summaryrefslogtreecommitdiff
path: root/source3/utils/smbpasswd.c
AgeCommit message (Collapse)AuthorFilesLines
1998-11-12extracted the password change code from smbpasswd and used it in swatAndrew Tridgell1-218/+0
instead of opening pipes and other horrible stuff. (This used to be commit 49bf19710345a59a2d17cd449be1a132885ed821)
1998-11-12char -> uchar fixAndrew Tridgell1-1/+1
(This used to be commit badc0f229a2940560b56aafde9824f1b4bd0f7c7)
1998-11-12largely rewrote smbpasswd so that the code is understandable. ThisAndrew Tridgell1-637/+679
should allow us to call a function in swat rather than piping to smbpasswd. while doing this I also fixed quite a few "const char *" versus "char *" issues that cropped up while using const to track down bugs in the code. This led to changes in several generic functions. The smbpasswd changes should be correct but they have not been extensively tested. At least if I have introduced bugs then we should be able to fix them more easily than before. (This used to be commit 713864dd0322ae2ae2d83e333d85be35a7eed4ec)
1998-11-09converted smbclient to use clientgen.c rather than clientutil.cAndrew Tridgell1-1/+1
I did this when I saw yet another bug report complaining about smbclient intermittently missing files. Rather than applying more patches to smbclient it was better to move to the more robust clientgen.c code. The conversion wasn't perfect, I probably lost some features of smbclient while doing it, but at least smbclient should be consistent now. It if fails it should _always_ fail rather than giving people the false impression of a reliable utility. the tar stuff seems to work, but hasn't had much testing as I never use it myself. I'm sure someone will find bugs in my conversion of smbtar.c. It was quite tricky as it did a lot of its own SMB calls. It now uses clientgen.c exclusively. smbclient is still quite messy, but at least it doesn't build its own SMB packets. I haven't touched smbmount as I never use it. Mike, do you want to convert smbmount to use clientgen.c? (This used to be commit e14ca7765ace1b721dad8eca4a527a4e4a8f1ab8)
1998-11-07codepages/codepage_def.936: Updated comment.Jeremy Allison1-3/+3
param/loadparm.c: Removed "networkstation user login", "domain controller", and "domain sid" parameters. passdb/passdb.c: Removed "networkstation user login" code and changed bug test code to only check once for a bad password server. This will stop the complaints of many "bad login" audit records in NT PDC logs. utils/smbpasswd.c: Removed check for "domain controller". Jeremy. (This used to be commit d6e6e936b5dd90dd8fc38d9404efbe5c546c15e5)
1998-11-06lib/charcnv.c: Improved debug comment.Jeremy Allison1-8/+10
libsmb/namequery.c: Fix to remove 2 second wait is we are doing a unicast and got a reply. smbd/dfree.c: smbd/noquotas.c: smbd/quotas.c: Fixes from Dejan Ilic <svedja@lysator.liu.se> for the quota code. utils/smbpasswd.c: Fixes to allow smbpasswd to be called from swat. Jeremy. (This used to be commit b5981c0149ad8c6f13ea87db450080616538b5d5)
1998-11-04Added scripting option (-s) to smbpasswd.Jeremy Allison1-10/+73
Jeremy. (This used to be commit 4f87a8cf994d7f3287b0fd1720624bf705cfa1da)
1998-10-30Fix suggested by Nicholas.S.Jenkins@cdc.com - connect to theJeremy Allison1-2/+7
password change server as anonymous - you don't need to have logged on as the user to do the password change. Doh ! (Why didn't *I* think of that one.... :-). Jeremy. (This used to be commit dd3bb250a6fb6020d32ea35d7a3d3301d7f9764b)
1998-10-04- modified resolve_name() to take a name_typeAndrew Tridgell1-1/+1
- cleaned up resolve_name() (split into separate functions for each resolver) - if can't find local master then use #1B name - support listing of foreign workgroups in /smb/ (This used to be commit a4e607c17d1119925c9d0e1d05e0fe81e9a2d1aa)
1998-10-02- static function "create_new_hashes" was identical to "nt_lm_owf_gen".Luke Leighton1-23/+2
create_new_hashes didn't zero the buffer for the md4hash: nt_lm_owf_gen did, because jeremy sorted this out a couple of days ago. call nt_lm_owf_gen instead. - call SMBOWFencrypt from SMBencrypt and SMBNTencrypt. - added #ifdef DEBUG_PASSWORD debug password calls. (This used to be commit a4e7cc3e46b713aa0ae55de74a1c70921bef578d)
