summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source3/auth/auth.c4
-rw-r--r--source3/auth/auth_sam.c4
-rw-r--r--source3/auth/auth_unix.c32
-rw-r--r--source3/rpc_server/srv_netlog_nt.c32
-rw-r--r--source3/rpc_server/srv_pipe.c6
-rw-r--r--source3/rpc_server/srv_samr_nt.c127
-rw-r--r--source3/rpc_server/srv_util.c8
-rw-r--r--source3/smbd/auth.c4
-rw-r--r--source3/smbd/auth_smbpasswd.c4
-rw-r--r--source3/smbd/auth_unix.c32
-rw-r--r--source3/smbd/chgpasswd.c93
-rw-r--r--source3/smbd/lanman.c8
-rw-r--r--source3/utils/pdbedit.c36
-rw-r--r--source3/utils/smbpasswd.c8
14 files changed, 232 insertions, 166 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index 5b6b2d4c42..6aa2714b0b 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -189,6 +189,10 @@ NTSTATUS pass_check_smb_with_chal(char *smb_user, char *unix_user,
user_info.lm_resp.buffer = (uint8 *)local_lm_response;
user_info.lm_resp.len = 24;
+
+ /* WATCH OUT. This doesn't work if the incoming password is incorrectly cased.
+ We might want to add a check here and only do an LM in that case */
+
/* This encrypts the lm_pwd feild, which actualy contains the password
rather than the nt_pwd field becouse that contains nothing */
SMBNTencrypt((uchar *)lm_pwd, user_info.chal, local_nt_response);
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index 567414d1a2..8159ad988f 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -306,7 +306,7 @@ NTSTATUS check_smbpasswd_security(const auth_usersupplied_info *user_info, auth_
if (ret == False)
{
DEBUG(1,("Couldn't find user '%s' in passdb file.\n", user_info->unix_username.str));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
@@ -316,7 +316,7 @@ NTSTATUS check_smbpasswd_security(const auth_usersupplied_info *user_info, auth_
nt_status = sam_account_ok(sampass, user_info);
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return nt_status;
}
diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c
index 5582682d98..0d73988d8a 100644
--- a/source3/auth/auth_unix.c
+++ b/source3/auth/auth_unix.c
@@ -31,7 +31,7 @@ this ugly hack needs to die, but not quite yet...
static BOOL update_smbpassword_file(char *user, char *password)
{
SAM_ACCOUNT *sampass = NULL;
- BOOL ret;
+ BOOL ret;
pdb_init_sam(&sampass);
@@ -41,7 +41,7 @@ static BOOL update_smbpassword_file(char *user, char *password)
if(ret == False) {
DEBUG(0,("pdb_getsampwnam returned NULL\n"));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
@@ -49,16 +49,32 @@ static BOOL update_smbpassword_file(char *user, char *password)
* Remove the account disabled flag - we are updating the
* users password from a login.
*/
- pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED);
+ if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED)) {
+ pdb_free_sam(&sampass);
+ return False;
+ }
+
+ if (!pdb_set_plaintext_passwd (sampass, password)) {
+ pdb_free_sam(&sampass);
+ return False;
+ }
- /* Here, the flag is one, because we want to ignore the
+ /* Now write it into the file. */
+ become_root();
+
+ /* Here, the override flag is True, because we want to ignore the
XXXXXXX'd out password */
- ret = change_oem_password( sampass, password, True);
- if (ret == False) {
- DEBUG(3,("change_oem_password returned False\n"));
+ ret = pdb_update_sam_account (sampass, True);
+
+ unbecome_root();
+
+ if (ret) {
+ DEBUG(3,("pdb_update_sam_account returned %d\n",ret));
}
- pdb_free_sam(sampass);
+ memset(password, '\0', strlen(password));
+
+ pdb_free_sam(&sampass);
return ret;
}
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index bf615682d3..fffa5b1ba1 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -203,19 +203,19 @@ static BOOL get_md4pw(char *md4pw, char *mach_acct)
if (ret==False) {
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
if (!(pdb_get_acct_ctrl(sampass) & ACB_DISABLED) && ((pass=pdb_get_nt_passwd(sampass)) != NULL)) {
memcpy(md4pw, pass, 16);
dump_data(5, md4pw, 16);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
@@ -410,7 +410,7 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
/* Ensure the account exists and is a machine account. */
if (ret==False || !(pdb_get_acct_ctrl(sampass) & ACB_WSTRUST)) {
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
@@ -422,9 +422,21 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
cred_hash3( pwd, q_u->pwd, p->dc.sess_key, 0);
/* lies! nt and lm passwords are _not_ the same: don't care */
- pdb_set_lanman_passwd (sampass, pwd);
- pdb_set_nt_passwd (sampass, pwd);
- pdb_set_acct_ctrl (sampass, ACB_WSTRUST);
+ if (!pdb_set_lanman_passwd (sampass, pwd)) {
