password.c:

	added become_root / unbecome_root around the get machine account password.

smbpass.c:

	cleaning up code.

	- turning if (BOOL_expr == False) into if (BOOL_expr)
	  what if you test if (BOOL_expr == True) and someone defines
	  True to be -1 on one system and 1 on another?  or if you get
	  inconsistent return results between developers

	- removed if ((FILE*) == 0) and made this if ((FILE*) == NULL) -
	  cannot assume that NULL is zero integer.  plus there are typecast
	  issues to deal with

	- removed return (ret == 0) ? True : False and made this return ret == 0
	  rely on the compiler to return correct BOOL value: not all developers
	  will return True or False #defines: stick with BOOL test (non-zero).

	- removed if (ret == False) replaced with if (!ret)

	- bug where instead of if (sizeof(pstring)-len-len-6 < 0) it had a
	  boolean test if (pstring-len-len-6).

	- removed "." after debugging of filenames: the "." - a fullstop -
	  looked like it was part of the filename, making things difficult
	  to sort out.

still to be resolved: the global_myname isn't set up, such that the
machine account password file is named "TEST3..mac".
(This used to be commit 315e26c23abf7137684bf084c825ad241076132e)

1 files changed, 4 insertions, 0 deletions

diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 21424592f1..f2ab29001e 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -1932,6 +1932,8 @@ BOOL domain_client_validate( char *user, char *domain,
     }
   }
 
+  become_root(False);
+
   /*
    * Get the machine account password.
    */
@@ -1950,6 +1952,8 @@ machine %s in domain %s.\n", global_myname, global_myworkgroup ));
 
   machine_password_unlock(vp);
 
+  unbecome_root(False);
+
   /* 
    * Here we should check the last change time to see if the machine
    * password needs changing..... TODO... JRA.