam.conf for account handling. */ - pam_error = pam_acct_mgmt(pamh, PAM_SILENT); - PAM_BAIL; - pam_end(pamh, PAM_SUCCESS); - /* If this point is reached, the user has been authenticated. */ - return(True); + pam_error = pam_authenticate(pamh, PAM_SILENT); + PAM_BAIL; + /* It is not clear to me that account management is the right thing + * to do, but it is not clear that it isn't, either. This can be + * removed if no account management should be done. Alternately, + * put a pam_allow.so entry in /etc/pam.conf for account handling. */ + pam_error = pam_acct_mgmt(pamh, PAM_SILENT); + PAM_BAIL; + pam_end(pamh, PAM_SUCCESS); + /* If this point is reached, the user has been authenticated. */ + return (True); } #endif @@ -143,27 +149,27 @@ static BOOL pam_auth(char *user,char *password) /******************************************************************* check on AFS authentication ********************************************************************/ -static BOOL afs_auth(char *user,char *password) +static BOOL afs_auth(char *user, char *password) { long password_expires = 0; char *reason; - + /* For versions of AFS prior to 3.3, this routine has few arguments, */ /* but since I can't find the old documentation... :-) */ setpag(); - if (ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION+KA_USERAUTH_DOSETPAG, - user, - (char *) 0, /* instance */ - (char *) 0, /* cell */ - password, - 0, /* lifetime, default */ - &password_expires, /*days 'til it expires */ - 0, /* spare 2 */ - &reason) == 0) { - return(True); - } - DEBUG(1,("AFS authentication for \"%s\" failed (%s)\n", user, reason)); - return(False); + if (ka_UserAuthenticateGeneral + (KA_USERAUTH_VERSION + KA_USERAUTH_DOSETPAG, user, (char *)0, /* instance */ + (char *)0, /* cell */ + password, 0, /* lifetime, default */ + &password_expires, /*days 'til it expires */ + 0, /* spare 2 */ + &reason) == 0) + { + return (True); + } + DEBUG(1, + ("AFS authentication for \"%s\" failed (%s)\n", user, reason)); + return (False); } #endif @@ -192,7 +198,7 @@ int dcelogin_atmost_once = 0; /******************************************************************* check on a DCE/DFS authentication ********************************************************************/ -static BOOL dfs_auth(char *user,char *password) +static BOOL dfs_auth(char *user, char *password) { error_status_t err; int err2; @@ -205,7 +211,8 @@ static BOOL dfs_auth(char *user,char *password) unsigned char dce_errstr[dce_c_error_string_len]; gid_t egid; - if (dcelogin_atmost_once) return(False); + if (dcelogin_atmost_once) + return (False); #ifdef HAVE_CRYPT /* @@ -214,112 +221,125 @@ static BOOL dfs_auth(char *user,char *password) * Assumes local passwd file is kept in sync w/ DCE RGY! */ - if (strcmp((char *)crypt(password,this_salt),this_crypted)) { - return(False); + if (strcmp((char *)crypt(password, this_salt), this_crypted)) + { + return (False); } #endif sec_login_get_current_context(&my_dce_sec_context, &err); - if (err != error_status_ok ) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get current context. %s\n", dce_errstr)); + DEBUG(0, ("DCE can't get current context. %s\n", dce_errstr)); - return(False); + return (False); } sec_login_certify_identity(my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get current context. %s\n", dce_errstr)); - - return(False); + DEBUG(0, ("DCE can't get current context. %s\n", dce_errstr)); + + return (False); } sec_login_get_expiration(my_dce_sec_context, &expire_time, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get expiration. %s\n", dce_errstr)); - - return(False); + DEBUG(0, ("DCE can't get expiration. %s\n", dce_errstr)); + + return (False); } - + time(¤t_time); - if (expire_time < (current_time + 60)) { - struct passwd *pw; + if (expire_time < (current_time + 60)) + { + struct passwd *pw; sec_passwd_rec_t *key; - - sec_login_get_pwent(my_dce_sec_context, - (sec_login_passwd_t*)&pw, &err); - if (err != error_status_ok ) { + + sec_login_get_pwent(my_dce_sec_context, + (sec_login_passwd_t *) & pw, &err); + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get pwent. %s\n", dce_errstr)); - - return(False); + DEBUG(0, ("DCE can't get pwent. %s\n", dce_errstr)); + + return (False); } - + sec_login_refresh_identity(my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't refresh identity. %s\n", - dce_errstr)); - - return(False); + DEBUG(0, ("DCE can't refresh identity. %s\n", + dce_errstr)); + + return (False); } - + sec_key_mgmt_get_key(rpc_c_authn_dce_secret, NULL, (unsigned char *)pw->pw_name, sec_c_key_version_none, - (void**)&key, &err); - if (err != error_status_ok) { + (void **)&key, &err); + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get key for %s. %s\n", - pw->pw_name, dce_errstr)); + DEBUG(0, ("DCE can't get key for %s. %s\n", + pw->pw_name, dce_errstr)); - return(False); + return (False); } - + sec_login_valid_and_cert_ident(my_dce_sec_context, key, - &password_reset, &auth_src, + &password_reset, &auth_src, &err); - if (err != error_status_ok ) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't validate and certify identity for %s. %s\n", - pw->pw_name, dce_errstr)); + DEBUG(0, + ("DCE can't validate and certify identity for %s. %s\n", + pw->pw_name, dce_errstr)); } - + sec_key_mgmt_free_key(key, &err); - if (err != error_status_ok ) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't free key.\n", dce_errstr)); + DEBUG(0, ("DCE can't free key.\n", dce_errstr)); } } if (sec_login_setup_identity((unsigned char *)user, sec_login_no_flags, - &my_dce_sec_context, - &err) == 0) { + &my_dce_sec_context, &err) == 0) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE Setup Identity for %s failed: %s\n", - user,dce_errstr)); - return(False); + DEBUG(0, ("DCE Setup Identity for %s failed: %s\n", + user, dce_errstr)); + return (False); } - sec_login_get_pwent(my_dce_sec_context, - (sec_login_passwd_t*)&pw, &err); - if (err != error_status_ok) { + sec_login_get_pwent(my_dce_sec_context, + (sec_login_passwd_t *) & pw, &err); + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get pwent. %s\n", dce_errstr)); - - return(False); + DEBUG(0, ("DCE can't get pwent. %s\n", dce_errstr)); + + return (False); } sec_login_purge_context(&my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't purge context. %s\n", dce_errstr)); + DEBUG(0, ("DCE can't purge context. %s\n", dce_errstr)); - return(False); + return (False); } /* @@ -330,117 +350,129 @@ static BOOL dfs_auth(char *user,char *password) * this should be ok. I have added code to go * back to being root on error though. JRA. */ - + egid = getegid(); - if (set_effective_gid(pw->pw_gid) != 0) { - DEBUG(0,("Can't set egid to %d (%s)\n", - pw->pw_gid, strerror(errno))); + if (set_effective_gid(pw->pw_gid) != 0) + { + DEBUG(0, ("Can't set egid to %d (%s)\n", + pw->pw_gid, strerror(errno))); return False; } - if (set_effective_uid(pw->pw_uid) != 0) { + if (set_effective_uid(pw->pw_uid) != 0) + { set_effective_gid(egid); - DEBUG(0,("Can't set euid to %d (%s)\n", - pw->pw_uid, strerror(errno))); + DEBUG(0, ("Can't set euid to %d (%s)\n", + pw->pw_uid, strerror(errno))); return False; } - + if (sec_login_setup_identity((unsigned char *)user, sec_login_no_flags, - &my_dce_sec_context, - &err) == 0) { + &my_dce_sec_context, &err) == 0) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE Setup Identity for %s failed: %s\n", - user,dce_errstr)); + DEBUG(0, ("DCE Setup Identity for %s failed: %s\n", + user, dce_errstr)); goto err; } - sec_login_get_pwent(my_dce_sec_context, - (sec_login_passwd_t*)&pw, &err); - if (err != error_status_ok ) { + sec_login_get_pwent(my_dce_sec_context, + (sec_login_passwd_t *) & pw, &err); + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get pwent. %s\n", dce_errstr)); + DEBUG(0, ("DCE can't get pwent. %s\n", dce_errstr)); goto err; } passwd_rec.version_number = sec_passwd_c_version_none; passwd_rec.pepper = NULL; passwd_rec.key.key_type = sec_passwd_plain; - passwd_rec.key.tagged_union.plain = (idl_char *)password; - + passwd_rec.key.tagged_union.plain = (idl_char *) password; + sec_login_validate_identity(my_dce_sec_context, &passwd_rec, &password_reset, &auth_src, &err); - if (err != error_status_ok ) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE Identity Validation failed for principal %s: %s\n", - user,dce_errstr)); + DEBUG(0, + ("DCE Identity Validation failed for principal %s: %s\n", + user, dce_errstr)); goto err; } sec_login_certify_identity(my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE certify identity failed: %s\n", dce_errstr)); + DEBUG(0, ("DCE certify identity failed: %s\n", dce_errstr)); goto err; } - if (auth_src != sec_login_auth_src_network) { - DEBUG(0,("DCE context has no network credentials.\n")); + if (auth_src != sec_login_auth_src_network) + { + DEBUG(0, ("DCE context has no network credentials.\n")); } sec_login_set_context(my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE login failed for principal %s, cant set context: %s\n", - user,dce_errstr)); - + DEBUG(0, + ("DCE login failed for principal %s, cant set context: %s\n", + user, dce_errstr)); + sec_login_purge_context(&my_dce_sec_context, &err); goto err; } - - sec_login_get_pwent(my_dce_sec_context, - (sec_login_passwd_t*)&pw, &err); - if (err != error_status_ok) { + + sec_login_get_pwent(my_dce_sec_context, + (sec_login_passwd_t *) & pw, &err); + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get pwent. %s\n", dce_errstr)); + DEBUG(0, ("DCE can't get pwent. %s\n", dce_errstr)); goto err; } - - DEBUG(0,("DCE login succeeded for principal %s on pid %d\n", - user, getpid())); - - DEBUG(3,("DCE principal: %s\n" - " uid: %d\n" - " gid: %d\n", - pw->pw_name, pw->pw_uid, pw->pw_gid)); - DEBUG(3,(" info: %s\n" - " dir: %s\n" - " shell: %s\n", - pw->pw_gecos, pw->pw_dir, pw->pw_shell)); - + + DEBUG(0, ("DCE login succeeded for principal %s on pid %d\n", + user, getpid())); + + DEBUG(3, ("DCE principal: %s\n" + " uid: %d\n" + " gid: %d\n", + pw->pw_name, pw->pw_uid, pw->pw_gid)); + DEBUG(3, (" info: %s\n" + " dir: %s\n" + " shell: %s\n", + pw->pw_gecos, pw->pw_dir, pw->pw_shell)); + sec_login_get_expiration(my_dce_sec_context, &expire_time, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get expiration. %s\n", dce_errstr)); + DEBUG(0, ("DCE can't get expiration. %s\n", dce_errstr)); goto err; } - + set_effective_uid(0); set_effective_gid(0); - - DEBUG(0,("DCE context expires: %s",asctime(localtime(&expire_time)))); - + + DEBUG(0, + ("DCE context expires: %s", asctime(localtime(&expire_time)))); + dcelogin_atmost_once = 1; return (True); -err: + err: /* Go back to root, JRA. */ set_effective_uid(0); set_effective_gid(egid); - return(False); + return (False); } void dfs_unlogin(void) @@ -448,12 +480,14 @@ void dfs_unlogin(void) error_status_t err; int err2; unsigned char dce_errstr[dce_c_error_string_len]; - + sec_login_purge_context(&my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE purge login context failed for server instance %d: %s\n", - getpid(), dce_errstr)); + DEBUG(0, + ("DCE purge login context failed for server instance %d: %s\n", + getpid(), dce_errstr)); } } #endif @@ -465,19 +499,19 @@ void dfs_unlogin(void) /******************************************************************* check on Kerberos authentication ********************************************************************/ -static BOOL krb5_auth(char *user,char *password) +static BOOL krb5_auth(char *user, char *password) { krb5_data tgtname = { 0, KRB5_TGS_NAME_SIZE, - KRB5_TGS_NAME - }; + KRB5_TGS_NAME + }; krb5_context kcontext; krb5_principal kprinc; krb5_principal server; krb5_creds kcreds; int options = 0; - krb5_address **addrs = (krb5_address **)0; + krb5_address **addrs = (krb5_address **) 0; krb5_preauthtype *preauth = NULL; krb5_keytab keytab = NULL; krb5_timestamp now; @@ -485,35 +519,45 @@ static BOOL krb5_auth(char *user,char *password) int retval; char *name; - if (retval=krb5_init_context(&kcontext)) { - return(False); + if (retval = krb5_init_context(&kcontext)) + { + return (False); } - if (retval = krb5_timeofday(kcontext, &now)) { - return(False); + if (retval = krb5_timeofday(kcontext, &now)) + { + return (False); } - if (retval = krb5_cc_default(kcontext, &ccache)) { - return(False); + if (retval = krb5_cc_default(kcontext, &ccache)) + { + return (False); } - - if (retval = krb5_parse_name(kcontext, user, &kprinc)) { - return(False); + + if (retval = krb5_parse_name(kcontext, user, &kprinc)) + { + return (False); } ZERO_STRUCT(kcreds); kcreds.client = kprinc; - + if ((retval = krb5_build_principal_ext(kcontext, &server, - krb5_princ_realm(kcontext, kprinc)->length, - krb5_princ_realm(kcontext, kprinc)->data, - tgtname.length, - tgtname.data, - krb5_princ_realm(kcontext, kprinc)->length, - krb5_princ_realm(kcontext, kprinc)->data, - 0))) { - return(False); + krb5_princ_realm(kcontext, + kprinc)-> + length, + krb5_princ_realm(kcontext, + kprinc)->data, + tgtname.length, tgtname.data, + krb5_princ_realm(kcontext, + kprinc)-> + length, + krb5_princ_realm(kcontext, + kprinc)->data, + 0))) + { + return (False); } kcreds.server = server; @@ -523,16 +567,14 @@ static BOOL krb5_auth(char *user,char *password) addrs, NULL, preauth, - password, - 0, - &kcreds, - 0); + password, 0, &kcreds, 0); - if (retval) { - return(False); + if (retval) + { + return (False); } - return(True); + return (True); } #endif /* KRB5_AUTH */ @@ -542,22 +584,22 @@ static BOOL krb5_auth(char *user,char *password) /******************************************************************* check on Kerberos authentication ********************************************************************/ -static BOOL krb4_auth(char *user,char *password) +static BOOL krb4_auth(char *user, char *password) { char realm[REALM_SZ]; char tkfile[MAXPATHLEN]; - - if (krb_get_lrealm(realm, 1) != KSUCCESS) { - (void) safe_strcpy(realm, KRB_REALM, sizeof (realm) - 1); + + if (krb_get_lrealm(realm, 1) != KSUCCESS) + { + (void)safe_strcpy(realm, KRB_REALM, sizeof(realm) - 1); } - (void) slprintf(tkfile, sizeof(tkfile) - 1, "/tmp/samba_tkt_%d", - (int)getpid()); - + (void)slprintf(tkfile, sizeof(tkfile) - 1, "/tmp/samba_tkt_%d", + (int)getpid()); + krb_set_tkt_string(tkfile); - if (krb_verify_user(user, "", realm, - password, 0, - "rmcd") == KSUCCESS) { + if (krb_verify_user(user, "", realm, password, 0, "rmcd") == KSUCCESS) + { unlink(tkfile); return 1; } @@ -570,24 +612,25 @@ static BOOL krb4_auth(char *user,char *password) /**************************************************************************** an enhanced crypt for Linux to handle password longer than 8 characters ****************************************************************************/ -static int linux_bigcrypt(char *password,char *salt1, char *crypted) +static int linux_bigcrypt(char *password, char *salt1, char *crypted) { #define LINUX_PASSWORD_SEG_CHARS 8 char salt[3]; int i; - - StrnCpy(salt,salt1,2); - crypted +=2; - - for ( i=strlen(password); i > 0; i -= LINUX_PASSWORD_SEG_CHARS) { - char * p = crypt(password,salt) + 2; + + StrnCpy(salt, salt1, 2); + crypted += 2; + + for (i = strlen(password); i > 0; i -= LINUX_PASSWORD_SEG_CHARS) + { + char *p = crypt(password, salt) + 2; if (strncmp(p, crypted, LINUX_PASSWORD_SEG_CHARS) != 0) - return(0); + return (0); password += LINUX_PASSWORD_SEG_CHARS; - crypted += strlen(p); + crypted += strlen(p); } - - return(1); + + return (1); } #endif @@ -595,30 +638,33 @@ static int linux_bigcrypt(char *password,char *salt1, char *crypted) /**************************************************************************** an enhanced crypt for OSF1 ****************************************************************************/ -static char *osf1_bigcrypt(char *password,char *salt1) +static char *osf1_bigcrypt(char *password, char *salt1) { static char result[AUTH_MAX_PASSWD_LENGTH] = ""; char *p1; - char *p2=password; + char *p2 = password; char salt[3]; int i; int parts = strlen(password) / AUTH_CLEARTEXT_SEG_CHARS; - if (strlen(password)%AUTH_CLEARTEXT_SEG_CHARS) { + if (strlen(password) % AUTH_CLEARTEXT_SEG_CHARS) + { parts++; } - - StrnCpy(salt,salt1,2); - StrnCpy(result,salt1,2); - result[2]='\0'; - for (i=0; i<parts;i++) { - p1 = crypt(p2,salt); - strncat(result,p1+2,AUTH_MAX_PASSWD_LENGTH-strlen(p1+2)-1); - StrnCpy(salt,&result[2+i*AUTH_CIPHERTEXT_SEG_CHARS],2); + StrnCpy(salt, salt1, 2); + StrnCpy(result, salt1, 2); + result[2] = '\0'; + + for (i = 0; i < parts; i++) + { + p1 = crypt(p2, salt); + strncat(result, p1 + 2, + AUTH_MAX_PASSWD_LENGTH - strlen(p1 + 2) - 1); + StrnCpy(salt, &result[2 + i * AUTH_CIPHERTEXT_SEG_CHARS], 2); p2 += AUTH_CLEARTEXT_SEG_CHARS; } - return(result); + return (result); } #endif @@ -630,28 +676,32 @@ try all combinations with N uppercase letters. offset is the first char to try and change (start with 0) it assumes the string starts lowercased ****************************************************************************/ -static BOOL string_combinations2(char *s,int offset,BOOL (*fn)(char *),int N) +static BOOL string_combinations2(char *s, int offset, BOOL (*fn) (char *), + int N) { int len = strlen(s); int i; #ifdef PASSWORD_LENGTH - len = MIN(len,PASSWORD_LENGTH); + len = MIN(len, PASSWORD_LENGTH); #endif - if (N <= 0 || offset >= len) { - return(fn(s)); + if (N <= 0 || offset >= len) + { + return (fn(s)); } - for (i=offset;i<(len-(N-1));i++) { + for (i = offset; i < (len - (N - 1)); i++) + { char c = s[i]; - if (!islower(c)) continue; + if (!islower(c)) + continue; s[i] = toupper(c); - if (string_combinations2(s,i+1,fn,N-1)) - return(True); + if (string_combinations2(s, i + 1, fn, N - 1)) + return (True); s[i] = c; } - return(False); + return (False); } /**************************************************************************** @@ -661,12 +711,13 @@ try all combinations with up to N uppercase letters. offset is the first char to try and change (start with 0) it assumes the string starts lowercased ****************************************************************************/ -static BOOL string_combinations(char *s,BOOL (*fn)(char *),int N) +static BOOL string_combinations(char *s, BOOL (*fn) (char *), int N) { int n; - for (n=1;n<=N;n++) - if (string_combinations2(s,0,fn,n)) return(True); - return(False); + for (n = 1; n <= N; n++) + if (string_combinations2(s, 0, fn, n)) + return (True); + return (False); } @@ -685,43 +736,56 @@ static BOOL password_check(char *password) settings say it should fail. if (pam_auth(user,password)) return(True); Hence we make a direct return to avoid a second chance!!! - */ - return (pam_auth(this_user,password)); + */ + return (pam_auth(this_user, password)); #endif /* WITH_PAM */ - + #ifdef WITH_AFS - if (afs_auth(this_user,password)) return(True); + if (afs_auth(this_user, password)) + return (True); #endif /* WITH_AFS */ - + #ifdef WITH_DFS - if (dfs_auth(this_user,password)) return(True); + if (dfs_auth(this_user, password)) + return (True); #endif /* WITH_DFS */ #ifdef KRB5_AUTH - if (krb5_auth(this_user,password)) return(True); + if (krb5_auth(this_user, password)) + return (True); #endif /* KRB5_AUTH */ #ifdef KRB4_AUTH - if (krb4_auth(this_user,password)) return(True); + if (krb4_auth(this_user, password)) + return (True); #endif /* KRB4_AUTH */ #ifdef OSF1_ENH_SEC { - BOOL ret = (strcmp(osf1_bigcrypt(password,this_salt),this_crypted) == 0); - if(!ret) { - DEBUG(2,("OSF1_ENH_SEC failed. Trying normal crypt.\n")); - ret = (strcmp((char *)crypt(password,this_salt),this_crypted) == 0); - } - return ret; + BOOL ret = + (strcmp + (osf1_bigcrypt(password, this_salt), + this_crypted) == 0); + if (!ret) + { + DEBUG(2, + ("OSF1_ENH_SEC failed. Trying normal crypt.\n")); + ret = + (strcmp + ((char *)crypt(password, this_salt), + this_crypted) == 0); + } + return ret; } #endif /* OSF1_ENH_SEC */ #ifdef ULTRIX_AUTH - return (strcmp((char *)crypt16(password, this_salt ),this_crypted) == 0); + return (strcmp((char *)crypt16(password, this_salt), this_crypted) == + 0); #endif /* ULTRIX_AUTH */ #ifdef LINUX_BIGCRYPT - return(linux_bigcrypt(password,this_salt,this_crypted)); + return (linux_bigcrypt(password, this_salt, this_crypted)); #endif /* LINUX_BIGCRYPT */ #if defined(HAVE_BIGCRYPT) && defined(HAVE_CRYPT) && defined(USE_BOTH_CRYPT_CALLS) @@ -733,21 +797,24 @@ static BOOL password_check(char *password) * by crypt. */ - if(strcmp(bigcrypt(password,this_salt),this_crypted) == 0) + if (strcmp(bigcrypt(password, this_salt), this_crypted) == 0) return True; - else - return (strcmp((char *)crypt(password,this_salt),this_crypted) == 0); + else + return (strcmp + ((char *)crypt(password, this_salt), + this_crypted) == 0); #else /* HAVE_BIGCRYPT && HAVE_CRYPT && USE_BOTH_CRYPT_CALLS */ #ifdef HAVE_BIGCRYPT - return(strcmp(bigcrypt(password,this_salt),this_crypted) == 0); + return (strcmp(bigcrypt(password, this_salt), this_crypted) == 0); #endif /* HAVE_BIGCRYPT */ #ifndef HAVE_CRYPT - DEBUG(1,("Warning - no crypt available\n")); - return(False); + DEBUG(1, ("Warning - no crypt available\n")); + return (False); #else /* HAVE_CRYPT */ - return(strcmp((char *)crypt(password,this_salt),this_crypted) == 0); + return (strcmp((char *)crypt(password, this_salt), this_crypted) == + 0); #endif /* HAVE_CRYPT */ #endif /* HAVE_BIGCRYPT && HAVE_CRYPT && USE_BOTH_CRYPT_CALLS */ } @@ -760,40 +827,47 @@ the function pointer fn() points to a function to call when a successful match is found and is used to update the encrypted password file return True on correct match, False otherwise ****************************************************************************/ -BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, - BOOL (*fn)(char *, char *)) +BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd, + BOOL (*fn) (char *, char *)) { pstring pass2; int level = lp_passwordlevel(); struct passwd *pass; - if (password) password[pwlen] = 0; + if (password) + password[pwlen] = 0; #if DEBUG_PASSWORD - DEBUG(100,("checking user=[%s] pass=[%s]\n",user,password)); + DEBUG(100, ("checking user=[%s] pass=[%s]\n", user, password)); #endif - if (!password) { - return(False); + if (!password) + { + return (False); } - if (((!*password) || (!pwlen)) && !lp_null_passwords()) { - return(False); + if (((!