summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorLuke Leighton <lkcl@samba.org>1998-04-29 11:00:12 +0000
committerLuke Leighton <lkcl@samba.org>1998-04-29 11:00:12 +0000
commita8e7f804ca86c4ae91d6d4429f9fe264947b54f9 (patch)
tree31cf80e60d64816b3a97ec8b624f7e7eb7e50c4d /source3
parentd3832506b2583130c4f4ba4b3edeabca987b7cbb (diff)
downloadsamba-a8e7f804ca86c4ae91d6d4429f9fe264947b54f9.tar.gz
samba-a8e7f804ca86c4ae91d6d4429f9fe264947b54f9.tar.bz2
samba-a8e7f804ca86c4ae91d6d4429f9fe264947b54f9.zip
password.c:
added become_root / unbecome_root around the get machine account password. smbpass.c: cleaning up code. - turning if (BOOL_expr == False) into if (BOOL_expr) what if you test if (BOOL_expr == True) and someone defines True to be -1 on one system and 1 on another? or if you get inconsistent return results between developers - removed if ((FILE*) == 0) and made this if ((FILE*) == NULL) - cannot assume that NULL is zero integer. plus there are typecast issues to deal with - removed return (ret == 0) ? True : False and made this return ret == 0 rely on the compiler to return correct BOOL value: not all developers will return True or False #defines: stick with BOOL test (non-zero). - removed if (ret == False) replaced with if (!ret) - bug where instead of if (sizeof(pstring)-len-len-6 < 0) it had a boolean test if (pstring-len-len-6). - removed "." after debugging of filenames: the "." - a fullstop - looked like it was part of the filename, making things difficult to sort out. still to be resolved: the global_myname isn't set up, such that the machine account password file is named "TEST3..mac". (This used to be commit 315e26c23abf7137684bf084c825ad241076132e)
Diffstat (limited to 'source3')
-rw-r--r--source3/passdb/smbpass.c27
-rw-r--r--source3/smbd/password.c4
2 files changed, 21 insertions, 10 deletions
diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c
index 15f1d4d37f..aa3a694567 100644
--- a/source3/passdb/smbpass.c
+++ b/source3/passdb/smbpass.c
@@ -63,7 +63,7 @@ static BOOL do_pw_lock(int fd, int waitsecs, int type)
return False;
}
- return ((ret == 0) ? True : False);
+ return (ret == 0);
}
static int pw_file_lock_depth;
@@ -103,7 +103,7 @@ static BOOL pw_file_unlock(int fd, int *plock_depth)
(*plock_depth)--;
- if(ret == False)
+ if(!ret)
DEBUG(10,("pw_file_unlock: unlocking file failed, error = %s.\n",
strerror(errno)));
return ret;
@@ -135,7 +135,8 @@ void *startsmbpwent(BOOL update)
/* Set a 16k buffer to do more efficient reads */
setvbuf(fp, s_readbuf, _IOFBF, sizeof(s_readbuf));
- if ((pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0), 5, &pw_file_lock_depth)) == False) {
+ if (!pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0), 5, &pw_file_lock_depth))
+ {
DEBUG(0, ("startsmbpwent: unable to lock file %s\n", pfile));
fclose(fp);
return NULL;
@@ -773,7 +774,7 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd)
lockfd = fileno(fp);
- if (pw_file_lock(lockfd, F_RDLCK | F_WRLCK, 5, &pw_file_lock_depth) == False) {
+ if (!pw_file_lock(lockfd, F_RDLCK | F_WRLCK, 5, &pw_file_lock_depth)) {
DEBUG(0, ("mod_smbpwd_entry: unable to lock file %s\n", pfile));
fclose(fp);
return False;
@@ -1086,12 +1087,17 @@ void *machine_password_lock( char *domain, char *name, BOOL update)
char *p;
if(mach_passwd_lock_depth == 0) {
+
pstrcpy(mac_file, lp_smb_passwd_file());
p = strrchr(mac_file, '/');
+
if(p != NULL)
*++p = '\0';
+
mac_file_len = strlen(mac_file);
- if(sizeof(pstring) - mac_file_len - strlen(domain) - strlen(name) - 6) {
+
+ if (sizeof(pstring) - mac_file_len - strlen(domain) - strlen(name) - 6 < 0)
+ {
DEBUG(0,("machine_password_lock: path %s too long to add machine details.\n",
mac_file));
return NULL;
@@ -1102,8 +1108,8 @@ void *machine_password_lock( char *domain, char *name, BOOL update)
strcat(mac_file, name);
strcat(mac_file, ".mac");
- if((fp = fopen(mac_file, "r+b")) == 0) {
- DEBUG(0,("machine_password_lock: cannot open file %s. Error was %s.\n",
+ if((fp = fopen(mac_file, "r+b")) == NULL) {
+ DEBUG(0,("machine_password_lock: cannot open file %s - Error was %s.\n",
mac_file, strerror(errno) ));
return NULL;
}
@@ -1111,9 +1117,10 @@ void *machine_password_lock( char *domain, char *name, BOOL update)
chmod(mac_file, 0600);
}
- if(pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0),
- 60, &mach_passwd_lock_depth) == False) {
- DEBUG(0,("machine_password_lock: cannot lock file %s.\n", mac_file));
+ if(!pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0),
+ 60, &mach_passwd_lock_depth))
+ {
+ DEBUG(0,("machine_password_lock: cannot lock file %s\n", mac_file));
fclose(fp);
return NULL;
}
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 21424592f1..f2ab29001e 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -1932,6 +1932,8 @@ BOOL domain_client_validate( char *user, char *domain,
}
}
+ become_root(False);
+
/*
* Get the machine account password.
*/
@@ -1950,6 +1952,8 @@ machine %s in domain %s.\n", global_myname, global_myworkgroup ));
machine_password_unlock(vp);
+ unbecome_root(False);
+
/*
* Here we should check the last change time to see if the machine
* password needs changing..... TODO... JRA.