+ pdb_free_sam(&sampass);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!pdb_set_nt_passwd (sampass, pwd)) {
+ pdb_free_sam(&sampass);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!pdb_set_acct_ctrl (sampass, ACB_WSTRUST)) {
+ pdb_free_sam(&sampass);
+ /* Not quite sure what this one qualifies as, but this will do */
+ return NT_STATUS_NO_MEMORY;
+ }
become_root();
ret = pdb_update_sam_account (sampass,False);
@@ -436,7 +448,7 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
/* set up the LSA Server Password Set response */
init_net_r_srv_pwset(r_u, &srv_cred, status);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return r_u->status;
}
@@ -679,7 +691,7 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
unbecome_root();
if (ret == False) {
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
@@ -736,6 +748,6 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
&global_sam_sid, /* DOM_SID *dom_sid */
NULL); /* char *other_sids */
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return status;
}
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index b3f590a177..00acb93cf3 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -385,7 +385,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
if(!pdb_getsampwnam(sampass, pipe_user_name)) {
DEBUG(1,("api_pipe_ntlmssp_verify: Cannot find user %s in smb passwd database.\n",
pipe_user_name));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
unbecome_root();
return False;
}
@@ -394,7 +394,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
if(!pdb_get_nt_passwd(sampass)) {
DEBUG(1,("Account for user '%s' has no NT password hash.\n", pipe_user_name));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
@@ -463,7 +463,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
p->ntlmssp_auth_validated = True;
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index f7e6317edf..9748d0e950 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -103,7 +103,7 @@ static NTSTATUS get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
if (!pdb_setsampwent(False)) {
DEBUG(0, ("get_sampwd_entries: Unable to open passdb.\n"));
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return NT_STATUS_ACCESS_DENIED;
}
@@ -151,7 +151,7 @@ static NTSTATUS get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
}
pdb_endsampwent();
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
if (not_finished)
return STATUS_MORE_ENTRIES;
@@ -231,7 +231,7 @@ static NTSTATUS jf_get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
*total_entries = *num_entries;
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
if (not_finished)
return STATUS_MORE_ENTRIES;
@@ -1508,12 +1508,12 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN
/* check that the RID exists in our domain. */
if (ret == False) {
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
samr_clear_sam_passwd(sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
/* Get the domain SID stored in the domain policy */
if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid))
@@ -1559,7 +1559,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
if (ret==False) {
DEBUG(4,("User 0x%x not found\n", user_rid));
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return False;
}
@@ -1569,7 +1569,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
init_sam_user_info10(id10, pdb_get_acct_ctrl(smbpass) );
samr_clear_sam_passwd(smbpass);
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return True;
}
@@ -1600,21 +1600,21 @@ static NTSTATUS get_user_info_12(pipes_struct *p, SAM_USER_INFO_12 * id12, uint3
if (ret == False) {
DEBUG(4, ("User 0x%x not found\n", user_rid));
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED;
}
DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) ));
if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED) {
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return NT_STATUS_ACCOUNT_DISABLED;
}
ZERO_STRUCTP(id12);
init_sam_user_info12(id12, pdb_get_lanman_passwd(smbpass), pdb_get_nt_passwd(smbpass));
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return NT_STATUS_OK;
}
@@ -1641,7 +1641,7 @@ static BOOL get_user_info_20(SAM_USER_INFO_20 *id20, uint32 user_rid)
if (ret == False) {
DEBUG(4,("User 0x%x not found\n", user_rid));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
@@ -1652,7 +1652,7 @@ static BOOL get_user_info_20(SAM_USER_INFO_20 *id20, uint32 user_rid)
ZERO_STRUCTP(id20);
init_sam_user_info20A(id20, sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
@@ -1679,7 +1679,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
