From a8e7f804ca86c4ae91d6d4429f9fe264947b54f9 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Wed, 29 Apr 1998 11:00:12 +0000 Subject: password.c: added become_root / unbecome_root around the get machine account password. smbpass.c: cleaning up code. - turning if (BOOL_expr == False) into if (BOOL_expr) what if you test if (BOOL_expr == True) and someone defines True to be -1 on one system and 1 on another? or if you get inconsistent return results between developers - removed if ((FILE*) == 0) and made this if ((FILE*) == NULL) - cannot assume that NULL is zero integer. plus there are typecast issues to deal with - removed return (ret == 0) ? True : False and made this return ret == 0 rely on the compiler to return correct BOOL value: not all developers will return True or False #defines: stick with BOOL test (non-zero). - removed if (ret == False) replaced with if (!ret) - bug where instead of if (sizeof(pstring)-len-len-6 < 0) it had a boolean test if (pstring-len-len-6). - removed "." after debugging of filenames: the "." - a fullstop - looked like it was part of the filename, making things difficult to sort out. still to be resolved: the global_myname isn't set up, such that the machine account password file is named "TEST3..mac". (This used to be commit 315e26c23abf7137684bf084c825ad241076132e) --- source3/passdb/smbpass.c | 27 +++++++++++++++++---------- source3/smbd/password.c | 4 ++++ 2 files changed, 21 insertions(+), 10 deletions(-) (limited to 'source3') diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c index 15f1d4d37f..aa3a694567 100644 --- a/source3/passdb/smbpass.c +++ b/source3/passdb/smbpass.c @@ -63,7 +63,7 @@ static BOOL do_pw_lock(int fd, int waitsecs, int type) return False; } - return ((ret == 0) ? True : False); + return (ret == 0); } static int pw_file_lock_depth; @@ -103,7 +103,7 @@ static BOOL pw_file_unlock(int fd, int *plock_depth) (*plock_depth)--; - if(ret == False) + if(!ret) DEBUG(10,("pw_file_unlock: unlocking file failed, error = %s.\n", strerror(errno))); return ret; @@ -135,7 +135,8 @@ void *startsmbpwent(BOOL update) /* Set a 16k buffer to do more efficient reads */ setvbuf(fp, s_readbuf, _IOFBF, sizeof(s_readbuf)); - if ((pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0), 5, &pw_file_lock_depth)) == False) { + if (!pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0), 5, &pw_file_lock_depth)) + { DEBUG(0, ("startsmbpwent: unable to lock file %s\n", pfile)); fclose(fp); return NULL; @@ -773,7 +774,7 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd) lockfd = fileno(fp); - if (pw_file_lock(lockfd, F_RDLCK | F_WRLCK, 5, &pw_file_lock_depth) == False) { + if (!pw_file_lock(lockfd, F_RDLCK | F_WRLCK, 5, &pw_file_lock_depth)) { DEBUG(0, ("mod_smbpwd_entry: unable to lock file %s\n", pfile)); fclose(fp); return False; @@ -1086,12 +1087,17 @@ void *machine_password_lock( char *domain, char *name, BOOL update) char *p; if(mach_passwd_lock_depth == 0) { + pstrcpy(mac_file, lp_smb_passwd_file()); p = strrchr(mac_file, '/'); + if(p != NULL) *++p = '\0'; + mac_file_len = strlen(mac_file); - if(sizeof(pstring) - mac_file_len - strlen(domain) - strlen(name) - 6) { + + if (sizeof(pstring) - mac_file_len - strlen(domain) - strlen(name) - 6 < 0) + { DEBUG(0,("machine_password_lock: path %s too long to add machine details.\n", mac_file)); return NULL; @@ -1102,8 +1108,8 @@ void *machine_password_lock( char *domain, char *name, BOOL update) strcat(mac_file, name); strcat(mac_file, ".mac"); - if((fp = fopen(mac_file, "r+b")) == 0) { - DEBUG(0,("machine_password_lock: cannot open file %s. Error was %s.\n", + if((fp = fopen(mac_file, "r+b")) == NULL) { + DEBUG(0,("machine_password_lock: cannot open file %s - Error was %s.\n", mac_file, strerror(errno) )); return NULL; } @@ -1111,9 +1117,10 @@ void *machine_password_lock( char *domain, char *name, BOOL update) chmod(mac_file, 0600); } - if(pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0), - 60, &mach_passwd_lock_depth) == False) { - DEBUG(0,("machine_password_lock: cannot lock file %s.\n", mac_file)); + if(!pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0), + 60, &mach_passwd_lock_depth)) + { + DEBUG(0,("machine_password_lock: cannot lock file %s\n", mac_file)); fclose(fp); return NULL; } diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 21424592f1..f2ab29001e 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -1932,6 +1932,8 @@ BOOL domain_client_validate( char *user, char *domain, } } + become_root(False); + /* * Get the machine account password. */ @@ -1950,6 +1952,8 @@ machine %s in domain %s.\n", global_myname, global_myworkgroup )); machine_password_unlock(vp); + unbecome_root(False); + /* * Here we should check the last change time to see if the machine * password needs changing..... TODO... JRA. -- cgit