summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorAndreas Schneider <asn@samba.org>2010-07-29 13:16:09 +0200
committerAndreas Schneider <asn@samba.org>2010-08-16 12:48:27 +0200
commit66b6a8cf62c2fe9b1eafeb094916e6046f686359 (patch)
treef7ea7068a1a6d63ccefc804128d7cd640bf03ec4 /source3/auth
parentf03ac22770ef96d4b0fec81d94efefcddd8b310b (diff)
downloadsamba-66b6a8cf62c2fe9b1eafeb094916e6046f686359.tar.gz
samba-66b6a8cf62c2fe9b1eafeb094916e6046f686359.tar.bz2
samba-66b6a8cf62c2fe9b1eafeb094916e6046f686359.zip
s3-auth: Remove obsolete 'update encrypted' option.
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_unix.c58
-rw-r--r--source3/auth/pass_check.c13
2 files changed, 5 insertions, 66 deletions
diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c
index a9a4c53704..8668a2f579 100644
--- a/source3/auth/auth_unix.c
+++ b/source3/auth/auth_unix.c
@@ -23,60 +23,6 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
-/**
- * update the encrypted smbpasswd file from the plaintext username and password
- *
- * this ugly hack needs to die, but not quite yet, I think people still use it...
- **/
-static bool update_smbpassword_file(const char *user, const char *password)
-{
- struct samu *sampass;
- bool ret;
-
- if ( !(sampass = samu_new( NULL )) ) {
- return False;
- }
-
- become_root();
- ret = pdb_getsampwnam(sampass, user);
- unbecome_root();
-
- if(ret == False) {
- DEBUG(0,("pdb_getsampwnam returned NULL\n"));
- TALLOC_FREE(sampass);
- return False;
- }
-
- /*
- * Remove the account disabled flag - we are updating the
- * users password from a login.
- */
- if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED, PDB_CHANGED)) {
- TALLOC_FREE(sampass);
- return False;
- }
-
- if (!pdb_set_plaintext_passwd (sampass, password)) {
- TALLOC_FREE(sampass);
- return False;
- }
-
- /* Now write it into the file. */
- become_root();
-
- ret = NT_STATUS_IS_OK(pdb_update_sam_account (sampass));
-
- unbecome_root();
-
- if (ret) {
- DEBUG(3,("pdb_update_sam_account returned %d\n",ret));
- }
-
- TALLOC_FREE(sampass);
- return ret;
-}
-
-
/** Check a plaintext username/password
*
* Cannot deal with an encrupted password in any manner whatsoever,
@@ -102,9 +48,7 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context,
nt_status = pass_check(pass,
pass ? pass->pw_name : user_info->mapped.account_name,
user_info->password.plaintext,
- lp_update_encrypted() ?
- update_smbpassword_file : NULL,
- True);
+ true);
unbecome_root();
diff --git a/source3/auth/pass_check.c b/source3/auth/pass_check.c
index d1b720c922..ee35fba5f4 100644
--- a/source3/auth/pass_check.c
+++ b/source3/auth/pass_check.c
@@ -647,8 +647,10 @@ match is found and is used to update the encrypted password file
return NT_STATUS_OK on correct match, appropriate error otherwise
****************************************************************************/
-NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *password,
- bool (*fn) (const char *, const char *), bool run_cracker)
+NTSTATUS pass_check(const struct passwd *pass,
+ const char *user,
+ const char *password,
+ bool run_cracker)
{
char *pass2 = NULL;
int level = lp_passwordlevel();
@@ -820,9 +822,6 @@ NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *pas
/* try it as it came to us */
nt_status = password_check(password);
if NT_STATUS_IS_OK(nt_status) {
- if (fn) {
- fn(user, password);
- }
return (nt_status);
} else if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD)) {
/* No point continuing if its not the password thats to blame (ie PAM disabled). */
@@ -850,8 +849,6 @@ NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *pas
if (strhasupper(pass2)) {
strlower_m(pass2);
if NT_STATUS_IS_OK(nt_status = password_check(pass2)) {
- if (fn)
- fn(user, pass2);
return (nt_status);
}
}
@@ -865,8 +862,6 @@ NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *pas
strlower_m(pass2);
if (NT_STATUS_IS_OK(nt_status = string_combinations(pass2, password_check, level))) {
- if (fn)
- fn(user, pass2);
return nt_status;
}