diff options
-rw-r--r-- | source3/include/proto.h | 43 | ||||
-rw-r--r-- | source3/passdb/passdb.c | 57 | ||||
-rw-r--r-- | source3/passdb/pdb_tdb.c | 20 | ||||
-rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 20 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe.c | 8 | ||||
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 96 | ||||
-rw-r--r-- | source3/rpc_server/srv_util.c | 8 | ||||
-rw-r--r-- | source3/smbd/chgpasswd.c | 10 | ||||
-rw-r--r-- | source3/smbd/lanman.c | 4 | ||||
-rw-r--r-- | source3/smbd/password.c | 18 | ||||
-rw-r--r-- | source3/smbd/reply.c | 10 | ||||
-rw-r--r-- | source3/utils/pdbedit.c | 15 | ||||
-rw-r--r-- | source3/utils/smbpasswd.c | 4 |
13 files changed, 191 insertions, 122 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 83d9f3bd6c..59f80c99ae 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -674,7 +674,6 @@ void all_string_sub(char *s,const char *pattern,const char *insert, size_t len); void split_at_last_component(char *path, char *front, char sep, char *back); char *octal_string(int i); char *string_truncate(char *s, int length); -void parse_domain_user(char *domuser, fstring domain, fstring user); /*The following definitions come from lib/util_unistr.c */ @@ -1668,6 +1667,45 @@ int write_sock(void *buffer, int count); int read_reply(struct winbindd_response *response); void free_response(struct winbindd_response *response); +/*The following definitions come from nsswitch/winbindd_glue.c */ + +BOOL wb_lsa_open_policy(char *server, BOOL sec_qos, uint32 des_access, + CLI_POLICY_HND *pol); +BOOL wb_lsa_enum_trust_dom(CLI_POLICY_HND *hnd, uint32 *enum_ctx, + uint32 * num_doms, char ***names, DOM_SID **sids); +BOOL wb_lsa_query_info_pol(CLI_POLICY_HND *hnd, uint16 info_class, + fstring domain_name, DOM_SID *domain_sid); +BOOL wb_lsa_lookup_names(CLI_POLICY_HND *hnd, int num_names, char **names, + DOM_SID **sids, uint32 **types, int *num_sids); +BOOL wb_lsa_lookup_sids(CLI_POLICY_HND *hnd, int num_sids, DOM_SID *sids, + char ***names, uint32 **types, int *num_names); +BOOL wb_lsa_close(CLI_POLICY_HND *hnd); +BOOL wb_samr_close(CLI_POLICY_HND *hnd); +BOOL wb_samr_connect(char *srv_name, uint32 access_mask, + CLI_POLICY_HND *connect_pol); +BOOL wb_samr_open_domain(CLI_POLICY_HND *connect_pol, uint32 ace_perms, + DOM_SID *sid, CLI_POLICY_HND *domain_pol); +void wb_free_samr_userinfo_ctr(SAM_USERINFO_CTR * ctr); +uint32 wb_samr_enum_dom_groups(CLI_POLICY_HND *pol, uint32 *start_idx, + uint32 size, struct acct_info **sam, + uint32 *num_sam_groups); +BOOL wb_get_samr_query_userinfo(CLI_POLICY_HND *pol, uint32 info_level, + uint32 user_rid, SAM_USERINFO_CTR *ctr); +BOOL wb_samr_open_user(CLI_POLICY_HND *pol, uint32 access_mask, uint32 rid, + POLICY_HND *user_pol); +BOOL wb_samr_query_usergroups(CLI_POLICY_HND *pol, uint32 *num_groups, + DOM_GID **gid); +BOOL wb_get_samr_query_groupinfo(CLI_POLICY_HND *pol, uint32 info_level, + uint32 group_rid, GROUP_INFO_CTR *ctr); +BOOL wb_sam_query_groupmem(CLI_POLICY_HND *pol, uint32 group_rid, + uint32 *num_names, uint32 **rid_mem, + char ***names, uint32 **name_types); +BOOL wb_samr_query_dom_info(CLI_POLICY_HND *pol, uint16 switch_value, + SAM_UNK_CTR *ctr); +BOOL wb_samr_query_dispinfo(CLI_POLICY_HND *pol, uint32 *start_ndx, + uint16 info_level, uint32 *num_entries, + SAM_DISPINFO_CTR *ctr); + /*The following definitions come from param/loadparm.c */ void lp_talloc_free(void); @@ -1989,7 +2027,8 @@ BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd, BOOL initialize_password_db(BOOL reload); BOOL pdb_init_sam(SAM_ACCOUNT **user); -BOOL pdb_clear_sam(SAM_ACCOUNT *user); +BOOL pdb_free_sam(SAM_ACCOUNT *user); +BOOL pdb_reset_sam(SAM_ACCOUNT *user); struct sam_disp_info *pdb_sam_to_dispinfo(SAM_ACCOUNT *user); char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length); uint16 pdb_decode_acct_ctrl(const char *p); diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 3df58b2e7a..396eaf61f2 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -139,12 +139,12 @@ BOOL pdb_init_sam(SAM_ACCOUNT **user) /************************************************************ free the SAM_ACCOUNT and the NT/LM hashes. ***********************************************************/ -BOOL pdb_clear_sam(SAM_ACCOUNT *user) +BOOL pdb_free_sam(SAM_ACCOUNT *user) { if (user == NULL) { - DEBUG(0,("pdb_clear_sam: SAM_ACCOUNT was NULL\n")); + DEBUG(0,("pdb_free_sam: SAM_ACCOUNT was NULL\n")); #if 0 - smb_panic("NULL pointer passed to pdb_clear_sam\n"); + smb_panic("NULL pointer passed to pdb_free_sam\n"); #endif return False; } @@ -156,10 +156,32 @@ BOOL pdb_clear_sam(SAM_ACCOUNT *user) free(user->lm_pw); free(user); + user = NULL; return True; } +/************************************************************ + reset the SAM_ACCOUNT and the NT/LM hashes. + ***********************************************************/ + +BOOL pdb_reset_sam(SAM_ACCOUNT *user) +{ + if (user == NULL) { + DEBUG(0,("pdb_reset_sam: SAM_ACCOUNT was NULL\n")); + return False; + } + + if (user->nt_pw) + free(user->nt_pw); + + if (user->lm_pw) + free(user->lm_pw); + + ZERO_STRUCTP(user); + + return True; +} /************************************************************************* Routine to return the next entry in the sam passwd list. @@ -854,15 +876,12 @@ account without a valid local system user.\n", user_name); /* Get the smb passwd entry for this user */ pdb_init_sam(&sam_pass); - if(!pdb_getsampwnam(sam_pass, user_name)) { - pdb_clear_sam(sam_pass); - return False; - } - - if (sam_pass == NULL) { + if(!pdb_getsampwnam(sam_pass, user_name)) + { + pdb_free_sam(sam_pass); + if(!(local_flags & LOCAL_ADD_USER)) { slprintf(err_str, err_str_len-1,"Failed to find entry for user %s.\n", user_name); - pdb_clear_sam(sam_pass); return False; } @@ -895,15 +914,13 @@ account without a valid local system user.\n", user_name); pdb_set_nt_passwd (new_sam_acct, new_nt_p16); } - pdb_clear_sam(sam_pass); - if (pdb_add_sam_account(new_sam_acct)) { slprintf(msg_str, msg_str_len-1, "Added user %s.\n", user_name); - pdb_clear_sam(new_sam_acct); + pdb_free_sam(new_sam_acct); return True; } else { slprintf(err_str, err_str_len-1, "Failed to add entry for user %s.\n", user_name); - pdb_clear_sam(new_sam_acct); + pdb_free_sam(new_sam_acct); return False; } } else { @@ -925,13 +942,14 @@ account without a valid local system user.\n", user_name); pdb_set_nt_passwd (sam_pass, new_nt_p16); } pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED)); - } else if (local_flags & LOCAL_SET_NO_PASSWORD) { + } + else if (local_flags & LOCAL_SET_NO_PASSWORD) { pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_PWNOTREQ); /* This is needed to preserve ACB_PWNOTREQ in mod_smbfilepwd_entry */ pdb_set_lanman_passwd (sam_pass, NULL); pdb_set_nt_passwd (sam_pass, NULL); - } + } else { /* @@ -953,7 +971,7 @@ account without a valid local system user.\n", user_name); if(local_flags & LOCAL_DELETE_USER) { if (!pdb_delete_sam_account(user_name)) { slprintf(err_str,err_str_len-1, "Failed to delete entry for user %s.\n", user_name); - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return False; } slprintf(msg_str, msg_str_len-1, "Deleted user %s.\n", user_name); @@ -962,7 +980,7 @@ account without a valid local system user.\n", user_name); { if(!pdb_update_sam_account(sam_pass, True)) { slprintf(err_str, err_str_len-1, "Failed to modify entry for user %s.\n", user_name); - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return False; } if(local_flags & LOCAL_DISABLE_USER) @@ -973,7 +991,7 @@ account without a valid local system user.\n", user_name); slprintf(msg_str, msg_str_len-1, "User %s password set to none.\n", user_name); } - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return True; } @@ -1569,3 +1587,4 @@ BOOL pdb_set_hours (SAM_ACCOUNT *sampass, uint8 *hours) return True; } + diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c index 0bf8ca2da5..f2b98adebd 100644 --- a/source3/passdb/pdb_tdb.c +++ b/source3/passdb/pdb_tdb.c @@ -79,6 +79,7 @@ static BOOL init_sam_from_buffer (SAM_ACCOUNT *sampass, uint8 *buf, *nt_pw_ptr; uint32 len = 0; uint32 lmpwlen, ntpwlen, hourslen; + /* unpack the buffer into variables */ len = tdb_unpack (buf, buflen, TDB_FORMAT_STRING, @@ -148,6 +149,7 @@ static BOOL init_sam_from_buffer (SAM_ACCOUNT *sampass, uint8 *buf, pdb_set_logons_divs(sampass, logon_divs); pdb_set_hours(sampass, hours); + /* TODO: free TDB alloced memory !!!!! */ return True; } @@ -491,7 +493,6 @@ BOOL pdb_getsampwnam (SAM_ACCOUNT *user, char *sname) } /* unpack the buffer */ - /*pdb_clear_sam (&global_sam_pass);*/ if (!init_sam_from_buffer (user, data.dptr, data.dsize)) { DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n")); @@ -543,7 +544,7 @@ BOOL pdb_getsampwuid (SAM_ACCOUNT* user, uid_t uid) if (pw == NULL) { DEBUG(0,("pdb_getsampwuid: getpwuid(%d) return NULL. User does not exist!