summaryrefslogtreecommitdiff
path: root/source3/passdb/smbpass.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/passdb/smbpass.c')
-rw-r--r--source3/passdb/smbpass.c682
1 files changed, 443 insertions, 239 deletions
diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c
index e3c6a5da441..4cfac6d9484 100644
--- a/source3/passdb/smbpass.c
+++ b/source3/passdb/smbpass.c
@@ -21,10 +21,12 @@
#ifdef USE_SMBPASS_DB
-static int pw_file_lock_depth = 0;
extern int DEBUGLEVEL;
+extern pstring samlogon_user;
+extern BOOL sam_logon_in_ssb;
static char s_readbuf[1024];
+static int pw_file_lock_depth;
/***************************************************************
Start to enumerate the smbpasswd list. Returns a void pointer
@@ -33,8 +35,37 @@ static char s_readbuf[1024];
static void *startsmbfilepwent(BOOL update)
{
- return startfileent(lp_smb_passwd_file(), s_readbuf, sizeof(s_readbuf),
- &pw_file_lock_depth, update);
+ FILE *fp = NULL;
+ char *pfile = lp_smb_passwd_file();
+
+ if (!*pfile) {
+ DEBUG(0, ("startsmbfilepwent: No SMB password file set\n"));
+ return (NULL);
+ }
+ DEBUG(10, ("startsmbfilepwent: opening file %s\n", pfile));
+
+ fp = sys_fopen(pfile, update ? "r+b" : "rb");
+
+ if (fp == NULL) {
+ DEBUG(0, ("startsmbfilepwent: unable to open file %s\n", pfile));
+ return NULL;
+ }
+
+ /* Set a buffer to do more efficient reads */
+ setvbuf(fp, s_readbuf, _IOFBF, sizeof(s_readbuf));
+
+ if (!pw_file_lock(fileno(fp), (update ? F_WRLCK : F_RDLCK), 5, &pw_file_lock_depth))
+ {
+ DEBUG(0, ("startsmbfilepwent: unable to lock file %s\n", pfile));
+ fclose(fp);
+ return NULL;
+ }
+
+ /* Make sure it is only rw by the owner */
+ chmod(pfile, 0600);
+
+ /* We have a lock on the file. */
+ return (void *)fp;
}
/***************************************************************
@@ -43,216 +74,361 @@ static void *startsmbfilepwent(BOOL update)
static void endsmbfilepwent(void *vp)
{
- endfileent(vp, &pw_file_lock_depth);
+ FILE *fp = (FILE *)vp;
+
+ pw_file_unlock(fileno(fp), &pw_file_lock_depth);
+ fclose(fp);
+ DEBUG(7, ("endsmbfilepwent: closed password file.\n"));
}
/*************************************************************************
- Return the current position in the smbpasswd list as an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
-
-static SMB_BIG_UINT getsmbfilepwpos(void *vp)
+ Routine to return the next entry in the smbpasswd list.
+ *************************************************************************/
+static struct smb_passwd *getsmbfilepwent(void *vp)
{
- return getfilepwpos(vp);
-}
+ /* Static buffers we will return. */
+ static struct smb_passwd pw_buf;
+ static pstring user_name;
+ static unsigned char smbpwd[16];
+ static unsigned char smbntpwd[16];
+ FILE *fp = (FILE *)vp;
+ char linebuf[256];
+ unsigned char c;
+ unsigned char *p;
+ long uidval;
+ size_t linebuf_len;
-/*************************************************************************
- Set the current position in the smbpasswd list from an SMB_BIG_UINT.
- This must be treated as an opaque token.
-*************************************************************************/
+ if(fp == NULL) {
+ DEBUG(0,("getsmbfilepwent: Bad password file pointer.\n"));
+ return NULL;
+ }
-static BOOL setsmbfilepwpos(void *vp, SMB_BIG_UINT tok)
-{
- return setfilepwpos(vp, tok);
+ pdb_init_smb(&pw_buf);
+
+ pw_buf.acct_ctrl = ACB_NORMAL;
+
+ /*
+ * Scan the file, a line at a time and check if the name matches.
