From 6ad80352dd2523c310258de3211a2af0f1763d2a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 12 Aug 2001 11:19:57 +0000 Subject: This patch does a number of things, mostly smaller than they look :-) In particuar, it moves the domain_client_validate stuff out of auth_domain.c to somwhere where they (I hope) they can be shared with winbind better. (This may need some work) The main purpose of this patch was however to improve some of the internal documentation and to correctly place become_root()/unbecome_root() calls within the code. Finally this patch moves some more of auth.c into other files, auth_unix.c in this case. Andrew Bartlett (This used to be commit ea1c547ac880def29f150de2172c95213509350e) --- source3/auth/auth_unix.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 source3/auth/auth_unix.c (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c new file mode 100644 index 0000000000..89e670747f --- /dev/null +++ b/source3/auth/auth_unix.c @@ -0,0 +1,85 @@ +/* + Unix SMB/Netbios implementation. + Version 2.2 + Password and authentication handling + Copyright (C) Andrew Bartlett 2001 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +extern int DEBUGLEVEL; + +/**************************************************************************** +update the encrypted smbpasswd file from the plaintext username and password + +this ugly hack needs to die, but not quite yet... +*****************************************************************************/ +static BOOL update_smbpassword_file(char *user, char *password) +{ + SAM_ACCOUNT *sampass = NULL; + BOOL ret; + + pdb_init_sam(&sampass); + + become_root(); + ret = pdb_getsampwnam(sampass, user); + unbecome_root(); + + if(ret == False) { + DEBUG(0,("pdb_getsampwnam returned NULL\n")); + pdb_free_sam(sampass); + return False; + } + + /* + * Remove the account disabled flag - we are updating the + * users password from a login. + */ + pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED); + + /* Here, the flag is one, because we want to ignore the + XXXXXXX'd out password */ + ret = change_oem_password( sampass, password, True); + if (ret == False) { + DEBUG(3,("change_oem_password returned False\n")); + } + + pdb_free_sam(sampass); + return ret; +} + + +/**************************************************************************** +check if a username/password is OK assuming the password +in PLAIN TEXT +****************************************************************************/ + +uint32 check_unix_security(const auth_usersupplied_info *user_info, auth_serversupplied_info *server_info) +{ + uint32 nt_status; + + become_root(); + nt_status = (pass_check(user_info->smb_username.str, user_info->plaintext_password.str, + user_info->plaintext_password.len, + lp_update_encrypted() ? update_smbpassword_file : NULL) + ? NT_STATUS_NOPROBLEMO : NT_STATUS_LOGON_FAILURE); + unbecome_root(); + + return nt_status; +} + + -- cgit From b031af348c7dcc8c74bf49945211c466b8eca079 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 27 Aug 2001 19:46:22 +0000 Subject: converted another bunch of stuff to NTSTATUS (This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e) --- source3/auth/auth_unix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 89e670747f..fda44fd91c 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -76,7 +76,7 @@ uint32 check_unix_security(const auth_usersupplied_info *user_info, auth_servers nt_status = (pass_check(user_info->smb_username.str, user_info->plaintext_password.str, user_info->plaintext_password.len, lp_update_encrypted() ? update_smbpassword_file : NULL) - ? NT_STATUS_NOPROBLEMO : NT_STATUS_LOGON_FAILURE); + ? NT_STATUS_OK : NT_STATUS_LOGON_FAILURE); unbecome_root(); return nt_status; -- cgit From 19fea3242cf6234786b6cbb60631e0071f31ff9f Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 4 Sep 2001 07:13:01 +0000 Subject: the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66) --- source3/auth/auth_unix.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index fda44fd91c..1708320961 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -68,9 +68,9 @@ check if a username/password is OK assuming the password in PLAIN TEXT ****************************************************************************/ -uint32 check_unix_security(const auth_usersupplied_info *user_info, auth_serversupplied_info *server_info) +NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serversupplied_info *server_info) { - uint32 nt_status; + NTSTATUS nt_status; become_root(); nt_status = (pass_check(user_info->smb_username.str, user_info->plaintext_password.str, -- cgit From b800a36b1c81fb37ca963acdc49978ff065fb0d7 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 12 Sep 2001 06:39:50 +0000 Subject: Some patches to authentication: - the usersupplied_info now contains a smb_username (as it comes across on the wire) and a unix_username (after being passed through mapping functions) - when doing security={server,domain} use the smb_username, otherwise use the unix_username (This used to be commit d34fd8ec0716127c7a68eeb8e77d1ae8cc07b547) --- source3/auth/auth_unix.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 1708320961..ea32a65457 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -73,9 +73,11 @@ NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serve NTSTATUS nt_status; become_root(); - nt_status = (pass_check(user_info->smb_username.str, user_info->plaintext_password.str, + nt_status = (pass_check(user_info->unix_username.str, + user_info->plaintext_password.str, user_info->plaintext_password.len, - lp_update_encrypted() ? update_smbpassword_file : NULL) + lp_update_encrypted() ? + update_smbpassword_file : NULL) ? NT_STATUS_OK : NT_STATUS_LOGON_FAILURE); unbecome_root(); -- cgit From 6adafe50d4a9a75a6fe1f666232e0af1ac717513 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 19 Sep 2001 05:26:11 +0000 Subject: Remove the ugly hacks to get around the Get_Pwnam() calls in pass_check.c by simply not doing Get_Pwnam() calls in pass_check.c We now make *one* sys_getpnam() call in cgi.c and we always call PAM no matter what it returns. We also no longer run the password cracker for these logins. The truly parinod will note the slight difference in call paths, in that we only call crypt for valid password structs (if not --with-pam). The truly parinoid don't run SWAT either, so I don't think this is an issue. Andrew Bartlett (This used to be commit 9020d884935243f28c19cedc88f076f0709e12cb) --- source3/auth/auth_unix.