\n", uid)); - return NULL; + return False; } fstrcpy (name, pw->pw_name); @@ -606,6 +607,7 @@ BOOL pdb_getsampwrid (SAM_ACCOUNT *user, uint32 rid) BOOL pdb_delete_sam_account(char *sname) { struct passwd *pwd = NULL; + SAM_ACCOUNT *sam_pass = NULL; TDB_CONTEXT *pwd_tdb; TDB_DATA key, data; fstring keystr; @@ -642,14 +644,22 @@ BOOL pdb_delete_sam_account(char *sname) } /* unpack the buffer */ - pdb_clear_sam (&global_sam_pass); - if (!init_sam_from_buffer (&global_sam_pass, data.dptr, data.dsize)) + if (!pdb_init_sam (&sam_pass)) + { + tdb_close (pwd_tdb); + return False; + } + + if (!init_sam_from_buffer (sam_pass, data.dptr, data.dsize)) { DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n")); + tdb_close (pwd_tdb); return False; } - pwd = sys_getpwnam(global_sam_pass.username); + pwd = sys_getpwnam(sam_pass->username); + + pdb_free_sam (sam_pass); rid = pdb_uid_to_user_rid (pwd->pw_uid); diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 2047aaf255..065f94702c 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -149,19 +149,19 @@ static BOOL get_md4pw(char *md4pw, char *mach_acct) if (ret==False) { DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return False; } if (!(pdb_get_acct_ctrl(sampass) & ACB_DISABLED) && ((pass=pdb_get_nt_passwd(sampass)) != NULL)) { memcpy(md4pw, pass, 16); dump_data(5, md4pw, 16); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return True; } DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return False; } @@ -347,7 +347,7 @@ uint32 _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_ /* Ensure the account exists and is a machine account. */ if (ret==False || !(pdb_get_acct_ctrl(sampass) & ACB_WSTRUST)) { - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return NT_STATUS_NO_SUCH_USER; } @@ -358,7 +358,7 @@ uint32 _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_ */ if (!strequal(mach_acct, p->dc.mach_acct)) { - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return NT_STATUS_ACCESS_DENIED; } @@ -385,7 +385,7 @@ uint32 _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_ /* set up the LSA Server Password Set response */ init_net_r_srv_pwset(r_u, &srv_cred, status); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return r_u->status; } @@ -586,14 +586,14 @@ uint32 _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *r_ unbecome_root(); if (ret == False){ - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return NT_STATUS_NO_SUCH_USER; } acct_ctrl = pdb_get_acct_ctrl(sampass); if (acct_ctrl & ACB_DISABLED) { - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return NT_STATUS_ACCOUNT_DISABLED; } @@ -613,7 +613,7 @@ uint32 _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *r_ } if (status != NT_STATUS_NOPROBLEMO) { - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return status; } @@ -671,6 +671,6 @@ uint32 _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *r_ &global_sam_sid, /* DOM_SID *dom_sid */ NULL); /* char *other_sids */ } - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return status; } diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 7060979ce4..345664a396 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -375,7 +375,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name if(!pdb_getsampwnam(sampass, pipe_user_name)) { DEBUG(1,("api_pipe_ntlmssp_verify: Cannot find user %s in smb passwd database.\n", pipe_user_name)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); unbecome_root(); return False; } @@ -385,13 +385,13 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name /* Quit if the account was disabled. */ if((pdb_get_acct_ctrl(sampass) & ACB_DISABLED) || !pdb_get_lanman_passwd(sampass)) { DEBUG(1,("Account for user '%s' was disabled.\n", pipe_user_name)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return False; } if(!pdb_get_nt_passwd(sampass)) { DEBUG(1,("Account for user '%s' has no NT password hash.