if (ret == False) {
DEBUG(4,("User 0x%x not found\n", user_rid));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
@@ -1690,7 +1690,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
ZERO_STRUCTP(id21);
init_sam_user_info21A(id21, sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
@@ -1946,7 +1946,7 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
unbecome_root();
if (ret == True) {
/* this account exists: say so */
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_USER_EXISTS;
}
@@ -1982,7 +1982,7 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
pstrcpy(add_script, lp_adduser_script());
} else {
DEBUG(0, ("_api_samr_create_user: mismatch between trust flags and $ termination\n"));
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -1997,7 +1997,7 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
if (!local_password_change(account, local_flags, NULL, err_str,
sizeof(err_str), msg_str, sizeof(msg_str))) {
DEBUG(0, ("%s\n", err_str));
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
@@ -2006,25 +2006,25 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
unbecome_root();
if (ret == False) {
/* account doesn't exist: say so */
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
/* Get the domain SID stored in the domain policy */
if(!get_lsa_policy_samr_sid(p, &dom_pol, &sid)) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_INVALID_HANDLE;
}
/* append the user's RID to it */
if(!sid_append_rid(&sid, pdb_get_user_rid(sam_pass) )) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_NO_SUCH_USER;
}
/* associate the user's SID with the new handle. */
if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_NO_MEMORY;
}
@@ -2033,14 +2033,14 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
/* get a (unique) handle. open a policy on it. */
if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
r_u->user_rid=sam_pass->user_rid;
r_u->unknown_0 = 0x000703ff;
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_OK;
}
@@ -2236,24 +2236,27 @@ static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, uint32 rid)
ret = pdb_getsampwrid(pwd, rid);
if(ret==False) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
if (id10 == NULL) {
DEBUG(5, ("set_user_info_10: NULL id10\n"));
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_set_acct_ctrl(pwd, id10->acb_info);
+ if (!pdb_set_acct_ctrl(pwd, id10->acb_info)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
if(!pdb_update_sam_account(pwd, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return True;
}
@@ -2269,25 +2272,31 @@ static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid)
pdb_init_sam(&pwd);
if(!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
if (id12 == NULL) {
DEBUG(2, ("set_user_info_12: id12 is NULL\n"));
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_set_lanman_passwd (pwd, id12->lm_pwd);
- pdb_set_nt_passwd (pwd, id12->nt_pwd);
+ if (!pdb_set_lanman_passwd (pwd, id12->lm_pwd)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
+ if (!pdb_set_nt_passwd (pwd, id12->nt_pwd)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
if(!pdb_update_sam_account(pwd, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return True;
}
@@ -2309,8 +2318,8 @@ static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid)
pdb_init_sam(&new_pwd);
if (!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
@@ -2327,13 +2336,13 @@ static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid)
/* write the change out */
if(!pdb_update_sam_account(new_pwd, True)) {
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return True;
}
@@ -2359,24 +2368,27 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
pdb_init_sam(&new_pwd);
if (!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
acct_ctrl = pdb_get_acct_ctrl(pwd);
copy_sam_passwd(new_pwd, pwd);
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
copy_id23_to_sam_passwd(new_pwd, id23);
if (!decode_pw_buffer((char*)id23->pass, plaintext_buf, 256, &len)) {
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
- pdb_set_plaintext_passwd (new_pwd, plaintext_buf);
+ if (!pdb_set_plaintext_passwd (new_pwd, plaintext_buf)) {
+ pdb_free_sam(&new_pwd);
+ return False;
+ }
/* if it's a trust account, don't update /etc/passwd */
if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
@@ -2387,7 +2399,7 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
/* update the UNIX password */
if (lp_unix_password_sync() )
if(!chgpasswd(pdb_get_username(new_pwd), "", plaintext_buf, True)) {
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
}
