summaryrefslogtreecommitdiff
path: root/source/passdb
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2002-02-01 22:18:53 +0000
committerJeremy Allison <jra@samba.org>2002-02-01 22:18:53 +0000
commitdd6c9553603580d6c83be8183aca1eb21caa9168 (patch)
tree10dbf795dd1e50ca231f78c566a07b929f49defb /source/passdb
parent8d63a817bb04da3c7cc43e342a9034f5f23c5041 (diff)
downloadsamba-dd6c9553603580d6c83be8183aca1eb21caa9168.tar.gz
Merging for release.
Jeremy.
Diffstat (limited to 'source/passdb')
-rw-r--r--source/passdb/nispass.c1099
-rw-r--r--source/passdb/smbpass.c1429
-rw-r--r--source/passdb/smbpasschange.c198
-rw-r--r--source/passdb/smbpassgroup.c196
4 files changed, 0 insertions, 2922 deletions
diff --git a/source/passdb/nispass.c b/source/passdb/nispass.c
deleted file mode 100644
index c1a867bc338..00000000000
--- a/source/passdb/nispass.c
+++ /dev/null
@@ -1,1099 +0,0 @@
-/*
- * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
- * Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
- * Copyright (C) Benny Holmgren 1998 <bigfoot@astrakan.hgs.se>
- * Copyright (C) Luke Kenneth Casson Leighton 1996-1998.
- *
- * This program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
- * more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 675
- * Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "includes.h"
-
-#ifdef WITH_NISPLUS
-
-#ifdef BROKEN_NISPLUS_INCLUDE_FILES
-
-/*
- * The following lines are needed due to buggy include files
- * in Solaris 2.6 which define GROUP in both /usr/include/sys/acl.h and
- * also in /usr/include/rpcsvc/nis.h. The definitions conflict. JRA.
- * Also GROUP_OBJ is defined as 0x4 in /usr/include/sys/acl.h and as
- * an enum in /usr/include/rpcsvc/nis.h.
- */
-
-#if defined(GROUP)
-#undef GROUP
-#endif
-
-#if defined(GROUP_OBJ)
-#undef GROUP_OBJ
-#endif
-
-#endif
-
-#include <rpcsvc/nis.h>
-
-extern int DEBUGLEVEL;
-extern pstring samlogon_user;
-extern BOOL sam_logon_in_ssb;
-
-static VOLATILE sig_atomic_t gotalarm;
-
-/***************************************************************
-
- the fields for the NIS+ table, generated from mknissmbpwtbl.sh, are:
-
- name=S,nogw=r
- uid=S,nogw=r
- user_rid=S,nogw=r
- smb_grpid=,nw+r
- group_rid=,nw+r
- acb=,nw+r
-
- lmpwd=C,nw=,g=r,o=rm
- ntpwd=C,nw=,g=r,o=rm
-
- logon_t=,nw+r
- logoff_t=,nw+r
- kick_t=,nw+r
- pwdlset_t=,nw+r
- pwdlchg_t=,nw+r
- pwdmchg_t=,nw+r
-
- full_name=,nw+r
- home_dir=,nw+r
- dir_drive=,nw+r
- logon_script=,nw+r
- profile_path=,nw+r
- acct_desc=,nw+r
- workstations=,nw+r
-
- hours=,nw+r
-
-****************************************************************/
-
-#define NPF_NAME 0
-#define NPF_UID 1
-#define NPF_USER_RID 2
-#define NPF_SMB_GRPID 3
-#define NPF_GROUP_RID 4
-#define NPF_ACB 5
-#define NPF_LMPWD 6
-#define NPF_NTPWD 7
-#define NPF_LOGON_T 8
-#define NPF_LOGOFF_T 9
-#define NPF_KICK_T 10
-#define NPF_PWDLSET_T 11
-#define NPF_PWDLCHG_T 12
-#define NPF_PWDMCHG_T 13
-#define NPF_FULL_NAME 14
-#define NPF_HOME_DIR 15
-#define NPF_DIR_DRIVE 16
-#define NPF_LOGON_SCRIPT 17
-#define NPF_PROFILE_PATH 18
-#define NPF_ACCT_DESC 19
-#define NPF_WORKSTATIONS 20
-#define NPF_HOURS 21
-
-/***************************************************************
- Signal function to tell us we timed out.
-****************************************************************/
-static void gotalarm_sig(void)
-{
- gotalarm = 1;
-}
-
-/***************************************************************
- make_nisname_from_user_rid
- ****************************************************************/
-static char *make_nisname_from_user_rid(uint32 rid, char *pfile)
-{
- static pstring nisname;
-
- safe_strcpy(nisname, "[user_rid=", sizeof(nisname)-1);
- slprintf(nisname, sizeof(nisname)-1, "%s%d", nisname, rid);
- safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1);
- safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1);
-
- return nisname;
-}
-
-/***************************************************************
- make_nisname_from_uid
- ****************************************************************/
-static char *make_nisname_from_uid(int uid, char *pfile)
-{
- static pstring nisname;
-
- safe_strcpy(nisname, "[uid=", sizeof(nisname)-1);
- slprintf(nisname, sizeof(nisname)-1, "%s%d", nisname, uid);
- safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1);
- safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1);
-
- return nisname;
-}
-
-/***************************************************************
- make_nisname_from_name
- ****************************************************************/
-static char *make_nisname_from_name(char *user_name, char *pfile)
-{
- static pstring nisname;
-
- safe_strcpy(nisname, "[name=", sizeof(nisname)-1);
- safe_strcat(nisname, user_name, sizeof(nisname) - strlen(nisname) - 1);
- safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1);
- safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1);
-
- return nisname;
-}
-
-/*************************************************************************
- gets a NIS+ attribute
- *************************************************************************/
-static void get_single_attribute(nis_object *new_obj, int col,
- char *val, int len)
-{
- int entry_len;
-
- if (new_obj == NULL || val == NULL) return;
-
- entry_len = ENTRY_LEN(new_obj, col);
- if (len > entry_len)
- {
- DEBUG(10,("get_single_attribute: entry length truncated\n"));
- len = entry_len;
- }
-
- safe_strcpy(val, ENTRY_VAL(new_obj, col), len-1);
-}
-
-/************************************************************************
- makes a struct sam_passwd from a NIS+ object.
- ************************************************************************/
-static BOOL make_sam_from_nisp_object(struct sam_passwd *pw_buf, nis_object *obj)
-{
- int uidval;
- static pstring user_name;
- static pstring full_name;
- static pstring home_dir;
- static pstring home_drive;
- static pstring logon_script;
- static pstring profile_path;
- static pstring acct_desc;
- static pstring workstations;
- static pstring temp;
- static unsigned char smbpwd[16];
- static unsigned char smbntpwd[16];
-
- char *p;
-
- pdb_init_sam(pw_buf);
- pw_buf->acct_ctrl = ACB_NORMAL;
-
- pstrcpy(user_name, ENTRY_VAL(obj, NPF_NAME));
- pw_buf->smb_name = user_name;
-
- uidval = atoi(ENTRY_VAL(obj, NPF_UID));
- pw_buf->smb_userid = uidval;
-
- /* Check the lanman password column. */
- p = (char *)ENTRY_VAL(obj, NPF_LMPWD);
- if (*p == '*' || *p == 'X') {
- /* Password deliberately invalid - end here. */
- DEBUG(10, ("make_sam_from_nisp_object: entry invalidated for user %s\n", user_name));
- pw_buf->smb_nt_passwd = NULL;
- pw_buf->smb_passwd = NULL;
- pw_buf->acct_ctrl |= ACB_DISABLED;
- return True;
- }
- if (!strncasecmp(p, "NO PASSWORD", 11)) {
- pw_buf->smb_passwd = NULL;
- pw_buf->acct_ctrl |= ACB_PWNOTREQ;
- } else {
- if (strlen(p) != 32 || !pdb_gethexpwd(p, smbpwd))
- {
- DEBUG(0, ("make_sam_from_nisp_object: malformed LM pwd entry.\n"));
- return False;
- }
- }
-
- pw_buf->smb_passwd = smbpwd;
-
- /* Check the NT password column. */
- p = ENTRY_VAL(obj, NPF_NTPWD);
- if (*p != '*' && *p != 'X') {
- if (strlen(p) != 32 || !pdb_gethexpwd(p, smbntpwd))
- {
- DEBUG(0, ("make_smb_from_nisp_object: malformed NT pwd entry\n"));
- return False;
- }
- pw_buf->smb_nt_passwd = smbntpwd;
- }
-
- p = (char *)ENTRY_VAL(obj, NPF_ACB);
- if (*p == '[')
- {
- pw_buf->acct_ctrl = pdb_decode_acct_ctrl(p);
-
- /* Must have some account type set. */
- if(pw_buf->acct_ctrl == 0)
- pw_buf->acct_ctrl = ACB_NORMAL;
-
- /* Now try and get the last change time. */
- if(*p == ']')
- p++;
- if(*p == ':') {
- p++;
- if(*p && (StrnCaseCmp(p, "LCT-", 4)==0)) {
- int i;
- p += 4;
- for(i = 0; i < 8; i++) {
- if(p[i] == '\0' || !isxdigit(p[i]))
- break;
- }
- if(i == 8) {
- /*
- * p points at 8 characters of hex digits -
- * read into a time_t as the seconds since
- * 1970 that the password was last changed.
- */
- pw_buf->pass_last_set_time = (time_t)strtol(p, NULL, 16);
- }
- }
- }
- } else {
- /* 'Old' style file. Fake up based on user name. */
- /*
- * Currently trust accounts are kept in the same
- * password file as 'normal accounts'. If this changes
- * we will have to fix this code. JRA.
- */
- if(pw_buf->smb_name[strlen(pw_buf->smb_name) - 1] == '$') {
- pw_buf->acct_ctrl &= ~ACB_NORMAL;
- pw_buf->acct_ctrl |= ACB_WSTRUST;
- }
- }
-
- get_single_attribute(obj, NPF_SMB_GRPID, temp, sizeof(pstring));
- pw_buf->smb_grpid = atoi(temp);
-
- get_single_attribute(obj, NPF_USER_RID, temp, sizeof(pstring));
- pw_buf->user_rid = (strlen(temp) > 0) ?
- strtol(temp, NULL, 16) : pdb_uid_to_user_rid (pw_buf->smb_userid);
-
- if (pw_buf->smb_name[strlen(pw_buf->smb_name)-1] != '$') {
-
- /* XXXX hack to get standard_sub_basic() to use sam logon username */
- /* possibly a better way would be to do a become_user() call */
- pstrcpy(samlogon_user, pw_buf->smb_name);
- sam_logon_in_ssb = True;
-
- get_single_attribute(obj, NPF_GROUP_RID, temp, sizeof(pstring));
- pw_buf->group_rid = (strlen(temp) > 0) ?
- strtol(temp, NULL, 16) : pdb_gid_to_group_rid (pw_buf->smb_grpid);
-
- get_single_attribute(obj, NPF_FULL_NAME, full_name, sizeof(pstring));
-#if 1
- /* It seems correct to use the global values - but in that case why
- * do we want these NIS+ entries anyway ??
