From e90b65284812aaa5ff9e9935ce9bbad7791cbbcd Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Mon, 15 Jul 2002 10:35:28 +0000
Subject: updated the 3.0 branch from the head branch - ready for alpha18 (This
 used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)

---
 source3/pam_smbpass/general.h        |   7 ++
 source3/pam_smbpass/pam_smb_acct.c   |   4 +-
 source3/pam_smbpass/pam_smb_auth.c   |   5 +-
 source3/pam_smbpass/pam_smb_passwd.c |   8 +-
 source3/pam_smbpass/support.c        | 222 ++++++++++++++++++-----------------
 5 files changed, 128 insertions(+), 118 deletions(-)

(limited to 'source3/pam_smbpass')

diff --git a/source3/pam_smbpass/general.h b/source3/pam_smbpass/general.h
index 0291146cbb..4f13d60131 100644
--- a/source3/pam_smbpass/general.h
+++ b/source3/pam_smbpass/general.h
@@ -121,3 +121,10 @@ struct _pam_failed_auth {
     char *agent;                /* attempt from user with name */
     int count;                  /* number of failures so far */
 };
+
+/*
+ * General use functions go here 
+ */
+
+/* from support.c */
+int make_remark(pam_handle_t *, unsigned int, int, const char *);
diff --git a/source3/pam_smbpass/pam_smb_acct.c b/source3/pam_smbpass/pam_smb_acct.c
index 8d91c456bf..0803ef82a2 100644
--- a/source3/pam_smbpass/pam_smb_acct.c
+++ b/source3/pam_smbpass/pam_smb_acct.c
@@ -33,6 +33,7 @@
 
 #include "support.h"
 
+
 /*
  * pam_sm_acct_mgmt() verifies whether or not the account is disabled.
  *
@@ -45,15 +46,12 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags,
     int retval;
 
     const char *name;
-    const char *p;
     SAM_ACCOUNT *sampass = NULL;
 
     extern BOOL in_client;
 
     /* Samba initialization. */
     setup_logging( "pam_smbpass", False );
-    charset_initialise();
-    codepage_initialise(lp_client_code_page());
     in_client = True;
 
     ctrl = set_ctrl( flags, argc, argv );
diff --git a/source3/pam_smbpass/pam_smb_auth.c b/source3/pam_smbpass/pam_smb_auth.c
index 9952eb94db..e5cc12e2f6 100644
--- a/source3/pam_smbpass/pam_smb_auth.c
+++ b/source3/pam_smbpass/pam_smb_auth.c
@@ -47,6 +47,7 @@ do {								\
 static int _smb_add_user(pam_handle_t *pamh, unsigned int ctrl,
                          const char *name, SAM_ACCOUNT *sampass, BOOL exist);
 
+
 /*
  * pam_sm_authenticate() authenticates users against the samba password file.
  *
@@ -67,13 +68,11 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
     BOOL found;
 
     /* Points to memory managed by the PAM library. Do not free. */
-    const char *p = NULL;
+    char *p = NULL;
 
 
     /* Samba initialization. */
     setup_logging("pam_smbpass",False);
-    charset_initialise();
-    codepage_initialise(lp_client_code_page());
     in_client = True;
 
     ctrl = set_ctrl(flags, argc, argv);
diff --git a/source3/pam_smbpass/pam_smb_passwd.c b/source3/pam_smbpass/pam_smb_passwd.c
index 338d873d25..0f52755252 100644
--- a/source3/pam_smbpass/pam_smb_passwd.c
+++ b/source3/pam_smbpass/pam_smb_passwd.c
@@ -35,8 +35,7 @@
 
 int smb_update_db( pam_handle_t *pamh, int ctrl, const char *user,  const char *pass_new )
 {
- char		c;
- int		retval, i;
+ int		retval;
  pstring	err_str;
  pstring	msg_str;
 
@@ -94,12 +93,11 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
 
     SAM_ACCOUNT *sampass = NULL;
     const char *user;
-    const char *pass_old, *pass_new;
+    char *pass_old;
+    char *pass_new;
 
