diff options
Diffstat (limited to 'source3/pam_smbpass')
-rw-r--r-- | source3/pam_smbpass/general.h | 7 | ||||
-rw-r--r-- | source3/pam_smbpass/pam_smb_acct.c | 4 | ||||
-rw-r--r-- | source3/pam_smbpass/pam_smb_auth.c | 5 | ||||
-rw-r--r-- | source3/pam_smbpass/pam_smb_passwd.c | 8 | ||||
-rw-r--r-- | source3/pam_smbpass/support.c | 222 |
5 files changed, 118 insertions, 128 deletions
diff --git a/source3/pam_smbpass/general.h b/source3/pam_smbpass/general.h index 4f13d60131..0291146cbb 100644 --- a/source3/pam_smbpass/general.h +++ b/source3/pam_smbpass/general.h @@ -121,10 +121,3 @@ struct _pam_failed_auth { char *agent; /* attempt from user with name */ int count; /* number of failures so far */ }; - -/* - * General use functions go here - */ - -/* from support.c */ -int make_remark(pam_handle_t *, unsigned int, int, const char *); diff --git a/source3/pam_smbpass/pam_smb_acct.c b/source3/pam_smbpass/pam_smb_acct.c index 0803ef82a2..8d91c456bf 100644 --- a/source3/pam_smbpass/pam_smb_acct.c +++ b/source3/pam_smbpass/pam_smb_acct.c @@ -33,7 +33,6 @@ #include "support.h" - /* * pam_sm_acct_mgmt() verifies whether or not the account is disabled. * @@ -46,12 +45,15 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, int retval; const char *name; + const char *p; SAM_ACCOUNT *sampass = NULL; extern BOOL in_client; /* Samba initialization. */ setup_logging( "pam_smbpass", False ); + charset_initialise(); + codepage_initialise(lp_client_code_page()); in_client = True; ctrl = set_ctrl( flags, argc, argv ); diff --git a/source3/pam_smbpass/pam_smb_auth.c b/source3/pam_smbpass/pam_smb_auth.c index e5cc12e2f6..9952eb94db 100644 --- a/source3/pam_smbpass/pam_smb_auth.c +++ b/source3/pam_smbpass/pam_smb_auth.c @@ -47,7 +47,6 @@ do { \ static int _smb_add_user(pam_handle_t *pamh, unsigned int ctrl, const char *name, SAM_ACCOUNT *sampass, BOOL exist); - /* * pam_sm_authenticate() authenticates users against the samba password file. * @@ -68,11 +67,13 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, BOOL found; /* Points to memory managed by the PAM library. Do not free. */ - char *p = NULL; + const char *p = NULL; /* Samba initialization. */ setup_logging("pam_smbpass",False); + charset_initialise(); + codepage_initialise(lp_client_code_page()); in_client = True; ctrl = set_ctrl(flags, argc, argv); diff --git a/source3/pam_smbpass/pam_smb_passwd.c b/source3/pam_smbpass/pam_smb_passwd.c index 0f52755252..338d873d25 100644 --- a/source3/pam_smbpass/pam_smb_passwd.c +++ b/source3/pam_smbpass/pam_smb_passwd.c @@ -35,7 +35,8 @@ int smb_update_db( pam_handle_t *pamh, int ctrl, const char *user, const char *pass_new ) { - int retval; + char c; + int retval, i; pstring err_str; pstring msg_str; @@ -93,11 +94,12 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags, SAM_ACCOUNT *sampass = NULL; const char *user; - char *pass_old; - char *pass_new; + const char *pass_old, *pass_new; /* Samba initialization. */ setup_logging( "pam_smbpass", False ); + charset_initialise(); + codepage_initialise(lp_client_code_page()); in_client = True; ctrl = set_ctrl(flags, argc, argv); diff --git a/source3/pam_smbpass/support.c b/source3/pam_smbpass/support.c index a55dcb0272..86349f8c16 100644 --- a/source3/pam_smbpass/support.c +++ b/source3/pam_smbpass/support.c @@ -1,135 +1,132 @@ - /* Unix NT password database implementation, version 0.6. - * - * This program is free software; you can redistribute it and/or modify it under - * the terms of the GNU General Public License as published by the Free - * Software Foundation; either version 2 of the License, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along with - * this program; if not, write to the Free Software Foundation, Inc., 675 - * Mass Ave, Cambridge, MA 02139, USA. - */ +/* Unix NT password database implementation, version 0.6. + * + * This program is free software; you can redistribute it and/or modify it under + * the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 675 + * Mass Ave, Cambridge, MA 02139, USA. + */ - #include "includes.h" - #include "general.h" +#include "includes.h" +#include "general.h" - #include "support.h" +#include "support.h" - #define _pam_overwrite(x) \ - do { \ - register char *__xx__; \ - if ((__xx__=(x))) \ - while (*__xx__) \ - *__xx__++ = '\0'; \ - } while (0) +#define _pam_overwrite(x) \ +do { \ + register char *__xx__; \ + if ((__xx__=(x))) \ + while (*__xx__) \ + *__xx__++ = '\0'; \ +} while (0) - /* - * Don't just free it, forget it too. - */ +/* + * Don't just free it, forget it too. + */ - #define _pam_drop(X) \ - do { \ - if (X) { \ - free(X); \ - X=NULL; \ - } \ - } while (0) - - #define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \ - do { \ - int reply_i; \ - \ - for (reply_i=0; reply_i<replies; ++reply_i) { \ - if (reply[reply_i].resp) { \ - _pam_overwrite(reply[reply_i].resp); \ - free(reply[reply_i].resp); \ - } \ - } \ - if (reply) \ - free(reply); \ - } while (0) - - - int converse(pam_handle_t *, int, int, struct pam_message **, - struct pam_response **); - int make_remark(pam_handle_t *, unsigned int, int, const char *); - void _cleanup(pam_handle_t *, void *, int); - char *_pam_delete(register char *); - - /* default configuration file location */ - - char *servicesf = dyn_CONFIGFILE; - - /* syslogging function for errors and other information */ - - void _log_err( int err, const char *format, ... ) - { - va_list args; - - va_start( args, format ); - openlog( "PAM_smbpass", LOG_CONS | LOG_PID, LOG_AUTH ); - vsyslog( err, format, args ); - va_end( args ); - closelog(); - } +#define _pam_drop(X) \ +do { \ + if (X) { \ + free(X); \ + X=NULL; \ + } \ +} while (0) + +#define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \ +do { \ + int reply_i; \ + \ + for (reply_i=0; reply_i<replies; ++reply_i) { \ + if (reply[reply_i].resp) { \ + _pam_overwrite(reply[reply_i].resp); \ + free(reply[reply_i].resp); \ + } \ + } \ + if (reply) \ + free(reply); \ +} while (0) + + +int converse(pam_handle_t *, int, int, struct pam_message **, + struct pam_response **); +int make_remark(pam_handle_t *, unsigned int, int, const char *); +void _cleanup(pam_handle_t *, void *, int); +char *_pam_delete(register char *); + +/* syslogging function for errors and other information */ + +void _log_err( int err, const char *format, ... ) +{ + va_list args; + + va_start( args, format ); + openlog( "PAM_smbpass", LOG_CONS | LOG_PID, LOG_AUTH ); + vsyslog( err, format, args ); + va_end( args ); + closelog(); +} - /* this is a front-end for module-application conversations */ +/* this is a front-end for module-application conversations */ - int converse( pam_handle_t * pamh, int ctrl, int nargs - , struct pam_message **message - , struct pam_response **response ) - { - int retval; - struct pam_conv *conv; +int converse( pam_handle_t * pamh, int ctrl, int nargs + , struct pam_message **message + , struct pam_response **response ) +{ + int retval; + struct pam_conv *conv; - retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv); - if (retval == PAM_SUCCESS) { + retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv); + if (retval == PAM_SUCCESS) { - retval = conv->conv(nargs, (const struct pam_message **) message - ,response, conv->appdata_ptr); + retval = conv->conv(nargs, (const struct pam_message **) message + ,response, conv->appdata_ptr); - if (retval != PAM_SUCCESS && on(SMB_DEBUG, ctrl)) { - _log_err(LOG_DEBUG, "conversation failure [%s]" - ,pam_strerror(pamh, retval)); - } - } else { - _log_err(LOG_ERR, "couldn't obtain coversation function [%s]" + if (retval != PAM_SUCCESS && on(SMB_DEBUG, ctrl)) { + _log_err(LOG_DEBUG, "conversation failure [%s]" ,pam_strerror(pamh, retval)); } - - return retval; /* propagate error status */ + } else { + _log_err(LOG_ERR, "couldn't obtain coversation function [%s]" + ,pam_strerror(pamh, retval)); } - int make_remark( pam_handle_t * pamh, unsigned int ctrl - , int type, const char *text ) - { - if (off(SMB__QUIET, ctrl)) { - struct pam_message *pmsg[1], msg[1]; - struct pam_response *resp; + return retval; /* propagate error status */ +} + +int make_remark( pam_handle_t * pamh, unsigned int ctrl + , int type, const char *text ) +{ + if (off(SMB__QUIET, ctrl)) { + struct pam_message *pmsg[1], msg[1]; + struct pam_response *resp; - pmsg[0] = &msg[0]; - msg[0].msg = text; - msg[0].msg_style = type; - resp = NULL; + pmsg[0] = &msg[0]; + msg[0].msg = text; + msg[0].msg_style = type; + resp = NULL; - return converse(pamh, ctrl, 1, pmsg, &resp); - } - return PAM_SUCCESS; + return converse(pamh, ctrl, 1, pmsg, &resp); } + return PAM_SUCCESS; +} - /* set the control flags for the SMB module. */ +/* set the control flags for the SMB module. */ int set_ctrl( int flags, int argc, const char **argv ) { int i = 0; - const char *service_file = dyn_CONFIGFILE; + static pstring servicesf = CONFIGFILE; + const char *service_file = servicesf; unsigned int ctrl; ctrl = SMB_DEFAULTS; /* the default selection of options */ @@ -139,9 +136,6 @@ int set_ctrl( int flags, int argc, const char **argv ) /* A good, sane default (matches Samba's behavior). */ set( SMB__NONULL, ctrl ); - /* initialize service file location */ - service_file=servicesf; - if (flags & PAM_SILENT) { set( SMB__QUIET, ctrl ); } @@ -171,8 +165,6 @@ int set_ctrl( int flags, int argc, const char **argv ) _log_err( LOG_ERR, "Error loading service file %s", service_file ); } - secrets_init(); - if (lp_null_passwords()) { set( SMB__NULLOK, ctrl ); } @@ -311,7 +303,7 @@ int _smb_verify_password( pam_handle_t * pamh, SAM_ACCOUNT *sampass, uchar hash_pass[16]; uchar lm_pw[16]; uchar nt_pw[16]; - int retval = PAM_AUTH_ERR; + int retval; char *data_name; const char *name; @@ -490,7 +482,7 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl, { int authtok_flag; int retval; - char *item = NULL; + const char *item = NULL; char *token; struct pam_message msg[3], *pmsg[3]; |