+ */
+ while (!feof(fp)) {
+ linebuf[0] = '\0';
+
+ fgets(linebuf, 256, fp);
+ if (ferror(fp)) {
+ return NULL;
+ }
+
+ /*
+ * Check if the string is terminated with a newline - if not
+ * then we must keep reading and discard until we get one.
+ */
+ linebuf_len = strlen(linebuf);
+ if (linebuf[linebuf_len - 1] != '\n') {
+ c = '\0';
+ while (!ferror(fp) && !feof(fp)) {
+ c = fgetc(fp);
+ if (c == '\n')
+ break;
+ }
+ } else
+ linebuf[linebuf_len - 1] = '\0';
+
+#ifdef DEBUG_PASSWORD
+ DEBUG(100, ("getsmbfilepwent: got line |%s|\n", linebuf));
+#endif
+ if ((linebuf[0] == 0) && feof(fp)) {
+ DEBUG(4, ("getsmbfilepwent: end of file reached\n"));
+ break;
+ }
+ /*
+ * The line we have should be of the form :-
+ *
+ * username:uid:32hex bytes:[Account type]:LCT-12345678....other flags presently
+ * ignored....
+ *
+ * or,
+ *
+ * username:uid:32hex bytes:32hex bytes:[Account type]:LCT-12345678....ignored....
+ *
+ * if Windows NT compatible passwords are also present.
+ * [Account type] is an ascii encoding of the type of account.
+ * LCT-(8 hex digits) is the time_t value of the last change time.
+ */
+
+ if (linebuf[0] == '#' || linebuf[0] == '\0') {
+ DEBUG(6, ("getsmbfilepwent: skipping comment or blank line\n"));
+ continue;
+ }
+ p = (unsigned char *) strchr(linebuf, ':');
+ if (p == NULL) {
+ DEBUG(0, ("getsmbfilepwent: malformed password entry (no :)\n"));
+ continue;
+ }
+ /*
+ * As 256 is shorter than a pstring we don't need to check
+ * length here - if this ever changes....
+ */
+ strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
+ user_name[PTR_DIFF(p, linebuf)] = '\0';
+
+ /* Get smb uid. */
+
+ p++; /* Go past ':' */
+
+ if(*p == '-') {
+ DEBUG(0, ("getsmbfilepwent: uids in the smbpasswd file must not be negative.\n"));
+ continue;
+ }
+
+ if (!isdigit(*p)) {
+ DEBUG(0, ("getsmbfilepwent: malformed password entry (uid not number)\n"));
+ continue;
+ }
+
+ uidval = atoi((char *) p);
+
+ while (*p && isdigit(*p))
+ p++;
+
+ if (*p != ':') {
+ DEBUG(0, ("getsmbfilepwent: malformed password entry (no : after uid)\n"));
+ continue;
+ }
+
+ pw_buf.smb_name = user_name;
+ pw_buf.smb_userid = uidval;
+
+ /*
+ * Now get the password value - this should be 32 hex digits
+ * which are the ascii representations of a 16 byte string.
+ * Get two at a time and put them into the password.
+ */
+
+ /* Skip the ':' */
+ p++;
+
+ if (*p == '*' || *p == 'X') {
+ /* Password deliberately invalid - end here. */
+ DEBUG(10, ("getsmbfilepwent: entry invalidated for user %s\n", user_name));
+ pw_buf.smb_nt_passwd = NULL;
+ pw_buf.smb_passwd = NULL;
+ pw_buf.acct_ctrl |= ACB_DISABLED;
+ return &pw_buf;
+ }
+
+ if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
+ DEBUG(0, ("getsmbfilepwent: malformed password entry (passwd too short)\n"));
+ continue;
+ }
+
+ if (p[32] != ':') {
+ DEBUG(0, ("getsmbfilepwent: malformed password entry (no terminating :)\n"));
+ continue;
+ }
+
+ if (!strncasecmp((char *) p, "NO PASSWORD", 11)) {
+ pw_buf.smb_passwd = NULL;
+ pw_buf.acct_ctrl |= ACB_PWNOTREQ;
+ } else {
+ if (!pdb_gethexpwd((char *)p, smbpwd)) {
+ DEBUG(0, ("getsmbfilepwent: Malformed Lanman password entry (non hex chars)\n"));
+ continue;
+ }
+ pw_buf.smb_passwd = smbpwd;
+ }
+
+ /*
+ * Now check if the NT compatible password is
+ * available.