*password) || (!pwlen)) && !lp_null_passwords()) + { + return (False); } - if (pwd && !user) { - pass = (struct passwd *) pwd; + if (pwd && !user) + { + pass = (struct passwd *)pwd; user = pass->pw_name; - } else { - pass = Get_Pwnam(user,True); + } + else + { + pass = Get_Pwnam(user, True); } - DEBUG(4,("Checking password for user %s (l=%d)\n",user,pwlen)); + DEBUG(4, ("Checking password for user %s (l=%d)\n", user, pwlen)); - if (!pass) { - DEBUG(3,("Couldn't find user %s\n",user)); - return(False); + if (!pass) + { + DEBUG(3, ("Couldn't find user %s\n", user)); + return (False); } #ifdef HAVE_GETSPNAM @@ -806,8 +880,9 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, perhaps for IPC password changing requests */ spass = getspnam(pass->pw_name); - if (spass && spass->sp_pwdp) { - pstrcpy(pass->pw_passwd,spass->sp_pwdp); + if (spass && spass->sp_pwdp) + { + pstrcpy(pass->pw_passwd, spass->sp_pwdp); } } #elif defined(IA_UINFO) @@ -817,7 +892,8 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, UnixWare 2.x, tested on version 2.1. (tangent@cyberport.com) */ uinfo_t uinfo; - if (ia_openinfo(pass->pw_name, &uinfo) != -1) { + if (ia_openinfo(pass->pw_name, &uinfo) != -1) + { ia_get_logpwd(uinfo, &(pass->pw_passwd)); } } @@ -827,22 +903,26 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, { struct pr_passwd *pr_pw = getprpwnam(pass->pw_name); if (pr_pw && pr_pw->ufld.fd_encrypt) - pstrcpy(pass->pw_passwd,pr_pw->ufld.fd_encrypt); + pstrcpy(pass->pw_passwd, pr_pw->ufld.fd_encrypt); } #endif #ifdef OSF1_ENH_SEC { struct pr_passwd *mypasswd; - DEBUG(5,("Checking password for user %s in OSF1_ENH_SEC\n", - user)); - mypasswd = getprpwnam (user); - if (mypasswd) { - fstrcpy(pass->pw_name,mypasswd->ufld.fd_name); - fstrcpy(pass->pw_passwd,mypasswd->ufld.fd_encrypt); - } else { - DEBUG(5,("OSF1_ENH_SEC: No entry for user %s in protected database !\n", - user)); + DEBUG(5, ("Checking password for user %s in OSF1_ENH_SEC\n", + user)); + mypasswd = getprpwnam(user); + if (mypasswd) + { + fstrcpy(pass->pw_name, mypasswd->ufld.fd_name); + fstrcpy(pass->pw_passwd, mypasswd->ufld.fd_encrypt); + } + else + { + DEBUG(5, + ("OSF1_ENH_SEC: No entry for user %s in protected database !\n", + user)); } } #endif @@ -850,7 +930,8 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, #ifdef ULTRIX_AUTH { AUTHORIZATION *ap = getauthuid(pass->pw_uid); - if (ap) { + if (ap) + { fstrcpy(pass->pw_passwd, ap->a_password); endauthent(); } @@ -858,72 +939,84 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, #endif /* extract relevant info */ - fstrcpy(this_user,pass->pw_name); - fstrcpy(this_salt,pass->pw_passwd); + fstrcpy(this_user, pass->pw_name); + fstrcpy(this_salt, pass->pw_passwd); #if defined(HAVE_TRUNCATED_SALT) /* crypt on some platforms (HPUX in particular) won't work with more than 2 salt characters. */ this_salt[2] = 0; #endif - - fstrcpy(this_crypted,pass->pw_passwd); - - if (!*this_crypted) { - if (!lp_null_passwords()) { - DEBUG(2,("Disallowing %s with null password\n", - this_user)); - return(False); + + fstrcpy(this_crypted, pass->pw_passwd); + + if (!*this_crypted) + { + if (!lp_null_passwords()) + { + DEBUG(2, ("Disallowing %s with null password\n", + this_user)); + return (False); } - if (!*password) { - DEBUG(3,("Allowing access to %s with null password\n", - this_user)); - return(True); + if (!*password) + { + DEBUG(3, + ("Allowing access to %s with null password\n", + this_user)); + return (True); } } /* try it as it came to us */ - if (password_check(password)) { - if (fn) fn(user,password); - return(True); + if (password_check(password)) + { + if (fn) + fn(user, password); + return (True); } /* if the password was given to us with mixed case then we don't need to proceed as we know it hasn't been case modified by the client */ - if (strhasupper(password) && strhaslower(password)) { - return(False); + if (strhasupper(password) && strhaslower(password)) + { + return (False); } /* make a copy of it */ - StrnCpy(pass2,password,sizeof(pstring)-1); - + StrnCpy(pass2, password, sizeof(pstring) - 1); + /* try all lowercase */ strlower(password); - if (password_check(password)) { - if (fn) fn(user,password); - return(True); + if (password_check(password)) + { + if (fn) + fn(user, password); + return (True); } /* give up? */ - if (level < 1) { + if (level < 1) + { /* restore it */ - fstrcpy(password,pass2); - - return(False); + fstrcpy(password, pass2); + + return (False); } /* last chance - all combinations of up to level chars upper! */ strlower(password); - if (string_combinations(password,password_check,level)) { - if (fn) fn(user,password); - return(True); + if (string_combinations(password, password_check, level)) + { + if (fn) + fn(user, password); + return (True); } /* restore it */ - fstrcpy(password,pass2); - - return(False); + fstrcpy(password, pass2); + + return (False); } diff --git a/source/passdb/pass_check.c b/source/passdb/pass_check.c index 11ce0d754e8..c3e56697476 100644 --- a/source/passdb/pass_check.c +++ b/source/passdb/pass_check.c @@ -27,9 +27,9 @@ extern int DEBUGLEVEL; /* these are kept here to keep the string_combinations function simple */ -static char this_user[100]=""; -static char this_salt[100]=""; -static char this_crypted[100]=""; +static char this_user[100] = ""; +static char this_salt[100] = ""; +static char this_crypted[100] = ""; #ifdef WITH_PAM @@ -49,88 +49,94 @@ static char *PAM_password; * Here we assume (for now, at least) that echo on means login name, and * echo off means password. */ -static int PAM_conv (int num_msg, - const struct pam_message **msg, - struct pam_response **resp, - void *appdata_ptr) { - int replies = 0; - struct pam_response *reply = NULL; - - #define COPY_STRING(s) (s) ? strdup(s) : NULL - - reply = malloc(sizeof(struct pam_response) * num_msg); - if (!reply) return PAM_CONV_ERR; - - for (replies = 0; replies < num_msg; replies++) { - switch (msg[replies]->msg_style) { - case PAM_PROMPT_ECHO_ON: - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = COPY_STRING(PAM_username); - /* PAM frees resp */ - break; - case PAM_PROMPT_ECHO_OFF: - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = COPY_STRING(PAM_password); - /* PAM frees resp */ - break; - case PAM_TEXT_INFO: - /* fall through */ - case PAM_ERROR_MSG: - /* ignore it... */ - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = NULL; - break; - default: - /* Must be an error of some sort... */ - free (reply); - return PAM_CONV_ERR; - } - } - if (reply) *resp = reply; - return PAM_SUCCESS; +static int PAM_conv(int num_msg, + const struct pam_message **msg, + struct pam_response **resp, void *appdata_ptr) +{ + int replies = 0; + struct pam_response *reply = NULL; + +#define COPY_STRING(s) (s) ? strdup(s) : NULL + + reply = malloc(sizeof(struct pam_response) * num_msg); + if (!reply) + return PAM_CONV_ERR; + + for (replies = 0; replies < num_msg; replies++) + { + switch (msg[replies]->msg_style) + { + case PAM_PROMPT_ECHO_ON: + reply[replies].resp_retcode = PAM_SUCCESS; + reply[replies].resp = + COPY_STRING(PAM_username); + /* PAM frees resp */ + break; + case PAM_PROMPT_ECHO_OFF: + reply[replies].resp_retcode = PAM_SUCCESS; + reply[replies].resp = + COPY_STRING(PAM_password); + /* PAM frees resp */ + break; + case PAM_TEXT_INFO: + /* fall through */ + case PAM_ERROR_MSG: + /* ignore it... */ + reply[replies].resp_retcode = PAM_SUCCESS; + reply[replies].resp = NULL; + break; + default: + /* Must be an error of some sort... */ + free(reply); + return PAM_CONV_ERR; + } + } + if (reply) + *resp = reply; + return PAM_SUCCESS; } static struct pam_conv PAM_conversation = { - &PAM_conv, - NULL + &PAM_conv, + NULL }; -static BOOL pam_auth(char *user,char *password) +static BOOL pam_auth(char *user, char *password) { - pam_handle_t *pamh; - int pam_error; - - /* Now use PAM to do authentication. For now, we won't worry about - * session logging, only authentication. Bail out if there are any - * errors. Since this is a limited protocol, and an even more limited - * function within a server speaking this protocol, we can't be as - * verbose as would otherwise make sense. - * Query: should we be using PAM_SILENT to shut PAM up? - */ - #define PAM_BAIL if (pam_error != PAM_SUCCESS) { \ + pam_handle_t *pamh; + int pam_error; + + /* Now use PAM to do authentication. For now, we won't worry about + * session logging, only authentication. Bail out if there are any + * errors. Since this is a limited protocol, and an even more limited + * function within a server speaking this protocol, we can't be as + * verbose as would otherwise make sense. + * Query: should we be using PAM_SILENT to shut PAM up? + */ +#define PAM_BAIL if (pam_error != PAM_SUCCESS) { \ pam_end(pamh, 0); return False; \ } - PAM_password = password; - PAM_username = user; - pam_error = pam_start("samba", user, &PAM_conversation, &pamh); - PAM_BAIL; + PAM_password = password; + PAM_username = user; + pam_error = pam_start("samba", user, &PAM_conversation, &pamh); + PAM_BAIL; /* Setting PAM_SILENT stops generation of error messages to syslog * to enable debugging on Red Hat Linux set: * /etc/pam.d/samba: * auth required /lib/security/pam_pwdb.so nullok shadow audit * _OR_ change PAM_SILENT to 0 to force detailed reporting (logging) */ - pam_error = pam_authenticate(pamh, PAM_SILENT); - PAM_BAIL; - /* It is not clear to me that account management is the right thing - * to do, but it is not clear that it isn't, either. This can be - * removed if no account management should be done. Alternately, - * put a pam_allow.so entry in /etc/pam.conf for account handling. */ - pam_error = pam_acct_mgmt(pamh, PAM_SILENT); - PAM_BAIL; - pam_end(pamh, PAM_SUCCESS); - /* If this point is reached, the user has been authenticated. */ - return(True); + pam_error = pam_authenticate(pamh, PAM_SILENT); + PAM_BAIL; + /* It is not clear to me that account management is the right thing + * to do, but it is not clear that it isn't, either. This can be + * removed if no account management should be done. Alternately, + * put a pam_allow.so entry in /etc/pam.conf for account handling. */ + pam_error = pam_acct_mgmt(pamh, PAM_SILENT); + PAM_BAIL; + pam_end(pamh, PAM_SUCCESS); + /* If this point is reached, the user has been authenticated. */ + return (True); } #endif @@ -143,27 +149,27 @@ static BOOL pam_auth(char *user,char *password) /******************************************************************* check on AFS authentication ********************************************************************/ -static BOOL afs_auth(char *user,char *password) +static BOOL afs_auth(char *user, char *password) { long password_expires = 0; char *reason; - + /* For versions of AFS prior to 3.3, this routine has few arguments, */ /* but since I can't find the old documentation... :-) */ setpag(); - if (ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION+KA_USERAUTH_DOSETPAG, - user, - (char *) 0, /* instance */ - (char *) 0, /* cell */ - password, - 0, /* lifetime, default */ - &password_expires, /*days 'til it expires */ - 0, /* spare 2 */ - &reason) == 0) { - return(True); - } - DEBUG(1,("AFS authentication for \"%s\" failed (%s)\n", user, reason)); - return(False); + if (ka_UserAuthenticateGeneral + (KA_USERAUTH_VERSION + KA_USERAUTH_DOSETPAG, user, (char *)0, /* instance */ + (char *)0, /* cell */ + password, 0, /* lifetime, default */ + &password_expires, /*days 'til it expires */ + 0, /* spare 2 */ + &reason) == 0) + { + return (True); + } + DEBUG(1, + ("AFS authentication for \"%s\" failed (%s)\n", user, reason)); + return (False); } #endif @@ -192,7 +198,7 @@ int dcelogin_atmost_once = 0; /******************************************************************* check on a DCE/DFS authentication ********************************************************************/ -static BOOL dfs_auth(char *user,char *password) +static BOOL dfs_auth(char *user, char *password) { error_status_t err; int err2; @@ -205,7 +211,8 @@ static BOOL dfs_auth(char *user,char *password) unsigned char dce_errstr[dce_c_error_string_len]; gid_t egid; - if (dcelogin_atmost_once) return(False); + if (dcelogin_atmost_once) + return (False); #ifdef HAVE_CRYPT /* @@ -214,112 +221,125 @@ static BOOL dfs_auth(char *user,char *password) * Assumes local passwd file is kept in sync w/ DCE RGY! */ - if (strcmp((char *)crypt(password,this_salt),this_crypted)) { - return(False); + if (strcmp((char *)crypt(password, this_salt), this_crypted)) + { + return (False); } #endif sec_login_get_current_context(&my_dce_sec_context, &err); - if (err != error_status_ok ) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get current context. %s\n", dce_errstr)); + DEBUG(0, ("DCE can't get current context. %s\n", dce_errstr)); - return(False); + return (False); } sec_login_certify_identity(my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get current context. %s\n", dce_errstr)); - - return(False); + DEBUG(0, ("DCE can't get current context. %s\n", dce_errstr)); + + return (False); } sec_login_get_expiration(my_dce_sec_context, &expire_time, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get expiration. %s\n", dce_errstr)); - - return(False); + DEBUG(0, ("DCE can't get expiration. %s\n", dce_errstr)); + + return (False); } - + time(¤t_time); - if (expire_time < (current_time + 60)) { - struct passwd *pw; + if (expire_time < (current_time + 60)) + { + struct passwd *pw; sec_passwd_rec_t *key; - - sec_login_get_pwent(my_dce_sec_context, - (sec_login_passwd_t*)&pw, &err); - if (err != error_status_ok ) { + + sec_login_get_pwent(my_dce_sec_context, + (sec_login_passwd_t *) & pw, &err); + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get pwent. %s\n", dce_errstr)); - - return(False); + DEBUG(0, ("DCE can't get pwent. %s\n", dce_errstr)); + + return (False); } - + sec_login_refresh_identity(my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't refresh identity. %s\n", - dce_errstr)); - - return(False); + DEBUG(0, ("DCE can't refresh identity. %s\n", + dce_errstr)); + + return (False); } - + sec_key_mgmt_get_key(rpc_c_authn_dce_secret, NULL, (unsigned char *)pw->pw_name, sec_c_key_version_none, - (void**)&key, &err); - if (err != error_status_ok) { + (void **)&key, &err); + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get key for %s. %s\n", - pw->pw_name, dce_errstr)); + DEBUG(0, ("DCE can't get key for %s. %s\n", + pw->pw_name, dce_errstr)); - return(False); + return (False); } - + sec_login_valid_and_cert_ident(my_dce_sec_context, key, - &password_reset, &auth_src, + &password_reset, &auth_src, &err); - if (err != error_status_ok ) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't validate and certify identity for %s. %s\n", - pw->pw_name, dce_errstr)); + DEBUG(0, + ("DCE can't validate and certify identity for %s. %s\n", + pw->pw_name, dce_errstr)); } - + sec_key_mgmt_free_key(key, &err); - if (err != error_status_ok ) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't free key.\n", dce_errstr)); + DEBUG(0, ("DCE can't free key.\n", dce_errstr)); } } if (sec_login_setup_identity((unsigned char *)user, sec_login_no_flags, - &my_dce_sec_context, - &err) == 0) { + &my_dce_sec_context, &err) == 0) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE Setup Identity for %s failed: %s\n", - user,dce_errstr)); - return(False); + DEBUG(0, ("DCE Setup Identity for %s failed: %s\n", + user, dce_errstr)); + return (False); } - sec_login_get_pwent(my_dce_sec_context, - (sec_login_passwd_t*)&pw, &err); - if (err != error_status_ok) { + sec_login_get_pwent(my_dce_sec_context, + (sec_login_passwd_t *) & pw, &err); + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get pwent. %s\n", dce_errstr)); - - return(False); + DEBUG(0, ("DCE can't get pwent. %s\n", dce_errstr)); + + return (False); } sec_login_purge_context(&my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't purge context. %s\n", dce_errstr)); + DEBUG(0, ("DCE can't purge context. %s\n", dce_errstr)); - return(False); + return (False); } /* @@ -330,117 +350,129 @@ static BOOL dfs_auth(char *user,char *password) * this should be ok. I have added code to go * back to being root on error though. JRA. */ - + egid = getegid(); - if (set_effective_gid(pw->pw_gid) != 0) { - DEBUG(0,("Can't set egid to %d (%s)\n", - pw->pw_gid, strerror(errno))); + if (set_effective_gid(pw->pw_gid) != 0) + { + DEBUG(0, ("Can't set egid to %d (%s)\n", + pw->pw_gid, strerror(errno))); return False; } - if (set_effective_uid(pw->pw_uid) != 0) { + if (set_effective_uid(pw->pw_uid) != 0) + { set_effective_gid(egid); - DEBUG(0,("Can't set euid to %d (%s)\n", - pw->pw_uid, strerror(errno))); + DEBUG(0, ("Can't set euid to %d (%s)\n", + pw->pw_uid, strerror(errno))); return False; } - + if (sec_login_setup_identity((unsigned char *)user, sec_login_no_flags, - &my_dce_sec_context, - &err) == 0) { + &my_dce_sec_context, &err) == 0) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE Setup Identity for %s failed: %s\n", - user,dce_errstr)); + DEBUG(0, ("DCE Setup Identity for %s failed: %s\n", + user, dce_errstr)); goto err; } - sec_login_get_pwent(my_dce_sec_context, - (sec_login_passwd_t*)&pw, &err); - if (err != error_status_ok ) { + sec_login_get_pwent(my_dce_sec_context, + (sec_login_passwd_t *) & pw, &err); + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get pwent. %s\n", dce_errstr)); + DEBUG(0, ("DCE can't get pwent. %s\n", dce_errstr)); goto err; } passwd_rec.version_number = sec_passwd_c_version_none; passwd_rec.pepper = NULL; passwd_rec.key.key_type = sec_passwd_plain; - passwd_rec.key.tagged_union.plain = (idl_char *)password; - + passwd_rec.key.tagged_union.plain = (idl_char *) password; + sec_login_validate_identity(my_dce_sec_context, &passwd_rec, &password_reset, &auth_src, &err); - if (err != error_status_ok ) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE Identity Validation failed for principal %s: %s\n", - user,dce_errstr)); + DEBUG(0, + ("DCE Identity Validation failed for principal %s: %s\n", + user, dce_errstr)); goto err; } sec_login_certify_identity(my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE certify identity failed: %s\n", dce_errstr)); + DEBUG(0, ("DCE certify identity failed: %s\n", dce_errstr)); goto err; } - if (auth_src != sec_login_auth_src_network) { - DEBUG(0,("DCE context has no network credentials.\n")); + if (auth_src != sec_login_auth_src_network) + { + DEBUG(0, ("DCE context has no network credentials.\n")); } sec_login_set_context(my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE login failed for principal %s, cant set context: %s\n", - user,dce_errstr)); - + DEBUG(0, + ("DCE login failed for principal %s, cant set context: %s\n", + user, dce_errstr)); + sec_login_purge_context(&my_dce_sec_context, &err); goto err; } - - sec_login_get_pwent(my_dce_sec_context, - (sec_login_passwd_t*)&pw, &err); - if (err != error_status_ok) { + + sec_login_get_pwent(my_dce_sec_context, + (sec_login_passwd_t *) & pw, &err); + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get pwent. %s\n", dce_errstr)); + DEBUG(0, ("DCE can't get pwent. %s\n", dce_errstr)); goto err; } - - DEBUG(0,("DCE login succeeded for principal %s on pid %d\n", - user, getpid())); - - DEBUG(3,("DCE principal: %s\n" - " uid: %d\n" - " gid: %d\n", - pw->pw_name, pw->pw_uid, pw->pw_gid)); - DEBUG(3,(" info: %s\n" - " dir: %s\n" - " shell: %s\n", - pw->pw_gecos, pw->pw_dir, pw->pw_shell)); - + + DEBUG(0, ("DCE login succeeded for principal %s on pid %d\n", + user, getpid())); + + DEBUG(3, ("DCE principal: %s\n" + " uid: %d\n" + " gid: %d\n", + pw->pw_name, pw->pw_uid, pw->pw_gid)); + DEBUG(3, (" info: %s\n" + " dir: %s\n" + " shell: %s\n", + pw->pw_gecos, pw->pw_dir, pw->pw_shell)); + sec_login_get_expiration(my_dce_sec_context, &expire_time, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE can't get expiration. %s\n", dce_errstr)); + DEBUG(0, ("DCE can't get expiration. %s\n", dce_errstr)); goto err; } - + set_effective_uid(0); set_effective_gid(0); - - DEBUG(0,("DCE context expires: %s",asctime(localtime(&expire_time)))); - + + DEBUG(0, + ("DCE context expires: %s", asctime(localtime(&expire_time)))); + dcelogin_atmost_once = 1; return (True); -err: + err: /* Go back to root, JRA. */ set_effective_uid(0); set_effective_gid(egid); - return(False); + return (False); } void dfs_unlogin(void) @@ -448,12 +480,14 @@ void dfs_unlogin(void) error_status_t err; int err2; unsigned char dce_errstr[dce_c_error_string_len]; - + sec_login_purge_context(&my_dce_sec_context, &err); - if (err != error_status_ok) { + if (err != error_status_ok) + { dce_error_inq_text(err, dce_errstr, &err2); - DEBUG(0,("DCE purge login context failed for server instance %d: %s\n", - getpid(), dce_errstr)); + DEBUG(0, + ("DCE purge login context failed for server instance %d: %s\n", + getpid(), dce_errstr)); } } #endif @@ -465,19 +499,19 @@ void dfs_unlogin(void) /******************************************************************* check on Kerberos authentication ********************************************************************/ -static BOOL krb5_auth(char *user,char *password) +static BOOL krb5_auth(char *user, char *password) { krb5_data tgtname = { 0, KRB5_TGS_NAME_SIZE, - KRB5_TGS_NAME - }; + KRB5_TGS_NAME + }; krb5_context kcontext; krb5_principal kprinc; krb5_principal server; krb5_creds kcreds; int options = 0; - krb5_address **addrs = (krb5_address **)0; + krb5_address **addrs = (krb5_address **) 0; krb5_preauthtype *preauth = NULL; krb5_keytab keytab = NULL; krb5_timestamp now; @@ -485,35 +519,45 @@ static BOOL krb5_auth(char *user,char *password) int retval; char *name; - if (retval=krb5_init_context(&kcontext)) { - return(False); + if (retval = krb5_init_context(&kcontext)) + { + return (False); } - if (retval = krb5_timeofday(kcontext, &now)) { - return(False); + if (retval = krb5_timeofday(kcontext, &now)) + { + return (False); } - if (retval = krb5_cc_default(kcontext, &ccache)) { - return(False); + if (retval = krb5_cc_default(kcontext, &ccache)) + { + return (False); } - - if (retval = krb5_parse_name(kcontext, user, &kprinc)) { - return(False); + + if (retval = krb5_parse_name(kcontext, user, &kprinc)) + { + return (False); } ZERO_STRUCT(kcreds); kcreds.client = kprinc; - + if ((retval = krb5_build_principal_ext(kcontext, &server, - krb5_princ_realm(kcontext, kprinc)->length, - krb5_princ_realm(kcontext, kprinc)->data, - tgtname.length, - tgtname.data, - krb5_princ_realm(kcontext, kprinc)->length, - krb5_princ_realm(kcontext, kprinc)->data, - 0))) { - return(False); + krb5_princ_realm(kcontext, + kprinc)-> + length, + krb5_princ_realm(kcontext, + kprinc)->data, + tgtname.length, tgtname.data, + krb5_princ_realm(kcontext, + kprinc)-> + length, + krb5_princ_realm(kcontext, + kprinc)->data, + 0))) + { + return (False); } kcreds.server = server; @@ -523,16 +567,14 @@ static BOOL krb5_auth(char *user,char *password) addrs, NULL, preauth, - password, - 0, - &kcreds, - 0); + password, 0, &kcreds, 0); - if (retval) { - return(False); + if (retval) + { + return (False); } - return(True); + return (True); } #endif /* KRB5_AUTH */ @@ -542,22 +584,22 @@ static BOOL krb5_auth(char *user,char *password) /******************************************************************* check on Kerberos authentication ********************************************************************/ -static BOOL krb4_auth(char *user,char *password) +static BOOL krb4_auth(char *user, char *password) { char realm[REALM_SZ]; char tkfile[MAXPATHLEN]; - - if (krb_get_lrealm(realm, 1) != KSUCCESS) { - (void) safe_strcpy(realm, KRB_REALM, sizeof (realm) - 1); + + if (krb_get_lrealm(realm, 1) != KSUCCESS) + { + (void)safe_strcpy(realm, KRB_REALM, sizeof(realm) - 1); } - (void) slprintf(tkfile, sizeof(tkfile) - 1, "/tmp/samba_tkt_%d", - (int)getpid()); - + (void)slprintf(tkfile, sizeof(tkfile) - 1, "/tmp/samba_tkt_%d", + (int)getpid()); + krb_set_tkt_string(tkfile); - if (krb_verify_user(user, "", realm, - password, 0, - "rmcd") == KSUCCESS) { + if (krb_verify_user(user, "", realm, password, 0, "rmcd") == KSUCCESS) + { unlink(tkfile); return 1; } @@ -570,24 +612,25 @@ static BOOL krb4_auth(char *user,char *password) /**************************************************************************** an enhanced crypt for Linux to handle password longer than 8 characters ****************************************************************************/ -static int linux_bigcrypt(char *password,char *salt1, char *crypted) +static int linux_bigcrypt(char *password, char *salt1, char *crypted) { #define LINUX_PASSWORD_SEG_CHARS 8 char salt[3]; int i; - - StrnCpy(salt,salt1,2); - crypted +=2; - - for ( i=strlen(password); i > 0; i -= LINUX_PASSWORD_SEG_CHARS) { - char * p = crypt(password,salt) + 2; + + StrnCpy(salt, salt1, 2); + crypted += 2; + + for (i = strlen(password); i > 0; i -= LINUX_PASSWORD_SEG_CHARS) + { + char *p = crypt(password, salt) + 2; if (strncmp(p, crypted, LINUX_PASSWORD_SEG_CHARS) != 0) - return(0); + return (0); password += LINUX_PASSWORD_SEG_CHARS; - crypted += strlen(p); + crypted += strlen(p); } - - return(1); + + return (1); } #endif @@ -595,30 +638,33 @@ static int linux_bigcrypt(char *password,char *salt1, char *crypted) /**************************************************************************** an enhanced crypt for OSF1 ****************************************************************************/ -static char *osf1_bigcrypt(char *password,char *salt1) +static char *osf1_bigcrypt(char *password, char *salt1) { static char result[AUTH_MAX_PASSWD_LENGTH] = ""; char *p1; - char *p2=password; + char *p2 = password; char salt[3]; int i; int parts = strlen(password) / AUTH_CLEARTEXT_SEG_CHARS; - if (strlen(password)%AUTH_CLEARTEXT_SEG_CHARS) { + if (strlen(password) % AUTH_CLEARTEXT_SEG_CHARS) + { parts++; } - - StrnCpy(salt,salt1,2); - StrnCpy(result,salt1,2); - result[2]='\0'; - for (i=0; i<parts;i++) { - p1 = crypt(p2,salt); - strncat(result,p1+2,AUTH_MAX_PASSWD_LENGTH-strlen(p1+2)-1); - StrnCpy(salt,&result[2+i*AUTH_CIPHERTEXT_SEG_CHARS],2); + StrnCpy(salt, salt1, 2); + StrnCpy(result, salt1, 2); + result[2] = '\0'; + + for (i = 0; i < parts; i++) + { + p1 = crypt(p2, salt); + strncat(result, p1 + 2, + AUTH_MAX_PASSWD_LENGTH - strlen(p1 + 2) - 1); + StrnCpy(salt, &result[2 + i * AUTH_CIPHERTEXT_SEG_CHARS], 2); p2 += AUTH_CLEARTEXT_SEG_CHARS; } - return(result); + return (result); } #endif @@ -630,28 +676,32 @@ try all combinations with N uppercase letters. offset is the first char to try and change (start with 0) it assumes the string starts lowercased ****************************************************************************/ -static BOOL string_combinations2(char *s,int offset,BOOL (*fn)(char *),int N) +static BOOL string_combinations2(char *s, int offset, BOOL (*fn) (char *), + int N) { int len = strlen(s); int i; #ifdef PASSWORD_LENGTH - len = MIN(len,PASSWORD_LENGTH); + len = MIN(len, PASSWORD_LENGTH); #endif - if (N <= 0 || offset >= len) { - return(fn(s)); + if (N <= 0 || offset >= len) + { + return (fn(s)); } - for (i=offset;i<(len-(N-1));i++) { + for (i = offset; i < (len - (N - 1)); i++) + { char c = s[i]; - if (!islower(c)) continue; + if (!islower(c)) + continue; s[i] = toupper(c); - if (string_combinations2(s,i+1,fn,N-1)) - return(True); + if (string_combinations2(s, i + 1, fn, N - 1)) + return (True); s[i] = c; } - return(False); + return (False); } /**************************************************************************** @@ -661,12 +711,13 @@ try all combinations with up to N uppercase letters. offset is the first char to try and change (start with 0) it assumes the string starts lowercased ****************************************************************************/ -static BOOL string_combinations(char *s,BOOL (*fn)(char *),int N) +static BOOL string_combinations(char *s, BOOL (*fn) (char *), int N) { int n; - for (n=1;n<=N;n++) - if (string_combinations2(s,0,fn,n)) return(True); - return(False); + for (n = 1; n <= N; n++) + if (string_combinations2(s, 0, fn, n)) + return (True); + return (False); } @@ -685,43 +736,56 @@ static BOOL password_check(char *password) settings say it should fail. if (pam_auth(user,password)) return(True); Hence we make a direct return to avoid a second chance!!! - */ - return (pam_auth(this_user,password)); + */ + return (pam_auth(this_user, password)); #endif /* WITH_PAM */ - + #ifdef WITH_AFS - if (afs_auth(this_user,password)) return(True); + if (afs_auth(this_user, password)) + return (True); #endif /* WITH_AFS */ - + #ifdef WITH_DFS - if (dfs_auth(this_user,password)) return(True); + if (dfs_auth(this_user, password)) + return (True); #endif /* WITH_DFS */ #ifdef KRB5_AUTH - if (krb5_auth(this_user,password)) return(True); + if (krb5_auth(this_user, password)) + return (True); #endif /* KRB5_AUTH */ #ifdef KRB4_AUTH - if (krb4_auth(this_user,password)) return(True); + if (krb4_auth(this_user, password)) + return (True); #endif /* KRB4_AUTH */ #ifdef OSF1_ENH_SEC { - BOOL ret = (strcmp(osf1_bigcrypt(password,this_salt),this_crypted) == 0); - if(!ret) { - DEBUG(2,("OSF1_ENH_SEC failed. Trying normal crypt.\n")); - ret = (strcmp((char *)crypt(password,this_salt),this_crypted) == 0); - } - return ret; + BOOL ret = + (strcmp + (osf1_bigcrypt(password, this_salt), + this_crypted) == 0); + if (!ret) + { + DEBUG(2, + ("OSF1_ENH_SEC failed. Trying normal crypt.\n")); + ret = + (strcmp + ((char *)crypt(password, this_salt), + this_crypted) == 0); + } + return ret; } #endif /* OSF1_ENH_SEC */ #ifdef ULTRIX_AUTH - return (strcmp((char *)crypt16(password, this_salt ),this_crypted) == 0); + return (strcmp((char *)crypt16(password, this_salt), this_crypted) == + 0); #endif /* ULTRIX_AUTH */ #ifdef LINUX_BIGCRYPT - return(linux_bigcrypt(password,this_salt,this_crypted)); + return (linux_bigcrypt(password, this_salt, this_crypted)); #endif /* LINUX_BIGCRYPT */ #if defined(HAVE_BIGCRYPT) && defined(HAVE_CRYPT) && defined(USE_BOTH_CRYPT_CALLS) @@ -733,21 +797,24 @@ static BOOL password_check(char *password) * by crypt. */ - if(strcmp(bigcrypt(password,this_salt),this_crypted) == 0) + if (strcmp(bigcrypt(password, this_salt), this_crypted) == 0) return True; - else - return (strcmp((char *)crypt(password,this_salt),this_crypted) == 0); + else + return (strcmp + ((char *)crypt(password, this_salt), + this_crypted) == 0); #else /* HAVE_BIGCRYPT && HAVE_CRYPT && USE_BOTH_CRYPT_CALLS */ #ifdef HAVE_BIGCRYPT - return(strcmp(bigcrypt(password,this_salt),this_crypted) == 0); + return (strcmp(bigcrypt(password, this_salt), this_crypted) == 0); #endif /* HAVE_BIGCRYPT */ #ifndef HAVE_CRYPT - DEBUG(1,("Warning - no crypt available\n")); - return(False); + DEBUG(1, ("Warning - no crypt available\n")); + return (False); #else /* HAVE_CRYPT */ - return(strcmp((char *)crypt(password,this_salt),this_crypted) == 0); + return (strcmp((char *)crypt(password, this_salt), this_crypted) == + 0); #endif /* HAVE_CRYPT */ #endif /* HAVE_BIGCRYPT && HAVE_CRYPT && USE_BOTH_CRYPT_CALLS */ } @@ -760,40 +827,47 @@ the function pointer fn() points to a function to call when a successful match is found and is used to update the encrypted password file return True on correct match, False otherwise ****************************************************************************/ -BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, - BOOL (*fn)(char *, char *)) +BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd, + BOOL (*fn) (char *, char *)) { pstring pass2; int level = lp_passwordlevel(); struct passwd *pass; - if (password) password[pwlen] = 0; + if (password) + password[pwlen] = 0; #if DEBUG_PASSWORD - DEBUG(100,("checking user=[%s] pass=[%s]\n",user,password)); + DEBUG(100, ("checking user=[%s] pass=[%s]\n", user, password)); #endif - if (!password) { - return(False); + if (!password) + { + return (False); } - if (((!*password) || (!pwlen)) && !lp_null_passwords()) { - return(False); + if (((!*password) || (!pwlen)) && !lp_null_passwords()) + { + return (False); } - if (pwd && !user) { - pass = (struct passwd *) pwd; + if (pwd && !user) + { + pass = (struct passwd *)pwd; user = pass->pw_name; - } else { - pass = Get_Pwnam(user,True); + } + else + { + pass = Get_Pwnam(user, True); } - DEBUG(4,("Checking password for user %s (l=%d)\n",user,pwlen)); + DEBUG(4, ("Checking password for user %s (l=%d)\n", user, pwlen)); - if (!pass) { - DEBUG(3,("Couldn't find user %s\n",user)); - return(False); + if (!pass) + { + DEBUG(3, ("Couldn't find user %s\n", user)); + return (False); } #ifdef HAVE_GETSPNAM @@ -806,8 +880,9 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, perhaps for IPC password changing requests */ spass = getspnam(pass->pw_name); - if (spass && spass->sp_pwdp) { - pstrcpy(pass->pw_passwd,spass->sp_pwdp); + if (spass && spass->sp_pwdp) + { + pstrcpy(pass->pw_passwd, spass->sp_pwdp); } } #elif defined(IA_UINFO) @@ -817,7 +892,8 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, UnixWare 2.x, tested on version 2.1. (tangent@cyberport.com) */ uinfo_t uinfo; - if (ia_openinfo(pass->pw_name, &uinfo) != -1) { + if (ia_openinfo(pass->pw_name, &uinfo) != -1) + { ia_get_logpwd(uinfo, &(pass->pw_passwd)); } } @@ -827,22 +903,26 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, { struct pr_passwd *pr_pw = getprpwnam(pass->pw_name); if (pr_pw && pr_pw->ufld.fd_encrypt) - pstrcpy(pass->pw_passwd,pr_pw->ufld.fd_encrypt); + pstrcpy(pass->pw_passwd, pr_pw->ufld.fd_encrypt); } #endif #ifdef OSF1_ENH_SEC { struct pr_passwd *mypasswd; - DEBUG(5,("Checking password for user %s in OSF1_ENH_SEC\n", - user)); - mypasswd = getprpwnam (user); - if (mypasswd) { - fstrcpy(pass->pw_name,mypasswd->ufld.fd_name); - fstrcpy(pass->pw_passwd,mypasswd->ufld.fd_encrypt); - } else { - DEBUG(5,("OSF1_ENH_SEC: No entry for user %s in protected database !\n", - user)); + DEBUG(5, ("Checking password for user %s in OSF1_ENH_SEC\n", + user)); + mypasswd = getprpwnam(user); + if (mypasswd) + { + fstrcpy(pass->pw_name, mypasswd->ufld.fd_name); + fstrcpy(pass->pw_passwd, mypasswd->ufld.fd_encrypt); + } + else + { + DEBUG(5, + ("OSF1_ENH_SEC: No entry for user %s in protected database !