\n", pipe_user_name)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return False; } @@ -460,7 +460,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name p->ntlmssp_auth_validated = True; - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return True; } diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 38b4bbd0a9..8c8418d2e0 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -105,7 +105,7 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx, if (!pdb_setsampwent(False)) { DEBUG(0, ("get_sampwd_entries: Unable to open passdb.\n")); - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return False; } @@ -146,7 +146,7 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx, } pdb_endsampwent(); - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return (*num_entries) > 0; } @@ -217,7 +217,7 @@ static BOOL jf_get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx, *total_entries = *num_entries; - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return True; } @@ -1419,12 +1419,12 @@ uint32 _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_U /* check that the RID exists in our domain. */ if (ret == False) { - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return NT_STATUS_NO_SUCH_USER; } samr_clear_sam_passwd(sampass); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); /* Get the domain SID stored in the domain policy */ if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid)) @@ -1470,7 +1470,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid) if (ret==False) { DEBUG(4,("User 0x%x not found\n", user_rid)); - pdb_clear_sam(smbpass); + pdb_free_sam(smbpass); return False; } @@ -1479,7 +1479,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid) init_sam_user_info10(id10, pdb_get_acct_ctrl(smbpass) ); samr_clear_sam_passwd(smbpass); - pdb_clear_sam(smbpass); + pdb_free_sam(smbpass); return True; } @@ -1510,20 +1510,20 @@ static uint32 get_user_info_12(pipes_struct *p, SAM_USER_INFO_12 * id12, uint32 if (ret == False) { DEBUG(4, ("User 0x%x not found\n", user_rid)); - pdb_clear_sam(smbpass); + pdb_free_sam(smbpass); return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED; } DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) )); if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED) { - pdb_clear_sam(smbpass); + pdb_free_sam(smbpass); return NT_STATUS_ACCOUNT_DISABLED; } init_sam_user_info12(id12, pdb_get_lanman_passwd(smbpass), pdb_get_nt_passwd(smbpass)); - pdb_clear_sam(smbpass); + pdb_free_sam(smbpass); return NT_STATUS_NOPROBLEMO; } @@ -1548,7 +1548,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid) if (ret == False) { DEBUG(4,("User 0x%x not found\n", user_rid)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return False; } @@ -1558,7 +1558,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid) init_sam_user_info21A(id21, sampass); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return True; } @@ -1800,7 +1800,7 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR unbecome_root(); if (ret == True) { /* machine account exists: say so */ - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return NT_STATUS_USER_EXISTS; } @@ -1835,7 +1835,7 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR sizeof(err_str), msg_str, sizeof(msg_str))) { DEBUG(0, ("%s\n", err_str)); close_policy_hnd(p, user_pol); - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return NT_STATUS_ACCESS_DENIED; } @@ -1845,27 +1845,27 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR if (ret == False) { /* account doesn't exist: say so */ close_policy_hnd(p, user_pol); - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return NT_STATUS_ACCESS_DENIED; } /* Get the domain SID stored in the domain policy */ if(!get_lsa_policy_samr_sid(p, &dom_pol, &sid)) { close_policy_hnd(p, user_pol); - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return NT_STATUS_INVALID_HANDLE; } /* append the user's RID to it */ if(!sid_append_rid(&sid, pdb_get_user_rid(sam_pass) )) { close_policy_hnd(p, user_pol); - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return NT_STATUS_NO_SUCH_USER; } /* associate the user's SID with the new handle. */ if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL) { - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return