- */
- pstrcpy(logon_script , lp_logon_script ());
- pstrcpy(profile_path , lp_logon_path ());
- pstrcpy(home_drive , lp_logon_drive ());
- pstrcpy(home_dir , lp_logon_home ());
-#else
- get_single_attribute(obj, NPF_LOGON_SCRIPT, logon_script, sizeof(pstring));
- get_single_attribute(obj, NPF_PROFILE_PATH, profile_path, sizeof(pstring));
- get_single_attribute(obj, NPF_DIR_DRIVE, home_drive, sizeof(pstring));
- get_single_attribute(obj, NPF_HOME_DIR, home_dir, sizeof(pstring));
-#endif
- get_single_attribute(obj, NPF_ACCT_DESC, acct_desc, sizeof(pstring));
- get_single_attribute(obj, NPF_WORKSTATIONS, workstations, sizeof(pstring));
-
- sam_logon_in_ssb = False;
-
- } else {
-
- pw_buf->group_rid = DOMAIN_GROUP_RID_USERS; /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */
-
- pstrcpy(full_name , "");
- pstrcpy(logon_script , "");
- pstrcpy(profile_path , "");
- pstrcpy(home_drive , "");
- pstrcpy(home_dir , "");
- pstrcpy(acct_desc , "");
- pstrcpy(workstations , "");
- }
-
- pw_buf->full_name = full_name;
- pw_buf->home_dir = home_dir;
- pw_buf->dir_drive = home_drive;
- pw_buf->logon_script = logon_script;
- pw_buf->profile_path = profile_path;
- pw_buf->acct_desc = acct_desc;
- pw_buf->workstations = workstations;
-
- pw_buf->unknown_str = NULL; /* don't know, yet! */
- pw_buf->munged_dial = NULL; /* "munged" dial-back telephone number */
-
- pw_buf->unknown_3 = 0xffffff; /* don't know */
- pw_buf->logon_divs = 168; /* hours per week */
- pw_buf->hours_len = 21; /* 21 times 8 bits = 168 */
- memset(pw_buf->hours, 0xff, pw_buf->hours_len); /* available at all hours */
- pw_buf->unknown_5 = 0x00020000; /* don't know */
- pw_buf->unknown_6 = 0x000004ec; /* don't know */
-
- return True;
-}
-
-/************************************************************************
- makes a struct sam_passwd from a NIS+ result.
- ************************************************************************/
-static BOOL make_sam_from_nisresult(struct sam_passwd *pw_buf, nis_result *result)
-{
- if (pw_buf == NULL || result == NULL) return False;
-
- if (result->status != NIS_SUCCESS && result->status != NIS_NOTFOUND)
- {
- DEBUG(0, ("make_sam_from_nisresult: NIS+ lookup failure: %s\n",
- nis_sperrno(result->status)));
- return False;
- }
-
- /* User not found. */
- if (NIS_RES_NUMOBJ(result) <= 0)
- {
- DEBUG(10, ("make_sam_from_nisresult: user not found in NIS+\n"));
- return False;
- }
-
- if (NIS_RES_NUMOBJ(result) > 1)
- {
- DEBUG(10, ("make_sam_from_nisresult: WARNING: Multiple entries for user in NIS+ table!\n"));
- }
-
- /* Grab the first hit. */
- return make_sam_from_nisp_object(pw_buf, &NIS_RES_OBJECT(result)[0]);
- }
-
-/***************************************************************
- calls nis_list, returns results.
- ****************************************************************/
-static nis_result *nisp_get_nis_list(char *nis_name)
-{
- nis_result *result;
- result = nis_list(nis_name, FOLLOW_PATH|EXPAND_NAME|HARD_LOOKUP,NULL,NULL);
-
- alarm(0);
- CatchSignal(SIGALRM, SIGNAL_CAST SIG_DFL);
-
- if (gotalarm)
- {
- DEBUG(0,("nisp_get_nis_list: NIS+ lookup time out\n"));
- nis_freeresult(result);
- return NULL;
- }
- return result;
-}
-
-
-
-struct nisp_enum_info
-{
- nis_result *result;
- int enum_entry;
-};
-
-/***************************************************************
- Start to enumerate the nisplus passwd list. Returns a void pointer
- to ensure no modification outside this module.
-
- do not call this function directly. use passdb.c instead.
-
- ****************************************************************/
-static void *startnisppwent(BOOL update)
-{
- static struct nisp_enum_info res;
- res.result = nisp_get_nis_list(lp_smb_passwd_file());
- res.enum_entry = 0;
- return res.result != NULL ? &res : NULL;
-}
-
-/***************************************************************
- End enumeration of the nisplus passwd list.
-****************************************************************/
-static void endnisppwent(void *vp)
-{
- struct nisp_enum_info *res = (struct nisp_enum_info *)vp;
- nis_freeresult(res->result);
- DEBUG(7,("endnisppwent: freed enumeration list\n"));
-}
-
-/*************************************************************************
- Routine to return the next entry in the nisplus passwd list.
-
- do not call this function directly. use passdb.c instead.
-
- *************************************************************************/
-static struct sam_passwd *getnisp21pwent(void *vp)
-{
- struct nisp_enum_info *res = (struct nisp_enum_info *)vp;
- static struct sam_passwd pw_buf;
- int which;
- BOOL ret;
-
- if (res == NULL || (int)(res->enum_entry) < 0 ||
- (int)(res->enum_entry) > (NIS_RES_NUMOBJ(res->result) - 1)) {
- ret = False;
- } else {
- which = (int)(res->enum_entry);
- ret = make_sam_from_nisp_object(&pw_buf,
- &NIS_RES_OBJECT(res->result)[which]);
- if (ret && which < (NIS_RES_NUMOBJ(res->result) - 1))
- (int)(res->enum_entry)++;
- }
-
- return ret ? &pw_buf : NULL;
-}
-
-/*************************************************************************
- Return the current position in the nisplus passwd list as an SMB_BIG_UINT.
- This must be treated as an opaque token.
-
- do not call this function directly. use passdb.c instead.
-
-*************************************************************************/
-static SMB_BIG_UINT getnisppwpos(void *vp)
-{
- struct nisp_enum_info *res = (struct nisp_enum_info *)vp;
- return (SMB_BIG_UINT)(res->enum_entry);
-}
-
-/*************************************************************************
- Set the current position in the nisplus passwd list from SMB_BIG_UINT.
- This must be treated as an opaque token.
-
- do not call this function directly. use passdb.c instead.
-
-*************************************************************************/
-static BOOL setnisppwpos(void *vp, SMB_BIG_UINT tok)
-{
- struct nisp_enum_info *res = (struct nisp_enum_info *)vp;
- if (tok < (NIS_RES_NUMOBJ(res->result) - 1)) {
- res->enum_entry = tok;
- return True;
- } else {
- return False;
- }
-}
-
-/*************************************************************************
- sets a NIS+ attribute
- *************************************************************************/
-static void set_single_attribute(nis_object *new_obj, int col,
- char *val, int len, int flags)
-{
- if (new_obj == NULL) return;
-
- ENTRY_VAL(new_obj, col) = val;
- ENTRY_LEN(new_obj, col) = len+1;
-
- if (flags != 0)
- {
- new_obj->EN_data.en_cols.en_cols_val[col].ec_flags = flags;
- }
-}
-
-/************************************************************************
- Routine to add an entry to the nisplus passwd file.
-
- do not call this function directly. use passdb.c instead.
-
-*************************************************************************/
-static BOOL add_nisp21pwd_entry(struct sam_passwd *newpwd)
-{
- char *pfile;
- char *nisname;
- nis_result *nis_user;
- nis_result *result = NULL,
- *tblresult = NULL,
- *addresult = NULL;
- nis_object new_obj, *obj;
-
- fstring uid;
- fstring user_rid;
- fstring smb_grpid;
- fstring group_rid;
- fstring acb;
-
- fstring smb_passwd;
- fstring smb_nt_passwd;
-
- fstring logon_t;
- fstring logoff_t;
- fstring kickoff_t;
- fstring pwdlset_t;
- fstring pwdlchg_t;
- fstring pwdmchg_t;
-
- memset((char *)logon_t , '\0', sizeof(logon_t ));
- memset((char *)logoff_t , '\0', sizeof(logoff_t ));
- memset((char *)kickoff_t, '\0', sizeof(kickoff_t));
- memset((char *)pwdlset_t, '\0', sizeof(pwdlset_t));
- memset((char *)pwdlchg_t, '\0', sizeof(pwdlchg_t));
- memset((char *)pwdmchg_t, '\0', sizeof(pwdmchg_t));
-
- pfile = lp_smb_passwd_file();
-
- nisname = make_nisname_from_name(newpwd->smb_name, pfile);
- result = nisp_get_nis_list(nisname);
- if (result->status != NIS_SUCCESS && result->status != NIS_NOTFOUND)
- {
- DEBUG(3, ( "add_nis21ppwd_entry: nis_list failure: %s: %s\n",
- nisname, nis_sperrno(result->status)));
- nis_freeresult(result);
- return False;
- }
-
- if (result->status == NIS_SUCCESS && NIS_RES_NUMOBJ(result) > 0)
- {
- DEBUG(3, ("add_nisp21pwd_entry: User already exists in NIS+ password db: %s\n",
- pfile));
- nis_freeresult(result);
- return False;
- }
-
-#if 0
- /* User not found. */
- if (!add_user)
- {
- DEBUG(3, ("add_nisp21pwd_entry: User not found in NIS+ password db: %s\n",
- pfile));
- nis_freeresult(result);
- return False;
- }
-
-#endif
-
- tblresult = nis_lookup(pfile, FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP );
- if (tblresult->status != NIS_SUCCESS)
- {
- nis_freeresult(result);
- nis_freeresult(tblresult);
- DEBUG(3, ( "add_nisp21pwd_entry: nis_lookup failure: %s\n",
- nis_sperrno(tblresult->status)));
- return False;
- }
-
- new_obj.zo_name = NIS_RES_OBJECT(tblresult)->zo_name;
- new_obj.zo_domain = NIS_RES_OBJECT(tblresult)->zo_domain;
- new_obj.zo_owner = NIS_RES_OBJECT(tblresult)->zo_owner;
- new_obj.zo_group = NIS_RES_OBJECT(tblresult)->zo_group;
- new_obj.zo_access = NIS_RES_OBJECT(tblresult)->zo_access;
- new_obj.zo_ttl = NIS_RES_OBJECT(tblresult)->zo_ttl;
-
- new_obj.zo_data.zo_type = ENTRY_OBJ;
-
- new_obj.zo_data.objdata_u.en_data.en_type = NIS_RES_OBJECT(tblresult)->zo_data.objdata_u.ta_data.ta_type;
- new_obj.zo_data.objdata_u.en_data.en_cols.en_cols_len = NIS_RES_OBJECT(tblresult)->zo_data.objdata_u.ta_data.ta_maxcol;
- new_obj.zo_data.objdata_u.en_data.en_cols.en_cols_val = calloc(new_obj.zo_data.objdata_u.en_data.en_cols.en_cols_len, sizeof(entry_col));
-
- if (new_obj.zo_data.objdata_u.en_data.en_cols.en_cols_val == NULL)
- {
- DEBUG(0, ("add_nisp21pwd_entry: memory allocation failure\n"));
- nis_freeresult(result);
- nis_freeresult(tblresult);
- return False;
- }
-
- pdb_sethexpwd(smb_passwd , newpwd->smb_passwd , newpwd->acct_ctrl);
- pdb_sethexpwd(smb_nt_passwd, newpwd->smb_nt_passwd, newpwd->acct_ctrl);
-
- newpwd->pass_last_set_time = (time_t)time(NULL);
- newpwd->logon_time = (time_t)-1;
- newpwd->logoff_time = (time_t)-1;
- newpwd->kickoff_time = (time_t)-1;
- newpwd->pass_can_change_time = (time_t)-1;
- newpwd->pass_must_change_time = (time_t)-1;
-
- slprintf(logon_t, 13, "LNT-%08X", (uint32)newpwd->logon_time);
- slprintf(logoff_t, 13, "LOT-%08X", (uint32)newpwd->logoff_time);
- slprintf(kickoff_t, 13, "KOT-%08X", (uint32)newpwd->kickoff_time);
- slprintf(pwdlset_t, 13, "LCT-%08X", (uint32)newpwd->pass_last_set_time);
- slprintf(pwdlchg_t, 13, "CCT-%08X", (uint32)newpwd->pass_can_change_time);
- slprintf(pwdmchg_t, 13, "MCT-%08X", (uint32)newpwd->pass_must_change_time);
-
- slprintf(uid, sizeof(uid)-1, "%u", newpwd->smb_userid);
- slprintf(user_rid, sizeof(user_rid)-1, "0x%x", newpwd->user_rid);
- slprintf(smb_grpid, sizeof(smb_grpid)-1, "%u", newpwd->smb_grpid);
- slprintf(group_rid, sizeof(group_rid)-1, "0x%x", newpwd->group_rid);
-
- safe_strcpy(acb, pdb_encode_acct_ctrl(newpwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN), sizeof(acb)-1);
-
- set_single_attribute(&new_obj, NPF_NAME , newpwd->smb_name , strlen(newpwd->smb_name) , 0);
- set_single_attribute(&new_obj, NPF_UID , uid , strlen(uid) , 0);
- set_single_attribute(&new_obj, NPF_USER_RID , user_rid , strlen(user_rid) , 0);
- set_single_attribute(&new_obj, NPF_SMB_GRPID , smb_grpid , strlen(smb_grpid) , 0);
- set_single_attribute(&new_obj, NPF_GROUP_RID , group_rid , strlen(group_rid) , 0);
- set_single_attribute(&new_obj, NPF_ACB , acb , strlen(acb) , 0);
- set_single_attribute(&new_obj, NPF_LMPWD , smb_passwd , strlen(smb_passwd) , EN_CRYPT);
- set_single_attribute(&new_obj, NPF_NTPWD , smb_nt_passwd , strlen(smb_nt_passwd) , EN_CRYPT);
- set_single_attribute(&new_obj, NPF_LOGON_T , logon_t , strlen(logon_t) , 0);
- set_single_attribute(&new_obj, NPF_LOGOFF_T , logoff_t , strlen(logoff_t) , 0);
- set_single_attribute(&new_obj, NPF_KICK_T , kickoff_t , strlen(kickoff_t) , 0);
- set_single_attribute(&new_obj, NPF_PWDLSET_T , pwdlset_t , strlen(pwdlset_t) , 0);
- set_single_attribute(&new_obj, NPF_PWDLCHG_T , pwdlchg_t , strlen(pwdlchg_t) , 0);
- set_single_attribute(&new_obj, NPF_PWDMCHG_T , pwdmchg_t , strlen(pwdmchg_t) , 0);
-#if 0
- set_single_attribute(&new_obj, NPF_FULL_NAME , newpwd->full_name , strlen(newpwd->full_name) , 0);
- set_single_attribute(&new_obj, NPF_HOME_DIR , newpwd->home_dir , strlen(newpwd->home_dir) , 0);
- set_single_attribute(&new_obj, NPF_DIR_DRIVE , newpwd->dir_drive , strlen(newpwd->dir_drive) , 0);
- set_single_attribute(&new_obj, NPF_LOGON_SCRIPT , newpwd->logon_script , strlen(newpwd->logon_script) , 0);
- set_single_attribute(&new_obj, NPF_PROFILE_PATH , newpwd->profile_path , strlen(newpwd->profile_path) , 0);
- set_single_attribute(&new_obj, NPF_ACCT_DESC , newpwd->acct_desc , strlen(newpwd->acct_desc) , 0);
- set_single_attribute(&new_obj, NPF_WORKSTATIONS , newpwd->workstations , strlen(newpwd->workstations) , 0);
- set_single_attribute(&new_obj, NPF_HOURS , newpwd->hours , newpwd->hours_len , 0);
-#endif
-
- obj = &new_obj;
-
- addresult = nis_add_entry(pfile, obj, ADD_OVERWRITE | FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP);
-
-
- if (addresult->status != NIS_SUCCESS)
- {
- DEBUG(3, ( "add_nisp21pwd_entry: NIS+ table update failed: %s\n",
- nisname, nis_sperrno(addresult->status)));
- nis_freeresult(tblresult);
- nis_freeresult(addresult);
- nis_freeresult(result);
- return False;
- }
-
- nis_freeresult(tblresult);
- nis_freeresult(addresult);
- nis_freeresult(result);
-
- return True;
-}
-
-/************************************************************************
- Routine to search the nisplus passwd file for an entry matching the username.