1998-09-27Fixed up more possibly uninitialized variables.Richard Sharpe1-1/+1
Now only two compilation warnings seem to be left. Luke may want to check the changes I made. (This used to be commit 2456c95c1664a57aa939695c884ec666ec8168ec)
1998-09-25Makefile.in: Fixed bug with continuation line causing proto to fail.Jeremy Allison1-2/+6
Added $(PROGS) $(SPROGS) as targets for make clean. acconfig.h: Added HAVE_IRIX_SPECIFIC_CAPABILITIES. configure.in: Added sys/capability.h header check. Added function checks for srandom random srand rand. Added HAVE_IRIX_SPECIFIC_CAPABILITIES test. includes.h: Added #include <sys/capability.h>. ntdomain.h: Moved struct acct_info into here from smb.h smb.h: Added KERNEL_OPLOCK_CAPABILITY define. Moved enum action_type into rpcclient.h Moved struct cli_state into client.h Moved struct nt_client_info, struct tar_client_info, struct client_info into rpcclient.h lib/genrand.c: Changed to use sys_random() & friends. lib/smbrun.c: Lose capabilities after fork. lib/system.c: Added set_process_capability(), set_inherited_process_capability() sys_random(), sys_srandom(). lib/util.c: Added Ander's EFBIG lock check to fcntl_lock for 64 bit access to an 32 bit mounted NFS filesystem. nmbd/nmbd.c: Changed to use sys_random() & friends. nmbd/nmbd_browsesync.c: Changed to use sys_random() & friends. passdb/ldap.c: Missed one pdb_encode_acct_ctrl call. passdb/passdb.c: Changed to Ander's code for ' ' characters. passdb/smbpass.c: Added Ander's code to reset ACB_PWNOTREQ. script/mkproto.awk: Added 'long' to prototypes. smbd/chgpasswd.c: Lose capabilities after fork. smbd/open.c: Do the mmap *after* the kernel oplock. smbd/oplock.c: Removed stub code from kernel oplock path. Added set_process_capability(), set_inherited_process_capability() calls. smbd/reply.c: Initialize count = 0, offset = 0. smbd/server.c: Added set_process_capability(), set_inherited_process_capability() calls. tests/summary.c: Ensure we have RANDOM or RAND. utils/smbpasswd.c: Added Ander's code to reset ACB_PWNOTREQ. utils/torture.c: Changed to use sys_random() & friends. Jeremy. (This used to be commit e8be306f23963ac00b1a383ebe0cc1421529fb02)
1998-09-25added wksinfo command to rpcclient, which don't work too good.Luke Leighton1-0/+1
(This used to be commit 8d23da91cbd74a45a5b030688fd89d88a25738dc)
1998-09-25added rpcclient programLuke Leighton1-1/+7
(This used to be commit aa38f39d67fade4dfd7badb7a9b39c833a1dd1ca)
1998-09-24Integration of Anders Blomdell <anders.blomdell@control.lth.se>'sJeremy Allison1-48/+90
smbpasswd changes. Not exactly the same as his code - several changes. Jeremy. (This used to be commit e96747a8e3b9ea5a79c4258e55d7e8f3bf0bf193)
1998-09-05some cleanups to use ZERO_STRUCT() and friendsAndrew Tridgell1-1/+1
(This used to be commit 7b154dc4313324dfad6cf0117b8ce246bf12bf16)
1998-07-14loadparm.c:Jeremy Allison1-10/+15
With apologies to Charlton Heston and Pierre Boule. "You damn fools, you finally did it". Changed default security mode to be security=user. Yes this is a big (although small in code) change. It's something we've been discussing for a while, to finally wean people off the legacy security=share mode which is *never* what you want. Jeremy. nmbd_incomingrequests.c: Bug fix for nmbd core dumps caused by overrun. Found by <samuel@public.szonline.net>. nttrans.c: More NT smb stuff. reply.c: Unlink will overwrite an existing file. Well you learn something new about POSIX every day. :-). server.c: Tidyup unreadable code. smbpasswd.c: Code to allow -U remote_username to allow ordinary users to change remote passwords if their NT username is different from their UNIX username. Patch from <torbjorn.lindh@allgon.se>. Jeremy. (This used to be commit 4eccb47cfb3c8907a6558b6ea9a02b0184458e34)
1998-05-27loadparm.c: Added machine password timeout parameter - set to 7 days be default.Jeremy Allison1-165/+27
password.c: Added code to tell server.c when machine password needs changing. server.c: Change machine password in idle cycles if it needs it. smbpassfile.c: Fixed up length calculations for machine password file. smbpasswd.c: Moved domain joining code/machine password changing code. lib/rpc/client/cli_netlogon.c: And this is where it now lives. Jeremy. (This used to be commit b8fedca6191de96159df0d1d17082d82e8e44773)
