diff options
author | Andrew Tridgell <tridge@samba.org> | 1998-11-12 07:06:48 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 1998-11-12 07:06:48 +0000 |
commit | 29e36b713468d7e7de301c483fc340ef42b4a9fb (patch) | |
tree | fd97dcedea842356595ce290c2fb1f95d8448285 /source3/utils/smbpasswd.c | |
parent | 4f368d8b924b76007809e967ac1f37f6a1ebdd68 (diff) | |
download | samba-29e36b713468d7e7de301c483fc340ef42b4a9fb.tar.gz samba-29e36b713468d7e7de301c483fc340ef42b4a9fb.tar.bz2 samba-29e36b713468d7e7de301c483fc340ef42b4a9fb.zip |
extracted the password change code from smbpasswd and used it in swat
instead of opening pipes and other horrible stuff.
(This used to be commit 49bf19710345a59a2d17cd449be1a132885ed821)
Diffstat (limited to 'source3/utils/smbpasswd.c')
-rw-r--r-- | source3/utils/smbpasswd.c | 218 |
1 files changed, 0 insertions, 218 deletions
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index da7caacb11..2303bc56df 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -19,10 +19,8 @@ #include "includes.h" -extern pstring scope; extern pstring myhostname; extern pstring global_myname; -extern fstring global_myworkgroup; extern int DEBUGLEVEL; @@ -213,222 +211,6 @@ static char *prompt_for_new_password(BOOL stdin_get) } - - -/************************************************************* -change a password on a remote machine using IPC calls -*************************************************************/ -static BOOL remote_password_change(const char *remote_machine, const char *user_name, - const char *old_passwd, const char *new_passwd) -{ - struct nmb_name calling, called; - struct cli_state cli; - struct in_addr ip; - - if(!resolve_name( remote_machine, &ip, 0x20)) { - fprintf(stderr, "unable to find an IP address for machine %s.\n", - remote_machine ); - return False; - } - - ZERO_STRUCT(cli); - - if (!cli_initialise(&cli) || !cli_connect(&cli, remote_machine, &ip)) { - fprintf(stderr, "unable to connect to SMB server on machine %s. Error was : %s.\n", - remote_machine, cli_errstr(&cli) ); - return False; - } - - make_nmb_name(&calling, global_myname , 0x0 , scope); - make_nmb_name(&called , remote_machine, 0x20, scope); - - if (!cli_session_request(&cli, &calling, &called)) { - fprintf(stderr, "machine %s rejected the session setup. Error was : %s.\n", - remote_machine, cli_errstr(&cli) ); - cli_shutdown(&cli); - return False; - } - - cli.protocol = PROTOCOL_NT1; - - if (!cli_negprot(&cli)) { - fprintf(stderr, "machine %s rejected the negotiate protocol. Error was : %s.\n", - remote_machine, cli_errstr(&cli) ); - cli_shutdown(&cli); - return False; - } - - /* - * We should connect as the anonymous user here, in case - * the server has "must change password" checked... - * Thanks to <Nicholas.S.Jenkins@cdc.com> for this fix. - */ - - if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) { - fprintf(stderr, "machine %s rejected the session setup. Error was : %s.\n", - remote_machine, cli_errstr(&cli) ); - cli_shutdown(&cli); - return False; - } - - if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) { - fprintf(stderr, "machine %s rejected the tconX on the IPC$ share. Error was : %s.\n", - remote_machine, cli_errstr(&cli) ); - cli_shutdown(&cli); - return False; - } - - if(!cli_oem_change_password(&cli, user_name, new_passwd, old_passwd)) { - fprintf(stderr, "machine %s rejected the password change: Error was : %s.