Big cleanup of passdb and backends.

I did some basic tests but I have probably broken something. Notably the
password changing. So don't cry ;-)

	J.F.
(This used to be commit a4a4c02b12f030a3b9e6225b999c90689dfc4719)

4 files changed, 80 insertions, 64 deletions

diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index d503e65897..2b4676eb33 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -557,37 +557,36 @@ BOOL check_lanman_password(char *user, uchar * pass1,
 	SAM_ACCOUNT *sampass = NULL;
 	uint16 acct_ctrl;
 	uint8 *lanman_pw;
-
+	BOOL ret;
+	
 	become_root();
-	sampass = pdb_getsampwnam(user);
+	ret = pdb_getsampwnam(sampass, user);
 	unbecome_root();
 
-	if (sampass == NULL)
-	{
+	if (ret == False) {
 		DEBUG(0,("check_lanman_password: getsampwnam returned NULL\n"));
+		pdb_clear_sam(sampass);
 		return False;
 	}
 	
 	acct_ctrl = pdb_get_acct_ctrl     (sampass);
 	lanman_pw = pdb_get_lanman_passwd (sampass);
 
-	if (acct_ctrl & ACB_DISABLED)
-	{
-		DEBUG(0,("check_lanman_password: account %s disabled.\n",
-		       user));
+	if (acct_ctrl & ACB_DISABLED) {
+		DEBUG(0,("check_lanman_password: account %s disabled.\n", user));
+		pdb_clear_sam(sampass);
 		return False;
 	}
 
-	if ((lanman_pw == NULL) && (acct_ctrl & ACB_PWNOTREQ))
-	{
+	if ((lanman_pw == NULL) && (acct_ctrl & ACB_PWNOTREQ)) {
 		uchar no_pw[14];
 		memset(no_pw, '\0', 14);
 		E_P16(no_pw, null_pw);
 		pdb_set_lanman_passwd (sampass, null_pw);
 	}
-	else if (lanman_pw == NULL)
-	{
+	else if (lanman_pw == NULL) {
 		DEBUG(0, ("check_lanman_password: no lanman password !\n"));
+		pdb_clear_sam(sampass);
 		return False;
 	}
 
@@ -598,9 +597,9 @@ BOOL check_lanman_password(char *user, uchar * pass1,
 	D_P16(unenc_new_pw, pass1, unenc_old_pw);
 
 	/* Check that the two old passwords match. */
-	if (memcmp(lanman_pw, unenc_old_pw, 16))
-	{
+	if (memcmp(lanman_pw, unenc_old_pw, 16)) {
 		DEBUG(0,("check_lanman_password: old password doesn't match.\n"));
+		pdb_clear_sam(sampass);
 		return False;
 	}
 
@@ -625,30 +624,27 @@ BOOL change_lanman_password(SAM_ACCOUNT *sampass, uchar * pass1,
 	uint16 acct_ctrl;
 	uint8 *pwd;
 
-	if (sampass == NULL)
-	{
+	if (sampass == NULL) {
 		DEBUG(0,("change_lanman_password: no smb password entry.\n"));
 		return False;
 	}
+	
 	acct_ctrl = pdb_get_acct_ctrl(sampass);
 	pwd = pdb_get_lanman_passwd(sampass);
 
-	if (acct_ctrl & ACB_DISABLED)
-	{
+	if (acct_ctrl & ACB_DISABLED) {
 		DEBUG(0,("change_lanman_password: account %s disabled.\n",
 		       pdb_get_username(sampass)));
 		return False;
 	}
 
-	if ((pwd == NULL) && (acct_ctrl & ACB_PWNOTREQ))
-	{
+	if ((pwd == NULL) && (acct_ctrl & ACB_PWNOTREQ)) {
 		uchar no_pw[14];
 		memset(no_pw, '\0', 14);
 		E_P16(no_pw, null_pw);
 		pdb_set_lanman_passwd(sampass, null_pw);
 	}
-	else if (pwd == NULL)
-	{
+	else if (pwd == NULL) {
 		DEBUG(0,("change_lanman_password: no lanman password !\n"));
 		return False;
 	}
@@ -689,17 +685,15 @@ BOOL pass_oem_change(char *user,
 	 */
 
 	if (ret && lp_unix_password_sync())
-	{
 		ret = chgpasswd(user, "", new_passwd, True);
-	}
 
 	if (ret)
-	{
 		ret = change_oem_password(sampass, new_passwd, False);
-	}
 
 	memset(new_passwd, 0, sizeof(new_passwd));
 
+	pdb_clear_sam(sampass);
+
 	return ret;
 }
 
@@ -727,22 +721,26 @@ BOOL check_oem_password(char *user,
 	uchar new_p16[16];
 	uchar unenc_old_pw[16];
 	char no_pw[2];
+	BOOL ret;
 