+ */
+ pw_buf.smb_nt_passwd = NULL;
+
+ p += 33; /* Move to the first character of the line after
+ the lanman password. */
+ if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) {
+ if (*p != '*' && *p != 'X') {
+ if(pdb_gethexpwd((char *)p,smbntpwd))
+ pw_buf.smb_nt_passwd = smbntpwd;
+ }
+ p += 33; /* Move to the first character of the line after
+ the NT password. */
+ }
+
+ DEBUG(5,("getsmbfilepwent: returning passwd entry for user %s, uid %ld\n",
+ user_name, uidval));
+
+ if (*p == '[')
+ {
+ pw_buf.acct_ctrl = pdb_decode_acct_ctrl((char*)p);
+
+ /* Must have some account type set. */
+ if(pw_buf.acct_ctrl == 0)
+ pw_buf.acct_ctrl = ACB_NORMAL;
+
+ /* Now try and get the last change time. */
+ if(*p == ']')
+ p++;
+ if(*p == ':') {
+ p++;
+ if(*p && (StrnCaseCmp((char *)p, "LCT-", 4)==0)) {
+ int i;
+ p += 4;
+ for(i = 0; i < 8; i++) {
+ if(p[i] == '\0' || !isxdigit(p[i]))
+ break;
+ }
+ if(i == 8) {
+ /*
+ * p points at 8 characters of hex digits -
+ * read into a time_t as the seconds since
+ * 1970 that the password was last changed.
+ */
+ pw_buf.pass_last_set_time = (time_t)strtol((char *)p, NULL, 16);
+ }
+ }
+ }
+ } else {
+ /* 'Old' style file. Fake up based on user name. */
+ /*
+ * Currently trust accounts are kept in the same
+ * password file as 'normal accounts'. If this changes
+ * we will have to fix this code. JRA.
+ */
+ if(pw_buf.smb_name[strlen(pw_buf.smb_name) - 1] == '$') {
+ pw_buf.acct_ctrl &= ~ACB_NORMAL;
+ pw_buf.acct_ctrl |= ACB_WSTRUST;
+ }
+ }
+
+ return &pw_buf;
+ }
+
+ DEBUG(5,("getsmbfilepwent: end of file reached.\n"));
+ return NULL;
}
/*************************************************************************
Routine to return the next entry in the smbpasswd list.
-
- this function is non-static as it is called (exclusively and only)
- from getsamfile21pwent().
+ this function is a nice, messy combination of reading:
+ - the smbpasswd file
+ - the unix password database
+ - smb.conf options (not done at present).