\n", - remote_machine, cli_errstr(&cli) ); - cli_shutdown(&cli); - return False; - } - - cli_shutdown(&cli); - return True; -} - - -/************************************************************* -add a new user to the local smbpasswd file -*************************************************************/ -static BOOL add_new_user(char *user_name, uid_t uid, BOOL trust_account, - BOOL disable_user, BOOL set_no_password, - uchar *new_p16, uchar *new_nt_p16) -{ - struct smb_passwd new_smb_pwent; - - /* Create a new smb passwd entry and set it to the given password. */ - new_smb_pwent.smb_userid = uid; - new_smb_pwent.smb_name = user_name; - new_smb_pwent.smb_passwd = NULL; - new_smb_pwent.smb_nt_passwd = NULL; - new_smb_pwent.acct_ctrl = (trust_account ? ACB_WSTRUST : ACB_NORMAL); - - if(disable_user) { - new_smb_pwent.acct_ctrl |= ACB_DISABLED; - } else if (set_no_password) { - new_smb_pwent.acct_ctrl |= ACB_PWNOTREQ; - } else { - new_smb_pwent.smb_passwd = new_p16; - new_smb_pwent.smb_nt_passwd = new_nt_p16; - } - - return add_smbpwd_entry(&new_smb_pwent); -} - - -/************************************************************* -change a password entry in the local smbpasswd file -*************************************************************/ -static BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user, - BOOL enable_user, BOOL disable_user, BOOL set_no_password, - char *new_passwd) -{ - struct passwd *pwd; - void *vp; - struct smb_passwd *smb_pwent; - uchar new_p16[16]; - uchar new_nt_p16[16]; - - pwd = getpwnam(user_name); - - /* - * Check for a machine account. - */ - - if(trust_account && !pwd) { - fprintf(stderr, "User %s does not exist in system password file (usually /etc/passwd). Cannot add machine account without a valid system user.\n", - user_name); - return False; - } - - /* Calculate the MD4 hash (NT compatible) of the new password. */ - nt_lm_owf_gen(new_passwd, new_nt_p16, new_p16); - - /* - * Open the smbpaswd file. - */ - vp = startsmbpwent(True); - if (!vp && errno == ENOENT) { - FILE *fp; - fprintf(stderr,"smbpasswd file did not exist - attempting to create it.\n"); - fp = fopen(lp_smb_passwd_file(), "w"); - if (fp) { - fprintf(fp, "# Samba SMB password file\n"); - fclose(fp); - vp = startsmbpwent(True); - } - } - - if (!vp) { - perror(lp_smb_passwd_file()); - return False; - } - - /* Get the smb passwd entry for this user */ - smb_pwent = getsmbpwnam(user_name); - if (smb_pwent == NULL) { - if(add_user == False) { - fprintf(stderr, "Failed to find entry for user %s.\n", - pwd->pw_name); - endsmbpwent(vp); - return False; - } - - if (add_new_user(user_name, pwd->pw_uid, trust_account, disable_user, - set_no_password, new_p16, new_nt_p16)) { - printf("Added user %s.\n", user_name); - endsmbpwent(vp); - return True; - } else { - fprintf(stderr, "Failed to add entry for user %s.\n", user_name); - endsmbpwent(vp); - return False; - } - } else { - /* the entry already existed */ - add_user = False; - } - - /* - * We are root - just write the new password - * and the valid last change time. - */ - - if(disable_user) { - smb_pwent->acct_ctrl |= ACB_DISABLED; - } else if (enable_user) { - if(smb_pwent->smb_passwd == NULL) { - smb_pwent->smb_passwd = new_p16; - smb_pwent->smb_nt_passwd = new_nt_p16; - } - smb_pwent->acct_ctrl &= ~ACB_DISABLED; - } else if (set_no_password) { - smb_pwent->acct_ctrl |= ACB_PWNOTREQ; - /* This is needed to preserve ACB_PWNOTREQ in mod_smbfilepwd_entry */ - smb_pwent->smb_passwd = NULL; - smb_pwent->smb_nt_passwd = NULL; - } else { - smb_pwent->acct_ctrl &= ~ACB_PWNOTREQ; - smb_pwent->smb_passwd = new_p16; - smb_pwent->smb_nt_passwd = new_nt_p16; - } - - if(mod_smbpwd_entry(smb_pwent,True) == False) { - fprintf(stderr, "Failed to modify entry for user %s.\n", - pwd->pw_name); - endsmbpwent(vp); - return False; - } - - endsmbpwent(vp); - - return True; -} - - /************************************************************* change a password either locally or remotely *************************************************************/ |