1998-05-18Abstracted all the crappy password interfaces through an indirectJeremy Allison1-0/+6
function table, selectable at compile time. This should make the code that implements all the password functions much cleaner, as it's now very clear exactly what a particular password database needs to provide to Samba. Jeremy. (This used to be commit 27ca536ad974242524c12f7100e419d9e7f9647f)
1998-05-18chgpasswd.c: Changed back to getsmb... from getsam...Jeremy Allison1-10/+10
ldap.c: Stoped dummy_function being prototyped. loadparm.c: Fixed slprintf sizes. nisppass.c: Fixed safe_strcpy sizes. nmbd_processlogon.c: Changed back to getsmb... from getsam... nttrans.c: Just a dump of new code. passdb.c: Moved stuff around a lot - stopped any lookups by rid. This needs to be indirected through a function table (soon). password.c: Changed back to getsmb... from getsam... reply.c: Changed back to getsmb... from getsam... slprintf.c: Fixed prototype problems. smb.h: Fixed prototype problems. smbpass.c: Changed to getsmbfile.... smbpasswd.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup. lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam... Jeremy. (This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
1998-05-15Change getpwnam to Get_Pwnam(xx , True) to allow lazy matchingJeremy Allison1-1/+1
in /etc/passwd. Fix from "Mike Black" <mblack@csihq.com>. Jeremy. (This used to be commit 0146883f8568de4642087bb769b0381c3217d792)
1998-05-12This is a security audit change of the main source.Jeremy Allison1-2/+2
It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
1998-05-11reply.c: Added code to not overwrite sesssetup_user when in share level securityJeremy Allison1-1/+1
and null session setup done. smbpasswd.c: Fix from Gerald Carter <cartegw@Eng.Auburn.EDU> to fix incorrect use of pointer. Jeremy. (This used to be commit 69ace0760986a6e892cd5b25ca85930b65e38c45)
1998-05-11ldap back-end database developmentLuke Leighton1-24/+24
Makefile: created PASSBD_OBJ group includes.h: added #ifdef USE_LDAP to #include <ldap> headers ldap.c: - renamed "_machine" to "_trust" everywhere. - added sam_passwd support routines - removed get_ldappwd_entry function: replaced with get_sampwd_entry - removed getldappwnam/uid: replaced with getsampwnam/uid - other messing about bits which are probably going to annoy the hell out of jean-francois (sorry!) mkproto.awk: - added stuff to wrap ldap.c protos with #ifdef USE_LDAP - added uid_t and gid_t return results to the prototype generation passdb.c: - created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry. - modified getsampwnam/uid and created getsam21pwnam/rid functions to replace the local get_smbpwd_entry() and get_ldappwd_entry() functions, which jeremy didn't like anyway because they were dual-purpose. - added utility routines which are or may be useful to all the password database routines. password.c: - renamed "machine_" to "trust_" everywhere. smbpass.c: - removed get_smbpwd_entry function: replaced it with get_sampwd_entry functions in passdb.c - moved code that decoded acct_ctrl into passdb.c - moved encode_acct_ctrl into passdb.c - removed getsmbpwnam/uid: replaced with getsampwnam/uid - renamed "machine_" to "trust_" everywhere. smbpasswd.c: - renamed "machine_" to "trust_" everywhere. util.c: - moved gethexpwd function into passdb.c lib/rpc/server/srv_util.c: - moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c (This used to be commit 673ab50c4c2c25db355d90efde3a6bfbb4d8369e)
1998-05-11changed to use slprintf() instead of sprintf() just aboutAndrew Tridgell1-1/+1
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
1998-05-07moving gethexpwd into util.c, because it's used in both smbpass.c and ldap.cLuke Leighton1-10/+10
(This used to be commit abe261b2f5ea7036e7be6230876176d134ef4ee4)
1998-05-07Fixed changed calls to machine password locking code.Jeremy Allison1-5/+4
Jeremy. (This used to be commit dfdc9b0b1e47717b83e54f1cf726e40122cf9baf)
1998-04-30Added patch from Bruce Tenison <btenison@dibbs.net> to allow encryptedJeremy Allison1-1/+1
passwords to be stored over time, allowing a smbpasswd file migration. Adds new parameter "update encrypted". Will also add to 1.9.18 branch. Docs update to follow. Jeremy. (This used to be commit 5d3e874d780d595415cc27a7f5945fc2e694c3ac)