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index ea32a65457..7c6c58cafa 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -71,13 +71,19 @@ in PLAIN TEXT NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serversupplied_info *server_info) { NTSTATUS nt_status; - + struct passwd *pass = NULL; + become_root(); - nt_status = (pass_check(user_info->unix_username.str, - user_info->plaintext_password.str, + + pass = Get_Pwnam(user_info->unix_username.str, False); + + nt_status = (pass_check(pass, + user_info->unix_username.str, + user_info->plaintext_password.str, user_info->plaintext_password.len, lp_update_encrypted() ? - update_smbpassword_file : NULL) + update_smbpassword_file : NULL, + True) ? NT_STATUS_OK : NT_STATUS_LOGON_FAILURE); unbecome_root(); -- cgit From 395454db5d7e911ea418b88250778749463f7247 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 20 Sep 2001 03:31:57 +0000 Subject: Fix for MiXed and UPPER case usernames with plaintext PAM passwords. (This used to be commit ba1b411f556bfac8b953c44c81257c7d8fb9817d) --- source3/auth/auth_unix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 7c6c58cafa..4740f7fb0d 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -78,7 +78,7 @@ NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serve pass = Get_Pwnam(user_info->unix_username.str, False); nt_status = (pass_check(pass, - user_info->unix_username.str, + pass ? pass->pw_name : user_info->unix_username.str, user_info->plaintext_password.str, user_info->plaintext_password.len, lp_update_encrypted() ? -- cgit From fa6713bf8b121a45e59235786eec3cee29e92e67 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 20 Sep 2001 13:15:35 +0000 Subject: Move pass_check.c over to NTSTATUS, allowing full NTSTATUS from PAM to wire! Add the ability for swat to run in non-root-mode (ie non-root from inetd). - we still need some of the am_root() calls fixed however. (This used to be commit 2c2317c56ee13abdbdbc866363c3b52dab826e3c) --- source3/auth/auth_unix.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 4740f7fb0d..5582682d98 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -77,14 +77,14 @@ NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serve pass = Get_Pwnam(user_info->unix_username.str, False); - nt_status = (pass_check(pass, + nt_status = pass_check(pass, pass ? pass->pw_name : user_info->unix_username.str, user_info->plaintext_password.str, user_info->plaintext_password.len, lp_update_encrypted() ? update_smbpassword_file : NULL, - True) - ? NT_STATUS_OK : NT_STATUS_LOGON_FAILURE); + True); + unbecome_root(); return nt_status; -- cgit From 81697d5ebe33ad95dedfc376118fcdf0367cf052 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 29 Sep 2001 13:08:26 +0000 Subject: Fix up a number of intertwined issues: The big one is a global change to allow us to NULLify the free'ed pointer to a former passdb object. This was done to allow idra's SAFE_FREE() macro to do its magic, and to satisfy the input test in pdb_init_sam() for a NULL pointer to start with. This NULL pointer test was what was breaking the adding of accounts up until now, and this code has been reworked to avoid duplicating work - I hope this will avoid a similar mess-up in future. Finally, I fixed a few nasty bugs where the pdb_ fuctions's return codes were being ignored. Some of these functions malloc() and are permitted to fail. Also, this caught a nasty bug where pdb_set_lanman_password(sam, NULL) acheived precisely didilly-squat, just returning False. Now that we check the returns this bug was spotted. This could allow different LM and NT passwords. - the pdbedit code needs to start checking these too, but I havn't had a chance to fix it. I have also fixed up where some of the password changing code was using the pdb_set functions to store *internal* data. I assume this is from a previous lot of mass conversion work... Most likally (and going on past experience) I have missed somthing, probably in the LanMan password change code which I havn't yet been able to test, but this lot is in much better shape than it was before. If all this is too much to swallow (particularly for 2.2.2) then just adding a sam_pass = NULL to the particular line of passdb.c should do the trick for the ovbious bug. Andrew Bartlett (This used to be commit 762c8758a7869809d89b4da9c2a5249678942930) --- source3/auth/auth_unix.c | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 5582682d98..0d73988d8a 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -31,7 +31,7 @@ this ugly hack needs to die, but not quite yet... static BOOL update_smbpassword_file(char *user, char *password) { SAM_ACCOUNT *sampass = NULL; - BOOL ret; + BOOL ret; pdb_init_sam(&sampass); @@ -41,7 +41,7 @@ static BOOL update_smbpassword_file(char *user, char *password) if(ret == False) { DEBUG(0,("pdb_getsampwnam returned NULL\n")); - pdb_free_sam(sampass); + pdb_free_sam(&sampass); return False; } @@ -49,16 +49,32 @@ static BOOL update_smbpassword_file(char *user, char *password) * Remove the account disabled flag - we are updating the * users password from a login. */ - pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED); + if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED)) { + pdb_free_sam(&sampass); + return False; + } + + if (!pdb_set_plaintext_passwd (sampass, password)) { + pdb_free_sam(&sampass); + return False; + } - /* Here, the flag is one, because we want to ignore the + /* Now write it into the file. */ + become_root(); + + /* Here, the override flag is True, because we want to ignore the XXXXXXX'd out password */ - ret = change_oem_password( sampass, password, True); - if (ret == False) { - DEBUG(3,("change_oem_password returned False\n")); + ret = pdb_update_sam_account (sampass, True); + + unbecome_root(); + + if (ret) { + DEBUG(3,("pdb_update_sam_account returned %d\n",ret)); } - pdb_free_sam(sampass); + memset(password, '\0', strlen(password)); + + pdb_free_sam(&sampass); return ret; } -- cgit From dc1fc3ee8ec2199bc73bb5d7ec711c6800f61d65 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 2 Oct 2001 04:29:50 +0000 Subject: Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header. (This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e) --- source3/auth/auth_unix.