\n", + user)); } } #endif @@ -850,7 +930,8 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, #ifdef ULTRIX_AUTH { AUTHORIZATION *ap = getauthuid(pass->pw_uid); - if (ap) { + if (ap) + { fstrcpy(pass->pw_passwd, ap->a_password); endauthent(); } @@ -858,72 +939,84 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd, #endif /* extract relevant info */ - fstrcpy(this_user,pass->pw_name); - fstrcpy(this_salt,pass->pw_passwd); + fstrcpy(this_user, pass->pw_name); + fstrcpy(this_salt, pass->pw_passwd); #if defined(HAVE_TRUNCATED_SALT) /* crypt on some platforms (HPUX in particular) won't work with more than 2 salt characters. */ this_salt[2] = 0; #endif - - fstrcpy(this_crypted,pass->pw_passwd); - - if (!*this_crypted) { - if (!lp_null_passwords()) { - DEBUG(2,("Disallowing %s with null password\n", - this_user)); - return(False); + + fstrcpy(this_crypted, pass->pw_passwd); + + if (!*this_crypted) + { + if (!lp_null_passwords()) + { + DEBUG(2, ("Disallowing %s with null password\n", + this_user)); + return (False); } - if (!*password) { - DEBUG(3,("Allowing access to %s with null password\n", - this_user)); - return(True); + if (!*password) + { + DEBUG(3, + ("Allowing access to %s with null password\n", + this_user)); + return (True); } } /* try it as it came to us */ - if (password_check(password)) { - if (fn) fn(user,password); - return(True); + if (password_check(password)) + { + if (fn) + fn(user, password); + return (True); } /* if the password was given to us with mixed case then we don't need to proceed as we know it hasn't been case modified by the client */ - if (strhasupper(password) && strhaslower(password)) { - return(False); + if (strhasupper(password) && strhaslower(password)) + { + return (False); } /* make a copy of it */ - StrnCpy(pass2,password,sizeof(pstring)-1); - + StrnCpy(pass2, password, sizeof(pstring) - 1); + /* try all lowercase */ strlower(password); - if (password_check(password)) { - if (fn) fn(user,password); - return(True); + if (password_check(password)) + { + if (fn) + fn(user, password); + return (True); } /* give up? */ - if (level < 1) { + if (level < 1) + { /* restore it */ - fstrcpy(password,pass2); - - return(False); + fstrcpy(password, pass2); + + return (False); } /* last chance - all combinations of up to level chars upper! */ strlower(password); - if (string_combinations(password,password_check,level)) { - if (fn) fn(user,password); - return(True); + if (string_combinations(password, password_check, level)) + { + if (fn) + fn(user, password); + return (True); } /* restore it */ - fstrcpy(password,pass2); - - return(False); + fstrcpy(password, pass2); + + return (False); } diff --git a/source/rpcclient/rpcclient.c b/source/rpcclient/rpcclient.c index 187d51c3ad6..b0fa85b8a4d 100644 --- a/source/rpcclient/rpcclient.c +++ b/source/rpcclient/rpcclient.c @@ -404,7 +404,9 @@ enum client_action printf("Please use rpcclient from the SAMBA_TNG cvs tag.\n"); printf("Please refer to http://samba.org/cvs.html for details.\n"); +#ifndef DEBUG_PASSWORD exit(-1); +#endif out_hnd = stdout; fstrcpy(debugf, argv[0]); diff --git a/source/smbd/chgpasswd.c b/source/smbd/chgpasswd.c index 406f4604b11..4131ae61caf 100644 --- a/source/smbd/chgpasswd.c +++ b/source/smbd/chgpasswd.c @@ -55,140 +55,168 @@ extern int DEBUGLEVEL; static int findpty(char **slave) { - int master; - static fstring line; - void *dirp; - char *dpname; - + int master; + static fstring line; + void *dirp; + char *dpname; + #if defined(HAVE_GRANTPT) - /* Try to open /dev/ptmx. If that fails, fall through to old method. */ - if ((master = sys_open("/dev/ptmx", O_RDWR, 0)) >= 0) { - grantpt(master); - unlockpt(master); - *slave = (char *)ptsname(master); - if (*slave == NULL) { - DEBUG(0,("findpty: Unable to create master/slave pty pair.\n")); - /* Stop fd leak on error. */ - close(master); - return -1; - } else { - DEBUG(10, ("findpty: Allocated slave pty %s\n", *slave)); - return (master); - } - } + /* Try to open /dev/ptmx. If that fails, fall through to old method. */ + if ((master = sys_open("/dev/ptmx", O_RDWR, 0)) >= 0) + { + grantpt(master); + unlockpt(master); + *slave = (char *)ptsname(master); + if (*slave == NULL) + { + DEBUG(0, + ("findpty: Unable to create master/slave pty pair.\n")); + /* Stop fd leak on error. */ + close(master); + return -1; + } + else + { + DEBUG(10, + ("findpty: Allocated slave pty %s\n", *slave)); + return (master); + } + } #endif /* HAVE_GRANTPT */ - fstrcpy( line, "/dev/ptyXX" ); - - dirp = OpenDir(NULL, "/dev", False); - if (!dirp) - return(-1); - while ((dpname = ReadDirName(dirp)) != NULL) { - if (strncmp(dpname, "pty", 3) == 0 && strlen(dpname) == 5) { - DEBUG(3,("pty: try to open %s, line was %s\n", dpname, line ) ); - line[8] = dpname[3]; - line[9] = dpname[4]; - if ((master = sys_open(line, O_RDWR, 0)) >= 0) { - DEBUG(3,("pty: opened %s\n", line ) ); - line[5] = 't'; - *slave = line; - CloseDir(dirp); - return (master); - } - } - } - CloseDir(dirp); - return (-1); + fstrcpy(line, "/dev/ptyXX"); + + dirp = OpenDir(NULL, "/dev", False); + if (!dirp) + return (-1); + while ((dpname = ReadDirName(dirp)) != NULL) + { + if (strncmp(dpname, "pty", 3) == 0 && strlen(dpname) == 5) + { + DEBUG(3, + ("pty: try to open %s, line was %s\n", dpname, + line)); + line[8] = dpname[3]; + line[9] = dpname[4]; + if ((master = sys_open(line, O_RDWR, 0)) >= 0) + { + DEBUG(3, ("pty: opened %s\n", line)); + line[5] = 't'; + *slave = line; + CloseDir(dirp); + return (master); + } + } + } + CloseDir(dirp); + return (-1); } -static int dochild(int master,char *slavedev, char *name, char *passwordprogram, BOOL as_root) +static int dochild(int master, char *slavedev, char *name, + char *passwordprogram, BOOL as_root) { - int slave; - struct termios stermios; - struct passwd *pass = Get_Pwnam(name,True); - gid_t gid; - uid_t uid; - - if (pass == NULL) { - DEBUG(0,("dochild: user name %s doesn't exist in the UNIX password database.\n", - name)); - return False; - } - - gid = pass->pw_gid; - uid = pass->pw_uid; - - gain_root_privilege(); - - /* Start new session - gets rid of controlling terminal. */ - if (setsid() < 0) { - DEBUG(3,("Weirdness, couldn't let go of controlling terminal\n")); - return(False); - } - - /* Open slave pty and acquire as new controlling terminal. */ - if ((slave = sys_open(slavedev, O_RDWR, 0)) < 0) { - DEBUG(3,("More weirdness, could not open %s\n", - slavedev)); - return(False); - } + int slave; + struct termios stermios; + struct passwd *pass = Get_Pwnam(name, True); + gid_t gid; + uid_t uid; + + if (pass == NULL) + { + DEBUG(0, + ("dochild: user name %s doesn't exist in the UNIX password database.\n", + name)); + return False; + } + + gid = pass->pw_gid; + uid = pass->pw_uid; + + gain_root_privilege(); + + /* Start new session - gets rid of controlling terminal. */ + if (setsid() < 0) + { + DEBUG(3, + ("Weirdness, couldn't let go of controlling terminal\n")); + return (False); + } + + /* Open slave pty and acquire as new controlling terminal. */ + if ((slave = sys_open(slavedev, O_RDWR, 0)) < 0) + { + DEBUG(3, ("More weirdness, could not open %s\n", slavedev)); + return (False); + } #ifdef I_PUSH - ioctl(slave, I_PUSH, "ptem"); - ioctl(slave, I_PUSH, "ldterm"); + ioctl(slave, I_PUSH, "ptem"); + ioctl(slave, I_PUSH, "ldterm"); #elif defined(TIOCSCTTY) - if (ioctl(slave,TIOCSCTTY,0) <0) { - DEBUG(3,("Error in ioctl call for slave pty\n")); - /* return(False); */ - } -#endif - - /* Close master. */ - close(master); - - /* Make slave stdin/out/err of child. */ - - if (dup2(slave, STDIN_FILENO) != STDIN_FILENO) { - DEBUG(3,("Could not re-direct stdin\n")); - return(False); - } - if (dup2(slave, STDOUT_FILENO) != STDOUT_FILENO) { - DEBUG(3,("Could not re-direct stdout\n")); - return(False); - } - if (dup2(slave, STDERR_FILENO) != STDERR_FILENO) { - DEBUG(3,("Could not re-direct stderr\n")); - return(False); - } - if (slave > 2) close(slave); - - /* Set proper terminal attributes - no echo, canonical input processing, - no map NL to CR/NL on output. */ - - if (tcgetattr(0, &stermios) < 0) { - DEBUG(3,("could not read default terminal attributes on pty\n")); - return(False); - } - stermios.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL); - stermios.c_lflag |= ICANON; - stermios.c_oflag &= ~(ONLCR); - if (tcsetattr(0, TCSANOW, &stermios) < 0) { - DEBUG(3,("could not set attributes of pty\n")); - return(False); - } - - /* make us completely into the right uid */ - if (!as_root) { - become_user_permanently(uid, gid); - } - - DEBUG(10, ("Invoking '%s' as password change program.\n", passwordprogram)); - - /* execl() password-change application */ - if (execl("/bin/sh","sh","-c",passwordprogram,NULL) < 0) { - DEBUG(3,("Bad status returned from %s\n",passwordprogram)); - return(False); - } - return(True); + if (ioctl(slave, TIOCSCTTY, 0) < 0) + { + DEBUG(3, ("Error in ioctl call for slave pty\n")); + /* return(False); */ + } +#endif + + /* Close master. */ + close(master); + + /* Make slave stdin/out/err of child. */ + + if (dup2(slave, STDIN_FILENO) != STDIN_FILENO) + { + DEBUG(3, ("Could not re-direct stdin\n")); + return (False); + } + if (dup2(slave, STDOUT_FILENO) != STDOUT_FILENO) + { + DEBUG(3, ("Could not re-direct stdout\n")); + return (False); + } + if (dup2(slave, STDERR_FILENO) != STDERR_FILENO) + { + DEBUG(3, ("Could not re-direct stderr\n")); + return (False); + } + if (slave > 2) + close(slave); + + /* Set proper terminal attributes - no echo, canonical input processing, + no map NL to CR/NL on output. */ + + if (tcgetattr(0, &stermios) < 0) + { + DEBUG(3, + ("could not read default terminal attributes on pty\n")); + return (False); + } + stermios.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL); + stermios.c_lflag |= ICANON; + stermios.c_oflag &= ~(ONLCR); + if (tcsetattr(0, TCSANOW, &stermios) < 0) + { + DEBUG(3, ("could not set attributes of pty\n")); + return (False); + } + + /* make us completely into the right uid */ + if (!as_root) + { + become_user_permanently(uid, gid); + } + + DEBUG(10, + ("Invoking '%s' as password change program.\n", + passwordprogram)); + + /* execl() password-change application */ + if (execl("/bin/sh", "sh", "-c", passwordprogram, NULL) < 0) + { + DEBUG(3, ("Bad status returned from %s\n", passwordprogram)); + return (False); + } + return (True); } static int expect(int master, char *issue, char *expected) @@ -215,7 +243,8 @@ static int expect(int master, char *issue, char *expected) buffer[nread] = 0; while ((len = read_with_timeout(master, buffer + nread, 1, - sizeof(buffer) - nread - 1, timeout)) > 0) + sizeof(buffer) - nread - 1, + timeout)) > 0) { nread += len; buffer[nread] = 0; @@ -243,10 +272,10 @@ static int expect(int master, char *issue, char *expected) static void pwd_sub(char *buf) { - all_string_sub(buf,"\\n","\n",0); - all_string_sub(buf,"\\r","\r",0); - all_string_sub(buf,"\\s"," ",0); - all_string_sub(buf,"\\t","\t",0); + all_string_sub(buf, "\\n", "\n", 0); + all_string_sub(buf, "\\r", "\r", 0); + all_string_sub(buf, "\\s", " ", 0); + all_string_sub(buf, "\\t", "\t", 0); } static int talktochild(int master, char *seq) @@ -263,7 +292,7 @@ static int talktochild(int master, char *seq) if (!expect(master, issue, expected)) { - DEBUG(3,("Response %d incorrect\n", count)); + DEBUG(3, ("Response %d incorrect\n", count)); return False; } @@ -276,187 +305,230 @@ static int talktochild(int master, char *seq) return (count > 0); } -static BOOL chat_with_program(char *passwordprogram,char *name,char *chatsequence, BOOL as_root) +static BOOL chat_with_program(char *passwordprogram, char *name, + char *chatsequence, BOOL as_root) { - char *slavedev; - int master; - pid_t pid, wpid; - int wstat; - BOOL chstat = False; - - /* allocate a pseudo-terminal device */ - if ((master = findpty (&slavedev)) < 0) { - DEBUG(3,("Cannot Allocate pty for password change: %s\n",name)); - return(False); - } - - /* - * We need to temporarily stop CatchChild from eating - * SIGCLD signals as it also eats the exit status code. JRA. - */ - - CatchChildLeaveStatus(); - - if ((pid = fork()) < 0) { - DEBUG(3,("Cannot fork() child for password change: %s\n",name)); - close(master); - CatchChild(); - return(False); - } - - /* we now have a pty */ - if (pid > 0){ /* This is the parent process */ - if ((chstat = talktochild(master, chatsequence)) == False) { - DEBUG(3,("Child failed to change password: %s\n",name)); - kill(pid, SIGKILL); /* be sure to end this process */ - } - - while((wpid = sys_waitpid(pid, &wstat, 0)) < 0) { - if(errno == EINTR) { - errno = 0; - continue; - } - break; - } - - if (wpid < 0) { - DEBUG(3,("The process is no longer waiting!