- and then modify its password entry. We can't use the startnisppwent()/
- getnisppwent()/endnisppwent() interfaces here as we depend on looking
- in the actual file to decide how much room we have to write data.
- override = False, normal
- override = True, override XXXXXXXX'd out password or NO PASS
-
- do not call this function directly. use passdb.c instead.
-
-************************************************************************/
-static BOOL mod_nisp21pwd_entry(struct sam_passwd* pwd, BOOL override)
-{
- char *oldnislmpwd, *oldnisntpwd, *oldnisacb, *oldnislct, *user_name;
- char lmpwd[33], ntpwd[33], lct[13];
- nis_result *result, *addresult;
- nis_object *obj;
- fstring acb;
- pstring nisname;
- BOOL got_pass_last_set_time, ret;
- int i;
-
- if (!*lp_smb_passwd_file())
- {
- DEBUG(0, ("mod_getnisp21pwd_entry: no SMB password file set\n"));
- return False;
- }
-
- DEBUG(10, ("mod_getnisp21pwd_entry: search by name: %s\n", pwd->smb_name));
- DEBUG(10, ("mod_getnisp21pwd_entry: using NIS+ table %s\n", lp_smb_passwd_file()));
-
- slprintf(nisname, sizeof(nisname)-1, "[name=%s],%s", pwd->smb_name, lp_smb_passwd_file());
-
- /* Search the table. */
- gotalarm = 0;
- CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig);
- alarm(5);
-
- result = nis_list(nisname, FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP, NULL, NULL);
-
- alarm(0);
- CatchSignal(SIGALRM, SIGNAL_CAST SIG_DFL);
-
- if (gotalarm)
- {
- DEBUG(0,("mod_getnisp21pwd_entry: NIS+ lookup time out\n"));
- nis_freeresult(result);
- return False;
- }
-
- if(result->status != NIS_SUCCESS || NIS_RES_NUMOBJ(result) <= 0) {
- /* User not found. */
- DEBUG(0,("mod_getnisp21pwd_entry: user not found in NIS+\n"));
- nis_freeresult(result);
- return False;
- }
-
- DEBUG(6,("mod_getnisp21pwd_entry: entry exists\n"));
-
- obj = NIS_RES_OBJECT(result);
-
- user_name = ENTRY_VAL(obj, NPF_NAME);
- oldnislmpwd = ENTRY_VAL(obj, NPF_LMPWD);
- oldnisntpwd = ENTRY_VAL(obj, NPF_NTPWD);
- oldnisacb = ENTRY_VAL(obj, NPF_ACB);
- oldnislct = ENTRY_VAL(obj, NPF_PWDLSET_T);
-
-
- if (!override && (*oldnislmpwd == '*' || *oldnislmpwd == 'X' ||
- *oldnisntpwd == '*' || *oldnisntpwd == 'X')) {
- /* Password deliberately invalid - end here. */
- DEBUG(10, ("mod_nisp21pwd_entry: entry invalidated for user %s\n", user_name));
- nis_freeresult(result);
- return False;
- }
-
- if (strlen(oldnislmpwd) != 32 || strlen(oldnisntpwd) != 32) {
- DEBUG(0, ("mod_nisp21pwd_entry: malformed password entry (incorrect length)\n"));
- nis_freeresult(result);
- return False;
- }
-
-
-
- /*
- * Now check if the account info and the password last
- * change time is available.
- */
-
- /*
- * If both NT and lanman passwords are provided - reset password
- * not required flag.
- */
-
- if(pwd->smb_passwd != NULL || pwd->smb_nt_passwd != NULL) {
- /* Require password in the future (should ACB_DISABLED also be reset?) */
- pwd->acct_ctrl &= ~(ACB_PWNOTREQ);
- }
-
- if (*oldnisacb == '[') {
-
- i = 0;
- acb[i++] = oldnisacb[i];
- while(i < (sizeof(fstring) - 2) && (oldnisacb[i] != ']'))
- acb[i] = oldnisacb[i++];
-
- acb[i++] = ']';
- acb[i++] = '\0';
-
- if (i == NEW_PW_FORMAT_SPACE_PADDED_LEN) {
- /*
- * We are using a new format, space padded
- * acct ctrl field. Encode the given acct ctrl
- * bits into it.
- */
- fstrcpy(acb, pdb_encode_acct_ctrl(pwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN));
- } else {
- /*
- * If using the old format and the ACB_DISABLED or
- * ACB_PWNOTREQ are set then set the lanman and NT passwords to NULL
- * here as we have no space to encode the change.
- */
- if(pwd->acct_ctrl & (ACB_DISABLED|ACB_PWNOTREQ)) {
- pwd->smb_passwd = NULL;
- pwd->smb_nt_passwd = NULL;
- }
- }
-
- /* Now do the LCT stuff. */
- if (StrnCaseCmp(oldnislct, "LCT-", 4) == 0) {
-
- for(i = 0; i < 8; i++) {
- if(oldnislct[i+4] == '\0' || !isxdigit(oldnislct[i+4]))
- break;
- }
- if (i == 8) {
- /*
- * p points at 8 characters of hex digits -
- * read into a time_t as the seconds since
- * 1970 that the password was last changed.
- */
- got_pass_last_set_time = True;
- } /* i == 8 */
- } /* StrnCaseCmp() */
-
- } /* p == '[' */
-
- /* Entry is correctly formed. */
-
-
-
- /* Create the 32 byte representation of the new p16 */
- if(pwd->smb_passwd != NULL) {
- for (i = 0; i < 16; i++) {
- slprintf(&lmpwd[i*2], 32, "%02X", (uchar) pwd->smb_passwd[i]);
- }
- } else {
- if(pwd->acct_ctrl & ACB_PWNOTREQ)
- fstrcpy(lmpwd, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
- else
- fstrcpy(lmpwd, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
- }
-
- /* Add on the NT md4 hash */
- if (pwd->smb_nt_passwd != NULL) {
- for (i = 0; i < 16; i++) {
- slprintf(&ntpwd[i*2], 32, "%02X", (uchar) pwd->smb_nt_passwd[i]);
- }
- } else {
- if(pwd->acct_ctrl & ACB_PWNOTREQ)
- fstrcpy(ntpwd, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
- else
- fstrcpy(ntpwd, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
- }
-
- pwd->pass_last_set_time = time(NULL);
-
- if(got_pass_last_set_time) {
- slprintf(lct, 13, "LCT-%08X", (uint32)pwd->pass_last_set_time);
- }
-
- set_single_attribute(obj, NPF_LMPWD, lmpwd, strlen(lmpwd), EN_CRYPT);
- set_single_attribute(obj, NPF_NTPWD, ntpwd, strlen(ntpwd), EN_CRYPT);
- set_single_attribute(obj, NPF_ACB, acb, strlen(acb), 0);
- set_single_attribute(obj, NPF_PWDLSET_T, lct, strlen(lct), 0);
-
- addresult =
- nis_add_entry(lp_smb_passwd_file(), obj,
- ADD_OVERWRITE | FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP);
-
- if(addresult->status != NIS_SUCCESS) {
- DEBUG(0, ("mod_nisp21pwd_entry: NIS+ table update failed: %s %s\n", nisname, nis_sperrno(addresult->status)));
- nis_freeresult(addresult);
- nis_freeresult(result);
- return False;
- }
-
- DEBUG(6,("mod_nisp21pwd_entry: password changed\n"));
-
- nis_freeresult(addresult);
- nis_freeresult(result);
-
- return True;
-}
-
-
-/*************************************************************************
- Routine to search the nisplus passwd file for an entry matching the username
- *************************************************************************/
-static struct sam_passwd *getnisp21pwnam(char *name)
-{
- /* Static buffers we will return. */
- static struct sam_passwd pw_buf;
- nis_result *result;
- pstring nisname;
- BOOL ret;
-
- if (!*lp_smb_passwd_file())
- {
- DEBUG(0, ("No SMB password file set\n"));
- return NULL;
- }
-
- DEBUG(10, ("getnisp21pwnam: search by name: %s\n", name));
- DEBUG(10, ("getnisp21pwnam: using NIS+ table %s\n", lp_smb_passwd_file()));
-
- slprintf(nisname, sizeof(nisname)-1, "[name=%s],%s", name, lp_smb_passwd_file());
-
- /* Search the table. */
- gotalarm = 0;
- CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig);
- alarm(5);
-
- result = nis_list(nisname, FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP, NULL, NULL);
-
- alarm(0);
- CatchSignal(SIGALRM, SIGNAL_CAST SIG_DFL);
-
- if (gotalarm)
- {
- DEBUG(0,("getnisp21pwnam: NIS+ lookup time out\n"));
- nis_freeresult(result);
- return NULL;
- }
-
- ret = make_sam_from_nisresult(&pw_buf, result);
- nis_freeresult(result);
-
- return ret ? &pw_buf : NULL;
-}
-
-/*************************************************************************
- Routine to search the nisplus passwd file for an entry matching the username
- *************************************************************************/
-static struct sam_passwd *getnisp21pwrid(uint32 rid)
-{
- /* Static buffers we will return. */
- static struct sam_passwd pw_buf;
- nis_result *result;
- char *nisname;
- BOOL ret;
-
- if (!*lp_smb_passwd_file())
- {
- DEBUG(0, ("getnisp21pwrid: no SMB password file set\n"));
- return NULL;
- }
-
- DEBUG(10, ("getnisp21pwrid: search by rid: %x\n", rid));
- DEBUG(10, ("getnisp21pwrid: using NIS+ table %s\n", lp_smb_passwd_file()));
-
- nisname = make_nisname_from_user_rid(rid, lp_smb_passwd_file());
-
- /* Search the table. */
- gotalarm = 0;
- CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig);
- alarm(5);
-
- result = nis_list(nisname, FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP, NULL, NULL);
-
- alarm(0);
- CatchSignal(SIGALRM, SIGNAL_CAST SIG_DFL);
-
- if (gotalarm)
- {
- DEBUG(0,("getnisp21pwrid: NIS+ lookup time out\n"));
- nis_freeresult(result);
- return NULL;
- }
-
- ret = make_sam_from_nisresult(&pw_buf, result);
- nis_freeresult(result);
-
- return ret ? &pw_buf : NULL;
-}
-
-/*
- * Derived functions for NIS+.