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 0d73988d8a..2f9034e3e5 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -21,8 +21,6 @@ #include "includes.h" -extern int DEBUGLEVEL; - /**************************************************************************** update the encrypted smbpasswd file from the plaintext username and password @@ -105,5 +103,3 @@ NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serve return nt_status; } - - -- cgit From 2038649e51f48a489aeec49947e1b791f0b3df43 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 29 Oct 2001 07:28:32 +0000 Subject: This commit is number 3 of 4. In particular this commit focuses on: Changing the Get_Pwnam code so that it can work in a const-enforced environment. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes allow for 'const' in the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username (This used to be commit e7634f81c5116ff4addfb7e495f54b6bb78e8f77) --- source3/auth/auth_unix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 2f9034e3e5..29a2a6eafb 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -89,7 +89,7 @@ NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serve become_root(); - pass = Get_Pwnam(user_info->unix_username.str, False); + pass = Get_Pwnam(user_info->unix_username.str); nt_status = pass_check(pass, pass ? pass->pw_name : user_info->unix_username.str, -- cgit From 60f0627afb167faad57385d44f0b587186a7ac2b Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 31 Oct 2001 10:46:25 +0000 Subject: This is a farily large patch (3300 lines) and reworks most of the AuthRewrite code. In particular this assists tpot in some of his work, becouse it provides the connection between the authenticaion and the vuid generation. Major Changes: - Fully malloc'ed structures. - Massive rework of the code so that all structures are made and destroyed using malloc and free, rather than hanging around on the stack. - SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them to be declared 'invalid' without the chance that people might get ROOT by default. - kill off some of the "DOMAIN\user" lookups. These can be readded at a more appropriate place (probably domain_client_validate.c) in the future. They don't belong in session setups. - Massive introduction of DATA_BLOB structures, particularly for passwords. - Use NTLMSSP flags to tell the backend what its getting, rather than magic lenghths. - Fix winbind back up again, but tpot is redoing this soon anyway. - Abstract much of the work in srv_netlog_nt back into auth helper functions. This is a LARGE change, and any assistance is testing it is appriciated. Domain logons are still broken (as far as I can tell) but other functionality seems intact. Needs testing with a wide variety of MS clients. Andrew Bartlett (This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c) --- source3/auth/auth_unix.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 29a2a6eafb..d456da1fdf 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -82,22 +82,27 @@ check if a username/password is OK assuming the password in PLAIN TEXT ****************************************************************************/ -NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serversupplied_info *server_info) +NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serversupplied_info **server_info) { NTSTATUS nt_status; struct passwd *pass = NULL; become_root(); - - pass = Get_Pwnam(user_info->unix_username.str); + pass = Get_Pwnam(user_info->internal_username.str); nt_status = pass_check(pass, - pass ? pass->pw_name : user_info->unix_username.str, - user_info->plaintext_password.str, - user_info->plaintext_password.len, + pass ? pass->pw_name : user_info->internal_username.str, + (char *)user_info->plaintext_password.data, + user_info->plaintext_password.length-1, lp_update_encrypted() ? update_smbpassword_file : NULL, True); + + if NT_STATUS_IS_OK(nt_status) { + if (pass) { + make_server_info_pw(server_info, pass); + } + } unbecome_root(); -- cgit From acb81fe408f0e674088f0952aaba442ddb494b0c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 1 Nov 2001 05:02:41 +0000 Subject: Various post AuthRewrite cleanups, fixups and tidyups. Zero out some of the plaintext passwords for paranoia Fix up some of the other passdb backends with the change to *uid_t rather than uid_t. Make some of the code in srv_netlog_nt.c clearer, is passing an array around, so pass its lenght in is definition, not as a seperate paramater. Use sizeof() rather than magic numbers, it makes things easier to read. Cope with a PAM authenticated user who is not in /etc/passwd - currently by saying NO_SUCH_USER, but this can change in future. Andrew Bartlett (This used to be commit 514c91b16baca639bb04638042bf9894d881172a) --- source3/auth/auth_unix.