diff options
Diffstat (limited to 'source3/lib')
-rw-r--r-- | source3/lib/domain_namemap.c | 2 | ||||
-rw-r--r-- | source3/lib/username.c | 92 | ||||
-rw-r--r-- | source3/lib/util.c | 4 |
3 files changed, 90 insertions, 8 deletions
diff --git a/source3/lib/domain_namemap.c b/source3/lib/domain_namemap.c index 892263f084..156e4e7d35 100644 --- a/source3/lib/domain_namemap.c +++ b/source3/lib/domain_namemap.c @@ -364,7 +364,7 @@ static BOOL unix_name_to_nt_name_info(DOM_NAME_MAP *map, DOM_MAP_TYPE type) if (type == DOM_MAP_USER) { - struct passwd *pwptr = Get_Pwnam(map->unix_name, False); + const struct passwd *pwptr = Get_Pwnam(map->unix_name, False); if (pwptr == NULL) { DEBUG(0,("unix_name_to_nt_name_info: Get_Pwnam for user %s\ diff --git a/source3/lib/username.c b/source3/lib/username.c index ef172b63de..f5fbd31e11 100644 --- a/source3/lib/username.c +++ b/source3/lib/username.c @@ -83,7 +83,7 @@ static BOOL build_passwd_hash_table(void) DEBUG(3,("Building passwd hash table\n")); /* Free the allocated strings in old hash table */ for (i=0;i<pht->passwds_size;i++) { - free(pht->passwds[i].pw_name); + free(pht->passwds[i].pw_name); free(pht->passwds[i].pw_passwd); free(pht->passwds[i].pw_gecos); free(pht->passwds[i].pw_dir); @@ -302,7 +302,7 @@ get a users home directory. ****************************************************************************/ char *get_home_dir(char *user) { - struct passwd *pass; + const struct passwd *pass; static pstring home_dir; pass = Get_Pwnam(user, False); @@ -428,6 +428,86 @@ static struct passwd *_Get_Pwnam(char *s) ret = hashed_getpwnam(s); if (ret) { + + /* Deal with password information stored in shadows. Due to the + dynamic allocation of password cache stuff, the original password + needs to be freed and the new password mallocated to avoid + crashing the cache destructor code. */ + +#ifdef HAVE_GETSPNAM + { + struct spwd *spass; + + /* many shadow systems require you to be root to get + the password, in most cases this should already be + the case when this function is called, except + perhaps for IPC password changing requests */ + + spass = getspnam(ret->pw_name); + if (spass && spass->sp_pwdp) { + free(ret->pw_passwd); + ret->pw_passwd = strdup(spass->sp_pwdp); + } + } +#elif defined(IA_UINFO) + { + /* Need to get password with SVR4.2's ia_ functions + instead of get{sp,pw}ent functions. Required by + UnixWare 2.x, tested on version + 2.1. (tangent@cyberport.com) */ + /* Not sure how large the new password string should + be so I'm using a pstring instead. If anyone has + access to a UnixWare system perhaps they could + optimise this. (tpot@samba.org) */ + uinfo_t uinfo; + if (ia_openinfo(ret->pw_name, &uinfo) != -1) { + free(ret->pw_passwd); + ret->pw_passwd = malloc(FSTRING_LEN); + ia_get_logpwd(uinfo, &(ret->pw_passwd)); + } + } +#endif + +#ifdef HAVE_GETPRPWNAM + { + struct pr_passwd *pr_pw = getprpwnam(ret->pw_name); + if (pr_pw && pr_pw->ufld.fd_encrypt) { + free(ret->pw_passwd); + ret->pw_passwd = strdup(pr_pw->ufld.fd_encrypt); + } + } +#endif + +#ifdef OSF1_ENH_SEC + { + struct pr_passwd *mypasswd; + DEBUG(5,("Checking password for user %s in OSF1_ENH_SEC\n", + user)); + mypasswd = getprpwnam (user); + if (mypasswd) { + free(ret->pw_name); + free(ret->pw_passwd); + ret->pw_name = strdup(mypasswd->ufld.fd_name); + ret->pw_passwd = strdup(mypasswd->ufld.fd_encrypt); + } else { + DEBUG(5,("No entry for user %s in protected database !\n", + user)); + return(False); + } + } +#endif + +#ifdef ULTRIX_AUTH + { + AUTHORIZATION *ap = getauthuid(ret->pw_uid); + if (ap) { + free(ret->pw_passwd); + ret->pw_passwd = strdup(ap->a_password); + endauthent(); + } + } +#endif + #ifdef HAVE_GETPWANAM struct passwd_adjunct *pwret; pwret = getpwanam(s); @@ -447,9 +527,11 @@ static struct passwd *_Get_Pwnam(char *s) /**************************************************************************** a wrapper for getpwnam() that tries with all lower and all upper case if the initial name fails. Also tried with first letter capitalised -Note that this can change user! +Note that this can change user! Function returns const to emphasise +the fact that most of the members of the struct passwd * returned are +dynamically allocated. ****************************************************************************/ -struct passwd *Get_Pwnam(char *user,BOOL allow_change) +const struct passwd *Get_Pwnam(char *user,BOOL allow_change) { fstring user2; int last_char; @@ -538,7 +620,7 @@ static BOOL user_in_group_list(char *user,char *gname) #ifdef HAVE_GETGRNAM struct group *gptr; char **member; - struct passwd *pass = Get_Pwnam(user,False); + const struct passwd *pass = Get_Pwnam(user,False); if (pass) { diff --git a/source3/lib/util.c b/source3/lib/util.c index d1519cd8d2..3211c6687a 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -2125,7 +2125,7 @@ void standard_sub_basic(char *str) { char *s, *p; char pidstr[10]; - struct passwd *pass; + const struct passwd *pass; char *username = sam_logon_in_ssb ? samlogon_user : sesssetup_user; for (s = str ; s && *s && (p = strchr(s,'%')); s = p ) @@ -2498,7 +2498,7 @@ turn a user name into a uid ********************************************************************/ BOOL nametouid(const char *name, uid_t *uid) { - struct passwd *pass = Get_Pwnam((char *)name, False); + const struct passwd *pass = Get_Pwnam((char *)name, False); if (pass) { *uid = pass->pw_uid; |