     /* Samba initialization. */
     setup_logging( "pam_smbpass", False );
-    charset_initialise();
-    codepage_initialise(lp_client_code_page());
     in_client = True;
 
     ctrl = set_ctrl(flags, argc, argv);
diff --git a/source3/pam_smbpass/support.c b/source3/pam_smbpass/support.c
index 86349f8c16..a55dcb0272 100644
--- a/source3/pam_smbpass/support.c
+++ b/source3/pam_smbpass/support.c
@@ -1,132 +1,135 @@
-/* Unix NT password database implementation, version 0.6.
- *
- * This program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
- * more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 675
- * Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "includes.h"
-#include "general.h"
+	/* Unix NT password database implementation, version 0.6.
+	 *
+	 * This program is free software; you can redistribute it and/or modify it under
+	 * the terms of the GNU General Public License as published by the Free
+	 * Software Foundation; either version 2 of the License, or (at your option)
+	 * any later version.
+	 *
+	 * This program is distributed in the hope that it will be useful, but WITHOUT
+	 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+	 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+	 * more details.
+	 *
+	 * You should have received a copy of the GNU General Public License along with
+	 * this program; if not, write to the Free Software Foundation, Inc., 675
+	 * Mass Ave, Cambridge, MA 02139, USA.
+	 */
 
-#include "support.h"
+	#include "includes.h"
+	#include "general.h"
 
+	#include "support.h"
 
-#define _pam_overwrite(x)        \
-do {                             \
-     register char *__xx__;      \
-     if ((__xx__=(x)))           \
-          while (*__xx__)        \
-               *__xx__++ = '\0'; \
-} while (0)
 
-/*
- * Don't just free it, forget it too.
- */
+	#define _pam_overwrite(x)        \
+	do {                             \
+	     register char *__xx__;      \
+	     if ((__xx__=(x)))           \
+		  while (*__xx__)        \
+		       *__xx__++ = '\0'; \
+	} while (0)
 
-#define _pam_drop(X) \
-do {                 \
-    if (X) {         \
-        free(X);     \
-        X=NULL;      \
-    }                \
-} while (0)
-
-#define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \
-do {                                              \
-    int reply_i;                                  \
-                                                  \
-    for (reply_i=0; reply_i<replies; ++reply_i) { \
-        if (reply[reply_i].resp) {                \
-            _pam_overwrite(reply[reply_i].resp);  \
-            free(reply[reply_i].resp);            \
-        }                                         \
-    }                                             \
-    if (reply)                                    \
-        free(reply);                              \
-} while (0)
-
-
-int converse(pam_handle_t *, int, int, struct pam_message **,
-			 struct pam_response **);
-int make_remark(pam_handle_t *, unsigned int, int, const char *);
-void _cleanup(pam_handle_t *, void *, int);
-char *_pam_delete(register char *);
-
-/* syslogging function for errors and other information */
-
-void _log_err( int err, const char *format, ... )
-{
-    va_list args;
+	/*
+	 * Don't just free it, forget it too.
+	 */
 
-    va_start( args, format );
-    openlog( "PAM_smbpass", LOG_CONS | LOG_PID, LOG_AUTH );
-    vsyslog( err, format, args );
-    va_end( args );
-    closelog();
-}
+	#define _pam_drop(X) \
+	do {                 \
+	    if (X) {         \
+		free(X);     \
+		X=NULL;      \
+	    }                \
+	} while (0)
+
+	#define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \
+	do {                                              \
+	    int reply_i;                                  \
+							  \
+	    for (reply_i=0; reply_i<replies; ++reply_i) { \
+		if (reply[reply_i].resp) {                \
+		    _pam_overwrite(reply[reply_i].resp);  \
+		    free(reply[reply_i].resp);            \
+		}                                         \
+	    }                                             \
+	    if (reply)                                    \
+		free(reply);                              \
+	} while (0)
+
+
+	int converse(pam_handle_t *, int, int, struct pam_message **,
+				 struct pam_response **);
+	int make_remark(pam_handle_t *, unsigned int, int, const char *);
+	void _cleanup(pam_handle_t *, void *, int);
+	char *_pam_delete(register char *);
+
+	/* default configuration file location */
+
+	char *servicesf = dyn_CONFIGFILE;
+
+	/* syslogging function for errors and other information */
+
+	void _log_err( int err, const char *format, ... )
+	{
+	    va_list args;
+
+	    va_start( args, format );
+	    openlog( "PAM_smbpass", LOG_CONS | LOG_PID, LOG_AUTH );
+	    vsyslog( err, format, args );
+	    va_end( args );
+	    closelog();
+	}
 
-/* this is a front-end for module-application conversations */
+	/* this is a front-end for module-application conversations */
 