*************************************************************************/
-struct smb_passwd *getsmbfilepwent(void *vp)
+
+static struct sam_passwd *getsmbfile21pwent(void *vp)
{
- /* Static buffers we will return. */
- static struct smb_passwd pw_buf;
- static pstring unix_name;
- static unsigned char smbpwd[16];
- static unsigned char smbntpwd[16];
- char linebuf[256];
- char *p;
- int uidval;
- size_t linebuf_len;
-
- if (vp == NULL)
+ struct smb_passwd *pw_buf = getsmbfilepwent(vp);
+ static struct sam_passwd user;
+ struct passwd *pwfile;
+
+ static pstring full_name;
+ static pstring home_dir;
+ static pstring home_drive;
+ static pstring logon_script;
+ static pstring profile_path;
+ static pstring acct_desc;
+ static pstring workstations;
+
+ DEBUG(5,("getsmbfile21pwent\n"));
+
+ if (pw_buf == NULL) return NULL;
+
+ pwfile = sys_getpwnam(pw_buf->smb_name);
+ if (pwfile == NULL)
{
- DEBUG(0,("getsmbfilepwent: Bad password file pointer.\n"));
+ DEBUG(0,("getsmbfile21pwent: smbpasswd database is corrupt!\n"));
+ DEBUG(0,("getsmbfile21pwent: username %s not in unix passwd database!\n", pw_buf->smb_name));
return NULL;
}
- pwdb_init_smb(&pw_buf);
+ pdb_init_sam(&user);
+
+ pstrcpy(samlogon_user, pw_buf->smb_name);
- pw_buf.acct_ctrl = ACB_NORMAL;
+ if (samlogon_user[strlen(samlogon_user)-1] != '$')
+ {
+ /* XXXX hack to get standard_sub_basic() to use sam logon username */
+ /* possibly a better way would be to do a become_user() call */
+ sam_logon_in_ssb = True;
+
+ user.smb_userid = pw_buf->smb_userid;
+ user.smb_grpid = pwfile->pw_gid;
+
+ user.user_rid = pdb_uid_to_user_rid (user.smb_userid);
+ user.group_rid = pdb_gid_to_group_rid(user.smb_grpid );
- /*
- * Scan the file, a line at a time.
- */
- while ((linebuf_len = getfileline(vp, linebuf, sizeof(linebuf))) > 0)
+ pstrcpy(full_name , pwfile->pw_gecos );
+ pstrcpy(logon_script , lp_logon_script ());
+ pstrcpy(profile_path , lp_logon_path ());
+ pstrcpy(home_drive , lp_logon_drive ());
+ pstrcpy(home_dir , lp_logon_home ());
+ pstrcpy(acct_desc , "");
+ pstrcpy(workstations , "");
+
+ sam_logon_in_ssb = False;
+ }
+ else
{
- /*
- * The line we have should be of the form :-
- *
- * username:uid:32hex bytes:[Account type]:LCT-12345678....other flags presently
- * ignored....
- *
- * or,
- *
- * username:uid:32hex bytes:32hex bytes:[Account type]:LCT-12345678....ignored....
- *
- * if Windows NT compatible passwords are also present.
- * [Account type] is an ascii encoding of the type of account.
- * LCT-(8 hex digits) is the time_t value of the last change time.
- */
-
- /*
- * As 256 is shorter than a pstring we don't need to check
- * length here - if this ever changes....
- */
- p = strncpyn(unix_name, linebuf, sizeof(unix_name), ':');
-
- if (p == NULL)
- {
- DEBUG(0,("getsmbfilepwent: no ':' separator found\n"));
- continue;
- }
-
- /* Go past ':' */
- p++;
-
- /* Get smb uid. */
-
- p = Atoic( p, &uidval, ":");
-
- pw_buf.unix_name = unix_name;
- pw_buf.unix_uid = uidval;
-
- /*
- * Now get the password value - this should be 32 hex digits
- * which are the ascii representations of a 16 byte string.
- * Get two at a time and put them into the password.
- */
-
- /* Skip the ':' */
- p++;
-
- if (linebuf_len < (PTR_DIFF(p, linebuf) + 33))
- {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (passwd too short)\n"));
- continue;
- }
-
- if (p[32] != ':')
- {
- DEBUG(0, ("getsmbfilepwent: malformed password entry (no terminating :)\n"));
- continue;
- }
-
- if (!strncasecmp( p, "NO PASSWORD", 11))
- {
- pw_buf.smb_passwd = NULL;
- pw_buf.acct_ctrl |= ACB_PWNOTREQ;
- }
- else
- {
- if (!pwdb_gethexpwd(p, (char *)smbpwd, NULL))
- {
- DEBUG(0, ("getsmbfilepwent: Malformed Lanman password entry (non hex chars)\n"));
- continue;
- }
- pw_buf.smb_passwd = smbpwd;
- }
-
- /*
- * Now check if the NT compatible password is
- * available.