1998-04-29Makefile: Added files to smbpasswd.c.Jeremy Allison1-16/+266
loadparm.c: Patch from tim@quiknet.com for static string problems. server.c: Setup global_myname. smbpass.c: Fix up locking. Add machine_password_delete() call. smbpasswd.c: Added provisional code to add to a domain. lib/rpc/client/cli_login.c: Fixed incorrect cred_hash3 call when setting machine password. lib/rpc/server/srv_netlog.c: Fixed incorrect cred_hash3 call when setting machine password. Jeremy. (This used to be commit 6a7164233e3bf9d6bb57c44a53204068e454ae5c)
1998-04-25This looks like a big change but really isn't.Jeremy Allison1-3/+4
It is changing the global variables "myname" and "myworkgroup" to "global_myname" and "global_myworkgroup" respectively. This is to make it very explicit when we are messing with a global (don't ask - it makes the domain client code much clearer :-). Jeremy. (This used to be commit 866406bfe399cf757c8275093dacd5ce4843afa0)
1998-04-23clientgen.c: Added rap error codes to cli_error, moved from smbpasswd.cJeremy Allison1-60/+6
password.c: Changed global cli -> pw_cli, removed strtok (bad strtok, bad :-) use in security=server, started to extend security=domain code. smbpasswd.c: Removed rap error code functions. Jeremy. (This used to be commit 0f00b8fce1a5cad7f8c212568fa33f09986e5bd6)
1998-04-18includes.h: Added John's redhat fix for QSORT_CAST.Jeremy Allison1-529/+56
smbpass.c: Added lock depth code so calls to pw_file_lock() can be nested. Fixed codedump problems in add_smbpwd_entry(). smbpasswd.c: Removed all the code that manipulated the password file directly. Now *all* smbpasswd file changes are done through the interfaces defined in smbpass.c This should make the life of people adding alternate backend databases *much* easier. lib/rpc/server/srv_netlog.c: Removed debug messages used to debug machine password changing. Jeremy. (This used to be commit c9f61be08f3691a6421734d8b026a295d9cbd6ba)
1998-04-17Changing of machine passwords now works !!!!!!Jeremy Allison1-11/+22
smbdes.c: Added cred_hash3. smbpasswd.c: Fixes for adding a machine account (needs more work). lib/rpc/server/srv_netlog.c: Turn on the machine password changing code by default (calls cred_hash3). Jeremy. (This used to be commit 50aa513b969c6e41911aeee8207b065f93af0beb)
1998-04-15ipc.c: Fix for printer queue spinning with Win95.Jeremy Allison1-43/+46
nmbd.c: Fix for always overwriting log despite append setting. smb.h: Addition of last time password changed entry to account info. smbpass.c: Changes to support last time changed field in smbpasswd file. smbpasswd.c: Changes to support last time changed field in smbpasswd file. util.c: Fix for always overwriting log despite append setting. Jeremy. (This used to be commit eb4fe9ecdf539209efab07dc992447ea7370cf93)
1998-04-14Modified interfaces to getting smb password entries fromJeremy Allison1-4/+4
get_smbpwd_entry (now an internal function to smbpass.c) to a more UNIX-like : getsmbpwnam() - get entry by name. getsmbpwuid() - get entry by uid. Changed the type returned by the smbpasswd enumeration functions to be a void * so that people don't come to depend on it being a FILE *. These abstractions should make it much easier to replace the smbpasswd file with a better backend in future. Other files changed are to match the above changes. Jeremy. (This used to be commit 1161cfb7f2b0d5a6d3e2b524a14a6f325ce70efb)
1998-04-09Makefile, loadparm.c, server.c, smb.h, util.c: Patch fromJeremy Allison1-1/+1
stn@techfak.uni-kiel.de (Stefan Nehlsen) to get homes from the NIS+ map. smbpasswd.c: Tidy up of cli_state structure. Jeremy. (This used to be commit fc2295e0f5729585fdb3ee47edb290851d4071c5)
1998-04-07Added check for getpwnam returning NULL.Jeremy Allison1-3/+7
Jeremy. (This used to be commit 81cbfaacb11747830354f4a58be441015fe19ba8)
1998-03-30Added extra remote password changing error codes from lmerr.h on NT.Jeremy Allison1-2/+5
Jeremy. (This used to be commit 38391b51cd9e1e9fc7e4b77335ed2c7f6befc8c6)
1998-03-26client.c: Fixed problem where debug level on command line was overridden by ↵Jeremy Allison1-34/+58
smb.conf. smbpasswd.c: Removed bugs I put in yesterday (thanks Luke :-) and added error message reporting for remote password changing. Jeremy. (This used to be commit 6a3394a285a250d1029cdd545dd0bf832284555a)
