summaryrefslogtreecommitdiff
path: root/source3/utils/smbpasswd.c
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>1998-11-12 07:06:48 +0000
committerAndrew Tridgell <tridge@samba.org>1998-11-12 07:06:48 +0000
commit29e36b713468d7e7de301c483fc340ef42b4a9fb (patch)
treefd97dcedea842356595ce290c2fb1f95d8448285 /source3/utils/smbpasswd.c
parent4f368d8b924b76007809e967ac1f37f6a1ebdd68 (diff)
downloadsamba-29e36b713468d7e7de301c483fc340ef42b4a9fb.tar.gz
samba-29e36b713468d7e7de301c483fc340ef42b4a9fb.tar.bz2
samba-29e36b713468d7e7de301c483fc340ef42b4a9fb.zip
extracted the password change code from smbpasswd and used it in swat
instead of opening pipes and other horrible stuff. (This used to be commit 49bf19710345a59a2d17cd449be1a132885ed821)
Diffstat (limited to 'source3/utils/smbpasswd.c')
-rw-r--r--source3/utils/smbpasswd.c218
1 files changed, 0 insertions, 218 deletions
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
index da7caacb11..2303bc56df 100644
--- a/source3/utils/smbpasswd.c
+++ b/source3/utils/smbpasswd.c
@@ -19,10 +19,8 @@
#include "includes.h"
-extern pstring scope;
extern pstring myhostname;
extern pstring global_myname;
-extern fstring global_myworkgroup;
extern int DEBUGLEVEL;
@@ -213,222 +211,6 @@ static char *prompt_for_new_password(BOOL stdin_get)
}
-
-
-/*************************************************************
-change a password on a remote machine using IPC calls
-*************************************************************/
-static BOOL remote_password_change(const char *remote_machine, const char *user_name,
- const char *old_passwd, const char *new_passwd)
-{
- struct nmb_name calling, called;
- struct cli_state cli;
- struct in_addr ip;
-
- if(!resolve_name( remote_machine, &ip, 0x20)) {
- fprintf(stderr, "unable to find an IP address for machine %s.\n",
- remote_machine );
- return False;
- }
-
- ZERO_STRUCT(cli);
-
- if (!cli_initialise(&cli) || !cli_connect(&cli, remote_machine, &ip)) {
- fprintf(stderr, "unable to connect to SMB server on machine %s. Error was : %s.\n",
- remote_machine, cli_errstr(&cli) );
- return False;
- }
-
- make_nmb_name(&calling, global_myname , 0x0 , scope);
- make_nmb_name(&called , remote_machine, 0x20, scope);
-
- if (!cli_session_request(&cli, &calling, &called)) {
- fprintf(stderr, "machine %s rejected the session setup. Error was : %s.\n",
- remote_machine, cli_errstr(&cli) );
- cli_shutdown(&cli);
- return False;
- }
-
- cli.protocol = PROTOCOL_NT1;
-
- if (!cli_negprot(&cli)) {
- fprintf(stderr, "machine %s rejected the negotiate protocol. Error was : %s.\n",
- remote_machine, cli_errstr(&cli) );
- cli_shutdown(&cli);
- return False;
- }
-
- /*
- * We should connect as the anonymous user here, in case
- * the server has "must change password" checked...
- * Thanks to <Nicholas.S.Jenkins@cdc.com> for this fix.