- */
-
-static struct smb_passwd *getnisppwent(void *vp)
-{
- return pdb_sam_to_smb(getnisp21pwent(vp));
-}
-
-static BOOL add_nisppwd_entry(struct smb_passwd *newpwd)
-{
- return add_nisp21pwd_entry(pdb_smb_to_sam(newpwd));
-}
-
-static BOOL mod_nisppwd_entry(struct smb_passwd* pwd, BOOL override)
-{
- return mod_nisp21pwd_entry(pdb_smb_to_sam(pwd), override);
-}
-
-static BOOL del_nisppwd_entry(const char *name)
-{
- return False; /* Dummy. */
-}
-
-static struct smb_passwd *getnisppwnam(char *name)
-{
- return pdb_sam_to_smb(getnisp21pwnam(name));
-}
-
-static struct sam_passwd *getnisp21pwuid(uid_t smb_userid)
-{
- return getnisp21pwrid(pdb_uid_to_user_rid(smb_userid));
-}
-
-static struct smb_passwd *getnisppwrid(uint32 user_rid)
-{
- return pdb_sam_to_smb(getnisp21pwuid(pdb_user_rid_to_uid(user_rid)));
-}
-
-static struct smb_passwd *getnisppwuid(uid_t smb_userid)
-{
- return pdb_sam_to_smb(getnisp21pwuid(smb_userid));
-}
-
-static struct sam_disp_info *getnispdispnam(char *name)
-{
- return pdb_sam_to_dispinfo(getnisp21pwnam(name));
-}
-
-static struct sam_disp_info *getnispdisprid(uint32 rid)
-{
- return pdb_sam_to_dispinfo(getnisp21pwrid(rid));
-}
-
-static struct sam_disp_info *getnispdispent(void *vp)
-{
- return pdb_sam_to_dispinfo(getnisp21pwent(vp));
-}
-
-static struct passdb_ops nispasswd_ops = {
- startnisppwent,
- endnisppwent,
- getnisppwpos,
- setnisppwpos,
- getnisppwnam,
- getnisppwuid,
- getnisppwrid,
- getnisppwent,
- add_nisppwd_entry,
- mod_nisppwd_entry,
- del_nisppwd_entry,
- getnisp21pwent,
- getnisp21pwnam,
- getnisp21pwuid,
- getnisp21pwrid,
- add_nisp21pwd_entry,
- mod_nisp21pwd_entry,
- getnispdispnam,
- getnispdisprid,
- getnispdispent
-};
-
-struct passdb_ops *nisplus_initialize_password_db(void)
-{
- return &nispasswd_ops;
-}
-
-#else
- void nisplus_dummy_function(void);
- void nisplus_dummy_function(void) { } /* stop some compilers complaining */
-#endif /* WITH_NISPLUS */
-
-/* useful code i can't bring myself to delete */
-#if 0
-static void useful_code(void) {
- /* checks user in unix password database. don't want to do that, here. */
- nisname = make_nisname_from_name(newpwd->smb_name, "passwd.org_dir");
-
- nis_user = nis_list(nisname, FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP, NULL, NULL);
-
- if (nis_user->status != NIS_SUCCESS || NIS_RES_NUMOBJ(nis_user) <= 0)
- {
- DEBUG(3, ("useful_code: Unable to get NIS+ passwd entry for user: %s.\n",
- nis_sperrno(nis_user->status)));
- return False;
- }
-
- user_obj = NIS_RES_OBJECT(nis_user);
- make_nisname_from_name(ENTRY_VAL(user_obj,0), pfile);
-}
-#endif
diff --git a/source/passdb/smbpass.c b/source/passdb/smbpass.c
deleted file mode 100644
index ec28254c748..00000000000
--- a/source/passdb/smbpass.c
+++ /dev/null
@@ -1,1429 +0,0 @@
-/*
- * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
- * Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
- *
- * This program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
- * more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 675
- * Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "includes.h"
-
-#ifdef USE_SMBPASS_DB
-
-extern int DEBUGLEVEL;
-extern pstring samlogon_user;
-extern BOOL sam_logon_in_ssb;
-
-static int pw_file_lock_depth;
-
-enum pwf_access_type { PWF_READ, PWF_UPDATE, PWF_CREATE };
-
-/***************************************************************
- Internal fn to enumerate the smbpasswd list. Returns a void pointer
- to ensure no modification outside this module. Checks for atomic
- rename of smbpasswd file on update or create once the lock has
- been granted to prevent race conditions. JRA.
-****************************************************************/
-
-static void *startsmbfilepwent_internal(const char *pfile, enum pwf_access_type type, int *lock_depth)
-{
- FILE *fp = NULL;
- const char *open_mode = NULL;
- int race_loop = 0;
- int lock_type = F_RDLCK;
-
- if (!*pfile) {
- DEBUG(0, ("startsmbfilepwent: No SMB password file set\n"));
- return (NULL);
- }
-
- switch(type) {
- case PWF_READ:
- open_mode = "rb";
- lock_type = F_RDLCK;
- break;
- case PWF_UPDATE:
- open_mode = "r+b";
- lock_type = F_WRLCK;
- break;
- case PWF_CREATE:
- /*
- * Ensure atomic file creation.
- */
- {
- int i, fd = -1;
-
- for(i = 0; i < 5; i++) {
- if((fd = sys_open(pfile, O_CREAT|O_TRUNC|O_EXCL|O_RDWR, 0600))!=-1)
- break;
- sys_usleep(200); /* Spin, spin... */
- }
- if(fd == -1) {
- DEBUG(0,("startsmbfilepwent_internal: too many race conditions creating file %s\n", pfile));
- return NULL;
- }
- close(fd);
- open_mode = "r+b";
- lock_type = F_WRLCK;
- break;
- }
- }
-
- for(race_loop = 0; race_loop < 5; race_loop++) {
- DEBUG(10, ("startsmbfilepwent_internal: opening file %s\n", pfile));
-
- if((fp = sys_fopen(pfile, open_mode)) == NULL) {
- DEBUG(0, ("startsmbfilepwent_internal: unable to open file %s. Error was %s\n", pfile, strerror(errno) ));
- return NULL;
- }
-
- if (!pw_file_lock(fileno(fp), lock_type, 5, lock_depth)) {
- DEBUG(0, ("startsmbfilepwent_internal: unable to lock file %s. Error was %s\n", pfile, strerror(errno) ));
- fclose(fp);
- return NULL;
- }
-
- /*
- * Only check for replacement races on update or create.
- * For read we don't mind if the data is one record out of date.
- */
-
- if(type == PWF_READ) {
- break;
- } else {
- SMB_STRUCT_STAT sbuf1, sbuf2;
-
- /*
- * Avoid the potential race condition between the open and the lock
- * by doing a stat on the filename and an fstat on the fd. If the
- * two inodes differ then someone did a rename between the open and
- * the lock. Back off and try the open again. Only do this 5 times to
- * prevent infinate loops. JRA.
- */
-
- if (sys_stat(pfile,&sbuf1) != 0) {
- DEBUG(0, ("startsmbfilepwent_internal: unable to stat file %s. Error was %s\n", pfile, strerror(errno)));
- pw_file_unlock(fileno(fp), lock_depth);
- fclose(fp);
- return NULL;
- }
-
- if (sys_fstat(fileno(fp),&sbuf2) != 0) {
- DEBUG(0, ("startsmbfilepwent_internal: unable to fstat file %s. Error was %s\n", pfile, strerror(errno)));
- pw_file_unlock(fileno(fp), lock_depth);
- fclose(fp);
- return NULL;
- }
-
- if( sbuf1.st_ino == sbuf2.st_ino) {
- /* No race. */
- break;
- }
-
- /*
- * Race occurred - back off and try again...
- */
-
- pw_file_unlock(fileno(fp), lock_depth);
- fclose(fp);
- }
- }
-
- if(race_loop == 5) {
- DEBUG(0, ("startsmbfilepwent_internal: too many race conditions opening file %s\n", pfile));
- return NULL;
- }
-
- /* Set a buffer to do more efficient reads */
- setvbuf(fp, (char *)NULL, _IOFBF, 1024);
-
- /* Make sure it is only rw by the owner */
- if(fchmod(fileno(fp), S_IRUSR|S_IWUSR) == -1) {
- DEBUG(0, ("startsmbfilepwent_internal: failed to set 0600 permissions on password file %s. \
-Error was %s\n.", pfile, strerror(errno) ));
- pw_file_unlock(fileno(fp), lock_depth);
- fclose(fp);
- return NULL;
- }
-
- /* We have a lock on the file. */
- return (void *)fp;
-}
-
-/***************************************************************
- Start to enumerate the smbpasswd list. Returns a void pointer
- to ensure no modification outside this module.
-****************************************************************/
-
-static void *startsmbfilepwent(BOOL update)
-{
- return startsmbfilepwent_internal(lp_smb_passwd_file(), update ? PWF_UPDATE : PWF_READ, &pw_file_lock_depth);
-}
-
-/***************************************************************
- End enumeration of the smbpasswd list.
-****************************************************************/
-
-static void endsmbfilepwent_internal(void *vp, int *lock_depth)
-{
- FILE *fp = (FILE *)vp;
-
- pw_file_unlock(fileno(fp), lock_depth);
- fclose(fp);
- DEBUG(7, ("endsmbfilepwent_internal: closed password file.\n"));
-}
-
-/***************************************************************
- End enumeration of the smbpasswd list - operate on the default
- lock_depth.
-****************************************************************/
-
-static void endsmbfilepwent(void *vp)
-{
- endsmbfilepwent_internal(vp, &pw_file_lock_depth);
-}
-
-/*************************************************************************
- Routine to return the next entry in the smbpasswd list.
- *************************************************************************/
-
-static struct smb_passwd *getsmbfilepwent(void *vp)
-{
- /* Static buffers we will return. */
- static struct smb_passwd pw_buf;
- static pstring user_name;
- static unsigned char smbpwd[16];
- static unsigned char smbntpwd[16];
- FILE *fp = (FILE *)vp;
- char linebuf[256];
- unsigned char c;
- unsigned char *p;
- long uidval;
- size_t linebuf_len;
-
- if(fp == NULL) {
- DEBUG(0,("getsmbfilepwent: Bad password file pointer.\n"));
- return NULL;
- }
-
- pdb_init_smb(&pw_buf);
-
- pw_buf.acct_ctrl = ACB_NORMAL;
-
- /*
- * Scan the file, a line at a time and check if the name matches.
- */
- while (!feof(fp)) {
- linebuf[0] = '\0';
-
- fgets(linebuf, 256, fp);
- if (ferror(fp)) {
- return NULL;
- }
-
- /*
- * Check if the string is terminated with a newline - if not
- * then we must keep reading and discard until we get one.