\n\n")); - close(master); - CatchChild(); - return(False); - } - - /* - * Go back to ignoring children. - */ - CatchChild(); - - close(master); - - if (pid != wpid) { - DEBUG(3,("We were waiting for the wrong process ID\n")); - return(False); - } - if (WIFEXITED(wstat) == 0) { - DEBUG(3,("The process exited while we were waiting\n")); - return(False); - } - if (WEXITSTATUS(wstat) != 0) { - DEBUG(3,("The status of the process exiting was %d\n", wstat)); - return(False); - } - - } else { - /* CHILD */ - - /* - * Lose any oplock capabilities. - */ - set_process_capability(KERNEL_OPLOCK_CAPABILITY, False); - set_inherited_process_capability(KERNEL_OPLOCK_CAPABILITY, False); - - /* make sure it doesn't freeze */ - alarm(20); - - if (as_root) - become_root(False); - DEBUG(3,("Dochild for user %s (uid=%d,gid=%d)\n",name,(int)getuid(),(int)getgid())); - chstat = dochild(master, slavedev, name, passwordprogram, as_root); + char *slavedev; + int master; + pid_t pid, wpid; + int wstat; + BOOL chstat = False; + + /* allocate a pseudo-terminal device */ + if ((master = findpty(&slavedev)) < 0) + { + DEBUG(3, + ("Cannot Allocate pty for password change: %s\n", + name)); + return (False); + } /* - * The child should never return from dochild() .... + * We need to temporarily stop CatchChild from eating + * SIGCLD signals as it also eats the exit status code. JRA. */ - DEBUG(0,("chat_with_program: Error: dochild() returned %d\n", chstat )); - exit(1); - } + CatchChildLeaveStatus(); + + if ((pid = fork()) < 0) + { + DEBUG(3, + ("Cannot fork() child for password change: %s\n", + name)); + close(master); + CatchChild(); + return (False); + } + + /* we now have a pty */ + if (pid > 0) + { /* This is the parent process */ + if ((chstat = talktochild(master, chatsequence)) == False) + { + DEBUG(3, + ("Child failed to change password: %s\n", + name)); + kill(pid, SIGKILL); /* be sure to end this process */ + } + + while ((wpid = sys_waitpid(pid, &wstat, 0)) < 0) + { + if (errno == EINTR) + { + errno = 0; + continue; + } + break; + } + + if (wpid < 0) + { + DEBUG(3, ("The process is no longer waiting!\n\n")); + close(master); + CatchChild(); + return (False); + } + + /* + * Go back to ignoring children. + */ + CatchChild(); + + close(master); + + if (pid != wpid) + { + DEBUG(3, + ("We were waiting for the wrong process ID\n")); + return (False); + } + if (WIFEXITED(wstat) == 0) + { + DEBUG(3, + ("The process exited while we were waiting\n")); + return (False); + } + if (WEXITSTATUS(wstat) != 0) + { + DEBUG(3, + ("The status of the process exiting was %d\n", + wstat)); + return (False); + } + + } + else + { + /* CHILD */ - if (chstat) - DEBUG(3,("Password change %ssuccessful for user %s\n", (chstat?"":"un"), name)); - return (chstat); + /* + * Lose any oplock capabilities. + */ + set_process_capability(KERNEL_OPLOCK_CAPABILITY, False); + set_inherited_process_capability(KERNEL_OPLOCK_CAPABILITY, + False); + + /* make sure it doesn't freeze */ + alarm(20); + + if (as_root) + become_root(False); + DEBUG(3, + ("Dochild for user %s (uid=%d,gid=%d)\n", name, + (int)getuid(), (int)getgid())); + chstat = + dochild(master, slavedev, name, passwordprogram, + as_root); + + /* + * The child should never return from dochild() .... + */ + + DEBUG(0, + ("chat_with_program: Error: dochild() returned %d\n", + chstat)); + exit(1); + } + + if (chstat) + DEBUG(3, + ("Password change %ssuccessful for user %s\n", + (chstat ? "" : "un"), name)); + return (chstat); } -BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root) +BOOL chgpasswd(char *name, char *oldpass, char *newpass, BOOL as_root) { - pstring passwordprogram; - pstring chatsequence; - size_t i; - size_t len; + pstring passwordprogram; + pstring chatsequence; + size_t i; + size_t len; - strlower(name); - DEBUG(3,("Password change for user: %s\n",name)); + strlower(name); + DEBUG(3, ("Password change for user: %s\n", name)); #if DEBUG_PASSWORD - DEBUG(100,("Passwords: old=%s new=%s\n",oldpass,newpass)); + DEBUG(100, ("Passwords: old=%s new=%s\n", oldpass, newpass)); #endif - /* Take the passed information and test it for minimum criteria */ - /* Minimum password length */ - if (strlen(newpass) < lp_min_passwd_length()) /* too short, must be at least MINPASSWDLENGTH */ - { - DEBUG(0,("Password Change: user %s, New password is shorter than minimum password length = %d\n", - name, lp_min_passwd_length())); - return (False); /* inform the user */ - } - - /* Password is same as old password */ - if (strcmp(oldpass,newpass) == 0) /* don't allow same password */ - { - DEBUG(2,("Password Change: %s, New password is same as old\n",name)); /* log the attempt */ - return (False); /* inform the user */ - } - - pstrcpy(passwordprogram,lp_passwd_program()); - pstrcpy(chatsequence,lp_passwd_chat()); - - if (!*chatsequence) { - DEBUG(2,("Null chat sequence - no password changing\n")); - return(False); - } - - if (!*passwordprogram) { - DEBUG(2,("Null password program - no password changing\n")); - return(False); - } - - /* - * Check the old and new passwords don't contain any control - * characters. - */ + /* Take the passed information and test it for minimum criteria */ + /* Minimum password length */ + if (strlen(newpass) < lp_min_passwd_length()) /* too short, must be at least MINPASSWDLENGTH */ + { + DEBUG(0, + ("Password Change: user %s, New password is shorter than minimum password length = %d\n", + name, lp_min_passwd_length())); + return (False); /* inform the user */ + } - len = strlen(oldpass); - for(i = 0; i < len; i++) { - if (iscntrl((int)oldpass[i])) { - DEBUG(0,("chat_with_program: oldpass contains control characters (disallowed).\n")); - return False; - } - } - - len = strlen(newpass); - for(i = 0; i < len; i++) { - if (iscntrl((int)newpass[i])) { - DEBUG(0,("chat_with_program: newpass contains control characters (disallowed).\n")); - return False; - } - } - - pstring_sub(passwordprogram,"%u",name); - /* note that we do NOT substitute the %o and %n in the password program - as this would open up a security hole where the user could use - a new password containing shell escape characters */ - - pstring_sub(chatsequence,"%u",name); - all_string_sub(chatsequence,"%o",oldpass,sizeof(pstring)); - all_string_sub(chatsequence,"%n",newpass,sizeof(pstring)); - return(chat_with_program(passwordprogram,name,chatsequence, as_root)); + /* Password is same as old password */ + if (strcmp(oldpass, newpass) == 0) /* don't allow same password */ + { + DEBUG(2, + ("Password Change: %s, New password is same as old\n", name)); /* log the attempt */ + return (False); /* inform the user */ + } + + pstrcpy(passwordprogram, lp_passwd_program()); + pstrcpy(chatsequence, lp_passwd_chat()); + + if (!*chatsequence) + { + DEBUG(2, ("Null chat sequence - no password changing\n")); + return (False); + } + + if (!*passwordprogram) + { + DEBUG(2, ("Null password program - no password changing\n")); + return (False); + } + + /* + * Check the old and new passwords don't contain any control + * characters. + */ + + len = strlen(oldpass); + for (i = 0; i < len; i++) + { + if (iscntrl((int)oldpass[i])) + { + DEBUG(0, + ("chat_with_program: oldpass contains control characters (disallowed).\n")); + return False; + } + } + + len = strlen(newpass); + for (i = 0; i < len; i++) + { + if (iscntrl((int)newpass[i])) + { + DEBUG(0, + ("chat_with_program: newpass contains control characters (disallowed).\n")); + return False; + } + } + + pstring_sub(passwordprogram, "%u", name); + /* note that we do NOT substitute the %o and %n in the password program + as this would open up a security hole where the user could use + a new password containing shell escape characters */ + + pstring_sub(chatsequence, "%u", name); + all_string_sub(chatsequence, "%o", oldpass, sizeof(pstring)); + all_string_sub(chatsequence, "%n", newpass, sizeof(pstring)); + return (chat_with_program + (passwordprogram, name, chatsequence, as_root)); } #else /* ALLOW_CHANGE_PASSWORD */ -BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root) +BOOL chgpasswd(char *name, char *oldpass, char *newpass, BOOL as_root) { - DEBUG(0,("Password changing not compiled in (user=%s)\n",name)); - return(False); + DEBUG(0, ("Password changing not compiled in (user=%s)\n", name)); + return (False); } #endif /* ALLOW_CHANGE_PASSWORD */ @@ -464,58 +536,64 @@ BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root) Code to check the lanman hashed password. ************************************************************/ -BOOL check_lanman_password(char *user, uchar *pass1, - uchar *pass2, struct smb_passwd **psmbpw) +BOOL check_lanman_password(char *user, uchar * pass1, + uchar * pass2, struct smb_passwd **psmbpw) { - static uchar null_pw[16]; - uchar unenc_new_pw[16]; - uchar unenc_old_pw[16]; - struct smb_passwd *smbpw; - - *psmbpw = NULL; - - become_root(0); - smbpw = getsmbpwnam(user); - unbecome_root(0); - - if (smbpw == NULL) - { - DEBUG(0,("check_lanman_password: getsmbpwnam returned NULL\n")); - return False; - } - - if (smbpw->acct_ctrl & ACB_DISABLED) - { - DEBUG(0,("check_lanman_password: account %s disabled.\n", user)); - return False; - } - - if ((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) - { - uchar no_pw[14]; - memset(no_pw, '\0', 14); - E_P16(no_pw, null_pw); - smbpw->smb_passwd = null_pw; - } else if (smbpw->smb_passwd == NULL) { - DEBUG(0,("check_lanman_password: no lanman password !\n")); - return False; - } - - /* Get the new lanman hash. */ - D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); - - /* Use this to get the old lanman hash. */ - D_P16(unenc_new_pw, pass1, unenc_old_pw); - - /* Check that the two old passwords match. */ - if (memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) - { - DEBUG(0,("check_lanman_password: old password doesn't match.\n")); - return False; - } - - *psmbpw = smbpw; - return True; + static uchar null_pw[16]; + uchar unenc_new_pw[16]; + uchar unenc_old_pw[16]; + struct smb_passwd *smbpw; + + *psmbpw = NULL; + + become_root(0); + smbpw = getsmbpwnam(user); + unbecome_root(0); + + if (smbpw == NULL) + { + DEBUG(0, + ("check_lanman_password: getsmbpwnam returned NULL\n")); + return False; + } + + if (smbpw->acct_ctrl & ACB_DISABLED) + { + DEBUG(0, + ("check_lanman_password: account %s disabled.