- */
-
- if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) {
- fprintf(stderr, "machine %s rejected the session setup. Error was : %s.\n",
- remote_machine, cli_errstr(&cli) );
- cli_shutdown(&cli);
- return False;
- }
-
- if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
- fprintf(stderr, "machine %s rejected the tconX on the IPC$ share. Error was : %s.\n",
- remote_machine, cli_errstr(&cli) );
- cli_shutdown(&cli);
- return False;
- }
-
- if(!cli_oem_change_password(&cli, user_name, new_passwd, old_passwd)) {
- fprintf(stderr, "machine %s rejected the password change: Error was : %s.\n",
- remote_machine, cli_errstr(&cli) );
- cli_shutdown(&cli);
- return False;
- }
-
- cli_shutdown(&cli);
- return True;
-}
-
-
-/*************************************************************
-add a new user to the local smbpasswd file
-*************************************************************/
-static BOOL add_new_user(char *user_name, uid_t uid, BOOL trust_account,
- BOOL disable_user, BOOL set_no_password,
- uchar *new_p16, uchar *new_nt_p16)
-{
- struct smb_passwd new_smb_pwent;
-
- /* Create a new smb passwd entry and set it to the given password. */
- new_smb_pwent.smb_userid = uid;
- new_smb_pwent.smb_name = user_name;
- new_smb_pwent.smb_passwd = NULL;
- new_smb_pwent.smb_nt_passwd = NULL;
- new_smb_pwent.acct_ctrl = (trust_account ? ACB_WSTRUST : ACB_NORMAL);
-
- if(disable_user) {
- new_smb_pwent.acct_ctrl |= ACB_DISABLED;
- } else if (set_no_password) {
- new_smb_pwent.acct_ctrl |= ACB_PWNOTREQ;
- } else {
- new_smb_pwent.smb_passwd = new_p16;
- new_smb_pwent.smb_nt_passwd = new_nt_p16;
- }
-
- return add_smbpwd_entry(&new_smb_pwent);
-}
-
-
-/*************************************************************
-change a password entry in the local smbpasswd file
-*************************************************************/
-static BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user,
- BOOL enable_user, BOOL disable_user, BOOL set_no_password,
- char *new_passwd)
-{
- struct passwd *pwd;
- void *vp;
- struct smb_passwd *smb_pwent;
- uchar new_p16[16];
- uchar new_nt_p16[16];
-
- pwd = getpwnam(user_name);
-
- /*
- * Check for a machine account.
- */
-
- if(trust_account && !pwd) {
- fprintf(stderr, "User %s does not exist in system password file (usually /etc/passwd). Cannot add machine account without a valid system user.\n",
- user_name);
- return False;
- }
-
- /* Calculate the MD4 hash (NT compatible) of the new password. */
- nt_lm_owf_gen(new_passwd, new_nt_p16, new_p16);
-
- /*
- * Open the smbpaswd file.
- */
- vp = startsmbpwent(True);
- if (!vp && errno == ENOENT) {
- FILE *fp;
- fprintf(stderr,"smbpasswd file did not exist - attempting to create it.\n");
- fp = fopen(lp_smb_passwd_file(), "w");
- if (fp) {
- fprintf(fp, "# Samba SMB password file\n");
- fclose(fp);
- vp = startsmbpwent(True);
- }
- }
-
- if (!vp) {
- perror(lp_smb_passwd_file());
- return False;
- }
-
- /* Get the smb passwd entry for this user */
- smb_pwent = getsmbpwnam(user_name);
- if (smb_pwent == NULL) {
- if(add_user == False) {
- fprintf(stderr, "Failed to find entry for user %s.\n",
- pwd->pw_name);
- endsmbpwent(vp);
- return False;
- }
-
- if (add_new_user(user_name, pwd->pw_uid, trust_account, disable_user,
- set_no_password, new_p16, new_nt_p16)) {
- printf("Added user %s.\n", user_name);
- endsmbpwent(vp);
- return True;
- } else {
- fprintf(stderr, "Failed to add entry for user %s.\n", user_name);
- endsmbpwent(vp);
- return False;
- }
- } else {
- /* the entry already existed */
- add_user = False;
- }
-
- /*
- * We are root - just write the new password
- * and the valid last change time.
- */
-
- if(disable_user) {
- smb_pwent->acct_ctrl |= ACB_DISABLED;
- } else if (enable_user) {
- if(smb_pwent->smb_passwd == NULL) {
- smb_pwent->smb_passwd = new_p16;
- smb_pwent->smb_nt_passwd = new_nt_p16;
- }
- smb_pwent->acct_ctrl &= ~ACB_DISABLED;
- } else if (set_no_password) {
- smb_pwent->acct_ctrl |= ACB_PWNOTREQ;
- /* This is needed to preserve ACB_PWNOTREQ in mod_smbfilepwd_entry */
- smb_pwent->smb_passwd = NULL;
- smb_pwent->smb_nt_passwd = NULL;
- } else {
- smb_pwent->acct_ctrl &= ~ACB_PWNOTREQ;
- smb_pwent->smb_passwd = new_p16;
- smb_pwent->smb_nt_passwd = new_nt_p16;
- }
-
- if(mod_smbpwd_entry(smb_pwent,True) == False) {
- fprintf(stderr, "Failed to modify entry for user %s.\n",
- pwd->pw_name);
- endsmbpwent(vp);
- return False;
- }
-
- endsmbpwent(vp);
-
- return True;
-}
-
-
/*************************************************************
change a password either locally or remotely
*************************************************************/