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index d456da1fdf..8c4a520350 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -98,13 +98,15 @@ NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serve update_smbpassword_file : NULL, True); + unbecome_root(); + if NT_STATUS_IS_OK(nt_status) { if (pass) { make_server_info_pw(server_info, pass); + } else { + nt_status = NT_STATUS_NO_SUCH_USER; } } - unbecome_root(); - return nt_status; } -- cgit From d0a2faf78d316fec200497f5f7997df4c477a1e1 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 24 Nov 2001 12:12:38 +0000 Subject: This is another rather major change to the samba authenticaion subystem. The particular aim is to modularized the interface - so that we can have arbitrary password back-ends. This code adds one such back-end, a 'winbind' module to authenticate against the winbind_auth_crap functionality. While fully-functional this code is mainly useful as a demonstration, because we don't get back the info3 as we would for direct ntdomain authentication. This commit introduced the new 'auth methods' parameter, in the spirit of the 'auth order' discussed on the lists. It is renamed because not all the methods may be consulted, even if previous methods fail - they may not have a suitable challenge for example. Also, we have a 'local' authentication method, for old-style 'unix if plaintext, sam if encrypted' authentication and a 'guest' module to handle guest logins in a single place. While this current design is not ideal, I feel that it does provide a better infrastructure than the current design, and can be built upon. The following parameters have changed: - use rhosts = This has been replaced by the 'rhosts' authentication method, and can be specified like 'auth methods = guest rhosts' - hosts equiv = This needs both this parameter and an 'auth methods' entry to be effective. (auth methods = guest hostsequiv ....) - plaintext to smbpasswd = This is replaced by specifying 'sam' rather than 'local' in the auth methods. The security = parameter is unchanged, and now provides defaults for the 'auth methods' parameter. The available auth methods are: guest rhosts hostsequiv sam (passdb direct hash access) unix (PAM, crypt() etc) local (the combination of the above, based on encryption) smbserver (old security=server) ntdomain (old security=domain) winbind (use winbind to cache DC connections) Assistance in testing, or the production of new and interesting authentication modules is always appreciated. Andrew Bartlett (This used to be commit 8d31eae52a9757739711dbb82035a4dfe6b40c99) --- source3/auth/auth_unix.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 8c4a520350..d134ce6909 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -82,7 +82,10 @@ check if a username/password is OK assuming the password in PLAIN TEXT ****************************************************************************/ -NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serversupplied_info **server_info) +NTSTATUS check_unix_security(void *my_private_data, + const auth_usersupplied_info *user_info, + const auth_authsupplied_info *auth_info, + auth_serversupplied_info **server_info) { NTSTATUS nt_status; struct passwd *pass = NULL; @@ -104,9 +107,19 @@ NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serve if (pass) { make_server_info_pw(server_info, pass); } else { + /* we need to do somthing more useful here */ nt_status = NT_STATUS_NO_SUCH_USER; } } return nt_status; } + +BOOL auth_init_unix(auth_methods **auth_method) +{ + if (!make_auth_methods(auth_method)) { + return False; + } + (*auth_method)->auth = check_unix_security; + return True; +} -- cgit From f6e6c678ad5338264496de43e9e1ab2fe4a28e64 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 30 Dec 2001 10:54:58 +0000 Subject: Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e) --- source3/auth/auth_unix.c | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index d134ce6909..2e753cb29c 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -21,11 +21,11 @@ #include "includes.h" -/**************************************************************************** -update the encrypted smbpasswd file from the plaintext username and password - -this ugly hack needs to die, but not quite yet... -*****************************************************************************/ +/** + * update the encrypted smbpasswd file from the plaintext username and password + * + * this ugly hack needs to die, but not quite yet, I think people still use it... + **/ static BOOL update_smbpassword_file(char *user, char *password) { SAM_ACCOUNT *sampass = NULL; @@ -77,10 +77,11 @@ static BOOL update_smbpassword_file(char *user, char *password) } -/**************************************************************************** -check if a username/password is OK assuming the password -in PLAIN TEXT -****************************************************************************/ +/** Check a plaintext username/password + * + * Cannot deal with an encrupted password in any manner whatsoever, + * unless the account has a null password. + **/ NTSTATUS check_unix_security(void *my_private_data, const auth_usersupplied_info *user_info, @@ -93,6 +94,9 @@ NTSTATUS check_unix_security(void *my_private_data, become_root(); pass = Get_Pwnam(user_info->internal_username.str); + + /** This call assumes a ASCII password, no charset transformation is + done. We may need to revisit this **/ nt_status = pass_check(pass, pass ? pass->pw_name : user_info->internal_username.str, (char *)user_info->plaintext_password.data, -- cgit From 4a6d1318bd9123f5a9c1d72721a9175320356fbe Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 1 Jan 2002 03:10:32 +0000 Subject: A farily large commit: - Move rpc_client/cli_trust.c to smbd/change_trust_pw.c - It hasn't been used by anything else since smbpasswd lost its -j - Add a TALLOC_CTX to the auth subsytem. These are only valid for the length of the calls to the individual modules, if you want a longer context hide it in your private data. Similarly, all returns (like the server_info) should still be malloced. - Move the 'ntdomain' module (security=domain in oldspeak) over to use the new libsmb domain logon code. Also rework much of the code to use some better helper functions for the connection - getting us much better error returns (the new code is NTSTATUS). The only remaining thing to do is to figure out if tpot's 0xdead 0xbeef for the LUID feilds is sufficient, or if we should do random LUIDs as per the old code. Similarly, I'll move winbind over to this when I get a chance. This leaves the SPOOLSS code and some cli_pipe code as the only stuff still in rpc_client, at least as far as smbd is concerned. While I've given this a basic rundown, any testing is as always appriciated. Andrew Bartlett (This used to be commit d870edce76ecca259230fbdbdacd0c86793b4837) --- source3/auth/auth_unix.