 	BOOL nt_pass_set = (ntdata != NULL && nthash != NULL);
 
+	pdb_init_sam(&sampass);
+
 	become_root();
-	*hnd = sampass = pdb_getsampwnam(user);
+	ret = pdb_getsampwnam(sampass, user);
 	unbecome_root();
 
-	if (sampass == NULL)
-	{
+	if (ret == False) {
 		DEBUG(0, ("check_oem_password: getsmbpwnam returned NULL\n"));
 		return False;
 	}
+
+	*hnd = sampass;
+	
 	acct_ctrl = pdb_get_acct_ctrl(sampass);
 	
-	if (acct_ctrl & ACB_DISABLED)
-	{
+	if (acct_ctrl & ACB_DISABLED) {
 		DEBUG(0,("check_lanman_password: account %s disabled.\n", user));
 		return False;
 	}
@@ -757,27 +755,19 @@ BOOL check_oem_password(char *user,
 	nt_pw     = pdb_get_nt_passwd    (sampass);
 
 	/* check for null passwords */
-	if (lanman_pw == NULL)
-	{
+	if (lanman_pw == NULL) {
 		if (acct_ctrl & ACB_PWNOTREQ)
-		{
 			pdb_set_lanman_passwd(sampass, null_pw);
-		}
-		else
-		{
+		else {
 			DEBUG(0,("check_oem_password: no lanman password !\n"));
 			return False;
 		}
 	}
 
-	if (pdb_get_nt_passwd(sampass) == NULL && nt_pass_set)
-	{
+	if (pdb_get_nt_passwd(sampass) == NULL && nt_pass_set) {
 		if (acct_ctrl & ACB_PWNOTREQ)
-		{
 			pdb_set_nt_passwd(sampass, null_pw);
-		}
-		else
-		{
+		else {
 			DEBUG(0,("check_oem_password: no ntlm password !\n"));
 			return False;
 		}
@@ -794,15 +784,12 @@ BOOL check_oem_password(char *user,
 	 */
 
 	new_pw_len = IVAL(lmdata, 512);
-	if (new_pw_len < 0 || new_pw_len > new_passwd_size - 1)
-	{
-		DEBUG(0,("check_oem_password: incorrect password length (%d).\n",
-		       new_pw_len));
+	if (new_pw_len < 0 || new_pw_len > new_passwd_size - 1) {
+		DEBUG(0,("check_oem_password: incorrect password length (%d).\n", new_pw_len));
 		return False;
 	}
 
-	if (nt_pass_set)
-	{
+	if (nt_pass_set) {
 		/*
 		 * nt passwords are in unicode
 		 */
@@ -811,9 +798,7 @@ BOOL check_oem_password(char *user,
 		new_pw_len /= 2;
 		pw = dos_unistrn2((uint16 *)(&lmdata[512 - uni_pw_len]),new_pw_len);
 		memcpy(new_passwd, pw, new_pw_len + 1);
-	}
-	else
-	{
+	} else {
 		memcpy(new_passwd, &lmdata[512 - new_pw_len], new_pw_len);
 		new_passwd[new_pw_len] = '\0';
 	}
@@ -908,12 +893,17 @@ BOOL check_plaintext_password(char *user, char *old_passwd,
 {
 	SAM_ACCOUNT  *sampass = NULL;
 	uchar old_pw[16], old_ntpw[16];
+	BOOL ret;
+
+	pdb_init_sam(&sampass);
 
 	become_root();
-	*hnd = sampass = pdb_getsampwnam(user);
+	ret = pdb_getsampwnam(sampass, user);
 	unbecome_root();
 
-	if (sampass == NULL)
+	*hnd = sampass;
+
+	if (ret == False)
 	{
 		DEBUG(0,("check_plaintext_password: getsmbpwnam returned NULL\n"));
 		return False;
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 8dc3d8308a..d5dd876670 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -1765,7 +1765,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
 
   {
     fstring saved_pass2;
-    SAM_ACCOUNT *sampass;
+    SAM_ACCOUNT *sampass=NULL;
 
     /*
      * Save the new password as change_oem_password overwrites it
@@ -1788,7 +1788,9 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
       if(lp_unix_password_sync() && !chgpasswd(user,pass1,saved_pass2,False))
         SSVAL(*rparam,0,NERR_badpass);
     }
-  }
+ 	pdb_clear_sam(sampass);
+ }
+  
 
   /*
    * If the above failed, attempt the plaintext password change.
@@ -1823,8 +1825,10 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
     {
       SSVAL(*rparam,0,NERR_Success);
     }
+	pdb_clear_sam(hnd);
   }
 
+
   memset((char *)pass1,'\0',sizeof(fstring));
   memset((char *)pass2,'\0',sizeof(fstring));	 
 	 
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 5820afacc8..f42451dceb 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -368,12 +368,15 @@ static BOOL update_smbpassword_file(char *user, char *password)
 	SAM_ACCOUNT 	*sampass = NULL;
 	BOOL 		ret;
 	
