From d8d9f7723337c267a8740750fe19a6387cfbb1f6 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 7 May 1998 18:19:05 +0000 Subject: created "passdb.c" which is an interface point to (at present) either smbpasswd or ldap passwd, at compile-time (-DUSE_LDAP). _none_ of the functions in ldap.c or smbpass.c should be called directly: only those in passdb.c should be used. -DUSE_LDAP is unlikely to compile at the moment. (This used to be commit 57b01ad4ffb14ebd600d4e66602b54ed987f6106) --- source3/smbd/chgpasswd.c | 78 ++++++++++++++++++++++++------------------------ source3/smbd/ipc.c | 12 ++++---- source3/smbd/password.c | 12 ++++---- source3/smbd/reply.c | 14 ++++----- 4 files changed, 58 insertions(+), 58 deletions(-) (limited to 'source3/smbd') diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 4bdfaec453..e466455aeb 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -440,56 +440,56 @@ BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root) ************************************************************/ BOOL check_lanman_password(char *user, unsigned char *pass1, - unsigned char *pass2, struct smb_passwd **psmbpw) + unsigned char *pass2, struct smb_passwd **psampw) { unsigned char unenc_new_pw[16]; unsigned char unenc_old_pw[16]; unsigned char null_pw[16]; - struct smb_passwd *smbpw; + struct smb_passwd *sampw; - *psmbpw = NULL; + *psampw = NULL; become_root(0); - smbpw = getsmbpwnam(user); + sampw = getsampwnam(user); unbecome_root(0); - if(smbpw == NULL) + if(sampw == NULL) { - DEBUG(0,("check_lanman_password: getsmbpwnam returned NULL\n")); + DEBUG(0,("check_lanman_password: getsampwnam returned NULL\n")); return False; } - if(smbpw->acct_ctrl & ACB_DISABLED) + if(sampw->acct_ctrl & ACB_DISABLED) { DEBUG(0,("check_lanman_password: account %s disabled.\n", user)); return False; } - if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) + if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ)) { unsigned char no_pw[14]; memset(no_pw, '\0', 14); E_P16((uchar *)no_pw, (uchar *)null_pw); - smbpw->smb_passwd = null_pw; - } else if (smbpw->smb_passwd == NULL) { + sampw->smb_passwd = null_pw; + } else if (sampw->smb_passwd == NULL) { DEBUG(0,("check_lanman_password: no lanman password !\n")); return False; } /* Get the new lanman hash. */ - D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + D_P16(sampw->smb_passwd, pass2, unenc_new_pw); /* Use this to get the old lanman hash. */ D_P16(unenc_new_pw, pass1, unenc_old_pw); /* Check that the two old passwords match. */ - if(memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) + if(memcmp(sampw->smb_passwd, unenc_old_pw, 16)) { DEBUG(0,("check_lanman_password: old password doesn't match.\n")); return False; } - *psmbpw = smbpw; + *psampw = sampw; return True; } @@ -499,44 +499,44 @@ BOOL check_lanman_password(char *user, unsigned char *pass1, no longer be valid. ************************************************************/ -BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsigned char *pass2) +BOOL change_lanman_password(struct smb_passwd *sampw, unsigned char *pass1, unsigned char *pass2) { unsigned char unenc_new_pw[16]; unsigned char null_pw[16]; BOOL ret; - if(smbpw == NULL) + if(sampw == NULL) { DEBUG(0,("change_lanman_password: no smb password entry.\n")); return False; } - if(smbpw->acct_ctrl & ACB_DISABLED) + if(sampw->acct_ctrl & ACB_DISABLED) { - DEBUG(0,("change_lanman_password: account %s disabled.\n", smbpw->smb_name)); + DEBUG(0,("change_lanman_password: account %s disabled.\n", sampw->smb_name)); return False; } - if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) + if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ)) { unsigned char no_pw[14]; memset(no_pw, '\0', 14); E_P16((uchar *)no_pw, (uchar *)null_pw); - smbpw->smb_passwd = null_pw; - } else if (smbpw->smb_passwd == NULL) { + sampw->smb_passwd = null_pw; + } else if (sampw->smb_passwd == NULL) { DEBUG(0,("change_lanman_password: no lanman password !