diff options
Diffstat (limited to 'source3/smbd')
| -rw-r--r-- | source3/smbd/auth_rhosts.c | 4 | ||||
| -rw-r--r-- | source3/smbd/auth_unix.c | 2 | ||||
| -rw-r--r-- | source3/smbd/chgpasswd.c | 58 | ||||
| -rw-r--r-- | source3/smbd/lanman.c | 4 | ||||
| -rw-r--r-- | source3/smbd/password.c | 4 | ||||
| -rw-r--r-- | source3/smbd/service.c | 2 | ||||
| -rw-r--r-- | source3/smbd/uid.c | 2 |
7 files changed, 49 insertions, 27 deletions
diff --git a/source3/smbd/auth_rhosts.c b/source3/smbd/auth_rhosts.c index d6ca01936f..9f5f1e10e5 100644 --- a/source3/smbd/auth_rhosts.c +++ b/source3/smbd/auth_rhosts.c @@ -86,7 +86,7 @@ static BOOL check_user_equiv(const char *user, const char *remote, const char *e static char *mydomain = NULL; if (!mydomain) yp_get_default_domain(&mydomain); - if (mydomain && innetgr(file_host,(char *)remote,(char *)user,mydomain)) + if (mydomain && innetgr(file_host,remote,user,mydomain)) host_ok = True; } #else @@ -135,7 +135,7 @@ static BOOL check_hosts_equiv(char *user) /* should be const... */ { char *fname = NULL; pstring rhostsfile; - struct passwd *pass = Get_Pwnam(user,False); + struct passwd *pass = Get_Pwnam(user); if (!pass) return(False); diff --git a/source3/smbd/auth_unix.c b/source3/smbd/auth_unix.c index 2f9034e3e5..29a2a6eafb 100644 --- a/source3/smbd/auth_unix.c +++ b/source3/smbd/auth_unix.c @@ -89,7 +89,7 @@ NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serve become_root(); - pass = Get_Pwnam(user_info->unix_username.str, False); + pass = Get_Pwnam(user_info->unix_username.str); nt_status = pass_check(pass, pass ? pass->pw_name : user_info->unix_username.str, diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 49f87a4ca1..132a20cf05 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -118,20 +118,18 @@ static int findpty(char **slave) return (-1); } -static int dochild(int master, char *slavedev, char *name, - char *passwordprogram, BOOL as_root) +static int dochild(int master, const char *slavedev, const struct passwd *pass, + const char *passwordprogram, BOOL as_root) { int slave; struct termios stermios; - struct passwd *pass = Get_Pwnam(name, True); gid_t gid; uid_t uid; if (pass == NULL) { DEBUG(0, - ("dochild: user name %s doesn't exist in the UNIX password database.\n", - name)); + ("dochild: user doesn't exist in the UNIX password database.\n")); return False; } @@ -318,7 +316,7 @@ static int talktochild(int master, char *seq) return (count > 0); } -static BOOL chat_with_program(char *passwordprogram, char *name, +static BOOL chat_with_program(char *passwordprogram, struct passwd *pass, char *chatsequence, BOOL as_root) { char *slavedev; @@ -327,12 +325,19 @@ static BOOL chat_with_program(char *passwordprogram, char *name, int wstat; BOOL chstat = False; + if (pass == NULL) + { + DEBUG(0, + ("chat_with_program: user doesn't exist in the UNIX password database.\n")); + return False; + } + /* allocate a pseudo-terminal device */ if ((master = findpty(&slavedev)) < 0) { DEBUG(3, ("Cannot Allocate pty for password change: %s\n", - name)); + pass->pw_name)); return (False); } @@ -347,7 +352,7 @@ static BOOL chat_with_program(char *passwordprogram, char *name, { DEBUG(3, ("Cannot fork() child for password change: %s\n", - name)); + pass->pw_name)); close(master); CatchChild(); return (False); @@ -360,7 +365,7 @@ static BOOL chat_with_program(char *passwordprogram, char *name, { DEBUG(3, ("Child failed to change password: %s\n", - name)); + pass->pw_name)); kill(pid, SIGKILL); /* be sure to end this process */ } @@ -426,10 +431,10 @@ static BOOL chat_with_program(char *passwordprogram, char *name, become_root(); DEBUG(3, - ("Dochild for user %s (uid=%d,gid=%d)\n", name, + ("Dochild for user %s (uid=%d,gid=%d)\n", pass->pw_name, (int)getuid(), (int)getgid())); chstat = - dochild(master, slavedev, name, passwordprogram, + dochild(master, slavedev, pass, passwordprogram, as_root); if (as_root) @@ -448,19 +453,20 @@ static BOOL chat_with_program(char *passwordprogram, char *name, if (chstat) DEBUG(3, ("Password change %ssuccessful for user %s\n", - (chstat ? "" : "un"), name)); + (chstat ? "" : "un"), pass->pw_name)); return (chstat); } -BOOL chgpasswd(char *name, char *oldpass, char *newpass, BOOL as_root) +BOOL chgpasswd(const char *name, const char *oldpass, const char *newpass, BOOL as_root) { pstring passwordprogram; pstring chatsequence; size_t i; size_t len; - strlower(name); + struct passwd *pass; + DEBUG(3, ("Password change for user: %s\n", name)); #if DEBUG_PASSWORD @@ -505,6 +511,8 @@ BOOL chgpasswd(char *name, char *oldpass, char *newpass, BOOL as_root) return False; } } + + pass = Get_Pwnam(name); #ifdef WITH_PAM if (lp_pam_password_change()) { @@ -513,8 +521,12 @@ BOOL chgpasswd(char *name, char *oldpass, char *newpass, BOOL as_root) if (as_root) become_root(); - ret = smb_pam_passchange(name, oldpass, newpass); - + if (pass) { + ret = smb_pam_passchange(pass->pw_name, oldpass, newpass); + } else { + ret = smb_pam_passchange(name, oldpass, newpass); + } + if (as_root) unbecome_root(); @@ -522,6 +534,16 @@ BOOL chgpasswd(char *name, char *oldpass, char *newpass, BOOL as_root) } #endif + /* A non-PAM password change just doen't make sense without a valid local user */ + + if (pass == NULL) + { + DEBUG(0, + ("chgpasswd: user %s doesn't exist in the UNIX password database.\n", + name)); + return False; + } + pstrcpy(passwordprogram, lp_passwd_program()); pstrcpy(chatsequence, lp_passwd_chat()); @@ -553,12 +575,12 @@ the string %%u, and the given string %s does not.\n", passwordprogram )); all_string_sub(chatsequence, "%o", oldpass, sizeof(pstring)); all_string_sub(chatsequence, "%n", newpass, sizeof(pstring)); return (chat_with_program - (passwordprogram, name, chatsequence, as_root)); + (passwordprogram, pass, chatsequence, as_root)); } #else /* ALLOW_CHANGE_PASSWORD */ -BOOL chgpasswd(char *name, char *oldpass, char *newpass, BOOL as_root) +BOOL chgpasswd(const char *name, const char *oldpass, const char *newpass, BOOL as_root) { DEBUG(0, ("Password changing not compiled in (user=%s)\n", name)); return (False); diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 3150253dab..7ade1e6d47 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1954,7 +1954,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param /* * Do any UNIX username case mangling. */ - passwd = Get_Pwnam( user, True); + passwd = Get_Pwnam_Modify( user ); /* * Attempt to verify the old password against smbpasswd entries @@ -2082,7 +2082,7 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * /* * Do any UNIX username case mangling. */ - (void)Get_Pwnam( user, True); + (void)Get_Pwnam_Modify( user ); if (pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL)) { diff --git a/source3/smbd/password.c b/source3/smbd/password.c index b1739d9bb6..e8f40f1fa3 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -276,7 +276,7 @@ void add_session_user(char *user) fstring suser; StrnCpy(suser,user,sizeof(suser)-1); - if (!Get_Pwnam(suser,True)) return; + if (!Get_Pwnam_Modify(suser)) return; if (suser && *suser && !in_list(suser,session_users,False)) { @@ -551,7 +551,7 @@ and given password ok (%s)\n", user)); if (!ok && GUEST_OK(snum)) { fstring guestname; StrnCpy(guestname,lp_guestaccount(snum),sizeof(guestname)-1); - if (Get_Pwnam(guestname,True)) { + if (Get_Pwnam(guestname)) { fstrcpy(user,guestname); ok = True; DEBUG(3,("authorise_login: ACCEPTED: guest account and guest ok (%s)\n", diff --git a/source3/smbd/service.c b/source3/smbd/service.c index a871192ad5..37f4610b9d 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -450,7 +450,7 @@ connection_struct *make_connection(char *service,char *password, /* Allow %S to be used by force user. */ pstring_sub(fuser,"%S",service); - pass2 = (struct passwd *)Get_Pwnam(fuser,True); + pass2 = (struct passwd *)Get_Pwnam_Modify(fuser); if (pass2) { conn->uid = pass2->pw_uid; conn->gid = pass2->pw_gid; diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 2151068de5..ae287cca76 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -36,7 +36,7 @@ BOOL change_to_guest(void) static fstring guest_name; if (!pass) { - pass = Get_Pwnam(lp_guestaccount(-1),True); + pass = Get_Pwnam(lp_guestaccount(-1)); if (!pass) return(False); guest_uid = pass->pw_uid; |