- */
- pw_buf.smb_nt_passwd = NULL;
-
- /* Move to the first character of the line after the lanman password. */
- p += 33;
- if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':'))
- {
- if (*p != '*' && *p != 'X')
- {
- if(pwdb_gethexpwd(p,(char *)smbntpwd, NULL))
- {
- pw_buf.smb_nt_passwd = smbntpwd;
- }
- }
- /* Move to the first character of the line after the NT password. */
- p += 33;
- }
-
- DEBUG(5,("getsmbfilepwent: returning passwd entry for unix user %s, unix uid %d\n",
- unix_name, uidval));
-
- if (*p == '[')
- {
- pw_buf.acct_ctrl = pwdb_decode_acct_ctrl((char*)p);
-
- /* Must have some account type set. */
- if (pw_buf.acct_ctrl == 0)
- {
- pw_buf.acct_ctrl = ACB_NORMAL;
- }
-
- /* Now try and get the last change time. */
- while (*p != ']' && *p != ':')
- {
- p++;
- }
- if (*p == ']')
- {
- p++;
- }
- if (*p == ':')
- {
- p++;
- pw_buf.pass_last_set_time = pwdb_get_last_set_time(p);
- }
- }
- else
- {
- /* 'Old' style file. Fake up based on user name. */
- /*
- * Currently trust accounts are kept in the same
- * password file as 'normal accounts'. If this changes
- * we will have to fix this code. JRA.
- */
- if (pw_buf.unix_name[strlen(pw_buf.unix_name) - 1] == '$')
- {
- pw_buf.acct_ctrl &= ~ACB_NORMAL;
- pw_buf.acct_ctrl |= ACB_WSTRUST;
- }
- }
-
- if (*p == '*' || *p == 'X')
- {
- /* Password deliberately invalid - end here. */
- DEBUG(10, ("getsmbfilepwent: entry invalidated for unix user %s\n", unix_name));
- pw_buf.smb_nt_passwd = NULL;
- pw_buf.smb_passwd = NULL;
- pw_buf.acct_ctrl |= ACB_DISABLED;
- }
-
- DEBUG(6,("unixuser:%s uid:%d acb:%x\n",
- pw_buf.unix_name, pw_buf.unix_uid, pw_buf.acct_ctrl));
-
- return &pw_buf;
+ user.smb_userid = pw_buf->smb_userid;
+ user.smb_grpid = pwfile->pw_gid;
+
+ user.user_rid = pdb_uid_to_user_rid (user.smb_userid);
+ user.group_rid = DOMAIN_GROUP_RID_USERS; /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */
+
+ pstrcpy(full_name , "");
+ pstrcpy(logon_script , "");
+ pstrcpy(profile_path , "");
+ pstrcpy(home_drive , "");
+ pstrcpy(home_dir , "");
+ pstrcpy(acct_desc , "");
+ pstrcpy(workstations , "");
}
- DEBUG(5,("getsmbfilepwent: end of file reached.\n"));
- return NULL;
+ user.smb_name = pw_buf->smb_name;
+ user.full_name = full_name;
+ user.home_dir = home_dir;
+ user.dir_drive = home_drive;
+ user.logon_script = logon_script;
+ user.profile_path = profile_path;
+ user.acct_desc = acct_desc;
+ user.workstations = workstations;
+
+ user.unknown_str = NULL; /* don't know, yet! */
+ user.munged_dial = NULL; /* "munged" dial-back telephone number */
+
+ user.smb_nt_passwd = pw_buf->smb_nt_passwd;
+ user.smb_passwd = pw_buf->smb_passwd;
+
+ user.acct_ctrl = pw_buf->acct_ctrl;
+
+ user.unknown_3 = 0xffffff; /* don't know */
+ user.logon_divs = 168; /* hours per week */
+ user.hours_len = 21; /* 21 times 8 bits = 168 */
+ memset(user.hours, 0xff, user.hours_len); /* available at all hours */
+ user.unknown_5 = 0x00020000; /* don't know */
+ user.unknown_5 = 0x000004ec; /* don't know */
+
+ return &user;
+}
+
+/*************************************************************************
+ Return the current position in the smbpasswd list as an SMB_BIG_UINT.