NT_STATUS_NO_MEMORY; } @@ -1874,14 +1874,14 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR /* get a (unique) handle. open a policy on it. */ if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) { - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } r_u->user_rid=sam_pass->user_rid; r_u->unknown_0 = 0x000703ff; - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return NT_STATUS_NO_PROBLEMO; } @@ -2077,24 +2077,24 @@ static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, uint32 rid) ret = pdb_getsampwrid(pwd, rid); if(ret==False) { - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return False; } if (id10 == NULL) { DEBUG(5, ("set_user_info_10: NULL id10\n")); - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return False; } pdb_set_acct_ctrl(pwd, id10->acb_info); if(!pdb_update_sam_account(pwd, True)) { - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return False; } - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return True; } @@ -2111,13 +2111,13 @@ static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid) pdb_init_sam(&pwd); if(!pdb_getsampwrid(pwd, rid)) { - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return False; } if (id12 == NULL) { DEBUG(2, ("set_user_info_12: id12 is NULL\n")); - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return False; } @@ -2125,11 +2125,11 @@ static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid) pdb_set_nt_passwd (pwd, id12->nt_pwd); if(!pdb_update_sam_account(pwd, True)) { - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return False; } - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return True; } @@ -2151,8 +2151,8 @@ static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid) pdb_init_sam(&new_pwd); if (!pdb_getsampwrid(pwd, rid)) { - pdb_clear_sam(pwd); - pdb_clear_sam(new_pwd); + pdb_free_sam(pwd); + pdb_free_sam(new_pwd); return False; } @@ -2169,13 +2169,13 @@ static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid) /* write the change out */ if(!pdb_update_sam_account(new_pwd, True)) { - pdb_clear_sam(pwd); - pdb_clear_sam(new_pwd); + pdb_free_sam(pwd); + pdb_free_sam(new_pwd); return False; } - pdb_clear_sam(pwd); - pdb_clear_sam(new_pwd); + pdb_free_sam(pwd); + pdb_free_sam(new_pwd); return True; } @@ -2203,20 +2203,20 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid) pdb_init_sam(&new_pwd); if (pdb_getsampwrid(pwd, rid)) { - pdb_clear_sam(pwd); - pdb_clear_sam(new_pwd); + pdb_free_sam(pwd); + pdb_free_sam(new_pwd); return False; } acct_ctrl = pdb_get_acct_ctrl(pwd); copy_sam_passwd(new_pwd, pwd); - pdb_clear_sam(pwd); + pdb_free_sam(pwd); copy_id23_to_sam_passwd(new_pwd, id23); if (!decode_pw_buffer((char*)id23->pass, buf, 256, &len, nt_hash, lm_hash)) { - pdb_clear_sam(new_pwd); + pdb_free_sam(new_pwd); return False; } @@ -2232,7 +2232,7 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid) /* update the UNIX password */ if (lp_unix_password_sync() ) if(!chgpasswd(pdb_get_username(new_pwd), "", buf, True)) { - pdb_clear_sam(new_pwd); + pdb_free_sam(new_pwd); return False; } } @@ -2240,11 +2240,11 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid) memset(buf, 0, sizeof(buf)); if(!pdb_update_sam_account(new_pwd, True)) { - pdb_clear_sam(new_pwd); + pdb_free_sam(new_pwd); return False; } - pdb_clear_sam(new_pwd); + pdb_free_sam(new_pwd); return True; } @@ -2265,7 +2265,7 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid) pdb_init_sam(&pwd); if (!pdb_getsampwrid(pwd, rid)) { - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return False; } @@ -2274,7 +2274,7 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid) memset(buf, 0, sizeof(buf)); if (!decode_pw_buffer((char*)id24->pass, buf, 256, &len, nt_hash, lm_hash)) { - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return False; } @@ -2290,7 +2290,7 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid) /* update the UNIX password */ if (lp_unix_password_sync()) if(!chgpasswd(pdb_get_username(pwd), "", buf, True)) { - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return False; } } @@ -2301,11 +2301,11 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid) /* update the SAMBA password */ if(!pdb_update_sam_account(pwd, True)) { - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return False; } - pdb_clear_sam(pwd); + pdb_free_sam(pwd); return True; } @@ -2364,14 +2364,14 @@ uint32 _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SET_ unbecome_root(); if(ret == False) { DEBUG(0,("_samr_set_userinfo: Unable to get smbpasswd entry for uid %u\n", (unsigned int)user.uid )); - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); return NT_STATUS_ACCESS_DENIED; } memset(sess_key, '\0', 16); mdfour(sess_key, pdb_get_nt_passwd(sam_pass), 16); - pdb_clear_sam(sam_pass); + pdb_free_sam(sam_pass); /* ok! user info levels (lots: see MSDEV help), off we go... */ switch (switch_value) { diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index b4472671fc..861d47b9d8 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -277,12 +277,12 @@ uint32 local_lookup_user_name(uint32 rid, char *user_name, uint32 *type) if (ret == True) { fstrcpy(user_name, pdb_get_username(sampwd) ); DEBUG(5,(" = %s\n", user_name)); - pdb_clear_sam(sampwd); + pdb_free_sam(sampwd); return 0x0; } DEBUG(5,(" none mapped\n")); - pdb_clear_sam(sampwd); + pdb_free_sam(sampwd); return NT_STATUS_NONE_MAPPED; } @@ -343,10 +343,10 @@ uint32 local_lookup_user_rid(char *user_name, uint32 *rid) if (ret == True) { (*rid) = pdb_get_user_rid(sampass); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return 0x0; } - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return NT_STATUS_NONE_MAPPED; } diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 2b4676eb33..cf1fca405a 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -565,7 +565,7 @@ BOOL check_lanman_password(char *user, uchar * pass1, if (ret == False) { DEBUG(0,("check_lanman_password: getsampwnam returned NULL\n")); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return False; } @@ -574,7 +574,7 @@ BOOL check_lanman_password(char *user, uchar * pass1, if (acct_ctrl & ACB_DISABLED) { DEBUG(0,("check_lanman_password: account %s disabled.\n", user)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return False; } @@ -586,7 +586,7 @@ BOOL check_lanman_password(char *user, uchar * pass1, } else if (lanman_pw == NULL) { DEBUG(0, ("check_lanman_password: no lanman password !\n")); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return False; } @@ -599,7 +599,7 @@ BOOL check_lanman_password(char *user, uchar * pass1, /* Check that the two old passwords match. */ if (memcmp(lanman_pw, unenc_old_pw, 16)) { DEBUG(0,("check_lanman_password: old password doesn't match.\n")); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return False; } @@ -692,7 +692,7 @@ BOOL pass_oem_change(char *user, memset(new_passwd, 0, sizeof(new_passwd)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return ret; } diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index d5dd876670..69a0fa5ac3 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1788,7 +1788,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param if(lp_unix_password_sync() && !chgpasswd(user,pass1,saved_pass2,False)) SSVAL(*rparam,0,NERR_badpass); } - pdb_clear_sam(sampass); + pdb_free_sam(sampass); } @@ -1825,7 +1825,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param { SSVAL(*rparam,0,NERR_Success); } - pdb_clear_sam(hnd); + pdb_free_sam(hnd); } diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 0bc21dbbd6..01fc9cdd53 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -376,7 +376,7 @@ static BOOL update_smbpassword_file(char *user, char *password) if(ret == False) { DEBUG(0,("pdb_getsampwnam returned NULL\n")); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return False; } @@ -393,7 +393,7 @@ static BOOL update_smbpassword_file(char *user, char *password) DEBUG(3,("change_oem_password returned False\n")); } - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return ret; } @@ -558,14 +558,14 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal, if (ret == False) { DEBUG(1,("Couldn't find user '%s' in passdb file.\n", user)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return(False); } /* Quit if the account was disabled. */ if(pdb_get_acct_ctrl(sampass) & ACB_DISABLED) { DEBUG(1,("Account for user '%s' was disabled.