- */
- if ((linebuf_len = strlen(linebuf)) == 0)
- continue;
-
- if (linebuf[linebuf_len - 1] != '\n') {
- c = '\0';
- while (!ferror(fp) && !feof(fp)) {
- c = fgetc(fp);
- if (c == '\n')
- break;
- }
- } else
- linebuf[linebuf_len - 1] = '\0';
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100, ("getsmbfilepwent: got line |%s|\n", linebuf));
-#endif
- if ((linebuf[0] == 0) && feof(fp)) {
- DEBUG(4, ("getsmbfilepwent: end of file reached\n"));
- break;
- }
- /*
- * The line we have should be of the form :-
- *
- * username:uid:32hex bytes:[Account type]:LCT-12345678....other flags presently
- * ignored....
- *
- * or,
- *
- * username:uid:32hex bytes:32hex bytes:[Account type]:LCT-12345678....ignored....
- *
- * if Windows NT compatible passwords are also present.
- * [Account type] is an ascii encoding of the type of account.
- * LCT-(8 hex digits) is the time_t value of the last change time.
- */
-
- if (linebuf[0] == '#' || linebuf[0] == '\0') {
- DEBUG(6, ("getsmbfilepwent: skipping comment or blank line\n"));
- continue;
- }
- p = (unsigned char *) strchr(linebuf, ':');
- if (p == NULL) {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (no :)\n"));
- continue;
- }
- /*
- * As 256 is shorter than a pstring we don't need to check
- * length here - if this ever changes....
- */
- strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
- user_name[PTR_DIFF(p, linebuf)] = '\0';
-
- /* Get smb uid. */
-
- p++; /* Go past ':' */
-
- if(*p == '-') {
- DEBUG(0, ("getsmbfilepwent: uids in the smbpasswd file must not be negative for user: %s.\n", user_name));
- continue;
- }
-
- if (!isdigit(*p)) {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (uid not number) for user: %s.\n", user_name));
- continue;
- }
-
- uidval = atoi((char *) p);
-
- while (*p && isdigit(*p))
- p++;
-
- if (*p != ':') {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (no : after uid) for user: %s.\n", user_name));
- continue;
- }
-
- pw_buf.smb_name = user_name;
- pw_buf.smb_userid = uidval;
-
- /*
- * Now get the password value - this should be 32 hex digits
- * which are the ascii representations of a 16 byte string.
- * Get two at a time and put them into the password.
- */
-
- /* Skip the ':' */
- p++;
-
- if (*p == '*' || *p == 'X') {
- /* Password deliberately invalid - end here. */
- DEBUG(10, ("getsmbfilepwent: entry invalidated for user %s\n", user_name));
- pw_buf.smb_nt_passwd = NULL;
- pw_buf.smb_passwd = NULL;
- pw_buf.acct_ctrl |= ACB_DISABLED;
- return &pw_buf;
- }
-
- if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (passwd too short) for user %s\n", user_name));
- continue;
- }
-
- if (p[32] != ':') {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (no terminating :) for user %s\n", user_name));
- continue;
- }
-
- if (!strncasecmp((char *) p, "NO PASSWORD", 11)) {
- pw_buf.smb_passwd = NULL;
- pw_buf.acct_ctrl |= ACB_PWNOTREQ;
- } else {
- if (!pdb_gethexpwd((char *)p, smbpwd)) {
- DEBUG(0, ("getsmbfilepwent: Malformed Lanman password entry (non hex chars) for user %s\n", user_name));
- continue;
- }
- pw_buf.smb_passwd = smbpwd;
- }
-
- /*
- * Now check if the NT compatible password is
- * available.
- */
- pw_buf.smb_nt_passwd = NULL;
-
- p += 33; /* Move to the first character of the line after
- the lanman password. */
- if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) {
- if (*p != '*' && *p != 'X') {
- if(pdb_gethexpwd((char *)p,smbntpwd))
- pw_buf.smb_nt_passwd = smbntpwd;
- }
- p += 33; /* Move to the first character of the line after
- the NT password. */
- }
-
- DEBUG(5,("getsmbfilepwent: returning passwd entry for user %s, uid %ld\n",
- user_name, uidval));
-
- if (*p == '[')
- {
- unsigned char *end_p = (unsigned char *)strchr((char *)p, ']');
- pw_buf.acct_ctrl = pdb_decode_acct_ctrl((char*)p);
-
- /* Must have some account type set. */
- if(pw_buf.acct_ctrl == 0)
- pw_buf.acct_ctrl = ACB_NORMAL;
-
- /* Now try and get the last change time. */
- if(end_p)
- p = end_p + 1;
- if(*p == ':') {
- p++;
- if(*p && (StrnCaseCmp((char *)p, "LCT-", 4)==0)) {
- int i;
- p += 4;
- for(i = 0; i < 8; i++) {
- if(p[i] == '\0' || !isxdigit(p[i]))
- break;
- }
- if(i == 8) {
- /*
- * p points at 8 characters of hex digits -
- * read into a time_t as the seconds since
- * 1970 that the password was last changed.
- */
- pw_buf.pass_last_set_time = (time_t)strtol((char *)p, NULL, 16);
- }
- }
- }
- } else {
- /* 'Old' style file. Fake up based on user name. */
- /*
- * Currently trust accounts are kept in the same
- * password file as 'normal accounts'. If this changes
- * we will have to fix this code. JRA.
- */
- if(pw_buf.smb_name[strlen(pw_buf.smb_name) - 1] == '$') {
- pw_buf.acct_ctrl &= ~ACB_NORMAL;
- pw_buf.acct_ctrl |= ACB_WSTRUST;
- }
- }
-
- return &pw_buf;
- }
-
- DEBUG(5,("getsmbfilepwent: end of file reached.\n"));
- return NULL;
-}
-
-/*************************************************************************
- build a fully populated struct sam_passwd given a struct smb_passwd
- ************************************************************************/
-static struct sam_passwd* build_sampw_from_smbpw (struct smb_passwd *pw_buf)
-{
- static struct sam_passwd user;
- struct passwd *pwfile;
-
- static pstring full_name;
- static pstring home_dir;
- static pstring home_drive;
- static pstring logon_script;
- static pstring profile_path;
- static pstring acct_desc;
- static pstring workstations;
-
- /* lookup in local system passwd file */
- if (pw_buf == NULL) return NULL;
-
- pwfile = sys_getpwnam(pw_buf->smb_name);
- if (pwfile == NULL)
- {
- DEBUG(0,("getsmbfile21pwent: smbpasswd database is corrupt!\n"));
- DEBUG(0,("getsmbfile21pwent: username %s not in unix passwd database!\n", pw_buf->smb_name));
- return NULL;
- }
-
- /* init structure */
- ZERO_STRUCT (user);
- pdb_init_sam (&user);
-
-
- /* set data fields */
- pstrcpy(samlogon_user, pw_buf->smb_name);
-
- if (samlogon_user[strlen(samlogon_user)-1] != '$')
- {
- /* XXXX hack to get standard_sub_basic() to use sam logon username */
- /* possibly a better way would be to do a become_user() call */
- sam_logon_in_ssb = True;
-
- user.smb_userid = pwfile->pw_uid;
- user.smb_grpid = pwfile->pw_gid;
-
- user.user_rid = pdb_uid_to_user_rid (user.smb_userid);
- user.group_rid = pdb_gid_to_group_rid(user.smb_grpid );
-
- pstrcpy(full_name, pwfile->pw_gecos);
- pstrcpy(logon_script , lp_logon_script ());
- pstrcpy(profile_path , lp_logon_path ());
- pstrcpy(home_drive , lp_logon_drive ());
- pstrcpy(home_dir , lp_logon_home ());
- pstrcpy(acct_desc , "");
- pstrcpy(workstations , "");
-
- standard_sub_advanced(-1, samlogon_user, "", user.smb_grpid, logon_script);
- standard_sub_advanced(-1, samlogon_user, "", user.smb_grpid, profile_path);
- standard_sub_advanced(-1, samlogon_user, "", user.smb_grpid, home_drive);
- standard_sub_advanced(-1, samlogon_user, "", user.smb_grpid, home_dir);
- sam_logon_in_ssb = False;
- }
- else
- {
- user.smb_userid = pwfile->pw_uid;
- user.smb_grpid = pwfile->pw_gid;
-
- user.user_rid = pdb_uid_to_user_rid (user.smb_userid);
- user.group_rid = DOMAIN_GROUP_RID_USERS; /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */
-
- pstrcpy(full_name , "");
- pstrcpy(logon_script , "");
- pstrcpy(profile_path , "");
- pstrcpy(home_drive , "");
- pstrcpy(home_dir , "");
- pstrcpy(acct_desc , "");
- pstrcpy(workstations , "");
- }
-
- user.smb_name = pw_buf->smb_name;
- user.full_name = full_name;
- user.home_dir = home_dir;
- user.dir_drive = home_drive;
- user.logon_script = logon_script;
- user.profile_path = profile_path;
- user.acct_desc = acct_desc;
- user.workstations = workstations;
-
- user.unknown_str = NULL; /* don't know, yet! */
- user.munged_dial = NULL; /* "munged" dial-back telephone number */
-
- user.smb_nt_passwd = pw_buf->smb_nt_passwd;
- user.smb_passwd = pw_buf->smb_passwd;
-
- user.acct_ctrl = pw_buf->acct_ctrl;
-
- user.unknown_3 = 0xffffff; /* don't know */
- user.logon_divs = 168; /* hours per week */
- user.hours_len = 21; /* 21 times 8 bits = 168 */
- memset(user.hours, 0xff, user.hours_len); /* available at all hours */
- user.unknown_5 = 0x00000000; /* don't know */
- user.unknown_6 = 0x000004ec; /* don't know */
-
- return &user;
-}
-
-
-/*************************************************************************
- Routine to return the next entry in the smbpasswd list.
- this function is a nice, messy combination of reading:
- - the smbpasswd file
- - the unix password database
- - smb.conf options (not done at present).
- *************************************************************************/
-
-static struct sam_passwd *getsmbfile21pwent(void *vp)
-{
- struct smb_passwd *pw_buf = getsmbfilepwent(vp);
- struct sam_passwd *user;
-
-
- DEBUG(5,("getsmbfile21pwent\n"));
- user = build_sampw_from_smbpw(pw_buf);
-
- return user;
-}
-
-/*************************************************************************
- Return the current position in the smbpasswd list as an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-
-static SMB_BIG_UINT getsmbfilepwpos(void *vp)
-{
- return (SMB_BIG_UINT)sys_ftell((FILE *)vp);
-}
-
-/*************************************************************************
- Set the current position in the smbpasswd list from an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-
-static BOOL setsmbfilepwpos(void *vp, SMB_BIG_UINT tok)
-{
- return !sys_fseek((FILE *)vp, (SMB_OFF_T)tok, SEEK_SET);
-}
-
-/************************************************************************
- Create a new smbpasswd entry - malloced space returned.
-*************************************************************************/
-
-char *format_new_smbpasswd_entry(struct smb_passwd *newpwd)
-{
- int new_entry_length;
- char *new_entry;
- char *p;
- int i;
-
- new_entry_length = strlen(newpwd->smb_name) + 1 + 15 + 1 + 32 + 1 + 32 + 1 + NEW_PW_FORMAT_SPACE_PADDED_LEN + 1 + 13 + 2;
-
- if((new_entry = (char *)malloc( new_entry_length )) == NULL) {
- DEBUG(0, ("format_new_smbpasswd_entry: Malloc failed adding entry for user %s.\n", newpwd->smb_name ));
- return NULL;
- }
-
- slprintf(new_entry, new_entry_length - 1, "%s:%u:", newpwd->smb_name, (unsigned)newpwd->smb_userid);
- p = &new_entry[strlen(new_entry)];
-
- if(newpwd->smb_passwd != NULL) {
- for( i = 0; i < 16; i++) {
- slprintf((char *)&p[i*2], new_entry_length - (p - new_entry) - 1, "%02X", newpwd->smb_passwd[i]);
- }
- } else {
- i=0;
- if(newpwd->acct_ctrl & ACB_PWNOTREQ)
- safe_strcpy((char *)p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", new_entry_length - 1 - (p - new_entry));
- else
- safe_strcpy((char *)p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", new_entry_length - 1 - (p - new_entry));
- }
-
- p += 32;
-
- *p++ = ':';
-
- if(newpwd->smb_nt_passwd != NULL) {
- for( i = 0; i < 16; i++) {
- slprintf((char *)&p[i*2], new_entry_length - 1 - (p - new_entry), "%02X", newpwd->smb_nt_passwd[i]);
- }
- } else {
- if(newpwd->acct_ctrl & ACB_PWNOTREQ)
- safe_strcpy((char *)p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", new_entry_length - 1 - (p - new_entry));
- else
- safe_strcpy((char *)p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", new_entry_length - 1 - (p - new_entry));
- }
-
- p += 32;
-
- *p++ = ':';
-
- /* Add the account encoding and the last change time. */
- slprintf((char *)p, new_entry_length - 1 - (p - new_entry), "%s:LCT-%08X:\n",
- pdb_encode_acct_ctrl(newpwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN),
- (uint32)newpwd->pass_last_set_time);
-
- return new_entry;
-}
-
-/************************************************************************
- Routine to add an entry to the smbpasswd file.