+ This must be treated as an opaque token.
+*************************************************************************/
+
+static SMB_BIG_UINT getsmbfilepwpos(void *vp)
+{
+ return (SMB_BIG_UINT)sys_ftell((FILE *)vp);
+}
+
+/*************************************************************************
+ Set the current position in the smbpasswd list from an SMB_BIG_UINT.
+ This must be treated as an opaque token.
+*************************************************************************/
+
+static BOOL setsmbfilepwpos(void *vp, SMB_BIG_UINT tok)
+{
+ return !sys_fseek((FILE *)vp, (SMB_OFF_T)tok, SEEK_SET);
}
/************************************************************************
@@ -287,8 +463,8 @@ static BOOL add_smbfilepwd_entry(struct smb_passwd *newpwd)
*/
while ((pwd = getsmbfilepwent(fp)) != NULL) {
- if (strequal(newpwd->unix_name, pwd->unix_name)) {
- DEBUG(0, ("add_smbfilepwd_entry: entry with unix name %s already exists\n", pwd->unix_name));
+ if (strequal(newpwd->smb_name, pwd->smb_name)) {
+ DEBUG(0, ("add_smbfilepwd_entry: entry with name %s already exists\n", pwd->smb_name));
endsmbfilepwent(fp);
return False;
}
@@ -305,21 +481,21 @@ static BOOL add_smbfilepwd_entry(struct smb_passwd *newpwd)
if((offpos = sys_lseek(fd, 0, SEEK_END)) == -1) {
DEBUG(0, ("add_smbfilepwd_entry(sys_lseek): Failed to add entry for user %s to file %s. \
-Error was %s\n", newpwd->unix_name, pfile, strerror(errno)));
+Error was %s\n", newpwd->smb_name, pfile, strerror(errno)));
endsmbfilepwent(fp);
return False;
}
- new_entry_length = strlen(newpwd->unix_name) + 1 + 15 + 1 + 32 + 1 + 32 + 1 + NEW_PW_FORMAT_SPACE_PADDED_LEN + 1 + 13 + 2;
+ new_entry_length = strlen(newpwd->smb_name) + 1 + 15 + 1 + 32 + 1 + 32 + 1 + NEW_PW_FORMAT_SPACE_PADDED_LEN + 1 + 13 + 2;
if((new_entry = (char *)malloc( new_entry_length )) == NULL) {
DEBUG(0, ("add_smbfilepwd_entry(malloc): Failed to add entry for user %s to file %s. \
-Error was %s\n", newpwd->unix_name, pfile, strerror(errno)));
+Error was %s\n", newpwd->smb_name, pfile, strerror(errno)));
endsmbfilepwent(fp);
return False;
}
- slprintf(new_entry, new_entry_length - 1, "%s:%u:", newpwd->unix_name, (unsigned)newpwd->unix_uid);
+ slprintf(new_entry, new_entry_length - 1, "%s:%u:", newpwd->smb_name, (unsigned)newpwd->smb_userid);
p = &new_entry[strlen(new_entry)];
if(newpwd->smb_passwd != NULL) {
@@ -355,7 +531,7 @@ Error was %s\n", newpwd->unix_name, pfile, strerror(errno)));
/* Add the account encoding and the last change time. */
slprintf((char *)p, new_entry_length - 1 - (p - new_entry), "%s:LCT-%08X:\n",
- pwdb_encode_acct_ctrl(newpwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN), (uint32)time(NULL));
+ pdb_encode_acct_ctrl(newpwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN), (uint32)time(NULL));
#ifdef DEBUG_PASSWORD
DEBUG(100, ("add_smbfilepwd_entry(%d): new_entry_len %d entry_len %d made line |%s|",
@@ -364,13 +540,13 @@ Error was %s\n", newpwd->unix_name, pfile, strerror(errno)));
if ((wr_len = write(fd, new_entry, strlen(new_entry))) != strlen(new_entry)) {
DEBUG(0, ("add_smbfilepwd_entry(write): %d Failed to add entry for user %s to file %s. \
-Error was %s\n", wr_len, newpwd->unix_name, pfile, strerror(errno)));
+Error was %s\n", wr_len, newpwd->smb_name, pfile, strerror(errno)));
/* Remove the entry we just wrote. */
if(sys_ftruncate(fd, offpos) == -1) {
DEBUG(0, ("add_smbfilepwd_entry: ERROR failed to ftruncate file %s. \
Error was %s. Password file may be corrupt ! Please examine by hand !\n",
- newpwd->unix_name, strerror(errno)));
+ newpwd->smb_name, strerror(errno)));
}
endsmbfilepwent(fp);
@@ -395,7 +571,7 @@ Error was %s. Password file may be corrupt ! Please examine by hand !\n",