-int converse( pam_handle_t * pamh, int ctrl, int nargs
-              , struct pam_message **message
-              , struct pam_response **response )
-{
-	int retval;
-	struct pam_conv *conv;
+	int converse( pam_handle_t * pamh, int ctrl, int nargs
+		      , struct pam_message **message
+		      , struct pam_response **response )
+	{
+		int retval;
+		struct pam_conv *conv;
 
-	retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv);
-	if (retval == PAM_SUCCESS) {
+		retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv);
+		if (retval == PAM_SUCCESS) {
 
-		retval = conv->conv(nargs, (const struct pam_message **) message
-							,response, conv->appdata_ptr);
+			retval = conv->conv(nargs, (const struct pam_message **) message
+								,response, conv->appdata_ptr);
 
-		if (retval != PAM_SUCCESS && on(SMB_DEBUG, ctrl)) {
-			_log_err(LOG_DEBUG, "conversation failure [%s]"
+			if (retval != PAM_SUCCESS && on(SMB_DEBUG, ctrl)) {
+				_log_err(LOG_DEBUG, "conversation failure [%s]"
+						 ,pam_strerror(pamh, retval));
+			}
+		} else {
+			_log_err(LOG_ERR, "couldn't obtain coversation function [%s]"
 					 ,pam_strerror(pamh, retval));
 		}
-	} else {
-		_log_err(LOG_ERR, "couldn't obtain coversation function [%s]"
-				 ,pam_strerror(pamh, retval));
-	}
 
-	return retval;				/* propagate error status */
-}
+		return retval;				/* propagate error status */
+	}
 
-int make_remark( pam_handle_t * pamh, unsigned int ctrl
-                 , int type, const char *text )
-{
-	if (off(SMB__QUIET, ctrl)) {
-		struct pam_message *pmsg[1], msg[1];
-		struct pam_response *resp;
+	int make_remark( pam_handle_t * pamh, unsigned int ctrl
+			 , int type, const char *text )
+	{
+		if (off(SMB__QUIET, ctrl)) {
+			struct pam_message *pmsg[1], msg[1];
+			struct pam_response *resp;
 
-		pmsg[0] = &msg[0];
-		msg[0].msg = text;
-		msg[0].msg_style = type;
-		resp = NULL;
+			pmsg[0] = &msg[0];
+			msg[0].msg = text;
+			msg[0].msg_style = type;
+			resp = NULL;
 
-		return converse(pamh, ctrl, 1, pmsg, &resp);
+			return converse(pamh, ctrl, 1, pmsg, &resp);
+		}
+		return PAM_SUCCESS;
 	}
-	return PAM_SUCCESS;
-}
 
 
-/* set the control flags for the SMB module. */
+	/* set the control flags for the SMB module. */
 
 int set_ctrl( int flags, int argc, const char **argv )
 {
     int i = 0;
-    static pstring servicesf = CONFIGFILE;
-    const char *service_file = servicesf;
+    const char *service_file = dyn_CONFIGFILE;
     unsigned int ctrl;
 
     ctrl = SMB_DEFAULTS;	/* the default selection of options */
@@ -136,6 +139,9 @@ int set_ctrl( int flags, int argc, const char **argv )
     /* A good, sane default (matches Samba's behavior). */
     set( SMB__NONULL, ctrl );
 
+    /* initialize service file location */
+    service_file=servicesf;
+
     if (flags & PAM_SILENT) {
         set( SMB__QUIET, ctrl );
     }
@@ -165,6 +171,8 @@ int set_ctrl( int flags, int argc, const char **argv )
 	_log_err( LOG_ERR, "Error loading service file %s", service_file );
     }
 
+    secrets_init();
+
     if (lp_null_passwords()) {
         set( SMB__NULLOK, ctrl );
     }
@@ -303,7 +311,7 @@ int _smb_verify_password( pam_handle_t * pamh, SAM_ACCOUNT *sampass,
     uchar hash_pass[16];
     uchar lm_pw[16];
     uchar nt_pw[16];
-    int retval;
+    int retval = PAM_AUTH_ERR;
     char *data_name;
     const char *name;
 
@@ -482,7 +490,7 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl,
 {
     int authtok_flag;
     int retval;
-    const char *item = NULL;
+    char *item = NULL;
     char *token;
 
     struct pam_message msg[3], *pmsg[3];
-- 
cgit