+	pdb_init_sam(&sampass);
+	
 	become_root();
-	sampass = pdb_getsampwnam(user);
+	ret = pdb_getsampwnam(sampass, user);
 	unbecome_root();
 
-	if(sampass == NULL) {
+	if(ret == False) {
 		DEBUG(0,("pdb_getsampwnam returned NULL\n"));
+		pdb_clear_sam(sampass);
 		return False;
 	}
 
@@ -390,6 +393,7 @@ static BOOL update_smbpassword_file(char *user, char *password)
 		DEBUG(3,("change_oem_password returned False\n"));
 	}
 
+	pdb_clear_sam(sampass);
 	return ret;
 }
 
@@ -519,7 +523,8 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal,
                     uchar *lm_pwd, uchar *nt_pwd, struct passwd *pwd)
 {
 	struct passwd *pass;
-	SAM_ACCOUNT *sampass;
+	SAM_ACCOUNT *sampass=NULL;
+	BOOL ret;
 
 	if (!lm_pwd || !nt_pwd)
 	{
@@ -546,17 +551,21 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal,
 		return(False);
 	}
 
+	pdb_init_sam(&sampass);
+
 	/* get the account information */
-	sampass = pdb_getsampwnam(user);
-	if (sampass == NULL)
+	ret = pdb_getsampwnam(sampass, user);
+	if (ret == False)
 	{
 		DEBUG(1,("Couldn't find user '%s' in passdb file.\n", user));
+		pdb_clear_sam(sampass);
 		return(False);
 	}
 
 	/* Quit if the account was disabled. */
 	if(pdb_get_acct_ctrl(sampass) & ACB_DISABLED) {
 		DEBUG(1,("Account for user '%s' was disabled.\n", user));
+		pdb_clear_sam(sampass);
 		return(False);
 	}
 
@@ -566,6 +575,7 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal,
 	if (smb_pass->smb_userid != pass->pw_uid)
 	{
 		DEBUG(0,("Error : UNIX and SMB uids in password files do not match for user '%s'!\n", user));
+		pdb_clear_sam(sampass);
 		return(False);
 	}
 #endif
@@ -575,21 +585,25 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal,
 		if (lp_null_passwords()) 
 		{
 			DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", user));
+			pdb_clear_sam(sampass);
 			return(True);
 		} 
 		else 
 		{
 			DEBUG(3,("Account for user '%s' has no password and null passwords are NOT allowed.\n", user));
+			pdb_clear_sam(sampass);
 			return(False);
 		}		
 	}
 
 	if (smb_password_ok(sampass, chal, lm_pwd, nt_pwd))
 	{
+		pdb_clear_sam(sampass);
 		return(True);
 	}
 	
 	DEBUG(2,("pass_check_smb failed - invalid password for user [%s]\n", user));
+	pdb_clear_sam(sampass);
 	return False;
 }
 
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 61b9390d08..c9ef881b59 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -427,34 +427,42 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out
   /* check if trust account exists */
   SAM_ACCOUNT 	*sam_trust_acct = NULL; 
   uint16	acct_ctrl;
+  BOOL ret;
+  
+  pdb_init_sam(&sam_trust_acct);
 
   if (lp_security() == SEC_USER) {
-    sam_trust_acct = pdb_getsampwnam(user);
+    ret = pdb_getsampwnam(sam_trust_acct, user);
   } else {
     DEBUG(0,("session_trust_account: Trust account %s only supported with security = user\n", user));
     SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);
+    pdb_clear_sam(sam_trust_acct);
     return(ERROR(0, NT_STATUS_LOGON_FAILURE));
   }
 
-  if (sam_trust_acct == NULL) {
+  if (ret == False) {
     /* lkclXXXX: workstation entry doesn't exist */
     DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user));
     SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);
+    pdb_clear_sam(sam_trust_acct);
     return(ERROR(0, NT_STATUS_NO_SUCH_USER));
   } else {
     if ((smb_passlen != 24) || (smb_nt_passlen != 24)) {
       DEBUG(0,("session_trust_account: Trust account %s - password length wrong.\n", user));
       SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);
-      return(ERROR(0, NT_STATUS_LOGON_FAILURE));
+     pdb_clear_sam(sam_trust_acct);
+     return(ERROR(0, NT_STATUS_LOGON_FAILURE));
     }
 
     if (!smb_password_ok(sam_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) {
       DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user));
       SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);
+    pdb_clear_sam(sam_trust_acct);
       return(ERROR(0, NT_STATUS_LOGON_FAILURE));
     }
 
     acct_ctrl = pdb_get_acct_ctrl(sam_trust_acct);
+    pdb_clear_sam(sam_trust_acct);
     if (acct_ctrl & ACB_DOMTRUST) {
       DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user));
       SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);