static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
{
/* Static buffers we will return. */
- static pstring unix_name;
+ static pstring user_name;
char linebuf[256];
char readbuf[1024];
@@ -416,17 +592,6 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
int wr_len;
int fd;
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("mod_smbfilepwd_entry: password entries\n"));
- if (pwd->smb_passwd != NULL)
- {
- dump_data(100, pwd->smb_passwd, 16);
- }
- if (pwd->smb_nt_passwd != NULL)
- {
- dump_data(100, pwd->smb_nt_passwd, 16);
- }
-#endif
if (!*pfile) {
DEBUG(0, ("No SMB password file set\n"));
return False;
@@ -444,7 +609,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
lockfd = fileno(fp);
- if (!file_lock(lockfd, F_WRLCK, 5, &pw_file_lock_depth)) {
+ if (!pw_file_lock(lockfd, F_WRLCK, 5, &pw_file_lock_depth)) {
DEBUG(0, ("mod_smbfilepwd_entry: unable to lock file %s\n", pfile));
fclose(fp);
return False;
@@ -464,7 +629,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
fgets(linebuf, sizeof(linebuf), fp);
if (ferror(fp)) {
- file_unlock(lockfd, &pw_file_lock_depth);
+ pw_file_unlock(lockfd, &pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -524,16 +689,16 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
* As 256 is shorter than a pstring we don't need to check
* length here - if this ever changes....
*/
- strncpy(unix_name, linebuf, PTR_DIFF(p, linebuf));
- unix_name[PTR_DIFF(p, linebuf)] = '\0';
- if (strequal(unix_name, pwd->unix_name)) {
+ strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
+ user_name[PTR_DIFF(p, linebuf)] = '\0';
+ if (strequal(user_name, pwd->smb_name)) {
found_entry = True;
break;
}
}
if (!found_entry) {
- file_unlock(lockfd, &pw_file_lock_depth);
+ pw_file_unlock(lockfd, &pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -545,7 +710,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
if (!isdigit(*p)) {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (uid not number)\n"));
- file_unlock(lockfd, &pw_file_lock_depth);
+ pw_file_unlock(lockfd, &pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -554,7 +719,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
p++;
if (*p != ':') {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no : after uid)\n"));
- file_unlock(lockfd, &pw_file_lock_depth);
+ pw_file_unlock(lockfd, &pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -571,28 +736,28 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
if (!override && (*p == '*' || *p == 'X')) {
/* Password deliberately invalid - end here. */
- DEBUG(10, ("mod_smbfilepwd_entry: entry invalidated for unix user %s\n", unix_name));
- file_unlock(lockfd, &pw_file_lock_depth);
+ DEBUG(10, ("mod_smbfilepwd_entry: entry invalidated for user %s\n", user_name));
+ pw_file_unlock(lockfd, &pw_file_lock_depth);
fclose(fp);
return False;
}
if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n"));
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return (False);
}
if (p[32] != ':') {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n"));
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
if (!override && (*p == '*' || *p == 'X')) {
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -603,14 +768,14 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
the lanman password. */
if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n"));
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return (False);
}
if (p[32] != ':') {
DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n"));
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -648,7 +813,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
* acct ctrl field. Encode the given acct ctrl
* bits into it.