\n", user)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return(False); } @@ -575,7 +575,7 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal, if (smb_pass->smb_userid != pass->pw_uid) { DEBUG(0,("Error : UNIX and SMB uids in password files do not match for user '%s'!\n", user)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return(False); } #endif @@ -585,25 +585,25 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal, if (lp_null_passwords()) { DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", user)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return(True); } else { DEBUG(3,("Account for user '%s' has no password and null passwords are NOT allowed.\n", user)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return(False); } } if (smb_password_ok(sampass, chal, lm_pwd, nt_pwd)) { - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return(True); } DEBUG(2,("pass_check_smb failed - invalid password for user [%s]\n", user)); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); return False; } diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c9ef881b59..41970c4040 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -436,7 +436,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out } else { DEBUG(0,("session_trust_account: Trust account %s only supported with security = user\n", user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - pdb_clear_sam(sam_trust_acct); + pdb_free_sam(sam_trust_acct); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } @@ -444,25 +444,25 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - pdb_clear_sam(sam_trust_acct); + pdb_free_sam(sam_trust_acct); return(ERROR(0, NT_STATUS_NO_SUCH_USER)); } else { if ((smb_passlen != 24) || (smb_nt_passlen != 24)) { DEBUG(0,("session_trust_account: Trust account %s - password length wrong.\n", user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - pdb_clear_sam(sam_trust_acct); + pdb_free_sam(sam_trust_acct); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } if (!smb_password_ok(sam_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - pdb_clear_sam(sam_trust_acct); + pdb_free_sam(sam_trust_acct); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } acct_ctrl = pdb_get_acct_ctrl(sam_trust_acct); - pdb_clear_sam(sam_trust_acct); + pdb_free_sam(sam_trust_acct); if (acct_ctrl & ACB_DOMTRUST) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index da57dbd8c8..ef62fe32df 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -122,12 +122,12 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) if (ret==False) { fprintf (stderr, "Username not found!\n"); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return -1; } ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return ret; } @@ -145,7 +145,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) ret = pdb_setsampwent(False); if (ret && errno == ENOENT) { fprintf (stderr,"Password database not found!\n"); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); exit(1); } @@ -153,10 +153,11 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) { if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); + pdb_reset_sam(sam_pwent); } pdb_endsampwent (); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return 0; } @@ -174,7 +175,7 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d if (ret==False) { fprintf (stderr, "Username not found!\n"); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return -1; } @@ -188,10 +189,10 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d else { fprintf (stderr, "Unable to modify entry!\n"); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return -1; } - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return 0; } diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index 2131ea0d8f..00a7d3c1c1 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -420,7 +420,7 @@ static int process_root(int argc, char *argv[]) if((sampass != False) && (pdb_get_lanman_passwd(sampass) != NULL)) { new_passwd = xstrdup("XXXX"); /* Don't care. */ } - pdb_clear_sam(sampass); + pdb_free_sam(sampass); } if(!new_passwd) @@ -451,7 +451,7 @@ static int process_root(int argc, char *argv[]) if((ret != False) && (pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ) ) printf(" User has no password flag set."); printf("\n"); - pdb_clear_sam(sampass); + pdb_free_sam(sampass); } done: |