@@ -2395,11 +2407,11 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
ZERO_STRUCT(plaintext_buf);
if(!pdb_update_sam_account(new_pwd, True)) {
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return True;
}
@@ -2418,7 +2430,7 @@ static BOOL set_user_info_pw(char *pass, uint32 rid)
pdb_init_sam(&pwd);
if (!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
@@ -2427,11 +2439,14 @@ static BOOL set_user_info_pw(char *pass, uint32 rid)
ZERO_STRUCT(plaintext_buf);
if (!decode_pw_buffer(pass, plaintext_buf, 256, &len)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_set_plaintext_passwd (pwd, plaintext_buf);
+ if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
/* if it's a trust account, don't update /etc/passwd */
if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
@@ -2442,7 +2457,7 @@ static BOOL set_user_info_pw(char *pass, uint32 rid)
/* update the UNIX password */
if (lp_unix_password_sync())
if(!chgpasswd(pdb_get_username(pwd), "", plaintext_buf, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
}
@@ -2453,11 +2468,11 @@ static BOOL set_user_info_pw(char *pass, uint32 rid)
/* update the SAMBA password */
if(!pdb_update_sam_account(pwd, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return True;
}
@@ -2516,14 +2531,14 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE
unbecome_root();
if(ret == False) {
DEBUG(0,("_samr_set_userinfo: Unable to get smbpasswd entry for uid %u\n", (unsigned int)user.uid ));
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
memset(sess_key, '\0', 16);
mdfour(sess_key, pdb_get_nt_passwd(sam_pass), 16);
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
/* ok! user info levels (lots: see MSDEV help), off we go... */
switch (switch_value) {
diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index 5393523a78..dc66887ee9 100644
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -274,12 +274,12 @@ NTSTATUS local_lookup_user_name(uint32 rid, char *user_name, uint32 *type)
if (ret == True) {
fstrcpy(user_name, pdb_get_username(sampwd) );
DEBUG(5,(" = %s\n", user_name));
- pdb_free_sam(sampwd);
+ pdb_free_sam(&sampwd);
return NT_STATUS_OK;
}
DEBUG(5,(" none mapped\n"));
- pdb_free_sam(sampwd);
+ pdb_free_sam(&sampwd);
return NT_STATUS_NONE_MAPPED;
}
@@ -340,10 +340,10 @@ NTSTATUS local_lookup_user_rid(char *user_name, uint32 *rid)
if (ret == True) {
(*rid) = pdb_get_user_rid(sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_OK;
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NONE_MAPPED;
}
diff --git a/source3/smbd/auth.c b/source3/smbd/auth.c
index 5b6b2d4c42..6aa2714b0b 100644
--- a/source3/smbd/auth.c
+++ b/source3/smbd/auth.c
@@ -189,6 +189,10 @@ NTSTATUS pass_check_smb_with_chal(char *smb_user, char *unix_user,
user_info.lm_resp.buffer = (uint8 *)local_lm_response;
user_info.lm_resp.len = 24;
+
+ /* WATCH OUT. This doesn't work if the incoming password is incorrectly cased.
+ We might want to add a check here and only do an LM in that case */
+
/* This encrypts the lm_pwd feild, which actualy contains the password
rather than the nt_pwd field becouse that contains nothing */
SMBNTencrypt((uchar *)lm_pwd, user_info.chal, local_nt_response);
diff --git a/source3/smbd/auth_smbpasswd.c b/source3/smbd/auth_smbpasswd.c
index 567414d1a2..8159ad988f 100644
--- a/source3/smbd/auth_smbpasswd.c
+++ b/source3/smbd/auth_smbpasswd.c
@@ -306,7 +306,7 @@ NTSTATUS check_smbpasswd_security(const auth_usersupplied_info *user_info, auth_
if (ret == False)
{
DEBUG(1,("Couldn't find user '%s' in passdb file.\n", user_info->unix_username.str));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
@@ -316,7 +316,7 @@ NTSTATUS check_smbpasswd_security(const auth_usersupplied_info *user_info, auth_
nt_status = sam_account_ok(sampass, user_info);
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return nt_status;
}
diff --git a/source3/smbd/auth_unix.c b/source3/smbd/auth_unix.c
index 5582682d98..0d73988d8a 100644
--- a/source3/smbd/auth_unix.c
+++ b/source3/smbd/auth_unix.c
@@ -31,7 +31,7 @@ this ugly hack needs to die, but not quite yet...
static BOOL update_smbpassword_file(char *user, char *password)
{
SAM_ACCOUNT *sampass = NULL;
- BOOL ret;
+ BOOL ret;
pdb_init_sam(&sampass);
@@ -41,7 +41,7 @@ static BOOL update_smbpassword_file(char *user, char *password)
if(ret == False) {
DEBUG(0,("pdb_getsampwnam returned NULL\n"));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
@@ -49,16 +49,32 @@ static BOOL update_smbpassword_file(char *user, char *password)
* Remove the account disabled flag - we are updating the
* users password from a login.