-*************************************************************************/
-
-static BOOL add_smbfilepwd_entry(struct smb_passwd *newpwd)
-{
- char *pfile = lp_smb_passwd_file();
- struct smb_passwd *pwd = NULL;
- FILE *fp = NULL;
- int wr_len;
- int fd;
- size_t new_entry_length;
- char *new_entry;
- SMB_OFF_T offpos;
-
- /* Open the smbpassword file - for update. */
- fp = startsmbfilepwent(True);
-
- if (fp == NULL) {
- DEBUG(0, ("add_smbfilepwd_entry: unable to open file.\n"));
- return False;
- }
-
- /*
- * Scan the file, a line at a time and check if the name matches.
- */
-
- while ((pwd = getsmbfilepwent(fp)) != NULL) {
- if (strequal(newpwd->smb_name, pwd->smb_name)) {
- DEBUG(0, ("add_smbfilepwd_entry: entry with name %s already exists\n", pwd->smb_name));
- endsmbfilepwent(fp);
- return False;
- }
- }
-
- /* Ok - entry doesn't exist. We can add it */
-
- /* Create a new smb passwd entry and set it to the given password. */
- /*
- * The add user write needs to be atomic - so get the fd from
- * the fp and do a raw write() call.
- */
- fd = fileno(fp);
-
- if((offpos = sys_lseek(fd, 0, SEEK_END)) == -1) {
- DEBUG(0, ("add_smbfilepwd_entry(sys_lseek): Failed to add entry for user %s to file %s. \
-Error was %s\n", newpwd->smb_name, pfile, strerror(errno)));
- endsmbfilepwent(fp);
- return False;
- }
-
- if((new_entry = format_new_smbpasswd_entry(newpwd)) == NULL) {
- DEBUG(0, ("add_smbfilepwd_entry(malloc): Failed to add entry for user %s to file %s. \
-Error was %s\n", newpwd->smb_name, pfile, strerror(errno)));
- endsmbfilepwent(fp);
- return False;
- }
-
- new_entry_length = strlen(new_entry);
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100, ("add_smbfilepwd_entry(%d): new_entry_len %d made line |%s|",
- fd, new_entry_length, new_entry));
-#endif
-
- if ((wr_len = write(fd, new_entry, new_entry_length)) != new_entry_length) {
- DEBUG(0, ("add_smbfilepwd_entry(write): %d Failed to add entry for user %s to file %s. \
-Error was %s\n", wr_len, newpwd->smb_name, pfile, strerror(errno)));
-
- /* Remove the entry we just wrote. */
- if(sys_ftruncate(fd, offpos) == -1) {
- DEBUG(0, ("add_smbfilepwd_entry: ERROR failed to ftruncate file %s. \
-Error was %s. Password file may be corrupt ! Please examine by hand !\n",
- newpwd->smb_name, strerror(errno)));
- }
-
- endsmbfilepwent(fp);
- free(new_entry);
- return False;
- }
-
- free(new_entry);
- endsmbfilepwent(fp);
- return True;
-}
-
-/************************************************************************
- Routine to search the smbpasswd file for an entry matching the username.
- and then modify its password entry. We can't use the startsmbpwent()/
- getsmbpwent()/endsmbpwent() interfaces here as we depend on looking
- in the actual file to decide how much room we have to write data.
- override = False, normal
- override = True, override XXXXXXXX'd out password or NO PASS
-************************************************************************/
-
-static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
-{
- /* Static buffers we will return. */
- static pstring user_name;
-
- char linebuf[256];
- char readbuf[1024];
- unsigned char c;
- fstring ascii_p16;
- fstring encode_bits;
- unsigned char *p = NULL;
- size_t linebuf_len = 0;
- FILE *fp;
- int lockfd;
- char *pfile = lp_smb_passwd_file();
- BOOL found_entry = False;
- BOOL got_pass_last_set_time = False;
-
- SMB_OFF_T pwd_seekpos = 0;
-
- int i;
- int wr_len;
- int fd;
-
- if (!*pfile) {
- DEBUG(0, ("No SMB password file set\n"));
- return False;
- }
- DEBUG(10, ("mod_smbfilepwd_entry: opening file %s\n", pfile));
-
- fp = sys_fopen(pfile, "r+");
-
- if (fp == NULL) {
- DEBUG(0, ("mod_smbfilepwd_entry: unable to open file %s\n", pfile));
- return False;
- }
- /* Set a buffer to do more efficient reads */
- setvbuf(fp, readbuf, _IOFBF, sizeof(readbuf));
-
- lockfd = fileno(fp);
-
- if (!pw_file_lock(lockfd, F_WRLCK, 5, &pw_file_lock_depth)) {
- DEBUG(0, ("mod_smbfilepwd_entry: unable to lock file %s\n", pfile));
- fclose(fp);
- return False;
- }
-
- /* Make sure it is only rw by the owner */
- chmod(pfile, 0600);
-
- /* We have a write lock on the file. */
- /*
- * Scan the file, a line at a time and check if the name matches.
- */
- while (!feof(fp)) {
- pwd_seekpos = sys_ftell(fp);
-
- linebuf[0] = '\0';
-
- fgets(linebuf, sizeof(linebuf), fp);
- if (ferror(fp)) {
- pw_file_unlock(lockfd, &pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- /*
- * Check if the string is terminated with a newline - if not
- * then we must keep reading and discard until we get one.
- */
- linebuf_len = strlen(linebuf);
- if (linebuf[linebuf_len - 1] != '\n') {
- c = '\0';
- while (!ferror(fp) && !feof(fp)) {
- c = fgetc(fp);
- if (c == '\n') {
- break;
- }
- }
- } else {
- linebuf[linebuf_len - 1] = '\0';
- }
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100, ("mod_smbfilepwd_entry: got line |%s|\n", linebuf));
-#endif
-
- if ((linebuf[0] == 0) && feof(fp)) {
- DEBUG(4, ("mod_smbfilepwd_entry: end of file reached\n"));
- break;
- }
-
- /*
- * The line we have should be of the form :-
- *
- * username:uid:[32hex bytes]:....other flags presently
- * ignored....
- *
- * or,
- *
- * username:uid:[32hex bytes]:[32hex bytes]:[attributes]:LCT-XXXXXXXX:...ignored.
- *
- * if Windows NT compatible passwords are also present.
- */
-
- if (linebuf[0] == '#' || linebuf[0] == '\0') {
- DEBUG(6, ("mod_smbfilepwd_entry: skipping comment or blank line\n"));
- continue;
- }
-
- p = (unsigned char *) strchr(linebuf, ':');
-
- if (p == NULL) {
- DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no :)\n"));
- continue;
- }
-
- /*
- * As 256 is shorter than a pstring we don't need to check
- * length here - if this ever changes....
- */
- strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
- user_name[PTR_DIFF(p, linebuf)] = '\0';
- if (strequal(user_name, pwd->smb_name)) {
- found_entry = True;
- break;
- }
- }
-
- if (!found_entry) {
- pw_file_unlock(lockfd, &pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- DEBUG(6, ("mod_smbfilepwd_entry: entry exists\n"));
-
- /* User name matches - get uid and password */
- p++; /* Go past ':' */
-
- if (!isdigit(*p)) {
- DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (uid not number)\n"));
- pw_file_unlock(lockfd, &pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- while (*p && isdigit(*p))
- p++;
- if (*p != ':') {
- DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no : after uid)\n"));
- pw_file_unlock(lockfd, &pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- /*
- * Now get the password value - this should be 32 hex digits
- * which are the ascii representations of a 16 byte string.
- * Get two at a time and put them into the password.
- */
- p++;
-
- /* Record exact password position */
- pwd_seekpos += PTR_DIFF(p, linebuf);
-
- if (!override && (*p == '*' || *p == 'X')) {
- /* Password deliberately invalid - end here. */
- DEBUG(10, ("mod_smbfilepwd_entry: entry invalidated for user %s\n", user_name));
- pw_file_unlock(lockfd, &pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
- DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n"));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return (False);
- }
-
- if (p[32] != ':') {
- DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n"));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- if (!override && (*p == '*' || *p == 'X')) {
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- /* Now check if the NT compatible password is
- available. */
- p += 33; /* Move to the first character of the line after
- the lanman password. */
- if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
- DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n"));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return (False);
- }
-
- if (p[32] != ':') {
- DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n"));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- /*
- * Now check if the account info and the password last
- * change time is available.
- */
- p += 33; /* Move to the first character of the line after
- the NT password. */
-
- /*
- * If both NT and lanman passwords are provided - reset password
- * not required flag.
- */
-
- if(pwd->smb_passwd != NULL || pwd->smb_nt_passwd != NULL) {
- /* Reqiure password in the future (should ACB_DISABLED also be reset?) */
- pwd->acct_ctrl &= ~(ACB_PWNOTREQ);
- }
-
- if (*p == '[') {
-
- i = 0;
- encode_bits[i++] = *p++;
- while((linebuf_len > PTR_DIFF(p, linebuf)) && (*p != ']'))
- encode_bits[i++] = *p++;
-
- encode_bits[i++] = ']';
- encode_bits[i++] = '\0';
-
- if(i == NEW_PW_FORMAT_SPACE_PADDED_LEN) {
- /*
- * We are using a new format, space padded
- * acct ctrl field. Encode the given acct ctrl
- * bits into it.
- */
- fstrcpy(encode_bits, pdb_encode_acct_ctrl(pwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN));
- } else {
- /*
- * If using the old format and the ACB_DISABLED or
- * ACB_PWNOTREQ are set then set the lanman and NT passwords to NULL
- * here as we have no space to encode the change.
- */
- if(pwd->acct_ctrl & (ACB_DISABLED|ACB_PWNOTREQ)) {
- pwd->smb_passwd = NULL;
- pwd->smb_nt_passwd = NULL;
- }
- }
-
- /* Go past the ']' */
- if(linebuf_len > PTR_DIFF(p, linebuf))
- p++;
-
- if((linebuf_len > PTR_DIFF(p, linebuf)) && (*p == ':')) {
- p++;
-
- /* We should be pointing at the LCT entry. */
- if((linebuf_len > (PTR_DIFF(p, linebuf) + 13)) && (StrnCaseCmp((char *)p, "LCT-", 4) == 0)) {
-
- p += 4;
- for(i = 0; i < 8; i++) {
- if(p[i] == '\0' || !isxdigit(p[i]))
- break;
- }
- if(i == 8) {
- /*
- * p points at 8 characters of hex digits -
- * read into a time_t as the seconds since
- * 1970 that the password was last changed.