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 2e753cb29c..fa889af5f6 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -83,7 +83,8 @@ static BOOL update_smbpassword_file(char *user, char *password) * unless the account has a null password. **/ -NTSTATUS check_unix_security(void *my_private_data, +NTSTATUS check_unix_security(void *my_private_data, + TALLOC_CTX *mem_ctx, const auth_usersupplied_info *user_info, const auth_authsupplied_info *auth_info, auth_serversupplied_info **server_info) -- cgit From 2e28f8ff0e3bb50ac5b2742c7678c39cb65bcd95 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 5 Jan 2002 04:55:41 +0000 Subject: I've decided to move the auth code around a bit more... The auth_authsupplied_info typedef is now just a plain struct - auth_context, but it has been modified to contain the function pointers to the rest of the auth subsystem's components. (Who needs non-static functions anyway?) In working all this mess out, I fixed a number of memory leaks and moved the entire auth subsystem over to talloc(). Note that the TALLOC_CTX attached to the auth_context can be rather long-lived, it is provided for things that are intended to live as long. (The global_negprot_auth_context lasts the whole life of the smbd). I've also adjusted a few things in auth_domain.c, mainly passing the domain as a paramater to a few functions instead of looking up lp_workgroup(). I'm hopign to make this entire thing a bit more trusted domains (as PDC) freindly in the near future. Other than that, I moved a bit of the code around, hence the rather messy diff. Andrew Bartlett (This used to be commit 12f5515f556cf39fea98134fe3e2ac4540501048) --- source3/auth/auth_unix.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index fa889af5f6..69c24b8213 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -83,10 +83,10 @@ static BOOL update_smbpassword_file(char *user, char *password) * unless the account has a null password. **/ -NTSTATUS check_unix_security(void *my_private_data, +static NTSTATUS check_unix_security(const struct auth_context *auth_context, + void *my_private_data, TALLOC_CTX *mem_ctx, const auth_usersupplied_info *user_info, - const auth_authsupplied_info *auth_info, auth_serversupplied_info **server_info) { NTSTATUS nt_status; @@ -120,11 +120,13 @@ NTSTATUS check_unix_security(void *my_private_data, return nt_status; } -BOOL auth_init_unix(auth_methods **auth_method) +/* module initialisation */ +BOOL auth_init_unix(struct auth_context *auth_context, auth_methods **auth_method) { - if (!make_auth_methods(auth_method)) { + if (!make_auth_methods(auth_context, auth_method)) { return False; } + (*auth_method)->auth = check_unix_security; return True; } -- cgit From c311d24ce32d2a8aa244f126bcec67ec03549727 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 17 Jan 2002 08:45:58 +0000 Subject: A nice *big* change to the fundemental way we do things. Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps them around for a long time - often past the next call... This adds a getpwnam_alloc and a getpwuid_alloc to the collection. These function as expected, returning a malloced structure that can be free()ed with passwd_free(&passwd). This patch also cuts down on the number of calls to getpwnam - mostly by taking advantage of the fact that the passdb interface is already case-insensiteve. With this patch most of the recursive cases have been removed (that I know of) and the problems are reduced further by not using the sys_ interface in the new code. This means that pointers to the cache won't be affected. (This is a tempoary HACK, I intend to kill the password cache entirly). The only change I'm a little worried about is the change to rpc_server/srv_samr_nt.c for private groups. In this case we are getting groups from the new group mapping DB. Do we still need to check for private groups? I've toned down the check to a case sensitve match with the new code, but we might be able to kill it entirly. I've also added a make_modifyable_passwd() function, that copies a passwd struct into the form that the old sys_getpw* code provided. As far as I can tell this is only actually used in the pass_check.c crazies, where I moved the final 'special case' for shadow passwords (out of _Get_Pwnam()). The matching case for getpwent() is dealt with already, in lib/util_getent.c Also included in here is a small change to register the [homes] share at vuid creation rather than just in one varient of the session setup. (This picks up the SPNEGO cases). The home directory is now stored on the vuid, and I am hoping this might provide a saner way to do %H substitions. TODO: Kill off remaining Get_Pwnam_Modify calls (they are not needed), change the remaining sys_getpwnam() callers to use getpwnam_alloc() and move Get_Pwnam to return an allocated struct. Andrew Bartlett (This used to be commit 1d86c7f94230bc53daebd4d2cd829da6292e05da) --- source3/auth/auth_unix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 69c24b8213..73a4c51b4f 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -96,7 +96,7 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context, pass = Get_Pwnam(user_info->internal_username.str); - /** This call assumes a ASCII password, no charset transformation is + /** @todo This call assumes a ASCII password, no charset transformation is done. We may need to revisit this **/ nt_status = pass_check(pass, pass ? pass->pw_name : user_info->internal_username.str, -- cgit From 1a74d8d1f0758d15c5c35d20e33d9868565812cf Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 20 Jan 2002 14:30:58 +0000 Subject: This is another *BIG* change... Samba now