diff options
-rw-r--r-- | source3/auth/pass_check.c | 9 | ||||
-rw-r--r-- | source3/passdb/pass_check.c | 9 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe.c | 2 | ||||
-rw-r--r-- | source3/smbd/lanman.c | 2 | ||||
-rw-r--r-- | source3/smbd/password.c | 35 | ||||
-rw-r--r-- | source3/smbd/reply.c | 4 | ||||
-rw-r--r-- | source3/web/cgi.c | 4 |
7 files changed, 24 insertions, 41 deletions
diff --git a/source3/auth/pass_check.c b/source3/auth/pass_check.c index 9424189b23..677d298449 100644 --- a/source3/auth/pass_check.c +++ b/source3/auth/pass_check.c @@ -682,7 +682,7 @@ match is found and is used to update the encrypted password file return True on correct match, False otherwise ****************************************************************************/ -BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd, +BOOL pass_check(char *user, char *password, int pwlen, BOOL (*fn) (char *, char *)) { pstring pass2; @@ -702,12 +702,7 @@ BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd, if (((!*password) || (!pwlen)) && !lp_null_passwords()) return (False); - if (pwd && !user) { - pass = (struct passwd *)pwd; - user = pass->pw_name; - } else { - pass = Get_Pwnam(user, True); - } + pass = Get_Pwnam(user, True); #ifdef WITH_PAM diff --git a/source3/passdb/pass_check.c b/source3/passdb/pass_check.c index 9424189b23..677d298449 100644 --- a/source3/passdb/pass_check.c +++ b/source3/passdb/pass_check.c @@ -682,7 +682,7 @@ match is found and is used to update the encrypted password file return True on correct match, False otherwise ****************************************************************************/ -BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd, +BOOL pass_check(char *user, char *password, int pwlen, BOOL (*fn) (char *, char *)) { pstring pass2; @@ -702,12 +702,7 @@ BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd, if (((!*password) || (!pwlen)) && !lp_null_passwords()) return (False); - if (pwd && !user) { - pass = (struct passwd *)pwd; - user = pass->pw_name; - } else { - pass = Get_Pwnam(user, True); - } + pass = Get_Pwnam(user, True); #ifdef WITH_PAM diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index cdf914a164..cd17de77f3 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -363,7 +363,7 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm become_root(); if(!(p->ntlmssp_auth_validated = pass_check_smb(pipe_user_name, domain, - (uchar*)p->challenge, lm_owf, nt_owf, NULL))) { + (uchar*)p->challenge, lm_owf, nt_owf))) { DEBUG(1,("api_pipe_ntlmssp_verify: User %s\\%s from machine %s \ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name )); unbecome_root(); diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 6e3145aa7d..aaf8b3fafe 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1797,7 +1797,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param if(SVAL(*rparam,0) != NERR_Success) { - if (password_ok(user, pass1,strlen(pass1),NULL) && + if (password_ok(user, pass1,strlen(pass1)) && chgpasswd(user,pass1,pass2,False)) { SSVAL(*rparam,0,NERR_Success); diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 8bcd17d326..a0f730d7e2 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -520,7 +520,7 @@ return True if the password is correct, False otherwise ****************************************************************************/ BOOL pass_check_smb(char *user, char *domain, uchar *chal, - uchar *lm_pwd, uchar *nt_pwd, struct passwd *pwd) + uchar *lm_pwd, uchar *nt_pwd) { struct passwd *pass; SAM_ACCOUNT *sampass=NULL; @@ -533,17 +533,10 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal, /* FIXME! this code looks to be unnecessary now that the passdb validates that the username exists and has a valid uid */ - if (pwd != NULL && user == NULL) - { - pass = (struct passwd *) pwd; - user = pass->pw_name; - } - else - { - /* I don't get this call here. I think it should be moved. - Need to check on it. --jerry */ - pass = smb_getpwnam(user,True); - } + + /* I don't get this call here. I think it should be moved. + Need to check on it. --jerry */ + pass = smb_getpwnam(user,True); if (pass == NULL) { @@ -612,7 +605,7 @@ check if a username/password pair is OK either via the system password database or the encrypted SMB password database return True if the password is correct, False otherwise ****************************************************************************/ -BOOL password_ok(char *user, char *password, int pwlen, struct passwd *pwd) +BOOL password_ok(char *user, char *password, int pwlen) { BOOL ret; @@ -631,7 +624,7 @@ BOOL password_ok(char *user, char *password, int pwlen, struct passwd *pwd) } ret = pass_check_smb(user, global_myworkgroup, - challenge, (uchar *)password, (uchar *)password, pwd); + challenge, (uchar *)password, (uchar *)password); /* * Try with PAM (may not be compiled in - returns True if not. JRA). @@ -643,7 +636,7 @@ BOOL password_ok(char *user, char *password, int pwlen, struct passwd *pwd) return (smb_pam_accountcheck(user) == NT_STATUS_NOPROBLEMO); } - return pass_check(user, password, pwlen, pwd, + return pass_check(user, password, pwlen, lp_update_encrypted() ? update_smbpassword_file : NULL); } @@ -692,7 +685,7 @@ static char *validate_group(char *group,char *password,int pwlen,int snum) while (getnetgrent(&host, &user, &domain)) { if (user) { if (user_ok(user, snum) && - password_ok(user,password,pwlen,NULL)) { + password_ok(user,password,pwlen)) { endnetgrent(); return(user); } @@ -747,7 +740,7 @@ static char *validate_group(char *group,char *password,int pwlen,int snum) static fstring name; fstrcpy(name,member); if (user_ok(name,snum) && - password_ok(name,password,pwlen,NULL)) { + password_ok(name,password,pwlen)) { endgrent(); return(&name[0]); } @@ -822,7 +815,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen, if (!(GUEST_ONLY(snum) && GUEST_OK(snum))) { /* check the given username and password */ if (!ok && (*user) && user_ok(user,snum)) { - ok = password_ok(user,password, pwlen, NULL); + ok = password_ok(user,password, pwlen); if (ok) DEBUG(3,("authorise_login: ACCEPTED: given username (%s) password ok\n", user )); @@ -831,7 +824,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen, /* check for a previously registered guest username */ if (!ok && (vuser != 0) && vuser->guest) { if (user_ok(vuser->user.unix_name,snum) && - password_ok(vuser->user.unix_name, password, pwlen, NULL)) { + password_ok(vuser->user.unix_name, password, pwlen)) { fstrcpy(user, vuser->user.unix_name); vuser->guest = False; DEBUG(3,("authorise_login: ACCEPTED: given password with registered user %s\n", user)); @@ -853,7 +846,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen, if (!user_ok(user2,snum)) continue; - if (password_ok(user2,password, pwlen, NULL)) { + if (password_ok(user2,password, pwlen)) { ok = True; fstrcpy(user,user2); DEBUG(3,("authorise_login: ACCEPTED: session list username (%s) \ @@ -902,7 +895,7 @@ and given password ok (%s)\n", user)); } else { fstring user2; fstrcpy(user2,auser); - if (user_ok(user2,snum) && password_ok(user2,password,pwlen,NULL)) { + if (user_ok(user2,snum) && password_ok(user2,password,pwlen)) { ok = True; fstrcpy(user,user2); DEBUG(3,("authorise_login: ACCEPTED: user list username \ diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index da0417203d..5abd737c37 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -945,7 +945,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if(smb_ntpasslen) { - if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL)) + if(!password_ok(user, smb_ntpasswd,smb_ntpasslen)) DEBUG(2,("NT Password did not match for user '%s'!\n", user)); else valid_nt_password = True; @@ -957,7 +957,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!valid_nt_password && lp_lanman_auth()) { DEBUG(2,("Defaulting to Lanman password for %s\n", user)); - valid_lm_password = password_ok(user, smb_apasswd,smb_apasslen,NULL); + valid_lm_password = password_ok(user, smb_apasswd,smb_apasslen); } diff --git a/source3/web/cgi.c b/source3/web/cgi.c index af9d2ea8f6..e47514904b 100644 --- a/source3/web/cgi.c +++ b/source3/web/cgi.c @@ -407,7 +407,7 @@ static BOOL cgi_handle_authorization(char *line) tested_pass = True; - if(pass_check(user, user_pass, strlen(user_pass), NULL, NULL) == True) { + if(pass_check(user, user_pass, strlen(user_pass), NULL) == True) { /* * Password was ok. @@ -434,7 +434,7 @@ static BOOL cgi_handle_authorization(char *line) if (!tested_pass) pass_check(default_user_lookup, default_user_pass, - strlen(default_user_pass), NULL, NULL); + strlen(default_user_pass), NULL); cgi_setup_error("401 Bad Authorization", "", "username or password incorrect"); |