1998-03-26Added the ability to differentiate between workstation and serverJeremy Allison1-10/+13
accounts when adding machine account types. Jeremy. (This used to be commit a402b5070f72d7a6948cc9885228efae16f6617d)
1998-03-26smbpass.c: Made unknown accounts ending in '$' server accounts, notJeremy Allison1-5/+29
workstation. smbpasswd.c: Added code to count down from last machine account to add correct uid when adding a machine account. Jeremy. (This used to be commit 0601a41993d6ea4fb2a186b7ca55b2f3a6f6a53d)
1998-03-24Added writing of '[XXX]' account control bits into gcosJeremy Allison1-6/+49
field when adding a user via smbpasswd. Jeremy. (This used to be commit 607c64fadbf8c33459444466630f676800cba5ee)
1998-03-24Updated smbpasswd to allow root to add machine accounts, and allowJeremy Allison1-50/+229
root to disable users and set them to "NO PASSWORD". Not quite finished with machine account stuff yet, but everything compiles. Jeremy. (This used to be commit c66966ff00b0968f765e62b679279b7417988df9)
1998-03-24clientgen.c ipc.c smbpasswd.c: Fixes for warnings (from Herb).Jeremy Allison1-4/+35
quotas.c: Linux quota fix. util.c: Ensure smb_read_error is zero in all calls that can set it. lib/rpc/include/rpc_misc.h lib/rpc/include/rpc_netlogon.h lib/rpc/parse/parse_misc.c lib/rpc/parse/parse_net.c lib/rpc/server/srv_netlog.c : Modify Luke's code to call SamOEMhash(). Jeremy. (This used to be commit 7f749708383b8b36c3f23a5fbc5cbdf39bc8e555)
1998-03-19Adding the same changes to HEAD as were added to BRANCH_1_9_18.Jeremy Allison1-132/+247
Changed smbpasswd to be client-server for a normal user, rather than accessing the private/smbpasswd file directly (it still accesses this file directly when run as root, so root can add users/change a users password without knowing the old password). A shakeout of this change is that smbpasswd can now be used to change a users password on a remote NT machine (yep - you heard that one right - we can now change a NT password from UNIX !!!!!). Jeremy. (This used to be commit 20770b6f1c25288e90d3e0d215afa7f0809ce124)
1998-03-11"For I have laboured mightily on Luke's code, and hath brokenJeremy Allison1-1/+1
all I saw" - the book of Jeremy, chapter 1 :-). So here is the mega-merge of the NTDOM branch server code. It doesn't include the new client side pieces, we'll look at that later. This should give the same functionality, server wise, as the NTDOM branch does, only merged into the main branch. Any fixes to domain controler functionality should be added to the main branch, not the NTDOM branch. This code compiles without warnings on gcc2.8, but will need further testing before we are sure all the working functionality of the NTDOM server branch has been correctly carried over. I hereby declare the server side of the NTDOM branch dead (and all who sail in her :-). Jeremy. (This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7)
1998-01-22This is *not* a big change (although it looks like one).Jeremy Allison1-1/+1
This is merely updating the Copyright statements from 1997 to 1998. It's a once a year thing :-). NO OTHER CHANGES WERE MADE. Jeremy. (This used to be commit b9c16977231efb274e08856f7f3f4408dad6d96c)
1997-10-31- cleanup some warningsAndrew Tridgell1-1/+1
- redo the prototypes (This used to be commit 31dcb51e05914d49d81a3faef354aaf0ab9fa63f)
1997-10-28fix castAndrew Tridgell1-1/+1
(This used to be commit af13f5e1788b6f81cfcdaeb85dc709458e3d4816)
1997-10-13reverted a change made by Luke at his request.Andrew Tridgell1-2/+2
Luke, when you don't know what has been changed in the CVS tree I highly recommend you point your browser at: http://samba.anu.edu.au/cgi-bin/cvsweb/samba/source If you click on a filename you can then see all the commits and changes that have been made to it over time. You can also download any version of the file or find the differences between any two versions. All of this is not dependent on the state of your local CVS sandbox, so it can be used to find out the "true" state of the tree at any time. If you suspect some sort of CVS problem (like a change getting reverted) then please use the above URL to work out what has happened. You should be able to see exactly who made what changes and when. (This used to be commit 3fc48246ee0d89ad2f10f050d2d68af53446129f)