- */
- got_pass_last_set_time = True;
- } /* i == 8 */
- } /* *p && StrnCaseCmp() */
- } /* p == ':' */
- } /* p == '[' */
-
- /* Entry is correctly formed. */
-
- /* Create the 32 byte representation of the new p16 */
- if(pwd->smb_passwd != NULL) {
- for (i = 0; i < 16; i++) {
- slprintf(&ascii_p16[i*2], sizeof(fstring) - 1, "%02X", (uchar) pwd->smb_passwd[i]);
- }
- } else {
- if(pwd->acct_ctrl & ACB_PWNOTREQ)
- fstrcpy(ascii_p16, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
- else
- fstrcpy(ascii_p16, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
- }
-
- /* Add on the NT md4 hash */
- ascii_p16[32] = ':';
- wr_len = 66;
- if (pwd->smb_nt_passwd != NULL) {
- for (i = 0; i < 16; i++) {
- slprintf(&ascii_p16[(i*2)+33], sizeof(fstring) - 1, "%02X", (uchar) pwd->smb_nt_passwd[i]);
- }
- } else {
- if(pwd->acct_ctrl & ACB_PWNOTREQ)
- fstrcpy(&ascii_p16[33], "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
- else
- fstrcpy(&ascii_p16[33], "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
- }
- ascii_p16[65] = ':';
- ascii_p16[66] = '\0'; /* null-terminate the string so that strlen works */
-
- /* Add on the account info bits and the time of last
- password change. */
-
- pwd->pass_last_set_time = time(NULL);
-
- if(got_pass_last_set_time) {
- slprintf(&ascii_p16[strlen(ascii_p16)],
- sizeof(ascii_p16)-(strlen(ascii_p16)+1),
- "%s:LCT-%08X:",
- encode_bits, (uint32)pwd->pass_last_set_time );
- wr_len = strlen(ascii_p16);
- }
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("mod_smbfilepwd_entry: "));
- dump_data(100, ascii_p16, wr_len);
-#endif
-
- if(wr_len > sizeof(linebuf)) {
- DEBUG(0, ("mod_smbfilepwd_entry: line to write (%d) is too long.\n", wr_len+1));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return (False);
- }
-
- /*
- * Do an atomic write into the file at the position defined by
- * seekpos.
- */
-
- /* The mod user write needs to be atomic - so get the fd from
- the fp and do a raw write() call.
- */
-
- fd = fileno(fp);
-
- if (sys_lseek(fd, pwd_seekpos - 1, SEEK_SET) != pwd_seekpos - 1) {
- DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- /* Sanity check - ensure the areas we are writing are framed by ':' */
- if (read(fd, linebuf, wr_len+1) != wr_len+1) {
- DEBUG(0, ("mod_smbfilepwd_entry: read fail on file %s.\n", pfile));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- if ((linebuf[0] != ':') || (linebuf[wr_len] != ':')) {
- DEBUG(0, ("mod_smbfilepwd_entry: check on passwd file %s failed.\n", pfile));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- if (sys_lseek(fd, pwd_seekpos, SEEK_SET) != pwd_seekpos) {
- DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- if (write(fd, ascii_p16, wr_len) != wr_len) {
- DEBUG(0, ("mod_smbfilepwd_entry: write failed in passwd file %s\n", pfile));
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return False;
- }
-
- pw_file_unlock(lockfd,&pw_file_lock_depth);
- fclose(fp);
- return True;
-}
-
-/************************************************************************
- Routine to delete an entry in the smbpasswd file by name.
-*************************************************************************/
-
-static BOOL del_smbfilepwd_entry(const char *name)
-{
- char *pfile = lp_smb_passwd_file();
- pstring pfile2;
- struct smb_passwd *pwd = NULL;
- FILE *fp = NULL;
- FILE *fp_write = NULL;
- int pfile2_lockdepth = 0;
-
- slprintf(pfile2, sizeof(pfile2)-1, "%s.%u", pfile, (unsigned)sys_getpid() );
-
- /*
- * Open the smbpassword file - for update. It needs to be update
- * as we need any other processes to wait until we have replaced
- * it.
- */
-
- if((fp = startsmbfilepwent(True)) == NULL) {
- DEBUG(0, ("del_smbfilepwd_entry: unable to open file %s.\n", pfile));
- return False;
- }
-
- /*
- * Create the replacement password file.
- */
- if((fp_write = startsmbfilepwent_internal(pfile2, PWF_CREATE, &pfile2_lockdepth)) == NULL) {
- DEBUG(0, ("del_smbfilepwd_entry: unable to open file %s.\n", pfile));
- endsmbfilepwent(fp);
- return False;
- }
-
- /*
- * Scan the file, a line at a time and check if the name matches.
- */
-
- while ((pwd = getsmbfilepwent(fp)) != NULL) {
- char *new_entry;
- size_t new_entry_length;
-
- if (strequal(name, pwd->smb_name)) {
- DEBUG(10, ("add_smbfilepwd_entry: found entry with name %s - deleting it.\n", name));
- continue;
- }
-
- /*
- * We need to copy the entry out into the second file.
- */
-
- if((new_entry = format_new_smbpasswd_entry(pwd)) == NULL) {
- DEBUG(0, ("del_smbfilepwd_entry(malloc): Failed to copy entry for user %s to file %s. \
-Error was %s\n", pwd->smb_name, pfile2, strerror(errno)));
- unlink(pfile2);
- endsmbfilepwent(fp);
- endsmbfilepwent_internal(fp_write,&pfile2_lockdepth);
- return False;
- }
-
- new_entry_length = strlen(new_entry);
-
- if(fwrite(new_entry, 1, new_entry_length, fp_write) != new_entry_length) {
- DEBUG(0, ("del_smbfilepwd_entry(write): Failed to copy entry for user %s to file %s. \
-Error was %s\n", pwd->smb_name, pfile2, strerror(errno)));
- unlink(pfile2);
- endsmbfilepwent(fp);
- endsmbfilepwent_internal(fp_write,&pfile2_lockdepth);
- free(new_entry);
- return False;
- }
-
- free(new_entry);
- }
-
- /*
- * Ensure pfile2 is flushed before rename.
- */
-
- if(fflush(fp_write) != 0) {
- DEBUG(0, ("del_smbfilepwd_entry: Failed to flush file %s. Error was %s\n", pfile2, strerror(errno)));
- endsmbfilepwent(fp);
- endsmbfilepwent_internal(fp_write,&pfile2_lockdepth);
- return False;
- }
-
- /*
- * Do an atomic rename - then release the locks.
- */
-
- if(rename(pfile2,pfile) != 0) {
- unlink(pfile2);
- }
- endsmbfilepwent(fp);
- endsmbfilepwent_internal(fp_write,&pfile2_lockdepth);
- return True;
-}
-
-/*
- * Functions that return/manipulate a struct smb_passwd.
- */
-
-/************************************************************************
- Utility function to search smb passwd by uid. use this if your database
- does not have search facilities.
-*************************************************************************/
-
-static struct smb_passwd *iterate_getsmbpwuid(uid_t smb_userid)
-{
- struct smb_passwd *pwd = NULL;
- void *fp = NULL;
-
- DEBUG(10, ("search by smb_userid: %x\n", (int)smb_userid));
-
- /* Open the smb password database - not for update. */
- fp = startsmbpwent(False);
-
- if (fp == NULL)
- {
- DEBUG(0, ("unable to open smb password database.\n"));
- return NULL;
- }
-
- while ((pwd = getsmbpwent(fp)) != NULL && pwd->smb_userid != smb_userid)
- ;
-
- if (pwd != NULL)
- {
- DEBUG(10, ("found by smb_userid: %x\n", (int)smb_userid));
- }
-
- endsmbpwent(fp);
- return pwd;
-}
-
-/************************************************************************
- Utility function to search smb passwd by rid.
-*************************************************************************/
-
-static struct smb_passwd *iterate_getsmbpwrid(uint32 user_rid)
-{
- return iterate_getsmbpwuid(pdb_user_rid_to_uid(user_rid));
-}
-
-/************************************************************************
- Utility function to search smb passwd by name. use this if your database
- does not have search facilities.
-*************************************************************************/
-
-static struct smb_passwd *iterate_getsmbpwnam(char *name)
-{
- struct smb_passwd *pwd = NULL;
- void *fp = NULL;
-
- DEBUG(10, ("search by name: %s\n", name));
-
- /* Open the sam password file - not for update. */
- fp = startsmbpwent(False);
-
- if (fp == NULL)
- {
- DEBUG(0, ("unable to open smb password database.\n"));
- return NULL;
- }
-
- while ((pwd = getsmbpwent(fp)) != NULL && !strequal(pwd->smb_name, name))
- ;
-
- if (pwd != NULL)
- {
- DEBUG(10, ("found by name: %s\n", name));
- }
-
- endsmbpwent(fp);
- return pwd;
-}
-
-/*
- * Functions that manupulate a struct sam_passwd.
- */
-
-/************************************************************************
- Utility function to search sam passwd by name.
-*************************************************************************/
-
-static struct sam_passwd *smbiterate_getsam21pwnam(char *name)
-{
- struct sam_passwd *pwd = NULL;
- struct smb_passwd *smbpw = NULL;
-
- DEBUG(10, ("search by name: %s\n", name));
-
- smbpw = getsmbpwnam(name);
-
- if (smbpw != NULL)
- {
- pwd = build_sampw_from_smbpw (smbpw);
- DEBUG(10, ("found by name: %s\n", name));
- }
-
- return pwd;
-}
-
-
-/************************************************************************
- Utility function to search sam passwd by rid.
-*************************************************************************/
-struct sam_passwd *smbiterate_getsam21pwrid(uint32 rid)
-{
- struct sam_passwd *pwd = NULL;
- struct smb_passwd *smbpw = NULL;
-
- DEBUG(10, ("search by rid: %x\n", rid));
-
- smbpw = getsmbpwrid(rid);
-
- if (smbpw != NULL)
- {
- pwd = build_sampw_from_smbpw (smbpw);
- DEBUG(10, ("found by user_rid: %x\n", rid));
- }
-
- return pwd;
-}
-
-/************************************************************************
- Utility function to search sam passwd by uid.
-*************************************************************************/
-struct sam_passwd *smbiterate_getsam21pwuid(uid_t uid)
-{
- struct sam_passwd *pwd = NULL;
- struct smb_passwd *smbpw = NULL;
-
- DEBUG(10, ("search by uid: %x\n", (int)uid));
-
-
- smbpw = getsmbpwuid(uid);
-
- if (smbpw != NULL)
- {
- pwd = build_sampw_from_smbpw (smbpw);
- DEBUG(10, ("found by user_uid: %u\n", (unsigned int)uid));
- }
-
- return pwd;
-}
-
-
-/*
- * Stub functions - implemented in terms of others.
- */
-
-static BOOL mod_smbfile21pwd_entry(struct sam_passwd* pwd, BOOL override)
-{
- return mod_smbfilepwd_entry(pdb_sam_to_smb(pwd), override);
-}
-
-static BOOL add_smbfile21pwd_entry(struct sam_passwd *newpwd)
-{
- return add_smbfilepwd_entry(pdb_sam_to_smb(newpwd));
-}
-
-static struct sam_disp_info *getsmbfiledispnam(char *name)
-{
- return pdb_sam_to_dispinfo(getsam21pwnam(name));
-}
-
-static struct sam_disp_info *getsmbfiledisprid(uint32 rid)
-{
- return pdb_sam_to_dispinfo(getsam21pwrid(rid));
-}
-
-static struct sam_disp_info *getsmbfiledispent(void *vp)
-{
- return pdb_sam_to_dispinfo(getsam21pwent(vp));
-}
-
-static struct passdb_ops file_ops = {
- startsmbfilepwent,
- endsmbfilepwent,
- getsmbfilepwpos,
- setsmbfilepwpos,
- iterate_getsmbpwnam,
- iterate_getsmbpwuid,
- iterate_getsmbpwrid,
- getsmbfilepwent,
- add_smbfilepwd_entry,
- mod_smbfilepwd_entry,
- del_smbfilepwd_entry,
- getsmbfile21pwent,
- smbiterate_getsam21pwnam,
- smbiterate_getsam21pwuid,
- smbiterate_getsam21pwrid,
- add_smbfile21pwd_entry,
- mod_smbfile21pwd_entry,
- getsmbfiledispnam,
- getsmbfiledisprid,
- getsmbfiledispent
-};
-
-struct passdb_ops *file_initialize_password_db(void)
-{
- return &file_ops;
-}
-
-#else
- /* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
- void smbpass_dummy_function(void) { } /* stop some compilers complaining */
-#endif /* USE_SMBPASS_DB */
diff --git a/source/passdb/smbpasschange.c b/source/passdb/smbpasschange.c
deleted file mode 100644
index 0c30bbe4a56..00000000000
--- a/source/passdb/smbpasschange.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/*
- Unix SMB/Netbios implementation.