features a pluggable passdb interface, along the same lines as the one in use in the auth subsystem. In this case, only one backend may be active at a time by the 'normal' interface, and only one backend per passdb_context is permitted outside that. This pluggable interface is designed to allow any number of passdb backends to be compiled in, with the selection at runtime. The 'passdb backend' paramater has been created (and documented!) to support this. As such, configure has been modfied to allow (for example) --with-ldap and the old smbpasswd to be selected at the same time. This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua. These two backends accept 'non unix accounts', where the user does *not* exist in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to avoid conflicts in the algroitmic mapping of RIDs, they use the values specified in the 'non unix account range' paramter - in the same way as the winbind ranges are specifed. While I was at it, I cleaned up some of the code in pdb_tdb (code copied directly from smbpasswd and not really considered properly). Most of this was to do with % macro expansion on stored data. It isn't easy to get the macros into the tdb, and the first password change will 'expand' them. tdbsam needs to use a similar system to pdb_ldap in this regard. This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I don't have the test facilities for these. I plan to incoroprate at least pdb_ldap into this scheme after consultation with Jerry. Each (converted) passdb module now no longer has any 'static' variables, and only exports 1 init function outside its .c file. The non-unix-account support in this patch has been proven! It is now possible to join a win2k machine to a Samba PDC without an account in /etc/passwd! Other changes: Minor interface adjustments: pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*. pdb_update_sam_account() no longer takes the 'override' argument that was being ignored so often (every other passdb backend). Extra checks have been added in some places. Minor code changes: smbpasswd no longer attempts to initialise the passdb at startup, this is now done on first use. pdbedit has lost some of its 'machine account' logic, as this behaviour is now controlled by the passdb subsystem directly. The samr subsystem no longer calls 'local password change', but does the pdb interactions directly. This allow the ACB_ flags specifed to be transferred direct to the backend, without interference. Doco: I've updated the doco to reflect some of the changes, and removed some paramters no longer applicable to HEAD. (This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b) --- source3/auth/auth_unix.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 73a4c51b4f..b2e202552c 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -60,9 +60,7 @@ static BOOL update_smbpassword_file(char *user, char *password) /* Now write it into the file. */ become_root(); - /* Here, the override flag is True, because we want to ignore the - XXXXXXX'd out password */ - ret = pdb_update_sam_account (sampass, True); + ret = pdb_update_sam_account (sampass); unbecome_root(); -- cgit From cd68afe31256ad60748b34f7318a180cfc2127cc Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 30 Jan 2002 06:08:46 +0000 Subject: Removed version number from file header. Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa) --- source3/auth/auth_unix.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index b2e202552c..05646f554e 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -1,6 +1,5 @@ /* - Unix SMB/Netbios implementation. - Version 2.2 + Unix SMB/CIFS implementation. Password and authentication handling Copyright (C) Andrew Bartlett 2001 -- cgit From e90b65284812aaa5ff9e9935ce9bbad7791cbbcd Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 15 Jul 2002 10:35:28 +0000 Subject: updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce) --- source3/auth/auth_unix.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 05646f554e..6f4b3f8b15 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -20,12 +20,15 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_AUTH + /** * update the encrypted smbpasswd file from the plaintext username and password * * this ugly hack needs to die, but not quite yet, I think people still use it... **/ -static BOOL update_smbpassword_file(char *user, char *password) +static BOOL update_smbpassword_file(const char *user, const char *password) { SAM_ACCOUNT *sampass = NULL; BOOL ret; @@ -67,8 +70,6 @@ static BOOL update_smbpassword_file(char *user, char *password) DEBUG(3,("pdb_update_sam_account returned %d\n",ret)); } - memset(password, '\0', strlen(password)); - pdb_free_sam(&sampass); return ret; } @@ -118,12 +119,14 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context, } /* module initialisation */ -BOOL auth_init_unix(struct auth_context *auth_context, auth_methods **auth_method) +NTSTATUS auth_init_unix(struct auth_context *auth_context, const char* param, auth_methods **auth_method) { if (!make_auth_methods(auth_context, auth_method)) { - return False; + return NT_STATUS_NO_MEMORY; } + (*auth_method)->name = "unix"; (*auth_method)->auth = check_unix_security; - return True; + return NT_STATUS_OK; } + -- cgit From 6d7195d1d79c43f5ccc8dc4a9215c02177d5fa89 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 2 Nov 2002 03:47:48 +0000 Subject: Merge passdb from HEAD -> 3.0 The work here includes: - metze' set/changed patch, which avoids making changes to ldap on unmodified attributes. - volker's group mapping in passdb patch - volker's samsync stuff - volkers SAMR changes. - mezte's connection caching patch - my recent changes (fix magic root check, ldap ssl) Andrew Bartlett (This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f) --- source3/auth/auth_unix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 6f4b3f8b15..1251432b87 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -49,7 +49,7 @@ static BOOL update_smbpassword_file(const char *user, const char *password) * Remove the account disabled flag - we are updating the * users password from a login. */ - if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED)) { + if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED, PDB_CHANGED)) { pdb_free_sam(&sampass); return False; } -- cgit From 8a20407442efa0f9fe43e1b1c61140a0771c6ff8 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 10 Feb 2003 11:47:21 +0000 Subject: Cleanups: (merge from HEAD) - use safe_strcpy() instead of pstrcpy() for malloc()ed strings - CUPS: a failure in an attempt to automaticly add a printer is not level 0 stuff. - Fix up a possible Realloc() failure segfault Andrew Bartlett (This used to be commit c1cfc296c2efdb2b5972202146e80f0e3b6a3da4) --- source3/auth/auth_unix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 1251432b87..4f44767a81 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -106,7 +106,7 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context, unbecome_root(); - if NT_STATUS_IS_OK(nt_status) { + if (NT_STATUS_IS_OK(nt_status)) { if (pass) { make_server_info_pw(server_info, pass); } else { -- cgit From a8c95d79f83b4097ee20d5f3f1005c38ccf00186 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 16 Apr 2003 12:13:07 +0000 Subject: Add support for the new modules system to auth/ (merge from HEAD) (This used to be commit c7a1de090db35835be1a1623bfc80c04065c5dd9) --- source3/auth/auth_unix.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 4f44767a81..efab2046c3 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -130,3 +130,7 @@ NTSTATUS auth_init_unix(struct auth_context *auth_context, const char* param, au return NT_STATUS_OK; } +int auth_unix_init(void) +{ + return smb_register_auth("unix", auth_init_unix, AUTH_INTERFACE_VERSION); +} -- cgit From 17a3acafa89bfc6090b0767d05a00a7505003fcc Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 28 Apr 2003 17:48:48 +0000 Subject: Use NTSTATUS as return value for smb_register_*() functions and init_module() function. Patch by metze with some minor modifications. (This used to be commit bc4b51bcb2daa7271c884cb83bf8bdba6d3a9b6d) --- source3/auth/auth_unix.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index efab2046c3..392178f77c 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -130,7 +130,7 @@ NTSTATUS auth_init_unix(struct auth_context *auth_context, const char* param, au return NT_STATUS_OK; } -int auth_unix_init(void) +NTSTATUS auth_unix_init(void) { - return smb_register_auth("unix", auth_init_unix, AUTH_INTERFACE_VERSION); + return smb_register_auth(AUTH_INTERFACE_VERSION, "unix", auth_init_unix); } -- cgit From cad20ab63b55462836da007de39fc84ffa38eda8 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 4 Jun 2003 16:40:50 +0000 Subject: Add some static. Patch by Stefan Metzmacher (This used to be commit e1a8e9b7f3e69c7271d2b715703b2d5b2412bd42) --- source3/auth/auth_unix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 392178f77c..b9de6f7acb 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -119,7 +119,7 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context, } /* module initialisation */ -NTSTATUS auth_init_unix(struct auth_context *auth_context, const char* param, auth_methods **auth_method) +static NTSTATUS auth_init_unix(struct auth_context *auth_context, const char* param, auth_methods **auth_method) { if (!make_auth_methods(auth_context, auth_method)) { return NT_STATUS_NO_MEMORY; -- cgit From d24b8a2032a2e92d954781e610ab535361fefd88 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 16 Mar 2004 16:41:54 +0000 Subject: BUG 1165, 1126: Fix bug with secondary groups (security = ads) and winbind use default domain = yes (This used to be commit f2eaa14b1eb7e89c945b2b06a48e17998c75d620) --- source3/auth/auth_unix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index b9de6f7acb..f744cba0c4 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -108,7 +108,7 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context, if (NT_STATUS_IS_OK(nt_status)) { if (pass) { - make_server_info_pw(server_info, pass); + make_server_info_pw(server_info, pass->pw_name, pass); } else { /* we need to do somthing more useful here */ nt_status = NT_STATUS_NO_SUCH_USER; -- cgit From 0af1500fc0bafe61019f1b2ab1d9e1d369221240 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 3 Feb 2006 22:19:41 +0000 Subject: r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f) --- source3/auth/auth_unix.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index f744cba0c4..df0703d348 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -62,7 +62,7 @@ static BOOL update_smbpassword_file(const char *user, const char *password) /* Now write it into the file. */ become_root(); - ret = pdb_update_sam_account (sampass); + ret = NT_STATUS_IS_OK(pdb_update_sam_account (sampass)); unbecome_root(); @@ -91,13 +91,13 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context, struct passwd *pass = NULL; become_root(); - pass = Get_Pwnam(user_info->internal_username.str); + pass = Get_Pwnam(user_info->internal_username); /** @todo This call assumes a ASCII password, no charset transformation is done. We may need to revisit this **/ nt_status = pass_check(pass, - pass ? pass->pw_name : user_info->internal_username.str, + pass ? pass->pw_name : user_info->internal_username, (char *)user_info->plaintext_password.data, user_info->plaintext_password.length-1, lp_update_encrypted() ? -- cgit From 2203bed32c84c63737f402accf73452efb76b483 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 20 Feb 2006 20:09:36 +0000 Subject: r13576: This is the beginnings of moving the SAM_ACCOUNT data structure to make full use of the new talloc() interface. Discussed with Volker and Jeremy. * remove the internal mem_ctx and simply use the talloc() structure as the context. * replace the internal free_fn() with a talloc_destructor() function * remove the unnecessary private nested structure * rename SAM_ACCOUNT to 'struct samu' to indicate the current an upcoming changes. Groups will most likely be replaced with a 'struct samg' in the future. Note that there are now passbd API changes. And for the most part, the wrapper functions remain the same. While this code has been tested on tdb and ldap based Samba PDC's as well as Samba member servers, there are probably still some bugs. The code also needs more testing under valgrind to ensure it's not leaking memory. But it's a start...... (This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0) --- source3/auth/auth_unix.