\n", + user)); + return False; + } + + if ((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) + { + uchar no_pw[14]; + memset(no_pw, '\0', 14); + E_P16(no_pw, null_pw); + smbpw->smb_passwd = null_pw; + } + else if (smbpw->smb_passwd == NULL) + { + DEBUG(0, ("check_lanman_password: no lanman password !\n")); + return False; + } + + /* Get the new lanman hash. */ + D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + + /* Use this to get the old lanman hash. */ + D_P16(unenc_new_pw, pass1, unenc_old_pw); + + /* Check that the two old passwords match. */ + if (memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) + { + DEBUG(0, + ("check_lanman_password: old password doesn't match.\n")); + return False; + } + + *psmbpw = smbpw; + return True; } /*********************************************************** @@ -524,61 +602,67 @@ BOOL check_lanman_password(char *user, uchar *pass1, no longer be valid. ************************************************************/ -BOOL change_lanman_password(struct smb_passwd *smbpw, uchar *pass1, uchar *pass2) +BOOL change_lanman_password(struct smb_passwd *smbpw, uchar * pass1, + uchar * pass2) { - static uchar null_pw[16]; - uchar unenc_new_pw[16]; - BOOL ret; - - if (smbpw == NULL) - { - DEBUG(0,("change_lanman_password: no smb password entry.\n")); - return False; - } - - if (smbpw->acct_ctrl & ACB_DISABLED) - { - DEBUG(0,("change_lanman_password: account %s disabled.\n", smbpw->smb_name)); - return False; - } - - if ((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) - { - uchar no_pw[14]; - memset(no_pw, '\0', 14); - E_P16(no_pw, null_pw); - smbpw->smb_passwd = null_pw; - } else if (smbpw->smb_passwd == NULL) { - DEBUG(0,("change_lanman_password: no lanman password !\n")); - return False; - } - - /* Get the new lanman hash. */ - D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); - - smbpw->smb_passwd = unenc_new_pw; - smbpw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */ - - /* Now write it into the file. */ - become_root(0); - ret = mod_smbpwd_entry(smbpw,False); - unbecome_root(0); - - return ret; + static uchar null_pw[16]; + uchar unenc_new_pw[16]; + BOOL ret; + + if (smbpw == NULL) + { + DEBUG(0, + ("change_lanman_password: no smb password entry.\n")); + return False; + } + + if (smbpw->acct_ctrl & ACB_DISABLED) + { + DEBUG(0, + ("change_lanman_password: account %s disabled.\n", + smbpw->smb_name)); + return False; + } + + if ((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) + { + uchar no_pw[14]; + memset(no_pw, '\0', 14); + E_P16(no_pw, null_pw); + smbpw->smb_passwd = null_pw; + } + else if (smbpw->smb_passwd == NULL) + { + DEBUG(0, ("change_lanman_password: no lanman password !\n")); + return False; + } + + /* Get the new lanman hash. */ + D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + + smbpw->smb_passwd = unenc_new_pw; + smbpw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */ + + /* Now write it into the file. */ + become_root(0); + ret = mod_smbpwd_entry(smbpw, False); + unbecome_root(0); + + return ret; } /*********************************************************** Code to check and change the OEM hashed password. ************************************************************/ BOOL pass_oem_change(char *user, - uchar *lmdata, uchar *lmhash, - uchar *ntdata, uchar *nthash) + uchar * lmdata, uchar * lmhash, + uchar * ntdata, uchar * nthash) { fstring new_passwd; struct smb_passwd *sampw; - BOOL ret = check_oem_password( user, lmdata, lmhash, ntdata, nthash, - &sampw, - new_passwd, sizeof(new_passwd)); + BOOL ret = check_oem_password(user, lmdata, lmhash, ntdata, nthash, + &sampw, + new_passwd, sizeof(new_passwd)); /* * At this point we have the new case-sensitive plaintext @@ -589,14 +673,14 @@ BOOL pass_oem_change(char *user, * available. JRA. */ - if ( ret && lp_unix_password_sync()) + if (ret && lp_unix_password_sync()) { - ret = chgpasswd(user,"", new_passwd, True); + ret = chgpasswd(user, "", new_passwd, True); } if (ret) { - ret = change_oem_password( sampw, new_passwd, False ); + ret = change_oem_password(sampw, new_passwd, False); } memset(new_passwd, 0, sizeof(new_passwd)); @@ -612,10 +696,10 @@ BOOL pass_oem_change(char *user, ************************************************************/ BOOL check_oem_password(char *user, - uchar *lmdata, uchar *lmhash, - uchar *ntdata, uchar *nthash, - struct smb_passwd **psmbpw, char *new_passwd, - int new_passwd_size) + uchar * lmdata, uchar * lmhash, + uchar * ntdata, uchar * nthash, + struct smb_passwd **psmbpw, char *new_passwd, + int new_passwd_size) { static uchar null_pw[16]; static uchar null_ntpw[16]; @@ -635,13 +719,15 @@ BOOL check_oem_password(char *user, if (smbpw == NULL) { - DEBUG(0,("check_oem_password: getsmbpwnam returned NULL\n")); + DEBUG(0, ("check_oem_password: getsmbpwnam returned NULL\n")); return False; } if (smbpw->acct_ctrl & ACB_DISABLED) { - DEBUG(0,("check_lanman_password: account %s disabled.\n", user)); + DEBUG(0, + ("check_lanman_password: account %s disabled.\n", + user)); return False; } @@ -657,9 +743,10 @@ BOOL check_oem_password(char *user, { smbpw->smb_passwd = null_pw; } - else + else { - DEBUG(0,("check_oem_password: no lanman password !\n")); + DEBUG(0, + ("check_oem_password: no lanman password !\n")); return False; } } @@ -670,9 +757,10 @@ BOOL check_oem_password(char *user, { smbpw->smb_nt_passwd = null_pw; } - else + else { - DEBUG(0,("check_oem_password: no ntlm password !\n")); + DEBUG(0, + ("check_oem_password: no ntlm password !\n")); return False; } } @@ -680,7 +768,7 @@ BOOL check_oem_password(char *user, /* * Call the hash function to get the new password. */ - SamOEMhash( (uchar *)lmdata, (uchar *)smbpw->smb_passwd, True); + SamOEMhash((uchar *) lmdata, (uchar *) smbpw->smb_passwd, True); /* * The length of the new password is in the last 4 bytes of @@ -690,7 +778,9 @@ BOOL check_oem_password(char *user, new_pw_len = IVAL(lmdata, 512); if (new_pw_len < 0 || new_pw_len > new_passwd_size - 1) { - DEBUG(0,("check_oem_password: incorrect password length (%d).\n", new_pw_len)); + DEBUG(0, + ("check_oem_password: incorrect password length (%d).\n", + new_pw_len)); return False; } @@ -702,12 +792,14 @@ BOOL check_oem_password(char *user, int uni_pw_len = new_pw_len; char *pw; new_pw_len /= 2; - pw = dos_unistrn2((uint16*)(&lmdata[512-uni_pw_len]), new_pw_len); - memcpy(new_passwd, pw, new_pw_len+1); + pw = + dos_unistrn2((uint16 *)(&lmdata[512 - uni_pw_len]), + new_pw_len); + memcpy(new_passwd, pw, new_pw_len + 1); } else { - memcpy(new_passwd, &lmdata[512-new_pw_len], new_pw_len); + memcpy(new_passwd, &lmdata[512 - new_pw_len], new_pw_len); new_passwd[new_pw_len] = '\0'; } @@ -724,16 +816,18 @@ BOOL check_oem_password(char *user, * Now use new_p16 as the key to see if the old * password matches. */ - D_P16(new_p16 , lmhash, unenc_old_pw); + D_P16(new_p16, lmhash, unenc_old_pw); if (memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) { - DEBUG(0,("check_oem_password: old lm password doesn't match.\n")); + DEBUG(0, + ("check_oem_password: old lm password doesn't match.\n")); return False; } #ifdef DEBUG_PASSWORD - DEBUG(100,("check_oem_password: password %s ok\n", new_passwd)); + DEBUG(100, + ("check_oem_password: password %s ok\n", new_passwd)); #endif return True; } @@ -747,17 +841,19 @@ BOOL check_oem_password(char *user, if (memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) { - DEBUG(0,("check_oem_password: old lm password doesn't match.\n")); + DEBUG(0, + ("check_oem_password: old lm password doesn't match.\n")); return False; } if (memcmp(smbpw->smb_nt_passwd, unenc_old_ntpw, 16)) { - DEBUG(0,("check_oem_password: old nt password doesn't match.\n")); + DEBUG(0, + ("check_oem_password: old nt password doesn't match.\n")); return False; } #ifdef DEBUG_PASSWORD - DEBUG(100,("check_oem_password: password %s ok\n", new_passwd)); + DEBUG(100, ("check_oem_password: password %s ok\n", new_passwd)); #endif return True; } @@ -769,66 +865,73 @@ BOOL check_oem_password(char *user, override = True, override XXXXXXXXXX'd password ************************************************************/ -BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL override) +BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, + BOOL override) { - int ret; - uchar new_nt_p16[16]; - uchar new_p16[16]; + int ret; + uchar new_nt_p16[16]; + uchar new_p16[16]; - nt_lm_owf_gen(new_passwd, new_nt_p16, new_p16); + nt_lm_owf_gen(new_passwd, new_nt_p16, new_p16); - smbpw->smb_passwd = new_p16; - smbpw->smb_nt_passwd = new_nt_p16; - - /* Now write it into the file. */ - become_root(0); - ret = mod_smbpwd_entry(smbpw,override); - unbecome_root(0); + smbpw->smb_passwd = new_p16; + smbpw->smb_nt_passwd = new_nt_p16; - memset(new_passwd, '\0', strlen(new_passwd)); + /* Now write it into the file. */ + become_root(0); + ret = mod_smbpwd_entry(smbpw, override); + unbecome_root(0); - return ret; + memset(new_passwd, '\0', strlen(new_passwd)); + + return ret; } /*********************************************************** Code to check a plaintext password against smbpasswd entries. ***********************************************************/ -BOOL check_plaintext_password(char *user,char *old_passwd, - int old_passwd_size, struct smb_passwd **psmbpw) +BOOL check_plaintext_password(char *user, char *old_passwd, + int old_passwd_size, struct smb_passwd **psmbpw) { - struct smb_passwd *smbpw = NULL; - uchar old_pw[16],old_ntpw[16]; + struct smb_passwd *smbpw = NULL; + uchar old_pw[16], old_ntpw[16]; - become_root(False); - *psmbpw = smbpw = getsmbpwnam(user); - unbecome_root(False); + become_root(False); + *psmbpw = smbpw = getsmbpwnam(user); + unbecome_root(False); - if (smbpw == NULL) { - DEBUG(0,("check_plaintext_password: getsmbpwnam returned NULL\n")); - return False; - } + if (smbpw == NULL) + { + DEBUG(0, + ("check_plaintext_password: getsmbpwnam returned NULL\n")); + return False; + } - if (smbpw->acct_ctrl & ACB_DISABLED) { - DEBUG(0,("check_plaintext_password: account %s disabled.\n", user)); - return(False); - } + if (smbpw->acct_ctrl & ACB_DISABLED) + { + DEBUG(0, + ("check_plaintext_password: account %s disabled.\n", + user)); + return (False); + } - nt_lm_owf_gen(old_passwd,old_ntpw,old_pw); + nt_lm_owf_gen(old_passwd, old_ntpw, old_pw); #ifdef DEBUG_PASSWORD - DEBUG(100,("check_plaintext_password: smbpw->smb_nt_passwd \n")); - dump_data(100,smbpw->smb_nt_passwd,16); - DEBUG(100,("check_plaintext_password: old_ntpw \n")); - dump_data(100,old_ntpw,16); - DEBUG(100,("check_plaintext_password: smbpw->smb_passwd \n")); - dump_data(100,smbpw->smb_passwd,16); - DEBUG(100,("check_plaintext_password: old_pw\n")); - dump_data(100,old_pw,16); + DEBUG(100, ("check_plaintext_password: smbpw->smb_nt_passwd \n")); + dump_data(100, smbpw->smb_nt_passwd, 16); + DEBUG(100, ("check_plaintext_password: old_ntpw \n")); + dump_data(100, old_ntpw, 16); + DEBUG(100, ("check_plaintext_password: smbpw->smb_passwd \n")); + dump_data(100, smbpw->smb_passwd, 16); + DEBUG(100, ("check_plaintext_password: old_pw\n")); + dump_data(100, old_pw, 16); #endif - if(memcmp(smbpw->smb_nt_passwd,old_ntpw,16) && memcmp(smbpw->smb_passwd,old_pw,16)) - return(False); - else - return(True); + if (memcmp(smbpw->smb_nt_passwd, old_ntpw, 16) + && memcmp(smbpw->smb_passwd, old_pw, 16)) + return (False); + else + return (True); } |