\n")); return False; } /* Get the new lanman hash. */ - D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + D_P16(sampw->smb_passwd, pass2, unenc_new_pw); - smbpw->smb_passwd = unenc_new_pw; - smbpw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */ + sampw->smb_passwd = unenc_new_pw; + sampw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */ /* Now write it into the file. */ become_root(0); - ret = mod_smbpwd_entry(smbpw,False); + ret = mod_sampwd_entry(sampw,False); unbecome_root(0); return ret; @@ -547,10 +547,10 @@ BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsi ************************************************************/ BOOL check_oem_password(char *user, unsigned char *data, - struct smb_passwd **psmbpw, char *new_passwd, + struct smb_passwd **psampw, char *new_passwd, int new_passwd_size) { - struct smb_passwd *smbpw = NULL; + struct smb_passwd *sampw = NULL; int new_pw_len; fstring upper_case_new_passwd; unsigned char new_p16[16]; @@ -558,28 +558,28 @@ BOOL check_oem_password(char *user, unsigned char *data, unsigned char null_pw[16]; become_root(0); - *psmbpw = smbpw = getsmbpwnam(user); + *psampw = sampw = getsampwnam(user); unbecome_root(0); - if(smbpw == NULL) + if(sampw == NULL) { - DEBUG(0,("check_oem_password: getsmbpwnam returned NULL\n")); + DEBUG(0,("check_oem_password: getsampwnam returned NULL\n")); return False; } - if(smbpw->acct_ctrl & ACB_DISABLED) + if(sampw->acct_ctrl & ACB_DISABLED) { DEBUG(0,("check_lanman_password: account %s disabled.\n", user)); return False; } - if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) + if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ)) { unsigned char no_pw[14]; memset(no_pw, '\0', 14); E_P16((uchar *)no_pw, (uchar *)null_pw); - smbpw->smb_passwd = null_pw; - } else if (smbpw->smb_passwd == NULL) { + sampw->smb_passwd = null_pw; + } else if (sampw->smb_passwd == NULL) { DEBUG(0,("check_oem_password: no lanman password !\n")); return False; } @@ -587,7 +587,7 @@ BOOL check_oem_password(char *user, unsigned char *data, /* * Call the hash function to get the new password. */ - SamOEMhash( (unsigned char *)data, (unsigned char *)smbpw->smb_passwd, True); + SamOEMhash( (unsigned char *)data, (unsigned char *)sampw->smb_passwd, True); /* * The length of the new password is in the last 4 bytes of @@ -619,7 +619,7 @@ BOOL check_oem_password(char *user, unsigned char *data, */ D_P16(new_p16, &data[516], unenc_old_pw); - if(memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) { + if(memcmp(sampw->smb_passwd, unenc_old_pw, 16)) { DEBUG(0,("check_oem_password: old password doesn't match.\n")); return False; } @@ -636,7 +636,7 @@ BOOL check_oem_password(char *user, unsigned char *data, override = True, override XXXXXXXXXX'd password ************************************************************/ -BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL override) +BOOL change_oem_password(struct smb_passwd *sampw, char *new_passwd, BOOL override) { int ret; fstring upper_case_new_passwd; @@ -649,14 +649,14 @@ BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL overri E_P16((uchar *)upper_case_new_passwd, new_p16); - smbpw->smb_passwd = new_p16; + sampw->smb_passwd = new_p16; E_md4hash((uchar *) new_passwd, new_nt_p16); - smbpw->smb_nt_passwd = new_nt_p16; + sampw->smb_nt_passwd = new_nt_p16; /* Now write it into the file. */ become_root(0); - ret = mod_smbpwd_entry(smbpw,override); + ret = mod_sampwd_entry(sampw,override); unbecome_root(0); memset(upper_case_new_passwd, '\0', strlen(upper_case_new_passwd)); diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index 13a8d1347f..48c0277165 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -1649,10 +1649,10 @@ static BOOL api_SetUserPassword(int cnum,uint16 vuid, char *param,char *data, if(SVAL(*rparam,0) != NERR_Success) { - struct smb_passwd *smbpw = NULL; + struct smb_passwd *sampw = NULL; - if(check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &smbpw) && - change_lanman_password(smbpw,(unsigned char *)pass1,(unsigned char *)pass2)) + if(check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &sampw) && + change_lanman_password(sampw,(unsigned char *)pass1,(unsigned char *)pass2)) { SSVAL(*rparam,0,NERR_Success); } @@ -1675,7 +1675,7 @@ static BOOL api_SamOEMChangePassword(int cnum,uint16 vuid, char *param,char *dat { fstring user; fstring new_passwd; - struct smb_passwd *smbpw = NULL; + struct smb_passwd *sampw = NULL; char *p = param + 2; *rparam_len = 2; @@ -1703,7 +1703,7 @@ static BOOL api_SamOEMChangePassword(int cnum,uint16 vuid, char *param,char *dat fstrcpy(user,p); p = skip_string(p,1); - if(check_oem_password( user, (unsigned char *)data, &smbpw, + if(check_oem_password( user, (unsigned char *)data, &sampw, new_passwd, (int)sizeof(new_passwd)) == False) { return True; } @@ -1720,7 +1720,7 @@ static BOOL api_SamOEMChangePassword(int cnum,uint16 vuid, char *param,char *dat if(lp_unix_password_sync()) chgpasswd(user,"", new_passwd, True); - if(change_oem_password( smbpw, new_passwd, False)) { + if(change_oem_password( sampw, new_passwd, False)) { SSVAL(*rparam,0,NERR_Success); } diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 1056269490..82e3a024e1 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -429,21 +429,21 @@ update the encrypted smbpasswd file from the plaintext username and password *****************************************************************************/ BOOL update_smbpassword_file( char *user, fstring password) { - struct smb_passwd *smbpw; + struct smb_passwd *sampw; BOOL ret; become_root(0); - smbpw = getsmbpwnam(user); + sampw = getsampwnam(user); unbecome_root(0); - if(smbpw == NULL) + if(sampw == NULL) { - DEBUG(0,("update_smbpassword_file: getsmbpwnam returned NULL\n")); + DEBUG(0,("update_smbpassword_file: getsampwnam returned NULL\n")); return False; } /* Here, the flag is one, because we want to ignore the XXXXXXX'd out password */ - ret = change_oem_password( smbpw, password, True); + ret = change_oem_password( sampw, password, True); if (ret == False) DEBUG(3,("update_smbpasswd_file: change_oem_password returned False\n")); @@ -1124,7 +1124,7 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) return(False); } - smb_pass = getsmbpwnam(user); + smb_pass = getsampwnam(user); if (!smb_pass) { diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 50b977d49f..1567e52777 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -377,10 +377,10 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, char *smb_passwd, int smb_passlen, char *smb_nt_passwd, int smb_nt_passlen) { - struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ + struct smb_passwd *sam_trust_acct = NULL; /* check if trust account exists */ if (lp_security() == SEC_USER) { - smb_trust_acct = getsmbpwnam(user); + sam_trust_acct = getsampwnam(user); } else { @@ -389,7 +389,7 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (smb_trust_acct == NULL) + if (sam_trust_acct == NULL) { /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); @@ -405,28 +405,28 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(smb_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) + if (!smb_password_ok(sam_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_DOMTRUST)) + if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_DOMTRUST)) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_SVRTRUST)) + if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_SVRTRUST)) { DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_WSTRUST)) + if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_WSTRUST)) { DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); -- cgit