*/
- pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED);
+ if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED)) {
+ pdb_free_sam(&sampass);
+ return False;
+ }
+
+ if (!pdb_set_plaintext_passwd (sampass, password)) {
+ pdb_free_sam(&sampass);
+ return False;
+ }
- /* Here, the flag is one, because we want to ignore the
+ /* Now write it into the file. */
+ become_root();
+
+ /* Here, the override flag is True, because we want to ignore the
XXXXXXX'd out password */
- ret = change_oem_password( sampass, password, True);
- if (ret == False) {
- DEBUG(3,("change_oem_password returned False\n"));
+ ret = pdb_update_sam_account (sampass, True);
+
+ unbecome_root();
+
+ if (ret) {
+ DEBUG(3,("pdb_update_sam_account returned %d\n",ret));
}
- pdb_free_sam(sampass);
+ memset(password, '\0', strlen(password));
+
+ pdb_free_sam(&sampass);
return ret;
}
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index 9dbd57129c..de49083960 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -557,7 +557,6 @@ BOOL chgpasswd(char *name, char *oldpass, char *newpass, BOOL as_root)
BOOL check_lanman_password(char *user, uchar * pass1,
uchar * pass2, SAM_ACCOUNT **hnd)
{
- static uchar null_pw[16];
uchar unenc_new_pw[16];
uchar unenc_old_pw[16];
SAM_ACCOUNT *sampass = NULL;
@@ -571,7 +570,7 @@ BOOL check_lanman_password(char *user, uchar * pass1,
if (ret == False) {
DEBUG(0,("check_lanman_password: getsampwnam returned NULL\n"));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
@@ -580,20 +579,20 @@ BOOL check_lanman_password(char *user, uchar * pass1,
if (acct_ctrl & ACB_DISABLED) {
DEBUG(0,("check_lanman_password: account %s disabled.\n", user));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
- if ((lanman_pw == NULL) && (acct_ctrl & ACB_PWNOTREQ)) {
- uchar no_pw[14];
- memset(no_pw, '\0', 14);
- E_P16(no_pw, null_pw);
- pdb_set_lanman_passwd (sampass, null_pw);
- }
- else if (lanman_pw == NULL) {
- DEBUG(0, ("check_lanman_password: no lanman password !\n"));
- pdb_free_sam(sampass);
- return False;
+ if (lanman_pw == NULL) {
+ if (acct_ctrl & ACB_PWNOTREQ) {
+ /* this saves the pointer for the caller */
+ *hnd = sampass;
+ return True;
+ } else {
+ DEBUG(0, ("check_lanman_password: no lanman password !\n"));
+ pdb_free_sam(&sampass);
+ return False;
+ }
}
/* Get the new lanman hash. */
@@ -605,13 +604,12 @@ BOOL check_lanman_password(char *user, uchar * pass1,
/* Check that the two old passwords match. */
if (memcmp(lanman_pw, unenc_old_pw, 16)) {
DEBUG(0,("check_lanman_password: old password doesn't match.\n"));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
/* this saves the pointer for the caller */
*hnd = sampass;
-
return True;
}
@@ -644,22 +642,30 @@ BOOL change_lanman_password(SAM_ACCOUNT *sampass, uchar * pass1,
return False;
}
- if ((pwd == NULL) && (acct_ctrl & ACB_PWNOTREQ)) {
- uchar no_pw[14];
- memset(no_pw, '\0', 14);
- E_P16(no_pw, null_pw);
- pdb_set_lanman_passwd(sampass, null_pw);
+ if (pwd == NULL) {
+ if (acct_ctrl & ACB_PWNOTREQ) {
+ uchar no_pw[14];
+ memset(no_pw, '\0', 14);
+ E_P16(no_pw, null_pw);
+
+ /* Get the new lanman hash. */
+ D_P16(null_pw, pass2, unenc_new_pw);
+ } else {
+ DEBUG(0,("change_lanman_password: no lanman password !\n"));
+ return False;
+ }
+ } else {
+ /* Get the new lanman hash. */
+ D_P16(pwd, pass2, unenc_new_pw);
}
- else if (pwd == NULL) {
- DEBUG(0,("change_lanman_password: no lanman password !\n"));
+
+ if (!pdb_set_lanman_passwd(sampass, unenc_new_pw)) {
return False;
}
- /* Get the new lanman hash. */
- D_P16(pwd, pass2, unenc_new_pw);
-
- pdb_set_lanman_passwd(sampass, unenc_new_pw);
- pdb_set_nt_passwd (sampass, NULL); /* We lose the NT hash. Sorry. */
+ if (!pdb_set_nt_passwd (sampass, NULL)) {
+ return False; /* We lose the NT hash. Sorry. */
+ }
/* Now flush the sam_passwd struct to persistent storage */
become_root();
@@ -690,15 +696,15 @@ BOOL pass_oem_change(char *user,
* available. JRA.