- Version 1.9.
- change a password in a local smbpasswd file
- Copyright (C) Andrew Tridgell 1998
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-
-/*************************************************************
-add a new user to the local smbpasswd file
-*************************************************************/
-
-static BOOL add_new_user(char *user_name, uid_t uid, int local_flags,
- uchar *new_p16, uchar *new_nt_p16)
-{
- struct smb_passwd new_smb_pwent;
-
- /* Create a new smb passwd entry and set it to the given password. */
- new_smb_pwent.smb_userid = uid;
- new_smb_pwent.smb_name = user_name;
- new_smb_pwent.smb_passwd = NULL;
- new_smb_pwent.smb_nt_passwd = NULL;
- new_smb_pwent.pass_last_set_time = time(NULL);
- new_smb_pwent.acct_ctrl = ((local_flags & LOCAL_TRUST_ACCOUNT) ? ACB_WSTRUST : ACB_NORMAL);
-
- if(local_flags & LOCAL_DISABLE_USER) {
- new_smb_pwent.acct_ctrl |= ACB_DISABLED;
- }
-
- if (local_flags & LOCAL_SET_NO_PASSWORD) {
- new_smb_pwent.acct_ctrl |= ACB_PWNOTREQ;
- } else {
- new_smb_pwent.smb_passwd = new_p16;
- new_smb_pwent.smb_nt_passwd = new_nt_p16;
- }
-
-
- return add_smbpwd_entry(&new_smb_pwent);
-}
-
-
-/*************************************************************
-change a password entry in the local smbpasswd file
-*************************************************************/
-
-BOOL local_password_change(char *user_name, int local_flags,
- char *new_passwd,
- char *err_str, size_t err_str_len,
- char *msg_str, size_t msg_str_len)
-{
- struct passwd *pwd = NULL;
- void *vp;
- struct smb_passwd *smb_pwent;
- uchar new_p16[16];
- uchar new_nt_p16[16];
-
- *err_str = '\0';
- *msg_str = '\0';
-
- if (local_flags & LOCAL_ADD_USER) {
-
- /*
- * Check for a local account - if we're adding only.
- */
-
- if(!(pwd = sys_getpwnam(user_name))) {
- slprintf(err_str, err_str_len - 1, "User %s does not \
-exist in system password file (usually /etc/passwd). Cannot add \
-account without a valid local system user.\n", user_name);
- return False;
- }
- }
-
- /* Calculate the MD4 hash (NT compatible) of the new password. */
- nt_lm_owf_gen(new_passwd, new_nt_p16, new_p16);
-
- /*
- * Open the smbpaswd file.
- */
- vp = startsmbpwent(True);
- if (!vp && errno == ENOENT) {
- FILE *fp;
- slprintf(msg_str,msg_str_len-1,
- "smbpasswd file did not exist - attempting to create it.\n");
- fp = sys_fopen(lp_smb_passwd_file(), "w");
- if (fp) {
- fprintf(fp, "# Samba SMB password file\n");
- fclose(fp);
- vp = startsmbpwent(True);
- }
- }
-
- if (!vp) {
- slprintf(err_str, err_str_len-1, "Cannot open file %s. Error was %s\n",
- lp_smb_passwd_file(), strerror(errno) );
- return False;
- }
-
- /* Get the smb passwd entry for this user */
- smb_pwent = getsmbpwnam(user_name);
- if (smb_pwent == NULL) {
- if(!(local_flags & LOCAL_ADD_USER)) {
- slprintf(err_str, err_str_len-1,
- "Failed to find entry for user %s.\n", user_name);
- endsmbpwent(vp);
- return False;
- }
-
- if (add_new_user(user_name, pwd->pw_uid, local_flags, new_p16, new_nt_p16)) {
- slprintf(msg_str, msg_str_len-1, "Added user %s.\n", user_name);
- endsmbpwent(vp);
- return True;
- } else {
- slprintf(err_str, err_str_len-1, "Failed to add entry for user %s.\n", user_name);
- endsmbpwent(vp);
- return False;
- }
- } else {
- /* the entry already existed */
- local_flags &= ~LOCAL_ADD_USER;
- }
-
- /*
- * We are root - just write the new password
- * and the valid last change time.
- */
-
- if(local_flags & LOCAL_DISABLE_USER) {
- smb_pwent->acct_ctrl |= ACB_DISABLED;
- } else if (local_flags & LOCAL_ENABLE_USER) {
- if(smb_pwent->smb_passwd == NULL) {
- smb_pwent->smb_passwd = new_p16;
- smb_pwent->smb_nt_passwd = new_nt_p16;
- }
- smb_pwent->acct_ctrl &= ~ACB_DISABLED;
- } else if (local_flags & LOCAL_SET_NO_PASSWORD) {
- smb_pwent->acct_ctrl |= ACB_PWNOTREQ;
- /* This is needed to preserve ACB_PWNOTREQ in mod_smbfilepwd_entry */
- smb_pwent->smb_passwd = NULL;
- smb_pwent->smb_nt_passwd = NULL;
- } else {
- /*
- * If we're dealing with setting a completely empty user account
- * ie. One with a password of 'XXXX', but not set disabled (like
- * an account created from scratch) then if the old password was
- * 'XX's then getsmbpwent will have set the ACB_DISABLED flag.
- * We remove that as we're giving this user their first password
- * and the decision hasn't really been made to disable them (ie.
- * don't create them disabled). JRA.
- */
- if((smb_pwent->smb_passwd == NULL) && (smb_pwent->acct_ctrl & ACB_DISABLED))
- smb_pwent->acct_ctrl &= ~ACB_DISABLED;
- smb_pwent->acct_ctrl &= ~ACB_PWNOTREQ;
- smb_pwent->smb_passwd = new_p16;
- smb_pwent->smb_nt_passwd = new_nt_p16;
- }
-
- if(local_flags & LOCAL_DELETE_USER) {
- if (del_smbpwd_entry(user_name)==False) {
- slprintf(err_str,err_str_len-1, "Failed to delete entry for user %s.\n", user_name);
- endsmbpwent(vp);
- return False;
- }
- slprintf(msg_str, msg_str_len-1, "Deleted user %s.\n", user_name);
- } else {
- if(mod_smbpwd_entry(smb_pwent,True) == False) {
- slprintf(err_str, err_str_len-1, "Failed to modify entry for user %s.\n", user_name);
- endsmbpwent(vp);
- return False;
- }
- if(local_flags & LOCAL_DISABLE_USER)
- slprintf(msg_str, msg_str_len-1, "Disabled user %s.\n", user_name);
- else if (local_flags & LOCAL_ENABLE_USER)
- slprintf(msg_str, msg_str_len-1, "Enabled user %s.\n", user_name);
- else if (local_flags & LOCAL_SET_NO_PASSWORD)
- slprintf(msg_str, msg_str_len-1, "User %s password set to none.\n", user_name);
- }
-
- endsmbpwent(vp);
-
- return True;
-}
diff --git a/source/passdb/smbpassgroup.c b/source/passdb/smbpassgroup.c
deleted file mode 100644
index 4636c08c949..00000000000
--- a/source/passdb/smbpassgroup.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/*
- * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
- * Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
- *
- * This program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
- * more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 675
- * Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "includes.h"
-
-#ifdef USE_SMBPASS_DB
-
-static int grp_file_lock_depth = 0;
-extern int DEBUGLEVEL;
-
-/***************************************************************
- Start to enumerate the smbpasswd list. Returns a void pointer
- to ensure no modification outside this module.
-****************************************************************/
-
-static void *startsmbfilegrpent(BOOL update)
-{
- static char s_readbuf[1024];
- return startfilepwent(lp_smb_passgrp_file(), s_readbuf, sizeof(s_readbuf),
- &grp_file_lock_depth, update);
-}
-
-/***************************************************************
- End enumeration of the smbpasswd list.
-****************************************************************/
-
-static void endsmbfilegrpent(void *vp)
-{
- endfilepwent(vp, &grp_file_lock_depth);
-}
-
-/*************************************************************************
- Return the current position in the smbpasswd list as an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-
-static SMB_BIG_UINT getsmbfilegrppos(void *vp)
-{
- return getfilepwpos(vp);
-}
-
-/*************************************************************************
- Set the current position in the smbpasswd list from an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-
-static BOOL setsmbfilegrppos(void *vp, SMB_BIG_UINT tok)
-{
- return setfilepwpos(vp, tok);
-}
-
-/*************************************************************************
- Routine to return the next entry in the smbpasswd list.
- *************************************************************************/
-static struct smb_passwd *getsmbfilegrpent(void *vp,
- uint32 **grp_rids, int *num_grps,
- uint32 **als_rids, int *num_alss)
-{
- /* Static buffers we will return. */
- static struct smb_passwd pw_buf;
- static pstring user_name;
- struct passwd *pwfile;
- pstring linebuf;
- unsigned char *p;
- int uidval;
- size_t linebuf_len;
-
- if (vp == NULL)
- {
- DEBUG(0,("getsmbfilegrpent: Bad password file pointer.\n"));
- return NULL;
- }
-
- pwdb_init_smb(&pw_buf);
-
- /*
- * Scan the file, a line at a time.
- */
- while ((linebuf_len = getfileline(vp, linebuf, sizeof(linebuf))) > 0)
- {
- /*
- * The line we have should be of the form :-
- *
- * username:uid:domainrid1,domainrid2..:aliasrid1,aliasrid2..:
- */
-
- /*
- * As 256 is shorter than a pstring we don't need to check
- * length here - if this ever changes....
- */
- p = strncpyn(user_name, linebuf, sizeof(user_name), ':');
-
- /* Go past ':' */
- p++;
-
- /* Get smb uid. */
-
- p = Atoic((char *) p, &uidval, ":");
-
- pw_buf.smb_name = user_name;
- pw_buf.smb_userid = uidval;
-
- /*
- * Now get the password value - this should be 32 hex digits
- * which are the ascii representations of a 16 byte string.
- * Get two at a time and put them into the password.
- */
-
- /* Skip the ':' */
- p++;
-
- if (grp_rids != NULL && num_grps != NULL)
- {
- int i;
- p = get_numlist(p, grp_rids, num_grps);
- if (p == NULL)
- {
- DEBUG(0,("getsmbfilegrpent: invalid line\n"));
- return NULL;
- }
- for (i = 0; i < (*num_grps); i++)
- {
- (*grp_rids)[i] = pwdb_gid_to_group_rid((*grp_rids)[i]);
- }
- }
-
- /* Skip the ':' */
- p++;
-
- if (als_rids != NULL && num_alss != NULL)
- {
- int i;
- p = get_numlist(p, als_rids, num_alss);
- if (p == NULL)
- {
- DEBUG(0,("getsmbfilegrpent: invalid line\n"));
- return NULL;
- }
- for (i = 0; i < (*num_alss); i++)
- {
- (*als_rids)[i] = pwdb_gid_to_alias_rid((*als_rids)[i]);
- }
- }
-
- pwfile = Get_Pwnam(pw_buf.smb_name, False);
- if (pwfile == NULL)
- {
- DEBUG(0,("getsmbfilegrpent: smbpasswd database is corrupt!\n"));
- DEBUG(0,("getsmbfilegrpent: username %s not in unix passwd database!\n", pw_buf.smb_name));
- return NULL;
- }
-
- return &pw_buf;
- }
-
- DEBUG(5,("getsmbfilegrpent: end of file reached.\n"));
- return NULL;
-}
-
-static struct passgrp_ops file_ops =
-{
- startsmbfilegrpent,
- endsmbfilegrpent,
- getsmbfilegrppos,
- setsmbfilegrppos,
- iterate_getsmbgrpnam, /* In passgrp.c */
- iterate_getsmbgrpuid, /* In passgrp.c */
- iterate_getsmbgrprid, /* In passgrp.c */
- getsmbfilegrpent,
-};
-
-struct passgrp_ops *file_initialise_password_grp(void)
-{
- return &file_ops;
-}
-
-#else
- /* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
- void smbpass_dummy_function(void) { } /* stop some compilers complaining */
-#endif /* USE_SMBPASS_DB */
View Lorry Controller Status