diff options
-rw-r--r-- | source3/include/proto.h | 7 | ||||
-rw-r--r-- | source3/libsmb/passchange.c | 17 | ||||
-rw-r--r-- | source3/passdb/smbpasschange.c | 29 | ||||
-rw-r--r-- | source3/utils/smbpasswd.c | 22 | ||||
-rw-r--r-- | source3/web/swat.c | 22 |
5 files changed, 70 insertions, 27 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 547458c07d..aa2d3b6486 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -512,7 +512,8 @@ char *get_nt_error_msg(uint32 nt_code); /*The following definitions come from libsmb/passchange.c */ BOOL remote_password_change(const char *remote_machine, const char *user_name, - const char *old_passwd, const char *new_passwd); + const char *old_passwd, const char *new_passwd, + char *err_str, size_t err_str_len); /*The following definitions come from libsmb/pwd_cache.c */ @@ -1223,7 +1224,9 @@ struct passdb_ops *file_initialize_password_db(void); BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user, BOOL enable_user, BOOL disable_user, BOOL set_no_password, - char *new_passwd); + char *new_passwd, + char *err_str, size_t err_str_len, + char *msg_str, size_t msg_str_len); /*The following definitions come from passdb/smbpassfile.c */ diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c index 7d89cbd3d7..4cca1927fa 100644 --- a/source3/libsmb/passchange.c +++ b/source3/libsmb/passchange.c @@ -29,14 +29,15 @@ extern pstring scope; change a password on a remote machine using IPC calls *************************************************************/ BOOL remote_password_change(const char *remote_machine, const char *user_name, - const char *old_passwd, const char *new_passwd) + const char *old_passwd, const char *new_passwd, + char *err_str, size_t err_str_len) { struct nmb_name calling, called; struct cli_state cli; struct in_addr ip; if(!resolve_name( remote_machine, &ip, 0x20)) { - fprintf(stderr, "unable to find an IP address for machine %s.\n", + slprintf(err_str, err_str_len-1, "unable to find an IP address for machine %s.\n", remote_machine ); return False; } @@ -44,7 +45,7 @@ BOOL remote_password_change(const char *remote_machine, const char *user_name, ZERO_STRUCT(cli); if (!cli_initialise(&cli) || !cli_connect(&cli, remote_machine, &ip)) { - fprintf(stderr, "unable to connect to SMB server on machine %s. Error was : %s.\n", + slprintf(err_str, err_str_len-1, "unable to connect to SMB server on machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli) ); return False; } @@ -53,7 +54,7 @@ BOOL remote_password_change(const char *remote_machine, const char *user_name, make_nmb_name(&called , remote_machine, 0x20, scope); if (!cli_session_request(&cli, &calling, &called)) { - fprintf(stderr, "machine %s rejected the session setup. Error was : %s.\n", + slprintf(err_str, err_str_len-1, "machine %s rejected the session setup. Error was : %s.\n", remote_machine, cli_errstr(&cli) ); cli_shutdown(&cli); return False; @@ -62,7 +63,7 @@ BOOL remote_password_change(const char *remote_machine, const char *user_name, cli.protocol = PROTOCOL_NT1; if (!cli_negprot(&cli)) { - fprintf(stderr, "machine %s rejected the negotiate protocol. Error was : %s.\n", + slprintf(err_str, err_str_len-1, "machine %s rejected the negotiate protocol. Error was : %s.\n", remote_machine, cli_errstr(&cli) ); cli_shutdown(&cli); return False; @@ -75,21 +76,21 @@ BOOL remote_password_change(const char *remote_machine, const char *user_name, */ if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) { - fprintf(stderr, "machine %s rejected the session setup. Error was : %s.\n", + slprintf(err_str, err_str_len-1, "machine %s rejected the session setup. Error was : %s.\n", remote_machine, cli_errstr(&cli) ); cli_shutdown(&cli); return False; } if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) { - fprintf(stderr, "machine %s rejected the tconX on the IPC$ share. Error was : %s.\n", + slprintf(err_str, err_str_len-1, "machine %s rejected the tconX on the IPC$ share. Error was : %s.\n", remote_machine, cli_errstr(&cli) ); cli_shutdown(&cli); return False; } if(!cli_oem_change_password(&cli, user_name, new_passwd, old_passwd)) { - fprintf(stderr, "machine %s rejected the password change: Error was : %s.\n", + slprintf(err_str, err_str_len-1, "machine %s rejected the password change: Error was : %s.\n", remote_machine, cli_errstr(&cli) ); cli_shutdown(&cli); return False; diff --git a/source3/passdb/smbpasschange.c b/source3/passdb/smbpasschange.c index 4e2813316e..71bfc65f84 100644 --- a/source3/passdb/smbpasschange.c +++ b/source3/passdb/smbpasschange.c @@ -56,7 +56,9 @@ change a password entry in the local smbpasswd file *************************************************************/ BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user, BOOL enable_user, BOOL disable_user, BOOL set_no_password, - char *new_passwd) + char *new_passwd, + char *err_str, size_t err_str_len, + char *msg_str, size_t msg_str_len) { struct passwd *pwd; void *vp; @@ -64,6 +66,9 @@ BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user, uchar new_p16[16]; uchar new_nt_p16[16]; + *err_str = '\0'; + *msg_str = '\0'; + pwd = getpwnam(user_name); /* @@ -71,8 +76,9 @@ BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user, */ if(trust_account && !pwd) { - fprintf(stderr, "User %s does not exist in system password file (usually /etc/passwd). Cannot add machine account without a valid system user.