*/
- if (ret && lp_unix_password_sync())
+ if ((ret) && lp_unix_password_sync())
ret = chgpasswd(user, "", new_passwd, True);
if (ret)
- ret = change_oem_password(sampass, new_passwd, False);
+ ret = change_oem_password(sampass, new_passwd);
memset(new_passwd, 0, sizeof(new_passwd));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return ret;
}
@@ -762,23 +768,19 @@ static BOOL check_oem_password(char *user,
/* check for null passwords */
if (lanman_pw == NULL) {
- if (acct_ctrl & ACB_PWNOTREQ)
- pdb_set_lanman_passwd(sampass, null_pw);
- else {
+ if (!(acct_ctrl & ACB_PWNOTREQ)) {
DEBUG(0,("check_oem_password: no lanman password !\n"));
return False;
}
}
-
+
if (pdb_get_nt_passwd(sampass) == NULL && nt_pass_set) {
- if (acct_ctrl & ACB_PWNOTREQ)
- pdb_set_nt_passwd(sampass, null_pw);
- else {
+ if (!(acct_ctrl & ACB_PWNOTREQ)) {
DEBUG(0,("check_oem_password: no ntlm password !\n"));
return False;
}
}
-
+
/*
* Call the hash function to get the new password.
*/
@@ -862,24 +864,21 @@ static BOOL check_oem_password(char *user,
/***********************************************************
Code to change the oem password. Changes both the lanman
and NT hashes.
- override = False, normal
- override = True, override XXXXXXXXXX'd password
************************************************************/
-BOOL change_oem_password(SAM_ACCOUNT *hnd, char *new_passwd,
- BOOL override)
+BOOL change_oem_password(SAM_ACCOUNT *hnd, char *new_passwd)
{
- int ret;
+ BOOL ret;
- pdb_set_plaintext_passwd (hnd, new_passwd);
+ if (!pdb_set_plaintext_passwd (hnd, new_passwd)) {
+ return False;
+ }
/* Now write it into the file. */
become_root();
- ret = pdb_update_sam_account (hnd, override);
+ ret = pdb_update_sam_account (hnd, False);
unbecome_root();
- memset(new_passwd, '\0', strlen(new_passwd));
-
return ret;
}
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index e9213e75a2..b7acfa5f32 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -1884,7 +1884,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
fstrcpy(saved_pass2, pass2);
if (check_plaintext_password(user,pass1,strlen(pass1),&sampass) &&
- change_oem_password(sampass,pass2,False))
+ change_oem_password(sampass,pass2))
{
SSVAL(*rparam,0,NERR_Success);
@@ -1897,7 +1897,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
if(lp_unix_password_sync() && !chgpasswd(user,pass1,saved_pass2,False))
SSVAL(*rparam,0,NERR_badpass);
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
}
@@ -1931,12 +1931,12 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
{
SAM_ACCOUNT *hnd = NULL;
- if(check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd) &&
+ if (check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd) &&
change_lanman_password(hnd,(unsigned char *)pass1,(unsigned char *)pass2))
{
SSVAL(*rparam,0,NERR_Success);
}
- pdb_free_sam(hnd);
+ pdb_free_sam(&hnd);
}
diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c
index d0629fa258..ce5195a810 100644
--- a/source3/utils/pdbedit.c
+++ b/source3/utils/pdbedit.c
@@ -128,12 +128,12 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle)
if (ret==False) {
fprintf (stderr, "Username not found!\n");
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return -1;
}
ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle);
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return ret;
}
@@ -151,7 +151,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle)
ret = pdb_setsampwent(False);
if (ret && errno == ENOENT) {
fprintf (stderr,"Password database not found!\n");
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
exit(1);
}
@@ -163,7 +163,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle)
}
pdb_endsampwent ();
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return 0;
}
@@ -181,7 +181,7 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d
ret = pdb_getsampwnam (sam_pwent, username);
if (ret==False) {
fprintf (stderr, "Username not found!\n");
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return -1;