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index df0703d348..1d29389716 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -30,7 +30,7 @@ **/ static BOOL update_smbpassword_file(const char *user, const char *password) { - SAM_ACCOUNT *sampass = NULL; + struct samu *sampass = NULL; BOOL ret; pdb_init_sam(&sampass); @@ -41,7 +41,7 @@ static BOOL update_smbpassword_file(const char *user, const char *password) if(ret == False) { DEBUG(0,("pdb_getsampwnam returned NULL\n")); - pdb_free_sam(&sampass); + TALLOC_FREE(sampass); return False; } @@ -50,12 +50,12 @@ static BOOL update_smbpassword_file(const char *user, const char *password) * users password from a login. */ if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED, PDB_CHANGED)) { - pdb_free_sam(&sampass); + TALLOC_FREE(sampass); return False; } if (!pdb_set_plaintext_passwd (sampass, password)) { - pdb_free_sam(&sampass); + TALLOC_FREE(sampass); return False; } @@ -70,7 +70,7 @@ static BOOL update_smbpassword_file(const char *user, const char *password) DEBUG(3,("pdb_update_sam_account returned %d\n",ret)); } - pdb_free_sam(&sampass); + TALLOC_FREE(sampass); return ret; } -- cgit From cd559192633d78a9f06e239c6a448955f6ea0842 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 21 Feb 2006 14:34:11 +0000 Subject: r13590: * replace all pdb_init_sam[_talloc]() calls with samu_new() * replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix() (This used to be commit 6f1afa4acc93a07d0ee9940822d7715acaae634f) --- source3/auth/auth_unix.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 1d29389716..efe5203b23 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -30,10 +30,12 @@ **/ static BOOL update_smbpassword_file(const char *user, const char *password) { - struct samu *sampass = NULL; + struct samu *sampass; BOOL ret; - pdb_init_sam(&sampass); + if ( !(sampass = samu_new( NULL )) ) { + return False; + } become_root(); ret = pdb_getsampwnam(sampass, user); -- cgit From cb0402c2d3941a813e33b2b5e07c54b9ff644ca4 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Fri, 1 Dec 2006 15:06:34 +0000 Subject: r19980: Implement pam account stack checks when obey pam restrictions is true. It was missing for security=server/domain/ads Simo. (This used to be commit 550f651499c22c3c11594a0a39061a8a9b438d82) --- source3/auth/auth_unix.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index efe5203b23..837c932365 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -110,7 +110,14 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context, if (NT_STATUS_IS_OK(nt_status)) { if (pass) { - make_server_info_pw(server_info, pass->pw_name, pass); + /* if a real user check pam account restrictions */ + /* only really perfomed if "obey pam restriction" is true */ + nt_status = smb_pam_accountcheck(pass->pw_name); + if ( !NT_STATUS_IS_OK(nt_status)) { + DEBUG(1, ("PAM account restriction prevents user login\n")); + } else { + make_server_info_pw(server_info, pass->pw_name, pass); + } } else { /* we need to do somthing more useful here */ nt_status = NT_STATUS_NO_SUCH_USER; -- cgit From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/auth/auth_unix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 837c932365..81d3736529 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -5,7 +5,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, -- cgit From 5e54558c6dea67b56bbfaba5698f3a434d3dffb6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 00:52:41 +0000 Subject: r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07) --- source3/auth/auth_unix.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 81d3736529..b79e7361d3 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -14,8 +14,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + along with this program. If not, see . */ #include "includes.h" -- cgit From 30191d1a5704ad2b158386b511558972d539ce47 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 18 Oct 2007 17:40:25 -0700 Subject: RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f) --- source3/auth/auth_unix.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index b79e7361d3..4fca5bcbe4 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -27,10 +27,10 @@ * * this ugly hack needs to die, but not quite yet, I think people still use it... **/ -static BOOL update_smbpassword_file(const char *user, const char *password) +static bool update_smbpassword_file(const char *user, const char *password) { struct samu *sampass; - BOOL ret; + bool ret; if ( !(sampass = samu_new( NULL )) ) { return False; -- cgit From e518e19bc0000019f131354f55e9f5b55f6a2c5e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 19 Dec 2007 15:02:59 +0100 Subject: Remove Get_Pwnam and its associated static variable All callers are replaced by Get_Pwnam_alloc (This used to be commit 735f59315497113aebadcf9ad387e3dbfffa284a) --- source3/auth/auth_unix.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/auth/auth_unix.c') diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 4fca5bcbe4..58c765226d 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -92,7 +92,7 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context, struct passwd *pass = NULL; become_root(); - pass = Get_Pwnam(user_info->internal_username); + pass = Get_Pwnam_alloc(talloc_tos(), user_info->internal_username); /** @todo This call assumes a ASCII password, no charset transformation is @@ -123,6 +123,7 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context, } } + TALLOC_FREE(pass); return nt_status; } -- cgit