\n", - user_name); + slprintf(err_str, err_str_len - 1, "User %s does not \ +exist in system password file (usually /etc/passwd). Cannot add machine \ +account without a valid system user.\n", user_name); return False; } @@ -85,7 +91,8 @@ BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user, vp = startsmbpwent(True); if (!vp && errno == ENOENT) { FILE *fp; - fprintf(stderr,"smbpasswd file did not exist - attempting to create it.\n"); + slprintf(msg_str,msg_str_len-1, + "smbpasswd file did not exist - attempting to create it.\n"); fp = fopen(lp_smb_passwd_file(), "w"); if (fp) { fprintf(fp, "# Samba SMB password file\n"); @@ -95,7 +102,8 @@ BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user, } if (!vp) { - perror(lp_smb_passwd_file()); + slprintf(err_str, err_str_len-1, "Cannot open file %s. Error was %s\n", + lp_smb_passwd_file(), strerror(errno) ); return False; } @@ -103,19 +111,19 @@ BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user, smb_pwent = getsmbpwnam(user_name); if (smb_pwent == NULL) { if(add_user == False) { - fprintf(stderr, "Failed to find entry for user %s.\n", - pwd->pw_name); + slprintf(err_str, err_str_len-1, + "Failed to find entry for user %s.\n", pwd->pw_name); endsmbpwent(vp); return False; } if (add_new_user(user_name, pwd->pw_uid, trust_account, disable_user, set_no_password, new_p16, new_nt_p16)) { - printf("Added user %s.\n", user_name); + slprintf(msg_str, msg_str_len-1, "Added user %s.\n", user_name); endsmbpwent(vp); return True; } else { - fprintf(stderr, "Failed to add entry for user %s.\n", user_name); + slprintf(err_str, err_str_len-1, "Failed to add entry for user %s.\n", user_name); endsmbpwent(vp); return False; } @@ -149,7 +157,7 @@ BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user, } if(mod_smbpwd_entry(smb_pwent,True) == False) { - fprintf(stderr, "Failed to modify entry for user %s.\n", + slprintf(err_str, err_str_len-1, "Failed to modify entry for user %s.\n", pwd->pw_name); endsmbpwent(vp); return False; @@ -159,4 +167,3 @@ BOOL local_password_change(char *user_name, BOOL trust_account, BOOL add_user, return True; } - diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index e9d0e3d313..2adb6d9523 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -220,16 +220,32 @@ static BOOL password_change(const char *remote_machine, char *user_name, BOOL disable_user, BOOL set_no_password, BOOL trust_account) { + BOOL ret; + pstring err_str; + pstring msg_str; + if (remote_machine != NULL) { if (add_user || enable_user || disable_user || set_no_password || trust_account) { /* these things can't be done remotely yet */ return False; } - return remote_password_change(remote_machine, user_name, old_passwd, new_passwd); + ret = remote_password_change(remote_machine, user_name, + old_passwd, new_passwd, err_str, sizeof(err_str)); + if(*err_str) + fprintf(stderr, err_str); + return ret; } - return local_password_change(user_name, trust_account, add_user, enable_user, - disable_user, set_no_password, new_passwd); + ret = local_password_change(user_name, trust_account, add_user, enable_user, + disable_user, set_no_password, new_passwd, + err_str, sizeof(err_str), msg_str, sizeof(msg_str)); + + if(*msg_str) + printf(msg_str); + if(*err_str) + fprintf(stderr, err_str); + + return ret; } diff --git a/source3/web/swat.c b/source3/web/swat.c index ecfc480395..852d7c0933 100644 --- a/source3/web/swat.c +++ b/source3/web/swat.c @@ -584,13 +584,21 @@ static BOOL change_password(const char *remote_machine, char *user_name, char *old_passwd, char *new_passwd, BOOL add_user, BOOL enable_user, BOOL disable_user) { + BOOL ret = False; + pstring err_str; + pstring msg_str; + if (demo_mode) { printf("password change in demo mode rejected\n<p>"); return False; } if (remote_machine != NULL) { - return remote_password_change(remote_machine, user_name, old_passwd, new_passwd); + ret = remote_password_change(remote_machine, user_name, old_passwd, + new_passwd, err_str, sizeof(err_str)); + if(*err_str) + printf("%s\n<p>", err_str); + return ret; } if(!initialize_password_db()) { @@ -598,8 +606,16 @@ static BOOL change_password(const char *remote_machine, char *user_name, return False; } - return local_password_change(user_name, False, add_user, enable_user, - disable_user, False, new_passwd); + ret = local_password_change(user_name, False, add_user, enable_user, + disable_user, False, new_passwd, err_str, sizeof(err_str), + msg_str, sizeof(msg_str)); + + if(*msg_str) + printf("%\n<p>", msg_str); + if(*err_str) + printf("%s\n<p>", err_str); + + return ret; } /**************************************************************************** |