}
@@ -200,10 +200,10 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d
print_user_info (username, True, False);
else {
fprintf (stderr, "Unable to modify entry!\n");
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return -1;
}
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return 0;
}
@@ -222,7 +222,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive,
if (!(pwd = sys_getpwnam(username))) {
fprintf (stderr, "User %s does not exist in system passwd!\n", username);
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return -1;
}
@@ -230,7 +230,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive,
password2 = getpass("retype new password:");
if (strcmp (password1, password2)) {
fprintf (stderr, "Passwords does not match!\n");
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return -1;
}
@@ -260,10 +260,10 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive,
print_user_info (username, True, False);
} else {
fprintf (stderr, "Unable to add user! (does it alredy exist?)\n");
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return -1;
}
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return 0;
}
@@ -297,7 +297,7 @@ static int new_machine (char *machinename)
for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) {
pdb_init_sam (&sam_trust);
if (pdb_getsampwuid (sam_trust, uid)) {
- pdb_free_sam (sam_trust);
+ pdb_free_sam (&sam_trust);
} else {
break;
}
@@ -305,7 +305,7 @@ static int new_machine (char *machinename)
if (uid>MAX_MACHINE_UID) {
fprintf (stderr, "No more free UIDs available to Machine accounts!\n");
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return -1;
}
@@ -319,10 +319,10 @@ static int new_machine (char *machinename)
print_user_info (name, True, False);
} else {
fprintf (stderr, "Unable to add machine! (does it already exist?)\n");
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return -1;
}
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return 0;
}
@@ -383,7 +383,7 @@ static int import_users (char *filename)
fgets(linebuf, 256, fp);
if (ferror(fp)) {
fprintf (stderr, "%s\n", strerror (ferror (fp)));
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return -1;
}
if ((linebuf_len = strlen(linebuf)) == 0) {
@@ -401,7 +401,7 @@ static int import_users (char *filename)
linebuf[linebuf_len] = '\0';
if ((linebuf[0] == 0) && feof(fp)) {
/*end of file!!*/
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return 0;
}
line++;
@@ -558,7 +558,7 @@ static int import_users (char *filename)
pdb_reset_sam (sam_pwent);
}
printf ("%d lines read.\n%d entryes imported\n", line, good);
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return 0;
}
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
index 14b10c1700..168547c712 100644
--- a/source3/utils/smbpasswd.c
+++ b/source3/utils/smbpasswd.c
@@ -524,7 +524,7 @@ static BOOL password_change(const char *remote_machine, char *user_name,
return False;
}
ret = remote_password_change(remote_machine, user_name,
- old_passwd, new_passwd, err_str, sizeof(err_str));
+ old_passwd, new_passwd, err_str, sizeof(err_str));
if(*err_str)
fprintf(stderr, err_str);
return ret;
@@ -707,7 +707,7 @@ static int process_root(int argc, char *argv[])
usage();
}
- if (!user_name[0] && (pwd = sys_getpwuid(0))) {
+ if (!user_name[0] && (pwd = sys_getpwuid(geteuid()))) {
fstrcpy(user_name, pwd->pw_name);
}
@@ -768,7 +768,7 @@ static int process_root(int argc, char *argv[])
if((sampass != False) && (pdb_get_lanman_passwd(sampass) != NULL)) {
new_passwd = xstrdup("XXXX"); /* Don't care. */
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
}
if(!new_passwd)
@@ -799,7 +799,7 @@ static int process_root(int argc, char *argv[])
if((ret != False) && (pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ) )
printf(" User has no password flag set.");
printf("\n");
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
}
done:
generated by cgit (git 2.34.1) at 2024-07-03 09:10:25 +0000