*/
- fstrcpy(encode_bits, pwdb_encode_acct_ctrl(pwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN));
+ fstrcpy(encode_bits, pdb_encode_acct_ctrl(pwd->acct_ctrl, NEW_PW_FORMAT_SPACE_PADDED_LEN));
} else {
/*
* If using the old format and the ACB_DISABLED or
@@ -738,7 +903,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
if(wr_len > sizeof(linebuf)) {
DEBUG(0, ("mod_smbfilepwd_entry: line to write (%d) is too long.\n", wr_len+1));
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return (False);
}
@@ -756,7 +921,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
if (sys_lseek(fd, pwd_seekpos - 1, SEEK_SET) != pwd_seekpos - 1) {
DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile));
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
@@ -764,50 +929,89 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
/* Sanity check - ensure the areas we are writing are framed by ':' */
if (read(fd, linebuf, wr_len+1) != wr_len+1) {
DEBUG(0, ("mod_smbfilepwd_entry: read fail on file %s.\n", pfile));
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
if ((linebuf[0] != ':') || (linebuf[wr_len] != ':')) {
DEBUG(0, ("mod_smbfilepwd_entry: check on passwd file %s failed.\n", pfile));
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
if (sys_lseek(fd, pwd_seekpos, SEEK_SET) != pwd_seekpos) {
DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile));
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
if (write(fd, ascii_p16, wr_len) != wr_len) {
DEBUG(0, ("mod_smbfilepwd_entry: write failed in passwd file %s\n", pfile));
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return False;
}
- file_unlock(lockfd,&pw_file_lock_depth);
+ pw_file_unlock(lockfd,&pw_file_lock_depth);
fclose(fp);
return True;
}
-static struct smb_passdb_ops file_ops = {
+/*
+ * Stub functions - implemented in terms of others.
+ */
+
+static BOOL mod_smbfile21pwd_entry(struct sam_passwd* pwd, BOOL override)
+{
+ return mod_smbfilepwd_entry(pdb_sam_to_smb(pwd), override);
+}
+
+static BOOL add_smbfile21pwd_entry(struct sam_passwd *newpwd)
+{
+ return add_smbfilepwd_entry(pdb_sam_to_smb(newpwd));
+}
+
+static struct sam_disp_info *getsmbfiledispnam(char *name)
+{
+ return pdb_sam_to_dispinfo(getsam21pwnam(name));
+}
+
+static struct sam_disp_info *getsmbfiledisprid(uint32 rid)
+{
+ return pdb_sam_to_dispinfo(getsam21pwrid(rid));
+}
+
+static struct sam_disp_info *getsmbfiledispent(void *vp)
+{
+ return pdb_sam_to_dispinfo(getsam21pwent(vp));
+}
+
+static struct passdb_ops file_ops = {
startsmbfilepwent,
endsmbfilepwent,
getsmbfilepwpos,
setsmbfilepwpos,
iterate_getsmbpwnam, /* In passdb.c */
iterate_getsmbpwuid, /* In passdb.c */
+ iterate_getsmbpwrid, /* In passdb.c */
getsmbfilepwent,
add_smbfilepwd_entry,
- mod_smbfilepwd_entry
+ mod_smbfilepwd_entry,
+ getsmbfile21pwent,
+ iterate_getsam21pwnam,
+ iterate_getsam21pwuid,
+ iterate_getsam21pwrid,
+ add_smbfile21pwd_entry,
+ mod_smbfile21pwd_entry,
+ getsmbfiledispnam,
+ getsmbfiledisprid,
+ getsmbfiledispent
};
-struct smb_passdb_ops *file_initialise_password_db(void)
+struct passdb_ops *file_initialize_password_db(void)
{
return &file_ops;
}
View Lorry Controller Status